[PATCH v3 3/3] linux-user: Remove TARGET_SIGSTKSZ

[Song Gao]

TARGET_SIGSTKSZ is not used, we should remove it.

Signed-off-by: Song Gao 
Reviewed-by: Richard Henderson 
---
 linux-user/alpha/target_signal.h  | 1 -
 linux-user/generic/signal.h   | 1 -
 linux-user/hppa/target_signal.h   | 1 -
 linux-user/mips/target_signal.h   | 1 -
 linux-user/mips64/target_signal.h | 1 -
 linux-user/sparc/target_signal.h  | 1 -
 6 files changed, 6 deletions(-)

diff --git a/linux-user/alpha/target_signal.h b/linux-user/alpha/target_signal.h
index 0b6a39de65..bbb06e5463 100644
--- a/linux-user/alpha/target_signal.h
+++ b/linux-user/alpha/target_signal.h
@@ -62,7 +62,6 @@ typedef struct target_sigaltstack {
 #define TARGET_SA_SIGINFO   0x0040
 
 #define TARGET_MINSIGSTKSZ 4096
-#define TARGET_SIGSTKSZ16384
 
 /* From .  */
 #define TARGET_GEN_INTOVF  -1  /* integer overflow */
diff --git a/linux-user/generic/signal.h b/linux-user/generic/signal.h
index ceaf8a876c..6fd05b77bb 100644
--- a/linux-user/generic/signal.h
+++ b/linux-user/generic/signal.h
@@ -69,7 +69,6 @@ typedef struct target_sigaltstack {
 #define TARGET_SS_DISABLE 2
 
 #define TARGET_MINSIGSTKSZ 2048
-#define TARGET_SIGSTKSZ8192
 
 /* bit-flags */
 #define TARGET_SS_AUTODISARM (1U << 31) /* disable sas during sighandling */
diff --git a/linux-user/hppa/target_signal.h b/linux-user/hppa/target_signal.h
index d558119ee7..af6c2fce58 100644
--- a/linux-user/hppa/target_signal.h
+++ b/linux-user/hppa/target_signal.h
@@ -64,7 +64,6 @@ typedef struct target_sigaltstack {
 #define TARGET_SA_NOCLDWAIT 0x0080
 
 #define TARGET_MINSIGSTKSZ 2048
-#define TARGET_SIGSTKSZ8192
 
 /* bit-flags */
 #define TARGET_SS_AUTODISARM (1U << 31) /* disable sas during sighandling */
diff --git a/linux-user/mips/target_signal.h b/linux-user/mips/target_signal.h
index 780a4ddf29..fa542c1f4e 100644
--- a/linux-user/mips/target_signal.h
+++ b/linux-user/mips/target_signal.h
@@ -67,7 +67,6 @@ typedef struct target_sigaltstack {
 #define TARGET_SA_RESTORER  0x0400  /* Only for O32 */
 
 #define TARGET_MINSIGSTKSZ2048
-#define TARGET_SIGSTKSZ   8192
 
 #if defined(TARGET_ABI_MIPSO32)
 /* compare linux/arch/mips/kernel/signal.c:setup_frame() */
diff --git a/linux-user/mips64/target_signal.h 
b/linux-user/mips64/target_signal.h
index 275e9b7f9a..b05098f7f6 100644
--- a/linux-user/mips64/target_signal.h
+++ b/linux-user/mips64/target_signal.h
@@ -65,7 +65,6 @@ typedef struct target_sigaltstack {
 #define TARGET_SA_RESETHAND 0x8000
 
 #define TARGET_MINSIGSTKSZ2048
-#define TARGET_SIGSTKSZ   8192
 
 /* bit-flags */
 #define TARGET_SS_AUTODISARM (1U << 31) /* disable sas during sighandling */
diff --git a/linux-user/sparc/target_signal.h b/linux-user/sparc/target_signal.h
index e661ddd6ab..87757f0c4e 100644
--- a/linux-user/sparc/target_signal.h
+++ b/linux-user/sparc/target_signal.h
@@ -65,7 +65,6 @@ typedef struct target_sigaltstack {
 #define TARGET_ARCH_HAS_KA_RESTORER 1
 
 #define TARGET_MINSIGSTKSZ 4096
-#define TARGET_SIGSTKSZ16384
 
 #ifdef TARGET_ABI32
 #define TARGET_ARCH_HAS_SETUP_FRAME
-- 
2.27.0

RE: [RFC 02/10] vhost: add 3 commands for vhost-vdpa

[longpeng2--- via]

> -Original Message-
> From: Jason Wang [mailto:jasow...@redhat.com]
> Sent: Thursday, January 6, 2022 10:34 AM
> To: Michael S. Tsirkin 
> Cc: Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
> ; Stefan Hajnoczi ; Stefano
> Garzarella ; Cornelia Huck ; pbonzini
> ; Gonglei (Arei) ; Yechuan
> ; Huangzhichao ; qemu-devel
> 
> Subject: Re: [RFC 02/10] vhost: add 3 commands for vhost-vdpa
> 
> On Wed, Jan 5, 2022 at 8:26 PM Michael S. Tsirkin  wrote:
> >
> > On Wed, Jan 05, 2022 at 05:09:07PM +0800, Jason Wang wrote:
> > > On Wed, Jan 5, 2022 at 4:37 PM Longpeng (Mike, Cloud Infrastructure
> > > Service Product Dept.)  wrote:
> > > >
> > > >
> > > >
> > > > > -Original Message-
> > > > > From: Jason Wang [mailto:jasow...@redhat.com]
> > > > > Sent: Wednesday, January 5, 2022 3:54 PM
> > > > > To: Michael S. Tsirkin 
> > > > > Cc: Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
> > > > > ; Stefan Hajnoczi ; Stefano
> > > > > Garzarella ; Cornelia Huck ;
> pbonzini
> > > > > ; Gonglei (Arei) ; 
> > > > > Yechuan
> > > > > ; Huangzhichao ;
> qemu-devel
> > > > > 
> > > > > Subject: Re: [RFC 02/10] vhost: add 3 commands for vhost-vdpa
> > > > >
> > > > > On Wed, Jan 5, 2022 at 3:02 PM Michael S. Tsirkin  
> > > > > wrote:
> > > > > >
> > > > > > On Wed, Jan 05, 2022 at 12:35:53PM +0800, Jason Wang wrote:
> > > > > > > On Wed, Jan 5, 2022 at 8:59 AM Longpeng(Mike) 
> > > > > > > 
> wrote:
> > > > > > > >
> > > > > > > > From: Longpeng 
> > > > > > > >
> > > > > > > > To support generic vdpa deivce, we need add the following 
> > > > > > > > ioctls:
> > > > > > > > - GET_VECTORS_NUM: the count of vectors that supported
> > > > > > >
> > > > > > > Does this mean MSI vectors? If yes, it looks like a layer 
> > > > > > > violation:
> > > > > > > vhost is transport independent.
> > > > > >
> > > > > > Well *guest* needs to know how many vectors device supports.
> > > > > > I don't think there's a way around that. Do you?
> > > > >
> > > > > We have VHOST_SET_VRING/CONFIG_CALL which is per vq. I think we can
> > > > > simply assume #vqs + 1?
> > > > >
> > > > > > Otherwise guests will at best be suboptimal.
> > > > > >
> > > > > > >  And it reveals device implementation
> > > > > > > details which block (cross vendor) migration.
> > > > > > >
> > > > > > > Thanks
> > > > > >
> > > > > > Not necessarily, userspace can hide this from guest if it
> > > > > > wants to, just validate.
> > > > >
> > > > > If we can hide it at vhost/uAPI level, it would be even better?
> > > > >
> > > >
> > > > Not only MSI vectors, but also queue-size, #vqs, etc.
> > >
> > > MSI is PCI specific, we have non PCI vDPA parent e.g VDUSE/simulator/mlx5
> > >
> > > And it's something that is not guaranteed to be not changed. E.g some
> > > drivers may choose to allocate MSI during set_status() which can fail
> > > for various reasons.
> > >
> > > >
> > > > Maybe the vhost level could expose the hardware's real capabilities
> > > > and let the userspace (QEMU) do the hiding? The userspace know how
> > > > to process them.
> > >
> > > #MSI vectors is much more easier to be mediated than queue-size and #vqs.
> > >
> > > For interrupts, we've already had VHOST_SET_X_KICK, we can keep
> > > allocating eventfd based on #MSI vectors to make it work with any
> > > number of MSI vectors that the virtual device had.
> >
> > Right but if hardware does not support so many then what?
> > Just fail?
> 
> Or just trigger the callback of vqs that shares the vector.
> 

Then we should disable PI if we need to share a vector in this case?

> > Having a query API would make things somewhat cleaner imho.
> 
> I may miss something,  even if we know #vectors, we still don't know
> the associated virtqueues for a dedicated vector?
> 
> >
> > > For queue-size, it's Ok to have a new uAPI but it's not a must, Qemu
> > > can simply fail if SET_VRING_NUM fail.
> > >
> > > For #vqs, it's OK to have a new uAPI since the emulated virtio-pci
> > > device requires knowledge the #vqs in the config space. (still not a
> > > must, we can enumerate #vqs per device type)
> > >
> > > For the config size, it's OK but not a must, technically we can simply
> > > relay what guest write to vhost-vdpa. It's just because current Qemu
> > > require to have it during virtio device initialization.
> > >
> > > Thanks
> >
> >
> > I agree but these ok things make for a cleaner API I think.
> 
> Right.
> 
> Thanks
> 
> >
> > > >
> > > > > Thanks
> > > > >
> > > > > >
> > > > > >
> > > > > > > > - GET_CONFIG_SIZE: the size of the virtio config space
> > > > > > > > - GET_VQS_NUM: the count of virtqueues that exported
> > > > > > > >
> > > > > > > > Signed-off-by: Longpeng 
> > > > > > > > ---
> > > > > > > >  linux-headers/linux/vhost.h | 10 ++
> > > > > > > >  1 file changed, 10 insertions(+)
> > > > > > > >
> > > > > > > > diff --git a/linux-headers/linux/vhost.h
> b/linux-headers/linux/vhost.h
> > > > > > > > index c998860d7b..c5edd75d15 100644
> > >

Re: [PATCH v2 00/18] user creatable pnv-phb3/pnv-phb4 devices

[Cédric Le Goater]

On 1/5/22 22:23, Daniel Henrique Barboza wrote:

Hi,

This second version was rebased with upstream and includes fixed/amended
versions of relevant patches that were sent to the mailing list and aren't
upstream yet. In this process 4 patches from v1 were discarded, becoming
either irrelevant or squashed into others.

The patches are organized as follows:

- patches 1-4: enable user creatable phb3/phb4 root ports


Looking closer at models and domain files in libvirt, aren't user
creatable phb3/phb4 root ports enough ? Do we really need the
pnv-phb3/pnv-phb4 devices to be user created also ?


That said, I am no expert in libvirt,

Thanks,

C.



- patches 5-10: enable user creatable pnv-phb3 devices
- patches 11-18: enable user creatable pnv-phb4 devices

Here are some examples of what we're able to do with this series:

* powernv8 machine with -nodefaults,2 pnv-phb3s with 'pcie.N' name,
one of them with a root port and a netcard:

$ qemu-system-ppc64 -m 4G -machine powernv8,accel=tcg -smp 2,cores=2,threads=1 \
-bios skiboot.lid  -kernel vmlinux -initrd buildroot.rootfs.cpio \
-append 'console=hvc0 ro xmon=on' \
-nodefaults \
-serial mon:stdio -nographic \
-device pnv-phb3,chip-id=0,index=0,id=pcie.0 \
-device pnv-phb3,chip-id=0,index=2,id=pcie.2 \
-device pnv-phb3-root-port,bus=pcie.2,id=pcie.5 \
-netdev bridge,helper=/usr/libexec/qemu-bridge-helper,br=virbr0,id=net0 \
-device e1000e,netdev=net0,mac=C0:ff:EE:00:01:04,bus=pcie.5,addr=0x0

* powernv9 machine with -nodefaults, 3 of the available 12 pnv-phb4 devices
created, 2 root ports, one of the port with a pcie-pci-bridge and
devices connected in the bridge:

$ qemu-system-ppc64 -m 4G -machine powernv9 \
-smp 2,sockets=2,cores=1,threads=1 \
-accel tcg,thread=multi -bios skiboot.lid \
-kernel vmlinux -initrd buildroot.rootfs.cpio \
-append 'console=hvc0 ro xmon=on' \
-nodefaults \
-serial mon:stdio -nographic \
-device pnv-phb4,chip-id=0,index=0,id=pcie.0 \
-device pnv-phb4,chip-id=0,index=4,id=pcie.1 \
-device pnv-phb4,chip-id=1,index=3,id=pcie.2 \
-device pnv-phb4-root-port,id=root0,bus=pcie.2 \
-device pnv-phb4-root-port,id=root1,bus=pcie.1 \
-device pcie-pci-bridge,id=bridge1,bus=root0,addr=0x0 \
-device nvme,bus=bridge1,addr=0x1,drive=drive0,serial=1234 \
-drive file=./simics-disk.raw,if=none,id=drive0,format=raw,cache=none \
-device e1000e,netdev=net0,mac=C0:ff:EE:00:01:04,bus=bridge1,addr=0x3 \
-netdev bridge,helper=/usr/libexec/qemu-bridge-helper,br=virbr0,id=net0 \
-device nec-usb-xhci,bus=bridge1,addr=0x2


* powernv8/9 with default settings can be used as usual. The work done
in this series didn't change the name of the buses created by the
default root ports (named pcie.0...N):

$ qemu-system-ppc64 -m 4G \
-machine powernv9 -smp 2,sockets=2,cores=1,threads=1  \
-accel tcg,thread=multi -bios skiboot.lid  \
-kernel vmlinux -initrd buildroot.rootfs.cpio \
-append 'console=hvc0 ro xmon=on' \
-serial mon:stdio -nographic \
-device pcie-pci-bridge,id=bridge1,bus=pcie.0,addr=0x0 \
-device nvme,bus=bridge1,addr=0x1,drive=drive0,serial=1234  \
-drive file=./simics-disk.raw,if=none,id=drive0,format=raw,cache=none \
-device e1000e,netdev=net0,mac=C0:ff:EE:00:01:04,bus=bridge1,addr=0x3 \
-netdev bridge,helper=/usr/libexec/qemu-bridge-helper,br=virbr0,id=net0 \
-device nec-usb-xhci,bus=bridge1,addr=0x2


Changes from v1:
- rebased with upstream at 7d4ae4d497807
- added relevant patches that aren't upstream yet from "ppc/pnv:
Preliminary cleanups before user created PHBs" [1] and "ppc/pnv: Add
support for user created PHB3/PHB4 devices" [2] series
- renamed phb3/phb4 default buses name to 'pnv-phb3-root' and
'pnv-phb4-root'
- renamed pnv_pec_get_phb_id() to pnv_phb4_pec_get_phb_id()
- patch 'introduce pnv_pec_init_stack_xscom()' moved to patch 16 to
be closer with patch 17 that uses it
- v1 link: https://lists.gnu.org/archive/html/qemu-devel/2021-12/msg04427.html

[1] https://lists.gnu.org/archive/html/qemu-devel/2021-12/msg03810.html
[2] https://lists.gnu.org/archive/html/qemu-devel/2021-12/msg01548.html


Cédric Le Goater (5):
   ppc/pnv: Attach PHB3 root port device when defaults are enabled
   ppc/pnv: Introduce support for user created PHB3 devices
   ppc/pnv: Reparent user created PHB3 devices to the PnvChip
   ppc/pnv: Complete user created PHB3 devices
   ppc/pnv: Move num_phbs under Pnv8Chip

Daniel Henrique Barboza (13):
   pnv_phb3.c: add unique chassis and slot for pnv_phb3_root_port
   pnv_phb4.c: add unique chassis and slot for pnv_phb4_root_port
   pnv_phb4.c: make pnv-phb4-root-port user creatable
   pnv_phb4.c: check if root port exists in rc_config functions
   pnv_phb3.h: change TYPE_PNV_PHB3_ROOT_BUS name
   pnv_phb4.c: introduce pnv_phb4_set_stack_phb_props()
   pnv_phb4_pec.c: move pnv_pec_phb_offset() to pnv_phb4.c
   pnv_phb4_pec: use pnv_phb4_pec_get_phb_id() in pnv_pec_dt_xscom()
   pnv_phb4.h: turn phb into a pointer in struct PnvPhb4PecStack
   pnv_phb4_pec.c: use 'default_enabled()' to init stack->phb
   pnv_phb4.c: introduce p

Re: [PATCH for-7.0] hw/i386/pc: Add missing property descriptions

[Igor Mammedov]

On Mon,  6 Dec 2021 14:42:55 +0100
Thomas Huth  wrote:

> When running "qemu-system-x86_64 -M pc,help" I noticed that some
> properties were still missing their description. Add them now so
> that users get at least a slightly better idea what they are all
> about.
> 
> Signed-off-by: Thomas Huth 

Reviewed-by: Igor Mammedov 

> ---
>  hw/i386/pc.c | 8 
>  1 file changed, 8 insertions(+)
> 
> diff --git a/hw/i386/pc.c b/hw/i386/pc.c
> index a2ef40ecbc..837f2bff4e 100644
> --- a/hw/i386/pc.c
> +++ b/hw/i386/pc.c
> @@ -1734,15 +1734,23 @@ static void pc_machine_class_init(ObjectClass *oc, 
> void *data)
>  
>  object_class_property_add_bool(oc, PC_MACHINE_SMBUS,
>  pc_machine_get_smbus, pc_machine_set_smbus);
> +object_class_property_set_description(oc, PC_MACHINE_SMBUS,
> +"Enable/disable system management bus");
>  
>  object_class_property_add_bool(oc, PC_MACHINE_SATA,
>  pc_machine_get_sata, pc_machine_set_sata);
> +object_class_property_set_description(oc, PC_MACHINE_SATA,
> +"Enable/disable Serial ATA bus");
>  
>  object_class_property_add_bool(oc, PC_MACHINE_PIT,
>  pc_machine_get_pit, pc_machine_set_pit);
> +object_class_property_set_description(oc, PC_MACHINE_PIT,
> +"Enable/disable Intel 8254 programmable interval timer emulation");
>  
>  object_class_property_add_bool(oc, "hpet",
>  pc_machine_get_hpet, pc_machine_set_hpet);
> +object_class_property_set_description(oc, "hpet",
> +"Enable/disable high precision event timer emulation");
>  
>  object_class_property_add_bool(oc, "default-bus-bypass-iommu",
>  pc_machine_get_default_bus_bypass_iommu,

[PATCH 0/1] Patch to adjust coroutine pool size adaptively

[Hiroki Narukawa]

We encountered random disk IO performance drop since qemu-5.0.0, and this patch 
fixes it.

Commit message in c740ad92 implied to adjust coroutine pool size adaptively, so 
I tried to implement this.

Could you review this patch?

Hiroki Narukawa (1):
  util: adjust coroutine pool size to virtio block queue

 hw/block/virtio-blk.c|  3 +++
 include/qemu/coroutine.h |  5 +
 util/qemu-coroutine.c| 15 +++
 3 files changed, 19 insertions(+), 4 deletions(-)

-- 
2.17.1

[PATCH 1/1] util: adjust coroutine pool size to virtio block queue

[Hiroki Narukawa]

Coroutine pool size was 64 from long ago, and the basis was organized in the 
commit message in c740ad92.

At that time, virtio-blk queue-size and num-queue were not configuable, and 
equivalent values were 128 and 1.

Coroutine pool size 64 was fine then.

Later queue-size and num-queue got configuable, and default values were 
increased.

Coroutine pool with size 64 exhausts frequently with random disk IO in new 
size, and slows down.

This commit adjusts coroutine pool size adaptively with new values.

This commit adds 64 by default, but now coroutine is not only for block devices,

and is not too much burdon comparing with new default.

pool size of 128 * vCPUs.

Signed-off-by: Hiroki Narukawa 
---
 hw/block/virtio-blk.c|  3 +++
 include/qemu/coroutine.h |  5 +
 util/qemu-coroutine.c| 15 +++
 3 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index f139cd7cc9..726dbe14de 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -32,6 +32,7 @@
 #include "hw/virtio/virtio-bus.h"
 #include "migration/qemu-file-types.h"
 #include "hw/virtio/virtio-access.h"
+#include "qemu/coroutine.h"
 
 /* Config size before the discard support (hide associated config fields) */
 #define VIRTIO_BLK_CFG_SIZE offsetof(struct virtio_blk_config, \
@@ -1222,6 +1223,8 @@ static void virtio_blk_device_realize(DeviceState *dev, 
Error **errp)
 for (i = 0; i < conf->num_queues; i++) {
 virtio_add_queue(vdev, conf->queue_size, virtio_blk_handle_output);
 }
+qemu_coroutine_increase_pool_batch_size(conf->num_queues * conf->queue_size
+/ 2);
 virtio_blk_data_plane_create(vdev, conf, &s->dataplane, &err);
 if (err != NULL) {
 error_propagate(errp, err);
diff --git a/include/qemu/coroutine.h b/include/qemu/coroutine.h
index 4829ff373d..e52ed76ab2 100644
--- a/include/qemu/coroutine.h
+++ b/include/qemu/coroutine.h
@@ -331,6 +331,11 @@ void qemu_co_sleep_wake(QemuCoSleep *w);
  */
 void coroutine_fn yield_until_fd_readable(int fd);
 
+/**
+ * Increase coroutine pool size
+ */
+void qemu_coroutine_increase_pool_batch_size(unsigned int 
additional_pool_size);
+
 #include "qemu/lockable.h"
 
 #endif /* QEMU_COROUTINE_H */
diff --git a/util/qemu-coroutine.c b/util/qemu-coroutine.c
index 38fb6d3084..080a1e0126 100644
--- a/util/qemu-coroutine.c
+++ b/util/qemu-coroutine.c
@@ -20,12 +20,14 @@
 #include "qemu/coroutine_int.h"
 #include "block/aio.h"
 
+/** Initial batch size is 64, and is increased on demand */
 enum {
-POOL_BATCH_SIZE = 64,
+POOL_INITIAL_BATCH_SIZE = 64,
 };
 
 /** Free list to speed up creation */
 static QSLIST_HEAD(, Coroutine) release_pool = QSLIST_HEAD_INITIALIZER(pool);
+static unsigned int pool_batch_size = POOL_INITIAL_BATCH_SIZE;
 static unsigned int release_pool_size;
 static __thread QSLIST_HEAD(, Coroutine) alloc_pool = 
QSLIST_HEAD_INITIALIZER(pool);
 static __thread unsigned int alloc_pool_size;
@@ -49,7 +51,7 @@ Coroutine *qemu_coroutine_create(CoroutineEntry *entry, void 
*opaque)
 if (CONFIG_COROUTINE_POOL) {
 co = QSLIST_FIRST(&alloc_pool);
 if (!co) {
-if (release_pool_size > POOL_BATCH_SIZE) {
+if (release_pool_size > pool_batch_size) {
 /* Slow path; a good place to register the destructor, too.  */
 if (!coroutine_pool_cleanup_notifier.notify) {
 coroutine_pool_cleanup_notifier.notify = 
coroutine_pool_cleanup;
@@ -86,12 +88,12 @@ static void coroutine_delete(Coroutine *co)
 co->caller = NULL;
 
 if (CONFIG_COROUTINE_POOL) {
-if (release_pool_size < POOL_BATCH_SIZE * 2) {
+if (release_pool_size < pool_batch_size * 2) {
 QSLIST_INSERT_HEAD_ATOMIC(&release_pool, co, pool_next);
 qatomic_inc(&release_pool_size);
 return;
 }
-if (alloc_pool_size < POOL_BATCH_SIZE) {
+if (alloc_pool_size < pool_batch_size) {
 QSLIST_INSERT_HEAD(&alloc_pool, co, pool_next);
 alloc_pool_size++;
 return;
@@ -202,3 +204,8 @@ AioContext *coroutine_fn 
qemu_coroutine_get_aio_context(Coroutine *co)
 {
 return co->ctx;
 }
+
+void qemu_coroutine_increase_pool_batch_size(unsigned int additional_pool_size)
+{
+qatomic_add(&pool_batch_size, additional_pool_size);
+}
-- 
2.17.1

Re: [PATCH v7 00/18] Adding partial support for 128-bit riscv target

[Alistair Francis]

On Tue, Dec 14, 2021 at 2:39 AM Frédéric Pétrot
 wrote:
>
> This series of patches provides partial 128-bit support for the riscv
> target architecture, namely RVI and RVM, with minimal csr support.
>
> Thanks again for the reviews and advices.

I think this is all reviewed now. I was getting an error when trying
to apply it though, do you mind rebasing on
https://github.com/alistair23/qemu/tree/riscv-to-apply.next ?

Alistair

>
> v7:
> - code motion following reviews
> - correction of a bug preventing riscv{32,64}-linux-user to compile
> - sync with master
> - Note that 'make check' fails for 5 qemu-iotests cases, namely
>   040, 041, 127, 256, and 267, but they also fail with
>   qemu-system-riscv{32,64} from current master
>
> v6:
> - support for '-cpu rv128' in qemu-system-riscv64 to handle 128-bit
>   executables (no more qemu-system-riscv128)
> - remove useless (and buggy) big-endian support in lq/sq
>
> v5:
> - split the memop define renaming and addition in two patches
> - 128-bit div/rem operations using host-utils functions
> - removed useless rv128 tests at various places
> - refactoring the slt/bxx part so as to share the comparison part
> - refactoring the 128-bit csr handling to share code more largely
>   Also forwarding writes to the 64-bit version when not 128-bit version
>   exists, as a vast majority of the csrs does not use the upper 64-bits
>
> v4:
> - safer and cleaner access to the gpr upper part
> - locals for load/store/div/rem helpers
> - cleans out the 128-bit div/rem code
> - corrects numerous bugs and performs optimizations on shifts and mults
> - withdraws the change in page size and the vm schemes we introduced
>
> v3:
> - v2 refactored following Richard's xl patch changes
>
> v2:
> - load and store making use of new memop.h sizes
> - use of the existing Int128 computations in helpers, and addition of
>   a few more operations there, in particular division and remainder
> - refactoring of the calls to the code generation helpers
> - split of the patch in smaller pieces
>
> v1:
> - introducing support for rv128 for basic integer and M extension insns
>
> Frédéric Pétrot (18):
>   exec/memop: Adding signedness to quad definitions
>   exec/memop: Adding signed quad and octo defines
>   qemu/int128: addition of div/rem 128-bit operations
>   target/riscv: additional macros to check instruction support
>   target/riscv: separation of bitwise logic and arithmetic helpers
>   target/riscv: array for the 64 upper bits of 128-bit registers
>   target/riscv: setup everything for rv64 to support rv128 execution
>   target/riscv: moving some insns close to similar insns
>   target/riscv: accessors to registers upper part and 128-bit load/store
>   target/riscv: support for 128-bit bitwise instructions
>   target/riscv: support for 128-bit U-type instructions
>   target/riscv: support for 128-bit shift instructions
>   target/riscv: support for 128-bit arithmetic instructions
>   target/riscv: support for 128-bit M extension
>   target/riscv: adding high part of some csrs
>   target/riscv: helper functions to wrap calls to 128-bit csr insns
>   target/riscv: modification of the trans_csrxx for 128-bit support
>   target/riscv: actual functions to realize crs 128-bit insns
>
>  include/disas/dis-asm.h|   1 +
>  include/exec/memop.h   |  15 +-
>  include/qemu/int128.h  |  27 +
>  include/tcg/tcg-op.h   |   4 +-
>  target/arm/translate-a32.h |   4 +-
>  target/riscv/cpu.h |  22 +
>  target/riscv/cpu_bits.h|   3 +
>  target/riscv/helper.h  |   9 +
>  target/riscv/insn16.decode |  27 +-
>  target/riscv/insn32.decode |  25 +
>  accel/tcg/cputlb.c |  30 +-
>  accel/tcg/user-exec.c  |   8 +-
>  disas/riscv.c  |   5 +
>  target/alpha/translate.c   |  32 +-
>  target/arm/helper-a64.c|   8 +-
>  target/arm/translate-a64.c |   8 +-
>  target/arm/translate-neon.c|   6 +-
>  target/arm/translate-sve.c |  10 +-
>  target/arm/translate-vfp.c |   8 +-
>  target/arm/translate.c |   2 +-
>  target/cris/translate.c|   2 +-
>  target/hppa/translate.c|   4 +-
>  target/i386/tcg/mem_helper.c   |   2 +-
>  target/i386/tcg/translate.c|  36 +-
>  target/m68k/op_helper.c|   2 +-
>  target/mips/tcg/translate.c|  58 +-
>  target/mips/tcg/tx79_translate.c   |   8 +-
>  target/ppc/translate.c |  32 +-
>  target/riscv/cpu.c |  29 +
>  target/riscv/csr.c | 194 +-
>  target/riscv/gdbstub.c |   5 +
>  target/riscv/m128_helper.c |

Re: [PATCH v5 2/3] acpi: tpm: Add missing device identification objects

[Igor Mammedov]

On Tue,  4 Jan 2022 12:58:05 -0500
Stefan Berger  wrote:

> Add missing TPM device identification objects _STR and _UID. They will
> appear as files 'description' and 'uid' under Linux sysfs.
> 
> Following inspection of sysfs entries for hardware TPMs we chose
> uid '1'.

My guess would be that buy default (in case of missing UID), OSPM
will start enumerate from 0. So I think 0 is more safer choice
when it comes to compatibility.

Can you smoke test TPM with Windows, and check if adding UID doesn't
break anything if VM actually uses TMP (though I'm not sure how to
check it on Windows, maybe install Windows 11 without this patch
and then see if it still boots pre-installed VM and nothing is broken
after this patch)?


> Cc: Shannon Zhao 
> Cc: Michael S. Tsirkin 
> Cc: Igor Mammedov 
> Cc: Ani Sinha 
> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/708
> Signed-off-by: Stefan Berger 
> Reviewed-by: Ani Sinha 
> Reviewed-by: Shannon Zhao 
> Message-id: 20211223022310.575496-3-stef...@linux.ibm.com
> ---
>  hw/arm/virt-acpi-build.c | 1 +
>  hw/i386/acpi-build.c | 7 +++
>  2 files changed, 8 insertions(+)
> 
> diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
> index d0f4867fdf..f2514ce77c 100644
> --- a/hw/arm/virt-acpi-build.c
> +++ b/hw/arm/virt-acpi-build.c
> @@ -229,6 +229,7 @@ static void acpi_dsdt_add_tpm(Aml *scope, 
> VirtMachineState *vms)
>  
>  Aml *dev = aml_device("TPM0");
>  aml_append(dev, aml_name_decl("_HID", aml_string("MSFT0101")));
> +aml_append(dev, aml_name_decl("_STR", aml_string("TPM 2.0 Device")));
>  aml_append(dev, aml_name_decl("_UID", aml_int(0)));
>  
>  Aml *crs = aml_resource_template();
> diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
> index 8383b83ee3..05740b7f15 100644
> --- a/hw/i386/acpi-build.c
> +++ b/hw/i386/acpi-build.c
> @@ -1812,11 +1812,15 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
>  dev = aml_device("TPM");
>  aml_append(dev, aml_name_decl("_HID",
>aml_string("MSFT0101")));
> +aml_append(dev,
> +   aml_name_decl("_STR",
> + aml_string("TPM 2.0 Device")));
>  } else {
>  dev = aml_device("ISA.TPM");
>  aml_append(dev, aml_name_decl("_HID",
>aml_eisaid("PNP0C31")));
>  }
> +aml_append(dev, aml_name_decl("_UID", aml_int(1)));
>  
>  aml_append(dev, aml_name_decl("_STA", aml_int(0xF)));
>  crs = aml_resource_template();
> @@ -1844,12 +1848,15 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
>  if (TPM_IS_CRB(tpm)) {
>  dev = aml_device("TPM");
>  aml_append(dev, aml_name_decl("_HID", aml_string("MSFT0101")));
> +aml_append(dev, aml_name_decl("_STR",
> +  aml_string("TPM 2.0 Device")));
>  crs = aml_resource_template();
>  aml_append(crs, aml_memory32_fixed(TPM_CRB_ADDR_BASE,
> TPM_CRB_ADDR_SIZE, 
> AML_READ_WRITE));
>  aml_append(dev, aml_name_decl("_CRS", crs));
>  
>  aml_append(dev, aml_name_decl("_STA", aml_int(0xf)));
> +aml_append(dev, aml_name_decl("_UID", aml_int(1)));
>  
>  tpm_build_ppi_acpi(tpm, dev);
>  

[PATCH v2 0/2] Introduce camera subsystem

[zhenwei pi]

v1 -> v2:
  [missing CC qemu-devel@nongnu.org, resend]
  Separate v1 patch set into 2 parts:
Introduce camera subsystem (this one).
USB desc fix and UVC.
  Add maintainer infomation.

v1:
1, The full picture of this patch set:
   +-+   ++ +---+
   |UVC(done)|   |virtio(TODO)| |other HW device|
   +-+   ++ +---+
 | | |
 |++ |
 ++camera(done)+-+
  ++---+
   |
 +-+-+
 | | |
  +--+--+ ++-++--+--+
  |builtin(done)| |v4l2(done)||other drivers|
  +-+ +--++-+

With this patch set, We can run a desktop VM (Ex Ubuntu-2004), several camera
APPs(cheese, kamoso, guvcview and qcam) work fine.

Some works still in working:
  1, hot-plug
  2, compat with live migration
  3, several actions defined in UVC SPEC

Zhenwei Pi (2):
  camera: Introduce camera subsystem and builtin driver
  camera: v4l2: Introduce v4l2 camera driver

 MAINTAINERS |   7 +
 camera/builtin.c| 717 
 camera/camera-int.h |  19 ++
 camera/camera.c | 522 +
 camera/meson.build  |  20 ++
 camera/trace-events |  28 ++
 camera/trace.h  |   1 +
 camera/v4l2.c   | 637 +++
 include/camera/camera.h | 238 +
 meson.build |  20 +-
 meson_options.txt   |   3 +
 qapi/camera.json| 101 ++
 qapi/meson.build|   1 +
 qapi/qapi-schema.json   |   1 +
 qemu-options.hx |  13 +
 softmmu/vl.c|   4 +
 16 files changed, 2331 insertions(+), 1 deletion(-)
 create mode 100644 camera/builtin.c
 create mode 100644 camera/camera-int.h
 create mode 100644 camera/camera.c
 create mode 100644 camera/meson.build
 create mode 100644 camera/trace-events
 create mode 100644 camera/trace.h
 create mode 100644 camera/v4l2.c
 create mode 100644 include/camera/camera.h
 create mode 100644 qapi/camera.json

-- 
2.25.1

[PATCH v2 1/2] camera: Introduce camera subsystem and builtin driver

[zhenwei pi]

Web camera is an important port of a desktop instance, QEMU supports
USB passthrough and USB redirect to support for general cases.
Several problems we have hit:
  1, the heavy bandwidth of network. a 1080*720@30FPS(MJPEG) uses
 ~5MB/s.
  2, Issues of USB passthrough, Ex USB reset from guest side triggers
 wrong state of host side.
  3, extention features, Ex to limit FPS/width&height of a camera
 device by hypervisor.
  ...

So introduce camera subsystem to QEMU, abstruct basic API to operate
a camera device. Also introduce a builtin driver which draws pure
color, rainbow and digital rain background, and shows information for
guest side to debug by libcairo.

To add a cameradev for a VM:
 ~# qemu-system-x86_64 ... -cameradev builtin,bgcolor=digital-rain,id=camera0

The camera would work with hardware camera emulation, Ex USB video(
implemented in following patch) together.

The full picture of QEMU camera subsystem works like this:

   +--+   ++ +---+
   |UVC(ready)|   |virtio(TODO)| |other HW device|
   +--+   ++ +---+
 | | |
 |++ |
 ++ Camera +-+
  ++---+
   |
 +-+-+
 | | |
 +---+---+   +-+-++-+
 |builtin|   |v4l2(ready)||other drivers|
 +---+   +---++-+

Signed-off-by: zhenwei pi 
---
 MAINTAINERS |   7 +
 camera/builtin.c| 717 
 camera/camera-int.h |  19 ++
 camera/camera.c | 522 +
 camera/meson.build  |  16 +
 camera/trace-events |  24 ++
 camera/trace.h  |   1 +
 include/camera/camera.h | 238 +
 meson.build |  20 +-
 meson_options.txt   |   3 +
 qapi/camera.json|  84 +
 qapi/meson.build|   1 +
 qapi/qapi-schema.json   |   1 +
 qemu-options.hx |  10 +
 softmmu/vl.c|   4 +
 15 files changed, 1666 insertions(+), 1 deletion(-)
 create mode 100644 camera/builtin.c
 create mode 100644 camera/camera-int.h
 create mode 100644 camera/camera.c
 create mode 100644 camera/meson.build
 create mode 100644 camera/trace-events
 create mode 100644 camera/trace.h
 create mode 100644 include/camera/camera.h
 create mode 100644 qapi/camera.json

diff --git a/MAINTAINERS b/MAINTAINERS
index 5456536805..d9e6c32567 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -3077,6 +3077,13 @@ F: hw/core/clock-vmstate.c
 F: hw/core/qdev-clock.c
 F: docs/devel/clocks.rst
 
+Camera Subsystem
+M: zhenwei pi 
+S: Maintained
+F: include/camera
+F: camera
+F: qapi/camera.json
+
 Usermode Emulation
 --
 Overall usermode emulation
diff --git a/camera/builtin.c b/camera/builtin.c
new file mode 100644
index 00..18ae073160
--- /dev/null
+++ b/camera/builtin.c
@@ -0,0 +1,717 @@
+/*
+ * Builtin camera backend implemention
+ *
+ * Copyright 2021-2022 Bytedance, Inc.
+ *
+ * Authors:
+ *   zhenwei pi 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#include "qemu/osdep.h"
+#include "qemu/module.h"
+#include "qemu/log.h"
+#include "qemu/main-loop.h"
+#include "qom/object.h"
+#include "qapi/error.h"
+#include "qapi/visitor.h"
+#include "qapi/qapi-visit-camera.h"
+#include "camera/camera.h"
+#include "camera-int.h"
+#include "trace.h"
+
+#ifdef CONFIG_VNC_JPEG /* TODO shoud it rename to CONFIG_LIB_JPEG? */
+#include 
+#endif
+
+#include 
+
+#define TYPE_CAMERA_BUILTIN TYPE_CAMERADEV"-builtin"
+
+#define CAMERA_BUILTIN_DEF_WIDTH 640
+#define CAMERA_BUILTIN_MAX_WIDTH 3840
+#define CAMERA_BUILTIN_MIN_WIDTH 160
+#define CAMERA_BUILTIN_DEF_HEIGHT 480
+#define CAMERA_BUILTIN_MAX_HEIGHT 2880
+#define CAMERA_BUILTIN_MIN_HEIGHT 120
+#define CAMERA_BUILTIN_DEF_FPS 10
+#define CAMERA_BUILTIN_MAX_FPS 60
+#define CAMERA_BUILTIN_MIN_FPS 1
+
+/* mjpeg, yuv, rgb565 */
+#define CAMERA_BUILTIN_MAX_PIXFMT 3
+
+enum AttributeIndex {
+ATTRIBUTE_DEF,
+ATTRIBUTE_MIN,
+ATTRIBUTE_MAX,
+ATTRIBUTE_CUR,
+ATTRIBUTE_STEP,
+
+ATTRIBUTE_ALL
+};
+
+typedef struct CameraBuiltin {
+QEMUCamera parent;
+
+/* opts */
+uint16_t width;
+uint16_t height;
+uint16_t fps;
+bool debug;
+bool mjpeg;
+bool yuv;
+bool rgb565;
+ColorType bgcolor;
+
+/* state */
+QEMUTimer *frame_timer;
+cairo_surface_t *surface;
+cairo_t *cr;
+size_t image_size;
+uint8_t *image;
+uint8_t pixbytes;
+uint8_t npixfmts;
+uint32_t pixfmts[CAMERA_BUILTIN_MAX_PIXFMT];
+uint32_t pixfmt; /* current in use */
+void *opaque; /* used by driver itself */
+
+/* debug infomations */
+

[PATCH v2 2/2] camera: v4l2: Introduce v4l2 camera driver

[zhenwei pi]

On a Linux platform, user process could accesses /dev/videoX to
capture video frames.

We can run QEMU like this:
   qemu-system-x86_64 ... -cameradev v4l2,path=/dev/video0,id=camera0

To test a /dev/videoX device support video capture, install v4l-utils
package and run command:
 ~# v4l2-ctl --info -d /dev/video0
 ...
Device Caps  : 0x0421
Video Capture
 ...

The basic logic of v4l2 driver:
   stream on -> qbuf -> dqbuf(drive by POLLIN event) -> qbuf -> dqbuf
 ... -> stream off

Signed-off-by: zhenwei pi 
---
 camera/meson.build  |   4 +
 camera/trace-events |   4 +
 camera/v4l2.c   | 637 
 qapi/camera.json|  21 +-
 qemu-options.hx |   3 +
 5 files changed, 667 insertions(+), 2 deletions(-)
 create mode 100644 camera/v4l2.c

diff --git a/camera/meson.build b/camera/meson.build
index d50ee5ebf7..6e7aeb5ebd 100644
--- a/camera/meson.build
+++ b/camera/meson.build
@@ -2,6 +2,10 @@ camera_ss.add([files(
   'camera.c',
 )])
 
+camera_ss.add(when: 'CONFIG_LINUX', if_true: files(
+  'v4l2.c',
+))
+
 camera_modules = {}
 foreach m : [
   ['builtin', cairo, files('builtin.c')],
diff --git a/camera/trace-events b/camera/trace-events
index 2f4d93e924..4527303d58 100644
--- a/camera/trace-events
+++ b/camera/trace-events
@@ -22,3 +22,7 @@ qemu_camera_enum_control_ret(const char *dev, int ret) "%s: 
ret %d"
 
 # builtin.c
 camera_builtin_timer(const char *dev) "%s: new image"
+
+# v4l2.c
+camera_v4l2_qbuf(const char *dev, uint32_t index) "%s: qbuf index %u"
+camera_v4l2_dqbuf(const char *dev, uint32_t index) "%s: qbuf index %u"
diff --git a/camera/v4l2.c b/camera/v4l2.c
new file mode 100644
index 00..075ddafc16
--- /dev/null
+++ b/camera/v4l2.c
@@ -0,0 +1,637 @@
+/*
+ * V4L2 camera backend implemention
+ *
+ * Copyright 2021-2022 Bytedance, Inc.
+ *
+ * Authors:
+ *   zhenwei pi 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#include "qemu/osdep.h"
+#include "qemu/module.h"
+#include "qemu/log.h"
+#include "qemu/main-loop.h"
+#include "qom/object.h"
+#include "qapi/error.h"
+#include "qapi/visitor.h"
+#include "qapi/qapi-visit-camera.h"
+#include "camera/camera.h"
+#include "camera-int.h"
+#include "trace.h"
+#include 
+#include 
+
+#define TYPE_CAMERA_V4L2 TYPE_CAMERADEV"-v4l2"
+
+#define CAMERA_V4L2_BUFFER_MAX 16
+#define CAMERA_V4L2_BUFFER_DEF 2
+
+typedef struct CameraV4l2Buffer {
+unsigned char *addr;
+uint32_t length;
+} CameraV4l2Buffer;
+
+typedef struct CameraV4l2 {
+QEMUCamera parent;
+
+int devfd;
+size_t sizeimage;
+uint8_t nbuffers;
+CameraV4l2Buffer buffers[CAMERA_V4L2_BUFFER_MAX];
+} CameraV4l2;
+
+DECLARE_INSTANCE_CHECKER(CameraV4l2, CAMERA_V4L2_DEV, TYPE_CAMERA_V4L2)
+
+typedef struct CameraV4l2Ctrl {
+QEMUCameraControlType q;
+uint32_t v;
+} CameraV4l2Ctrl;
+
+static CameraV4l2Ctrl camera_v4l2_ctrl_table[] = {
+{ .q = QEMUCameraBrightness,
+  .v = V4L2_CID_BRIGHTNESS },
+{ .q = QEMUCameraContrast,
+  .v = V4L2_CID_CONTRAST },
+{ .q = QEMUCameraGain,
+  .v = V4L2_CID_GAIN },
+{ .q = QEMUCameraGamma,
+  .v = V4L2_CID_GAMMA },
+{ .q = QEMUCameraHue,
+  .v = V4L2_CID_HUE },
+{ .q = QEMUCameraHueAuto,
+  .v = V4L2_CID_HUE_AUTO },
+{ .q = QEMUCameraSaturation,
+  .v = V4L2_CID_SATURATION },
+{ .q = QEMUCameraSharpness,
+  .v = V4L2_CID_SHARPNESS },
+{ .q = QEMUCameraWhiteBalanceTemperature,
+  .v = V4L2_CID_WHITE_BALANCE_TEMPERATURE },
+};
+
+static QEMUCameraControlType camera_v4l2_control_to_qemu(uint32_t id)
+{
+CameraV4l2Ctrl *ctrl;
+int i;
+
+for (i = 0; i < ARRAY_SIZE(camera_v4l2_ctrl_table); i++) {
+ctrl = &camera_v4l2_ctrl_table[i];
+if (ctrl->v == id) {
+return ctrl->q;
+}
+}
+
+return QEMUCameraControlMax;
+}
+
+static uint32_t camera_qemu_control_to_v4l2(QEMUCameraControlType type)
+{
+CameraV4l2Ctrl *ctrl;
+int i;
+
+for (i = 0; i < ARRAY_SIZE(camera_v4l2_ctrl_table); i++) {
+ctrl = &camera_v4l2_ctrl_table[i];
+if (ctrl->q == type) {
+return ctrl->v;
+}
+}
+
+return 0;
+}
+
+static int camera_v4l2_enum_pixel_format(QEMUCamera *camera, uint32_t *pixfmts,
+ int npixfmt, Error **errp)
+{
+CameraV4l2 *v4l2 = CAMERA_V4L2_DEV(camera);
+CameraV4l2Options *v4l2opts = &camera->dev->u.v4l2;
+struct v4l2_fmtdesc v4l2_fmt;
+int index, total = 0;
+
+for (index = 0; total < npixfmt; index++) {
+v4l2_fmt.index = index;
+v4l2_fmt.type = V4L2_CAP_VIDEO_CAPTURE;
+if (ioctl(v4l2->devfd, VIDIOC_ENUM_FMT, &v4l2_fmt) < 0) {
+if (errno == EINVAL) {
+break; /* the last one */
+}
+
+error_setg(errp, "%s: enum fmt on device %s failed, %s",
+   TYPE_CAMERA_V4L2, v4l2opt

Re: [PATCH V7 19/29] vfio-pci: cpr part 1 (fd and dma)

[Michael S. Tsirkin]

On Wed, Jan 05, 2022 at 06:24:25PM -0500, Steven Sistare wrote:
> On 1/5/2022 6:09 PM, Michael S. Tsirkin wrote:
> > On Wed, Jan 05, 2022 at 04:40:43PM -0500, Steven Sistare wrote:
> >> On 1/5/2022 4:14 PM, Michael S. Tsirkin wrote:
> >>> On Wed, Jan 05, 2022 at 12:24:21PM -0500, Steven Sistare wrote:
>  On 12/22/2021 6:15 PM, Michael S. Tsirkin wrote:
> > On Wed, Dec 22, 2021 at 11:05:24AM -0800, Steve Sistare wrote:
> >> Enable vfio-pci devices to be saved and restored across an exec restart
> >> of qemu.
> >>
> >> At vfio creation time, save the value of vfio container, group, and 
> >> device
> >> descriptors in cpr state.
> >>
> >> In cpr-save and cpr-exec, suspend the use of virtual addresses in DMA
> >> mappings with VFIO_DMA_UNMAP_FLAG_VADDR, because guest ram will be 
> >> remapped
> >> at a different VA after exec.  DMA to already-mapped pages continues.  
> >> Save
> >> the msi message area as part of vfio-pci vmstate, save the interrupt 
> >> and
> >> notifier eventfd's in cpr state, and clear the close-on-exec flag for 
> >> the
> >> vfio descriptors.  The flag is not cleared earlier because the 
> >> descriptors
> >> should not persist across miscellaneous fork and exec calls that may be
> >> performed during normal operation.
> >>
> >> On qemu restart, vfio_realize() finds the saved descriptors, uses
> >> the descriptors, and notes that the device is being reused.  Device and
> >> iommu state is already configured, so operations in vfio_realize that
> >> would modify the configuration are skipped for a reused device, 
> >> including
> >> vfio ioctl's and writes to PCI configuration space.  The result is that
> >> vfio_realize constructs qemu data structures that reflect the current
> >> state of the device.  However, the reconstruction is not complete until
> >> cpr-load is called. cpr-load loads the msi data and finds eventfds in 
> >> cpr
> >> state.  It rebuilds vector data structures and attaches the interrupts 
> >> to
> >> the new KVM instance.  cpr-load then invokes the main vfio listener 
> >> callback,
> >> which walks the flattened ranges of the vfio_address_spaces and calls
> >> VFIO_DMA_MAP_FLAG_VADDR to inform the kernel of the new VA's.  Lastly, 
> >> it
> >> starts the VM and suppresses vfio pci device reset.
> >>
> >> This functionality is delivered by 3 patches for clarity.  Part 1 
> >> handles
> >> device file descriptors and DMA.  Part 2 adds eventfd and MSI/MSI-X 
> >> vector
> >> support.  Part 3 adds INTX support.
> >>
> >> Signed-off-by: Steve Sistare 
> >> ---
> >>  MAINTAINERS   |   1 +
> >>  hw/pci/pci.c  |  10 
> >>  hw/vfio/common.c  | 115 
> >> ++
> >>  hw/vfio/cpr.c |  94 ++
> >>  hw/vfio/meson.build   |   1 +
> >>  hw/vfio/pci.c |  77 
> >>  hw/vfio/trace-events  |   1 +
> >>  include/hw/pci/pci.h  |   1 +
> >>  include/hw/vfio/vfio-common.h |   8 +++
> >>  include/migration/cpr.h   |   3 ++
> >>  migration/cpr.c   |  10 +++-
> >>  migration/target.c|  14 +
> >>  12 files changed, 324 insertions(+), 11 deletions(-)
> >>  create mode 100644 hw/vfio/cpr.c
> >>
> >> diff --git a/MAINTAINERS b/MAINTAINERS
> >> index cfe7480..feed239 100644
> >> --- a/MAINTAINERS
> >> +++ b/MAINTAINERS
> >> @@ -2992,6 +2992,7 @@ CPR
> >>  M: Steve Sistare 
> >>  M: Mark Kanda 
> >>  S: Maintained
> >> +F: hw/vfio/cpr.c
> >>  F: include/migration/cpr.h
> >>  F: migration/cpr.c
> >>  F: qapi/cpr.json
> >> diff --git a/hw/pci/pci.c b/hw/pci/pci.c
> >> index 0fd21e1..e35df4f 100644
> >> --- a/hw/pci/pci.c
> >> +++ b/hw/pci/pci.c
> >> @@ -307,6 +307,16 @@ static void pci_do_device_reset(PCIDevice *dev)
> >>  {
> >>  int r;
> >>  
> >> +/*
> >> + * A reused vfio-pci device is already configured, so do not 
> >> reset it
> >> + * during qemu_system_reset prior to cpr-load, else interrupts 
> >> may be
> >> + * lost.  By contrast, pure-virtual pci devices may be reset here 
> >> and
> >> + * updated with new state in cpr-load with no ill effects.
> >> + */
> >> +if (dev->reused) {
> >> +return;
> >> +}
> >> +
> >>  pci_device_deassert_intx(dev);
> >>  assert(dev->irq_state == 0);
> >>  
> >
> >
> > Hmm that's a weird thing to do. I suspect this works because
> > "reused" means something like "in the process of being restored"?
> > Because clearly, we do not want to skip this part e.g. wh

Re: [PATCH v2] hw/arm/virt: KVM: Enable PAuth when supported by the host

[Marc Zyngier]

Hi Richard,

On Wed, 05 Jan 2022 21:36:55 +,
Richard Henderson  wrote:
> 
> On 1/3/22 10:05 AM, Marc Zyngier wrote:
> > -/*
> > - * KVM does not support modifications to this feature.
> > - * We have not registered the cpu properties when KVM
> > - * is in use, so the user will not be able to set them.
> > - */
> > -if (!kvm_enabled()) {
> > -arm_cpu_pauth_finalize(cpu, &local_err);
> > -if (local_err != NULL) {
> > +   arm_cpu_pauth_finalize(cpu, &local_err);
> > +   if (local_err != NULL) {
> >   error_propagate(errp, local_err);
> >   return;
> > -}
> > -}
> > +   }
> 
> Looks like the indentation is off?

