diff --git a/SOURCES/kvm-address_space_access_valid-address_space_to_flatview.patch b/SOURCES/kvm-address_space_access_valid-address_space_to_flatview.patch new file mode 100644 index 0000000..27e2d2f --- /dev/null +++ b/SOURCES/kvm-address_space_access_valid-address_space_to_flatview.patch @@ -0,0 +1,77 @@ +From 026e3aa58780db72c38618e576f4c6029e3b029a Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Thu, 8 Mar 2018 15:58:17 +0100 +Subject: [PATCH 04/17] address_space_access_valid: address_space_to_flatview + needs RCU lock + +RH-Author: Paolo Bonzini +Message-id: <20180308155819.20598-5-pbonzini@redhat.com> +Patchwork-id: 79195 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 4/6] address_space_access_valid: address_space_to_flatview needs RCU lock +Bugzilla: 1554930 +RH-Acked-by: Cornelia Huck +RH-Acked-by: Thomas Huth +RH-Acked-by: Laurent Vivier + +address_space_access_valid is calling address_space_to_flatview but it can +be called outside the RCU lock. To fix it, push the rcu_read_lock/unlock +pair up from flatview_access_valid to address_space_access_valid. + +Reviewed-by: Alexey Kardashevskiy +Signed-off-by: Paolo Bonzini +(cherry pick from commit 11e732a5ed46903f997985bed4c3767ca28a7eb6) + +[squashed fix for rcu_read_unlock() that should have been removed, + for which I'll send a pull request upstream tomorrow] + +Signed-off-by: Miroslav Rezanina +--- + exec.c | 13 ++++++++----- + 1 file changed, 8 insertions(+), 5 deletions(-) + +diff --git a/exec.c b/exec.c +index 43c66da..431b85b 100644 +--- a/exec.c ++++ b/exec.c +@@ -3259,14 +3259,12 @@ static bool flatview_access_valid(FlatView *fv, hwaddr addr, int len, + MemoryRegion *mr; + hwaddr l, xlat; + +- rcu_read_lock(); + while (len > 0) { + l = len; + mr = flatview_translate(fv, addr, &xlat, &l, is_write); + if (!memory_access_is_direct(mr, is_write)) { + l = memory_access_size(mr, l, addr); + if (!memory_region_access_valid(mr, xlat, l, is_write)) { +- rcu_read_unlock(); + return false; + } + } +@@ -3274,15 +3272,20 @@ static bool flatview_access_valid(FlatView *fv, hwaddr addr, int len, + len -= l; + addr += l; + } +- rcu_read_unlock(); + return true; + } + + bool address_space_access_valid(AddressSpace *as, hwaddr addr, + int len, bool is_write) + { +- return flatview_access_valid(address_space_to_flatview(as), +- addr, len, is_write); ++ FlatView *fv; ++ bool result; ++ ++ rcu_read_lock(); ++ fv = address_space_to_flatview(as); ++ result = flatview_access_valid(fv, addr, len, is_write); ++ rcu_read_unlock(); ++ return result; + } + + static hwaddr +-- +1.8.3.1 + diff --git a/SOURCES/kvm-address_space_map-address_space_to_flatview-needs-RC.patch b/SOURCES/kvm-address_space_map-address_space_to_flatview-needs-RC.patch new file mode 100644 index 0000000..4d6191f --- /dev/null +++ b/SOURCES/kvm-address_space_map-address_space_to_flatview-needs-RC.patch @@ -0,0 +1,53 @@ +From 622dc83554563b3d6c74ee7936dbc08bfa6bfa1a Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Thu, 8 Mar 2018 15:58:18 +0100 +Subject: [PATCH 05/17] address_space_map: address_space_to_flatview needs RCU + lock + +RH-Author: Paolo Bonzini +Message-id: <20180308155819.20598-6-pbonzini@redhat.com> +Patchwork-id: 79196 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 5/6] address_space_map: address_space_to_flatview needs RCU lock +Bugzilla: 1554930 +RH-Acked-by: Cornelia Huck +RH-Acked-by: Thomas Huth +RH-Acked-by: Laurent Vivier + +address_space_map is calling address_space_to_flatview but it can +be called outside the RCU lock. The function itself is calling +rcu_read_lock/rcu_read_unlock, just in the wrong place, so the +fix is easy. + +Reviewed-by: Alexey Kardashevskiy +Signed-off-by: Paolo Bonzini +(cherry pick from commit ad0c60fa572d4050255b698ecdb67294dd4c0125) + +Signed-off-by: Miroslav Rezanina +--- + exec.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/exec.c b/exec.c +index 431b85b..58ad24b 100644 +--- a/exec.c ++++ b/exec.c +@@ -3331,7 +3331,7 @@ void *address_space_map(AddressSpace *as, + hwaddr l, xlat; + MemoryRegion *mr; + void *ptr; +- FlatView *fv = address_space_to_flatview(as); ++ FlatView *fv; + + if (len == 0) { + return NULL; +@@ -3339,6 +3339,7 @@ void *address_space_map(AddressSpace *as, + + l = len; + rcu_read_lock(); ++ fv = address_space_to_flatview(as); + mr = flatview_translate(fv, addr, &xlat, &l, is_write); + + if (!memory_access_is_direct(mr, is_write)) { +-- +1.8.3.1 + diff --git a/SOURCES/kvm-address_space_read-address_space_to_flatview-needs-R.patch b/SOURCES/kvm-address_space_read-address_space_to_flatview-needs-R.patch new file mode 100644 index 0000000..35558e0 --- /dev/null +++ b/SOURCES/kvm-address_space_read-address_space_to_flatview-needs-R.patch @@ -0,0 +1,173 @@ +From e85fa0f42359527628b5b2243c514acc9670871a Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Thu, 8 Mar 2018 15:58:16 +0100 +Subject: [PATCH 03/17] address_space_read: address_space_to_flatview needs RCU + lock + +RH-Author: Paolo Bonzini +Message-id: <20180308155819.20598-4-pbonzini@redhat.com> +Patchwork-id: 79190 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 3/6] address_space_read: address_space_to_flatview needs RCU lock +Bugzilla: 1554930 +RH-Acked-by: Cornelia Huck +RH-Acked-by: Thomas Huth +RH-Acked-by: Laurent Vivier + +address_space_read is calling address_space_to_flatview but it can +be called outside the RCU lock. To fix it, push the rcu_read_lock/unlock +pair up from flatview_read_full to address_space_read's constant size +fast path and address_space_read_full. + +Reviewed-by: Alexey Kardashevskiy +Signed-off-by: Paolo Bonzini +(cherry pick from commit b2a44fcad74f1cc7a6786d38eba7db12ab2352ba) + +Signed-off-by: Miroslav Rezanina +--- + exec.c | 38 +++++++++++++++++++++++++------------- + include/exec/memory.h | 23 +++++++++-------------- + 2 files changed, 34 insertions(+), 27 deletions(-) + +diff --git a/exec.c b/exec.c +index 8b50133..43c66da 100644 +--- a/exec.c ++++ b/exec.c +@@ -2512,6 +2512,8 @@ static const MemoryRegionOps watch_mem_ops = { + .endianness = DEVICE_NATIVE_ENDIAN, + }; + ++static MemTxResult flatview_read(FlatView *fv, hwaddr addr, ++ MemTxAttrs attrs, uint8_t *buf, int len); + static MemTxResult flatview_write(FlatView *fv, hwaddr addr, MemTxAttrs attrs, + const uint8_t *buf, int len); + static bool flatview_access_valid(FlatView *fv, hwaddr addr, int len, +@@ -3029,24 +3031,18 @@ MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr, + return result; + } + +-MemTxResult flatview_read_full(FlatView *fv, hwaddr addr, +- MemTxAttrs attrs, uint8_t *buf, int len) ++/* Called from RCU critical section. */ ++static MemTxResult flatview_read(FlatView *fv, hwaddr addr, ++ MemTxAttrs attrs, uint8_t *buf, int len) + { + hwaddr l; + hwaddr addr1; + MemoryRegion *mr; +- MemTxResult result = MEMTX_OK; +- +- if (len > 0) { +- rcu_read_lock(); +- l = len; +- mr = flatview_translate(fv, addr, &addr1, &l, false); +- result = flatview_read_continue(fv, addr, attrs, buf, len, +- addr1, l, mr); +- rcu_read_unlock(); +- } + +- return result; ++ l = len; ++ mr = flatview_translate(fv, addr, &addr1, &l, false); ++ return flatview_read_continue(fv, addr, attrs, buf, len, ++ addr1, l, mr); + } + + static MemTxResult flatview_rw(FlatView *fv, hwaddr addr, MemTxAttrs attrs, +@@ -3067,6 +3063,22 @@ MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, + addr, attrs, buf, len, is_write); + } + ++MemTxResult address_space_read_full(AddressSpace *as, hwaddr addr, ++ MemTxAttrs attrs, uint8_t *buf, int len) ++{ ++ MemTxResult result = MEMTX_OK; ++ FlatView *fv; ++ ++ if (len > 0) { ++ rcu_read_lock(); ++ fv = address_space_to_flatview(as); ++ result = flatview_read(fv, addr, attrs, buf, len); ++ rcu_read_unlock(); ++ } ++ ++ return result; ++} ++ + MemTxResult address_space_write(AddressSpace *as, hwaddr addr, + MemTxAttrs attrs, + const uint8_t *buf, int len) +diff --git a/include/exec/memory.h b/include/exec/memory.h +index 3df0dcc..a66b6ef 100644 +--- a/include/exec/memory.h ++++ b/include/exec/memory.h +@@ -1917,13 +1917,12 @@ void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len, + + + /* Internal functions, part of the implementation of address_space_read. */ ++MemTxResult address_space_read_full(AddressSpace *as, hwaddr addr, ++ MemTxAttrs attrs, uint8_t *buf, int len); + MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr, + MemTxAttrs attrs, uint8_t *buf, + int len, hwaddr addr1, hwaddr l, + MemoryRegion *mr); +- +-MemTxResult flatview_read_full(FlatView *fv, hwaddr addr, +- MemTxAttrs attrs, uint8_t *buf, int len); + void *qemu_map_ram_ptr(RAMBlock *ram_block, ram_addr_t addr); + + static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write) +@@ -1942,7 +1941,7 @@ static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write) + * + * Return a MemTxResult indicating whether the operation succeeded + * or failed (eg unassigned memory, device rejected the transaction, +- * IOMMU fault). ++ * IOMMU fault). Called within RCU critical section. + * + * @as: #AddressSpace to be accessed + * @addr: address within that address space +@@ -1950,17 +1949,20 @@ static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write) + * @buf: buffer with the data transferred + */ + static inline __attribute__((__always_inline__)) +-MemTxResult flatview_read(FlatView *fv, hwaddr addr, MemTxAttrs attrs, +- uint8_t *buf, int len) ++MemTxResult address_space_read(AddressSpace *as, hwaddr addr, ++ MemTxAttrs attrs, uint8_t *buf, ++ int len) + { + MemTxResult result = MEMTX_OK; + hwaddr l, addr1; + void *ptr; + MemoryRegion *mr; ++ FlatView *fv; + + if (__builtin_constant_p(len)) { + if (len) { + rcu_read_lock(); ++ fv = address_space_to_flatview(as); + l = len; + mr = flatview_translate(fv, addr, &addr1, &l, false); + if (len == l && memory_access_is_direct(mr, false)) { +@@ -1973,18 +1975,11 @@ MemTxResult flatview_read(FlatView *fv, hwaddr addr, MemTxAttrs attrs, + rcu_read_unlock(); + } + } else { +- result = flatview_read_full(fv, addr, attrs, buf, len); ++ result = address_space_read_full(as, addr, attrs, buf, len); + } + return result; + } + +-static inline MemTxResult address_space_read(AddressSpace *as, hwaddr addr, +- MemTxAttrs attrs, uint8_t *buf, +- int len) +-{ +- return flatview_read(address_space_to_flatview(as), addr, attrs, buf, len); +-} +- + /** + * address_space_read_cached: read from a cached RAM region + * +-- +1.8.3.1 + diff --git a/SOURCES/kvm-address_space_rw-address_space_to_flatview-needs-RCU.patch b/SOURCES/kvm-address_space_rw-address_space_to_flatview-needs-RCU.patch new file mode 100644 index 0000000..2225610 --- /dev/null +++ b/SOURCES/kvm-address_space_rw-address_space_to_flatview-needs-RCU.patch @@ -0,0 +1,77 @@ +From ca87b042011f83f8851f0f76b3599d627d61463d Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Thu, 8 Mar 2018 15:58:19 +0100 +Subject: [PATCH 06/17] address_space_rw: address_space_to_flatview needs RCU + lock + +RH-Author: Paolo Bonzini +Message-id: <20180308155819.20598-7-pbonzini@redhat.com> +Patchwork-id: 79192 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 6/6] address_space_rw: address_space_to_flatview needs RCU lock +Bugzilla: 1554930 +RH-Acked-by: Cornelia Huck +RH-Acked-by: Thomas Huth +RH-Acked-by: Laurent Vivier + +address_space_rw is calling address_space_to_flatview but it can +be called outside the RCU lock. To fix it, transform flatview_rw +into address_space_rw, since flatview_rw is otherwise unused. + +Reviewed-by: Alexey Kardashevskiy +Signed-off-by: Paolo Bonzini +(cherry pick from commit db84fd973eba3f1e121416dcab73a4e8a60f2526) + +Signed-off-by: Miroslav Rezanina +--- + exec.c | 28 ++++++++++------------------ + 1 file changed, 10 insertions(+), 18 deletions(-) + +diff --git a/exec.c b/exec.c +index 58ad24b..12ec761 100644 +--- a/exec.c ++++ b/exec.c +@@ -3045,24 +3045,6 @@ static MemTxResult flatview_read(FlatView *fv, hwaddr addr, + addr1, l, mr); + } + +-static MemTxResult flatview_rw(FlatView *fv, hwaddr addr, MemTxAttrs attrs, +- uint8_t *buf, int len, bool is_write) +-{ +- if (is_write) { +- return flatview_write(fv, addr, attrs, (uint8_t *)buf, len); +- } else { +- return flatview_read(fv, addr, attrs, (uint8_t *)buf, len); +- } +-} +- +-MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, +- MemTxAttrs attrs, uint8_t *buf, +- int len, bool is_write) +-{ +- return flatview_rw(address_space_to_flatview(as), +- addr, attrs, buf, len, is_write); +-} +- + MemTxResult address_space_read_full(AddressSpace *as, hwaddr addr, + MemTxAttrs attrs, uint8_t *buf, int len) + { +@@ -3096,6 +3078,16 @@ MemTxResult address_space_write(AddressSpace *as, hwaddr addr, + return result; + } + ++MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, ++ uint8_t *buf, int len, bool is_write) ++{ ++ if (is_write) { ++ return address_space_write(as, addr, attrs, buf, len); ++ } else { ++ return address_space_read_full(as, addr, attrs, buf, len); ++ } ++} ++ + void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf, + int len, int is_write) + { +-- +1.8.3.1 + diff --git a/SOURCES/kvm-address_space_write-address_space_to_flatview-needs-.patch b/SOURCES/kvm-address_space_write-address_space_to_flatview-needs-.patch new file mode 100644 index 0000000..6028b19 --- /dev/null +++ b/SOURCES/kvm-address_space_write-address_space_to_flatview-needs-.patch @@ -0,0 +1,97 @@ +From 2f3881255e6a50d9821f390972b07c1e9d9de626 Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Thu, 8 Mar 2018 15:58:15 +0100 +Subject: [PATCH 02/17] address_space_write: address_space_to_flatview needs + RCU lock + +RH-Author: Paolo Bonzini +Message-id: <20180308155819.20598-3-pbonzini@redhat.com> +Patchwork-id: 79191 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 2/6] address_space_write: address_space_to_flatview needs RCU lock +Bugzilla: 1554930 +RH-Acked-by: Cornelia Huck +RH-Acked-by: Thomas Huth +RH-Acked-by: Laurent Vivier + +address_space_write is calling address_space_to_flatview but it can +be called outside the RCU lock. To fix it, push the rcu_read_lock/unlock +pair up from flatview_write to address_space_write. + +Reviewed-by: Alexey Kardashevskiy +Signed-off-by: Paolo Bonzini +(cherry pick from commit 4c6ebbb364aa6f42c5d8e83e932e967eb83f0e44) + +Signed-off-by: Miroslav Rezanina +--- + exec.c | 37 ++++++++++++++++++++++--------------- + 1 file changed, 22 insertions(+), 15 deletions(-) + +diff --git a/exec.c b/exec.c +index 5a12e55..8b50133 100644 +--- a/exec.c ++++ b/exec.c +@@ -2942,6 +2942,7 @@ static MemTxResult flatview_write_continue(FlatView *fv, hwaddr addr, + return result; + } + ++/* Called from RCU critical section. */ + static MemTxResult flatview_write(FlatView *fv, hwaddr addr, MemTxAttrs attrs, + const uint8_t *buf, int len) + { +@@ -2950,25 +2951,14 @@ static MemTxResult flatview_write(FlatView *fv, hwaddr addr, MemTxAttrs attrs, + MemoryRegion *mr; + MemTxResult result = MEMTX_OK; + +- if (len > 0) { +- rcu_read_lock(); +- l = len; +- mr = flatview_translate(fv, addr, &addr1, &l, true); +- result = flatview_write_continue(fv, addr, attrs, buf, len, +- addr1, l, mr); +- rcu_read_unlock(); +- } ++ l = len; ++ mr = flatview_translate(fv, addr, &addr1, &l, true); ++ result = flatview_write_continue(fv, addr, attrs, buf, len, ++ addr1, l, mr); + + return result; + } + +-MemTxResult address_space_write(AddressSpace *as, hwaddr addr, +- MemTxAttrs attrs, +- const uint8_t *buf, int len) +-{ +- return flatview_write(address_space_to_flatview(as), addr, attrs, buf, len); +-} +- + /* Called within RCU critical section. */ + MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr, + MemTxAttrs attrs, uint8_t *buf, +@@ -3077,6 +3067,23 @@ MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, + addr, attrs, buf, len, is_write); + } + ++MemTxResult address_space_write(AddressSpace *as, hwaddr addr, ++ MemTxAttrs attrs, ++ const uint8_t *buf, int len) ++{ ++ MemTxResult result = MEMTX_OK; ++ FlatView *fv; ++ ++ if (len > 0) { ++ rcu_read_lock(); ++ fv = address_space_to_flatview(as); ++ result = flatview_write(fv, addr, attrs, buf, len); ++ rcu_read_unlock(); ++ } ++ ++ return result; ++} ++ + void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf, + int len, int is_write) + { +-- +1.8.3.1 + diff --git a/SOURCES/kvm-memory-inline-some-performance-sensitive-accessors.patch b/SOURCES/kvm-memory-inline-some-performance-sensitive-accessors.patch new file mode 100644 index 0000000..eeff6ac --- /dev/null +++ b/SOURCES/kvm-memory-inline-some-performance-sensitive-accessors.patch @@ -0,0 +1,152 @@ +From 30484611dd815207d249e2034b976ac05753487d Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Thu, 8 Mar 2018 15:58:14 +0100 +Subject: [PATCH 01/17] memory: inline some performance-sensitive accessors + +RH-Author: Paolo Bonzini +Message-id: <20180308155819.20598-2-pbonzini@redhat.com> +Patchwork-id: 79193 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 1/6] memory: inline some performance-sensitive accessors +Bugzilla: 1554930 +RH-Acked-by: Cornelia Huck +RH-Acked-by: Thomas Huth +RH-Acked-by: Laurent Vivier + +These accessors are called from inlined functions, and the call sequence +is much more expensive than just inlining the access. Move the +struct declaration to memory-internal.h so that exec.c and memory.c +can both use an inline function. + +Reviewed-by: Alexey Kardashevskiy +Signed-off-by: Paolo Bonzini +(cherry pick from commit 785a507ec78bbda1c346f3d3593e5a58b62e73ef) + +Signed-off-by: Miroslav Rezanina +--- + include/exec/memory-internal.h | 13 +++++++++---- + include/exec/memory.h | 22 +++++++++++++++++++++- + memory.c | 30 ------------------------------ + 3 files changed, 30 insertions(+), 35 deletions(-) + +diff --git a/include/exec/memory-internal.h b/include/exec/memory-internal.h +index 647e9bd..fca523f 100644 +--- a/include/exec/memory-internal.h ++++ b/include/exec/memory-internal.h +@@ -20,7 +20,15 @@ + #define MEMORY_INTERNAL_H + + #ifndef CONFIG_USER_ONLY +-typedef struct AddressSpaceDispatch AddressSpaceDispatch; ++static inline AddressSpaceDispatch *flatview_to_dispatch(FlatView *fv) ++{ ++ return fv->dispatch; ++} ++ ++static inline AddressSpaceDispatch *address_space_to_dispatch(AddressSpace *as) ++{ ++ return flatview_to_dispatch(address_space_to_flatview(as)); ++} + + extern const MemoryRegionOps unassigned_mem_ops; + +@@ -30,9 +38,6 @@ bool memory_region_access_valid(MemoryRegion *mr, hwaddr addr, + void flatview_add_to_dispatch(FlatView *fv, MemoryRegionSection *section); + AddressSpaceDispatch *address_space_dispatch_new(FlatView *fv); + void address_space_dispatch_compact(AddressSpaceDispatch *d); +- +-AddressSpaceDispatch *address_space_to_dispatch(AddressSpace *as); +-AddressSpaceDispatch *flatview_to_dispatch(FlatView *fv); + void address_space_dispatch_free(AddressSpaceDispatch *d); + + void mtree_print_dispatch(fprintf_function mon, void *f, +diff --git a/include/exec/memory.h b/include/exec/memory.h +index b100df6..3df0dcc 100644 +--- a/include/exec/memory.h ++++ b/include/exec/memory.h +@@ -328,7 +328,27 @@ struct AddressSpace { + QTAILQ_ENTRY(AddressSpace) address_spaces_link; + }; + +-FlatView *address_space_to_flatview(AddressSpace *as); ++typedef struct AddressSpaceDispatch AddressSpaceDispatch; ++typedef struct FlatRange FlatRange; ++ ++/* Flattened global view of current active memory hierarchy. Kept in sorted ++ * order. ++ */ ++struct FlatView { ++ struct rcu_head rcu; ++ unsigned ref; ++ FlatRange *ranges; ++ unsigned nr; ++ unsigned nr_allocated; ++ struct AddressSpaceDispatch *dispatch; ++ MemoryRegion *root; ++}; ++ ++static inline FlatView *address_space_to_flatview(AddressSpace *as) ++{ ++ return atomic_rcu_read(&as->current_map); ++} ++ + + /** + * MemoryRegionSection: describes a fragment of a #MemoryRegion +diff --git a/memory.c b/memory.c +index a1f1e68..5a91b9b 100644 +--- a/memory.c ++++ b/memory.c +@@ -210,8 +210,6 @@ static bool memory_region_ioeventfd_equal(MemoryRegionIoeventfd a, + && !memory_region_ioeventfd_before(b, a); + } + +-typedef struct FlatRange FlatRange; +- + /* Range of memory in the global map. Addresses are absolute. */ + struct FlatRange { + MemoryRegion *mr; +@@ -222,19 +220,6 @@ struct FlatRange { + bool readonly; + }; + +-/* Flattened global view of current active memory hierarchy. Kept in sorted +- * order. +- */ +-struct FlatView { +- struct rcu_head rcu; +- unsigned ref; +- FlatRange *ranges; +- unsigned nr; +- unsigned nr_allocated; +- struct AddressSpaceDispatch *dispatch; +- MemoryRegion *root; +-}; +- + typedef struct AddressSpaceOps AddressSpaceOps; + + #define FOR_EACH_FLAT_RANGE(var, view) \ +@@ -322,21 +307,6 @@ static void flatview_unref(FlatView *view) + } + } + +-FlatView *address_space_to_flatview(AddressSpace *as) +-{ +- return atomic_rcu_read(&as->current_map); +-} +- +-AddressSpaceDispatch *flatview_to_dispatch(FlatView *fv) +-{ +- return fv->dispatch; +-} +- +-AddressSpaceDispatch *address_space_to_dispatch(AddressSpace *as) +-{ +- return flatview_to_dispatch(address_space_to_flatview(as)); +-} +- + static bool can_merge(FlatRange *r1, FlatRange *r2) + { + return int128_eq(addrrange_end(r1->addr), r2->addr.start) +-- +1.8.3.1 + diff --git a/SOURCES/kvm-ppc-spapr-caps-Add-support-for-custom-spapr_capabili.patch b/SOURCES/kvm-ppc-spapr-caps-Add-support-for-custom-spapr_capabili.patch new file mode 100644 index 0000000..24e8690 --- /dev/null +++ b/SOURCES/kvm-ppc-spapr-caps-Add-support-for-custom-spapr_capabili.patch @@ -0,0 +1,136 @@ +From d5704100a478118313ce89e8725c714f20deb094 Mon Sep 17 00:00:00 2001 +From: Suraj Jitindar Singh +Date: Tue, 13 Mar 2018 05:21:32 +0100 +Subject: [PATCH 10/17] ppc/spapr-caps: Add support for custom + spapr_capabilities + +RH-Author: Suraj Jitindar Singh +Message-id: <1520918499-27663-5-git-send-email-sursingh@redhat.com> +Patchwork-id: 79246 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 04/11] ppc/spapr-caps: Add support for custom spapr_capabilities +Bugzilla: 1554957 +RH-Acked-by: David Gibson +RH-Acked-by: Laurent Vivier +RH-Acked-by: Miroslav Rezanina + +From: Suraj Jitindar Singh + +There are currently 2 implemented types of spapr-caps, boolean and +tristate. However there may be a need for caps which don't fit either of +these options. Add a custom capability type for which a list of custom +valid strings can be specified and implement the get/set functions for +these. Also add a field for help text to describe the available options. + +Signed-off-by: Suraj Jitindar Singh +[dwg: Change "help" option to "?" matching qemu conventions] +[dwg: Add ATTRIBUTE_UNUSED to avoid breaking bisect] +Signed-off-by: David Gibson + +(cherry picked from commit 87175d1bc5272fff5cffb05c410b39f839dfc948) + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1548919 + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: Miroslav Rezanina +--- + hw/ppc/spapr_caps.c | 70 +++++++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 70 insertions(+) + +diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c +index 99a4b71..3d8b796 100644 +--- a/hw/ppc/spapr_caps.c ++++ b/hw/ppc/spapr_caps.c +@@ -32,6 +32,20 @@ + + #include "hw/ppc/spapr.h" + ++typedef struct sPAPRCapPossible { ++ int num; /* size of vals array below */ ++ const char *help; /* help text for vals */ ++ /* ++ * Note: ++ * - because of the way compatibility is determined vals MUST be ordered ++ * such that later options are a superset of all preceding options. ++ * - the order of vals must be preserved, that is their index is important, ++ * however vals may be added to the end of the list so long as the above ++ * point is observed ++ */ ++ const char *vals[]; ++} sPAPRCapPossible; ++ + typedef struct sPAPRCapabilityInfo { + const char *name; + const char *description; +@@ -41,6 +55,8 @@ typedef struct sPAPRCapabilityInfo { + ObjectPropertyAccessor *get; + ObjectPropertyAccessor *set; + const char *type; ++ /* Possible values if this is a custom string type */ ++ sPAPRCapPossible *possible; + /* Make sure the virtual hardware can support this capability */ + void (*apply)(sPAPRMachineState *spapr, uint8_t val, Error **errp); + } sPAPRCapabilityInfo; +@@ -133,6 +149,60 @@ out: + g_free(val); + } + ++static void ATTRIBUTE_UNUSED spapr_cap_get_string(Object *obj, Visitor *v, ++ const char *name, ++ void *opaque, Error **errp) ++{ ++ sPAPRCapabilityInfo *cap = opaque; ++ sPAPRMachineState *spapr = SPAPR_MACHINE(obj); ++ char *val = NULL; ++ uint8_t value = spapr_get_cap(spapr, cap->index); ++ ++ if (value >= cap->possible->num) { ++ error_setg(errp, "Invalid value (%d) for cap-%s", value, cap->name); ++ return; ++ } ++ ++ val = g_strdup(cap->possible->vals[value]); ++ ++ visit_type_str(v, name, &val, errp); ++ g_free(val); ++} ++ ++static void ATTRIBUTE_UNUSED spapr_cap_set_string(Object *obj, Visitor *v, ++ const char *name, ++ void *opaque, Error **errp) ++{ ++ sPAPRCapabilityInfo *cap = opaque; ++ sPAPRMachineState *spapr = SPAPR_MACHINE(obj); ++ Error *local_err = NULL; ++ uint8_t i; ++ char *val; ++ ++ visit_type_str(v, name, &val, &local_err); ++ if (local_err) { ++ error_propagate(errp, local_err); ++ return; ++ } ++ ++ if (!strcmp(val, "?")) { ++ error_setg(errp, "%s", cap->possible->help); ++ goto out; ++ } ++ for (i = 0; i < cap->possible->num; i++) { ++ if (!strcasecmp(val, cap->possible->vals[i])) { ++ spapr->cmd_line_caps[cap->index] = true; ++ spapr->eff.caps[cap->index] = i; ++ goto out; ++ } ++ } ++ ++ error_setg(errp, "Invalid capability mode \"%s\" for cap-%s", val, ++ cap->name); ++out: ++ g_free(val); ++} ++ + static void cap_htm_apply(sPAPRMachineState *spapr, uint8_t val, Error **errp) + { + if (!val) { +-- +1.8.3.1 + diff --git a/SOURCES/kvm-ppc-spapr-caps-Change-migration-macro-to-take-full-s.patch b/SOURCES/kvm-ppc-spapr-caps-Change-migration-macro-to-take-full-s.patch new file mode 100644 index 0000000..8259a1f --- /dev/null +++ b/SOURCES/kvm-ppc-spapr-caps-Change-migration-macro-to-take-full-s.patch @@ -0,0 +1,91 @@ +From 798cff99adef284cd804b031a4e4004016fd1f0b Mon Sep 17 00:00:00 2001 +From: Suraj Jitindar Singh +Date: Tue, 13 Mar 2018 05:21:29 +0100 +Subject: [PATCH 07/17] ppc/spapr-caps: Change migration macro to take full + spapr-cap name + +RH-Author: Suraj Jitindar Singh +Message-id: <1520918499-27663-2-git-send-email-sursingh@redhat.com> +Patchwork-id: 79245 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 01/11] ppc/spapr-caps: Change migration macro to take full spapr-cap name +Bugzilla: 1554957 +RH-Acked-by: David Gibson +RH-Acked-by: Laurent Vivier +RH-Acked-by: Miroslav Rezanina + +From: Suraj Jitindar Singh + +Change the macro that generates the vmstate migration field and the needed +function for the spapr-caps to take the full spapr-cap name. This has +the benefit of meaning this instance will be picked up when greping +for the spapr-caps and making it more obvious what this macro is doing. + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: David Gibson +(cherry picked from commit 8c5909c41916f25b47bfdc465059a926603c1319) + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1548919 + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: Miroslav Rezanina +--- + hw/ppc/spapr_caps.c | 30 +++++++++++++++--------------- + 1 file changed, 15 insertions(+), 15 deletions(-) + +diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c +index 62efdae..e69d308 100644 +--- a/hw/ppc/spapr_caps.c ++++ b/hw/ppc/spapr_caps.c +@@ -350,34 +350,34 @@ int spapr_caps_post_migration(sPAPRMachineState *spapr) + } + + /* Used to generate the migration field and needed function for a spapr cap */ +-#define SPAPR_CAP_MIG_STATE(cap, ccap) \ +-static bool spapr_cap_##cap##_needed(void *opaque) \ ++#define SPAPR_CAP_MIG_STATE(sname, cap) \ ++static bool spapr_cap_##sname##_needed(void *opaque) \ + { \ + sPAPRMachineState *spapr = opaque; \ + \ +- return spapr->cmd_line_caps[SPAPR_CAP_##ccap] && \ +- (spapr->eff.caps[SPAPR_CAP_##ccap] != \ +- spapr->def.caps[SPAPR_CAP_##ccap]); \ ++ return spapr->cmd_line_caps[cap] && \ ++ (spapr->eff.caps[cap] != \ ++ spapr->def.caps[cap]); \ + } \ + \ +-const VMStateDescription vmstate_spapr_cap_##cap = { \ +- .name = "spapr/cap/" #cap, \ ++const VMStateDescription vmstate_spapr_cap_##sname = { \ ++ .name = "spapr/cap/" #sname, \ + .version_id = 1, \ + .minimum_version_id = 1, \ +- .needed = spapr_cap_##cap##_needed, \ ++ .needed = spapr_cap_##sname##_needed, \ + .fields = (VMStateField[]) { \ +- VMSTATE_UINT8(mig.caps[SPAPR_CAP_##ccap], \ ++ VMSTATE_UINT8(mig.caps[cap], \ + sPAPRMachineState), \ + VMSTATE_END_OF_LIST() \ + }, \ + } + +-SPAPR_CAP_MIG_STATE(htm, HTM); +-SPAPR_CAP_MIG_STATE(vsx, VSX); +-SPAPR_CAP_MIG_STATE(dfp, DFP); +-SPAPR_CAP_MIG_STATE(cfpc, CFPC); +-SPAPR_CAP_MIG_STATE(sbbc, SBBC); +-SPAPR_CAP_MIG_STATE(ibs, IBS); ++SPAPR_CAP_MIG_STATE(htm, SPAPR_CAP_HTM); ++SPAPR_CAP_MIG_STATE(vsx, SPAPR_CAP_VSX); ++SPAPR_CAP_MIG_STATE(dfp, SPAPR_CAP_DFP); ++SPAPR_CAP_MIG_STATE(cfpc, SPAPR_CAP_CFPC); ++SPAPR_CAP_MIG_STATE(sbbc, SPAPR_CAP_SBBC); ++SPAPR_CAP_MIG_STATE(ibs, SPAPR_CAP_IBS); + + void spapr_caps_reset(sPAPRMachineState *spapr) + { +-- +1.8.3.1 + diff --git a/SOURCES/kvm-ppc-spapr-caps-Convert-cap-cfpc-to-custom-spapr-cap.patch b/SOURCES/kvm-ppc-spapr-caps-Convert-cap-cfpc-to-custom-spapr-cap.patch new file mode 100644 index 0000000..5574e59 --- /dev/null +++ b/SOURCES/kvm-ppc-spapr-caps-Convert-cap-cfpc-to-custom-spapr-cap.patch @@ -0,0 +1,109 @@ +From e9c565a32315df050f7181931e545270de1641d0 Mon Sep 17 00:00:00 2001 +From: Suraj Jitindar Singh +Date: Tue, 13 Mar 2018 05:21:33 +0100 +Subject: [PATCH 11/17] ppc/spapr-caps: Convert cap-cfpc to custom spapr-cap + +RH-Author: Suraj Jitindar Singh +Message-id: <1520918499-27663-6-git-send-email-sursingh@redhat.com> +Patchwork-id: 79251 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 05/11] ppc/spapr-caps: Convert cap-cfpc to custom spapr-cap +Bugzilla: 1554957 +RH-Acked-by: David Gibson +RH-Acked-by: Laurent Vivier +RH-Acked-by: Miroslav Rezanina + +From: Suraj Jitindar Singh + +Convert cap-cfpc (cache flush on privilege change) to a custom spapr-cap +type. + +Signed-off-by: Suraj Jitindar Singh +[dwg: Don't explicitly list "?"/help option, trusting convention] +[dwg: Strip no-longer-necessary ATTRIBUTE_UNUSED back off] +[dwg: Fix some minor style problems] +Signed-off-by: David Gibson + +(cherry picked from commit f27aa81e72b5a5e184a0f3aa3e77061f4fcfb265) + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1548919 + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: Miroslav Rezanina +--- + hw/ppc/spapr_caps.c | 33 ++++++++++++++++++++++----------- + 1 file changed, 22 insertions(+), 11 deletions(-) + +diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c +index 3d8b796..b5a991f 100644 +--- a/hw/ppc/spapr_caps.c ++++ b/hw/ppc/spapr_caps.c +@@ -149,9 +149,8 @@ out: + g_free(val); + } + +-static void ATTRIBUTE_UNUSED spapr_cap_get_string(Object *obj, Visitor *v, +- const char *name, +- void *opaque, Error **errp) ++static void spapr_cap_get_string(Object *obj, Visitor *v, const char *name, ++ void *opaque, Error **errp) + { + sPAPRCapabilityInfo *cap = opaque; + sPAPRMachineState *spapr = SPAPR_MACHINE(obj); +@@ -169,9 +168,8 @@ static void ATTRIBUTE_UNUSED spapr_cap_get_string(Object *obj, Visitor *v, + g_free(val); + } + +-static void ATTRIBUTE_UNUSED spapr_cap_set_string(Object *obj, Visitor *v, +- const char *name, +- void *opaque, Error **errp) ++static void spapr_cap_set_string(Object *obj, Visitor *v, const char *name, ++ void *opaque, Error **errp) + { + sPAPRCapabilityInfo *cap = opaque; + sPAPRMachineState *spapr = SPAPR_MACHINE(obj); +@@ -250,14 +248,26 @@ static void cap_dfp_apply(sPAPRMachineState *spapr, uint8_t val, Error **errp) + } + } + ++sPAPRCapPossible cap_cfpc_possible = { ++ .num = 3, ++ .vals = {"broken", "workaround", "fixed"}, ++ .help = "broken - no protection, workaround - workaround available," ++ " fixed - fixed in hardware", ++}; ++ + static void cap_safe_cache_apply(sPAPRMachineState *spapr, uint8_t val, + Error **errp) + { ++ uint8_t kvm_val = kvmppc_get_cap_safe_cache(); ++ + if (tcg_enabled() && val) { + /* TODO - for now only allow broken for TCG */ +- error_setg(errp, "Requested safe cache capability level not supported by tcg, try a different value for cap-cfpc"); +- } else if (kvm_enabled() && (val > kvmppc_get_cap_safe_cache())) { +- error_setg(errp, "Requested safe cache capability level not supported by kvm, try a different value for cap-cfpc"); ++ error_setg(errp, ++"Requested safe cache capability level not supported by tcg, try a different value for cap-cfpc"); ++ } else if (kvm_enabled() && (val > kvm_val)) { ++ error_setg(errp, ++"Requested safe cache capability level not supported by kvm, try cap-cfpc=%s", ++ cap_cfpc_possible.vals[kvm_val]); + } + } + +@@ -319,9 +329,10 @@ sPAPRCapabilityInfo capability_table[SPAPR_CAP_NUM] = { + .name = "cfpc", + .description = "Cache Flush on Privilege Change" VALUE_DESC_TRISTATE, + .index = SPAPR_CAP_CFPC, +- .get = spapr_cap_get_tristate, +- .set = spapr_cap_set_tristate, ++ .get = spapr_cap_get_string, ++ .set = spapr_cap_set_string, + .type = "string", ++ .possible = &cap_cfpc_possible, + .apply = cap_safe_cache_apply, + }, + [SPAPR_CAP_SBBC] = { +-- +1.8.3.1 + diff --git a/SOURCES/kvm-ppc-spapr-caps-Convert-cap-ibs-to-custom-spapr-cap.patch b/SOURCES/kvm-ppc-spapr-caps-Convert-cap-ibs-to-custom-spapr-cap.patch new file mode 100644 index 0000000..7008246 --- /dev/null +++ b/SOURCES/kvm-ppc-spapr-caps-Convert-cap-ibs-to-custom-spapr-cap.patch @@ -0,0 +1,226 @@ +From 150289beb689037a96b526a4a266da844ee572b8 Mon Sep 17 00:00:00 2001 +From: Suraj Jitindar Singh +Date: Tue, 13 Mar 2018 05:21:35 +0100 +Subject: [PATCH 13/17] ppc/spapr-caps: Convert cap-ibs to custom spapr-cap + +RH-Author: Suraj Jitindar Singh +Message-id: <1520918499-27663-8-git-send-email-sursingh@redhat.com> +Patchwork-id: 79254 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 07/11] ppc/spapr-caps: Convert cap-ibs to custom spapr-cap +Bugzilla: 1554957 +RH-Acked-by: David Gibson +RH-Acked-by: Laurent Vivier +RH-Acked-by: Miroslav Rezanina + +From: Suraj Jitindar Singh + +Convert cap-ibs (indirect branch speculation) to a custom spapr-cap +type. + +All tristate caps have now been converted to custom spapr-caps, so +remove the remaining support for them. + +Signed-off-by: Suraj Jitindar Singh +[dwg: Don't explicitly list "?"