Re: [Qemu-devel] [PATCH v5 04/14] qapi: Adjust names of implicit types

[Markus Armbruster]

Eric Blake  writes:

> On 03/10/2016 06:39 AM, Markus Armbruster wrote:
>> Eric Blake  writes:
>> 
>>> The original choice of ':obj-' as the prefix for implicit types
>>> made it obvious that we weren't going to clash with any user-defined
>>> names.  But now we want to create structs for implicit types.
>> 
>> Why?  I know, but the commit message should still give a hint.  Perhaps:
>> "to get rid of special cases in the generators"?
>> 
>>>We
>>> could transliterate ':' to '_', except that C99 says that a leading
>>> underscore and lower-case letter should be used only for file scope
>>> identifiers, while we would be exposing it in qapi-types.h.  So it's
>> 
>> Misunderstanding!  When the standard says "identifiers that X are
>> reserved for Y use", it reserves these identifiers for itself and the
>> implementation.  You shouldn't use them for Y then.
>> 
>> Suggest to simply quote the standard instead of interpreting it:
>> ... except that C99 mandates that "identifiers that begin with an
>> underscore are always reserved for use as identifiers with file scope in
>> both the ordinary and tag name spaces"
>
> Both those changes sound fine.
>
>> 
>>> time to change our naming convention; we can instead use the 'q_'
>>> prefix that we reserved for ourselves back in commit 9fb081e0.  As
>>> long as we don't declare 'empty' or 'obj' ticklish, it shouldn't
>>> clash with c_name() prepending 'q_' to the user's ticklish names.
>> 
>> Do we really want to rename :empty?  We're not going to generate C for
>> it, are we?
>
> No, but it was easier to implement .is_implicit() as
> "name.startswith('q_')" than as "name == ':empty' or
> name.startswith('q_obj')".  I can stick with :empty if you want a
> respin, though.

You avoid complicating .is_implicit() slightly, and you pay for that
with a bit of patch churn elsewhere.  Sounds justified.

Is ':empty' the last use of the ':' prefix?

General maxims:

1. Keep the generator simple while generating something reasonable.  No
need to overcomplicate things when we can rely on the optimizer to do
its job.  Keeping headers lean is worth more complexity than keeping .c
files lean, because headers get compiled much, much more.

2. When all else is equal, avoid patch churn.

[Qemu-devel] [PATCH] input-linux: switch over to -object

[Gerd Hoffmann]

This patches makes input-linux use -object instead a new command line
switch.  So, instead of the switch ...

-input-linux /dev/input/event$nr

... you must create an object this way:

-object input-linux,id=$name,evdev=/dev/input/event$nr

Bonus is that you can hot-add and hot-remove them via monitor now.

Suggested-by: Paolo Bonzini 
Signed-off-by: Gerd Hoffmann 
---
 qemu-options.hx  |   9 
 ui/input-linux.c | 158 +++
 vl.c |  10 
 3 files changed, 123 insertions(+), 54 deletions(-)

diff --git a/qemu-options.hx b/qemu-options.hx
index 0cf7bb9..2b3ed86 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -1226,15 +1226,6 @@ STEXI
 Set the initial graphical resolution and depth (PPC, SPARC only).
 ETEXI
 
-DEF("input-linux", 1, QEMU_OPTION_input_linux,
-"-input-linux \n"
-"Use input device.\n", QEMU_ARCH_ALL)
-STEXI
-@item -input-linux @var{dev}
-@findex -input-linux
-Use input device.
-ETEXI
-
 DEF("vnc", HAS_ARG, QEMU_OPTION_vnc ,
 "-vnc displaystart a VNC server on display\n", QEMU_ARCH_ALL)
 STEXI
diff --git a/ui/input-linux.c b/ui/input-linux.c
index 0bc0405..59d9348 100644
--- a/ui/input-linux.c
+++ b/ui/input-linux.c
@@ -10,6 +10,7 @@
 #include "qemu/sockets.h"
 #include "sysemu/sysemu.h"
 #include "ui/input.h"
+#include "qom/object_interfaces.h"
 
 #include 
 #include "standard-headers/linux/input.h"
@@ -127,10 +128,21 @@ static int qemu_input_linux_to_qcode(unsigned int lnx)
 return linux_to_qcode[lnx];
 }
 
+#define TYPE_INPUT_LINUX "input-linux"
+#define INPUT_LINUX(obj) \
+OBJECT_CHECK(InputLinux, (obj), TYPE_INPUT_LINUX)
+#define INPUT_LINUX_GET_CLASS(obj) \
+OBJECT_GET_CLASS(InputLinuxClass, (obj), TYPE_INPUT_LINUX)
+#define INPUT_LINUX_CLASS(klass) \
+OBJECT_CLASS_CHECK(InputLinuxClass, (klass), TYPE_INPUT_LINUX)
+
 typedef struct InputLinux InputLinux;
+typedef struct InputLinuxClass InputLinuxClass;
 
 struct InputLinux {
-const char  *evdev;
+Object parent;
+
+char*evdev;
 int fd;
 boolrepeat;
 boolgrab_request;
@@ -139,9 +151,14 @@ struct InputLinux {
 boolkeydown[KEY_CNT];
 int keycount;
 int wheel;
+boolinitialized;
 QTAILQ_ENTRY(InputLinux) next;
 };
 
+struct InputLinuxClass {
+ObjectClass parent_class;
+};
+
 static QTAILQ_HEAD(, InputLinux) inputs = QTAILQ_HEAD_INITIALIZER(inputs);
 
 static void input_linux_toggle_grab(InputLinux *il)
@@ -309,25 +326,21 @@ static void input_linux_event_mouse(void *opaque)
 }
 }
 
-int input_linux_init(void *opaque, QemuOpts *opts, Error **errp)
+static void input_linux_complete(UserCreatable *uc, Error **errp)
 {
-InputLinux *il = g_new0(InputLinux, 1);
+InputLinux *il = INPUT_LINUX(uc);
 uint32_t evtmap;
 int rc, ver;
 
-il->evdev = qemu_opt_get(opts, "evdev");
-il->grab_all = qemu_opt_get_bool(opts, "grab-all", false);
-il->repeat = qemu_opt_get_bool(opts, "repeat", false);
-
 if (!il->evdev) {
 error_setg(errp, "no input device specified");
-goto err_free;
+return;
 }
 
 il->fd = open(il->evdev, O_RDWR);
 if (il->fd < 0)  {
 error_setg_file_open(errp, errno, il->evdev);
-goto err_free;
+return;
 }
 qemu_set_nonblock(il->fd);
 
@@ -356,36 +369,111 @@ int input_linux_init(void *opaque, QemuOpts *opts, Error 
**errp)
 }
 input_linux_toggle_grab(il);
 QTAILQ_INSERT_TAIL(, il, next);
-return 0;
+il->initialized = true;
+return;
 
 err_close:
 close(il->fd);
-err_free:
-g_free(il);
-return -1;
-}
-
-static QemuOptsList qemu_input_linux_opts = {
-.name = "input-linux",
-.head = QTAILQ_HEAD_INITIALIZER(qemu_input_linux_opts.head),
-.implied_opt_name = "evdev",
-.desc = {
-{
-.name = "evdev",
-.type = QEMU_OPT_STRING,
-},{
-.name = "grab-all",
-.type = QEMU_OPT_BOOL,
-},{
-.name = "repeat",
-.type = QEMU_OPT_BOOL,
-},
-{ /* end of list */ }
-},
+return;
+}
+
+static void input_linux_instance_finalize(Object *obj)
+{
+InputLinux *il = INPUT_LINUX(obj);
+
+if (il->initialized) {
+QTAILQ_REMOVE(, il, next);
+close(il->fd);
+}
+g_free(il->evdev);
+}
+
+static char *input_linux_get_evdev(Object *obj, Error **errp)
+{
+InputLinux *il = INPUT_LINUX(obj);
+
+return g_strdup(il->evdev);
+}
+
+static void input_linux_set_evdev(Object *obj, const char *value,
+  Error **errp)
+{
+InputLinux *il = INPUT_LINUX(obj);
+
+if (il->evdev) {
+error_setg(errp, "evdev property already set");
+return;
+}
+il->evdev = g_strdup(value);
+}
+
+static bool input_linux_get_grab_all(Object *obj, Error **errp)
+{
+InputLinux 

Re: [Qemu-devel] [PATCH] Introduce "xen-load-devices-state"

[Markus Armbruster]

Eric Blake  writes:

> On 03/10/2016 03:23 AM, Changlong Xie wrote:
[...]
>> +++ b/qapi-schema.json
>> @@ -4122,3 +4122,21 @@
>>  ##
>>  { 'enum': 'ReplayMode',
>>'data': [ 'none', 'record', 'play' ] }
>> +
>> +##
>> +# @xen-load-devices-state:
>> +#
>> +# Load the state of all devices from file. The RAM and the block devices
>> +# of the VM are not loaded by this command.
>> +#
>> +# @filename: the file to load the state of the devices from as binary
>> +# data. See xen-save-devices-state.txt for a description of the binary
>> +# format.
>> +#
>> +# Returns: Nothing on success
>> +#  If @filename cannot be opened, OpenFileFailed
>> +#  If an I/O error occurs while reading the file, IOError
>
> Drop the whole Returns: paragraph.  We have very few distinguished error
> categories, and you are not using anything other than a generic error
> category here (that is, OpenFileFailed and IOError are NOT valid QMP
> error categories).

I have a patch in my tree that cleans up the remaining bad examples.

[...]

Re: [Qemu-devel] [PATCH 1/2] i386: Prepare for interrupt remapping

[Jan Kiszka]

Hi Peter,

On 2016-03-10 06:18, Peter Xu wrote:
> Hi, Jan/Rita,
> 
> Have not gone deeper... Got several comments and questions inline.
> 
> On Wed, Mar 09, 2016 at 12:58:41AM +0530, Rita Sinha wrote:
> 
> [...]
> 
>> +static AddressSpace *get_dma_address_space(void)
>> +{
>> +return _MACHINE(qdev_get_machine())->dma_address_space;
>> +}
>> +
>>  /* Given the reg addr of both the message data and address, generate an
>>   * interrupt via MSI.
>>   */
>> @@ -282,7 +288,7 @@ static void vtd_generate_interrupt(IntelIOMMUState *s, 
>> hwaddr mesg_addr_reg,
>>  data = vtd_get_long_raw(s, mesg_data_reg);
>>  
>>  VTD_DPRINTF(FLOG, "msi: addr 0x%"PRIx64 " data 0x%"PRIx32, addr, data);
>> -address_space_stl_le(_space_memory, addr, data,
>> +address_space_stl_le(get_dma_address_space(), addr, data,
>>   MEMTXATTRS_UNSPECIFIED, NULL);
>>  }
> 
> Would this work? AFAIU, IOMMU generated fault interrupts does not
> need any translation at all.

get_dma_address_space() returns the native one, untranslated. If you
look at the succeeding patch, we replace the address spaces of those
devices that are under IOMMU control. And the IOMMU continues to use
this one.

> 
> One more question about the design itself: I see that one new AS is
> created for DMA address space named dma_address_space. Could you
> help explain why we need this? I am still naive on QEMU memory, what
> I feel is that, current memory framework can work nicely without
> this extra address space, using existing address translation
> mechanisms, like the implementation in the following patch:
> 
> https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg04393.html
> 
> With the new address space, we will need more loops when doing
> memory address translation for IR (in address_space_translate()). 

At the time of designing this (about 1.5 years ago), there were no
memory region attributes yet. So the per device address spaces also
helped with identifying MSI request sources. Of course, they also helped
with modelling which devices get remapped and which not. We need to
rethink this now, in the light of memory region attributes.

> 
>>  
>> @@ -496,7 +502,7 @@ static int vtd_get_root_entry(IntelIOMMUState *s, 
>> uint8_t index,
>>  dma_addr_t addr;
>>  
>>  addr = s->root + index * sizeof(*re);
>> -if (dma_memory_read(_space_memory, addr, re, sizeof(*re))) {
>> +if (dma_memory_read(get_dma_address_space(), addr, re, sizeof(*re))) {
> 
> For memory reads from IOMMU, I suppose we do not need translation as
> well? I think this should work though, IMHO is because you did not
> implement read() op for int_remap_as.  So, this read will fall
> through to system address space finally, just like what happened
> before this change.
> 
>>  VTD_DPRINTF(GENERAL, "error: fail to access root-entry at 0x%"PRIx64
>>  " + %"PRIu8, s->root, index);
>>  re->val = 0;
>> @@ -521,7 +527,7 @@ static int vtd_get_context_entry_from_root(VTDRootEntry 
>> *root, uint8_t index,
>>  return -VTD_FR_ROOT_ENTRY_P;
>>  }
>>  addr = (root->val & VTD_ROOT_ENTRY_CTP) + index * sizeof(*ce);
>> -if (dma_memory_read(_space_memory, addr, ce, sizeof(*ce))) {
>> +if (dma_memory_read(get_dma_address_space(), addr, ce, sizeof(*ce))) {
> 
> Same as above. Will skip all similiar ones.
> 
> [...]
> 
>>  static void kvm_apic_reset(APICCommonState *s)
>> @@ -182,8 +186,10 @@ static void kvm_apic_realize(DeviceState *dev, Error 
>> **errp)
>>  {
>>  APICCommonState *s = APIC_COMMON(dev);
>>  
>> -memory_region_init_io(>io_memory, NULL, _apic_io_ops, s, 
>> "kvm-apic-msi",
>> -  APIC_SPACE_SIZE);
>> +memory_region_init(>io_memory, NULL, "kvm-apic", APIC_SPACE_SIZE);
>> +
>> +memory_region_init_io(>msi_region, NULL, _msi_region_ops, NULL,
>> +  "kvm-msi", MSI_REGION_SIZE);
> 
> I do not quite understand why we need to have two MRs. Could you
> help explain too?

MSI requests from the devices have nothing to do with APIC access from
the CPUs - two different sources, two different target (a CPU can't
trigger MSIs, and devices can't access the APICs). This is currently
mangled due to past limitations of QEMU, and that should be cleaned up
eventually. E.g. by introducing a DMA address spaces.

Jan

-- 
Siemens AG, Corporate Technology, CT RDA ITP SES-DE
Corporate Competence Center Embedded Linux

Re: [Qemu-devel] [PATCH 2/2] i386: Interrupt remapping support for VT-d

[Jan Kiszka]

On 2016-03-10 06:28, Peter Xu wrote:
> On Wed, Mar 09, 2016 at 12:58:17AM +0530, Rita Sinha wrote:
>> From: Jan Kiszka 
>>
>> Still a bit hacky, unconditionally enabled (must become opt-in, not
>> available with in-kernel irqchip), not reporting faults properly - but
>> it works! And revealed a Linux bug [1]
> 
> If the patch is to be merged finally, shall we better add a
> parameter to disable this feature for people do not need this?

Yes, we need a switch. The original IOMMU in the Q35 chipset doesn't
support IR, and already to be emulation-wise precise, we should allow to
user to turn this off (or on).

> Also, shall we make sure:
> 
> - make sure patches' in-reply-to are correct (so that it's in a
>   series, as mentioned by Eric before)
> - remove useless lines like "/* printf(...) */"
> - add one-line subject for each patch (possibly)?
> - ...
> 
> [...]
> 
>> diff --git a/hw/pci-host/q35.c b/hw/pci-host/q35.c
>> index 566e3d8..f7adc8e 100644
>> --- a/hw/pci-host/q35.c
>> +++ b/hw/pci-host/q35.c
>> @@ -431,6 +431,17 @@ static AddressSpace *q35_host_dma_iommu(PCIBus *bus, 
>> void *opaque, int devfn)
>>  assert(0 <= devfn && devfn <= VTD_PCI_DEVFN_MAX);
>>  
>>  vtd_as = vtd_find_add_as(s, bus, devfn);
>> +
>> +memory_region_init_iommu(_as->iommu, OBJECT(s),
>> + >iommu_ops, "intel_iommu", UINT64_MAX);
>> +address_space_init(_as->as,
>> + _as->iommu, "intel_iommu");
>> +memory_region_init_io(_as->int_remap_region, OBJECT(s),
>> + _int_remap_ops, vtd_as,
>> + "intel_int_remap", UINT64_MAX);
>> +address_space_init(_as->int_remap_as,
>> + _as->int_remap_region,
>> + "intel_int_remap");
> 
> One more thing... vtd_as->{as|iommu} should have been inited in
> vtd_find_add_as() already.
> 

Good point. Logical merge artefact.

Jan

-- 
Siemens AG, Corporate Technology, CT RDA ITP SES-DE
Corporate Competence Center Embedded Linux

Re: [Qemu-devel] [PATCH v1] migration: skip sending ram pages released by virtio-balloon driver.

[Li, Liang Z]

> On 3/10/2016 3:19 PM, Roman Kagan wrote:
> > On Fri, Mar 04, 2016 at 02:32:47PM +0530, Jitendra Kolhe wrote:
> >> Even though the pages which are returned to the host by
> >> virtio-balloon driver are zero pages, the migration algorithm will
> >> still end up scanning the entire page ram_find_and_save_block() ->
> >> ram_save_page/ ram_save_compressed_page -> save_zero_page() ->
> >> is_zero_range().  We also end-up sending some control information
> >> over network for these page during migration. This adds to total migration
> time.
> >
> > I wonder if it is the scanning for zeros or sending the whiteout which
> > affects the total migration time more.  If it is the former (as I
> > would
> > expect) then a rather local change to is_zero_range() to make use of
> > the mapping information before scanning would get you all the speedups
> > without protocol changes, interfering with postcopy etc.
> >
> > Roman.
> >
> 
> Localizing the solution to zero page scan check is a good idea. I too agree 
> that
> most of the time is send in scanning for zero page in which case we should be
> able to localize solution to is_zero_range().
> However in case of ballooned out pages (which can be seen as a subset of
> guest zero pages) we also spend a very small portion of total migration time
> in sending the control information, which can be also avoided.
>  From my tests for 16GB idle guest of which 12GB was ballooned out, the
> zero page scan time for 12GB ballooned out pages was ~1789 ms and
> save_page_header + qemu_put_byte(f, 0); for same 12GB ballooned out
> pages was ~556 ms. Total migration time was ~8000 ms

How did you do the tests? ~ 556ms seems too long for putting several bytes to 
the buffer.
It's likely the time you measured contains the portion to processes the other 
4GB guest memory pages.

Liang
 
>  if (is_zero_range(p, TARGET_PAGE_SIZE)) {
>  acct_info.dup_pages++;
>  *bytes_transferred += save_page_header(f, block,
> offset | 
> RAM_SAVE_FLAG_COMPRESS);
>  qemu_put_byte(f, 0);
>  *bytes_transferred += 1;
>  pages = 1;
>  }
> Would moving the solution to save_zero_page() be good enough?
> 
> Thanks,
> - Jitendra

Re: [Qemu-devel] [PATCH] Replacing (and removing) get_ticks_per_sec() function with NANOSECONDS_PER_SECOND Signed-off-by: Rutuja Shah <rutu.shah...@gmail.com>

[rutuja shah]

Thanks Eric. I will keep these points in mind while sending patches.
Regards
Rutuja Shah


On Fri, Mar 11, 2016 at 2:40 AM, Eric Blake  wrote:
> On 03/10/2016 12:30 PM, rutu.shah...@gmail.com wrote:
>> From: Rutuja Shah 
>>
>
> Your commit message body was botched, cramming everything into the
> subject line.  Be sure you have a one-line summary (preferably shorter
> than 60 characters), then a blank line, before the rest of your
> description and S-o-b.  Also, it's good to say "why" in the commit body,
> not just "what".  Something like:
>
> maint: Drop unused get_ticks_per_sec()
>
> Replace the use of get_ticks_per_sec() with NANOSECONDS_PER_SECOND,
> because...
>
> Signed-off-by: Rutuja Shah 
>
> --
> Eric Blake   eblake redhat com+1-919-301-3266
> Libvirt virtualization library http://libvirt.org
>

Re: [Qemu-devel] [PATCH v4 1/5] replay: character devices

[Pavel Dovgalyuk]

> From: Paolo Bonzini [mailto:pbonz...@redhat.com]
> On 10/03/2016 12:55, Pavel Dovgalyuk wrote:
> > gdbstub which also acts as a backend is not recorded to allow controlling
> > the replaying through gdb.
> 
> Perhaps the monitor too?

Right. I'll check that it works.

> Overall the patch is nice and can definitely go in 2.6, but there are a
> couple changes to do...
> 
> > @@ -245,6 +246,9 @@ int qemu_chr_fe_write(CharDriverState *s, const uint8_t 
> > *buf, int len)
> >  qemu_chr_fe_write_log(s, buf, ret);
> >  }
> >
> > +if (s->replay) {
> > +replay_data_int();
> > +}
> 
> I think this is wrong.  The logic should be
> 
> if (replaying) {
>   read event();
>   assert(ret <= len);
>   len = ret;
> }
> 
> qemu_mutex_lock(>chr_write_lock);
> ret = s->chr_write(s, buf, len);
> 
> if (ret > 0) {
> qemu_chr_fe_write_log(s, buf, ret);
> }
> qemu_mutex_unlock(>chr_write_lock);
> 
> if (recording) {
> write event(ret);
> }
> 
> >  qemu_mutex_unlock(>chr_write_lock);
> >  return ret;

In this case return value in record and replay modes may differ
and the behavior of caller won't be deterministic.
E.g.,

static gboolean cadence_uart_xmit(GIOChannel *chan, GIOCondition cond,
  void *opaque)
{
...
ret = qemu_chr_fe_write(s->chr, s->tx_fifo, s->tx_count);
s->tx_count -= ret;
memmove(s->tx_fifo, s->tx_fifo + ret, s->tx_count);
...
}


Pavel Dovgalyuk

Re: [Qemu-devel] [RFC PATCH v2 3/3] VFIO: Type1 IOMMU mapping support for vGPU

[Neo Jia]

On Fri, Mar 11, 2016 at 04:46:23AM +, Tian, Kevin wrote:
> > From: Neo Jia [mailto:c...@nvidia.com]
> > Sent: Friday, March 11, 2016 12:20 PM
> > 
> > On Thu, Mar 10, 2016 at 11:10:10AM +0800, Jike Song wrote:
> > >
> > > >> Is it supposed to be the caller who should set
> > > >> up IOMMU by DMA api such as dma_map_page(), after calling
> > > >> vgpu_dma_do_translate()?
> > > >>
> > > >
> > > > Don't think you need to call dma_map_page here. Once you have the pfn 
> > > > available
> > > > to your GPU kernel driver, you can just go ahead to setup the mapping 
> > > > as you
> > > > normally do such as calling pci_map_sg and its friends.
> > > >
> > >
> > > Technically it's definitely OK to call DMA API from the caller rather 
> > > than here,
> > > however personally I think it is a bit counter-intuitive: IOMMU page 
> > > tables
> > > should be constructed within the VFIO IOMMU driver.
> > >
> > 
> > Hi Jike,
> > 
> > For vGPU, what we have is just a virtual device and a fake IOMMU group, 
> > therefore
> > the actual interaction with the real GPU should be managed by the GPU 
> > vendor driver.
> > 
> 
> Hi, Neo,
> 
> Seems we have a different thought on this. Regardless of whether it's a 
> virtual/physical 
> device, imo, VFIO should manage IOMMU configuration. The only difference is:
> 
> - for physical device, VFIO directly invokes IOMMU API to set IOMMU entry 
> (GPA->HPA);
> - for virtual device, VFIO invokes kernel DMA APIs which indirectly lead to 
> IOMMU entry 
> set if CONFIG_IOMMU is enabled in kernel (GPA->IOVA);

How does it make any sense for us to do a dma_map_page for a physical device 
that we don't 
have any direct interaction with?

> 
> This would provide an unified way to manage the translation in VFIO, and then 
> vendor
> specific driver only needs to query and use returned IOVA corresponding to a 
> GPA. 
> 
> Doing so has another benefit, to make underlying vGPU driver VMM agnostic. 
> For KVM,
> yes we can use pci_map_sg. However for Xen it's different (today Dom0 doesn't 
> see
> IOMMU. In the future there'll be a PVIOMMU implementation) so different code 
> path is 
> required. It's better to abstract such specific knowledge out of vGPU driver, 
> which just
> uses whatever dma_addr returned by other agent (VFIO here, or another Xen 
> specific
> agent) in a centralized way.
> 
> Alex, what's your opinion on this?
> 
> Thanks
> Kevin

Re: [Qemu-devel] [PATCH v1] migration: skip sending ram pages released by virtio-balloon driver.

[Jitendra Kolhe]

On 3/10/2016 3:19 PM, Roman Kagan wrote:

On Fri, Mar 04, 2016 at 02:32:47PM +0530, Jitendra Kolhe wrote:

Even though the pages which are returned to the host by virtio-balloon
driver are zero pages, the migration algorithm will still end up
scanning the entire page ram_find_and_save_block() -> ram_save_page/
ram_save_compressed_page -> save_zero_page() -> is_zero_range().  We
also end-up sending some control information over network for these
page during migration. This adds to total migration time.


I wonder if it is the scanning for zeros or sending the whiteout which
affects the total migration time more.  If it is the former (as I would
expect) then a rather local change to is_zero_range() to make use of the
mapping information before scanning would get you all the speedups
without protocol changes, interfering with postcopy etc.

Roman.



Localizing the solution to zero page scan check is a good idea. I too
agree that most of the time is send in scanning for zero page in which
case we should be able to localize solution to is_zero_range().
However in case of ballooned out pages (which can be seen as a subset
of guest zero pages) we also spend a very small portion of total
migration time in sending the control information, which can be also
avoided.
From my tests for 16GB idle guest of which 12GB was ballooned out, the
zero page scan time for 12GB ballooned out pages was ~1789 ms and
save_page_header + qemu_put_byte(f, 0); for same 12GB ballooned out
pages was ~556 ms. Total migration time was ~8000 ms
if (is_zero_range(p, TARGET_PAGE_SIZE)) {
acct_info.dup_pages++;
*bytes_transferred += save_page_header(f, block,
   offset |
RAM_SAVE_FLAG_COMPRESS);
qemu_put_byte(f, 0);
*bytes_transferred += 1;
pages = 1;
}
Would moving the solution to save_zero_page() be good enough?

Thanks,
- Jitendra

[Qemu-devel] [RFC PATCH v2 8/9] xics, xics_kvm: Handle CPU unplug correctly

[Bharata B Rao]

XICS is setup for each CPU during initialization. Provide a routine
to undo the same when CPU is unplugged. While here, move ss->cs management
into xics from xics_kvm since there is nothing KVM specific in it.
Also ensure xics reset doesn't set irq for CPUs that are already unplugged.

This allows reboot of a VM that has undergone CPU hotplug and unplug
to work correctly.

Signed-off-by: Bharata B Rao 
Reviewed-by: David Gibson 
---
 hw/intc/xics.c| 14 ++
 hw/intc/xics_kvm.c|  8 
 include/hw/ppc/xics.h |  1 +
 3 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/hw/intc/xics.c b/hw/intc/xics.c
index 213a370..9fdb551 100644
--- a/hw/intc/xics.c
+++ b/hw/intc/xics.c
@@ -45,6 +45,18 @@ static int get_cpu_index_by_dt_id(int cpu_dt_id)
 return -1;
 }
 
+void xics_cpu_destroy(XICSState *icp, PowerPCCPU *cpu)
+{
+CPUState *cs = CPU(cpu);
+ICPState *ss = >ss[cs->cpu_index];
+
+assert(cs->cpu_index < icp->nr_servers);
+assert(cs == ss->cs);
+
+ss->output = NULL;
+ss->cs = NULL;
+}
+
 void xics_cpu_setup(XICSState *icp, PowerPCCPU *cpu)
 {
 CPUState *cs = CPU(cpu);
@@ -54,6 +66,8 @@ void xics_cpu_setup(XICSState *icp, PowerPCCPU *cpu)
 
 assert(cs->cpu_index < icp->nr_servers);
 
+ss->cs = cs;
+
 if (info->cpu_setup) {
 info->cpu_setup(icp, cpu);
 }
diff --git a/hw/intc/xics_kvm.c b/hw/intc/xics_kvm.c
index 9fe0667..7aab4a1 100644
--- a/hw/intc/xics_kvm.c
+++ b/hw/intc/xics_kvm.c
@@ -110,8 +110,10 @@ static void icp_kvm_reset(DeviceState *dev)
 icp->pending_priority = 0xff;
 icp->mfrr = 0xff;
 
-/* Make all outputs are deasserted */
-qemu_set_irq(icp->output, 0);
+/* Make all outputs as deasserted only if the CPU thread is in use */
+if (icp->output) {
+qemu_set_irq(icp->output, 0);
+}
 
 icp_set_kvm_state(icp, 1);
 }
@@ -344,8 +346,6 @@ static void xics_kvm_cpu_setup(XICSState *icp, PowerPCCPU 
*cpu)
 if (icpkvm->kernel_xics_fd != -1) {
 int ret;
 
-ss->cs = cs;
-
 ret = kvm_vcpu_enable_cap(cs, KVM_CAP_IRQ_XICS, 0,
   icpkvm->kernel_xics_fd, 
kvm_arch_vcpu_id(cs));
 if (ret < 0) {
diff --git a/include/hw/ppc/xics.h b/include/hw/ppc/xics.h
index f60b06a..9091054 100644
--- a/include/hw/ppc/xics.h
+++ b/include/hw/ppc/xics.h
@@ -167,5 +167,6 @@ int xics_alloc_block(XICSState *icp, int src, int num, bool 
lsi, bool align,
 void xics_free(XICSState *icp, int irq, int num);
 
 void xics_cpu_setup(XICSState *icp, PowerPCCPU *cpu);
+void xics_cpu_destroy(XICSState *icp, PowerPCCPU *cpu);
 
 #endif /* __XICS_H__ */
-- 
2.1.0

[Qemu-devel] [RFC PATCH v2 9/9] spapr: CPU hot unplug support

[Bharata B Rao]

Remove the CPU core device by removing the underlying CPU thread devices.
Hot removal of CPU for sPAPR guests is achieved by sending the hot unplug
notification to the guest. Release the vCPU object after CPU hot unplug so
that vCPU fd can be parked and reused.

Signed-off-by: Bharata B Rao 
---
 hw/ppc/spapr.c  | 21 ++
 hw/ppc/spapr_cpu_core.c | 86 +
 include/hw/ppc/spapr.h  |  1 +
 include/hw/ppc/spapr_cpu_core.h | 12 ++
 4 files changed, 120 insertions(+)

diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 822c87d..b1e9ba2 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -2345,7 +2345,12 @@ static void spapr_machine_device_plug(HotplugHandler 
*hotplug_dev,
 
 spapr_memory_plug(hotplug_dev, dev, node, errp);
 } else if (object_dynamic_cast(OBJECT(dev), TYPE_SPAPR_CPU_CORE)) {
+/*
+ * TODO: Move this check to pre_plug handler at which point
+ * spapr_core_release() won't be necessary.
+ */
 if (!smc->dr_cpu_enabled && dev->hotplugged) {
+spapr_core_release(dev);
 error_setg(errp, "CPU hotplug not supported for this machine");
 return;
 }
@@ -2353,11 +2358,27 @@ static void spapr_machine_device_plug(HotplugHandler 
*hotplug_dev,
 }
 }
 
+void spapr_cpu_destroy(PowerPCCPU *cpu)
+{
+sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
+
+xics_cpu_destroy(spapr->icp, cpu);
+qemu_unregister_reset(spapr_cpu_reset, cpu);
+}
+
 static void spapr_machine_device_unplug(HotplugHandler *hotplug_dev,
   DeviceState *dev, Error **errp)
 {
+sPAPRMachineClass *smc = SPAPR_MACHINE_GET_CLASS(qdev_get_machine());
+
 if (object_dynamic_cast(OBJECT(dev), TYPE_PC_DIMM)) {
 error_setg(errp, "Memory hot unplug not supported by sPAPR");
+} else if (object_dynamic_cast(OBJECT(dev), TYPE_SPAPR_CPU_CORE)) {
+if (!smc->dr_cpu_enabled) {
+error_setg(errp, "CPU hot unplug not supported on this machine");
+return;
+}
+spapr_core_unplug(hotplug_dev, dev, errp);
 }
 }
 
diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c
index db8de32..dd391bd 100644
--- a/hw/ppc/spapr_cpu_core.c
+++ b/hw/ppc/spapr_cpu_core.c
@@ -84,6 +84,92 @@ void spapr_core_plug(HotplugHandler *hotplug_dev, 
DeviceState *dev,
 }
 }
 
+static void spapr_cpu_core_cleanup(struct sPAPRCPUUnplugList *unplug_list)
+{
+sPAPRCPUUnplug *unplug, *next;
+Object *cpu;
+
+QLIST_FOREACH_SAFE(unplug, unplug_list, node, next) {
+cpu = unplug->cpu;
+object_unparent(cpu);
+QLIST_REMOVE(unplug, node);
+g_free(unplug);
+}
+}
+
+static void spapr_add_cpu_to_unplug_list(Object *cpu,
+ struct sPAPRCPUUnplugList 
*unplug_list)
+{
+sPAPRCPUUnplug *unplug = g_malloc(sizeof(*unplug));
+
+unplug->cpu = cpu;
+QLIST_INSERT_HEAD(unplug_list, unplug, node);
+}
+
+static int spapr_cpu_release(Object *obj, void *opaque)
+{
+DeviceState *dev = DEVICE(obj);
+CPUState *cs = CPU(dev);
+PowerPCCPU *cpu = POWERPC_CPU(cs);
+struct sPAPRCPUUnplugList *unplug_list = opaque;
+
+spapr_cpu_destroy(cpu);
+cpu_remove_sync(cs);
+
+/*
+ * We are still walking the core object's children list, and
+ * hence can't cleanup this CPU thread object just yet. Put
+ * it on a list for later removal.
+ */
+spapr_add_cpu_to_unplug_list(obj, unplug_list);
+return 0;
+}
+
+void spapr_core_release(DeviceState *dev)
+{
+struct sPAPRCPUUnplugList unplug_list;
+sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
+sPAPRCPUCore *core = SPAPR_CPU_CORE(OBJECT(dev));
+int core_dt_id = object_property_get_int(OBJECT(dev), "core", NULL);
+int smt = kvmppc_smt_threads();
+
+QLIST_INIT(_list);
+object_child_foreach(OBJECT(dev), spapr_cpu_release, _list);
+spapr_cpu_core_cleanup(_list);
+spapr->cores[core_dt_id / smt] = NULL;
+
+g_free(core->threads);
+}
+
+static void spapr_core_release_unparent(DeviceState *dev, void *opaque)
+{
+spapr_core_release(dev);
+object_unparent(OBJECT(dev));
+}
+
+void spapr_core_unplug(HotplugHandler *hotplug_dev, DeviceState *dev,
+   Error **errp)
+{
+sPAPRCPUCore *core = SPAPR_CPU_CORE(OBJECT(dev));
+PowerPCCPU *cpu = >threads[0];
+int id = ppc_get_vcpu_dt_id(cpu);
+sPAPRDRConnector *drc =
+spapr_dr_connector_by_id(SPAPR_DR_CONNECTOR_TYPE_CPU, id);
+sPAPRDRConnectorClass *drck;
+Error *local_err = NULL;
+
+g_assert(drc);
+
+drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc);
+drck->detach(drc, dev, spapr_core_release_unparent, NULL, _err);
+if (local_err) {
+error_propagate(errp, local_err);
+return;
+}
+
+spapr_hotplug_req_remove_by_index(drc);
+}
+
 static void 

[Qemu-devel] [RFC PATCH v2 7/9] spapr: CPU hotplug support

[Bharata B Rao]

Set up device tree entries for the hotplugged CPU core and use the
exising RTAS event logging infrastructure to send CPU hotplug notification
to the guest.

