diff --git a/gdb-xml-fix-duplicate-register-in-arm-neon.xml.patch b/gdb-xml-fix-duplicate-register-in-arm-neon.xml.patch new file mode 100644 index 0000000000000000000000000000000000000000..792af946a3d03eea07bb7333f55298b3c624c8a4 --- /dev/null +++ b/gdb-xml-fix-duplicate-register-in-arm-neon.xml.patch @@ -0,0 +1,36 @@ +From 7010b0dd1b6f27b14a0c02c81944513fbd60deab Mon Sep 17 00:00:00 2001 +From: jipengfei_yewu +Date: Mon, 18 Dec 2023 09:58:38 +0000 +Subject: [PATCH] gdb-xml: fix duplicate register in arm-neon.xml +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cheery-pick from 940bb5fa9ca9f71fcc0d06e9de9ac3ab7415d0f2 + +Signed-off-by: jipengfei_yewu +Reviewed-by: Richard Henderson +Fixes: 56aebc8916 ("Add GDB XML register description support") +Reviewed-by: Philippe Mathieu-Daudé +Signed-off-by: Alex Bennée +Message-Id: <20231106185112.2755262-3-alex.bennee@linaro.org> +--- + gdb-xml/arm-neon.xml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/gdb-xml/arm-neon.xml b/gdb-xml/arm-neon.xml +index 9dce0a996f..d61f6b8549 100644 +--- a/gdb-xml/arm-neon.xml ++++ b/gdb-xml/arm-neon.xml +@@ -76,7 +76,7 @@ + + + +- ++ + + + +-- +2.27.0 + diff --git a/hw-i386-pc-Add-missing-property-descriptions.patch b/hw-i386-pc-Add-missing-property-descriptions.patch new file mode 100644 index 0000000000000000000000000000000000000000..d5e699cb077f40d2587ac888692b05053bfd6f7c --- /dev/null +++ b/hw-i386-pc-Add-missing-property-descriptions.patch @@ -0,0 +1,53 @@ +From 5ce3662809ab7a594fcbe024eb81416e8556f5ea Mon Sep 17 00:00:00 2001 +From: boringandboring +Date: Thu, 7 Dec 2023 19:13:02 +0800 +Subject: [PATCH] hw/i386/pc: Add missing property descriptions + +cherry picked from 44bff3767ced18845adb2612a2cf9691d8769d41 + +When running "qemu-system-x86_64 -M pc,help" I noticed that some +properties were still missing their description. Add them now so +that users get at least a slightly better idea what they are all +about. + +Signed-off-by: Thomas Huth +Message-Id: <20211206134255.94784-1-thuth@redhat.com> +Reviewed-by: Igor Mammedov +Reviewed-by: Michael S. Tsirkin +Signed-off-by: Michael S. Tsirkin +Signed-off-by: boringandboring +--- + hw/i386/pc.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/hw/i386/pc.c b/hw/i386/pc.c +index c5f430f83d..7003ea1a05 100644 +--- a/hw/i386/pc.c ++++ b/hw/i386/pc.c +@@ -1726,15 +1726,23 @@ static void pc_machine_class_init(ObjectClass *oc, void *data) + + object_class_property_add_bool(oc, PC_MACHINE_SMBUS, + pc_machine_get_smbus, pc_machine_set_smbus); ++ object_class_property_set_description(oc, PC_MACHINE_SMBUS, ++ "Enable/disable system management bus"); + + object_class_property_add_bool(oc, PC_MACHINE_SATA, + pc_machine_get_sata, pc_machine_set_sata); ++ object_class_property_set_description(oc, PC_MACHINE_SATA, ++ "Enable/disable Serial ATA bus"); + + object_class_property_add_bool(oc, PC_MACHINE_PIT, + pc_machine_get_pit, pc_machine_set_pit); ++ object_class_property_set_description(oc, PC_MACHINE_PIT, ++ "Enable/disable Intel 8254 programmable interval timer emulation"); + + object_class_property_add_bool(oc, "hpet", + pc_machine_get_hpet, pc_machine_set_hpet); ++ object_class_property_set_description(oc, "hpet", ++ "Enable/disable high precision event timer emulation"); + + object_class_property_add_bool(oc, "default-bus-bypass-iommu", + pc_machine_get_default_bus_bypass_iommu, +-- +2.27.0 + diff --git a/hw-qdev-Correct-qdev_connect_gpio_out_named-document.patch b/hw-qdev-Correct-qdev_connect_gpio_out_named-document.patch new file mode 100644 index 0000000000000000000000000000000000000000..e24188a24e6ac93795366ac75fdf22c722f2727a --- /dev/null +++ b/hw-qdev-Correct-qdev_connect_gpio_out_named-document.patch @@ -0,0 +1,48 @@ +From d811c001867a2797048a9e240ca504ceb070f032 Mon Sep 17 00:00:00 2001 +From: boringandboring +Date: Thu, 7 Dec 2023 14:37:34 +0800 +Subject: [PATCH] hw/qdev: Correct qdev_connect_gpio_out_named() documentation +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from 1fbd004b00198fb3f27e52ce7b138b9c13288f78 + +qdev_connect_gpio_out_named() is described as qdev_connect_gpio_out(), +and referring to itself in an endless loop, which is confusing. Fix. + +Signed-off-by: Philippe Mathieu-Daudé +Reviewed-by: Yanan Wang +Message-Id: <20211218130437.1516929-4-f4bug@amsat.org> +Signed-off-by: Philippe Mathieu-Daud¨¦ +Signed-off-by: boringandboring +--- + include/hw/qdev-core.h | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h +index 20d3066595..b2b3406674 100644 +--- a/include/hw/qdev-core.h ++++ b/include/hw/qdev-core.h +@@ -498,7 +498,8 @@ qemu_irq qdev_get_gpio_in_named(DeviceState *dev, const char *name, int n); + */ + void qdev_connect_gpio_out(DeviceState *dev, int n, qemu_irq pin); + /** +- * qdev_connect_gpio_out: Connect one of a device's anonymous output GPIO lines ++ * qdev_connect_gpio_out_named: Connect one of a device's named output ++ GPIO lines + * @dev: Device whose GPIO to connect + * @name: Name of the output GPIO array + * @n: Number of the anonymous output GPIO line (which must be in range) +@@ -520,7 +521,7 @@ void qdev_connect_gpio_out(DeviceState *dev, int n, qemu_irq pin); + * qemu_irqs at once, or to connect multiple outbound GPIOs to the + * same qemu_irq; see qdev_connect_gpio_out() for details. + * +- * For named output GPIO lines, use qdev_connect_gpio_out_named(). ++ * For anonymous output GPIO lines, use qdev_connect_gpio_out(). + */ + void qdev_connect_gpio_out_named(DeviceState *dev, const char *name, int n, + qemu_irq pin); +-- +2.27.0 + diff --git a/hw-qdev-Correct-qdev_init_gpio_out_named-documentati.patch b/hw-qdev-Correct-qdev_init_gpio_out_named-documentati.patch new file mode 100644 index 0000000000000000000000000000000000000000..40be1f99461a98a7a3967317a819823216ffcfd8 --- /dev/null +++ b/hw-qdev-Correct-qdev_init_gpio_out_named-documentati.patch @@ -0,0 +1,39 @@ +From 0f190b4ff346969735faf6a0d3cbbd071257a375 Mon Sep 17 00:00:00 2001 +From: boringandboring +Date: Thu, 7 Dec 2023 14:14:28 +0800 +Subject: [PATCH] hw/qdev: Correct qdev_init_gpio_out_named() documentation +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from 14b0375b39f4acbd2b313a37f5fdf886b0fe74cb + +qdev_init_gpio_out_named() is described as qdev_init_gpio_out(), +and referring to itself in an endless loop, which is confusing. Fix. + +Reported-by: Yanan Wang +Signed-off-by: Philippe Mathieu-Daudé +Reviewed-by: Yanan Wang +Message-Id: <20211218130437.1516929-3-f4bug@amsat.org> +Signed-off-by: Philippe Mathieu-Daudé +Signed-off-by: boringandboring +--- + include/hw/qdev-core.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h +index 20d3066595..1f0b9660cc 100644 +--- a/include/hw/qdev-core.h ++++ b/include/hw/qdev-core.h +@@ -611,7 +611,7 @@ void qdev_init_gpio_in(DeviceState *dev, qemu_irq_handler handler, int n); + */ + void qdev_init_gpio_out(DeviceState *dev, qemu_irq *pins, int n); + /** +- * qdev_init_gpio_out: create an array of named output GPIO lines ++ * qdev_init_gpio_out_named: create an array of named output GPIO lines + * @dev: Device to create output GPIOs for + * @pins: Pointer to qemu_irq or qemu_irq array for the GPIO lines + * @name: Name to give this array of GPIO lines +-- +2.27.0 + diff --git a/hw-qdev-Cosmetic-around-documentation.patch b/hw-qdev-Cosmetic-around-documentation.patch new file mode 100644 index 0000000000000000000000000000000000000000..cacee6c6a06e3ee2e6f1cb1686e3ec0c2b3d2768 --- /dev/null +++ b/hw-qdev-Cosmetic-around-documentation.patch @@ -0,0 +1,117 @@ +From 14c2249a3caa3afc6252ac61fb700378c4d32a40 Mon Sep 17 00:00:00 2001 +From: boringandboring +Date: Thu, 7 Dec 2023 11:13:33 +0800 +Subject: [PATCH] hw/qdev: Cosmetic around documentation +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from 694804ed7b26e66e114a2330887187d697a0d92b + +Add empty lines to have a clearer distinction between different +functions declarations. + +Signed-off-by: Philippe Mathieu-Daudé +Reviewed-by: Yanan Wang +Message-Id: <20211218130437.1516929-2-f4bug@amsat.org> +Signed-off-by: Philippe Mathieu-Daudé +Signed-off-by: boringandboring +--- + include/hw/qdev-core.h | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h +index 20d3066595..59a822ffce 100644 +--- a/include/hw/qdev-core.h ++++ b/include/hw/qdev-core.h +@@ -321,6 +321,7 @@ compat_props_add(GPtrArray *arr, + * The returned object has a reference count of 1. + */ + DeviceState *qdev_new(const char *name); ++ + /** + * qdev_try_new: Try to create a device on the heap + * @name: device type to create +@@ -329,6 +330,7 @@ DeviceState *qdev_new(const char *name); + * does not exist, rather than asserting. + */ + DeviceState *qdev_try_new(const char *name); ++ + /** + * qdev_realize: Realize @dev. + * @dev: device to realize +@@ -347,6 +349,7 @@ DeviceState *qdev_try_new(const char *name); + * qdev_realize_and_unref() instead. + */ + bool qdev_realize(DeviceState *dev, BusState *bus, Error **errp); ++ + /** + * qdev_realize_and_unref: Realize @dev and drop a reference + * @dev: device to realize +@@ -372,6 +375,7 @@ bool qdev_realize(DeviceState *dev, BusState *bus, Error **errp); + * would be incorrect. For that use case you want qdev_realize(). + */ + bool qdev_realize_and_unref(DeviceState *dev, BusState *bus, Error **errp); ++ + /** + * qdev_unrealize: Unrealize a device + * @dev: device to unrealize +@@ -450,6 +454,7 @@ typedef enum { + * For named input GPIO lines, use qdev_get_gpio_in_named(). + */ + qemu_irq qdev_get_gpio_in(DeviceState *dev, int n); ++ + /** + * qdev_get_gpio_in_named: Get one of a device's named input GPIO lines + * @dev: Device whose GPIO we want +@@ -497,6 +502,7 @@ qemu_irq qdev_get_gpio_in_named(DeviceState *dev, const char *name, int n); + * For named output GPIO lines, use qdev_connect_gpio_out_named(). + */ + void qdev_connect_gpio_out(DeviceState *dev, int n, qemu_irq pin); ++ + /** + * qdev_connect_gpio_out: Connect one of a device's anonymous output GPIO lines + * @dev: Device whose GPIO to connect +@@ -524,6 +530,7 @@ void qdev_connect_gpio_out(DeviceState *dev, int n, qemu_irq pin); + */ + void qdev_connect_gpio_out_named(DeviceState *dev, const char *name, int n, + qemu_irq pin); ++ + /** + * qdev_get_gpio_out_connector: Get the qemu_irq connected to an output GPIO + * @dev: Device whose output GPIO we are interested in +@@ -541,6 +548,7 @@ void qdev_connect_gpio_out_named(DeviceState *dev, const char *name, int n, + * by the platform-bus subsystem. + */ + qemu_irq qdev_get_gpio_out_connector(DeviceState *dev, const char *name, int n); ++ + /** + * qdev_intercept_gpio_out: Intercept an existing GPIO connection + * @dev: Device to intercept the outbound GPIO line from +@@ -582,6 +590,7 @@ BusState *qdev_get_child_bus(DeviceState *dev, const char *name); + * hold of an input GPIO line to manipulate it. + */ + void qdev_init_gpio_in(DeviceState *dev, qemu_irq_handler handler, int n); ++ + /** + * qdev_init_gpio_out: create an array of anonymous output GPIO lines + * @dev: Device to create output GPIOs for +@@ -610,6 +619,7 @@ void qdev_init_gpio_in(DeviceState *dev, qemu_irq_handler handler, int n); + * handler. + */ + void qdev_init_gpio_out(DeviceState *dev, qemu_irq *pins, int n); ++ + /** + * qdev_init_gpio_out: create an array of named output GPIO lines + * @dev: Device to create output GPIOs for +@@ -623,6 +633,7 @@ void qdev_init_gpio_out(DeviceState *dev, qemu_irq *pins, int n); + */ + void qdev_init_gpio_out_named(DeviceState *dev, qemu_irq *pins, + const char *name, int n); ++ + /** + * qdev_init_gpio_in_named_with_opaque: create an array of input GPIO lines + * for the specified device +-- +2.27.0 + diff --git a/hw-scsi-vhost-scsi-don-t-double-close-vhostfd-on-err.patch b/hw-scsi-vhost-scsi-don-t-double-close-vhostfd-on-err.patch new file mode 100644 index 0000000000000000000000000000000000000000..84db18055bf4c0b9627b072c8d2de7c669ce60d5 --- /dev/null +++ b/hw-scsi-vhost-scsi-don-t-double-close-vhostfd-on-err.patch @@ -0,0 +1,49 @@ +From 69f5f16cee63b0d07ee612b59a0d125780c13bdb Mon Sep 17 00:00:00 2001 +From: boringandboring +Date: Fri, 8 Dec 2023 09:13:42 +0800 +Subject: [PATCH] hw/scsi/vhost-scsi: don't double close vhostfd on error + +cherry picked from 539ba1acacb11a0f27a7e7ff7e2a7c1294e0a1ea + +vhost_dev_init calls vhost_dev_cleanup on error, which closes vhostfd, +don't double close it. + +Signed-off-by: Daniil Tatianin +Message-Id: <20211129132358.1110372-2-d-tatianin@yandex-team.ru> +Reviewed-by: Michael S. Tsirkin +Signed-off-by: Michael S. Tsirkin +Signed-off-by: boringandboring +--- + hw/scsi/vhost-scsi.