packages/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:0bdfbfbe521dba3d586121b923b8f7f8520c069e
Branches Tags
packages:main
...
compare: packages:582d85c69439cfac61bb782f7f663e3e1fc66199
Branches Tags
packages:main

10 Commits
0bdfbfbe52 ... 582d85c694

Author SHA1 Message Date
openeuler-ci-bot
582d85c694
!1095 [sync] PR-1093: QEMU update to version 6.2.0-108 
From: @openeuler-sync-bot 
Reviewed-by: @imxcc 
Signed-off-by: @imxcc
 2025-05-14 09:09:55 +00:00
Jiabo Feng
7b0ab8bdd9 QEMU update to version 6.2.0-108: 
- vdpa:Fix dirty page bitmap synchronization not done after suspend for vdpa devices

Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit f19bb019f0d8e3fa0c7d87ce1fcddaefd4ac3b5b)
 2025-05-14 15:05:54 +08:00
openeuler-ci-bot
01ac1c6fda
!1089 [sync] PR-1087: QEMU update to version 6.2.0-107: 
From: @openeuler-sync-bot 
Reviewed-by: @imxcc 
Signed-off-by: @imxcc
 2025-03-27 01:21:29 +00:00
Jiabo Feng
74b61da994 QEMU update to version 6.2.0-107: 
- qemu: Support specifying the cache size presented to guest
- hw/core/machine-smp: Initialize caches_bitmap before reading
- qapi/qom: Define cache enumeration and properties for machine
- linux-aio: fix unbalanced plugged counter in laio_io_unplug()

Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit 5453be865c307703cc43847588fa63ef74ac1ae0)
 2025-03-26 21:10:58 +08:00
openeuler-ci-bot
91f56886c1
!1076 [sync] PR-1068: QEMU update to version 6.2.0-106 
From: @openeuler-sync-bot 
Reviewed-by: @imxcc 
Signed-off-by: @imxcc
 2025-02-22 00:25:33 +00:00
Jiabo Feng
f4f53a5098 QEMU update to version 6.2.0-106: 
- hw/nvme: Remove redundant dma_blk_write
- tests/avocado/machine_s390_ccw_virtio: Adapt test to new default resolution
- edid: set default resolution to 1280x800 (WXGA)
- iotests/308: Fix for CAP_DAC_OVERRIDE
- hvf: remove unused but set variable
- vvfat: Fix vvfat_write() for writes before the root directory
- hw/misc/nrf51_rng: Don't use BIT_MASK() when we mean BIT()
- hw/pci: Remove unused pci_irq_pulse() method
- ui/gtk: fix leaks found wtih fuzzing
- target/i386: fix size of EBP writeback in gen_enter()
- tests/qtest/fuzz: fix memleak in qos_fuzz.c
- hw/core/loader: gunzip(): fix memory leak on error path
- migration: fix a typo
- scsi: fetch unit attention when creating the request
- raw-format: Fix error message for invalid offset/size
- tcg: Reset data_gen_ptr correctly
- Fix calculation of minimum in colo_compare_tcp
- hw/intc: Don't clear pending bits on IRQ lowering
- target/arm: Drop user-only special case in sve_stN_r
- usb-hub: Fix handling port power control messages
- target/ppc: Set ctx->opcode for decode_insn32()
- linux-user: Add proper strace format strings for getdents()/getdents64()
- linux-user: Fix TARGET_PROT_SEM for XTENSA
- linux-user/hppa: Set TASK_UNMAPPED_BASE to 0xfa000000 for hppa arch
- linux-user/hppa: Dump IIR on register dump
- tests: Fix typo in check-help output
- qdev-core.h: Fix wrongly named reference to TYPE_SPLIT_IRQ
- hw/scsi/megasas: Simplify using the ldst API
- gqa-win: get_pci_info: Clean dev_info if handle is valid
- target/ppc: Fix 7448 support
- vvfat: Fix size of temporary qcow file
- docs: Correct 'vhost-user-blk' spelling
- jackaudio: use ifdefs to hide unavailable functions
- simplebench: Fix Python syntax error (reported by LGTM)
- python: update type hints for mypy 0.930
- Python/aqmp: fix type definitions for mypy 0.920
- tcg: Allow top bit of SIMD_DATA_BITS to be set in simd_desc()
- hw/ppc/e500: Prefer QOM cast
- hw/ppc/e500: Remove unused "irqs" parameter
- hw/ppc/e500: Add missing device tree properties to i2c controller node
- linux-user: Show timespec on strace for futex()
- linux-user: Add strace for clock_nanosleep()
- linux-user: Fix strace of chmod() if mode == 0
- linux-user: Log failing executable in EXCP_DUMP()
- linux-user: Add pidfd_open(), pidfd_send_signal() and pidfd_getfd() syscalls

Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit 87ebac5b5cfb97ddb7ac2af097703758fb0751c4)
 2025-02-21 17:43:48 +08:00
openeuler-ci-bot
4aafbc36e3
!1062 [sync] PR-1061: QEMU update to version 6.2.0-105 
From: @openeuler-sync-bot 
Reviewed-by: @imxcc 
Signed-off-by: @imxcc
 2025-02-21 00:50:56 +00:00
AlexChen
401984bbd1 QEMU update to version 6.2.0-105: 
- target/i386: Add EPYC-Genoa model to support Zen 4 processor series
- target/i386: Add VNMI and automatic IBRS feature bits
- target/i386: Add missing feature bits in EPYC-Milan model
- target/i386: Add feature bits for CPUID_Fn80000021_EAX
- target/i386: Add a couple of feature bits in 8000_0008_EBX
- target/i386: Add new EPYC CPU versions with updated cache_info
- target/i386: allow versioned CPUs to specify new cache_info

Signed-off-by: AlexChen <alex.chen@huawei.com>
(cherry picked from commit 941be8259b4a01d66f0c9c9d16c7acf8933688eb)
 2024-12-26 09:57:22 +08:00
openeuler-ci-bot
c4f4bbb3ef
!1058 [sync] PR-1057: QEMU update to version 6.2.0-104 
From: @openeuler-sync-bot 
Reviewed-by: @imxcc 
Signed-off-by: @imxcc
 2024-12-18 02:19:29 +00:00
Gan Qixin
95b7632436 QEMU update to version 6.2.0-104: 
- intel_iommu: Add missed reserved bit check for IEC descriptor
- 9pfs: fix crash on 'Treaddir' request
- s390x/ap: fix missing subsystem reset registration
- qemu/bswap: Undefine CPU_CONVERT() once done
- linux-user: Add missing signals in strace output
- linux-user: Add missing clock_gettime64() syscall strace

Signed-off-by: Gan Qixin <ganqixin@huawei.com>
(cherry picked from commit 692bd89e009248b7108baa30dfb2fdeeb55a8bbd)
 2024-12-18 09:32:07 +08:00
64 changed files with 4653 additions and 2 deletions
Show Stats Expand all files Collapse all files

64
9pfs-fix-crash-on-Treaddir-request.patch Normal file
View File

@ -0,0 +1,64 @@
From 4d4c15d8fac49731db7727c7f91b4184c2a95d78 Mon Sep 17 00:00:00 2001
From: Christian Schoenebeck <qemu_oss@crudebyte.com>
Date: Tue, 5 Nov 2024 11:25:26 +0100
Subject: [PATCH] 9pfs: fix crash on 'Treaddir' request
A bad (broken or malicious) 9p client (guest) could cause QEMU host to
crash by sending a 9p 'Treaddir' request with a numeric file ID (FID) that
was previously opened for a file instead of an expected directory:
#0 0x0000762aff8f4919 in __GI___rewinddir (dirp=0xf) at
../sysdeps/unix/sysv/linux/rewinddir.c:29
#1 0x0000557b7625fb40 in do_readdir_many (pdu=0x557bb67d2eb0,
fidp=0x557bb67955b0, entries=0x762afe9fff58, offset=0, maxsize=131072,
dostat=<optimized out>) at ../hw/9pfs/codir.c:101
#2 v9fs_co_readdir_many (pdu=pdu@entry=0x557bb67d2eb0,
fidp=fidp@entry=0x557bb67955b0, entries=entries@entry=0x762afe9fff58,
offset=0, maxsize=131072, dostat=false) at ../hw/9pfs/codir.c:226
#3 0x0000557b7625c1f9 in v9fs_do_readdir (pdu=0x557bb67d2eb0,
fidp=0x557bb67955b0, offset=<optimized out>,
max_count=<optimized out>) at ../hw/9pfs/9p.c:2488
#4 v9fs_readdir (opaque=0x557bb67d2eb0) at ../hw/9pfs/9p.c:2602
That's because V9fsFidOpenState was declared as union type. So the
same memory region is used for either an open POSIX file handle (int),
or a POSIX DIR* pointer, etc., so 9p server incorrectly used the
previously opened (valid) POSIX file handle (0xf) as DIR* pointer,
eventually causing a crash in glibc's rewinddir() function.
Root cause was therefore a missing check in 9p server's 'Treaddir'
request handler, which must ensure that the client supplied FID was
really opened as directory stream before trying to access the
aforementioned union and its DIR* member.
Cc: qemu-stable@nongnu.org
Fixes: d62dbb51f7 ("virtio-9p: Add fidtype so that we can do type ...")
Reported-by: Akihiro Suda <suda.kyoto@gmail.com>
Tested-by: Akihiro Suda <suda.kyoto@gmail.com>
Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Message-Id: <E1t8GnN-002RS8-E2@kylie.crudebyte.com>
Signed-off-by: Zhongrui Tang <tangzhongrui_yewu@cmss.chinamobile.com>
---
hw/9pfs/9p.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index 15b3f4d385..4e52f26afe 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -2528,6 +2528,11 @@ static void coroutine_fn v9fs_readdir(void *opaque)
retval = -EINVAL;
goto out_nofid;
}
+ if (fidp->fid_type != P9_FID_DIR) {
+ warn_report_once("9p: bad client: T_readdir on non-directory stream");
+ retval = -ENOTDIR;
+ goto out;
+ }
if (!fidp->fs.dir.stream) {
retval = -EINVAL;
goto out;
--
2.33.0

36
Fix-calculation-of-minimum-in-colo_compare_tcp.patch Normal file
View File

@ -0,0 +1,36 @@
From 9a0cd347854db393076683b6321c85359d530490 Mon Sep 17 00:00:00 2001
From: Stefan Weil <sw@weilnetz.de>
Date: Mon, 9 Sep 2024 22:42:54 +0200
Subject: [PATCH] Fix calculation of minimum in colo_compare_tcp
GitHub's CodeQL reports a critical error which is fixed by using the MIN macro:
Unsigned difference expression compared to zero
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Cc: qemu-stable@nongnu.org
Reviewed-by: Zhang Chen <chen.zhang@intel.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
(cherry picked from commit e29bc931e1699a98959680f6776b48673825762b)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
net/colo-compare.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/net/colo-compare.c b/net/colo-compare.c
index b966e7e514..e845c63f2e 100644
--- a/net/colo-compare.c
+++ b/net/colo-compare.c
@@ -414,8 +414,7 @@ static void colo_compare_tcp(CompareState *s, Connection *conn)
* can ensure that the packet's payload is acknowledged by
* primary and secondary.
*/
- uint32_t min_ack = conn->pack - conn->sack > 0 ?
- conn->sack : conn->pack;
+ uint32_t min_ack = MIN(conn->pack, conn->sack);
pri:
if (g_queue_is_empty(&conn->primary_list)) {
--
2.41.0.windows.1

52
Python-aqmp-fix-type-definitions-for-mypy-0.920.patch Normal file
View File

@ -0,0 +1,52 @@
From 5416865eeac72a5dabf91b6c1a70ff7d09e214cf Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 10:38:43 +0800
Subject: [PATCH] Python/aqmp: fix type definitions for mypy 0.920
cherry picked from commit 42d73f2894ea1855df5a25d58e0d9eac6023dcc3
0.920 (Released 2021-12-15) is not entirely happy with the
way that I was defining _FutureT:
qemu/aqmp/protocol.py:601: error: Item "object" of the upper bound
"Optional[Future[Any]]" of type variable "_FutureT" has no attribute
"done"
Update it with something a little mechanically simpler that works better
across a wider array of mypy versions.
Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 20220110191349.1841027-3-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
python/qemu/aqmp/protocol.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/python/qemu/aqmp/protocol.py b/python/qemu/aqmp/protocol.py
index 5190b33b13..c4fbe35a0e 100644
--- a/python/qemu/aqmp/protocol.py
+++ b/python/qemu/aqmp/protocol.py
@@ -43,8 +43,8 @@
T = TypeVar('T')
+_U = TypeVar('_U')
_TaskFN = Callable[[], Awaitable[None]] # aka ``async def func() -> None``
-_FutureT = TypeVar('_FutureT', bound=Optional['asyncio.Future[Any]'])
class Runstate(Enum):
@@ -591,7 +591,8 @@ def _cleanup(self) -> None:
"""
Fully reset this object to a clean state and return to `IDLE`.
"""
- def _paranoid_task_erase(task: _FutureT) -> Optional[_FutureT]:
+ def _paranoid_task_erase(task: Optional['asyncio.Future[_U]']
+ ) -> Optional['asyncio.Future[_U]']:
# Help to erase a task, ENSURING it is fully quiesced first.
assert (task is None) or task.done()
return None if (task and task.done()) else task
--
2.41.0.windows.1

35
docs-Correct-vhost-user-blk-spelling.patch Normal file
View File

@ -0,0 +1,35 @@
From c8c0afc9d6487894498d23d31cc7bbb4f86c0e3d Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 11:22:38 +0800
Subject: [PATCH] docs: Correct 'vhost-user-blk' spelling
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit 9bd11f9638cbc08dcab6777f0a27f597cb44c22a
Reported-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220107105420.395011-2-f4bug@amsat.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
docs/tools/qemu-storage-daemon.rst | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/tools/qemu-storage-daemon.rst b/docs/tools/qemu-storage-daemon.rst
index 3e5a9dc032..9b0eaba6e5 100644
--- a/docs/tools/qemu-storage-daemon.rst
+++ b/docs/tools/qemu-storage-daemon.rst
@@ -201,7 +201,7 @@ Export raw image file ``disk.img`` over NBD UNIX domain socket ``nbd.sock``::
--nbd-server addr.type=unix,addr.path=nbd.sock \
--export type=nbd,id=export,node-name=disk,writable=on
-Export a qcow2 image file ``disk.qcow2`` as a vhosts-user-blk device over UNIX
+Export a qcow2 image file ``disk.qcow2`` as a vhost-user-blk device over UNIX
domain socket ``vhost-user-blk.sock``::
$ qemu-storage-daemon \
--
2.41.0.windows.1

114
edid-set-default-resolution-to-1280x800-WXGA.patch Normal file
View File

@ -0,0 +1,114 @@
From 33d5ea75f73c19ed9058fa700eb65a405c7c7bcc Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 11:13:22 +0800
Subject: [PATCH] edid: set default resolution to 1280x800 (WXGA)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit de72c4b7cdf6ec18bfe9fe714aa96e48db6fd895
Currently QEMU defaults to a resolution of 1024x768 when exposing EDID
info to the guest OS. The EDID default info is important as this will
influence what resolution many guest OS will configure the screen with
on boot. It can also potentially influence what resolution the firmware
will configure the screen with, though until very recently EDK2 would
not handle EDID info.
One important thing to bear in mind is that the default graphics card
driver provided by Windows will leave the display set to whatever
resolution was enabled by the firmware on boot. Even if sufficient
VRAM is available, the resolution can't be changed without installing
new drivers. IOW, the default resolution choice is quite important
for usability of Windows.
Modern real world monitor hardware for desktop/laptop has supported
resolutions higher than 1024x768 for a long time now, perhaps as long
as 15+ years. There are quite a wide variety of native resolutions in
use today, however, and in wide screen form factors the height may not
be all that tall.
None the less, it is considered that there is scope for making the
QEMU default resolution slightly larger.
In considering what possible new default could be suitable, choices
considered were 1280x720 (720p), 1280x800 (WXGA) and 1280x1024 (SXGA).
In many ways, vertical space is the most important, and so 720p was
discarded due to loosing vertical space, despite being 25% wider.
The SXGA resolution would be good, but when taking into account
window titlebars/toolbars and window manager desktop UI, this might
be a little too tall for some users to fit the guest on their physical
montior.
This patch thus suggests a modest change to 1280x800 (WXGA). This
only consumes 1 MB per colour channel, allowing double buffered
framebuffer in 8 MB of VRAM. Width wise this is 25% larger than
QEMU's current default, but height wise this only adds 5%, so the
difference isn't massive on the QEMU side.
Overall there doesn't appear to be a compelling reason to stick
with 1024x768 resolution.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20211129140508.1745130-1-berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
hw/display/edid-generate.c | 4 ++--
include/hw/virtio/virtio-gpu.h | 4 ++--
qemu-edid.c | 4 ++--
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/hw/display/edid-generate.c b/hw/display/edid-generate.c
index f2b874d5e3..6f5ac6a38a 100644
--- a/hw/display/edid-generate.c
+++ b/hw/display/edid-generate.c
@@ -401,10 +401,10 @@ void qemu_edid_generate(uint8_t *edid, size_t size,
info->name = "QEMU Monitor";
}
if (!info->prefx) {
- info->prefx = 1024;
+ info->prefx = 1280;
}
if (!info->prefy) {
- info->prefy = 768;
+ info->prefy = 800;
}
if (info->prefx >= 4096 || info->prefy >= 4096) {
large_screen = 1;
diff --git a/include/hw/virtio/virtio-gpu.h b/include/hw/virtio/virtio-gpu.h
index acfba7c76c..2179b75703 100644
--- a/include/hw/virtio/virtio-gpu.h
+++ b/include/hw/virtio/virtio-gpu.h
@@ -147,8 +147,8 @@ struct VirtIOGPUBaseClass {
DEFINE_PROP_UINT32("max_outputs", _state, _conf.max_outputs, 1), \
DEFINE_PROP_BIT("edid", _state, _conf.flags, \
VIRTIO_GPU_FLAG_EDID_ENABLED, true), \
- DEFINE_PROP_UINT32("xres", _state, _conf.xres, 1024), \
- DEFINE_PROP_UINT32("yres", _state, _conf.yres, 768)
+ DEFINE_PROP_UINT32("xres", _state, _conf.xres, 1280), \
+ DEFINE_PROP_UINT32("yres", _state, _conf.yres, 800)
typedef struct VGPUDMABuf {
QemuDmaBuf buf;
diff --git a/qemu-edid.c b/qemu-edid.c
index c3a9fba10d..20c958d9c7 100644
--- a/qemu-edid.c
+++ b/qemu-edid.c
@@ -10,8 +10,8 @@
#include "hw/display/edid.h"
static qemu_edid_info info = {
- .prefx = 1024,
- .prefy = 768,
+ .prefx = 1280,
+ .prefy = 800,
};
static void usage(FILE *out)
--
2.41.0.windows.1

45
gqa-win-get_pci_info-Clean-dev_info-if-handle-is-val.patch Normal file
View File

@ -0,0 +1,45 @@
From ab41162b50f176cd926104ee16c766c2186326a1 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 13:33:40 +0800
Subject: [PATCH] gqa-win: get_pci_info: Clean dev_info if handle is valid
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit d0b896a7495b71313c43aff4329714ade56799d4
Signed-off-by: Kostiantyn Kostiuk <konstantin@daynix.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Kostiantyn Kostiuk <kkostiuk@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
qga/commands-win32.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/qga/commands-win32.c b/qga/commands-win32.c
index 30e50f1769..d2ca36564d 100644
--- a/qga/commands-win32.c
+++ b/qga/commands-win32.c
@@ -514,7 +514,7 @@ DEFINE_GUID(GUID_DEVINTERFACE_STORAGEPORT,
static GuestPCIAddress *get_pci_info(int number, Error **errp)
{
- HDEVINFO dev_info;
+ HDEVINFO dev_info = INVALID_HANDLE_VALUE;
SP_DEVINFO_DATA dev_info_data;
SP_DEVICE_INTERFACE_DATA dev_iface_data;
HANDLE dev_file;
@@ -749,7 +749,9 @@ static GuestPCIAddress *get_pci_info(int number, Error **errp)
}
free_dev_info:
- SetupDiDestroyDeviceInfoList(dev_info);
+ if (dev_info != INVALID_HANDLE_VALUE) {
+ SetupDiDestroyDeviceInfoList(dev_info);
+ }
out:
return pci;
}
--
2.41.0.windows.1

57
hvf-remove-unused-but-set-variable.patch Normal file
View File

@ -0,0 +1,57 @@
From d348ad3421f973298f909c3e01c1052690f7594a Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 12 Dec 2024 11:46:07 +0800
Subject: [PATCH] hvf: remove unused but set variable
cheery-pick from 19d542cc0bce0b3641e80444374f9ffd8294a15b
fixes associated warning when building on MacOS.
Signed-off-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Link: https://lore.kernel.org/r/20241023182922.1040964-1-pierrick.bouvier@linaro.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
target/i386/hvf/x86_task.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/target/i386/hvf/x86_task.c b/target/i386/hvf/x86_task.c
index 422156128b..1550002341 100644
--- a/target/i386/hvf/x86_task.c
+++ b/target/i386/hvf/x86_task.c
@@ -123,7 +123,6 @@ void vmx_handle_task_switch(CPUState *cpu, x68_segment_selector tss_sel, int rea
load_regs(cpu);
struct x86_segment_descriptor curr_tss_desc, next_tss_desc;
- int ret;
x68_segment_selector old_tss_sel = vmx_read_segment_selector(cpu, R_TR);
uint64_t old_tss_base = vmx_read_segment_base(cpu, R_TR);
uint32_t desc_limit;
@@ -139,7 +138,7 @@ void vmx_handle_task_switch(CPUState *cpu, x68_segment_selector tss_sel, int rea
if (reason == TSR_IDT_GATE && gate_valid) {
int dpl;
- ret = x86_read_call_gate(cpu, &task_gate_desc, gate);
+ x86_read_call_gate(cpu, &task_gate_desc, gate);
dpl = task_gate_desc.dpl;
x68_segment_selector cs = vmx_read_segment_selector(cpu, R_CS);
@@ -168,11 +167,12 @@ void vmx_handle_task_switch(CPUState *cpu, x68_segment_selector tss_sel, int rea
x86_write_segment_descriptor(cpu, &next_tss_desc, tss_sel);
}
- if (next_tss_desc.type & 8)
- ret = task_switch_32(cpu, tss_sel, old_tss_sel, old_tss_base, &next_tss_desc);
- else
+ if (next_tss_desc.type & 8) {
+ task_switch_32(cpu, tss_sel, old_tss_sel, old_tss_base, &next_tss_desc);
+ } else {
//ret = task_switch_16(cpu, tss_sel, old_tss_sel, old_tss_base, &next_tss_desc);
VM_PANIC("task_switch_16");
+ }
macvm_set_cr0(cpu->hvf->fd, rvmcs(cpu->hvf->fd, VMCS_GUEST_CR0) | CR0_TS);
x86_segment_descriptor_to_vmx(cpu, tss_sel, &next_tss_desc, &vmx_seg);
--
2.41.0.windows.1

31
hw-core-loader-gunzip-fix-memory-leak-on-error-path.patch Normal file
View File

@ -0,0 +1,31 @@
From 6d6fc5ae0c920e2ad9e01a3320f3529c7bad977f Mon Sep 17 00:00:00 2001
From: jipengfei_yewu <jipengfei_yewu@cmss.chinamobile.com>
Date: Mon, 9 Sep 2024 20:14:09 +0800
Subject: [PATCH] hw/core/loader: gunzip(): fix memory leak on error path
We should call inflateEnd() like on success path to cleanup state in s
variable.
Signed-off-by:jipengfei_yewu <jipengfei_yewu@cmss.chinamobile.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
---
hw/core/loader.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/core/loader.c b/hw/core/loader.c
index 19edb928e9..8389860679 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -605,6 +605,7 @@ ssize_t gunzip(void *dst, size_t dstlen, uint8_t *src, size_t srclen)
r = inflate(&s, Z_FINISH);
if (r != Z_OK && r != Z_STREAM_END) {
printf ("Error: inflate() returned %d\n", r);
+ inflateEnd(&s);
return -1;
}
dstbytes = s.next_out - (unsigned char *) dst;
--
2.41.0.windows.1

47
hw-core-machine-smp-Initialize-caches_bitmap-before-.patch Normal file
View File

