Re: [RFC PATCH v6 0/5] rust-pl011-rfc-v6

On 8/4/24 23:04, Manos Pitsidianakis wrote: Changes === - Setting MSRV to 1.77.0: * cstr crate MSRV is 1.64, which is more recent than Debian bookworm (1.63.0) * pl011's dependencies (mostly proc-macro2) don't support 1.63.

Re: [RFC PATCH-for-9.1? 2/2] hw/intc/arm_gic: Only provide query-gic-capabilities when GIC built-in

Peter Maydell writes: > On Wed, 7 Aug 2024 at 12:10, Markus Armbruster wrote: >> Having to manually include a configuration header like CONFIG_DEVICES >> wherever you use configuration symbols strikes me as unadvisable when >> uses include checking for definedness, such as #ifdef: silent miscomp

[PATCH v2 2/4] gdbstub: Add support for MTE in system mode

This commit makes handle_q_memtag, handle_q_isaddresstagged, and handle_Q_memtag stubs build for system mode, allowing all GDB 'memory-tag' subcommands to work with QEMU gdbstub on aarch64 system mode. Signed-off-by: Gustavo Romero Reviewed-by: Richard Henderson --- target/arm/gdbstub64.c | 4 +

[PATCH v2 4/4] tests/tcg/aarch64: Extend MTE gdbstub tests to system mode

Extend MTE gdbstub tests to also run in system mode (share tests between user mode and system mode). The tests will only run if a version of GDB that supports MTE on baremetal is available in the test environment and if available compiler supports the 'memtag' flag (-march=armv8.5-a+memtag). For t

[PATCH v2 3/4] tests/guest-debug: Support passing arguments to the GDB test script

This commit adds support for passing arguments to the GDB test scripts so it's possible to parse the args in an "argparse way" in the test scripts launched by the runner. The arguments should be preceded by -- when passed to the runner. For example, passing "--help" arg to the GDB_TEST_SCRIPT: run

[PATCH v2 1/4] gdbstub: Use specific MMU index when probing MTE addresses

Use cpu_mmu_index() to determine the specific translation regime (MMU index) before probing addresses using allocation_tag_mem_probe(). Currently, the MMU index is hardcoded to 0 and only works for user mode. By obtaining the specific MMU index according to the translation regime, future use of th

[PATCH v2 0/4] gdbstub: Add support for MTE in system mode

This patchset makes handle_q_memtag, handle_q_isaddresstagged, and handle_Q_memtag stubs build for system mode, allowing all GDB 'memory-tag' subcommands to work with QEMU gdbstub on aarch64 system mode. It also extends the MTE gdbstub tests to run in system mode, sharing the tests between QEMU us

Re: [RFC PATCH 20/23] hw/ssi: add support for flexspi

Hi Octavian, On 5/8/24 22:17, Octavian Purdila wrote: This is mostly a stub which completes SPI transactions as noops by masking out the error interrupts and never clearing the IPCMDDONE interrupt. Although incomplete, this allows software that uses NXP's mcuxpresso SDK to run the SDK board ini

Re: [PATCH 4/4] tests/tcg/aarch64: Extend MTE gdbstub tests to system mode

Hi Richard, On 7/25/24 8:17 PM, Richard Henderson wrote: On 7/23/24 02:07, Gustavo Romero wrote:   def run_test(): -    gdb.execute("break 95", False, True) +    if mode == "system": +    # Break address: where to break before performing the tests +    # Addresss is the last insn. befor

Re: [PATCH 3/4] tests/guest-debug: Support passing arguments to the GDB test script

Hi Alex, On 7/25/24 5:38 PM, Alex Bennée wrote: Gustavo Romero writes: This commit adds a new option to run-test.py, --test-args, which can be used to pass arguments to the GDB test script specified by the --test option. The arguments passed are in the key=value form, and multiple pairs can b

Re: [PATCH 1/4] gdbstub: Use specific MMU index when probing MTE addresses

Hi Richard, On 7/24/24 7:14 AM, Richard Henderson wrote: On 7/23/24 02:07, Gustavo Romero wrote: +    /* Find out the current translation regime for probe. */ +    mmu_index = arm_mmu_idx(env) & ARM_MMU_IDX_COREIDX_MASK; The official interface is cpu_mmu_index(). Otherwise, Reviewed-by: Rich

Re: [RFC PATCH 21/23] hw/misc: add support for RT500 reset controller

Hi Octavian, On 5/8/24 22:17, Octavian Purdila wrote: The RT500 reset controller has two instances that have the same register layout but with different fields for some registers. The model only provides set and clear functionality for the various reset lines which is common for both instances.