Signed-off-by: Bharata B Rao 
---
 hw/ppc/spapr.c  | 64 ++
 hw/ppc/spapr_cpu_core.c | 69 +
 hw/ppc/spapr_events.c   |  3 ++
 hw/ppc/spapr_rtas.c | 24 ++
 include/hw/ppc/spapr.h  |  2 ++
 include/hw/ppc/spapr_cpu_core.h |  2 ++
 6 files changed, 164 insertions(+)

diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index cffe8c8..822c87d 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -603,6 +603,18 @@ static void spapr_populate_cpu_dt(CPUState *cs, void *fdt, 
int offset,
 size_t page_sizes_prop_size;
 uint32_t vcpus_per_socket = smp_threads * smp_cores;
 uint32_t pft_size_prop[] = {0, cpu_to_be32(spapr->htab_shift)};
+sPAPRMachineClass *smc = SPAPR_MACHINE_GET_CLASS(qdev_get_machine());
+sPAPRDRConnector *drc;
+sPAPRDRConnectorClass *drck;
+int drc_index;
+
+if (smc->dr_cpu_enabled) {
+drc = spapr_dr_connector_by_id(SPAPR_DR_CONNECTOR_TYPE_CPU, index);
+g_assert(drc);
+drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc);
+drc_index = drck->get_index(drc);
+_FDT((fdt_setprop_cell(fdt, offset, "ibm,my-drc-index", drc_index)));
+}
 
 /* Note: we keep CI large pages off for now because a 64K capable guest
  * provisioned with large pages might otherwise try to map a qemu
@@ -987,6 +999,16 @@ static void spapr_finalize_fdt(sPAPRMachineState *spapr,
 _FDT(spapr_drc_populate_dt(fdt, 0, NULL, SPAPR_DR_CONNECTOR_TYPE_LMB));
 }
 
+if (smc->dr_cpu_enabled) {
+int offset = fdt_path_offset(fdt, "/cpus");
+ret = spapr_drc_populate_dt(fdt, offset, NULL,
+SPAPR_DR_CONNECTOR_TYPE_CPU);
+if (ret < 0) {
+error_report("Couldn't set up CPU DR device tree properties");
+exit(1);
+}
+}
+
 _FDT((fdt_pack(fdt)));
 
 if (fdt_totalsize(fdt) > FDT_MAX_SIZE) {
@@ -1622,6 +1644,8 @@ static void spapr_boot_set(void *opaque, const char 
*boot_device,
 void spapr_cpu_init(sPAPRMachineState *spapr, PowerPCCPU *cpu, Error **errp)
 {
 CPUPPCState *env = >env;
+CPUState *cs = CPU(cpu);
+int i;
 
 /* Set time-base frequency to 512 MHz */
 cpu_ppc_tb_init(env, TIMEBASE_FREQ);
@@ -1646,6 +1670,14 @@ void spapr_cpu_init(sPAPRMachineState *spapr, PowerPCCPU 
*cpu, Error **errp)
 }
 }
 
+/* Set NUMA node for the added CPUs  */
+for (i = 0; i < nb_numa_nodes; i++) {
+if (test_bit(cs->cpu_index, numa_info[i].node_cpu)) {
+cs->numa_node = i;
+break;
+}
+}
+
 xics_cpu_setup(spapr->icp, cpu);
 
 qemu_register_reset(spapr_cpu_reset, cpu);
@@ -1824,6 +1856,11 @@ static void ppc_spapr_init(MachineState *machine)
 
 for (i = 0; i < spapr_max_cores; i++) {
 int core_dt_id = i * smt;
+sPAPRDRConnector *drc =
+spapr_dr_connector_new(OBJECT(spapr),
+   SPAPR_DR_CONNECTOR_TYPE_CPU, 
core_dt_id);
+
+qemu_register_reset(spapr_drc_reset, drc);
 
 if (i < spapr_cores) {
 Object *core  = object_new(TYPE_SPAPR_CPU_CORE);
@@ -2246,6 +2283,27 @@ out:
 error_propagate(errp, local_err);
 }
 
+void *spapr_populate_hotplug_cpu_dt(DeviceState *dev, CPUState *cs,
+int *fdt_offset, sPAPRMachineState *spapr)
+{
+PowerPCCPU *cpu = POWERPC_CPU(cs);
+DeviceClass *dc = DEVICE_GET_CLASS(cs);
+int id = ppc_get_vcpu_dt_id(cpu);
+void *fdt;
+int offset, fdt_size;
+char *nodename;
+
+fdt = create_device_tree(_size);
+nodename = g_strdup_printf("%s@%x", dc->fw_name, id);
+offset = fdt_add_subnode(fdt, 0, nodename);
+
+spapr_populate_cpu_dt(cs, fdt, offset, spapr);
+g_free(nodename);
+
+*fdt_offset = offset;
+return fdt;
+}
+
 static void spapr_machine_device_plug(HotplugHandler *hotplug_dev,
   DeviceState *dev, Error **errp)
 {
@@ -2286,6 +2344,12 @@ static void spapr_machine_device_plug(HotplugHandler 
*hotplug_dev,
 }
 
 spapr_memory_plug(hotplug_dev, dev, node, errp);
+} else if (object_dynamic_cast(OBJECT(dev), TYPE_SPAPR_CPU_CORE)) {
+if (!smc->dr_cpu_enabled && dev->hotplugged) {
+error_setg(errp, "CPU hotplug not supported for this machine");
+return;
+}
+spapr_core_plug(hotplug_dev, dev, errp);
 }
 }
 
diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c
index 8c6d71d..db8de32 100644
--- a/hw/ppc/spapr_cpu_core.c
+++ b/hw/ppc/spapr_cpu_core.c
@@ -15,6 +15,75 @@
 #include 
 #include "target-ppc/kvm_ppc.h"
 
+void spapr_core_plug(HotplugHandler 

[Qemu-devel] [RFC PATCH v2 3/9] cpu: Reclaim vCPU objects

[Bharata B Rao]

From: Gu Zheng 

In order to deal well with the kvm vcpus (which can not be removed without any
protection), we do not close KVM vcpu fd, just record and mark it as stopped
into a list, so that we can reuse it for the appending cpu hot-add request if
possible. It is also the approach that kvm guys suggested:
https://www.mail-archive.com/kvm@vger.kernel.org/msg102839.html

Signed-off-by: Chen Fan 
Signed-off-by: Gu Zheng 
Signed-off-by: Zhu Guihua 
Signed-off-by: Bharata B Rao 
   [- Explicit CPU_REMOVE() from qemu_kvm/tcg_destroy_vcpu()
  isn't needed as it is done from cpu_exec_exit()
- Use iothread mutex instead of global mutex during
  destroy
- Don't cleanup vCPU object from vCPU thread context
  but leave it to the callers (device_add/device_del)]
---
 cpus.c   | 39 +--
 include/qom/cpu.h| 10 +
 include/sysemu/kvm.h |  1 +
 kvm-all.c| 57 +++-
 kvm-stub.c   |  5 +
 5 files changed, 109 insertions(+), 3 deletions(-)

diff --git a/cpus.c b/cpus.c
index bc774e2..be0ac6a 100644
--- a/cpus.c
+++ b/cpus.c
@@ -953,6 +953,18 @@ void async_run_on_cpu(CPUState *cpu, void (*func)(void 
*data), void *data)
 qemu_cpu_kick(cpu);
 }
 
+static void qemu_kvm_destroy_vcpu(CPUState *cpu)
+{
+if (kvm_destroy_vcpu(cpu) < 0) {
+error_report("kvm_destroy_vcpu failed");
+exit(EXIT_FAILURE);
+}
+}
+
+static void qemu_tcg_destroy_vcpu(CPUState *cpu)
+{
+}
+
 static void flush_queued_work(CPUState *cpu)
 {
 struct qemu_work_item *wi;
@@ -1045,7 +1057,7 @@ static void *qemu_kvm_cpu_thread_fn(void *arg)
 cpu->created = true;
 qemu_cond_signal(_cpu_cond);
 
-while (1) {
+do {
 if (cpu_can_run(cpu)) {
 r = kvm_cpu_exec(cpu);
 if (r == EXCP_DEBUG) {
@@ -1053,8 +1065,10 @@ static void *qemu_kvm_cpu_thread_fn(void *arg)
 }
 }
 qemu_kvm_wait_io_event(cpu);
-}
+} while (!cpu->unplug || cpu_can_run(cpu));
 
+qemu_kvm_destroy_vcpu(cpu);
+qemu_mutex_unlock_iothread();
 return NULL;
 }
 
@@ -1108,6 +1122,7 @@ static void tcg_exec_all(void);
 static void *qemu_tcg_cpu_thread_fn(void *arg)
 {
 CPUState *cpu = arg;
+CPUState *remove_cpu = NULL;
 
 rcu_register_thread();
 
@@ -1145,6 +1160,16 @@ static void *qemu_tcg_cpu_thread_fn(void *arg)
 }
 }
 qemu_tcg_wait_io_event(QTAILQ_FIRST());
+CPU_FOREACH(cpu) {
+if (cpu->unplug && !cpu_can_run(cpu)) {
+remove_cpu = cpu;
+break;
+}
+}
+if (remove_cpu) {
+qemu_tcg_destroy_vcpu(remove_cpu);
+remove_cpu = NULL;
+}
 }
 
 return NULL;
@@ -1301,6 +1326,13 @@ void resume_all_vcpus(void)
 }
 }
 
+void cpu_remove(CPUState *cpu)
+{
+cpu->stop = true;
+cpu->unplug = true;
+qemu_cpu_kick(cpu);
+}
+
 /* For temporary buffers for forming a name */
 #define VCPU_THREAD_NAME_SIZE 16
 
@@ -1517,6 +1549,9 @@ static void tcg_exec_all(void)
 break;
 }
 } else if (cpu->stop || cpu->stopped) {
+if (cpu->unplug) {
+next_cpu = CPU_NEXT(cpu);
+}
 break;
 }
 }
diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index 7052eee..0720dd7 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -237,6 +237,7 @@ struct kvm_run;
  * @halted: Nonzero if the CPU is in suspended state.
  * @stop: Indicates a pending stop request.
  * @stopped: Indicates the CPU has been artificially stopped.
+ * @unplug: Indicates a pending CPU unplug request.
  * @crash_occurred: Indicates the OS reported a crash (panic) for this CPU
  * @tcg_exit_req: Set to force TCG to stop executing linked TBs for this
  *   CPU and return to its top level loop.
@@ -289,6 +290,7 @@ struct CPUState {
 bool created;
 bool stop;
 bool stopped;
+bool unplug;
 bool crash_occurred;
 bool exit_request;
 uint32_t interrupt_request;
@@ -756,6 +758,14 @@ void cpu_exit(CPUState *cpu);
 void cpu_resume(CPUState *cpu);
 
 /**
+ * cpu_remove:
+ * @cpu: The CPU to remove.
+ *
+ * Requests the CPU to be removed.
+ */
+void cpu_remove(CPUState *cpu);
+
+/**
  * qemu_init_vcpu:
  * @cpu: The vCPU to initialize.
  *
diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h
index 6695fa7..5d5b602 100644
--- a/include/sysemu/kvm.h
+++ b/include/sysemu/kvm.h
@@ -216,6 +216,7 @@ int kvm_has_intx_set_mask(void);
 
 int kvm_init_vcpu(CPUState *cpu);
 int kvm_cpu_exec(CPUState *cpu);
+int kvm_destroy_vcpu(CPUState *cpu);
 
 #ifdef NEED_CPU_H
 
diff --git a/kvm-all.c b/kvm-all.c
index 44c0464..35c0621 100644

[Qemu-devel] [RFC PATCH v2 6/9] spapr: CPU core device

[Bharata B Rao]

Add sPAPR specific CPU core device that is based on generic CPU core device.
Creating this core device will result in creation of all the CPU thread
devices that are part of this core.

Introduce sPAPRMachineClass.dr_cpu_enabled to indicate support for
CPU core hotplug. Initialize boot time CPUs as core deivces and prevent
topologies that result in partially filled cores. Both of these are done
only if CPU core hotplug is supported.

Note: An unrelated change in the call to xics_system_init() is done
in this patch as it makes sense to use the local variable smt introduced
in this patch instead of kvmppc_smt_threads() call here.

Signed-off-by: Bharata B Rao 
---
 hw/ppc/Makefile.objs|   1 +
 hw/ppc/spapr.c  |  68 +++---
 hw/ppc/spapr_cpu_core.c | 199 
 include/hw/ppc/spapr.h  |   4 +
 include/hw/ppc/spapr_cpu_core.h |  28 ++
 5 files changed, 287 insertions(+), 13 deletions(-)
 create mode 100644 hw/ppc/spapr_cpu_core.c
 create mode 100644 include/hw/ppc/spapr_cpu_core.h

diff --git a/hw/ppc/Makefile.objs b/hw/ppc/Makefile.objs
index c1ffc77..5cc6608 100644
--- a/hw/ppc/Makefile.objs
+++ b/hw/ppc/Makefile.objs
@@ -4,6 +4,7 @@ obj-y += ppc.o ppc_booke.o
 obj-$(CONFIG_PSERIES) += spapr.o spapr_vio.o spapr_events.o
 obj-$(CONFIG_PSERIES) += spapr_hcall.o spapr_iommu.o spapr_rtas.o
 obj-$(CONFIG_PSERIES) += spapr_pci.o spapr_rtc.o spapr_drc.o spapr_rng.o
+obj-$(CONFIG_PSERIES) += spapr_cpu_core.o
 ifeq ($(CONFIG_PCI)$(CONFIG_PSERIES)$(CONFIG_LINUX), yyy)
 obj-y += spapr_pci_vfio.o
 endif
diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 64c4acc..cffe8c8 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -64,6 +64,7 @@
 
 #include "hw/compat.h"
 #include "qemu-common.h"
+#include "hw/ppc/spapr_cpu_core.h"
 
 #include 
 
@@ -1180,7 +1181,7 @@ static void ppc_spapr_reset(void)
 
 }
 
-static void spapr_cpu_reset(void *opaque)
+void spapr_cpu_reset(void *opaque)
 {
 sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
 PowerPCCPU *cpu = opaque;
@@ -1614,8 +1615,11 @@ static void spapr_boot_set(void *opaque, const char 
*boot_device,
 machine->boot_order = g_strdup(boot_device);
 }
 
-static void spapr_cpu_init(sPAPRMachineState *spapr, PowerPCCPU *cpu,
-   Error **errp)
+/*
+ * TODO: Check if some of these can be moved to rtas_start_cpu() where
+ * a few other things required for hotplugged CPUs are being done.
+ */
+void spapr_cpu_init(sPAPRMachineState *spapr, PowerPCCPU *cpu, Error **errp)
 {
 CPUPPCState *env = >env;
 
@@ -1728,7 +1732,6 @@ static void ppc_spapr_init(MachineState *machine)
 const char *kernel_filename = machine->kernel_filename;
 const char *kernel_cmdline = machine->kernel_cmdline;
 const char *initrd_filename = machine->initrd_filename;
-PowerPCCPU *cpu;
 PCIHostState *phb;
 int i;
 MemoryRegion *sysmem = get_system_memory();
@@ -1742,6 +1745,22 @@ static void ppc_spapr_init(MachineState *machine)
 long load_limit, fw_size;
 bool kernel_le = false;
 char *filename;
+int smt = kvmppc_smt_threads();
+int spapr_cores = smp_cpus / smp_threads;
+int spapr_max_cores = max_cpus / smp_threads;
+
+if (smc->dr_cpu_enabled) {
+if (smp_cpus % smp_threads) {
+error_report("smp_cpus (%u) must be multiple of threads (%u)",
+ smp_cpus, smp_threads);
+exit(1);
+}
+if (max_cpus % smp_threads) {
+error_report("max_cpus (%u) must be multiple of threads (%u)",
+ max_cpus, smp_threads);
+exit(1);
+}
+}
 
 msi_supported = true;
 
@@ -1788,8 +1807,7 @@ static void ppc_spapr_init(MachineState *machine)
 
 /* Set up Interrupt Controller before we create the VCPUs */
 spapr->icp = xics_system_init(machine,
-  DIV_ROUND_UP(max_cpus * kvmppc_smt_threads(),
-   smp_threads),
+  DIV_ROUND_UP(max_cpus * smt, smp_threads),
   XICS_IRQS, _fatal);
 
 if (smc->dr_lmb_enabled) {
@@ -1800,13 +1818,34 @@ static void ppc_spapr_init(MachineState *machine)
 if (machine->cpu_model == NULL) {
 machine->cpu_model = kvm_enabled() ? "host" : "POWER7";
 }
-for (i = 0; i < smp_cpus; i++) {
-cpu = cpu_ppc_init(machine->cpu_model);
-if (cpu == NULL) {
-error_report("Unable to find PowerPC CPU definition");
-exit(1);
+
+if (smc->dr_cpu_enabled) {
+spapr->cores = g_new0(Object *, spapr_max_cores);
+
+for (i = 0; i < spapr_max_cores; i++) {
+int core_dt_id = i * smt;
+
+if (i < spapr_cores) {
+Object *core  = object_new(TYPE_SPAPR_CPU_CORE);
+
+object_property_set_str(core, machine->cpu_model, 

[Qemu-devel] [RFC PATCH v2 4/9] cpu: Add a sync version of cpu_remove()

[Bharata B Rao]

This sync API will be used by the CPU hotplug code to wait for the CPU to
completely get removed before flagging the failure to the device_add
command.

Sync version of this call is needed to correctly recover from CPU
realization failures when ->plug() handler fails.

Signed-off-by: Bharata B Rao 
Reviewed-by: David Gibson 
---
 cpus.c| 12 
 include/qom/cpu.h |  8 
 2 files changed, 20 insertions(+)

diff --git a/cpus.c b/cpus.c
index be0ac6a..05cb096 100644
--- a/cpus.c
+++ b/cpus.c
@@ -1068,6 +1068,8 @@ static void *qemu_kvm_cpu_thread_fn(void *arg)
 } while (!cpu->unplug || cpu_can_run(cpu));
 
 qemu_kvm_destroy_vcpu(cpu);
+cpu->created = false;
+qemu_cond_signal(_cpu_cond);
 qemu_mutex_unlock_iothread();
 return NULL;
 }
@@ -1168,6 +1170,8 @@ static void *qemu_tcg_cpu_thread_fn(void *arg)
 }
 if (remove_cpu) {
 qemu_tcg_destroy_vcpu(remove_cpu);
+cpu->created = false;
+qemu_cond_signal(_cpu_cond);
 remove_cpu = NULL;
 }
 }
@@ -1333,6 +1337,14 @@ void cpu_remove(CPUState *cpu)
 qemu_cpu_kick(cpu);
 }
 
+void cpu_remove_sync(CPUState *cpu)
+{
+cpu_remove(cpu);
+while (cpu->created) {
+qemu_cond_wait(_cpu_cond, _global_mutex);
+}
+}
+
 /* For temporary buffers for forming a name */
 #define VCPU_THREAD_NAME_SIZE 16
 
diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index 0720dd7..6e20119 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -765,6 +765,14 @@ void cpu_resume(CPUState *cpu);
  */
 void cpu_remove(CPUState *cpu);
 
+ /**
+ * cpu_remove_sync:
+ * @cpu: The CPU to remove.
+ *
+ * Requests the CPU to be removed and waits till it is removed.
+ */
+void cpu_remove_sync(CPUState *cpu);
+
 /**
  * qemu_init_vcpu:
  * @cpu: The vCPU to initialize.
-- 
2.1.0

[Qemu-devel] [RFC PATCH v2 5/9] cpu: Abstract CPU core type

[Bharata B Rao]

Add an abstract CPU core type that could be used by machines that want
to define and hotplug CPUs in core granularity.

Signed-off-by: Bharata B Rao 
---
 hw/cpu/Makefile.objs  |  1 +
 hw/cpu/core.c | 87 +++
 include/hw/cpu/core.h | 31 ++
 3 files changed, 119 insertions(+)
 create mode 100644 hw/cpu/core.c
 create mode 100644 include/hw/cpu/core.h

diff --git a/hw/cpu/Makefile.objs b/hw/cpu/Makefile.objs
index 0954a18..942a4bb 100644
--- a/hw/cpu/Makefile.objs
+++ b/hw/cpu/Makefile.objs
@@ -2,4 +2,5 @@ obj-$(CONFIG_ARM11MPCORE) += arm11mpcore.o
 obj-$(CONFIG_REALVIEW) += realview_mpcore.o
 obj-$(CONFIG_A9MPCORE) += a9mpcore.o
 obj-$(CONFIG_A15MPCORE) += a15mpcore.o
+obj-y += core.o
 
diff --git a/hw/cpu/core.c b/hw/cpu/core.c
new file mode 100644
index 000..3faf53d
--- /dev/null
+++ b/hw/cpu/core.c
@@ -0,0 +1,87 @@
+/*
+ * CPU core abstract device
+ *
+ * Copyright (C) 2016 Bharata B Rao 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#include "hw/cpu/core.h"
+#include "qapi/visitor.h"
+#include "sysemu/cpus.h"
+
+static void core_prop_get_core(Object *obj, Visitor *v, const char *name,
+   void *opaque, Error **errp)
+{
+CPUCore *core = CPU_CORE(obj);
+int64_t value = core->core;
+
+visit_type_int(v, name, , errp);
+}
+
+static void core_prop_set_core(Object *obj, Visitor *v, const char *name,
+   void *opaque, Error **errp)
+{
+CPUCore *core = CPU_CORE(obj);
+Error *local_err = NULL;
+int64_t value;
+
+visit_type_int(v, name, , _err);
+if (local_err) {
+error_propagate(errp, local_err);
+return;
+}
+
+core->core = value;
+}
+
+static void core_prop_get_threads(Object *obj, Visitor *v, const char *name,
+  void *opaque, Error **errp)
+{
+CPUCore *core = CPU_CORE(obj);
+int64_t value = core->threads;
+
+visit_type_int(v, name, , errp);
+}
+
+static void core_prop_set_threads(Object *obj, Visitor *v, const char *name,
+  void *opaque, Error **errp)
+{
+CPUCore *core = CPU_CORE(obj);
+Error *local_err = NULL;
+int64_t value;
+
+visit_type_int(v, name, , _err);
+if (local_err) {
+error_propagate(errp, local_err);
+return;
+}
+
+core->threads = value;
+}
+
+static void cpu_core_instance_init(Object *obj)
+{
+CPUCore *core = CPU_CORE(obj);
+
+object_property_add(obj, "core", "int", core_prop_get_core,
+core_prop_set_core, NULL, NULL, NULL);
+object_property_add(obj, "threads", "int", core_prop_get_threads,
+core_prop_set_threads, NULL, NULL, NULL);
+core->threads = smp_threads;
+}
+
+static const TypeInfo cpu_core_type_info = {
+.name = TYPE_CPU_CORE,
+.parent = TYPE_DEVICE,
+.abstract = true,
+.instance_size = sizeof(CPUCore),
+.instance_init = cpu_core_instance_init,
+};
+
+static void cpu_core_register_types(void)
+{
+type_register_static(_core_type_info);
+}
+
+type_init(cpu_core_register_types)
diff --git a/include/hw/cpu/core.h b/include/hw/cpu/core.h
new file mode 100644
index 000..a2a5a04
--- /dev/null
+++ b/include/hw/cpu/core.h
@@ -0,0 +1,31 @@
+/*
+ * CPU core abstract device
+ *
+ * Copyright (C) 2016 Bharata B Rao 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#ifndef HW_CPU_CORE_H
+#define HW_CPU_CORE_H
+
+#include "qemu/osdep.h"
+#include "hw/qdev.h"
+
+#define TYPE_CPU_CORE "cpu-core"
+
+#define CPU_CORE(obj) \
+OBJECT_CHECK(CPUCore, (obj), TYPE_CPU_CORE)
+
+typedef struct CPUCore {
+/*< private >*/
+DeviceState parent_obj;
+
+/*< public >*/
+int core;
+int threads;
+} CPUCore;
+
+#define CPU_CORE_PROP_CORE "core"
+
+#endif
-- 
2.1.0

[Qemu-devel] [RFC PATCH v2 0/9] Core based CPU hotplug for PowerPC sPAPR

[Bharata B Rao]

Hi,

This is the next version of "Core based CPU hotplug for PowerPC sPAPR" that
was posted at
https://lists.gnu.org/archive/html/qemu-ppc/2016-03/msg00081.html

device_add semantics

For -smp 16,sockets=1,cores=2,threads=8,maxcpus=32
(qemu) device_add spapr-cpu-core,id=core2,core=16,cpu_model=host[,threads=8]

Major changes in this version
-
- Based on the review feedback, removed the links from machine object
  to the core objects.
- With that, the concept of using the links as slots where core object sits
  is gone.
- String slot name which was being used as slot= with device_add now
  becomes an integer core id being specified as core=.
- threads property which indicates the number of threads in the core
  moves from spapr-cpu-core type to cpu-core type.
- Threads creation moves from core's property setter to core's realizefn.
- Igor's proposed pre_plug handler isn't yet used in this patchset, but it
  wouldn't take much effort to switch to it. Waiting for some review/consensus
  on Igor's patchset before switching to it.
- This patchset will now work with Igor's query-hotpluggable-cpus QMP
  interface.

Other changes
-
- Core ID that is used with device_add is in fact device tree ID now.
- DRC indexes are based on core_dt_id now. There are a couple of places
  where core device's thread0 is used to fetch the DRC index, but changing
  that requires bigger change of converting the CPUs DT code generation
  to iterate over cores instead of threads.
- Coverted while(1) to do-while() as suggeted by Thomas Huth (3/9).
- Creation of spapr-cpu-core device and conversion of boot CPUs into
  cores merged into a single patch (6/9).
- Topologies with incomplete cores are prevented from booting only with
  machine type versions that support CPU DR (6/9).
- Conversion of boot CPUs into cores is done only for machine type versions
  that support CPU DR (6/9).
- Take care of recovery from failure in plug handler when CPU hotplug isn't
  supported correctly. This will not be needed when we prevent such
  attempts from pre_plug handler (9/9).
Bharata B Rao (8):
  exec: Remove cpu from cpus list during cpu_exec_exit()
  exec: Do vmstate unregistration from cpu_exec_exit()
  cpu: Add a sync version of cpu_remove()
  cpu: Abstract CPU core type
  spapr: CPU core device
  spapr: CPU hotplug support
  xics,xics_kvm: Handle CPU unplug correctly
  spapr: CPU hot unplug support

Gu Zheng (1):
  cpu: Reclaim vCPU objects

 cpus.c  |  51 +-
 exec.c  |  41 -
 hw/cpu/Makefile.objs|   1 +
 hw/cpu/core.c   |  87 ++
 hw/intc/xics.c  |  14 ++
 hw/intc/xics_kvm.c  |   8 +-
 hw/ppc/Makefile.objs|   1 +
 hw/ppc/spapr.c  | 153 +++--
 hw/ppc/spapr_cpu_core.c | 354 
 hw/ppc/spapr_events.c   |   3 +
 hw/ppc/spapr_rtas.c |  24 +++
 include/hw/cpu/core.h   |  31 
 include/hw/ppc/spapr.h  |   7 +
 include/hw/ppc/spapr_cpu_core.h |  42 +
 include/hw/ppc/xics.h   |   1 +
 include/qom/cpu.h   |  18 ++
 include/sysemu/kvm.h|   1 +
 kvm-all.c   |  57 ++-
 kvm-stub.c  |   5 +
 19 files changed, 871 insertions(+), 28 deletions(-)
 create mode 100644 hw/cpu/core.c
 create mode 100644 hw/ppc/spapr_cpu_core.c
 create mode 100644 include/hw/cpu/core.h
 create mode 100644 include/hw/ppc/spapr_cpu_core.h

-- 
2.1.0

[Qemu-devel] [RFC PATCH v2 2/9] exec: Do vmstate unregistration from cpu_exec_exit()

[Bharata B Rao]

cpu_exec_init() does vmstate_register for the CPU device. This needs to be
undone from cpu_exec_exit(). This change is needed to support CPU hot
removal.

Signed-off-by: Bharata B Rao 
---
 exec.c | 9 +
 1 file changed, 9 insertions(+)

diff --git a/exec.c b/exec.c
index 49ae593..8ddca6b 100644
--- a/exec.c
+++ b/exec.c
@@ -634,6 +634,8 @@ static void cpu_release_index(CPUState *cpu)
 
 void cpu_exec_exit(CPUState *cpu)
 {
+CPUClass *cc = CPU_GET_CLASS(cpu);
+
 #if defined(CONFIG_USER_ONLY)
 cpu_list_lock();
 #endif
@@ -651,6 +653,13 @@ void cpu_exec_exit(CPUState *cpu)
 #if defined(CONFIG_USER_ONLY)
 cpu_list_unlock();
 #endif
+
+if (cc->vmsd != NULL) {
+vmstate_unregister(NULL, cc->vmsd, cpu);
+}
+if (qdev_get_vmsd(DEVICE(cpu)) == NULL) {
+vmstate_unregister(NULL, _cpu_common, cpu);
+}
 }
 
 void cpu_exec_init(CPUState *cpu, Error **errp)
-- 
2.1.0

[Qemu-devel] [RFC PATCH v2 1/9] exec: Remove cpu from cpus list during cpu_exec_exit()

[Bharata B Rao]

CPUState *cpu gets added to the cpus list during cpu_exec_init(). It
should be removed from cpu_exec_exit().

cpu_exec_exit() is called from generic CPU::instance_finalize and some
archs like PowerPC call it from CPU unrealizefn. So ensure that we
dequeue the cpu only once.

Now -1 value for cpu->cpu_index indicates that we have already dequeued
the cpu for CONFIG_USER_ONLY case also.

Signed-off-by: Bharata B Rao 
Reviewed-by: David Gibson 
---
 exec.c | 32 
 1 file changed, 24 insertions(+), 8 deletions(-)

diff --git a/exec.c b/exec.c
index f09dd4e..49ae593 100644
--- a/exec.c
+++ b/exec.c
@@ -609,15 +609,9 @@ static int cpu_get_free_index(Error **errp)
 return cpu;
 }
 
-void cpu_exec_exit(CPUState *cpu)
+static void cpu_release_index(CPUState *cpu)
 {
-if (cpu->cpu_index == -1) {
-/* cpu_index was never allocated by this @cpu or was already freed. */
-return;
-}
-
 bitmap_clear(cpu_index_map, cpu->cpu_index, 1);
-cpu->cpu_index = -1;
 }
 #else
 
@@ -632,11 +626,33 @@ static int cpu_get_free_index(Error **errp)
 return cpu_index;
 }
 
-void cpu_exec_exit(CPUState *cpu)
+static void cpu_release_index(CPUState *cpu)
 {
+return;
 }
 #endif
 
+void cpu_exec_exit(CPUState *cpu)
+{
+#if defined(CONFIG_USER_ONLY)
+cpu_list_lock();
+#endif
+if (cpu->cpu_index == -1) {
+/* cpu_index was never allocated by this @cpu or was already freed. */
+#if defined(CONFIG_USER_ONLY)
+cpu_list_unlock();
+#endif
+return;
+}
+
+QTAILQ_REMOVE(, cpu, node);
+cpu_release_index(cpu);
+cpu->cpu_index = -1;
+#if defined(CONFIG_USER_ONLY)
+cpu_list_unlock();
+#endif
+}
+
 void cpu_exec_init(CPUState *cpu, Error **errp)
 {
 CPUClass *cc = CPU_GET_CLASS(cpu);
-- 
2.1.0

Re: [Qemu-devel] [RFC PATCH v2 3/3] VFIO: Type1 IOMMU mapping support for vGPU

[Tian, Kevin]

> From: Neo Jia [mailto:c...@nvidia.com]
> Sent: Friday, March 11, 2016 12:20 PM
> 
> On Thu, Mar 10, 2016 at 11:10:10AM +0800, Jike Song wrote:
> >
> > >> Is it supposed to be the caller who should set
> > >> up IOMMU by DMA api such as dma_map_page(), after calling
> > >> vgpu_dma_do_translate()?
> > >>
> > >
> > > Don't think you need to call dma_map_page here. Once you have the pfn 
> > > available
> > > to your GPU kernel driver, you can just go ahead to setup the mapping as 
> > > you
> > > normally do such as calling pci_map_sg and its friends.
> > >
> >
> > Technically it's definitely OK to call DMA API from the caller rather than 
> > here,
> > however personally I think it is a bit counter-intuitive: IOMMU page tables
> > should be constructed within the VFIO IOMMU driver.
> >
> 
> Hi Jike,
> 
> For vGPU, what we have is just a virtual device and a fake IOMMU group, 
> therefore
> the actual interaction with the real GPU should be managed by the GPU vendor 
> driver.
> 

Hi, Neo,

Seems we have a different thought on this. Regardless of whether it's a 
virtual/physical 
device, imo, VFIO should manage IOMMU configuration. The only difference is:

- for physical device, VFIO directly invokes IOMMU API to set IOMMU entry 
(GPA->HPA);
- for virtual device, VFIO invokes kernel DMA APIs which indirectly lead to 
IOMMU entry 
set if CONFIG_IOMMU is enabled in kernel (GPA->IOVA);

This would provide an unified way to manage the translation in VFIO, and then 
vendor
specific driver only needs to query and use returned IOVA corresponding to a 
GPA. 

Doing so has another benefit, to make underlying vGPU driver VMM agnostic. For 
KVM,
yes we can use pci_map_sg. However for Xen it's different (today Dom0 doesn't 
see
IOMMU. In the future there'll be a PVIOMMU implementation) so different code 
path is 
required. It's better to abstract such specific knowledge out of vGPU driver, 
which just
uses whatever dma_addr returned by other agent (VFIO here, or another Xen 
specific
agent) in a centralized way.

Alex, what's your opinion on this?

Thanks
Kevin

Re: [Qemu-devel] info qtree command cause qemu ABORT!

[hitmoon]

在 2016年03月11日 11:14, Peter Maydell 写道:

On 11 March 2016 at 10:08, hitmoon  wrote:

Peter:

first launch following command:

arm-softmmu/qemu-system-arm -M versatilepb -kernel
~/Qemu-ARM/vmlinuz-3.2.0-4-versatile -initrd
~/Qemu-ARM/initrd.img-3.2.0-4-versatile  -hda
~/debian_wheezy_armel_standard.qcow2 -append 'root=/dev/sda1'

Then execute 'info qtree' in the monitor, qemu aborted with error message :
'qemu/hw/core/sysbus.c:277:sysbus_dev_print: Object 0x55569a7b2d00 is not an
instance of type sys-bus-device'

Yes, I saw your email from yesterday about this and it is on my
list of things to look at.

-- PMM
It seems that print_dev point to sysbus_dev_print but sdcard's parent is 
not a TYPE_SYS_BUS_DEVICE !

Re: [Qemu-devel] [RFC PATCH v2 3/3] VFIO: Type1 IOMMU mapping support for vGPU

[Neo Jia]

On Thu, Mar 10, 2016 at 11:10:10AM +0800, Jike Song wrote:
> 
> >> Is it supposed to be the caller who should set
> >> up IOMMU by DMA api such as dma_map_page(), after calling
> >> vgpu_dma_do_translate()?
> >>
> > 
> > Don't think you need to call dma_map_page here. Once you have the pfn 
> > available
> > to your GPU kernel driver, you can just go ahead to setup the mapping as you
> > normally do such as calling pci_map_sg and its friends.
> > 
> 
> Technically it's definitely OK to call DMA API from the caller rather than 
> here,
> however personally I think it is a bit counter-intuitive: IOMMU page tables
> should be constructed within the VFIO IOMMU driver.
> 

Hi Jike,

For vGPU, what we have is just a virtual device and a fake IOMMU group, 
therefore 
the actual interaction with the real GPU should be managed by the GPU vendor 
driver.

With the default TYPE1 IOMMU, it works with the vfio-pci as it owns the device.

Thanks,
Neo

> --
> Thanks,
> Jike
> 

Re: [Qemu-devel] [PULL 0/8] VFIO updates 2016-03-10

[Alex Williamson]

On Fri, 11 Mar 2016 08:24:51 +0700
Peter Maydell  wrote:

> On 10 March 2016 at 23:55, Alex Williamson  wrote:
> > The following changes since commit a648c137383d84bc4f95696e5293978d9541a26e:
> >
> >   Merge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20160309-1' 
> > into staging (2016-03-10 02:51:14 +)
> >
> > are available in the git repository at:
> >
> >
> >   git://github.com/awilliam/qemu-vfio.git tags/vfio-update-20160310.1
> >
> > for you to fetch changes up to f953b1a565c9fa0551c5023056c28fbbe35c8b9d:
> >
> >   MAINTAINERS: Add entry for the include/hw/vfio/ folder (2016-03-10 
> > 09:39:09 -0700)
> >
> > 
> > VFIO updates 2016-03-10
> >
> >  - Allow devices to be specified via sysfs path (Alex Williamson)
> >  - vfio region helpers and generalization for future device specific regions
> >(Alex Williamson)
> >  - Automatic ROM device ID and checksum fixup (Alex Williamson)
> >  - Split VGA setup to allow enabling VGA from quirks (Alex Williamson)
> >  - Remove fixed string limit for ROM MemoryRegion name (Neo Jia)
> >  - MAINTAINERS update (Thomas Huth)  
> 
> This fails to build on OSX and Windows:
> 
> In file included from /Users/pm215/src/qemu-for-merges/hw/arm/sysbus-fdt.c:35:
> In file included from
> /Users/pm215/src/qemu-for-merges/include/hw/vfio/vfio-platform.h:20:
> /Users/pm215/src/qemu-for-merges/include/hw/vfio/vfio-common.h:28:10:
> fatal error: 'linux/vfio.h' file
>   not found
> #include 
>  ^

Gack, guess I'll wrap that in CONFIG_LINUX like is already done in
sysbus-fdt.c.  Sorry again.  Thanks,

Alex

Re: [Qemu-devel] [PULL 3/8] vfio: Generalize region support

[Alex Williamson]

On Thu, 10 Mar 2016 13:46:06 -0700
Eric Blake  wrote:

> On 03/10/2016 09:34 AM, Alex Williamson wrote:
> 
> >>> +trace_vfio_msix_fixup(vdev->vbasedev.name,
> >>> +  vdev->msix->table_bar, 
> >>> region->mmaps[0].offset,
> >>> +  region->mmaps[0].offset + 
> >>> region->mmaps[0].size);
> >> Sorry this does not compile for me on arm 32b:
> >>
> >> ./trace/generated-tracers.h:16113:23: error: format ‘%lx’ expects
> >> argument of type ‘long unsigned int’, but argument 8 has type ‘off_t’
> >> [-Werror=format=] , name, bar, offset, size);
> >>  
> >> -> vfio_msix_fixup(const char *name, int bar, off_t start, off_t end) "
> >> (%s) MSI-X region %d mmap fixup [0x%"PRIx64" - 0x%"PRIx64"]" ?  
> >   
> 
> >  vfio_msix_disable(const char *name) " (%s)"
> > -vfio_msix_fixup(const char *name, int bar, off_t offset, size_t size) " 
> > (%s) MSI-X region %d mmap fixup [0x%lx - 0x%lx]"
> > +vfio_msix_fixup(const char *name, int bar, off_t start, off_t end) " (%s) 
> > MSI-X region %d mmap fixup [0x%"PRIx64" - 0x%"PRIx64"]"  
> 
> off_t and PRIx64 are not necessarily compatible types (on a 64-bit
> platform, one could be 'long' while the other is 'long long').  And even
> though we set compiler flags to get 64-bit off_t on 32-bit platforms,
> your code is not portable to people that don't set those flags and are
> stuck with 32-bit off_t.
> 
> It may be better to declare start and end as [u]int64_t, rather than off_t.

