Hi Roy,
On 3/4/24 13:11, Roy Hopkins wrote:
This commit adds an implementation of an IGVM loader which parses the
file specified as a pararameter to ConfidentialGuestSupport and provides
a function that uses the interface in the same object to configure and
populate guest memory based on the con
Hi Roy,
On 3/4/24 13:11, Roy Hopkins wrote:
In preparation for supporting the processing of IGVM files to configure
guests, this adds a set of functions to ConfidentialGuestSupport
allowing configuration of secure virtual machines that can be
implemented for each supported isolation platform typ
On Wed, 3 Apr 2024 at 23:40, Richard Henderson
wrote:
>
> On 4/3/24 08:15, Gautam Bhat wrote:
> > Here simple_test.bin is the raw binary file converted using objcopy.
> > addr=0xFFFE is the vector location where the PC will load with the
> > starting address.
> >
> > Now how do I load the address
Per "SD Host Controller Standard Specification Version 3.00":
* 1.7 Buffer Control
- 1.7.1 Control of Buffer Pointer
(3) Buffer Control with Block Size
In case of write operation, the buffer accumulates the data
written through the Buffer Data Port register. When the buffer
If a blockcommit is aborted the base image remains in RW mode, that leads
to a fail of subsequent live migration.
How to reproduce:
$ virsh snapshot-create-as vm snp1 --disk-only
*** write something to the disk inside the guest ***
$ virsh blockcommit vm vda --active --shallow && virsh blo
On Thu, Mar 28, 2024 at 04:40:10PM +, Richard W.M. Jones wrote:
> libnbd absolutely does *not* get this right, eg:
>
> $ nbdinfo NBD://localhost
> nbdinfo: nbd_connect_uri: unknown NBD URI scheme: NBD: Invalid argument
>
> so that's a bug too.
Proposed fix:
https://gitlab.com/nbdkit/libn
On Sun, Mar 24, 2024 at 8:17 PM Mark Cave-Ayland
wrote:
> Patches 1-4 update existing users of esp_fifo_pop_buf() and esp_fifo_pop()
> with
> the internal cmdfifo to use the underlying Fifo8 device directly. The aim is
> to ensure that all the esp_fifo_*() functions only operate on the ESP's
> h
Before loading the guest states, ensure that the preempt channel has been
ready to use, as some of the states (e.g. via virtio_load) might trigger
page faults that will be handled through the preempt channel. So yield to
the main thread in the case that the channel create event has been
dispatched.
On Thursday, April 4, 2024 12:34 AM, Peter Xu wrote:
> On Wed, Apr 03, 2024 at 04:04:21PM +, Wang, Wei W wrote:
> > On Wednesday, April 3, 2024 10:42 PM, Peter Xu wrote:
> > > On Wed, Apr 03, 2024 at 04:35:35PM +0800, Wang, Lei wrote:
> > > > We should change the following line from
> > >
Hi Mark,
On 24/3/24 20:16, Mark Cave-Ayland wrote:
Mark Cave-Ayland (17):
esp.c: move esp_fifo_pop_buf() internals to new esp_fifo8_pop_buf()
function
esp.c: replace esp_fifo_pop_buf() with esp_fifo8_pop_buf() in
do_command_phase()
esp.c: replace esp_fifo_pop_buf() with esp_f
On Wed, Apr 3, 2024 at 6:51 PM Jonah Palmer wrote:
>
>
>
> On 4/3/24 6:18 AM, Eugenio Perez Martin wrote:
> > On Thu, Mar 28, 2024 at 5:22 PM Jonah Palmer
> > wrote:
> >>
> >> Initialize sequence variables for VirtQueue and VirtQueueElement
> >> structures. A VirtQueue's sequence variables are i
This modification ensures that in scenarios where the buffer size is
insufficient for a zone report, the function will now properly set an
error status and proceed to a cleanup label, instead of merely
returning.
The following ASAN log reveals it:
==1767400==ERROR: LeakSanitizer: detected memory
In vu_message_write() we use sendmsg() to send the message header,
then a write() to send the payload.
If sendmsg() fails we should avoid sending the payload, since we
were unable to send the header.