Re: [PATCH RFC V3 00/29] Support of Virtual CPU Hotplug for ARMv8 Arch

Hi Salil, On 8/8/24 2:07 AM, Salil Mehta wrote: I tested ARM arch specific patches with the latest Qemu which contains below mentioned fix and I cannot reproduce the crash. I used kernel linux-6.11-rc2 and it booted successfully. Though I did see a kernel crash on attempting to hotplug first v

Re: [RFC PATCH-for-9.1? 1/2] target/arm: Move qmp_query_gic_capabilities() to hw/intc/

Peter Maydell writes: [...] > The QAPI command which this code is implementing is > also (a) target-specific and (b) unfortunately > designed so that it doesn't get passed a particular > CPU or particular device to query, it's just assumed > to be a part of the whole simulation. We can fix (b)

Re: [PATCH v8 6/8] hw/misc/riscv_iopmp: Add API to configure RISCV CPU IOPMP support

On Mon, Jul 15, 2024 at 8:15 PM Ethan Chen via wrote: > > The iopmp_setup_cpu() function configures the RISCV CPU to support IOPMP and > specifies the CPU's RRID. > > Signed-off-by: Ethan Chen > --- > hw/misc/riscv_iopmp.c | 6 ++ > include/hw/misc/riscv_iopmp.h | 1 + > 2 files chan

Re: [PATCH v8 5/8] hw/misc/riscv_iopmp: Add API to set up IOPMP protection for system memory

On Mon, Jul 15, 2024 at 8:13 PM Ethan Chen via wrote: > > To enable system memory transactions through the IOPMP, memory regions must > be moved to the IOPMP downstream and then replaced with IOMMUs for IOPMP > translation. > > The iopmp_setup_system_memory() function copies subregions of system m

Re: [PATCH RFC V3 00/29] Support of Virtual CPU Hotplug for ARMv8 Arch

Hi Salil, On 8/8/24 10:29 AM, Gavin Shan wrote: On 8/8/24 9:48 AM, Salil Mehta wrote: However, I'm unable to hot-add a vCPU and haven't get a chance to look at it closely. (qemu) device_add host-arm-cpu,id=cpu,socket-id=1 (qemu) [  258.901027] Unable to handle kernel write to read-only memory

Re: [PATCH v8 2/8] system/physmem: Support IOMMU granularity smaller than TARGET_PAGE size

On Mon, Jul 15, 2024 at 7:59 PM Ethan Chen via wrote: > > If the IOMMU granularity is smaller than the TARGET_PAGE size, there may be > multiple entries within the same page. To obtain the correct result, pass > the original address to the IOMMU. > > Similar to the RISC-V PMP solution, the TLB_IN

Re: [PATCH v8 3/8] target/riscv: Add support for IOPMP

On Mon, Jul 15, 2024 at 7:58 PM Ethan Chen via wrote: > > Signed-off-by: Ethan Chen Reviewed-by: Alistair Francis Alistair > --- > target/riscv/cpu_cfg.h| 2 ++ > target/riscv/cpu_helper.c | 18 +++--- > 2 files changed, 17 insertions(+), 3 deletions(-) > > diff --git a/targ

Re: [PATCH v8 8/8] hw/riscv/virt: Add IOPMP support

On Mon, Jul 15, 2024 at 8:15 PM Ethan Chen via wrote: > > - Add 'iopmp=on' option to enable IOPMP. It adds an iopmp device virt machine > to protect all regions of system memory, and configures RRID of CPU. > > Signed-off-by: Ethan Chen > --- > docs/system/riscv/virt.rst | 5 +++ > hw/riscv/K

Re: [PATCH v8 4/8] hw/misc/riscv_iopmp: Add RISC-V IOPMP device

On Mon, Jul 15, 2024 at 7:58 PM Ethan Chen via wrote: > > Support basic functions of IOPMP specification v0.9.1 rapid-k model. > The specification url: > https://github.com/riscv-non-isa/iopmp-spec/releases/tag/v0.9.1 > > The IOPMP checks whether memory access from a device or CPU is valid. > This

[PULL 3/6] target/hexagon/idef-parser: Remove self-assignment

From: Anton Johansson The self assignment is clearly useless, and @1.last_column does not have to be set for an expression with only a single token, so remove it. Reported-by: Peter Maydell Signed-off-by: Anton Johansson Reviewed-by: Brian Cain Reviewed-by: Philippe Mathieu-Daudé Message-Id:

[PULL 2/6] Hexagon: lldb read/write predicate registers p0/p1/p2/p3

From: Taylor Simpson hexagon-core.xml only exposes register p3_0 which is an alias that aggregates the predicate registers. It is more convenient for users to interact directly with the predicate registers. Tested with lldb downloaded from this location https://github.com/llvm/llvm-project/rele

[PULL 0/6] hex queue

The following changes since commit 4c395ac42e55ff8e9fd4c992e351a04b10785503: Merge tag 'pull-tcg-20240808' of https://gitlab.com/rth7680/qemu into staging (2024-08-08 09:07:00 +1000) are available in the Git repository at: https://github.com/quic/qemu tags/pull-hex-20240807

[PULL 5/6] target/hexagon: define a v66 CPU

For now, v66 behavior is the same as other CPUs. Signed-off-by: Brian Cain Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Taylor Simpson --- target/hexagon/cpu-qom.h | 1 + target/hexagon/cpu.c | 2 ++ 2 files changed, 3 insertions(+) diff --git a/target/hexagon/cpu-qom.h b/target/hexag