Most probably. I only just discovered how to use the QEMU style for
Emacs, and was indenting things by hand before that (yes, pretty
painful and likely to lead to issues (there is a TAB instead of a set
of spaces there...).

> 
> > +static bool kvm_arm_pauth_supported(void)
> > +{
> > +return (kvm_check_extension(kvm_state, KVM_CAP_ARM_PTRAUTH_ADDRESS) &&
> > +kvm_check_extension(kvm_state, KVM_CAP_ARM_PTRAUTH_GENERIC));
> > +}
> 
> Do we really need to have them both set to play the game?  Given that
> the only thing that happens is that we disable whatever host support
> exists, can we have "pauth enabled" mean whatever subset the host has?

The host will always expose either both features or none, and that's
part of the ABI. From the bit of kernel documentation located in
Documentation/virt/kvm/api.rst:


4.82 KVM_ARM_VCPU_INIT
--
[...]
- KVM_ARM_VCPU_PTRAUTH_ADDRESS: Enables Address Pointer authentication
  for arm64 only.
  Depends on KVM_CAP_ARM_PTRAUTH_ADDRESS.
  If KVM_CAP_ARM_PTRAUTH_ADDRESS and KVM_CAP_ARM_PTRAUTH_GENERIC are
  both present, then both KVM_ARM_VCPU_PTRAUTH_ADDRESS and
  KVM_ARM_VCPU_PTRAUTH_GENERIC must be requested or neither must be
  requested.

- KVM_ARM_VCPU_PTRAUTH_GENERIC: Enables Generic Pointer authentication
  for arm64 only.
  Depends on KVM_CAP_ARM_PTRAUTH_GENERIC.
  If KVM_CAP_ARM_PTRAUTH_ADDRESS and KVM_CAP_ARM_PTRAUTH_GENERIC are
  both present, then both KVM_ARM_VCPU_PTRAUTH_ADDRESS and
  KVM_ARM_VCPU_PTRAUTH_GENERIC must be requested or neither must be
  requested.


KVM will reject the initialisation if only one of the features is
requested, so checking and enabling both makes sense to me.

> 
> > @@ -521,6 +527,17 @@ bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures 
> > *ahcf)
> >*/
> >   struct kvm_vcpu_init init = { .target = -1, };
> >   +/*
> > + * Ask for Pointer Authentication if supported. We can't play the
> > + * SVE trick of synthetising the ID reg as KVM won't tell us
> 
> synthesizing

Yup.

> 
> > + * whether we have the architected or IMPDEF version of PAuth, so
> > + * we have to use the actual ID regs.
> > + */
> > +if (kvm_arm_pauth_supported()) {
> > +init.features[0] |= (1 << KVM_ARM_VCPU_PTRAUTH_ADDRESS |
> > +1 << KVM_ARM_VCPU_PTRAUTH_GENERIC);
> 
> Align the two 1's.

Gah, another of these... Will fix.

> 
> Otherwise, it looks good.

Thanks,

M.

-- 
Without deviation from the norm, progress is not possible.

Re: Rational behind partial AVX support in Qemu

[Stevie Lavern]

Hello,

Thanks for you answer!
I may put together a patch to crash if VEX.L is 1 (shouldn't be hard) and
submit it to the patch list.
Do you think it qualifies as "trivial patch" or should i go on with the
full patch submission process?


On Thu, Jan 6, 2022 at 3:45 AM Richard Henderson <
richard.hender...@linaro.org> wrote:

> On 1/5/22 9:09 AM, Stevie Lavern wrote:
> > Hello,
> > I'm currently testing various binaries under qemu linux user and went
> into a strange bug.
> >
> > Here is the TLDR: is there a reason to allow VEX.L to be 1 when not
> supporting AVX
> > instructions?
>
> There are some integer instructions that use vex encoding, e.g. andn, and
> we support some
> of those, thus any support for VEX at all.  But you're probably correct
> that we could
> usefully filter VEX.L = 1 early.
>
>
> r~
>

[PATCH 00/15] reduce audio playback latency

[Volker Rümelin]

This patch series reduces the playback latency for audio backends,
in some cases significantly. For PulseAudio, the audio buffer is
also moved from the QEMU side to the PulseAudio server side. This
improves the drop-out safety for PulseAudio.

I actually measured the latency reduction with the PulseAudio
backend. For the test I used my Linux host configured to play
audio with PulseAudio. The guest was a Linux guest, also
configured to use PulseAudio.

Measuring audio latencies is difficult. I played a sine tone in
the guest with Audacity and measured the time from releasing the
left mouse button until the tone can be heard. A few seconds
before the measurement I started playback of an audio file with
10 minutes of silence to fill the audio buffers. The over-all
latency can't be used to estimate the playback latency, but it
can be used to calculate the playback latency reduction.

The measured over-all latency with PulseAudio is around 200ms
without these patches and around 135ms with these patches. The
difference of 65ms agrees well with the expected value of
46.4ms * 2 + 15ms - 46.4ms = 61.4ms. 46.4ms * 2 is the size of
the mixing-engine buffer ("[PATCH 14/15] paaudio: fix samples vs.
frames mix-up" explains the factor 2), 15ms is the server side
PulseAudio buffer size used before these patches and 46.4ms is
the new server side PulseAudio buffer size.

Volker Rümelin (15):
  audio: replace open-coded buffer arithmetic
  audio: move function audio_pcm_hw_clip_out()
  audio: add function audio_pcm_hw_conv_in()
  audio: inline function audio_pcm_sw_get_rpos_in()
  paaudio: increase default latency to 46ms
  jackaudio: use more jack audio buffers
  audio: copy playback stream in sequential order
  audio: add pcm_ops function table for capture backend
  audio: revert tests for pcm_ops table
  audio: restore mixing-engine playback buffer size
  paaudio: reduce effective playback buffer size
  dsoundaudio: reduce effective playback buffer size
  ossaudio: reduce effective playback buffer size
  paaudio: fix samples vs. frames mix-up
  sdlaudio: fix samples vs. frames mix-up

 audio/alsaaudio.c   |   1 +
 audio/audio.c   | 194 
 audio/audio_int.h   |   9 +-
 audio/coreaudio.c   |  13 +--
 audio/dsoundaudio.c |  30 ---
 audio/jackaudio.c   |   5 +-
 audio/noaudio.c |   1 +
 audio/ossaudio.c    |  17 +++-
 audio/paaudio.c |  49 ++-
 audio/sdlaudio.c    |  21 +++--
 audio/wavaudio.c    |   1 +
 11 files changed, 199 insertions(+), 142 deletions(-)

--
2.31.1

Re: [PATCH v3 3/3] linux-user: Remove TARGET_SIGSTKSZ

[Philippe Mathieu-Daudé]

On 6/1/22 08:47, Song Gao wrote:

TARGET_SIGSTKSZ is not used, we should remove it.

Signed-off-by: Song Gao 
Reviewed-by: Richard Henderson 
---
  linux-user/alpha/target_signal.h  | 1 -
  linux-user/generic/signal.h   | 1 -
  linux-user/hppa/target_signal.h   | 1 -
  linux-user/mips/target_signal.h   | 1 -
  linux-user/mips64/target_signal.h | 1 -
  linux-user/sparc/target_signal.h  | 1 -
  6 files changed, 6 deletions(-)


Reviewed-by: Philippe Mathieu-Daudé 

Re: [PATCH 1/1] util: adjust coroutine pool size to virtio block queue

[Philippe Mathieu-Daudé]

Cc'ing Stefan / Paolo.

On 6/1/22 09:20, Hiroki Narukawa wrote:

Coroutine pool size was 64 from long ago, and the basis was organized in the 
commit message in c740ad92.

At that time, virtio-blk queue-size and num-queue were not configuable, and 
equivalent values were 128 and 1.

Coroutine pool size 64 was fine then.

Later queue-size and num-queue got configuable, and default values were 
increased.

Coroutine pool with size 64 exhausts frequently with random disk IO in new 
size, and slows down.

This commit adjusts coroutine pool size adaptively with new values.

This commit adds 64 by default, but now coroutine is not only for block devices,

and is not too much burdon comparing with new default.

pool size of 128 * vCPUs.

Signed-off-by: Hiroki Narukawa 
---
  hw/block/virtio-blk.c|  3 +++
  include/qemu/coroutine.h |  5 +
  util/qemu-coroutine.c| 15 +++
  3 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index f139cd7cc9..726dbe14de 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -32,6 +32,7 @@
  #include "hw/virtio/virtio-bus.h"
  #include "migration/qemu-file-types.h"
  #include "hw/virtio/virtio-access.h"
+#include "qemu/coroutine.h"
  
  /* Config size before the discard support (hide associated config fields) */

  #define VIRTIO_BLK_CFG_SIZE offsetof(struct virtio_blk_config, \
@@ -1222,6 +1223,8 @@ static void virtio_blk_device_realize(DeviceState *dev, 
Error **errp)
  for (i = 0; i < conf->num_queues; i++) {
  virtio_add_queue(vdev, conf->queue_size, virtio_blk_handle_output);
  }
+qemu_coroutine_increase_pool_batch_size(conf->num_queues * conf->queue_size
+/ 2);
  virtio_blk_data_plane_create(vdev, conf, &s->dataplane, &err);
  if (err != NULL) {
  error_propagate(errp, err);
diff --git a/include/qemu/coroutine.h b/include/qemu/coroutine.h
index 4829ff373d..e52ed76ab2 100644
--- a/include/qemu/coroutine.h
+++ b/include/qemu/coroutine.h
@@ -331,6 +331,11 @@ void qemu_co_sleep_wake(QemuCoSleep *w);
   */
  void coroutine_fn yield_until_fd_readable(int fd);
  
+/**

+ * Increase coroutine pool size
+ */
+void qemu_coroutine_increase_pool_batch_size(unsigned int 
additional_pool_size);
+
  #include "qemu/lockable.h"
  
  #endif /* QEMU_COROUTINE_H */

diff --git a/util/qemu-coroutine.c b/util/qemu-coroutine.c
index 38fb6d3084..080a1e0126 100644
--- a/util/qemu-coroutine.c
+++ b/util/qemu-coroutine.c
@@ -20,12 +20,14 @@
  #include "qemu/coroutine_int.h"
  #include "block/aio.h"
  
+/** Initial batch size is 64, and is increased on demand */

  enum {
-POOL_BATCH_SIZE = 64,
+POOL_INITIAL_BATCH_SIZE = 64,
  };
  
  /** Free list to speed up creation */

  static QSLIST_HEAD(, Coroutine) release_pool = QSLIST_HEAD_INITIALIZER(pool);
+static unsigned int pool_batch_size = POOL_INITIAL_BATCH_SIZE;
  static unsigned int release_pool_size;
  static __thread QSLIST_HEAD(, Coroutine) alloc_pool = 
QSLIST_HEAD_INITIALIZER(pool);
  static __thread unsigned int alloc_pool_size;
@@ -49,7 +51,7 @@ Coroutine *qemu_coroutine_create(CoroutineEntry *entry, void 
*opaque)
  if (CONFIG_COROUTINE_POOL) {
  co = QSLIST_FIRST(&alloc_pool);
  if (!co) {
-if (release_pool_size > POOL_BATCH_SIZE) {
+if (release_pool_size > pool_batch_size) {
  /* Slow path; a good place to register the destructor, too.  
*/
  if (!coroutine_pool_cleanup_notifier.notify) {
  coroutine_pool_cleanup_notifier.notify = 
coroutine_pool_cleanup;
@@ -86,12 +88,12 @@ static void coroutine_delete(Coroutine *co)
  co->caller = NULL;
  
  if (CONFIG_COROUTINE_POOL) {

-if (release_pool_size < POOL_BATCH_SIZE * 2) {
+if (release_pool_size < pool_batch_size * 2) {
  QSLIST_INSERT_HEAD_ATOMIC(&release_pool, co, pool_next);
  qatomic_inc(&release_pool_size);
  return;
  }
-if (alloc_pool_size < POOL_BATCH_SIZE) {
+if (alloc_pool_size < pool_batch_size) {
  QSLIST_INSERT_HEAD(&alloc_pool, co, pool_next);
  alloc_pool_size++;
  return;
@@ -202,3 +204,8 @@ AioContext *coroutine_fn 
qemu_coroutine_get_aio_context(Coroutine *co)
  {
  return co->ctx;
  }
+
+void qemu_coroutine_increase_pool_batch_size(unsigned int additional_pool_size)
+{
+qatomic_add(&pool_batch_size, additional_pool_size);
+}

Re: [PATCH] MAINTAINERS: Add entry for QEMU Guest Agent Windows components

[Philippe Mathieu-Daudé]

On 5/1/22 10:50, Kostiantyn Kostiuk wrote:

Signed-off-by: Kostiantyn Kostiuk 
---
  MAINTAINERS | 8 
  1 file changed, 8 insertions(+)


Reviewed-by: Philippe Mathieu-Daudé 

Re: [PATCH 1/2] virtio-gpu: hostmem

[Michael S. Tsirkin]

On Wed, Nov 10, 2021 at 05:42:19PM +0100, Antonio Caggiano wrote:
> From: Gerd Hoffmann 
> 
> Use VIRTIO_GPU_SHM_ID_HOST_VISIBLE as id for virtio-gpu.
> 
> Signed-off-by: Antonio Caggiano 

I guess Gerd can apply this as appropriate.

Acked-by: Michael S. Tsirkin 

> ---
>  hw/display/virtio-gpu-pci.c| 14 ++
>  hw/display/virtio-gpu.c|  1 +
>  hw/display/virtio-vga.c| 32 +++-
>  include/hw/virtio/virtio-gpu.h |  5 +
>  4 files changed, 43 insertions(+), 9 deletions(-)
> 
> diff --git a/hw/display/virtio-gpu-pci.c b/hw/display/virtio-gpu-pci.c
> index e36eee0c40..a79bd751b2 100644
> --- a/hw/display/virtio-gpu-pci.c
> +++ b/hw/display/virtio-gpu-pci.c
> @@ -33,6 +33,20 @@ static void virtio_gpu_pci_base_realize(VirtIOPCIProxy 
> *vpci_dev, Error **errp)
>  DeviceState *vdev = DEVICE(g);
>  int i;
>  
> +if (virtio_gpu_hostmem_enabled(g->conf)) {
> +vpci_dev->msix_bar_idx = 1;
> +vpci_dev->modern_mem_bar_idx = 2;
> +memory_region_init(&g->hostmem, OBJECT(g), "virtio-gpu-hostmem",
> +   g->conf.hostmem);
> +pci_register_bar(&vpci_dev->pci_dev, 4,
> + PCI_BASE_ADDRESS_SPACE_MEMORY |
> + PCI_BASE_ADDRESS_MEM_PREFETCH |
> + PCI_BASE_ADDRESS_MEM_TYPE_64,
> + &g->hostmem);
> +virtio_pci_add_shm_cap(vpci_dev, 4, 0, g->conf.hostmem, 
> VIRTIO_GPU_SHM_ID_HOST_VISIBLE);
> +}
> +
> +qdev_set_parent_bus(vdev, BUS(&vpci_dev->bus), errp);
>  virtio_pci_force_virtio_1(vpci_dev);
>  if (!qdev_realize(vdev, BUS(&vpci_dev->bus), errp)) {
>  return;
> diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
> index d78b9700c7..1cfcb81c1b 100644
> --- a/hw/display/virtio-gpu.c
> +++ b/hw/display/virtio-gpu.c
> @@ -1418,6 +1418,7 @@ static Property virtio_gpu_properties[] = {
>   256 * MiB),
>  DEFINE_PROP_BIT("blob", VirtIOGPU, parent_obj.conf.flags,
>  VIRTIO_GPU_FLAG_BLOB_ENABLED, false),
> +DEFINE_PROP_SIZE("hostmem", VirtIOGPU, parent_obj.conf.hostmem, 0),
>  DEFINE_PROP_END_OF_LIST(),
>  };
>  
> diff --git a/hw/display/virtio-vga.c b/hw/display/virtio-vga.c
> index 9e57f61e9e..ca841a0799 100644
> --- a/hw/display/virtio-vga.c
> +++ b/hw/display/virtio-vga.c
> @@ -125,16 +125,30 @@ static void virtio_vga_base_realize(VirtIOPCIProxy 
> *vpci_dev, Error **errp)
>  pci_register_bar(&vpci_dev->pci_dev, 0,
>   PCI_BASE_ADDRESS_MEM_PREFETCH, &vga->vram);
>  
> -/*
> - * Configure virtio bar and regions
> - *
> - * We use bar #2 for the mmio regions, to be compatible with stdvga.
> - * virtio regions are moved to the end of bar #2, to make room for
> - * the stdvga mmio registers at the start of bar #2.
> - */
> -vpci_dev->modern_mem_bar_idx = 2;
> -vpci_dev->msix_bar_idx = 4;
>  vpci_dev->modern_io_bar_idx = 5;
> +  
> +if (!virtio_gpu_hostmem_enabled(g->conf)) {
> +/*
> +* Configure virtio bar and regions
> +*
> +* We use bar #2 for the mmio regions, to be compatible with stdvga.
> +* virtio regions are moved to the end of bar #2, to make room for
> +* the stdvga mmio registers at the start of bar #2.
> +*/
> +vpci_dev->modern_mem_bar_idx = 2;
> +vpci_dev->msix_bar_idx = 4;
> +} else {
> +vpci_dev->msix_bar_idx = 1;
> +vpci_dev->modern_mem_bar_idx = 2;
> +memory_region_init(&g->hostmem, OBJECT(g), "virtio-gpu-hostmem",
> +   g->conf.hostmem);
> +pci_register_bar(&vpci_dev->pci_dev, 4,
> + PCI_BASE_ADDRESS_SPACE_MEMORY |
> + PCI_BASE_ADDRESS_MEM_PREFETCH |
> + PCI_BASE_ADDRESS_MEM_TYPE_64,
> + &g->hostmem);
> +virtio_pci_add_shm_cap(vpci_dev, 4, 0, g->conf.hostmem, 
> VIRTIO_GPU_SHM_ID_HOST_VISIBLE);
> +}
>  
>  if (!(vpci_dev->flags & VIRTIO_PCI_FLAG_PAGE_PER_VQ)) {
>  /*
> diff --git a/include/hw/virtio/virtio-gpu.h b/include/hw/virtio/virtio-gpu.h
> index acfba7c76c..3963cb4f86 100644
> --- a/include/hw/virtio/virtio-gpu.h
> +++ b/include/hw/virtio/virtio-gpu.h
> @@ -102,12 +102,15 @@ enum virtio_gpu_base_conf_flags {
>  (_cfg.flags & (1 << VIRTIO_GPU_FLAG_DMABUF_ENABLED))
>  #define virtio_gpu_blob_enabled(_cfg) \
>  (_cfg.flags & (1 << VIRTIO_GPU_FLAG_BLOB_ENABLED))
> +#define virtio_gpu_hostmem_enabled(_cfg) \
> +(_cfg.hostmem > 0)
>  

Don't much like the lower-case macro here, but I guess it's
consistent with rest of the code.

>  struct virtio_gpu_base_conf {
>  uint32_t max_outputs;
>  uint32_t flags;
>  uint32_t xres;
>  uint32_t yres;
> +uint64_t hostmem;
>  };
>  
>  struct virtio_gpu_ctrl_command {
> @@ -131,6 +134,8 @@ struct VirtIOGPUBase {
>  int rend

[PATCH v14 00/26] Add LoongArch linux-user emulation support

[Song Gao]

Based-on: <20220106074740.1754661-1-gaos...@loongson.cn>

Hi all,

This series only support linux-user emulation.
More about LoongArch at: https://github.com/loongson/

The latest kernel:
  * https://github.com/loongson/linux/tree/loongarch-next

Patches need review:
  * 0018-linux-user-Add-LoongArch-specific-structures.patch
  * 0019-linux-user-Add-LoongArch-signal-support.patch

Changes for v14:
  * Rebase;
  * Update README, use new clfs-system/cross-tools test.

V13:
https://patchew.org/QEMU/1638610165-15036-1-git-send-email-gaos...@loongson.cn/

Please review! Thanks.

Song Gao (26):
  target/loongarch: Add README
  target/loongarch: Add core definition
  target/loongarch: Add main translation routines
  target/loongarch: Add fixed point arithmetic instruction translation
  target/loongarch: Add fixed point shift instruction translation
  target/loongarch: Add fixed point bit instruction translation
  target/loongarch: Add fixed point load/store instruction translation
  target/loongarch: Add fixed point atomic instruction translation
  target/loongarch: Add fixed point extra instruction translation
  target/loongarch: Add floating point arithmetic instruction
translation
  target/loongarch: Add floating point comparison instruction
translation
  target/loongarch: Add floating point conversion instruction
translation
  target/loongarch: Add floating point move instruction translation
  target/loongarch: Add floating point load/store instruction
translation
  target/loongarch: Add branch instruction translation
  target/loongarch: Add disassembler
  linux-user: Add LoongArch generic header files
  linux-user: Add LoongArch specific structures
  linux-user: Add LoongArch signal support
  linux-user: Add LoongArch elf support
  linux-user: Add LoongArch syscall support
  linux-user: Add LoongArch cpu_loop support
  default-configs: Add loongarch linux-user support
  target/loongarch: Add target build suport
  target/loongarch: 'make check-tcg' support
  scripts: add loongarch64 binfmt config

 MAINTAINERS   |   5 +
 configs/targets/loongarch64-linux-user.mak|   3 +
 configure |   3 +
 include/disas/dis-asm.h   |   2 +
 linux-user/elfload.c  |  53 ++
 linux-user/loongarch64/cpu_loop.c |  94 ++
 linux-user/loongarch64/signal.c   | 198 
 linux-user/loongarch64/sockbits.h |  11 +
 linux-user/loongarch64/syscall_nr.h   | 313 +++
 linux-user/loongarch64/target_cpu.h   |  34 +
 linux-user/loongarch64/target_elf.h   |  12 +
 linux-user/loongarch64/target_errno_defs.h|  12 +
 linux-user/loongarch64/target_fcntl.h |  11 +
 linux-user/loongarch64/target_signal.h|  13 +
 linux-user/loongarch64/target_structs.h   |  47 +
 linux-user/loongarch64/target_syscall.h   |  48 +
 linux-user/loongarch64/termbits.h |  11 +
 linux-user/syscall_defs.h |  10 +-
 meson.build   |   1 +
 scripts/gensyscalls.sh|   1 +
 scripts/qemu-binfmt-conf.sh   |   6 +-
 target/loongarch/README   |  77 ++
 target/loongarch/cpu-param.h  |  18 +
 target/loongarch/cpu.c| 315 +++
 target/loongarch/cpu.h| 252 +
 target/loongarch/disas.c  | 612 +
 target/loongarch/fpu_helper.c | 862 ++
 target/loongarch/helper.h |  94 ++
 target/loongarch/insn_trans/trans_arith.c.inc | 304 ++
 .../loongarch/insn_trans/trans_atomic.c.inc   | 114 +++
 target/loongarch/insn_trans/trans_bit.c.inc   | 212 +
 .../loongarch/insn_trans/trans_branch.c.inc   |  83 ++
 target/loongarch/insn_trans/trans_extra.c.inc |  86 ++
 .../loongarch/insn_trans/trans_farith.c.inc   | 105 +++
 target/loongarch/insn_trans/trans_fcmp.c.inc  |  56 ++
 target/loongarch/insn_trans/trans_fcnv.c.inc  |  33 +
 .../loongarch/insn_trans/trans_fmemory.c.inc  | 153 
 target/loongarch/insn_trans/trans_fmov.c.inc  | 157 
 .../loongarch/insn_trans/trans_memory.c.inc   | 229 +
 target/loongarch/insn_trans/trans_shift.c.inc | 106 +++
 target/loongarch/insns.decode | 442 +
 target/loongarch/internals.h  |  28 +
 target/loongarch/meson.build  |  19 +
 target/loongarch/op_helper.c  |  85 ++
 target/loongarch/translate.c  | 268 ++
 target/loongarch/translate.h  |  45 +
 target/meson.build|   1 +
 tests/tcg/configure.sh|   1 +
 48 files changed, 5640 insertions(+), 5 deletions(-)
 create mode 100644 configs/targets/loongarch64-linux-user.mak
 create mode 100644 linux-user/loongarch64/cpu_loop.c
 create mode 100644 linux-user/loongarch64/sig

[PATCH v14 03/26] target/loongarch: Add main translation routines

[Song Gao]

This patch adds main translation routines and
basic functions for translation.

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 target/loongarch/helper.h|   6 ++
 target/loongarch/op_helper.c |  21 +
 target/loongarch/translate.c | 159 +++
 target/loongarch/translate.h |  26 ++
 4 files changed, 212 insertions(+)
 create mode 100644 target/loongarch/helper.h
 create mode 100644 target/loongarch/op_helper.c
 create mode 100644 target/loongarch/translate.c
 create mode 100644 target/loongarch/translate.h

diff --git a/target/loongarch/helper.h b/target/loongarch/helper.h
new file mode 100644
index 00..eb771c0628
--- /dev/null
+++ b/target/loongarch/helper.h
@@ -0,0 +1,6 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+DEF_HELPER_2(raise_exception, noreturn, env, i32)
diff --git a/target/loongarch/op_helper.c b/target/loongarch/op_helper.c
new file mode 100644
index 00..903810951e
--- /dev/null
+++ b/target/loongarch/op_helper.c
@@ -0,0 +1,21 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * LoongArch emulation helpers for QEMU.
+ *
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/main-loop.h"
+#include "cpu.h"
+#include "qemu/host-utils.h"
+#include "exec/helper-proto.h"
+#include "exec/exec-all.h"
+#include "exec/cpu_ldst.h"
+#include "internals.h"
+
+/* Exceptions helpers */
+void helper_raise_exception(CPULoongArchState *env, uint32_t exception)
+{
+do_raise_exception(env, exception, GETPC());
+}
diff --git a/target/loongarch/translate.c b/target/loongarch/translate.c
new file mode 100644
index 00..048c8953b6
--- /dev/null
+++ b/target/loongarch/translate.c
@@ -0,0 +1,159 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * LoongArch emulation for QEMU - main translation routines.
+ *
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#include "qemu/osdep.h"
+#include "cpu.h"
+#include "tcg/tcg-op.h"
+#include "exec/translator.h"
+#include "exec/helper-proto.h"
+#include "exec/helper-gen.h"
+
+#include "exec/translator.h"
+#include "exec/log.h"
+#include "qemu/qemu-print.h"
+#include "translate.h"
+#include "internals.h"
+
+/* Global register indices */
+TCGv cpu_gpr[32], cpu_pc;
+static TCGv cpu_lladdr, cpu_llval;
+TCGv_i32 cpu_fcsr0;
+TCGv_i64 cpu_fpr[32];
+
+#define DISAS_STOP   DISAS_TARGET_0
+
+void generate_exception(DisasContext *ctx, int excp)
+{
+tcg_gen_movi_tl(cpu_pc, ctx->base.pc_next);
+gen_helper_raise_exception(cpu_env, tcg_constant_i32(excp));
+ctx->base.is_jmp = DISAS_NORETURN;
+}
+
+static inline void gen_goto_tb(DisasContext *ctx, int n, target_ulong dest)
+{
+if (translator_use_goto_tb(&ctx->base, dest)) {
+tcg_gen_goto_tb(n);
+tcg_gen_movi_tl(cpu_pc, dest);
+tcg_gen_exit_tb(ctx->base.tb, n);
+} else {
+tcg_gen_movi_tl(cpu_pc, dest);
+tcg_gen_lookup_and_goto_ptr();
+}
+}
+
+static void loongarch_tr_init_disas_context(DisasContextBase *dcbase,
+CPUState *cs)
+{
+int64_t bound;
+DisasContext *ctx = container_of(dcbase, DisasContext, base);
+
+ctx->page_start = ctx->base.pc_first & TARGET_PAGE_MASK;
+ctx->mem_idx = ctx->base.tb->flags;
+
+/* Bound the number of insns to execute to those left on the page.  */
+bound = -(ctx->base.pc_first | TARGET_PAGE_MASK) / 4;
+ctx->base.max_insns = MIN(ctx->base.max_insns, bound);
+}
+
+static void loongarch_tr_tb_start(DisasContextBase *dcbase, CPUState *cs)
+{
+}
+
+static void loongarch_tr_insn_start(DisasContextBase *dcbase, CPUState *cs)
+{
+DisasContext *ctx = container_of(dcbase, DisasContext, base);
+
+tcg_gen_insn_start(ctx->base.pc_next);
+}
+
+static void loongarch_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs)
+{
+CPULoongArchState *env = cs->env_ptr;
+DisasContext *ctx = container_of(dcbase, DisasContext, base);
+
+ctx->opcode = cpu_ldl_code(env, ctx->base.pc_next);
+
+if (!decode(ctx, ctx->opcode)) {
+qemu_log_mask(LOG_UNIMP, "Error: unkown opcode. 0x%lx: 0x%x\n",
+  ctx->base.pc_next, ctx->opcode);
+generate_exception(ctx, EXCP_INE);
+}
+
+ctx->base.pc_next += 4;
+}
+
+static void loongarch_tr_tb_stop(DisasContextBase *dcbase, CPUState *cs)
+{
+DisasContext *ctx = container_of(dcbase, DisasContext, base);
+
+switch (ctx->base.is_jmp) {
+case DISAS_STOP:
+tcg_gen_movi_tl(cpu_pc, ctx->base.pc_next);
+tcg_gen_lookup_and_goto_ptr();
+break;
+case DISAS_TOO_MANY:
+gen_goto_tb(ctx, 0, ctx->base.pc_next);
+break;
+case DISAS_NORETURN:
+break;
+default:
+g_assert_not_reached();
+}
+}
+
+static void loongarch_tr_disas_log(const DisasContextBase *dcbase, CPUState

[PATCH v14 12/26] target/loongarch: Add floating point conversion instruction translation

[Song Gao]

This includes:
- FCVT.S.D, FCVT.D.S
- FFINT.{S/D}.{W/L}, FTINT.{W/L}.{S/D}
- FTINT{RM/RP/RZ/RNE}.{W/L}.{S/D}
- FRINT.{S/D}

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 target/loongarch/fpu_helper.c| 393 +++
 target/loongarch/helper.h|  29 ++
 target/loongarch/insn_trans/trans_fcnv.c.inc |  33 ++
 target/loongarch/insns.decode|  32 ++
 target/loongarch/translate.c |   1 +
 5 files changed, 488 insertions(+)
 create mode 100644 target/loongarch/insn_trans/trans_fcnv.c.inc

diff --git a/target/loongarch/fpu_helper.c b/target/loongarch/fpu_helper.c
index 089a5be199..deae76c766 100644
--- a/target/loongarch/fpu_helper.c
+++ b/target/loongarch/fpu_helper.c
@@ -461,3 +461,396 @@ uint64_t helper_fcmp_s_d(CPULoongArchState *env, uint64_t 
fj,
 FloatRelation cmp = float64_compare(fj, fk, &env->fp_status);
 return fcmp_common(env, cmp, flags);
 }
+
+/* floating point conversion */
+uint64_t helper_fcvt_s_d(CPULoongArchState *env, uint64_t fj)
+{
+uint64_t fd;
+
+fd = nanbox_s(float64_to_float32(fj, &env->fp_status));
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_fcvt_d_s(CPULoongArchState *env, uint64_t fj)
+{
+uint64_t fd;
+
+fd = float32_to_float64((uint32_t)fj, &env->fp_status);
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_ffint_s_w(CPULoongArchState *env, uint64_t fj)
+{
+uint64_t fd;
+
+fd = nanbox_s(int32_to_float32((int32_t)fj, &env->fp_status));
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_ffint_s_l(CPULoongArchState *env, uint64_t fj)
+{
+uint64_t fd;
+
+fd = nanbox_s(int64_to_float32(fj, &env->fp_status));
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_ffint_d_w(CPULoongArchState *env, uint64_t fj)
+{
+uint64_t fd;
+
+fd = int32_to_float64((int32_t)fj, &env->fp_status);
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_ffint_d_l(CPULoongArchState *env, uint64_t fj)
+{
+uint64_t fd;
+
+fd = int64_to_float64(fj, &env->fp_status);
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_frint_s(CPULoongArchState *env, uint64_t fj)
+{
+uint64_t fd;
+
+fd = (uint64_t)(float32_round_to_int((uint32_t)fj, &env->fp_status));
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_frint_d(CPULoongArchState *env, uint64_t fj)
+{
+uint64_t fd;
+
+fd = float64_round_to_int(fj, &env->fp_status);
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_ftintrm_l_d(CPULoongArchState *env, uint64_t fj)
+{
+uint64_t fd;
+FloatRoundMode old_mode = get_float_rounding_mode(&env->fp_status);
+
+set_float_rounding_mode(float_round_down, &env->fp_status);
+fd = float64_to_int64(fj, &env->fp_status);
+set_float_rounding_mode(old_mode, &env->fp_status);
+
+if (get_float_exception_flags(&env->fp_status) &
+(float_flag_invalid | float_flag_overflow)) {
+fd = FLOAT_TO_INT64_OVERFLOW;
+}
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_ftintrm_l_s(CPULoongArchState *env, uint64_t fj)
+{
+uint64_t fd;
+FloatRoundMode old_mode = get_float_rounding_mode(&env->fp_status);
+
+set_float_rounding_mode(float_round_down, &env->fp_status);
+fd = float32_to_int64((uint32_t)fj, &env->fp_status);
+set_float_rounding_mode(old_mode, &env->fp_status);
+
+if (get_float_exception_flags(&env->fp_status) &
+(float_flag_invalid | float_flag_overflow)) {
+fd = FLOAT_TO_INT64_OVERFLOW;
+}
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_ftintrm_w_d(CPULoongArchState *env, uint64_t fj)
+{
+uint64_t fd;
+FloatRoundMode old_mode = get_float_rounding_mode(&env->fp_status);
+
+set_float_rounding_mode(float_round_down, &env->fp_status);
+fd = (uint64_t)float64_to_int32(fj, &env->fp_status);
+set_float_rounding_mode(old_mode, &env->fp_status);
+
+if (get_float_exception_flags(&env->fp_status) &
+(float_flag_invalid | float_flag_overflow)) {
+fd = FLOAT_TO_INT32_OVERFLOW;
+}
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_ftintrm_w_s(CPULoongArchState *env, uint64_t fj)
+{
+uint64_t fd;
+FloatRoundMode old_mode = get_float_rounding_mode(&env->fp_status);
+
+set_float_rounding_mode(float_round_down, &env->fp_status);
+fd = (uint64_t)float32_to_int32((uint32_t)fj, &env->fp_status);
+set_float_rounding_mode(old_mode, &env->fp_status);
+
+if (get_float_exception_flags(&env->fp_status) &
+(float_flag_invalid | float_flag_overflow)) {
+fd = FLOAT_TO_INT32_OVERFLOW;
+}
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_ftintrp_l_d(CPULoongArchState *env, uint64_t fj)
+{
+uint64_t fd;
+FloatRoundMode old_mode = get_float_rounding_mode(&env->fp_sta

[PATCH v14 10/26] target/loongarch: Add floating point arithmetic instruction translation

[Song Gao]

This includes:
- F{ADD/SUB/MUL/DIV}.{S/D}
- F{MADD/MSUB/NMADD/NMSUB}.{S/D}
- F{MAX/MIN}.{S/D}
- F{MAXA/MINA}.{S/D}
- F{ABS/NEG}.{S/D}
- F{SQRT/RECIP/RSQRT}.{S/D}
- F{SCALEB/LOGB/COPYSIGN}.{S/D}
- FCLASS.{S/D}

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 target/loongarch/cpu.c|   1 +
 target/loongarch/fpu_helper.c | 403 ++
 target/loongarch/helper.h |  37 ++
 .../loongarch/insn_trans/trans_farith.c.inc   | 105 +
 target/loongarch/insns.decode |  52 +++
 target/loongarch/internals.h  |   2 +
 target/loongarch/translate.c  |  11 +
 7 files changed, 611 insertions(+)
 create mode 100644 target/loongarch/fpu_helper.c
 create mode 100644 target/loongarch/insn_trans/trans_farith.c.inc

diff --git a/target/loongarch/cpu.c b/target/loongarch/cpu.c
index 76b89d1606..883c6c623f 100644
--- a/target/loongarch/cpu.c
+++ b/target/loongarch/cpu.c
@@ -185,6 +185,7 @@ static void loongarch_cpu_reset(DeviceState *dev)
 env->fcsr0_mask = FCSR0_M1 | FCSR0_M2 | FCSR0_M3;
 env->fcsr0 = 0x0;
 
+restore_fp_status(env);
 cs->exception_index = EXCP_NONE;
 }
 
diff --git a/target/loongarch/fpu_helper.c b/target/loongarch/fpu_helper.c
new file mode 100644
index 00..c4e35f8d2b
--- /dev/null
+++ b/target/loongarch/fpu_helper.c
@@ -0,0 +1,403 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * LoongArch float point emulation helpers for QEMU
+ *
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#include "qemu/osdep.h"
+#include "cpu.h"
+#include "exec/helper-proto.h"
+#include "exec/exec-all.h"
+#include "exec/cpu_ldst.h"
+#include "fpu/softfloat.h"
+#include "internals.h"
+
+#define FLOAT_TO_INT32_OVERFLOW 0x7fff
+#define FLOAT_TO_INT64_OVERFLOW 0x7fffULL
+
+static inline uint64_t nanbox_s(float32 fp)
+{
+return fp | MAKE_64BIT_MASK(32, 32);
+}
+
+/* Convert loongarch rounding mode in fcsr0 to IEEE library */
+static const FloatRoundMode ieee_rm[4] = {
+float_round_nearest_even,
+float_round_to_zero,
+float_round_up,
+float_round_down
+};
+
+void restore_fp_status(CPULoongArchState *env)
+{
+set_float_rounding_mode(ieee_rm[(env->fcsr0 >> FCSR0_RM) & 0x3],
+&env->fp_status);
+set_flush_to_zero(0, &env->fp_status);
+}
+
+static int ieee_ex_to_loongarch(int xcpt)
+{
+int ret = 0;
+if (xcpt & float_flag_invalid) {
+ret |= FP_INVALID;
+}
+if (xcpt & float_flag_overflow) {
+ret |= FP_OVERFLOW;
+}
+if (xcpt & float_flag_underflow) {
+ret |= FP_UNDERFLOW;
+}
+if (xcpt & float_flag_divbyzero) {
+ret |= FP_DIV0;
+}
+if (xcpt & float_flag_inexact) {
+ret |= FP_INEXACT;
+}
+return ret;
+}
+
+static void update_fcsr0_mask(CPULoongArchState *env, uintptr_t pc, int mask)
+{
+int flags = get_float_exception_flags(&env->fp_status);
+
+set_float_exception_flags(0, &env->fp_status);
+
+flags &= ~mask;
+
+if (!flags) {
+SET_FP_CAUSE(env->fcsr0, flags);
+return;
+} else {
+flags = ieee_ex_to_loongarch(flags);
+SET_FP_CAUSE(env->fcsr0, flags);
+}
+
+if (GET_FP_ENABLES(env->fcsr0) & flags) {
+do_raise_exception(env, EXCP_FPE, pc);
+} else {
+UPDATE_FP_FLAGS(env->fcsr0, flags);
+}
+}
+
+static void update_fcsr0(CPULoongArchState *env, uintptr_t pc)
+{
+update_fcsr0_mask(env, pc, 0);
+}
+
+uint64_t helper_fadd_s(CPULoongArchState *env, uint64_t fj, uint64_t fk)
+{
+uint64_t fd;
+
+fd = nanbox_s(float32_add((uint32_t)fj, (uint32_t)fk, &env->fp_status));
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_fadd_d(CPULoongArchState *env, uint64_t fj, uint64_t fk)
+{
+uint64_t fd;
+
+fd = float64_add(fj, fk, &env->fp_status);
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_fsub_s(CPULoongArchState *env, uint64_t fj, uint64_t fk)
+{
+uint64_t fd;
+
+fd = nanbox_s(float32_sub((uint32_t)fj, (uint32_t)fk, &env->fp_status));
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_fsub_d(CPULoongArchState *env, uint64_t fj, uint64_t fk)
+{
+uint64_t fd;
+
+fd = float64_sub(fj, fk, &env->fp_status);
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_fmul_s(CPULoongArchState *env, uint64_t fj, uint64_t fk)
+{
+uint64_t fd;
+
+fd = nanbox_s(float32_mul((uint32_t)fj, (uint32_t)fk, &env->fp_status));
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_fmul_d(CPULoongArchState *env, uint64_t fj, uint64_t fk)
+{
+uint64_t fd;
+
+fd = float64_mul(fj, fk, &env->fp_status);
+update_fcsr0(env, GETPC());
+return fd;
+}
+
+uint64_t helper_fdiv_s(CPULoongArchState *env, uint64_t fj, uint64_t fk)
+{
+uint64_t fd;
+
+fd = nanbox_s(float32_div((uint32_t)fj, (uint3

[PATCH v14 09/26] target/loongarch: Add fixed point extra instruction translation

[Song Gao]

This includes:
- CRC[C].W.{B/H/W/D}.W
- SYSCALL
- BREAK
- ASRT{LE/GT}.D
- RDTIME{L/H}.W, RDTIME.D
- CPUCFG

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 target/loongarch/helper.h |  4 +
 target/loongarch/insn_trans/trans_extra.c.inc | 86 +++
 target/loongarch/insns.decode | 22 +
 target/loongarch/op_helper.c  | 32 ++-
 target/loongarch/translate.c  |  1 +
 5 files changed, 143 insertions(+), 2 deletions(-)
 create mode 100644 target/loongarch/insn_trans/trans_extra.c.inc

diff --git a/target/loongarch/helper.h b/target/loongarch/helper.h
index 100622bfc2..638c2efc51 100644
--- a/target/loongarch/helper.h
+++ b/target/loongarch/helper.h
@@ -11,3 +11,7 @@ DEF_HELPER_FLAGS_1(bitswap, TCG_CALL_NO_RWG_SE, tl, tl)
 
 DEF_HELPER_FLAGS_3(asrtle_d, TCG_CALL_NO_WG, void, env, tl, tl)
 DEF_HELPER_FLAGS_3(asrtgt_d, TCG_CALL_NO_WG, void, env, tl, tl)
+
+DEF_HELPER_FLAGS_3(crc32, TCG_CALL_NO_RWG_SE, tl, tl, tl, tl)
+DEF_HELPER_FLAGS_3(crc32c, TCG_CALL_NO_RWG_SE, tl, tl, tl, tl)
+DEF_HELPER_FLAGS_2(cpucfg, TCG_CALL_NO_RWG_SE, tl, env, tl)
diff --git a/target/loongarch/insn_trans/trans_extra.c.inc 
b/target/loongarch/insn_trans/trans_extra.c.inc
new file mode 100644
index 00..bc622ced23
--- /dev/null
+++ b/target/loongarch/insn_trans/trans_extra.c.inc
@@ -0,0 +1,86 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+static bool trans_break(DisasContext *ctx, arg_break *a)
+{
+generate_exception(ctx, EXCP_BREAK);
+return true;
+}
+
+static bool trans_syscall(DisasContext *ctx, arg_syscall *a)
+{
+generate_exception(ctx, EXCP_SYSCALL);
+return true;
+}
+
+static bool trans_asrtle_d(DisasContext *ctx, arg_asrtle_d * a)
+{
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+
+gen_helper_asrtle_d(cpu_env, src1, src2);
+return true;
+}
+
+static bool trans_asrtgt_d(DisasContext *ctx, arg_asrtgt_d * a)
+{
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+
+gen_helper_asrtgt_d(cpu_env, src1, src2);
+return true;
+}
+
+static bool trans_rdtimel_w(DisasContext *ctx, arg_rdtimel_w *a)
+{
+tcg_gen_movi_tl(cpu_gpr[a->rd], 0);
+return true;
+}
+
+static bool trans_rdtimeh_w(DisasContext *ctx, arg_rdtimeh_w *a)
+{
+tcg_gen_movi_tl(cpu_gpr[a->rd], 0);
+return true;
+}
+
+static bool trans_rdtime_d(DisasContext *ctx, arg_rdtime_d *a)
+{
+tcg_gen_movi_tl(cpu_gpr[a->rd], 0);
+return true;
+}
+
+static bool trans_cpucfg(DisasContext *ctx, arg_cpucfg *a)
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+
+gen_helper_cpucfg(dest, cpu_env, src1);
+gen_set_gpr(a->rd, dest, EXT_NONE);
+
+return true;
+}
+
+static bool gen_crc(DisasContext *ctx, arg_rrr *a,
+void (*func)(TCGv, TCGv, TCGv, TCGv),
+TCGv tsz)
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_SIGN);
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+
+func(dest, src2, src1, tsz);
+gen_set_gpr(a->rd, dest, EXT_SIGN);
+
+return true;
+}
+
+TRANS(crc_w_b_w, gen_crc, gen_helper_crc32, tcg_constant_tl(1))
+TRANS(crc_w_h_w, gen_crc, gen_helper_crc32, tcg_constant_tl(2))
+TRANS(crc_w_w_w, gen_crc, gen_helper_crc32, tcg_constant_tl(4))
+TRANS(crc_w_d_w, gen_crc, gen_helper_crc32, tcg_constant_tl(8))
+TRANS(crcc_w_b_w, gen_crc, gen_helper_crc32c, tcg_constant_tl(1))
+TRANS(crcc_w_h_w, gen_crc, gen_helper_crc32c, tcg_constant_tl(2))
+TRANS(crcc_w_w_w, gen_crc, gen_helper_crc32c, tcg_constant_tl(4))
+TRANS(crcc_w_d_w, gen_crc, gen_helper_crc32c, tcg_constant_tl(8))
diff --git a/target/loongarch/insns.decode b/target/loongarch/insns.decode
index 8d247aa68c..d07b3c3b4a 100644
--- a/target/loongarch/insns.decode
+++ b/target/loongarch/insns.decode
@@ -17,6 +17,7 @@
 &iimm
 &r_i  rd imm
 &rr   rd rj
+&rr_jkrj rk
 &rrr  rd rj rk
 &rr_i rd rj imm
 &hint_r_i hint rj imm
@@ -28,6 +29,7 @@
 #
 @i15     . imm:15&i
 @rr     . . rj:5 rd:5&rr
+@rr_jk  . rk:5 rj:5 .&rr_jk
 @rrr     . rk:5 rj:5 rd:5&rrr
 @r_i20   ... imm:s20 rd:5&r_i
 @rr_ui5     . imm:5 rj:5 rd:5&rr_i
@@ -237,3 +239,23 @@ ammax_db_wu 0011 1111 0 . . .
@rrr
 ammax_db_du 0011 1111 1 . . .@rrr
 ammin_db_wu 0011 1111 00010 . . .@rrr
 ammin_db_du 0011 1111 00011 . . .@rrr
+
+#
+# Fixed point extra instruction
+#
+crc_w_b_w    0010 01000 . . .@rrr
+c