Discovered before fixing the issue with the previous patch, where
sendmsg() failed on macOS due t
On some OS (e.g. macOS) sendmsg() returns -1 (errno EINVAL) if
the `struct msghdr` has the field `msg_controllen` set to 0, but
`msg_control` is not NULL.
Reviewed-by: Eric Blake
Reviewed-by: David Hildenbrand
Signed-off-by: Stefano Garzarella
---
subprojects/libvhost-user/libvhost-user.c | 1
The vhost-user protocol is not really Linux-specific so let's enable
libvhost-user for any POSIX system.
Compiling it on macOS and FreeBSD some problems came up:
- avoid to include linux/vhost.h which is avaibale only on Linux
(vhost_types.h contains many of the things we need)
- macOS doesn't p
On macOS passing `-s /tmp/vhost.socket` parameter to the vhost-user-blk
application, the bind was done on `/tmp/vhost.socke` pathname,
missing the last character.
This sounds like one of the portability problems described in the
unix(7) manpage:
Pathname sockets
When binding a socket
`memory-backend-memfd` is available only on Linux while the new
`memory-backend-shm` can be used on any POSIX-compliant operating
system. Let's use it so we can run the test in multiple environments.
Signed-off-by: Stefano Garzarella
---
tests/qtest/vhost-user-blk-test.c | 2 +-
1 file changed,
v1: https://patchew.org/QEMU/20240228114759.44758-1-sgarz...@redhat.com/
v2: https://patchew.org/QEMU/20240326133936.125332-1-sgarz...@redhat.com/
v3:
- rebased on v9.0.0-rc2
- patch 4: avoiding setting fd non-blocking for messages where we
have memory fd (Eric)
- patch 9: enriched commit
In vhost-user-server we set all fd received from the other peer
in non-blocking mode. For some of them (e.g. memfd, shm_open, etc.)
it's not really needed, because we don't use these fd with blocking
operations, but only to map memory.
In addition, in some systems this operation can fail (e.g. in
Let's make the code more portable by using the "qemu/bswap.h" API
and adding defines from block/file-posix.c to support O_DIRECT in
other systems (e.g. macOS).
vhost-user-server.c is a dependency, let's enable it for any POSIX
system.
Signed-off-by: Stefano Garzarella
---
meson.build
The vhost-user protocol is not really Linux-specific so let's enable
vhost-user frontends for any POSIX system.
In vhost_net.c we use VHOST_FILE_UNBIND which is defined in a Linux
specific header, let's define it for other systems as well.
Signed-off-by: Stefano Garzarella
---
meson.build
shm_open() creates and opens a new POSIX shared memory object.
A POSIX shared memory object allows creating memory backend with an
associated file descriptor that can be shared with external processes
(e.g. vhost-user).
The new `memory-backend-shm` can be used as an alternative when
`memory-backen
`memory-backend-shm` can be used with vhost-user devices, so let's
add a new test case for it.
Signed-off-by: Stefano Garzarella
---
tests/qtest/vhost-user-test.c | 23 +++
1 file changed, 23 insertions(+)
diff --git a/tests/qtest/vhost-user-test.c b/tests/qtest/vhost-user-t
libvhost-user will panic when receiving VHOST_USER_GET_INFLIGHT_FD
message if MFD_ALLOW_SEALING is not defined, since it's not able
to create a memfd.
VHOST_USER_GET_INFLIGHT_FD is used only if
VHOST_USER_PROTOCOL_F_INFLIGHT_SHMFD is negotiated. So, let's mask
that feature if the backend is not ab
> On 3 Apr 2024, at 16:41, Roy Hopkins wrote:
>
> When using an IGVM file the configuration of the system firmware is
> defined by IGVM directives contained in the file. In this case the user
> should not configure any pflash devices.
>
> This commit skips initialization of the ROM mode when
The device should not handle the commands which have bad request/reply
size, it should just report the error instead of raising an assertation.
Signed-off-by: Zheyu Ma
---
hw/virtio/virtio-iommu.c | 10 +++---
1 file changed, 3 insertions(+), 7 deletions(-)
diff --git a/hw/virtio/virtio-iom
On Thu, Apr 04, 2024 at 02:45:05PM +0200, Zheyu Ma wrote:
> The device should not handle the commands which have bad request/reply
> size, it should just report the error instead of raising an assertation.
