We will need a backend interface for performing 8-bit zero-extend.
Use it in tcg_reg_alloc_op in the meantime.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
We will need a backend interface for performing 8-bit sign-extend.
Use it in tcg_reg_alloc_op in the meantime.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Hexagon update
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEENjXHiM5iuR/UxZq0ewJE+xLeRCIFAmRCu/gACgkQewJE+xLe
# RCIlnQgAkdLjTQGC+V+HKIcuD6BWCqk+fRuMAI7Ban/bq/bN5nm4xv8rWIdBAKkj
# xj1MxWgW/yns76A/OupC6tJD/1PvkdvCGUPIdRphK60raP3l1o88ivs2WsJdw9/O
# PAubqwyYNhdnEIhiA9QOVkUoh7rVVKzpri2ldRNdmxBc9tQi9POYvKSVy6rSoiQw
# rhrYfpc0fd50L4oeT1rqpCad9NrbDlCwrRSc/1oA/pUPiuxUYYr6BiIx0ytbTvH2
# aMJUdA2ynkrgxkFn3v42qOrT7M9cs1b7abHz9obWibl6Jqcl4AIoKvF/kAuDmQuV
# FAq8Qhn/cK49M9xCEZOI8olE/xIUjQ==
# =+I8i
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 21 Apr 2023 05:38:16 PM BST
# gpg: using RSA key 3635C788CE62B91FD4C59AB47B0244FB12DE4422
# gpg: Good signature from "Taylor Simpson (Rock on) <tsimpson@quicinc.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 3635 C788 CE62 B91F D4C5 9AB4 7B02 44FB 12DE 4422
* tag 'pull-hex-20230421' of https://github.com/quic/qemu:
Hexagon (target/hexagon) Add overrides for cache/sync/barrier instructions
Hexagon (target/hexagon) Remove unused slot variable in helpers
Hexagon (tests/tcg/hexagon) Move HVX test infra to header file
Hexagon (target/hexagon) Updates to USR should use get_result_gpr
Hexagon (target/hexagon) Add overrides for count trailing zeros/ones
Hexagon (target/hexagon) Merge arguments to probe_pkt_scalar_hvx_stores
Hexagon (target/hexagon) Remove redundant/unused macros
Use black code style for python scripts
Use f-strings in python scripts
Hexagon (translate.c): avoid redundant PC updates on COF
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* Optional use of Meson wrap for slirp
* Coverity fixes
* Avoid -Werror=maybe-uninitialized
* Mark coroutine QMP command functions as coroutine_fn
* Mark functions that suspend as coroutine_mixed_fn
* target/i386: Fix SGX CPUID leaf
* First batch of qatomic_mb_read() removal
* Small atomic.rst improvement
* NBD cleanup
* Update libvirt-ci submodule
# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmRBAzwUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroP64gf+NzLW95tylCfhKuuLq/TjuOTQqHCD
# KVLlA1I3pwJfk4SUuigrnaJtwfa/tBiWxfaivUdPAzPzeXyxcVSOps0neohrmFBh
# 2e3ylBWWz22K0gkLtrFwJT99TVy6w6Xhj9SX8HPRfxl4k8yMPrUJNW78hh6APAwq
# /etZY6+ieHC7cwG4xluhxsHnxnBYBYD+18hUd+b5LchD/yvCSCNNiursutpa0Ar/
# r/HtDwNFKlaApO3sU4R3yYgdS1Fvcas4tDZaumADsQlSG5z+UeJldc98LiRlFrAA
# gnskBSaaly/NgWqY3hVCYaBGyjD4lWPkX/FEChi0XX6Fl1P0umQAv/7z3w==
# =XSAs
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 20 Apr 2023 10:17:48 AM BST
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [undefined]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (25 commits)
tests: lcitool: Switch to OpenSUSE Leap 15.4
tests: libvirt-ci: Update to commit '2fa24dce8bc'
configure: Honour cross-prefix when finding ObjC compiler
coverity: unify Fedora dockerfiles
nbd: a BlockExport always has a BlockBackend
docs: explain effect of smp_read_barrier_depends() on modern architectures
qemu-coroutine: remove qatomic_mb_read()
postcopy-ram: do not use qatomic_mb_read
block-backend: remove qatomic_mb_read()
target/i386: Change wrong XFRM value in SGX CPUID leaf
monitor: mark mixed functions that can suspend
migration: mark mixed functions that can suspend
io: mark mixed functions that can suspend
qapi-gen: mark coroutine QMP command functions as coroutine_fn
target/mips: tcg: detect out-of-bounds accesses to cpu_gpr and cpu_gpr_hi
coverity: update COMPONENTS.md
lasi: fix RTC migration
target/i386: Avoid unreachable variable declaration in mmu_translate()
