Re: [PATCH V8 24/39] pci: export export msix_is_pending

2022-06-27 Thread Michael S. Tsirkin
On Wed, Jun 15, 2022 at 07:52:11AM -0700, Steve Sistare wrote:
> Export msix_is_pending for use by cpr.  No functional change.
> 
> Signed-off-by: Steve Sistare 

the subject repeats export twice.
With that fixed:

Acked-by: Michael S. Tsirkin 


> ---
>  hw/pci/msix.c | 2 +-
>  include/hw/pci/msix.h | 1 +
>  2 files changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/hw/pci/msix.c b/hw/pci/msix.c
> index ae9331c..e492ce0 100644
> --- a/hw/pci/msix.c
> +++ b/hw/pci/msix.c
> @@ -64,7 +64,7 @@ static uint8_t *msix_pending_byte(PCIDevice *dev, int 
> vector)
>  return dev->msix_pba + vector / 8;
>  }
>  
> -static int msix_is_pending(PCIDevice *dev, int vector)
> +int msix_is_pending(PCIDevice *dev, unsigned int vector)
>  {
>  return *msix_pending_byte(dev, vector) & msix_pending_mask(vector);
>  }
> diff --git a/include/hw/pci/msix.h b/include/hw/pci/msix.h
> index 4c4a60c..0065354 100644
> --- a/include/hw/pci/msix.h
> +++ b/include/hw/pci/msix.h
> @@ -32,6 +32,7 @@ int msix_present(PCIDevice *dev);
>  bool msix_is_masked(PCIDevice *dev, unsigned vector);
>  void msix_set_pending(PCIDevice *dev, unsigned vector);
>  void msix_clr_pending(PCIDevice *dev, int vector);
> +int msix_is_pending(PCIDevice *dev, unsigned vector);
>  
>  int msix_vector_use(PCIDevice *dev, unsigned vector);
>  void msix_vector_unuse(PCIDevice *dev, unsigned vector);
> -- 
> 1.8.3.1




Re: [PATCH] microvm: turn off io reservations for pcie root ports

2022-06-27 Thread Michael S. Tsirkin
On Thu, Jun 09, 2022 at 09:28:38AM +0200, Gerd Hoffmann wrote:
> On Wed, Jun 08, 2022 at 12:06:17PM -0400, Michael S. Tsirkin wrote:
> > On Fri, Jun 03, 2022 at 10:59:20AM +0200, Gerd Hoffmann wrote:
> > > The pcie host bridge has no io window on microvm,
> > > so io reservations will not work.
> > > 
> > > Signed-off-by: Gerd Hoffmann 
> > 
> > I don't much like overriding user like this. We end up users
> > setting it to silly values and then if we do want to
> > support this things just break. Thoughts?
> 
> Well, it just looked like the simplest way to tell the firmware that
> io reservations are pointless.  Do you have a better idea?
> 
> take care,
>   Gerd

Fail if user supplies values we can't support.

-- 
MST




Re: [PATCH 11/12] acpi/tests/bits: add README file for bits qtests

2022-06-27 Thread Michael S. Tsirkin
On Mon, Jun 27, 2022 at 12:58:55PM +0530, Ani Sinha wrote:
> The README file is added describing the directory structure and the purpose
> of every file it contains. It also describes how to add new tests, make 
> changes
> to existing tests or bits config files or regenerate the bits software.
> 
> Signed-off-by: Ani Sinha 
> ---
>  tests/qtest/acpi-bits/README | 168 +++
>  1 file changed, 168 insertions(+)
>  create mode 100644 tests/qtest/acpi-bits/README
> 
> diff --git a/tests/qtest/acpi-bits/README b/tests/qtest/acpi-bits/README
> new file mode 100644
> index 00..97b15f1665
> --- /dev/null
> +++ b/tests/qtest/acpi-bits/README
> @@ -0,0 +1,168 @@
> +=
> +ACPI/SMBIOS QTESTS USING BIOSBITS
> +=
> +
> +Biosbits is a software written by Josh Triplett that can be downloaded by
> +visiting https://biosbits.org/. The github codebase can be found here:
> +https://github.com/biosbits/bits/tree/master. It is a software that exercizes
> +the bios components such as acpi and smbios tables directly through acpica
> +bios interpreter (a freely available C based library written by Intel,
> +downloadable from https://acpica.org/ and is included with biosbits) without 
> an
> +operating system getting involved in between.
> +There are several advantages to directly testing the bios in a real physical
> +machine or VM as opposed to indirectly discovering bios issues through the
> +operating system. For one thing, the OSes tend to hide bios problems from the
> +end user. The other is that we have more control of what we wanted to test
> +and how by directly using acpica interpreter on top of the bios on a running
> +system. More details on the inspiration for developing biosbits and its real
> +life uses can be found in (a) and (b).
> +This directory contains QEMU qtests written in python that exercizes the QEMU
> +bios components using biosbits and reports test failures.
> +
> +These tests use python virtual environment. In debian/ubuntu system, the 
> tests
> +would require python3.8-venv and python3-pip packages to be installed.

Why do we mess with venv and pip? Certainly possible but
what's wrong with using distro provided packages?

> +
> +A brief description of the contents of this directory follows:
> +
> +├── acpi-bits-test.py
> +├── acpi-bits-test-venv.sh
> +├── bits-config
> +│   ├── bits-cfg.txt
> +│   └── meson.build
> +├── bits-tests
> +│   ├── meson.build
> +│   ├── smbios.py
> +│   ├── smilatency.py
> +│   ├── testacpi.py
> +│   └── testcpuid.py
> +├── meson.build
> +├── prebuilt
> +│   ├── bits-2095-grub.tar.gz
> +│   ├── bits-2095.zip
> +│   └── meson.build
> +├── README
> +└── requirements.txt
> +
> +acpi-bits:
> + - acpi-bits-test-venv.sh: This is a shell script that sets up the virtual
> +   environment necessary for the actual python test script to run. Amongst
> +   other things, it makes sure that QEMU python library is available within
> +   that venv so that QEMU machines can be forked. QEMU python library can be
> +   found within python/ directory in QEMU source.
> +   After setting up the virtual environment, it runs the python test script
> +   from within that environment.
> +   If you want to enable verbose mode only for bits test and run make check,
> +   one trick is to add V=1 before the call to execute the python script in
> +   this file.
> + - acpi-bits-test.py: This is the main python test script that generates a
> +   biosbits iso. It then spawns a QEMU VM with it, collects the logs and 
> reports
> +   test failures. This is the script one would be interested in if they 
> wanted
> +   to add or change some component of the log parsing, add a new commandline 
> to
> +   how QEMU is spawned etc. Test writers typically would not need to modify
> +   this script unless they wanted to enhance or change the log parsing for
> +   their tests.
> + - requirements.txt: This text file contains the dependent python libraries
> +   needed for the tests to run. If a new dependent library is needed, it 
> would
> +   be added here as a new entry and then acpi-bits-test-venv.sh would install
> +   it when setting up the python virtual environment using pip.
> + - README: This text file.
> +
> +acpi-bits/bits-config:
> +   This location contains biosbits config files that determine how the 
> software
> +   runs the tests.
> + - bits-config.txt: this is the biosbits config file that determines what 
> tests
> +   or actions are performed by bits. The description of the config options 
> are
> +   provided in the file itself.
> +
> +acpi-bits/prebuilt:
> +   This location contains prebuilt biosbits binaries that are used to 
> generate
> +   the bits iso file for testing.
> + - bits-2095.zip: The contents from this zip archive are the main contents of
> +the iso file that are used for testing. This 

Re: [PATCH 2/2] hw/i386/xen/xen-hvm: Inline xen_piix_pci_write_config_client() and remove it

2022-06-26 Thread Michael S. Tsirkin
On Sun, Jun 26, 2022 at 11:46:56AM +0200, Bernhard Beschow wrote:
> xen_piix_pci_write_config_client() is implemented in the xen sub tree and
> uses PIIX constants internally, thus creating a direct dependency on
> PIIX. Now that xen_set_pci_link_route() is stubbable, the logic of
> xen_piix_pci_write_config_client() can be moved to PIIX which resolves
> the dependency.
> 
> Signed-off-by: Bernhard Beschow 

Fine by me

Acked-by: Michael S. Tsirkin 

> ---
>  hw/i386/xen/xen-hvm.c | 18 --
>  hw/isa/piix3.c| 15 ++-
>  include/hw/xen/xen.h  |  1 -
>  stubs/xen-hw-stub.c   |  4 
>  4 files changed, 14 insertions(+), 24 deletions(-)
> 
> diff --git a/hw/i386/xen/xen-hvm.c b/hw/i386/xen/xen-hvm.c
> index 204fda7949..e4293d6d66 100644
> --- a/hw/i386/xen/xen-hvm.c
> +++ b/hw/i386/xen/xen-hvm.c
> @@ -15,7 +15,6 @@
>  #include "hw/pci/pci.h"
>  #include "hw/pci/pci_host.h"
>  #include "hw/i386/pc.h"
> -#include "hw/southbridge/piix.h"
>  #include "hw/irq.h"
>  #include "hw/hw.h"
>  #include "hw/i386/apic-msidef.h"
> @@ -149,23 +148,6 @@ void xen_piix3_set_irq(void *opaque, int irq_num, int 
> level)
> irq_num & 3, level);
>  }
>  
> -void xen_piix_pci_write_config_client(uint32_t address, uint32_t val, int 
> len)
> -{
> -int i;
> -
> -/* Scan for updates to PCI link routes (0x60-0x63). */
> -for (i = 0; i < len; i++) {
> -uint8_t v = (val >> (8 * i)) & 0xff;
> -if (v & 0x80) {
> -v = 0;
> -}
> -v &= 0xf;
> -if (((address + i) >= PIIX_PIRQCA) && ((address + i) <= 
> PIIX_PIRQCD)) {
> -xen_set_pci_link_route(address + i - PIIX_PIRQCA, v);
> -}
> -}
> -}
> -
>  int xen_set_pci_link_route(uint8_t link, uint8_t irq)
>  {
>  return xendevicemodel_set_pci_link_route(xen_dmod, xen_domid, link, irq);
> diff --git a/hw/isa/piix3.c b/hw/isa/piix3.c
> index 6388558f92..48f9ab1096 100644
> --- a/hw/isa/piix3.c
> +++ b/hw/isa/piix3.c
> @@ -138,7 +138,20 @@ static void piix3_write_config(PCIDevice *dev,
>  static void piix3_write_config_xen(PCIDevice *dev,
> uint32_t address, uint32_t val, int len)
>  {
> -xen_piix_pci_write_config_client(address, val, len);
> +int i;
> +
> +/* Scan for updates to PCI link routes (0x60-0x63). */
> +for (i = 0; i < len; i++) {
> +uint8_t v = (val >> (8 * i)) & 0xff;
> +if (v & 0x80) {
> +v = 0;
> +}
> +v &= 0xf;
> +if (((address + i) >= PIIX_PIRQCA) && ((address + i) <= 
> PIIX_PIRQCD)) {
> +xen_set_pci_link_route(address + i - PIIX_PIRQCA, v);
> +}
> +}
> +
>  piix3_write_config(dev, address, val, len);
>  }
>  
> diff --git a/include/hw/xen/xen.h b/include/hw/xen/xen.h
> index 13bffaef53..afdf9c436a 100644
> --- a/include/hw/xen/xen.h
> +++ b/include/hw/xen/xen.h
> @@ -23,7 +23,6 @@ extern bool xen_domid_restrict;
>  int xen_pci_slot_get_pirq(PCIDevice *pci_dev, int irq_num);
>  int xen_set_pci_link_route(uint8_t link, uint8_t irq);
>  void xen_piix3_set_irq(void *opaque, int irq_num, int level);
> -void xen_piix_pci_write_config_client(uint32_t address, uint32_t val, int 
> len);
>  void xen_hvm_inject_msi(uint64_t addr, uint32_t data);
>  int xen_is_pirq_msi(uint32_t msi_data);
>  
> diff --git a/stubs/xen-hw-stub.c b/stubs/xen-hw-stub.c
> index 743967623f..34a22f2ad7 100644
> --- a/stubs/xen-hw-stub.c
> +++ b/stubs/xen-hw-stub.c
> @@ -19,10 +19,6 @@ void xen_piix3_set_irq(void *opaque, int irq_num, int 
> level)
>  {
>  }
>  
> -void xen_piix_pci_write_config_client(uint32_t address, uint32_t val, int 
> len)
> -{
> -}
> -
>  int xen_set_pci_link_route(uint8_t link, uint8_t irq)
>  {
>  return -1;
> -- 
> 2.36.1




Re: [PATCH] hw/i386: Add unaccepted memory configuration

2022-06-21 Thread Michael S. Tsirkin
On Tue, Jun 21, 2022 at 07:37:02AM +0200, Gerd Hoffman wrote:
> On Mon, Jun 20, 2022 at 10:33:00PM +, Dionna Glaze wrote:
> > For SEV-SNP, an OS is "SEV-SNP capable" without supporting this UEFI
> > v2.9 memory type. In order for OVMF to be able to avoid pre-validating
> > potentially hundreds of gibibytes of data before booting, it needs to
> > know if the guest OS can support its use of the new type of memory in
> > the memory map.
> 
> I think this should be wired up via sev-guest object (see
> SevGuestProperties in qapi/qom.json and target/i386/sev.c),
> i.e.
> 
> qemu -object sev-guest,accept-all-memory=true,$args
> 
> (and likewise for -object tdx-guest once merged).
> 
> take care,
>   Gerd

Right. As written the patch would allow the flag without SEV-SNP too -
but does it make any sense outside SEV-SNP? It's better not to allow
flag combinations that make no sense since they tend to
become part of ABI that we then need to support.

-- 
MST




Re: [PATCH] virtio-iommu: Fix the partial copy of probe request

2022-06-16 Thread Michael S. Tsirkin
On Fri, Jun 17, 2022 at 11:43:48AM +0800, Zhenzhong Duan wrote:
> The structure of probe request doesn't include the tail, this lead to
> a few field is missed to be copied. Currently this isn't an issue as
> those missed field belong to reserved field, just in case reserved
> field will be used in the future.
> 
> By this chance, also remove a few useless code.

I think this code is there to future proof in case more fields are
added. Please just post a bugfix patch. Also a Fixes tag can't hurt.
Probably

commit 5442b854eaf921588e24d5711640ab71e59cb1b8
Author: Eric Auger 
Date:   Fri Feb 14 14:27:37 2020 +0100

virtio-iommu: Decode the command payload


Thanks!

> Signed-off-by: Zhenzhong Duan 
> ---
>  hw/virtio/virtio-iommu.c | 8 +++-
>  1 file changed, 3 insertions(+), 5 deletions(-)
> 
> diff --git a/hw/virtio/virtio-iommu.c b/hw/virtio/virtio-iommu.c
> index 7c122ab95780..bc96caf37c0c 100644
> --- a/hw/virtio/virtio-iommu.c
> +++ b/hw/virtio/virtio-iommu.c
> @@ -656,19 +656,16 @@ static int virtio_iommu_probe(VirtIOIOMMU *s,
>uint8_t *buf)
>  {
>  uint32_t ep_id = le32_to_cpu(req->endpoint);
> -size_t free = VIOMMU_PROBE_SIZE;
>  ssize_t count;
>  
>  if (!virtio_iommu_mr(s, ep_id)) {
>  return VIRTIO_IOMMU_S_NOENT;
>  }
>  
> -count = virtio_iommu_fill_resv_mem_prop(s, ep_id, buf, free);
> +count = virtio_iommu_fill_resv_mem_prop(s, ep_id, buf, 
> VIOMMU_PROBE_SIZE);
>  if (count < 0) {
>  return VIRTIO_IOMMU_S_INVAL;
>  }
> -buf += count;
> -free -= count;
>  
>  return VIRTIO_IOMMU_S_OK;
>  }
> @@ -708,7 +705,8 @@ static int virtio_iommu_handle_probe(VirtIOIOMMU *s,
>   uint8_t *buf)
>  {
>  struct virtio_iommu_req_probe req;
> -int ret = virtio_iommu_iov_to_req(iov, iov_cnt, , sizeof(req));
> +int ret = virtio_iommu_iov_to_req(iov, iov_cnt, ,
> +sizeof(req) + sizeof(struct virtio_iommu_req_tail));
>  
>  return ret ? ret : virtio_iommu_probe(s, , buf);
>  }
> -- 
> 2.25.1




[PULL 10/10] acpi/erst: fix fallthrough code upon validation failure

2022-06-16 Thread Michael S. Tsirkin
From: Ani Sinha 

At any step when any validation fail in check_erst_backend_storage(), there is
no need to continue further through other validation checks. Further, by
continuing even when record_size is 0, we run the risk of triggering a divide
by zero error if we continued with other validation checks. Hence, we should
simply return from this function upon validation failure.

CC: Peter Maydell 
CC: Eric DeVolder 
Signed-off-by: Ani Sinha 
Message-Id: <20220513141005.1929422-1-...@anisinha.ca>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
Reviewed-by: Igor Mammedov 
Reviewed-by: Eric DeVolder 
---
 hw/acpi/erst.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hw/acpi/erst.c b/hw/acpi/erst.c
index de509c2b48..df856b2669 100644
--- a/hw/acpi/erst.c
+++ b/hw/acpi/erst.c
@@ -440,6 +440,7 @@ static void check_erst_backend_storage(ERSTDeviceState *s, 
Error **errp)
 (record_size >= 4096) /* PAGE_SIZE */
 )) {
 error_setg(errp, "ERST record_size %u is invalid", record_size);
+return;
 }
 
 /* Validity check header */
@@ -450,6 +451,7 @@ static void check_erst_backend_storage(ERSTDeviceState *s, 
Error **errp)
 (le16_to_cpu(header->reserved) == 0)
 )) {
 error_setg(errp, "ERST backend storage header is invalid");
+return;
 }
 
 /* Check storage_size against record_size */
@@ -457,6 +459,7 @@ static void check_erst_backend_storage(ERSTDeviceState *s, 
Error **errp)
  (record_size > s->storage_size)) {
 error_setg(errp, "ACPI ERST requires storage size be multiple of "
 "record size (%uKiB)", record_size);
+return;
 }
 
 /* Compute offset of first and last record storage slot */
-- 
MST




[PULL 08/10] crypto: Introduce RSA algorithm

2022-06-16 Thread Michael S. Tsirkin
From: zhenwei pi 

There are two parts in this patch:
1, support akcipher service by cryptodev-builtin driver
2, virtio-crypto driver supports akcipher service

In principle, we should separate this into two patches, to avoid
compiling error, merge them into one.

Then virtio-crypto gets request from guest side, and forwards the
request to builtin driver to handle it.

Test with a guest linux:
1, The self-test framework of crypto layer works fine in guest kernel
2, Test with Linux guest(with asym support), the following script
test(note that pkey_XXX is supported only in a newer version of keyutils):
  - both public key & private key
  - create/close session
  - encrypt/decrypt/sign/verify basic driver operation
  - also test with kernel crypto layer(pkey add/query)

All the cases work fine.

Run script in guest:
rm -rf *.der *.pem *.pfx
modprobe pkcs8_key_parser # if CONFIG_PKCS8_PRIVATE_KEY_PARSER=m
rm -rf /tmp/data
dd if=/dev/random of=/tmp/data count=1 bs=20

openssl req -nodes -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -subj 
"/C=CN/ST=BJ/L=HD/O=qemu/OU=dev/CN=qemu/emailAddress=q...@qemu.org"
openssl pkcs8 -in key.pem -topk8 -nocrypt -outform DER -out key.der
openssl x509 -in cert.pem -inform PEM -outform DER -out cert.der

PRIV_KEY_ID=`cat key.der | keyctl padd asymmetric test_priv_key @s`
echo "priv key id = "$PRIV_KEY_ID
PUB_KEY_ID=`cat cert.der | keyctl padd asymmetric test_pub_key @s`
echo "pub key id = "$PUB_KEY_ID

keyctl pkey_query $PRIV_KEY_ID 0
keyctl pkey_query $PUB_KEY_ID 0

echo "Enc with priv key..."
keyctl pkey_encrypt $PRIV_KEY_ID 0 /tmp/data enc=pkcs1 >/tmp/enc.priv
echo "Dec with pub key..."
keyctl pkey_decrypt $PRIV_KEY_ID 0 /tmp/enc.priv enc=pkcs1 >/tmp/dec
cmp /tmp/data /tmp/dec

echo "Sign with priv key..."
keyctl pkey_sign $PRIV_KEY_ID 0 /tmp/data enc=pkcs1 hash=sha1 > /tmp/sig
echo "Verify with pub key..."
keyctl pkey_verify $PRIV_KEY_ID 0 /tmp/data /tmp/sig enc=pkcs1 hash=sha1

echo "Enc with pub key..."
keyctl pkey_encrypt $PUB_KEY_ID 0 /tmp/data enc=pkcs1 >/tmp/enc.pub
echo "Dec with priv key..."
keyctl pkey_decrypt $PRIV_KEY_ID 0 /tmp/enc.pub enc=pkcs1 >/tmp/dec
cmp /tmp/data /tmp/dec

echo "Verify with pub key..."
keyctl pkey_verify $PUB_KEY_ID 0 /tmp/data /tmp/sig enc=pkcs1 hash=sha1

Reviewed-by: Gonglei 
Signed-off-by: lei he 
Message-Id: <20220611064243.24535-2-pizhen...@bytedance.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/virtio/virtio-crypto.h |   5 +-
 include/sysemu/cryptodev.h|  83 ++--
 backends/cryptodev-builtin.c  | 276 ++
 backends/cryptodev-vhost-user.c   |  34 +++-
 backends/cryptodev.c  |  32 ++-
 hw/virtio/virtio-crypto.c | 319 --
 6 files changed, 607 insertions(+), 142 deletions(-)

diff --git a/include/hw/virtio/virtio-crypto.h 
b/include/hw/virtio/virtio-crypto.h
index a2228d7b2e..348749f5d5 100644
--- a/include/hw/virtio/virtio-crypto.h
+++ b/include/hw/virtio/virtio-crypto.h
@@ -50,6 +50,7 @@ typedef struct VirtIOCryptoConf {
 uint32_t mac_algo_l;
 uint32_t mac_algo_h;
 uint32_t aead_algo;
+uint32_t akcipher_algo;
 
 /* Maximum length of cipher key */
 uint32_t max_cipher_key_len;
@@ -71,9 +72,7 @@ typedef struct VirtIOCryptoReq {
 size_t in_len;
 VirtQueue *vq;
 struct VirtIOCrypto *vcrypto;
-union {
-CryptoDevBackendSymOpInfo *sym_op_info;
-} u;
+CryptoDevBackendOpInfo op_info;
 } VirtIOCryptoReq;
 
 typedef struct VirtIOCryptoQueue {
diff --git a/include/sysemu/cryptodev.h b/include/sysemu/cryptodev.h
index f4d4057d4d..37c3a360fd 100644
--- a/include/sysemu/cryptodev.h
+++ b/include/sysemu/cryptodev.h
@@ -50,13 +50,13 @@ typedef struct CryptoDevBackendClient
 
 enum CryptoDevBackendAlgType {
 CRYPTODEV_BACKEND_ALG_SYM,
+CRYPTODEV_BACKEND_ALG_ASYM,
 CRYPTODEV_BACKEND_ALG__MAX,
 };
 
 /**
  * CryptoDevBackendSymSessionInfo:
  *
- * @op_code: operation code (refer to virtio_crypto.h)
  * @cipher_alg: algorithm type of CIPHER
  * @key_len: byte length of cipher key
  * @hash_alg: algorithm type of HASH/MAC
@@ -74,7 +74,6 @@ enum CryptoDevBackendAlgType {
  */
 typedef struct CryptoDevBackendSymSessionInfo {
 /* corresponding with virtio crypto spec */
-uint32_t op_code;
 uint32_t cipher_alg;
 uint32_t key_len;
 uint32_t hash_alg;
@@ -89,11 +88,36 @@ typedef struct CryptoDevBackendSymSessionInfo {
 uint8_t *auth_key;
 } CryptoDevBackendSymSessionInfo;
 
+/**
+ * CryptoDevBackendAsymSessionInfo:
+ */
+typedef struct CryptoDevBackendRsaPara {
+uint32_t padding_algo;
+uint32_t hash_algo;
+} CryptoDevBackendRsaPara;
+
+typedef struct CryptoDevBackendAsymSessionInfo {
+/* corresponding with virtio crypto spec */
+uint32_t algo;
+uint32_t keytype;
+uint32_t keylen;
+uin

[PULL 09/10] vhost: also check queue state in the vhost_dev_set_log error routine

2022-06-16 Thread Michael S. Tsirkin
From: Ni Xun 

When check queue state in the vhost_dev_set_log routine, it miss the error
routine check, this patch also check queue state in error case.

Fixes: 1e5a050f5798 ("check queue state in the vhost_dev_set_log routine")
Signed-off-by: Ni Xun 
Reviewed-by: Zhigang Lu 
Message-Id: 

Reviewed-by: Michael S. Tsirkin 
Acked-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/virtio/vhost.c | 4 
 1 file changed, 4 insertions(+)

diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
index dd3263df56..6c41fa13e3 100644
--- a/hw/virtio/vhost.c
+++ b/hw/virtio/vhost.c
@@ -886,6 +886,10 @@ static int vhost_dev_set_log(struct vhost_dev *dev, bool 
enable_log)
 err_vq:
 for (; i >= 0; --i) {
 idx = dev->vhost_ops->vhost_get_vq_index(dev, dev->vq_index + i);
+addr = virtio_queue_get_desc_addr(dev->vdev, idx);
+if (!addr) {
+continue;
+}
 vhost_virtqueue_set_addr(dev, dev->vqs + i, idx,
  dev->log_enabled);
 }
-- 
MST




[PULL 07/10] virtio-iommu: Add an assert check in translate routine

2022-06-16 Thread Michael S. Tsirkin
From: Zhenzhong Duan 

With address space switch supported, dma access translation only
happen after endpoint is attached to a non-bypass domain.

Signed-off-by: Zhenzhong Duan 
Message-Id: <20220613061010.2674054-4-zhenzhong.d...@intel.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/virtio/virtio-iommu.c | 4 
 1 file changed, 4 insertions(+)

diff --git a/hw/virtio/virtio-iommu.c b/hw/virtio/virtio-iommu.c
index 73d5bde9d1..7c122ab957 100644
--- a/hw/virtio/virtio-iommu.c
+++ b/hw/virtio/virtio-iommu.c
@@ -865,6 +865,10 @@ static IOMMUTLBEntry 
virtio_iommu_translate(IOMMUMemoryRegion *mr, hwaddr addr,
 qemu_rec_mutex_lock(>mutex);
 
 ep = g_tree_lookup(s->endpoints, GUINT_TO_POINTER(sid));
+
+if (bypass_allowed)
+assert(ep && ep->domain && !ep->domain->bypass);
+
 if (!ep) {
 if (!bypass_allowed) {
 error_report_once("%s sid=%d is not known!!", __func__, sid);
-- 
MST




[PULL 05/10] virtio-iommu: Add bypass mode support to assigned device

2022-06-16 Thread Michael S. Tsirkin
From: Zhenzhong Duan 

Currently assigned devices can not work in virtio-iommu bypass mode.
Guest driver fails to probe the device due to DMA failure. And the
reason is because of lacking GPA -> HPA mappings when VM is created.

Add a root container memory region to hold both bypass memory region
and iommu memory region, so the switch between them is supported
just like the implementation in virtual VT-d.

Signed-off-by: Zhenzhong Duan 
Message-Id: <20220613061010.2674054-2-zhenzhong.d...@intel.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/virtio/virtio-iommu.h |   2 +
 hw/virtio/virtio-iommu.c | 115 ++-
 hw/virtio/trace-events   |   1 +
 3 files changed, 116 insertions(+), 2 deletions(-)

diff --git a/include/hw/virtio/virtio-iommu.h b/include/hw/virtio/virtio-iommu.h
index 84391f8448..102eeefa73 100644
--- a/include/hw/virtio/virtio-iommu.h
+++ b/include/hw/virtio/virtio-iommu.h
@@ -37,6 +37,8 @@ typedef struct IOMMUDevice {
 int   devfn;
 IOMMUMemoryRegion  iommu_mr;
 AddressSpace  as;
+MemoryRegion root;  /* The root container of the device */
+MemoryRegion bypass_mr; /* The alias of shared memory MR */
 } IOMMUDevice;
 
 typedef struct IOMMUPciBus {
diff --git a/hw/virtio/virtio-iommu.c b/hw/virtio/virtio-iommu.c
index 2597e166f9..ff718107ee 100644
--- a/hw/virtio/virtio-iommu.c
+++ b/hw/virtio/virtio-iommu.c
@@ -69,6 +69,77 @@ static inline uint16_t virtio_iommu_get_bdf(IOMMUDevice *dev)
 return PCI_BUILD_BDF(pci_bus_num(dev->bus), dev->devfn);
 }
 
+static bool virtio_iommu_device_bypassed(IOMMUDevice *sdev)
+{
+uint32_t sid;
+bool bypassed;
+VirtIOIOMMU *s = sdev->viommu;
+VirtIOIOMMUEndpoint *ep;
+
+sid = virtio_iommu_get_bdf(sdev);
+
+qemu_mutex_lock(>mutex);
+/* need to check bypass before system reset */
+if (!s->endpoints) {
+bypassed = s->config.bypass;
+goto unlock;
+}
+
+ep = g_tree_lookup(s->endpoints, GUINT_TO_POINTER(sid));
+if (!ep || !ep->domain) {
+bypassed = s->config.bypass;
+} else {
+bypassed = ep->domain->bypass;
+}
+
+unlock:
+qemu_mutex_unlock(>mutex);
+return bypassed;
+}
+
+/* Return whether the device is using IOMMU translation. */
+static bool virtio_iommu_switch_address_space(IOMMUDevice *sdev)
+{
+bool use_remapping;
+
+assert(sdev);
+
+use_remapping = !virtio_iommu_device_bypassed(sdev);
+
+trace_virtio_iommu_switch_address_space(pci_bus_num(sdev->bus),
+PCI_SLOT(sdev->devfn),
+PCI_FUNC(sdev->devfn),
+use_remapping);
+
+/* Turn off first then on the other */
+if (use_remapping) {
+memory_region_set_enabled(>bypass_mr, false);
+memory_region_set_enabled(MEMORY_REGION(>iommu_mr), true);
+} else {
+memory_region_set_enabled(MEMORY_REGION(>iommu_mr), false);
+memory_region_set_enabled(>bypass_mr, true);
+}
+
+return use_remapping;
+}
+
+static void virtio_iommu_switch_address_space_all(VirtIOIOMMU *s)
+{
+GHashTableIter iter;
+IOMMUPciBus *iommu_pci_bus;
+int i;
+
+g_hash_table_iter_init(, s->as_by_busptr);
+while (g_hash_table_iter_next(, NULL, (void **)_pci_bus)) {
+for (i = 0; i < PCI_DEVFN_MAX; i++) {
+if (!iommu_pci_bus->pbdev[i]) {
+continue;
+}
+virtio_iommu_switch_address_space(iommu_pci_bus->pbdev[i]);
+}
+}
+}
+
 /**
  * The bus number is used for lookup when SID based operations occur.
  * In that case we lazily populate the IOMMUPciBus array from the bus hash
@@ -213,6 +284,7 @@ static gboolean virtio_iommu_notify_map_cb(gpointer key, 
gpointer value,
 static void virtio_iommu_detach_endpoint_from_domain(VirtIOIOMMUEndpoint *ep)
 {
 VirtIOIOMMUDomain *domain = ep->domain;
+IOMMUDevice *sdev = container_of(ep->iommu_mr, IOMMUDevice, iommu_mr);
 
 if (!ep->domain) {
 return;
@@ -221,6 +293,7 @@ static void 
virtio_iommu_detach_endpoint_from_domain(VirtIOIOMMUEndpoint *ep)
ep->iommu_mr);
 QLIST_REMOVE(ep, next);
 ep->domain = NULL;
+virtio_iommu_switch_address_space(sdev);
 }
 
 static VirtIOIOMMUEndpoint *virtio_iommu_get_endpoint(VirtIOIOMMU *s,
@@ -323,12 +396,39 @@ static AddressSpace *virtio_iommu_find_add_as(PCIBus 
*bus, void *opaque,
 
 trace_virtio_iommu_init_iommu_mr(name);
 
+memory_region_init(>root, OBJECT(s), name, UINT64_MAX);
+address_space_init(>as, >root, TYPE_VIRTIO_IOMMU);
+
+/*
+ * Build the IOMMU disabled container with aliases to the
+ * shared MRs.  Note that aliasing to a shared memory region
+ * could help the memory API

[PULL 04/10] virtio/vhost-user: Fix wrong vhost notifier GPtrArray size

2022-06-16 Thread Michael S. Tsirkin
From: Yajun Wu 

In fetch_or_create_notifier, idx begins with 0. So the GPtrArray size
should be idx + 1 and g_ptr_array_set_size should be called with idx + 1.

This wrong GPtrArray size causes fetch_or_create_notifier return an invalid
address. Passing this invalid pointer to vhost_user_host_notifier_remove
causes assert fail:

qemu/include/qemu/int128.h:27: int128_get64: Assertion `r == a' failed.
shutting down, reason=crashed

Backends like dpdk-vdpa which sends out vhost notifier requests almost always
hit qemu crash.

Fixes: 503e355465 ("virtio/vhost-user: dynamically assign 
VhostUserHostNotifiers")
Signed-off-by: Yajun Wu 
Acked-by: Parav Pandit 
Change-Id: I87e0f7591ca9a59d210879b260704a2d9e9d6bcd
Message-Id: <20220526034851.683258-1-yaj...@nvidia.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
Reviewed-by: Alex Bennée 
Reviewed-by: Eddie Dong 
---
 hw/virtio/vhost-user.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
index 0594178224..4b9be26e84 100644
--- a/hw/virtio/vhost-user.c
+++ b/hw/virtio/vhost-user.c
@@ -1525,7 +1525,7 @@ static VhostUserHostNotifier 
*fetch_or_create_notifier(VhostUserState *u,
 {
 VhostUserHostNotifier *n = NULL;
 if (idx >= u->notifiers->len) {
-g_ptr_array_set_size(u->notifiers, idx);
+g_ptr_array_set_size(u->notifiers, idx + 1);
 }
 
 n = g_ptr_array_index(u->notifiers, idx);
-- 
MST




[PULL 02/10] pci-bridge/cxl_downstream: Add a CXL switch downstream port

2022-06-16 Thread Michael S. Tsirkin
From: Jonathan Cameron 

Emulation of a simple CXL Switch downstream port.
The Device ID has been allocated for this use.

Signed-off-by: Jonathan Cameron 
Message-Id: <20220616145126.8002-3-jonathan.came...@huawei.com>
Signed-off-by: Michael S. Tsirkin 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/cxl/cxl-host.c  |  43 +-
 hw/pci-bridge/cxl_downstream.c | 249 +
 hw/pci-bridge/meson.build  |   2 +-
 3 files changed, 291 insertions(+), 3 deletions(-)
 create mode 100644 hw/pci-bridge/cxl_downstream.c

diff --git a/hw/cxl/cxl-host.c b/hw/cxl/cxl-host.c
index efa14908d8..483d8eb13f 100644
--- a/hw/cxl/cxl-host.c
+++ b/hw/cxl/cxl-host.c
@@ -129,8 +129,9 @@ static bool cxl_hdm_find_target(uint32_t *cache_mem, hwaddr 
addr,
 
 static PCIDevice *cxl_cfmws_find_device(CXLFixedWindow *fw, hwaddr addr)
 {
-CXLComponentState *hb_cstate;
+CXLComponentState *hb_cstate, *usp_cstate;
 PCIHostState *hb;
+CXLUpstreamPort *usp;
 int rb_index;
 uint32_t *cache_mem;
 uint8_t target;
@@ -164,8 +165,46 @@ static PCIDevice *cxl_cfmws_find_device(CXLFixedWindow 
*fw, hwaddr addr)
 }
 
 d = pci_bridge_get_sec_bus(PCI_BRIDGE(rp))->devices[0];
+if (!d) {
+return NULL;
+}
 
-if (!d || !object_dynamic_cast(OBJECT(d), TYPE_CXL_TYPE3)) {
+if (object_dynamic_cast(OBJECT(d), TYPE_CXL_TYPE3)) {
+return d;
+}
+
+/*
+ * Could also be a switch.  Note only one level of switching currently
+ * supported.
+ */
+if (!object_dynamic_cast(OBJECT(d), TYPE_CXL_USP)) {
+return NULL;
+}
+usp = CXL_USP(d);
+
+usp_cstate = cxl_usp_to_cstate(usp);
+if (!usp_cstate) {
+return NULL;
+}
+
+cache_mem = usp_cstate->crb.cache_mem_registers;
+
+target_found = cxl_hdm_find_target(cache_mem, addr, );
+if (!target_found) {
+return NULL;
+}
+
+d = pcie_find_port_by_pn(_BRIDGE(d)->sec_bus, target);
+if (!d) {
+return NULL;
+}
+
+d = pci_bridge_get_sec_bus(PCI_BRIDGE(d))->devices[0];
+if (!d) {
+return NULL;
+}
+
+if (!object_dynamic_cast(OBJECT(d), TYPE_CXL_TYPE3)) {
 return NULL;
 }
 
diff --git a/hw/pci-bridge/cxl_downstream.c b/hw/pci-bridge/cxl_downstream.c
new file mode 100644
index 00..a361e519d0
--- /dev/null
+++ b/hw/pci-bridge/cxl_downstream.c
@@ -0,0 +1,249 @@
+/*
+ * Emulated CXL Switch Downstream Port
+ *
+ * Copyright (c) 2022 Huawei Technologies.
+ *
+ * Based on xio3130_downstream.c
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "hw/pci/msi.h"
+#include "hw/pci/pcie.h"
+#include "hw/pci/pcie_port.h"
+#include "qapi/error.h"
+
+typedef struct CXLDownStreamPort {
+/*< private >*/
+PCIESlot parent_obj;
+
+/*< public >*/
+CXLComponentState cxl_cstate;
+} CXLDownstreamPort;
+
+#define TYPE_CXL_DSP "cxl-downstream"
+DECLARE_INSTANCE_CHECKER(CXLDownstreamPort, CXL_DSP, TYPE_CXL_DSP)
+
+#define CXL_DOWNSTREAM_PORT_MSI_OFFSET 0x70
+#define CXL_DOWNSTREAM_PORT_MSI_NR_VECTOR 1
+#define CXL_DOWNSTREAM_PORT_EXP_OFFSET 0x90
+#define CXL_DOWNSTREAM_PORT_AER_OFFSET 0x100
+#define CXL_DOWNSTREAM_PORT_DVSEC_OFFSET\
+(CXL_DOWNSTREAM_PORT_AER_OFFSET + PCI_ERR_SIZEOF)
+
+static void latch_registers(CXLDownstreamPort *dsp)
+{
+uint32_t *reg_state = dsp->cxl_cstate.crb.cache_mem_registers;
+uint32_t *write_msk = dsp->cxl_cstate.crb.cache_mem_regs_write_mask;
+
+cxl_component_register_init_common(reg_state, write_msk,
+   CXL2_DOWNSTREAM_PORT);
+}
+
+/* TODO: Look at sharing this code acorss all CXL port types */
+static void cxl_dsp_dvsec_write_config(PCIDevice *dev, uint32_t addr,
+  uint32_t val, int len)
+{
+CXLDownstreamPort *dsp = CXL_DSP(dev);
+CXLComponentState *cxl_cstate = >cxl_cstate;
+
+if (range_contains(_cstate->dvsecs[EXTENSIONS_PORT_DVSEC], addr)) {
+uint8_t *reg = >config[addr];
+addr -= cxl_cstate->dvsecs[EXTENSIONS_PORT_DVSEC].lob;
+if (addr == PORT_CONTROL_OFFSET) {
+if (pci_get_word(reg) & PORT_CONTROL_UNMASK_SBR) {
+/* unmask SBR */
+qemu_log_mask(LOG_UNIMP, "SBR mask control is not 
supported\n");
+}
+if (pci_get_word(reg) & PORT_CONTROL_ALT_MEMID_EN) {
+/* Alt Memory & ID Space Enable */
+qemu_log_mask(LOG_UNIMP,
+  "Alt Memory & ID space is not supported\n");
+
+}
+}
+}
+}
+
+static void cxl_dsp_config_write(PCIDevice *d, uint32_t address,
+ uint32_t val, int len)
+{
+uint16_t slt_ctl,

[PULL 01/10] pci-bridge/cxl_upstream: Add a CXL switch upstream port

2022-06-16 Thread Michael S. Tsirkin
From: Jonathan Cameron 

An initial simple upstream port emulation to allow the creation
of CXL switches. The Device ID has been allocated for this use.

