Jason Wang [Sun, 4 Jan 2026 07:54:12 +0000 (15:54 +0800)]
tests/qtest: Add test for filter-redirector rx event opened
Add a new test case 'test_redirector_rx_event_opened' to verify the
handling of the CHR_EVENT_OPENED event in filter-redirector.
The test simulates a scenario where the backend character device (socket)
is disconnected and then reconnected. It works by:
1. Connecting to the redirector's socket (triggers CHR_EVENT_OPENED).
2. Sending a packet to verify initial connectivity.
3. Disconnecting (triggers CHR_EVENT_CLOSED).
4. Reconnecting (triggers CHR_EVENT_OPENED again).
5. Sending another packet to verify that the redirector correctly
re-registers its handlers and resumes passing traffic.
This ensures that the filter-redirector can recover and function correctly
after a backend reconnection.
Reviewed-by: Zhang Chen <zhangckid@gmail.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Jason Wang [Sun, 4 Jan 2026 07:54:10 +0000 (15:54 +0800)]
net/filter-redirector: add support for dynamic status on/off switching
Currently, filter-redirector does not implement the status_changed
callback, which means the 'status' property cannot be used to
dynamically enable/disable the filter at runtime. When status is
set to 'off' via QMP/HMP, the filter still receives data from the
indev chardev because the chardev handlers remain registered.
This patch adds proper support for the 'status' property:
1. Implement filter_redirector_status_changed() callback:
- When status changes to 'off': remove chardev read handlers
- When status changes to 'on': re-register chardev handlers
(only if chardev is already open)
2. Update filter_redirector_setup() to respect initial status:
- If filter is created with status=off, do not register handlers
- This allows creating disabled filters via command line or QMP
3. Handle chardev OPENED/CLOSED events to re-arm handlers on reconnect:
- Keep the chr_event callback installed on CLOSE so a later OPENED
can re-register the read handlers when nf->on
- Use qemu_chr_fe_set_handlers_full(..., set_open=false, sync_state=false)
instead of qemu_chr_fe_set_handlers() because the latter forces
sync_state=true and may emit CHR_EVENT_OPENED for an already-open
backend. Doing that from inside the chr_event callback would cause
recursive/re-entrant OPENED handling.
Jason Wang [Mon, 29 Dec 2025 08:45:41 +0000 (16:45 +0800)]
tests/qtest: add test for filter-buffer interval change
Add test_change_interval_timer to verify that modifying the 'interval'
property of filter-buffer at runtime takes effect immediately.
The test uses socket backend and filter-redirector to verify timer behavior:
- Creates filter-buffer with a very long interval (1000 seconds)
- Sends a packet which gets buffered
- Advances virtual clock by 1 second, verifies packet is still buffered
- Changes interval to 1ms via qom-set (timer should be rescheduled)
- Advances virtual clock by 2ms, verifies packet is now released
- This proves the timer was rescheduled immediately when interval changed
The test uses filter-redirector to observe when packets are released
by filter-buffer, providing end-to-end verification of the timer
rescheduling behavior.
Reviewed-by: Zhang Chen <zhangckid@gmail.com> Reviewed-by: Fabiano Rosas <farosas@suse.de> Signed-off-by: Jason Wang <jasowang@redhat.com>
Jason Wang [Mon, 29 Dec 2025 08:45:40 +0000 (16:45 +0800)]
net/filter-buffer: make interval change take effect immediately
Previously, when the 'interval' property was modified at runtime via
QMP, the new value would only take effect after the current timer
period elapsed. This could lead to unexpected behavior when users
expect immediate changes.
Fix this by checking if the timer is already running when setting
the interval property. If so, reschedule the timer with the new
interval value immediately.
Reviewed-by: Zhang Chen <zhangckid@gmail.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Keep NetdevTapOptions related logic in tap.c, and make tap_set_sndbuf a
simple system call wrapper, more like other functions in tap-linux.c
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Maksim Davydov <davydov-max@yandex-team.ru> Signed-off-by: Jason Wang <jasowang@redhat.com>
Follow common recommendations in include/qapi/error.h of having
a return value together with errp. This allows to avoid error propagation.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Maksim Davydov <davydov-max@yandex-team.ru> Signed-off-by: Jason Wang <jasowang@redhat.com>
No reason to setup notifier on each queue of multique tap,
when we actually want to run downscript only once.
As well, let's not setup notifier, when downscript is
not enabled (downsciprt="no").
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Maksim Davydov <davydov-max@yandex-team.ru> Signed-off-by: Jason Wang <jasowang@redhat.com>
Simplify handling scripts: parse all these "no" and '\0' once, and
then keep simpler logic for net_tap_open() and net_init_tap_one(): NULL
means no script to run, otherwise run script.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Maksim Davydov <davydov-max@yandex-team.ru> Signed-off-by: Jason Wang <jasowang@redhat.com>
net/tap: pass NULL to net_init_tap_one() in cases when scripts are NULL
Directly pass NULL in cases where we report an error if script or
downscript are set.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Maksim Davydov <davydov-max@yandex-team.ru> Signed-off-by: Jason Wang <jasowang@redhat.com>
Let's keep all similar argument checking in net_init_tap() function.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Maksim Davydov <davydov-max@yandex-team.ru> Signed-off-by: Jason Wang <jasowang@redhat.com>
net/tap: net_init_tap_one(): drop extra error propagation
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Maksim Davydov <davydov-max@yandex-team.ru> Signed-off-by: Jason Wang <jasowang@redhat.com>
net/tap-linux.c: avoid abort when setting invalid fd
This patch removes abort() call in the tap_fd_set_vnet_hdr_len()
function. If the fd is found to be in a bad state (e.g., EBADFD
or ENODEV), the function will print an error message.
When QEMU creates a tap device automatically and the tap device is
manually removed from the host while the guest is running, the tap
device file descriptor becomes invalid. Later, when the guest executes
shutdown, the tap_fd_set_vnet_hdr_len() function may be called and
abort QEMU with a core dump when attempting to use the invalid fd.
The expected behavior for this negative test case is that QEMU should
report an error but continue running rather than aborting.
