target/arm/hvf: Mention hvf_arch_set_traps() must run on vCPU thread
Since hvf_arch_set_traps() calls hv_vcpu_set_trap_debug_exceptions()
and hv_vcpu_set_trap_debug_reg_accesses(), which must run on a vCPU,
it also must. Mention it.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Mads Ynddal <mads@ynddal.dk> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
accel/hvf: Mention hvf_arch_init_vcpu() must run on vCPU thread
hvf_arch_init_vcpu(), along with hvf_put_guest_debug_registers()
and hvf_put_gdbstub_debug_registers(), calls hv_vcpu_set_sys_reg(),
which must run on a vCPU. Mention they also must.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Mads Ynddal <mads@ynddal.dk> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target/arm/hvf: Check hv_vcpu_set_vtimer_mask() returned value
hv_vcpu_set_vtimer_mask() returns a hv_return_t enum type
(defined in <Hypervisor/hv_error.h>). Assert we succeeded,
as we are not ready to handle any error path.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Mads Ynddal <mads@ynddal.dk> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target/arm/hvf: Check hv_vcpus_exit() returned value
hv_vcpus_exit() returns a hv_return_t enum type (defined
in <Hypervisor/hv_error.h>). Assert we succeeded, as we
are not ready to handle any error path.
Suggested-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Mads Ynddal <mads@ynddal.dk> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target/arm/hvf: Release memory allocated by hv_vcpu_config_create()
hv_vcpu_config_create() is documented in <Hypervisor/hv_vcpu_config.h>
as:
/*!
@abstract Creates a vcpu configuration object.
@result A new vcpu configuration object. This should be released with os_release when no longer used.
*/
OS_OBJECT_RETURNS_RETAINED OS_WARN_RESULT
hv_vcpu_config_t hv_vcpu_config_create(void);
Release the memory allocated by hv_vcpu_config_create() with
os_release().
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Mads Ynddal <mads@ynddal.dk> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
hw/arm/virt: Remove VirtMachineClass::kvm_no_adjvtime field
The VirtMachineClass::kvm_no_adjvtime field was only used by the
virt-4.2 machine, which got removed. Remove it as now unused, but
keep the ARMCPU homonym property.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251020094022.68768-5-philmd@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This machine has been supported for a period of more than 6 years.
According to our versioned machine support policy (see commit ce80c4fa6ff "docs: document special exception for machine type
deprecation & removal") it can now be removed.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251020094022.68768-4-philmd@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
hw/arm/virt: Remove VirtMachineClass::no_ged field
The VirtMachineClass::no_ged field was only used by virt-4.1
machine, which got removed. Remove it as now unused.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251020094022.68768-3-philmd@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This machine has been supported for a period of more than 6 years.
According to our versioned machine support policy (see commit ce80c4fa6ff "docs: document special exception for machine type
deprecation & removal") it can now be removed.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251020094022.68768-2-philmd@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 23 Oct 2025 10:13:39 +0000 (11:13 +0100)]
target/arm: Add assert to arm_to_core_mmu_idx()
Before commit f76cee647c ("target/arm: Introduce mmu indexes for
GCS") it was impossible for arm_to_core_mmu_idx() to return an
invalid core MMU index, because NB_MMU_MODES was 16 and
ARM_MMU_IDX_COREIDX_MASK was 0xf.
That commit raises ARM_MMU_IDX_COREIDX_MASK to 0x1f and NB_MMU_MODES
to 22, so it's now possible for a bogus Arm mmu index to result in an
out of range core mmu index (which can then get used as an array
index in the CPUTLB struct arrays). Coverity complains that this
might result in an out-of-bounds access.
The out-of-bounds access can't happen because we construct all the
ARMMMUIdx values we will use for TLBs to have valid core MMU indexes
in the COREIDX field. But we can add an assert() so that if we ever
do end up operating on a corrupted or wrong ARMMMUIdx value we get an
assert rather than silently indexing off the end of an array. This
should also make Coverity happier.
