Until commit 1c778ef7 ("nbd: convert to using I/O channels for actual
socket I/O", 2016-02-16), nbd_wr_sync returned -EAGAIN this scenario.
nbd_reply_ready required these semantics because it has two conflicting
requirements:
1) if a reply can be received on the socket, nbd_reply_ready needs
to read the header outside coroutine context to identify _which_
coroutine to enter to process the rest of the reply
2) on the other hand, nbd_reply_ready can find a false positive if
another thread (e.g. a VCPU thread running aio_poll) sneaks in and
calls nbd_reply_ready too. In this case nbd_reply_ready does nothing
and expects nbd_wr_syncv to return -EAGAIN.
Currently, the solution to the first requirement is to wait in the very
rare case of a read() that doesn't retrieve the reply header in its
entirety; this is what nbd_wr_syncv does by calling qio_channel_wait().
However, the unconditional call to qio_channel_wait() breaks the second
requirement. To fix this, the patch makes nbd_wr_syncv return -EAGAIN
if done is zero, similar to the code before commit 1c778ef7.
This is okay because NBD client-side negotiation is the only other case
that calls nbd_wr_syncv outside a coroutine, and it places the socket
in blocking mode. On the other hand, it is a bit unpleasant to put
this in nbd_wr_syncv(), because the function is used by both client
and server.
The full fix would be to add a counter to NbdClientSession for how
many bytes have been filled in s->reply. Then a reply can be filled
by multiple separate invocations of nbd_reply_ready and the
qio_channel_wait() call can be removed completely. Something to
consider for 2.7...
Reported-by: Changlong Xie <xiecl.fnst@cn.fujitsu.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
nbd-server.c currently fails to handle unsupported options properly.
If during option haggling the client sends an unknown request, the
server kills the connection instead of letting the client try to
fall back to something older. This is precisely what advertising
NBD_FLAG_FIXED_NEWSTYLE was supposed to fix.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1459982918-32229-1-git-send-email-eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
nbd-client.c currently fails to handle unsupported options properly.
If during option haggling the server finds an option that is
unsupported, it returns an NBD_REP_ERR_UNSUP reply.
According to nbd's proto.md, the format for such a reply
should be:
S: 64 bits, 0x3e889045565a9 (magic number for replies)
S: 32 bits, the option as sent by the client to which this is a reply
S: 32 bits, reply type (e.g., NBD_REP_ACK for successful completion,
or NBD_REP_ERR_UNSUP to mark use of an option not known by this server
S: 32 bits, length of the reply. This may be zero for some replies,
in which case the next field is not sent
S: any data as required by the reply (e.g., an export name in the case
of NBD_REP_SERVER, or optional UTF-8 message for NBD_REP_ERR_*)
However, in nbd-client.c, the reply type was being read, and if it
contained an error, it was bailing out and issuing the next option
request without first reading the length. This meant that the
next option / handshake read had an extra 4 or more bytes of data in it.
In practice, this makes Qemu incompatible with servers that do not
support NBD_OPT_LIST.
To verify this isn't an error in the specification or my reading of
it, replies are sent by the reference implementation here:
https://github.com/yoe/nbd/blob/66dfb35/nbd-server.c#L1232
and as is evident it always sends a 'datasize' (aka length) 32 bit
word. Unsupported elements are replied to here:
https://github.com/yoe/nbd/blob/66dfb35/nbd-server.c#L1371
Signed-off-by: Alex Bligh <alex@alex.org.uk>
Message-Id: <1459882500-24316-1-git-send-email-alex@alex.org.uk>
[rework to ALWAYS consume an optional UTF-8 message from the server]
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1459961962-18771-1-git-send-email-eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit 3d4b2f9c added -x to force qemu-nbd to use new-style
negotiation, but while it documented it in the man page, it
omitted docs in the --help output.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1459908128-11925-1-git-send-email-eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Print debug tracing messages while data is still in native
ordering, rather than after we've potentially swapped it into
network order for transmission. Also, it's nice if the server
mentions what it is replying, to correlate it to with what the
client says it is receiving.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1459913704-19949-4-git-send-email-eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The compiler is smart enough to optimize out 'if (0)', but won't
type-check our printfs if they are hidden behind #if.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1459913704-19949-3-git-send-email-eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The NBD Protocol requires that servers should send EPERM for
attempts to write (or trim) a read-only export. We were
correct for TRIM (blk_co_discard() gave EPERM); but were
manually setting EROFS which then got mapped to EINVAL over
the wire on writes.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1459913704-19949-2-git-send-email-eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The space between 7000 and 8000 is too wide by 1 character.
