Re: [Qemu-devel] [qemu-s390x] [PATCH v5 06/12] s390-ccw: parse and set boot menu options

2018-02-14 Thread Viktor Mihajlovski 
On 15.02.2018 07:38, Thomas Huth wrote:
> On 14.02.2018 18:46, Collin L. Walling wrote:
>> I'm beginning to like the usage of splash-time to represent a timeout
>> for the boot menu
>> less and less.  It is really meant for how long a _splash_ _image_
>> should appear during boot.
>>
>> I'd like to suggest adding a new boot option "menu-timeout".  An
>> alternative would be
>> documenting in qemu-options.hx that s390 treats "splash-time" as the
>> menu-timeout.
>>
>> Thoughts?
> 
> I think you should keep splash-time and not introduce a new option.
> Libvirt seems to map the timeout from  timeout='X'/> to the splash-time option, and according to the libvirt
> documentation: "Additional attribute timeout takes the number of
> milliseconds the boot menu should wait until it times out."
> 
> So it seems like splash-time is already expected to define the amount of
> time for the boot menu. We should not confuse libvirt or the users by
> introducing yet another option here.
I agree, the QEMU option name was probably poorly chosen, as it really
describes the time a user has to interact with the BIOS before it starts
booting the OS.

BTW: we could have a nice ASCII art splash image (nah ... just kidding)

 ##  #   ####
# #  #  # # # #  #   #
#   # # # # # #
 # # #   ## # #
  #   #   #   # # #
# #  #  # # # #  #   #
 #  ##   ####

[...]

-- 
Regards,
 Viktor Mihajlovski

Re: [Qemu-devel] [qemu-s390x] [PATCH 11/30] hw/s390x: use the BYTE-based definitions

2018-02-14 Thread Thomas Huth 
On 15.02.2018 05:28, Philippe Mathieu-Daudé wrote:
> It ease code review, unit is explicit.
> 
> Signed-off-by: Philippe Mathieu-Daudé 
> ---
>  hw/s390x/sclp.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/hw/s390x/sclp.c b/hw/s390x/sclp.c
> index 276972b59f..8537aa2688 100644
> --- a/hw/s390x/sclp.c
> +++ b/hw/s390x/sclp.c
> @@ -526,8 +526,8 @@ static void sclp_realize(DeviceState *dev, Error **errp)
>  
>  ret = s390_set_memory_limit(machine->maxram_size, _limit);
>  if (ret == -E2BIG) {
> -error_setg(, "host supports a maximum of %" PRIu64 " GB",
> -   hw_limit >> 30);
> +error_setg(, "host supports a maximum of %llu GB",
> +   hw_limit / G_BYTE);
>  } else if (ret) {
>  error_setg(, "setting the guest size failed");
>  }

Reviewed-by: Thomas Huth

Re: [Qemu-devel] [qemu-s390x] [PATCH v5 11/12] s390-ccw: clear pending irqs

2018-02-14 Thread Thomas Huth 
On 14.02.2018 16:33, Collin L. Walling wrote:
> On 02/14/2018 05:57 AM, David Hildenbrand wrote:
[...]
>> 1. CKC interrupts can be cleared by resetting the CKC
>> 2. SCLP interrupts can be cleared only via delivery (apart from CPU
>> reset)
>>
>> So if you have CKC and SCLP pending at the same time, you get the CKC
>> delivered first and the SCLP remains pending.
>>
>> Now, the easiest way to clear that (if you don't know if any is
>> pending!) is to simply print a string. Then you know that you have
>> exactly one SCLP interrupt pending.
>>
>> So simply printing a string after potentially reading should be
>> sufficient to clear the SCLP interrupt deterministically :)
> 
> Perhaps it is due to my lack of understanding of how irqs are queued,
> but is it
> possible that we could still end up with service interrupts pending in
> the SCLP?
> Specifically if we're still accepting external interrupts from
> keystrokes but we
> aren't reading anything from the SCLP.
> 
> Let's say we have 1 service signal pending and we go to print something.
> This
> executes the sclp service call instruction and generates a new service
> signal.
> The SCLP would consume one of the service interrupts and write to the
> console.
> We still have 1 interrupt pending that we need to deal with.
> 
> That 1 pending interrupt could have been generated at any time we're still
> listening to activity from the keyboard.

There is no "queue" or something like this for service interrupts.
Either one service interrupt is pending, or it is not. Have a look at
arch/s390/kvm/interrupt.c in the Linux kernel sources and search for the
functions __deliver_service() and __inject_service() for example.

> In my next update to this patch, I setup the control program receive
> mask in
> the SCLP only when we need to get input from the user and then clear the
> mask
> when we're done. Doing so will make it so we generate an interrupt from
> keystrokes ONLY when the mask is set. No external interrupts from
> keystrokes
> will be generated when the cp_receive mask is NOT set.
> 
> After I clear the cp_receive mask, we consume any leftover interrupts by
> calling consume_sclp_int (I also fixup the patch to make sure we only end
> irq-clearing on a ckc interrupt -- oops).

Not sure whether you really have to deal with the ckc here again to get
rid of pending service interrupts... David's idea to simply print out
something to clear the pending service interrupt sounds easier to me.

 Thomas

Re: [Qemu-devel] [qemu-s390x] [PATCH v5 06/12] s390-ccw: parse and set boot menu options

2018-02-14 Thread Thomas Huth 
On 14.02.2018 18:46, Collin L. Walling wrote:
> I'm beginning to like the usage of splash-time to represent a timeout
> for the boot menu
> less and less.  It is really meant for how long a _splash_ _image_
> should appear during boot.
> 
> I'd like to suggest adding a new boot option "menu-timeout".  An
> alternative would be
> documenting in qemu-options.hx that s390 treats "splash-time" as the
> menu-timeout.
> 
> Thoughts?

I think you should keep splash-time and not introduce a new option.
Libvirt seems to map the timeout from  to the splash-time option, and according to the libvirt
documentation: "Additional attribute timeout takes the number of
milliseconds the boot menu should wait until it times out."

So it seems like splash-time is already expected to define the amount of
time for the boot menu. We should not confuse libvirt or the users by
introducing yet another option here.

 Thomas


> On 02/05/2018 03:57 PM, Collin L. Walling wrote:
>> Set boot menu options for an s390 guest and store them in
>> the iplb. These options are set via the QEMU command line
>> option:
>>
>>  -boot menu=on|off[,splash-time=X]
>>
>> or via the libvirt domain xml:
>>
>>  
>>    
>>  
>>
>> Where X represents some positive integer representing
>> milliseconds.
>>
>> Any value set for loadparm will override all boot menu options.
>> If loadparm=PROMPT, then the menu will be enabled without a
>> timeout.
>>
>> The absence of any boot options on the command line will flag
>> to later use the zipl boot loader values.
>>
>> Signed-off-by: Collin L. Walling 
>> Reviewed-by: Janosch Frank 
>> Reviewed-by: Thomas Huth 
>> ---
>> [...]

Re: [Qemu-devel] [PATCH 04/30] hw/lm32/milkymist: remove unused include

2018-02-14 Thread Thomas Huth 
On 15.02.2018 05:28, Philippe Mathieu-Daudé wrote:
> Signed-off-by: Philippe Mathieu-Daudé 
> ---
>  hw/lm32/milkymist.c | 1 -
>  1 file changed, 1 deletion(-)
> 
> diff --git a/hw/lm32/milkymist.c b/hw/lm32/milkymist.c
> index 471a74eaa1..c28379399f 100644
> --- a/hw/lm32/milkymist.c
> +++ b/hw/lm32/milkymist.c
> @@ -30,7 +30,6 @@
>  #include "hw/boards.h"
>  #include "hw/loader.h"
>  #include "elf.h"
> -#include "sysemu/block-backend.h"
>  #include "milkymist-hw.h"
>  #include "lm32.h"
>  #include "exec/address-spaces.h"

Works indeed without that include.

Tested-by: Thomas Huth

Re: [Qemu-devel] [PATCH 05/30] hw/mips/r4k: constify params_size

2018-02-14 Thread Thomas Huth 
On 15.02.2018 05:28, Philippe Mathieu-Daudé wrote:
> Signed-off-by: Philippe Mathieu-Daudé 
> ---
>  hw/mips/mips_r4k.c | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/hw/mips/mips_r4k.c b/hw/mips/mips_r4k.c
> index 830ee7732c..5a74c44b9a 100644
> --- a/hw/mips/mips_r4k.c
> +++ b/hw/mips/mips_r4k.c
> @@ -79,8 +79,9 @@ typedef struct ResetData {
>  
>  static int64_t load_kernel(void)
>  {
> +const size_t params_size = 264;
>  int64_t entry, kernel_high;
> -long kernel_size, initrd_size, params_size;
> +long kernel_size, initrd_size;
>  ram_addr_t initrd_offset;
>  uint32_t *params_buf;
>  int big_endian;
> @@ -128,7 +129,6 @@ static int64_t load_kernel(void)
>  }
>  
>  /* Store command line.  */
> -params_size = 264;
>  params_buf = g_malloc(params_size);
>  
>  params_buf[0] = tswap32(ram_size);
> @@ -144,7 +144,6 @@ static int64_t load_kernel(void)
>  
>  rom_add_blob_fixed("params", params_buf, params_size,
> (16 << 20) - 264);
> -
>  g_free(params_buf);
>  return entry;
>  }

The last hunk is an unnecessary white-space change. Did you maybe rather
wanted to replace the 264 in the preceding line instead?

 Thomas

Re: [Qemu-devel] [PATCH 02/30] hw: include "qemu/cunits.h" and clean unused "qemu/cutils.h"

2018-02-14 Thread Thomas Huth 
On 15.02.2018 05:28, Philippe Mathieu-Daudé wrote:
> These files were including "qemu/cutils.h" to use the byte-based size
> definitions, now available in "qemu/cunits.h".
> 
> Signed-off-by: Philippe Mathieu-Daudé 
> ---
>  include/hw/hw.h   | 1 +
>  hw/arm/msf2-soc.c | 1 -
>  hw/arm/msf2-som.c | 1 -
>  hw/core/loader-fit.c  | 1 -
>  hw/core/loader.c  | 1 -
>  hw/core/machine.c | 1 -
>  hw/cris/boot.c| 1 -
>  hw/display/sm501.c| 1 -
>  hw/hppa/machine.c | 1 -
>  hw/lm32/milkymist.c   | 1 -
>  hw/microblaze/boot.c  | 1 -
>  hw/mips/boston.c  | 1 -
>  hw/misc/mos6522.c | 1 -
>  hw/nios2/boot.c   | 1 -
>  hw/ppc/mac_newworld.c | 1 -
>  hw/ppc/mac_oldworld.c | 1 -
>  hw/ppc/pnv.c  | 1 -
>  hw/ppc/prep.c | 1 -
>  hw/ppc/spapr_rtas.c   | 1 -
>  hw/sd/sdhci.c | 1 -
>  hw/sparc/sun4m.c  | 1 -
>  hw/sparc64/sun4u.c| 1 -
>  hw/usb/dev-serial.c   | 1 -
>  hw/usb/dev-storage.c  | 1 -
>  24 files changed, 1 insertion(+), 23 deletions(-)
> 
> diff --git a/include/hw/hw.h b/include/hw/hw.h
> index ab4950c312..8249448cac 100644
> --- a/include/hw/hw.h
> +++ b/include/hw/hw.h
> @@ -14,6 +14,7 @@
>  #include "migration/qemu-file-types.h"
>  #include "qemu/module.h"
>  #include "sysemu/reset.h"
> +#include "qemu/cunits.h"

Instead of adding this to a header and creating yet another possible
recompile-the-world dependency this way, wouldn't it be better to
include the cunits.h only from the .c files that need the definitions?

 Thomas

[Qemu-devel] [PATCH V3 2/2] tests: Add migration test for aarch64

2018-02-14 Thread Wei Huang 
This patch adds migration test support for aarch64. The test code, which
implements the same functionality as x86, is booted as a kernel in qemu.
Here are the design choices we make for aarch64:

 * We choose this -kernel approach because aarch64 QEMU doesn't provide a
   built-in fw like x86 does. So instead of relying on a boot loader, we
   use -kernel approach for aarch64.
 * The serial output is sent to PL011 directly.
 * The physical memory base for mach-virt machine is 0x4000. We change
   the start_address and end_address for aarch64.

In addition to providing the binary, this patch also includes the source
code and the build script in tests/migration/. So users can change the
source and/or re-compile the binary as they wish.

Signed-off-by: Wei Huang 
---
 tests/Makefile.include   |  1 +
 tests/migration-test.c   | 39 ---
 tests/migration/Makefile | 12 +-
 tests/migration/aarch64-a-b-kernel.h | 19 +
 tests/migration/aarch64-a-b-kernel.s | 74 
 5 files changed, 137 insertions(+), 8 deletions(-)
 create mode 100644 tests/migration/aarch64-a-b-kernel.h
 create mode 100644 tests/migration/aarch64-a-b-kernel.s

diff --git a/tests/Makefile.include b/tests/Makefile.include
index 278c13a..5b1605a 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -372,6 +372,7 @@ check-qtest-arm-y += tests/sdhci-test$(EXESUF)
 
 check-qtest-aarch64-y = tests/numa-test$(EXESUF)
 check-qtest-aarch64-y += tests/sdhci-test$(EXESUF)
+check-qtest-aarch64-y += tests/migration-test$(EXESUF)
 
 check-qtest-microblazeel-y = $(check-qtest-microblaze-y)
 
diff --git a/tests/migration-test.c b/tests/migration-test.c
index 97fdb19..0b6ab5c 100644
--- a/tests/migration-test.c
+++ b/tests/migration-test.c
@@ -23,8 +23,8 @@
 
 #define MIN_NVRAM_SIZE 8192 /* from spapr_nvram.c */
 
-const unsigned start_address = 1024 * 1024;
-const unsigned end_address = 100 * 1024 * 1024;
+unsigned start_address = 1024 * 1024;
+unsigned end_address = 100 * 1024 * 1024;
 bool got_stop;
 
 #if defined(__linux__)
@@ -81,12 +81,13 @@ static const char *tmpfs;
  * outputting a 'B' every so often if it's still running.
  */
 #include "tests/migration/x86-a-b-bootblock.h"
+#include "tests/migration/aarch64-a-b-kernel.h"
 
-static void init_bootfile_x86(const char *bootpath)
+static void init_bootfile(const char *bootpath, void *content)
 {
 FILE *bootfile = fopen(bootpath, "wb");
 
-g_assert_cmpint(fwrite(x86_bootsect, 512, 1, bootfile), ==, 1);
+g_assert_cmpint(fwrite(content, 512, 1, bootfile), ==, 1);
 fclose(bootfile);
 }
 
@@ -392,7 +393,7 @@ static void test_migrate_start(QTestState **from, 
QTestState **to,
 got_stop = false;
 
 if (strcmp(arch, "i386") == 0 || strcmp(arch, "x86_64") == 0) {
-init_bootfile_x86(bootpath);
+init_bootfile(bootpath, x86_bootsect);
 cmd_src = g_strdup_printf("-machine accel=%s -m 150M"
   " -name source,debug-threads=on"
   " -serial file:%s/src_serial"
@@ -421,6 +422,32 @@ static void test_migrate_start(QTestState **from, 
QTestState **to,
   " -serial file:%s/dest_serial"
   " -incoming %s",
   accel, tmpfs, uri);
+} else if (strcmp(arch, "aarch64") == 0) {
+const char *cpu;
+
+if (access("/dev/kvm", F_OK)) {
+accel = "kvm";
+cpu = "host";
+} else {
+accel = "tcg";
+cpu = "cortex-a57";
+}
+
+init_bootfile(bootpath, aarch64_kernel);
+cmd_src = g_strdup_printf("-machine virt,accel=%s -m 150M "
+  "-name vmsource,debug-threads=on -cpu %s "
+  "-serial file:%s/src_serial "
+  "-kernel %s ",
+  accel, cpu, tmpfs, bootpath);
+cmd_dst = g_strdup_printf("-machine virt,accel=%s -m 150M "
+  "-name vmdest,debug-threads=on -cpu %s "
+  "-serial file:%s/dest_serial "
+  "-kernel %s "
+  "-incoming %s ",
+  accel, cpu, tmpfs, bootpath, uri);
+/* aarch64 virt machine physical memory starts at 0x4000 */
+start_address += 0x4000;
+end_address += 0x4000;
 } else {
 g_assert_not_reached();
 }
@@ -502,7 +529,7 @@ static void test_deprecated(void)
 {
 QTestState *from;
 
-from = qtest_start("");
+from = qtest_start("-machine none");
 
 deprecated_set_downtime(from, 0.12345);
 deprecated_set_speed(from, "12345");
diff --git a/tests/migration/Makefile b/tests/migration/Makefile
index e8e6026..00f854b 100644
--- a/tests/migration/Makefile
+++

Re: [Qemu-devel] [PATCH 03/30] hw/block/nvme: include the "qemu/cutils.h" in the source file

2018-02-14 Thread Thomas Huth 
On 15.02.2018 05:28, Philippe Mathieu-Daudé wrote:
> where it is used.
> 
> Signed-off-by: Philippe Mathieu-Daudé 
> ---
>  hw/block/nvme.h | 1 -
>  hw/block/nvme.c | 1 +
>  2 files changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/hw/block/nvme.h b/hw/block/nvme.h
> index 8f3981121d..cabcf20c32 100644
> --- a/hw/block/nvme.h
> +++ b/hw/block/nvme.h
> @@ -1,6 +1,5 @@
>  #ifndef HW_NVME_H
>  #define HW_NVME_H
> -#include "qemu/cutils.h"
>  #include "block/nvme.h"
>  
>  typedef struct NvmeAsyncEvent {
> diff --git a/hw/block/nvme.c b/hw/block/nvme.c
> index 85d2406400..811084b6a7 100644
> --- a/hw/block/nvme.c
> +++ b/hw/block/nvme.c
> @@ -35,6 +35,7 @@
>  #include "sysemu/block-backend.h"
>  
>  #include "qemu/log.h"
> +#include "qemu/cutils.h"
>  #include "trace.h"
>  #include "nvme.h"

Reviewed-by: Thomas Huth

[Qemu-devel] [PATCH V3 1/2] tests/migration: Convert the boot block compilation script into Makefile

2018-02-14 Thread Wei Huang 
The x86 boot block header currently is generated with a shell script.
To better support other CPUs (e.g. aarch64), we convert the script
into Makefile. This allows us to 1) support cross-compilation easily; 2)
avoid creating a script file for every architecture.

Signed-off-by: Wei Huang 
---
 tests/migration/Makefile | 38 
 tests/migration/rebuild-x86-bootblock.sh | 34 
 tests/migration/x86-a-b-bootblock.h  |  2 +-
 3 files changed, 39 insertions(+), 35 deletions(-)
 create mode 100644 tests/migration/Makefile
 delete mode 100755 tests/migration/rebuild-x86-bootblock.sh

diff --git a/tests/migration/Makefile b/tests/migration/Makefile
new file mode 100644
index 000..e8e6026
--- /dev/null
+++ b/tests/migration/Makefile
@@ -0,0 +1,38 @@
+#
+# Copyright (c) 2016-2018 Red Hat, Inc. and/or its affiliates
+#
+# Authors:
+#   Dave Gilbert 
+#
+# This work is licensed under the terms of the GNU GPL, version 2 or later.
+# See the COPYING file in the top-level directory.
+#
+path := $(subst :, ,$(PATH))
+system := $(shell uname -s | tr "A-Z" "a-z")
+
+cross-ld = $(firstword $(wildcard $(patsubst %,%/$(1)-*$(system)*-ld,$(path
+cross-gcc = $(firstword $(wildcard $(patsubst %ld,%gcc,$(call cross-ld,$(1)
+find-cross-prefix = $(subst gcc,,$(notdir $(call cross-gcc,$(1
+
+x86_64_cross_prefix := $(call find-cross-prefix,x86_64)
+
+export __note
+override define __note
+/* This file is automatically generated from
+ * tests/migration/$<, edit that and then run
+ * "make $@" inside tests/migration to update,
+ * and then remember to send both in your patch submission.
+ */
+endef
+
+all: x86-a-b-bootblock.h
+
+x86-a-b-bootblock.h: x86-a-b-bootblock.s
+   $(x86_64_cross_prefix)as --32 -march=i486 $< -o x86.o
+   $(x86_64_cross_prefix)objcopy -O binary x86.o x86.boot
+   dd if=x86.boot of=x86.bootsect bs=256 count=2 skip=124
+   echo "$$__note" > $@
+   xxd -i x86.bootsect | sed -e 's/.*int.*//' >> $@
+
+clean:
+   rm -rf *.bootsect *.boot *.o
diff --git a/tests/migration/rebuild-x86-bootblock.sh 
b/tests/migration/rebuild-x86-bootblock.sh
deleted file mode 100755
index 05ed9ba..000
--- a/tests/migration/rebuild-x86-bootblock.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/bin/sh
-# Copyright (c) 2016-2018 Red Hat, Inc. and/or its affiliates
-# This work is licensed under the terms of the GNU GPL, version 2 or later.
-# See the COPYING file in the top-level directory.
-#
-# Author: dgilb...@redhat.com
-
-ASMFILE=$PWD/tests/migration/x86-a-b-bootblock.s
-HEADER=$PWD/tests/migration/x86-a-b-bootblock.h
-
-if [ ! -e "$ASMFILE" ]
-then
-  echo "Couldn't find $ASMFILE" >&2
-  exit 1
-fi
-
-ASM_WORK_DIR=$(mktemp -d --tmpdir X86BB.XX)
-cd "$ASM_WORK_DIR" &&
-as --32 -march=i486 "$ASMFILE" -o x86.o &&
-objcopy -O binary x86.o x86.boot &&
-dd if=x86.boot of=x86.bootsect bs=256 count=2 skip=124 &&
-xxd -i x86.bootsect |
-sed -e 's/.*int.*//' > x86.hex &&
-cat - x86.hex < "$HEADER"
-/* This file is automatically generated from
- * tests/migration/x86-a-b-bootblock.s, edit that and then run
- * tests/migration/rebuild-x86-bootblock.sh to update,
- * and then remember to send both in your patch submission.
- */
-HERE
-
-rm x86.hex x86.bootsect x86.boot x86.o
-cd .. && rmdir "$ASM_WORK_DIR"
-
diff --git a/tests/migration/x86-a-b-bootblock.h 
b/tests/migration/x86-a-b-bootblock.h
index 78a151f..9e8e2e0 100644
--- a/tests/migration/x86-a-b-bootblock.h
+++ b/tests/migration/x86-a-b-bootblock.h
@@ -1,6 +1,6 @@
 /* This file is automatically generated from
  * tests/migration/x86-a-b-bootblock.s, edit that and then run
- * tests/migration/rebuild-x86-bootblock.sh to update,
+ * "make x86-a-b-bootblock.h" inside tests/migration to update,
  * and then remember to send both in your patch submission.
  */
 unsigned char x86_bootsect[] = {
-- 
1.8.3.1

[Qemu-devel] [PATCH V3 0/2] tests: Add migration test for aarch64

2018-02-14 Thread Wei Huang 
This is a new version of migration-test for aarch64. This version needs to
be applied on top of Dave Gilbert's recent patch "[v4] tests/migration: Add
source to PC boot block".

V2->V3:
 * Convert build script to Makefile
 * Add cross-compilation support
 * Fix CPU type for "tcg" machine type
 * Revise asm code and the compilation process from asm to header file

V1->V2:
 * Similar to Dave Gilbert's recent changes to migration-test, we
   provide the test source and a build script in V2.
 * aarch64 kernel blob is defined as "unsigned char" because the source
   is now provided in V2.
 * Add "-machine none" to test_deprecated() because aarch64 doesn't have
   a default machine type.

RFC->V1:
 * aarch64 kernel blob is defined as an uint32_t array
 * The test code is re-written to address a data caching issue under KVM.
   Tests passed under both x86 and aarch64.
 * Re-use init_bootfile_x86() for both x86 and aarch64
 * Other minor fixes

Thanks,
-Wei

Wei Huang (2):
  tests/migration: Convert the boot block compilation script into
Makefile
  tests: Add migration test for aarch64

 tests/Makefile.include   |  1 +
 tests/migration-test.c   | 39 ++---
 tests/migration/Makefile | 46 
 tests/migration/aarch64-a-b-kernel.h | 19 
 tests/migration/aarch64-a-b-kernel.s | 74 
 tests/migration/rebuild-x86-bootblock.sh | 34 ---
 tests/migration/x86-a-b-bootblock.h  |  2 +-
 7 files changed, 174 insertions(+), 41 deletions(-)
 create mode 100644 tests/migration/Makefile
 create mode 100644 tests/migration/aarch64-a-b-kernel.h
 create mode 100644 tests/migration/aarch64-a-b-kernel.s
 delete mode 100755 tests/migration/rebuild-x86-bootblock.sh

-- 
1.8.3.1

Re: [Qemu-devel] [PATCH] configure: Add missing space when using --with-pkgversion

2018-02-14 Thread Thomas Huth 
On 14.02.2018 21:23, Eric Blake wrote:
> On 02/14/2018 11:31 AM, Thomas Huth wrote:
>> When running configure with --with-pkgversion=foo there is no
>> space anymore between the version number and the parentheses:
>>
>> $ m68k-softmmu/qemu-system-m68k -version
>> QEMU emulator version 2.11.50(foo)
>>
>> Fix it by moving the space from the configure script to the Makefile.
>>
>> Fixes: 67a1de0d195a6185c39b436159c9ffc7720bf979
>> Buglink: https://bugs.launchpad.net/qemu/+bug/1673373
>> Signed-off-by: Thomas Huth 
>> ---
>>   Makefile  | 2 +-
>>   configure | 2 +-
>>   2 files changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/Makefile b/Makefile
>> index 4ec7a3c..41adbc9 100644
>> --- a/Makefile
>> +++ b/Makefile
>> @@ -369,7 +369,7 @@ qemu-version.h: FORCE
>>   (cd $(SRC_PATH); \
>>   printf '#define QEMU_PKGVERSION '; \
>>   if test -n "$(PKGVERSION)"; then \
>> -    printf '"$(PKGVERSION)"\n'; \
>> +    printf '" ($(PKGVERSION))"\n'; \
> 
> I would argue that putting a space here is awkward; wouldn't it instead
> be easier to have all CLIENTS of QEMU_PKGVERSION in the source code
> assume that the macro does NOT have a leading space, and to supply a
> space themselves?
> 
> That is, change THESE locations:
> 
> bsd-user/main.c:    printf("qemu-" TARGET_NAME " version " QEMU_VERSION
> QEMU_PKGVERSION
> linux-user/main.c:    printf("qemu-" TARGET_NAME " version "
> QEMU_VERSION QEMU_PKGVERSION
> qemu-img.c:#define QEMU_IMG_VERSION "qemu-img version " QEMU_VERSION
> QEMU_PKGVERSION \
> qemu-io.c:    printf("%s version " QEMU_VERSION QEMU_PKGVERSION
> "\n"
> qemu-nbd.c:"%s " QEMU_VERSION QEMU_PKGVERSION "\n"
> qga/main.c:"QEMU Guest Agent " QEMU_VERSION QEMU_PKGVERSION "\n"
> scsi/qemu-pr-helper.c:"%s " QEMU_VERSION QEMU_PKGVERSION "\n"
> ui/cocoa.m:    @"QEMU emulator version %s%s", QEMU_VERSION,
> QEMU_PKGVERSION];
> vl.c:    printf("QEMU emulator version " QEMU_VERSION QEMU_PKGVERSION "\n"
> 
> to instead supply the missing space, and have configure/Makefile always
> generate without a leading space.
> 
>> +++ b/configure
>> @@ -1162,7 +1162,7 @@ for opt do
>>     ;;
>>     --disable-blobs) blobs="no"
>>     ;;
>> -  --with-pkgversion=*) pkgversion=" ($optarg)"
>> +  --with-pkgversion=*) pkgversion="$optarg"
> 
> Hmm - here you're changing who supplies the ().  But that argues that
> maybe the callsites should supply " (" and ")" themselves.

Yeah, that's likely the saner way to do this. The question is: What
about the query-version QMP command? Should it report parentheses or
not? I think I'd look nicer if it reports "package": "foo" instead of
"package": "(foo)" - but we maybe could break some users who expect
parentheses there (no matter whether there is a preceding space or not)?

 Thomas

Re: [Qemu-devel] [PATCH qemu v3] RFC: ppc/spapr: Receive and store device tree blob from SLOF

2018-02-14 Thread Alexey Kardashevskiy 
On 10/01/18 19:59, David Gibson wrote:
> On Mon, Jan 08, 2018 at 07:35:43PM +1100, Alexey Kardashevskiy wrote:
>> On 03/01/18 11:09, David Gibson wrote:
>>> On Tue, Jan 02, 2018 at 05:13:09PM +1100, Alexey Kardashevskiy wrote:
 On 11/12/17 17:20, Alexey Kardashevskiy wrote:
> On 09/11/17 17:38, David Gibson wrote:
>> On Tue, Nov 07, 2017 at 06:14:04PM +1100, Alexey Kardashevskiy wrote:
>>> On 20/10/17 11:46, Alexey Kardashevskiy wrote:
 On 19/10/17 17:24, David Gibson wrote:
> On Tue, Oct 17, 2017 at 04:55:03PM +1100, Alexey Kardashevskiy wrote:
>> On 16/10/17 20:36, David Gibson wrote:
>>> On Mon, Oct 16, 2017 at 04:20:04PM +1100, Alexey Kardashevskiy
>> wrote:
> [snip]
>>> ||
>>>
>>> Yeah.. this is all a bit complicated, I'm really thinking about a
>>> fdt_fsck() function for libfdt.
>>
>>
>> Oh. So what now? Do as below or wait for libdtc update?
>
> So I started hacking on this.  It's a bit fiddlier to get right than I
> anticipated.  How about you make a placeholder function to "test" the
> tree for now, with a comment that it will be updated once the libfdt
> extensions are there.

 What would the placeholder do? Nothing or my proposed "FDT_CHK" thingy?

 Are we in a hurry with this one at all, or I can wait till libfdt gets 
 this
 fsck()?
>>>
>>>
>>> Ping?
>>>
>>> This is not v2.11 material, is it?
>>
>> Not at this stage, no.
>>
>> I've started looking at writing the fdt_fsck() thing, but got
>> sidetracked by a bunch of related fixes to safety of handling
>> corrupted blobs in libfdt.
>
> Please let me know when I can repost the "
> ppc/spapr: Receive and store device tree blob from SLOF" again. Thanks.


 Still to early to repost?
>>>
>>> No.
>>
>>
>> I looked at the recent libfdt (from qemu tree, sha1  e543880, v1.4.6) and
>> could not find fdt_fsck() or similar, and I was waiting for this really,
>> have I missed something?
> 
> Oh, right, yeah, I haven't had time to look at that again.


Any progress with fdt_fsck()? Thanks,


-- 
Alexey



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH 10/30] hw/ppc: use the BYTE-based definitions

2018-02-14 Thread David Gibson 
On Thu, Feb 15, 2018 at 01:28:40AM -0300, Philippe Mathieu-Daudé wrote:
> It ease code review, unit is explicit.
> 
> Signed-off-by: Philippe Mathieu-Daudé 

Acked-by: David Gibson 

> ---
>  include/hw/ppc/spapr.h |  2 +-
>  hw/pci-host/prep.c |  2 +-
>  hw/ppc/e500.c  |  8 
>  hw/ppc/mac_oldworld.c  |  7 +++
>  hw/ppc/ppc405_boards.c |  8 
>  hw/ppc/ppc405_uc.c |  6 +++---
>  hw/ppc/ppc4xx_devs.c   | 21 +++--
>  hw/ppc/ppce500_spin.c  |  2 +-
>  hw/ppc/prep.c  |  2 +-
>  hw/ppc/rs6000_mc.c | 12 ++--
>  hw/ppc/virtex_ml507.c  |  4 ++--
>  11 files changed, 37 insertions(+), 37 deletions(-)
> 
> diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h
> index 62c077ac20..ceeb274205 100644
> --- a/include/hw/ppc/spapr.h
> +++ b/include/hw/ppc/spapr.h
> @@ -746,7 +746,7 @@ int spapr_rng_populate_dt(void *fdt);
>  #define SPAPR_MAX_RAM_SLOTS 32
>  
>  /* 1GB alignment for hotplug memory region */
> -#define SPAPR_HOTPLUG_MEM_ALIGN (1ULL << 30)
> +#define SPAPR_HOTPLUG_MEM_ALIGN (1 * G_BYTE)
>  
>  /*
>   * Number of 32 bit words in each LMB list entry in ibm,dynamic-memory
> diff --git a/hw/pci-host/prep.c b/hw/pci-host/prep.c
> index 01f67f9db1..d06498e131 100644
> --- a/hw/pci-host/prep.c
> +++ b/hw/pci-host/prep.c
> @@ -70,7 +70,7 @@ typedef struct PRePPCIState {
>  int contiguous_map;
>  } PREPPCIState;
>  
> -#define BIOS_SIZE (1024 * 1024)
> +#define BIOS_SIZE (1 * M_BYTE)
>  
>  static inline uint32_t raven_pci_io_config(hwaddr addr)
>  {
> diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
> index a40d3ec3e3..02675c7be4 100644
> --- a/hw/ppc/e500.c
> +++ b/hw/ppc/e500.c
> @@ -45,7 +45,7 @@
>  #define BINARY_DEVICE_TREE_FILE"mpc8544ds.dtb"
>  #define DTC_LOAD_PAD   0x180
>  #define DTC_PAD_MASK   0xF
> -#define DTB_MAX_SIZE   (8 * 1024 * 1024)
> +#define DTB_MAX_SIZE   (8 * M_BYTE)
>  #define INITRD_LOAD_PAD0x200
>  #define INITRD_PAD_MASK0xFF
>  
> @@ -597,7 +597,7 @@ static int ppce500_prep_device_tree(MachineState *machine,
>  /* Create -kernel TLB entries for BookE.  */
>  hwaddr booke206_page_size_to_tlb(uint64_t size)
>  {
> -return 63 - clz64(size >> 10);
> +return 63 - clz64(size / K_BYTE);
>  }
>  
>  static int booke206_initial_map_tsize(CPUPPCState *env)
> @@ -913,9 +913,9 @@ void ppce500_init(MachineState *machine, PPCE500Params 
> *params)
>  /* Register spinning region */
>  sysbus_create_simple("e500-spin", params->spin_base, NULL);
>  
> -if (cur_base < (32 * 1024 * 1024)) {
> +if (cur_base < 32 * M_BYTE) {
>  /* u-boot occupies memory up to 32MB, so load blobs above */
> -cur_base = (32 * 1024 * 1024);
> +cur_base = 32 * M_BYTE;
>  }
>  
>  if (params->has_mpc8xxx_gpio) {
> diff --git a/hw/ppc/mac_oldworld.c b/hw/ppc/mac_oldworld.c
> index 9b19551f56..a6b8b77937 100644
> --- a/hw/ppc/mac_oldworld.c
> +++ b/hw/ppc/mac_oldworld.c
> @@ -117,10 +117,9 @@ static void ppc_heathrow_init(MachineState *machine)
>  }
>  
>  /* allocate RAM */
> -if (ram_size > (2047 << 20)) {
> -fprintf(stderr,
> -"qemu: Too much memory for this machine: %d MB, maximum 2047 
> MB\n",
> -((unsigned int)ram_size / (1 << 20)));
> +if (ram_size > 2047 * M_BYTE) {
> +error_report("Too much memory for this machine: %llu MB, "
> + "maximum 2047 MB", ram_size / M_BYTE);
>  exit(1);
>  }
>  
> diff --git a/hw/ppc/ppc405_boards.c b/hw/ppc/ppc405_boards.c
> index 0b658931ee..8c742449b8 100644
> --- a/hw/ppc/ppc405_boards.c
> +++ b/hw/ppc/ppc405_boards.c
> @@ -41,7 +41,7 @@
>  #include "exec/address-spaces.h"
>  
>  #define BIOS_FILENAME "ppc405_rom.bin"
> -#define BIOS_SIZE (2048 * 1024)
> +#define BIOS_SIZE (2 * M_BYTE)
>  
>  #define KERNEL_LOAD_ADDR 0x
>  #define INITRD_LOAD_ADDR 0x0180
> @@ -217,14 +217,14 @@ static void ref405ep_init(MachineState *machine)
>  memory_region_init(_memories[1], NULL, "ef405ep.ram1", 0);
>  ram_bases[1] = 0x;
>  ram_sizes[1] = 0x;
> -ram_size = 128 * 1024 * 1024;
> +ram_size = 128 * M_BYTE;
>  #ifdef DEBUG_BOARD_INIT
>  printf("%s: register cpu\n", __func__);
>  #endif
>  env = ppc405ep_init(sysmem, ram_memories, ram_bases, ram_sizes,
>  , , kernel_filename == NULL ? 0 : 1);
>  /* allocate SRAM */
> -sram_size = 512 * 1024;
> +sram_size = 512 * K_BYTE;
>  memory_region_init_ram(sram, NULL, "ef405ep.sram", sram_size,
> _fatal);
>  memory_region_add_subregion(sysmem, 0xFFF0, sram);
> @@ -590,7 +590,7 @@ static void taihu_405ep_init(MachineState *machine)
>  
>  bios_size = blk_getlength(blk);
>  /* XXX: should check that size is 32MB */
> -bios_size = 32 * 1024 * 1024;

[Qemu-devel] [PATCH 30/30] xen: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/block/xen_disk.c|  4 ++--
 hw/xenpv/xen_domainbuild.c | 10 +-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/hw/block/xen_disk.c b/hw/block/xen_disk.c
index f74fcd42d1..557005b5e5 100644
--- a/hw/block/xen_disk.c
+++ b/hw/block/xen_disk.c
@@ -1153,9 +1153,9 @@ static int blk_connect(struct XenDevice *xendev)
 }
 
 xen_pv_printf(xendev, 1, "type \"%s\", fileproto \"%s\", filename \"%s\","
-  " size %" PRId64 " (%" PRId64 " MB)\n",
+  " size %" PRId64 " (%llu MB)\n",
   blkdev->type, blkdev->fileproto, blkdev->filename,
-  blkdev->file_size, blkdev->file_size >> 20);
+  blkdev->file_size, blkdev->file_size / M_BYTE);
 
 /* Fill in number of sector size and number of sectors */
 xenstore_write_be_int(>xendev, "sector-size", blkdev->file_blk);
diff --git a/hw/xenpv/xen_domainbuild.c b/hw/xenpv/xen_domainbuild.c
index 027f76fad1..083fb80ee5 100644
--- a/hw/xenpv/xen_domainbuild.c
+++ b/hw/xenpv/xen_domainbuild.c
@@ -75,9 +75,9 @@ int xenstore_domain_init1(const char *kernel, const char 
*ramdisk,
 xenstore_write_str(dom, "vm", vm);
 