>
> Signed-off-by: Zheyu Ma
I do not get what problem you are trying to solve here.
Can gu
From: John Berg
The MQES field in the CAP register describes the Maximum Queue Entries
Supported for the IO queues of an NVMe controller. Adding a +1 to the
value in this field results in the total queue size. A full queue is
when a queue of size N contains N - 1 entries, and the minimum queue
si
On 04/04/2024 11:28, Philippe Mathieu-Daudé wrote:
Hi Mark,
On 24/3/24 20:16, Mark Cave-Ayland wrote:
Mark Cave-Ayland (17):
esp.c: move esp_fifo_pop_buf() internals to new esp_fifo8_pop_buf()
function
esp.c: replace esp_fifo_pop_buf() with esp_fifo8_pop_buf() in
do_command_ph
On Apr 4 13:04, John Berg wrote:
> From: John Berg
>
> The MQES field in the CAP register describes the Maximum Queue Entries
> Supported for the IO queues of an NVMe controller. Adding a +1 to the
> value in this field results in the total queue size. A full queue is
> when a queue of size N co
On Apr 4 13:04, John Berg wrote:
> From: John Berg
>
> The MQES field in the CAP register describes the Maximum Queue Entries
> Supported for the IO queues of an NVMe controller. Adding a +1 to the
> value in this field results in the total queue size. A full queue is
> when a queue of size N co
On 3/25/24 20:02, nifan@gmail.com wrote:
> From: Fan Ni
>
> Per CXL spec 3.1, two mailbox commands are implemented:
> Add Dynamic Capacity Response (Opcode 4802h) 8.2.9.9.9.3, and
> Release Dynamic Capacity (Opcode 4803h) 8.2.9.9.9.4.
>
> For the process of the above two commands, we use two
On Thu, Apr 04, 2024 at 02:00:40PM +0200, Zheyu Ma wrote:
> This modification ensures that in scenarios where the buffer size is
> insufficient for a zone report, the function will now properly set an
> error status and proceed to a cleanup label, instead of merely
> returning.
>
> The following A
> > > @@ -858,7 +910,8 @@ static int __init memory_tier_init(void)
> > >* For now we can have 4 faster memory tiers with smaller adistance
> > >* than default DRAM tier.
> > >*/
> > > - default_dram_type = alloc_memory_type(MEMTIER_ADISTANCE_DRAM);
> > > + default_
On Wed, 3 Apr 2024 22:56:58 +0800
Shiyang Ruan wrote:
> 在 2024/3/30 9:50, Dan Williams 写道:
> > Shiyang Ruan wrote:
> >> The GMER only has "Physical Address" field, no such one indicates length.
> >> So, when a poison event is received, we could use GET_POISON_LIST command
> >> to get the poison
On 4/4/24 14:23, Stefano Garzarella wrote:
On some OS (e.g. macOS) sendmsg() returns -1 (errno EINVAL) if
the `struct msghdr` has the field `msg_controllen` set to 0, but
`msg_control` is not NULL.
Reviewed-by: Eric Blake
Reviewed-by: David Hildenbrand
Signed-off-by: Stefano Garzarella
---
On 4/4/24 14:23, Stefano Garzarella wrote:
On macOS passing `-s /tmp/vhost.socket` parameter to the vhost-user-blk
application, the bind was done on `/tmp/vhost.socke` pathname,
missing the last character.
This sounds like one of the portability problems described in the
unix(7) manpage:
Pa
From: Zheyu Ma
This modification ensures that in scenarios where the buffer size is
insufficient for a zone report, the function will now properly set an
error status and proceed to a cleanup label, instead of merely
returning.