Coverity: CID 1641404 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20251023101339.1983809-1-peter.maydell@linaro.org
Peter Maydell [Thu, 16 Oct 2025 13:11:59 +0000 (14:11 +0100)]
docs/system/security: Restrict "virtualization use case" to specific machines
Currently our security policy defines a "virtualization use case"
where we consider bugs to be security issues, and a
"non-virtualization use case" where we do not make any security
guarantees and don't consider bugs to be security issues.
The rationale for this split is that much code in QEMU is older and
was not written with malicious guests in mind, and we don't have the
resources to audit, fix and defend it. So instead we inform users
about what the can in practice rely on as a security barrier, and
what they can't.
We don't currently restrict the "virtualization use case" to any
particular set of machine types. This means that we have effectively
barred ourselves from adding KVM support to any machine type that we
don't want to put into the "bugs are security issues" category, even
if it would be useful for users to be able to get better performance
with a trusted guest by enabling KVM. This seems an unnecessary
restriction, and in practice the set of machine types it makes
sense to use for untrusted-guest virtualization is quite small.
Specifically, we would like to be able to enable the use of
KVM with the imx8 development board machine types, but we don't
want to commit ourselves to having to support those SoC models
and device models as part of QEMU's security boundary:
https://lore.kernel.org/qemu-devel/20250629204851.1778-3-shentey@gmail.com/
This patch updates the security policy to explicitly list the
machine types we consider to be useful for the "virtualization
use case".
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Acked-by: Christian Borntraeger <borntraeger@linux.ibm.com> Reviewed-by: Bibo Mao <maobibo@loongson.cn> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com> Reviewed-by: Bernhard Beschow <shentey@gmail.com>
Message-id: 20251016131159.750480-1-peter.maydell@linaro.org Acked-by: Markus Armbruster <armbru@redhat.com>
The virt machine now supports creating multiple SMMUv3 instances, each
associated with a separate PCIe root complex.
Update the documentation with an example.
Signed-off-by: Shameer Kolothum <skolothumtho@nvidia.com>
[PMM: some minor wording tweaks]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
hw/gpio/pl061: Declare pullups/pulldowns as 8-bit types
uint8_t is good enough to hold a property "between 0 and 0xff".
Define pullups/pulldowns properties using DEFINE_PROP_UINT8()
macro, remove unnecessary range checks in pl061_realize().
Update the two caller sites.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Merge tag 'pull-loongarch-20251030' of https://github.com/bibo-mao/qemu into staging
loongarch queue
# -----BEGIN PGP SIGNATURE-----
#
# iHUEABYKAB0WIQQNhkKjomWfgLCz0aQfewwSUazn0QUCaQLPjQAKCRAfewwSUazn
# 0c6EAP4wnAifbVCAMLxvMXtacIO7LomcdGDxXtwSh8l7GXvCtwD9E8MvJhrb7gMb
# tty5M+P2eIzOafaRHscarWLrnI01mAY=
# =zfDK
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 30 Oct 2025 03:38:05 AM CET
# gpg: using EDDSA key 0D8642A3A2659F80B0B3D1A41F7B0C1251ACE7D1
# gpg: Good signature from "bibo mao <maobibo@loongson.cn>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 7044 3A00 19C0 E97A 31C7 13C4 8E86 8FB7 A176 9D4C
# Subkey fingerprint: 0D86 42A3 A265 9F80 B0B3 D1A4 1F7B 0C12 51AC E7D1
* tag 'pull-loongarch-20251030' of https://github.com/bibo-mao/qemu:
target/loongarch: Add PTW feature support in KVM mode
linux-headers: Update to Linux v6.18-rc3
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Merge tag 'pull-misc-20251031' of https://gitlab.com/rth7680/qemu into staging
linux-user: permit sendto() with NULL buf and 0 len
tests/functional: Mark the MIPS replay tests as flaky
tests/functional: Mark the MIPS Debian Wheezy tests as flaky