 /* memory */
-xenstore_write_int(dom, "memory/target", ram_size >> 10);  // kB
-xenstore_write_int(vm, "memory", ram_size >> 20);  // MB
-xenstore_write_int(vm, "maxmem", ram_size >> 20);  // MB
+xenstore_write_int(dom, "memory/target", ram_size * K_BYTE);
+xenstore_write_int(vm, "memory", ram_size * M_BYTE);
+xenstore_write_int(vm, "maxmem", ram_size * M_BYTE);
 
 /* cpus */
 for (i = 0; i < smp_cpus; i++) {
@@ -260,7 +260,7 @@ int xen_domain_build_pv(const char *kernel, const char 
*ramdisk,
 }
 #endif
 
-rc = xc_domain_setmaxmem(xen_xc, xen_domid, ram_size >> 10);
+rc = xc_domain_setmaxmem(xen_xc, xen_domid, ram_size / K_BYTE);
 if (rc < 0) {
 fprintf(stderr, "xen: xc_domain_setmaxmem() failed\n");
 goto err;
@@ -269,7 +269,7 @@ int xen_domain_build_pv(const char *kernel, const char 
*ramdisk,
 xenstore_port = xc_evtchn_alloc_unbound(xen_xc, xen_domid, 0);
 console_port = xc_evtchn_alloc_unbound(xen_xc, xen_domid, 0);
 
-rc = xc_linux_build(xen_xc, xen_domid, ram_size >> 20,
+rc = xc_linux_build(xen_xc, xen_domid, ram_size / M_BYTE,
 kernel, ramdisk, cmdline,
 0, flags,
 xenstore_port, _mfn,
-- 
2.16.1

[Qemu-devel] [PATCH 28/30] ivshmem: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.
---
 hw/misc/ivshmem.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/misc/ivshmem.c b/hw/misc/ivshmem.c
index 16f03701b7..9b3ad96471 100644
--- a/hw/misc/ivshmem.c
+++ b/hw/misc/ivshmem.c
@@ -1302,7 +1302,7 @@ static void ivshmem_realize(PCIDevice *dev, Error **errp)
 }
 
 if (s->sizearg == NULL) {
-s->legacy_size = 4 << 20; /* 4 MB default */
+s->legacy_size = 4 * M_BYTE; /* 4 MB default */
 } else {
 int ret;
 uint64_t size;
-- 
2.16.1

[Qemu-devel] [PATCH 20/30] hw/cris: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/cris/axis_dev88.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/cris/axis_dev88.c b/hw/cris/axis_dev88.c
index 9ccc4350a5..1dea3c594c 100644
--- a/hw/cris/axis_dev88.c
+++ b/hw/cris/axis_dev88.c
@@ -243,7 +243,7 @@ static const MemoryRegionOps gpio_ops = {
 },
 };
 
-#define INTMEM_SIZE (128 * 1024)
+#define INTMEM_SIZE (128 * K_BYTE)
 
 static struct cris_load_info li;
 
-- 
2.16.1

[Qemu-devel] [PATCH 27/30] vfio/pci: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/vfio/pci-quirks.c | 8 
 hw/vfio/pci.c| 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/hw/vfio/pci-quirks.c b/hw/vfio/pci-quirks.c
index e5779a7ad3..3c091106dd 100644
--- a/hw/vfio/pci-quirks.c
+++ b/hw/vfio/pci-quirks.c
@@ -1255,9 +1255,9 @@ static int vfio_igd_gtt_max(VFIOPCIDevice *vdev)
 ggms = 1 << ggms;
 }
 
-ggms *= 1024 * 1024;
+ggms *= M_BYTE;
 
-return (ggms / (4 * 1024)) * (gen < 8 ? 4 : 8);
+return (ggms / (4 * K_BYTE)) * (gen < 8 ? 4 : 8);
 }
 
 /*
@@ -1514,7 +1514,7 @@ static void vfio_probe_igd_bar4_quirk(VFIOPCIDevice 
*vdev, int nr)
 igd->vdev = vdev;
 igd->index = ~0;
 igd->bdsm = vfio_pci_read_config(>pdev, IGD_BDSM, 4);
-igd->bdsm &= ~((1 << 20) - 1); /* 1MB aligned */
+igd->bdsm &= ~((1 * M_BYTE) - 1); /* 1MB aligned */
 
 memory_region_init_io(>mem[0], OBJECT(vdev), _igd_index_quirk,
   igd, "vfio-igd-index-quirk", 4);
@@ -1561,7 +1561,7 @@ static void vfio_probe_igd_bar4_quirk(VFIOPCIDevice 
*vdev, int nr)
  * config offset 0x5C.
  */
 bdsm_size = g_malloc(sizeof(*bdsm_size));
-*bdsm_size = cpu_to_le64((ggms_mb + gms_mb) * 1024 * 1024);
+*bdsm_size = cpu_to_le64((ggms_mb + gms_mb) * M_BYTE);
 fw_cfg_add_file(fw_cfg_find(), "etc/igd-bdsm-size",
 bdsm_size, sizeof(*bdsm_size));
 
diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c
index 033cc8dea1..db337476ef 100644
--- a/hw/vfio/pci.c
+++ b/hw/vfio/pci.c
@@ -1408,7 +1408,7 @@ static void vfio_pci_relocate_msix(VFIOPCIDevice *vdev, 
Error **errp)
 }
 
 /* 2GB max size for 32-bit BARs, cannot double if already > 1G */
-if (vdev->bars[target_bar].size > (1 * 1024 * 1024 * 1024) &&
+if (vdev->bars[target_bar].size > 1 * G_BYTE &&
 !vdev->bars[target_bar].mem64) {
 error_setg(errp, "Invalid MSI-X relocation BAR %d, "
"no space to extend 32-bit BAR", target_bar);
-- 
2.16.1

[Qemu-devel] [PATCH 19/30] hw/nios2: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/nios2/boot.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/nios2/boot.c b/hw/nios2/boot.c
index 771e00267b..911f28c0d8 100644
--- a/hw/nios2/boot.c
+++ b/hw/nios2/boot.c
@@ -176,7 +176,7 @@ void nios2_load_kernel(Nios2CPU *cpu, hwaddr ddr_base,
 high = ddr_base + kernel_size;
 }
 
-high = ROUND_UP(high, 1024 * 1024);
+high = ROUND_UP(high, 1 * M_BYTE);
 
 /* If initrd is available, it goes after the kernel, aligned to 1M. */
 if (initrd_filename) {
-- 
2.16.1

[Qemu-devel] [PATCH 18/30] hw/microblaze: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/microblaze/petalogix_ml605_mmu.c  | 6 +++---
 hw/microblaze/petalogix_s3adsp1800_mmu.c | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/hw/microblaze/petalogix_ml605_mmu.c 
b/hw/microblaze/petalogix_ml605_mmu.c
index b664dc0f9c..d2b316fcba 100644
--- a/hw/microblaze/petalogix_ml605_mmu.c
+++ b/hw/microblaze/petalogix_ml605_mmu.c
@@ -45,8 +45,8 @@
 
 #include "hw/stream.h"
 
-#define LMB_BRAM_SIZE  (128 * 1024)
-#define FLASH_SIZE (32 * 1024 * 1024)
+#define LMB_BRAM_SIZE  (128 * K_BYTE)
+#define FLASH_SIZE (32 * M_BYTE)
 
 #define BINARY_DEVICE_TREE_FILE "petalogix-ml605.dtb"
 
@@ -110,7 +110,7 @@ petalogix_ml605_init(MachineState *machine)
 pflash_cfi01_register(FLASH_BASEADDR,
   NULL, "petalogix_ml605.flash", FLASH_SIZE,
   dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
-  (64 * 1024), FLASH_SIZE >> 16,
+  64 * K_BYTE, FLASH_SIZE >> 16,
   2, 0x89, 0x18, 0x, 0x0, 0);
 
 
diff --git a/hw/microblaze/petalogix_s3adsp1800_mmu.c 
b/hw/microblaze/petalogix_s3adsp1800_mmu.c
index 5cb4deb69e..d93f7184a5 100644
--- a/hw/microblaze/petalogix_s3adsp1800_mmu.c
+++ b/hw/microblaze/petalogix_s3adsp1800_mmu.c
@@ -40,8 +40,8 @@
 
 #include "boot.h"
 
-#define LMB_BRAM_SIZE  (128 * 1024)
-#define FLASH_SIZE (16 * 1024 * 1024)
+#define LMB_BRAM_SIZE  (128 * K_BYTE)
+#define FLASH_SIZE (16 * M_BYTE)
 
 #define BINARY_DEVICE_TREE_FILE "petalogix-s3adsp1800.dtb"
 
@@ -88,7 +88,7 @@ petalogix_s3adsp1800_init(MachineState *machine)
 pflash_cfi01_register(FLASH_BASEADDR,
   NULL, "petalogix_s3adsp1800.flash", FLASH_SIZE,
   dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
-  (64 * 1024), FLASH_SIZE >> 16,
+  64 * K_BYTE, FLASH_SIZE >> 16,
   1, 0x89, 0x18, 0x, 0x0, 1);
 
 dev = qdev_create(NULL, "xlnx.xps-intc");
-- 
2.16.1

[Qemu-devel] [PATCH 29/30] tpm: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 include/hw/acpi/tpm.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/hw/acpi/tpm.h b/include/hw/acpi/tpm.h
index 96fd3a92f7..751567a73a 100644
--- a/include/hw/acpi/tpm.h
+++ b/include/hw/acpi/tpm.h
@@ -71,7 +71,7 @@ REG32(CRB_DATA_BUFFER, 0x80)
 #define TPM_CRB_ADDR_CTRL   (TPM_CRB_ADDR_BASE + A_CRB_CTRL_REQ)
 #define TPM_CRB_R_MAX   R_CRB_DATA_BUFFER
 
-#define TPM_LOG_AREA_MINIMUM_SIZE   (64 * 1024)
+#define TPM_LOG_AREA_MINIMUM_SIZE   (64 * K_BYTE)
 
 #define TPM_TCPA_ACPI_CLASS_CLIENT  0
 #define TPM_TCPA_ACPI_CLASS_SERVER  1
-- 
2.16.1

[Qemu-devel] [PATCH 22/30] hw/display: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/display/cirrus_vga.c |  9 -
 hw/display/g364fb.c |  2 +-
 hw/display/qxl.c| 26 +++---
 hw/display/vga-isa-mm.c |  4 ++--
 hw/display/vga.c|  4 ++--
 hw/display/virtio-gpu.c |  3 +--
 hw/display/vmware_vga.c |  2 +-
 hw/display/xenfb.c  |  2 +-
 8 files changed, 23 insertions(+), 29 deletions(-)

diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index 138ae961b9..e888056d75 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -2218,7 +2218,7 @@ static inline void 
cirrus_cursor_compute_yrange(CirrusVGAState *s)
 uint32_t content;
 int y, y_min, y_max;
 
-src = s->vga.vram_ptr + s->real_vram_size - 16 * 1024;
+src = s->vga.vram_ptr + s->real_vram_size - 16 * K_BYTE;
 if (s->vga.sr[0x12] & CIRRUS_CURSOR_LARGE) {
 src += (s->vga.sr[0x13] & 0x3c) * 256;
 y_min = 64;
@@ -2347,7 +2347,7 @@ static void cirrus_cursor_draw_line(VGACommonState *s1, 
uint8_t *d1, int scr_y)
 return;
 }
 
-src = s->vga.vram_ptr + s->real_vram_size - 16 * 1024;
+src = s->vga.vram_ptr + s->real_vram_size - 16 * K_BYTE;
 if (s->vga.sr[0x12] & CIRRUS_CURSOR_LARGE) {
 src += (s->vga.sr[0x13] & 0x3c) * 256;
 src += (scr_y - s->vga.hw_cursor_y) * 16;
@@ -2995,8 +2995,7 @@ static void cirrus_init_common(CirrusVGAState *s, Object 
*owner,
 
 /* I/O handler for LFB */
 memory_region_init_io(>cirrus_linear_io, owner, _linear_io_ops, 
s,
-  "cirrus-linear-io", s->vga.vram_size_mb
-  * 1024 * 1024);
+  "cirrus-linear-io", s->vga.vram_size_mb * M_BYTE);
 memory_region_set_flush_coalesced(>cirrus_linear_io);
 
 /* I/O handler for LFB */
@@ -3013,7 +3012,7 @@ static void cirrus_init_common(CirrusVGAState *s, Object 
*owner,
 memory_region_set_flush_coalesced(>cirrus_mmio_io);
 
 s->real_vram_size =
-(s->device_id == CIRRUS_ID_CLGD5446) ? 4096 * 1024 : 2048 * 1024;
+(s->device_id == CIRRUS_ID_CLGD5446) ? 4 * M_BYTE : 2 * M_BYTE;
 
 /* XXX: s->vga.vram_size must be a power of two */
 s->cirrus_addr_mask = s->real_vram_size - 1;
diff --git a/hw/display/g364fb.c b/hw/display/g364fb.c
index 819f8be05d..009f07333b 100644
--- a/hw/display/g364fb.c
+++ b/hw/display/g364fb.c
@@ -510,7 +510,7 @@ static void g364fb_sysbus_reset(DeviceState *d)
 
 static Property g364fb_sysbus_properties[] = {
 DEFINE_PROP_UINT32("vram_size", G364SysBusState, g364.vram_size,
-8 * 1024 * 1024),
+   8 * M_BYTE),
 DEFINE_PROP_END_OF_LIST(),
 };
 
diff --git a/hw/display/qxl.c b/hw/display/qxl.c
index a71714ccb4..4863f894ad 100644
--- a/hw/display/qxl.c
+++ b/hw/display/qxl.c
@@ -2012,11 +2012,11 @@ static void qxl_init_ramsize(PCIQXLDevice *qxl)
 if (qxl->vgamem_size_mb > 256) {
 qxl->vgamem_size_mb = 256;
 }
-qxl->vgamem_size = qxl->vgamem_size_mb * 1024 * 1024;
+qxl->vgamem_size = qxl->vgamem_size_mb * M_BYTE;
 
 /* vga ram (bar 0, total) */
 if (qxl->ram_size_mb != -1) {
-qxl->vga.vram_size = qxl->ram_size_mb * 1024 * 1024;
+qxl->vga.vram_size = qxl->ram_size_mb * M_BYTE;
 }
 if (qxl->vga.vram_size < qxl->vgamem_size * 2) {
 qxl->vga.vram_size = qxl->vgamem_size * 2;
@@ -2024,7 +2024,7 @@ static void qxl_init_ramsize(PCIQXLDevice *qxl)
 
 /* vram32 (surfaces, 32bit, bar 1) */
 if (qxl->vram32_size_mb != -1) {
-qxl->vram32_size = qxl->vram32_size_mb * 1024 * 1024;
+qxl->vram32_size = qxl->vram32_size_mb * M_BYTE;
 }
 if (qxl->vram32_size < 4096) {
 qxl->vram32_size = 4096;
@@ -2032,7 +2032,7 @@ static void qxl_init_ramsize(PCIQXLDevice *qxl)
 
 /* vram (surfaces, 64bit, bar 4+5) */
 if (qxl->vram_size_mb != -1) {
-qxl->vram_size = (uint64_t)qxl->vram_size_mb * 1024 * 1024;
+qxl->vram_size = (uint64_t)qxl->vram_size_mb * M_BYTE;
 }
 if (qxl->vram_size < qxl->vram32_size) {
 qxl->vram_size = qxl->vram32_size;
@@ -2134,13 +2134,10 @@ static void qxl_realize_common(PCIQXLDevice *qxl, Error 
**errp)
 }
 
 /* print pci bar details */
-dprint(qxl, 1, "ram/%s: %d MB [region 0]\n",
-   qxl->id == 0 ? "pri" : "sec",
-   qxl->vga.vram_size / (1024*1024));
-dprint(qxl, 1, "vram/32: %" PRIx64 "d MB [region 1]\n",
-   qxl->vram32_size / (1024*1024));
-dprint(qxl, 1, "vram/64: %" PRIx64 "d MB %s\n",
-   qxl->vram_size / (1024*1024),
+dprint(qxl, 1, "ram/%s: %llu MB [region 0]\n",
+   qxl->id == 0 ? "pri" : "sec", qxl->vga.vram_size / M_BYTE);
+dprint(qxl, 1, "vram/32: %llu MB [region 1]\n", qxl->vram32_size / M_BYTE);
+dprint(qxl, 1, "vram/64: %llu MB %s\n", qxl->vram_size / M_BYTE,
qxl->vram32_size < qxl->vram_size ? "[region 4]" :

[Qemu-devel] [PATCH 15/30] hw/lm32: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.
---
 hw/lm32/lm32_boards.c | 12 ++--
 hw/lm32/milkymist.c   |  8 
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/hw/lm32/lm32_boards.c b/hw/lm32/lm32_boards.c
index 527bcc229c..15315101be 100644
--- a/hw/lm32/lm32_boards.c
+++ b/hw/lm32/lm32_boards.c
@@ -88,10 +88,10 @@ static void lm32_evr_init(MachineState *machine)
 
 /* memory map */
 hwaddr flash_base  = 0x0400;
-size_t flash_sector_size   = 256 * 1024;
-size_t flash_size  = 32 * 1024 * 1024;
+size_t flash_sector_size   = 256 * K_BYTE;
+size_t flash_size  = 32 * M_BYTE;
 hwaddr ram_base= 0x0800;
-size_t ram_size= 64 * 1024 * 1024;
+size_t ram_size= 64 * M_BYTE;
 hwaddr timer0_base = 0x80002000;
 hwaddr uart0_base  = 0x80006000;
 hwaddr timer1_base = 0x8000a000;
@@ -174,10 +174,10 @@ static void lm32_uclinux_init(MachineState *machine)
 
 /* memory map */
 hwaddr flash_base   = 0x0400;
-size_t flash_sector_size= 256 * 1024;
-size_t flash_size   = 32 * 1024 * 1024;
+size_t flash_sector_size= 256 * K_BYTE;
+size_t flash_size   = 32 * M_BYTE;
 hwaddr ram_base = 0x0800;
-size_t ram_size = 64 * 1024 * 1024;
+size_t ram_size = 64 * M_BYTE;
 hwaddr uart0_base   = 0x8000;
 hwaddr timer0_base  = 0x80002000;
 hwaddr timer1_base  = 0x8001;
diff --git a/hw/lm32/milkymist.c b/hw/lm32/milkymist.c
index c28379399f..b884b825bc 100644
--- a/hw/lm32/milkymist.c
+++ b/hw/lm32/milkymist.c
@@ -36,7 +36,7 @@
 
 #define BIOS_FILENAME"mmone-bios.bin"
 #define BIOS_OFFSET  0x0086
-#define BIOS_SIZE(512*1024)
+#define BIOS_SIZE(512 * K_BYTE)
 #define KERNEL_LOAD_ADDR 0x4000
 
 typedef struct {
@@ -95,10 +95,10 @@ milkymist_init(MachineState *machine)
 
 /* memory map */
 hwaddr flash_base   = 0x;
-size_t flash_sector_size= 128 * 1024;
-size_t flash_size   = 32 * 1024 * 1024;
+size_t flash_sector_size= 128 * K_BYTE;
+size_t flash_size   = 32 * M_BYTE;
 hwaddr sdram_base   = 0x4000;
-size_t sdram_size   = 128 * 1024 * 1024;
+size_t sdram_size   = 128 * M_BYTE;
 
 hwaddr initrd_base  = sdram_base + 0x1002000;
 hwaddr cmdline_base = sdram_base + 0x100;
-- 
2.16.1

[Qemu-devel] [PATCH 17/30] hw/tricore: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/tricore/tricore_testboard.c | 12 ++--
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/hw/tricore/tricore_testboard.c b/hw/tricore/tricore_testboard.c
index ac75eb2128..032bcc8efb 100644
--- a/hw/tricore/tricore_testboard.c
+++ b/hw/tricore/tricore_testboard.c
@@ -74,17 +74,17 @@ static void tricore_testboard_init(MachineState *machine, 
int board_id)
 cpu = TRICORE_CPU(cpu_create(machine->cpu_type));
 env = >env;
 memory_region_init_ram(ext_cram, NULL, "powerlink_ext_c.ram",
-   2 * 1024 * 1024, _fatal);
+   2 * M_BYTE, _fatal);
 memory_region_init_ram(ext_dram, NULL, "powerlink_ext_d.ram",
-   4 * 1024 * 1024, _fatal);
-memory_region_init_ram(int_cram, NULL, "powerlink_int_c.ram", 48 * 1024,
+   4 * M_BYTE, _fatal);
+memory_region_init_ram(int_cram, NULL, "powerlink_int_c.ram", 48 * K_BYTE,
_fatal);
-memory_region_init_ram(int_dram, NULL, "powerlink_int_d.ram", 48 * 1024,
+memory_region_init_ram(int_dram, NULL, "powerlink_int_d.ram", 48 * K_BYTE,
_fatal);
 memory_region_init_ram(pcp_data, NULL, "powerlink_pcp_data.ram",
-   16 * 1024, _fatal);
+   16 * K_BYTE, _fatal);
 memory_region_init_ram(pcp_text, NULL, "powerlink_pcp_text.ram",
-   32 * 1024, _fatal);
+   32 * K_BYTE, _fatal);
 
 memory_region_add_subregion(sysmem, 0x8000, ext_cram);
 memory_region_add_subregion(sysmem, 0xa100, ext_dram);
-- 
2.16.1

[Qemu-devel] [PATCH 26/30] hw/smbios: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/smbios/smbios.c | 14 +-
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c
index 27a07e96f4..fa02f9ce3f 100644
--- a/hw/smbios/smbios.c
+++ b/hw/smbios/smbios.c
@@ -625,10 +625,6 @@ static void smbios_build_type_11_table(void)
 SMBIOS_BUILD_TABLE_POST;
 }
 
-#define ONE_KB ((ram_addr_t)1 << 10)
-#define ONE_MB ((ram_addr_t)1 << 20)
-#define ONE_GB ((ram_addr_t)1 << 30)
-
 #define MAX_T16_STD_SZ 0x8000 /* 2T in Kilobytes */
 
 static void smbios_build_type_16_table(unsigned dimm_cnt)
@@ -640,7 +636,7 @@ static void smbios_build_type_16_table(unsigned dimm_cnt)
 t->location = 0x01; /* Other */
 t->use = 0x03; /* System memory */
 t->error_correction = 0x06; /* Multi-bit ECC (for Microsoft, per SeaBIOS) 
*/
-size_kb = QEMU_ALIGN_UP(ram_size, ONE_KB) / ONE_KB;
+size_kb = QEMU_ALIGN_UP(ram_size, K_BYTE) / K_BYTE;
 if (size_kb < MAX_T16_STD_SZ) {
 t->maximum_capacity = cpu_to_le32(size_kb);
 t->extended_maximum_capacity = cpu_to_le64(0);
@@ -668,7 +664,7 @@ static void smbios_build_type_17_table(unsigned instance, 
uint64_t size)
 t->memory_error_information_handle = cpu_to_le16(0xFFFE); /* Not provided 
*/
 t->total_width = cpu_to_le16(0x); /* Unknown */
 t->data_width = cpu_to_le16(0x); /* Unknown */
-size_mb = QEMU_ALIGN_UP(size, ONE_MB) / ONE_MB;
+size_mb = QEMU_ALIGN_UP(size, M_BYTE) / M_BYTE;
 if (size_mb < MAX_T17_STD_SZ) {
 t->size = cpu_to_le16(size_mb);
 t->extended_size = cpu_to_le32(0);
@@ -707,8 +703,8 @@ static void smbios_build_type_19_table(unsigned instance,
 
 end = start + size - 1;
 assert(end > start);
-start_kb = start / ONE_KB;
-end_kb = end / ONE_KB;
+start_kb = start / K_BYTE;
+end_kb = end / K_BYTE;
 if (start_kb < UINT32_MAX && end_kb < UINT32_MAX) {
 t->starting_address = cpu_to_le32(start_kb);
 t->ending_address = cpu_to_le32(end_kb);
@@ -869,7 +865,7 @@ void smbios_get_tables(const struct smbios_phys_mem_area 
*mem_array,
 
 smbios_build_type_11_table();
 
-#define MAX_DIMM_SZ (16ll * ONE_GB)
+#define MAX_DIMM_SZ (16 * G_BYTE)
 #define GET_DIMM_SZ ((i < dimm_cnt - 1) ? MAX_DIMM_SZ \
 : ((ram_size - 1) % MAX_DIMM_SZ) + 1)
 
-- 
2.16.1

[Qemu-devel] [PATCH 23/30] hw/net: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 include/hw/net/allwinner_emac.h | 4 ++--
 hw/net/e1000e.c | 6 +++---
 hw/net/eepro100.c   | 6 ++
 3 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/include/hw/net/allwinner_emac.h b/include/hw/net/allwinner_emac.h
index 4cc8aab7ec..93ec0e7067 100644
--- a/include/hw/net/allwinner_emac.h
+++ b/include/hw/net/allwinner_emac.h
@@ -125,8 +125,8 @@
 #define EMAC_INT_RX (1 << 8)
 
 /* Due to lack of specifications, size of fifos is chosen arbitrarily */
-#define TX_FIFO_SIZE(4 * 1024)
-#define RX_FIFO_SIZE(32 * 1024)
+#define TX_FIFO_SIZE(4 * K_BYTE)
+#define RX_FIFO_SIZE(32 * K_BYTE)
 
 #define NUM_TX_FIFOS2
 #define RX_HDR_SIZE 8
diff --git a/hw/net/e1000e.c b/hw/net/e1000e.c
index 16a9417a85..767b35fca8 100644
--- a/hw/net/e1000e.c
+++ b/hw/net/e1000e.c
@@ -81,10 +81,10 @@ typedef struct E1000EState {
 #define E1000E_IO_IDX   2
 #define E1000E_MSIX_IDX 3
 
-#define E1000E_MMIO_SIZE(128 * 1024)
-#define E1000E_FLASH_SIZE   (128 * 1024)
+#define E1000E_MMIO_SIZE(128 * K_BYTE)
+#define E1000E_FLASH_SIZE   (128 * K_BYTE)
 #define E1000E_IO_SIZE  (32)
-#define E1000E_MSIX_SIZE(16 * 1024)
+#define E1000E_MSIX_SIZE(16 * K_BYTE)
 
 #define E1000E_MSIX_TABLE   (0x)
 #define E1000E_MSIX_PBA (0x2000)
diff --git a/hw/net/eepro100.c b/hw/net/eepro100.c
index a07a63247e..6fdeb05259 100644
--- a/hw/net/eepro100.c
+++ b/hw/net/eepro100.c
@@ -60,8 +60,6 @@
  * changed to pad short packets itself. */
 #define CONFIG_PAD_RECEIVED_FRAMES
 
-#define KiB 1024
-
 /* Debug EEPRO100 card. */
 #if 0
 # define DEBUG_EEPRO100
@@ -104,9 +102,9 @@
 /* Use 64 word EEPROM. TODO: could be a runtime option. */
 #define EEPROM_SIZE 64
 
-#define PCI_MEM_SIZE(4 * KiB)
+#define PCI_MEM_SIZE(4 * K_BYTE)
 #define PCI_IO_SIZE 64
-#define PCI_FLASH_SIZE  (128 * KiB)
+#define PCI_FLASH_SIZE  (128 * K_BYTE)
 
 #define BITS(n, m) (((0xU << (31 - n)) >> (31 - n + m)) << m)
 
-- 
2.16.1

[Qemu-devel] [PATCH 16/30] hw/sh4: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/block/tc58128.c | 2 +-
 hw/sh4/r2d.c   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/block/tc58128.c b/hw/block/tc58128.c
index 1d9f7ee000..3e658d509f 100644
--- a/hw/block/tc58128.c
+++ b/hw/block/tc58128.c
@@ -26,7 +26,7 @@ typedef struct {
 
 static tc58128_dev tc58128_devs[2];
 
-#define FLASH_SIZE (16*1024*1024)
+#define FLASH_SIZE (16 * M_BYTE)
 
 static void init_dev(tc58128_dev * dev, const char *filename)
 {
diff --git a/hw/sh4/r2d.c b/hw/sh4/r2d.c
index 458ed83297..720bd6ad04 100644
--- a/hw/sh4/r2d.c
+++ b/hw/sh4/r2d.c
@@ -292,7 +292,7 @@ static void r2d_init(MachineState *machine)
 dinfo = drive_get(IF_PFLASH, 0, 0);
 pflash_cfi02_register(0x0, NULL, "r2d.flash", FLASH_SIZE,
   dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
-  (16 * 1024), FLASH_SIZE >> 16,
+  16 * K_BYTE, FLASH_SIZE >> 16,
   1, 4, 0x, 0x, 0x, 0x,
   0x555, 0x2aa, 0);
 
-- 
2.16.1

[Qemu-devel] [PATCH 10/30] hw/ppc: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 include/hw/ppc/spapr.h |  2 +-
 hw/pci-host/prep.c |  2 +-
 hw/ppc/e500.c  |  8 
 hw/ppc/mac_oldworld.c  |  7 +++
 hw/ppc/ppc405_boards.c |  8 
 hw/ppc/ppc405_uc.c |  6 +++---
 hw/ppc/ppc4xx_devs.c   | 21 +++--
 hw/ppc/ppce500_spin.c  |  2 +-
 hw/ppc/prep.c  |  2 +-
 hw/ppc/rs6000_mc.c | 12 ++--
 hw/ppc/virtex_ml507.c  |  4 ++--
 11 files changed, 37 insertions(+), 37 deletions(-)

diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h
index 62c077ac20..ceeb274205 100644
--- a/include/hw/ppc/spapr.h
+++ b/include/hw/ppc/spapr.h
@@ -746,7 +746,7 @@ int spapr_rng_populate_dt(void *fdt);
 #define SPAPR_MAX_RAM_SLOTS 32
 
 /* 1GB alignment for hotplug memory region */
-#define SPAPR_HOTPLUG_MEM_ALIGN (1ULL << 30)
+#define SPAPR_HOTPLUG_MEM_ALIGN (1 * G_BYTE)
 
 /*
  * Number of 32 bit words in each LMB list entry in ibm,dynamic-memory
diff --git a/hw/pci-host/prep.c b/hw/pci-host/prep.c
index 01f67f9db1..d06498e131 100644
--- a/hw/pci-host/prep.c
+++ b/hw/pci-host/prep.c
@@ -70,7 +70,7 @@ typedef struct PRePPCIState {
 int contiguous_map;
 } PREPPCIState;
 
-#define BIOS_SIZE (1024 * 1024)
+#define BIOS_SIZE (1 * M_BYTE)
 
 static inline uint32_t raven_pci_io_config(hwaddr addr)
 {
diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index a40d3ec3e3..02675c7be4 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -45,7 +45,7 @@
 #define BINARY_DEVICE_TREE_FILE"mpc8544ds.dtb"
 #define DTC_LOAD_PAD   0x180
 #define DTC_PAD_MASK   0xF
-#define DTB_MAX_SIZE   (8 * 1024 * 1024)
+#define DTB_MAX_SIZE   (8 * M_BYTE)
 #define INITRD_LOAD_PAD0x200
 #define INITRD_PAD_MASK0xFF
 
@@ -597,7 +597,7 @@ static int ppce500_prep_device_tree(MachineState *machine,
 /* Create -kernel TLB entries for BookE.  */
 hwaddr booke206_page_size_to_tlb(uint64_t size)
 {
-return 63 - clz64(size >> 10);
+return 63 - clz64(size / K_BYTE);
 }
 
 static int booke206_initial_map_tsize(CPUPPCState *env)
@@ -913,9 +913,9 @@ void ppce500_init(MachineState *machine, PPCE500Params 
*params)
 /* Register spinning region */
 sysbus_create_simple("e500-spin", params->spin_base, NULL);
 
-if (cur_base < (32 * 1024 * 1024)) {
+if (cur_base < 32 * M_BYTE) {
 /* u-boot occupies memory up to 32MB, so load blobs above */
-cur_base = (32 * 1024 * 1024);
+cur_base = 32 * M_BYTE;
 }
 
 if (params->has_mpc8xxx_gpio) {
diff --git a/hw/ppc/mac_oldworld.c b/hw/ppc/mac_oldworld.c
index 9b19551f56..a6b8b77937 100644
--- a/hw/ppc/mac_oldworld.c
+++ b/hw/ppc/mac_oldworld.c
@@ -117,10 +117,9 @@ static void ppc_heathrow_init(MachineState *machine)
 }
 
 /* allocate RAM */
-if (ram_size > (2047 << 20)) {
-fprintf(stderr,
-"qemu: Too much memory for this machine: %d MB, maximum 2047 
MB\n",
-((unsigned int)ram_size / (1 << 20)));
+if (ram_size > 2047 * M_BYTE) {
+error_report("Too much memory for this machine: %llu MB, "
+ "maximum 2047 MB", ram_size / M_BYTE);
 exit(1);
 }
 
diff --git a/hw/ppc/ppc405_boards.c b/hw/ppc/ppc405_boards.c
index 0b658931ee..8c742449b8 100644
--- a/hw/ppc/ppc405_boards.c
+++ b/hw/ppc/ppc405_boards.c
@@ -41,7 +41,7 @@
 #include "exec/address-spaces.h"
 
 #define BIOS_FILENAME "ppc405_rom.bin"
-#define BIOS_SIZE (2048 * 1024)
+#define BIOS_SIZE (2 * M_BYTE)
 
 #define KERNEL_LOAD_ADDR 0x
 #define INITRD_LOAD_ADDR 0x0180
@@ -217,14 +217,14 @@ static void ref405ep_init(MachineState *machine)
 memory_region_init(_memories[1], NULL, "ef405ep.ram1", 0);
 ram_bases[1] = 0x;
 ram_sizes[1] = 0x;
-ram_size = 128 * 1024 * 1024;
+ram_size = 128 * M_BYTE;
 #ifdef DEBUG_BOARD_INIT
 printf("%s: register cpu\n", __func__);
 #endif
 env = ppc405ep_init(sysmem, ram_memories, ram_bases, ram_sizes,
 , , kernel_filename == NULL ? 0 : 1);
 /* allocate SRAM */
-sram_size = 512 * 1024;
+sram_size = 512 * K_BYTE;
 memory_region_init_ram(sram, NULL, "ef405ep.sram", sram_size,
_fatal);
 memory_region_add_subregion(sysmem, 0xFFF0, sram);
@@ -590,7 +590,7 @@ static void taihu_405ep_init(MachineState *machine)
 
 bios_size = blk_getlength(blk);
 /* XXX: should check that size is 32MB */
-bios_size = 32 * 1024 * 1024;
+bios_size = 32 * M_BYTE;
 fl_sectors = (bios_size + 65535) >> 16;
 #ifdef DEBUG_BOARD_INIT
 printf("Register parallel flash %d size %lx"
diff --git a/hw/ppc/ppc405_uc.c b/hw/ppc/ppc405_uc.c
index 205ebcea93..0e9d5b0ff9 100644
--- a/hw/ppc/ppc405_uc.c
+++ b/hw/ppc/ppc405_uc.c
@@ -983,10 +983,10 @@ static void ppc405_ocm_init(CPUPPCState *env)
 
 ocm =

[Qemu-devel] [PATCH 21/30] hw/misc: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/misc/auxbus.c | 2 +-
 hw/misc/edu.c| 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/misc/auxbus.c b/hw/misc/auxbus.c
index b4cacd664b..c78aaebcbe 100644
--- a/hw/misc/auxbus.c
+++ b/hw/misc/auxbus.c
@@ -68,7 +68,7 @@ AUXBus *aux_init_bus(DeviceState *parent, const char *name)
 
 /* Memory related. */
 bus->aux_io = g_malloc(sizeof(*bus->aux_io));
-memory_region_init(bus->aux_io, OBJECT(bus), "aux-io", (1 << 20));
+memory_region_init(bus->aux_io, OBJECT(bus), "aux-io", 2 * M_BYTE);
 address_space_init(>aux_addr_space, bus->aux_io, "aux-io");
 return bus;
 }
diff --git a/hw/misc/edu.c b/hw/misc/edu.c
index 34eb05d213..ce8235dfc4 100644
--- a/hw/misc/edu.c
+++ b/hw/misc/edu.c
@@ -357,7 +357,7 @@ static void pci_edu_realize(PCIDevice *pdev, Error **errp)
edu, QEMU_THREAD_JOINABLE);
 
 memory_region_init_io(>mmio, OBJECT(edu), _mmio_ops, edu,
-"edu-mmio", 1 << 20);
+"edu-mmio", 1 * M_BYTE);
 pci_register_bar(pdev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, >mmio);
 }
 
-- 
2.16.1

[Qemu-devel] [PATCH 25/30] hw/scsi: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/scsi/scsi-disk.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
index 49d2559d93..bfdb34a71c 100644
--- a/hw/scsi/scsi-disk.c
+++ b/hw/scsi/scsi-disk.c
@@ -44,13 +44,13 @@ do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
 #include 
 #endif
 
-#define SCSI_WRITE_SAME_MAX 524288
-#define SCSI_DMA_BUF_SIZE   131072
+#define SCSI_WRITE_SAME_MAX (512 * K_BYTE)
+#define SCSI_DMA_BUF_SIZE   (128 * K_BYTE)
 #define SCSI_MAX_INQUIRY_LEN256
 #define SCSI_MAX_MODE_LEN   256
 
-#define DEFAULT_DISCARD_GRANULARITY 4096
-#define DEFAULT_MAX_UNMAP_SIZE  (1 << 30)   /* 1 GB */
+#define DEFAULT_DISCARD_GRANULARITY (4 * K_BYTE)
+#define DEFAULT_MAX_UNMAP_SIZE  (1 * G_BYTE)
 #define DEFAULT_MAX_IO_SIZE INT_MAX /* 2 GB - 1 block */
 
 #define TYPE_SCSI_DISK_BASE "scsi-disk-base"
-- 
2.16.1

[Qemu-devel] [PATCH 09/30] hw/sparc: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/sparc/leon3.c | 8 
 hw/sparc/sun4m.c | 7 +++
 hw/sparc64/niagara.c | 2 +-
 hw/sparc64/sun4u.c   | 2 +-
 4 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/hw/sparc/leon3.c b/hw/sparc/leon3.c
index bba3aa3dee..31be3f32b0 100644
--- a/hw/sparc/leon3.c
+++ b/hw/sparc/leon3.c
@@ -139,9 +139,9 @@ static void leon3_generic_hw_init(MachineState *machine)
 env->qemu_irq_ack = leon3_irq_manager;
 