The following ASAN log reveals it:
==1767400==ERROR: LeakSanitizer:
The following changes since commit 786fd793b81410fb2a28914315e2f05d2ff6733b:
Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
(2024-04-03 12:52:03 +0100)
are available in the Git repository at:
https://gitlab.com/stefanha/qemu.git tags/block-pull-request
for you to
On Thu, Apr 04, 2024 at 01:04:18PM +0100, John Berg wrote:
> The MQES field in the CAP register describes the Maximum Queue Entries
> Supported for the IO queues of an NVMe controller. Adding a +1 to the
> value in this field results in the total queue size. A full queue is
> when a queue of size N
Hi Salil,
On 12-03-2024 07:29, Salil Mehta wrote:
KVM vCPU creation is done once during the vCPU realization when Qemu vCPU thread
is spawned. This is common to all the architectures as of now.
Hot-unplug of vCPU results in destruction of the vCPU object in QOM but the
corresponding KVM vCPU ob
Hi Stefano,
On 4/4/24 14:23, Stefano Garzarella wrote:
Let's make the code more portable by using the "qemu/bswap.h" API
and adding defines from block/file-posix.c to support O_DIRECT in
other systems (e.g. macOS).
vhost-user-server.c is a dependency, let's enable it for any POSIX
system.
Sign
Hi Salil,
On 12-03-2024 07:29, Salil Mehta wrote:
ACPI GED (as described in the ACPI 6.4 spec) uses an interrupt listed in the
_CRS object of GED to intimate OSPM about an event. Later then demultiplexes the
notified event by evaluating ACPI _EVT method to know the type of event. Use
ACPI GED to
Hi Salil,
On 12-03-2024 07:29, Salil Mehta wrote:
Add common function to help unregister the GDB register space. This shall be
done in context to the CPU unrealization.
Signed-off-by: Salil Mehta
Tested-by: Vishnu Pajjuri
Reviewed-by: Gavin Shan
Tested-by: Xianglai Li
Tested-by: Miguel Luis
Rev
A malicious or buggy guest may generated buffered ioreqs faster than
QEMU can process them in handle_buffered_iopage(). The result is a
livelock - QEMU continuously processes ioreqs on the main thread without
iterating through the main loop which prevents handling other events,
processing timers, e
On 04.04.24 14:23, Stefano Garzarella wrote:
shm_open() creates and opens a new POSIX shared memory object.
A POSIX shared memory object allows creating memory backend with an
associated file descriptor that can be shared with external processes
(e.g. vhost-user).
The new `memory-backend-shm` ca
On Thu, Apr 04, 2024 at 06:05:50PM +0800, Wei Wang wrote:
> Before loading the guest states, ensure that the preempt channel has been
> ready to use, as some of the states (e.g. via virtio_load) might trigger
> page faults that will be handled through the preempt channel. So yield to
> the main thr
On Wed, 3 Apr 2024 at 11:17, Jinjie Ruan wrote:
>
> Support ALLINT msr access as follow:
> mrs , ALLINT// read allint
> msr ALLINT, // write allint with imm
>
> Signed-off-by: Jinjie Ruan
> Reviewed-by: Richard Henderson
> ---
Reviewed-by: Peter Maydell
thanks
On Wed, 3 Apr 2024 at 11:17, Jinjie Ruan wrote:
>
> FEAT_NMI defines another three new bits in HCRX_EL2: TALLINT, HCRX_VINMI and
> HCRX_VFNMI. When the feature is enabled, allow these bits to be written in
> HCRX_EL2.
>
> Signed-off-by: Jinjie Ruan
> Reviewed-by: Richard Henderson
> ---
Reviewe
On Wed, 3 Apr 2024 at 11:17, Jinjie Ruan wrote:
>
> This only implements the external delivery method via the GICv3.
>
> Signed-off-by: Jinjie Ruan
> Reviewed-by: Richard Henderson
Reviewed-by: Peter Maydell
thanks
-- PMM
On Wed, 3 Apr 2024 at 11:18, Jinjie Ruan wrote:
>
> Add support for FEAT_NMI. NMI (FEAT_NMI) is an mandatory feature in
> ARMv8.8-A and ARM v9.3-A.
>
> Signed-off-by: Jinjie Ruan
> Reviewed-by: Richard Henderson
> ---
> v3:
> - Add Reviewed-by.
> - Adjust to before the MSR patches.
> ---
> targ
On Wed, 3 Apr 2024 at 11:17, Jinjie Ruan wrote:
>
> When PSTATE.ALLINT is set, an IRQ or FIQ interrupt that is targeted to
> ELx, with or without superpriority is masked.