Looks like we need another respin anyway, and uint64_t works just as
well here.  Done.  Thanks,

Alex

Re: [Qemu-devel] info qtree command cause qemu ABORT!

[Peter Maydell]

On 11 March 2016 at 10:08, hitmoon  wrote:
> Peter:
>
> first launch following command:
>
> arm-softmmu/qemu-system-arm -M versatilepb -kernel
> ~/Qemu-ARM/vmlinuz-3.2.0-4-versatile -initrd
> ~/Qemu-ARM/initrd.img-3.2.0-4-versatile  -hda
> ~/debian_wheezy_armel_standard.qcow2 -append 'root=/dev/sda1'
>
> Then execute 'info qtree' in the monitor, qemu aborted with error message :
> 'qemu/hw/core/sysbus.c:277:sysbus_dev_print: Object 0x55569a7b2d00 is not an
> instance of type sys-bus-device'

Yes, I saw your email from yesterday about this and it is on my
list of things to look at.

-- PMM

[Qemu-devel] info qtree command cause qemu ABORT!

[hitmoon]

Peter:

first launch following command:

arm-softmmu/qemu-system-arm -M versatilepb -kernel 
~/Qemu-ARM/vmlinuz-3.2.0-4-versatile -initrd 
~/Qemu-ARM/initrd.img-3.2.0-4-versatile  -hda 
~/debian_wheezy_armel_standard.qcow2 -append 'root=/dev/sda1'


Then execute 'info qtree' in the monitor, qemu aborted with error message :
'qemu/hw/core/sysbus.c:277:sysbus_dev_print: Object 0x55569a7b2d00 is 
not an instance of type sys-bus-device'


With the help of git bisect, commit 'hw/sd/sd.c: QOMify' 
(260bc9d8aa887bdd72d1b2499a9080f75b289cb4) cause this problem.

[Qemu-devel] [Bug 1246890] Re: AC97 sound card crashes QEMU

[John Arbuckle]

Turns out this problem was with another program called AudioJack. It
interferes with QEMU and prevents sound from working. Uninstalling
AudioJack made the AC97 sound card work again under Mac OS 10.6.

** Changed in: qemu
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1246890

Title:
  AC97 sound card crashes QEMU

Status in QEMU:
  Fix Committed

Bug description:
  The AC97 sound card does not work. It stops QEMU on startup. The cause
  appears to be some kind of deadlock.

  Steps to reproduce:
  Just add -soundhw ac97 to QEMU's arguments. Example: qemu-system-ppc -soundhw 
ac97

  The example above is all it takes to reproduce the problem.

  This problem has been observed on Mac OS X and Debian Linux.

  I question whether the ac97 support ever worked. It is a file that was
  taken from VirtualBox and added to QEMU. I do know that VirtualBox's
  support for the ac97 sound card works perfectly.

  The exact line of code that stops QEMU in its tracks is located in the
  file main-loop.c, in the function os_host_main_loop_wait(), the call
  made to qemu_mutex_lock_iothread(). The is where QEMU stops under Mac
  OS X.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1246890/+subscriptions

Re: [Qemu-devel] [RFC qemu 0/4] A PV solution for live migration optimization

[Li, Liang Z]

> 
> Hi,
>   I'm just catching back up on this thread; so without reference to any
> particular previous mail in the thread.
> 
>   1) How many of the free pages do we tell the host about?
>  Your main change is telling the host about all the
>  free pages.

Yes, all the guest's free pages.

>  If we tell the host about all the free pages, then we might
>  end up needing to allocate more pages and update the host
>  with pages we now want to use; that would have to wait for the
>  host to acknowledge that use of these pages, since if we don't
>  wait for it then it might have skipped migrating a page we
>  just started using (I don't understand how your series solves that).
>  So the guest probably needs to keep some free pages - how many?

Actually, there is no need to care about whether the free pages will be used by 
the host.
We only care about some of the free pages we get reused by the guest, right?

The dirty page logging can be used to solve this, starting the dirty page 
logging before getting
the free pages informant from guest. Even some of the free pages are modified 
by the guest
during the process of getting the free pages information, these modified pages 
will be traced
by the dirty page logging mechanism. So in the following 
migration_bitmap_sync() function.
The pages in the free pages bitmap, but latter was modified, will be reset to 
dirty. We won't
omit any dirtied pages.

So, guest doesn't need to keep any free pages.

>   2) Clearing out caches
>  Does it make sense to clean caches?  They're apparently useful data
>  so if we clean them it's likely to slow the guest down; I guess
>  they're also likely to be fairly static data - so at least fairly
>  easy to migrate.
>  The answer here partially depends on what you want from your migration;
>  if you're after the fastest possible migration time it might make
>  sense to clean the caches and avoid migrating them; but that might
>  be at the cost of more disruption to the guest - there's a trade off
>  somewhere and it's not clear to me how you set that depending on your
>  guest/network/reqirements.
> 

Yes, clean the caches is an option.  Let the users decide using it or not.

>   3) Why is ballooning slow?
>  You've got a figure of 5s to balloon on an 8GB VM - but an
>  8GB VM isn't huge; so I worry about how long it would take
>  on a big VM.   We need to understand why it's slow
>* is it due to the guest shuffling pages around?
>* is it due to the virtio-balloon protocol sending one page
>  at a time?
>  + Do balloon pages normally clump in physical memory
> - i.e. would a 'large balloon' message help
> - or do we need a bitmap because it tends not to clump?
> 

I didn't do a comprehensive test. But I found most of the time spending
on allocating the pages and sending the PFNs to guest, I don't know that's
the most time consuming operation, allocating the pages or sending the PFNs.

>* is it due to the madvise on the host?
>  If we were using the normal balloon messages, then we
>  could, during migration, just route those to the migration
>  code rather than bothering with the madvise.
>  If they're clumping together we could just turn that into
>  one big madvise; if they're not then would we benefit from
>  a call that lets us madvise lots of areas?
> 

My test showed madvise() is not the main reason for the long time, only taken
10% of the total  inflating balloon operation time.
Big madvise can more or less improve the performance.

>   4) Speeding up the migration of those free pages
> You're using the bitmap to avoid migrating those free pages; HPe's
> patchset is reconstructing a bitmap from the balloon data;  OK, so
> this all makes sense to avoid migrating them - I'd also been thinking
> of using pagemap to spot zero pages that would help find other zero'd
> pages, but perhaps ballooned is enough?
> 
Could you describe your ideal with more details?

>   5) Second-migrate
> Given a VM where you've done all those tricks on, what happens when
> you migrate it a second time?   I guess you're aiming for the guest
> to update it's bitmap;  HPe's solution is to migrate it's balloon
> bitmap along with the migration data.

Nothing is special in the second migration, QEMU will request the guest for 
free pages
Information, and the guest will traverse it's current free page list to 
construct a
new free page bitmap and send it to QEMU. Just like in the first migration.

Liang
> 
> Dave
> 
> --
> Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK

[Qemu-devel] [PATCH v4 4/4] hw/input/adb.c: implement QKeyCode support

[Programmingkid]

Remove the old pc_to_adb_keycode array and replace it with QKeyCode support.

Signed-off-by: John Arbuckle 
---
Some of the keys do not translate as logically as we would think they would. For
example the Q_KEY_CODE_CTRL_R does not work with ADB_KEY_RIGHT_CONTROL. The
wrong key would show up in the guest. These problem keys are commmented out and
replaced with the number that does work correctly. This patch can be easily
tested with the Linux command xev or Mac OS's Key Caps.

 hw/input/adb.c | 223 +
 1 file changed, 177 insertions(+), 46 deletions(-)

diff --git a/hw/input/adb.c b/hw/input/adb.c
index f0ad0d4..d176d39 100644
--- a/hw/input/adb.c
+++ b/hw/input/adb.c
@@ -25,6 +25,9 @@
 #include "hw/hw.h"
 #include "hw/input/adb.h"
 #include "ui/console.h"
+#include "include/hw/input/adb-keys.h"
+#include "ui/input.h"
+#include "sysemu/sysemu.h"
 
 /* debug ADB */
 //#define DEBUG_ADB
@@ -59,6 +62,9 @@ do { printf("ADB: " fmt , ## __VA_ARGS__); } while (0)
 /* error codes */
 #define ADB_RET_NOTPRESENT (-2)
 
+/* The adb keyboard doesn't have every key imaginable */
+#define NO_KEY 0xff
+
 static void adb_device_reset(ADBDevice *d)
 {
 qdev_reset_all(DEVICE(d));
@@ -187,23 +193,138 @@ typedef struct ADBKeyboardClass {
 DeviceRealize parent_realize;
 } ADBKeyboardClass;
 
-static const uint8_t pc_to_adb_keycode[256] = {
-  0, 53, 18, 19, 20, 21, 23, 22, 26, 28, 25, 29, 27, 24, 51, 48,
- 12, 13, 14, 15, 17, 16, 32, 34, 31, 35, 33, 30, 36, 54,  0,  1,
-  2,  3,  5,  4, 38, 40, 37, 41, 39, 50, 56, 42,  6,  7,  8,  9,
- 11, 45, 46, 43, 47, 44,123, 67, 58, 49, 57,122,120, 99,118, 96,
- 97, 98,100,101,109, 71,107, 89, 91, 92, 78, 86, 87, 88, 69, 83,
- 84, 85, 82, 65,  0,  0, 10,103,111,  0,  0,110, 81,  0,  0,  0,
-  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-  0,  0,  0, 94,  0, 93,  0,  0,  0,  0,  0,  0,104,102,  0,  0,
-  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0, 76,125,  0,  0,
-  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,105,  0,  0,  0,  0,  0,
-  0,  0,  0,  0,  0, 75,  0,  0,124,  0,  0,  0,  0,  0,  0,  0,
-  0,  0,  0,  0,  0,  0,  0,115, 62,116,  0, 59,  0, 60,  0,119,
- 61,121,114,117,  0,  0,  0,  0,  0,  0,  0, 55,126,  0,127,  0,
-  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-  0,  0,  0,  0,  0, 95,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+int qcode_to_adb_keycode[] = {
+[Q_KEY_CODE_SHIFT] = ADB_KEY_LEFT_SHIFT,
+[Q_KEY_CODE_SHIFT_R]   = 123, /* ADB_KEY_RIGHT_SHIFT, */
+[Q_KEY_CODE_ALT]   = ADB_KEY_LEFT_OPTION,
+[Q_KEY_CODE_ALT_R] = 124, /* ADB_KEY_RIGHT_OPTION,*/
+[Q_KEY_CODE_ALTGR] = ADB_KEY_RIGHT_OPTION,
+[Q_KEY_CODE_CTRL]  = 54, /* ADB_KEY_LEFT_CONTROL, */
+[Q_KEY_CODE_CTRL_R]= 125, /* ADB_KEY_RIGHT_CONTROL, */
+[Q_KEY_CODE_META_L]= ADB_KEY_LEFT_COMMAND,
+
+ /* 126 works as right super in Linux */
+ /* Use ADB_KEY_LEFT_COMMAND for Mac OS compatibility */
+[Q_KEY_CODE_META_R]= ADB_KEY_LEFT_COMMAND,
+[Q_KEY_CODE_SPC]   = ADB_KEY_SPACEBAR,
+
+[Q_KEY_CODE_ESC]   = ADB_KEY_ESC,
+[Q_KEY_CODE_1] = ADB_KEY_1,
+[Q_KEY_CODE_2] = ADB_KEY_2,
+[Q_KEY_CODE_3] = ADB_KEY_3,
+[Q_KEY_CODE_4] = ADB_KEY_4,
+[Q_KEY_CODE_5] = ADB_KEY_5,
+[Q_KEY_CODE_6] = ADB_KEY_6,
+[Q_KEY_CODE_7] = ADB_KEY_7,
+[Q_KEY_CODE_8] = ADB_KEY_8,
+[Q_KEY_CODE_9] = ADB_KEY_9,
+[Q_KEY_CODE_0] = ADB_KEY_0,
+[Q_KEY_CODE_MINUS] = ADB_KEY_MINUS,
+[Q_KEY_CODE_EQUAL] = ADB_KEY_EQUAL,
+[Q_KEY_CODE_BACKSPACE] = ADB_KEY_DELETE,
+[Q_KEY_CODE_TAB]   = ADB_KEY_TAB,
+[Q_KEY_CODE_Q] = ADB_KEY_Q,
+[Q_KEY_CODE_W] = ADB_KEY_W,
+[Q_KEY_CODE_E] = ADB_KEY_E,
+[Q_KEY_CODE_R] = ADB_KEY_R,
+[Q_KEY_CODE_T] = ADB_KEY_T,
+[Q_KEY_CODE_Y] = ADB_KEY_Y,
+[Q_KEY_CODE_U] = ADB_KEY_U,
+[Q_KEY_CODE_I] = ADB_KEY_I,
+[Q_KEY_CODE_O] = ADB_KEY_O,
+[Q_KEY_CODE_P] = ADB_KEY_P,
+[Q_KEY_CODE_BRACKET_LEFT]  = ADB_KEY_LEFT_BRACKET,
+[Q_KEY_CODE_BRACKET_RIGHT] = ADB_KEY_RIGHT_BRACKET,
+[Q_KEY_CODE_RET]   = ADB_KEY_RETURN,
+[Q_KEY_CODE_A] = ADB_KEY_A,
+[Q_KEY_CODE_S] = ADB_KEY_S,
+[Q_KEY_CODE_D] = ADB_KEY_D,
+[Q_KEY_CODE_F] = ADB_KEY_F,
+[Q_KEY_CODE_G] = ADB_KEY_G,
+[Q_KEY_CODE_H] = ADB_KEY_H,
+[Q_KEY_CODE_J] = ADB_KEY_J,
+[Q_KEY_CODE_K] = ADB_KEY_K,
+[Q_KEY_CODE_L] = ADB_KEY_L,
+[Q_KEY_CODE_SEMICOLON] = ADB_KEY_SEMICOLON,
+

[Qemu-devel] [PATCH v4 3/4] adb-keys.h: initial commit

[Programmingkid]

This commit implements the adb-keys.h file. It holds information on adb keycode
values.

Signed-off-by: John Arbuckle 
---
* v4 changes
Replaced an 'a' with 'an'.
Replaced __ADBKEYS__ with ADB_KEYS_H.
Added additional information comment with link.
Changed license to GNU GPL v2 or later.

* v3 changes
Changed name of file from MacKeys.h to adb-keys.h.
Changed name of constants from MAC_KEYS_ to ADB_KEYS_.

 include/hw/input/adb-keys.h | 146 
 1 file changed, 146 insertions(+)
 create mode 100644 include/hw/input/adb-keys.h

diff --git a/include/hw/input/adb-keys.h b/include/hw/input/adb-keys.h
new file mode 100644
index 000..2e4f759
--- /dev/null
+++ b/include/hw/input/adb-keys.h
@@ -0,0 +1,146 @@
+/*
+ * QEMU System Emulator
+ *
+ * Copyright (c) 2016 John Arbuckle
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+/*
+ *  adb-keys.h
+ *
+ *  Provides an enum of all the Macintosh keycodes.
+ *  Note: keys like Power, volume related, and eject are handled at a lower
+ *level and are not available to QEMU. That doesn't mean we can't
+ *substitute one key for another. The function keys like F1 make a good
+ *substitute for these keys. This can be done in the GTK, SDL, or Cocoa
+ *code.
+ *  Additional information: http://stackoverflow.com/questions/3202629
+ */
+
+#ifndef ADB_KEYS_H
+#define ADB_KEYS_H
+
+enum {
+ADB_KEY_A = 0,
+ADB_KEY_B = 11,
+ADB_KEY_C = 8,
+ADB_KEY_D = 2,
+ADB_KEY_E = 14,
+ADB_KEY_F = 3,
+ADB_KEY_G = 5,
+ADB_KEY_H = 4,
+ADB_KEY_I = 34,
+ADB_KEY_J = 38,
+ADB_KEY_K = 40,
+ADB_KEY_L = 37,
+ADB_KEY_M = 46,
+ADB_KEY_N = 45,
+ADB_KEY_O = 31,
+ADB_KEY_P = 35,
+ADB_KEY_Q = 12,
+ADB_KEY_R = 15,
+ADB_KEY_S = 1,
+ADB_KEY_T = 17,
+ADB_KEY_U = 32,
+ADB_KEY_V = 9,
+ADB_KEY_W = 13,
+ADB_KEY_X = 7,
+ADB_KEY_Y = 16,
+ADB_KEY_Z = 6,
+
+ADB_KEY_0 = 29,
+ADB_KEY_1 = 18,
+ADB_KEY_2 = 19,
+ADB_KEY_3 = 20,
+ADB_KEY_4 = 21,
+ADB_KEY_5 = 23,
+ADB_KEY_6 = 22,
+ADB_KEY_7 = 26,
+ADB_KEY_8 = 28,
+ADB_KEY_9 = 25,
+
+ADB_KEY_GRAVE_ACCENT = 50,
+ADB_KEY_MINUS = 27,
+ADB_KEY_EQUAL = 24,
+ADB_KEY_DELETE = 51,
+ADB_KEY_CAPS_LOCK = 57,
+ADB_KEY_TAB = 48,
+ADB_KEY_RETURN = 36,
+ADB_KEY_LEFT_BRACKET = 33,
+ADB_KEY_RIGHT_BRACKET = 30,
+ADB_KEY_BACKSLASH = 42,
+ADB_KEY_SEMICOLON = 41,
+ADB_KEY_APOSTROPHE = 39,
+ADB_KEY_COMMA = 43,
+ADB_KEY_PERIOD = 47,
+ADB_KEY_FORWARD_SLASH = 44,
+ADB_KEY_LEFT_SHIFT = 56,
+ADB_KEY_RIGHT_SHIFT = 60,
+ADB_KEY_SPACEBAR = 49,
+ADB_KEY_LEFT_CONTROL = 59,
+ADB_KEY_RIGHT_CONTROL = 62,
+ADB_KEY_LEFT_OPTION = 58,
+ADB_KEY_RIGHT_OPTION = 61,
+ADB_KEY_LEFT_COMMAND = 55,
+ADB_KEY_RIGHT_COMMAND = 54,
+
+ADB_KEY_KP_0 = 82,
+ADB_KEY_KP_1 = 83,
+ADB_KEY_KP_2 = 84,
+ADB_KEY_KP_3 = 85,
+ADB_KEY_KP_4 = 86,
+ADB_KEY_KP_5 = 87,
+ADB_KEY_KP_6 = 88,
+ADB_KEY_KP_7 = 89,
+ADB_KEY_KP_8 = 91,
+ADB_KEY_KP_9 = 92,
+ADB_KEY_KP_PERIOD = 65,
+ADB_KEY_KP_ENTER = 76,
+ADB_KEY_KP_PLUS = 69,
+ADB_KEY_KP_SUBTRACT = 78,
+ADB_KEY_KP_MULTIPLY = 67,
+ADB_KEY_KP_DIVIDE = 75,
+ADB_KEY_KP_EQUAL = 81,
+ADB_KEY_KP_CLEAR = 71,
+
+ADB_KEY_UP = 126,
+ADB_KEY_DOWN = 125,
+ADB_KEY_LEFT = 123,
+ADB_KEY_RIGHT = 124,
+
+ADB_KEY_HELP = 114,
+ADB_KEY_HOME = 115,
+ADB_KEY_PAGE_UP = 116,
+ADB_KEY_PAGE_DOWN = 121,
+ADB_KEY_END = 119,
+ADB_KEY_FORWARD_DELETE = 117,
+
+ADB_KEY_ESC = 53,
+ADB_KEY_F1 = 122,
+ADB_KEY_F2 = 120,
+ADB_KEY_F3 = 99,
+ADB_KEY_F4 = 118,
+ADB_KEY_F5 = 96,
+ADB_KEY_F6 = 97,
+ADB_KEY_F7 = 98,
+ADB_KEY_F8 = 100,
+ADB_KEY_F9 = 101,
+ADB_KEY_F10 = 109,
+ADB_KEY_F11 = 103,
+ADB_KEY_F12 = 111,
+ADB_KEY_F13 = 105,
+ADB_KEY_F14 = 107,
+ADB_KEY_F15 = 113,
+
+ADB_KEY_VOLUME_UP = 72,
+ADB_KEY_VOLUME_DOWN = 73,
+ADB_KEY_VOLUME_MUTE = 74,
+ADB_KEY_POWER = 32639,
+};
+
+/* Could not find the value for this key. */
+/* #define ADB_KEY_EJECT */
+
+#endif /* ADB_KEYS_H */
-- 
2.7.2

[Qemu-devel] [PATCH v4 2/4] qapi-schema.json: Add power and keypad equal keys

[Programmingkid]

Add the power and keypad equal keys. These keys are found on a real Macintosh
keyboard.

Signed-off-by: John Arbuckle 

---
 qapi-schema.json | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/qapi-schema.json b/qapi-schema.json
index 362c9d8..cbc3576 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -3078,6 +3078,7 @@
 #
 # 'unmapped' and 'pause' since 2.0
 # 'ro' and 'kp_comma' since 2.4
+# 'kp_equals' and 'power' since 2.6
 ##
 { 'enum': 'QKeyCode',
   'data': [ 'unmapped',
@@ -3096,7 +3097,7 @@
 'left', 'up', 'down', 'right', 'insert', 'delete', 'stop', 'again',
 'props', 'undo', 'front', 'copy', 'open', 'paste', 'find', 'cut',
 'lf', 'help', 'meta_l', 'meta_r', 'compose', 'pause', 'ro',
-'kp_comma' ] }
+'kp_comma', 'kp_equals', 'power' ] }
 
 ##
 # @KeyValue
-- 
2.7.2

[Qemu-devel] [PATCH v4 1/4] ui/cocoa.m: switch to QKeyCode

[Programmingkid]

This patch removes the pc/xt keycode map and replaces it with the QKeyCode
keymap.

Signed-off-by: John Arbuckle 
---
v3 changes
Removed the LARGEST_KEYCODE marco.
Changed macToQKeyCodeMap to mac_to_qkeycode_map.

 ui/cocoa.m | 317 +++--
 1 file changed, 141 insertions(+), 176 deletions(-)

diff --git a/ui/cocoa.m b/ui/cocoa.m
index 7063a02..45eb104 100644
--- a/ui/cocoa.m
+++ b/ui/cocoa.m
@@ -33,6 +33,7 @@
 #include "sysemu/sysemu.h"
 #include "qmp-commands.h"
 #include "sysemu/blockdev.h"
+#include 
 
 #ifndef MAC_OS_X_VERSION_10_5
 #define MAC_OS_X_VERSION_10_5 1050
@@ -72,178 +73,139 @@ bool stretch_video;
 NSTextField *pauseLabel;
 NSArray * supportedImageFileTypes;
 
-// keymap conversion
-int keymap[] =
-{
-//  SdlImacImacHSdlH104xtH  104xtC  sdl
-30, //  0   0x000x1eA   QZ_a
-31, //  1   0x010x1fS   QZ_s
-32, //  2   0x020x20D   QZ_d
-33, //  3   0x030x21F   QZ_f
-35, //  4   0x040x23H   QZ_h
-34, //  5   0x050x22G   QZ_g
-44, //  6   0x060x2cZ   QZ_z
-45, //  7   0x070x2dX   QZ_x
-46, //  8   0x080x2eC   QZ_c
-47, //  9   0x090x2fV   QZ_v
-0,  //  10  0x0AUndefined
-48, //  11  0x0B0x30B   QZ_b
-16, //  12  0x0C0x10Q   QZ_q
-17, //  13  0x0D0x11W   QZ_w
-18, //  14  0x0E0x12E   QZ_e
-19, //  15  0x0F0x13R   QZ_r
-21, //  16  0x100x15Y   QZ_y
-20, //  17  0x110x14T   QZ_t
-2,  //  18  0x120x021   QZ_1
-3,  //  19  0x130x032   QZ_2
-4,  //  20  0x140x043   QZ_3
-5,  //  21  0x150x054   QZ_4
-7,  //  22  0x160x076   QZ_6
-6,  //  23  0x170x065   QZ_5
-13, //  24  0x180x0d=   QZ_EQUALS
-10, //  25  0x190x0a9   QZ_9
-8,  //  26  0x1A0x087   QZ_7
-12, //  27  0x1B0x0c-   QZ_MINUS
-9,  //  28  0x1C0x098   QZ_8
-11, //  29  0x1D0x0b0   QZ_0
-27, //  30  0x1E0x1b]   QZ_RIGHTBRACKET
-24, //  31  0x1F0x18O   QZ_o
-22, //  32  0x200x16U   QZ_u
-26, //  33  0x210x1a[   QZ_LEFTBRACKET
-23, //  34  0x220x17I   QZ_i
-25, //  35  0x230x19P   QZ_p
-28, //  36  0x240x1cENTER   QZ_RETURN
-38, //  37  0x250x26L   QZ_l
-36, //  38  0x260x24J   QZ_j
-40, //  39  0x270x28'   QZ_QUOTE
-37, //  40  0x280x25K   QZ_k
-39, //  41  0x290x27;   QZ_SEMICOLON
-43, //  42  0x2A0x2b\   QZ_BACKSLASH
-51, //  43  0x2B0x33,   QZ_COMMA
-53, //  44  0x2C0x35/   QZ_SLASH
-49, //  45  0x2D0x31N   QZ_n
-50, //  46  0x2E0x32M   QZ_m
-52, //  47  0x2F0x34.   QZ_PERIOD
-15, //  48  0x300x0fTAB QZ_TAB
-57, //  49  0x310x39SPACE   QZ_SPACE
-41, //  50  0x320x29`   QZ_BACKQUOTE
-14, //  51  0x330x0eBKSPQZ_BACKSPACE
-0,  //  52  0x34Undefined
-1,  //  53  0x350x01ESC QZ_ESCAPE
-220, // 54  0x360xdcE0,5C   R GUI   QZ_RMETA
-219, // 55  0x370xdbE0,5B   L GUI   QZ_LMETA
-42, //  56  0x380x2aL SHFT  QZ_LSHIFT
-58, //  57  0x390x3aCAPSQZ_CAPSLOCK
-56, //  58  0x3A0x38L ALT   QZ_LALT
-29, //  59  0x3B0x1dL CTRL  QZ_LCTRL
-54, //  60  0x3C0x36R SHFT  QZ_RSHIFT
-184,//  61  0x3D0xb8E0,38   R ALT   QZ_RALT
-157,//  62  0x3E0x9dE0,1D   R CTRL  QZ_RCTRL
-0,  //  63  0x3FUndefined
-0,  //  64  0x40Undefined
-0,  //  65  0x41Undefined
-0,  //  66  0x42Undefined
-55, //  67  0x430x37KP *QZ_KP_MULTIPLY
-0,  //  68  0x44Undefined
-78, //  69  0x450x4eKP +QZ_KP_PLUS
-0,  //  70  0x46Undefined
-69, //  71 

[Qemu-devel] [PATCH v4 0/4] Implement some QKeyCode support

[Programmingkid]

This patchset adds QKeyCode support the adb and cocoa code. 

Note: you do not need to be on a Mac to test out the adb.c, qapi-schema.json,
and adb-keys.h files. Only the cocoa.m file changes are Mac specific.

If you are using Linux as a guest, then the xev command is what you could use to
test out these patches. For a Mac OS guest the Key Caps application would help
with testing out these patches.

John Arbuckle (4):
  cocoa.m
  qapi-schema.json
  adb-keys.h
  adb.c

 hw/input/adb.c  | 223 ---
 include/hw/input/adb-keys.h | 146 
 qapi-schema.json|   3 +-
 ui/cocoa.m  | 317 
 4 files changed, 466 insertions(+), 223 deletions(-)
 create mode 100644 include/hw/input/adb-keys.h

-- 
2.7.2

Re: [Qemu-devel] [PATCH v1] migration: skip sending ram pages released by virtio-balloon driver.

[Jitendra Kolhe]

On 3/10/2016 10:57 PM, Eric Blake wrote:

On 03/10/2016 01:57 AM, Jitendra Kolhe wrote:


+++ b/qapi-schema.json
@@ -544,11 +544,14 @@
  #  been migrated, pulling the remaining pages along as needed. NOTE: 
If
  #  the migration fails during postcopy the VM will fail.  (since 2.5)
  #
+# @skip-balloon: Skip scaning ram pages released by virtio-balloon driver.


s/scaning/scanning/


+#  (since 2.5)


You've missed 2.5.  In fact, this is borderline between new feature and
bug fix, so you may have even missed 2.6 since soft freeze has already
passed, in which case this should read 2.7.


Thanks for sharing the timeline was not aware of it. I think making changes to
version 2.7 should be fine. However the version string "(since 2.5)" is
part of existing code. I have added a new option "skip-balloon" below it.


MigrationCapability is since 1.2, x-postcopy-ram is since 2.5, and your
addition of skip-balloon is since 2.7.  In other words, when you
copy-pasted x-postcopy-ram's "(since 2.5)" as your starting point for
writing the docs for your new skip-balloon, you need to update the
version in which your new capability is actually exposed.



My apologies, I didn't realize my patch too was adding version string. 
Will update to version string to 2.7.


- Jitendra

[Qemu-devel] [PATCH v2] usb: fix unbounded stack warning for xhci_dma_write_u32s

[Peter Xu]

All the callers for xhci_dma_write_u32s() are using mostly 5 * uint32_t
in len. To avoid unbound stack warning for the function, make it
statically allocated, and assert when it's not big enough in the
future.

Signed-off-by: Peter Xu 
---
 hw/usb/hcd-xhci.c | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
index 44b6f8c..bcde8a2 100644
--- a/hw/usb/hcd-xhci.c
+++ b/hw/usb/hcd-xhci.c
@@ -698,11 +698,13 @@ static inline void xhci_dma_write_u32s(XHCIState *xhci, 
dma_addr_t addr,
uint32_t *buf, size_t len)
 {
 int i;
-uint32_t tmp[len / sizeof(uint32_t)];
+uint32_t tmp[5];
+uint32_t n = len / sizeof(uint32_t);
 
 assert((len % sizeof(uint32_t)) == 0);
+assert(n <= ARRAY_SIZE(tmp));
 
-for (i = 0; i < (len / sizeof(uint32_t)); i++) {
+for (i = 0; i < n; i++) {
 tmp[i] = cpu_to_le32(buf[i]);
 }
 pci_dma_write(PCI_DEVICE(xhci), addr, tmp, len);
-- 
2.4.3

Re: [Qemu-devel] [PATCH] usb: fix unbounded stack warning for xhci_dma_write_u32s

[Peter Xu]

On Thu, Mar 10, 2016 at 10:21:45AM +0100, Gerd Hoffmann wrote:
> On Do, 2016-03-10 at 15:56 +0800, Peter Xu wrote:
> > As mentioned in previous thread, because all the callers of
> > xhci_dma_write_u32s() are using const size in "len". The maximum
> > currently is 5 * sizeof(uint32_t) = 20 bytes
> 
> Can you note that in the commit message please?

Sure!

> 
> > . Here I choose number
> > bigger than 5 should work for now.
> 
> Why bigger?  5 should do just fine then, and the assert added should
> make sure we'll notice if this needs an update due to code changes
> elsewhere.

Will repost with 5.

Thanks.
Peter

Re: [Qemu-devel] [PATCH] quorum: Fix crash in quorum_aio_cb()

[Wen Congyang]

On 03/10/2016 08:13 PM, Alberto Garcia wrote:
> quorum_aio_cb() emits the QUORUM_REPORT_BAD event if there's
> an I/O error in a Quorum child. However sacb->aiocb must be
> correctly initialized for this to happen. read_quorum_children() and
> read_fifo_child() are not doing this, which results in a QEMU crash.

If we use FIFO mode, we don't call quorum_report_bad() in quorum_aio_cb().
But it is OK to iniialize sacb->aiocb for it.

> 
> Signed-off-by: Alberto Garcia 
> Reviewed-by: Max Reitz 

Reviewed-by: Wen Congyang 

> ---
>  block/quorum.c | 12 +++-
>  1 file changed, 7 insertions(+), 5 deletions(-)
> 
> diff --git a/block/quorum.c b/block/quorum.c
> index b9ba028..e640688 100644
> --- a/block/quorum.c
> +++ b/block/quorum.c
> @@ -646,8 +646,9 @@ static BlockAIOCB *read_quorum_children(QuorumAIOCB *acb)
>  }
>  
>  for (i = 0; i < s->num_children; i++) {
> -bdrv_aio_readv(s->children[i]->bs, acb->sector_num, 
> >qcrs[i].qiov,
> -   acb->nb_sectors, quorum_aio_cb, >qcrs[i]);
> +acb->qcrs[i].aiocb = bdrv_aio_readv(s->children[i]->bs, 
> acb->sector_num,
> +>qcrs[i].qiov, 
> acb->nb_sectors,
> +quorum_aio_cb, >qcrs[i]);
>  }
>  
>  return >common;
> @@ -662,9 +663,10 @@ static BlockAIOCB *read_fifo_child(QuorumAIOCB *acb)
>  qemu_iovec_init(>qcrs[acb->child_iter].qiov, acb->qiov->niov);
>  qemu_iovec_clone(>qcrs[acb->child_iter].qiov, acb->qiov,
>   acb->qcrs[acb->child_iter].buf);
> -bdrv_aio_readv(s->children[acb->child_iter]->bs, acb->sector_num,
> -   >qcrs[acb->child_iter].qiov, acb->nb_sectors,
> -   quorum_aio_cb, >qcrs[acb->child_iter]);
> +acb->qcrs[acb->child_iter].aiocb =
> +bdrv_aio_readv(s->children[acb->child_iter]->bs, acb->sector_num,
> +   >qcrs[acb->child_iter].qiov, acb->nb_sectors,
> +   quorum_aio_cb, >qcrs[acb->child_iter]);
>  
>  return >common;
>  }
> 

Re: [Qemu-devel] [PATCH] Introduce "xen-load-devices-state"

[Changlong Xie]

On 03/11/2016 04:31 AM, Eric Blake wrote:

On 03/10/2016 03:23 AM, Changlong Xie wrote:

From: Wen Congyang 

Introduce a "xen-load-devices-state" QAPI command that can be used to load
the state of all devices, but not the RAM or the block devices of the
VM.

We only have hmp commands savevm/loadvm, and qmp commands
xen-save-devices-state.

We use this new command for COLO:
1. suspend both primay vm and secondary vm


s/primay/primary/


Hi Eric

Will fix in next version.




2. sync the state
3. resume both primary vm and secondary vm

In such case, we need to update all devices's state in any time.


s/devices's/devices/'


Ditto.





Signed-off-by: Wen Congyang 
Signed-off-by: Changlong Xie 
---



+++ b/qapi-schema.json
@@ -4122,3 +4122,21 @@
  ##
  { 'enum': 'ReplayMode',
'data': [ 'none', 'record', 'play' ] }
+
+##
+# @xen-load-devices-state:
+#
+# Load the state of all devices from file. The RAM and the block devices
+# of the VM are not loaded by this command.
+#
+# @filename: the file to load the state of the devices from as binary
+# data. See xen-save-devices-state.txt for a description of the binary
+# format.
+#
+# Returns: Nothing on success
+#  If @filename cannot be opened, OpenFileFailed
+#  If an I/O error occurs while reading the file, IOError


Drop the whole Returns: paragraph.  We have very few distinguished error
categories, and you are not using anything other than a generic error
category here (that is, OpenFileFailed and IOError are NOT valid QMP
error categories).



Ditto.


+#
+# Since: 2.6


You missed soft freeze; is this still 2.6 material?



"Since: 2.7" should be fine.




+++ b/qmp-commands.hx
@@ -587,6 +587,33 @@ Example:
  EQMP

  {
+.name   = "xen-load-devices-state",
+.args_type  = "filename:F",
+.mhandler.cmd_new = qmp_marshal_xen_load_devices_state,
+},
+
+SQMP
+xen-load-devices-state
+---


Make the  separator line the same length as the text it is underlining.



Surely.

Thanks
-Xie

Re: [Qemu-devel] [PULL 0/8] VFIO updates 2016-03-10

[Peter Maydell]

On 10 March 2016 at 23:55, Alex Williamson  wrote:
> The following changes since commit a648c137383d84bc4f95696e5293978d9541a26e:
>
>   Merge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20160309-1' into 
> staging (2016-03-10 02:51:14 +)
>
> are available in the git repository at:
>
>
>   git://github.com/awilliam/qemu-vfio.git tags/vfio-update-20160310.1
>
> for you to fetch changes up to f953b1a565c9fa0551c5023056c28fbbe35c8b9d:
>
>   MAINTAINERS: Add entry for the include/hw/vfio/ folder (2016-03-10 09:39:09 
> -0700)
>
> 
> VFIO updates 2016-03-10
>
>  - Allow devices to be specified via sysfs path (Alex Williamson)
>  - vfio region helpers and generalization for future device specific regions
>(Alex Williamson)
>  - Automatic ROM device ID and checksum fixup (Alex Williamson)
>  - Split VGA setup to allow enabling VGA from quirks (Alex Williamson)
>  - Remove fixed string limit for ROM MemoryRegion name (Neo Jia)
>  - MAINTAINERS update (Thomas Huth)

This fails to build on OSX and Windows:

In file included from /Users/pm215/src/qemu-for-merges/hw/arm/sysbus-fdt.c:35:
In file included from
/Users/pm215/src/qemu-for-merges/include/hw/vfio/vfio-platform.h:20:
/Users/pm215/src/qemu-for-merges/include/hw/vfio/vfio-common.h:28:10:
fatal error: 'linux/vfio.h' file
  not found
#include 
 ^

thanks
-- PMM

Re: [Qemu-devel] [PATCH v12 1/3] Add new block driver interface to add/delete a BDS's child

[Changlong Xie]

On 03/10/2016 10:57 PM, Alberto Garcia wrote:

On Thu 10 Mar 2016 03:49:39 AM CET, Changlong Xie wrote:

From: Wen Congyang 

In some cases, we want to take a quorum child offline, and take
another child online.