accel/tcg: Introduce and use MO_ALIGN_TLB_ONLY
tcg: Simplify extract2 usage in tcg_gen_shifti_i64
# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmkEou4dHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV/+/gf/XVoIbDCTgwt9hIbU
# azcxXgc+2kKpEK08OHTMA0Vfv06elR+ls5SXJuIV/ZvhM7amjOehs6rU5bX349Yi
# on901/zsa1woED6c3Jhp9FdQ3edFR8T3gvFaLIlhMoTHbe+CDRNHM7iYE5ASIdYx
# F2exgsZoUlcu12x5InttHvanC8lumLMBntlTnBgLZKjmW2tUehlMyAMRga0gyW5j
# EUG4v3frKI6rNMRSK6uE62I3paLvmU4zwlieCiqMtB5gT9+LKg//1Cfn149pLryj
# tuQ3kQfDZ9Lr5/18QtskfiTWnFoFx4xUyOHEQHUcmLpV/hvIBMq17pL+8ftcUdTB
# pjvzhg==
# =S/88
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 31 Oct 2025 12:52:14 PM CET
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate]
* tag 'pull-misc-20251031' of https://gitlab.com/rth7680/qemu:
linux-user: permit sendto() with NULL buf and 0 len
tests/functional: Mark the MIPS Debian Wheezy tests as flaky
tests/functional: Mark the MIPS replay tests as flaky
tcg: Simplify extract2 usage in tcg_gen_shifti_i64
accel/tcg: Introduce and use MO_ALIGN_TLB_ONLY
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Peter Maydell [Tue, 28 Oct 2025 14:20:01 +0000 (14:20 +0000)]
linux-user: permit sendto() with NULL buf and 0 len
If you pass sendto() a NULL buffer, this is usually an error
(causing an EFAULT return); however if you pass a 0 length then
we should not try to validate the buffer provided. Instead we
skip the copying of the user data and possible processing
through fd_trans_target_to_host_data, and call the host syscall
with NULL, 0.
(unlock_user() permits a NULL buffer pointer for "do nothing"
so we don't need to special case the unlock code.)
Cc: qemu-stable@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3102 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20251028142001.3011630-1-peter.maydell@linaro.org>
tests/functional: Mark the MIPS Debian Wheezy tests as flaky
test_malta.py sometimes times out (likely hang) under GitLab CI:
1/57 qemu:func-thorough+func-mips-thorough+thorough / func-mips-malta TIMEOUT 480.11s killed by signal 15 SIGTERM
console.log shows a soft lockup failure:
06:46,426: INIT: version 2.88 booting
06:46,942: [[36minfo[39;49m] Using makefile-style concurrent boot in runlevel S.
06:47,378: findfs: unable to resolve 'UUID=042f1883-e9a5-4801-bb9b-667b5c8e87ea'
06:50,448: [....] Starting the hotplug events dispatcher: udevd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
06:52,269: [....] Synthesizing the initial hotplug events...module e1000: dangerous R_MIPS_LO16 REL relocation
07:17,707: BUG: soft lockup - CPU#0 stuck for 22s! [modprobe:208]
07:17,707: Modules linked in:
07:17,707: Cpu 0
07:17,708: $ 0 : 000000001000a4000000003d87808b00
07:17,708: $ 4 : 87808b0087808bf00000000000000000
07:17,709: $ 8 : 86862100868621008686210086862100
07:17,709: $12 : 86862100000000000000000186862100
07:17,709: $16 : 87808a00868621001000a401c008fa60
07:17,709: $20 : 868621008041d23000000000ffff0000
07:17,710: $24 : 0000000077711470
07:17,710: $28 : 87bb600087bb7df88041d230801f7388
07:17,710: Hi : 00000000
07:17,710: Lo : 00000000
07:17,711: epc : 801f7308 kfree+0x104/0x19c
07:17,711: Not tainted
07:17,711: ra : 801f7388 kfree+0x184/0x19c
07:17,712: Status: 1000a403 KERNEL EXL IE
07:17,712: Cause : 50808000
07:17,712: PrId : 00019300 (MIPS 24Kc)
07:45,707: BUG: soft lockup - CPU#0 stuck for 22s! [modprobe:208]
07:45,707: Modules linked in:
Reported-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20251031094118.28440-3-philmd@linaro.org>
tests/functional: Mark the MIPS replay tests as flaky
MIPS test_replay.py often times out (likely hang) under GitLab CI:
2/21 qemu:func-thorough+func-mips64el-thorough+thorough / func-mips64el-replay TIMEOUT 180.12s killed by signal 15 SIGTERM
The console.log file is empty, and recording.logs only shows:
qemu-system-mips64el: terminating on signal 15 from pid 344
Since this is a long term issue affecting our CI, disable the tests.
Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20251031094118.28440-2-philmd@linaro.org>
For Arm, we need 3 cases: (1) the alignment required when accessing
Normal memory, (2) the alignment required when accessing Device memory,
and (3) the atomicity of the access.
When we added TLB_CHECK_ALIGNED, we assumed that cases 2 and 3 were
identical, and thus used memop_atomicity_bits for TLB_CHECK_ALIGNED.
This is incorrect for multiple reasons, including that the atomicity
of the access is adjusted depending on whether or not we are executing
within a serial context.
For Arm, what is true is that there is an underlying alignment
requirement of the access, and for that access Normal memory
will support unalignement.
Introduce MO_ALIGN_TLB_ONLY to indicate that the alignment
specified in MO_AMASK only applies when the TLB entry has
TLB_CHECK_ALIGNED set; otherwise no alignment required.
Introduce memop_tlb_alignment_bits with an additional bool
argument that specifies whether TLB_CHECK_ALIGNED is set.
All other usage of memop_alignment_bits assumes it is not.
Remove memop_atomicity_bits as unused; it didn't properly
support MO_ATOM_SUBWORD anyway.
Update target/arm finalize_memop_atom to set MO_ALIGN_TLB_ONLY
when strict alignment isn't otherwise required.
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3171 Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Merge tag 'single-binary-20251030' of https://github.com/philmd/qemu into staging
Various patches related to single binary work:
- Make hw/arm/ common by adding a QOM type to machines to
tag in which binary (32 or 64-bit) they can be used.
Convert the Virt and SBSA-Ref machines.
- Build Xen files once
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmkDbS4ACgkQ4+MsLN6t
# wN7LOQ/9HQSArWumcPtJNjfdKyN4BI+evdJuIsJlGnVirZzAShd/aA3emeVoIQXf
# kb1xAJvbL6IryasuFFrWJjLKAdTk8RgTzbDwSS07dEvNE/fVo22OarBfusrO+/fJ
# 6da3j08gwb0EV9m8eUbTwuRBxIF/tnPzZMzyRwx23b4wRb4jnIsshutHX9/hoZBj
# 8cdCJx284EZgj5gLTmk+jEyPEU+miKpnHWqpxSKZCXg7UfzXH34gOo6IBZIzylZs
# kJqcPXaJHF//ISMQQGzl7k1GNyr1fZZBIuCd7zdOIBntWjb45g/7lEKTGFaVrR5Y
# yqaUsNZNj8z3ESA4y42RUPSYAvjwGh+AKafZiHE6K7Oa/WIjeqfr33GHNSMrDYk1
# UDz4o6/VhA/T7VaQjcd/IG9vYsF3jwjhbXQRa1xXKxhuIC0PzEKxpyWo3mAIEfm8
# 7vw90xx4no29WsUpKi6kyplJ/fq9o3h0kWpd6fYlJQsCtwVZFLT9UeBVIQHrfGec
# xkJx/L1OZFzym8Y4bcj0/V4zRJyvyuKK30+bFvu0fKcNR3uijKUjYcQHYg04fSG9
# PgQtCgHxwdbO8vCwHf0WIVtOhqC0aOgtE10jh9HdLG07Ef5K1JBkE90XX27rCOV3
# rAVo/czNnHpx2j0kRGpyRlz9M/eqOVcz4z3TFzKOFPEEumvz1MM=
# =Ncy4
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 30 Oct 2025 02:50:38 PM CET
# gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE
* tag 'single-binary-20251030' of https://github.com/philmd/qemu: (23 commits)
hw/riscv: Replace target_ulong uses
hw/xen: Build only once
hw/xen: Replace target_ulong by agnostic target_long_bits()
hw/xen: Use BITS_PER_BYTE & MAKE_64BIT_MASK() in req_size_bits()
hw/arm/meson: Move Xen files to arm_common_ss[]
hw/arm/virt: Build only once
hw/arm/virt-acpi-build: Build only once
hw/arm/virt-acpi-build: Include missing 'cpu.h' header
hw/arm/sbsa-ref: Build only once
hw/arm/sbsa-ref: Include missing 'cpu.h' header
hw/arm/virt: Get default CPU type at runtime
hw/arm/virt: Replace TARGET_AARCH64 -> target_aarch64()
qemu/target_info: Add target_base_arm() helper
qemu/target_info: Add target_aarch64() helper
qemu/target_info: Add target_arm() helper
hw/arm/virt: Check accelerator availability at runtime
hw/arm/virt: Register valid CPU types dynamically
config/target: Implement per-binary TargetInfo structure (ARM, AARCH64)
meson: Prepare to accept per-binary TargetInfo structure implementation
hw/arm: Filter machine types for qemu-system-arm/aarch64 binaries
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The command is niche and better served by the host audio system.
