rpms/qemu-kvm
7
0
Fork 0
Code Issues Pull Requests Releases Activity

* Mon Feb 10 2020 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 4.2.0-9.el8

Browse Source 
- kvm-ppc-Deassert-the-external-interrupt-pin-in-KVM-on-re.patch [bz#1776638]
- kvm-xics-Don-t-deassert-outputs.patch [bz#1776638]
- kvm-ppc-Don-t-use-CPUPPCState-irq_input_state-with-moder.patch [bz#1776638]
- kvm-trace-update-qemu-trace-stap-to-Python-3.patch [bz#1787395]
- kvm-redhat-Remove-redundant-fix-for-qemu-trace-stap.patch [bz#1787395]
- kvm-iscsi-Cap-block-count-from-GET-LBA-STATUS-CVE-2020-1.patch [bz#1794503]
- kvm-tpm-ppi-page-align-PPI-RAM.patch [bz#1787444]
- kvm-target-arm-kvm-trivial-Clean-up-header-documentation.patch [bz#1647366]
- kvm-target-arm-kvm64-kvm64-cpus-have-timer-registers.patch [bz#1647366]
- kvm-tests-arm-cpu-features-Check-feature-default-values.patch [bz#1647366]
- kvm-target-arm-kvm-Implement-virtual-time-adjustment.patch [bz#1647366]
- kvm-target-arm-cpu-Add-the-kvm-no-adjvtime-CPU-property.patch [bz#1647366]
- kvm-migration-Define-VMSTATE_INSTANCE_ID_ANY.patch [bz#1529231]
- kvm-migration-Change-SaveStateEntry.instance_id-into-uin.patch [bz#1529231]
- kvm-apic-Use-32bit-APIC-ID-for-migration-instance-ID.patch [bz#1529231]
- Resolves: bz#1529231
  ([q35] VM hangs after migration with 200 vCPUs)
- Resolves: bz#1647366
  (aarch64: Add support for the kvm-no-adjvtime ARM CPU feature)
- Resolves: bz#1776638
  (Guest failed to boot up after system_reset  20 times)
- Resolves: bz#1787395
  (qemu-trace-stap list : TypeError: startswith first arg must be bytes or a tuple of bytes, not str)
- Resolves: bz#1787444
  (Broken postcopy migration with vTPM device)
- Resolves: bz#1794503
  (CVE-2020-1711 qemu-kvm: QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server [rhel-av-8.2.0])
This commit is contained in:
Danilo C. L. de Paula 2020-02-10 22:47:04 +00:00
parent a5bd08701a
commit 6ca2f341c2
15 changed files with 2020 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
kvm-apic-Use-32bit-APIC-ID-for-migration-instance-ID.patch Normal file
View File

@ -0,0 +1,62 @@
From 0d5a09173eb75b7e56122c2aefb2646a2be58400 Mon Sep 17 00:00:00 2001
From: Peter Xu <peterx@redhat.com>
Date: Fri, 31 Jan 2020 17:12:57 +0000
Subject: [PATCH 15/15] apic: Use 32bit APIC ID for migration instance ID
RH-Author: Peter Xu <peterx@redhat.com>
Message-id: <20200131171257.1066593-4-peterx@redhat.com>
Patchwork-id: 93628
O-Subject: [RHEL-AV-8.2.0 qemu-kvm PATCH 3/3] apic: Use 32bit APIC ID for migration instance ID
Bugzilla: 1529231
RH-Acked-by: Eduardo Habkost <ehabkost@redhat.com>
RH-Acked-by: Juan Quintela <quintela@redhat.com>
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Migration is silently broken now with x2apic config like this:
-smp 200,maxcpus=288,sockets=2,cores=72,threads=2 \
-device intel-iommu,intremap=on,eim=on
After migration, the guest kernel could hang at anything, due to
x2apic bit not migrated correctly in IA32_APIC_BASE on some vcpus, so
any operations related to x2apic could be broken then (e.g., RDMSR on
x2apic MSRs could fail because KVM would think that the vcpu hasn't
enabled x2apic at all).
The issue is that the x2apic bit was never applied correctly for vcpus
whose ID > 255 when migrate completes, and that's because when we
migrate APIC we use the APICCommonState.id as instance ID of the
migration stream, while that's too short for x2apic.
Let's use the newly introduced initial_apic_id for that.
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
(cherry picked from commit 0ab994867c365db21e15f9503922c79234d8e40e)
Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
hw/intc/apic_common.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/hw/intc/apic_common.c b/hw/intc/apic_common.c
index 54b8731..b5dbeb6 100644
--- a/hw/intc/apic_common.c
+++ b/hw/intc/apic_common.c
@@ -268,7 +268,10 @@ static void apic_common_realize(DeviceState *dev, Error **errp)
APICCommonState *s = APIC_COMMON(dev);
APICCommonClass *info;
static DeviceState *vapic;
- uint32_t instance_id = s->id;
+ uint32_t instance_id = s->initial_apic_id;
+
+ /* Normally initial APIC ID should be no more than hundreds */
+ assert(instance_id != VMSTATE_INSTANCE_ID_ANY);
info = APIC_COMMON_GET_CLASS(s);
info->realize(dev, errp);
--
1.8.3.1

79
kvm-iscsi-Cap-block-count-from-GET-LBA-STATUS-CVE-2020-1.patch Normal file
View File

@ -0,0 +1,79 @@
From 1c508d56d154caf5fbf53e7dabafd707236cb16b Mon Sep 17 00:00:00 2001
From: jmaloy <jmaloy@redhat.com>
Date: Wed, 29 Jan 2020 13:45:18 +0000
Subject: [PATCH 06/15] iscsi: Cap block count from GET LBA STATUS
(CVE-2020-1711)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: jmaloy <jmaloy@redhat.com>
Message-id: <20200129134518.1293-2-jmaloy@redhat.com>
Patchwork-id: 93571
O-Subject: [RHEL-AV-8.2.0 qemu-kvm PATCH 1/1] iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711)
Bugzilla: 1794503
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
RH-Acked-by: Kevin Wolf <kwolf@redhat.com>
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
From: Felipe Franciosi <felipe@nutanix.com>
When querying an iSCSI server for the provisioning status of blocks (via
GET LBA STATUS), Qemu only validates that the response descriptor zero's
LBA matches the one requested. Given the SCSI spec allows servers to
respond with the status of blocks beyond the end of the LUN, Qemu may
have its heap corrupted by clearing/setting too many bits at the end of
its allocmap for the LUN.
A malicious guest in control of the iSCSI server could carefully program
Qemu's heap (by selectively setting the bitmap) and then smash it.
This limits the number of bits that iscsi_co_block_status() will try to
update in the allocmap so it can't overflow the bitmap.
Fixes: CVE-2020-1711
Cc: qemu-stable@nongnu.org
Signed-off-by: Felipe Franciosi <felipe@nutanix.com>
Signed-off-by: Peter Turschmid <peter.turschm@nutanix.com>
Signed-off-by: Raphael Norwitz <raphael.norwitz@nutanix.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit 693fd2acdf14dd86c0bf852610f1c2cca80a74dc)
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
block/iscsi.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/block/iscsi.c b/block/iscsi.c
index 2aea7e3..cbd5729 100644
--- a/block/iscsi.c
+++ b/block/iscsi.c
@@ -701,7 +701,7 @@ static int coroutine_fn iscsi_co_block_status(BlockDriverState *bs,
struct scsi_get_lba_status *lbas = NULL;
struct scsi_lba_status_descriptor *lbasd = NULL;
struct IscsiTask iTask;
- uint64_t lba;
+ uint64_t lba, max_bytes;
int ret;
iscsi_co_init_iscsitask(iscsilun, &iTask);
@@ -721,6 +721,7 @@ static int coroutine_fn iscsi_co_block_status(BlockDriverState *bs,
}
lba = offset / iscsilun->block_size;
+ max_bytes = (iscsilun->num_blocks - lba) * iscsilun->block_size;
qemu_mutex_lock(&iscsilun->mutex);
retry:
@@ -764,7 +765,7 @@ retry:
goto out_unlock;
}
- *pnum = (int64_t) lbasd->num_blocks * iscsilun->block_size;
+ *pnum = MIN((int64_t) lbasd->num_blocks * iscsilun->block_size, max_bytes);
if (lbasd->provisioning == SCSI_PROVISIONING_TYPE_DEALLOCATED ||
lbasd->provisioning == SCSI_PROVISIONING_TYPE_ANCHORED) {
--
1.8.3.1

179
kvm-migration-Change-SaveStateEntry.instance_id-into-uin.patch Normal file
View File