Also correct the range of vga-window example 0xa0000-0xbffff.
Signed-off-by: Wei Jiangang <weijg.fnst@cn.fujitsu.com>
Message-Id: <1458639954-9980-1-git-send-email-weijg.fnst@cn.fujitsu.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This reverts commit 0d63b2dd31.
This change was originally intended to correct the HPET behavior
in conjunction with Linux, however the behavior that it actually creates
is not compatible with the ioapic.c implementation; it used to be
compatible with KVM's own IOAPIC but it is not anymore.
Signed-off-by: Bill Paul <wpaul@windriver.com>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Richard Henderson <rth@twiddle.net>
CC: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <201604051558.20070.wpaul@windriver.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This line has been added in commit ef74679a81 with
other initializations. However, scancode set 0 doesn't exist (only 1, 2, 3).
This works well as long as operating system is resetting keyboard, or overwriting
the current scancode set with the one it wants.
This fixes IBM 40p firmware, which doesn't bother sending KBD_CMD_RESET or KBD_CMD_SCANCODE.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Message-Id: <1458714100-28885-1-git-send-email-hpoussin@reactos.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The MIPS TCG backend is the only one to have
tcg_target_reg_alloc_order[] elements of type TCGReg rather than int.
This resulted in commit 91478cefaa ("tcg: Allocate indirect_base
temporaries in a different order") breaking the build on MIPS since the
type differed from indirect_reg_alloc_order[]:
tcg/tcg.c:1725:44: error: pointer type mismatch in conditional expression [-Werror]
order = rev ? indirect_reg_alloc_order : tcg_target_reg_alloc_order;
^
Make it an array of ints to fix the build and match other architectures.
Fixes: 91478cefaa ("tcg: Allocate indirect_base temporaries in a different order")
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Message-Id: <1459522179-6584-1-git-send-email-james.hogan@imgtec.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Commit 7836857 introduced a memory leak due to invalid use of
Error vs. visit_type_end(). If visiting the intermediate
members fails, we clear the error and unconditionally use
visit_end_struct() on the same error object; but if that
cleanup succeeds, we then skip the qapi_free call.
Until a later patch adds visit_check_struct(), the only safe
approach is to use two separate error objects.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-id: 1459526222-30052-1-git-send-email-eblake@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
Do the same as other scripts, to pick the correct interpreter between
python2 and python3 from the environment.
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1459504593-2692-1-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
* x86 KVM fixes (SynIC, KVM_GET/SET_MSRS)
* Memory API doc fix
* checkpatch fix
* Chardev and socket fixes
* NBD fixes
* exec.c SEGV fix
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAABCAAGBQJXA4nFAAoJEL/70l94x66DKqQIAIR+0iID6hXUDTtqa/D8ZgfY
kGrRyFjyhihsHAM+pLg4YaXGpdYFOBZTW0ZA2qjUoM7u/6uigpbTkQTC25wpMSnd
OpyApB0oEIv5vuwku1AayF43Meq9PuTl7baxM5gqqo8xzqkzbvlrfvX+62GYGai6
NATpAEMQAB7usKcTdUElcKczaiUlGDfail+LnKQoq+ih5xDH4LYwpkD9p5EQCTK1
pkF9LxAbRomFxAxar5m20zPFMMX+33QduEIvcUelTeZJN545R6di1eXMLpu5OGgu
21zZ8o1ahgrBNI9nQZkeaSaFvFQr+n5T6pIEaoPES5rrMyAg77o0Zv47fpCZFiI=
=ZB1f
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
* FreeBSD build fixes (atomics, qapi/error.h)
* x86 KVM fixes (SynIC, KVM_GET/SET_MSRS)
* Memory API doc fix
* checkpatch fix
* Chardev and socket fixes
* NBD fixes
* exec.c SEGV fix
# gpg: Signature made Tue 05 Apr 2016 10:47:49 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>"
* remotes/bonzini/tags/for-upstream:
net: fix missing include of qapi/error.h in netmap.c
nbd: Fix poor debug message
include/qemu/atomic: add compile time asserts
cpus: don't use atomic_read for vm_clock_warp_start
nbd: don't request FUA on FLUSH
doc/memory: update MMIO section
char: ensure all clients are in non-blocking mode
char: fix broken EAGAIN retry on OS-X due to errno clobbering
util: retry getaddrinfo if getting EAI_BADFLAGS with AI_V4MAPPED
checkpatch: add target_ulong to typelist
target-i386: assert that KVM_GET/SET_MSRS can set all requested MSRs
target-i386: do not pass MSR_TSC_AUX to KVM ioctls if CPUID bit is not set
memory: fix segv on qemu_ram_free(block=0x0)
target-i386/kvm: Hyper-V VMBus hypercalls blank handlers
update Linux headers to 4.6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The pbkdf test is being built based on a check for CONFIG_NETTLE.