 /* Allocate RAM */
-if ((uint64_t)ram_size > (1UL << 30)) {
-error_report("Too much memory for this machine: %d, maximum 1G",
- (unsigned int)(ram_size / (1024 * 1024)));
+if (ram_size > 1 * G_BYTE) {
+error_report("Too much memory for this machine: %lluMB, maximum 1G",
+ ram_size / M_BYTE);
 exit(1);
 }
 
@@ -149,7 +149,7 @@ static void leon3_generic_hw_init(MachineState *machine)
 memory_region_add_subregion(address_space_mem, 0x4000, ram);
 
 /* Allocate BIOS */
-prom_size = 8 * 1024 * 1024; /* 8Mb */
+prom_size = 8 * M_BYTE;
 memory_region_init_ram(prom, NULL, "Leon3.bios", prom_size, _fatal);
 memory_region_set_readonly(prom, true);
 memory_region_add_subregion(address_space_mem, 0x, prom);
diff --git a/hw/sparc/sun4m.c b/hw/sparc/sun4m.c
index 0008b90b04..40f4e0c883 100644
--- a/hw/sparc/sun4m.c
+++ b/hw/sparc/sun4m.c
@@ -66,7 +66,7 @@
 #define KERNEL_LOAD_ADDR 0x4000
 #define CMDLINE_ADDR 0x007ff000
 #define INITRD_LOAD_ADDR 0x0080
-#define PROM_SIZE_MAX(1024 * 1024)
+#define PROM_SIZE_MAX(1 * M_BYTE)
 #define PROM_VADDR   0xffd0
 #define PROM_FILENAME"openbios-sparc32"
 #define CFG_ADDR 0xd0510ULL
@@ -744,9 +744,8 @@ static void ram_init(hwaddr addr, ram_addr_t RAM_size,
 
 /* allocate RAM */
 if ((uint64_t)RAM_size > max_mem) {
-error_report("Too much memory for this machine: %d, maximum %d",
- (unsigned int)(RAM_size / (1024 * 1024)),
- (unsigned int)(max_mem / (1024 * 1024)));
+error_report("Too much memory for this machine: %llu, maximum %llu",
+ RAM_size / M_BYTE, max_mem / M_BYTE);
 exit(1);
 }
 dev = qdev_create(NULL, "memory");
diff --git a/hw/sparc64/niagara.c b/hw/sparc64/niagara.c
index 1874477ef6..97a78ca9a2 100644
--- a/hw/sparc64/niagara.c
+++ b/hw/sparc64/niagara.c
@@ -84,7 +84,7 @@ typedef struct NiagaraBoardState {
 #define NIAGARA_PROM_BASE   0xfff000ULL
 #define NIAGARA_Q_OFFSET0x1ULL
 #define NIAGARA_OBP_OFFSET  0x8ULL
-#define PROM_SIZE_MAX   (4 * 1024 * 1024)
+#define PROM_SIZE_MAX   (4 * M_BYTE)
 
 static void add_rom_or_fail(const char *file, const hwaddr addr)
 {
diff --git a/hw/sparc64/sun4u.c b/hw/sparc64/sun4u.c
index b84589e0b6..7a39ec7859 100644
--- a/hw/sparc64/sun4u.c
+++ b/hw/sparc64/sun4u.c
@@ -53,7 +53,7 @@
 
 #define KERNEL_LOAD_ADDR 0x00404000
 #define CMDLINE_ADDR 0x003ff000
-#define PROM_SIZE_MAX(4 * 1024 * 1024)
+#define PROM_SIZE_MAX(4 * M_BYTE)
 #define PROM_VADDR   0x000ffd0ULL
 #define PBM_SPECIAL_BASE 0x1feULL
 #define PBM_MEM_BASE 0x1ffULL
-- 
2.16.1

[Qemu-devel] [PATCH 24/30] hw/ipack: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/ipack/tpci200.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/ipack/tpci200.c b/hw/ipack/tpci200.c
index da05c8589d..56c0ad8932 100644
--- a/hw/ipack/tpci200.c
+++ b/hw/ipack/tpci200.c
@@ -597,9 +597,9 @@ static void tpci200_realize(PCIDevice *pci_dev, Error 
**errp)
 memory_region_init_io(>las1, OBJECT(s), _las1_ops,
   s, "tpci200_las1", 1024);
 memory_region_init_io(>las2, OBJECT(s), _las2_ops,
-  s, "tpci200_las2", 1024*1024*32);
+  s, "tpci200_las2", 32 * M_BYTE);
 memory_region_init_io(>las3, OBJECT(s), _las3_ops,
-  s, "tpci200_las3", 1024*1024*16);
+  s, "tpci200_las3", 16 * M_BYTE);
 pci_register_bar(>dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, >mmio);
 pci_register_bar(>dev, 1, PCI_BASE_ADDRESS_SPACE_IO, >io);
 pci_register_bar(>dev, 2, PCI_BASE_ADDRESS_SPACE_MEMORY, >las0);
-- 
2.16.1

[Qemu-devel] [PATCH 12/30] hw/hppa: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/hppa/dino.c| 2 +-
 hw/hppa/machine.c | 8 
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/hw/hppa/dino.c b/hw/hppa/dino.c
index 15aefde09c..7728123cc8 100644
--- a/hw/hppa/dino.c
+++ b/hw/hppa/dino.c
@@ -76,7 +76,7 @@
 /* #define xxx0x200 - bit 9 not used */
 #define RS232INT  0x400
 
-#define DINO_MEM_CHUNK_SIZE (8 * 1024 * 1024) /* 8MB */
+#define DINO_MEM_CHUNK_SIZE (8 * M_BYTE)
 
 #define DINO_PCI_HOST_BRIDGE(obj) \
 OBJECT_CHECK(DinoState, (obj), TYPE_DINO_PCI_HOST_BRIDGE)
diff --git a/hw/hppa/machine.c b/hw/hppa/machine.c
index 22a15112df..8fd364ad43 100644
--- a/hw/hppa/machine.c
+++ b/hw/hppa/machine.c
@@ -177,8 +177,8 @@ static void machine_hppa_init(MachineState *machine)
 }
 qemu_log_mask(CPU_LOG_PAGE, "Kernel loaded at 0x%08" PRIx64
   "-0x%08" PRIx64 ", entry at 0x%08" PRIx64
-  ", size %ld kB.\n",
-  kernel_low, kernel_high, kernel_entry, size / 1024);
+  ", size %llu kB\n",
+  kernel_low, kernel_high, kernel_entry, size / K_BYTE);
 
 if (kernel_cmdline) {
 cpu[0]->env.gr[24] = 0x4000;
@@ -202,8 +202,8 @@ static void machine_hppa_init(MachineState *machine)
(1) Due to sign-extension problems and PDC,
put the initrd no higher than 1G.
(2) Reserve 64k for stack.  */
-initrd_base = MIN(ram_size, 1024 * 1024 * 1024);
-initrd_base = initrd_base - 64 * 1024;
+initrd_base = MIN(ram_size, 1 * G_BYTE);
+initrd_base = initrd_base - 64 * K_BYTE;
 initrd_base = (initrd_base - initrd_size) & TARGET_PAGE_MASK;
 
 if (initrd_base < kernel_high) {
-- 
2.16.1

[Qemu-devel] [PATCH 13/30] hw/xtensa: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/xtensa/xtfpga.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/xtensa/xtfpga.c b/hw/xtensa/xtfpga.c
index 70686a2eb1..922417af15 100644
--- a/hw/xtensa/xtfpga.c
+++ b/hw/xtensa/xtfpga.c
@@ -230,7 +230,7 @@ static void xtfpga_init(const XtfpgaBoardDesc *board, 
MachineState *machine)
 const char *kernel_cmdline = qemu_opt_get(machine_opts, "append");
 const char *dtb_filename = qemu_opt_get(machine_opts, "dtb");
 const char *initrd_filename = qemu_opt_get(machine_opts, "initrd");
-const unsigned system_io_size = 224 * 1024 * 1024;
+const unsigned system_io_size = 224 * M_BYTE;
 int n;
 
 for (n = 0; n < smp_cpus; n++) {
-- 
2.16.1

[Qemu-devel] [PATCH 08/30] hw/i386: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 include/hw/i386/ich9.h |  2 +-
 hw/i386/acpi-build.c   |  4 ++--
 hw/i386/pc.c   | 18 +-
 hw/i386/pc_piix.c  |  2 +-
 hw/i386/pc_q35.c   |  2 +-
 hw/i386/pc_sysfw.c |  8 
 hw/i386/xen/xen-mapcache.c |  2 +-
 hw/intc/apic_common.c  |  2 +-
 hw/pci-host/gpex.c |  2 +-
 hw/pci-host/piix.c |  4 ++--
 hw/pci-host/q35.c  | 16 
 11 files changed, 31 insertions(+), 31 deletions(-)

diff --git a/include/hw/i386/ich9.h b/include/hw/i386/ich9.h
index 673d13d28f..87628dd867 100644
--- a/include/hw/i386/ich9.h
+++ b/include/hw/i386/ich9.h
@@ -22,7 +22,7 @@ I2CBus *ich9_smb_init(PCIBus *bus, int devfn, uint32_t 
smb_io_base);
 
 void ich9_generate_smi(void);
 
-#define ICH9_CC_SIZE (16 * 1024) /* 16KB. Chipset configuration registers */
+#define ICH9_CC_SIZE (16 * K_BYTE) /* Chipset configuration registers */
 
 #define TYPE_ICH9_LPC_DEVICE "ICH9-LPC"
 #define ICH9_LPC_DEVICE(obj) \
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index deb440f286..9ccc6192b5 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -2320,8 +2320,8 @@ build_tpm2(GArray *table_data, BIOSLinker *linker, GArray 
*tcpalog)
  (void *)tpm2_ptr, "TPM2", sizeof(*tpm2_ptr), 4, NULL, NULL);
 }
 
-#define HOLE_640K_START  (640 * 1024)
-#define HOLE_640K_END   (1024 * 1024)
+#define HOLE_640K_START  (640 * K_BYTE)
+#define HOLE_640K_END   (1024 * K_BYTE)
 
 static void
 build_srat(GArray *table_data, BIOSLinker *linker, MachineState *machine)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 55e69d66fe..94a1f3bc7b 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -452,8 +452,8 @@ void pc_cmos_init(PCMachineState *pcms,
 rtc_set_memory(s, 0x15, val);
 rtc_set_memory(s, 0x16, val >> 8);
 /* extended memory (next 64MiB) */
-if (pcms->below_4g_mem_size > 1024 * 1024) {
-val = (pcms->below_4g_mem_size - 1024 * 1024) / 1024;
+if (pcms->below_4g_mem_size > 1 * M_BYTE) {
+val = (pcms->below_4g_mem_size - 1 * M_BYTE) / 1024;
 } else {
 val = 0;
 }
@@ -464,8 +464,8 @@ void pc_cmos_init(PCMachineState *pcms,
 rtc_set_memory(s, 0x30, val);
 rtc_set_memory(s, 0x31, val >> 8);
 /* memory between 16MiB and 4GiB */
-if (pcms->below_4g_mem_size > 16 * 1024 * 1024) {
-val = (pcms->below_4g_mem_size - 16 * 1024 * 1024) / 65536;
+if (pcms->below_4g_mem_size > 16 * M_BYTE) {
+val = (pcms->below_4g_mem_size - 16 * M_BYTE) / 65536;
 } else {
 val = 0;
 }
@@ -1390,11 +1390,11 @@ void pc_memory_init(PCMachineState *pcms,
 }
 
 pcms->hotplug_memory.base =
-ROUND_UP(0x1ULL + pcms->above_4g_mem_size, 1ULL << 30);
+ROUND_UP(0x1ULL + pcms->above_4g_mem_size, G_BYTE);
 
 if (pcmc->enforce_aligned_dimm) {
 /* size hotplug region assuming 1G page max alignment per slot */
-hotplug_mem_size += (1ULL << 30) * machine->ram_slots;
+hotplug_mem_size += machine->ram_slots * G_BYTE;
 }
 
 if ((pcms->hotplug_memory.base + hotplug_mem_size) <
@@ -1436,7 +1436,7 @@ void pc_memory_init(PCMachineState *pcms,
 if (!pcmc->broken_reserved_end) {
 res_mem_end += memory_region_size(>hotplug_memory.mr);
 }
-*val = cpu_to_le64(ROUND_UP(res_mem_end, 0x1ULL << 30));
+*val = cpu_to_le64(ROUND_UP(res_mem_end, G_BYTE));
 fw_cfg_add_file(fw_cfg, "etc/reserved-memory-end", val, sizeof(*val));
 }
 
@@ -1472,7 +1472,7 @@ uint64_t pc_pci_hole64_start(void)
 hole64_start = 0x1ULL + pcms->above_4g_mem_size;
 }
 
-return ROUND_UP(hole64_start, 1ULL << 30);
+return ROUND_UP(hole64_start, G_BYTE);
 }
 
 qemu_irq pc_allocate_cpu_irq(void)
@@ -2114,7 +2114,7 @@ static void pc_machine_set_max_ram_below_4g(Object *obj, 
Visitor *v,
 return;
 }
 
-if (value < (1ULL << 20)) {
+if (value < 1 * M_BYTE) {
 warn_report("Only %" PRIu64 " bytes of RAM below the 4GiB boundary,"
 "BIOS may not work with less than 1MiB", value);
 }
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 456dc9e9f0..975dfc848e 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -131,7 +131,7 @@ static void pc_init1(MachineState *machine,
 if (lowmem > 0xc000) {
 lowmem = 0xc000;
 }
-if (lowmem & ((1ULL << 30) - 1)) {
+if (lowmem & ((1 * G_BYTE) - 1)) {
 warn_report("Large machine and max_ram_below_4g "
 "(%" PRIu64 ") not a multiple of 1G; "
 "possible bad performance.",
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index aba7541a82..79b84bc559 100644
--- a/hw/i386/pc_q35.c
+++

[Qemu-devel] [PATCH 07/30] hw/arm: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 include/hw/arm/stm32f205_soc.h |  4 ++--
 hw/arm/boot.c  |  6 +++---
 hw/arm/collie.c|  4 ++--
 hw/arm/digic_boards.c  |  6 +++---
 hw/arm/gumstix.c   |  2 +-
 hw/arm/integratorcp.c  |  2 +-
 hw/arm/mainstone.c |  2 +-
 hw/arm/musicpal.c  |  8 
 hw/arm/omap_sx1.c  |  8 
 hw/arm/raspi.c |  2 +-
 hw/arm/stellaris.c |  4 ++--
 hw/arm/versatilepb.c   |  4 ++--
 hw/arm/vexpress.c  |  6 +++---
 hw/arm/virt.c  |  4 ++--
 hw/arm/xilinx_zynq.c   |  4 ++--
 hw/misc/aspeed_sdmc.c  |  8 
 hw/misc/imx7_gpr.c |  2 +-
 hw/misc/omap_gpmc.c|  4 ++--
 hw/ssi/aspeed_smc.c| 28 ++--
 19 files changed, 54 insertions(+), 54 deletions(-)

diff --git a/include/hw/arm/stm32f205_soc.h b/include/hw/arm/stm32f205_soc.h
index 922a733f88..e30ae33c65 100644
--- a/include/hw/arm/stm32f205_soc.h
+++ b/include/hw/arm/stm32f205_soc.h
@@ -43,9 +43,9 @@
 #define STM_NUM_SPIS 3
 
 #define FLASH_BASE_ADDRESS 0x0800
-#define FLASH_SIZE (1024 * 1024)
+#define FLASH_SIZE (1 * M_BYTE)
 #define SRAM_BASE_ADDRESS 0x2000
-#define SRAM_SIZE (128 * 1024)
+#define SRAM_SIZE (128 * K_BYTE)
 
 typedef struct STM32F205State {
 /*< private >*/
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index 05108bc42f..0552284d57 100644
--- a/hw/arm/boot.c
+++ b/hw/arm/boot.c
@@ -984,7 +984,7 @@ static void arm_load_kernel_notify(Notifier *notifier, void 
*data)
  * the initrd at 128MB.
  */
 info->initrd_start = info->loader_start +
-MIN(info->ram_size / 2, 128 * 1024 * 1024);
+MIN(info->ram_size / 2, 128 * M_BYTE);
 
 /* Assume that raw images are linux kernels, and ELF images are not.  */
 kernel_size = arm_load_elf(info, _entry, _low_addr,
@@ -1069,13 +1069,13 @@ static void arm_load_kernel_notify(Notifier *notifier, 
void *data)
  *
  * Let's play safe and prealign it to 2MB to give us some 
space.
  */
-align = 2 * 1024 * 1024;
+align = 2 * M_BYTE;
 } else {
 /*
  * Some 32bit kernels will trash anything in the 4K page the
  * initrd ends in, so make sure the DTB isn't caught up in 
that.
  */
-align = 4096;
+align = 4 * K_BYTE;
 }
 
 /* Place the DTB after the initrd in memory with alignment. */
diff --git a/hw/arm/collie.c b/hw/arm/collie.c
index f8c566e2e5..1695863629 100644
--- a/hw/arm/collie.c
+++ b/hw/arm/collie.c
@@ -39,12 +39,12 @@ static void collie_init(MachineState *machine)
 dinfo = drive_get(IF_PFLASH, 0, 0);
 pflash_cfi01_register(SA_CS0, NULL, "collie.fl1", 0x0200,
 dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
-(64 * 1024), 512, 4, 0x00, 0x00, 0x00, 0x00, 0);
+64 * K_BYTE, 512, 4, 0x00, 0x00, 0x00, 0x00, 0);
 
 dinfo = drive_get(IF_PFLASH, 0, 1);
 pflash_cfi01_register(SA_CS1, NULL, "collie.fl2", 0x0200,
 dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
-(64 * 1024), 512, 4, 0x00, 0x00, 0x00, 0x00, 0);
+64 * K_BYTE, 512, 4, 0x00, 0x00, 0x00, 0x00, 0);
 
 sysbus_create_simple("scoop", 0x4080, NULL);
 
diff --git a/hw/arm/digic_boards.c b/hw/arm/digic_boards.c
index 9f11dcd11f..04e52e776f 100644
--- a/hw/arm/digic_boards.c
+++ b/hw/arm/digic_boards.c
@@ -126,8 +126,8 @@ static void digic_load_rom(DigicBoardState *s, hwaddr addr,
 static void digic4_add_k8p3215uqb_rom(DigicBoardState *s, hwaddr addr,
   const char *def_filename)
 {
-#define FLASH_K8P3215UQB_SIZE (4 * 1024 * 1024)
-#define FLASH_K8P3215UQB_SECTOR_SIZE (64 * 1024)
+#define FLASH_K8P3215UQB_SIZE (4 * M_BYTE)
+#define FLASH_K8P3215UQB_SECTOR_SIZE (64 * K_BYTE)
 
 pflash_cfi02_register(addr, NULL, "pflash", FLASH_K8P3215UQB_SIZE,
   NULL, FLASH_K8P3215UQB_SECTOR_SIZE,
@@ -141,7 +141,7 @@ static void digic4_add_k8p3215uqb_rom(DigicBoardState *s, 
hwaddr addr,
 }
 
 static DigicBoard digic4_board_canon_a1100 = {
-.ram_size = 64 * 1024 * 1024,
+.ram_size = 64 * M_BYTE,
 .add_rom1 = digic4_add_k8p3215uqb_rom,
 .rom1_def_filename = "canon-a1100-rom1.bin",
 };
diff --git a/hw/arm/gumstix.c b/hw/arm/gumstix.c
index ea2a3c532d..fc15df1d12 100644
--- a/hw/arm/gumstix.c
+++ b/hw/arm/gumstix.c
@@ -47,7 +47,7 @@
 #include "sysemu/qtest.h"
 #include "cpu.h"
 
-static const int sector_len = 128 * 1024;
+static const int sector_len = 128 * K_BYTE;
 
 static void connex_init(MachineState *machine)
 {
diff --git a/hw/arm/integratorcp.c b/hw/arm/integratorcp.c
index

[Qemu-devel] [PATCH 14/30] hw/alpha: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/alpha/typhoon.c | 16 +++-
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/hw/alpha/typhoon.c b/hw/alpha/typhoon.c
index 6a40869488..0acfb4b1d0 100644
--- a/hw/alpha/typhoon.c
+++ b/hw/alpha/typhoon.c
@@ -812,8 +812,6 @@ PCIBus *typhoon_init(ram_addr_t ram_size, ISABus **isa_bus,
  qemu_irq *p_rtc_irq,
  AlphaCPU *cpus[4], pci_map_irq_fn sys_map_irq)
 {
-const uint64_t MB = 1024 * 1024;
-const uint64_t GB = 1024 * MB;
 MemoryRegion *addr_space = get_system_memory();
 DeviceState *dev;
 TyphoonState *s;
@@ -854,30 +852,30 @@ PCIBus *typhoon_init(ram_addr_t ram_size, ISABus 
**isa_bus,
 
 /* Pchip0 CSRs, 0x801.8000., 256MB.  */
 memory_region_init_io(>pchip.region, OBJECT(s), _ops, s, "pchip0",
-  256*MB);
+  256 * M_BYTE);
 memory_region_add_subregion(addr_space, 0x8018000ULL,
 >pchip.region);
 
 /* Cchip CSRs, 0x801.A000., 256MB.  */
 memory_region_init_io(>cchip.region, OBJECT(s), _ops, s, "cchip0",
-  256*MB);
+  256 * M_BYTE);
 memory_region_add_subregion(addr_space, 0x801a000ULL,
 >cchip.region);
 
 /* Dchip CSRs, 0x801.B000., 256MB.  */
 memory_region_init_io(>dchip_region, OBJECT(s), _ops, s, "dchip0",
-  256*MB);
+  256 * M_BYTE);
 memory_region_add_subregion(addr_space, 0x801b000ULL,
 >dchip_region);
 
 /* Pchip0 PCI memory, 0x800.., 4GB.  */
-memory_region_init(>pchip.reg_mem, OBJECT(s), "pci0-mem", 4*GB);
+memory_region_init(>pchip.reg_mem, OBJECT(s), "pci0-mem", 4 * G_BYTE);
 memory_region_add_subregion(addr_space, 0x800ULL,
 >pchip.reg_mem);
 
 /* Pchip0 PCI I/O, 0x801.FC00., 32MB.  */
 memory_region_init_io(>pchip.reg_io, OBJECT(s), _pci_ignore_ops,
-  NULL, "pci0-io", 32*MB);
+  NULL, "pci0-io", 32 * M_BYTE);
 memory_region_add_subregion(addr_space, 0x801fc00ULL,
 >pchip.reg_io);
 
@@ -898,13 +896,13 @@ PCIBus *typhoon_init(ram_addr_t ram_size, ISABus 
**isa_bus,
 
 /* Pchip0 PCI special/interrupt acknowledge, 0x801.F800., 64MB.  */
 memory_region_init_io(>pchip.reg_iack, OBJECT(s), _pci_iack_ops,
-  b, "pci0-iack", 64*MB);
+  b, "pci0-iack", 64 * M_BYTE);
 memory_region_add_subregion(addr_space, 0x801f800ULL,
 >pchip.reg_iack);
 
 /* Pchip0 PCI configuration, 0x801.FE00., 16MB.  */
 memory_region_init_io(>pchip.reg_conf, OBJECT(s), _pci_conf1_ops,
-  b, "pci0-conf", 16*MB);
+  b, "pci0-conf", 16 * M_BYTE);
 memory_region_add_subregion(addr_space, 0x801fe00ULL,
 >pchip.reg_conf);
 
-- 
2.16.1

[Qemu-devel] [PATCH 11/30] hw/s390x: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/s390x/sclp.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/s390x/sclp.c b/hw/s390x/sclp.c
index 276972b59f..8537aa2688 100644
--- a/hw/s390x/sclp.c
+++ b/hw/s390x/sclp.c
@@ -526,8 +526,8 @@ static void sclp_realize(DeviceState *dev, Error **errp)
 
 ret = s390_set_memory_limit(machine->maxram_size, _limit);
 if (ret == -E2BIG) {
-error_setg(, "host supports a maximum of %" PRIu64 " GB",
-   hw_limit >> 30);
+error_setg(, "host supports a maximum of %llu GB",
+   hw_limit / G_BYTE);
 } else if (ret) {
 error_setg(, "setting the guest size failed");
 }
-- 
2.16.1

[Qemu-devel] [PATCH 05/30] hw/mips/r4k: constify params_size

2018-02-14 Thread Philippe Mathieu-Daudé 
Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/mips/mips_r4k.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/hw/mips/mips_r4k.c b/hw/mips/mips_r4k.c
index 830ee7732c..5a74c44b9a 100644
--- a/hw/mips/mips_r4k.c
+++ b/hw/mips/mips_r4k.c
@@ -79,8 +79,9 @@ typedef struct ResetData {
 
 static int64_t load_kernel(void)
 {
+const size_t params_size = 264;
 int64_t entry, kernel_high;
-long kernel_size, initrd_size, params_size;
+long kernel_size, initrd_size;
 ram_addr_t initrd_offset;
 uint32_t *params_buf;
 int big_endian;
@@ -128,7 +129,6 @@ static int64_t load_kernel(void)
 }
 
 /* Store command line.  */
-params_size = 264;
 params_buf = g_malloc(params_size);
 
 params_buf[0] = tswap32(ram_size);
@@ -144,7 +144,6 @@ static int64_t load_kernel(void)
 
 rom_add_blob_fixed("params", params_buf, params_size,
(16 << 20) - 264);
-
 g_free(params_buf);
 return entry;
 }
-- 
2.16.1

[Qemu-devel] [PATCH 04/30] hw/lm32/milkymist: remove unused include

2018-02-14 Thread Philippe Mathieu-Daudé 
Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/lm32/milkymist.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/hw/lm32/milkymist.c b/hw/lm32/milkymist.c
index 471a74eaa1..c28379399f 100644
--- a/hw/lm32/milkymist.c
+++ b/hw/lm32/milkymist.c
@@ -30,7 +30,6 @@
 #include "hw/boards.h"
 #include "hw/loader.h"
 #include "elf.h"
-#include "sysemu/block-backend.h"
 #include "milkymist-hw.h"
 #include "lm32.h"
 #include "exec/address-spaces.h"
-- 
2.16.1

[Qemu-devel] [PATCH 06/30] hw/mips: use the BYTE-based definitions

2018-02-14 Thread Philippe Mathieu-Daudé 
It ease code review, unit is explicit.

Signed-off-by: Philippe Mathieu-Daudé 
---
 include/hw/intc/mips_gic.h |  2 +-
 include/hw/mips/bios.h |  2 +-
 hw/mips/boston.c   |  2 +-
 hw/mips/mips_fulong2e.c|  6 +++---
 hw/mips/mips_malta.c   | 19 ++-
 hw/mips/mips_r4k.c | 10 +-
 hw/misc/mips_itu.c |  2 +-
 hw/pci-host/xilinx-pcie.c  |  4 ++--
 8 files changed, 24 insertions(+), 23 deletions(-)

diff --git a/include/hw/intc/mips_gic.h b/include/hw/intc/mips_gic.h
index b98d50094a..5ae5a74249 100644
--- a/include/hw/intc/mips_gic.h
+++ b/include/hw/intc/mips_gic.h
@@ -19,7 +19,7 @@
 
 /* The MIPS default location */
 #define GIC_BASE_ADDR   0x1bdcULL
-#define GIC_ADDRSPACE_SZ(128 * 1024)
+#define GIC_ADDRSPACE_SZ(128 * K_BYTE)
 
 /* Constants */
 #define GIC_POL_POS 1
diff --git a/include/hw/mips/bios.h b/include/hw/mips/bios.h
index b4b88ac43d..c70fab193a 100644
--- a/include/hw/mips/bios.h
+++ b/include/hw/mips/bios.h
@@ -1,6 +1,6 @@
 #include "cpu.h"
 
-#define BIOS_SIZE (4 * 1024 * 1024)
+#define BIOS_SIZE (4 * M_BYTE)
 #ifdef TARGET_WORDS_BIGENDIAN
 #define BIOS_FILENAME "mips_bios.bin"
 #else
diff --git a/hw/mips/boston.c b/hw/mips/boston.c
index e99f3638cf..1a1be57ba0 100644
--- a/hw/mips/boston.c
+++ b/hw/mips/boston.c
@@ -436,7 +436,7 @@ static void boston_mach_init(MachineState *machine)
 bool is_64b;
 
 if ((machine->ram_size % G_BYTE) ||
-(machine->ram_size > (2 * G_BYTE))) {
+(machine->ram_size > 2 * G_BYTE)) {
 error_report("Memory size must be 1GB or 2GB");
 exit(1);
 }
diff --git a/hw/mips/mips_fulong2e.c b/hw/mips/mips_fulong2e.c
index f68c625666..428bf11fb4 100644
--- a/hw/mips/mips_fulong2e.c
+++ b/hw/mips/mips_fulong2e.c
@@ -164,7 +164,7 @@ static int64_t load_kernel (CPUMIPSState *env)
 /* Setup minimum environment variables */
 prom_set(prom_buf, index++, "busclock=3300");
 prom_set(prom_buf, index++, "cpuclock=1");
-prom_set(prom_buf, index++, "memsize=%i", loaderparams.ram_size/1024/1024);
+prom_set(prom_buf, index++, "memsize=%llu", loaderparams.ram_size / 
M_BYTE);
 prom_set(prom_buf, index++, "modetty0=38400n8r");
 prom_set(prom_buf, index++, NULL);
 
@@ -281,10 +281,10 @@ static void mips_fulong2e_init(MachineState *machine)
 qemu_register_reset(main_cpu_reset, cpu);
 
 /* fulong 2e has 256M ram. */
-ram_size = 256 * 1024 * 1024;
+ram_size = 256 * M_BYTE;
 
 /* fulong 2e has a 1M flash.Winbond W39L040AP70Z */
-bios_size = 1024 * 1024;
+bios_size = 1 * M_BYTE;
 
 /* allocate RAM */
 memory_region_allocate_system_memory(ram, NULL, "fulong2e.ram", ram_size);
diff --git a/hw/mips/mips_malta.c b/hw/mips/mips_malta.c
index 6f0deb99e7..7d27502b1a 100644
--- a/hw/mips/mips_malta.c
+++ b/hw/mips/mips_malta.c
@@ -1033,9 +1033,9 @@ void mips_malta_init(MachineState *machine)
 mips_create_cpu(s, machine->cpu_type, _irq, _irq);
 
 /* allocate RAM */
-if (ram_size > (2048u << 20)) {
-error_report("Too much memory for this machine: %dMB, maximum 2048MB",
- ((unsigned int)ram_size / (1 << 20)));
+if (ram_size > 2 * G_BYTE) {
+error_report("Too much memory for this machine: %lluMB, maximum 
2048MB",
+ ram_size / M_BYTE);
 exit(1);
 }
 
@@ -1046,17 +1046,18 @@ void mips_malta_init(MachineState *machine)
 
 /* alias for pre IO hole access */
 memory_region_init_alias(ram_low_preio, NULL, "mips_malta_low_preio.ram",
- ram_high, 0, MIN(ram_size, (256 << 20)));
+ ram_high, 0, MIN(ram_size, 256 * M_BYTE));
 memory_region_add_subregion(system_memory, 0, ram_low_preio);
 
 /* alias for post IO hole access, if there is enough RAM */
-if (ram_size > (512 << 20)) {
+if (ram_size > 512 * M_BYTE) {
 ram_low_postio = g_new(MemoryRegion, 1);
 memory_region_init_alias(ram_low_postio, NULL,
  "mips_malta_low_postio.ram",
- ram_high, 512 << 20,
- ram_size - (512 << 20));
-memory_region_add_subregion(system_memory, 512 << 20, ram_low_postio);
+ ram_high, 512 * M_BYTE,
+ ram_size - 512 * M_BYTE);
+memory_region_add_subregion(system_memory, 512 * M_BYTE,
+ram_low_postio);
 }
 
 /* generate SPD EEPROM data */
@@ -1090,7 +1091,7 @@ void mips_malta_init(MachineState *machine)
 bios = pflash_cfi01_get_memory(fl);
 fl_idx++;
 if (kernel_filename) {
-ram_low_size = MIN(ram_size, 256 << 20);
+ram_low_size = MIN(ram_size, 256 * M_BYTE);
 /* For KVM we reserve 1MB of RAM for running bootloader */
 if (kvm_enabled()) {
 ram_low_size -= 0x10;
diff --git

[Qemu-devel] [PATCH 01/30] util/cutils: extract byte-based definitions into a new header: "qemu/cunits.h"

2018-02-14 Thread Philippe Mathieu-Daudé 
(added in 076b35b5a56)

Signed-off-by: Philippe Mathieu-Daudé 
---
 include/qemu/cunits.h | 11 +++
 include/qemu/cutils.h |  8 +---
 2 files changed, 12 insertions(+), 7 deletions(-)
 create mode 100644 include/qemu/cunits.h

diff --git a/include/qemu/cunits.h b/include/qemu/cunits.h
new file mode 100644
index 00..c0207b7611
--- /dev/null
+++ b/include/qemu/cunits.h
@@ -0,0 +1,11 @@
+#ifndef QEMU_CUNITS_H
+#define QEMU_CUNITS_H
+
+#define K_BYTE (1ULL << 10)
+#define M_BYTE (1ULL << 20)
+#define G_BYTE (1ULL << 30)
+#define T_BYTE (1ULL << 40)
+#define P_BYTE (1ULL << 50)
+#define E_BYTE (1ULL << 60)
+
+#endif
diff --git a/include/qemu/cutils.h b/include/qemu/cutils.h
index f0878eaafa..01184a70b3 100644
--- a/include/qemu/cutils.h
+++ b/include/qemu/cutils.h
@@ -2,6 +2,7 @@
 #define QEMU_CUTILS_H
 
 #include "qemu/fprintf-fn.h"
+#include "qemu/cunits.h"
 
 /**
  * pstrcpy:
@@ -143,13 +144,6 @@ int qemu_strtosz(const char *nptr, char **end, uint64_t 
*result);
 int qemu_strtosz_MiB(const char *nptr, char **end, uint64_t *result);
 int qemu_strtosz_metric(const char *nptr, char **end, uint64_t *result);
 
-#define K_BYTE (1ULL << 10)
-#define M_BYTE (1ULL << 20)
-#define G_BYTE (1ULL << 30)
-#define T_BYTE (1ULL << 40)
-#define P_BYTE (1ULL << 50)
-#define E_BYTE (1ULL << 60)
-
 /* used to print char* safely */
 #define STR_OR_NULL(str) ((str) ? (str) : "null")
 
-- 
2.16.1

[Qemu-devel] [PATCH 02/30] hw: include "qemu/cunits.h" and clean unused "qemu/cutils.h"

2018-02-14 Thread Philippe Mathieu-Daudé 
These files were including "qemu/cutils.h" to use the byte-based size
definitions, now available in "qemu/cunits.h".