@ -0,0 +1,179 @@
From 38a032829b6b8d523b4cee05f732031e66fc2e41 Mon Sep 17 00:00:00 2001
From: Peter Xu <peterx@redhat.com>
Date: Fri, 31 Jan 2020 17:12:56 +0000
Subject: [PATCH 14/15] migration: Change SaveStateEntry.instance_id into
uint32_t
RH-Author: Peter Xu <peterx@redhat.com>
Message-id: <20200131171257.1066593-3-peterx@redhat.com>
Patchwork-id: 93629
O-Subject: [RHEL-AV-8.2.0 qemu-kvm PATCH 2/3] migration: Change SaveStateEntry.instance_id into uint32_t
Bugzilla: 1529231
RH-Acked-by: Eduardo Habkost <ehabkost@redhat.com>
RH-Acked-by: Juan Quintela <quintela@redhat.com>
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
It was always used as 32bit, so define it as used to be clear.
Instead of using -1 as the auto-gen magic value, we switch to
UINT32_MAX. We also make sure that we don't auto-gen this value to
avoid overflowed instance IDs without being noticed.
Suggested-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
(cherry picked from commit 93062e23619e057743757ee53bf7f8e07f7a3710)
Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
Conflicts:
include/migration/vmstate.h
migration/savevm.c
stubs/vmstate.c
Due to missing 3cad405bab ("vmstate: replace DeviceState with
VMStateIf", 2020-01-06)
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
hw/intc/apic_common.c | 2 +-
include/migration/register.h | 2 +-
include/migration/vmstate.h | 2 +-
migration/savevm.c | 18 ++++++++++--------
stubs/vmstate.c | 2 +-
5 files changed, 14 insertions(+), 12 deletions(-)
diff --git a/hw/intc/apic_common.c b/hw/intc/apic_common.c
index f2c3a7f..54b8731 100644
--- a/hw/intc/apic_common.c
+++ b/hw/intc/apic_common.c
@@ -268,7 +268,7 @@ static void apic_common_realize(DeviceState *dev, Error **errp)
APICCommonState *s = APIC_COMMON(dev);
APICCommonClass *info;
static DeviceState *vapic;
- int instance_id = s->id;
+ uint32_t instance_id = s->id;
info = APIC_COMMON_GET_CLASS(s);
info->realize(dev, errp);
diff --git a/include/migration/register.h b/include/migration/register.h
index a13359a..f3ba10b 100644
--- a/include/migration/register.h
+++ b/include/migration/register.h
@@ -69,7 +69,7 @@ typedef struct SaveVMHandlers {
} SaveVMHandlers;
int register_savevm_live(const char *idstr,
- int instance_id,
+ uint32_t instance_id,
int version_id,
const SaveVMHandlers *ops,
void *opaque);
diff --git a/include/migration/vmstate.h b/include/migration/vmstate.h
index 883f1cf..296609c 100644
--- a/include/migration/vmstate.h
+++ b/include/migration/vmstate.h
@@ -1158,7 +1158,7 @@ bool vmstate_save_needed(const VMStateDescription *vmsd, void *opaque);
#define VMSTATE_INSTANCE_ID_ANY -1
/* Returns: 0 on success, -1 on failure */
-int vmstate_register_with_alias_id(DeviceState *dev, int instance_id,
+int vmstate_register_with_alias_id(DeviceState *dev, uint32_t instance_id,
const VMStateDescription *vmsd,
void *base, int alias_id,
int required_for_version,
diff --git a/migration/savevm.c b/migration/savevm.c
index e2e8e0a..a80bb52 100644
--- a/migration/savevm.c
+++ b/migration/savevm.c
@@ -233,7 +233,7 @@ typedef struct CompatEntry {
typedef struct SaveStateEntry {
QTAILQ_ENTRY(SaveStateEntry) entry;
char idstr[256];
- int instance_id;
+ uint32_t instance_id;
int alias_id;
int version_id;
/* version id read from the stream */
@@ -665,10 +665,10 @@ void dump_vmstate_json_to_file(FILE *out_file)
fclose(out_file);
}
-static int calculate_new_instance_id(const char *idstr)
+static uint32_t calculate_new_instance_id(const char *idstr)
{
SaveStateEntry *se;
- int instance_id = 0;
+ uint32_t instance_id = 0;
QTAILQ_FOREACH(se, &savevm_state.handlers, entry) {
if (strcmp(idstr, se->idstr) == 0
@@ -676,6 +676,8 @@ static int calculate_new_instance_id(const char *idstr)
instance_id = se->instance_id + 1;
}
}
+ /* Make sure we never loop over without being noticed */
+ assert(instance_id != VMSTATE_INSTANCE_ID_ANY);
return instance_id;
}
@@ -730,7 +732,7 @@ static void savevm_state_handler_insert(SaveStateEntry *nse)
Meanwhile pass -1 as instance_id if you do not already have a clearly
distinguishing id for all instances of your device class. */
int register_savevm_live(const char *idstr,
- int instance_id,
+ uint32_t instance_id,
int version_id,
const SaveVMHandlers *ops,
void *opaque)
@@ -784,7 +786,7 @@ void unregister_savevm(DeviceState *dev, const char *idstr, void *opaque)
}
}
-int vmstate_register_with_alias_id(DeviceState *dev, int instance_id,
+int vmstate_register_with_alias_id(DeviceState *dev, uint32_t instance_id,
const VMStateDescription *vmsd,
void *opaque, int alias_id,
int required_for_version,
@@ -1600,7 +1602,7 @@ int qemu_save_device_state(QEMUFile *f)
return qemu_file_get_error(f);
}
-static SaveStateEntry *find_se(const char *idstr, int instance_id)
+static SaveStateEntry *find_se(const char *idstr, uint32_t instance_id)
{
SaveStateEntry *se;
@@ -2267,7 +2269,7 @@ qemu_loadvm_section_start_full(QEMUFile *f, MigrationIncomingState *mis)
/* Find savevm section */
se = find_se(idstr, instance_id);
if (se == NULL) {
- error_report("Unknown savevm section or instance '%s' %d. "
+ error_report("Unknown savevm section or instance '%s' %"PRIu32". "
"Make sure that your current VM setup matches your "
"saved VM setup, including any hotplugged devices",
idstr, instance_id);
@@ -2291,7 +2293,7 @@ qemu_loadvm_section_start_full(QEMUFile *f, MigrationIncomingState *mis)
ret = vmstate_load(f, se);
if (ret < 0) {
- error_report("error while loading state for instance 0x%x of"
+ error_report("error while loading state for instance 0x%"PRIx32" of"
" device '%s'", instance_id, idstr);
return ret;
}
diff --git a/stubs/vmstate.c b/stubs/vmstate.c
index e1e89b8..4ed5cc6 100644
--- a/stubs/vmstate.c
+++ b/stubs/vmstate.c
@@ -4,7 +4,7 @@
const VMStateDescription vmstate_dummy = {};
int vmstate_register_with_alias_id(DeviceState *dev,
- int instance_id,
+ uint32_t instance_id,
const VMStateDescription *vmsd,
void *base, int alias_id,
int required_for_version,
--
1.8.3.1

257
kvm-migration-Define-VMSTATE_INSTANCE_ID_ANY.patch Normal file
View File

@ -0,0 +1,257 @@
From 2659af9267586fb626f543773bf3f844727e473b Mon Sep 17 00:00:00 2001
From: Peter Xu <peterx@redhat.com>
Date: Fri, 31 Jan 2020 17:12:55 +0000
Subject: [PATCH 13/15] migration: Define VMSTATE_INSTANCE_ID_ANY
RH-Author: Peter Xu <peterx@redhat.com>
Message-id: <20200131171257.1066593-2-peterx@redhat.com>
Patchwork-id: 93630
O-Subject: [RHEL-AV-8.2.0 qemu-kvm PATCH 1/3] migration: Define VMSTATE_INSTANCE_ID_ANY
Bugzilla: 1529231
RH-Acked-by: Eduardo Habkost <ehabkost@redhat.com>
RH-Acked-by: Juan Quintela <quintela@redhat.com>
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Define the new macro VMSTATE_INSTANCE_ID_ANY for callers who wants to
auto-generate the vmstate instance ID. Previously it was hard coded
as -1 instead of this macro. It helps to change this default value in
the follow up patches. No functional change.
Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
(cherry picked from commit 1df2c9a26fcb2fa32d099f8e9adcdae4207872e3)
Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
Conflicts:
backends/dbus-vmstate.c
File deleted
hw/core/qdev.c
hw/misc/max111x.c
hw/net/eepro100.c
Due to missing commit 3cad405bab ("vmstate: replace
DeviceState with VMStateIf", 2020-01-06)
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
hw/arm/stellaris.c | 2 +-
hw/core/qdev.c | 3 ++-
hw/display/ads7846.c | 2 +-
hw/i2c/core.c | 2 +-
hw/input/stellaris_input.c | 3 ++-
hw/intc/apic_common.c | 2 +-
hw/misc/max111x.c | 2 +-
hw/net/eepro100.c | 2 +-
hw/pci/pci.c | 2 +-
hw/ppc/spapr.c | 2 +-
hw/timer/arm_timer.c | 2 +-
hw/tpm/tpm_emulator.c | 3 ++-
include/migration/vmstate.h | 2 ++
migration/savevm.c | 8 ++++----
14 files changed, 21 insertions(+), 16 deletions(-)
diff --git a/hw/arm/stellaris.c b/hw/arm/stellaris.c
index b198066..bb025e0 100644
--- a/hw/arm/stellaris.c
+++ b/hw/arm/stellaris.c
@@ -708,7 +708,7 @@ static int stellaris_sys_init(uint32_t base, qemu_irq irq,
memory_region_init_io(&s->iomem, NULL, &ssys_ops, s, "ssys", 0x00001000);
memory_region_add_subregion(get_system_memory(), base, &s->iomem);
ssys_reset(s);
- vmstate_register(NULL, -1, &vmstate_stellaris_sys, s);
+ vmstate_register(NULL, VMSTATE_INSTANCE_ID_ANY, &vmstate_stellaris_sys, s);
return 0;
}
diff --git a/hw/core/qdev.c b/hw/core/qdev.c
index cf1ba28..40f6b2b 100644
--- a/hw/core/qdev.c
+++ b/hw/core/qdev.c
@@ -890,7 +890,8 @@ static void device_set_realized(Object *obj, bool value, Error **errp)
dev->canonical_path = object_get_canonical_path(OBJECT(dev));
if (qdev_get_vmsd(dev)) {
- if (vmstate_register_with_alias_id(dev, -1, qdev_get_vmsd(dev), dev,
+ if (vmstate_register_with_alias_id(dev, VMSTATE_INSTANCE_ID_ANY,
+ qdev_get_vmsd(dev), dev,
dev->instance_id_alias,
dev->alias_required_for_version,
&local_err) < 0) {
diff --git a/hw/display/ads7846.c b/hw/display/ads7846.c
index c12272a..9228b40 100644
--- a/hw/display/ads7846.c
+++ b/hw/display/ads7846.c
@@ -154,7 +154,7 @@ static void ads7846_realize(SSISlave *d, Error **errp)
ads7846_int_update(s);
- vmstate_register(NULL, -1, &vmstate_ads7846, s);
+ vmstate_register(NULL, VMSTATE_INSTANCE_ID_ANY, &vmstate_ads7846, s);
}
static void ads7846_class_init(ObjectClass *klass, void *data)
diff --git a/hw/i2c/core.c b/hw/i2c/core.c
index 92cd489..d770035 100644
--- a/hw/i2c/core.c
+++ b/hw/i2c/core.c
@@ -61,7 +61,7 @@ I2CBus *i2c_init_bus(DeviceState *parent, const char *name)
bus = I2C_BUS(qbus_create(TYPE_I2C_BUS, parent, name));
QLIST_INIT(&bus->current_devs);
- vmstate_register(NULL, -1, &vmstate_i2c_bus, bus);
+ vmstate_register(NULL, VMSTATE_INSTANCE_ID_ANY, &vmstate_i2c_bus, bus);
return bus;
}
diff --git a/hw/input/stellaris_input.c b/hw/input/stellaris_input.c
index 59892b0..e6ee5e1 100644
--- a/hw/input/stellaris_input.c
+++ b/hw/input/stellaris_input.c
@@ -88,5 +88,6 @@ void stellaris_gamepad_init(int n, qemu_irq *irq, const int *keycode)
}
s->num_buttons = n;
qemu_add_kbd_event_handler(stellaris_gamepad_put_key, s);
- vmstate_register(NULL, -1, &vmstate_stellaris_gamepad, s);
+ vmstate_register(NULL, VMSTATE_INSTANCE_ID_ANY,
+ &vmstate_stellaris_gamepad, s);
}
diff --git a/hw/intc/apic_common.c b/hw/intc/apic_common.c
index 375cb6a..f2c3a7f 100644
--- a/hw/intc/apic_common.c
+++ b/hw/intc/apic_common.c
@@ -284,7 +284,7 @@ static void apic_common_realize(DeviceState *dev, Error **errp)
}
if (s->legacy_instance_id) {
- instance_id = -1;
+ instance_id = VMSTATE_INSTANCE_ID_ANY;
}
vmstate_register_with_alias_id(NULL, instance_id, &vmstate_apic_common,
s, -1, 0, NULL);
diff --git a/hw/misc/max111x.c b/hw/misc/max111x.c
index a713149..81ee73e 100644
--- a/hw/misc/max111x.c
+++ b/hw/misc/max111x.c
@@ -146,7 +146,7 @@ static int max111x_init(SSISlave *d, int inputs)
s->input[7] = 0x80;
s->com = 0;
- vmstate_register(dev, -1, &vmstate_max111x, s);
+ vmstate_register(dev, VMSTATE_INSTANCE_ID_ANY, &vmstate_max111x, s);
return 0;
}
diff --git a/hw/net/eepro100.c b/hw/net/eepro100.c
index cc2dd8b..39920c6 100644
--- a/hw/net/eepro100.c
+++ b/hw/net/eepro100.c
@@ -1874,7 +1874,7 @@ static void e100_nic_realize(PCIDevice *pci_dev, Error **errp)
s->vmstate = g_memdup(&vmstate_eepro100, sizeof(vmstate_eepro100));
s->vmstate->name = qemu_get_queue(s->nic)->model;
- vmstate_register(&pci_dev->qdev, -1, s->vmstate, s);
+ vmstate_register(&pci_dev->qdev, VMSTATE_INSTANCE_ID_ANY, s->vmstate, s);
}
static void eepro100_instance_init(Object *obj)
diff --git a/hw/pci/pci.c b/hw/pci/pci.c
index cbc7a32..fed019d 100644
--- a/hw/pci/pci.c
+++ b/hw/pci/pci.c
@@ -124,7 +124,7 @@ static void pci_bus_realize(BusState *qbus, Error **errp)
bus->machine_done.notify = pcibus_machine_done;
qemu_add_machine_init_done_notifier(&bus->machine_done);
- vmstate_register(NULL, -1, &vmstate_pcibus, bus);
+ vmstate_register(NULL, VMSTATE_INSTANCE_ID_ANY, &vmstate_pcibus, bus);
}
static void pcie_bus_realize(BusState *qbus, Error **errp)
diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 8749c72..c12862d 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -3028,7 +3028,7 @@ static void spapr_machine_init(MachineState *machine)
* interface, this is a legacy from the sPAPREnvironment structure
* which predated MachineState but had a similar function */
vmstate_register(NULL, 0, &vmstate_spapr, spapr);
- register_savevm_live("spapr/htab", -1, 1,
+ register_savevm_live("spapr/htab", VMSTATE_INSTANCE_ID_ANY, 1,
&savevm_htab_handlers, spapr);
qbus_set_hotplug_handler(sysbus_get_default(), OBJECT(machine),
diff --git a/hw/timer/arm_timer.c b/hw/timer/arm_timer.c
index af524fa..beaa285 100644
--- a/hw/timer/arm_timer.c
+++ b/hw/timer/arm_timer.c
@@ -180,7 +180,7 @@ static arm_timer_state *arm_timer_init(uint32_t freq)
s->control = TIMER_CTRL_IE;
s->timer = ptimer_init(arm_timer_tick, s, PTIMER_POLICY_DEFAULT);
- vmstate_register(NULL, -1, &vmstate_arm_timer, s);
+ vmstate_register(NULL, VMSTATE_INSTANCE_ID_ANY, &vmstate_arm_timer, s);
return s;
}
diff --git a/hw/tpm/tpm_emulator.c b/hw/tpm/tpm_emulator.c
index 22f9113..da7b490 100644
--- a/hw/tpm/tpm_emulator.c
+++ b/hw/tpm/tpm_emulator.c
@@ -914,7 +914,8 @@ static void tpm_emulator_inst_init(Object *obj)
tpm_emu->cur_locty_number = ~0;
qemu_mutex_init(&tpm_emu->mutex);
- vmstate_register(NULL, -1, &vmstate_tpm_emulator, obj);
+ vmstate_register(NULL, VMSTATE_INSTANCE_ID_ANY,
+ &vmstate_tpm_emulator, obj);
}
/*
diff --git a/include/migration/vmstate.h b/include/migration/vmstate.h
index ac4f46a..883f1cf 100644
--- a/include/migration/vmstate.h
+++ b/include/migration/vmstate.h
@@ -1155,6 +1155,8 @@ int vmstate_save_state_v(QEMUFile *f, const VMStateDescription *vmsd,
bool vmstate_save_needed(const VMStateDescription *vmsd, void *opaque);
+#define VMSTATE_INSTANCE_ID_ANY -1
+
/* Returns: 0 on success, -1 on failure */
int vmstate_register_with_alias_id(DeviceState *dev, int instance_id,
const VMStateDescription *vmsd,
diff --git a/migration/savevm.c b/migration/savevm.c
index a71b930..e2e8e0a 100644
--- a/migration/savevm.c
+++ b/migration/savevm.c
@@ -750,7 +750,7 @@ int register_savevm_live(const char *idstr,
pstrcat(se->idstr, sizeof(se->idstr), idstr);
- if (instance_id == -1) {
+ if (instance_id == VMSTATE_INSTANCE_ID_ANY) {
se->instance_id = calculate_new_instance_id(se->idstr);
} else {
se->instance_id = instance_id;
@@ -817,14 +817,14 @@ int vmstate_register_with_alias_id(DeviceState *dev, int instance_id,
se->compat = g_new0(CompatEntry, 1);
pstrcpy(se->compat->idstr, sizeof(se->compat->idstr), vmsd->name);
- se->compat->instance_id = instance_id == -1 ?
+ se->compat->instance_id = instance_id == VMSTATE_INSTANCE_ID_ANY ?
calculate_compat_instance_id(vmsd->name) : instance_id;
- instance_id = -1;
+ instance_id = VMSTATE_INSTANCE_ID_ANY;
}
}
pstrcat(se->idstr, sizeof(se->idstr), vmsd->name);
- if (instance_id == -1) {
+ if (instance_id == VMSTATE_INSTANCE_ID_ANY) {
se->instance_id = calculate_new_instance_id(se->idstr);
} else {
se->instance_id = instance_id;
--
1.8.3.1