configure: Avoid -Werror=maybe-uninitialized
tests: bios-tables-test: replace memset with initializer
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Merge tpm 2023/04/20 v1
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmRBLgoACgkQda1lgCoL
# QhEPyQf/WfEg8k2hDLExobsSgup1IsnT+mHHTBOZVJvq2efg2YXUTHA56fmD9X6d
# crqTq68L5oaMES5iYEZhA7EAgfk3RvxDQGrlXBByPzrc6SSwEHHMR4Zzi5zrbCoW
# t6TmaKQrlQqYwkhhsbyqnG46bj0ugCDagkBLfJdVl96fjkYgTspcDxaNwqwy/DPn
# GTmQlvdRY09D1nylIdtcLBIfsM+sIkRslyngbUEIy+Bx8EWRy2a8Qw0BdY9g1XoE
# e0CaRaFMpju1KOIjq0YSIzt0LSQDFfPc1IlUAC0ZALhNmp+PPNtr4E7+4kFfO2ym
# 1sT2w25ho8dYDdm/m8tIauCdGoHw4A==
# =ML27
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 20 Apr 2023 01:20:26 PM BST
# gpg: using RSA key B818B9CADF9089C2D5CEC66B75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE C66B 75AD 6580 2A0B 4211
* tag 'pull-tpm-2023-04-20-1' of https://github.com/stefanberger/qemu-tpm:
qtest: Add a test case for TPM TIS I2C connected to Aspeed I2C controller
qtest: Move tpm_util_tis_transmit() into tpm-tis-utils.c and rename it
qtest: Add functions for accessing devices on Aspeed I2C controller
tests/avocado/aspeed: Add TPM TIS I2C test
tpm: Add support for TPM device over I2C bus
tpm: Extend common APIs to support TPM TIS I2C
docs: Add support for TPM devices over I2C bus
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The slot variable in helpers was only passed to log_reg_write function
where the argument is unused.
- Remove declaration from generated helper functions
- Remove slot argument from log_reg_write
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230407204521.357244-1-tsimpson@quicinc.com>
The following instructions are overriden
S2_ct0 Count trailing zeros
S2_ct1 Count trailing ones
S2_ct0p Count trailing zeros (register pair)
S2_ct1p Count trailing ones (register pair)
These instructions are not handled by idef-parser because the
imported semantics uses bit-reverse. However, they are
straightforward to implement in TCG with tcg_gen_ctzi_*
Test cases added to tests/tcg/hexagon/misc.c
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230405164211.30015-1-tsimpson@quicinc.com>
Remove the following macros (remnants of the old generator design)
READ_REG
READ_PREG
WRITE_RREG
WRITE_PREG
Modify macros that rely on the above
The following are unused
READ_IREG
fGET_FIELD
fSET_FIELD
fREAD_P3
fREAD_NPC
fWRITE_LC0
fWRITE_LC1
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230405183048.147767-1-tsimpson@quicinc.com>
When there is a conditional change of flow or an endloop instruction, we
preload HEX_REG_PC with ctx->next_PC at gen_start_packet(). Nonetheless,
we still generate TCG code to do this update again at gen_goto_tb() when
the condition for the COF is not met, thus producing redundant
instructions. This can be seen with the following packet:
0x004002e4: 0x5c20d000 { if (!P0) jump:t PC+0 }
Which generates this TCG code:
---- 004002e4
-> mov_i32 pc,$0x4002e8
and_i32 loc9,p0,$0x1
mov_i32 branch_taken,loc9
add_i32 pkt_cnt,pkt_cnt,$0x2
add_i32 insn_cnt,insn_cnt,$0x2
brcond_i32 branch_taken,$0x0,ne,$L1
goto_tb $0x0
mov_i32 pc,$0x4002e4
exit_tb $0x7fb0c36e5200
set_label $L1
goto_tb $0x1
-> mov_i32 pc,$0x4002e8
exit_tb $0x7fb0c36e5201
set_label $L0
exit_tb $0x7fb0c36e5203
Note that even after optimizations, the redundant PC update is still
present:
---- 004002e4
-> mov_i32 pc,$0x4002e8 sync: 0 dead: 0 1 pref=0xffff
mov_i32 branch_taken,$0x1 sync: 0 dead: 0 1 pref=0xffff
add_i32 pkt_cnt,pkt_cnt,$0x2 sync: 0 dead: 0 1 pref=0xffff
add_i32 insn_cnt,insn_cnt,$0x2 sync: 0 dead: 0 1 2 pref=0xffff
goto_tb $0x1
-> mov_i32 pc,$0x4002e8 sync: 0 dead: 0 1 pref=0xffff
exit_tb $0x7fb0c36e5201
set_label $L0
exit_tb $0x7fb0c36e5203
With this patch, the second redundant update is properly discarded.