Testing:
- Start QEMU with automatically created tap device
- Manually remove the tap device on the host
- Execute shutdown in the guest
- Verify QEMU reports an error but does not abort
Fixes: 0caed25cd171 ("virtio: Call set_features during reset") Signed-off-by: Houqi (Nick) Zuo <hzuo@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
Alex Bennée [Wed, 21 Jan 2026 10:59:32 +0000 (10:59 +0000)]
hw/intc: avoid byte swap fiddling in gicv3 its path
This allows us to keep the MSI data in plain host order all the way
from the MemoryRegionOps write method to the final KVM_SIGNAL_MSI
ioctl. This fixes a theoretical bug on big-endian hosts because we
were using different size byte swaps which would have truncated the data.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20260121105932.135676-5-alex.bennee@linaro.org Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alex Bennée [Wed, 21 Jan 2026 10:59:31 +0000 (10:59 +0000)]
hw/intc: declare GICv3 regions as little endian
The GIC should always be a little-endian device as big-endian
behaviour is a function of the current CPU configuration not the
system as a whole. This should have no functional effect as the GIC
cannot be instantiated on a BE system but will help the single binary
efforts.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20260121105932.135676-4-alex.bennee@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alex Bennée [Wed, 21 Jan 2026 10:59:30 +0000 (10:59 +0000)]
hw/intc: declare GIC regions as little endian
The GIC should always be a little-endian device as big-endian
behaviour is a function of the current CPU configuration not the
system as a whole. This should have no functional effect as the GIC
cannot be instantiated on a BE system but will help the single binary
efforts.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20260121105932.135676-3-alex.bennee@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alex Bennée [Wed, 21 Jan 2026 10:59:29 +0000 (10:59 +0000)]
hw/intc: declare NVIC regions as little endian
The NVIC should always be a little-endian device as big-endian
behaviour is a function of the current CPU configuration not the
system as a whole. Indeed the Armv8-M architecture reference manual
declares:
All accesses to the Private Peripheral Bus (PPB) are always
little-endian, which means that the PE assumes a little-endian
arrangement of the PPB registers.
This should have no functional effect as the NVIC cannot be
instantiated on a BE system but will help the single binary efforts.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20260121105932.135676-2-alex.bennee@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Fri, 16 Jan 2026 12:58:30 +0000 (12:58 +0000)]
all: Clean up includes
This commit was created with scripts/clean-includes:
./scripts/clean-includes '--git' 'all' '--all'
and manually edited to remove one change to hw/virtio/cbor-helpers.c.
All these changes are header files that include osdep.h or some
system header that osdep.h pulls in; they don't need to do this.
All .c should include qemu/osdep.h first. The script performs three
related cleanups:
* Ensure .c files include qemu/osdep.h first.
* Including it in a .h is redundant, since the .c already includes
it. Drop such inclusions.
* Likewise, including headers qemu/osdep.h includes is redundant.
Drop these, too.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20260116125830.926296-5-peter.maydell@linaro.org
Peter Maydell [Fri, 16 Jan 2026 12:58:29 +0000 (12:58 +0000)]
misc: Clean up includes
This commit deals with various .c files that included system
headers that are already pulled in by osdep.h, where the .c
file includes osdep.h already itself.
This commit was created with scripts/clean-includes:
./scripts/clean-includes '--git' 'misc' 'hw/core' 'semihosting' 'target/arm' 'target/i386/kvm/kvm.c' 'target/loongarch' 'target/riscv' 'tools' 'util'
All .c should include qemu/osdep.h first. The script performs three
related cleanups:
* Ensure .c files include qemu/osdep.h first.
* Including it in a .h is redundant, since the .c already includes
it. Drop such inclusions.
* Likewise, including headers qemu/osdep.h includes is redundant.
Drop these, too.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20260116125830.926296-4-peter.maydell@linaro.org
Peter Maydell [Fri, 16 Jan 2026 12:58:28 +0000 (12:58 +0000)]
bsd-user: Clean up includes
This commit was created with scripts/clean-includes:
./scripts/clean-includes '--git' 'bsd-user' 'bsd-user'
All .c should include qemu/osdep.h first. The script performs three
related cleanups:
* Ensure .c files include qemu/osdep.h first.
* Including it in a .h is redundant, since the .c already includes
it. Drop such inclusions.
* Likewise, including headers qemu/osdep.h includes is redundant.
Drop these, too.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Warner Losh <imp@bsdimp.com>
Message-id: 20260116125830.926296-3-peter.maydell@linaro.org
Peter Maydell [Fri, 16 Jan 2026 12:58:27 +0000 (12:58 +0000)]
mshv: Clean up includes
This commit was created with scripts/clean-includes:
./scripts/clean-includes '--git' 'mshv' 'accel/mshv' 'target/i386/mshv' 'include/system/mshv.h'
All .c should include qemu/osdep.h first. The script performs three
related cleanups:
* Ensure .c files include qemu/osdep.h first.
* Including it in a .h is redundant, since the .c already includes
it. Drop such inclusions.
* Likewise, including headers qemu/osdep.h includes is redundant.
Drop these, too.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20260116125830.926296-2-peter.maydell@linaro.org
Peter Maydell [Fri, 16 Jan 2026 12:40:05 +0000 (12:40 +0000)]
scripts/clean-includes: Update exclude list
Remove from the exclude list:
* tests/plugin, which is a non-existent directory. This was
probably intended to exclude tests/tcg/plugins/, which is caught
by the tests/tcg exclude pattern anyway
Add to the exclude list:
* rust/ -- the headers in here are purely for input to bindgen
* target/hexagon has some standalone tools used at build time
* linux-user/gen-vsdo.c -- another standalone tool
* linux-user/mips64/elfload.c just includes mips/elfload.c
* scripts/xen-detect.c is feature-detection code used by meson.build
* tests/tracetool/simple.c is autogenerated
* tests/unit/ has some "C file just includes another one" files
* include/system/os-wasm.h is like os-posix.h and os-win32.h and
shouldn't be adjusted
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20260116124005.925382-7-peter.maydell@linaro.org
Peter Maydell [Fri, 16 Jan 2026 12:40:04 +0000 (12:40 +0000)]
scripts/clean-includes: Give the args in git commit messages
If clean-includes is creating a git commit for its changes,
currently it says only "created with scripts/clean-includes".
Add the command line arguments the user passed us, as useful
extra information.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 20260116124005.925382-6-peter.maydell@linaro.org
Peter Maydell [Fri, 16 Jan 2026 12:40:03 +0000 (12:40 +0000)]
scripts/clean-includes: Do all our exclusions with REGEXFILE
We currently have two mechanisms for excluding files:
* the REGEXFILE which excludes by regex
* special cases in the "loop over each file" which make
us skip the file
Roll all the "skip this" cases into REGEXFILE, so we use
a single mechanism for identifying which files to exclude.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20260116124005.925382-5-peter.maydell@linaro.org
Peter Maydell [Fri, 16 Jan 2026 12:40:02 +0000 (12:40 +0000)]
scripts/clean-includes: Make ignore-regexes one per line
Currently we have a single extended regular expression defining
files that clean-includes should ignore. This is now very long
and awkward to read and edit.