107
kvm-ppc-Deassert-the-external-interrupt-pin-in-KVM-on-re.patch Normal file
View File

@ -0,0 +1,107 @@
From 22fc9bd7e7ae0b72c6f6e483eb66cf996f519766 Mon Sep 17 00:00:00 2001
From: David Gibson <dgibson@redhat.com>
Date: Tue, 21 Jan 2020 05:16:11 +0000
Subject: [PATCH 01/15] ppc: Deassert the external interrupt pin in KVM on
reset
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: David Gibson <dgibson@redhat.com>
Message-id: <20200121051613.388295-2-dgibson@redhat.com>
Patchwork-id: 93429
O-Subject: [RHEL-AV-8.2 qemu-kvm PATCH 1/3] ppc: Deassert the external interrupt pin in KVM on reset
Bugzilla: 1776638
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-Acked-by: Laurent Vivier <lvivier@redhat.com>
RH-Acked-by: Thomas Huth <thuth@redhat.com>
From: Greg Kurz <groug@kaod.org>
When a CPU is reset, QEMU makes sure no interrupt is pending by clearing
CPUPPCstate::pending_interrupts in ppc_cpu_reset(). In the case of a
complete machine emulation, eg. a sPAPR machine, an external interrupt
request could still be pending in KVM though, eg. an IPI. It will be
eventually presented to the guest, which is supposed to acknowledge it at
the interrupt controller. If the interrupt controller is emulated in QEMU,
either XICS or XIVE, ppc_set_irq() won't deassert the external interrupt
pin in KVM since it isn't pending anymore for QEMU. When the vCPU re-enters
the guest, the interrupt request is still pending and the vCPU will try
again to acknowledge it. This causes an infinite loop and eventually hangs
the guest.
The code has been broken since the beginning. The issue wasn't hit before
because accel=kvm,kernel-irqchip=off is an awkward setup that never got
used until recently with the LC92x IBM systems (aka, Boston).
Add a ppc_irq_reset() function to do the necessary cleanup, ie. deassert
the IRQ pins of the CPU in QEMU and most importantly the external interrupt
pin for this vCPU in KVM.
Reported-by: Satheesh Rajendran <sathnaga@linux.vnet.ibm.com>
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <157548861740.3650476.16879693165328764758.stgit@bahia.lan>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
(cherry picked from commit 401774387aeb37f2ada9bb18f7c7e307b21a3e93)
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1776638
Signed-off-by: David Gibson <dgibson@redhat.com>
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
hw/ppc/ppc.c | 8 ++++++++
include/hw/ppc/ppc.h | 2 ++
target/ppc/translate_init.inc.c | 1 +
3 files changed, 11 insertions(+)
diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c
index 52a18eb..d554b64 100644
--- a/hw/ppc/ppc.c
+++ b/hw/ppc/ppc.c
@@ -1510,3 +1510,11 @@ PowerPCCPU *ppc_get_vcpu_by_pir(int pir)
return NULL;
}
+
+void ppc_irq_reset(PowerPCCPU *cpu)
+{
+ CPUPPCState *env = &cpu->env;
+
+ env->irq_input_state = 0;
+ kvmppc_set_interrupt(cpu, PPC_INTERRUPT_EXT, 0);
+}
diff --git a/include/hw/ppc/ppc.h b/include/hw/ppc/ppc.h
index 4bdcb8b..5dd7531 100644
--- a/include/hw/ppc/ppc.h
+++ b/include/hw/ppc/ppc.h
@@ -76,6 +76,7 @@ static inline void ppc970_irq_init(PowerPCCPU *cpu) {}
static inline void ppcPOWER7_irq_init(PowerPCCPU *cpu) {}
static inline void ppcPOWER9_irq_init(PowerPCCPU *cpu) {}
static inline void ppce500_irq_init(PowerPCCPU *cpu) {}
+static inline void ppc_irq_reset(PowerPCCPU *cpu) {}
#else
void ppc40x_irq_init(PowerPCCPU *cpu);
void ppce500_irq_init(PowerPCCPU *cpu);
@@ -83,6 +84,7 @@ void ppc6xx_irq_init(PowerPCCPU *cpu);
void ppc970_irq_init(PowerPCCPU *cpu);
void ppcPOWER7_irq_init(PowerPCCPU *cpu);
void ppcPOWER9_irq_init(PowerPCCPU *cpu);
+void ppc_irq_reset(PowerPCCPU *cpu);
#endif
/* PPC machines for OpenBIOS */
diff --git a/target/ppc/translate_init.inc.c b/target/ppc/translate_init.inc.c
index ba726de..64a8380 100644
--- a/target/ppc/translate_init.inc.c
+++ b/target/ppc/translate_init.inc.c
@@ -10461,6 +10461,7 @@ static void ppc_cpu_reset(CPUState *s)
env->pending_interrupts = 0;
s->exception_index = POWERPC_EXCP_NONE;
env->error_code = 0;
+ ppc_irq_reset(cpu);
/* tininess for underflow is detected before rounding */
set_float_detect_tininess(float_tininess_before_rounding,
--
1.8.3.1