As of fff2f982ab, it should be
instead checking CONFIG_NETTLE_KDF
Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Tested-by: Bruce Rogers <brogers@suse.com>
Tested-by: Ed Maste <emaste@freebsd.org>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
The docs for the secret object type specified the wrong number
of bytes for the AES initialization vector.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
The netmap.c file fails to build on FreeBSD with
net/netmap.c:95:9: warning: implicit declaration of function 'error_setg_errno' is invalid in C99 [-Wimplicit-function-declaration]
error_setg_errno(errp, errno, "Failed to nm_open() %s",
^
net/netmap.c:432:9: warning: implicit declaration of function 'error_propagate' is invalid in C99 [-Wimplicit-function-declaration]
error_propagate(errp, err);
^
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1459429690-6144-1-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The client sends messages to the server, not itself.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1459459222-8637-3-git-send-email-eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
To be safely portable no atomic access should be trying to do more than
the natural word width of the host. The most common abuse is trying to
atomically access 64 bit values on a 32 bit host.
This patch adds some QEMU_BUILD_BUG_ON to the __atomic instrinsic paths
to create a build failure if (sizeof(*ptr) > sizeof(void *)).
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <1459780549-12942-3-git-send-email-alex.bennee@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
As vm_clock_warp_start is a 64 bit value this causes problems for the
compiler trying to come up with a suitable atomic operation on 32 bit
hosts. Because the variable is protected by vm_clock_seqlock, we check its
value inside a seqlock critical section.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <1459780549-12942-2-git-send-email-alex.bennee@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The NBD protocol does not clearly document what will happen
if a client sends NBD_CMD_FLAG_FUA on NBD_CMD_FLUSH.
Historically, both the qemu and upstream NBD servers silently
ignored that flag, but that feels a bit risky. Meanwhile, the
qemu NBD client unconditionally sends the flag (without even
bothering to check whether the caller cares; at least with
NBD_CMD_WRITE the client only sends FUA if requested by a
higher layer).
There is ongoing discussion on the NBD list to fix the
protocol documentation to require that the server MUST ignore
the flag (unless the kernel folks can better explain what FUA
means for a flush), but until those doc improvements land, the
current nbd.git master was recently changed to reject the flag
with EINVAL (see nbd commit ab22e082), which now makes it
impossible for a qemu client to use FLUSH with an upstream NBD
server.
We should not send FUA with flush unless the upstream protocol
documents what it will do, and even then, it should be something
that the caller can opt into, rather than being unconditional.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1459526902-32561-1-git-send-email-eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
There is no memory_region_io(). And remove a stray '-'.
Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Message-Id: <1459507677-16662-1-git-send-email-caoj.fnst@cn.fujitsu.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Only some callers of tcp_chr_new_client are putting the
socket client into non-blocking mode. Move the call to
qio_channel_set_blocking() into the tcp_chr_new_client
method to guarantee that all code paths set non-blocking
mode
Reported-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Reported-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1458324041-22709-1-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Some of the chardev I/O paths really want to write the
complete data buffer even though the channel is in
non-blocking mode. To achieve this they look for EAGAIN
and g_usleep() for 100ms. Unfortunately the code is set
to check errno == EAGAIN a second time, after the g_usleep()
call has completed. On OS-X at least, g_usleep clobbers
errno to ETIMEDOUT, causing the retry to be skipped.
This failure to retry means the full data isn't written
to the chardev backend, which causes various failures
including making the tests/ahci-test qtest hang.