Signed-off-by: Philippe Mathieu-Daudé 
---
 include/hw/hw.h   | 1 +
 hw/arm/msf2-soc.c | 1 -
 hw/arm/msf2-som.c | 1 -
 hw/core/loader-fit.c  | 1 -
 hw/core/loader.c  | 1 -
 hw/core/machine.c | 1 -
 hw/cris/boot.c| 1 -
 hw/display/sm501.c| 1 -
 hw/hppa/machine.c | 1 -
 hw/lm32/milkymist.c   | 1 -
 hw/microblaze/boot.c  | 1 -
 hw/mips/boston.c  | 1 -
 hw/misc/mos6522.c | 1 -
 hw/nios2/boot.c   | 1 -
 hw/ppc/mac_newworld.c | 1 -
 hw/ppc/mac_oldworld.c | 1 -
 hw/ppc/pnv.c  | 1 -
 hw/ppc/prep.c | 1 -
 hw/ppc/spapr_rtas.c   | 1 -
 hw/sd/sdhci.c | 1 -
 hw/sparc/sun4m.c  | 1 -
 hw/sparc64/sun4u.c| 1 -
 hw/usb/dev-serial.c   | 1 -
 hw/usb/dev-storage.c  | 1 -
 24 files changed, 1 insertion(+), 23 deletions(-)

diff --git a/include/hw/hw.h b/include/hw/hw.h
index ab4950c312..8249448cac 100644
--- a/include/hw/hw.h
+++ b/include/hw/hw.h
@@ -14,6 +14,7 @@
 #include "migration/qemu-file-types.h"
 #include "qemu/module.h"
 #include "sysemu/reset.h"
+#include "qemu/cunits.h"
 
 void QEMU_NORETURN hw_error(const char *fmt, ...) GCC_FMT_ATTR(1, 2);
 
diff --git a/hw/arm/msf2-soc.c b/hw/arm/msf2-soc.c
index a8ec2cdf36..952cda45ed 100644
--- a/hw/arm/msf2-soc.c
+++ b/hw/arm/msf2-soc.c
@@ -30,7 +30,6 @@
 #include "hw/char/serial.h"
 #include "hw/boards.h"
 #include "sysemu/block-backend.h"
-#include "qemu/cutils.h"
 #include "hw/arm/msf2-soc.h"
 #include "hw/misc/unimp.h"
 
diff --git a/hw/arm/msf2-som.c b/hw/arm/msf2-som.c
index 0795a3a3a1..d3e6ed00fe 100644
--- a/hw/arm/msf2-som.c
+++ b/hw/arm/msf2-som.c
@@ -28,7 +28,6 @@
 #include "hw/boards.h"
 #include "hw/arm/arm.h"
 #include "exec/address-spaces.h"
-#include "qemu/cutils.h"
 #include "hw/arm/msf2-soc.h"
 #include "cpu.h"
 
diff --git a/hw/core/loader-fit.c b/hw/core/loader-fit.c
index 0c4a7207f4..0208e5b357 100644
--- a/hw/core/loader-fit.c
+++ b/hw/core/loader-fit.c
@@ -22,7 +22,6 @@
 #include "exec/memory.h"
 #include "hw/loader.h"
 #include "hw/loader-fit.h"
-#include "qemu/cutils.h"
 #include "qemu/error-report.h"
 #include "sysemu/device_tree.h"
 #include "sysemu/sysemu.h"
diff --git a/hw/core/loader.c b/hw/core/loader.c
index 91669d65aa..aa9050c65e 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -54,7 +54,6 @@
 #include "exec/memory.h"
 #include "exec/address-spaces.h"
 #include "hw/boards.h"
-#include "qemu/cutils.h"
 
 #include 
 
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 5d445839e8..7a7ec0c1e1 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -19,7 +19,6 @@
 #include "sysemu/sysemu.h"
 #include "sysemu/numa.h"
 #include "qemu/error-report.h"
-#include "qemu/cutils.h"
 #include "sysemu/qtest.h"
 
 static char *machine_get_accel(Object *obj, Error **errp)
diff --git a/hw/cris/boot.c b/hw/cris/boot.c
index f896ed7f86..7d423ed92f 100644
--- a/hw/cris/boot.c
+++ b/hw/cris/boot.c
@@ -29,7 +29,6 @@
 #include "hw/loader.h"
 #include "elf.h"
 #include "boot.h"
-#include "qemu/cutils.h"
 
 static void main_cpu_reset(void *opaque)
 {
diff --git a/hw/display/sm501.c b/hw/display/sm501.c
index f4bb33c279..00cf8358e2 100644
--- a/hw/display/sm501.c
+++ b/hw/display/sm501.c
@@ -24,7 +24,6 @@
  */
 
 #include "qemu/osdep.h"
-#include "qemu/cutils.h"
 #include "qapi/error.h"
 #include "qemu-common.h"
 #include "cpu.h"
diff --git a/hw/hppa/machine.c b/hw/hppa/machine.c
index 19033e268d..22a15112df 100644
--- a/hw/hppa/machine.c
+++ b/hw/hppa/machine.c
@@ -17,7 +17,6 @@
 #include "hw/timer/i8254.h"
 #include "hw/char/serial.h"
 #include "hw/hppa/hppa_sys.h"
-#include "qemu/cutils.h"
 #include "qapi/error.h"
 #include "qemu/log.h"
 
diff --git a/hw/lm32/milkymist.c b/hw/lm32/milkymist.c
index 85d64fe58d..471a74eaa1 100644
--- a/hw/lm32/milkymist.c
+++ b/hw/lm32/milkymist.c
@@ -34,7 +34,6 @@
 #include "milkymist-hw.h"
 #include "lm32.h"
 #include "exec/address-spaces.h"
-#include "qemu/cutils.h"
 
 #define BIOS_FILENAME"mmone-bios.bin"
 #define BIOS_OFFSET  0x0086
diff --git a/hw/microblaze/boot.c b/hw/microblaze/boot.c
index 35bfeda7aa..5b30d63c17 100644
--- a/hw/microblaze/boot.c
+++ b/hw/microblaze/boot.c
@@ -34,7 +34,6 @@
 #include "sysemu/sysemu.h"
 #include "hw/loader.h"
 #include "elf.h"
-#include "qemu/cutils.h"
 
 #include "boot.h"
 
diff --git a/hw/mips/boston.c b/hw/mips/boston.c
index fb23161b33..e99f3638cf 100644
--- a/hw/mips/boston.c
+++ b/hw/mips/boston.c
@@ -32,7 +32,6 @@
 #include "hw/mips/cpudevs.h"
 #include "hw/pci-host/xilinx-pcie.h"
 #include "qapi/error.h"
-#include "qemu/cutils.h"
 #include "qemu/error-report.h"
 #include "qemu/log.h"
 #include "chardev/char.h"
diff --git a/hw/misc/mos6522.c b/hw/misc/mos6522.c
index 8ad9fc831e..b55e6acbe2 100644
--- a/hw/misc/mos6522.c
+++ b/hw/misc/mos6522.c
@@ -29,7 +29,6 @@
 #include "hw/misc/mos6522.h"
 #include "qemu/timer.h"
 #include "sysemu/sysemu.h"
-#include

[Qemu-devel] [PATCH 03/30] hw/block/nvme: include the "qemu/cutils.h" in the source file

2018-02-14 Thread Philippe Mathieu-Daudé 
where it is used.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/block/nvme.h | 1 -
 hw/block/nvme.c | 1 +
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/block/nvme.h b/hw/block/nvme.h
index 8f3981121d..cabcf20c32 100644
--- a/hw/block/nvme.h
+++ b/hw/block/nvme.h
@@ -1,6 +1,5 @@
 #ifndef HW_NVME_H
 #define HW_NVME_H
-#include "qemu/cutils.h"
 #include "block/nvme.h"
 
 typedef struct NvmeAsyncEvent {
diff --git a/hw/block/nvme.c b/hw/block/nvme.c
index 85d2406400..811084b6a7 100644
--- a/hw/block/nvme.c
+++ b/hw/block/nvme.c
@@ -35,6 +35,7 @@
 #include "sysemu/block-backend.h"
 
 #include "qemu/log.h"
+#include "qemu/cutils.h"
 #include "trace.h"
 #include "nvme.h"
 
-- 
2.16.1

[Qemu-devel] [PATCH 00/30] hw: use the BYTE-based definitions when useful

2018-02-14 Thread Philippe Mathieu-Daudé 
Hi,

This series:

- split the byte-based definitions from "qemu/cutils.h" to "qemu/cunits.h"
  and let them available for all hw/ files (via "hw/hw.h");
- clean hw/ includes;
- replace different constants used for byte size with their corresponding
  BYTE-based definitions.

patches generated using:

$ git grep -E '(1024|2048|4096|8192|(<<|>>).?(10|20|30))' hw/ include/hw/

and modified manually.

Regards,

Phil.

Philippe Mathieu-Daudé (30):
  util/cutils: extract byte-based definitions into a new header:
"qemu/cunits.h"
  hw: include "qemu/cunits.h" and clean unused "qemu/cutils.h"
  hw/block/nvme: include the "qemu/cutils.h" in the source file
  hw/lm32/milkymist: remove unused include
  hw/mips/r4k: constify params_size
  hw/mips: use the BYTE-based definitions
  hw/arm: use the BYTE-based definitions
  hw/i386: use the BYTE-based definitions
  hw/sparc: use the BYTE-based definitions
  hw/ppc: use the BYTE-based definitions
  hw/s390x: use the BYTE-based definitions
  hw/hppa: use the BYTE-based definitions
  hw/xtensa: use the BYTE-based definitions
  hw/alpha: use the BYTE-based definitions
  hw/lm32: use the BYTE-based definitions
  hw/sh4: use the BYTE-based definitions
  hw/tricore: use the BYTE-based definitions
  hw/microblaze: use the BYTE-based definitions
  hw/nios2: use the BYTE-based definitions
  hw/cris: use the BYTE-based definitions
  hw/misc: use the BYTE-based definitions
  hw/display: use the BYTE-based definitions
  hw/net: use the BYTE-based definitions
  hw/ipack: use the BYTE-based definitions
  hw/scsi: use the BYTE-based definitions
  hw/smbios: use the BYTE-based definitions
  vfio/pci: use the BYTE-based definitions
  ivshmem: use the BYTE-based definitions
  tpm: use the BYTE-based definitions
  xen: use the BYTE-based definitions

 hw/block/nvme.h  |  1 -
 include/hw/acpi/tpm.h|  2 +-
 include/hw/arm/stm32f205_soc.h   |  4 ++--
 include/hw/hw.h  |  1 +
 include/hw/i386/ich9.h   |  2 +-
 include/hw/intc/mips_gic.h   |  2 +-
 include/hw/mips/bios.h   |  2 +-
 include/hw/net/allwinner_emac.h  |  4 ++--
 include/hw/ppc/spapr.h   |  2 +-
 include/qemu/cunits.h| 11 +++
 include/qemu/cutils.h|  8 +---
 hw/alpha/typhoon.c   | 16 +++-
 hw/arm/boot.c|  6 +++---
 hw/arm/collie.c  |  4 ++--
 hw/arm/digic_boards.c|  6 +++---
 hw/arm/gumstix.c |  2 +-
 hw/arm/integratorcp.c|  2 +-
 hw/arm/mainstone.c   |  2 +-
 hw/arm/msf2-soc.c|  1 -
 hw/arm/msf2-som.c|  1 -
 hw/arm/musicpal.c|  8 
 hw/arm/omap_sx1.c|  8 
 hw/arm/raspi.c   |  2 +-
 hw/arm/stellaris.c   |  4 ++--
 hw/arm/versatilepb.c |  4 ++--
 hw/arm/vexpress.c|  6 +++---
 hw/arm/virt.c|  4 ++--
 hw/arm/xilinx_zynq.c |  4 ++--
 hw/block/nvme.c  |  1 +
 hw/block/tc58128.c   |  2 +-
 hw/block/xen_disk.c  |  4 ++--
 hw/core/loader-fit.c |  1 -
 hw/core/loader.c |  1 -
 hw/core/machine.c|  1 -
 hw/cris/axis_dev88.c |  2 +-
 hw/cris/boot.c   |  1 -
 hw/display/cirrus_vga.c  |  9 -
 hw/display/g364fb.c  |  2 +-
 hw/display/qxl.c | 26 +++---
 hw/display/sm501.c   |  1 -
 hw/display/vga-isa-mm.c  |  4 ++--
 hw/display/vga.c |  4 ++--
 hw/display/virtio-gpu.c  |  3 +--
 hw/display/vmware_vga.c  |  2 +-
 hw/display/xenfb.c   |  2 +-
 hw/hppa/dino.c   |  2 +-
 hw/hppa/machine.c|  9 -
 hw/i386/acpi-build.c |  4 ++--
 hw/i386/pc.c | 18 +-
 hw/i386/pc_piix.c|  2 +-
 hw/i386/pc_q35.c |  2 +-
 hw/i386/pc_sysfw.c   |  8 
 hw/i386/xen/xen-mapcache.c   |  2 +-
 hw/intc/apic_common.c|  2 +-
 hw/ipack/tpci200.c   |  4 ++--
 hw/lm32/lm32_boards.c| 12 ++--
 hw/lm32/milkymist.c  | 10 --
 hw/microblaze/boot.c |  1 -
 hw/microblaze/petalogix_ml605_mmu.c  |  6 +++---
 hw/microblaze/petalogix_s3adsp1800_mmu.c |  6 +++---
 hw/mips/boston.c |

Re: [Qemu-devel] [PATCH 4/5] spapr: consolidate the VCPU id numbering logic in a single place

2018-02-14 Thread David Gibson 
On Wed, Feb 14, 2018 at 08:40:53PM +0100, Greg Kurz wrote:
> Several places in the code need to calculate a VCPU id:
> 
> (cpu_index / smp_threads) * spapr->vsmt + cpu_index % smp_threads
> (core_id / smp_threads) * spapr->vsmt (1 user)
> index * spapr->vsmt (2 users)
> 
> or guess that the VCPU id of a given VCPU is the first thread of a virtual
> core:
> 
> index % spapr->vsmt != 0
> 
> Even if the numbering logic isn't that complex, it is rather fragile to
> have these assumptions open-coded in several places. FWIW this was
> proved with recent issues related to VSMT.
> 
> This patch moves the VCPU id formula to a single function to be called
> everywhere the code needs to compute one. It also adds an helper to
> guess if a VCPU is the first thread of a VCORE.
> 
> Signed-off-by: Greg Kurz 

Good change.  I don't like the name 'spapr_is_vcore' though - cores
are a logically different thing from thread0 of the core.  So I've
renamed it to spapr_is_thread0_of_vcore() as I've applied it.

> ---
>  hw/ppc/spapr.c |   29 ++---
>  1 file changed, 22 insertions(+), 7 deletions(-)
> 
> diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> index 18ebc058acdd..800d3f001253 100644
> --- a/hw/ppc/spapr.c
> +++ b/hw/ppc/spapr.c
> @@ -99,6 +99,20 @@
>  
>  #define PHANDLE_XICP0x
>  
> +/* These two functions implement the VCPU id numbering: one to compute them
> + * all and one to identify thread 0 of a VCORE. Any change to the first one
> + * is likely to have an impact on the second one, so let's keep them close.
> + */
> +static int spapr_vcpu_id(sPAPRMachineState *spapr, int cpu_index)
> +{
> +return
> +(cpu_index / smp_threads) * spapr->vsmt + cpu_index % smp_threads;
> +}
> +static bool spapr_is_vcore(sPAPRMachineState *spapr, PowerPCCPU *cpu)
> +{
> +return spapr_get_vcpu_id(cpu) % spapr->vsmt == 0;
> +}
> +
>  static ICSState *spapr_ics_create(sPAPRMachineState *spapr,
>const char *type_ics,
>int nr_irqs, Error **errp)
> @@ -345,7 +359,7 @@ static int spapr_fixup_cpu_dt(void *fdt, 
> sPAPRMachineState *spapr)
>  int index = spapr_get_vcpu_id(cpu);
>  int compat_smt = MIN(smp_threads, ppc_compat_max_vthreads(cpu));
>  
> -if (index % spapr->vsmt != 0) {
> +if (!spapr_is_vcore(spapr, cpu)) {
>  continue;
>  }
>  
> @@ -630,7 +644,7 @@ static void spapr_populate_cpus_dt_node(void *fdt, 
> sPAPRMachineState *spapr)
>  DeviceClass *dc = DEVICE_GET_CLASS(cs);
>  int offset;
>  
> -if (index % spapr->vsmt != 0) {
> +if (!spapr_is_vcore(spapr, cpu)) {
>  continue;
>  }
>  
> @@ -2251,7 +2265,7 @@ static void spapr_init_cpus(sPAPRMachineState *spapr)
>  
>  if (mc->has_hotpluggable_cpus) {
>  spapr_dr_connector_new(OBJECT(spapr), TYPE_SPAPR_DRC_CPU,
> -   (core_id / smp_threads) * spapr->vsmt);
> +   spapr_vcpu_id(spapr, core_id));
>  }
>  
>  if (i < boot_cores_nr) {
> @@ -3293,7 +3307,8 @@ void spapr_core_unplug_request(HotplugHandler 
> *hotplug_dev, DeviceState *dev,
>  return;
>  }
>  
> -drc = spapr_drc_by_id(TYPE_SPAPR_DRC_CPU, index * spapr->vsmt);
> +drc = spapr_drc_by_id(TYPE_SPAPR_DRC_CPU,
> +  spapr_vcpu_id(spapr, cc->core_id));
>  g_assert(drc);
>  
>  spapr_drc_detach(drc);
> @@ -3322,7 +3337,8 @@ static void spapr_core_plug(HotplugHandler 
> *hotplug_dev, DeviceState *dev,
> cc->core_id);
>  return;
>  }
> -drc = spapr_drc_by_id(TYPE_SPAPR_DRC_CPU, index * spapr->vsmt);
> +drc = spapr_drc_by_id(TYPE_SPAPR_DRC_CPU,
> +  spapr_vcpu_id(spapr, cc->core_id));
>  
>  g_assert(drc || !mc->has_hotpluggable_cpus);
>  
> @@ -3807,8 +3823,7 @@ void spapr_set_vcpu_id(PowerPCCPU *cpu, int cpu_index, 
> Error **errp)
>  sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
>  int vcpu_id;
>  
> -vcpu_id =
> -(cpu_index / smp_threads) * spapr->vsmt + cpu_index % smp_threads;
> +vcpu_id = spapr_vcpu_id(spapr, cpu_index);
>  
>  if (kvm_enabled() && !kvm_vcpu_id_is_valid(vcpu_id)) {
>  error_setg(errp, "Can't create CPU with id %d in KVM", vcpu_id);
> 

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature

Re: [Qemu-devel] [PATCH 5/5] spapr: drop DIV_ROUND_UP() from xics_max_server_number()

2018-02-14 Thread David Gibson 
On Wed, Feb 14, 2018 at 08:41:03PM +0100, Greg Kurz wrote:
> XICS needs to know the highest VCPU id that may be presented to the
> guest plus 1. Commit f303f117fec3 "spapr: ensure we have at least one
> XICS server" changed how the maximum is computed from:
> 
> smp_cpus * kvmppc_smt_threads() / smp_threads
> 
> to:
> 
> DIV_ROUND_UP(smp_cpus * kvmppc_smt_threads(), smp_threads)
> 
> This was done because at the time we could pass broken CPU topologies
> to the -smp command line options, such as threads=9,cpus=1. On a POWER8
> host this would give:
> 
> 1 * 8 / 9 == 0 servers
> 
> and cause QEMU to crash later during XICS setup.
> 
> The formulat evolved a bit to accomodate CPU hot-plug and VSMT, but
> most important, stricter checks are performed on the CPU topology.
> 
> With -smp threads=9,cpus=1:
> 
> qemu-system-ppc64:
>  cpu topology: sockets (1) * cores (1) * threads (9) > maxcpus (1)
> 
> With -smp threads=9,maxcpus=1:
> 
> qemu-system-ppc64: maxcpus must be equal to or greater than smp
> 
> More generally, machine types with hotplug support (2.7 and up), no
> longer allow to set maxcpus or smp_cpus to a value that isnt't a
> multiple of smp_threads.
> 
> With -smp threads=4,cpus=6:
> 
> qemu-system-ppc64: smp_cpus (6) must be multiple of threads (4)
> 
> With -smp threads=4,maxcpus=6:
> 
> qemu-system-ppc64: max_cpus (6) must be multiple of threads (4)
> 
> This means that the division is perfect and we don't need DIV_ROUND_UP(),
> and we could do a regular division:
> 
> max_cpus * spapr->vsmt / smp_threads
> 
> So this patch changes xics_max_server_number() to use the spapr_vcpu_id(),
> which works too since max_cpus is a multiple of smp_threads:
> 
> (max_cpus / smp_threads ) * spapr->vsmt + max_cpus % smp_threads
> 
> It breaks migration of pre-2.7 machine types with unusual CPU topologies,
> but I guess this is an acceptable trade-off.

No, not really.  Weird topologies are still allowed on old machine
types for backwards compatibility, and we shouldn't break that.  I
like the idea of consolidating this calculation, but we can't do it by
just breaking the older machines (at least not until they're formally
deprecated).

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature

Re: [Qemu-devel] [PATCH 1/5] spapr: use spapr->vsmt to compute VCPU ids

2018-02-14 Thread David Gibson 
On Wed, Feb 14, 2018 at 08:40:26PM +0100, Greg Kurz wrote:
> Since the introduction of VSMT in 2.11, the spacing of VCPU ids
> between cores is controllable through a machine property instead
> of being only dictated by the SMT mode of the host:
> 
> cpu->vcpu_id = (cc->core_id * spapr->vsmt / smp_threads) + i
> 
> Until recently, the machine code would try to change the SMT mode
> of the host to be equal to VSMT or exit. This allowed the rest of
> the code to assume that kvmppc_smt_threads() == spapr->vsmt is
> always true.
> 
> Recent commit "8904e5a75005 spapr: Adjust default VSMT value for
> better migration compatibility" relaxed the rule. If the VSMT
> mode cannot be set in KVM for some reasons, but the requested
> CPU topology is compatible with the current SMT mode, then we
> let the guest run with  kvmppc_smt_threads() != spapr->vsmt.
> 
> This breaks quite a few places in the code, in particular when
> calculating DRC indexes.
> 
> This is what happens on a POWER host with subcores-per-core=2 (ie,
> supports up to SMT4) when passing the following topology:
> 
> -smp threads=4,maxcpus=16 \
> -device host-spapr-cpu-core,core-id=4,id=core1 \
> -device host-spapr-cpu-core,core-id=8,id=core2
> 
> qemu-system-ppc64: warning: Failed to set KVM's VSMT mode to 8 (errno -22)
> 
> This is expected since KVM is limited to SMT4, but the guest is started
> anyway because this topology can run on SMT4 even with a VSMT8 spacing.
> 
> But when we look at the DT, things get nastier:
> 
> cpus {
> ...
> ibm,drc-indexes = <0x4 0x1000 0x1004 0x1008 0x100c>;
> 
> This means that we have the following association:
> 
>  CPU core device | DRC| VCPU id
> -++-
>boot core | 0x1000 | 0
>core1 | 0x1004 | 4
>core2 | 0x1008 | 8
>core3 | 0x100c | 12
> 
> But since the spacing of VCPU ids is 8, the DRC for core1 points to a
> VCPU that doesn't exist, the DRC for core2 points to the first VCPU of
> core1 and and so on...
> 
> ...
> 
> PowerPC,POWER8@0 {
> ...
> ibm,my-drc-index = <0x1000>;
> ...
> };
> 
> PowerPC,POWER8@8 {
> ...
> ibm,my-drc-index = <0x1008>;
> ...
> };
> 
> PowerPC,POWER8@10 {
> ...
> 
> No ibm,my-drc-index property for this core since 0x1010 doesn't
> exist in ibm,drc-indexes above.
> 
> ...
> };
> };
> 
> ...
> 
> interrupt-controller {
> ...
> ibm,interrupt-server-ranges = <0x0 0x10>;
> 
> With a spacing of 8, the highest VCPU id for the given topology should be:
> 16 * 8 / 4 = 32 and not 16
> 
> ...
> linux,phandle = <0x7e7323b8>;
> interrupt-controller;
> };
> 
> And CPU hot-plug/unplug is broken:
> 
> (qemu) device_del core1
> pseries-hotplug-cpu: Cannot find CPU (drc index 1004) to remove
> 
> (qemu) device_del core2
> cpu 4 (hwid 8) Ready to die...
> cpu 5 (hwid 9) Ready to die...
> cpu 6 (hwid 10) Ready to die...
> cpu 7 (hwid 11) Ready to die...
> 
> These are the VCPU ids of core1 actually
> 
> (qemu) device_add host-spapr-cpu-core,core-id=12,id=core3
> (qemu) device_del core3
> pseries-hotplug-cpu: Cannot find CPU (drc index 100c) to remove
> 
> This patches all the code in hw/ppc/spapr.c to assume the VSMT
> spacing when manipulating VCPU ids.
> 
> Fixes: 8904e5a75005
> Signed-off-by: Greg Kurz 

Ouch, good catch.  That's a lot of nasty bugs I hadn't realised were
there.  Applied, thanks.

> ---
>  hw/ppc/spapr.c |   24 ++--
>  1 file changed, 10 insertions(+), 14 deletions(-)



> 
> diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> index 9f29434819bd..ea7429c92a97 100644
> --- a/hw/ppc/spapr.c
> +++ b/hw/ppc/spapr.c
> @@ -160,9 +160,9 @@ static void pre_2_10_vmstate_unregister_dummy_icp(int i)
> (void *)(uintptr_t) i);
>  }
>  
> -static inline int xics_max_server_number(void)
> +static int xics_max_server_number(sPAPRMachineState *spapr)
>  {
> -return DIV_ROUND_UP(max_cpus * kvmppc_smt_threads(), smp_threads);
> +return DIV_ROUND_UP(max_cpus * spapr->vsmt, smp_threads);
>  }
>  
>  static void xics_system_init(MachineState *machine, int nr_irqs, Error 
> **errp)
> @@ -194,7 +194,7 @@ static void xics_system_init(MachineState *machine, int 
> nr_irqs, Error **errp)
>  if (smc->pre_2_10_has_unused_icps) {
>  int i;
>  
> -for (i = 0; i < xics_max_server_number(); i++) {
> +for (i = 0; i < xics_max_server_number(spapr); i++) {
>  /* Dummy entries get deregistered when real ICPState objects
>   * are registered during CPU core hotplug.
>   */
> @@ -337,7 +337,6 @@ static int spapr_fixup_cpu_dt(void *fdt, 
> sPAPRMachineState *spapr)
>  int ret = 0, offset, cpus_offset;
>

Re: [Qemu-devel] [PATCH 3/5] spapr: rename spapr_vcpu_id() to spapr_get_vcpu_id()

2018-02-14 Thread David Gibson 
On Wed, Feb 14, 2018 at 08:40:44PM +0100, Greg Kurz wrote:
> The spapr_vcpu_id() function is an accessor actually. Let's rename it
> for symmetry with the recently added spapr_set_vcpu_id() helper.
> 
> The motivation behind this is that a later patch will consolidate
> the VCPU id formula in a function and spapr_vcpu_id looks like an
> appropriate name.
> 
> Signed-off-by: Greg Kurz 

There's some minor details I'm not sure I like about this patch and
the previous one, but nothing important enough to delay the later
parts of the series.  So, applied.

> ---
>  hw/ppc/spapr.c |   16 
>  include/hw/ppc/spapr.h |2 +-
>  2 files changed, 9 insertions(+), 9 deletions(-)
> 
> diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> index 30cc48fd5264..18ebc058acdd 100644
> --- a/hw/ppc/spapr.c
> +++ b/hw/ppc/spapr.c
> @@ -209,7 +209,7 @@ static int spapr_fixup_cpu_smt_dt(void *fdt, int offset, 
> PowerPCCPU *cpu,
>  int i, ret = 0;
>  uint32_t servers_prop[smt_threads];
>  uint32_t gservers_prop[smt_threads * 2];
> -int index = spapr_vcpu_id(cpu);
> +int index = spapr_get_vcpu_id(cpu);
>  
>  if (cpu->compat_pvr) {
>  ret = fdt_setprop_cell(fdt, offset, "cpu-version", cpu->compat_pvr);
> @@ -238,7 +238,7 @@ static int spapr_fixup_cpu_smt_dt(void *fdt, int offset, 
> PowerPCCPU *cpu,
>  
>  static int spapr_fixup_cpu_numa_dt(void *fdt, int offset, PowerPCCPU *cpu)
>  {
> -int index = spapr_vcpu_id(cpu);
> +int index = spapr_get_vcpu_id(cpu);
>  uint32_t associativity[] = {cpu_to_be32(0x5),
>  cpu_to_be32(0x0),
>  cpu_to_be32(0x0),
> @@ -342,7 +342,7 @@ static int spapr_fixup_cpu_dt(void *fdt, 
> sPAPRMachineState *spapr)
>  CPU_FOREACH(cs) {
>  PowerPCCPU *cpu = POWERPC_CPU(cs);
>  DeviceClass *dc = DEVICE_GET_CLASS(cs);
> -int index = spapr_vcpu_id(cpu);
> +int index = spapr_get_vcpu_id(cpu);
>  int compat_smt = MIN(smp_threads, ppc_compat_max_vthreads(cpu));
>  
>  if (index % spapr->vsmt != 0) {
> @@ -492,7 +492,7 @@ static void spapr_populate_cpu_dt(CPUState *cs, void 
> *fdt, int offset,
>  PowerPCCPU *cpu = POWERPC_CPU(cs);
>  CPUPPCState *env = >env;
>  PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cs);
> -int index = spapr_vcpu_id(cpu);
> +int index = spapr_get_vcpu_id(cpu);
>  uint32_t segs[] = {cpu_to_be32(28), cpu_to_be32(40),
> 0x, 0x};
>  uint32_t tbfreq = kvm_enabled() ? kvmppc_get_tbfreq()
> @@ -626,7 +626,7 @@ static void spapr_populate_cpus_dt_node(void *fdt, 
> sPAPRMachineState *spapr)
>   */
>  CPU_FOREACH_REVERSE(cs) {
>  PowerPCCPU *cpu = POWERPC_CPU(cs);
> -int index = spapr_vcpu_id(cpu);
> +int index = spapr_get_vcpu_id(cpu);
>  DeviceClass *dc = DEVICE_GET_CLASS(cs);
>  int offset;
>  
> @@ -3234,7 +3234,7 @@ static void *spapr_populate_hotplug_cpu_dt(CPUState 
> *cs, int *fdt_offset,
>  {
>  PowerPCCPU *cpu = POWERPC_CPU(cs);
>  DeviceClass *dc = DEVICE_GET_CLASS(cs);
> -int id = spapr_vcpu_id(cpu);
> +int id = spapr_get_vcpu_id(cpu);
>  void *fdt;
>  int offset, fdt_size;
>  char *nodename;
> @@ -3791,7 +3791,7 @@ static void spapr_pic_print_info(InterruptStatsProvider 
> *obj,
>  ics_pic_print_info(spapr->ics, mon);
>  }
>  
> -int spapr_vcpu_id(PowerPCCPU *cpu)
> +int spapr_get_vcpu_id(PowerPCCPU *cpu)
>  {
>  CPUState *cs = CPU(cpu);
>  
> @@ -3828,7 +3828,7 @@ PowerPCCPU *spapr_find_cpu(int vcpu_id)
>  CPU_FOREACH(cs) {
>  PowerPCCPU *cpu = POWERPC_CPU(cs);
>  
> -if (spapr_vcpu_id(cpu) == vcpu_id) {
> +if (spapr_get_vcpu_id(cpu) == vcpu_id) {
>  return cpu;
>  }
>  }
> diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h
> index af19320d2f8a..36942b378daa 100644
> --- a/include/hw/ppc/spapr.h
> +++ b/include/hw/ppc/spapr.h
> @@ -766,7 +766,7 @@ void spapr_do_system_reset_on_cpu(CPUState *cs, 
> run_on_cpu_data arg);
>  
>  #define HTAB_SIZE(spapr)(1ULL << ((spapr)->htab_shift))
>  
> -int spapr_vcpu_id(PowerPCCPU *cpu);
> +int spapr_get_vcpu_id(PowerPCCPU *cpu);
>  void spapr_set_vcpu_id(PowerPCCPU *cpu, int cpu_index, Error **errp);
>  PowerPCCPU *spapr_find_cpu(int vcpu_id);
>  
> 

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature

Re: [Qemu-devel] [PATCH v4] hw/char: remove legacy interface escc_init()

2018-02-14 Thread David Gibson 
On Wed, Feb 14, 2018 at 07:35:58AM +0100, Laurent Vivier wrote:
> Move necessary stuff in escc.h and update type names.
> Remove slavio_serial_ms_kbd_init().
> Fix code style problems reported by checkpatch.pl
> Update mac_newworld, mac_oldworld and sun4m to use directly the
> QDEV interface.
> 
> Signed-off-by: Laurent Vivier 
> Reviewed-by: Philippe Mathieu-Daudé 
> Reviewed-by: Mark Cave-Ayland 

Applied, thanks.

> ---
> 
> Notes:
> v4: rebase and add Mark's R-b
> v3: in sun4m, move comments about Slavio TTY
> above both qdev_create().
> v2: in sun4m, move comments about Slavio TTY close to
> their qdev_prop_set_chr()²
> 
>  hw/char/escc.c | 209 
> ++---
>  hw/ppc/mac_newworld.c  |  19 -
>  hw/ppc/mac_oldworld.c  |  19 -
>  hw/sparc/sun4m.c   |  34 +++-
>  include/hw/char/escc.h |  54 +++--
>  5 files changed, 170 insertions(+), 165 deletions(-)
> 
> diff --git a/hw/char/escc.c b/hw/char/escc.c
> index 449bf2fc63..628f5f81f7 100644
> --- a/hw/char/escc.c
> +++ b/hw/char/escc.c
> @@ -26,10 +26,7 @@
>  #include "hw/hw.h"
>  #include "hw/sysbus.h"
>  #include "hw/char/escc.h"
> -#include "chardev/char-fe.h"
> -#include "chardev/char-serial.h"
>  #include "ui/console.h"
> -#include "ui/input.h"
>  #include "trace.h"
>  
>  /*
> @@ -64,53 +61,7 @@
>   *  2010-May-23  Artyom Tarasenko:  Reworked IUS logic
>   */
>  
> -typedef enum {
> -chn_a, chn_b,
> -} ChnID;
> -
> -#define CHN_C(s) ((s)->chn == chn_b? 'b' : 'a')
> -
> -typedef enum {
> -ser, kbd, mouse,
> -} ChnType;
> -
> -#define SERIO_QUEUE_SIZE 256
> -
> -typedef struct {
> -uint8_t data[SERIO_QUEUE_SIZE];
> -int rptr, wptr, count;
> -} SERIOQueue;
> -
> -#define SERIAL_REGS 16
> -typedef struct ChannelState {
> -qemu_irq irq;
> -uint32_t rxint, txint, rxint_under_svc, txint_under_svc;
> -struct ChannelState *otherchn;
> -uint32_t reg;
> -uint8_t wregs[SERIAL_REGS], rregs[SERIAL_REGS];
> -SERIOQueue queue;
> -CharBackend chr;
> -int e0_mode, led_mode, caps_lock_mode, num_lock_mode;
> -int disabled;
> -int clock;
> -uint32_t vmstate_dummy;
> -ChnID chn; // this channel, A (base+4) or B (base+0)
> -ChnType type;
> -uint8_t rx, tx;
> -QemuInputHandlerState *hs;
> -} ChannelState;
> -
> -#define ESCC(obj) OBJECT_CHECK(ESCCState, (obj), TYPE_ESCC)
> -
> -typedef struct ESCCState {
> -SysBusDevice parent_obj;
> -
> -struct ChannelState chn[2];
> -uint32_t it_shift;
> -MemoryRegion mmio;
> -uint32_t disabled;
> -uint32_t frequency;
> -} ESCCState;
> +#define CHN_C(s) ((s)->chn == escc_chn_b ? 'b' : 'a')
>  
>  #define SERIAL_CTRL 0
>  #define SERIAL_DATA 1
> @@ -214,44 +165,47 @@ typedef struct ESCCState {
>  #define R_MISC1I 14
>  #define R_EXTINT 15
>  
> -static void handle_kbd_command(ChannelState *s, int val);
> +static void handle_kbd_command(ESCCChannelState *s, int val);
>  static int serial_can_receive(void *opaque);
> -static void serial_receive_byte(ChannelState *s, int ch);
> +static void serial_receive_byte(ESCCChannelState *s, int ch);
>  
>  static void clear_queue(void *opaque)
>  {
> -ChannelState *s = opaque;
> -SERIOQueue *q = >queue;
> +ESCCChannelState *s = opaque;
> +ESCCSERIOQueue *q = >queue;
>  q->rptr = q->wptr = q->count = 0;
>  }
>  
>  static void put_queue(void *opaque, int b)
>  {
> -ChannelState *s = opaque;
> -SERIOQueue *q = >queue;
> +ESCCChannelState *s = opaque;
> +ESCCSERIOQueue *q = >queue;
>  
>  trace_escc_put_queue(CHN_C(s), b);
> -if (q->count >= SERIO_QUEUE_SIZE)
> +if (q->count >= ESCC_SERIO_QUEUE_SIZE) {
>  return;
> +}
>  q->data[q->wptr] = b;
> -if (++q->wptr == SERIO_QUEUE_SIZE)
> +if (++q->wptr == ESCC_SERIO_QUEUE_SIZE) {
>  q->wptr = 0;
> +}
>  q->count++;
>  serial_receive_byte(s, 0);
>  }
>  
>  static uint32_t get_queue(void *opaque)
>  {
> -ChannelState *s = opaque;
> -SERIOQueue *q = >queue;
> +ESCCChannelState *s = opaque;
> +ESCCSERIOQueue *q = >queue;
>  int val;
>  
>  if (q->count == 0) {
>  return 0;
>  } else {
>  val = q->data[q->rptr];
> -if (++q->rptr == SERIO_QUEUE_SIZE)
> +if (++q->rptr == ESCC_SERIO_QUEUE_SIZE) {
>  q->rptr = 0;
> +}
>  q->count--;
>  }
>  trace_escc_get_queue(CHN_C(s), val);
> @@ -260,7 +214,7 @@ static uint32_t get_queue(void *opaque)
>  return val;
>  }
>  
> -static int escc_update_irq_chn(ChannelState *s)
> +static int escc_update_irq_chn(ESCCChannelState *s)
>  {
>  if s->wregs[W_INTR] & INTR_TXINT) && (s->txint == 1)) ||
>   // tx ints enabled, pending
> @@ -274,7 +228,7 @@ static int escc_update_irq_chn(ChannelState *s)
>  return 0;
>  }
>  
> -static void escc_update_irq(ChannelState *s)

Re: [Qemu-devel] [QEMU-PPC] [PATCH V3 1/3] ppc/spapr-caps: Change migration macro to take full spapr-cap name

2018-02-14 Thread David Gibson 
On Thu, Feb 15, 2018 at 11:44:41AM +1100, Suraj Jitindar Singh wrote:
> Change the macro that generates the vmstate migration field and the needed
> function for the spapr-caps to take the full spapr-cap name. This has
> the benefit of meaning this instance will be picked up when greping
> for the spapr-caps and making it more obvious what this macro is doing.
> 
> Signed-off-by: Suraj Jitindar Singh 

Applied, thanks.

> ---
>  hw/ppc/spapr_caps.c | 30 +++---
>  1 file changed, 15 insertions(+), 15 deletions(-)
> 
> diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c
> index 62efdaee38..e69d308560 100644
> --- a/hw/ppc/spapr_caps.c
> +++ b/hw/ppc/spapr_caps.c
> @@ -350,34 +350,34 @@ int spapr_caps_post_migration(sPAPRMachineState *spapr)
>  }
>  
>  /* Used to generate the migration field and needed function for a spapr cap 
> */
> -#define SPAPR_CAP_MIG_STATE(cap, ccap)  \
> -static bool spapr_cap_##cap##_needed(void *opaque)  \
> +#define SPAPR_CAP_MIG_STATE(sname, cap) \
> +static bool spapr_cap_##sname##_needed(void *opaque)\
>  {   \
>  sPAPRMachineState *spapr = opaque;  \
>  \
> -return spapr->cmd_line_caps[SPAPR_CAP_##ccap] &&\
> -   (spapr->eff.caps[SPAPR_CAP_##ccap] !=\
> -spapr->def.caps[SPAPR_CAP_##ccap]); \
> +return spapr->cmd_line_caps[cap] && \
> +   (spapr->eff.caps[cap] != \
> +spapr->def.caps[cap]);  \
>  }   \
>  \
> -const VMStateDescription vmstate_spapr_cap_##cap = {\
> -.name = "spapr/cap/" #cap,  \
> +const VMStateDescription vmstate_spapr_cap_##sname = {  \
> +.name = "spapr/cap/" #sname,\
>  .version_id = 1,\
>  .minimum_version_id = 1,\
> -.needed = spapr_cap_##cap##_needed, \
> +.needed = spapr_cap_##sname##_needed,   \
>  .fields = (VMStateField[]) {\
> -VMSTATE_UINT8(mig.caps[SPAPR_CAP_##ccap],   \
> +VMSTATE_UINT8(mig.caps[cap],\
>sPAPRMachineState),   \
>  VMSTATE_END_OF_LIST()   \
>  },  \
>  }
>  
> -SPAPR_CAP_MIG_STATE(htm, HTM);
> -SPAPR_CAP_MIG_STATE(vsx, VSX);
> -SPAPR_CAP_MIG_STATE(dfp, DFP);
> -SPAPR_CAP_MIG_STATE(cfpc, CFPC);
> -SPAPR_CAP_MIG_STATE(sbbc, SBBC);
> -SPAPR_CAP_MIG_STATE(ibs, IBS);
> +SPAPR_CAP_MIG_STATE(htm, SPAPR_CAP_HTM);
> +SPAPR_CAP_MIG_STATE(vsx, SPAPR_CAP_VSX);
> +SPAPR_CAP_MIG_STATE(dfp, SPAPR_CAP_DFP);
> +SPAPR_CAP_MIG_STATE(cfpc, SPAPR_CAP_CFPC);
> +SPAPR_CAP_MIG_STATE(sbbc, SPAPR_CAP_SBBC);
> +SPAPR_CAP_MIG_STATE(ibs, SPAPR_CAP_IBS);
>  
>  void spapr_caps_reset(sPAPRMachineState *spapr)
>  {

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


signature.asc
Description: PGP signature

[Qemu-devel] [PATCH] nbd: Honor server's advertised minimum block size

2018-02-14 Thread Eric Blake 
Commit 79ba8c98 (v2.7) changed the setting of request_alignment
to occur only during bdrv_refresh_limits(), rather than at at
bdrv_open() time; but at the time, NBD was unaffected, because
it still used sector-based callbacks, so the block layer
defaulted NBD to use 512 request_alignment.