Signed-off-by: Wen Congyang 
Signed-off-by: zhanghailiang 
Signed-off-by: Gonglei 
Signed-off-by: Changlong Xie 
Reviewed-by: Max Reitz 



+if (!tmp) {
+error_setg(errp, "The node %s does not have child named %s",
+   bdrv_get_device_or_node_name(parent_bs),
+   bdrv_get_device_or_node_name(child->bs));
+return;


I think it should be "does not have a child" or "does not have any
child".

With that corrected,


Ok, will fix in next version.

Thanks
-Xie



Reviewed-by: Alberto Garcia 

Berto


.

Re: [Qemu-devel] [PATCH v3 10/12] i.MX: Add the Freescale SPI Controller

[Peter Maydell]

On 11 March 2016 at 02:26, Jean-Christophe DUBOIS  wrote:
> Le 10/03/2016 11:31, Peter Maydell a écrit :
>> Calling qemu_set_irq() from a reset function is generally
>> a bad idea.
>
>
> Could I assume that all irq lines are set automatically to 0 on reset?

The way this works is that an irq line has two ends on it,
and no internal state of its own. So on reset, the devices
at each end reset themselves. For the device on the receiving
end of the irq line, it will reset itself into the "assume
this input of mine is at 0" state.

(The reason not to call qemu_set_irq() on reset from the
sending end is that there's no guarantee about which order
the two devices reset themselves -- if you reset before
the receiving end then your call would do nothing anyway
because the subsequent reset in the receiver resets its state
and it forgets about the inbound signal being high.)

This is of course broken for the case where a device wants
to assert a line to 1 when it resets, but we've basically
been able to ignore this so far. Trying to clean up our
reset handling would be a huge job and probably not back
compatible either...

thanks
-- PMM

Re: [Qemu-devel] [PATCH v3 12/12] i.MX: Add sabrelite i.MX6 emulation.

[Peter Maydell]

On 11 March 2016 at 02:24, Jean-Christophe DUBOIS  wrote:
> Le 10/03/2016 11:38, Peter Maydell a écrit :
>>
>> On 2 March 2016 at 05:27, Jean-Christophe Dubois 
>> wrote:
>>>
>>> The sabrelite supports one SPI FLASH memory on SPI1
>>>
>>> Signed-off-by: Jean-Christophe Dubois 
>>> ---
>>>
>>> +
>>> +{
>>> +/* Add the sst25vf016b NOR FLASH memory to first SPI */
>>> +Object *spi_dev;
>>> +
>>> +spi_dev = object_resolve_path_component(OBJECT(>soc),
>>> "spi1");
>>> +if (spi_dev) {
>>> +SSIBus *spi_bus;
>>> +
>>> +spi_bus = (SSIBus *)qdev_get_child_bus(DEVICE(spi_dev),
>>> "spi");
>>
>> This looks odd. You should just be able to do
>>   spi_bus = (SSIBus *)qdev_get_child_bus(DEVICE(>soc), "spi1");
>> without using object_resolve_path_component() to try to find an
>> SPI device object, because your SoC device should have alias properties
>> which provide access to its SPI subcomponents' SPI buses.
>> See hw/arm/xlnx-ep108.c for an example of the board code for this and
>> hw/arm/xlnx-zynqmp.c for the SoC code which calls
>> object_property_add_alias() to set up the aliases.
>
>
> I certainly could do as you proposed.
>
> The problem is that I also need the spi_dev device for the
> sysbus_connect_irq() call below.
>
> My spi_dev is referenced as "spi1" in the i.MX6 doc and I added a 'spi1"
> property for it in the i.MX6 soc.
>
> Once I have the spi_dev device it is trivial to retrieve the spi_bus
> attached to it.
>
> So, yes this is not in line with what is done in xlnx-zynqmp.c but the need
> is a bit different.

I think the SoC should probably have an externally-facing IRQ line
which it wires up internally to the SPI's IRQ line.
(This corresponds basically to what happens in h/w -- the SoC's
interfaces are defined by it even though many of them may be
directly wired up to some internal component it has, but from
outside the SoC you don't get access to the whole of the internal
component.)

thanks
-- PMM

Re: [Qemu-devel] [Qemu-ppc] [PATCH 72/77] ppc: A couple more dummy POWER8 Book4 regs

[Cédric Le Goater]

On 03/10/2016 07:01 PM, Thomas Huth wrote:
> On 09.03.2016 22:17, Thomas Huth wrote:
>> On 09.03.2016 21:04, Cédric Le Goater wrote:
> 
>>> I have been maintaining a port of Ben's patchset on the latest qemu for 
>>> other 
>>> parts which should come after pnv is merged so I have a framework to test 
>>> such 
>>> sub-patchsets. I also have time to work on them but clearly not the 
>>> expertise
>>> in all areas !
>>
>> That would be great if you could take care of this!
>>
>>> What would be nice is to identify the most obvious ones, non controversial
>>> that could be merged after a few iterations. I have a vague idea, the ones 
>>> Reviewed-by David obviously being good candidates, the definition of new 
>>> SPRs 
>>> (even the dummy ones ?).
>>
>> I really like to see the KVM SPRs patches first - since they are fixing
>> potential problems with migration of the _current_ KVM machines already!
>> And being bug fixes, maybe these patches could even be included for QEMU
>> 2.6 already? (i.e. before the hard freeze at the end of March)
>>
>> So my wish-list for a first small patch series looks like this:
>>
>> 5b287e66c7513209  ppc: Add macros to register hypervisor mode SPRs
>> 34f1af75e75e7ba0  ppc: Add dummy CIABR SPR
>> 48adf38e9cab4663  ppc: A couple more dummy POWER8 Book4 regs
>> 730a9b4dc9414818  ppc: Add KVM numbers to some P8 SPRs
>>
>> There are a couple of other patches touching the SPRs initialization,
>> but they are not important with regards to migration... so not sure
>> whether it makes sense to include them now already...
> 
> FWIW, I just saw today (by doing some more experiments with
> kvm-unit-tests) that the IAMR register is also not migrated yet ... so
> it would be nice if you could include the related patches for IAMR, too,
> and wire the KVM part up with KVM_REG_PPC_IAMR...

OK. So we should be targeting something like :

ppc: Update SPR definitions
ppc: Add macros to register hypervisor mode SPRs
ppc: Add a bunch of hypervisor SPRs to Book3s

ppc: LPCR is a HV resource
ppc: SPURR & PURR are HV writeable and privileged
ppc: Add dummy SPR_IC for POWER8
ppc: Initialize AMOR in PAPR mode
ppc: Fix writing to AMR/UAMOR
ppc: Add POWER8 IAMR register
ppc: Add a few more P8 PMU SPRs
ppc: Add dummy write to VTB
ppc: Add dummy POWER8 MPPR register
ppc: Add dummy POWER8 PSPB SPR
ppc: Add dummy CIABR SPR
ppc: Add dummy ACOP SPR
ppc: A couple more dummy POWER8 Book4 regs
ppc: Add KVM numbers to some P8 SPRs



Also, there seem to be an issue with qemu's HEAD on ppc64el with the
random device :

-object rng-random,filename=/dev/urandom,id=gid0 -device 
spapr-rng,rng=gid0

qemu "hangs". This is a vague description for a symptom ... Does that ring
a bell or do I need to dig in to get more info ? 

Thanks,

C.

Re: [Qemu-devel] [PATCH] Replacing (and removing) get_ticks_per_sec() function with NANOSECONDS_PER_SECOND Signed-off-by: Rutuja Shah <rutu.shah...@gmail.com>

[Eric Blake]

On 03/10/2016 12:30 PM, rutu.shah...@gmail.com wrote:
> From: Rutuja Shah 
> 

Your commit message body was botched, cramming everything into the
subject line.  Be sure you have a one-line summary (preferably shorter
than 60 characters), then a blank line, before the rest of your
description and S-o-b.  Also, it's good to say "why" in the commit body,
not just "what".  Something like:

maint: Drop unused get_ticks_per_sec()

Replace the use of get_ticks_per_sec() with NANOSECONDS_PER_SECOND,
because...

Signed-off-by: Rutuja Shah 

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

[Qemu-devel] [PATCH] Replacing (and removing) get_ticks_per_sec() function with NANOSECONDS_PER_SECOND Signed-off-by: Rutuja Shah <rutu.shah...@gmail.com>

[rutu . shah . 26]

From: Rutuja Shah 

---
 audio/audio.c |  2 +-
 audio/noaudio.c   |  4 ++--
 audio/spiceaudio.c|  2 +-
 audio/wavaudio.c  |  2 +-
 backends/baum.c   |  2 +-
 block/qed.c   |  2 +-
 cpus.c|  6 +++---
 hw/acpi/core.c|  4 ++--
 hw/arm/omap1.c| 14 +++---
 hw/arm/spitz.c|  2 +-
 hw/arm/stellaris.c|  2 +-
 hw/arm/strongarm.c|  2 +-
 hw/audio/adlib.c  |  2 +-
 hw/audio/sb16.c   |  4 ++--
 hw/block/fdc.c|  2 +-
 hw/block/pflash_cfi02.c   |  4 ++--
 hw/bt/hci-csr.c   |  4 ++--
 hw/char/cadence_uart.c|  4 ++--
 hw/char/serial.c  |  6 +++---
 hw/display/vga.c  |  6 +++---
 hw/dma/rc4030.c   |  2 +-
 hw/ide/core.c |  2 +-
 hw/input/hid.c|  2 +-
 hw/input/tsc2005.c|  2 +-
 hw/input/tsc210x.c|  2 +-
 hw/intc/i8259.c   |  2 +-
 hw/misc/arm_sysctl.c  |  2 +-
 hw/misc/macio/cuda.c  | 16 
 hw/misc/macio/macio.c |  2 +-
 hw/net/dp8393x.c  |  2 +-
 hw/ppc/ppc.c  | 18 +-
 hw/ppc/ppc405_uc.c|  4 ++--
 hw/ppc/ppc_booke.c|  2 +-
 hw/sd/sdhci-internal.h|  2 +-
 hw/sparc64/sun4u.c|  4 ++--
 hw/timer/i8254.c  |  4 ++--
 hw/timer/i8254_common.c   |  6 +++---
 hw/timer/mc146818rtc.c|  6 +++---
 hw/timer/omap_gptimer.c   |  2 +-
 hw/timer/omap_synctimer.c |  2 +-
 hw/timer/pl031.c  | 10 +-
 hw/timer/pxa2xx_timer.c   | 14 +++---
 hw/usb/hcd-ehci.c |  4 ++--
 hw/usb/hcd-musb.c |  2 +-
 hw/usb/hcd-ohci.c | 10 +-
 hw/usb/hcd-uhci.c |  6 +++---
 hw/usb/tusb6010.c |  4 ++--
 hw/watchdog/wdt_diag288.c |  2 +-
 hw/watchdog/wdt_ib700.c   |  2 +-
 include/hw/acpi/acpi.h|  2 +-
 include/qemu/timer.h  |  9 ++---
 monitor.c |  4 ++--
 target-ppc/kvm.c  |  4 ++--
 53 files changed, 114 insertions(+), 119 deletions(-)

diff --git a/audio/audio.c b/audio/audio.c
index e841532..8c2c495 100644
--- a/audio/audio.c
+++ b/audio/audio.c
@@ -1870,7 +1870,7 @@ static void audio_init (void)
 conf.period.ticks = 1;
 } else {
 conf.period.ticks =
-muldiv64 (1, get_ticks_per_sec (), conf.period.hertz);
+muldiv64 (1, NANOSECONDS_PER_SECOND, conf.period.hertz);
 }
 
 e = qemu_add_vm_change_state_handler (audio_vm_change_state_handler, s);
diff --git a/audio/noaudio.c b/audio/noaudio.c
index 09588b9..931aa03 100644
--- a/audio/noaudio.c
+++ b/audio/noaudio.c
@@ -49,7 +49,7 @@ static int no_run_out (HWVoiceOut *hw, int live)
 
 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
 ticks = now - no->old_ticks;
-bytes = muldiv64 (ticks, hw->info.bytes_per_second, get_ticks_per_sec ());
+bytes = muldiv64 (ticks, hw->info.bytes_per_second, 
NANOSECONDS_PER_SECOND);
 bytes = audio_MIN (bytes, INT_MAX);
 samples = bytes >> hw->info.shift;
 
@@ -106,7 +106,7 @@ static int no_run_in (HWVoiceIn *hw)
 int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
 int64_t ticks = now - no->old_ticks;
 int64_t bytes =
-muldiv64 (ticks, hw->info.bytes_per_second, get_ticks_per_sec ());
+muldiv64 (ticks, hw->info.bytes_per_second, 
NANOSECONDS_PER_SECOND);
 
 no->old_ticks = now;
 bytes = audio_MIN (bytes, INT_MAX);
diff --git a/audio/spiceaudio.c b/audio/spiceaudio.c
index 297fd41..a098057 100644
--- a/audio/spiceaudio.c
+++ b/audio/spiceaudio.c
@@ -104,7 +104,7 @@ static int rate_get_samples (struct audio_pcm_info *info, 
SpiceRateCtl *rate)
 
 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
 ticks = now - rate->start_ticks;
-bytes = muldiv64 (ticks, info->bytes_per_second, get_ticks_per_sec ());
+bytes = muldiv64 (ticks, info->bytes_per_second, NANOSECONDS_PER_SECOND);
 samples = (bytes - rate->bytes_sent) >> info->shift;
 if (samples < 0 || samples > 65536) {
 error_report("Resetting rate control (%" PRId64 " samples)", samples);
diff --git a/audio/wavaudio.c b/audio/wavaudio.c
index 343b1a1..1991487 100644
--- a/audio/wavaudio.c
+++ b/audio/wavaudio.c
@@ -51,7 +51,7 @@ static int wav_run_out (HWVoiceOut *hw, int live)
 int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
 int64_t ticks = now - wav->old_ticks;
 int64_t bytes =
-muldiv64 (ticks, hw->info.bytes_per_second, get_ticks_per_sec ());
+muldiv64 (ticks, hw->info.bytes_per_second, NANOSECONDS_PER_SECOND);
 
 if (bytes > INT_MAX) {
 samples = INT_MAX >> hw->info.shift;
diff --git a/backends/baum.c b/backends/baum.c
index c11320e..20b49f2 100644
--- a/backends/baum.c
+++ b/backends/baum.c
@@ -336,7 +336,7 @@ static int baum_eat_packet(BaumDriverState *baum, const 
uint8_t *buf, int len)
 
 /* Allow 100ms to complete the DisplayData packet */
 

[Qemu-devel] [PATCH] Replaced get_ticks_per_sec calls with NANOSECONDS_PER_SECOND

[rutuja shah]

Hi,
As there are no callers to get_ticks_per_sec() function, definition of
this function could be removed completely?
---
 backends/baum.c   |  2 +-
 block/qed.c   |  2 +-
 cpus.c|  6 +++---
 hw/acpi/core.c|  4 ++--
 hw/arm/omap1.c| 14 +++---
 hw/arm/spitz.c|  2 +-
 hw/arm/stellaris.c|  2 +-
 hw/arm/strongarm.c|  2 +-
 hw/block/fdc.c|  2 +-
 hw/block/pflash_cfi02.c   |  4 ++--
 hw/bt/hci-csr.c   |  4 ++--
 hw/char/cadence_uart.c|  4 ++--
 hw/char/serial.c  |  6 +++---
 hw/display/vga.c  |  6 +++---
 hw/dma/rc4030.c   |  2 +-
 hw/ide/core.c |  2 +-
 hw/input/hid.c|  2 +-
 hw/input/tsc2005.c|  2 +-
 hw/input/tsc210x.c|  2 +-
 hw/intc/i8259.c   |  2 +-
 hw/misc/arm_sysctl.c  |  2 +-
 hw/misc/macio/cuda.c  | 16 
 hw/misc/macio/macio.c |  2 +-
 hw/net/dp8393x.c  |  2 +-
 hw/ppc/ppc.c  | 18 +-
 hw/ppc/ppc405_uc.c|  4 ++--
 hw/ppc/ppc_booke.c|  2 +-
 hw/sd/sdhci-internal.h|  2 +-
 hw/sparc64/sun4u.c|  4 ++--
 hw/timer/i8254.c  |  4 ++--
 hw/timer/i8254_common.c   |  6 +++---
 hw/timer/mc146818rtc.c|  6 +++---
 hw/timer/omap_gptimer.c   |  2 +-
 hw/timer/omap_synctimer.c |  2 +-
 hw/timer/pl031.c  | 10 +-
 hw/timer/pxa2xx_timer.c   | 14 +++---
 hw/usb/hcd-ehci.c |  4 ++--
 hw/usb/hcd-musb.c |  2 +-
 hw/usb/hcd-ohci.c | 10 +-
 hw/usb/hcd-uhci.c |  6 +++---
 hw/usb/tusb6010.c |  4 ++--
 hw/watchdog/wdt_diag288.c |  2 +-
 hw/watchdog/wdt_ib700.c   |  2 +-
 include/hw/acpi/acpi.h|  2 +-
 include/qemu/timer.h  |  4 ++--
 monitor.c |  4 ++--
 target-ppc/kvm.c  |  4 ++--
 47 files changed, 106 insertions(+), 106 deletions(-)

diff --git a/backends/baum.c b/backends/baum.c
index c11320e..20b49f2 100644
--- a/backends/baum.c
+++ b/backends/baum.c
@@ -336,7 +336,7 @@ static int baum_eat_packet(BaumDriverState *baum,
const uint8_t *buf, int len)

 /* Allow 100ms to complete the DisplayData packet */
 timer_mod(baum->cellCount_timer,
qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
-   get_ticks_per_sec() / 10);
+   NANOSECONDS_PER_SECOND / 10);
 for (i = 0; i < baum->x * baum->y ; i++) {
 EAT(c);
 cells[i] = c;
diff --git a/block/qed.c b/block/qed.c
index 404be1e..6fa7e1f 100644
--- a/block/qed.c
+++ b/block/qed.c
@@ -345,7 +345,7 @@ static void qed_start_need_check_timer(BDRVQEDState *s)
  * migration.
  */
 timer_mod(s->need_check_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
-   get_ticks_per_sec() * QED_NEED_CHECK_TIMEOUT);
+   NANOSECONDS_PER_SECOND * QED_NEED_CHECK_TIMEOUT);
 }

 /* It's okay to call this multiple times or when no timer is started */
diff --git a/cpus.c b/cpus.c
index bc774e2..17be5de 100644
--- a/cpus.c
+++ b/cpus.c
@@ -275,7 +275,7 @@ void cpu_disable_ticks(void)
fairly approximate, so ignore small variation.
When the guest is idle real and virtual time will be aligned in
the IO wait loop.  */
-#define ICOUNT_WOBBLE (get_ticks_per_sec() / 10)
+#define ICOUNT_WOBBLE (NANOSECONDS_PER_SECOND / 10)

 static void icount_adjust(void)
 {
@@ -326,7 +326,7 @@ static void icount_adjust_vm(void *opaque)
 {
 timer_mod(icount_vm_timer,
qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
-   get_ticks_per_sec() / 10);
+   NANOSECONDS_PER_SECOND / 10);
 icount_adjust();
 }

@@ -665,7 +665,7 @@ void configure_icount(QemuOpts *opts, Error **errp)
 icount_adjust_vm, NULL);
 timer_mod(icount_vm_timer,
qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
-   get_ticks_per_sec() / 10);
+   NANOSECONDS_PER_SECOND / 10);
 }

 /***/
diff --git a/hw/acpi/core.c b/hw/acpi/core.c
index 3d9e5c4..5ea3b3b 100644
--- a/hw/acpi/core.c
+++ b/hw/acpi/core.c
@@ -389,7 +389,7 @@ uint16_t acpi_pm1_evt_get_sts(ACPIREGS *ar)
acpi_pm_tmr_update function uses ns for setting the timer. */
 int64_t d = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
 if (d >= muldiv64(ar->tmr.overflow_time,
-  get_ticks_per_sec(), PM_TIMER_FREQUENCY)) {
+  NANOSECONDS_PER_SECOND, PM_TIMER_FREQUENCY)) {
 ar->pm1.evt.sts |= ACPI_BITMASK_TIMER_STATUS;
 }
 return ar->pm1.evt.sts;
@@ -483,7 +483,7 @@ void acpi_pm_tmr_update(ACPIREGS *ar, bool enable)

 /* schedule a timer interruption if needed */
 if (enable) {
-expire_time = muldiv64(ar->tmr.overflow_time, get_ticks_per_sec(),
+expire_time = muldiv64(ar->tmr.overflow_time, NANOSECONDS_PER_SECOND,
 

Re: [Qemu-devel] [PATCH v5 13/14] qapi: Allow anonymous base for flat union

[Eric Blake]

On 03/10/2016 01:22 PM, Markus Armbruster wrote:
> Eric Blake  writes:
> 
>> Rather than requiring all flat unions to explicitly create
>> a separate base struct, we can allow the qapi schema to specify
>> the common members via an inline dictionary. This is similar to
>> how commands can specify an inline anonymous type for its 'data'.
>> We already have several struct types that only exist to serve as
>> a single flat union's base; the next commit will clean them up
>> (in particular, the doc change to the BlockdevOptions example in
>> this patch will be reflected to QMP in the next).
> 
> The parenthesis is a bit cryptic.  "Reflected"?

Maybe s/reflected to/implemented in/ would read better.

> 
>> Now that anonymous bases are legal, we need to rework the
>> flat-union-bad-base negative test (as previously written, it
>> forms what is now valid QAPI; tweak it to now provide coverage
>> of a new error message path), and add a positive test in
>> qapi-schema-test to use an anonymous base (making the integer
>> argument optional, for even more coverage).
>>
>> Note that this patch only allows anonymous bases for flat unions;
>> simple unions are already enough syntactic sugar that we do not
>> want to burden them further.  Meanwhile, while it would be easy
>> to also allow an anonymous base for structs, that would be quite
>> redundant, as the members can be put right into the struct
>> instead.
>>
>> Signed-off-by: Eric Blake 
> 
> Patch looks good.
> 

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PULL 3/8] vfio: Generalize region support

[Eric Blake]

On 03/10/2016 09:34 AM, Alex Williamson wrote:

>>> +trace_vfio_msix_fixup(vdev->vbasedev.name,
>>> +  vdev->msix->table_bar, 
>>> region->mmaps[0].offset,
>>> +  region->mmaps[0].offset + 
>>> region->mmaps[0].size);  
>> Sorry this does not compile for me on arm 32b:
>>
>> ./trace/generated-tracers.h:16113:23: error: format ‘%lx’ expects
>> argument of type ‘long unsigned int’, but argument 8 has type ‘off_t’
>> [-Werror=format=] , name, bar, offset, size);
>>
>> -> vfio_msix_fixup(const char *name, int bar, off_t start, off_t end) "  
>> (%s) MSI-X region %d mmap fixup [0x%"PRIx64" - 0x%"PRIx64"]" ?
> 

>  vfio_msix_disable(const char *name) " (%s)"
> -vfio_msix_fixup(const char *name, int bar, off_t offset, size_t size) " (%s) 
> MSI-X region %d mmap fixup [0x%lx - 0x%lx]"
> +vfio_msix_fixup(const char *name, int bar, off_t start, off_t end) " (%s) 
> MSI-X region %d mmap fixup [0x%"PRIx64" - 0x%"PRIx64"]"

off_t and PRIx64 are not necessarily compatible types (on a 64-bit
platform, one could be 'long' while the other is 'long long').  And even
though we set compiler flags to get 64-bit off_t on 32-bit platforms,
your code is not portable to people that don't set those flags and are
stuck with 32-bit off_t.

It may be better to declare start and end as [u]int64_t, rather than off_t.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH v1 21/21] error: ensure errno detail is printed with error_abort

[Markus Armbruster]

"Daniel P. Berrange"  writes:

> On Thu, Mar 10, 2016 at 09:55:37AM +0100, Markus Armbruster wrote:
>> "Daniel P. Berrange"  writes:
>> 
>> > When _abort is passed in, the error reporting code
>> > will print the current error message and then abort() the
>> > process. Unfortunately at the time it aborts, we've not
>> > yet appended the errno detail. This makes debugging certain
>> > problems significantly harder as the log is incomplete.
>> >
>> > Signed-off-by: Daniel P. Berrange 
>> 
>> Reviewed-by: Markus Armbruster 
>> 
>> I can take this through my tree, but it's perhaps easier to let it flow
>> along with the rest of your series.
>
> Nah, it isn't critical to the rest of this series. Its just tacked
> on as I noticed it while debugging tests, so you might as well just
> take it through your tree as normal.

Okay, applied to error-next, thanks!

Re: [Qemu-devel] [PATCH v5 00/14] easier unboxed visits/qapi implicit types

[Markus Armbruster]

I finished review.  I'll look over it tomorrow to decide whether I can
take it with minor tweaks, or whether we need v6.  I'm hopeful :)

Re: [Qemu-devel] [PATCH v2 2/4] monitor: Separate QUORUM_REPORT_BAD events according to the node name

[Eric Blake]

On 03/10/2016 04:55 AM, Alberto Garcia wrote:
> The QUORUM_REPORT_BAD event is emitted whenever there's an I/O error
> in a child of a Quorum device. This event is emitted at a maximum rate
> of 1 per second. This means that an error in one of the children will
> mask errors in the other children if they happen within the same 1
> second interval.
> 
> This patch modifies qapi_event_throttle_equal() so QUORUM_REPORT_BAD
> events are kept separately if they come from different children.
> 
> Signed-off-by: Alberto Garcia 
> Reviewed-by: Max Reitz 
> ---
>  monitor.c | 9 +
>  1 file changed, 9 insertions(+)
> 
> diff --git a/monitor.c b/monitor.c
> index e99ca8c..c9fe862 100644
> --- a/monitor.c
> +++ b/monitor.c
> @@ -572,6 +572,10 @@ static unsigned int qapi_event_throttle_hash(const void 
> *key)
>  hash += g_str_hash(qdict_get_str(evstate->data, "id"));
>  }
>  
> +if (evstate->event == QAPI_EVENT_QUORUM_REPORT_BAD) {
> +hash += g_str_hash(qdict_get_str(evstate->data, "node-name"));

Is ^= any better than += when computing hashes, so that carry bits
aren't weakening the distribution of bits?  But as long as the
computation is consistent, I'm not too worried, since you were copying
the line above.

Reviewed-by: Eric Blake 

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH] Introduce "xen-load-devices-state"

[Eric Blake]

On 03/10/2016 03:23 AM, Changlong Xie wrote:
> From: Wen Congyang 
> 
> Introduce a "xen-load-devices-state" QAPI command that can be used to load
> the state of all devices, but not the RAM or the block devices of the
> VM.
> 
> We only have hmp commands savevm/loadvm, and qmp commands
> xen-save-devices-state.
> 
> We use this new command for COLO:
> 1. suspend both primay vm and secondary vm

s/primay/primary/

> 2. sync the state
> 3. resume both primary vm and secondary vm
> 
> In such case, we need to update all devices's state in any time.

s/devices's/devices/'

> 
> Signed-off-by: Wen Congyang 
> Signed-off-by: Changlong Xie 
> ---

> +++ b/qapi-schema.json
> @@ -4122,3 +4122,21 @@
>  ##
>  { 'enum': 'ReplayMode',
>'data': [ 'none', 'record', 'play' ] }
> +
> +##
> +# @xen-load-devices-state:
> +#
> +# Load the state of all devices from file. The RAM and the block devices
> +# of the VM are not loaded by this command.
> +#
> +# @filename: the file to load the state of the devices from as binary
> +# data. See xen-save-devices-state.txt for a description of the binary
> +# format.
> +#
> +# Returns: Nothing on success
> +#  If @filename cannot be opened, OpenFileFailed
> +#  If an I/O error occurs while reading the file, IOError

Drop the whole Returns: paragraph.  We have very few distinguished error
categories, and you are not using anything other than a generic error
category here (that is, OpenFileFailed and IOError are NOT valid QMP
error categories).

> +#
> +# Since: 2.6

You missed soft freeze; is this still 2.6 material?


> +++ b/qmp-commands.hx
> @@ -587,6 +587,33 @@ Example:
>  EQMP
>  
>  {
> +.name   = "xen-load-devices-state",
> +.args_type  = "filename:F",
> +.mhandler.cmd_new = qmp_marshal_xen_load_devices_state,
> +},
> +
> +SQMP
> +xen-load-devices-state
> +---

Make the  separator line the same length as the text it is underlining.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH v1] hw: fix error reporting for missing option ROMs

[Eric Blake]

On 03/10/2016 10:28 AM, Daniel P. Berrange wrote:
> If QEMU fails to load any of the VGA ROMs, it prints a message
> to stderr and then carries on as if everything was fine, despite
> the VGA interface not being functional. This extends the the
> rom_add_file() method to accept a 'Error **errp' parameter. The
> VGA device realizefn() impls can now pass in the errp they already
> have and get errors reported as fatal problems.
> 
> Signed-off-by: Daniel P. Berrange 
> ---
>  hw/core/loader.c| 40 +---
>  hw/display/cirrus_vga.c |  4 +++-
>  hw/display/vga-isa.c|  4 +++-
>  hw/i386/pc.c|  4 ++--
>  hw/i386/pc_sysfw.c  |  2 +-
>  hw/misc/sga.c   |  4 +++-
>  hw/pci/pci.c|  8 ++--
>  include/hw/loader.h | 16 +---
>  8 files changed, 52 insertions(+), 30 deletions(-)
> 
> diff --git a/hw/core/loader.c b/hw/core/loader.c
> index 8e8031c..010e442 100644
> --- a/hw/core/loader.c
> +++ b/hw/core/loader.c
> @@ -142,7 +142,7 @@ int load_image_targphys(const char *filename,
>  return -1;
>  }
>  if (size > 0) {
> -rom_add_file_fixed(filename, addr, -1);
> +rom_add_file_fixed(filename, addr, -1, NULL);
>  }

Why is this one ignoring the error?  Would _abort be better if we
know it can't fail?

>  return size;
>  }
> @@ -162,7 +162,7 @@ int load_image_mr(const char *filename, MemoryRegion *mr)
>  return -1;
>  }
>  if (size > 0) {
> -if (rom_add_file_mr(filename, mr, -1) < 0) {
> +if (rom_add_file_mr(filename, mr, -1, NULL) < 0) {
>  return -1;

This one still detects and passes on failure, but loses the error
message.  I guess that's okay, as long as this patch is incrementally
better somewhere else.


> @@ -847,8 +849,9 @@ int rom_add_file(const char *file, const char *fw_dir,
>  
>  fd = open(rom->path, O_RDONLY | O_BINARY);
>  if (fd == -1) {
> -fprintf(stderr, "Could not open option rom '%s': %s\n",
> -rom->path, strerror(errno));
> +error_setg_errno(errp, errno,
> + "Could not open option rom '%s'",
> + rom->path);

would error_setg_file_open() be any better here, for consistency?

> +++ b/hw/i386/pc.c
> @@ -1264,7 +1264,7 @@ void xen_load_linux(PCMachineState *pcms)
>  for (i = 0; i < nb_option_roms; i++) {
>  assert(!strcmp(option_rom[i].name, "linuxboot.bin") ||
> !strcmp(option_rom[i].name, "multiboot.bin"));
> -rom_add_option(option_rom[i].name, option_rom[i].bootindex);
> +rom_add_option(option_rom[i].name, option_rom[i].bootindex, NULL);

Another place that blindly ignores things; should we use _abort?

> +++ b/hw/i386/pc_sysfw.c
> @@ -199,7 +199,7 @@ static void old_pc_system_rom_init(MemoryRegion 
> *rom_memory, bool isapc_ram_fw)
>  if (!isapc_ram_fw) {
>  memory_region_set_readonly(bios, true);
>  }
> -ret = rom_add_file_fixed(bios_name, (uint32_t)(-bios_size), -1);
> +ret = rom_add_file_fixed(bios_name, (uint32_t)(-bios_size), -1, NULL);
>  if (ret != 0) {
>  bios_error:
>  fprintf(stderr, "qemu: could not load PC BIOS '%s'\n", bios_name);

This one makes sense - you are incrementally improving the interface,
and not all callers; this caller was already reporting errors and could
be cleaned up in a later commit to use  instead of fprintf().


-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH v5 13/14] qapi: Allow anonymous base for flat union

[Markus Armbruster]

Eric Blake  writes:

> Rather than requiring all flat unions to explicitly create
> a separate base struct, we can allow the qapi schema to specify
> the common members via an inline dictionary. This is similar to
> how commands can specify an inline anonymous type for its 'data'.
> We already have several struct types that only exist to serve as
> a single flat union's base; the next commit will clean them up
> (in particular, the doc change to the BlockdevOptions example in
> this patch will be reflected to QMP in the next).

The parenthesis is a bit cryptic.  "Reflected"?

> Now that anonymous bases are legal, we need to rework the
> flat-union-bad-base negative test (as previously written, it
> forms what is now valid QAPI; tweak it to now provide coverage
> of a new error message path), and add a positive test in
> qapi-schema-test to use an anonymous base (making the integer
> argument optional, for even more coverage).
>
> Note that this patch only allows anonymous bases for flat unions;
> simple unions are already enough syntactic sugar that we do not
> want to burden them further.  Meanwhile, while it would be easy
> to also allow an anonymous base for structs, that would be quite
> redundant, as the members can be put right into the struct
> instead.
>
> Signed-off-by: Eric Blake 

Patch looks good.

Re: [Qemu-devel] [PATCH v5 07/14] qapi: Utilize implicit struct visits

[Eric Blake]

On 03/10/2016 12:05 PM, Markus Armbruster wrote:
> Eric Blake  writes:
> 
>> Rather than generate inline per-member visits, take advantage
>> of the 'visit_type_FOO_members()' function for both event and
>> command marshalling.  This is possible now that implicit
>> structs can be visited like any other.
>>

>> Likewise, command marshalling generates call arguments from a
>> stack-allocated struct, rather than a list of local variables:
>>

>> |-goto out;
>> |-}
>> |+q_obj_add_fd_arg qapi = {0};
> 
> Let's calls this arg.

Sure.

> 
>> |+
>> |+v = qmp_input_get_visitor(qiv);
>> |+visit_type_q_obj_add_fd_arg_members(v, , );
>> |+if (err) {
>> |+goto out;
>> | }
>> |
>> |-retval = qmp_add_fd(has_fdset_id, fdset_id, has_opaque, opaque, );
>> |+retval = qmp_add_fd(qapi.has_fdset_id, qapi.fdset_id, qapi.has_opaque, 
>> qapi.opaque, );

and this line then gets a bit shorter.

>> +++ b/scripts/qapi-event.py
>> @@ -28,6 +28,30 @@ def gen_event_send_decl(name, arg_type):
>>   proto=gen_event_send_proto(name, arg_type))

>> @@ -50,6 +74,7 @@ def gen_event_send(name, arg_type):
>>  QmpOutputVisitor *qov;
>>  Visitor *v;
>>  ''')
>> +ret += gen_param_var(arg_type)
>>
>>  ret += mcgen('''
>>

This is why I moved the blank line in 6/14.  But I can rearrange things
as you requested.

I'm also wondering if this should be split into two patches (one for
qapi-visit, one for qapi-commands); when I first started writing it, I
thought there would be some code sharing between the two with edits to
qapi.py (see the v4 posting); but now they are distinct enough that two
commits is just as easy to do.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH v5 06/14] qapi-event: Slightly shrink generated code

[Eric Blake]

On 03/10/2016 11:50 AM, Markus Armbruster wrote:
> Eric Blake  writes:
> 
>> Slightly rearrange the code in gen_event_send() for less generated
>> output, by initializing 'emit' sooner, deferring an assertion
>> to qdict_put_obj, and dropping a now-unused 'obj' local variable.
>>
>> While at it, document a FIXME related to the potential for a
>> compiler naming collision - if the user ever creates a QAPI event
>> whose name matches 'errp' or one of our local variables (like
>> 'emit'), we'll have to revisit how we generate functions to
>> avoid the problem.
>>

> 
> We're not "deferring an assertion to qdict_put_obj()", we're dropping a
> dead one: qmp_output_get_qobject() never returns null.

Oh, good point; I can improve the commit message.

> 
> I figure the assertion dates back to the time when it still did.  Back
> then, getting null here meant we screwed up.
> 
> I just searched the code for similarly dead assertions.  Found one in
> qapi_clone_InputEvent(), and serveral more in test-qmp-output-visitor.c.

Speaking of that, I have a patch pending (but not yet posted) that adds
a clone visitor, so that we don't need qapi_clone_InputEvent() (it's
rather wasteful to convert into and back out of QObject when you can
just directly clone).

> 
> There's also an error return in qapi_copy_SocketAddress().  Useless?

And that's the other hand-rolled clone that also gets nuked by my patch.
 Some obvious copy-and-paste between the two.

> Should check for qnull instead?

Not necessary; we can't return qnull unless we visit nothing (or, when
my visit_type_null() lands, if we explicitly ask for it), but these
callers are visiting something that is not null.


>>  %(proto)s
>>  {
>>  QDict *qmp;
>>  Error *err = NULL;
>> -QMPEventFuncEmit emit;
>> +QMPEventFuncEmit emit = qmp_event_get_func_emit();
>>  ''',
>>  proto=gen_event_send_proto(name, arg_type))
>>
>> @@ -43,16 +49,13 @@ def gen_event_send(name, arg_type):
>>  ret += mcgen('''
>>  QmpOutputVisitor *qov;
>>  Visitor *v;
>> -QObject *obj;
>> -
> 
> Please keep the blank line here...
> 
>>  ''')
>>
>>  ret += mcgen('''
>> -emit = qmp_event_get_func_emit();
>> +
> 
> ... instead of adding it here.