[PULL 1/6] Hexagon: fix F2_conv_* instructions for negative zero

From: Matheus Tavares Bernardino The implementation for these instructions handles -0 as an invalid float point value, whereas the Hexagon hardware considers it the same as +0 (which is valid). Let's fix that and add a regression test. Signed-off-by: Matheus Tavares Bernardino Reviewed-by: Bria

[PULL 4/6] MAINTAINERS: Add my hexagon git tree

Add my git tree for hexagon. Note that the branch is "hex-next" and not "hex.next" as had been used previously. But I'll keep the "hex.next" branch in sync with "hex-next" until this commit lands to avoid confusion. Signed-off-by: Brian Cain Reviewed-by: Philippe Mathieu-Daudé Tested-by: Phili

[PULL 6/6] target/hexagon: switch to dc set_props() list

Define a hexagon_cpu_properties list to match the idiom used by other targets. Signed-off-by: Brian Cain Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Taylor Simpson --- target/hexagon/cpu.c | 18 -- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/target/hexag

[PATCH] qio: fix qemu crash when live migration

qemu will crash in live migration cleanup process at source host. BT is as below: 0 0x7f740fc9e165 in g_source_destroy () at /usr/lib64/libglib-2.0.so.0 1 0x55a2982a0f6e in qio_net_listener_set_client_func_full 2 0x55a298345130 in tcp_chr_update_read_handler 3 0x55a298341598 in

[PATCH v2 00/11] support I2C for AST2700

v1: - support I2C for AST2700 v2: - fix review issues and add reviewer suggestion - update avocado test case for AST2700 I2C - support i2c bus pool A. pool_gap_size and reg_gap_size need to be discussion. B. aspeed_soc_ast2700_get_irq, aspeed_soc_ast2700_get_intc_orgate and sc->get_irq function

[PATCH v2 10/11] aspeed: add tmp105 in i2c bus 0 for AST2700

ASPEED SDK add lm75 in i2c bus 0 for AST2700. LM75 is compatible with TMP105 driver. Introduce a new i2c init function and add tmp105 device model in i2c bus 0. Signed-off-by: Jamin Lin Reviewed-by: Cédric Le Goater --- hw/arm/aspeed.c | 10 ++ 1 file changed, 10 insertions(+) diff --

[PATCH v2 09/11] aspeed/soc: support I2C for AST2700

Add I2C model for AST2700 I2C support. The I2C controller registers base address is start at 0x14C0_F000 and its address space is 0x2000. The AST2700 I2C controller has one source INTC per bus. I2C buses interrupt are connected to GICINT130_INTC from bit 0 to bit 15. I2C bus 0 is connected to GICI

[PATCH v2 08/11] aspeed/soc: introduce a new API to get the INTC orgate information

Currently, users can set the intc mapping table with enumerated device id and device irq to get the INTC orgate input pins. However, some devices use the continuous bits number in the same orgate. To reduce the enumerated device id definition, create a new API to get the INTC orgate index and sourc

[PATCH v2 06/11] hw/i2c/aspeed: support Tx/Rx buffer 64 bits address

ASPEED AST2700 SOC is a 64 bits quad core CPUs (Cortex-a35) And the base address of dram is "0x4 " which is 64bits address. It have "Master DMA Mode Tx Buffer Base Address[39:32](0x60)" and "Master DMA Mode Rx Buffer Base Address[39:32](0x64)" to save the high part physical address of Tx/R

[PATCH v2 04/11] hw/i2c/aspeed: introduce a new dma_dram_offset attribute in AspeedI2Cbus

The "Current DMA Operating Address Status(0x50)" register of I2C new mode has been removed in AST2700. This register is used for debugging and it is a read only register. To support AST2700 DMA mode, introduce a new dma_dram_offset class attribute in AspeedI2Cbus to save the current DMA operating

[PATCH v2 11/11] machine_aspeed.py: update to test I2C for AST2700

Update test case to test lm75 temperature sensor. Signed-off-by: Jamin Lin --- tests/avocado/machine_aspeed.py | 16 1 file changed, 16 insertions(+) diff --git a/tests/avocado/machine_aspeed.py b/tests/avocado/machine_aspeed.py index f8e263d37e..6935f5f57c 100644 --- a/tests/a

[PATCH v2 07/11] hw/i2c/aspeed: support high part dram offset for DMA 64 bits

ASPEED AST2700 SOC is a 64 bits quad core CPUs (Cortex-a35) And the base address of dram is "0x4 " which is 64bits address. The AST2700 support the maximum DRAM size is 8 GB. The DRAM physical address range is from "0x4__" to "0x5__". The DRAM offset range is from "0x0_000

[PATCH v2 01/11] hw/i2c/aspeed: support discontinuous register memory region of I2C bus

It only support continuous register memory region for all I2C bus. However, the register address of all I2c bus are discontinuous for AST2700. Ex: the register address of I2C bus for ast2700 as following. 0x100 - 0x17F: Device 0 0x200 - 0x27F: Device 1 0x300 - 0x37F: Device 2 0x400 - 0x47F: Device

[PATCH v2 02/11] hw/i2c/aspeed: introduce a new bus pool buffer attribute in AspeedI2Cbus