Note that we need the additional "move_to_pc" flag instead of just
avoiding the update whenever `dest == ctx->next_PC`, as that could
potentially skip updates from a COF with met condition, whose
ctx->branch_dest just happens to be equal to ctx->next_PC.
Signed-off-by: Matheus Tavares Bernardino <quic_mathbern@quicinc.com>
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Reviewed-by: Anton Johansson <anjo@rev.ng>
Reviewed-by: Taylor Simpson <tsimpson@quicinc.com>
Message-Id: <fc059153c3f0526d97b7f13450c02b276b0908e1.1679519341.git.quic_mathbern@quicinc.com>
* Compat machines for version 8.1
* Allow setting a chardev input file on the command line
* Fix .travis.yml to work with non-public Travis instances, too
* Move a lot of code from specifc_ss into softmmu_ss
* Add a test case for TPM TIS I2C connected to Aspeed I2C controller
* Update tests/vm/freebsd to version 13
* Some more misc minor fixes here and there
# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmRBDtMRHHRodXRoQHJl
# ZGhhdC5jb20ACgkQLtnXdP5wLbXfjw//UYytlyZsDOLAMfFNGQViMmVf29KbrDRe
# doDh4Nl1oZLNKm9C5XlQExhsRbLm6Hi9nyQvSCJs4CvZ1jBY6U7GfgMNIaozXWb3
# 4gQyJb9ACe/z8bQmPUVF2sdW1QZ9zpf8LWpCOTGUZiI2Tevzkz7b/F5ZxiQiseG6
# dXe8UIwdZhG4jz2+6viqjHiGlKoBkegGYoJthcwnR07aRz2woiNr7rKRiJEiv2G7
# UfMVB96uLkpEhaDoohz440/rjviazO1nt6HDvgEajXT1X5P/8phT9IvT7olAZXZH
# R2Qm6YyYcSWavoPms3AryAWG8FjomcyBjuebfAVW5/x+fl/401sn9quBMoZrYPEX
# dfzF64vVokdXNQEH6+qc95PdB6/+d0CZPY8ilMRtAttf2sMw7IgqhG3zDLbj9t6R
# dns2/DY9zu2pp07IEAXn/iVbW4rl2HADUQncr6B/cPy++lYiFvv7LX8OE+YWOsk0
# gvxzYx6rRhr5j7xT1sP30pLwsG3mX7qRDfba1Bt19CzSbu7UGN+w+S1xclgZDoqE
# 0AZIeVUuqqNTEoBLoa2xHUDGs9NjeI2+qIh0R5csS/bqDscLXj0cOluvJO48n4Rt
# +SGQSCSmU/lxn6EbBz4tw3orlp0clBH9fEaSg9lYxuUTYvQOpdYS7u4d63VQFvzp
# dwQ9LRDFNsA=
# =8ZFL
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 20 Apr 2023 11:07:15 AM BST
# gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg: issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [undefined]
# gpg: aka "Thomas Huth <thuth@redhat.com>" [undefined]
# gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# gpg: aka "Thomas Huth <huth@tuxfamily.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5
* tag 'pull-request-2023-04-20' of https://gitlab.com/thuth/qemu: (23 commits)
tests/vm/freebsd: Update to FreeBSD 13.2
qtest: Add a test case for TPM TIS I2C connected to Aspeed I2C controller
qtest: Move tpm_util_tis_transmit() into tpm-tis-utils.c and rename it
qtest: Add functions for accessing devices on Aspeed I2C controller
MAINTAINERS: Add Juan Quintela to developer guides review
cpu: Remove parameter of list_cpus()
hw/core: Move numa.c into the target independent source set
softmmu: Move dirtylimit.c into the target independent source set
hw/display: Compile vga.c as target-independent code
softmmu: Make qtest.c target independent
include/exec: Provide the tswap() functions for target independent code, too
softmmu/qtest: Move the target-specific pseries RTAS code out of qtest.c
hw/char: Move two more files from specific_ss to softmmu_ss
target/i386: Set family/model/stepping of the "max" CPU according to LM bit
tests/migration: Only run auto_converge in slow mode
travis.yml: Add missing 'flex', 'bison' packages to 'GCC (user)' job
travis.yml: Add missing clang-10 package to the 'Clang (disable-tcg)' job
chardev: Allow setting file chardev input file on the command line
qtest: Don't assert on "-qtest chardev:myid"