[PATCH v14 21/26] linux-user: Add LoongArch syscall support

[Song Gao]

We should disable '__BITS_PER_LONG' at [1] before run gensyscalls.sh

 [1] arch/loongarch/include/uapi/asm/bitsperlong.h

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
Reviewed-by: Philippe Mathieu-Daudé 
---
 linux-user/loongarch64/syscall_nr.h | 313 
 linux-user/loongarch64/target_syscall.h |  48 
 linux-user/syscall_defs.h   |  10 +-
 scripts/gensyscalls.sh  |   1 +
 4 files changed, 368 insertions(+), 4 deletions(-)
 create mode 100644 linux-user/loongarch64/syscall_nr.h
 create mode 100644 linux-user/loongarch64/target_syscall.h

diff --git a/linux-user/loongarch64/syscall_nr.h 
b/linux-user/loongarch64/syscall_nr.h
new file mode 100644
index 00..713c824dee
--- /dev/null
+++ b/linux-user/loongarch64/syscall_nr.h
@@ -0,0 +1,313 @@
+/*
+ * This file contains the system call numbers.
+ * Do not modify.
+ * This file is generated by scripts/gensyscalls.sh
+ */
+#ifndef LINUX_USER_LOONGARCH_SYSCALL_NR_H
+#define LINUX_USER_LOONGARCH_SYSCALL_NR_H
+
+#define TARGET_NR_io_setup 0
+#define TARGET_NR_io_destroy 1
+#define TARGET_NR_io_submit 2
+#define TARGET_NR_io_cancel 3
+#define TARGET_NR_io_getevents 4
+#define TARGET_NR_setxattr 5
+#define TARGET_NR_lsetxattr 6
+#define TARGET_NR_fsetxattr 7
+#define TARGET_NR_getxattr 8
+#define TARGET_NR_lgetxattr 9
+#define TARGET_NR_fgetxattr 10
+#define TARGET_NR_listxattr 11
+#define TARGET_NR_llistxattr 12
+#define TARGET_NR_flistxattr 13
+#define TARGET_NR_removexattr 14
+#define TARGET_NR_lremovexattr 15
+#define TARGET_NR_fremovexattr 16
+#define TARGET_NR_getcwd 17
+#define TARGET_NR_lookup_dcookie 18
+#define TARGET_NR_eventfd2 19
+#define TARGET_NR_epoll_create1 20
+#define TARGET_NR_epoll_ctl 21
+#define TARGET_NR_epoll_pwait 22
+#define TARGET_NR_dup 23
+#define TARGET_NR_dup3 24
+#define TARGET_NR_fcntl 25
+#define TARGET_NR_inotify_init1 26
+#define TARGET_NR_inotify_add_watch 27
+#define TARGET_NR_inotify_rm_watch 28
+#define TARGET_NR_ioctl 29
+#define TARGET_NR_ioprio_set 30
+#define TARGET_NR_ioprio_get 31
+#define TARGET_NR_flock 32
+#define TARGET_NR_mknodat 33
+#define TARGET_NR_mkdirat 34
+#define TARGET_NR_unlinkat 35
+#define TARGET_NR_symlinkat 36
+#define TARGET_NR_linkat 37
+#define TARGET_NR_umount2 39
+#define TARGET_NR_mount 40
+#define TARGET_NR_pivot_root 41
+#define TARGET_NR_nfsservctl 42
+#define TARGET_NR_statfs 43
+#define TARGET_NR_fstatfs 44
+#define TARGET_NR_truncate 45
+#define TARGET_NR_ftruncate 46
+#define TARGET_NR_fallocate 47
+#define TARGET_NR_faccessat 48
+#define TARGET_NR_chdir 49
+#define TARGET_NR_fchdir 50
+#define TARGET_NR_chroot 51
+#define TARGET_NR_fchmod 52
+#define TARGET_NR_fchmodat 53
+#define TARGET_NR_fchownat 54
+#define TARGET_NR_fchown 55
+#define TARGET_NR_openat 56
+#define TARGET_NR_close 57
+#define TARGET_NR_vhangup 58
+#define TARGET_NR_pipe2 59
+#define TARGET_NR_quotactl 60
+#define TARGET_NR_getdents64 61
+#define TARGET_NR_lseek 62
+#define TARGET_NR_read 63
+#define TARGET_NR_write 64
+#define TARGET_NR_readv 65
+#define TARGET_NR_writev 66
+#define TARGET_NR_pread64 67
+#define TARGET_NR_pwrite64 68
+#define TARGET_NR_preadv 69
+#define TARGET_NR_pwritev 70
+#define TARGET_NR_sendfile 71
+#define TARGET_NR_pselect6 72
+#define TARGET_NR_ppoll 73
+#define TARGET_NR_signalfd4 74
+#define TARGET_NR_vmsplice 75
+#define TARGET_NR_splice 76
+#define TARGET_NR_tee 77
+#define TARGET_NR_readlinkat 78
+#define TARGET_NR_newfstatat 79
+#define TARGET_NR_fstat 80
+#define TARGET_NR_sync 81
+#define TARGET_NR_fsync 82
+#define TARGET_NR_fdatasync 83
+#define TARGET_NR_sync_file_range 84
+#define TARGET_NR_timerfd_create 85
+#define TARGET_NR_timerfd_settime 86
+#define TARGET_NR_timerfd_gettime 87
+#define TARGET_NR_utimensat 88
+#define TARGET_NR_acct 89
+#define TARGET_NR_capget 90
+#define TARGET_NR_capset 91
+#define TARGET_NR_personality 92
+#define TARGET_NR_exit 93
+#define TARGET_NR_exit_group 94
+#define TARGET_NR_waitid 95
+#define TARGET_NR_set_tid_address 96
+#define TARGET_NR_unshare 97
+#define TARGET_NR_futex 98
+#define TARGET_NR_set_robust_list 99
+#define TARGET_NR_get_robust_list 100
+#define TARGET_NR_nanosleep 101
+#define TARGET_NR_getitimer 102
+#define TARGET_NR_setitimer 103
+#define TARGET_NR_kexec_load 104
+#define TARGET_NR_init_module 105
+#define TARGET_NR_delete_module 106
+#define TARGET_NR_timer_create 107
+#define TARGET_NR_timer_gettime 108
+#define TARGET_NR_timer_getoverrun 109
+#define TARGET_NR_timer_settime 110
+#define TARGET_NR_timer_delete 111
+#define TARGET_NR_clock_settime 112
+#define TARGET_NR_clock_gettime 113
+#define TARGET_NR_clock_getres 114
+#define TARGET_NR_clock_nanosleep 115
+#define TARGET_NR_syslog 116
+#define TARGET_NR_ptrace 117
+#define TARGET_NR_sched_setparam 118
+#define TARGET_NR_sched_setscheduler 119
+#define TARGET_NR_sched_getscheduler 120
+#define TARGET_NR_sched_getparam 121
+#define TARGET_NR_sched_setaffinity 122
+#def

[PATCH v14 04/26] target/loongarch: Add fixed point arithmetic instruction translation

[Song Gao]

This includes:
- ADD.{W/D}, SUB.{W/D}
- ADDI.{W/D}, ADDU16ID
- ALSL.{W[U]/D}
- LU12I.W, LU32I.D LU52I.D
- SLT[U], SLT[U]I
- PCADDI, PCADDU12I, PCADDU18I, PCALAU12I
- AND, OR, NOR, XOR, ANDN, ORN
- MUL.{W/D}, MULH.{W[U]/D[U]}
- MULW.D.W[U]
- DIV.{W[U]/D[U]}, MOD.{W[U]/D[U]}
- ANDI, ORI, XORI

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 target/loongarch/insn_trans/trans_arith.c.inc | 304 ++
 target/loongarch/insns.decode |  79 +
 target/loongarch/translate.c  |  83 +
 target/loongarch/translate.h  |  19 ++
 4 files changed, 485 insertions(+)
 create mode 100644 target/loongarch/insn_trans/trans_arith.c.inc
 create mode 100644 target/loongarch/insns.decode

diff --git a/target/loongarch/insn_trans/trans_arith.c.inc 
b/target/loongarch/insn_trans/trans_arith.c.inc
new file mode 100644
index 00..8e45eadbc8
--- /dev/null
+++ b/target/loongarch/insn_trans/trans_arith.c.inc
@@ -0,0 +1,304 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+static bool gen_rrr(DisasContext *ctx, arg_rrr *a,
+DisasExtend src1_ext, DisasExtend src2_ext,
+DisasExtend dst_ext, void (*func)(TCGv, TCGv, TCGv))
+{
+TCGv dest = gpr_dst(ctx, a->rd, dst_ext);
+TCGv src1 = gpr_src(ctx, a->rj, src1_ext);
+TCGv src2 = gpr_src(ctx, a->rk, src2_ext);
+
+func(dest, src1, src2);
+gen_set_gpr(a->rd, dest, dst_ext);
+
+return true;
+}
+
+static bool gen_rri_v(DisasContext *ctx, arg_rr_i *a,
+  DisasExtend src_ext, DisasExtend dst_ext,
+  void (*func)(TCGv, TCGv, TCGv))
+{
+TCGv dest = gpr_dst(ctx, a->rd, dst_ext);
+TCGv src1 = gpr_src(ctx, a->rj, src_ext);
+TCGv src2 = tcg_constant_tl(a->imm);
+
+func(dest, src1, src2);
+gen_set_gpr(a->rd, dest, dst_ext);
+
+return true;
+}
+
+static bool gen_rri_c(DisasContext *ctx, arg_rr_i *a,
+  DisasExtend src_ext, DisasExtend dst_ext,
+  void (*func)(TCGv, TCGv, target_long))
+{
+TCGv dest = gpr_dst(ctx, a->rd, dst_ext);
+TCGv src1 = gpr_src(ctx, a->rj, src_ext);
+
+func(dest, src1, a->imm);
+gen_set_gpr(a->rd, dest, dst_ext);
+
+return true;
+}
+
+static bool gen_rrr_sa(DisasContext *ctx, arg_rrr_sa *a,
+   DisasExtend src_ext, DisasExtend dst_ext,
+   void (*func)(TCGv, TCGv, TCGv, target_long))
+{
+TCGv dest = gpr_dst(ctx, a->rd, dst_ext);
+TCGv src1 = gpr_src(ctx, a->rj, src_ext);
+TCGv src2 = gpr_src(ctx, a->rk, src_ext);
+
+func(dest, src1, src2, a->sa);
+gen_set_gpr(a->rd, dest, dst_ext);
+
+return true;
+}
+
+static bool trans_lu12i_w(DisasContext *ctx, arg_lu12i_w *a)
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+
+tcg_gen_movi_tl(dest, a->imm << 12);
+gen_set_gpr(a->rd, dest, EXT_NONE);
+
+return true;
+}
+
+static bool gen_pc(DisasContext *ctx, arg_r_i *a,
+   target_ulong (*func)(target_ulong, int))
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+target_ulong addr = func(ctx->base.pc_next, a->imm);
+
+tcg_gen_movi_tl(dest, addr);
+gen_set_gpr(a->rd, dest, EXT_NONE);
+
+return true;
+}
+
+static void gen_slt(TCGv dest, TCGv src1, TCGv src2)
+{
+tcg_gen_setcond_tl(TCG_COND_LT, dest, src1, src2);
+}
+
+static void gen_sltu(TCGv dest, TCGv src1, TCGv src2)
+{
+tcg_gen_setcond_tl(TCG_COND_LTU, dest, src1, src2);
+}
+
+static void gen_mulh_w(TCGv dest, TCGv src1, TCGv src2)
+{
+tcg_gen_mul_i64(dest, src1, src2);
+tcg_gen_sari_i64(dest, dest, 32);
+}
+
+static void gen_mulh_d(TCGv dest, TCGv src1, TCGv src2)
+{
+TCGv discard = tcg_temp_new();
+tcg_gen_muls2_tl(discard, dest, src1, src2);
+tcg_temp_free(discard);
+}
+
+static void gen_mulh_du(TCGv dest, TCGv src1, TCGv src2)
+{
+TCGv discard = tcg_temp_new();
+tcg_gen_mulu2_tl(discard, dest, src1, src2);
+tcg_temp_free(discard);
+}
+
+static void prep_divisor_d(TCGv ret, TCGv src1, TCGv src2)
+{
+TCGv t0 = tcg_temp_new();
+TCGv t1 = tcg_temp_new();
+TCGv zero = tcg_constant_tl(0);
+
+/*
+ * If min / -1, set the divisor to 1.
+ * This avoids potential host overflow trap and produces min.
+ * If x / 0, set the divisor to 1.
+ * This avoids potential host overflow trap;
+ * the required result is undefined.
+ */
+tcg_gen_setcondi_tl(TCG_COND_EQ, ret, src1, INT64_MIN);
+tcg_gen_setcondi_tl(TCG_COND_EQ, t0, src2, -1);
+tcg_gen_setcondi_tl(TCG_COND_EQ, t1, src2, 0);
+tcg_gen_and_tl(ret, ret, t0);
+tcg_gen_or_tl(ret, ret, t1);
+tcg_gen_movcond_tl(TCG_COND_NE, ret, ret, zero, ret, src2);
+
+tcg_temp_free(t0);
+tcg_temp_free(t1);
+}
+
+static void prep_divisor_du(TCGv ret, TCGv src2)
+{
+TCGv zero = tcg_constant_tl(0);
+TCGv one = tcg_constant_tl(1)

[PATCH v14 22/26] linux-user: Add LoongArch cpu_loop support

[Song Gao]

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 configure   |  3 +
 linux-user/loongarch64/cpu_loop.c   | 94 +
 linux-user/loongarch64/target_cpu.h | 34 +++
 3 files changed, 131 insertions(+)
 create mode 100644 linux-user/loongarch64/cpu_loop.c
 create mode 100644 linux-user/loongarch64/target_cpu.h

diff --git a/configure b/configure
index 030728d11e..93c4e5bd92 100755
--- a/configure
+++ b/configure
@@ -659,6 +659,9 @@ case "$cpu" in
   mips*)
 cpu="mips" ;;
 
+  loongarch)
+cpu="loongarch64" ;;
+
   ppc)
 CPU_CFLAGS="-m32" ;;
   ppc64)
diff --git a/linux-user/loongarch64/cpu_loop.c 
b/linux-user/loongarch64/cpu_loop.c
new file mode 100644
index 00..6628d215ca
--- /dev/null
+++ b/linux-user/loongarch64/cpu_loop.c
@@ -0,0 +1,94 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * QEMU LoongArch user cpu_loop.
+ *
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#include "qemu/osdep.h"
+#include "qemu.h"
+#include "qemu-common.h"
+#include "user-internals.h"
+#include "cpu_loop-common.h"
+#include "signal-common.h"
+
+void cpu_loop(CPULoongArchState *env)
+{
+CPUState *cs = env_cpu(env);
+int trapnr, si_code;
+abi_long ret;
+
+for (;;) {
+cpu_exec_start(cs);
+trapnr = cpu_exec(cs);
+cpu_exec_end(cs);
+process_queued_cpu_work(cs);
+
+switch (trapnr) {
+case EXCP_INTERRUPT:
+/* just indicate that signals should be handled asap */
+break;
+case EXCP_SYSCALL:
+env->pc += 4;
+ret = do_syscall(env, env->gpr[11],
+ env->gpr[4], env->gpr[5],
+ env->gpr[6], env->gpr[7],
+ env->gpr[8], env->gpr[9],
+ -1, -1);
+if (ret == -QEMU_ERESTARTSYS) {
+env->pc -= 4;
+break;
+}
+if (ret == -QEMU_ESIGRETURN) {
+/*
+ * Returning from a successful sigreturn syscall.
+ * Avoid clobbering register state.
+ */
+break;
+}
+env->gpr[4] = ret;
+break;
+case EXCP_INE:
+force_sig_fault(TARGET_SIGILL, 0, env->pc);
+break;
+case EXCP_FPE:
+si_code = TARGET_FPE_FLTUNK;
+if (GET_FP_CAUSE(env->fcsr0) & FP_INVALID) {
+si_code = TARGET_FPE_FLTINV;
+} else if (GET_FP_CAUSE(env->fcsr0) & FP_DIV0) {
+si_code = TARGET_FPE_FLTDIV;
+} else if (GET_FP_CAUSE(env->fcsr0) & FP_OVERFLOW) {
+si_code = TARGET_FPE_FLTOVF;
+} else if (GET_FP_CAUSE(env->fcsr0) & FP_UNDERFLOW) {
+si_code = TARGET_FPE_FLTUND;
+} else if (GET_FP_CAUSE(env->fcsr0) & FP_INEXACT) {
+si_code = TARGET_FPE_FLTRES;
+}
+force_sig_fault(TARGET_SIGFPE, si_code, env->pc);
+break;
+case EXCP_DEBUG:
+case EXCP_BREAK:
+force_sig_fault(TARGET_SIGTRAP, TARGET_TRAP_BRKPT, env->pc);
+break;
+case EXCP_ATOMIC:
+cpu_exec_step_atomic(cs);
+break;
+default:
+EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n",
+  trapnr);
+exit(EXIT_FAILURE);
+}
+process_pending_signals(env);
+}
+}
+
+void target_cpu_copy_regs(CPUArchState *env, struct target_pt_regs *regs)
+{
+int i;
+
+for (i = 0; i < 32; i++) {
+env->gpr[i] = regs->regs[i];
+}
+env->pc = regs->csr.era;
+
+}
diff --git a/linux-user/loongarch64/target_cpu.h 
b/linux-user/loongarch64/target_cpu.h
new file mode 100644
index 00..a29af66156
--- /dev/null
+++ b/linux-user/loongarch64/target_cpu.h
@@ -0,0 +1,34 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * LoongArch specific CPU ABI and functions for linux-user
+ *
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#ifndef LOONGARCH_TARGET_CPU_H
+#define LOONGARCH_TARGET_CPU_H
+
+static inline void cpu_clone_regs_child(CPULoongArchState *env,
+target_ulong newsp, unsigned flags)
+{
+if (newsp) {
+env->gpr[3] = newsp;
+}
+env->gpr[4] = 0;
+}
+
+static inline void cpu_clone_regs_parent(CPULoongArchState *env,
+ unsigned flags)
+{
+}
+
+static inline void cpu_set_tls(CPULoongArchState *env, target_ulong newtls)
+{
+env->gpr[2] = newtls;
+}
+
+static inline abi_ulong get_sp_from_cpustate(CPULoongArchState *state)
+{
+return state->gpr[3];
+}
+#endif
-- 
2.27.0

[PATCH v14 15/26] target/loongarch: Add branch instruction translation

[Song Gao]

This includes:
- BEQ, BNE, BLT[U], BGE[U]
- BEQZ, BNEZ
- B
- BL
- JIRL
- BCEQZ, BCNEZ

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 .../loongarch/insn_trans/trans_branch.c.inc   | 83 +++
 target/loongarch/insns.decode | 28 +++
 target/loongarch/translate.c  |  1 +
 3 files changed, 112 insertions(+)
 create mode 100644 target/loongarch/insn_trans/trans_branch.c.inc

diff --git a/target/loongarch/insn_trans/trans_branch.c.inc 
b/target/loongarch/insn_trans/trans_branch.c.inc
new file mode 100644
index 00..65dbdff41e
--- /dev/null
+++ b/target/loongarch/insn_trans/trans_branch.c.inc
@@ -0,0 +1,83 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+static bool trans_b(DisasContext *ctx, arg_b *a)
+{
+gen_goto_tb(ctx, 0, ctx->base.pc_next + a->offs);
+ctx->base.is_jmp = DISAS_NORETURN;
+return true;
+}
+
+static bool trans_bl(DisasContext *ctx, arg_bl *a)
+{
+tcg_gen_movi_tl(cpu_gpr[1], ctx->base.pc_next + 4);
+gen_goto_tb(ctx, 0, ctx->base.pc_next + a->offs);
+ctx->base.is_jmp = DISAS_NORETURN;
+return true;
+}
+
+static bool trans_jirl(DisasContext *ctx, arg_jirl *a)
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+
+tcg_gen_addi_tl(cpu_pc, src1, a->offs);
+tcg_gen_movi_tl(dest, ctx->base.pc_next + 4);
+gen_set_gpr(a->rd, dest, EXT_NONE);
+tcg_gen_lookup_and_goto_ptr();
+ctx->base.is_jmp = DISAS_NORETURN;
+return true;
+}
+
+static void gen_bc(DisasContext *ctx, TCGv src1, TCGv src2,
+   target_long offs, TCGCond cond)
+{
+TCGLabel *l = gen_new_label();
+tcg_gen_brcond_tl(cond, src1, src2, l);
+gen_goto_tb(ctx, 1, ctx->base.pc_next + 4);
+gen_set_label(l);
+gen_goto_tb(ctx, 0, ctx->base.pc_next + offs);
+ctx->base.is_jmp = DISAS_NORETURN;
+}
+
+static bool gen_rr_bc(DisasContext *ctx, arg_rr_offs *a, TCGCond cond)
+{
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rd, EXT_NONE);
+
+gen_bc(ctx, src1, src2, a->offs, cond);
+return true;
+}
+
+static bool gen_rz_bc(DisasContext *ctx, arg_r_offs *a, TCGCond cond)
+{
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = tcg_constant_tl(0);
+
+gen_bc(ctx, src1, src2, a->offs, cond);
+return true;
+}
+
+static bool gen_cz_bc(DisasContext *ctx, arg_c_offs *a, TCGCond cond)
+{
+TCGv src1 = tcg_temp_new();
+TCGv src2 = tcg_constant_tl(0);
+
+tcg_gen_ld8u_tl(src1, cpu_env,
+offsetof(CPULoongArchState, cf[a->cj]));
+gen_bc(ctx, src1, src2, a->offs, cond);
+return true;
+}
+
+TRANS(beq, gen_rr_bc, TCG_COND_EQ)
+TRANS(bne, gen_rr_bc, TCG_COND_NE)
+TRANS(blt, gen_rr_bc, TCG_COND_LT)
+TRANS(bge, gen_rr_bc, TCG_COND_GE)
+TRANS(bltu, gen_rr_bc, TCG_COND_LTU)
+TRANS(bgeu, gen_rr_bc, TCG_COND_GEU)
+TRANS(beqz, gen_rz_bc, TCG_COND_EQ)
+TRANS(bnez, gen_rz_bc, TCG_COND_NE)
+TRANS(bceqz, gen_cz_bc, TCG_COND_EQ)
+TRANS(bcnez, gen_cz_bc, TCG_COND_NE)
diff --git a/target/loongarch/insns.decode b/target/loongarch/insns.decode
index c9daa55574..3379d22979 100644
--- a/target/loongarch/insns.decode
+++ b/target/loongarch/insns.decode
@@ -10,6 +10,9 @@
 #
 %i14s2 10:s14   !function=shl_2
 %sa2p1 15:2 !function=plus_1
+%offs210:s5 10:16   !function=shl_2
+%offs1610:s16   !function=shl_2
+%offs260:s10 10:16  !function=shl_2
 
 #
 # Argument sets
@@ -38,6 +41,10 @@
 &rc   rd cj
 &frr  fd rj rk
 &fr_i fd rj imm
+&r_offs   rj offs
+&c_offs   cj offs
+&offs offs
+&rr_offs  rj rd offs
 
 #
 # Formats
@@ -74,6 +81,10 @@
 @rc  . . .. cj:3 rd:5&rc
 @frr     . rk:5 rj:5 fd:5&frr
 @fr_i12  .. imm:s12 rj:5 fd:5&fr_i
+@r_offs21  ..  rj:5 .&r_offs  
offs=%offs21
+@c_offs21   ..  .. cj:3 .&c_offs  
offs=%offs21
+@offs26 .. ..&offs
offs=%offs26
+@rr_offs16  ..  rj:5 rd:5&rr_offs 
offs=%offs16
 
 #
 # Fixed point arithmetic operation instruction
@@ -412,3 +423,20 @@ fstgt_s 0011 1111 01100 . . .
@frr
 fstgt_d 0011 1111 01101 . . .@frr
 fstle_s 0011 1111 01110 . . .@frr
 fstle_d 0011 1111 0 . . .@frr
+
+#
+# Branch instructions
+#
+beqz0100 00  . . @r_offs21
+bnez0100 01  . . @r_offs21
+bceqz   0100 10  00 ... .@c_offs21
+bcnez   0100 10  01 ... .@c_offs21
+jirl0100 11  

[PATCH v14 05/26] target/loongarch: Add fixed point shift instruction translation

[Song Gao]

This includes:
- SLL.W, SRL.W, SRA.W, ROTR.W
- SLLI.W, SRLI.W, SRAI.W, ROTRI.W
- SLL.D, SRL.D, SRA.D, ROTR.D
- SLLI.D, SRLI.D, SRAI.D, ROTRI.D

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 target/loongarch/insn_trans/trans_shift.c.inc | 106 ++
 target/loongarch/insns.decode |  22 
 target/loongarch/translate.c  |   1 +
 3 files changed, 129 insertions(+)
 create mode 100644 target/loongarch/insn_trans/trans_shift.c.inc

diff --git a/target/loongarch/insn_trans/trans_shift.c.inc 
b/target/loongarch/insn_trans/trans_shift.c.inc
new file mode 100644
index 00..5260af2337
--- /dev/null
+++ b/target/loongarch/insn_trans/trans_shift.c.inc
@@ -0,0 +1,106 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+static void gen_sll_w(TCGv dest, TCGv src1, TCGv src2)
+{
+TCGv t0 = tcg_temp_new();
+tcg_gen_andi_tl(t0, src2, 0x1f);
+tcg_gen_shl_tl(dest, src1, t0);
+tcg_temp_free(t0);
+}
+
+static void gen_srl_w(TCGv dest, TCGv src1, TCGv src2)
+{
+TCGv t0 = tcg_temp_new();
+tcg_gen_andi_tl(t0, src2, 0x1f);
+tcg_gen_shr_tl(dest, src1, t0);
+tcg_temp_free(t0);
+}
+
+static void gen_sra_w(TCGv dest, TCGv src1, TCGv src2)
+{
+TCGv t0 = tcg_temp_new();
+tcg_gen_andi_tl(t0, src2, 0x1f);
+tcg_gen_sar_tl(dest, src1, t0);
+tcg_temp_free(t0);
+}
+
+static void gen_sll_d(TCGv dest, TCGv src1, TCGv src2)
+{
+TCGv t0 = tcg_temp_new();
+tcg_gen_andi_tl(t0, src2, 0x3f);
+tcg_gen_shl_tl(dest, src1, t0);
+tcg_temp_free(t0);
+}
+
+static void gen_srl_d(TCGv dest, TCGv src1, TCGv src2)
+{
+TCGv t0 = tcg_temp_new();
+tcg_gen_andi_tl(t0, src2, 0x3f);
+tcg_gen_shr_tl(dest, src1, t0);
+tcg_temp_free(t0);
+}
+
+static void gen_sra_d(TCGv dest, TCGv src1, TCGv src2)
+{
+TCGv t0 = tcg_temp_new();
+tcg_gen_andi_tl(t0, src2, 0x3f);
+tcg_gen_sar_tl(dest, src1, t0);
+tcg_temp_free(t0);
+}
+
+static void gen_rotr_w(TCGv dest, TCGv src1, TCGv src2)
+{
+TCGv_i32 t1 = tcg_temp_new_i32();
+TCGv_i32 t2 = tcg_temp_new_i32();
+TCGv t0 = tcg_temp_new();
+
+tcg_gen_andi_tl(t0, src2, 0x1f);
+
+tcg_gen_trunc_tl_i32(t1, src1);
+tcg_gen_trunc_tl_i32(t2, t0);
+
+tcg_gen_rotr_i32(t1, t1, t2);
+tcg_gen_ext_i32_tl(dest, t1);
+
+tcg_temp_free_i32(t1);
+tcg_temp_free_i32(t2);
+tcg_temp_free(t0);
+}
+
+static void gen_rotr_d(TCGv dest, TCGv src1, TCGv src2)
+{
+TCGv t0 = tcg_temp_new();
+tcg_gen_andi_tl(t0, src2, 0x3f);
+tcg_gen_rotr_tl(dest, src1, t0);
+tcg_temp_free(t0);
+}
+
+static bool trans_srai_w(DisasContext *ctx, arg_srai_w *a)
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+TCGv src1 = gpr_src(ctx, a->rj, EXT_ZERO);
+
+tcg_gen_sextract_tl(dest, src1, a->imm, 32 - a->imm);
+gen_set_gpr(a->rd, dest, EXT_NONE);
+
+return true;
+}
+
+TRANS(sll_w, gen_rrr, EXT_ZERO, EXT_NONE, EXT_SIGN, gen_sll_w)
+TRANS(srl_w, gen_rrr, EXT_ZERO, EXT_NONE, EXT_SIGN, gen_srl_w)
+TRANS(sra_w, gen_rrr, EXT_SIGN, EXT_NONE, EXT_SIGN, gen_sra_w)
+TRANS(sll_d, gen_rrr, EXT_NONE, EXT_NONE, EXT_NONE, gen_sll_d)
+TRANS(srl_d, gen_rrr, EXT_NONE, EXT_NONE, EXT_NONE, gen_srl_d)
+TRANS(sra_d, gen_rrr, EXT_NONE, EXT_NONE, EXT_NONE, gen_sra_d)
+TRANS(rotr_w, gen_rrr, EXT_ZERO, EXT_NONE, EXT_SIGN, gen_rotr_w)
+TRANS(rotr_d, gen_rrr, EXT_NONE, EXT_NONE, EXT_NONE, gen_rotr_d)
+TRANS(slli_w, gen_rri_c, EXT_NONE, EXT_SIGN, tcg_gen_shli_tl)
+TRANS(slli_d, gen_rri_c, EXT_NONE, EXT_NONE, tcg_gen_shli_tl)
+TRANS(srli_w, gen_rri_c, EXT_ZERO, EXT_SIGN, tcg_gen_shri_tl)
+TRANS(srli_d, gen_rri_c, EXT_NONE, EXT_NONE, tcg_gen_shri_tl)
+TRANS(srai_d, gen_rri_c, EXT_NONE, EXT_NONE, tcg_gen_sari_tl)
+TRANS(rotri_w, gen_rri_v, EXT_NONE, EXT_NONE, gen_rotr_w)
+TRANS(rotri_d, gen_rri_c, EXT_NONE, EXT_NONE, tcg_gen_rotri_tl)
diff --git a/target/loongarch/insns.decode b/target/loongarch/insns.decode
index 8579c11984..673aee4be5 100644
--- a/target/loongarch/insns.decode
+++ b/target/loongarch/insns.decode
@@ -23,6 +23,8 @@
 #
 @rrr     . rk:5 rj:5 rd:5&rrr
 @r_i20   ... imm:s20 rd:5&r_i
+@rr_ui5     . imm:5 rj:5 rd:5&rr_i
+@rr_ui6   imm:6 rj:5 rd:5&rr_i
 @rr_i12  .. imm:s12 rj:5 rd:5&rr_i
 @rr_ui12  .. imm:12 rj:5 rd:5&rr_i
 @rr_i16  .. imm:s16 rj:5 rd:5&rr_i
@@ -77,3 +79,23 @@ addu16i_d   0001 00  . . 
@rr_i16
 andi 001101  . . @rr_ui12
 ori  001110  . . @rr_ui12
 xori 00  . . @rr_ui12
+
+#
+# Fixed point shift operation instruction
+#
+sll_w    0001 01110 . . .@rrr
+srl_w   0

[PATCH v14 01/26] target/loongarch: Add README

[Song Gao]

This patch gives an introduction to the LoongArch target.

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 MAINTAINERS |  5 +++
 target/loongarch/README | 77 +
 2 files changed, 82 insertions(+)
 create mode 100644 target/loongarch/README

diff --git a/MAINTAINERS b/MAINTAINERS
index f871d759fd..2df0d4a7c2 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -213,6 +213,11 @@ S: Maintained
 F: target/hppa/
 F: disas/hppa.c
 
+LoongArch TCG CPUS
+M: Song Gao 
+S: Maintained
+F: target/loongarch/
+
 M68K TCG CPUs
 M: Laurent Vivier 
 S: Maintained
diff --git a/target/loongarch/README b/target/loongarch/README
new file mode 100644
index 00..d5780c5918
--- /dev/null
+++ b/target/loongarch/README
@@ -0,0 +1,77 @@
+- Introduction
+
+  LoongArch is the general processor architecture of Loongson.
+
+  The following versions of the LoongArch core are supported
+core: 3A5000
+
https://github.com/loongson/LoongArch-Documentation/releases/download/2021.08.17/LoongArch-Vol1-v1.00-EN.pdf
+
+  We can get the latest loongarch documents at 
https://github.com/loongson/LoongArch-Documentation/tags.
+
+
+- Linux-user emulation
+
+  We already support Linux user emulation. We can use LoongArch cross-tools to 
build LoongArch executables on X86 machines,
+  and We can also use qemu-loongarch64 to run LoongArch executables.
+
+  1. Install LoongArch cross-tools on X86 machines.
+
+Download cross-tools.
+
+  wget 
https://github.com/loongson/build-tools/releases/latest/download/loongarch64-clfs-20211202-cross-tools.tar.xz
+
+  tar -vxf loongarch64-clfs-20211202-cross-tools.tar.xz -C /opt
+
+Config cross-tools env.
+
+  . setenv.sh
+
+  setenv.sh:
+
+  #!/bin/sh
+  set -x
+  CC_PREFIX=/opt/cross-tools
+
+  export PATH=$CC_PREFIX/bin:$PATH
+  export LD_LIBRARY_PATH=$CC_PREFIX/lib:$LD_LIBRARY_PATH
+  export 
LD_LIBRARY_PATH=$CC_PREFIX/loongarch64-unknown-linux-gnu/lib/:$LD_LIBRARY_PATH
+  set +x
+
+  2. Test tests/tcg/multiarch.
+
+./configure --disable-rdma --disable-pvrdma --prefix=/usr  \
+--target-list="loongarch64-linux-user"  \
+--disable-libiscsi --disable-libnfs --disable-libpmem \
+--disable-glusterfs --enable-libusb --enable-usb-redir \
+--disable-opengl --disable-xen --enable-spice --disable-werror \
+--enable-debug --disable-capstone --disable-kvm --enable-profiler
+
+cd  build/
+
+make && make check-tcg
+
+  3. Run LoongArch system basic command with loongarch-clfs-system.
+
+Download clfs-system.
+
+  wget 
https://github.com/loongson/build-tools/releases/latest/download/loongarch64-clfs-system-2021-12-02.tar.bz2
+
+  tar -vxf loongarch64-clfs-system-2021-12-02.tar.bz2 -C /opt/clfs
+  ln -s /opt/clfs/  /opt/clfs/tls
+
+Config env.
+
+  cp /opt/clfs/lib64/ld-linux-loongarch64.so.1   /lib64
+
+  export LD_LIBRARY_PATH="/opt/clfs/lib64"
+
+Run LoongArch system basic command.
+
+  ./qemu-loongarch64  /opt/clfs/usr/bin/bash
+  ./qemu-loongarch64  /opt/clfs/usr/bin/ls
+  ./qemu-loongarch64  /opt/clfs/usr/bin/pwd
+  ...
+
+
+- Note.
+  We can get the latest LoongArch documents or LoongArch tools at 
https://github.com/loongson/
-- 
2.27.0

[PATCH v14 23/26] default-configs: Add loongarch linux-user support

[Song Gao]

This patch adds loongarch64 linux-user default configs file.

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 configs/targets/loongarch64-linux-user.mak | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 configs/targets/loongarch64-linux-user.mak

diff --git a/configs/targets/loongarch64-linux-user.mak 
b/configs/targets/loongarch64-linux-user.mak
new file mode 100644
index 00..5b0acfa3ec
--- /dev/null
+++ b/configs/targets/loongarch64-linux-user.mak
@@ -0,0 +1,3 @@
+# Default configuration for loongson64-linux-user
+TARGET_ARCH=loongarch64
+TARGET_BASE_ARCH=loongarch
-- 
2.27.0

[PATCH v14 16/26] target/loongarch: Add disassembler

[Song Gao]

This patch adds support for disassembling via option '-d in_asm'.

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 include/disas/dis-asm.h  |   2 +
 meson.build  |   1 +
 target/loongarch/disas.c | 612 +++
 3 files changed, 615 insertions(+)
 create mode 100644 target/loongarch/disas.c

diff --git a/include/disas/dis-asm.h b/include/disas/dis-asm.h
index 08e1beec85..aeab30f19c 100644
--- a/include/disas/dis-asm.h
+++ b/include/disas/dis-asm.h
@@ -253,6 +253,7 @@ enum bfd_architecture
 #define bfd_mach_rx0x75
 #define bfd_mach_rx_v2 0x76
 #define bfd_mach_rx_v3 0x77
+  bfd_arch_loongarch,
   bfd_arch_last
   };
 #define bfd_mach_s390_31 31
@@ -461,6 +462,7 @@ int print_insn_riscv32  (bfd_vma, 
disassemble_info*);
 int print_insn_riscv64  (bfd_vma, disassemble_info*);
 int print_insn_rx(bfd_vma, disassemble_info *);
 int print_insn_hexagon(bfd_vma, disassemble_info *);
+int print_insn_loongarch(bfd_vma, disassemble_info *);
 
 #ifdef CONFIG_CAPSTONE
 bool cap_disas_target(disassemble_info *info, uint64_t pc, size_t size);
diff --git a/meson.build b/meson.build
index 53065e96ec..fa4c6dd241 100644
--- a/meson.build
+++ b/meson.build
@@ -1848,6 +1848,7 @@ disassemblers = {
   'sh4' : ['CONFIG_SH4_DIS'],
   'sparc' : ['CONFIG_SPARC_DIS'],
   'xtensa' : ['CONFIG_XTENSA_DIS'],
+  'loongarch' : ['CONFIG_LOONGARCH_DIS'],
 }
 if link_language == 'cpp'
   disassemblers += {
diff --git a/target/loongarch/disas.c b/target/loongarch/disas.c
new file mode 100644
index 00..45be34de27
--- /dev/null
+++ b/target/loongarch/disas.c
@@ -0,0 +1,612 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * QEMU LoongArch Disassembler
+ *
+ * Copyright (c) 2021 Loongson Technology Corporation Limited.
+ */
+
+#include "qemu/osdep.h"
+#include "disas/dis-asm.h"
+#include "qemu/bitops.h"
+
+typedef struct {
+disassemble_info *info;
+uint64_t pc;
+uint32_t insn;
+} DisasContext;
+
+static inline int plus_1(DisasContext *ctx, int x)
+{
+return x + 1;
+}
+
+static inline int shl_2(DisasContext *ctx, int x)
+{
+return x * 4;
+}
+
+#define output(C, INSN, FMT, ...)   \
+{   \
+(C)->info->fprintf_func((C)->info->stream, "%08x   %-9s\t" FMT, \
+(C)->insn, INSN, ##__VA_ARGS__);\
+}
+
+#include "decode-insns.c.inc"
+
+int print_insn_loongarch(bfd_vma memaddr, struct disassemble_info *info)
+{
+bfd_byte buffer[4];
+uint32_t insn;
+int status;
+
+status = (*info->read_memory_func)(memaddr, buffer, 4, info);
+if (status != 0) {
+(*info->memory_error_func)(status, memaddr, info);
+return -1;
+}
+insn = bfd_getl32(buffer);
+DisasContext ctx = {
+.info = info,
+.pc = memaddr,
+.insn = insn
+};
+
+if (!decode(&ctx, insn)) {
+output(&ctx, "illegal", "");
+}
+return 4;
+}
+
+static void output_r_i(DisasContext *ctx, arg_r_i *a, const char *mnemonic)
+{
+output(ctx, mnemonic, "r%d, %d", a->rd, a->imm);
+}
+
+static void output_rrr(DisasContext *ctx, arg_rrr *a, const char *mnemonic)
+{
+output(ctx, mnemonic, "r%d, r%d, r%d", a->rd, a->rj, a->rk);
+}
+
+static void output_rr_i(DisasContext *ctx, arg_rr_i *a, const char *mnemonic)
+{
+output(ctx, mnemonic, "r%d, r%d, %d", a->rd, a->rj, a->imm);
+}
+
+static void output_rrr_sa(DisasContext *ctx, arg_rrr_sa *a,
+  const char *mnemonic)
+{
+output(ctx, mnemonic, "r%d, r%d, r%d, %d", a->rd, a->rj, a->rk, a->sa);
+}
+
+static void output_rr(DisasContext *ctx, arg_rr *a, const char *mnemonic)
+{
+output(ctx, mnemonic, "r%d, r%d", a->rd, a->rj);
+}
+
+static void output_rr_ms_ls(DisasContext *ctx, arg_rr_ms_ls *a,
+  const char *mnemonic)
+{
+output(ctx, mnemonic, "r%d, r%d, %d, %d", a->rd, a->rj, a->ms, a->ls);
+}
+
+static void output_hint_r_i(DisasContext *ctx, arg_hint_r_i *a,
+const char *mnemonic)
+{
+output(ctx, mnemonic, "%d, r%d, %d", a->hint, a->rj, a->imm);
+}
+
+static void output_i(DisasContext *ctx, arg_i *a, const char *mnemonic)
+{
+output(ctx, mnemonic, "%d", a->imm);
+}
+
+static void output_rr_jk(DisasContext *ctx, arg_rr_jk *a,
+ const char *mnemonic)
+{
+output(ctx, mnemonic, "r%d, r%d", a->rj, a->rk);
+}
+
+static void output_ff(DisasContext *ctx, arg_ff *a, const char *mnemonic)
+{
+output(ctx, mnemonic, "f%d, f%d", a->fd, a->fj);
+}
+
+static void output_fff(DisasContext *ctx, arg_fff *a, const char *mnemonic)
+{
+output(ctx, mnemonic, "f%d, f%d, f%d", a->fd, a->fj, a->fk);
+}
+
+static void output_(DisasContext *ctx, arg_ *a, const char *mnemonic)
+{
+output(ctx, mnemonic, "f%d, f%d, f%d, f%d", a->fd, a->fj, a->fk, a->fa);
+}
+
+static void o

[PATCH v14 06/26] target/loongarch: Add fixed point bit instruction translation

[Song Gao]

This includes:
- EXT.W.{B/H}
- CL{O/Z}.{W/D}, CT{O/Z}.{W/D}
- BYTEPICK.{W/D}
- REVB.{2H/4H/2W/D}
- REVH.{2W/D}
- BITREV.{4B/8B}, BITREV.{W/D}
- BSTRINS.{W/D}, BSTRPICK.{W/D}
- MASKEQZ, MASKNEZ

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 target/loongarch/helper.h   |   4 +
 target/loongarch/insn_trans/trans_bit.c.inc | 212 
 target/loongarch/insns.decode   |  39 
 target/loongarch/op_helper.c|  21 ++
 target/loongarch/translate.c|   1 +
 5 files changed, 277 insertions(+)
 create mode 100644 target/loongarch/insn_trans/trans_bit.c.inc

diff --git a/target/loongarch/helper.h b/target/loongarch/helper.h
index eb771c0628..04e0245d5e 100644
--- a/target/loongarch/helper.h
+++ b/target/loongarch/helper.h
@@ -4,3 +4,7 @@
  */
 
 DEF_HELPER_2(raise_exception, noreturn, env, i32)
+
+DEF_HELPER_FLAGS_1(bitrev_w, TCG_CALL_NO_RWG_SE, tl, tl)
+DEF_HELPER_FLAGS_1(bitrev_d, TCG_CALL_NO_RWG_SE, tl, tl)
+DEF_HELPER_FLAGS_1(bitswap, TCG_CALL_NO_RWG_SE, tl, tl)
diff --git a/target/loongarch/insn_trans/trans_bit.c.inc 
b/target/loongarch/insn_trans/trans_bit.c.inc
new file mode 100644
index 00..9337714ec4
--- /dev/null
+++ b/target/loongarch/insn_trans/trans_bit.c.inc
@@ -0,0 +1,212 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+static bool gen_rr(DisasContext *ctx, arg_rr *a,
+   DisasExtend src_ext, DisasExtend dst_ext,
+   void (*func)(TCGv, TCGv))
+{
+TCGv dest = gpr_dst(ctx, a->rd, dst_ext);
+TCGv src1 = gpr_src(ctx, a->rj, src_ext);
+
+func(dest, src1);
+gen_set_gpr(a->rd, dest, dst_ext);
+
+return true;
+}
+
+static void gen_bytepick_w(TCGv dest, TCGv src1, TCGv src2, target_long sa)
+{
+tcg_gen_concat_tl_i64(dest, src1, src2);
+tcg_gen_sextract_i64(dest, dest, (32 - sa * 8), 32);
+}
+
+static void gen_bytepick_d(TCGv dest, TCGv src1, TCGv src2, target_long sa)
+{
+tcg_gen_extract2_i64(dest, src1, src2, (64 - sa * 8));
+}
+
+static void gen_bstrins(TCGv dest, TCGv src1,
+unsigned int ls, unsigned int len)
+{
+tcg_gen_deposit_tl(dest, dest, src1, ls, len);
+}
+
+static bool gen_rr_ms_ls(DisasContext *ctx, arg_rr_ms_ls *a,
+ DisasExtend src_ext, DisasExtend dst_ext,
+ void (*func)(TCGv, TCGv, unsigned int, unsigned int))
+{
+TCGv dest = gpr_dst(ctx, a->rd, dst_ext);
+TCGv src1 = gpr_src(ctx, a->rj, src_ext);
+
+if (a->ls > a->ms) {
+return false;
+}
+
+func(dest, src1, a->ls, a->ms - a->ls + 1);
+gen_set_gpr(a->rd, dest, dst_ext);
+
+return true;
+}
+
+static void gen_clz_w(TCGv dest, TCGv src1)
+{
+tcg_gen_clzi_tl(dest, src1, TARGET_LONG_BITS);
+tcg_gen_subi_tl(dest, dest, TARGET_LONG_BITS - 32);
+}
+
+static void gen_clo_w(TCGv dest, TCGv src1)
+{
+tcg_gen_not_tl(dest, src1);
+tcg_gen_ext32u_tl(dest, dest);
+gen_clz_w(dest, dest);
+}
+
+static void gen_ctz_w(TCGv dest, TCGv src1)
+{
+tcg_gen_ori_tl(dest, src1, (target_ulong)MAKE_64BIT_MASK(32, 32));
+tcg_gen_ctzi_tl(dest, dest, TARGET_LONG_BITS);
+}
+
+static void gen_cto_w(TCGv dest, TCGv src1)
+{
+tcg_gen_not_tl(dest, src1);
+gen_ctz_w(dest, dest);
+}
+
+static void gen_clz_d(TCGv dest, TCGv src1)
+{
+tcg_gen_clzi_i64(dest, src1, TARGET_LONG_BITS);
+}
+
+static void gen_clo_d(TCGv dest, TCGv src1)
+{
+tcg_gen_not_tl(dest, src1);
+gen_clz_d(dest, dest);
+}
+
+static void gen_ctz_d(TCGv dest, TCGv src1)
+{
+tcg_gen_ctzi_tl(dest, src1, TARGET_LONG_BITS);
+}
+
+static void gen_cto_d(TCGv dest, TCGv src1)
+{
+tcg_gen_not_tl(dest, src1);
+gen_ctz_d(dest, dest);
+}
+
+static void gen_revb_2w(TCGv dest, TCGv src1)
+{
+tcg_gen_bswap64_i64(dest, src1);
+tcg_gen_rotri_i64(dest, dest, 32);
+}
+
+static void gen_revb_2h(TCGv dest, TCGv src1)
+{
+TCGv mask = tcg_constant_tl(0x00FF00FF);
+TCGv t0 = tcg_temp_new();
+TCGv t1 = tcg_temp_new();
+
+tcg_gen_shri_tl(t0, src1, 8);
+tcg_gen_and_tl(t0, t0, mask);
+tcg_gen_and_tl(t1, src1, mask);
+tcg_gen_shli_tl(t1, t1, 8);
+tcg_gen_or_tl(dest, t0, t1);
+
+tcg_temp_free(t0);
+tcg_temp_free(t1);
+}
+
+static void gen_revb_4h(TCGv dest, TCGv src1)
+{
+TCGv mask = tcg_constant_tl(0x00FF00FF00FF00FFULL);
+TCGv t0 = tcg_temp_new();
+TCGv t1 = tcg_temp_new();
+
+tcg_gen_shri_tl(t0, src1, 8);
+tcg_gen_and_tl(t0, t0, mask);
+tcg_gen_and_tl(t1, src1, mask);
+tcg_gen_shli_tl(t1, t1, 8);
+tcg_gen_or_tl(dest, t0, t1);
+
+tcg_temp_free(t0);
+tcg_temp_free(t1);
+}
+
+static void gen_revh_2w(TCGv dest, TCGv src1)
+{
+TCGv_i64 t0 = tcg_temp_new_i64();
+TCGv_i64 t1 = tcg_temp_new_i64();
+TCGv_i64 mask = tcg_constant_i64(0xull);
+
+tcg_gen_shri_i64(t0, src1, 16);
+tcg_gen_and_i64(t1, src1,