According to the datasheet of ASPEED SOCs, each I2C bus has their own pool buffer since AST2500. Only AST2400 utilized a pool buffer share to all I2C bus. Besides, using a share pool buffer only support pool buffer memory regions are continuous for all I2C bus. To make this model more readable and

[PATCH v2 05/11] hw/i2c/aspeed: Add AST2700 support

Introduce a new ast2700 class to support AST2700. The I2C bus register memory regions and I2C bus pool buffer memory regions are discontinuous and they do not back compatible AST2600. Add a new ast2700 i2c class init function to match the address of I2C bus register and pool buffer from the datash

[PATCH v2 03/11] hw/i2c/aspeed: support discontinuous poll buffer memory region of I2C bus

It only support continuous pool buffer memory region for all I2C bus. However, the pool buffer address of all I2c bus are discontinuous for AST2700. Ex: the pool buffer address of I2C bus for ast2700 as following. 0x1A0 - 0x1BF: Device 0 buffer 0x2A0 - 0x2BF: Device 1 buffer 0x3A0 - 0x3BF: Device

[PULL 1/1] tcg/ppc: Sync tcg_out_test and constraints

Ensure the code structure is the same for matching constraints and emitting code, lest we allow constants that cannot be trivially tested. Cc: qemu-sta...@nongnu.org Fixes: ad788aebbab ("tcg/ppc: Support TCG_COND_TST{EQ,NE}") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2487 Signed-off-

[PULL 0/1] tcg patch queue

The following changes since commit 6d00c6f98256adbd0613966285792125abe5: Merge tag 'for-upstream' of https://repo.or.cz/qemu/kevin into staging (2024-08-07 07:09:37 +1000) are available in the Git repository at: https://gitlab.com/rth7680/qemu.git tags/pull-tcg-20240808 for you to fetc

Re: [PULL 0/1] tcg patch queue

On 8/8/24 09:06, Richard Henderson wrote: The following changes since commit 6d00c6f98256adbd0613966285792125abe5: Merge tag 'for-upstream' of https://repo.or.cz/qemu/kevin into staging (2024-08-07 07:09:37 +1000) are available in the Git repository at: https://gitlab.com/rth7680/qe

Re: [PATCH] target/riscv: Add a property to set vl to ceil(AVL/2)

On Tue, Jul 23, 2024 at 3:51 AM Jason Chien wrote: > > RVV spec allows implementations to set vl with values within > [ceil(AVL/2),VLMAX] when VLMAX < AVL < 2*VLMAX. This commit adds a > property "rvv_vl_half_avl" to enable setting vl = ceil(AVL/2). This > behavior helps identify compiler issues a

RE: [PATCH v3 0/2] RISC-V: Add preliminary textra trigger CSR functions

> -Original Message- > From: Alistair Francis > Sent: Wednesday, August 7, 2024 6:59 PM > To: Alvin Che-Chia Chang(張哲嘉) > Cc: qemu-ri...@nongnu.org; qemu-devel@nongnu.org; > alistair.fran...@wdc.com > Subject: Re: [PATCH v3 0/2] RISC-V: Add preliminary textra trigger CSR > functions > > [

Re: [PATCH RFC V3 00/29] Support of Virtual CPU Hotplug for ARMv8 Arch

Hi Salil, On 8/8/24 9:48 AM, Salil Mehta wrote: On 8/7/24 11:27 PM, Salil Mehta wrote: > > Let me figure out this. Have you also included the below patch along > with the architecture agnostic patch-set accepted in this Qemu cycle? > > https://lore.kernel.org/all/20240801142322.39488

Re: [PATCH v2 13/13] target/riscv: Enable PMU related extensions to preferred rule

On Wed, Aug 7, 2024 at 5:44 PM Atish Kumar Patra wrote: > > On Tue, Aug 6, 2024 at 7:01 PM Alistair Francis wrote: > > > > On Wed, Aug 7, 2024 at 2:06 AM Daniel Henrique Barboza > > wrote: > > > > > > > > > > > > On 8/6/24 5:46 AM, Andrew Jones wrote: > > > > On Tue, Jul 23, 2024 at 04:30:10PM G

Re: [RFC PATCH 22/23] hw/arm: add basic support for the RT500 SoC

On Tue, Aug 6, 2024 at 7:51 AM Philippe Mathieu-Daudé wrote: > > Hi Octavian, > > Few comments inlined. > Hi Philippe, Thank you for the review! I have queued fixes for all of the patches in the set where applicable, I'll wait for more feedback on the rest of the patches before sending v2.

