Re: [Qemu-devel] [PATCH 5/7] hw/core/sysbus: add fdt_add_node method
On 07/24/2014 01:02 AM, Alexander Graf wrote: > > On 23.07.14 17:33, Eric Auger wrote: >> On 07/08/2014 03:52 PM, Alexander Graf wrote: >>> On 07.07.14 09:08, Eric Auger wrote: This method is meant to be called on sysbus device dynamic instantiation (-device option). Devices that support this kind of instantiation must implement this method. Signed-off-by: Eric Auger >>> For the reason I stated earlier, I don't think it's a good idea to put >>> device tree code into our device models. >> Hi Alex, >> >> I would propose we discuss that topic during next KVM call if you are >> available. > > I lost track when that would be. Next week would work fine, the week > after not :). Hi Alex, Unfortunately I think the last one was this week. If you are available next week I would propose to setup a short call next week. Who are the required people in the call aside us and Peter? > >> Hope Peter will be available to join too. Because I feel >> stuck between not putting things in the machine file (1) - obviously we >> could put them in a helper module (2) - and not putting them in the >> device (3). >> >> Whatever the solution I fear we are going to pollute something: Any time >> a new device wants to support dynamic instantiation, we would need to >> modify the machine file or the helper module with 1 and 2 resp. In case >> we put it in the device we pollute this latter... >> >> My hope was that quite few QEMU platform devices would need to support >> that feature and hence would need to implement this dt node generation >> method. To me dynamic instantiation of platform device was not the >> mainstream solution. > > Quite frankly I don't think it'd be that many. I think we'll cover 99.9% > of all use cases if we just enable it for the virt machines of e500 and > arm. > >> Then there is the fundamental question of technical feasibility of >> devising a generic PlatformParams that match all the specialization >> needs? Here I miss experience. In case we know the machine type and a >> small set of additional fields couldn't we do the adaptations you talked >> about, related to IRQs? > > The problem is that I don't know all the boards and different things > people come up with either. There's also no reason machine files have to > stick to the "platform bus" model - they could just take those devices > and stick them into an existing other virtual bus. > > I don't feel comfortable generalizing something where I'm pretty sure > things will blow up sooner or later. ok Best Regards Eric > > > Alex >
Re: [Qemu-devel] [PATCH 1/7] hw/misc/platform_devices: helpers for dynamic instantiation of platform devices
On 07/24/2014 01:07 AM, Alexander Graf wrote:
>
> On 23.07.14 16:58, Eric Auger wrote:
>> On 07/08/2014 03:43 PM, Alexander Graf wrote:
>>> On 07.07.14 09:08, Eric Auger wrote:
This new module implements routines which help in dynamic instantiation
of sysbus devices. Machine files can use those generic routines.
---
Dynamic sysbus device allocation fully written by Alex Graf.
[Eric Auger]
Those functions were initially in ppc e500 machine file. Now moved to a
separate module.
PPCE500Params is replaced by a generic struct named PlatformParams
Signed-off-by: Alexander Graf
Signed-off-by: Eric Auger
---
hw/misc/Makefile.objs | 1 +
hw/misc/platform_devices.c | 217
+
include/hw/misc/platform_devices.h | 61 +++
3 files changed, 279 insertions(+)
create mode 100644 hw/misc/platform_devices.c
create mode 100644 include/hw/misc/platform_devices.h
diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
index e47fea8..d081606 100644
--- a/hw/misc/Makefile.objs
+++ b/hw/misc/Makefile.objs
@@ -40,3 +40,4 @@ obj-$(CONFIG_SLAVIO) += slavio_misc.o
obj-$(CONFIG_ZYNQ) += zynq_slcr.o
obj-$(CONFIG_PVPANIC) += pvpanic.o
+obj-y += platform_devices.o
diff --git a/hw/misc/platform_devices.c b/hw/misc/platform_devices.c
new file mode 100644
index 000..96ab272
--- /dev/null
+++ b/hw/misc/platform_devices.c
@@ -0,0 +1,217 @@
+#include "hw/misc/platform_devices.h"
+#include "hw/sysbus.h"
+#include "qemu/error-report.h"
+
+#define PAGE_SHIFT 12
+
+int sysbus_device_create_devtree(Object *obj, void *opaque)
+{
+PlatformDevtreeData *data = opaque;
+Object *dev;
+SysBusDevice *sbdev;
+bool matched = false;
+
+dev = object_dynamic_cast(obj, TYPE_SYS_BUS_DEVICE);
+sbdev = (SysBusDevice *)dev;
+
+if (!sbdev) {
+/* Container, traverse it for children */
+return object_child_foreach(obj,
sysbus_device_create_devtree, data);
+}
+
+if (!matched) {
+error_report("Device %s is not supported by this machine
yet.",
+ qdev_fw_name(DEVICE(dev)));
+exit(1);
+}
+
+return 0;
+}
+
+void platform_bus_create_devtree(PlatformParams *params, void *fdt,
+const char *mpic)
+{
+gchar *node = g_strdup_printf("/platform@%"PRIx64,
+ params->platform_bus_base);
+const char platcomp[] = "qemu,platform\0simple-bus";
+PlatformDevtreeData data;
+Object *container;
+uint64_t addr = params->platform_bus_base;
+uint64_t size = params->platform_bus_size;
+int irq_start = params->platform_bus_first_irq;
+
+/* Create a /platform node that we can put all devices into */
+
+qemu_fdt_add_subnode(fdt, node);
+qemu_fdt_setprop(fdt, node, "compatible", platcomp,
sizeof(platcomp));
+
+/* Our platform bus region is less than 32bit big, so 1 cell is
enough for
+ address and size */
+qemu_fdt_setprop_cells(fdt, node, "#size-cells", 1);
+qemu_fdt_setprop_cells(fdt, node, "#address-cells", 1);
+qemu_fdt_setprop_cells(fdt, node, "ranges", 0, addr >> 32, addr,
size);
+
+qemu_fdt_setprop_phandle(fdt, node, "interrupt-parent", mpic);
+
+/* Loop through all devices and create nodes for known ones */
+data.fdt = fdt;
+data.mpic = mpic;
+data.irq_start = irq_start;
+data.node = node;
+
+container = container_get(qdev_get_machine(), "/peripheral");
+sysbus_device_create_devtree(container, &data);
+container = container_get(qdev_get_machine(), "/peripheral-anon");
+sysbus_device_create_devtree(container, &data);
+
+g_free(node);
+}
>>> Device trees are pretty platform (and even machine) specific. Just to
>>> give you an example - the interrupt specifier on most e500 systems
>>> really is 4 cells big:
>>>
>>> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/devicetree/bindings/powerpc/fsl/mpic.txt#n80
>>>
>>>
>>>
>>> | Interrupt specifiers consists of 4 cells encoded as
>>>follows:
>>>
>>> <1st-cell> interrupt-number
>>>
>>> Identifies the interrupt source. The meaning
>>> depends on the type of interrupt.
>>>
>>> Note: If the interrupt-type cell is undefined
>>> (i.e. #interrupt-cells = 2), this cell
>>> should be interpreted the same as for
>>>
Re: [Qemu-devel] [PATCH 1/2] acpi-dsdt: procedurally generate _PRT
On Wed, 23 Jul 2014 18:37:45 +0200
Paolo Bonzini wrote:
> This replaces the _PRT constant with a method that computes it.
>
> The problem is that the DSDT+SSDT have grown from 2.0 to 2.1,
> enough to cross the 8k barrier (we align the ACPI tables to 4k
> before putting them in fw_cfg). This causes problems with
> migration and the pc-2.0 machine type.
>
> The solution to the problem is to hardcode 64k as the limit,
> but this doesn't solve the bug with pc-2.0. The fix will be
> for QEMU 2.1 to use exactly the same size as QEMU 2.0 for the
> ACPI tables. First, however, we must make the actual AML size
> equal or smaller; to do this, rewrite _PRT in a way that saves
> over 1k of bytecode.
>
> Tested on Windows XP. Q35 already uses a method for _PRT
> so most guests should be okay.
> Signed-off-by: Paolo Bonzini
> ---
> hw/i386/acpi-dsdt.dsl | 90
> ++-
After changing this file, it's precompiled counterpart also need to be updated
hw/i386/acpi-dsdt.hex.generated
> 1 file changed, 39 insertions(+), 51 deletions(-)
>
> diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
> index 3cc0ea0..6ba0170 100644
> --- a/hw/i386/acpi-dsdt.dsl
> +++ b/hw/i386/acpi-dsdt.dsl
> @@ -181,57 +181,45 @@ DefinitionBlock (
>
> Scope(\_SB) {
> Scope(PCI0) {
> -Name(_PRT, Package() {
> -/* PCI IRQ routing table, example from ACPI 2.0a
> specification,
> - section 6.2.8.1 */
> -/* Note: we provide the same info as the PCI routing
> - table of the Bochs BIOS */
> -
> -#define prt_slot(nr, lnk0, lnk1, lnk2, lnk3) \
> -Package() { nr##, 0, lnk0, 0 }, \
> -Package() { nr##, 1, lnk1, 0 }, \
> -Package() { nr##, 2, lnk2, 0 }, \
> -Package() { nr##, 3, lnk3, 0 }
> -
> -#define prt_slot0(nr) prt_slot(nr, LNKD, LNKA, LNKB, LNKC)
> -#define prt_slot1(nr) prt_slot(nr, LNKA, LNKB, LNKC, LNKD)
> -#define prt_slot2(nr) prt_slot(nr, LNKB, LNKC, LNKD, LNKA)
> -#define prt_slot3(nr) prt_slot(nr, LNKC, LNKD, LNKA, LNKB)
> -
> -prt_slot0(0x),
> -/* Device 1 is power mgmt device, and can only use irq 9 */
> -prt_slot(0x0001, LNKS, LNKB, LNKC, LNKD),
> -prt_slot2(0x0002),
> -prt_slot3(0x0003),
> -prt_slot0(0x0004),
> -prt_slot1(0x0005),
> -prt_slot2(0x0006),
> -prt_slot3(0x0007),
> -prt_slot0(0x0008),
> -prt_slot1(0x0009),
> -prt_slot2(0x000a),
> -prt_slot3(0x000b),
> -prt_slot0(0x000c),
> -prt_slot1(0x000d),
> -prt_slot2(0x000e),
> -prt_slot3(0x000f),
> -prt_slot0(0x0010),
> -prt_slot1(0x0011),
> -prt_slot2(0x0012),
> -prt_slot3(0x0013),
> -prt_slot0(0x0014),
> -prt_slot1(0x0015),
> -prt_slot2(0x0016),
> -prt_slot3(0x0017),
> -prt_slot0(0x0018),
> -prt_slot1(0x0019),
> -prt_slot2(0x001a),
> -prt_slot3(0x001b),
> -prt_slot0(0x001c),
> -prt_slot1(0x001d),
> -prt_slot2(0x001e),
> -prt_slot3(0x001f),
> -})
> +Method (_PRT, 0) {
> +Store(Package(128) {}, Local0)
> +Store(Zero, Local1)
> +While(LLess(Local1, 128)) {
> +// slot = pin >> 2
> +Store(ShiftRight(Local1, 2), Local2)
> +
> +// lnk = (slot + pin) & 3
> +Store(And(Add(Local1, Local2), 3), Local3)
> +If (LEqual(Local3, 0)) {
> +Store(Package(4) { Zero, Zero, LNKD, Zero }, Local4)
> +}
> +If (LEqual(Local3, 1)) {
> +// device 1 is the power-management device, needs SCI
> +If (LEqual(Local1, 4)) {
> +Store(Package(4) { Zero, Zero, LNKS, Zero },
> Local4)
> +} Else {
> +Store(Package(4) { Zero, Zero, LNKA, Zero },
> Local4)
> +}
> +}
> +If (LEqual(Local3, 2)) {
> +Store(Package(4) { Zero, Zero, LNKB, Zero }, Local4)
> +}
> +If (LEqual(Local3, 3)) {
> +Store(Package(4) { Zero, Zero, LNKC, Zero }, Local4)
> +}
> +
> +// Complete the interrupt routing entry:
> +//Package(4) { 0x[slot], [pin], [link], 0) }
> +
> +Store(Or(ShiftLeft(Local2, 16), 0x), Index(Local4,
> 0))
> +St
[Qemu-devel] [PULL for-2.1 1/2] fix full frame updates for VNC clients
From: Stephan Kulow If the client asks for !incremental frame updates, it has lost its content so dirty doesn't matter - it has to see the full frame, so setting force_update Signed-off-by: Gerd Hoffmann Reviewed-by: Peter Lieven --- ui/vnc.c | 1 + 1 file changed, 1 insertion(+) diff --git a/ui/vnc.c b/ui/vnc.c index 548588a..06d6ca0 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -1878,6 +1878,7 @@ static void framebuffer_update_request(VncState *vs, int incremental, return; } +vs->force_update = 1; vnc_set_area_dirty(vs->dirty, width, height, x, y, w, h); } -- 1.8.3.1
[Qemu-devel] [PULL for-2.1 0/2] vnc: fix two vnc update issues.
Hi, Here are two vnc update bugfixes, found by code review while hunting down a issue with vnc updates not being sent to the client. The original issue has not been root-caused yet, it is also not clear whenever qemu is at fault at all or whenever the vnc updates are stuck somewhere else (kernel network stack). The bugs found are for real nevertheless, and here are the fixes. please pull, Gerd The following changes since commit f368c33d5ab09dd5656924185cd975b11838cd25: Update version for v2.1.0-rc3 release (2014-07-22 18:17:03 +0100) are available in the git repository at: git://git.kraxel.org/qemu tags/pull-vnc-20140724-1 for you to fetch changes up to 832932a6f17983a3167ae9da6fe54a245a30758e: vnc update fix (2014-07-24 10:14:34 +0200) vnc: fix two vnc update issues. Gerd Hoffmann (1): vnc update fix Stephan Kulow (1): fix full frame updates for VNC clients ui/vnc.c | 5 - ui/vnc.h | 1 + 2 files changed, 5 insertions(+), 1 deletion(-)
[Qemu-devel] [PULL for-2.1 2/2] vnc update fix
We need to remember has_updates for each vnc client. Otherwise it might
happen that vnc_update_client(has_dirty=1) takes the first exit due to
output buffers not being flushed yet and subsequent calls with
has_dirty=0 take the second exit, wrongly assuming there is nothing to
do because the work defered in the first call is ignored.
Signed-off-by: Gerd Hoffmann
Reviewed-by: Peter Lieven
---
ui/vnc.c | 4 +++-
ui/vnc.h | 1 +
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index 06d6ca0..f8d9b7d 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -887,6 +887,7 @@ static int find_and_clear_dirty_height(struct VncState *vs,
static int vnc_update_client(VncState *vs, int has_dirty, bool sync)
{
+vs->has_dirty += has_dirty;
if (vs->need_update && vs->csock != -1) {
VncDisplay *vd = vs->vd;
VncJob *job;
@@ -898,7 +899,7 @@ static int vnc_update_client(VncState *vs, int has_dirty,
bool sync)
/* kernel send buffers are full -> drop frames to throttle */
return 0;
-if (!has_dirty && !vs->audio_cap && !vs->force_update)
+if (!vs->has_dirty && !vs->audio_cap && !vs->force_update)
return 0;
/*
@@ -941,6 +942,7 @@ static int vnc_update_client(VncState *vs, int has_dirty,
bool sync)
vnc_jobs_join(vs);
}
vs->force_update = 0;
+vs->has_dirty = 0;
return n;
}
diff --git a/ui/vnc.h b/ui/vnc.h
index 8f582fd..334de9d 100644
--- a/ui/vnc.h
+++ b/ui/vnc.h
@@ -263,6 +263,7 @@ struct VncState
VncDisplay *vd;
int need_update;
int force_update;
+int has_dirty;
uint32_t features;
int absolute;
int last_x;
--
1.8.3.1
[Qemu-devel] [PATCH 1/6] bootindex: add {del, modify}_boot_device_path function
From: Gonglei
When we want to change one device's bootindex, we should do three
things. On the on hand, remove the device from global fw_boot_order list,
regardless attaching suffix or not delete. On the other hand, delete
original object of the assigned bootindex. Finally add the new device's
bootindex into the global fw_boot_order list.
Signed-off-by: Chenliang
Signed-off-by: Gonglei
---
include/sysemu/sysemu.h | 4
vl.c| 57 +
2 files changed, 61 insertions(+)
diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
index d8539fd..e368627 100644
--- a/include/sysemu/sysemu.h
+++ b/include/sysemu/sysemu.h
@@ -209,6 +209,10 @@ void usb_info(Monitor *mon, const QDict *qdict);
void add_boot_device_path(int32_t bootindex, DeviceState *dev,
const char *suffix);
+void del_boot_device_path(int32_t bootindex, DeviceState *dev,
+ const char *suffix);
+void modify_boot_device_path(int32_t bootindex, DeviceState *dev,
+ const char *suffix);
char *get_boot_devices_list(size_t *size, bool ignore_suffixes);
DeviceState *get_boot_device(uint32_t position);
diff --git a/vl.c b/vl.c
index fe451aa..e304a93 100644
--- a/vl.c
+++ b/vl.c
@@ -1248,6 +1248,63 @@ void add_boot_device_path(int32_t bootindex, DeviceState
*dev,
QTAILQ_INSERT_TAIL(&fw_boot_order, node, link);
}
+static bool is_same_fw_dev_path(DeviceState *src, DeviceState *target)
+{
+bool ret = false;
+char *devpath_src = qdev_get_fw_dev_path(src);
+char *devpath_target = qdev_get_fw_dev_path(target);
+
+if (!strcmp(devpath_src, devpath_target)) {
+ret = true;
+}
+
+g_free(devpath_src);
+g_free(devpath_target);
+return ret;
+}
+
+void del_boot_device_path(int32_t bootindex, DeviceState *dev,
+ const char *suffix)
+{
+FWBootEntry *i;
+
+assert(dev != NULL);
+assert(bootindex >= 0 || suffix != NULL);
+
+QTAILQ_FOREACH(i, &fw_boot_order, link) {
+if (is_same_fw_dev_path(i->dev, dev)) {
+if (suffix && i->suffix && strcmp(i->suffix, suffix)) {
+continue;
+}
+/* if suffix is NULL, remove all entries of the assigend dev */
+QTAILQ_REMOVE(&fw_boot_order, i, link);
+g_free(i->suffix);
+g_free(i);
+break;
+}
+}
+
+if (bootindex < 0) {
+return;
+}
+/* find the object of assigned bootindex, and then remove it */
+QTAILQ_FOREACH(i, &fw_boot_order, link) {
+if (i->bootindex == bootindex) {
+QTAILQ_REMOVE(&fw_boot_order, i, link);
+g_free(i->suffix);
+g_free(i);
+break;
+}
+}
+}
+
+void modify_boot_device_path(int32_t bootindex, DeviceState *dev,
+ const char *suffix)
+{
+del_boot_device_path(bootindex, dev, suffix);
+add_boot_device_path(bootindex, dev, suffix);
+}
+
DeviceState *get_boot_device(uint32_t position)
{
uint32_t counter = 0;
--
1.7.12.4
[Qemu-devel] [PATCH 5/6] qemu-monitor: HMP set-bootindex wrapper
From: Gonglei
Add HMP set-bootindex wrapper to allow setting
devcie's bootindex via monitor.
Signed-off-by: Gonglei
Signed-off-by: Chenliang
---
hmp-commands.hx | 15 +++
hmp.c | 13 +
hmp.h | 1 +
3 files changed, 29 insertions(+)
diff --git a/hmp-commands.hx b/hmp-commands.hx
index d0943b1..31ef24e 100644
--- a/hmp-commands.hx
+++ b/hmp-commands.hx
@@ -688,6 +688,21 @@ Remove device @var{id}.
ETEXI
{
+.name = "set-bootindex",
+.args_type = "id:s,bootindex:l,suffix:s?",
+.params = "device bootindex [suffix]",
+.help = "set bootindex of a device(e.g. set-bootindex disk0 1
'/disk@0')",
+.mhandler.cmd = hmp_set_bootindex,
+},
+
+STEXI
+@item set-bootindex @var{id} @var{bootindex}
+@findex set-bootindex
+
+Set bootindex of a device.
+ETEXI
+
+{
.name = "cpu",
.args_type = "index:i",
.params = "index",
diff --git a/hmp.c b/hmp.c
index 4d1838e..95f7eeb 100644
--- a/hmp.c
+++ b/hmp.c
@@ -1714,3 +1714,16 @@ void hmp_info_memdev(Monitor *mon, const QDict *qdict)
monitor_printf(mon, "\n");
}
+
+void hmp_set_bootindex(Monitor *mon, const QDict *qdict)
+{
+Error *err = NULL;
+
+const char *id = qdict_get_str(qdict, "id");
+int64_t bootindex = qdict_get_int(qdict, "bootindex");
+bool has_suffix = qdict_haskey(qdict, "suffix");
+const char *suffix = qdict_get_try_str(qdict, "suffix");
+
+qmp_set_bootindex(id, bootindex, has_suffix, suffix, &err);
+hmp_handle_error(mon, &err);
+}
diff --git a/hmp.h b/hmp.h
index 4fd3c4a..eb2641a 100644
--- a/hmp.h
+++ b/hmp.h
@@ -94,6 +94,7 @@ void hmp_cpu_add(Monitor *mon, const QDict *qdict);
void hmp_object_add(Monitor *mon, const QDict *qdict);
void hmp_object_del(Monitor *mon, const QDict *qdict);
void hmp_info_memdev(Monitor *mon, const QDict *qdict);
+void hmp_set_bootindex(Monitor *mon, const QDict *qdict);
void object_add_completion(ReadLineState *rs, int nb_args, const char *str);
void object_del_completion(ReadLineState *rs, int nb_args, const char *str);
void device_add_completion(ReadLineState *rs, int nb_args, const char *str);
--
1.7.12.4
[Qemu-devel] [PATCH 2/6] fw_cfg: add fw_cfg_machine_reset function
From: Gonglei
We must assure that the changed bootindex can take effect
when guest is rebooted. So we introduce fw_cfg_machine_reset(),
which change the fw_cfg file's bootindex data using the new
global fw_boot_order list.
Signed-off-by: Chenliang
Signed-off-by: Gonglei
---
hw/nvram/fw_cfg.c | 54 +--
include/hw/nvram/fw_cfg.h | 2 ++
2 files changed, 49 insertions(+), 7 deletions(-)
diff --git a/hw/nvram/fw_cfg.c b/hw/nvram/fw_cfg.c
index b71d251..a24a44d 100644
--- a/hw/nvram/fw_cfg.c
+++ b/hw/nvram/fw_cfg.c
@@ -56,7 +56,6 @@ struct FWCfgState {
FWCfgFiles *files;
uint16_t cur_entry;
uint32_t cur_offset;
-Notifier machine_ready;
};
#define JPG_FILE 0
@@ -402,6 +401,26 @@ static void fw_cfg_add_bytes_read_callback(FWCfgState *s,
uint16_t key,
s->entries[arch][key].callback_opaque = callback_opaque;
}
+static void *fw_cfg_modify_bytes_read(FWCfgState *s, uint16_t key,
+ void *data, size_t len)
+{
+void *ptr;
+int arch = !!(key & FW_CFG_ARCH_LOCAL);
+
+key &= FW_CFG_ENTRY_MASK;
+
+assert(key < FW_CFG_MAX_ENTRY && len < UINT32_MAX);
+
+/* return the old data to the function caller, avoid memory leak */
+ptr = s->entries[arch][key].data;
+s->entries[arch][key].data = data;
+s->entries[arch][key].len = len;
+s->entries[arch][key].callback_opaque = NULL;
+s->entries[arch][key].callback = NULL;
+
+return ptr;
+}
+
void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, void *data, size_t len)
{
fw_cfg_add_bytes_read_callback(s, key, NULL, NULL, data, len);
@@ -499,13 +518,36 @@ void fw_cfg_add_file(FWCfgState *s, const char *filename,
fw_cfg_add_file_callback(s, filename, NULL, NULL, data, len);
}
-static void fw_cfg_machine_ready(struct Notifier *n, void *data)
+void *fw_cfg_modify_file(FWCfgState *s, const char *filename,
+void *data, size_t len)
+{
+int i, index;
+
+assert(s->files);
+
+index = be32_to_cpu(s->files->count);
+assert(index < FW_CFG_FILE_SLOTS);
+
+for (i = 0; i < index; i++) {
+if (strcmp(filename, s->files->f[i].name) == 0) {
+return fw_cfg_modify_bytes_read(s, FW_CFG_FILE_FIRST + i,
+ data, len);
+}
+}
+/* add new one */
+fw_cfg_add_file_callback(s, filename, NULL, NULL, data, len);
+return NULL;
+}
+
+static void fw_cfg_machine_reset(void *opaque)
{
+void *ptr;
size_t len;
-FWCfgState *s = container_of(n, FWCfgState, machine_ready);
+FWCfgState *s = opaque;
char *bootindex = get_boot_devices_list(&len, false);
-fw_cfg_add_file(s, "bootorder", (uint8_t*)bootindex, len);
+ptr = fw_cfg_modify_file(s, "bootorder", (uint8_t *)bootindex, len);
+g_free(ptr);
}
FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port,
@@ -542,9 +584,7 @@ FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t
data_port,
fw_cfg_bootsplash(s);
fw_cfg_reboot(s);
-s->machine_ready.notify = fw_cfg_machine_ready;
-qemu_add_machine_init_done_notifier(&s->machine_ready);
-
+qemu_register_reset(fw_cfg_machine_reset, s);
return s;
}
diff --git a/include/hw/nvram/fw_cfg.h b/include/hw/nvram/fw_cfg.h
index 72b1549..56e1ed7 100644
--- a/include/hw/nvram/fw_cfg.h
+++ b/include/hw/nvram/fw_cfg.h
@@ -76,6 +76,8 @@ void fw_cfg_add_file(FWCfgState *s, const char *filename,
void *data,
void fw_cfg_add_file_callback(FWCfgState *s, const char *filename,
FWCfgReadCallback callback, void
*callback_opaque,
void *data, size_t len);
+void *fw_cfg_modify_file(FWCfgState *s, const char *filename, void *data,
+ size_t len);
FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port,
hwaddr crl_addr, hwaddr data_addr);
--
1.7.12.4
[Qemu-devel] [PATCH 4/6] qmp: add set-bootindex command
From: Gonglei
Adds "set-bootindex id=xx,bootindex=xx,suffix=xx" QMP command.
Example QMP command:
-> { "execute": "set-bootindex", "arguments": { "id": "ide0-0-1", "bootindex":
1, "suffix": "/disk@0"}}
<- { "return": {} }
Signed-off-by: Gonglei
Signed-off-by: Chenliang
---
qapi-schema.json | 16
qmp-commands.hx | 24
qmp.c| 17 +
3 files changed, 57 insertions(+)
diff --git a/qapi-schema.json b/qapi-schema.json
index b11aad2..a9ef0be 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -1704,6 +1704,22 @@
{ 'command': 'device_del', 'data': {'id': 'str'} }
##
+# @set-bootindex:
+#
+# set bootindex of a devcie
+#
+# @id: the name of the device
+# @bootindex: the bootindex of the device
+# @suffix: #optional a suffix of the device
+#
+# Returns: Nothing on success
+# If @id is not a valid device, DeviceNotFound
+#
+# Since: 2.2
+##
+{ 'command': 'set-bootindex', 'data': {'id': 'str', 'bootindex': 'int',
'*suffix': 'str'} }
+
+##
# @DumpGuestMemoryFormat:
#
# An enumeration of guest-memory-dump's format.
diff --git a/qmp-commands.hx b/qmp-commands.hx
index 4be4765..2c89a97 100644
--- a/qmp-commands.hx
+++ b/qmp-commands.hx
@@ -330,6 +330,30 @@ Example:
<- { "return": {} }
EQMP
+{
+.name = "set-bootindex",
+.args_type = "id:s,bootindex:l,suffix:s?",
+.mhandler.cmd_new = qmp_marshal_input_set_bootindex,
+},
+
+SQMP
+set-bootindex
+
+
+Set bootindex of a device
+
+Arguments:
+
+- "id": the device's ID (json-string)
+- "bootindex": the device's bootindex (json-int)
+- "suffix": the device's suffix in global boot list (json-string, optional)
+
+Example:
+
+-> { "execute": "set-bootindex", "arguments": { "id": "ide0-0-1", "bootindex":
1, "suffix": "/disk@0"}}
+<- { "return": {} }
+
+EQMP
{
.name = "send-key",
diff --git a/qmp.c b/qmp.c
index 0d2553a..f2c3c14 100644
--- a/qmp.c
+++ b/qmp.c
@@ -684,6 +684,23 @@ void qmp_object_del(const char *id, Error **errp)
object_unparent(obj);
}
+void qmp_set_bootindex(const char *id, int64_t bootindex,
+ bool has_suffix, const char *suffix, Error **errp)
+{
+DeviceState *dev;
+
+dev = qdev_find_recursive(sysbus_get_default(), id);
+if (NULL == dev) {
+error_set(errp, QERR_DEVICE_NOT_FOUND, id);
+return;
+}
+if (has_suffix) {
+modify_boot_device_path(bootindex, dev, suffix);
+} else {
+modify_boot_device_path(bootindex, dev, NULL);
+}
+}
+
MemoryDeviceInfoList *qmp_query_memory_devices(Error **errp)
{
MemoryDeviceInfoList *head = NULL;
--
1.7.12.4
[Qemu-devel] [PATCH 0/6] modify boot order of guest, and take effect after rebooting
From: Gonglei
Sometimes, we want to modify boot order of a guest, but no need to
shutdown it. We can call dynamic changing bootindex of a guest, which
can be assured taking effect just after the guest rebooting.