[PATCH v14 20/26] linux-user: Add LoongArch elf support

[Song Gao]

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
Reviewed-by: Philippe Mathieu-Daudé 
---
 linux-user/elfload.c| 53 +
 linux-user/loongarch64/target_elf.h | 12 +++
 2 files changed, 65 insertions(+)
 create mode 100644 linux-user/loongarch64/target_elf.h

diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 767f54c76d..2ee83778f2 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -914,6 +914,59 @@ static void elf_core_copy_regs(target_elf_gregset_t *regs, 
const CPUPPCState *en
 
 #endif
 
+#ifdef TARGET_LOONGARCH64
+
+#define ELF_START_MMAP 0x8000
+
+#define ELF_CLASS   ELFCLASS64
+#define ELF_ARCHEM_LOONGARCH
+
+#define elf_check_arch(x) ((x) == EM_LOONGARCH)
+static inline void init_thread(struct target_pt_regs *regs,
+   struct image_info *infop)
+{
+regs->csr.crmd = 2 << 3;
+regs->csr.era = infop->entry;
+regs->regs[3] = infop->start_stack;
+}
+
+/* See linux kernel: arch/loongarch/include/asm/elf.h.  */
+#define ELF_NREG 45
+typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
+
+enum {
+TARGET_EF_R0 = 0,
+TARGET_EF_CSR_ERA = TARGET_EF_R0 + 32,
+TARGET_EF_CSR_BADV = TARGET_EF_R0 + 33,
+};
+
+static void elf_core_copy_regs(target_elf_gregset_t *regs,
+   const CPULoongArchState *env)
+{
+int i;
+
+(*regs)[TARGET_EF_R0] = 0;
+
+for (i = 1; i < ARRAY_SIZE(env->gpr); i++) {
+(*regs)[TARGET_EF_R0 + i] = tswapreg(env->gpr[i]);
+}
+
+(*regs)[TARGET_EF_CSR_ERA] = tswapreg(env->pc);
+(*regs)[TARGET_EF_CSR_BADV] = tswapreg(env->badaddr);
+}
+
+#define USE_ELF_CORE_DUMP
+#define ELF_EXEC_PAGESIZE4096
+
+#define ELF_HWCAP get_elf_hwcap()
+
+static uint32_t get_elf_hwcap(void)
+{
+return 0;
+}
+
+#endif /* TARGET_LOONGARCH64 */
+
 #ifdef TARGET_MIPS
 
 #define ELF_START_MMAP 0x8000
diff --git a/linux-user/loongarch64/target_elf.h 
b/linux-user/loongarch64/target_elf.h
new file mode 100644
index 00..3c690bbf5b
--- /dev/null
+++ b/linux-user/loongarch64/target_elf.h
@@ -0,0 +1,12 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#ifndef LOONGARCH_TARGET_ELF_H
+#define LOONGARCH_TARGET_ELF_H
+static inline const char *cpu_get_model(uint32_t eflags)
+{
+return "Loongson-3A5000";
+}
+#endif
-- 
2.27.0

[PATCH v14 07/26] target/loongarch: Add fixed point load/store instruction translation

[Song Gao]

This includes:
- LD.{B[U]/H[U]/W[U]/D}, ST.{B/H/W/D}
- LDX.{B[U]/H[U]/W[U]/D}, STX.{B/H/W/D}
- LDPTR.{W/D}, STPTR.{W/D}
- PRELD
- LD{GT/LE}.{B/H/W/D}, ST{GT/LE}.{B/H/W/D}
- DBAR, IBAR

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 target/loongarch/helper.h |   3 +
 .../loongarch/insn_trans/trans_memory.c.inc   | 229 ++
 target/loongarch/insns.decode |  55 +
 target/loongarch/op_helper.c  |  15 ++
 target/loongarch/translate.c  |   6 +
 5 files changed, 308 insertions(+)
 create mode 100644 target/loongarch/insn_trans/trans_memory.c.inc

diff --git a/target/loongarch/helper.h b/target/loongarch/helper.h
index 04e0245d5e..100622bfc2 100644
--- a/target/loongarch/helper.h
+++ b/target/loongarch/helper.h
@@ -8,3 +8,6 @@ DEF_HELPER_2(raise_exception, noreturn, env, i32)
 DEF_HELPER_FLAGS_1(bitrev_w, TCG_CALL_NO_RWG_SE, tl, tl)
 DEF_HELPER_FLAGS_1(bitrev_d, TCG_CALL_NO_RWG_SE, tl, tl)
 DEF_HELPER_FLAGS_1(bitswap, TCG_CALL_NO_RWG_SE, tl, tl)
+
+DEF_HELPER_FLAGS_3(asrtle_d, TCG_CALL_NO_WG, void, env, tl, tl)
+DEF_HELPER_FLAGS_3(asrtgt_d, TCG_CALL_NO_WG, void, env, tl, tl)
diff --git a/target/loongarch/insn_trans/trans_memory.c.inc 
b/target/loongarch/insn_trans/trans_memory.c.inc
new file mode 100644
index 00..9003d9af9a
--- /dev/null
+++ b/target/loongarch/insn_trans/trans_memory.c.inc
@@ -0,0 +1,229 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+static bool gen_load(DisasContext *ctx, arg_rr_i *a, MemOp mop)
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+TCGv addr = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv temp = NULL;
+
+if (a->imm) {
+temp = tcg_temp_new();
+tcg_gen_addi_tl(temp, addr, a->imm);
+addr = temp;
+}
+
+tcg_gen_qemu_ld_tl(dest, addr, ctx->mem_idx, mop);
+gen_set_gpr(a->rd, dest, EXT_NONE);
+
+if (temp) {
+tcg_temp_free(temp);
+}
+
+return true;
+}
+
+static bool gen_store(DisasContext *ctx, arg_rr_i *a, MemOp mop)
+{
+TCGv data = gpr_src(ctx, a->rd, EXT_NONE);
+TCGv addr = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv temp = NULL;
+
+if (a->imm) {
+temp = tcg_temp_new();
+tcg_gen_addi_tl(temp, addr, a->imm);
+addr = temp;
+}
+
+tcg_gen_qemu_st_tl(data, addr, ctx->mem_idx, mop);
+
+if (temp) {
+tcg_temp_free(temp);
+}
+
+return true;
+}
+
+static bool gen_loadx(DisasContext *ctx, arg_rrr *a, MemOp mop)
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+TCGv addr = tcg_temp_new();
+
+tcg_gen_add_tl(addr, src1, src2);
+tcg_gen_qemu_ld_tl(dest, addr, ctx->mem_idx, mop);
+gen_set_gpr(a->rd, dest, EXT_NONE);
+tcg_temp_free(addr);
+
+return true;
+}
+
+static bool gen_storex(DisasContext *ctx, arg_rrr *a, MemOp mop)
+{
+TCGv data = gpr_src(ctx, a->rd, EXT_NONE);
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+TCGv addr = tcg_temp_new();
+
+tcg_gen_add_tl(addr, src1, src2);
+tcg_gen_qemu_st_tl(data, addr, ctx->mem_idx, mop);
+tcg_temp_free(addr);
+
+return true;
+}
+
+static bool gen_load_gt(DisasContext *ctx, arg_rrr *a, MemOp mop)
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+
+gen_helper_asrtgt_d(cpu_env, src1, src2);
+tcg_gen_qemu_ld_tl(dest, src1, ctx->mem_idx, mop);
+gen_set_gpr(a->rd, dest, EXT_NONE);
+
+return true;
+}
+
+static bool gen_load_le(DisasContext *ctx, arg_rrr *a, MemOp mop)
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+
+gen_helper_asrtle_d(cpu_env, src1, src2);
+tcg_gen_qemu_ld_tl(dest, src1, ctx->mem_idx, mop);
+gen_set_gpr(a->rd, dest, EXT_NONE);
+
+return true;
+}
+
+static bool gen_store_gt(DisasContext *ctx, arg_rrr *a, MemOp mop)
+{
+TCGv data = gpr_src(ctx, a->rd, EXT_NONE);
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+
+gen_helper_asrtgt_d(cpu_env, src1, src2);
+tcg_gen_qemu_st_tl(data, src1, ctx->mem_idx, mop);
+
+return true;
+}
+
+static bool gen_store_le(DisasContext *ctx, arg_rrr *a, MemOp mop)
+{
+TCGv data = gpr_src(ctx, a->rd, EXT_NONE);
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+
+gen_helper_asrtle_d(cpu_env, src1, src2);
+tcg_gen_qemu_st_tl(data, src1, ctx->mem_idx, mop);
+
+return true;
+}
+
+static bool trans_preld(DisasContext *ctx, arg_preld *a)
+{
+return true;
+}
+
+static bool trans_dbar(DisasContext *ctx, arg_dbar * a)
+{
+tcg_gen_mb(TCG_BAR_SC | TCG_M

[PATCH v14 02/26] target/loongarch: Add core definition

[Song Gao]

This patch adds target state header, target definitions
and initialization routines.

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
Reviewed-by: Philippe Mathieu-Daudé 
---
 target/loongarch/cpu-param.h |  18 ++
 target/loongarch/cpu.c   | 314 +++
 target/loongarch/cpu.h   | 252 
 target/loongarch/internals.h |  21 +++
 4 files changed, 605 insertions(+)
 create mode 100644 target/loongarch/cpu-param.h
 create mode 100644 target/loongarch/cpu.c
 create mode 100644 target/loongarch/cpu.h
 create mode 100644 target/loongarch/internals.h

diff --git a/target/loongarch/cpu-param.h b/target/loongarch/cpu-param.h
new file mode 100644
index 00..9a769b67e0
--- /dev/null
+++ b/target/loongarch/cpu-param.h
@@ -0,0 +1,18 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * LoongArch CPU parameters for QEMU.
+ *
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#ifndef LOONGARCH_CPU_PARAM_H
+#define LOONGARCH_CPU_PARAM_H
+
+#define TARGET_LONG_BITS 64
+#define TARGET_PHYS_ADDR_SPACE_BITS 48
+#define TARGET_VIRT_ADDR_SPACE_BITS 48
+
+#define TARGET_PAGE_BITS 14
+#define NB_MMU_MODES 4
+
+#endif
diff --git a/target/loongarch/cpu.c b/target/loongarch/cpu.c
new file mode 100644
index 00..76b89d1606
--- /dev/null
+++ b/target/loongarch/cpu.c
@@ -0,0 +1,314 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * QEMU LoongArch CPU
+ *
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/qemu-print.h"
+#include "qapi/error.h"
+#include "qemu/module.h"
+#include "sysemu/qtest.h"
+#include "exec/exec-all.h"
+#include "qapi/qapi-commands-machine-target.h"
+#include "cpu.h"
+#include "internals.h"
+#include "fpu/softfloat-helpers.h"
+
+const char * const regnames[32] = {
+"r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7",
+"r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15",
+"r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
+"r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31",
+};
+
+const char * const fregnames[32] = {
+"f0", "f1", "f2", "f3", "f4", "f5", "f6", "f7",
+"f8", "f9", "f10", "f11", "f12", "f13", "f14", "f15",
+"f16", "f17", "f18", "f19", "f20", "f21", "f22", "f23",
+"f24", "f25", "f26", "f27", "f28", "f29", "f30", "f31",
+};
+
+static const char * const excp_names[EXCP_LAST + 1] = {
+[EXCP_SYSCALL] = "Syscall",
+[EXCP_BREAK] = "Break",
+[EXCP_INE] = "Instruction Non-existent",
+[EXCP_FPE] = "Floating Point Exception",
+};
+
+const char *loongarch_exception_name(int32_t exception)
+{
+assert(excp_names[exception]);
+return excp_names[exception];
+}
+
+void QEMU_NORETURN do_raise_exception(CPULoongArchState *env,
+  uint32_t exception,
+  uintptr_t pc)
+{
+CPUState *cs = env_cpu(env);
+
+qemu_log_mask(CPU_LOG_INT, "%s: %d (%s)\n",
+  __func__,
+  exception,
+  loongarch_exception_name(exception));
+cs->exception_index = exception;
+
+cpu_loop_exit_restore(cs, pc);
+}
+
+static void loongarch_cpu_set_pc(CPUState *cs, vaddr value)
+{
+LoongArchCPU *cpu = LOONGARCH_CPU(cs);
+CPULoongArchState *env = &cpu->env;
+
+env->pc = value;
+}
+
+#ifdef CONFIG_TCG
+static void loongarch_cpu_synchronize_from_tb(CPUState *cs,
+  const TranslationBlock *tb)
+{
+LoongArchCPU *cpu = LOONGARCH_CPU(cs);
+CPULoongArchState *env = &cpu->env;
+
+env->pc = tb->pc;
+}
+#endif /* CONFIG_TCG */
+
+static bool loongarch_cpu_has_work(CPUState *cs)
+{
+return true;
+}
+
+static void loongarch_3a5000_initfn(Object *obj)
+{
+LoongArchCPU *cpu = LOONGARCH_CPU(obj);
+CPULoongArchState *env = &cpu->env;
+int i;
+
+for (i = 0; i < 21; i++) {
+env->cpucfg[i] = 0x0;
+}
+
+env->cpucfg[0] = 0x14c010;  /* PRID */
+
+uint32_t data = 0;
+data = FIELD_DP32(data, CPUCFG1, ARCH, 2);
+data = FIELD_DP32(data, CPUCFG1, PGMMU, 1);
+data = FIELD_DP32(data, CPUCFG1, IOCSR, 1);
+data = FIELD_DP32(data, CPUCFG1, PALEN, 0x2f);
+data = FIELD_DP32(data, CPUCFG1, VALEN, 0x2f);
+data = FIELD_DP32(data, CPUCFG1, UAL, 1);
+data = FIELD_DP32(data, CPUCFG1, RI, 1);
+data = FIELD_DP32(data, CPUCFG1, EP, 1);
+data = FIELD_DP32(data, CPUCFG1, RPLV, 1);
+data = FIELD_DP32(data, CPUCFG1, HP, 1);
+data = FIELD_DP32(data, CPUCFG1, IOCSR_BRD, 1);
+env->cpucfg[1] = data;
+
+data = 0;
+data = FIELD_DP32(data, CPUCFG2, FP, 1);
+data = FIELD_DP32(data, CPUCFG2, FP_SP, 1);
+data = FIELD_DP32(data, CPUCFG2, FP_DP, 1);
+data = FIELD_DP32(data, CPUCFG2, FP_VER, 1);
+data = FIELD_DP32(data, CPUCFG2, LLFTP, 1);
+data = FIELD_DP32(data, CPUCFG2, LLFTP_VER, 1);
+data = FIELD_DP32(data, CPUCFG2, LSPW, 1);
+   

[PATCH v14 19/26] linux-user: Add LoongArch signal support

[Song Gao]

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
---
 linux-user/loongarch64/signal.c| 198 +
 linux-user/loongarch64/target_signal.h |  13 ++
 2 files changed, 211 insertions(+)
 create mode 100644 linux-user/loongarch64/signal.c
 create mode 100644 linux-user/loongarch64/target_signal.h

diff --git a/linux-user/loongarch64/signal.c b/linux-user/loongarch64/signal.c
new file mode 100644
index 00..9f0e6421b2
--- /dev/null
+++ b/linux-user/loongarch64/signal.c
@@ -0,0 +1,198 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * LoongArch emulation of Linux signals
+ *
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#include "qemu/osdep.h"
+#include "qemu.h"
+#include "signal-common.h"
+#include "user-internals.h"
+#include "linux-user/trace.h"
+
+#define FPU_REG_WIDTH 256
+union fpureg {
+uint32_t val32[FPU_REG_WIDTH / 32];
+uint64_t val64[FPU_REG_WIDTH / 64];
+};
+
+struct target_sigcontext {
+uint64_t sc_pc;
+uint64_t sc_regs[32];
+uint32_t sc_flags;
+uint32_t sc_fcsr;
+uint32_t sc_vcsr;
+uint64_t sc_fcc;
+uint64_t sc_scr[4];
+union fpureg sc_fpregs[32] __attribute__((aligned(32)));
+uint8_t sc_reserved[4096] __attribute__((aligned(16)));
+};
+
+struct target_ucontext {
+target_ulong tuc_flags;
+struct target_ucontext *tuc_link;
+target_stack_t tuc_stack;
+target_sigset_t tuc_sigmask;
+uint8_t __unused[1024 / 8 - sizeof(target_sigset_t)];
+struct target_sigcontext tuc_mcontext;
+};
+
+struct target_rt_sigframe {
+struct target_siginfo rs_info;
+struct target_ucontext rs_uc;
+};
+
+static uint64_t read_all_fcc(CPULoongArchState *env)
+{
+uint64_t ret = 0;
+
+for (int i = 0; i < 8; ++i) {
+ret |= (uint64_t)env->cf[i] << (i * 8);
+}
+
+return ret;
+}
+
+static void write_all_fcc(CPULoongArchState *env, uint64_t val)
+{
+for (int i = 0; i < 8; ++i) {
+env->cf[i] = (val >> (i * 8)) & 1;
+}
+}
+
+static inline void setup_sigcontext(CPULoongArchState *env,
+struct target_sigcontext *sc)
+{
+int i;
+
+__put_user(env->pc, &sc->sc_pc);
+__put_user(0, &sc->sc_regs[0]);
+__put_user(env->fcsr0, &sc->sc_fcsr);
+__put_user(0, &sc->sc_vcsr);
+sc->sc_fcc = read_all_fcc(env);
+
+for (i = 0; i < 4; ++i) {
+__put_user(0, &sc->sc_scr[i]);
+}
+
+for (i = 1; i < 32; ++i) {
+__put_user(env->gpr[i], &sc->sc_regs[i]);
+}
+
+for (i = 0; i < 32; ++i) {
+__put_user(env->fpr[i], &sc->sc_fpregs[i].val64[0]);
+}
+}
+
+static inline void
+restore_sigcontext(CPULoongArchState *env, struct target_sigcontext *sc)
+{
+int i;
+
+__get_user(env->pc, &sc->sc_pc);
+__get_user(env->fcsr0, &sc->sc_fcsr);
+write_all_fcc(env, sc->sc_fcc);
+
+for (i = 1; i < 32; ++i) {
+__get_user(env->gpr[i], &sc->sc_regs[i]);
+}
+
+for (i = 0; i < 32; ++i) {
+__get_user(env->fpr[i], &sc->sc_fpregs[i].val64[0]);
+}
+}
+
+/*
+ * Determine which stack to use..
+ */
+static inline abi_ulong
+get_sigframe(struct target_sigaction *ka, CPULoongArchState *env,
+ size_t frame_size)
+{
+unsigned long sp;
+
+sp = target_sigsp(get_sp_from_cpustate(env) - 32, ka);
+
+return (sp - frame_size) & ~15;
+}
+
+void setup_rt_frame(int sig, struct target_sigaction *ka,
+target_siginfo_t *info,
+target_sigset_t *set, CPULoongArchState *env)
+{
+struct target_rt_sigframe *frame;
+abi_ulong frame_addr;
+int i;
+
+frame_addr = get_sigframe(ka, env, sizeof(*frame));
+trace_user_setup_rt_frame(env, frame_addr);
+if (!lock_user_struct(VERIFY_WRITE, frame, frame_addr, 0)) {
+goto give_sigsegv;
+}
+
+tswap_siginfo(&frame->rs_info, info);
+
+__put_user(0, &frame->rs_uc.tuc_flags);
+__put_user(0, &frame->rs_uc.tuc_link);
+target_save_altstack(&frame->rs_uc.tuc_stack, env);
+
+setup_sigcontext(env, &frame->rs_uc.tuc_mcontext);
+
+for (i = 0; i < TARGET_NSIG_WORDS; i++) {
+__put_user(set->sig[i], &frame->rs_uc.tuc_sigmask.sig[i]);
+}
+
+env->gpr[4] = sig;
+env->gpr[5] = frame_addr + offsetof(struct target_rt_sigframe, rs_info);
+env->gpr[6] = frame_addr + offsetof(struct target_rt_sigframe, rs_uc);
+env->gpr[3] = frame_addr;
+env->gpr[1] = default_rt_sigreturn;
+
+env->pc = ka->_sa_handler;
+unlock_user_struct(frame, frame_addr, 1);
+return;
+
+give_sigsegv:
+unlock_user_struct(frame, frame_addr, 1);
+force_sigsegv(sig);
+}
+
+long do_rt_sigreturn(CPULoongArchState *env)
+{
+struct target_rt_sigframe *frame;
+abi_ulong frame_addr;
+sigset_t blocked;
+
+frame_addr = env->gpr[3];
+trace_user_do_rt_sigreturn(env, frame_addr);
+if (!lock_user_struct(VERIFY_READ, frame, frame_addr, 1)) {
+goto badframe;
+}
+
+target_to_host_sigset(&blocked, &frame->rs_

[PATCH v14 17/26] linux-user: Add LoongArch generic header files

[Song Gao]

This includes:
- sockbits.h
- target_errno_defs.h
- target_fcntl.h
- termbits.h

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
Reviewed-by: Philippe Mathieu-Daudé 
---
 linux-user/loongarch64/sockbits.h  | 11 +++
 linux-user/loongarch64/target_errno_defs.h | 12 
 linux-user/loongarch64/target_fcntl.h  | 11 +++
 linux-user/loongarch64/termbits.h  | 11 +++
 4 files changed, 45 insertions(+)
 create mode 100644 linux-user/loongarch64/sockbits.h
 create mode 100644 linux-user/loongarch64/target_errno_defs.h
 create mode 100644 linux-user/loongarch64/target_fcntl.h
 create mode 100644 linux-user/loongarch64/termbits.h

diff --git a/linux-user/loongarch64/sockbits.h 
b/linux-user/loongarch64/sockbits.h
new file mode 100644
index 00..1cffcae120
--- /dev/null
+++ b/linux-user/loongarch64/sockbits.h
@@ -0,0 +1,11 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#ifndef LOONGARCH_TARGET_SOCKBITS_H
+#define LOONGARCH_TARGET_SOCKBITS_H
+
+#include "../generic/sockbits.h"
+
+#endif
diff --git a/linux-user/loongarch64/target_errno_defs.h 
b/linux-user/loongarch64/target_errno_defs.h
new file mode 100644
index 00..c198b8aca9
--- /dev/null
+++ b/linux-user/loongarch64/target_errno_defs.h
@@ -0,0 +1,12 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#ifndef LOONGARCH_TARGET_ERRNO_DEFS_H
+#define LOONGARCH_TARGET_ERRNO_DEFS_H
+
+/* Target uses generic errno */
+#include "../generic/target_errno_defs.h"
+
+#endif
diff --git a/linux-user/loongarch64/target_fcntl.h 
b/linux-user/loongarch64/target_fcntl.h
new file mode 100644
index 00..99bf586854
--- /dev/null
+++ b/linux-user/loongarch64/target_fcntl.h
@@ -0,0 +1,11 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#ifndef LOONGARCH_TARGET_FCNTL_H
+#define LOONGARCH_TARGET_FCNTL_H
+
+#include "../generic/fcntl.h"
+
+#endif
diff --git a/linux-user/loongarch64/termbits.h 
b/linux-user/loongarch64/termbits.h
new file mode 100644
index 00..d425db8748
--- /dev/null
+++ b/linux-user/loongarch64/termbits.h
@@ -0,0 +1,11 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#ifndef LOONGARCH_TARGET_TERMBITS_H
+#define LOONGARCH_TARGET_TERMBITS_H
+
+#include "../generic/termbits.h"
+
+#endif
-- 
2.27.0

[PATCH v14 11/26] target/loongarch: Add floating point comparison instruction translation

[Song Gao]

This includes:
- FCMP.cond.{S/D}

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 target/loongarch/fpu_helper.c| 60 
 target/loongarch/helper.h|  9 +++
 target/loongarch/insn_trans/trans_fcmp.c.inc | 56 ++
 target/loongarch/insns.decode|  8 +++
 target/loongarch/internals.h |  5 ++
 target/loongarch/translate.c |  1 +
 6 files changed, 139 insertions(+)
 create mode 100644 target/loongarch/insn_trans/trans_fcmp.c.inc

diff --git a/target/loongarch/fpu_helper.c b/target/loongarch/fpu_helper.c
index c4e35f8d2b..089a5be199 100644
--- a/target/loongarch/fpu_helper.c
+++ b/target/loongarch/fpu_helper.c
@@ -401,3 +401,63 @@ uint64_t helper_fmuladd_d(CPULoongArchState *env, uint64_t 
fj,
 update_fcsr0(env, GETPC());
 return fd;
 }
+
+static uint64_t fcmp_common(CPULoongArchState *env, FloatRelation cmp,
+uint32_t flags)
+{
+bool ret;
+
+switch (cmp) {
+case float_relation_less:
+ret = (flags & FCMP_LT);
+break;
+case float_relation_equal:
+ret = (flags & FCMP_EQ);
+break;
+case float_relation_greater:
+ret = (flags & FCMP_GT);
+break;
+case float_relation_unordered:
+ret = (flags & FCMP_UN);
+break;
+default:
+g_assert_not_reached();
+}
+update_fcsr0(env, GETPC());
+
+return ret;
+}
+
+/* fcmp_cXXX_s */
+uint64_t helper_fcmp_c_s(CPULoongArchState *env, uint64_t fj,
+ uint64_t fk, uint32_t flags)
+{
+FloatRelation cmp = float32_compare_quiet((uint32_t)fj,
+  (uint32_t)fk, &env->fp_status);
+return fcmp_common(env, cmp, flags);
+}
+
+/* fcmp_sXXX_s */
+uint64_t helper_fcmp_s_s(CPULoongArchState *env, uint64_t fj,
+ uint64_t fk, uint32_t flags)
+{
+FloatRelation cmp = float32_compare((uint32_t)fj,
+(uint32_t)fk, &env->fp_status);
+return fcmp_common(env, cmp, flags);
+}
+
+/* fcmp_cXXX_d */
+uint64_t helper_fcmp_c_d(CPULoongArchState *env, uint64_t fj,
+ uint64_t fk, uint32_t flags)
+{
+FloatRelation cmp = float64_compare_quiet(fj, fk, &env->fp_status);
+return fcmp_common(env, cmp, flags);
+}
+
+/* fcmp_sXXX_d */
+uint64_t helper_fcmp_s_d(CPULoongArchState *env, uint64_t fj,
+ uint64_t fk, uint32_t flags)
+{
+FloatRelation cmp = float64_compare(fj, fk, &env->fp_status);
+return fcmp_common(env, cmp, flags);
+}
diff --git a/target/loongarch/helper.h b/target/loongarch/helper.h
index 840bad9b2f..25a891bf8b 100644
--- a/target/loongarch/helper.h
+++ b/target/loongarch/helper.h
@@ -52,3 +52,12 @@ DEF_HELPER_FLAGS_2(frecip_d, TCG_CALL_NO_WG, i64, env, i64)
 
 DEF_HELPER_FLAGS_2(fclass_s, TCG_CALL_NO_RWG_SE, i64, env, i64)
 DEF_HELPER_FLAGS_2(fclass_d, TCG_CALL_NO_RWG_SE, i64, env, i64)
+
+/* fcmp.cXXX.s */
+DEF_HELPER_4(fcmp_c_s, i64, env, i64, i64, i32)
+/* fcmp.sXXX.s */
+DEF_HELPER_4(fcmp_s_s, i64, env, i64, i64, i32)
+/* fcmp.cXXX.d */
+DEF_HELPER_4(fcmp_c_d, i64, env, i64, i64, i32)
+/* fcmp.sXXX.d */
+DEF_HELPER_4(fcmp_s_d, i64, env, i64, i64, i32)
diff --git a/target/loongarch/insn_trans/trans_fcmp.c.inc 
b/target/loongarch/insn_trans/trans_fcmp.c.inc
new file mode 100644
index 00..93a6a2230f
--- /dev/null
+++ b/target/loongarch/insn_trans/trans_fcmp.c.inc
@@ -0,0 +1,56 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+/* bit0(signaling/quiet) bit1(lt) bit2(eq) bit3(un) bit4(neq) */
+static uint32_t get_fcmp_flags(int cond)
+{
+uint32_t flags = 0;
+
+if (cond & 0x1) {
+flags |= FCMP_LT;
+}
+if (cond & 0x2) {
+flags |= FCMP_EQ;
+}
+if (cond & 0x4) {
+flags |= FCMP_UN;
+}
+if (cond & 0x8) {
+flags |= FCMP_GT | FCMP_LT;
+}
+return flags;
+}
+
+static bool trans_fcmp_cond_s(DisasContext *ctx, arg_fcmp_cond_s *a)
+{
+TCGv var = tcg_temp_new();
+uint32_t flags;
+void (*fn)(TCGv, TCGv_env, TCGv, TCGv, TCGv_i32);
+
+fn = (a->fcond & 1 ? gen_helper_fcmp_s_s : gen_helper_fcmp_c_s);
+flags = get_fcmp_flags(a->fcond >> 1);
+
+fn(var, cpu_env, cpu_fpr[a->fj], cpu_fpr[a->fk], tcg_constant_i32(flags));
+
+tcg_gen_st8_tl(var, cpu_env, offsetof(CPULoongArchState, cf[a->cd]));
+tcg_temp_free(var);
+return true;
+}
+
+static bool trans_fcmp_cond_d(DisasContext *ctx, arg_fcmp_cond_d *a)
+{
+TCGv var = tcg_temp_new();
+uint32_t flags;
+void (*fn)(TCGv, TCGv_env, TCGv, TCGv, TCGv_i32);
+fn = (a->fcond & 1 ? gen_helper_fcmp_s_d : gen_helper_fcmp_c_d);
+flags = get_fcmp_flags(a->fcond >> 1);
+
+fn(var, cpu_env, cpu_fpr[a->fj], cpu_fpr[a->fk], tcg_constant_i32(flags));
+
+tcg_gen_st8_tl(var, cpu_env, offset

[PATCH v14 08/26] target/loongarch: Add fixed point atomic instruction translation

[Song Gao]

This includes:
- LL.{W/D}, SC.{W/D}
- AM{SWAP/ADD/AND/OR/XOR/MAX/MIN}[_DB].{W/D}
- AM{MAX/MIN}[_DB].{WU/DU}

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 .../loongarch/insn_trans/trans_atomic.c.inc   | 114 ++
 .../loongarch/insn_trans/trans_memory.c.inc   |   2 +-
 target/loongarch/insns.decode |  44 +++
 target/loongarch/translate.c  |   1 +
 4 files changed, 160 insertions(+), 1 deletion(-)
 create mode 100644 target/loongarch/insn_trans/trans_atomic.c.inc

diff --git a/target/loongarch/insn_trans/trans_atomic.c.inc 
b/target/loongarch/insn_trans/trans_atomic.c.inc
new file mode 100644
index 00..f89b9a58e9
--- /dev/null
+++ b/target/loongarch/insn_trans/trans_atomic.c.inc
@@ -0,0 +1,114 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+static bool gen_ll(DisasContext *ctx, arg_rr_i *a,
+   void (*func)(TCGv, TCGv, int))
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv t0 = tcg_temp_new();
+
+tcg_gen_addi_tl(t0, src1, a->imm);
+func(dest, t0, ctx->mem_idx);
+tcg_gen_st_tl(t0, cpu_env, offsetof(CPULoongArchState, lladdr));
+tcg_gen_st_tl(dest, cpu_env, offsetof(CPULoongArchState, llval));
+gen_set_gpr(a->rd, dest, EXT_NONE);
+tcg_temp_free(t0);
+
+return true;
+}
+
+static bool gen_sc(DisasContext *ctx, arg_rr_i *a, MemOp mop)
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rd, EXT_NONE);
+TCGv t0 = tcg_temp_new();
+TCGv val = tcg_temp_new();
+
+TCGLabel *l1 = gen_new_label();
+TCGLabel *done = gen_new_label();
+
+tcg_gen_addi_tl(t0, src1, a->imm);
+tcg_gen_brcond_tl(TCG_COND_EQ, t0, cpu_lladdr, l1);
+tcg_gen_movi_tl(dest, 0);
+tcg_gen_br(done);
+
+gen_set_label(l1);
+tcg_gen_mov_tl(val, src2);
+/* generate cmpxchg */
+tcg_gen_atomic_cmpxchg_tl(t0, cpu_lladdr, cpu_llval,
+  val, ctx->mem_idx, mop);
+tcg_gen_setcond_tl(TCG_COND_EQ, dest, t0, cpu_llval);
+gen_set_label(done);
+gen_set_gpr(a->rd, dest, EXT_NONE);
+tcg_temp_free(t0);
+tcg_temp_free(val);
+
+return true;
+}
+
+static bool gen_am(DisasContext *ctx, arg_rrr *a,
+   void (*func)(TCGv, TCGv, TCGv, TCGArg, MemOp),
+   MemOp mop)
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+TCGv addr = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv val = gpr_src(ctx, a->rk, EXT_NONE);
+
+if (a->rd != 0 && (a->rj == a->rd || a->rk == a->rd)) {
+qemu_log_mask(LOG_GUEST_ERROR,
+  "Warning: source register overlaps destination register"
+  "in atomic insn at pc=0x" TARGET_FMT_lx "\n",
+  ctx->base.pc_next - 4);
+return false;
+}
+
+func(dest, addr, val, ctx->mem_idx, mop);
+gen_set_gpr(a->rd, dest, EXT_NONE);
+
+return true;
+}
+
+TRANS(ll_w, gen_ll, tcg_gen_qemu_ld32s)
+TRANS(sc_w, gen_sc, MO_TESL)
+TRANS(ll_d, gen_ll, tcg_gen_qemu_ld64)
+TRANS(sc_d, gen_sc, MO_TEQ)
+TRANS(amswap_w, gen_am, tcg_gen_atomic_xchg_tl, MO_TESL)
+TRANS(amswap_d, gen_am, tcg_gen_atomic_xchg_tl, MO_TEQ)
+TRANS(amadd_w, gen_am, tcg_gen_atomic_fetch_add_tl, MO_TESL)
+TRANS(amadd_d, gen_am, tcg_gen_atomic_fetch_add_tl, MO_TEQ)
+TRANS(amand_w, gen_am, tcg_gen_atomic_fetch_and_tl, MO_TESL)
+TRANS(amand_d, gen_am, tcg_gen_atomic_fetch_and_tl, MO_TEQ)
+TRANS(amor_w, gen_am, tcg_gen_atomic_fetch_or_tl, MO_TESL)
+TRANS(amor_d, gen_am, tcg_gen_atomic_fetch_or_tl, MO_TEQ)
+TRANS(amxor_w, gen_am, tcg_gen_atomic_fetch_xor_tl, MO_TESL)
+TRANS(amxor_d, gen_am, tcg_gen_atomic_fetch_xor_tl, MO_TEQ)
+TRANS(ammax_w, gen_am, tcg_gen_atomic_fetch_smax_tl, MO_TESL)
+TRANS(ammax_d, gen_am, tcg_gen_atomic_fetch_smax_tl, MO_TEQ)
+TRANS(ammin_w, gen_am, tcg_gen_atomic_fetch_smin_tl, MO_TESL)
+TRANS(ammin_d, gen_am, tcg_gen_atomic_fetch_smin_tl, MO_TEQ)
+TRANS(ammax_wu, gen_am, tcg_gen_atomic_fetch_umax_tl, MO_TESL)
+TRANS(ammax_du, gen_am, tcg_gen_atomic_fetch_umax_tl, MO_TEQ)
+TRANS(ammin_wu, gen_am, tcg_gen_atomic_fetch_umin_tl, MO_TESL)
+TRANS(ammin_du, gen_am, tcg_gen_atomic_fetch_umin_tl, MO_TEQ)
+TRANS(amswap_db_w, gen_am, tcg_gen_atomic_xchg_tl, MO_TESL)
+TRANS(amswap_db_d, gen_am, tcg_gen_atomic_xchg_tl, MO_TEQ)
+TRANS(amadd_db_w, gen_am, tcg_gen_atomic_fetch_add_tl, MO_TESL)
+TRANS(amadd_db_d, gen_am, tcg_gen_atomic_fetch_add_tl, MO_TEQ)
+TRANS(amand_db_w, gen_am, tcg_gen_atomic_fetch_and_tl, MO_TESL)
+TRANS(amand_db_d, gen_am, tcg_gen_atomic_fetch_and_tl, MO_TEQ)
+TRANS(amor_db_w, gen_am, tcg_gen_atomic_fetch_or_tl, MO_TESL)
+TRANS(amor_db_d, gen_am, tcg_gen_atomic_fetch_or_tl, MO_TEQ)
+TRANS(amxor_db_w, gen_am, tcg_gen_atomic_fetch_xor_tl, MO_TESL)
+TRANS(amxor_db_d, gen_am, tcg_gen_atomic_fetch_xor_tl, MO_TEQ)
+TRA

Re: [PATCH 2/2] virtio: Add shared memory capability

[Michael S. Tsirkin]

On Wed, Nov 10, 2021 at 05:42:20PM +0100, Antonio Caggiano wrote:
> From: "Dr. David Alan Gilbert" 
> 
> Define a new capability type 'VIRTIO_PCI_CAP_SHARED_MEMORY_CFG'
> and the data structure 'virtio_pci_shm_cap' to go with it.
> They allow defining shared memory regions with sizes and offsets
> of 2^32 and more.
> Multiple instances of the capability are allowed and distinguished
> by a device-specific 'id'.
> 
> v2: Remove virtio_pci_shm_cap as virtio_pci_cap64 is used instead.
> 
> Signed-off-by: Dr. David Alan Gilbert 
> (cherry picked from commit a5d628a3a3c5e60b98b15197c36a77056115)

Where's that commit? I think we should drop this, right?

> Signed-off-by: Antonio Caggiano 
> ---
>  hw/virtio/virtio-pci.c | 19 +++
>  hw/virtio/virtio-pci.h |  4 
>  2 files changed, 23 insertions(+)
> 
> diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
> index 750aa47ec1..8152d3c1b3 100644
> --- a/hw/virtio/virtio-pci.c
> +++ b/hw/virtio/virtio-pci.c
> @@ -1162,6 +1162,25 @@ static int virtio_pci_add_mem_cap(VirtIOPCIProxy 
> *proxy,
>  return offset;
>  }
>  
> +int virtio_pci_add_shm_cap(VirtIOPCIProxy *proxy,
> +   uint8_t bar, uint64_t offset, uint64_t length,
> +   uint8_t id)
> +{
> +struct virtio_pci_cap64 cap = {
> +.cap.cap_len = sizeof cap,
> +.cap.cfg_type = VIRTIO_PCI_CAP_SHARED_MEMORY_CFG,
> +};
> +uint32_t mask32 = ~0;
> +
> +cap.cap.bar = bar;
> +cap.cap.length = cpu_to_le32(length & mask32);
> +cap.length_hi = cpu_to_le32((length >> 32) & mask32);
> +cap.cap.offset = cpu_to_le32(offset & mask32);
> +cap.offset_hi = cpu_to_le32((offset >> 32) & mask32);
> +cap.cap.id = id;
> +return virtio_pci_add_mem_cap(proxy, &cap.cap);


You don't need & mask32 I think. cpu_to_le32 will truncate
the value.


> +}
> +
>  static uint64_t virtio_pci_common_read(void *opaque, hwaddr addr,
> unsigned size)
>  {
> diff --git a/hw/virtio/virtio-pci.h b/hw/virtio/virtio-pci.h
> index 2446dcd9ae..5e5c4a4c6d 100644
> --- a/hw/virtio/virtio-pci.h
> +++ b/hw/virtio/virtio-pci.h
> @@ -252,4 +252,8 @@ void virtio_pci_types_register(const 
> VirtioPCIDeviceTypeInfo *t);
>   */
>  unsigned virtio_pci_optimal_num_queues(unsigned fixed_queues);
>  
> +int virtio_pci_add_shm_cap(VirtIOPCIProxy *proxy,
> +   uint8_t bar, uint64_t offset, uint64_t length,
> +   uint8_t id);
> +
>  #endif

So it's a new API, but where's the user?
I guess just include this patch with where-ever it's actually used.

> -- 
> 2.32.0

Re: How to get started with contribution for GSOC'22

[Alex Bennée]

Aakarshit Agarwal  writes:

> Hello Sir/Ma'am,
>
> I am Aakarshit Agarwal, final year student pursuing B.Tech in computer 
> science with a specialization in DevOps from UPES Dehradun. I
> love the topic and technologies you used for GSoC'21. I would love to 
> contribute to your organization for GSoC'22 and know more about it.
>
> Can you please tell me how to get started?

We have a number of Bite Sized tasks in the bug tracker which are good
tasks to get familiar with the code base and code submission process:

  
https://gitlab.com/qemu-project/qemu/-/issues?scope=all&state=opened&label_name[]=Bite%20Sized

It's worth commenting on and assigning yourself to the bug to avoid
duplication or gather comments from other developers. We have a growing
amount of development documentation:

  https://qemu.readthedocs.io/en/latest/devel/index.html
  https://qemu.readthedocs.io/en/latest/devel/submitting-a-patch.html

To talk to developers and discuss potential project ideas please join
the IRC channel (or via https://matrix.to/#/#_oftc_#qemu:matrix.org).
There is also a qemu-gsoc channel specifically for GSoC related queries.

You can look over the previous GSoC pages to get ideas for projects or
come up with your own. It will be awhile before GSoC submissions open
but nothing stops you from getting familiar with the code and
development process before hand.

>
> Hoping to hear from you soon.
>
> Regards,
> Aakarshit Agarwal


-- 
Alex Bennée

[PATCH v14 14/26] target/loongarch: Add floating point load/store instruction translation

[Song Gao]

This includes:
- FLD.{S/D}, FST.{S/D}
- FLDX.{S/D}, FSTX.{S/D}
- FLD{GT/LE}.{S/D}, FST{GT/LE}.{S/D}

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 .../loongarch/insn_trans/trans_fmemory.c.inc  | 153 ++
 target/loongarch/insns.decode |  24 +++
 target/loongarch/translate.c  |   1 +
 3 files changed, 178 insertions(+)
 create mode 100644 target/loongarch/insn_trans/trans_fmemory.c.inc

diff --git a/target/loongarch/insn_trans/trans_fmemory.c.inc 
b/target/loongarch/insn_trans/trans_fmemory.c.inc
new file mode 100644
index 00..c9b7c04fc0
--- /dev/null
+++ b/target/loongarch/insn_trans/trans_fmemory.c.inc
@@ -0,0 +1,153 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+static void maybe_nanbox_load(TCGv freg, MemOp mop)
+{
+if ((mop & MO_SIZE) == MO_32) {
+gen_nanbox_s(freg, freg);
+}
+}
+
+static bool gen_fload_i(DisasContext *ctx, arg_fr_i *a, MemOp mop)
+{
+TCGv addr = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv temp = NULL;
+
+if (a->imm) {
+temp = tcg_temp_new();
+tcg_gen_addi_tl(temp, addr, a->imm);
+addr = temp;
+}
+
+tcg_gen_qemu_ld_tl(cpu_fpr[a->fd], addr, ctx->mem_idx, mop);
+maybe_nanbox_load(cpu_fpr[a->fd], mop);
+
+if (temp) {
+tcg_temp_free(temp);
+}
+
+return true;
+}
+
+static bool gen_fstore_i(DisasContext *ctx, arg_fr_i *a, MemOp mop)
+{
+TCGv addr = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv temp = NULL;
+
+if (a->imm) {
+temp = tcg_temp_new();
+tcg_gen_addi_tl(temp, addr, a->imm);
+addr = temp;
+}
+
+tcg_gen_qemu_st_tl(cpu_fpr[a->fd], addr, ctx->mem_idx, mop);
+
+if (temp) {
+tcg_temp_free(temp);
+}
+return true;
+}
+
+static bool gen_floadx(DisasContext *ctx, arg_frr *a, MemOp mop)
+{
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+TCGv addr = tcg_temp_new();
+
+tcg_gen_add_tl(addr, src1, src2);
+tcg_gen_qemu_ld_tl(cpu_fpr[a->fd], addr, ctx->mem_idx, mop);
+maybe_nanbox_load(cpu_fpr[a->fd], mop);
+tcg_temp_free(addr);
+
+return true;
+}
+
+static bool gen_fstorex(DisasContext *ctx, arg_frr *a, MemOp mop)
+{
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+TCGv addr = tcg_temp_new();
+
+tcg_gen_add_tl(addr, src1, src2);
+tcg_gen_qemu_st_tl(cpu_fpr[a->fd], addr, ctx->mem_idx, mop);
+tcg_temp_free(addr);
+
+return true;
+}
+
+static bool gen_fload_gt(DisasContext *ctx, arg_frr *a, MemOp mop)
+{
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+TCGv addr = tcg_temp_new();
+
+gen_helper_asrtgt_d(cpu_env, src1, src2);
+tcg_gen_add_tl(addr, src1, src2);
+tcg_gen_qemu_ld_tl(cpu_fpr[a->fd], addr, ctx->mem_idx, mop);
+maybe_nanbox_load(cpu_fpr[a->fd], mop);
+tcg_temp_free(addr);
+
+return true;
+}
+
+static bool gen_fstore_gt(DisasContext *ctx, arg_frr *a, MemOp mop)
+{
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+TCGv addr = tcg_temp_new();
+
+gen_helper_asrtgt_d(cpu_env, src1, src2);
+tcg_gen_add_tl(addr, src1, src2);
+tcg_gen_qemu_st_tl(cpu_fpr[a->fd], addr, ctx->mem_idx, mop);
+tcg_temp_free(addr);
+
+return true;
+}
+
+static bool gen_fload_le(DisasContext *ctx, arg_frr *a, MemOp mop)
+{
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+TCGv addr = tcg_temp_new();
+
+gen_helper_asrtle_d(cpu_env, src1, src2);
+tcg_gen_add_tl(addr, src1, src2);
+tcg_gen_qemu_ld_tl(cpu_fpr[a->fd], addr, ctx->mem_idx, mop);
+maybe_nanbox_load(cpu_fpr[a->fd], mop);
+tcg_temp_free(addr);
+
+return true;
+}
+
+static bool gen_fstore_le(DisasContext *ctx, arg_frr *a, MemOp mop)
+{
+TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
+TCGv src2 = gpr_src(ctx, a->rk, EXT_NONE);
+TCGv addr = tcg_temp_new();
+
+gen_helper_asrtle_d(cpu_env, src1, src2);
+tcg_gen_add_tl(addr, src1, src2);
+tcg_gen_qemu_st_tl(cpu_fpr[a->fd], addr, ctx->mem_idx, mop);
+tcg_temp_free(addr);
+
+return true;
+}
+
+TRANS(fld_s, gen_fload_i, MO_TEUL)
+TRANS(fst_s, gen_fstore_i, MO_TEUL)
+TRANS(fld_d, gen_fload_i, MO_TEQ)
+TRANS(fst_d, gen_fstore_i, MO_TEQ)
+TRANS(fldx_s, gen_floadx, MO_TEUL)
+TRANS(fldx_d, gen_floadx, MO_TEQ)
+TRANS(fstx_s, gen_fstorex, MO_TEUL)
+TRANS(fstx_d, gen_fstorex, MO_TEQ)
+TRANS(fldgt_s, gen_fload_gt, MO_TEUL)
+TRANS(fldgt_d, gen_fload_gt, MO_TEQ)
+TRANS(fldle_s, gen_fload_le, MO_TEUL)
+TRANS(fldle_d, gen_fload_le, MO_TEQ)
+TRANS(fstgt_s, gen_fstore_gt, MO_TEUL)
+TRANS(fstgt_d, gen_fstore_gt, MO_TEQ)
+TRANS(fstle_s, gen_fstore_le, MO_TEUL)
+TRANS(fstle_d, gen_fstore_le, MO_TEQ)
diff --git a/target/loongarch/insns.decode b/target/loo

Re: [PATCH 00/10] vhost: stick to -errno error return convention

[Michael S. Tsirkin]

On Thu, Nov 11, 2021 at 06:33:44PM +0300, Roman Kagan wrote:
> Error propagation between the generic vhost code and the specific backends is
> not quite consistent: some places follow "return -1 and set errno" convention,
> while others assume "return negated errno".  Furthermore, not enough care is
> taken not to clobber errno.
> 
> As a result, on certain code paths the errno resulting from a failure may get
> overridden by another function call, and then that zero errno inidicating
> success is propagated up the stack, leading to failures being lost.  In
> particular, we've seen errors in the communication with a vhost-user-blk slave
> not trigger an immediate connection drop and reconnection, leaving it in a
> broken state.
> 
> Rework error propagation to always return negated errno on errors and
> correctly pass it up the stack.
> 
> Roman Kagan (10):
>   vhost-user-blk: reconnect on any error during realize
>   chardev/char-socket: tcp_chr_recv: don't clobber errno
>   chardev/char-socket: tcp_chr_sync_read: don't clobber errno
>   chardev/char-fe: don't allow EAGAIN from blocking read

So I dropped this one. If you are so inclined, pls work on
this separately.