Later, commit 70c4fb26 (also v2.7) changed NBD to use byte-based
callbacks, without setting request_alignment.  This resulted in
NBD using request_alignment of 1, which works great when the
server supports it (as is the case for qemu-nbd), but falls apart
miserably if the server requires alignment (but only if qemu
actually sends a sub-sector request; qemu-io can do it, but
most qemu operations still perform on sectors or larger).

Even later, the NBD protocol was updated to document that clients
should learn the server's minimum alignment during NBD_OPT_GO;
and recommended that clients should assume a minimum size of 512
unless the server understands NBD_OPT_GO and replied with a smaller
size.  Commit 081dd1fe (v2.10) attempted to do that, by assigning
request_alignment to whatever was learned from the server; but
it has two flaws: the assignment is done during bdrv_open() so
it gets unconditionally wiped out back to 1 during any later
bdrv_refresh_limits(); and the code is not using a default of 512
when the server did not report a minimum size.

Fix these issues by moving the assignment to request_alignment
to the right function, and by using a sane default when the
server does not advertise a minimum size.

CC: qemu-sta...@nongnu.org
Signed-off-by: Eric Blake 
---
 block/nbd-client.c | 3 ---
 block/nbd.c| 2 ++
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/block/nbd-client.c b/block/nbd-client.c
index 9206652e45c..7b68499b76a 100644
--- a/block/nbd-client.c
+++ b/block/nbd-client.c
@@ -846,9 +846,6 @@ int nbd_client_init(BlockDriverState *bs,
 if (client->info.flags & NBD_FLAG_SEND_WRITE_ZEROES) {
 bs->supported_zero_flags |= BDRV_REQ_MAY_UNMAP;
 }
-if (client->info.min_block > bs->bl.request_alignment) {
-bs->bl.request_alignment = client->info.min_block;
-}

 qemu_co_mutex_init(>send_mutex);
 qemu_co_queue_init(>free_sema);
diff --git a/block/nbd.c b/block/nbd.c
index ef81a9f53ba..69b5fd5e8fa 100644
--- a/block/nbd.c
+++ b/block/nbd.c
@@ -474,8 +474,10 @@ static int nbd_co_flush(BlockDriverState *bs)
 static void nbd_refresh_limits(BlockDriverState *bs, Error **errp)
 {
 NBDClientSession *s = nbd_get_client_session(bs);
+uint32_t min = s->info.min_block;
 uint32_t max = MIN_NON_ZERO(NBD_MAX_BUFFER_SIZE, s->info.max_block);

+bs->bl.request_alignment = min ? min : BDRV_SECTOR_SIZE;
 bs->bl.max_pdiscard = max;
 bs->bl.max_pwrite_zeroes = max;
 bs->bl.max_transfer = max;
-- 
2.14.3

[Qemu-devel] [PATCH 2/3] target/ppc: convert to DisasContextBase

2018-02-14 Thread Emilio G. Cota 
A couple of notes:

- removed ctx->nip in favour of base->pc_next. Yes, it is annoying,
  but didn't want to waste its 4 bytes.

- ctx->singlestep_enabled does a lot more than
  base.singlestep_enabled; this confused me at first.

Signed-off-by: Emilio G. Cota 
---
 target/ppc/translate.c  | 129 +++-
 target/ppc/translate/dfp-impl.inc.c |  16 ++---
 target/ppc/translate_init.c |  32 -
 3 files changed, 91 insertions(+), 86 deletions(-)

diff --git a/target/ppc/translate.c b/target/ppc/translate.c
index 4132f67..6e35daa 100644
--- a/target/ppc/translate.c
+++ b/target/ppc/translate.c
@@ -31,6 +31,7 @@
 #include "exec/helper-gen.h"
 
 #include "trace-tcg.h"
+#include "exec/translator.h"
 #include "exec/log.h"
 
 
@@ -187,8 +188,7 @@ void ppc_translate_init(void)
 
 /* internal defines */
 struct DisasContext {
-struct TranslationBlock *tb;
-target_ulong nip;
+DisasContextBase base;
 uint32_t opcode;
 uint32_t exception;
 /* Routine used to access memory */
@@ -275,7 +275,7 @@ static void gen_exception_err(DisasContext *ctx, uint32_t 
excp, uint32_t error)
  * the faulting instruction
  */
 if (ctx->exception == POWERPC_EXCP_NONE) {
-gen_update_nip(ctx, ctx->nip - 4);
+gen_update_nip(ctx, ctx->base.pc_next - 4);
 }
 t0 = tcg_const_i32(excp);
 t1 = tcg_const_i32(error);
@@ -293,7 +293,7 @@ static void gen_exception(DisasContext *ctx, uint32_t excp)
  * the faulting instruction
  */
 if (ctx->exception == POWERPC_EXCP_NONE) {
-gen_update_nip(ctx, ctx->nip - 4);
+gen_update_nip(ctx, ctx->base.pc_next - 4);
 }
 t0 = tcg_const_i32(excp);
 gen_helper_raise_exception(cpu_env, t0);
@@ -322,7 +322,7 @@ static void gen_debug_exception(DisasContext *ctx)
  */
 if ((ctx->exception != POWERPC_EXCP_BRANCH) &&
 (ctx->exception != POWERPC_EXCP_SYNC)) {
-gen_update_nip(ctx, ctx->nip);
+gen_update_nip(ctx, ctx->base.pc_next);
 }
 t0 = tcg_const_i32(EXCP_DEBUG);
 gen_helper_raise_exception(cpu_env, t0);
@@ -349,7 +349,7 @@ static inline void gen_hvpriv_exception(DisasContext *ctx, 
uint32_t error)
 /* Stop translation */
 static inline void gen_stop_exception(DisasContext *ctx)
 {
-gen_update_nip(ctx, ctx->nip);
+gen_update_nip(ctx, ctx->base.pc_next);
 ctx->exception = POWERPC_EXCP_STOP;
 }
 
@@ -978,7 +978,7 @@ static void gen_addpcis(DisasContext *ctx)
 {
 target_long d = DX(ctx->opcode);
 
-tcg_gen_movi_tl(cpu_gpr[rD(ctx->opcode)], ctx->nip + (d << 16));
+tcg_gen_movi_tl(cpu_gpr[rD(ctx->opcode)], ctx->base.pc_next + (d << 16));
 }
 
 static inline void gen_op_arith_divw(DisasContext *ctx, TCGv ret, TCGv arg1,
@@ -1580,7 +1580,7 @@ static void gen_pause(DisasContext *ctx)
 tcg_temp_free_i32(t0);
 
 /* Stop translation, this gives other CPUs a chance to run */
-gen_exception_nip(ctx, EXCP_HLT, ctx->nip);
+gen_exception_nip(ctx, EXCP_HLT, ctx->base.pc_next);
 }
 #endif /* defined(TARGET_PPC64) */
 
@@ -2397,7 +2397,7 @@ static inline void gen_check_align(DisasContext *ctx, 
TCGv EA, int mask)
 tcg_gen_brcondi_tl(TCG_COND_EQ, t0, 0, l1);
 t1 = tcg_const_i32(POWERPC_EXCP_ALIGN);
 t2 = tcg_const_i32(ctx->opcode & 0x03FF);
-gen_update_nip(ctx, ctx->nip - 4);
+gen_update_nip(ctx, ctx->base.pc_next - 4);
 gen_helper_raise_exception_err(cpu_env, t1, t2);
 tcg_temp_free_i32(t1);
 tcg_temp_free_i32(t2);
@@ -3322,7 +3322,7 @@ static void gen_wait(DisasContext *ctx)
-offsetof(PowerPCCPU, env) + offsetof(CPUState, halted));
 tcg_temp_free_i32(t0);
 /* Stop translation, as the CPU is supposed to sleep from now */
-gen_exception_nip(ctx, EXCP_HLT, ctx->nip);
+gen_exception_nip(ctx, EXCP_HLT, ctx->base.pc_next);
 }
 
 #if defined(TARGET_PPC64)
@@ -3407,7 +3407,7 @@ static inline bool use_goto_tb(DisasContext *ctx, 
target_ulong dest)
 }
 
 #ifndef CONFIG_USER_ONLY
-return (ctx->tb->pc & TARGET_PAGE_MASK) == (dest & TARGET_PAGE_MASK);
+return (ctx->base.tb->pc & TARGET_PAGE_MASK) == (dest & TARGET_PAGE_MASK);
 #else
 return true;
 #endif
@@ -3422,7 +3422,7 @@ static void gen_goto_tb(DisasContext *ctx, int n, 
target_ulong dest)
 if (use_goto_tb(ctx, dest)) {
 tcg_gen_goto_tb(n);
 tcg_gen_movi_tl(cpu_nip, dest & ~3);
-tcg_gen_exit_tb((uintptr_t)ctx->tb + n);
+tcg_gen_exit_tb((uintptr_t)ctx->base.tb + n);
 } else {
 tcg_gen_movi_tl(cpu_nip, dest & ~3);
 if (unlikely(ctx->singlestep_enabled)) {
@@ -3458,14 +3458,14 @@ static void gen_b(DisasContext *ctx)
 li = LI(ctx->opcode);
 li = (li ^ 0x0200) - 0x0200;
 if (likely(AA(ctx->opcode) == 0)) {
-target = ctx->nip + li - 4;
+target = ctx->base.pc_next + li - 4;
 } else {
 target = li;
 }
 if (LK(ctx->opcode)) {
-gen_setlr(ctx,

[Qemu-devel] [PATCH 0/3] target/ppc: convert to generic translation loop

2018-02-14 Thread Emilio G. Cota 
After converting riscv to the translation loop, I'm trying to keep
the momentum going. Hopefully this will lead to quite a few more
targets being converted.

The appended converts the ppc target to TranslatorOps.

I have tested it by booting ubuntu on a ppc64 guest.

Please review! Thanks,

Emilio

[Qemu-devel] [PATCH 3/3] target/ppc: convert to TranslatorOps

2018-02-14 Thread Emilio G. Cota 
A few changes worth noting:

- Didn't migrate ctx->exception to DISAS_* since the exception field is
  in many cases architecturally relevant.

- Moved the cross-page check from the end of translate_insn to tb_start.

- Removed the exit(1) after a TCG temp leak; changed the fprintf there to
  qemu_log.

Signed-off-by: Emilio G. Cota 
---
 target/ppc/translate.c | 329 +
 1 file changed, 167 insertions(+), 162 deletions(-)

diff --git a/target/ppc/translate.c b/target/ppc/translate.c
index 6e35daa..d0d965a 100644
--- a/target/ppc/translate.c
+++ b/target/ppc/translate.c
@@ -7207,217 +7207,222 @@ void ppc_cpu_dump_statistics(CPUState *cs, FILE*f,
 #endif
 }
 
-/*/
-void gen_intermediate_code(CPUState *cs, struct TranslationBlock *tb)
+static int ppc_tr_init_disas_context(DisasContextBase *dcbase,
+ CPUState *cs, int max_insns)
 {
+DisasContext *ctx = container_of(dcbase, DisasContext, base);
 CPUPPCState *env = cs->env_ptr;
-DisasContext ctx, *ctxp = 
-opc_handler_t **table, *handler;
-int max_insns;
-
-ctx.base.singlestep_enabled = cs->singlestep_enabled;
-ctx.base.tb = tb;
-ctx.base.pc_first = tb->pc;
-ctx.base.pc_next = tb->pc; /* nip */
-ctx.base.num_insns = 0;
-
-ctx.exception = POWERPC_EXCP_NONE;
-ctx.spr_cb = env->spr_cb;
-ctx.pr = msr_pr;
-ctx.mem_idx = env->dmmu_idx;
-ctx.dr = msr_dr;
+int bound;
+
+ctx->exception = POWERPC_EXCP_NONE;
+ctx->spr_cb = env->spr_cb;
+ctx->pr = msr_pr;
+ctx->mem_idx = env->dmmu_idx;
+ctx->dr = msr_dr;
 #if !defined(CONFIG_USER_ONLY)
-ctx.hv = msr_hv || !env->has_hv_mode;
+ctx->hv = msr_hv || !env->has_hv_mode;
 #endif
-ctx.insns_flags = env->insns_flags;
-ctx.insns_flags2 = env->insns_flags2;
-ctx.access_type = -1;
-ctx.need_access_type = !(env->mmu_model & POWERPC_MMU_64B);
-ctx.le_mode = !!(env->hflags & (1 << MSR_LE));
-ctx.default_tcg_memop_mask = ctx.le_mode ? MO_LE : MO_BE;
+ctx->insns_flags = env->insns_flags;
+ctx->insns_flags2 = env->insns_flags2;
+ctx->access_type = -1;
+ctx->need_access_type = !(env->mmu_model & POWERPC_MMU_64B);
+ctx->le_mode = !!(env->hflags & (1 << MSR_LE));
+ctx->default_tcg_memop_mask = ctx->le_mode ? MO_LE : MO_BE;
 #if defined(TARGET_PPC64)
-ctx.sf_mode = msr_is_64bit(env, env->msr);
-ctx.has_cfar = !!(env->flags & POWERPC_FLAG_CFAR);
+ctx->sf_mode = msr_is_64bit(env, env->msr);
+ctx->has_cfar = !!(env->flags & POWERPC_FLAG_CFAR);
 #endif
 if (env->mmu_model == POWERPC_MMU_32B ||
 env->mmu_model == POWERPC_MMU_601 ||
 (env->mmu_model & POWERPC_MMU_64B))
-ctx.lazy_tlb_flush = true;
+ctx->lazy_tlb_flush = true;
 
-ctx.fpu_enabled = !!msr_fp;
+ctx->fpu_enabled = !!msr_fp;
 if ((env->flags & POWERPC_FLAG_SPE) && msr_spe)
-ctx.spe_enabled = !!msr_spe;
+ctx->spe_enabled = !!msr_spe;
 else
-ctx.spe_enabled = false;
+ctx->spe_enabled = false;
 if ((env->flags & POWERPC_FLAG_VRE) && msr_vr)
-ctx.altivec_enabled = !!msr_vr;
+ctx->altivec_enabled = !!msr_vr;
 else
-ctx.altivec_enabled = false;
+ctx->altivec_enabled = false;
 if ((env->flags & POWERPC_FLAG_VSX) && msr_vsx) {
-ctx.vsx_enabled = !!msr_vsx;
+ctx->vsx_enabled = !!msr_vsx;
 } else {
-ctx.vsx_enabled = false;
+ctx->vsx_enabled = false;
 }
 #if defined(TARGET_PPC64)
 if ((env->flags & POWERPC_FLAG_TM) && msr_tm) {
-ctx.tm_enabled = !!msr_tm;
+ctx->tm_enabled = !!msr_tm;
 } else {
-ctx.tm_enabled = false;
+ctx->tm_enabled = false;
 }
 #endif
-ctx.gtse = !!(env->spr[SPR_LPCR] & LPCR_GTSE);
+ctx->gtse = !!(env->spr[SPR_LPCR] & LPCR_GTSE);
 if ((env->flags & POWERPC_FLAG_SE) && msr_se)
-ctx.singlestep_enabled = CPU_SINGLE_STEP;
+ctx->singlestep_enabled = CPU_SINGLE_STEP;
 else
-ctx.singlestep_enabled = 0;
+ctx->singlestep_enabled = 0;
 if ((env->flags & POWERPC_FLAG_BE) && msr_be)
-ctx.singlestep_enabled |= CPU_BRANCH_STEP;
-if (unlikely(ctx.base.singlestep_enabled)) {
-ctx.singlestep_enabled |= GDBSTUB_SINGLE_STEP;
+ctx->singlestep_enabled |= CPU_BRANCH_STEP;
+if (unlikely(ctx->base.singlestep_enabled)) {
+ctx->singlestep_enabled |= GDBSTUB_SINGLE_STEP;
 }
 #if defined (DO_SINGLE_STEP) && 0
 /* Single step trace mode */
 msr_se = 1;
 #endif
-ctx.base.num_insns = 0;
-max_insns = tb_cflags(tb) & CF_COUNT_MASK;
-if (max_insns == 0) {
-max_insns = CF_COUNT_MASK;
-}
-if (max_insns > TCG_MAX_INSNS) {
-max_insns = TCG_MAX_INSNS;
-}
-
-gen_tb_start(tb);
-tcg_clear_temp_count();
-/* Set env in case of

[Qemu-devel] [PATCH 1/3] translator: add retcode to translator_loop_temp_check

2018-02-14 Thread Emilio G. Cota 
This will allow us to print further info from target code.

Signed-off-by: Emilio G. Cota 
---
 accel/tcg/translator.c| 4 +++-
 include/exec/translator.h | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c
index 23c6602..f409a95 100644
--- a/accel/tcg/translator.c
+++ b/accel/tcg/translator.c
@@ -23,12 +23,14 @@
(1) the target is sufficiently clean to support reporting,
(2) as and when all temporaries are known to be consumed.
For most targets, (2) is at the end of translate_insn.  */
-void translator_loop_temp_check(DisasContextBase *db)
+int translator_loop_temp_check(DisasContextBase *db)
 {
 if (tcg_check_temp_count()) {
 qemu_log("warning: TCG temporary leaks before "
  TARGET_FMT_lx "\n", db->pc_next);
+return 1;
 }
+return 0;
 }
 
 void translator_loop(const TranslatorOps *ops, DisasContextBase *db,
diff --git a/include/exec/translator.h b/include/exec/translator.h
index e2dc2a0..8833340 100644
--- a/include/exec/translator.h
+++ b/include/exec/translator.h
@@ -139,6 +139,6 @@ typedef struct TranslatorOps {
 void translator_loop(const TranslatorOps *ops, DisasContextBase *db,
  CPUState *cpu, TranslationBlock *tb);
 
-void translator_loop_temp_check(DisasContextBase *db);
+int translator_loop_temp_check(DisasContextBase *db);
 
 #endif  /* EXEC__TRANSLATOR_H */
-- 
2.7.4

[Qemu-devel] [PATCH] target/hppa: use tb_cflags() to access tb->cflags

2018-02-14 Thread Emilio G. Cota 
Signed-off-by: Emilio G. Cota 
---
 target/hppa/translate.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index 6499b39..b4b74a8 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -2075,7 +2075,7 @@ static DisasJumpType trans_mfctl(DisasContext *ctx, 
uint32_t insn,
 /* FIXME: Respect PSW_S bit.  */
 nullify_over(ctx);
 tmp = dest_gpr(ctx, rt);
-if (ctx->base.tb->cflags & CF_USE_ICOUNT) {
+if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
 gen_io_start();
 gen_helper_read_interval_timer(tmp);
 gen_io_end();
-- 
2.7.4

[Qemu-devel] ERROR:qom/object.c:907:object_unref: assertion failed (obj->ref > 0): (0 > 0)

2018-02-14 Thread Bandan Das 

I get the error mentioined in the subject line when using vncviewer with
commit 13e1d0e71e78a925848258391a6e616b6b5ae219:

Author: Daniel P. Berrange 
Date:   Thu Feb 1 16:45:14 2018 +

ui: convert VNC server to QIONetListener

The VNC server already has the ability to listen on multiple sockets.
Converting it to use the QIONetListener APIs though, will reduce the
amount of code in the VNC server and improve the clarity of what is
left.

Signed-off-by: Daniel P. Berrange 
Message-id: 20180201164514.10330-1-berra...@redhat.com
Signed-off-by: Gerd Hoffmann 


It appears to be related to the unconditional unref in vnc_listen_io:
static void vnc_listen_io(QIONetListener *listener,
  QIOChannelSocket *cioc,
  void *opaque)
{
VncDisplay *vd = opaque;
bool isWebsock = listener == vd->wslistener;

qio_channel_set_name(QIO_CHANNEL(cioc),
 isWebsock ? "vnc-ws-server" : "vnc-server");
qio_channel_set_delay(QIO_CHANNEL(cioc), false);
vnc_connect(vd, cioc, false, isWebsock);
object_unref(OBJECT(cioc));
}

A backtrace at the time of the assertion shows:
(gdb) bt
#0  0x76229207 in raise () from /lib64/libc.so.6
#1  0x7622a8f8 in abort () from /lib64/libc.so.6
#2  0x77273aa5 in g_assertion_message () from /lib64/libglib-2.0.so.0
#3  0x77273e41 in g_assertion_message_cmpnum () from 
/lib64/libglib-2.0.so.0
#4  0x55a81826 in object_unref (obj=0x573a2c20) at qom/object.c:907
#5  0x7724abef in g_source_unref_internal () from 
/lib64/libglib-2.0.so.0
#6  0x7724da28 in g_main_context_dispatch () from 
/lib64/libglib-2.0.so.0
#7  0x55b4f46c in glib_pollfds_poll () at util/main-loop.c:214
#8  os_host_main_loop_wait (timeout=) at util/main-loop.c:261
#9  main_loop_wait (nonblocking=nonblocking@entry=0) at util/main-loop.c:515
#10 0x5579eef4 in main_loop () at vl.c:1936
#11 main (argc=, argv=, envp=) at 
vl.c:4768

So, it looks like the unref is already being handled as part of the event 
handling stuff
when the window is closed. Is this a known issue/Is the object_unref above 
required ?

Bandan

[Qemu-devel] [PATCH] tests: add test for TPM TIS device

2018-02-14 Thread Stefan Berger 
Move the TPM TIS related register and flag #defines into
include/hw/acpi/tpm.h for access by the test case.

Write a test case that covers the TIS functionality.

Add the tests cases to the MAINTAINERS file.

Signed-off-by: Stefan Berger 
---
 MAINTAINERS|   1 +
 hw/tpm/tpm_tis.c   | 101 
 include/hw/acpi/tpm.h  | 105 
 tests/Makefile.include |   2 +
 tests/tpm-tis-test.c   | 661 +
 5 files changed, 769 insertions(+), 101 deletions(-)
 create mode 100644 tests/tpm-tis-test.c

diff --git a/MAINTAINERS b/MAINTAINERS
index 57358a0..60a9ae9 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1633,6 +1633,7 @@ F: include/hw/acpi/tpm.h
 F: include/sysemu/tpm*
 F: qapi/tpm.json
 F: backends/tpm.c
+F: tests/tpm-*-test
 T: git git://github.com/stefanberger/qemu-tpm.git tpm-next
 
 Checkpatch
diff --git a/hw/tpm/tpm_tis.c b/hw/tpm/tpm_tis.c
index f81168a..834eef7 100644
--- a/hw/tpm/tpm_tis.c
+++ b/hw/tpm/tpm_tis.c
@@ -92,107 +92,6 @@ typedef struct TPMState {
 } \
 } while (0)
 
-/* tis registers */
-#define TPM_TIS_REG_ACCESS0x00
-#define TPM_TIS_REG_INT_ENABLE0x08
-#define TPM_TIS_REG_INT_VECTOR0x0c
-#define TPM_TIS_REG_INT_STATUS0x10
-#define TPM_TIS_REG_INTF_CAPABILITY   0x14
-#define TPM_TIS_REG_STS   0x18
-#define TPM_TIS_REG_DATA_FIFO 0x24
-#define TPM_TIS_REG_INTERFACE_ID  0x30
-#define TPM_TIS_REG_DATA_XFIFO0x80
-#define TPM_TIS_REG_DATA_XFIFO_END0xbc
-#define TPM_TIS_REG_DID_VID   0xf00
-#define TPM_TIS_REG_RID   0xf04
-
-/* vendor-specific registers */
-#define TPM_TIS_REG_DEBUG 0xf90
-
-#define TPM_TIS_STS_TPM_FAMILY_MASK (0x3 << 26)/* TPM 2.0 */
-#define TPM_TIS_STS_TPM_FAMILY1_2   (0 << 26)  /* TPM 2.0 */
-#define TPM_TIS_STS_TPM_FAMILY2_0   (1 << 26)  /* TPM 2.0 */
-#define TPM_TIS_STS_RESET_ESTABLISHMENT_BIT (1 << 25)  /* TPM 2.0 */
-#define TPM_TIS_STS_COMMAND_CANCEL  (1 << 24)  /* TPM 2.0 */
-
-#define TPM_TIS_STS_VALID (1 << 7)
-#define TPM_TIS_STS_COMMAND_READY (1 << 6)
-#define TPM_TIS_STS_TPM_GO(1 << 5)
-#define TPM_TIS_STS_DATA_AVAILABLE(1 << 4)
-#define TPM_TIS_STS_EXPECT(1 << 3)
-#define TPM_TIS_STS_SELFTEST_DONE (1 << 2)
-#define TPM_TIS_STS_RESPONSE_RETRY(1 << 1)
-
-#define TPM_TIS_BURST_COUNT_SHIFT 8
-#define TPM_TIS_BURST_COUNT(X) \
-((X) << TPM_TIS_BURST_COUNT_SHIFT)
-
-#define TPM_TIS_ACCESS_TPM_REG_VALID_STS  (1 << 7)
-#define TPM_TIS_ACCESS_ACTIVE_LOCALITY(1 << 5)
-#define TPM_TIS_ACCESS_BEEN_SEIZED(1 << 4)
-#define TPM_TIS_ACCESS_SEIZE  (1 << 3)
-#define TPM_TIS_ACCESS_PENDING_REQUEST(1 << 2)
-#define TPM_TIS_ACCESS_REQUEST_USE(1 << 1)
-#define TPM_TIS_ACCESS_TPM_ESTABLISHMENT  (1 << 0)
-
-#define TPM_TIS_INT_ENABLED   (1 << 31)
-#define TPM_TIS_INT_DATA_AVAILABLE(1 << 0)
-#define TPM_TIS_INT_STS_VALID (1 << 1)
-#define TPM_TIS_INT_LOCALITY_CHANGED  (1 << 2)
-#define TPM_TIS_INT_COMMAND_READY (1 << 7)
-
-#define TPM_TIS_INT_POLARITY_MASK (3 << 3)
-#define TPM_TIS_INT_POLARITY_LOW_LEVEL(1 << 3)
-
-#define TPM_TIS_INTERRUPTS_SUPPORTED (TPM_TIS_INT_LOCALITY_CHANGED | \
-  TPM_TIS_INT_DATA_AVAILABLE   | \
-  TPM_TIS_INT_STS_VALID | \
-  TPM_TIS_INT_COMMAND_READY)
-
-#define TPM_TIS_CAP_INTERFACE_VERSION1_3 (2 << 28)
-#define TPM_TIS_CAP_INTERFACE_VERSION1_3_FOR_TPM2_0 (3 << 28)
-#define TPM_TIS_CAP_DATA_TRANSFER_64B(3 << 9)
-#define TPM_TIS_CAP_DATA_TRANSFER_LEGACY (0 << 9)
-#define TPM_TIS_CAP_BURST_COUNT_DYNAMIC  (0 << 8)
-#define TPM_TIS_CAP_INTERRUPT_LOW_LEVEL  (1 << 4) /* support is mandatory */
-#define TPM_TIS_CAPABILITIES_SUPPORTED1_3 \
-(TPM_TIS_CAP_INTERRUPT_LOW_LEVEL | \
- TPM_TIS_CAP_BURST_COUNT_DYNAMIC | \
- TPM_TIS_CAP_DATA_TRANSFER_64B | \
- TPM_TIS_CAP_INTERFACE_VERSION1_3 | \
- TPM_TIS_INTERRUPTS_SUPPORTED)
-
-#define TPM_TIS_CAPABILITIES_SUPPORTED2_0 \
-(TPM_TIS_CAP_INTERRUPT_LOW_LEVEL | \
- TPM_TIS_CAP_BURST_COUNT_DYNAMIC | \
- TPM_TIS_CAP_DATA_TRANSFER_64B | \
- TPM_TIS_CAP_INTERFACE_VERSION1_3_FOR_TPM2_0 | \
- TPM_TIS_INTERRUPTS_SUPPORTED)
-
-#define TPM_TIS_IFACE_ID_INTERFACE_TIS1_3   (0xf) /* TPM 2.0 */
-#define TPM_TIS_IFACE_ID_INTERFACE_FIFO (0x0) /* TPM 2.0 */
-#define TPM_TIS_IFACE_ID_INTERFACE_VER_FIFO (0 << 4)  /* TPM 2.0 */
-#define TPM_TIS_IFACE_ID_CAP_5_LOCALITIES   (1 << 8)  /* TPM 2.0 */
-#define TPM_TIS_IFACE_ID_CAP_TIS_SUPPORTED  (1 << 13) /* TPM 2.0 */
-#define TPM_TIS_IFACE_ID_INT_SEL_LOCK   (1 << 19) /* TPM 2.0 */
-
-#define TPM_TIS_IFACE_ID_SUPPORTED_FLAGS1_3 \
-(TPM_TIS_IFACE_ID_INTERFACE_TIS1_3 | \
-

[Qemu-devel] [QEMU-PPC] [PATCH V3 3/3] ppc/spapr-caps: For pseries-2.12 change spapr-cap defaults

2018-02-14 Thread Suraj Jitindar Singh 
For the pseries-2.12 machine type, make the spapr-caps SPAPR_CAP_CFPC
and SPAPR_CAP_SBBC default to workaround. Thus if the host is capable
the guest will be able to take advantage of these workarounds by default.
Otherwise if the host doesn't have these capabilities qemu will fail to
start and they will have to be explicitly disabled on the command line
with:
-machine pseries,cap-cfpc=broken,cap-sbbc=broken

Signed-off-by: Suraj Jitindar Singh 

---

V2 -> V3:
 - Set caps to workaround in the class default rather than the
   pseries-2.12 initialiser.
---
 hw/ppc/spapr.c  |  6 --
 hw/ppc/spapr_caps.c | 10 ++
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 969db6cde2..4fe2c3b90c 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -3884,8 +3884,8 @@ static void spapr_machine_class_init(ObjectClass *oc, 
void *data)
 smc->default_caps.caps[SPAPR_CAP_HTM] = SPAPR_CAP_OFF;
 smc->default_caps.caps[SPAPR_CAP_VSX] = SPAPR_CAP_ON;
 smc->default_caps.caps[SPAPR_CAP_DFP] = SPAPR_CAP_ON;
-smc->default_caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_BROKEN;
-smc->default_caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_BROKEN;
+smc->default_caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_WORKAROUND;
+smc->default_caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_WORKAROUND;
 smc->default_caps.caps[SPAPR_CAP_IBS] = SPAPR_CAP_OFF;
 spapr_caps_add_properties(smc, _abort);
 }
@@ -3969,6 +3969,8 @@ static void spapr_machine_2_11_class_options(MachineClass 
*mc)
 
 spapr_machine_2_12_class_options(mc);
 smc->default_caps.caps[SPAPR_CAP_HTM] = SPAPR_CAP_ON;
+smc->default_caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_BROKEN;
+smc->default_caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_BROKEN;
 SET_MACHINE_COMPAT(mc, SPAPR_COMPAT_2_11);
 }
 
diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c
index 05997b0842..c25c2bca52 100644
--- a/hw/ppc/spapr_caps.c
+++ b/hw/ppc/spapr_caps.c
@@ -281,11 +281,21 @@ static sPAPRCapabilities 
default_caps_with_cpu(sPAPRMachineState *spapr,
 
 caps = smc->default_caps;
 
+if (!ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_3_00,
+  0, spapr->max_compat_pvr)) {
+caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_BROKEN;
+}
+
 if (!ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_2_07,
   0, spapr->max_compat_pvr)) {
 caps.caps[SPAPR_CAP_HTM] = SPAPR_CAP_OFF;
 }
 
+if (!ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_2_06_PLUS,
+  0, spapr->max_compat_pvr)) {
+caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_BROKEN;
+}
+
 if (!ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_2_06,
   0, spapr->max_compat_pvr)) {
 caps.caps[SPAPR_CAP_VSX] = SPAPR_CAP_OFF;
-- 
2.13.6

[Qemu-devel] [QEMU-PPC] [PATCH V3 1/3] ppc/spapr-caps: Change migration macro to take full spapr-cap name

2018-02-14 Thread Suraj Jitindar Singh 
Change the macro that generates the vmstate migration field and the needed
function for the spapr-caps to take the full spapr-cap name. This has
the benefit of meaning this instance will be picked up when greping
for the spapr-caps and making it more obvious what this macro is doing.

Signed-off-by: Suraj Jitindar Singh 
---
 hw/ppc/spapr_caps.c | 30 +++---
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c
index 62efdaee38..e69d308560 100644
--- a/hw/ppc/spapr_caps.c
+++ b/hw/ppc/spapr_caps.c
@@ -350,34 +350,34 @@ int spapr_caps_post_migration(sPAPRMachineState *spapr)
 }
 
 /* Used to generate the migration field and needed function for a spapr cap */
-#define SPAPR_CAP_MIG_STATE(cap, ccap)  \
-static bool spapr_cap_##cap##_needed(void *opaque)  \
+#define SPAPR_CAP_MIG_STATE(sname, cap) \
+static bool spapr_cap_##sname##_needed(void *opaque)\
 {   \
 sPAPRMachineState *spapr = opaque;  \
 \
-return spapr->cmd_line_caps[SPAPR_CAP_##ccap] &&\
-   (spapr->eff.caps[SPAPR_CAP_##ccap] !=\
-spapr->def.caps[SPAPR_CAP_##ccap]); \
+return spapr->cmd_line_caps[cap] && \
+   (spapr->eff.caps[cap] != \
+spapr->def.caps[cap]);  \
 }   \
 \
-const VMStateDescription vmstate_spapr_cap_##cap = {\
-.name = "spapr/cap/" #cap,  \
+const VMStateDescription vmstate_spapr_cap_##sname = {  \
+.name = "spapr/cap/" #sname,\
 .version_id = 1,\
 .minimum_version_id = 1,\
-.needed = spapr_cap_##cap##_needed, \
+.needed = spapr_cap_##sname##_needed,   \
 .fields = (VMStateField[]) {\
-VMSTATE_UINT8(mig.caps[SPAPR_CAP_##ccap],   \
+VMSTATE_UINT8(mig.caps[cap],\
   sPAPRMachineState),   \
 VMSTATE_END_OF_LIST()   \
 },  \
 }
 
-SPAPR_CAP_MIG_STATE(htm, HTM);
-SPAPR_CAP_MIG_STATE(vsx, VSX);
-SPAPR_CAP_MIG_STATE(dfp, DFP);
-SPAPR_CAP_MIG_STATE(cfpc, CFPC);
-SPAPR_CAP_MIG_STATE(sbbc, SBBC);
-SPAPR_CAP_MIG_STATE(ibs, IBS);
+SPAPR_CAP_MIG_STATE(htm, SPAPR_CAP_HTM);
+SPAPR_CAP_MIG_STATE(vsx, SPAPR_CAP_VSX);
+SPAPR_CAP_MIG_STATE(dfp, SPAPR_CAP_DFP);
+SPAPR_CAP_MIG_STATE(cfpc, SPAPR_CAP_CFPC);
+SPAPR_CAP_MIG_STATE(sbbc, SPAPR_CAP_SBBC);
+SPAPR_CAP_MIG_STATE(ibs, SPAPR_CAP_IBS);
 
 void spapr_caps_reset(sPAPRMachineState *spapr)
 {
-- 
2.13.6

[Qemu-devel] [QEMU-PPC] [PATCH V3 2/3] ppc/spapr-caps: Convert spapr-cap-ibs to be a boolean

2018-02-14 Thread Suraj Jitindar Singh 
The spapr-cap cap-ibs can only have values broken or fixed as there is
no workaround. Currently setting the value workaround will hit an assert
if the guest makes the hcall h_get_cpu_characteristics.

Thus this capability is better suited to being represented as a boolean.
Setting this to OFF corresponds to the old BROKEN, that is no indirect
branch serialisation. Setting this to ON corresponds to the old FIXED,
that is indirect branches are serialised.

Reported-by: Satheesh Rajendran 
Signed-off-by: Suraj Jitindar Singh 
---
 hw/ppc/spapr.c  |  2 +-
 hw/ppc/spapr_caps.c | 12 ++--
 target/ppc/kvm.c|  2 +-
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 32a876be56..969db6cde2 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -3886,7 +3886,7 @@ static void spapr_machine_class_init(ObjectClass *oc, 
void *data)
 smc->default_caps.caps[SPAPR_CAP_DFP] = SPAPR_CAP_ON;
 smc->default_caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_BROKEN;
 smc->default_caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_BROKEN;
-smc->default_caps.caps[SPAPR_CAP_IBS] = SPAPR_CAP_BROKEN;
+smc->default_caps.caps[SPAPR_CAP_IBS] = SPAPR_CAP_OFF;
 spapr_caps_add_properties(smc, _abort);
 }
 
diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c
index e69d308560..05997b0842 100644
--- a/hw/ppc/spapr_caps.c
+++ b/hw/ppc/spapr_caps.c
@@ -207,9 +207,9 @@ static void 
cap_safe_indirect_branch_apply(sPAPRMachineState *spapr,
 {
 if (tcg_enabled() && val) {
 /* TODO - for now only allow broken for TCG */
-error_setg(errp, "Requested safe indirect branch capability level not 
supported by tcg, try a different value for cap-ibs");
+error_setg(errp, "Indirect Branch Serialisation support not available, 
try cap-ibs=off");
 } else if (kvm_enabled() && (val > kvmppc_get_cap_safe_indirect_branch())) 
{
-error_setg(errp, "Requested safe indirect branch capability level not 
supported by kvm, try a different value for cap-ibs");
+error_setg(errp, "Indirect Branch Serialisation support not available, 
try cap-ibs=off");
 }
 }
 
@@ -263,11 +263,11 @@ sPAPRCapabilityInfo capability_table[SPAPR_CAP_NUM] = {
 },
 [SPAPR_CAP_IBS] = {
 .name = "ibs",
-.description = "Indirect Branch Serialisation" VALUE_DESC_TRISTATE,
+.description = "Indirect Branch Serialisation",
 .index = SPAPR_CAP_IBS,
-.get = spapr_cap_get_tristate,
-.set = spapr_cap_set_tristate,
-.type = "string",
+.get = spapr_cap_get_bool,
+.set = spapr_cap_set_bool,
+.type = "bool",
 .apply = cap_safe_indirect_branch_apply,
 },
 };
diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c
index 9842b3bb12..3e3e5f9c1f 100644
--- a/target/ppc/kvm.c
+++ b/target/ppc/kvm.c
@@ -2495,7 +2495,7 @@ static void kvmppc_get_cpu_characteristics(KVMState *s)
 }
 /* Parse and set cap_ppc_safe_indirect_branch */
 if (c.character & H_CPU_CHAR_BCCTRL_SERIALISED) {
-cap_ppc_safe_indirect_branch = 2;
+cap_ppc_safe_indirect_branch = 1;
 }
 }
 
-- 
2.13.6

Re: [Qemu-devel] [PATCH] syscall: fix special case of write(fd, NULL, 0)

2018-02-14 Thread Oliver Smith 
Hello there,

I'm a little late to the party. But what is necessary to get this
upstreamed, and how can I help?