@ -0,0 +1,47 @@
From 4f12da5913773e6beba7edd530d85ebe58889c28 Mon Sep 17 00:00:00 2001
From: huangchengfei <huangchengfei3@huawei.com>
Date: Fri, 7 Mar 2025 15:51:01 +0800
Subject: [PATCH] hw/core/machine-smp: Initialize caches_bitmap before reading
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
mainline inclusion
from mainline-master
commit 9c2644948c71db61a04f22398cde72224a98267a
category: feature
Reference: https://github.com/qemu/qemu/commit/9c2644948c71db61a04f22398cde72224a98267a
commit 9c2644948c71db61a04f22398cde72224a98267a upstream
The caches_bitmap is defined in machine_parse_smp_cache(), but it was
not initialized.
Initialize caches_bitmap by clearing all its bits to zero.
Resolves: Coverity CID 1565389
Fixes: 4e88e7e ("qapi/qom: Define cache enumeration and properties for machine")
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Link: https://lore.kernel.org/r/20241110150901.130647-2-zhao1.liu@intel.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
hw/core/machine-smp.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/core/machine-smp.c b/hw/core/machine-smp.c
index 9d1aa3afb3..a421a394d4 100644
--- a/hw/core/machine-smp.c
+++ b/hw/core/machine-smp.c
@@ -201,6 +201,7 @@ bool machine_parse_smp_cache(MachineState *ms,
const SmpCachePropertiesList *node;
DECLARE_BITMAP(caches_bitmap, CACHE_LEVEL_AND_TYPE__MAX);
+ bitmap_zero(caches_bitmap, CACHE_LEVEL_AND_TYPE__MAX);
for (node = caches; node; node = node->next) {
/* Prohibit users from repeating settings. */
if (test_bit(node->value->cache, caches_bitmap)) {
--
2.41.0.windows.1

39
hw-intc-Don-t-clear-pending-bits-on-IRQ-lowering.patch Normal file
View File

@ -0,0 +1,39 @@
From e4f8d0f097636b443a8d93593f6524b4669a5de7 Mon Sep 17 00:00:00 2001
From: Sergey Makarov <s.makarov@syntacore.com>
Date: Wed, 18 Sep 2024 17:02:29 +0300
Subject: [PATCH] hw/intc: Don't clear pending bits on IRQ lowering
According to PLIC specification (chapter 5), there
is only one case, when interrupt is claimed. Fix
PLIC controller to match this behavior.
Signed-off-by: Sergey Makarov <s.makarov@syntacore.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240918140229.124329-3-s.makarov@syntacore.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
(cherry picked from commit a84be2baa9eca8bc500f866ad943b8f63dc99adf)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
hw/intc/sifive_plic.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/hw/intc/sifive_plic.c b/hw/intc/sifive_plic.c
index 877e76877c..cbbe6372f9 100644
--- a/hw/intc/sifive_plic.c
+++ b/hw/intc/sifive_plic.c
@@ -414,8 +414,10 @@ static void sifive_plic_irq_request(void *opaque, int irq, int level)
{
SiFivePLICState *s = opaque;
- sifive_plic_set_pending(s, irq, level > 0);
- sifive_plic_update(s);
+ if (level > 0) {
+ sifive_plic_set_pending(s, irq, true);
+ sifive_plic_update(s);
+ }
}
static void sifive_plic_realize(DeviceState *dev, Error **errp)
--
2.41.0.windows.1

70
hw-misc-nrf51_rng-Don-t-use-BIT_MASK-when-we-mean-BI.patch Normal file
View File

@ -0,0 +1,70 @@
From a95246497e6162574d5c874b2d4504f828afbb85 Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 12 Dec 2024 12:20:12 +0800
Subject: [PATCH] hw/misc/nrf51_rng: Don't use BIT_MASK() when we mean BIT()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cheery-pick from a29a9776407e68c5560687e07828925bda710150
The BIT_MASK() macro from bitops.h provides the mask of a bit
within a particular word of a multi-word bit array; it is intended
to be used with its counterpart BIT_WORD() that gives the index
of the word in the array.
In nrf51_rng we are using it for cases where we have a bit number
that we know is the index of a bit within a single word (in fact, it
happens that all the bit numbers we pass to it are zero). This
happens to give the right answer, but the macro that actually
does the job we want here is BIT().
Use BIT() instead of BIT_MASK().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241108135644.4007151-1-peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
hw/misc/nrf51_rng.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/hw/misc/nrf51_rng.c b/hw/misc/nrf51_rng.c
index fc86e1b697..e911b3a3a3 100644
--- a/hw/misc/nrf51_rng.c
+++ b/hw/misc/nrf51_rng.c
@@ -107,25 +107,25 @@ static void rng_write(void *opaque, hwaddr offset,
break;
case NRF51_RNG_REG_SHORTS:
s->shortcut_stop_on_valrdy =
- (value & BIT_MASK(NRF51_RNG_REG_SHORTS_VALRDY_STOP)) ? 1 : 0;
+ (value & BIT(NRF51_RNG_REG_SHORTS_VALRDY_STOP)) ? 1 : 0;
break;
case NRF51_RNG_REG_INTEN:
s->interrupt_enabled =
- (value & BIT_MASK(NRF51_RNG_REG_INTEN_VALRDY)) ? 1 : 0;
+ (value & BIT(NRF51_RNG_REG_INTEN_VALRDY)) ? 1 : 0;
break;
case NRF51_RNG_REG_INTENSET:
- if (value & BIT_MASK(NRF51_RNG_REG_INTEN_VALRDY)) {
+ if (value & BIT(NRF51_RNG_REG_INTEN_VALRDY)) {
s->interrupt_enabled = 1;
}
break;
case NRF51_RNG_REG_INTENCLR:
- if (value & BIT_MASK(NRF51_RNG_REG_INTEN_VALRDY)) {
+ if (value & BIT(NRF51_RNG_REG_INTEN_VALRDY)) {
s->interrupt_enabled = 0;
}
break;
case NRF51_RNG_REG_CONFIG:
s->filter_enabled =
- (value & BIT_MASK(NRF51_RNG_REG_CONFIG_DECEN)) ? 1 : 0;
+ (value & BIT(NRF51_RNG_REG_CONFIG_DECEN)) ? 1 : 0;
break;
default:
--
2.41.0.windows.1

29
hw-nvme-Remove-redundant-dma_blk_write.patch Normal file
View File

@ -0,0 +1,29 @@
From a800af5f8a944fb46c2c6ffc7c4a9054f7395b9b Mon Sep 17 00:00:00 2001
From: raywang <honglei.wang@smartx.com>
Date: Sun, 5 Jan 2025 14:04:39 +0800
Subject: [PATCH] hw/nvme: Remove redundant dma_blk_write
Commit f0ac211 changes alignment in dma functions for nvme, but it
did not delete the original dma_blk_write when picking the code.
Signed-off-by: raywang <honglei.wang@smartx.com>
---
hw/nvme/ctrl.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c
index 7c9f97bdb3..f1c7641158 100644
--- a/hw/nvme/ctrl.c
+++ b/hw/nvme/ctrl.c
@@ -1282,8 +1282,6 @@ static inline void nvme_blk_write(BlockBackend *blk, int64_t offset,
assert(req->sg.flags & NVME_SG_ALLOC);
if (req->sg.flags & NVME_SG_DMA) {
- req->aiocb = dma_blk_write(blk, &req->sg.qsg, offset, BDRV_SECTOR_SIZE,
- cb, req);
req->aiocb = dma_blk_write(blk, &req->sg.qsg, offset, align, cb, req);
} else {
req->aiocb = blk_aio_pwritev(blk, offset, &req->sg.iov, 0, cb, req);
--
2.41.0.windows.1

46
hw-pci-Remove-unused-pci_irq_pulse-method.patch Normal file
View File

@ -0,0 +1,46 @@
From 66832f5e5c0c805544c23433a1e9ab30aaa01633 Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 12 Dec 2024 10:37:36 +0800
Subject: [PATCH] hw/pci: Remove unused pci_irq_pulse() method
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cheery-pick from ef45f46f382a5e2c41c39c71fd3364cff4f41bf5
Last use of pci_irq_pulse() was removed 7 years ago in commit
5e9aa92eb1 ("hw/block: Fix pin-based interrupt behaviour of NVMe").
Signed-off-by: Philippe Mathieu-Daudé philmd@linaro.org
Reviewed-by: Thomas Huth thuth@redhat.com
Message-ID: 20241122103418.539-1-philmd@linaro.org
Signed-off-by: Thomas Huth thuth@redhat.com
Signed-off-by: Zhang Jiao zhangjiao2_yewu@cmss.chinamobile.com
---
include/hw/pci/pci.h | 10 ----------
1 file changed, 10 deletions(-)
diff --git a/include/hw/pci/pci.h b/include/hw/pci/pci.h
index a0cf893bfd..3811724d31 100644
--- a/include/hw/pci/pci.h
+++ b/include/hw/pci/pci.h
@@ -753,16 +753,6 @@ static inline void pci_irq_deassert(PCIDevice *pci_dev)
pci_set_irq(pci_dev, 0);
}
-/*
- * FIXME: PCI does not work this way.
- * All the callers to this method should be fixed.
- */
-static inline void pci_irq_pulse(PCIDevice *pci_dev)
-{
- pci_irq_assert(pci_dev);
- pci_irq_deassert(pci_dev);
-}
-
static inline int pci_is_express(const PCIDevice *d)
{
return d->cap_present & QEMU_PCI_CAP_EXPRESS;
--
2.41.0.windows.1

44
hw-ppc-e500-Add-missing-device-tree-properties-to-i2.patch Normal file
View File

@ -0,0 +1,44 @@
From 47ad414a1cc4f7923bd9405027078b990753b9cb Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 14 Nov 2024 14:31:31 +0800
Subject: [PATCH] hw/ppc/e500: Add missing device tree properties to i2c
controller node
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cheery-pick from b5d65592d931d07d4f4bcb915d018ec9598058b4
When compiling a decompiled device tree blob created with dumpdtb, dtc complains
with:
/soc@e0000000/i2c@3000: incorrect #address-cells for I2C bus
/soc@e0000000/i2c@3000: incorrect #size-cells for I2C bus
Fix this by adding the missing device tree properties.
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Message-ID: <20241103133412.73536-6-shentey@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
hw/ppc/e500.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index 960e7efcd3..b8ead49834 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -197,6 +197,8 @@ static void dt_i2c_create(void *fdt, const char *soc, const char *mpic,
qemu_fdt_setprop_cells(fdt, i2c, "cell-index", 0);
qemu_fdt_setprop_cells(fdt, i2c, "interrupts", irq0, 0x2);
qemu_fdt_setprop_phandle(fdt, i2c, "interrupt-parent", mpic);
+ qemu_fdt_setprop_cell(fdt, i2c, "#size-cells", 0);
+ qemu_fdt_setprop_cell(fdt, i2c, "#address-cells", 1);
qemu_fdt_setprop_string(fdt, "/aliases", alias, i2c);
g_free(i2c);
--
2.41.0.windows.1

44
hw-ppc-e500-Prefer-QOM-cast.patch Normal file
View File

@ -0,0 +1,44 @@
From f03f9300aa68d662d3261058cb6db5ae8b420d15 Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 14 Nov 2024 15:19:41 +0800
Subject: [PATCH] hw/ppc/e500: Prefer QOM cast
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cheery-pick from c620b4ee92ed3664a3d98e0fbb0b651e19fba5b6
Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Message-ID: <20241103133412.73536-4-shentey@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
hw/ppc/e500.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index 960e7efcd3..7aaf9d3e13 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -949,7 +949,7 @@ void ppce500_init(MachineState *machine)
sysbus_connect_irq(s, 0, qdev_get_gpio_in(mpicdev, MPC8544_I2C_IRQ));
memory_region_add_subregion(ccsr_addr_space, MPC8544_I2C_REGS_OFFSET,
sysbus_mmio_get_region(s, 0));
- i2c = (I2CBus *)qdev_get_child_bus(dev, "i2c");
+ i2c = I2C_BUS(qdev_get_child_bus(dev, "i2c"));
i2c_slave_create_simple(i2c, "ds1338", RTC_REGS_OFFSET);
@@ -974,7 +974,7 @@ void ppce500_init(MachineState *machine)
memory_region_add_subregion(ccsr_addr_space, MPC8544_PCI_REGS_OFFSET,
sysbus_mmio_get_region(s, 0));
- pci_bus = (PCIBus *)qdev_get_child_bus(dev, "pci.0");
+ pci_bus = PCI_BUS(qdev_get_child_bus(dev, "pci.0"));
if (!pci_bus)
printf("couldn't create PCI controller!\n");
--
2.41.0.windows.1

44
hw-ppc-e500-Remove-unused-irqs-parameter.patch Normal file
View File

@ -0,0 +1,44 @@
From 9442f8c1638bf45ff266040ab3913667792ca35b Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 14 Nov 2024 14:48:03 +0800
Subject: [PATCH] hw/ppc/e500: Remove unused "irqs" parameter
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cheery-pick from 2a309354ac5decf78763c9de999bfb42c8612069
Reviewed-by: BALATON Zoltan balaton@eik.bme.hu
Signed-off-by: Bernhard Beschow shentey@gmail.com
Message-ID: 20241103133412.73536-5-shentey@gmail.com
Signed-off-by: Philippe Mathieu-Daudé philmd@linaro.org
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
hw/ppc/e500.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index 960e7efcd3..853a5a4efb 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -762,7 +762,7 @@ static DeviceState *ppce500_init_mpic_qemu(PPCE500MachineState *pms,
}
static DeviceState *ppce500_init_mpic_kvm(const PPCE500MachineClass *pmc,
- IrqLines *irqs, Error **errp)
+ Error **errp)
{
DeviceState *dev;
CPUState *cs;
@@ -798,7 +798,7 @@ static DeviceState *ppce500_init_mpic(PPCE500MachineState *pms,
Error *err = NULL;
if (kvm_kernel_irqchip_allowed()) {
- dev = ppce500_init_mpic_kvm(pmc, irqs, &err);
+ dev = ppce500_init_mpic_kvm(pmc, &err);
}
if (kvm_kernel_irqchip_required() && !dev) {
error_reportf_err(err,
--
2.41.0.windows.1

59
hw-scsi-megasas-Simplify-using-the-ldst-API.patch Normal file
View File

@ -0,0 +1,59 @@
From 84bd6e7a41773a4cc1ae7cfe73ea5910415cd022 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 13:35:23 +0800
Subject: [PATCH] hw/scsi/megasas: Simplify using the ldst API
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit 2a0c51366985890e3bf6f41a48f3cb2dfe2f153e
This code is easier to review using the load/store API.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211218111912.1499377-1-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
hw/scsi/megasas.c | 17 +++--------------
1 file changed, 3 insertions(+), 14 deletions(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index dc9bbdb740..83c321ec20 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -383,8 +383,7 @@ static int megasas_setup_inquiry(uint8_t *cdb, int pg, int len)
cdb[1] = 0x1;
cdb[2] = pg;
}
- cdb[3] = (len >> 8) & 0xff;
- cdb[4] = (len & 0xff);
+ stw_be_p(&cdb[3], len);
return len;
}
@@ -400,18 +399,8 @@ static void megasas_encode_lba(uint8_t *cdb, uint64_t lba,
} else {
cdb[0] = READ_16;
}
- cdb[2] = (lba >> 56) & 0xff;
- cdb[3] = (lba >> 48) & 0xff;
- cdb[4] = (lba >> 40) & 0xff;
- cdb[5] = (lba >> 32) & 0xff;
- cdb[6] = (lba >> 24) & 0xff;
- cdb[7] = (lba >> 16) & 0xff;
- cdb[8] = (lba >> 8) & 0xff;
- cdb[9] = (lba) & 0xff;
- cdb[10] = (len >> 24) & 0xff;
- cdb[11] = (len >> 16) & 0xff;
- cdb[12] = (len >> 8) & 0xff;
- cdb[13] = (len) & 0xff;
+ stq_be_p(&cdb[2], lba);
+ stl_be_p(&cdb[2 + 8], len);
}
/*
--
2.41.0.windows.1

56
intel_iommu-Add-missed-reserved-bit-check-for-IEC-de.patch Normal file
View File

@ -0,0 +1,56 @@
From cba5a006eb08a400126e1882923a28f71a40a94a Mon Sep 17 00:00:00 2001
From: Zhenzhong Duan <zhenzhong.duan@intel.com>
Date: Mon, 4 Nov 2024 20:55:36 +0800
Subject: [PATCH] intel_iommu: Add missed reserved bit check for IEC descriptor
IEC descriptor is 128-bit invalidation descriptor, must be padded with
128-bits of 0s in the upper bytes to create a 256-bit descriptor when
the invalidation queue is configured for 256-bit descriptors (IQA_REG.DW=1).
Fixes: 02a2cbc872df ("x86-iommu: introduce IEC notifiers")
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Message-Id: <20241104125536.1236118-4-zhenzhong.duan@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Zhongrui Tang tangzhongrui_yewu@cmss.chinamobile.com
---
hw/i386/intel_iommu.c | 8 ++++++++
hw/i386/intel_iommu_internal.h | 3 +++
2 files changed, 11 insertions(+)
diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
index 2f8bcc1557..bc580237a8 100644
--- a/hw/i386/intel_iommu.c
+++ b/hw/i386/intel_iommu.c
@@ -2417,6 +2417,14 @@ static bool vtd_process_iotlb_desc(IntelIOMMUState *s, VTDInvDesc *inv_desc)
static bool vtd_process_inv_iec_desc(IntelIOMMUState *s,
VTDInvDesc *inv_desc)
{
+ uint64_t mask[4] = {VTD_INV_DESC_IEC_RSVD, VTD_INV_DESC_ALL_ONE,
+ VTD_INV_DESC_ALL_ONE, VTD_INV_DESC_ALL_ONE};
+
+ if (!vtd_inv_desc_reserved_check(s, inv_desc, mask, false,
+ __func__, "iec inv")) {
+ return false;
+ }
+
trace_vtd_inv_desc_iec(inv_desc->iec.granularity,
inv_desc->iec.index,
inv_desc->iec.index_mask);
diff --git a/hw/i386/intel_iommu_internal.h b/hw/i386/intel_iommu_internal.h
index 2b2f0dd848..7415b56bc4 100644
--- a/hw/i386/intel_iommu_internal.h
+++ b/hw/i386/intel_iommu_internal.h
@@ -388,6 +388,9 @@ typedef union VTDInvDesc VTDInvDesc;
#define VTD_INV_DESC_DEVICE_IOTLB_RSVD_HI 0xffeULL
#define VTD_INV_DESC_DEVICE_IOTLB_RSVD_LO 0xffff0000ffe0f1f0
+/* Masks for Interrupt Entry Invalidate Descriptor */
+#define VTD_INV_DESC_IEC_RSVD 0xffff000007fff1e0ULL
+
/* Rsvd field masks for spte */
#define VTD_SPTE_SNP 0x800ULL
--
2.33.0

81
iotests-308-Fix-for-CAP_DAC_OVERRIDE.patch Normal file
View File

@ -0,0 +1,81 @@
From 769aa1236789f0b5c47255aad220b73a8e286072 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Mon, 16 Dec 2024 10:32:54 +0800
Subject: [PATCH] iotests/308: Fix for CAP_DAC_OVERRIDE
cherry picked from commit e2eec2819a96f3a5d68f899c836ad365468cec01
With CAP_DAC_OVERRIDE (which e.g. root generally has), permission checks
will be bypassed when opening files.
308 in one instance tries to open a read-only file (FUSE export) with
qemu-io as read/write, and expects this to fail. However, when running
it as root, opening will succeed (thanks to CAP_DAC_OVERRIDE) and only
the actual write operation will fail.
Note this as "Case not run", but have the test pass in either case.
Reported-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Fixes: 2c7dd057aa7bd7a875e9b1a53975c220d6380bc4
("export/fuse: Pass default_permissions for mount")
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Message-Id: <20220103120014.13061-1-hreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
tests/qemu-iotests/308 | 25 +++++++++++++++++++++++--
tests/qemu-iotests/308.out | 2 +-
2 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/tests/qemu-iotests/308 b/tests/qemu-iotests/308
index 2e3f8f4282..bde4aac2fa 100755
--- a/tests/qemu-iotests/308
+++ b/tests/qemu-iotests/308
@@ -230,8 +230,29 @@ echo '=== Writable export ==='
fuse_export_add 'export-mp' "'mountpoint': '$EXT_MP', 'writable': true"
# Check that writing to the read-only export fails
-$QEMU_IO -f raw -c 'write -P 42 1M 64k' "$TEST_IMG" 2>&1 \
- | _filter_qemu_io | _filter_testdir | _filter_imgfmt
+output=$($QEMU_IO -f raw -c 'write -P 42 1M 64k' "$TEST_IMG" 2>&1 \
+ | _filter_qemu_io | _filter_testdir | _filter_imgfmt)
+
+# Expected reference output: Opening the file fails because it has no
+# write permission
+reference="Could not open 'TEST_DIR/t.IMGFMT': Permission denied"
+
+if echo "$output" | grep -q "$reference"; then
+ echo "Writing to read-only export failed: OK"
+elif echo "$output" | grep -q "write failed: Permission denied"; then
+ # With CAP_DAC_OVERRIDE (e.g. when running this test as root), the export
+ # can be opened regardless of its file permissions, but writing will then
+ # fail. This is not the result for which we want to test, so count this as
+ # a SKIP.
+ _casenotrun "Opening RO export as R/W succeeded, perhaps because of" \
+ "CAP_DAC_OVERRIDE"
+
+ # Still, write this to the reference output to make the test pass
+ echo "Writing to read-only export failed: OK"
+else
+ echo "Writing to read-only export failed: ERROR"
+ echo "$output"
+fi
# But here it should work
$QEMU_IO -f raw -c 'write -P 42 1M 64k' "$EXT_MP" | _filter_qemu_io
diff --git a/tests/qemu-iotests/308.out b/tests/qemu-iotests/308.out
index fc47bb11a2..e4467a10cf 100644
--- a/tests/qemu-iotests/308.out
+++ b/tests/qemu-iotests/308.out
@@ -95,7 +95,7 @@ virtual size: 0 B (0 bytes)
'mountpoint': 'TEST_DIR/t.IMGFMT.fuse', 'writable': true
} }
{"return": {}}
-qemu-io: can't open device TEST_DIR/t.IMGFMT: Could not open 'TEST_DIR/t.IMGFMT': Permission denied
+Writing to read-only export failed: OK
wrote 65536/65536 bytes at offset 1048576
64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
wrote 65536/65536 bytes at offset 1048576
--
2.41.0.windows.1

67
jackaudio-use-ifdefs-to-hide-unavailable-functions.patch Normal file
View File

@ -0,0 +1,67 @@
From 00b7eee0e0116ec78b41db24da510e655ec28c4c Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 11:08:20 +0800
Subject: [PATCH] jackaudio: use ifdefs to hide unavailable functions
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit ead789eb46a7df4eaab9e14e29e1d0d2a379988d
On Windows the jack_set_thread_creator() function and on MacOS the
pthread_setname_np() function with a thread pointer paramater is
not available. Use #ifdefs to remove the jack_set_thread_creator()
function call and the qjack_thread_creator() function in both
cases.
The qjack_thread_creator() function just sets the name of the
created thread for debugging purposes and isn't really necessary.
From the jack_set_thread_creator() documentation:
(...)
No normal application/client should consider calling this. (...)
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/785
Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
Reviewed-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
Message-Id: <20211226154017.6067-1-vr_qemu@t-online.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
audio/jackaudio.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/audio/jackaudio.c b/audio/jackaudio.c
index e7de6d5433..317009e936 100644
--- a/audio/jackaudio.c
+++ b/audio/jackaudio.c
@@ -622,6 +622,7 @@ static void qjack_enable_in(HWVoiceIn *hw, bool enable)
ji->c.enabled = enable;
}
+#if !defined(WIN32) && defined(CONFIG_PTHREAD_SETNAME_NP_W_TID)
static int qjack_thread_creator(jack_native_thread_t *thread,
const pthread_attr_t *attr, void *(*function)(void *), void *arg)
{
@@ -635,6 +636,7 @@ static int qjack_thread_creator(jack_native_thread_t *thread,
return ret;
}
+#endif
static void *qjack_init(Audiodev *dev)
{
@@ -687,7 +689,9 @@ static void register_audio_jack(void)
{
qemu_mutex_init(&qjack_shutdown_lock);
audio_driver_register(&jack_driver);
+#if !defined(WIN32) && defined(CONFIG_PTHREAD_SETNAME_NP_W_TID)
jack_set_thread_creator(qjack_thread_creator);
+#endif
jack_set_error_function(qjack_error);
jack_set_info_function(qjack_info);
}
--
2.41.0.windows.1

61
linux-aio-fix-unbalanced-plugged-counter-in-laio_io_.patch Normal file
View File