For example, in P2V scene, we boot a guest and then attach a
new system disk, for copying some thing. We want to assign the
new disk as the booting disk, which means its bootindex=1.
Different nics can be assigen different bootindex dynamically
also make sense.
The patchsets add one qmp interface, and add an fw_cfg_machine_reset()
to achieve it. Please review, Thanks.
Gonglei (6):
bootindex: add {del,modify}_boot_device_path function
fw_cfg: add fw_cfg_machine_reset function
bootindex: delete bootindex when device is removed
qmp: add set-bootindex command
qemu-monitor: HMP set-bootindex wrapper
spapr: fix possible memory leak
hmp-commands.hx | 15 +
hmp.c | 13 +++
hmp.h | 1 +
hw/block/virtio-blk.c | 1 +
hw/i386/kvm/pci-assign.c | 1 +
hw/misc/vfio.c| 1 +
hw/net/e1000.c| 1 +
hw/net/eepro100.c | 1 +
hw/net/ne2000.c | 1 +
hw/net/rtl8139.c | 1 +
hw/net/virtio-net.c | 1 +
hw/net/vmxnet3.c | 1 +
hw/nvram/fw_cfg.c | 54 ++--
hw/ppc/spapr.c| 1 +
hw/scsi/scsi-generic.c| 1 +
hw/usb/dev-network.c | 1 +
hw/usb/host-libusb.c | 1 +
hw/usb/redirect.c | 1 +
include/hw/nvram/fw_cfg.h | 2 ++
include/sysemu/sysemu.h | 4
qapi-schema.json | 16 +
qmp-commands.hx | 24
qmp.c | 17 ++
vl.c | 57 +++
24 files changed, 210 insertions(+), 7 deletions(-)
--
1.7.12.4
[Qemu-devel] [PATCH 3/6] bootindex: delete bootindex when device is removed
From: Gonglei
Device should be removed from global boot list when
it is hot-unplugged.
Signed-off-by: Chenliang
Signed-off-by: Gonglei
---
hw/block/virtio-blk.c| 1 +
hw/i386/kvm/pci-assign.c | 1 +
hw/misc/vfio.c | 1 +
hw/net/e1000.c | 1 +
hw/net/eepro100.c| 1 +
hw/net/ne2000.c | 1 +
hw/net/rtl8139.c | 1 +
hw/net/virtio-net.c | 1 +
hw/net/vmxnet3.c | 1 +
hw/scsi/scsi-generic.c | 1 +
hw/usb/dev-network.c | 1 +
hw/usb/host-libusb.c | 1 +
hw/usb/redirect.c| 1 +
13 files changed, 13 insertions(+)
diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index c241c50..51775a2 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -786,6 +786,7 @@ static void virtio_blk_device_unrealize(DeviceState *dev,
Error **errp)
VirtIODevice *vdev = VIRTIO_DEVICE(dev);
VirtIOBlock *s = VIRTIO_BLK(dev);
+del_boot_device_path(-1, dev, "/disk@0,0");
#ifdef CONFIG_VIRTIO_BLK_DATA_PLANE
remove_migration_state_change_notifier(&s->migration_state_notifier);
virtio_blk_data_plane_destroy(s->dataplane);
diff --git a/hw/i386/kvm/pci-assign.c b/hw/i386/kvm/pci-assign.c
index de33657..4dcd78c 100644
--- a/hw/i386/kvm/pci-assign.c
+++ b/hw/i386/kvm/pci-assign.c
@@ -1853,6 +1853,7 @@ static void assigned_exitfn(struct PCIDevice *pci_dev)
{
AssignedDevice *dev = DO_UPCAST(AssignedDevice, dev, pci_dev);
+del_boot_device_path(-1, &pci_dev->qdev, NULL);
deassign_device(dev);
free_assigned_device(dev);
}
diff --git a/hw/misc/vfio.c b/hw/misc/vfio.c
index 0b9eba0..fef1281 100644
--- a/hw/misc/vfio.c
+++ b/hw/misc/vfio.c
@@ -4304,6 +4304,7 @@ static void vfio_exitfn(PCIDevice *pdev)
VFIODevice *vdev = DO_UPCAST(VFIODevice, pdev, pdev);
VFIOGroup *group = vdev->group;
+del_boot_device_path(-1, &pdev->qdev, NULL);
vfio_unregister_err_notifier(vdev);
pci_device_set_intx_routing_notifier(&vdev->pdev, NULL);
vfio_disable_interrupts(vdev);
diff --git a/hw/net/e1000.c b/hw/net/e1000.c
index 0fc29a0..2ca1acd 100644
--- a/hw/net/e1000.c
+++ b/hw/net/e1000.c
@@ -1492,6 +1492,7 @@ pci_e1000_uninit(PCIDevice *dev)
{
E1000State *d = E1000(dev);
+del_boot_device_path(-1, DEVICE(dev), "/ethernet-phy@0");
timer_del(d->autoneg_timer);
timer_free(d->autoneg_timer);
timer_del(d->mit_timer);
diff --git a/hw/net/eepro100.c b/hw/net/eepro100.c
index 3263e3f..55be32b 100644
--- a/hw/net/eepro100.c
+++ b/hw/net/eepro100.c
@@ -1843,6 +1843,7 @@ static void pci_nic_uninit(PCIDevice *pci_dev)
{
EEPRO100State *s = DO_UPCAST(EEPRO100State, dev, pci_dev);
+del_boot_device_path(-1, &pci_dev->qdev, "/ethernet-phy@0");
memory_region_destroy(&s->mmio_bar);
memory_region_destroy(&s->io_bar);
memory_region_destroy(&s->flash_bar);
diff --git a/hw/net/ne2000.c b/hw/net/ne2000.c
index d558b8c..780b74c 100644
--- a/hw/net/ne2000.c
+++ b/hw/net/ne2000.c
@@ -748,6 +748,7 @@ static void pci_ne2000_exit(PCIDevice *pci_dev)
PCINE2000State *d = DO_UPCAST(PCINE2000State, dev, pci_dev);
NE2000State *s = &d->ne2000;
+del_boot_device_path(-1, &pci_dev->qdev, "/ethernet-phy@0");
memory_region_destroy(&s->io);
qemu_del_nic(s->nic);
qemu_free_irq(s->irq);
diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c
index 90bc5ec..fe637da 100644
--- a/hw/net/rtl8139.c
+++ b/hw/net/rtl8139.c
@@ -3462,6 +3462,7 @@ static void pci_rtl8139_uninit(PCIDevice *dev)
{
RTL8139State *s = RTL8139(dev);
+del_boot_device_path(-1, DEVICE(dev), "/ethernet-phy@0");
memory_region_destroy(&s->bar_io);
memory_region_destroy(&s->bar_mem);
if (s->cplus_txbuffer) {
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index 268eff9..1c22a41 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -1654,6 +1654,7 @@ static void virtio_net_device_unrealize(DeviceState *dev,
Error **errp)
virtio_net_set_status(vdev, 0);
unregister_savevm(dev, "virtio-net", n);
+del_boot_device_path(-1, dev, "/ethernet-phy@0");
g_free(n->netclient_name);
n->netclient_name = NULL;
diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
index 77bea6f..1e0573f 100644
--- a/hw/net/vmxnet3.c
+++ b/hw/net/vmxnet3.c
@@ -2176,6 +2176,7 @@ static void vmxnet3_pci_uninit(PCIDevice *pci_dev)
VMW_CBPRN("Starting uninit...");
unregister_savevm(dev, "vmxnet3-msix", s);
+del_boot_device_path(-1, dev, "/ethernet-phy@0");
vmxnet3_net_uninit(s);
diff --git a/hw/scsi/scsi-generic.c b/hw/scsi/scsi-generic.c
index 3733d2c..b567319 100644
--- a/hw/scsi/scsi-generic.c
+++ b/hw/scsi/scsi-generic.c
@@ -388,6 +388,7 @@ static void scsi_generic_reset(DeviceState *dev)
static void scsi_destroy(SCSIDevice *s)
{
+del_boot_device_path(-1, &s->qdev, NULL);
scsi_device_purge_requests(s, SENSE_CODE(NO_SENSE));
blockdev_mark_auto_del(s->conf.bs);
}
diff --git a/hw/usb/dev-network.c b/hw/usb/dev-network.c
index 518
[Qemu-devel] [PATCH 6/6] spapr: fix possible memory leak
From: Gonglei get_boot_devices_list() will malloc memory, spapr_finalize_fdt doesn't free it. Signed-off-by: Chenliang Signed-off-by: Gonglei --- hw/ppc/spapr.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index d01978f..edff5ce 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -745,6 +745,7 @@ static void spapr_finalize_fdt(sPAPREnvironment *spapr, cpu_physical_memory_write(fdt_addr, fdt, fdt_totalsize(fdt)); +g_free(bootlist); g_free(fdt); } -- 1.7.12.4
[Qemu-devel] [PATCH 2.1] PPC: KVM: Fix g3beige and mac99 when HV is loaded
On PPC we have 2 different styles of KVM: PR and HV. HV can only virtualize
sPAPR guests while PR can virtualize everything that's reasonably close to
the host hardware platform.
As long as only one kernel module (PR or HV) is loaded, the "default" kvm type
is the module that's loaded. So if your hardware only supports PR mode you can
easily spawn a Mac VM.
However, if both HV and PR are loaded we default to HV mode. And in that case
the Mac machines have to explicitly ask for PR mode to get a working VM.
Fix this up by explicitly having the Mac machines ask for PR style KVM. This
fixes bootup of Mac VMs on systems where bot HV and PR kvm modules are loaded
for me.
Signed-off-by: Alexander Graf
---
hw/ppc/mac_newworld.c | 7 +++
hw/ppc/mac_oldworld.c | 7 +++
2 files changed, 14 insertions(+)
diff --git a/hw/ppc/mac_newworld.c b/hw/ppc/mac_newworld.c
index f5bccd2..2e66a35 100644
--- a/hw/ppc/mac_newworld.c
+++ b/hw/ppc/mac_newworld.c
@@ -477,12 +477,19 @@ static void ppc_core99_init(MachineState *machine)
qemu_register_boot_set(fw_cfg_boot_set, fw_cfg);
}
+static int core99_kvm_type(const char *arg)
+{
+/* Always force PR KVM */
+return 2;
+}
+
static QEMUMachine core99_machine = {
.name = "mac99",
.desc = "Mac99 based PowerMAC",
.init = ppc_core99_init,
.max_cpus = MAX_CPUS,
.default_boot_order = "cd",
+.kvm_type = core99_kvm_type,
};
static void core99_machine_init(void)
diff --git a/hw/ppc/mac_oldworld.c b/hw/ppc/mac_oldworld.c
index cd9bdbc..ec7ed38 100644
--- a/hw/ppc/mac_oldworld.c
+++ b/hw/ppc/mac_oldworld.c
@@ -346,6 +346,12 @@ static void ppc_heathrow_init(MachineState *machine)
qemu_register_boot_set(fw_cfg_boot_set, fw_cfg);
}
+static int heathrow_kvm_type(const char *arg)
+{
+/* Always force PR KVM */
+return 2;
+}
+
static QEMUMachine heathrow_machine = {
.name = "g3beige",
.desc = "Heathrow based PowerMAC",
@@ -355,6 +361,7 @@ static QEMUMachine heathrow_machine = {
.is_default = 1,
#endif
.default_boot_order = "cd", /* TOFIX "cad" when Mac floppy is implemented
*/
+.kvm_type = heathrow_kvm_type,
};
static void heathrow_machine_init(void)
--
1.8.1.4
Re: [Qemu-devel] [PATCH 2/2] pc: hack for migration compatibility from QEMU 2.0
On Wed, 23 Jul 2014 18:37:46 +0200
Paolo Bonzini wrote:
> Changing the ACPI table size causes migration to break, and the memory
> hotplug work opened our eyes on how horribly we were breaking things in
> 2.0 already.
>
> The ACPI table size is rounded to the next 4k, which one would think
> gives some headroom. In practice this is not the case, because the user
> can control the ACPI table size (each CPU adds 105 bytes) and so some
> "-smp" values will break the 4k boundary and fail to migrate. Similarly,
> PCI bridges add ~1870 bytes to the SSDT.
>
> To fix this, hard-code 64k as the maximum ACPI table size, which
> (despite being an order of magnitude smaller than 640k) should be enough
> for everyone.
>
> To fix migration from QEMU 2.0, compute the payload size of QEMU 2.0
> and always use that one. The previous patch shrunk the ACPI tables
> enough that the QEMU 2.0 size should always be enough.
>
> Non-AML tables can change depending on the configuration (especially
> MADT, SRAT, HPET) but they remain the same between QEMU 2.0 and 2.1,
> so we only compute our padding based on the sizes of the SSDT and DSDT.
>
> Migration from QEMU 1.7 should work for guests that have a number of CPUs
> other than 12, 13, 14, 54, 55, 56, 97, 98, 139, 140, and that have no
> PCI bridges. It was already broken from QEMU 1.7 to QEMU 2.0 in the
> same way, though.
>
> Signed-off-by: Paolo Bonzini
> ---
> hw/i386/acpi-build.c | 61
>
> hw/i386/pc_piix.c| 20 +
> hw/i386/pc_q35.c | 5 +
> include/hw/i386/pc.h | 1 +
> 4 files changed, 83 insertions(+), 4 deletions(-)
>
> diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
> index ebc5f03..7373d93 100644
> --- a/hw/i386/acpi-build.c
> +++ b/hw/i386/acpi-build.c
> @@ -25,7 +25,9 @@
> #include
> #include "qemu-common.h"
> #include "qemu/bitmap.h"
> +#include "qemu/osdep.h"
> #include "qemu/range.h"
> +#include "qemu/error-report.h"
> #include "hw/pci/pci.h"
> #include "qom/cpu.h"
> #include "hw/i386/pc.h"
> @@ -87,6 +89,8 @@ typedef struct AcpiBuildPciBusHotplugState {
> struct AcpiBuildPciBusHotplugState *parent;
> } AcpiBuildPciBusHotplugState;
>
> +unsigned bsel_alloc;
> +
> static void acpi_get_dsdt(AcpiMiscInfo *info)
> {
> uint16_t *applesmc_sta;
> @@ -759,8 +763,8 @@ static void *acpi_set_bsel(PCIBus *bus, void *opaque)
> static void acpi_set_pci_info(void)
> {
> PCIBus *bus = find_i440fx(); /* TODO: Q35 support */
> -unsigned bsel_alloc = 0;
>
> +assert(bsel_alloc == 0);
> if (bus) {
> /* Scan all PCI buses. Set property to enable acpi based hotplug. */
> pci_for_each_bus_depth_first(bus, acpi_set_bsel, NULL, &bsel_alloc);
> @@ -1440,13 +1444,14 @@ static
> void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables *tables)
> {
> GArray *table_offsets;
> -unsigned facs, dsdt, rsdt;
> +unsigned facs, ssdt, dsdt, rsdt;
> AcpiCpuInfo cpu;
> AcpiPmInfo pm;
> AcpiMiscInfo misc;
> AcpiMcfgInfo mcfg;
> PcPciInfo pci;
> uint8_t *u;
> +size_t aml_len = 0;
>
> acpi_get_cpu_info(&cpu);
> acpi_get_pm_info(&pm);
> @@ -1474,13 +1479,20 @@ void acpi_build(PcGuestInfo *guest_info,
> AcpiBuildTables *tables)
> dsdt = tables->table_data->len;
> build_dsdt(tables->table_data, tables->linker, &misc);
>
> +/* Count the size of the DSDT and SSDT, we will need it for legacy
> + * sizing of ACPI tables.
> + */
> +aml_len += tables->table_data->len - dsdt;
> +
> /* ACPI tables pointed to by RSDT */
> acpi_add_table(table_offsets, tables->table_data);
> build_fadt(tables->table_data, tables->linker, &pm, facs, dsdt);
>
> +ssdt = tables->table_data->len;
> acpi_add_table(table_offsets, tables->table_data);
> build_ssdt(tables->table_data, tables->linker, &cpu, &pm, &misc, &pci,
> guest_info);
> +aml_len += tables->table_data->len - ssdt;
>
> acpi_add_table(table_offsets, tables->table_data);
> build_madt(tables->table_data, tables->linker, &cpu, guest_info);
> @@ -1513,12 +1525,53 @@ void acpi_build(PcGuestInfo *guest_info,
> AcpiBuildTables *tables)
> /* RSDP is in FSEG memory, so allocate it separately */
> build_rsdp(tables->rsdp, tables->linker, rsdt);
>
> -/* We'll expose it all to Guest so align size to reduce
> +/* We'll expose it all to Guest so we want to reduce
> * chance of size changes.
> * RSDP is small so it's easy to keep it immutable, no need to
> * bother with alignment.
> + *
> + * We used to align the tables to 4k, but of course this would
> + * too simple to be enough. 4k turned out to be too small an
> + * alignment very soon, and in fact it is almost impossible to
> + * keep the table size stable for all (max_cpus, max_memory_slots)
> + * combinations. So the table size is always 64k for pc-2.1 an
[Qemu-devel] [RFC for-2.1 for for-2.0-stable] pc: acpi: generate AML only for PCI0 devices if PCI bridge hotplug is disabled
Fixes migration regression from QEMU-1.7 to a newer QEMUs.
SSDT table size in QEMU-1.7 doesn't change regardless of
a number of PCI bridge devices present at startup.
However in QEMU-2.0 since addition of hotplug on PCI bridges,
each PCI bridge adds ~1875 bytes to SSDT table, including
pc-i440fx-1.7 machine type where PCI bridge hotplug disabled
via compat property.
It breaks migration from "QEMU-1.7" to "QEMU-2.[01] -M pc-i440fx-1.7"
since RAMBlock size of ACPI tables on target becomes larger
then on source and migration fails with:
"Length mismatch: /rom@etc/acpi/tables: 2000 in != 3000"
error.
Fix this by generating AML only for PCI0 bus if
hotplug on PCI bridges is disabled and preserves PCI brigde
description in AML as it was done in QEMU-1.7 for pc-i440fx-1.7.
It will help to maintain size of SSDT static regardless of
number of PCI bridges on startup for pc-i440fx-1.7 machine type.
Signed-off-by: Igor Mammedov
---
hw/i386/acpi-build.c | 26 +-
1 file changed, 21 insertions(+), 5 deletions(-)
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index ebc5f03..ecd6d3a 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -64,6 +64,7 @@ typedef struct AcpiMcfgInfo {
typedef struct AcpiPmInfo {
bool s3_disabled;
bool s4_disabled;
+bool pcihp_bridge_en;
uint8_t s4_val;
uint16_t sci_int;
uint8_t acpi_enable_cmd;
@@ -85,6 +86,7 @@ typedef struct AcpiBuildPciBusHotplugState {
GArray *device_table;
GArray *notify_table;
struct AcpiBuildPciBusHotplugState *parent;
+bool pcihp_bridge_en;
} AcpiBuildPciBusHotplugState;
static void acpi_get_dsdt(AcpiMiscInfo *info)
@@ -188,6 +190,9 @@ static void acpi_get_pm_info(AcpiPmInfo *pm)
NULL);
pm->gpe0_blk_len = object_property_get_int(obj, ACPI_PM_PROP_GPE0_BLK_LEN,
NULL);
+pm->pcihp_bridge_en =
+object_property_get_bool(obj, "acpi-pci-hotplug-with-bridge-support",
+ NULL);
}
static void acpi_get_misc_info(AcpiMiscInfo *info)
@@ -768,11 +773,13 @@ static void acpi_set_pci_info(void)
}
static void build_pci_bus_state_init(AcpiBuildPciBusHotplugState *state,
- AcpiBuildPciBusHotplugState *parent)
+ AcpiBuildPciBusHotplugState *parent,
+ bool pcihp_bridge_en)
{
state->parent = parent;
state->device_table = build_alloc_array();
state->notify_table = build_alloc_array();
+state->pcihp_bridge_en = pcihp_bridge_en;
}
static void build_pci_bus_state_cleanup(AcpiBuildPciBusHotplugState *state)
@@ -786,7 +793,7 @@ static void *build_pci_bus_begin(PCIBus *bus, void
*parent_state)
AcpiBuildPciBusHotplugState *parent = parent_state;
AcpiBuildPciBusHotplugState *child = g_malloc(sizeof *child);
-build_pci_bus_state_init(child, parent);
+build_pci_bus_state_init(child, parent, parent->pcihp_bridge_en);
return child;
}
@@ -807,6 +814,14 @@ static void build_pci_bus_end(PCIBus *bus, void *bus_state)
GArray *method;
bool bus_hotplug_support = false;
+/*
+skip bridge subtree creation if bridge hotplug is disabled
+to make it compatible with 1.7 machine type
+*/
+if (!child->pcihp_bridge_en && bus->parent_dev) {
+return;
+}
+
if (bus->parent_dev) {
op = 0x82; /* DeviceOp */
build_append_nameseg(bus_table, "S%.02X_",
@@ -853,7 +868,8 @@ static void build_pci_bus_end(PCIBus *bus, void *bus_state)
pc = PCI_DEVICE_GET_CLASS(pdev);
dc = DEVICE_GET_CLASS(pdev);
-if (pc->class_id == PCI_CLASS_BRIDGE_ISA || pc->is_bridge) {
+if (pc->class_id == PCI_CLASS_BRIDGE_ISA ||
+(pc->is_bridge && child->pcihp_bridge_en)) {
set_bit(slot, slot_device_system);
}
@@ -865,7 +881,7 @@ static void build_pci_bus_end(PCIBus *bus, void *bus_state)
}
}
-if (!dc->hotpluggable || pc->is_bridge) {
+if (!dc->hotpluggable || (pc->is_bridge && child->pcihp_bridge_en)) {
clear_bit(slot, slot_hotplug_enable);
}
}
@@ -1130,7 +1146,7 @@ build_ssdt(GArray *table_data, GArray *linker,
bus = PCI_HOST_BRIDGE(pci_host)->bus;
}
-build_pci_bus_state_init(&hotplug_state, NULL);
+build_pci_bus_state_init(&hotplug_state, NULL,
pm->pcihp_bridge_en);
if (bus) {
/* Scan all PCI buses. Generate tables to support hotplug. */
--
1.8.3.1
[Qemu-devel] [Bug 1347555] Re: qemu build failure, hxtool is a bash script, not a /bin/sh script
It turns out that expr does not support ^ (at least according to the man page). :-) Still, you could do expr -$flag + 1 to do the same thing. Is the ruckus just about this one place where $(( )) is used or are there other non-Bourne-shell constructs? -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1347555 Title: qemu build failure, hxtool is a bash script, not a /bin/sh script Status in QEMU: New Bug description: hxtool (part of the early build process) is a bash script. Running it with /bin/sh yields a syntax error on line 10: 10 STEXI*|ETEXI*|SQMP*|EQMP*) flag=$(($flag^1)) $(( expr )) is a bash extension, not part of /bin/sh. Note that replacing the sh in the first line in hxtool with /bin/bash does not help, because the script is run manually from the Makefile with sh: 154 $(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@," GEN $@") The fix is to change those lines to 154 $(call quiet-command,bash $(SRC_PATH)/scripts/hxtool -h < $< > $@," GEN $@") (there are five or so). To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1347555/+subscriptions
Re: [Qemu-devel] [RFC v4 06/13] hw/vfio/pci: split vfio_get_device
On 07/09/2014 12:43 AM, Alex Williamson wrote:
> On Mon, 2014-07-07 at 13:27 +0100, Eric Auger wrote:
>> vfio_get_device now takes a VFIODevice as argument. The function is split
>> into 4 functional parts: dev_info query, device check, region populate
>> and interrupt populate. the last 3 are specialized by parent device and
>> are added into DeviceOps.
>>
>> 3 new fields are introduced in VFIODevice to store dev_info.
>>
>> vfio_put_base_device is created.
>>
>> Signed-off-by: Eric Auger
>> ---
>> hw/vfio/pci.c | 181
>> +++---
>> 1 file changed, 121 insertions(+), 60 deletions(-)
>>
>> diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c
>> index 5f0164a..d228cf8 100644
>> --- a/hw/vfio/pci.c
>> +++ b/hw/vfio/pci.c
>> @@ -194,12 +194,18 @@ typedef struct VFIODevice {
>> bool reset_works;
>> bool needs_reset;
>> VFIODeviceOps *ops;
>> +unsigned int num_irqs;
>> +unsigned int num_regions;
>> +unsigned int flags;
>> } VFIODevice;
>>
>> struct VFIODeviceOps {
>> bool (*vfio_compute_needs_reset)(VFIODevice *vdev);
>> int (*vfio_hot_reset_multi)(VFIODevice *vdev);
>> void (*vfio_eoi)(VFIODevice *vdev);
>> +int (*vfio_check_device)(VFIODevice *vdev);
>> +int (*vfio_populate_regions)(VFIODevice *vdev);
>> +int (*vfio_populate_interrupts)(VFIODevice *vdev);
>> };
>>
>> typedef struct VFIOPCIDevice {
>> @@ -286,6 +292,10 @@ static uint32_t vfio_pci_read_config(PCIDevice *pdev,
>> uint32_t addr, int len);
>> static void vfio_pci_write_config(PCIDevice *pdev, uint32_t addr,
>>uint32_t val, int len);
>> static void vfio_mmap_set_enabled(VFIOPCIDevice *vdev, bool enabled);
>> +static void vfio_put_base_device(VFIODevice *vbasedev);
>> +static int vfio_check_device(VFIODevice *vbasedev);
>> +static int vfio_populate_regions(VFIODevice *vbasedev);
>> +static int vfio_populate_interrupts(VFIODevice *vbasedev);
>>
>> /*
>> * Common VFIO interrupt disable
>> @@ -3585,6 +3595,9 @@ static VFIODeviceOps vfio_pci_ops = {
>> .vfio_compute_needs_reset = vfio_pci_compute_needs_reset,
>> .vfio_hot_reset_multi = vfio_pci_hot_reset_multi,
>> .vfio_eoi = vfio_eoi,
>> +.vfio_check_device = vfio_check_device,
>> +.vfio_populate_regions = vfio_populate_regions,
>> +.vfio_populate_interrupts = vfio_populate_interrupts,
>> };
>>
>> static void vfio_reset_handler(void *opaque)
>> @@ -3927,54 +3940,53 @@ static void vfio_put_group(VFIOGroup *group)
>> }
>> }
>>
>> -static int vfio_get_device(VFIOGroup *group, const char *name,
>> - VFIOPCIDevice *vdev)
>> +static int vfio_check_device(VFIODevice *vbasedev)
>> {
>> -struct vfio_device_info dev_info = { .argsz = sizeof(dev_info) };
>> -struct vfio_region_info reg_info = { .argsz = sizeof(reg_info) };
>> -struct vfio_irq_info irq_info = { .argsz = sizeof(irq_info) };
>> -int ret, i;
>> -
>> -ret = ioctl(group->fd, VFIO_GROUP_GET_DEVICE_FD, name);
>> -if (ret < 0) {
>> -error_report("vfio: error getting device %s from group %d: %m",
>> - name, group->groupid);
>> -error_printf("Verify all devices in group %d are bound to vfio-pci "
>> - "or pci-stub and not already in use\n",
>> group->groupid);
>> -return ret;
>> +if (!(vbasedev->flags & VFIO_DEVICE_FLAGS_PCI)) {
>> +error_report("vfio: Um, this isn't a PCI device");
>> +goto error;
>> }
>> -
>> -vdev->vbasedev.fd = ret;
>> -vdev->vbasedev.group = group;
>> -QLIST_INSERT_HEAD(&group->device_list, &vdev->vbasedev, next);
>> -
>> -/* Sanity check device */
>> -ret = ioctl(vdev->vbasedev.fd, VFIO_DEVICE_GET_INFO, &dev_info);
>> -if (ret) {
>> -error_report("vfio: error getting device info: %m");
>> +if (vbasedev->num_regions < VFIO_PCI_CONFIG_REGION_INDEX + 1) {
>> +error_report("vfio: unexpected number of io regions %u",
>> + vbasedev->num_regions);
>> goto error;
>> }
>> -
>> -DPRINTF("Device %s flags: %u, regions: %u, irgs: %u\n", name,
>> -dev_info.flags, dev_info.num_regions, dev_info.num_irqs);
>> -
>> -if (!(dev_info.flags & VFIO_DEVICE_FLAGS_PCI)) {
>> -error_report("vfio: Um, this isn't a PCI device");
>> +if (vbasedev->num_irqs < VFIO_PCI_MSIX_IRQ_INDEX + 1) {
>> +error_report("vfio: unexpected number of irqs %u",
>> + vbasedev->num_irqs);
>> goto error;
>> }
>> + return 0;
>> +error:
>> +vfio_put_base_device(vbasedev);
>
> This doesn't make much sense, this function never "got" the base device,
> so why does it need to "put" it on error? We should simply return error
> and the caller (presumably who got it) should put the device.