There is no QMP equivalent, fortunately. You can capture the audio
stream via remote desktop protocols too (dbus, vnc, spice).
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Acked-by: Dr. David Alan Gilbert <dave@treblig.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20251022105753.1474739-1-marcandre.lureau@redhat.com>
Anton Johansson [Mon, 27 Oct 2025 12:35:11 +0000 (13:35 +0100)]
hw/riscv: Replace target_ulong uses
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Anton Johansson <anjo@rev.ng> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20251027-feature-single-binary-hw-v1-v2-2-44478d589ae9@rev.ng> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Now than hw/xen/ files don't use any target-specific code,
we can build all file units once, removing the need for the
xen_specific_ss[] source set.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Message-Id: <20251022140114.72372-4-philmd@linaro.org>
hw/xen: Replace target_ulong by agnostic target_long_bits()
Both are equivalent:
target_long_bits()
sizeof(target_u?long) * BITS_PER_BYTE
Prefer the former which is target-agnostic.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Message-Id: <20251022140114.72372-3-philmd@linaro.org>
hw/xen: Use BITS_PER_BYTE & MAKE_64BIT_MASK() in req_size_bits()
Replace magic 8 by BITS_PER_BYTE, use MAKE_64BIT_MASK()
instead of open coding it.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Message-Id: <20251022140114.72372-2-philmd@linaro.org>
Prefer MachineClass::get_default_cpu_type() over
MachineClass::default_cpu_type to get CPU type,
evaluating TCG availability at runtime calling
tcg_enabled().
hw/arm/virt: Check accelerator availability at runtime
It is not possible to call accelerator runtime helpers
when QOM types are registered, because they depend on
the parsing of the '-accel FOO' command line option,
which happens after main().
Now than get_valid_cpu_types() is called after
accelerator initializations, it is safe to call the
accelerator helpers:
Replace the static array returned as MachineClass::valid_cpu_types[]
by a runtime one generated by MachineClass::get_valid_cpu_types()
once the machine is created (its options being processed).
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Acked-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20251021211135.61179-1-philmd@linaro.org>
hw/arm: Filter machine types for qemu-system-arm/aarch64 binaries
Register machines to be able to run with the qemu-system-arm
and qemu-system-aarch64 binaries, except few machines which
are only available on the qemu-system-aarch64 binary:
qga: Support guest shutdown of BusyBox-based systems
On POSIX systems, the QEMU Guest Agent uses /sbin/shutdown to implement
the command guest-shutdown. Systems based on BusyBox, such as Alpine
Linux, don't have /sbin/shutdown. They have instead three separate
commands: poweroff, reboot, and halt.
Change the QEMU Guest Agent to, depending on the mode argument, use
/sbin/{poweroff,halt,reboot} when they exist, falling back to
/sbin/shutdown when they don't.
qga: Improve Windows filesystem space info retrieval logic
Previously, disk space reporting only worked for volumes with drive letters,
skipping those without (e.g. System Reserved).
This change always calls GetDiskFreeSpaceEx with fs->name, which is a
volume GUID path. Windows APIs accept both drive letters (e.g. "C:\")
and volume GUIDs (e.g. "\\?\Volume{GUID}\") as valid lpDirectoryName
parameters, so space reporting is now consistent across all volumes.