RE: [PATCH RFC V3 00/29] Support of Virtual CPU Hotplug for ARMv8 Arch

Hi Gavin, Thanks for further information. > From: Gavin Shan > Sent: Thursday, August 8, 2024 12:41 AM > To: Salil Mehta ; qemu-devel@nongnu.org; > qemu-...@nongnu.org; m...@redhat.com > > Hi Salil, > > On 8/7/24 11:27 PM, Salil Mehta wrote: > > > > Let me figure out this. Have you a

Re: [PATCH-for-9.1 v2 4/4] hw/ssi/pnv_spi: Fixes Coverity CID 1558831

On 8/8/24 06:28, Philippe Mathieu-Daudé wrote: From: Chalapathi V In this commit the following coverity scan defect has been fixed CID 1558831: Resource leaks (RESOURCE_LEAK) Variable "rsp_payload" going out of scope leaks the storage it points to. Fixes: Coverity CID 1558831 Signed-off

Re: [PATCH-for-9.1 v2 2/4] hw/ssi/pnv_spi: Match _xfer_buffer_free() with _xfer_buffer_new()

On 8/8/24 06:28, Philippe Mathieu-Daudé wrote: pnv_spi_xfer_buffer_new() allocates %payload using g_malloc0(), and pnv_spi_xfer_buffer_write_ptr() allocates %payload->data using g_realloc(). Use the API equivalent g_free() to release the buffers. Signed-off-by: Philippe Mathieu-Daudé --- hw/s

Re: [PATCH-for-9.1 v2 3/4] hw/ssi/pnv_spi: Return early in transfer()

On 8/8/24 06:28, Philippe Mathieu-Daudé wrote: Return early to simplify next commit. No logical change intended. Signed-off-by: Philippe Mathieu-Daudé --- hw/ssi/pnv_spi.c | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/hw/ssi/pnv_spi.c b/hw/ssi/pnv_spi.c index 13a

Re: [PATCH RFC V3 00/29] Support of Virtual CPU Hotplug for ARMv8 Arch

Hi Salil, On 8/7/24 11:27 PM, Salil Mehta wrote: Let me figure out this. Have you also included the below patch along with the architecture agnostic patch-set accepted in this Qemu cycle? https://lore.kernel.org/all/20240801142322.3948866-3-peter.mayd...@linaro.org/ There are no vCPU fd to

Re: [PATCH v3 15/20] target/riscv: shadow stack mmu index for shadow stack instructions

On Thu, Aug 08, 2024 at 08:57:47AM +1000, Richard Henderson wrote: On 8/8/24 07:23, Deepak Gupta wrote: On Wed, Aug 07, 2024 at 12:43:31PM +1000, Richard Henderson wrote: On 8/7/24 10:06, Deepak Gupta wrote: Shadow stack instructions shadow stack mmu index for load/stores. `MMU_IDX_SS_ACCESS`

Re: [RFC PATCH] target/i386: allow access_ptr to force slow path on failed probe

On 8/8/24 02:02, Alex Bennée wrote: When we are using TCG plugin memory callbacks probe_access_internal will return TLB_MMIO to force the slow path for memory access. This results in probe_access returning NULL but the x86 access_ptr function happily accepts an empty haddr resulting in segfault h

[PULL 1/1] tcg/ppc: Sync tcg_out_test and constraints

Ensure the code structure is the same for matching constraints and emitting code, lest we allow constants that cannot be trivially tested. Cc: qemu-sta...@nongnu.org Fixes: ad788aebbab ("tcg/ppc: Support TCG_COND_TST{EQ,NE}") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2487 Signed-off-

[PULL 0/1] tcg patch queue

The following changes since commit 6d00c6f98256adbd0613966285792125abe5: Merge tag 'for-upstream' of https://repo.or.cz/qemu/kevin into staging (2024-08-07 07:09:37 +1000) are available in the Git repository at: https://gitlab.com/rth7680/qemu.git tags/pull-tcg-20240808 for you to fetc

Re: [PATCH v3 04/20] target/riscv: save and restore elp state on priv transitions

On Thu, Aug 08, 2024 at 08:40:08AM +1000, Richard Henderson wrote: On 8/8/24 06:11, Deepak Gupta wrote: +    /* + * If forward cfi enabled for new priv, restore elp status + * and clear spelp in mstatus + */ +    if (cpu_get_fcfien(env)) { +    env->elp = get_field(env->mstatus,

Re: [PATCH v3 15/20] target/riscv: shadow stack mmu index for shadow stack instructions

On 8/8/24 07:23, Deepak Gupta wrote: On Wed, Aug 07, 2024 at 12:43:31PM +1000, Richard Henderson wrote: On 8/7/24 10:06, Deepak Gupta wrote: Shadow stack instructions shadow stack mmu index for load/stores. `MMU_IDX_SS_ACCESS` at bit positon 3 is used as shadow stack index. Shadow stack mmu ind

Re: [PATCH v3 04/20] target/riscv: save and restore elp state on priv transitions

On 8/8/24 06:11, Deepak Gupta wrote: +    /* + * If forward cfi enabled for new priv, restore elp status + * and clear spelp in mstatus + */ +    if (cpu_get_fcfien(env)) { +    env->elp = get_field(env->mstatus, MSTATUS_SPELP); +    env->mstatus = set_field(env->mstatus, MSTA

[PATCH v2 0/4] i386/cpu: Add support for perfmon-v2, RAS bits and EPYC-Turin CPU model

This series adds the support for following features in qemu. 1. RAS feature bits (SUCCOR, McaOverflowRecov) 2. perfmon-v2 3. Update EPYC-Genoa to support perfmon-v2 and RAS bits 4. Add support for EPYC-Turin --- v2: Fixed couple of typos. Added Reviewed-by tag from Zhao. Rebased on top o