Except that the next patch added one more declaration after Visitor *v,
but not in direct text, where keeping the blank line unmoved would
require splitting the mcgen() call into two parts.  Or I could do ret +=
'\n'.

> 
>>  if (!emit) {
>>  return;
>>  }
>> -
> 
> Let's keep this one.

Okay.

> 
>>  qmp = qmp_event_build_dict("%(name)s");
>>
>>  ''',
>> @@ -76,11 +79,7 @@ out_obj:
>>  if (err) {
>>  goto out;
>>  }
>> -
>> -obj = qmp_output_get_qobject(qov);
>> -g_assert(obj);
>> -
>> -qdict_put_obj(qmp, "data", obj);
>> +qdict_put_obj(qmp, "data", qmp_output_get_qobject(qov));
>>  ''')
>>
>>  ret += mcgen('''
> 
> Small improvements are welcome, too :)
> 

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] [PATCH v3 09/12] FIFO: Add a FIFO32 implementation

[Jean-Christophe DUBOIS]

Le 10/03/2016 11:25, Peter Maydell a écrit :

On 2 March 2016 at 05:27, Jean-Christophe Dubois  wrote:

This one is build on top of the existing FIFO8

Signed-off-by: Jean-Christophe Dubois 
---

Changes since v1:
  * None

Changes since v2:
  * Added copyright
  * define Fifo32 as a struct containing Fifo8
  * remove fifo32_pop_buf()

  include/qemu/fifo32.h | 186 ++
  1 file changed, 186 insertions(+)
  create mode 100644 include/qemu/fifo32.h

diff --git a/include/qemu/fifo32.h b/include/qemu/fifo32.h
new file mode 100644
index 000..f1b9ecf
--- /dev/null
+++ b/include/qemu/fifo32.h
@@ -0,0 +1,186 @@
+/*
+ * Generic FIFO32 component, based on FIFO8.
+ *
+ * Copyright (c) 2016 Jean-Christophe Dubois
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version
+ * 2 of the License, or (at your option) any later version.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+
+#ifndef FIFO32_H
+#define FIFO32_H
+
+#include "qemu/osdep.h"
+#include "qemu/fifo8.h"
+
+typedef struct {
+Fifo8 fifo;
+} Fifo32;
+
+/**
+ * fifo32_create:
+ * @fifo: struct Fifo32 to initialise with new FIFO
+ * @capacity: capacity of the newly created FIFO expressed in 32 bits words

"32 bits word" should be "32 bit word" throughout.

There should be a comment somewhere noting that there is no
fifo32_pop_buf() because the data is not stored in the buffer
as a set of native-order words.


OK



Otherwise
Reviewed-by: Peter Maydell 

thanks
-- PMM

Re: [Qemu-devel] [PATCH v3 10/12] i.MX: Add the Freescale SPI Controller

[Jean-Christophe DUBOIS]

Le 10/03/2016 11:31, Peter Maydell a écrit :

On 2 March 2016 at 05:27, Jean-Christophe Dubois  wrote:

Signed-off-by: Jean-Christophe Dubois 
---

+
+static void imx_spi_reset(DeviceState *dev)
+{
+IMXSPIState *s = IMX_SPI(dev);
+int i;
+
+DPRINTF("\n");
+
+memset(s->regs, 0, sizeof(s->regs));
+
+s->regs[ECSPI_STATREG] = 0x0003;
+
+imx_spi_rxfifo_reset(s);
+imx_spi_txfifo_reset(s);
+
+imx_spi_update_irq(s);
+
+s->burst_length = 0;
+
+for (i = 0; i < 4; i++) {
+qemu_set_irq(s->cs_lines[i], 0);
+}

Calling qemu_set_irq() from a reset function is generally
a bad idea.


Could I assume that all irq lines are set automatically to 0 on reset?




+}

Otherwise
Reviewed-by: Peter Maydell 

thanks
-- PMM

Re: [Qemu-devel] [PATCH v3 12/12] i.MX: Add sabrelite i.MX6 emulation.

[Jean-Christophe DUBOIS]

Le 10/03/2016 11:38, Peter Maydell a écrit :

On 2 March 2016 at 05:27, Jean-Christophe Dubois  wrote:

The sabrelite supports one SPI FLASH memory on SPI1

Signed-off-by: Jean-Christophe Dubois 
---

+
+{
+/* Add the sst25vf016b NOR FLASH memory to first SPI */
+Object *spi_dev;
+
+spi_dev = object_resolve_path_component(OBJECT(>soc), "spi1");
+if (spi_dev) {
+SSIBus *spi_bus;
+
+spi_bus = (SSIBus *)qdev_get_child_bus(DEVICE(spi_dev), "spi");

This looks odd. You should just be able to do
  spi_bus = (SSIBus *)qdev_get_child_bus(DEVICE(>soc), "spi1");
without using object_resolve_path_component() to try to find an
SPI device object, because your SoC device should have alias properties
which provide access to its SPI subcomponents' SPI buses.
See hw/arm/xlnx-ep108.c for an example of the board code for this and
hw/arm/xlnx-zynqmp.c for the SoC code which calls
object_property_add_alias() to set up the aliases.


I certainly could do as you proposed.

The problem is that I also need the spi_dev device for the 
sysbus_connect_irq() call below.


My spi_dev is referenced as "spi1" in the i.MX6 doc and I added a 'spi1" 
property for it in the i.MX6 soc.


Once I have the spi_dev device it is trivial to retrieve the spi_bus 
attached to it.


So, yes this is not in line with what is done in xlnx-zynqmp.c but the 
need is a bit different.


JC




+if (spi_bus) {
+DeviceState *flash_dev;
+
+flash_dev = ssi_create_slave(spi_bus, "sst25vf016b");
+if (flash_dev) {
+qemu_irq cs_line = qdev_get_gpio_in_named(flash_dev,
+  SSI_GPIO_CS, 0);
+sysbus_connect_irq(SYS_BUS_DEVICE(spi_dev), 1, cs_line);
+}
+}
+}
+}

thanks
-- PMM

[Qemu-devel] [PATCH v3 06/10] acl: delete existing ACL implementation

[Daniel P. Berrange]

The 'qemu_acl' type was a previous non-QOM based attempt to
provide an authorization facility in QEMU. Because it is
non-QOM based it cannot be created via the command line and
requires special monitor commands to manipulate it.

The new QAuthZ and QAuthZSimple QOM classes provide a superset
of the functionality in qemu_acl, so the latter can now be
deleted. The HMP 'acl_*' monitor commands are converted to
use the new QAuthZSimple data type instead in order to provide
backwards compatibility, but their use is discouraged.

Signed-off-by: Daniel P. Berrange 
---
 Makefile   |   6 +-
 crypto/tlssession.c|  28 --
 include/qemu/acl.h |  74 
 monitor.c  | 161 ++-
 tests/Makefile |   2 +-
 tests/test-crypto-tlssession.c |  13 +--
 tests/test-io-channel-tls.c|  14 +--
 ui/vnc-auth-sasl.c |   2 +-
 ui/vnc-auth-sasl.h |   4 +-
 ui/vnc.c   |  11 ++-
 util/Makefile.objs |   1 -
 util/acl.c | 188 -
 12 files changed, 156 insertions(+), 348 deletions(-)
 delete mode 100644 include/qemu/acl.h
 delete mode 100644 util/acl.c

diff --git a/Makefile b/Makefile
index 60ad13e..8f7ffd3 100644
--- a/Makefile
+++ b/Makefile
@@ -235,9 +235,9 @@ util/module.o-cflags = 
-D'CONFIG_BLOCK_MODULES=$(block-modules)'
 
 qemu-img.o: qemu-img-cmds.h
 
-qemu-img$(EXESUF): qemu-img.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) 
$(qom-obj-y) libqemuutil.a libqemustub.a
-qemu-nbd$(EXESUF): qemu-nbd.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) 
$(qom-obj-y) libqemuutil.a libqemustub.a
-qemu-io$(EXESUF): qemu-io.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) 
$(qom-obj-y) libqemuutil.a libqemustub.a
+qemu-img$(EXESUF): qemu-img.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) 
$(qom-obj-y) $(util-qom-obj-y) libqemuutil.a libqemustub.a
+qemu-nbd$(EXESUF): qemu-nbd.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) 
$(qom-obj-y) $(util-qom-obj-y) libqemuutil.a libqemustub.a
+qemu-io$(EXESUF): qemu-io.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) 
$(qom-obj-y) $(util-qom-obj-y) libqemuutil.a libqemustub.a
 
 qemu-bridge-helper$(EXESUF): qemu-bridge-helper.o
 
diff --git a/crypto/tlssession.c b/crypto/tlssession.c
index e0d9658..26e8097 100644
--- a/crypto/tlssession.c
+++ b/crypto/tlssession.c
@@ -22,7 +22,7 @@
 #include "crypto/tlssession.h"
 #include "crypto/tlscredsanon.h"
 #include "crypto/tlscredsx509.h"
-#include "qemu/acl.h"
+#include "qemu/authz.h"
 #include "trace.h"
 
 #ifdef CONFIG_GNUTLS
@@ -207,6 +207,7 @@ qcrypto_tls_session_check_certificate(QCryptoTLSSession 
*session,
 unsigned int nCerts, i;
 time_t now;
 gnutls_x509_crt_t cert = NULL;
+Error *err = NULL;
 
 now = time(NULL);
 if (now == ((time_t)-1)) {
@@ -295,16 +296,33 @@ qcrypto_tls_session_check_certificate(QCryptoTLSSession 
*session,
 goto error;
 }
 if (session->aclname) {
-qemu_acl *acl = qemu_acl_find(session->aclname);
-int allow;
-if (!acl) {
+QAuthZ *acl;
+Object *obj;
+Object *container;
+bool allow;
+
+container = object_get_objects_root();
+obj = object_resolve_path_component(container,
+session->aclname);
+if (!obj) {
 error_setg(errp, "Cannot find ACL %s",
session->aclname);
 goto error;
 }
 
-allow = qemu_acl_party_is_allowed(acl, session->peername);
+if (!object_dynamic_cast(obj, TYPE_QAUTHZ)) {
+error_setg(errp, "Object '%s' is not a QAuthZ subclass",
+   session->aclname);
+goto error;
+}
 
+acl = QAUTHZ(obj);
+
+allow = qauthz_is_allowed(acl, session->peername, );
+if (err) {
+error_propagate(errp, err);
+goto error;
+}
 if (!allow) {
 error_setg(errp, "TLS x509 ACL check for %s is denied",
session->peername);
diff --git a/include/qemu/acl.h b/include/qemu/acl.h
deleted file mode 100644
index 116487e..000
--- a/include/qemu/acl.h
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * QEMU access control list management
- *
- * Copyright (C) 2009 Red Hat, Inc
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to 
deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or 

Re: [Qemu-devel] [PATCH v5 07/14] qapi: Utilize implicit struct visits

[Markus Armbruster]

Eric Blake  writes:

> Rather than generate inline per-member visits, take advantage
> of the 'visit_type_FOO_members()' function for both event and
> command marshalling.  This is possible now that implicit
> structs can be visited like any other.
>
> Generated code shrinks accordingly; events initialize a struct
> based on parameters, through a new gen_param_var() helper, like:
>
> |@@ -338,6 +250,9 @@ void qapi_event_send_block_job_error(con
> | QMPEventFuncEmit emit = qmp_event_get_func_emit();
> | QmpOutputVisitor *qov;
> | Visitor *v;
> |+q_obj_BLOCK_JOB_ERROR_arg param = {
> |+(char *)device, operation, action
> |+};
> |
> | if (!emit) {
> | return;
> @@ -351,19 +266,7 @@ void qapi_event_send_block_job_error(con
> | if (err) {
> | goto out;
> | }
> |-visit_type_str(v, "device", (char **), );
> |-if (err) {
> |-goto out_obj;
> |-}
> |-visit_type_IoOperationType(v, "operation", , );
> |-if (err) {
> |-goto out_obj;
> |-}
> |-visit_type_BlockErrorAction(v, "action", , );
> |-if (err) {
> |-goto out_obj;
> |-}
> |-out_obj:
> |+visit_type_q_obj_BLOCK_JOB_ERROR_arg_members(v, , );
> | visit_end_struct(v, err ? NULL : );
>
> Notice that the initialization of 'param' has to cast away const
> (just as the old gen_visit_members() had to do): we can't change
> the signature of the user function (which uses 'const char *'), but
> have to assign it to a non-const QAPI object (which requires
> 'char *').
>
> Likewise, command marshalling generates call arguments from a
> stack-allocated struct, rather than a list of local variables:
>
> |@@ -57,26 +57,15 @@ void qmp_marshal_add_fd(QDict *args, QOb
> | QmpInputVisitor *qiv = qmp_input_visitor_new_strict(QOBJECT(args));
> | QapiDeallocVisitor *qdv;
> | Visitor *v;
> |-bool has_fdset_id = false;
> |-int64_t fdset_id = 0;
> |-bool has_opaque = false;
> |-char *opaque = NULL;
> |-
> |-v = qmp_input_get_visitor(qiv);
> |-if (visit_optional(v, "fdset-id", _fdset_id)) {
> |-visit_type_int(v, "fdset-id", _id, );
> |-if (err) {
> |-goto out;
> |-}
> |-}
> |-if (visit_optional(v, "opaque", _opaque)) {
> |-visit_type_str(v, "opaque", , );
> |-if (err) {
> |-goto out;
> |-}
> |+q_obj_add_fd_arg qapi = {0};

Let's calls this arg.

> |+
> |+v = qmp_input_get_visitor(qiv);
> |+visit_type_q_obj_add_fd_arg_members(v, , );
> |+if (err) {
> |+goto out;
> | }
> |
> |-retval = qmp_add_fd(has_fdset_id, fdset_id, has_opaque, opaque, );
> |+retval = qmp_add_fd(qapi.has_fdset_id, qapi.fdset_id, qapi.has_opaque, 
> qapi.opaque, );
> | if (err) {
> | goto out;
> | }
> |@@ -88,12 +77,7 @@ out:
> | qmp_input_visitor_cleanup(qiv);
> | qdv = qapi_dealloc_visitor_new();
> | v = qapi_dealloc_get_visitor(qdv);
> |-if (visit_optional(v, "fdset-id", _fdset_id)) {
> |-visit_type_int(v, "fdset-id", _id, NULL);
> |-}
> |-if (visit_optional(v, "opaque", _opaque)) {
> |-visit_type_str(v, "opaque", , NULL);
> |-}
> |+visit_type_q_obj_add_fd_arg_members(v, , NULL);
> | qapi_dealloc_visitor_cleanup(qdv);
> | }
>
> For the marshaller, it has the nice side effect of eliminating a
> chance of collision between argument QMP names and local variables.
>
> This patch also paves the way for some followup simplifications
> in the generator, in subsequent patches.
>
> Signed-off-by: Eric Blake 
>
> ---
> v5: move qapi.py:gen_struct_init() to qapi-event.py:gen_param_var(),
> improve commit message
> v4: new patch
> ---
>  scripts/qapi-commands.py | 28 
>  scripts/qapi-event.py| 40 +++-
>  2 files changed, 43 insertions(+), 25 deletions(-)
>
> diff --git a/scripts/qapi-commands.py b/scripts/qapi-commands.py
> index 3784f33..5ffc381 100644
> --- a/scripts/qapi-commands.py
> +++ b/scripts/qapi-commands.py
> @@ -33,8 +33,8 @@ def gen_call(name, arg_type, ret_type):
>  assert not arg_type.variants
>  for memb in arg_type.members:
>  if memb.optional:
> -argstr += 'has_%s, ' % c_name(memb.name)
> -argstr += '%s, ' % c_name(memb.name)
> +argstr += 'qapi.has_%s, ' % c_name(memb.name)
> +argstr += 'qapi.%s, ' % c_name(memb.name)
>
>  lhs = ''
>  if ret_type:
> @@ -71,21 +71,10 @@ def gen_marshal_vars(arg_type, ret_type):
>  QmpInputVisitor *qiv = qmp_input_visitor_new_strict(QOBJECT(args));
>  QapiDeallocVisitor *qdv;
>  Visitor *v;
> -''')
> +%(c_name)s qapi = {0};
>
> -for memb in arg_type.members:
> -if memb.optional:
> -ret += mcgen('''
> -bool has_%(c_name)s = false;
>  ''',
> - c_name=c_name(memb.name))
> 

[Qemu-devel] [PATCH v3 08/10] nbd: allow an ACL to be set with nbd-server-start QMP command

[Daniel P. Berrange]

As with the previous patch to qemu-nbd, the nbd-server-start
QMP command also needs to be able to specify an ACL when
enabling TLS encryption.

First the client must create a QAuthZ object instance using
the 'object-add' command:

   {
 'execute': 'object-add',
 'arguments': {
   'qom-type': 'authz-simple',
   'id': 'tls0',
   'parameters': {
 'policy': 'deny',
 'rules': [
   {
 'match': '*CN=fred',
 'policy': 'allow'
   }
 ]
   }
 }
   }

They can then reference this in the new 'tls-acl' parameter
when executing the 'nbd-server-start' command.

   {
 'execute': 'nbd-server-start',
 'arguments': {
   'addr': {
   'type': 'inet',
   'host': '127.0.0.1',
   'port': '9000'
   },
   'tls-creds': 'tls0',
   'tls-acl': 'tlsacl0'
 }
   }

Signed-off-by: Daniel P. Berrange 
---
 blockdev-nbd.c  | 10 +-
 hmp.c   |  2 +-
 qapi/block.json |  4 +++-
 qmp-commands.hx |  2 +-
 4 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/blockdev-nbd.c b/blockdev-nbd.c
index 12cae0e..ae5335e 100644
--- a/blockdev-nbd.c
+++ b/blockdev-nbd.c
@@ -24,6 +24,7 @@ typedef struct NBDServerData {
 QIOChannelSocket *listen_ioc;
 int watch;
 QCryptoTLSCreds *tlscreds;
+char *tlsacl;
 } NBDServerData;
 
 static NBDServerData *nbd_server;
@@ -45,7 +46,8 @@ static gboolean nbd_accept(QIOChannel *ioc, GIOCondition 
condition,
 }
 
 nbd_client_new(NULL, cioc,
-   nbd_server->tlscreds, NULL,
+   nbd_server->tlscreds,
+   nbd_server->tlsacl,
nbd_client_put);
 object_unref(OBJECT(cioc));
 return TRUE;
@@ -65,6 +67,7 @@ static void nbd_server_free(NBDServerData *server)
 if (server->tlscreds) {
 object_unref(OBJECT(server->tlscreds));
 }
+g_free(server->tlsacl);
 
 g_free(server);
 }
@@ -101,6 +104,7 @@ static QCryptoTLSCreds *nbd_get_tls_creds(const char *id, 
Error **errp)
 
 void qmp_nbd_server_start(SocketAddress *addr,
   bool has_tls_creds, const char *tls_creds,
+  bool has_tls_acl, const char *tls_acl,
   Error **errp)
 {
 if (nbd_server) {
@@ -128,6 +132,10 @@ void qmp_nbd_server_start(SocketAddress *addr,
 }
 }
 
+if (has_tls_acl) {
+nbd_server->tlsacl = g_strdup(tls_acl);
+}
+
 nbd_server->watch = qio_channel_add_watch(
 QIO_CHANNEL(nbd_server->listen_ioc),
 G_IO_IN,
diff --git a/hmp.c b/hmp.c
index 7a98726..20703fd 100644
--- a/hmp.c
+++ b/hmp.c
@@ -1802,7 +1802,7 @@ void hmp_nbd_server_start(Monitor *mon, const QDict 
*qdict)
 goto exit;
 }
 
-qmp_nbd_server_start(addr, false, NULL, _err);
+qmp_nbd_server_start(addr, false, NULL, false, NULL, _err);
 qapi_free_SocketAddress(addr);
 if (local_err != NULL) {
 goto exit;
diff --git a/qapi/block.json b/qapi/block.json
index 58e6b30..6b209e1 100644
--- a/qapi/block.json
+++ b/qapi/block.json
@@ -147,6 +147,7 @@
 #
 # @addr: Address on which to listen.
 # @tls-creds: (optional) ID of the TLS credentials object. Since 2.6
+# @tls-acl: (optional) ID of the QAuthZ authorization object. Since 2.6
 #
 # Returns: error if the server is already running.
 #
@@ -154,7 +155,8 @@
 ##
 { 'command': 'nbd-server-start',
   'data': { 'addr': 'SocketAddress',
-'*tls-creds': 'str'} }
+'*tls-creds': 'str',
+'*tls-acl': 'str'} }
 
 ##
 # @nbd-server-add:
diff --git a/qmp-commands.hx b/qmp-commands.hx
index b629673..7a3fa26 100644
--- a/qmp-commands.hx
+++ b/qmp-commands.hx
@@ -3859,7 +3859,7 @@ EQMP
 
 {
 .name   = "nbd-server-start",
-.args_type  = "addr:q,tls-creds:s?",
+.args_type  = "addr:q,tls-creds:s?,tls-acl:s?",
 .mhandler.cmd_new = qmp_marshal_nbd_server_start,
 },
 {
-- 
2.5.0

[Qemu-devel] [PATCH v3 09/10] chardev: add support for ACLs for TLS clients

[Daniel P. Berrange]

Currently any client which can complete the TLS handshake
is able to use a chardev server. The server admin can turn
on the 'verify-peer' option for the x509 creds to require
the client to provide a x509 certificate. This means the
client will have to acquire a certificate from the CA before
they are permitted to use the chardev server. This is still
a fairly weak bar.

This adds a 'tls-acl=ACL-ID' option to the socket chardev
backend which takes the ID of a previously added 'QAuthZ'
object instance. This ACL will be used to validate the client's
x509 distinguished name. Clients failing the ACL will not be
permitted to use the chardev server.

For example to setup an ACL that only allows connection from
a client whose x509 certificate distinguished name contains
'CN=fred', you would use:

  $QEMU -object tls-creds-x509,id=tls0,dir=/home/berrange/qemutls,\
endpoint=server,verify-peer=yes \
-object authz-simple,id=acl0,policy=deny,\
rules.0.match=*CN=fred,rules.0.policy=allow \
-chardev socket,host=127.0.0.1,port=9000,server,\
 tls-creds=tls0,tls-acl=acl0 \
...other qemud args...

Signed-off-by: Daniel P. Berrange 
---
 qapi-schema.json |  2 ++
 qemu-char.c  | 11 ++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/qapi-schema.json b/qapi-schema.json
index b6769de..a6a7205 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -3202,6 +3202,7 @@
 # @addr: socket address to listen on (server=true)
 #or connect to (server=false)
 # @tls-creds: #optional the ID of the TLS credentials object (since 2.6)
+# @tls-acl: #optional the ID of the QAuthZ authorization object (since 2.6)
 # @server: #optional create server socket (default: true)
 # @wait: #optional wait for incoming connection on server
 #sockets (default: false).
@@ -3217,6 +3218,7 @@
 ##
 { 'struct': 'ChardevSocket', 'data': { 'addr'   : 'SocketAddress',
  '*tls-creds'  : 'str',
+ '*tls-acl': 'str',
  '*server': 'bool',
  '*wait'  : 'bool',
  '*nodelay'   : 'bool',
diff --git a/qemu-char.c b/qemu-char.c
index e0147f3..9533e7e 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -2533,6 +2533,7 @@ typedef struct {
 QIOChannelSocket *listen_ioc;
 guint listen_tag;
 QCryptoTLSCreds *tls_creds;
+char *tls_acl;
 int connected;
 int max_size;
 int do_telnetopt;
@@ -2963,7 +2964,7 @@ static void tcp_chr_tls_init(CharDriverState *chr)
 if (s->is_listen) {
 tioc = qio_channel_tls_new_server(
 s->ioc, s->tls_creds,
-NULL, /* XXX Use an ACL */
+s->tls_acl,
 );
 } else {
 tioc = qio_channel_tls_new_client(
@@ -3084,6 +3085,7 @@ static void tcp_chr_close(CharDriverState *chr)
 if (s->tls_creds) {
 object_unref(OBJECT(s->tls_creds));
 }
+g_free(s->tls_acl);
 if (s->write_msgfds_num) {
 g_free(s->write_msgfds);
 }
@@ -3623,6 +3625,7 @@ static void qemu_chr_parse_socket(QemuOpts *opts, 
ChardevBackend *backend,
 const char *host = qemu_opt_get(opts, "host");
 const char *port = qemu_opt_get(opts, "port");
 const char *tls_creds = qemu_opt_get(opts, "tls-creds");
+const char *tls_acl = qemu_opt_get(opts, "tls-acl");
 SocketAddress *addr;
 ChardevSocket *sock;
 
@@ -3656,6 +3659,7 @@ static void qemu_chr_parse_socket(QemuOpts *opts, 
ChardevBackend *backend,
 sock->has_reconnect = true;
 sock->reconnect = reconnect;
 sock->tls_creds = g_strdup(tls_creds);
+sock->tls_acl = g_strdup(tls_acl);
 
 addr = g_new0(SocketAddress, 1);
 if (path) {
@@ -4094,6 +4098,9 @@ QemuOptsList qemu_chardev_opts = {
 .name = "tls-creds",
 .type = QEMU_OPT_STRING,
 },{
+.name = "tls-acl",
+.type = QEMU_OPT_STRING,
+},{
 .name = "width",
 .type = QEMU_OPT_NUMBER,
 },{
@@ -4341,6 +4348,7 @@ static CharDriverState *qmp_chardev_open_socket(const 
char *id,
 }
 }
 }
+s->tls_acl = g_strdup(sock->tls_acl);
 
 qapi_copy_SocketAddress(>addr, sock->addr);
 
@@ -4386,6 +4394,7 @@ static CharDriverState *qmp_chardev_open_socket(const 
char *id,
 if (s->tls_creds) {
 object_unref(OBJECT(s->tls_creds));
 }
+g_free(s->tls_acl);
 g_free(s);
 qemu_chr_free_common(chr);
 return NULL;
-- 
2.5.0

[Qemu-devel] [PATCH v3 10/10] vnc: allow specifying a custom ACL object name

[Daniel P. Berrange]

The VNC server has historically had support for ACLs to check
both the SASL username and the TLS x509 distinguished name.
The VNC server was responsible for creating the initial ACL,
and the client app was then responsible for populating it with
rules using the HMP 'acl_add' command.

This is not satisfactory for a variety of reasons. There is
no way to populate the ACLs from the command line, users are
forced to use the HMP. With multiple network services all
supporting TLS and ACLs now, it is desirable to be able to
define a single ACL that is referenced by all services.

To address these limitations, two new options are added to the
VNC server CLI. The 'tls-acl' option takes the ID of a QAuthZ
object to use for checking TLS x509 distinguished names, and
the 'sasl-acl' option takes the ID of another object to use for
checking SASL usernames.

In this example, we setup two ACLs. The first allows any client
with a certificate issued by the 'RedHat' organization in the
'London' locality. The second ACL allows clients with either
the 'j...@redhat.com' or  'f...@redhat.com' kerberos usernames.
Both ACLs must pass for the user to be allowed.

$QEMU -object tls-creds-x509,id=tls0,dir=/home/berrange/qemutls,\
  endpoint=server,verify-peer=yes \
  -object authz-simple,id=acl0,policy=deny,\
  rules.0.match=O=RedHat,,L=London,rules.0.policy=allow \
  -object authz-simple,id=acl0,policy=deny,\
  rules.0.match=f...@redhat.com,rules.0.policy=allow \
  rules.0.match=j...@redhat.com,rules.0.policy=allow \
  -vnc 0.0.0.0:1,tls-creds=tls0,tls-acl=tlsacl0,
   sasl,sasl-acl=saslacl0 \
  ...other QEMU args...

Signed-off-by: Daniel P. Berrange 
---
 ui/vnc.c | 73 
 1 file changed, 60 insertions(+), 13 deletions(-)

diff --git a/ui/vnc.c b/ui/vnc.c
index 324512d..7090f0b 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3261,6 +3261,12 @@ static QemuOptsList qemu_vnc_opts = {
 .name = "acl",
 .type = QEMU_OPT_BOOL,
 },{
+.name = "tls-acl",
+.type = QEMU_OPT_STRING,
+},{
+.name = "sasl-acl",
+.type = QEMU_OPT_STRING,
+},{
 .name = "lossy",
 .type = QEMU_OPT_BOOL,
 },{
@@ -3483,6 +3489,10 @@ void vnc_display_open(const char *id, Error **errp)
 int saslErr;
 #endif
 int acl = 0;
+const char *tlsacl;
+#ifdef CONFIG_VNC_SASL
+const char *saslacl;
+#endif
 int lock_key_sync = 1;
 
 if (!vs) {
@@ -3670,6 +3680,21 @@ void vnc_display_open(const char *id, Error **errp)
 }
 }
 acl = qemu_opt_get_bool(opts, "acl", false);
+tlsacl = qemu_opt_get(opts, "tls-acl");
+if (acl && tlsacl) {
+error_setg(errp, "'acl' option is mutually exclusive with the "
+   "'tls-acl' options");
+goto fail;
+}
+
+#ifdef CONFIG_VNC_SASL
+saslacl = qemu_opt_get(opts, "sasl-acl");
+if (acl && saslacl) {
+error_setg(errp, "'acl' option is mutually exclusive with the "
+   "'sasl-acl' options");
+goto fail;
+}
+#endif
 
 share = qemu_opt_get(opts, "share");
 if (share) {
@@ -3699,7 +3724,9 @@ void vnc_display_open(const char *id, Error **errp)
 vs->non_adaptive = true;
 }
 
-if (acl) {
+if (tlsacl) {
+vs->tlsaclname = g_strdup(tlsacl);
+} else if (acl) {
 if (strcmp(vs->id, "default") == 0) {
 vs->tlsaclname = g_strdup("vnc.x509dname");
 } else {
@@ -3710,19 +3737,39 @@ void vnc_display_open(const char *id, Error **errp)
   _abort);
 }
 #ifdef CONFIG_VNC_SASL
-if (acl && sasl) {
-char *aclname;
+if (sasl) {
+if (saslacl) {
+Object *container, *acl;
+container = object_get_objects_root();
+acl = object_resolve_path_component(container, saslacl);
+if (!acl) {
+error_setg(errp, "Cannot find ACL %s", saslacl);
+goto fail;
+}
 
-if (strcmp(vs->id, "default") == 0) {
-aclname = g_strdup("vnc.username");
-} else {
-aclname = g_strdup_printf("vnc.%s.username", vs->id);
-}
-vs->sasl.acl =
-QAUTHZ(qauthz_simple_new(aclname,
- QAUTHZ_SIMPLE_POLICY_DENY,
- _abort));
-g_free(aclname);
+if (!object_dynamic_cast(acl, TYPE_QAUTHZ)) {
+error_setg(errp, "Object '%s' is not a QAuthZ subclass",
+   saslacl);
+goto fail;
+}
+vs->sasl.acl = QAUTHZ(acl);
+} else if (acl) {
+char *aclname;
+
+if (strcmp(vs->id, "default") == 0) {
+aclname = 

[Qemu-devel] [PATCH v3 04/10] util: add QAuthZ object as an authorization base class

[Daniel P. Berrange]

The current qemu_acl module provides a simple access control
list facility inside QEMU, which is used via a set of monitor
commands acl_show, acl_policy, acl_add, acl_remove & acl_reset.

Note there is no ability to create ACLs - the network services
(eg VNC server) were expected to create ACLs that they want to
check.

There is also no way to define ACLs on the command line, nor
potentially integrate with external authorization systems like
polkit, pam, ldap lookup, etc.

The QAuthZ object defines a minimal abstract QOM class that can
be subclassed for creating different authorization providers.

Signed-off-by: Daniel P. Berrange 
---
 MAINTAINERS  |  7 +
 Makefile |  1 +
 Makefile.objs|  2 ++
 Makefile.target  |  2 ++
 include/qemu/authz.h | 81 
 util/Makefile.objs   |  2 ++
 util/authz.c | 46 +
 7 files changed, 141 insertions(+)
 create mode 100644 include/qemu/authz.h
 create mode 100644 util/authz.c

diff --git a/MAINTAINERS b/MAINTAINERS
index dc0aa54..73bc431 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1301,6 +1301,13 @@ F: include/qemu/throttle.h
 F: util/throttle.c
 L: qemu-bl...@nongnu.org
 
+Authorization
+M: Daniel P. Berrange 
+S: Maintained
+F: util/authz*
+F: include/qemu/authz*
+F: tests/test-authz-*
+
 Usermode Emulation
 --
 Overall
diff --git a/Makefile b/Makefile
index 70e3ebc..903dc35 100644
--- a/Makefile
+++ b/Makefile
@@ -150,6 +150,7 @@ endif
 dummy := $(call unnest-vars,, \
 stub-obj-y \
 util-obj-y \
+util-qom-obj-y \
 qga-obj-y \
 ivshmem-client-obj-y \
 ivshmem-server-obj-y \
diff --git a/Makefile.objs b/Makefile.objs
index fbcaa74..8bc9a77 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -4,6 +4,8 @@ stub-obj-y = stubs/
 util-obj-y = util/ qobject/ qapi/
 util-obj-y += qmp-introspect.o qapi-types.o qapi-visit.o qapi-event.o
 
+util-qom-obj-y += util/
+
 ###
 # block-obj-y is code used by both qemu system emulation and qemu-img
 
diff --git a/Makefile.target b/Makefile.target
index 34ddb7e..9728f86 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -171,6 +171,7 @@ include $(SRC_PATH)/Makefile.objs
 dummy := $(call unnest-vars,,target-obj-y)
 target-obj-y-save := $(target-obj-y)
 dummy := $(call unnest-vars,.., \
+   util-qom-obj-y \
block-obj-y \
block-obj-m \
crypto-obj-y \
@@ -183,6 +184,7 @@ target-obj-y := $(target-obj-y-save)
 all-obj-y += $(common-obj-y)
 all-obj-y += $(target-obj-y)
 all-obj-y += $(qom-obj-y)
+all-obj-y += $(util-qom-obj-y)
 all-obj-$(CONFIG_SOFTMMU) += $(block-obj-y)
 all-obj-$(CONFIG_USER_ONLY) += $(crypto-aes-obj-y)
 all-obj-$(CONFIG_SOFTMMU) += $(crypto-obj-y)
diff --git a/include/qemu/authz.h b/include/qemu/authz.h
new file mode 100644
index 000..89fa6da
--- /dev/null
+++ b/include/qemu/authz.h
@@ -0,0 +1,81 @@
+/*
+ * QEMU authorization framework
+ *
+ * Copyright (c) 2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see .
+ *
+ */
+
+#ifndef QAUTHZ_H__
+#define QAUTHZ_H__
+
+#include "qemu-common.h"
+#include "qapi/error.h"
+#include "qom/object.h"
+
+
+#define TYPE_QAUTHZ "authz"
+
+#define QAUTHZ_CLASS(klass) \
+ OBJECT_CLASS_CHECK(QAuthZClass, (klass), \
+TYPE_QAUTHZ)
+#define QAUTHZ_GET_CLASS(obj) \
+ OBJECT_GET_CLASS(QAuthZClass, (obj), \
+  TYPE_QAUTHZ)
+#define QAUTHZ(obj) \
+ INTERFACE_CHECK(QAuthZ, (obj), \
+ TYPE_QAUTHZ)
+
+typedef struct QAuthZ QAuthZ;
+typedef struct QAuthZClass QAuthZClass;
+
+/**
+ * QAuthZ:
+ *
+ * The QAuthZ class defines an API contract to be used
+ * for providing an authorization driver for network
+ * services.
+ */
+
+struct QAuthZ {
+Object parent_obj;
+};
+
+
+struct QAuthZClass {
+ObjectClass parent_class;
+
+bool (*is_allowed)(QAuthZ *authz,
+   const char *identity,
+   Error **errp);
+};
+
+
+/**
+ * qauthz_is_allowed:
+ * @authz: the authorization object
+ * @identity: the user identity to authorize
+ * @errp: pointer to a NULL 

[Qemu-devel] [PATCH v3 07/10] qemu-nbd: add support for ACLs for TLS clients

[Daniel P. Berrange]

Currently any client which can complete the TLS handshake
is able to use the NBD server. The server admin can turn
on the 'verify-peer' option for the x509 creds to require
the client to provide a x509 certificate. This means the
client will have to acquire a certificate from the CA before
they are permitted to use the NBD server. This is still a
fairly weak bar.

This adds a '--tls-acl ACL-ID' option to the qemu-nbd command
which takes the ID of a previously added 'QAuthZ' object
instance. This ACL will be used to validate the client's
x509 distinguished name. Clients failing the ACL will not be
permitted to use the NBD server.

For example to setup an ACL that only allows connection from
a client whose x509 certificate distinguished name contains
'CN=fred', you would use:

  qemu-nbd -object tls-creds-x509,id=tls0,dir=/home/berrange/qemutls,\
   endpoint=server,verify-peer=yes \
   -object authz-simple,id=acl0,policy=deny,\
   rules.0.match=*CN=fred,rules.0.policy=allow \
   -tls-creds tls0 \
   -tls-acl acl0
   other qemu-nbd args...