With the current wording, users might think that the -F option is not
required as long as the script is placed in the default path. Be clear
that the option is always required. Also includes some minor language
improvements in the rest of the comment.
Catch and return from error early to avoid indentations and ease the
flow & return a bool for success value. All driver init() calls have
been checked to set errp on error.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
QOM brings some conveniences for introspection, type checking, reference
counting, interfaces etc. This is only the first step to introduce QOM
in audio/ (I have more in the pipeline)
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
For consistency, use only qdev_device_add() to instantiate the devices.
We can't rely on automatic bus lookup for the "hda-duplex" device though
as it may end up on a different "intel-hda" bus...
This allows to make init() callback bus-agnostic next.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Merge tag 'pull-10.2-maintainer-291025-1' of https://gitlab.com/stsquad/qemu into staging
maintainer updates for 10.2
- clean-up remaining 32 bit armhf bits in ci
- rationalise build-environment.yml for Debian and Ubuntu
- generate a Debian ppc64 package list
- rationalise gitlab-runner.yml for Debian and Ubuntu
- new TCG plugin feature to track discontinuities
- add missing CFI annotation to plugin callbacks
- drop SBSA_REF from minimal Arm build
- format string fix for gdbstub syscall response
- simplify the gdbstub flen handling for semihosting
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmkCInQACgkQ+9DbCVqe
# KkSZRwf/ReHIqQMxf8TqthskX8PLGUvsvWMkJptpu0Yc4HyU6DSjdPbU4L0tOmLU
# ss2sb+dZncp1iRxHpqOhPJ+a987RHHzFbz2GQ/nV37D7BTwtq0iID4SxmdfiYOAm
# VVm/WQ0HMjIYY84rzfE6U/3H+FgL+GaPbB0WYa5CtKpMOHMl4gJgoSsxljXQrmYe
# BCC+Z9loVUAnKVVM5BUMP/0Agfn0CUZlUHGEn6RvmNg81dJ5DWCfO9yW1EezLZmc
# PhS/txAWrpTqktPxN4h+um8ILvej5FF8nnNCsxodxD1XZImWsxawxcQAcgQQJGWu
# dFLBMre7QSM1ddIOgdyZt+zuDcpUiA==
# =QEqf
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 29 Oct 2025 03:19:32 PM CET
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
Merge tag 'edgar/xilinx-queue-2025-10-29.for-upstream' of https://gitlab.com/edgar.iglesias/qemu into staging
Xilinx queue
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEErET+3BT38evtv0FRKcWWeA9ryoMFAmkCDzgACgkQKcWWeA9r
# yoMxwAf/YRf8aNwn8+4MRAn5vuNI/Hyh75/Mu5m007fqU/gLEZxxzJQ0Jxrc5Oot
# tNqGBGnVsRmH7i7Kkn+Ch4GOozIEJkXmqeQ3brmCg1VvSgi2vtqvS9F3SK8U3I6j
# pavSC04KOtu33jlN63ObU+aAD/o5gLVwl2wAk+w0SWnnN4IhvPOilO7+ZeF5Lueh
# GH57sh9DRnMYJl4mOj5z5NDsgZhdnmjpvAkvWBI9cQ7uwhGXLk0lCu0+lJ25tr3T
# NAg6N4S94rCm0eaMKL79BHPuG59G3A5G8SOjn6pXkT2aYaaeHpqu2DcuFJsSsVxV
# 4CTignh5SVwICueFF4Z3RF5iZGHIDw==
# =ua+I
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 29 Oct 2025 01:57:28 PM CET
# gpg: using RSA key AC44FEDC14F7F1EBEDBF415129C596780F6BCA83
# gpg: Good signature from "Edgar E. Iglesias (Xilinx key) <edgar.iglesias@xilinx.com>" [unknown]
# gpg: aka "Edgar E. Iglesias <edgar.iglesias@gmail.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: AC44 FEDC 14F7 F1EB EDBF 4151 29C5 9678 0F6B CA83
* tag 'edgar/xilinx-queue-2025-10-29.for-upstream' of https://gitlab.com/edgar.iglesias/qemu:
