From 454590916caacef2c779351f6c79d1c448bb6f38 Mon Sep 17 00:00:00 2001 From: Laurent Vivier Date: Wed, 20 Nov 2019 15:25:39 +0100 Subject: [PATCH 1/8] pseries: fix migration-test and pxe-test Commit 29cb4187497d ("spapr: Set VSMT to smp_threads by default") has introduced a new default value for VSMT that is not supported by old kernels (before 4.13 kernel) and this breaks "make check" on these kernels. To fix that, explicitly set in the involved tests the value that was used as the default value before the change. Cc: Greg Kurz Signed-off-by: Laurent Vivier Message-Id: <20191120142539.236279-1-lvivier@redhat.com> Acked-by: Thomas Huth Reviewed-by: Juan Quintela Tested-by: Greg Kurz Signed-off-by: David Gibson --- tests/migration-test.c | 4 ++-- tests/pxe-test.c | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/migration-test.c b/tests/migration-test.c index ac780dffda..ebd77a581a 100644 --- a/tests/migration-test.c +++ b/tests/migration-test.c @@ -614,7 +614,7 @@ static int test_migrate_start(QTestState **from, QTestState **to, end_address = S390_TEST_MEM_END; } else if (strcmp(arch, "ppc64") == 0) { extra_opts = use_shmem ? get_shmem_opts("256M", shmem_path) : NULL; - cmd_src = g_strdup_printf("-machine accel=%s -m 256M -nodefaults" + cmd_src = g_strdup_printf("-machine accel=%s,vsmt=8 -m 256M -nodefaults" " -name source,debug-threads=on" " -serial file:%s/src_serial" " -prom-env 'use-nvramrc?=true' -prom-env " @@ -623,7 +623,7 @@ static int test_migrate_start(QTestState **from, QTestState **to, "until' %s %s", accel, tmpfs, end_address, start_address, extra_opts ? extra_opts : "", opts_src); - cmd_dst = g_strdup_printf("-machine accel=%s -m 256M" + cmd_dst = g_strdup_printf("-machine accel=%s,vsmt=8 -m 256M" " -name target,debug-threads=on" " -serial file:%s/dest_serial" " -incoming %s %s %s", diff --git a/tests/pxe-test.c b/tests/pxe-test.c index 948b0fbdc7..aaae54f755 100644 --- a/tests/pxe-test.c +++ b/tests/pxe-test.c @@ -46,15 +46,15 @@ static testdef_t x86_tests_slow[] = { static testdef_t ppc64_tests[] = { { "pseries", "spapr-vlan", - "-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken" }, + "-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken,vsmt=8" }, { "pseries", "virtio-net-pci", - "-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken" }, + "-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken,vsmt=8" }, { NULL }, }; static testdef_t ppc64_tests_slow[] = { { "pseries", "e1000", - "-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken" }, + "-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken,vsmt=8" }, { NULL }, }; From 3607715a308d94b8c4797d23620e268a4c5bebf6 Mon Sep 17 00:00:00 2001 From: David Gibson Date: Thu, 17 Oct 2019 12:12:35 +1100 Subject: [PATCH 2/8] kvm: Introduce KVM irqchip change notifier Awareness of an in kernel irqchip is usually local to the machine and its top-level interrupt controller. However, in a few cases other things need to know about it. In particular vfio devices need this in order to accelerate interrupt delivery. If interrupt routing is changed, such devices may need to readjust their connection to the KVM irqchip. pci_bus_fire_intx_routing_notifier() exists to do just this. However, for the pseries machine type we have a situation where the routing remains constant but the top-level irq chip itself is changed. This occurs because of PAPR feature negotiation which allows the guest to decide between the older XICS and newer XIVE irq chip models (both of which are paravirtualized). To allow devices like vfio to adjust to this change, introduce a new notifier for the purpose kvm_irqchip_change_notify(). Cc: Alex Williamson Cc: Alexey Kardashevskiy Signed-off-by: David Gibson Tested-by: Alex Williamson Reviewed-by: Alex Williamson Reviewed-by: Greg Kurz Acked-by: Alex Williamson --- accel/kvm/kvm-all.c | 18 ++++++++++++++++++ accel/stubs/kvm-stub.c | 12 ++++++++++++ include/sysemu/kvm.h | 5 +++++ 3 files changed, 35 insertions(+) diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index 140b0bd8f6..ca00daa2f5 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -149,6 +149,9 @@ static const KVMCapabilityInfo kvm_required_capabilites[] = { KVM_CAP_LAST_INFO }; +static NotifierList kvm_irqchip_change_notifiers = + NOTIFIER_LIST_INITIALIZER(kvm_irqchip_change_notifiers); + #define kvm_slots_lock(kml) qemu_mutex_lock(&(kml)->slots_lock) #define kvm_slots_unlock(kml) qemu_mutex_unlock(&(kml)->slots_lock) @@ -1396,6 +1399,21 @@ void kvm_irqchip_release_virq(KVMState *s, int virq) trace_kvm_irqchip_release_virq(virq); } +void kvm_irqchip_add_change_notifier(Notifier *n) +{ + notifier_list_add(&kvm_irqchip_change_notifiers, n); +} + +void kvm_irqchip_remove_change_notifier(Notifier *n) +{ + notifier_remove(n); +} + +void kvm_irqchip_change_notify(void) +{ + notifier_list_notify(&kvm_irqchip_change_notifiers, NULL); +} + static unsigned int kvm_hash_msi(uint32_t data) { /* This is optimized for IA32 MSI layout. However, no other arch shall diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c index 6feb66ed80..82f118d2df 100644 --- a/accel/stubs/kvm-stub.c +++ b/accel/stubs/kvm-stub.c @@ -138,6 +138,18 @@ void kvm_irqchip_commit_routes(KVMState *s) { } +void kvm_irqchip_add_change_notifier(Notifier *n) +{ +} + +void kvm_irqchip_remove_change_notifier(Notifier *n) +{ +} + +void kvm_irqchip_change_notify(void) +{ +} + int kvm_irqchip_add_adapter_route(KVMState *s, AdapterInfo *adapter) { return -ENOSYS; diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h index 9d143282bc..9fe233b9bf 100644 --- a/include/sysemu/kvm.h +++ b/include/sysemu/kvm.h @@ -201,6 +201,7 @@ typedef struct KVMCapabilityInfo { struct KVMState; typedef struct KVMState KVMState; extern KVMState *kvm_state; +typedef struct Notifier Notifier; /* external API */ @@ -401,6 +402,10 @@ int kvm_irqchip_send_msi(KVMState *s, MSIMessage msg); void kvm_irqchip_add_irq_route(KVMState *s, int gsi, int irqchip, int pin); +void kvm_irqchip_add_change_notifier(Notifier *n); +void kvm_irqchip_remove_change_notifier(Notifier *n); +void kvm_irqchip_change_notify(void); + void kvm_get_apic_state(DeviceState *d, struct kvm_lapic_state *kapic); struct kvm_guest_debug; From ad54dbd89d7142c00669f8b6f4806c92ab468b45 Mon Sep 17 00:00:00 2001 From: David Gibson Date: Thu, 17 Oct 2019 11:52:45 +1100 Subject: [PATCH 3/8] vfio/pci: Split vfio_intx_update() This splits the vfio_intx_update() function into one part doing the actual reconnection with the KVM irqchip (vfio_intx_update(), now taking an argument with the new routing) and vfio_intx_routing_notifier() which handles calls to the pci device intx routing notifier and calling vfio_intx_update() when necessary. This will make adding support for the irqchip change notifier easier. Cc: Alex Williamson Cc: Alexey Kardashevskiy Signed-off-by: David Gibson Tested-by: Alex Williamson Reviewed-by: Alex Williamson Reviewed-by: Greg Kurz Acked-by: Alex Williamson --- hw/vfio/pci.c | 39 ++++++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 17 deletions(-) diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c index 0c55883bba..521289aa7d 100644 --- a/hw/vfio/pci.c +++ b/hw/vfio/pci.c @@ -216,30 +216,18 @@ static void vfio_intx_disable_kvm(VFIOPCIDevice *vdev) #endif } -static void vfio_intx_update(PCIDevice *pdev) +static void vfio_intx_update(VFIOPCIDevice *vdev, PCIINTxRoute *route) { - VFIOPCIDevice *vdev = PCI_VFIO(pdev); - PCIINTxRoute route; Error *err = NULL; - if (vdev->interrupt != VFIO_INT_INTx) { - return; - } - - route = pci_device_route_intx_to_irq(&vdev->pdev, vdev->intx.pin); - - if (!pci_intx_route_changed(&vdev->intx.route, &route)) { - return; /* Nothing changed */ - } - trace_vfio_intx_update(vdev->vbasedev.name, - vdev->intx.route.irq, route.irq); + vdev->intx.route.irq, route->irq); vfio_intx_disable_kvm(vdev); - vdev->intx.route = route; + vdev->intx.route = *route; - if (route.mode != PCI_INTX_ENABLED) { + if (route->mode != PCI_INTX_ENABLED) { return; } @@ -252,6 +240,22 @@ static void vfio_intx_update(PCIDevice *pdev) vfio_intx_eoi(&vdev->vbasedev); } +static void vfio_intx_routing_notifier(PCIDevice *pdev) +{ + VFIOPCIDevice *vdev = PCI_VFIO(pdev); + PCIINTxRoute route; + + if (vdev->interrupt != VFIO_INT_INTx) { + return; + } + + route = pci_device_route_intx_to_irq(&vdev->pdev, vdev->intx.pin); + + if (pci_intx_route_changed(&vdev->intx.route, &route)) { + vfio_intx_update(vdev, &route); + } +} + static int vfio_intx_enable(VFIOPCIDevice *vdev, Error **errp) { uint8_t pin = vfio_pci_read_config(&vdev->pdev, PCI_INTERRUPT_PIN, 1); @@ -2967,7 +2971,8 @@ static void vfio_realize(PCIDevice *pdev, Error **errp) if (vfio_pci_read_config(&vdev->pdev, PCI_INTERRUPT_PIN, 1)) { vdev->intx.mmap_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, vfio_intx_mmap_enable, vdev); - pci_device_set_intx_routing_notifier(&vdev->pdev, vfio_intx_update); + pci_device_set_intx_routing_notifier(&vdev->pdev, + vfio_intx_routing_notifier); ret = vfio_intx_enable(vdev, errp); if (ret) { goto out_teardown; From c5478fea27ac47ed3b57e0489a49b62f36024763 Mon Sep 17 00:00:00 2001 From: David Gibson Date: Thu, 17 Oct 2019 12:38:30 +1100 Subject: [PATCH 4/8] vfio/pci: Respond to KVM irqchip change notifier VFIO PCI devices already respond to the pci intx routing notifier, in order to update kernel irqchip mappings when routing is updated. However this won't handle the case where the irqchip itself is replaced by a different model while retaining the same routing. This case can happen on the pseries machine type due to PAPR feature negotiation. To handle that case, add a handler for the irqchip change notifier, which does much the same thing as the routing notifier, but is unconditional, rather than being a no-op when the routing hasn't changed. Cc: Alex Williamson Cc: Alexey Kardashevskiy Signed-off-by: David Gibson Tested-by: Alex Williamson Reviewed-by: Alex Williamson Reviewed-by: Greg Kurz Acked-by: Alex Williamson --- hw/vfio/pci.c | 25 +++++++++++++++++++------ hw/vfio/pci.h | 1 + 2 files changed, 20 insertions(+), 6 deletions(-) diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c index 521289aa7d..2d40b396f2 100644 --- a/hw/vfio/pci.c +++ b/hw/vfio/pci.c @@ -256,6 +256,14 @@ static void vfio_intx_routing_notifier(PCIDevice *pdev) } } +static void vfio_irqchip_change(Notifier *notify, void *data) +{ + VFIOPCIDevice *vdev = container_of(notify, VFIOPCIDevice, + irqchip_change_notifier); + + vfio_intx_update(vdev, &vdev->intx.route); +} + static int vfio_intx_enable(VFIOPCIDevice *vdev, Error **errp) { uint8_t pin = vfio_pci_read_config(&vdev->pdev, PCI_INTERRUPT_PIN, 1); @@ -2973,30 +2981,32 @@ static void vfio_realize(PCIDevice *pdev, Error **errp) vfio_intx_mmap_enable, vdev); pci_device_set_intx_routing_notifier(&vdev->pdev, vfio_intx_routing_notifier); + vdev->irqchip_change_notifier.notify = vfio_irqchip_change; + kvm_irqchip_add_change_notifier(&vdev->irqchip_change_notifier); ret = vfio_intx_enable(vdev, errp); if (ret) { - goto out_teardown; + goto out_deregister; } } if (vdev->display != ON_OFF_AUTO_OFF) { ret = vfio_display_probe(vdev, errp); if (ret) { - goto out_teardown; + goto out_deregister; } } if (vdev->enable_ramfb && vdev->dpy == NULL) { error_setg(errp, "ramfb=on requires display=on"); - goto out_teardown; + goto out_deregister; } if (vdev->display_xres || vdev->display_yres) { if (vdev->dpy == NULL) { error_setg(errp, "xres and yres properties require display=on"); - goto out_teardown; + goto out_deregister; } if (vdev->dpy->edid_regs == NULL) { error_setg(errp, "xres and yres properties need edid support"); - goto out_teardown; + goto out_deregister; } } @@ -3020,8 +3030,10 @@ static void vfio_realize(PCIDevice *pdev, Error **errp) return; -out_teardown: +out_deregister: pci_device_set_intx_routing_notifier(&vdev->pdev, NULL); + kvm_irqchip_remove_change_notifier(&vdev->irqchip_change_notifier); +out_teardown: vfio_teardown_msi(vdev); vfio_bars_exit(vdev); error: @@ -3064,6 +3076,7 @@ static void vfio_exitfn(PCIDevice *pdev) vfio_unregister_req_notifier(vdev); vfio_unregister_err_notifier(vdev); pci_device_set_intx_routing_notifier(&vdev->pdev, NULL); + kvm_irqchip_remove_change_notifier(&vdev->irqchip_change_notifier); vfio_disable_interrupts(vdev); if (vdev->intx.mmap_timer) { timer_free(vdev->intx.mmap_timer); diff --git a/hw/vfio/pci.h b/hw/vfio/pci.h index b329d50338..35626cd63e 100644 --- a/hw/vfio/pci.h +++ b/hw/vfio/pci.h @@ -169,6 +169,7 @@ typedef struct VFIOPCIDevice { bool enable_ramfb; VFIODisplay *dpy; Error *migration_blocker; + Notifier irqchip_change_notifier; } VFIOPCIDevice; uint32_t vfio_pci_read_config(PCIDevice *pdev, uint32_t addr, int len); From e532e1d93c4bd869b11db6ee0de2057e7d288889 Mon Sep 17 00:00:00 2001 From: David Gibson Date: Mon, 30 Sep 2019 15:54:00 +1000 Subject: [PATCH 5/8] spapr: Handle irq backend changes with VFIO PCI devices MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit pseries machine type can have one of two different interrupt controllers in use depending on feature negotiation with the guest. Usually this is invisible to devices, because they route to a common set of qemu_irqs which in turn dispatch to the correct back end. VFIO passthrough devices, however, wire themselves up directly to the KVM irqchip for performance, which means they are affected by this change in interrupt controller. To get them to adjust correctly for the change in irqchip, we need to fire the kvm irqchip change notifier. Cc: Alex Williamson Cc: Alexey Kardashevskiy Signed-off-by: David Gibson Reviewed-by: Cédric Le Goater Tested-by: Alex Williamson Reviewed-by: Alex Williamson Reviewed-by: Greg Kurz Acked-by: Alex Williamson --- hw/ppc/spapr_irq.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/hw/ppc/spapr_irq.c b/hw/ppc/spapr_irq.c index 168044be85..1d27034962 100644 --- a/hw/ppc/spapr_irq.c +++ b/hw/ppc/spapr_irq.c @@ -508,6 +508,12 @@ static void set_active_intc(SpaprMachineState *spapr, } spapr->active_intc = new_intc; + + /* + * We've changed the kernel irqchip, let VFIO devices know they + * need to readjust. + */ + kvm_irqchip_change_notify(); } void spapr_irq_update_active_intc(SpaprMachineState *spapr) From b14848f5d757cbe89dfd1ee68ce701a8277c2f17 Mon Sep 17 00:00:00 2001 From: David Gibson Date: Wed, 2 Oct 2019 11:53:57 +1000 Subject: [PATCH 6/8] spapr: Work around spurious warnings from vfio INTx initialization MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Traditional PCI INTx for vfio devices can only perform well if using an in-kernel irqchip. Therefore, vfio_intx_update() issues a warning if an in kernel irqchip is not available. We usually do have an in-kernel irqchip available for pseries machines on POWER hosts. However, because the platform allows feature negotiation of what interrupt controller model to use, we don't currently initialize it until machine reset. vfio_intx_update() is called (first) from vfio_realize() before that, so it can issue a spurious warning, even if we will have an in kernel irqchip by the time we need it. To workaround this, make a call to spapr_irq_update_active_intc() from spapr_irq_init() which is called at machine realize time, before the vfio realize. This call will be pretty much obsoleted by the later call at reset time, but it serves to suppress the spurious warning from VFIO. Cc: Alex Williamson Cc: Alexey Kardashevskiy Signed-off-by: David Gibson Reviewed-by: Cédric Le Goater Tested-by: Alex Williamson Reviewed-by: Alex Williamson Reviewed-by: Greg Kurz Acked-by: Alex Williamson --- hw/ppc/spapr_irq.