Signed-off-by: Daniel P. Berrange 
---
 qemu-nbd.c| 13 -
 qemu-nbd.texi |  4 
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/qemu-nbd.c b/qemu-nbd.c
index a5c1d95..d70960f 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -42,6 +42,7 @@
 #define QEMU_NBD_OPT_OBJECT260
 #define QEMU_NBD_OPT_TLSCREDS  261
 #define QEMU_NBD_OPT_IMAGE_OPTS262
+#define QEMU_NBD_OPT_TLSACL263
 
 static NBDExport *exp;
 static bool newproto;
@@ -55,6 +56,7 @@ static int nb_fds;
 static QIOChannelSocket *server_ioc;
 static int server_watch = -1;
 static QCryptoTLSCreds *tlscreds;
+static const char *tlsacl;
 
 static void usage(const char *name)
 {
@@ -344,7 +346,7 @@ static gboolean nbd_accept(QIOChannel *ioc, GIOCondition 
cond, gpointer opaque)
 nb_fds++;
 nbd_update_server_watch();
 nbd_client_new(newproto ? NULL : exp, cioc,
-   tlscreds, NULL, nbd_client_closed);
+   tlscreds, tlsacl, nbd_client_closed);
 object_unref(OBJECT(cioc));
 
 return TRUE;
@@ -488,6 +490,7 @@ int main(int argc, char **argv)
 { "export-name", required_argument, NULL, 'x' },
 { "tls-creds", required_argument, NULL, QEMU_NBD_OPT_TLSCREDS },
 { "image-opts", no_argument, NULL, QEMU_NBD_OPT_IMAGE_OPTS },
+{ "tls-acl", no_argument, NULL, QEMU_NBD_OPT_TLSACL },
 { NULL, 0, NULL, 0 }
 };
 int ch;
@@ -689,6 +692,9 @@ int main(int argc, char **argv)
 case QEMU_NBD_OPT_IMAGE_OPTS:
 imageOpts = true;
 break;
+case QEMU_NBD_OPT_TLSACL:
+tlsacl = optarg;
+break;
 }
 }
 
@@ -725,6 +731,11 @@ int main(int argc, char **argv)
  error_get_pretty(local_err));
 exit(EXIT_FAILURE);
 }
+} else {
+if (tlsacl) {
+error_report("--tls-acl is not permitted without --tls-creds");
+exit(EXIT_FAILURE);
+}
 }
 
 if (disconnect) {
diff --git a/qemu-nbd.texi b/qemu-nbd.texi
index 9f23343..69f32cb 100644
--- a/qemu-nbd.texi
+++ b/qemu-nbd.texi
@@ -86,6 +86,10 @@ the new style NBD protocol negotiation
 Enable mandatory TLS encryption for the server by setting the ID
 of the TLS credentials object previously created with the --object
 option.
+@item --tls-acl=ID
+Specify the ID of a qauthz object previously created with the
+--object option. This will be used to authorize users who
+connect against their x509 distinguish name.
 @item -v, --verbose
 Display extra debugging information
 @item -h, --help
-- 
2.5.0

[Qemu-devel] [PATCH v3 05/10] util: add QAuthZSimple object type for a simple access control list

[Daniel P. Berrange]

Add a QAuthZSimple object type that implements the QAuthZ
interface. This simple built-in implementation maintains
a trivial access control list with a sequence of match
rules and a final default policy. This replicates the
functionality currently provided by the qemu_acl module.

To create an instance of this object via the QMP monitor,
the syntax used would be

  {
"execute": "object-add",
"arguments": {
  "qom-type": "authz-simple",
  "id": "auth0",
  "parameters": {
"rules": [
   { "match": "fred", "policy": "allow" },
   { "match": "bob", "policy": "allow" },
   { "match": "danb", "policy": "deny" },
   { "match": "dan*", "policy": "allow" }
],
"policy": "deny"
  }
}
  }

Or via the -object command line

  $QEMU \
 -object authz-simple,id=acl0,policy=deny,\
 match.0.name=fred,match.0.policy=allow, \
 match.1.name=bob,match.1.policy=allow, \
 match.2.name=danb,match.2.policy=deny, \
 match.3.name=dan*,match.3.policy=allow

This sets up an authorization rule that allows 'fred',
'bob' and anyone whose name starts with 'dan', except
for 'danb'. Everyone unmatched is denied.

Signed-off-by: Daniel P. Berrange 
---
 Makefile|   2 +-
 include/qemu/authz-simple.h | 107 ++
 qapi-schema.json|   6 +-
 qapi/util.json  |  31 ++
 tests/.gitignore|   1 +
 tests/Makefile  |   3 +
 tests/test-authz-simple.c   | 156 +++
 util/Makefile.objs  |   1 +
 util/authz-simple.c | 256 
 9 files changed, 561 insertions(+), 2 deletions(-)
 create mode 100644 include/qemu/authz-simple.h
 create mode 100644 qapi/util.json
 create mode 100644 tests/test-authz-simple.c
 create mode 100644 util/authz-simple.c

diff --git a/Makefile b/Makefile
index 903dc35..60ad13e 100644
--- a/Makefile
+++ b/Makefile
@@ -274,7 +274,7 @@ qapi-modules = $(SRC_PATH)/qapi-schema.json 
$(SRC_PATH)/qapi/common.json \
$(SRC_PATH)/qapi/block.json $(SRC_PATH)/qapi/block-core.json \
$(SRC_PATH)/qapi/event.json $(SRC_PATH)/qapi/introspect.json \
$(SRC_PATH)/qapi/crypto.json $(SRC_PATH)/qapi/rocker.json \
-   $(SRC_PATH)/qapi/trace.json
+   $(SRC_PATH)/qapi/trace.json $(SRC_PATH)/qapi/util.json
 
 qapi-types.c qapi-types.h :\
 $(qapi-modules) $(SRC_PATH)/scripts/qapi-types.py $(qapi-py)
diff --git a/include/qemu/authz-simple.h b/include/qemu/authz-simple.h
new file mode 100644
index 000..74c09e3
--- /dev/null
+++ b/include/qemu/authz-simple.h
@@ -0,0 +1,107 @@
+/*
+ * QEMU simple authorization driver
+ *
+ * Copyright (c) 2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see .
+ *
+ */
+
+#ifndef QAUTHZ_SIMPLE_H__
+#define QAUTHZ_SIMPLE_H__
+
+#include "qemu/authz.h"
+
+
+#define TYPE_QAUTHZ_SIMPLE "authz-simple"
+
+#define QAUTHZ_SIMPLE_CLASS(klass) \
+ OBJECT_CLASS_CHECK(QAuthZSimpleClass, (klass), \
+TYPE_QAUTHZ_SIMPLE)
+#define QAUTHZ_SIMPLE_GET_CLASS(obj) \
+ OBJECT_GET_CLASS(QAuthZSimpleClass, (obj), \
+  TYPE_QAUTHZ_SIMPLE)
+#define QAUTHZ_SIMPLE(obj) \
+ INTERFACE_CHECK(QAuthZSimple, (obj), \
+ TYPE_QAUTHZ_SIMPLE)
+
+typedef struct QAuthZSimple QAuthZSimple;
+typedef struct QAuthZSimpleClass QAuthZSimpleClass;
+
+
+/**
+ * QAuthZSimple:
+ *
+ * This authorization driver provides a simple mechanism
+ * for granting access by matching user names against a
+ * list of globs. Each match rule has an associated policy
+ * and a catch all policy applies if no rule matches
+ *
+ * To create an instace of this class via QMP:
+ *
+ *  {
+ *"execute": "object-add",
+ *"arguments": {
+ *  "qom-type": "authz-simple",
+ *  "id": "auth0",
+ *  "parameters": {
+ *"rules": [
+ *   { "match": "fred", "policy": "allow" },
+ *   { "match": "bob", "policy": "allow" },
+ *   { "match": "danb", "policy": "deny" },
+ *   { "match": "dan*", "policy": "allow" }
+ *],
+ *"policy": "deny"
+ *  }
+ *}
+ *  }
+ *
+ * Or via the CLI:
+ *
+ *   $QEMU  

[Qemu-devel] [PATCH v3 01/10] qdict: implement a qdict_crumple method for un-flattening a dict

[Daniel P. Berrange]

The qdict_flatten() method will take a dict whose elements are
further nested dicts/lists and flatten them by concatenating
keys.

The qdict_crumple() method aims to do the reverse, taking a flat
qdict, and turning it into a set of nested dicts/lists. It will
apply nesting based on the key name, with a '.' indicating a
new level in the hierarchy. If the keys in the nested structure
are all numeric, it will create a list, otherwise it will create
a dict.

If the keys are a mixture of numeric and non-numeric, or the
numeric keys are not in strictly ascending order, an error will
be reported.

As an example, a flat dict containing

 {
   'foo.0.bar': 'one',
   'foo.0.wizz': '1',
   'foo.1.bar': 'two',
   'foo.1.wizz': '2'
 }

will get turned into a dict with one element 'foo' whose
value is a list. The list elements will each in turn be
dicts.

 {
   'foo' => [
 { 'bar': 'one', 'wizz': '1' }
 { 'bar': 'two', 'wizz': '2' }
   ],
 }

If the key is intended to contain a literal '.', then it must
be escaped as '..'. ie a flat dict

  {
 'foo..bar': 'wizz',
 'bar.foo..bar': 'eek',
 'bar.hello': 'world'
  }

Will end up as

  {
 'foo.bar': 'wizz',
 'bar': {
'foo.bar': 'eek',
'hello': 'world'
 }
  }

The intent of this function is that it allows a set of QemuOpts
to be turned into a nested data structure that mirrors the nested
used when the same object is defined over QMP.

Signed-off-by: Daniel P. Berrange 
---
 include/qapi/qmp/qdict.h |   1 +
 qobject/qdict.c  | 267 +++
 tests/check-qdict.c  | 143 +
 3 files changed, 411 insertions(+)

diff --git a/include/qapi/qmp/qdict.h b/include/qapi/qmp/qdict.h
index 71b8eb0..8a3ac13 100644
--- a/include/qapi/qmp/qdict.h
+++ b/include/qapi/qmp/qdict.h
@@ -73,6 +73,7 @@ void qdict_flatten(QDict *qdict);
 void qdict_extract_subqdict(QDict *src, QDict **dst, const char *start);
 void qdict_array_split(QDict *src, QList **dst);
 int qdict_array_entries(QDict *src, const char *subqdict);
+QObject *qdict_crumple(QDict *src, bool recursive, Error **errp);
 
 void qdict_join(QDict *dest, QDict *src, bool overwrite);
 
diff --git a/qobject/qdict.c b/qobject/qdict.c
index 9833bd0..3a01fcc 100644
--- a/qobject/qdict.c
+++ b/qobject/qdict.c
@@ -682,6 +682,273 @@ void qdict_array_split(QDict *src, QList **dst)
 }
 }
 
+
+/**
+ * qdict_split_flat_key:
+ *
+ * Given a flattened key such as 'foo.0.bar', split it
+ * into two parts at the first '.' separator. Allows
+ * double dot ('..') to escape the normal separator.
+ *
+ * eg
+ *'foo.0.bar' -> prefix='foo' and suffix='0.bar'
+ *'foo..0.bar' -> prefix='foo.0' and suffix='bar'
+ *
+ * The '..' sequence will be unescaped in the returned
+ * 'prefix' string. The 'suffix' string will be left
+ * in escaped format, so it can be fed back into the
+ * qdict_split_flat_key() key as the input later.
+ */
+static void qdict_split_flat_key(const char *key, char **prefix, char **suffix)
+{
+const char *separator;
+size_t i, j;
+
+/* Find first '.' separator, but if there is a pair '..'
+ * that acts as an escape, so skip over '..' */
+separator = NULL;
+do {
+if (separator) {
+separator += 2;
+} else {
+separator = key;
+}
+separator = strchr(separator, '.');
+} while (separator && *(separator + 1) == '.');
+
+if (separator) {
+*prefix = g_strndup(key,
+separator - key);
+*suffix = g_strdup(separator + 1);
+} else {
+*prefix = g_strdup(key);
+*suffix = NULL;
+}
+
+/* Unescape the '..' sequence into '.' */
+for (i = 0, j = 0; (*prefix)[i] != '\0'; i++, j++) {
+if ((*prefix)[i] == '.' &&
+(*prefix)[i + 1] == '.') {
+i++;
+}
+(*prefix)[j] = (*prefix)[i];
+}
+(*prefix)[j] = '\0';
+}
+
+
+/**
+ * qdict_list_size:
+ * @maybe_List: dict that may be only list elements
+ *
+ * Determine whether all keys in @maybe_list are
+ * valid list elements. They they are all valid,
+ * then this returns the number of elements. If
+ * they all look like non-numeric keys, then returns
+ * zero. If there is a mix of numeric and non-numeric
+ * keys, then an error is set as it is both a list
+ * and a dict at once.
+ *
+ * Returns: number of list elemets, 0 if a dict, -1 on error
+ */
+static ssize_t qdict_list_size(QDict *maybe_list, Error **errp)
+{
+const QDictEntry *entry, *next;
+ssize_t len = 0;
+ssize_t max = -1;
+int is_list = -1;
+int64_t val;
+
+entry = qdict_first(maybe_list);
+while (entry != NULL) {
+next = qdict_next(maybe_list, entry);
+
+if (qemu_strtoll(entry->key, NULL, 10, ) == 0) {
+if (is_list == -1) {
+is_list = 1;
+} else if (!is_list) {
+error_setg(errp,
+  

[Qemu-devel] [PATCH v3 03/10] qom: support arbitrary non-scalar properties with -object

[Daniel P. Berrange]

The current -object command line syntax only allows for
creation of objects with scalar properties, or a list
with a fixed scalar element type. Objects which have
properties that are represented as structs in the QAPI
schema cannot be created using -object.

This is a design limitation of the way the OptsVisitor
is written. It simply iterates over the QemuOpts values
as a flat list. The support for lists is enabled by
allowing the same key to be repeated in the opts string.

It is not practical to extend the OptsVisitor to support
more complex data structures while also maintaining
the existing list handling behaviour that is relied upon
by other areas of QEMU.

Fortunately there is no existing object that implements
the UserCreatable interface that relies on the list
handling behaviour, so it is possible to swap out the
OptsVisitor for a different visitor implementation, so
-object supports non-scalar properties, thus leaving
other users of OptsVisitor unaffected.

The previously added qdict_crumple() method is able to
take a qdict containing a flat set of properties and
turn that into a arbitrarily nested set of dicts and
lists. By combining qemu_opts_to_qdict and qdict_crumple()
together, we can turn the opt string into a data structure
that is practically identical to that passed over QMP
when defining an object. The only difference is that all
the scalar values are represented as strings, rather than
strings, ints and bools. This is sufficient to let us
replace the OptsVisitor with the QMPInputVisitor for
use with -object.

Thus -object can now support non-scalar properties,
for example the QMP object

  {
"execute": "object-add",
"arguments": {
  "qom-type": "demo",
  "id": "demo0",
  "parameters": {
"foo": [
  { "bar": "one", "wizz": "1" },
  { "bar": "two", "wizz": "2" }
]
  }
}
  }

Would be creatable via the CLI now using

$QEMU \
  -object demo,id=demo0,\
  foo.0.bar=one,foo.0.wizz=1,\
  foo.1.bar=two,foo.1.wizz=2

This is also wired up to work for the 'object_add' command
in the HMP monitor with the same syntax.

  (hmp) object_add demo,id=demo0,\
   foo.0.bar=one,foo.0.wizz=1,\
   foo.1.bar=two,foo.1.wizz=2

Signed-off-by: Daniel P. Berrange 
---
 hmp.c  |  18 +--
 qom/object_interfaces.c|  20 ++-
 tests/check-qom-proplist.c | 295 -
 3 files changed, 313 insertions(+), 20 deletions(-)

diff --git a/hmp.c b/hmp.c
index 5b6084a..7a98726 100644
--- a/hmp.c
+++ b/hmp.c
@@ -25,7 +25,7 @@
 #include "qemu/sockets.h"
 #include "monitor/monitor.h"
 #include "monitor/qdev.h"
-#include "qapi/opts-visitor.h"
+#include "qapi/qmp-input-visitor.h"
 #include "qapi/qmp/qerror.h"
 #include "qapi/string-output-visitor.h"
 #include "qapi/util.h"
@@ -1673,20 +1673,12 @@ void hmp_netdev_del(Monitor *mon, const QDict *qdict)
 void hmp_object_add(Monitor *mon, const QDict *qdict)
 {
 Error *err = NULL;
-QemuOpts *opts;
-OptsVisitor *ov;
+QmpInputVisitor *qiv;
 Object *obj = NULL;
 
-opts = qemu_opts_from_qdict(qemu_find_opts("object"), qdict, );
-if (err) {
-hmp_handle_error(mon, );
-return;
-}
-
-ov = opts_visitor_new(opts);
-obj = user_creatable_add(qdict, opts_get_visitor(ov), );
-opts_visitor_cleanup(ov);
-qemu_opts_del(opts);
+qiv = qmp_input_visitor_new_full((QObject *)qdict, true, true);
+obj = user_creatable_add(qdict, qmp_input_get_visitor(qiv), );
+qmp_input_visitor_cleanup(qiv);
 
 if (err) {
 hmp_handle_error(mon, );
diff --git a/qom/object_interfaces.c b/qom/object_interfaces.c
index c2f6e29..9c41730 100644
--- a/qom/object_interfaces.c
+++ b/qom/object_interfaces.c
@@ -1,9 +1,9 @@
 #include "qemu/osdep.h"
 #include "qom/object_interfaces.h"
 #include "qemu/module.h"
+#include "qemu/option.h"
 #include "qapi-visit.h"
-#include "qapi/qmp-output-visitor.h"
-#include "qapi/opts-visitor.h"
+#include "qapi/qmp-input-visitor.h"
 
 void user_creatable_complete(Object *obj, Error **errp)
 {
@@ -120,6 +120,7 @@ Object *user_creatable_add_type(const char *type, const 
char *id,
 obj = object_new(type);
 if (qdict) {
 for (e = qdict_first(qdict); e; e = qdict_next(qdict, e)) {
+
 object_property_set(obj, v, e->key, _err);
 if (local_err) {
 goto out;
@@ -151,15 +152,22 @@ out:
 
 Object *user_creatable_add_opts(QemuOpts *opts, Error **errp)
 {
-OptsVisitor *ov;
+QmpInputVisitor *qiv;
 QDict *pdict;
+QObject *pobj;
 Object *obj = NULL;
 
-ov = opts_visitor_new(opts);
 pdict = qemu_opts_to_qdict(opts, NULL);
+pobj = qdict_crumple(pdict, true, errp);
+if (!pobj) {
+goto cleanup;
+}
+qiv = qmp_input_visitor_new_full(pobj, true, true);
 
-obj = user_creatable_add(pdict, opts_get_visitor(ov), errp);
-

[Qemu-devel] [PATCH v3 02/10] qapi: allow QmpInputVisitor to auto-cast types

[Daniel P. Berrange]

Currently the QmpInputVisitor assumes that all scalar
values are directly represented as their final types.
ie it assumes an 'int' is using QInt, and a 'bool' is
using QBool.

This extends it so that QString is optionally permitted
for any of the non-string scalar types. This behaviour
is turned on by requesting the 'autocast' flag in the
constructor.

This makes it possible to use QmpInputVisitor with a
QDict produced from QemuOpts, where everything is in
string format.

Signed-off-by: Daniel P. Berrange 
---
 include/qapi/qmp-input-visitor.h |   3 +
 qapi/qmp-input-visitor.c |  96 +++-
 tests/test-qmp-input-visitor.c   | 115 ++-
 3 files changed, 196 insertions(+), 18 deletions(-)

diff --git a/include/qapi/qmp-input-visitor.h b/include/qapi/qmp-input-visitor.h
index 3ed499c..c25cb7c 100644
--- a/include/qapi/qmp-input-visitor.h
+++ b/include/qapi/qmp-input-visitor.h
@@ -21,6 +21,9 @@ typedef struct QmpInputVisitor QmpInputVisitor;
 
 QmpInputVisitor *qmp_input_visitor_new(QObject *obj);
 QmpInputVisitor *qmp_input_visitor_new_strict(QObject *obj);
+QmpInputVisitor *qmp_input_visitor_new_full(QObject *obj,
+bool strict,
+bool autocast);
 
 void qmp_input_visitor_cleanup(QmpInputVisitor *v);
 
diff --git a/qapi/qmp-input-visitor.c b/qapi/qmp-input-visitor.c
index e659832..59d2165 100644
--- a/qapi/qmp-input-visitor.c
+++ b/qapi/qmp-input-visitor.c
@@ -35,6 +35,7 @@ struct QmpInputVisitor
 StackObject stack[QIV_STACK_SIZE];
 int nb_stack;
 bool strict;
+bool autocast;
 };
 
 static QmpInputVisitor *to_qiv(Visitor *v)
@@ -217,15 +218,26 @@ static void qmp_input_type_int64(Visitor *v, const char 
*name, int64_t *obj,
  Error **errp)
 {
 QmpInputVisitor *qiv = to_qiv(v);
-QInt *qint = qobject_to_qint(qmp_input_get_object(qiv, name, true));
+QObject *qobj = qmp_input_get_object(qiv, name, true);
+QInt *qint;
+QString *qstr;
 
-if (!qint) {
-error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
-   "integer");
+qint = qobject_to_qint(qobj);
+if (qint) {
+*obj = qint_get_int(qint);
 return;
 }
 
-*obj = qint_get_int(qint);
+qstr = qobject_to_qstring(qobj);
+if (qstr && qstr->string && qiv->autocast) {
+errno = 0;
+if (qemu_strtoll(qstr->string, NULL, 10, obj) == 0) {
+return;
+}
+}
+
+error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
+   "integer");
 }
 
 static void qmp_input_type_uint64(Visitor *v, const char *name, uint64_t *obj,
@@ -233,30 +245,61 @@ static void qmp_input_type_uint64(Visitor *v, const char 
*name, uint64_t *obj,
 {
 /* FIXME: qobject_to_qint mishandles values over INT64_MAX */
 QmpInputVisitor *qiv = to_qiv(v);
-QInt *qint = qobject_to_qint(qmp_input_get_object(qiv, name, true));
+QObject *qobj = qmp_input_get_object(qiv, name, true);
+QInt *qint;
+QString *qstr;
 
-if (!qint) {
-error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
-   "integer");
+qint = qobject_to_qint(qobj);
+if (qint) {
+*obj = qint_get_int(qint);
 return;
 }
 
-*obj = qint_get_int(qint);
+qstr = qobject_to_qstring(qobj);
+if (qstr && qstr->string && qiv->autocast) {
+errno = 0;
+if (qemu_strtoull(qstr->string, NULL, 10, obj) == 0) {
+return;
+}
+}
+
+error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
+   "integer");
 }
 
 static void qmp_input_type_bool(Visitor *v, const char *name, bool *obj,
 Error **errp)
 {
 QmpInputVisitor *qiv = to_qiv(v);
-QBool *qbool = qobject_to_qbool(qmp_input_get_object(qiv, name, true));
+QObject *qobj = qmp_input_get_object(qiv, name, true);
+QBool *qbool;
+QString *qstr;
 
-if (!qbool) {
-error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
-   "boolean");
+qbool = qobject_to_qbool(qobj);
+if (qbool) {
+*obj = qbool_get_bool(qbool);
 return;
 }
 
-*obj = qbool_get_bool(qbool);
+
+qstr = qobject_to_qstring(qobj);
+if (qstr && qstr->string && qiv->autocast) {
+if (!strcasecmp(qstr->string, "on") ||
+!strcasecmp(qstr->string, "yes") ||
+!strcasecmp(qstr->string, "true")) {
+*obj = true;
+return;
+}
+if (!strcasecmp(qstr->string, "off") ||
+!strcasecmp(qstr->string, "no") ||
+!strcasecmp(qstr->string, "false")) {
+*obj = false;
+return;
+}
+}
+
+error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
+   "boolean");
 }
 
 static 

[Qemu-devel] [PATCH v3 00/10] Provide a QOM-based authorization API

[Daniel P. Berrange]

Many years ago I was responsible for adding the 'qemu_acl' type
and associated HMP commands. Looking back at it now, it is quite
a poor facility with a couple of bad limitations. First, the
responsibility for creating the ACLs was left with the QEMU network
service (VNC server was only thing ever doing it). This meant you
could not share ACLs across multiple services. Second, there was
no way to populate ACLs on the command line, you had no choice but
to use the HMP commands. Third, the API was hardcoded around the
idea of an in-QEMU implementation, leaving no scope for plugging
in alternative implementations backed by, for exmaple, LDAP or PAM.

This series introduces a much better authorization API design
to QEMU that addresses all these problems, and maintains back
compatibility. It of course is based on the QOM framework, so
that immediately gives us ability to create objects via the
CLI, HMP or QMP. There is an abstract base clss "QAuthZ" which
defines the basic API for QEMU network services to use, and a
specific implementation "QAuthZ" simple which replicates the
functionality of 'qemu_acl'. It is thus possible to add other
impls, without changing any other part of QEMU in the future.
Finally, the user is responsible for creating the ACL objects,
so they can have one ACL associated with all their TLS enabled
network services.

There was only one small problem with this, specifically the
-object CLI arg and HMP 'object_add' command had no way to let
the user specify non-scalar properties for objects. eg if an
object had a property which is a list of structs, you are out
of luck if you want to create it without using QMP.

Thus the first three patches do some work around QAPI / QOM
to make it possible to specify non-scalar properties with
the -object CLI arg and HMP 'object_add' command. See the
respective patches for illustration of the syntax used.

The patches 4 and 5 introduce the new base class and specific
implementation.

Patch 6 kills the old qemu_acl code, updating any existing
callers of it to use the QAuthZSimple QOM class instead.

Patches 7-10 add support for associating ACLs with the
network services supporting TLS encryption (NBD, chardev
and VNC).

Aside from the outstanding migration TLS patches, this series
wraps up the feature based work I have for TLS in this release
cycle.

Changed in v3:

 - Created separate qdict_list_size method (Max)
 - Added unit tests for case of empty dict (Max)
 - Fix variable names to use underscore separator (Max)
 - Fix potential free of uninitialized variables (Max)
 - Use QObject APIs for casts, instead of C type casts (Max)

Changed in v2:

 - Adapt to changes in qapi visitor APIs
 - Add a 'bool recursive' flag to qdict_crumple (Max)
 - Fix memory leaks in qdict_crumple (Max)
 - Split out key splitting code from qdict_crumple (Max)
 - Use saner variable names in qdict_crumple (Max)
 - Added some tests for bad inputs to qdict_crumple

Daniel P. Berrange (10):
  qdict: implement a qdict_crumple method for un-flattening a dict
  qapi: allow QmpInputVisitor to auto-cast types
  qom: support arbitrary non-scalar properties with -object
  util: add QAuthZ object as an authorization base class
  util: add QAuthZSimple object type for a simple access control list
  acl: delete existing ACL implementation
  qemu-nbd: add support for ACLs for TLS clients
  nbd: allow an ACL to be set with nbd-server-start QMP command
  chardev: add support for ACLs for TLS clients
  vnc: allow specifying a custom ACL object name

 MAINTAINERS  |   7 +
 Makefile |   9 +-
 Makefile.objs|   2 +
 Makefile.target  |   2 +
 blockdev-nbd.c   |  10 +-
 crypto/tlssession.c  |  28 +++-
 hmp.c|  20 +--
 include/qapi/qmp-input-visitor.h |   3 +
 include/qapi/qmp/qdict.h |   1 +
 include/qemu/acl.h   |  74 --
 include/qemu/authz-simple.h  | 107 ++
 include/qemu/authz.h |  81 +++
 monitor.c| 161 +
 qapi-schema.json |   8 +-
 qapi/block.json  |   4 +-
 qapi/qmp-input-visitor.c |  96 +++--
 qapi/util.json   |  31 
 qemu-char.c  |  11 +-
 qemu-nbd.c   |  13 +-
 qemu-nbd.texi|   4 +
 qmp-commands.hx  |   2 +-
 qobject/qdict.c  | 267 +++
 qom/object_interfaces.c  |  20 ++-
 tests/.gitignore |   1 +
 tests/Makefile   |   5 +-
 tests/check-qdict.c  | 143 +++
 tests/check-qom-proplist.c   | 295 ++-
 tests/test-authz-simple.c| 156 +
 tests/test-crypto-tlssession.c   |  13 +-
 tests/test-io-channel-tls.c  |  14 +-
 

Re: [Qemu-devel] [PATCH v5 06/14] qapi-event: Slightly shrink generated code

[Markus Armbruster]

Eric Blake  writes:

> Slightly rearrange the code in gen_event_send() for less generated
> output, by initializing 'emit' sooner, deferring an assertion
> to qdict_put_obj, and dropping a now-unused 'obj' local variable.
>
> While at it, document a FIXME related to the potential for a
> compiler naming collision - if the user ever creates a QAPI event
> whose name matches 'errp' or one of our local variables (like
> 'emit'), we'll have to revisit how we generate functions to
> avoid the problem.
>
> |@@ -25,16 +25,13 @@ void qapi_event_send_acpi_device_ost(ACP
> | {
> | QDict *qmp;
> | Error *err = NULL;
> |-QMPEventFuncEmit emit;
> |+QMPEventFuncEmit emit = qmp_event_get_func_emit();
> | QmpOutputVisitor *qov;
> | Visitor *v;
> |-QObject *obj;
> |
> |-emit = qmp_event_get_func_emit();
> | if (!emit) {
> | return;
> | }
> |-
> | qmp = qmp_event_build_dict("ACPI_DEVICE_OST");
> |
> | qov = qmp_output_visitor_new();
> |@@ -53,11 +50,7 @@ out_obj:
> | if (err) {
> | goto out;
> | }
> |-
> |-obj = qmp_output_get_qobject(qov);
> |-g_assert(obj);

We're not "deferring an assertion to qdict_put_obj()", we're dropping a
dead one: qmp_output_get_qobject() never returns null.

I figure the assertion dates back to the time when it still did.  Back
then, getting null here meant we screwed up.

I just searched the code for similarly dead assertions.  Found one in
qapi_clone_InputEvent(), and serveral more in test-qmp-output-visitor.c.

There's also an error return in qapi_copy_SocketAddress().  Useless?
Should check for qnull instead?

> |-
> |-qdict_put_obj(qmp, "data", obj);
> |+qdict_put_obj(qmp, "data", qmp_output_get_qobject(qov));
> | emit(QAPI_EVENT_ACPI_DEVICE_OST, qmp, );
> |
> | out:
>
> Signed-off-by: Eric Blake 
>
> ---
> v5: new patch
> ---
>  scripts/qapi-event.py | 19 +--
>  1 file changed, 9 insertions(+), 10 deletions(-)
>
> diff --git a/scripts/qapi-event.py b/scripts/qapi-event.py
> index c03cb78..02c9556 100644
> --- a/scripts/qapi-event.py
> +++ b/scripts/qapi-event.py
> @@ -29,13 +29,19 @@ def gen_event_send_decl(name, arg_type):
>
>
>  def gen_event_send(name, arg_type):
> +# FIXME: Our declaration of local variables (and of 'errp' in the
> +# parameter list) can collide with exploded members of the event's
> +# data type passed in as parameters.  If this collision ever hits in
> +# practice, we can rename our local variables with a leading _ prefix,
> +# or split the code into a wrapper function that creates a boxed
> +# 'param' object then calls another to do the real work.
>  ret = mcgen('''
>
>  %(proto)s
>  {
>  QDict *qmp;
>  Error *err = NULL;
> -QMPEventFuncEmit emit;
> +QMPEventFuncEmit emit = qmp_event_get_func_emit();
>  ''',
>  proto=gen_event_send_proto(name, arg_type))
>
> @@ -43,16 +49,13 @@ def gen_event_send(name, arg_type):
>  ret += mcgen('''
>  QmpOutputVisitor *qov;
>  Visitor *v;
> -QObject *obj;
> -

Please keep the blank line here...

>  ''')
>
>  ret += mcgen('''
> -emit = qmp_event_get_func_emit();
> +

... instead of adding it here.

>  if (!emit) {
>  return;
>  }
> -

Let's keep this one.

>  qmp = qmp_event_build_dict("%(name)s");
>
>  ''',
> @@ -76,11 +79,7 @@ out_obj:
>  if (err) {
>  goto out;
>  }
> -
> -obj = qmp_output_get_qobject(qov);
> -g_assert(obj);
> -
> -qdict_put_obj(qmp, "data", obj);
> +qdict_put_obj(qmp, "data", qmp_output_get_qobject(qov));
>  ''')
>
>  ret += mcgen('''

Small improvements are welcome, too :)

[Qemu-devel] [PATCH v3] block/gluster: add support for SEEK_DATA/SEEK_HOLE

[Niels de Vos]

GlusterFS 3.8 contains support for SEEK_DATA and SEEK_HOLE. This makes
it possible to detect sparse areas in files.

Signed-off-by: Niels de Vos 

---
Tested by compiling and running "qemu-img map gluster://..." with a
build of the current master branch of glusterfs. Using a Fedora cloud
image (in raw format) shows many SEEK procudure calls going back and
forth over the network. The output of "qemu map" matches the output when
run against the image on the local filesystem.

v2 based on feedback from Jeff Cody:
- Replace compile time detection by runtime detection
- Update return pointer (new argument) for .bdrv_co_get_block_status
---
 block/gluster.c | 182 
 1 file changed, 182 insertions(+)

diff --git a/block/gluster.c b/block/gluster.c
index 65077a0..a4f0628 100644
--- a/block/gluster.c
+++ b/block/gluster.c
@@ -23,6 +23,7 @@ typedef struct GlusterAIOCB {
 typedef struct BDRVGlusterState {
 struct glfs *glfs;
 struct glfs_fd *fd;
+bool supports_seek_data;
 } BDRVGlusterState;
 
 typedef struct GlusterConf {
@@ -286,6 +287,28 @@ static void qemu_gluster_parse_flags(int bdrv_flags, int 
*open_flags)
 }
 }
 
+/*
+ * Do SEEK_DATA/HOLE to detect if it is functional. Older broken versions of
+ * gfapi incorrectly return the current offset when SEEK_DATA/HOLE is used.
+ * - Corrected versions return -1 and set errno to EINVAL.
+ * - Versions that support SEEK_DATA/HOLE correctly, will return -1 and set
+ *   errno to ENXIO when SEEK_DATA is called with a position of EOF.
+ */
+static bool qemu_gluster_test_seek(struct glfs_fd *fd)
+{
+off_t ret, eof;
+
+eof = glfs_lseek(fd, 0, SEEK_END);
+if (eof < 0) {
+/* this should never occur */
+return false;
+}
+
+/* this should always fail with ENXIO if SEEK_DATA is supported */
+ret = glfs_lseek(fd, eof, SEEK_DATA);
+return (ret < 0) && (errno == ENXIO);
+}
+
 static int qemu_gluster_open(BlockDriverState *bs,  QDict *options,
  int bdrv_flags, Error **errp)
 {
@@ -320,6 +343,8 @@ static int qemu_gluster_open(BlockDriverState *bs,  QDict 
*options,
 ret = -errno;
 }
 
+s->supports_seek_data = qemu_gluster_test_seek(s->fd);
+
 out:
 qemu_opts_del(opts);
 qemu_gluster_gconf_free(gconf);
@@ -677,6 +702,159 @@ static int qemu_gluster_has_zero_init(BlockDriverState 
*bs)
 return 0;
 }
 
+/*
+ * Find allocation range in @bs around offset @start.
+ * May change underlying file descriptor's file offset.
+ * If @start is not in a hole, store @start in @data, and the
+ * beginning of the next hole in @hole, and return 0.
+ * If @start is in a non-trailing hole, store @start in @hole and the
+ * beginning of the next non-hole in @data, and return 0.
+ * If @start is in a trailing hole or beyond EOF, return -ENXIO.
+ * If we can't find out, return a negative errno other than -ENXIO.
+ *
+ * (Shamefully copied from raw-posix.c, only miniscule adaptions.)
+ */
+static int find_allocation(BlockDriverState *bs, off_t start,
+   off_t *data, off_t *hole)
+{
+BDRVGlusterState *s = bs->opaque;
+off_t offs;
+
+if (!s->supports_seek_data) {
+return -ENOTSUP;
+}
+
+/*
+ * SEEK_DATA cases:
+ * D1. offs == start: start is in data
+ * D2. offs > start: start is in a hole, next data at offs
+ * D3. offs < 0, errno = ENXIO: either start is in a trailing hole
+ *  or start is beyond EOF
+ * If the latter happens, the file has been truncated behind
+ * our back since we opened it.  All bets are off then.
+ * Treating like a trailing hole is simplest.
+ * D4. offs < 0, errno != ENXIO: we learned nothing
+ */
+offs = glfs_lseek(s->fd, start, SEEK_DATA);
+if (offs < 0) {
+return -errno;  /* D3 or D4 */
+}
+assert(offs >= start);
+
+if (offs > start) {
+/* D2: in hole, next data at offs */
+*hole = start;
+*data = offs;
+return 0;
+}
+
+/* D1: in data, end not yet known */
+
+/*
+ * SEEK_HOLE cases:
+ * H1. offs == start: start is in a hole
+ * If this happens here, a hole has been dug behind our back
+ * since the previous lseek().
+ * H2. offs > start: either start is in data, next hole at offs,
+ *   or start is in trailing hole, EOF at offs
+ * Linux treats trailing holes like any other hole: offs ==
+ * start.  Solaris seeks to EOF instead: offs > start (blech).
+ * If that happens here, a hole has been dug behind our back
+ * since the previous lseek().
+ * H3. offs < 0, errno = ENXIO: start is beyond EOF
+ * If this happens, the file has been truncated behind our
+ * back since we opened it.  Treat it like a trailing hole.
+ * H4. offs < 0, errno != ENXIO: we learned nothing
+ * Pretend 

Re: [Qemu-devel] [PATCH v3 25/27] migration: add support for encrypting data with TLS

[Dr. David Alan Gilbert]

* Daniel P. Berrange (berra...@redhat.com) wrote:
> This extends the migration_set_incoming_channel and
> migration_set_outgoing_channel methods so that they
> will automatically wrap the QIOChannel in a
> QIOChannelTLS instance if TLS credentials are configured
> in the migration parameters.