target/microblaze: Handle signed division overflows
target/microblaze: div: Break out raise_divzero()
target/microblaze: Remove unused arg from check_divz()
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Merge tag 'for-upstream' of https://repo.or.cz/qemu/kevin into staging
Block layer patches
- Expose block limits in monitor and qemu-img info
- Resize: Refresh filter node size when its child was resized
- Support configuring stats-intervals in -device (instead of only -drive)
- luks: Fix QMP x-blockdev-amend crash and image creation with detached-header
- iotests: Several test case fixes
- Code cleanups
# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCgAvFiEE3D3rFZqa+V09dFb+fwmycsiPL9YFAmkCAkIRHGt3b2xmQHJl
# ZGhhdC5jb20ACgkQfwmycsiPL9a3bA/+MMS9ocOyEiE4u66XbhQ4KgqxECtD/uzg
# 3lYQJbfVpphizq0QQn1pAno9rpjdWnkwPv9TasAEM/9R/wz/ygjmXM9GyQDvNLoB
# t6dTyWKpsi4lVB7FNPBNQvyz7mHqWQULrhI/mNGLsbiss32SMiE08amjOzSrFSZJ
# zn8TsEzDB218Bv8OBH/eI1mMvZ2gG6+yzPf7znA5nSOtJkG1kGLPInZuRgeN7e7W
# DUl5EeiP3sGZh4pF/IyRc8BNMsvPR7Lk31PrPEXAz+7g0y8dfPukrcR0nY6nwekT
# omPhbIBfDOEKpYdBxheOdh9TkT40Fo2Oc7DIhzY4at3O02BKy60kJSZaqoWj+80L
# A3yJ1K7wgiwqzOw0VaHU56Y5awnD5cculciwHxrfc6OHnG9cotvCSxsU2qr/UMd2
# N/cPhUDKfWcilVoRNy+yYiubQsp2s4amF2uGDn/QjjZx0c3dgfXc9BCNmu9nbAMr
# UsmzZBH9GCpaTajVIsX8RdnaovMTxGr4UFyuSQ2jWYWp3k2BR89jkBpXReGGOYr6
# SuEOOnx/E1duTZUPq1gdSkQm9uGxxq5FSGIWR+rWMdFkZS09HStmq5hcY+Zx0pSg
# JzDaLgPATV65y0VswFVUj6NemmNU983DwKPACwVCpemeBETtVuoU/CydzEPPwiL6
# Kl5ISmjZz3I=
# =v2BI
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 29 Oct 2025 01:02:10 PM CET
# gpg: using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6
# gpg: issuer "kwolf@redhat.com"
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6
* tag 'for-upstream' of https://repo.or.cz/qemu/kevin:
qemu-img info: Add cache mode option
qemu-img info: Optionally show block limits
block: Expose block limits for images in QMP
block: Improve comments in BlockLimits
iotests: add test for resizing a 'file' node below a 'raw' node
iotests: add test for resizing a node below filters
block: implement 'resize' callback for child_of_bds class
block: make bdrv_co_parent_cb_resize() a proper IO API function
include/block/block_int-common: document when resize callback is used
MAINTAINERS: Mark VHDX block driver as "Odd Fixes"
block: enable stats-intervals for storage devices
iotests: Adjust fuse-allow-other expected output
iotests: Adjust nbd expected outputs to match current behavior
block/curl.c: Fix CURLOPT_VERBOSE parameter type
block/monitor: Use hmp_handle_error to report error
block: fix luks 'amend' when run in coroutine
block: remove 'detached-header' option from opts after use
tests/qemu-iotests: Mark the 'inactive-node-nbd' as unsupported with -luks
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Yoges Vyas [Sun, 26 Oct 2025 07:48:52 +0000 (13:18 +0530)]
ppc/spapr: Cleanup MSI IRQ number handling
Now that spapr_irq_nr_msis() returns a constant value,
lets replace it with a macro.
