Add libdw-based functions for loading and querying debuginfo. Load
debuginfo from the system and the linux-user loaders.
This is useful for the upcoming perf support, which can then put
human-readable guest symbols instead of raw guest PCs into perfmap and
jitdump files.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Message-Id: <20230112152013.125680-3-iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Guest driver might execute HW commands when shared buffers are not yet
allocated.
This could happen on purpose (malicious guest) or because of some other
guest/host address mapping error.
We need to protect againts such case.
Fixes: CVE-2022-1050
Reported-by: Raven <wxhusst@gmail.com>
Signed-off-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Message-Id: <20220403095234.2210-1-yuval.shaia.ml@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
../hw/usb/ccid-card-emulated.c: In function 'handle_apdu_thread':
../hw/usb/ccid-card-emulated.c:251:24: error: cast from pointer to integer of different size [-Werror=pointer-to-int-cast]
251 | assert((unsigned long)event > 1000);
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20230103110814.3726795-2-marcandre.lureau@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Seems like there is also nothing target-specific in here, so these
files can be moved to softmmu_ss to avoid that they get compiled
twice (once for qemu-system-arm and once for qemu-system-aarch64).
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230112134928.1026006-7-thuth@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
MIPS patches queue
A bunch of cleanups from various people.
- Improved GT64120 on big-endian hosts
- GT64120 north bridge and MC146818 RTC devices are now target independent
- Bonito64 north bridge converted to 3-phase reset API
- PCI refactors around PIIX devices
- Support for nanoMIPS in bootloader generator API
- New YAMON Malta Avocado test
- Removal of 'trap and emulate' KVM support
- System-specific QMP commands restricted to system emulation
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmPBekAACgkQ4+MsLN6t
# wN4wjxAAtYxyt6WUBpiYfV/LnbQFpAsacues1Vhy9MPYEg5a/iuXWKvWtgRYvGww
# qR0GVQH8rH7tgnCZK+ioq9jX+hvfBskP6CnKhxmb5zDGm7vP7jhhu8UFWY/EtBgq
# 0zpNeLMXtnRJ6PBqo/nWFCVtcpDRZ6IkSbpGWkVkciRFc5n/2VCnlIj8k2I1oMvL
# 11cp2xFQnaPReFXIpMjJHuHv1NObykdlvVg6wQo/A/4qIb8EvJQEPmePjG9Sf0i0
# v2dhnnxG9mze7+uq0dIC16x8Azko3N7dmtNlBU/aGb9OELwx35aux2M4dNDVogwn
# DqL/Wsk54TFewECOfS48t/a/TqV8j/ISW1d/JvovBrN2KovmIAbtqHuMUqKVk5l0
# 23ZOIIPIYwmScZwIlkCIGUuIzFig1zhEmQcoEQaFe/B0oLB2eN/x0Bk9Yklo+i2A
# WNiyiAj7k5492qEdndOySEEDVt6886F/+CdQ6QYF5Z1L/ELck7XHBH3mGDznWpPn
# 6IURyVquPJx7ul62jSGI+Gc+qakNoahIhPo5O7hklOM9GwWNOWXHveyb7xjs7j+O
# eWyVcet+o7hoHkCzmfbyTPySI4qCpF9fA42jqPhATwQPwmGXpbr+4BxUq3KtE43y
# w9tEigwd4voN3dWLItVh6QE4in70osz3XHp93byvo8bHlS0huVY=
# =oXX+
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 13 Jan 2023 15:35:28 GMT
# gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE
* tag 'mips-20230113' of https://github.com/philmd/qemu: (46 commits)
scripts/git.orderfile: Display MAINTAINERS changes first
target/mips: Restrict 'qapi-commands-machine.h' to system emulation
hw/mips/boston: Rename MachineState 'mc' pointer to 'ms'
hw/pci-host/bonito: Declare TYPE_BONITO_PCI_HOST_BRIDGE in header
hw/pci-host/bonito: Use 'bonito_pci' for PCI function #0 code
hw/pci-host/bonito: Use 'bonito_host' for PCI host bridge code
hw/pci-host/bonito: Convert to 3-phase reset
softmmu/rtc: Emit warning when using driftfix=slew on systems without mc146818
hw/rtc/mc146818rtc: Make the mc146818 RTC device target independent
hw/core/qdev-properties-system: Allow the 'slew' policy only on x86
hw/intc: Extract the IRQ counting functions into a separate file
hw/intc/i8259: Make using the isa_pic singleton more type-safe
hw/usb/hcd-uhci: Introduce TYPE_ defines for device models
hw/mips/Kconfig: Track Malta's PIIX dependencies via Kconfig
hw/isa/piix4: Decouple INTx-to-LNKx routing which is board-specific
hw/isa/piix3: Decouple INTx-to-LNKx routing which is board-specific
hw/pci/pci: Factor out pci_bus_map_irqs() from pci_bus_irqs()
hw/pci/pci_host: Trace config accesses on unexisting functions
mips: Always include nanomips disassembler
mips: Remove support for trap and emulate KVM
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The only reason for this code being target dependent was the IRQ-counting
related code in rtc_policy_slew_deliver_irq(). Since these functions have
been moved into a new, separate file (kvm_irqcount.c) which is now always
compiled and linked if necessary, we can get rid of the #ifdef TARGET_I386
switches in mc146818rtc.c and declare it in the softmmu_ss instead of
specific_ss, so that the code only gets compiled once for all targets.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20230110095351.611724-4-thuth@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
The 'slew' tick policy is currently enforced to be only available on
x86 via some "#ifdef TARGET_I386" statements in mc146818rtc.c. We
want to get rid of those #ifdefs, so we need a different way of
checking whether the policy is allowed or not. Using the setter
function in hw/core/qdev-properties-system.c seems to be a good
place, so let's add a check here.