[PATCH v2 1/4] i386/cpu: Add RAS feature bits on EPYC CPU models

Add the support for following RAS features bits on AMD guests. SUCCOR: Software uncorrectable error containment and recovery capability. The processor supports software containment of uncorrectable errors through context synchronizing data poisoning and deferred error inter

[PATCH v2 3/4] i386/cpu: Enable perfmon-v2 and RAS feature bits on EPYC-Genoa

Following feature bits are added on EPYC-Genoa-v2 model. perfmon-v2: Allow guests to make use of the PerfMonV2 features. SUCCOR: Software uncorrectable error containment and recovery capability. The processor supports software containment of uncorrectable errors through co

[PATCH v2 2/4] i386/cpu: Add PerfMonV2 feature bit

From: Sandipan Das CPUID leaf 0x8022, i.e. ExtPerfMonAndDbg, advertises new performance monitoring features for AMD processors. Bit 0 of EAX indicates support for Performance Monitoring Version 2 (PerfMonV2) features. If found to be set during PMU initialization, the EBX bits can be used to d

[PATCH v2 4/4] i386/cpu: Add support for EPYC-Turin model

Add the support for AMD EPYC zen 5 processors(EPYC-Turin). Add the following new feature bits on top of the feature bits from the previous generation EPYC models. movdiri: Move Doubleword as Direct Store Instruction movdir64b : Move 64 Bytes as Direct Store Instruction avx512

Re: [PATCH v4 5/7] nbd/server: CVE-2024-7409: Close stray client sockets at shutdown

On Wed, Aug 07, 2024 at 07:29:25PM GMT, Daniel P. Berrangé wrote: > On Wed, Aug 07, 2024 at 12:43:31PM -0500, Eric Blake wrote: > > A malicious client can attempt to connect to an NBD server, and then > > intentionally delay progress in the handshake, including if it does > > not know the TLS secre

Re: [PATCH v3 12/20] target/riscv: implement zicfiss instructions

On Wed, Aug 07, 2024 at 12:56:46PM +1000, Richard Henderson wrote: On 8/7/24 12:39, Richard Henderson wrote: +static bool trans_sspopchk(DisasContext *ctx, arg_sspopchk *a) +{ +    /* default for qemu-user, use regular RW memory and thus mmu_idx=0 */ +    int ss_mmu_idx = 0; This can't be righ

Re: [PATCH v3 15/20] target/riscv: shadow stack mmu index for shadow stack instructions

On Wed, Aug 07, 2024 at 12:43:31PM +1000, Richard Henderson wrote: On 8/7/24 10:06, Deepak Gupta wrote: Shadow stack instructions shadow stack mmu index for load/stores. `MMU_IDX_SS_ACCESS` at bit positon 3 is used as shadow stack index. Shadow stack mmu index depend on privilege and SUM bit. If

Re: [PATCH v4 3/7] nbd/server: CVE-2024-7409: Change default max-connections to 100

On Wed, Aug 07, 2024 at 07:24:56PM GMT, Daniel P. Berrangé wrote: > On Wed, Aug 07, 2024 at 12:43:29PM -0500, Eric Blake wrote: > > Allowing an unlimited number of clients to any web service is a recipe > > for a rudimentary denial of service attack: the client merely needs to > > open lots of sock

Re: [PATCH V2 06/11] migration: fix mismatched GPAs during cpr

On 7/19/2024 12:28 PM, Peter Xu wrote: On Sun, Jun 30, 2024 at 12:40:29PM -0700, Steve Sistare wrote: For new cpr modes, ramblock_is_ignored will always be true, because the memory is preserved in place rather than copied. However, for an ignored block, parse_ramblock currently requires that th

Re: [PATCH v4 2/7] nbd/server: Plumb in new args to nbd_client_add()

On Wed, Aug 07, 2024 at 06:58:36PM GMT, Daniel P. Berrangé wrote: > On Wed, Aug 07, 2024 at 12:43:28PM -0500, Eric Blake wrote: > > Upcoming patches to fix a CVE need to track an opaque pointer passed > > in by the owner of a client object, as well as reequest for a time s/reequest/request/ > > l

Re: [PATCH v3 20/20] linux-user: Add RISC-V zicfilp support in VDSO

On Wed, Aug 07, 2024 at 01:41:37PM +1000, Richard Henderson wrote: On 8/7/24 10:06, Deepak Gupta wrote: Add zicfilp support in VDSO. VDSO functions need lpad instruction so that userspace could call this function when landing pad extension is enabled. This solution only works when toolchain alwa

Re: [PATCH v3 19/20] linux-user: permit RISC-V CFI dynamic entry in VDSO

On Wed, Aug 07, 2024 at 01:36:34PM +1000, Richard Henderson wrote: On 8/7/24 10:06, Deepak Gupta wrote: RISC-V CFI use new processor-specific dynamic entry in ELF. Permit it in VDSO post-processing script. Signed-off-by: Jim Shu Signed-off-by: Deepak Gupta --- linux-user/gen-vdso-elfn.c.inc

Re: [PATCH v3 18/20] target/riscv: add trace-hooks for each case of sw-check exception