Hi Alex,
definitively I need to revisit and homogenize my error handling: all
sub-functions just returning errors - if sensi
Re: [Qemu-devel] [PATCH 1/6] bootindex: add {del, modify}_boot_device_path function
On Do, 2014-07-24 at 16:38 +0800, arei.gong...@huawei.com wrote: > From: Gonglei > > When we want to change one device's bootindex, we should do three > things. On the on hand, remove the device from global fw_boot_order list, > regardless attaching suffix or not delete. On the other hand, delete > original object of the assigned bootindex. Finally add the new device's > bootindex into the global fw_boot_order list. Hmm. I think we should simply lookup the device and modify the bootindex, leaving the entry as-is otherwise. In case the new bootindex is already used by another device just throw an error. > +void del_boot_device_path(int32_t bootindex, DeviceState *dev, > + const char *suffix); Should be del_boot_device_path(DeviceState *dev) and simply delete all entries belonging to the device. Patch #3 can be much simpler then as we can call the function from generic device cleanup code. > +void modify_boot_device_path(int32_t bootindex, DeviceState *dev, > + const char *suffix); No need for suffix here if we just update the existing entry. cheers, Gerd
Re: [Qemu-devel] [RFC] How to handle feature regressions in new QEMU releases
24.07.2014 04:37, ronnie sahlberg wrote: > Please find a new version 1.12 on the website. I'm subscribed to the iscsi mailing list, FWIW. Thanks, /mjt
Re: [Qemu-devel] [RFC v4 06/13] hw/vfio/pci: split vfio_get_device
On 07/24/2014 11:51 AM, Eric Auger wrote:
> On 07/09/2014 12:43 AM, Alex Williamson wrote:
>> On Mon, 2014-07-07 at 13:27 +0100, Eric Auger wrote:
>>> vfio_get_device now takes a VFIODevice as argument. The function is split
>>> into 4 functional parts: dev_info query, device check, region populate
>>> and interrupt populate. the last 3 are specialized by parent device and
>>> are added into DeviceOps.
>>>
>>> 3 new fields are introduced in VFIODevice to store dev_info.
>>>
>>> vfio_put_base_device is created.
>>>
>>> Signed-off-by: Eric Auger
>>> ---
>>> hw/vfio/pci.c | 181
>>> +++---
>>> 1 file changed, 121 insertions(+), 60 deletions(-)
>>>
>>> diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c
>>> index 5f0164a..d228cf8 100644
>>> --- a/hw/vfio/pci.c
>>> +++ b/hw/vfio/pci.c
>>> @@ -194,12 +194,18 @@ typedef struct VFIODevice {
>>> bool reset_works;
>>> bool needs_reset;
>>> VFIODeviceOps *ops;
>>> +unsigned int num_irqs;
>>> +unsigned int num_regions;
>>> +unsigned int flags;
>>> } VFIODevice;
>>>
>>> struct VFIODeviceOps {
>>> bool (*vfio_compute_needs_reset)(VFIODevice *vdev);
>>> int (*vfio_hot_reset_multi)(VFIODevice *vdev);
>>> void (*vfio_eoi)(VFIODevice *vdev);
>>> +int (*vfio_check_device)(VFIODevice *vdev);
>>> +int (*vfio_populate_regions)(VFIODevice *vdev);
>>> +int (*vfio_populate_interrupts)(VFIODevice *vdev);
>>> };
>>>
>>> typedef struct VFIOPCIDevice {
>>> @@ -286,6 +292,10 @@ static uint32_t vfio_pci_read_config(PCIDevice *pdev,
>>> uint32_t addr, int len);
>>> static void vfio_pci_write_config(PCIDevice *pdev, uint32_t addr,
>>>uint32_t val, int len);
>>> static void vfio_mmap_set_enabled(VFIOPCIDevice *vdev, bool enabled);
>>> +static void vfio_put_base_device(VFIODevice *vbasedev);
>>> +static int vfio_check_device(VFIODevice *vbasedev);
>>> +static int vfio_populate_regions(VFIODevice *vbasedev);
>>> +static int vfio_populate_interrupts(VFIODevice *vbasedev);
>>>
>>> /*
>>> * Common VFIO interrupt disable
>>> @@ -3585,6 +3595,9 @@ static VFIODeviceOps vfio_pci_ops = {
>>> .vfio_compute_needs_reset = vfio_pci_compute_needs_reset,
>>> .vfio_hot_reset_multi = vfio_pci_hot_reset_multi,
>>> .vfio_eoi = vfio_eoi,
>>> +.vfio_check_device = vfio_check_device,
>>> +.vfio_populate_regions = vfio_populate_regions,
>>> +.vfio_populate_interrupts = vfio_populate_interrupts,
>>> };
>>>
>>> static void vfio_reset_handler(void *opaque)
>>> @@ -3927,54 +3940,53 @@ static void vfio_put_group(VFIOGroup *group)
>>> }
>>> }
>>>
>>> -static int vfio_get_device(VFIOGroup *group, const char *name,
>>> - VFIOPCIDevice *vdev)
>>> +static int vfio_check_device(VFIODevice *vbasedev)
>>> {
>>> -struct vfio_device_info dev_info = { .argsz = sizeof(dev_info) };
>>> -struct vfio_region_info reg_info = { .argsz = sizeof(reg_info) };
>>> -struct vfio_irq_info irq_info = { .argsz = sizeof(irq_info) };
>>> -int ret, i;
>>> -
>>> -ret = ioctl(group->fd, VFIO_GROUP_GET_DEVICE_FD, name);
>>> -if (ret < 0) {
>>> -error_report("vfio: error getting device %s from group %d: %m",
>>> - name, group->groupid);
>>> -error_printf("Verify all devices in group %d are bound to vfio-pci
>>> "
>>> - "or pci-stub and not already in use\n",
>>> group->groupid);
>>> -return ret;
>>> +if (!(vbasedev->flags & VFIO_DEVICE_FLAGS_PCI)) {
>>> +error_report("vfio: Um, this isn't a PCI device");
>>> +goto error;
>>> }
>>> -
>>> -vdev->vbasedev.fd = ret;
>>> -vdev->vbasedev.group = group;
>>> -QLIST_INSERT_HEAD(&group->device_list, &vdev->vbasedev, next);
>>> -
>>> -/* Sanity check device */
>>> -ret = ioctl(vdev->vbasedev.fd, VFIO_DEVICE_GET_INFO, &dev_info);
>>> -if (ret) {
>>> -error_report("vfio: error getting device info: %m");
>>> +if (vbasedev->num_regions < VFIO_PCI_CONFIG_REGION_INDEX + 1) {
>>> +error_report("vfio: unexpected number of io regions %u",
>>> + vbasedev->num_regions);
>>> goto error;
>>> }
>>> -
>>> -DPRINTF("Device %s flags: %u, regions: %u, irgs: %u\n", name,
>>> -dev_info.flags, dev_info.num_regions, dev_info.num_irqs);
>>> -
>>> -if (!(dev_info.flags & VFIO_DEVICE_FLAGS_PCI)) {
>>> -error_report("vfio: Um, this isn't a PCI device");
>>> +if (vbasedev->num_irqs < VFIO_PCI_MSIX_IRQ_INDEX + 1) {
>>> +error_report("vfio: unexpected number of irqs %u",
>>> + vbasedev->num_irqs);
>>> goto error;
>>> }
>>> + return 0;
>>> +error:
>>> +vfio_put_base_device(vbasedev);
>>
>> This doesn't make much sense, this function never "got" the base device,
>> so why does it need to "put" it on error? We should simply return error
>> and the caller (presu
Re: [Qemu-devel] [RFC for-2.1 for for-2.0-stable] pc: acpi: generate AML only for PCI0 devices if PCI bridge hotplug is disabled
Il 24/07/2014 11:07, Igor Mammedov ha scritto: > Fixes migration regression from QEMU-1.7 to a newer QEMUs. > SSDT table size in QEMU-1.7 doesn't change regardless of > a number of PCI bridge devices present at startup. > > However in QEMU-2.0 since addition of hotplug on PCI bridges, > each PCI bridge adds ~1875 bytes to SSDT table, including > pc-i440fx-1.7 machine type where PCI bridge hotplug disabled > via compat property. > It breaks migration from "QEMU-1.7" to "QEMU-2.[01] -M pc-i440fx-1.7" > since RAMBlock size of ACPI tables on target becomes larger > then on source and migration fails with: > > "Length mismatch: /rom@etc/acpi/tables: 2000 in != 3000" > > error. In principle, this definitely makes sense. With QEMU-2.0 and 2.0.1 out in the wild (and packaged into Ubuntu), however, it's difficult to decide whether to include this patch or not. I feel more like having downstreams include it if they skipped QEMU 2.0 and went straight from 1.7 to 2.1. Paolo
Re: [Qemu-devel] [PATCH] target-i386/FPU: wrong conversion infinity from float80 to int32/int64
23.07.2014, 21:13, "Peter Maydell" :
> On 23 July 2014 16:04, Dmitry Poletaev wrote:
>> I'm understood. So, am I right?
> Pretty much, except it's better to use the accessor functions
> get_float_exception_flags() and set_float_exception_flags().
>> + if (env->fp_status.float_exception_flags & FPUS_IE) {
>> + val = 0x8000;
> Also this constant needs a "ULL" suffix or it won't build on
> 32 bit hosts.
>
> thanks
> -- PMM
Done.
From: Dmitry Poletaev
Signed-off-by: Dmitry Poletaev
---
target-i386/fpu_helper.c | 24 +---
1 file changed, 21 insertions(+), 3 deletions(-)
diff --git a/target-i386/fpu_helper.c b/target-i386/fpu_helper.c
index 1b2900d..e3543a8 100644
--- a/target-i386/fpu_helper.c
+++ b/target-i386/fpu_helper.c
@@ -251,16 +251,34 @@ int32_t helper_fist_ST0(CPUX86State *env)
int32_t helper_fistl_ST0(CPUX86State *env)
{
int32_t val;
-
+signed char old_exp_flags;
+
+old_exp_flags = get_float_exception_flags(&env->fp_status);
+set_float_exception_flags(0, &env->fp_status);
+
val = floatx80_to_int32(ST0, &env->fp_status);
+if (get_float_exception_flags(&env->fp_status) & FPUS_IE) {
+val = 0x8000;
+}
+set_float_exception_flags(get_float_exception_flags(&env->fp_status)
+| old_exp_flags, &env->fp_status);
return val;
}
int64_t helper_fistll_ST0(CPUX86State *env)
{
int64_t val;
-
-val = floatx80_to_int64(ST0, &env->fp_status);
+signed char old_exp_flags;
+
+old_exp_flags = get_float_exception_flags(&env->fp_status);
+set_float_exception_flags(0, &env->fp_status);
+
+val = floatx80_to_int32(ST0, &env->fp_status);
+if (get_float_exception_flags(&env->fp_status) & FPUS_IE) {
+val = 0x8000ULL;
+}
+set_float_exception_flags(get_float_exception_flags(&env->fp_status)
+| old_exp_flags, &env->fp_status);
return val;
}
--
1.8.4.msysgit.0
Re: [Qemu-devel] [PATCH 5/7] hw/core/sysbus: add fdt_add_node method
On 24.07.14 09:36, Eric Auger wrote: On 07/24/2014 01:02 AM, Alexander Graf wrote: On 23.07.14 17:33, Eric Auger wrote: On 07/08/2014 03:52 PM, Alexander Graf wrote: On 07.07.14 09:08, Eric Auger wrote: This method is meant to be called on sysbus device dynamic instantiation (-device option). Devices that support this kind of instantiation must implement this method. Signed-off-by: Eric Auger For the reason I stated earlier, I don't think it's a good idea to put device tree code into our device models. Hi Alex, I would propose we discuss that topic during next KVM call if you are available. I lost track when that would be. Next week would work fine, the week after not :). Hi Alex, Unfortunately I think the last one was this week. If you are available next week I would propose to setup a short call next week. Sure! Who are the required people in the call aside us and Peter? It would be good if we could have one person on the call who has a very good understanding of cross-platform device trees. Scott Wood or Rob Herring come to my mind here. Scott, Rob, would either of you be available for a quick call on device tree abstraction levels in QEMU Tuesday next week? Alex
[Qemu-devel] [PATCH 0/4] xen:passthrough: introduce a separate machine to igd passthrough
As we discussed currently we have to introduce a separate machine to work out igd passthrough. Tiejun Chen (4): hw:i386:pc_piix: split pc_init1() xen:hw:pci-host:piix: create host bridge to passthrough xen:hw:pci-host:piix: introduce xen_igd_i440fx_init xen:hw:i386:pc_piix: introduce new machine for IGD passthrough hw/i386/pc_piix.c| 180 ++-- hw/pci-host/piix.c | 122 include/hw/i386/pc.h | 10 ++ 3 files changed, 289 insertions(+), 23 deletions(-) Thanks Tiejun
[Qemu-devel] [PATCH 3/4] xen:hw:pci-host:piix: introduce xen_igd_i440fx_init
This is almost same as an original i440fx_init but just
work with that xen igd host bridge to passthrough.
Signed-off-by: Tiejun Chen
---
hw/pci-host/piix.c | 79
include/hw/i386/pc.h | 10 +++
2 files changed, 89 insertions(+)
diff --git a/hw/pci-host/piix.c b/hw/pci-host/piix.c
index 9feddf5..7ef08d7 100644
--- a/hw/pci-host/piix.c
+++ b/hw/pci-host/piix.c
@@ -407,6 +407,85 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state,
return b;
}
+PCIBus *xen_igd_i440fx_init(PCII440FXState **pi440fx_state,
+int *piix3_devfn,
+ISABus **isa_bus, qemu_irq *pic,
+MemoryRegion *address_space_mem,
+MemoryRegion *address_space_io,
+ram_addr_t ram_size,
+ram_addr_t below_4g_mem_size,
+ram_addr_t above_4g_mem_size,
+MemoryRegion *pci_address_space,
+MemoryRegion *ram_memory)
+{
+DeviceState *dev;
+PCIBus *b;
+PCIDevice *d;
+PCIHostState *s;
+PIIX3State *piix3;
+PCII440FXState *f;
+unsigned i;
+I440FXState *i440fx;
+
+dev = qdev_create(NULL, TYPE_I440FX_PCI_HOST_BRIDGE);
+s = PCI_HOST_BRIDGE(dev);
+b = pci_bus_new(dev, NULL, pci_address_space,
+address_space_io, 0, TYPE_PCI_BUS);
+s->bus = b;
+object_property_add_child(qdev_get_machine(), "i440fx", OBJECT(dev), NULL);
+qdev_init_nofail(dev);
+
+d = pci_create_simple(b, 0, TYPE_I440FX_XEN_PCI_DEVICE);
+*pi440fx_state = I440FX_XEN_PCI_DEVICE(d);
+f = *pi440fx_state;
+f->system_memory = address_space_mem;
+f->pci_address_space = pci_address_space;
+f->ram_memory = ram_memory;
+
+i440fx = I440FX_PCI_HOST_BRIDGE(dev);
+i440fx->pci_info.w32.begin = below_4g_mem_size;
+
+/* setup pci memory mapping */
+pc_pci_as_mapping_init(OBJECT(f), f->system_memory,
+ f->pci_address_space);
+
+memory_region_init_alias(&f->smram_region, OBJECT(d), "smram-region",
+ f->pci_address_space, 0xa, 0x2);
+memory_region_add_subregion_overlap(f->system_memory, 0xa,
+&f->smram_region, 1);
+memory_region_set_enabled(&f->smram_region, false);
+init_pam(dev, f->ram_memory, f->system_memory, f->pci_address_space,
+ &f->pam_regions[0], PAM_BIOS_BASE, PAM_BIOS_SIZE);
+for (i = 0; i < 12; ++i) {
+init_pam(dev, f->ram_memory, f->system_memory, f->pci_address_space,
+ &f->pam_regions[i+1], PAM_EXPAN_BASE + i * PAM_EXPAN_SIZE,
+ PAM_EXPAN_SIZE);
+}
+
+/* Xen supports additional interrupt routes from the PCI devices to
+ * the IOAPIC: the four pins of each PCI device on the bus are also
+ * connected to the IOAPIC directly.
+ * These additional routes can be discovered through ACPI. */
+piix3 = DO_UPCAST(PIIX3State, dev,
+pci_create_simple_multifunction(b, -1, true, "PIIX3-xen"));
+pci_bus_irqs(b, xen_piix3_set_irq, xen_pci_slot_get_pirq,
+piix3, XEN_PIIX_NUM_PIRQS);
+piix3->pic = pic;
+*isa_bus = ISA_BUS(qdev_get_child_bus(DEVICE(piix3), "isa.0"));
+
+*piix3_devfn = piix3->dev.devfn;
+
+ram_size = ram_size / 8 / 1024 / 1024;
+if (ram_size > 255) {
+ram_size = 255;
+}
+d->config[0x57] = ram_size;
+
+i440fx_update_memory_mappings(f);
+
+return b;
+}
+
PCIBus *find_i440fx(void)
{
PCIHostState *s = OBJECT_CHECK(PCIHostState,
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 1c0c382..51656d9 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -239,6 +239,16 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int
*piix_devfn,
MemoryRegion *pci_memory,
MemoryRegion *ram_memory);
+PCIBus *xen_igd_i440fx_init(PCII440FXState **pi440fx_state, int *piix_devfn,
+ISABus **isa_bus, qemu_irq *pic,
+MemoryRegion *address_space_mem,
+MemoryRegion *address_space_io,
+ram_addr_t ram_size,
+ram_addr_t below_4g_mem_size,
+ram_addr_t above_4g_mem_size,
+MemoryRegion *pci_memory,
+MemoryRegion *ram_memory);
+
PCIBus *find_i440fx(void);
/* piix4.c */
extern PCIDevice *piix4_dev;
--
1.9.1
[Qemu-devel] [PATCH 1/4] hw:i386:pc_piix: split pc_init1()
We'd like to split pc_init1 and then we can share something
with other stuff.
Signed-off-by: Tiejun Chen
---
hw/i386/pc_piix.c | 93 +--
1 file changed, 70 insertions(+), 23 deletions(-)
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 7081c08..2391fda 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -70,34 +70,21 @@ static bool smbios_legacy_mode;
static bool gigabyte_align = true;
static bool has_reserved_memory = true;
-/* PC hardware initialisation */
-static void pc_init1(MachineState *machine,
+static ram_addr_t below_4g_mem_size;
+static ram_addr_t above_4g_mem_size;
+static void pc_machine_base_init(MachineState *machine,
int pci_enabled,
- int kvmclock_enabled)
+ int kvmclock_enabled,
+ DeviceState *icc_bridge,
+ MemoryRegion *ram_memory,
+ MemoryRegion *pci_memory,
+ qemu_irq *gsi,
+ GSIState *gsi_state,
+ FWCfgState *fw_cfg)
{
PCMachineState *pc_machine = PC_MACHINE(machine);
MemoryRegion *system_memory = get_system_memory();
-MemoryRegion *system_io = get_system_io();
-int i;
-ram_addr_t below_4g_mem_size, above_4g_mem_size;
-PCIBus *pci_bus;
-ISABus *isa_bus;
-PCII440FXState *i440fx_state;
-int piix3_devfn = -1;
-qemu_irq *cpu_irq;
-qemu_irq *gsi;
-qemu_irq *i8259;
-qemu_irq *smi_irq;
-GSIState *gsi_state;
-DriveInfo *hd[MAX_IDE_BUS * MAX_IDE_DEVS];
-BusState *idebus[MAX_IDE_BUS];
-ISADevice *rtc_state;
-ISADevice *floppy;
-MemoryRegion *ram_memory;
-MemoryRegion *pci_memory;
MemoryRegion *rom_memory;
-DeviceState *icc_bridge;
-FWCfgState *fw_cfg = NULL;
PcGuestInfo *guest_info;
ram_addr_t lowmem;
@@ -190,6 +177,20 @@ static void pc_init1(MachineState *machine,
} else {
gsi = qemu_allocate_irqs(gsi_handler, gsi_state, GSI_NUM_PINS);
}
+}
+
+static void pc_machine_pci_bus_init(MachineState *machine,
+ int pci_enabled,
+ PCII440FXState *i440fx_state,
+ int piix3_devfn,
+ PCIBus *pci_bus,
+ ISABus *isa_bus,
+ qemu_irq *gsi,
+ MemoryRegion *pci_memory,
+ MemoryRegion *ram_memory)
+{
+MemoryRegion *system_memory = get_system_memory();
+MemoryRegion *system_io = get_system_io();
if (pci_enabled) {
pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, &isa_bus, gsi,
@@ -203,6 +204,28 @@ static void pc_init1(MachineState *machine,
isa_bus = isa_bus_new(NULL, system_io);
no_hpet = 1;
}
+}
+
+static void pc_machine_device_init(MachineState *machine,
+ int pci_enabled,
+ GSIState *gsi_state,
+ DeviceState *icc_bridge,
+ int piix3_devfn,
+ FWCfgState *fw_cfg,
+ PCIBus *pci_bus,
+ ISABus *isa_bus,
+ qemu_irq *gsi)
+{
+int i;
+DriveInfo *hd[MAX_IDE_BUS * MAX_IDE_DEVS];
+BusState *idebus[MAX_IDE_BUS];
+qemu_irq *smi_irq;
+PCMachineState *pc_machine = PC_MACHINE(machine);
+qemu_irq *cpu_irq;
+qemu_irq *i8259;
+ISADevice *rtc_state;
+ISADevice *floppy;
+
isa_bus_irqs(isa_bus, gsi);
if (kvm_irqchip_in_kernel()) {
@@ -290,6 +313,30 @@ static void pc_init1(MachineState *machine,
}
}
+/* PC hardware initialisation */
+static void pc_init1(MachineState *machine,
+ int pci_enabled,
+ int kvmclock_enabled)
+{
+PCIBus *pci_bus = NULL;
+ISABus *isa_bus = NULL;
+PCII440FXState *i440fx_state = NULL;
+int piix3_devfn = -1;
+qemu_irq *gsi = NULL;
+GSIState *gsi_state = NULL;
+MemoryRegion *ram_memory = NULL;
+MemoryRegion *pci_memory = NULL;
+DeviceState *icc_bridge = NULL;
+FWCfgState *fw_cfg = NULL;
+
+pc_machine_base_init(machine, pci_enabled, kvmclock_enabled, icc_bridge,
+ram_memory, pci_memory, gsi, gsi_state, fw_cfg);
+pc_machine_pci_bus_init(machine, pci_enabled, i440fx_state, piix3_devfn,
+pci_bus, isa_bus, gsi, pci_memory, ram_memory);
+pc_machine_device_init(machine, pci_enabled, gsi_state, icc_bridge,
+piix3_devfn, fw_cfg, pci_bus, isa_bus, gsi);
+}
+
static void pc_init_pci(MachineState *machine)
{
pc_init1(machine, 1, 1);
--
1.9.1
[Qemu-devel] [PATCH 4/4] xen:hw:i386:pc_piix: introduce new machine for IGD passthrough
Now we can introduce a new machine, xenigd, specific to IGD
passthrough. This can avoid involving other common codes.
Signed-off-by: Tiejun Chen
---
hw/i386/pc_piix.c | 87 +++
1 file changed, 87 insertions(+)
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 2391fda..46e5901 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -206,6 +206,33 @@ static void pc_machine_pci_bus_init(MachineState *machine,
}
}
+static void xen_igd_pc_machine_pci_bus_init(MachineState *machine,
+ int pci_enabled,
+ PCII440FXState *i440fx_state,
+ int piix3_devfn,
+ PCIBus *pci_bus,
+ ISABus *isa_bus,
+ qemu_irq *gsi,
+ MemoryRegion *pci_memory,
+ MemoryRegion *ram_memory)
+{
+MemoryRegion *system_memory = get_system_memory();
+MemoryRegion *system_io = get_system_io();
+
+if (pci_enabled) {
+pci_bus = xen_igd_i440fx_init(&i440fx_state, &piix3_devfn, &isa_bus,
+ gsi, system_memory, system_io, machine->ram_size,
+ below_4g_mem_size,
+ above_4g_mem_size,
+ pci_memory, ram_memory);
+} else {
+pci_bus = NULL;
+i440fx_state = NULL;
+isa_bus = isa_bus_new(NULL, system_io);
+no_hpet = 1;
+}
+}
+
static void pc_machine_device_init(MachineState *machine,
int pci_enabled,
GSIState *gsi_state,
@@ -337,11 +364,39 @@ static void pc_init1(MachineState *machine,
piix3_devfn, fw_cfg, pci_bus, isa_bus, gsi);
}
+static void xen_igd_pc_init1(MachineState *machine,
+ int pci_enabled,
+ int kvmclock_enabled)
+{
+PCIBus *pci_bus = NULL;
+ISABus *isa_bus = NULL;
+PCII440FXState *i440fx_state = NULL;
+int piix3_devfn = -1;
+qemu_irq *gsi = NULL;
+GSIState *gsi_state = NULL;
+MemoryRegion *ram_memory = NULL;
+MemoryRegion *pci_memory = NULL;
+DeviceState *icc_bridge = NULL;
+FWCfgState *fw_cfg = NULL;
+
+pc_machine_base_init(machine, pci_enabled, kvmclock_enabled, icc_bridge,
+ram_memory, pci_memory, gsi, gsi_state, fw_cfg);
+xen_igd_pc_machine_pci_bus_init(machine, pci_enabled, i440fx_state,
+piix3_devfn, pci_bus, isa_bus, gsi, pci_memory,
ram_memory);
+pc_machine_device_init(machine, pci_enabled, gsi_state, icc_bridge,
+piix3_devfn, fw_cfg, pci_bus, isa_bus, gsi);
+}
+
static void pc_init_pci(MachineState *machine)
{
pc_init1(machine, 1, 1);
}
+static void xen_igd_pc_init_pci(MachineState *machine)
+{
+xen_igd_pc_init1(machine, 1, 1);
+}
+
static void pc_compat_2_0(MachineState *machine)
{
smbios_legacy_mode = true;
@@ -470,6 +525,17 @@ static void pc_xen_hvm_init(MachineState *machine)
pci_create_simple(bus, -1, "xen-platform");
}
}
+static void xen_igd_pc_hvm_init(MachineState *machine)
+{
+PCIBus *bus;
+
+xen_igd_pc_init_pci(machine);
+
+bus = pci_find_primary_bus();
+if (bus != NULL) {
+pci_create_simple(bus, -1, "xen-platform");
+}
+}
#endif
#define PC_I440FX_MACHINE_OPTIONS \
@@ -919,6 +985,26 @@ static QEMUMachine xenfv_machine = {
{ /* end of list */ }
},
};
+static QEMUMachine xenigd_machine = {
+PC_COMMON_MACHINE_OPTIONS,
+.name = "xenigd",
+.desc = "Xen Fully-virtualized PC specific to IGD",
+.init = xen_igd_pc_hvm_init,
+.max_cpus = HVM_MAX_VCPUS,
+.default_machine_opts = "accel=xen",
+.hot_add_cpu = pc_hot_add_cpu,
+.compat_props = (GlobalProperty[]) {
+/* xenfv has no fwcfg and so does not load acpi from QEMU.
+ * as such new acpi features don't work.
+ */
+{
+.driver = "PIIX4_PM",
+.property = "acpi-pci-hotplug-with-bridge-support",
+.value= "off",
+},
+{ /* end of list */ }
+},
+};
#endif
static void pc_machine_init(void)
@@ -942,6 +1028,7 @@ static void pc_machine_init(void)
qemu_register_pc_machine(&isapc_machine);
#ifdef CONFIG_XEN
qemu_register_pc_machine(&xenfv_machine);
+qemu_register_pc_machine(&xenigd_machine);
#endif
}
--
1.9.1
[Qemu-devel] [PATCH 2/4] xen:hw:pci-host:piix: create host bridge to passthrough
Implement that pci host bridge to specific to passthrough. Actually
this just inherit the standard one.
This is based on http://patchwork.ozlabs.org/patch/363810/.
Signed-off-by: Tiejun Chen
---
hw/pci-host/piix.c | 43 +++
1 file changed, 43 insertions(+)
diff --git a/hw/pci-host/piix.c b/hw/pci-host/piix.c
index e0e0946..9feddf5 100644
--- a/hw/pci-host/piix.c
+++ b/hw/pci-host/piix.c
@@ -34,6 +34,7 @@
#include "sysemu/sysemu.h"
#include "hw/i386/ioapic.h"
#include "qapi/visitor.h"
+#include "hw/xen/xen_pt.h"
/*
* I440FX chipset data sheet.
@@ -44,6 +45,10 @@
#define I440FX_PCI_HOST_BRIDGE(obj) \
OBJECT_CHECK(I440FXState, (obj), TYPE_I440FX_PCI_HOST_BRIDGE)
+#define TYPE_I440FX_XEN_PCI_DEVICE "i440FX-xen"
+#define I440FX_XEN_PCI_DEVICE(obj) \
+OBJECT_CHECK(PCII440FXState, (obj), TYPE_I440FX_XEN_PCI_DEVICE)
+
typedef struct I440FXState {
PCIHostState parent_obj;
PcPciInfo pci_info;
@@ -305,6 +310,16 @@ static int i440fx_initfn(PCIDevice *dev)
return 0;
}
+static int i440fx_xen_initfn(PCIDevice *dev)
+{
+PCII440FXState *d = I440FX_XEN_PCI_DEVICE(dev);
+
+dev->config[I440FX_SMRAM] = 0x02;
+
+cpu_smm_register(&i440fx_set_smm, d);
+return 0;
+}
+
PCIBus *i440fx_init(PCII440FXState **pi440fx_state,
int *piix3_devfn,
ISABus **isa_bus, qemu_irq *pic,
@@ -704,6 +719,33 @@ static const TypeInfo i440fx_info = {
.class_init= i440fx_class_init,
};
+static void i440fx_xen_class_init(ObjectClass *klass, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(klass);
+PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
+
+k->init = i440fx_xen_initfn;
+k->vendor_id = PCI_VENDOR_ID_INTEL;
+k->device_id = PCI_DEVICE_ID_INTEL_82441;
+k->revision = 0x02;
+k->class_id = PCI_CLASS_BRIDGE_ISA;
+dc->desc = "XEN Host bridge";
+dc->vmsd = &vmstate_i440fx;
+/*
+ * PCI-facing part of the host bridge, not usable without the
+ * host-facing part, which can't be device_add'ed, yet.
