Skip to content

Commit

Permalink
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into sta…
Browse files Browse the repository at this point in the history 
…ging

virtio, pc: fixes, features

Bugfixes all over the place.
CPU hotplug with secureboot.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Thu 23 Jan 2020 07:08:32 GMT
# gpg:                using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg:                issuer "mst@redhat.com"
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  vhost: coding style fix
  i386:acpi: Remove _HID from the SMBus ACPI entry
  vhost: Only align sections for vhost-user
  vhost: Add names to section rounded warning
  vhost-vsock: delete vqs in vhost_vsock_unrealize to avoid memleaks
  virtio-scsi: convert to new virtio_delete_queue
  virtio-scsi: delete vqs in unrealize to avoid memleaks
  virtio-9p-device: convert to new virtio_delete_queue
  virtio-9p-device: fix memleak in virtio_9p_device_unrealize
  bios-tables-test: document expected file update
  acpi: cpuhp: add CPHP_GET_CPU_ID_CMD command
  acpi: cpuhp: spec: add typical usecases
  acpi: cpuhp: introduce 'Command data 2' field
  acpi: cpuhp: spec: clarify store into 'Command data' when 'Command field' == 0
  acpi: cpuhp: spec: fix 'Command data' description
  acpi: cpuhp: spec: clarify 'CPU selector' register usage and endianness
  tests: q35: MCH: add default SMBASE SMRAM lock test
  q35: implement 128K SMRAM at default SMBASE address

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
  • Loading branch information
@pm215
pm215 committed Jan 23, 2020
2 parents be9612e + 8347505 commit 7cea426
Show file tree
Hide file tree
Showing 23 changed files with 344 additions and 51 deletions.
89 changes: 72 additions & 17 deletions docs/specs/acpi_cpu_hotplug.txt
View file
Expand Up @@ -15,24 +15,40 @@ CPU present bitmap for:
PIIX-PM (IO port 0xaf00-0xaf1f, 1-byte access)
One bit per CPU. Bit position reflects corresponding CPU APIC ID. Read-only.
The first DWORD in bitmap is used in write mode to switch from legacy
to new CPU hotplug interface, write 0 into it to do switch.
to modern CPU hotplug interface, write 0 into it to do switch.
---------------------------------------------------------------
QEMU sets corresponding CPU bit on hot-add event and issues SCI
with GPE.2 event set. CPU present map is read by ACPI BIOS GPE.2 handler
to notify OS about CPU hot-add events. CPU hot-remove isn't supported.

=====================================
ACPI CPU hotplug interface registers:
Modern ACPI CPU hotplug interface registers:
-------------------------------------
Register block base address:
ICH9-LPC IO port 0x0cd8
PIIX-PM IO port 0xaf00
Register block size:
ACPI_CPU_HOTPLUG_REG_LEN = 12

All accesses to registers described below, imply little-endian byte order.

Reserved resisters behavior:
- write accesses are ignored
- read accesses return all bits set to 0.

The last stored value in 'CPU selector' must refer to a possible CPU, otherwise
- reads from any register return 0
- writes to any other register are ignored until valid value is stored into it
On QEMU start, 'CPU selector' is initialized to a valid value, on reset it
keeps the current value.

read access:
offset:
[0x0-0x3] reserved
[0x0-0x3] Command data 2: (DWORD access)
if value last stored in 'Command field':
0: reads as 0x0
3: upper 32 bits of architecture specific CPU ID value
other values: reserved
[0x4] CPU device status fields: (1 byte access)
bits:
0: Device is enabled and may be used by guest
Expand All @@ -44,15 +60,17 @@ read access:
3-7: reserved and should be ignored by OSPM
[0x5-0x7] reserved
[0x8] Command data: (DWORD access)
in case of error or unsupported command reads is 0xFFFFFFFF
current 'Command field' value:
0: returns PXM value corresponding to device
contains 0 unless value last stored in 'Command field' is one of:
0: contains 'CPU selector' value of a CPU with pending event[s]
3: lower 32 bits of architecture specific CPU ID value
(in x86 case: APIC ID)

write access:
offset:
[0x0-0x3] CPU selector: (DWORD access)
selects active CPU device. All following accesses to other
registers will read/store data from/to selected CPU.
Valid values: [0 .. max_cpus)
[0x4] CPU device control fields: (1 byte access)
bits:
0: reserved, OSPM must clear it before writing to register.
Expand All @@ -69,26 +87,63 @@ write access:
value:
0: selects a CPU device with inserting/removing events and
following reads from 'Command data' register return
selected CPU (CPU selector value). If no CPU with events
found, the current CPU selector doesn't change and
corresponding insert/remove event flags are not set.
selected CPU ('CPU selector' value).
If no CPU with events found, the current 'CPU selector' doesn't
change and corresponding insert/remove event flags are not modified.
1: following writes to 'Command data' register set OST event
register in QEMU
2: following writes to 'Command data' register set OST status
register in QEMU
other values: reserved
[0x6-0x7] reserved
[0x8] Command data: (DWORD access)
current 'Command field' value:
0: OSPM reads value of CPU selector
if last stored 'Command field' value:
1: stores value into OST event register
2: stores value into OST status register, triggers
ACPI_DEVICE_OST QMP event from QEMU to external applications
with current values of OST event and status registers.
other values: reserved
other values: reserved