Signed-off-by: Jonathan Cameron 
Message-Id: <20220616145126.8002-2-jonathan.came...@huawei.com>
Signed-off-by: Michael S. Tsirkin 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/cxl/cxl.h |   5 +
 hw/pci-bridge/cxl_upstream.c | 216 +++
 hw/pci-bridge/meson.build|   2 +-
 3 files changed, 222 insertions(+), 1 deletion(-)
 create mode 100644 hw/pci-bridge/cxl_upstream.c

diff --git a/include/hw/cxl/cxl.h b/include/hw/cxl/cxl.h
index 134b295b40..38e0e271d5 100644
--- a/include/hw/cxl/cxl.h
+++ b/include/hw/cxl/cxl.h
@@ -53,4 +53,9 @@ struct CXLHost {
 #define TYPE_PXB_CXL_HOST "pxb-cxl-host"
 OBJECT_DECLARE_SIMPLE_TYPE(CXLHost, PXB_CXL_HOST)
 
+#define TYPE_CXL_USP "cxl-upstream"
+
+typedef struct CXLUpstreamPort CXLUpstreamPort;
+DECLARE_INSTANCE_CHECKER(CXLUpstreamPort, CXL_USP, TYPE_CXL_USP)
+CXLComponentState *cxl_usp_to_cstate(CXLUpstreamPort *usp);
 #endif
diff --git a/hw/pci-bridge/cxl_upstream.c b/hw/pci-bridge/cxl_upstream.c
new file mode 100644
index 00..a83a3e81e4
--- /dev/null
+++ b/hw/pci-bridge/cxl_upstream.c
@@ -0,0 +1,216 @@
+/*
+ * Emulated CXL Switch Upstream Port
+ *
+ * Copyright (c) 2022 Huawei Technologies.
+ *
+ * Based on xio3130_upstream.c
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "hw/pci/msi.h"
+#include "hw/pci/pcie.h"
+#include "hw/pci/pcie_port.h"
+
+#define CXL_UPSTREAM_PORT_MSI_NR_VECTOR 1
+
+#define CXL_UPSTREAM_PORT_MSI_OFFSET 0x70
+#define CXL_UPSTREAM_PORT_PCIE_CAP_OFFSET 0x90
+#define CXL_UPSTREAM_PORT_AER_OFFSET 0x100
+#define CXL_UPSTREAM_PORT_DVSEC_OFFSET \
+(CXL_UPSTREAM_PORT_AER_OFFSET + PCI_ERR_SIZEOF)
+
+typedef struct CXLUpstreamPort {
+/*< private >*/
+PCIEPort parent_obj;
+
+/*< public >*/
+CXLComponentState cxl_cstate;
+} CXLUpstreamPort;
+
+CXLComponentState *cxl_usp_to_cstate(CXLUpstreamPort *usp)
+{
+return >cxl_cstate;
+}
+
+static void cxl_usp_dvsec_write_config(PCIDevice *dev, uint32_t addr,
+   uint32_t val, int len)
+{
+CXLUpstreamPort *usp = CXL_USP(dev);
+
+if (range_contains(>cxl_cstate.dvsecs[EXTENSIONS_PORT_DVSEC], addr)) {
+uint8_t *reg = >config[addr];
+addr -= usp->cxl_cstate.dvsecs[EXTENSIONS_PORT_DVSEC].lob;
+if (addr == PORT_CONTROL_OFFSET) {
+if (pci_get_word(reg) & PORT_CONTROL_UNMASK_SBR) {
+/* unmask SBR */
+qemu_log_mask(LOG_UNIMP, "SBR mask control is not 
supported\n");
+}
+if (pci_get_word(reg) & PORT_CONTROL_ALT_MEMID_EN) {
+/* Alt Memory & ID Space Enable */
+qemu_log_mask(LOG_UNIMP,
+  "Alt Memory & ID space is not supported\n");
+}
+}
+}
+}
+
+static void cxl_usp_write_config(PCIDevice *d, uint32_t address,
+ uint32_t val, int len)
+{
+pci_bridge_write_config(d, address, val, len);
+pcie_cap_flr_write_config(d, address, val, len);
+pcie_aer_write_config(d, address, val, len);
+
+cxl_usp_dvsec_write_config(d, address, val, len);
+}
+
+static void latch_registers(CXLUpstreamPort *usp)
+{
+uint32_t *reg_state = usp->cxl_cstate.crb.cache_mem_registers;
+uint32_t *write_msk = usp->cxl_cstate.crb.cache_mem_regs_write_mask;
+
+cxl_component_register_init_common(reg_state, write_msk,
+   CXL2_UPSTREAM_PORT);
+ARRAY_FIELD_DP32(reg_state, CXL_HDM_DECODER_CAPABILITY, TARGET_COUNT, 8);
+}
+
+static void cxl_usp_reset(DeviceState *qdev)
+{
+PCIDevice *d = PCI_DEVICE(qdev);
+CXLUpstreamPort *usp = CXL_USP(qdev);
+
+pci_bridge_reset(qdev);
+pcie_cap_deverr_reset(d);
+latch_registers(usp);
+}
+
+static void build_dvsecs(CXLComponentState *cxl)
+{
+uint8_t *dvsec;
+
+dvsec = (uint8_t *)&(CXLDVSECPortExtensions){
+.status = 0x1, /* Port Power Management Init Complete */
+};
+cxl_component_create_dvsec(cxl, CXL2_UPSTREAM_PORT,
+   EXTENSIONS_PORT_DVSEC_LENGTH,
+   EXTENSIONS_PORT_DVSEC,
+   EXTENSIONS_PORT_DVSEC_REVID, dvsec);
+dvsec = (uint8_t *)&(CXLDVSECPortFlexBus){
+.cap = 0x27, /* Cache, IO, Mem, non-MLD */
+.ctrl= 0x27, /* Cache, IO, Mem */
+.status  = 0x26, /* same */
+.rcvd_mod_ts_data_phase1 = 0xef, /* WTF? */
+};
+cxl_component_create_dvsec(cxl, CXL2_UPSTREAM_PORT,
+   PCIE_FLEXBUS_PO

[PULL 06/10] virtio-iommu: Use recursive lock to avoid deadlock

2022-06-16 Thread Michael S. Tsirkin
From: Zhenzhong Duan 

When switching address space with mutex lock hold, mapping will be
replayed for assigned device. This will trigger relock deadlock.

Also release the mutex resource in unrealize routine.

Signed-off-by: Zhenzhong Duan 
Message-Id: <20220613061010.2674054-3-zhenzhong.d...@intel.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/virtio/virtio-iommu.h |  2 +-
 hw/virtio/virtio-iommu.c | 20 +++-
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/include/hw/virtio/virtio-iommu.h b/include/hw/virtio/virtio-iommu.h
index 102eeefa73..2ad5ee320b 100644
--- a/include/hw/virtio/virtio-iommu.h
+++ b/include/hw/virtio/virtio-iommu.h
@@ -58,7 +58,7 @@ struct VirtIOIOMMU {
 ReservedRegion *reserved_regions;
 uint32_t nb_reserved_regions;
 GTree *domains;
-QemuMutex mutex;
+QemuRecMutex mutex;
 GTree *endpoints;
 bool boot_bypass;
 };
diff --git a/hw/virtio/virtio-iommu.c b/hw/virtio/virtio-iommu.c
index ff718107ee..73d5bde9d1 100644
--- a/hw/virtio/virtio-iommu.c
+++ b/hw/virtio/virtio-iommu.c
@@ -78,7 +78,7 @@ static bool virtio_iommu_device_bypassed(IOMMUDevice *sdev)
 
 sid = virtio_iommu_get_bdf(sdev);
 
-qemu_mutex_lock(>mutex);
+qemu_rec_mutex_lock(>mutex);
 /* need to check bypass before system reset */
 if (!s->endpoints) {
 bypassed = s->config.bypass;
@@ -93,7 +93,7 @@ static bool virtio_iommu_device_bypassed(IOMMUDevice *sdev)
 }
 
 unlock:
-qemu_mutex_unlock(>mutex);
+qemu_rec_mutex_unlock(>mutex);
 return bypassed;
 }
 
@@ -745,7 +745,7 @@ static void virtio_iommu_handle_command(VirtIODevice *vdev, 
VirtQueue *vq)
 tail.status = VIRTIO_IOMMU_S_DEVERR;
 goto out;
 }
-qemu_mutex_lock(>mutex);
+qemu_rec_mutex_lock(>mutex);
 switch (head.type) {
 case VIRTIO_IOMMU_T_ATTACH:
 tail.status = virtio_iommu_handle_attach(s, iov, iov_cnt);
@@ -774,7 +774,7 @@ static void virtio_iommu_handle_command(VirtIODevice *vdev, 
VirtQueue *vq)
 default:
 tail.status = VIRTIO_IOMMU_S_UNSUPP;
 }
-qemu_mutex_unlock(>mutex);
+qemu_rec_mutex_unlock(>mutex);
 
 out:
 sz = iov_from_buf(elem->in_sg, elem->in_num, 0,
@@ -862,7 +862,7 @@ static IOMMUTLBEntry 
virtio_iommu_translate(IOMMUMemoryRegion *mr, hwaddr addr,
 sid = virtio_iommu_get_bdf(sdev);
 
 trace_virtio_iommu_translate(mr->parent_obj.name, sid, addr, flag);
-qemu_mutex_lock(>mutex);
+qemu_rec_mutex_lock(>mutex);
 
 ep = g_tree_lookup(s->endpoints, GUINT_TO_POINTER(sid));
 if (!ep) {
@@ -946,7 +946,7 @@ static IOMMUTLBEntry 
virtio_iommu_translate(IOMMUMemoryRegion *mr, hwaddr addr,
 trace_virtio_iommu_translate_out(addr, entry.translated_addr, sid);
 
 unlock:
-qemu_mutex_unlock(>mutex);
+qemu_rec_mutex_unlock(>mutex);
 return entry;
 }
 
@@ -1035,7 +1035,7 @@ static void virtio_iommu_replay(IOMMUMemoryRegion *mr, 
IOMMUNotifier *n)
 
 sid = virtio_iommu_get_bdf(sdev);
 
-qemu_mutex_lock(>mutex);
+qemu_rec_mutex_lock(>mutex);
 
 if (!s->endpoints) {
 goto unlock;
@@ -1049,7 +1049,7 @@ static void virtio_iommu_replay(IOMMUMemoryRegion *mr, 
IOMMUNotifier *n)
 g_tree_foreach(ep->domain->mappings, virtio_iommu_remap, mr);
 
 unlock:
-qemu_mutex_unlock(>mutex);
+qemu_rec_mutex_unlock(>mutex);
 }
 
 static int virtio_iommu_notify_flag_changed(IOMMUMemoryRegion *iommu_mr,
@@ -1167,7 +1167,7 @@ static void virtio_iommu_device_realize(DeviceState *dev, 
Error **errp)
 virtio_add_feature(>features, VIRTIO_IOMMU_F_PROBE);
 virtio_add_feature(>features, VIRTIO_IOMMU_F_BYPASS_CONFIG);
 
-qemu_mutex_init(>mutex);
+qemu_rec_mutex_init(>mutex);
 
 s->as_by_busptr = g_hash_table_new_full(NULL, NULL, NULL, g_free);
 
@@ -1195,6 +1195,8 @@ static void virtio_iommu_device_unrealize(DeviceState 
*dev)
 g_tree_destroy(s->endpoints);
 }
 
+qemu_rec_mutex_destroy(>mutex);
+
 virtio_delete_queue(s->req_vq);
 virtio_delete_queue(s->event_vq);
 virtio_cleanup(vdev);
-- 
MST




[PULL 03/10] docs/cxl: Add switch documentation

2022-06-16 Thread Michael S. Tsirkin
From: Jonathan Cameron 

Switches were already introduced, but now we support them update
the documentation to provide an example in diagram and
qemu command line parameter forms.

Signed-off-by: Jonathan Cameron 
Message-Id: <20220616145126.8002-4-jonathan.came...@huawei.com>
Signed-off-by: Michael S. Tsirkin 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 docs/system/devices/cxl.rst | 88 -
 1 file changed, 86 insertions(+), 2 deletions(-)

diff --git a/docs/system/devices/cxl.rst b/docs/system/devices/cxl.rst
index bcbfe8c490..a57e4c4e5c 100644
--- a/docs/system/devices/cxl.rst
+++ b/docs/system/devices/cxl.rst
@@ -118,8 +118,6 @@ and associated component register access via PCI bars.
 
 CXL Switch
 ~~
-Not yet implemented in QEMU.
-
 Here we consider a simple CXL switch with only a single
 virtual hierarchy. Whilst more complex devices exist, their
 visibility to a particular host is generally the same as for
@@ -137,6 +135,10 @@ BARs.  The Upstream Port has the configuration interfaces 
for
 the HDM decoders which route incoming memory accesses to the
 appropriate downstream port.
 