+ */
+dc->cannot_instantiate_with_device_add_yet = true;
+dc->hotpluggable = false;
+}
+
+static const TypeInfo i440fx_xen_info = {
+.name = TYPE_I440FX_XEN_PCI_DEVICE,
+.parent= TYPE_PCI_DEVICE,
+.instance_size = sizeof(PCII440FXState),
+.class_init= i440fx_xen_class_init,
+};
+
static const char *i440fx_pcihost_root_bus_path(PCIHostState *host_bridge,
PCIBus *rootbus)
{
@@ -745,6 +787,7 @@ static const TypeInfo i440fx_pcihost_info = {
static void i440fx_register_types(void)
{
type_register_static(&i440fx_info);
+type_register_static(&i440fx_xen_info);
type_register_static(&piix3_info);
type_register_static(&piix3_xen_info);
type_register_static(&i440fx_pcihost_info);
--
1.9.1
Re: [Qemu-devel] [PULL for-2.1 0/2] vnc: fix two vnc update issues.
On 24 July 2014 09:28, Gerd Hoffmann wrote: > Hi, > > Here are two vnc update bugfixes, found by code review while hunting > down a issue with vnc updates not being sent to the client. The > original issue has not been root-caused yet, it is also not clear > whenever qemu is at fault at all or whenever the vnc updates are > stuck somewhere else (kernel network stack). The bugs found are > for real nevertheless, and here are the fixes. > > please pull, > Gerd > > The following changes since commit f368c33d5ab09dd5656924185cd975b11838cd25: > > Update version for v2.1.0-rc3 release (2014-07-22 18:17:03 +0100) > > are available in the git repository at: > > git://git.kraxel.org/qemu tags/pull-vnc-20140724-1 > > for you to fetch changes up to 832932a6f17983a3167ae9da6fe54a245a30758e: > > vnc update fix (2014-07-24 10:14:34 +0200) > > > vnc: fix two vnc update issues. > > > Gerd Hoffmann (1): > vnc update fix > > Stephan Kulow (1): > fix full frame updates for VNC clients > > ui/vnc.c | 5 - > ui/vnc.h | 1 + > 2 files changed, 5 insertions(+), 1 deletion(-) So are these *really* release critical bugs, if they've been only found in code review? We're really close to release now and so my preference is not to include changes unless they're really necessary... thanks -- PMM
Re: [Qemu-devel] [PULL for-2.1 0/1] usb: mtp: tag root property as experimental
On 23 July 2014 08:16, Gerd Hoffmann wrote: > Hi, > > Sorry, bad timing on my side. Patch sent out yesterday, through it > would be a good idea to leave at least one day for review, and now I've > missed -rc3 :( > > This patch renames the root property of the usb-mtp device to make clear > this is experimental. As we eventually move usb-mtp to be backed by > fsdev I don't want commit (yet) to use a filesystem path to specify the > tree to export. > > please pull, > Gerd > > The following changes since commit f368c33d5ab09dd5656924185cd975b11838cd25: > > Update version for v2.1.0-rc3 release (2014-07-22 18:17:03 +0100) > > are available in the git repository at: > > git://git.kraxel.org/qemu tags/pull-usb-20140723-1 > > for you to fetch changes up to cf679caf911aa49a25477b3aa20468ee50ed6c89: > > usb: mtp: tag root property as experimental (2014-07-23 08:55:40 +0200) > > > usb: mtp: tag root property as experimental > > > Gerd Hoffmann (1): > usb: mtp: tag root property as experimental > > hw/usb/dev-mtp.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Applied, thanks. -- PMM
Re: [Qemu-devel] [PULL for-2.1 0/2] vnc: fix two vnc update issues.
Am 24.07.2014 13:48, schrieb Peter Maydell: > On 24 July 2014 09:28, Gerd Hoffmann wrote: >> Hi, >> >> Here are two vnc update bugfixes, found by code review while hunting >> down a issue with vnc updates not being sent to the client. The >> original issue has not been root-caused yet, it is also not clear >> whenever qemu is at fault at all or whenever the vnc updates are >> stuck somewhere else (kernel network stack). The bugs found are >> for real nevertheless, and here are the fixes. >> >> please pull, >> Gerd >> >> The following changes since commit f368c33d5ab09dd5656924185cd975b11838cd25: >> >> Update version for v2.1.0-rc3 release (2014-07-22 18:17:03 +0100) >> >> are available in the git repository at: >> >> git://git.kraxel.org/qemu tags/pull-vnc-20140724-1 >> >> for you to fetch changes up to 832932a6f17983a3167ae9da6fe54a245a30758e: >> >> vnc update fix (2014-07-24 10:14:34 +0200) >> >> >> vnc: fix two vnc update issues. >> >> >> Gerd Hoffmann (1): >> vnc update fix >> >> Stephan Kulow (1): >> fix full frame updates for VNC clients >> >> ui/vnc.c | 5 - >> ui/vnc.h | 1 + >> 2 files changed, 5 insertions(+), 1 deletion(-) > > So are these *really* release critical bugs, if they've been > only found in code review? We're really close to release now > and so my preference is not to include changes unless they're > really necessary... These are fixing openQA breakage (os-autoinst), https://bugzilla.novell.com/show_bug.cgi?id=888142 so +1 to include them if Gerd is confident they don't regress otherwise. Regards, Andreas -- SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
Re: [Qemu-devel] [PULL for-2.1 1/2] fix full frame updates for VNC clients
Stephan, Am 24.07.2014 10:28, schrieb Gerd Hoffmann: > From: Stephan Kulow > > If the client asks for !incremental frame updates, it has lost its content > so dirty doesn't matter - it has to see the full frame, so setting > force_update > Can you please sign off your (trivial) patch via reply? > Signed-off-by: Gerd Hoffmann > Reviewed-by: Peter Lieven > --- Thanks, Andreas -- SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
[Qemu-devel] [PATCH 0/4] image-fuzzer: Support L1/L2 tables in the qcow2 image generator
This patch series adds support of L1/L2 tables to the qcow2 image generator. Also it contains a fix of the test runner issue, when destructive commands under tests damage test images. This patch series was created for the 'block-next' branch and based on the next series: [PATCH V4 0/5] tests: Add the image fuzzer with qcow2 support. Maria Kustova (4): docs: Expand the list of supported image elements with L1/L2 tables runner: Make a copy of a test image for destructive test commands fuzz: Add fuzzing functions for L1/L2 table entries layout: Add generators of L1/L2 tables tests/image-fuzzer/docs/image-fuzzer.txt | 2 +- tests/image-fuzzer/qcow2/fuzz.py | 28 tests/image-fuzzer/qcow2/layout.py | 265 --- tests/image-fuzzer/runner/runner.py | 16 +- 4 files changed, 245 insertions(+), 66 deletions(-) -- 1.9.3
[Qemu-devel] [PATCH 1/4] docs: Expand the list of supported image elements with L1/L2 tables
Signed-off-by: Maria Kustova --- tests/image-fuzzer/docs/image-fuzzer.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/image-fuzzer/docs/image-fuzzer.txt b/tests/image-fuzzer/docs/image-fuzzer.txt index 2c4f346..08960ee 100644 --- a/tests/image-fuzzer/docs/image-fuzzer.txt +++ b/tests/image-fuzzer/docs/image-fuzzer.txt @@ -125,7 +125,7 @@ If a fuzzer configuration is specified, then it has the next interpretation: will be always fuzzed for every test. This case is useful for regression testing. -For now only header fields and header extensions are generated. +For now only header fields, header extensions and L1/L2 tables are generated. Module interfaces -- 1.9.3
[Qemu-devel] [PATCH 4/4] layout: Add generators of L1/L2 tables
Valid L2 entries contain offsets to image clusters filled with random data. L2 entries have random positions inside L2 tables. L1 entries contain offsets to generated L2 tables and also have random positions inside the L1 table. Clusters for L1/L2 tables and random data are selected randomly. Signed-off-by: Maria Kustova --- tests/image-fuzzer/qcow2/layout.py | 265 - 1 file changed, 206 insertions(+), 59 deletions(-) diff --git a/tests/image-fuzzer/qcow2/layout.py b/tests/image-fuzzer/qcow2/layout.py index 2bad223..5f759e6 100644 --- a/tests/image-fuzzer/qcow2/layout.py +++ b/tests/image-fuzzer/qcow2/layout.py @@ -19,6 +19,8 @@ import random import struct import fuzz +from math import ceil +from os import urandom MAX_IMAGE_SIZE = 10*2**20 # Standard sizes @@ -97,7 +99,66 @@ class Image(object): return [cluster_bits, img_size] @staticmethod -def _header(cluster_bits, img_size, backing_file_name=None): +def _get_available_clusters(used, number): +"""Return a set of indices of not allocated clusters + +'used' contains indices of currently allocated clusters. +All clusters that cannot be allocated between 'used' clusters will have +indices appended to the end of 'used'. +""" +append_id = max(used) + 1 +free = set(range(1, append_id)) - used +if len(free) >= number: +return set(random.sample(free, number)) +else: +return free | set(range(append_id, append_id + number - len(free))) + +@staticmethod +def _get_adjacent_clusters(used, size): +"""Return an index of the first cluster in the sequence of free ones + +'used' contains indices of currently allocated clusters. 'size' is the +length of the sequence of free clusters. +If the sequence of 'size' is not available between 'used' clusters, its +first index will be append to the end of 'used'. +""" +def get_cluster_id(lst, length): +"""Return the first index of the sequence of the specified length +or -1 if the sequence cannot be inserted in the list +""" +if len(lst) != 0: +pairs = [] +pair = (lst[0], 1) +for i in range(1, len(lst)): +if lst[i] == lst[i-1] + 1: +pair = (lst[i], pair[1] + 1) +else: +pairs.append(pair) +pair = (lst[i], 1) +pairs.append(pair) +random.shuffle(pairs) +for x, s in pairs: +if s >= length: +return x - length + 1 +return -1 + +append_id = max(used) + 1 +free = list(set(range(1, append_id)) - used) +idx = get_cluster_id(free, size) +if idx == -1: +return append_id +else: +return idx + +@staticmethod +def _alloc_data(img_size, cluster_size): +"""Return a set of random indices of clusters allocated for guest data +""" +num_of_cls = img_size/cluster_size +return set(random.sample(range(1, num_of_cls + 1), + random.randint(0, num_of_cls))) + +def create_header(self, cluster_bits, img_size, backing_file_name=None): """Generate a random valid header""" meta_header = [ ['>4s', 0, "QFI\xfb", 'magic'], @@ -121,17 +182,18 @@ class Image(object): ['>I', 96, 4, 'refcount_order'], ['>I', 100, 0, 'header_length'] ] -v_header = FieldsList(meta_header) +self.header = FieldsList(meta_header) -if v_header['version'][0].value == 2: -v_header['header_length'][0].value = 72 +if self.header['version'][0].value == 2: +self.header['header_length'][0].value = 72 else: -v_header['incompatible_features'][0].value = random.getrandbits(2) -v_header['compatible_features'][0].value = random.getrandbits(1) -v_header['header_length'][0].value = 104 +self.header['incompatible_features'][0].value = random\ +.getrandbits(2) +self.header['compatible_features'][0].value = random.getrandbits(1) +self.header['header_length'][0].value = 104 -max_header_len = struct.calcsize(v_header['header_length'][0].fmt) + \ - v_header['header_length'][0].offset +max_header_len = struct.calcsize(self.header['header_length'][0].fmt)+\ + self.header['header_length'][0].offset end_of_extension_area_len = 2*UINT32_S free_space = (1 << cluster_bits) - (max_header_len + end_of_extension_area_len) @@ -140,41 +202,35 @@ class Image(object):
[Qemu-devel] [PATCH 2/4] runner: Make a copy of a test image for destructive test commands
Signed-off-by: Maria Kustova
---
tests/image-fuzzer/runner/runner.py | 16 ++--
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/tests/image-fuzzer/runner/runner.py
b/tests/image-fuzzer/runner/runner.py
index 3e9e65d..6ec40a4 100755
--- a/tests/image-fuzzer/runner/runner.py
+++ b/tests/image-fuzzer/runner/runner.py
@@ -21,8 +21,8 @@
import sys, os, signal
import subprocess
import random
+import shutil
from itertools import count
-from shutil import rmtree
import getopt
try:
import json
@@ -107,7 +107,9 @@ class TestEnv(object):
'discard $off $len'],
['qemu-io', '$test_img', '-c',
'truncate $off']]
-for fmt in ['raw', 'vmdk', 'vdi', 'cow', 'qcow2', 'file',
+# VMDK format is skipped because such conversion requires
+# a pregenerated vmdk file
+for fmt in ['raw', 'vdi', 'cow', 'qcow2', 'file',
'qed', 'vpc']:
self.commands.append(
['qemu-img', 'convert', '-f', 'qcow2', '-O', fmt,
@@ -146,7 +148,7 @@ class TestEnv(object):
'file', 'qed', 'vpc'])
backing_file_name = 'backing_img.' + backing_file_fmt
# Size of the backing file varies from 1 to 10 MB
-backing_file_size = random.randint(1, 10)*(1 << 20)
+backing_file_size = random.randint(1, 10) * (1 << 20)
cmd = self.qemu_img + ['create', '-f', backing_file_fmt,
backing_file_name, str(backing_file_size)]
devnull = open('/dev/null', 'r+')
@@ -170,17 +172,18 @@ class TestEnv(object):
commands = input_commands
os.chdir(self.current_dir)
backing_file_name, backing_file_fmt = self._create_backing_file()
-img_size = image_generator.create_image('test_image',
+img_size = image_generator.create_image('test.img',
backing_file_name,
backing_file_fmt,
fuzz_config)
for item in commands:
+shutil.copy('test.img', 'copy.img')
start = random.randint(0, img_size)
end = random.randint(start, img_size)
current_cmd = list(self.__dict__[item[0].replace('-', '_')])
# Replace all placeholders with their real values
for v in item[1:]:
-c = v.replace('$test_img', 'test_image').\
+c = v.replace('$test_img', 'copy.img').\
replace('$off', str(start)).\
replace('$len', str(end - start))
current_cmd.append(c)
@@ -208,6 +211,7 @@ class TestEnv(object):
multilog(test_summary + "PASS: Application exited with" + \
" the code '%d'\n\n" % retcode, sys.stdout,
self.log, self.parent_log)
+os.remove('copy.img')
def finish(self):
""" Restore environment after a test execution. Remove folders of
@@ -217,7 +221,7 @@ class TestEnv(object):
self.parent_log.close()
os.chdir(self.init_path)
if self.cleanup and not self.failed:
-rmtree(self.current_dir)
+shutil.rmtree(self.current_dir)
if __name__ == '__main__':
--
1.9.3
[Qemu-devel] [PATCH 3/4] fuzz: Add fuzzing functions for L1/L2 table entries
Signed-off-by: Maria Kustova --- tests/image-fuzzer/qcow2/fuzz.py | 28 1 file changed, 28 insertions(+) diff --git a/tests/image-fuzzer/qcow2/fuzz.py b/tests/image-fuzzer/qcow2/fuzz.py index ef9198f..178fef8 100644 --- a/tests/image-fuzzer/qcow2/fuzz.py +++ b/tests/image-fuzzer/qcow2/fuzz.py @@ -327,3 +327,31 @@ def feature_name(current): truncate_string(STRING_V, 46) # Fuzz padding (field length = 46) ] return selector(current, constraints, string_validator) + + +def l1_entry(current): +"""Fuzz an entry of the L1 table""" +constraints = UINT64_V +# Reserved bits are ignored +# Added a possibility when only flags are fuzzed +offset = 0x7fff & random.choice([selector(current, + constraints), + current]) +is_cow = random.randint(0, 1) +return offset + (is_cow << UINT64_M) + + +def l2_entry(current): +"""Fuzz an entry of an L2 table""" +constraints = UINT64_V +# Reserved bits are ignored +# Added a possibility when only flags are fuzzed +offset = 0x3ffe & random.choice([selector(current, + constraints), + current]) +is_compressed = random.randint(0, 1) +is_cow = random.randint(0, 1) +is_zero = random.randint(0, 1) +value = offset + (is_cow << UINT64_M) + \ +(is_compressed << UINT64_M - 1) + is_zero +return value -- 1.9.3
Re: [Qemu-devel] [PATCH 1/6] bootindex: add {del, modify}_boot_device_path function
Hi, Gerd
> -Original Message-
> From: Gerd Hoffmann [mailto:kra...@redhat.com]
> Sent: Thursday, July 24, 2014 6:09 PM
> To: Gonglei (Arei)
> Cc: qemu-devel@nongnu.org; afaer...@suse.de; ag...@suse.de;
> stefa...@redhat.com; ak...@redhat.com; a...@ozlabs.ru;
> alex.william...@redhat.com; arm...@redhat.com; ebl...@redhat.com;
> kw...@redhat.com; peter.mayd...@linaro.org; lcapitul...@redhat.com;
> m...@redhat.com; pbonz...@redhat.com; ler...@redhat.com;
> imamm...@redhat.com; dmi...@daynix.com; marce...@redhat.com;
> peter.crosthwa...@xilinx.com; r...@twiddle.net; so...@cmu.edu;
> Huangweidong (C); Luonengjun; Huangpeng (Peter); chenliang (T)
> Subject: Re: [PATCH 1/6] bootindex: add {del,modify}_boot_device_path
> function
>
> On Do, 2014-07-24 at 16:38 +0800, arei.gong...@huawei.com wrote:
> > From: Gonglei
> >
> > When we want to change one device's bootindex, we should do three
> > things. On the on hand, remove the device from global fw_boot_order list,
> > regardless attaching suffix or not delete. On the other hand, delete
> > original object of the assigned bootindex. Finally add the new device's
> > bootindex into the global fw_boot_order list.
>
> Hmm. I think we should simply lookup the device and modify the
> bootindex, leaving the entry as-is otherwise. In case the new bootindex
> is already used by another device just throw an error.
>
If we just throw an error but not change the bootindex is already used,
we cannot achieve our purpose. For example, we configure a hard disk,
which bootindex=1, a nic which bootindex=2. If we want to boot the guest
from nic firstly, we should must set the nic's bootindex to 1. AFAICT, the
bootindex=1 always be used.
> > +void del_boot_device_path(int32_t bootindex, DeviceState *dev,
> > + const char *suffix);
>
> Should be del_boot_device_path(DeviceState *dev) and simply delete all
> entries belonging to the device. Patch #3 can be much simpler then as
> we can call the function from generic device cleanup code.
>
Because the IDE device may configure two kind of disk, HD and CDROM, we
have to distinguish them by suffix.
> > +void modify_boot_device_path(int32_t bootindex, DeviceState *dev,
> > + const char *suffix);
>
> No need for suffix here if we just update the existing entry.
>
> cheers,
> Gerd
>
Best regards,
-Gonglei
Re: [Qemu-devel] [PATCH 5/7] hw/core/sysbus: add fdt_add_node method
On Thu, Jul 24, 2014 at 6:25 AM, Alexander Graf wrote: > > On 24.07.14 09:36, Eric Auger wrote: >> >> On 07/24/2014 01:02 AM, Alexander Graf wrote: >>> >>> On 23.07.14 17:33, Eric Auger wrote: On 07/08/2014 03:52 PM, Alexander Graf wrote: > > On 07.07.14 09:08, Eric Auger wrote: >> >> This method is meant to be called on sysbus device dynamic >> instantiation (-device option). Devices that support this >> kind of instantiation must implement this method. >> >> Signed-off-by: Eric Auger > > For the reason I stated earlier, I don't think it's a good idea to put > device tree code into our device models. Hi Alex, I would propose we discuss that topic during next KVM call if you are available. >>> >>> I lost track when that would be. Next week would work fine, the week >>> after not :). >> >> Hi Alex, >> >> Unfortunately I think the last one was this week. If you are available >> next week I would propose to setup a short call next week. > > > Sure! > > >> Who are the >> required people in the call aside us and Peter? > > > It would be good if we could have one person on the call who has a very good > understanding of cross-platform device trees. Scott Wood or Rob Herring come > to my mind here. > > Scott, Rob, would either of you be available for a quick call on device tree > abstraction levels in QEMU Tuesday next week? Yes, I can. Rob
Re: [Qemu-devel] [PULL 3/5] serial: change retry logic to avoid concurrency
On 14.7.2014 17:49, Paolo Bonzini wrote:
> From: Kirill Batuzov
>
> Whenever serial_xmit fails to transmit a byte it adds a watch that would
> call it again when the "line" becomes ready. This results in a retry
> chain:
> serial_xmit -> add_watch -> serial_xmit
> Each chain is able to transmit one character, and for every character
> passed to serial by the guest driver a new chain is spawned.
>
> The problem lays with the fact that a new chain is spawned even when
> there is one already waiting on the watch. So there can be several retry
> chains waiting concurrently on one "line". Every chain tries to transmit
> current character, so character order is not messed up. But also every
> chain increases retry counter (tsr_retry). If there are enough
> concurrent chains this counter will hit MAX_XMIT_RETRY value and
> the character will be dropped.
>
> To reproduce this bug you need to feed serial output to some program
> consuming it slowly enough. A python script from bug #1335444
> description is an example of such program.
>
> This commit changes retry logic in the following way to avoid
> concurrency: instead of spawning a new chain for each character being
> transmitted spawn only one and make it transmit characters until FIFO is
> empty.
>
> The change consists of two parts:
> - add a do {} while () loop in serial_xmit (diff is a bit erratic
>for this part, diff -w will show actual change),
> - do not call serial_xmit from serial_ioport_write if there is one
>waiting on the watch already.
>
> This should fix another issue causing bug #1335444.
>
> Signed-off-by: Kirill Batuzov
> Signed-off-by: Paolo Bonzini
Hi, this commit introduced a regression with serial console. The issue
is that if you start a guest with serial console:
-chardev pty,id=charserial0 -device
isa-serial,chardev=charserial0,id=serial0
the guest hang during boot for a long time and I'm not even sure it
it ever boot up. The last message printed out by kernel is:
"[ 0.00] console [tty0] enabled"
If you connect to the serial console than the guest continue
booting immediately.
Pavel
Re: [Qemu-devel] [Qemu-ppc] [PATCH for-2.2] spapr: add host Linux version information to device tree
On 18.07.14 06:31, cyril...@gmail.com wrote:
It may prove useful know which Linux distribution version the host machine
is running when an issue in the guest arises but a user cannot access
the host.
Signed-off-by: Cyril Bur
---
hw/ppc/spapr.c | 8 +++
target-ppc/kvm.c | 62
target-ppc/kvm_ppc.h | 6 +
3 files changed, 76 insertions(+)
diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 6b48a26..391d47a 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -375,6 +375,14 @@ static void *spapr_create_fdt_skel(hwaddr initrd_base,
_FDT((fdt_property_string(fdt, "vm,uuid", buf)));
g_free(buf);
+/*
+ * Add info to the guest FDT to tell it what linux the host is
+ */
+if (kvmppc_get_linux_host(&buf)) {
+_FDT((fdt_property_string(fdt, "linux,host", buf)));
Is this even specified in sPAPR?
+g_free(buf);
+}
+
_FDT((fdt_property_cell(fdt, "#address-cells", 0x2)));
_FDT((fdt_property_cell(fdt, "#size-cells", 0x2)));
diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c
index 8c9e79c..95e0970 100644
--- a/target-ppc/kvm.c
+++ b/target-ppc/kvm.c
@@ -1415,6 +1415,68 @@ bool kvmppc_get_host_model(char **value)
return g_file_get_contents("/proc/device-tree/model", value, NULL, NULL);
}
+bool kvmppc_get_linux_host(char **value)
+{
+FILE *f;
+int i;
+char line[512];
+const char *names[] = {"NAME", "VERSION", "BUILD_ID"};
+bool names_found[ARRAY_SIZE(names)] = { 0 };
+GString *output = NULL;
+f = fopen("/etc/os-release", "r");
A few comments:
1) Why would anyone care?
2) I'm not sure KVM is the right decision maker on whether we want
this exposed or not. After all, the files you read here are available on
an x86 host just as well
3) Use glib functions to read files
Alex
Re: [Qemu-devel] [PATCH 1/6] bootindex: add {del, modify}_boot_device_path function
Hi, > > Hmm. I think we should simply lookup the device and modify the > > bootindex, leaving the entry as-is otherwise. In case the new bootindex > > is already used by another device just throw an error. > > > If we just throw an error but not change the bootindex is already used, > we cannot achieve our purpose. For example, we configure a hard disk, > which bootindex=1, a nic which bootindex=2. If we want to boot the guest > from nic firstly, we should must set the nic's bootindex to 1. AFAICT, the > bootindex=1 always be used. No. The devices are simply sorted by bootindex. You don't have to use '1'. And you can have holes in your numbering and use --for example -- 3+5. So you can start qemu with hd=2,cdrom=3,nic=4, then set nic=1 or cdrom=1 for a guest install, change it back when done. > > Should be del_boot_device_path(DeviceState *dev) and simply delete all > > entries belonging to the device. Patch #3 can be much simpler then as > > we can call the function from generic device cleanup code. > > > Because the IDE device may configure two kind of disk, HD and CDROM, we > have to distinguish them by suffix. Yes, the suffix indicated whenever the device is a disk or cdrom. But you'll never have both cdrom+disk paths attached to a single device. Therefore the device is enough to identify the bootpath entry, you don't need the suffix for that. cheers, Gerd
Re: [Qemu-devel] [PATCH 2.1] PPC: KVM: Fix g3beige and mac99 when HV is loaded
Il 24/07/2014 10:52, Alexander Graf ha scritto:
> On PPC we have 2 different styles of KVM: PR and HV. HV can only virtualize
> sPAPR guests while PR can virtualize everything that's reasonably close to
> the host hardware platform.
>
> As long as only one kernel module (PR or HV) is loaded, the "default" kvm type
> is the module that's loaded. So if your hardware only supports PR mode you can
> easily spawn a Mac VM.
>
> However, if both HV and PR are loaded we default to HV mode. And in that case
> the Mac machines have to explicitly ask for PR mode to get a working VM.
>
> Fix this up by explicitly having the Mac machines ask for PR style KVM. This
> fixes bootup of Mac VMs on systems where bot HV and PR kvm modules are loaded
> for me.
>
> Signed-off-by: Alexander Graf
> ---
> hw/ppc/mac_newworld.c | 7 +++
> hw/ppc/mac_oldworld.c | 7 +++
> 2 files changed, 14 insertions(+)
>
> diff --git a/hw/ppc/mac_newworld.c b/hw/ppc/mac_newworld.c
> index f5bccd2..2e66a35 100644
> --- a/hw/ppc/mac_newworld.c
> +++ b/hw/ppc/mac_newworld.c
> @@ -477,12 +477,19 @@ static void ppc_core99_init(MachineState *machine)
> qemu_register_boot_set(fw_cfg_boot_set, fw_cfg);
> }
>
> +static int core99_kvm_type(const char *arg)
> +{
> +/* Always force PR KVM */
> +return 2;
> +}
> +
> static QEMUMachine core99_machine = {
> .name = "mac99",
> .desc = "Mac99 based PowerMAC",
> .init = ppc_core99_init,
> .max_cpus = MAX_CPUS,
> .default_boot_order = "cd",
> +.kvm_type = core99_kvm_type,
> };
>
> static void core99_machine_init(void)
> diff --git a/hw/ppc/mac_oldworld.c b/hw/ppc/mac_oldworld.c
> index cd9bdbc..ec7ed38 100644
> --- a/hw/ppc/mac_oldworld.c
> +++ b/hw/ppc/mac_oldworld.c
> @@ -346,6 +346,12 @@ static void ppc_heathrow_init(MachineState *machine)
> qemu_register_boot_set(fw_cfg_boot_set, fw_cfg);
> }
>
> +static int heathrow_kvm_type(const char *arg)
> +{
> +/* Always force PR KVM */
> +return 2;
> +}
> +
> static QEMUMachine heathrow_machine = {
> .name = "g3beige",
> .desc = "Heathrow based PowerMAC",
> @@ -355,6 +361,7 @@ static QEMUMachine heathrow_machine = {
> .is_default = 1,
> #endif
> .default_boot_order = "cd", /* TOFIX "cad" when Mac floppy is
> implemented */
> +.kvm_type = heathrow_kvm_type,
> };
>
> static void heathrow_machine_init(void)
>
Why should anything except pseries ever use HV KVM?
Paolo
Re: [Qemu-devel] [PATCH 2.1] PPC: KVM: Fix g3beige and mac99 when HV is loaded
On 24.07.14 15:44, Paolo Bonzini wrote:
Il 24/07/2014 10:52, Alexander Graf ha scritto:
On PPC we have 2 different styles of KVM: PR and HV. HV can only virtualize
sPAPR guests while PR can virtualize everything that's reasonably close to
the host hardware platform.