Switch to having a list of newline-separated EREs that we write
to a file for grep's -f option, so we can express them more
legibly in the shell script. We allow for comments in the
regex list, which lets us document why we have put the
exclusions in.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20260116124005.925382-4-peter.maydell@linaro.org
Peter Maydell [Fri, 16 Jan 2026 12:40:01 +0000 (12:40 +0000)]
scripts/clean-includes: Remove outdated comment
Remove an old comment suggesting a manual shell line to use to find
files to run the script on. The script's exclude-list and its
support for directory names make this irrelevant.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20260116124005.925382-3-peter.maydell@linaro.org
Peter Maydell [Fri, 16 Jan 2026 12:40:00 +0000 (12:40 +0000)]
scripts/clean-includes: Allow directories on command line
Currently clean-includes supports two ways of specifying files to check:
* --all to run on everything
* specific files
There's no way to say "check everything in target/arm".
Add support for handling directory names, by always running
the arguments through git ls-files.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20260116124005.925382-2-peter.maydell@linaro.org
Peter Maydell [Thu, 15 Jan 2026 15:05:45 +0000 (15:05 +0000)]
docs: Be consistent about capitalization of 'Arm' (again)
The company 'Arm' went through a rebranding many years back
involving a recapitalization from 'ARM' to 'Arm'. As a result
our documentation is a bit inconsistent between the two forms.
It's not worth trying to update everywhere in QEMU, but it's
easy enough to make docs/ consistent.
We last did this in commit 6fe6d6c9a in 2020, but a few new
uses of the wrong capitalization have crept back in since.
As before, "ARMv8" and similar architecture names, and
older CPU names like "ARM926" still retain all-caps.
In a few places we make minor grammar fixups as we touch
the sentences we're fixing.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Cédric Le Goater <clg@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20260115150545.669444-1-peter.maydell@linaro.org
kernel-doc.py: sync with upstream Kernel v6.19-rc4
The changes here are aligned up to this Linux changeset: f64c7e113dc9 ("scripts: docs: kdoc_files.py: don't consider symlinks as directories")
On other words, everything that it is there, except for the
patch moving the library to tools/lib/python.
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 54dec248994abf37c4b5b9e48d5ab8f0f8df6f2d.1767716928.git.mchehab+huawei@kernel.org Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit 094fd7d36f2a ("hw/arm/imx8mp-evk: Add KVM support") introduced KVM
support for the imx8mp-evk machine. KVM only works with the "host" CPU type
such that it has been made the default CPU type for KVM. No need to repeat
that on the command line.
Fixes: 094fd7d36f2a ("hw/arm/imx8mp-evk: Add KVM support") Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Message-id: 20260114213227.3812-3-shentey@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Bernhard Beschow [Wed, 14 Jan 2026 21:32:26 +0000 (22:32 +0100)]
hw/arm/imx8mp-evk: Provide some defaults matching real hardware
Having four CPUs and 6 GiB of RAM matches real hardware. Fix the machine
defaults to make its use more ergonomic and less error-prone.
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Message-id: 20260114213227.3812-2-shentey@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
cpus: Allocate maximum number of ASes supported by the arch
Instead of computing the number of address spaces used for a given
architecture, machine, and CPU configuration, simplify the code by
always allocating the maximum number of CPUAddressSpaces supported
by the architecture.
Gustavo Romero [Fri, 16 Jan 2026 18:58:11 +0000 (15:58 -0300)]
target/arm: Initialize AS 0 first
Move the initialization of AS of index 0 (ARMASIdx_NS) so it happens
before the initialization of the other address spaces. This is purely a
code organization change with no effect on behavior.
Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org> Suggested-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-ID: <20260116185814.108560-2-gustavo.romero@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Rather than compiling the same content for all targets (unused
most of the time, i.e. qemu-system-avr ...), extract the non
x86 specific parts to a stub file and build it once for all
non-x86 targets.
Add a Kconfig symbol to only select the target-specific file
with the x86 target (rename this file with '-x86' suffix).
Since Kconfig symbols aren't evaluated for user emulation,
the file unit is only built for system emulation.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20260121215622.92966-3-philmd@linaro.org>
dump: Abort in create_win_dump() on non-x86 guests
qmp_dump_guest_memory() checks win_dump_available()
before calling create_win_dump(). On non-x86 targets
calling it would be a programming error, so abort.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20260121215622.92966-2-philmd@linaro.org>
configs/targets: Forbid s390x to use legacy native endianness APIs
All s390x-related binaries are buildable without a single
use of the legacy "native endian" API. Set the transitional
TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API definition to forbid
further uses of the legacy API.
Preliminary commits allowing this final change:
. f0853c25862 target/s390x: Inline translator_lduw() and translator_ldl()
. ee4dae6a332 target/s390x: Use big-endian variant of cpu_ld/st_data*()
. 381a1fda5bf target/s390x: Inline cpu_ld{uw, l}_code() calls in EX opcode helper
. 69da23130f2 target/s390x: Replace MO_TE -> MO_BE
. 0fb6ad781cc target/s390x: Replace gdb_get_regl() -> gdb_get_reg64()
. 409cbb1a619 target/s390x: Use explicit big-endian LD/ST API
. 6d9dad71265 target/s390x: Replace HOST_BIG_ENDIAN #ifdef with if() check
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20251224162036.90404-9-philmd@linaro.org>
configs/targets: Forbid Renesas RX to use legacy native endianness API
The qemu-system-rx binary is buildable without a single
use of the legacy "native endian" API. Set the transitional
TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API definition to forbid
further uses of the legacy API.
Preliminary commits allowing this final change:
. b0afb81271a target/rx: Inline translator_lduw() and translator_ldl()
. 41a1b46c3b2 target/rx: Use explicit little-endian LD/ST API
. de1f3d628e6 target/rx: Use little-endian variant of cpu_ld/st_data*()
. 0f4af4e2672 target/rx: Use MemOp type in gen_ld[u]() and gen_st()
. 2062fa663c0 target/rx: Propagate DisasContext to generated helpers
. 8b71fd6ffec target/rx: Propagate DisasContext to push() / pop()
. 363fff6d1b1 target/rx: Propagate DisasContext to gen_ld[u]() and gen_st()
. cb8e4556d58 target/rx: Factor mo_endian() helper out
. f9903a8a23e target/rx: Replace MO_TE -> MO_LE
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20251224163304.91384-5-philmd@linaro.org>
configs/targets: Forbid TriCore to use legacy native endianness API
The qemu-system-tricore binary is buildable without a single
use of the legacy "native endian" API. Set the transitional
TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API definition to forbid
further uses of the legacy API.