+A CXL switch is created in a similar fashion to PCI switches
+by creating an upstream port (cxl-upstream) and a number of
+downstream ports on the internal switch bus (cxl-downstream).
+
 CXL Memory Devices - Type 3
 ~~~
 CXL type 3 devices use a PCI class code and are intended to be supported
@@ -240,6 +242,62 @@ Notes:
 they will take the Host Physical Addresses of accesses and map
 them to their own local Device Physical Address Space (DPA).
 
+Example topology involving a switch::
+
+  |<--SYSTEM PHYSICAL ADDRESS MAP (1)->|
+  |__   __   __|
+  |   |  | |  | |  |   |
+  |   | CFMW 0   | |  CXL Fixed Memory Window 1   | | CFMW 1   |   |
+  |   | HB0 only | |  Configured to interleave memory | | HB1 only |   |
+  |   |  | |  memory accesses across HB0/HB1  | |  |   |
+  |   |x_| |__| |__|   |
+   | | | |
+   | | | |
+   | | |
+  Interleave Decoder | | |
+   Matches this HB   | | |
+   \_| |_/
+   __|__  _|___
+  | || |
+  | CXL HB 0|| CXL HB 1|
+  | HB IntLv Decoders   || HB IntLv Decoders   |
+  | PCI/CXL Root Bus 0c || PCI/CXL Root Bus 0d |
+  | || |
+  |___x_||_|
+  |  |  |   |
+  |
+   A HB 0 HDM Decoder
+   matches this Port
+   ___|___
+  |  Root Port 0  |
+  |  Appears in   |
+  |  PCI topology |
+  |  As 0c:00.0   |
+  |___x___|
+  |
+  |
+  \_
+|
+|
+---
+   |Switch 0  USP as PCI 0d:00.0   |
+   |USP has HDM decoder which direct traffic to|
+   |appropiate downstream port |
+   |Switch BUS appears as 0e   |
+   |x__|
+|  |   |  |
+|  |   |  |
+   _|_   __|__   __|_   __|___
+   (4)| x | | | || |  |
+  | CXL Type3 0   | | CXL Type3 1 | | CXL type3 2| | CLX Type 3 3 |
+  |   | | | || |  |
+  | PMEM0(Vol LSA)| | PMEM1 (...) | | PMEM2 (...)| | PMEM3 (...)  |
+  | Decoder to go | | | || |  |
+  | from host PA  | | PCI 10:00.0 | | PCI 11:00.0| | PCI 12:00.0  |
+  | to device PA  | | | || |  |
+  | PCI as 0f:00.0| | | || |  |
+  |___| |_| || |__|
+
 Example command lines
 -
 A very simple setup with just one directly attached CXL Type 3 device::
@@ -279,6 +337,32 @@ the CXL Type3 device directly attached (no switches).::
   -device cxl-type3,bus

[PULL 00/10] virtio,pc,pci: fixes,cleanups,features

2022-06-16 Thread Michael S. Tsirkin
The following changes since commit def6fd6c9ce9e00a30cdd0066e0fde206b3f3d2f:

  Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging 
(2022-06-16 07:13:04 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git tags/for_upstream

for you to fetch changes up to 8c97e4deeca9ad791ab369d3879ebfb0267b24ca:

  acpi/erst: fix fallthrough code upon validation failure (2022-06-16 12:54:58 
-0400)


virtio,pc,pci: fixes,cleanups,features

more CXL patches
RSA support for crypto
fixes, cleanups all over the place

Signed-off-by: Michael S. Tsirkin 


Ani Sinha (1):
  acpi/erst: fix fallthrough code upon validation failure

Jonathan Cameron (3):
  pci-bridge/cxl_upstream: Add a CXL switch upstream port
  pci-bridge/cxl_downstream: Add a CXL switch downstream port
  docs/cxl: Add switch documentation

Ni Xun (1):
  vhost: also check queue state in the vhost_dev_set_log error routine

Yajun Wu (1):
  virtio/vhost-user: Fix wrong vhost notifier GPtrArray size

Zhenwei Pi (1):
  crypto: Introduce RSA algorithm

Zhenzhong Duan (3):
  virtio-iommu: Add bypass mode support to assigned device
  virtio-iommu: Use recursive lock to avoid deadlock
  virtio-iommu: Add an assert check in translate routine

 include/hw/cxl/cxl.h  |   5 +
 include/hw/virtio/virtio-crypto.h |   5 +-
 include/hw/virtio/virtio-iommu.h  |   4 +-
 include/sysemu/cryptodev.h|  83 --
 backends/cryptodev-builtin.c  | 276 -
 backends/cryptodev-vhost-user.c   |  34 +++-
 backends/cryptodev.c  |  32 ++--
 hw/acpi/erst.c|   3 +
 hw/cxl/cxl-host.c |  43 -
 hw/pci-bridge/cxl_downstream.c| 249 +
 hw/pci-bridge/cxl_upstream.c  | 216 ++
 hw/virtio/vhost-user.c|   2 +-
 hw/virtio/vhost.c |   4 +
 hw/virtio/virtio-crypto.c | 319 ++
 hw/virtio/virtio-iommu.c  | 135 ++--
 docs/system/devices/cxl.rst   |  88 ++-
 hw/pci-bridge/meson.build |   2 +-
 hw/virtio/trace-events|   1 +
 18 files changed, 1343 insertions(+), 158 deletions(-)
 create mode 100644 hw/pci-bridge/cxl_downstream.c
 create mode 100644 hw/pci-bridge/cxl_upstream.c




Re: [PATCH 4/8] virtio: categorize callbacks in GS

2022-06-16 Thread Michael S. Tsirkin
On Thu, Jun 09, 2022 at 10:37:23AM -0400, Emanuele Giuseppe Esposito wrote:
> All the callbacks below are always running in the main loop.
> 
> The callbacks are the following:
> - start/stop_ioeventfd: these are the callbacks where
>   blk_set_aio_context(iothread) is done, so they are called in the main
>   loop.
> 
> - save and load: called during migration, when VM is stopped from the
>   main loop.
> 
> - reset: before calling this callback, stop_ioeventfd is invoked, so
>   it can only run in the main loop.
> 
> - set_status: going through all the callers we can see it is called
>   from a MemoryRegionOps callback, which always run in the main loop.
> 
> - realize: iothread is not even created yet.
> 
> Signed-off-by: Emanuele Giuseppe Esposito 

Acked-by: Michael S. Tsirkin 


> ---
>  hw/block/virtio-blk.c  | 2 ++
>  hw/virtio/virtio-bus.c | 5 +
>  hw/virtio/virtio-pci.c | 2 ++
>  hw/virtio/virtio.c | 8 
>  4 files changed, 17 insertions(+)
> 
> diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
> index 29a9c53ebc..4e6421c35e 100644
> --- a/hw/block/virtio-blk.c
> +++ b/hw/block/virtio-blk.c
> @@ -1032,6 +1032,8 @@ static void virtio_blk_set_status(VirtIODevice *vdev, 
> uint8_t status)
>  {
>  VirtIOBlock *s = VIRTIO_BLK(vdev);
>  
> +GLOBAL_STATE_CODE();
> +
>  if (!(status & (VIRTIO_CONFIG_S_DRIVER | VIRTIO_CONFIG_S_DRIVER_OK))) {
>  assert(!s->dataplane_started);
>  }
> diff --git a/hw/virtio/virtio-bus.c b/hw/virtio/virtio-bus.c
> index d7ec023adf..0891ddb2ff 100644
> --- a/hw/virtio/virtio-bus.c
> +++ b/hw/virtio/virtio-bus.c
> @@ -23,6 +23,7 @@
>   */
>  
>  #include "qemu/osdep.h"
> +#include "qemu/main-loop.h"
>  #include "qemu/error-report.h"
>  #include "qemu/module.h"
>  #include "qapi/error.h"
> @@ -223,6 +224,8 @@ int virtio_bus_start_ioeventfd(VirtioBusState *bus)
>  VirtioDeviceClass *vdc = VIRTIO_DEVICE_GET_CLASS(vdev);
>  int r;
>  
> +GLOBAL_STATE_CODE();
> +
>  if (!k->ioeventfd_assign || !k->ioeventfd_enabled(proxy)) {
>  return -ENOSYS;
>  }
> @@ -247,6 +250,8 @@ void virtio_bus_stop_ioeventfd(VirtioBusState *bus)
>  VirtIODevice *vdev;
>  VirtioDeviceClass *vdc;
>  
> +GLOBAL_STATE_CODE();
> +
>  if (!bus->ioeventfd_started) {
>  return;
>  }
> diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
> index 0566ad7d00..6798039391 100644
> --- a/hw/virtio/virtio-pci.c
> +++ b/hw/virtio/virtio-pci.c
> @@ -301,6 +301,8 @@ static void virtio_ioport_write(void *opaque, uint32_t 
> addr, uint32_t val)
>  VirtIODevice *vdev = virtio_bus_get_device(>bus);
>  hwaddr pa;
>  
> +GLOBAL_STATE_CODE();
> +
>  switch (addr) {
>  case VIRTIO_PCI_GUEST_FEATURES:
>  /* Guest does not negotiate properly?  We have to assume nothing. */
> diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
> index 5d607aeaa0..2650504dd4 100644
> --- a/hw/virtio/virtio.c
> +++ b/hw/virtio/virtio.c
> @@ -1977,6 +1977,8 @@ int virtio_set_status(VirtIODevice *vdev, uint8_t val)
>  VirtioDeviceClass *k = VIRTIO_DEVICE_GET_CLASS(vdev);
>  trace_virtio_set_status(vdev, val);
>  
> +GLOBAL_STATE_CODE();
> +
>  if (virtio_vdev_has_feature(vdev, VIRTIO_F_VERSION_1)) {
>  if (!(vdev->status & VIRTIO_CONFIG_S_FEATURES_OK) &&
>  val & VIRTIO_CONFIG_S_FEATURES_OK) {
> @@ -2025,6 +2027,8 @@ void virtio_reset(void *opaque)
>  VirtioDeviceClass *k = VIRTIO_DEVICE_GET_CLASS(vdev);
>  int i;
>  
> +GLOBAL_STATE_CODE();
> +
>  virtio_set_status(vdev, 0);
>  if (current_cpu) {
>  /* Guest initiated reset */
> @@ -2882,6 +2886,8 @@ int virtio_save(VirtIODevice *vdev, QEMUFile *f)
>  uint32_t guest_features_lo = (vdev->guest_features & 0x);
>  int i;
>  
> +GLOBAL_STATE_CODE();
> +
>  if (k->save_config) {
>  k->save_config(qbus->parent, f);
>  }
> @@ -3024,6 +3030,8 @@ int virtio_load(VirtIODevice *vdev, QEMUFile *f, int 
> version_id)
>  VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(qbus);
>  VirtioDeviceClass *vdc = VIRTIO_DEVICE_GET_CLASS(vdev);
>  
> +GLOBAL_STATE_CODE();
> +
>  /*
>   * We poison the endianness to ensure it does not get used before
>   * subsections have been loaded.
> -- 
> 2.31.1




Re: [Phishing Risk] [External] Re: [PATCH 4/7] crypto: Add ECDSA key parser

2022-06-16 Thread Michael S. Tsirkin
On Tue, Jun 14, 2022 at 09:43:59AM +0800, 何磊 wrote:
> Hi Philippe, lots of thanks for your review!
> 
> > On Jun 13, 2022, at 10:19 PM, Philippe Mathieu-Daudé  
> > wrote:
> > 
> > On 13/6/22 10:45, Lei He wrote:
> >> Add ECDSA key parser and ECDSA signautre parser.
> >> Signed-off-by: lei he 
> >> ---
> >>  crypto/ecdsakey-builtin.c.inc | 248 
> >> ++
> >>  crypto/ecdsakey.c | 118 
> >>  crypto/ecdsakey.h |  66 +++
> >>  crypto/meson.build|   1 +
> >>  4 files changed, 433 insertions(+)
> >>  create mode 100644 crypto/ecdsakey-builtin.c.inc
> >>  create mode 100644 crypto/ecdsakey.c
> >>  create mode 100644 crypto/ecdsakey.h
> >> diff --git a/crypto/ecdsakey-builtin.c.inc b/crypto/ecdsakey-builtin.c.inc
> >> new file mode 100644
> >> index 00..5da317ec44
> >> --- /dev/null
> >> +++ b/crypto/ecdsakey-builtin.c.inc
> >> @@ -0,0 +1,248 @@
> >> +/*
> >> + * QEMU Crypto akcipher algorithms
> >> + *
> >> + * Copyright (c) 2022 Bytedance
> >> + * Author: lei he 
> >> + *
> >> + * This library is free software; you can redistribute it and/or
> >> + * modify it under the terms of the GNU Lesser General Public
> >> + * License as published by the Free Software Foundation; either
> >> + * version 2.1 of the License, or (at your option) any later version.
> >> + *
> >> + * This library is distributed in the hope that it will be useful,
> >> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> >> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> >> + * Lesser General Public License for more details.
> >> + *
> >> + * You should have received a copy of the GNU Lesser General Public
> >> + * License along with this library; if not, see 
> >> .
> >> + *
> >> + */
> >> +
> >> +#include "der.h"
> >> +#include "ecdsakey.h"
> >> +
> >> +#define QCRYPTO_ECDSA_PUBKEY_FMT_UNCOMPRESSED 0x04
> >> +
> >> +static int extract_mpi(void *ctx, const uint8_t *value,
> >> +   size_t vlen, Error **errp)
> >> +{
> >> +QCryptoAkCipherMPI *mpi = (QCryptoAkCipherMPI *)ctx;
> >> +if (vlen == 0) {
> >> +error_setg(errp, "Empty mpi field");
> >> +return -1;
> > 
> > Functions taking Error* param usually return a boolean.
> 
> It's a good idea to make such functions that only return 0 or -1 return bool 
> directly, but this change 
> will require modification of rsakey related code. If you strongly request it, 
> I will modify it in another patch.
> 
> > 
> >> +}
> >> +mpi->data = g_memdup2(value, vlen);
> >> +mpi->len = vlen;
> >> +return 0;
> >> +}
> >> +
> >> +static int extract_version(void *ctx, const uint8_t *value,
> >> +   size_t vlen, Error **errp)
> >> +{
> >> +uint8_t *version = (uint8_t *)ctx;
> >> +if (vlen != 1 || *value > 1) {
> >> +error_setg(errp, "Invalid rsakey version");
> >> +return -1;
> >> +}
> >> +*version = *value;
> >> +return 0;
> >> +}
> >> +
> >> +static int extract_cons_content(void *ctx, const uint8_t *value,
> >> +size_t vlen, Error **errp)
> >> +{
> >> +const uint8_t **content = (const uint8_t **)ctx;
> >> +if (vlen == 0) {
> >> +error_setg(errp, "Empty sequence");
> >> +return -1;
> >> +}
> >> +*content = value;
> > 
> > You need to check (vlen >= sizeof(uint8_t *)) to avoid overrun.
> 
> The decoder will parse the meta data of ASN1 types and pass the real data 
> part to the callback function. 
> The above statement only saves the starting address of the ‘data part' and 
> does not actually access the 
> data, so there is no need to check the size of vlen. 
> 
> > 
> >> +return 0;
> >> +}
> >> +
> >> +static int __qcrypto_akcipher_builtin_ecdsa_pubkey_parse(
> >> +QCryptoAkCipherECDSAKey *ecdsa,
> >> +const uint8_t *key, size_t keylen, Error **errp);
> > 
> > Why use the reserved __prefix?
> 
> I will fix it later.

expect a new version then




Re: [PATCH v5 3/5] i386/pc: pass pci_hole64_size to pc_memory_init()

2022-06-16 Thread Michael S. Tsirkin
On Thu, Jun 16, 2022 at 03:30:14PM +0200, Igor Mammedov wrote:
> On Fri, 20 May 2022 11:45:30 +0100
> Joao Martins  wrote:
> 
> > Use the pre-initialized pci-host qdev and fetch the
> > pci-hole64-size into pc_memory_init() newly added argument.
> > piix needs a bit of care given all the !pci_enabled()
> > and that the pci_hole64_size is private to i440fx.
> > 
> > This is in preparation to determine that host-phys-bits are
> > enough and for pci-hole64-size to be considered to relocate
> > ram-above-4g to be at 1T (on AMD platforms).
> 
> modulo nit blow
> 
> Reviewed-by: Igor Mammedov 
> 
> > 
> > Signed-off-by: Joao Martins 
> > ---
> >  hw/i386/pc.c | 3 ++-
> >  hw/i386/pc_piix.c| 5 -
> >  hw/i386/pc_q35.c | 8 +++-
> >  hw/pci-host/i440fx.c | 7 +++
> >  include/hw/i386/pc.h | 3 ++-
> >  include/hw/pci-host/i440fx.h | 1 +
> >  6 files changed, 23 insertions(+), 4 deletions(-)
> > 
> > diff --git a/hw/i386/pc.c b/hw/i386/pc.c
> > index f7da1d5dd40d..af52d4ff89ef 100644
> > --- a/hw/i386/pc.c
> > +++ b/hw/i386/pc.c
> > @@ -799,7 +799,8 @@ void xen_load_linux(PCMachineState *pcms)
> >  void pc_memory_init(PCMachineState *pcms,
> >  MemoryRegion *system_memory,
> >  MemoryRegion *rom_memory,
> > -MemoryRegion **ram_memory)
> > +MemoryRegion **ram_memory,
> > +uint64_t pci_hole64_size)
> >  {
> >  int linux_boot, i;
> >  MemoryRegion *option_rom_mr;
> > diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
> > index 12d4a279c793..57bb5b8f2aea 100644
> > --- a/hw/i386/pc_piix.c
> > +++ b/hw/i386/pc_piix.c
> > @@ -91,6 +91,7 @@ static void pc_init1(MachineState *machine,
> >  MemoryRegion *pci_memory;
> >  MemoryRegion *rom_memory;
> >  ram_addr_t lowmem;
> > +uint64_t hole64_size;
> 
> init it to 0 right here to avoid chance of run amok uninitialized variable?


I don't see why we should, compilers seems to be pretty good about warning
about these things nowdays.

> >  DeviceState *i440fx_dev;
> >  
> >  /*
> > @@ -166,10 +167,12 @@ static void pc_init1(MachineState *machine,
> >  memory_region_init(pci_memory, NULL, "pci", UINT64_MAX);
> >  rom_memory = pci_memory;
> >  i440fx_dev = qdev_new(host_type);
> > +hole64_size = i440fx_pci_hole64_size(i440fx_dev);
> >  } else {
> >  pci_memory = NULL;
> >  rom_memory = system_memory;
> >  i440fx_dev = NULL;
> > +hole64_size = 0;
> >  }
> >  
> >  pc_guest_info_init(pcms);
> > @@ -186,7 +189,7 @@ static void pc_init1(MachineState *machine,
> >  /* allocate ram and load rom/bios */
> >  if (!xen_enabled()) {
> >  pc_memory_init(pcms, system_memory,
> > -   rom_memory, _memory);
> > +   rom_memory, _memory, hole64_size);
> >  } else {
> >  pc_system_flash_cleanup_unused(pcms);
> >  if (machine->kernel_filename != NULL) {
> > diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
> > index 8d867bdb274a..4d5c2fbd976b 100644
> > --- a/hw/i386/pc_q35.c
> > +++ b/hw/i386/pc_q35.c
> > @@ -138,6 +138,7 @@ static void pc_q35_init(MachineState *machine)
> >  MachineClass *mc = MACHINE_GET_CLASS(machine);
> >  bool acpi_pcihp;
> >  bool keep_pci_slot_hpc;
> > +uint64_t pci_hole64_size = 0;
> >  
> >  /* Check whether RAM fits below 4G (leaving 1/2 GByte for IO memory
> >   * and 256 Mbytes for PCI Express Enhanced Configuration Access Mapping
> > @@ -206,8 +207,13 @@ static void pc_q35_init(MachineState *machine)
> >  /* create pci host bus */
> >  q35_host = Q35_HOST_DEVICE(qdev_new(TYPE_Q35_HOST_DEVICE));
> >  
> > +if (pcmc->pci_enabled) {
> > +pci_hole64_size = q35_host->mch.pci_hole64_size;
> > +}
> > +
> >  /* allocate ram and load rom/bios */
> > -pc_memory_init(pcms, get_system_memory(), rom_memory, _memory);
> > +pc_memory_init(pcms, get_system_memory(), rom_memory, _memory,
> > +   pci_hole64_size);
> >  
> >  object_property_add_child(qdev_get_machine(), "q35", OBJECT(q35_host));
> >  object_property_set_link(OBJECT(q35_host), MCH_HOST_PROP_RAM_MEM,
> > diff --git a/hw/pci-host/i440fx.c b/hw/pci-host/i440fx.c
> > index 5c1bab5c58ed..c5cc28250d5c 100644
> > --- a/hw/pci-host/i440fx.c
> > +++ b/hw/pci-host/i440fx.c
> > @@ -237,6 +237,13 @@ static void i440fx_realize(PCIDevice *dev, Error 
> > **errp)
> >  }
> >  }
> >  
> > +uint64_t i440fx_pci_hole64_size(DeviceState *i440fx_dev)
> > +{
> > +I440FXState *i440fx = I440FX_PCI_HOST_BRIDGE(i440fx_dev);
> > +
> > +return i440fx->pci_hole64_size;
> > +}
> > +
> >  PCIBus *i440fx_init(const char *host_type, const char *pci_type,
> >  DeviceState *dev,
> >  PCII440FXState **pi440fx_state,
> > diff --git a/include/hw/i386/pc.h 

Re: [PATCH v2 00/11] hw/acpi/piix4: remove legacy piix4_pm_init() function

2022-06-12 Thread Michael S. Tsirkin
On Mon, May 30, 2022 at 01:27:07PM +0200, Philippe Mathieu-Daudé wrote:
> From: Philippe Mathieu-Daudé 
> 
> This series moves the outstanding logic from piix4_pm_init() into
> the relevant instance init() and realize() functions, changes the
> IRQs to use qdev gpios, and then finally removes the now-unused
> piix4_pm_initfn() function.


Looks ok

Acked-by: Michael S. Tsirkin 

> v2:
> - Addressed Ani & Bernhard review comments
> 
> If no further comments I plan to queue this via mips-next end of
> this week.
> 
> Regards,
> 
> Phil.
> 
> Mark Cave-Ayland (11):
>   hw/acpi/piix4: move xen_enabled() logic from piix4_pm_init() to
> piix4_pm_realize()
>   hw/acpi/piix4: change smm_enabled from int to bool
>   hw/acpi/piix4: convert smm_enabled bool to qdev property
>   hw/acpi/piix4: move PIIX4PMState into separate piix4.h header
>   hw/acpi/piix4: alter piix4_pm_init() to return PIIX4PMState
>   hw/acpi/piix4: rename piix4_pm_init() to piix4_pm_initfn()
>   hw/acpi/piix4: use qdev gpio to wire up sci_irq
>   hw/acpi/piix4: use qdev gpio to wire up smi_irq
>   hw/i386/pc_piix: create PIIX4_PM device directly instead of using
> piix4_pm_initfn()
>   hw/isa/piix4.c: create PIIX4_PM device directly instead of using
> piix4_pm_initfn()
>   hw/acpi/piix4: remove unused piix4_pm_initfn() function
> 
>  hw/acpi/piix4.c   | 77 ++-
>  hw/i386/acpi-build.c  |  1 +
>  hw/i386/pc_piix.c | 16 +---
>  hw/isa/piix4.c| 11 +++--
>  include/hw/acpi/piix4.h   | 75 ++
>  include/hw/southbridge/piix.h |  6 ---
>  6 files changed, 107 insertions(+), 79 deletions(-)
>  create mode 100644 include/hw/acpi/piix4.h
> 
> -- 
> 2.36.1




Re: [PATCH v9 1/1] crypto: Introduce RSA algorithm

2022-06-10 Thread Michael S. Tsirkin
On Sat, Jun 11, 2022 at 11:36:58AM +0800, zhenwei pi wrote:
> There are two parts in this patch:
> 1, support akcipher service by cryptodev-builtin driver
> 2, virtio-crypto driver supports akcipher service
> 
> In principle, we should separate this into two patches, to avoid
> compiling error, merge them into one.
> 
> Then virtio-crypto gets request from guest side, and forwards the
> request to builtin driver to handle it.
> 
> Test with a guest linux:
> 1, The self-test framework of crypto layer works fine in guest kernel
> 2, Test with Linux guest(with asym support), the following script
> test(note that pkey_XXX is supported only in a newer version of keyutils):
>   - both public key & private key
>   - create/close session
>   - encrypt/decrypt/sign/verify basic driver operation
>   - also test with kernel crypto layer(pkey add/query)
> 
> All the cases work fine.
> 
> Run script in guest:
> rm -rf *.der *.pem *.pfx
> modprobe pkcs8_key_parser # if CONFIG_PKCS8_PRIVATE_KEY_PARSER=m
> rm -rf /tmp/data
> dd if=/dev/random of=/tmp/data count=1 bs=20
> 
> openssl req -nodes -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -subj 
> "/C=CN/ST=BJ/L=HD/O=qemu/OU=dev/CN=qemu/emailAddress=q...@qemu.org"
> openssl pkcs8 -in key.pem -topk8 -nocrypt -outform DER -out key.der
> openssl x509 -in cert.pem -inform PEM -outform DER -out cert.der
> 
> PRIV_KEY_ID=`cat key.der | keyctl padd asymmetric test_priv_key @s`
> echo "priv key id = "$PRIV_KEY_ID
> PUB_KEY_ID=`cat cert.der | keyctl padd asymmetric test_pub_key @s`
> echo "pub key id = "$PUB_KEY_ID
> 
> keyctl pkey_query $PRIV_KEY_ID 0
> keyctl pkey_query $PUB_KEY_ID 0
> 
> echo "Enc with priv key..."
> keyctl pkey_encrypt $PRIV_KEY_ID 0 /tmp/data enc=pkcs1 >/tmp/enc.priv
> echo "Dec with pub key..."
> keyctl pkey_decrypt $PRIV_KEY_ID 0 /tmp/enc.priv enc=pkcs1 >/tmp/dec
> cmp /tmp/data /tmp/dec
> 
> echo "Sign with priv key..."
> keyctl pkey_sign $PRIV_KEY_ID 0 /tmp/data enc=pkcs1 hash=sha1 > /tmp/sig
> echo "Verify with pub key..."
> keyctl pkey_verify $PRIV_KEY_ID 0 /tmp/data /tmp/sig enc=pkcs1 hash=sha1
> 
> echo "Enc with pub key..."
> keyctl pkey_encrypt $PUB_KEY_ID 0 /tmp/data enc=pkcs1 >/tmp/enc.pub
> echo "Dec with priv key..."
> keyctl pkey_decrypt $PRIV_KEY_ID 0 /tmp/enc.pub enc=pkcs1 >/tmp/dec
> cmp /tmp/data /tmp/dec
> 
> echo "Verify with pub key..."
> keyctl pkey_verify $PUB_KEY_ID 0 /tmp/data /tmp/sig enc=pkcs1 hash=sha1
> 
> Reviewed-by: Gonglei 
> Signed-off-by: lei he  Signed-off-by: zhenwei pi 
> ---
>  backends/cryptodev-builtin.c  | 275 +
>  backends/cryptodev-vhost-user.c   |  34 +++-
>  backends/cryptodev.c  |  32 ++-
>  hw/virtio/virtio-crypto.c | 323 --
>  include/hw/virtio/virtio-crypto.h |   5 +-
>  include/sysemu/cryptodev.h|  83 ++--
>  6 files changed, 608 insertions(+), 144 deletions(-)
> 
> diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c
> index 0671bf9f3e..ed73ea789b 100644
> --- a/backends/cryptodev-builtin.c
> +++ b/backends/cryptodev-builtin.c
> @@ -26,6 +26,7 @@
>  #include "qapi/error.h"
>  #include "standard-headers/linux/virtio_crypto.h"
>  #include "crypto/cipher.h"
> +#include "crypto/akcipher.h"
>  #include "qom/object.h"
>  
>  
> @@ -42,10 +43,11 @@ typedef struct CryptoDevBackendBuiltinSession {
>  QCryptoCipher *cipher;
>  uint8_t direction; /* encryption or decryption */
>  uint8_t type; /* cipher? hash? aead? */
> +QCryptoAkCipher *akcipher;
>  QTAILQ_ENTRY(CryptoDevBackendBuiltinSession) next;
>  } CryptoDevBackendBuiltinSession;
>  
> -/* Max number of symmetric sessions */
> +/* Max number of symmetric/asymmetric sessions */
>  #define MAX_NUM_SESSIONS 256
>  
>  #define CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN512
> @@ -80,15 +82,17 @@ static void cryptodev_builtin_init(
>  backend->conf.crypto_services =
>   1u << VIRTIO_CRYPTO_SERVICE_CIPHER |
>   1u << VIRTIO_CRYPTO_SERVICE_HASH |
> - 1u << VIRTIO_CRYPTO_SERVICE_MAC;
> + 1u << VIRTIO_CRYPTO_SERVICE_MAC |
> + 1u << VIRTIO_CRYPTO_SERVICE_AKCIPHER;
>  backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
>  backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
> +backend->conf.akcipher_algo = 1u << VIRTIO_CRYPTO_AKCIPHER_RSA;
>  /*
>   * Set the Maximum length of crypto request.
>   * Why this value? Just avoid to overflow when
>   * memory allocation for each crypto request.
>   */
> -backend->conf.max_size = LONG_MAX - sizeof(CryptoDevBackendSymOpInfo);
> +backend->conf.max_size = LONG_MAX - sizeof(CryptoDevBackendOpInfo);
>  backend->conf.max_cipher_key_len = CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN;
>  backend->conf.max_auth_key_len = CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN;
>  
> @@ -148,6 +152,54 @@ err:
> return -1;
>  }
>  
> +static int 

Re: [PULL 54/54] crypto: Introduce RSA algorithm

2022-06-10 Thread Michael S. Tsirkin
On Fri, Jun 10, 2022 at 11:05:13AM -0700, Richard Henderson wrote:
> On 6/10/22 08:55, Philippe Mathieu-Daudé wrote:
> > On 10/6/22 09:59, Michael S. Tsirkin wrote:
> > > From: zhenwei pi 
> > > +static int cryptodev_builtin_set_rsa_options(
> > > +    int virtio_padding_algo,
> > > +    int virtio_hash_algo,
> > > +    QCryptoAkCipherOptionsRSA *opt,
> > > +    Error **errp)
> > > +{
> > > +    if (virtio_padding_algo == VIRTIO_CRYPTO_RSA_PKCS1_PADDING) {
> > > +    opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_PKCS1;
> > > +    opt->hash_alg =
> > > +    cryptodev_builtin_get_rsa_hash_algo(virtio_hash_algo, errp);
> > > +    if (opt->hash_alg < 0) {
> > > +    return -1;
> > > +    }
> > > +    return 0;
> > > +    }
> > > +
> > > +    if (virtio_padding_algo == VIRTIO_CRYPTO_RSA_RAW_PADDING) {
> > > +    opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_RAW;
> > > +    return 0;
> > > +    }
> > > +
> > > +    error_setg(errp, "Unsupported rsa padding algo: %d", 
> > > virtio_padding_algo);
> > > +    return -1;
> > > +}
> > 
> > Build failure:
> > 
> > ../backends/cryptodev-builtin.c:187:27: error: result of comparison of
> > unsigned enum expression < 0 is always false
> > [-Werror,-Wtautological-unsigned-enum-zero-compare]
> >      if (opt->hash_alg < 0) {
> >      ~ ^ ~
> 
> Yep, e.g.
> 
> https://gitlab.com/qemu-project/qemu/-/jobs/2574418442
> 


Dropped now and re-pushed a tag. Can you try pulling that pls?

> r~




Re: [PULL 54/54] crypto: Introduce RSA algorithm

2022-06-10 Thread Michael S. Tsirkin
On Fri, Jun 10, 2022 at 05:55:16PM +0200, Philippe Mathieu-Daudé wrote:
> On 10/6/22 09:59, Michael S. Tsirkin wrote:
> > From: zhenwei pi 
> > 
> > There are two parts in this patch:
> > 1, support akcipher service by cryptodev-builtin driver
> > 2, virtio-crypto driver supports akcipher service
> > 
> > In principle, we should separate this into two patches, to avoid
> > compiling error, merge them into one.
> > 
> > Then virtio-crypto gets request from guest side, and forwards the
> > request to builtin driver to handle it.
> > 
> > Test with a guest linux:
> > 1, The self-test framework of crypto layer works fine in guest kernel
> > 2, Test with Linux guest(with asym support), the following script
> > test(note that pkey_XXX is supported only in a newer version of keyutils):
> >- both public key & private key
> >- create/close session
> >- encrypt/decrypt/sign/verify basic driver operation
> >- also test with kernel crypto layer(pkey add/query)
> > 
> > All the cases work fine.
> > 
> > Run script in guest:
> > rm -rf *.der *.pem *.pfx
> > modprobe pkcs8_key_parser # if CONFIG_PKCS8_PRIVATE_KEY_PARSER=m
> > rm -rf /tmp/data
> > dd if=/dev/random of=/tmp/data count=1 bs=20
> > 
> > openssl req -nodes -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem 
> > -subj "/C=CN/ST=BJ/L=HD/O=qemu/OU=dev/CN=qemu/emailAddress=q...@qemu.org"
> > openssl pkcs8 -in key.pem -topk8 -nocrypt -outform DER -out key.der
> > openssl x509 -in cert.pem -inform PEM -outform DER -out cert.der
> > 
> > PRIV_KEY_ID=`cat key.der | keyctl padd asymmetric test_priv_key @s`
> > echo "priv key id = "$PRIV_KEY_ID
> > PUB_KEY_ID=`cat cert.der | keyctl padd asymmetric test_pub_key @s`
> > echo "pub key id = "$PUB_KEY_ID
> > 
> > keyctl pkey_query $PRIV_KEY_ID 0
> > keyctl pkey_query $PUB_KEY_ID 0
> > 
> > echo "Enc with priv key..."
> > keyctl pkey_encrypt $PRIV_KEY_ID 0 /tmp/data enc=pkcs1 >/tmp/enc.priv
> > echo "Dec with pub key..."
> > keyctl pkey_decrypt $PRIV_KEY_ID 0 /tmp/enc.priv enc=pkcs1 >/tmp/dec
> > cmp /tmp/data /tmp/dec
> > 
> > echo "Sign with priv key..."
> > keyctl pkey_sign $PRIV_KEY_ID 0 /tmp/data enc=pkcs1 hash=sha1 > /tmp/sig
> > echo "Verify with pub key..."
> > keyctl pkey_verify $PRIV_KEY_ID 0 /tmp/data /tmp/sig enc=pkcs1 hash=sha1
> > 
> > echo "Enc with pub key..."
> > keyctl pkey_encrypt $PUB_KEY_ID 0 /tmp/data enc=pkcs1 >/tmp/enc.pub
> > echo "Dec with priv key..."
> > keyctl pkey_decrypt $PRIV_KEY_ID 0 /tmp/enc.pub enc=pkcs1 >/tmp/dec
> > cmp /tmp/data /tmp/dec
> > 
> > echo "Verify with pub key..."
> > keyctl pkey_verify $PUB_KEY_ID 0 /tmp/data /tmp/sig enc=pkcs1 hash=sha1
> > 
> > Signed-off-by: zhenwei pi 
> > Signed-off-by: lei he  > Message-Id: <20220527084734.2649594-2-pizhen...@bytedance.com>
> > Reviewed-by: Gonglei 
> > Reviewed-by: Michael S. Tsirkin 
> > Signed-off-by: Michael S. Tsirkin 
> > ---
> >   include/hw/virtio/virtio-crypto.h |   5 +-
> >   include/sysemu/cryptodev.h|  83 ++--
> >   backends/cryptodev-builtin.c  | 274 +
> >   backends/cryptodev-vhost-user.c   |  34 +++-
> >   backends/cryptodev.c  |  32 ++-
> >   hw/virtio/virtio-crypto.c | 319 --
> >   6 files changed, 605 insertions(+), 142 deletions(-)
> 
> > +static int cryptodev_builtin_set_rsa_options(
> > +int virtio_padding_algo,
> > +int virtio_hash_algo,
> > +QCryptoAkCipherOptionsRSA *opt,
> > +Error **errp)
> > +{
> > +if (virtio_padding_algo == VIRTIO_CRYPTO_RSA_PKCS1_PADDING) {
> > +opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_PKCS1;
> > +opt->hash_alg =
> > +cryptodev_builtin_get_rsa_hash_algo(virtio_hash_algo, errp);
> > +if (opt->hash_alg < 0) {
> > +return -1;
> > +}
> > +return 0;
> > +}
> > +
> > +if (virtio_padding_algo == VIRTIO_CRYPTO_RSA_RAW_PADDING) {
> > +opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_RAW;
> > +return 0;
> > +}
> > +
> > +error_setg(errp, "Unsupported rsa padding algo: %d", 
> > virtio_padding_algo);
> > +return -1;
> > +}
> 
> Build failure:
> 
> ../backends/cryptodev-builtin.c:187:27: error: result of comparison of
> unsigned enum expression < 0 is always false
> [-Werror,-Wtautological-unsigned-enum-zero-compare]
> if (opt->hash_alg < 0) {
> ~ ^ ~


I dropped this patch now. New tag:
06cb5c82ebf5fd0f7b3c3de24d650e1259ca6ce4

hw/vhost-user-scsi|blk: set `supports_config` flag correctly


-- 
MST




Re: [PATCH] acpi/erst: fix fallthrough code upon validation failure

2022-06-10 Thread Michael S. Tsirkin
On Fri, Jun 10, 2022 at 01:48:57PM +0530, Ani Sinha wrote:
> On Thu, May 19, 2022 at 6:35 PM Eric DeVolder  
> wrote:
> >
> >
> >
> > On 5/13/22 09:10, Ani Sinha wrote:
> > > At any step when any validation fail in check_erst_backend_storage(), 
> > > there is
> > > no need to continue further through other validation checks. Further, by
> > > continuing even when record_size is 0, we run the risk of triggering a 
> > > divide
> > > by zero error if we continued with other validation checks. Hence, we 
> > > should
> > > simply return from this function upon validation failure.
> > >
> > > CC: Peter Maydell 
> > > CC: Eric DeVolder 
> > > Signed-off-by: Ani Sinha 
> >
> > Reviewed-by: Eric DeVolder 
> 
> Michael:
> Did you forget to queue this for your latest pull request?
> 

I did, thanks for the reminder!

> >
> > My apologies, I've been away for the past week.
> > Thank you for taking the time to correct this issue!
> > eric
> >
> > > ---
> > >   hw/acpi/erst.c | 3 +++
> > >   1 file changed, 3 insertions(+)
> > >
> > > diff --git a/hw/acpi/erst.c b/hw/acpi/erst.c
> > > index de509c2b48..df856b2669 100644
> > > --- a/hw/acpi/erst.c
> > > +++ b/hw/acpi/erst.c
> > > @@ -440,6 +440,7 @@ static void 
> > > check_erst_backend_storage(ERSTDeviceState *s, Error **errp)
> > >   (record_size >= 4096) /* PAGE_SIZE */
> > >   )) {
> > >   error_setg(errp, "ERST record_size %u is invalid", record_size);
> > > +return;
> > >   }
> > >
> > >   /* Validity check header */
> > > @@ -450,6 +451,7 @@ static void 
> > > check_erst_backend_storage(ERSTDeviceState *s, Error **errp)
> > >   (le16_to_cpu(header->reserved) == 0)
> > >   )) {
> > >   error_setg(errp, "ERST backend storage header is invalid");
> > > +return;
> > >   }
> > >
> > >   /* Check storage_size against record_size */
> > > @@ -457,6 +459,7 @@ static void 
> > > check_erst_backend_storage(ERSTDeviceState *s, Error **errp)
> > >(record_size > s->storage_size)) {
> > >   error_setg(errp, "ACPI ERST requires storage size be multiple 
> > > of "
> > >   "record size (%uKiB)", record_size);
> > > +return;
> > >   }
> > >
> > >   /* Compute offset of first and last record storage slot */
> > >




[PULL 35/54] x86: acpi-build: do not include hw/isa/isa.h directly

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

the last remaining dependency on ISA in acpi-build.c
is iapc_boot_arch_8042() which pulls in in isa.h
in its own header hw/input/i8042.h. Clean up
not longer needed direct inclusion of isa.h in
acpi-build.c

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-36-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/i386/acpi-build.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 0b65fc99cd..f41e14a469 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -37,7 +37,6 @@
 #include "hw/acpi/cpu.h"
 #include "hw/nvram/fw_cfg.h"
 #include "hw/acpi/bios-linker-loader.h"
-#include "hw/isa/isa.h"
 #include "hw/acpi/acpi_aml_interface.h"
 #include "hw/input/i8042.h"
 #include "hw/acpi/memory_hotplug.h"
-- 
MST




[PULL 38/54] hw/cxl: Push linking of CXL targets into i386/pc rather than in machine.c

2022-06-10 Thread Michael S. Tsirkin
From: Jonathan Cameron 

Whilst here take the oportunity to shorten the function name.

Signed-off-by: Jonathan Cameron 
Reviewed-by: Ben Widawsky 
Message-Id: <20220608145440.26106-4-jonathan.came...@huawei.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/cxl/cxl.h  | 2 --
 include/hw/cxl/cxl_host.h | 1 +
 hw/cxl/cxl-host-stubs.c   | 2 +-
 hw/cxl/cxl-host.c | 8 +++-
 hw/i386/pc.c  | 5 +
 softmmu/vl.c  | 2 --
 6 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/include/hw/cxl/cxl.h b/include/hw/cxl/cxl.h
index 84078a484d..134b295b40 100644
--- a/include/hw/cxl/cxl.h
+++ b/include/hw/cxl/cxl.h
@@ -53,6 +53,4 @@ struct CXLHost {
 #define TYPE_PXB_CXL_HOST "pxb-cxl-host"
 OBJECT_DECLARE_SIMPLE_TYPE(CXLHost, PXB_CXL_HOST)
 
-void cxl_fixed_memory_window_link_targets(Error **errp);
-
 #endif
diff --git a/include/hw/cxl/cxl_host.h b/include/hw/cxl/cxl_host.h
index 87a6933de2..4d642a81fa 100644
--- a/include/hw/cxl/cxl_host.h
+++ b/include/hw/cxl/cxl_host.h
@@ -15,6 +15,7 @@
 #define CXL_HOST_H
 
 void cxl_machine_init(Object *obj, CXLState *state);
+void cxl_fmws_link_targets(CXLState *stat, Error **errp);
 
 extern const MemoryRegionOps cfmws_ops;
 
diff --git a/hw/cxl/cxl-host-stubs.c b/hw/cxl/cxl-host-stubs.c
index de3e8894d5..e0d5ec8ad5 100644
--- a/hw/cxl/cxl-host-stubs.c
+++ b/hw/cxl/cxl-host-stubs.c
@@ -8,7 +8,7 @@
 #include "hw/cxl/cxl.h"
 #include "hw/cxl/cxl_host.h"
 
-void cxl_fixed_memory_window_link_targets(Error **errp) {};
+void cxl_fmws_link_targets(CXLState *stat, Error **errp) {};
 void cxl_machine_init(Object *obj, CXLState *state) {};
 
 const MemoryRegionOps cfmws_ops;
diff --git a/hw/cxl/cxl-host.c b/hw/cxl/cxl-host.c
index 3a79c32b42..8e7738a65b 100644
--- a/hw/cxl/cxl-host.c
+++ b/hw/cxl/cxl-host.c
@@ -68,14 +68,12 @@ static void cxl_fixed_memory_window_config(CXLState 
*cxl_state,
 return;
 }
 
-void cxl_fixed_memory_window_link_targets(Error **errp)
+void cxl_fmws_link_targets(CXLState *cxl_state, Error **errp)
 {
-MachineState *ms = MACHINE(qdev_get_machine());
-
-if (ms->cxl_devices_state && ms->cxl_devices_state->fixed_windows) {
+if (cxl_state && cxl_state->fixed_windows) {
 GList *it;
 
-for (it = ms->cxl_devices_state->fixed_windows; it; it = it->next) {
+for (it = cxl_state->fixed_windows; it; it = it->next) {
 CXLFixedWindow *fw = it->data;
 int i;
 
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 98e63347f2..6cecd74d58 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -732,6 +732,11 @@ void pc_machine_done(Notifier *notifier, void *data)
 PCMachineState *pcms = container_of(notifier,
 PCMachineState, machine_done);
 X86MachineState *x86ms = X86_MACHINE(pcms);
+MachineState *ms = MACHINE(pcms);
+
+if (ms->cxl_devices_state) {
+cxl_fmws_link_targets(ms->cxl_devices_state, _fatal);
+}
 
 /* set the number of CPUs */
 x86_rtc_set_cpus_count(x86ms->rtc, x86ms->boot_cpus);
diff --git a/softmmu/vl.c b/softmmu/vl.c
index ff0ad9ab54..54e920ada1 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -93,7 +93,6 @@
 #include "qemu/config-file.h"
 #include "qemu/qemu-options.h"
 #include "qemu/main-loop.h"
-#include "hw/cxl/cxl.h"
 #ifdef CONFIG_VIRTFS
 #include "fsdev/qemu-fsdev.h"
 #endif
@@ -2568,7 +2567,6 @@ void qmp_x_exit_preconfig(Error **errp)
 
 qemu_init_board();
 qemu_create_cli_devices();
-cxl_fixed_memory_window_link_targets(errp);
 qemu_machine_creation_done();
 
 if (loadvm) {
-- 
MST




[PULL 54/54] crypto: Introduce RSA algorithm

2022-06-10 Thread Michael S. Tsirkin
From: zhenwei pi 

There are two parts in this patch:
1, support akcipher service by cryptodev-builtin driver
2, virtio-crypto driver supports akcipher service

In principle, we should separate this into two patches, to avoid
compiling error, merge them into one.

Then virtio-crypto gets request from guest side, and forwards the
request to builtin driver to handle it.

Test with a guest linux:
1, The self-test framework of crypto layer works fine in guest kernel
2, Test with Linux guest(with asym support), the following script
test(note that pkey_XXX is supported only in a newer version of keyutils):
  - both public key & private key
  - create/close session
  - encrypt/decrypt/sign/verify basic driver operation
  - also test with kernel crypto layer(pkey add/query)

All the cases work fine.

Run script in guest:
rm -rf *.der *.pem *.pfx
modprobe pkcs8_key_parser # if CONFIG_PKCS8_PRIVATE_KEY_PARSER=m
rm -rf /tmp/data
dd if=/dev/random of=/tmp/data count=1 bs=20

openssl req -nodes -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -subj 
"/C=CN/ST=BJ/L=HD/O=qemu/OU=dev/CN=qemu/emailAddress=q...@qemu.org"
openssl pkcs8 -in key.pem -topk8 -nocrypt -outform DER -out key.der
openssl x509 -in cert.pem -inform PEM -outform DER -out cert.der