PS: Sorry if I picked the wrong e-mail addresses, I wasn't subscribed to
the ML at that point and used the addresses I could find for the people
who answered to the original thread here:

https://lists.gnu.org/archive/html/qemu-devel/2017-09/msg08073.html

Thanks,
Oliver


From: Zhuowei Zhang 
> Linux returns success for the special case of calling write with a
> zero-length NULL buffer: compiling and running
>
> ```
>
> int main() {
>ssize_t ret = write(STDOUT_FILENO, NULL, 0);
>fprintf(stderr, "write returned %ld\n", ret);
>return 0;
> }
> ```
> gives "write returned 0" when run directly, but "write returned -1" in
> QEMU.
>
> This commit checks for this situation and returns success if found.
>
> Signed-off-by: Zhuowei Zhang 
> ---
>  linux-user/syscall.c | 5 +
>  1 file changed, 5 insertions(+)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 9b6364a..ecadf49 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -7783,6 +7783,11 @@ abi_long do_syscall(void *cpu_env, int num,
abi_long
> arg1,
>  }
>  break;
>  case TARGET_NR_write:
> +if (arg2 == 0 && arg3 == 0) {
> +/* special case: write(fd, NULL, 0) returns success. */
> +ret = 0;
> +break;
> +}
>  if (!(p = lock_user(VERIFY_READ, arg2, arg3, 1)))
>  goto efault;
>  if (fd_trans_target_to_host_data(arg1)) {
> --
> 1.9.1

Re: [Qemu-devel] [PATCH v5 09/23] RISC-V TCG Code Generation

2018-02-14 Thread Emilio G. Cota 
On Wed, Feb 14, 2018 at 13:13:09 -0800, Richard Henderson wrote:
> On 02/14/2018 11:52 AM, Emilio G. Cota wrote:
> > Should I send those patches to the list, or let Michael squash their 
> > changes?
> 
> That's up to you, I guess.  I don't mind if it goes in before or after merge.

OK, will send to the list once the merge is complete.

Thanks,

Emilio

[Qemu-devel] [ANNOUNCE] QEMU 2.11.1 Stable released

2018-02-14 Thread Michael Roth 
Hi everyone,

I am pleased to announce that the QEMU v2.11.1 stable release is now
available:

You can grab the tarball from our download page here:

  https://www.qemu.org/download/#source

v2.11.1 is now tagged in the official qemu.git repository,
and the stable-2.11 branch has been updated accordingly:

  https://git.qemu.org/?p=qemu.git;a=shortlog;h=refs/heads/stable-2.11

This update contains new functionality needed to enable mitigations for
Spectre/Meltdown (CVE-2017-5715) in x86, pseries, and s390x QEMU/KVM
guest operating systems. Documentation for the various options/requirements
for enabling this functionality is available here:

  https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/

There are also security fixes for potential host DoS attacks via
VGA devices (CVE-2018-5683) and VNC clients (CVE-2017-15124), as
well as the normal range of general fixes. Please see the changelog
for additional details and update accordingly.

Thank you to everyone involved!

CHANGELOG:

7c1beb52ed: Update version for 2.11.1 release (Michael Roth)
00e9fba2be: spapr: add missing break in h_get_cpu_characteristics() (Greg Kurz)
63112b16a6: vga: check the validation of memory addr when draw text 
(linzhecheng)
30c3b4823c: input: fix memory leak (linzhecheng)
88ab85384d: ui: correctly advance output buffer when writing SASL data (Daniel 
P. Berrangé)
64653b7fbe: ui: avoid sign extension using client width/height (Daniel P. 
Berrange)
9a26ca6b94: ui: mix misleading comments & return types of VNC I/O helper 
methods (Daniel P. Berrange)
172f4e5a31: ui: add trace events related to VNC client throttling (Daniel P. 
Berrange)
0c85a40e71: ui: place a hard cap on VNC server output buffer size (Daniel P. 
Berrange)
f9e53c77ea: ui: fix VNC client throttling when forced update is requested 
(Daniel P. Berrange)
f9c8767828: ui: fix VNC client throttling when audio capture is active (Daniel 
P. Berrange)
5af9f2504f: ui: refactor code for determining if an update should be sent to 
the client (Daniel P. Berrange)
2e6571e671: ui: correctly reset framebuffer update state after processing dirty 
regions (Daniel P. Berrange)
126617e6f8: ui: introduce enum to track VNC client framebuffer update request 
state (Daniel P. Berrange)
8a9c5c34ac: ui: track how much decoded data we consumed when doing SASL 
encoding (Daniel P. Berrange)
616d64ac06: ui: avoid pointless VNC updates if framebuffer isn't dirty (Daniel 
P. Berrange)
a7b2537f8a: ui: remove redundant indentation in vnc_client_update (Daniel P. 
Berrange)
de1e7a91c8: ui: remove unreachable code in vnc_update_client (Daniel P. 
Berrange)
0181686a98: ui: remove 'sync' parameter from vnc_update_client (Daniel P. 
Berrange)
a3fd64f2fe: migration: incoming postcopy advise sanity checks (Greg Kurz)
68d7e24475: target/sh4: add missing tcg_temp_free() in _decode_opc() (Philippe 
Mathieu-Daudé)
2095c5a2e3: migration/savevm.c: set MAX_VM_CMD_PACKAGED_SIZE to 1ul << 32 
(Daniel Henrique Barboza)
c8847f5565: migration: Recover block devices if failure in device state (Dr. 
David Alan Gilbert)
b9eec804f4: migration: Don't leak IO channels (Ross Lagerwall)
b8aa511bc0: s390x/sclp: fix event mask handling (Christian Borntraeger)
ab7b4f6734: memory: set ioeventfd_update_pending after 
address_space_update_ioeventfds (linzhecheng)
ed8b4ecc68: target/ppc/spapr: Add H-Call H_GET_CPU_CHARACTERISTICS (Suraj 
Jitindar Singh)
eab4b5170f: target/ppc/spapr_caps: Add new tristate cap safe_indirect_branch 
(Suraj Jitindar Singh)
d7aa3d0a0a: target/ppc/spapr_caps: Add new tristate cap safe_bounds_check 
(Suraj Jitindar Singh)
3dc12273b7: target/ppc/spapr_caps: Add new tristate cap safe_cache (Suraj 
Jitindar Singh)
e9a8747cd2: target/ppc/spapr_caps: Add support for tristate spapr_capabilities 
(Suraj Jitindar Singh)
49b1fa33a3: target/ppc/kvm: Add 
cap_ppc_safe_[cache/bounds_check/indirect_branch] (Suraj Jitindar Singh)
43a29f0025: target/ppc/spapr_caps: Add macro to generate spapr_caps migration 
vmstate (Suraj Jitindar Singh)
d72e0a69ea: target/ppc: introduce the PPC_BIT() macro (Cédric Le Goater)
4374cbca95: spapr: fix device tree properties when using compatibility mode 
(Greg Kurz)
a1f33a5b93: ppc: Change Power9 compat table to support at most 8 threads/core 
(Jose Ricardo Ziviani)
6a47136799: hw/ppc/spapr_caps: Rework spapr_caps to use uint8 internal 
representation (Suraj Jitindar Singh)
e4f4fa00eb: spapr: Handle Decimal Floating Point (DFP) as an optional 
capability (David Gibson)
ff6f7e10c6: spapr: Handle VMX/VSX presence as an spapr capability flag (David 
Gibson)
7c578cbc37: target/ppc: Clean up probing of VMX, VSX and DFP availability on 
KVM (David Gibson)
804e5ea9ed: spapr: Validate capabilities on migration (David Gibson)
9070f408f4: spapr: Treat Hardware Transactional Memory (HTM) as an optional 
capability (David Gibson)
78a38cd47e: spapr: Capabilities infrastructure (David Gibson)
0fac4aa930: spapr: Add pseries-2.12 machine type (David Gibson)
97d17551b5: spapr: don't initialize

Re: [Qemu-devel] [PATCH v2 1/4] block: extract AIO_WAIT_WHILE() from BlockDriverState

2018-02-14 Thread Eric Blake 

On 02/13/2018 10:01 AM, Eric Blake wrote:

On 02/13/2018 08:20 AM, Stefan Hajnoczi wrote:

BlockDriverState has the BDRV_POLL_WHILE() macro to wait on event loop
activity while a condition evaluates to true.  This is used to implement
synchronous operations where it acts as a condvar between the IOThread
running the operation and the main loop waiting for the operation.  It
can also be called from the thread that owns the AioContext and in that
case it's just a nested event loop.





It may be that your patch is correct (as I'm not an expert on the rules 
in play here), but more comments may help.  Or you may have a NULL 
dereference bug lurking.  So at this point, I can't give R-b, even 
though the refactoring of the BDRV_POLL_WHILE() macro into a separate 
helper makes sense from the high level view.


Okay, based on your responses, I can now give

Reviewed-by: Eric Blake 

although it may still help to do followups with better documentation 
and/or a rename of the confusing functions.


--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [PATCH v2 1/4] block: extract AIO_WAIT_WHILE() from BlockDriverState

2018-02-14 Thread Eric Blake 

On 02/14/2018 08:06 AM, Stefan Hajnoczi wrote:

On Tue, Feb 13, 2018 at 10:01:06AM -0600, Eric Blake wrote:

Trying to understand here:



+#define AIO_WAIT_WHILE(wait, ctx, cond) ({  \
+bool waited_ = false;   \
+bool busy_ = true;  \
+AioWait *wait_ = (wait);\
+AioContext *ctx_ = (ctx);   \
+if (aio_context_in_iothread(ctx_)) {\
+while ((cond) || busy_) {   \
+busy_ = aio_poll(ctx_, (cond)); \
+waited_ |= !!(cond) | busy_;\
+}   \


If we are in an iothread already, we never dereference wait,


No, the name and documentation for aio_context_in_iothread() is
misleading.  It actually means "does this AioContext belong to the
current thread?", which is more general than just the IOThread case.

aio_context_in_iothread() returns true when:
1. We are the IOThread that owns ctx. <-- the case you thought of
2. We are the main loop and ctx == qemu_get_aio_context().
^--- the sneaky case that BDRV_POLL_WHILE() has always relied on


Thanks, that helps.



+AIO_WAIT_WHILE(bdrv_get_aio_wait(bs_), \
+   bdrv_get_aio_context(bs_),  \
+   cond); })


...we can pass NULL as the wait parameter, which will crash.


It won't crash since if (aio_context_in_iothread(ctx_)) will take the true
case when bs_ == NULL.


Okay, you've solved that one.




+++ b/block/io.c



   void bdrv_wakeup(BlockDriverState *bs)
   {
-/* The barrier (or an atomic op) is in the caller.  */
-if (atomic_read(>wakeup)) {
-aio_bh_schedule_oneshot(qemu_get_aio_context(), dummy_bh_cb, NULL);
-}
+aio_wait_kick(bdrv_get_aio_wait(bs));


this is another case where passing NULL...


bdrv_wakeup() is only called when bs != NULL.


And looks like we're safe, there, as well.



I hope this explains things!  The main issue that raised these questions
was that aio_context_in_iothread() has a misleading name.  Shall we
rename it?


Maybe, but that's a separate patch.  What name would we bikeshed, maybe 
aio_context_correct_thread() (we are the correct thread if we are the 
iothread that owns ctx, or if we are the main thread and have properly 
acquired ctx) or aio_context_use_okay() (we can only use the ctx if we 
own it [native iothread] or have acquired it [main loop])




I'm having a hard time picking a new name because it must not be
confused with AioContext acquire/release, which doesn't influence the
"native" AioContext that the current thread has an affinity with.



--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [Qemu-ppc] [QEMU-PPC] [PATCH V2 3/3] ppc/spapr-caps: For pseries-2.12 change spapr-cap defaults

2018-02-14 Thread Suraj Jitindar Singh 
On Wed, 2018-02-14 at 15:20 +0100, Greg Kurz wrote:
> On Wed, 14 Feb 2018 17:51:35 +1100
> Suraj Jitindar Singh  wrote:
> 
> > For the pseries-2.12 machine type, make the spapr-caps
> > SPAPR_CAP_CFPC
> > and SPAPR_CAP_SBBC default to workaround. Thus if the host is
> > capable
> > the guest will be able to take advantage of these workarounds by
> > default.
> > Otherwise if the host doesn't have these capabilities qemu will
> > fail to
> > start and they will have to be explicitly disabled on the command
> > line
> > with:
> > -machine pseries,cap-cfpc=broken,cap-sbbc=broken
> > 
> > Signed-off-by: Suraj Jitindar Singh 
> > ---
> >  hw/ppc/spapr.c  | 11 ++-
> >  hw/ppc/spapr_caps.c | 10 ++
> >  include/hw/compat.h |  2 ++
> >  3 files changed, 22 insertions(+), 1 deletion(-)
> > 
> > diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
> > index 969db6cde2..e2ebb76242 100644
> > --- a/hw/ppc/spapr.c
> > +++ b/hw/ppc/spapr.c
> > @@ -3941,13 +3941,20 @@ static const TypeInfo spapr_machine_info =
> > {
> >  /*
> >   * pseries-2.12
> >   */
> > +#define
> > SPAPR_COMPAT_2_12  \
> > +HW_COMPAT_2_12
> > +
> >  static void spapr_machine_2_12_instance_options(MachineState
> > *machine)
> >  {
> >  }
> >  
> >  static void spapr_machine_2_12_class_options(MachineClass *mc)
> >  {
> > -/* Defaults for the latest behaviour inherited from the base
> > class */
> > +sPAPRMachineClass *smc = SPAPR_MACHINE_CLASS(mc);
> > +
> > +smc->default_caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_WORKAROUND;
> > +smc->default_caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_WORKAROUND;
> 
> As written in the comment, the default for the latest machine type
> should
> be set at the base class level, in spapr_machine_class_init()... not
> sure
> to understand why you set it here...

Ah yes, my bad.

> 
> > +SET_MACHINE_COMPAT(mc, SPAPR_COMPAT_2_12);
> 
> And so, you shouldn't need to setup 2.12 compat mode before 2.12 was
> even
> released :)

Fair enough :)

> 
> >  }
> >  
> >  DEFINE_SPAPR_MACHINE(2_12, "2.12", true);
> > @@ -3969,6 +3976,8 @@ static void
> > spapr_machine_2_11_class_options(MachineClass *mc)
> >  
> >  spapr_machine_2_12_class_options(mc);
> >  smc->default_caps.caps[SPAPR_CAP_HTM] = SPAPR_CAP_ON;
> > +smc->default_caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_BROKEN;
> > +smc->default_caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_BROKEN;
> >  SET_MACHINE_COMPAT(mc, SPAPR_COMPAT_2_11);
> >  }
> >  
> > diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c
> > index 05997b0842..c25c2bca52 100644
> > --- a/hw/ppc/spapr_caps.c
> > +++ b/hw/ppc/spapr_caps.c
> > @@ -281,11 +281,21 @@ static sPAPRCapabilities
> > default_caps_with_cpu(sPAPRMachineState *spapr,
> >  
> >  caps = smc->default_caps;
> >  
> > +if (!ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_3_00,
> > +  0, spapr->max_compat_pvr)) {
> > +caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_BROKEN;
> > +}
> > +
> >  if (!ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_2_07,
> >0, spapr->max_compat_pvr)) {
> >  caps.caps[SPAPR_CAP_HTM] = SPAPR_CAP_OFF;
> >  }
> >  
> > +if (!ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_2_06_PLUS,
> > +  0, spapr->max_compat_pvr)) {
> > +caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_BROKEN;
> > +}
> > +
> >  if (!ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_2_06,
> >0, spapr->max_compat_pvr)) {
> >  caps.caps[SPAPR_CAP_VSX] = SPAPR_CAP_OFF;
> > diff --git a/include/hw/compat.h b/include/hw/compat.h
> > index 7f31850dfa..13238239da 100644
> > --- a/include/hw/compat.h
> > +++ b/include/hw/compat.h
> > @@ -1,6 +1,8 @@
> >  #ifndef HW_COMPAT_H
> >  #define HW_COMPAT_H
> >  
> > +#define HW_COMPAT_2_12
> > +
> >  #define HW_COMPAT_2_11 \
> >  {\
> >  .driver   = "hpet",\
> 
>

Re: [Qemu-devel] [PATCH 2/3] block/ssh: Make ssh_grow_file() blocking

2018-02-14 Thread Max Reitz 
On 2018-02-14 22:11, Eric Blake wrote:
> On 02/14/2018 02:49 PM, Max Reitz wrote:
>> At runtime (that is, during a future ssh_truncate()), the SSH session is
>> non-blocking.  However, ssh_truncate() (or rather, bdrv_truncate() in
>> general) is not a coroutine, so this resize operation needs to block.
>>
>> For ssh_create(), that is fine, too; the session is never set to
>> non-blocking anyway.
>>
>> Signed-off-by: Max Reitz 
>> ---
>>   block/ssh.c | 7 +++
>>   1 file changed, 7 insertions(+)
>>
>> diff --git a/block/ssh.c b/block/ssh.c
>> index 964e55f7fe..ff8576f21e 100644
>> --- a/block/ssh.c
>> +++ b/block/ssh.c
>> @@ -803,17 +803,24 @@ static int ssh_file_open(BlockDriverState *bs,
>> QDict *options, int bdrv_flags,
>>   return ret;
>>   }
>>   +/* Note: This is a blocking operation */
>>   static int ssh_grow_file(BDRVSSHState *s, int64_t offset, Error **errp)
>>   {
>>   ssize_t ret;
>>   char c[1] = { '\0' };
>> +    int was_blocking = libssh2_session_get_blocking(s->session);
>>     /* offset must be strictly greater than the current size so we do
>>    * not overwrite anything */
>>   assert(offset > 0 && offset > s->attrs.filesize);
>>   +    libssh2_session_set_blocking(s->session, 1);
>> +
>>   libssh2_sftp_seek64(s->sftp_handle, offset - 1);
>>   ret = libssh2_sftp_write(s->sftp_handle, c, 1);
>> +
>> +    libssh2_session_set_blocking(s->session, was_blocking);
> 
> Is it worth skipping the two libssh2_session_set_blocking() calls if
> was_blocking is 1?  But that's a micro-optimization that probably won't
> be noticeable, so I'm also fine with unconditional.

I was hoping libssh2 is clever enough for that itself. :-)

> Reviewed-by: Eric Blake 

Thanks!

Max



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH v5 09/23] RISC-V TCG Code Generation

2018-02-14 Thread Richard Henderson 
On 02/14/2018 11:52 AM, Emilio G. Cota wrote:
> Should I send those patches to the list, or let Michael squash their changes?

That's up to you, I guess.  I don't mind if it goes in before or after merge.


r~

Re: [Qemu-devel] [PATCH 3/3] block/ssh: Add basic .bdrv_truncate()

2018-02-14 Thread Eric Blake 

On 02/14/2018 02:49 PM, Max Reitz wrote:

libssh2 does not seem to offer real truncation support, so we can only
grow files -- but that is better than nothing.

Signed-off-by: Max Reitz 
---
  block/ssh.c | 24 
  1 file changed, 24 insertions(+)



Reviewed-by: Eric Blake 

--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [Qemu-stable] [PULL 10/25] virtio_error: don't invoke status callbacks

2018-02-14 Thread Peter Lieven 
Am 13.02.2018 um 23:23 schrieb Michael S. Tsirkin:
> On Tue, Feb 13, 2018 at 09:53:58PM +0100, Peter Lieven wrote:
>> Am 21.12.2017 um 15:29 schrieb Michael S. Tsirkin:
>>> Backends don't need to know what frontend requested a reset,
>>> and notifying then from virtio_error is messy because
>>> virtio_error itself might be invoked from backend.
>>>
>>> Let's just set the status directly.
>>>
>>> Cc: qemu-sta...@nongnu.org
>>> Reported-by: Ilya Maximets 
>>> Signed-off-by: Michael S. Tsirkin 
>>> ---
>>>  hw/virtio/virtio.c | 2 +-
>>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
>>> index ad564b0..d6002ee 100644
>>> --- a/hw/virtio/virtio.c
>>> +++ b/hw/virtio/virtio.c
>>> @@ -2469,7 +2469,7 @@ void GCC_FMT_ATTR(2, 3) virtio_error(VirtIODevice 
>>> *vdev, const char *fmt, ...)
>>>  va_end(ap);
>>>  
>>>  if (virtio_vdev_has_feature(vdev, VIRTIO_F_VERSION_1)) {
>>> -virtio_set_status(vdev, vdev->status | 
>>> VIRTIO_CONFIG_S_NEEDS_RESET);
>>> +vdev->status = vdev->status | VIRTIO_CONFIG_S_NEEDS_RESET;
>>>  virtio_notify_config(vdev);
>>>  }
>>>  
>>
>> Is it possible that this patch introduces a stall in I/O and a deadlock on a 
>> drain all?
>>
>> I have seen Qemu VMs being I/O stalled and deadlocking on a vm stop command 
>> in
>>
>> blk_drain_all. This happened after a longer storage outage.
>>
>>
>> I am asking just theoretically because I have seen this behaviour first when 
>> we
>>
>> backported this patch in our stable 2.9 branch.
>>
>>
>> Thank you,
>>
>> Peter
> Well - this patch was introduced to fix a crash, but
> a well behaved VM should not trigger VIRTIO_CONFIG_S_NEEDS_RESET -
> did you see any error messages in the log when this triggered?

You mean in the guest or on the host? On the host I have seen nothing.

I actually did not know the reasoning behing this patch. I was just searching 
for an explaination
for the strange I/O stalls that I have seen.

And it was not only one guest but a few hundreds. So I think I have to search 
for another cause.

Thank you,
Peter

Re: [Qemu-devel] [PATCH 2/3] block/ssh: Make ssh_grow_file() blocking

2018-02-14 Thread Eric Blake 

On 02/14/2018 02:49 PM, Max Reitz wrote:

At runtime (that is, during a future ssh_truncate()), the SSH session is
non-blocking.  However, ssh_truncate() (or rather, bdrv_truncate() in
general) is not a coroutine, so this resize operation needs to block.

For ssh_create(), that is fine, too; the session is never set to
non-blocking anyway.

Signed-off-by: Max Reitz 
---
  block/ssh.c | 7 +++
  1 file changed, 7 insertions(+)

diff --git a/block/ssh.c b/block/ssh.c
index 964e55f7fe..ff8576f21e 100644
--- a/block/ssh.c
+++ b/block/ssh.c
@@ -803,17 +803,24 @@ static int ssh_file_open(BlockDriverState *bs, QDict 
*options, int bdrv_flags,
  return ret;
  }
  
+/* Note: This is a blocking operation */

  static int ssh_grow_file(BDRVSSHState *s, int64_t offset, Error **errp)
  {
  ssize_t ret;
  char c[1] = { '\0' };
+int was_blocking = libssh2_session_get_blocking(s->session);
  
  /* offset must be strictly greater than the current size so we do

   * not overwrite anything */
  assert(offset > 0 && offset > s->attrs.filesize);
  
+libssh2_session_set_blocking(s->session, 1);

+
  libssh2_sftp_seek64(s->sftp_handle, offset - 1);
  ret = libssh2_sftp_write(s->sftp_handle, c, 1);
+
+libssh2_session_set_blocking(s->session, was_blocking);


Is it worth skipping the two libssh2_session_set_blocking() calls if 
was_blocking is 1?  But that's a micro-optimization that probably won't 
be noticeable, so I'm also fine with unconditional.


Reviewed-by: Eric Blake 

--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [PATCH 1/3] block/ssh: Pull ssh_grow_file() from ssh_create()

2018-02-14 Thread Eric Blake 

On 02/14/2018 02:49 PM, Max Reitz wrote:

If we ever want to offer even rudimentary truncation functionality for
ssh, we should put the respective code into a reusable function.

Signed-off-by: Max Reitz 
---
  block/ssh.c | 30 ++
  1 file changed, 22 insertions(+), 8 deletions(-)




+++ b/block/ssh.c
@@ -803,6 +803,26 @@ static int ssh_file_open(BlockDriverState *bs, QDict 
*options, int bdrv_flags,
  return ret;
  }
  
+static int ssh_grow_file(BDRVSSHState *s, int64_t offset, Error **errp)

+{
+ssize_t ret;
+char c[1] = { '\0' };


Could spell this 'char c[1] = "";', but you just did code motion.

Reviewed-by: Eric Blake 

--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [RFC PATCH 0/2] s/size/entries/ when dealing with non-byte units

2018-02-14 Thread Max Reitz 
On 2018-02-14 00:33, Eric Blake wrote:
> I mentioned this while reviewing Berto's series on L2 slice handling;
> this is a first cut at patches that I think are worth doing throughout
> the qcow2 code base if we like the idea.

I like the idea. :-)

The patches look good to me.

Max

> Eric Blake (2):
>   qcow2: Prefer 'entries' over 'size' for non-byte values in spec
>   qcow2: Prefer 'entries' over 'size' during cache creation
> 
>  docs/interop/qcow2.txt |  4 ++--
>  block/qcow2.h  |  4 ++--
>  block/qcow2.c  | 21 +++--
>  3 files changed, 15 insertions(+), 14 deletions(-)
> 




signature.asc
Description: OpenPGP digital signature

[Qemu-devel] [PATCH 2/3] block/ssh: Make ssh_grow_file() blocking

2018-02-14 Thread Max Reitz 
At runtime (that is, during a future ssh_truncate()), the SSH session is
non-blocking.  However, ssh_truncate() (or rather, bdrv_truncate() in
general) is not a coroutine, so this resize operation needs to block.

For ssh_create(), that is fine, too; the session is never set to
non-blocking anyway.

Signed-off-by: Max Reitz 
---
 block/ssh.c | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/block/ssh.c b/block/ssh.c
index 964e55f7fe..ff8576f21e 100644
--- a/block/ssh.c
+++ b/block/ssh.c
@@ -803,17 +803,24 @@ static int ssh_file_open(BlockDriverState *bs, QDict 
*options, int bdrv_flags,
 return ret;
 }
 
+/* Note: This is a blocking operation */
 static int ssh_grow_file(BDRVSSHState *s, int64_t offset, Error **errp)
 {
 ssize_t ret;
 char c[1] = { '\0' };
+int was_blocking = libssh2_session_get_blocking(s->session);
 
 /* offset must be strictly greater than the current size so we do
  * not overwrite anything */
 assert(offset > 0 && offset > s->attrs.filesize);
 
+libssh2_session_set_blocking(s->session, 1);
+
 libssh2_sftp_seek64(s->sftp_handle, offset - 1);
 ret = libssh2_sftp_write(s->sftp_handle, c, 1);
+
+libssh2_session_set_blocking(s->session, was_blocking);
+
 if (ret < 0) {
 sftp_error_setg(errp, s, "Failed to grow file");
 return -EIO;
-- 
2.14.3

[Qemu-devel] [PATCH 3/3] block/ssh: Add basic .bdrv_truncate()

2018-02-14 Thread Max Reitz 
libssh2 does not seem to offer real truncation support, so we can only
grow files -- but that is better than nothing.

Signed-off-by: Max Reitz 
---
 block/ssh.c | 24 
 1 file changed, 24 insertions(+)

diff --git a/block/ssh.c b/block/ssh.c
index ff8576f21e..c235eec255 100644
--- a/block/ssh.c
+++ b/block/ssh.c
@@ -1219,6 +1219,29 @@ static int64_t ssh_getlength(BlockDriverState *bs)
 return length;
 }
 
+static int ssh_truncate(BlockDriverState *bs, int64_t offset,
+PreallocMode prealloc, Error **errp)
+{
+BDRVSSHState *s = bs->opaque;
+
+if (prealloc != PREALLOC_MODE_OFF) {
+error_setg(errp, "Unsupported preallocation mode '%s'",
+   PreallocMode_str(prealloc));
+return -ENOTSUP;
+}
+
+if (offset < s->attrs.filesize) {
+error_setg(errp, "ssh driver does not support shrinking files");
+return -ENOTSUP;
+}
+
+if (offset == s->attrs.filesize) {
+return 0;
+}
+
+return ssh_grow_file(s, offset, errp);
+}
+
 static BlockDriver bdrv_ssh = {
 .format_name  = "ssh",
 .protocol_name= "ssh",
@@ -1231,6 +1254,7 @@ static BlockDriver bdrv_ssh = {
 .bdrv_co_readv= ssh_co_readv,
 .bdrv_co_writev   = ssh_co_writev,
 .bdrv_getlength   = ssh_getlength,
+.bdrv_truncate= ssh_truncate,
 .bdrv_co_flush_to_disk= ssh_co_flush,
 .create_opts  = _create_opts,
 };
-- 
2.14.3

[Qemu-devel] [PATCH 1/3] block/ssh: Pull ssh_grow_file() from ssh_create()

2018-02-14 Thread Max Reitz 
If we ever want to offer even rudimentary truncation functionality for
ssh, we should put the respective code into a reusable function.

Signed-off-by: Max Reitz 
---
 block/ssh.c | 30 ++
 1 file changed, 22 insertions(+), 8 deletions(-)

diff --git a/block/ssh.c b/block/ssh.c
index b63addcf94..964e55f7fe 100644
--- a/block/ssh.c
+++ b/block/ssh.c
@@ -803,6 +803,26 @@ static int ssh_file_open(BlockDriverState *bs, QDict 
*options, int bdrv_flags,
 return ret;
 }
 
+static int ssh_grow_file(BDRVSSHState *s, int64_t offset, Error **errp)
+{
+ssize_t ret;
+char c[1] = { '\0' };
+
+/* offset must be strictly greater than the current size so we do
+ * not overwrite anything */
+assert(offset > 0 && offset > s->attrs.filesize);
+
+libssh2_sftp_seek64(s->sftp_handle, offset - 1);
+ret = libssh2_sftp_write(s->sftp_handle, c, 1);
+if (ret < 0) {
+sftp_error_setg(errp, s, "Failed to grow file");
+return -EIO;
+}
+
+s->attrs.filesize = offset;
+return 0;
+}
+
 static QemuOptsList ssh_create_opts = {
 .name = "ssh-create-opts",
 .head = QTAILQ_HEAD_INITIALIZER(ssh_create_opts.head),
@@ -822,8 +842,6 @@ static int ssh_create(const char *filename, QemuOpts *opts, 
Error **errp)
 int64_t total_size = 0;
 QDict *uri_options = NULL;
 BDRVSSHState s;
-ssize_t r2;
-char c[1] = { '\0' };
 
 ssh_state_init();
 
@@ -849,14 +867,10 @@ static int ssh_create(const char *filename, QemuOpts 
*opts, Error **errp)
 }
 
 if (total_size > 0) {
-libssh2_sftp_seek64(s.sftp_handle, total_size-1);
-r2 = libssh2_sftp_write(s.sftp_handle, c, 1);
-if (r2 < 0) {
-sftp_error_setg(errp, , "truncate failed");
-ret = -EINVAL;
+ret = ssh_grow_file(, total_size, errp);
+if (ret < 0) {
 goto out;
 }
-s.attrs.filesize = total_size;
 }
 
 ret = 0;
-- 
2.14.3

[Qemu-devel] [PATCH 0/3] block/ssh: Add basic .bdrv_truncate()

2018-02-14 Thread Max Reitz 
For (x-)blockdev-create, all protocol drivers that support image
creation also need to offer a .bdrv_truncate() implementation that
matches in features.  A previous series of mine brought gluster's and
sheepdog's implementation up to par regarding preallocated truncation;
but I forgot about drivers that have a .bdrv_create() but no
.bdrv_truncate() at all.

There is only one of these, and that is ssh.  Since libssh2 does not
seem to know any way of truncating files, we can only support growing
files -- but that is what we need for (x-)blockdev-create.

Note that there are also drivers which do not support growing files,
namely iscsi and file-posix for host devices (maybe more?  I hope not).
But these also pretty much ignore the specified size on .bdrv_create()
and just use the size of the existing device.  They just check that the
specified size does not exceed the actual size, so that pretty much
matches what their .bdrv_truncate() supports, and we should be fine
there.


Max Reitz (3):
  block/ssh: Pull ssh_grow_file() from ssh_create()
  block/ssh: Make ssh_grow_file() blocking
  block/ssh: Add basic .bdrv_truncate()

 block/ssh.c | 61 +
 1 file changed, 53 insertions(+), 8 deletions(-)

-- 
2.14.3

Re: [Qemu-devel] [PATCH] configure: Add missing space when using --with-pkgversion

2018-02-14 Thread Eric Blake 

On 02/14/2018 11:31 AM, Thomas Huth wrote:

When running configure with --with-pkgversion=foo there is no
space anymore between the version number and the parentheses:

$ m68k-softmmu/qemu-system-m68k -version
QEMU emulator version 2.11.50(foo)

Fix it by moving the space from the configure script to the Makefile.

Fixes: 67a1de0d195a6185c39b436159c9ffc7720bf979
Buglink: https://bugs.launchpad.net/qemu/+bug/1673373
Signed-off-by: Thomas Huth 
---
  Makefile  | 2 +-
  configure | 2 +-
  2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 4ec7a3c..41adbc9 100644
--- a/Makefile
+++ b/Makefile
@@ -369,7 +369,7 @@ qemu-version.h: FORCE
(cd $(SRC_PATH); \
printf '#define QEMU_PKGVERSION '; \
if test -n "$(PKGVERSION)"; then \
-   printf '"$(PKGVERSION)"\n'; \
+   printf '" ($(PKGVERSION))"\n'; \


I would argue that putting a space here is awkward; wouldn't it instead 
be easier to have all CLIENTS of QEMU_PKGVERSION in the source code 
assume that the macro does NOT have a leading space, and to supply a 
space themselves?


That is, change THESE locations:

bsd-user/main.c:printf("qemu-" TARGET_NAME " version " QEMU_VERSION 
QEMU_PKGVERSION
linux-user/main.c:printf("qemu-" TARGET_NAME " version " 
QEMU_VERSION QEMU_PKGVERSION
qemu-img.c:#define QEMU_IMG_VERSION "qemu-img version " QEMU_VERSION 
QEMU_PKGVERSION \

qemu-io.c:printf("%s version " QEMU_VERSION QEMU_PKGVERSION "\n"
qemu-nbd.c:"%s " QEMU_VERSION QEMU_PKGVERSION "\n"
qga/main.c:"QEMU Guest Agent " QEMU_VERSION QEMU_PKGVERSION "\n"
scsi/qemu-pr-helper.c:"%s " QEMU_VERSION QEMU_PKGVERSION "\n"
ui/cocoa.m:@"QEMU emulator version %s%s", QEMU_VERSION, 
QEMU_PKGVERSION];

vl.c:printf("QEMU emulator version " QEMU_VERSION QEMU_PKGVERSION "\n"

to instead supply the missing space, and have configure/Makefile always 
generate without a leading space.



+++ b/configure
@@ -1162,7 +1162,7 @@ for opt do
;;
--disable-blobs) blobs="no"
;;
-  --with-pkgversion=*) pkgversion=" ($optarg)"
+  --with-pkgversion=*) pkgversion="$optarg"


Hmm - here you're changing who supplies the ().  But that argues that 
maybe the callsites should supply " (" and ")" themselves.


Here's how coreutils does it, by using gnulib's version-etc module:

src/local.mk: $(AM_V_at)printf 'char const *Version = 
"$(PACKAGE_VERSION)";\n' >> $@t


src/system.h:version_etc (stdout, Program_name, PACKAGE_NAME, 
Version, Authors,


version_etc_arn (FILE *stream,
 const char *command_name, const char *package,
 const char *version,
 const char * const * authors, size_t n_authors)
{
  if (command_name)
fprintf (stream, "%s (%s) %s\n", command_name, package, version);

which means that the Makefile magic outputs JUST the text that goes 
inside the (), and the callsite that outputs version information is what 
supplies the " (" and ")".