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/hw/scsi/vhost-scsi.c b/hw/scsi/vhost-scsi.c +index b0a9c45e43..5536cc8a88 100644 +--- a/hw/scsi/vhost-scsi.c ++++ b/hw/scsi/vhost-scsi.c +@@ -220,6 +220,11 @@ static void vhost_scsi_realize(DeviceState *dev, Error **errp) + ret = vhost_dev_init(&vsc->dev, (void *)(uintptr_t)vhostfd, + VHOST_BACKEND_TYPE_KERNEL, 0, errp); + if (ret < 0) { ++ /* ++ * vhost_dev_init calls vhost_dev_cleanup on error, which closes ++ * vhostfd, don't double close it. ++ */ ++ vhostfd = -1; + goto free_vqs; + } + +@@ -240,7 +245,9 @@ static void vhost_scsi_realize(DeviceState *dev, Error **errp) + error_free(vsc->migration_blocker); + virtio_scsi_common_unrealize(dev); + close_fd: +- close(vhostfd); ++ if (vhostfd >= 0) { ++ close(vhostfd); ++ } + return; + } + +-- +2.27.0 + diff --git a/hw-scsi-vhost-scsi-don-t-leak-vqs-on-error.patch b/hw-scsi-vhost-scsi-don-t-leak-vqs-on-error.patch new file mode 100644 index 0000000000000000000000000000000000000000..5d898ce546de60926c05cce0fede7bbf0102b9e6 --- /dev/null +++ b/hw-scsi-vhost-scsi-don-t-leak-vqs-on-error.patch @@ -0,0 +1,55 @@ +From ad55425ad09197b443c150828ac16dbf4242141f Mon Sep 17 00:00:00 2001 +From: boringandboring +Date: Thu, 7 Dec 2023 19:45:33 +0800 +Subject: [PATCH] hw/scsi/vhost-scsi: don't leak vqs on error + +cherry picked from b259772afc29ef6af4e911d8e695dd7e2ed31066 + +vhost_dev_init calls vhost_dev_cleanup in case of an error during +initialization, which zeroes out the entire vsc->dev as well as the +vsc->dev.vqs pointer. This prevents us from properly freeing it in free_vqs. +Keep a local copy of the pointer so we can free it later. + +Signed-off-by: Daniil Tatianin +Message-Id: <20211129132358.1110372-1-d-tatianin@yandex-team.ru> +Reviewed-by: Michael S. Tsirkin +Signed-off-by: Michael S. Tsirkin +Signed-off-by: boringandboring +--- + hw/scsi/vhost-scsi.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/hw/scsi/vhost-scsi.c b/hw/scsi/vhost-scsi.c +index b0a9c45e43..2fbc7f039d 100644 +--- a/hw/scsi/vhost-scsi.c ++++ b/hw/scsi/vhost-scsi.c +@@ -170,6 +170,7 @@ static void vhost_scsi_realize(DeviceState *dev, Error **errp) + Error *err = NULL; + int vhostfd = -1; + int ret; ++ struct vhost_virtqueue *vqs = NULL; + + if (!vs->conf.wwpn) { + error_setg(errp, "vhost-scsi: missing wwpn"); +@@ -213,7 +214,8 @@ static void vhost_scsi_realize(DeviceState *dev, Error **errp) + } + + vsc->dev.nvqs = VHOST_SCSI_VQ_NUM_FIXED + vs->conf.num_queues; +- vsc->dev.vqs = g_new0(struct vhost_virtqueue, vsc->dev.nvqs); ++ vqs = g_new0(struct vhost_virtqueue, vsc->dev.nvqs); ++ vsc->dev.vqs = vqs; + vsc->dev.vq_index = 0; + vsc->dev.backend_features = 0; + +@@ -232,7 +234,7 @@ static void vhost_scsi_realize(DeviceState *dev, Error **errp) + return; + + free_vqs: +- g_free(vsc->dev.vqs); ++ g_free(vqs); + if (!vsc->migratable) { + migrate_del_blocker(vsc->migration_blocker); + } +-- +2.27.0 + diff --git a/hw-usb-hcd-xhci.c-spelling-tranfer.patch b/hw-usb-hcd-xhci.c-spelling-tranfer.patch new file mode 100644 index 0000000000000000000000000000000000000000..c5a5189d41f8cd1bc8b6ebf8bb68cf8720caadbd --- /dev/null +++ b/hw-usb-hcd-xhci.c-spelling-tranfer.patch @@ -0,0 +1,38 @@ +From 755899cd2cb3d808717da99fa1447c3c81cc0dce Mon Sep 17 00:00:00 2001 +From: zhujun2 +Date: Thu, 7 Dec 2023 18:03:12 -0800 +Subject: [PATCH] hw/usb/hcd-xhci.c: spelling: tranfer + +mainline inclusion +commit d68640f515320bf38617b68c970b569997cf0444 +category: bugfix + +--------------------------------------------------------------- + +Fixes: effaf5a240e03020f4ae953e10b764622c3e87cc +Signed-off-by: Michael Tokarev +Reviewed-by: Thomas Huth +Reviewed-by: Stefan Weil +Message-Id: <20221105114851.306206-1-mjt@msgid.tls.msk.ru> +Signed-off-by: Gerd Hoffmann +Signed-off-by: zhujun2 +--- + hw/usb/hcd-xhci.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c +index ac02548dcf..40300e1bcd 100644 +--- a/hw/usb/hcd-xhci.c ++++ b/hw/usb/hcd-xhci.c +@@ -775,7 +775,7 @@ static int xhci_ring_chain_length(XHCIState *xhci, const XHCIRing *ring) + */ + } while (length < TRB_LINK_LIMIT * 65536 / TRB_SIZE); + +- qemu_log_mask(LOG_GUEST_ERROR, "%s: exceeded maximum tranfer ring size!\n", ++ qemu_log_mask(LOG_GUEST_ERROR, "%s: exceeded maximum transfer ring size!\n", + __func__); + + return -1; +-- +2.27.0 + diff --git a/i386-sev-Avoid-SEV-ES-crash-due-to-missing-MSR_EFER_.patch b/i386-sev-Avoid-SEV-ES-crash-due-to-missing-MSR_EFER_.patch new file mode 100644 index 0000000000000000000000000000000000000000..50fd9c46e8e9da698371afa990cd4eb2a4e6659d --- /dev/null +++ b/i386-sev-Avoid-SEV-ES-crash-due-to-missing-MSR_EFER_.patch @@ -0,0 +1,73 @@ +From 92b95a2982e192b90b45a988afe81e253862690f Mon Sep 17 00:00:00 2001 +From: tangzhongrui +Date: Thu, 7 Dec 2023 20:06:08 +0800 +Subject: [PATCH] i386/sev: Avoid SEV-ES crash due to missing MSR_EFER_LMA + bit +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + + Commit 7191f24c7fcf ("accel/kvm/kvm-all: Handle register access errors") + added error checking for KVM_SET_SREGS/KVM_SET_SREGS2. In doing so, it + exposed a long-running bug in current KVM support for SEV-ES where the + kernel assumes that MSR_EFER_LMA will be set explicitly by the guest + kernel, in which case EFER write traps would result in KVM eventually + seeing MSR_EFER_LMA get set and recording it in such a way that it would + be subsequently visible when accessing it via KVM_GET_SREGS/etc. + + However, guest kernels currently rely on MSR_EFER_LMA getting set + automatically when MSR_EFER_LME is set and paging is enabled via + CR0_PG_MASK. As a result, the EFER write traps don't actually expose the + MSR_EFER_LMA bit, even though it is set internally, and when QEMU + subsequently tries to pass this EFER value back to KVM via + KVM_SET_SREGS* it will fail various sanity checks and return -EINVAL, + which is now considered fatal due to the aforementioned QEMU commit. + + This can be addressed by inferring the MSR_EFER_LMA bit being set when + paging is enabled and MSR_EFER_LME is set, and synthesizing it to ensure + the expected bits are all present in subsequent handling on the host + side. + + Ultimately, this handling will be implemented in the host kernel, but to + avoid breaking QEMU's SEV-ES support when using older host kernels, the + same handling can be done in QEMU just after fetching the register + values via KVM_GET_SREGS*. Implement that here. + + Cc: Paolo Bonzini + Cc: Marcelo Tosatti + Cc: Tom Lendacky + Cc: Akihiko Odaki + Cc: Philippe Mathieu-Daudé + Cc: Lara Lazier + Cc: Vitaly Kuznetsov + Cc: Maxim Levitsky + Cc: + Fixes: 7191f24c7fcf ("accel/kvm/kvm-all: Handle register access errors") + Signed-off-by: Michael Roth + Acked-by: Paolo Bonzini + Signed-off-by: Stefan Hajnoczi + Message-ID: <20231206155821.1194551-1-michael.roth@amd.com> + + Signed-off-by: Zhongrui Tang +--- + target/i386/kvm/kvm.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c +index 55ee75e844..54e48530ad 100644 +--- a/target/i386/kvm/kvm.c ++++ b/target/i386/kvm/kvm.c +@@ -3420,6 +3420,10 @@ static int kvm_get_sregs(X86CPU *cpu) + env->cr[4] = sregs.cr4; + + env->efer = sregs.efer; ++ if (sev_es_enabled() && env->efer & MSR_EFER_LME && ++ env->cr[0] & CR0_PG_MASK) { ++ env->efer |= MSR_EFER_LMA; ++ } + + /* changes to apic base and cr8/tpr are read back via kvm_arch_post_run */ + x86_update_hflags(env); +-- +2.27.0 + diff --git a/iotests-fix-default-machine-type-detection.patch b/iotests-fix-default-machine-type-detection.patch new file mode 100644 index 0000000000000000000000000000000000000000..47910b76f6d8f200ae244a760e08d405feb28bdb --- /dev/null +++ b/iotests-fix-default-machine-type-detection.patch @@ -0,0 +1,40 @@ +From 1c60628eef43847595723a65ff9fd57f38cc70de Mon Sep 17 00:00:00 2001 +From: jipengfei_yewu +Date: Mon, 18 Dec 2023 09:57:38 +0000 +Subject: [PATCH] iotests: fix default machine type detection + +The machine type is being detected based on "-M help" output, and we're +searching for the line ending with " (default)". However, in downstream +one of the machine types s marked as deprecated might become the +default, in which case this logic breaks as the line would now end with +" (default) (deprecated)". To fix potential issues here, let's relax +that requirement and detect the mere presence of " (default)" line +instead. + +cheery-pick from 3b7094fe8329c5c7bb0d685e1876aa30f59bece6 + +Signed-off-by: jipengfei_yewu +Signed-off-by: Andrey Drobyshev +Message-ID: <20231122121538.32903-1-andrey.drobyshev@virtuozzo.com> +Reviewed-by: Kevin Wolf +Signed-off-by: Kevin Wolf +--- + tests/qemu-iotests/testenv.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/qemu-iotests/testenv.py b/tests/qemu-iotests/testenv.py +index 26ae6945cc..993e9c56be 100644 +--- a/tests/qemu-iotests/testenv.py ++++ b/tests/qemu-iotests/testenv.py +@@ -40,7 +40,7 @@ def get_default_machine(qemu_prog: str) -> str: + + machines = outp.split('\n') + try: +- default_machine = next(m for m in machines if m.endswith(' (default)')) ++ default_machine = next(m for m in machines if ' (default)' in m) + except StopIteration: + return '' + default_machine = default_machine.split(' ', 1)[0] +-- +2.27.0 + diff --git a/migration-Set-downtime_start-even-for-postcopy.patch b/migration-Set-downtime_start-even-for-postcopy.patch new file mode 100644 index 0000000000000000000000000000000000000000..8aa72cb45c29beb8604b2910a892100f5fd04ae4 --- /dev/null +++ b/migration-Set-downtime_start-even-for-postcopy.patch @@ -0,0 +1,57 @@ +From 9708192479d7f6507392a338f8f43b3be4c8188d Mon Sep 17 00:00:00 2001 +From: qihao +Date: Mon, 18 Dec 2023 15:19:48 +0800 +Subject: [PATCH] migration: Set downtime_start even for postcopy + +cheery-pick from 62f5da7dd10a594fb30cebb5569dc738456f7131 + +Postcopy calculates its downtime separately. It always sets +MigrationState.downtime properly, but not MigrationState.downtime_start. + +Make postcopy do the same as other modes on properly recording the +timestamp when the VM is going to be stopped. Drop the temporary variable +in postcopy_start() along the way. + +Signed-off-by: Peter Xu +Reviewed-by: Fabiano Rosas +Reviewed-by: Juan Quintela +Signed-off-by: Juan Quintela +Message-ID: <20231030163346.765724-2-peterx@redhat.com> +Signed-off-by: qihao_yewu +--- + migration/migration.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/migration/migration.c b/migration/migration.c +index 6b5445853a..7ca5b58839 100644 +--- a/migration/migration.c ++++ b/migration/migration.c +@@ -2989,7 +2989,6 @@ static int postcopy_start(MigrationState *ms) + int ret; + QIOChannelBuffer *bioc; + QEMUFile *fb; +- int64_t time_at_stop = qemu_clock_get_ms(QEMU_CLOCK_REALTIME); + int64_t bandwidth = migrate_max_postcopy_bandwidth(); + bool restart_block = false; + int cur_state = MIGRATION_STATUS_ACTIVE; +@@ -3002,6 +3001,8 @@ static int postcopy_start(MigrationState *ms) + qemu_mutex_lock_iothread(); + trace_postcopy_start_set_run(); + ++ ms->downtime_start = qemu_clock_get_ms(QEMU_CLOCK_REALTIME); ++ + qemu_system_wakeup_request(QEMU_WAKEUP_REASON_OTHER, NULL); + global_state_store(); + ret = vm_stop_force_state(RUN_STATE_FINISH_MIGRATE); +@@ -3112,7 +3113,7 @@ static int postcopy_start(MigrationState *ms) + ms->postcopy_after_devices = true; + notifier_list_notify(&migration_state_notifiers, ms); + +- ms->downtime = qemu_clock_get_ms(QEMU_CLOCK_REALTIME) - time_at_stop; ++ ms->downtime = qemu_clock_get_ms(QEMU_CLOCK_REALTIME) - ms->downtime_start; + + qemu_mutex_unlock_iothread(); + +-- +2.27.0 + diff --git a/migration-fix-RAMBlock-add-NULL-check.patch b/migration-fix-RAMBlock-add-NULL-check.patch new file mode 100644 index 0000000000000000000000000000000000000000..88cd6302d3f9e1a30451484121effcc9c5687a10 --- /dev/null +++ b/migration-fix-RAMBlock-add-NULL-check.patch @@ -0,0 +1,41 @@ +From 03569a14e7ae428bad59a4e11637c900ff436816 Mon Sep 17 00:00:00 2001 +From: jipengfei +Date: Mon, 18 Dec 2023 16:56:15 +0800 +Subject: [PATCH] migration: fix RAMBlock add NULL check + +qemu_ram_block_from_host() may return NULL, which will be dereferenced w/o +check. Usualy return value is checked for this function. +Found by Linux Verification Center (linuxtesting.org) with SVACE. + +cheery-pick from f75ed59f40bed3ce94adad4b3ebbb7bfacfdf4ab + +Signed-off-by: jipengfei_yewu +Signed-off-by: Dmitry Frolov +Reviewed-by: Fabiano Rosas +Reviewed-by: Peter Xu +Reviewed-by: Juan Quintela +Signed-off-by: Juan Quintela +Message-ID: <20231010104851.802947-1-frolov@swemel.ru> +--- + migration/ram.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/migration/ram.c b/migration/ram.c +index 862955f5b2..c245b04cf2 100644 +--- a/migration/ram.c ++++ b/migration/ram.c +@@ -4679,6 +4679,11 @@ static void ram_mig_ram_block_resized(RAMBlockNotifier *n, void *host, + RAMBlock *rb = qemu_ram_block_from_host(host, false, &offset); + Error *err = NULL; + ++ if (!rb) { ++ error_report("RAM block not found"); ++ return; ++ } ++ + if (ramblock_is_ignored(rb)) { + return; + } +-- +2.27.0 + diff --git a/pci-Export-the-pci_intx-function.patch b/pci-Export-the-pci_intx-function.patch new file mode 100644 index 0000000000000000000000000000000000000000..732b6717538c970b9326ca1107176100b7e88a4c --- /dev/null +++ b/pci-Export-the-pci_intx-function.patch @@ -0,0 +1,59 @@ +From 0d74ea5e0426c6ebf8666e8b88469b838d03ea01 Mon Sep 17 00:00:00 2001 +From: boringandboring +Date: Thu, 7 Dec 2023 16:55:35 +0800 +Subject: [PATCH] pci: Export the pci_intx() function +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from 2fedf46e34d2377760b2d26cf85487b772bca6fa + +Move the pci_intx() definition to the PCI header file, so that it can +be called from other PCI files. It is used by the next patch. + +Signed-off-by: Frederic Barrat +Message-Id: <20211116170133.724751-3-fbarrat@linux.ibm.com> +Reviewed-by: Michael S. Tsirkin +Signed-off-by: Michael S. Tsirkin +Reviewed-by: Cédric Le Goater +Signed-off-by: boringandboring +--- + hw/pci/pci.c | 5 ----- + include/hw/pci/pci.h | 5 +++++ + 2 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/hw/pci/pci.c b/hw/pci/pci.c +index 7a62f0e1fc..9ea67dba31 100644 +--- a/hw/pci/pci.c ++++ b/hw/pci/pci.c +@@ -1504,11 +1504,6 @@ static void pci_irq_handler(void *opaque, int irq_num, int level) + pci_change_irq_level(pci_dev, irq_num, change); + } + +-static inline int pci_intx(PCIDevice *pci_dev) +-{ +- return pci_get_byte(pci_dev->config + PCI_INTERRUPT_PIN) - 1; +-} +- + qemu_irq pci_allocate_irq(PCIDevice *pci_dev) + { + int intx = pci_intx(pci_dev); +diff --git a/include/hw/pci/pci.h b/include/hw/pci/pci.h +index 5b36334a28..483d5c7c72 100644 +--- a/include/hw/pci/pci.h ++++ b/include/hw/pci/pci.h +@@ -735,6 +735,11 @@ void lsi53c8xx_handle_legacy_cmdline(DeviceState *lsi_dev); + qemu_irq pci_allocate_irq(PCIDevice *pci_dev); + void pci_set_irq(PCIDevice *pci_dev, int level); + ++static inline int pci_intx(PCIDevice *pci_dev) ++{ ++ return pci_get_byte(pci_dev->config + PCI_INTERRUPT_PIN) - 1; ++} ++ + static inline void pci_irq_assert(PCIDevice *pci_dev) + { + pci_set_irq(pci_dev, 1); +-- +2.27.0 + diff --git a/pcie_aer-Don-t-trigger-a-LSI-if-none-are-defined.patch b/pcie_aer-Don-t-trigger-a-LSI-if-none-are-defined.patch new file mode 100644 index 0000000000000000000000000000000000000000..c4462b724006ede86401d7e38c385db71052aab2 --- /dev/null +++ b/pcie_aer-Don-t-trigger-a-LSI-if-none-are-defined.patch @@ -0,0 +1,42 @@ +From 77633ce67c1cff764fe4951a6837462f51ace8aa Mon Sep 17 00:00:00 2001 +From: boringandboring +Date: Thu, 7 Dec 2023 17:00:28 +0800 +Subject: [PATCH] pcie_aer: Don't trigger a LSI if none are defined +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from 20766514d602c50b870ae943aaa8e5b9e2e8a161 + +Skip triggering an LSI when the AER root error status is updated if no +LSI is defined for the device. We can have a root bridge with no LSI, +MSI and MSI-X defined, for example on POWER systems. + +Signed-off-by: Frederic Barrat +Message-Id: <20211116170133.724751-4-fbarrat@linux.ibm.com> +Reviewed-by: Michael S. Tsirkin +Signed-off-by: Michael S. Tsirkin +Reviewed-by: Cédric Le Goater +Signed-off-by: boringandboring +--- + hw/pci/pcie_aer.