PRIV_KEY_ID=`cat key.der | keyctl padd asymmetric test_priv_key @s`
echo "priv key id = "$PRIV_KEY_ID
PUB_KEY_ID=`cat cert.der | keyctl padd asymmetric test_pub_key @s`
echo "pub key id = "$PUB_KEY_ID

keyctl pkey_query $PRIV_KEY_ID 0
keyctl pkey_query $PUB_KEY_ID 0

echo "Enc with priv key..."
keyctl pkey_encrypt $PRIV_KEY_ID 0 /tmp/data enc=pkcs1 >/tmp/enc.priv
echo "Dec with pub key..."
keyctl pkey_decrypt $PRIV_KEY_ID 0 /tmp/enc.priv enc=pkcs1 >/tmp/dec
cmp /tmp/data /tmp/dec

echo "Sign with priv key..."
keyctl pkey_sign $PRIV_KEY_ID 0 /tmp/data enc=pkcs1 hash=sha1 > /tmp/sig
echo "Verify with pub key..."
keyctl pkey_verify $PRIV_KEY_ID 0 /tmp/data /tmp/sig enc=pkcs1 hash=sha1

echo "Enc with pub key..."
keyctl pkey_encrypt $PUB_KEY_ID 0 /tmp/data enc=pkcs1 >/tmp/enc.pub
echo "Dec with priv key..."
keyctl pkey_decrypt $PRIV_KEY_ID 0 /tmp/enc.pub enc=pkcs1 >/tmp/dec
cmp /tmp/data /tmp/dec

echo "Verify with pub key..."
keyctl pkey_verify $PUB_KEY_ID 0 /tmp/data /tmp/sig enc=pkcs1 hash=sha1

Signed-off-by: zhenwei pi 
Signed-off-by: lei he 
Reviewed-by: Gonglei 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/virtio/virtio-crypto.h |   5 +-
 include/sysemu/cryptodev.h|  83 ++--
 backends/cryptodev-builtin.c  | 274 +
 backends/cryptodev-vhost-user.c   |  34 +++-
 backends/cryptodev.c  |  32 ++-
 hw/virtio/virtio-crypto.c | 319 --
 6 files changed, 605 insertions(+), 142 deletions(-)

diff --git a/include/hw/virtio/virtio-crypto.h 
b/include/hw/virtio/virtio-crypto.h
index a2228d7b2e..348749f5d5 100644
--- a/include/hw/virtio/virtio-crypto.h
+++ b/include/hw/virtio/virtio-crypto.h
@@ -50,6 +50,7 @@ typedef struct VirtIOCryptoConf {
 uint32_t mac_algo_l;
 uint32_t mac_algo_h;
 uint32_t aead_algo;
+uint32_t akcipher_algo;
 
 /* Maximum length of cipher key */
 uint32_t max_cipher_key_len;
@@ -71,9 +72,7 @@ typedef struct VirtIOCryptoReq {
 size_t in_len;
 VirtQueue *vq;
 struct VirtIOCrypto *vcrypto;
-union {
-CryptoDevBackendSymOpInfo *sym_op_info;
-} u;
+CryptoDevBackendOpInfo op_info;
 } VirtIOCryptoReq;
 
 typedef struct VirtIOCryptoQueue {
diff --git a/include/sysemu/cryptodev.h b/include/sysemu/cryptodev.h
index f4d4057d4d..37c3a360fd 100644
--- a/include/sysemu/cryptodev.h
+++ b/include/sysemu/cryptodev.h
@@ -50,13 +50,13 @@ typedef struct CryptoDevBackendClient
 
 enum CryptoDevBackendAlgType {
 CRYPTODEV_BACKEND_ALG_SYM,
+CRYPTODEV_BACKEND_ALG_ASYM,
 CRYPTODEV_BACKEND_ALG__MAX,
 };
 
 /**
  * CryptoDevBackendSymSessionInfo:
  *
- * @op_code: operation code (refer to virtio_crypto.h)
  * @cipher_alg: algorithm type of CIPHER
  * @key_len: byte length of cipher key
  * @hash_alg: algorithm type of HASH/MAC
@@ -74,7 +74,6 @@ enum CryptoDevBackendAlgType {
  */
 typedef struct CryptoDevBackendSymSessionInfo {
 /* corresponding with virtio crypto spec */
-uint32_t op_code;
 uint32_t cipher_alg;
 uint32_t key_len;
 uint32_t hash_alg;
@@ -89,11 +88,36 @@ typedef struct CryptoDevBackendSymSessionInfo {
 uint8_t *auth_key;
 } CryptoDevBackendSymSessionInfo;
 
+/**
+ * CryptoDevBackendAsymSessionInfo:
+ */
+typedef struct CryptoDevBackendRsaPara {
+uint32_t padding_algo;
+uint32_t hash_algo;
+} CryptoDevBackendRsaPara;
+
+typedef struct CryptoDevBackendAsymSessionInfo {
+/* corresponding with virtio crypto spec */
+uint32_t algo;
+uint32_t keytype;
+uint32_t keylen;
+uint8_t *key;
+union {
+C

[PULL 45/54] hw/cxl: Fix missing write mask for HDM decoder target list registers

2022-06-10 Thread Michael S. Tsirkin
From: Jonathan Cameron 

Without being able to write these registers, no interleaving is possible.
More refined checks of HDM register state on commit to follow.

Signed-off-by: Jonathan Cameron 
Reviewed-by: Ben Widawsky 
Message-Id: <20220608130804.25795-1-jonathan.came...@huawei.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/cxl/cxl-component-utils.c | 13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/hw/cxl/cxl-component-utils.c b/hw/cxl/cxl-component-utils.c
index 7985c9bfca..3edd303a33 100644
--- a/hw/cxl/cxl-component-utils.c
+++ b/hw/cxl/cxl-component-utils.c
@@ -154,7 +154,8 @@ static void ras_init_common(uint32_t *reg_state, uint32_t 
*write_msk)
 reg_state[R_CXL_RAS_ERR_CAP_CTRL] = 0x00;
 }
 
-static void hdm_init_common(uint32_t *reg_state, uint32_t *write_msk)
+static void hdm_init_common(uint32_t *reg_state, uint32_t *write_msk,
+enum reg_type type)
 {
 int decoder_count = 1;
 int i;
@@ -174,6 +175,14 @@ static void hdm_init_common(uint32_t *reg_state, uint32_t 
*write_msk)
 write_msk[R_CXL_HDM_DECODER0_SIZE_LO + i * 0x20] = 0xf000;
 write_msk[R_CXL_HDM_DECODER0_SIZE_HI + i * 0x20] = 0x;
 write_msk[R_CXL_HDM_DECODER0_CTRL + i * 0x20] = 0x13ff;
+if (type == CXL2_DEVICE ||
+type == CXL2_TYPE3_DEVICE ||
+type == CXL2_LOGICAL_DEVICE) {
+write_msk[R_CXL_HDM_DECODER0_TARGET_LIST_LO + i * 0x20] = 
0xf000;
+} else {
+write_msk[R_CXL_HDM_DECODER0_TARGET_LIST_LO + i * 0x20] = 
0x;
+}
+write_msk[R_CXL_HDM_DECODER0_TARGET_LIST_HI + i * 0x20] = 0x;
 }
 }
 
@@ -239,7 +248,7 @@ void cxl_component_register_init_common(uint32_t 
*reg_state, uint32_t *write_msk
 }
 
 init_cap_reg(HDM, 5, 1);
-hdm_init_common(reg_state, write_msk);
+hdm_init_common(reg_state, write_msk, type);
 
 if (caps < 5) {
 return;
-- 
MST




[PULL 32/54] acpi: pc/q35: remove not needed 'if' condition on pci bus

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Reviewed-by: Ani Sinha 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-33-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/i386/acpi-build.c | 10 ++
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 6b496480d2..1204b6da05 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1797,16 +1797,10 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
 
 sb_scope = aml_scope("\\_SB");
 {
-Object *pci_host;
-PCIBus *bus = NULL;
-
-pci_host = acpi_get_i386_pci_host();
+Object *pci_host = acpi_get_i386_pci_host();
 
 if (pci_host) {
-bus = PCI_HOST_BRIDGE(pci_host)->bus;
-}
-
-if (bus) {
+PCIBus *bus = PCI_HOST_BRIDGE(pci_host)->bus;
 Aml *scope = aml_scope("PCI0");
 /* Scan all PCI buses. Generate tables to support hotplug. */
 build_append_pci_bus_devices(scope, bus, pm->pcihp_bridge_en);
-- 
MST




[PULL 53/54] hw/vhost-user-scsi|blk: set `supports_config` flag correctly

2022-06-10 Thread Michael S. Tsirkin
From: Changpeng Liu 

Currently vhost-user-scsi driver doesn't allow to change
the configuration space of virtio_scsi, while vhost-user-blk
support that, so here we set the flag in vhost-user-blk driver
and unset it in vhost-user-scsi.

Signed-off-by: Changpeng Liu 
Message-Id: <20220525125540.50979-2-changpeng@intel.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
Signed-off-by: Changpeng Liu 
Signed-off-by: Changpeng Liu 
---
 hw/block/vhost-user-blk.c | 1 +
 hw/scsi/vhost-user-scsi.c | 1 -
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/block/vhost-user-blk.c b/hw/block/vhost-user-blk.c
index 5dca4eab09..9117222456 100644
--- a/hw/block/vhost-user-blk.c
+++ b/hw/block/vhost-user-blk.c
@@ -337,6 +337,7 @@ static int vhost_user_blk_connect(DeviceState *dev, Error 
**errp)
 
 vhost_dev_set_config_notifier(>dev, _ops);
 
+s->vhost_user.supports_config = true;
 ret = vhost_dev_init(>dev, >vhost_user, VHOST_BACKEND_TYPE_USER, 0,
  errp);
 if (ret < 0) {
diff --git a/hw/scsi/vhost-user-scsi.c b/hw/scsi/vhost-user-scsi.c
index 9be21d07ee..1b2f7eed98 100644
--- a/hw/scsi/vhost-user-scsi.c
+++ b/hw/scsi/vhost-user-scsi.c
@@ -121,7 +121,6 @@ static void vhost_user_scsi_realize(DeviceState *dev, Error 
**errp)
 vsc->dev.backend_features = 0;
 vqs = vsc->dev.vqs;
 
-s->vhost_user.supports_config = true;
 ret = vhost_dev_init(>dev, >vhost_user,
  VHOST_BACKEND_TYPE_USER, 0, errp);
 if (ret < 0) {
-- 
MST




[PULL 52/54] hw/virtio/vhost-user: don't use uninitialized variable

2022-06-10 Thread Michael S. Tsirkin
From: Changpeng Liu 

Variable `vdev` in `struct vhost_dev` will not be ready
until start the device, so let's not use it for the error
output here.

Fixes: 5653493 ("hw/virtio/vhost-user: don't suppress F_CONFIG when supported")

Signed-off-by: Changpeng Liu 
Message-Id: <20220525125540.50979-1-changpeng@intel.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
Fixes: 5653493 ("hw/virtio/vhost-user: don't suppress F_CONFIG when supported")
Signed-off-by: Changpeng Liu 
Fixes: 5653493 ("hw/virtio/vhost-user: don't suppress F_CONFIG when supported")
Signed-off-by: Changpeng Liu 
---
 hw/virtio/vhost-user.c | 8 +++-
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
index b040c1ad2b..0594178224 100644
--- a/hw/virtio/vhost-user.c
+++ b/hw/virtio/vhost-user.c
@@ -2031,18 +2031,16 @@ static int vhost_user_backend_init(struct vhost_dev 
*dev, void *opaque,
 if (supports_f_config) {
 if (!virtio_has_feature(protocol_features,
 VHOST_USER_PROTOCOL_F_CONFIG)) {
-error_setg(errp, "vhost-user device %s expecting "
+error_setg(errp, "vhost-user device expecting "
"VHOST_USER_PROTOCOL_F_CONFIG but the vhost-user 
backend does "
-   "not support it.", dev->vdev->name);
+   "not support it.");
 return -EPROTO;
 }
 } else {
 if (virtio_has_feature(protocol_features,
VHOST_USER_PROTOCOL_F_CONFIG)) {
 warn_reportf_err(*errp, "vhost-user backend supports "
- "VHOST_USER_PROTOCOL_F_CONFIG for "
- "device %s but QEMU does not.",
- dev->vdev->name);
+ "VHOST_USER_PROTOCOL_F_CONFIG but QEMU does 
not.");
 protocol_features &= ~(1ULL << VHOST_USER_PROTOCOL_F_CONFIG);
 }
 }
-- 
MST




[PULL 44/54] pci: fix overflow in snprintf string formatting

2022-06-10 Thread Michael S. Tsirkin
From: Claudio Fontana 

the code in pcibus_get_fw_dev_path contained the potential for a
stack buffer overflow of 1 byte, potentially writing to the stack an
extra NUL byte.

This overflow could happen if the PCI slot is >= 0x1000,
and the PCI function is >= 0x1000, due to the size parameter
of snprintf being incorrectly calculated in the call:

if (PCI_FUNC(d->devfn))
snprintf(path + off, sizeof(path) + off, ",%x", PCI_FUNC(d->devfn));

since the off obtained from a previous call to snprintf is added
instead of subtracted from the total available size of the buffer.

Without the accurate size guard from snprintf, we end up writing in the
worst case:

name (32) + "@" (1) + SLOT (8) + "," (1) + FUNC (8) + term NUL (1) = 51 bytes

In order to provide something more robust, replace all of the code in
pcibus_get_fw_dev_path with a single call to g_strdup_printf,
so there is no need to rely on manual calculations.

Found by compiling QEMU with FORTIFY_SOURCE=3 as the error:

*** buffer overflow detected ***: terminated

Thread 1 "qemu-system-x86" received signal SIGABRT, Aborted.
[Switching to Thread 0x7642c380 (LWP 121307)]
0x771ff55c in __pthread_kill_implementation () from /lib64/libc.so.6
(gdb) bt
 #0  0x771ff55c in __pthread_kill_implementation () at /lib64/libc.so.6
 #1  0x771ac6f6 in raise () at /lib64/libc.so.6
 #2  0x77195814 in abort () at /lib64/libc.so.6
 #3  0x771f279e in __libc_message () at /lib64/libc.so.6
 #4  0x7729767a in __fortify_fail () at /lib64/libc.so.6
 #5  0x77295c36 in  () at /lib64/libc.so.6
 #6  0x772957f5 in __snprintf_chk () at /lib64/libc.so.6
 #7  0x55b1c1fd in pcibus_get_fw_dev_path ()
 #8  0x55f2bde4 in qdev_get_fw_dev_path_helper.constprop ()
 #9  0x55f2bd86 in qdev_get_fw_dev_path_helper.constprop ()
 #10 0x559a6e5d in get_boot_device_path ()
 #11 0x559a712c in get_boot_devices_list ()
 #12 0x55b1a3d0 in fw_cfg_machine_reset ()
 #13 0x55bf4c2d in pc_machine_reset ()
 #14 0x55c66988 in qemu_system_reset ()
 #15 0x55a6dff6 in qdev_machine_creation_done ()
 #16 0x55c79186 in qmp_x_exit_preconfig.part ()
 #17 0x55c7b459 in qemu_init ()
 #18 0x55960a29 in main ()

Found-by: Dario Faggioli 
Found-by: Martin Liška 
Cc: qemu-sta...@nongnu.org
Signed-off-by: Claudio Fontana 
Message-Id: <20220531114707.18830-1-cfont...@suse.de>
Reviewed-by: Ani Sinha 
---
 hw/pci/pci.c | 16 
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/hw/pci/pci.c b/hw/pci/pci.c
index a9b37f8000..6e7015329c 100644
--- a/hw/pci/pci.c
+++ b/hw/pci/pci.c
@@ -2640,15 +2640,15 @@ static char *pci_dev_fw_name(DeviceState *dev, char 
*buf, int len)
 static char *pcibus_get_fw_dev_path(DeviceState *dev)
 {
 PCIDevice *d = (PCIDevice *)dev;
-char path[50], name[33];
-int off;
+char name[33];
+int has_func = !!PCI_FUNC(d->devfn);
 
-off = snprintf(path, sizeof(path), "%s@%x",
-   pci_dev_fw_name(dev, name, sizeof name),
-   PCI_SLOT(d->devfn));
-if (PCI_FUNC(d->devfn))
-snprintf(path + off, sizeof(path) + off, ",%x", PCI_FUNC(d->devfn));
-return g_strdup(path);
+return g_strdup_printf("%s@%x%s%.*x",
+   pci_dev_fw_name(dev, name, sizeof(name)),
+   PCI_SLOT(d->devfn),
+   has_func ? "," : "",
+   has_func,
+   PCI_FUNC(d->devfn));
 }
 
 static char *pcibus_get_dev_path(DeviceState *dev)
-- 
MST




[PULL 30/54] tests: acpi: white-list DSDT.tis.tpm2/DSDT.tis.tpm12 expected blobs

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Acked-by: Ani Sinha 
Message-Id: <20220608135340.3304695-31-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index dfb8523c8b..7b3bf9a207 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1 +1,3 @@
 /* List of comma-separated changed AML files to ignore */
+"tests/data/acpi/q35/DSDT.tis.tpm2",
+"tests/data/acpi/q35/DSDT.tis.tpm12",
-- 
MST




[PULL 51/54] tests/acpi: virt: update golden masters for VIOT

2022-06-10 Thread Michael S. Tsirkin
From: Mark Cave-Ayland 

Differences between disassembled ASL files for VIOT:

+++ /tmp/asl-V69GM1.dsl 2022-05-18 10:22:27.239796759 +0100
@@ -36,11 +36,11 @@
 [041h 0065   1] Reserved : 00
 [042h 0066   2]   Length : 0018

-[044h 0068   4]   Endpoint start : 3000
+[044h 0068   4]   Endpoint start : 1000
 [048h 0072   2]PCI Segment start : 
 [04Ah 0074   2]  PCI Segment end : 
-[04Ch 0076   2]PCI BDF start : 3000
-[04Eh 0078   2]  PCI BDF end : 30FF
+[04Ch 0076   2]PCI BDF start : 1000
+[04Eh 0078   2]  PCI BDF end : 10FF
 [050h 0080   2]  Output node : 0030
 [052h 0082   6] Reserved : 

@@ -48,11 +48,11 @@
 [059h 0089   1] Reserved : 00
 [05Ah 0090   2]   Length : 0018

-[05Ch 0092   4]   Endpoint start : 1000
+[05Ch 0092   4]   Endpoint start : 3000
 [060h 0096   2]PCI Segment start : 
 [062h 0098   2]  PCI Segment end : 
-[064h 0100   2]PCI BDF start : 1000
-[066h 0102   2]  PCI BDF end : 10FF
+[064h 0100   2]PCI BDF start : 3000
+[066h 0102   2]  PCI BDF end : 30FF
 [068h 0104   2]  Output node : 0030
 [06Ah 0106   6] Reserved : 

@@ -62,6 +62,6 @@
 0010: 42 58 50 43 20 20 20 20 01 00 00 00 42 58 50 43  // BXPCBXPC
 0020: 01 00 00 00 03 00 30 00 00 00 00 00 00 00 00 00  // ..0.
 0030: 03 00 10 00 00 00 10 00 00 00 00 00 00 00 00 00  // 
-0040: 01 00 18 00 00 30 00 00 00 00 00 00 00 30 FF 30  // .0...0.0
-0050: 30 00 00 00 00 00 00 00 01 00 18 00 00 10 00 00  // 0...
-0060: 00 00 00 00 00 10 FF 10 30 00 00 00 00 00 00 00  // 0...
+0040: 01 00 18 00 00 10 00 00 00 00 00 00 00 10 FF 10  // 
+0050: 30 00 00 00 00 00 00 00 01 00 18 00 00 30 00 00  // 00..
+0060: 00 00 00 00 00 30 FF 30 30 00 00 00 00 00 00 00  // .0.00...

Signed-off-by: Mark Cave-Ayland 
Reviewed-by: Philippe Mathieu-Daudé 
Message-Id: <20220525173232.31429-7-mark.cave-ayl...@ilande.co.uk>
Reviewed-by: Jean-Philippe Brucker 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h |   1 -
 tests/data/acpi/q35/VIOT.viot   | Bin 112 -> 112 bytes
 2 files changed, 1 deletion(-)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index 8367ffe1d4..dfb8523c8b 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1,2 +1 @@
 /* List of comma-separated changed AML files to ignore */
-"tests/data/acpi/virt/VIOT",
diff --git a/tests/data/acpi/q35/VIOT.viot b/tests/data/acpi/q35/VIOT.viot
index 
9b179266ccbf84f1c250ee646812d17e27987764..275c78fbe8e93190321d957c91c3f17551f865d4
 100644
GIT binary patch
delta 10
RcmXRYnBY1wR(PU=1OOI`1E2r^

delta 10
RcmXRYnBY1wR(PU=1OOI`1E2r^

-- 
MST




[PULL 50/54] hw/acpi/viot: sort VIOT ACPI table entries by PCI host bridge min_bus

2022-06-10 Thread Michael S. Tsirkin
From: Mark Cave-Ayland 

This ensures that the VIOT ACPI table output is always stable for a given PCI
topology by ensuring that entries are ordered according to min_bus.

Signed-off-by: Mark Cave-Ayland 
Reviewed-by: Ani Sinha 
Reviewed-by: Philippe Mathieu-Daudé 
Message-Id: <20220525173232.31429-6-mark.cave-ayl...@ilande.co.uk>
Reviewed-by: Jean-Philippe Brucker 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/acpi/viot.c | 17 +
 1 file changed, 17 insertions(+)

diff --git a/hw/acpi/viot.c b/hw/acpi/viot.c
index c32bbdd180..4e0bf69067 100644
--- a/hw/acpi/viot.c
+++ b/hw/acpi/viot.c
@@ -64,6 +64,20 @@ static int enumerate_pci_host_bridges(Object *obj, void 
*opaque)
 return 0;
 }
 
+static gint pci_host_range_compare(gconstpointer a, gconstpointer b)
+{
+struct viot_pci_host_range *range_a = (struct viot_pci_host_range *)a;
+struct viot_pci_host_range *range_b = (struct viot_pci_host_range *)b;
+
+if (range_a->min_bus < range_b->min_bus) {
+return -1;
+} else if (range_a->min_bus > range_b->min_bus) {
+return 1;
+} else {
+return 0;
+}
+}
+
 /*
  * Generate a VIOT table with one PCI-based virtio-iommu that manages PCI
  * endpoints.
@@ -87,6 +101,9 @@ void build_viot(MachineState *ms, GArray *table_data, 
BIOSLinker *linker,
 object_child_foreach_recursive(OBJECT(ms), enumerate_pci_host_bridges,
pci_host_ranges);
 
+/* Sort the pci host ranges by min_bus */
+g_array_sort(pci_host_ranges, pci_host_range_compare);
+
 /* ACPI table header */
 acpi_table_begin(, table_data);
 /* Node count */
-- 
MST




[PULL 43/54] hw/machine: Drop cxl_supported flag as no longer useful

2022-06-10 Thread Michael S. Tsirkin
From: Jonathan Cameron 

As all the CXL elements have moved to boards that support
CXL, there is no need to maintain a top level flag.

Signed-off-by: Jonathan Cameron 
Reviewed-by: Ben Widawsky 
Message-Id: <20220608145440.26106-9-jonathan.came...@huawei.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/boards.h | 1 -
 hw/i386/pc.c| 1 -
 2 files changed, 2 deletions(-)

diff --git a/include/hw/boards.h b/include/hw/boards.h
index 031f5f884d..d94edcef28 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -269,7 +269,6 @@ struct MachineClass {
 bool ignore_boot_device_suffixes;
 bool smbus_no_migration_support;
 bool nvdimm_supported;
-bool cxl_supported;
 bool numa_mem_supported;
 bool auto_enable_numa;
 SMPCompatProps smp_props;
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index a0c0d69698..1b6067ff22 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1804,7 +1804,6 @@ static void pc_machine_class_init(ObjectClass *oc, void 
*data)
 mc->default_cpu_type = TARGET_DEFAULT_CPU_TYPE;
 mc->nvdimm_supported = true;
 mc->smp_props.dies_supported = true;
-mc->cxl_supported = true;
 mc->default_ram_id = "pc.ram";
 
 object_class_property_add(oc, PC_MACHINE_MAX_RAM_BELOW_4G, "size",
-- 
MST




[PULL 29/54] tests: acpi: update expected DSDT.pvpanic-isa blob

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

@@ -145,6 +145,37 @@ DefinitionBlock ("", "DSDT", 1, "BOCHS ", "BXPC", 
0x0001)
 {
 Name (_ADR, 0x001F)  // _ADR: Address
 OperationRegion (PIRQ, PCI_Config, 0x60, 0x0C)
+Device (PEVT)
+{
+Name (_HID, "QEMU0001")  // _HID: Hardware ID
+Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource 
Settings
+{
+IO (Decode16,
+0x0505, // Range Minimum
+0x0505, // Range Maximum
+0x01,   // Alignment
+0x01,   // Length
+)
+})
+OperationRegion (PEOR, SystemIO, 0x0505, One)
+Field (PEOR, ByteAcc, NoLock, Preserve)
+{
+PEPT,   8
+}
+
+Name (_STA, 0x0F)  // _STA: Status
+Method (RDPT, 0, NotSerialized)
+{
+Local0 = PEPT /* \_SB_.PCI0.ISA_.PEVT.PEPT */
+Return (Local0)
+}
+
+Method (WRPT, 1, NotSerialized)
+{
+PEPT = Arg0
+}
+}
+
 Device (KBD)
 {
 Name (_HID, EisaId ("PNP0303") /* IBM Enhanced Keyboard 
(101/102-key, PS/2 Mouse) */)  // _HID: Hardware ID
@@ -3246,40 +3277,6 @@ DefinitionBlock ("", "DSDT", 1, "BOCHS ", "BXPC", 
0x0001)
 }
 }

-Scope (\_SB.PCI0.ISA)
-{
-Device (PEVT)
-{
-Name (_HID, "QEMU0001")  // _HID: Hardware ID
-Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource Settings
-{
-IO (Decode16,
-0x0505, // Range Minimum
-0x0505, // Range Maximum
-0x01,   // Alignment
-0x01,   // Length
-)
-})
-OperationRegion (PEOR, SystemIO, 0x0505, One)
-Field (PEOR, ByteAcc, NoLock, Preserve)
-{
-PEPT,   8
-}
-
-Name (_STA, 0x0F)  // _STA: Status
-Method (RDPT, 0, NotSerialized)
-{
-Local0 = PEPT /* \_SB_.PCI0.ISA_.PEVT.PEPT */
-Return (Local0)
-}
-
-Method (WRPT, 1, NotSerialized)
-{
-PEPT = Arg0
-}
-}
-}
-
 Scope (\_SB)
 {
 Scope (PCI0)

Signed-off-by: Igor Mammedov 
Message-Id: <20220608135340.3304695-30-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h |   1 -
 tests/data/acpi/q35/DSDT.pvpanic-isa| Bin 0 -> 8375 bytes
 2 files changed, 1 deletion(-)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index d5cd7aa4f5..dfb8523c8b 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1,2 +1 @@
 /* List of comma-separated changed AML files to ignore */
-"tests/data/acpi/q35/DSDT.pvpanic-isa",
diff --git a/tests/data/acpi/q35/DSDT.pvpanic-isa 
b/tests/data/acpi/q35/DSDT.pvpanic-isa
index 
e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..cc545b5d2505246d33f83d2482273968aa1be032
 100644
GIT binary patch
literal 8375
zcmb7JOKcm*8J^`!tK~{sQk3LZY{E&?~(R|lb;iIo;;J^}
z)XzV^_)huW&;I#~+pk+G0M6mBiNEJ#xAeAd5ed_Z*mY;~~sS)V@^Wez=w
zBPzLTiz2FO_2BjH{)=9_?D96w1+AdumR8XkrrSf@T-Va%q^q2Hf|!{J}WEpu)#
zr)dh6zF80aj#Ozt8>#B<)q_rx*^J%)Hp^1on-0Z`FZ(U87__}!vG9B^?37tdB~eU8
z+wVn|6AkQ7`w{C$+2Qbj4dy@XZ?oTR+w9-}OCPWUYeBRvXU%^!OKrLTElV+m*3?&?
zrshzGclXzp8)3P}I~ff)gT@4n_GZG0EE}Ve3H+Bud*?R&=2oe6D0$AZYDOAA!?-~t
zf1_<=5n(Ry`@j!67)7+(S}4r7y`aNlDvJ)Hf_9f@D-TiaxL1$Igof5Oi(6Ej*
zS2NyCzMC}7vwOVebM8j-kdp=)V>E^HAo(E4%(D*XJlXEJhpowuW(BW0W-&9
zv~mwSelKvtj*-1*TP6ma0v7|aRm8AL`V_cPL@WU3
z#WT(WREESv{T!R%OkhV5F(ov?I1^CLL`Y1uhGUbQDO-?a#FWsaU;@gS2#G1PV6_S?
zuP4Qs5}FcB*?5Gi|d8&6yIK7EIZAgsRSrrZdBt5}MI9%jpA2vwbyrqj}NTDnezs?MyYGpp&$>N*jsI`Mv0#?#hx
z+PY4Js?Ir0=bWZD>pBstIu|sZ3!2UaT_-|Sr=#g~G@XvF6QQaz
zr|HaTI&->CgsRTGrZcbU%u8LB#AprTsNgn=qhGEjul70EymN}VuJf#pmX
zr~)Me6;Pg&3>2Z%2?G^a+#~P%=;fAz;Y%GRDqI#3Mglifg+ST
zVW0xbnJ`cVN(L_XQ0jz%3M^;BKouw%sDN@N87M-j69y``0?L_Wpa`W-7^uKf}LawZulLa7r5DzKah16818paRO7WS|J8P8g`bawZH^
zfs%m=C})y^B9uB|paRR8Fi-_b1}dPONd}5g>V$zJQVbN4YM=;J14XD9sKSJSDoip^
zg-HggFkzqy69%d<$v_n*8K}a9fhtTGsKO)zRhVR;3KIsZFkzqylMGa0l7T8r7$_n+
zx-d{g7%|?NWS|H!3^F99>{}QpBH6bvP(-qC$v_dxz9j=ihz+O{Jy<9k*nR%b>H+;j
zdN)IV%H5kkc_vB!rP6*1?V%V!d$SD3-K@~XrHf}W?C5OzbYG=Qj

[PULL 49/54] tests/acpi: virt: allow VIOT acpi table changes

2022-06-10 Thread Michael S. Tsirkin
From: Mark Cave-Ayland 

Signed-off-by: Mark Cave-Ayland 
Acked-by: Ani Sinha 
Reviewed-by: Philippe Mathieu-Daudé 
Message-Id: <20220525173232.31429-5-mark.cave-ayl...@ilande.co.uk>
Reviewed-by: Jean-Philippe Brucker 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index dfb8523c8b..8367ffe1d4 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1 +1,2 @@
 /* List of comma-separated changed AML files to ignore */
+"tests/data/acpi/virt/VIOT",
-- 
MST




[PULL 48/54] hw/acpi/viot: build array of PCI host bridges before generating VIOT ACPI table

2022-06-10 Thread Michael S. Tsirkin
From: Mark Cave-Ayland 

Perform the generation of the VIOT ACPI table in 2 separate passes: the first 
pass
enumerates all of the PCI host bridges and adds the min_bus and max_bus 
information
to an array.

Once this is done the VIOT table header is generated using the size of the array
to calculate the node count, which means it is no longer necessary to use a
sub-array to hold the PCI host bridge range information along with viommu_off.

Finally the PCI host bridge array is iterated again to add the required entries
to the final VIOT ACPI table.

Signed-off-by: Mark Cave-Ayland 
Reviewed-by: Ani Sinha 
Reviewed-by: Philippe Mathieu-Daudé 
Message-Id: <20220525173232.31429-4-mark.cave-ayl...@ilande.co.uk>
Reviewed-by: Jean-Philippe Brucker 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/acpi/viot.c | 42 --
 1 file changed, 24 insertions(+), 18 deletions(-)

diff --git a/hw/acpi/viot.c b/hw/acpi/viot.c
index 5dafcbf5ef..c32bbdd180 100644
--- a/hw/acpi/viot.c
+++ b/hw/acpi/viot.c
@@ -10,10 +10,9 @@
 #include "hw/pci/pci.h"
 #include "hw/pci/pci_host.h"
 
-struct viot_pci_ranges {
-GArray *blob;
-size_t count;
-uint16_t output_node;
+struct viot_pci_host_range {
+int min_bus;
+int max_bus;
 };
 
 static void build_pci_host_range(GArray *table_data, int min_bus, int max_bus,
@@ -44,8 +43,7 @@ static void build_pci_host_range(GArray *table_data, int 
min_bus, int max_bus,
 /* Build PCI range for a given PCI host bridge */
 static int enumerate_pci_host_bridges(Object *obj, void *opaque)
 {
-struct viot_pci_ranges *pci_ranges = opaque;
-GArray *blob = pci_ranges->blob;
+GArray *pci_host_ranges = opaque;
 
 if (object_dynamic_cast(obj, TYPE_PCI_HOST_BRIDGE)) {
 PCIBus *bus = PCI_HOST_BRIDGE(obj)->bus;
@@ -55,9 +53,11 @@ static int enumerate_pci_host_bridges(Object *obj, void 
*opaque)
 
 pci_bus_range(bus, _bus, _bus);
 
-build_pci_host_range(blob, min_bus, max_bus,
- pci_ranges->output_node);
-pci_ranges->count++;
+const struct viot_pci_host_range pci_host_range = {
+.min_bus = min_bus,
+.max_bus = max_bus,
+};
+g_array_append_val(pci_host_ranges, pci_host_range);
 }
 }
 
@@ -78,19 +78,19 @@ void build_viot(MachineState *ms, GArray *table_data, 
BIOSLinker *linker,
 int viommu_off = 48;
 AcpiTable table = { .sig = "VIOT", .rev = 0,
 .oem_id = oem_id, .oem_table_id = oem_table_id };
-struct viot_pci_ranges pci_ranges = {
-.output_node = viommu_off,
-.blob = g_array_new(false, true /* clear */, 1),
-};
+GArray *pci_host_ranges =  g_array_new(false, true,
+   sizeof(struct viot_pci_host_range));
+struct viot_pci_host_range *pci_host_range;
+int i;
 
 /* Build the list of PCI ranges that this viommu manages */
 object_child_foreach_recursive(OBJECT(ms), enumerate_pci_host_bridges,
-   _ranges);
+   pci_host_ranges);
 
 /* ACPI table header */
 acpi_table_begin(, table_data);
 /* Node count */
-build_append_int_noprefix(table_data, pci_ranges.count + 1, 2);
+build_append_int_noprefix(table_data, pci_host_ranges->len + 1, 2);
 /* Node offset */
 build_append_int_noprefix(table_data, viommu_off, 2);
 /* Reserved */
@@ -111,9 +111,15 @@ void build_viot(MachineState *ms, GArray *table_data, 
BIOSLinker *linker,
 build_append_int_noprefix(table_data, 0, 8);
 
 /* PCI ranges found above */
-g_array_append_vals(table_data, pci_ranges.blob->data,
-pci_ranges.blob->len);
-g_array_free(pci_ranges.blob, true);
+for (i = 0; i < pci_host_ranges->len; i++) {
+pci_host_range = _array_index(pci_host_ranges,
+struct viot_pci_host_range, i);
+
+build_pci_host_range(table_data, pci_host_range->min_bus,
+ pci_host_range->max_bus, viommu_off);
+}
+
+g_array_free(pci_host_ranges, true);
 
 acpi_table_end(linker, );
 }
-- 
MST




[PULL 28/54] acpi: pvpanic-isa: use AcpiDevAmlIfClass:build_dev_aml to provide device's AML

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

.. and clean up not longer needed conditionals in DSTD build code
pvpanic-isa AML will be fetched and included when ISA bridge will
build its own AML code (including attached devices).

Expected AML change:
   the device under separate _SB.PCI0.ISA scope is moved directly
   under Device(ISA) node.

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-29-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/misc/pvpanic.h |  9 -
 hw/i386/acpi-build.c  | 37 --
 hw/misc/pvpanic-isa.c | 42 +++
 3 files changed, 42 insertions(+), 46 deletions(-)

diff --git a/include/hw/misc/pvpanic.h b/include/hw/misc/pvpanic.h
index 7f16cc9b16..e520566ab0 100644
--- a/include/hw/misc/pvpanic.h
+++ b/include/hw/misc/pvpanic.h
@@ -33,13 +33,4 @@ struct PVPanicState {
 
 void pvpanic_setup_io(PVPanicState *s, DeviceState *dev, unsigned size);
 
-static inline uint16_t pvpanic_port(void)
-{
-Object *o = object_resolve_path_type("", TYPE_PVPANIC_ISA_DEVICE, NULL);
-if (!o) {
-return 0;
-}
-return object_property_get_uint(o, PVPANIC_IOPORT_PROP, NULL);
-}
-
 #endif
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index b96705c688..bbe02b068e 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -31,7 +31,6 @@
 #include "hw/cxl/cxl.h"
 #include "hw/core/cpu.h"
 #include "target/i386/cpu.h"
-#include "hw/misc/pvpanic.h"
 #include "hw/timer/hpet.h"
 #include "hw/acpi/acpi-defs.h"
 #include "hw/acpi/acpi.h"
@@ -120,7 +119,6 @@ typedef struct AcpiMiscInfo {
 #endif
 const unsigned char *dsdt_code;
 unsigned dsdt_size;
-uint16_t pvpanic_port;
 } AcpiMiscInfo;
 
 typedef struct AcpiBuildPciBusHotplugState {
@@ -305,7 +303,6 @@ static void acpi_get_misc_info(AcpiMiscInfo *info)
 #ifdef CONFIG_TPM
 info->tpm_version = tpm_get_version(tpm_find());
 #endif
-info->pvpanic_port = pvpanic_port();
 }
 
 /*
@@ -1798,40 +1795,6 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
 aml_append(dsdt, scope);
 }
 
-if (misc->pvpanic_port) {
-scope = aml_scope("\\_SB.PCI0.ISA");
-
-dev = aml_device("PEVT");
-aml_append(dev, aml_name_decl("_HID", aml_string("QEMU0001")));
-
-crs = aml_resource_template();
-aml_append(crs,
-aml_io(AML_DECODE16, misc->pvpanic_port, misc->pvpanic_port, 1, 1)
-);
-aml_append(dev, aml_name_decl("_CRS", crs));
-
-aml_append(dev, aml_operation_region("PEOR", AML_SYSTEM_IO,
-  aml_int(misc->pvpanic_port), 1));
-field = aml_field("PEOR", AML_BYTE_ACC, AML_NOLOCK, AML_PRESERVE);
-aml_append(field, aml_named_field("PEPT", 8));
-aml_append(dev, field);
-
-/* device present, functioning, decoding, shown in UI */
-aml_append(dev, aml_name_decl("_STA", aml_int(0xF)));
-
-method = aml_method("RDPT", 0, AML_NOTSERIALIZED);
-aml_append(method, aml_store(aml_name("PEPT"), aml_local(0)));
-aml_append(method, aml_return(aml_local(0)));
-aml_append(dev, method);
-
-method = aml_method("WRPT", 1, AML_NOTSERIALIZED);
-aml_append(method, aml_store(aml_arg(0), aml_name("PEPT")));
-aml_append(dev, method);
-
-aml_append(scope, dev);
-aml_append(dsdt, scope);
-}
-
 sb_scope = aml_scope("\\_SB");
 {
 Object *pci_host;
diff --git a/hw/misc/pvpanic-isa.c b/hw/misc/pvpanic-isa.c
index b84d4d458d..ccec50f61b 100644
--- a/hw/misc/pvpanic-isa.c
+++ b/hw/misc/pvpanic-isa.c
@@ -22,6 +22,7 @@
 #include "qom/object.h"
 #include "hw/isa/isa.h"
 #include "standard-headers/linux/pvpanic.h"
+#include "hw/acpi/acpi_aml_interface.h"
 
 OBJECT_DECLARE_SIMPLE_TYPE(PVPanicISAState, PVPANIC_ISA_DEVICE)
 
@@ -63,6 +64,41 @@ static void pvpanic_isa_realizefn(DeviceState *dev, Error 
**errp)
 isa_register_ioport(d, >mr, s->ioport);
 }
 
+static void build_pvpanic_isa_aml(AcpiDevAmlIf *adev, Aml *scope)
+{
+Aml *crs, *field, *method;
+PVPanicISAState *s = PVPANIC_ISA_DEVICE(adev);
+Aml *dev = aml_device("PEVT");
+
+aml_append(dev, aml_name_decl("_HID", aml_string("QEMU0001")));
+
+crs = aml_resource_template();
+aml_append(crs,
+aml_io(AML_DECODE16, s->ioport, s->ioport, 1, 1)
+);
+aml_append(dev, aml_name_decl("_CRS", crs));
+
+aml_append(dev, aml_operation_region("PEOR", AML_SYSTEM_IO,
+  aml_int(s->ioport), 1));
+fi

[PULL 37/54] hw/acpi/cxl: Pass in the CXLState directly rather than MachineState

2022-06-10 Thread Michael S. Tsirkin
From: Jonathan Cameron 

Refactoring step on path to moving all CXL state out of
MachineState.

Signed-off-by: Jonathan Cameron 
Reviewed-by: Ben Widawsky 
Message-Id: <20220608145440.26106-3-jonathan.came...@huawei.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/acpi/cxl.h | 5 +++--
 hw/acpi/cxl.c | 9 -
 hw/i386/acpi-build.c  | 4 ++--
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/include/hw/acpi/cxl.h b/include/hw/acpi/cxl.h
index 0c496538c0..acf4418886 100644
--- a/include/hw/acpi/cxl.h
+++ b/include/hw/acpi/cxl.h
@@ -19,10 +19,11 @@
 #define HW_ACPI_CXL_H
 
 #include "hw/acpi/bios-linker-loader.h"
+#include "hw/cxl/cxl.h"
 
-void cxl_build_cedt(MachineState *ms, GArray *table_offsets, GArray 
*table_data,
+void cxl_build_cedt(GArray *table_offsets, GArray *table_data,
 BIOSLinker *linker, const char *oem_id,
-const char *oem_table_id);
+const char *oem_table_id, CXLState *cxl_state);
 void build_cxl_osc_method(Aml *dev);
 
 #endif
diff --git a/hw/acpi/cxl.c b/hw/acpi/cxl.c
index 31d5235136..2bf8c07993 100644
--- a/hw/acpi/cxl.c
+++ b/hw/acpi/cxl.c
@@ -65,9 +65,8 @@ static void cedt_build_chbs(GArray *table_data, PXBDev *cxl)
  * Interleave ways encoding in CXL 2.0 ECN: 3, 6, 12 and 16-way memory
  * interleaving.
  */
-static void cedt_build_cfmws(GArray *table_data, MachineState *ms)
+static void cedt_build_cfmws(GArray *table_data, CXLState *cxls)
 {
-CXLState *cxls = ms->cxl_devices_state;
 GList *it;
 
 for (it = cxls->fixed_windows; it; it = it->next) {
@@ -129,9 +128,9 @@ static int cxl_foreach_pxb_hb(Object *obj, void *opaque)
 return 0;
 }
 
-void cxl_build_cedt(MachineState *ms, GArray *table_offsets, GArray 
*table_data,
+void cxl_build_cedt(GArray *table_offsets, GArray *table_data,
 BIOSLinker *linker, const char *oem_id,
-const char *oem_table_id)
+const char *oem_table_id, CXLState *cxl_state)
 {
 Aml *cedt;
 AcpiTable table = { .sig = "CEDT", .rev = 1, .oem_id = oem_id,
@@ -144,7 +143,7 @@ void cxl_build_cedt(MachineState *ms, GArray 
*table_offsets, GArray *table_data,
 /* reserve space for CEDT header */
 
 object_child_foreach_recursive(object_get_root(), cxl_foreach_pxb_hb, 
cedt);
-cedt_build_cfmws(cedt->buf, ms);
+cedt_build_cfmws(cedt->buf, cxl_state);
 
 /* copy AML table into ACPI tables blob and patch header there */
 g_array_append_vals(table_data, cedt->buf->data, cedt->buf->len);
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index f41e14a469..663c34b9d1 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -2615,8 +2615,8 @@ void acpi_build(AcpiBuildTables *tables, MachineState 
*machine)
   x86ms->oem_id, x86ms->oem_table_id);
 }
 if (machine->cxl_devices_state->is_enabled) {
-cxl_build_cedt(machine, table_offsets, tables_blob, tables->linker,
-   x86ms->oem_id, x86ms->oem_table_id);
+cxl_build_cedt(table_offsets, tables_blob, tables->linker,
+   x86ms->oem_id, x86ms->oem_table_id, 
machine->cxl_devices_state);
 }
 
 acpi_add_table(table_offsets, tables_blob);
-- 
MST




[PULL 47/54] hw/acpi/viot: move the individual PCI host bridge entry generation to a new function

2022-06-10 Thread Michael S. Tsirkin
From: Mark Cave-Ayland 

Instead of generating each table entry inline, move the individual PCI host 
bridge
table entry generation to a separate build_pci_host_range() function.

Signed-off-by: Mark Cave-Ayland 
Reviewed-by: Ani Sinha 
Reviewed-by: Philippe Mathieu-Daudé 
Message-Id: <20220525173232.31429-3-mark.cave-ayl...@ilande.co.uk>
Reviewed-by: Jean-Philippe Brucker 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/acpi/viot.c | 48 +++-
 1 file changed, 27 insertions(+), 21 deletions(-)

diff --git a/hw/acpi/viot.c b/hw/acpi/viot.c
index a41daded71..5dafcbf5ef 100644
--- a/hw/acpi/viot.c
+++ b/hw/acpi/viot.c
@@ -16,6 +16,31 @@ struct viot_pci_ranges {
 uint16_t output_node;
 };
 
+static void build_pci_host_range(GArray *table_data, int min_bus, int max_bus,
+ uint16_t output_node)
+{
+/* Type */
+build_append_int_noprefix(table_data, 1 /* PCI range */, 1);
+/* Reserved */
+build_append_int_noprefix(table_data, 0, 1);
+/* Length */
+build_append_int_noprefix(table_data, 24, 2);
+/* Endpoint start */
+build_append_int_noprefix(table_data, PCI_BUILD_BDF(min_bus, 0), 4);
+/* PCI Segment start */
+build_append_int_noprefix(table_data, 0, 2);
+/* PCI Segment end */
+build_append_int_noprefix(table_data, 0, 2);
+/* PCI BDF start */
+build_append_int_noprefix(table_data, PCI_BUILD_BDF(min_bus, 0), 2);
+/* PCI BDF end */
+build_append_int_noprefix(table_data, PCI_BUILD_BDF(max_bus, 0xff), 2);
+/* Output node */
+build_append_int_noprefix(table_data, output_node, 2);
+/* Reserved */
+build_append_int_noprefix(table_data, 0, 6);
+}
+
 /* Build PCI range for a given PCI host bridge */
 static int enumerate_pci_host_bridges(Object *obj, void *opaque)
 {
@@ -30,27 +55,8 @@ static int enumerate_pci_host_bridges(Object *obj, void 
*opaque)
 
 pci_bus_range(bus, _bus, _bus);
 
-/* Type */
-build_append_int_noprefix(blob, 1 /* PCI range */, 1);
-/* Reserved */
-build_append_int_noprefix(blob, 0, 1);
-/* Length */
-build_append_int_noprefix(blob, 24, 2);
-/* Endpoint start */
-build_append_int_noprefix(blob, PCI_BUILD_BDF(min_bus, 0), 4);
-/* PCI Segment start */
-build_append_int_noprefix(blob, 0, 2);
-/* PCI Segment end */
-build_append_int_noprefix(blob, 0, 2);
-/* PCI BDF start */
-build_append_int_noprefix(blob, PCI_BUILD_BDF(min_bus, 0), 2);
-/* PCI BDF end */
-build_append_int_noprefix(blob, PCI_BUILD_BDF(max_bus, 0xff), 2);
-/* Output node */
-build_append_int_noprefix(blob, pci_ranges->output_node, 2);
-/* Reserved */
-build_append_int_noprefix(blob, 0, 6);
-
+build_pci_host_range(blob, min_bus, max_bus,
+ pci_ranges->output_node);
 pci_ranges->count++;
 }
 }
-- 
MST




[PULL 40/54] pci/pci_expander_bridge: For CXL HB delay the HB register memory region setup.

2022-06-10 Thread Michael S. Tsirkin
From: Jonathan Cameron 

As the CXLState will no long be accessible via MachineState
at time of PXB_CXL realization, come back later from the machine specific
code to fill in the missing memory region setup. Only at this stage
is it possible to check if cxl=on, so that check is moved to this
later point.