--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [PATCH V2 1/1] tests: Add migration test for aarch64

2018-02-14 Thread Wei Huang 


On 02/12/2018 11:31 AM, Andrew Jones wrote:
> On Fri, Feb 09, 2018 at 04:42:42PM -0500, Wei Huang wrote:
>> This patch adds migration test support for aarch64. The test code, which
>> implements the same functionality as x86, is booted as a kernel in qemu.
>> Here are the design choices we make for aarch64:
>>
>>  * We choose this -kernel approach because aarch64 QEMU doesn't provide a
>>built-in fw like x86 does. So instead of relying on a boot loader, we
>>use -kernel approach for aarch64.
>>  * The serial output is sent to PL011 directly.
>>  * The physical memory base for mach-virt machine is 0x4000. We change
>>the start_address and end_address for aarch64.
>>
>> In addition to providing the binary, this patch also includes the test source
>> and the build script in tests/migration. So users can change/re-compile
>> the binary as they wish.
>>
>> Signed-off-by: Wei Huang 
>> ---
>>  tests/Makefile.include|  1 +
>>  tests/migration-test.c| 29 ++---
>>  tests/migration/aarch64-a-b-kernel.h  | 19 +
>>  tests/migration/aarch64-a-b-kernel.s  | 67 
>> +++
>>  tests/migration/rebuild-aarch64-kernel.sh | 67 
>> +++
>>  5 files changed, 177 insertions(+), 6 deletions(-)
>>  create mode 100644 tests/migration/aarch64-a-b-kernel.h
>>  create mode 100644 tests/migration/aarch64-a-b-kernel.s
>>  create mode 100755 tests/migration/rebuild-aarch64-kernel.sh
>>
>> diff --git a/tests/Makefile.include b/tests/Makefile.include
>> index f41da23..0fd18fd 100644
>> --- a/tests/Makefile.include
>> +++ b/tests/Makefile.include
>> @@ -369,6 +369,7 @@ gcov-files-arm-y += hw/timer/arm_mptimer.c
>>  check-qtest-arm-y += tests/boot-serial-test$(EXESUF)
>>  
>>  check-qtest-aarch64-y = tests/numa-test$(EXESUF)
>> +check-qtest-aarch64-y += tests/migration-test$(EXESUF)
>>  
>>  check-qtest-microblazeel-y = $(check-qtest-microblaze-y)
>>  
>> diff --git a/tests/migration-test.c b/tests/migration-test.c
>> index 85d4014..b16944c 100644
>> --- a/tests/migration-test.c
>> +++ b/tests/migration-test.c
>> @@ -22,8 +22,8 @@
>>  
>>  #define MIN_NVRAM_SIZE 8192 /* from spapr_nvram.c */
>>  
>> -const unsigned start_address = 1024 * 1024;
>> -const unsigned end_address = 100 * 1024 * 1024;
>> +unsigned start_address = 1024 * 1024;
>> +unsigned end_address = 100 * 1024 * 1024;
>>  bool got_stop;
>>  
>>  #if defined(__linux__)
>> @@ -80,12 +80,13 @@ static const char *tmpfs;
>>   * outputing a 'B' every so often if it's still running.
>>   */
>>  #include "tests/migration/x86-a-b-bootblock.h"
>> +#include "tests/migration/aarch64-a-b-kernel.h"
>>  
>> -static void init_bootfile_x86(const char *bootpath)
>> +static void init_bootfile(const char *bootpath, void *content)
>>  {
>>  FILE *bootfile = fopen(bootpath, "wb");
>>  
>> -g_assert_cmpint(fwrite(x86_bootsect, 512, 1, bootfile), ==, 1);
>> +g_assert_cmpint(fwrite(content, 512, 1, bootfile), ==, 1);
>>  fclose(bootfile);
>>  }
>>  
>> @@ -391,7 +392,7 @@ static void test_migrate_start(QTestState **from, 
>> QTestState **to,
>>  got_stop = false;
>>  
>>  if (strcmp(arch, "i386") == 0 || strcmp(arch, "x86_64") == 0) {
>> -init_bootfile_x86(bootpath);
>> +init_bootfile(bootpath, x86_bootsect);
>>  cmd_src = g_strdup_printf("-machine accel=%s -m 150M"
>>" -name source,debug-threads=on"
>>" -serial file:%s/src_serial"
>> @@ -420,6 +421,22 @@ static void test_migrate_start(QTestState **from, 
>> QTestState **to,
>>" -serial file:%s/dest_serial"
>>" -incoming %s",
>>accel, tmpfs, uri);
>> +} else if (strcmp(arch, "aarch64") == 0) {
>> +init_bootfile(bootpath, aarch64_kernel);
>> +cmd_src = g_strdup_printf("-machine virt,accel=kvm:tcg -m 150M "
>> +  "-name vmsource,debug-threads=on -cpu 
>> host "
> 
> We can't use '-cpu host' with tcg, so the accel fallback won't work.

Will fix

> 
>> +  "-serial file:%s/src_serial "
>> +  "-kernel %s ",
>> +  tmpfs, bootpath);
>> +cmd_dst = g_strdup_printf("-machine virt,accel=kvm:tcg -m 150M "
>> +  "-name vmdest,debug-threads=on -cpu host "
>> +  "-serial file:%s/dest_serial "
>> +  "-kernel %s "
>> +  "-incoming %s ",
>> +  tmpfs, bootpath, uri);
>> +/* aarch64 virt machine physical mem started from 0x4000 */
> 
> s/mem started from/memory starts at/

will fix

> 
>> +start_address += 0x4000;
>> +end_address += 0x4000;
> 
> Why is

Re: [Qemu-devel] [PATCH] configure: Add missing space when using --with-pkgversion

2018-02-14 Thread Eric Blake 

On 02/14/2018 02:00 PM, Thomas Huth wrote:

On 14.02.2018 19:33, Peter Maydell wrote:

On 14 February 2018 at 17:31, Thomas Huth  wrote:

When running configure with --with-pkgversion=foo there is no
space anymore between the version number and the parentheses:

$ m68k-softmmu/qemu-system-m68k -version
QEMU emulator version 2.11.50(foo)


It would be nice to document this as '--version' rather than '-version' 
(both work; but see our BiteSized task: 
https://wiki.qemu.org/BiteSizedTasks#Consistent_option_usage_in_documentation)




-- does this patch change the QMP reported string
unexpectedly?


Without my patch and with --with-pkgversion=foo :

{ "execute": "query-version" }
{"return": {"qemu": {"micro": 50, "minor": 11, "major": 2}, "package": "(foo)"}}


Looks nice.  And the version info is ALSO passed as part of the initial 
handshake, even before you call query-version.




With my patch and with --with-pkgversion=foo :

{ "execute": "query-version" }
{"return": {"qemu": {"micro": 50, "minor": 11, "major": 2}, "package": " 
(foo)"}}


Potential regression (arguably cosmetic, though)



Without my patch and without --with-pkgversion :

{ "execute": "query-version" }
{"return": {"qemu": {"micro": 50, "minor": 11, "major": 2}, "package": " 
(v2.11.0-1512-g02f4fbe)"}}


And that means we're already inconsistent, so your patch at least made 
things consistent,




Using the old QEMU version 67a1de0d19~1 with  --with-pkgversion=foo :

{ "execute": "query-version" }
{"return": {"qemu": {"micro": 50, "minor": 6, "major": 2}, "package": " (foo)"}}


and that means we've already "regressed", which further means:
- it definitely is cosmetic, if no one is complaining
- changing it to look nicer won't break anyone



So yes, this patch changes the behavior of query-version, but the new
behavior is now the same behavior that you get without --with-pkgversion
(i.e. a space is included) and it is the same as the behavior that we had
in the past, before commit 67a1de0d19 has been merged. So I think this
is the right way to go.
Alternatively, we could maybe change query-version to always skip the
initial space?


Yes, I like that option.

So, if I'm summarizing correctly, your v2 patch will have:

$ qemu --version
QEMU emulator version 2.11.50 (foo)

QMP query-version
{"return": {"qemu": {"micro": 50, "minor": 6, "major": 2}, "package": 
"(foo)"}}


regardless of whether --with-pkgversion was used during configure.

--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [PATCHv2 0/3] add query-cpu-fast and related s390 changes

2018-02-14 Thread Eric Blake 

On 02/14/2018 09:16 AM, Eric Blake wrote:

How shall we proceed with this series? Patch 3 depends upon patch 1, so
I think it makes sense to merge this in one go.

I can give my R-b on patch 1 and Someone(tm) can merge this, or I can
take the whole series through the s390 tree (with some further
reviews/acks on patches 2/3).


I'd still like to give a thorough QMP review; it's on my list to get to 
today.


Okay, I've added more review comments; I think there's still enough 
worth polishing that resending a v3 of the series is worthwhile, and do 
agree that we want all three patches through a single tree (s390 sound 
fine to me).  But in general, I'm okay with the QMP changes (what looks 
like duplication is caused by modernizing the naming, which means we 
DON'T want to play games with trying to inherit one type from the other, 
and the argument about deprecating the old naming seems reasonable).


--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [PATCH] configure: Add missing space when using --with-pkgversion

2018-02-14 Thread Thomas Huth 
On 14.02.2018 19:33, Peter Maydell wrote:
> On 14 February 2018 at 17:31, Thomas Huth  wrote:
>> When running configure with --with-pkgversion=foo there is no
>> space anymore between the version number and the parentheses:
>>
>> $ m68k-softmmu/qemu-system-m68k -version
>> QEMU emulator version 2.11.50(foo)
>>
>> Fix it by moving the space from the configure script to the Makefile.
>>
>> Fixes: 67a1de0d195a6185c39b436159c9ffc7720bf979
>> Buglink: https://bugs.launchpad.net/qemu/+bug/1673373
>> Signed-off-by: Thomas Huth 
> 
> I see that in the bug report I wrote
> "Also it looks like we return QEMU_PKGVERSION as part of the
> QMP qmp_query_version() code, so we should check to see what
> the expected behaviour there is regarding having the space
> or not."
> 
> -- does this patch change the QMP reported string
> unexpectedly?

Without my patch and with --with-pkgversion=foo :

{ "execute": "query-version" }
{"return": {"qemu": {"micro": 50, "minor": 11, "major": 2}, "package": "(foo)"}}

With my patch and with --with-pkgversion=foo :

{ "execute": "query-version" }
{"return": {"qemu": {"micro": 50, "minor": 11, "major": 2}, "package": " 
(foo)"}}

Without my patch and without --with-pkgversion :

{ "execute": "query-version" }
{"return": {"qemu": {"micro": 50, "minor": 11, "major": 2}, "package": " 
(v2.11.0-1512-g02f4fbe)"}}

Using the old QEMU version 67a1de0d19~1 with  --with-pkgversion=foo :

{ "execute": "query-version" }
{"return": {"qemu": {"micro": 50, "minor": 6, "major": 2}, "package": " (foo)"}}

So yes, this patch changes the behavior of query-version, but the new
behavior is now the same behavior that you get without --with-pkgversion
(i.e. a space is included) and it is the same as the behavior that we had
in the past, before commit 67a1de0d19 has been merged. So I think this
is the right way to go.
Alternatively, we could maybe change query-version to always skip the
initial space?

 Thomas

Re: [Qemu-devel] [PATCHv2 3/3] qmp: add architecture specific cpu data for query-cpus-fast

2018-02-14 Thread Eric Blake 

On 02/13/2018 11:18 AM, Viktor Mihajlovski wrote:

The s390 CPU state can be retrieved without interrupting the
VM execution. Extendend the CpuInfoFast union with architecture


s/Extendend/Extend/


specific data and an implementation for s390.

Return data looks like this:
  [
{"thread-id":64301,"props":{"core-id":0},
 "arch":"s390","cpu-state":"operating",
 "qom-path":"/machine/unattached/device[0]","cpu-index":0},
{"thread-id":64302,"props":{"core-id":1},
 "arch":"s390","cpu-state":"operating",
 "qom-path":"/machine/unattached/device[1]","cpu-index":1}
]

Currently there's a certain amount of duplication between
the definitions of CpuInfo and CpuInfoFast, both in the
base and variable areas, since there are data fields common
to the slow and fast variants.


Even with the difference in spelling that I pointed out in 2/3?



A suggestion was made on the mailing list to enhance the QAPI
code generation to support two layers of unions. This would
allow to specify the common fields once and avoid the duplication
in the leaf unions.

On the other hand, the slow query-cpus should be deprecated
along with the slow CpuInfo type and eventually be removed.
Assuming that new architectures will not be added at high
rates, we could live with the duplication for the time being.


Yes, this part is true.



Signed-off-by: Viktor Mihajlovski 
---
  cpus.c   | 10 ++
  hmp.c| 10 ++
  qapi-schema.json | 35 +--
  3 files changed, 49 insertions(+), 6 deletions(-)




+++ b/qapi-schema.json
@@ -537,15 +537,26 @@
'data': [ 'uninitialized', 'stopped', 'check-stop', 'operating', 'load' ] }
  
  ##

-# @CpuInfoS390:
+# @CpuInfoS390Fast:
  #
-# Additional information about a virtual S390 CPU
+# Additional information about a virtual S390 CPU which can be
+# obtained without a performance penalty for a running VM
  #
  # @cpu-state: the virtual CPU's state
  #
  # Since: 2.12
  ##
-{ 'struct': 'CpuInfoS390', 'data': { 'cpu-state': 'CpuS390State' } }
+{ 'struct': 'CpuInfoS390Fast', 'data': { 'cpu-state': 'CpuS390State' } }
+
+##
+# @CpuInfoS390:
+#
+# Additional information about a virtual S390 CPU, potentially expensive
+# to obtain
+#
+# Since: 2.12
+##
+{ 'struct': 'CpuInfoS390', 'base': 'CpuInfoS390Fast', 'data': { } }


This part works - but since you aren't adding any further fields, what 
is the point in having two type names?  Why not just document that 
CpuInfoS390 is always fast, whether used in CpuInfoFast or in the slower 
CpuInfo?  It's not like we get any additional compile-time safety by 
inventing a new type.


  
  ##

  # @query-cpus:
@@ -604,12 +615,24 @@
  # @props: properties describing to which node/socket/core/thread
  # virtual CPU belongs to, provided if supported by board
  #
+# @arch: architecture of the cpu, which determines which additional fields
+#will be listed


Doing this leaves a stale comment in query-cpus-fast that the arch name 
is not provided; you'll need to delete that comment if this patch goes in.



+#
  # Since: 2.12
  #
  ##
-{ 'struct': 'CpuInfoFast',
-  'data': {'cpu-index': 'int', 'qom-path': 'str',
-   'thread-id': 'int', '*props': 'CpuInstanceProperties' } }
+{ 'union': 'CpuInfoFast',
+  'base': {'cpu-index': 'int', 'qom-path': 'str',
+   'thread-id': 'int', '*props': 'CpuInstanceProperties',
+   'arch': 'CpuInfoArch' },
+  'discriminator': 'arch',
+  'data': { 'x86': 'CpuInfoOther',
+'sparc': 'CpuInfoOther',
+'ppc': 'CpuInfoOther',
+'mips': 'CpuInfoOther',
+'tricore': 'CpuInfoOther',
+'s390': 'CpuInfoS390Fast',
+'other': 'CpuInfoOther' } }


CpuInfoOther is an empty class, so it works as a placeholder for all 
other arches without having the dichotomy like the 
CpuInfoS390/CpuInfoS390Fast split.


At any rate, whether or not you merge the two CpuInfoS390 type into one, 
converting CpuInfoFast into a union (and NOT trying to inherit between 
the slow type with different field names and the new fast type) seems 
reasonable, if libvirt really wants to keep using cpu-info-fast to learn 
whether S390 vcpus are halted.



  ##
  # @query-cpus-fast:


So, if you fix the stale comment here, a v3 patch can have
Acked-by: Eric Blake 

I also think your v3 series should touch qemu-doc.texi to start the 
deprecation timeframe.


--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] Assigning network devices to nested VMs results in driver errors in nested VMs

2018-02-14 Thread Jintack Lim 
On Tue, Feb 13, 2018 at 11:44 PM, Jintack Lim  wrote:
> Hi,
>
> I'm trying to assign network devices to nested VMs on x86 using KVM,
> but I got network device driver errors in the nested VMs. (I've tried
> this about an year ago when vIOMMU patches were not upstreamed, and I
> got similar errors at that time.)
>
> This could be network driver issues, but I'd like to get some help if
> somebody encountered similar issues.
>
> I'm using v4.15.0 kernel and v2.11.0 QEMU, and I followed this [1]
> guide. I had no problem with assigning devices to the first level VMs
> (L1 VMs). And I also checked that the devices were assigned to nested
> VMs with the lspci command in the nested VMs. But network device
> drivers failed to initialize the device. I tried two network cards -
> Intel Corporation 82599ES 10-Gigabit SFI/SFP+ Network Connection and
> Mellanox Technologies MT27500 Family.
>
> Intel driver error in the nested VM looks like this.
> [1.939552] ixgbe: Intel(R) 10 Gigabit PCI Express Network Driver -
> version 5.1.0-k
> [1.949796] ixgbe: Copyright (c) 1999-2016 Intel Corporation.
> [2.210024] ixgbe :00:04.0: HW Init failed: -12
> [2.218144] ixgbe: probe of :00:04.0 failed with error -12
>

I was assigning PF to the L1 VMs and L2 VMs so far; I guess this is
not the right way. So I tried to assign VF to the L1 VM and assigned
the same VF to the L2 VM in turn. Then the device driver in L2 VM
didn't show any error, and I was able to configure the network
interface. But the network still didn't work.

I only tried Intel network device so far.

> and I saw lots of these messages in the host (L0) kernel log when
> booting the nested VM.
>
> [ 1557.404173] DMAR: DRHD: handling fault status reg 102
> [ 1557.409813] DMAR: [DMA Read] Request device [06:00.0] fault addr
> 9 [fault reason 06] PTE Read access is not set
> [ 1561.383957] DMAR: DRHD: handling fault status reg 202
> [ 1561.389598] DMAR: [DMA Read] Request device [06:00.0] fault addr
> 9 [fault reason 06] PTE Read access is not set
>

I still see similar error logs in the host kernel. The fault address
looks different, though.

[ 3228.636485] ixgbe :06:00.0 eth2: VF Reset msg received from vf 0
[ 3236.023683] DMAR: DRHD: handling fault status reg 2
[ 3236.029129] DMAR: [DMA Read] Request device [06:10.0] fault addr
354748000 [fault reason 06] PTE Read access is not set
[ 3236.371711] DMAR: DRHD: handling fault status reg 102
[ 3236.377353] DMAR: [DMA Read] Request device [06:10.0] fault addr
354748000 [fault reason 06] PTE Read access is not set
[ 3236.595667] DMAR: DRHD: handling fault status reg 202
[ 3236.601307] DMAR: [DMA Read] Request device [06:10.0] fault addr
354748000 [fault reason 06] PTE Read access is not set
[ 3236.831863] DMAR: DRHD: handling fault status reg 302
[ 3236.837503] DMAR: [DMA Read] Request device [06:10.0] fault addr
370b7c000 [fault reason 06] PTE Read access is not set
[ 3237.647806] vfio-pci :06:10.0: timed out waiting for pending
transaction; performing function level reset anyway

> This is Mellanox driver error in another nested VM.
> [2.481694] mlx4_core: Initializing :00:04.0
> [3.519422] mlx4_core :00:04.0: Installed FW has unsupported
> command interface revision 0
> [3.537769] mlx4_core :00:04.0: (Installed FW version is 0.0.000)
> [3.551733] mlx4_core :00:04.0: This driver version supports
> only revisions 2 to 3
> [3.568758] mlx4_core :00:04.0: QUERY_FW command failed, aborting
> [3.582789] mlx4_core :00:04.0: Failed to init fw, aborting.
>
> The host showed similar messages as above.
>
> I wonder what could be the cause of these errors. Please let me know
> if further information is needed.
>
> [1] https://wiki.qemu.org/Features/VT-d
>
> Thanks,
> Jintack

Re: [Qemu-devel] [PATCH v5 09/23] RISC-V TCG Code Generation

2018-02-14 Thread Emilio G. Cota 
On Wed, Feb 14, 2018 at 11:14:48 -0800, Richard Henderson wrote:
> On 02/13/2018 04:10 PM, Emilio G. Cota wrote:
> > On Tue, Feb 13, 2018 at 14:10:20 -0800, Richard Henderson wrote:
> >> On 02/13/2018 01:55 PM, Emilio G. Cota wrote:
> >>> Are we planning to use BS_STOP in the future? I see it has no setters,
> >>> although we check for it in gen_intermediate_code:
> >>
> >> No, but the whole port should be converted to exec/translator.h, which 
> >> defines
> >> DisasJumpType.  Not something I'm going to require on initial submission 
> >> until
> >> we've gotten most of the other targets cleaned up.
> > 
> > I see. I've just done the conversion for v5:
> >   https://github.com/cota/qemu/commits/riscv-v5-trloop
> > 
> > Can you please take a look?
> 
> Looks ok.  Watch your formatting, e.g { } on the same line.

Thanks, checkpatch didn't complain about that one though.

Should I send those patches to the list, or let Michael squash their changes?

E.

[Qemu-devel] [PATCH 3/5] spapr: rename spapr_vcpu_id() to spapr_get_vcpu_id()

2018-02-14 Thread Greg Kurz 
The spapr_vcpu_id() function is an accessor actually. Let's rename it
for symmetry with the recently added spapr_set_vcpu_id() helper.

The motivation behind this is that a later patch will consolidate
the VCPU id formula in a function and spapr_vcpu_id looks like an
appropriate name.

Signed-off-by: Greg Kurz 
---
 hw/ppc/spapr.c |   16 
 include/hw/ppc/spapr.h |2 +-
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 30cc48fd5264..18ebc058acdd 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -209,7 +209,7 @@ static int spapr_fixup_cpu_smt_dt(void *fdt, int offset, 
PowerPCCPU *cpu,
 int i, ret = 0;
 uint32_t servers_prop[smt_threads];
 uint32_t gservers_prop[smt_threads * 2];
-int index = spapr_vcpu_id(cpu);
+int index = spapr_get_vcpu_id(cpu);
 
 if (cpu->compat_pvr) {
 ret = fdt_setprop_cell(fdt, offset, "cpu-version", cpu->compat_pvr);
@@ -238,7 +238,7 @@ static int spapr_fixup_cpu_smt_dt(void *fdt, int offset, 
PowerPCCPU *cpu,
 
 static int spapr_fixup_cpu_numa_dt(void *fdt, int offset, PowerPCCPU *cpu)
 {
-int index = spapr_vcpu_id(cpu);
+int index = spapr_get_vcpu_id(cpu);
 uint32_t associativity[] = {cpu_to_be32(0x5),
 cpu_to_be32(0x0),
 cpu_to_be32(0x0),
@@ -342,7 +342,7 @@ static int spapr_fixup_cpu_dt(void *fdt, sPAPRMachineState 
*spapr)
 CPU_FOREACH(cs) {
 PowerPCCPU *cpu = POWERPC_CPU(cs);
 DeviceClass *dc = DEVICE_GET_CLASS(cs);
-int index = spapr_vcpu_id(cpu);
+int index = spapr_get_vcpu_id(cpu);
 int compat_smt = MIN(smp_threads, ppc_compat_max_vthreads(cpu));
 
 if (index % spapr->vsmt != 0) {
@@ -492,7 +492,7 @@ static void spapr_populate_cpu_dt(CPUState *cs, void *fdt, 
int offset,
 PowerPCCPU *cpu = POWERPC_CPU(cs);
 CPUPPCState *env = >env;
 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cs);
-int index = spapr_vcpu_id(cpu);
+int index = spapr_get_vcpu_id(cpu);
 uint32_t segs[] = {cpu_to_be32(28), cpu_to_be32(40),
0x, 0x};
 uint32_t tbfreq = kvm_enabled() ? kvmppc_get_tbfreq()
@@ -626,7 +626,7 @@ static void spapr_populate_cpus_dt_node(void *fdt, 
sPAPRMachineState *spapr)
  */
 CPU_FOREACH_REVERSE(cs) {
 PowerPCCPU *cpu = POWERPC_CPU(cs);
-int index = spapr_vcpu_id(cpu);
+int index = spapr_get_vcpu_id(cpu);
 DeviceClass *dc = DEVICE_GET_CLASS(cs);
 int offset;
 
@@ -3234,7 +3234,7 @@ static void *spapr_populate_hotplug_cpu_dt(CPUState *cs, 
int *fdt_offset,
 {
 PowerPCCPU *cpu = POWERPC_CPU(cs);
 DeviceClass *dc = DEVICE_GET_CLASS(cs);
-int id = spapr_vcpu_id(cpu);
+int id = spapr_get_vcpu_id(cpu);
 void *fdt;
 int offset, fdt_size;
 char *nodename;
@@ -3791,7 +3791,7 @@ static void spapr_pic_print_info(InterruptStatsProvider 
*obj,
 ics_pic_print_info(spapr->ics, mon);
 }
 
-int spapr_vcpu_id(PowerPCCPU *cpu)
+int spapr_get_vcpu_id(PowerPCCPU *cpu)
 {
 CPUState *cs = CPU(cpu);
 
@@ -3828,7 +3828,7 @@ PowerPCCPU *spapr_find_cpu(int vcpu_id)
 CPU_FOREACH(cs) {
 PowerPCCPU *cpu = POWERPC_CPU(cs);
 
-if (spapr_vcpu_id(cpu) == vcpu_id) {
+if (spapr_get_vcpu_id(cpu) == vcpu_id) {
 return cpu;
 }
 }
diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h
index af19320d2f8a..36942b378daa 100644
--- a/include/hw/ppc/spapr.h
+++ b/include/hw/ppc/spapr.h
@@ -766,7 +766,7 @@ void spapr_do_system_reset_on_cpu(CPUState *cs, 
run_on_cpu_data arg);
 
 #define HTAB_SIZE(spapr)(1ULL << ((spapr)->htab_shift))
 
-int spapr_vcpu_id(PowerPCCPU *cpu);
+int spapr_get_vcpu_id(PowerPCCPU *cpu);
 void spapr_set_vcpu_id(PowerPCCPU *cpu, int cpu_index, Error **errp);
 PowerPCCPU *spapr_find_cpu(int vcpu_id);

Re: [Qemu-devel] [PATCHv2 2/3] qmp: add query-cpus-fast

2018-02-14 Thread Eric Blake 

On 02/13/2018 11:18 AM, Viktor Mihajlovski wrote:

From: Luiz Capitulino 

The query-cpus command has an extremely serious side effect:
it always interrupts all running vCPUs so that they can run
ioctl calls. This can cause a huge performance degradation for
some workloads. And most of the information retrieved by the
ioctl calls are not even used by query-cpus.

This commit introduces a replacement for query-cpus called
query-cpus-fast, which has the following features:

  o Never interrupt vCPUs threads. query-cpus-fast only returns
vCPU information maintained by QEMU itself, which should be
sufficient for most management software needs

  o Make "halted" field optional: we only return it if the
halted state is maintained by QEMU. But this also gives
the option of dropping the field in the future (see below)

  o Drop irrelevant fields such as "current", "pc", "arch"
and "halted"



Others have pointed out the commit message inconsistencies; I'm focusing 
on the QMP.



+++ b/qapi-schema.json
@@ -552,6 +552,12 @@
  #
  # Returns a list of information about each virtual CPU.
  #
+# This command causes vCPU threads to exit to userspace, which causes
+# an small interruption guest CPU execution. This will have a negative


s/an small interruption/a small interruption to/


+# impact on realtime guests and other latency sensitive guest workloads.
+# It is recommended to use @query-cpus-fast instead of this command to
+# avoid the vCPU interruption.
+#
  # Returns: a list of @CpuInfo for each virtual CPU
  #
  # Since: 0.14.0
@@ -585,6 +591,70 @@
  { 'command': 'query-cpus', 'returns': ['CpuInfo'] }
  
  ##

+# @CpuInfoFast:
+#
+# Information about a virtual CPU
+#
+# @cpu-index: index of the virtual CPU
+#
+# @qom-path: path to the CPU object in the QOM tree
+#
+# @thread-id: ID of the underlying host thread
+#
+# @props: properties describing to which node/socket/core/thread
+# virtual CPU belongs to, provided if supported by board
+#
+# Since: 2.12
+#
+##
+{ 'struct': 'CpuInfoFast',
+  'data': {'cpu-index': 'int', 'qom-path': 'str',
+   'thread-id': 'int', '*props': 'CpuInstanceProperties' } }


Comparing against the existing CpuInfo: if I'm not mistaken, you've renamed:

CPU -> cpu-index
qom_path -> qom-path
thread_id -> thread-id

and kept props unchanged.

If we REALLY cared about reducing duplication, we can do:

{ 'struct': 'CpuInfoFast',
  'data': { 'CPU': 'int', 'qom_path': 'str', 'thread_id': 'int',
'*props': 'CpuInstanceProperties' } }
{ 'struct': 'CpuInfoBase',
  'base': 'CpuInfoFast',
  'data': { 'current': 'bool', 'halted': 'bool',
'arch': 'CpuInfoArch' } }
{ 'union': 'CpuInfo', 'base': 'CpuInfoBase', 'discriminator': 'arch',
  'data': { ... } }

but I'm not yet convinced whether we need that.  If we're going to 
deprecate the old command, having the new command use modern spelling is 
a nice change, even though it costs some duplication in the qapi file; 
where sharing code may save qapi costs in the short run, but will burden 
us with poor naming down the road even when we delete the slow command.



+
+##
+# @query-cpus-fast:
+#
+# Returns information about all virtual CPUs. This command does not
+# incur a performance penalty and should be used in production
+# instead of query-cpus.
+#
+# Returns: list of @CpuInfoFast
+#
+# Notes: The CPU architecture name is not returned by query-cpus-fast.
+#Use query-target to retrieve that information.
+#
+# Since: 2.12



+{ 'command': 'query-cpus-fast', 'returns': [ 'CpuInfoFast' ] }
+
+##
  # @IOThreadInfo:
  #
  # Information about an iothread



I didn't inspect the code, so similar to 1/3, once you fix the grammar 
nit and commit message,


Acked-by: Eric Blake 

--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

[Qemu-devel] [PATCH 2/5] spapr: move VCPU calculation to core machine code

2018-02-14 Thread Greg Kurz 
The VCPU ids are currently computed and assigned to each individual
CPU threads in spapr_cpu_core_realize(). But the numbering logic
of VCPU ids is actually a machine-level concept, and many places
in hw/ppc/spapr.c also have to compute VCPU ids out of CPU indexes.

The current formula used in spapr_cpu_core_realize() is:

vcpu_id = (cc->core_id * spapr->vsmt / smp_threads) + i

where:

cc->core_id is a multiple of smp_threads
cpu_index = cc->core_id + i
0 <= i < smp_threads

So we have:

cpu_index % smp_threads == i
cc->core_id / smp_threads == cpu_index / smp_threads

hence:

vcpu_id =
(cpu_index / smp_threads) * spapr->vsmt + cpu_index % smp_threads;

This formula was used before VSMT at the time VCPU ids where computed
at the target emulation level. It has the advantage of being useable
to derive a VPCU id out of a CPU index only. It is fitted for all the
places where the machine code has to compute a VCPU id.

This patch introduces an accessor to set the VCPU id in a PowerPCCPU object
using the above formula. It is a first step to consolidate all the VCPU id
logic in a single place.

Signed-off-by: Greg Kurz 
---
 hw/ppc/spapr.c  |   19 +++
 hw/ppc/spapr_cpu_core.c |9 ++---
 include/hw/ppc/spapr.h  |1 +
 3 files changed, 22 insertions(+), 7 deletions(-)

diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index ea7429c92a97..30cc48fd5264 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -3802,6 +3802,25 @@ int spapr_vcpu_id(PowerPCCPU *cpu)
 }
 }
 
+void spapr_set_vcpu_id(PowerPCCPU *cpu, int cpu_index, Error **errp)
+{
+sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
+int vcpu_id;
+
+vcpu_id =
+(cpu_index / smp_threads) * spapr->vsmt + cpu_index % smp_threads;
+
+if (kvm_enabled() && !kvm_vcpu_id_is_valid(vcpu_id)) {
+error_setg(errp, "Can't create CPU with id %d in KVM", vcpu_id);
+error_append_hint(errp, "Adjust the number of cpus to %d "
+  "or try to raise the number of threads per core\n",
+  vcpu_id * smp_threads / spapr->vsmt);
+return;
+}
+
+cpu->vcpu_id = vcpu_id;
+}
+
 PowerPCCPU *spapr_find_cpu(int vcpu_id)
 {
 CPUState *cs;
diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c
index 590d167b04c8..94afeb399e99 100644
--- a/hw/ppc/spapr_cpu_core.c
+++ b/hw/ppc/spapr_cpu_core.c
@@ -172,13 +172,8 @@ static void spapr_cpu_core_realize(DeviceState *dev, Error 
**errp)
 cs = CPU(obj);
 cpu = sc->threads[i] = POWERPC_CPU(obj);
 cs->cpu_index = cc->core_id + i;
-cpu->vcpu_id = (cc->core_id * spapr->vsmt / smp_threads) + i;
-if (kvm_enabled() && !kvm_vcpu_id_is_valid(cpu->vcpu_id)) {
-error_setg(_err, "Can't create CPU with id %d in KVM",
-   cpu->vcpu_id);
-error_append_hint(_err, "Adjust the number of cpus to %d "
-  "or try to raise the number of threads per 
core\n",
-  cpu->vcpu_id * smp_threads / spapr->vsmt);
+spapr_set_vcpu_id(cpu, cs->cpu_index, _err);
+if (local_err) {
 goto err;
 }
 
diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h
index 62c077ac2037..af19320d2f8a 100644
--- a/include/hw/ppc/spapr.h
+++ b/include/hw/ppc/spapr.h
@@ -767,6 +767,7 @@ void spapr_do_system_reset_on_cpu(CPUState *cs, 
run_on_cpu_data arg);
 #define HTAB_SIZE(spapr)(1ULL << ((spapr)->htab_shift))
 
 int spapr_vcpu_id(PowerPCCPU *cpu);
+void spapr_set_vcpu_id(PowerPCCPU *cpu, int cpu_index, Error **errp);
 PowerPCCPU *spapr_find_cpu(int vcpu_id);
 
 int spapr_irq_alloc(sPAPRMachineState *spapr, int irq_hint, bool lsi,

[Qemu-devel] [PATCH 1/5] spapr: use spapr->vsmt to compute VCPU ids

2018-02-14 Thread Greg Kurz 
Since the introduction of VSMT in 2.11, the spacing of VCPU ids
between cores is controllable through a machine property instead
of being only dictated by the SMT mode of the host:

cpu->vcpu_id = (cc->core_id * spapr->vsmt / smp_threads) + i

Until recently, the machine code would try to change the SMT mode
of the host to be equal to VSMT or exit. This allowed the rest of
the code to assume that kvmppc_smt_threads() == spapr->vsmt is
always true.

Recent commit "8904e5a75005 spapr: Adjust default VSMT value for
better migration compatibility" relaxed the rule. If the VSMT
mode cannot be set in KVM for some reasons, but the requested
CPU topology is compatible with the current SMT mode, then we
let the guest run with  kvmppc_smt_threads() != spapr->vsmt.

This breaks quite a few places in the code, in particular when
calculating DRC indexes.

This is what happens on a POWER host with subcores-per-core=2 (ie,
supports up to SMT4) when passing the following topology:

-smp threads=4,maxcpus=16 \
-device host-spapr-cpu-core,core-id=4,id=core1 \
-device host-spapr-cpu-core,core-id=8,id=core2

qemu-system-ppc64: warning: Failed to set KVM's VSMT mode to 8 (errno -22)

This is expected since KVM is limited to SMT4, but the guest is started
anyway because this topology can run on SMT4 even with a VSMT8 spacing.

But when we look at the DT, things get nastier:

cpus {
...
ibm,drc-indexes = <0x4 0x1000 0x1004 0x1008 0x100c>;

This means that we have the following association:

 CPU core device | DRC| VCPU id
-++-
   boot core | 0x1000 | 0
   core1 | 0x1004 | 4
   core2 | 0x1008 | 8
   core3 | 0x100c | 12

But since the spacing of VCPU ids is 8, the DRC for core1 points to a
VCPU that doesn't exist, the DRC for core2 points to the first VCPU of
core1 and and so on...

...

PowerPC,POWER8@0 {
...
ibm,my-drc-index = <0x1000>;
...
};

PowerPC,POWER8@8 {
...
ibm,my-drc-index = <0x1008>;
...
};

PowerPC,POWER8@10 {
...

No ibm,my-drc-index property for this core since 0x1010 doesn't
exist in ibm,drc-indexes above.

...
};
};

...

interrupt-controller {
...
ibm,interrupt-server-ranges = <0x0 0x10>;

With a spacing of 8, the highest VCPU id for the given topology should be:
16 * 8 / 4 = 32 and not 16

...
linux,phandle = <0x7e7323b8>;
interrupt-controller;
};

And CPU hot-plug/unplug is broken:

(qemu) device_del core1
pseries-hotplug-cpu: Cannot find CPU (drc index 1004) to remove

(qemu) device_del core2
cpu 4 (hwid 8) Ready to die...
cpu 5 (hwid 9) Ready to die...
cpu 6 (hwid 10) Ready to die...
cpu 7 (hwid 11) Ready to die...

These are the VCPU ids of core1 actually

(qemu) device_add host-spapr-cpu-core,core-id=12,id=core3
(qemu) device_del core3
pseries-hotplug-cpu: Cannot find CPU (drc index 100c) to remove

This patches all the code in hw/ppc/spapr.c to assume the VSMT
spacing when manipulating VCPU ids.

Fixes: 8904e5a75005
Signed-off-by: Greg Kurz 
---
 hw/ppc/spapr.c |   24 ++--
 1 file changed, 10 insertions(+), 14 deletions(-)

diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 9f29434819bd..ea7429c92a97 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -160,9 +160,9 @@ static void pre_2_10_vmstate_unregister_dummy_icp(int i)
(void *)(uintptr_t) i);
 }
 
-static inline int xics_max_server_number(void)
+static int xics_max_server_number(sPAPRMachineState *spapr)
 {
-return DIV_ROUND_UP(max_cpus * kvmppc_smt_threads(), smp_threads);
+return DIV_ROUND_UP(max_cpus * spapr->vsmt, smp_threads);
 }
 
 static void xics_system_init(MachineState *machine, int nr_irqs, Error **errp)
@@ -194,7 +194,7 @@ static void xics_system_init(MachineState *machine, int 
nr_irqs, Error **errp)
 if (smc->pre_2_10_has_unused_icps) {
 int i;
 
-for (i = 0; i < xics_max_server_number(); i++) {
+for (i = 0; i < xics_max_server_number(spapr); i++) {
 /* Dummy entries get deregistered when real ICPState objects
  * are registered during CPU core hotplug.
  */
@@ -337,7 +337,6 @@ static int spapr_fixup_cpu_dt(void *fdt, sPAPRMachineState 
*spapr)
 int ret = 0, offset, cpus_offset;
 CPUState *cs;
 char cpu_model[32];
-int smt = kvmppc_smt_threads();
 uint32_t pft_size_prop[] = {0, cpu_to_be32(spapr->htab_shift)};
 
 CPU_FOREACH(cs) {
@@ -346,7 +345,7 @@ static int spapr_fixup_cpu_dt(void *fdt, sPAPRMachineState 
*spapr)
 int index = spapr_vcpu_id(cpu);
 int compat_smt = MIN(smp_threads, ppc_compat_max_vthreads(cpu));
 
-if ((index % smt) != 0) {
+if (index % spapr->vsmt !=

[Qemu-devel] [PATCH 5/5] spapr: drop DIV_ROUND_UP() from xics_max_server_number()

2018-02-14 Thread Greg Kurz 
XICS needs to know the highest VCPU id that may be presented to the
guest plus 1. Commit f303f117fec3 "spapr: ensure we have at least one
XICS server" changed how the maximum is computed from:

smp_cpus * kvmppc_smt_threads() / smp_threads

to:

DIV_ROUND_UP(smp_cpus * kvmppc_smt_threads(), smp_threads)

This was done because at the time we could pass broken CPU topologies
to the -smp command line options, such as threads=9,cpus=1. On a POWER8
host this would give:

1 * 8 / 9 == 0 servers

and cause QEMU to crash later during XICS setup.

The formulat evolved a bit to accomodate CPU hot-plug and VSMT, but
most important, stricter checks are performed on the CPU topology.