/help option, trust convention] +[dwg: Fold tristate removal into here, to not break bisect] +[dwg: Fix minor style problems] +Signed-off-by: David Gibson + +(cherry picked from commit c76c0d3090136773219baad486c836c67ba9ea6d) + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1548919 + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: Miroslav Rezanina +--- + hw/ppc/spapr_caps.c | 90 ++++++++++++++------------------------------------ + hw/ppc/spapr_hcall.c | 5 ++- + include/hw/ppc/spapr.h | 5 ++- + target/ppc/kvm.c | 6 ++-- + 4 files changed, 36 insertions(+), 70 deletions(-) + +diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c +index 8748692..da1f519 100644 +--- a/hw/ppc/spapr_caps.c ++++ b/hw/ppc/spapr_caps.c +@@ -89,65 +89,6 @@ static void spapr_cap_set_bool(Object *obj, Visitor *v, const char *name, + spapr->eff.caps[cap->index] = value ? SPAPR_CAP_ON : SPAPR_CAP_OFF; + } + +-static void spapr_cap_get_tristate(Object *obj, Visitor *v, const char *name, +- void *opaque, Error **errp) +-{ +- sPAPRCapabilityInfo *cap = opaque; +- sPAPRMachineState *spapr = SPAPR_MACHINE(obj); +- char *val = NULL; +- uint8_t value = spapr_get_cap(spapr, cap->index); +- +- switch (value) { +- case SPAPR_CAP_BROKEN: +- val = g_strdup("broken"); +- break; +- case SPAPR_CAP_WORKAROUND: +- val = g_strdup("workaround"); +- break; +- case SPAPR_CAP_FIXED: +- val = g_strdup("fixed"); +- break; +- default: +- error_setg(errp, "Invalid value (%d) for cap-%s", value, cap->name); +- return; +- } +- +- visit_type_str(v, name, &val, errp); +- g_free(val); +-} +- +-static void spapr_cap_set_tristate(Object *obj, Visitor *v, const char *name, +- void *opaque, Error **errp) +-{ +- sPAPRCapabilityInfo *cap = opaque; +- sPAPRMachineState *spapr = SPAPR_MACHINE(obj); +- char *val; +- Error *local_err = NULL; +- uint8_t value; +- +- visit_type_str(v, name, &val, &local_err); +- if (local_err) { +- error_propagate(errp, local_err); +- return; +- } +- +- if (!strcasecmp(val, "broken")) { +- value = SPAPR_CAP_BROKEN; +- } else if (!strcasecmp(val, "workaround")) { +- value = SPAPR_CAP_WORKAROUND; +- } else if (!strcasecmp(val, "fixed")) { +- value = SPAPR_CAP_FIXED; +- } else { +- error_setg(errp, "Invalid capability mode \"%s\" for cap-%s", val, +- cap->name); +- goto out; +- } +- +- spapr->cmd_line_caps[cap->index] = true; +- spapr->eff.caps[cap->index] = value; +-out: +- g_free(val); +-} + + static void spapr_cap_get_string(Object *obj, Visitor *v, const char *name, + void *opaque, Error **errp) +@@ -294,16 +235,31 @@ static void cap_safe_bounds_check_apply(sPAPRMachineState *spapr, uint8_t val, + } + } + ++sPAPRCapPossible cap_ibs_possible = { ++ .num = 4, ++ /* Note workaround only maintained for compatibility */ ++ .vals = {"broken", "workaround", "fixed-ibs", "fixed-ccd"}, ++ .help = "broken - no protection, fixed-ibs - indirect branch serialisation," ++ " fixed-ccd - cache count disabled", ++}; ++ + static void cap_safe_indirect_branch_apply(sPAPRMachineState *spapr, + uint8_t val, Error **errp) + { ++ uint8_t kvm_val = kvmppc_get_cap_safe_indirect_branch(); ++ + if (val == SPAPR_CAP_WORKAROUND) { /* Can only be Broken or Fixed */ +- error_setg(errp, "Requested safe indirect branch capability level \"workaround\" not valid, try cap-ibs=fixed"); ++ error_setg(errp, ++"Requested safe indirect branch capability level \"workaround\" not valid, try cap-ibs=%s", ++ cap_ibs_possible.vals[kvm_val]); + } else if (tcg_enabled() && val) { + /* TODO - for now only allow broken for TCG */ +- error_setg(errp, "Requested safe indirect branch capability level not supported by tcg, try a different value for cap-ibs"); +- } else if (kvm_enabled() && (val > kvmppc_get_cap_safe_indirect_branch())) { +- error_setg(errp, "Requested safe indirect branch capability level not supported by kvm, try a different value for cap-ibs"); ++ error_setg(errp, ++"Requested safe indirect branch capability level not supported by tcg, try a different value for cap-ibs"); ++ } else if (kvm_enabled() && val && (val != kvm_val)) { ++ error_setg(errp, ++"Requested safe indirect branch capability level not supported by kvm, try cap-ibs=%s", ++ cap_ibs_possible.vals[kvm_val]); + } + } + +@@ -359,11 +315,13 @@ sPAPRCapabilityInfo capability_table[SPAPR_CAP_NUM] = { + }, + [SPAPR_CAP_IBS] = { + .name = "ibs", +- .description = "Indirect Branch Serialisation (broken, fixed)", ++ .description = ++ "Indirect Branch Speculation (broken, fixed-ibs, fixed-ccd)", + .index = SPAPR_CAP_IBS, +- .get = spapr_cap_get_tristate, +- .set = spapr_cap_set_tristate, ++ .get = spapr_cap_get_string, ++ .set = spapr_cap_set_string, + .type = "string", ++ .possible = &cap_ibs_possible, + .apply = cap_safe_indirect_branch_apply, + }, + }; +diff --git a/hw/ppc/spapr_hcall.c b/hw/ppc/spapr_hcall.c +index d3f811a..1a5dd7c 100644 +--- a/hw/ppc/spapr_hcall.c ++++ b/hw/ppc/spapr_hcall.c +@@ -1670,7 +1670,10 @@ static target_ulong h_get_cpu_characteristics(PowerPCCPU *cpu, + } + + switch (safe_indirect_branch) { +- case SPAPR_CAP_FIXED: ++ case SPAPR_CAP_FIXED_CCD: ++ characteristics |= H_CPU_CHAR_CACHE_COUNT_DIS; ++ break; ++ case SPAPR_CAP_FIXED_IBS: + characteristics |= H_CPU_CHAR_BCCTRL_SERIALISED; + break; + default: /* broken */ +diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h +index 375b2ba..fb35008 100644 +--- a/include/hw/ppc/spapr.h ++++ b/include/hw/ppc/spapr.h +@@ -75,10 +75,12 @@ typedef enum { + /* Bool Caps */ + #define SPAPR_CAP_OFF 0x00 + #define SPAPR_CAP_ON 0x01 +-/* Broken | Workaround | Fixed Caps */ ++/* Custom Caps */ + #define SPAPR_CAP_BROKEN 0x00 + #define SPAPR_CAP_WORKAROUND 0x01 + #define SPAPR_CAP_FIXED 0x02 ++#define SPAPR_CAP_FIXED_IBS 0x02 ++#define SPAPR_CAP_FIXED_CCD 0x03 + + typedef struct sPAPRCapabilities sPAPRCapabilities; + struct sPAPRCapabilities { +@@ -315,6 +317,7 @@ struct sPAPRMachineState { + #define H_CPU_CHAR_L1D_THREAD_PRIV PPC_BIT(4) + #define H_CPU_CHAR_HON_BRANCH_HINTS PPC_BIT(5) + #define H_CPU_CHAR_THR_RECONF_TRIG PPC_BIT(6) ++#define H_CPU_CHAR_CACHE_COUNT_DIS PPC_BIT(7) + #define H_CPU_BEHAV_FAVOUR_SECURITY PPC_BIT(0) + #define H_CPU_BEHAV_L1D_FLUSH_PR PPC_BIT(1) + #define H_CPU_BEHAV_BNDS_CHK_SPEC_BAR PPC_BIT(2) +diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c +index 4383953..4cd6c92 100644 +--- a/target/ppc/kvm.c ++++ b/target/ppc/kvm.c +@@ -2511,8 +2511,10 @@ static void kvmppc_get_cpu_characteristics(KVMState *s) + cap_ppc_safe_bounds_check = 1; + } + /* Parse and set cap_ppc_safe_indirect_branch */ +- if (c.character & c.character_mask & H_CPU_CHAR_BCCTRL_SERIALISED) { +- cap_ppc_safe_indirect_branch = 2; ++ if (c.character & c.character_mask & H_CPU_CHAR_CACHE_COUNT_DIS) { ++ cap_ppc_safe_indirect_branch = SPAPR_CAP_FIXED_CCD; ++ } else if (c.character & c.character_mask & H_CPU_CHAR_BCCTRL_SERIALISED) { ++ cap_ppc_safe_indirect_branch = SPAPR_CAP_FIXED_IBS; + } + } + +-- +1.8.3.1 + diff --git a/SOURCES/kvm-ppc-spapr-caps-Convert-cap-sbbc-to-custom-spapr-cap.patch b/SOURCES/kvm-ppc-spapr-caps-Convert-cap-sbbc-to-custom-spapr-cap.patch new file mode 100644 index 0000000..cb48433 --- /dev/null +++ b/SOURCES/kvm-ppc-spapr-caps-Convert-cap-sbbc-to-custom-spapr-cap.patch @@ -0,0 +1,85 @@ +From bf60dd793e4a04ab7952aa8e5046436113805c0d Mon Sep 17 00:00:00 2001 +From: Suraj Jitindar Singh +Date: Tue, 13 Mar 2018 05:21:34 +0100 +Subject: [PATCH 12/17] ppc/spapr-caps: Convert cap-sbbc to custom spapr-cap + +RH-Author: Suraj Jitindar Singh +Message-id: <1520918499-27663-7-git-send-email-sursingh@redhat.com> +Patchwork-id: 79253 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 06/11] ppc/spapr-caps: Convert cap-sbbc to custom spapr-cap +Bugzilla: 1554957 +RH-Acked-by: David Gibson +RH-Acked-by: Laurent Vivier +RH-Acked-by: Miroslav Rezanina + +From: Suraj Jitindar Singh + +Convert cap-sbbc (speculation barrier bounds checking) to a custom +spapr-cap type. + +Signed-off-by: Suraj Jitindar Singh +[dwg: Removed trailing whitespace] +[dwg: Don't explicitly list "?"