On Wed, Aug 07, 2024 at 01:27:22PM +1000, Richard Henderson wrote: On 8/7/24 10:06, Deepak Gupta wrote: Violations to control flow rules setup by zicfilp and zicfiss lead to software check exceptions. To debug and fix such sw check issues in guest , add trace-hooks for each case. Signed-off-by:

Re: [PATCH v3 12/20] target/riscv: implement zicfiss instructions

On Wed, Aug 07, 2024 at 12:39:15PM +1000, Richard Henderson wrote: On 8/7/24 10:06, Deepak Gupta wrote: zicfiss has following instructions - sspopchk: pops a value from shadow stack and compares with x1/x5. If they dont match, reports a sw check exception with tval = 3. - sspush: pushes val

RE: [PATCH v4 00/15] hw/misc/aspeed_hace: Fix SG Accumulative Hash Calculations

Hi Phil, > This message has originated from an External Source. Please use proper > judgment and caution when opening attachments, clicking links, or responding > to this email. > > > Hi Alejandro, > > On 7/8/24 21:51, Alejandro Zeise wrote: > > The goal of this patch series is to fix accumulati

[PATCH-for-9.1 v2 3/4] hw/ssi/pnv_spi: Return early in transfer()

Return early to simplify next commit. No logical change intended. Signed-off-by: Philippe Mathieu-Daudé --- hw/ssi/pnv_spi.c | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/hw/ssi/pnv_spi.c b/hw/ssi/pnv_spi.c index 13a47f07e7..05e6afc11e 100644 --- a/hw/ssi/pnv_spi.c +

Re: [PATCH-for-9.1 v2 4/4] hw/ssi/pnv_spi: Fixes Coverity CID 1558831

On 7/8/24 22:28, Philippe Mathieu-Daudé wrote: From: Chalapathi V In this commit the following coverity scan defect has been fixed CID 1558831: Resource leaks (RESOURCE_LEAK) Variable "rsp_payload" going out of scope leaks the storage it points to. Fixes: Coverity CID 1558831 Signed-of

[PATCH-for-9.1 v2 2/4] hw/ssi/pnv_spi: Match _xfer_buffer_free() with _xfer_buffer_new()

pnv_spi_xfer_buffer_new() allocates %payload using g_malloc0(), and pnv_spi_xfer_buffer_write_ptr() allocates %payload->data using g_realloc(). Use the API equivalent g_free() to release the buffers. Signed-off-by: Philippe Mathieu-Daudé --- hw/ssi/pnv_spi.c | 4 ++-- 1 file changed, 2 insertion

[PATCH-for-9.1 v2 4/4] hw/ssi/pnv_spi: Fixes Coverity CID 1558831

From: Chalapathi V In this commit the following coverity scan defect has been fixed CID 1558831: Resource leaks (RESOURCE_LEAK) Variable "rsp_payload" going out of scope leaks the storage it points to. Fixes: Coverity CID 1558831 Signed-off-by: Chalapathi V Fixes: b4cb930e40 ("hw/ssi: Ext

[PATCH-for-9.1 v2 1/4] MAINTAINERS: Cover PowerPC SPI model in PowerNV section

It is unfair to let the PowerNV SPI model to the SSI maintainers. Also include the PowerNV ones. Fixes: 29318db133 ("hw/ssi: Add SPI model") Signed-off-by: Philippe Mathieu-Daudé --- MAINTAINERS | 2 ++ 1 file changed, 2 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index 74a85360fd..528

[PATCH-for-9.1 v2 0/4] hw/ssi/pnv_spi: Fixes Coverity CID 1558831

v2: - Cover PowerNV SSI in MAINTAINERS - Use GLib API in pnv_spi_xfer_buffer_free() - Simplify returning early Supersedes: <20240806134829.351703-3-chalapath...@linux.ibm.com> Chalapathi V (1): hw/ssi/pnv_spi: Fixes Coverity CID 1558831 Philippe Mathieu-Daudé (3): MAINTAINERS: Cover PowerPC

Re: [PATCH v3 10/20] target/riscv: introduce ssp and enabling controls for zicfiss

On Wed, Aug 07, 2024 at 12:12:52PM +1000, Richard Henderson wrote: On 8/7/24 12:11, Richard Henderson wrote: On 8/7/24 10:06, Deepak Gupta wrote: diff --git a/target/riscv/csr.c b/target/riscv/csr.c index a5a969a377..d72d6289fb 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -185,6

Re: [PATCH v3 06/20] target/riscv: tracking indirect branches (fcfi) for zicfilp

On Wed, Aug 07, 2024 at 11:23:00AM +1000, Richard Henderson wrote: On 8/7/24 10:06, Deepak Gupta wrote: diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 364f3ee212..c7af430f38 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -134,6 +134,19 @@ void

Re: [PATCH v1 2/2] Fixes: Coverity CID 1558831

Back at this patch since Cédric asked me to look at it. On 6/8/24 15:48, Chalapathi V wrote: In this commit the following coverity scan defect has been fixed CID 1558831: Resource leaks (RESOURCE_LEAK) Variable "rsp_payload" going out of scope leaks the storage it points to. Signed-off-