Rather than playing games trying to reset errno just
simplify the code to use a goto to retry instead of a
a loop.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1459438168-8146-2-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The FreeBSD header files define the AI_V4MAPPED but its
implementation of getaddrinfo() always returns an error
when that flag is set. eg
address resolution failed for localhost:9000: Invalid value for ai_flags
There are also reports of the same problem on OS-X 10.6
Since AI_V4MAPPED is not critical functionality, if we
get an EAI_BADFLAGS error then just retry without the
AI_V4MAPPED flag set. Use a static var to cache this
status so we don't have to retry on every single call.
Also remove its use from the test suite since it serves
no useful purpose there.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1459786920-15961-1-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
In some occasions, a patch [1] can start with a hunk containing a
simple type cast. At the time annotate_values() is run, the type is
unknown and the cast type is misinterpreted as a identifier, resulting
in an error if it is followed with a negative value:
ERROR: spaces required around that '-' (ctx:WxV)
It seems complex to catch all possible types in a cast expression. So,
as a fallback solution, let's add some common qemu types to the
typeList array.
[1] http://lists.nongnu.org/archive/html/qemu-devel/2016-03/msg06741.html
Signed-off-by: Cédric Le Goater <clg@fr.ibm.com>
Message-Id: <1459503606-31603-1-git-send-email-clg@fr.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
KVM does not let you read or write this MSR if the corresponding CPUID
bit is not set. This in turn causes MSRs that come after MSR_TSC_AUX
to be ignored by KVM_SET_MSRS.
One visible symptom is that s3.flat from kvm-unit-tests fails with
CPUs that do not have RDTSCP, because the SMBASE is not reset to
0x30000 after reset.
Fixes: c9b8f6b621
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Since f1060c55bf, the pointer is directly passed to
qemu_ram_free(). However, on initialization failure, it may be called
with a NULL pointer. Return immediately in this case.
This fixes a SEGV when memory initialization failed, for example
permission denied on open backing store /dev/hugepages, with -object
memory-backend-file,mem-path=/dev/hugepages.
Program received signal SIGSEGV, Segmentation fault.
0x00005555556e67e7 in qemu_ram_free (block=0x0) at /home/elmarco/src/qemu/exec.c:1775
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <1459250451-29984-1-git-send-email-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
- further collapse of the build matrix
- enabling MacOSX in the build
- make -j3 change
Other pending updates are deferred for later in the cycle.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJXA4E9AAoJEPvQ2wlanipEH/EH+gNQRBmyHdnFGM5QwifRMP1+
UzQiciGP5TNE3Mk07Zsbl8mdyuHL+5+8NryzDB7j1Qxbveea/xV8gaOIpabntBjM
QQdNBGKJoYIj9HHm7oKlglS2lvwar+NK0/adHPL5PLR/FrLbC2BXAQwz46m4G8FO
vWRWzWJBwCVGrEgDf8Ih5RsmLEJeCkvd0C4SiikFROS7nxQt0V4YEqHAPMWUisIA
4EzsFSqRHpMVkCzaPYgyUganEdpkB6DnuBl8CgHGWBYp4BaqyD9EfzIHTLRRy07v
2dTDIxOB2uNgNUSU/vUYuQlrjmB05wg4K0/PYpbk6h2WvxJ2p0NpXPyWmszQN1s=
=v/pD
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/stsquad/tags/travis-pull-05042016' into staging
This pull request includes:
- further collapse of the build matrix
- enabling MacOSX in the build
- make -j3 change
Other pending updates are deferred for later in the cycle.
# gpg: Signature made Tue 05 Apr 2016 10:11:25 BST using RSA key ID 5A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>"
* remotes/stsquad/tags/travis-pull-05042016:
.travis.yml: make -j3
.travis.yml: enable OSX builds
.travis.yml: collapse the test matrix
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The move from Travis VMs to Containers came with a upgrade from 1.5
cores to 2. The received wisdom is -j N+1 means a core can be doing work
while other threads wait for IO to complete. This is hard to test on the
Travis infrastructure but an initial before/after eyeballing seems to
confirm it is an improvement.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Travis has support for OSX builds. Making the setup work cleanly
involves a little hacking about with the .travis.yml file but rather
than make it too messy I've pushed all the "brew" install stuff into a
support script called ./scripts/macosx-brew.sh.