>
> As Richard suggested, place ALLINT bit in PSTATE in env->pstate.
>
> With the change to pstate_read/write, exception entry
On Wed, 3 Apr 2024 at 11:18, Jinjie Ruan wrote:
>
> Add ALLINT MSR (immediate) to decodetree, in which the CRm is 0b000x. The
> EL0 check is necessary to ALLINT, and the EL1 check is necessary when
> imm == 1. So implement it inline for EL2/3, or EL1 with imm==0. Avoid the
> unconditional write to
On Wed, 3 Apr 2024 at 11:18, Jinjie Ruan via wrote:
>
> According to Arm GIC section 4.6.3 Interrupt superpriority, the interrupt
> with superpriority is always IRQ, never FIQ, so handle NMI same as IRQ in
> arm_phys_excp_target_el().
>
> Signed-off-by: Jinjie Ruan
> Reviewed-by: Richard Henderso
On Wed, 3 Apr 2024 at 11:18, Jinjie Ruan wrote:
>
> Add IS and FS bit in ISR_EL1 and handle the read. With CPU_INTERRUPT_NMI or
> CPU_INTERRUPT_VINMI, both CPSR_I and ISR_IS must be set. With
> CPU_INTERRUPT_VFNMI, both CPSR_F and ISR_FS must be set.
>
> Signed-off-by: Jinjie Ruan
> Reviewed-by:
On Wed, 3 Apr 2024 at 11:17, Jinjie Ruan wrote:
>
> Set or clear PSTATE.ALLINT on taking an exception to ELx according to the
> SCTLR_ELx.SPINTMASK bit.
>
> Signed-off-by: Jinjie Ruan
> Reviewed-by: Richard Henderson
Reviewed-by: Peter Maydell
thanks
-- PMM
On Wed, 3 Apr 2024 at 11:18, Jinjie Ruan wrote:
>
> According to Arm GIC section 4.6.3 Interrupt superpriority, the interrupt
> with superpriority is always IRQ, never FIQ, so the NMI exception trap entry
> behave like IRQ. And VINMI(vIRQ with Superpriority) can be raised from the
> GIC or come fr
On Wed, 3 Apr 2024 at 11:17, Jinjie Ruan wrote:
>
> Add the NMIAR CPU interface registers which deal with acknowledging NMI.
>
> When introduce NMI interrupt, there are some updates to the semantics for the
> register ICC_IAR1_EL1 and ICC_HPPIR1_EL1. For ICC_IAR1_EL1 register, it
> should return 1
Signed-off-by: Mark Cave-Ayland
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Paolo Bonzini
Message-Id: <20240324191707.623175-5-mark.cave-ayl...@ilande.co.uk>
Signed-off-by: Mark Cave-Ayland
---
hw/scsi/esp.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/scsi/esp
Now that all users of esp_fifo_pop() operate on the main FIFO there is no need
to pass the FIFO explicitly.
Signed-off-by: Mark Cave-Ayland
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Paolo Bonzini
Message-Id: <20240324191707.623175-7-mark.cave-ayl...@ilande.co.uk>
Signed-off-by: Mark Cave
The following changes since commit 786fd793b81410fb2a28914315e2f05d2ff6733b:
Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
(2024-04-03 12:52:03 +0100)
are available in the Git repository at:
https://github.com/mcayland/qemu.git tags/qemu-sparc-2024040
During normal use the cmdfifo will never wrap internally and cmdfifo_cdb_offset
will always indicate the start of the SCSI CDB. However it is possible that a
malicious guest could issue an invalid ESP command sequence such that cmdfifo
wraps internally and cmdfifo_cdb_offset could point beyond the
Update esp_fifo_pop_buf() to be a simple wrapper onto the new
esp_fifo8_pop_buf()
function.
Signed-off-by: Mark Cave-Ayland
Reviewed-by: Paolo Bonzini
Reviewed-by: Philippe Mathieu-Daudé
Message-Id: <20240324191707.623175-2-mark.cave-ayl...@ilande.co.uk>
Signed-off-by: Mark Cave-Ayland
---
h
Instead of pushing data into the FIFO directly with fifo8_push_all(), add a new
esp_fifo_push_buf() function and use it accordingly.