112
kvm-ppc-Don-t-use-CPUPPCState-irq_input_state-with-moder.patch Normal file
View File

@ -0,0 +1,112 @@
From f2f57c1ed926384e074d2048cdbdc30ee2f426eb Mon Sep 17 00:00:00 2001
From: David Gibson <dgibson@redhat.com>
Date: Tue, 21 Jan 2020 05:16:13 +0000
Subject: [PATCH 03/15] ppc: Don't use CPUPPCState::irq_input_state with modern
Book3s CPU models
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: David Gibson <dgibson@redhat.com>
Message-id: <20200121051613.388295-4-dgibson@redhat.com>
Patchwork-id: 93431
O-Subject: [RHEL-AV-8.2 qemu-kvm PATCH 3/3] ppc: Don't use CPUPPCState::irq_input_state with modern Book3s CPU models
Bugzilla: 1776638
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-Acked-by: Laurent Vivier <lvivier@redhat.com>
RH-Acked-by: Thomas Huth <thuth@redhat.com>
From: Greg Kurz <groug@kaod.org>
The power7_set_irq() and power9_set_irq() functions set this but it is
never used actually. Modern Book3s compatible CPUs are only supported
by the pnv and spapr machines. They have an interrupt controller, XICS
for POWER7/8 and XIVE for POWER9, whose models don't require to track
IRQ input states at the CPU level.
Drop these lines to avoid confusion.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <157548862861.3650476.16622818876928044450.stgit@bahia.lan>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
(cherry picked from commit c1ad0b892ce20cf2b5e619c79e8a0c4c66b235dc)
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1776638
Signed-off-by: David Gibson <dgibson@redhat.com>
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
hw/ppc/ppc.c | 16 ++--------------
target/ppc/cpu.h | 4 +++-
2 files changed, 5 insertions(+), 15 deletions(-)
diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c
index d554b64..730a41f 100644
--- a/hw/ppc/ppc.c
+++ b/hw/ppc/ppc.c
@@ -275,10 +275,9 @@ void ppc970_irq_init(PowerPCCPU *cpu)
static void power7_set_irq(void *opaque, int pin, int level)
{
PowerPCCPU *cpu = opaque;
- CPUPPCState *env = &cpu->env;
LOG_IRQ("%s: env %p pin %d level %d\n", __func__,
- env, pin, level);
+ &cpu->env, pin, level);
switch (pin) {
case POWER7_INPUT_INT:
@@ -292,11 +291,6 @@ static void power7_set_irq(void *opaque, int pin, int level)
LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin);
return;
}
- if (level) {
- env->irq_input_state |= 1 << pin;
- } else {
- env->irq_input_state &= ~(1 << pin);
- }
}
void ppcPOWER7_irq_init(PowerPCCPU *cpu)
@@ -311,10 +305,9 @@ void ppcPOWER7_irq_init(PowerPCCPU *cpu)
static void power9_set_irq(void *opaque, int pin, int level)
{
PowerPCCPU *cpu = opaque;
- CPUPPCState *env = &cpu->env;
LOG_IRQ("%s: env %p pin %d level %d\n", __func__,
- env, pin, level);
+ &cpu->env, pin, level);
switch (pin) {
case POWER9_INPUT_INT:
@@ -334,11 +327,6 @@ static void power9_set_irq(void *opaque, int pin, int level)
LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin);
return;
}
- if (level) {
- env->irq_input_state |= 1 << pin;
- } else {
- env->irq_input_state &= ~(1 << pin);
- }
}
void ppcPOWER9_irq_init(PowerPCCPU *cpu)
diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h
index 5c53801..8887f76 100644
--- a/target/ppc/cpu.h
+++ b/target/ppc/cpu.h
@@ -1090,7 +1090,9 @@ struct CPUPPCState {
#if !defined(CONFIG_USER_ONLY)
/*
* This is the IRQ controller, which is implementation dependent
- * and only relevant when emulating a complete machine.
+ * and only relevant when emulating a complete machine. Note that
+ * this isn't used by recent Book3s compatible CPUs (POWER7 and
+ * newer).
*/
uint32_t irq_input_state;
void **irq_inputs;
--
1.8.3.1

281
kvm-target-arm-cpu-Add-the-kvm-no-adjvtime-CPU-property.patch Normal file
View File

@ -0,0 +1,281 @@
From 730f72105b478553c4f22555c29b0f64224ff914 Mon Sep 17 00:00:00 2001
From: Andrew Jones <drjones@redhat.com>
Date: Fri, 31 Jan 2020 14:23:14 +0000
Subject: [PATCH 12/15] target/arm/cpu: Add the kvm-no-adjvtime CPU property
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Andrew Jones <drjones@redhat.com>
Message-id: <20200131142314.13175-6-drjones@redhat.com>
Patchwork-id: 93623
O-Subject: [RHEL-AV-8.2.0 qemu-kvm PATCH 5/5] target/arm/cpu: Add the kvm-no-adjvtime CPU property
Bugzilla: 1647366
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-Acked-by: Auger Eric <eric.auger@redhat.com>
RH-Acked-by: Gavin Shan <gshan@redhat.com>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1647366
Author: Andrew Jones <drjones@redhat.com>
Date: Thu, 30 Jan 2020 16:02:06 +0000
target/arm/cpu: Add the kvm-no-adjvtime CPU property
kvm-no-adjvtime is a KVM specific CPU property and a first of its
kind. To accommodate it we also add kvm_arm_add_vcpu_properties()
and a KVM specific CPU properties description to the CPU features
document.
Signed-off-by: Andrew Jones <drjones@redhat.com>
Message-id: 20200120101023.16030-7-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit dea101a1ae9968c9fec6ab0291489dad7c49f36f)
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
Conflicts:
Dropped the second hunk of the hw/arm/virt.c changes
as they would patch dead code.
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
docs/arm-cpu-features.rst | 37 ++++++++++++++++++++++++++++++++++++-
hw/arm/virt.c | 5 +++++
include/hw/arm/virt.h | 1 +
target/arm/cpu.c | 2 ++
target/arm/cpu64.c | 1 +
target/arm/kvm.c | 28 ++++++++++++++++++++++++++++
target/arm/kvm_arm.h | 11 +++++++++++
target/arm/monitor.c | 1 +
tests/arm-cpu-features.c | 4 ++++
9 files changed, 89 insertions(+), 1 deletion(-)
diff --git a/docs/arm-cpu-features.rst b/docs/arm-cpu-features.rst
index 1b367e2..45d1eb6 100644
--- a/docs/arm-cpu-features.rst
+++ b/docs/arm-cpu-features.rst
@@ -31,7 +31,9 @@ supporting the feature or only supporting the feature under certain
configurations. For example, the `aarch64` CPU feature, which, when
disabled, enables the optional AArch32 CPU feature, is only supported
when using the KVM accelerator and when running on a host CPU type that
-supports the feature.
+supports the feature. While `aarch64` currently only works with KVM,
+it could work with TCG. CPU features that are specific to KVM are
+prefixed with "kvm-" and are described in "KVM VCPU Features".
CPU Feature Probing
===================
@@ -171,6 +173,39 @@ disabling many SVE vector lengths would be quite verbose, the `sve<N>` CPU
properties have special semantics (see "SVE CPU Property Parsing
Semantics").
+KVM VCPU Features
+=================
+
+KVM VCPU features are CPU features that are specific to KVM, such as
+paravirt features or features that enable CPU virtualization extensions.
+The features' CPU properties are only available when KVM is enabled and
+are named with the prefix "kvm-". KVM VCPU features may be probed,
+enabled, and disabled in the same way as other CPU features. Below is
+the list of KVM VCPU features and their descriptions.
+
+ kvm-no-adjvtime By default kvm-no-adjvtime is disabled. This
+ means that by default the virtual time
+ adjustment is enabled (vtime is *not not*
+ adjusted).
+
+ When virtual time adjustment is enabled each
+ time the VM transitions back to running state
+ the VCPU's virtual counter is updated to ensure
+ stopped time is not counted. This avoids time
+ jumps surprising guest OSes and applications,
+ as long as they use the virtual counter for
+ timekeeping. However it has the side effect of
+ the virtual and physical counters diverging.
+ All timekeeping based on the virtual counter
+ will appear to lag behind any timekeeping that
+ does not subtract VM stopped time. The guest
+ may resynchronize its virtual counter with
+ other time sources as needed.
+
+ Enable kvm-no-adjvtime to disable virtual time
+ adjustment, also restoring the legacy (pre-5.0)
+ behavior.
+
SVE CPU Properties
==================
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index e108391..d30d38c 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -1707,6 +1707,11 @@ static void machvirt_init(MachineState *machine)
}
}
+ if (vmc->kvm_no_adjvtime &&
+ object_property_find(cpuobj, "kvm-no-adjvtime", NULL)) {
+ object_property_set_bool(cpuobj, true, "kvm-no-adjvtime", NULL);
+ }
+
if (vmc->no_pmu && object_property_find(cpuobj, "pmu", NULL)) {
object_property_set_bool(cpuobj, false, "pmu", NULL);
}
diff --git a/include/hw/arm/virt.h b/include/hw/arm/virt.h
index 53fdf16..77828ce 100644
--- a/include/hw/arm/virt.h
+++ b/include/hw/arm/virt.h
@@ -109,6 +109,7 @@ typedef struct {
bool smbios_old_sys_ver;
bool no_highmem_ecam;
bool no_ged; /* Machines < 4.2 has no support for ACPI GED device */
+ bool kvm_no_adjvtime;
} VirtMachineClass;
typedef struct {
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 3788fc3..e46efe9 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -2482,6 +2482,7 @@ static void arm_max_initfn(Object *obj)
if (kvm_enabled()) {
kvm_arm_set_cpu_features_from_host(cpu);
+ kvm_arm_add_vcpu_properties(obj);
} else {
cortex_a15_initfn(obj);
@@ -2673,6 +2674,7 @@ static void arm_host_initfn(Object *obj)
if (arm_feature(&cpu->env, ARM_FEATURE_AARCH64)) {
aarch64_add_sve_properties(obj);
}
+ kvm_arm_add_vcpu_properties(obj);
arm_cpu_post_init(obj);
}
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
index a39d6fc..3cd416d 100644
--- a/target/arm/cpu64.c
+++ b/target/arm/cpu64.c
@@ -605,6 +605,7 @@ static void aarch64_max_initfn(Object *obj)
if (kvm_enabled()) {
kvm_arm_set_cpu_features_from_host(cpu);
+ kvm_arm_add_vcpu_properties(obj);
} else {
uint64_t t;
uint32_t u;
diff --git a/target/arm/kvm.c b/target/arm/kvm.c
index 26d7f8b..4be9497 100644
--- a/target/arm/kvm.c
+++ b/target/arm/kvm.c
@@ -17,6 +17,8 @@
#include "qemu/timer.h"
#include "qemu/error-report.h"
#include "qemu/main-loop.h"
+#include "qom/object.h"
+#include "qapi/error.h"
#include "sysemu/sysemu.h"
#include "sysemu/kvm.h"
#include "sysemu/kvm_int.h"
@@ -179,6 +181,32 @@ void kvm_arm_set_cpu_features_from_host(ARMCPU *cpu)
env->features = arm_host_cpu_features.features;
}
+static bool kvm_no_adjvtime_get(Object *obj, Error **errp)
+{
+ return !ARM_CPU(obj)->kvm_adjvtime;
+}
+
+static void kvm_no_adjvtime_set(Object *obj, bool value, Error **errp)
+{
+ ARM_CPU(obj)->kvm_adjvtime = !value;
+}
+
+/* KVM VCPU properties should be prefixed with "kvm-". */
+void kvm_arm_add_vcpu_properties(Object *obj)
+{
+ if (!kvm_enabled()) {
+ return;
+ }
+
+ ARM_CPU(obj)->kvm_adjvtime = true;
+ object_property_add_bool(obj, "kvm-no-adjvtime", kvm_no_adjvtime_get,
+ kvm_no_adjvtime_set, &error_abort);
+ object_property_set_description(obj, "kvm-no-adjvtime",
+ "Set on to disable the adjustment of "
+ "the virtual counter. VM stopped time "
+ "will be counted.", &error_abort);
+}
+
bool kvm_arm_pmu_supported(CPUState *cpu)
{
KVMState *s = KVM_STATE(current_machine->accelerator);
diff --git a/target/arm/kvm_arm.h b/target/arm/kvm_arm.h
index 01a9a18..ae9e075 100644
--- a/target/arm/kvm_arm.h
+++ b/target/arm/kvm_arm.h
@@ -256,6 +256,15 @@ void kvm_arm_sve_get_vls(CPUState *cs, unsigned long *map);
void kvm_arm_set_cpu_features_from_host(ARMCPU *cpu);
/**
+ * kvm_arm_add_vcpu_properties:
+ * @obj: The CPU object to add the properties to
+ *
+ * Add all KVM specific CPU properties to the CPU object. These
+ * are the CPU properties with "kvm-" prefixed names.
+ */
+void kvm_arm_add_vcpu_properties(Object *obj);
+
+/**
* kvm_arm_aarch32_supported:
* @cs: CPUState
*
@@ -345,6 +354,8 @@ static inline void kvm_arm_set_cpu_features_from_host(ARMCPU *cpu)
cpu->host_cpu_probe_failed = true;
}
+static inline void kvm_arm_add_vcpu_properties(Object *obj) {}
+
static inline bool kvm_arm_aarch32_supported(CPUState *cs)
{
return false;
diff --git a/target/arm/monitor.c b/target/arm/monitor.c
index fa054f8..9725dff 100644
--- a/target/arm/monitor.c
+++ b/target/arm/monitor.c
@@ -103,6 +103,7 @@ static const char *cpu_model_advertised_features[] = {
"sve128", "sve256", "sve384", "sve512",
"sve640", "sve768", "sve896", "sve1024", "sve1152", "sve1280",
"sve1408", "sve1536", "sve1664", "sve1792", "sve1920", "sve2048",
+ "kvm-no-adjvtime",
NULL
};
diff --git a/tests/arm-cpu-features.c b/tests/arm-cpu-features.c
index 89285ca..ba1a6fe 100644
--- a/tests/arm-cpu-features.c
+++ b/tests/arm-cpu-features.c
@@ -428,6 +428,8 @@ static void test_query_cpu_model_expansion(const void *data)
assert_has_feature_enabled(qts, "cortex-a15", "pmu");
assert_has_not_feature(qts, "cortex-a15", "aarch64");
+ assert_has_not_feature(qts, "max", "kvm-no-adjvtime");
+
if (g_str_equal(qtest_get_arch(), "aarch64")) {
assert_has_feature_enabled(qts, "max", "aarch64");
assert_has_feature_enabled(qts, "max", "sve");
@@ -462,6 +464,8 @@ static void test_query_cpu_model_expansion_kvm(const void *data)
return;
}
+ assert_has_feature_disabled(qts, "host", "kvm-no-adjvtime");
+
if (g_str_equal(qtest_get_arch(), "aarch64")) {
bool kvm_supports_sve;
char max_name[8], name[8];
--
1.8.3.1