/help option, trust convention] +[dwg: Fix some minor style problems] +Signed-off-by: David Gibson + +(cherry picked from commit aaf265ffde352c4100a8e2adc554ec11aa6abe08) + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1548919 + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: Miroslav Rezanina +--- + hw/ppc/spapr_caps.c | 23 ++++++++++++++++++----- + 1 file changed, 18 insertions(+), 5 deletions(-) + +diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c +index b5a991f..8748692 100644 +--- a/hw/ppc/spapr_caps.c ++++ b/hw/ppc/spapr_caps.c +@@ -271,14 +271,26 @@ static void cap_safe_cache_apply(sPAPRMachineState *spapr, uint8_t val, + } + } + ++sPAPRCapPossible cap_sbbc_possible = { ++ .num = 3, ++ .vals = {"broken", "workaround", "fixed"}, ++ .help = "broken - no protection, workaround - workaround available," ++ " fixed - fixed in hardware", ++}; ++ + static void cap_safe_bounds_check_apply(sPAPRMachineState *spapr, uint8_t val, + Error **errp) + { ++ uint8_t kvm_val = kvmppc_get_cap_safe_bounds_check(); ++ + if (tcg_enabled() && val) { + /* TODO - for now only allow broken for TCG */ +- error_setg(errp, "Requested safe bounds check capability level not supported by tcg, try a different value for cap-sbbc"); +- } else if (kvm_enabled() && (val > kvmppc_get_cap_safe_bounds_check())) { +- error_setg(errp, "Requested safe bounds check capability level not supported by kvm, try a different value for cap-sbbc"); ++ error_setg(errp, ++"Requested safe bounds check capability level not supported by tcg, try a different value for cap-sbbc"); ++ } else if (kvm_enabled() && (val > kvm_val)) { ++ error_setg(errp, ++"Requested safe bounds check capability level not supported by kvm, try cap-sbbc=%s", ++ cap_sbbc_possible.vals[kvm_val]); + } + } + +@@ -339,9 +351,10 @@ sPAPRCapabilityInfo capability_table[SPAPR_CAP_NUM] = { + .name = "sbbc", + .description = "Speculation Barrier Bounds Checking" VALUE_DESC_TRISTATE, + .index = SPAPR_CAP_SBBC, +- .get = spapr_cap_get_tristate, +- .set = spapr_cap_set_tristate, ++ .get = spapr_cap_get_string, ++ .set = spapr_cap_set_string, + .type = "string", ++ .possible = &cap_sbbc_possible, + .apply = cap_safe_bounds_check_apply, + }, + [SPAPR_CAP_IBS] = { +-- +1.8.3.1 + diff --git a/SOURCES/kvm-ppc-spapr-caps-Define-the-pseries-2.12-sxxm-machine-.patch b/SOURCES/kvm-ppc-spapr-caps-Define-the-pseries-2.12-sxxm-machine-.patch new file mode 100644 index 0000000..e691630 --- /dev/null +++ b/SOURCES/kvm-ppc-spapr-caps-Define-the-pseries-2.12-sxxm-machine-.patch @@ -0,0 +1,132 @@ +From c51968caca390f8feade4d61c32778cf8c51c68a Mon Sep 17 00:00:00 2001 +From: Suraj Jitindar Singh +Date: Tue, 13 Mar 2018 05:21:36 +0100 +Subject: [PATCH 14/17] ppc/spapr-caps: Define the pseries-2.12-sxxm machine + type + +RH-Author: Suraj Jitindar Singh +Message-id: <1520918499-27663-9-git-send-email-sursingh@redhat.com> +Patchwork-id: 79255 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 08/11] ppc/spapr-caps: Define the pseries-2.12-sxxm machine type +Bugzilla: 1554957 +RH-Acked-by: David Gibson +RH-Acked-by: Laurent Vivier +RH-Acked-by: Miroslav Rezanina + +From: Suraj Jitindar Singh + +The sxxm (speculative execution exploit mitigation) machine type is a +variant of the 2.12 machine type with workarounds for speculative +execution vulnerabilities enabled by default. + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: David Gibson +(cherry picked from commit 813f3cf655c6f3afe6e2ef04281ba7cd5ea24357) + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1548919 + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: Miroslav Rezanina +--- + hw/ppc/spapr.c | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++ + hw/ppc/spapr_caps.c | 11 +++++++++++ + 2 files changed, 64 insertions(+) + +diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c +index c71ffac..a43e64c 100644 +--- a/hw/ppc/spapr.c ++++ b/hw/ppc/spapr.c +@@ -3756,6 +3756,59 @@ static const TypeInfo spapr_machine_info = { + + #if 0 /* Disabled for Red Hat Enterprise Linux */ + /* ++ * pseries-2.12 ++ */ ++static void spapr_machine_2_12_instance_options(MachineState *machine) ++{ ++} ++ ++static void spapr_machine_2_12_class_options(MachineClass *mc) ++{ ++ /* Defaults for the latest behaviour inherited from the base class */ ++} ++ ++DEFINE_SPAPR_MACHINE(2_12, "2.12", true); ++ ++static void spapr_machine_2_12_sxxm_instance_options(MachineState *machine) ++{ ++ spapr_machine_2_12_instance_options(machine); ++} ++ ++static void spapr_machine_2_12_sxxm_class_options(MachineClass *mc) ++{ ++ sPAPRMachineClass *smc = SPAPR_MACHINE_CLASS(mc); ++ ++ spapr_machine_2_12_class_options(mc); ++ smc->default_caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_WORKAROUND; ++ smc->default_caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_WORKAROUND; ++ smc->default_caps.caps[SPAPR_CAP_IBS] = SPAPR_CAP_FIXED_CCD; ++} ++ ++DEFINE_SPAPR_MACHINE(2_12_sxxm, "2.12-sxxm", false); ++ ++/* ++ * pseries-2.11 ++ */ ++#define SPAPR_COMPAT_2_11 \ ++ HW_COMPAT_2_11 ++ ++static void spapr_machine_2_11_instance_options(MachineState *machine) ++{ ++ spapr_machine_2_12_instance_options(machine); ++} ++ ++static void spapr_machine_2_11_class_options(MachineClass *mc) ++{ ++ sPAPRMachineClass *smc = SPAPR_MACHINE_CLASS(mc); ++ ++ spapr_machine_2_12_class_options(mc); ++ smc->default_caps.caps[SPAPR_CAP_HTM] = SPAPR_CAP_ON; ++ SET_MACHINE_COMPAT(mc, SPAPR_COMPAT_2_11); ++} ++ ++DEFINE_SPAPR_MACHINE(2_11, "2.11", false); ++ ++/* + * pseries-2.10 + */ + static void spapr_machine_2_10_instance_options(MachineState *machine) +diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c +index da1f519..531e145 100644 +--- a/hw/ppc/spapr_caps.c ++++ b/hw/ppc/spapr_caps.c +@@ -335,15 +335,26 @@ static sPAPRCapabilities default_caps_with_cpu(sPAPRMachineState *spapr, + + caps = smc->default_caps; + ++ if (!ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_3_00, ++ 0, spapr->max_compat_pvr)) { ++ caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_BROKEN; ++ } ++ + if (!ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_2_07, + 0, spapr->max_compat_pvr)) { + caps.caps[SPAPR_CAP_HTM] = SPAPR_CAP_OFF; + } + ++ if (!ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_2_06_PLUS, ++ 0, spapr->max_compat_pvr)) { ++ caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_BROKEN; ++ } ++ + if (!ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_2_06, + 0, spapr->max_compat_pvr)) { + caps.caps[SPAPR_CAP_VSX] = SPAPR_CAP_OFF; + caps.caps[SPAPR_CAP_DFP] = SPAPR_CAP_OFF; ++ caps.caps[SPAPR_CAP_IBS] = SPAPR_CAP_BROKEN; + } + + return caps; +-- +1.8.3.1 + diff --git a/SOURCES/kvm-ppc-spapr-caps-Disallow-setting-workaround-for-spapr.patch b/SOURCES/kvm-ppc-spapr-caps-Disallow-setting-workaround-for-spapr.patch new file mode 100644 index 0000000..0dfe734 --- /dev/null +++ b/SOURCES/kvm-ppc-spapr-caps-Disallow-setting-workaround-for-spapr.patch @@ -0,0 +1,65 @@ +From cb43b40e88fde117852a7a52506e4421d82c4fc8 Mon Sep 17 00:00:00 2001 +From: Suraj Jitindar Singh +Date: Tue, 13 Mar 2018 05:21:30 +0100 +Subject: [PATCH 08/17] ppc/spapr-caps: Disallow setting workaround for + spapr-cap-ibs + +RH-Author: Suraj Jitindar Singh +Message-id: <1520918499-27663-3-git-send-email-sursingh@redhat.com> +Patchwork-id: 79252 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 02/11] ppc/spapr-caps: Disallow setting workaround for spapr-cap-ibs +Bugzilla: 1554957 +RH-Acked-by: David Gibson +RH-Acked-by: Laurent Vivier +RH-Acked-by: Miroslav Rezanina + +From: Suraj Jitindar Singh + +The spapr-cap cap-ibs can only have values broken or fixed as there is +no explicit workaround required. Currently setting the value workaround +for this cap will hit an assert if the guest makes the hcall +h_get_cpu_characteristics. + +Report an error when attempting to apply the setting with a more helpful +error message. + +Reported-by: Satheesh Rajendran +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: David Gibson +(cherry picked from commit 4f5b039d2bf9bb26b6e26a3dc65da36fe970cba9) + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1548919 + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: Miroslav Rezanina +--- + hw/ppc/spapr_caps.