Typical usecases:
- (x86) Detecting and enabling modern CPU hotplug interface.
QEMU starts with legacy CPU hotplug interface enabled. Detecting and
switching to modern interface is based on the 2 legacy CPU hotplug features:
1. Writes into CPU bitmap are ignored.
2. CPU bitmap always has bit#0 set, corresponding to boot CPU.

Use following steps to detect and enable modern CPU hotplug interface:
1. Store 0x0 to the 'CPU selector' register,
attempting to switch to modern mode
2. Store 0x0 to the 'CPU selector' register,
to ensure valid selector value
3. Store 0x0 to the 'Command field' register,
4. Read the 'Command data 2' register.
If read value is 0x0, the modern interface is enabled.
Otherwise legacy or no CPU hotplug interface available

- Get a cpu with pending event
1. Store 0x0 to the 'CPU selector' register.
2. Store 0x0 to the 'Command field' register.
3. Read the 'CPU device status fields' register.
4. If both bit#1 and bit#2 are clear in the value read, there is no CPU
with a pending event and selected CPU remains unchanged.
5. Otherwise, read the 'Command data' register. The value read is the
selector of the CPU with the pending event (which is already
selected).

Selecting CPU device beyond possible range has no effect on platform:
- write accesses to CPU hot-plug registers not documented above are
ignored
- read accesses to CPU hot-plug registers not documented above return
all bits set to 0.
- Enumerate CPUs present/non present CPUs
01. Set the present CPU count to 0.
02. Set the iterator to 0.
03. Store 0x0 to the 'CPU selector' register, to ensure that it's in
a valid state and that access to other registers won't be ignored.
04. Store 0x0 to the 'Command field' register to make 'Command data'
register return 'CPU selector' value of selected CPU
05. Read the 'CPU device status fields' register.
06. If bit#0 is set, increment the present CPU count.
07. Increment the iterator.
08. Store the iterator to the 'CPU selector' register.
09. Read the 'Command data' register.
10. If the value read is not zero, goto 05.
11. Otherwise store 0x0 to the 'CPU selector' register, to put it
into a valid state and exit.
The iterator at this point equals "max_cpus".
1 change: 1 addition & 0 deletions hw/9pfs/virtio-9p-device.c
View file
Expand Up @@ -218,6 +218,7 @@ static void virtio_9p_device_unrealize(DeviceState *dev, Error **errp)
V9fsVirtioState *v = VIRTIO_9P(dev);
V9fsState *s = &v->state;

virtio_delete_queue(v->vq);
virtio_cleanup(vdev);
v9fs_device_unrealize_common(s, errp);
}
Expand Down
18 changes: 18 additions & 0 deletions hw/acpi/cpu.c
View file
Expand Up @@ -12,11 +12,13 @@
#define ACPI_CPU_FLAGS_OFFSET_RW 4
#define ACPI_CPU_CMD_OFFSET_WR 5
#define ACPI_CPU_CMD_DATA_OFFSET_RW 8
#define ACPI_CPU_CMD_DATA2_OFFSET_R 0

enum {
CPHP_GET_NEXT_CPU_WITH_EVENT_CMD = 0,
CPHP_OST_EVENT_CMD = 1,
CPHP_OST_STATUS_CMD = 2,
CPHP_GET_CPU_ID_CMD = 3,
CPHP_CMD_MAX
};