Note that for multiple host bridges, the allocation order of the
register spaces is changed. This will be reflected in ACPI CEDT.

Stubs are added to handle case of CONFIG_PXB=n for machines that
call these functions.

The bus walking logic is common to all machines so add a utility
function + stub to cxl-host*.

Signed-off-by: Jonathan Cameron 
Reviewed-by: Ben Widawsky 
Message-Id: <20220608145440.26106-6-jonathan.came...@huawei.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/cxl/cxl_host.h   |  1 +
 include/hw/pci-bridge/pci_expander_bridge.h | 12 
 hw/cxl/cxl-host-stubs.c |  1 +
 hw/cxl/cxl-host.c   | 20 +
 hw/i386/pc.c|  3 ++
 hw/pci-bridge/pci_expander_bridge.c | 32 +
 hw/pci-bridge/pci_expander_bridge_stubs.c   | 14 +
 hw/pci-bridge/meson.build   |  5 +++-
 8 files changed, 75 insertions(+), 13 deletions(-)
 create mode 100644 include/hw/pci-bridge/pci_expander_bridge.h
 create mode 100644 hw/pci-bridge/pci_expander_bridge_stubs.c

diff --git a/include/hw/cxl/cxl_host.h b/include/hw/cxl/cxl_host.h
index 4d642a81fa..a1b662ce40 100644
--- a/include/hw/cxl/cxl_host.h
+++ b/include/hw/cxl/cxl_host.h
@@ -16,6 +16,7 @@
 
 void cxl_machine_init(Object *obj, CXLState *state);
 void cxl_fmws_link_targets(CXLState *stat, Error **errp);
+void cxl_hook_up_pxb_registers(PCIBus *bus, CXLState *state, Error **errp);
 
 extern const MemoryRegionOps cfmws_ops;
 
diff --git a/include/hw/pci-bridge/pci_expander_bridge.h 
b/include/hw/pci-bridge/pci_expander_bridge.h
new file mode 100644
index 00..0b3856d615
--- /dev/null
+++ b/include/hw/pci-bridge/pci_expander_bridge.h
@@ -0,0 +1,12 @@
+/*
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef PCI_EXPANDER_BRIDGE_H
+#define PCI_EXPANDER_BRIDGE_H
+
+#include "hw/cxl/cxl.h"
+
+void pxb_cxl_hook_up_registers(CXLState *state, PCIBus *bus, Error **errp);
+
+#endif /* PCI_EXPANDER_BRIDGE_H */
diff --git a/hw/cxl/cxl-host-stubs.c b/hw/cxl/cxl-host-stubs.c
index e0d5ec8ad5..cae4afcdde 100644
--- a/hw/cxl/cxl-host-stubs.c
+++ b/hw/cxl/cxl-host-stubs.c
@@ -10,5 +10,6 @@
 
 void cxl_fmws_link_targets(CXLState *stat, Error **errp) {};
 void cxl_machine_init(Object *obj, CXLState *state) {};
+void cxl_hook_up_pxb_registers(PCIBus *bus, CXLState *state, Error **errp) {};
 
 const MemoryRegionOps cfmws_ops;
diff --git a/hw/cxl/cxl-host.c b/hw/cxl/cxl-host.c
index 8e7738a65b..efa14908d8 100644
--- a/hw/cxl/cxl-host.c
+++ b/hw/cxl/cxl-host.c
@@ -20,6 +20,7 @@
 #include "hw/pci/pci_bridge.h"
 #include "hw/pci/pci_host.h"
 #include "hw/pci/pcie_port.h"
+#include "hw/pci-bridge/pci_expander_bridge.h"
 
 static void cxl_fixed_memory_window_config(CXLState *cxl_state,
CXLFixedMemoryWindowOptions *object,
@@ -280,3 +281,22 @@ void cxl_machine_init(Object *obj, CXLState *state)
 object_property_set_description(obj, "cxl-fmw",
 "CXL Fixed Memory Windows (array)");
 }
+
+void cxl_hook_up_pxb_registers(PCIBus *bus, CXLState *state, Error **errp)
+{
+/* Walk the pci busses looking for pxb busses to hook up */
+if (bus) {
+QLIST_FOREACH(bus, >child, sibling) {
+if (!pci_bus_is_root(bus)) {
+continue;
+}
+if (pci_bus_is_cxl(bus)) {
+if (!state->is_enabled) {
+error_setg(errp, "CXL host bridges present, but cxl=off");
+return;
+}
+pxb_cxl_hook_up_registers(state, bus, errp);
+}
+}
+}
+}
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 6cecd74d58..9f48d02739 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -37,6 +37,7 @@
 #include "hw/ide.h"
 #include "hw/pci/pci.h"
 #include "hw/pci/pci_bus.h"
+#include "hw/pci-bridge/pci_expander_bridge.h"
 #include "hw/nvram/fw_cfg.h"
 #include "hw/timer/hpet.h"
 #include "hw/firmware/smbios.h"
@@ -735,6 +736,8 @@ void pc_machine_done(Notifier *notifier, void *data)
 MachineState *ms = MACHINE(pcms);
 
 if (ms->cxl_devices_state) {
+cxl_hook_up_pxb_registers(pcms->bus, ms->cxl_devices_state,
+  _fatal);
 cxl_fmws_link_targets(ms->cxl_devices_state, _fatal);
 }
 
diff --git a/hw/pci-bridge/pci_expander_bridge.c 
b/hw/pci-bridge/pci_expander_bridge.c
index 0

[PULL 33/54] acpi: tpm-tis: use AcpiDevAmlIfClass:build_dev_aml to provide device's AML

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

.. and clean up not longer needed conditionals in DSTD build code
tpm-tis AML will be fetched and included when ISA bridge will
build its own AML code (including attached devices).

Expected AML change:
the device under separate _SB.PCI0.ISA scope is moved directly
under Device(ISA) node.

Signed-off-by: Igor Mammedov 
Reviewed-by: Ani Sinha 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-34-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/i386/acpi-build.c | 34 --
 hw/tpm/tpm_tis_isa.c | 32 
 2 files changed, 32 insertions(+), 34 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 1204b6da05..0b65fc99cd 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1804,40 +1804,6 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
 Aml *scope = aml_scope("PCI0");
 /* Scan all PCI buses. Generate tables to support hotplug. */
 build_append_pci_bus_devices(scope, bus, pm->pcihp_bridge_en);
-
-#ifdef CONFIG_TPM
-if (TPM_IS_TIS_ISA(tpm)) {
-dev = aml_device("ISA.TPM");
-if (misc->tpm_version == TPM_VERSION_2_0) {
-aml_append(dev, aml_name_decl("_HID",
-  aml_string("MSFT0101")));
-aml_append(dev,
-   aml_name_decl("_STR",
- aml_string("TPM 2.0 Device")));
-} else {
-aml_append(dev, aml_name_decl("_HID",
-  aml_eisaid("PNP0C31")));
-}
-aml_append(dev, aml_name_decl("_UID", aml_int(1)));
-
-aml_append(dev, aml_name_decl("_STA", aml_int(0xF)));
-crs = aml_resource_template();
-aml_append(crs, aml_memory32_fixed(TPM_TIS_ADDR_BASE,
-   TPM_TIS_ADDR_SIZE, AML_READ_WRITE));
-/*
-FIXME: TPM_TIS_IRQ=5 conflicts with PNP0C0F irqs,
-Rewrite to take IRQ from TPM device model and
-fix default IRQ value there to use some unused IRQ
- */
-/* aml_append(crs, aml_irq_no_flags(TPM_TIS_IRQ)); */
-aml_append(dev, aml_name_decl("_CRS", crs));
-
-tpm_build_ppi_acpi(tpm, dev);
-
-aml_append(scope, dev);
-}
-#endif
-
 aml_append(sb_scope, scope);
 }
 }
diff --git a/hw/tpm/tpm_tis_isa.c b/hw/tpm/tpm_tis_isa.c
index 3477afd735..91e3792248 100644
--- a/hw/tpm/tpm_tis_isa.c
+++ b/hw/tpm/tpm_tis_isa.c
@@ -30,6 +30,7 @@
 #include "tpm_prop.h"
 #include "tpm_tis.h"
 #include "qom/object.h"
+#include "hw/acpi/acpi_aml_interface.h"
 
 struct TPMStateISA {
 /*< private >*/
@@ -138,10 +139,39 @@ static void tpm_tis_isa_realizefn(DeviceState *dev, Error 
**errp)
 }
 }
 
+static void build_tpm_tis_isa_aml(AcpiDevAmlIf *adev, Aml *scope)
+{
+Aml *dev, *crs;
+TPMStateISA *isadev = TPM_TIS_ISA(adev);
+TPMIf *ti = TPM_IF(isadev);
+
+dev = aml_device("TPM");
+if (tpm_tis_isa_get_tpm_version(ti) == TPM_VERSION_2_0) {
+aml_append(dev, aml_name_decl("_HID", aml_string("MSFT0101")));
+aml_append(dev, aml_name_decl("_STR", aml_string("TPM 2.0 Device")));
+} else {
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0C31")));
+}
+aml_append(dev, aml_name_decl("_UID", aml_int(1)));
+aml_append(dev, aml_name_decl("_STA", aml_int(0xF)));
+crs = aml_resource_template();
+aml_append(crs, aml_memory32_fixed(TPM_TIS_ADDR_BASE, TPM_TIS_ADDR_SIZE,
+  AML_READ_WRITE));
+/*
+ * FIXME: TPM_TIS_IRQ=5 conflicts with PNP0C0F irqs,
+ * fix default TPM_TIS_IRQ value there to use some unused IRQ
+ */
+/* aml_append(crs, aml_irq_no_flags(isadev->state.irq_num)); */
+aml_append(dev, aml_name_decl("_CRS", crs));
+tpm_build_ppi_acpi(ti, dev);
+aml_append(scope, dev);
+}
+
 static void tpm_tis_isa_class_init(ObjectClass *klass, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
 TPMIfClass *tc = TPM_IF_CLASS(klass);
+AcpiDevAmlIfClass *adevc = ACPI_DEV_AML_IF_CLASS(klass);
 
 device_class_set_props(dc, tpm_tis_isa_properties);
 dc->vmsd  = _tpm_tis_isa;
@@ -151,6 +181,7 @@ static void tpm_tis_isa_class_init(ObjectClass *klass, void 
*data)
 tc->request_completed = tpm_tis_isa_request_completed;
 tc->get_version = tpm_tis_isa_get_tpm_vers

[PULL 26/54] tests: acpi: white-lists expected DSDT.pvpanic-isa blob

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Message-Id: <20220608135340.3304695-27-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h | 1 +
 tests/data/acpi/q35/DSDT.pvpanic-isa| 0
 2 files changed, 1 insertion(+)
 create mode 100644 tests/data/acpi/q35/DSDT.pvpanic-isa

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index dfb8523c8b..d5cd7aa4f5 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1 +1,2 @@
 /* List of comma-separated changed AML files to ignore */
+"tests/data/acpi/q35/DSDT.pvpanic-isa",
diff --git a/tests/data/acpi/q35/DSDT.pvpanic-isa 
b/tests/data/acpi/q35/DSDT.pvpanic-isa
new file mode 100644
index 00..e69de29bb2
-- 
MST




[PULL 46/54] hw/acpi/viot: rename build_pci_range_node() to enumerate_pci_host_bridges()

2022-06-10 Thread Michael S. Tsirkin
From: Mark Cave-Ayland 

This is in preparation for separating out the VIOT ACPI table build from the
PCI host bridge numeration.

Signed-off-by: Mark Cave-Ayland 
Reviewed-by: Ani Sinha 
Reviewed-by: Philippe Mathieu-Daudé 
Message-Id: <20220525173232.31429-2-mark.cave-ayl...@ilande.co.uk>
Reviewed-by: Jean-Philippe Brucker 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/acpi/viot.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/acpi/viot.c b/hw/acpi/viot.c
index c1af75206e..a41daded71 100644
--- a/hw/acpi/viot.c
+++ b/hw/acpi/viot.c
@@ -17,7 +17,7 @@ struct viot_pci_ranges {
 };
 
 /* Build PCI range for a given PCI host bridge */
-static int build_pci_range_node(Object *obj, void *opaque)
+static int enumerate_pci_host_bridges(Object *obj, void *opaque)
 {
 struct viot_pci_ranges *pci_ranges = opaque;
 GArray *blob = pci_ranges->blob;
@@ -78,7 +78,7 @@ void build_viot(MachineState *ms, GArray *table_data, 
BIOSLinker *linker,
 };
 
 /* Build the list of PCI ranges that this viommu manages */
-object_child_foreach_recursive(OBJECT(ms), build_pci_range_node,
+object_child_foreach_recursive(OBJECT(ms), enumerate_pci_host_bridges,
_ranges);
 
 /* ACPI table header */
-- 
MST




[PULL 39/54] tests/acpi: Allow modification of q35 CXL CEDT table.

2022-06-10 Thread Michael S. Tsirkin
From: Jonathan Cameron 

Needed to allow memory address changes as a result of next patch.

Signed-off-by: Jonathan Cameron 
Reviewed-by: Ben Widawsky 
Message-Id: <20220608145440.26106-5-jonathan.came...@huawei.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index dfb8523c8b..effa58b75b 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1 +1,2 @@
 /* List of comma-separated changed AML files to ignore */
+"tests/data/acpi/q35/CEDT.cxl",
-- 
MST




[PULL 34/54] tests: acpi: update expected DSDT.tis.tpm2/DSDT.tis.tpm12 blobs

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

expected move of tmp-tis device description directly under
Device(ISA) node.

for tpm-tis 2.0:

  @@ -145,6 +145,189 @@ DefinitionBlock ("", "DSDT", 1, "BOCHS ", "BXPC", 
0x0001)
   {
   Name (_ADR, 0x001F)  // _ADR: Address
   OperationRegion (PIRQ, PCI_Config, 0x60, 0x0C)
  +Device (TPM)
  +{
  +Name (_HID, "MSFT0101" /* TPM 2.0 Security Device */)  // 
_HID: Hardware ID
  +Name (_STR, "TPM 2.0 Device")  // _STR: Description String
  +Name (_UID, One)  // _UID: Unique ID
  +Name (_STA, 0x0F)  // _STA: Status
...
  +}

  @@ -3281,189 +3464,6 @@ DefinitionBlock ("", "DSDT", 1, "BOCHS ", "BXPC", 
0x0001)
   Method (PCNT, 0, NotSerialized)
   {
   }
  -
  -Device (TPM)
  -{
  -Name (_HID, "MSFT0101" /* TPM 2.0 Security Device */)  // 
_HID: Hardware ID
  -Name (_STR, "TPM 2.0 Device")  // _STR: Description String
  -Name (_UID, One)  // _UID: Unique ID
  -Name (_STA, 0x0F)  // _STA: Status
...
  -}

for tpm-tis 1.2:

  @@ -145,6 +145,188 @@ DefinitionBlock ("", "DSDT", 1, "BOCHS ", "BXPC", 
0x0001)
   {
   Name (_ADR, 0x001F)  // _ADR: Address
   OperationRegion (PIRQ, PCI_Config, 0x60, 0x0C)
  +Device (TPM)
  +{
  +Name (_HID, EisaId ("PNP0C31"))  // _HID: Hardware ID
  +Name (_UID, One)  // _UID: Unique ID
  +Name (_STA, 0x0F)  // _STA: Status
...
  +}

  @@ -3281,188 +3463,6 @@ DefinitionBlock ("", "DSDT", 1, "BOCHS ", "BXPC", 
0x0001)
   Method (PCNT, 0, NotSerialized)
   {
   }
  -
  -Device (ISA.TPM)
  -{
  -Name (_HID, EisaId ("PNP0C31"))  // _HID: Hardware ID
  -Name (_UID, One)  // _UID: Unique ID
  -Name (_STA, 0x0F)  // _STA: Status
...
  -}

Signed-off-by: Igor Mammedov 
Acked-by: Ani Sinha 
Message-Id: <20220608135340.3304695-35-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h |   2 --
 tests/data/acpi/q35/DSDT.tis.tpm12  | Bin 8885 -> 8880 bytes
 tests/data/acpi/q35/DSDT.tis.tpm2   | Bin 8906 -> 8906 bytes
 3 files changed, 2 deletions(-)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index 7b3bf9a207..dfb8523c8b 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1,3 +1 @@
 /* List of comma-separated changed AML files to ignore */
-"tests/data/acpi/q35/DSDT.tis.tpm2",
-"tests/data/acpi/q35/DSDT.tis.tpm12",
diff --git a/tests/data/acpi/q35/DSDT.tis.tpm12 
b/tests/data/acpi/q35/DSDT.tis.tpm12
index 
0b5c97fdb5da8b7b55d6b5f2af498a447fda7bf8..a97d884c50485f848054c6ac95ecfa055ff59e5b
 100644
GIT binary patch
delta 89
zcmdn$y1|vpCDCo#F$WJq@Cp+yp#>9pgFT9bJNW7#QRk
vq8kD{g94ej61aFa$Fi`>ak*;6fK&_kYEI5ka^Z|_a#hs>Y1z!rg5>c

diff --git a/tests/data/acpi/q35/DSDT.tis.tpm2 
b/tests/data/acpi/q35/DSDT.tis.tpm2
index 
4e16b126cc1c32f2346078fa69c5261c245d15e8..1f5392919b5ea69696b49ff13aab5c37d0615919
 100644
GIT binary patch
delta 85
zcmX@*ddii{CDCo#F$WJq@Cp+yp#>9pgFT9bJNW7#QRk
nq8kD{g94ej61aFam$R_Sad~OSfK&@OX-{rba@owyl*0r7A8!`n

-- 
MST




[PULL 23/54] tests: acpi: add applesmc testcase

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-24-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test.c | 12 
 1 file changed, 12 insertions(+)

diff --git a/tests/qtest/bios-tables-test.c b/tests/qtest/bios-tables-test.c
index d896840270..7d238218ca 100644
--- a/tests/qtest/bios-tables-test.c
+++ b/tests/qtest/bios-tables-test.c
@@ -1625,6 +1625,17 @@ static void test_acpi_q35_slic(void)
 free_test_data();
 }
 
+static void test_acpi_q35_applesmc(void)
+{
+test_data data = {
+.machine = MACHINE_Q35,
+.variant = ".applesmc",
+};
+
+test_acpi_one("-device isa-applesmc", );
+free_test_data();
+}
+
 static void test_oem_fields(test_data *data)
 {
 int i;
@@ -1783,6 +1794,7 @@ int main(int argc, char *argv[])
 qtest_add_func("acpi/q35/acpihmat", test_acpi_q35_tcg_acpi_hmat);
 qtest_add_func("acpi/piix4/acpierst", test_acpi_piix4_acpi_erst);
 qtest_add_func("acpi/q35/acpierst", test_acpi_q35_acpi_erst);
+qtest_add_func("acpi/q35/applesmc", test_acpi_q35_applesmc);
 qtest_add_func("acpi/microvm", test_acpi_microvm_tcg);
 qtest_add_func("acpi/microvm/usb", test_acpi_microvm_usb_tcg);
 qtest_add_func("acpi/microvm/rtc", test_acpi_microvm_rtc_tcg);
-- 
MST




[PULL 31/54] acpi: pc/q35: tpm-tis: fix TPM device scope

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

tpm-tis 2.0, is not a PCI device but ISA one, move it
under ISA scope to fix incorrect placement.

Fixes: 24cf5413aa0 (acpi: Make TPM 2.0 with TIS available as MSFT0101)
Signed-off-by: Igor Mammedov 
Reviewed-by: Ani Sinha 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-32-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/i386/acpi-build.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index bbe02b068e..6b496480d2 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1813,15 +1813,14 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
 
 #ifdef CONFIG_TPM
 if (TPM_IS_TIS_ISA(tpm)) {
+dev = aml_device("ISA.TPM");
 if (misc->tpm_version == TPM_VERSION_2_0) {
-dev = aml_device("TPM");
 aml_append(dev, aml_name_decl("_HID",
   aml_string("MSFT0101")));
 aml_append(dev,
aml_name_decl("_STR",
  aml_string("TPM 2.0 Device")));
 } else {
-dev = aml_device("ISA.TPM");
 aml_append(dev, aml_name_decl("_HID",
   aml_eisaid("PNP0C31")));
 }
-- 
MST




[PULL 42/54] hw/cxl: Move the CXLState from MachineState to machine type specific state.

2022-06-10 Thread Michael S. Tsirkin
From: Jonathan Cameron 

This removes the last of the CXL code from the MachineState where it
is visible to all Machines to only those that support CXL (currently i386/pc)
As i386/pc always support CXL now, stop allocating the state independently.

Note the pxb register hookup code runs even if cxl=off in order to detect
pxb_cxl host bridges and fail to start if any are present as they won't
have the control registers available.

Signed-off-by: Jonathan Cameron 
Reviewed-by: Ben Widawsky 
Message-Id: <20220608145440.26106-8-jonathan.came...@huawei.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/boards.h  |  1 -
 include/hw/i386/pc.h |  2 ++
 hw/core/machine.c|  6 --
 hw/i386/acpi-build.c |  6 +++---
 hw/i386/pc.c | 33 -
 5 files changed, 21 insertions(+), 27 deletions(-)

diff --git a/include/hw/boards.h b/include/hw/boards.h
index dd9fc56df2..031f5f884d 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -360,7 +360,6 @@ struct MachineState {
 CPUArchIdList *possible_cpus;
 CpuTopology smp;
 struct NVDIMMState *nvdimms_state;
-struct CXLState *cxl_devices_state;
 struct NumaState *numa_state;
 CXLFixedMemoryWindowOptionsList *cfmws_list;
 };
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index dee38cfac4..003a86b721 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -14,6 +14,7 @@
 #include "qom/object.h"
 #include "hw/i386/sgx-epc.h"
 #include "hw/firmware/smbios.h"
+#include "hw/cxl/cxl.h"
 
 #define HPET_INTCAP "hpet-intcap"
 
@@ -55,6 +56,7 @@ typedef struct PCMachineState {
 hwaddr memhp_io_base;
 
 SGXEPCState sgx_epc;
+CXLState cxl_devices_state;
 } PCMachineState;
 
 #define PC_MACHINE_ACPI_DEVICE_PROP "acpi-device"
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 2e589d99e9..a673302cce 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -33,7 +33,6 @@
 #include "sysemu/qtest.h"
 #include "hw/pci/pci.h"
 #include "hw/mem/nvdimm.h"
-#include "hw/cxl/cxl.h"
 #include "migration/global_state.h"
 #include "migration/vmstate.h"
 #include "exec/confidential-guest-support.h"
@@ -1075,10 +1074,6 @@ static void machine_initfn(Object *obj)
 "Valid values are cpu, mem-ctrl");
 }
 
-if (mc->cxl_supported) {
-ms->cxl_devices_state = g_new0(CXLState, 1);
-}
-
 if (mc->cpu_index_to_instance_props && mc->get_default_cpu_node_id) {
 ms->numa_state = g_new0(NumaState, 1);
 object_property_add_bool(obj, "hmat",
@@ -1116,7 +,6 @@ static void machine_finalize(Object *obj)
 g_free(ms->device_memory);
 g_free(ms->nvdimms_state);
 g_free(ms->numa_state);
-g_free(ms->cxl_devices_state);
 }
 
 bool machine_usb(MachineState *machine)
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 663c34b9d1..73d0bf5937 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1631,7 +1631,7 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
 
 /* Handle the ranges for the PXB expanders */
 if (pci_bus_is_cxl(bus)) {
-MemoryRegion *mr = >cxl_devices_state->host_mr;
+MemoryRegion *mr = >cxl_devices_state.host_mr;
 uint64_t base = mr->addr;
 
 cxl_present = true;
@@ -2614,9 +2614,9 @@ void acpi_build(AcpiBuildTables *tables, MachineState 
*machine)
   machine->nvdimms_state, machine->ram_slots,
   x86ms->oem_id, x86ms->oem_table_id);
 }
-if (machine->cxl_devices_state->is_enabled) {
+if (pcms->cxl_devices_state.is_enabled) {
 cxl_build_cedt(table_offsets, tables_blob, tables->linker,
-   x86ms->oem_id, x86ms->oem_table_id, 
machine->cxl_devices_state);
+   x86ms->oem_id, x86ms->oem_table_id, 
>cxl_devices_state);
 }
 
 acpi_add_table(table_offsets, tables_blob);
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 9f48d02739..a0c0d69698 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -733,12 +733,12 @@ void pc_machine_done(Notifier *notifier, void *data)
 PCMachineState *pcms = container_of(notifier,
 PCMachineState, machine_done);
 X86MachineState *x86ms = X86_MACHINE(pcms);
-MachineState *ms = MACHINE(pcms);
 
-if (ms->cxl_devices_state) {
-cxl_hook_up_pxb_registers(pcms->bus, ms->cxl_devices_state,
-  _fatal);
-cxl_fmws_link_targets(ms->cxl_devices_state, _fatal);
+cxl_hook_up_pxb_registers(pcms->bus, >cxl_devices_state,
+  _fatal);
+
+   

[PULL 25/54] tests: acpi: update expected blobs

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

@@ -145,6 +145,23 @@ DefinitionBlock ("", "DSDT", 1, "BOCHS ", "BXPC", 
0x0001)
 {
 Name (_ADR, 0x001F)  // _ADR: Address
 OperationRegion (PIRQ, PCI_Config, 0x60, 0x0C)
+Device (SMC)
+{
+Name (_HID, EisaId ("APP0001"))  // _HID: Hardware ID
+Name (_STA, 0x0B)  // _STA: Status
+Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource 
Settings
+{
+IO (Decode16,
+0x0300, // Range Minimum
+0x0300, // Range Maximum
+0x01,   // Alignment
+0x20,   // Length
+)
+IRQNoFlags ()
+{6}
+})
+}
+
 Device (KBD)
 {
 Name (_HID, EisaId ("PNP0303") /* IBM Enhanced Keyboard 
(101/102-key, PS/2 Mouse) */)  // _HID: Hardware ID
@@ -3246,26 +3263,6 @@ DefinitionBlock ("", "DSDT", 1, "BOCHS ", "BXPC", 
0x0001)
 }
 }

-Scope (\_SB.PCI0.ISA)
-{
-Device (SMC)
-{
-Name (_HID, EisaId ("APP0001"))  // _HID: Hardware ID
-Name (_STA, 0x0B)  // _STA: Status
-Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource Settings
-{
-IO (Decode16,
-0x0300, // Range Minimum
-0x0300, // Range Maximum
-0x01,   // Alignment
-0x20,   // Length
-)
-IRQNoFlags ()
-{6}
-})
-}
-}
-
 Scope (\_SB)
 {
 Scope (PCI0)

Signed-off-by: Igor Mammedov 
Message-Id: <20220608135340.3304695-26-imamm...@redhat.com>
---
 tests/qtest/bios-tables-test-allowed-diff.h |   1 -
 tests/data/acpi/q35/DSDT.applesmc   | Bin 0 -> 8320 bytes
 2 files changed, 1 deletion(-)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index e893029d87..dfb8523c8b 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1,2 +1 @@
 /* List of comma-separated changed AML files to ignore */
-"tests/data/acpi/q35/DSDT.applesmc",
diff --git a/tests/data/acpi/q35/DSDT.applesmc 
b/tests/data/acpi/q35/DSDT.applesmc
index 
e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..00092aacc6ce44dd8792b00a0fa183e5b06d33c6
 100644
GIT binary patch
literal 8320
zcmb7JOKcm*8J^`!tL0K!Qk3OaY{E&)_r?xN%s)PQXYx!=g

[PULL 21/54] tests: acpi: update expected blobs

2022-06-10 Thread Michael S. Tsirkin
{4}
+})
+}

-Device (RTC)
-{
-Name (_HID, EisaId ("PNP0B00") /* AT Real-Time Clock */)  // _HID: 
Hardware ID
-Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource Settings
+Device (RTC)
 {
-IO (Decode16,
-0x0070, // Range Minimum
-0x0070, // Range Maximum
-0x01,   // Alignment
-0x08,   // Length
-)
-IRQNoFlags ()
-{8}
-})
+Name (_HID, EisaId ("PNP0B00") /* AT Real-Time Clock */)  // 
_HID: Hardware ID
+Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource 
Settings
+{
+IO (Decode16,
+0x0070, // Range Minimum
+0x0070, // Range Maximum
+0x01,   // Alignment
+0x08,   // Length
+)
+IRQNoFlags ()
+{8}
+})
+}
     }
 }

Signed-off-by: Igor Mammedov 
Message-Id: <20220609115113.3478093-1-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h |  32 
 tests/data/acpi/pc/DSDT | Bin 6002 -> 5987 bytes
 tests/data/acpi/pc/DSDT.acpierst| Bin 5969 -> 5954 bytes
 tests/data/acpi/pc/DSDT.acpihmat| Bin 7327 -> 7312 bytes
 tests/data/acpi/pc/DSDT.bridge  | Bin 8668 -> 8653 bytes
 tests/data/acpi/pc/DSDT.cphp| Bin 6466 -> 6451 bytes
 tests/data/acpi/pc/DSDT.dimmpxm | Bin 7656 -> 7641 bytes
 tests/data/acpi/pc/DSDT.hpbridge| Bin 5969 -> 5954 bytes
 tests/data/acpi/pc/DSDT.hpbrroot| Bin 3084 -> 3069 bytes
 tests/data/acpi/pc/DSDT.ipmikcs | Bin 6074 -> 6059 bytes
 tests/data/acpi/pc/DSDT.memhp   | Bin 7361 -> 7346 bytes
 tests/data/acpi/pc/DSDT.nohpet  | Bin 5860 -> 5845 bytes
 tests/data/acpi/pc/DSDT.numamem | Bin 6008 -> 5993 bytes
 tests/data/acpi/pc/DSDT.roothp  | Bin 6210 -> 6195 bytes
 tests/data/acpi/q35/DSDT| Bin 8289 -> 8274 bytes
 tests/data/acpi/q35/DSDT.acpierst   | Bin 8306 -> 8291 bytes
 tests/data/acpi/q35/DSDT.acpihmat   | Bin 9614 -> 9599 bytes
 tests/data/acpi/q35/DSDT.bridge | Bin 11003 -> 10988 bytes
 tests/data/acpi/q35/DSDT.cphp   | Bin 8753 -> 8738 bytes
 tests/data/acpi/q35/DSDT.cxl| Bin 9615 -> 9600 bytes
 tests/data/acpi/q35/DSDT.dimmpxm| Bin 9943 -> 9928 bytes
 tests/data/acpi/q35/DSDT.ipmibt | Bin 8364 -> 8349 bytes
 tests/data/acpi/q35/DSDT.ipmismbus  | Bin 8378 -> 8363 bytes
 tests/data/acpi/q35/DSDT.ivrs   | Bin 8306 -> 8291 bytes
 tests/data/acpi/q35/DSDT.memhp  | Bin 9648 -> 9633 bytes
 tests/data/acpi/q35/DSDT.mmio64 | Bin 9419 -> 9404 bytes
 tests/data/acpi/q35/DSDT.multi-bridge   | Bin 8583 -> 8568 bytes
 tests/data/acpi/q35/DSDT.nohpet | Bin 8147 -> 8132 bytes
 tests/data/acpi/q35/DSDT.numamem| Bin 8295 -> 8280 bytes
 tests/data/acpi/q35/DSDT.tis.tpm12  | Bin 8900 -> 8885 bytes
 tests/data/acpi/q35/DSDT.tis.tpm2   | Bin 8921 -> 8906 bytes
 tests/data/acpi/q35/DSDT.viot   | Bin 9398 -> 9383 bytes
 tests/data/acpi/q35/DSDT.xapic  | Bin 35652 -> 35637 bytes
 33 files changed, 32 deletions(-)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index 666e257bf9..dfb8523c8b 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1,33 +1 @@
 /* List of comma-separated changed AML files to ignore */
-"tests/data/acpi/pc/DSDT",
-"tests/data/acpi/pc/DSDT.acpierst",
-"tests/data/acpi/pc/DSDT.acpihmat",
-"tests/data/acpi/pc/DSDT.bridge",
-"tests/data/acpi/pc/DSDT.cphp",
-"tests/data/acpi/pc/DSDT.dimmpxm",
-"tests/data/acpi/pc/DSDT.hpbridge",
-"tests/data/acpi/pc/DSDT.ipmikcs",
-"tests/data/acpi/pc/DSDT.memhp",
-"tests/data/acpi/pc/DSDT.nohpet",
-"tests/data/acpi/pc/DSDT.numamem",
-"tests/data/acpi/pc/DSDT.roothp",
-"tests/data/acpi/pc/DSDT.hpbrroot",
-"tests/data/acpi/q35/DSDT",
-"tests/data/acpi/q35/DSDT.acpierst",
-"tests/data/acpi/q35/DSDT.acpihmat",
-&

[PULL 27/54] tests: acpi: add pvpanic-isa: testcase

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-28-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test.c | 12 
 1 file changed, 12 insertions(+)

diff --git a/tests/qtest/bios-tables-test.c b/tests/qtest/bios-tables-test.c
index 7d238218ca..56498bbcc8 100644
--- a/tests/qtest/bios-tables-test.c
+++ b/tests/qtest/bios-tables-test.c
@@ -1636,6 +1636,17 @@ static void test_acpi_q35_applesmc(void)
 free_test_data();
 }
 
+static void test_acpi_q35_pvpanic_isa(void)
+{
+test_data data = {
+.machine = MACHINE_Q35,
+.variant = ".pvpanic-isa",
+};
+
+test_acpi_one("-device pvpanic", );
+free_test_data();
+}
+
 static void test_oem_fields(test_data *data)
 {
 int i;
@@ -1795,6 +1806,7 @@ int main(int argc, char *argv[])
 qtest_add_func("acpi/piix4/acpierst", test_acpi_piix4_acpi_erst);
 qtest_add_func("acpi/q35/acpierst", test_acpi_q35_acpi_erst);
 qtest_add_func("acpi/q35/applesmc", test_acpi_q35_applesmc);
+qtest_add_func("acpi/q35/pvpanic-isa", test_acpi_q35_pvpanic_isa);
 qtest_add_func("acpi/microvm", test_acpi_microvm_tcg);
 qtest_add_func("acpi/microvm/usb", test_acpi_microvm_usb_tcg);
 qtest_add_func("acpi/microvm/rtc", test_acpi_microvm_rtc_tcg);
-- 
MST




[PULL 41/54] tests/acpi: Update q35/CEDT.cxl for new memory addresses.

2022-06-10 Thread Michael S. Tsirkin
From: Jonathan Cameron 

The CEDT table includes addreses of host bridge registers.
There are allocated in a different order due to the previous
patch, so update to the table is needed.

Signed-off-by: Jonathan Cameron 
Reviewed-by: Ben Widawsky 
Message-Id: <20220608145440.26106-7-jonathan.came...@huawei.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h |   1 -
 tests/data/acpi/q35/CEDT.cxl| Bin 184 -> 184 bytes
 2 files changed, 1 deletion(-)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index effa58b75b..dfb8523c8b 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1,2 +1 @@
 /* List of comma-separated changed AML files to ignore */
-"tests/data/acpi/q35/CEDT.cxl",
diff --git a/tests/data/acpi/q35/CEDT.cxl b/tests/data/acpi/q35/CEDT.cxl
index 
b8fa06b00e65712e91e0a5ea0d9277e0146d1c00..ff8203af070241bd23dd0eb8a51460692bb7d229
 100644
GIT binary patch
delta 18
acmdnNxPx(m*~Boui7rADs!ga80Nd

[PULL 24/54] acpi: applesmc: use AcpiDevAmlIfClass:build_dev_aml to provide device's AML

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

  .. and clean up not longer needed conditionals in DSTD build
code. applesmc AML will be fetched and included when ISA bridge
will build its own AML code (incl. attached devices).

Expected AML change:
the device under separate _SB.PCI0.ISA scope is moved directly
under Device(ISA) node.

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-25-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/isa/isa.h | 14 --
 hw/i386/acpi-build.c | 22 --
 hw/misc/applesmc.c   | 29 +
 3 files changed, 29 insertions(+), 36 deletions(-)

diff --git a/include/hw/isa/isa.h b/include/hw/isa/isa.h
index 5c5a3d43a7..6f9380007d 100644
--- a/include/hw/isa/isa.h
+++ b/include/hw/isa/isa.h
@@ -16,20 +16,6 @@ OBJECT_DECLARE_TYPE(ISADevice, ISADeviceClass, ISA_DEVICE)
 #define TYPE_ISA_BUS "ISA"
 OBJECT_DECLARE_SIMPLE_TYPE(ISABus, ISA_BUS)
 
-#define TYPE_APPLE_SMC "isa-applesmc"
-#define APPLESMC_MAX_DATA_LENGTH   32
-#define APPLESMC_PROP_IO_BASE "iobase"
-
-static inline uint16_t applesmc_port(void)
-{
-Object *obj = object_resolve_path_type("", TYPE_APPLE_SMC, NULL);
-
-if (obj) {
-return object_property_get_uint(obj, APPLESMC_PROP_IO_BASE, NULL);
-}
-return 0;
-}
-
 #define TYPE_ISADMA "isa-dma"
 
 typedef struct IsaDmaClass IsaDmaClass;
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index f7f1671407..b96705c688 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -121,7 +121,6 @@ typedef struct AcpiMiscInfo {
 const unsigned char *dsdt_code;
 unsigned dsdt_size;
 uint16_t pvpanic_port;
-uint16_t applesmc_io_base;
 } AcpiMiscInfo;
 
 typedef struct AcpiBuildPciBusHotplugState {
@@ -307,7 +306,6 @@ static void acpi_get_misc_info(AcpiMiscInfo *info)
 info->tpm_version = tpm_get_version(tpm_find());
 #endif
 info->pvpanic_port = pvpanic_port();
-info->applesmc_io_base = applesmc_port();
 }
 
 /*
@@ -1800,26 +1798,6 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
 aml_append(dsdt, scope);
 }
 
-if (misc->applesmc_io_base) {
-scope = aml_scope("\\_SB.PCI0.ISA");
-dev = aml_device("SMC");
-
-aml_append(dev, aml_name_decl("_HID", aml_eisaid("APP0001")));
-/* device present, functioning, decoding, not shown in UI */
-aml_append(dev, aml_name_decl("_STA", aml_int(0xB)));
-
-crs = aml_resource_template();
-aml_append(crs,
-aml_io(AML_DECODE16, misc->applesmc_io_base, 
misc->applesmc_io_base,
-   0x01, APPLESMC_MAX_DATA_LENGTH)
-);
-aml_append(crs, aml_irq_no_flags(6));
-aml_append(dev, aml_name_decl("_CRS", crs));
-
-aml_append(scope, dev);
-aml_append(dsdt, scope);
-}
-
 if (misc->pvpanic_port) {
 scope = aml_scope("\\_SB.PCI0.ISA");
 
diff --git a/hw/misc/applesmc.c b/hw/misc/applesmc.c
index 81cd6b6423..5f9c742e50 100644
--- a/hw/misc/applesmc.c
+++ b/hw/misc/applesmc.c
@@ -37,10 +37,14 @@
 #include "qemu/module.h"
 #include "qemu/timer.h"
 #include "qom/object.h"
+#include "hw/acpi/acpi_aml_interface.h"
 
 /* #define DEBUG_SMC */
 
 #define APPLESMC_DEFAULT_IOBASE0x300
+#define TYPE_APPLE_SMC "isa-applesmc"
+#define APPLESMC_MAX_DATA_LENGTH   32
+#define APPLESMC_PROP_IO_BASE "iobase"
 
 enum {
 APPLESMC_DATA_PORT   = 0x00,
@@ -347,14 +351,35 @@ static Property applesmc_isa_properties[] = {
 DEFINE_PROP_END_OF_LIST(),
 };
 
+static void build_applesmc_aml(AcpiDevAmlIf *adev, Aml *scope)
+{
+Aml *crs;
+AppleSMCState *s = APPLE_SMC(adev);
+uint32_t iobase = s->iobase;
+Aml *dev = aml_device("SMC");
+
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("APP0001")));
+/* device present, functioning, decoding, not shown in UI */
+aml_append(dev, aml_name_decl("_STA", aml_int(0xB)));
+crs = aml_resource_template();
+aml_append(crs,
+aml_io(AML_DECODE16, iobase, iobase, 0x01, APPLESMC_MAX_DATA_LENGTH)
+);
+aml_append(crs, aml_irq_no_flags(6));
+aml_append(dev, aml_name_decl("_CRS", crs));
+aml_append(scope, dev);
+}
+
 static void qdev_applesmc_class_init(ObjectClass *klass, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
+AcpiDevAmlIfClass *adevc = ACPI_DEV_AML_IF_CLASS(klass);
 
 dc->realize = applesmc_isa_realize;
 dc->reset = qdev_applesmc_isa_reset;
 device_class_set_props(dc, applesmc_isa_properties);
 set_bit(DEVICE_CATEGORY_MISC, dc->categories);
+adevc->build_dev_aml = build_applesmc_aml;
 }
 
 static const TypeInfo applesmc_isa_info

[PULL 19/54] acpi: pc: isa bridge: use AcpiDevAmlIf interface to build ISA device descriptors

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

replaces ad-hoc build_isa_devices_aml() with generic AcpiDevAmlIf
way to build bridge AML including all devices that are attached to
its ISA bus.

Later when PCI is converted to AcpiDevAmlIf, build_piix4_isa_bridge()
will also be dropped since PCI parts itself will take care of
building device prologue/epilogue AML for each enumerated PCI
device.

Expected AML change is contextual, where ISA devices are moved
from separately declared _SB.PCI0.ISA scope , directly under
Device(ISA) node.

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-20-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/i386/acpi-build.c | 16 +++-
 hw/isa/piix3.c   | 17 +
 2 files changed, 28 insertions(+), 5 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index d943354999..f903f30b7e 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1280,15 +1280,22 @@ static void build_piix4_isa_bridge(Aml *table)
 {
 Aml *dev;
 Aml *scope;
+Object *obj;
+bool ambiguous;
+
+/*
+ * temporarily fish out isa bridge, build_piix4_isa_bridge() will be 
dropped
+ * once PCI is converted to AcpiDevAmlIf and would be ble to generate
+ * AML for bridge itself
+ */
+obj = object_resolve_path_type("", TYPE_PIIX3_PCI_DEVICE, );
+assert(obj && !ambiguous);
 
 scope =  aml_scope("_SB.PCI0");
 dev = aml_device("ISA");
 aml_append(dev, aml_name_decl("_ADR", aml_int(0x0001)));
 
-/* PIIX PCI to ISA irq remapping */
-aml_append(dev, aml_operation_region("P40C", AML_PCI_CONFIG,
- aml_int(0x60), 0x04));
-
+call_dev_aml_func(DEVICE(obj), dev);
 aml_append(scope, dev);
 aml_append(table, scope);
 }
@@ -1476,7 +1483,6 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
 build_hpet_aml(dsdt);
 }
 build_piix4_isa_bridge(dsdt);
-build_isa_devices_aml(dsdt);
 if (pm->pcihp_bridge_en || pm->pcihp_root_en) {
 build_x86_acpi_pci_hotplug(dsdt, pm->pcihp_io_base);
 }
diff --git a/hw/isa/piix3.c b/hw/isa/piix3.c
index dab901c9ad..bfccd666d4 100644
--- a/hw/isa/piix3.c
+++ b/hw/isa/piix3.c
@@ -32,6 +32,7 @@
 #include "sysemu/reset.h"
 #include "sysemu/runstate.h"
 #include "migration/vmstate.h"
+#include "hw/acpi/acpi_aml_interface.h"
 
 #define XEN_PIIX_NUM_PIRQS  128ULL
 
@@ -286,10 +287,24 @@ static void piix3_realize(PCIDevice *dev, Error **errp)
 qemu_register_reset(piix3_reset, d);
 }
 
+static void build_pci_isa_aml(AcpiDevAmlIf *adev, Aml *scope)
+{
+BusChild *kid;
+BusState *bus = qdev_get_child_bus(DEVICE(adev), "isa.0");
+
+/* PIIX PCI to ISA irq remapping */
+aml_append(scope, aml_operation_region("P40C", AML_PCI_CONFIG,
+ aml_int(0x60), 0x04));
+QTAILQ_FOREACH(kid, >children, sibling) {
+call_dev_aml_func(DEVICE(kid->child), scope);
+}
+}
+
 static void pci_piix3_class_init(ObjectClass *klass, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
+AcpiDevAmlIfClass *adevc = ACPI_DEV_AML_IF_CLASS(klass);
 
 dc->desc= "ISA bridge";
 dc->vmsd= _piix3;
@@ -304,6 +319,7 @@ static void pci_piix3_class_init(ObjectClass *klass, void 
*data)
  * pc_piix.c's pc_init1()
  */
 dc->user_creatable = false;
+adevc->build_dev_aml = build_pci_isa_aml;
 }
 
 static const TypeInfo piix3_pci_type_info = {
@@ -314,6 +330,7 @@ static const TypeInfo piix3_pci_type_info = {
 .class_init = pci_piix3_class_init,
 .interfaces = (InterfaceInfo[]) {
 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
+{ TYPE_ACPI_DEV_AML_IF },
 { },
 },
 };
-- 
MST




[PULL 22/54] tests: acpi: add and white-list DSDT.applesmc expected blob

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Message-Id: <20220608135340.3304695-23-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h | 1 +
 tests/data/acpi/q35/DSDT.applesmc   | 0
 2 files changed, 1 insertion(+)
 create mode 100644 tests/data/acpi/q35/DSDT.applesmc

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index dfb8523c8b..e893029d87 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1 +1,2 @@
 /* List of comma-separated changed AML files to ignore */
+"tests/data/acpi/q35/DSDT.applesmc",
diff --git a/tests/data/acpi/q35/DSDT.applesmc 
b/tests/data/acpi/q35/DSDT.applesmc
new file mode 100644
index 00..e69de29bb2
-- 
MST




[PULL 36/54] hw/cxl: Make the CXL fixed memory window setup a machine parameter.

2022-06-10 Thread Michael S. Tsirkin
From: Jonathan Cameron 

Paolo Bonzini requested this change to simplify the ongoing
effort to allow machine setup entirely via RPC.

Includes shortening the command line form cxl-fixed-memory-window
to cxl-fmw as the command lines are extremely long even with this
change.

The json change is needed to ensure that there is
a CXLFixedMemoryWindowOptionsList even though the actual
element in the json is never used. Similar to existing
SgxEpcProperties.

Update qemu-options.hx to reflect that this is now a -machine
parameter.  The bulk of -M / -machine parameters are documented
under machine, so use that in preference to M.

Update cxl-test and bios-tables-test to reflect new parameters.

Signed-off-by: Jonathan Cameron 
Reviewed-by: Ben Widawsky 
Reviewed-by: Davidlohr Bueso 
Message-Id: <20220608145440.26106-2-jonathan.came...@huawei.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 qapi/machine.json   | 13 +