330
kvm-target-arm-kvm-Implement-virtual-time-adjustment.patch Normal file
View File

@ -0,0 +1,330 @@
From 5388ea3fc0737d1a659256ff3663057bef484c19 Mon Sep 17 00:00:00 2001
From: Andrew Jones <drjones@redhat.com>
Date: Fri, 31 Jan 2020 14:23:13 +0000
Subject: [PATCH 11/15] target/arm/kvm: Implement virtual time adjustment
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Andrew Jones <drjones@redhat.com>
Message-id: <20200131142314.13175-5-drjones@redhat.com>
Patchwork-id: 93622
O-Subject: [RHEL-AV-8.2.0 qemu-kvm PATCH 4/5] target/arm/kvm: Implement virtual time adjustment
Bugzilla: 1647366
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-Acked-by: Auger Eric <eric.auger@redhat.com>
RH-Acked-by: Gavin Shan <gshan@redhat.com>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1647366
Author: Andrew Jones <drjones@redhat.com>
Date: Thu, 30 Jan 2020 16:02:06 +0000
target/arm/kvm: Implement virtual time adjustment
When a VM is stopped (such as when it's paused) guest virtual time
should stop counting. Otherwise, when the VM is resumed it will
experience time jumps and its kernel may report soft lockups. Not
counting virtual time while the VM is stopped has the side effect
of making the guest's time appear to lag when compared with real
time, and even with time derived from the physical counter. For
this reason, this change, which is enabled by default, comes with
a KVM CPU feature allowing it to be disabled, restoring legacy
behavior.
This patch only provides the implementation of the virtual time
adjustment. A subsequent patch will provide the CPU property
allowing the change to be enabled and disabled.
Reported-by: Bijan Mottahedeh <bijan.mottahedeh@oracle.com>
Signed-off-by: Andrew Jones <drjones@redhat.com>
Message-id: 20200120101023.16030-6-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit e5ac4200b4cddf44df9adbef677af0d1f1c579c6)
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
target/arm/cpu.h | 7 ++++
target/arm/kvm.c | 92 ++++++++++++++++++++++++++++++++++++++++++++++++++++
target/arm/kvm32.c | 3 ++
target/arm/kvm64.c | 3 ++
target/arm/kvm_arm.h | 38 ++++++++++++++++++++++
target/arm/machine.c | 7 ++++
6 files changed, 150 insertions(+)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 82dd3cc..fbd8ea0 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -821,6 +821,13 @@ struct ARMCPU {
/* KVM init features for this CPU */
uint32_t kvm_init_features[7];
+ /* KVM CPU state */
+
+ /* KVM virtual time adjustment */
+ bool kvm_adjvtime;
+ bool kvm_vtime_dirty;
+ uint64_t kvm_vtime;
+
/* Uniprocessor system with MP extensions */
bool mp_is_up;
diff --git a/target/arm/kvm.c b/target/arm/kvm.c
index 5b82cef..26d7f8b 100644
--- a/target/arm/kvm.c
+++ b/target/arm/kvm.c
@@ -359,6 +359,22 @@ static int compare_u64(const void *a, const void *b)
return 0;
}
+/*
+ * cpreg_values are sorted in ascending order by KVM register ID
+ * (see kvm_arm_init_cpreg_list). This allows us to cheaply find
+ * the storage for a KVM register by ID with a binary search.
+ */
+static uint64_t *kvm_arm_get_cpreg_ptr(ARMCPU *cpu, uint64_t regidx)
+{
+ uint64_t *res;
+
+ res = bsearch(&regidx, cpu->cpreg_indexes, cpu->cpreg_array_len,
+ sizeof(uint64_t), compare_u64);
+ assert(res);
+
+ return &cpu->cpreg_values[res - cpu->cpreg_indexes];
+}
+
/* Initialize the ARMCPU cpreg list according to the kernel's
* definition of what CPU registers it knows about (and throw away
* the previous TCG-created cpreg list).
@@ -512,6 +528,23 @@ bool write_list_to_kvmstate(ARMCPU *cpu, int level)
return ok;
}
+void kvm_arm_cpu_pre_save(ARMCPU *cpu)
+{
+ /* KVM virtual time adjustment */
+ if (cpu->kvm_vtime_dirty) {
+ *kvm_arm_get_cpreg_ptr(cpu, KVM_REG_ARM_TIMER_CNT) = cpu->kvm_vtime;
+ }
+}
+
+void kvm_arm_cpu_post_load(ARMCPU *cpu)
+{
+ /* KVM virtual time adjustment */
+ if (cpu->kvm_adjvtime) {
+ cpu->kvm_vtime = *kvm_arm_get_cpreg_ptr(cpu, KVM_REG_ARM_TIMER_CNT);
+ cpu->kvm_vtime_dirty = true;
+ }
+}
+
void kvm_arm_reset_vcpu(ARMCPU *cpu)
{
int ret;
@@ -579,6 +612,50 @@ int kvm_arm_sync_mpstate_to_qemu(ARMCPU *cpu)
return 0;
}
+void kvm_arm_get_virtual_time(CPUState *cs)
+{
+ ARMCPU *cpu = ARM_CPU(cs);
+ struct kvm_one_reg reg = {
+ .id = KVM_REG_ARM_TIMER_CNT,
+ .addr = (uintptr_t)&cpu->kvm_vtime,
+ };
+ int ret;
+
+ if (cpu->kvm_vtime_dirty) {
+ return;
+ }
+
+ ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, &reg);
+ if (ret) {
+ error_report("Failed to get KVM_REG_ARM_TIMER_CNT");
+ abort();
+ }
+
+ cpu->kvm_vtime_dirty = true;
+}
+
+void kvm_arm_put_virtual_time(CPUState *cs)
+{
+ ARMCPU *cpu = ARM_CPU(cs);
+ struct kvm_one_reg reg = {
+ .id = KVM_REG_ARM_TIMER_CNT,
+ .addr = (uintptr_t)&cpu->kvm_vtime,
+ };
+ int ret;
+
+ if (!cpu->kvm_vtime_dirty) {
+ return;
+ }
+
+ ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, &reg);
+ if (ret) {
+ error_report("Failed to set KVM_REG_ARM_TIMER_CNT");
+ abort();
+ }
+
+ cpu->kvm_vtime_dirty = false;
+}
+
int kvm_put_vcpu_events(ARMCPU *cpu)
{
CPUARMState *env = &cpu->env;
@@ -690,6 +767,21 @@ MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
return MEMTXATTRS_UNSPECIFIED;
}
+void kvm_arm_vm_state_change(void *opaque, int running, RunState state)
+{
+ CPUState *cs = opaque;
+ ARMCPU *cpu = ARM_CPU(cs);
+
+ if (running) {
+ if (cpu->kvm_adjvtime) {
+ kvm_arm_put_virtual_time(cs);
+ }
+ } else {
+ if (cpu->kvm_adjvtime) {
+ kvm_arm_get_virtual_time(cs);
+ }
+ }
+}
int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
{
diff --git a/target/arm/kvm32.c b/target/arm/kvm32.c
index 32bf8d6..3a8b437 100644
--- a/target/arm/kvm32.c
+++ b/target/arm/kvm32.c
@@ -16,6 +16,7 @@
#include "qemu-common.h"
#include "cpu.h"
#include "qemu/timer.h"
+#include "sysemu/runstate.h"
#include "sysemu/kvm.h"
#include "kvm_arm.h"
#include "internals.h"
@@ -198,6 +199,8 @@ int kvm_arch_init_vcpu(CPUState *cs)
return -EINVAL;
}
+ qemu_add_vm_change_state_handler(kvm_arm_vm_state_change, cs);
+
/* Determine init features for this CPU */
memset(cpu->kvm_init_features, 0, sizeof(cpu->kvm_init_features));
if (cpu->start_powered_off) {
diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c
index 666a81a..d368189 100644
--- a/target/arm/kvm64.c
+++ b/target/arm/kvm64.c
@@ -23,6 +23,7 @@
#include "qemu/host-utils.h"
#include "qemu/main-loop.h"
#include "exec/gdbstub.h"
+#include "sysemu/runstate.h"
#include "sysemu/kvm.h"
#include "sysemu/kvm_int.h"
#include "kvm_arm.h"
@@ -735,6 +736,8 @@ int kvm_arch_init_vcpu(CPUState *cs)
return -EINVAL;
}
+ qemu_add_vm_change_state_handler(kvm_arm_vm_state_change, cs);
+
/* Determine init features for this CPU */
memset(cpu->kvm_init_features, 0, sizeof(cpu->kvm_init_features));
if (cpu->start_powered_off) {
diff --git a/target/arm/kvm_arm.h b/target/arm/kvm_arm.h
index b48a9c9..01a9a18 100644
--- a/target/arm/kvm_arm.h
+++ b/target/arm/kvm_arm.h
@@ -128,6 +128,23 @@ bool write_list_to_kvmstate(ARMCPU *cpu, int level);
bool write_kvmstate_to_list(ARMCPU *cpu);
/**
+ * kvm_arm_cpu_pre_save:
+ * @cpu: ARMCPU
+ *
+ * Called after write_kvmstate_to_list() from cpu_pre_save() to update
+ * the cpreg list with KVM CPU state.
+ */
+void kvm_arm_cpu_pre_save(ARMCPU *cpu);
+
+/**
+ * kvm_arm_cpu_post_load:
+ * @cpu: ARMCPU
+ *
+ * Called from cpu_post_load() to update KVM CPU state from the cpreg list.
+ */
+void kvm_arm_cpu_post_load(ARMCPU *cpu);
+
+/**
* kvm_arm_reset_vcpu:
* @cpu: ARMCPU
*
@@ -292,6 +309,24 @@ int kvm_arm_sync_mpstate_to_kvm(ARMCPU *cpu);
*/
int kvm_arm_sync_mpstate_to_qemu(ARMCPU *cpu);
+/**
+ * kvm_arm_get_virtual_time:
+ * @cs: CPUState
+ *
+ * Gets the VCPU's virtual counter and stores it in the KVM CPU state.
+ */
+void kvm_arm_get_virtual_time(CPUState *cs);
+
+/**
+ * kvm_arm_put_virtual_time:
+ * @cs: CPUState
+ *
+ * Sets the VCPU's virtual counter to the value stored in the KVM CPU state.
+ */
+void kvm_arm_put_virtual_time(CPUState *cs);
+
+void kvm_arm_vm_state_change(void *opaque, int running, RunState state);
+
int kvm_arm_vgic_probe(void);
void kvm_arm_pmu_set_irq(CPUState *cs, int irq);
@@ -339,6 +374,9 @@ static inline void kvm_arm_pmu_set_irq(CPUState *cs, int irq) {}
static inline void kvm_arm_pmu_init(CPUState *cs) {}
static inline void kvm_arm_sve_get_vls(CPUState *cs, unsigned long *map) {}
+
+static inline void kvm_arm_get_virtual_time(CPUState *cs) {}
+static inline void kvm_arm_put_virtual_time(CPUState *cs) {}
#endif
static inline const char *gic_class_name(void)
diff --git a/target/arm/machine.c b/target/arm/machine.c
index eb28b23..241890a 100644
--- a/target/arm/machine.c
+++ b/target/arm/machine.c
@@ -642,6 +642,12 @@ static int cpu_pre_save(void *opaque)
/* This should never fail */
abort();
}
+
+ /*
+ * kvm_arm_cpu_pre_save() must be called after
+ * write_kvmstate_to_list()
+ */
+ kvm_arm_cpu_pre_save(cpu);
} else {
if (!write_cpustate_to_list(cpu, false)) {
/* This should never fail. */
@@ -744,6 +750,7 @@ static int cpu_post_load(void *opaque, int version_id)
* we're using it.
*/
write_list_to_cpustate(cpu);
+ kvm_arm_cpu_post_load(cpu);
} else {
if (!write_list_to_cpustate(cpu)) {
return -1;
--
1.8.3.1