Reviewed-by: Dr. David Alan Gilbert 

You might like to check how it behaves with a migrate_cancel
after connect but before the handshake has finished.

I think it will probably work - the cancel does a shutdown()
call so it'll probably cause it to nuke the underlying conenction
that will then cause the handshake callback.

Dave

> This allows TLS to work for tcp, unix, fd and exec
> migration protocols. It does not (currently) work for
> RDMA since it does not use these APIs, but it is
> unlikely that TLS would be desired with RDMA anyway
> since it would degrade the performance to that seen
> with TCP defeating the purpose of using RDMA.
> 
> On the target host, QEMU would be launched with a set
> of TLS credentials for a server endpoint
> 
>  $ qemu-system-x86_64 -monitor stdio -incoming defer \
> -object 
> tls-creds-x509,dir=/home/berrange/security/qemutls,endpoint=server,id=tls0 \
> ...other args...
> 
> To enable incoming TLS migration 2 monitor commands are
> then used
> 
>   (qemu) migrate_set_str_parameter tls-creds tls0
>   (qemu) migrate_incoming tcp:myhostname:9000
> 
> On the source host, QEMU is launched in a similar
> manner but using client endpoint credentials
> 
>  $ qemu-system-x86_64 -monitor stdio \
> -object 
> tls-creds-x509,dir=/home/berrange/security/qemutls,endpoint=client,id=tls0 \
> ...other args...
> 
> To enable outgoing TLS migration 2 monitor commands are
> then used
> 
>   (qemu) migrate_set_str_parameter tls-creds tls0
>   (qemu) migrate tcp:otherhostname:9000
> 
> Thanks to earlier improvements to error reporting,
> TLS errors can be seen 'info migrate' when doing a
> detached migration. For example:
> 
>   (qemu) info migrate
>   capabilities: xbzrle: off rdma-pin-all: off auto-converge: off zero-blocks: 
> off compress: off events: off x-postcopy-ram: off
>   Migration status: failed
>   total time: 0 milliseconds
>   error description: TLS handshake failed: The TLS connection was 
> non-properly terminated.
> 
> Or
> 
>   (qemu) info migrate
>   capabilities: xbzrle: off rdma-pin-all: off auto-converge: off zero-blocks: 
> off compress: off events: off x-postcopy-ram: off
>   Migration status: failed
>   total time: 0 milliseconds
>   error description: Certificate does not match the hostname localhost
> 
> Signed-off-by: Daniel P. Berrange 
> ---
>  include/migration/migration.h |  12 +++-
>  migration/Makefile.objs   |   1 +
>  migration/exec.c  |   2 +-
>  migration/fd.c|   2 +-
>  migration/migration.c |  40 +--
>  migration/socket.c|  34 +++--
>  migration/tls.c   | 160 
> ++
>  trace-events  |  12 +++-
>  8 files changed, 246 insertions(+), 17 deletions(-)
>  create mode 100644 migration/tls.c
> 
> diff --git a/include/migration/migration.h b/include/migration/migration.h
> index 999a5ee..6310ff4 100644
> --- a/include/migration/migration.h
> +++ b/include/migration/migration.h
> @@ -186,8 +186,18 @@ void qemu_start_incoming_migration(const char *uri, 
> Error **errp);
>  void migration_set_incoming_channel(MigrationState *s,
>  QIOChannel *ioc);
>  
> +void migration_tls_set_incoming_channel(MigrationState *s,
> +QIOChannel *ioc,
> +Error **errp);
> +
>  void migration_set_outgoing_channel(MigrationState *s,
> -QIOChannel *ioc);
> +QIOChannel *ioc,
> +const char *hostname);
> +
> +void migration_tls_set_outgoing_channel(MigrationState *s,
> +QIOChannel *ioc,
> +const char *hostname,
> +Error **errp);
>  
>  uint64_t migrate_max_downtime(void);
>  
> diff --git a/migration/Makefile.objs b/migration/Makefile.objs
> index 7b9051c..e68b54d 100644
> --- a/migration/Makefile.objs
> +++ b/migration/Makefile.objs
> @@ -1,4 +1,5 @@
>  common-obj-y += migration.o socket.o fd.o exec.o
> +common-obj-y += tls.o
>  common-obj-y += vmstate.o
>  common-obj-y += qemu-file.o
>  common-obj-y += qemu-file-channel.o
> diff --git a/migration/exec.c b/migration/exec.c
> index 4f439b4..a5debc6 100644
> --- a/migration/exec.c
> +++ b/migration/exec.c
> @@ -36,7 +36,7 @@ void exec_start_outgoing_migration(MigrationState *s, const 
> char *command, Error
>  return;
>  }
>  
> -migration_set_outgoing_channel(s, ioc);
> +migration_set_outgoing_channel(s, 

[Qemu-devel] KVM Forum 2016: Call For Participation

[Paolo Bonzini]

=
KVM Forum 2016: Call For Participation
August 24-26, 2016 - Westin Harbor Castle - Toronto, Canada

(All submissions must be received before midnight May 1, 2016)
=

KVM Forum is an annual event that presents a rare opportunity
for developers and users to meet, discuss the state of Linux
virtualization technology, and plan for the challenges ahead. 
We invite you to lead part of the discussion by submitting a speaking
proposal for KVM Forum 2016.

At this highly technical conference, developers driving innovation
in the KVM virtualization stack (Linux, KVM, QEMU, libvirt) can
meet users who depend on KVM as part of their offerings, or to
power their data centers and clouds.

KVM Forum will include sessions on the state of the KVM
virtualization stack, planning for the future, and many
opportunities for attendees to collaborate. As we celebrate ten years
of KVM development in the Linux kernel, KVM continues to be a
critical part of the FOSS cloud infrastructure.

This year, KVM Forum is joining LinuxCon and ContainerCon in Toronto, 
Canada. Selected talks from KVM Forum will be presented on Wednesday
August 24 to the full audience of LinuxCon and ContainerCon. Also,
attendees of KVM Forum will have access to all of the LinuxCon and
ContainerCon talks on Wednesday.

http://events.linuxfoundation.org/cfp

Suggested topics:

KVM and Linux
* Scaling and optimizations
* Nested virtualization
* Linux kernel performance improvements
* Resource management (CPU, I/O, memory)
* Hardening and security
* VFIO: SR-IOV, GPU, platform device assignment
* Architecture ports

QEMU
* Management interfaces: QOM and QMP
* New devices, new boards, new architectures
* Scaling and optimizations
* Desktop virtualization and SPICE
* Virtual GPU
* virtio and vhost, including non-Linux or non-virtualized uses
* Hardening and security
* New storage features
* Live migration and fault tolerance
* High availability and continuous backup
* Real-time guest support
* Emulation and TCG
* Firmware: ACPI, UEFI, coreboot, u-Boot, etc.
* Testing

Management and infrastructure
* Managing KVM: Libvirt, OpenStack, oVirt, etc.
* Storage: glusterfs, Ceph, etc.
* Software defined networking: Open vSwitch, OpenDaylight, etc.
* Network Function Virtualization
* Security
* Provisioning
* Performance tuning


===
SUBMITTING YOUR PROPOSAL
===
Abstracts due: May 1, 2016

Please submit a short abstract (~150 words) describing your presentation
proposal. Slots vary in length up to 45 minutes. Also include the proposal
type -- one of:
- technical talk
- end-user talk

Submit your proposal here:
http://events.linuxfoundation.org/cfp
Please only use the categories "presentation" and "panel discussion"

You will receive a notification whether or not your presentation proposal
was accepted by May 27, 2016.

Speakers will receive a complimentary pass for the event. In the instance
that your submission has multiple presenters, only the primary speaker for a
proposal will receive a complementary event pass. For panel discussions, all
panelists will receive a complimentary event pass.

TECHNICAL TALKS

A good technical talk should not just report on what has happened over
the last year; it should present a concrete problem and how it impacts
the user and/or developer community. Whenever applicable, focus on
work that needs to be done, difficulties that haven't yet been solved,
and on decisions that other developers should be aware of. Summarizing
recent developments is okay but it should not be more than a small
portion of the overall talk.

END-USER TALKS

One of the big challenges as developers is to know what, where and how
people actually use our software. We will reserve a few slots for end
users talking about their deployment challenges and achievements.

If you are using KVM in production you are encouraged submit a speaking
proposal. Simply mark it as an end-user talk. As an end user, this is a
unique opportunity to get your input to developers.

HANDS-ON / BOF SESSIONS

We will reserve some time for people to get together and discuss
strategic decisions as well as other topics that are best solved within
smaller groups.

These sessions will be announced during the event. If you are interested
in organizing such a session, please add it to the list at

  http://www.linux-kvm.org/page/KVM_Forum_2016_BOF

Let people you think might be interested know about it, and encourage
them to add their names to the wiki page as well. Please try to
add your ideas to the list before KVM Forum starts.


PANEL DISCUSSIONS

If you are proposing a panel discussion, please make sure that you list
all of your potential panelists in your abstract. We will request full
biographies if a panel is accepted.


===
HOTEL / TRAVEL
===

This year's event will take place at the Westin Harbour Castle Toronto.
For 

Re: [Qemu-devel] [Qemu-ppc] [PATCH 72/77] ppc: A couple more dummy POWER8 Book4 regs

[Thomas Huth]

On 09.03.2016 22:17, Thomas Huth wrote:
> On 09.03.2016 21:04, Cédric Le Goater wrote:

>> I have been maintaining a port of Ben's patchset on the latest qemu for 
>> other 
>> parts which should come after pnv is merged so I have a framework to test 
>> such 
>> sub-patchsets. I also have time to work on them but clearly not the expertise
>> in all areas !
> 
> That would be great if you could take care of this!
> 
>> What would be nice is to identify the most obvious ones, non controversial
>> that could be merged after a few iterations. I have a vague idea, the ones 
>> Reviewed-by David obviously being good candidates, the definition of new 
>> SPRs 
>> (even the dummy ones ?).
> 
> I really like to see the KVM SPRs patches first - since they are fixing
> potential problems with migration of the _current_ KVM machines already!
> And being bug fixes, maybe these patches could even be included for QEMU
> 2.6 already? (i.e. before the hard freeze at the end of March)
> 
> So my wish-list for a first small patch series looks like this:
> 
> 5b287e66c7513209  ppc: Add macros to register hypervisor mode SPRs
> 34f1af75e75e7ba0  ppc: Add dummy CIABR SPR
> 48adf38e9cab4663  ppc: A couple more dummy POWER8 Book4 regs
> 730a9b4dc9414818  ppc: Add KVM numbers to some P8 SPRs
> 
> There are a couple of other patches touching the SPRs initialization,
> but they are not important with regards to migration... so not sure
> whether it makes sense to include them now already...

FWIW, I just saw today (by doing some more experiments with
kvm-unit-tests) that the IAMR register is also not migrated yet ... so
it would be nice if you could include the related patches for IAMR, too,
and wire the KVM part up with KVM_REG_PPC_IAMR...

 Thomas

Re: [Qemu-devel] [PATCH v4 2/8] pc: move igd support code to igd.c

[Kay, Allen M]

> -Original Message-
> From: Tian, Kevin
> Sent: Wednesday, March 09, 2016 9:56 PM
> To: Gerd Hoffmann 
> Cc: Alex Williamson ; Stefano Stabellini
> ; xen-de...@lists.xensource.com; igvt-
> g...@ml01.01.org; Michael S. Tsirkin ; open list:All patches
> CC here ; Kay, Allen M 
> Subject: RE: [PATCH v4 2/8] pc: move igd support code to igd.c
> 
> > From: Gerd Hoffmann [mailto:kra...@redhat.com]
> > Sent: Wednesday, March 09, 2016 11:08 PM
> >
> >   Hi,
> >
> > > +/* Here we just expose minimal host bridge offset subset. */ static
> > > +const IGDHostInfo igd_host_bridge_infos[] = {
> > > +{0x08, 2},  /* revision id */
> > > +{0x2c, 2},  /* sybsystem vendor id */
> > > +{0x2e, 2},  /* sybsystem id */
> >
> > Can anyone clarify where this comes from?
> 
> Add Allen who is the original author.
> 
> >
> > Setting the subsystem id without also setting the pci id looks wrong,
> > given that each pci id has its own subsystem id namespace.
> >

Host bridge register passthrough only serves the purpose of allowing Windows 
IGD driver accessing info it needs to boot and leave the rest intact so it 
would not look too different from the chipset it is emulating. 

Allen

Re: [Qemu-devel] [PATCH v3 24/27] migration: define 'tls-creds' and 'tls-hostname' migration parameters

[Daniel P. Berrange]

On Thu, Mar 10, 2016 at 05:42:45PM +, Dr. David Alan Gilbert wrote:
> * Daniel P. Berrange (berra...@redhat.com) wrote:
> > Define two new migration parameters to be used with TLS encryption.
> > The 'tls-creds' parameter provides the ID of an instance of the
> > 'tls-creds' object type, or rather a subclass such as 'tls-creds-x509'.
> > Providing these credentials will enable use of TLS on the migration
> > data stream.
> > 
> > If using x509 certificates, together with a migration URI that does
> > not include a hostname, the 'tls-hostname' parameter provides the
> > hostname to use when verifying the server's x509 certificate. This
> > allows TLS to be used in combination with fd: and exec: protocols
> > where a TCP connection is established by a 3rd party outside of
> > QEMU.
> > 
> > For the HMP this sadly requires adding a new monitor command
> > 'migration_set_str_parameter', since the existing command
> > 'migration_set_parameter' is fixed to take integer values.
> 
> Can you explain why?
> The definition of the 's' string type in monitor.c says:
>  * 's'  string (accept optional quote)
> 
> and hmp_block_stream already uses 's' for an integer parameter (why?).
> So if you just changed the definition to take a :s parameter it would
> work wouldn't it as long as you did an appropriate check in 
> hmp_migrate_set_parameter?

Hmm, I thought that changing  migration_set_parameter from 'i' to 's'
would be a non-backwards compatible change. If that change is possible
though, its obviously preferrable to adding a new command.


Regards,
Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

Re: [Qemu-devel] [PATCH v3 24/27] migration: define 'tls-creds' and 'tls-hostname' migration parameters

[Dr. David Alan Gilbert]

* Daniel P. Berrange (berra...@redhat.com) wrote:
> Define two new migration parameters to be used with TLS encryption.
> The 'tls-creds' parameter provides the ID of an instance of the
> 'tls-creds' object type, or rather a subclass such as 'tls-creds-x509'.
> Providing these credentials will enable use of TLS on the migration
> data stream.
> 
> If using x509 certificates, together with a migration URI that does
> not include a hostname, the 'tls-hostname' parameter provides the
> hostname to use when verifying the server's x509 certificate. This
> allows TLS to be used in combination with fd: and exec: protocols
> where a TCP connection is established by a 3rd party outside of
> QEMU.
> 
> For the HMP this sadly requires adding a new monitor command
> 'migration_set_str_parameter', since the existing command
> 'migration_set_parameter' is fixed to take integer values.

Can you explain why?
The definition of the 's' string type in monitor.c says:
 * 's'  string (accept optional quote)

and hmp_block_stream already uses 's' for an integer parameter (why?).
So if you just changed the definition to take a :s parameter it would
work wouldn't it as long as you did an appropriate check in 
hmp_migrate_set_parameter?

Dave

> The QMP monitor is fine, since it has the more flexible
> 'migration_set_parameters' which takes the dict of params
> of arbitrary types per the QAPI schema.
> 
> Signed-off-by: Daniel P. Berrange 
> ---
>  hmp-commands.hx   | 15 +
>  hmp.c | 48 ++
>  hmp.h |  1 +
>  migration/migration.c | 14 +
>  qapi-schema.json  | 58 
> ---
>  5 files changed, 133 insertions(+), 3 deletions(-)
> 
> diff --git a/hmp-commands.hx b/hmp-commands.hx
> index 664d794..883ef90 100644
> --- a/hmp-commands.hx
> +++ b/hmp-commands.hx
> @@ -1022,6 +1022,21 @@ Set the parameter @var{parameter} for migration.
>  ETEXI
>  
>  {
> +.name   = "migrate_set_str_parameter",
> +.args_type  = "parameter:s,value:s",
> +.params = "parameter value",
> +.help   = "Set the parameter for migration",
> +.mhandler.cmd = hmp_migrate_set_str_parameter,
> +.command_completion = migrate_set_parameter_completion,
> +},
> +
> +STEXI
> +@item migrate_set_str_parameter @var{parameter} @var{value}
> +@findex migrate_set_str_parameter
> +Set the parameter @var{parameter} for migration.
> +ETEXI
> +
> +{
>  .name   = "migrate_start_postcopy",
>  .args_type  = "",
>  .params = "",
> diff --git a/hmp.c b/hmp.c
> index a239e1e..c27c280 100644
> --- a/hmp.c
> +++ b/hmp.c
> @@ -290,6 +290,12 @@ void hmp_info_migrate_parameters(Monitor *mon, const 
> QDict *qdict)
>  monitor_printf(mon, " %s: %" PRId64,
>  
> MigrationParameter_lookup[MIGRATION_PARAMETER_X_CPU_THROTTLE_INCREMENT],
>  params->x_cpu_throttle_increment);
> +monitor_printf(mon, " %s: '%s'",
> +MigrationParameter_lookup[MIGRATION_PARAMETER_TLS_CREDS],
> +params->tls_creds ? : "");
> +monitor_printf(mon, " %s: '%s'",
> +MigrationParameter_lookup[MIGRATION_PARAMETER_TLS_HOSTNAME],
> +params->tls_hostname ? : "");
>  monitor_printf(mon, "\n");
>  }
>  
> @@ -1272,6 +1278,48 @@ void hmp_migrate_set_parameter(Monitor *mon, const 
> QDict *qdict)
> has_decompress_threads, value,
> has_x_cpu_throttle_initial, value,
> has_x_cpu_throttle_increment, value,
> +   false, NULL,
> +   false, NULL,
> +   );
> +break;
> +}
> +}
> +
> +if (i == MIGRATION_PARAMETER__MAX) {
> +error_setg(, QERR_INVALID_PARAMETER, param);
> +}
> +
> +if (err) {
> +error_report_err(err);
> +}
> +}
> +
> +void hmp_migrate_set_str_parameter(Monitor *mon, const QDict *qdict)
> +{
> +const char *param = qdict_get_str(qdict, "parameter");
> +const char *valuestr = qdict_get_str(qdict, "value");
> +Error *err = NULL;
> +bool has_tls_creds = false;
> +bool has_tls_hostname = false;
> +int i;
> +
> +for (i = 0; i < MIGRATION_PARAMETER__MAX; i++) {
> +if (strcmp(param, MigrationParameter_lookup[i]) == 0) {
> +switch (i) {
> +case MIGRATION_PARAMETER_TLS_CREDS:
> +has_tls_creds = true;
> +break;
> +case MIGRATION_PARAMETER_TLS_HOSTNAME:
> +has_tls_hostname = true;
> +break;
> +}
> +qmp_migrate_set_parameters(false, 0,
> +   false, 0,
> +   

Re: [Qemu-devel] [PATCH v2 0/6] external backup api

[Paolo Bonzini]

On 10/03/2016 18:37, Stefan Hajnoczi wrote:
> I suggest giving the new NBD command a "type" argument:
> 0 - SCSI mapped/anchored values according to SCSI Get LBA Status
> 1 - Dirty/clean, useful for incremental backup and other blocking tracking 
> cases
> 
> This way we don't impinge on SCSI semantics and the command can be
> used for both traditional logical block provisioning and dirty bitmap
> info.
> 
> When the NBD export is started in QEMU you can optionally associate it
> with a bitmap.  This bitmap is used to provide type=1 (dirty/clean)
> status information.

Good idea.  The precedent in NBD is to use bits 16..31 of the command
for flags, so it could go there.

Paolo

[Qemu-devel] [PATCH v1] hw: fix error reporting for missing option ROMs

[Daniel P. Berrange]

If QEMU fails to load any of the VGA ROMs, it prints a message
to stderr and then carries on as if everything was fine, despite
the VGA interface not being functional. This extends the the
rom_add_file() method to accept a 'Error **errp' parameter. The
VGA device realizefn() impls can now pass in the errp they already
have and get errors reported as fatal problems.

Signed-off-by: Daniel P. Berrange 
---
 hw/core/loader.c| 40 +---
 hw/display/cirrus_vga.c |  4 +++-
 hw/display/vga-isa.c|  4 +++-
 hw/i386/pc.c|  4 ++--
 hw/i386/pc_sysfw.c  |  2 +-
 hw/misc/sga.c   |  4 +++-
 hw/pci/pci.c|  8 ++--
 include/hw/loader.h | 16 +---
 8 files changed, 52 insertions(+), 30 deletions(-)

diff --git a/hw/core/loader.c b/hw/core/loader.c
index 8e8031c..010e442 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -142,7 +142,7 @@ int load_image_targphys(const char *filename,
 return -1;
 }
 if (size > 0) {
-rom_add_file_fixed(filename, addr, -1);
+rom_add_file_fixed(filename, addr, -1, NULL);
 }
 return size;
 }
@@ -162,7 +162,7 @@ int load_image_mr(const char *filename, MemoryRegion *mr)
 return -1;
 }
 if (size > 0) {
-if (rom_add_file_mr(filename, mr, -1) < 0) {
+if (rom_add_file_mr(filename, mr, -1, NULL) < 0) {
 return -1;
 }
 }
@@ -831,11 +831,13 @@ static void *rom_set_mr(Rom *rom, Object *owner, const 
char *name)
 
 int rom_add_file(const char *file, const char *fw_dir,
  hwaddr addr, int32_t bootindex,
- bool option_rom, MemoryRegion *mr)
+ bool option_rom, MemoryRegion *mr,
+ Error **errp)
 {
 MachineClass *mc = MACHINE_GET_CLASS(qdev_get_machine());
 Rom *rom;
-int rc, fd = -1;
+int fd = -1;
+ssize_t rc;
 char devpath[100];
 
 rom = g_malloc0(sizeof(*rom));
@@ -847,8 +849,9 @@ int rom_add_file(const char *file, const char *fw_dir,
 
 fd = open(rom->path, O_RDONLY | O_BINARY);
 if (fd == -1) {
-fprintf(stderr, "Could not open option rom '%s': %s\n",
-rom->path, strerror(errno));
+error_setg_errno(errp, errno,
+ "Could not open option rom '%s'",
+ rom->path);
 goto err;
 }
 
@@ -859,8 +862,9 @@ int rom_add_file(const char *file, const char *fw_dir,
 rom->addr = addr;
 rom->romsize  = lseek(fd, 0, SEEK_END);
 if (rom->romsize == -1) {
-fprintf(stderr, "rom: file %-20s: get size error: %s\n",
-rom->name, strerror(errno));
+error_setg_errno(errp, errno,
+ "Could not get size of option rom '%s'",
+ rom->path);
 goto err;
 }
 
@@ -868,9 +872,15 @@ int rom_add_file(const char *file, const char *fw_dir,
 rom->data = g_malloc0(rom->datasize);
 lseek(fd, 0, SEEK_SET);
 rc = read(fd, rom->data, rom->datasize);
-if (rc != rom->datasize) {
-fprintf(stderr, "rom: file %-20s: read error: rc=%d (expected %zd)\n",
-rom->name, rc, rom->datasize);
+if (rc < 0) {
+error_setg_errno(errp, errno,
+ "Could not read option rom '%s'",
+ rom->path);
+goto err;
+} else if (rc != rom->datasize) {
+error_setg_errno(errp, errno,
+ "Short read on option rom '%s' %zd vs %zd",
+ rom->path, rc, rom->datasize);
 goto err;
 }
 close(fd);
@@ -975,14 +985,14 @@ int rom_add_elf_program(const char *name, void *data, 
size_t datasize,
 return 0;
 }
 
-int rom_add_vga(const char *file)
+int rom_add_vga(const char *file, Error **errp)
 {
-return rom_add_file(file, "vgaroms", 0, -1, true, NULL);
+return rom_add_file(file, "vgaroms", 0, -1, true, NULL, errp);
 }
 
-int rom_add_option(const char *file, int32_t bootindex)
+int rom_add_option(const char *file, int32_t bootindex, Error **errp)
 {
-return rom_add_file(file, "genroms", 0, bootindex, true, NULL);
+return rom_add_file(file, "genroms", 0, bootindex, true, NULL, errp);
 }
 
 static void rom_reset(void *unused)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index 57b91a7..7fbb2b0 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -2977,7 +2977,9 @@ static void isa_cirrus_vga_realizefn(DeviceState *dev, 
Error **errp)
isa_address_space(isadev),
isa_address_space_io(isadev));
 s->con = graphic_console_init(dev, 0, s->hw_ops, s);
-rom_add_vga(VGABIOS_CIRRUS_FILENAME);
+if (rom_add_vga(VGABIOS_CIRRUS_FILENAME, errp) < 0) {
+return;
+}
 /* XXX ISA-LFB support */
 /* FIXME not qdev yet */
 }
diff --git a/hw/display/vga-isa.c b/hw/display/vga-isa.c
index f5aff1c..4309ae1 

Re: [Qemu-devel] [PATCH v2 00/18] Multiple fixes & improvements to QIOChannel & Win32

[Paolo Bonzini]

On 10/03/2016 18:26, Daniel P. Berrange wrote:
> This series started out as an attempt to fix the Win32 problems
> identified by Andrew Baumann
> 
>https://lists.gnu.org/archive/html/qemu-devel/2016-03/msg01343.html
> 
> It turned into a significantly larger cleanup of some chardev
> and osdep win32 portability code.
> 
> Patch 1 addresses Andrew's 2nd stated problem - handling of
> getpeername() failures, by fixing errno handling on Win32.
> 
> Patches 2-7 do some fixes in the test-io-channel-socket test
> case so that it is able to run on Win32.
> 
> Patches 8-12 are some fixes for the QIOChannel code
> 
> Patch 13 is the big one that changes QIOChannelSocket so that
> it uses a Win32 specific GSource implementation for creating
> watches. This is the key fix for Andrew's 1st stated problem.
> 
> At this point tests/test-io-channel-socket passes and
> 
>   qemu-system-x86_64.exe  -serial tcp:127.0.0.1:9000,server,nowait -device 
> sga -display non
> 
> works on win32 once more.
> 
> Patches 14-16 are some cleanups to the chardev code to improve
> its clarity. They are not required for fixing any real problem
> 
> Patches 17-18 change the way we provide Win32 portability for
> sockets APIs inside QEMU. These do fix a number of bugs in the
> QEMU code related to mistaken use of errno instead of
> socket_error(). None of these bugs appear to be critical issues.
> 
> Based on this, I'm proposing 1-13 for QEMU 2.6 release as they
> fix critical win32 bugs.
> 
> Patches 14-18 can either be included in 2.6 or 2.7 - I'm
> ambivalent on which, since they're cleanups / minor fixes.

Thanks, please submit all of them in a pull request for 2.6.

We can then clean up EAGAIN vs. EWOULDBLOCK and add a checkpatch rule to
prevent further introduction of EWOULDBLOCK.

Paolo

Re: [Qemu-devel] [PATCH v2 0/6] external backup api

[Stefan Hajnoczi]

On Mon, Feb 29, 2016 at 9:42 AM, Paolo Bonzini  wrote:
>
>
> On 29/02/2016 09:54, Paolo Bonzini wrote:
>>
>>
>> On 29/02/2016 09:14, Markus Armbruster wrote:
>>> I completely agree with you that Get LBA Status cannot just reflect the
>>> top layer.  But that's not what I meant to propose.  Let me try to
>>> explain myself more clearly.
>>>
>>> Consider a QCOW2 image D (for delta) with a backing file B (for base).
>>> If you open it normally, you see "D over B".  Get LBA Status should
>>> certainly claim the "deallocated" state only for blocks that are
>>> allocated neither in D nor B.
>>>
>>> However, you can also open D *without* its backing file.  Then you see
>>> "D over nothing".  Here, get LBA Status should claim "deallocated" state
>>> for anything not allocated in D.
>>
>> Ok, this makes more sense.
>>
>> The question then is whether to implement this NBD server inside QEMU,
>> or outside it as a separate process to which QEMU "pushes" blocks as in
>> the existing backup job.  I would prefer the latter, so that it is
>> possible to implement various APIs (get block status, but also VMware or
>> Parallels or whatever).
>>
>> Basically the same points made in
>> https://lists.gnu.org/archive/html/qemu-devel/2013-03/msg01969.html
>> still apply.
>
> Talked a bit to Fam now and I noted Denis's observation that QEMU would
> still use the backup block job, plus the NBD server as in Fam's
> fleecing.  Then the NBD server is already the push->pull adapter.  It's
> a bit clearer now.
>
> Opening D without backing file still feels a bit weird, because the NBD
> server would provide wrong data for clean blocks.  I would think that a
> "stupid" backup software could always ignore the get LBA status command
> and get a full backup.  Is this a requirement or not, and if not, why?
>
> I don't have any particular opinion against an NBD get LBA status
> command that returns deallocated/allocated _and_ clean/dirty.  But
> reusing one as the other feels like the kind of hack that seems clever
> and that you regret down the road.

I suggest giving the new NBD command a "type" argument:
0 - SCSI mapped/anchored values according to SCSI Get LBA Status
1 - Dirty/clean, useful for incremental backup and other blocking tracking cases

This way we don't impinge on SCSI semantics and the command can be
used for both traditional logical block provisioning and dirty bitmap
info.

When the NBD export is started in QEMU you can optionally associate it
with a bitmap.  This bitmap is used to provide type=1 (dirty/clean)
status information.

Stefan

[Qemu-devel] [PATCH v2 15/18] char: remove socket_try_connect method

[Daniel P. Berrange]

The qemu_chr_open_socket_fd() method multiplexes three different
actions into one method. The socket_try_connect() method is one
of its callers, but it only ever want one specific action
performed. By inlining that action into socket_try_connect()
we see that there is not in fact any failure scenario, so there
is not even any reason for socket_try_connect to exist. Just
inline the asynchronous connection attempts directly at the
places that need them. This shortens & clarifies the code.

Reviewed-by: Paolo Bonzini 
Signed-off-by: Daniel P. Berrange 
---
 qemu-char.c | 25 ++---
 1 file changed, 10 insertions(+), 15 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index fe212b4..1540463 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -3121,10 +3121,6 @@ static bool qemu_chr_open_socket_fd(CharDriverState 
*chr, Error **errp)
 s->listen_ioc = sioc;
 s->listen_tag = qio_channel_add_watch(
 QIO_CHANNEL(s->listen_ioc), G_IO_IN, tcp_chr_accept, chr, NULL);
-} else if (s->reconnect_time) {
-qio_channel_socket_connect_async(sioc, s->addr,
- qemu_chr_socket_connected,
- chr, NULL);
 } else {
 if (qio_channel_socket_connect_sync(sioc, s->addr, errp) < 0) {
 goto fail;
@@ -4248,19 +4244,11 @@ static CharDriverState *qmp_chardev_open_parallel(const 
char *id,
 
 #endif /* WIN32 */
 
-static void socket_try_connect(CharDriverState *chr)
-{
-Error *err = NULL;
-
-if (!qemu_chr_open_socket_fd(chr, )) {
-check_report_connect_error(chr, err);
-}
-}
-
 static gboolean socket_reconnect_timeout(gpointer opaque)
 {
 CharDriverState *chr = opaque;
 TCPCharDriver *s = chr->opaque;
+QIOChannelSocket *sioc;
 
 s->reconnect_timer = 0;
 
@@ -4268,7 +4256,10 @@ static gboolean socket_reconnect_timeout(gpointer opaque)
 return false;
 }
 
-socket_try_connect(chr);
+sioc = qio_channel_socket_new();
+qio_channel_socket_connect_async(sioc, s->addr,
+ qemu_chr_socket_connected,
+ chr, NULL);
 
 return false;
 }
@@ -4288,6 +4279,7 @@ static CharDriverState *qmp_chardev_open_socket(const 
char *id,
 bool is_waitconnect = sock->has_wait? sock->wait: false;
 int64_t reconnect   = sock->has_reconnect ? sock->reconnect : 0;
 ChardevCommon *common = qapi_ChardevSocket_base(sock);
+QIOChannelSocket *sioc = NULL;
 
 chr = qemu_chr_alloc(common, errp);
 if (!chr) {
@@ -4358,7 +4350,10 @@ static CharDriverState *qmp_chardev_open_socket(const 
char *id,
 }
 
 if (s->reconnect_time) {
-socket_try_connect(chr);
+sioc = qio_channel_socket_new();
+qio_channel_socket_connect_async(sioc, s->addr,
+ qemu_chr_socket_connected,
+ chr, NULL);
 } else if (!qemu_chr_open_socket_fd(chr, errp)) {
 goto error;
 }
-- 
2.5.0

[Qemu-devel] [PATCH v2 14/18] char: remove qemu_chr_finish_socket_connection method

[Daniel P. Berrange]

The qemu_chr_finish_socket_connection method is multiplexing two
different actions into one method. Each caller of it though, only
wants one specific action. The code is shorter & clearer if we
thus remove the method and just inline the specific actions
where needed.

Signed-off-by: Daniel P. Berrange 
---
 qemu-char.c | 24 +++-
 1 file changed, 7 insertions(+), 17 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index e0147f3..fe212b4 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -3091,20 +3091,6 @@ static void tcp_chr_close(CharDriverState *chr)
 qemu_chr_be_event(chr, CHR_EVENT_CLOSED);
 }
 
-static void qemu_chr_finish_socket_connection(CharDriverState *chr,
-  QIOChannelSocket *sioc)
-{
-TCPCharDriver *s = chr->opaque;
-
-if (s->is_listen) {
-s->listen_ioc = sioc;
-s->listen_tag = qio_channel_add_watch(
-QIO_CHANNEL(s->listen_ioc), G_IO_IN, tcp_chr_accept, chr, NULL);
-} else {
-tcp_chr_new_client(chr, sioc);
-object_unref(OBJECT(sioc));
-}
-}
 
 static void qemu_chr_socket_connected(Object *src, Error *err, void *opaque)
 {
@@ -3119,7 +3105,8 @@ static void qemu_chr_socket_connected(Object *src, Error 
*err, void *opaque)
 }
 
 s->connect_err_reported = false;
-qemu_chr_finish_socket_connection(chr, sioc);
+tcp_chr_new_client(chr, sioc);
+object_unref(OBJECT(sioc));
 }
 
 static bool qemu_chr_open_socket_fd(CharDriverState *chr, Error **errp)
@@ -3131,7 +3118,9 @@ static bool qemu_chr_open_socket_fd(CharDriverState *chr, 
Error **errp)
 if (qio_channel_socket_listen_sync(sioc, s->addr, errp) < 0) {
 goto fail;
 }
-qemu_chr_finish_socket_connection(chr, sioc);
+s->listen_ioc = sioc;
+s->listen_tag = qio_channel_add_watch(
+QIO_CHANNEL(s->listen_ioc), G_IO_IN, tcp_chr_accept, chr, NULL);
 } else if (s->reconnect_time) {
 qio_channel_socket_connect_async(sioc, s->addr,
  qemu_chr_socket_connected,
@@ -3140,7 +3129,8 @@ static bool qemu_chr_open_socket_fd(CharDriverState *chr, 
Error **errp)
 if (qio_channel_socket_connect_sync(sioc, s->addr, errp) < 0) {
 goto fail;
 }
-qemu_chr_finish_socket_connection(chr, sioc);
+tcp_chr_new_client(chr, sioc);
+object_unref(OBJECT(sioc));
 }
 
 return true;
-- 
2.5.0

[Qemu-devel] [PATCH v2 17/18] osdep: add wrappers for socket functions

[Daniel P. Berrange]

The windows socket functions look identical to the normal POSIX
sockets functions, but instead of setting errno, the caller needs
to call WSAGetLastError(). QEMU has tried to deal with this
incompatibility by defining a socket_error() method that callers
must use that abstracts the difference between WSAGetLastError()
and errno.

This approach is somewhat error prone though - many callers of
the sockets functions are just using errno directly because it
is easy to forget the need use a QEMU specific wrapper. It is
not always immediately obvious that a particular function will
in fact call into Windows sockets functions, so the dev may not
even realize they need to use socket_error().

This introduces an alternative approach to portability inspired
by the way GNULIB fixes portability problems. We use a macro to
redefine the original socket function names to refer to a QEMU
wrapper function. The wrapper function calls the original Win32
sockets method and then sets errno from the WSAGetLastError()
value.

Thus all code can simply call the normal POSIX sockets APIs are
have standard errno reporting on error, even on Windows. This
makes the socket_error() method obsolete.

We also bring closesocket & ioctlsocket into this approach. Even
though they are non-standard Win32 names, we can't wrap the normal
close/ioctl methods since there's no reliable way to distinguish
between a file descriptor and HANDLE in Win32.