>   vhost-backend: avoid overflow on memslots_limit
>   vhost-backend: stick to -errno error return convention
>   vhost-vdpa: stick to -errno error return convention
>   vhost-user: stick to -errno error return convention
>   vhost: stick to -errno error return convention
>   vhost-user-blk: propagate error return from generic vhost
> 
>  chardev/char-fe.c |   7 +-
>  chardev/char-socket.c |  17 +-
>  hw/block/vhost-user-blk.c |   4 +-
>  hw/virtio/vhost-backend.c |   4 +-
>  hw/virtio/vhost-user.c| 401 +-
>  hw/virtio/vhost-vdpa.c|  37 ++--
>  hw/virtio/vhost.c |  98 +-
>  7 files changed, 307 insertions(+), 261 deletions(-)
> 
> -- 
> 2.33.1
> 

[PATCH v14 18/26] linux-user: Add LoongArch specific structures

[Song Gao]

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
---
 linux-user/loongarch64/target_structs.h | 47 +
 1 file changed, 47 insertions(+)
 create mode 100644 linux-user/loongarch64/target_structs.h

diff --git a/linux-user/loongarch64/target_structs.h 
b/linux-user/loongarch64/target_structs.h
new file mode 100644
index 00..8be3609fe8
--- /dev/null
+++ b/linux-user/loongarch64/target_structs.h
@@ -0,0 +1,47 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * LoongArch specific structures for linux-user
+ *
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+#ifndef LOONGARCH_TARGET_STRUCTS_H
+#define LOONGARCH_TARGET_STRUCTS_H
+
+struct target_ipc_perm {
+abi_int __key;  /* Key.  */
+abi_uint uid;   /* Owner's user ID.  */
+abi_uint gid;   /* Owner's group ID.  */
+abi_uint cuid;  /* Creator's user ID.  */
+abi_uint cgid;  /* Creator's group ID.  */
+abi_ushort mode;/* Read/write permission.  */
+abi_ushort __pad1;
+abi_ushort __seq;   /* Sequence number.  */
+abi_ushort __pad2;
+abi_ulong __unused1;
+abi_ulong __unused2;
+};
+
+struct target_shmid_ds {
+struct target_ipc_perm shm_perm;/* operation permission struct */
+abi_long shm_segsz; /* size of segment in bytes */
+abi_ulong shm_atime;/* time of last shmat() */
+#if TARGET_ABI_BITS == 32
+abi_ulong __unused1;
+#endif
+abi_ulong shm_dtime;/* time of last shmdt() */
+#if TARGET_ABI_BITS == 32
+abi_ulong __unused2;
+#endif
+abi_ulong shm_ctime;/* time of last change by shmctl() */
+#if TARGET_ABI_BITS == 32
+abi_ulong __unused3;
+#endif
+abi_int shm_cpid;   /* pid of creator */
+abi_int shm_lpid;   /* pid of last shmop */
+abi_ulong shm_nattch;   /* number of current attaches */
+abi_ulong __unused4;
+abi_ulong __unused5;
+};
+
+#endif
-- 
2.27.0

Re: [PATCH 2/2] multifd: cleanup the function multifd_send_thread

[Li Zhang]

ping

On 12/22/21 12:30 PM, Li Zhang wrote:

Cleanup multifd_send_thread

Signed-off-by: Li Zhang 
---
  migration/multifd.c | 82 ++---
  1 file changed, 41 insertions(+), 41 deletions(-)

diff --git a/migration/multifd.c b/migration/multifd.c
index 4ec40739e0..7888d71bfe 100644
--- a/migration/multifd.c
+++ b/migration/multifd.c
@@ -649,58 +649,58 @@ static void *multifd_send_thread(void *opaque)
  break;
  }
  qemu_mutex_lock(&p->mutex);
-
-if (p->pending_job) {
-uint32_t used = p->pages->num;
-uint64_t packet_num = p->packet_num;
-uint32_t flags = p->flags;
-
-if (used) {
-ret = multifd_send_state->ops->send_prepare(p, &local_err);
-if (ret != 0) {
-qemu_mutex_unlock(&p->mutex);
-break;
-}
-}
-multifd_send_fill_packet(p);
-p->flags = 0;
-p->num_packets++;
-p->num_pages += used;
-p->pages->num = 0;
-p->pages->block = NULL;
+if (!p->quit && !p->pending_job) {
+/* sometimes there are spurious wakeups */
+qemu_mutex_unlock(&p->mutex);
+continue;
+} else if (!p->pending_job) {
  qemu_mutex_unlock(&p->mutex);
+break;
+}
  
-trace_multifd_send(p->id, packet_num, used, flags,

-   p->next_packet_size);
+uint32_t used = p->pages->num;
+uint64_t packet_num = p->packet_num;
+uint32_t flags = p->flags;
  
-ret = qio_channel_write_all(p->c, (void *)p->packet,

-p->packet_len, &local_err);
+if (used) {
+ret = multifd_send_state->ops->send_prepare(p, &local_err);
  if (ret != 0) {
+qemu_mutex_unlock(&p->mutex);
  break;
  }
+}
+multifd_send_fill_packet(p);
+p->flags = 0;
+p->num_packets++;
+p->num_pages += used;
+p->pages->num = 0;
+p->pages->block = NULL;
+qemu_mutex_unlock(&p->mutex);
  
-if (used) {

-ret = multifd_send_state->ops->send_write(p, used, &local_err);
-if (ret != 0) {
-break;
-}
-}
+trace_multifd_send(p->id, packet_num, used, flags,
+   p->next_packet_size);
  
-qemu_mutex_lock(&p->mutex);

-p->pending_job--;
-qemu_mutex_unlock(&p->mutex);
+ret = qio_channel_write_all(p->c, (void *)p->packet,
+p->packet_len, &local_err);
+if (ret != 0) {
+break;
+}
  
-if (flags & MULTIFD_FLAG_SYNC) {

-qemu_sem_post(&p->sem_sync);
+if (used) {
+ret = multifd_send_state->ops->send_write(p, used, &local_err);
+if (ret != 0) {
+break;
  }
-qemu_sem_post(&multifd_send_state->channels_ready);
-} else if (p->quit) {
-qemu_mutex_unlock(&p->mutex);
-break;
-} else {
-qemu_mutex_unlock(&p->mutex);
-/* sometimes there are spurious wakeups */
  }
+
+qemu_mutex_lock(&p->mutex);
+p->pending_job--;
+qemu_mutex_unlock(&p->mutex);
+
+if (flags & MULTIFD_FLAG_SYNC) {
+qemu_sem_post(&p->sem_sync);
+}
+qemu_sem_post(&multifd_send_state->channels_ready);
  }
  
  out:

[PATCH v14 26/26] scripts: add loongarch64 binfmt config

[Song Gao]

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 scripts/qemu-binfmt-conf.sh | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index 7de996d536..da6a937be8 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -4,7 +4,7 @@
 qemu_target_list="i386 i486 alpha arm armeb sparc sparc32plus sparc64 \
 ppc ppc64 ppc64le m68k mips mipsel mipsn32 mipsn32el mips64 mips64el \
 sh4 sh4eb s390x aarch64 aarch64_be hppa riscv32 riscv64 xtensa xtensaeb \
-microblaze microblazeel or1k x86_64 hexagon"
+microblaze microblazeel or1k x86_64 hexagon loongarch64"
 
 
i386_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00'
 
i386_mask='\xff\xff\xff\xff\xff\xfe\xfe\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
@@ -140,6 +140,10 @@ 
hexagon_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x
 
hexagon_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
 hexagon_family=hexagon
 
+loongarch64_magic='\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02\x01'
+loongarch64_mask='\xff\xff\xff\xff\xff\xff\xff\xfc\x00\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
+loongarch64_family=loongarch
+
 qemu_get_family() {
 cpu=${HOST_ARCH:-$(uname -m)}
 case "$cpu" in
-- 
2.27.0

[PATCH v14 24/26] target/loongarch: Add target build suport

[Song Gao]

This patch adds build loongarch-linux-user target support.

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
Reviewed-by: Philippe Mathieu-Daudé 
---
 target/loongarch/meson.build | 19 +++
 target/meson.build   |  1 +
 2 files changed, 20 insertions(+)
 create mode 100644 target/loongarch/meson.build

diff --git a/target/loongarch/meson.build b/target/loongarch/meson.build
new file mode 100644
index 00..bcb076e55f
--- /dev/null
+++ b/target/loongarch/meson.build
@@ -0,0 +1,19 @@
+gen = decodetree.process('insns.decode')
+
+loongarch_ss = ss.source_set()
+loongarch_ss.add(files(
+  'cpu.c',
+  'disas.c',
+))
+loongarch_tcg_ss = ss.source_set()
+loongarch_tcg_ss.add(gen)
+loongarch_tcg_ss.add(files(
+  'fpu_helper.c',
+  'op_helper.c',
+  'translate.c',
+))
+loongarch_tcg_ss.add(zlib)
+
+loongarch_ss.add_all(when: 'CONFIG_TCG', if_true: [loongarch_tcg_ss])
+
+target_arch += {'loongarch': loongarch_ss}
diff --git a/target/meson.build b/target/meson.build
index 2f6940255e..a53a60486f 100644
--- a/target/meson.build
+++ b/target/meson.build
@@ -5,6 +5,7 @@ subdir('cris')
 subdir('hexagon')
 subdir('hppa')
 subdir('i386')
+subdir('loongarch')
 subdir('m68k')
 subdir('microblaze')
 subdir('mips')
-- 
2.27.0

Re: [PATCH v2 1/1] multifd: Remove some redundant code

[Li Zhang]

ping

Any comments?

Thanks
Li

On 12/17/21 11:12 AM, Li Zhang wrote:

Clean up some unnecessary code

Signed-off-by: Li Zhang 
---
  migration/multifd.c | 12 +++-
  1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/migration/multifd.c b/migration/multifd.c
index 3242f688e5..212be1ed04 100644
--- a/migration/multifd.c
+++ b/migration/multifd.c
@@ -854,19 +854,16 @@ static void multifd_new_send_channel_async(QIOTask *task, 
gpointer opaque)
  Error *local_err = NULL;
  
  trace_multifd_new_send_channel_async(p->id);

-if (qio_task_propagate_error(task, &local_err)) {
-goto cleanup;
-} else {
+if (!qio_task_propagate_error(task, &local_err)) {
  p->c = QIO_CHANNEL(sioc);
  qio_channel_set_delay(p->c, false);
  p->running = true;
  if (!multifd_channel_connect(p, sioc, local_err)) {
-goto cleanup;
+multifd_new_send_channel_cleanup(p, sioc, local_err);
  }
  return;
  }
  
-cleanup:

  multifd_new_send_channel_cleanup(p, sioc, local_err);
  }
  
@@ -1078,10 +1075,7 @@ static void *multifd_recv_thread(void *opaque)
  
  ret = qio_channel_read_all_eof(p->c, (void *)p->packet,

 p->packet_len, &local_err);
-if (ret == 0) {   /* EOF */
-break;
-}
-if (ret == -1) {   /* Error */
+if (ret == 0 || ret == -1) {   /* 0: EOF  -1: Error */
  break;
  }
  

Re: [PATCH v3 01/15] pcie: Add support for Single Root I/O Virtualization (SR/IOV)

[Michael S. Tsirkin]

On Tue, Dec 21, 2021 at 03:32:32PM +0100, Lukasz Maniak wrote:
> From: Knut Omang 
> 
> This patch provides the building blocks for creating an SR/IOV
> PCIe Extended Capability header and register/unregister
> SR/IOV Virtual Functions.
> 
> Signed-off-by: Knut Omang 
> ---
>  hw/pci/meson.build  |   1 +
>  hw/pci/pci.c|  97 +---
>  hw/pci/pcie.c   |   5 +
>  hw/pci/pcie_sriov.c | 287 
>  hw/pci/trace-events |   5 +
>  include/hw/pci/pci.h|  12 +-
>  include/hw/pci/pcie.h   |   6 +
>  include/hw/pci/pcie_sriov.h |  67 +
>  include/qemu/typedefs.h |   2 +
>  9 files changed, 456 insertions(+), 26 deletions(-)
>  create mode 100644 hw/pci/pcie_sriov.c
>  create mode 100644 include/hw/pci/pcie_sriov.h
> 
> diff --git a/hw/pci/meson.build b/hw/pci/meson.build
> index 5c4bbac817..bcc9c75919 100644
> --- a/hw/pci/meson.build
> +++ b/hw/pci/meson.build
> @@ -5,6 +5,7 @@ pci_ss.add(files(
>'pci.c',
>'pci_bridge.c',
>'pci_host.c',
> +  'pcie_sriov.c',
>'shpc.c',
>'slotid_cap.c'
>  ))
> diff --git a/hw/pci/pci.c b/hw/pci/pci.c
> index e5993c1ef5..1892a7e74c 100644
> --- a/hw/pci/pci.c
> +++ b/hw/pci/pci.c
> @@ -239,6 +239,9 @@ int pci_bar(PCIDevice *d, int reg)
>  {
>  uint8_t type;
>  
> +/* PCIe virtual functions do not have their own BARs */
> +assert(!pci_is_vf(d));
> +
>  if (reg != PCI_ROM_SLOT)
>  return PCI_BASE_ADDRESS_0 + reg * 4;
>  
> @@ -304,10 +307,30 @@ void pci_device_deassert_intx(PCIDevice *dev)
>  }
>  }
>  
> -static void pci_do_device_reset(PCIDevice *dev)
> +static void pci_reset_regions(PCIDevice *dev)
>  {
>  int r;
> +if (pci_is_vf(dev)) {
> +return;
> +}
> +
> +for (r = 0; r < PCI_NUM_REGIONS; ++r) {
> +PCIIORegion *region = &dev->io_regions[r];
> +if (!region->size) {
> +continue;
> +}
> +
> +if (!(region->type & PCI_BASE_ADDRESS_SPACE_IO) &&
> +region->type & PCI_BASE_ADDRESS_MEM_TYPE_64) {
> +pci_set_quad(dev->config + pci_bar(dev, r), region->type);
> +} else {
> +pci_set_long(dev->config + pci_bar(dev, r), region->type);
> +}
> +}
> +}
>  
> +static void pci_do_device_reset(PCIDevice *dev)
> +{
>  pci_device_deassert_intx(dev);
>  assert(dev->irq_state == 0);
>  
> @@ -323,19 +346,7 @@ static void pci_do_device_reset(PCIDevice *dev)
>pci_get_word(dev->wmask + PCI_INTERRUPT_LINE) |
>pci_get_word(dev->w1cmask + 
> PCI_INTERRUPT_LINE));
>  dev->config[PCI_CACHE_LINE_SIZE] = 0x0;
> -for (r = 0; r < PCI_NUM_REGIONS; ++r) {
> -PCIIORegion *region = &dev->io_regions[r];
> -if (!region->size) {
> -continue;
> -}
> -
> -if (!(region->type & PCI_BASE_ADDRESS_SPACE_IO) &&
> -region->type & PCI_BASE_ADDRESS_MEM_TYPE_64) {
> -pci_set_quad(dev->config + pci_bar(dev, r), region->type);
> -} else {
> -pci_set_long(dev->config + pci_bar(dev, r), region->type);
> -}
> -}
> +pci_reset_regions(dev);
>  pci_update_mappings(dev);
>  
>  msi_reset(dev);
> @@ -884,6 +895,15 @@ static void pci_init_multifunction(PCIBus *bus, 
> PCIDevice *dev, Error **errp)
>  dev->config[PCI_HEADER_TYPE] |= PCI_HEADER_TYPE_MULTI_FUNCTION;
>  }
>  
> +/* With SR/IOV and ARI, a device at function 0 need not be a 
> multifunction
> + * device, as it may just be a VF that ended up with function 0 in
> + * the legacy PCI interpretation. Avoid failing in such cases:
> + */
> +if (pci_is_vf(dev) &&
> +dev->exp.sriov_vf.pf->cap_present & QEMU_PCI_CAP_MULTIFUNCTION) {
> +return;
> +}
> +
>  /*
>   * multifunction bit is interpreted in two ways as follows.
>   *   - all functions must set the bit to 1.
> @@ -1083,6 +1103,7 @@ static PCIDevice *do_pci_register_device(PCIDevice 
> *pci_dev,
> bus->devices[devfn]->name);
>  return NULL;
>  } else if (dev->hotplugged &&
> +   !pci_is_vf(pci_dev) &&
> pci_get_function_0(pci_dev)) {
>  error_setg(errp, "PCI: slot %d function 0 already occupied by %s,"
> " new func %s cannot be exposed to guest.",
> @@ -1191,6 +1212,7 @@ void pci_register_bar(PCIDevice *pci_dev, int 
> region_num,
>  pcibus_t size = memory_region_size(memory);
>  uint8_t hdr_type;
>  
> +assert(!pci_is_vf(pci_dev)); /* VFs must use pcie_sriov_vf_register_bar 
> */
>  assert(region_num >= 0);
>  assert(region_num < PCI_NUM_REGIONS);
>  assert(is_power_of_2(size));
> @@ -1294,11 +1316,43 @@ pcibus_t pci_get_bar_addr(PCIDevice *pci_dev, int 
> region_num)
>  return pci_dev->io_regions[region_num].addr;
>  }
>  
> -static pcibus_t pci_bar_address(PCIDevice *d,
> -   

[PATCH v14 13/26] target/loongarch: Add floating point move instruction translation

[Song Gao]

This includes:
- FMOV.{S/D}
- FSEL
- MOVGR2FR.{W/D}, MOVGR2FRH.W
- MOVFR2GR.{S/D}, MOVFRH2GR.S
- MOVGR2FCSR, MOVFCSR2GR
- MOVFR2CF, MOVCF2FR
- MOVGR2CF, MOVCF2GR

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
---
 target/loongarch/fpu_helper.c|   6 +
 target/loongarch/helper.h|   2 +
 target/loongarch/insn_trans/trans_fmov.c.inc | 157 +++
 target/loongarch/insns.decode|  37 +
 target/loongarch/translate.c |   1 +
 5 files changed, 203 insertions(+)
 create mode 100644 target/loongarch/insn_trans/trans_fmov.c.inc

diff --git a/target/loongarch/fpu_helper.c b/target/loongarch/fpu_helper.c
index deae76c766..9f5235c4f8 100644
--- a/target/loongarch/fpu_helper.c
+++ b/target/loongarch/fpu_helper.c
@@ -854,3 +854,9 @@ uint64_t helper_ftint_w_d(CPULoongArchState *env, uint64_t 
fj)
 update_fcsr0(env, GETPC());
 return fd;
 }
+
+void helper_set_rounding_mode(CPULoongArchState *env, uint32_t fcsr0)
+{
+set_float_rounding_mode(ieee_rm[(fcsr0 >> FCSR0_RM) & 0x3],
+&env->fp_status);
+}
diff --git a/target/loongarch/helper.h b/target/loongarch/helper.h
index 1e8749433a..da1a2bced7 100644
--- a/target/loongarch/helper.h
+++ b/target/loongarch/helper.h
@@ -90,3 +90,5 @@ DEF_HELPER_2(ftint_w_s, i64, env, i64)
 DEF_HELPER_2(ftint_w_d, i64, env, i64)
 DEF_HELPER_2(frint_s, i64, env, i64)
 DEF_HELPER_2(frint_d, i64, env, i64)
+
+DEF_HELPER_FLAGS_2(set_rounding_mode, TCG_CALL_NO_RWG, void, env, i32)
diff --git a/target/loongarch/insn_trans/trans_fmov.c.inc 
b/target/loongarch/insn_trans/trans_fmov.c.inc
new file mode 100644
index 00..24753d4568
--- /dev/null
+++ b/target/loongarch/insn_trans/trans_fmov.c.inc
@@ -0,0 +1,157 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * Copyright (c) 2021 Loongson Technology Corporation Limited
+ */
+
+static const uint32_t fcsr_mask[4] = {
+UINT32_MAX, FCSR0_M1, FCSR0_M2, FCSR0_M3
+};
+
+static bool trans_fsel(DisasContext *ctx, arg_fsel *a)
+{
+TCGv zero = tcg_constant_tl(0);
+TCGv cond = tcg_temp_new();
+
+tcg_gen_ld8u_tl(cond, cpu_env, offsetof(CPULoongArchState, cf[a->ca]));
+tcg_gen_movcond_tl(TCG_COND_EQ, cpu_fpr[a->fd], cond, zero,
+   cpu_fpr[a->fj], cpu_fpr[a->fk]);
+tcg_temp_free(cond);
+
+return true;
+}
+
+static bool gen_f2f(DisasContext *ctx, arg_ff *a,
+void (*func)(TCGv, TCGv), bool nanbox)
+{
+TCGv dest = cpu_fpr[a->fd];
+TCGv src = cpu_fpr[a->fj];
+
+func(dest, src);
+if (nanbox) {
+gen_nanbox_s(cpu_fpr[a->fd], cpu_fpr[a->fd]);
+}
+
+return true;
+}
+
+static bool gen_r2f(DisasContext *ctx, arg_fr *a,
+void (*func)(TCGv, TCGv))
+{
+TCGv src = gpr_src(ctx, a->rj, EXT_NONE);
+
+func(cpu_fpr[a->fd], src);
+return true;
+}
+
+static bool gen_f2r(DisasContext *ctx, arg_rf *a,
+void (*func)(TCGv, TCGv))
+{
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+
+func(dest, cpu_fpr[a->fj]);
+gen_set_gpr(a->rd, dest, EXT_NONE);
+
+return true;
+}
+
+static bool trans_movgr2fcsr(DisasContext *ctx, arg_movgr2fcsr *a)
+{
+uint32_t mask = fcsr_mask[a->fcsrd];
+TCGv Rj = gpr_src(ctx, a->rj, EXT_NONE);
+
+if (mask == UINT32_MAX) {
+tcg_gen_extrl_i64_i32(cpu_fcsr0, Rj);
+} else {
+TCGv_i32 temp = tcg_temp_new_i32();
+
+tcg_gen_extrl_i64_i32(temp, Rj);
+tcg_gen_andi_i32(temp, temp, mask);
+tcg_gen_andi_i32(cpu_fcsr0, cpu_fcsr0, ~mask);
+tcg_gen_or_i32(cpu_fcsr0, cpu_fcsr0, temp);
+tcg_temp_free_i32(temp);
+
+/*
+ * Install the new rounding mode to fpu_status, if changed.
+ * Note that FCSR3 is exactly the rounding mode field.
+ */
+if (mask != FCSR0_M3) {
+return true;
+}
+}
+gen_helper_set_rounding_mode(cpu_env, cpu_fcsr0);
+
+return true;
+}
+
+static bool trans_movfcsr2gr(DisasContext *ctx, arg_movfcsr2gr *a)
+{
+TCGv_i32 temp = tcg_temp_new_i32();
+TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
+
+tcg_gen_andi_i32(temp, cpu_fcsr0, fcsr_mask[a->fcsrs]);
+tcg_gen_ext_i32_i64(dest, temp);
+gen_set_gpr(a->rd, dest, EXT_NONE);
+tcg_temp_free_i32(temp);
+
+return true;
+}
+
+static void gen_movgr2fr_w(TCGv dest, TCGv src)
+{
+tcg_gen_deposit_i64(dest, dest, src, 0, 32);
+}
+
+static void gen_movgr2frh_w(TCGv dest, TCGv src)
+{
+tcg_gen_deposit_i64(dest, dest, src, 32, 32);
+}
+
+static void gen_movfrh2gr_s(TCGv dest, TCGv src)
+{
+tcg_gen_sextract_tl(dest, src, 32, 32);
+}
+
+static bool trans_movfr2cf(DisasContext *ctx, arg_movfr2cf *a)
+{
+TCGv t0 = tcg_temp_new();
+
+tcg_gen_andi_tl(t0, cpu_fpr[a->fj], 0x1);
+tcg_gen_st8_tl(t0, cpu_env, offsetof(CPULoongArchState, cf[a->cd & 0x7]));
+tcg_temp_free(t0);
+
+return true;
+}
+
+static bool trans_movcf2fr(D

Re: [PATCH 01/15] audio: replace open-coded buffer arithmetic

[Thomas Huth]

Am Thu,  6 Jan 2022 10:23:18 +0100
schrieb Volker Rümelin :

> From: Volker Rümelin 
> 
> Replace open-coded buffer arithmetic with the available function
> audio_ring_dist(). Because the name audio_ring_dist implies it
> calculates the distance between two points, define the alias
> function name audio_ring_posb. That's the position in backward
> direction of a given point at a given distance.
> 
> Signed-off-by: Volker Rümelin 
> ---
>  audio/audio.c | 25 +++--
>  audio/audio_int.h |  2 ++
>  audio/coreaudio.c | 10 --
>  audio/sdlaudio.c  | 11 +--
>  4 files changed, 18 insertions(+), 30 deletions(-)
[...]
> diff --git a/audio/audio_int.h b/audio/audio_int.h
> index 428a091d05..928d8e107e 100644
> --- a/audio/audio_int.h
> +++ b/audio/audio_int.h
> @@ -266,6 +266,8 @@ static inline size_t audio_ring_dist(size_t dst,
> size_t src, size_t len) return (dst >= src) ? (dst - src) : (len -
> src + dst); }
>  
> +#define audio_ring_posb(pos, dist, len) audio_ring_dist(pos, dist,
> len)

I think this will be quite incomprehensible for people reading the
source code later (without seeing your commit message above). Thus I'd
prefer to directly use audio_ring_dist() everywhere instead. But in
case you insist on this macro, please add at least a comment in front
of it for explanation.

 Thomas

[PATCH v14 25/26] target/loongarch: 'make check-tcg' support

[Song Gao]

Signed-off-by: Song Gao 
Signed-off-by: Xiaojuan Yang 
Reviewed-by: Richard Henderson 
Acked-by: Alex Bennée 
Reviewed-by: Philippe Mathieu-Daudé 
---
 tests/tcg/configure.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/tcg/configure.sh b/tests/tcg/configure.sh
index 8eb4287c84..c3d7e45524 100755
--- a/tests/tcg/configure.sh
+++ b/tests/tcg/configure.sh
@@ -51,6 +51,7 @@ fi
 : ${cross_cc_cflags_armeb="-mbig-endian"}
 : ${cross_cc_hexagon="hexagon-unknown-linux-musl-clang"}
 : ${cross_cc_cflags_hexagon="-mv67 -O2 -static"}
+: ${cross_cc_loongarch64="loongarch64-unknown-linux-gnu-gcc"}
 : ${cross_cc_hppa="hppa-linux-gnu-gcc"}
 : ${cross_cc_i386="i686-linux-gnu-gcc"}
 : ${cross_cc_cflags_i386="-m32"}
-- 
2.27.0

Re: [PATCH 00/15] reduce audio playback latency

[Volker Rümelin]

This patch series reduces the playback latency for audio backends,
in some cases significantly. For PulseAudio, the audio buffer is
also moved from the QEMU side to the PulseAudio server side. This
improves the drop-out safety for PulseAudio.





Volker Rümelin (15):
  audio: replace open-coded buffer arithmetic
  audio: move function audio_pcm_hw_clip_out()
  audio: add function audio_pcm_hw_conv_in()
  audio: inline function audio_pcm_sw_get_rpos_in()
  paaudio: increase default latency to 46ms
  jackaudio: use more jack audio buffers
  audio: copy playback stream in sequential order
  audio: add pcm_ops function table for capture backend
  audio: revert tests for pcm_ops table
  audio: restore mixing-engine playback buffer size
  paaudio: reduce effective playback buffer size
  dsoundaudio: reduce effective playback buffer size
  ossaudio: reduce effective playback buffer size
  paaudio: fix samples vs. frames mix-up
  sdlaudio: fix samples vs. frames mix-up

 audio/alsaaudio.c   |   1 +
 audio/audio.c   | 194 
 audio/audio_int.h   |   9 +-
 audio/coreaudio.c   |  13 +--
 audio/dsoundaudio.c |  30 ---
 audio/jackaudio.c   |   5 +-
 audio/noaudio.c |   1 +
 audio/ossaudio.c    |  17 +++-
 audio/paaudio.c |  49 ++-
 audio/sdlaudio.c    |  21 +++--
 audio/wavaudio.c    |   1 +
 11 files changed, 199 insertions(+), 142 deletions(-)



I used the wrong mail address to send these patches. I'll wait a few 
days for reviews before I send a version 2 series with the correct address.


With best regards,
Volker

Re: QOM

[Peter Maydell]

On Tue, 21 Dec 2021 at 16:23, abhijeet inamdar
 wrote:
> How did we decide the NUM_IRQ_LINES 64 for stellaris?

Either:
(a) we looked at the documentation for the hardware, which told us
that this SoC is built with its Cortex-M core configured with
that many interrupt lines

Or:
(b) this is for legacy reasons a bogus setting which happens to
work because it's too big rather than too small

For a new SoC, you need to follow course (a), ie look at what
the hardware is and model that.

-- PMM

Re: [PATCH 1/2] multifd: cleanup the function multifd_channel_connect

[Li Zhang]

ping

On 12/22/21 12:30 PM, Li Zhang wrote:

Cleanup multifd_channel_connect

Signed-off-by: Li Zhang 
---
  migration/multifd.c | 49 ++---
  1 file changed, 24 insertions(+), 25 deletions(-)

diff --git a/migration/multifd.c b/migration/multifd.c
index 212be1ed04..4ec40739e0 100644
--- a/migration/multifd.c
+++ b/migration/multifd.c
@@ -801,33 +801,32 @@ static bool multifd_channel_connect(MultiFDSendParams *p,
  trace_multifd_set_outgoing_channel(
  ioc, object_get_typename(OBJECT(ioc)), p->tls_hostname, error);
  
-if (!error) {

-if (s->parameters.tls_creds &&
-*s->parameters.tls_creds &&
-!object_dynamic_cast(OBJECT(ioc),
- TYPE_QIO_CHANNEL_TLS)) {
-multifd_tls_channel_connect(p, ioc, &error);
-if (!error) {
-/*
- * tls_channel_connect will call back to this
- * function after the TLS handshake,
- * so we mustn't call multifd_send_thread until then
- */
-return true;
-} else {
-return false;
-}
-} else {
-migration_ioc_register_yank(ioc);
-p->registered_yank = true;
-p->c = ioc;
-qemu_thread_create(&p->thread, p->name, multifd_send_thread, p,
-   QEMU_THREAD_JOINABLE);
-   }
-   return true;
+if (error) {
+return false;
  }
  
-return false;

+if (s->parameters.tls_creds &&
+*s->parameters.tls_creds &&
+!object_dynamic_cast(OBJECT(ioc),
+ TYPE_QIO_CHANNEL_TLS)) {
+multifd_tls_channel_connect(p, ioc, &error);
+if (error) {
+return false;
+}
+/*
+ * tls_channel_connect will call back to this
+ * function after the TLS handshake,
+ * so we mustn't call multifd_send_thread until then
+ */
+return true;
+} else {
+migration_ioc_register_yank(ioc);
+p->registered_yank = true;
+p->c = ioc;
+qemu_thread_create(&p->thread, p->name, multifd_send_thread, p,
+   QEMU_THREAD_JOINABLE);
+}
+return true;
  }
  
  static void multifd_new_send_channel_cleanup(MultiFDSendParams *p,

[PATCH] i386/tcg: generate an illegal op when translating AVX instructions

[Stevie Lavern]

The AVX instruction set is not supported by Qemu.
However, some AVX instructions are properly decoded and emulated as their
legacy SSE version.
This patch prevent this by generating an illegal_op instead of a bogus SSE
instruction.

Signed-off-by: Stevie Lavern 
---
 target/i386/tcg/translate.c | 5 +
 1 file changed, 5 insertions(+)

diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 05f9336c9b..996fce65b2 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -4706,6 +4706,11 @@ static target_ulong disas_insn(DisasContext *s,
CPUState *cpu)
 }
 }

+if (s->vex_l & 1) {
+/* If set, registers are 256bits.
+   Fail as AVX extension is not supported. */
+goto illegal_op;
+}
 s->prefix = prefixes;
 s->aflag = aflag;
 s->dflag = dflag;
--

Re: [PATCH v2 1/4] target/i386: Fix sanity check on max APIC ID / X2APIC enablement

[Michael S. Tsirkin]

On Thu, Dec 09, 2021 at 10:08:37PM +, David Woodhouse wrote:
> The check on x86ms->apic_id_limit in pc_machine_done() had two problems.
> 
> Firstly, we need KVM to support the X2APIC API in order to allow IRQ
> delivery to APICs >= 255. So we need to call/check kvm_enable_x2apic(),
> which was done elsewhere in *some* cases but not all.
> 
> Secondly, microvm needs the same check. So move it from pc_machine_done()
> to x86_cpus_init() where it will work for both.
> 
> The check in kvm_cpu_instance_init() is now redundant and can be dropped.
> 
> Signed-off-by: David Woodhouse 
> Acked-by: Claudio Fontana 

Could I get an ack from KVM maintainers on this one please?
Thanks!

> ---
>  hw/i386/pc.c  |  8 
>  hw/i386/x86.c | 16 
>  target/i386/kvm/kvm-cpu.c |  2 +-
>  3 files changed, 17 insertions(+), 9 deletions(-)
> 
> diff --git a/hw/i386/pc.c b/hw/i386/pc.c
> index a2ef40ecbc..9959f93216 100644
> --- a/hw/i386/pc.c
> +++ b/hw/i386/pc.c
> @@ -736,14 +736,6 @@ void pc_machine_done(Notifier *notifier, void *data)
>  /* update FW_CFG_NB_CPUS to account for -device added CPUs */
>  fw_cfg_modify_i16(x86ms->fw_cfg, FW_CFG_NB_CPUS, x86ms->boot_cpus);
>  }
> -
> -
> -if (x86ms->apic_id_limit > 255 && !xen_enabled() &&
> -!kvm_irqchip_in_kernel()) {
> -error_report("current -smp configuration requires kernel "
> - "irqchip support.");
> -exit(EXIT_FAILURE);
> -}
>  }
>  
>  void pc_guest_info_init(PCMachineState *pcms)
> diff --git a/hw/i386/x86.c b/hw/i386/x86.c
> index b84840a1bb..f64639b873 100644
> --- a/hw/i386/x86.c
> +++ b/hw/i386/x86.c
> @@ -39,6 +39,7 @@
>  #include "sysemu/replay.h"
>  #include "sysemu/sysemu.h"
>  #include "sysemu/cpu-timers.h"
> +#include "sysemu/xen.h"
>  #include "trace.h"
>  
>  #include "hw/i386/x86.h"
> @@ -136,6 +137,21 @@ void x86_cpus_init(X86MachineState *x86ms, int 
> default_cpu_version)
>   */
>  x86ms->apic_id_limit = x86_cpu_apic_id_from_index(x86ms,
>ms->smp.max_cpus - 1) 
> + 1;
> +
> +/*
> + * Can we support APIC ID 255 or higher?
> + *
> + * Under Xen: yes.
> + * With userspace emulated lapic: no
> + * With KVM's in-kernel lapic: only if X2APIC API is enabled.
> + */
> +if (x86ms->apic_id_limit > 255 && !xen_enabled() &&
> +(!kvm_irqchip_in_kernel() || !kvm_enable_x2apic())) {
> +error_report("current -smp configuration requires kernel "
> + "irqchip and X2APIC API support.");
> +exit(EXIT_FAILURE);
> +}
> +
>  possible_cpus = mc->possible_cpu_arch_ids(ms);
>  for (i = 0; i < ms->smp.cpus; i++) {
>  x86_cpu_new(x86ms, possible_cpus->cpus[i].arch_id, &error_fatal);
> diff --git a/target/i386/kvm/kvm-cpu.c b/target/i386/kvm/kvm-cpu.c
> index d95028018e..c60cb2dafb 100644
> --- a/target/i386/kvm/kvm-cpu.c
> +++ b/target/i386/kvm/kvm-cpu.c
> @@ -165,7 +165,7 @@ static void kvm_cpu_instance_init(CPUState *cs)
>  /* only applies to builtin_x86_defs cpus */
>  if (!kvm_irqchip_in_kernel()) {
>  x86_cpu_change_kvm_default("x2apic", "off");
> -} else if (kvm_irqchip_is_split() && kvm_enable_x2apic()) {
> +} else if (kvm_irqchip_is_split()) {
>  x86_cpu_change_kvm_default("kvm-msi-ext-dest-id", "on");
>  }
>  
> -- 
> 2.31.1

Re: Building QEMU as a shared library

[Peter Maydell]

On Thu, 23 Dec 2021 at 09:49, Philippe Mathieu-Daudé  wrote:
>
> Hi Peter,
>
> On 12/15/21 11:10, Peter Maydell wrote:
> > On Wed, 15 Dec 2021 at 08:18, Amir Gonnen  wrote:
> >> My goal is to simulate a mixed architecture system.
> >>
> >> Today QEMU strongly assumes that the simulated system is a *single 
> >> architecture*.
> >> Changing this assumption and supporting mixed architecture in QEMU proved 
> >> to be
> >> non-trivial and may require significant development effort. Common code 
> >> such as
> >> TCG and others explicitly include architecture specific header files, for 
> >> example.
> >
> > Yeah. This is definitely something we'd like to fix some day. It's
> > the approach I would prefer for getting multi-architecture machines.
>
> Am I understanding correctly your preference would be *not* using shared
> libraries, but having a monolithic process able to use any configuration
> of heterogeneous architectures?

That would be my preference, yes. On the other hand I know there's
a lot of work in trying to get there, so I don't want to rule out the
idea that maybe pragmatically we do something else instead.

> What are your thoughts on Daniel idea to where (IIUC) cores can are
> external processes wired via vhost-user.

It sounds a bit awkward to me -- you end up with a system where
QEMU's scheduler between vCPUs is no longer the only thing deciding
what gets to run. (eg, how do you emulate atomic accesses? currently
we do those by "stop all other CPUs, do the thing, restart" for the
cases where we can't rely on the host's atomic insns.)
The multiple-host-processes model can certainly be made to work,
though -- AIUI this is how Xilinx's out-of-tree stuff works.

-- PMM

[PULL 03/27] linux-user: Mark cpu_loop() with noreturn attribute

[Laurent Vivier]

From: Philippe Mathieu-Daudé 

cpu_loop() never exits, so mark it with QEMU_NORETURN.

Reviewed-by: Richard Henderson 
Reviewed-By: Warner Losh 
Reviewed-by: Bin Meng 
Signed-off-by: Philippe Mathieu-Daudé 
Reviewed-by: Warner Losh 
Message-Id: <20211106113916.544587-1-f4...@amsat.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/user-internals.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux-user/user-internals.h b/linux-user/user-internals.h
index f71f37282994..a8fdd6933b23 100644
--- a/linux-user/user-internals.h
+++ b/linux-user/user-internals.h
@@ -64,7 +64,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 abi_long arg5, abi_long arg6, abi_long arg7,
 abi_long arg8);
 extern __thread CPUState *thread_cpu;
-void cpu_loop(CPUArchState *env);
+void QEMU_NORETURN cpu_loop(CPUArchState *env);
 const char *target_strerror(int err);
 int get_osversion(void);
 void init_qemu_uname_release(void);
-- 
2.33.1

[PULL 06/27] linux-user: Remove TARGET_SIGSTKSZ

[Laurent Vivier]

From: Song Gao 

TARGET_SIGSTKSZ is not used, we should remove it.

Signed-off-by: Song Gao 
Reviewed-by: Richard Henderson 
Message-Id: <1637893388-10282-4-git-send-email-gaos...@loongson.cn>
Signed-off-by: Laurent Vivier 
---
 linux-user/alpha/target_signal.h  | 1 -
 linux-user/generic/signal.h   | 1 -
 linux-user/hppa/target_signal.h   | 1 -
 linux-user/mips/target_signal.h   | 1 -
 linux-user/mips64/target_signal.h | 1 -
 linux-user/sparc/target_signal.h  | 1 -
 6 files changed, 6 deletions(-)

diff --git a/linux-user/alpha/target_signal.h b/linux-user/alpha/target_signal.h
index 0b6a39de6576..bbb06e546308 100644
--- a/linux-user/alpha/target_signal.h
+++ b/linux-user/alpha/target_signal.h
@@ -62,7 +62,6 @@ typedef struct target_sigaltstack {
 #define TARGET_SA_SIGINFO   0x0040
 
 #define TARGET_MINSIGSTKSZ 4096
-#define TARGET_SIGSTKSZ16384
 
 /* From .  */
 #define TARGET_GEN_INTOVF  -1  /* integer overflow */
diff --git a/linux-user/generic/signal.h b/linux-user/generic/signal.h
index ceaf8a876ca0..6fd05b77bb3e 100644
--- a/linux-user/generic/signal.h
+++ b/linux-user/generic/signal.h
@@ -69,7 +69,6 @@ typedef struct target_sigaltstack {
 #define TARGET_SS_DISABLE 2
 
 #define TARGET_MINSIGSTKSZ 2048
-#define TARGET_SIGSTKSZ8192
 
 /* bit-flags */
 #define TARGET_SS_AUTODISARM (1U << 31) /* disable sas during sighandling */
diff --git a/linux-user/hppa/target_signal.h b/linux-user/hppa/target_signal.h
index d558119ee7bd..af6c2fce589d 100644
--- a/linux-user/hppa/target_signal.h
+++ b/linux-user/hppa/target_signal.h
@@ -64,7 +64,6 @@ typedef struct target_sigaltstack {
 #define TARGET_SA_NOCLDWAIT 0x0080
 
 #define TARGET_MINSIGSTKSZ 2048
-#define TARGET_SIGSTKSZ8192
 
 /* bit-flags */
 #define TARGET_SS_AUTODISARM (1U << 31) /* disable sas during sighandling */
diff --git a/linux-user/mips/target_signal.h b/linux-user/mips/target_signal.h
index 780a4ddf29de..fa542c1f4e2e 100644
--- a/linux-user/mips/target_signal.h
+++ b/linux-user/mips/target_signal.h
@@ -67,7 +67,6 @@ typedef struct target_sigaltstack {
 #define TARGET_SA_RESTORER  0x0400  /* Only for O32 */
 
 #define TARGET_MINSIGSTKSZ2048
-#define TARGET_SIGSTKSZ   8192
 
 #if defined(TARGET_ABI_MIPSO32)
 /* compare linux/arch/mips/kernel/signal.c:setup_frame() */
diff --git a/linux-user/mips64/target_signal.h 
b/linux-user/mips64/target_signal.h
index 275e9b7f9a2a..b05098f7f64e 100644
--- a/linux-user/mips64/target_signal.h
+++ b/linux-user/mips64/target_signal.h
@@ -65,7 +65,6 @@ typedef struct target_sigaltstack {
 #define TARGET_SA_RESETHAND 0x8000
 
 #define TARGET_MINSIGSTKSZ2048
-#define TARGET_SIGSTKSZ   8192
 
 /* bit-flags */
 #define TARGET_SS_AUTODISARM (1U << 31) /* disable sas during sighandling */
diff --git a/linux-user/sparc/target_signal.h b/linux-user/sparc/target_signal.h
index e661ddd6ab3c..87757f0c4e76 100644
--- a/linux-user/sparc/target_signal.h
+++ b/linux-user/sparc/target_signal.h
@@ -65,7 +65,6 @@ typedef struct target_sigaltstack {
 #define TARGET_ARCH_HAS_KA_RESTORER 1
 
 #define TARGET_MINSIGSTKSZ 4096
-#define TARGET_SIGSTKSZ16384
 
 #ifdef TARGET_ABI32
 #define TARGET_ARCH_HAS_SETUP_FRAME
-- 
2.33.1

[PULL 13/27] linux-user/signal: Map exit signals in SIGCHLD siginfo_t

[Laurent Vivier]

From: Matthias Schiffer 

When converting a siginfo_t from waitid(), the interpretation of si_status
depends on the value of si_code: For CLD_EXITED, it is an exit code and
should be copied verbatim. For other codes, it is a signal number
(possibly with additional high bits from ptrace) that should be mapped.

This code was previously changed in commit 1c3dfb506ea3
("linux-user/signal: Decode waitid si_code"), but the fix was
incomplete.

Tested with the following test program:

#include 
#include 
#include 
#include 

int main() {
pid_t pid = fork();
if (pid == 0) {
exit(12);
} else {
siginfo_t siginfo = {};
waitid(P_PID, pid, &siginfo, WEXITED);
printf("Code: %d, status: %d\n", (int)siginfo.si_code, 
(int)siginfo.si_status);
}

pid = fork();
if (pid == 0) {
raise(SIGUSR2);
} else {
siginfo_t siginfo = {};
waitid(P_PID, pid, &siginfo, WEXITED);
printf("Code: %d, status: %d\n", (int)siginfo.si_code, 
(int)siginfo.si_status);
}
}

Output with an x86_64 host and mips64el target before 1c3dfb506ea3
(incorrect: exit code 12 is translated like a signal):

Code: 1, status: 17
Code: 2, status: 17

After 1c3dfb506ea3 (incorrect: signal number is not translated):

Code: 1, status: 12
Code: 2, status: 12

With this patch:

Code: 1, status: 12
Code: 2, status: 17

Signed-off-by: Matthias Schiffer 
Reviewed-by: Laurent Vivier 
Message-Id: 
<81534fde7cdfc6acea4889d886fbefdd606630fb.1635019124.git.mschif...@universe-factory.net>
Signed-off-by: Laurent Vivier 
---
 linux-user/signal.c | 7 ++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/linux-user/signal.c b/linux-user/signal.c
index 510db73c3424..1229fecf5cd4 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -406,7 +406,12 @@ static inline void 
host_to_target_siginfo_noswap(target_siginfo_t *tinfo,
 case TARGET_SIGCHLD:
 tinfo->_sifields._sigchld._pid = info->si_pid;
 tinfo->_sifields._sigchld._uid = info->si_uid;
-tinfo->_sifields._sigchld._status = info->si_status;
+if (si_code == CLD_EXITED)
+tinfo->_sifields._sigchld._status = info->si_status;
+else
+tinfo->_sifields._sigchld._status
+= host_to_target_signal(info->si_status & 0x7f)
+| (info->si_status & ~0x7f);
 tinfo->_sifields._sigchld._utime = info->si_utime;
 tinfo->_sifields._sigchld._stime = info->si_stime;
 si_type = QEMU_SI_CHLD;
-- 
2.33.1

[PULL 01/27] qemu-binfmt-conf.sh: fix -F option

[Laurent Vivier]

From: Martin Wilck 

qemu-binfmt-conf.sh should use "-F" as short option for "--qemu-suffix".
Fix the getopt call to make this work.