Preliminary commits allowing this final change:
. 8075a0a5479 target/tricore: Inline translator_lduw()
. 4a4b272ae87 target/tricore: Use little-endian variant of cpu_ld/st_data*()
. cd08bcaa36b target/tricore: Expand TCGv type for 32-bit target
. 8a2235dd077 target/tricore: Un-inline various helpers
. e843ef2bbac target/tricore: Pass DisasContext as first argument
. 4f08815467e target/tricore: Expand TCG helpers for 32-bit target
. f30c8aa229d target/tricore: Inline tcg_gen_ld32u_tl()
. 6b2e4fcb836 target/tricore: Declare registers as TCGv_i32
. c558aa94211 target/tricore: Replace target_ulong -> uint32_t in op_helper.c
. 30257dcd2b0 target/tricore: Remove unnecessary cast to target_ulong
. 44e2b68d275 target/tricore: Remove target_ulong use in gen_addi_d()
. a15e8996268 target/tricore: Remove target_ulong use in translate_insn() handler
. 0d5f9542561 target/tricore: Replace target_ulong -> vaddr with tlb_fill() callees
. 809b460f305 target/tricore: Remove target_ulong use in gen_goto_tb()
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20251224163005.91137-4-philmd@linaro.org>
configs/targets: Forbid OpenRISC to use legacy native endianness APIs
All OpenRISC-related binaries are buildable without a single
use of the legacy "native endian" API. Set the transitional
TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API definition to forbid
further uses of the legacy API.
Preliminary commits allowing this final change:
. 52392f95e69 target/openrisc: Inline translator_ldl()
. 16c0efb5a7a target/openrisc: Use explicit big-endian LD/ST API
. 5b67dbf1dc3 target/openrisc: Replace target_ulong -> uint32_t
. 500708331e3 target/openrisc: Inline tcg_gen_trunc_i64_tl()
. 4f6c60683f2 target/openrisc: Replace MO_TE -> MO_BE
. 73cd283e58d target/openrisc: Introduce mo_endian() helper
. 2f737e19a4d target/openrisc: Conceal MO_TE within do_store()
. 22c36c0a20c target/openrisc: Conceal MO_TE within do_load()
. ef797ac0025 target/openrisc: Explode MO_TExx -> MO_TE | MO_xx
. 81e2fb236b7 target/openrisc: Remove 'TARGET_LONG_BITS != 32' dead code
. 9dc4862dc4a target/openrisc: Use vaddr type for $pc jumps
. 2367c94cbb1 target/openrisc: Remove target_ulong use in raise_mmu_exception()
. 1843e89bec5 target/openrisc: Remove unused cpu_openrisc_map_address_*() handlers
. a3c4facd395 target/openrisc: Do not use target_ulong for @mr in MTSPR helper
. 2795bc52af4 target/openrisc: Replace VMSTATE_UINTTL() -> VMSTATE_UINT32()
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20251224161804.90064-5-philmd@linaro.org>
configs/targets: Forbid LoongArch to use legacy native endianness APIs
All LoongArch-related binaries are buildable without a single
use of the legacy "native endian" API. Set the transitional
TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API definition to forbid
further uses of the legacy API.
Preliminary commits allowing this final change:
. 6b4c30465c0 target/loongarch: Inline translator_ldl()
. f9a03787c7f target/loongarch: Use explicit little-endian LD/ST API
. 91312a6d046 target/loongarch: Inline cpu_ldl_code() call in cpu_do_interrupt()
. 492b2799c64 target/loongarch: Replace MO_TE -> MO_LE
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Bibo Mao <maobibo@loongson.cn>
Message-Id: <20251224161456.89707-9-philmd@linaro.org>
configs/targets: Forbid HPPA to use legacy native endianness APIs
All HPPA-related binaries are buildable without a single use
of the legacy "native endian" API. Set the transitional
TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API definition to
forbid further uses of the legacy API.
Preliminary commits allowing this final change:
. c77d0e90093 target/hppa: Use big-endian variant of cpu_ld/st_data*()
. 75498b3f7b9 target/hppa: Use explicit big-endian LD/ST API
. bcf5e5d3e33 target/hppa: Inline translator_ldl()
. 7307ff95581 target/hppa: Replace MO_TE -> MO_BE
. 6c1c734f786 target/hppa: Introduce mo_endian() helper
. 64d1c178513 target/hppa: Conceal MO_TE within do_store_32/64()
. 0807994a0cc target/hppa: Conceal MO_TE within do_store()
. e3da4367117 target/hppa: Conceal MO_TE within do_load_32/64()
. 4eef4dab502 target/hppa: Conceal MO_TE within do_load()
. 714dd08fed1 target/hppa: Explode MO_TExx -> MO_TE | MO_xx
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20251229225517.45078-6-philmd@linaro.org>
configs/targets: Forbid Hexagon to use legacy native endianness API
The qemu-hexagon binary is buildable without a single use
of the legacy "native endian" API. Set the transitional
TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API definition to
forbid further uses of the legacy API.
system: Allow restricting the legacy DEVICE_NATIVE_ENDIAN definition
Guard the native endian definition we want to remove by surrounding
it with TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API #ifdef'ry.
Assign values to the enumerators so they stay unchanged.
Once a target gets cleaned we'll set the definition in the target
config, then the target won't be able to use the legacy API anymore.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-21-philmd@linaro.org>
system: Allow restricting the legacy MO_TE* 'native-endian' definitions
Guard the native endian definitions we want to remove by surrounding
them with TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API #ifdef'ry.
Once a target gets cleaned we'll set the definition in the
target config, then the target won't be able to use the legacy
API anymore.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-20-philmd@linaro.org>
system: Allow restricting the legacy tswap() 'native-endian' API
Guard the native endian APIs we want to remove by surrounding
them with TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API #ifdef'ry.
Once a target gets cleaned we'll set the definition in the
target config, then the target won't be able to use the legacy
API anymore.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-19-philmd@linaro.org>
system: Allow restricting the legacy translator_ld() 'native-endian' API
Guard the native endian APIs we want to remove by surrounding
them with TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API #ifdef'ry.