test: Fix test-crypto-secret when compiling without keyring support
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Currently block_resize qmp command is simply ignored by vhost-user-blk
export. So, the block-node is successfully resized, but virtio config
is unchanged and guest doesn't see that disk is resized.
Let's handle the resize by modifying the config and notifying the guest
appropriately.
After this comment, lsblk in linux guest with attached
vhost-user-blk-pci device shows new size immediately after block_resize
QMP command on vhost-user exported block node.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-Id: <20230321201323.3695923-1-vsementsov@yandex-team.ru>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
This patch provides accessor functions as replacements for direct
access to slot_reserved_mask according to the comment at the top
of include/hw/pci/pci_bus.h which advises that data structures for
PCIBus should not be directly accessed but instead be accessed using
accessor functions in pci.h.
Three accessor functions can conveniently replace all direct accesses
of slot_reserved_mask. With this patch, the new accessor functions are
used in hw/sparc64/sun4u.c and hw/xen/xen_pt.c and pci_bus.h is removed
from the included header files of the same two files.
No functional change intended.
Signed-off-by: Chuck Zmudzinski <brchuckz@aol.com>
Message-Id: <b1b7f134883cbc83e455abbe5ee225c71aa0e8d0.1678888385.git.brchuckz@aol.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> [sun4u]
Aside the Frankenstein model of a SysBusDevice realizing a PCIDevice,
QOM parents shouldn't access children internals. In this particular
case, amdvi_sysbus_realize() is just open-coding TYPE_AMD_IOMMU_PCI's
DeviceRealize() handler. Factor it out.
Declare QOM-cast macros with OBJECT_DECLARE_SIMPLE_TYPE() so we can
cast the AMDVIPCIState in amdvi_pci_realize().
Note this commit removes the single use in the repository of
pci_add_capability() and msi_init() on a *realized* QDev instance.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230313153031.86107-7-philmd@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Set PCI static/const fields once in amdvi_pci_class_init.
They will be propagated via DeviceClassRealize handler via
pci_qdev_realize() -> do_pci_register_device() -> pci_config_set*().
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230313153031.86107-6-philmd@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The 'PCI capability offset' is a *PCI* notion. Since AMDVIPCIState
inherits PCIDevice and hold PCI-related fields, move capab_offset
from AMDVIState to AMDVIPCIState.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230313153031.86107-5-philmd@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
AMDVIState::devid is only accessed by build_amd_iommu() which
has access to the PCIDevice state. Directly get the property
calling object_property_get_int() there.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230313153031.86107-4-philmd@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
By accessing MemoryRegion internals, amdvi_init() gives the false
idea that the PCI BAR can be modified. However this isn't true
(at least the model isn't ready for that): the device is explicitly
maps at the BAR at the fixed AMDVI_BASE_ADDR address in
amdvi_sysbus_realize(). Since the SysBus API isn't designed to
remap regions, directly use the fixed address in amdvi_init().