Re: [PATCH v3 04/20] target/riscv: save and restore elp state on priv transitions

On Wed, Aug 07, 2024 at 11:06:49AM +1000, Richard Henderson wrote: On 8/7/24 10:06, Deepak Gupta wrote: elp state is recorded in *status on trap entry (less privilege to higher privilege) and restored in elp from *status on trap exit (higher to less privilege). Additionally this patch introduce

Re: [PATCH v4 00/15] hw/misc/aspeed_hace: Fix SG Accumulative Hash Calculations

Hi Alejandro, On 7/8/24 21:51, Alejandro Zeise wrote: The goal of this patch series is to fix accumulative hashing support in the Aspeed HACE module. The issue that stemmed this patch was a failure to boot an OpenBMC image using the "ast2600-evb" machine. The U-boot 2019.04 loader failed to veri

[PATCH v4 01/15] crypto: accumulative hashing API

Changes the hash API to support accumulative hashing. Hash objects are created with "qcrypto_hash_new", updated with data with "qcrypto_hash_update", and the hash obtained with "qcrypto_hash_finalize". These changes bring the hashing API more in line with the hmac API. Signed-off-by: Alejandro Ze

[PATCH v4 15/15] hw/misc/aspeed_hace: Fix SG Accumulative hashing

Make the Aspeed HACE module use the new qcrypto accumulative hashing functions when in scatter-gather accumulative mode. A hash context will maintain a "running-hash" as each scatter-gather chunk is received. Previously each scatter-gather "chunk" was cached so the hash could be computed once the

[PATCH v4 10/15] crypto/hash-gcrypt: Remove old hash API functions

Removes old hash implemention in the gcrypt hash driver. Signed-off-by: Alejandro Zeise --- crypto/hash-gcrypt.c | 67 1 file changed, 67 deletions(-) diff --git a/crypto/hash-gcrypt.c b/crypto/hash-gcrypt.c index e05511cafa..7779ec8446 100644 --- a/

[PATCH v4 11/15] crypto/hash-gnutls: Remove old hash API functions

Removes old hash implemention in the gnutls hash driver. Signed-off-by: Alejandro Zeise --- crypto/hash-gnutls.c | 47 1 file changed, 47 deletions(-) diff --git a/crypto/hash-gnutls.c b/crypto/hash-gnutls.c index 15fc630a11..0c24b0eb66 100644 --- a/

[PATCH v4 14/15] crypto/hashpriv: Remove old hash API function

Remove old hash_bytesv function, as it was replaced by the 4 new functions. Signed-off-by: Alejandro Zeise --- crypto/hashpriv.h | 6 -- 1 file changed, 6 deletions(-) diff --git a/crypto/hashpriv.h b/crypto/hashpriv.h index 02f17ee99f..aec29b3ec3 100644 --- a/crypto/hashpriv.h +++ b/crypto

[PATCH v4 06/15] crypto/hash-afalg: Implement new hash API

Updates the afalg hash driver to support the new accumulative hashing changes as part of the patch series. Implements opening/closing of contexts, updating hash data and finalizing the hash digest. In order to support the update function, a flag needs to be passed to the kernel via the socket sen

[PATCH v4 07/15] crypto/hash: Implement and use new hash API

Changes the public hash API implementation to support accumulative hashing. Implementations for the public functions are added to call the new driver functions that implement context creation, updating, finalization, and destruction. Additionally changes the "shortcut" functions to use these 4 ne

[PATCH v4 03/15] crypto/hash-gcrypt: Implement new hash API

Implements the new hashing API in the gcrypt hash driver. Supports creating/destroying a context, updating the context with input data and obtaining an output hash. Signed-off-by: Alejandro Zeise --- crypto/hash-gcrypt.c | 79 1 file changed, 79 inser

[PATCH v4 04/15] crypto/hash-gnutls: Implement new hash API

Implements the new hashing API in the gnutls hash driver. Supports creating/destroying a context, updating the context with input data and obtaining an output hash. Signed-off-by: Alejandro Zeise --- crypto/hash-gnutls.c | 73 1 file changed, 73 inser

[PATCH v4 12/15] crypto/hash-nettle: Remove old hash API functions

Removes old hash implemention in the nettle hash driver. Signed-off-by: Alejandro Zeise --- crypto/hash-nettle.c | 53 1 file changed, 53 deletions(-) diff --git a/crypto/hash-nettle.c b/crypto/hash-nettle.c index 894c7b4fc3..bd489f865e 100644 --- a/

[PATCH v4 05/15] crypto/hash-nettle: Implement new hash API

Implements the new hashing API in the nettle hash driver. Supports creating/destroying a context, updating the context with input data and obtaining an output hash. Signed-off-by: Alejandro Zeise --- crypto/hash-nettle.c | 77 1 file changed, 77 inser

[PATCH v4 13/15] crypto/hash-afalg: Remove old hash API functions

Removes the old hash API functions in the afalg driver, and modifies the hmac function to use the new helper functions. Signed-off-by: Alejandro Zeise --- crypto/hash-afalg.c | 59 +++-- 1 file changed, 3 insertions(+), 56 deletions(-) diff --git a/crypto

  1   2   3   >