197
kvm-target-arm-kvm-trivial-Clean-up-header-documentation.patch Normal file
View File

@ -0,0 +1,197 @@
From 11cb9cb7b1b56d5c9723e9c50bc2903281893bcc Mon Sep 17 00:00:00 2001
From: Andrew Jones <drjones@redhat.com>
Date: Fri, 31 Jan 2020 14:23:10 +0000
Subject: [PATCH 08/15] target/arm/kvm: trivial: Clean up header documentation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Andrew Jones <drjones@redhat.com>
Message-id: <20200131142314.13175-2-drjones@redhat.com>
Patchwork-id: 93625
O-Subject: [RHEL-AV-8.2.0 qemu-kvm PATCH 1/5] target/arm/kvm: trivial: Clean up header documentation
Bugzilla: 1647366
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-Acked-by: Auger Eric <eric.auger@redhat.com>
RH-Acked-by: Gavin Shan <gshan@redhat.com>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1647366
Author: Andrew Jones <drjones@redhat.com>
Date: Thu, 30 Jan 2020 16:02:05 +0000
target/arm/kvm: trivial: Clean up header documentation
Signed-off-by: Andrew Jones <drjones@redhat.com>
Message-id: 20200120101023.16030-2-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit d1ebbc9d16297b54b153ee33abe05eb4f1df0c66)
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
target/arm/kvm_arm.h | 46 +++++++++++++++++++++++++++-------------------
1 file changed, 27 insertions(+), 19 deletions(-)
diff --git a/target/arm/kvm_arm.h b/target/arm/kvm_arm.h
index 8e14d40..b48a9c9 100644
--- a/target/arm/kvm_arm.h
+++ b/target/arm/kvm_arm.h
@@ -28,9 +28,9 @@
int kvm_arm_vcpu_init(CPUState *cs);
/**
- * kvm_arm_vcpu_finalize
+ * kvm_arm_vcpu_finalize:
* @cs: CPUState
- * @feature: int
+ * @feature: feature to finalize
*
* Finalizes the configuration of the specified VCPU feature by
* invoking the KVM_ARM_VCPU_FINALIZE ioctl. Features requiring
@@ -75,8 +75,8 @@ void kvm_arm_register_device(MemoryRegion *mr, uint64_t devid, uint64_t group,
int kvm_arm_init_cpreg_list(ARMCPU *cpu);
/**
- * kvm_arm_reg_syncs_via_cpreg_list
- * regidx: KVM register index
+ * kvm_arm_reg_syncs_via_cpreg_list:
+ * @regidx: KVM register index
*
* Return true if this KVM register should be synchronized via the
* cpreg list of arbitrary system registers, false if it is synchronized
@@ -85,8 +85,8 @@ int kvm_arm_init_cpreg_list(ARMCPU *cpu);
bool kvm_arm_reg_syncs_via_cpreg_list(uint64_t regidx);
/**
- * kvm_arm_cpreg_level
- * regidx: KVM register index
+ * kvm_arm_cpreg_level:
+ * @regidx: KVM register index
*
* Return the level of this coprocessor/system register. Return value is
* either KVM_PUT_RUNTIME_STATE, KVM_PUT_RESET_STATE, or KVM_PUT_FULL_STATE.
@@ -148,6 +148,8 @@ void kvm_arm_init_serror_injection(CPUState *cs);
* @cpu: ARMCPU
*
* Get VCPU related state from kvm.
+ *
+ * Returns: 0 if success else < 0 error code
*/
int kvm_get_vcpu_events(ARMCPU *cpu);
@@ -156,6 +158,8 @@ int kvm_get_vcpu_events(ARMCPU *cpu);
* @cpu: ARMCPU
*
* Put VCPU related state to kvm.
+ *
+ * Returns: 0 if success else < 0 error code
*/
int kvm_put_vcpu_events(ARMCPU *cpu);
@@ -205,10 +209,12 @@ typedef struct ARMHostCPUFeatures {
/**
* kvm_arm_get_host_cpu_features:
- * @ahcc: ARMHostCPUClass to fill in
+ * @ahcf: ARMHostCPUClass to fill in
*
* Probe the capabilities of the host kernel's preferred CPU and fill
* in the ARMHostCPUClass struct accordingly.
+ *
+ * Returns true on success and false otherwise.
*/
bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf);
@@ -242,7 +248,7 @@ void kvm_arm_set_cpu_features_from_host(ARMCPU *cpu);
bool kvm_arm_aarch32_supported(CPUState *cs);
/**
- * bool kvm_arm_pmu_supported:
+ * kvm_arm_pmu_supported:
* @cs: CPUState
*
* Returns: true if the KVM VCPU can enable its PMU
@@ -251,7 +257,7 @@ bool kvm_arm_aarch32_supported(CPUState *cs);
bool kvm_arm_pmu_supported(CPUState *cs);
/**
- * bool kvm_arm_sve_supported:
+ * kvm_arm_sve_supported:
* @cs: CPUState
*
* Returns true if the KVM VCPU can enable SVE and false otherwise.
@@ -259,26 +265,30 @@ bool kvm_arm_pmu_supported(CPUState *cs);
bool kvm_arm_sve_supported(CPUState *cs);
/**
- * kvm_arm_get_max_vm_ipa_size - Returns the number of bits in the
- * IPA address space supported by KVM
- *
+ * kvm_arm_get_max_vm_ipa_size:
* @ms: Machine state handle
+ *
+ * Returns the number of bits in the IPA address space supported by KVM
*/
int kvm_arm_get_max_vm_ipa_size(MachineState *ms);
/**
- * kvm_arm_sync_mpstate_to_kvm
+ * kvm_arm_sync_mpstate_to_kvm:
* @cpu: ARMCPU
*
* If supported set the KVM MP_STATE based on QEMU's model.
+ *
+ * Returns 0 on success and -1 on failure.
*/
int kvm_arm_sync_mpstate_to_kvm(ARMCPU *cpu);
/**
- * kvm_arm_sync_mpstate_to_qemu
+ * kvm_arm_sync_mpstate_to_qemu:
* @cpu: ARMCPU
*
* If supported get the MP_STATE from KVM and store in QEMU's model.
+ *
+ * Returns 0 on success and aborts on failure.
*/
int kvm_arm_sync_mpstate_to_qemu(ARMCPU *cpu);
@@ -292,7 +302,8 @@ int kvm_arm_set_irq(int cpu, int irqtype, int irq, int level);
static inline void kvm_arm_set_cpu_features_from_host(ARMCPU *cpu)
{
- /* This should never actually be called in the "not KVM" case,
+ /*
+ * This should never actually be called in the "not KVM" case,
* but set up the fields to indicate an error anyway.
*/
cpu->kvm_target = QEMU_KVM_ARM_TARGET_NONE;
@@ -377,23 +388,20 @@ bool kvm_arm_handle_debug(CPUState *cs, struct kvm_debug_exit_arch *debug_exit);
*
* Return: TRUE if any hardware breakpoints in use.
*/
-
bool kvm_arm_hw_debug_active(CPUState *cs);
/**
* kvm_arm_copy_hw_debug_data:
- *
* @ptr: kvm_guest_debug_arch structure
*
* Copy the architecture specific debug registers into the
* kvm_guest_debug ioctl structure.
*/
struct kvm_guest_debug_arch;
-
void kvm_arm_copy_hw_debug_data(struct kvm_guest_debug_arch *ptr);
/**
- * its_class_name
+ * its_class_name:
*
* Return the ITS class name to use depending on whether KVM acceleration
* and KVM CAP_SIGNAL_MSI are supported
--
1.8.3.1