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/hw/pci/pcie_aer.c b/hw/pci/pcie_aer.c +index 27f9cc56af..e1a8a88c8c 100644 +--- a/hw/pci/pcie_aer.c ++++ b/hw/pci/pcie_aer.c +@@ -774,7 +774,9 @@ void pcie_aer_root_write_config(PCIDevice *dev, + uint32_t root_cmd = pci_get_long(aer_cap + PCI_ERR_ROOT_COMMAND); + /* 6.2.4.1.2 Interrupt Generation */ + if (!msix_enabled(dev) && !msi_enabled(dev)) { +- pci_set_irq(dev, !!(root_cmd & enabled_cmd)); ++ if (pci_intx(dev) != -1) { ++ pci_set_irq(dev, !!(root_cmd & enabled_cmd)); ++ } + return; + } + +-- +2.27.0 + diff --git a/ppc-spelling-fixes.patch b/ppc-spelling-fixes.patch new file mode 100644 index 0000000000000000000000000000000000000000..127101b5e1852db4de3f9acb95856addece1b1dc --- /dev/null +++ b/ppc-spelling-fixes.patch @@ -0,0 +1,271 @@ +From 0adb55804594e60380450c7644a05f9cfc4ebb8a Mon Sep 17 00:00:00 2001 +From: zhujun2 +Date: Sun, 26 Nov 2023 18:34:45 -0800 +Subject: [PATCH] ppc: spelling fixes +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +mainline inclusion +commit e6a19a6477407e57b4deb61aaa497a14d7db9626 +category: bugfix + +Signed-off-by: Michael Tokarev +Reviewed-by: Cédric Le Goater +Signed-off-by: zhujun2 +--- + hw/ppc/ppc.c | 2 +- + hw/ppc/prep_systemio.c | 2 +- + hw/ppc/spapr.c | 8 ++++---- + hw/ppc/spapr_hcall.c | 2 +- + hw/ppc/spapr_nvdimm.c | 2 +- + hw/ppc/spapr_pci_vfio.c | 2 +- + include/hw/ppc/openpic.h | 2 +- + include/hw/ppc/spapr.h | 2 +- + target/ppc/cpu-models.h | 4 ++-- + target/ppc/cpu.h | 2 +- + target/ppc/cpu_init.c | 2 +- + target/ppc/excp_helper.c | 2 +- + target/ppc/power8-pmu-regs.c.inc | 4 ++-- + target/ppc/translate/vmx-impl.c.inc | 4 ++-- + 14 files changed, 20 insertions(+), 20 deletions(-) + +diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c +index cf90ab7805..6396bbe523 100644 +--- a/hw/ppc/ppc.c ++++ b/hw/ppc/ppc.c +@@ -745,7 +745,7 @@ target_ulong cpu_ppc_load_decr(CPUPPCState *env) + decr = _cpu_ppc_load_decr(env, tb_env->decr_next); + + /* +- * If large decrementer is enabled then the decrementer is signed extened ++ * If large decrementer is enabled then the decrementer is signed extended + * to 64 bits, otherwise it is a 32 bit value. + */ + if (env->spr[SPR_LPCR] & LPCR_LD) { +diff --git a/hw/ppc/prep_systemio.c b/hw/ppc/prep_systemio.c +index b2bd783248..e51da91de5 100644 +--- a/hw/ppc/prep_systemio.c ++++ b/hw/ppc/prep_systemio.c +@@ -39,7 +39,7 @@ + #define TYPE_PREP_SYSTEMIO "prep-systemio" + OBJECT_DECLARE_SIMPLE_TYPE(PrepSystemIoState, PREP_SYSTEMIO) + +-/* Bit as defined in PowerPC Reference Plaform v1.1, sect. 6.1.5, p. 132 */ ++/* Bit as defined in PowerPC Reference Platform v1.1, sect. 6.1.5, p. 132 */ + #define PREP_BIT(n) (1 << (7 - (n))) + + struct PrepSystemIoState { +diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c +index 3b5fd749be..7f352ceaaa 100644 +--- a/hw/ppc/spapr.c ++++ b/hw/ppc/spapr.c +@@ -2488,7 +2488,7 @@ static void spapr_set_vsmt_mode(SpaprMachineState *spapr, Error **errp) + return; + } + +- /* Detemine the VSMT mode to use: */ ++ /* Determine the VSMT mode to use: */ + if (vsmt_user) { + if (spapr->vsmt < smp_threads) { + error_setg(errp, "Cannot support VSMT mode %d" +@@ -3016,7 +3016,7 @@ static int spapr_kvm_type(MachineState *machine, const char *vm_type) + { + /* + * The use of g_ascii_strcasecmp() for 'hv' and 'pr' is to +- * accomodate the 'HV' and 'PV' formats that exists in the ++ * accommodate the 'HV' and 'PV' formats that exists in the + * wild. The 'auto' mode is being introduced already as + * lower-case, thus we don't need to bother checking for + * "AUTO". +@@ -4250,7 +4250,7 @@ spapr_cpu_index_to_props(MachineState *machine, unsigned cpu_index) + CPUArchId *core_slot; + MachineClass *mc = MACHINE_GET_CLASS(machine); + +- /* make sure possible_cpu are intialized */ ++ /* make sure possible_cpu are initialized */ + mc->possible_cpu_arch_ids(machine); + /* get CPU core slot containing thread that matches cpu_index */ + core_slot = spapr_find_cpu_slot(machine, cpu_index, NULL); +@@ -4870,7 +4870,7 @@ static void spapr_machine_2_12_class_options(MachineClass *mc) + + /* We depend on kvm_enabled() to choose a default value for the + * hpt-max-page-size capability. Of course we can't do it here +- * because this is too early and the HW accelerator isn't initialzed ++ * because this is too early and the HW accelerator isn't initialized + * yet. Postpone this to machine init (see default_caps_with_cpu()). + */ + smc->default_caps.caps[SPAPR_CAP_HPT_MAXPAGESIZE] = 0; +diff --git a/hw/ppc/spapr_hcall.c b/hw/ppc/spapr_hcall.c +index 222c1b6bbd..5364bbcffa 100644 +--- a/hw/ppc/spapr_hcall.c ++++ b/hw/ppc/spapr_hcall.c +@@ -1532,7 +1532,7 @@ static void hypercall_register_types(void) + spapr_register_hypercall(H_GET_CPU_CHARACTERISTICS, + h_get_cpu_characteristics); + +- /* "debugger" hcalls (also used by SLOF). Note: We do -not- differenciate ++ /* "debugger" hcalls (also used by SLOF). Note: We do -not- differentiate + * here between the "CI" and the "CACHE" variants, they will use whatever + * mapping attributes qemu is using. When using KVM, the kernel will + * enforce the attributes more strongly +diff --git a/hw/ppc/spapr_nvdimm.c b/hw/ppc/spapr_nvdimm.c +index 91de1052f2..b111380a45 100644 +--- a/hw/ppc/spapr_nvdimm.c ++++ b/hw/ppc/spapr_nvdimm.c +@@ -336,7 +336,7 @@ static target_ulong h_scm_bind_mem(PowerPCCPU *cpu, SpaprMachineState *spapr, + + /* + * Currently continue token should be zero qemu has already bound +- * everything and this hcall doesnt return H_BUSY. ++ * everything and this hcall doesn't return H_BUSY. + */ + if (continue_token > 0) { + return H_P5; +diff --git a/hw/ppc/spapr_pci_vfio.c b/hw/ppc/spapr_pci_vfio.c +index 2a76b4e0b5..6326948143 100644 +--- a/hw/ppc/spapr_pci_vfio.c ++++ b/hw/ppc/spapr_pci_vfio.c +@@ -77,7 +77,7 @@ int spapr_phb_vfio_eeh_set_option(SpaprPhbState *sphb, + * call. Now we just need to check the validity of the PCI + * pass-through devices (vfio-pci) under this sphb bus. + * We have already validated that all the devices under this sphb +- * are from same iommu group (within same PE) before comming here. ++ * are from same iommu group (within same PE) before coming here. + * + * Prior to linux commit 98ba956f6a389 ("powerpc/pseries/eeh: + * Rework device EEH PE determination") kernel would call +diff --git a/include/hw/ppc/openpic.h b/include/hw/ppc/openpic.h +index ebdaf8a493..44976e6b07 100644 +--- a/include/hw/ppc/openpic.h ++++ b/include/hw/ppc/openpic.h +@@ -14,7 +14,7 @@ enum { + OPENPIC_OUTPUT_INT = 0, /* IRQ */ + OPENPIC_OUTPUT_CINT, /* critical IRQ */ + OPENPIC_OUTPUT_MCK, /* Machine check event */ +- OPENPIC_OUTPUT_DEBUG, /* Inconditional debug event */ ++ OPENPIC_OUTPUT_DEBUG, /* Unconditional debug event */ + OPENPIC_OUTPUT_RESET, /* Core reset event */ + OPENPIC_OUTPUT_NB, + }; +diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h +index ee7504b976..316b80318e 100644 +--- a/include/hw/ppc/spapr.h ++++ b/include/hw/ppc/spapr.h +@@ -179,7 +179,7 @@ struct SpaprMachineState { + SpaprResizeHpt resize_hpt; + void *htab; + uint32_t htab_shift; +- uint64_t patb_entry; /* Process tbl registed in H_REGISTER_PROC_TBL */ ++ uint64_t patb_entry; /* Process tbl registered in H_REGISTER_PROC_TBL */ + SpaprPendingHpt *pending_hpt; /* in-progress resize */ + + hwaddr rma_size; +diff --git a/target/ppc/cpu-models.h b/target/ppc/cpu-models.h +index 0952592759..75ea085bd5 100644 +--- a/target/ppc/cpu-models.h ++++ b/target/ppc/cpu-models.h +@@ -63,7 +63,7 @@ enum { + /* PowerPC 405 cores */ + CPU_POWERPC_405D2 = 0x20010000, + CPU_POWERPC_405D4 = 0x41810000, +- /* PowerPC 405 microcontrolers */ ++ /* PowerPC 405 microcontrollers */ + /* XXX: missing 0x200108a0 */ + CPU_POWERPC_405CRa = 0x40110041, + CPU_POWERPC_405CRb = 0x401100C5, +@@ -93,7 +93,7 @@ enum { + #define CPU_POWERPC_440 CPU_POWERPC_440GXf + /* PowerPC 440 cores */ + CPU_POWERPC_440_XILINX = 0x7ff21910, +- /* PowerPC 440 microcontrolers */ ++ /* PowerPC 440 microcontrollers */ + CPU_POWERPC_440EPa = 0x42221850, + CPU_POWERPC_440EPb = 0x422218D3, + CPU_POWERPC_440GPb = 0x40120440, +diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h +index e946da5f3a..26312f9d5f 100644 +--- a/target/ppc/cpu.h ++++ b/target/ppc/cpu.h +@@ -345,7 +345,7 @@ typedef struct ppc_v3_pate_t { + + /* PMU bits */ + #define MMCR0_FC PPC_BIT(32) /* Freeze Counters */ +-#define MMCR0_PMAO PPC_BIT(56) /* Perf Monitor Alert Ocurred */ ++#define MMCR0_PMAO PPC_BIT(56) /* Perf Monitor Alert Occurred */ + #define MMCR0_PMAE PPC_BIT(37) /* Perf Monitor Alert Enable */ + #define MMCR0_EBE PPC_BIT(43) /* Perf Monitor EBB Enable */ + #define MMCR0_FCECE PPC_BIT(38) /* FC on Enabled Cond or Event */ +diff --git a/target/ppc/cpu_init.c b/target/ppc/cpu_init.c +index 6695985e9b..986d16a24d 100644 +--- a/target/ppc/cpu_init.c ++++ b/target/ppc/cpu_init.c +@@ -7023,7 +7023,7 @@ static void register_970_lpar_sprs(CPUPPCState *env) + static void register_power5p_lpar_sprs(CPUPPCState *env) + { + #if !defined(CONFIG_USER_ONLY) +- /* Logical partitionning */ ++ /* Logical partitioning */ + spr_register_kvm_hv(env, SPR_LPCR, "LPCR", + SPR_NOACCESS, SPR_NOACCESS, + SPR_NOACCESS, SPR_NOACCESS, +diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c +index 17607adbe4..f66063d55c 100644 +--- a/target/ppc/excp_helper.c ++++ b/target/ppc/excp_helper.c +@@ -312,7 +312,7 @@ static inline void powerpc_excp(PowerPCCPU *cpu, int excp_model, int excp) + + /* + * new interrupt handler msr preserves existing HV and ME unless +- * explicitly overriden ++ * explicitly overridden + */ + new_msr = env->msr & (((target_ulong)1 << MSR_ME) | MSR_HVB); + +diff --git a/target/ppc/power8-pmu-regs.c.inc b/target/ppc/power8-pmu-regs.c.inc +index 7391851238..c58874752b 100644 +--- a/target/ppc/power8-pmu-regs.c.inc ++++ b/target/ppc/power8-pmu-regs.c.inc +@@ -16,7 +16,7 @@ + * Checks whether the Group A SPR (MMCR0, MMCR2, MMCRA, and the + * PMCs) has problem state read access. + * +- * Read acccess is granted for all PMCC values but 0b01, where a ++ * Read access is granted for all PMCC values but 0b01, where a + * Facility Unavailable Interrupt will occur. + */ + static bool spr_groupA_read_allowed(DisasContext *ctx) +@@ -33,7 +33,7 @@ static bool spr_groupA_read_allowed(DisasContext *ctx) + * Checks whether the Group A SPR (MMCR0, MMCR2, MMCRA, and the + * PMCs) has problem state write access. + * +- * Write acccess is granted for PMCC values 0b10 and 0b11. Userspace ++ * Write access is granted for PMCC values 0b10 and 0b11. Userspace + * writing with PMCC 0b00 will generate a Hypervisor Emulation + * Assistance Interrupt. Userspace writing with PMCC 0b01 will + * generate a Facility Unavailable Interrupt. +diff --git a/target/ppc/translate/vmx-impl.c.inc b/target/ppc/translate/vmx-impl.c.inc +index 8eb8d3a067..f56f061d18 100644 +--- a/target/ppc/translate/vmx-impl.c.inc ++++ b/target/ppc/translate/vmx-impl.c.inc +@@ -127,7 +127,7 @@ static void gen_stve##name(DisasContext *ctx) \ + } + + GEN_VR_LDX(lvx, 0x07, 0x03); +-/* As we don't emulate the cache, lvxl is stricly equivalent to lvx */ ++/* As we don't emulate the cache, lvxl is strictly equivalent to lvx */ + GEN_VR_LDX(lvxl, 0x07, 0x0B); + + GEN_VR_LVE(bx, 0x07, 0x00, 1); +@@ -135,7 +135,7 @@ GEN_VR_LVE(hx, 0x07, 0x01, 2); + GEN_VR_LVE(wx, 0x07, 0x02, 4); + + GEN_VR_STX(svx, 0x07, 0x07); +-/* As we don't emulate the cache, stvxl is stricly equivalent to stvx */ ++/* As we don't emulate the cache, stvxl is strictly equivalent to stvx */ + GEN_VR_STX(svxl, 0x07, 0x0F); + + GEN_VR_STVE(bx, 0x07, 0x04, 1); +-- +2.27.0 + diff --git a/qemu.spec b/qemu.spec index bc9d629cb94b3d6f22c43f3c95ff26e1b5f9ba9f..154bbeef49858515bfeb7b1f4ed9b4d7fe6cc7e9 100644 --- a/qemu.spec +++ b/qemu.spec @@ -3,7 +3,7 @@ Name: qemu Version: 6.2.0 -Release: 86 +Release: 87 Epoch: 10 Summary: QEMU is a generic and open source machine emulator and virtualizer License: GPLv2 and BSD and MIT and CC-BY-SA-4.0 @@ -832,6 +832,34 @@ Patch0817: vhost-implement-migration-state-notifier-for-vdpa-de.patch Patch0818: vhost-implement-post-resume-bh.patch Patch0819: vdpa-implement-vdpa-device-migration.patch Patch0820: vdpa-move-memory-listener-to-the-realize-stage.patch +Patch0821: hw-usb-hcd-xhci.c-spelling-tranfer.patch +Patch0822: ui-vnc-clipboard-fix-inflate_buffer.patch +Patch0823: i386-sev-Avoid-SEV-ES-crash-due-to-missing-MSR_EFER_.patch +Patch0824: tests-avocado-mark-ReplayKernelNormal.test_mips64el_.patch +Patch0825: tests-unit-fix-a-Wformat-truncation-warning.patch +Patch0826: hw-qdev-Cosmetic-around-documentation.patch +Patch0827: hw-qdev-Correct-qdev_init_gpio_out_named-documentati.patch +Patch0828: hw-qdev-Correct-qdev_connect_gpio_out_named-document.patch +Patch0829: pci-Export-the-pci_intx-function.patch +Patch0830: pcie_aer-Don-t-trigger-a-LSI-if-none-are-defined.patch +Patch0831: hw-i386-pc-Add-missing-property-descriptions.patch +Patch0832: hw-scsi-vhost-scsi-don-t-leak-vqs-on-error.patch +Patch0833: virtio-vhost-vsock-don-t-double-close-vhostfd-remove.patch +Patch0834: hw-scsi-vhost-scsi-don-t-double-close-vhostfd-on-err.patch +Patch0835: tests-spelling-fixes.patch +Patch0836: ppc-spelling-fixes.patch +Patch0837: s390x-Fix-spelling-errors.patch +Patch0838: migration-fix-RAMBlock-add-NULL-check.patch +Patch0839: iotests-fix-default-machine-type-detection.patch +Patch0840: gdb-xml-fix-duplicate-register-in-arm-neon.xml.patch +Patch0841: migration-Set-downtime_start-even-for-postcopy.patch +Patch0842: revert-tcg-loongarch64-Fix-tcg_out_mov-Aborted.patch +Patch0843: shadow_dev-introduce-shadow-dev-for-virtio-net-devic.patch +Patch0844: vdpa-set-vring-enable-only-if-the-vring-address-has-.patch +Patch0845: vdpa-correct-param-passed-in-when-unregister-save.patch +Patch0846: vdpa-support-vdpa-device-suspend-resume.patch +Patch0847: vdpa-don-t-suspend-resume-device-when-vdpa-device-no.patch +Patch0848: vdpa-suspend-function-return-0-when-the-vdpa-device-.patch BuildRequires: flex @@ -1431,6 +1459,36 @@ getent passwd qemu >/dev/null || \ %endif %changelog +* Fri Dec 22 2023 - 10:6.2.0-87 +- vdpa: suspend function return 0 when the vdpa device is stopped +- vdpa: don't suspend/resume device when vdpa device not started +- vdpa: support vdpa device suspend/resume +- vdpa: correct param passed in when unregister save +- vdpa: set vring enable only if the vring address has already been set +- shadow_dev: introduce shadow dev for virtio-net device +- revert "tcg/loongarch64: Fix tcg_out_mov() Aborted" +- migration: Set downtime_start even for postcopy +- gdb-xml: fix duplicate register in arm-neon.xml +- iotests: fix default machine type detection +- migration: fix RAMBlock add NULL check +- s390x: Fix spelling errors +- ppc: spelling fixes +- tests/: spelling fixes +- hw/scsi/vhost-scsi: don't double close vhostfd on error +- virtio/vhost-vsock: don't double close vhostfd, remove redundant cleanup +- hw/scsi/vhost-scsi: don't leak vqs on error +- hw/i386/pc: Add missing property descriptions +- pcie_aer: Don't trigger a LSI if none are defined +- pci: Export the pci_intx() function +- hw/qdev: Correct qdev_connect_gpio_out_named() documentation +- hw/qdev: Correct qdev_init_gpio_out_named() documentation +- hw/qdev: Cosmetic around documentation +- tests/unit: fix a -Wformat-truncation warning +- tests/avocado: mark ReplayKernelNormal.test_mips64el_malta as flaky +- i386/sev: Avoid SEV-ES crash due to missing MSR_EFER_LMA bit +- ui/vnc-clipboard: fix inflate_buffer +- hw/usb/hcd-xhci.c: spelling: tranfer + * Tue Dec 5 2023 - 10:6.2.0-86 - vdpa: move memory listener to the realize stage - vdpa: implement vdpa device migration diff --git a/revert-tcg-loongarch64-Fix-tcg_out_mov-Aborted.patch b/revert-tcg-loongarch64-Fix-tcg_out_mov-Aborted.patch new file mode 100644 index 0000000000000000000000000000000000000000..cf0869e44fd4e75c194d2ac4ff4b9dd241ddead9 --- /dev/null +++ b/revert-tcg-loongarch64-Fix-tcg_out_mov-Aborted.patch @@ -0,0 +1,30 @@ +From 7eff40be327d0c591e4b842cd954ec5dabb75848 Mon Sep 17 00:00:00 2001 +From: xianglai li +Date: Tue, 19 Dec 2023 02:34:39 -0500 +Subject: [PATCH] revert "tcg/loongarch64: Fix tcg_out_mov() Aborted" + +openEuler loongarch64 does not support qemu tcg, +so no TCG-related patch is required for synchronization. + +Signed-off-by: xianglai li +--- + tcg/loongarch64/tcg-target.c.inc | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/tcg/loongarch64/tcg-target.c.inc b/tcg/loongarch64/tcg-target.c.inc +index ee7d4d728d..0b28b30002 100644 +--- a/tcg/loongarch64/tcg-target.c.inc ++++ b/tcg/loongarch64/tcg-target.c.inc +@@ -255,9 +255,6 @@ static bool tcg_out_mov(TCGContext *s, TCGType type, TCGReg ret, TCGReg arg) + */ + tcg_out_opc_or(s, ret, arg, TCG_REG_ZERO); + break; +- case TCG_TYPE_V128: +- tcg_out_opc_vori_b(s, ret, arg, 0); +- break; + default: + g_assert_not_reached(); + } +-- +2.27.0 + diff --git a/s390x-Fix-spelling-errors.patch b/s390x-Fix-spelling-errors.patch new file mode 100644 index 0000000000000000000000000000000000000000..192657105faafdd180310d2d955a0455e499040f --- /dev/null +++ b/s390x-Fix-spelling-errors.patch @@ -0,0 +1,246 @@ +From 8f9bdcfe073479ba0170d3b01023d9a00f3b1e31 Mon Sep 17 00:00:00 2001 +From: zhujun2 +Date: Thu, 7 Dec 2023 17:47:34 -0800 +Subject: [PATCH] s390x: Fix spelling errors + +mainline inclusion +commit 44ee69ea16bd0390082ed88d4e82d6cea3a18b46 +category: bugfix + +--------------------------------------------------------------- + +Fix typos (discovered with the 'codespell' utility). +Note: Though "migrateable" still seems to be a valid spelling, we change +it to "migratable" since this is the way more common spelling here. + +Message-Id: <20221111182828.282251-1-thuth@redhat.com> +Reviewed-by: Stefan Weil +Reviewed-by: Ilya Leoshkevich +Signed-off-by: Thomas Huth +Signed-off-by: zhujun2 +--- + hw/s390x/ipl.h | 2 +- + hw/s390x/s390-virtio-ccw.c | 6 +++--- + pc-bios/s390-ccw/cio.h | 2 +- + pc-bios/s390-ccw/iplb.h | 2 +- + pc-bios/s390-ccw/start.S | 2 +- + target/s390x/cpu_models.h | 4 ++-- + target/s390x/ioinst.c | 2 +- + target/s390x/tcg/excp_helper.c | 2 +- + target/s390x/tcg/fpu_helper.c | 2 +- + target/s390x/tcg/misc_helper.c | 2 +- + target/s390x/tcg/translate.c | 4 ++-- + target/s390x/tcg/translate_vx.c.inc | 6 +++--- + 12 files changed, 18 insertions(+), 18 deletions(-) + +diff --git a/hw/s390x/ipl.h b/hw/s390x/ipl.h +index dfc6dfd89c..7fc86e7905 100644 +--- a/hw/s390x/ipl.h ++++ b/hw/s390x/ipl.h +@@ -140,7 +140,7 @@ void s390_ipl_clear_reset_request(void); + * have an offset of 4 + n * 8 bytes within the struct in order + * to keep it double-word aligned. + * The total size of the struct must never exceed 28 bytes. +- * This definition must be kept in sync with the defininition ++ * This definition must be kept in sync with the definition + * in pc-bios/s390-ccw/iplb.h. + */ + struct QemuIplParameters { +diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c +index 653587ea62..c84b89ba43 100644 +--- a/hw/s390x/s390-virtio-ccw.c ++++ b/hw/s390x/s390-virtio-ccw.c +@@ -345,7 +345,7 @@ static int s390_machine_protect(S390CcwMachineState *ms) + } + + error_setg(&pv_mig_blocker, +- "protected VMs are currently not migrateable."); ++ "protected VMs are currently not migratable."); + rc = migrate_add_blocker(pv_mig_blocker, &local_err); + if (rc) { + ram_block_discard_disable(false); +@@ -434,7 +434,7 @@ static void s390_machine_reset(MachineState *machine) + break; + case S390_RESET_MODIFIED_CLEAR: + /* +- * Susbsystem reset needs to be done before we unshare memory ++ * Subsystem reset needs to be done before we unshare memory + * and lose access to VIRTIO structures in guest memory. + */ + subsystem_reset(); +@@ -447,7 +447,7 @@ static void s390_machine_reset(MachineState *machine) + break; + case S390_RESET_LOAD_NORMAL: + /* +- * Susbsystem reset needs to be done before we unshare memory ++ * Subsystem reset needs to be done before we unshare memory + * and lose access to VIRTIO structures in guest memory. + */ + subsystem_reset(); +diff --git a/pc-bios/s390-ccw/cio.h b/pc-bios/s390-ccw/cio.h +index 1e5d4e92e1..88a88adfd2 100644 +--- a/pc-bios/s390-ccw/cio.h ++++ b/pc-bios/s390-ccw/cio.h +@@ -20,7 +20,7 @@ struct pmcw { + __u32 intparm; /* interruption parameter */ + __u32 qf:1; /* qdio facility */ + __u32 w:1; +- __u32 isc:3; /* interruption sublass */ ++ __u32 isc:3; /* interruption subclass */ + __u32 res5:3; /* reserved zeros */ + __u32 ena:1; /* enabled */ + __u32 lm:2; /* limit mode */ +diff --git a/pc-bios/s390-ccw/iplb.h b/pc-bios/s390-ccw/iplb.h +index 772d5c57c9..cb6ac8a880 100644 +--- a/pc-bios/s390-ccw/iplb.h ++++ b/pc-bios/s390-ccw/iplb.h +@@ -81,7 +81,7 @@ extern IplParameterBlock iplb __attribute__((__aligned__(PAGE_SIZE))); + #define QIPL_FLAG_BM_OPTS_ZIPL 0x40 + + /* +- * This definition must be kept in sync with the defininition ++ * This definition must be kept in sync with the definition + * in hw/s390x/ipl.h + */ + struct QemuIplParameters { +diff --git a/pc-bios/s390-ccw/start.S b/pc-bios/s390-ccw/start.S +index 4d5ad21653..6072906df4 100644 +--- a/pc-bios/s390-ccw/start.S ++++ b/pc-bios/s390-ccw/start.S +@@ -19,7 +19,7 @@ _start: + larl %r2, __bss_start + larl %r3, _end + slgr %r3, %r2 /* get sizeof bss */ +- ltgr %r3,%r3 /* bss emtpy? */ ++ ltgr %r3,%r3 /* bss empty? */ + jz done + aghi %r3,-1 + srlg %r4,%r3,8 /* how many 256 byte chunks? */ +diff --git a/target/s390x/cpu_models.h b/target/s390x/cpu_models.h +index 74d1f87e4f..fb1adc8b21 100644 +--- a/target/s390x/cpu_models.h ++++ b/target/s390x/cpu_models.h +@@ -24,13 +24,13 @@ struct S390CPUDef { + uint8_t gen; /* hw generation identification */ + uint16_t type; /* cpu type identification */ + uint8_t ec_ga; /* EC GA version (on which also the BC is based) */ +- uint8_t mha_pow; /* Maximum Host Adress Power, mha = 2^pow-1 */ ++ uint8_t mha_pow; /* maximum host address power, mha = 2^pow-1 */ + uint32_t hmfai; /* hypervisor-managed facilities */ + /* base/min features, must never be changed between QEMU versions */ + S390FeatBitmap base_feat; + /* used to init base_feat from generated data */ + S390FeatInit base_init; +- /* deafault features, QEMU version specific */ ++ /* default features, QEMU version specific */ + S390FeatBitmap default_feat; + /* used to init default_feat from generated data */ + S390FeatInit default_init; +diff --git a/target/s390x/ioinst.c b/target/s390x/ioinst.c +index bdae5090bc..e6347d1801 100644 +--- a/target/s390x/ioinst.c ++++ b/target/s390x/ioinst.c +@@ -285,7 +285,7 @@ void ioinst_handle_stsch(S390CPU *cpu, uint64_t reg1, uint32_t ipb, + /* + * As operand exceptions have a lower priority than access exceptions, + * we check whether the memory area is writeable (injecting the +- * access execption if it is not) first. ++ * access exception if it is not) first. + */ + if (!s390_cpu_virt_mem_check_write(cpu, addr, ar, sizeof(schib))) { + s390_program_interrupt(env, PGM_OPERAND, ra); +diff --git a/target/s390x/tcg/excp_helper.c b/target/s390x/tcg/excp_helper.c +index 4e7648f301..6a4f7585b8 100644 +--- a/target/s390x/tcg/excp_helper.c ++++ b/target/s390x/tcg/excp_helper.c +@@ -551,7 +551,7 @@ try_deliver: + /* don't trigger a cpu_loop_exit(), use an interrupt instead */ + cpu_interrupt(CPU(cpu), CPU_INTERRUPT_HALT); + } else if (cs->halted) { +- /* unhalt if we had a WAIT PSW somehwere in our injection chain */ ++ /* unhalt if we had a WAIT PSW somewhere in our injection chain */ + s390_cpu_unhalt(cpu); + } + } +diff --git a/target/s390x/tcg/fpu_helper.c b/target/s390x/tcg/fpu_helper.c +index 4067205405..be80b2373c 100644 +--- a/target/s390x/tcg/fpu_helper.c ++++ b/target/s390x/tcg/fpu_helper.c +@@ -89,7 +89,7 @@ static void handle_exceptions(CPUS390XState *env, bool XxC, uintptr_t retaddr) + /* + * invalid/divbyzero cannot coexist with other conditions. + * overflow/underflow however can coexist with inexact, we have to +- * handle it separatly. ++ * handle it separately. + */ + if (s390_exc & ~S390_IEEE_MASK_INEXACT) { + if (s390_exc & ~S390_IEEE_MASK_INEXACT & env->fpc >> 24) { +diff --git a/target/s390x/tcg/misc_helper.c b/target/s390x/tcg/misc_helper.c +index aab9c47747..7a975aaf94 100644 +--- a/target/s390x/tcg/misc_helper.c ++++ b/target/s390x/tcg/misc_helper.c +@@ -326,7 +326,7 @@ uint32_t HELPER(stsi)(CPUS390XState *env, uint64_t a0, uint64_t r0, uint64_t r1) + /* same as machine type number in STORE CPU ID, but in EBCDIC */ + snprintf(type, ARRAY_SIZE(type), "%X", cpu->model->def->type); + ebcdic_put(sysib.sysib_111.type, type, 4); +- /* model number (not stored in STORE CPU ID for z/Architecure) */ ++ /* model number (not stored in STORE CPU ID for z/Architecture) */ + ebcdic_put(sysib.sysib_111.model, "QEMU ", 16); + ebcdic_put(sysib.sysib_111.sequence, "QEMU ", 16); + ebcdic_put(sysib.sysib_111.plant, "QEMU", 4); +diff --git a/target/s390x/tcg/translate.c b/target/s390x/tcg/translate.c +index dcc249a197..62fbc90d5e 100644 +--- a/target/s390x/tcg/translate.c ++++ b/target/s390x/tcg/translate.c +@@ -434,7 +434,7 @@ static void gen_program_exception(DisasContext *s, int code) + { + TCGv_i32 tmp; + +- /* Remember what pgm exeption this was. */ ++ /* Remember what pgm exception this was. */ + tmp = tcg_const_i32(code); + tcg_gen_st_i32(tmp, cpu_env, offsetof(CPUS390XState, int_pgm_code)); + tcg_temp_free_i32(tmp); +@@ -490,7 +490,7 @@ static TCGv_i64 get_address(DisasContext *s, int x2, int b2, int d2) + + /* + * Note that d2 is limited to 20 bits, signed. If we crop negative +- * displacements early we create larger immedate addends. ++ * displacements early we create larger immediate addends. + */ + if (b2 && x2) { + tcg_gen_add_i64(tmp, regs[b2], regs[x2]); +diff --git a/target/s390x/tcg/translate_vx.c.inc b/target/s390x/tcg/translate_vx.c.inc +index 28bf5a23b6..d1fe4df1b5 100644 +--- a/target/s390x/tcg/translate_vx.c.inc ++++ b/target/s390x/tcg/translate_vx.c.inc +@@ -797,7 +797,7 @@ static DisasJumpType op_vpk(DisasContext *s, DisasOps *o) + } + break; + case 0x94: +- /* If sources and destination dont't overlap -> fast path */ ++ /* If sources and destination don't overlap -> fast path */ + if (v1 != v2 && v1 != v3) { + const uint8_t src_es = get_field(s, m4); + const uint8_t dst_es = src_es - 1; +@@ -1793,7 +1793,7 @@ static DisasJumpType op_vmsl(DisasContext *s, DisasOps *o) + l2 = tcg_temp_new_i64(); + h2 = tcg_temp_new_i64(); + +- /* Multipy both even elements from v2 and v3 */ ++ /* Multiply both even elements from v2 and v3 */ + read_vec_element_i64(l1, get_field(s, v2), 0, ES_64); + read_vec_element_i64(h1, get_field(s, v3), 0, ES_64); + tcg_gen_mulu2_i64(l1, h1, l1, h1); +@@ -1802,7 +1802,7 @@ static DisasJumpType op_vmsl(DisasContext *s, DisasOps *o) + tcg_gen_add2_i64(l1, h1, l1, h1, l1, h1); + } + +- /* Multipy both odd elements from v2 and v3 */ ++ /* Multiply both odd elements from v2 and v3 */ + read_vec_element_i64(l2, get_field(s, v2), 1, ES_64); + read_vec_element_i64(h2, get_field(s, v3), 1, ES_64); + tcg_gen_mulu2_i64(l2, h2, l2, h2); +-- +2.27.0 + diff --git a/shadow_dev-introduce-shadow-dev-for-virtio-net-devic.patch b/shadow_dev-introduce-shadow-dev-for-virtio-net-devic.patch new file mode 100644 index 0000000000000000000000000000000000000000..ef1164d6ca802901261df0e6e46f6b55d5c60db9 --- /dev/null +++ b/shadow_dev-introduce-shadow-dev-for-virtio-net-devic.patch @@ -0,0 +1,195 @@ +From 0a6c08bd3a16543b8021c8b65a45f7ebb701a9aa Mon Sep 17 00:00:00 2001 +From: Dongxu Sun +Date: Fri, 15 Dec 2023 17:44:54 +0800 +Subject: [PATCH] shadow_dev: introduce shadow dev for virtio-net device + +for virtio net devices, create the shadow device for vlpi +bypass inject supported. + +Signed-off-by: Wang Haibin +Signed-off-by: Yu Zenghui +Signed-off-by: Chen Qun +Signed-off-by: KunKun Jiang +Signed-off-by: Dongxu Sun +--- + hw/virtio/virtio-pci.c | 32 ++++++++++++++++++++++++++ + include/sysemu/kvm.h | 5 +++++ + linux-headers/linux/kvm.h | 13 +++++++++++ + target/arm/kvm.c | 47 +++++++++++++++++++++++++++++++++++++++ + 4 files changed, 97 insertions(+) + +diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c +index 82706b8b32..6b45683280 100644 +--- a/hw/virtio/virtio-pci.c ++++ b/hw/virtio/virtio-pci.c +@@ -873,18 +873,44 @@ undo: + } + return ret; + } ++ ++#ifdef __aarch64__ ++int __attribute__((weak)) kvm_create_shadow_device(PCIDevice *dev) ++{ ++ return 0; ++} ++ ++int __attribute__((weak)) kvm_delete_shadow_device(PCIDevice *dev) ++{ ++ return 0; ++} ++#endif ++ + static int kvm_virtio_pci_vector_vq_use(VirtIOPCIProxy *proxy, int nvqs) + { + int queue_no; + int ret = 0; + VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus); + ++#ifdef __aarch64__ ++ if (!strcmp(vdev->name, "virtio-net")) { ++ kvm_create_shadow_device(&proxy->pci_dev); ++ } ++#endif ++ + for (queue_no = 0; queue_no < nvqs; queue_no++) { + if (!virtio_queue_get_num(vdev, queue_no)) { + return -1; + } + ret = kvm_virtio_pci_vector_use_one(proxy, queue_no); + } ++ ++#ifdef __aarch64__ ++ if (!strcmp(vdev->name, "virtio-net") && ret != 0) { ++ kvm_delete_shadow_device(&proxy->pci_dev); ++ } ++#endif ++ + return ret; + } + +@@ -927,6 +953,12 @@ static void kvm_virtio_pci_vector_vq_release(VirtIOPCIProxy *proxy, int nvqs) + } + kvm_virtio_pci_vector_release_one(proxy, queue_no); + } ++ ++#ifdef __aarch64__ ++ if (!strcmp(vdev->name, "virtio-net")) { ++ kvm_delete_shadow_device(&proxy->pci_dev); ++ } ++#endif + } + + static void kvm_virtio_pci_vector_config_release(VirtIOPCIProxy *proxy) +diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h +index 1ec9432493..9f52d08ce0 100644 +--- a/include/sysemu/kvm.h ++++ b/include/sysemu/kvm.h +@@ -553,4 +553,9 @@ bool kvm_arch_cpu_check_are_resettable(void); + bool kvm_dirty_ring_enabled(void); + + uint32_t kvm_dirty_ring_size(void); ++ ++#ifdef __aarch64__ ++int kvm_create_shadow_device(PCIDevice *dev); ++int kvm_delete_shadow_device(PCIDevice *dev); ++#endif + #endif +diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h +index 2008fbc173..cd0885f523 100644 +--- a/linux-headers/linux/kvm.h ++++ b/linux-headers/linux/kvm.h +@@ -1127,6 +1127,8 @@ struct kvm_ppc_resize_hpt { + + #define KVM_CAP_ARM_CPU_FEATURE 555 + ++#define KVM_CAP_ARM_VIRT_MSI_BYPASS 799 ++ + #ifdef KVM_CAP_IRQ_ROUTING + + struct kvm_irq_routing_irqchip { +@@ -1431,6 +1433,17 @@ struct kvm_s390_ucas_mapping { + #define KVM_XEN_HVM_CONFIG _IOW(KVMIO, 0x7a, struct kvm_xen_hvm_config) + #define KVM_SET_CLOCK _IOW(KVMIO, 0x7b, struct kvm_clock_data) + #define KVM_GET_CLOCK _IOR(KVMIO, 0x7c, struct kvm_clock_data) ++ ++#ifdef __aarch64__ ++struct kvm_master_dev_info ++{ ++ __u32 nvectors; /* number of msi vectors */ ++ struct kvm_msi msi[0]; ++}; ++#define KVM_CREATE_SHADOW_DEV _IOW(KVMIO, 0xf0, struct kvm_master_dev_info) ++#define KVM_DEL_SHADOW_DEV _IOW(KVMIO, 0xf1, __u32) ++#endif ++ + /* Available with KVM_CAP_PIT_STATE2 */ + #define KVM_GET_PIT2 _IOR(KVMIO, 0x9f, struct kvm_pit_state2) + #define KVM_SET_PIT2 _IOW(KVMIO, 0xa0, struct kvm_pit_state2) +diff --git a/target/arm/kvm.c b/target/arm/kvm.c +index 22ac5bcb97..38d80adfb7 100644 +--- a/target/arm/kvm.c ++++ b/target/arm/kvm.c +@@ -27,6 +27,8 @@ + #include "trace.h" + #include "internals.h" + #include "hw/pci/pci.h" ++#include "hw/pci/msi.h" ++#include "hw/pci/msix.h" + #include "exec/memattrs.h" + #include "exec/address-spaces.h" + #include "hw/boards.h" +@@ -1075,6 +1077,51 @@ int kvm_arch_fixup_msi_route(struct kvm_irq_routing_entry *route, + return 0; + } + ++int kvm_create_shadow_device(PCIDevice *dev) ++{ ++ KVMState *s = kvm_state; ++ struct kvm_master_dev_info *mdi; ++ MSIMessage msg; ++ uint32_t vector, nvectors = msix_nr_vectors_allocated(dev); ++ uint32_t request_id; ++ int ret; ++ ++ if (!kvm_vm_check_extension(s, KVM_CAP_ARM_VIRT_MSI_BYPASS) || !nvectors) { ++ return 0; ++ } ++ ++ mdi = g_malloc0(sizeof(uint32_t) + sizeof(struct kvm_msi) * nvectors); ++ mdi->nvectors = nvectors; ++ request_id = pci_requester_id(dev); ++ ++ for (vector = 0; vector < nvectors; vector++) { ++ msg = msix_get_message(dev, vector); ++ mdi->msi[vector].address_lo = extract64(msg.address, 0, 32); ++ mdi->msi[vector].address_hi = extract64(msg.address, 32, 32); ++ mdi->msi[vector].data = le32_to_cpu(msg.data); ++ mdi->msi[vector].flags = KVM_MSI_VALID_DEVID; ++ mdi->msi[vector].devid = request_id; ++ memset(mdi->msi[vector].pad, 0, sizeof(mdi->msi[vector].pad)); ++ } ++ ++ ret = kvm_vm_ioctl(s, KVM_CREATE_SHADOW_DEV, mdi); ++ g_free(mdi); ++ return ret; ++} ++ ++int kvm_delete_shadow_device(PCIDevice *dev) ++{ ++ KVMState *s = kvm_state; ++ uint32_t request_id, nvectors = msix_nr_vectors_allocated(dev); ++ ++ if (!kvm_vm_check_extension(s, KVM_CAP_ARM_VIRT_MSI_BYPASS) || !nvectors) { ++ return 0; ++ } ++ ++ request_id = pci_requester_id(dev); ++ return kvm_vm_ioctl(s, KVM_DEL_SHADOW_DEV, &request_id); ++} ++ + int kvm_arch_add_msi_route_post(struct kvm_irq_routing_entry *route, + int vector, PCIDevice *dev) + { +-- +2.27.0 + diff --git a/tests-avocado-mark-ReplayKernelNormal.test_mips64el_.patch b/tests-avocado-mark-ReplayKernelNormal.test_mips64el_.patch new file mode 100644 index 0000000000000000000000000000000000000000..bc8f81aed54fcb488ae3a9a1cef9edfb1aebad3a --- /dev/null +++ b/tests-avocado-mark-ReplayKernelNormal.test_mips64el_.patch @@ -0,0 +1,48 @@ +From b4d96f201027d930ef84c8751909f3770e3d21f9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Alex=20Benn=C3=A9e?= +Date: Fri, 1 Dec 2023 20:10:27 +0000 +Subject: [PATCH] tests/avocado: mark ReplayKernelNormal.test_mips64el_malta as + flaky +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +I missed this when going through the recent failure logs. I can run +the test 30 times without failure locally but it seems to hang pretty +reliably on GitLab's CI infra-structure. + +Cc: Philippe Mathieu-Daudé +Signed-off-by: Alex Bennée +Reviewed-by: Philippe Mathieu-Daudé +Message-ID: <20231201201027.2689404-1-alex.bennee@linaro.org> +Signed-off-by: Philippe Mathieu-Daudé + +Signed-off-by: Zhongrui Tang +--- + tests/avocado/replay_kernel.py | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/tests/avocado/replay_kernel.py b/tests/avocado/replay_kernel.py +index c68a953730..16421b3407 100644 +--- a/tests/avocado/replay_kernel.py ++++ b/tests/avocado/replay_kernel.py +@@ -113,6 +113,8 @@ def test_mips_malta(self): + + self.run_rr(kernel_path, kernel_command_line, console_pattern, shift=5) + ++ # See https://gitlab.com/qemu-project/qemu/-/issues/2013 ++ @skipUnless(os.getenv('QEMU_TEST_FLAKY_TESTS'), 'Test is unstable on GitLab') + def test_mips64el_malta(self): + """ + This test requires the ar tool to extract "data.tar.gz" from +@@ -128,6 +130,7 @@ def test_mips64el_malta(self): + + :avocado: tags=arch:mips64el + :avocado: tags=machine:malta ++ :avocado: tags=flaky + """ + deb_url = ('http://snapshot.debian.org/archive/debian/' + '20130217T032700Z/pool/main/l/linux-2.6/' +-- +2.27.0 + diff --git a/tests-spelling-fixes.patch b/tests-spelling-fixes.patch new file mode 100644 index 0000000000000000000000000000000000000000..44d88bcedabaf34a7b053af43d4a412f7956decc --- /dev/null +++ b/tests-spelling-fixes.patch @@ -0,0 +1,685 @@ +From 74770d563a9137791e1bb454a8141520d21b911c Mon Sep 17 00:00:00 2001 +From: zhujun2 +Date: Sun, 26 Nov 2023 18:44:22 -0800 +Subject: [PATCH] tests/: spelling fixes + +mainline inclusion +commit 96420a30e0b509914609e45456ed3dfd47360a8c +category: bugfix + +------------------------------------------------------------------- + +with some rewording in +tests/qemu-iotests/298 +tests/qtest/fuzz/generic_fuzz.c +tests/unit/test-throttle.c +as suggested by Eric. + +Signed-off-by: Michael Tokarev +Reviewed-by: Eric Blake +Signed-off-by: zhujun2 +--- + tests/decode/err_pattern_group_ident2.decode | 2 +- + tests/docker/common.rc | 2 +- + tests/migration/guestperf-batch.py | 2 +- + tests/migration/guestperf.py | 2 +- + tests/plugin/mem.c | 2 +- + tests/qapi-schema/bad-if-not.json | 2 +- + tests/qemu-iotests/029 | 2 +- + tests/qemu-iotests/040 | 8 ++++---- + tests/qemu-iotests/046 | 2 +- + tests/qemu-iotests/059 | 2 +- + tests/qemu-iotests/071 | 2 +- + tests/qemu-iotests/197 | 2 +- + tests/qemu-iotests/215 | 2 +- + tests/qemu-iotests/298 | 4 ++-- + tests/qemu-iotests/pylintrc | 2 +- + tests/qtest/ahci-test.c | 2 +- + tests/qtest/bios-tables-test.c | 2 +- + tests/qtest/ds1338-test.c | 2 +- + tests/qtest/fuzz/generic_fuzz.c | 6 +++--- + tests/qtest/libqos/qgraph.c | 4 ++-- + tests/qtest/libqos/qgraph_internal.h | 2 +- + tests/qtest/libqtest.c | 2 +- + tests/qtest/migration-test.c | 4 ++-- + tests/qtest/npcm7xx_timer-test.c | 2 +- + tests/qtest/tpm-emu.c | 2 +- + tests/qtest/tpm-tests.c | 2 +- + tests/qtest/tpm-tests.h | 2 +- + tests/qtest/tpm-tis-util.c | 2 +- + tests/qtest/vhost-user-blk-test.c | 2 +- + tests/qtest/virtio-net-test.c | 2 +- + tests/qtest/vmgenid-test.c | 2 +- + tests/tsan/suppressions.tsan | 2 +- + tests/uefi-test-tools/Makefile | 2 +- + tests/unit/check-qjson.c | 2 +- + tests/unit/test-aio.c | 2 +- + tests/unit/test-bdrv-graph-mod.c | 12 ++++++------ + tests/unit/test-crypto-secret.c | 2 +- + tests/unit/test-qobject-input-visitor.c | 2 +- + tests/unit/test-throttle.c | 8 ++++---- + tests/unit/test-util-filemonitor.c | 2 +- + tests/vm/Makefile.include | 2 +- + tests/vm/ubuntuvm.py | 2 +- + 42 files changed, 58 insertions(+), 58 deletions(-) + +diff --git a/tests/decode/err_pattern_group_ident2.decode b/tests/decode/err_pattern_group_ident2.decode +index bc859233b1..0abb7513e9 100644 +--- a/tests/decode/err_pattern_group_ident2.decode ++++ b/tests/decode/err_pattern_group_ident2.decode +@@ -7,5 +7,5 @@ + { + top 00000000 00000000 00000000 00000000 + sub1 00000000 00000000 00000000 ........ %sub1 +-# comments are suposed to be indented ++# comments are supposed to be indented + } +diff --git a/tests/docker/common.rc b/tests/docker/common.rc +index e6f8cee0d6..6daab2f353 100755 +--- a/tests/docker/common.rc ++++ b/tests/docker/common.rc +@@ -12,7 +12,7 @@ + # the top-level directory. + + # This might be set by ENV of a docker container... it is always +-# overriden by TARGET_LIST if the user sets it. We special case ++# overridden by TARGET_LIST if the user sets it. We special case + # "none" to allow for other options like --disable-tcg to restrict the + # builds we eventually do. + if test "$DEF_TARGET_LIST" = "none"; then +diff --git a/tests/migration/guestperf-batch.py b/tests/migration/guestperf-batch.py +index ab6bdb9d38..9485eefe49 100755 +--- a/tests/migration/guestperf-batch.py ++++ b/tests/migration/guestperf-batch.py +@@ -1,6 +1,6 @@ + #!/usr/bin/env python3 + # +-# Migration test batch comparison invokation ++# Migration test batch comparison invocation + # + # Copyright (c) 2016 Red Hat, Inc. + # +diff --git a/tests/migration/guestperf.py b/tests/migration/guestperf.py +index e8cc127fd0..07182f211e 100755 +--- a/tests/migration/guestperf.py ++++ b/tests/migration/guestperf.py +@@ -1,6 +1,6 @@ + #!