With -smp threads=9,cpus=1:

qemu-system-ppc64:
 cpu topology: sockets (1) * cores (1) * threads (9) > maxcpus (1)

With -smp threads=9,maxcpus=1:

qemu-system-ppc64: maxcpus must be equal to or greater than smp

More generally, machine types with hotplug support (2.7 and up), no
longer allow to set maxcpus or smp_cpus to a value that isnt't a
multiple of smp_threads.

With -smp threads=4,cpus=6:

qemu-system-ppc64: smp_cpus (6) must be multiple of threads (4)

With -smp threads=4,maxcpus=6:

qemu-system-ppc64: max_cpus (6) must be multiple of threads (4)

This means that the division is perfect and we don't need DIV_ROUND_UP(),
and we could do a regular division:

max_cpus * spapr->vsmt / smp_threads

So this patch changes xics_max_server_number() to use the spapr_vcpu_id(),
which works too since max_cpus is a multiple of smp_threads:

(max_cpus / smp_threads ) * spapr->vsmt + max_cpus % smp_threads

It breaks migration of pre-2.7 machine types with unusual CPU topologies,
but I guess this is an acceptable trade-off.

Signed-off-by: Greg Kurz 
---
 hw/ppc/spapr.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 800d3f001253..f1722214cc74 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -176,7 +176,7 @@ static void pre_2_10_vmstate_unregister_dummy_icp(int i)
 
 static int xics_max_server_number(sPAPRMachineState *spapr)
 {
-return DIV_ROUND_UP(max_cpus * spapr->vsmt, smp_threads);
+return spapr_vcpu_id(spapr, max_cpus)
 }
 
 static void xics_system_init(MachineState *machine, int nr_irqs, Error **errp)

[Qemu-devel] [PATCH 4/5] spapr: consolidate the VCPU id numbering logic in a single place

2018-02-14 Thread Greg Kurz 
Several places in the code need to calculate a VCPU id:

(cpu_index / smp_threads) * spapr->vsmt + cpu_index % smp_threads
(core_id / smp_threads) * spapr->vsmt (1 user)
index * spapr->vsmt (2 users)

or guess that the VCPU id of a given VCPU is the first thread of a virtual
core:

index % spapr->vsmt != 0

Even if the numbering logic isn't that complex, it is rather fragile to
have these assumptions open-coded in several places. FWIW this was
proved with recent issues related to VSMT.

This patch moves the VCPU id formula to a single function to be called
everywhere the code needs to compute one. It also adds an helper to
guess if a VCPU is the first thread of a VCORE.

Signed-off-by: Greg Kurz 
---
 hw/ppc/spapr.c |   29 ++---
 1 file changed, 22 insertions(+), 7 deletions(-)

diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 18ebc058acdd..800d3f001253 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -99,6 +99,20 @@
 
 #define PHANDLE_XICP0x
 
+/* These two functions implement the VCPU id numbering: one to compute them
+ * all and one to identify thread 0 of a VCORE. Any change to the first one
+ * is likely to have an impact on the second one, so let's keep them close.
+ */
+static int spapr_vcpu_id(sPAPRMachineState *spapr, int cpu_index)
+{
+return
+(cpu_index / smp_threads) * spapr->vsmt + cpu_index % smp_threads;
+}
+static bool spapr_is_vcore(sPAPRMachineState *spapr, PowerPCCPU *cpu)
+{
+return spapr_get_vcpu_id(cpu) % spapr->vsmt == 0;
+}
+
 static ICSState *spapr_ics_create(sPAPRMachineState *spapr,
   const char *type_ics,
   int nr_irqs, Error **errp)
@@ -345,7 +359,7 @@ static int spapr_fixup_cpu_dt(void *fdt, sPAPRMachineState 
*spapr)
 int index = spapr_get_vcpu_id(cpu);
 int compat_smt = MIN(smp_threads, ppc_compat_max_vthreads(cpu));
 
-if (index % spapr->vsmt != 0) {
+if (!spapr_is_vcore(spapr, cpu)) {
 continue;
 }
 
@@ -630,7 +644,7 @@ static void spapr_populate_cpus_dt_node(void *fdt, 
sPAPRMachineState *spapr)
 DeviceClass *dc = DEVICE_GET_CLASS(cs);
 int offset;
 
-if (index % spapr->vsmt != 0) {
+if (!spapr_is_vcore(spapr, cpu)) {
 continue;
 }
 
@@ -2251,7 +2265,7 @@ static void spapr_init_cpus(sPAPRMachineState *spapr)
 
 if (mc->has_hotpluggable_cpus) {
 spapr_dr_connector_new(OBJECT(spapr), TYPE_SPAPR_DRC_CPU,
-   (core_id / smp_threads) * spapr->vsmt);
+   spapr_vcpu_id(spapr, core_id));
 }
 
 if (i < boot_cores_nr) {
@@ -3293,7 +3307,8 @@ void spapr_core_unplug_request(HotplugHandler 
*hotplug_dev, DeviceState *dev,
 return;
 }
 
-drc = spapr_drc_by_id(TYPE_SPAPR_DRC_CPU, index * spapr->vsmt);
+drc = spapr_drc_by_id(TYPE_SPAPR_DRC_CPU,
+  spapr_vcpu_id(spapr, cc->core_id));
 g_assert(drc);
 
 spapr_drc_detach(drc);
@@ -3322,7 +3337,8 @@ static void spapr_core_plug(HotplugHandler *hotplug_dev, 
DeviceState *dev,
cc->core_id);
 return;
 }
-drc = spapr_drc_by_id(TYPE_SPAPR_DRC_CPU, index * spapr->vsmt);
+drc = spapr_drc_by_id(TYPE_SPAPR_DRC_CPU,
+  spapr_vcpu_id(spapr, cc->core_id));
 
 g_assert(drc || !mc->has_hotpluggable_cpus);
 
@@ -3807,8 +3823,7 @@ void spapr_set_vcpu_id(PowerPCCPU *cpu, int cpu_index, 
Error **errp)
 sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
 int vcpu_id;
 
-vcpu_id =
-(cpu_index / smp_threads) * spapr->vsmt + cpu_index % smp_threads;
+vcpu_id = spapr_vcpu_id(spapr, cpu_index);
 
 if (kvm_enabled() && !kvm_vcpu_id_is_valid(vcpu_id)) {
 error_setg(errp, "Can't create CPU with id %d in KVM", vcpu_id);

[Qemu-devel] [PATCH 0/5] spapr: fix VCPU ids miscalculation

2018-02-14 Thread Greg Kurz 
After the review of Laurent's patch "spapr: set vsmt to MAX(8, smp_threads)",
I realized that most of the machine code that deals with VCPU ids assume the
spacing between cores is kvmppc_smt_threads() instead of spapr->vsmt. Most
of the time this is ok because both are equals, and QEMU used to exit if
it failed to set the VSMT mode into KVM.

This changed with the recent commit 8904e5a75005 "spapr: Adjust default
VSMT value for better migration compatibility", and really hurts setups
where kvmppc_smt_threads() and spapr->vsmt can have a different value:
older KVMs or even a recent KVM on a POWER8 host with subcores. The most
notable effects are DRCs associated to wrong VCPUs, which makes CPU
hot-plug completely unusable.

The fix is as simple as using spapr->vsmt everywhere. This is patch 1.
The rest of the series is an effort to consolidate the numbering logic
in a single place. This will avoid future breakage if the VCPU id logic
needs to be changed again later. Changes in patches 2 to 4 are rather
mechanical. Patch 5 is a bit more controversial as it breaks the
migration of unusual CPU topologies that used to be supported by
pre-2.7 machine types.

Please comment.

--
Greg

---

Greg Kurz (5):
  spapr: use spapr->vsmt to compute VCPU ids
  spapr: move VCPU calculation to core machine code
  spapr: rename spapr_vcpu_id() to spapr_get_vcpu_id()
  spapr: consolidate the VCPU id numbering logic in a single place
  spapr: drop DIV_ROUND_UP() from xics_max_server_number()


 hw/ppc/spapr.c  |   74 +--
 hw/ppc/spapr_cpu_core.c |9 +-
 include/hw/ppc/spapr.h  |3 +-
 3 files changed, 56 insertions(+), 30 deletions(-)

[Qemu-devel] [PATCH V11 09/10] hw/rdma: Implementation of PVRDMA device

2018-02-14 Thread Marcel Apfelbaum 
From: Yuval Shaia 

PVRDMA is the QEMU implementation of VMware's paravirtualized RDMA device.
It works with its Linux Kernel driver AS IS, no need for any special
guest modifications.

While it complies with the VMware device, it can also communicate with
bare metal RDMA-enabled machines and does not require an RDMA HCA in the
host, it can work with Soft-RoCE (rxe).

It does not require the whole guest RAM to be pinned allowing memory
over-commit and, even if not implemented yet, migration support will be
possible with some HW assistance.

Implementation is divided into 2 components, rdma general and pvRDMA
specific functions and structures.

The second PVRDMA sub-module - interaction with PCI layer.
- Device configuration and setup (MSIX, BARs etc).
- Setup of DSR (Device Shared Resources)
- Setup of device ring.
- Device management.

Reviewed-by: Dotan Barak 
Reviewed-by: Zhu Yanjun 
Signed-off-by: Yuval Shaia 
Signed-off-by: Marcel Apfelbaum 
---
 Makefile.objs |   1 +
 hw/rdma/Makefile.objs |   2 +-
 hw/rdma/vmw/pvrdma_main.c | 670 ++
 hw/rdma/vmw/trace-events  |   5 +
 include/hw/pci/pci_ids.h  |   3 +
 5 files changed, 680 insertions(+), 1 deletion(-)
 create mode 100644 hw/rdma/vmw/pvrdma_main.c
 create mode 100644 hw/rdma/vmw/trace-events

diff --git a/Makefile.objs b/Makefile.objs
index f3a3d28304..0b3c630719 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -131,6 +131,7 @@ trace-events-subdirs += hw/char
 trace-events-subdirs += hw/intc
 trace-events-subdirs += hw/net
 trace-events-subdirs += hw/rdma
+trace-events-subdirs += hw/rdma/vmw
 trace-events-subdirs += hw/virtio
 trace-events-subdirs += hw/audio
 trace-events-subdirs += hw/misc
diff --git a/hw/rdma/Makefile.objs b/hw/rdma/Makefile.objs
index 44a85f687d..3504c39d21 100644
--- a/hw/rdma/Makefile.objs
+++ b/hw/rdma/Makefile.objs
@@ -1,5 +1,5 @@
 ifeq ($(CONFIG_RDMA),y)
 obj-$(CONFIG_PCI) += rdma_utils.o rdma_backend.o rdma_rm.o
 obj-$(CONFIG_PCI) += vmw/pvrdma_dev_ring.o vmw/pvrdma_cmd.o \
- vmw/pvrdma_qp_ops.o
+ vmw/pvrdma_qp_ops.o vmw/pvrdma_main.o
 endif
diff --git a/hw/rdma/vmw/pvrdma_main.c b/hw/rdma/vmw/pvrdma_main.c
new file mode 100644
index 00..99787812ba
--- /dev/null
+++ b/hw/rdma/vmw/pvrdma_main.c
@@ -0,0 +1,670 @@
+/*
+ * QEMU paravirtual RDMA
+ *
+ * Copyright (C) 2018 Oracle
+ * Copyright (C) 2018 Red Hat Inc
+ *
+ * Authors:
+ * Yuval Shaia 
+ * Marcel Apfelbaum 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include "trace.h"
+
+#include "../rdma_rm.h"
+#include "../rdma_backend.h"
+#include "../rdma_utils.h"
+
+#include 
+#include "pvrdma.h"
+#include 
+#include 
+#include "pvrdma_qp_ops.h"
+
+static Property pvrdma_dev_properties[] = {
+DEFINE_PROP_STRING("backend-dev", PVRDMADev, backend_device_name),
+DEFINE_PROP_UINT8("backend-port", PVRDMADev, backend_port_num, 1),
+DEFINE_PROP_UINT8("backend-gid-idx", PVRDMADev, backend_gid_idx, 0),
+DEFINE_PROP_UINT64("dev-caps-max-mr-size", PVRDMADev, dev_attr.max_mr_size,
+   MAX_MR_SIZE),
+DEFINE_PROP_INT32("dev-caps-max-qp", PVRDMADev, dev_attr.max_qp, MAX_QP),
+DEFINE_PROP_INT32("dev-caps-max-sge", PVRDMADev, dev_attr.max_sge, 
MAX_SGE),
+DEFINE_PROP_INT32("dev-caps-max-cq", PVRDMADev, dev_attr.max_cq, MAX_CQ),
+DEFINE_PROP_INT32("dev-caps-max-mr", PVRDMADev, dev_attr.max_mr, MAX_MR),
+DEFINE_PROP_INT32("dev-caps-max-pd", PVRDMADev, dev_attr.max_pd, MAX_PD),
+DEFINE_PROP_INT32("dev-caps-qp-rd-atom", PVRDMADev, 
dev_attr.max_qp_rd_atom,
+  MAX_QP_RD_ATOM),
+DEFINE_PROP_INT32("dev-caps-max-qp-init-rd-atom", PVRDMADev,
+  dev_attr.max_qp_init_rd_atom, MAX_QP_INIT_RD_ATOM),
+DEFINE_PROP_INT32("dev-caps-max-ah", PVRDMADev, dev_attr.max_ah, MAX_AH),
+DEFINE_PROP_END_OF_LIST(),
+};
+
+static void free_dev_ring(PCIDevice *pci_dev, PvrdmaRing *ring,
+  void *ring_state)
+{
+pvrdma_ring_free(ring);
+rdma_pci_dma_unmap(pci_dev, ring_state, TARGET_PAGE_SIZE);
+}
+
+static int init_dev_ring(PvrdmaRing *ring, struct pvrdma_ring **ring_state,
+ const char *name, PCIDevice *pci_dev,
+ dma_addr_t dir_addr, uint32_t num_pages)
+{
+uint64_t *dir, *tbl;
+int rc = 0;
+
+pr_dbg("Initializing device ring %s\n", name);
+pr_dbg("pdir_dma=0x%llx\n", (long long unsigned int)dir_addr);
+pr_dbg("num_pages=%d\n", num_pages);
+dir = rdma_pci_dma_map(pci_dev, dir_addr, TARGET_PAGE_SIZE);
+if (!dir) {
+

[Qemu-devel] [PATCH V11 08/10] hw/rdma: PVRDMA commands and data-path ops

2018-02-14 Thread Marcel Apfelbaum 
From: Yuval Shaia 

First PVRDMA sub-module - implementation of the PVRDMA device.
- PVRDMA commands such as create CQ and create MR.
- Data path QP operations - post_send and post_recv.
- Completion handler.

Reviewed-by: Dotan Barak 
Reviewed-by: Zhu Yanjun 
Signed-off-by: Yuval Shaia 
Signed-off-by: Marcel Apfelbaum 
---
 hw/rdma/Makefile.objs |   2 +
 hw/rdma/vmw/pvrdma.h  | 122 
 hw/rdma/vmw/pvrdma_cmd.c  | 673 ++
 hw/rdma/vmw/pvrdma_dev_ring.c | 155 ++
 hw/rdma/vmw/pvrdma_dev_ring.h |  42 +++
 hw/rdma/vmw/pvrdma_qp_ops.c   | 222 ++
 hw/rdma/vmw/pvrdma_qp_ops.h   |  27 ++
 7 files changed, 1243 insertions(+)
 create mode 100644 hw/rdma/vmw/pvrdma.h
 create mode 100644 hw/rdma/vmw/pvrdma_cmd.c
 create mode 100644 hw/rdma/vmw/pvrdma_dev_ring.c
 create mode 100644 hw/rdma/vmw/pvrdma_dev_ring.h
 create mode 100644 hw/rdma/vmw/pvrdma_qp_ops.c
 create mode 100644 hw/rdma/vmw/pvrdma_qp_ops.h

diff --git a/hw/rdma/Makefile.objs b/hw/rdma/Makefile.objs
index 6a59bf0d5b..44a85f687d 100644
--- a/hw/rdma/Makefile.objs
+++ b/hw/rdma/Makefile.objs
@@ -1,3 +1,5 @@
 ifeq ($(CONFIG_RDMA),y)
 obj-$(CONFIG_PCI) += rdma_utils.o rdma_backend.o rdma_rm.o
+obj-$(CONFIG_PCI) += vmw/pvrdma_dev_ring.o vmw/pvrdma_cmd.o \
+ vmw/pvrdma_qp_ops.o
 endif
diff --git a/hw/rdma/vmw/pvrdma.h b/hw/rdma/vmw/pvrdma.h
new file mode 100644
index 00..b05f94a473
--- /dev/null
+++ b/hw/rdma/vmw/pvrdma.h
@@ -0,0 +1,122 @@
+/*
+ * QEMU VMWARE paravirtual RDMA device definitions
+ *
+ * Copyright (C) 2018 Oracle
+ * Copyright (C) 2018 Red Hat Inc
+ *
+ * Authors:
+ * Yuval Shaia 
+ * Marcel Apfelbaum 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#ifndef PVRDMA_PVRDMA_H
+#define PVRDMA_PVRDMA_H
+
+#include 
+#include 
+
+#include "../rdma_backend_defs.h"
+#include "../rdma_rm_defs.h"
+
+#include 
+#include 
+#include "pvrdma_dev_ring.h"
+
+/* BARs */
+#define RDMA_MSIX_BAR_IDX0
+#define RDMA_REG_BAR_IDX 1
+#define RDMA_UAR_BAR_IDX 2
+#define RDMA_BAR0_MSIX_SIZE  (16 * 1024)
+#define RDMA_BAR1_REGS_SIZE  256
+#define RDMA_BAR2_UAR_SIZE   (0x1000 * MAX_UCS) /* each uc gets page */
+
+/* MSIX */
+#define RDMA_MAX_INTRS   3
+#define RDMA_MSIX_TABLE  0x
+#define RDMA_MSIX_PBA0x2000
+
+/* Interrupts Vectors */
+#define INTR_VEC_CMD_RING0
+#define INTR_VEC_CMD_ASYNC_EVENTS1
+#define INTR_VEC_CMD_COMPLETION_Q2
+
+/* HW attributes */
+#define PVRDMA_HW_NAME   "pvrdma"
+#define PVRDMA_HW_VERSION17
+#define PVRDMA_FW_VERSION14
+
+typedef struct DSRInfo {
+dma_addr_t dma;
+struct pvrdma_device_shared_region *dsr;
+
+union pvrdma_cmd_req *req;
+union pvrdma_cmd_resp *rsp;
+
+struct pvrdma_ring *async_ring_state;
+PvrdmaRing async;
+
+struct pvrdma_ring *cq_ring_state;
+PvrdmaRing cq;
+} DSRInfo;
+
+typedef struct PVRDMADev {
+PCIDevice parent_obj;
+MemoryRegion msix;
+MemoryRegion regs;
+uint32_t regs_data[RDMA_BAR1_REGS_SIZE];
+MemoryRegion uar;
+uint32_t uar_data[RDMA_BAR2_UAR_SIZE];
+DSRInfo dsr_info;
+int interrupt_mask;
+struct ibv_device_attr dev_attr;
+uint64_t node_guid;
+char *backend_device_name;
+uint8_t backend_gid_idx;
+uint8_t backend_port_num;
+RdmaBackendDev backend_dev;
+RdmaDeviceResources rdma_dev_res;
+} PVRDMADev;
+#define PVRDMA_DEV(dev) OBJECT_CHECK(PVRDMADev, (dev), PVRDMA_HW_NAME)
+
+static inline int get_reg_val(PVRDMADev *dev, hwaddr addr, uint32_t *val)
+{
+int idx = addr >> 2;
+
+if (idx > RDMA_BAR1_REGS_SIZE) {
+return -EINVAL;
+}
+
+*val = dev->regs_data[idx];
+
+return 0;
+}
+
+static inline int set_reg_val(PVRDMADev *dev, hwaddr addr, uint32_t val)
+{
+int idx = addr >> 2;
+
+if (idx > RDMA_BAR1_REGS_SIZE) {
+return -EINVAL;
+}
+
+dev->regs_data[idx] = val;
+
+return 0;
+}
+
+static inline void post_interrupt(PVRDMADev *dev, unsigned vector)
+{
+PCIDevice *pci_dev = PCI_DEVICE(dev);
+
+if (likely(!dev->interrupt_mask)) {
+msix_notify(pci_dev, vector);
+}
+}
+
+int execute_command(PVRDMADev *dev);
+
+#endif
diff --git a/hw/rdma/vmw/pvrdma_cmd.c b/hw/rdma/vmw/pvrdma_cmd.c
new file mode 100644
index 00..293dfed29f
--- /dev/null
+++ b/hw/rdma/vmw/pvrdma_cmd.c
@@ -0,0 +1,673 @@
+/*
+ * QEMU paravirtual RDMA - Command channel
+ *
+ * Copyright (C) 2018 Oracle
+ * Copyright (C) 2018 Red Hat Inc
+ *
+ * Authors:
+ * Yuval Shaia 
+ * Marcel Apfelbaum 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level

[Qemu-devel] [PATCH V11 10/10] MAINTAINERS: add entry for hw/rdma

2018-02-14 Thread Marcel Apfelbaum 
Signed-off-by: Marcel Apfelbaum 
Signed-off-by: Yuval Shaia 
---
 MAINTAINERS | 8 
 1 file changed, 8 insertions(+)

diff --git a/MAINTAINERS b/MAINTAINERS
index 57358a08e2..6e7adad1df 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -2034,6 +2034,14 @@ F: block/replication.c
 F: tests/test-replication.c
 F: docs/block-replication.txt
 
+PVRDMA
+M: Yuval Shaia 
+M: Marcel Apfelbaum 
+S: Maintained
+F: hw/rdma/*
+F: hw/rdma/vmw/*
+F: docs/pvrdma.txt
+
 Build and test automation
 -
 Build and test automation
-- 
2.13.5

[Qemu-devel] [PATCH V11 06/10] hw/rdma: Definitions for rdma device and rdma resource manager

2018-02-14 Thread Marcel Apfelbaum 
From: Yuval Shaia 

Definition of various structures and constants used in backend and
resource manager modules.

Reviewed-by: Dotan Barak 
Reviewed-by: Zhu Yanjun 
Signed-off-by: Yuval Shaia 
Signed-off-by: Marcel Apfelbaum 
---
 hw/rdma/rdma_backend_defs.h |  62 ++
 hw/rdma/rdma_rm_defs.h  | 104 
 2 files changed, 166 insertions(+)
 create mode 100644 hw/rdma/rdma_backend_defs.h
 create mode 100644 hw/rdma/rdma_rm_defs.h

diff --git a/hw/rdma/rdma_backend_defs.h b/hw/rdma/rdma_backend_defs.h
new file mode 100644
index 00..837e32419c
--- /dev/null
+++ b/hw/rdma/rdma_backend_defs.h
@@ -0,0 +1,62 @@
+/*
+ *  RDMA device: Definitions of Backend Device structures
+ *
+ * Copyright (C) 2018 Oracle
+ * Copyright (C) 2018 Red Hat Inc
+ *
+ * Authors:
+ * Yuval Shaia 
+ * Marcel Apfelbaum 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#ifndef RDMA_BACKEND_DEFS_H
+#define RDMA_BACKEND_DEFS_H
+
+#include 
+#include 
+
+typedef struct RdmaDeviceResources RdmaDeviceResources;
+
+typedef struct RdmaBackendThread {
+QemuThread thread;
+QemuMutex mutex;
+bool run;
+} RdmaBackendThread;
+
+typedef struct RdmaBackendDev {
+struct ibv_device_attr dev_attr;
+RdmaBackendThread comp_thread;
+union ibv_gid gid;
+PCIDevice *dev;
+RdmaDeviceResources *rdma_dev_res;
+struct ibv_device *ib_dev;
+struct ibv_context *context;
+struct ibv_comp_channel *channel;
+uint8_t port_num;
+uint8_t backend_gid_idx;
+} RdmaBackendDev;
+
+typedef struct RdmaBackendPD {
+struct ibv_pd *ibpd;
+} RdmaBackendPD;
+
+typedef struct RdmaBackendMR {
+struct ibv_pd *ibpd;
+struct ibv_mr *ibmr;
+} RdmaBackendMR;
+
+typedef struct RdmaBackendCQ {
+RdmaBackendDev *backend_dev;
+struct ibv_cq *ibcq;
+} RdmaBackendCQ;
+
+typedef struct RdmaBackendQP {
+struct ibv_pd *ibpd;
+struct ibv_qp *ibqp;
+} RdmaBackendQP;
+
+#endif
diff --git a/hw/rdma/rdma_rm_defs.h b/hw/rdma/rdma_rm_defs.h
new file mode 100644
index 00..6522dca68f
--- /dev/null
+++ b/hw/rdma/rdma_rm_defs.h
@@ -0,0 +1,104 @@
+/*
+ * RDMA device: Definitions of Resource Manager structures
+ *
+ * Copyright (C) 2018 Oracle
+ * Copyright (C) 2018 Red Hat Inc
+ *
+ * Authors:
+ * Yuval Shaia 
+ * Marcel Apfelbaum 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#ifndef RDMA_RM_DEFS_H
+#define RDMA_RM_DEFS_H
+
+#include "rdma_backend_defs.h"
+
+#define MAX_PORTS 1
+#define MAX_PORT_GIDS 1
+#define MAX_PORT_PKEYS1
+#define MAX_PKEYS 1
+#define MAX_GIDS  2048
+#define MAX_UCS   512
+#define MAX_MR_SIZE   (1UL << 27)
+#define MAX_QP1024
+#define MAX_SGE   4
+#define MAX_CQ2048
+#define MAX_MR1024
+#define MAX_PD1024
+#define MAX_QP_RD_ATOM16
+#define MAX_QP_INIT_RD_ATOM   16
+#define MAX_AH64
+
+#define MAX_RMRESTBL_NAME_SZ 16
+typedef struct RdmaRmResTbl {
+char name[MAX_RMRESTBL_NAME_SZ];
+QemuMutex lock;
+unsigned long *bitmap;
+size_t tbl_sz;
+size_t res_sz;
+void *tbl;
+} RdmaRmResTbl;
+
+typedef struct RdmaRmPD {
+RdmaBackendPD backend_pd;
+uint32_t ctx_handle;
+} RdmaRmPD;
+
+typedef struct RdmaRmCQ {
+RdmaBackendCQ backend_cq;
+void *opaque;
+bool notify;
+} RdmaRmCQ;
+
+typedef struct RdmaRmUserMR {
+uint64_t host_virt;
+uint64_t guest_start;
+size_t length;
+} RdmaRmUserMR;
+
+/* MR (DMA region) */
+typedef struct RdmaRmMR {
+RdmaBackendMR backend_mr;
+RdmaRmUserMR user_mr;
+uint32_t pd_handle;
+uint32_t lkey;
+uint32_t rkey;
+} RdmaRmMR;
+
+typedef struct RdmaRmUC {
+uint64_t uc_handle;
+} RdmaRmUC;
+
+typedef struct RdmaRmQP {
+RdmaBackendQP backend_qp;
+void *opaque;
+uint32_t qp_type;
+uint32_t qpn;
+uint32_t send_cq_handle;
+uint32_t recv_cq_handle;
+enum ibv_qp_state qp_state;
+} RdmaRmQP;
+
+typedef struct RdmaRmPort {
+union ibv_gid gid_tbl[MAX_PORT_GIDS];
+enum ibv_port_state state;
+int *pkey_tbl; /* TODO: Not yet supported */
+} RdmaRmPort;
+
+typedef struct RdmaDeviceResources {
+RdmaRmPort ports[MAX_PORTS];
+RdmaRmResTbl pd_tbl;
+RdmaRmResTbl mr_tbl;
+RdmaRmResTbl uc_tbl;
+RdmaRmResTbl qp_tbl;
+RdmaRmResTbl cq_tbl;
+RdmaRmResTbl cqe_ctx_tbl;
+GHashTable *qp_hash; /* Keeps mapping between real and emulated */
+} RdmaDeviceResources;
+
+#endif
-- 
2.13.5

[Qemu-devel] [PATCH V11 00/10] hw/pvrdma: PVRDMA device implementation

2018-02-14 Thread Marcel Apfelbaum 
V10 -> V11:
 - Addressed Michael S. Tsirkin comments:
- Split the standard-headers patch in two, one dealing with the
  update-linux-headers script while the other adds the imported headers.
- Add comments to the update-linux-headers script explaining
  the sed transformations.
  - Added Zhu Yanjun's R-B tags (rdma patches review -- Thanks!) 
  - Added Gal Hammer's R-B tag  (update-linux-headers patch review (Thanks!)
  - Rebased on latest master

V9 -> V10:
 - Addressed Peter Maydell's comments:
   - Modified license to "version 2 or any later version"
   - Added license comment on top of code files
   - Move the kernel headers to "standard-headers" and modified
 the update-linux-headers script to import them and update
 the types for QEMU. (this patch has no R-B tag, maybe someone can
 have a look, I am not sure who can review it)
   - Got an R-B from Eduardo on memory-ram-backend patch (thanks!)
   - Split the pvrdma implementation patch into 6 patches,
 preserving Dotan Barak R-B since no semantic changes were made,
 only a mechanical split.
 - Rebased on latest master

V8 -> V9:
 - Addressed Dotan Barak's (offline) comments:
   - use g_malloc instead of malloc
   - re-arrange structs for better padding
   - some cosmetic changes
   - do not try to fetch CQE when CQ is going down
   - init state of QP changed to RESET
   - modify poll_cq
   - add fix to qkey handling so now qkey=0 is also supported
   - add validation to gid_index
   - fix memory leak with ah_key ref
 - Addressed Eduardo Habkost comments:
   - Add the mem-backed-ram "share" option to qemu-options.hx.
 - Rebased on latest master

V7 -> V8:
 - Addressed Michael S. Tsirkin comments:
   - fail to init the pvrdma device if target page size is different
 from the host size, or if the guest RAM is not backed by memory
 and shared.
   - Update documentation to include a note on huge memory regions
 registration and remove not needed info.
 - Removed "pci/shpc: Move function to generic header file" since it
   appears in latest maintainer pull request
 - Rebased on master

V6 -> V7:
 - Addressed Philippe Mathieu-Daudé comments
   - modified pow2roundup32 signature
   - added his RB tag (thanks)
 - Addressed Corenlia Huck comments:
   - Compiled the pvrdma for all archs and not only x86/arm (thanks)
   - Fixed typo in documentation
 - Rebased on latest master

V5 -> V6:
 - Found a ppc machine and solved ppc compilation issues
 - Tried to fix the s390x issue (still looking of a machine)

V4 -> V5:
 - Fixed (at least tried to) compilation issues

V3 -> V4:
 - Fixed documentation (added more impl details)
 - Fixed compilation errors discovered by patchew.
 - Addressed Michael S. Tsirkin comments:
   - Removed unnecessary typedefs and replace them with
 macros in VMware header files, together with explanations.
   - Moved more code from vmw specific to rdma generic code.
   - Added page size limitations to the documentation.

V2 -> V3:
 - Addressed Michael S. Tsirkin and Philippe Mathieu-Daudé comments:
   - Moved the device to hw/rdma
 - Addressed Michael S. Tsirkin comments:
   - Split the code into generic (hw/rdma) and VMWare
 specific (hw/rdma/vmw)
   - Added more details to documentation - VMware guest-host protocol.
   - Remove mad processing
   - limited the memory the Guest can pin.
 - Addressed Philippe Mathieu-Daudé comment:
   - s/roundup_pow_of_two/pow2roundup32 and move it to qemu/host-utils.h 
 - Added Shamit Rabinovici's review to documentation
 - Rebased to latest master 

RFC -> V2:
 - Full implementation of the pvrdma device
 - Backend is an ibdevice interface, no need for the KDBR module


General description
===
PVRDMA is the QEMU implementation of VMware's paravirtualized RDMA device.
It works with its Linux Kernel driver AS IS, no need for any special guest
modifications.

While it complies with the VMware device, it can also communicate with bare
metal RDMA-enabled machines and does not require an RDMA HCA in the host, it
can work with Soft-RoCE (rxe).

It does not require the whole guest RAM to be pinned allowing memory
over-commit and, even if not implemented yet, migration support will be
possible with some HW assistance.


 Design
 ==
 - Follows the behavior of VMware's pvrdma device, however is not tightly
   coupled with it and most of the code can be reused if we decide to
   continue to a Virtio based RDMA device.

 - It exposes 3 BARs:
BAR 0 - MSIX, utilize 3 vectors for command ring, async events and
completions
BAR 1 - Configuration of registers
BAR 2 - UAR, used to pass HW commands from driver.

 - The device performs internal management of the RDMA
   resources (PDs, CQs, QPs, ...), meaning the objects
   are not directly coupled to a physical RDMA device resources.

The pvrdma backend is an ibdevice interface that can be exposed
either by a Soft-RoCE(rxe) device on machines with no RDMA device,
or an HCA SRIOV

[Qemu-devel] [PATCH V11 07/10] hw/rdma: Implementation of generic rdma device layers

2018-02-14 Thread Marcel Apfelbaum 
From: Yuval Shaia 

This layer is composed of two sub-modules, backend and resource manager.
Backend sub-module is responsible for all the interaction with IB layers
such as ibverbs and umad (external libraries).
Resource manager is a collection of functions and structures to manage
RDMA resources such as QPs, CQs and MRs.

Reviewed-by: Dotan Barak 
Reviewed-by: Zhu Yanjun 
Signed-off-by: Yuval Shaia 
Signed-off-by: Marcel Apfelbaum 
---
 Makefile.objs  |   1 +
 configure  |   9 +-
 hw/rdma/Makefile.objs  |   2 +-
 hw/rdma/rdma_backend.c | 818 +
 hw/rdma/rdma_backend.h |  98 ++
 hw/rdma/rdma_rm.c  | 544 
 hw/rdma/rdma_rm.h  |  69 +
 hw/rdma/trace-events   |   5 +
 8 files changed, 1541 insertions(+), 5 deletions(-)
 create mode 100644 hw/rdma/rdma_backend.c
 create mode 100644 hw/rdma/rdma_backend.h
 create mode 100644 hw/rdma/rdma_rm.c
 create mode 100644 hw/rdma/rdma_rm.h
 create mode 100644 hw/rdma/trace-events

diff --git a/Makefile.objs b/Makefile.objs
index 2efba6d768..f3a3d28304 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -130,6 +130,7 @@ trace-events-subdirs += hw/block/dataplane
 trace-events-subdirs += hw/char
 trace-events-subdirs += hw/intc
 trace-events-subdirs += hw/net
+trace-events-subdirs += hw/rdma
 trace-events-subdirs += hw/virtio
 trace-events-subdirs += hw/audio
 trace-events-subdirs += hw/misc
diff --git a/configure b/configure
index 913e14839d..ed45a3c4dd 100755
--- a/configure
+++ b/configure
@@ -1572,7 +1572,7 @@ disabled with --disable-FEATURE, default is enabled if 
available:
   hax HAX acceleration support
   hvf Hypervisor.framework acceleration support
   whpxWindows Hypervisor Platform acceleration support
-  rdmaRDMA-based migration support
+  rdmaEnable RDMA-based migration and PVRDMA support
   vde support for vde network
   netmap  support for netmap network
   linux-aio   Linux AIO support
@@ -2923,15 +2923,16 @@ if test "$rdma" != "no" ; then
 #include 
 int main(void) { return 0; }
 EOF
-  rdma_libs="-lrdmacm -libverbs"
+  rdma_libs="-lrdmacm -libverbs -libumad"
   if compile_prog "" "$rdma_libs" ; then
 rdma="yes"
+libs_softmmu="$libs_softmmu $rdma_libs"
   else
 if test "$rdma" = "yes" ; then
 error_exit \
-" OpenFabrics librdmacm/libibverbs not present." \
+" OpenFabrics librdmacm/libibverbs/libibumad not present." \
 " Your options:" \
-"  (1) Fast: Install infiniband packages from your distro." \
+"  (1) Fast: Install infiniband packages (devel) from your 
distro." \
 "  (2) Cleanest: Install libraries from www.openfabrics.org" \
 "  (3) Also: Install softiwarp if you don't have RDMA hardware"
 fi
diff --git a/hw/rdma/Makefile.objs b/hw/rdma/Makefile.objs
index cdffe4a9a3..6a59bf0d5b 100644
--- a/hw/rdma/Makefile.objs
+++ b/hw/rdma/Makefile.objs
@@ -1,3 +1,3 @@
 ifeq ($(CONFIG_RDMA),y)
-obj-$(CONFIG_PCI) += rdma_utils.o
+obj-$(CONFIG_PCI) += rdma_utils.o rdma_backend.o rdma_rm.o
 endif
diff --git a/hw/rdma/rdma_backend.c b/hw/rdma/rdma_backend.c
new file mode 100644
index 00..e306fba534
--- /dev/null
+++ b/hw/rdma/rdma_backend.c
@@ -0,0 +1,818 @@
+/*
+ * QEMU paravirtual RDMA - Generic RDMA backend
+ *
+ * Copyright (C) 2018 Oracle
+ * Copyright (C) 2018 Red Hat Inc
+ *
+ * Authors:
+ * Yuval Shaia 
+ * Marcel Apfelbaum 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include 
+#include 
+#include 
+
+#include 
+
+#include "trace.h"
+#include "rdma_utils.h"
+#include "rdma_rm.h"
+#include "rdma_backend.h"
+
+/* Vendor Errors */
+#define VENDOR_ERR_FAIL_BACKEND 0x201
+#define VENDOR_ERR_TOO_MANY_SGES0x202
+#define VENDOR_ERR_NOMEM0x203
+#define VENDOR_ERR_QP0  0x204
+#define VENDOR_ERR_NO_SGE   0x205
+#define VENDOR_ERR_MAD_SEND 0x206
+#define VENDOR_ERR_INVLKEY  0x207
+#define VENDOR_ERR_MR_SMALL 0x208
+
+#define THR_NAME_LEN 16
+
+typedef struct BackendCtx {
+uint64_t req_id;
+void *up_ctx;
+bool is_tx_req;
+} BackendCtx;
+
+static void (*comp_handler)(int status, unsigned int vendor_err, void *ctx);
+
+static void dummy_comp_handler(int status, unsigned int vendor_err, void *ctx)
+{
+pr_err("No completion handler is registered\n");
+}
+
+static void poll_cq(RdmaDeviceResources *rdma_dev_res, struct ibv_cq *ibcq)
+{
+int i, ne;
+BackendCtx *bctx;
+struct ibv_wc wc[2];
+
+pr_dbg("Entering poll_cq loop on cq %p\n", ibcq);
+do {
+ne = ibv_poll_cq(ibcq, ARRAY_SIZE(wc), wc);
+
+

  1   2   3   >