@ -0,0 +1,61 @@
From 96faf869b9109de54761b0b6c9a29716803f01fb Mon Sep 17 00:00:00 2001
From: wangfuqiang49 <wangfuqiang49.jd.com>
Date: Wed, 19 Feb 2025 21:34:43 -0600
Subject: [PATCH] linux-aio: fix unbalanced plugged counter in laio_io_unplug()
When the io_submit() in the execution flow of laio_do_submit ->
ioq_submit -> io_submit returns an error, such as returning -EAGAIN,
s->io_q.blocked will set to 1. Consequently, s->io_q.in_queue may grow
to laio_max_batch(), which prevents laio_io_unplug() from decrementing
s->io_q.plugged. This situation can cause laio_do_submit() and
laio_io_unplug to stop submitting AIO requests unless the number of
requests in the queue reaches laio_max_batch().
upstream commit:
commit 18bcfa0ebb39146cc4f7dad0dd989a24c74677d9
Author: Stefan Hajnoczi <stefanha@redhat.com>
Date: Thu Jun 9 17:47:11 2022 +0100
linux-aio: fix unbalanced plugged counter in laio_io_unplug()
Every laio_io_plug() call has a matching laio_io_unplug() call. There is
a plugged counter that tracks the number of levels of plugging and
allows for nesting.
The plugged counter must reflect the balance between laio_io_plug() and
laio_io_unplug() calls accurately. Otherwise I/O stalls occur since
io_submit(2) calls are skipped while plugged.
Reported-by: Nikolay Tenev <nt@storpool.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Message-id: 20220609164712.1539045-2-stefanha@redhat.com
Cc: Stefano Garzarella <sgarzare@redhat.com>
Fixes: 68d7946648 ("linux-aio: add `dev_max_batch` parameter to laio_io_unplug()")
[Stefano Garzarella suggested adding a Fixes tag.
--Stefan]
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
block/linux-aio.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/block/linux-aio.c b/block/linux-aio.c
index f53ae72e21..77f17ad596 100644
--- a/block/linux-aio.c
+++ b/block/linux-aio.c
@@ -360,8 +360,10 @@ void laio_io_unplug(BlockDriverState *bs, LinuxAioState *s,
uint64_t dev_max_batch)
{
assert(s->io_q.plugged);
+ s->io_q.plugged--;
+
if (s->io_q.in_queue >= laio_max_batch(s, dev_max_batch) ||
- (--s->io_q.plugged == 0 &&
+ (!s->io_q.plugged &&
!s->io_q.blocked && !QSIMPLEQ_EMPTY(&s->io_q.pending))) {
ioq_submit(s);
}
--
2.41.0.windows.1

120
linux-user-Add-missing-clock_gettime64-syscall-strac.patch Normal file
View File

@ -0,0 +1,120 @@
From 13cffdbd2c5074682887c27f47c81e87843e741d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Wed, 13 Nov 2024 19:36:45 +0800
Subject: [PATCH] linux-user: Add missing clock_gettime64() syscall strace
Allow linux-user to strace the clock_gettime64() syscall.
This syscall is used a lot on 32-bit guest architectures which use newer
glibc versions.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220918194555.83535-3-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/strace.c | 53 ++++++++++++++++++++++++++++++++++++++++++
linux-user/strace.list | 4 ++++
2 files changed, 57 insertions(+)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 37d66d0dff..4cf0e95edb 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -81,6 +81,7 @@ UNUSED static void print_buf(abi_long addr, abi_long len, int last);
UNUSED static void print_raw_param(const char *, abi_long, int);
UNUSED static void print_timeval(abi_ulong, int);
UNUSED static void print_timespec(abi_ulong, int);
+UNUSED static void print_timespec64(abi_ulong, int);
UNUSED static void print_timezone(abi_ulong, int);
UNUSED static void print_itimerval(abi_ulong, int);
UNUSED static void print_number(abi_long, int);
@@ -803,6 +804,24 @@ print_syscall_ret_clock_gettime(void *cpu_env, const struct syscallname *name,
#define print_syscall_ret_clock_getres print_syscall_ret_clock_gettime
#endif
+#if defined(TARGET_NR_clock_gettime64)
+static void
+print_syscall_ret_clock_gettime64(CPUArchState *cpu_env, const struct syscallname *name,
+ abi_long ret, abi_long arg0, abi_long arg1,
+ abi_long arg2, abi_long arg3, abi_long arg4,
+ abi_long arg5)
+{
+ if (!print_syscall_err(ret)) {
+ qemu_log(TARGET_ABI_FMT_ld, ret);
+ qemu_log(" (");
+ print_timespec64(arg1, 1);
+ qemu_log(")");
+ }
+
+ qemu_log("\n");
+}
+#endif
+
#ifdef TARGET_NR_gettimeofday
static void
print_syscall_ret_gettimeofday(void *cpu_env, const struct syscallname *name,
@@ -1662,6 +1681,27 @@ print_timespec(abi_ulong ts_addr, int last)
}
}
+static void
+print_timespec64(abi_ulong ts_addr, int last)
+{
+ if (ts_addr) {
+ struct target__kernel_timespec *ts;
+
+ ts = lock_user(VERIFY_READ, ts_addr, sizeof(*ts), 1);
+ if (!ts) {
+ print_pointer(ts_addr, last);
+ return;
+ }
+ qemu_log("{tv_sec = %lld"
+ ",tv_nsec = %lld}%s",
+ (long long)tswap64(ts->tv_sec), (long long)tswap64(ts->tv_nsec),
+ get_comma(last));
+ unlock_user(ts, ts_addr, 0);
+ } else {
+ qemu_log("NULL%s", get_comma(last));
+ }
+}
+
static void
print_timezone(abi_ulong tz_addr, int last)
{
@@ -2277,6 +2317,19 @@ print_clock_gettime(void *cpu_env, const struct syscallname *name,
#define print_clock_getres print_clock_gettime
#endif
+#if defined(TARGET_NR_clock_gettime64)
+static void
+print_clock_gettime64(CPUArchState *cpu_env, const struct syscallname *name,
+ abi_long arg0, abi_long arg1, abi_long arg2,
+ abi_long arg3, abi_long arg4, abi_long arg5)
+{
+ print_syscall_prologue(name);
+ print_enums(clockids, arg0, 0);
+ print_pointer(arg1, 1);
+ print_syscall_epilogue(name);
+}
+#endif
+
#ifdef TARGET_NR_clock_settime
static void
print_clock_settime(void *cpu_env, const struct syscallname *name,
diff --git a/linux-user/strace.list b/linux-user/strace.list
index 544869f1ab..f9b3f01c6c 100644
--- a/linux-user/strace.list
+++ b/linux-user/strace.list
@@ -1674,3 +1674,7 @@
#ifdef TARGET_NR_copy_file_range
{ TARGET_NR_copy_file_range, "copy_file_range", "%s(%d,%p,%d,%p,"TARGET_ABI_FMT_lu",%u)", NULL, NULL },
#endif
+#ifdef TARGET_NR_clock_gettime64
+{ TARGET_NR_clock_gettime64, "clock_gettime64" , NULL, print_clock_gettime64,
+ print_syscall_ret_clock_gettime64 },
+#endif
--
2.33.0

187
linux-user-Add-missing-signals-in-strace-output.patch Normal file
View File

@ -0,0 +1,187 @@
From 0b83779bb381053ce5de13807dfdc46d2781a2ca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Wed, 13 Nov 2024 19:32:32 +0800
Subject: [PATCH] linux-user: Add missing signals in strace output
Some of the guest signal numbers are currently not converted to
their representative names in the strace output, e.g. SIGVTALRM.
This patch introduces a smart way to generate and keep in sync the
host-to-guest and guest-to-host signal conversion tables for usage in
the qemu signal and strace code. This ensures that any signals
will now show up in both tables.
There is no functional change in this patch - with the exception that yet
missing signal names now show up in the strace code too.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220918194555.83535-2-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/signal-common.h | 46 ++++++++++++++++++++++++++++++++++++++
linux-user/signal.c | 37 +++---------------------------
linux-user/strace.c | 30 +++++++++----------------
3 files changed, 60 insertions(+), 53 deletions(-)
diff --git a/linux-user/signal-common.h b/linux-user/signal-common.h
index 7457f8025c..00d9e04d74 100644
--- a/linux-user/signal-common.h
+++ b/linux-user/signal-common.h
@@ -90,4 +90,50 @@ abi_long do_swapcontext(CPUArchState *env, abi_ulong uold_ctx,
*/
int block_signals(void); /* Returns non zero if signal pending */
+#if defined(SIGSTKFLT) && defined(TARGET_SIGSTKFLT)
+#define MAKE_SIG_ENTRY_SIGSTKFLT MAKE_SIG_ENTRY(SIGSTKFLT)
+#else
+#define MAKE_SIG_ENTRY_SIGSTKFLT
+#endif
+
+#if defined(SIGIOT) && defined(TARGET_SIGIOT)
+#define MAKE_SIG_ENTRY_SIGIOT MAKE_SIG_ENTRY(SIGIOT)
+#else
+#define MAKE_SIG_ENTRY_SIGIOT
+#endif
+
+#define MAKE_SIGNAL_LIST \
+ MAKE_SIG_ENTRY(SIGHUP) \
+ MAKE_SIG_ENTRY(SIGINT) \
+ MAKE_SIG_ENTRY(SIGQUIT) \
+ MAKE_SIG_ENTRY(SIGILL) \
+ MAKE_SIG_ENTRY(SIGTRAP) \
+ MAKE_SIG_ENTRY(SIGABRT) \
+ MAKE_SIG_ENTRY(SIGBUS) \
+ MAKE_SIG_ENTRY(SIGFPE) \
+ MAKE_SIG_ENTRY(SIGKILL) \
+ MAKE_SIG_ENTRY(SIGUSR1) \
+ MAKE_SIG_ENTRY(SIGSEGV) \
+ MAKE_SIG_ENTRY(SIGUSR2) \
+ MAKE_SIG_ENTRY(SIGPIPE) \
+ MAKE_SIG_ENTRY(SIGALRM) \
+ MAKE_SIG_ENTRY(SIGTERM) \
+ MAKE_SIG_ENTRY(SIGCHLD) \
+ MAKE_SIG_ENTRY(SIGCONT) \
+ MAKE_SIG_ENTRY(SIGSTOP) \
+ MAKE_SIG_ENTRY(SIGTSTP) \
+ MAKE_SIG_ENTRY(SIGTTIN) \
+ MAKE_SIG_ENTRY(SIGTTOU) \
+ MAKE_SIG_ENTRY(SIGURG) \
+ MAKE_SIG_ENTRY(SIGXCPU) \
+ MAKE_SIG_ENTRY(SIGXFSZ) \
+ MAKE_SIG_ENTRY(SIGVTALRM) \
+ MAKE_SIG_ENTRY(SIGPROF) \
+ MAKE_SIG_ENTRY(SIGWINCH) \
+ MAKE_SIG_ENTRY(SIGIO) \
+ MAKE_SIG_ENTRY(SIGPWR) \
+ MAKE_SIG_ENTRY(SIGSYS) \
+ MAKE_SIG_ENTRY_SIGSTKFLT \
+ MAKE_SIG_ENTRY_SIGIOT
+
#endif
diff --git a/linux-user/signal.c b/linux-user/signal.c
index 6d5e5b698c..f65d6cff2f 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -53,40 +53,9 @@ abi_ulong default_rt_sigreturn;
QEMU_BUILD_BUG_ON(__SIGRTMAX + 1 != _NSIG);
#endif
static uint8_t host_to_target_signal_table[_NSIG] = {
- [SIGHUP] = TARGET_SIGHUP,
- [SIGINT] = TARGET_SIGINT,
- [SIGQUIT] = TARGET_SIGQUIT,
- [SIGILL] = TARGET_SIGILL,
- [SIGTRAP] = TARGET_SIGTRAP,
- [SIGABRT] = TARGET_SIGABRT,
-/* [SIGIOT] = TARGET_SIGIOT,*/
- [SIGBUS] = TARGET_SIGBUS,
- [SIGFPE] = TARGET_SIGFPE,
- [SIGKILL] = TARGET_SIGKILL,
- [SIGUSR1] = TARGET_SIGUSR1,
- [SIGSEGV] = TARGET_SIGSEGV,
- [SIGUSR2] = TARGET_SIGUSR2,
- [SIGPIPE] = TARGET_SIGPIPE,
- [SIGALRM] = TARGET_SIGALRM,
- [SIGTERM] = TARGET_SIGTERM,
-#ifdef SIGSTKFLT
- [SIGSTKFLT] = TARGET_SIGSTKFLT,
-#endif
- [SIGCHLD] = TARGET_SIGCHLD,
- [SIGCONT] = TARGET_SIGCONT,
- [SIGSTOP] = TARGET_SIGSTOP,
- [SIGTSTP] = TARGET_SIGTSTP,
- [SIGTTIN] = TARGET_SIGTTIN,
- [SIGTTOU] = TARGET_SIGTTOU,
- [SIGURG] = TARGET_SIGURG,
- [SIGXCPU] = TARGET_SIGXCPU,
- [SIGXFSZ] = TARGET_SIGXFSZ,
- [SIGVTALRM] = TARGET_SIGVTALRM,
- [SIGPROF] = TARGET_SIGPROF,
- [SIGWINCH] = TARGET_SIGWINCH,
- [SIGIO] = TARGET_SIGIO,
- [SIGPWR] = TARGET_SIGPWR,
- [SIGSYS] = TARGET_SIGSYS,
+#define MAKE_SIG_ENTRY(sig) [sig] = TARGET_##sig,
+ MAKE_SIGNAL_LIST
+#undef MAKE_SIG_ENTRY
/* next signals stay the same */
};
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 37d66d0dff..019fa329f1 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -17,6 +17,7 @@
#include "qemu.h"
#include "user-internals.h"
#include "strace.h"
+#include "signal-common.h"
struct syscallname {
int nr;
@@ -141,30 +142,21 @@ if( cmd == val ) { \
qemu_log("%d", cmd);
}
+static const char * const target_signal_name[] = {
+#define MAKE_SIG_ENTRY(sig) [TARGET_##sig] = #sig,
+ MAKE_SIGNAL_LIST
+#undef MAKE_SIG_ENTRY
+};
+
static void
print_signal(abi_ulong arg, int last)
{
const char *signal_name = NULL;
- switch(arg) {
- case TARGET_SIGHUP: signal_name = "SIGHUP"; break;
- case TARGET_SIGINT: signal_name = "SIGINT"; break;
- case TARGET_SIGQUIT: signal_name = "SIGQUIT"; break;
- case TARGET_SIGILL: signal_name = "SIGILL"; break;
- case TARGET_SIGABRT: signal_name = "SIGABRT"; break;
- case TARGET_SIGFPE: signal_name = "SIGFPE"; break;
- case TARGET_SIGKILL: signal_name = "SIGKILL"; break;
- case TARGET_SIGSEGV: signal_name = "SIGSEGV"; break;
- case TARGET_SIGPIPE: signal_name = "SIGPIPE"; break;
- case TARGET_SIGALRM: signal_name = "SIGALRM"; break;
- case TARGET_SIGTERM: signal_name = "SIGTERM"; break;
- case TARGET_SIGUSR1: signal_name = "SIGUSR1"; break;
- case TARGET_SIGUSR2: signal_name = "SIGUSR2"; break;
- case TARGET_SIGCHLD: signal_name = "SIGCHLD"; break;
- case TARGET_SIGCONT: signal_name = "SIGCONT"; break;
- case TARGET_SIGSTOP: signal_name = "SIGSTOP"; break;
- case TARGET_SIGTTIN: signal_name = "SIGTTIN"; break;
- case TARGET_SIGTTOU: signal_name = "SIGTTOU"; break;
+
+ if (arg < ARRAY_SIZE(target_signal_name)) {
+ signal_name = target_signal_name[arg];
}
+
if (signal_name == NULL) {
print_raw_param("%ld", arg, last);
return;
--
2.33.0

135
linux-user-Add-pidfd_open-pidfd_send_signal-and-pidf.patch Normal file
View File

@ -0,0 +1,135 @@
From c1df5afc01165a16dd79125669a69e8fb965def2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Wed, 13 Nov 2024 19:47:37 +0800
Subject: [PATCH] linux-user: Add pidfd_open(), pidfd_send_signal() and
pidfd_getfd() syscalls
I noticed those were missing when running the glib2.0 testsuite.
Add the syscalls including the strace output.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220918194555.83535-4-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/strace.c | 28 ++++++++++++++++++++++++++++
linux-user/strace.list | 9 +++++++++
linux-user/syscall.c | 34 ++++++++++++++++++++++++++++++++++
3 files changed, 71 insertions(+)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 37d66d0dff..00dd0511c6 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -3274,6 +3274,34 @@ print_openat(void *cpu_env, const struct syscallname *name,
}
#endif
+#ifdef TARGET_NR_pidfd_send_signal
+static void
+print_pidfd_send_signal(CPUArchState *cpu_env, const struct syscallname *name,
+ abi_long arg0, abi_long arg1, abi_long arg2,
+ abi_long arg3, abi_long arg4, abi_long arg5)
+{
+ void *p;
+ target_siginfo_t uinfo;
+
+ print_syscall_prologue(name);
+ print_raw_param("%d", arg0, 0);
+ print_signal(arg1, 0);
+
+ p = lock_user(VERIFY_READ, arg2, sizeof(target_siginfo_t), 1);
+ if (p) {
+ get_target_siginfo(&uinfo, p);
+ print_siginfo(&uinfo);
+
+ unlock_user(p, arg2, 0);
+ } else {
+ print_pointer(arg2, 1);
+ }
+
+ print_raw_param("%u", arg3, 0);
+ print_syscall_epilogue(name);
+}
+#endif
+
#ifdef TARGET_NR_mq_unlink
static void
print_mq_unlink(void *cpu_env, const struct syscallname *name,
diff --git a/linux-user/strace.list b/linux-user/strace.list
index 544869f1ab..b96a1447c3 100644
--- a/linux-user/strace.list
+++ b/linux-user/strace.list
@@ -1662,6 +1662,15 @@
#ifdef TARGET_NR_pipe2
{ TARGET_NR_pipe2, "pipe2", NULL, NULL, NULL },
#endif
+#ifdef TARGET_NR_pidfd_open
+{ TARGET_NR_pidfd_open, "pidfd_open", "%s(%d,%u)", NULL, NULL },
+#endif
+#ifdef TARGET_NR_pidfd_send_signal
+{ TARGET_NR_pidfd_send_signal, "pidfd_send_signal", NULL, print_pidfd_send_signal, NULL },
+#endif
+#ifdef TARGET_NR_pidfd_getfd
+{ TARGET_NR_pidfd_getfd, "pidfd_getfd", "%s(%d,%d,%u)", NULL, NULL },
+#endif
#ifdef TARGET_NR_atomic_cmpxchg_32
{ TARGET_NR_atomic_cmpxchg_32, "atomic_cmpxchg_32", NULL, NULL, NULL },
#endif
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index c4951d449f..5f1bdfe857 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -333,6 +333,16 @@ _syscall6(int,sys_futex,int *,uaddr,int,op,int,val,
_syscall6(int,sys_futex_time64,int *,uaddr,int,op,int,val,
const struct timespec *,timeout,int *,uaddr2,int,val3)
#endif
+#if defined(__NR_pidfd_open) && defined(TARGET_NR_pidfd_open)
+_syscall2(int, pidfd_open, pid_t, pid, unsigned int, flags);
+#endif
+#if defined(__NR_pidfd_send_signal) && defined(TARGET_NR_pidfd_send_signal)
+_syscall4(int, pidfd_send_signal, int, pidfd, int, sig, siginfo_t *, info,
+ unsigned int, flags);
+#endif
+#if defined(__NR_pidfd_getfd) && defined(TARGET_NR_pidfd_getfd)
+_syscall3(int, pidfd_getfd, int, pidfd, int, targetfd, unsigned int, flags);
+#endif
#define __NR_sys_sched_getaffinity __NR_sched_getaffinity
_syscall3(int, sys_sched_getaffinity, pid_t, pid, unsigned int, len,
unsigned long *, user_mask_ptr);
@@ -8435,6 +8445,30 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
ret = do_open_by_handle_at(arg1, arg2, arg3);
fd_trans_unregister(ret);
return ret;
+#endif
+#if defined(__NR_pidfd_open) && defined(TARGET_NR_pidfd_open)
+ case TARGET_NR_pidfd_open:
+ return get_errno(pidfd_open(arg1, arg2));
+#endif
+#if defined(__NR_pidfd_send_signal) && defined(TARGET_NR_pidfd_send_signal)
+ case TARGET_NR_pidfd_send_signal:
+ {
+ siginfo_t uinfo;
+
+ p = lock_user(VERIFY_READ, arg3, sizeof(target_siginfo_t), 1);
+ if (!p) {
+ return -TARGET_EFAULT;
+ }
+ target_to_host_siginfo(&uinfo, p);
+ unlock_user(p, arg3, 0);
+ ret = get_errno(pidfd_send_signal(arg1, target_to_host_signal(arg2),
+ &uinfo, arg4));
+ }
+ return ret;
+#endif
+#if defined(__NR_pidfd_getfd) && defined(TARGET_NR_pidfd_getfd)
+ case TARGET_NR_pidfd_getfd:
+ return get_errno(pidfd_getfd(arg1, arg2, arg3));
#endif
case TARGET_NR_close:
fd_trans_unregister(arg1);
--
2.41.0.windows.1

35
linux-user-Add-proper-strace-format-strings-for-getd.patch Normal file
View File

@ -0,0 +1,35 @@
From e9d80886ac9fb87390da01b0174856638bc42d2d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Fri, 6 Dec 2024 17:42:36 +0800
Subject: [PATCH] linux-user: Add proper strace format strings for
getdents()/getdents64()
Signed-off-by: Helge Deller <deller@gmx.de>
Message-Id: <20220924114501.21767-3-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/strace.list | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/linux-user/strace.list b/linux-user/strace.list
index b59d4c5607..8d5ab6dfac 100644
--- a/linux-user/strace.list
+++ b/linux-user/strace.list
@@ -279,10 +279,10 @@
{ TARGET_NR_getcwd, "getcwd" , "%s(%p,%d)", NULL, NULL },
#endif
#ifdef TARGET_NR_getdents
-{ TARGET_NR_getdents, "getdents" , NULL, NULL, NULL },
+{ TARGET_NR_getdents, "getdents" , "%s(%d,%p,%u)", NULL, NULL },
#endif
#ifdef TARGET_NR_getdents64
-{ TARGET_NR_getdents64, "getdents64" , NULL, NULL, NULL },
+{ TARGET_NR_getdents64, "getdents64" , "%s(%d,%p,%u)", NULL, NULL },
#endif
#ifdef TARGET_NR_getdomainname
{ TARGET_NR_getdomainname, "getdomainname" , NULL, NULL, NULL },
--
2.41.0.windows.1

59
linux-user-Add-strace-for-clock_nanosleep.patch Normal file
View File

@ -0,0 +1,59 @@
From dbc66bb16f86716b2d5b7e01e8f37cc20d99fd91 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Wed, 13 Nov 2024 20:23:03 +0800
Subject: [PATCH] linux-user: Add strace for clock_nanosleep()
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220918194555.83535-10-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/strace.c | 15 +++++++++++++++
linux-user/strace.list | 3 ++-
2 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 37d66d0dff..05d6b4524a 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -3491,6 +3491,21 @@ print_unshare(void *cpu_env, const struct syscallname *name,
}
#endif
+#ifdef TARGET_NR_clock_nanosleep
+static void
+print_clock_nanosleep(CPUArchState *cpu_env, const struct syscallname *name,
+ abi_long arg0, abi_long arg1, abi_long arg2,
+ abi_long arg3, abi_long arg4, abi_long arg5)
+{
+ print_syscall_prologue(name);
+ print_enums(clockids, arg0, 0);
+ print_raw_param("%d", arg1, 0);
+ print_timespec(arg2, 0);
+ print_timespec(arg3, 1);
+ print_syscall_epilogue(name);
+}
+#endif
+
#ifdef TARGET_NR_utime
static void
print_utime(void *cpu_env, const struct syscallname *name,
diff --git a/linux-user/strace.list b/linux-user/strace.list
index 544869f1ab..dc37dcf689 100644
--- a/linux-user/strace.list
+++ b/linux-user/strace.list
@@ -91,7 +91,8 @@
print_syscall_ret_clock_gettime },
#endif
#ifdef TARGET_NR_clock_nanosleep
-{ TARGET_NR_clock_nanosleep, "clock_nanosleep" , NULL, NULL, NULL },
+{ TARGET_NR_clock_nanosleep, "clock_nanosleep" , NULL, print_clock_nanosleep,
+ NULL },
#endif
#ifdef TARGET_NR_clock_settime
{ TARGET_NR_clock_settime, "clock_settime" , NULL, print_clock_settime, NULL },
--
2.41.0.windows.1