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/hw/ppc/spapr_irq.c b/hw/ppc/spapr_irq.c index 1d27034962..d6bb7fd2d6 100644 --- a/hw/ppc/spapr_irq.c +++ b/hw/ppc/spapr_irq.c @@ -373,6 +373,14 @@ void spapr_irq_init(SpaprMachineState *spapr, Error **errp) spapr->qirqs = qemu_allocate_irqs(spapr_set_irq, spapr, smc->nr_xirqs + SPAPR_XIRQ_BASE); + + /* + * Mostly we don't actually need this until reset, except that not + * having this set up can cause VFIO devices to issue a + * false-positive warning during realize(), because they don't yet + * have an in-kernel irq chip. + */ + spapr_irq_update_active_intc(spapr); } int spapr_irq_claim(SpaprMachineState *spapr, int irq, bool lsi, Error **errp) @@ -528,7 +536,8 @@ void spapr_irq_update_active_intc(SpaprMachineState *spapr) * this. */ new_intc = SPAPR_INTC(spapr->xive); - } else if (spapr_ovec_test(spapr->ov5_cas, OV5_XIVE_EXPLOIT)) { + } else if (spapr->ov5_cas + && spapr_ovec_test(spapr->ov5_cas, OV5_XIVE_EXPLOIT)) { new_intc = SPAPR_INTC(spapr->xive); } else { new_intc = SPAPR_INTC(spapr->ics); From 6cf80f90c441e86f2e92c8a07d6b29ca3f1d43e8 Mon Sep 17 00:00:00 2001 From: Laurent Vivier Date: Mon, 25 Nov 2019 15:14:14 +0100 Subject: [PATCH 7/8] mos6522: update counters when timer interrupts are off MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Even if the interrupts are off, counters must be updated because they are running anyway and kernel can try to read them (it's the case with g3beige kernel). Reported-by: Andrew Randrianasulu Signed-off-by: Laurent Vivier Message-Id: <20191125141414.5015-1-laurent@vivier.eu> Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: David Gibson --- hw/misc/mos6522.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/hw/misc/mos6522.c b/hw/misc/mos6522.c index aa3bfe1afd..cecf0be59e 100644 --- a/hw/misc/mos6522.c +++ b/hw/misc/mos6522.c @@ -113,6 +113,10 @@ static int64_t get_next_irq_time(MOS6522State *s, MOS6522Timer *ti, int64_t d, next_time; unsigned int counter; + if (ti->frequency == 0) { + return INT64_MAX; + } + /* current counter value */ d = muldiv64(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) - ti->load_time, ti->frequency, NANOSECONDS_PER_SECOND); @@ -149,10 +153,10 @@ static void mos6522_timer1_update(MOS6522State *s, MOS6522Timer *ti, if (!ti->timer) { return; } + ti->next_irq_time = get_next_irq_time(s, ti, current_time); if ((s->ier & T1_INT) == 0 || (s->acr & T1MODE) != T1MODE_CONT) { timer_del(ti->timer); } else { - ti->next_irq_time = get_next_irq_time(s, ti, current_time); timer_mod(ti->timer, ti->next_irq_time); } } @@ -163,10 +167,10 @@ static void mos6522_timer2_update(MOS6522State *s, MOS6522Timer *ti, if (!ti->timer) { return; } + ti->next_irq_time = get_next_irq_time(s, ti, current_time); if ((s->ier & T2_INT) == 0) { timer_del(ti->timer); } else { - ti->next_irq_time = get_next_irq_time(s, ti, current_time); timer_mod(ti->timer, ti->next_irq_time); } } From 59d0533b85158fdbe43bad696d4f50ec29a04c32 Mon Sep 17 00:00:00 2001 From: PanNengyuan Date: Mon, 25 Nov 2019 20:34:51 +0800 Subject: [PATCH 8/8] ppc/spapr_events: fix potential NULL pointer dereference in rtas_event_log_dequeue This fixes coverity issues 68911917: 360 CID 68911917: (NULL_RETURNS) 361. dereference: Dereferencing "source", which is known to be "NULL". 361 if (source->mask & event_mask) { 362 break; 363 } Reported-by: Euler Robot Signed-off-by: PanNengyuan Message-Id: <1574685291-38176-1-git-send-email-pannengyuan@huawei.com> Signed-off-by: David Gibson --- hw/ppc/spapr_events.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/ppc/spapr_events.c b/hw/ppc/spapr_events.c index 0e4c19523a..e355e000d0 100644 --- a/hw/ppc/spapr_events.c +++ b/hw/ppc/spapr_events.c @@ -358,6 +358,7 @@ static SpaprEventLogEntry *rtas_event_log_dequeue(SpaprMachineState *spapr, rtas_event_log_to_source(spapr, spapr_event_log_entry_type(entry)); + g_assert(source); if (source->mask & event_mask) { break; }