60
kvm-target-arm-kvm64-kvm64-cpus-have-timer-registers.patch Normal file
View File

@ -0,0 +1,60 @@
From 2740a84fe798ade5c1ce725d65cdaffb255da47c Mon Sep 17 00:00:00 2001
From: Andrew Jones <drjones@redhat.com>
Date: Fri, 31 Jan 2020 14:23:11 +0000
Subject: [PATCH 09/15] target/arm/kvm64: kvm64 cpus have timer registers
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Andrew Jones <drjones@redhat.com>
Message-id: <20200131142314.13175-3-drjones@redhat.com>
Patchwork-id: 93621
O-Subject: [RHEL-AV-8.2.0 qemu-kvm PATCH 2/5] target/arm/kvm64: kvm64 cpus have timer registers
Bugzilla: 1647366
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-Acked-by: Auger Eric <eric.auger@redhat.com>
RH-Acked-by: Gavin Shan <gshan@redhat.com>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1647366
Author: Andrew Jones <drjones@redhat.com>
Date: Thu, 30 Jan 2020 16:02:06 +0000
target/arm/kvm64: kvm64 cpus have timer registers
Add the missing GENERIC_TIMER feature to kvm64 cpus.
We don't currently use these registers when KVM is enabled, but it's
probably best we add the feature flag for consistency and potential
future use. There's also precedent, as we add the PMU feature flag to
KVM enabled guests, even though we don't use those registers either.
This change was originally posted as a hunk of a different, never
merged patch from Bijan Mottahedeh.
Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200120101023.16030-4-drjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit 65caa415487f4a6e265105446c6ef8f56bb0aa70)
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
target/arm/kvm64.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c
index e2da756..666a81a 100644
--- a/target/arm/kvm64.c
+++ b/target/arm/kvm64.c
@@ -605,6 +605,7 @@ bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf)
set_feature(&features, ARM_FEATURE_NEON);
set_feature(&features, ARM_FEATURE_AARCH64);
set_feature(&features, ARM_FEATURE_PMU);
+ set_feature(&features, ARM_FEATURE_GENERIC_TIMER);
ahcf->features = features;
--
1.8.3.1

106
kvm-tests-arm-cpu-features-Check-feature-default-values.patch Normal file
View File

@ -0,0 +1,106 @@
From 323889aa2182bf39df10f1caf43f22daea2d7d37 Mon Sep 17 00:00:00 2001
From: Andrew Jones <drjones@redhat.com>
Date: Fri, 31 Jan 2020 14:23:12 +0000
Subject: [PATCH 10/15] tests/arm-cpu-features: Check feature default values
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Andrew Jones <drjones@redhat.com>
Message-id: <20200131142314.13175-4-drjones@redhat.com>
Patchwork-id: 93626
O-Subject: [RHEL-AV-8.2.0 qemu-kvm PATCH 3/5] tests/arm-cpu-features: Check feature default values
Bugzilla: 1647366
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-Acked-by: Auger Eric <eric.auger@redhat.com>
RH-Acked-by: Gavin Shan <gshan@redhat.com>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1647366
Author: Andrew Jones <drjones@redhat.com>
Date: Thu, 30 Jan 2020 16:02:06 +0000
tests/arm-cpu-features: Check feature default values
If we know what the default value should be then we can test for
that as well as the feature existence.
Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200120101023.16030-5-drjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit 789a35efb583464f9fcd5d871a7fd6164318bb91)
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
tests/arm-cpu-features.c | 37 ++++++++++++++++++++++++++++---------
1 file changed, 28 insertions(+), 9 deletions(-)
diff --git a/tests/arm-cpu-features.c b/tests/arm-cpu-features.c
index 6e99aa9..89285ca 100644
--- a/tests/arm-cpu-features.c
+++ b/tests/arm-cpu-features.c
@@ -159,6 +159,25 @@ static bool resp_get_feature(QDict *resp, const char *feature)
qobject_unref(_resp); \
})
+#define assert_feature(qts, cpu_type, feature, expected_value) \
+({ \
+ QDict *_resp, *_props; \
+ \
+ _resp = do_query_no_props(qts, cpu_type); \
+ g_assert(_resp); \
+ g_assert(resp_has_props(_resp)); \
+ _props = resp_get_props(_resp); \
+ g_assert(qdict_get(_props, feature)); \
+ g_assert(qdict_get_bool(_props, feature) == (expected_value)); \
+ qobject_unref(_resp); \
+})
+
+#define assert_has_feature_enabled(qts, cpu_type, feature) \
+ assert_feature(qts, cpu_type, feature, true)
+
+#define assert_has_feature_disabled(qts, cpu_type, feature) \
+ assert_feature(qts, cpu_type, feature, false)
+
static void assert_type_full(QTestState *qts)
{
const char *error;
@@ -405,16 +424,16 @@ static void test_query_cpu_model_expansion(const void *data)
assert_error(qts, "host", "The CPU type 'host' requires KVM", NULL);
/* Test expected feature presence/absence for some cpu types */
- assert_has_feature(qts, "max", "pmu");
- assert_has_feature(qts, "cortex-a15", "pmu");
+ assert_has_feature_enabled(qts, "max", "pmu");
+ assert_has_feature_enabled(qts, "cortex-a15", "pmu");
assert_has_not_feature(qts, "cortex-a15", "aarch64");
if (g_str_equal(qtest_get_arch(), "aarch64")) {
- assert_has_feature(qts, "max", "aarch64");
- assert_has_feature(qts, "max", "sve");
- assert_has_feature(qts, "max", "sve128");
- assert_has_feature(qts, "cortex-a57", "pmu");
- assert_has_feature(qts, "cortex-a57", "aarch64");
+ assert_has_feature_enabled(qts, "max", "aarch64");
+ assert_has_feature_enabled(qts, "max", "sve");
+ assert_has_feature_enabled(qts, "max", "sve128");
+ assert_has_feature_enabled(qts, "cortex-a57", "pmu");
+ assert_has_feature_enabled(qts, "cortex-a57", "aarch64");
sve_tests_default(qts, "max");
@@ -451,8 +470,8 @@ static void test_query_cpu_model_expansion_kvm(const void *data)
QDict *resp;
char *error;
- assert_has_feature(qts, "host", "aarch64");
- assert_has_feature(qts, "host", "pmu");
+ assert_has_feature_enabled(qts, "host", "aarch64");
+ assert_has_feature_enabled(qts, "host", "pmu");
assert_error(qts, "cortex-a15",
"We cannot guarantee the CPU type 'cortex-a15' works "
--
1.8.3.1

58
kvm-tpm-ppi-page-align-PPI-RAM.patch Normal file
View File

@ -0,0 +1,58 @@
From 7cb1c5e1416de9a09180f0930d2a216c77e8cdbd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
Date: Thu, 30 Jan 2020 16:01:10 +0000
Subject: [PATCH 07/15] tpm-ppi: page-align PPI RAM
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: <20200130160110.126086-1-marcandre.lureau@redhat.com>
Patchwork-id: 93600
O-Subject: [RHEL-AV-8.2.0 qemu-kvm PATCH] tpm-ppi: page-align PPI RAM
Bugzilla: 1787444
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
post-copy migration fails on destination with error such as:
2019-12-26T10:22:44.714644Z qemu-kvm: ram_block_discard_range:
Unaligned start address: 0x559d2afae9a0
Use qemu_memalign() to constrain the PPI RAM memory alignment.
Cc: qemu-stable@nongnu.org
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Message-id: 20200103074000.1006389-3-marcandre.lureau@redhat.com
BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1787444
Brew: http://brewweb.devel.redhat.com/brew/taskinfo?taskID=26122940
(cherry picked from commit 71e415c8a75c130875f14d6b2136825789feb297)
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
hw/tpm/tpm_ppi.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/tpm/tpm_ppi.c b/hw/tpm/tpm_ppi.c
index ff31459..6d9c1a3 100644
--- a/hw/tpm/tpm_ppi.c
+++ b/hw/tpm/tpm_ppi.c
@@ -43,7 +43,8 @@ void tpm_ppi_reset(TPMPPI *tpmppi)
void tpm_ppi_init(TPMPPI *tpmppi, struct MemoryRegion *m,
hwaddr addr, Object *obj)
{
- tpmppi->buf = g_malloc0(HOST_PAGE_ALIGN(TPM_PPI_ADDR_SIZE));
+ tpmppi->buf = qemu_memalign(qemu_real_host_page_size,
+ HOST_PAGE_ALIGN(TPM_PPI_ADDR_SIZE));
memory_region_init_ram_device_ptr(&tpmppi->ram, obj, "tpm-ppi",
TPM_PPI_ADDR_SIZE, tpmppi->buf);
vmstate_register_ram(&tpmppi->ram, DEVICE(obj));
--
1.8.3.1