/usr/bin/env python3 + # +-# Migration test direct invokation command ++# Migration test direct invocation command + # + # Copyright (c) 2016 Red Hat, Inc. + # +diff --git a/tests/plugin/mem.c b/tests/plugin/mem.c +index 4570f7d815..de6445ffab 100644 +--- a/tests/plugin/mem.c ++++ b/tests/plugin/mem.c +@@ -98,7 +98,7 @@ QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, + } else if (g_strcmp0(tokens[1], "rw") == 0) { + rw = QEMU_PLUGIN_MEM_RW; + } else { +- fprintf(stderr, "invaild value for argument track: %s\n", opt); ++ fprintf(stderr, "invalid value for argument track: %s\n", opt); + return -1; + } + } else if (g_strcmp0(tokens[0], "inline") == 0) { +diff --git a/tests/qapi-schema/bad-if-not.json b/tests/qapi-schema/bad-if-not.json +index 9fdaacc47b..660fc4feb2 100644 +--- a/tests/qapi-schema/bad-if-not.json ++++ b/tests/qapi-schema/bad-if-not.json +@@ -1,3 +1,3 @@ +-# check 'if not' with empy argument ++# check 'if not' with empty argument + { 'struct': 'TestIfStruct', 'data': { 'foo': 'int' }, + 'if': { 'not': '' } } +diff --git a/tests/qemu-iotests/029 b/tests/qemu-iotests/029 +index bd71dd2f22..7f4849b97b 100755 +--- a/tests/qemu-iotests/029 ++++ b/tests/qemu-iotests/029 +@@ -39,7 +39,7 @@ trap "_cleanup; exit \$status" 0 1 2 3 15 + . ./common.filter + . ./common.pattern + +-# Any format supporting intenal snapshots ++# Any format supporting internal snapshots + _supported_fmt qcow2 + _supported_proto generic + # Internal snapshots are (currently) impossible with refcount_bits=1, +diff --git a/tests/qemu-iotests/040 b/tests/qemu-iotests/040 +index 6af5ab9e76..57cf100bcb 100755 +--- a/tests/qemu-iotests/040 ++++ b/tests/qemu-iotests/040 +@@ -834,7 +834,7 @@ class TestCommitWithFilters(iotests.QMPTestCase): + self.assertIsNone(self.vm.node_info('cow-2')) + self.assertIsNotNone(self.vm.node_info('cow-1')) + +- # 2 has been comitted into 1 ++ # 2 has been committed into 1 + self.pattern_files[2] = self.img1 + + def test_commit_through_filter(self): +@@ -851,7 +851,7 @@ class TestCommitWithFilters(iotests.QMPTestCase): + self.assertIsNone(self.vm.node_info('bottom-filter')) + self.assertIsNotNone(self.vm.node_info('cow-0')) + +- # 1 has been comitted into 0 ++ # 1 has been committed into 0 + self.pattern_files[1] = self.img0 + + def test_filtered_active_commit_with_filter(self): +@@ -888,7 +888,7 @@ class TestCommitWithFilters(iotests.QMPTestCase): + drv0 = next(dev for dev in blockdevs if dev['qdev'] == 'drv0') + self.assertEqual(drv0['inserted']['node-name'], 'cow-2') + +- # 3 has been comitted into 2 ++ # 3 has been committed into 2 + self.pattern_files[3] = self.img2 + + def test_filtered_active_commit_without_filter(self): +@@ -904,7 +904,7 @@ class TestCommitWithFilters(iotests.QMPTestCase): + self.assertIsNone(self.vm.node_info('cow-3')) + self.assertIsNotNone(self.vm.node_info('cow-2')) + +- # 3 has been comitted into 2 ++ # 3 has been committed into 2 + self.pattern_files[3] = self.img2 + + class TestCommitWithOverriddenBacking(iotests.QMPTestCase): +diff --git a/tests/qemu-iotests/046 b/tests/qemu-iotests/046 +index 517b162508..4c9ed4d26e 100755 +--- a/tests/qemu-iotests/046 ++++ b/tests/qemu-iotests/046 +@@ -125,7 +125,7 @@ aio_flush + EOF + + # Sequential write, but the next cluster is already allocated +-# and phyiscally in the right position ++# and physically in the right position + cat <file, not on the data_file, +-# so thie test does not work with external data files ++# so this test does not work with external data files + _unsupported_imgopts data_file + + do_run_qemu() +diff --git a/tests/qemu-iotests/197 b/tests/qemu-iotests/197 +index a2547bc280..08d9b49906 100755 +--- a/tests/qemu-iotests/197 ++++ b/tests/qemu-iotests/197 +@@ -93,7 +93,7 @@ output=$($QEMU_IO -f qcow2 -C -c "read -P 0 1k $((2*1024*1024*1024 - 512))" \ + "$TEST_WRAP" 2>&1 | _filter_qemu_io) + case $output in + *allocate*) +- _notrun "Insufficent memory to run test" ;; ++ _notrun "Insufficient memory to run test" ;; + *) printf '%s\n' "$output" ;; + esac + $QEMU_IO -f qcow2 -C -c "read -P 0 $((3*1024*1024*1024 + 1024)) 1k" \ +diff --git a/tests/qemu-iotests/215 b/tests/qemu-iotests/215 +index d464596f14..6babbcdc1f 100755 +--- a/tests/qemu-iotests/215 ++++ b/tests/qemu-iotests/215 +@@ -95,7 +95,7 @@ output=$($QEMU_IO \ + 2>&1 | _filter_qemu_io) + case $output in + *allocate*) +- _notrun "Insufficent memory to run test" ;; ++ _notrun "Insufficient memory to run test" ;; + *) printf '%s\n' "$output" ;; + esac + $QEMU_IO \ +diff --git a/tests/qemu-iotests/298 b/tests/qemu-iotests/298 +index fae72211b1..87bd5bb627 100755 +--- a/tests/qemu-iotests/298 ++++ b/tests/qemu-iotests/298 +@@ -143,8 +143,8 @@ class TestTruncate(iotests.QMPTestCase): + stat = os.stat(disk) + refstat = os.stat(refdisk) + +- # Probably we'll want preallocate filter to keep align to cluster when +- # shrink preallocation, so, ignore small differece ++ # The preallocate filter may keep cluster alignment when shrinking, ++ # so ignore small differences + self.assertLess(abs(stat.st_size - refstat.st_size), 64 * 1024) + + # Preallocate filter may leak some internal clusters (for example, if +diff --git a/tests/qemu-iotests/pylintrc b/tests/qemu-iotests/pylintrc +index 32ab77b8bb..74e5793325 100644 +--- a/tests/qemu-iotests/pylintrc ++++ b/tests/qemu-iotests/pylintrc +@@ -19,7 +19,7 @@ disable=invalid-name, + too-many-public-methods, + # pylint warns about Optional[] etc. as unsubscriptable in 3.9 + unsubscriptable-object, +- # pylint's static analysis causes false positivies for file_path(); ++ # pylint's static analysis causes false positives for file_path(); + # If we really care to make it statically knowable, we'll use mypy. + unbalanced-tuple-unpacking, + # Sometimes we need to disable a newly introduced pylint warning. +diff --git a/tests/qtest/ahci-test.c b/tests/qtest/ahci-test.c +index 8073ccc205..f7f69dc4bd 100644 +--- a/tests/qtest/ahci-test.c ++++ b/tests/qtest/ahci-test.c +@@ -331,7 +331,7 @@ static void ahci_test_pci_spec(AHCIQState *ahci) + ASSERT_BIT_CLEAR(datal, ~0xFF); + g_assert_cmphex(datal, !=, 0); + +- /* Check specification adherence for capability extenstions. */ ++ /* Check specification adherence for capability extensions. */ + data = qpci_config_readw(ahci->dev, datal); + + switch (ahci->fingerprint) { +diff --git a/tests/qtest/bios-tables-test.c b/tests/qtest/bios-tables-test.c +index 184937e6ca..ff8f13199d 100644 +--- a/tests/qtest/bios-tables-test.c ++++ b/tests/qtest/bios-tables-test.c +@@ -26,7 +26,7 @@ + * 4. Run + * make check V=1 + * this will produce a bunch of warnings about differences +- * beween actual and expected ACPI tables. If you have IASL installed, ++ * between actual and expected ACPI tables. If you have IASL installed, + * they will also be disassembled so you can look at the disassembled + * output. If not - disassemble them yourself in any way you like. + * Look at the differences - make sure they make sense and match what the +diff --git a/tests/qtest/ds1338-test.c b/tests/qtest/ds1338-test.c +index c5d46bcc64..427407e7b4 100644 +--- a/tests/qtest/ds1338-test.c ++++ b/tests/qtest/ds1338-test.c +@@ -38,7 +38,7 @@ static void send_and_receive(void *obj, void *data, QGuestAllocator *alloc) + + i2c_read_block(i2cdev, 0, resp, sizeof(resp)); + +- /* check retrieved time againt local time */ ++ /* check retrieved time against local time */ + g_assert_cmpuint(bcd2bin(resp[4]), == , tm_ptr->tm_mday); + g_assert_cmpuint(bcd2bin(resp[5]), == , 1 + tm_ptr->tm_mon); + g_assert_cmpuint(2000 + bcd2bin(resp[6]), == , 1900 + tm_ptr->tm_year); +diff --git a/tests/qtest/fuzz/generic_fuzz.c b/tests/qtest/fuzz/generic_fuzz.c +index dd7e25851c..aa4fe5a7ea 100644 +--- a/tests/qtest/fuzz/generic_fuzz.c ++++ b/tests/qtest/fuzz/generic_fuzz.c +@@ -911,9 +911,9 @@ static void generic_pre_fuzz(QTestState *s) + * functionality B + * + * This function attempts to produce an input that: +- * Ouptut: maps a device's BARs, set up three DMA patterns, triggers +- * functionality A device, replaces the DMA patterns with a single +- * patten, and triggers device functionality B. ++ * Output: maps a device's BARs, set up three DMA patterns, triggers ++ * device functionality A, replaces the DMA patterns with a single ++ * pattern, and triggers device functionality B. + */ + static size_t generic_fuzz_crossover(const uint8_t *data1, size_t size1, const + uint8_t *data2, size_t size2, uint8_t *out, +diff --git a/tests/qtest/libqos/qgraph.c b/tests/qtest/libqos/qgraph.c +index d1dc491930..eae29368bc 100644 +--- a/tests/qtest/libqos/qgraph.c ++++ b/tests/qtest/libqos/qgraph.c +@@ -54,7 +54,7 @@ struct QOSStackElement { + int length; + }; + +-/* Each enty in these hash table will consist of pair. */ ++/* Each entry in these hash table will consist of pair. */ + static GHashTable *edge_table; + static GHashTable *node_table; + +@@ -214,7 +214,7 @@ static QOSGraphEdge *search_list_edges(QOSGraphEdgeList *edgelist, + /** + * search_machine(): search for a machine @name in the node hash + * table. A machine is the child of the root node. +- * This function forces the research in the childs of the root, ++ * This function forces the research in the children of the root, + * to check the node is a proper machine + * + * Returns: on success: the %QOSGraphNode +diff --git a/tests/qtest/libqos/qgraph_internal.h b/tests/qtest/libqos/qgraph_internal.h +index 7d62fd17af..87fab1f9f0 100644 +--- a/tests/qtest/libqos/qgraph_internal.h ++++ b/tests/qtest/libqos/qgraph_internal.h +@@ -197,7 +197,7 @@ char *qos_graph_edge_get_name(QOSGraphEdge *edge); + * qos_graph_get_machine(): returns the machine assigned + * to that @node name. + * +- * It performs a search only trough the list of machines ++ * It performs a search only through the list of machines + * (i.e. the QOS_ROOT child). + * + * Returns: on success: the %QOSGraphNode +diff --git a/tests/qtest/libqtest.c b/tests/qtest/libqtest.c +index 25aeea385b..407c07d728 100644 +--- a/tests/qtest/libqtest.c ++++ b/tests/qtest/libqtest.c +@@ -1483,7 +1483,7 @@ QTestState *qtest_inproc_init(QTestState **s, bool log, const char* arch, + + qtest_client_set_rx_handler(qts, qtest_client_inproc_recv_line); + +- /* send() may not have a matching protoype, so use a type-safe wrapper */ ++ /* send() may not have a matching prototype, so use a type-safe wrapper */ + qts->ops.external_send = send; + qtest_client_set_tx_handler(qts, send_wrapper); + +diff --git a/tests/qtest/migration-test.c b/tests/qtest/migration-test.c +index 8fad247f6c..c4177168fa 100644 +--- a/tests/qtest/migration-test.c ++++ b/tests/qtest/migration-test.c +@@ -620,7 +620,7 @@ static int test_migrate_start(QTestState **from, QTestState **to, + + /* + * Remove shmem file immediately to avoid memory leak in test failed case. +- * It's valid becase QEMU has already opened this file ++ * It's valid because QEMU has already opened this file + */ + if (args->use_shmem) { + unlink(shmem_path); +@@ -1157,7 +1157,7 @@ static void test_migrate_auto_converge(void) + + /* + * We want the test to be stable and as fast as possible. +- * E.g., with 1Gb/s bandwith migration may pass without throttling, ++ * E.g., with 1Gb/s bandwidth migration may pass without throttling, + * so we need to decrease a bandwidth. + */ + const int64_t init_pct = 5, inc_pct = 50, max_pct = 95; +diff --git a/tests/qtest/npcm7xx_timer-test.c b/tests/qtest/npcm7xx_timer-test.c +index 83774a5b90..43711049ca 100644 +--- a/tests/qtest/npcm7xx_timer-test.c ++++ b/tests/qtest/npcm7xx_timer-test.c +@@ -384,7 +384,7 @@ static void test_pause_resume(gconstpointer test_data) + g_assert_true(qtest_get_irq(global_qtest, tim_timer_irq(td))); + } + +-/* Verifies that the prescaler can be changed while the timer is runnin. */ ++/* Verifies that the prescaler can be changed while the timer is running. */ + static void test_prescaler_change(gconstpointer test_data) + { + const TestData *td = test_data; +diff --git a/tests/qtest/tpm-emu.c b/tests/qtest/tpm-emu.c +index 2994d1cf42..e0d967fc01 100644 +--- a/tests/qtest/tpm-emu.c ++++ b/tests/qtest/tpm-emu.c +@@ -70,7 +70,7 @@ static void *tpm_emu_tpm_thread(void *data) + s->tpm_msg->code = cpu_to_be32(TPM_FAIL); + break; + default: +- g_debug("unsupport TPM version %u", s->tpm_version); ++ g_debug("unsupported TPM version %u", s->tpm_version); + g_assert_not_reached(); + } + qio_channel_write(ioc, (char *)s->tpm_msg, be32_to_cpu(s->tpm_msg->len), +diff --git a/tests/qtest/tpm-tests.c b/tests/qtest/tpm-tests.c +index 25073d1f9e..fb94496bbd 100644 +--- a/tests/qtest/tpm-tests.c ++++ b/tests/qtest/tpm-tests.c +@@ -1,5 +1,5 @@ + /* +- * QTest TPM commont test code ++ * QTest TPM common test code + * + * Copyright (c) 2018 IBM Corporation + * Copyright (c) 2018 Red Hat, Inc. +diff --git a/tests/qtest/tpm-tests.h b/tests/qtest/tpm-tests.h +index a5df35ab5b..07ba60d26e 100644 +--- a/tests/qtest/tpm-tests.h ++++ b/tests/qtest/tpm-tests.h +@@ -1,5 +1,5 @@ + /* +- * QTest TPM commont test code ++ * QTest TPM common test code + * + * Copyright (c) 2018 IBM Corporation + * +diff --git a/tests/qtest/tpm-tis-util.c b/tests/qtest/tpm-tis-util.c +index 939893bf01..0c8af168e4 100644 +--- a/tests/qtest/tpm-tis-util.c ++++ b/tests/qtest/tpm-tis-util.c +@@ -340,7 +340,7 @@ void tpm_tis_test_check_access_reg_release(const void *data) + TPM_TIS_ACCESS_ACTIVE_LOCALITY); + /* + * highest locality should now be active; release it and make sure the +- * next higest locality is active afterwards ++ * next highest locality is active afterwards + */ + for (l = TPM_TIS_NUM_LOCALITIES - 2; l >= 0; l--) { + if (l == locty) { +diff --git a/tests/qtest/vhost-user-blk-test.c b/tests/qtest/vhost-user-blk-test.c +index 62e670f39b..c1d2c6fa03 100644 +--- a/tests/qtest/vhost-user-blk-test.c ++++ b/tests/qtest/vhost-user-blk-test.c +@@ -950,7 +950,7 @@ static void *vhost_user_blk_test_setup(GString *cmd_line, void *arg) + * Setup for hotplug. + * + * Since vhost-user server only serves one vhost-user client one time, +- * another exprot ++ * another export + * + */ + static void *vhost_user_blk_hotplug_test_setup(GString *cmd_line, void *arg) +diff --git a/tests/qtest/virtio-net-test.c b/tests/qtest/virtio-net-test.c +index aab4480fb0..3b17e74d06 100644 +--- a/tests/qtest/virtio-net-test.c ++++ b/tests/qtest/virtio-net-test.c +@@ -211,7 +211,7 @@ static void announce_self(void *obj, void *data, QGuestAllocator *t_alloc) + g_assert_cmpint(*proto, ==, htons(ETH_P_RARP)); + + /* +- * Stop the announcment by settings rounds to 0 on the ++ * Stop the announcement by settings rounds to 0 on the + * existing timer. + */ + rsp = qmp("{ 'execute' : 'announce-self', " +diff --git a/tests/qtest/vmgenid-test.c b/tests/qtest/vmgenid-test.c +index 6781a51447..015e413075 100644 +--- a/tests/qtest/vmgenid-test.c ++++ b/tests/qtest/vmgenid-test.c +@@ -19,7 +19,7 @@ + + #define VGID_GUID "324e6eaf-d1d1-4bf6-bf41-b9bb6c91fb87" + #define VMGENID_GUID_OFFSET 40 /* allow space for +- * OVMF SDT Header Probe Supressor ++ * OVMF SDT Header Probe Suppressor + */ + #define RSDP_ADDR_INVALID 0x100000 /* RSDP must be below this address */ + +diff --git a/tests/tsan/suppressions.tsan b/tests/tsan/suppressions.tsan +index 73414b9ebd..d9a002a2ef 100644 +--- a/tests/tsan/suppressions.tsan ++++ b/tests/tsan/suppressions.tsan +@@ -7,7 +7,7 @@ + mutex:aio_context_acquire + mutex:pthread_mutex_lock + +-# TSan reports a race betwen pthread_mutex_init() and ++# TSan reports a race between pthread_mutex_init() and + # pthread_mutex_lock(). Since this is outside of QEMU, + # we choose to ignore it. + race:pthread_mutex_init +diff --git a/tests/uefi-test-tools/Makefile b/tests/uefi-test-tools/Makefile +index 471f0de981..0c003f2877 100644 +--- a/tests/uefi-test-tools/Makefile ++++ b/tests/uefi-test-tools/Makefile +@@ -87,7 +87,7 @@ Build/%.fat: Build/%.efi + .NOTPARALLEL: + + # In turn, the "build" utility of edk2 BaseTools invokes another "make". +-# Although the outer "make" process advertizes its job server to all child ++# Although the outer "make" process advertises its job server to all child + # processes via MAKEFLAGS in the environment, the outer "make" closes the job + # server file descriptors (exposed in MAKEFLAGS) before executing a recipe -- + # unless the recipe is recognized as a recursive "make" recipe. Recipes that +diff --git a/tests/unit/check-qjson.c b/tests/unit/check-qjson.c +index c845f91d43..d90ddd0217 100644 +--- a/tests/unit/check-qjson.c ++++ b/tests/unit/check-qjson.c +@@ -1487,7 +1487,7 @@ int main(int argc, char **argv) + g_test_add_func("/literals/keyword", keyword_literal); + + g_test_add_func("/literals/interpolation/valid", interpolation_valid); +- g_test_add_func("/literals/interpolation/unkown", interpolation_unknown); ++ g_test_add_func("/literals/interpolation/unknown", interpolation_unknown); + g_test_add_func("/literals/interpolation/string", interpolation_string); + + g_test_add_func("/dicts/simple_dict", simple_dict); +diff --git a/tests/unit/test-aio.c b/tests/unit/test-aio.c +index 6feeb9a4a9..95265a0d75 100644 +--- a/tests/unit/test-aio.c ++++ b/tests/unit/test-aio.c +@@ -478,7 +478,7 @@ static void test_timer_schedule(void) + + g_assert_cmpint(data.n, ==, 0); + +- /* timer_mod may well cause an event notifer to have gone off, ++ /* timer_mod may well cause an event notifier to have gone off, + * so clear that + */ + do {} while (aio_poll(ctx, false)); +diff --git a/tests/unit/test-bdrv-graph-mod.c b/tests/unit/test-bdrv-graph-mod.c +index a6e3bb79be..a5d5cab005 100644 +--- a/tests/unit/test-bdrv-graph-mod.c ++++ b/tests/unit/test-bdrv-graph-mod.c +@@ -94,9 +94,9 @@ static BlockDriverState *exclusive_writer_node(const char *name) + * | perm: write, read + * | shared: except write + * v +- * +-------------------+ +----------------+ +- * | passtrough filter |---------->| null-co node | +- * +-------------------+ +----------------+ ++ * +--------------------+ +----------------+ ++ * | passthrough filter |--------->| null-co node | ++ * +--------------------+ +----------------+ + * + * + * and then, tries to append filter under node. Expected behavior: fail. +@@ -110,9 +110,9 @@ static BlockDriverState *exclusive_writer_node(const char *name) + * | perm: write, read + * | shared: except write + * v +- * +-------------------+ +- * | passtrough filter | +- * +-------------------+ ++ * +--------------------+ ++ * | passthrough filter | ++ * +--------------------+ + * | | + * perm: write, read | | perm: write, read + * shared: except write | | shared: except write +diff --git a/tests/unit/test-crypto-secret.c b/tests/unit/test-crypto-secret.c +index 147b4af828..ffd13ff70e 100644 +--- a/tests/unit/test-crypto-secret.c ++++ b/tests/unit/test-crypto-secret.c +@@ -244,7 +244,7 @@ static void test_secret_keyring_bad_key_access_right(void) + char key_str[16]; + Object *sec; + +- g_test_skip("TODO: Need responce from Linux kernel maintainers"); ++ g_test_skip("TODO: Need response from Linux kernel maintainers"); + return; + + int32_t key = add_key("user", DESCRIPTION, PAYLOAD, +diff --git a/tests/unit/test-qobject-input-visitor.c b/tests/unit/test-qobject-input-visitor.c +index 6f59a7f432..60a5a59ec8 100644 +--- a/tests/unit/test-qobject-input-visitor.c ++++ b/tests/unit/test-qobject-input-visitor.c +@@ -95,7 +95,7 @@ Visitor *visitor_input_test_init(TestInputVisitorData *data, + + /* similar to visitor_input_test_init(), but does not expect a string + * literal/format json_string argument and so can be used for +- * programatically generated strings (and we can't pass in programatically ++ * programmatically generated strings (and we can't pass in programmatically + * generated strings via %s format parameters since qobject_from_jsonv() + * will wrap those in double-quotes and treat the entire object as a + * string) +diff --git a/tests/unit/test-throttle.c b/tests/unit/test-throttle.c +index 7adb5e6652..dc8739c1d6 100644 +--- a/tests/unit/test-throttle.c ++++ b/tests/unit/test-throttle.c +@@ -135,7 +135,7 @@ static void test_compute_wait(void) + g_assert(double_cmp(bkt.burst_level, 0)); + g_assert(double_cmp(bkt.level, (i + 1) * (bkt.max - bkt.avg) / 10)); + /* We can do bursts for the 2 seconds we have configured in +- * burst_length. We have 100 extra miliseconds of burst ++ * burst_length. We have 100 extra milliseconds of burst + * because bkt.level has been leaking during this time. + * After that, we have to wait. */ + result = i < 21 ? 0 : 1.8 * NANOSECONDS_PER_SECOND; +@@ -375,11 +375,11 @@ static void test_is_valid_for_value(int value, bool should_be_valid) + + static void test_is_valid(void) + { +- /* negative number are invalid */ ++ /* negative numbesr are invalid */ + test_is_valid_for_value(-1, false); +- /* zero are valids */ ++ /* zero is valid */ + test_is_valid_for_value(0, true); +- /* positives numers are valids */ ++ /* positives numbers are valid */ + test_is_valid_for_value(1, true); + } + +diff --git a/tests/unit/test-util-filemonitor.c b/tests/unit/test-util-filemonitor.c +index b629e10857..a22de27595 100644 +--- a/tests/unit/test-util-filemonitor.c ++++ b/tests/unit/test-util-filemonitor.c +@@ -132,7 +132,7 @@ qemu_file_monitor_test_record_free(QFileMonitorTestRecord *rec) + * the file monitor event handler. Since events are + * emitted in the background thread running the event + * loop, we can't assume there is a record available +- * immediately. Thus we will sleep for upto 5 seconds ++ * immediately. Thus we will sleep for up to 5 seconds + * to wait for the event to be queued for us. + */ + static QFileMonitorTestRecord * +diff --git a/tests/vm/Makefile.include b/tests/vm/Makefile.include +index ae91f5043e..b1c45954b6 100644 +--- a/tests/vm/Makefile.include ++++ b/tests/vm/Makefile.include +@@ -75,7 +75,7 @@ endif + @echo " QEMU_IMG=/path/to/qemu-img - Change path to qemu-img tool" + @echo " QEMU_LOCAL=1 - Use QEMU binary local to this build." + @echo " TARGET_LIST=a,b,c - Override target list in builds" +- @echo " V=1 - Enable verbose ouput on host and guest commands" ++ @echo " V=1 - Enable verbose output on host and guest commands" + + vm-build-all: $(addprefix vm-build-, $(IMAGES)) + +diff --git a/tests/vm/ubuntuvm.py b/tests/vm/ubuntuvm.py +index 6689ad87aa..15c530c571 100644 +--- a/tests/vm/ubuntuvm.py ++++ b/tests/vm/ubuntuvm.py +@@ -51,7 +51,7 @@ def build_image(self, img): + # then we will jump right to the graceful shutdown + if self._config['install_cmds'] != "": + # Issue the install commands. +- # This can be overriden by the user in the config .yml. ++ # This can be overridden by the user in the config .yml. + install_cmds = self._config['install_cmds'].split(',') + for cmd in install_cmds: + self.ssh_root(cmd) +-- +2.27.0 + diff --git a/tests-unit-fix-a-Wformat-truncation-warning.patch b/tests-unit-fix-a-Wformat-truncation-warning.patch new file mode 100644 index 0000000000000000000000000000000000000000..40fb8d09daa1fcbfd1e12fd5013aac15a3f994c1 --- /dev/null +++ b/tests-unit-fix-a-Wformat-truncation-warning.patch @@ -0,0 +1,53 @@ +From 133b578fabea9f4cc5936da233c04463bf94b6db Mon Sep 17 00:00:00 2001 +From: boringandboring +Date: Thu, 7 Dec 2023 09:20:00 +0800 +Subject: [PATCH] tests/unit: fix a -Wformat-truncation warning +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry picked from 6a54ac2a9737057dc19aa584d823a3011717423b + +../tests/test-qobject-input-visitor.c: In function ‘test_visitor_in_list’: +../tests/test-qobject-input-visitor.c:454:49: warning: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size 6 [-Wformat-truncation=] + 454 | snprintf(string, sizeof(string), "string%d", i); + | ^~ +../tests/test-qobject-input-visitor.c:454:42: note: directive argument in the range [0, 2147483606] + 454 | snprintf(string, sizeof(string), "string%d", i); + | ^~~~~~~~~~ +../tests/test-qobject-input-visitor.c:454:9: note: ‘snprintf’ output between 8 and 17 bytes into a destination of size 12 + 454 | snprintf(string, sizeof(string), "string%d", i); + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Rather than trying to be clever, since this is called 3 times during +tests, let's simply use g_strdup_printf(). + +Signed-off-by: Marc-André Lureau +Reviewed-by: Markus Armbruster +Message-id: 20220810121513.1356081-1-marcandre.lureau@redhat.com +Reviewed-by: Peter Maydell +[PMM: fixed commit message typos] +Signed-off-by: Peter Maydell +Signed-off-by: boringandboring +--- + tests/unit/test-qobject-input-visitor.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/tests/unit/test-qobject-input-visitor.c b/tests/unit/test-qobject-input-visitor.c +index 6f59a7f432..0f28d46a4a 100644 +--- a/tests/unit/test-qobject-input-visitor.c ++++ b/tests/unit/test-qobject-input-visitor.c +@@ -448,9 +448,8 @@ static void test_visitor_in_list(TestInputVisitorData *data, + g_assert(head != NULL); + + for (i = 0, item = head; item; item = item->next, i++) { +- char string[12]; ++ g_autofree char *string = g_strdup_printf("string%d", i); + +- snprintf(string, sizeof(string), "string%d", i); + g_assert_cmpstr(item->value->string, ==, string); + g_assert_cmpint(item->value->integer, ==, 42 + i); + } +-- +2.27.0 + diff --git a/ui-vnc-clipboard-fix-inflate_buffer.patch b/ui-vnc-clipboard-fix-inflate_buffer.patch new file mode 100644 index 0000000000000000000000000000000000000000..f12ff9b4c00246c040c460a53c2a4d9b70e44371 --- /dev/null +++ b/ui-vnc-clipboard-fix-inflate_buffer.patch @@ -0,0 +1,47 @@ +From 7f19287be9b468b7065073a31d35c01b2632858d Mon Sep 17 00:00:00 2001 +From: qihao +Date: Tue, 5 Dec 2023 14:10:50 +0800 +Subject: [PATCH] ui/vnc-clipboard: fix inflate_buffer +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cheery-pick from ebfbf394671163c14e2b24d98f3927a3151d1aff + +Commit d921fea338 ("ui/vnc-clipboard: fix infinite loop in +inflate_buffer (CVE-2023-3255)") removed this hunk, but it is still +required, because it can happen that stream.avail_in becomes zero +before coming across a return value of Z_STREAM_END in the loop. + +This fixes the host->guest direction of the clipboard with noVNC and +TigerVNC as clients. + +Fixes: d921fea338 ("ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255)") +Reported-by: Friedrich Weber +Signed-off-by: Fiona Ebner +Acked-by: Marc-André Lureau +Message-Id: <20231122125826.228189-1-f.ebner@proxmox.com> +Signed-off-by: qihao_yewu +--- + ui/vnc-clipboard.