Fixes: 7155be7cda5c ("qemu-binfmt-conf.sh: allow to provide a suffix to the 
interpreter name")
Signed-off-by: Martin Wilck 
Reviewed-by: Laurent Vivier 
Message-Id: <20211129135100.3934-1-mwi...@suse.com>
Signed-off-by: Laurent Vivier 
---
 scripts/qemu-binfmt-conf.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index 7de996d536ea..e9bfeb94d314 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -340,7 +340,9 @@ PERSISTENT=no
 PRESERVE_ARG0=no
 QEMU_SUFFIX=""
 
-options=$(getopt -o ds:Q:S:e:hc:p:g: -l 
debian,systemd:,qemu-path:,qemu-suffix:,exportdir:,help,credential:,persistent:,preserve-argv0:
 -- "$@")
+_longopts="debian,systemd:,qemu-path:,qemu-suffix:,exportdir:,help,credential:,\
+persistent:,preserve-argv0:"
+options=$(getopt -o ds:Q:S:e:hc:p:g:F: -l ${_longopts} -- "$@")
 eval set -- "$options"
 
 while true ; do
-- 
2.33.1

[PULL 04/27] linux-user: Move target_signal.h generic definitions to generic/signal.h

[Laurent Vivier]

From: Song Gao 

No code change

Suggested-by: Richard Henderson 
Signed-off-by: Song Gao 
Reviewed-by: Laurent Vivier 
Reviewed-by: Richard Henderson 
Message-Id: <1637893388-10282-2-git-send-email-gaos...@loongson.cn>
Signed-off-by: Laurent Vivier 
---
 linux-user/aarch64/target_signal.h| 18 --
 linux-user/arm/target_signal.h| 18 --
 linux-user/cris/target_signal.h   | 18 --
 linux-user/generic/signal.h   | 16 
 linux-user/hexagon/target_signal.h| 11 ---
 linux-user/i386/target_signal.h   | 18 --
 linux-user/m68k/target_signal.h   | 18 --
 linux-user/microblaze/target_signal.h | 18 --
 linux-user/nios2/target_signal.h  | 16 
 linux-user/openrisc/target_signal.h   | 23 ---
 linux-user/ppc/target_signal.h| 18 --
 linux-user/riscv/target_signal.h  | 12 
 linux-user/s390x/target_signal.h  | 15 ---
 linux-user/sh4/target_signal.h| 18 --
 linux-user/x86_64/target_signal.h | 18 --
 linux-user/xtensa/target_signal.h | 17 -
 16 files changed, 16 insertions(+), 256 deletions(-)

diff --git a/linux-user/aarch64/target_signal.h 
b/linux-user/aarch64/target_signal.h
index 7580d99403cb..40e399d9908d 100644
--- a/linux-user/aarch64/target_signal.h
+++ b/linux-user/aarch64/target_signal.h
@@ -1,24 +1,6 @@
 #ifndef AARCH64_TARGET_SIGNAL_H
 #define AARCH64_TARGET_SIGNAL_H
 
-/* this struct defines a stack used during syscall handling */
-
-typedef struct target_sigaltstack {
-abi_ulong ss_sp;
-abi_int ss_flags;
-abi_ulong ss_size;
-} target_stack_t;
-
-
-/*
- * sigaltstack controls
- */
-#define TARGET_SS_ONSTACK 1
-#define TARGET_SS_DISABLE 2
-
-#define TARGET_MINSIGSTKSZ 2048
-#define TARGET_SIGSTKSZ 8192
-
 #include "../generic/signal.h"
 
 #define TARGET_SEGV_MTEAERR  8  /* Asynchronous ARM MTE error */
diff --git a/linux-user/arm/target_signal.h b/linux-user/arm/target_signal.h
index 1e7fb0cecbdd..0e6351d9f789 100644
--- a/linux-user/arm/target_signal.h
+++ b/linux-user/arm/target_signal.h
@@ -1,24 +1,6 @@
 #ifndef ARM_TARGET_SIGNAL_H
 #define ARM_TARGET_SIGNAL_H
 
-/* this struct defines a stack used during syscall handling */
-
-typedef struct target_sigaltstack {
-abi_ulong ss_sp;
-abi_int ss_flags;
-abi_ulong ss_size;
-} target_stack_t;
-
-
-/*
- * sigaltstack controls
- */
-#define TARGET_SS_ONSTACK  1
-#define TARGET_SS_DISABLE  2
-
-#define TARGET_MINSIGSTKSZ 2048
-#define TARGET_SIGSTKSZ8192
-
 #include "../generic/signal.h"
 
 #define TARGET_ARCH_HAS_SETUP_FRAME
diff --git a/linux-user/cris/target_signal.h b/linux-user/cris/target_signal.h
index 83a515550745..ab0653fcdc06 100644
--- a/linux-user/cris/target_signal.h
+++ b/linux-user/cris/target_signal.h
@@ -1,24 +1,6 @@
 #ifndef CRIS_TARGET_SIGNAL_H
 #define CRIS_TARGET_SIGNAL_H
 
-/* this struct defines a stack used during syscall handling */
-
-typedef struct target_sigaltstack {
-abi_ulong ss_sp;
-abi_int ss_flags;
-abi_ulong ss_size;
-} target_stack_t;
-
-
-/*
- * sigaltstack controls
- */
-#define TARGET_SS_ONSTACK 1
-#define TARGET_SS_DISABLE 2
-
-#define TARGET_MINSIGSTKSZ2048
-#define TARGET_SIGSTKSZ   8192
-
 #include "../generic/signal.h"
 
 #define TARGET_ARCH_HAS_SETUP_FRAME
diff --git a/linux-user/generic/signal.h b/linux-user/generic/signal.h
index 943bc1a1e220..ceaf8a876ca0 100644
--- a/linux-user/generic/signal.h
+++ b/linux-user/generic/signal.h
@@ -55,6 +55,22 @@
 #define TARGET_SIG_UNBLOCK1/* for unblocking signals */
 #define TARGET_SIG_SETMASK2/* for setting the signal mask */
 
+/* this struct defines a stack used during syscall handling */
+typedef struct target_sigaltstack {
+abi_ulong ss_sp;
+abi_int ss_flags;
+abi_ulong ss_size;
+} target_stack_t;
+
+/*
+ * sigaltstack controls
+ */
+#define TARGET_SS_ONSTACK 1
+#define TARGET_SS_DISABLE 2
+
+#define TARGET_MINSIGSTKSZ 2048
+#define TARGET_SIGSTKSZ8192
+
 /* bit-flags */
 #define TARGET_SS_AUTODISARM (1U << 31) /* disable sas during sighandling */
 /* mask for all SS_xxx flags */
diff --git a/linux-user/hexagon/target_signal.h 
b/linux-user/hexagon/target_signal.h
index 9e0223d32225..193abac340c5 100644
--- a/linux-user/hexagon/target_signal.h
+++ b/linux-user/hexagon/target_signal.h
@@ -18,17 +18,6 @@
 #ifndef HEXAGON_TARGET_SIGNAL_H
 #define HEXAGON_TARGET_SIGNAL_H
 
-typedef struct target_sigaltstack {
-abi_ulong ss_sp;
-abi_int ss_flags;
-abi_ulong ss_size;
-} target_stack_t;
-
-#define TARGET_SS_ONSTACK 1
-#define TARGET_SS_DISABLE 2
-
-#define TARGET_MINSIGSTKSZ 2048
-
 #include "../generic/signal.h"
 
 #define TARGET_ARCH_HAS_SIGTRAMP_PAGE 1
diff --git a/linux-user/i386/target_signal.h b/linux-user/i386/target_signal.h
index 64d

[PULL 12/27] target/sh4: Implement prctl_unalign_sigbus

[Laurent Vivier]

From: Richard Henderson 

Leave TARGET_ALIGNED_ONLY set, but use the new CPUState
flag to set MO_UNALN for the instructions that the kernel
handles in the unaligned trap.

The Linux kernel does not handle all memory operations: no
floating-point and no MAC.

Signed-off-by: Richard Henderson 
Reviewed-by: Laurent Vivier 
Message-Id: <20211227150127.2659293-7-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/sh4/target_prctl.h |  2 +-
 target/sh4/cpu.h  |  4 +++
 target/sh4/translate.c| 50 ---
 3 files changed, 39 insertions(+), 17 deletions(-)

diff --git a/linux-user/sh4/target_prctl.h b/linux-user/sh4/target_prctl.h
index eb53b31ad554..5629ddbf39cd 100644
--- a/linux-user/sh4/target_prctl.h
+++ b/linux-user/sh4/target_prctl.h
@@ -1 +1 @@
-/* No special prctl support required. */
+#include "../generic/target_prctl_unalign.h"
diff --git a/target/sh4/cpu.h b/target/sh4/cpu.h
index 4cfb109f5668..fb9dd9db2ffd 100644
--- a/target/sh4/cpu.h
+++ b/target/sh4/cpu.h
@@ -83,6 +83,7 @@
 #define DELAY_SLOT_RTE (1 << 2)
 
 #define TB_FLAG_PENDING_MOVCA  (1 << 3)
+#define TB_FLAG_UNALIGN(1 << 4)
 
 #define GUSA_SHIFT 4
 #ifdef CONFIG_USER_ONLY
@@ -373,6 +374,9 @@ static inline void cpu_get_tb_cpu_state(CPUSH4State *env, 
target_ulong *pc,
 | (env->sr & ((1u << SR_MD) | (1u << SR_RB)))  /* Bits 29-30 */
 | (env->sr & (1u << SR_FD))/* Bit 15 */
 | (env->movcal_backup ? TB_FLAG_PENDING_MOVCA : 0); /* Bit 3 */
+#ifdef CONFIG_USER_ONLY
+*flags |= TB_FLAG_UNALIGN * !env_cpu(env)->prctl_unalign_sigbus;
+#endif
 }
 
 #endif /* SH4_CPU_H */
diff --git a/target/sh4/translate.c b/target/sh4/translate.c
index ce5d674a520e..50493c61ea65 100644
--- a/target/sh4/translate.c
+++ b/target/sh4/translate.c
@@ -50,8 +50,10 @@ typedef struct DisasContext {
 
 #if defined(CONFIG_USER_ONLY)
 #define IS_USER(ctx) 1
+#define UNALIGN(C)   (ctx->tbflags & TB_FLAG_UNALIGN ? MO_UNALN : MO_ALIGN)
 #else
 #define IS_USER(ctx) (!(ctx->tbflags & (1u << SR_MD)))
+#define UNALIGN(C)   0
 #endif
 
 /* Target-specific values for ctx->base.is_jmp.  */
@@ -495,7 +497,8 @@ static void _decode_opc(DisasContext * ctx)
{
TCGv addr = tcg_temp_new();
tcg_gen_addi_i32(addr, REG(B11_8), B3_0 * 4);
-tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUL);
+tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx,
+MO_TEUL | UNALIGN(ctx));
tcg_temp_free(addr);
}
return;
@@ -503,7 +506,8 @@ static void _decode_opc(DisasContext * ctx)
{
TCGv addr = tcg_temp_new();
tcg_gen_addi_i32(addr, REG(B7_4), B3_0 * 4);
-tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx, MO_TESL);
+tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx,
+MO_TESL | UNALIGN(ctx));
tcg_temp_free(addr);
}
return;
@@ -558,19 +562,23 @@ static void _decode_opc(DisasContext * ctx)
 tcg_gen_qemu_st_i32(REG(B7_4), REG(B11_8), ctx->memidx, MO_UB);
return;
 case 0x2001:   /* mov.w Rm,@Rn */
-tcg_gen_qemu_st_i32(REG(B7_4), REG(B11_8), ctx->memidx, MO_TEUW);
+tcg_gen_qemu_st_i32(REG(B7_4), REG(B11_8), ctx->memidx,
+MO_TEUW | UNALIGN(ctx));
return;
 case 0x2002:   /* mov.l Rm,@Rn */
-tcg_gen_qemu_st_i32(REG(B7_4), REG(B11_8), ctx->memidx, MO_TEUL);
+tcg_gen_qemu_st_i32(REG(B7_4), REG(B11_8), ctx->memidx,
+MO_TEUL | UNALIGN(ctx));
return;
 case 0x6000:   /* mov.b @Rm,Rn */
 tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_SB);
return;
 case 0x6001:   /* mov.w @Rm,Rn */
-tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_TESW);
+tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx,
+MO_TESW | UNALIGN(ctx));
return;
 case 0x6002:   /* mov.l @Rm,Rn */
-tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_TESL);
+tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx,
+MO_TESL | UNALIGN(ctx));
return;
 case 0x2004:   /* mov.b Rm,@-Rn */
{
@@ -586,7 +594,8 @@ static void _decode_opc(DisasContext * ctx)
{
TCGv addr = tcg_temp_new();
tcg_gen_subi_i32(addr, REG(B11_8), 2);
-tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUW);
+tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx,
+MO_TEUW | UNALIGN(ctx));
tcg_gen_mov_i32(REG(B11_8), addr);
tcg_temp_free(addr);
}
@@ -595,7 +604,8 @@ static void _decode_opc(DisasContext * ctx)
{
T

[PULL 14/27] linux-user: add sched_getattr support

[Laurent Vivier]

From: Tonis Tiigi 

These syscalls are not exposed by glibc. The struct type need to be
redefined as it can't be included directly before
https://lkml.org/lkml/2020/5/28/810 .

sched_attr type can grow in future kernel versions. When client sends
values that QEMU does not understand it will return E2BIG with same
semantics as old kernel would so client can retry with smaller inputs.

Signed-off-by: Tonis Tiigi 
Message-Id: <20220105041819.24160-2-tonisti...@gmail.com>
Reviewed-by: Laurent Vivier 
Signed-off-by: Laurent Vivier 
---
 linux-user/syscall.c  | 123 ++
 linux-user/syscall_defs.h |  14 +
 2 files changed, 137 insertions(+)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index b5112891b046..6de116eb90cb 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -340,6 +340,25 @@ _syscall3(int, sys_sched_getaffinity, pid_t, pid, unsigned 
int, len,
 #define __NR_sys_sched_setaffinity __NR_sched_setaffinity
 _syscall3(int, sys_sched_setaffinity, pid_t, pid, unsigned int, len,
   unsigned long *, user_mask_ptr);
+/* sched_attr is not defined in glibc */
+struct sched_attr {
+uint32_t size;
+uint32_t sched_policy;
+uint64_t sched_flags;
+int32_t sched_nice;
+uint32_t sched_priority;
+uint64_t sched_runtime;
+uint64_t sched_deadline;
+uint64_t sched_period;
+uint32_t sched_util_min;
+uint32_t sched_util_max;
+};
+#define __NR_sys_sched_getattr __NR_sched_getattr
+_syscall4(int, sys_sched_getattr, pid_t, pid, struct sched_attr *, attr,
+  unsigned int, size, unsigned int, flags);
+#define __NR_sys_sched_setattr __NR_sched_setattr
+_syscall3(int, sys_sched_setattr, pid_t, pid, struct sched_attr *, attr,
+  unsigned int, flags);
 #define __NR_sys_getcpu __NR_getcpu
 _syscall3(int, sys_getcpu, unsigned *, cpu, unsigned *, node, void *, tcache);
 _syscall4(int, reboot, int, magic1, int, magic2, unsigned int, cmd,
@@ -558,6 +577,24 @@ const char *target_strerror(int err)
 return strerror(target_to_host_errno(err));
 }
 
+static int check_zeroed_user(abi_long addr, size_t ksize, size_t usize)
+{
+int i;
+uint8_t b;
+if (usize <= ksize) {
+return 1;
+}
+for (i = ksize; i < usize; i++) {
+if (get_user_u8(b, addr + i)) {
+return -TARGET_EFAULT;
+}
+if (b != 0) {
+return 0;
+}
+}
+return 1;
+}
+
 #define safe_syscall0(type, name) \
 static type safe_##name(void) \
 { \
@@ -10801,6 +10838,92 @@ static abi_long do_syscall1(void *cpu_env, int num, 
abi_long arg1,
 }
 case TARGET_NR_sched_getscheduler:
 return get_errno(sched_getscheduler(arg1));
+case TARGET_NR_sched_getattr:
+{
+struct target_sched_attr *target_scha;
+struct sched_attr scha;
+if (arg2 == 0) {
+return -TARGET_EINVAL;
+}
+if (arg3 > sizeof(scha)) {
+arg3 = sizeof(scha);
+}
+ret = get_errno(sys_sched_getattr(arg1, &scha, arg3, arg4));
+if (!is_error(ret)) {
+target_scha = lock_user(VERIFY_WRITE, arg2, arg3, 0);
+if (!target_scha) {
+return -TARGET_EFAULT;
+}
+target_scha->size = tswap32(scha.size);
+target_scha->sched_policy = tswap32(scha.sched_policy);
+target_scha->sched_flags = tswap64(scha.sched_flags);
+target_scha->sched_nice = tswap32(scha.sched_nice);
+target_scha->sched_priority = tswap32(scha.sched_priority);
+target_scha->sched_runtime = tswap64(scha.sched_runtime);
+target_scha->sched_deadline = tswap64(scha.sched_deadline);
+target_scha->sched_period = tswap64(scha.sched_period);
+if (scha.size > offsetof(struct sched_attr, sched_util_min)) {
+target_scha->sched_util_min = tswap32(scha.sched_util_min);
+target_scha->sched_util_max = tswap32(scha.sched_util_max);
+}
+unlock_user(target_scha, arg2, arg3);
+}
+return ret;
+}
+case TARGET_NR_sched_setattr:
+{
+struct target_sched_attr *target_scha;
+struct sched_attr scha;
+uint32_t size;
+int zeroed;
+if (arg2 == 0) {
+return -TARGET_EINVAL;
+}
+if (get_user_u32(size, arg2)) {
+return -TARGET_EFAULT;
+}
+if (!size) {
+size = offsetof(struct target_sched_attr, sched_util_min);
+}
+if (size < offsetof(struct target_sched_attr, sched_util_min)) {
+if (put_user_u32(sizeof(struct target_sched_attr), arg2)) {
+return -TARGET_EFAULT;
+}
+return -TARGET_E2BIG;
+ 

[PULL 09/27] linux-user: Add code for PR_GET/SET_UNALIGN

[Laurent Vivier]

From: Richard Henderson 

This requires extra work for each target, but adds the
common syscall code, and the necessary flag in CPUState.

Reviewed-by: Warner Losh 
Reviewed-by: Laurent Vivier 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Richard Henderson 
Message-Id: <20211227150127.2659293-4-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier 
---
 cpu.c | 20 -
 include/hw/core/cpu.h |  3 +++
 linux-user/generic/target_prctl_unalign.h | 27 +++
 linux-user/syscall.c  | 13 +--
 4 files changed, 56 insertions(+), 7 deletions(-)
 create mode 100644 linux-user/generic/target_prctl_unalign.h

diff --git a/cpu.c b/cpu.c
index 945dd3dded4a..016bf06a1aec 100644
--- a/cpu.c
+++ b/cpu.c
@@ -174,13 +174,23 @@ void cpu_exec_unrealizefn(CPUState *cpu)
 cpu_list_remove(cpu);
 }
 
+/*
+ * This can't go in hw/core/cpu.c because that file is compiled only
+ * once for both user-mode and system builds.
+ */
 static Property cpu_common_props[] = {
-#ifndef CONFIG_USER_ONLY
+#ifdef CONFIG_USER_ONLY
+/*
+ * Create a property for the user-only object, so users can
+ * adjust prctl(PR_SET_UNALIGN) from the command-line.
+ * Has no effect if the target does not support the feature.
+ */
+DEFINE_PROP_BOOL("prctl-unalign-sigbus", CPUState,
+ prctl_unalign_sigbus, false),
+#else
 /*
- * Create a memory property for softmmu CPU object,
- * so users can wire up its memory. (This can't go in hw/core/cpu.c
- * because that file is compiled only once for both user-mode
- * and system builds.) The default if no link is set up is to use
+ * Create a memory property for softmmu CPU object, so users can
+ * wire up its memory.  The default if no link is set up is to use
  * the system address space.
  */
 DEFINE_PROP_LINK("memory", CPUState, memory, TYPE_MEMORY_REGION,
diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
index e948e81f1a97..76ab3b851c87 100644
--- a/include/hw/core/cpu.h
+++ b/include/hw/core/cpu.h
@@ -413,6 +413,9 @@ struct CPUState {
 
 bool ignore_memory_transaction_failures;
 
+/* Used for user-only emulation of prctl(PR_SET_UNALIGN). */
+bool prctl_unalign_sigbus;
+
 struct hax_vcpu_state *hax_vcpu;
 
 struct hvf_vcpu_state *hvf;
diff --git a/linux-user/generic/target_prctl_unalign.h 
b/linux-user/generic/target_prctl_unalign.h
new file mode 100644
index ..bc3b83af2a6b
--- /dev/null
+++ b/linux-user/generic/target_prctl_unalign.h
@@ -0,0 +1,27 @@
+/*
+ * Generic prctl unalign functions for linux-user
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+#ifndef GENERIC_TARGET_PRCTL_UNALIGN_H
+#define GENERIC_TARGET_PRCTL_UNALIGN_H
+
+static abi_long do_prctl_get_unalign(CPUArchState *env, target_long arg2)
+{
+CPUState *cs = env_cpu(env);
+uint32_t res = PR_UNALIGN_NOPRINT;
+if (cs->prctl_unalign_sigbus) {
+res |= PR_UNALIGN_SIGBUS;
+}
+return put_user_u32(res, arg2);
+}
+#define do_prctl_get_unalign do_prctl_get_unalign
+
+static abi_long do_prctl_set_unalign(CPUArchState *env, target_long arg2)
+{
+env_cpu(env)->prctl_unalign_sigbus = arg2 & PR_UNALIGN_SIGBUS;
+return 0;
+}
+#define do_prctl_set_unalign do_prctl_set_unalign
+
+#endif /* GENERIC_TARGET_PRCTL_UNALIGN_H */
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index d868ef291085..b5112891b046 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -6378,6 +6378,12 @@ static abi_long do_prctl_inval1(CPUArchState *env, 
abi_long arg2)
 #ifndef do_prctl_get_tagged_addr_ctrl
 #define do_prctl_get_tagged_addr_ctrl do_prctl_inval0
 #endif
+#ifndef do_prctl_get_unalign
+#define do_prctl_get_unalign do_prctl_inval1
+#endif
+#ifndef do_prctl_set_unalign
+#define do_prctl_set_unalign do_prctl_inval1
+#endif
 
 static abi_long do_prctl(CPUArchState *env, abi_long option, abi_long arg2,
  abi_long arg3, abi_long arg4, abi_long arg5)
@@ -6441,6 +6447,11 @@ static abi_long do_prctl(CPUArchState *env, abi_long 
option, abi_long arg2,
 }
 return do_prctl_get_tagged_addr_ctrl(env);
 
+case PR_GET_UNALIGN:
+return do_prctl_get_unalign(env, arg2);
+case PR_SET_UNALIGN:
+return do_prctl_set_unalign(env, arg2);
+
 case PR_GET_DUMPABLE:
 case PR_SET_DUMPABLE:
 case PR_GET_KEEPCAPS:
@@ -6483,8 +6494,6 @@ static abi_long do_prctl(CPUArchState *env, abi_long 
option, abi_long arg2,
 case PR_SET_THP_DISABLE:
 case PR_GET_TSC:
 case PR_SET_TSC:
-case PR_GET_UNALIGN:
-case PR_SET_UNALIGN:
 /* Disable to prevent the target disabling stuff we need. */
 return -TARGET_EINVAL;
 
-- 
2.33.1

[PULL 17/27] linux-user/nios2: Properly emulate EXCP_TRAP

[Laurent Vivier]

From: Richard Henderson 

The real kernel has to load the instruction and extract
the imm5 field; for qemu, modify the translator to do this.

The use of R_AT for this in cpu_loop was a bug.  Handle
the other trap numbers as per the kernel's trap_table.

Reviewed-by: Alex Bennée 
Signed-off-by: Richard Henderson 
Reviewed-by: Laurent Vivier 
Message-Id: <20211221025012.1057923-2-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/nios2/cpu_loop.c | 40 -
 target/nios2/cpu.h  |  2 +-
 target/nios2/translate.c| 17 +++-
 3 files changed, 39 insertions(+), 20 deletions(-)

diff --git a/linux-user/nios2/cpu_loop.c b/linux-user/nios2/cpu_loop.c
index 34290fb3b51c..5c3d01d22dd7 100644
--- a/linux-user/nios2/cpu_loop.c
+++ b/linux-user/nios2/cpu_loop.c
@@ -26,7 +26,6 @@
 void cpu_loop(CPUNios2State *env)
 {
 CPUState *cs = env_cpu(env);
-Nios2CPU *cpu = NIOS2_CPU(cs);
 target_siginfo_t info;
 int trapnr, ret;
 
@@ -39,9 +38,10 @@ void cpu_loop(CPUNios2State *env)
 case EXCP_INTERRUPT:
 /* just indicate that signals should be handled asap */
 break;
+
 case EXCP_TRAP:
-if (env->regs[R_AT] == 0) {
-abi_long ret;
+switch (env->error_code) {
+case 0:
 qemu_log_mask(CPU_LOG_INT, "\nSyscall\n");
 
 ret = do_syscall(env, env->regs[2],
@@ -55,26 +55,30 @@ void cpu_loop(CPUNios2State *env)
 
 env->regs[2] = abs(ret);
 /* Return value is 0..4096 */
-env->regs[7] = (ret > 0xf000ULL);
-env->regs[CR_ESTATUS] = env->regs[CR_STATUS];
-env->regs[CR_STATUS] &= ~0x3;
-env->regs[R_EA] = env->regs[R_PC] + 4;
+env->regs[7] = ret > 0xf000u;
 env->regs[R_PC] += 4;
 break;
-} else {
-qemu_log_mask(CPU_LOG_INT, "\nTrap\n");
-
-env->regs[CR_ESTATUS] = env->regs[CR_STATUS];
-env->regs[CR_STATUS] &= ~0x3;
-env->regs[R_EA] = env->regs[R_PC] + 4;
-env->regs[R_PC] = cpu->exception_addr;
 
-info.si_signo = TARGET_SIGTRAP;
-info.si_errno = 0;
-info.si_code = TARGET_TRAP_BRKPT;
-queue_signal(env, info.si_signo, QEMU_SI_FAULT, &info);
+case 1:
+qemu_log_mask(CPU_LOG_INT, "\nTrap 1\n");
+force_sig_fault(TARGET_SIGUSR1, 0, env->regs[R_PC]);
+break;
+case 2:
+qemu_log_mask(CPU_LOG_INT, "\nTrap 2\n");
+force_sig_fault(TARGET_SIGUSR2, 0, env->regs[R_PC]);
+break;
+case 31:
+qemu_log_mask(CPU_LOG_INT, "\nTrap 31\n");
+force_sig_fault(TARGET_SIGTRAP, TARGET_TRAP_BRKPT, 
env->regs[R_PC]);
+break;
+default:
+qemu_log_mask(CPU_LOG_INT, "\nTrap %d\n", env->error_code);
+force_sig_fault(TARGET_SIGILL, TARGET_ILL_ILLTRP,
+env->regs[R_PC]);
 break;
 }
+break;
+
 case EXCP_DEBUG:
 info.si_signo = TARGET_SIGTRAP;
 info.si_errno = 0;
diff --git a/target/nios2/cpu.h b/target/nios2/cpu.h
index 1a69ed7a49c7..d2ba0c5bbd82 100644
--- a/target/nios2/cpu.h
+++ b/target/nios2/cpu.h
@@ -160,9 +160,9 @@ struct CPUNios2State {
 
 #if !defined(CONFIG_USER_ONLY)
 Nios2MMU mmu;
-
 uint32_t irq_pending;
 #endif
+int error_code;
 };
 
 /**
diff --git a/target/nios2/translate.c b/target/nios2/translate.c
index 08d7ac539834..a75987751926 100644
--- a/target/nios2/translate.c
+++ b/target/nios2/translate.c
@@ -636,6 +636,21 @@ static void divu(DisasContext *dc, uint32_t code, uint32_t 
flags)
 tcg_temp_free(t0);
 }
 
+static void trap(DisasContext *dc, uint32_t code, uint32_t flags)
+{
+#ifdef CONFIG_USER_ONLY
+/*
+ * The imm5 field is not stored anywhere on real hw; the kernel
+ * has to load the insn and extract the field.  But we can make
+ * things easier for cpu_loop if we pop this into env->error_code.
+ */
+R_TYPE(instr, code);
+tcg_gen_st_i32(tcg_constant_i32(instr.imm5), cpu_env,
+   offsetof(CPUNios2State, error_code));
+#endif
+t_gen_helper_raise_exception(dc, EXCP_TRAP);
+}
+
 static const Nios2Instruction r_type_instructions[] = {
 INSTRUCTION_ILLEGAL(),
 INSTRUCTION(eret),/* eret */
@@ -682,7 +697,7 @@ static const Nios2Instruction r_type_instructions[] = {
 INSTRUCTION_ILLEGAL(),
 INSTRUCTION_ILLEGAL(),
 INSTRUCTION_ILLEGAL(),
-INSTRUCTION_FLG(gen_excp, EXCP_TRAP), /* trap */
+INSTRUCTION(trap),/* trap */
 INSTRUCTION(wrctl),

[PULL 08/27] linux-user: Disable more prctl subcodes

[Laurent Vivier]

From: Richard Henderson 

Create a list of subcodes that we want to pass on, a list of
subcodes that should not be passed on because they would affect
the running qemu itself, and a list that probably could be
implemented but require extra work. Do not pass on unknown subcodes.

Reviewed-by: Laurent Vivier 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Richard Henderson 
Message-Id: <20211227150127.2659293-3-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/syscall.c | 58 +---
 1 file changed, 55 insertions(+), 3 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 0f0f67d56721..d868ef291085 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -6337,6 +6337,13 @@ abi_long do_arch_prctl(CPUX86State *env, int code, 
abi_ulong addr)
 # define PR_MTE_TAG_SHIFT   3
 # define PR_MTE_TAG_MASK(0xUL << PR_MTE_TAG_SHIFT)
 #endif
+#ifndef PR_SET_IO_FLUSHER
+# define PR_SET_IO_FLUSHER 57
+# define PR_GET_IO_FLUSHER 58
+#endif
+#ifndef PR_SET_SYSCALL_USER_DISPATCH
+# define PR_SET_SYSCALL_USER_DISPATCH 59
+#endif
 
 #include "target_prctl.h"
 
@@ -6433,13 +6440,58 @@ static abi_long do_prctl(CPUArchState *env, abi_long 
option, abi_long arg2,
 return -TARGET_EINVAL;
 }
 return do_prctl_get_tagged_addr_ctrl(env);
+
+case PR_GET_DUMPABLE:
+case PR_SET_DUMPABLE:
+case PR_GET_KEEPCAPS:
+case PR_SET_KEEPCAPS:
+case PR_GET_TIMING:
+case PR_SET_TIMING:
+case PR_GET_TIMERSLACK:
+case PR_SET_TIMERSLACK:
+case PR_MCE_KILL:
+case PR_MCE_KILL_GET:
+case PR_GET_NO_NEW_PRIVS:
+case PR_SET_NO_NEW_PRIVS:
+case PR_GET_IO_FLUSHER:
+case PR_SET_IO_FLUSHER:
+/* Some prctl options have no pointer arguments and we can pass on. */
+return get_errno(prctl(option, arg2, arg3, arg4, arg5));
+
+case PR_GET_CHILD_SUBREAPER:
+case PR_SET_CHILD_SUBREAPER:
+case PR_GET_SPECULATION_CTRL:
+case PR_SET_SPECULATION_CTRL:
+case PR_GET_TID_ADDRESS:
+/* TODO */
+return -TARGET_EINVAL;
+
+case PR_GET_FPEXC:
+case PR_SET_FPEXC:
+/* Was used for SPE on PowerPC. */
+return -TARGET_EINVAL;
+
+case PR_GET_ENDIAN:
+case PR_SET_ENDIAN:
+case PR_GET_FPEMU:
+case PR_SET_FPEMU:
+case PR_SET_MM:
 case PR_GET_SECCOMP:
 case PR_SET_SECCOMP:
-/* Disable seccomp to prevent the target disabling syscalls we need. */
+case PR_SET_SYSCALL_USER_DISPATCH:
+case PR_GET_THP_DISABLE:
+case PR_SET_THP_DISABLE:
+case PR_GET_TSC:
+case PR_SET_TSC:
+case PR_GET_UNALIGN:
+case PR_SET_UNALIGN:
+/* Disable to prevent the target disabling stuff we need. */
 return -TARGET_EINVAL;
+
 default:
-/* Most prctl options have no pointer arguments */
-return get_errno(prctl(option, arg2, arg3, arg4, arg5));
+qemu_log_mask(LOG_UNIMP, "Unsupported prctl: " TARGET_ABI_FMT_ld "\n",
+  option);
+return -TARGET_EINVAL;
 }
 }
 
-- 
2.33.1

[PULL 10/27] target/alpha: Implement prctl_unalign_sigbus

[Laurent Vivier]

From: Richard Henderson 

Leave TARGET_ALIGNED_ONLY set, but use the new CPUState
flag to set MO_UNALN for the instructions that the kernel
handles in the unaligned trap.

Signed-off-by: Richard Henderson 
Reviewed-by: Laurent Vivier 
Message-Id: <20211227150127.2659293-5-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/alpha/target_prctl.h |  2 +-
 target/alpha/cpu.h  |  5 +
 target/alpha/translate.c| 31 ++-
 3 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/linux-user/alpha/target_prctl.h b/linux-user/alpha/target_prctl.h
index eb53b31ad554..5629ddbf39cd 100644
--- a/linux-user/alpha/target_prctl.h
+++ b/linux-user/alpha/target_prctl.h
@@ -1 +1 @@
-/* No special prctl support required. */
+#include "../generic/target_prctl_unalign.h"
diff --git a/target/alpha/cpu.h b/target/alpha/cpu.h
index afd975c87801..e81921150392 100644
--- a/target/alpha/cpu.h
+++ b/target/alpha/cpu.h
@@ -383,6 +383,8 @@ enum {
 #define ENV_FLAG_TB_MASK \
 (ENV_FLAG_PAL_MODE | ENV_FLAG_PS_USER | ENV_FLAG_FEN)
 
+#define TB_FLAG_UNALIGN   (1u << 1)
+
 static inline int cpu_mmu_index(CPUAlphaState *env, bool ifetch)
 {
 int ret = env->flags & ENV_FLAG_PS_USER ? MMU_USER_IDX : MMU_KERNEL_IDX;
@@ -470,6 +472,9 @@ static inline void cpu_get_tb_cpu_state(CPUAlphaState *env, 
target_ulong *pc,
 *pc = env->pc;
 *cs_base = 0;
 *pflags = env->flags & ENV_FLAG_TB_MASK;
+#ifdef CONFIG_USER_ONLY
+*pflags |= TB_FLAG_UNALIGN * !env_cpu(env)->prctl_unalign_sigbus;
+#endif
 }
 
 #ifdef CONFIG_USER_ONLY
diff --git a/target/alpha/translate.c b/target/alpha/translate.c
index a4c3f43e720a..208ae5fbd50d 100644
--- a/target/alpha/translate.c
+++ b/target/alpha/translate.c
@@ -45,7 +45,9 @@ typedef struct DisasContext DisasContext;
 struct DisasContext {
 DisasContextBase base;
 
-#ifndef CONFIG_USER_ONLY
+#ifdef CONFIG_USER_ONLY
+MemOp unalign;
+#else
 uint64_t palbr;
 #endif
 uint32_t tbflags;
@@ -68,6 +70,12 @@ struct DisasContext {
 TCGv sink;
 };
 
+#ifdef CONFIG_USER_ONLY
+#define UNALIGN(C)  (C)->unalign
+#else
+#define UNALIGN(C)  0
+#endif
+
 /* Target-specific return values from translate_one, indicating the
state of the TB.  Note that DISAS_NEXT indicates that we are not
exiting the TB.  */
@@ -270,7 +278,7 @@ static inline DisasJumpType gen_invalid(DisasContext *ctx)
 static void gen_ldf(DisasContext *ctx, TCGv dest, TCGv addr)
 {
 TCGv_i32 tmp32 = tcg_temp_new_i32();
-tcg_gen_qemu_ld_i32(tmp32, addr, ctx->mem_idx, MO_LEUL);
+tcg_gen_qemu_ld_i32(tmp32, addr, ctx->mem_idx, MO_LEUL | UNALIGN(ctx));
 gen_helper_memory_to_f(dest, tmp32);
 tcg_temp_free_i32(tmp32);
 }
@@ -278,7 +286,7 @@ static void gen_ldf(DisasContext *ctx, TCGv dest, TCGv addr)
 static void gen_ldg(DisasContext *ctx, TCGv dest, TCGv addr)
 {
 TCGv tmp = tcg_temp_new();
-tcg_gen_qemu_ld_i64(tmp, addr, ctx->mem_idx, MO_LEQ);
+tcg_gen_qemu_ld_i64(tmp, addr, ctx->mem_idx, MO_LEQ | UNALIGN(ctx));
 gen_helper_memory_to_g(dest, tmp);
 tcg_temp_free(tmp);
 }
@@ -286,14 +294,14 @@ static void gen_ldg(DisasContext *ctx, TCGv dest, TCGv 
addr)
 static void gen_lds(DisasContext *ctx, TCGv dest, TCGv addr)
 {
 TCGv_i32 tmp32 = tcg_temp_new_i32();
-tcg_gen_qemu_ld_i32(tmp32, addr, ctx->mem_idx, MO_LEUL);
+tcg_gen_qemu_ld_i32(tmp32, addr, ctx->mem_idx, MO_LEUL | UNALIGN(ctx));
 gen_helper_memory_to_s(dest, tmp32);
 tcg_temp_free_i32(tmp32);
 }
 
 static void gen_ldt(DisasContext *ctx, TCGv dest, TCGv addr)
 {
-tcg_gen_qemu_ld_i64(dest, addr, ctx->mem_idx, MO_LEQ);
+tcg_gen_qemu_ld_i64(dest, addr, ctx->mem_idx, MO_LEQ | UNALIGN(ctx));
 }
 
 static void gen_load_fp(DisasContext *ctx, int ra, int rb, int32_t disp16,
@@ -324,6 +332,8 @@ static void gen_load_int(DisasContext *ctx, int ra, int rb, 
int32_t disp16,
 tcg_gen_addi_i64(addr, load_gpr(ctx, rb), disp16);
 if (clear) {
 tcg_gen_andi_i64(addr, addr, ~0x7);
+} else if (!locked) {
+op |= UNALIGN(ctx);
 }
 
 dest = ctx->ir[ra];
@@ -340,7 +350,7 @@ static void gen_stf(DisasContext *ctx, TCGv src, TCGv addr)
 {
 TCGv_i32 tmp32 = tcg_temp_new_i32();
 gen_helper_f_to_memory(tmp32, addr);
-tcg_gen_qemu_st_i32(tmp32, addr, ctx->mem_idx, MO_LEUL);
+tcg_gen_qemu_st_i32(tmp32, addr, ctx->mem_idx, MO_LEUL | UNALIGN(ctx));
 tcg_temp_free_i32(tmp32);
 }
 
@@ -348,7 +358,7 @@ static void gen_stg(DisasContext *ctx, TCGv src, TCGv addr)
 {
 TCGv tmp = tcg_temp_new();
 gen_helper_g_to_memory(tmp, src);
-tcg_gen_qemu_st_i64(tmp, addr, ctx->mem_idx, MO_LEQ);
+tcg_gen_qemu_st_i64(tmp, addr, ctx->mem_idx, MO_LEQ | UNALIGN(ctx));
 tcg_temp_free(tmp);
 }
 
@@ -356,13 +366,13 @@ static void gen_sts(DisasContext *ctx, TCGv src, TCGv 
addr)
 {
 TCGv_i32 tmp32 = tcg_temp_new_i32();
 gen_helper_s_to_memory(tmp32, src);
-tcg_gen_qemu_st_i32(tmp32, addr, ctx->mem_idx, MO

[PULL 15/27] linux-user: call set/getscheduler set/getparam directly

[Laurent Vivier]

From: Tonis Tiigi 

There seems to be difference in syscall and libc definition of these
methods and therefore musl does not implement them (1e21e78bf7). Call
syscall directly to ensure the behavior of the libc of user application,
not the libc that was used to build QEMU.

Signed-off-by: Tonis Tiigi 
Message-Id: <20220105041819.24160-3-tonisti...@gmail.com>
Reviewed-by: Laurent Vivier 
Signed-off-by: Laurent Vivier 
---
 linux-user/syscall.c  | 34 --
 linux-user/syscall_defs.h |  4 
 2 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 6de116eb90cb..01cd59cdce53 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -359,6 +359,17 @@ _syscall4(int, sys_sched_getattr, pid_t, pid, struct 
sched_attr *, attr,
 #define __NR_sys_sched_setattr __NR_sched_setattr
 _syscall3(int, sys_sched_setattr, pid_t, pid, struct sched_attr *, attr,
   unsigned int, flags);
+#define __NR_sys_sched_getscheduler __NR_sched_getscheduler
+_syscall1(int, sys_sched_getscheduler, pid_t, pid);
+#define __NR_sys_sched_setscheduler __NR_sched_setscheduler
+_syscall3(int, sys_sched_setscheduler, pid_t, pid, int, policy,
+  const struct sched_param *, param);
+#define __NR_sys_sched_getparam __NR_sched_getparam
+_syscall2(int, sys_sched_getparam, pid_t, pid,
+  struct sched_param *, param);
+#define __NR_sys_sched_setparam __NR_sched_setparam
+_syscall2(int, sys_sched_setparam, pid_t, pid,
+  const struct sched_param *, param);
 #define __NR_sys_getcpu __NR_getcpu
 _syscall3(int, sys_getcpu, unsigned *, cpu, unsigned *, node, void *, tcache);
 _syscall4(int, reboot, int, magic1, int, magic2, unsigned int, cmd,
@@ -10794,30 +10805,32 @@ static abi_long do_syscall1(void *cpu_env, int num, 
abi_long arg1,
 return ret;
 case TARGET_NR_sched_setparam:
 {
-struct sched_param *target_schp;
+struct target_sched_param *target_schp;
 struct sched_param schp;
 
 if (arg2 == 0) {
 return -TARGET_EINVAL;
 }
-if (!lock_user_struct(VERIFY_READ, target_schp, arg2, 1))
+if (!lock_user_struct(VERIFY_READ, target_schp, arg2, 1)) {
 return -TARGET_EFAULT;
+}
 schp.sched_priority = tswap32(target_schp->sched_priority);
 unlock_user_struct(target_schp, arg2, 0);
-return get_errno(sched_setparam(arg1, &schp));
+return get_errno(sys_sched_setparam(arg1, &schp));
 }
 case TARGET_NR_sched_getparam:
 {
-struct sched_param *target_schp;
+struct target_sched_param *target_schp;
 struct sched_param schp;
 
 if (arg2 == 0) {
 return -TARGET_EINVAL;
 }
-ret = get_errno(sched_getparam(arg1, &schp));
+ret = get_errno(sys_sched_getparam(arg1, &schp));
 if (!is_error(ret)) {
-if (!lock_user_struct(VERIFY_WRITE, target_schp, arg2, 0))
+if (!lock_user_struct(VERIFY_WRITE, target_schp, arg2, 0)) {
 return -TARGET_EFAULT;
+}
 target_schp->sched_priority = tswap32(schp.sched_priority);
 unlock_user_struct(target_schp, arg2, 1);
 }
@@ -10825,19 +10838,20 @@ static abi_long do_syscall1(void *cpu_env, int num, 
abi_long arg1,
 return ret;
 case TARGET_NR_sched_setscheduler:
 {
-struct sched_param *target_schp;
+struct target_sched_param *target_schp;
 struct sched_param schp;
 if (arg3 == 0) {
 return -TARGET_EINVAL;
 }
-if (!lock_user_struct(VERIFY_READ, target_schp, arg3, 1))
+if (!lock_user_struct(VERIFY_READ, target_schp, arg3, 1)) {
 return -TARGET_EFAULT;
+}
 schp.sched_priority = tswap32(target_schp->sched_priority);
 unlock_user_struct(target_schp, arg3, 0);
-return get_errno(sched_setscheduler(arg1, arg2, &schp));
+return get_errno(sys_sched_setscheduler(arg1, arg2, &schp));
 }
 case TARGET_NR_sched_getscheduler:
-return get_errno(sched_getscheduler(arg1));
+return get_errno(sys_sched_getscheduler(arg1));
 case TARGET_NR_sched_getattr:
 {
 struct target_sched_attr *target_scha;
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index 66244589aa3d..cca561f62268 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -2904,4 +2904,8 @@ struct target_sched_attr {
 abi_uint sched_util_max;
 };
 
+struct target_sched_param {
+abi_int sched_priority;
+};
+
 #endif
-- 
2.33.1

[PULL 11/27] target/hppa: Implement prctl_unalign_sigbus

[Laurent Vivier]

From: Richard Henderson 

Leave TARGET_ALIGNED_ONLY set, but use the new CPUState
flag to set MO_UNALN for the instructions that the kernel
handles in the unaligned trap.

Signed-off-by: Richard Henderson 
Reviewed-by: Laurent Vivier 
Message-Id: <20211227150127.2659293-6-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/hppa/target_prctl.h |  2 +-
 target/hppa/cpu.h  |  5 -
 target/hppa/translate.c| 19 +++
 3 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/linux-user/hppa/target_prctl.h b/linux-user/hppa/target_prctl.h
index eb53b31ad554..5629ddbf39cd 100644
--- a/linux-user/hppa/target_prctl.h
+++ b/linux-user/hppa/target_prctl.h
@@ -1 +1 @@
-/* No special prctl support required. */
+#include "../generic/target_prctl_unalign.h"
diff --git a/target/hppa/cpu.h b/target/hppa/cpu.h
index 294fd7297f91..45fd338b02f8 100644
--- a/target/hppa/cpu.h
+++ b/target/hppa/cpu.h
@@ -259,12 +259,14 @@ static inline target_ulong hppa_form_gva(CPUHPPAState 
*env, uint64_t spc,
 return hppa_form_gva_psw(env->psw, spc, off);
 }
 
-/* Since PSW_{I,CB} will never need to be in tb->flags, reuse them.
+/*
+ * Since PSW_{I,CB} will never need to be in tb->flags, reuse them.
  * TB_FLAG_SR_SAME indicates that SR4 through SR7 all contain the
  * same value.
  */
 #define TB_FLAG_SR_SAME PSW_I
 #define TB_FLAG_PRIV_SHIFT  8
+#define TB_FLAG_UNALIGN 0x400
 
 static inline void cpu_get_tb_cpu_state(CPUHPPAState *env, target_ulong *pc,
 target_ulong *cs_base,
@@ -279,6 +281,7 @@ static inline void cpu_get_tb_cpu_state(CPUHPPAState *env, 
target_ulong *pc,
 #ifdef CONFIG_USER_ONLY
 *pc = env->iaoq_f & -4;
 *cs_base = env->iaoq_b & -4;
+flags |= TB_FLAG_UNALIGN * !env_cpu(env)->prctl_unalign_sigbus;
 #else
 /* ??? E, T, H, L, B, P bits need to be here, when implemented.  */
 flags |= env->psw & (PSW_W | PSW_C | PSW_D);
diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index 952027a28e12..a2392a1b64a4 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -274,8 +274,18 @@ typedef struct DisasContext {
 int mmu_idx;
 int privilege;
 bool psw_n_nonzero;
+
+#ifdef CONFIG_USER_ONLY
+MemOp unalign;
+#endif
 } DisasContext;
 
+#ifdef CONFIG_USER_ONLY
+#define UNALIGN(C)  (C)->unalign
+#else
+#define UNALIGN(C)  0
+#endif
+
 /* Note that ssm/rsm instructions number PSW_W and PSW_E differently.  */
 static int expand_sm_imm(DisasContext *ctx, int val)
 {
@@ -1475,7 +1485,7 @@ static void do_load_32(DisasContext *ctx, TCGv_i32 dest, 
unsigned rb,
 
 form_gva(ctx, &addr, &ofs, rb, rx, scale, disp, sp, modify,
  ctx->mmu_idx == MMU_PHYS_IDX);
-tcg_gen_qemu_ld_reg(dest, addr, ctx->mmu_idx, mop);
+tcg_gen_qemu_ld_reg(dest, addr, ctx->mmu_idx, mop | UNALIGN(ctx));
 if (modify) {
 save_gpr(ctx, rb, ofs);
 }
@@ -1493,7 +1503,7 @@ static void do_load_64(DisasContext *ctx, TCGv_i64 dest, 
unsigned rb,
 
 form_gva(ctx, &addr, &ofs, rb, rx, scale, disp, sp, modify,
  ctx->mmu_idx == MMU_PHYS_IDX);
-tcg_gen_qemu_ld_i64(dest, addr, ctx->mmu_idx, mop);
+tcg_gen_qemu_ld_i64(dest, addr, ctx->mmu_idx, mop | UNALIGN(ctx));
 if (modify) {
 save_gpr(ctx, rb, ofs);
 }
@@ -1511,7 +1521,7 @@ static void do_store_32(DisasContext *ctx, TCGv_i32 src, 
unsigned rb,
 
 form_gva(ctx, &addr, &ofs, rb, rx, scale, disp, sp, modify,
  ctx->mmu_idx == MMU_PHYS_IDX);
-tcg_gen_qemu_st_i32(src, addr, ctx->mmu_idx, mop);
+tcg_gen_qemu_st_i32(src, addr, ctx->mmu_idx, mop | UNALIGN(ctx));
 if (modify) {
 save_gpr(ctx, rb, ofs);
 }
@@ -1529,7 +1539,7 @@ static void do_store_64(DisasContext *ctx, TCGv_i64 src, 
unsigned rb,
 
 form_gva(ctx, &addr, &ofs, rb, rx, scale, disp, sp, modify,
  ctx->mmu_idx == MMU_PHYS_IDX);
-tcg_gen_qemu_st_i64(src, addr, ctx->mmu_idx, mop);
+tcg_gen_qemu_st_i64(src, addr, ctx->mmu_idx, mop | UNALIGN(ctx));
 if (modify) {
 save_gpr(ctx, rb, ofs);
 }
@@ -4107,6 +4117,7 @@ static void hppa_tr_init_disas_context(DisasContextBase 
*dcbase, CPUState *cs)
 ctx->mmu_idx = MMU_USER_IDX;
 ctx->iaoq_f = ctx->base.pc_first | MMU_USER_IDX;
 ctx->iaoq_b = ctx->base.tb->cs_base | MMU_USER_IDX;
+ctx->unalign = (ctx->tb_flags & TB_FLAG_UNALIGN ? MO_UNALN : MO_ALIGN);
 #else
 ctx->privilege = (ctx->tb_flags >> TB_FLAG_PRIV_SHIFT) & 3;
 ctx->mmu_idx = (ctx->tb_flags & PSW_D ? ctx->privilege : MMU_PHYS_IDX);
-- 
2.33.1

[PULL 02/27] linux-user/hexagon: Use generic target_stat64 structure

[Laurent Vivier]

From: Philippe Mathieu-Daudé 

Linux Hexagon port doesn't define a specific 'struct stat'
but uses the generic one (see Linux commit 6103ec56c65c [*]
"asm-generic: add generic ABI headers" which predates the
introduction of the Hexagon port).