33
linux-user-Fix-TARGET_PROT_SEM-for-XTENSA.patch Normal file
View File

@ -0,0 +1,33 @@
From 464666abdb5250ca0295c5ec99cc2ee515cac920 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Fri, 6 Dec 2024 17:36:46 +0800
Subject: [PATCH] linux-user: Fix TARGET_PROT_SEM for XTENSA
The xtensa platform has a value of 0x10 for PROT_SEM.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220924114501.21767-2-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/syscall_defs.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index a04f399278..077a059701 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -1295,7 +1295,7 @@ struct target_winsize {
#include "termbits.h"
-#if defined(TARGET_MIPS)
+#if defined(TARGET_MIPS) || defined(TARGET_XTENSA)
#define TARGET_PROT_SEM 0x10
#else
#define TARGET_PROT_SEM 0x08
--
2.41.0.windows.1

44
linux-user-Fix-strace-of-chmod-if-mode-0.patch Normal file
View File

@ -0,0 +1,44 @@
From 6b8ad93d212b5510140b49b1383626ec6dae9427 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Wed, 13 Nov 2024 20:06:25 +0800
Subject: [PATCH] linux-user: Fix strace of chmod() if mode == 0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If the mode parameter of chmod() is zero, this value isn't shown
when stracing a program:
chmod("filename",)
This patch fixes it up to show the zero-value as well:
chmod("filename",000)
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220918194555.83535-8-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/strace.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 37d66d0dff..a6e269980f 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -1496,6 +1496,11 @@ print_file_mode(abi_long mode, int last)
const char *sep = "";
const struct flags *m;
+ if (mode == 0) {
+ qemu_log("000%s", get_comma(last));
+ return;
+ }
+
for (m = &mode_flags[0]; m->f_string != NULL; m++) {
if ((m->f_value & mode) == m->f_value) {
qemu_log("%s%s", m->f_string, sep);
--
2.41.0.windows.1

42
linux-user-Log-failing-executable-in-EXCP_DUMP.patch Normal file
View File

@ -0,0 +1,42 @@
From 6fa6f29d739de0cb09dfcd9d83532104d0005e7b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Wed, 13 Nov 2024 19:54:45 +0800
Subject: [PATCH] linux-user: Log failing executable in EXCP_DUMP()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Enhance the EXCP_DUMP() macro to print out the failing program too.
During debugging it's sometimes hard to track down the actual failing
program if you are e.g. building a whole debian package.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220918194555.83535-5-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/cpu_loop-common.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/linux-user/cpu_loop-common.h b/linux-user/cpu_loop-common.h
index 8828af28a4..0803cc55d8 100644
--- a/linux-user/cpu_loop-common.h
+++ b/linux-user/cpu_loop-common.h
@@ -26,9 +26,11 @@
do { \
CPUState *cs = env_cpu(env); \
fprintf(stderr, fmt , ## __VA_ARGS__); \
+ fprintf(stderr, "Failing executable: %s\n", exec_path); \
cpu_dump_state(cs, stderr, 0); \
if (qemu_log_separate()) { \
qemu_log(fmt, ## __VA_ARGS__); \
+ qemu_log("Failing executable: %s\n", exec_path); \
log_cpu_state(cs, 0); \
} \
} while (0)
--
2.41.0.windows.1

44
linux-user-Show-timespec-on-strace-for-futex.patch Normal file
View File

@ -0,0 +1,44 @@
From b6e7a4895f176d0910059ec3941357cf60af4fd3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Wed, 13 Nov 2024 20:29:29 +0800
Subject: [PATCH] linux-user: Show timespec on strace for futex()
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220918194555.83535-11-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/strace.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 37d66d0dff..7978d459f6 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -3623,11 +3623,20 @@ print_futex(void *cpu_env, const struct syscallname *name,
abi_long arg0, abi_long arg1, abi_long arg2,
abi_long arg3, abi_long arg4, abi_long arg5)
{
+ abi_long op = arg1 & FUTEX_CMD_MASK;
print_syscall_prologue(name);
print_pointer(arg0, 0);
print_futex_op(arg1, 0);
print_raw_param(",%d", arg2, 0);
- print_pointer(arg3, 0); /* struct timespec */
+ switch (op) {
+ case FUTEX_WAIT:
+ case FUTEX_WAIT_BITSET:
+ print_timespec(arg3, 0);
+ break;
+ default:
+ print_pointer(arg3, 0);
+ break;
+ }
print_pointer(arg4, 0);
print_raw_param("%d", arg4, 1);
print_syscall_epilogue(name);
--
2.41.0.windows.1

43
linux-user-hppa-Dump-IIR-on-register-dump.patch Normal file
View File

@ -0,0 +1,43 @@
From e8f23ca825a8f3c89d0aca4248842d2035aab1fc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Fri, 6 Dec 2024 11:09:07 +0800
Subject: [PATCH] linux-user/hppa: Dump IIR on register dump
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Include the IIR register (which holds the opcode of the failing
instruction) when dumping the hppa registers.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220918194555.83535-7-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
target/hppa/helper.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/target/hppa/helper.c b/target/hppa/helper.c
index 1ccff5765a..eba133047b 100644
--- a/target/hppa/helper.c
+++ b/target/hppa/helper.c
@@ -85,9 +85,11 @@ void hppa_cpu_dump_state(CPUState *cs, FILE *f, int flags)
char psw_c[20];
int i;
- qemu_fprintf(f, "IA_F " TARGET_FMT_lx " IA_B " TARGET_FMT_lx "\n",
+ qemu_fprintf(f, "IA_F " TARGET_FMT_lx " IA_B " TARGET_FMT_lx
+ " IIR " TREG_FMT_lx "\n",
hppa_form_gva_psw(psw, env->iasq_f, env->iaoq_f),
- hppa_form_gva_psw(psw, env->iasq_b, env->iaoq_b));
+ hppa_form_gva_psw(psw, env->iasq_b, env->iaoq_b),
+ env->cr[CR_IIR]);
psw_c[0] = (psw & PSW_W ? 'W' : '-');
psw_c[1] = (psw & PSW_E ? 'E' : '-');
--
2.41.0.windows.1

39
linux-user-hppa-Set-TASK_UNMAPPED_BASE-to-0xfa000000.patch Normal file
View File

@ -0,0 +1,39 @@
From 6bd7917903112ab1541d10a006f7074c4d0fa7da Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E5=A9=A720201110?=
<liujing_yewu@cmss.chinamobile.com>
Date: Fri, 6 Dec 2024 13:34:31 +0800
Subject: [PATCH] linux-user/hppa: Set TASK_UNMAPPED_BASE to 0xfa000000 for
hppa arch
On the parisc architecture the stack grows upwards.
Move the TASK_UNMAPPED_BASE to high memory area as it's done by the
kernel on physical machines.
Signed-off-by: Helge Deller <deller@gmx.de>
Message-Id: <20220918194555.83535-9-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Liu Jing <liujing_yewu@cmss.chinamobile.com>
---
linux-user/mmap.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index c125031b90..d674d5b00d 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -251,8 +251,12 @@ static int mmap_frag(abi_ulong real_start,
# define TASK_UNMAPPED_BASE (1ul << 38)
#endif
#else
+#ifdef TARGET_HPPA
+# define TASK_UNMAPPED_BASE 0xfa000000
+#else
# define TASK_UNMAPPED_BASE 0x40000000
#endif
+#endif
abi_ulong mmap_next_start = TASK_UNMAPPED_BASE;
unsigned long last_brk;
--
2.41.0.windows.1

35
migration-fix-a-typo.patch Normal file
View File

@ -0,0 +1,35 @@
From 5a6063a0617f893f59eb16c3ef83056d72654c3c Mon Sep 17 00:00:00 2001
From: jipengfei <jipengfei_yewu@cmss.chinamobile.com>
Date: Mon, 9 Sep 2024 20:51:25 +0800
Subject: [PATCH] migration: fix a typo
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by:jipengfei <jipengfei_yewu@cmss.chinamobile.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Fiona Ebner <f.ebner@proxmox.com>
Tested-by: Fiona Ebner <f.ebner@proxmox.com>
Signed-off-by: Fabiano Rosas <farosas@suse.de>
---
migration/vmstate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/migration/vmstate.c b/migration/vmstate.c
index 05f87cdddc..c9db071bee 100644
--- a/migration/vmstate.c
+++ b/migration/vmstate.c
@@ -454,7 +454,7 @@ static int vmstate_subsection_load(QEMUFile *f, const VMStateDescription *vmsd,
len = qemu_peek_byte(f, 1);
if (len < strlen(vmsd->name) + 1) {
- /* subsection name has be be "section_name/a" */
+ /* subsection name has to be "section_name/a" */
trace_vmstate_subsection_load_bad(vmsd->name, "(short)", "");
return 0;
}
--
2.41.0.windows.1

51
python-update-type-hints-for-mypy-0.930.patch Normal file
View File

@ -0,0 +1,51 @@
From 6af7820986d8d441a02c176df4a69c8efae23763 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 10:47:39 +0800
Subject: [PATCH] python: update type hints for mypy 0.930
cherry picked from commit 366d33158cea72e80d80505f94c34cb505385c0a
Mypy 0.930, released Dec 22, changes the way argparse objects are
considered. Crafting a definition that works under Python 3.6 and an
older mypy alongside newer versions simultaneously is ... difficult,
so... eh. Stub it out with an 'Any' definition to get the CI moving
again.
Oh well.
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Beraldo Leal <bleal@redhat.com>
Message-id: 20220110191349.1841027-4-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
python/qemu/qmp/qom_common.py | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/python/qemu/qmp/qom_common.py b/python/qemu/qmp/qom_common.py
index a59ae1a2a1..2e4c741f77 100644
--- a/python/qemu/qmp/qom_common.py
+++ b/python/qemu/qmp/qom_common.py
@@ -30,10 +30,6 @@
from . import QEMUMonitorProtocol, QMPError
-# The following is needed only for a type alias.
-Subparsers = argparse._SubParsersAction # pylint: disable=protected-access
-
-
class ObjectPropertyInfo:
"""
Represents the return type from e.g. qom-list.
@@ -89,7 +85,7 @@ def __init__(self, args: argparse.Namespace):
self.qmp.connect()
@classmethod
- def register(cls, subparsers: Subparsers) -> None:
+ def register(cls, subparsers: Any) -> None:
"""
Register this command with the argument parser.
--
2.41.0.windows.1

270
qapi-qom-Define-cache-enumeration-and-properties-for.patch Normal file
View File

@ -0,0 +1,270 @@
From 04d1ae325a2a77025558d833840a62bd08136c44 Mon Sep 17 00:00:00 2001
From: huangchengfei <huangchengfei3@huawei.com>
Date: Fri, 7 Mar 2025 15:25:12 +0800
Subject: [PATCH] qapi/qom: Define cache enumeration and properties for machine
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
mainline inclusion
from mainline-master
commit 4e88e7e3403df23a0fd7a95daad1f00da80bcf81
category: feature
Reference: https://github.com/qemu/qemu/commit/4e88e7e3403df23a0fd7a95daad1f00da80bcf81
commit 4e88e7e3403df23a0fd7a95daad1f00da80bcf81 upstream
The x86 and ARM need to allow user to configure cache properties
(current only topology):
* For x86, the default cache topology model (of max/host CPU) does not
always match the Host's real physical cache topology. Performance can
increase when the configured virtual topology is closer to the
physical topology than a default topology would be.
* For ARM, QEMU can't get the cache topology information from the CPU
registers, then user configuration is necessary. Additionally, the
cache information is also needed for MPAM emulation (for TCG) to
build the right PPTT.
Define smp-cache related enumeration and properties in QAPI, so that
user could configure cache properties for SMP system through -machine in
the subsequent patch.
Cache enumeration (CacheLevelAndType) is implemented as the combination
of cache level (level 1/2/3) and cache type (data/instruction/unified).
Currently, separated L1 cache (L1 data cache and L1 instruction cache)
with unified higher-level cache (e.g., unified L2 and L3 caches), is the
most common cache architectures.
Therefore, enumerate the L1 D-cache, L1 I-cache, L2 cache and L3 cache
with smp-cache object to add the basic cache topology support. Other
kinds of caches (e.g., L1 unified or L2/L3 separated caches) can be
added directly into CacheLevelAndType if necessary.
Cache properties (SmpCacheProperties) currently only contains cache
topology information, and other cache properties can be added in it
if necessary.
Note, define cache topology based on CPU topology level with two
reasons:
1. In practice, a cache will always be bound to the CPU container
(either private in the CPU container or shared among multiple
containers), and CPU container is often expressed in terms of CPU
topology level.
2. The x86's cache-related CPUIDs encode cache topology based on APIC
ID's CPU topology layout. And the ACPI PPTT table that ARM/RISCV
relies on also requires CPU containers to help indicate the private
shared hierarchy of the cache. Therefore, for SMP systems, it is
natural to use the CPU topology hierarchy directly in QEMU to define
the cache topology.
With smp-cache QAPI support, add smp cache topology for machine by
parsing the smp-cache object list.
Also add the helper to access/update cache topology level of machine.
Round to openeuler:
*cache topology property is removed
Suggested-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
Tested-by: Yongwei Ma <yongwei.ma@intel.com>
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-ID: <20241101083331.340178-4-zhao1.liu@intel.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: huangchengfei <huangchengfei3@huawei.com>
---
hw/core/machine-smp.c | 23 ++++++++++++++++++++++
hw/core/machine.c | 42 +++++++++++++++++++++++++++++++++++++++++
include/hw/boards.h | 8 ++++++++
qapi/machine.json | 44 +++++++++++++++++++++++++++++++++++++++++++
4 files changed, 117 insertions(+)
diff --git a/hw/core/machine-smp.c b/hw/core/machine-smp.c
index b39ed21e65..9d1aa3afb3 100644
--- a/hw/core/machine-smp.c
+++ b/hw/core/machine-smp.c
@@ -193,3 +193,26 @@ void machine_parse_smp_config(MachineState *ms,
return;
}
}
+
+bool machine_parse_smp_cache(MachineState *ms,
+ const SmpCachePropertiesList *caches,
+ Error **errp)
+{
+ const SmpCachePropertiesList *node;
+ DECLARE_BITMAP(caches_bitmap, CACHE_LEVEL_AND_TYPE__MAX);
+
+ for (node = caches; node; node = node->next) {
+ /* Prohibit users from repeating settings. */
+ if (test_bit(node->value->cache, caches_bitmap)) {
+ error_setg(errp,
+ "Invalid cache properties: %s. "
+ "The cache properties are duplicated",
+ CacheLevelAndType_str(node->value->cache));
+ return false;
+ }
+
+ set_bit(node->value->cache, caches_bitmap);
+ }
+
+ return true;
+}
\ No newline at end of file
diff --git a/hw/core/machine.c b/hw/core/machine.c
index cb539104a1..4cdd9a7300 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -777,6 +777,39 @@ static void machine_set_smp(Object *obj, Visitor *v, const char *name,
machine_parse_smp_config(ms, config, errp);
}
+static void machine_get_smp_cache(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+ SmpCache *cache = &ms->smp_cache;
+ SmpCachePropertiesList *head = NULL;
+ SmpCachePropertiesList **tail = &head;
+
+ for (int i = 0; i < CACHE_LEVEL_AND_TYPE__MAX; i++) {
+ SmpCacheProperties *node = g_new(SmpCacheProperties, 1);
+
+ node->cache = cache->props[i].cache;
+ QAPI_LIST_APPEND(tail, node);
+ }
+
+ visit_type_SmpCachePropertiesList(v, name, &head, errp);
+ qapi_free_SmpCachePropertiesList(head);
+}
+
+static void machine_set_smp_cache(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+ SmpCachePropertiesList *caches;
+
+ if (!visit_type_SmpCachePropertiesList(v, name, &caches, errp)) {
+ return;
+ }
+
+ machine_parse_smp_cache(ms, caches, errp);
+ qapi_free_SmpCachePropertiesList(caches);
+}
+
static void machine_class_init(ObjectClass *oc, void *data)
{
MachineClass *mc = MACHINE_CLASS(oc);
@@ -821,6 +854,11 @@ static void machine_class_init(ObjectClass *oc, void *data)
object_class_property_set_description(oc, "smp",
"CPU topology");
+ object_class_property_add(oc, "smp-cache", "SmpCachePropertiesWrapper",
+ machine_get_smp_cache, machine_set_smp_cache, NULL, NULL);
+ object_class_property_set_description(oc, "smp-cache",
+ "Cache properties list for SMP machine");
+
object_class_property_add(oc, "phandle-start", "int",
machine_get_phandle_start, machine_set_phandle_start,
NULL, NULL);
@@ -948,6 +986,10 @@ static void machine_initfn(Object *obj)
ms->smp.clusters = 1;
ms->smp.cores = 1;
ms->smp.threads = 1;
+
+ for (int i = 0; i < CACHE_LEVEL_AND_TYPE__MAX; i++) {
+ ms->smp_cache.props[i].cache = (CacheLevelAndType)i;
+ }
}
static void machine_finalize(Object *obj)
diff --git a/include/hw/boards.h b/include/hw/boards.h
index f49a2578ea..59f04caf3f 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -36,6 +36,9 @@ void machine_set_cpu_numa_node(MachineState *machine,
Error **errp);
void machine_parse_smp_config(MachineState *ms,
const SMPConfiguration *config, Error **errp);
+bool machine_parse_smp_cache(MachineState *ms,
+ const SmpCachePropertiesList *caches,
+ Error **errp);
/**
* machine_class_allow_dynamic_sysbus_dev: Add type to list of valid devices
@@ -316,6 +319,10 @@ typedef struct CpuTopology {
unsigned int max_cpus;
} CpuTopology;
+typedef struct SmpCache {
+ SmpCacheProperties props[CACHE_LEVEL_AND_TYPE__MAX];
+} SmpCache;
+
/**
* MachineState:
*/
@@ -359,6 +366,7 @@ struct MachineState {
AccelState *accelerator;
CPUArchIdList *possible_cpus;
CpuTopology smp;
+ SmpCache smp_cache;
struct NVDIMMState *nvdimms_state;
struct NumaState *numa_state;
};
diff --git a/qapi/machine.json b/qapi/machine.json
index 31b0350b99..676e16477b 100644
--- a/qapi/machine.json
+++ b/qapi/machine.json
@@ -1570,3 +1570,47 @@
{ 'command': 'x-query-usb',
'returns': 'HumanReadableText',
'features': [ 'unstable' ] }
+
+##
+# @CacheLevelAndType:
+#
+# Caches a system may have. The enumeration value here is the
+# combination of cache level and cache type.
+#
+# @l1d: L1 data cache.
+#
+# @l1i: L1 instruction cache.
+#
+# @l2: L2 (unified) cache.
+#
+# @l3: L3 (unified) cache
+#
+# Since: 9.2
+##
+{ 'enum': 'CacheLevelAndType',
+ 'data': [ 'l1d', 'l1i', 'l2', 'l3' ] }
+
+##
+# @SmpCacheProperties:
+#
+# Cache information for SMP system.
+#
+# @cache: Cache name, which is the combination of cache level and cache type.
+#
+# Since: 9.2
+##
+{ 'struct': 'SmpCacheProperties',
+ 'data': {
+ 'cache': 'CacheLevelAndType' } }
+
+##
+# @SmpCachePropertiesWrapper:
+#
+# List wrapper of SmpCacheProperties.
+#
+# @caches: the list of SmpCacheProperties.
+#
+# Since 9.2
+##
+{ 'struct': 'SmpCachePropertiesWrapper',
+ 'data': { 'caches': ['SmpCacheProperties'] } }
--
2.41.0.windows.1

34
qdev-core.h-Fix-wrongly-named-reference-to-TYPE_SPLI.patch Normal file
View File

@ -0,0 +1,34 @@
From 86d3da849524411b4a2ad1e3a03a1c5cf95e25ea Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 13:36:13 +0800
Subject: [PATCH] qdev-core.h: Fix wrongly named reference to TYPE_SPLIT_IRQ
cherry picked from commit 5df69ab89527618744661d5a45ed85ca3cc7bceb
Fix a comment in qdev-core.h where we incorrectly referred
to TYPE_IRQ_SPLIT when we meant TYPE_SPLIT_IRQ.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20220111172655.3546766-1-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
include/hw/qdev-core.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h
index 45b1aec86b..a1169c1c9a 100644
--- a/include/hw/qdev-core.h
+++ b/include/hw/qdev-core.h
@@ -500,7 +500,7 @@ qemu_irq qdev_get_gpio_in_named(DeviceState *dev, const char *name, int n);
* qemu_irqs at once, or to connect multiple outbound GPIOs to the
* same qemu_irq. (Warning: there is no assertion or other guard to
* catch this error: the model will just not do the right thing.)
- * Instead, for fan-out you can use the TYPE_IRQ_SPLIT device: connect
+ * Instead, for fan-out you can use the TYPE_SPLIT_IRQ device: connect
* a device's outbound GPIO to the splitter's input, and connect each
* of the splitter's outputs to a different device. For fan-in you
* can use the TYPE_OR_IRQ device, which is a model of a logical OR
--
2.41.0.windows.1

310
qemu-Support-specifying-the-cache-size-presented-to-.patch Normal file
View File