Once a target gets cleaned we'll set the definition in the
target config, then the target won't be able to use the legacy
API anymore.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-18-philmd@linaro.org>
system: Allow restricting the legacy cpu_ld/st() 'native-endian' API
Guard the native endian APIs we want to remove by surrounding
them with TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API #ifdef'ry.
Once a target gets cleaned we'll set the definition in the
target config, then the target won't be able to use the legacy
API anymore.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-17-philmd@linaro.org>
system: Allow restricting legacy address_space_ldst() native-endian API
Guard the native endian APIs we want to remove by surrounding
them with TARGET_NOT_USING_LEGACY_NATIVE_ENDIAN_API #ifdef'ry.
Once a target gets cleaned we'll set the definition in the
target config, then the target won't be able to use the legacy
API anymore.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-16-philmd@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-14-philmd@linaro.org>
address_space_{ld,st}m_internal() take a MemOp argument
so can directly use the {ld,st}m_p() helpers.
Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-13-philmd@linaro.org>
system/memory: Pass device_endian argument as MemOp bit
Use the MemOp argument to hold both the access size and
its endianness.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20251217143150.94463-14-philmd@linaro.org>
system/memory: Factor address_space_ldst[M]_internal() helper out
All the LD/ST[W,L,Q] variants use the same template, only
modifying the access size used. Unify as a single pair of
LD/ST methods taking a MemOp argument. Thus use the 'm'
suffix for MemOp.
Keep the pre-existing "warning: addr must be aligned" comment.
We leave the wonder about why we aren't asserting alignment
for later.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-11-philmd@linaro.org>
system/memory: Define address_space_ldst[Q] endian variants via template
Define address_space_ldst[Q] endian variants via template.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-10-philmd@linaro.org>
system/memory: Define address_space_ldst[L] endian variants via template
Define address_space_ldst[L] endian variants via template.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-9-philmd@linaro.org>
system/memory: Define address_space_ldst[W] endian variants via template
Like we do for other LD/ST APIs, use one template to declare and
define all endianness variants of the address_space_ldst[W] methods.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109165058.59144-8-philmd@linaro.org>
system/memory: Introduce ldm_p() and stm_p() load/store helpers
Introduce load/store helpers which take a MemOp argument.
Inspired-by: Paolo Bonzini <pbonzini@redhat.com> Suggested-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20260118193509.42923-5-philmd@linaro.org>
"qemu/host-utils.h" and "qemu/int128.h" are included a lot in
the tree, and don't use any definition from "qemu/bswap.h"...
Since it contains a lot of inlined functions, remove it to
reduce pointless compilation cycles.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260118193509.42923-4-philmd@linaro.org>
bswap: Use 'qemu/bswap.h' instead of 'qemu/host-utils.h'
These files only require "qemu/bswap.h", not "qemu/host-utils.h".
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109163730.57087-2-philmd@linaro.org>
All these files indirectly include the "qemu/bswap.h" header.
Make this inclusion explicit to avoid build errors when
refactoring unrelated headers.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260109164742.58041-4-philmd@linaro.org>
target/ppc: Simplify endianness handling in Altivec opcodes
Access the memory in big-endian order,
swap bytes when MSR.LE is set.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20251126202200.23100-22-philmd@linaro.org>
target/sh4: Replace cpu_stl_data() call in OCBI helper
In preparation of removing the cpu_stl_data() call,
inline it. Set the return address argument.
See commit 852d481faf7 ("SH: Improve movca.l/ocbi
emulation") for more context on this code.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20251126202200.23100-11-philmd@linaro.org>
target/sparc: Use big-endian variant of cpu_ld/st_data*()
We only build the SPARC targets using big endianness order,
therefore the cpu_ld/st_data*() definitions expand to the big
endian declarations. Use the explicit big-endian variants.
Mechanical change running:
$ tgt=sparc; \
end=be; \
for op in data mmuidx_ra; do \
for ac in uw sw l q; do \
sed -i -e "s/cpu_ld${ac}_${op}/cpu_ld${ac}_${end}_${op}/" \
$(git grep -l cpu_ target/${tgt}/); \
done;
for ac in w l q; do \
sed -i -e "s/cpu_st${ac}_${op}/cpu_st${ac}_${end}_${op}/" \
$(git grep -l cpu_ target/${tgt}/); \
done;
done
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20251126202200.23100-10-philmd@linaro.org>
target/m68k: Use big-endian variant of cpu_ld/st_data*()
We only build the M68k target using big endianness order,
therefore the cpu_ld/st_data*() definitions expand to the
big endian declarations. Use the explicit big-endian variants.
Mechanical change running:
$ tgt=m68k; \
end=be; \
for op in data mmuidx_ra; do \
for ac in uw sw l q; do \
sed -i -e "s/cpu_ld${ac}_${op}/cpu_ld${ac}_${end}_${op}/" \
$(git grep -l cpu_ target/${tgt}/); \
done;
for ac in w l q; do \
sed -i -e "s/cpu_st${ac}_${op}/cpu_st${ac}_${end}_${op}/" \
$(git grep -l cpu_ target/${tgt}/); \
done;
done
Then adapting indentation in do_stack_frame() to pass checkpatch.pl.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20251126202200.23100-8-philmd@linaro.org>
target/riscv: Use little-endian variant of cpu_ld/st_data*() for vector
RISC-V vector "elements are simply packed in order from
the least-signicant to most-signicant bits of the vector
register" [*] which is little endianness, therefore the
cpu_ld/st_data*() definitions expand to the little endian
declarations. Use the explicit little-endian variants.
[*] RISC-V "V" Vector Extension v1.0
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-Id: <20251126202200.23100-4-philmd@linaro.org>
target/i386: Use little-endian variant of cpu_ld/st_data*()
We only build the X86 targets using little endianness order,
therefore the cpu_ld/st_data*() definitions expand to the little
endian declarations. Use the explicit little-endian variants.