Ref: https://lore.kernel.org/qemu-devel/bf149815-9782-4964-953d-73658b1043c9@linux.ibm.com/
Thomas Huth [Fri, 24 Oct 2025 06:57:26 +0000 (08:57 +0200)]
target/ppc: Remove the unusable e200 CPUs
There is currently no machine in QEMU (except the "none" machine)
that can be run with with one of the e200 ppc CPUs - all machines
either complain about an invalid CPU type or crash QEMU immediately.
Looking at the history of this CPU type, it seems like it has never
been used in QEMU and only implemented as a placeholder (see e.g. the
comment about unimplemented instructions in the POWERPC_FAMILY(e200)
section of cpu_init.c). Being completely unused and unusable since
such a long time, let's just remove it now (without deprecation phase,
since there were no users of this dead code anyway).
Note: The init_excp_e200() is used by the e500 CPUs, too, so we
rename this function to init_excp_e500() instead of removing it.
Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com> Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Harsh Prateek Bora <harshpb@linux.ibm.com> Link: https://lore.kernel.org/r/20251024065726.738005-3-thuth@redhat.com
Message-ID: <20251024065726.738005-3-thuth@redhat.com>
Thomas Huth [Fri, 24 Oct 2025 06:57:25 +0000 (08:57 +0200)]
target/ppc/cpu_init: Simplify the setup of the TLBxCFG SPR registers
The next commit is going to remove init_proc_e200(), which is one of
the two calling sites of register_BookE206_sprs(). This causes recent
versions of GCC to inline the register_BookE206_sprs() function into
the other only remaining calling site, init_proc_e500(), which in
turn causes some false-positives compiler warnings:
In file included from ../../devel/qemu/target/ppc/cpu_init.c:46:
In function ‘register_BookE206_sprs’,
inlined from ‘init_proc_e500’ at ../../devel/qemu/target/ppc/cpu_init.c:2910:5:
../../devel/qemu/target/ppc/cpu_init.c:897:29: error:
array subscript 3 is outside array bounds of ‘uint32_t[2]’ {aka ‘unsigned int[2]’}
[-Werror=array-bounds=]
897 | tlbncfg[3]);
| ~~~~~~~^~~
../../devel/qemu/target/ppc/spr_common.h:61:39: note: in definition of macro ‘spr_register_kvm_hv’
61 | KVM_ARG(one_reg_id) initial_value)
| ^~~~~~~~~~~~~
../../devel/qemu/target/ppc/spr_common.h:77:5: note: in expansion of macro ‘spr_register_kvm’
77 | spr_register_kvm(env, num, name, uea_read, uea_write, \
| ^~~~~~~~~~~~~~~~
../../devel/qemu/target/ppc/cpu_init.c:894:9: note: in expansion of macro ‘spr_register’
894 | spr_register(env, SPR_BOOKE_TLB3CFG, "TLB3CFG",
| ^~~~~~~~~~~~
../../devel/qemu/target/ppc/cpu_init.c: In function ‘init_proc_e500’:
../../devel/qemu/target/ppc/cpu_init.c:2809:14: note: at offset 12 into object ‘tlbncfg’ of size 8
2809 | uint32_t tlbncfg[2];
| ^~~~~~~
cc1: all warnings being treated as errors
init_proc_e500() only defines "uint32_t tlbncfg[2];", but it is OK since
it also sets "env->nb_ways = 2", so the code that GCC warns about in
register_BookE206_sprs() is never reached. Unfortunately, GCC is not smart
enough to see this, so it emits these warnings.
To fix it, let's simplify the code in register_BookE206_sprs() a little
bit to set up the SPRs in a loop, so we don't reference the tlbncfg[3]
entry directly anymore.
BALATON Zoltan [Tue, 28 Oct 2025 15:19:23 +0000 (16:19 +0100)]
hw/ppc/sam460ex: Update u-boot-sam460ex
Update the sam460ex firmware to match 2015.c version from the machine
vendor which fixes USB devices and some other bugs. Also cherry pick
some commits from upstream U-Boot that moves licenses in a subdir and
allows gitlab to correctly detect and show license information. Drop
version number from the binary name to avoid needing to change it in
case of future updates.
projects / thirdparty / qemu.git / log