Signed-off-by: Mark Cave-Ayland
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Paolo Bonzini
Message-Id: <20240324191707.623175-10-mark.cave-ayl...@ilande.co.uk
The esp_cdb_length() function is only used as part of a calculation to determine
whether the cmdfifo contains an entire SCSI CDB. Rework esp_cdb_length() into a
new esp_cdb_ready() function which both enables us to handle the case where
scsi_cdb_length() returns -1, plus simplify the logic for its
On Wed, 3 Apr 2024 at 11:18, Jinjie Ruan wrote:
>
> Implement icv_nmiar1_read() for icc_nmiar1_read(), so add definition for
> ICH_LR_EL2.NMI and ICH_AP1R_EL2.NMI bit.
>
> If FEAT_GICv3_NMI is supported, ich_ap_write() should consider
> ICV_AP1R_EL1.NMI
> bit. In icv_activate_irq() and icv_eoir_w
Now that all users of esp_fifo_push() operate on the main FIFO there is no need
to pass the FIFO explicitly.
Signed-off-by: Mark Cave-Ayland
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Paolo Bonzini
Message-Id: <20240324191707.623175-6-mark.cave-ayl...@ilande.co.uk>
Signed-off-by: Mark Cav
This new function sets the DRQ line correctly according to the current transfer
mode, direction and FIFO contents. Update esp_fifo_push_buf() and
esp_fifo_pop_buf()
to use it so that DRQ is always set correctly when reading/writing multiple
bytes
to/from the FIFO.
Signed-off-by: Mark Cave-Ayland
This ensures that esp_update_drq() is called via esp_fifo_push() whenever the
host uses PDMA to transfer data to a SCSI device.
Signed-off-by: Mark Cave-Ayland
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Paolo Bonzini
Message-Id: <20240324191707.623175-17-mark.cave-ayl...@ilande.co.uk>
Sig
The aim is to restrict the esp_fifo_*() functions so that they only operate on
the hardware FIFO. When reading from cmdfifo in do_command_phase() use the
underlying esp_fifo8_pop_buf() function directly.
Signed-off-by: Mark Cave-Ayland
Reviewed-by: Paolo Bonzini
Reviewed-by: Philippe Mathieu-Dau
The current logic assumes that at least 1 byte is present in the FIFO when
executing a non-DMA SELATNS command, but this may not be the case if the
guest executes an invalid ESP command sequence.
Reported-by: Chuhong Yuan
Signed-off-by: Mark Cave-Ayland
Reviewed-by: Paolo Bonzini
Reviewed-by: P
The aim is to restrict the esp_fifo_*() functions so that they only operate on
the hardware FIFO. When reading from cmdfifo in do_message_phase() use the
underlying esp_fifo8_pop_buf() function directly.
Signed-off-by: Mark Cave-Ayland
Reviewed-by: Paolo Bonzini
Reviewed-by: Philippe Mathieu-Dau
Now the esp_update_drq() is called for all reads/writes to the FIFO, there is
no need to manually raise and lower the DRQ signal.
Signed-off-by: Mark Cave-Ayland
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/611
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1831
Reviewed-by: P
This ensures that the DRQ line is always set correctly when reading/writing
single bytes to/from the FIFO.
Signed-off-by: Mark Cave-Ayland
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Paolo Bonzini
Message-Id: <20240324191707.623175-16-mark.cave-ayl...@ilande.co.uk>
Signed-off-by: Mark Cave
This allows these functions to be used earlier in the file without needing a
separate forward declaration.
Signed-off-by: Mark Cave-Ayland
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Paolo Bonzini
Message-Id: <20240324191707.623175-14-mark.cave-ayl...@ilande.co.uk>
Signed-off-by: Mark Cave
Now that all users of esp_fifo_pop_buf() operate on the main FIFO there is no
need to pass the FIFO explicitly.
Signed-off-by: Mark Cave-Ayland
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Paolo Bonzini
Message-Id: <20240324191707.623175-9-mark.cave-ayl...@ilande.co.uk>
Signed-off-by: Mark
There are still a few places that use fifo8_push() instead of esp_fifo_push() in
order to push a value into the FIFO. Update those places to use esp_fifo_push()
instead.