Remove the target specific target_stat (which in fact is the
target_stat64 structure but uses incorrect target_long and
ABI unsafe long long types) and use the generic target_stat64
instead.

[*] 
https://github.com/torvalds/linux/commit/6103ec56c65c3#diff-5f59b07b38273b7d6a74193bc81a8cd18928c688276eae20cb10c569de3253ee

Signed-off-by: Philippe Mathieu-Daudé 
Reviewed-by: Richard Henderson 
Reviewed-by: Taylor Simpson 
Tested-by: Taylor Simpson 
Message-Id: <2026210919.2823206-1-f4...@amsat.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/syscall_defs.h | 28 ++--
 1 file changed, 2 insertions(+), 26 deletions(-)

diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index 0b139759377b..585e933140ac 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -2133,7 +2133,8 @@ struct target_stat64  {
 abi_ulong __unused5;
 };
 
-#elif defined(TARGET_OPENRISC) || defined(TARGET_NIOS2) || 
defined(TARGET_RISCV)
+#elif defined(TARGET_OPENRISC) || defined(TARGET_NIOS2) \
+|| defined(TARGET_RISCV) || defined(TARGET_HEXAGON)
 
 /* These are the asm-generic versions of the stat and stat64 structures */
 
@@ -2244,31 +2245,6 @@ struct target_stat64 {
 uint64_t   st_ino;
 };
 
-#elif defined(TARGET_HEXAGON)
-
-struct target_stat {
-unsigned long long st_dev;
-unsigned long long st_ino;
-unsigned int st_mode;
-unsigned int st_nlink;
-unsigned int st_uid;
-unsigned int st_gid;
-unsigned long long st_rdev;
-target_ulong __pad1;
-long long st_size;
-target_long st_blksize;
-int __pad2;
-long long st_blocks;
-
-target_long target_st_atime;
-target_long target_st_atime_nsec;
-target_long target_st_mtime;
-target_long target_st_mtime_nsec;
-target_long target_st_ctime;
-target_long target_st_ctime_nsec;
-int __unused[2];
-};
-
 #else
 #error unsupported CPU
 #endif
-- 
2.33.1

[PULL 23/27] linux-user/nios2: Use set_sigmask in do_rt_sigreturn

[Laurent Vivier]

From: Richard Henderson 

Using do_sigprocmask directly was incorrect, as it will
leave the signal blocked by the outer layers of linux-user.

Reviewed-by: Laurent Vivier 
Signed-off-by: Richard Henderson 
Message-Id: <20211221025012.1057923-8-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/nios2/signal.c | 2 +-
 linux-user/signal.c   | 2 --
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/linux-user/nios2/signal.c b/linux-user/nios2/signal.c
index 80e3d42fc965..517cd392701c 100644
--- a/linux-user/nios2/signal.c
+++ b/linux-user/nios2/signal.c
@@ -205,7 +205,7 @@ long do_rt_sigreturn(CPUNios2State *env)
 }
 
 target_to_host_sigset(&set, &frame->uc.tuc_sigmask);
-do_sigprocmask(SIG_SETMASK, &set, NULL);
+set_sigmask(&set);
 
 if (rt_restore_ucontext(env, &frame->uc, &rval)) {
 goto badframe;
diff --git a/linux-user/signal.c b/linux-user/signal.c
index 1229fecf5cd4..f813b4f18e44 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -258,7 +258,6 @@ int do_sigprocmask(int how, const sigset_t *set, sigset_t 
*oldset)
 return 0;
 }
 
-#if !defined(TARGET_NIOS2)
 /* Just set the guest's signal mask to the specified value; the
  * caller is assumed to have called block_signals() already.
  */
@@ -268,7 +267,6 @@ void set_sigmask(const sigset_t *set)
 
 ts->signal_mask = *set;
 }
-#endif
 
 /* sigaltstack management */
 
-- 
2.33.1

[PULL 00/27] Linux user for 7.0 patches

[Laurent Vivier]

The following changes since commit fb084237a3b78b20fd9d888dffd673b6656ea3be:

  common-user: Really fix i386 calls to safe_syscall_set_errno_tail (2022-01-04 
21:14:23 -0800)

are available in the Git repository at:

  https://gitlab.com/laurent_vivier/qemu.git 
tags/linux-user-for-7.0-pull-request

for you to fetch changes up to f0effdbc2a5b43422bc4c9c22641ef9dafa0c7ae:

  linux-user: netlink: update IFLA_BRPORT entries (2022-01-06 11:40:53 +0100)


linux-user pull request 20220106

update netlink entries
nios2 fixes
/proc/self/maps fixes
set/getscheduler update
prctl cleanup and fixes
target_signal.h cleanup
and some trivial fixes



Ahmed Abouzied (1):
  linux-user/syscall.c: malloc to g_try_malloc

Andrey Kazmin (1):
  linux-user/syscall.c: fix missed flag for shared memory in
open_self_maps

Laurent Vivier (3):
  linux-user: netlink: update IFLA entries
  linux-user: netlink: Add IFLA_VFINFO_LIST
  linux-user: netlink: update IFLA_BRPORT entries

Martin Wilck (1):
  qemu-binfmt-conf.sh: fix -F option

Matthias Schiffer (1):
  linux-user/signal: Map exit signals in SIGCHLD siginfo_t

Philippe Mathieu-Daudé (2):
  linux-user/hexagon: Use generic target_stat64 structure
  linux-user: Mark cpu_loop() with noreturn attribute

Richard Henderson (13):
  linux-user: Split out do_prctl and subroutines
  linux-user: Disable more prctl subcodes
  linux-user: Add code for PR_GET/SET_UNALIGN
  target/alpha: Implement prctl_unalign_sigbus
  target/hppa: Implement prctl_unalign_sigbus
  target/sh4: Implement prctl_unalign_sigbus
  linux-user/nios2: Properly emulate EXCP_TRAP
  linux-user/nios2: Fixes for signal frame setup
  linux-user/elfload: Rename ARM_COMMPAGE to HI_COMMPAGE
  linux-user/nios2: Map a real kuser page
  linux-user/nios2: Fix EA vs PC confusion
  linux-user/nios2: Fix sigmask in setup_rt_frame
  linux-user/nios2: Use set_sigmask in do_rt_sigreturn

Song Gao (3):
  linux-user: Move target_signal.h generic definitions to
generic/signal.h
  linux-user: target_syscall.h remove definition TARGET_MINSIGSTKSZ
  linux-user: Remove TARGET_SIGSTKSZ

Tonis Tiigi (2):
  linux-user: add sched_getattr support
  linux-user: call set/getscheduler set/getparam directly

 cpu.c |  20 +-
 include/hw/core/cpu.h |   3 +
 linux-user/aarch64/target_prctl.h | 160 ++
 linux-user/aarch64/target_signal.h|  18 -
 linux-user/aarch64/target_syscall.h   |  24 -
 linux-user/alpha/target_prctl.h   |   1 +
 linux-user/alpha/target_signal.h  |   1 -
 linux-user/alpha/target_syscall.h |   1 -
 linux-user/arm/target_prctl.h |   1 +
 linux-user/arm/target_signal.h|  18 -
 linux-user/arm/target_syscall.h   |   1 -
 linux-user/cris/target_prctl.h|   1 +
 linux-user/cris/target_signal.h   |  18 -
 linux-user/cris/target_syscall.h  |   1 -
 linux-user/elfload.c  |  66 ++-
 linux-user/fd-trans.c | 184 ++
 linux-user/generic/signal.h   |  15 +
 linux-user/generic/target_prctl_unalign.h |  27 +
 linux-user/hexagon/target_prctl.h |   1 +
 linux-user/hexagon/target_signal.h|  11 -
 linux-user/hppa/target_prctl.h|   1 +
 linux-user/hppa/target_signal.h   |   1 -
 linux-user/hppa/target_syscall.h  |   1 -
 linux-user/i386/target_prctl.h|   1 +
 linux-user/i386/target_signal.h   |  18 -
 linux-user/i386/target_syscall.h  |   1 -
 linux-user/m68k/target_prctl.h|   1 +
 linux-user/m68k/target_signal.h   |  18 -
 linux-user/m68k/target_syscall.h  |   1 -
 linux-user/microblaze/target_prctl.h  |   1 +
 linux-user/microblaze/target_signal.h |  18 -
 linux-user/microblaze/target_syscall.h|   1 -
 linux-user/mips/target_prctl.h|  88 +++
 linux-user/mips/target_signal.h   |   1 -
 linux-user/mips/target_syscall.h  |   7 -
 linux-user/mips64/target_prctl.h  |   1 +
 linux-user/mips64/target_signal.h |   1 -
 linux-user/mips64/target_syscall.h|   7 -
 linux-user/nios2/cpu_loop.c   |  93 +--
 linux-user/nios2/signal.c |  58 +-
 linux-user/nios2/target_prctl.h   |   1 +
 linux-user/nios2/target_signal.h  |  16 -
 linux-user/nios2/target_syscall.h |   1 -
 linux-user/openrisc/target_prctl.h|   1 +
 linux-user/openrisc/target_signal.h   |  23 -
 linux-user/openrisc/target_syscall.h  |   1 -
 linux-user/ppc/target_prctl.h |   1 +
 linux-user/ppc/target_signal.h|  18 -
 linux-user/ppc/target_syscall.h   |   1 -
 linux-user/riscv/target_prctl.h   |   1 +
 linux-user/riscv/target_signal.h  |  12 -
 linux-user/riscv/target_syscall.h

[PULL 16/27] linux-user/syscall.c: fix missed flag for shared memory in open_self_maps

[Laurent Vivier]

From: Andrey Kazmin 

The possible variants for region type in /proc/self/maps are either
private "p" or shared "s". In the current implementation,
we mark shared regions as "-". It could break memory mapping parsers
such as included into ASan/HWASan sanitizers.

Fixes: 01ef6b9e4e4e ("linux-user: factor out reading of /proc/self/maps")
Signed-off-by: Andrey Kazmin 
Reviewed-by: Laurent Vivier 
Acked-by: Alex Bennée 
Message-Id: <20211227125048.22610-1-a.kaz...@partner.samsung.com>
Signed-off-by: Laurent Vivier 
---
 linux-user/syscall.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 01cd59cdce53..3160d77154b5 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8045,7 +8045,7 @@ static int open_self_maps(void *cpu_env, int fd)
 (flags & PAGE_READ) ? 'r' : '-',
 (flags & PAGE_WRITE_ORG) ? 'w' : '-',
 (flags & PAGE_EXEC) ? 'x' : '-',
-e->is_priv ? 'p' : '-',
+e->is_priv ? 'p' : 's',
 (uint64_t) e->offset, e->dev, e->inode);
 if (path) {
 dprintf(fd, "%*s%s\n", 73 - count, "", path);
-- 
2.33.1

[PULL 25/27] linux-user: netlink: update IFLA entries

[Laurent Vivier]

Add IFLA_PHYS_PORT_ID, IFLA_PARENT_DEV_NAME, IFLA_PARENT_DEV_BUS_NAME

  # QEMU_LOG=unimp ip a
  Unknown host QEMU_IFLA type: 56
  Unknown host QEMU_IFLA type: 57
  Unknown host QEMU_IFLA type: 34

Signed-off-by: Laurent Vivier 
Reviewed-by: Richard Henderson 
Message-Id: <20211219154514.2165728-1-laur...@vivier.eu>
Signed-off-by: Laurent Vivier 
---
 linux-user/fd-trans.c | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/linux-user/fd-trans.c b/linux-user/fd-trans.c
index 69410899590c..14c19a90b2b0 100644
--- a/linux-user/fd-trans.c
+++ b/linux-user/fd-trans.c
@@ -138,6 +138,9 @@ enum {
 QEMU_IFLA_PROP_LIST,
 QEMU_IFLA_ALT_IFNAME,
 QEMU_IFLA_PERM_ADDRESS,
+QEMU_IFLA_PROTO_DOWN_REASON,
+QEMU_IFLA_PARENT_DEV_NAME,
+QEMU_IFLA_PARENT_DEV_BUS_NAME,
 QEMU___IFLA_MAX
 };
 
@@ -818,9 +821,12 @@ static abi_long host_to_target_data_link_rtattr(struct 
rtattr *rtattr)
 case QEMU_IFLA_ADDRESS:
 case QEMU_IFLA_BROADCAST:
 case QEMU_IFLA_PERM_ADDRESS:
+case QEMU_IFLA_PHYS_PORT_ID:
 /* string */
 case QEMU_IFLA_IFNAME:
 case QEMU_IFLA_QDISC:
+case QEMU_IFLA_PARENT_DEV_NAME:
+case QEMU_IFLA_PARENT_DEV_BUS_NAME:
 break;
 /* uin8_t */
 case QEMU_IFLA_OPERSTATE:
-- 
2.33.1

[PULL 22/27] linux-user/nios2: Fix sigmask in setup_rt_frame

[Laurent Vivier]

From: Richard Henderson 

Do not cast the signal mask elements; trust __put_user.

Reviewed-by: Laurent Vivier 
Signed-off-by: Richard Henderson 
Message-Id: <20211221025012.1057923-7-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/nios2/signal.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/linux-user/nios2/signal.c b/linux-user/nios2/signal.c
index 20b65aa06e08..80e3d42fc965 100644
--- a/linux-user/nios2/signal.c
+++ b/linux-user/nios2/signal.c
@@ -168,8 +168,7 @@ void setup_rt_frame(int sig, struct target_sigaction *ka,
 target_save_altstack(&frame->uc.tuc_stack, env);
 rt_setup_ucontext(&frame->uc, env);
 for (i = 0; i < TARGET_NSIG_WORDS; i++) {
-__put_user((abi_ulong)set->sig[i],
-   (abi_ulong *)&frame->uc.tuc_sigmask.sig[i]);
+__put_user(set->sig[i], &frame->uc.tuc_sigmask.sig[i]);
 }
 
 /* Set up to return from userspace; jump to fixed address sigreturn
-- 
2.33.1

[PULL 05/27] linux-user: target_syscall.h remove definition TARGET_MINSIGSTKSZ

[Laurent Vivier]

From: Song Gao 

TARGET_MINSIGSTKSZ has been defined in generic/signal.h
or target_signal.h, We don't need to define it again.

Signed-off-by: Song Gao 
Reviewed-by: Laurent Vivier 
Reviewed-by: Philippe Mathieu-Daudé 
Reviewed-by: Richard Henderson 
Message-Id: <1637893388-10282-3-git-send-email-gaos...@loongson.cn>
Signed-off-by: Laurent Vivier 
---
 linux-user/aarch64/target_syscall.h| 1 -
 linux-user/alpha/target_syscall.h  | 1 -
 linux-user/arm/target_syscall.h| 1 -
 linux-user/cris/target_syscall.h   | 1 -
 linux-user/hppa/target_syscall.h   | 1 -
 linux-user/i386/target_syscall.h   | 1 -
 linux-user/m68k/target_syscall.h   | 1 -
 linux-user/microblaze/target_syscall.h | 1 -
 linux-user/mips/target_syscall.h   | 1 -
 linux-user/mips64/target_syscall.h | 1 -
 linux-user/nios2/target_syscall.h  | 1 -
 linux-user/openrisc/target_syscall.h   | 1 -
 linux-user/ppc/target_syscall.h| 1 -
 linux-user/riscv/target_syscall.h  | 1 -
 linux-user/s390x/target_syscall.h  | 1 -
 linux-user/sh4/target_syscall.h| 1 -
 linux-user/sparc/target_syscall.h  | 1 -
 linux-user/x86_64/target_syscall.h | 1 -
 18 files changed, 18 deletions(-)

diff --git a/linux-user/aarch64/target_syscall.h 
b/linux-user/aarch64/target_syscall.h
index 76f6c3391d33..508219d62aba 100644
--- a/linux-user/aarch64/target_syscall.h
+++ b/linux-user/aarch64/target_syscall.h
@@ -15,7 +15,6 @@ struct target_pt_regs {
 #endif
 #define UNAME_MINIMUM_RELEASE "3.8.0"
 #define TARGET_CLONE_BACKWARDS
-#define TARGET_MINSIGSTKSZ   2048
 #define TARGET_MCL_CURRENT 1
 #define TARGET_MCL_FUTURE  2
 #define TARGET_MCL_ONFAULT 4
diff --git a/linux-user/alpha/target_syscall.h 
b/linux-user/alpha/target_syscall.h
index 03091bf0a826..fda3a49f29be 100644
--- a/linux-user/alpha/target_syscall.h
+++ b/linux-user/alpha/target_syscall.h
@@ -63,7 +63,6 @@ struct target_pt_regs {
 #define TARGET_UAC_NOPRINT 1
 #define TARGET_UAC_NOFIX   2
 #define TARGET_UAC_SIGBUS  4
-#define TARGET_MINSIGSTKSZ  4096
 #define TARGET_MCL_CURRENT 0x2000
 #define TARGET_MCL_FUTURE  0x4000
 #define TARGET_MCL_ONFAULT 0x8000
diff --git a/linux-user/arm/target_syscall.h b/linux-user/arm/target_syscall.h
index e870ed7a5468..f04f9c9e3d75 100644
--- a/linux-user/arm/target_syscall.h
+++ b/linux-user/arm/target_syscall.h
@@ -27,7 +27,6 @@ struct target_pt_regs {
 
 #define TARGET_CLONE_BACKWARDS
 
-#define TARGET_MINSIGSTKSZ 2048
 #define TARGET_MCL_CURRENT 1
 #define TARGET_MCL_FUTURE  2
 #define TARGET_MCL_ONFAULT 4
diff --git a/linux-user/cris/target_syscall.h b/linux-user/cris/target_syscall.h
index 19e12814039c..0b5ebf1f0283 100644
--- a/linux-user/cris/target_syscall.h
+++ b/linux-user/cris/target_syscall.h
@@ -39,7 +39,6 @@ struct target_pt_regs {
 };
 
 #define TARGET_CLONE_BACKWARDS2
-#define TARGET_MINSIGSTKSZ 2048
 #define TARGET_MCL_CURRENT 1
 #define TARGET_MCL_FUTURE  2
 #define TARGET_MCL_ONFAULT 4
diff --git a/linux-user/hppa/target_syscall.h b/linux-user/hppa/target_syscall.h
index 0018bcb5c4dc..4b382c1fcf4a 100644
--- a/linux-user/hppa/target_syscall.h
+++ b/linux-user/hppa/target_syscall.h
@@ -22,7 +22,6 @@ struct target_pt_regs {
 #define UNAME_MACHINE "parisc"
 #define UNAME_MINIMUM_RELEASE "2.6.32"
 #define TARGET_CLONE_BACKWARDS
-#define TARGET_MINSIGSTKSZ   2048
 #define TARGET_MCL_CURRENT 1
 #define TARGET_MCL_FUTURE  2
 #define TARGET_MCL_ONFAULT 4
diff --git a/linux-user/i386/target_syscall.h b/linux-user/i386/target_syscall.h
index ed356b3908dc..aaade06b136a 100644
--- a/linux-user/i386/target_syscall.h
+++ b/linux-user/i386/target_syscall.h
@@ -150,7 +150,6 @@ struct target_vm86plus_struct {
 #define UNAME_MINIMUM_RELEASE "2.6.32"
 
 #define TARGET_CLONE_BACKWARDS
-#define TARGET_MINSIGSTKSZ 2048
 #define TARGET_MCL_CURRENT 1
 #define TARGET_MCL_FUTURE  2
 #define TARGET_MCL_ONFAULT 4
diff --git a/linux-user/m68k/target_syscall.h b/linux-user/m68k/target_syscall.h
index 23359a6299dd..8d4ddbd76c8f 100644
--- a/linux-user/m68k/target_syscall.h
+++ b/linux-user/m68k/target_syscall.h
@@ -20,7 +20,6 @@ struct target_pt_regs {
 #define UNAME_MACHINE "m68k"
 #define UNAME_MINIMUM_RELEASE "2.6.32"
 
-#define TARGET_MINSIGSTKSZ 2048
 #define TARGET_MCL_CURRENT 1
 #define TARGET_MCL_FUTURE  2
 #define TARGET_MCL_ONFAULT 4
diff --git a/linux-user/microblaze/target_syscall.h 
b/linux-user/microblaze/target_syscall.h
index 7f653db34f87..43362a1664ca 100644
--- a/linux-user/microblaze/target_syscall.h
+++ b/linux-user/microblaze/target_syscall.h
@@ -49,7 +49,6 @@ struct target_pt_regs {
 };
 
 #define TARGET_CLONE_BACKWARDS
-#define TARGET_MINSIGSTKSZ  2048
 #define TARGET_MCL_CURRENT 1
 #define TARGET_MCL_FUTURE  2
 #define TARGET_MCL_ONFAULT 4
diff --git a/linux-user/mips/target_syscall.h b/linux-user/mips/target_syscall.h
index f59057493a35..7a82661fdb47 100644
--- a/linux-user/mips/target_syscall.h
+++ b/linux-user/mips/target_syscal

[PULL 18/27] linux-user/nios2: Fixes for signal frame setup

[Laurent Vivier]

From: Richard Henderson 

Do not confuse host and guest addresses.  Lock and unlock
the target_rt_sigframe structure in setup_rt_sigframe.

Since rt_setup_ucontext always returns 0, drop the return
value entirely.  This eliminates the only write to the err
variable in setup_rt_sigframe.

Always copy the siginfo structure.

Reviewed-by: Alex Bennée 
Reviewed-by: Peter Maydell 
Signed-off-by: Richard Henderson 
Message-Id: <20211221025012.1057923-3-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/nios2/signal.c | 51 ---
 1 file changed, 21 insertions(+), 30 deletions(-)

diff --git a/linux-user/nios2/signal.c b/linux-user/nios2/signal.c
index a77e8a40f468..adbffe32e3c8 100644
--- a/linux-user/nios2/signal.c
+++ b/linux-user/nios2/signal.c
@@ -42,7 +42,7 @@ struct target_rt_sigframe {
 struct target_ucontext uc;
 };
 
-static int rt_setup_ucontext(struct target_ucontext *uc, CPUNios2State *env)
+static void rt_setup_ucontext(struct target_ucontext *uc, CPUNios2State *env)
 {
 unsigned long *gregs = uc->tuc_mcontext.gregs;
 
@@ -75,8 +75,6 @@ static int rt_setup_ucontext(struct target_ucontext *uc, 
CPUNios2State *env)
 __put_user(env->regs[R_GP], &gregs[25]);
 __put_user(env->regs[R_EA], &gregs[27]);
 __put_user(env->regs[R_SP], &gregs[28]);
-
-return 0;
 }
 
 static int rt_restore_ucontext(CPUNios2State *env, struct target_ucontext *uc,
@@ -135,8 +133,8 @@ static int rt_restore_ucontext(CPUNios2State *env, struct 
target_ucontext *uc,
 return 0;
 }
 
-static void *get_sigframe(struct target_sigaction *ka, CPUNios2State *env,
-  size_t frame_size)
+static abi_ptr get_sigframe(struct target_sigaction *ka, CPUNios2State *env,
+size_t frame_size)
 {
 unsigned long usp;
 
@@ -144,7 +142,7 @@ static void *get_sigframe(struct target_sigaction *ka, 
CPUNios2State *env,
 usp = target_sigsp(get_sp_from_cpustate(env), ka);
 
 /* Verify, is it 32 or 64 bit aligned */
-return (void *)((usp - frame_size) & -8UL);
+return (usp - frame_size) & -8;
 }
 
 void setup_rt_frame(int sig, struct target_sigaction *ka,
@@ -153,26 +151,25 @@ void setup_rt_frame(int sig, struct target_sigaction *ka,
 CPUNios2State *env)
 {
 struct target_rt_sigframe *frame;
-int i, err = 0;
+abi_ptr frame_addr;
+int i;
 
-frame = get_sigframe(ka, env, sizeof(*frame));
-
-if (ka->sa_flags & SA_SIGINFO) {
-tswap_siginfo(&frame->info, info);
+frame_addr = get_sigframe(ka, env, sizeof(*frame));
+if (!lock_user_struct(VERIFY_WRITE, frame, frame_addr, 0)) {
+force_sigsegv(sig);
+return;
 }
 
+tswap_siginfo(&frame->info, info);
+
 /* Create the ucontext.  */
 __put_user(0, &frame->uc.tuc_flags);
 __put_user(0, &frame->uc.tuc_link);
 target_save_altstack(&frame->uc.tuc_stack, env);
-err |= rt_setup_ucontext(&frame->uc, env);
+rt_setup_ucontext(&frame->uc, env);
 for (i = 0; i < TARGET_NSIG_WORDS; i++) {
 __put_user((abi_ulong)set->sig[i],
-(abi_ulong *)&frame->uc.tuc_sigmask.sig[i]);
-}
-
-if (err) {
-goto give_sigsegv;
+   (abi_ulong *)&frame->uc.tuc_sigmask.sig[i]);
 }
 
 /* Set up to return from userspace; jump to fixed address sigreturn
@@ -180,19 +177,13 @@ void setup_rt_frame(int sig, struct target_sigaction *ka,
 env->regs[R_RA] = (unsigned long) (0x1044);
 
 /* Set up registers for signal handler */
-env->regs[R_SP] = (unsigned long) frame;
-env->regs[4] = (unsigned long) sig;
-env->regs[5] = (unsigned long) &frame->info;
-env->regs[6] = (unsigned long) &frame->uc;
-env->regs[R_EA] = (unsigned long) ka->_sa_handler;
-return;
-
-give_sigsegv:
-if (sig == TARGET_SIGSEGV) {
-ka->_sa_handler = TARGET_SIG_DFL;
-}
-force_sigsegv(sig);
-return;
+env->regs[R_SP] = frame_addr;
+env->regs[4] = sig;
+env->regs[5] = frame_addr + offsetof(struct target_rt_sigframe, info);
+env->regs[6] = frame_addr + offsetof(struct target_rt_sigframe, uc);
+env->regs[R_EA] = ka->_sa_handler;
+
+unlock_user_struct(frame, frame_addr, 1);
 }
 
 long do_sigreturn(CPUNios2State *env)
-- 
2.33.1

[PULL 27/27] linux-user: netlink: update IFLA_BRPORT entries

[Laurent Vivier]

add IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT and IFLA_BRPORT_MCAST_EHT_HOSTS_CNT

  # QEMU_LOG=unimp ip a
  Unknown QEMU_IFLA_BRPORT type 37
  Unknown QEMU_IFLA_BRPORT type 38

Signed-off-by: Laurent Vivier 
Reviewed-by: Richard Henderson 
Message-Id: <20211219154514.2165728-3-laur...@vivier.eu>
Signed-off-by: Laurent Vivier 
---
 linux-user/fd-trans.c | 4 
 1 file changed, 4 insertions(+)

diff --git a/linux-user/fd-trans.c b/linux-user/fd-trans.c
index 36e4a4c2aae8..a17d05c07923 100644
--- a/linux-user/fd-trans.c
+++ b/linux-user/fd-trans.c
@@ -182,6 +182,8 @@ enum {
 QEMU_IFLA_BRPORT_BACKUP_PORT,
 QEMU_IFLA_BRPORT_MRP_RING_OPEN,
 QEMU_IFLA_BRPORT_MRP_IN_OPEN,
+QEMU_IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT,
+QEMU_IFLA_BRPORT_MCAST_EHT_HOSTS_CNT,
 QEMU___IFLA_BRPORT_MAX
 };
 
@@ -607,6 +609,8 @@ static abi_long 
host_to_target_slave_data_bridge_nlattr(struct nlattr *nlattr,
 /* uin32_t */
 case QEMU_IFLA_BRPORT_COST:
 case QEMU_IFLA_BRPORT_BACKUP_PORT:
+case QEMU_IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT:
+case QEMU_IFLA_BRPORT_MCAST_EHT_HOSTS_CNT:
 u32 = NLA_DATA(nlattr);
 *u32 = tswap32(*u32);
 break;
-- 
2.33.1

Re: [PATCH] linux-user: Remove the deprecated ppc64abi32 target

[Laurent Vivier]

Le 20/12/2021 à 17:01, Laurent Vivier a écrit :

Le 15/12/2021 à 09:49, Thomas Huth a écrit :

It's likely broken, and nobody cared for picking it up again
during the deprecation phase, so let's remove this now.

Since this is the last entry in deprecated_targets_list, remove
the related code in the configure script, too.

Signed-off-by: Thomas Huth 
---
  .gitlab-ci.d/buildtest.yml    | 27 -
  configs/targets/ppc64abi32-linux-user.mak |  8 -
  configure | 29 +--
  docs/about/deprecated.rst |  7 -
  docs/about/removed-features.rst   |  8 +
  docs/user/main.rst    |  1 -
  linux-user/elfload.c  |  4 +--
  linux-user/ppc/signal.c   | 11 ++-
  linux-user/ppc/target_syscall.h   |  4 +--
  linux-user/syscall_defs.h |  6 ++--
  .../dockerfiles/debian-ppc64el-cross.docker   |  2 +-
  tests/tcg/configure.sh    |  2 +-
  12 files changed, 21 insertions(+), 88 deletions(-)
  delete mode 100644 configs/targets/ppc64abi32-linux-user.mak



Applied to my linux-user-for-7.0 branch.


I've removed the patch from my series as Alex has added it to his testing/next 
branch.
As it modifies the gitlab CI and the dockerfiles, I think it better fits in his 
branch.

Thanks,
Laurent

[PULL 24/27] linux-user/syscall.c: malloc to g_try_malloc

[Laurent Vivier]

From: Ahmed Abouzied 

Use g_try_malloc instead of malloc to alocate the target ifconfig.
Also replace the corresponding free with g_free.

Signed-off-by: Ahmed Abouzied 
Message-Id: <20220104143841.25116-1-em...@aabouzied.com>
Signed-off-by: Laurent Vivier 
---
 linux-user/syscall.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 3160d77154b5..ce9d64896cb8 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -4915,7 +4915,7 @@ static abi_long do_ioctl_ifconf(const IOCTLEntry *ie, 
uint8_t *buf_temp,
  * We can't fit all the extents into the fixed size buffer.
  * Allocate one that is large enough and use it instead.
  */
-host_ifconf = malloc(outbufsz);
+host_ifconf = g_try_malloc(outbufsz);
 if (!host_ifconf) {
 return -TARGET_ENOMEM;
 }
@@ -4963,7 +4963,7 @@ static abi_long do_ioctl_ifconf(const IOCTLEntry *ie, 
uint8_t *buf_temp,
 }
 
 if (free_buf) {
-free(host_ifconf);
+g_free(host_ifconf);
 }
 
 return ret;
-- 
2.33.1

[PULL 20/27] linux-user/nios2: Map a real kuser page

[Laurent Vivier]

From: Richard Henderson 

The first word of page1 is data, so the whole thing
can't be implemented with emulation of addresses.
Use init_guest_commpage for the allocation.

Hijack trap number 16 to implement cmpxchg.

Signed-off-by: Richard Henderson 
Reviewed-by: Laurent Vivier 
Message-Id: <20211221025012.1057923-5-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/elfload.c| 50 -
 linux-user/nios2/cpu_loop.c | 50 -
 target/nios2/translate.c|  9 ---
 3 files changed, 76 insertions(+), 33 deletions(-)

diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index d34cd4fe43fb..329b2375ef15 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -1099,6 +1099,47 @@ static void init_thread(struct target_pt_regs *regs, 
struct image_info *infop)
 regs->estatus = 0x3;
 }
 
+#define LO_COMMPAGE  TARGET_PAGE_SIZE
+
+static bool init_guest_commpage(void)
+{
+static const uint8_t kuser_page[4 + 2 * 64] = {
+/* __kuser_helper_version */
+[0x00] = 0x02, 0x00, 0x00, 0x00,
+
+/* __kuser_cmpxchg */
+[0x04] = 0x3a, 0x6c, 0x3b, 0x00,  /* trap 16 */
+ 0x3a, 0x28, 0x00, 0xf8,  /* ret */
+
+/* __kuser_sigtramp */
+[0x44] = 0xc4, 0x22, 0x80, 0x00,  /* movi r2, __NR_rt_sigreturn */
+ 0x3a, 0x68, 0x3b, 0x00,  /* trap 0 */
+};
+
+void *want = g2h_untagged(LO_COMMPAGE & -qemu_host_page_size);
+void *addr = mmap(want, qemu_host_page_size, PROT_READ | PROT_WRITE,
+  MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0);
+
+if (addr == MAP_FAILED) {
+perror("Allocating guest commpage");
+exit(EXIT_FAILURE);
+}
+if (addr != want) {
+return false;
+}
+
+memcpy(addr, kuser_page, sizeof(kuser_page));
+
+if (mprotect(addr, qemu_host_page_size, PROT_READ)) {
+perror("Protecting guest commpage");
+exit(EXIT_FAILURE);
+}
+
+page_set_flags(LO_COMMPAGE, LO_COMMPAGE + TARGET_PAGE_SIZE,
+   PAGE_READ | PAGE_EXEC | PAGE_VALID);
+return true;
+}
+
 #define ELF_EXEC_PAGESIZE4096
 
 #define USE_ELF_CORE_DUMP
@@ -2160,8 +2201,13 @@ static abi_ulong create_elf_tables(abi_ulong p, int 
argc, int envc,
 return sp;
 }
 
-#ifndef HI_COMMPAGE
+#if defined(HI_COMMPAGE)
+#define LO_COMMPAGE 0
+#elif defined(LO_COMMPAGE)
+#define HI_COMMPAGE 0
+#else
 #define HI_COMMPAGE 0
+#define LO_COMMPAGE 0
 #define init_guest_commpage() true
 #endif
 
@@ -2374,6 +2420,8 @@ static void pgb_static(const char *image_name, abi_ulong 
orig_loaddr,
 } else {
 offset = -(HI_COMMPAGE & -align);
 }
+} else if (LO_COMMPAGE) {
+loaddr = MIN(loaddr, LO_COMMPAGE & -align);
 }
 
 addr = pgb_find_hole(loaddr, hiaddr - loaddr, align, offset);
diff --git a/linux-user/nios2/cpu_loop.c b/linux-user/nios2/cpu_loop.c
index 5c3d01d22dd7..de0fc63e2196 100644
--- a/linux-user/nios2/cpu_loop.c
+++ b/linux-user/nios2/cpu_loop.c
@@ -76,6 +76,32 @@ void cpu_loop(CPUNios2State *env)
 force_sig_fault(TARGET_SIGILL, TARGET_ILL_ILLTRP,
 env->regs[R_PC]);
 break;
+
+case 16: /* QEMU specific, for __kuser_cmpxchg */
+{
+abi_ptr g = env->regs[4];
+uint32_t *h, n, o;
+
+if (g & 0x3) {
+force_sig_fault(TARGET_SIGBUS, TARGET_BUS_ADRALN, g);
+break;
+}
+ret = page_get_flags(g);
+if (!(ret & PAGE_VALID)) {
+force_sig_fault(TARGET_SIGSEGV, TARGET_SEGV_MAPERR, g);
+break;
+}
+if (!(ret & PAGE_READ) || !(ret & PAGE_WRITE)) {
+force_sig_fault(TARGET_SIGSEGV, TARGET_SEGV_ACCERR, g);
+break;
+}
+h = g2h(cs, g);
+o = env->regs[5];
+n = env->regs[6];
+env->regs[2] = qatomic_cmpxchg(h, o, n) - o;
+env->regs[R_PC] += 4;
+}
+break;
 }
 break;
 
@@ -86,29 +112,7 @@ void cpu_loop(CPUNios2State *env)
 queue_signal(env, info.si_signo, QEMU_SI_FAULT, &info);
 break;
 case 0xaa:
-switch (env->regs[R_PC]) {
-/*case 0x1000:*/  /* TODO:__kuser_helper_version */
-case 0x1004:  /* __kuser_cmpxchg */
-start_exclusive();
-if (env->regs[4] & 0x3) {
-goto kuser_fail;
-}
-ret = get_user_u32(env->regs[2], env->regs[4]);
-if (ret) {
-end_exclusive();
-goto kuser_fail;
-   

[PULL 21/27] linux-user/nios2: Fix EA vs PC confusion

[Laurent Vivier]

From: Richard Henderson 

The real kernel will talk about the user PC as EA,
because that's where the hardware will have copied it,
and where it expects to put it to then use ERET.
But qemu does not emulate all of the exception stuff
while emulating user-only.  Manipulate PC directly.

This fixes signal entry and return, and eliminates
some slight confusion from target_cpu_copy_regs.

Signed-off-by: Richard Henderson 
Reviewed-by: Laurent Vivier 
Message-Id: <20211221025012.1057923-6-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/nios2/cpu_loop.c | 5 +
 linux-user/nios2/signal.c   | 6 +++---
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/linux-user/nios2/cpu_loop.c b/linux-user/nios2/cpu_loop.c
index de0fc63e2196..1e93ef34e649 100644
--- a/linux-user/nios2/cpu_loop.c
+++ b/linux-user/nios2/cpu_loop.c
@@ -155,9 +155,6 @@ void target_cpu_copy_regs(CPUArchState *env, struct 
target_pt_regs *regs)
 env->regs[R_SP] = regs->sp;
 env->regs[R_GP] = regs->gp;
 env->regs[CR_ESTATUS] = regs->estatus;
-env->regs[R_EA] = regs->ea;
-/* TODO: unsigned long  orig_r7; */
-
-/* Emulate eret when starting thread. */
 env->regs[R_PC] = regs->ea;
+/* TODO: unsigned long  orig_r7; */
 }
diff --git a/linux-user/nios2/signal.c b/linux-user/nios2/signal.c
index adbffe32e3c8..20b65aa06e08 100644
--- a/linux-user/nios2/signal.c
+++ b/linux-user/nios2/signal.c
@@ -73,7 +73,7 @@ static void rt_setup_ucontext(struct target_ucontext *uc, 
CPUNios2State *env)
 __put_user(env->regs[R_RA], &gregs[23]);
 __put_user(env->regs[R_FP], &gregs[24]);
 __put_user(env->regs[R_GP], &gregs[25]);
-__put_user(env->regs[R_EA], &gregs[27]);
+__put_user(env->regs[R_PC], &gregs[27]);
 __put_user(env->regs[R_SP], &gregs[28]);
 }
 
@@ -122,7 +122,7 @@ static int rt_restore_ucontext(CPUNios2State *env, struct 
target_ucontext *uc,
 __get_user(env->regs[R_GP], &gregs[25]);
 /* Not really necessary no user settable bits */
 __get_user(temp, &gregs[26]);
-__get_user(env->regs[R_EA], &gregs[27]);
+__get_user(env->regs[R_PC], &gregs[27]);
 
 __get_user(env->regs[R_RA], &gregs[23]);
 __get_user(env->regs[R_SP], &gregs[28]);
@@ -181,7 +181,7 @@ void setup_rt_frame(int sig, struct target_sigaction *ka,
 env->regs[4] = sig;
 env->regs[5] = frame_addr + offsetof(struct target_rt_sigframe, info);
 env->regs[6] = frame_addr + offsetof(struct target_rt_sigframe, uc);
-env->regs[R_EA] = ka->_sa_handler;
+env->regs[R_PC] = ka->_sa_handler;
 
 unlock_user_struct(frame, frame_addr, 1);
 }
-- 
2.33.1

[PULL 19/27] linux-user/elfload: Rename ARM_COMMPAGE to HI_COMMPAGE

[Laurent Vivier]

From: Richard Henderson 

Arm will no longer be the only target requiring a commpage,
but it will continue to be the only target placing the page
at the high end of the address space.

Reviewed-by: Laurent Vivier 
Signed-off-by: Richard Henderson 
Message-Id: <20211221025012.1057923-4-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/elfload.c | 18 +-
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 767f54c76dc5..d34cd4fe43fb 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -390,11 +390,11 @@ enum {
 
 /* The commpage only exists for 32 bit kernels */
 
-#define ARM_COMMPAGE (intptr_t)0x0f00u
+#define HI_COMMPAGE (intptr_t)0x0f00u
 
 static bool init_guest_commpage(void)
 {
-void *want = g2h_untagged(ARM_COMMPAGE & -qemu_host_page_size);
+void *want = g2h_untagged(HI_COMMPAGE & -qemu_host_page_size);
 void *addr = mmap(want, qemu_host_page_size, PROT_READ | PROT_WRITE,
   MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0);
 
@@ -2160,8 +2160,8 @@ static abi_ulong create_elf_tables(abi_ulong p, int argc, 
int envc,
 return sp;
 }
 
-#ifndef ARM_COMMPAGE
-#define ARM_COMMPAGE 0
+#ifndef HI_COMMPAGE
+#define HI_COMMPAGE 0
 #define init_guest_commpage() true
 #endif
 
@@ -2361,7 +2361,7 @@ static void pgb_static(const char *image_name, abi_ulong 
orig_loaddr,
 }
 
 loaddr &= -align;
-if (ARM_COMMPAGE) {
+if (HI_COMMPAGE) {
 /*
  * Extend the allocation to include the commpage.
  * For a 64-bit host, this is just 4GiB; for a 32-bit host we
@@ -2372,14 +2372,14 @@ static void pgb_static(const char *image_name, 
abi_ulong orig_loaddr,
 if (sizeof(uintptr_t) == 8 || loaddr >= 0x8000u) {
 hiaddr = (uintptr_t) 4 << 30;
 } else {
-offset = -(ARM_COMMPAGE & -align);
+offset = -(HI_COMMPAGE & -align);
 }
 }
 
 addr = pgb_find_hole(loaddr, hiaddr - loaddr, align, offset);
 if (addr == -1) {
 /*
- * If ARM_COMMPAGE, there *might* be a non-consecutive allocation
+ * If HI_COMMPAGE, there *might* be a non-consecutive allocation
  * that can satisfy both.  But as the normal arm32 link base address
  * is ~32k, and we extend down to include the commpage, making the
  * overhead only ~96k, this is unlikely.
@@ -2400,7 +2400,7 @@ static void pgb_dynamic(const char *image_name, long 
align)
  * All we need is a commpage that satisfies align.
  * If we do not need a commpage, leave guest_base == 0.
  */
-if (ARM_COMMPAGE) {
+if (HI_COMMPAGE) {
 uintptr_t addr, commpage;
 
 /* 64-bit hosts should have used reserved_va. */
@@ -2410,7 +2410,7 @@ static void pgb_dynamic(const char *image_name, long 
align)
  * By putting the commpage at the first hole, that puts guest_base
  * just above that, and maximises the positive guest addresses.
  */
-commpage = ARM_COMMPAGE & -align;
+commpage = HI_COMMPAGE & -align;
 addr = pgb_find_hole(commpage, -commpage, align, 0);
 assert(addr != -1);
 guest_base = addr;
-- 
2.33.1

[PULL 26/27] linux-user: netlink: Add IFLA_VFINFO_LIST

[Laurent Vivier]

# QEMU_LOG=unimp ip a
  Unknown host QEMU_IFLA type: 22

Signed-off-by: Laurent Vivier 
Reviewed-by: Richard Henderson 
Message-Id: <20211219154514.2165728-2-laur...@vivier.eu>
Signed-off-by: Laurent Vivier 
---
 linux-user/fd-trans.c | 174 ++
 1 file changed, 174 insertions(+)

diff --git a/linux-user/fd-trans.c b/linux-user/fd-trans.c
index 14c19a90b2b0..36e4a4c2aae8 100644
--- a/linux-user/fd-trans.c
+++ b/linux-user/fd-trans.c
@@ -271,6 +271,37 @@ enum {
 QEMU___RTA_MAX
 };
 
+enum {
+QEMU_IFLA_VF_STATS_RX_PACKETS,
+QEMU_IFLA_VF_STATS_TX_PACKETS,
+QEMU_IFLA_VF_STATS_RX_BYTES,
+QEMU_IFLA_VF_STATS_TX_BYTES,
+QEMU_IFLA_VF_STATS_BROADCAST,
+QEMU_IFLA_VF_STATS_MULTICAST,
+QEMU_IFLA_VF_STATS_PAD,
+QEMU_IFLA_VF_STATS_RX_DROPPED,
+QEMU_IFLA_VF_STATS_TX_DROPPED,
+QEMU__IFLA_VF_STATS_MAX,
+};
+
+enum {
+QEMU_IFLA_VF_UNSPEC,
+QEMU_IFLA_VF_MAC,
+QEMU_IFLA_VF_VLAN,
+QEMU_IFLA_VF_TX_RATE,
+QEMU_IFLA_VF_SPOOFCHK,
+QEMU_IFLA_VF_LINK_STATE,
+QEMU_IFLA_VF_RATE,
+QEMU_IFLA_VF_RSS_QUERY_EN,
+QEMU_IFLA_VF_STATS,
+QEMU_IFLA_VF_TRUST,
+QEMU_IFLA_VF_IB_NODE_GUID,
+QEMU_IFLA_VF_IB_PORT_GUID,
+QEMU_IFLA_VF_VLAN_LIST,
+QEMU_IFLA_VF_BROADCAST,
+QEMU__IFLA_VF_MAX,
+};
+
 TargetFdTrans **target_fd_trans;
 QemuMutex target_fd_trans_lock;
 unsigned int target_fd_max;
@@ -808,6 +839,145 @@ static abi_long host_to_target_data_xdp_nlattr(struct 
nlattr *nlattr,
 return 0;
 }
 
+static abi_long host_to_target_data_vlan_list_nlattr(struct nlattr *nlattr,
+ void *context)
+{
+struct ifla_vf_vlan_info *vlan_info;
+
+switch (nlattr->nla_type) {
+/* struct ifla_vf_vlan_info */
+case IFLA_VF_VLAN_INFO:
+vlan_info = NLA_DATA(nlattr);
+vlan_info->vf = tswap32(vlan_info->vf);
+vlan_info->vlan = tswap32(vlan_info->vlan);
+vlan_info->qos = tswap32(vlan_info->qos);
+break;
+default:
+qemu_log_mask(LOG_UNIMP, "Unknown host VLAN LIST type: %d\n",
+  nlattr->nla_type);
+break;
+}
+return 0;
+}
+
+static abi_long host_to_target_data_vf_stats_nlattr(struct nlattr *nlattr,
+void *context)
+{
+uint64_t *u64;
+
+switch (nlattr->nla_type) {
+/* uint64_t */
+case QEMU_IFLA_VF_STATS_RX_PACKETS:
+case QEMU_IFLA_VF_STATS_TX_PACKETS:
+case QEMU_IFLA_VF_STATS_RX_BYTES:
+case QEMU_IFLA_VF_STATS_TX_BYTES:
+case QEMU_IFLA_VF_STATS_BROADCAST:
+case QEMU_IFLA_VF_STATS_MULTICAST:
+case QEMU_IFLA_VF_STATS_PAD:
+case QEMU_IFLA_VF_STATS_RX_DROPPED:
+case QEMU_IFLA_VF_STATS_TX_DROPPED:
+u64 = NLA_DATA(nlattr);
+*u64 = tswap64(*u64);
+break;
+default:
+qemu_log_mask(LOG_UNIMP, "Unknown host VF STATS type: %d\n",
+  nlattr->nla_type);
+break;
+}
+return 0;
+}
+
+static abi_long host_to_target_data_vfinfo_nlattr(struct nlattr *nlattr,
+  void *context)
+{
+struct ifla_vf_mac *mac;
+struct ifla_vf_vlan *vlan;
+struct ifla_vf_vlan_info *vlan_info;
+struct ifla_vf_spoofchk *spoofchk;
+struct ifla_vf_rate *rate;
+struct ifla_vf_link_state *link_state;
+struct ifla_vf_rss_query_en *rss_query_en;
+struct ifla_vf_trust *trust;
+struct ifla_vf_guid *guid;
+
+switch (nlattr->nla_type) {
+/* struct ifla_vf_mac */
+case QEMU_IFLA_VF_MAC:
+mac = NLA_DATA(nlattr);
+mac->vf = tswap32(mac->vf);
+break;
+/* struct ifla_vf_broadcast */
+case QEMU_IFLA_VF_BROADCAST:
+break;
+/* struct struct ifla_vf_vlan */
+case QEMU_IFLA_VF_VLAN:
+vlan = NLA_DATA(nlattr);
+vlan->vf = tswap32(vlan->vf);
+vlan->vlan = tswap32(vlan->vlan);
+vlan->qos = tswap32(vlan->qos);
+break;
+/* struct ifla_vf_vlan_info */
+case QEMU_IFLA_VF_TX_RATE:
+vlan_info = NLA_DATA(nlattr);
+vlan_info->vf = tswap32(vlan_info->vf);
+vlan_info->vlan = tswap32(vlan_info->vlan);
+vlan_info->qos = tswap32(vlan_info->qos);
+break;
+/* struct ifla_vf_spoofchk */
+case QEMU_IFLA_VF_SPOOFCHK:
+spoofchk = NLA_DATA(nlattr);
+spoofchk->vf = tswap32(spoofchk->vf);
+spoofchk->setting = tswap32(spoofchk->setting);
+break;
+/* struct ifla_vf_rate */
+case QEMU_IFLA_VF_RATE:
+rate = NLA_DATA(nlattr);
+rate->vf = tswap32(rate->vf);
+rate->min_tx_rate = tswap32(rate->min_tx_rate);
+rate->max_tx_rate = tswap32(rate->max_tx_rate);
+break;
+/* struct ifla_vf_link_state */
+case QEMU_IFLA_VF_LINK_STATE:
+link_state = NLA_DATA(nlattr);
+link_state->vf = tswap32(link_state->vf);
+link_state->link_state = tswap32(link_state->link_state);
+