@ -0,0 +1,310 @@
From 152b6db246ca73a4eb1683afb59e8020645e0f79 Mon Sep 17 00:00:00 2001
From: huangchengfei <huangchengfei3@huawei.com>
Date: Fri, 7 Mar 2025 16:09:50 +0800
Subject: [PATCH] qemu: Support specifying the cache size presented to guest
Add configuration item to specifying the cache size presented to guest in Bytes.
for example:
-machine virt,\
smp-cache.0.cache=l1i,smp-cache.0.size=32768,\
smp-cache.1.cache=l1d,smp-cache.1.size=32768,\
smp-cache.2.cache=l2,smp-cache.2.size=1048576
Signed-off-by: huangchengfei <huangchengfei3@huawei.com>
---
hw/arm/virt-acpi-build.c | 40 ++++++++++++++++++++++++++++------------
hw/arm/virt.c | 18 +++++++++++++-----
hw/core/machine-smp.c | 14 ++++++++++++++
hw/core/machine.c | 2 ++
include/hw/boards.h | 4 ++++
qapi/machine.json | 15 ++++++++++-----
6 files changed, 71 insertions(+), 22 deletions(-)
diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
index ed220d5d40..5ed23e627a 100644
--- a/hw/arm/virt-acpi-build.c
+++ b/hw/arm/virt-acpi-build.c
@@ -64,46 +64,62 @@
* ACPI spec, Revision 6.3
* 5.2.29.2 Cache Type Structure (Type 1)
*/
-static void build_cache_hierarchy_node(GArray *tbl, uint32_t next_level,
- uint32_t cache_type)
+static void build_cache_hierarchy_node(MachineState *ms, GArray *tbl,
+ uint32_t next_level, uint32_t cache_type)
{
build_append_byte(tbl, 1);
build_append_byte(tbl, 24);
build_append_int_noprefix(tbl, 0, 2);
build_append_int_noprefix(tbl, 127, 4);
build_append_int_noprefix(tbl, next_level, 4);
+ uint64_t cache_size;
switch (cache_type) {
case ARM_L1D_CACHE: /* L1 dcache info */
- build_append_int_noprefix(tbl, ARM_L1DCACHE_SIZE, 4);
+ cache_size = machine_get_cache_size(ms, CACHE_LEVEL_AND_TYPE_L1D);
+ build_append_int_noprefix(tbl,
+ cache_size > 0 ? cache_size : ARM_L1DCACHE_SIZE,
+ 4);
build_append_int_noprefix(tbl, ARM_L1DCACHE_SETS, 4);
build_append_byte(tbl, ARM_L1DCACHE_ASSOCIATIVITY);
build_append_byte(tbl, ARM_L1DCACHE_ATTRIBUTES);
build_append_int_noprefix(tbl, ARM_L1DCACHE_LINE_SIZE, 2);
break;
case ARM_L1I_CACHE: /* L1 icache info */
- build_append_int_noprefix(tbl, ARM_L1ICACHE_SIZE, 4);
+ cache_size = machine_get_cache_size(ms, CACHE_LEVEL_AND_TYPE_L1I);
+ build_append_int_noprefix(tbl,
+ cache_size > 0 ? cache_size : ARM_L1ICACHE_SIZE,
+ 4);
build_append_int_noprefix(tbl, ARM_L1ICACHE_SETS, 4);
build_append_byte(tbl, ARM_L1ICACHE_ASSOCIATIVITY);
build_append_byte(tbl, ARM_L1ICACHE_ATTRIBUTES);
build_append_int_noprefix(tbl, ARM_L1ICACHE_LINE_SIZE, 2);
break;
case ARM_L1_CACHE: /* L1 cache info */
- build_append_int_noprefix(tbl, ARM_L1CACHE_SIZE, 4);
+ cache_size = machine_get_cache_size(ms, CACHE_LEVEL_AND_TYPE_L1);
+ build_append_int_noprefix(tbl,
+ cache_size > 0 ? cache_size : ARM_L1CACHE_SIZE,
+ 4);
build_append_int_noprefix(tbl, ARM_L1CACHE_SETS, 4);
build_append_byte(tbl, ARM_L1CACHE_ASSOCIATIVITY);
build_append_byte(tbl, ARM_L1CACHE_ATTRIBUTES);
build_append_int_noprefix(tbl, ARM_L1CACHE_LINE_SIZE, 2);
break;
case ARM_L2_CACHE: /* L2 cache info */
- build_append_int_noprefix(tbl, ARM_L2CACHE_SIZE, 4);
+ cache_size = machine_get_cache_size(ms, CACHE_LEVEL_AND_TYPE_L2);
+ build_append_int_noprefix(tbl,
+ cache_size > 0 ? cache_size : ARM_L2CACHE_SIZE,
+ 4);
build_append_int_noprefix(tbl, ARM_L2CACHE_SETS, 4);
build_append_byte(tbl, ARM_L2CACHE_ASSOCIATIVITY);
build_append_byte(tbl, ARM_L2CACHE_ATTRIBUTES);
build_append_int_noprefix(tbl, ARM_L2CACHE_LINE_SIZE, 2);
break;
case ARM_L3_CACHE: /* L3 cache info */
- build_append_int_noprefix(tbl, ARM_L3CACHE_SIZE, 4);
+ cache_size = machine_get_cache_size(ms, CACHE_LEVEL_AND_TYPE_L3);
+ build_append_int_noprefix(tbl,
+ cache_size > 0 ? cache_size : ARM_L3CACHE_SIZE,
+ 4);
build_append_int_noprefix(tbl, ARM_L3CACHE_SETS, 4);
build_append_byte(tbl, ARM_L3CACHE_ASSOCIATIVITY);
build_append_byte(tbl, ARM_L3CACHE_ATTRIBUTES);
@@ -140,7 +156,7 @@ static void build_pptt_arm(GArray *table_data, BIOSLinker *linker, MachineState
for (socket = 0; socket < ms->smp.sockets; socket++) {
uint32_t l3_cache_offset = table_data->len - pptt_start;
- build_cache_hierarchy_node(table_data, 0, ARM_L3_CACHE);
+ build_cache_hierarchy_node(ms, table_data, 0, ARM_L3_CACHE);
g_queue_push_tail(list,
GUINT_TO_POINTER(table_data->len - pptt_start));
@@ -179,16 +195,16 @@ static void build_pptt_arm(GArray *table_data, BIOSLinker *linker, MachineState
for (core = 0; core < ms->smp.cores; core++) {
uint32_t priv_rsrc[3] = {};
priv_rsrc[0] = table_data->len - pptt_start; /* L2 cache offset */
- build_cache_hierarchy_node(table_data, 0, ARM_L2_CACHE);
+ build_cache_hierarchy_node(ms, table_data, 0, ARM_L2_CACHE);
if (unified_l1) {
priv_rsrc[1] = table_data->len - pptt_start; /* L1 cache offset */
- build_cache_hierarchy_node(table_data, priv_rsrc[0], ARM_L1_CACHE);
+ build_cache_hierarchy_node(ms, table_data, priv_rsrc[0], ARM_L1_CACHE);
} else {
priv_rsrc[1] = table_data->len - pptt_start; /* L1 dcache offset */
- build_cache_hierarchy_node(table_data, priv_rsrc[0], ARM_L1D_CACHE);
+ build_cache_hierarchy_node(ms, table_data, priv_rsrc[0], ARM_L1D_CACHE);
priv_rsrc[2] = table_data->len - pptt_start; /* L1 icache offset */
- build_cache_hierarchy_node(table_data, priv_rsrc[0], ARM_L1I_CACHE);
+ build_cache_hierarchy_node(ms, table_data, priv_rsrc[0], ARM_L1I_CACHE);
}
if (ms->smp.threads > 1) {
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index d31675b0fd..c581f65a22 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -408,6 +408,7 @@ static void fdt_add_l3cache_nodes(const VirtMachineState *vms)
const MachineState *ms = MACHINE(vms);
int cpus_per_socket = ms->smp.clusters * ms->smp.cores * ms->smp.threads;
int sockets = (ms->smp.cpus + cpus_per_socket - 1) / cpus_per_socket;
+ uint64_t cache_size = machine_get_cache_size(ms, CACHE_LEVEL_AND_TYPE_L3);
for (i = 0; i < sockets; i++) {
char *nodename = g_strdup_printf("/cpus/l3-cache%d", i);
@@ -416,7 +417,8 @@ static void fdt_add_l3cache_nodes(const VirtMachineState *vms)
qemu_fdt_setprop_string(ms->fdt, nodename, "compatible", "cache");
qemu_fdt_setprop_string(ms->fdt, nodename, "cache-unified", "true");
qemu_fdt_setprop_cell(ms->fdt, nodename, "cache-level", 3);
- qemu_fdt_setprop_cell(ms->fdt, nodename, "cache-size", ARM_L3CACHE_SIZE);
+ qemu_fdt_setprop_cell(ms->fdt, nodename, "cache-size",
+ cache_size > 0 ? cache_size : ARM_L3CACHE_SIZE);
qemu_fdt_setprop_cell(ms->fdt, nodename, "cache-line-size",
ARM_L3CACHE_LINE_SIZE);
qemu_fdt_setprop_cell(ms->fdt, nodename, "cache-sets", ARM_L3CACHE_SETS);
@@ -431,6 +433,7 @@ static void fdt_add_l2cache_nodes(const VirtMachineState *vms)
const MachineState *ms = MACHINE(vms);
int cpus_per_socket = ms->smp.clusters * ms->smp.cores * ms->smp.threads;
int cpu;
+ uint64_t cache_size = machine_get_cache_size(ms, CACHE_LEVEL_AND_TYPE_L2);
for (cpu = 0; cpu < ms->smp.cpus; cpu++) {
char *next_path = g_strdup_printf("/cpus/l3-cache%d",
@@ -440,7 +443,8 @@ static void fdt_add_l2cache_nodes(const VirtMachineState *vms)
qemu_fdt_add_subnode(ms->fdt, nodename);
qemu_fdt_setprop_string(ms->fdt, nodename, "cache-unified", "true");
qemu_fdt_setprop_string(ms->fdt, nodename, "compatible", "cache");
- qemu_fdt_setprop_cell(ms->fdt, nodename, "cache-size", ARM_L2CACHE_SIZE);
+ qemu_fdt_setprop_cell(ms->fdt, nodename, "cache-size",
+ cache_size > 0 ? cache_size : ARM_L2CACHE_SIZE);
qemu_fdt_setprop_cell(ms->fdt, nodename, "cache-line-size",
ARM_L2CACHE_LINE_SIZE);
qemu_fdt_setprop_cell(ms->fdt, nodename, "cache-sets", ARM_L2CACHE_SETS);
@@ -460,21 +464,25 @@ static void fdt_add_l1cache_prop(const VirtMachineState *vms,
const MachineState *ms = MACHINE(vms);
char *next_path = g_strdup_printf("/cpus/l2-cache%d", cpu);
bool unified_l1 = cpu_l1_cache_unified(0);
+ uint64_t l1d_cache_size = machine_get_cache_size(ms, CACHE_LEVEL_AND_TYPE_L1D);
+ uint64_t l1i_cache_size = machine_get_cache_size(ms, CACHE_LEVEL_AND_TYPE_L1I);
+ uint64_t l1_cache_size = machine_get_cache_size(ms, CACHE_LEVEL_AND_TYPE_L1);
if (unified_l1) {
- qemu_fdt_setprop_cell(ms->fdt, nodename, "cache-size", ARM_L1CACHE_SIZE);
+ qemu_fdt_setprop_cell(ms->fdt, nodename, "cache-size",
+ l1_cache_size > 0 ? l1_cache_size : ARM_L1CACHE_SIZE);
qemu_fdt_setprop_cell(ms->fdt, nodename, "cache-line-size",
ARM_L1CACHE_LINE_SIZE);
qemu_fdt_setprop_cell(ms->fdt, nodename, "cache-sets", ARM_L1CACHE_SETS);
} else {
qemu_fdt_setprop_cell(ms->fdt, nodename, "d-cache-size",
- ARM_L1DCACHE_SIZE);
+ l1d_cache_size > 0 ? l1d_cache_size : ARM_L1DCACHE_SIZE);
qemu_fdt_setprop_cell(ms->fdt, nodename, "d-cache-line-size",
ARM_L1DCACHE_LINE_SIZE);
qemu_fdt_setprop_cell(ms->fdt, nodename, "d-cache-sets",
ARM_L1DCACHE_SETS);
qemu_fdt_setprop_cell(ms->fdt, nodename, "i-cache-size",
- ARM_L1ICACHE_SIZE);
+ l1i_cache_size > 0 ? l1i_cache_size : ARM_L1ICACHE_SIZE);
qemu_fdt_setprop_cell(ms->fdt, nodename, "i-cache-line-size",
ARM_L1ICACHE_LINE_SIZE);
qemu_fdt_setprop_cell(ms->fdt, nodename, "i-cache-sets",
diff --git a/hw/core/machine-smp.c b/hw/core/machine-smp.c
index a421a394d4..47922ec4aa 100644
--- a/hw/core/machine-smp.c
+++ b/hw/core/machine-smp.c
@@ -212,8 +212,22 @@ bool machine_parse_smp_cache(MachineState *ms,
return false;
}
+ machine_set_cache_size(ms, node->value->cache,
+ node->value->size);
set_bit(node->value->cache, caches_bitmap);
}
return true;
+}
+
+uint64_t machine_get_cache_size(const MachineState *ms,
+ CacheLevelAndType cache)
+{
+ return ms->smp_cache.props[cache].size;
+}
+
+void machine_set_cache_size(MachineState *ms, CacheLevelAndType cache,
+ uint64_t size)
+{
+ ms->smp_cache.props[cache].size = size;
}
\ No newline at end of file
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 4cdd9a7300..35a7c1d328 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -789,6 +789,7 @@ static void machine_get_smp_cache(Object *obj, Visitor *v, const char *name,
SmpCacheProperties *node = g_new(SmpCacheProperties, 1);
node->cache = cache->props[i].cache;
+ node->size = cache->props[i].size;
QAPI_LIST_APPEND(tail, node);
}
@@ -989,6 +990,7 @@ static void machine_initfn(Object *obj)
for (int i = 0; i < CACHE_LEVEL_AND_TYPE__MAX; i++) {
ms->smp_cache.props[i].cache = (CacheLevelAndType)i;
+ ms->smp_cache.props[i].size = 0;
}
}
diff --git a/include/hw/boards.h b/include/hw/boards.h
index 59f04caf3f..f7ba05c56a 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -39,6 +39,10 @@ void machine_parse_smp_config(MachineState *ms,
bool machine_parse_smp_cache(MachineState *ms,
const SmpCachePropertiesList *caches,
Error **errp);
+uint64_t machine_get_cache_size(const MachineState *ms,
+ CacheLevelAndType cache);
+void machine_set_cache_size(MachineState *ms, CacheLevelAndType cache,
+ uint64_t size);
/**
* machine_class_allow_dynamic_sysbus_dev: Add type to list of valid devices
diff --git a/qapi/machine.json b/qapi/machine.json
index 676e16477b..c12fa1e399 100644
--- a/qapi/machine.json
+++ b/qapi/machine.json
@@ -1581,14 +1581,16 @@
#
# @l1i: L1 instruction cache.
#
+# @l1: L1 (unified) cache.
+#
# @l2: L2 (unified) cache.
#
# @l3: L3 (unified) cache
#
-# Since: 9.2
+# Since: 6.2
##
{ 'enum': 'CacheLevelAndType',
- 'data': [ 'l1d', 'l1i', 'l2', 'l3' ] }
+ 'data': [ 'l1d', 'l1i', 'l1', 'l2', 'l3' ] }
##
# @SmpCacheProperties:
@@ -1597,11 +1599,14 @@
#
# @cache: Cache name, which is the combination of cache level and cache type.
#
-# Since: 9.2
+# @size: Cache size in units of Byte.
+#
+# Since: 6.2
##
{ 'struct': 'SmpCacheProperties',
'data': {
- 'cache': 'CacheLevelAndType' } }
+ 'cache': 'CacheLevelAndType',
+ 'size': 'uint64' } }
##
# @SmpCachePropertiesWrapper:
@@ -1610,7 +1615,7 @@
#
# @caches: the list of SmpCacheProperties.
#
-# Since 9.2
+# Since 6.2
##
{ 'struct': 'SmpCachePropertiesWrapper',
'data': { 'caches': ['SmpCacheProperties'] } }
--
2.41.0.windows.1

37
qemu-bswap-Undefine-CPU_CONVERT-once-done.patch Normal file
View File

@ -0,0 +1,37 @@
From 2eb8238d0a6ed3ba3d85756b7ae954cb11ad6de9 Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Tue, 12 Nov 2024 14:10:39 +0800
Subject: [PATCH] qemu/bswap: Undefine CPU_CONVERT() once done
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cheery-pick from 1d73353f236209e9b5987d7c6b30b2a32b739210
Better undefined macros once we are done with them,
like we do few lines later with DO_STN_LDN_P().
Signed-off-by: Philippe Mathieu-Daudé philmd@linaro.org
Reviewed-by: Thomas Huth thuth@redhat.com
Message-Id: 20241003234211.53644-2-philmd@linaro.org
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
include/qemu/bswap.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/include/qemu/bswap.h b/include/qemu/bswap.h
index 2d3bb8bbed..d8364f5011 100644
--- a/include/qemu/bswap.h
+++ b/include/qemu/bswap.h
@@ -183,6 +183,8 @@ CPU_CONVERT(le, 16, uint16_t)
CPU_CONVERT(le, 32, uint32_t)
CPU_CONVERT(le, 64, uint64_t)
+#undef CPU_CONVERT
+
/*
* Same as cpu_to_le{16,32}, except that gcc will figure the result is
* a compile-time constant if you pass in a constant. So this can be
--
2.33.0

139
qemu.spec
View File

@ -3,7 +3,7 @@
Name: qemu
Version: 6.2.0
Release: 103
Release: 108
Epoch: 10
Summary: QEMU is a generic and open source machine emulator and virtualizer
License: GPLv2 and BSD and MIT and CC-BY-SA-4.0
@ -1120,7 +1120,69 @@ Patch1105: chardev-baum-Use-definitions-to-avoid-dynamic-stack-.patch
Patch1106: linux-user-use-max-instead-of-qemu32-qemu64-by-defau.patch
Patch1107: intel_iommu-Add-missed-sanity-check-for-256-bit-inva.patch
Patch1108: Introduce-the-SM4-cipher-algorithms-OSCCA-GB-T-32907.patch
Patch1109: intel_iommu-Add-missed-reserved-bit-check-for-IEC-de.patch
Patch1110: 9pfs-fix-crash-on-Treaddir-request.patch
Patch1111: s390x-ap-fix-missing-subsystem-reset-registration.patch
Patch1112: qemu-bswap-Undefine-CPU_CONVERT-once-done.patch
Patch1113: linux-user-Add-missing-signals-in-strace-output.patch
Patch1114: linux-user-Add-missing-clock_gettime64-syscall-strac.patch
Patch1115: target-i386-allow-versioned-CPUs-to-specify-new-cach.patch
Patch1116: target-i386-Add-new-EPYC-CPU-versions-with-updated-c.patch
Patch1117: target-i386-Add-a-couple-of-feature-bits-in-8000_000.patch
Patch1118: target-i386-Add-feature-bits-for-CPUID_Fn80000021_EA.patch
Patch1119: target-i386-Add-missing-feature-bits-in-EPYC-Milan-m.patch
Patch1120: target-i386-Add-VNMI-and-automatic-IBRS-feature-bits.patch
Patch1121: target-i386-Add-EPYC-Genoa-model-to-support-Zen-4-pr.patch
Patch1122: linux-user-Add-pidfd_open-pidfd_send_signal-and-pidf.patch
Patch1123: linux-user-Log-failing-executable-in-EXCP_DUMP.patch
Patch1124: linux-user-Fix-strace-of-chmod-if-mode-0.patch
Patch1125: linux-user-Add-strace-for-clock_nanosleep.patch
Patch1126: linux-user-Show-timespec-on-strace-for-futex.patch
Patch1127: hw-ppc-e500-Add-missing-device-tree-properties-to-i2.patch
Patch1128: hw-ppc-e500-Remove-unused-irqs-parameter.patch
Patch1129: hw-ppc-e500-Prefer-QOM-cast.patch
Patch1130: tcg-Allow-top-bit-of-SIMD_DATA_BITS-to-be-set-in-sim.patch
Patch1131: Python-aqmp-fix-type-definitions-for-mypy-0.920.patch
Patch1132: python-update-type-hints-for-mypy-0.930.patch
Patch1133: simplebench-Fix-Python-syntax-error-reported-by-LGTM.patch
Patch1134: jackaudio-use-ifdefs-to-hide-unavailable-functions.patch
Patch1135: docs-Correct-vhost-user-blk-spelling.patch
Patch1136: vvfat-Fix-size-of-temporary-qcow-file.patch
Patch1137: target-ppc-Fix-7448-support.patch
Patch1138: gqa-win-get_pci_info-Clean-dev_info-if-handle-is-val.patch
Patch1139: hw-scsi-megasas-Simplify-using-the-ldst-API.patch
Patch1140: qdev-core.h-Fix-wrongly-named-reference-to-TYPE_SPLI.patch
Patch1141: tests-Fix-typo-in-check-help-output.patch
Patch1142: linux-user-hppa-Dump-IIR-on-register-dump.patch
Patch1143: linux-user-hppa-Set-TASK_UNMAPPED_BASE-to-0xfa000000.patch
Patch1144: linux-user-Fix-TARGET_PROT_SEM-for-XTENSA.patch
Patch1145: linux-user-Add-proper-strace-format-strings-for-getd.patch
Patch1146: target-ppc-Set-ctx-opcode-for-decode_insn32.patch
Patch1147: usb-hub-Fix-handling-port-power-control-messages.patch
Patch1148: target-arm-Drop-user-only-special-case-in-sve_stN_r.patch
Patch1149: hw-intc-Don-t-clear-pending-bits-on-IRQ-lowering.patch
Patch1150: Fix-calculation-of-minimum-in-colo_compare_tcp.patch
Patch1151: tcg-Reset-data_gen_ptr-correctly.patch
Patch1152: raw-format-Fix-error-message-for-invalid-offset-size.patch
Patch1153: scsi-fetch-unit-attention-when-creating-the-request.patch
Patch1154: migration-fix-a-typo.patch
Patch1155: hw-core-loader-gunzip-fix-memory-leak-on-error-path.patch
Patch1156: tests-qtest-fuzz-fix-memleak-in-qos_fuzz.c.patch
Patch1157: target-i386-fix-size-of-EBP-writeback-in-gen_enter.patch
Patch1158: ui-gtk-fix-leaks-found-wtih-fuzzing.patch
Patch1159: hw-pci-Remove-unused-pci_irq_pulse-method.patch
Patch1160: hw-misc-nrf51_rng-Don-t-use-BIT_MASK-when-we-mean-BI.patch
Patch1161: vvfat-Fix-vvfat_write-for-writes-before-the-root-dir.patch
Patch1162: hvf-remove-unused-but-set-variable.patch
Patch1163: iotests-308-Fix-for-CAP_DAC_OVERRIDE.patch
Patch1164: edid-set-default-resolution-to-1280x800-WXGA.patch
Patch1165: tests-avocado-machine_s390_ccw_virtio-Adapt-test-to-.patch
Patch1166: hw-nvme-Remove-redundant-dma_blk_write.patch
Patch1167: linux-aio-fix-unbalanced-plugged-counter-in-laio_io_.patch
Patch1168: qapi-qom-Define-cache-enumeration-and-properties-for.patch
Patch1169: hw-core-machine-smp-Initialize-caches_bitmap-before-.patch
Patch1170: qemu-Support-specifying-the-cache-size-presented-to-.patch
Patch1171: vdpa-Fix-dirty-page-bitmap-synchronization-not-done-.patch
BuildRequires: flex
BuildRequires: gcc
@ -1719,6 +1781,79 @@ getent passwd qemu >/dev/null || \
%endif
%changelog
* Wed May 14 2025 <fengjiabo1@huawei.com> - 10:6.2.0-108
- vdpa:Fix dirty page bitmap synchronization not done after suspend for vdpa devices
* Wed Mar 26 2025 <fengjiabo1@huawei.com> - 10:6.2.0-107
- qemu: Support specifying the cache size presented to guest
- hw/core/machine-smp: Initialize caches_bitmap before reading
- qapi/qom: Define cache enumeration and properties for machine
- linux-aio: fix unbalanced plugged counter in laio_io_unplug()
* Fri Feb 21 2025 <fengjiabo1@huawei.com> - 10:6.2.0-106
- hw/nvme: Remove redundant dma_blk_write
- tests/avocado/machine_s390_ccw_virtio: Adapt test to new default resolution
- edid: set default resolution to 1280x800 (WXGA)
- iotests/308: Fix for CAP_DAC_OVERRIDE
- hvf: remove unused but set variable
- vvfat: Fix vvfat_write() for writes before the root directory
- hw/misc/nrf51_rng: Don't use BIT_MASK() when we mean BIT()
- hw/pci: Remove unused pci_irq_pulse() method
- ui/gtk: fix leaks found wtih fuzzing
- target/i386: fix size of EBP writeback in gen_enter()
- tests/qtest/fuzz: fix memleak in qos_fuzz.c
- hw/core/loader: gunzip(): fix memory leak on error path
- migration: fix a typo
- scsi: fetch unit attention when creating the request
- raw-format: Fix error message for invalid offset/size
- tcg: Reset data_gen_ptr correctly
- Fix calculation of minimum in colo_compare_tcp
- hw/intc: Don't clear pending bits on IRQ lowering
- target/arm: Drop user-only special case in sve_stN_r
- usb-hub: Fix handling port power control messages
- target/ppc: Set ctx->opcode for decode_insn32()
- linux-user: Add proper strace format strings for getdents()/getdents64()
- linux-user: Fix TARGET_PROT_SEM for XTENSA
- linux-user/hppa: Set TASK_UNMAPPED_BASE to 0xfa000000 for hppa arch
- linux-user/hppa: Dump IIR on register dump
- tests: Fix typo in check-help output
- qdev-core.h: Fix wrongly named reference to TYPE_SPLIT_IRQ
- hw/scsi/megasas: Simplify using the ldst API
- gqa-win: get_pci_info: Clean dev_info if handle is valid
- target/ppc: Fix 7448 support
- vvfat: Fix size of temporary qcow file
- docs: Correct 'vhost-user-blk' spelling
- jackaudio: use ifdefs to hide unavailable functions
- simplebench: Fix Python syntax error (reported by LGTM)
- python: update type hints for mypy 0.930
- Python/aqmp: fix type definitions for mypy 0.920
- tcg: Allow top bit of SIMD_DATA_BITS to be set in simd_desc()
- hw/ppc/e500: Prefer QOM cast
- hw/ppc/e500: Remove unused "irqs" parameter
- hw/ppc/e500: Add missing device tree properties to i2c controller node
- linux-user: Show timespec on strace for futex()
- linux-user: Add strace for clock_nanosleep()
- linux-user: Fix strace of chmod() if mode == 0
- linux-user: Log failing executable in EXCP_DUMP()
- linux-user: Add pidfd_open(), pidfd_send_signal() and pidfd_getfd() syscalls
* Wed Dec 25 2024 <alex.chen@huawei.com> - 10:6.2.0-105
- target/i386: Add EPYC-Genoa model to support Zen 4 processor series
- target/i386: Add VNMI and automatic IBRS feature bits
- target/i386: Add missing feature bits in EPYC-Milan model
- target/i386: Add feature bits for CPUID_Fn80000021_EAX
- target/i386: Add a couple of feature bits in 8000_0008_EBX
- target/i386: Add new EPYC CPU versions with updated cache_info
- target/i386: allow versioned CPUs to specify new cache_info
* Tue Dec 17 2024 <ganqixin@huawei.com> - 10:6.2.0-104
- intel_iommu: Add missed reserved bit check for IEC descriptor
- 9pfs: fix crash on 'Treaddir' request
- s390x/ap: fix missing subsystem reset registration
- qemu/bswap: Undefine CPU_CONVERT() once done
- linux-user: Add missing signals in strace output
- linux-user: Add missing clock_gettime64() syscall strace
* Sat Nov 30 2024 <fengjiabo1@huawei.com> - 10:6.2.0-103
- Introduce the SM4 cipher algorithms (OSCCA GB/T 32907-2016).
- intel_iommu: Add missed sanity check for 256-bit invalidation queue