Signed-off-by: Mark Cave-Ayland
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Paolo Bonzini
Message-Id: <20240324191707.62
On Wed, 3 Apr 2024 at 11:18, Jinjie Ruan wrote:
>
> This patch set implements FEAT_NMI and FEAT_GICv3_NMI for ARMv8. These
> introduce support for a new category of interrupts in the architecture
> which we can use to provide NMI like functionality.
Looking through the Arm ARM pseudocode at place
On 4/4/24 7:35 AM, Eugenio Perez Martin wrote:
On Wed, Apr 3, 2024 at 6:51 PM Jonah Palmer wrote:
On 4/3/24 6:18 AM, Eugenio Perez Martin wrote:
On Thu, Mar 28, 2024 at 5:22 PM Jonah Palmer wrote:
Initialize sequence variables for VirtQueue and VirtQueueElement
structures. A VirtQueue
On Wed, 3 Apr 2024 at 11:18, Jinjie Ruan wrote:
>
> Wire the new NMI and VINMI interrupt line from the GIC to each CPU.
>
> Signed-off-by: Jinjie Ruan
> Reviewed-by: Richard Henderson
> ---
> v9:
> - Rename ARM_CPU_VNMI to ARM_CPU_VINMI.
> - Update the commit message.
> v4:
> - Add Reviewed-by.
The saturation arithmetic logic in helper_macl is not correct.
I tested and verified this behavior on a SH7091, the general pattern
is a code sequence such as:
sets
mov.l _mach,r2
lds r2,mach
mov.l _macl,r2
lds r2,macl
mova _n,r0
mov r0,r1
On Thu, 4 Apr 2024 at 16:12, Zack Buhman wrote:
>
> The saturation arithmetic logic in helper_macl is not correct.
>
> I tested and verified this behavior on a SH7091, the general pattern
> is a code sequence such as:
>
> sets
>
> mov.l _mach,r2
> lds r2,mach
> mov.
On Thursday, April 4, 2024 10:12 PM, Peter Xu wrote:
> On Thu, Apr 04, 2024 at 06:05:50PM +0800, Wei Wang wrote:
> > Before loading the guest states, ensure that the preempt channel has
> > been ready to use, as some of the states (e.g. via virtio_load) might
> > trigger page faults that will be ha
The saturation arithmetic logic in helper_macl is not correct.
I tested and verified this behavior on a SH7091, the general pattern
is a code sequence such as:
sets
mov.l _mach,r2
lds r2,mach
mov.l _macl,r2
lds r2,macl
mova _n,r0
mov r0,r1
On Thu, Apr 4, 2024 at 4:42 PM Jonah Palmer wrote:
>
>
>
> On 4/4/24 7:35 AM, Eugenio Perez Martin wrote:
> > On Wed, Apr 3, 2024 at 6:51 PM Jonah Palmer wrote:
> >>
> >>
> >>
> >> On 4/3/24 6:18 AM, Eugenio Perez Martin wrote:
> >>> On Thu, Mar 28, 2024 at 5:22 PM Jonah Palmer
> >>> wrote:
> >
On Thu, 4 Apr 2024 at 17:26, Zack Buhman wrote:
>
> The saturation arithmetic logic in helper_macl is not correct.
>
> I tested and verified this behavior on a SH7091, the general pattern
> is a code sequence such as:
>
> sets
>
> mov.l _mach,r2
> lds r2,mach
> mov.
On 4/5/2024 0:25, Wang, Wei W wrote:> On Thursday, April 4, 2024 10:12 PM, Peter
Xu wrote:
>> On Thu, Apr 04, 2024 at 06:05:50PM +0800, Wei Wang wrote:
>>> Before loading the guest states, ensure that the preempt channel has
>>> been ready to use, as some of the states (e.g. via virtio_load) might
If a virtio-net device has the VIRTIO_NET_F_MRG_RXBUF feature
but not the VIRTIO_RING_F_INDIRECT_DESC feature,
'VirtIONetQueue->rx_vq' will use the merge feature
to store data in multiple 'elems'.