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230313153031.86107-3-philmd@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Optimize the virtio-balloon feature on the ARM platform by adding
a variable to keep track of the current hot-plugged pc-dimm size,
instead of traversing the virtual machine's memory modules to count
the current RAM size during the balloon inflation or deflation
process. This variable can be updated only when plugging or unplugging
the device, which will result in an increase of approximately 60%
efficiency of balloon process on the ARM platform.
We tested the total amount of time required for the balloon inflation process on ARM:
inflate the balloon to 64GB of a 128GB guest under stress.
Before: 102 seconds
After: 42 seconds
Signed-off-by: Qi Xi <xiqi2@huawei.com>
Signed-off-by: Ming Yang yangming73@huawei.com
Message-Id: <e13bc78f96774bfab4576814c293aa52@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: David Hildenbrand <david@redhat.com>
The current model of memory mapping at the back-end works fine where a
standard call to mmap() (for the respective file descriptor) is enough
before the front-end can start accessing the guest memory.
There are other complex cases though where the back-end needs more
information and simple mmap() isn't enough. For example Xen, a type-1
hypervisor, currently supports memory mapping via two different methods,
foreign-mapping (via /dev/privcmd) and grant-dev (via /dev/gntdev). In
both these cases, the back-end needs to call mmap() and ioctl(), with
extra information like the Xen domain-id of the guest whose memory we
are trying to map.
Add a new protocol feature, 'VHOST_USER_PROTOCOL_F_XEN_MMAP', which lets
the back-end know about the additional memory mapping requirements.
When this feature is negotiated, the front-end will send the additional
information within the memory regions themselves.
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>
Message-Id: <6d0bd7f0e1aeec3ddb603ae4ff334c75c7d0d7b3.1678351495.git.viresh.kumar@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
The same layout is defined twice, once in "single memory region
description" and then in "memory regions description".
Separate out details of memory region from these two and reuse the same
definition later on.
While at it, also rename "memory regions description" to "multiple
memory regions description", to avoid potential confusion around similar
names. And define single region before multiple ones.
This is just a documentation optimization, the protocol remains the same.
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>
Message-Id: <7c3718e5eb99178b22696682ae73aca6df1899c7.1678351495.git.viresh.kumar@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
When a virtqueue size is changed by the guest via
virtio_queue_set_num(), its region cache is not automatically updated.
If the size was increased, this could lead to accessing the cache out
of bounds. For example, in vring_get_used_event():
static inline uint16_t vring_get_used_event(VirtQueue *vq)
{
return vring_avail_ring(vq, vq->vring.num);
}
static inline uint16_t vring_avail_ring(VirtQueue *vq, int i)
{
VRingMemoryRegionCaches *caches = vring_get_region_caches(vq);
hwaddr pa = offsetof(VRingAvail, ring[i]);
if (!caches) {
return 0;
}
return virtio_lduw_phys_cached(vq->vdev, &caches->avail, pa);
}
vq->vring.num will be greater than caches->avail.len, which will
trigger a failed assertion down the call path of
virtio_lduw_phys_cached().
Fix this by calling virtio_init_region_cache() after
virtio_queue_set_num() if we are not already calling
virtio_queue_set_rings(). In the legacy path this is already done by
virtio_queue_update_rings().
Signed-off-by: Carlos López <clopez@suse.de>
Message-Id: <20230317002749.27379-1-clopez@suse.de>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Acked-by: Halil Pasic <pasic@linux.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
To be able to remove tpm_tis_base_addr from test cases that do not really
need it move the tpm_util_tis_transmit() function into tpm-tis-utils.c and
rename it to tpm_tis_transmit().
Fix a locality parameter in a test case on the way.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Ninad Palsule <ninad@linux.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20230331173051.3857801-3-stefanb@linux.ibm.com
Add a new buildroot image based test that attaches a TPM emulator to the
I2C bus and checks for a known PCR0 value for the image that was booted.
Note that this does not tear down swtpm process when qemu execution fails.