Mechanical change running:
$ tgt=i386; \
end=le; \
for op in data mmuidx_ra; do \
for ac in uw sw l q; do \
sed -i -e "s/cpu_ld${ac}_${op}/cpu_ld${ac}_${end}_${op}/" \
$(git grep -l cpu_ target/${tgt}/); \
done;
for ac in w l q; do \
sed -i -e "s/cpu_st${ac}_${op}/cpu_st${ac}_${end}_${op}/" \
$(git grep -l cpu_ target/${tgt}/); \
done;
done
Then adapting indentation in helper_vmload() to pass checkpatch.pl.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20251126202200.23100-3-philmd@linaro.org>
Merge tag 'hw-misc-20260120' of https://github.com/philmd/qemu into staging
Misc HW patches
- Generalized IOMMU test framework
- Fix Freescale SDHCI endianness issues
- Support for zboot images compressed with Zstd
- Pcap support to analyze UEFI firmware traffic
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmlvzsUACgkQ4+MsLN6t
# wN5G4BAAzpNnhYe09TMrn/pUBMbXqmYGXTpOXxkkes922X1Xt/qpo1LGSgcMnW8j
# p1ju7rWa3r3TIqkPPzHlyxaZrcMMUBTEdJ/u5tOeD19aNzQHQTTWKErqIucZOLZl
# /DElbpNGakEDHyqX4BMZW+zfIkjIou0ZWh95hyHPnDPK7aJrbLvWrz2tcaOsqfDI
# WYNf8BrCEwbKTvnBis7/IYOGH2sK8ZUgMwXShLbhnAIdFoVLwlBwGbosH/wR/qW0
# Ql/hPEovXfBN7J1w9cYM8gfSOanZ5Hs1fC9K/FXHA9/TDkF3xYOwp9ky85y6fJO3
# lbD9wzAsNIdzOgj8s90AihTr5FFa+XK1SUTHR5xcTyou5zR73N4cGjmwJT6xvu0W
# Noy89Jsg+DhFXYWBcnNr0XxUgNnPe0zRV1YZJNEwJm+ODiY9o/St7cKtcM1wYPKZ
# y1vgRT7nxbI41F7cAJH/sEFigNWDkDdP3QSqHCwWpJG2urPtT/7iaFH4k4VoNUab
# YfplDcoXGTljGEHI0l4hqauSelo5VyDcMCajXfqkgXawSdMTWxFxhpr68zRoY2//
# KaIu4czG82iSAN4hFj8KySzwHT5dQizCGa98CrMHhf4JLwYkd7g80KRjNvFxWNhk
# JJ6ciqpN+M7pZUihLd222Oz5/Jjf/qXpkRPIYO/kaDvzZ2uL7/c=
# =uody
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 21 Jan 2026 05:51:49 AM AEDT
# gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE
* tag 'hw-misc-20260120' of https://github.com/philmd/qemu: (29 commits)
meson: Do not try to build module for empty per-target hw/ directory
hw/virtio-nsm: include qemu/osdep.h
hw/uefi: add pcap support
hw: move pcap structs to header file
hw/loader: Add support for zboot images compressed with zstd
hw/loader: Use g_autofree in unpack_efi_zboot_image()
hw/loader: Rename UBOOT_MAX _GUNZIP_BYTES to _DECOMPRESSED_BYTES
hw/loader: Rename LOAD_IMAGE_MAX _GUNZIP_BYTES to _DECOMPRESSED_BYTES
hw/sd/trace-events: Remove redundant "SWITCH " command name
hw/sd/sdhci: Remove vendor property
hw/sd/sdhci: Remove endianness property
hw/arm/fsl-imx25: Extract TYPE_FSL_ESDHC_LE
hw/ppc/e500: Use TYPE_FSL_ESDHC_BE
hw/sd/sdhci: Add TYPE_FSL_ESDHC_BE
hw/sd/sdhci: Rename usdhc_ functions
hw/sd/sdhci: Consolidate eSDHC constants
Revert "hw/sd/sdhci: Rename ESDHC_* defines to USDHC_*"
hw/arm/fsl-imx25: Apply missing reset quirk
hw/arm/fsl-imx6: Fix naming of SDHCI related constants and attributes
hw/arm/fsl-imx6: Remove now redundant setting of "sd-spec-version" property
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Merge tag 'pull-trivial-patches' of https://gitlab.com/mjt0k/qemu into staging
trivial patches for 2026-01-20
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCgAdFiEEZKoqtTHVaQM2a/75gqpKJDselHgFAmlvdRoACgkQgqpKJDse
# lHilOw//fdYjk7Ls+M2F0zgIKHbtQj/ACeIXtYr9mLwgUHCVnYByMbaqVVvyuCfZ
# 6n7unTRC6UyhmAgVz5F9RElUBxrRucqgXHXo9QcbvIBBZoWsnWAXjNWmV6kqBF4s
# L8cDniWRLwwkRaGTf1jjOEHJz8ilVwpXfvbQRkU9KJNelFkoh1rprxj3hkw1hF9C
# TpGda15ho7EaplRdfpN+qjOlHpShgbF2qMPUz1zZAWcpomZK8U5/xiHcuE9Y19/L
# tLC6lEkt1nR+xW/5JRptCAke8jLgLlYUHGsXdZuahpXwfK++ITCtM95X2Ra44gMR
# M3xC8hmcpaO5aF/2JoMkLS7LnuenJ093oBIwyhC9LM+MYt/NWIwLIItu22V25qRj
# bEuD2avDSiR0tWDikzxezj5J7riYsDQCt004Ycw7roBZeEI7yngXD2YTkkurSDjb
# wPvzg+qW8WM9n5K9Mxi66F0C7dFU0lru817nJO3dj4ayPJ7B6Elr47n5NpcfAEpP
# dn7j4+nj2puvAyXcfGwLQyU/o/ayJxkEvAZja1Q5sONwMqf0GHIZ9fDu63njkClQ
# rvzKyIKhRv3inmr65nO8RvnZe/j4ONhJ07IwMEBFjUMqW7aXu0GYPx0no7rtWZvQ
# NXypCGE+ag+PYetcOu2tHjaOLQG5/43eBEWSFCgns5UJcrB6vJ4=
# =u20D
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 20 Jan 2026 11:29:14 PM AEDT
# gpg: using RSA key 64AA2AB531D56903366BFEF982AA4A243B1E9478
# gpg: Good signature from "Michael Tokarev <mjt@debian.org>" [unknown]
# gpg: aka "Michael Tokarev <mjt@corpit.ru>" [unknown]
# gpg: aka "Michael Tokarev <mjt@tls.msk.ru>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 9D8B E14E 3F2A 9DD7 9199 28F1 61AD 3D98 ECDF 2C8E
# Subkey fingerprint: 64AA 2AB5 31D5 6903 366B FEF9 82AA 4A24 3B1E 9478
* tag 'pull-trivial-patches' of https://gitlab.com/mjt0k/qemu:
bsd-user/syscall_defs.h: define STAT_TIME_T_EXT only for 32 bits
linux-user/aarch64/target_fcntl.h: add missing TARGET_O_LARGEFILE definition
configure: add ppc target back to container tests
MAINTAINERS: Add docs/system/i386/ to the general x86 architecture section
tests/qemu-iotests: Use "gsed" for expressions that require GNU sed
configure: Set $PYTHON in the configuration of the optionroms
tests: fix comment declaring runtime in rv64 interruptedmemory test
qemu-options.hx: use KiB, MiB, GiB for power-of-2 units
gdbstub: unlink the unix socket before bind()
Revert "gdbstub: Try unlinking the unix socket before binding"
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
meson: Do not try to build module for empty per-target hw/ directory
In commit 83d5db95d38 ("meson: Allow system binaries to not
have target-specific units") we allowed targets with empty
target_system_arch[] source set, but missed hw_arch[] could
also be empty when building modules.