Suggested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Bernhard Beschow <shentey@gmail.com>
Message-Id: <20230110095351.611724-3-thuth@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
These IRQ counting functions will soon be required in binaries that
do not include the APIC code, too, so let's extract them into a
separate file that can be linked independently of the APIC code.
While we're at it, change the apic_* prefix into kvm_* since the
functions are used from the i8259 PIC (i.e. not the APIC), too.
Reviewed-by: Bernhard Beschow <shentey@gmail.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20230110095351.611724-2-thuth@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
pci_map_irq_fn's in general seem to be board-specific, and PIIX4's
pci_slot_get_pirq() in particular seems very Malta-specific. So move the
latter to malta.c to 1/ keep the board logic in one place and 2/ avoid
PIIX4 to make assumptions about its board.
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230109172347.1830-7-shentey@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
pci_map_irq_fn's in general seem to be board-specific. So move PIIX3's
pci_slot_get_pirq() to board code to not have PIIX3 make assuptions
about its board.
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230109172347.1830-6-shentey@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
pci_bus_irqs() coupled together the assignment of pci_set_irq_fn and
pci_map_irq_fn to a PCI bus. This coupling gets in the way when the
pci_map_irq_fn is board-specific while the pci_set_irq_fn is device-
specific.
For example, both of QEMU's PIIX south bridge models have different
pci_map_irq_fn implementations which are board-specific rather than
device-specific. These implementations should therefore reside in board
code. The pci_set_irq_fn's, however, should stay in the device models
because they access memory internal to the model.
Factoring out pci_bus_map_irqs() from pci_bus_irqs() allows the
assignments to be decoupled, resolving the problem described above.
Note also how pci_vpb_realize() which gets touched in this commit
assigns different pci_map_irq_fn's depending on the board.
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230109172347.1830-5-shentey@gmail.com>
[PMD: Factor out in vfu_object_set_bus_irq()]
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
IRQRC[A:D] registers reset value is 0x80. We were forcing
the MIPS Malta machine routing to be able to boot a Linux
kernel without any bootloader.
We now have these registers initialized in the Malta machine
write_bootloader(), so we can use the correct reset values.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Bernhard Beschow <shentey@gmail.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <20221027204720.33611-4-philmd@linaro.org>
Linux kernel expects the northbridge & southbridge chipsets
configured by the BIOS firmware. We emulate that by writing
a tiny bootloader code in write_bootloader().
Upon introduction in commit 5c2b87e34d ("PIIX4 support"),
the PIIX4 configuration space included values specific to
the Malta board.
Set the Malta-specific IRQ routing values in the embedded
bootloader, so the next commit can remove the Malta specific
bits from the PIIX4 PCI-ISA bridge and make it generic
(matching the real hardware).
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <20221027204720.33611-3-philmd@linaro.org>
Similarly to how commit 0c8427baf0 ("hw/mips/malta: Use bootloader
helper to set BAR registers") converted write_bootloader(), convert
the equivalent write_bootloader_nanomips(), allowing us to modify
the bootloader code more easily in the future.
Part 1/5: Convert PCI0 MEM1 BAR setup
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20221211204533.85359-7-philmd@linaro.org>
The single machine using this device explicitly sets its
endianness. We don't need to set a default. This allow us
to remove the target specificity from the build system.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20221209151533.69516-7-philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