The swtpm process will exit when qemu exits if a connection has been
made, but if the test errors before connection then the swtpm process
will still be around.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Ninad Palsule <ninad@linux.ibm.com>
Message-id: 20230328120844.190914-1-joel@jms.id.au
Qemu already supports devices attached to ISA and sysbus. This drop adds
support for the I2C bus attached TPM devices. I2C model only supports
TPM2 protocol.
This commit includes changes for the common code.
- Added I2C emulation model. Logic was added in the model to temporarily
cache the data as I2C interface works per byte basis.
- New tpm type "tpm-tis-i2c" added for I2C support. The user has to
provide this string on command line.
Testing:
TPM I2C device module is tested using SWTPM (software based TPM
package). Qemu uses the rainier machine and is connected to swtpm over
the socket interface.
The command to start swtpm is as follows:
$ swtpm socket --tpmstate dir=/tmp/mytpm1 \
--ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \
--tpm2 --log level=100
The command to start qemu is as follows:
$ qemu-system-arm -M rainier-bmc -nographic \
-kernel ${IMAGEPATH}/fitImage-linux.bin \
-dtb ${IMAGEPATH}/aspeed-bmc-ibm-rainier.dtb \
-initrd ${IMAGEPATH}/obmc-phosphor-initramfs.rootfs.cpio.xz \
-drive file=${IMAGEPATH}/obmc-phosphor-image.rootfs.wic.qcow2,if=sd,index=2 \
-net nic -net user,hostfwd=:127.0.0.1:2222-:22,hostfwd=:127.0.0.1:2443-:443 \
-chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
-tpmdev emulator,id=tpm0,chardev=chrtpm \
-device tpm-tis-i2c,tpmdev=tpm0,bus=aspeed.i2c.bus.12,address=0x2e
Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Tested-by: Joel Stanley <joel@jms.id.au>
Message-id: 20230414220754.1191476-4-ninadpalsule@us.ibm.com
Qemu already supports devices attached to ISA and sysbus. This drop adds
support for the I2C bus attached TPM devices.
This commit includes changes for the common code.
- Added support for the new checksum registers which are required for
the I2C support. The checksum calculation is handled in the qemu
common code.
- Added wrapper function for read and write data so that I2C code can
call it without MMIO interface.
The TPM TIS I2C spec describes in the table in section "Interface Locality
Usage per Register" that the TPM_INT_ENABLE and TPM_INT_STATUS registers
must be writable for any locality even if the locality is not the active
locality. Therefore, remove the checks whether the writing locality is the
active locality for these registers.
Signed-off-by: Ninad Palsule <ninad@linux.ibm.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Tested-by: Joel Stanley <joel@jms.id.au>
Message-id: 20230414220754.1191476-3-ninadpalsule@us.ibm.com
According to QEMU's support policy, we stop supporting the previous
major release two years after the the new major release has been
published. So we can stop testing FreeBSD 12 now and should switch
our FreeBSD VM to version 13 instead.
Some changes are needed for this update: The downloadable .ISO images
do not use the serial port as console by default anymore, so they
are not usable in the same way as with FreeBSD 12. Fortunately, the
FreeBSD project now also offers some pre-installed CI images that
have the serial console enabled, so we can use those now, with the
benefit that we can skip almost all parts of the previous installation
process.
Message-Id: <20230419144553.719749-1-thuth@redhat.com>
Reviewed-by: Warner Losh <imp@bsdimp.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
The SOC on i.MX6UL and i.MX7 has 2 Ethernet interfaces. The PHY on each may
be connected to separate MDIO busses, or both may be connected on the same
MDIO bus using different PHY addresses. Commit 461c51ad42 ("Add a phy-num
property to the i.MX FEC emulator") added support for specifying PHY
addresses, but it did not provide support for linking the second PHY on
a given MDIO bus to the other Ethernet interface.
To be able to support two PHY instances on a single MDIO bus, two properties
are needed: First, there needs to be a flag indicating if the MDIO bus on
a given Ethernet interface is connected. If not, attempts to read from this
bus must always return 0xffff. Implement this property as phy-connected.
Second, if the MDIO bus on an interface is active, it needs a link to the
consumer interface to be able to provide PHY access for it. Implement this
property as phy-consumer.
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20230315145248.1639364-2-linux@roeck-us.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