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/ui/vnc-clipboard.c b/ui/vnc-clipboard.c +index c84599cfdb..2bb1b07c40 100644 +--- a/ui/vnc-clipboard.c ++++ b/ui/vnc-clipboard.c +@@ -70,6 +70,11 @@ static uint8_t *inflate_buffer(uint8_t *in, uint32_t in_len, uint32_t *size) + } + } + ++ *size = stream.total_out; ++ inflateEnd(&stream); ++ ++ return out; ++ + err_end: + inflateEnd(&stream); + err: +-- +2.27.0 + diff --git a/vdpa-correct-param-passed-in-when-unregister-save.patch b/vdpa-correct-param-passed-in-when-unregister-save.patch new file mode 100644 index 0000000000000000000000000000000000000000..3b7ce2772e56b6a60dbe7847936397351efed879 --- /dev/null +++ b/vdpa-correct-param-passed-in-when-unregister-save.patch @@ -0,0 +1,30 @@ +From 9f0b9d2d71b9fa21789981d68335ee417e18b025 Mon Sep 17 00:00:00 2001 +From: jiangdongxu +Date: Thu, 14 Dec 2023 11:22:54 +0800 +Subject: [PATCH] vdpa: correct param passed in when unregister save + +The idstr passed in the unregister_savevm function is inconsisten +with the idstr passed in when register_savevm_live registration. +Needs to be modified, otherwise migration will fail after hotunplug +all vdpa devices. + +Signed-off-by: jiangdongxu +--- + hw/virtio/vdpa-dev-mig.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/virtio/vdpa-dev-mig.c b/hw/virtio/vdpa-dev-mig.c +index ee3e27f2bb..c71e71fd64 100644 +--- a/hw/virtio/vdpa-dev-mig.c ++++ b/hw/virtio/vdpa-dev-mig.c +@@ -400,6 +400,6 @@ void vdpa_migration_register(VhostVdpaDevice *vdev) + void vdpa_migration_unregister(VhostVdpaDevice *vdev) + { + remove_migration_state_change_notifier(&vdev->migration_state); +- unregister_savevm(VMSTATE_IF(&vdev->parent_obj.parent_obj), "vdpa", DEVICE(vdev)); ++ unregister_savevm(NULL, "vdpa", DEVICE(vdev)); + qemu_del_vm_change_state_handler(vdev->vmstate); + } +-- +2.27.0 + diff --git a/vdpa-don-t-suspend-resume-device-when-vdpa-device-no.patch b/vdpa-don-t-suspend-resume-device-when-vdpa-device-no.patch new file mode 100644 index 0000000000000000000000000000000000000000..77e69328c28d92a81b9d25a3ab5e12724d717918 --- /dev/null +++ b/vdpa-don-t-suspend-resume-device-when-vdpa-device-no.patch @@ -0,0 +1,67 @@ +From daab4fa364c508d793ed28a920d50cd76efe7633 Mon Sep 17 00:00:00 2001 +From: jiangdongxu +Date: Tue, 19 Dec 2023 20:32:00 +0800 +Subject: [PATCH] vdpa: don't suspend/resume device when vdpa device not + started + +When vdpa device not started, we don't need to suspend vdpa device +and send vdpa device state information. Therefore, add the suspended +flag of vdpa device to distinguish whether the device is suspended and +use it to determine whether the device needs to resume in dest qemu. + +Signed-off-by: jiangdongxu +--- + hw/virtio/vdpa-dev-mig.c | 23 +++++++++++++++-------- + 1 file changed, 15 insertions(+), 8 deletions(-) + +diff --git a/hw/virtio/vdpa-dev-mig.c b/hw/virtio/vdpa-dev-mig.c +index 4a45821892..9cd80f92eb 100644 +--- a/hw/virtio/vdpa-dev-mig.c ++++ b/hw/virtio/vdpa-dev-mig.c +@@ -296,10 +296,13 @@ static int vdpa_save_complete_precopy(QEMUFile *f, void *opaque) + int ret; + + qemu_put_be64(f, VDPA_MIG_FLAG_DEV_CONFIG_STATE); +- ret = vhost_vdpa_dev_buffer_save(hdev, f); +- if (ret) { +- error_report("Save vdpa device buffer failed: %d\n", ret); +- return ret; ++ qemu_put_be16(f, (uint16_t)vdev->suspended); ++ if (vdev->suspended) { ++ ret = vhost_vdpa_dev_buffer_save(hdev, f); ++ if (ret) { ++ error_report("Save vdpa device buffer failed: %d\n", ret); ++ return ret; ++ } + } + qemu_put_be64(f, VDPA_MIG_FLAG_END_OF_STATE); + +@@ -313,6 +316,7 @@ static int vdpa_load_state(QEMUFile *f, void *opaque, int version_id) + + int ret; + uint64_t data; ++ uint16_t suspended; + + data = qemu_get_be64(f); + while (data != VDPA_MIG_FLAG_END_OF_STATE) { +@@ -325,10 +329,13 @@ static int vdpa_load_state(QEMUFile *f, void *opaque, int version_id) + return -EINVAL; + } + } else if (data == VDPA_MIG_FLAG_DEV_CONFIG_STATE) { +- ret = vhost_vdpa_dev_buffer_load(hdev, f); +- if (ret) { +- error_report("fail to restore device buffer.\n"); +- return ret; ++ suspended = qemu_get_be16(f); ++ if (suspended) { ++ ret = vhost_vdpa_dev_buffer_load(hdev, f); ++ if (ret) { ++ error_report("fail to restore device buffer.\n"); ++ return ret; ++ } + } + } + +-- +2.27.0 + diff --git a/vdpa-set-vring-enable-only-if-the-vring-address-has-.patch b/vdpa-set-vring-enable-only-if-the-vring-address-has-.patch new file mode 100644 index 0000000000000000000000000000000000000000..f3bc7b5c071d57a7a6016280c73570cc2e1e73ab --- /dev/null +++ b/vdpa-set-vring-enable-only-if-the-vring-address-has-.patch @@ -0,0 +1,44 @@ +From 11c0e08a95c35adec07e3b40d1bd9452d7113236 Mon Sep 17 00:00:00 2001 +From: jiangdongxu +Date: Thu, 14 Dec 2023 11:05:52 +0800 +Subject: [PATCH] vdpa: set vring enable only if the vring address has already + been set + +Currently, vhost-vdpa does not determine the status of each vring when +performing the enable operation on vring. When the vBIOS(EDK2) is running, +the driver will not enable all vrings. In this case, setting all vrings +to enable is isconsistent with the actual situation. + +Add logic when enabling vring, make a judement on the vring status. If the +vring address is not set, the vring will not enabled. + +Signed-off-by: jiangdongxu +--- + hw/virtio/vhost-vdpa.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/hw/virtio/vhost-vdpa.c b/hw/virtio/vhost-vdpa.c +index c7aaff7f20..36ed0c9a99 100644 +--- a/hw/virtio/vhost-vdpa.c ++++ b/hw/virtio/vhost-vdpa.c +@@ -714,8 +714,17 @@ static int vhost_vdpa_get_vq_index(struct vhost_dev *dev, int idx) + static int vhost_vdpa_set_vring_ready(struct vhost_dev *dev) + { + int i; ++ int idx; ++ hwaddr addr; ++ + trace_vhost_vdpa_set_vring_ready(dev); + for (i = 0; i < dev->nvqs; ++i) { ++ idx = vhost_vdpa_get_vq_index(dev, dev->vq_index + i); ++ addr = virtio_queue_get_desc_addr(dev->vdev, idx); ++ if (addr == 0) { ++ continue; ++ } ++ + struct vhost_vring_state state = { + .index = dev->vq_index + i, + .num = 1, +-- +2.27.0 + diff --git a/vdpa-support-vdpa-device-suspend-resume.patch b/vdpa-support-vdpa-device-suspend-resume.patch new file mode 100644 index 0000000000000000000000000000000000000000..2c94e7a3981817194eadeafebf100a7798dbdeba --- /dev/null +++ b/vdpa-support-vdpa-device-suspend-resume.patch @@ -0,0 +1,119 @@ +From 06bb2d68ef70813167a633aa00779acf61c784b0 Mon Sep 17 00:00:00 2001 +From: jiangdongxu +Date: Tue, 19 Dec 2023 20:18:03 +0800 +Subject: [PATCH] vdpa: support vdpa device suspend/resume + +commit a21603f7ecfa 'vhost: implement vhost_vdpa_device_suspend/resume' +only implement suspend and resume interface used for migration. The +current implementation still has bugs when suspend/resume a virtual +machine. Fix it. + +Signed-off-by: jiangdongxu +--- + hw/virtio/vdpa-dev-mig.c | 16 +++++++++++----- + hw/virtio/vdpa-dev.c | 8 +------- + include/hw/virtio/vdpa-dev.h | 1 + + 3 files changed, 13 insertions(+), 12 deletions(-) + +diff --git a/hw/virtio/vdpa-dev-mig.c b/hw/virtio/vdpa-dev-mig.c +index c71e71fd64..4a45821892 100644 +--- a/hw/virtio/vdpa-dev-mig.c ++++ b/hw/virtio/vdpa-dev-mig.c +@@ -149,6 +149,7 @@ static int vhost_vdpa_device_suspend(VhostVdpaDevice *vdpa) + } + + vdpa->started = false; ++ vdpa->suspended = true; + + ret = vhost_dev_suspend(&vdpa->dev, vdev, false); + if (ret) { +@@ -171,6 +172,7 @@ set_guest_notifiers_fail: + } + + suspend_fail: ++ vdpa->suspended = false; + vdpa->started = true; + return ret; + } +@@ -207,6 +209,7 @@ static int vhost_vdpa_device_resume(VhostVdpaDevice *vdpa) + goto err_guest_notifiers; + } + vdpa->started = true; ++ vdpa->suspended = false; + + /* + * guest_notifier_mask/pending not used yet, so just unmask +@@ -247,7 +250,7 @@ static void vdpa_dev_vmstate_change(void *opaque, bool running, RunState state) + MigrationIncomingState *mis = migration_incoming_get_current(); + + if (!running) { +- if (ms->state == RUN_STATE_PAUSED) { ++ if (ms->state == MIGRATION_STATUS_ACTIVE || state == RUN_STATE_PAUSED) { + ret = vhost_vdpa_device_suspend(vdpa); + if (ret) { + error_report("suspend vdpa device failed: %d\n", ret); +@@ -257,16 +260,19 @@ static void vdpa_dev_vmstate_change(void *opaque, bool running, RunState state) + } + } + } else { +- if (ms->state == RUN_STATE_RESTORE_VM) { ++ if (vdpa->suspended) { + ret = vhost_vdpa_device_resume(vdpa); + if (ret) { +- error_report("migration dest resume device failed, abort!\n"); +- exit(EXIT_FAILURE); ++ error_report("vhost vdpa device resume failed: %d\n", ret); + } + } + + if (mis->state == RUN_STATE_RESTORE_VM) { +- vhost_vdpa_call(hdev, VHOST_VDPA_RESUME, NULL); ++ ret = vhost_vdpa_call(hdev, VHOST_VDPA_RESUME, NULL); ++ if (ret) { ++ error_report("migration dest resume device failed: %d\n", ret); ++ exit(EXIT_FAILURE); ++ } + /* post resume */ + mis->bh = qemu_bh_new(vdpa_dev_migration_handle_incoming_bh, + hdev); +diff --git a/hw/virtio/vdpa-dev.c b/hw/virtio/vdpa-dev.c +index 143dadc88d..04d8e96a5d 100644 +--- a/hw/virtio/vdpa-dev.c ++++ b/hw/virtio/vdpa-dev.c +@@ -315,7 +315,6 @@ static void vhost_vdpa_device_stop(VirtIODevice *vdev) + static void vhost_vdpa_device_set_status(VirtIODevice *vdev, uint8_t status) + { + VhostVdpaDevice *s = VHOST_VDPA_DEVICE(vdev); +- MigrationState *ms = migrate_get_current(); + bool should_start = virtio_device_started(vdev, status); + Error *local_err = NULL; + int ret; +@@ -324,12 +323,7 @@ static void vhost_vdpa_device_set_status(VirtIODevice *vdev, uint8_t status) + should_start = false; + } + +- if (s->started == should_start) { +- return; +- } +- +- if (ms->state == RUN_STATE_PAUSED || +- ms->state == RUN_STATE_RESTORE_VM) { ++ if (s->started == should_start || s->suspended) { + return; + } + +diff --git a/include/hw/virtio/vdpa-dev.h b/include/hw/virtio/vdpa-dev.h +index 20f50c76c6..60e9c3f3fe 100644 +--- a/include/hw/virtio/vdpa-dev.h ++++ b/include/hw/virtio/vdpa-dev.h +@@ -37,6 +37,7 @@ struct VhostVdpaDevice { + int config_size; + uint16_t queue_size; + bool started; ++ bool suspended; + int (*post_init)(VhostVdpaDevice *v, Error **errp); + VMChangeStateEntry *vmstate; + Notifier migration_state; +-- +2.27.0 + diff --git a/vdpa-suspend-function-return-0-when-the-vdpa-device-.patch b/vdpa-suspend-function-return-0-when-the-vdpa-device-.patch new file mode 100644 index 0000000000000000000000000000000000000000..2c3c44a10a0957a8d9dcb9e74f74a8b947071a56 --- /dev/null +++ b/vdpa-suspend-function-return-0-when-the-vdpa-device-.patch @@ -0,0 +1,45 @@ +From bd3f62a0df7be244dcd7dab0632883354c476f17 Mon Sep 17 00:00:00 2001 +From: jiangdongxu +Date: Thu, 21 Dec 2023 11:03:37 +0800 +Subject: [PATCH] vdpa: suspend function return 0 when the vdpa device is + stopped + +When vhost vdpa device is stopped(vdpa->started is false), suspend +operation do nothing and return success, instead of return failure. + +The same goes for resume function. + +Signed-off-by: jiangdongxu +--- + hw/virtio/vdpa-dev-mig.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/hw/virtio/vdpa-dev-mig.c b/hw/virtio/vdpa-dev-mig.c +index 9cd80f92eb..679d37b182 100644 +--- a/hw/virtio/vdpa-dev-mig.c ++++ b/hw/virtio/vdpa-dev-mig.c +@@ -140,8 +140,8 @@ static int vhost_vdpa_device_suspend(VhostVdpaDevice *vdpa) + VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(qbus); + int ret; + +- if (!vdpa->started) { +- return -EFAULT; ++ if (!vdpa->started || vdpa->suspended) { ++ return 0; + } + + if (!k->set_guest_notifiers) { +@@ -184,6 +184,10 @@ static int vhost_vdpa_device_resume(VhostVdpaDevice *vdpa) + VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(qbus); + int i, ret; + ++ if (vdpa->started || !vdpa->suspended) { ++ return 0; ++ } ++ + if (!k->set_guest_notifiers) { + error_report("binding does not support guest notifiers\n"); + return -ENOSYS; +-- +2.27.0 + diff --git a/virtio-vhost-vsock-don-t-double-close-vhostfd-remove.patch b/virtio-vhost-vsock-don-t-double-close-vhostfd-remove.patch new file mode 100644 index 0000000000000000000000000000000000000000..b554e7a1d728a2c82ec50d51f5bf246d7945bd0f --- /dev/null +++ b/virtio-vhost-vsock-don-t-double-close-vhostfd-remove.patch @@ -0,0 +1,57 @@ +From 1d888e71517be4a0793b5a03b4a2234c55953c8f Mon Sep 17 00:00:00 2001 +From: boringandboring +Date: Fri, 8 Dec 2023 10:02:51 +0800 +Subject: [PATCH] virtio/vhost-vsock: don't double close vhostfd, remove + redundant cleanup + +cherry picked from d731ab31196579144457c7f2fa3649338bfb21f2 + +In case of an error during initialization in vhost_dev_init, vhostfd is +closed in vhost_dev_cleanup. Remove close from err_virtio as it's both +redundant and causes a double close on vhostfd. + +Signed-off-by: Daniil Tatianin +Message-Id: <20211129125204.1108088-1-d-tatianin@yandex-team.ru> +Reviewed-by: Stefano Garzarella +Reviewed-by: Michael S. Tsirkin +Signed-off-by: Michael S. Tsirkin +Signed-off-by: boringandboring +--- + hw/virtio/vhost-vsock.c | 11 +++++------ + 1 file changed, 5 insertions(+), 6 deletions(-) + +diff --git a/hw/virtio/vhost-vsock.c b/hw/virtio/vhost-vsock.c +index 478c0c9a87..433d42d897 100644 +--- a/hw/virtio/vhost-vsock.c ++++ b/hw/virtio/vhost-vsock.c +@@ -171,6 +171,10 @@ static void vhost_vsock_device_realize(DeviceState *dev, Error **errp) + ret = vhost_dev_init(&vvc->vhost_dev, (void *)(uintptr_t)vhostfd, + VHOST_BACKEND_TYPE_KERNEL, 0, errp); + if (ret < 0) { ++ /* ++ * vhostfd is closed by vhost_dev_cleanup, which is called ++ * by vhost_dev_init on initialization error. ++ */ + goto err_virtio; + } + +@@ -183,15 +187,10 @@ static void vhost_vsock_device_realize(DeviceState *dev, Error **errp) + return; + + err_vhost_dev: +- vhost_dev_cleanup(&vvc->vhost_dev); + /* vhost_dev_cleanup() closes the vhostfd passed to vhost_dev_init() */ +- vhostfd = -1; ++ vhost_dev_cleanup(&vvc->vhost_dev); + err_virtio: + vhost_vsock_common_unrealize(vdev); +- if (vhostfd >= 0) { +- close(vhostfd); +- } +- return; + } + + static void vhost_vsock_device_unrealize(DeviceState *dev) +-- +2.27.0 +