82
kvm-trace-update-qemu-trace-stap-to-Python-3.patch Normal file
View File

@ -0,0 +1,82 @@
From e7cdcd1e39c4c030a32c9e8ef79316eae8555bc8 Mon Sep 17 00:00:00 2001
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Thu, 16 Jan 2020 17:52:48 +0000
Subject: [PATCH 04/15] trace: update qemu-trace-stap to Python 3
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: <20200116175248.286556-2-stefanha@redhat.com>
Patchwork-id: 93365
O-Subject: [RHEL-AV-8.2.0 qemu-kvm PATCH 1/1] trace: update qemu-trace-stap to Python 3
Bugzilla: 1787395
RH-Acked-by: John Snow <jsnow@redhat.com>
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
qemu-trace-stap does not support Python 3 yet:
$ scripts/qemu-trace-stap list path/to/qemu-system-x86_64
Traceback (most recent call last):
File "scripts/qemu-trace-stap", line 175, in <module>
main()
File "scripts/qemu-trace-stap", line 171, in main
args.func(args)
File "scripts/qemu-trace-stap", line 118, in cmd_list
print_probes(args.verbose, "*")
File "scripts/qemu-trace-stap", line 114, in print_probes
if line.startswith(prefix):
TypeError: startswith first arg must be bytes or a tuple of bytes, not str
Now that QEMU requires Python 3.5 or later we can switch to pure Python
3. Use Popen()'s universal_newlines=True argument to treat stdout as
text instead of binary.
Fixes: 62dd1048c0bd ("trace: add ability to do simple printf logging via systemtap")
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1787395
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20200107112438.383958-1-stefanha@redhat.com
Message-Id: <20200107112438.383958-1-stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
(cherry picked from commit 3f0097169bb60268cc5dda0c5ea47c31ab57b22f)
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
scripts/qemu-trace-stap | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/scripts/qemu-trace-stap b/scripts/qemu-trace-stap
index 91d1051..90527eb 100755
--- a/scripts/qemu-trace-stap
+++ b/scripts/qemu-trace-stap
@@ -1,4 +1,4 @@
-#!/usr/bin/python
+#!/usr/bin/env python3
# -*- python -*-
#
# Copyright (C) 2019 Red Hat, Inc
@@ -18,8 +18,6 @@
# You should have received a copy of the GNU General Public License
# along with this program; if not, see <http://www.gnu.org/licenses/>.
-from __future__ import print_function
-
import argparse
import copy
import os.path
@@ -104,7 +102,9 @@ def cmd_list(args):
if verbose:
print("Listing probes with name '%s'" % script)
proc = subprocess.Popen(["stap", "-l", script],
- stdout=subprocess.PIPE, env=tapset_env(tapsets))
+ stdout=subprocess.PIPE,
+ universal_newlines=True,
+ env=tapset_env(tapsets))
out, err = proc.communicate()
if proc.returncode != 0:
print("No probes found, are the tapsets installed in %s" % tapset_dir(args.binary))
--
1.8.3.1

52
kvm-xics-Don-t-deassert-outputs.patch Normal file
View File

@ -0,0 +1,52 @@
From 99b6ee4b7f63ea49e5b73f61bbf68f67252f27da Mon Sep 17 00:00:00 2001
From: David Gibson <dgibson@redhat.com>
Date: Tue, 21 Jan 2020 05:16:12 +0000
Subject: [PATCH 02/15] xics: Don't deassert outputs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: David Gibson <dgibson@redhat.com>
Message-id: <20200121051613.388295-3-dgibson@redhat.com>
Patchwork-id: 93430
O-Subject: [RHEL-AV-8.2 qemu-kvm PATCH 2/3] xics: Don't deassert outputs
Bugzilla: 1776638
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
RH-Acked-by: Laurent Vivier <lvivier@redhat.com>
RH-Acked-by: Thomas Huth <thuth@redhat.com>
From: Greg Kurz <groug@kaod.org>
The correct way to do this is to deassert the input pins on the CPU side.
This is the case since a previous change.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <157548862298.3650476.1228720391270249433.stgit@bahia.lan>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
(cherry picked from commit 4febcdd88f08422a66a1aa0dc55e1472abed3c4b)
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1776638
Signed-off-by: David Gibson <dgibson@redhat.com>
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
hw/intc/xics.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/hw/intc/xics.c b/hw/intc/xics.c
index e7ac9ba..72c5dca 100644
--- a/hw/intc/xics.c
+++ b/hw/intc/xics.c
@@ -289,9 +289,6 @@ void icp_reset(ICPState *icp)
icp->pending_priority = 0xff;
icp->mfrr = 0xff;
- /* Make all outputs are deasserted */
- qemu_set_irq(icp->output, 0);
-
if (kvm_irqchip_in_kernel()) {
Error *local_err = NULL;
--
1.8.3.1

62
qemu-kvm.spec
View File

@ -67,7 +67,7 @@ Obsoletes: %1-rhev
Summary: QEMU is a machine emulator and virtualizer
Name: qemu-kvm
Version: 4.2.0
Release: 8%{?dist}
Release: 9%{?dist}
# Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped
Epoch: 15
License: GPLv2 and GPLv2+ and CC-BY
@ -373,6 +373,34 @@ Patch145: kvm-virtiofsd-passthrough_ll-Pass-errno-to-fuse_reply_er.patch
Patch146: kvm-virtiofsd-stop-all-queue-threads-on-exit-in-virtio_l.patch
# For bz#1694164 - virtio-fs: host<->guest shared file system (qemu)
Patch147: kvm-virtiofsd-add-some-options-to-the-help-message.patch
# For bz#1776638 - Guest failed to boot up after system_reset 20 times
Patch148: kvm-ppc-Deassert-the-external-interrupt-pin-in-KVM-on-re.patch
# For bz#1776638 - Guest failed to boot up after system_reset 20 times
Patch149: kvm-xics-Don-t-deassert-outputs.patch
# For bz#1776638 - Guest failed to boot up after system_reset 20 times
Patch150: kvm-ppc-Don-t-use-CPUPPCState-irq_input_state-with-moder.patch
# For bz#1787395 - qemu-trace-stap list : TypeError: startswith first arg must be bytes or a tuple of bytes, not str
Patch151: kvm-trace-update-qemu-trace-stap-to-Python-3.patch
# For bz#1794503 - CVE-2020-1711 qemu-kvm: QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server [rhel-av-8.2.0]
Patch153: kvm-iscsi-Cap-block-count-from-GET-LBA-STATUS-CVE-2020-1.patch
# For bz#1787444 - Broken postcopy migration with vTPM device
Patch154: kvm-tpm-ppi-page-align-PPI-RAM.patch
# For bz#1647366 - aarch64: Add support for the kvm-no-adjvtime ARM CPU feature
Patch155: kvm-target-arm-kvm-trivial-Clean-up-header-documentation.patch
# For bz#1647366 - aarch64: Add support for the kvm-no-adjvtime ARM CPU feature
Patch156: kvm-target-arm-kvm64-kvm64-cpus-have-timer-registers.patch
# For bz#1647366 - aarch64: Add support for the kvm-no-adjvtime ARM CPU feature
Patch157: kvm-tests-arm-cpu-features-Check-feature-default-values.patch
# For bz#1647366 - aarch64: Add support for the kvm-no-adjvtime ARM CPU feature
Patch158: kvm-target-arm-kvm-Implement-virtual-time-adjustment.patch
# For bz#1647366 - aarch64: Add support for the kvm-no-adjvtime ARM CPU feature
Patch159: kvm-target-arm-cpu-Add-the-kvm-no-adjvtime-CPU-property.patch
# For bz#1529231 - [q35] VM hangs after migration with 200 vCPUs
Patch160: kvm-migration-Define-VMSTATE_INSTANCE_ID_ANY.patch
# For bz#1529231 - [q35] VM hangs after migration with 200 vCPUs
Patch161: kvm-migration-Change-SaveStateEntry.instance_id-into-uin.patch
# For bz#1529231 - [q35] VM hangs after migration with 200 vCPUs
Patch162: kvm-apic-Use-32bit-APIC-ID-for-migration-instance-ID.patch
BuildRequires: wget
BuildRequires: rpm-build
@ -962,9 +990,6 @@ rm $RPM_BUILD_ROOT%{_datadir}/systemtap/tapset/qemu-system-%{kvm_target}-simplet
rm $RPM_BUILD_ROOT%{_datadir}/systemtap/tapset/qemu-system-%{kvm_target}-log.stp
rm $RPM_BUILD_ROOT%{_bindir}/elf2dmp
# Mangle qemu-kvm-stap
sed -i -e '1 s/python/python3/' $RPM_BUILD_ROOT%{_bindir}/qemu-trace-stap
# Install simpletrace
install -m 0755 scripts/simpletrace.py $RPM_BUILD_ROOT%{_datadir}/%{name}/simpletrace.py
# Avoid ambiguous 'python' interpreter name
@ -1309,6 +1334,35 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
%changelog
* Mon Feb 10 2020 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 4.2.0-9.el8
- kvm-ppc-Deassert-the-external-interrupt-pin-in-KVM-on-re.patch [bz#1776638]
- kvm-xics-Don-t-deassert-outputs.patch [bz#1776638]
- kvm-ppc-Don-t-use-CPUPPCState-irq_input_state-with-moder.patch [bz#1776638]
- kvm-trace-update-qemu-trace-stap-to-Python-3.patch [bz#1787395]
- kvm-redhat-Remove-redundant-fix-for-qemu-trace-stap.patch [bz#1787395]
- kvm-iscsi-Cap-block-count-from-GET-LBA-STATUS-CVE-2020-1.patch [bz#1794503]
- kvm-tpm-ppi-page-align-PPI-RAM.patch [bz#1787444]
- kvm-target-arm-kvm-trivial-Clean-up-header-documentation.patch [bz#1647366]
- kvm-target-arm-kvm64-kvm64-cpus-have-timer-registers.patch [bz#1647366]
- kvm-tests-arm-cpu-features-Check-feature-default-values.patch [bz#1647366]
- kvm-target-arm-kvm-Implement-virtual-time-adjustment.patch [bz#1647366]
- kvm-target-arm-cpu-Add-the-kvm-no-adjvtime-CPU-property.patch [bz#1647366]
- kvm-migration-Define-VMSTATE_INSTANCE_ID_ANY.patch [bz#1529231]
- kvm-migration-Change-SaveStateEntry.instance_id-into-uin.patch [bz#1529231]
- kvm-apic-Use-32bit-APIC-ID-for-migration-instance-ID.patch [bz#1529231]
- Resolves: bz#1529231
([q35] VM hangs after migration with 200 vCPUs)
- Resolves: bz#1647366
(aarch64: Add support for the kvm-no-adjvtime ARM CPU feature)
- Resolves: bz#1776638
(Guest failed to boot up after system_reset 20 times)
- Resolves: bz#1787395
(qemu-trace-stap list : TypeError: startswith first arg must be bytes or a tuple of bytes, not str)
- Resolves: bz#1787444
(Broken postcopy migration with vTPM device)
- Resolves: bz#1794503
(CVE-2020-1711 qemu-kvm: QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server [rhel-av-8.2.0])
* Fri Jan 31 2020 Miroslav Rezanina <mrezanin@redhat.com> - 4.2.0-8.el8
- kvm-target-arm-arch_dump-Add-SVE-notes.patch [bz#1725084]
- kvm-vhost-Add-names-to-section-rounded-warning.patch [bz#1779041]