 include/hw/boards.h |  1 +
 include/hw/cxl/cxl.h|  7 +--
 include/hw/cxl/cxl_host.h   | 21 +
 hw/core/machine.c   | 22 -
 hw/cxl/cxl-host-stubs.c |  6 +--
 hw/cxl/cxl-host.c   | 72 ++--
 hw/i386/pc.c|  3 ++
 hw/pci-bridge/pci_expander_bridge.c |  2 +-
 softmmu/vl.c| 44 -
 tests/qtest/bios-tables-test.c  |  4 +-
 tests/qtest/cxl-test.c  |  4 +-
 docs/system/devices/cxl.rst |  4 +-
 qemu-options.hx | 73 ++---
 14 files changed, 150 insertions(+), 126 deletions(-)
 create mode 100644 include/hw/cxl/cxl_host.h

diff --git a/qapi/machine.json b/qapi/machine.json
index f750a16396..6afd1936b0 100644
--- a/qapi/machine.json
+++ b/qapi/machine.json
@@ -523,6 +523,19 @@
   '*interleave-granularity': 'size',
   'targets': ['str'] }}
 
+##
+# @CXLFMWProperties:
+#
+# List of CXL Fixed Memory Windows.
+#
+# @cxl-fmw: List of CXLFixedMemoryWindowOptions
+#
+# Since 7.1
+##
+{ 'struct' : 'CXLFMWProperties',
+  'data': { 'cxl-fmw': ['CXLFixedMemoryWindowOptions'] }
+}
+
 ##
 # @X86CPURegister32:
 #
diff --git a/include/hw/boards.h b/include/hw/boards.h
index fa57bac4fb..dd9fc56df2 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -362,6 +362,7 @@ struct MachineState {
 struct NVDIMMState *nvdimms_state;
 struct CXLState *cxl_devices_state;
 struct NumaState *numa_state;
+CXLFixedMemoryWindowOptionsList *cfmws_list;
 };
 
 #define DEFINE_MACHINE(namestr, machine_initfn) \
diff --git a/include/hw/cxl/cxl.h b/include/hw/cxl/cxl.h
index 21d28ca110..84078a484d 100644
--- a/include/hw/cxl/cxl.h
+++ b/include/hw/cxl/cxl.h
@@ -12,6 +12,7 @@
 
 
 #include "qapi/qapi-types-machine.h"
+#include "qapi/qapi-visit-machine.h"
 #include "hw/pci/pci_bridge.h"
 #include "hw/pci/pci_host.h"
 #include "cxl_pci.h"
@@ -40,6 +41,7 @@ typedef struct CXLState {
 MemoryRegion host_mr;
 unsigned int next_mr_idx;
 GList *fixed_windows;
+CXLFixedMemoryWindowOptionsList *cfmw_list;
 } CXLState;
 
 struct CXLHost {
@@ -51,11 +53,6 @@ struct CXLHost {
 #define TYPE_PXB_CXL_HOST "pxb-cxl-host"
 OBJECT_DECLARE_SIMPLE_TYPE(CXLHost, PXB_CXL_HOST)
 
-void cxl_fixed_memory_window_config(MachineState *ms,
-CXLFixedMemoryWindowOptions *object,
-Error **errp);
 void cxl_fixed_memory_window_link_targets(Error **errp);
 
-extern const MemoryRegionOps cfmws_ops;
-
 #endif
diff --git a/include/hw/cxl/cxl_host.h b/include/hw/cxl/cxl_host.h
new file mode 100644
index 00..87a6933de2
--- /dev/null
+++ b/include/hw/cxl/cxl_host.h
@@ -0,0 +1,21 @@
+/*
+ * QEMU CXL Host Setup
+ *
+ * Copyright (c) 2022 Huawei
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2. See the
+ * COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/cxl/cxl.h"
+#include "hw/boards.h"
+
+#ifndef CXL_HOST_H
+#define CXL_HOST_H
+
+void cxl_machine_init(Object *obj, CXLState *state);
+
+extern const MemoryRegionOps cfmws_ops;
+
+#endif
diff --git a/hw/core/machine.c b/hw/core/machine.c
index c53548d0b1..2e589d99e9 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -629,20 +629,6 @@ static void machine_set_nvdimm_persistence(Object *obj, 
const char *value,
 nvdimms_state->persistence_string = g_strdup(value);
 }
 
-static bool machine_get_cxl(Object *obj, Error **errp)
-{
-MachineState *ms = MACHINE(obj);
-
-return ms->cxl_devices_state->is_enabled;
-}
-
-static void machine_set_cxl(Object *obj, bool value, Error **errp)
-{
-MachineState *ms = MACHINE(obj);
-
-ms->cxl_devices_state->is_enabled = value;
-}
-
 void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, co

[PULL 15/54] acpi: ich9-smb: add support for AcpiDevAmlIf interface

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

wire AcpiDevAmlIf interface to build ich9-smb and its slave
devices AML. It will be used by followup patches to switch
from creating AML in ad-hoc way to a more systematic one
that will scan present devices and ask them to provide
their AML code like it's done with ISA devices.

This patch is a partial conversion, as it only fetches
AML from slave devices attached to its I2C bus.

The conversion will be completed when PCI bus is
switched to use AcpiDevAmlIf and build_smb0() could be
dropped.

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-16-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/i2c/smbus_ich9.c | 15 +++
 1 file changed, 15 insertions(+)

diff --git a/hw/i2c/smbus_ich9.c b/hw/i2c/smbus_ich9.c
index 44dd5653b7..ee50ba1f2c 100644
--- a/hw/i2c/smbus_ich9.c
+++ b/hw/i2c/smbus_ich9.c
@@ -29,6 +29,7 @@
 
 #include "hw/i386/ich9.h"
 #include "qom/object.h"
+#include "hw/acpi/acpi_aml_interface.h"
 
 OBJECT_DECLARE_SIMPLE_TYPE(ICH9SMBState, ICH9_SMB_DEVICE)
 
@@ -94,10 +95,22 @@ static void ich9_smbus_realize(PCIDevice *d, Error **errp)
  >smb.io);
 }
 
+static void build_ich9_smb_aml(AcpiDevAmlIf *adev, Aml *scope)
+{
+BusChild *kid;
+ICH9SMBState *s = ICH9_SMB_DEVICE(adev);
+BusState *bus = BUS(s->smb.smbus);
+
+QTAILQ_FOREACH(kid, >children, sibling) {
+call_dev_aml_func(DEVICE(kid->child), scope);
+}
+}
+
 static void ich9_smb_class_init(ObjectClass *klass, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
+AcpiDevAmlIfClass *adevc = ACPI_DEV_AML_IF_CLASS(klass);
 
 k->vendor_id = PCI_VENDOR_ID_INTEL;
 k->device_id = PCI_DEVICE_ID_INTEL_ICH9_6;
@@ -112,6 +125,7 @@ static void ich9_smb_class_init(ObjectClass *klass, void 
*data)
  * pc_q35_init()
  */
 dc->user_creatable = false;
+adevc->build_dev_aml = build_ich9_smb_aml;
 }
 
 static void ich9_smb_set_irq(PMSMBus *pmsmb, bool enabled)
@@ -143,6 +157,7 @@ static const TypeInfo ich9_smb_info = {
 .class_init = ich9_smb_class_init,
 .interfaces = (InterfaceInfo[]) {
 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
+{ TYPE_ACPI_DEV_AML_IF },
 { },
 },
 };
-- 
MST




[PULL 13/54] ipmi: acpi: use relative path to resource source

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

smbus-ipmi AML description needs to specify a path to its parent
node in _CRS. The rest of IPMI inplementations (ISA based)
do not need path at all. Instead of passing through a full path
use relative path to point to smbus-ipmi's parent node, it will
let follow up patches to create IPMI device AML in a generic
way instead of current ad-hoc way. (i.e. AML will be generated
the same way it's done for other ISA device, and smbus will be
converted to generate AML for its slave devices the same way
as ISA)

expected AML change:
 Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource Settings
 {
I2cSerialBusV2 (0x, ControllerInitiated, 0x000186A0,
-   AddressingMode7Bit, "\\_SB.PCI0.SMB0",
+   AddressingMode7Bit, "^",
0x00, ResourceProducer, , Exclusive,
)
  })

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-14-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/acpi/ipmi.h |  2 +-
 hw/acpi/ipmi-stub.c|  2 +-
 hw/acpi/ipmi.c | 12 ++--
 hw/i386/acpi-build.c   |  4 ++--
 4 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/include/hw/acpi/ipmi.h b/include/hw/acpi/ipmi.h
index c14ad682ac..c38483565c 100644
--- a/include/hw/acpi/ipmi.h
+++ b/include/hw/acpi/ipmi.h
@@ -16,6 +16,6 @@
  * bus matches the given bus.  The resource is the ACPI resource that
  * contains the IPMI device, this is required for the I2C CRS.
  */
-void build_acpi_ipmi_devices(Aml *table, BusState *bus, const char *resource);
+void build_acpi_ipmi_devices(Aml *table, BusState *bus);
 
 #endif /* HW_ACPI_IPMI_H */
diff --git a/hw/acpi/ipmi-stub.c b/hw/acpi/ipmi-stub.c
index 8634fb325c..f525f71c2d 100644
--- a/hw/acpi/ipmi-stub.c
+++ b/hw/acpi/ipmi-stub.c
@@ -10,6 +10,6 @@
 #include "qemu/osdep.h"
 #include "hw/acpi/ipmi.h"
 
-void build_acpi_ipmi_devices(Aml *table, BusState *bus, const char *resource)
+void build_acpi_ipmi_devices(Aml *table, BusState *bus)
 {
 }
diff --git a/hw/acpi/ipmi.c b/hw/acpi/ipmi.c
index 96e48eba15..c30b44fcf5 100644
--- a/hw/acpi/ipmi.c
+++ b/hw/acpi/ipmi.c
@@ -13,7 +13,7 @@
 #include "hw/acpi/acpi.h"
 #include "hw/acpi/ipmi.h"
 
-static Aml *aml_ipmi_crs(IPMIFwInfo *info, const char *resource)
+static Aml *aml_ipmi_crs(IPMIFwInfo *info)
 {
 Aml *crs = aml_resource_template();
 
@@ -49,7 +49,7 @@ static Aml *aml_ipmi_crs(IPMIFwInfo *info, const char 
*resource)
 break;
 case IPMI_MEMSPACE_SMBUS:
 aml_append(crs, aml_i2c_serial_bus_device(info->base_address,
-  resource));
+  "^"));
 break;
 default:
 abort();
@@ -62,7 +62,7 @@ static Aml *aml_ipmi_crs(IPMIFwInfo *info, const char 
*resource)
 return crs;
 }
 
-static Aml *aml_ipmi_device(IPMIFwInfo *info, const char *resource)
+static Aml *aml_ipmi_device(IPMIFwInfo *info)
 {
 Aml *dev;
 uint16_t version = ((info->ipmi_spec_major_revision << 8)
@@ -75,14 +75,14 @@ static Aml *aml_ipmi_device(IPMIFwInfo *info, const char 
*resource)
 aml_append(dev, aml_name_decl("_STR", aml_string("ipmi_%s",
  info->interface_name)));
 aml_append(dev, aml_name_decl("_UID", aml_int(info->uuid)));
-aml_append(dev, aml_name_decl("_CRS", aml_ipmi_crs(info, resource)));
+aml_append(dev, aml_name_decl("_CRS", aml_ipmi_crs(info)));
 aml_append(dev, aml_name_decl("_IFT", aml_int(info->interface_type)));
 aml_append(dev, aml_name_decl("_SRV", aml_int(version)));
 
 return dev;
 }
 
-void build_acpi_ipmi_devices(Aml *scope, BusState *bus, const char *resource)
+void build_acpi_ipmi_devices(Aml *scope, BusState *bus)
 {
 
 BusChild *kid;
@@ -102,6 +102,6 @@ void build_acpi_ipmi_devices(Aml *scope, BusState *bus, 
const char *resource)
 iic = IPMI_INTERFACE_GET_CLASS(obj);
 memset(, 0, sizeof(info));
 iic->get_fwinfo(ii, );
-aml_append(scope, aml_ipmi_device(, resource));
+aml_append(scope, aml_ipmi_device());
 }
 }
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 1449832aa9..88506d563f 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -873,7 +873,7 @@ static void build_isa_devices_aml(Aml *table)
 assert(obj && !ambiguous);
 
 scope = aml_scope("_SB.PCI0.ISA");
-build_acpi_ipmi_devices(scope, BUS(obj), "\\_SB.PCI0.ISA");
+build_acpi_ipmi_devices(scope, BUS(obj));
 isa_build_aml(ISA_BUS(obj), scope);
 
 aml_append(table, scope);
@@ -1406,7 +1406,7 @@ static void build_smb0(Aml *table, I2CBus *smbus, int 
devnr, int func)
 Aml *dev = aml_dev

[PULL 20/54] acpi: q35: isa bridge: use AcpiDevAmlIf interface to build ISA device descriptors

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

replaces adhoc build_isa_devices_aml() with generic AcpiDevAmlIf
way to build bridge AML including all devices that are attached
to its ISA bus.

Later when PCI is converted to AcpiDevAmlIf, build_q35_isa_bridge()
will also be dropped since PCI parts itself will take care of
building device prologue/epilogue AML for each enumerated PCI device.

Expected AML change is contextual, where ISA devices are moved from
separately declared _SB.PCI0.ISA scope, directly under Device(ISA)
node.

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-21-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/i386/acpi-build.c | 30 +++---
 hw/isa/lpc_ich9.c| 19 +++
 2 files changed, 30 insertions(+), 19 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index f903f30b7e..f7f1671407 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -864,20 +864,6 @@ static Aml *build_vmbus_device_aml(VMBusBridge 
*vmbus_bridge)
 return dev;
 }
 
-static void build_isa_devices_aml(Aml *table)
-{
-bool ambiguous;
-Object *obj = object_resolve_path_type("", TYPE_ISA_BUS, );
-Aml *scope;
-
-assert(obj && !ambiguous);
-
-scope = aml_scope("_SB.PCI0.ISA");
-isa_build_aml(ISA_BUS(obj), scope);
-
-aml_append(table, scope);
-}
-
 static void build_dbg_aml(Aml *table)
 {
 Aml *field;
@@ -1263,15 +1249,22 @@ static void build_q35_isa_bridge(Aml *table)
 {
 Aml *dev;
 Aml *scope;
+Object *obj;
+bool ambiguous;
+
+/*
+ * temporarily fish out isa bridge, build_q35_isa_bridge() will be dropped
+ * once PCI is converted to AcpiDevAmlIf and would be ble to generate
+ * AML for bridge itself
+ */
+obj = object_resolve_path_type("", TYPE_ICH9_LPC_DEVICE, );
+assert(obj && !ambiguous);
 
 scope =  aml_scope("_SB.PCI0");
 dev = aml_device("ISA");
 aml_append(dev, aml_name_decl("_ADR", aml_int(0x001F)));
 
-/* ICH9 PCI to ISA irq remapping */
-aml_append(dev, aml_operation_region("PIRQ", AML_PCI_CONFIG,
- aml_int(0x60), 0x0C));
-
+call_dev_aml_func(DEVICE(obj), dev);
 aml_append(scope, dev);
 aml_append(table, scope);
 }
@@ -1531,7 +1524,6 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
 build_hpet_aml(dsdt);
 }
 build_q35_isa_bridge(dsdt);
-build_isa_devices_aml(dsdt);
 if (pm->pcihp_bridge_en) {
 build_x86_acpi_pci_hotplug(dsdt, pm->pcihp_io_base);
 }
diff --git a/hw/isa/lpc_ich9.c b/hw/isa/lpc_ich9.c
index 5f143dca17..4553b5925b 100644
--- a/hw/isa/lpc_ich9.c
+++ b/hw/isa/lpc_ich9.c
@@ -50,6 +50,7 @@
 #include "hw/core/cpu.h"
 #include "hw/nvram/fw_cfg.h"
 #include "qemu/cutils.h"
+#include "hw/acpi/acpi_aml_interface.h"
 
 /*/
 /* ICH9 LPC PCI to ISA bridge */
@@ -803,12 +804,28 @@ static void ich9_send_gpe(AcpiDeviceIf *adev, 
AcpiEventStatusBits ev)
 acpi_send_gpe_event(>pm.acpi_regs, s->pm.irq, ev);
 }
 
+static void build_ich9_isa_aml(AcpiDevAmlIf *adev, Aml *scope)
+{
+BusChild *kid;
+ICH9LPCState *s = ICH9_LPC_DEVICE(adev);
+BusState *bus = BUS(s->isa_bus);
+
+/* ICH9 PCI to ISA irq remapping */
+aml_append(scope, aml_operation_region("PIRQ", AML_PCI_CONFIG,
+   aml_int(0x60), 0x0C));
+
+QTAILQ_FOREACH(kid, >children, sibling) {
+call_dev_aml_func(DEVICE(kid->child), scope);
+}
+}
+
 static void ich9_lpc_class_init(ObjectClass *klass, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
 HotplugHandlerClass *hc = HOTPLUG_HANDLER_CLASS(klass);
 AcpiDeviceIfClass *adevc = ACPI_DEVICE_IF_CLASS(klass);
+AcpiDevAmlIfClass *amldevc = ACPI_DEV_AML_IF_CLASS(klass);
 
 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
 dc->reset = ich9_lpc_reset;
@@ -833,6 +850,7 @@ static void ich9_lpc_class_init(ObjectClass *klass, void 
*data)
 adevc->ospm_status = ich9_pm_ospm_status;
 adevc->send_event = ich9_send_gpe;
 adevc->madt_cpu = pc_madt_cpu_entry;
+amldevc->build_dev_aml = build_ich9_isa_aml;
 }
 
 static const TypeInfo ich9_lpc_info = {
@@ -845,6 +863,7 @@ static const TypeInfo ich9_lpc_info = {
 { TYPE_HOTPLUG_HANDLER },
 { TYPE_ACPI_DEVICE_IF },
 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
+{ TYPE_ACPI_DEV_AML_IF },
 { }
 }
 };
-- 
MST




[PULL 18/54] tests: acpi: white-list to be re-factored pc/q35 DSDT

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Message-Id: <20220609114855.3477822-1-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h | 32 +
 1 file changed, 32 insertions(+)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index dfb8523c8b..666e257bf9 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1 +1,33 @@
 /* List of comma-separated changed AML files to ignore */
+"tests/data/acpi/pc/DSDT",
+"tests/data/acpi/pc/DSDT.acpierst",
+"tests/data/acpi/pc/DSDT.acpihmat",
+"tests/data/acpi/pc/DSDT.bridge",
+"tests/data/acpi/pc/DSDT.cphp",
+"tests/data/acpi/pc/DSDT.dimmpxm",
+"tests/data/acpi/pc/DSDT.hpbridge",
+"tests/data/acpi/pc/DSDT.ipmikcs",
+"tests/data/acpi/pc/DSDT.memhp",
+"tests/data/acpi/pc/DSDT.nohpet",
+"tests/data/acpi/pc/DSDT.numamem",
+"tests/data/acpi/pc/DSDT.roothp",
+"tests/data/acpi/pc/DSDT.hpbrroot",
+"tests/data/acpi/q35/DSDT",
+"tests/data/acpi/q35/DSDT.acpierst",
+"tests/data/acpi/q35/DSDT.acpihmat",
+"tests/data/acpi/q35/DSDT.bridge",
+"tests/data/acpi/q35/DSDT.cphp",
+"tests/data/acpi/q35/DSDT.dimmpxm",
+"tests/data/acpi/q35/DSDT.ipmibt",
+"tests/data/acpi/q35/DSDT.ivrs",
+"tests/data/acpi/q35/DSDT.memhp",
+"tests/data/acpi/q35/DSDT.mmio64",
+"tests/data/acpi/q35/DSDT.multi-bridge",
+"tests/data/acpi/q35/DSDT.nohpet",
+"tests/data/acpi/q35/DSDT.numamem",
+"tests/data/acpi/q35/DSDT.tis.tpm12",
+"tests/data/acpi/q35/DSDT.tis.tpm2",
+"tests/data/acpi/q35/DSDT.viot",
+"tests/data/acpi/q35/DSDT.xapic",
+"tests/data/acpi/q35/DSDT.ipmismbus",
+"tests/data/acpi/q35/DSDT.cxl",
-- 
MST




[PULL 11/54] tests: acpi: update expected blob DSDT.ipmismbus

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

basic q35 DSDT with an extra device node:

  Device (MI1)
{
Name (_HID, EisaId ("IPI0001"))  // _HID: Hardware ID
Name (_STR, "ipmi_smbus")  // _STR: Description String
Name (_UID, One)  // _UID: Unique ID
Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource Settings
{
  I2cSerialBusV2 (0x, ControllerInitiated, 0x000186A0,
  AddressingMode7Bit, "\\_SB.PCI0.SMB0",
  0x00, ResourceProducer, , Exclusive,
  )
})
Name (_IFT, 0x04)  // _IFT: IPMI Interface Type
Name (_SRV, 0x0200)  // _SRV: IPMI Spec Revision
}

Signed-off-by: Igor Mammedov 
Message-Id: <20220608135340.3304695-12-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h |   1 -
 tests/data/acpi/q35/DSDT.ipmismbus  | Bin 0 -> 8391 bytes
 2 files changed, 1 deletion(-)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index b4687d1cc8..dfb8523c8b 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1,2 +1 @@
 /* List of comma-separated changed AML files to ignore */
-"tests/data/acpi/q35/DSDT.ipmismbus",
diff --git a/tests/data/acpi/q35/DSDT.ipmismbus 
b/tests/data/acpi/q35/DSDT.ipmismbus
index 
e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..07ba873b79caadd73ed9721fcbeee84c57676e2a
 100644
GIT binary patch
literal 8391
zcmb7JOKcm*8J^`!tL0K!Qk3OaY{E{`M+%3s^JhY
z_y6rLX27<-bna|z1|Qz)Z7~AvZ3UJ^2Tp0O>leG7zH2qz
zTHfqdYo1-WZ<%J-6-QCCTku-U>~7RNmR+6cuK8~4_G`@bt}G85@xe}d!E!qFe_s0b
z?CD>Aapmp8y%I{g>CR>9?cOf?(LyqjM}zucCeK5L!+c!@Ea28TX>9F0bQ7KhAv
zmpOG)s4SV)W~nVz8qh|nI{VdTyUuLJ?thnLvCd70;)Rz=4KLShdEH$0xvt+Xuz*^6
z0X1#D*R!17(Ee=DV}o9DG&*3zxz7fh?6;dX`}hCi2kgL_7kx`xb05u8U+#a$VvM0T
zPhOzj(0F(HCu@G8%ZC`{&!Q{MT5COG^(@<2nSVMefrRSxpIIq-0E=rBMeoroS?0L4
zSTTC6#|)!lTw~YpdoF@%o(m8{DQ_Zt@t?_p-%teYO}p8bH~K>HZ-hbr7Ffd
z(RZSzd2XL)zUZ#i4>@t5F`832526pE%sl6C(S+d)S*~c>Q?lfCbDj)JQ)Z
zqy47qw~gdI+cI%!C~z@$8##P=xz4^{x{O)yH`~I6OH$w#^QFr;QEb#(M)JO(QQ#IE
z8}(eX=DnQj7{yh0g=L>;x~0pJ+!MnyTqa2+dQ1b!HK2-o`8j5lS^wkTo
zy{wmLdVYOwxEfB4`_KRVKmN1t)jwPMrheitZatt}ufNe7o*!Ii!xMvDD}ovD0l$xI
z+_ocjkd7KR>5JW68ZHj5TQfl>9$_iA8T4*#GIp?OHfwH~W$iA0jbMi&=hIgVx>+3e
z8$OYnt#$`S}jN$HNtBsWs6UPRQ%PeD4yA?rDkwFwem1R;f^aC?V;KGPl0M3bX
zoCl~3iHZCi8{te~!-$v?8eyCXC}$!hCVIoMQO=Y-h%#bIXjCu(5OxxgvJF^b{?UsGok5BaHfPNbe#xQoim!w8BOPmt`niE)6{gD
znod*KiBQ#vCy+AIvzpFXT_-|Sr={t%G@X{N6QQazsp(8=I+MCigsM(F3zh3>YdURR
zCqh+cO4FIrbf$Ej2vwbPn$9^*=bWw+p{jFU(>br{oY!?CRCPLqMyP%xF3@n$C=_6QQbeLDRXQ>0HotB2;x|HJw>aXI9sVP}RAp>0H!wF6ufF
zsydHpI*(~OkLfxQsygu|fxAyWhn6&*OS(>ks?Ot@}WSO(lj!`%?
zPy{F|f+zx66b34A+>#7NEZIK;MFsTGKoLr5Fi?S&2C6{GKn3*BKoO!h(m(|^jHsq+
zpaObmpa{_;j)j2=Y#4`0?L_Wpa`W-7^uKV$y`
zEN8+%6(|{~fN~}oC_Az;Y%GRDqI#3Mglifg+ST
zVW0xbnJ`cVN(L_XQ0jz%3M^;BKouw%sDN@N87M-j69y``0?L_Wpa`W-7^uKf}LawZulLa7r5ibyd~M5=)zR1FlNVxS5W2C6X0Kouq#
zsKSJSDohxt!XyJ#m}H;|69%d)R`Lm~^^j|8iYS4Oz(QK_3;JE8W`f};ZGa1%i)=P9;rmqTpRn6=|Z5^ut!`b((
z{T(c_%pO?D>@&4>w>1kuE1#aTlAk2lEMEzFm))i|D~|74@cxc9&*%u9XkqDPbq4PU
z1-ay5W4VSFgG_YWPam@uKAB^)QMen!^PAyGjMa{g>1U()qM5=9b5an
zWuDff7!YoY$4gzmo>Jc9<-M`;-Vx=!uzYE}eC!d*
zmz44)UcNL|zH~(SQdqt`UOxT^<;zO>GA~~qD_=gMd^s#%884rBgz^=oe1(^7MBCJK6Z0~or^5@#L^{znHQmHK!xAvfGbs#jB@^jH+thRu^CqjO
z!>h_fI?*;Y-NZat)YIYpWg?wuo0@LozCNa>!%NLXI?*;Y-Nb#mq^HB1|!Vrl)fX
z=EDW;zBl97i`ZSsp9@-eZ>4sFH+H)>-q_l^akw5$wj
z=Rbvg;}6?J2{!zQ4z6PL_X3c_Sd#yWA6aY
zM+@{{+m_wA`9lf{Eax^$4a2Q9e8X+kUox=Fo~N&}!J@8P_pp?oA!O9`ORG7+y+S*O
z742H1W(JHJF}E<%5O}iB6^pZnKupFXyQnVtXo{O}p*#E0Li!*kK>J`FwsiTTNh(
zpfKAxfA#5@+(03rB!CwA$D2_sV7=kV!T1T15LokA+@CnJx^mFV*5f4W(Fz
z{%rY}>$?r}2pOi^C|$`!MgiLnjB8(dnZY$9VAlep7qHDQSMA>ndd8h?H1*@seEd
zcq1;#aOuu?D=y3SSHs!CrZqyDuYzgkhmTK;99{Qd`xf6^`~1Y7QsRUJ|p_VzT^Y@fo+&*H}KrU=Ube9U?0XQ
z>{K!KU%r*g&(q8IXhbjH^ocNSlh?#%*_IvHjJ?#E|C(hh^@%B^L7!I?EHX1G3
zX~V#2ABt%!)Qw?q#9lbxXD(oH#G{egm1m;Z9!-k(1pZ9SC2|Ra@26glHLJ~*7-HJ2
zewYMsYPjROaBMa#|

[PULL 17/54] q35: acpi: drop not needed PCMachineClass::do_not_add_smb_acpi

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

by default we do not version ACPI AML as it's considered
a part of firmware. Drop do_not_add_smb_acpi that blocked
SMBUS AML description on 3.1 and older machine types without
providing justification.

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-18-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/i386/pc.h | 1 -
 hw/i386/acpi-build.c | 2 +-
 hw/i386/pc_piix.c| 1 -
 hw/i386/pc_q35.c | 1 -
 4 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index ffcac5121e..dee38cfac4 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -104,7 +104,6 @@ struct PCMachineClass {
 bool rsdp_in_ram;
 int legacy_acpi_table_size;
 unsigned acpi_data_size;
-bool do_not_add_smb_acpi;
 int pci_root_uid;
 
 /* SMBIOS compat: */
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 5b963cca32..d943354999 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1530,7 +1530,7 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
 build_x86_acpi_pci_hotplug(dsdt, pm->pcihp_io_base);
 }
 build_q35_pci0_int(dsdt);
-if (pcms->smbus && !pcmc->do_not_add_smb_acpi) {
+if (pcms->smbus) {
 build_smb0(dsdt, ICH9_SMB_DEV, ICH9_SMB_FUNC);
 }
 }
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 578e537b35..7f777f7aed 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -564,7 +564,6 @@ static void pc_i440fx_3_1_machine_options(MachineClass *m)
 
 pc_i440fx_4_0_machine_options(m);
 m->is_default = false;
-pcmc->do_not_add_smb_acpi = true;
 m->smbus_no_migration_support = true;
 m->alias = NULL;
 pcmc->pvh_enabled = false;
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 42eb8b9707..f96cbd04e2 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -514,7 +514,6 @@ static void pc_q35_3_1_machine_options(MachineClass *m)
 
 pc_q35_4_0_machine_options(m);
 m->default_kernel_irqchip_split = false;
-pcmc->do_not_add_smb_acpi = true;
 m->smbus_no_migration_support = true;
 m->alias = NULL;
 pcmc->pvh_enabled = false;
-- 
MST




[PULL 16/54] acpi: ipmi: use AcpiDevAmlIf interface to build IPMI device descriptors

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

convert ad-hoc way we use to generate AML for ISA/SMB IPMI devices
to a generic approach (i.e. make devices provide its own AML blobs
like it is done with other ISA devices (ex. KBD))

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-17-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/acpi/ipmi.h |  9 ++--
 hw/acpi/ipmi-stub.c|  2 +-
 hw/acpi/ipmi.c | 49 +-
 hw/i386/acpi-build.c   | 17 ++-
 hw/ipmi/isa_ipmi_bt.c  |  4 
 hw/ipmi/isa_ipmi_kcs.c |  4 
 hw/ipmi/smbus_ipmi.c   |  4 
 7 files changed, 42 insertions(+), 47 deletions(-)

diff --git a/include/hw/acpi/ipmi.h b/include/hw/acpi/ipmi.h
index c38483565c..6c8079c97a 100644
--- a/include/hw/acpi/ipmi.h
+++ b/include/hw/acpi/ipmi.h
@@ -9,13 +9,8 @@
 #ifndef HW_ACPI_IPMI_H
 #define HW_ACPI_IPMI_H
 
-#include "hw/acpi/aml-build.h"
+#include "hw/acpi/acpi_aml_interface.h"
 
-/*
- * Add ACPI IPMI entries for all registered IPMI devices whose parent
- * bus matches the given bus.  The resource is the ACPI resource that
- * contains the IPMI device, this is required for the I2C CRS.
- */
-void build_acpi_ipmi_devices(Aml *table, BusState *bus);
+void build_ipmi_dev_aml(AcpiDevAmlIf *adev, Aml *scope);
 
 #endif /* HW_ACPI_IPMI_H */
diff --git a/hw/acpi/ipmi-stub.c b/hw/acpi/ipmi-stub.c
index f525f71c2d..befaf0a882 100644
--- a/hw/acpi/ipmi-stub.c
+++ b/hw/acpi/ipmi-stub.c
@@ -10,6 +10,6 @@
 #include "qemu/osdep.h"
 #include "hw/acpi/ipmi.h"
 
-void build_acpi_ipmi_devices(Aml *table, BusState *bus)
+void build_ipmi_dev_aml(AcpiDevAmlIf *adev, Aml *scope)
 {
 }
diff --git a/hw/acpi/ipmi.c b/hw/acpi/ipmi.c
index c30b44fcf5..a20e57d465 100644
--- a/hw/acpi/ipmi.c
+++ b/hw/acpi/ipmi.c
@@ -62,46 +62,27 @@ static Aml *aml_ipmi_crs(IPMIFwInfo *info)
 return crs;
 }
 
-static Aml *aml_ipmi_device(IPMIFwInfo *info)
+void build_ipmi_dev_aml(AcpiDevAmlIf *adev, Aml *scope)
 {
 Aml *dev;
-uint16_t version = ((info->ipmi_spec_major_revision << 8)
-| (info->ipmi_spec_minor_revision << 4));
+IPMIFwInfo info = {};
+IPMIInterface *ii = IPMI_INTERFACE(adev);
+IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
+uint16_t version;
 
-assert(info->ipmi_spec_minor_revision <= 15);
+iic->get_fwinfo(ii, );
+assert(info.ipmi_spec_minor_revision <= 15);
+version = ((info.ipmi_spec_major_revision << 8)
+  | (info.ipmi_spec_minor_revision << 4));
 
-dev = aml_device("MI%d", info->uuid);
+dev = aml_device("MI%d", info.uuid);
 aml_append(dev, aml_name_decl("_HID", aml_eisaid("IPI0001")));
 aml_append(dev, aml_name_decl("_STR", aml_string("ipmi_%s",
- info->interface_name)));
-aml_append(dev, aml_name_decl("_UID", aml_int(info->uuid)));
-aml_append(dev, aml_name_decl("_CRS", aml_ipmi_crs(info)));
-aml_append(dev, aml_name_decl("_IFT", aml_int(info->interface_type)));
+ info.interface_name)));
+aml_append(dev, aml_name_decl("_UID", aml_int(info.uuid)));
+aml_append(dev, aml_name_decl("_CRS", aml_ipmi_crs()));
+aml_append(dev, aml_name_decl("_IFT", aml_int(info.interface_type)));
 aml_append(dev, aml_name_decl("_SRV", aml_int(version)));
 
-return dev;
-}
-
-void build_acpi_ipmi_devices(Aml *scope, BusState *bus)
-{
-
-BusChild *kid;
-
-QTAILQ_FOREACH(kid, >children,  sibling) {
-IPMIInterface *ii;
-IPMIInterfaceClass *iic;
-IPMIFwInfo info;
-Object *obj = object_dynamic_cast(OBJECT(kid->child),
-  TYPE_IPMI_INTERFACE);
-
-if (!obj) {
-continue;
-}
-
-ii = IPMI_INTERFACE(obj);
-iic = IPMI_INTERFACE_GET_CLASS(obj);
-memset(, 0, sizeof(info));
-iic->get_fwinfo(ii, );
-aml_append(scope, aml_ipmi_device());
-}
+aml_append(scope, dev);
 }
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 88506d563f..5b963cca32 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -39,6 +39,7 @@
 #include "hw/nvram/fw_cfg.h"
 #include "hw/acpi/bios-linker-loader.h"
 #include "hw/isa/isa.h"
+#include "hw/acpi/acpi_aml_interface.h"
 #include "hw/input/i8042.h"
 #include "hw/acpi/memory_hotplug.h"
 #include "sysemu/tpm.h"
@@ -73,7 +74,6 @@
 #include "hw/i386/intel_iommu.h"
 #include "hw/virtio/virtio-iommu.h"
 
-#include "hw/acpi/ipmi.h"
 #include "hw/acpi/hmat.h"

[PULL 10/54] tests: acpi: q35: add test for smbus-ipmi device

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

expected new device node:

Device (MI1)
{
Name (_HID, EisaId ("IPI0001"))  // _HID: Hardware ID
Name (_STR, "ipmi_smbus")  // _STR: Description String
Name (_UID, One)  // _UID: Unique ID
Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource Settings
{
I2cSerialBusV2 (0x, ControllerInitiated, 0x000186A0,
AddressingMode7Bit, "\\_SB.PCI0.SMB0",
0x00, ResourceProducer, , Exclusive,
)
})
Name (_IFT, 0x04)  // _IFT: IPMI Interface Type
Name (_SRV, 0x0200)  // _SRV: IPMI Spec Revision
}

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-11-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test.c | 16 
 1 file changed, 16 insertions(+)

diff --git a/tests/qtest/bios-tables-test.c b/tests/qtest/bios-tables-test.c
index a4a46e97f0..d896840270 100644
--- a/tests/qtest/bios-tables-test.c
+++ b/tests/qtest/bios-tables-test.c
@@ -955,6 +955,21 @@ static void test_acpi_q35_tcg_ipmi(void)
 free_test_data();
 }
 
+static void test_acpi_q35_tcg_smbus_ipmi(void)
+{
+test_data data;
+
+memset(, 0, sizeof(data));
+data.machine = MACHINE_Q35;
+data.variant = ".ipmismbus";
+data.required_struct_types = ipmi_required_struct_types;
+data.required_struct_types_len = ARRAY_SIZE(ipmi_required_struct_types);
+test_acpi_one("-device ipmi-bmc-sim,id=bmc0"
+  " -device smbus-ipmi,bmc=bmc0",
+  );
+free_test_data();
+}
+
 static void test_acpi_piix4_tcg_ipmi(void)
 {
 test_data data;
@@ -1743,6 +1758,7 @@ int main(int argc, char *argv[])
 qtest_add_func("acpi/q35/mmio64", test_acpi_q35_tcg_mmio64);
 qtest_add_func("acpi/piix4/ipmi", test_acpi_piix4_tcg_ipmi);
 qtest_add_func("acpi/q35/ipmi", test_acpi_q35_tcg_ipmi);
+qtest_add_func("acpi/q35/smbus/ipmi", test_acpi_q35_tcg_smbus_ipmi);
 qtest_add_func("acpi/piix4/cpuhp", test_acpi_piix4_tcg_cphp);
 qtest_add_func("acpi/q35/cpuhp", test_acpi_q35_tcg_cphp);
 qtest_add_func("acpi/piix4/memhp", test_acpi_piix4_tcg_memhp);
-- 
MST




[PULL 07/54] acpi: pckbd: replace ISADeviceClass::build_aml with AcpiDevAmlIfClass:build_dev_aml

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-8-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/input/pckbd.c | 14 +-
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/hw/input/pckbd.c b/hw/input/pckbd.c
index 4efdf75620..45c40fe3f3 100644
--- a/hw/input/pckbd.c
+++ b/hw/input/pckbd.c
@@ -29,7 +29,7 @@
 #include "qapi/error.h"
 #include "hw/isa/isa.h"
 #include "migration/vmstate.h"
-#include "hw/acpi/aml-build.h"
+#include "hw/acpi/acpi_aml_interface.h"
 #include "hw/input/ps2.h"
 #include "hw/irq.h"
 #include "hw/input/i8042.h"
@@ -767,9 +767,9 @@ static void i8042_realizefn(DeviceState *dev, Error **errp)
 qemu_register_reset(kbd_reset, s);
 }
 
-static void i8042_build_aml(ISADevice *isadev, Aml *scope)
+static void i8042_build_aml(AcpiDevAmlIf *adev, Aml *scope)
 {
-ISAKBDState *isa_s = I8042(isadev);
+ISAKBDState *isa_s = I8042(adev);
 Aml *kbd;
 Aml *mou;
 Aml *crs;
@@ -807,12 +807,12 @@ static Property i8042_properties[] = {
 static void i8042_class_initfn(ObjectClass *klass, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
-ISADeviceClass *isa = ISA_DEVICE_CLASS(klass);
+AcpiDevAmlIfClass *adevc = ACPI_DEV_AML_IF_CLASS(klass);
 
 device_class_set_props(dc, i8042_properties);
 dc->realize = i8042_realizefn;
 dc->vmsd = _kbd_isa;
-isa->build_aml = i8042_build_aml;
+adevc->build_dev_aml = i8042_build_aml;
 set_bit(DEVICE_CATEGORY_INPUT, dc->categories);
 }
 
@@ -822,6 +822,10 @@ static const TypeInfo i8042_info = {
 .instance_size = sizeof(ISAKBDState),
 .instance_init = i8042_initfn,
 .class_init= i8042_class_initfn,
+.interfaces = (InterfaceInfo[]) {
+{ TYPE_ACPI_DEV_AML_IF },
+{ },
+},
 };
 
 static void i8042_register_types(void)
-- 
MST




[PULL 14/54] tests: acpi: update expected DSDT.ipmismbus blob

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

expected AML change:
 Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource Settings
 {
I2cSerialBusV2 (0x, ControllerInitiated, 0x000186A0,
-   AddressingMode7Bit, "\\_SB.PCI0.SMB0",
+   AddressingMode7Bit, "^",
0x00, ResourceProducer, , Exclusive,
)
  })

Signed-off-by: Igor Mammedov 
Message-Id: <20220608135340.3304695-15-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h |   1 -
 tests/data/acpi/q35/DSDT.ipmismbus  | Bin 8391 -> 8378 bytes
 2 files changed, 1 deletion(-)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index b4687d1cc8..dfb8523c8b 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1,2 +1 @@
 /* List of comma-separated changed AML files to ignore */
-"tests/data/acpi/q35/DSDT.ipmismbus",
diff --git a/tests/data/acpi/q35/DSDT.ipmismbus 
b/tests/data/acpi/q35/DSDT.ipmismbus
index 
07ba873b79caadd73ed9721fcbeee84c57676e2a..415fe08a407690c0e118743d872de79d22f01a4c
 100644
GIT binary patch
delta 85
zcmX@^xXY2tCD80n^Yqk0Lq6G-v9sr

delta 98
zcmdnxc-)c8CD$MJ|5
sqMMx9CjXGsR#xLu?vrC+1VW%jHiiXlAVv}39!S?_OQ}XS01jdo-v9sr

-- 
MST




[PULL 05/54] acpi: serial-is: replace ISADeviceClass::build_aml with AcpiDevAmlIfClass:build_dev_aml

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-6-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/char/serial-isa.c | 14 +-
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/hw/char/serial-isa.c b/hw/char/serial-isa.c
index 7a7ed239cd..141a6cb168 100644
--- a/hw/char/serial-isa.c
+++ b/hw/char/serial-isa.c
@@ -27,7 +27,7 @@
 #include "qapi/error.h"
 #include "qemu/module.h"
 #include "sysemu/sysemu.h"
-#include "hw/acpi/aml-build.h"
+#include "hw/acpi/acpi_aml_interface.h"
 #include "hw/char/serial.h"
 #include "hw/isa/isa.h"
 #include "hw/qdev-properties.h"
@@ -83,9 +83,9 @@ static void serial_isa_realizefn(DeviceState *dev, Error 
**errp)
 isa_register_ioport(isadev, >io, isa->iobase);
 }
 
-static void serial_isa_build_aml(ISADevice *isadev, Aml *scope)
+static void serial_isa_build_aml(AcpiDevAmlIf *adev, Aml *scope)
 {
-ISASerialState *isa = ISA_SERIAL(isadev);
+ISASerialState *isa = ISA_SERIAL(adev);
 Aml *dev;
 Aml *crs;
 
@@ -122,11 +122,11 @@ static Property serial_isa_properties[] = {
 static void serial_isa_class_initfn(ObjectClass *klass, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
-ISADeviceClass *isa = ISA_DEVICE_CLASS(klass);
+AcpiDevAmlIfClass *adevc = ACPI_DEV_AML_IF_CLASS(klass);
 
 dc->realize = serial_isa_realizefn;
 dc->vmsd = _isa_serial;
-isa->build_aml = serial_isa_build_aml;
+adevc->build_dev_aml = serial_isa_build_aml;
 device_class_set_props(dc, serial_isa_properties);
 set_bit(DEVICE_CATEGORY_INPUT, dc->categories);
 }
@@ -146,6 +146,10 @@ static const TypeInfo serial_isa_info = {
 .instance_size = sizeof(ISASerialState),
 .instance_init = serial_isa_initfn,
 .class_init= serial_isa_class_initfn,
+.interfaces = (InterfaceInfo[]) {
+{ TYPE_ACPI_DEV_AML_IF },
+{ },
+},
 };
 
 static void serial_register_types(void)
-- 
MST




[PULL 08/54] isa-bus: drop no longer used ISADeviceClass::build_aml

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-9-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/isa/isa.h |  1 -
 hw/isa/isa-bus.c | 12 +---
 2 files changed, 1 insertion(+), 12 deletions(-)

diff --git a/include/hw/isa/isa.h b/include/hw/isa/isa.h
index 034d706ba1..5c5a3d43a7 100644
--- a/include/hw/isa/isa.h
+++ b/include/hw/isa/isa.h
@@ -64,7 +64,6 @@ struct IsaDmaClass {
 
 struct ISADeviceClass {
 DeviceClass parent_class;
-void (*build_aml)(ISADevice *dev, Aml *scope);
 };
 
 struct ISABus {
diff --git a/hw/isa/isa-bus.c b/hw/isa/isa-bus.c
index 237e2cee12..1bee1a47f1 100644
--- a/hw/isa/isa-bus.c
+++ b/hw/isa/isa-bus.c
@@ -191,19 +191,9 @@ ISADevice *isa_vga_init(ISABus *bus)
 void isa_build_aml(ISABus *bus, Aml *scope)
 {
 BusChild *kid;
-ISADevice *dev;
-ISADeviceClass *dc;
 
 QTAILQ_FOREACH(kid, >parent_obj.children, sibling) {
-dev = ISA_DEVICE(kid->child);
-dc = ISA_DEVICE_GET_CLASS(dev);
-bool has_build_dev_aml = !!object_dynamic_cast(OBJECT(dev),
-   TYPE_ACPI_DEV_AML_IF);
-if (dc->build_aml) {
-dc->build_aml(dev, scope);
-} else if (has_build_dev_aml) {
-call_dev_aml_func(DEVICE(dev), scope);
-}
+call_dev_aml_func(DEVICE(kid->child), scope);
 }
 }
 
-- 
MST




[PULL 12/54] tests: acpi: whitelist DSDT.ipmismbus expected blob

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Message-Id: <20220608135340.3304695-13-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index dfb8523c8b..b4687d1cc8 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1 +1,2 @@
 /* List of comma-separated changed AML files to ignore */
+"tests/data/acpi/q35/DSDT.ipmismbus",
-- 
MST




[PULL 09/54] tests: acpi: add and whitelist DSDT.ipmismbus expected blob

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

.. which will be used by follow up smbus-ipmi test-case

Signed-off-by: Igor Mammedov 
Message-Id: <20220608135340.3304695-10-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 tests/qtest/bios-tables-test-allowed-diff.h | 1 +
 tests/data/acpi/q35/DSDT.ipmismbus  | 0
 2 files changed, 1 insertion(+)
 create mode 100644 tests/data/acpi/q35/DSDT.ipmismbus

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index dfb8523c8b..b4687d1cc8 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1 +1,2 @@
 /* List of comma-separated changed AML files to ignore */
+"tests/data/acpi/q35/DSDT.ipmismbus",
diff --git a/tests/data/acpi/q35/DSDT.ipmismbus 
b/tests/data/acpi/q35/DSDT.ipmismbus
new file mode 100644
index 00..e69de29bb2
-- 
MST




[PULL 04/54] acpi: parallel port: replace ISADeviceClass::build_aml with AcpiDevAmlIfClass:build_dev_aml

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-5-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/char/parallel.c | 14 +-
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/hw/char/parallel.c b/hw/char/parallel.c
index f735a6cd7f..1c9ca47820 100644
--- a/hw/char/parallel.c
+++ b/hw/char/parallel.c
@@ -28,7 +28,7 @@
 #include "qemu/module.h"
 #include "chardev/char-parallel.h"
 #include "chardev/char-fe.h"
-#include "hw/acpi/aml-build.h"
+#include "hw/acpi/acpi_aml_interface.h"
 #include "hw/irq.h"
 #include "hw/isa/isa.h"
 #include "hw/qdev-properties.h"
@@ -570,9 +570,9 @@ static void parallel_isa_realizefn(DeviceState *dev, Error 
**errp)
  s, "parallel");
 }
 
-static void parallel_isa_build_aml(ISADevice *isadev, Aml *scope)
+static void parallel_isa_build_aml(AcpiDevAmlIf *adev, Aml *scope)
 {
-ISAParallelState *isa = ISA_PARALLEL(isadev);
+ISAParallelState *isa = ISA_PARALLEL(adev);
 Aml *dev;
 Aml *crs;
 
@@ -645,11 +645,11 @@ static Property parallel_isa_properties[] = {
 static void parallel_isa_class_initfn(ObjectClass *klass, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
-ISADeviceClass *isa = ISA_DEVICE_CLASS(klass);
+AcpiDevAmlIfClass *adevc = ACPI_DEV_AML_IF_CLASS(klass);
 
 dc->realize = parallel_isa_realizefn;
 dc->vmsd = _parallel_isa;
-isa->build_aml = parallel_isa_build_aml;
+adevc->build_dev_aml = parallel_isa_build_aml;
 device_class_set_props(dc, parallel_isa_properties);
 set_bit(DEVICE_CATEGORY_INPUT, dc->categories);
 }
@@ -659,6 +659,10 @@ static const TypeInfo parallel_isa_info = {
 .parent= TYPE_ISA_DEVICE,
 .instance_size = sizeof(ISAParallelState),
 .class_init= parallel_isa_class_initfn,
+.interfaces = (InterfaceInfo[]) {
+{ TYPE_ACPI_DEV_AML_IF },
+{ },
+},
 };
 
 static void parallel_register_types(void)
-- 
MST




[PULL 06/54] acpi: mc146818rtc: replace ISADeviceClass::build_aml with AcpiDevAmlIfClass:build_dev_aml