Currently only the default ./configure ${CONFIG} is built as I'm not
sure what extra coverage would come from the other build stanzas.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Peter Maydell <peter.maydell@linaro.org>
Remove the concept of TARGETS and build the complete target list for
each config combination. Now the matrix is just based on CONFIG stanzas
and we use the additional stuff for:
- things that only work on one compiler (sparse, gcov, gprof)
- combos where "make check" fails
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Three bugfixes for target-ppc, pseries machine type and related devices.
1. Fix a bug in the core code where kvm_vcpu_dirty would not be set
before the very first system reset. This meant that if things in
the reset path did their own cpu_synchronize_state() it would pull
stale data out of KVM.
On ppc this, in combination with a previous cleanup meant that the
MSR would be zeroed before entry, instead of correctly having the
SF (64-bit mode) bit set.
2. Allow immediate detach of hot-added PCI devices which haven't yet
been announced to the guest.
This fixes a regression: because of a case where we now defer
announcement of non-zero functions to the guest, an incorrect
hot-add of such a device can't be backed out until the add is
completed, which is counter-intuitive to say the least.
3. Fix migration of alternate interrupt locations. The location of
interrupt vectors can be affected by the LPCR, and we weren't
correctly recalculating this after migration of a non-standard LPCR
value.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJXAx9VAAoJEGw4ysog2bOSSCkP/1pB2KRQg+auf3+MsMB4Oi19
AeeStXwOmFf23Y/HZ/UVFXgmFF8RmYNQfe8iCAObPr4fWUUHWT2xjovAKR46CUFp
spuVnb7dkldlkTn0A5/4Jfm+AhkZvlUZJtxzqolL87SYbXdW8Il1NWc0mm5DC0b8
DPJ3tmDG5C/QvJ49bz1idzF/iPSb07mrDtQP76MjqJjrJpBpa6tAk+MrICZTO6TK
2TR/BxuqfESvPphelPlOBIPvmqWKhnULIu55EQ/Knwx4uqU1e3WiNl/7uxRoa71z
hX05QFHm7VhriUaoSqZjXSndz5j0gyvrlBHRbdSCjw99WL+c1Zes8cg/5q1gVZsl
adnKenz4tGCVQxSrBi1nG36de6A0ggqxXmFyOy2PPXtDRhNod6cROH8/PjBd+uoA
e9ZidjPRbtkU5uPJwz/xWK5oyBXpHPJ1T3OupeLyAi5pbxYEXjGya8fFUorZS2i7
VJTMzkuTeO4c6pp6BOUras9bybjJyWFafHisuO/2JnNltyZ2/NYhfFScvBDRvM59
Yy7nR5cc7p4bC/nuxucT1H2+dn3SXM2fKsoRK0e6bHIcDSqCIoiM5gHigNBVNaCJ
7ph3fSZ8ebMbAFA154OXMhMjoUPUruZ9JAUzwBcrU4LdCQ4HKPCHq/OOtNFq966W
OVvE532cjdeC9mv4QtkB
=aZBn
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.6-20160405' into staging
ppc patch queue for 2016-03-24
Three bugfixes for target-ppc, pseries machine type and related devices.
1. Fix a bug in the core code where kvm_vcpu_dirty would not be set
before the very first system reset. This meant that if things in
the reset path did their own cpu_synchronize_state() it would pull
stale data out of KVM.
On ppc this, in combination with a previous cleanup meant that the
MSR would be zeroed before entry, instead of correctly having the
SF (64-bit mode) bit set.
2. Allow immediate detach of hot-added PCI devices which haven't yet
been announced to the guest.
This fixes a regression: because of a case where we now defer
announcement of non-zero functions to the guest, an incorrect
hot-add of such a device can't be backed out until the add is
completed, which is counter-intuitive to say the least.
3. Fix migration of alternate interrupt locations. The location of
interrupt vectors can be affected by the LPCR, and we weren't
correctly recalculating this after migration of a non-standard LPCR
value.
# gpg: Signature made Tue 05 Apr 2016 03:13:41 BST using RSA key ID 20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg: aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg: aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392
* remotes/dgibson/tags/ppc-for-2.6-20160405:
vl: Move cpu_synchronize_all_states() into qemu_system_reset()
spapr_drc: enable immediate detach for unsignalled devices
ppc: Rework POWER7 & POWER8 exception model
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
As the patches to move I/O throttling to BlockBackend didn't make it in
time for the 2.6 release, but the release adds new ways of configuring
VMs whose behaviour would change once the move is done, we need to
outlaw such configurations temporarily.