Skip such case, otherwise due to commit a1ced487549
("hw/microblaze: Build files once"), building with
--enable-modules triggers:
../meson.build:4034:14: ERROR: Key microblaze is not in the dictionary.
Gerd Hoffmann [Wed, 26 Nov 2025 14:25:59 +0000 (15:25 +0100)]
hw/uefi: add pcap support
Add pcapfile property to uevi-vars-* devices, allowing to write out a
capture of the communication traffic between uefi firmware and qemu.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20260114110406.3500357-3-kraxel@redhat.com>
[PMD: Wrap long line to avoid checkpatch.pl warning] Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Daan De Meyer [Mon, 24 Nov 2025 12:35:21 +0000 (13:35 +0100)]
hw/loader: Add support for zboot images compressed with zstd
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Daan De Meyer <daan.j.demeyer@gmail.com>
Message-ID: <20251124123521.1058183-5-daan.j.demeyer@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Daan De Meyer [Mon, 24 Nov 2025 12:35:20 +0000 (13:35 +0100)]
hw/loader: Use g_autofree in unpack_efi_zboot_image()
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Daan De Meyer <daan.j.demeyer@gmail.com>
Message-ID: <20251124123521.1058183-4-daan.j.demeyer@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Daan De Meyer [Mon, 24 Nov 2025 12:35:19 +0000 (13:35 +0100)]
hw/loader: Rename UBOOT_MAX _GUNZIP_BYTES to _DECOMPRESSED_BYTES
For consistency with LOAD_IMAGE_MAX_DECOMPRESSED_BYTES.
Signed-off-by: Daan De Meyer <daan.j.demeyer@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20251124123521.1058183-3-daan.j.demeyer@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Daan De Meyer [Mon, 24 Nov 2025 12:35:18 +0000 (13:35 +0100)]
hw/loader: Rename LOAD_IMAGE_MAX _GUNZIP_BYTES to _DECOMPRESSED_BYTES
Preparation for adding support for zstd compressed efi zboot kernel
images.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Daan De Meyer <daan.j.demeyer@gmail.com>
Message-ID: <20251124123521.1058183-2-daan.j.demeyer@gmail.com>
[PMD: Wrap long line to avoid checkpatch.pl warning] Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Now that there are dedicated eSDHC device models it is possible to replace
the "vendor" property (which is really a device-specific property) with a
dynamic cast, "fishing" out only the device models which shall have the
quirk applied.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260112145418.220506-14-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Bernhard Beschow [Tue, 13 Aug 2024 17:52:30 +0000 (19:52 +0200)]
hw/sd/sdhci: Remove endianness property
The endianness property was only explicitly set in the e500 machine which
now instantiates TYPE_FSL_ESDHC_BE. The property could also not be used
meaningfully in a hypothetical, common TYPE_FSL_ESDHC device model since
sdhci_common_realize() would fail in that case or it would need to know
all MMIO implementations upfront. Remove the property in favor of dedicated
device models.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260112145418.220506-12-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Bernhard Beschow [Sat, 15 Mar 2025 10:49:35 +0000 (11:49 +0100)]
hw/ppc/e500: Use TYPE_FSL_ESDHC_BE
TYPE_FSL_ESDHC_BE maches real hardware more closely by reusing code of
TYPE_IMX_USDHC. For example, it fixes Linux to flood the guest console with
"mmc0: Internal clock never stabilised" messages in the QEMU advent calendar
2018 day 19 image.
Reported-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260112145418.220506-10-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Bernhard Beschow [Sat, 15 Mar 2025 10:49:35 +0000 (11:49 +0100)]
hw/sd/sdhci: Add TYPE_FSL_ESDHC_BE
For now, TYPE_FSL_ESDHC_BE is basically a big-endian variant of
TYPE_IMX_USDHC. It will be used in the e500 machines in the next step which
prevents Linux to flood the console with "mmc0: Internal clock never
stabilised" messages.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260112145418.220506-9-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
The next patches will introduce eSDHC device models (big and little endian).
Prepare for that by renaming the functions. Also, this makes the code have
similar conventions as in Linux and U-Boot.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260112145418.220506-8-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Drop the "IMX_" part of the names since these are actually {E,U}SDHC
specific and apply for PowerPC-based SoCs as well. While at it
consolidate all ESDHC constants into the ESDHC section.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260112145418.220506-7-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Unaware that the constants were named after Linux and U-Boot code,
commit 1e76667f7adf ("hw/sd/sdhci: Rename ESDHC_* defines to USDHC_*")
changed the naming to be consistent with the function names. Fix the
constant naming to be consistent with Linux and U-Boot again. In the
next step, the function names will be renamed according to Linux and
U-Boot code as well.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260112145418.220506-6-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Just like the Freescale MPC8569E SoC the i.MX25 features an eSDHC but
as little-endian variant. According to the datasheet TYPE_FSL_IMX25 requires
the same reset quirk as the e500 machines. The quirk was introduced in d060b2789f71 ("hw/sd/sdhci: Set reset value of interrupt registers") for the
e500 machines, so reuse it now in TYPE_FSL_IMX25.
Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260112145418.220506-5-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
hw/sd/sdhci: Fix TYPE_IMX_USDHC to implement sd-spec-version 3 by default
Fixes TYPE_FSL_IMX6UL, TYPE_FSL_IMX7, and TYPE_FSL_IMX8MP to implement
version 3 of the SD specification.
Note that TYPE_FSL_IMX6 already had "sd-spec-version" set accordingly and
that TYPE_FSL_IMX25 correctly sets the same property to version 2 since the
real hardware is an eSDHC which is the uSDHC's predecessor.