As long as only one kernel module (PR or HV) is loaded, the "default" kvm type
is the module that's loaded. So if your hardware only supports PR mode you can
easily spawn a Mac VM.
However, if both HV and PR are loaded we default to HV mode. And in that case
the Mac machines have to explicitly ask for PR mode to get a working VM.
Fix this up by explicitly having the Mac machines ask for PR style KVM. This
fixes bootup of Mac VMs on systems where bot HV and PR kvm modules are loaded
for me.
Signed-off-by: Alexander Graf
---
hw/ppc/mac_newworld.c | 7 +++
hw/ppc/mac_oldworld.c | 7 +++
2 files changed, 14 insertions(+)
diff --git a/hw/ppc/mac_newworld.c b/hw/ppc/mac_newworld.c
index f5bccd2..2e66a35 100644
--- a/hw/ppc/mac_newworld.c
+++ b/hw/ppc/mac_newworld.c
@@ -477,12 +477,19 @@ static void ppc_core99_init(MachineState *machine)
qemu_register_boot_set(fw_cfg_boot_set, fw_cfg);
}
+static int core99_kvm_type(const char *arg)
+{
+/* Always force PR KVM */
+return 2;
+}
+
static QEMUMachine core99_machine = {
.name = "mac99",
.desc = "Mac99 based PowerMAC",
.init = ppc_core99_init,
.max_cpus = MAX_CPUS,
.default_boot_order = "cd",
+.kvm_type = core99_kvm_type,
};
static void core99_machine_init(void)
diff --git a/hw/ppc/mac_oldworld.c b/hw/ppc/mac_oldworld.c
index cd9bdbc..ec7ed38 100644
--- a/hw/ppc/mac_oldworld.c
+++ b/hw/ppc/mac_oldworld.c
@@ -346,6 +346,12 @@ static void ppc_heathrow_init(MachineState *machine)
qemu_register_boot_set(fw_cfg_boot_set, fw_cfg);
}
+static int heathrow_kvm_type(const char *arg)
+{
+/* Always force PR KVM */
+return 2;
+}
+
static QEMUMachine heathrow_machine = {
.name = "g3beige",
.desc = "Heathrow based PowerMAC",
@@ -355,6 +361,7 @@ static QEMUMachine heathrow_machine = {
.is_default = 1,
#endif
.default_boot_order = "cd", /* TOFIX "cad" when Mac floppy is implemented
*/
+.kvm_type = heathrow_kvm_type,
};
static void heathrow_machine_init(void)
Why should anything except pseries ever use HV KVM?
Because there are no other Book3S machines :). And for BookE we don't
implement kvm_type != 0 because we only support either PR or HV
depending on the host platform.
Alex
Re: [Qemu-devel] [PULL for-2.1 1/2] fix full frame updates for VNC clients
Am 24.07.2014 15:45, schrieb Stephan Kulow: > On 24.07.2014 14:30, Andreas Färber wrote: >> Am 24.07.2014 10:28, schrieb Gerd Hoffmann: >>> From: Stephan Kulow >>> >>> If the client asks for !incremental frame updates, it has lost its content >>> so dirty doesn't matter - it has to see the full frame, so setting >>> force_update >>> >> >> Can you please sign off your (trivial) patch via reply? > > You mean confirming it was my patch? Yes, it was. Yes, in the sense of written-by-you - that's expected to be indicated the kernel way through a "Signed-off-by: Your name " line, usually automated via git commit -s. Cheers, Andreas -- SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
[Qemu-devel] [PATCH for-2.1] qemu-char: ignore flow control if a PTY's slave is not connected
After commit f702e62 (serial: change retry logic to avoid concurrency,
2014-07-11), guest boot hangs if the backend is an unconnected PTY.
The reason is that PTYs do not support G_IO_HUP, and serial_xmit is
never called. To fix this, simply invoke serial_xmit immediately
(via g_idle_source_new) when this happens.
Signed-off-by: Paolo Bonzini
---
qemu-char.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/qemu-char.c b/qemu-char.c
index 7acc03f..64d3473 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -1168,7 +1168,11 @@ static int pty_chr_write(CharDriverState *chr, const
uint8_t *buf, int len)
static GSource *pty_chr_add_watch(CharDriverState *chr, GIOCondition cond)
{
PtyCharDriver *s = chr->opaque;
-return g_io_create_watch(s->fd, cond);
+if (!s->connected) {
+return g_idle_source_new();
+} else {
+return g_io_create_watch(s->fd, cond);
+}
}
static int pty_chr_read_poll(void *opaque)
--
1.8.3.1
Re: [Qemu-devel] [PULL for-2.1 0/2] vnc: fix two vnc update issues.
Hi, > > So are these *really* release critical bugs, if they've been > > only found in code review? We're really close to release now > > and so my preference is not to include changes unless they're > > really necessary... > > These are fixing openQA breakage (os-autoinst), In more detail: Stephan's patch fixes a rather serve violation of the vnc protocol. If vnc clients ask for a complete framebuffer update they may not get it. The complete display is tagged dirty, but nothing is sent out until something changes on the screen, thereby triggering processing of all dirty display regions. Which may be never. The other patch fixes a simliar situation. Screen updates might become stuck in case vnc delays processing due to output buffers being filled. Again other screen updates will trigger dirty processing and un-stuck the updates. That kind of bug you usually don't notice as normal user. You'll wiggle the mouse and the mouse pointer update will make vnc flush things. Or, if in text mode, the friendly blinking cursor causes regular vnc screen update activity. Thats why it didn't trip up normal users. Scrips are much more likely to hit it as they don't do random mouse activity. But even openQA doesn't hit it on every run, but only now and then. Also asking for a complete framebuffer update isn't something desktop vnc clients usually do (after initial connect). openQA does it though. cheers, Gerd
Re: [Qemu-devel] [PULL for-2.1 1/2] fix full frame updates for VNC clients
On 24.07.2014 14:30, Andreas Färber wrote: > Stephan, > > Am 24.07.2014 10:28, schrieb Gerd Hoffmann: >> From: Stephan Kulow >> >> If the client asks for !incremental frame updates, it has lost its content >> so dirty doesn't matter - it has to see the full frame, so setting >> force_update >> > > Can you please sign off your (trivial) patch via reply? You mean confirming it was my patch? Yes, it was. Greetings, Stephan
Re: [Qemu-devel] [PULL 3/5] serial: change retry logic to avoid concurrency
Il 24/07/2014 14:57, Pavel Hrdina ha scritto:
> On 14.7.2014 17:49, Paolo Bonzini wrote:
>> From: Kirill Batuzov
>>
>> Whenever serial_xmit fails to transmit a byte it adds a watch that would
>> call it again when the "line" becomes ready. This results in a retry
>> chain:
>> serial_xmit -> add_watch -> serial_xmit
>> Each chain is able to transmit one character, and for every character
>> passed to serial by the guest driver a new chain is spawned.
>>
>> The problem lays with the fact that a new chain is spawned even when
>> there is one already waiting on the watch. So there can be several retry
>> chains waiting concurrently on one "line". Every chain tries to transmit
>> current character, so character order is not messed up. But also every
>> chain increases retry counter (tsr_retry). If there are enough
>> concurrent chains this counter will hit MAX_XMIT_RETRY value and
>> the character will be dropped.
>>
>> To reproduce this bug you need to feed serial output to some program
>> consuming it slowly enough. A python script from bug #1335444
>> description is an example of such program.
>>
>> This commit changes retry logic in the following way to avoid
>> concurrency: instead of spawning a new chain for each character being
>> transmitted spawn only one and make it transmit characters until FIFO is
>> empty.
>>
>> The change consists of two parts:
>> - add a do {} while () loop in serial_xmit (diff is a bit erratic
>>for this part, diff -w will show actual change),
>> - do not call serial_xmit from serial_ioport_write if there is one
>>waiting on the watch already.
>>
>> This should fix another issue causing bug #1335444.
>>
>> Signed-off-by: Kirill Batuzov
>> Signed-off-by: Paolo Bonzini
>
>
> Hi, this commit introduced a regression with serial console. The issue
> is that if you start a guest with serial console:
>
> -chardev pty,id=charserial0 -device
> isa-serial,chardev=charserial0,id=serial0
>
> the guest hang during boot for a long time and I'm not even sure it
> it ever boot up. The last message printed out by kernel is:
>
> "[ 0.00] console [tty0] enabled"
>
> If you connect to the serial console than the guest continue
> booting immediately.
Interesting, the patch is actually doing exactly what it was meant to
do, but in the wrong circumstances. :)
The bug is that G_IO_HUP is not supported by ptys. I have just sent a
patch.
Paolo
Re: [Qemu-devel] [PATCH 2.1] PPC: KVM: Fix g3beige and mac99 when HV is loaded
Il 24/07/2014 15:54, Alexander Graf ha scritto: >>> >> Why should anything except pseries ever use HV KVM? > > Because there are no other Book3S machines :). And for BookE we don't > implement kvm_type != 0 because we only support either PR or HV > depending on the host platform. Yeah, what I meant was (in a rather Socratic way): why should the default for kvm_type == NULL be anything but PR? All 2.2 stuff, of course. Paolo
Re: [Qemu-devel] [PATCH 2.1] PPC: KVM: Fix g3beige and mac99 when HV is loaded
On 24.07.14 16:11, Paolo Bonzini wrote: Il 24/07/2014 15:54, Alexander Graf ha scritto: Why should anything except pseries ever use HV KVM? Because there are no other Book3S machines :). And for BookE we don't implement kvm_type != 0 because we only support either PR or HV depending on the host platform. Yeah, what I meant was (in a rather Socratic way): why should the default for kvm_type == NULL be anything but PR? I would prefer to keep the BookE machines on kvm_type = 0. Saying "give me whatever you can" makes a lot more sense there. Alex
[Qemu-devel] [Bug 1348106] [NEW] kvm crash on Kali Linux
Public bug reported: platform: DELL Vostro 2421 #uname -a Linux x-linux 3.14-kali1-686-pae #1 SMP Debian 3.14.4-1kali1 (2014-05-14) i686 GNU/Linux #kvm --version QEMU emulator version 1.1.2 (qemu-kvm-1.1.2+dfsg-6+deb7u3, Debian), Copyright (c) 2003-2008 Fabrice Bellard #qemu --version QEMU emulator version 1.1.2 (Debian 1.1.2+dfsg-6a+deb7u3), Copyright (c) 2003-2008 Fabrice Bellard # cat /etc/issue Kali GNU/Linux 1.0.7 \n \l # cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 58 model name : Intel(R) Core(TM) i3-3227U CPU @ 1.90GHz stepping: 9 microcode : 0x19 cpu MHz : 790.875 cache size : 3072 KB physical id : 0 siblings: 4 core id : 0 cpu cores : 2 apicid : 0 initial apicid : 0 fdiv_bug: no f00f_bug: no coma_bug: no fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx rdtscp lm constant_tsc arch_perfmon pebs bts xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer xsave avx f16c lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms bogomips: 3791.39 clflush size: 64 cache_alignment : 64 address sizes : 36 bits physical, 48 bits virtual power management: processor : 1 vendor_id : GenuineIntel cpu family : 6 model : 58 model name : Intel(R) Core(TM) i3-3227U CPU @ 1.90GHz stepping: 9 microcode : 0x19 cpu MHz : 790.875 cache size : 3072 KB physical id : 0 siblings: 4 core id : 1 cpu cores : 2 apicid : 2 initial apicid : 2 fdiv_bug: no f00f_bug: no coma_bug: no fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx rdtscp lm constant_tsc arch_perfmon pebs bts xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer xsave avx f16c lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms bogomips: 3791.39 clflush size: 64 cache_alignment : 64 address sizes : 36 bits physical, 48 bits virtual power management: processor : 2 vendor_id : GenuineIntel cpu family : 6 model : 58 model name : Intel(R) Core(TM) i3-3227U CPU @ 1.90GHz stepping: 9 microcode : 0x19 cpu MHz : 790.875 cache size : 3072 KB physical id : 0 siblings: 4 core id : 0 cpu cores : 2 apicid : 1 initial apicid : 1 fdiv_bug: no f00f_bug: no coma_bug: no fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx rdtscp lm constant_tsc arch_perfmon pebs bts xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer xsave avx f16c lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms bogomips: 3791.39 clflush size: 64 cache_alignment : 64 address sizes : 36 bits physical, 48 bits virtual power management: processor : 3 vendor_id : GenuineIntel cpu family : 6 model : 58 model name : Intel(R) Core(TM) i3-3227U CPU @ 1.90GHz stepping: 9 microcode : 0x19 cpu MHz : 790.875 cache size : 3072 KB physical id : 0 siblings: 4 core id : 1 cpu cores : 2 apicid : 3 initial apicid : 3 fdiv_bug: no f00f_bug: no coma_bug: no fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx rdtscp lm constant_tsc arch_perfmon pebs bts xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer xsave avx f16c lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms bogomips: 3791.39 clflush size: 64 cache_alignment : 64 address sizes : 36 bits physical, 48 bits virtual power management: # cat /proc/meminfo MemTotal:
[Qemu-devel] [PULL 5/5] docs: document missing VSERPORT_CHANGE event
From: Eric Blake
The VSERPORT_CHANGE event was added in e2ae6159. The patch for
this event was prepared at a time when this file was gone, even
though it got applied immediately after dfab4892 restored this
file. Duplicate the documentation into this file, so that
anyone using this file instead of qapi will not miss out on this
new event.
* docs/qmp/qmp-events.txt (VSERPORT_CHANGE): Add.
Signed-off-by: Eric Blake
Reviewed-by: Markus Armbruster
Reviewed-by: Wenchao Xia
Signed-off-by: Luiz Capitulino
---
docs/qmp/qmp-events.txt | 16
1 file changed, 16 insertions(+)
diff --git a/docs/qmp/qmp-events.txt b/docs/qmp/qmp-events.txt
index 9d7439e..d759d19 100644
--- a/docs/qmp/qmp-events.txt
+++ b/docs/qmp/qmp-events.txt
@@ -579,6 +579,22 @@ Example:
"host": "127.0.0.1", "sasl_username": "luiz" } },
"timestamp": { "seconds": 1263475302, "microseconds": 150772 } }
+VSERPORT_CHANGE
+---
+
+Emitted when the guest opens or closes a virtio-serial port.
+
+Data:
+
+- "id": device identifier of the virtio-serial port (json-string)
+- "open": true if the guest has opened the virtio-serial port (json-bool)
+
+Example:
+
+{ "event": "VSERPORT_CHANGE",
+"data": { "id": "channel0", "open": true },
+"timestamp": { "seconds": 1401385907, "microseconds": 422329 } }
+
WAKEUP
--
--
1.9.3
[Qemu-devel] [PULL 2/5] docs: split SPICE_* event docs
From: Eric Blake
For consistency with the rest of this file, every event should be
listed in isolation. Compare how commit 7cfadb6b split
SPICE_CONNECTED and SPICE_DISCONNECTED into separate qmp events.
* docs/qmp/qmp-events.txt (SPICE_CONNECTED, SPICE_DISCONNECTED):
Split.
Signed-off-by: Eric Blake
Reviewed-by: Markus Armbruster
Reviewed-by: Wenchao Xia
Signed-off-by: Luiz Capitulino
---
docs/qmp/qmp-events.txt | 31 ---
1 file changed, 28 insertions(+), 3 deletions(-)
diff --git a/docs/qmp/qmp-events.txt b/docs/qmp/qmp-events.txt
index 524eadf..9b7ee7c 100644
--- a/docs/qmp/qmp-events.txt
+++ b/docs/qmp/qmp-events.txt
@@ -337,10 +337,10 @@ Example:
Note: If the command-line option "-no-shutdown" has been specified, a STOP
event will eventually follow the SHUTDOWN event.
-SPICE_CONNECTED, SPICE_DISCONNECTED
+SPICE_CONNECTED
+---
-Emitted when a SPICE client connects or disconnects.
+Emitted when a SPICE client connects.
Data:
@@ -362,6 +362,31 @@ Example:
"client": {"port": "52873", "family": "ipv4", "host": "127.0.0.1"}
}}
+SPICE_DISCONNECTED
+--
+
+Emitted when a SPICE client disconnects.
+
+Data:
+
+- "server": Server information (json-object)
+ - "host": IP address (json-string)
+ - "port": port number (json-string)
+ - "family": address family (json-string, "ipv4" or "ipv6")
+- "client": Client information (json-object)
+ - "host": IP address (json-string)
+ - "port": port number (json-string)
+ - "family": address family (json-string, "ipv4" or "ipv6")
+
+Example:
+
+{ "timestamp": {"seconds": 1290688046, "microseconds": 388707},
+ "event": "SPICE_DISCONNECTED",
+ "data": {
+"server": { "port": "5920", "family": "ipv4", "host": "127.0.0.1"},
+"client": {"port": "52873", "family": "ipv4", "host": "127.0.0.1"}
+}}
+
SPICE_INITIALIZED
-
--
1.9.3
[Qemu-devel] [PULL 4/5] docs: document missing POWERDOWN event
From: Eric Blake
The POWERDOWN event was first documented in 0aab9ec3. But since
dfab4892 later restored this file to the state prior to qmp events,
and we never documented it in the past, anyone using this file
instead of qapi will miss out on this event. Tweak the existing
wording of SHUTDOWN to match 84321831, and make the difference
between the two events apparent.
* docs/qmp/qmp-events.txt (POWERDOWN): Add.
(SHUTDOWN): Tweak.
Signed-off-by: Eric Blake
Reviewed-by: Markus Armbruster
Reviewed-by: Wenchao Xia
Signed-off-by: Luiz Capitulino
---
docs/qmp/qmp-events.txt | 16 +++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/docs/qmp/qmp-events.txt b/docs/qmp/qmp-events.txt
index 22d552f..9d7439e 100644
--- a/docs/qmp/qmp-events.txt
+++ b/docs/qmp/qmp-events.txt
@@ -243,6 +243,19 @@ Data:
"timestamp": { "seconds": 1368697518, "microseconds": 326866 } }
}
+POWERDOWN
+-
+
+Emitted when the Virtual Machine is powered down through the power
+control system, such as via ACPI.
+
+Data: None.
+
+Example:
+
+{ "event": "POWERDOWN",
+"timestamp": { "seconds": 1267040730, "microseconds": 682951 } }
+
QUORUM_FAILURE
--
@@ -325,7 +338,8 @@ Example:
SHUTDOWN
-Emitted when the Virtual Machine is powered down.
+Emitted when the Virtual Machine has shut down, indicating that qemu
+is about to exit.
Data: None.
--
1.9.3
[Qemu-devel] [PULL 3/5] docs: document missing SPICE_MIGRATE_COMPLETED event
From: Eric Blake
The SPICE_MIGRATE_COMPLETED event was first documented in
7cfadb6b. But since dfab4892 later restored this file to the
state prior to qmp events, and we never documented it in the
past, anyone using this file instead of qapi will miss out on
this event.
* docs/qmp/qmp-events.txt (SPICE_MIGRATE_COMPLETED): Add.
Signed-off-by: Eric Blake
Reviewed-by: Markus Armbruster
Reviewed-by: Wenchao Xia
Signed-off-by: Luiz Capitulino
---
docs/qmp/qmp-events.txt | 13 +
1 file changed, 13 insertions(+)
diff --git a/docs/qmp/qmp-events.txt b/docs/qmp/qmp-events.txt
index 9b7ee7c..22d552f 100644
--- a/docs/qmp/qmp-events.txt
+++ b/docs/qmp/qmp-events.txt
@@ -424,6 +424,19 @@ Example:
"channel-id": 0, "tls": true}
}}
+SPICE_MIGRATE_COMPLETED
+---
+
+Emitted when SPICE migration has completed
+
+Data: None.
+
+Example:
+
+{ "timestamp": {"seconds": 1290688046, "microseconds": 417172},
+ "event": "SPICE_MIGRATE_COMPLETED" }
+
+
STOP
--
1.9.3
[Qemu-devel] [PULL for-2.1 0/5] QMP queue
Doc fixes, zero regression risk for code. The following changes since commit a537d373b9f330853006ceb18d5891541b9e4030: Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20140723-1' into staging (2014-07-24 12:49:54 +0100) are available in the git repository at: git://repo.or.cz/qemu/qmp-unstable.git queue/qmp for you to fetch changes up to 032baddea36330384b3654fcbfafa74cc815471c: docs: document missing VSERPORT_CHANGE event (2014-07-24 10:00:33 -0400) Eric Blake (5): docs: grammar fixes to qmp-events docs: split SPICE_* event docs docs: document missing SPICE_MIGRATE_COMPLETED event docs: document missing POWERDOWN event docs: document missing VSERPORT_CHANGE event docs/qmp/qmp-events.txt | 80 + 1 file changed, 74 insertions(+), 6 deletions(-)
[Qemu-devel] [PULL 1/5] docs: grammar fixes to qmp-events
From: Eric Blake When converting to qmp events, commits 7cfadb6b and a6330785 fixed some grammar as part of moving text between files. But since dfab4892 later restored this file to the state prior to qmp events, we have to do it again. * docs/qmp/qmp-events.txt (RESET, SPICE_INITIALIZED): Tweak. Signed-off-by: Eric Blake Reviewed-by: Markus Armbruster Reviewed-by: Wenchao Xia Signed-off-by: Luiz Capitulino --- docs/qmp/qmp-events.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/qmp/qmp-events.txt b/docs/qmp/qmp-events.txt index 4a6c2a2..524eadf 100644 --- a/docs/qmp/qmp-events.txt +++ b/docs/qmp/qmp-events.txt @@ -285,7 +285,7 @@ Example: RESET - -Emitted when the Virtual Machine is reseted. +Emitted when the Virtual Machine is reset. Data: None. @@ -366,7 +366,7 @@ SPICE_INITIALIZED - Emitted after initial handshake and authentication takes place (if any) -and the SPICE channel is up'n'running +and the SPICE channel is up and running Data: -- 1.9.3
Re: [Qemu-devel] [PULL for-2.1 0/2] vnc: fix two vnc update issues.
On 24 July 2014 15:10, Gerd Hoffmann wrote: > Hi, > >> > So are these *really* release critical bugs, if they've been >> > only found in code review? We're really close to release now >> > and so my preference is not to include changes unless they're >> > really necessary... >> >> These are fixing openQA breakage (os-autoinst), > > In more detail: > [snip] Thanks for the clarification; these do seem worth putting in 2.1. I'll need to get you to respin with the missing signed-off-by that Andreas pointed out, though. -- PMM
Re: [Qemu-devel] [PATCH 2/2] pc: hack for migration compatibility from QEMU 2.0
Il 24/07/2014 10:59, Igor Mammedov ha scritto:
> On Wed, 23 Jul 2014 18:37:46 +0200
> Paolo Bonzini wrote:
>
>> Changing the ACPI table size causes migration to break, and the memory
>> hotplug work opened our eyes on how horribly we were breaking things in
>> 2.0 already.
>>
>> The ACPI table size is rounded to the next 4k, which one would think
>> gives some headroom. In practice this is not the case, because the user
>> can control the ACPI table size (each CPU adds 105 bytes) and so some
>> "-smp" values will break the 4k boundary and fail to migrate. Similarly,
>> PCI bridges add ~1870 bytes to the SSDT.
>>
>> To fix this, hard-code 64k as the maximum ACPI table size, which
>> (despite being an order of magnitude smaller than 640k) should be enough
>> for everyone.
>>
>> To fix migration from QEMU 2.0, compute the payload size of QEMU 2.0
>> and always use that one. The previous patch shrunk the ACPI tables
>> enough that the QEMU 2.0 size should always be enough.
>>
>> Non-AML tables can change depending on the configuration (especially
>> MADT, SRAT, HPET) but they remain the same between QEMU 2.0 and 2.1,
>> so we only compute our padding based on the sizes of the SSDT and DSDT.
>>
>> Migration from QEMU 1.7 should work for guests that have a number of CPUs
>> other than 12, 13, 14, 54, 55, 56, 97, 98, 139, 140, and that have no
>> PCI bridges. It was already broken from QEMU 1.7 to QEMU 2.0 in the
>> same way, though.
>>
>> Signed-off-by: Paolo Bonzini
>> ---
>> hw/i386/acpi-build.c | 61
>>
>> hw/i386/pc_piix.c| 20 +
>> hw/i386/pc_q35.c | 5 +
>> include/hw/i386/pc.h | 1 +
>> 4 files changed, 83 insertions(+), 4 deletions(-)
>>
>> diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
>> index ebc5f03..7373d93 100644
>> --- a/hw/i386/acpi-build.c
>> +++ b/hw/i386/acpi-build.c
>> @@ -25,7 +25,9 @@
>> #include
>> #include "qemu-common.h"
>> #include "qemu/bitmap.h"
>> +#include "qemu/osdep.h"
>> #include "qemu/range.h"
>> +#include "qemu/error-report.h"
>> #include "hw/pci/pci.h"
>> #include "qom/cpu.h"
>> #include "hw/i386/pc.h"
>> @@ -87,6 +89,8 @@ typedef struct AcpiBuildPciBusHotplugState {
>> struct AcpiBuildPciBusHotplugState *parent;
>> } AcpiBuildPciBusHotplugState;
>>
>> +unsigned bsel_alloc;
>> +
>> static void acpi_get_dsdt(AcpiMiscInfo *info)
>> {
>> uint16_t *applesmc_sta;
>> @@ -759,8 +763,8 @@ static void *acpi_set_bsel(PCIBus *bus, void *opaque)
>> static void acpi_set_pci_info(void)
>> {
>> PCIBus *bus = find_i440fx(); /* TODO: Q35 support */
>> -unsigned bsel_alloc = 0;
>>
>> +assert(bsel_alloc == 0);
>> if (bus) {
>> /* Scan all PCI buses. Set property to enable acpi based hotplug. */
>> pci_for_each_bus_depth_first(bus, acpi_set_bsel, NULL, &bsel_alloc);
>> @@ -1440,13 +1444,14 @@ static
>> void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables *tables)
>> {
>> GArray *table_offsets;
>> -unsigned facs, dsdt, rsdt;
>> +unsigned facs, ssdt, dsdt, rsdt;
>> AcpiCpuInfo cpu;
>> AcpiPmInfo pm;
>> AcpiMiscInfo misc;
>> AcpiMcfgInfo mcfg;
>> PcPciInfo pci;
>> uint8_t *u;
>> +size_t aml_len = 0;
>>
>> acpi_get_cpu_info(&cpu);
>> acpi_get_pm_info(&pm);
>> @@ -1474,13 +1479,20 @@ void acpi_build(PcGuestInfo *guest_info,
>> AcpiBuildTables *tables)
>> dsdt = tables->table_data->len;
>> build_dsdt(tables->table_data, tables->linker, &misc);
>>
>> +/* Count the size of the DSDT and SSDT, we will need it for legacy
>> + * sizing of ACPI tables.
>> + */
>> +aml_len += tables->table_data->len - dsdt;
>> +
>> /* ACPI tables pointed to by RSDT */
>> acpi_add_table(table_offsets, tables->table_data);
>> build_fadt(tables->table_data, tables->linker, &pm, facs, dsdt);
>>
>> +ssdt = tables->table_data->len;
>> acpi_add_table(table_offsets, tables->table_data);
>> build_ssdt(tables->table_data, tables->linker, &cpu, &pm, &misc, &pci,
>> guest_info);
>> +aml_len += tables->table_data->len - ssdt;
>>
>> acpi_add_table(table_offsets, tables->table_data);
>> build_madt(tables->table_data, tables->linker, &cpu, guest_info);
>> @@ -1513,12 +1525,53 @@ void acpi_build(PcGuestInfo *guest_info,
>> AcpiBuildTables *tables)
>> /* RSDP is in FSEG memory, so allocate it separately */
>> build_rsdp(tables->rsdp, tables->linker, rsdt);
>>
>> -/* We'll expose it all to Guest so align size to reduce
>> +/* We'll expose it all to Guest so we want to reduce
>> * chance of size changes.
>> * RSDP is small so it's easy to keep it immutable, no need to
>> * bother with alignment.
>> + *
>> + * We used to align the tables to 4k, but of course this would
>> + * too simple to be enough. 4k turned out to be too small an
>> + * alignment very soon, and in fact it i
[Qemu-devel] [PATCH v2 for-2.1 0/2] pc: fix /etc/acpi/tables size in fw_cfg for -M pc-i440fx-2.0
Addressing Laszlo and Igor's review points. Testing would be appreciated. :) Paolo Paolo Bonzini (2): acpi-dsdt: procedurally generate _PRT pc: hack for migration compatibility from QEMU 2.0 hw/i386/acpi-build.c| 71 +- hw/i386/acpi-dsdt.dsl | 90 +- hw/i386/acpi-dsdt.hex.generated | 1910 +++ hw/i386/pc_piix.c | 19 + hw/i386/pc_q35.c|5 + include/hw/i386/pc.h|1 + 6 files changed, 240 insertions(+), 1856 deletions(-) -- 1.8.3.1
[Qemu-devel] [PATCH v2 for-2.1 2/2] pc: hack for migration compatibility from QEMU 2.0
Changing the ACPI table size causes migration to break, and the memory
hotplug work opened our eyes on how horribly we were breaking things in
2.0 already.
The ACPI table size is rounded to the next 4k, which one would think
gives some headroom. In practice this is not the case, because the user
can control the ACPI table size (each CPU adds 97 bytes to the SSDT and
8 to the MADT) and so some "-smp" values will break the 4k boundary and
fail to migrate. Similarly, PCI bridges add ~1870 bytes to the SSDT.