The problem exists whenever a BDS has more users than just its BB, for
example it is used as a backing file for another node. (This wasn't
possible in 2.5 yet as we introduced node references to specify a
backing file only recently.) In these cases, the throttling would
apply to these other users now, but after moving throttling to the
BlockBackend the other users wouldn't be throttled any more.
This patch prevents making new references to a throttled node as well as
using monitor commands to throttle a node with multiple parents.
Compared to 2.5 this changes behaviour in some corner cases where
references were allowed before, like bs->file or Quorum children. It
seems reasonable to assume that users didn't use I/O throttling on such
low level nodes. With the upcoming move of throttling into BlockBackend,
such configurations won't be possible anyway.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Failing on -drive/drive_add created BlockBackends was a
requirement for x-blockdev-del, but it sneaked through
the patch review. Let's fix it now.
Example:
$ x86_64-softmmu/qemu-system-x86_64 -drive if=none,file=null-co://,id=null -qmp stdio
>> {'execute':'qmp_capabilities'}
<< {"return": {}}
>> {'execute':'x-blockdev-del','arguments':{'id':'null'}}
<< {"error": {"class": "GenericError", "desc": "Deleting block backend added with drive-add is not supported"}}
And without a DriveInfo:
>> { "execute": "blockdev-add", "arguments": { "options": { "driver":"null-co", "id":"null2"}}}
<< {"return": {}}
>> {'execute':'x-blockdev-del','arguments':{'id':'null2'}}
<< {"return": {}}
Suggested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
There are currently 3 calls to qemu_system_reset() in vl.c. Two of them
are immediately preceded by a cpu_synchronize_all_states9) and the
remaining one should be.
The one which doesn't is the very first reset called directly from main().
Without a cpu_synchronize_all_states(), kvm_vcpu_dirty is false at this
point from the earlier cpu_synchronize_all_post_init(). That's incorrect
because the reset path is quite likely to update the CPU state, and that
updated state should be pushed back to KVM, not overwritten with stale
data pushed to KVM immediately after init.
This patch moves the call to cpu_synchronize_all_states() into
qemu_system_reset() for safety, so it is always called. AFAICT this should
be safe for the handful of callers outside vl.c - these all appear to be in
places where the cpu state is already synchronized so the extra call
will be a no-op.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Tested-by: Laurent Vivier <lvivier@redhat.com>
Currently spapr doesn't support "aborting" hotplug of PCI
devices by allowing device_del to immediately remove the
device if we haven't signalled the presence of the device
to the guest.
In the past this wasn't an issue, since we always immediately
signalled device attach and simply relied on full guest-aware
add->remove path for device removal. However, as of 788d259,
we now defer signalling for PCI functions until function 0
is attached, so now we need to deal with these "abort" operations
for cases where a user hotplugs a non-0 function, then opts to
remove it prior hotplugging function 0. Currently they'd have to
reboot before the unplug completed. PCIe multifunction hotplug
does not have this requirement however, so from a management
implementation perspective it would be good to address this within
the same release as 788d259.
We accomplish this by simply adding a 'signalled' flag to track
whether a device hotplug event has been sent to the guest. If it
hasn't, we allow immediate removal under the assumption that the
guest will not be using the device. Devices present at boot/reset
time are also assumed to be 'signalled'.
For CPU/memory/etc, signalling will still happen immediately
as part of device_add, so only PCI functions should be affected.
Cc: bharata@linux.vnet.ibm.com
Cc: david@gibson.dropbear.id.au
Cc: sbhat@linux.vnet.ibm.com
Cc: qemu-ppc@nongnu.org
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
[dwg: This fixes a regression where an incorrect hot-add of a non-zero
function can no longer be backed out until function 0 is added]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
This patch fixes the current AIL implementation for POWER8. The
interrupt vector address can be calculated directly from LPCR when the
exception is handled. The excp_prefix update becomes useless and we
can cleanup the H_SET_MODE hcall.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
[clg: Removed LPES0/1 handling for HV vs. !HV
Fixed LPCR_ILE case for POWERPC_EXCP_POWER8 ]
Signed-off-by: Cédric Le Goater <clg@fr.ibm.com>
[dwg: This was written as a cleanup, but it also fixes a real bug
where setting an alternative interrupt location would not be
correctly migrated]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>