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-7-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/rtc/mc146818rtc.c | 14 +-
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/hw/rtc/mc146818rtc.c b/hw/rtc/mc146818rtc.c
index f235c2ddbe..ef9765bb8f 100644
--- a/hw/rtc/mc146818rtc.c
+++ b/hw/rtc/mc146818rtc.c
@@ -26,7 +26,7 @@
 #include "qemu/cutils.h"
 #include "qemu/module.h"
 #include "qemu/bcd.h"
-#include "hw/acpi/aml-build.h"
+#include "hw/acpi/acpi_aml_interface.h"
 #include "hw/irq.h"
 #include "hw/qdev-properties.h"
 #include "hw/qdev-properties-system.h"
@@ -1017,9 +1017,9 @@ static void rtc_reset_hold(Object *obj)
 qemu_irq_lower(s->irq);
 }
 
-static void rtc_build_aml(ISADevice *isadev, Aml *scope)
+static void rtc_build_aml(AcpiDevAmlIf *adev, Aml *scope)
 {
-RTCState *s = MC146818_RTC(isadev);
+RTCState *s = MC146818_RTC(adev);
 Aml *dev;
 Aml *crs;
 
@@ -1043,13 +1043,13 @@ static void rtc_class_initfn(ObjectClass *klass, void 
*data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
 ResettableClass *rc = RESETTABLE_CLASS(klass);
-ISADeviceClass *isa = ISA_DEVICE_CLASS(klass);
+AcpiDevAmlIfClass *adevc = ACPI_DEV_AML_IF_CLASS(klass);
 
 dc->realize = rtc_realizefn;
 dc->vmsd = _rtc;
 rc->phases.enter = rtc_reset_enter;
 rc->phases.hold = rtc_reset_hold;
-isa->build_aml = rtc_build_aml;
+adevc->build_dev_aml = rtc_build_aml;
 device_class_set_props(dc, mc146818rtc_properties);
 set_bit(DEVICE_CATEGORY_MISC, dc->categories);
 }
@@ -1059,6 +1059,10 @@ static const TypeInfo mc146818rtc_info = {
 .parent= TYPE_ISA_DEVICE,
 .instance_size = sizeof(RTCState),
 .class_init= rtc_class_initfn,
+.interfaces = (InterfaceInfo[]) {
+{ TYPE_ACPI_DEV_AML_IF },
+{ },
+},
 };
 
 static void mc146818rtc_register_types(void)
-- 
MST




[PULL 03/54] acpi: fdc-isa: replace ISADeviceClass::build_aml with AcpiDevAmlIfClass:build_dev_aml

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-4-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/block/fdc-isa.c   | 16 ++--
 hw/i386/acpi-build.c |  1 -
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/hw/block/fdc-isa.c b/hw/block/fdc-isa.c
index fa20450747..fee1ca68a8 100644
--- a/hw/block/fdc-isa.c
+++ b/hw/block/fdc-isa.c
@@ -32,7 +32,7 @@
 #include "qapi/error.h"
 #include "qemu/error-report.h"
 #include "qemu/timer.h"
-#include "hw/acpi/aml-build.h"
+#include "hw/acpi/acpi_aml_interface.h"
 #include "hw/irq.h"
 #include "hw/isa/isa.h"
 #include "hw/qdev-properties.h"
@@ -214,9 +214,9 @@ int cmos_get_fd_drive_type(FloppyDriveType fd0)
 return val;
 }
 
-static void fdc_isa_build_aml(ISADevice *isadev, Aml *scope)
+static void build_fdc_aml(AcpiDevAmlIf *adev, Aml *scope)
 {
-FDCtrlISABus *isa = ISA_FDC(isadev);
+FDCtrlISABus *isa = ISA_FDC(adev);
 Aml *dev;
 Aml *crs;
 int i;
@@ -241,7 +241,7 @@ static void fdc_isa_build_aml(ISADevice *isadev, Aml *scope)
 aml_append(dev, aml_name_decl("_CRS", crs));
 
 for (i = 0; i < MIN(MAX_FD, ACPI_FDE_MAX_FD); i++) {
-FloppyDriveType type = isa_fdc_get_drive_type(isadev, i);
+FloppyDriveType type = isa_fdc_get_drive_type(ISA_DEVICE(adev), i);
 
 if (type < FLOPPY_DRIVE_TYPE_NONE) {
 fde_buf[i] = cpu_to_le32(1);  /* drive present */
@@ -283,14 +283,14 @@ static Property isa_fdc_properties[] = {
 static void isabus_fdc_class_init(ObjectClass *klass, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
-ISADeviceClass *isa = ISA_DEVICE_CLASS(klass);
+AcpiDevAmlIfClass *adevc = ACPI_DEV_AML_IF_CLASS(klass);
 
 dc->desc = "virtual floppy controller";
 dc->realize = isabus_fdc_realize;
 dc->fw_name = "fdc";
 dc->reset = fdctrl_external_reset_isa;
 dc->vmsd = _isa_fdc;
-isa->build_aml = fdc_isa_build_aml;
+adevc->build_dev_aml = build_fdc_aml;
 device_class_set_props(dc, isa_fdc_properties);
 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
 }
@@ -313,6 +313,10 @@ static const TypeInfo isa_fdc_info = {
 .instance_size = sizeof(FDCtrlISABus),
 .class_init= isabus_fdc_class_init,
 .instance_init = isabus_fdc_instance_init,
+.interfaces = (InterfaceInfo[]) {
+{ TYPE_ACPI_DEV_AML_IF },
+{ },
+},
 };
 
 static void isa_fdc_register_types(void)
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index c125939ed6..1449832aa9 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -40,7 +40,6 @@
 #include "hw/acpi/bios-linker-loader.h"
 #include "hw/isa/isa.h"
 #include "hw/input/i8042.h"
-#include "hw/block/fdc.h"
 #include "hw/acpi/memory_hotplug.h"
 #include "sysemu/tpm.h"
 #include "hw/acpi/tpm.h"
-- 
MST




[PULL 01/54] acpi: add interface to build device specific AML

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

There is already ISADeviceClass::build_aml() callback which
builds device specific AML blob for some ISA devices.
To extend the same idea to other devices, add TYPE_ACPI_DEV_AML_IF
Interface that will provide a more generic callback which
will be used not only for ISA but other devices. It will
allow get rid of some data-mining and ad-hoc AML building,
by asking device(s) to generate its own AML blob like it's
done for ISA devices.

Signed-off-by: Igor Mammedov 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-2-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/acpi/acpi_aml_interface.h | 40 
 hw/acpi/acpi_interface.c |  8 ++
 hw/acpi/meson.build  |  2 +-
 3 files changed, 49 insertions(+), 1 deletion(-)
 create mode 100644 include/hw/acpi/acpi_aml_interface.h

diff --git a/include/hw/acpi/acpi_aml_interface.h 
b/include/hw/acpi/acpi_aml_interface.h
new file mode 100644
index 00..ab76f0e55d
--- /dev/null
+++ b/include/hw/acpi/acpi_aml_interface.h
@@ -0,0 +1,40 @@
+#ifndef ACPI_AML_INTERFACE_H
+#define ACPI_AML_INTERFACE_H
+
+#include "qom/object.h"
+#include "hw/acpi/aml-build.h"
+
+#define TYPE_ACPI_DEV_AML_IF "acpi-dev-aml-interface"
+typedef struct AcpiDevAmlIfClass AcpiDevAmlIfClass;
+DECLARE_CLASS_CHECKERS(AcpiDevAmlIfClass, ACPI_DEV_AML_IF, 
TYPE_ACPI_DEV_AML_IF)
+#define ACPI_DEV_AML_IF(obj) \
+ INTERFACE_CHECK(AcpiDevAmlIf, (obj), TYPE_ACPI_DEV_AML_IF)
+
+typedef struct AcpiDevAmlIf AcpiDevAmlIf;
+typedef void (*dev_aml_fn)(AcpiDevAmlIf *adev, Aml *scope);
+
+/**
+ * AcpiDevAmlIfClass:
+ *
+ * build_dev_aml: adds device specific AML blob to provided scope
+ *
+ * Interface is designed for providing generic callback that builds device
+ * specific AML blob.
+ */
+struct AcpiDevAmlIfClass {
+/*  */
+InterfaceClass parent_class;
+
+/*  */
+dev_aml_fn build_dev_aml;
+};
+
+static inline void call_dev_aml_func(DeviceState *dev, Aml *scope)
+{
+if (object_dynamic_cast(OBJECT(dev), TYPE_ACPI_DEV_AML_IF)) {
+AcpiDevAmlIfClass *klass = ACPI_DEV_AML_IF_GET_CLASS(dev);
+klass->build_dev_aml(ACPI_DEV_AML_IF(dev), scope);
+}
+}
+
+#endif
diff --git a/hw/acpi/acpi_interface.c b/hw/acpi/acpi_interface.c
index 6583917b8e..c668d361f6 100644
--- a/hw/acpi/acpi_interface.c
+++ b/hw/acpi/acpi_interface.c
@@ -1,5 +1,6 @@
 #include "qemu/osdep.h"
 #include "hw/acpi/acpi_dev_interface.h"
+#include "hw/acpi/acpi_aml_interface.h"
 #include "qemu/module.h"
 
 void acpi_send_event(DeviceState *dev, AcpiEventStatusBits event)
@@ -18,8 +19,15 @@ static void register_types(void)
 .parent= TYPE_INTERFACE,
 .class_size = sizeof(AcpiDeviceIfClass),
 };
+static const TypeInfo acpi_dev_aml_if_info = {
+.name  = TYPE_ACPI_DEV_AML_IF,
+.parent= TYPE_INTERFACE,
+.class_size = sizeof(AcpiDevAmlIfClass),
+};
+
 
 type_register_static(_dev_if_info);
+type_register_static(_dev_aml_if_info);
 }
 
 type_init(register_types)
diff --git a/hw/acpi/meson.build b/hw/acpi/meson.build
index cea2f5f93a..f8c820ca94 100644
--- a/hw/acpi/meson.build
+++ b/hw/acpi/meson.build
@@ -29,7 +29,7 @@ acpi_ss.add(when: 'CONFIG_PC', if_false: 
files('acpi-x86-stub.c'))
 if have_tpm
   acpi_ss.add(files('tpm.c'))
 endif
-softmmu_ss.add(when: 'CONFIG_ACPI', if_false: files('acpi-stub.c', 
'aml-build-stub.c', 'ghes-stub.c'))
+softmmu_ss.add(when: 'CONFIG_ACPI', if_false: files('acpi-stub.c', 
'aml-build-stub.c', 'ghes-stub.c', 'acpi_interface.c'))
 softmmu_ss.add_all(when: 'CONFIG_ACPI', if_true: acpi_ss)
 softmmu_ss.add(when: 'CONFIG_ALL', if_true: files('acpi-stub.c', 
'aml-build-stub.c',
   'acpi-x86-stub.c', 
'ipmi-stub.c', 'ghes-stub.c',
-- 
MST




[PULL 02/54] acpi: make isa_build_aml() support AcpiDevAmlIf interface

2022-06-10 Thread Michael S. Tsirkin
From: Igor Mammedov 

To allow incremental conversion from ISADeviceClass::build_aml
to AcpiDevAmlIf, add support for the later without removing
the former. Once conversion is complete, another commit will
drop ISADeviceClass::build_aml related code.

Signed-off-by: Igor Mammedov 
Reviewed-by: Ani Sinha 
Acked-by: Gerd Hoffmann 
Message-Id: <20220608135340.3304695-3-imamm...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/isa/isa-bus.c | 5 +
 1 file changed, 5 insertions(+)

diff --git a/hw/isa/isa-bus.c b/hw/isa/isa-bus.c
index cd5ad3687d..237e2cee12 100644
--- a/hw/isa/isa-bus.c
+++ b/hw/isa/isa-bus.c
@@ -24,6 +24,7 @@
 #include "hw/sysbus.h"
 #include "sysemu/sysemu.h"
 #include "hw/isa/isa.h"
+#include "hw/acpi/acpi_aml_interface.h"
 
 static ISABus *isabus;
 
@@ -196,8 +197,12 @@ void isa_build_aml(ISABus *bus, Aml *scope)
 QTAILQ_FOREACH(kid, >parent_obj.children, sibling) {
 dev = ISA_DEVICE(kid->child);
 dc = ISA_DEVICE_GET_CLASS(dev);
+bool has_build_dev_aml = !!object_dynamic_cast(OBJECT(dev),
+   TYPE_ACPI_DEV_AML_IF);
 if (dc->build_aml) {
 dc->build_aml(dev, scope);
+} else if (has_build_dev_aml) {
+call_dev_aml_func(DEVICE(dev), scope);
 }
 }
 }
-- 
MST




[PULL 00/54] virtio,pc,pci: fixes,cleanups,features

2022-06-10 Thread Michael S. Tsirkin
The following changes since commit 6d940eff4734bcb40b1a25f62d7cec5a396f994a:

  Merge tag 'pull-tpm-2022-06-07-1' of https://github.com/stefanberger/qemu-tpm 
into staging (2022-06-07 19:22:18 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git tags/for_upstream

for you to fetch changes up to 397c2901bfd9ee531243b38b6a318edccb88ed65:

  crypto: Introduce RSA algorithm (2022-06-09 19:32:49 -0400)


virtio,pc,pci: fixes,cleanups,features

more CXL patches
VIOT
Igor's huge AML rework
fixes, cleanups all over the place

Signed-off-by: Michael S. Tsirkin 


Changpeng Liu (2):
  hw/virtio/vhost-user: don't use uninitialized variable
  hw/vhost-user-scsi|blk: set `supports_config` flag correctly

Claudio Fontana (1):
  pci: fix overflow in snprintf string formatting

Igor Mammedov (35):
  acpi: add interface to build device specific AML
  acpi: make isa_build_aml() support AcpiDevAmlIf interface
  acpi: fdc-isa: replace ISADeviceClass::build_aml with 
AcpiDevAmlIfClass:build_dev_aml
  acpi: parallel port: replace ISADeviceClass::build_aml with 
AcpiDevAmlIfClass:build_dev_aml
  acpi: serial-is: replace ISADeviceClass::build_aml with 
AcpiDevAmlIfClass:build_dev_aml
  acpi: mc146818rtc: replace ISADeviceClass::build_aml with 
AcpiDevAmlIfClass:build_dev_aml
  acpi: pckbd: replace ISADeviceClass::build_aml with 
AcpiDevAmlIfClass:build_dev_aml
  isa-bus: drop no longer used ISADeviceClass::build_aml
  tests: acpi: add and whitelist DSDT.ipmismbus expected blob
  tests: acpi: q35: add test for smbus-ipmi device
  tests: acpi: update expected blob DSDT.ipmismbus
  tests: acpi: whitelist DSDT.ipmismbus expected blob
  ipmi: acpi: use relative path to resource source
  tests: acpi: update expected DSDT.ipmismbus blob
  acpi: ich9-smb: add support for AcpiDevAmlIf interface
  acpi: ipmi: use AcpiDevAmlIf interface to build IPMI device descriptors
  q35: acpi: drop not needed PCMachineClass::do_not_add_smb_acpi
  tests: acpi: white-list to be re-factored pc/q35 DSDT
  acpi: pc: isa bridge: use AcpiDevAmlIf interface to build ISA device 
descriptors
  acpi: q35: isa bridge: use AcpiDevAmlIf interface to build ISA device 
descriptors
  tests: acpi: update expected blobs
  tests: acpi: add and white-list DSDT.applesmc expected blob
  tests: acpi: add applesmc testcase
  acpi: applesmc: use AcpiDevAmlIfClass:build_dev_aml to provide device's 
AML
  tests: acpi: update expected blobs
  tests: acpi: white-lists expected DSDT.pvpanic-isa blob
  tests: acpi: add pvpanic-isa: testcase
  acpi: pvpanic-isa: use AcpiDevAmlIfClass:build_dev_aml to provide 
device's AML
  tests: acpi: update expected DSDT.pvpanic-isa blob
  tests: acpi: white-list DSDT.tis.tpm2/DSDT.tis.tpm12 expected blobs
  acpi: pc/q35: tpm-tis: fix TPM device scope
  acpi: pc/q35: remove not needed 'if' condition on pci bus
  acpi: tpm-tis: use AcpiDevAmlIfClass:build_dev_aml to provide device's AML
  tests: acpi: update expected DSDT.tis.tpm2/DSDT.tis.tpm12 blobs
  x86: acpi-build: do not include hw/isa/isa.h directly

Jonathan Cameron (9):
  hw/cxl: Make the CXL fixed memory window setup a machine parameter.
  hw/acpi/cxl: Pass in the CXLState directly rather than MachineState
  hw/cxl: Push linking of CXL targets into i386/pc rather than in machine.c
  tests/acpi: Allow modification of q35 CXL CEDT table.
  pci/pci_expander_bridge: For CXL HB delay the HB register memory region 
setup.
  tests/acpi: Update q35/CEDT.cxl for new memory addresses.
  hw/cxl: Move the CXLState from MachineState to machine type specific 
state.
  hw/machine: Drop cxl_supported flag as no longer useful
  hw/cxl: Fix missing write mask for HDM decoder target list registers

Mark Cave-Ayland (6):
  hw/acpi/viot: rename build_pci_range_node() to 
enumerate_pci_host_bridges()
  hw/acpi/viot: move the individual PCI host bridge entry generation to a 
new function
  hw/acpi/viot: build array of PCI host bridges before generating VIOT ACPI 
table
  tests/acpi: virt: allow VIOT acpi table changes
  hw/acpi/viot: sort VIOT ACPI table entries by PCI host bridge min_bus
  tests/acpi: virt: update golden masters for VIOT

Zhenwei Pi (1):
  crypto: Introduce RSA algorithm

 qapi/machine.json   |  13 ++
 include/hw/acpi/acpi_aml_interface.h|  40 
 include/hw/acpi/cxl.h   |   5 +-
 include/hw/acpi/ipmi.h  |   9 +-
 include/hw/boards.h |   3 +-
 include/hw/cxl/cxl.h|   9 +-
 include/hw/cxl/cxl_host.h   |  23 ++
 include/hw/i386/pc.h|   3 +-
 include

Re: [PATCH v14 5/8] qmp: decode feature & status bits in virtio-status

2022-06-09 Thread Michael S. Tsirkin
On Thu, May 19, 2022 at 02:30:43AM -0400, Jonah Palmer wrote:
> 
> On 5/16/22 16:26, Michael S. Tsirkin wrote:
> 
> On Fri, Apr 01, 2022 at 09:23:22AM -0400, Jonah Palmer wrote:
> 
> From: Laurent Vivier 
> 
> Display feature names instead of bitmaps for host, guest, and
> backend for VirtIODevices.
> 
> Display status names instead of bitmaps for VirtIODevices.
> 
> Display feature names instead of bitmaps for backend, protocol,
> acked, and features (hdev->features) for vhost devices.
> 
> Decode features according to device ID. Decode statuses
> according to configuration status bitmap (config_status_map).
> Decode vhost user protocol features according to vhost user
> protocol bitmap (vhost_user_protocol_map).
> 
> Transport features are on the first line. Undecoded bits (if
> any) are stored in a separate field.
> 
> Signed-off-by: Jonah Palmer 
> 
> 
> So this has several problems that I missed previously.
> First, sign off from poster is missing.
> 
> My apologies, will add missing Laurent's SOB in correct order for
> patches 3-8.


Were you going to repost?

> 
> 
> 
> 
> ---
>  hw/block/virtio-blk.c  |  29 
>  hw/char/virtio-serial-bus.c|  11 ++
>  hw/display/virtio-gpu.c|  18 ++
>  hw/input/virtio-input.c|  10 ++
>  hw/net/virtio-net.c|  47 +
>  hw/scsi/virtio-scsi.c  |  17 ++
>  hw/virtio/vhost-user-fs.c  |  10 ++
>  hw/virtio/vhost-user-i2c.c |  14 ++
>  hw/virtio/vhost-vsock-common.c |  10 ++
>  hw/virtio/virtio-balloon.c |  14 ++
>  hw/virtio/virtio-crypto.c  |  10 ++
>  hw/virtio/virtio-iommu.c   |  14 ++
>  hw/virtio/virtio-mem.c |  11 ++
>  hw/virtio/virtio.c | 302 
> -
>  include/hw/virtio/vhost.h  |   3 +
>  include/hw/virtio/virtio.h |  19 +++
>  qapi/virtio.json   | 156 ++---
>  17 files changed, 667 insertions(+), 28 deletions(-)
> 
> diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
> index 27c71ad316..f104603040 100644
> --- a/hw/block/virtio-blk.c
> +++ b/hw/block/virtio-blk.c
> @@ -13,6 +13,7 @@
> 
>  #include "qemu/osdep.h"
>  #include "qapi/error.h"
> +#include "qapi/qapi-visit-virtio.h"
>  #include "qemu/iov.h"
>  #include "qemu/module.h"
>  #include "qemu/error-report.h"
> @@ -33,10 +34,38 @@
>  #include "migration/qemu-file-types.h"
>  #include "hw/virtio/virtio-access.h"
>  #include "qemu/coroutine.h"
> +#include "standard-headers/linux/vhost_types.h"
> 
>  /* Config size before the discard support (hide associated config 
> fields) */
>  #define VIRTIO_BLK_CFG_SIZE offsetof(struct virtio_blk_config, \
>   max_discard_sectors)
> +
> +qmp_virtio_feature_map_t blk_map[] = {
> +#define FEATURE_ENTRY(name) \
> +{ VIRTIO_BLK_F_##name, #name }
> +FEATURE_ENTRY(SIZE_MAX),
> +FEATURE_ENTRY(SEG_MAX),
> +FEATURE_ENTRY(GEOMETRY),
> +FEATURE_ENTRY(RO),
> +FEATURE_ENTRY(BLK_SIZE),
> +FEATURE_ENTRY(TOPOLOGY),
> +FEATURE_ENTRY(MQ),
> +FEATURE_ENTRY(DISCARD),
> +FEATURE_ENTRY(WRITE_ZEROES),
> +#ifndef VIRTIO_BLK_NO_LEGACY
> +FEATURE_ENTRY(BARRIER),
> +FEATURE_ENTRY(SCSI),
> +FEATURE_ENTRY(FLUSH),
> +FEATURE_ENTRY(CONFIG_WCE),
> +#endif /* !VIRTIO_BLK_NO_LEGACY */
> +#undef FEATURE_ENTRY
> +#define FEATURE_ENTRY(name) \
> +{ VHOST_F_##name, #name }
> +FEATURE_ENTRY(LOG_ALL),
> +#undef FEATURE_ENTRY
> +{ -1, "" }
> +};
> +
>  /*
>   * Starting from the discard feature, we can use this array to 
> properly
>   * set the config size depending on the features enabled.
> diff --git a/hw/char/virtio-serial-bus.c b/hw/char/virtio-serial-bus.c
> index 7d4601cb5d..fbb31a2b16 100644
> --- a/hw/char/virtio-serial-bus.c
> +++ b/hw/char/virtio-serial-bus.c
> @@ -20,6 

Re: [PATCH v6 resend 4/4] vdpa: add vdpa-dev-pci support

2022-06-08 Thread Michael S. Tsirkin
On Sat, May 14, 2022 at 12:11:07PM +0800, Longpeng(Mike) wrote:
> From: Longpeng 
> 
> Supports vdpa-dev-pci, we can use the device as follow:
> 
> -device vhost-vdpa-device-pci,vhostdev=/dev/vhost-vdpa-X
> 
> Reviewed-by: Stefano Garzarella 
> Signed-off-by: Longpeng 


Build fails:

FAILED: libqemu-aarch64-softmmu.fa.p/hw_virtio_vdpa-dev-pci.c.o 
cc -m64 -mcx16 -Ilibqemu-aarch64-softmmu.fa.p -I. -I.. -Itarget/arm 
-I../target/arm -Iqapi -Itrace -Iui -Iui/shader -I/usr/include/pixman-1 
-I/usr/include/capstone -I/usr/include/spice-server -I/usr/include/spice-1 
-I/usr/include/cacard -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include 
-I/usr/include/sysprof-4 -I/usr/include/nss3 -I/usr/include/nspr4 
-I/usr/include/PCSC -fdiagnostics-color=auto -Wall -Winvalid-pch -Werror 
-std=gnu11 -O2 -g -isystem /scm/qemu/linux-headers -isystem linux-headers 
-iquote . -iquote /scm/qemu -iquote /scm/qemu/include -iquote 
/scm/qemu/disas/libvixl -iquote /scm/qemu/tcg/i386 -pthread -U_FORTIFY_SOURCE 
-D_FORTIFY_SOURCE=2 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE 
-Wstrict-prototypes -Wredundant-decls -Wundef -Wwrite-strings 
-Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv 
-Wold-style-declaration -Wold-style-definition -Wtype-limits -Wformat-security 
-Wformat-y2k -Winit-self -Wignored-qualifiers -Wempty-body -Wnested-externs 
-Wendif-labels -Wexpansion-to-defined -Wimplicit-fallthrough=2 
-Wno-missing-include-dirs -Wno-shift-negative-value -Wno-psabi 
-fstack-protector-strong -fPIE -isystem../linux-headers -isystemlinux-headers 
-DNEED_CPU_H '-DCONFIG_TARGET="aarch64-softmmu-config-target.h"' 
'-DCONFIG_DEVICES="aarch64-softmmu-config-devices.h"' -MD -MQ 
libqemu-aarch64-softmmu.fa.p/hw_virtio_vdpa-dev-pci.c.o -MF 
libqemu-aarch64-softmmu.fa.p/hw_virtio_vdpa-dev-pci.c.o.d -o 
libqemu-aarch64-softmmu.fa.p/hw_virtio_vdpa-dev-pci.c.o -c 
../hw/virtio/vdpa-dev-pci.c
../hw/virtio/vdpa-dev-pci.c:26:10: fatal error: virtio-pci.h: No such file or 
directory
   26 | #include "virtio-pci.h"
  |  ^~
compilation terminated.


> ---
>  hw/virtio/meson.build|   1 +
>  hw/virtio/vdpa-dev-pci.c | 102 +++
>  2 files changed, 103 insertions(+)
>  create mode 100644 hw/virtio/vdpa-dev-pci.c
> 
> diff --git a/hw/virtio/meson.build b/hw/virtio/meson.build
> index 8f6f86db71..c2da69616f 100644
> --- a/hw/virtio/meson.build
> +++ b/hw/virtio/meson.build
> @@ -50,6 +50,7 @@ virtio_pci_ss.add(when: 'CONFIG_VIRTIO_SERIAL', if_true: 
> files('virtio-serial-pc
>  virtio_pci_ss.add(when: 'CONFIG_VIRTIO_PMEM', if_true: 
> files('virtio-pmem-pci.c'))
>  virtio_pci_ss.add(when: 'CONFIG_VIRTIO_IOMMU', if_true: 
> files('virtio-iommu-pci.c'))
>  virtio_pci_ss.add(when: 'CONFIG_VIRTIO_MEM', if_true: 
> files('virtio-mem-pci.c'))
> +virtio_pci_ss.add(when: 'CONFIG_VHOST_VDPA_DEV', if_true: 
> files('vdpa-dev-pci.c'))
>  
>  virtio_ss.add_all(when: 'CONFIG_VIRTIO_PCI', if_true: virtio_pci_ss)
>  
> diff --git a/hw/virtio/vdpa-dev-pci.c b/hw/virtio/vdpa-dev-pci.c
> new file mode 100644
> index 00..fde35dfc92
> --- /dev/null
> +++ b/hw/virtio/vdpa-dev-pci.c
> @@ -0,0 +1,102 @@
> +/*
> + * Vhost Vdpa Device PCI Bindings
> + *
> + * Copyright (c) Huawei Technologies Co., Ltd. 2022. All Rights Reserved.
> + *
> + * Authors:
> + *   Longpeng 
> + *
> + * Largely based on the "vhost-user-blk-pci.c" and "vhost-user-blk.c"
> + * implemented by:
> + *   Changpeng Liu 
> + *
> + * This work is licensed under the terms of the GNU LGPL, version 2 or later.
> + * See the COPYING.LIB file in the top-level directory.
> + */
> +#include "qemu/osdep.h"
> +#include 
> +#include 
> +#include "hw/virtio/virtio.h"
> +#include "hw/virtio/vdpa-dev.h"
> +#include "hw/pci/pci.h"
> +#include "hw/qdev-properties.h"
> +#include "qapi/error.h"
> +#include "qemu/error-report.h"
> +#include "qemu/module.h"
> +#include "virtio-pci.h"
> +#include "qom/object.h"
> +
> +
> +typedef struct VhostVdpaDevicePCI VhostVdpaDevicePCI;
> +
> +#define TYPE_VHOST_VDPA_DEVICE_PCI "vhost-vdpa-device-pci-base"
> +DECLARE_INSTANCE_CHECKER(VhostVdpaDevicePCI, VHOST_VDPA_DEVICE_PCI,
> + TYPE_VHOST_VDPA_DEVICE_PCI)
> +
> +struct VhostVdpaDevicePCI {
> +VirtIOPCIProxy parent_obj;
> +VhostVdpaDevice vdev;
> +};
> +
> +static void vhost_vdpa_device_pci_instance_init(Object *obj)
> +{
> +VhostVdpaDevicePCI *dev = VHOST_VDPA_DEVICE_PCI(obj);
> +
> +virtio_instance_init_common(obj, >vdev, sizeof(dev->vdev),
> +TYPE_VHOST_VDPA_DEVICE);
> +object_property_add_alias(obj, "bootindex", OBJECT(>vdev),
> +  "bootindex");
> +}
> +
> +static Property vhost_vdpa_device_pci_properties[] = {
> +DEFINE_PROP_END_OF_LIST(),
> +};
> +
> +static int vhost_vdpa_device_pci_post_init(VhostVdpaDevice *v, Error **errp)
> +{
> +VhostVdpaDevicePCI *dev = container_of(v, VhostVdpaDevicePCI, vdev);
> +VirtIOPCIProxy 

Re: [PATCH] ppc: fix boot with sam460ex

2022-06-08 Thread Michael S. Tsirkin
On Mon, Jun 06, 2022 at 10:51:23AM -0300, Daniel Henrique Barboza wrote:
> Michael,
> 
> 
> I'll queue this patch with the commit msg proposed by Zoltan as follows:
> 
> 
> Author: Michael S. Tsirkin 
> Date:   Thu May 26 18:43:43 2022 -0400
> 
> ppc: fix boot with sam460ex
> Recent changes to pcie_host corrected size of its internal region to
> match what it expects: only the low 28 bits are ever decoded. Previous
> code just ignored bit 29 (if size was 1 << 29) in the address which does
> not make much sense.  We are now asserting on size > 1 << 28 instead,
> but PPC 4xx actually allows guest to configure different sizes, and some
> firmwares seem to set it to 1 << 29.
> This caused e.g. qemu-system-ppc -M sam460ex to exit with an assert when
> the guest writes a value to CFGMSK register when trying to map config
> space. This is done in the board firmware in ppc4xx_init_pcie_port() in
> roms/u-boot-sam460ex/arch/powerpc/cpu/ppc4xx/4xx_pcie.c
> It's not clear what the proper fix should be but for now let's force the
> size to 256MB, so anything outside the expected address range is
> ignored.
> 
> 
> Is that ok with you?
> 
> 
> Thanks,
> 
> 
> Daniel


ACK

> 
> On 5/26/22 19:43, Michael S. Tsirkin wrote:
> > Recent changes to pcie_host corrected size of its internal region to
> > match what it expects - only the low 28 bits are ever decoded. Previous
> > code just ignored bit 29 (if size was 1 << 29) in the address which does
> > not make much sense.  We are now asserting on size > 1 << 28 instead,
> > but it so happened that ppc actually allows guest to configure as large
> > a size as it wants to, and current firmware set it to 1 << 29.
> > 
> > With just qemu-system-ppc -M sam460ex this triggers an assert which
> > seems to happen when the guest (board firmware?) writes a value to
> > CFGMSK reg:
> > 
> > (gdb) bt
> > 
> > This is done in the board firmware here:
> > 
> > https://git.qemu.org/?p=u-boot-sam460ex.git;a=blob;f=arch/powerpc/cpu/ppc4xx/4xx_pcie.c;h=13348be93dccc74c13ea043d6635a7f8ece4b5f0;hb=HEAD
> > 
> > when trying to map config space.
> > 
> > Note that what firmware does matches
> > https://www.hardware.com.br/comunidade/switch-cisco/1128380/
> > 
> > So it's not clear what the proper fix should be.
> > 
> > However, allowing guest to trigger an assert in qemu is not good practice 
> > anyway.
> > 
> > For now let's just force the mask to 256MB on guest write, this way
> > anything outside the expected address range is ignored.
> > 
> > Fixes: commit 1f1a7b2269 ("include/hw/pci/pcie_host: Correct 
> > PCIE_MMCFG_SIZE_MAX")
> > Reviewed-by: BALATON Zoltan 
> > Tested-by: BALATON Zoltan 
> > Signed-off-by: Michael S. Tsirkin 
> > ---
> > 
> > Affected system is orphan so I guess I will merge the patch unless
> > someone objects.
> > 
> >   hw/ppc/ppc440_uc.c | 8 
> >   1 file changed, 8 insertions(+)
> > 
> > diff --git a/hw/ppc/ppc440_uc.c b/hw/ppc/ppc440_uc.c
> > index 993e3ba955..a1ecf6dd1c 100644
> > --- a/hw/ppc/ppc440_uc.c
> > +++ b/hw/ppc/ppc440_uc.c
> > @@ -1180,6 +1180,14 @@ static void dcr_write_pcie(void *opaque, int dcrn, 
> > uint32_t val)
> >   case PEGPL_CFGMSK:
> >   s->cfg_mask = val;
> >   size = ~(val & 0xfffe) + 1;
> > +/*
> > + * Firmware sets this register to E001. Why we are not sure,
> > + * but the current guess is anything above PCIE_MMCFG_SIZE_MAX is
> > + * ignored.
> > + */
> > +if (size > PCIE_MMCFG_SIZE_MAX) {
> > +size = PCIE_MMCFG_SIZE_MAX;
> > +}
> >   pcie_host_mmcfg_update(PCIE_HOST_BRIDGE(s), val & 1, s->cfg_base, 
> > size);
> >   break;
> >   case PEGPL_MSGBAH:




Re: [PATCH] microvm: turn off io reservations for pcie root ports

2022-06-08 Thread Michael S. Tsirkin
On Fri, Jun 03, 2022 at 10:59:20AM +0200, Gerd Hoffmann wrote:
> The pcie host bridge has no io window on microvm,
> so io reservations will not work.
> 
> Signed-off-by: Gerd Hoffmann 

I don't much like overriding user like this. We end up users
setting it to silly values and then if we do want to
support this things just break. Thoughts?

> ---
>  hw/i386/microvm.c | 6 ++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/hw/i386/microvm.c b/hw/i386/microvm.c
> index 4b3b1dd262f1..f01d972f5d28 100644
> --- a/hw/i386/microvm.c
> +++ b/hw/i386/microvm.c
> @@ -757,6 +757,12 @@ static void microvm_class_init(ObjectClass *oc, void 
> *data)
>  "Set off to disable adding virtio-mmio devices to the kernel 
> cmdline");
>  
>  machine_class_allow_dynamic_sysbus_dev(mc, TYPE_RAMFB_DEVICE);
> +
> +/*
> + * pcie host bridge (gpex) on microvm has no io address window,
> + * so reserving io space is not going to work.  Turn it off.
> + */
> +object_register_sugar_prop("pcie-root-port", "io-reserve", "0", true);
>  }
>  
>  static const TypeInfo microvm_machine_info = {
> -- 
> 2.36.1




Re: [PATCH 16/35] acpi: ipmi: use AcpiDevAmlIf interface to build IPMI device descriptors

2022-06-07 Thread Michael S. Tsirkin
On Mon, May 16, 2022 at 11:25:51AM -0400, Igor Mammedov wrote:
> convert ad-hoc way we use to generate AML for ISA/SMB IPMI devices
> to a generic approach (i.e. make devices provide its own AML blobs
> like it is done with other ISA devices (ex. KBD))
> 
> Signed-off-by: Igor Mammedov 

could not apply this. rebase and repost?

> ---
>  include/hw/acpi/ipmi.h |  9 ++--
>  hw/acpi/ipmi-stub.c|  2 +-
>  hw/acpi/ipmi.c | 49 +-
>  hw/i386/acpi-build.c   | 17 ++-
>  hw/ipmi/isa_ipmi_bt.c  |  4 
>  hw/ipmi/isa_ipmi_kcs.c |  4 
>  hw/ipmi/smbus_ipmi.c   |  4 
>  7 files changed, 42 insertions(+), 47 deletions(-)
> 
> diff --git a/include/hw/acpi/ipmi.h b/include/hw/acpi/ipmi.h
> index c38483565c..6c8079c97a 100644
> --- a/include/hw/acpi/ipmi.h
> +++ b/include/hw/acpi/ipmi.h
> @@ -9,13 +9,8 @@
>  #ifndef HW_ACPI_IPMI_H
>  #define HW_ACPI_IPMI_H
>  
> -#include "hw/acpi/aml-build.h"
> +#include "hw/acpi/acpi_aml_interface.h"
>  
> -/*
> - * Add ACPI IPMI entries for all registered IPMI devices whose parent
> - * bus matches the given bus.  The resource is the ACPI resource that
> - * contains the IPMI device, this is required for the I2C CRS.
> - */
> -void build_acpi_ipmi_devices(Aml *table, BusState *bus);
> +void build_ipmi_dev_aml(AcpiDevAmlIf *adev, Aml *scope);
>  
>  #endif /* HW_ACPI_IPMI_H */
> diff --git a/hw/acpi/ipmi-stub.c b/hw/acpi/ipmi-stub.c
> index f525f71c2d..befaf0a882 100644
> --- a/hw/acpi/ipmi-stub.c
> +++ b/hw/acpi/ipmi-stub.c
> @@ -10,6 +10,6 @@
>  #include "qemu/osdep.h"
>  #include "hw/acpi/ipmi.h"
>  
> -void build_acpi_ipmi_devices(Aml *table, BusState *bus)
> +void build_ipmi_dev_aml(AcpiDevAmlIf *adev, Aml *scope)
>  {
>  }
> diff --git a/hw/acpi/ipmi.c b/hw/acpi/ipmi.c
> index c30b44fcf5..a20e57d465 100644
> --- a/hw/acpi/ipmi.c
> +++ b/hw/acpi/ipmi.c
> @@ -62,46 +62,27 @@ static Aml *aml_ipmi_crs(IPMIFwInfo *info)
>  return crs;
>  }
>  
> -static Aml *aml_ipmi_device(IPMIFwInfo *info)
> +void build_ipmi_dev_aml(AcpiDevAmlIf *adev, Aml *scope)
>  {
>  Aml *dev;
> -uint16_t version = ((info->ipmi_spec_major_revision << 8)
> -| (info->ipmi_spec_minor_revision << 4));
> +IPMIFwInfo info = {};
> +IPMIInterface *ii = IPMI_INTERFACE(adev);
> +IPMIInterfaceClass *iic = IPMI_INTERFACE_GET_CLASS(ii);
> +uint16_t version;
>  
> -assert(info->ipmi_spec_minor_revision <= 15);
> +iic->get_fwinfo(ii, );
> +assert(info.ipmi_spec_minor_revision <= 15);
> +version = ((info.ipmi_spec_major_revision << 8)
> +  | (info.ipmi_spec_minor_revision << 4));
>  
> -dev = aml_device("MI%d", info->uuid);
> +dev = aml_device("MI%d", info.uuid);
>  aml_append(dev, aml_name_decl("_HID", aml_eisaid("IPI0001")));
>  aml_append(dev, aml_name_decl("_STR", aml_string("ipmi_%s",
> - info->interface_name)));
> -aml_append(dev, aml_name_decl("_UID", aml_int(info->uuid)));
> -aml_append(dev, aml_name_decl("_CRS", aml_ipmi_crs(info)));
> -aml_append(dev, aml_name_decl("_IFT", aml_int(info->interface_type)));
> + info.interface_name)));
> +aml_append(dev, aml_name_decl("_UID", aml_int(info.uuid)));
> +aml_append(dev, aml_name_decl("_CRS", aml_ipmi_crs()));
> +aml_append(dev, aml_name_decl("_IFT", aml_int(info.interface_type)));
>  aml_append(dev, aml_name_decl("_SRV", aml_int(version)));
>  
> -return dev;
> -}
> -
> -void build_acpi_ipmi_devices(Aml *scope, BusState *bus)
> -{
> -
> -BusChild *kid;
> -
> -QTAILQ_FOREACH(kid, >children,  sibling) {
> -IPMIInterface *ii;
> -IPMIInterfaceClass *iic;
> -IPMIFwInfo info;
> -Object *obj = object_dynamic_cast(OBJECT(kid->child),
> -  TYPE_IPMI_INTERFACE);
> -
> -if (!obj) {
> -continue;
> -}
> -
> -ii = IPMI_INTERFACE(obj);
> -iic = IPMI_INTERFACE_GET_CLASS(obj);
> -memset(, 0, sizeof(info));
> -iic->get_fwinfo(ii, );
> -aml_append(scope, aml_ipmi_device());
> -}
> +aml_append(scope, dev);
>  }
> diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
> index 6dce8354cc..ca5cab87ba 100644
> --- a/hw/i386/acpi-build.c
> +++ b/hw/i386/acpi-build.c
> @@ -38,6 +38,7 @@
>  #include "hw/nvram/fw_cfg.h"
>  #include "hw/acpi/bios-linker-loader.h"
>  #include "hw/isa/isa.h"
> +#include "hw/acpi/acpi_aml_interface.h"
>  #include "hw/input/i8042.h"
>  #include "hw/acpi/memory_hotplug.h"
>  #include "sysemu/tpm.h"
> @@ -71,7 +72,6 @@
>  #include "hw/i386/intel_iommu.h"
>  #include "hw/virtio/virtio-iommu.h"
>  
> -#include "hw/acpi/ipmi.h"
>  #include "hw/acpi/hmat.h"
>  #include "hw/acpi/viot.h"
>  
> @@ -870,7 +870,6 @@ static void build_isa_devices_aml(Aml *table)
>  assert(obj && !ambiguous);
>  
>  scope = 

Re: [PATCH] pci: fix overflow in snprintf string formatting

2022-05-31 Thread Michael S. Tsirkin
On Tue, May 31, 2022 at 01:47:07PM +0200, Claudio Fontana wrote:
> the code in pcibus_get_fw_dev_path contained the potential for a
> stack buffer overflow of 1 byte, potentially writing to the stack an
> extra NUL byte.
> 
> This overflow could happen if the PCI slot is >= 0x1000,
> and the PCI function is >= 0x1000, due to the size parameter
> of snprintf being incorrectly calculated in the call:
> 
> if (PCI_FUNC(d->devfn))
> snprintf(path + off, sizeof(path) + off, ",%x", PCI_FUNC(d->devfn));
> 
> since the off obtained from a previous call to snprintf is added
> instead of subtracted from the total available size of the buffer.
> 
> Without the accurate size guard from snprintf, we end up writing in the
> worst case:
> 
> name (32) + "@" (1) + SLOT (8) + "," (1) + FUNC (8) + term NUL (1) = 51 bytes
> 
> In order to provide something more robust, replace all of the code in
> pcibus_get_fw_dev_path with a single call to g_strdup_printf,
> so there is no need to rely on manual calculations.
> 
> Found by compiling QEMU with FORTIFY_SOURCE=3 as the error:
> 
> *** buffer overflow detected ***: terminated
> 
> Thread 1 "qemu-system-x86" received signal SIGABRT, Aborted.
> [Switching to Thread 0x7642c380 (LWP 121307)]
> 0x771ff55c in __pthread_kill_implementation () from /lib64/libc.so.6
> (gdb) bt
>  #0  0x771ff55c in __pthread_kill_implementation () at 
> /lib64/libc.so.6
>  #1  0x771ac6f6 in raise () at /lib64/libc.so.6
>  #2  0x77195814 in abort () at /lib64/libc.so.6
>  #3  0x771f279e in __libc_message () at /lib64/libc.so.6
>  #4  0x7729767a in __fortify_fail () at /lib64/libc.so.6
>  #5  0x77295c36 in  () at /lib64/libc.so.6
>  #6  0x772957f5 in __snprintf_chk () at /lib64/libc.so.6
>  #7  0x55b1c1fd in pcibus_get_fw_dev_path ()
>  #8  0x55f2bde4 in qdev_get_fw_dev_path_helper.constprop ()
>  #9  0x55f2bd86 in qdev_get_fw_dev_path_helper.constprop ()
>  #10 0x559a6e5d in get_boot_device_path ()
>  #11 0x559a712c in get_boot_devices_list ()
>  #12 0x55b1a3d0 in fw_cfg_machine_reset ()
>  #13 0x55bf4c2d in pc_machine_reset ()
>  #14 0x55c66988 in qemu_system_reset ()
>  #15 0x55a6dff6 in qdev_machine_creation_done ()
>  #16 0x55c79186 in qmp_x_exit_preconfig.part ()
>  #17 0x55c7b459 in qemu_init ()
>  #18 0x55960a29 in main ()
> 
> Found-by: Dario Faggioli 
> Found-by: Martin Liška 
> Cc: qemu-sta...@nongnu.org
> Signed-off-by: Claudio Fontana 

Queued, thanks!

> ---
>  hw/pci/pci.c | 18 +-
>  1 file changed, 9 insertions(+), 9 deletions(-)
> 
> diff --git a/hw/pci/pci.c b/hw/pci/pci.c
> index a9b37f8000..6e7015329c 100644
> --- a/hw/pci/pci.c
> +++ b/hw/pci/pci.c
> @@ -2640,15 +2640,15 @@ static char *pci_dev_fw_name(DeviceState *dev, char 
> *buf, int len)
>  static char *pcibus_get_fw_dev_path(DeviceState *dev)
>  {
>  PCIDevice *d = (PCIDevice *)dev;
> -char path[50], name[33];
> -int off;
> -
> -off = snprintf(path, sizeof(path), "%s@%x",
> -   pci_dev_fw_name(dev, name, sizeof name),
> -   PCI_SLOT(d->devfn));
> -if (PCI_FUNC(d->devfn))
> -snprintf(path + off, sizeof(path) + off, ",%x", PCI_FUNC(d->devfn));
> -return g_strdup(path);
> +char name[33];
> +int has_func = !!PCI_FUNC(d->devfn);
> +
> +return g_strdup_printf("%s@%x%s%.*x",
> +   pci_dev_fw_name(dev, name, sizeof(name)),
> +   PCI_SLOT(d->devfn),
> +   has_func ? "," : "",
> +   has_func,
> +   PCI_FUNC(d->devfn));
>  }
>  
>  static char *pcibus_get_dev_path(DeviceState *dev)
> -- 
> 2.26.2




Re: [PATCH 4/4] hw/ide/piix: Ignore writes of hardwired PCI command register bits

2022-05-30 Thread Michael S. Tsirkin
On Mon, May 30, 2022 at 03:33:18PM +0200, Philippe Mathieu-Daudé wrote:
> On 28/5/22 22:47, Lev Kujawski wrote:
> > One method to enable PCI bus mastering for IDE controllers, often used
> > by x86 firmware, is to write 0x7 to the PCI command register.  Neither
> > the PIIX3 specification nor actual hardware (a Tyan S1686D system)
> > permit modification of the Memory Space Enable (MSE) bit, 1, and thus
> > the command register would be left in an unspecified state without
> > this patch.
> > 
> > Signed-off-by: Lev Kujawski 
> > ---
> >   hw/ide/piix.c | 25 +
> >   1 file changed, 25 insertions(+)
> > 
> > diff --git a/hw/ide/piix.c b/hw/ide/piix.c
> > index 76ea8fd9f6..f1d1168ecd 100644
> > --- a/hw/ide/piix.c
> > +++ b/hw/ide/piix.c
> > @@ -25,6 +25,8 @@
> >* References:
> >*  [1] 82371FB (PIIX) AND 82371SB (PIIX3) PCI ISA IDE XCELERATOR,
> >*  290550-002, Intel Corporation, April 1997.
> > + *  [2] 82371AB PCI-TO-ISA / IDE XCELERATOR (PIIX4), 290562-001,
> > + *  Intel Corporation, April 1997.
> >*/
> >   #include "qemu/osdep.h"
> > @@ -32,6 +34,7 @@
> >   #include "migration/vmstate.h"
> >   #include "qapi/error.h"
> >   #include "qemu/module.h"
> > +#include "qemu/range.h"
> >   #include "sysemu/block-backend.h"
> >   #include "sysemu/blockdev.h"
> >   #include "sysemu/dma.h"
> > @@ -220,6 +223,26 @@ static void pci_piix_ide_exitfn(PCIDevice *dev)
> >   }
> >   }
> > +static void piix_pci_config_write(PCIDevice *d, uint32_t addr,
> > +  uint32_t val, int l)
> > +{
> > +/*
> > + * Mask all IDE PCI command register bits except for Bus Master