The 'num_buffers' in the virtio header indicates how many elements are merged.
If the value of 'num_bu
Hi Zack,
Cc'ing the maintainer of this file, Yoshinori:
$ ./scripts/get_maintainer.pl -f target/sh4/op_helper.c
Yoshinori Sato (reviewer:SH4 TCG CPUs)
(https://www.qemu.org/docs/master/devel/submitting-a-patch.html#cc-the-relevant-maintainer)
On 4/4/24 18:39, Peter Maydell wrote:
On Thu, 4 Ap
On Thu, 4 Apr 2024 at 14:58, Stefan Hajnoczi wrote:
>
> The following changes since commit 786fd793b81410fb2a28914315e2f05d2ff6733b:
>
> Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
> (2024-04-03 12:52:03 +0100)
>
> are available in the Git repository at:
>
> https
ilable in the Git repository at:
>
> https://github.com/mcayland/qemu.git tags/qemu-sparc-20240404
>
> for you to fetch changes up to d7fe931818d5e9aa70d08056c43b496ce789ba64:
>
> esp.c: remove explicit setting of DRQ withi
EL2 accesses to CNTPOFF_EL2 should only ever trap to EL3 if EL3 is
present, as described by the reference manual (for MRS):
/* ... */
elsif PSTATE.EL == EL2 then
if Halted() && HaveEL(EL3) && /*...*/ then
UNDEFINED;
elsif HaveEL(EL3) && SCR_EL3.ECVEn == '0' then
Hi,
On Thursday, April 4, 2024 12:07:49 AM IST Eugenio Perez Martin wrote:
> On Wed, Apr 3, 2024 at 4:36 PM Sahil wrote:
> [...]
> > I would like to clarify one thing in the figure "Full two-entries
> > descriptor table". The driver can only overwrite a used descriptor in the
> > descriptor ring,
Replace qemu_bh_new_guarded() by virtio_bh_new_guarded()
so the bus and device use the same guard. Otherwise the
DMA-reentrancy protection can be bypassed:
$ cat << EOF | qemu-system-i386 -display none -nodefaults \
-machine q35,accel=qtest \
Gerd suggested to use the transport guard to protect the
device from DMA re-entrancy abuses.
Philippe Mathieu-Daudé (4):
hw/virtio: Introduce virtio_bh_new_guarded() helper
hw/display/virtio-gpu: Protect from DMA re-entrancy bugs
hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs
Replace qemu_bh_new_guarded() by virtio_bh_new_guarded()
so the bus and device use the same guard. Otherwise the
DMA-reentrancy protection can be bypassed.
Cc: qemu-sta...@nongnu.org
Suggested-by: Alexander Bulekov
Signed-off-by: Philippe Mathieu-Daudé
---
hw/char/virtio-serial-bus.c | 3 +--
1
Replace qemu_bh_new_guarded() by virtio_bh_new_guarded()
so the bus and device use the same guard. Otherwise the
DMA-reentrancy protection can be bypassed.
Cc: qemu-sta...@nongnu.org
Suggested-by: Alexander Bulekov
Signed-off-by: Philippe Mathieu-Daudé
---
hw/virtio/virtio-crypto.c | 4 ++--
1
Introduce virtio_bh_new_guarded(), similar to qemu_bh_new_guarded()
but using the transport memory guard, instead of the device one
(there can only be one virtio device per virtio bus).
Inspired-by: Gerd Hoffmann
Signed-off-by: Philippe Mathieu-Daudé
---
include/hw/virtio/virtio.h | 7 +++
Hi,
While reworking include/exec/ I have to build many configs
to be sure nothing breaks. qemu-user is particularly
sensitive to changes in this directory (mostly because
all user-specific files include "qemu.h", itself including
various exec/ headers). Getting tired of this waste I had
a look at
Currently monitor stubs are scattered in 3 files.
Merge these stubs in 2 files, a generic one (monitor-core)
included in all builds (in particular user emulation), and
a less generic one to be included by tools and system emulation.
Signed-off-by: Philippe Mathieu-Daudé
---
stubs/fdset.c
1 - 100 of 147 matches
Mail list logo