49
raw-format-Fix-error-message-for-invalid-offset-size.patch Normal file
View File

@ -0,0 +1,49 @@
From 10d05a1b052ce5b69cca2f0a45007c31412314d6 Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@redhat.com>
Date: Thu, 29 Aug 2024 20:55:27 +0200
Subject: [PATCH] raw-format: Fix error message for invalid offset/size
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
s->offset and s->size are only set at the end of the function and still
contain the old values when formatting the error message. Print the
parameters with the new values that we actually checked instead.
Fixes: 500e2434207d ('raw-format: Split raw_read_options()')
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20240829185527.47152-1-kwolf@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Hanna Czenczek <hreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit 04bbc3ee52b32ac465547bb40c1f090a1b8f315a)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
block/raw-format.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/block/raw-format.c b/block/raw-format.c
index bda757fd19..a8185a3a2c 100644
--- a/block/raw-format.c
+++ b/block/raw-format.c
@@ -109,7 +109,7 @@ static int raw_apply_options(BlockDriverState *bs, BDRVRawState *s,
if (offset > real_size) {
error_setg(errp, "Offset (%" PRIu64 ") cannot be greater than "
"size of the containing file (%" PRId64 ")",
- s->offset, real_size);
+ offset, real_size);
return -EINVAL;
}
@@ -117,7 +117,7 @@ static int raw_apply_options(BlockDriverState *bs, BDRVRawState *s,
error_setg(errp, "The sum of offset (%" PRIu64 ") and size "
"(%" PRIu64 ") has to be smaller or equal to the "
" actual size of the containing file (%" PRId64 ")",
- s->offset, s->size, real_size);
+ offset, size, real_size);
return -EINVAL;
}
--
2.41.0.windows.1

37
s390x-ap-fix-missing-subsystem-reset-registration.patch Normal file
View File

@ -0,0 +1,37 @@
From 2cf94012e42acf9eb9f4816a9b302940e9d28603 Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Tue, 12 Nov 2024 13:45:48 +0800
Subject: [PATCH] s390x/ap: fix missing subsystem reset registration
cheery-pick from 297ec01f0b9864ea8209ca0ddc6643b4c0574bdb
A subsystem reset contains a reset of AP resources which has been
missing. Adding the AP bridge to the list of device types that need
reset fixes this issue.
Reviewed-by: Jason J. Herne <jjherne@linux.ibm.com>
Reviewed-by: Tony Krowiak <akrowiak@linux.ibm.com>
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
Fixes: a51b3153 ("s390x/ap: base Adjunct Processor (AP) object model")
Message-ID: <20230823142219.1046522-2-seiden@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
hw/s390x/s390-virtio-ccw.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
index c84b89ba43..0a57399b75 100644
--- a/hw/s390x/s390-virtio-ccw.c
+++ b/hw/s390x/s390-virtio-ccw.c
@@ -99,6 +99,7 @@ static const char *const reset_dev_types[] = {
"s390-flic",
"diag288",
TYPE_S390_PCI_HOST_BRIDGE,
+ TYPE_AP_BRIDGE,
};
static void subsystem_reset(void)
--
2.33.0

124
scsi-fetch-unit-attention-when-creating-the-request.patch Normal file
View File

@ -0,0 +1,124 @@
From 73a7cffceeae9561d75e40e04e7ae3d52e1ef4a5 Mon Sep 17 00:00:00 2001
From: Stefano Garzarella <sgarzare@redhat.com>
Date: Wed, 12 Jul 2023 15:43:50 +0200
Subject: [PATCH] scsi: fetch unit attention when creating the request
Commit 1880ad4f4e ("virtio-scsi: Batched prepare for cmd reqs") split
calls to scsi_req_new() and scsi_req_enqueue() in the virtio-scsi device.
No ill effects were observed until commit 8cc5583abe ("virtio-scsi: Send
"REPORTED LUNS CHANGED" sense data upon disk hotplug events") added a
unit attention that was easy to trigger with device hotplug and
hot-unplug.
Because the two calls were separated, all requests in the batch were
prepared calling scsi_req_new() to report a sense. The first one
submitted would report the right sense and reset it to NO_SENSE, while
the others reported CHECK_CONDITION with no sense data. This caused
SCSI errors in Linux.
To solve this issue, let's fetch the unit attention as early as possible
when we prepare the request, so that only the first request in the batch
will use the unit attention SCSIReqOps and the others will not report
CHECK CONDITION.
Fixes: 1880ad4f4e ("virtio-scsi: Batched prepare for cmd reqs")
Fixes: 8cc5583abe ("virtio-scsi: Send "REPORTED LUNS CHANGED" sense data upon disk hotplug events")
Reported-by: Thomas Huth <thuth@redhat.com>
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2176702
Co-developed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Message-ID: <20230712134352.118655-2-sgarzare@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 9472083e642bfb9bc836b38662baddd9bc964ebc)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
hw/scsi/scsi-bus.c | 36 +++++++++++++++++++++++++++++++++---
include/hw/scsi/scsi.h | 1 +
2 files changed, 34 insertions(+), 3 deletions(-)
diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
index 89c4693cc2..613ad41de9 100644
--- a/hw/scsi/scsi-bus.c
+++ b/hw/scsi/scsi-bus.c
@@ -419,19 +419,35 @@ static const struct SCSIReqOps reqops_invalid_opcode = {
/* SCSIReqOps implementation for unit attention conditions. */
-static int32_t scsi_unit_attention(SCSIRequest *req, uint8_t *buf)
+static void scsi_fetch_unit_attention_sense(SCSIRequest *req)
{
+ SCSISense *ua = NULL;
+
if (req->dev->unit_attention.key == UNIT_ATTENTION) {
- scsi_req_build_sense(req, req->dev->unit_attention);
+ ua = &req->dev->unit_attention;
} else if (req->bus->unit_attention.key == UNIT_ATTENTION) {
- scsi_req_build_sense(req, req->bus->unit_attention);
+ ua = &req->bus->unit_attention;
}
+
+ /*
+ * Fetch the unit attention sense immediately so that another
+ * scsi_req_new does not use reqops_unit_attention.
+ */
+ if (ua) {
+ scsi_req_build_sense(req, *ua);
+ *ua = SENSE_CODE(NO_SENSE);
+ }
+}
+
+static int32_t scsi_unit_attention(SCSIRequest *req, uint8_t *buf)
+{
scsi_req_complete(req, CHECK_CONDITION);
return 0;
}
static const struct SCSIReqOps reqops_unit_attention = {
.size = sizeof(SCSIRequest),
+ .init_req = scsi_fetch_unit_attention_sense,
.send_command = scsi_unit_attention
};
@@ -705,6 +721,11 @@ SCSIRequest *scsi_req_alloc(const SCSIReqOps *reqops, SCSIDevice *d,
object_ref(OBJECT(d));
object_ref(OBJECT(qbus->parent));
notifier_list_init(&req->cancel_notifiers);
+
+ if (reqops->init_req) {
+ reqops->init_req(req);
+ }
+
trace_scsi_req_alloc(req->dev->id, req->lun, req->tag);
return req;
}
@@ -798,6 +819,15 @@ uint8_t *scsi_req_get_buf(SCSIRequest *req)
static void scsi_clear_unit_attention(SCSIRequest *req)
{
SCSISense *ua;
+
+ /*
+ * scsi_fetch_unit_attention_sense() already cleaned the unit attention
+ * in this case.
+ */
+ if (req->ops == &reqops_unit_attention) {
+ return;
+ }
+
if (req->dev->unit_attention.key != UNIT_ATTENTION &&
req->bus->unit_attention.key != UNIT_ATTENTION) {
return;
diff --git a/include/hw/scsi/scsi.h b/include/hw/scsi/scsi.h
index e5d90cd9dc..80c9eb00e4 100644
--- a/include/hw/scsi/scsi.h
+++ b/include/hw/scsi/scsi.h
@@ -108,6 +108,7 @@ int cdrom_read_toc_raw(int nb_sectors, uint8_t *buf, int msf, int session_num);
/* scsi-bus.c */
struct SCSIReqOps {
size_t size;
+ void (*init_req)(SCSIRequest *req);
void (*free_req)(SCSIRequest *req);
int32_t (*send_command)(SCSIRequest *req, uint8_t *buf);
void (*read_data)(SCSIRequest *req);
--
2.41.0.windows.1

37
simplebench-Fix-Python-syntax-error-reported-by-LGTM.patch Normal file
View File

@ -0,0 +1,37 @@
From 8fcd784145209d6e137e5c5d1e555599e523a10c Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 10:50:23 +0800
Subject: [PATCH] simplebench: Fix Python syntax error (reported by LGTM)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit 9ebfc5a583d8aa94bf1bc37c1f71559187fd809c
Fixes: b2fcb0c5754c2554b8406376e99a75e9e0a6b7bd
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 20220107153019.504124-1-sw@weilnetz.de
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
scripts/simplebench/bench-example.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/simplebench/bench-example.py b/scripts/simplebench/bench-example.py
index 4864435f39..fc370691e0 100644
--- a/scripts/simplebench/bench-example.py
+++ b/scripts/simplebench/bench-example.py
@@ -25,7 +25,7 @@
def bench_func(env, case):
""" Handle one "cell" of benchmarking table. """
- return bench_block_copy(env['qemu_binary'], env['cmd'], {}
+ return bench_block_copy(env['qemu_binary'], env['cmd'], {},
case['source'], case['target'])
--
2.41.0.windows.1

43
target-arm-Drop-user-only-special-case-in-sve_stN_r.patch Normal file
View File

@ -0,0 +1,43 @@
From 62c04e2a0ba7020430df45ab4d58c05fc3faab13 Mon Sep 17 00:00:00 2001
From: Richard Henderson <richard.henderson@linaro.org>
Date: Tue, 12 Nov 2024 06:12:32 -0800
Subject: [PATCH] target/arm: Drop user-only special case in sve_stN_r
This path is reachable with plugins enabled, and provoked
with run-plugin-catch-syscalls-with-libinline.so.
Cc: qemu-stable@nongnu.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241112141232.321354-1-richard.henderson@linaro.org>
(cherry picked from commit f27550804688da43c6e0d87b2f9e143adbf76271)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
target/arm/sve_helper.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/target/arm/sve_helper.c b/target/arm/sve_helper.c
index 03d58cabc8..e455fd6ecf 100644
--- a/target/arm/sve_helper.c
+++ b/target/arm/sve_helper.c
@@ -6484,9 +6484,6 @@ void sve_stN_r(CPUARMState *env, uint64_t *vg, target_ulong addr,
flags = info.page[0].flags | info.page[1].flags;
if (unlikely(flags != 0)) {
-#ifdef CONFIG_USER_ONLY
- g_assert_not_reached();
-#else
/*
* At least one page includes MMIO.
* Any bus operation can fail with cpu_transaction_failed,
@@ -6517,7 +6514,6 @@ void sve_stN_r(CPUARMState *env, uint64_t *vg, target_ulong addr,
} while (reg_off & 63);
} while (reg_off <= reg_last);
return;
-#endif
}
mem_off = info.mem_off_first[0];
--
2.41.0.windows.1

195
target-i386-Add-EPYC-Genoa-model-to-support-Zen-4-pr.patch Normal file
View File

@ -0,0 +1,195 @@
From 85e2eee5a5f8b8146203c05f43caf1d988bc0d7d Mon Sep 17 00:00:00 2001
From: Babu Moger <babu.moger@amd.com>
Date: Thu, 4 May 2023 15:53:12 -0500
Subject: [PATCH] target/i386: Add EPYC-Genoa model to support Zen 4 processor
series
mainline inclusion
from mainline-8.1.0
commit 166b1741884dd4fd7090b753cd7333868457a29b
category: feature
bugzilla: https://gitee.com/openeuler/qemu/issues/IAUSKJ
Reference: https://gitlab.com/qemu-project/qemu/-/commit/166b1741884dd4fd7090b753cd7333868457a29b
commit 166b1741884dd4fd7090b753cd7333868457a29b upstream
Adds the support for AMD EPYC Genoa generation processors. The model
display for the new processor will be EPYC-Genoa.
Adds the following new feature bits on top of the feature bits from
the previous generation EPYC models.
avx512f : AVX-512 Foundation instruction
avx512dq : AVX-512 Doubleword & Quadword Instruction
avx512ifma : AVX-512 Integer Fused Multiply Add instruction
avx512cd : AVX-512 Conflict Detection instruction
avx512bw : AVX-512 Byte and Word Instructions
avx512vl : AVX-512 Vector Length Extension Instructions
avx512vbmi : AVX-512 Vector Byte Manipulation Instruction
avx512_vbmi2 : AVX-512 Additional Vector Byte Manipulation Instruction
gfni : AVX-512 Galois Field New Instructions
avx512_vnni : AVX-512 Vector Neural Network Instructions
avx512_bitalg : AVX-512 Bit Algorithms, add bit algorithms Instructions
avx512_vpopcntdq: AVX-512 AVX-512 Vector Population Count Doubleword and
Quadword Instructions
avx512_bf16 : AVX-512 BFLOAT16 instructions
la57 : 57-bit virtual address support (5-level Page Tables)
vnmi : Virtual NMI (VNMI) allows the hypervisor to inject the NMI
into the guest without using Event Injection mechanism
meaning not required to track the guest NMI and intercepting
the IRET.
auto-ibrs : The AMD Zen4 core supports a new feature called Automatic IBRS.
It is a "set-and-forget" feature that means that, unlike e.g.,
s/w-toggled SPEC_CTRL.IBRS, h/w manages its IBRS mitigation
resources automatically across CPL transitions.
Signed-off-by: Babu Moger <babu.moger@amd.com>
Message-Id: <20230504205313.225073-8-babu.moger@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/cpu.c | 122 ++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 122 insertions(+)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 59b585b0d0..016a62a809 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1999,6 +1999,56 @@ static const CPUCaches epyc_milan_v2_cache_info = {
},
};
+static const CPUCaches epyc_genoa_cache_info = {
+ .l1d_cache = &(CPUCacheInfo) {
+ .type = DATA_CACHE,
+ .level = 1,
+ .size = 32 * KiB,
+ .line_size = 64,
+ .associativity = 8,
+ .partitions = 1,
+ .sets = 64,
+ .lines_per_tag = 1,
+ .self_init = 1,
+ .no_invd_sharing = true,
+ },
+ .l1i_cache = &(CPUCacheInfo) {
+ .type = INSTRUCTION_CACHE,
+ .level = 1,
+ .size = 32 * KiB,
+ .line_size = 64,
+ .associativity = 8,
+ .partitions = 1,
+ .sets = 64,
+ .lines_per_tag = 1,
+ .self_init = 1,
+ .no_invd_sharing = true,
+ },
+ .l2_cache = &(CPUCacheInfo) {
+ .type = UNIFIED_CACHE,
+ .level = 2,
+ .size = 1 * MiB,
+ .line_size = 64,
+ .associativity = 8,
+ .partitions = 1,
+ .sets = 2048,
+ .lines_per_tag = 1,
+ },
+ .l3_cache = &(CPUCacheInfo) {
+ .type = UNIFIED_CACHE,
+ .level = 3,
+ .size = 32 * MiB,
+ .line_size = 64,
+ .associativity = 16,
+ .partitions = 1,
+ .sets = 32768,
+ .lines_per_tag = 1,
+ .self_init = true,
+ .inclusive = true,
+ .complex_indexing = false,
+ },
+};
+
/* The following VMX features are not supported by KVM and are left out in the
* CPU definitions:
*
@@ -4904,6 +4954,78 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ }
}
},
+ {
+ .name = "EPYC-Genoa",
+ .level = 0xd,
+ .vendor = CPUID_VENDOR_AMD,
+ .family = 25,
+ .model = 17,
+ .stepping = 0,
+ .features[FEAT_1_EDX] =
+ CPUID_SSE2 | CPUID_SSE | CPUID_FXSR | CPUID_MMX | CPUID_CLFLUSH |
+ CPUID_PSE36 | CPUID_PAT | CPUID_CMOV | CPUID_MCA | CPUID_PGE |
+ CPUID_MTRR | CPUID_SEP | CPUID_APIC | CPUID_CX8 | CPUID_MCE |
+ CPUID_PAE | CPUID_MSR | CPUID_TSC | CPUID_PSE | CPUID_DE |
+ CPUID_VME | CPUID_FP87,
+ .features[FEAT_1_ECX] =
+ CPUID_EXT_RDRAND | CPUID_EXT_F16C | CPUID_EXT_AVX |
+ CPUID_EXT_XSAVE | CPUID_EXT_AES | CPUID_EXT_POPCNT |
+ CPUID_EXT_MOVBE | CPUID_EXT_SSE42 | CPUID_EXT_SSE41 |
+ CPUID_EXT_PCID | CPUID_EXT_CX16 | CPUID_EXT_FMA |
+ CPUID_EXT_SSSE3 | CPUID_EXT_MONITOR | CPUID_EXT_PCLMULQDQ |
+ CPUID_EXT_SSE3,
+ .features[FEAT_8000_0001_EDX] =
+ CPUID_EXT2_LM | CPUID_EXT2_RDTSCP | CPUID_EXT2_PDPE1GB |
+ CPUID_EXT2_FFXSR | CPUID_EXT2_MMXEXT | CPUID_EXT2_NX |
+ CPUID_EXT2_SYSCALL,
+ .features[FEAT_8000_0001_ECX] =
+ CPUID_EXT3_OSVW | CPUID_EXT3_3DNOWPREFETCH |
+ CPUID_EXT3_MISALIGNSSE | CPUID_EXT3_SSE4A | CPUID_EXT3_ABM |
+ CPUID_EXT3_CR8LEG | CPUID_EXT3_SVM | CPUID_EXT3_LAHF_LM |
+ CPUID_EXT3_TOPOEXT | CPUID_EXT3_PERFCORE,
+ .features[FEAT_8000_0008_EBX] =
+ CPUID_8000_0008_EBX_CLZERO | CPUID_8000_0008_EBX_XSAVEERPTR |
+ CPUID_8000_0008_EBX_WBNOINVD | CPUID_8000_0008_EBX_IBPB |
+ CPUID_8000_0008_EBX_IBRS | CPUID_8000_0008_EBX_STIBP |
+ CPUID_8000_0008_EBX_STIBP_ALWAYS_ON |
+ CPUID_8000_0008_EBX_AMD_SSBD | CPUID_8000_0008_EBX_AMD_PSFD,
+ .features[FEAT_8000_0021_EAX] =
+ CPUID_8000_0021_EAX_No_NESTED_DATA_BP |
+ CPUID_8000_0021_EAX_LFENCE_ALWAYS_SERIALIZING |
+ CPUID_8000_0021_EAX_NULL_SEL_CLR_BASE |
+ CPUID_8000_0021_EAX_AUTO_IBRS,
+ .features[FEAT_7_0_EBX] =
+ CPUID_7_0_EBX_FSGSBASE | CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_AVX2 |
+ CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS |
+ CPUID_7_0_EBX_INVPCID | CPUID_7_0_EBX_AVX512F |
+ CPUID_7_0_EBX_AVX512DQ | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
+ CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_AVX512IFMA |
+ CPUID_7_0_EBX_CLFLUSHOPT | CPUID_7_0_EBX_CLWB |
+ CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_SHA_NI |
+ CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512VL,
+ .features[FEAT_7_0_ECX] =
+ CPUID_7_0_ECX_AVX512_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU |
+ CPUID_7_0_ECX_AVX512_VBMI2 | CPUID_7_0_ECX_GFNI |
+ CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ |
+ CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG |
+ CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57 |
+ CPUID_7_0_ECX_RDPID,
+ .features[FEAT_7_0_EDX] =
+ CPUID_7_0_EDX_FSRM,
+ .features[FEAT_7_1_EAX] =
+ CPUID_7_1_EAX_AVX512_BF16,
+ .features[FEAT_XSAVE] =
+ CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
+ CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
+ .features[FEAT_6_EAX] =
+ CPUID_6_EAX_ARAT,
+ .features[FEAT_SVM] =
+ CPUID_SVM_NPT | CPUID_SVM_NRIPSAVE | CPUID_SVM_VNMI |
+ CPUID_SVM_SVME_ADDR_CHK,
+ .xlevel = 0x80000022,
+ .model_id = "AMD EPYC-Genoa Processor",
+ .cache_info = &epyc_genoa_cache_info,
+ },
};
/*
--
2.45.1.windows.1

98
target-i386-Add-VNMI-and-automatic-IBRS-feature-bits.patch Normal file
View File

@ -0,0 +1,98 @@
From bb5ec050bb8144c464cfe1b0954230ea2d5b4803 Mon Sep 17 00:00:00 2001
From: Babu Moger <babu.moger@amd.com>
Date: Thu, 4 May 2023 15:53:11 -0500
Subject: [PATCH] target/i386: Add VNMI and automatic IBRS feature bits
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
mainline inclusion
from mainline-8.1.0
commit 62a798d4bc2c3e767d94670776c77a7df274d7c5
category: feature
bugzilla: https://gitee.com/openeuler/qemu/issues/IAUSKJ
Reference: https://gitlab.com/qemu-project/qemu/-/commit/62a798d4bc2c3e767d94670776c77a7df274d7c5
commit 62a798d4bc2c3e767d94670776c77a7df274d7c5 upstream
Add the following featute bits.
vnmi: Virtual NMI (VNMI) allows the hypervisor to inject the NMI into the
guest without using Event Injection mechanism meaning not required to
track the guest NMI and intercepting the IRET.
The presence of this feature is indicated via the CPUID function
0x8000000A_EDX[25].
automatic-ibrs :
The AMD Zen4 core supports a new feature called Automatic IBRS.
It is a "set-and-forget" feature that means that, unlike e.g.,
s/w-toggled SPEC_CTRL.IBRS, h/w manages its IBRS mitigation
resources automatically across CPL transitions.
The presence of this feature is indicated via the CPUID function
0x80000021_EAX[8].
The documention for the features are available in the links below.
a. Processor Programming Reference (PPR) for AMD Family 19h Model 01h,
Revision B1 Processors
b. AMD64 Architecture Programmers Manual Volumes 15 Publication No. Revision
40332 4.05 Date October 2022
Signed-off-by: Santosh Shukla <santosh.shukla@amd.com>
Signed-off-by: Kim Phillips <kim.phillips@amd.com>
Signed-off-by: Babu Moger <babu.moger@amd.com>
Link: https://www.amd.com/system/files/TechDocs/55898_B1_pub_0.50.zip
Link: https://www.amd.com/system/files/TechDocs/40332_4.05.pdf
Message-Id: <20230504205313.225073-7-babu.moger@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 62a798d4bc2c3e767d94670776c77a7df274d7c5)
---
target/i386/cpu.c | 4 ++--
target/i386/cpu.h | 3 +++
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 4d7f948eb1..59b585b0d0 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -806,7 +806,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
"pfthreshold", "avic", NULL, "v-vmsave-vmload",
"vgif", NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
- NULL, NULL, NULL, NULL,
+ NULL, "vnmi", NULL, NULL,
"svme-addr-chk", NULL, NULL, NULL,
},
.cpuid = { .eax = 0x8000000A, .reg = R_EDX, },
@@ -963,7 +963,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
.feat_names = {
"no-nested-data-bp", NULL, "lfence-always-serializing", NULL,
NULL, NULL, "null-sel-clr-base", NULL,
- NULL, NULL, NULL, NULL,
+ "auto-ibrs", NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 7b1190c3f2..84910db8bb 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -760,6 +760,7 @@ uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
#define CPUID_SVM_AVIC (1U << 13)
#define CPUID_SVM_V_VMSAVE_VMLOAD (1U << 15)
#define CPUID_SVM_VGIF (1U << 16)
+#define CPUID_SVM_VNMI (1U << 25)
#define CPUID_SVM_SVME_ADDR_CHK (1U << 28)
/* Support RDFSBASE/RDGSBASE/WRFSBASE/WRGSBASE */
@@ -948,6 +949,8 @@ uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
#define CPUID_8000_0021_EAX_LFENCE_ALWAYS_SERIALIZING (1U << 2)
/* Null Selector Clears Base */
#define CPUID_8000_0021_EAX_NULL_SEL_CLR_BASE (1U << 6)
+/* Automatic IBRS */
+#define CPUID_8000_0021_EAX_AUTO_IBRS (1U << 8)
#define CPUID_XSAVE_XSAVEOPT (1U << 0)
#define CPUID_XSAVE_XSAVEC (1U << 1)
--
2.45.1.windows.1