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c +index e69d308..99a4b71 100644 +--- a/hw/ppc/spapr_caps.c ++++ b/hw/ppc/spapr_caps.c +@@ -205,7 +205,9 @@ static void cap_safe_bounds_check_apply(sPAPRMachineState *spapr, uint8_t val, + static void cap_safe_indirect_branch_apply(sPAPRMachineState *spapr, + uint8_t val, Error **errp) + { +- if (tcg_enabled() && val) { ++ if (val == SPAPR_CAP_WORKAROUND) { /* Can only be Broken or Fixed */ ++ error_setg(errp, "Requested safe indirect branch capability level \"workaround\" not valid, try cap-ibs=fixed"); ++ } else if (tcg_enabled() && val) { + /* TODO - for now only allow broken for TCG */ + error_setg(errp, "Requested safe indirect branch capability level not supported by tcg, try a different value for cap-ibs"); + } else if (kvm_enabled() && (val > kvmppc_get_cap_safe_indirect_branch())) { +@@ -263,7 +265,7 @@ sPAPRCapabilityInfo capability_table[SPAPR_CAP_NUM] = { + }, + [SPAPR_CAP_IBS] = { + .name = "ibs", +- .description = "Indirect Branch Serialisation" VALUE_DESC_TRISTATE, ++ .description = "Indirect Branch Serialisation (broken, fixed)", + .index = SPAPR_CAP_IBS, + .get = spapr_cap_get_tristate, + .set = spapr_cap_set_tristate, +-- +1.8.3.1 + diff --git a/SOURCES/kvm-redhat-Define-the-pseries-rhel7.3-sxxm-machine-type.patch b/SOURCES/kvm-redhat-Define-the-pseries-rhel7.3-sxxm-machine-type.patch new file mode 100644 index 0000000..7442514 --- /dev/null +++ b/SOURCES/kvm-redhat-Define-the-pseries-rhel7.3-sxxm-machine-type.patch @@ -0,0 +1,62 @@ +From 7acdd1342ff5e62360250b4ff60768e91c070864 Mon Sep 17 00:00:00 2001 +From: Suraj Jitindar Singh +Date: Tue, 13 Mar 2018 05:21:39 +0100 +Subject: [PATCH 17/17] redhat: Define the pseries-rhel7.3-sxxm machine type + +RH-Author: Suraj Jitindar Singh +Message-id: <1520918499-27663-12-git-send-email-sursingh@redhat.com> +Patchwork-id: 79247 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 11/11] redhat: Define the pseries-rhel7.3-sxxm machine type +Bugzilla: 1554957 +RH-Acked-by: David Gibson +RH-Acked-by: Laurent Vivier +RH-Acked-by: Miroslav Rezanina + +The sxxm (speculative execution exploit mitigation) machine type is a +variant of the 7.3 machine type with workarounds for speculative +execution vulnerabilities enabled by default. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1548919 + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: Miroslav Rezanina +--- + hw/ppc/spapr.c | 22 ++++++++++++++++++++++ + 1 file changed, 22 insertions(+) + +diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c +index 3d210b3..fa07a75 100644 +--- a/hw/ppc/spapr.c ++++ b/hw/ppc/spapr.c +@@ -4263,6 +4263,28 @@ static void spapr_machine_rhel730_class_options(MachineClass *mc) + DEFINE_SPAPR_MACHINE(rhel730, "rhel7.3.0", false); + + /* ++ * pseries-rhel7.3.0-sxxm ++ * ++ * pseries-rhel7.3.0 with speculative execution exploit mitigations enabled by default ++ */ ++static void spapr_machine_rhel730sxxm_instance_options(MachineState *machine) ++{ ++ spapr_machine_rhel730_instance_options(machine); ++} ++ ++static void spapr_machine_rhel730sxxm_class_options(MachineClass *mc) ++{ ++ sPAPRMachineClass *smc = SPAPR_MACHINE_CLASS(mc); ++ ++ spapr_machine_rhel730_class_options(mc); ++ smc->default_caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_WORKAROUND; ++ smc->default_caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_WORKAROUND; ++ smc->default_caps.caps[SPAPR_CAP_IBS] = SPAPR_CAP_FIXED_CCD; ++} ++ ++DEFINE_SPAPR_MACHINE(rhel730sxxm, "rhel7.3.0-sxxm", false); ++ ++/* + * pseries-rhel7.2.0 + */ + /* Should be like SPAPR_COMPAT_2_5 + 2_4 + 2_3, but "dynamic-reconfiguration" +-- +1.8.3.1 + diff --git a/SOURCES/kvm-redhat-Define-the-pseries-rhel7.4-sxxm-machine-type.patch b/SOURCES/kvm-redhat-Define-the-pseries-rhel7.4-sxxm-machine-type.patch new file mode 100644 index 0000000..07469ed --- /dev/null +++ b/SOURCES/kvm-redhat-Define-the-pseries-rhel7.4-sxxm-machine-type.patch @@ -0,0 +1,62 @@ +From 4921c669250aa91ce11c041568c0de093c211e29 Mon Sep 17 00:00:00 2001 +From: Suraj Jitindar Singh +Date: Tue, 13 Mar 2018 05:21:38 +0100 +Subject: [PATCH 16/17] redhat: Define the pseries-rhel7.4-sxxm machine type + +RH-Author: Suraj Jitindar Singh +Message-id: <1520918499-27663-11-git-send-email-sursingh@redhat.com> +Patchwork-id: 79256 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 10/11] redhat: Define the pseries-rhel7.4-sxxm machine type +Bugzilla: 1554957 +RH-Acked-by: David Gibson +RH-Acked-by: Laurent Vivier +RH-Acked-by: Miroslav Rezanina + +The sxxm (speculative execution exploit mitigation) machine type is a +variant of the 7.4 machine type with workarounds for speculative +execution vulnerabilities enabled by default. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1548919 + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: Miroslav Rezanina +--- + hw/ppc/spapr.c | 22 ++++++++++++++++++++++ + 1 file changed, 22 insertions(+) + +diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c +index 9d63c00..3d210b3 100644 +--- a/hw/ppc/spapr.c ++++ b/hw/ppc/spapr.c +@@ -4189,6 +4189,28 @@ static void spapr_machine_rhel740_class_options(MachineClass *mc) + DEFINE_SPAPR_MACHINE(rhel740, "rhel7.4.0", false); + + /* ++ * pseries-rhel7.4.0-sxxm ++ * ++ * pseries-rhel7.4.0 with speculative execution exploit mitigations enabled by default ++ */ ++static void spapr_machine_rhel740sxxm_instance_options(MachineState *machine) ++{ ++ spapr_machine_rhel740_instance_options(machine); ++} ++ ++static void spapr_machine_rhel740sxxm_class_options(MachineClass *mc) ++{ ++ sPAPRMachineClass *smc = SPAPR_MACHINE_CLASS(mc); ++ ++ spapr_machine_rhel740_class_options(mc); ++ smc->default_caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_WORKAROUND; ++ smc->default_caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_WORKAROUND; ++ smc->default_caps.caps[SPAPR_CAP_IBS] = SPAPR_CAP_FIXED_CCD; ++} ++ ++DEFINE_SPAPR_MACHINE(rhel740sxxm, "rhel7.4.0-sxxm", false); ++ ++/* + * pseries-rhel7.3.0 + * like SPAPR_COMPAT_2_6/_2_7/_2_8 but "ddw" has been backported to RHEL7_3 + */ +-- +1.8.3.1 + diff --git a/SOURCES/kvm-redhat-Define-the-pseries-rhel7.5-sxxm-machine-type.patch b/SOURCES/kvm-redhat-Define-the-pseries-rhel7.5-sxxm-machine-type.patch new file mode 100644 index 0000000..f623c7f --- /dev/null +++ b/SOURCES/kvm-redhat-Define-the-pseries-rhel7.5-sxxm-machine-type.patch @@ -0,0 +1,62 @@ +From ac371ebbc83fd09970f259f77481956673c885cf Mon Sep 17 00:00:00 2001 +From: Suraj Jitindar Singh +Date: Tue, 13 Mar 2018 05:21:37 +0100 +Subject: [PATCH 15/17] redhat: Define the pseries-rhel7.5-sxxm machine type + +RH-Author: Suraj Jitindar Singh +Message-id: <1520918499-27663-10-git-send-email-sursingh@redhat.com> +Patchwork-id: 79250 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 09/11] redhat: Define the pseries-rhel7.5-sxxm machine type +Bugzilla: 1554957 +RH-Acked-by: David Gibson +RH-Acked-by: Laurent Vivier +RH-Acked-by: Miroslav Rezanina + +The sxxm (speculative execution exploit mitigation) machine type is a +variant of the 7.5 machine type with workarounds for speculative +execution vulnerabilities enabled by default. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1548919 + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: Miroslav Rezanina +--- + hw/ppc/spapr.c | 22 ++++++++++++++++++++++ + 1 file changed, 22 insertions(+) + +diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c +index a43e64c..9d63c00 100644 +--- a/hw/ppc/spapr.c ++++ b/hw/ppc/spapr.c +@@ -4131,6 +4131,28 @@ static void spapr_machine_rhel750_class_options(MachineClass *mc) + + DEFINE_SPAPR_MACHINE(rhel750, "rhel7.5.0", true); + ++/* ++ * pseries-rhel7.5.0-sxxm ++ * ++ * pseries-rhel7.5.0 with speculative execution exploit mitigations enabled by default ++ */ ++static void spapr_machine_rhel750sxxm_instance_options(MachineState *machine) ++{ ++ spapr_machine_rhel750_instance_options(machine); ++} ++ ++static void spapr_machine_rhel750sxxm_class_options(MachineClass *mc) ++{ ++ sPAPRMachineClass *smc = SPAPR_MACHINE_CLASS(mc); ++ ++ spapr_machine_rhel750_class_options(mc); ++ smc->default_caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_WORKAROUND; ++ smc->default_caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_WORKAROUND; ++ smc->default_caps.caps[SPAPR_CAP_IBS] = SPAPR_CAP_FIXED_CCD; ++} ++ ++DEFINE_SPAPR_MACHINE(rhel750sxxm, "rhel7.5.0-sxxm", false); ++ + #if defined(CONFIG_RHV) + + /* +-- +1.8.3.1 + diff --git a/SOURCES/kvm-target-ppc-Check-mask-when-setting-cap_ppc_safe_indi.patch b/SOURCES/kvm-target-ppc-Check-mask-when-setting-cap_ppc_safe_indi.patch new file mode 100644 index 0000000..f54eb2f --- /dev/null +++ b/SOURCES/kvm-target-ppc-Check-mask-when-setting-cap_ppc_safe_indi.patch @@ -0,0 +1,52 @@ +From 97905eb55273dac61e4d6ff300638c0b133e0f06 Mon Sep 17 00:00:00 2001 +From: Suraj Jitindar Singh +Date: Tue, 13 Mar 2018 05:21:31 +0100 +Subject: [PATCH 09/17] target/ppc: Check mask when setting + cap_ppc_safe_indirect_branch + +RH-Author: Suraj Jitindar Singh +Message-id: <1520918499-27663-4-git-send-email-sursingh@redhat.com> +Patchwork-id: 79249 +O-Subject: [RHEL7.5 qemu-kvm-rhev PATCH 03/11] target/ppc: Check mask when setting cap_ppc_safe_indirect_branch +Bugzilla: 1554957 +RH-Acked-by: David Gibson +RH-Acked-by: Laurent Vivier +RH-Acked-by: Miroslav Rezanina + +From: Suraj Jitindar Singh + +Check the character and character_mask field when setting +cap_ppc_safe_indirect_branch based on the hypervisor response +to KVM_PPC_GET_CPU_CHAR. Previously the mask field wasn't checked +which was incorrect. + +Fixes: 8acc2ae5 (target/ppc/kvm: Add cap_ppc_safe_[cache/bounds_check/indirect_branch]) + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: David Gibson +(cherry picked from commit cb931c2108a59db0b4a22f0c439ee7362c4f95ab) + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1548919 + +Signed-off-by: Suraj Jitindar Singh +Signed-off-by: Miroslav Rezanina +--- + target/ppc/kvm.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c +index 7a7bc3b..4383953 100644 +--- a/target/ppc/kvm.c ++++ b/target/ppc/kvm.c +@@ -2511,7 +2511,7 @@ static void kvmppc_get_cpu_characteristics(KVMState *s) + cap_ppc_safe_bounds_check = 1; + } + /* Parse and set cap_ppc_safe_indirect_branch */ +- if (c.character & H_CPU_CHAR_BCCTRL_SERIALISED) { ++ if (c.character & c.character_mask & H_CPU_CHAR_BCCTRL_SERIALISED) { + cap_ppc_safe_indirect_branch = 2; + } + } +-- +1.8.3.1 + diff --git a/SPECS/qemu-kvm.spec b/SPECS/qemu-kvm.spec index 73aaa96..f74896f 100644 --- a/SPECS/qemu-kvm.spec +++ b/SPECS/qemu-kvm.spec @@ -106,7 +106,7 @@ Obsoletes: %1%{rhel_ma_suffix} < %{obsoletes_version2} \ Summary: QEMU is a machine emulator and virtualizer Name: %{pkgname}%{?pkgsuffix} Version: 2.10.0 -Release: 21%{?dist} +Release: 21%{?dist}.1 # Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped Epoch: 10 License: GPLv2+ and LGPLv2+ and BSD @@ -1015,6 +1015,40 @@ Patch429: kvm-spapr-add-missing-break-in-h_get_cpu_characteristics.patch Patch430: kvm-vfio-pci-Add-option-to-disable-GeForce-quirks.patch # For bz#1508330 - Interrupt latency issues with vGPU on KVM hypervisor. Patch431: kvm-Disable-GeForce-quirks-in-vfio-pci-for-RHEL-machines.patch +# For bz#1554930 - incorrect locking (possible use-after-free) with bug 1481593 fix [rhel-7.5.z] +Patch432: kvm-memory-inline-some-performance-sensitive-accessors.patch +# For bz#1554930 - incorrect locking (possible use-after-free) with bug 1481593 fix [rhel-7.5.z] +Patch433: kvm-address_space_write-address_space_to_flatview-needs-.patch +# For bz#1554930 - incorrect locking (possible use-after-free) with bug 1481593 fix [rhel-7.5.z] +Patch434: kvm-address_space_read-address_space_to_flatview-needs-R.patch +# For bz#1554930 - incorrect locking (possible use-after-free) with bug 1481593 fix [rhel-7.5.z] +Patch435: kvm-address_space_access_valid-address_space_to_flatview.patch +# For bz#1554930 - incorrect locking (possible use-after-free) with bug 1481593 fix [rhel-7.5.z] +Patch436: kvm-address_space_map-address_space_to_flatview-needs-RC.patch +# For bz#1554930 - incorrect locking (possible use-after-free) with bug 1481593 fix [rhel-7.5.z] +Patch437: kvm-address_space_rw-address_space_to_flatview-needs-RCU.patch +# For bz#1554957 - [CVE-2017-5754] Variant3: POWER {qemu-kvm-ma} Add machine type variants [rhel-7.5.z] +Patch438: kvm-ppc-spapr-caps-Change-migration-macro-to-take-full-s.patch +# For bz#1554957 - [CVE-2017-5754] Variant3: POWER {qemu-kvm-ma} Add machine type variants [rhel-7.5.z] +Patch439: kvm-ppc-spapr-caps-Disallow-setting-workaround-for-spapr.patch +# For bz#1554957 - [CVE-2017-5754] Variant3: POWER {qemu-kvm-ma} Add machine type variants [rhel-7.5.z] +Patch440: kvm-target-ppc-Check-mask-when-setting-cap_ppc_safe_indi.patch +# For bz#1554957 - [CVE-2017-5754] Variant3: POWER {qemu-kvm-ma} Add machine type variants [rhel-7.5.z] +Patch441: kvm-ppc-spapr-caps-Add-support-for-custom-spapr_capabili.patch +# For bz#1554957 - [CVE-2017-5754] Variant3: POWER {qemu-kvm-ma} Add machine type variants [rhel-7.5.z] +Patch442: kvm-ppc-spapr-caps-Convert-cap-cfpc-to-custom-spapr-cap.patch +# For bz#1554957 - [CVE-2017-5754] Variant3: POWER {qemu-kvm-ma} Add machine type variants [rhel-7.5.z] +Patch443: kvm-ppc-spapr-caps-Convert-cap-sbbc-to-custom-spapr-cap.patch +# For bz#1554957 - [CVE-2017-5754] Variant3: POWER {qemu-kvm-ma} Add machine type variants [rhel-7.5.z] +Patch444: kvm-ppc-spapr-caps-Convert-cap-ibs-to-custom-spapr-cap.patch +# For bz#1554957 - [CVE-2017-5754] Variant3: POWER {qemu-kvm-ma} Add machine type variants [rhel-7.5.z] +Patch445: kvm-ppc-spapr-caps-Define-the-pseries-2.12-sxxm-machine-.patch +# For bz#1554957 - [CVE-2017-5754] Variant3: POWER {qemu-kvm-ma} Add machine type variants [rhel-7.5.z] +Patch446: kvm-redhat-Define-the-pseries-rhel7.5-sxxm-machine-type.patch +# For bz#1554957 - [CVE-2017-5754] Variant3: POWER {qemu-kvm-ma} Add machine type variants [rhel-7.5.z] +Patch447: kvm-redhat-Define-the-pseries-rhel7.4-sxxm-machine-type.patch +# For bz#1554957 - [CVE-2017-5754] Variant3: POWER {qemu-kvm-ma} Add machine type variants [rhel-7.5.z] +Patch448: kvm-redhat-Define-the-pseries-rhel7.3-sxxm-machine-type.patch BuildRequires: zlib-devel BuildRequires: glib2-devel @@ -1623,6 +1657,23 @@ cp %{SOURCE29} pc-bios %patch429 -p1 %patch430 -p1 %patch431 -p1 +%patch432 -p1 +%patch433 -p1 +%patch434 -p1 +%patch435 -p1 +%patch436 -p1 +%patch437 -p1 +%patch438 -p1 +%patch439 -p1 +%patch440 -p1 +%patch441 -p1 +%patch442 -p1 +%patch443 -p1 +%patch444 -p1 +%patch445 -p1 +%patch446 -p1 +%patch447 -p1 +%patch448 -p1 # for tscdeadline_latency.flat %ifarch x86_64 @@ -2121,6 +2172,29 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \ %endif %changelog +* Wed Mar 14 2018 Miroslav Rezanina - ma-2.10.0-21.el7_5.1 +- kvm-memory-inline-some-performance-sensitive-accessors.patch [bz#1554930] +- kvm-address_space_write-address_space_to_flatview-needs-.patch [bz#1554930] +- kvm-address_space_read-address_space_to_flatview-needs-R.patch [bz#1554930] +- kvm-address_space_access_valid-address_space_to_flatview.patch [bz#1554930] +- kvm-address_space_map-address_space_to_flatview-needs-RC.patch [bz#1554930] +- kvm-address_space_rw-address_space_to_flatview-needs-RCU.patch [bz#1554930] +- kvm-ppc-spapr-caps-Change-migration-macro-to-take-full-s.patch [bz#1554957] +- kvm-ppc-spapr-caps-Disallow-setting-workaround-for-spapr.patch [bz#1554957] +- kvm-target-ppc-Check-mask-when-setting-cap_ppc_safe_indi.patch [bz#1554957] +- kvm-ppc-spapr-caps-Add-support-for-custom-spapr_capabili.patch [bz#1554957] +- kvm-ppc-spapr-caps-Convert-cap-cfpc-to-custom-spapr-cap.patch [bz#1554957] +- kvm-ppc-spapr-caps-Convert-cap-sbbc-to-custom-spapr-cap.patch [bz#1554957] +- kvm-ppc-spapr-caps-Convert-cap-ibs-to-custom-spapr-cap.patch [bz#1554957] +- kvm-ppc-spapr-caps-Define-the-pseries-2.12-sxxm-machine-.patch [bz#1554957] +- kvm-redhat-Define-the-pseries-rhel7.5-sxxm-machine-type.patch [bz#1554957] +- kvm-redhat-Define-the-pseries-rhel7.4-sxxm-machine-type.patch [bz#1554957] +- kvm-redhat-Define-the-pseries-rhel7.3-sxxm-machine-type.patch [bz#1554957] +- Resolves: bz#1554930 + (incorrect locking (possible use-after-free) with bug 1481593 fix [rhel-7.5.z]) +- Resolves: bz#1554957 + ([CVE-2017-5754] Variant3: POWER {qemu-kvm-ma} Add machine type variants [rhel-7.5.z]) + * Tue Feb 20 2018 Miroslav Rezanina - 2.10.0-21.el7 - kvm-migration-Recover-block-devices-if-failure-in-device.patch [bz#1538494] - kvm-migration-savevm.c-set-MAX_VM_CMD_PACKAGED_SIZE-to-1.patch [bz#1540003]