To fix this, hard-code 64k as the maximum ACPI table size, which
(despite being an order of magnitude smaller than 640k) should be enough
for everyone.
To fix migration from QEMU 2.0, compute the payload size of QEMU 2.0
and always use that one. The previous patch shrunk the ACPI tables
enough that the QEMU 2.0 size should always be enough.
Migration from QEMU 1.7 should work for guests that have a number of CPUs
other than 12, 13, 14, 54, 55, 56, 97, 98, 139, 140. It was already
broken from QEMU 1.7 to QEMU 2.0 in the same way, though.
Even with this patch, QEMU 1.7 and 2.0 have two different ideas of
"-M pc-i440fx-2.0" when there are PCI bridges. Igor sent a patch to
adopt the QEMU 1.7 definition. I think distributions should apply
it if they move directly from QEMU 1.7 to 2.1+ without ever packaging
version 2.0.
Signed-off-by: Paolo Bonzini
---
replace magic constants with #defines [Igor]
remove stray line from comment [Laszlo]
hw/i386/acpi-build.c | 71 +---
hw/i386/pc_piix.c| 19 ++
hw/i386/pc_q35.c | 5
include/hw/i386/pc.h | 1 +
4 files changed, 92 insertions(+), 4 deletions(-)
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index ebc5f03..26d8dfa 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -25,7 +25,9 @@
#include
#include "qemu-common.h"
#include "qemu/bitmap.h"
+#include "qemu/osdep.h"
#include "qemu/range.h"
+#include "qemu/error-report.h"
#include "hw/pci/pci.h"
#include "qom/cpu.h"
#include "hw/i386/pc.h"
@@ -52,6 +54,16 @@
#include "qapi/qmp/qint.h"
#include "qom/qom-qobject.h"
+/* These are used to size the ACPI tables for -M pc-i440fx-1.7 and
+ * -M pc-i440fx-2.0. Even if the actual amount of AML generated grows
+ * a little bit, there should be plenty of free space since the DSDT
+ * shrunk by ~1.5k between QEMU 2.0 and QEMU 2.1.
+ */
+#define ACPI_BUILD_CPU_AML_SIZE97
+#define ACPI_BUILD_BRIDGE_AML_SIZE 1875
+
+#define ACPI_BUILD_TABLE_SIZE 0x1
+
typedef struct AcpiCpuInfo {
DECLARE_BITMAP(found_cpus, ACPI_CPU_HOTPLUG_ID_LIMIT);
} AcpiCpuInfo;
@@ -87,6 +99,8 @@ typedef struct AcpiBuildPciBusHotplugState {
struct AcpiBuildPciBusHotplugState *parent;
} AcpiBuildPciBusHotplugState;
+unsigned bsel_alloc;
+
static void acpi_get_dsdt(AcpiMiscInfo *info)
{
uint16_t *applesmc_sta;
@@ -759,8 +773,8 @@ static void *acpi_set_bsel(PCIBus *bus, void *opaque)
static void acpi_set_pci_info(void)
{
PCIBus *bus = find_i440fx(); /* TODO: Q35 support */
-unsigned bsel_alloc = 0;
+assert(bsel_alloc == 0);
if (bus) {
/* Scan all PCI buses. Set property to enable acpi based hotplug. */
pci_for_each_bus_depth_first(bus, acpi_set_bsel, NULL, &bsel_alloc);
@@ -1440,13 +1454,14 @@ static
void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables *tables)
{
GArray *table_offsets;
-unsigned facs, dsdt, rsdt;
+unsigned facs, ssdt, dsdt, rsdt;
AcpiCpuInfo cpu;
AcpiPmInfo pm;
AcpiMiscInfo misc;
AcpiMcfgInfo mcfg;
PcPciInfo pci;
uint8_t *u;
+size_t aml_len = 0;
acpi_get_cpu_info(&cpu);
acpi_get_pm_info(&pm);
@@ -1474,13 +1489,20 @@ void acpi_build(PcGuestInfo *guest_info,
AcpiBuildTables *tables)
dsdt = tables->table_data->len;
build_dsdt(tables->table_data, tables->linker, &misc);
+/* Count the size of the DSDT and SSDT, we will need it for legacy
+ * sizing of ACPI tables.
+ */
+aml_len += tables->table_data->len - dsdt;
+
/* ACPI tables pointed to by RSDT */
acpi_add_table(table_offsets, tables->table_data);
build_fadt(tables->table_data, tables->linker, &pm, facs, dsdt);
+ssdt = tables->table_data->len;
acpi_add_table(table_offsets, tables->table_data);
build_ssdt(tables->table_data, tables->linker, &cpu, &pm, &misc, &pci,
guest_info);
+aml_len += tables->table_data->len - ssdt;
acpi_add_table(table_offsets, tables->table_data);
build_madt(tables->table_data, tables->linker, &cpu, guest_info);
@@ -1513,12 +1535,53 @@ void acpi_build(PcGuestInfo *guest_info,
AcpiBuildTables *tables)
/* RSDP is in FSEG memory, so allocate it separately */
build_rsdp(tables->rsdp, tables->linker, rsdt);
-/* We'll expose it all to Guest so align size to reduce
+/* We'll expose it all to Guest so we want to reduce
* chance of size changes.
[Qemu-devel] [PATCH v2 for-2.1 1/2] acpi-dsdt: procedurally generate _PRT
This replaces the _PRT constant with a method that computes it.
The problem is that the DSDT+SSDT have grown from 2.0 to 2.1,
enough to cross the 8k barrier (we align the ACPI tables to 4k
before putting them in fw_cfg). This causes problems with
migration and the pc-i440fx-2.0 machine type.
The solution to the problem is to hardcode 64k as the limit,
but this doesn't solve the bug with pc-i440fx-2.0. The fix will be
for QEMU 2.1 to use exactly the same size as QEMU 2.0 for the
ACPI tables. First, however, we must make the actual AML
equal or smaller; to do this, rewrite _PRT in a way that saves
over 1k of bytecode.
Signed-off-by: Paolo Bonzini
---
include cpi-dsdt.hex.generated [Igor]
hw/i386/acpi-dsdt.dsl | 90 +-
hw/i386/acpi-dsdt.hex.generated | 1910 +++
2 files changed, 148 insertions(+), 1852 deletions(-)
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index 3cc0ea0..6ba0170 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -181,57 +181,45 @@ DefinitionBlock (
Scope(\_SB) {
Scope(PCI0) {
-Name(_PRT, Package() {
-/* PCI IRQ routing table, example from ACPI 2.0a specification,
- section 6.2.8.1 */
-/* Note: we provide the same info as the PCI routing
- table of the Bochs BIOS */
-
-#define prt_slot(nr, lnk0, lnk1, lnk2, lnk3) \
-Package() { nr##, 0, lnk0, 0 }, \
-Package() { nr##, 1, lnk1, 0 }, \
-Package() { nr##, 2, lnk2, 0 }, \
-Package() { nr##, 3, lnk3, 0 }
-
-#define prt_slot0(nr) prt_slot(nr, LNKD, LNKA, LNKB, LNKC)
-#define prt_slot1(nr) prt_slot(nr, LNKA, LNKB, LNKC, LNKD)
-#define prt_slot2(nr) prt_slot(nr, LNKB, LNKC, LNKD, LNKA)
-#define prt_slot3(nr) prt_slot(nr, LNKC, LNKD, LNKA, LNKB)
-
-prt_slot0(0x),
-/* Device 1 is power mgmt device, and can only use irq 9 */
-prt_slot(0x0001, LNKS, LNKB, LNKC, LNKD),
-prt_slot2(0x0002),
-prt_slot3(0x0003),
-prt_slot0(0x0004),
-prt_slot1(0x0005),
-prt_slot2(0x0006),
-prt_slot3(0x0007),
-prt_slot0(0x0008),
-prt_slot1(0x0009),
-prt_slot2(0x000a),
-prt_slot3(0x000b),
-prt_slot0(0x000c),
-prt_slot1(0x000d),
-prt_slot2(0x000e),
-prt_slot3(0x000f),
-prt_slot0(0x0010),
-prt_slot1(0x0011),
-prt_slot2(0x0012),
-prt_slot3(0x0013),
-prt_slot0(0x0014),
-prt_slot1(0x0015),
-prt_slot2(0x0016),
-prt_slot3(0x0017),
-prt_slot0(0x0018),
-prt_slot1(0x0019),
-prt_slot2(0x001a),
-prt_slot3(0x001b),
-prt_slot0(0x001c),
-prt_slot1(0x001d),
-prt_slot2(0x001e),
-prt_slot3(0x001f),
-})
+Method (_PRT, 0) {
+Store(Package(128) {}, Local0)
+Store(Zero, Local1)
+While(LLess(Local1, 128)) {
+// slot = pin >> 2
+Store(ShiftRight(Local1, 2), Local2)
+
+// lnk = (slot + pin) & 3
+Store(And(Add(Local1, Local2), 3), Local3)
+If (LEqual(Local3, 0)) {
+Store(Package(4) { Zero, Zero, LNKD, Zero }, Local4)
+}
+If (LEqual(Local3, 1)) {
+// device 1 is the power-management device, needs SCI
+If (LEqual(Local1, 4)) {
+Store(Package(4) { Zero, Zero, LNKS, Zero },
Local4)
+} Else {
+Store(Package(4) { Zero, Zero, LNKA, Zero },
Local4)
+}
+}
+If (LEqual(Local3, 2)) {
+Store(Package(4) { Zero, Zero, LNKB, Zero }, Local4)
+}
+If (LEqual(Local3, 3)) {
+Store(Package(4) { Zero, Zero, LNKC, Zero }, Local4)
+}
+
+// Complete the interrupt routing entry:
+//Package(4) { 0x[slot], [pin], [link], 0) }
+
+Store(Or(ShiftLeft(Local2, 16), 0x), Index(Local4, 0))
+Store(And(Local1, 3),Index(Local4, 1))
+Store(Local4,Index(Local0,
Local1))
+
+Increment(Local1)
+}
+
+Return(Local0)
+}
}
Field(PCI0.ISA.P40C, ByteAcc, NoLock, Preserve) {
diff --git a/hw/i386/acpi-dsdt.hex.generated b/hw/i386/acpi-dsdt.hex.g
Re: [Qemu-devel] [PATCH 2.1] PPC: KVM: Fix g3beige and mac99 when HV is loaded
Il 24/07/2014 16:13, Alexander Graf ha scritto: > > On 24.07.14 16:11, Paolo Bonzini wrote: >> Il 24/07/2014 15:54, Alexander Graf ha scritto: Why should anything except pseries ever use HV KVM? >>> Because there are no other Book3S machines :). And for BookE we don't >>> implement kvm_type != 0 because we only support either PR or HV >>> depending on the host platform. >> Yeah, what I meant was (in a rather Socratic way): why should the >> default for kvm_type == NULL be anything but PR? > > I would prefer to keep the BookE machines on kvm_type = 0. Saying "give > me whatever you can" makes a lot more sense there. Got the answer on IRC: (16:18:18) bonzini: agraf: do g3beige and mac99 run on booke PR kvm? (16:33:51) agraf: bonzini: nope - booke only virtualizes booke Paolo
Re: [Qemu-devel] [PATCH 0/2] pc: fix /etc/acpi/tables size in fw_cfg for -M pc-2.0
On Wed, 23 Jul 2014 18:37:44 +0200 Paolo Bonzini wrote: > Changing the ACPI table size causes migration to break, and the memory > hotplug work opened our eyes on how horribly we were breaking things in > 2.0 already. > > Unfortunately when reviewing the design I assumed incorrectly that all > tables would be placed in separate fw_cfg files. This would have been > better, because you can always move stuff to a new SSDT (and thus a new > file), keeping the sizes under control. > > Hard-code 64k as the maximum ACPI table size; for -M pc-i440fx-2.0 > and -M pc-i440fx-1.7 compute the payload size of QEMU 2.0 and always > use that one. This works always for QEMU 2.0, and also for 1.7 > except for a few values of "-smp maxcpus". > > The first patch is needed to shrink the ACPI tables and make them > smaller than they used to be in 2.0. > > Please test and ack. I'll do more testing tomorrow. > > Paolo > > > Paolo Bonzini (2): > acpi-dsdt: procedurally generate _PRT > pc: hack for migration compatibility from QEMU 2.0 > > hw/i386/acpi-build.c | 61 +++--- > hw/i386/acpi-dsdt.dsl | 90 > ++- > hw/i386/pc_piix.c | 20 > hw/i386/pc_q35.c | 5 +++ > include/hw/i386/pc.h | 1 + > 5 files changed, 122 insertions(+), 55 deletions(-) > Aside of my cosmetic comments per-patch, I've tested series with booting guest in QEMU 1.7, migrating to QEMU 2.1 and rebooting guest there with WS2003Ex64, WS2008DCx32, WS2012DCx64, WS2012RC2x64 guest OSes, so on respin you can use my: Tested-by: Igor Mammedov
Re: [Qemu-devel] [PATCH for-2.1] qemu-char: ignore flow control if a PTY's slave is not connected
On 24.7.2014 16:09, Paolo Bonzini wrote:
> After commit f702e62 (serial: change retry logic to avoid concurrency,
> 2014-07-11), guest boot hangs if the backend is an unconnected PTY.
>
> The reason is that PTYs do not support G_IO_HUP, and serial_xmit is
> never called. To fix this, simply invoke serial_xmit immediately
> (via g_idle_source_new) when this happens.
>
> Signed-off-by: Paolo Bonzini
> ---
> qemu-char.c | 6 +-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/qemu-char.c b/qemu-char.c
> index 7acc03f..64d3473 100644
> --- a/qemu-char.c
> +++ b/qemu-char.c
> @@ -1168,7 +1168,11 @@ static int pty_chr_write(CharDriverState *chr, const
> uint8_t *buf, int len)
> static GSource *pty_chr_add_watch(CharDriverState *chr, GIOCondition cond)
> {
> PtyCharDriver *s = chr->opaque;
> -return g_io_create_watch(s->fd, cond);
> +if (!s->connected) {
> +return g_idle_source_new();
> +} else {
> +return g_io_create_watch(s->fd, cond);
> +}
> }
>
> static int pty_chr_read_poll(void *opaque)
>
Sadly, it didn't fix the issue and a guest still don't boot up with
serial console.
Pavel
[Qemu-devel] [RFC PATCH 0/3] target-arm: Some fixes to page and TLB handling
Hi, While doing some performance analysis on aarch64 system emulation I noticed a fairly high utilisation of cpu_arm_exec and the related find next TB machinery. Peter pointed it this is probably not helped by that fact TARGET_PAGE_BITS was set to 10 (1k pages) which would imply less chaining of TBs than we should be able to get. However enabling TARGET_PAGE_BITS 12 managed to shake out a bunch of bugs in the TLB handing. With TARGET_PAGE_BITS finally set to twelve I saw a drop in the % time taken by cpu_arm_exec from 21.68% to 17.01% in my simple hand driven android benchmark. I think if we are ever going to improve on this further we need to consider alternative strategies to collecting, invalidating and chaining together Translation Blocks. I don't think this patch set is mergable as-is because we still include a bunch of 32 bit ARM boards in the aarch64-softmmu build which could be using an old enough ARM that has support for 1k page tables (and may even use them?). However review comments are welcome as well as any wider discussion on reducing the time spent jumping between TBs. Regards, Alex Bennée (3): target-arm: don't hardcode mask values in arm_cpu_handle_mmu_fault target-arm: A64: fix TLB flush instructions target-arm: A64: fix use 12 bit page tables for aarch64 target-arm/cpu.h| 13 ++--- target-arm/helper.c | 16 2 files changed, 22 insertions(+), 7 deletions(-) -- 2.0.2
[Qemu-devel] [PATCH 1/3] target-arm: don't hardcode mask values in arm_cpu_handle_mmu_fault
Otherwise we break quickly when we change TARGET_PAGE_SIZE.
Signed-off-by: Alex Bennée
diff --git a/target-arm/helper.c b/target-arm/helper.c
index a0e57cd..aa5d267 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -4029,8 +4029,8 @@ int arm_cpu_handle_mmu_fault(CPUState *cs, vaddr address,
&page_size);
if (ret == 0) {
/* Map a single [sub]page. */
-phys_addr &= ~(hwaddr)0x3ff;
-address &= ~(target_ulong)0x3ff;
+phys_addr &= TARGET_PAGE_MASK;
+address &= TARGET_PAGE_MASK;
tlb_set_page(cs, address, phys_addr, prot, mmu_idx, page_size);
return 0;
}
--
2.0.2
[Qemu-devel] [PATCH 2/3] target-arm: A64: fix TLB flush instructions
According to the ARM ARM we weren't correctly flushing the TLB entries
where bits 63:56 didn't match bit 55 of the virtual address. This
exposed a problem when we switched QEMU's internal TARGET_PAGE_BITS to
12 for aarch64.
Signed-off-by: Alex Bennée
diff --git a/target-arm/helper.c b/target-arm/helper.c
index aa5d267..b0d0411 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1766,12 +1766,19 @@ static CPAccessResult aa64_cacheop_access(CPUARMState
*env,
return CP_ACCESS_OK;
}
+/* See: D4.7.2 TLB maintenance requirements and the TLB maintenance
instructions
+ * Page D4-1736 (DDI0487A.b) "For TLB maintenance instructions that
+ * take an address, the maintenance of VA[63:56] is interpreted as
+ * being the same as the maintenance of VA[55]"
+ */
+
static void tlbi_aa64_va_write(CPUARMState *env, const ARMCPRegInfo *ri,
uint64_t value)
{
/* Invalidate by VA (AArch64 version) */
ARMCPU *cpu = arm_env_get_cpu(env);
-uint64_t pageaddr = value << 12;
+uint64_t pageaddr = sextract64(value << 12, 0, 56);
+
tlb_flush_page(CPU(cpu), pageaddr);
}
@@ -1780,7 +1787,8 @@ static void tlbi_aa64_vaa_write(CPUARMState *env, const
ARMCPRegInfo *ri,
{
/* Invalidate by VA, all ASIDs (AArch64 version) */
ARMCPU *cpu = arm_env_get_cpu(env);
-uint64_t pageaddr = value << 12;
+uint64_t pageaddr = sextract64(value << 12, 0, 56);
+
tlb_flush_page(CPU(cpu), pageaddr);
}
--
2.0.2
[Qemu-devel] [PATCH 3/3] target-arm: A64: fix use 12 bit page tables for aarch64
The aarch64 architecture only support 4k+ pages so using a smaller value for QEMU's internal page table handling only makes us less efficient. Signed-off-by: Alex Bennée diff --git a/target-arm/cpu.h b/target-arm/cpu.h index c83f249..33359b9 100644 --- a/target-arm/cpu.h +++ b/target-arm/cpu.h @@ -1051,11 +1051,18 @@ bool write_cpustate_to_list(ARMCPU *cpu); #if defined(CONFIG_USER_ONLY) #define TARGET_PAGE_BITS 12 #else -/* The ARM MMU allows 1k pages. */ -/* ??? Linux doesn't actually use these, and they're deprecated in recent - architecture revisions. Maybe a configure option to disable them. */ +#if defined(TARGET_AARCH64) +/* You can't configure 1k pages on aarch64 hardware */ +#define TARGET_PAGE_BITS 12 +#else +/* The ARM MMU allows 1k pages - although they are not used by Linux + * FIXME?: they're deprecated in recent architecture revisions and + * this does create a performance hit. Maybe a configure option to + * disable them? + */ #define TARGET_PAGE_BITS 10 #endif +#endif #if defined(TARGET_AARCH64) # define TARGET_PHYS_ADDR_SPACE_BITS 48 -- 2.0.2
[Qemu-devel] [PATCH for-2.1 v2] qemu-char: ignore flow control if a PTY's slave is not connected
After commit f702e62 (serial: change retry logic to avoid concurrency,
2014-07-11), guest boot hangs if the backend is an unconnected PTY.
The reason is that PTYs do not support G_IO_HUP, and serial_xmit is
never called. To fix this, simply invoke serial_xmit immediately
(via g_idle_source_new) when this happens.
Tested-by: Pavel Hrdina
Signed-off-by: Paolo Bonzini
---
qemu-char.c | 7 +++
1 file changed, 7 insertions(+)
diff --git a/qemu-char.c b/qemu-char.c
index 7acc03f..956be49 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -1168,6 +1168,9 @@ static int pty_chr_write(CharDriverState *chr, const
uint8_t *buf, int len)
static GSource *pty_chr_add_watch(CharDriverState *chr, GIOCondition cond)
{
PtyCharDriver *s = chr->opaque;
+if (!s->connected) {
+return NULL;
+}
return g_io_create_watch(s->fd, cond);
}
@@ -3664,6 +3667,10 @@ int qemu_chr_fe_add_watch(CharDriverState *s,
GIOCondition cond,
}
src = s->chr_add_watch(s, cond);
+if (!src) {
+return -EINVAL;
+}
+
g_source_set_callback(src, (GSourceFunc)func, user_data, NULL);
tag = g_source_attach(src, NULL);
g_source_unref(src);
--
1.8.3.1
Re: [Qemu-devel] [PATCH 2/3] target-arm: A64: fix TLB flush instructions
On 24 July 2014 16:52, Alex Bennée wrote: > +/* See: D4.7.2 TLB maintenance requirements and the TLB maintenance > instructions > + * Page D4-1736 (DDI0487A.b) "For TLB maintenance instructions that > + * take an address, the maintenance of VA[63:56] is interpreted as > + * being the same as the maintenance of VA[55]" > + */ I'd rather we didn't quote this bit of the ARM ARM, because it's obviously mangled (I'm pretty sure it should say "the value of VA[..]"). Otherwise Reviewed-by: Peter Maydell thanks -- PMM
Re: [Qemu-devel] [PATCH 1/3] target-arm: don't hardcode mask values in arm_cpu_handle_mmu_fault
On 24 July 2014 16:52, Alex Bennée wrote:
> Otherwise we break quickly when we change TARGET_PAGE_SIZE.