Re: [PATCH v11 06/10] ACPI ERST: build the ACPI ERST table

[Michael S. Tsirkin]

On Wed, Dec 15, 2021 at 10:38:11AM -0500, Eric DeVolder wrote:
> This builds the ACPI ERST table to inform OSPM how to communicate
> with the acpi-erst device.
> 
> Signed-off-by: Eric DeVolder 
> ---
>  hw/acpi/erst.c | 188 
> +
>  1 file changed, 188 insertions(+)
> 
> diff --git a/hw/acpi/erst.c b/hw/acpi/erst.c
> index bb6cad4..05177b3 100644
> --- a/hw/acpi/erst.c
> +++ b/hw/acpi/erst.c
> @@ -59,6 +59,27 @@
>  #define STATUS_RECORD_STORE_EMPTY 0x04
>  #define STATUS_RECORD_NOT_FOUND   0x05
>  
> +/* ACPI 4.0: Table 17-19 Serialization Instructions */
> +#define INST_READ_REGISTER 0x00
> +#define INST_READ_REGISTER_VALUE   0x01
> +#define INST_WRITE_REGISTER0x02
> +#define INST_WRITE_REGISTER_VALUE  0x03
> +#define INST_NOOP  0x04
> +#define INST_LOAD_VAR1 0x05
> +#define INST_LOAD_VAR2 0x06
> +#define INST_STORE_VAR10x07
> +#define INST_ADD   0x08
> +#define INST_SUBTRACT  0x09
> +#define INST_ADD_VALUE 0x0A
> +#define INST_SUBTRACT_VALUE0x0B
> +#define INST_STALL 0x0C
> +#define INST_STALL_WHILE_TRUE  0x0D
> +#define INST_SKIP_NEXT_INSTRUCTION_IF_TRUE 0x0E
> +#define INST_GOTO  0x0F
> +#define INST_SET_SRC_ADDRESS_BASE  0x10
> +#define INST_SET_DST_ADDRESS_BASE  0x11
> +#define INST_MOVE_DATA 0x12
> +
>  /* UEFI 2.1: Appendix N Common Platform Error Record */
>  #define UEFI_CPER_RECORD_MIN_SIZE 128U
>  #define UEFI_CPER_RECORD_LENGTH_OFFSET 20U
> @@ -172,6 +193,173 @@ typedef struct {
>  
>  /***/
>  /***/
> +
> +/* ACPI 4.0: 17.4.1.2 Serialization Instruction Entries */
> +static void build_serialization_instruction_entry(GArray *table_data,
> +uint8_t serialization_action,
> +uint8_t instruction,
> +uint8_t flags,
> +uint8_t register_bit_width,
> +uint64_t register_address,
> +uint64_t value)
> +{
> +/* ACPI 4.0: Table 17-18 Serialization Instruction Entry */
> +struct AcpiGenericAddress gas;
> +uint64_t mask;
> +
> +/* Serialization Action */
> +build_append_int_noprefix(table_data, serialization_action, 1);
> +/* Instruction */
> +build_append_int_noprefix(table_data, instruction , 1);
> +/* Flags */
> +build_append_int_noprefix(table_data, flags   , 1);
> +/* Reserved */
> +build_append_int_noprefix(table_data, 0   , 1);
> +/* Register Region */
> +gas.space_id = AML_SYSTEM_MEMORY;
> +gas.bit_width = register_bit_width;
> +gas.bit_offset = 0;
> +gas.access_width = ctz32(register_bit_width) - 2;
> +gas.address = register_address;
> +build_append_gas_from_struct(table_data, &gas);
> +/* Value */
> +build_append_int_noprefix(table_data, value  , 8);
> +/* Mask */
> +mask = (1ULL << (register_bit_width - 1) << 1) - 1;
> +build_append_int_noprefix(table_data, mask  , 8);
> +}
> +
> +/* ACPI 4.0: 17.4.1 Serialization Action Table */
> +void build_erst(GArray *table_data, BIOSLinker *linker, Object *erst_dev,
> +const char *oem_id, const char *oem_table_id)
> +{
> +GArray *table_instruction_data;
> +unsigned action;
> +pcibus_t bar0 = pci_get_bar_addr(PCI_DEVICE(erst_dev), 0);
> +AcpiTable table = { .sig = "ERST", .rev = 1, .oem_id = oem_id,
> +.oem_table_id = oem_table_id };
> +
> +trace_acpi_erst_pci_bar_0(bar0);
> +
> +/*
> + * Serialization Action Table
> + * The serialization action table must be generated first
> + * so that its size can be known in order to populate the
> + * Instruction Entry Count field.
> + */
> +table_instruction_data = g_array_new(FALSE, FALSE, sizeof(char));
> +
> +/*
> + * Macros for use with construction of the action instructions
> + */
> +#define build_read_register(action, width_in_bits, reg) \
> +build_serialization_instruction_entry(table_instruction_data, \
> +action, INST_READ_REGISTER, 0, width_in_bits, \
> +bar0 + reg, 0)
> +
> +#define build_read_register_value(action, width_in_bits, reg, value) \
> +build_serialization_instruction_entry(table_instruction_data, \
> +action, INST_READ_REGISTER_VALUE, 0, width_in_bits, \
> +bar0 + reg, value)
> +
> +#define build_write_register(action, width_in_bits, reg, value) \
> +build_serialization_instruction_entry(table_instruction_data, \
> +action, INST_WRITE_REGISTER, 0, width_in_bits, \
> +bar0 + reg, value)
> +
> +#define build_write_register_value(action, width_in_bits, reg, value) \
> +build_serialization_instruction_entry(tab

[PULL 07/27] linux-user: Split out do_prctl and subroutines

[Laurent Vivier]

From: Richard Henderson 

Since the prctl constants are supposed to be generic, supply
any that are not provided by the host.

Split out subroutines for PR_GET_FP_MODE, PR_SET_FP_MODE,
PR_GET_VL, PR_SET_VL, PR_RESET_KEYS, PR_SET_TAGGED_ADDR_CTRL,
PR_GET_TAGGED_ADDR_CTRL.  Return EINVAL for guests that do
not support these options rather than pass them on to the host.

Reviewed-by: Laurent Vivier 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Richard Henderson 
Message-Id: <20211227150127.2659293-2-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier 
---
 linux-user/aarch64/target_prctl.h| 160 ++
 linux-user/aarch64/target_syscall.h  |  23 --
 linux-user/alpha/target_prctl.h  |   1 +
 linux-user/arm/target_prctl.h|   1 +
 linux-user/cris/target_prctl.h   |   1 +
 linux-user/hexagon/target_prctl.h|   1 +
 linux-user/hppa/target_prctl.h   |   1 +
 linux-user/i386/target_prctl.h   |   1 +
 linux-user/m68k/target_prctl.h   |   1 +
 linux-user/microblaze/target_prctl.h |   1 +
 linux-user/mips/target_prctl.h   |  88 ++
 linux-user/mips/target_syscall.h |   6 -
 linux-user/mips64/target_prctl.h |   1 +
 linux-user/mips64/target_syscall.h   |   6 -
 linux-user/nios2/target_prctl.h  |   1 +
 linux-user/openrisc/target_prctl.h   |   1 +
 linux-user/ppc/target_prctl.h|   1 +
 linux-user/riscv/target_prctl.h  |   1 +
 linux-user/s390x/target_prctl.h  |   1 +
 linux-user/sh4/target_prctl.h|   1 +
 linux-user/sparc/target_prctl.h  |   1 +
 linux-user/syscall.c | 433 +--
 linux-user/x86_64/target_prctl.h |   1 +
 linux-user/xtensa/target_prctl.h |   1 +
 24 files changed, 414 insertions(+), 320 deletions(-)
 create mode 100644 linux-user/aarch64/target_prctl.h
 create mode 100644 linux-user/alpha/target_prctl.h
 create mode 100644 linux-user/arm/target_prctl.h
 create mode 100644 linux-user/cris/target_prctl.h
 create mode 100644 linux-user/hexagon/target_prctl.h
 create mode 100644 linux-user/hppa/target_prctl.h
 create mode 100644 linux-user/i386/target_prctl.h
 create mode 100644 linux-user/m68k/target_prctl.h
 create mode 100644 linux-user/microblaze/target_prctl.h
 create mode 100644 linux-user/mips/target_prctl.h
 create mode 100644 linux-user/mips64/target_prctl.h
 create mode 100644 linux-user/nios2/target_prctl.h
 create mode 100644 linux-user/openrisc/target_prctl.h
 create mode 100644 linux-user/ppc/target_prctl.h
 create mode 100644 linux-user/riscv/target_prctl.h
 create mode 100644 linux-user/s390x/target_prctl.h
 create mode 100644 linux-user/sh4/target_prctl.h
 create mode 100644 linux-user/sparc/target_prctl.h
 create mode 100644 linux-user/x86_64/target_prctl.h
 create mode 100644 linux-user/xtensa/target_prctl.h

diff --git a/linux-user/aarch64/target_prctl.h 
b/linux-user/aarch64/target_prctl.h
new file mode 100644
index ..3f5a5d3933a0
--- /dev/null
+++ b/linux-user/aarch64/target_prctl.h
@@ -0,0 +1,160 @@
+/*
+ * AArch64 specific prctl functions for linux-user
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+#ifndef AARCH64_TARGET_PRCTL_H
+#define AARCH64_TARGET_PRCTL_H
+
+static abi_long do_prctl_get_vl(CPUArchState *env)
+{
+ARMCPU *cpu = env_archcpu(env);
+if (cpu_isar_feature(aa64_sve, cpu)) {
+return ((cpu->env.vfp.zcr_el[1] & 0xf) + 1) * 16;
+}
+return -TARGET_EINVAL;
+}
+#define do_prctl_get_vl do_prctl_get_vl
+
+static abi_long do_prctl_set_vl(CPUArchState *env, abi_long arg2)
+{
+/*
+ * We cannot support either PR_SVE_SET_VL_ONEXEC or PR_SVE_VL_INHERIT.
+ * Note the kernel definition of sve_vl_valid allows for VQ=512,
+ * i.e. VL=8192, even though the current architectural maximum is VQ=16.
+ */
+if (cpu_isar_feature(aa64_sve, env_archcpu(env))
+&& arg2 >= 0 && arg2 <= 512 * 16 && !(arg2 & 15)) {
+ARMCPU *cpu = env_archcpu(env);
+uint32_t vq, old_vq;
+
+old_vq = (env->vfp.zcr_el[1] & 0xf) + 1;
+vq = MAX(arg2 / 16, 1);
+vq = MIN(vq, cpu->sve_max_vq);
+
+if (vq < old_vq) {
+aarch64_sve_narrow_vq(env, vq);
+}
+env->vfp.zcr_el[1] = vq - 1;
+arm_rebuild_hflags(env);
+return vq * 16;
+}
+return -TARGET_EINVAL;
+}
+#define do_prctl_set_vl do_prctl_set_vl
+
+static abi_long do_prctl_reset_keys(CPUArchState *env, abi_long arg2)
+{
+ARMCPU *cpu = env_archcpu(env);
+
+if (cpu_isar_feature(aa64_pauth, cpu)) {
+int all = (PR_PAC_APIAKEY | PR_PAC_APIBKEY |
+   PR_PAC_APDAKEY | PR_PAC_APDBKEY | PR_PAC_APGAKEY);
+int ret = 0;
+Error *err = NULL;
+
+if (arg2 == 0) {
+arg2 = all;
+} else if (arg2 & ~all) {
+return -TARGET_EINVAL;
+}
+if (arg2 & PR_PAC_APIAKEY) {
+ret |= qemu_guest_getrandom(&env->keys.apia,
+sizeof(ARMPACKey), &err);

Re: [PATCH 0/6] linux-user: prctl improvements

[Laurent Vivier]

Le 20/12/2021 à 22:41, Richard Henderson a écrit :

This is split out from a larger patch set for unaligned accesses.
The changes in target/ have no effect without the changes in tcg/,
but this allows the syscall to be handled separately.


r~


Hi Richard,

while I was testing the series for the pull request I found some regressions on commands that were 
passing on before and are not now.


Could you send a follow up patch to add at least PR_CAPBSET_DROP and PR_SET_PDEATHSIG to make the 
LTP testsuite (20200930) happy again (capset02, prctl01, prctl02, prctl03)?


Thanks,
Laurent

Re: [RFC v2 1/2] hw/pci-host/gpex: Allow to generate preserve boot config DSM #5

[Eric Auger]

Hi CHenxiangn

On 12/29/21 8:13 AM, chenxiang (M) via wrote:
> Hi Eric,
>
>
> 在 2021/10/5 16:53, Eric Auger 写道:
>> Add a 'preserve_config' field in struct GPEXConfig and
>> if set generate the DSM #5 for preserving PCI boot configurations.
>> The DSM presence is needed to expose RMRs.
>>
>> At the moment the DSM generation is not yet enabled.
>>
>> Signed-off-by: Eric Auger 
>> ---
>>   include/hw/pci-host/gpex.h |  1 +
>>   hw/pci-host/gpex-acpi.c    | 12 
>>   2 files changed, 13 insertions(+)
>>
>> diff --git a/include/hw/pci-host/gpex.h b/include/hw/pci-host/gpex.h
>> index fcf8b63820..3f8f8ec38d 100644
>> --- a/include/hw/pci-host/gpex.h
>> +++ b/include/hw/pci-host/gpex.h
>> @@ -64,6 +64,7 @@ struct GPEXConfig {
>>   MemMapEntry pio;
>>   int irq;
>>   PCIBus  *bus;
>> +    bool    preserve_config;
>>   };
>>     int gpex_set_irq_num(GPEXHost *s, int index, int gsi);
>> diff --git a/hw/pci-host/gpex-acpi.c b/hw/pci-host/gpex-acpi.c
>> index e7e162a00a..7dab259379 100644
>> --- a/hw/pci-host/gpex-acpi.c
>> +++ b/hw/pci-host/gpex-acpi.c
>> @@ -164,6 +164,12 @@ void acpi_dsdt_add_gpex(Aml *scope, struct
>> GPEXConfig *cfg)
>>   aml_append(dev, aml_name_decl("_PXM",
>> aml_int(numa_node)));
>>   }
>>   +    if (cfg->preserve_config) {
>> +    method = aml_method("_DSM", 5, AML_SERIALIZED);
>
> I notice there is a ACPI BIOS Error when booting virtual machine which
> seems be caused by this patch as I add this patchset in my branch to
> test the function of vsmmu.
> It seems that it requires only 4 parameter for method _DSM, but use 5
> parameters here.
> The error log is as following:

Thank you for the heads up. Yes the problem was reported by Igor too in
https://www.mail-archive.com/qemu-devel@nongnu.org/msg842972.html.

At the moment the RMRR ACPI situation has not progressed on spec side or
kernel if I have not missed anything but sure I will take this into
account in my next respin.

Thanks!

Eric
>
> [    2.355459] ACPI BIOS Error (bug): Failure creating named object
> [\_SB.PCI0._DSM], AE_ALREADY_EXISTS (20210930/dswload2-327)
> [    2.355467] ACPI Error: AE_ALREADY_EXISTS, During name
> lookup/catalog (20210930/psobject-221)
> [    2.355470] ACPI: Skipping parse of AML opcode: OpcodeName
> unavailable (0x0014)
> [    2.355657] ACPI: 1 ACPI AML tables successfully acquired and loaded
> [    2.356321] ACPI: Interpreter enabled
> [    2.356323] ACPI: Using GIC for interrupt routing
> [    2.356333] ACPI: MCFG table detected, 1 entries
> [    2.361359] ARMH0011:00: ttyAMA0 at MMIO 0x900 (irq = 16,
> base_baud = 0) is a SBSA
> [    2.619805] printk: console [ttyAMA0] enabled
> [    2.622114] ACPI: PCI Root Bridge [PCI0] (domain  [bus 00-ff])
> [    2.622788] acpi PNP0A08:00: _OSC: OS supports [ExtendedConfig ASPM
> ClockPM Segments MSI HPX-Type3]
> [    2.623776] acpi PNP0A08:00: _OSC: platform does not support [LTR]
> [    2.624600] acpi PNP0A08:00: _OSC: OS now controls [PCIeHotplug PME
> AER PCIeCapability]
> [    2.625721] acpi PNP0A08:00: ECAM area [mem
> 0x401000-0x401fff] reserved by PNP0C02:00
> [    2.626645] acpi PNP0A08:00: ECAM at [mem
> 0x401000-0x401fff] for [bus 00-ff]
> [    2.627450] ACPI: Remapped I/O 0x3eff to [io
> 0x-0x window]
> [    2.628229] ACPI BIOS Error (bug): \_SB.PCI0._DSM: Excess arguments
> - ASL declared 5, ACPI requires 4 (20210930/nsarguments-166)
> [    2.629576] PCI host bridge to bus :00
> [    2.630008] pci_bus :00: root bus resource [mem
> 0x1000-0x3efe window]
> [    2.630747] pci_bus :00: root bus resource [io  0x-0x
> window]
> [    2.631405] pci_bus :00: root bus resource [mem
> 0x80-0xff window]
> [    2.632177] pci_bus :00: root bus resource [bus 00-ff]
> [    2.632731] ACPI BIOS Error (bug): \_SB.PCI0._DSM: Excess arguments
> - ASL declared 5, ACPI requires 4 (20210930/nsarguments-166)
>
>
>> +    aml_append(method, aml_return(aml_int(0)));
>> +    aml_append(dev, method);
>> +    }
>> +
>>   acpi_dsdt_add_pci_route_table(dev, cfg->irq);
>>     /*
>> @@ -191,6 +197,12 @@ void acpi_dsdt_add_gpex(Aml *scope, struct
>> GPEXConfig *cfg)
>>   aml_append(dev, aml_name_decl("_STR", aml_unicode("PCIe 0
>> Device")));
>>   aml_append(dev, aml_name_decl("_CCA", aml_int(1)));
>>   +    if (cfg->preserve_config) {
>> +    method = aml_method("_DSM", 5, AML_SERIALIZED);
>> +    aml_append(method, aml_return(aml_int(0)));
>> +    aml_append(dev, method);
>> +    }
>> +
>>   acpi_dsdt_add_pci_route_table(dev, cfg->irq);
>>     method = aml_method("_CBA", 0, AML_NOTSERIALIZED);
>
>

Re: [PATCH v2 0/9] hw/dma: Use dma_addr_t type definition when relevant

[Michael S. Tsirkin]

On Tue, Jan 04, 2022 at 09:54:22AM +0100, Philippe Mathieu-Daudé wrote:
> Since v1:
> - Addressed David review comment (stick to dma_addr_t type)
> - Addressed Peter review comment (incorrect doc string)


PCI things:

Reviewed-by: Michael S. Tsirkin 

who's merging all this? Yourself?

> Hi,
> 
> This series aims to clarify a bit the DMA API, in particular the
> 'size' argument which is not clear enough (as we use multiple types
> for it). This helps avoiding build failures on 32-bit host [*] (and
> likely overflows calculation too IMO).
> 
> Some units using the DMA API are first removed from user-mode
> emulation to avoid build failure (they shouldn't be there in
> the first place).
> 
> Then some variables are renamed for clarity (no functional change).
> 
> Finally we replace misuses with dma_addr_t typedef. The previous
> patch which failed on 32-bit host applied on top (not failing anymore).
> 
> Regards,
> 
> Phil.
> 
> [*] https://www.mail-archive.com/qemu-devel@nongnu.org/msg858825.html
> 
> Supersedes: <20211231114901.976937-1-phi...@redhat.com>
> 
> Philippe Mathieu-Daudé (9):
>   hw/nvram: Restrict stub to sysemu and tools
>   hw/pci: Restrict pci-bus stub to sysemu
>   hw/pci: Document pci_dma_map()
>   hw/dma: Remove CONFIG_USER_ONLY check
>   hw/rdma/rdma_utils: Rename rdma_pci_dma_map 'len' argument
>   hw/scsi: Rename SCSIRequest::resid as 'residual'
>   hw/dma: Fix format string issues using dma_addr_t
>   hw/dma: Use dma_addr_t type definition when relevant
>   hw/dma: Let dma_buf_read() / dma_buf_write() propagate MemTxResult
> 
>  hw/rdma/rdma_utils.h   |  2 +-
>  include/hw/pci/pci.h   | 12 ++
>  include/hw/scsi/scsi.h |  4 +-
>  include/sysemu/dma.h   | 31 ---
>  hw/ide/ahci.c  | 10 ++---
>  hw/nvme/ctrl.c |  6 +--
>  hw/rdma/rdma_utils.c   | 14 +++
>  hw/scsi/megasas.c  | 85 +-
>  hw/scsi/scsi-bus.c | 12 +++---
>  hw/scsi/scsi-disk.c|  4 +-
>  softmmu/dma-helpers.c  | 34 +++--
>  hw/nvram/meson.build   |  6 ++-
>  hw/rdma/trace-events   |  2 +-
>  stubs/meson.build  |  4 +-
>  14 files changed, 134 insertions(+), 92 deletions(-)
> 
> -- 
> 2.33.1
> 

Re: Trying to understand QOM object creation and property linking

[Peter Maydell]

On Wed, 5 Jan 2022 at 21:05, Alex Bennée  wrote:
> Can't be added as a subregion to the container...
>
>   qemu-system-arm: ../../softmmu/memory.c:2538: 
> memory_region_add_subregion_common: Assertion `!subregion->container' failed.

This assert means you tried to add the same MemoryRegion
as a subregion of more than one parent MR.

You can either:
 * pass all the CPUs the same container as their "memory" link,
   if they all see the same view of the world
 * if they have different views of the world, you need to
   create a container for each CPU to be the "memory" link,
   and to populate that container you need to create N-1 alias MRs
   of the board_memory MR (CPU 0's container can use the original
   board_memory MR; CPU 1, ... use the aliases).

Example of option 1: virt board
Example of option 2: hw/arm/armsse.c (look at what it does with
the s->cpu_container[] and s->container_alias[] arrays)

-- PMM

Re: [RFC v2 1/2] hw/pci-host/gpex: Allow to generate preserve boot config DSM #5

[chenxiang (M)]

在 2022/1/6 19:00, Eric Auger 写道:

Hi CHenxiangn

On 12/29/21 8:13 AM, chenxiang (M) via wrote:

Hi Eric,


在 2021/10/5 16:53, Eric Auger 写道:

Add a 'preserve_config' field in struct GPEXConfig and
if set generate the DSM #5 for preserving PCI boot configurations.
The DSM presence is needed to expose RMRs.

At the moment the DSM generation is not yet enabled.

Signed-off-by: Eric Auger 
---
   include/hw/pci-host/gpex.h |  1 +
   hw/pci-host/gpex-acpi.c| 12 
   2 files changed, 13 insertions(+)

diff --git a/include/hw/pci-host/gpex.h b/include/hw/pci-host/gpex.h
index fcf8b63820..3f8f8ec38d 100644
--- a/include/hw/pci-host/gpex.h
+++ b/include/hw/pci-host/gpex.h
@@ -64,6 +64,7 @@ struct GPEXConfig {
   MemMapEntry pio;
   int irq;
   PCIBus  *bus;
+boolpreserve_config;
   };
 int gpex_set_irq_num(GPEXHost *s, int index, int gsi);
diff --git a/hw/pci-host/gpex-acpi.c b/hw/pci-host/gpex-acpi.c
index e7e162a00a..7dab259379 100644
--- a/hw/pci-host/gpex-acpi.c
+++ b/hw/pci-host/gpex-acpi.c
@@ -164,6 +164,12 @@ void acpi_dsdt_add_gpex(Aml *scope, struct
GPEXConfig *cfg)
   aml_append(dev, aml_name_decl("_PXM",
aml_int(numa_node)));
   }
   +if (cfg->preserve_config) {
+method = aml_method("_DSM", 5, AML_SERIALIZED);

I notice there is a ACPI BIOS Error when booting virtual machine which
seems be caused by this patch as I add this patchset in my branch to
test the function of vsmmu.
It seems that it requires only 4 parameter for method _DSM, but use 5
parameters here.
The error log is as following:

Thank you for the heads up. Yes the problem was reported by Igor too in
https://www.mail-archive.com/qemu-devel@nongnu.org/msg842972.html.

At the moment the RMRR ACPI situation has not progressed on spec side or
kernel if I have not missed anything but sure I will take this into
account in my next respin.


Ok, thanks.



Thanks!

Eric

[2.355459] ACPI BIOS Error (bug): Failure creating named object
[\_SB.PCI0._DSM], AE_ALREADY_EXISTS (20210930/dswload2-327)
[2.355467] ACPI Error: AE_ALREADY_EXISTS, During name
lookup/catalog (20210930/psobject-221)
[2.355470] ACPI: Skipping parse of AML opcode: OpcodeName
unavailable (0x0014)
[2.355657] ACPI: 1 ACPI AML tables successfully acquired and loaded
[2.356321] ACPI: Interpreter enabled
[2.356323] ACPI: Using GIC for interrupt routing
[2.356333] ACPI: MCFG table detected, 1 entries
[2.361359] ARMH0011:00: ttyAMA0 at MMIO 0x900 (irq = 16,
base_baud = 0) is a SBSA
[2.619805] printk: console [ttyAMA0] enabled
[2.622114] ACPI: PCI Root Bridge [PCI0] (domain  [bus 00-ff])
[2.622788] acpi PNP0A08:00: _OSC: OS supports [ExtendedConfig ASPM
ClockPM Segments MSI HPX-Type3]
[2.623776] acpi PNP0A08:00: _OSC: platform does not support [LTR]
[2.624600] acpi PNP0A08:00: _OSC: OS now controls [PCIeHotplug PME
AER PCIeCapability]
[2.625721] acpi PNP0A08:00: ECAM area [mem
0x401000-0x401fff] reserved by PNP0C02:00
[2.626645] acpi PNP0A08:00: ECAM at [mem
0x401000-0x401fff] for [bus 00-ff]
[2.627450] ACPI: Remapped I/O 0x3eff to [io
0x-0x window]
[2.628229] ACPI BIOS Error (bug): \_SB.PCI0._DSM: Excess arguments
- ASL declared 5, ACPI requires 4 (20210930/nsarguments-166)
[2.629576] PCI host bridge to bus :00
[2.630008] pci_bus :00: root bus resource [mem
0x1000-0x3efe window]
[2.630747] pci_bus :00: root bus resource [io  0x-0x
window]
[2.631405] pci_bus :00: root bus resource [mem
0x80-0xff window]
[2.632177] pci_bus :00: root bus resource [bus 00-ff]
[2.632731] ACPI BIOS Error (bug): \_SB.PCI0._DSM: Excess arguments
- ASL declared 5, ACPI requires 4 (20210930/nsarguments-166)



+aml_append(method, aml_return(aml_int(0)));
+aml_append(dev, method);
+}
+
   acpi_dsdt_add_pci_route_table(dev, cfg->irq);
 /*
@@ -191,6 +197,12 @@ void acpi_dsdt_add_gpex(Aml *scope, struct
GPEXConfig *cfg)
   aml_append(dev, aml_name_decl("_STR", aml_unicode("PCIe 0
Device")));
   aml_append(dev, aml_name_decl("_CCA", aml_int(1)));
   +if (cfg->preserve_config) {
+method = aml_method("_DSM", 5, AML_SERIALIZED);
+aml_append(method, aml_return(aml_int(0)));
+aml_append(dev, method);
+}
+
   acpi_dsdt_add_pci_route_table(dev, cfg->irq);
 method = aml_method("_CBA", 0, AML_NOTSERIALIZED);



.

"Startup" meeting (was Re: Meeting today?)

[Mark Burton]

Can we confirm the 11th for this meeting?

Cheers
Mark.


> On 4 Jan 2022, at 10:29, Edgar E. Iglesias  wrote:
> 
> 
> 
> On Tue, Dec 14, 2021 at 3:49 PM Markus Armbruster  > wrote:
> Daniel P. Berrangé mailto:berra...@redhat.com>> writes:
> 
> > On Tue, Dec 14, 2021 at 12:37:43PM +0100, Markus Armbruster wrote:
> >> Mark Burton mailto:mark.bur...@greensocs.com>> 
> >> writes:
> >> 
> >> > I realise it’s very short notice, but what about having a discussion 
> >> > today at 15:00 ?
> >> 
> >> I have a conflict today.  I could try to reschedule, but I'd prefer to
> >> talk next week instead.  Less stress, better prep.
> >
> > I fear we've run out of time for this year if we want all interested
> > parties to be able to attend.  I'll be off on PTO from end of this
> > week until the new year, and I know alot of folk are doing similar.
> 
> Right.  I'll be off from Dec 23 to Jan 9.  Can we all make Jan 11?
> 
> Jan 11th works for me!
> 
> Thanks,
> Edgar

Re: "Startup" meeting (was Re: Meeting today?)

[Daniel P . Berrangé]

No one objected, so I think we can go for the 11th.

On Thu, Jan 06, 2022 at 12:21:56PM +0100, Mark Burton wrote:
> Can we confirm the 11th for this meeting?
> 
> Cheers
> Mark.
> 
> 
> > On 4 Jan 2022, at 10:29, Edgar E. Iglesias  wrote:
> > 
> > 
> > 
> > On Tue, Dec 14, 2021 at 3:49 PM Markus Armbruster  > > wrote:
> > Daniel P. Berrangé mailto:berra...@redhat.com>> 
> > writes:
> > 
> > > On Tue, Dec 14, 2021 at 12:37:43PM +0100, Markus Armbruster wrote:
> > >> Mark Burton  > >> > writes:
> > >> 
> > >> > I realise it’s very short notice, but what about having a discussion 
> > >> > today at 15:00 ?
> > >> 
> > >> I have a conflict today.  I could try to reschedule, but I'd prefer to
> > >> talk next week instead.  Less stress, better prep.
> > >
> > > I fear we've run out of time for this year if we want all interested
> > > parties to be able to attend.  I'll be off on PTO from end of this
> > > week until the new year, and I know alot of folk are doing similar.
> > 
> > Right.  I'll be off from Dec 23 to Jan 9.  Can we all make Jan 11?
> > 
> > Jan 11th works for me!
> > 
> > Thanks,
> > Edgar
> 

Regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

Re: [RFC 03/10] vdpa: add the infrastructure of vdpa-dev

[Stefan Hajnoczi]

On Thu, Jan 06, 2022 at 01:22:19AM +, Longpeng (Mike, Cloud Infrastructure 
Service Product Dept.) wrote:
> 
> 
> > -Original Message-
> > From: Stefan Hajnoczi [mailto:stefa...@redhat.com]
> > Sent: Wednesday, January 5, 2022 5:49 PM
> > To: Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
> > 
> > Cc: m...@redhat.com; jasow...@redhat.com; sgarz...@redhat.com;
> > coh...@redhat.com; pbonz...@redhat.com; Gonglei (Arei)
> > ; Yechuan ; Huangzhichao
> > ; qemu-devel@nongnu.org
> > Subject: Re: [RFC 03/10] vdpa: add the infrastructure of vdpa-dev
> > 
> > On Wed, Jan 05, 2022 at 08:58:53AM +0800, Longpeng(Mike) wrote:
> > > +static const VirtioPCIDeviceTypeInfo vhost_vdpa_device_pci_info = {
> > > +.base_name   = TYPE_VHOST_VDPA_DEVICE_PCI,
> > > +.generic_name= "vhost-vdpa-device-pci",
> > > +.transitional_name   = "vhost-vdpa-device-pci-transitional",
> > > +.non_transitional_name   = "vhost-vdpa-device-pci-non-transitional",
> > 
> > Does vDPA support Transitional VIRTIO devices?
> > 
> > I expected this device to support Modern devices only.
> > 
> 
> There's already a 0.95 vdpa driver (Alibaba ENI) in the kernel source and
> supporting 0.95 devices is necessary for some older GuestOS.
> 
> I'm OK if other guys also approve of supporting 1.0+ devices only :)

If vDPA supports Transitional VIRTIO devices then it's fine to keep this
code unchanged in this patch series.

Stefan


signature.asc
Description: PGP signature

[RFC PATCH] target/ppc: Remove xscmpnedp instruction

[Víctor Colombo]

xscmpnedp was added in ISA v3.0 but removed in v3.0B. This patch
removes this instruction as it was not in the final version of v3.0.

RFC to know if you think this is the correct approach.

Signed-off-by: Víctor Colombo 
---
 target/ppc/fpu_helper.c | 1 -
 target/ppc/helper.h | 1 -
 target/ppc/translate/vsx-impl.c.inc | 1 -
 target/ppc/translate/vsx-ops.c.inc  | 1 -
 4 files changed, 4 deletions(-)

diff --git a/target/ppc/fpu_helper.c b/target/ppc/fpu_helper.c
index e5c29b53b8..f030858cf9 100644
--- a/target/ppc/fpu_helper.c
+++ b/target/ppc/fpu_helper.c
@@ -2270,7 +2270,6 @@ void helper_##op(CPUPPCState *env, ppc_vsr_t *xt, 
\
 VSX_SCALAR_CMP_DP(xscmpeqdp, eq, 1, 0)
 VSX_SCALAR_CMP_DP(xscmpgedp, le, 1, 1)
 VSX_SCALAR_CMP_DP(xscmpgtdp, lt, 1, 1)
-VSX_SCALAR_CMP_DP(xscmpnedp, eq, 0, 0)
 
 void helper_xscmpexpdp(CPUPPCState *env, uint32_t opcode,
ppc_vsr_t *xa, ppc_vsr_t *xb)
diff --git a/target/ppc/helper.h b/target/ppc/helper.h
index f9c72dcd50..8f02cabaf5 100644
--- a/target/ppc/helper.h
+++ b/target/ppc/helper.h
@@ -400,7 +400,6 @@ DEF_HELPER_5(xsnmsubdp, void, env, vsr, vsr, vsr, vsr)
 DEF_HELPER_4(xscmpeqdp, void, env, vsr, vsr, vsr)
 DEF_HELPER_4(xscmpgtdp, void, env, vsr, vsr, vsr)
 DEF_HELPER_4(xscmpgedp, void, env, vsr, vsr, vsr)
-DEF_HELPER_4(xscmpnedp, void, env, vsr, vsr, vsr)
 DEF_HELPER_4(xscmpexpdp, void, env, i32, vsr, vsr)
 DEF_HELPER_4(xscmpexpqp, void, env, i32, vsr, vsr)
 DEF_HELPER_4(xscmpodp, void, env, i32, vsr, vsr)
diff --git a/target/ppc/translate/vsx-impl.c.inc 
b/target/ppc/translate/vsx-impl.c.inc
index c08185e857..fbef496257 100644
--- a/target/ppc/translate/vsx-impl.c.inc
+++ b/target/ppc/translate/vsx-impl.c.inc
@@ -1092,7 +1092,6 @@ GEN_VSX_HELPER_X1(xstsqrtdp, 0x14, 0x06, 0, PPC2_VSX)
 GEN_VSX_HELPER_X3(xscmpeqdp, 0x0C, 0x00, 0, PPC2_ISA300)
 GEN_VSX_HELPER_X3(xscmpgtdp, 0x0C, 0x01, 0, PPC2_ISA300)
 GEN_VSX_HELPER_X3(xscmpgedp, 0x0C, 0x02, 0, PPC2_ISA300)
-GEN_VSX_HELPER_X3(xscmpnedp, 0x0C, 0x03, 0, PPC2_ISA300)
 GEN_VSX_HELPER_X2_AB(xscmpexpdp, 0x0C, 0x07, 0, PPC2_ISA300)
 GEN_VSX_HELPER_R2_AB(xscmpexpqp, 0x04, 0x05, 0, PPC2_ISA300)
 GEN_VSX_HELPER_X2_AB(xscmpodp, 0x0C, 0x05, 0, PPC2_VSX)
diff --git a/target/ppc/translate/vsx-ops.c.inc 
b/target/ppc/translate/vsx-ops.c.inc
index c974324c4c..67fa7b2e41 100644
--- a/target/ppc/translate/vsx-ops.c.inc
+++ b/target/ppc/translate/vsx-ops.c.inc
@@ -197,7 +197,6 @@ GEN_XX3FORM_NAME(xsnmsubdp, "xsnmsubmdp", 0x04, 0x17, 
PPC2_VSX),
 GEN_XX3FORM(xscmpeqdp, 0x0C, 0x00, PPC2_ISA300),
 GEN_XX3FORM(xscmpgtdp, 0x0C, 0x01, PPC2_ISA300),
 GEN_XX3FORM(xscmpgedp, 0x0C, 0x02, PPC2_ISA300),
-GEN_XX3FORM(xscmpnedp, 0x0C, 0x03, PPC2_ISA300),
 GEN_XX3FORM(xscmpexpdp, 0x0C, 0x07, PPC2_ISA300),
 GEN_VSX_XFORM_300(xscmpexpqp, 0x04, 0x05, 0x0061),
 GEN_XX2IFORM(xscmpodp,  0x0C, 0x05, PPC2_VSX),
-- 
2.25.1

Re: [RFC 05/10] vdpa-dev: implement the realize interface

[Stefan Hajnoczi]

On Thu, Jan 06, 2022 at 03:02:37AM +, Longpeng (Mike, Cloud Infrastructure 
Service Product Dept.) wrote:
> 
> 
> > -Original Message-
> > From: Stefan Hajnoczi [mailto:stefa...@redhat.com]
> > Sent: Wednesday, January 5, 2022 6:18 PM
> > To: Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
> > 
> > Cc: m...@redhat.com; jasow...@redhat.com; sgarz...@redhat.com;
> > coh...@redhat.com; pbonz...@redhat.com; Gonglei (Arei)
> > ; Yechuan ; Huangzhichao
> > ; qemu-devel@nongnu.org
> > Subject: Re: [RFC 05/10] vdpa-dev: implement the realize interface
> > 
> > On Wed, Jan 05, 2022 at 08:58:55AM +0800, Longpeng(Mike) wrote:
> > > From: Longpeng 
> > >
> > > Implements the .realize interface.
> > >
> > > Signed-off-by: Longpeng 
> > > ---
> > >  hw/virtio/vdpa-dev.c | 114 +++
> > >  include/hw/virtio/vdpa-dev.h |   8 +++
> > >  2 files changed, 122 insertions(+)
> > >
> > > diff --git a/hw/virtio/vdpa-dev.c b/hw/virtio/vdpa-dev.c
> > > index 790117fb3b..2d534d837a 100644
> > > --- a/hw/virtio/vdpa-dev.c
> > > +++ b/hw/virtio/vdpa-dev.c
> > > @@ -15,9 +15,122 @@
> > >  #include "sysemu/sysemu.h"
> > >  #include "sysemu/runstate.h"
> > >
> > > +static void
> > > +vhost_vdpa_device_dummy_handle_output(VirtIODevice *vdev, VirtQueue *vq)
> > > +{
> > > +/* Nothing to do */
> > > +}
> > > +
> > > +static int vdpa_dev_get_info_by_fd(int fd, uint64_t cmd, Error **errp)
> > 
> > This looks similar to the helper function in a previous patch but this
> > time the return value type is int instead of uint32_t. Please make the
> > types consistent.
> > 
> 
> OK.
> 
> > > +{
> > > +int val;
> > > +
> > > +if (ioctl(fd, cmd, &val) < 0) {
> > > +error_setg(errp, "vhost-vdpa-device: cmd 0x%lx failed: %s",
> > > +   cmd, strerror(errno));
> > > +return -1;
> > > +}
> > > +
> > > +return val;
> > > +}
> > > +
> > > +static inline int vdpa_dev_get_queue_size(int fd, Error **errp)
> > > +{
> > > +return vdpa_dev_get_info_by_fd(fd, VHOST_VDPA_GET_VRING_NUM, errp);
> > > +}
> > > +
> > > +static inline int vdpa_dev_get_vqs_num(int fd, Error **errp)
> > > +{
> > > +return vdpa_dev_get_info_by_fd(fd, VHOST_VDPA_GET_VQS_NUM, errp);
> > > +}
> > > +
> > > +static inline int vdpa_dev_get_config_size(int fd, Error **errp)
> > > +{
> > > +return vdpa_dev_get_info_by_fd(fd, VHOST_VDPA_GET_CONFIG_SIZE, errp);
> > > +}
> > > +
> > >  static void vhost_vdpa_device_realize(DeviceState *dev, Error **errp)
> > >  {
> > > +VirtIODevice *vdev = VIRTIO_DEVICE(dev);
> > > +VhostVdpaDevice *s = VHOST_VDPA_DEVICE(vdev);
> > > +uint32_t device_id;
> > > +int max_queue_size;
> > > +int fd;
> > > +int i, ret;
> > > +
> > > +fd = qemu_open(s->vdpa_dev, O_RDWR, errp);
> > > +if (fd == -1) {
> > > +return;
> > > +}
> > > +s->vdpa.device_fd = fd;
> > 
> > This is the field I suggest exposing as a QOM property so it can be set
> > from the proxy object (e.g. when the PCI proxy opens the vdpa device
> > before our .realize() function is called).
> > 
> 
> OK.
> 
> > > +
> > > +max_queue_size = vdpa_dev_get_queue_size(fd, errp);
> > > +if (*errp) {
> > > +goto out;
> > > +}
> > > +
> > > +if (s->queue_size > max_queue_size) {
> > > +error_setg(errp, "vhost-vdpa-device: invalid queue_size: %d
> > (max:%d)",
> > > +   s->queue_size, max_queue_size);
> > > +goto out;
> > > +} else if (!s->queue_size) {
> > > +s->queue_size = max_queue_size;
> > > +}
> > > +
> > > +ret = vdpa_dev_get_vqs_num(fd, errp);
> > > +if (*errp) {
> > > +goto out;
> > > +}
> > > +
> > > +s->dev.nvqs = ret;
> > 
> > There is no input validation because we trust the kernel vDPA return
> > values. That seems okay for now but if there is a vhost-user version of
> > this in the future then input validation will be necessary to achieve
> > isolation between QEMU and the vhost-user processes. I suggest including
> > input validation code right away because it's harder to audit the code
> > and fix missing input validation later on.
> > 
> 
> Make sense!
> 
> Should we only need to validate the upper boundary (e.g.  
> > > +s->dev.vqs = g_new0(struct vhost_virtqueue, s->dev.nvqs);
> > > +s->dev.vq_index = 0;
> > > +s->dev.vq_index_end = s->dev.nvqs;
> > > +s->dev.backend_features = 0;
> > > +s->started = false;
> > > +
> > > +ret = vhost_dev_init(&s->dev, &s->vdpa, VHOST_BACKEND_TYPE_VDPA, 0,
> > NULL);
> > > +if (ret < 0) {
> > > +error_setg(errp, "vhost-vdpa-device: vhost initialization
> > failed: %s",
> > > +   strerror(-ret));
> > > +goto out;
> > > +}
> > > +
> > > +ret = s->dev.vhost_ops->vhost_get_device_id(&s->dev, &device_id);
> > 
> > The vhost_*() API abstracts the ioctl calls but this source file and the
> > PCI proxy have ioctl calls. I wonder if it's possibl

Re: [PATCH v5 2/3] acpi: tpm: Add missing device identification objects

[Michael S. Tsirkin]

On Thu, Jan 06, 2022 at 09:36:36AM +0100, Igor Mammedov wrote:
> On Tue,  4 Jan 2022 12:58:05 -0500
> Stefan Berger  wrote:
> 
> > Add missing TPM device identification objects _STR and _UID. They will
> > appear as files 'description' and 'uid' under Linux sysfs.
> > 
> > Following inspection of sysfs entries for hardware TPMs we chose
> > uid '1'.
> 
> My guess would be that buy default (in case of missing UID), OSPM
> will start enumerate from 0. So I think 0 is more safer choice
> when it comes to compatibility.
> 
> Can you smoke test TPM with Windows, and check if adding UID doesn't
> break anything if VM actually uses TMP (though I'm not sure how to
> check it on Windows, maybe install Windows 11 without this patch
> and then see if it still boots pre-installed VM and nothing is broken
> after this patch)?

Given out experience with these things, I would add compat
machinery and avoid changing things for existing machine types.
Should be sufficient to address these concerns right Igor?

> 
> > Cc: Shannon Zhao 
> > Cc: Michael S. Tsirkin 
> > Cc: Igor Mammedov 
> > Cc: Ani Sinha 
> > Resolves: https://gitlab.com/qemu-project/qemu/-/issues/708
> > Signed-off-by: Stefan Berger 
> > Reviewed-by: Ani Sinha 
> > Reviewed-by: Shannon Zhao 
> > Message-id: 20211223022310.575496-3-stef...@linux.ibm.com
> > ---
> >  hw/arm/virt-acpi-build.c | 1 +
> >  hw/i386/acpi-build.c | 7 +++
> >  2 files changed, 8 insertions(+)
> > 
> > diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
> > index d0f4867fdf..f2514ce77c 100644
> > --- a/hw/arm/virt-acpi-build.c
> > +++ b/hw/arm/virt-acpi-build.c
> > @@ -229,6 +229,7 @@ static void acpi_dsdt_add_tpm(Aml *scope, 
> > VirtMachineState *vms)
> >  
> >  Aml *dev = aml_device("TPM0");
> >  aml_append(dev, aml_name_decl("_HID", aml_string("MSFT0101")));
> > +aml_append(dev, aml_name_decl("_STR", aml_string("TPM 2.0 Device")));
> >  aml_append(dev, aml_name_decl("_UID", aml_int(0)));
> >  
> >  Aml *crs = aml_resource_template();
> > diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
> > index 8383b83ee3..05740b7f15 100644
> > --- a/hw/i386/acpi-build.c
> > +++ b/hw/i386/acpi-build.c
> > @@ -1812,11 +1812,15 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
> >  dev = aml_device("TPM");
> >  aml_append(dev, aml_name_decl("_HID",
> >aml_string("MSFT0101")));
> > +aml_append(dev,
> > +   aml_name_decl("_STR",
> > + aml_string("TPM 2.0 
> > Device")));
> >  } else {
> >  dev = aml_device("ISA.TPM");
> >  aml_append(dev, aml_name_decl("_HID",
> >aml_eisaid("PNP0C31")));
> >  }
> > +aml_append(dev, aml_name_decl("_UID", aml_int(1)));
> >  
> >  aml_append(dev, aml_name_decl("_STA", aml_int(0xF)));
> >  crs = aml_resource_template();
> > @@ -1844,12 +1848,15 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
> >  if (TPM_IS_CRB(tpm)) {
> >  dev = aml_device("TPM");
> >  aml_append(dev, aml_name_decl("_HID", aml_string("MSFT0101")));
> > +aml_append(dev, aml_name_decl("_STR",
> > +  aml_string("TPM 2.0 Device")));
> >  crs = aml_resource_template();
> >  aml_append(crs, aml_memory32_fixed(TPM_CRB_ADDR_BASE,
> > TPM_CRB_ADDR_SIZE, 
> > AML_READ_WRITE));
> >  aml_append(dev, aml_name_decl("_CRS", crs));
> >  
> >  aml_append(dev, aml_name_decl("_STA", aml_int(0xf)));
> > +aml_append(dev, aml_name_decl("_UID", aml_int(1)));
> >  
> >  tpm_build_ppi_acpi(tpm, dev);
> >