Expand Down Expand Up @@ -74,11 +76,27 @@ static uint64_t cpu_hotplug_rd(void *opaque, hwaddr addr, unsigned size)
case CPHP_GET_NEXT_CPU_WITH_EVENT_CMD:
val = cpu_st->selector;
break;
case CPHP_GET_CPU_ID_CMD:
val = cdev->arch_id & 0xFFFFFFFF;
break;
default:
break;
}
trace_cpuhp_acpi_read_cmd_data(cpu_st->selector, val);
break;
case ACPI_CPU_CMD_DATA2_OFFSET_R:
switch (cpu_st->command) {
case CPHP_GET_NEXT_CPU_WITH_EVENT_CMD:
val = 0;
break;
case CPHP_GET_CPU_ID_CMD:
val = cdev->arch_id >> 32;
break;
default:
break;
}
trace_cpuhp_acpi_read_cmd_data2(cpu_st->selector, val);
break;
default:
break;
}
Expand Down
1 change: 1 addition & 0 deletions hw/acpi/trace-events
View file
Expand Up @@ -23,6 +23,7 @@ cpuhp_acpi_read_flags(uint32_t idx, uint8_t flags) "idx[0x%"PRIx32"] flags: 0x%"
cpuhp_acpi_write_idx(uint32_t idx) "set active cpu idx: 0x%"PRIx32
cpuhp_acpi_write_cmd(uint32_t idx, uint8_t cmd) "idx[0x%"PRIx32"] cmd: 0x%"PRIx8
cpuhp_acpi_read_cmd_data(uint32_t idx, uint32_t data) "idx[0x%"PRIx32"] data: 0x%"PRIx32
cpuhp_acpi_read_cmd_data2(uint32_t idx, uint32_t data) "idx[0x%"PRIx32"] data: 0x%"PRIx32
cpuhp_acpi_cpu_has_events(uint32_t idx, bool ins, bool rm) "idx[0x%"PRIx32"] inserting: %d, removing: %d"
cpuhp_acpi_clear_inserting_evt(uint32_t idx) "idx[0x%"PRIx32"]"
cpuhp_acpi_clear_remove_evt(uint32_t idx) "idx[0x%"PRIx32"]"
Expand Down
1 change: 0 additions & 1 deletion hw/i386/acpi-build.c
View file
Expand Up @@ -1816,7 +1816,6 @@ static void build_smb0(Aml *table, I2CBus *smbus, int devnr, int func)
Aml *scope = aml_scope("_SB.PCI0");
Aml *dev = aml_device("SMB0");

aml_append(dev, aml_name_decl("_HID", aml_eisaid("APP0005")));
aml_append(dev, aml_name_decl("_ADR", aml_int(devnr << 16 | func)));
build_acpi_ipmi_devices(dev, BUS(smbus), "\\_SB.PCI0.SMB0");
aml_append(scope, dev);
Expand Down
4 changes: 3 additions & 1 deletion hw/i386/pc.c
View file
Expand Up @@ -93,7 +93,9 @@
#include "fw_cfg.h"
#include "trace.h"

GlobalProperty pc_compat_4_2[] = {};
GlobalProperty pc_compat_4_2[] = {
{ "mch", "smbase-smram", "off" },
};
const size_t pc_compat_4_2_len = G_N_ELEMENTS(pc_compat_4_2);

GlobalProperty pc_compat_4_1[] = {};
Expand Down
84 changes: 77 additions & 7 deletions hw/pci-host/q35.c
View file
Expand Up @@ -275,20 +275,20 @@ static const TypeInfo q35_host_info = {
* MCH D0:F0
*/

static uint64_t tseg_blackhole_read(void *ptr, hwaddr reg, unsigned size)
static uint64_t blackhole_read(void *ptr, hwaddr reg, unsigned size)
{
return 0xffffffff;
}

static void tseg_blackhole_write(void *opaque, hwaddr addr, uint64_t val,
unsigned width)
static void blackhole_write(void *opaque, hwaddr addr, uint64_t val,
unsigned width)
{
/* nothing */
}

static const MemoryRegionOps tseg_blackhole_ops = {
.read = tseg_blackhole_read,
.write = tseg_blackhole_write,
static const MemoryRegionOps blackhole_ops = {
.read = blackhole_read,
.write = blackhole_write,
.endianness = DEVICE_NATIVE_ENDIAN,
.valid.min_access_size = 1,
.valid.max_access_size = 4,
Expand Down Expand Up @@ -430,6 +430,46 @@ static void mch_update_ext_tseg_mbytes(MCHPCIState *mch)
}
}

static void mch_update_smbase_smram(MCHPCIState *mch)
{
PCIDevice *pd = PCI_DEVICE(mch);
uint8_t *reg = pd->config + MCH_HOST_BRIDGE_F_SMBASE;
bool lck;

if (!mch->has_smram_at_smbase) {
return;
}

if (*reg == MCH_HOST_BRIDGE_F_SMBASE_QUERY) {
pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] =
MCH_HOST_BRIDGE_F_SMBASE_LCK;
*reg = MCH_HOST_BRIDGE_F_SMBASE_IN_RAM;
return;
}