85
target-i386-Add-a-couple-of-feature-bits-in-8000_000.patch Normal file
View File

@ -0,0 +1,85 @@
From ee4a95c635cf3add270ed195cbf3de2af087fd69 Mon Sep 17 00:00:00 2001
From: Babu Moger <babu.moger@amd.com>
Date: Thu, 4 May 2023 15:53:08 -0500
Subject: [PATCH] target/i386: Add a couple of feature bits in 8000_0008_EBX
mainline inclusion
from mainline-8.1.0
commit bb039a230e6a7920d71d21fa9afee2653a678c48
category: feature
bugzilla: https://gitee.com/openeuler/qemu/issues/IAUSKJ
Reference: https://gitlab.com/qemu-project/qemu/-/commit/bb039a230e6a7920d71d21fa9afee2653a678c48
commit bb039a230e6a7920d71d21fa9afee2653a678c48 upstream
Add the following feature bits.
amd-psfd : Predictive Store Forwarding Disable:
PSF is a hardware-based micro-architectural optimization
designed to improve the performance of code execution by
predicting address dependencies between loads and stores.
While SSBD (Speculative Store Bypass Disable) disables both
PSF and speculative store bypass, PSFD only disables PSF.
PSFD may be desirable for the software which is concerned
with the speculative behavior of PSF but desires a smaller
performance impact than setting SSBD.
Depends on the following kernel commit:
b73a54321ad8 ("KVM: x86: Expose Predictive Store Forwarding Disable")
stibp-always-on :
Single Thread Indirect Branch Prediction mode has enhanced
performance and may be left always on.
The documentation for the features are available in the links below.
a. Processor Programming Reference (PPR) for AMD Family 19h Model 01h,
Revision B1 Processors
b. SECURITY ANALYSIS OF AMD PREDICTIVE STORE FORWARDING
Signed-off-by: Babu Moger <babu.moger@amd.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Link: https://www.amd.com/system/files/documents/security-analysis-predictive-store-forwarding.pdf
Link: https://www.amd.com/system/files/TechDocs/55898_B1_pub_0.50.zip
Message-Id: <20230504205313.225073-4-babu.moger@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/cpu.c | 4 ++--
target/i386/cpu.h | 4 ++++
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 940aec42cf..02d19c2b4e 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -949,10 +949,10 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
NULL, NULL, NULL, NULL,
NULL, "wbnoinvd", NULL, NULL,
"ibpb", NULL, "ibrs", "amd-stibp",
- NULL, NULL, NULL, NULL,
+ NULL, "stibp-always-on", NULL, NULL,
NULL, NULL, NULL, NULL,
"amd-ssbd", "virt-ssbd", "amd-no-ssb", NULL,
- NULL, NULL, NULL, NULL,
+ "amd-psfd", NULL, NULL, NULL,
},
.cpuid = { .eax = 0x80000008, .reg = R_EBX, },
.tcg_features = 0,
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index e8322a928b..623bd0e4d6 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -934,8 +934,12 @@ uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
#define CPUID_8000_0008_EBX_IBRS (1U << 14)
/* Single Thread Indirect Branch Predictors */
#define CPUID_8000_0008_EBX_STIBP (1U << 15)
+/* STIBP mode has enhanced performance and may be left always on */
+#define CPUID_8000_0008_EBX_STIBP_ALWAYS_ON (1U << 17)
/* Speculative Store Bypass Disable */
#define CPUID_8000_0008_EBX_AMD_SSBD (1U << 24)
+/* Predictive Store Forwarding Disable */
+#define CPUID_8000_0008_EBX_AMD_PSFD (1U << 28)
#define CPUID_XSAVE_XSAVEOPT (1U << 0)
#define CPUID_XSAVE_XSAVEC (1U << 1)
--
2.45.1.windows.1

118
target-i386-Add-feature-bits-for-CPUID_Fn80000021_EA.patch Normal file
View File

@ -0,0 +1,118 @@
From c006e700cf6f1925dc9400d37e2e6c9c53b7bc92 Mon Sep 17 00:00:00 2001
From: Babu Moger <babu.moger@amd.com>
Date: Thu, 4 May 2023 15:53:09 -0500
Subject: [PATCH] target/i386: Add feature bits for CPUID_Fn80000021_EAX
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
mainline inclusion
from mainline-8.1.0
commit b70eec312b185197d639bff689007727e596afd1
category: feature
bugzilla: https://gitee.com/openeuler/qemu/issues/IAUSKJ
Reference: https://gitlab.com/qemu-project/qemu/-/commit/b70eec312b185197d639bff689007727e596afd1
commit b70eec312b185197d639bff689007727e596afd1 upstream
Add the following feature bits.
no-nested-data-bp : Processor ignores nested data breakpoints.
lfence-always-serializing : LFENCE instruction is always serializing.
null-sel-cls-base : Null Selector Clears Base. When this bit is
set, a null segment load clears the segment base.
The documentation for the features are available in the links below.
a. Processor Programming Reference (PPR) for AMD Family 19h Model 01h,
Revision B1 Processors
b. AMD64 Architecture Programmers Manual Volumes 15 Publication No. Revision
40332 4.05 Date October 2022
Signed-off-by: Babu Moger <babu.moger@amd.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Link: https://www.amd.com/system/files/TechDocs/55898_B1_pub_0.50.zip
Link: https://www.amd.com/system/files/TechDocs/40332_4.05.pdf
Message-Id: <20230504205313.225073-5-babu.moger@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/cpu.c | 24 ++++++++++++++++++++++++
target/i386/cpu.h | 8 ++++++++
2 files changed, 32 insertions(+)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 02d19c2b4e..527135ca9d 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -958,6 +958,22 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
.tcg_features = 0,
.unmigratable_flags = 0,
},
+ [FEAT_8000_0021_EAX] = {
+ .type = CPUID_FEATURE_WORD,
+ .feat_names = {
+ "no-nested-data-bp", NULL, "lfence-always-serializing", NULL,
+ NULL, NULL, "null-sel-clr-base", NULL,
+ NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL,
+ },
+ .cpuid = { .eax = 0x80000021, .reg = R_EAX, },
+ .tcg_features = 0,
+ .unmigratable_flags = 0,
+ },
[FEAT_XSAVE] = {
.type = CPUID_FEATURE_WORD,
.feat_names = {
@@ -6542,6 +6558,10 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
*ebx |= sev_get_reduced_phys_bits() << 6;
}
break;
+ case 0x80000021:
+ *eax = env->features[FEAT_8000_0021_EAX];
+ *ebx = *ecx = *edx = 0;
+ break;
default:
/* reserved values: zero */
*eax = 0;
@@ -6949,6 +6969,10 @@ void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000001F);
}
+ if (env->features[FEAT_8000_0021_EAX]) {
+ x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x80000021);
+ }
+
/* SGX requires CPUID[0x12] for EPC enumeration */
if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_SGX) {
x86_cpu_adjust_level(cpu, &env->cpuid_min_level, 0x12);
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 623bd0e4d6..7b1190c3f2 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -585,6 +585,7 @@ typedef enum FeatureWord {
FEAT_8000_0001_ECX, /* CPUID[8000_0001].ECX */
FEAT_8000_0007_EDX, /* CPUID[8000_0007].EDX */
FEAT_8000_0008_EBX, /* CPUID[8000_0008].EBX */
+ FEAT_8000_0021_EAX, /* CPUID[8000_0021].EAX */
FEAT_C000_0001_EDX, /* CPUID[C000_0001].EDX */
FEAT_KVM, /* CPUID[4000_0001].EAX (KVM_CPUID_FEATURES) */
FEAT_KVM_HINTS, /* CPUID[4000_0001].EDX */
@@ -941,6 +942,13 @@ uint64_t x86_cpu_get_supported_feature_word(FeatureWord w,
/* Predictive Store Forwarding Disable */
#define CPUID_8000_0008_EBX_AMD_PSFD (1U << 28)
+/* Processor ignores nested data breakpoints */
+#define CPUID_8000_0021_EAX_No_NESTED_DATA_BP (1U << 0)
+/* LFENCE is always serializing */
+#define CPUID_8000_0021_EAX_LFENCE_ALWAYS_SERIALIZING (1U << 2)
+/* Null Selector Clears Base */
+#define CPUID_8000_0021_EAX_NULL_SEL_CLR_BASE (1U << 6)
+
#define CPUID_XSAVE_XSAVEOPT (1U << 0)
#define CPUID_XSAVE_XSAVEC (1U << 1)
#define CPUID_XSAVE_XGETBV1 (1U << 2)
--
2.45.1.windows.1

144
target-i386-Add-missing-feature-bits-in-EPYC-Milan-m.patch Normal file
View File

@ -0,0 +1,144 @@
From e5e589d3b9023861474e53428e721482614cee6d Mon Sep 17 00:00:00 2001
From: Babu Moger <babu.moger@amd.com>
Date: Thu, 4 May 2023 15:53:10 -0500
Subject: [PATCH] target/i386: Add missing feature bits in EPYC-Milan model
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
mainline inclusion
from mainline-8.1.0
commit 27f03be6f59d04bd5673ba1e1628b2b490f9a9ff
category: feature
bugzilla: https://gitee.com/openeuler/qemu/issues/IAUSKJ
Reference: https://gitlab.com/qemu-project/qemu/-/commit/27f03be6f59d04bd5673ba1e1628b2b490f9a9ff
commit 27f03be6f59d04bd5673ba1e1628b2b490f9a9ff upstream
Add the following feature bits for EPYC-Milan model and bump the version.
vaes : Vector VAES(ENC|DEC), VAES(ENC|DEC)LAST instruction support
vpclmulqdq : Vector VPCLMULQDQ instruction support
stibp-always-on : Single Thread Indirect Branch Prediction Mode has enhanced
performance and may be left Always on
amd-psfd : Predictive Store Forward Disable
no-nested-data-bp : Processor ignores nested data breakpoints
lfence-always-serializing : LFENCE instruction is always serializing
null-sel-clr-base : Null Selector Clears Base. When this bit is
set, a null segment load clears the segment base
These new features will be added in EPYC-Milan-v2. The "-cpu help" output
after the change will be.
x86 EPYC-Milan (alias configured by machine type)
x86 EPYC-Milan-v1 AMD EPYC-Milan Processor
x86 EPYC-Milan-v2 AMD EPYC-Milan Processor
The documentation for the features are available in the links below.
a. Processor Programming Reference (PPR) for AMD Family 19h Model 01h,
Revision B1 Processors
b. SECURITY ANALYSIS OF AMD PREDICTIVE STORE FORWARDING
c. AMD64 Architecture Programmers Manual Volumes 15 Publication No. Revision
40332 4.05 Date October 2022
Signed-off-by: Babu Moger <babu.moger@amd.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Link: https://www.amd.com/system/files/TechDocs/55898_B1_pub_0.50.zip
Link: https://www.amd.com/system/files/documents/security-analysis-predictive-store-forwarding.pdf
Link: https://www.amd.com/system/files/TechDocs/40332_4.05.pdf
Message-Id: <20230504205313.225073-6-babu.moger@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/cpu.c | 70 +++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 70 insertions(+)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 527135ca9d..4d7f948eb1 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1949,6 +1949,56 @@ static const CPUCaches epyc_milan_cache_info = {
},
};
+static const CPUCaches epyc_milan_v2_cache_info = {
+ .l1d_cache = &(CPUCacheInfo) {
+ .type = DATA_CACHE,
+ .level = 1,
+ .size = 32 * KiB,
+ .line_size = 64,
+ .associativity = 8,
+ .partitions = 1,
+ .sets = 64,
+ .lines_per_tag = 1,
+ .self_init = 1,
+ .no_invd_sharing = true,
+ },
+ .l1i_cache = &(CPUCacheInfo) {
+ .type = INSTRUCTION_CACHE,
+ .level = 1,
+ .size = 32 * KiB,
+ .line_size = 64,
+ .associativity = 8,
+ .partitions = 1,
+ .sets = 64,
+ .lines_per_tag = 1,
+ .self_init = 1,
+ .no_invd_sharing = true,
+ },
+ .l2_cache = &(CPUCacheInfo) {
+ .type = UNIFIED_CACHE,
+ .level = 2,
+ .size = 512 * KiB,
+ .line_size = 64,
+ .associativity = 8,
+ .partitions = 1,
+ .sets = 1024,
+ .lines_per_tag = 1,
+ },
+ .l3_cache = &(CPUCacheInfo) {
+ .type = UNIFIED_CACHE,
+ .level = 3,
+ .size = 32 * MiB,
+ .line_size = 64,
+ .associativity = 16,
+ .partitions = 1,
+ .sets = 32768,
+ .lines_per_tag = 1,
+ .self_init = true,
+ .inclusive = true,
+ .complex_indexing = false,
+ },
+};
+
/* The following VMX features are not supported by KVM and are left out in the
* CPU definitions:
*
@@ -4833,6 +4883,26 @@ static const X86CPUDefinition builtin_x86_defs[] = {
.xlevel = 0x8000001E,
.model_id = "AMD EPYC-Milan Processor",
.cache_info = &epyc_milan_cache_info,
+ .versions = (X86CPUVersionDefinition[]) {
+ { .version = 1 },
+ {
+ .version = 2,
+ .props = (PropValue[]) {
+ { "model-id",
+ "AMD EPYC-Milan-v2 Processor" },
+ { "vaes", "on" },
+ { "vpclmulqdq", "on" },
+ { "stibp-always-on", "on" },
+ { "amd-psfd", "on" },
+ { "no-nested-data-bp", "on" },
+ { "lfence-always-serializing", "on" },
+ { "null-sel-clr-base", "on" },
+ { /* end of list */ }
+ },
+ .cache_info = &epyc_milan_v2_cache_info
+ },
+ { /* end of list */ }
+ }
},
};
--
2.45.1.windows.1

184
target-i386-Add-new-EPYC-CPU-versions-with-updated-c.patch Normal file
View File

@ -0,0 +1,184 @@
From 2f5f0f03e92489bf17edd686d48a22201b5ff081 Mon Sep 17 00:00:00 2001
From: Michael Roth <michael.roth@amd.com>
Date: Thu, 4 May 2023 15:53:07 -0500
Subject: [PATCH] target/i386: Add new EPYC CPU versions with updated
cache_info
mainline inclusion
from mainline-8.1.0
commit d7c72735f618a7ee27ee109d8b1468193734606a
category: feature
bugzilla: https://gitee.com/openeuler/qemu/issues/IAUSKJ
Reference: https://gitlab.com/qemu-project/qemu/-/commit/d7c72735f618a7ee27ee109d8b1468193734606a
commit d7c72735f618a7ee27ee109d8b1468193734606a upstream
Introduce new EPYC cpu versions: EPYC-v4 and EPYC-Rome-v3.
The only difference vs. older models is an updated cache_info with
the 'complex_indexing' bit unset, since this bit is not currently
defined for AMD and may cause problems should it be used for
something else in the future. Setting this bit will also cause
CPUID validation failures when running SEV-SNP guests.
Signed-off-by: Michael Roth <michael.roth@amd.com>
Signed-off-by: Babu Moger <babu.moger@amd.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <20230504205313.225073-3-babu.moger@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/cpu.c | 118 ++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 118 insertions(+)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 60df10c954..940aec42cf 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1733,6 +1733,56 @@ static const CPUCaches epyc_cache_info = {
},
};
+static CPUCaches epyc_v4_cache_info = {
+ .l1d_cache = &(CPUCacheInfo) {
+ .type = DATA_CACHE,
+ .level = 1,
+ .size = 32 * KiB,
+ .line_size = 64,
+ .associativity = 8,
+ .partitions = 1,
+ .sets = 64,
+ .lines_per_tag = 1,
+ .self_init = 1,
+ .no_invd_sharing = true,
+ },
+ .l1i_cache = &(CPUCacheInfo) {
+ .type = INSTRUCTION_CACHE,
+ .level = 1,
+ .size = 64 * KiB,
+ .line_size = 64,
+ .associativity = 4,
+ .partitions = 1,
+ .sets = 256,
+ .lines_per_tag = 1,
+ .self_init = 1,
+ .no_invd_sharing = true,
+ },
+ .l2_cache = &(CPUCacheInfo) {
+ .type = UNIFIED_CACHE,
+ .level = 2,
+ .size = 512 * KiB,
+ .line_size = 64,
+ .associativity = 8,
+ .partitions = 1,
+ .sets = 1024,
+ .lines_per_tag = 1,
+ },
+ .l3_cache = &(CPUCacheInfo) {
+ .type = UNIFIED_CACHE,
+ .level = 3,
+ .size = 8 * MiB,
+ .line_size = 64,
+ .associativity = 16,
+ .partitions = 1,
+ .sets = 8192,
+ .lines_per_tag = 1,
+ .self_init = true,
+ .inclusive = true,
+ .complex_indexing = false,
+ },
+};
+
static const CPUCaches epyc_rome_cache_info = {
.l1d_cache = &(CPUCacheInfo) {
.type = DATA_CACHE,
@@ -1783,6 +1833,56 @@ static const CPUCaches epyc_rome_cache_info = {
},
};
+static const CPUCaches epyc_rome_v3_cache_info = {
+ .l1d_cache = &(CPUCacheInfo) {
+ .type = DATA_CACHE,
+ .level = 1,
+ .size = 32 * KiB,
+ .line_size = 64,
+ .associativity = 8,
+ .partitions = 1,
+ .sets = 64,
+ .lines_per_tag = 1,
+ .self_init = 1,
+ .no_invd_sharing = true,
+ },
+ .l1i_cache = &(CPUCacheInfo) {
+ .type = INSTRUCTION_CACHE,
+ .level = 1,
+ .size = 32 * KiB,
+ .line_size = 64,
+ .associativity = 8,
+ .partitions = 1,
+ .sets = 64,
+ .lines_per_tag = 1,
+ .self_init = 1,
+ .no_invd_sharing = true,
+ },
+ .l2_cache = &(CPUCacheInfo) {
+ .type = UNIFIED_CACHE,
+ .level = 2,
+ .size = 512 * KiB,
+ .line_size = 64,
+ .associativity = 8,
+ .partitions = 1,
+ .sets = 1024,
+ .lines_per_tag = 1,
+ },
+ .l3_cache = &(CPUCacheInfo) {
+ .type = UNIFIED_CACHE,
+ .level = 3,
+ .size = 16 * MiB,
+ .line_size = 64,
+ .associativity = 16,
+ .partitions = 1,
+ .sets = 16384,
+ .lines_per_tag = 1,
+ .self_init = true,
+ .inclusive = true,
+ .complex_indexing = false,
+ },
+};
+
static const CPUCaches epyc_milan_cache_info = {
.l1d_cache = &(CPUCacheInfo) {
.type = DATA_CACHE,
@@ -4523,6 +4623,15 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ }
}
},
+ {
+ .version = 4,
+ .props = (PropValue[]) {
+ { "model-id",
+ "AMD EPYC-v4 Processor" },
+ { /* end of list */ }
+ },
+ .cache_info = &epyc_v4_cache_info
+ },
{ /* end of list */ }
}
},
@@ -4642,6 +4751,15 @@ static const X86CPUDefinition builtin_x86_defs[] = {
{ /* end of list */ }
}
},
+ {
+ .version = 3,
+ .props = (PropValue[]) {
+ { "model-id",
+ "AMD EPYC-Rome-v3 Processor" },
+ { /* end of list */ }
+ },
+ .cache_info = &epyc_rome_v3_cache_info
+ },
{ /* end of list */ }
}
},
--
2.45.1.windows.1

107
target-i386-allow-versioned-CPUs-to-specify-new-cach.patch Normal file
View File

@ -0,0 +1,107 @@
From e06155ba57d41604c66d849ed2032e66f35215ac Mon Sep 17 00:00:00 2001
From: Michael Roth <michael.roth@amd.com>
Date: Thu, 4 May 2023 15:53:06 -0500
Subject: [PATCH] target/i386: allow versioned CPUs to specify new cache_info
mainline inclusion
from mainline-8.1.0
commit cca0a000d06f897411a8af4402e5d0522bbe450b
category: feature
bugzilla: https://gitee.com/openeuler/qemu/issues/IAUSKJ
Reference: https://gitlab.com/qemu-project/qemu/-/commit/cca0a000d06f897411a8af4402e5d0522bbe450b
commit cca0a000d06f897411a8af4402e5d0522bbe450b upstream
New EPYC CPUs versions require small changes to their cache_info's.
Because current QEMU x86 CPU definition does not support versioned
cach_info, we would have to declare a new CPU type for each such case.
To avoid the dup work, add "cache_info" in X86CPUVersionDefinition",
to allow new cache_info pointers to be specified for a new CPU version.
Co-developed-by: Wei Huang <wei.huang2@amd.com>
Signed-off-by: Wei Huang <wei.huang2@amd.com>
Signed-off-by: Michael Roth <michael.roth@amd.com>
Signed-off-by: Babu Moger <babu.moger@amd.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <20230504205313.225073-2-babu.moger@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/cpu.c | 35 ++++++++++++++++++++++++++++++++---
1 file changed, 32 insertions(+), 3 deletions(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 4473e0923e..60df10c954 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1624,6 +1624,7 @@ typedef struct X86CPUVersionDefinition {
const char *alias;
const char *note;
PropValue *props;
+ const CPUCaches *const cache_info;
} X86CPUVersionDefinition;
/* Base definition for a CPU model */
@@ -5570,6 +5571,31 @@ static void x86_cpu_apply_version_props(X86CPU *cpu, X86CPUModel *model)
assert(vdef->version == version);
}
+static const CPUCaches *x86_cpu_get_versioned_cache_info(X86CPU *cpu,
+ X86CPUModel *model)
+{
+ const X86CPUVersionDefinition *vdef;
+ X86CPUVersion version = x86_cpu_model_resolve_version(model);
+ const CPUCaches *cache_info = model->cpudef->cache_info;
+
+ if (version == CPU_VERSION_LEGACY) {
+ return cache_info;
+ }
+
+ for (vdef = x86_cpu_def_get_versions(model->cpudef); vdef->version; vdef++) {
+ if (vdef->cache_info) {
+ cache_info = vdef->cache_info;
+ }
+
+ if (vdef->version == version) {
+ break;
+ }
+ }
+
+ assert(vdef->version == version);
+ return cache_info;
+}
+
/*
* Load data from X86CPUDefinition into a X86CPU object.
* Only for builtin_x86_defs models initialized with x86_register_cpudef_types.
@@ -5602,7 +5628,7 @@ static void x86_cpu_load_model(X86CPU *cpu, X86CPUModel *model)
}
/* legacy-cache defaults to 'off' if CPU model provides cache info */
- cpu->legacy_cache = !def->cache_info;
+ cpu->legacy_cache = !x86_cpu_get_versioned_cache_info(cpu, model);
env->features[FEAT_1_ECX] |= CPUID_EXT_HYPERVISOR;
@@ -7046,14 +7072,17 @@ static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
/* Cache information initialization */
if (!cpu->legacy_cache) {
- if (!xcc->model || !xcc->model->cpudef->cache_info) {
+ const CPUCaches *cache_info =
+ x86_cpu_get_versioned_cache_info(cpu, xcc->model);
+
+ if (!xcc->model || !cache_info) {
g_autofree char *name = x86_cpu_class_get_model_name(xcc);
error_setg(errp,
"CPU model '%s' doesn't support legacy-cache=off", name);
return;
}
env->cache_info_cpuid2 = env->cache_info_cpuid4 = env->cache_info_amd =
- *xcc->model->cpudef->cache_info;
+ *cache_info;
} else {
/* Build legacy cache information */
env->cache_info_cpuid2.l1d_cache = &legacy_l1d_cache;
--
2.45.1.windows.1

44
target-i386-fix-size-of-EBP-writeback-in-gen_enter.patch Normal file
View File