> > + * Function Enable (bit 2) and I/O Space Enable (bit 1), as the
> > + * remainder are hardwired to 0 [1, p.48] [2, p.89-90].
> > + *
> > + * NOTE: According to the PIIX3 datasheet [1], the Memory Space
> > + * Enable (MSE bit) is hardwired to 1, but this is contradicted by
> > + * actual PIIX3 hardware, the datasheet itself (viz., Default
> > + * Value: h), and the PIIX4 datasheet [2].
> > + */
> > +if (range_covers_byte(addr, l, PCI_COMMAND)) {
> > +val &= ~(0xfffa << ((PCI_COMMAND - addr) << 3));
> 
> Watch out, len can be 1/2/4.


If there are bits hardwired to 0 the right way to do it is
by clearing a bit in wmask. Might need machine compat machinery
for this.

> > +}
> > +
> > +pci_default_write_config(d, addr, val, l);
> > +}
> > +
> >   /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
> >   static void piix3_ide_class_init(ObjectClass *klass, void *data)
> >   {
> > @@ -232,6 +255,7 @@ static void piix3_ide_class_init(ObjectClass *klass, 
> > void *data)
> >   k->vendor_id = PCI_VENDOR_ID_INTEL;
> >   k->device_id = PCI_DEVICE_ID_INTEL_82371SB_1;
> >   k->class_id = PCI_CLASS_STORAGE_IDE;
> > +k->config_write = piix_pci_config_write;
> >   set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
> >   dc->hotpluggable = false;
> >   }
> > @@ -260,6 +284,7 @@ static void piix4_ide_class_init(ObjectClass *klass, 
> > void *data)
> >   k->vendor_id = PCI_VENDOR_ID_INTEL;
> >   k->device_id = PCI_DEVICE_ID_INTEL_82371AB;
> >   k->class_id = PCI_CLASS_STORAGE_IDE;
> > +k->config_write = piix_pci_config_write;
> >   set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
> >   dc->hotpluggable = false;
> >   }




Re: [PULL v2 75/86] include/hw/pci/pcie_host: Correct PCIE_MMCFG_SIZE_MAX

2022-05-30 Thread Michael S. Tsirkin
On Mon, May 30, 2022 at 11:42:41AM +0200, Thomas Huth wrote:
> On 26/05/2022 17.54, BALATON Zoltan wrote:
> > Hello,
> > 
> > On Thu, 26 May 2022, Daniel Henrique Barboza wrote:
> > > Hi,
> > > 
> > > This patch broke the boot of the sam460ex ppc machine:
> > > 
> > > qemu-system-ppc -M sam460ex -kernel
> > > ./buildroot/qemu_ppc_sam460ex-latest/vmlinux \
> > > -device virtio-net-pci,netdev=net0 -netdev user,id=net0 -serial mon:stdio 
> > > \
> > > -nographic -snapshot
> > > qemu-system-ppc: ../hw/pci/pcie_host.c:97: pcie_host_mmcfg_init:
> > > Assertion `size <= PCIE_MMCFG_SIZE_MAX' failed.
> > 
> > Thanks for noticing this. I usually only test it during the freeze.
> > Wasn't there a test patch submitted by Philippe before? Isn't that yet
> > merged or included in CI? That should catch these before breaking it.
> 
> Seems like there is only the (primitive) boot-serial test so far:
> 
> $ grep -r sam460ex tests/
> tests/qtest/boot-serial-test.c:{ "ppc", "sam460ex", "-m 256", "DRAM:  256 
> MiB" },
> tests/qtest/boot-serial-test.c:{ "ppc64", "sam460ex", "-device e1000", 
> "8086  100e" },

Hmm why don't these tests catch the issue?

> If there is a guest kernel available for public download somewhere,
> it would be great if you could add an avocado test for this machine
> (see e.g. the tests/avocado/ppc_*.py files for a template).
> 
>  Thomas




Re: [PATCH] ppc: fix boot with sam460ex

2022-05-27 Thread Michael S. Tsirkin
On Fri, May 27, 2022 at 12:46:57PM +0200, BALATON Zoltan wrote:
> Hello,
> 
> Some changes to commit message (patch is OK).

Want to write the commit message for me then?


> On Thu, 26 May 2022, Michael S. Tsirkin wrote:
> > Recent changes to pcie_host corrected size of its internal region to
> > match what it expects - only the low 28 bits are ever decoded. Previous
> > code just ignored bit 29 (if size was 1 << 29) in the address which does
> > not make much sense.  We are now asserting on size > 1 << 28 instead,
> > but it so happened that ppc actually allows guest to configure as large
> > a size as it wants to, and current firmware set it to 1 << 29.
> > 
> > With just qemu-system-ppc -M sam460ex this triggers an assert which
> > seems to happen when the guest (board firmware?) writes a value to
> > CFGMSK reg:
> > 
> > (gdb) bt
> 
> Backtrace is missing but you could just drop this line and replace : with .
> at end of previous line as we probably don't need the full backtrace, the
> commit message is already too long in my opinion.
> 
> > This is done in the board firmware here:
> > 
> > https://git.qemu.org/?p=u-boot-sam460ex.git;a=blob;f=arch/powerpc/cpu/ppc4xx/4xx_pcie.c;h=13348be93dccc74c13ea043d6635a7f8ece4b5f0;hb=HEAD
> > 
> > when trying to map config space.
> > 
> > Note that what firmware does matches
> > https://www.hardware.com.br/comunidade/switch-cisco/1128380/
> 
> That's not it. It's a different hardware and firmware, just quoted it as an
> example that this value seems to be common to that SoC even on different
> hardware/OS/firmware (probably comes from reference hardware/devel board?).
> The sam460ex is here
> 
> https://www.acube-systems.biz/index.php?page=hardware=5
> 
> the U-Boot in above repo is matching the firmware from the acube page but I
> had to fix some bugs in it to make it compile and work.
> 
> Otherwise this should be OK.
> 
> Regards,
> BALATON Zoltan
> 
> > So it's not clear what the proper fix should be.
> > 
> > However, allowing guest to trigger an assert in qemu is not good practice 
> > anyway.
> > 
> > For now let's just force the mask to 256MB on guest write, this way
> > anything outside the expected address range is ignored.
> > 
> > Fixes: commit 1f1a7b2269 ("include/hw/pci/pcie_host: Correct 
> > PCIE_MMCFG_SIZE_MAX")
> > Reviewed-by: BALATON Zoltan 
> > Tested-by: BALATON Zoltan 
> > Signed-off-by: Michael S. Tsirkin 
> > ---
> > 
> > Affected system is orphan so I guess I will merge the patch unless
> > someone objects.
> > 
> > hw/ppc/ppc440_uc.c | 8 
> > 1 file changed, 8 insertions(+)
> > 
> > diff --git a/hw/ppc/ppc440_uc.c b/hw/ppc/ppc440_uc.c
> > index 993e3ba955..a1ecf6dd1c 100644
> > --- a/hw/ppc/ppc440_uc.c
> > +++ b/hw/ppc/ppc440_uc.c
> > @@ -1180,6 +1180,14 @@ static void dcr_write_pcie(void *opaque, int dcrn, 
> > uint32_t val)
> > case PEGPL_CFGMSK:
> > s->cfg_mask = val;
> > size = ~(val & 0xfffe) + 1;
> > +/*
> > + * Firmware sets this register to E001. Why we are not sure,
> > + * but the current guess is anything above PCIE_MMCFG_SIZE_MAX is
> > + * ignored.
> > + */
> > +if (size > PCIE_MMCFG_SIZE_MAX) {
> > +size = PCIE_MMCFG_SIZE_MAX;
> > +}
> > pcie_host_mmcfg_update(PCIE_HOST_BRIDGE(s), val & 1, s->cfg_base, 
> > size);
> > break;
> > case PEGPL_MSGBAH:
> > 




[PATCH] ppc: fix boot with sam460ex

2022-05-26 Thread Michael S. Tsirkin
Recent changes to pcie_host corrected size of its internal region to
match what it expects - only the low 28 bits are ever decoded. Previous
code just ignored bit 29 (if size was 1 << 29) in the address which does
not make much sense.  We are now asserting on size > 1 << 28 instead,
but it so happened that ppc actually allows guest to configure as large
a size as it wants to, and current firmware set it to 1 << 29.

With just qemu-system-ppc -M sam460ex this triggers an assert which
seems to happen when the guest (board firmware?) writes a value to
CFGMSK reg:

(gdb) bt

This is done in the board firmware here:

https://git.qemu.org/?p=u-boot-sam460ex.git;a=blob;f=arch/powerpc/cpu/ppc4xx/4xx_pcie.c;h=13348be93dccc74c13ea043d6635a7f8ece4b5f0;hb=HEAD

when trying to map config space.

Note that what firmware does matches
https://www.hardware.com.br/comunidade/switch-cisco/1128380/

So it's not clear what the proper fix should be.

However, allowing guest to trigger an assert in qemu is not good practice 
anyway.

For now let's just force the mask to 256MB on guest write, this way
anything outside the expected address range is ignored.

Fixes: commit 1f1a7b2269 ("include/hw/pci/pcie_host: Correct 
PCIE_MMCFG_SIZE_MAX")
Reviewed-by: BALATON Zoltan 
Tested-by: BALATON Zoltan 
Signed-off-by: Michael S. Tsirkin 
---

Affected system is orphan so I guess I will merge the patch unless
someone objects.

 hw/ppc/ppc440_uc.c | 8 
 1 file changed, 8 insertions(+)

diff --git a/hw/ppc/ppc440_uc.c b/hw/ppc/ppc440_uc.c
index 993e3ba955..a1ecf6dd1c 100644
--- a/hw/ppc/ppc440_uc.c
+++ b/hw/ppc/ppc440_uc.c
@@ -1180,6 +1180,14 @@ static void dcr_write_pcie(void *opaque, int dcrn, 
uint32_t val)
 case PEGPL_CFGMSK:
 s->cfg_mask = val;
 size = ~(val & 0xfffe) + 1;
+/*
+ * Firmware sets this register to E001. Why we are not sure,
+ * but the current guess is anything above PCIE_MMCFG_SIZE_MAX is
+ * ignored.
+ */
+if (size > PCIE_MMCFG_SIZE_MAX) {
+size = PCIE_MMCFG_SIZE_MAX;
+}
 pcie_host_mmcfg_update(PCIE_HOST_BRIDGE(s), val & 1, s->cfg_base, 
size);
 break;
 case PEGPL_MSGBAH:
-- 
MST




Re: [PULL v2 75/86] include/hw/pci/pcie_host: Correct PCIE_MMCFG_SIZE_MAX

2022-05-26 Thread Michael S. Tsirkin
On Thu, May 26, 2022 at 09:34:08PM +0200, BALATON Zoltan wrote:
> On Thu, 26 May 2022, Michael S. Tsirkin wrote:
> > On Thu, May 26, 2022 at 06:43:25PM +0200, BALATON Zoltan wrote:
> > > On Thu, 26 May 2022, BALATON Zoltan wrote:
> > > > Hello,
> > > > 
> > > > On Thu, 26 May 2022, Daniel Henrique Barboza wrote:
> > > > > Hi,
> > > > > 
> > > > > This patch broke the boot of the sam460ex ppc machine:
> > > > > 
> > > > > qemu-system-ppc -M sam460ex -kernel
> > > > > ./buildroot/qemu_ppc_sam460ex-latest/vmlinux \
> > > > > -device virtio-net-pci,netdev=net0 -netdev user,id=net0 -serial 
> > > > > mon:stdio \
> > > > > -nographic -snapshot
> > > > > qemu-system-ppc: ../hw/pci/pcie_host.c:97: pcie_host_mmcfg_init:
> > > > > Assertion `size <= PCIE_MMCFG_SIZE_MAX' failed.
> > > 
> > > With just qemu-system-ppc -M sam460ex the assert seems to happen when the
> > > guest (board firmware?) writes a value to CFGMSK reg:
> > > 
> > > (gdb) bt
> > > #0  0x768ff4a0 in raise () at /lib64/libc.so.6
> > > #1  0x768ea536 in abort () at /lib64/libc.so.6
> > > #2  0x768ea42f in _nl_load_domain.cold () at /lib64/libc.so.6
> > > #3  0x768f7ed2 in  () at /lib64/libc.so.6
> > > #4  0x5596646f in pcie_host_mmcfg_init (e=e@entry=0x567942f0, 
> > > size=size@entry=0x2000) at ../hw/pci/pcie_host.c:97
> > > #5  0x5596653b in pcie_host_mmcfg_map (size=0x2000, 
> > > addr=0xd2000, e=0x567942f0) at ../hw/pci/pcie_host.c:105
> > > #6  pcie_host_mmcfg_update (e=0x567942f0, enable=0x1, 
> > > addr=0xd2000, size=0x2000) at ../hw/pci/pcie_host.c:118
> > > #7  0x55a70d7c in ppc_dcr_write (dcr_env=0x56669c10, 
> > > dcrn=0x122, val=0xe001) at ../hw/ppc/ppc.c:1418
> > > #8  0x55abdabb in helper_store_dcr (env=0x56633360, 
> > > dcrn=0x122, val=0xe001) at ../target/ppc/timebase_helper.c:188
> > > 
> > > This is done in the board firmware here:
> > > 
> > > https://git.qemu.org/?p=u-boot-sam460ex.git;a=blob;f=arch/powerpc/cpu/ppc4xx/4xx_pcie.c;h=13348be93dccc74c13ea043d6635a7f8ece4b5f0;hb=HEAD#l963
> > > 
> > > when trying to map config space. Here the size is calculated as 0x2000
> > > which does not fit the assert. I'm not sure what this means though and 
> > > where
> > > is the problem. Any ideas?
> > > 
> > > Regards,
> > > BALATON Zoltan
> > 
> > 
> > It says so, does it not?
> > 
> > 1051 switch (port) {
> > 1052 case 0:
> > 1053 mtdcr(DCRN_PEGPL_CFGBAH(PCIE0), high);
> > 1054 mtdcr(DCRN_PEGPL_CFGBAL(PCIE0), low);
> > 1055 mtdcr(DCRN_PEGPL_CFGMSK(PCIE0), 0xe001); /* 512MB 
> > region, valid */
> > 1056 break;
> > 1057 case 1:
> > 1058 mtdcr(DCRN_PEGPL_CFGBAH(PCIE1), high);
> > 1059 mtdcr(DCRN_PEGPL_CFGBAL(PCIE1), low);
> > 1060 mtdcr(DCRN_PEGPL_CFGMSK(PCIE1), 0xe001); /* 512MB 
> > region, valid */
> > 1061 break;
> > 1062 #if CONFIG_SYS_PCIE_NR_PORTS > 2
> > 1063 case 2:
> > 1064 mtdcr(DCRN_PEGPL_CFGBAH(PCIE2), high);
> > 1065 mtdcr(DCRN_PEGPL_CFGBAL(PCIE2), low);
> > 1066 mtdcr(DCRN_PEGPL_CFGMSK(PCIE2), 0xe001); /* 512MB 
> > region, valid */
> > 1067 break;
> > 1068 #endif
> 
> Yes, the size matches what the firmware programs it.
> 
> > and basically according to spec max size is 256MB.
> 
> Maybe this SoC does not follow the spec you're referring to? Complies to
> some other spec like a newer version or has its own idea? I don't have docs
> to tell.
> 
> > we can fix the firmware of course, or we can just drop the assert,
> > or force it within range in the ppc code.
> 
> According to this random Cisco IOS dump I've found:
> 
> https://www.hardware.com.br/comunidade/switch-cisco/1128380/
> 
> looks like this value is valid on that hardware so that likely means we
> should not "fix" the firmware. (Also not because it's what the real board
> uses or at least very close to it so it should work with the emulated board
> too and keeping it close to the real hardware ensures the emulation is
> accurate.) That means we should either revert this back (why was this
> cha

Re: [PATCH 3/3] virtio_balloon: Introduce memory recover

2022-05-26 Thread Michael S. Tsirkin
On Fri, May 20, 2022 at 03:06:48PM +0800, zhenwei pi wrote:
> Introduce a new queue 'recover VQ', this allows guest to recover
> hardware corrupted page:
> 
> Guest  5.MF -> 6.RVQ FE10.Unpoison page
> /   \/
> ---+-+--+---
>| |  |
> 4.MCE7.RVQ BE   9.RVQ Event
>  QEMU /   \   /
>  3.SIGBUS  8.Remap
> /
> +
> |
> +--2.MF
>  Host   /
>1.HW error
> 
> The workflow:
> 1, HardWare page error occurs randomly.
> 2, host side handles corrupted page by Memory Failure mechanism, sends
>SIGBUS to the user process if early-kill is enabled.
> 3, QEMU handles SIGBUS, if the address belongs to guest RAM, then:
> 4, QEMU tries to inject MCE into guest.
> 5, guest handles memory failure again.
> 
> 1-5 is already supported for a long time, the next steps are supported
> in this patch(also related driver patch):
> 6, guest balloon driver gets noticed of the corrupted PFN, and sends
>request to host side by Recover VQ FrontEnd.
> 7, QEMU handles request from Recover VQ BackEnd, then:
> 8, QEMU remaps the corrupted HVA fo fix the memory failure, then:
> 9, QEMU acks the guest side the result by Recover VQ.
> 10, guest unpoisons the page if the corrupted page gets recoverd
> successfully.
> 
> Then the guest fixes the HW page error dynamiclly without rebooting.
> 
> Emulate MCE by QEMU, the guest works fine:
>  mce: [Hardware Error]: Machine check events logged
>  Memory failure: 0x61646: recovery action for dirty LRU page: Recovered
>  virtio_balloon virtio5: recovered pfn 0x61646
>  Unpoison: Unpoisoned page 0x61646 by virtio-balloon
>  MCE: Killing stress:24502 due to hardware memory corruption fault at 
> 7f5be2e5a010
> 
> The 'HardwareCorrupted' in /proc/meminfo also shows 0 kB.
> 
> Signed-off-by: zhenwei pi 
> ---
>  drivers/virtio/virtio_balloon.c | 243 
>  include/uapi/linux/virtio_balloon.h |  16 ++
>  2 files changed, 259 insertions(+)
> 
> diff --git a/drivers/virtio/virtio_balloon.c b/drivers/virtio/virtio_balloon.c
> index f4c34a2a6b8e..f9d95d1d8a4d 100644
> --- a/drivers/virtio/virtio_balloon.c
> +++ b/drivers/virtio/virtio_balloon.c
> @@ -52,6 +52,7 @@ enum virtio_balloon_vq {
>   VIRTIO_BALLOON_VQ_STATS,
>   VIRTIO_BALLOON_VQ_FREE_PAGE,
>   VIRTIO_BALLOON_VQ_REPORTING,
> + VIRTIO_BALLOON_VQ_RECOVER,
>   VIRTIO_BALLOON_VQ_MAX
>  };
>  
> @@ -59,6 +60,12 @@ enum virtio_balloon_config_read {
>   VIRTIO_BALLOON_CONFIG_READ_CMD_ID = 0,
>  };
>  
> +/* the request body to commucate with host side */
> +struct __virtio_balloon_recover {
> + struct virtio_balloon_recover vbr;
> + __virtio32 pfns[VIRTIO_BALLOON_PAGES_PER_PAGE];
> +};
> +


I don't think this idea of passing 32 bit pfns is going to fly.
What is wrong with just passing the pages normally as a s/g list?
this is what is done for the hints at the moment.

neither should you use __virtio types for new functionality
(should all be __le), nor use __virtio for the struct name.



>  struct virtio_balloon {
>   struct virtio_device *vdev;
>   struct virtqueue *inflate_vq, *deflate_vq, *stats_vq, *free_page_vq;
> @@ -126,6 +133,16 @@ struct virtio_balloon {
>   /* Free page reporting device */
>   struct virtqueue *reporting_vq;
>   struct page_reporting_dev_info pr_dev_info;
> +
> + /* Memory recover VQ - VIRTIO_BALLOON_F_RECOVER */
> + struct virtqueue *recover_vq;
> + spinlock_t recover_vq_lock;
> + struct notifier_block memory_failure_nb;
> + struct list_head corrupted_page_list;
> + struct list_head recovered_page_list;
> + spinlock_t recover_page_list_lock;
> + struct __virtio_balloon_recover in_vbr;
> + struct work_struct unpoison_memory_work;
>  };
>  
>  static const struct virtio_device_id id_table[] = {
> @@ -494,6 +511,198 @@ static void update_balloon_size_func(struct work_struct 
> *work)
>   queue_work(system_freezable_wq, work);
>  }
>  
> +/*
> + * virtballoon_memory_failure - notified by memory failure, try to fix the
> + *  corrupted page.
> + * The memory failure notifier is designed to call back when the kernel 
> handled
> + * successfully only, WARN_ON_ONCE on the unlikely condition to find out any
> + * error(memory error handling is a best effort, not 100% coverd).

covered

> + */
> +static int virtballoon_memory_failure(struct notifier_block *notifier,
> +   unsigned long pfn, void *parm)
> +{
> + struct virtio_balloon *vb = container_of(notifier, struct 
> virtio_balloon,
> +  memory_failure_nb);
> + struct page *page;
> + struct __virtio_balloon_recover 

Re: [PULL v2 75/86] include/hw/pci/pcie_host: Correct PCIE_MMCFG_SIZE_MAX

2022-05-26 Thread Michael S. Tsirkin
tanding may still be lacking on how this should work.
> > 
> > > Zoltan, I wasn't able to amend to quickly amend the code in a way
> > > that I could preserve the current PCIE_MMCFG_SIZE_MAX setting and
> > > make sam460ex work again. Can you please take a look?
> > 
> > The PCIe controllers of the 460EX are implemented at the end of
> > hw/ppc/ppc440_uc.c (a lot of these 4xx SoCs are sharing components and
> > the code organisation is a bit messy). As the comment near it says it's
> > not really fully tested and working. only good enough for firmware and
> > OSes get past testing it. I think trying to attach any device to it
> > probably would fail or I would be surprised if the OS could actually
> > talk to it as there may be some missing parts. So I'm happy with any
> > solution that keeps the current state of being able to boot the OSes
> > running on it (some of which like AmigaOS and MorphOS are closed source
> > though so I don't know what their drivers need; closest open source OS
> > to them is AROS but not sure that's working on real hardware). Some
> > advice from somebody more knowledgeable about PCIe emulation in QEMU
> > would be welcome here.
> > 
> > Regards,
> > BALATON Zoltan
> > 
> > > 
> > > Thanks,
> > > 
> > > 
> > > Daniel
> > > 
> > > 
> > > 
> > > On 5/16/22 17:55, Michael S. Tsirkin wrote:
> > > > From: Francisco Iglesias 
> > > > 
> > > > According to 7.2.2 in [1] bit 27 is the last bit that can be part of the
> > > > bus number, this makes the ECAM max size equal to '1 << 28'. This patch
> > > > restores back this value into the PCIE_MMCFG_SIZE_MAX define (which was
> > > > changed in commit 58d5b22bbd5 ("ppc4xx: Add device models found in 
> > > > PPC440
> > > > core SoCs")).
> > > > 
> > > > [1] PCI Express® Base Specification Revision 5.0 Version 1.0
> > > > 
> > > > Signed-off-by: Francisco Iglesias 
> > > > Message-Id: <20220411221836.17699-3-frasse.igles...@gmail.com>
> > > > Reviewed-by: Michael S. Tsirkin 
> > > > Signed-off-by: Michael S. Tsirkin 
> > > > ---
> > > >   include/hw/pci/pcie_host.h | 2 +-
> > > >   1 file changed, 1 insertion(+), 1 deletion(-)
> > > > 
> > > > diff --git a/include/hw/pci/pcie_host.h b/include/hw/pci/pcie_host.h
> > > > index b3c8ce973c..82d92177da 100644
> > > > --- a/include/hw/pci/pcie_host.h
> > > > +++ b/include/hw/pci/pcie_host.h
> > > > @@ -65,7 +65,7 @@ void pcie_host_mmcfg_update(PCIExpressHost *e,
> > > >* bit 12 - 14: function number
> > > >* bit  0 - 11: offset in configuration space of a given device
> > > >*/
> > > > -#define PCIE_MMCFG_SIZE_MAX (1ULL << 29)
> > > > +#define PCIE_MMCFG_SIZE_MAX (1ULL << 28)
> > > >   #define PCIE_MMCFG_SIZE_MIN (1ULL << 20)
> > > >   #define PCIE_MMCFG_BUS_BIT  20
> > > >   #define PCIE_MMCFG_BUS_MASK 0xff
> > > 
> > 




Re: [PATCH v14 5/8] qmp: decode feature & status bits in virtio-status

2022-05-26 Thread Michael S. Tsirkin
On Thu, May 19, 2022 at 02:30:43AM -0400, Jonah Palmer wrote:
> 
> On 5/16/22 16:26, Michael S. Tsirkin wrote:
> 
> On Fri, Apr 01, 2022 at 09:23:22AM -0400, Jonah Palmer wrote:
> 
> From: Laurent Vivier 
> 
> Display feature names instead of bitmaps for host, guest, and
> backend for VirtIODevices.
> 
> Display status names instead of bitmaps for VirtIODevices.
> 
> Display feature names instead of bitmaps for backend, protocol,
> acked, and features (hdev->features) for vhost devices.
> 
> Decode features according to device ID. Decode statuses
> according to configuration status bitmap (config_status_map).
> Decode vhost user protocol features according to vhost user
> protocol bitmap (vhost_user_protocol_map).
> 
> Transport features are on the first line. Undecoded bits (if
> any) are stored in a separate field.
> 
> Signed-off-by: Jonah Palmer 
> 
> 
> So this has several problems that I missed previously.
> First, sign off from poster is missing.
> 
> My apologies, will add missing Laurent's SOB in correct order for
> patches 3-8.
> 
> 
> 
> 
> 
> ---
>  hw/block/virtio-blk.c  |  29 
>  hw/char/virtio-serial-bus.c|  11 ++
>  hw/display/virtio-gpu.c|  18 ++
>  hw/input/virtio-input.c|  10 ++
>  hw/net/virtio-net.c|  47 +
>  hw/scsi/virtio-scsi.c  |  17 ++
>  hw/virtio/vhost-user-fs.c  |  10 ++
>  hw/virtio/vhost-user-i2c.c |  14 ++
>  hw/virtio/vhost-vsock-common.c |  10 ++
>  hw/virtio/virtio-balloon.c |  14 ++
>  hw/virtio/virtio-crypto.c  |  10 ++
>  hw/virtio/virtio-iommu.c   |  14 ++
>  hw/virtio/virtio-mem.c |  11 ++
>  hw/virtio/virtio.c | 302 
> -
>  include/hw/virtio/vhost.h  |   3 +
>  include/hw/virtio/virtio.h |  19 +++
>  qapi/virtio.json   | 156 ++---
>  17 files changed, 667 insertions(+), 28 deletions(-)
> 
> diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
> index 27c71ad316..f104603040 100644
> --- a/hw/block/virtio-blk.c
> +++ b/hw/block/virtio-blk.c
> @@ -13,6 +13,7 @@
> 
>  #include "qemu/osdep.h"
>  #include "qapi/error.h"
> +#include "qapi/qapi-visit-virtio.h"
>  #include "qemu/iov.h"
>  #include "qemu/module.h"
>  #include "qemu/error-report.h"
> @@ -33,10 +34,38 @@
>  #include "migration/qemu-file-types.h"
>  #include "hw/virtio/virtio-access.h"
>  #include "qemu/coroutine.h"
> +#include "standard-headers/linux/vhost_types.h"
> 
>  /* Config size before the discard support (hide associated config 
> fields) */
>  #define VIRTIO_BLK_CFG_SIZE offsetof(struct virtio_blk_config, \
>   max_discard_sectors)
> +
> +qmp_virtio_feature_map_t blk_map[] = {
> +#define FEATURE_ENTRY(name) \
> +{ VIRTIO_BLK_F_##name, #name }
> +FEATURE_ENTRY(SIZE_MAX),
> +FEATURE_ENTRY(SEG_MAX),
> +FEATURE_ENTRY(GEOMETRY),
> +FEATURE_ENTRY(RO),
> +FEATURE_ENTRY(BLK_SIZE),
> +FEATURE_ENTRY(TOPOLOGY),
> +FEATURE_ENTRY(MQ),
> +FEATURE_ENTRY(DISCARD),
> +FEATURE_ENTRY(WRITE_ZEROES),
> +#ifndef VIRTIO_BLK_NO_LEGACY
> +FEATURE_ENTRY(BARRIER),
> +FEATURE_ENTRY(SCSI),
> +FEATURE_ENTRY(FLUSH),
> +FEATURE_ENTRY(CONFIG_WCE),
> +#endif /* !VIRTIO_BLK_NO_LEGACY */
> +#undef FEATURE_ENTRY
> +#define FEATURE_ENTRY(name) \
> +{ VHOST_F_##name, #name }
> +FEATURE_ENTRY(LOG_ALL),
> +#undef FEATURE_ENTRY
> +{ -1, "" }
> +};
> +
>  /*
>   * Starting from the discard feature, we can use this array to 
> properly
>   * set the config size depending on the features enabled.
> diff --git a/hw/char/virtio-serial-bus.c b/hw/char/virtio-serial-bus.c
> index 7d4601cb5d..fbb31a2b16 100644
> --- a/hw/char/virtio-serial-bus.c
> +++ b/hw/char/virtio-serial-bus.c
> @@ -20,6 +20,7 @@
> 
>  #include "qemu

Re: [PATCH] hw/pci/pcie.c: Fix invalid PCI_EXP_LNKCAP setting

2022-05-19 Thread Michael S. Tsirkin
On Thu, May 19, 2022 at 10:45:59PM +0800, Wenliang Wang wrote:
> pcie_cap_fill_slot_lnk() wrongly set PCI_EXP_LNKCAP when slot speed
> and width is not set, causing strange downstream port link cap
> (Speed unknown, Width x0) and pcie devices native hotplug error on Linux:
> 
> [3.545654] pcieport :02:00.0: pciehp: link training error: status 
> 0x2000
> [3.547143] pcieport :02:00.0: pciehp: Failed to check link status
> 
> We do not touch PCI_EXP_LNKCAP when speed=0 or width=0, as pcie_cap_v1_fill()
> already do the default setting for us.
> 
> Signed-off-by: Wenliang Wang 


do we need machine type compat dance with this?
can you check whether this affects cross version
migration please?

> ---
>  hw/pci/pcie.c | 5 +
>  1 file changed, 5 insertions(+)
> 
> diff --git a/hw/pci/pcie.c b/hw/pci/pcie.c
> index 68a62da..c82e7fc 100644
> --- a/hw/pci/pcie.c
> +++ b/hw/pci/pcie.c
> @@ -92,6 +92,11 @@ static void pcie_cap_fill_slot_lnk(PCIDevice *dev)
>  return;
>  }
>  
> +/* Use default LNKCAP setting */
> +if (s->speed == 0 || s->width == 0) {
> +return;
> +}
> +
>  /* Clear and fill LNKCAP from what was configured above */
>  pci_long_test_and_clear_mask(exp_cap + PCI_EXP_LNKCAP,
>   PCI_EXP_LNKCAP_MLW | PCI_EXP_LNKCAP_SLS);
> -- 
> 2.7.4




Re: [PATCH 28/35] acpi: pvpanic-isa: use AcpiDevAmlIfClass:build_dev_aml to provide device's AML

2022-05-18 Thread Michael S. Tsirkin
On Tue, May 17, 2022 at 10:13:51AM +0200, Gerd Hoffmann wrote:
> That problem isn't new and we already have a bunch of aml_* stubs
> because of that.  I expect it'll work just fine, at worst we'll
> have to add a stub or two in case some calls are not covered yet.

Right but adding these stubs is a bother, we keep missing some.
If possible I'd like the solution to be cleaner than the status quo.
Is adding a wrapper instead of setting a method directly such
a big problem really?

-- 
MST




[PULL v2 85/86] virtio-net: don't handle mq request in userspace handler for vhost-vdpa

2022-05-16 Thread Michael S. Tsirkin
From: Si-Wei Liu 

virtio_queue_host_notifier_read() tends to read pending event
left behind on ioeventfd in the vhost_net_stop() path, and
attempts to handle outstanding kicks from userspace vq handler.
However, in the ctrl_vq handler, virtio_net_handle_mq() has a
recursive call into virtio_net_set_status(), which may lead to
segmentation fault as shown in below stack trace:

0  0x55f800df1780 in qdev_get_parent_bus (dev=0x0) at ../hw/core/qdev.c:376
1  0x55f800c68ad8 in virtio_bus_device_iommu_enabled (vdev=vdev@entry=0x0) 
at ../hw/virtio/virtio-bus.c:331
2  0x55f800d70d7f in vhost_memory_unmap (dev=) at 
../hw/virtio/vhost.c:318
3  0x55f800d70d7f in vhost_memory_unmap (dev=, 
buffer=0x7fc19bec5240, len=2052, is_write=1, access_len=2052) at 
../hw/virtio/vhost.c:336
4  0x55f800d71867 in vhost_virtqueue_stop (dev=dev@entry=0x55f8037ccc30, 
vdev=vdev@entry=0x55f8044ec590, vq=0x55f8037cceb0, idx=0) at 
../hw/virtio/vhost.c:1241
5  0x55f800d7406c in vhost_dev_stop (hdev=hdev@entry=0x55f8037ccc30, 
vdev=vdev@entry=0x55f8044ec590) at ../hw/virtio/vhost.c:1839
6  0x55f800bf00a7 in vhost_net_stop_one (net=0x55f8037ccc30, 
dev=0x55f8044ec590) at ../hw/net/vhost_net.c:315
7  0x55f800bf0678 in vhost_net_stop (dev=dev@entry=0x55f8044ec590, 
ncs=0x55f80452bae0, data_queue_pairs=data_queue_pairs@entry=7, cvq=cvq@entry=1)
   at ../hw/net/vhost_net.c:423
8  0x55f800d4e628 in virtio_net_set_status (status=, 
n=0x55f8044ec590) at ../hw/net/virtio-net.c:296
9  0x55f800d4e628 in virtio_net_set_status (vdev=vdev@entry=0x55f8044ec590, 
status=15 '\017') at ../hw/net/virtio-net.c:370
10 0x55f800d534d8 in virtio_net_handle_ctrl (iov_cnt=, 
iov=, cmd=0 '\000', n=0x55f8044ec590) at 
../hw/net/virtio-net.c:1408
11 0x55f800d534d8 in virtio_net_handle_ctrl (vdev=0x55f8044ec590, 
vq=0x7fc1a7e888d0) at ../hw/net/virtio-net.c:1452
12 0x55f800d69f37 in virtio_queue_host_notifier_read (vq=0x7fc1a7e888d0) at 
../hw/virtio/virtio.c:2331
13 0x55f800d69f37 in virtio_queue_host_notifier_read 
(n=n@entry=0x7fc1a7e8894c) at ../hw/virtio/virtio.c:3575
14 0x55f800c688e6 in virtio_bus_cleanup_host_notifier (bus=, 
n=n@entry=14) at ../hw/virtio/virtio-bus.c:312
15 0x55f800d73106 in vhost_dev_disable_notifiers 
(hdev=hdev@entry=0x55f8035b51b0, vdev=vdev@entry=0x55f8044ec590)
   at ../../../include/hw/virtio/virtio-bus.h:35
16 0x55f800bf00b2 in vhost_net_stop_one (net=0x55f8035b51b0, 
dev=0x55f8044ec590) at ../hw/net/vhost_net.c:316
17 0x55f800bf0678 in vhost_net_stop (dev=dev@entry=0x55f8044ec590, 
ncs=0x55f80452bae0, data_queue_pairs=data_queue_pairs@entry=7, cvq=cvq@entry=1)
   at ../hw/net/vhost_net.c:423
18 0x55f800d4e628 in virtio_net_set_status (status=, 
n=0x55f8044ec590) at ../hw/net/virtio-net.c:296
19 0x55f800d4e628 in virtio_net_set_status (vdev=0x55f8044ec590, status=15 
'\017') at ../hw/net/virtio-net.c:370
20 0x55f800d6c4b2 in virtio_set_status (vdev=0x55f8044ec590, val=) at ../hw/virtio/virtio.c:1945
21 0x55f800d11d9d in vm_state_notify (running=running@entry=false, 
state=state@entry=RUN_STATE_SHUTDOWN) at ../softmmu/runstate.c:333
22 0x55f800d04e7a in do_vm_stop (state=state@entry=RUN_STATE_SHUTDOWN, 
send_stop=send_stop@entry=false) at ../softmmu/cpus.c:262
23 0x55f800d04e99 in vm_shutdown () at ../softmmu/cpus.c:280
24 0x55f800d126af in qemu_cleanup () at ../softmmu/runstate.c:812
25 0x55f800ad5b13 in main (argc=, argv=, 
envp=) at ../softmmu/main.c:51

For now, temporarily disable handling MQ request from the ctrl_vq
userspace hanlder to avoid the recursive virtio_net_set_status()
call. Some rework is needed to allow changing the number of
queues without going through a full virtio_net_set_status cycle,
particularly for vhost-vdpa backend.

This patch will need to be reverted as soon as future patches of
having the change of #queues handled in userspace is merged.

Fixes: 402378407db ("vhost-vdpa: multiqueue support")
Signed-off-by: Si-Wei Liu 
Acked-by: Jason Wang 
Message-Id: <1651890498-24478-8-git-send-email-si-wei@oracle.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 hw/net/virtio-net.c | 13 +
 1 file changed, 13 insertions(+)

diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index 1ea524ff09..7ad948ee7c 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -1381,6 +1381,7 @@ static int virtio_net_handle_mq(VirtIONet *n, uint8_t cmd,
 {
 VirtIODevice *vdev = VIRTIO_DEVICE(n);
 uint16_t queue_pairs;
+NetClientState *nc = qemu_get_queue(n->nic);
 
 virtio_net_disable_rss(n);
 if (cmd == VIRTIO_NET_CTRL_MQ_HASH_CONFIG) {
@@ -1412,6 +1413,18 @@ static int virtio_net_handle_mq(VirtIONet *n, uint8_t 
cmd,
 return VIRTIO_NET_ERR;
 }
 
+/* Avoid changing the number of queue_pairs for vdpa device in
+ * userspace handler. A future fix is needed to handle the mq
+ * change in userspace handler with vhost-

[PULL v2 81/86] vhost-vdpa: fix improper cleanup in net_init_vhost_vdpa

2022-05-16 Thread Michael S. Tsirkin
From: Si-Wei Liu 

... such that no memory leaks on dangling net clients in case of
error.

Signed-off-by: Si-Wei Liu 
Acked-by: Jason Wang 
Message-Id: <1651890498-24478-4-git-send-email-si-wei@oracle.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 net/vhost-vdpa.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/net/vhost-vdpa.c b/net/vhost-vdpa.c
index 1e9fe47c03..df1e69ee72 100644
--- a/net/vhost-vdpa.c
+++ b/net/vhost-vdpa.c
@@ -306,7 +306,9 @@ int net_init_vhost_vdpa(const Netdev *netdev, const char 
*name,
 
 err:
 if (i) {
-qemu_del_net_client(ncs[0]);
+for (i--; i >= 0; i--) {
+qemu_del_net_client(ncs[i]);
+}
 }
 qemu_close(vdpa_device_fd);
 
-- 
MST




[PULL v2 86/86] vhost-user-scsi: avoid unlink(NULL) with fd passing

2022-05-16 Thread Michael S. Tsirkin
From: Stefan Hajnoczi 

Commit 747421e949fc1eb3ba66b5fcccdb7ba051918241 ("Implements Backend
Program conventions for vhost-user-scsi") introduced fd-passing support
as part of implementing the vhost-user backend program conventions.

When fd passing is used the UNIX domain socket path is NULL and we must
not call unlink(2).

The unlink(2) call is necessary when the listen socket, lsock, was
created successfully since that means the UNIX domain socket is visible
in the file system.

Fixes: Coverity CID 1488353
Fixes: 747421e949fc1eb3ba66b5fcccdb7ba051918241 ("Implements Backend Program 
conventions for vhost-user-scsi")
Signed-off-by: Stefan Hajnoczi 
Message-Id: <20220516155701.1789638-1-stefa...@redhat.com>
Reviewed-by: Raphael Norwitz 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 contrib/vhost-user-scsi/vhost-user-scsi.c | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/contrib/vhost-user-scsi/vhost-user-scsi.c 
b/contrib/vhost-user-scsi/vhost-user-scsi.c
index b2c0f98253..9ef61cf5a7 100644
--- a/contrib/vhost-user-scsi/vhost-user-scsi.c
+++ b/contrib/vhost-user-scsi/vhost-user-scsi.c
@@ -433,13 +433,16 @@ out:
 if (vdev_scsi) {
 g_main_loop_unref(vdev_scsi->loop);
 g_free(vdev_scsi);
-unlink(opt_socket_path);
 }
 if (csock >= 0) {
 close(csock);
 }
 if (lsock >= 0) {
 close(lsock);
+
+if (opt_socket_path) {
+unlink(opt_socket_path);
+}
 }
 g_free(opt_socket_path);
 g_free(iscsi_uri);
-- 
MST




[PULL v2 77/86] hw/i386: Make pic a property of common x86 base machine type

2022-05-16 Thread Michael S. Tsirkin
From: Xiaoyao Li 

Legacy PIC (8259) cannot be supported for TDX guests since TDX module
doesn't allow directly interrupt injection.  Using posted interrupts
for the PIC is not a viable option as the guest BIOS/kernel will not
do EOI for PIC IRQs, i.e. will leave the vIRR bit set.

Make PIC the property of common x86 machine type. Hence all x86
machines, including microvm, can disable it.

Signed-off-by: Xiaoyao Li 
Reviewed-by: Sergio Lopez 
Message-Id: <20220310122811.807794-3-xiaoyao...@intel.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/hw/i386/microvm.h |  2 --
 include/hw/i386/x86.h |  2 ++
 hw/i386/microvm.c | 27 +--
 hw/i386/pc_piix.c |  4 +++-
 hw/i386/pc_q35.c  |  4 +++-
 hw/i386/x86.c | 25 +
 6 files changed, 34 insertions(+), 30 deletions(-)

diff --git a/include/hw/i386/microvm.h b/include/hw/i386/microvm.h
index 83f9ac0b2a..fad97a891d 100644
--- a/include/hw/i386/microvm.h
+++ b/include/hw/i386/microvm.h
@@ -67,7 +67,6 @@
 #define PCIE_ECAM_SIZE0x1000
 
 /* Machine type options */
-#define MICROVM_MACHINE_PIC "pic"
 #define MICROVM_MACHINE_RTC "rtc"
 #define MICROVM_MACHINE_PCIE"pcie"
 #define MICROVM_MACHINE_IOAPIC2 "ioapic2"
@@ -85,7 +84,6 @@ struct MicrovmMachineState {
 X86MachineState parent;
 
 /* Machine type options */
-OnOffAuto pic;
 OnOffAuto rtc;
 OnOffAuto pcie;
 OnOffAuto ioapic2;
diff --git a/include/hw/i386/x86.h b/include/hw/i386/x86.h
index b81fce54a0..9089bdd99c 100644
--- a/include/hw/i386/x86.h
+++ b/include/hw/i386/x86.h
@@ -66,6 +66,7 @@ struct X86MachineState {
 OnOffAuto smm;
 OnOffAuto acpi;
 OnOffAuto pit;
+OnOffAuto pic;
 
 char *oem_id;
 char *oem_table_id;
@@ -86,6 +87,7 @@ struct X86MachineState {
 #define X86_MACHINE_SMM  "smm"
 #define X86_MACHINE_ACPI "acpi"
 #define X86_MACHINE_PIT  "pit"
+#define X86_MACHINE_PIC  "pic"
 #define X86_MACHINE_OEM_ID   "x-oem-id"
 #define X86_MACHINE_OEM_TABLE_ID "x-oem-table-id"
 #define X86_MACHINE_BUS_LOCK_RATELIMIT  "bus-lock-ratelimit"
diff --git a/hw/i386/microvm.c b/hw/i386/microvm.c
index 89b555a2f5..754f1d0593 100644
--- a/hw/i386/microvm.c
+++ b/hw/i386/microvm.c
@@ -247,7 +247,7 @@ static void microvm_devices_init(MicrovmMachineState *mms)
 x86ms->pci_irq_mask = 0;
 }
 
-if (mms->pic == ON_OFF_AUTO_ON || mms->pic == ON_OFF_AUTO_AUTO) {
+if (x86ms->pic == ON_OFF_AUTO_ON || x86ms->pic == ON_OFF_AUTO_AUTO) {
 qemu_irq *i8259;
 
 i8259 = i8259_init(isa_bus, x86_allocate_cpu_irq());
@@ -491,23 +491,6 @@ static void microvm_machine_reset(MachineState *machine)
 }
 }
 
-static void microvm_machine_get_pic(Object *obj, Visitor *v, const char *name,
-void *opaque, Error **errp)
-{
-MicrovmMachineState *mms = MICROVM_MACHINE(obj);
-OnOffAuto pic = mms->pic;
-
-visit_type_OnOffAuto(v, name, , errp);
-}
-
-static void microvm_machine_set_pic(Object *obj, Visitor *v, const char *name,
-void *opaque, Error **errp)
-{
-MicrovmMachineState *mms = MICROVM_MACHINE(obj);
-
-visit_type_OnOffAuto(v, name, >pic, errp);
-}
-
 static void microvm_machine_get_rtc(Object *obj, Visitor *v, const char *name,
 void *opaque, Error **errp)
 {
@@ -632,7 +615,6 @@ static void microvm_machine_initfn(Object *obj)
 MicrovmMachineState *mms = MICROVM_MACHINE(obj);
 
 /* Configuration */
-mms->pic = ON_OFF_AUTO_AUTO;
 mms->rtc = ON_OFF_AUTO_AUTO;
 mms->pcie = ON_OFF_AUTO_AUTO;
 mms->ioapic2 = ON_OFF_AUTO_AUTO;
@@ -684,13 +666,6 @@ static void microvm_class_init(ObjectClass *oc, void *data)
 
 x86mc->fwcfg_dma_enabled = true;
 
-object_class_property_add(oc, MICROVM_MACHINE_PIC, "OnOffAuto",
-  microvm_machine_get_pic,
-  microvm_machine_set_pic,
-  NULL, NULL);
-object_class_property_set_description(oc, MICROVM_MACHINE_PIC,
-"Enable i8259 PIC");
-
 object_class_property_add(oc, MICROVM_MACHINE_RTC, "OnOffAuto",
   microvm_machine_get_rtc,
   microvm_machine_set_rtc,
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index f843dd906f..578e537b35 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -218,7 +218,9 @@ static void pc_init1(MachineState *machine,
 }
 isa_bus_irqs(isa_bus, x86ms->gsi);
 
-pc_i8259_create(isa_bus, gsi_state->i8259_irq);
+if (x86ms->pic == ON_OFF_AUTO_ON || x86ms->pic

  1   2   3   4   5   6   7   8   9   10   >