>
> Signed-off-by: Alex Bennée
>
> diff --git a/target-arm/helper.c b/target-arm/helper.c
> index a0e57cd..aa5d267 100644
> --- a/target-arm/helper.c
> +++ b/target-arm/helper.c
> @@ -4029,8 +4029,8 @@ int arm_cpu_handle_mmu_fault(CPUState *cs, vaddr
> address,
> &page_size);
> if (ret == 0) {
> /* Map a single [sub]page. */
> -phys_addr &= ~(hwaddr)0x3ff;
> -address &= ~(target_ulong)0x3ff;
> +phys_addr &= TARGET_PAGE_MASK;
> +address &= TARGET_PAGE_MASK;
> tlb_set_page(cs, address, phys_addr, prot, mmu_idx, page_size);
> return 0;
> }
Reviewed-by: Peter Maydell
thanks
-- PMM
[Qemu-devel] [PATCH for-2.1] qemu-options: fix another allows-to for -net l2tpv3
Signed-off-by: Michael Tokarev
---
qemu-options.hx |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/qemu-options.hx b/qemu-options.hx
index 9e54686..1549625 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -1437,7 +1437,7 @@ DEF("net", HAS_ARG, QEMU_OPTION_net,
"-net
l2tpv3[,vlan=n][,name=str],src=srcaddr,dst=dstaddr[,srcport=srcport][,dstport=dstport],txsession=txsession[,rxsession=rxsession][,ipv6=on/off][,udp=on/off][,cookie64=on/off][,counter][,pincounter][,txcookie=txcookie][,rxcookie=rxcookie][,offset=offset]\n"
"connect the VLAN to an Ethernet over L2TPv3 pseudowire\n"
"Linux kernel 3.3+ as well as most routers can talk\n"
-"L2TPv3. This transport allows to connect a VM to a VM,\n"
+"L2TPv3. This transport allows connecting a VM to a VM,\n"
"VM to a router and even VM to Host. It is a
nearly-universal\n"
"standard (RFC3391). Note - this implementation uses
static\n"
"pre-configured tunnels (same as the Linux kernel).\n"
--
1.7.10.4
Re: [Qemu-devel] [PATCH 3/3] target-arm: A64: fix use 12 bit page tables for aarch64
On 24 July 2014 16:52, Alex Bennée wrote: > The aarch64 architecture only support 4k+ pages so using a smaller value > for QEMU's internal page table handling only makes us less efficient. > > Signed-off-by: Alex Bennée > > diff --git a/target-arm/cpu.h b/target-arm/cpu.h > index c83f249..33359b9 100644 > --- a/target-arm/cpu.h > +++ b/target-arm/cpu.h > @@ -1051,11 +1051,18 @@ bool write_cpustate_to_list(ARMCPU *cpu); > #if defined(CONFIG_USER_ONLY) > #define TARGET_PAGE_BITS 12 > #else > -/* The ARM MMU allows 1k pages. */ > -/* ??? Linux doesn't actually use these, and they're deprecated in recent > - architecture revisions. Maybe a configure option to disable them. */ > +#if defined(TARGET_AARCH64) > +/* You can't configure 1k pages on aarch64 hardware */ "AArch64" (here and in commit messages). Also, qemu-system-aarch64 still supports all the 32 bit CPUs, including the ARMv5 ones (v5 is the last revision that supported 1K pages). So we'd have to at least remove those CPUs from the TARGET_AARCH64 system emulator compilation, if we can't come up with anything cleverer. thanks -- PMM
Re: [Qemu-devel] [PATCH v2 for-2.1 1/2] acpi-dsdt: procedurally generate _PRT
On 07/24/14 16:32, Paolo Bonzini wrote: > This replaces the _PRT constant with a method that computes it. > > The problem is that the DSDT+SSDT have grown from 2.0 to 2.1, > enough to cross the 8k barrier (we align the ACPI tables to 4k > before putting them in fw_cfg). This causes problems with > migration and the pc-i440fx-2.0 machine type. > > The solution to the problem is to hardcode 64k as the limit, > but this doesn't solve the bug with pc-i440fx-2.0. The fix will be > for QEMU 2.1 to use exactly the same size as QEMU 2.0 for the > ACPI tables. First, however, we must make the actual AML > equal or smaller; to do this, rewrite _PRT in a way that saves > over 1k of bytecode. > > Signed-off-by: Paolo Bonzini > --- > include cpi-dsdt.hex.generated [Igor] > > hw/i386/acpi-dsdt.dsl | 90 +- > hw/i386/acpi-dsdt.hex.generated | 1910 > +++ > 2 files changed, 148 insertions(+), 1852 deletions(-) Compared with v1, v2 1/2 seems to reword the commit message a little bit, and add the generated file (requested by Igor, and mentioned by you anyway). Reviewed-by: Laszlo Ersek
Re: [Qemu-devel] [RFC PATCH 0/3] target-arm: Some fixes to page and TLB handling
On 24 July 2014 16:52, Alex Bennée wrote: > I don't think this patch set is mergable as-is because we still > include a bunch of 32 bit ARM boards in the aarch64-softmmu build > which could be using an old enough ARM that has support for 1k page > tables (and may even use them?). We can certainly merge patches 1 and 2, which are straight bugfixes. thanks -- PMM
Re: [Qemu-devel] [PULL for-2.1 0/5] QMP queue
On 24 July 2014 15:17, Luiz Capitulino wrote: > Doc fixes, zero regression risk for code. > > The following changes since commit a537d373b9f330853006ceb18d5891541b9e4030: > > Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20140723-1' into > staging (2014-07-24 12:49:54 +0100) > > are available in the git repository at: > > > git://repo.or.cz/qemu/qmp-unstable.git queue/qmp > > for you to fetch changes up to 032baddea36330384b3654fcbfafa74cc815471c: > > docs: document missing VSERPORT_CHANGE event (2014-07-24 10:00:33 -0400) > > > Eric Blake (5): > docs: grammar fixes to qmp-events > docs: split SPICE_* event docs > docs: document missing SPICE_MIGRATE_COMPLETED event > docs: document missing POWERDOWN event > docs: document missing VSERPORT_CHANGE event > > docs/qmp/qmp-events.txt | 80 > + > 1 file changed, 74 insertions(+), 6 deletions(-) Applied, thanks. -- PMM
Re: [Qemu-devel] KVM Forum 2014 Call for Participation (reminder)
The deadline is coming in three days! Paolo Il 16/06/2014 18:08, Paolo Bonzini ha scritto: > = > KVM Forum 2014: Call For Participation > October 14-16, 2014 - Congress Centre Düsseldorf - Düsseldorf, Germany > > (All submissions must be received before midnight July 27, 2014) > = > > KVM is an industry leading open source hypervisor that provides an ideal > platform for datacenter virtualization, virtual desktop infrastructure, > and cloud computing. Once again, it's time to bring together the > community of developers and users that define the KVM ecosystem for > our annual technical conference. We will discuss the current state of > affairs and plan for the future of KVM, its surrounding infrastructure, > and management tools. Mark your calendar and join us in advancing KVM. > http://events.linuxfoundation.org/events/kvm-forum/ > > Once again we are colocated with the Linux Foundation's LinuxCon Europe, > CloudOpen Europe, Embedded Linux Conference (ELC) Europe, and this year, > the > Linux Plumbers Conference. KVM Forum attendees will be able to attend > LinuxCon + CloudOpen + ELC for a discounted rate. > http://events.linuxfoundation.org/events/kvm-forum/attend/register > > We invite you to lead part of the discussion by submitting a speaking > proposal for KVM Forum 2014. > http://events.linuxfoundation.org/cfp > > Suggested topics: > > KVM/Kernel > - Scaling and optimizations > - Nested virtualization > - Linux kernel performance improvements > - Resource management (CPU, I/O, memory) > - Hardening and security > - VFIO: SR-IOV, GPU, platform device assignment > - Architecture ports > > QEMU > - Management interfaces: QOM and QMP > - New devices, new boards, new architectures > - Scaling and optimizations > - Desktop virtualization and SPICE > - Virtual GPU > - virtio and vhost, including non-Linux or non-virtualized uses > - Hardening and security > - New storage features > - Live migration and fault tolerance > - High availability and continuous backup > - Real-time guest support > - Emulation and TCG > - Firmware: ACPI, UEFI, coreboot, u-Boot, etc. > - Testing > > Management and infrastructure > - Managing KVM: Libvirt, OpenStack, oVirt, etc. > - Storage: glusterfs, Ceph, etc. > - Software defined networking: Open vSwitch, OpenDaylight, etc. > - Network Function Virtualization > - Security > - Provisioning > - Performance tuning > > > === > SUBMITTING YOUR PROPOSAL > === > Abstracts due: July 27, 2014 > > Please submit a short abstract (~150 words) describing your presentation > proposal. Slots vary in length up to 45 minutes. Also include in your > proposal > the proposal type -- one of: > - technical talk > - end-user talk > > Submit your proposal here: > http://events.linuxfoundation.org/cfp > Please only use the categories "presentation" and "panel discussion" > > You will receive a notification whether or not your presentation proposal > was accepted by Aug 20th. > > Speakers will receive a complimentary pass for the event. In the instance > that your submission has multiple presenters, only the primary speaker > for a > proposal will receive a complementary event pass. For panel discussions, > all > panelists will receive a complimentary event pass. > > TECHNICAL TALKS > > A good technical talk should not just report on what has happened over > the last year; it should present a concrete problem and how it impacts > the user and/or developer community. Whenever applicable, it should > focus on the work that needs to be done or the difficulties that haven't > yet > been solved. Summarizing recent developments is okay but it should > not be more than a small portion of the overall talk. > > END-USER TALKS > > One of the big challenges as developers is to know what, where and how > people actually use our software. We will reserve a few slots for end > users talking about their deployment challenges and achievements. > > If you are using KVM in production you are encouraged submit a speaking > proposal. Simply mark it as an end-user talk. As an end user, this is a > unique opportunity to get your input to developers. > > HANDS-ON / BOF SESSIONS > > We will reserve some time for people to get together and discuss > strategic decisions as well as other topics that are best solved within > smaller groups. This time can also be used for hands-on hacking > sessions if you have concrete code problems to solve. > > These sessions will be announced during the event. If you are interested > in organizing such a session, please add it to the list at > > http://www.linux-kvm.org/page/KVM_Forum_2014_BOF > > Let people you think might be interested know about it, and encourage > them to add their names to the wiki page as well. Please try to > add your ideas to the list before KVM Forum star
Re: [Qemu-devel] [PATCH v2 for-2.1 2/2] pc: hack for migration compatibility from QEMU 2.0
On 07/24/14 16:32, Paolo Bonzini wrote: > Changing the ACPI table size causes migration to break, and the memory > hotplug work opened our eyes on how horribly we were breaking things in > 2.0 already. > > The ACPI table size is rounded to the next 4k, which one would think > gives some headroom. In practice this is not the case, because the user > can control the ACPI table size (each CPU adds 97 bytes to the SSDT and > 8 to the MADT) and so some "-smp" values will break the 4k boundary and > fail to migrate. Similarly, PCI bridges add ~1870 bytes to the SSDT. > > To fix this, hard-code 64k as the maximum ACPI table size, which > (despite being an order of magnitude smaller than 640k) should be enough > for everyone. > > To fix migration from QEMU 2.0, compute the payload size of QEMU 2.0 > and always use that one. The previous patch shrunk the ACPI tables > enough that the QEMU 2.0 size should always be enough. > > Migration from QEMU 1.7 should work for guests that have a number of CPUs > other than 12, 13, 14, 54, 55, 56, 97, 98, 139, 140. It was already > broken from QEMU 1.7 to QEMU 2.0 in the same way, though. > > Even with this patch, QEMU 1.7 and 2.0 have two different ideas of > "-M pc-i440fx-2.0" when there are PCI bridges. Igor sent a patch to > adopt the QEMU 1.7 definition. I think distributions should apply > it if they move directly from QEMU 1.7 to 2.1+ without ever packaging > version 2.0. > > Signed-off-by: Paolo Bonzini > --- > replace magic constants with #defines [Igor] > remove stray line from comment [Laszlo] I compared this too with its v1 counterpart, and it looks good. I have one question (just curiosity): the following paragraph was dropped from the commit message -- why? -Non-AML tables can change depending on the configuration (especially -MADT, SRAT, HPET) but they remain the same between QEMU 2.0 and 2.1, -so we only compute our padding based on the sizes of the SSDT and DSDT. I think this remains true in v2 as well: - "aml_len" and "legacy_aml_len" still "only" cover the DSDT and the SSDT, and - the non-AML tables (eg. the MADT, now spelled out in the commit message), although they may grow with the number of CPUs, continue to remain the same between 2.0 and 2.1. IOW, I think you could have kept this paragraph if you wanted to. Was it an oversight to drop it, or did the paragraph contain something incorrect (in v1) that I'm unaware of? Or is it just redundant? Reviewed-by: Laszlo Ersek Thanks, Laszlo
Re: [Qemu-devel] [PATCH v2 for-2.1 2/2] pc: hack for migration compatibility from QEMU 2.0
Il 24/07/2014 18:29, Laszlo Ersek ha scritto: > I compared this too with its v1 counterpart, and it looks good. I have > one question (just curiosity): the following paragraph was dropped from > the commit message -- why? > > -Non-AML tables can change depending on the configuration (especially > -MADT, SRAT, HPET) but they remain the same between QEMU 2.0 and 2.1, > -so we only compute our padding based on the sizes of the SSDT and DSDT. > > I think this remains true in v2 as well: > - "aml_len" and "legacy_aml_len" still "only" cover the DSDT and the > SSDT, and > - the non-AML tables (eg. the MADT, now spelled out in the commit > message), although they may grow with the number of CPUs, continue to > remain the same between 2.0 and 2.1. > > IOW, I think you could have kept this paragraph if you wanted to. Was it > an oversight to drop it, or did the paragraph contain something > incorrect (in v1) that I'm unaware of? Or is it just redundant? An oversight. I had added it to the mail before sending it, not directly in the commit message. I'll add it back for the pull request (tomorrow morning). Paolo
[Qemu-devel] [PATCH 0/3] libqtest: solve QEMU process cleanup problem
Test cases are supposed to clean up even if they fail. Historically libqtest has leaked QEMU processes and files. This caused annoyances and buildbot failures so it was gradually fixed. The solution we have for terminating the QEMU process if the test case fails was not very satisfactory. A SIGABRT handler in the test case sends SIGTERM to QEMU. This only works if the test case receives SIGABRT, not other ways in which it could die. The approach is ugly because it installs a global signal handler although libqtest is supposed to support multiple simultaneous instances. This patch series adds the new -chardev exit-on-eof option. QEMU will terminate if the socket/pipe/stdio receives EOF. That happens when the test case process terminates for any reason. By adding this option to -chardev we can use it with both -qtest and -qmp. Stefan Hajnoczi (3): libqemustub: add qemu_system_shutdown_request() and no_shutdown qemu-char: add -chardev exit-on-eof option libqtest: use -chardev exit-on-eof to clean up QEMU include/sysemu/char.h | 1 + qapi-schema.json | 23 --- qemu-char.c | 34 -- qemu-options.hx | 19 +-- stubs/Makefile.objs | 1 + stubs/shutdown.c | 7 +++ tests/libqtest.c | 48 +++- 7 files changed, 69 insertions(+), 64 deletions(-) create mode 100644 stubs/shutdown.c -- 1.9.3
[Qemu-devel] [PATCH 1/3] libqemustub: add qemu_system_shutdown_request() and no_shutdown
These sysemu functions will be needed by qemu-char.c, which is linked
into tests/vhost-user-test without system emulation functionality.
Signed-off-by: Stefan Hajnoczi
---
stubs/Makefile.objs | 1 +
stubs/shutdown.c| 7 +++
2 files changed, 8 insertions(+)
create mode 100644 stubs/shutdown.c
diff --git a/stubs/Makefile.objs b/stubs/Makefile.objs
index 528e161..f17d517 100644
--- a/stubs/Makefile.objs
+++ b/stubs/Makefile.objs
@@ -39,3 +39,4 @@ stub-obj-$(CONFIG_WIN32) += fd-register.o
stub-obj-y += cpus.o
stub-obj-y += kvm.o
stub-obj-y += qmp_pc_dimm_device_list.o
+stub-obj-y += shutdown.o
diff --git a/stubs/shutdown.c b/stubs/shutdown.c
new file mode 100644
index 000..c1aee7e
--- /dev/null
+++ b/stubs/shutdown.c
@@ -0,0 +1,7 @@
+#include "sysemu/sysemu.h"
+
+int no_shutdown;
+
+void qemu_system_shutdown_request(void)
+{
+}
--
1.9.3
[Qemu-devel] [PATCH 2/3] qemu-char: add -chardev exit-on-eof option
When QEMU is executed as part of a test case or from a script, it is
usually desirable to exit if the parent process terminates. This
ensures that "leaked" QEMU processes do not continue consuming resources
after their parent has died.
This patch adds the -chardev exit-on-eof option causing socket and pipe
chardevs to exit QEMU upon close. This happens when a parent process
deliberately closes its file descriptor but also when the kernel cleans
up a crashed process.
Signed-off-by: Stefan Hajnoczi
---
include/sysemu/char.h | 1 +
qapi-schema.json | 23 ---
qemu-char.c | 34 --
qemu-options.hx | 19 +--
4 files changed, 58 insertions(+), 19 deletions(-)
diff --git a/include/sysemu/char.h b/include/sysemu/char.h
index 0bbd631..382b320 100644
--- a/include/sysemu/char.h
+++ b/include/sysemu/char.h
@@ -86,6 +86,7 @@ struct CharDriverState {
guint fd_in_tag;
QemuOpts *opts;
QTAILQ_ENTRY(CharDriverState) next;
+bool exit_on_eof;
};
/**
diff --git a/qapi-schema.json b/qapi-schema.json
index b11aad2..9b13da1 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -2630,10 +2630,13 @@
# @device: The name of the special file for the device,
# i.e. /dev/ttyS0 on Unix or COM1: on Windows
# @type: What kind of device this is.
+# @exit-on-eof: #optional terminate when other side closes the pipe
+# (default: false, since: 2.2)
#
# Since: 1.4
##
-{ 'type': 'ChardevHostdev', 'data': { 'device' : 'str' } }
+{ 'type': 'ChardevHostdev', 'data': { 'device' : 'str',
+ '*exit-on-eof' : 'bool' } }
##
# @ChardevSocket:
@@ -2648,14 +2651,17 @@
# @nodelay: #optional set TCP_NODELAY socket option (default: false)
# @telnet: #optional enable telnet protocol on server
# sockets (default: false)
+# @exit-on-eof: #optional terminate when other side closes socket
+# (default: false, since: 2.2)
#
# Since: 1.4
##
-{ 'type': 'ChardevSocket', 'data': { 'addr' : 'SocketAddress',
- '*server' : 'bool',
- '*wait': 'bool',
- '*nodelay' : 'bool',
- '*telnet' : 'bool' } }
+{ 'type': 'ChardevSocket', 'data': { 'addr' : 'SocketAddress',
+ '*server' : 'bool',
+ '*wait': 'bool',
+ '*nodelay' : 'bool',
+ '*telnet' : 'bool',
+ '*exit-on-eof' : 'bool' } }
##
# @ChardevUdp:
@@ -2689,10 +2695,13 @@
# @signal: #optional Allow signals (such as SIGINT triggered by ^C)
# be delivered to qemu. Default: true in -nographic mode,
# false otherwise.
+# @exit-on-eof: #optional terminate when other side sends EOF
+# (default: false, since: 2.2)
#
# Since: 1.5
##
-{ 'type': 'ChardevStdio', 'data': { '*signal' : 'bool' } }
+{ 'type': 'ChardevStdio', 'data': { '*signal' : 'bool',
+'*exit-on-eof' : 'bool' } }
##
# @ChardevSpiceChannel:
diff --git a/qemu-char.c b/qemu-char.c
index 7acc03f..9015bc9 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -110,9 +110,16 @@ void qemu_chr_be_event(CharDriverState *s, int event)
break;
}
-if (!s->chr_event)
-return;
-s->chr_event(s->handler_opaque, event);
+if (s->chr_event) {
+s->chr_event(s->handler_opaque, event);
+}
+
+if (s->exit_on_eof && event == CHR_EVENT_CLOSED) {
+fprintf(stderr, "qemu: terminating due to eof on chardev '%s'\n",
+s->label);
+no_shutdown = 0;
+qemu_system_shutdown_request();
+}
}
void qemu_chr_be_generic_open(CharDriverState *s)
@@ -991,6 +998,7 @@ static CharDriverState *qemu_chr_open_pipe(ChardevHostdev
*opts)
int fd_in, fd_out;
char filename_in[256], filename_out[256];
const char *filename = opts->device;
+CharDriverState *chr;
if (filename == NULL) {
fprintf(stderr, "chardev: pipe: no filename given\n");
@@ -1011,7 +1019,9 @@ static CharDriverState *qemu_chr_open_pipe(ChardevHostdev
*opts)
return NULL;
}
}
-return qemu_chr_open_fd(fd_in, fd_out);
+chr = qemu_chr_open_fd(fd_in, fd_out);
+chr->exit_on_eof = opts->has_exit_on_eof && opts->exit_on_eof;
+return chr;
}
/* init terminal so that we can grab keys */
@@ -2893,6 +2903,7 @@ static void tcp_chr_close(CharDriverState *chr)
static CharDriverState *qemu_chr_open_socket_fd(int fd, bool do_nodelay,
bool is_listen, bool is_telnet,
bool is_waitconnect,
+bool is_exit_on_eof,
[Qemu-devel] [PATCH 3/3] libqtest: use -chardev exit-on-eof to clean up QEMU
When the test case aborts it is important to terminate the QEMU process
so it does not leak. This was implemented using a SIGABRT handler
function in libqtest that sent SIGTERM to QEMU.
The SIGABRT approach is messy because it requires a global signal
handler but libqtest should support multiple simultaneous instances.
Simplify the code using the new -chardev exit-on-eof option. QEMU will
automatically exit when our qtest socket closes.
Signed-off-by: Stefan Hajnoczi
---
tests/libqtest.c | 48 +++-
1 file changed, 3 insertions(+), 45 deletions(-)
diff --git a/tests/libqtest.c b/tests/libqtest.c
index 98e8f4b..6c3dd27 100644
--- a/tests/libqtest.c
+++ b/tests/libqtest.c
@@ -46,12 +46,8 @@ struct QTestState
bool irq_level[MAX_IRQ];
GString *rx;
pid_t qemu_pid; /* our child QEMU process */
-struct sigaction sigact_old; /* restored on exit */
};
-static GList *qtest_instances;
-static struct sigaction sigact_old;
-
#define g_assert_no_errno(ret) do { \
g_assert_cmpint(ret, !=, -1); \
} while (0)
@@ -110,32 +106,6 @@ static void kill_qemu(QTestState *s)
}
}
-static void sigabrt_handler(int signo)
-{
-GList *elem;
-for (elem = qtest_instances; elem; elem = elem->next) {
-kill_qemu(elem->data);
-}
-}
-
-static void setup_sigabrt_handler(void)
-{
-struct sigaction sigact;
-
-/* Catch SIGABRT to clean up on g_assert() failure */
-sigact = (struct sigaction){
-.sa_handler = sigabrt_handler,
-.sa_flags = SA_RESETHAND,
-};
-sigemptyset(&sigact.sa_mask);
-sigaction(SIGABRT, &sigact, &sigact_old);
-}
-
-static void cleanup_sigabrt_handler(void)
-{
-sigaction(SIGABRT, &sigact_old, NULL);
-}
-
QTestState *qtest_init(const char *extra_args)
{
QTestState *s;
@@ -156,17 +126,12 @@ QTestState *qtest_init(const char *extra_args)
sock = init_socket(socket_path);
qmpsock = init_socket(qmp_socket_path);
-/* Only install SIGABRT handler once */
-if (!qtest_instances) {
-setup_sigabrt_handler();
-}
-
-qtest_instances = g_list_prepend(qtest_instances, s);
-
s->qemu_pid = fork();
if (s->qemu_pid == 0) {
command = g_strdup_printf("exec %s "
- "-qtest unix:%s,nowait "
+ "-chardev socket,id=qtestdev,path=%s,nowait,"
+ "exit-on-eof "
+ "-qtest chardev:qtestdev "
"-qtest-log /dev/null "
"-qmp unix:%s,nowait "
"-machine accel=qtest "
@@ -207,13 +172,6 @@ QTestState *qtest_init(const char *extra_args)
void qtest_quit(QTestState *s)
{
-/* Uninstall SIGABRT handler on last instance */
-if (qtest_instances && !qtest_instances->next) {
-cleanup_sigabrt_handler();
-}
-
-qtest_instances = g_list_remove(qtest_instances, s);
-
kill_qemu(s);
close(s->fd);
close(s->qmp_fd);
--
1.9.3
[Qemu-devel] AHCI bug
Hi all,
I found a problem while using following combinations: qemu-1.6.1 + large disks
(>127GB) + q35(AHCI controller) + int13h disk access.
The AHCI controller code in Qemu has a bug that it will use the wrong LBA
address when Seabios tries to access LBA>128GB (aka 127.5GB limit
http://www.hardwaresecrets.com/printpage/Hard-Disk-Drives-Capacity-Limits/482).
When we needs to access the LBA>0xfff, 28bit LBA is not sufficient thus
AHCI code needs to convert that into an LBA48 command, but it didn't set all
the flags correctly, so low level code ends up reading a sector at different
address, here's where I caught it red handed (from logging statement I added to
qemu):
set: sector=300050824
get: sector=35809672
LBA mismatch detected, saved:0x0011e26988, read:0x0002226988
Here's my qemu patch:
diff -r -p ../qemu-1.6.1-org/hw/ide/ahci.c ./hw/ide/ahci.c
*** ../qemu-1.6.1-org/hw/ide/ahci.c 2013-10-09 15:20:32.0 -0400
--- ./hw/ide/ahci.c 2014-07-21 10:37:03.734217053 -0400
*** static int handle_cmd(AHCIState *s, int
*** 929,934
--- 931,954
* do, I simply assume non-used fields as reserved and OR
everything
* together, independent of the command.
*/
+
+ #if 1 // eniac
+ // enable lba and lba48 mode, otherwise the bit won't get set
until the command is completed, cause read/write corruption
+ ide_state->lba48 = (cmd_fis[2] == WIN_READDMA_EXT
+ || cmd_fis[2] == WIN_READ_EXT
+ || cmd_fis[2] == WIN_READDMA_QUEUED_EXT
+ || cmd_fis[2] == WIN_READ_NATIVE_MAX_EXT
+ || cmd_fis[2] == WIN_MULTREAD_EXT
+ || cmd_fis[2] == WIN_WRITE_EXT
+ || cmd_fis[2] == WIN_WRITEDMA_EXT
+ || cmd_fis[2] == WIN_WRITEDMA_QUEUED_EXT
+ || cmd_fis[2] == WIN_SET_MAX_EXT
+ || cmd_fis[2] == WIN_MULTWRITE_EXT
+ || cmd_fis[2] == WIN_VERIFY_EXT
+ || cmd_fis[2] == WIN_FLUSH_CACHE_EXT
+ );
+ ide_state->select |= 0x40;
+ #endif // eniac
ide_set_sector(ide_state, ((uint64_t)cmd_fis[10] << 40)
| ((uint64_t)cmd_fis[9] << 32)
/* This is used for LBA48 commands */
diff -r -p ../qemu-1.6.1-org/hw/ide/core.c ./hw/ide/core.c
*** ../qemu-1.6.1-org/hw/ide/core.c 2013-10-09 15:20:32.0 -0400
--- ./hw/ide/core.c 2014-07-21 10:37:21.132422670 -0400
*** void ide_transfer_stop(IDEState *s)
*** 445,450
--- 445,454
s->status &= ~DRQ_STAT;
}
+ #if 1 // eniac added to detect LBA skew, quit early to avoid corruption
+ int64_t saved_lba = -1;
+ #endif // eniac
+
int64_t ide_get_sector(IDEState *s)
{
int64_t sector_num;
*** int64_t ide_get_sector(IDEState *s)
*** 464,475
--- 468,495
sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
(s->select & 0x0f) * s->sectors + (s->sector - 1);
}
+
+ #if 1 // eniac
+ printf("get: sector=%" PRId64 "\n", sector_num);
+ if (sector_num != saved_lba && saved_lba != -1) {
+ printf("LBA mismatch detected, saved:%#016llx, read:%#016llx\n",
(long long unsigned) saved_lba, (long long unsigned) sector_num);
+ exit(1);
+ } else {
+ saved_lba = -1;
+ }
+ #endif // eniac
return sector_num;
}
void ide_set_sector(IDEState *s, int64_t sector_num)
{
unsigned int cyl, r;
+
+
+ #if 1 // eniac
+ saved_lba = sector_num;
+ printf("set: sector=%" PRId64 "\n", sector_num);
+ #endif // eniac
if (s->select & 0x40) {
if (!s->lba48) {
s->select = (s->select & 0xf0) | (sector_num >> 24);
To duplicate the problem you need to turn off the workaround in ahci.c, leaving
the debug logs in core.c, compile your qemu-system-x86_64 and then run:
./ qemu-system-x86_64 -fda dos622.img -drive
if=none,file=./blank.qcow2,id=hdc,media=disk -device ide-hd,drive=hdc,bus=ide.0
-M q35 -m 256M -vnc :1 -boot a
Blank.qcow2 is a 300GB virtual disk file I pre-created, you can leave it blank
cause what's on disk doesn't matter in this test. dos622.img is the dos622
floppy image with debug.com and a batch file:
# cat int1342.bat
a 100
mov si, 0200
mov ax, 4200
mov dx, 0080
int 13
ret
; 0x3: length
e 200 10 00 7f 00 00 00 00 50
; lba
e 208 88 69 e2 11 00 00 00 00
r ip
100
g
r
d 5000:0
q
Connect vncviewer, once dos boot is completed, type debug
Re: [Qemu-devel] [PATCH 1/3] libqemustub: add qemu_system_shutdown_request() and no_shutdown
On 24 July 2014 17:39, Stefan Hajnoczi wrote:
> +++ b/stubs/shutdown.c
> @@ -0,0 +1,7 @@
> +#include "sysemu/sysemu.h"
> +
> +int no_shutdown;
> +
> +void qemu_system_shutdown_request(void)
> +{
> +}
Tangential, but every use of "no_shutdown" outside vl.c
is in the sequence:
no_shutdown = 0;
qemu_system_shutdown_request();
so maybe we should have a
qemu_system_shutdown_demand();
and make the no_shutdown variable private to vl.c ?
(feel free to pick a better name :-))
thanks
-- PMM
Re: [Qemu-devel] [RFC PATCH v2 00/49] Series short description
Il 17/07/2014 13:01, Pavel Dovgalyuk ha scritto: > This set of patches is related to the reverse execution and deterministic > replay of qemu execution Our implementation of deterministic replay can > be used for deterministic and reverse debugging of guest code through gdb > remote interface. > > Execution recording writes non-deterministic events log, which can be later > used for replaying the execution anywhere and for unlimited number of times. > It also supports checkpointing for faster rewinding during reverse debugging. > Execution replaying reads the log and replays all non-deterministic events > including external input, hardware clocks, and interrupts. >From a first look: - patches 1-14-15-17-41 are okay :) - patches 2 to 13 probably should try to use subsections, so that VMs that do not use the devices try not to save the extra data and keep backwards migration compatibility (at least try to) - patch 16 should also use subsections, and perhaps apply to all other CPUs too? - patches 23-24-25 perhaps could try using icount, like Konrad's patch do? - patch 27 makes sense but VIRTUAL is used to skip blinking when the VM is stopped - the others I haven't yet looked at, but they look like something that would bitrot really, really fast. For patch 33, I think changing INSERT_HEAD to INSERT_TAIL would be just fine, and I wonder if it's the same for other patches here. How do you plan on testing them and keeping them up to date? Paolo > Reverse execution has the following features: > * Deterministically replays whole system execution and all contents of the > memory, >state of the hadrware devices, clocks, and screen of the VM. > * Writes execution log into the file for latter replaying for multiple times >on different machines. > * Supports i386, x86_64, and ARM hardware platforms. > * Performs deterministic replay of all operations with keyboard, mouse, > network adapters, >audio devices, serial interfaces, and physical USB devices connected to > the emulator. > * Provides support for gdb reverse debugging commands like reverse-step and > reverse-continue. > * Supports auto-checkpointing for convenient reverse debugging. > > Usage of the record/replay: > * First, record the execution, by adding '-record fname=replay.bin' to the >command line. > * Then you can replay it for the multiple times by using another command >line option: '-replay fname=replay.bin' > * Virtual machine should have at least one virtual disk, which is used to >store checkpoints. If you want to enable automatic checkpointing, simply >add ',period=XX' to record options, where XX is the checkpointing period >in seconds. > * Using of the network adapters in record/replay mode is possible with >the following command-line options: >- '-net user' (or another host adapter) in record mode >- '-net replay' in replay mode. Every host network adapter should be > replaced by 'replay' when replaying the execution. > * Reverse debugging can be used through gdb remote interface. >reverse-stepi and reverse-continue commands are supported. Other reverse >commands should also work, because they reuse these ones. > * Monitor is extended by the following commands: >- replay_info - prints information about replay mode and current step > (number of instructions executed) >- replay_break - sets "breakpoint" at the specified instructions count. >- replay_seek - rewinds (using the checkpoints, if possible) to the > specified step of replay log. > > Paper with short description of deterministic replay implementation: > http://www.computer.org/csdl/proceedings/csmr/2012/4666/00/4666a553-abs.html > > Modifications of qemu include: > * adding missed fields of the virtual devices' states to the vmstate >structures to allow deterministic saving and restoring the VM state > * adding virtual clock-based timers to vmstate structures, because virtual >clock is the part of the virtual machine state > * modification of block layer to support automatic creation of the overlay >files to store the changes and snapshots while recording > * disabling of system reset while loading VM state to avoid generating of >interrupts by reset handlers > * adding warpers for clock and time functions to save their return >values in the log > * saving different asynchronous events (e.g. system shutdown) into the log > * synchronization of the bottom halves execution > * synchronization of the threads from thread pool > * recording/replaying user input (mouse and keyboard), input from virtual >serial ports, incoming network packets, input from connected USB devices > * adding HMP/QMP commands to monitor for controlling replay execution > > v2 changes: > * Patches are split to be reviewable and bisectable (as suggested by Kirill > Batuzov) > * Added QMP versions of replay commands (as suggested by Eric Blake) > * Removed some opt
Re: [Qemu-devel] [PATCH qom-next] machine: Clean up -machine handling
- Original Message -
From: "Andreas Färber"
To: qemu-devel@nongnu.org
Cc: "marcel a" , "Andreas Färber" ,
"Paolo Bonzini" , "Anthony Liguori"
Sent: Wednesday, July 23, 2014 5:32:11 PM
Subject: [PATCH qom-next] machine: Clean up -machine handling
Since commit c4090f8, -object options are no longer handled through
object_set_property(), so clean up -object leftovers by renaming the
function and dropping special-casing of qom-type and id properties.
Cc: Paolo Bonzini
Signed-off-by: Andreas Färber
---
vl.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/vl.c b/vl.c
index fe451aa..6e8472a 100644
--- a/vl.c
+++ b/vl.c
@@ -2818,15 +2818,15 @@ static void free_and_trace(gpointer mem)
free(mem);
}
-static int object_set_property(const char *name, const char *value, void
*opaque)
+static int machine_set_property(const char *name, const char *value,
+void *opaque)
{
Object *obj = OBJECT(opaque);
StringInputVisitor *siv;
Error *local_err = NULL;
char *c, *qom_name;
-if (strcmp(name, "qom-type") == 0 || strcmp(name, "id") == 0 ||
-strcmp(name, "type") == 0) {
+if (strcmp(name, "type") == 0) {
return 0;
}
@@ -4226,7 +4226,7 @@ int main(int argc, char **argv, char **envp)
}
machine_opts = qemu_get_machine_opts();
-if (qemu_opt_foreach(machine_opts, object_set_property, current_machine,
+if (qemu_opt_foreach(machine_opts, machine_set_property, current_machine,
1) < 0) {
object_unref(OBJECT(current_machine));
exit(1);
--
1.8.4.5
I was thinking about exactly the same thing.
Reviewed-by Marcel Apfelbaum
Thanks,
Marcel
[Qemu-devel] [PATCH 1/7] tests: Functions bus_foreach and device_find from libqos virtio API
Virtio header has been changed to compile and work with a real device.
Functions bus_foreach and device_find have been implemented for PCI.
Virtio-blk test case now opens a fake device.