@ -0,0 +1,44 @@
From 8179e1d2e08c703a3adcd972091e5611656b727a Mon Sep 17 00:00:00 2001
From: jipengfei <jipengfei_yewu@cmss.chinamobile.com>
Date: Mon, 9 Sep 2024 20:41:20 +0800
Subject: [PATCH] target/i386: fix size of EBP writeback in gen_enter()
The calculation of FrameTemp is done using the size indicated by mo_pushpop()
before being written back to EBP, but the final writeback to EBP is done using
the size indicated by mo_stacksize().
In the case where mo_pushpop() is MO_32 and mo_stacksize() is MO_16 then the
final writeback to EBP is done using MO_16 which can leave junk in the top
16-bits of EBP after executing ENTER.
Change the writeback of EBP to use the same size indicated by mo_pushpop() to
ensure that the full value is written back.
cheery-pick from 3973615e7fbaeef1deeaa067577e373781ced70a
Signed-off-by:jipengfei <jipengfei_yewu@cmss.chinamobile.com>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2198
Message-ID: <20240606095319.229650-5-mark.cave-ayland@ilande.co.uk>
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 82f77b52fb..7c0613fa98 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -2551,7 +2551,7 @@ static void gen_enter(DisasContext *s, int esp_addend, int level)
}
/* Copy the FrameTemp value to EBP. */
- gen_op_mov_reg_v(s, a_ot, R_EBP, s->T1);
+ gen_op_mov_reg_v(s, d_ot, R_EBP, s->T1);
/* Compute the final value of ESP. */
tcg_gen_subi_tl(s->T1, s->T1, esp_addend + size * level);
--
2.41.0.windows.1

49
target-ppc-Fix-7448-support.patch Normal file
View File

@ -0,0 +1,49 @@
From 661b5844f361270c25899e3130b0e9aa72b74527 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 13:34:30 +0800
Subject: [PATCH] target/ppc: Fix 7448 support
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit fe072a9914cc26c0f0a70dbbe0c27a61ff0170bc
The 7448 CPU is an evolution of the PowerPC 7447A and the last of the
G4 family. Change its family to reflect correctly its features. This
fixes Linux boot.
Cc: Fabiano Rosas <farosas@linux.ibm.com>
Reviewed-by: Fabiano Rosas <farosas@linux.ibm.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220117092555.1616512-1-clg@kaod.org>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
target/ppc/cpu-models.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/target/ppc/cpu-models.c b/target/ppc/cpu-models.c
index 02efc95723..e6cce0f8db 100644
--- a/target/ppc/cpu-models.c
+++ b/target/ppc/cpu-models.c
@@ -670,13 +670,13 @@
"PowerPC 7410 v1.3 (G4)")
POWERPC_DEF("7410_v1.4", CPU_POWERPC_7410_v14, 7410,
"PowerPC 7410 v1.4 (G4)")
- POWERPC_DEF("7448_v1.0", CPU_POWERPC_7448_v10, 7400,
+ POWERPC_DEF("7448_v1.0", CPU_POWERPC_7448_v10, 7445,
"PowerPC 7448 v1.0 (G4)")
- POWERPC_DEF("7448_v1.1", CPU_POWERPC_7448_v11, 7400,
+ POWERPC_DEF("7448_v1.1", CPU_POWERPC_7448_v11, 7445,
"PowerPC 7448 v1.1 (G4)")
- POWERPC_DEF("7448_v2.0", CPU_POWERPC_7448_v20, 7400,
+ POWERPC_DEF("7448_v2.0", CPU_POWERPC_7448_v20, 7445,
"PowerPC 7448 v2.0 (G4)")
- POWERPC_DEF("7448_v2.1", CPU_POWERPC_7448_v21, 7400,
+ POWERPC_DEF("7448_v2.1", CPU_POWERPC_7448_v21, 7445,
"PowerPC 7448 v2.1 (G4)")
POWERPC_DEF("7450_v1.0", CPU_POWERPC_7450_v10, 7450,
"PowerPC 7450 v1.0 (G4)")
--
2.41.0.windows.1

56
target-ppc-Set-ctx-opcode-for-decode_insn32.patch Normal file
View File

@ -0,0 +1,56 @@
From c65c24ba59c4a0442b81eaceec8bab1e5a0907cf Mon Sep 17 00:00:00 2001
From: Ilya Leoshkevich <iii@linux.ibm.com>
Date: Mon, 12 Aug 2024 10:53:08 +0200
Subject: [PATCH] target/ppc: Set ctx->opcode for decode_insn32()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
divdu (without a dot) sometimes updates cr0, even though it shouldn't.
The reason is that gen_op_arith_divd() checks Rc(ctx->opcode), which is
not initialized. This field is initialized only for instructions that
go through decode_legacy(), and not decodetree.
There already was a similar issue fixed in commit 86e6202a57b1
("target/ppc: Make divw[u] handler method decodetree compatible.").
It's not immediately clear what else may access the uninitialized
ctx->opcode, so instead of playing whack-a-mole and changing the check
to compute_rc0, simply initialize ctx->opcode.
Cc: qemu-stable@nongnu.org
Fixes: 99082815f17f ("target/ppc: Add infrastructure for prefixed insns")
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
(cherry picked from commit c9b8a13a8841e0e23901e57e24ea98eeef16cf91)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
target/ppc/translate.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/target/ppc/translate.c b/target/ppc/translate.c
index 153552ab50..a03bafadbc 100644
--- a/target/ppc/translate.c
+++ b/target/ppc/translate.c
@@ -8380,8 +8380,6 @@ static bool decode_legacy(PowerPCCPU *cpu, DisasContext *ctx, uint32_t insn)
opc_handler_t **table, *handler;
uint32_t inval;
- ctx->opcode = insn;
-
LOG_DISAS("translate opcode %08x (%02x %02x %02x %02x) (%s)\n",
insn, opc1(insn), opc2(insn), opc3(insn), opc4(insn),
ctx->le_mode ? "little" : "big");
@@ -8510,6 +8508,7 @@ static void ppc_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs)
ctx->base.pc_next = pc += 4;
if (!is_prefix_insn(ctx, insn)) {
+ ctx->opcode = insn;
ok = (decode_insn32(ctx, insn) ||
decode_legacy(cpu, ctx, insn));
} else if ((pc & 63) == 0) {
--
2.41.0.windows.1

69
tcg-Allow-top-bit-of-SIMD_DATA_BITS-to-be-set-in-sim.patch Normal file
View File

@ -0,0 +1,69 @@
From a14e2e0cb558f2bcbabffa2fbadb54948a770993 Mon Sep 17 00:00:00 2001
From: Peter Maydell <peter.maydell@linaro.org>
Date: Fri, 15 Nov 2024 17:25:15 +0000
Subject: [PATCH] tcg: Allow top bit of SIMD_DATA_BITS to be set in simd_desc()
In simd_desc() we create a SIMD descriptor from various pieces
including an arbitrary data value from the caller. We try to
sanitize these to make sure everything will fit: the 'data' value
needs to fit in the SIMD_DATA_BITS (== 22) sized field. However we
do that sanitizing with:
tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS));
This works for the case where the data is supposed to be considered
as a signed integer (which can then be returned via simd_data()).
However, some callers want to treat the data value as unsigned.
Specifically, for the Arm SVE operations, make_svemte_desc()
assembles a data value as a collection of fields, and it needs to use
all 22 bits. Currently if MTE is enabled then its MTEDESC SIZEM1
field may have the most significant bit set, and then it will trip
this assertion.
Loosen the assertion so that we only check that the data value will
fit into the field in some way, either as a signed or as an unsigned
value. This means we will fail to detect some kinds of bug in the
callers, but we won't spuriously assert for intentional use of the
data field as unsigned.
Cc: qemu-stable@nongnu.org
Fixes: db432672dc50e ("tcg: Add generic vector expanders")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2601
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20241115172515.1229393-1-peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Zhongrui Tang <tangzhongrui_yewu@cmss.chinamobile.com>
---
tcg/tcg-op-gvec.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/tcg/tcg-op-gvec.c b/tcg/tcg-op-gvec.c
index ffe55e908f..aea44c53b0 100644
--- a/tcg/tcg-op-gvec.c
+++ b/tcg/tcg-op-gvec.c
@@ -88,7 +88,20 @@ uint32_t simd_desc(uint32_t oprsz, uint32_t maxsz, int32_t data)
uint32_t desc = 0;
check_size_align(oprsz, maxsz, 0);
- tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS));
+
+ /*
+ * We want to check that 'data' will fit into SIMD_DATA_BITS.
+ * However, some callers want to treat the data as a signed
+ * value (which they can later get back with simd_data())
+ * and some want to treat it as an unsigned value.
+ * So here we assert only that the data will fit into the
+ * field in at least one way. This means that some invalid
+ * values from the caller will not be detected, e.g. if the
+ * caller wants to handle the value as a signed integer but
+ * incorrectly passes us 1 << (SIMD_DATA_BITS - 1).
+ */
+ tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS) ||
+ data == extract32(data, 0, SIMD_DATA_BITS));
oprsz = (oprsz / 8) - 1;
maxsz = (maxsz / 8) - 1;
--
2.41.0.windows.1

43
tcg-Reset-data_gen_ptr-correctly.patch Normal file
View File

@ -0,0 +1,43 @@
From 3fe3a7706b9cacefdebba10cfaa15d6286f6e91c Mon Sep 17 00:00:00 2001
From: Richard Henderson <richard.henderson@linaro.org>
Date: Wed, 16 Oct 2024 17:31:05 +0000
Subject: [PATCH] tcg: Reset data_gen_ptr correctly
This pointer needs to be reset after overflow just like
code_buf and code_ptr.
Cc: qemu-stable@nongnu.org
Fixes: 57a269469db ("tcg: Infrastructure for managing constant pools")
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit a7cfd751fb269de4a93bf1658cb13911c7ac77cc)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
tcg/tcg.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tcg/tcg.c b/tcg/tcg.c
index 635555001b..08c3b5a002 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -714,7 +714,6 @@ TranslationBlock *tcg_tb_alloc(TCGContext *s)
goto retry;
}
qatomic_set(&s->code_gen_ptr, next);
- s->data_gen_ptr = NULL;
return tb;
}
@@ -4276,6 +4275,7 @@ int tcg_gen_code(TCGContext *s, TranslationBlock *tb)
*/
s->code_buf = tcg_splitwx_to_rw(tb->tc.ptr);
s->code_ptr = s->code_buf;
+ s->data_gen_ptr = NULL;
#ifdef TCG_TARGET_NEED_LDST_LABELS
QSIMPLEQ_INIT(&s->ldst_labels);
--
2.41.0.windows.1

36
tests-Fix-typo-in-check-help-output.patch Normal file
View File

@ -0,0 +1,36 @@
From a7fbe006d0863d4228bed30e0c5125a2a2ead8d2 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 13:37:02 +0800
Subject: [PATCH] tests: Fix typo in check-help output
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit 6d4c8af321e5d0da919fd946d44abbd61a10b708
Fix typo in 'make check-help' output.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220111175528.22294-1-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
tests/Makefile.include | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 4c564cf789..3aba622400 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -23,7 +23,7 @@ endif
@echo " $(MAKE) check-clean Clean the tests and related data"
@echo
@echo "The following are useful for CI builds"
- @echo " $(MAKE) check-build Build most test binaris"
+ @echo " $(MAKE) check-build Build most test binaries"
@echo " $(MAKE) get-vm-images Downloads all images used by avocado tests, according to configured targets (~350 MB each, 1.5 GB max)"
@echo
@echo
--
2.41.0.windows.1

42
tests-avocado-machine_s390_ccw_virtio-Adapt-test-to-.patch Normal file
View File

@ -0,0 +1,42 @@
From 66232caae47f056c264ac7aee8c16ad1db807bfd Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Mon, 16 Dec 2024 09:32:39 +0800
Subject: [PATCH] tests/avocado/machine_s390_ccw_virtio: Adapt test to new
default resolution
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
cherry picked from commit f3f230d934dada8801c86742f58bca7a2cd1ff78
QEMU's default screen resolution recently changed to 1280x800, so the
resolution in the screen shot header changed of course, too.
Fixes: de72c4b7cd ("edid: set default resolution to 1280x800 (WXGA)")
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20220221101933.307525-1-thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Acked-by: Halil Pasic <pasic@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
tests/avocado/machine_s390_ccw_virtio.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/avocado/machine_s390_ccw_virtio.py b/tests/avocado/machine_s390_ccw_virtio.py
index bd03d7160b..438a6f4321 100644
--- a/tests/avocado/machine_s390_ccw_virtio.py
+++ b/tests/avocado/machine_s390_ccw_virtio.py
@@ -248,7 +248,7 @@ def test_s390x_fedora(self):
line = ppmfile.readline()
self.assertEqual(line, b"P6\n")
line = ppmfile.readline()
- self.assertEqual(line, b"1024 768\n")
+ self.assertEqual(line, b"1280 800\n")
line = ppmfile.readline()
self.assertEqual(line, b"255\n")
line = ppmfile.readline(256)
--
2.41.0.windows.1

34
tests-qtest-fuzz-fix-memleak-in-qos_fuzz.c.patch Normal file
View File

@ -0,0 +1,34 @@
From f983ffa9ecc271b16695f8dc80428a600a03cf40 Mon Sep 17 00:00:00 2001
From: jipengfei <jipengfei_yewu@cmss.chinamobile.com>
Date: Mon, 9 Sep 2024 20:31:51 +0800
Subject: [PATCH] tests/qtest/fuzz: fix memleak in qos_fuzz.c
Found with fuzzing for qemu-8.2, but also relevant for master
cheery-pick from 7c66540db45a726029e5165f6e5c34008f08ede
Signed-off-by:jipengfei <jipengfei_yewu@cmss.chinamobile.com>
Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
Message-ID: <20240521103106.119021-3-frolov@swemel.ru>
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
tests/qtest/fuzz/qos_fuzz.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tests/qtest/fuzz/qos_fuzz.c b/tests/qtest/fuzz/qos_fuzz.c
index 7a244c951e..5ab38e50cf 100644
--- a/tests/qtest/fuzz/qos_fuzz.c
+++ b/tests/qtest/fuzz/qos_fuzz.c
@@ -182,6 +182,7 @@ static void walk_path(QOSGraphNode *orig_path, int len)
fuzz_path_vec = path_vec;
} else {
+ g_string_free(cmd_line, true);
g_free(path_vec);
}
--
2.41.0.windows.1

52
ui-gtk-fix-leaks-found-wtih-fuzzing.patch Normal file
View File

@ -0,0 +1,52 @@
From 1876a69642964cdaadcce4dd797c0b91f02c2ed3 Mon Sep 17 00:00:00 2001
From: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
Date: Thu, 12 Dec 2024 09:57:44 +0800
Subject: [PATCH] ui/gtk: fix leaks found wtih fuzzing
cheery-pick from e38f4e976dd40c985bfe84230a627de9a108c9d3
It is true, that there is no problem during runtime
from the first sight, because the memory is lost just
before qemu exits. Nevertheless, this change is necessary,
because AddressSanitizer is not able to recognize this
situation and produces crash-report (which is
false-positive in fact). Lots of False-Positive warnings
are davaluing problems, found with fuzzing, and thus the
whole methodology of dynamic analysis.
This patch eliminates such False-Positive reports,
and makes every problem, found with fuzzing, more valuable.
Fixes: 060ab76356 ("gtk: don't exit early in case gtk init fails")
Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Message-Id: <20230825115818.1091936-1-frolov@swemel.ru>
Signed-off-by: Zhang Jiao <zhangjiao2_yewu@cmss.chinamobile.com>
---
ui/gtk.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/ui/gtk.c b/ui/gtk.c
index 6d9cb42b3d..f16ccf9c4b 100644
--- a/ui/gtk.c
+++ b/ui/gtk.c
@@ -2245,7 +2245,7 @@ static void gtk_display_init(DisplayState *ds, DisplayOptions *opts)
{
VirtualConsole *vc;
- GtkDisplayState *s = g_malloc0(sizeof(*s));
+ GtkDisplayState *s;
GdkDisplay *window_display;
GtkIconTheme *theme;
char *dir;
@@ -2255,6 +2255,7 @@ static void gtk_display_init(DisplayState *ds, DisplayOptions *opts)
exit(1);
}
assert(opts->type == DISPLAY_TYPE_GTK);
+ s = g_malloc0(sizeof(*s));
s->opts = opts;
theme = gtk_icon_theme_get_default();
--
2.41.0.windows.1

38
usb-hub-Fix-handling-port-power-control-messages.patch Normal file
View File

@ -0,0 +1,38 @@
From 6e7e25af997cd6506a22d6eb2abe5fb0835c31ed Mon Sep 17 00:00:00 2001
From: Guenter Roeck <linux@roeck-us.net>
Date: Tue, 12 Nov 2024 09:01:52 -0800
Subject: [PATCH] usb-hub: Fix handling port power control messages
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The ClearPortFeature control message fails for PORT_POWER because there
is no break; at the end of the case statement, causing it to fall through
to the failure handler. Add the missing break; to solve the problem.
Fixes: 1cc403eb21 ("usb-hub: emulate per port power switching")
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241112170152.217664-11-linux@roeck-us.net>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
(cherry picked from commit b2cc69997924b651c0c6f4037782e25f2e438715)
Signed-off-by: zhujun2 <zhujun2_yewu@cmss.chinamobile.com>
---
hw/usb/dev-hub.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/usb/dev-hub.c b/hw/usb/dev-hub.c
index e35813d772..605fee4fa9 100644
--- a/hw/usb/dev-hub.c
+++ b/hw/usb/dev-hub.c
@@ -479,6 +479,7 @@ static void usb_hub_handle_control(USBDevice *dev, USBPacket *p,
usb_hub_port_clear(port, PORT_STAT_SUSPEND);
port->wPortChange = 0;
}
+ break;
default:
goto fail;
}
--
2.41.0.windows.1

39
vdpa-Fix-dirty-page-bitmap-synchronization-not-done-.patch Normal file
View File

@ -0,0 +1,39 @@
From 7a8e59e39b342574852c18851f3926742f0adc0c Mon Sep 17 00:00:00 2001
From: Adttil <2429917001@qq.com>
Date: Thu, 24 Apr 2025 09:47:45 +0800
Subject: [PATCH] vdpa:Fix dirty page bitmap synchronization not done after
suspend for vdpa devices
Change the flag for vdpa device to determine whether to perform log_sync
from dev->started to dev->log, and do not release dev->log after vdpa device
suspend, and release it uniformly by vhost_dev_stop.
Signed-off-by: Adttil <2429917001@qq.com>
---
hw/virtio/vhost.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
index ed1506d3e0..91b0019469 100644
--- a/hw/virtio/vhost.c
+++ b/hw/virtio/vhost.c
@@ -288,7 +288,7 @@ static void vhost_log_sync(MemoryListener *listener,
memory_listener);
MigrationState *ms = migrate_get_current();
- if (!dev->log_enabled || !dev->started) {
+ if (!dev->log_enabled || !dev->log) {
return;
}
@@ -2327,7 +2327,6 @@ int vhost_dev_suspend(struct vhost_dev *hdev, VirtIODevice *vdev, bool vrings)
memory_listener_unregister(&hdev->iommu_listener);
}
vhost_stop_config_intr(hdev);
- vhost_log_put(hdev, true);
hdev->started = false;
vdev->vhost_started = false;
hdev->vdev = NULL;
--
2.41.0.windows.1

55
vvfat-Fix-size-of-temporary-qcow-file.patch Normal file
View File

@ -0,0 +1,55 @@
From af7d805a06677a4fdf55799c080b06483adafc9f Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Wed, 20 Nov 2024 11:23:29 +0800
Subject: [PATCH] vvfat: Fix size of temporary qcow file
cherry picked from commit 2db9b9e96f0b57ceaa49666d9b8a573290114fdf
The size of the qcow size was calculated so that only the FAT partition
would fit on it, but not the whole disk. However, offsets relative to
the whole disk are used to access it, so increase its size to be large
enough for that.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20211209151815.23495-1-kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
block/vvfat.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/block/vvfat.c b/block/vvfat.c
index 58692133c1..3691c4774e 100644
--- a/block/vvfat.c
+++ b/block/vvfat.c
@@ -1230,6 +1230,7 @@ static int vvfat_open(BlockDriverState *bs, QDict *options, int flags,
dirname, cyls, heads, secs));
s->sector_count = cyls * heads * secs - s->offset_to_bootsector;
+ bs->total_sectors = cyls * heads * secs;
if (qemu_opt_get_bool(opts, "rw", false)) {
if (!bdrv_is_read_only(bs)) {
@@ -1250,8 +1251,6 @@ static int vvfat_open(BlockDriverState *bs, QDict *options, int flags,
}
}
- bs->total_sectors = cyls * heads * secs;
-
if (init_directories(s, dirname, heads, secs, errp)) {
ret = -EIO;
goto fail;
@@ -3149,8 +3148,8 @@ static int enable_write_target(BlockDriverState *bs, Error **errp)
}
opts = qemu_opts_create(bdrv_qcow->create_opts, NULL, 0, &error_abort);
- qemu_opt_set_number(opts, BLOCK_OPT_SIZE, s->sector_count * 512,
- &error_abort);
+ qemu_opt_set_number(opts, BLOCK_OPT_SIZE,
+ bs->total_sectors * BDRV_SECTOR_SIZE, &error_abort);
qemu_opt_set(opts, BLOCK_OPT_BACKING_FILE, "fat:", &error_abort);
ret = bdrv_create(bdrv_qcow, s->qcow_filename, opts, errp);
--
2.41.0.windows.1

99
vvfat-Fix-vvfat_write-for-writes-before-the-root-dir.patch Normal file
View File

@ -0,0 +1,99 @@
From 64b53f59bccb8ec3251826c06d74adbc7b3cad36 Mon Sep 17 00:00:00 2001
From: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
Date: Mon, 16 Dec 2024 10:27:44 +0800
Subject: [PATCH] vvfat: Fix vvfat_write() for writes before the root directory
cherry picked from commit b9b8860d24676ec59c878d5206ea6bcfc87af798
The calculation in sector2cluster() is done relative to the offset of
the root directory. Any writes to blocks before the start of the root
directory (in particular, writes to the FAT) result in negative values,
which are not handled correctly in vvfat_write().
This changes sector2cluster() to return a signed value, and makes sure
that vvfat_write() doesn't try to find mappings for negative cluster
number. It clarifies the code in vvfat_write() to make it more obvious
that the cluster numbers can be negative.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20211209152231.23756-1-kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Luo Yifan <luoyifan_yewu@cmss.chinamobile.com>
---
block/vvfat.c | 30 ++++++++++++++++++++++--------
1 file changed, 22 insertions(+), 8 deletions(-)
diff --git a/block/vvfat.c b/block/vvfat.c
index 3691c4774e..935a10bdd3 100644
--- a/block/vvfat.c
+++ b/block/vvfat.c
@@ -882,7 +882,7 @@ static int read_directory(BDRVVVFATState* s, int mapping_index)
return 0;
}
-static inline uint32_t sector2cluster(BDRVVVFATState* s,off_t sector_num)
+static inline int32_t sector2cluster(BDRVVVFATState* s,off_t sector_num)
{
return (sector_num - s->offset_to_root_dir) / s->sectors_per_cluster;
}
@@ -2983,6 +2983,7 @@ static int vvfat_write(BlockDriverState *bs, int64_t sector_num,
{
BDRVVVFATState *s = bs->opaque;
int i, ret;
+ int first_cluster, last_cluster;
DLOG(checkpoint());
@@ -3001,9 +3002,20 @@ DLOG(checkpoint());
if (sector_num < s->offset_to_fat)
return -1;
- for (i = sector2cluster(s, sector_num);
- i <= sector2cluster(s, sector_num + nb_sectors - 1);) {
- mapping_t* mapping = find_mapping_for_cluster(s, i);
+ /*
+ * Values will be negative for writes to the FAT, which is located before
+ * the root directory.
+ */
+ first_cluster = sector2cluster(s, sector_num);
+ last_cluster = sector2cluster(s, sector_num + nb_sectors - 1);
+
+ for (i = first_cluster; i <= last_cluster;) {
+ mapping_t *mapping = NULL;
+
+ if (i >= 0) {
+ mapping = find_mapping_for_cluster(s, i);
+ }
+
if (mapping) {
if (mapping->read_only) {
fprintf(stderr, "Tried to write to write-protected file %s\n",
@@ -3043,8 +3055,9 @@ DLOG(checkpoint());
}
}
i = mapping->end;
- } else
+ } else {
i++;
+ }
}
/*
@@ -3058,10 +3071,11 @@ DLOG(fprintf(stderr, "Write to qcow backend: %d + %d\n", (int)sector_num, nb_sec
return ret;
}
- for (i = sector2cluster(s, sector_num);
- i <= sector2cluster(s, sector_num + nb_sectors - 1); i++)
- if (i >= 0)
+ for (i = first_cluster; i <= last_cluster; i++) {
+ if (i >= 0) {
s->used_clusters[i] |= USED_ALLOCATED;
+ }
+ }
DLOG(checkpoint());
/* TODO: add timeout */
--
2.41.0.windows.1