Fixes: fd1e5c817964 ("sdhci: Add i.MX specific subtype of SDHCI")
cc: qemu-stable Signed-off-by: Bernhard Beschow <shentey@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-ID: <20260112145418.220506-2-shentey@gmail.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tao Tang [Thu, 25 Sep 2025 15:35:50 +0000 (23:35 +0800)]
tests/qtest: Add SMMUv3 bare-metal test using iommu-testdev
Add a qtest suite that validates ARM SMMUv3 translation without guest
firmware or OS. The tests leverage iommu-testdev to trigger DMA
operations and the qos-smmuv3 library to configure IOMMU translation
structures.
This test suite targets the virt machine and covers:
- Stage 1 only translation (VA -> PA via CD page tables)
- Stage 2 only translation (IPA -> PA via STE S2 tables)
- Nested translation (VA -> IPA -> PA, Stage 1 + Stage 2)
- Design to extended to support multiple security spaces
(Non-Secure, Secure, Root, Realm)
Each test case follows this sequence:
1. Initialize SMMUv3 with appropriate command/event queues
2. Build translation tables (STE/CD/PTE) for the target scenario
3. Configure iommu-testdev with IOVA and DMA attributes via MMIO
4. Trigger DMA and validate successful translation
5. Verify data integrity through a deterministic write-read pattern
This bare-metal approach provides deterministic IOMMU testing with
minimal dependencies, making failures directly attributable to the SMMU
translation path.
Signed-off-by: Tao Tang <tangtao1634@phytium.com.cn> Tested-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-ID: <20260119161112.3841386-9-tangtao1634@phytium.com.cn>
[PMD: Cover tests/qtest/iommu-smmuv3-test.c in MAINTAINERS] Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tao Tang [Wed, 26 Nov 2025 12:56:55 +0000 (20:56 +0800)]
tests/qtest/libqos: Add SMMUv3 helper library
Introduce qos-smmuv3, a reusable library for SMMUv3-related qtest
operations. This module encapsulates common tasks like:
- SMMUv3 initialization (enabling, configuring command/event queues)
- Stream Table Entry (STE) and Context Descriptor (CD) setup
- Multi-level page table construction (L0-L3 for 4KB granules)
- Support for Stage 1, Stage 2, and nested translation modes
- Could be easily extended to support multi-space testing infrastructure
(Non-Secure, Secure, Root, Realm)
The library provides high-level abstractions that allow test code to
focus on IOMMU behavior validation rather than low-level register
manipulation and page table encoding. Key features include:
- Provide memory allocation for translation structures with proper
alignment
- Helper functions to build valid STEs/CDs for different translation
scenarios
- Page table walkers that handle address offset calculations per
security space
This infrastructure is designed to be used by iommu-testdev-based tests
and future SMMUv3 test suites, reducing code duplication and improving
test maintainability.
Signed-off-by: Tao Tang <tangtao1634@phytium.com.cn> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Reviewed-by: Fabiano Rosas <farosas@suse.de>
Message-ID: <20260119161112.3841386-8-tangtao1634@phytium.com.cn> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tao Tang [Sun, 18 Jan 2026 06:52:14 +0000 (14:52 +0800)]
tests/qtest: Add libqos iommu-testdev helpers
Introduce a libqos helper module for the iommu-testdev
device used by qtests. This module provides some common functions to
all IOMMU test cases using iommu-testdev.
Wire the new sources into tests/qtest/libqos/meson.build so
they are built as part of the qtest support library.
Signed-off-by: Tao Tang <tangtao1634@phytium.com.cn>
Message-ID: <20260119161112.3841386-7-tangtao1634@phytium.com.cn> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tao Tang [Thu, 25 Sep 2025 15:35:49 +0000 (23:35 +0800)]
hw/misc: Introduce iommu-testdev for bare-metal IOMMU testing
Add a minimal PCI test device designed to exercise IOMMU translation
(such as ARM SMMUv3) without requiring guest firmware or OS. The device
provides MMIO registers to configure and trigger DMA operations with
controllable attributes (security state, address space), enabling
deterministic IOMMU testing.
Key features:
- Bare-metal IOMMU testing via simple MMIO interface
- Configurable DMA attributes for security states and address spaces
- Write-then-read verification pattern with automatic result checking
The device performs a deterministic DMA test pattern: write a known
value (0x12345678) to a configured GVA, read it back, and verify data
integrity. Results are reported through a dedicated result register,
eliminating the need for complex interrupt handling or driver
infrastructure in tests.
This is purely a test device and not intended for production use or
machine realism. It complements existing test infrastructure like
pci-testdev but focuses specifically on IOMMU translation path
validation.
Tao Tang [Sun, 21 Dec 2025 03:25:01 +0000 (11:25 +0800)]
hw/arm/smmuv3: Extract common definitions to smmuv3-common.h
Move register definitions, command enums, and Stream Table Entry (STE) /
Context Descriptor (CD) structure definitions from the internal header
hw/arm/smmuv3-internal.h to a new common header
include/hw/arm/smmuv3-common.h.
This allows other components, such as generic SMMUv3 tests or test devices,
to utilize these definitions without including the specific SMMUv3 device
internal state.
Signed-off-by: Tao Tang <tangtao1634@phytium.com.cn> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-ID: <20260119161112.3841386-2-tangtao1634@phytium.com.cn> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Pierrick Bouvier [Mon, 19 Jan 2026 07:57:38 +0000 (23:57 -0800)]
bsd-user/syscall_defs.h: define STAT_TIME_T_EXT only for 32 bits
Commit 369c1ba2b changed the wrong conditional "#if defined(__i386__)" to
"#if defined(TARGET_I386)".
However, TARGET_I386 is defined for target x86_64 also.
This commit fixes it by identifying correctly 32 bits target.
Found with:
$ ./build/qemu-x86_64 \
-plugin ./build/contrib/plugins/libstoptrigger,icount=1000000 \
-plugin ./build/tests/tcg/plugins/libinsn \
-d plugin \
./build/qemu-system-x86_64 --version
ld-elf.so.1: /lib/libz.so.6: invalid file format
cpu 0 insns: 59746
total insns: 59746
Fixes: 369c1ba2b ("Fix __i386__ test for TARGET_HAS_STAT_TIME_T_EXT") Signed-off-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Warner Losh <imp@bsdimp.com> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
projects / thirdparty / qemu.git / log