/*
* default/reset state, discard written value
* which will disable SMRAM balackhole at SMBASE
*/
if (pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] == 0xff) {
*reg = 0x00;
}

memory_region_transaction_begin();
if (*reg & MCH_HOST_BRIDGE_F_SMBASE_LCK) {
/* disable all writes */
pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] &=
~MCH_HOST_BRIDGE_F_SMBASE_LCK;
*reg = MCH_HOST_BRIDGE_F_SMBASE_LCK;
lck = true;
} else {
lck = false;
}
memory_region_set_enabled(&mch->smbase_blackhole, lck);
memory_region_set_enabled(&mch->smbase_window, lck);
memory_region_transaction_commit();
}

static void mch_write_config(PCIDevice *d,
uint32_t address, uint32_t val, int len)
{
Expand All @@ -456,6 +496,10 @@ static void mch_write_config(PCIDevice *d,
MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_SIZE)) {
mch_update_ext_tseg_mbytes(mch);
}

if (ranges_overlap(address, len, MCH_HOST_BRIDGE_F_SMBASE, 1)) {
mch_update_smbase_smram(mch);
}
}

static void mch_update(MCHPCIState *mch)
Expand All @@ -464,6 +508,7 @@ static void mch_update(MCHPCIState *mch)
mch_update_pam(mch);
mch_update_smram(mch);
mch_update_ext_tseg_mbytes(mch);
mch_update_smbase_smram(mch);

/*
* pci hole goes from end-of-low-ram to io-apic.
Expand Down Expand Up @@ -514,6 +559,9 @@ static void mch_reset(DeviceState *qdev)
MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY);
}

d->config[MCH_HOST_BRIDGE_F_SMBASE] = 0;
d->wmask[MCH_HOST_BRIDGE_F_SMBASE] = 0xff;

mch_update(mch);
}

Expand Down Expand Up @@ -563,7 +611,7 @@ static void mch_realize(PCIDevice *d, Error **errp)
memory_region_add_subregion(&mch->smram, 0xfeda0000, &mch->high_smram);

memory_region_init_io(&mch->tseg_blackhole, OBJECT(mch),
&tseg_blackhole_ops, NULL,
&blackhole_ops, NULL,
"tseg-blackhole", 0);
memory_region_set_enabled(&mch->tseg_blackhole, false);
memory_region_add_subregion_overlap(mch->system_memory,
Expand All @@ -575,6 +623,27 @@ static void mch_realize(PCIDevice *d, Error **errp)
memory_region_set_enabled(&mch->tseg_window, false);
memory_region_add_subregion(&mch->smram, mch->below_4g_mem_size,
&mch->tseg_window);

/*
* This is not what hardware does, so it's QEMU specific hack.
* See commit message for details.
*/
memory_region_init_io(&mch->smbase_blackhole, OBJECT(mch), &blackhole_ops,
NULL, "smbase-blackhole",
MCH_HOST_BRIDGE_SMBASE_SIZE);
memory_region_set_enabled(&mch->smbase_blackhole, false);
memory_region_add_subregion_overlap(mch->system_memory,
MCH_HOST_BRIDGE_SMBASE_ADDR,
&mch->smbase_blackhole, 1);

memory_region_init_alias(&mch->smbase_window, OBJECT(mch),
"smbase-window", mch->ram_memory,
MCH_HOST_BRIDGE_SMBASE_ADDR,
MCH_HOST_BRIDGE_SMBASE_SIZE);
memory_region_set_enabled(&mch->smbase_window, false);
memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMBASE_ADDR,
&mch->smbase_window);

object_property_add_const_link(qdev_get_machine(), "smram",
OBJECT(&mch->smram), &error_abort);

Expand All @@ -601,6 +670,7 @@ uint64_t mch_mcfg_base(void)
static Property mch_props[] = {
DEFINE_PROP_UINT16("extended-tseg-mbytes", MCHPCIState, ext_tseg_mbytes,
16),
DEFINE_PROP_BOOL("smbase-smram", MCHPCIState, has_smram_at_smbase, true),
DEFINE_PROP_END_OF_LIST(),
};

Expand Down
6 changes: 6 additions & 0 deletions hw/scsi/virtio-scsi.c
View file
Expand Up @@ -943,7 +943,13 @@ void virtio_scsi_common_unrealize(DeviceState *dev)
{
VirtIODevice *vdev = VIRTIO_DEVICE(dev);
VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(dev);
int i;

virtio_delete_queue(vs->ctrl_vq);
virtio_delete_queue(vs->event_vq);
for (i = 0; i < vs->conf.num_queues; i++) {
virtio_delete_queue(vs->cmd_vqs[i]);
}
g_free(vs->cmd_vqs);
virtio_cleanup(vdev);
}
Expand Down

0 comments on commit 7cea426

Please sign in to comment.