Signed-off-by: Marc Marí
---
tests/Makefile|3 +-
tests/libqos/virtio-pci.c | 75 +
tests/libqos/virtio-pci.h | 24 +++
tests/libqos/virtio.h | 23 ++
tests/virtio-blk-test.c | 67 +++-
5 files changed, 183 insertions(+), 9 deletions(-)
create mode 100644 tests/libqos/virtio-pci.c
create mode 100644 tests/libqos/virtio-pci.h
create mode 100644 tests/libqos/virtio.h
diff --git a/tests/Makefile b/tests/Makefile
index 4b2e1bb..7c0f670 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -294,6 +294,7 @@ libqos-obj-y += tests/libqos/i2c.o
libqos-pc-obj-y = $(libqos-obj-y) tests/libqos/pci-pc.o
libqos-pc-obj-y += tests/libqos/malloc-pc.o
libqos-omap-obj-y = $(libqos-obj-y) tests/libqos/i2c-omap.o
+libqos-virtio-obj-y = $(libqos-obj-y) $(libqos-pc-obj-y)
tests/libqos/virtio-pci.o
tests/rtc-test$(EXESUF): tests/rtc-test.o
tests/m48t59-test$(EXESUF): tests/m48t59-test.o
@@ -315,7 +316,7 @@ tests/vmxnet3-test$(EXESUF): tests/vmxnet3-test.o
tests/ne2000-test$(EXESUF): tests/ne2000-test.o
tests/wdt_ib700-test$(EXESUF): tests/wdt_ib700-test.o
tests/virtio-balloon-test$(EXESUF): tests/virtio-balloon-test.o
-tests/virtio-blk-test$(EXESUF): tests/virtio-blk-test.o
+tests/virtio-blk-test$(EXESUF): tests/virtio-blk-test.o $(libqos-virtio-obj-y)
tests/virtio-net-test$(EXESUF): tests/virtio-net-test.o
tests/virtio-rng-test$(EXESUF): tests/virtio-rng-test.o
tests/virtio-scsi-test$(EXESUF): tests/virtio-scsi-test.o
diff --git a/tests/libqos/virtio-pci.c b/tests/libqos/virtio-pci.c
new file mode 100644
index 000..fde1b1f
--- /dev/null
+++ b/tests/libqos/virtio-pci.c
@@ -0,0 +1,75 @@
+/*
+ * libqos virtio PCI driver
+ *
+ * Copyright (c) 2014 Marc Marí
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include
+#include "libqtest.h"
+#include "libqos/virtio.h"
+#include "libqos/virtio-pci.h"
+#include "libqos/pci.h"
+#include "libqos/pci-pc.h"
+
+#include "hw/pci/pci_regs.h"
+
+typedef struct QVirtioPCIForeachData {
+void (*func)(QVirtioDevice *d, void *data);
+uint16_t device_type;
+void *user_data;
+} QVirtioPCIForeachData;
+
+static QVirtioPCIDevice *qpcidevice_to_qvirtiodevice(QPCIDevice *pdev)
+{
+QVirtioPCIDevice *vpcidev;
+vpcidev = g_malloc0(sizeof(*vpcidev));
+
+if (pdev) {
+vpcidev->pdev = pdev;
+vpcidev->vdev.device_type =
+qpci_config_readw(vpcidev->pdev, PCI_SUBSYSTEM_ID);
+}
+
+return vpcidev;
+}
+
+static void qvirtio_pci_foreach_callback(
+QPCIDevice *dev, int devfn, void *data)
+{
+QVirtioPCIForeachData *d = data;
+QVirtioPCIDevice *vpcidev = qpcidevice_to_qvirtiodevice(dev);
+
+if (vpcidev->vdev.device_type == d->device_type) {
+d->func(&vpcidev->vdev, d->user_data);
+} else {
+g_free(vpcidev);
+}
+}
+
+static void qvirtio_pci_assign_device(QVirtioDevice *d, void *data)
+{
+QVirtioPCIDevice **vpcidev = data;
+*vpcidev = (QVirtioPCIDevice *)d;
+}
+
+void qvirtio_pci_foreach(QPCIBus *bus, uint16_t device_type,
+void (*func)(QVirtioDevice *d, void *data), void *data)
+{
+QVirtioPCIForeachData d = { .func = func,
+.device_type = device_type,
+.user_data = data };
+
+qpci_device_foreach(bus, QVIRTIO_VENDOR_ID, -1,
+qvirtio_pci_foreach_callback, &d);
+}
+
+QVirtioPCIDevice *qvirtio_pci_device_find(QPCIBus *bus, uint16_t device_type)
+{
+QVirtioPCIDevice *dev = NULL;
+qvirtio_pci_foreach(bus, device_type, qvirtio_pci_assign_device, &dev);
+
+return dev;
+}
diff --git a/tests/libqos/virtio-pci.h b/tests/libqos/virtio-pci.h
new file mode 100644
index 000..5101abb
--- /dev/null
+++ b/tests/libqos/virtio-pci.h
@@ -0,0 +1,24 @@
+/*
+ * libqos virtio PCI definitions
+ *
+ * Copyright (c) 2014 Marc Marí
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef LIBQOS_VIRTIO_PCI_H
+#define LIBQOS_VIRTIO_PCI_H
+
+#include "libqos/virtio.h"
+#include "libqos/pci.h"
+
+typedef struct QVirtioPCIDevice {
+QVirtioDevice vdev;
+QPCIDevice *pdev;
+} QVirtioPCIDevice;
+
+void qvirtio_pci_foreach(QPCIBus *bus, uint16_t device_type,
+void (*func)(QVirtioDevice *d, void *data), void *data);
+QVirtioPCIDevice *qvirtio_pci_device_find(QPCIBus *bus, uint16_t device_type);
+#endif
diff --git a/tests/libqos/virtio.h b/tests/libqos/virtio.h
new file mode 100644
index 000..2a05798
--- /dev/null
+++ b/tests/libqos/virtio.h
[Qemu-devel] [PATCH 3/7] libqtest: add QTEST_LOG for debugging qtest testcases
Signed-off-by: Paolo Bonzini
Signed-off-by: Marc Marí
---
tests/libqtest.c | 11 ++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/tests/libqtest.c b/tests/libqtest.c
index 98e8f4b..056275d 100644
--- a/tests/libqtest.c
+++ b/tests/libqtest.c
@@ -167,11 +167,12 @@ QTestState *qtest_init(const char *extra_args)
if (s->qemu_pid == 0) {
command = g_strdup_printf("exec %s "
"-qtest unix:%s,nowait "
- "-qtest-log /dev/null "
+ "-qtest-log %s "
"-qmp unix:%s,nowait "
"-machine accel=qtest "
"-display none "
"%s", qemu_binary, socket_path,
+ getenv("QTEST_LOG") ? "/dev/fd/2" :
"/dev/null",
qmp_socket_path,
extra_args ?: "");
execlp("/bin/sh", "sh", "-c", command, NULL);
@@ -397,10 +398,18 @@ QDict *qtest_qmpv(QTestState *s, const char *fmt, va_list
ap)
/* No need to send anything for an empty QObject. */
if (qobj) {
+size_t len;
+int log = getenv("QTEST_LOG") != NULL;
QString *qstr = qobject_to_json(qobj);
const char *str = qstring_get_str(qstr);
size_t size = qstring_get_length(qstr);
+if (log) {
+len = write(2, str, size);
+if (len != size) {
+fprintf(stderr, "Could not log\n");
+}
+}
/* Send QMP request */
socket_send(s->qmp_fd, str, size);
--
1.7.10.4
[Qemu-devel] [PATCH 4/7] libqos: Correct mask to align size to PAGE_SIZE in malloc-pc
Signed-off-by: Paolo Bonzini Signed-off-by: Marc Marí --- tests/libqos/malloc-pc.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/libqos/malloc-pc.c b/tests/libqos/malloc-pc.c index db1496c..2efd095 100644 --- a/tests/libqos/malloc-pc.c +++ b/tests/libqos/malloc-pc.c @@ -36,7 +36,7 @@ static uint64_t pc_alloc(QGuestAllocator *allocator, size_t size) size += (PAGE_SIZE - 1); -size &= PAGE_SIZE; +size &= -PAGE_SIZE; g_assert_cmpint((s->start + size), <=, s->end); -- 1.7.10.4
[Qemu-devel] [PATCH 0/7] Virtio PCI libqos driver
Add functions for virtio PCI libqos driver. Add more debugging tools. Solve bugs found while generating tests. Marc Marí (7): tests: Functions bus_foreach and device_find from libqos virtio API tests: Add virtio device initialization libqtest: add QTEST_LOG for debugging qtest testcases libqos: Correct mask to align size to PAGE_SIZE in malloc-pc libqos: Change free function called in malloc virtio-blk: Correct bug in support for flexible descriptor layout libqos: Added basic virtqueue support to virtio implementation hw/block/virtio-blk.c | 14 +-- tests/Makefile|3 +- tests/libqos/malloc-pc.c |2 +- tests/libqos/malloc.h |2 +- tests/libqos/virtio-pci.c | 189 + tests/libqos/virtio-pci.h | 48 ++ tests/libqos/virtio.c | 120 tests/libqos/virtio.h | 127 + tests/libqtest.c | 11 ++- tests/virtio-blk-test.c | 228 +++-- 10 files changed, 725 insertions(+), 19 deletions(-) create mode 100644 tests/libqos/virtio-pci.c create mode 100644 tests/libqos/virtio-pci.h create mode 100644 tests/libqos/virtio.c create mode 100644 tests/libqos/virtio.h -- 1.7.10.4
[Qemu-devel] [PATCH 5/7] libqos: Change free function called in malloc
Signed-off-by: Marc Marí
---
tests/libqos/malloc.h |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/libqos/malloc.h b/tests/libqos/malloc.h
index 46f6000..5565381 100644
--- a/tests/libqos/malloc.h
+++ b/tests/libqos/malloc.h
@@ -32,7 +32,7 @@ static inline uint64_t guest_alloc(QGuestAllocator
*allocator, size_t size)
static inline void guest_free(QGuestAllocator *allocator, uint64_t addr)
{
-allocator->alloc(allocator, addr);
+allocator->free(allocator, addr);
}
#endif
--
1.7.10.4
[Qemu-devel] [PATCH 2/7] tests: Add virtio device initialization
Add functions to read and write virtio header fields.
Add feature checking and status bit setting in virtio-blk-device.
Signed-off-by: Marc Marí
---
tests/Makefile|2 +-
tests/libqos/virtio-pci.c | 32
tests/libqos/virtio-pci.h | 17 +
tests/libqos/virtio.c | 31 +++
tests/libqos/virtio.h | 19 +++
tests/virtio-blk-test.c | 14 ++
6 files changed, 114 insertions(+), 1 deletion(-)
create mode 100644 tests/libqos/virtio.c
diff --git a/tests/Makefile b/tests/Makefile
index 7c0f670..e0e203f 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -294,7 +294,7 @@ libqos-obj-y += tests/libqos/i2c.o
libqos-pc-obj-y = $(libqos-obj-y) tests/libqos/pci-pc.o
libqos-pc-obj-y += tests/libqos/malloc-pc.o
libqos-omap-obj-y = $(libqos-obj-y) tests/libqos/i2c-omap.o
-libqos-virtio-obj-y = $(libqos-obj-y) $(libqos-pc-obj-y)
tests/libqos/virtio-pci.o
+libqos-virtio-obj-y = $(libqos-obj-y) $(libqos-pc-obj-y) tests/libqos/virtio.o
tests/libqos/virtio-pci.o
tests/rtc-test$(EXESUF): tests/rtc-test.o
tests/m48t59-test$(EXESUF): tests/m48t59-test.o
diff --git a/tests/libqos/virtio-pci.c b/tests/libqos/virtio-pci.c
index fde1b1f..a04281e 100644
--- a/tests/libqos/virtio-pci.c
+++ b/tests/libqos/virtio-pci.c
@@ -55,6 +55,30 @@ static void qvirtio_pci_assign_device(QVirtioDevice *d, void
*data)
*vpcidev = (QVirtioPCIDevice *)d;
}
+static uint32_t qvirtio_pci_get_features(QVirtioDevice *d)
+{
+QVirtioPCIDevice *dev = (QVirtioPCIDevice *)d;
+return qpci_io_readl(dev->pdev, dev->addr + QVIRTIO_DEVICE_FEATURES);
+}
+
+static uint8_t qvirtio_pci_get_status(QVirtioDevice *d)
+{
+QVirtioPCIDevice *dev = (QVirtioPCIDevice *)d;
+return qpci_io_readb(dev->pdev, dev->addr + QVIRTIO_DEVICE_STATUS);
+}
+
+static void qvirtio_pci_set_status(QVirtioDevice *d, uint8_t val)
+{
+QVirtioPCIDevice *dev = (QVirtioPCIDevice *)d;
+qpci_io_writeb(dev->pdev, dev->addr + QVIRTIO_DEVICE_STATUS, val);
+}
+
+const QVirtioBus qvirtio_pci = {
+.get_features = qvirtio_pci_get_features,
+.get_status = qvirtio_pci_get_status,
+.set_status = qvirtio_pci_set_status,
+};
+
void qvirtio_pci_foreach(QPCIBus *bus, uint16_t device_type,
void (*func)(QVirtioDevice *d, void *data), void *data)
{
@@ -73,3 +97,11 @@ QVirtioPCIDevice *qvirtio_pci_device_find(QPCIBus *bus,
uint16_t device_type)
return dev;
}
+
+void qvirtio_pci_enable_device(QVirtioPCIDevice *d)
+{
+qpci_device_enable(d->pdev);
+d->addr = qpci_iomap(d->pdev, 0);
+g_assert(d->addr != NULL);
+}
+
diff --git a/tests/libqos/virtio-pci.h b/tests/libqos/virtio-pci.h
index 5101abb..ef7744e 100644
--- a/tests/libqos/virtio-pci.h
+++ b/tests/libqos/virtio-pci.h
@@ -13,12 +13,29 @@
#include "libqos/virtio.h"
#include "libqos/pci.h"
+#define QVIRTIO_DEVICE_FEATURES 0x00
+#define QVIRTIO_GUEST_FEATURES 0x04
+#define QVIRTIO_QUEUE_ADDRESS 0x08
+#define QVIRTIO_QUEUE_SIZE 0x0C
+#define QVIRTIO_QUEUE_SELECT0x0E
+#define QVIRTIO_QUEUE_NOTIFY0x10
+#define QVIRTIO_DEVICE_STATUS 0x12
+#define QVIRTIO_ISR_STATUS 0x13
+#define QVIRTIO_MSIX_CONF_VECTOR0x14
+#define QVIRTIO_MSIX_QUEUE_VECTOR 0x16
+#define QVIRTIO_DEVICE_SPECIFIC_MSIX0x18
+#define QVIRTIO_DEVICE_SPECIFIC_NO_MSIX 0x14
+
typedef struct QVirtioPCIDevice {
QVirtioDevice vdev;
QPCIDevice *pdev;
+void *addr;
} QVirtioPCIDevice;
+extern const QVirtioBus qvirtio_pci;
+
void qvirtio_pci_foreach(QPCIBus *bus, uint16_t device_type,
void (*func)(QVirtioDevice *d, void *data), void *data);
QVirtioPCIDevice *qvirtio_pci_device_find(QPCIBus *bus, uint16_t device_type);
+void qvirtio_pci_enable_device(QVirtioPCIDevice *d);
#endif
diff --git a/tests/libqos/virtio.c b/tests/libqos/virtio.c
new file mode 100644
index 000..118cb15
--- /dev/null
+++ b/tests/libqos/virtio.c
@@ -0,0 +1,31 @@
+/*
+ * libqos virtio driver
+ *
+ * Copyright (c) 2014 Marc Marí
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include
+#include "libqtest.h"
+#include "libqos/virtio.h"
+
+void qvirtio_reset(const QVirtioBus *bus, QVirtioDevice *d)
+{
+bus->set_status(d, QVIRTIO_RESET);
+g_assert_cmphex(bus->get_status(d), ==, QVIRTIO_RESET);
+}
+
+void qvirtio_set_acknowledge(const QVirtioBus *bus, QVirtioDevice *d)
+{
+bus->set_status(d, bus->get_status(d) | QVIRTIO_ACKNOWLEDGE);
+g_assert_cmphex(bus->get_status(d), ==, QVIRTIO_ACKNOWLEDGE);
+}
+
+void qvirtio_set_driver(const QVirtioBus *bus, QVirtioDevice *d)
+{
+bus->set_status(d, bus->get_status(d) | QVIRTIO_DRIVER);
+g_assert_cmphex(bus->get_status(d), ==,
+QVIRTIO_DRIVER | QVIRTIO_ACKNOWLEDGE);
+}
diff --git a/tests/libqos/vir
[Qemu-devel] [PATCH 6/7] virtio-blk: Correct bug in support for flexible descriptor layout
Without this correction, only a three descriptor layout is accepted, and
requests with just two descriptors are not completed and no error message is
displayed.
Signed-off-by: Stefan Hajnoczi
Signed-off-by: Marc Marí
---
hw/block/virtio-blk.c | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index c241c50..302c39e 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -404,19 +404,19 @@ void virtio_blk_handle_request(VirtIOBlockReq *req,
MultiReqBuffer *mrb)
* NB: per existing s/n string convention the string is
* terminated by '\0' only when shorter than buffer.
*/
-strncpy(req->elem.in_sg[0].iov_base,
-s->blk.serial ? s->blk.serial : "",
-MIN(req->elem.in_sg[0].iov_len, VIRTIO_BLK_ID_BYTES));
+const char *serial = s->blk.serial ? s->blk.serial : "";
+size_t size = MIN(strlen(serial) + 1,
+ MIN(iov_size(in_iov, in_num),
+ VIRTIO_BLK_ID_BYTES));
+iov_from_buf(in_iov, in_num, 0, serial, size);
virtio_blk_req_complete(req, VIRTIO_BLK_S_OK);
virtio_blk_free_request(req);
} else if (type & VIRTIO_BLK_T_OUT) {
-qemu_iovec_init_external(&req->qiov, &req->elem.out_sg[1],
- req->elem.out_num - 1);
+qemu_iovec_init_external(&req->qiov, iov, out_num);
virtio_blk_handle_write(req, mrb);
} else if (type == VIRTIO_BLK_T_IN || type == VIRTIO_BLK_T_BARRIER) {
/* VIRTIO_BLK_T_IN is 0, so we can't just & it. */
-qemu_iovec_init_external(&req->qiov, &req->elem.in_sg[0],
- req->elem.in_num - 1);
+qemu_iovec_init_external(&req->qiov, in_iov, in_num);
virtio_blk_handle_read(req);
} else {
virtio_blk_req_complete(req, VIRTIO_BLK_S_UNSUPP);
--
1.7.10.4
[Qemu-devel] [PATCH 7/7] libqos: Added basic virtqueue support to virtio implementation
Add status changing.
Add basic virtqueue support for adding and sending virtqueue requests.
Add ISR checking.
Signed-off-by: Marc Marí
---
tests/libqos/virtio-pci.c | 86 -
tests/libqos/virtio-pci.h |7 ++
tests/libqos/virtio.c | 89 ++
tests/libqos/virtio.h | 87 -
tests/virtio-blk-test.c | 155 +++--
5 files changed, 417 insertions(+), 7 deletions(-)
diff --git a/tests/libqos/virtio-pci.c b/tests/libqos/virtio-pci.c
index a04281e..fdbb10e 100644
--- a/tests/libqos/virtio-pci.c
+++ b/tests/libqos/virtio-pci.c
@@ -8,11 +8,15 @@
*/
#include
+#include
+#include
#include "libqtest.h"
#include "libqos/virtio.h"
#include "libqos/virtio-pci.h"
#include "libqos/pci.h"
#include "libqos/pci-pc.h"
+#include "libqos/malloc.h"
+#include "libqos/malloc-pc.h"
#include "hw/pci/pci_regs.h"
@@ -61,22 +65,100 @@ static uint32_t qvirtio_pci_get_features(QVirtioDevice *d)
return qpci_io_readl(dev->pdev, dev->addr + QVIRTIO_DEVICE_FEATURES);
}
+static void qvirtio_pci_set_features(QVirtioDevice *d, uint32_t features)
+{
+QVirtioPCIDevice *dev = (QVirtioPCIDevice *)d;
+qpci_io_writel(dev->pdev, dev->addr + QVIRTIO_GUEST_FEATURES, features);
+}
+
static uint8_t qvirtio_pci_get_status(QVirtioDevice *d)
{
QVirtioPCIDevice *dev = (QVirtioPCIDevice *)d;
return qpci_io_readb(dev->pdev, dev->addr + QVIRTIO_DEVICE_STATUS);
}
-static void qvirtio_pci_set_status(QVirtioDevice *d, uint8_t val)
+static void qvirtio_pci_set_status(QVirtioDevice *d, uint8_t status)
+{
+QVirtioPCIDevice *dev = (QVirtioPCIDevice *)d;
+qpci_io_writeb(dev->pdev, dev->addr + QVIRTIO_DEVICE_STATUS, status);
+}
+
+static uint8_t qvirtio_pci_get_isr_status(QVirtioDevice *d)
+{
+QVirtioPCIDevice *dev = (QVirtioPCIDevice *)d;
+return qpci_io_readb(dev->pdev, dev->addr + QVIRTIO_ISR_STATUS);
+}
+
+static void qvirtio_pci_queue_select(QVirtioDevice *d, uint16_t index)
+{
+QVirtioPCIDevice *dev = (QVirtioPCIDevice *)d;
+qpci_io_writeb(dev->pdev, dev->addr + QVIRTIO_QUEUE_SELECT, index);
+}
+
+static uint16_t qvirtio_pci_get_queue_size(QVirtioDevice *d)
+{
+QVirtioPCIDevice *dev = (QVirtioPCIDevice *)d;
+return qpci_io_readw(dev->pdev, dev->addr + QVIRTIO_QUEUE_SIZE);
+}
+
+static void qvirtio_pci_set_queue_address(QVirtioDevice *d, uint16_t addr)
+{
+QVirtioPCIDevice *dev = (QVirtioPCIDevice *)d;
+qpci_io_writel(dev->pdev, dev->addr + QVIRTIO_QUEUE_ADDRESS, addr);
+}
+
+static QVirtQueue *qvirtio_pci_virtqueue_setup(QVirtioDevice *d,
+QGuestAllocator *alloc, uint16_t index)
+{
+uint16_t aux;
+uint64_t addr;
+QVirtQueue *vq;
+
+vq = g_malloc0(sizeof(*vq));
+
+qvirtio_pci_queue_select(d, index);
+vq->index = index;
+vq->size = qvirtio_pci_get_queue_size(d);
+vq->free_head = 0;
+vq->num_free = vq->size;
+vq->align = QVIRTIO_PCI_ALIGN;
+
+/* Check different than 0 */
+g_assert_cmpint(vq->size, !=, 0);
+
+/* Check power of 2 */
+aux = vq->size;
+while ((aux & 1) != 0) {
+aux = aux >> 1;
+}
+g_assert_cmpint(aux, !=, 1);
+
+addr = guest_alloc(alloc, qvring_size(vq->size, QVIRTIO_PCI_ALIGN));
+qvring_init(alloc, vq, addr);
+qvirtio_pci_set_queue_address(d, vq->desc/4096);
+
+/* TODO: MSI-X configuration */
+
+return vq;
+}
+
+static void qvirtio_pci_virtqueue_kick(QVirtioDevice *d, QVirtQueue *vq)
{
QVirtioPCIDevice *dev = (QVirtioPCIDevice *)d;
-qpci_io_writeb(dev->pdev, dev->addr + QVIRTIO_DEVICE_STATUS, val);
+qpci_io_writew(dev->pdev, dev->addr + QVIRTIO_QUEUE_NOTIFY, vq->index);
}
const QVirtioBus qvirtio_pci = {
.get_features = qvirtio_pci_get_features,
+.set_features = qvirtio_pci_set_features,
.get_status = qvirtio_pci_get_status,
.set_status = qvirtio_pci_set_status,
+.get_isr_status = qvirtio_pci_get_isr_status,
+.queue_select = qvirtio_pci_queue_select,
+.get_queue_size = qvirtio_pci_get_queue_size,
+.set_queue_address = qvirtio_pci_set_queue_address,
+.virtqueue_setup = qvirtio_pci_virtqueue_setup,
+.virtqueue_kick = qvirtio_pci_virtqueue_kick,
};
void qvirtio_pci_foreach(QPCIBus *bus, uint16_t device_type,
diff --git a/tests/libqos/virtio-pci.h b/tests/libqos/virtio-pci.h
index ef7744e..ec48d19 100644
--- a/tests/libqos/virtio-pci.h
+++ b/tests/libqos/virtio-pci.h
@@ -26,6 +26,13 @@
#define QVIRTIO_DEVICE_SPECIFIC_MSIX0x18
#define QVIRTIO_DEVICE_SPECIFIC_NO_MSIX 0x14
+#define QVIRTIO_F_NOTIFY_ON_EMPTY 0x0100
+#define QVIRTIO_F_ANY_LAYOUT0x0800
+#define QVIRTIO_F_RING_INDIRECT_DESC0x1000
+#define QVIRTIO_F_RING_EVENT_IDX0x2000
+
+#define QVIRTIO_PCI_ALIGN 4096
+
typedef struct QVirtioPCIDevice {
QVirtioDevice vdev;
QPCIDevice *pdev;
diff --git a/tests/libqos/virtio.c b/tests/libqos/
Re: [Qemu-devel] [PATCH 1/4] block/parallels: extend parallels format header with actual data values
On Tue, Jul 22, 2014 at 05:19:34PM +0400, Denis V. Lunev wrote:
> Parallels image format has several additional fields inside:
> - nb_sectors is actually 64 bit wide. Upper 32bits are not used for
> images with signature "WithoutFreeSpace" and must be explicitely
s/explicitely/explicitly
> zeroed according to Parallels. They will be used for images with
> signature "WithouFreSpacExt"
> - inuse is magic which means that the image is currently opened for
> read/write or was not closed correctly, the magic is 0x746f6e59
> - data_off is the location of the first data block. It can be zero
> and in this case
I think you may have forgotten to finish this sentence :)
>
> This patch adds these values to struct parallels_header and adds
> proper handling of nb_sectors for currently supported WithoutFreeSpace
> images.
>
> WithouFreSpacExt will be covered in the next patch.
>
> Signed-off-by: Denis V. Lunev
> CC: Kevin Wolf
> CC: Stefan Hajnoczi
> ---
> block/parallels.c | 8 +---
> 1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/block/parallels.c b/block/parallels.c
> index 1a5bd35..c44df87 100644
> --- a/block/parallels.c
> +++ b/block/parallels.c
> @@ -41,8 +41,10 @@ struct parallels_header {
> uint32_t cylinders;
> uint32_t tracks;
> uint32_t catalog_entries;
> -uint32_t nb_sectors;
> -char padding[24];
> +uint64_t nb_sectors;
> +uint32_t inuse;
> +uint32_t data_off;
> +char padding[12];
> } QEMU_PACKED;
>
> typedef struct BDRVParallelsState {
> @@ -90,7 +92,7 @@ static int parallels_open(BlockDriverState *bs, QDict
> *options, int flags,
> goto fail;
> }
>
> -bs->total_sectors = le32_to_cpu(ph.nb_sectors);
> +bs->total_sectors = (uint32_t)le64_to_cpu(ph.nb_sectors);
I think an explicit bit mask on the upper 32 bits would fit better
here than a cast, especially since neither 'bs->total_sectors' nor
'ph.nb_sectors' is a uint32_t. E.g.:
bs->total_sectors = 0x & le64_to_cpu(ph.nb_sectors);
>
> s->tracks = le32_to_cpu(ph.tracks);
> if (s->tracks == 0) {
> --
> 1.9.1
>
>
Re: [Qemu-devel] [PATCH 2/4] block/parallels: replace tabs with spaces in block/parallels.c
On Tue, Jul 22, 2014 at 05:19:35PM +0400, Denis V. Lunev wrote: > Signed-off-by: Denis V. Lunev > CC: Kevin Wolf > CC: Stefan Hajnoczi > --- > block/parallels.c | 10 +- > 1 file changed, 5 insertions(+), 5 deletions(-) > > diff --git a/block/parallels.c b/block/parallels.c > index c44df87..8f9ec8a 100644 > --- a/block/parallels.c > +++ b/block/parallels.c > @@ -61,11 +61,11 @@ static int parallels_probe(const uint8_t *buf, int > buf_size, const char *filenam > const struct parallels_header *ph = (const void *)buf; > > if (buf_size < HEADER_SIZE) > - return 0; > +return 0; > > if (!memcmp(ph->magic, HEADER_MAGIC, 16) && > - (le32_to_cpu(ph->version) == HEADER_VERSION)) > - return 100; > +(le32_to_cpu(ph->version) == HEADER_VERSION)) > +return 100; > > return 0; > } > @@ -115,7 +115,7 @@ static int parallels_open(BlockDriverState *bs, QDict > *options, int flags, > } > > for (i = 0; i < s->catalog_size; i++) > - le32_to_cpus(&s->catalog_bitmap[i]); > +le32_to_cpus(&s->catalog_bitmap[i]); > > qemu_co_mutex_init(&s->lock); > return 0; > @@ -135,7 +135,7 @@ static int64_t seek_to_sector(BlockDriverState *bs, > int64_t sector_num) > > /* not allocated */ > if ((index > s->catalog_size) || (s->catalog_bitmap[index] == 0)) > - return -1; > +return -1; > return (uint64_t)(s->catalog_bitmap[index] + offset) * 512; > } > > -- > 1.9.1 > > Reviewed-by: Jeff Cody