Signed-off-by: Daniel P. Berrange 
---
 Makefile  |   4 +-
 include/qemu/sockets.h|  14 
 include/sysemu/os-posix.h |   9 +++
 include/sysemu/os-win32.h |  79 ++
 linux-user/flatload.c |   1 -
 slirp/slirp.h |   2 -
 util/oslib-win32.c| 201 ++
 7 files changed, 291 insertions(+), 19 deletions(-)

diff --git a/Makefile b/Makefile
index 70e3ebc..1d076a9 100644
--- a/Makefile
+++ b/Makefile
@@ -238,7 +238,7 @@ qemu-img$(EXESUF): qemu-img.o $(block-obj-y) 
$(crypto-obj-y) $(io-obj-y) $(qom-o
 qemu-nbd$(EXESUF): qemu-nbd.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) 
$(qom-obj-y) libqemuutil.a libqemustub.a
 qemu-io$(EXESUF): qemu-io.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) 
$(qom-obj-y) libqemuutil.a libqemustub.a
 
-qemu-bridge-helper$(EXESUF): qemu-bridge-helper.o
+qemu-bridge-helper$(EXESUF): qemu-bridge-helper.o libqemuutil.a libqemustub.a
 
 fsdev/virtfs-proxy-helper$(EXESUF): fsdev/virtfs-proxy-helper.o 
fsdev/9p-marshal.o fsdev/9p-iov-marshal.o libqemuutil.a libqemustub.a
 fsdev/virtfs-proxy-helper$(EXESUF): LIBS += -lcap
@@ -329,7 +329,7 @@ ifneq ($(EXESUF),)
 qemu-ga: qemu-ga$(EXESUF) $(QGA_VSS_PROVIDER) $(QEMU_GA_MSI)
 endif
 
-ivshmem-client$(EXESUF): $(ivshmem-client-obj-y)
+ivshmem-client$(EXESUF): $(ivshmem-client-obj-y) libqemuutil.a libqemustub.a
$(call LINK, $^)
 ivshmem-server$(EXESUF): $(ivshmem-server-obj-y) libqemuutil.a libqemustub.a
$(call LINK, $^)
diff --git a/include/qemu/sockets.h b/include/qemu/sockets.h
index 49499f2..1bd9218 100644
--- a/include/qemu/sockets.h
+++ b/include/qemu/sockets.h
@@ -3,23 +3,9 @@
 #define QEMU_SOCKET_H
 
 #ifdef _WIN32
-#include 
-#include 
-#include 
 
 int inet_aton(const char *cp, struct in_addr *ia);
 
-#else
-
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#define closesocket(s) close(s)
-
 #endif /* !_WIN32 */
 
 #include "qapi-types.h"
diff --git a/include/sysemu/os-posix.h b/include/sysemu/os-posix.h
index e9fec2e..53fac98 100644
--- a/include/sysemu/os-posix.h
+++ b/include/sysemu/os-posix.h
@@ -26,6 +26,12 @@
 #ifndef QEMU_OS_POSIX_H
 #define QEMU_OS_POSIX_H
 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
 
 void os_set_line_buffering(void);
 void os_set_proc_name(const char *s);
@@ -36,6 +42,9 @@ int os_mlock(void);
 
 #define socket_error() errno
 
+#define closesocket(s) close(s)
+#define ioctlsocket(s, r, v) ioctl(s, r, v)
+
 typedef struct timeval qemu_timeval;
 #define qemu_gettimeofday(tp) gettimeofday(tp, NULL)
 
diff --git a/include/sysemu/os-win32.h b/include/sysemu/os-win32.h
index 239771d..6905066 100644
--- a/include/sysemu/os-win32.h
+++ b/include/sysemu/os-win32.h
@@ -28,6 +28,7 @@
 
 #include 
 #include 
+#include 
 
 #if defined(_WIN64)
 /* On w64, setjmp is implemented by _setjmp which needs a second parameter.
@@ -104,4 +105,82 @@ static inline char *realpath(const char *path, char 
*resolved_path)
 return resolved_path;
 }
 
+
+/* We wrap all the sockets functions so that we can
+ * set errno based on WSAGetLastError()
+ */
+
+#undef connect
+#define connect qemu_connect_wrap
+int qemu_connect_wrap(int sockfd, const struct sockaddr *addr,
+  socklen_t addrlen);
+
+#undef listen
+#define listen qemu_listen_wrap
+int qemu_listen_wrap(int sockfd, int backlog);
+
+#undef bind
+#define bind qemu_bind_wrap
+int qemu_bind_wrap(int sockfd, const struct sockaddr *addr,
+   socklen_t addrlen);
+
+#undef 

[Qemu-devel] [PATCH v2 04/18] io: bind to socket before creating QIOChannelSocket

[Daniel P. Berrange]

In the QIOChannelSocket test we create a socket file
descriptor and then try to create a QIOChannelSocket.
This works on Linux, but fails on Win32 because it is
not valid to call getsockname() on an unbound socket.

Reviewed-by: Paolo Bonzini 
Signed-off-by: Daniel P. Berrange 
---
 tests/test-io-channel-socket.c | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/tests/test-io-channel-socket.c b/tests/test-io-channel-socket.c
index f226e47..4c16da1 100644
--- a/tests/test-io-channel-socket.c
+++ b/tests/test-io-channel-socket.c
@@ -470,10 +470,20 @@ static void test_io_channel_ipv4_fd(void)
 {
 QIOChannel *ioc;
 int fd = -1;
+struct sockaddr_in sa = {
+.sin_family = AF_INET,
+.sin_addr = {
+.s_addr =  htonl(INADDR_LOOPBACK),
+}
+/* Leave port unset for auto-assign */
+};
+socklen_t salen = sizeof(sa);
 
 fd = socket(AF_INET, SOCK_STREAM, 0);
 g_assert_cmpint(fd, >, -1);
 
+g_assert_cmpint(bind(fd, (struct sockaddr *), salen), ==, 0);
+
 ioc = qio_channel_new_fd(fd, _abort);
 
 g_assert_cmpstr(object_get_typename(OBJECT(ioc)),
-- 
2.5.0

[Qemu-devel] [PATCH v2 10/18] io: introduce qio_channel_create_socket_watch

[Daniel P. Berrange]

From: Paolo Bonzini 

Sockets are not in the same namespace as file descriptors on Windows.
As an initial step, introduce separate APIs for file descriptor and
socket watches.

Signed-off-by: Paolo Bonzini 
---
 include/io/channel-watch.h | 20 +++-
 io/channel-socket.c|  6 +++---
 io/channel-watch.c | 15 +++
 3 files changed, 37 insertions(+), 4 deletions(-)

diff --git a/include/io/channel-watch.h b/include/io/channel-watch.h
index 656358a..76d7642 100644
--- a/include/io/channel-watch.h
+++ b/include/io/channel-watch.h
@@ -39,7 +39,7 @@
  * monitor the file descriptor @fd for the
  * I/O conditions in @condition. This is able
  * monitor block devices, character devices,
- * sockets, pipes but not plain files.
+ * pipes but not plain files or, on Win32, sockets.
  *
  * Returns: the new main loop source
  */
@@ -48,6 +48,24 @@ GSource *qio_channel_create_fd_watch(QIOChannel *ioc,
  GIOCondition condition);
 
 /**
+ * qio_channel_create_socket_watch:
+ * @ioc: the channel object
+ * @fd: the file descriptor
+ * @condition: the I/O condition
+ *
+ * Create a new main loop source that is able to
+ * monitor the file descriptor @fd for the
+ * I/O conditions in @condition. This is equivalent
+ * to qio_channel_create_fd_watch on POSIX systems
+ * but not on Windows.
+ *
+ * Returns: the new main loop source
+ */
+GSource *qio_channel_create_socket_watch(QIOChannel *ioc,
+ int fd,
+ GIOCondition condition);
+
+/**
  * qio_channel_create_fd_pair_watch:
  * @ioc: the channel object
  * @fdread: the file descriptor for reading
diff --git a/io/channel-socket.c b/io/channel-socket.c
index 5f087e6..775bb9f 100644
--- a/io/channel-socket.c
+++ b/io/channel-socket.c
@@ -714,9 +714,9 @@ static GSource *qio_channel_socket_create_watch(QIOChannel 
*ioc,
 GIOCondition condition)
 {
 QIOChannelSocket *sioc = QIO_CHANNEL_SOCKET(ioc);
-return qio_channel_create_fd_watch(ioc,
-   sioc->fd,
-   condition);
+return qio_channel_create_socket_watch(ioc,
+   sioc->fd,
+   condition);
 }
 
 static void qio_channel_socket_class_init(ObjectClass *klass,
diff --git a/io/channel-watch.c b/io/channel-watch.c
index 5373605..dfac8f8 100644
--- a/io/channel-watch.c
+++ b/io/channel-watch.c
@@ -172,6 +172,21 @@ GSource *qio_channel_create_fd_watch(QIOChannel *ioc,
 return source;
 }
 
+#ifdef CONFIG_WIN32
+GSource *qio_channel_create_socket_watch(QIOChannel *ioc,
+ int socket,
+ GIOCondition condition)
+{
+abort();
+}
+#else
+GSource *qio_channel_create_socket_watch(QIOChannel *ioc,
+ int socket,
+ GIOCondition condition)
+{
+return qio_channel_create_fd_watch(ioc, socket, condition);
+}
+#endif
 
 GSource *qio_channel_create_fd_pair_watch(QIOChannel *ioc,
   int fdread,
-- 
2.5.0

Re: [Qemu-devel] [PATCH] Replaced get_ticks_per_sec calls with NANOSECONDS_PER_SECOND

[Paolo Bonzini]

On 10/03/2016 18:22, rutuja shah wrote:
> Hi,
> As there are no callers to get_ticks_per_sec() function, definition of
> this function could be removed completely?

Yes, please.

> diff --git a/backends/baum.c b/backends/baum.c
> index c11320e..20b49f2 100644
> --- a/backends/baum.c
> +++ b/backends/baum.c
> @@ -336,7 +336,7 @@ static int baum_eat_packet(BaumDriverState *baum,
> const uint8_t *buf, int len)
> 
>  /* Allow 100ms to complete the DisplayData packet */
>  timer_mod(baum->cellCount_timer,
> qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
> -   get_ticks_per_sec() / 10);
> +   NANOSECONDS_PER_SECOND / 10);

There is a problem with your patch, probably because you're using gmail;
lines are wrapped (for example the timer_mod line shows as two lines).

You can use the smtp.gmail.com server and git-send-email to avoid this
issue.

Thanks,

Paolo

[Qemu-devel] [PATCH v2 11/18] io: use qemu_accept to ensure SOCK_CLOEXEC is set

[Daniel P. Berrange]

The QIOChannelSocket code mistakenly uses the bare accept()
function which does not set SOCK_CLOEXEC.

Signed-off-by: Daniel P. Berrange 
---
 io/channel-socket.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/io/channel-socket.c b/io/channel-socket.c
index 775bb9f..9b5f2d8 100644
--- a/io/channel-socket.c
+++ b/io/channel-socket.c
@@ -343,8 +343,8 @@ qio_channel_socket_accept(QIOChannelSocket *ioc,
 
  retry:
 trace_qio_channel_socket_accept(ioc);
-cioc->fd = accept(ioc->fd, (struct sockaddr *)>remoteAddr,
-  >remoteAddrLen);
+cioc->fd = qemu_accept(ioc->fd, (struct sockaddr *)>remoteAddr,
+   >remoteAddrLen);
 if (cioc->fd < 0) {
 trace_qio_channel_socket_accept_fail(ioc);
 if (socket_error() == EINTR) {
-- 
2.5.0

[Qemu-devel] [PATCH v2 18/18] osdep: remove use of socket_error() from all code

[Daniel P. Berrange]

Now that QEMU wraps the Win32 sockets methods to automatically
set errno upon failure, there is no reason for callers to use
the socket_error() method. They can rely on accessing errno
even on Win32. Remove all use of socket_error() from general
code, leaving it as a static method in oslib-win32.c only.

Signed-off-by: Daniel P. Berrange 
---
 block/sheepdog.c   |  5 ++---
 include/sysemu/os-posix.h  |  2 --
 include/sysemu/os-win32.h  |  2 --
 io/channel-socket.c| 38 +++---
 migration/qemu-file-unix.c | 14 ++
 migration/tcp.c|  7 +++
 net/socket.c   | 19 ---
 slirp/tcp_input.c  |  4 
 util/oslib-win32.c |  2 +-
 util/qemu-coroutine-io.c   |  6 ++
 util/qemu-sockets.c| 10 +-
 11 files changed, 46 insertions(+), 63 deletions(-)

diff --git a/block/sheepdog.c b/block/sheepdog.c
index 8739acc..05677ed 100644
--- a/block/sheepdog.c
+++ b/block/sheepdog.c
@@ -615,14 +615,13 @@ static coroutine_fn int send_co_req(int sockfd, 
SheepdogReq *hdr, void *data,
 ret = qemu_co_send(sockfd, hdr, sizeof(*hdr));
 if (ret != sizeof(*hdr)) {
 error_report("failed to send a req, %s", strerror(errno));
-ret = -socket_error();
-return ret;
+return -errno;
 }
 
 ret = qemu_co_send(sockfd, data, *wlen);
 if (ret != *wlen) {
-ret = -socket_error();
 error_report("failed to send a req, %s", strerror(errno));
+return -errno;
 }
 
 return ret;
diff --git a/include/sysemu/os-posix.h b/include/sysemu/os-posix.h
index 53fac98..07e3e5a 100644
--- a/include/sysemu/os-posix.h
+++ b/include/sysemu/os-posix.h
@@ -40,8 +40,6 @@ void os_daemonize(void);
 void os_setup_post(void);
 int os_mlock(void);
 
-#define socket_error() errno
-
 #define closesocket(s) close(s)
 #define ioctlsocket(s, r, v) ioctl(s, r, v)
 
diff --git a/include/sysemu/os-win32.h b/include/sysemu/os-win32.h
index 6905066..17aad3b 100644
--- a/include/sysemu/os-win32.h
+++ b/include/sysemu/os-win32.h
@@ -55,8 +55,6 @@ struct tm *gmtime_r(const time_t *timep, struct tm *result);
 struct tm *localtime_r(const time_t *timep, struct tm *result);
 #endif /* CONFIG_LOCALTIME_R */
 
-int socket_error(void);
-
 static inline void os_setup_signal_handling(void) {}
 static inline void os_daemonize(void) {}
 static inline void os_setup_post(void) {}
diff --git a/io/channel-socket.c b/io/channel-socket.c
index ae67ab1..d005070 100644
--- a/io/channel-socket.c
+++ b/io/channel-socket.c
@@ -82,11 +82,11 @@ qio_channel_socket_set_fd(QIOChannelSocket *sioc,
 
 if (getpeername(fd, (struct sockaddr *)>remoteAddr,
 >remoteAddrLen) < 0) {
-if (socket_error() == ENOTCONN) {
+if (errno == ENOTCONN) {
 memset(>remoteAddr, 0, sizeof(sioc->remoteAddr));
 sioc->remoteAddrLen = sizeof(sioc->remoteAddr);
 } else {
-error_setg_errno(errp, socket_error(),
+error_setg_errno(errp, errno,
  "Unable to query remote socket address");
 goto error;
 }
@@ -94,7 +94,7 @@ qio_channel_socket_set_fd(QIOChannelSocket *sioc,
 
 if (getsockname(fd, (struct sockaddr *)>localAddr,
 >localAddrLen) < 0) {
-error_setg_errno(errp, socket_error(),
+error_setg_errno(errp, errno,
  "Unable to query local socket address");
 goto error;
 }
@@ -356,7 +356,7 @@ qio_channel_socket_accept(QIOChannelSocket *ioc,
>remoteAddrLen);
 if (cioc->fd < 0) {
 trace_qio_channel_socket_accept_fail(ioc);
-if (socket_error() == EINTR) {
+if (errno == EINTR) {
 goto retry;
 }
 goto error;
@@ -364,7 +364,7 @@ qio_channel_socket_accept(QIOChannelSocket *ioc,
 
 if (getsockname(cioc->fd, (struct sockaddr *)>localAddr,
 >localAddrLen) < 0) {
-error_setg_errno(errp, socket_error(),
+error_setg_errno(errp, errno,
  "Unable to query local socket address");
 goto error;
 }
@@ -478,14 +478,14 @@ static ssize_t qio_channel_socket_readv(QIOChannel *ioc,
  retry:
 ret = recvmsg(sioc->fd, , sflags);
 if (ret < 0) {
-if (socket_error() == EAGAIN) {
+if (errno == EAGAIN) {
 return QIO_CHANNEL_ERR_BLOCK;
 }
-if (socket_error() == EINTR) {
+if (errno == EINTR) {
 goto retry;
 }
 
-error_setg_errno(errp, socket_error(),
+error_setg_errno(errp, errno,
  "Unable to read from socket");
 return -1;
 }
@@ -537,13 +537,13 @@ static ssize_t qio_channel_socket_writev(QIOChannel *ioc,
  retry:
 ret = sendmsg(sioc->fd, , 0);
 if (ret <= 0) {
-if (socket_error() == EAGAIN) {
+if (errno == EAGAIN) {
  

[Qemu-devel] [PATCH v2 16/18] char: remove qemu_chr_open_socket_fd method

[Daniel P. Berrange]

The qemu_chr_open_socket_fd method takes care of either doing a
synchronous socket connect, or creating a listener socket. Part
of the work when creating the listener socket is to register a
watch for incoming clients. The caller of qemu_chr_open_socket_fd
may not want this watch created, as it might be doing a synchronous
wait for the first client. Rather than passing yet more parameters
into qemu_chr_open_socket_fd to let it handle this, just remove
the qemu_chr_open_socket_fd method an inline its functionality
into the caller. This allows for a clearer control flow and shorter
code.

Signed-off-by: Daniel P. Berrange 
---
 qemu-char.c | 59 ---
 1 file changed, 24 insertions(+), 35 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 1540463..3bf30b5 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -3109,32 +3109,6 @@ static void qemu_chr_socket_connected(Object *src, Error 
*err, void *opaque)
 object_unref(OBJECT(sioc));
 }
 
-static bool qemu_chr_open_socket_fd(CharDriverState *chr, Error **errp)
-{
-TCPCharDriver *s = chr->opaque;
-QIOChannelSocket *sioc = qio_channel_socket_new();
-
-if (s->is_listen) {
-if (qio_channel_socket_listen_sync(sioc, s->addr, errp) < 0) {
-goto fail;
-}
-s->listen_ioc = sioc;
-s->listen_tag = qio_channel_add_watch(
-QIO_CHANNEL(s->listen_ioc), G_IO_IN, tcp_chr_accept, chr, NULL);
-} else {
-if (qio_channel_socket_connect_sync(sioc, s->addr, errp) < 0) {
-goto fail;
-}
-tcp_chr_new_client(chr, sioc);
-object_unref(OBJECT(sioc));
-}
-
-return true;
-
- fail:
-object_unref(OBJECT(sioc));
-return false;
-}
 
 /*/
 /* Ring buffer chardev */
@@ -4349,25 +4323,40 @@ static CharDriverState *qmp_chardev_open_socket(const 
char *id,
 s->reconnect_time = reconnect;
 }
 
+sioc = qio_channel_socket_new();
 if (s->reconnect_time) {
-sioc = qio_channel_socket_new();
 qio_channel_socket_connect_async(sioc, s->addr,
  qemu_chr_socket_connected,
  chr, NULL);
-} else if (!qemu_chr_open_socket_fd(chr, errp)) {
-goto error;
-}
-
-if (is_listen && is_waitconnect) {
-fprintf(stderr, "QEMU waiting for connection on: %s\n",
-chr->filename);
-tcp_chr_accept(QIO_CHANNEL(s->listen_ioc), G_IO_IN, chr);
+} else if (s->is_listen) {
+if (qio_channel_socket_listen_sync(sioc, s->addr, errp) < 0) {
+goto error;
+}
+s->listen_ioc = sioc;
+if (is_waitconnect) {
+fprintf(stderr, "QEMU waiting for connection on: %s\n",
+chr->filename);
+tcp_chr_accept(QIO_CHANNEL(s->listen_ioc), G_IO_IN, chr);
+}
 qio_channel_set_blocking(QIO_CHANNEL(s->listen_ioc), false, NULL);
+if (!s->ioc) {
+s->listen_tag = qio_channel_add_watch(
+QIO_CHANNEL(s->listen_ioc), G_IO_IN, tcp_chr_accept, chr, 
NULL);
+}
+} else {
+if (qio_channel_socket_connect_sync(sioc, s->addr, errp) < 0) {
+goto error;
+}
+tcp_chr_new_client(chr, sioc);
+object_unref(OBJECT(sioc));
 }
 
 return chr;
 
  error:
+if (sioc) {
+object_unref(OBJECT(sioc));
+}
 if (s->tls_creds) {
 object_unref(OBJECT(s->tls_creds));
 }
-- 
2.5.0

[Qemu-devel] [PATCH v2 06/18] io: set correct error object in background reader test thread

[Daniel P. Berrange]

The reader thread was accidentally setting the error pointer
intended for the writer thread. If both threads set errors
this would result in QEMU abort'ing due to the error already
being set.

Reviewed-by: Paolo Bonzini 
Signed-off-by: Daniel P. Berrange 
---
 tests/io-channel-helpers.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/io-channel-helpers.c b/tests/io-channel-helpers.c
index 8440669..d513792 100644
--- a/tests/io-channel-helpers.c
+++ b/tests/io-channel-helpers.c
@@ -132,7 +132,7 @@ static gpointer test_io_thread_reader(gpointer opaque)
 
 if (ret == QIO_CHANNEL_ERR_BLOCK) {
 if (data->blocking) {
-error_setg(>writeerr,
+error_setg(>readerr,
"Unexpected I/O blocking");
 break;
 } else {
-- 
2.5.0

[Qemu-devel] [PATCH v2 12/18] io: remove checking of EWOULDBLOCK

[Daniel P. Berrange]

Since we now canonicalize WSAEWOULDBLOCK into EAGAIN there is
no longer any need to explicitly check EWOULDBLOCK for Win32.

Signed-off-by: Daniel P. Berrange 
---
 io/channel-command.c | 6 ++
 io/channel-file.c| 6 ++
 io/channel-socket.c  | 6 ++
 3 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/io/channel-command.c b/io/channel-command.c
index f53ce0f..604514a 100644
--- a/io/channel-command.c
+++ b/io/channel-command.c
@@ -236,8 +236,7 @@ static ssize_t qio_channel_command_readv(QIOChannel *ioc,
  retry:
 ret = readv(cioc->readfd, iov, niov);
 if (ret < 0) {
-if (errno == EAGAIN ||
-errno == EWOULDBLOCK) {
+if (errno == EAGAIN) {
 return QIO_CHANNEL_ERR_BLOCK;
 }
 if (errno == EINTR) {
@@ -265,8 +264,7 @@ static ssize_t qio_channel_command_writev(QIOChannel *ioc,
  retry:
 ret = writev(cioc->writefd, iov, niov);
 if (ret <= 0) {
-if (errno == EAGAIN ||
-errno == EWOULDBLOCK) {
+if (errno == EAGAIN) {
 return QIO_CHANNEL_ERR_BLOCK;
 }
 if (errno == EINTR) {
diff --git a/io/channel-file.c b/io/channel-file.c
index 19a4325..f28e2b0 100644
--- a/io/channel-file.c
+++ b/io/channel-file.c
@@ -96,8 +96,7 @@ static ssize_t qio_channel_file_readv(QIOChannel *ioc,
  retry:
 ret = readv(fioc->fd, iov, niov);
 if (ret < 0) {
-if (errno == EAGAIN ||
-errno == EWOULDBLOCK) {
+if (errno == EAGAIN) {
 return QIO_CHANNEL_ERR_BLOCK;
 }
 if (errno == EINTR) {
@@ -125,8 +124,7 @@ static ssize_t qio_channel_file_writev(QIOChannel *ioc,
  retry:
 ret = writev(fioc->fd, iov, niov);
 if (ret <= 0) {
-if (errno == EAGAIN ||
-errno == EWOULDBLOCK) {
+if (errno == EAGAIN) {
 return QIO_CHANNEL_ERR_BLOCK;
 }
 if (errno == EINTR) {
diff --git a/io/channel-socket.c b/io/channel-socket.c
index 9b5f2d8..2387d97 100644
--- a/io/channel-socket.c
+++ b/io/channel-socket.c
@@ -466,8 +466,7 @@ static ssize_t qio_channel_socket_readv(QIOChannel *ioc,
  retry:
 ret = recvmsg(sioc->fd, , sflags);
 if (ret < 0) {
-if (socket_error() == EAGAIN ||
-socket_error() == EWOULDBLOCK) {
+if (socket_error() == EAGAIN) {
 return QIO_CHANNEL_ERR_BLOCK;
 }
 if (socket_error() == EINTR) {
@@ -526,8 +525,7 @@ static ssize_t qio_channel_socket_writev(QIOChannel *ioc,
  retry:
 ret = sendmsg(sioc->fd, , 0);
 if (ret <= 0) {
-if (socket_error() == EAGAIN ||
-socket_error() == EWOULDBLOCK) {
+if (socket_error() == EAGAIN) {
 return QIO_CHANNEL_ERR_BLOCK;
 }
 if (socket_error() == EINTR) {
-- 
2.5.0

[Qemu-devel] [PATCH v2 13/18] io: implement socket watch for win32 using WSAEventSelect+select

[Daniel P. Berrange]

From: Paolo Bonzini 

On Win32 we cannot directly poll on socket handles. Instead we
create a Win32 event object and associate the socket handle with
the event. When the event signals readyness we then have to
use select to determine which events are ready. Creating Win32
events is moderately heavyweight, so we don't want todo it
every time we create a GSource, so this associates a single
event with a QIOChannel.

Signed-off-by: Paolo Bonzini 
Signed-off-by: Daniel P. Berrange 
---
 include/io/channel.h |   3 ++
 io/channel-socket.c  |  34 +++---
 io/channel-watch.c   | 126 ++-
 io/channel.c |  14 ++
 4 files changed, 170 insertions(+), 7 deletions(-)

diff --git a/include/io/channel.h b/include/io/channel.h
index 0a1f1ce..d37acd2 100644
--- a/include/io/channel.h
+++ b/include/io/channel.h
@@ -78,6 +78,9 @@ typedef gboolean (*QIOChannelFunc)(QIOChannel *ioc,
 struct QIOChannel {
 Object parent;
 unsigned int features; /* bitmask of QIOChannelFeatures */
+#ifdef _WIN32
+HANDLE event; /* For use with GSource on Win32 */
+#endif
 };
 
 /**
diff --git a/io/channel-socket.c b/io/channel-socket.c
index 2387d97..ae67ab1 100644
--- a/io/channel-socket.c
+++ b/io/channel-socket.c
@@ -55,6 +55,10 @@ qio_channel_socket_new(void)
 ioc = QIO_CHANNEL(sioc);
 ioc->features |= (1 << QIO_CHANNEL_FEATURE_SHUTDOWN);
 
+#ifdef WIN32
+ioc->event = CreateEvent(NULL, FALSE, FALSE, NULL);
+#endif
+
 trace_qio_channel_socket_new(sioc);
 
 return sioc;
@@ -341,6 +345,11 @@ qio_channel_socket_accept(QIOChannelSocket *ioc,
 cioc->remoteAddrLen = sizeof(ioc->remoteAddr);
 cioc->localAddrLen = sizeof(ioc->localAddr);
 
+#ifdef WIN32
+QIO_CHANNEL(cioc)->event = CreateEvent(NULL, FALSE, FALSE, NULL);
+#endif
+
+
  retry:
 trace_qio_channel_socket_accept(ioc);
 cioc->fd = qemu_accept(ioc->fd, (struct sockaddr *)>remoteAddr,
@@ -384,7 +393,10 @@ static void qio_channel_socket_finalize(Object *obj)
 {
 QIOChannelSocket *ioc = QIO_CHANNEL_SOCKET(obj);
 if (ioc->fd != -1) {
-close(ioc->fd);
+#ifdef WIN32
+WSAEventSelect(ioc->fd, NULL, 0);
+#endif
+closesocket(ioc->fd);
 ioc->fd = -1;
 }
 }
@@ -634,6 +646,11 @@ qio_channel_socket_set_blocking(QIOChannel *ioc,
 qemu_set_block(sioc->fd);
 } else {
 qemu_set_nonblock(sioc->fd);
+#ifdef WIN32
+WSAEventSelect(sioc->fd, ioc->event,
+   FD_READ | FD_ACCEPT | FD_CLOSE |
+   FD_CONNECT | FD_WRITE | FD_OOB);
+#endif
 }
 return 0;
 }
@@ -669,13 +686,18 @@ qio_channel_socket_close(QIOChannel *ioc,
 {
 QIOChannelSocket *sioc = QIO_CHANNEL_SOCKET(ioc);
 
-if (closesocket(sioc->fd) < 0) {
+if (sioc->fd != -1) {
+#ifdef WIN32
+WSAEventSelect(sioc->fd, NULL, 0);
+#endif
+if (closesocket(sioc->fd) < 0) {
+sioc->fd = -1;
+error_setg_errno(errp, socket_error(),
+ "Unable to close socket");
+return -1;
+}
 sioc->fd = -1;
-error_setg_errno(errp, socket_error(),
- "Unable to close socket");
-return -1;
 }
-sioc->fd = -1;
 return 0;
 }
 
diff --git a/io/channel-watch.c b/io/channel-watch.c
index dfac8f8..cf1cdff 100644
--- a/io/channel-watch.c
+++ b/io/channel-watch.c
@@ -30,6 +30,20 @@ struct QIOChannelFDSource {
 };
 
 
+#ifdef CONFIG_WIN32
+typedef struct QIOChannelSocketSource QIOChannelSocketSource;
+struct QIOChannelSocketSource {
+GSource parent;
+GPollFD fd;
+QIOChannel *ioc;
+SOCKET socket;
+int revents;
+GIOCondition condition;
+};
+
+#endif
+
+
 typedef struct QIOChannelFDPairSource QIOChannelFDPairSource;
 struct QIOChannelFDPairSource {
 GSource parent;
@@ -82,6 +96,97 @@ qio_channel_fd_source_finalize(GSource *source)
 }
 
 
+#ifdef CONFIG_WIN32
+static gboolean
+qio_channel_socket_source_prepare(GSource *source G_GNUC_UNUSED,
+  gint *timeout)
+{
+*timeout = -1;
+
+return FALSE;
+}
+
+
+/*
+ * NB, this impl only works when the socket is in non-blocking
+ * mode on Win32
+ */
+static gboolean
+qio_channel_socket_source_check(GSource *source)
+{
+static struct timeval tv0;
+
+QIOChannelSocketSource *ssource = (QIOChannelSocketSource *)source;
+WSANETWORKEVENTS ev;
+fd_set rfds, wfds, xfds;
+
+if (!ssource->condition) {
+return 0;
+}
+
+WSAEnumNetworkEvents(ssource->socket, ssource->ioc->event, );
+
+FD_ZERO();
+FD_ZERO();
+FD_ZERO();
+if (ssource->condition & G_IO_IN) {
+FD_SET((SOCKET)ssource->socket, );
+}
+if (ssource->condition & G_IO_OUT) {
+FD_SET((SOCKET)ssource->socket, );
+}
+if (ssource->condition & G_IO_PRI) {
+FD_SET((SOCKET)ssource->socket, );
+}
+ssource->revents = 0;
+ 

[Qemu-devel] [PATCH v2 08/18] io: fix copy+paste mistake in socket error message

[Daniel P. Berrange]

s/write/read/ in the error message reported after
readmsg() fails

Reviewed-by: Paolo Bonzini 
Signed-off-by: Daniel P. Berrange 
---
 io/channel-socket.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/io/channel-socket.c b/io/channel-socket.c
index bf66a78..5f087e6 100644
--- a/io/channel-socket.c
+++ b/io/channel-socket.c
@@ -569,7 +569,7 @@ static ssize_t qio_channel_socket_readv(QIOChannel *ioc,
 goto retry;
 } else {
 error_setg_errno(errp, socket_error(),
- "Unable to write to socket");
+ "Unable to read from socket");
 return -1;
 }
 }
-- 
2.5.0

[Qemu-devel] [PATCH v2 02/18] io: use bind() to check for IPv4/6 availability

[Daniel P. Berrange]

Currently the test-io-channel-socket.c test uses getifaddrs
to see if an IPv4/6 address is present on any host NIC, as
a way to determine if IPv4/6 sockets can be used. This is
problematic because getifaddrs is not available on Win32.

Rather than testing indirectly via getifaddrs, just create
a socket and try to bind() to the loopback address instead.

Reviewed-by: Paolo Bonzini 
Signed-off-by: Daniel P. Berrange 
---
 tests/test-io-channel-socket.c | 79 +-
 1 file changed, 31 insertions(+), 48 deletions(-)

diff --git a/tests/test-io-channel-socket.c b/tests/test-io-channel-socket.c
index 8a34056..6098fee 100644
--- a/tests/test-io-channel-socket.c
+++ b/tests/test-io-channel-socket.c
@@ -22,66 +22,49 @@
 #include "io/channel-socket.h"
 #include "io/channel-util.h"
 #include "io-channel-helpers.h"
-#ifdef HAVE_IFADDRS_H
-#include 
-#endif
 
-static int check_protocol_support(bool *has_ipv4, bool *has_ipv6)
+static int check_bind(struct sockaddr *sa, socklen_t salen, bool *has_proto)
 {
-#ifdef HAVE_IFADDRS_H
-struct ifaddrs *ifaddr = NULL, *ifa;
-struct addrinfo hints = { 0 };
-struct addrinfo *ai = NULL;
-int gaierr;
-
-*has_ipv4 = *has_ipv6 = false;
+int fd;
 
-if (getifaddrs() < 0) {
-g_printerr("Failed to lookup interface addresses: %s\n",
-   strerror(errno));
+fd = socket(sa->sa_family, SOCK_STREAM, 0);
+if (fd < 0) {
 return -1;
 }
 
-for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) {
-if (!ifa->ifa_addr) {
-continue;
-}
-
-if (ifa->ifa_addr->sa_family == AF_INET) {
-*has_ipv4 = true;
-}
-if (ifa->ifa_addr->sa_family == AF_INET6) {
-*has_ipv6 = true;
+if (bind(fd, sa, salen) < 0) {
+close(fd);
+if (errno == EADDRNOTAVAIL) {
+*has_proto = false;
+return 0;
 }
+return -1;
 }
 
-freeifaddrs(ifaddr);
-
-hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG;
-hints.ai_family = AF_INET6;
-hints.ai_socktype = SOCK_STREAM;
-
-gaierr = getaddrinfo("::1", NULL, , );
-if (gaierr != 0) {
-if (gaierr == EAI_ADDRFAMILY ||
-gaierr == EAI_FAMILY ||
-gaierr == EAI_NONAME) {
-*has_ipv6 = false;
-} else {
-g_printerr("Failed to resolve ::1 address: %s\n",
-   gai_strerror(gaierr));
-return -1;
-}
-}
+close(fd);
+*has_proto = true;
+return 0;
+}
 
-freeaddrinfo(ai);
+static int check_protocol_support(bool *has_ipv4, bool *has_ipv6)
+{
+struct sockaddr_in sin = {
+.sin_family = AF_INET,
+.sin_addr = { .s_addr = htonl(INADDR_LOOPBACK) },
+};
+struct sockaddr_in6 sin6 = {
+.sin6_family = AF_INET6,
+.sin6_addr = IN6ADDR_LOOPBACK_INIT,
+};
 
-return 0;
-#else
-*has_ipv4 = *has_ipv6 = false;
+if (check_bind((struct sockaddr *), sizeof(sin), has_ipv4) < 0) {
+return -1;
+}
+if (check_bind((struct sockaddr *), sizeof(sin6), has_ipv6) < 0) {
+return -1;
+}
 
-return -1;
-#endif
+return 0;
 }
 
 
-- 
2.5.0

[Qemu-devel] [PATCH v2 09/18] io: pass HANDLE to g_source_add_poll on Win32

[Daniel P. Berrange]

From: Paolo Bonzini 

Reviewed-by: Daniel P. Berrange 
Signed-off-by: Paolo Bonzini 
---
 io/channel-watch.c | 13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/io/channel-watch.c b/io/channel-watch.c
index 931fa4d..5373605 100644
--- a/io/channel-watch.c
+++ b/io/channel-watch.c
@@ -160,7 +160,11 @@ GSource *qio_channel_create_fd_watch(QIOChannel *ioc,
 
 ssource->condition = condition;
 
+#ifdef CONFIG_WIN32
+ssource->fd.fd = (gint64)_get_osfhandle(fd);
+#else
 ssource->fd.fd = fd;
+#endif
 ssource->fd.events = condition;
 
 g_source_add_poll(source, >fd);
@@ -186,10 +190,15 @@ GSource *qio_channel_create_fd_pair_watch(QIOChannel *ioc,
 
 ssource->condition = condition;
 
+#ifdef CONFIG_WIN32
+ssource->fdread.fd = (gint64)_get_osfhandle(fdread);
+ssource->fdwrite.fd = (gint64)_get_osfhandle(fdwrite);
+#else
 ssource->fdread.fd = fdread;
-ssource->fdread.events = condition & G_IO_IN;
-
 ssource->fdwrite.fd = fdwrite;
+#endif
+
+ssource->fdread.events = condition & G_IO_IN;
 ssource->fdwrite.events = condition & G_IO_OUT;
 
 g_source_add_poll(source, >fdread);
-- 
2.5.0

[Qemu-devel] [PATCH v2 03/18] io: initialize sockets in test program

[Daniel P. Berrange]

The win32 sockets layer requires that socket_init() is called
otherwise nothing will work.

Reviewed-by: Paolo Bonzini 
Signed-off-by: Daniel P. Berrange 
---
 tests/test-io-channel-socket.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/test-io-channel-socket.c b/tests/test-io-channel-socket.c
index 6098fee..f226e47 100644
--- a/tests/test-io-channel-socket.c
+++ b/tests/test-io-channel-socket.c
@@ -489,6 +489,7 @@ int main(int argc, char **argv)
 bool has_ipv4, has_ipv6;
 
 module_call_init(MODULE_INIT_QOM);
+socket_init();
 
 g_test_init(, , NULL);
 
-- 
2.5.0