From patchwork Wed Jul 17 05:03:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735066 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B49DBC3DA42 for ; Wed, 17 Jul 2024 05:05:05 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwpQ-0000CF-I0; Wed, 17 Jul 2024 01:03:48 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpM-00005l-TU for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:03:46 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpI-0001wi-0u for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:03:43 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192619; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xvBboM0gBLgPXgc0OfI2YETwpo6vg79+rDTOsfSo04k=; b=LI0wWaE2fopgIG7sZGLoBmSBIXjmfpLMT0oYcSIfbFyWTlTL/LSOXPgqBEj4b6H9Vz2gh+ JnwKYhS8kTUC+eP+46fAdFPkIgxmJGPrjLrqtoIbPQ3h+8IBpnQkvQHpJDckGEyvZ5kVZl Lpdh9TcbM9ArbqLP95v3HTyFyEeCeRc= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-522-JAFsuMDwNamn-_ERjFSmJw-1; Wed, 17 Jul 2024 01:03:37 -0400 X-MC-Unique: JAFsuMDwNamn-_ERjFSmJw-1 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-4266d0183feso41323795e9.0 for ; Tue, 16 Jul 2024 22:03:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192616; x=1721797416; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=xvBboM0gBLgPXgc0OfI2YETwpo6vg79+rDTOsfSo04k=; b=BXhoXaLF7LyycsyXOBKMBE95U3C0tHF1Cpp6pgol6+RPg408Pf293H4BX+aeXftN3T UPtRFH3SDrZeZ3eojXY6bAQOU1c2nJ7eFKr87UiWQxkb97jvKTgNC+YWhj+Sx7T6/zZs PODXkSRfDVJElNWNlZrU8g1+5wsRqMYdlDBwlphR0zj+xyxYvRZirWEWSBB86ed8VTWG jibHV8anEz3DMEotpHIBTqLZB2ViFdmRpWLktWxwN2tGd6+X5EV9f1yqmhg/7ky+Jw+m 8YD6YDeDynYOTZiQueMKw5pXeLf2HGxIQe8PbQkCX8xso9IF3HQcQ2/AMjgjCdaUAB6l Rchw== X-Gm-Message-State: AOJu0YyortVlcrTAk0aLISMv2JbSK6VIB5DiDFLFNsqwCJuwe501kbs/ WIdg+kxG7TRrwk4oCFVB2Ou2nODkF8DRWX9ho1IC9yF+HgQ83ByFBKYiz14IYNARVFnUStM+9nV rqy3YQwdes3v488OlLfF9O7Dvz+NHo87kZT/URA3N/a4tTippGceJdnV5ZASCZNMUexN8XFs6Vs j+Nz4Kf38w57UFYvm44o52ZYfq972woS6tXGkY X-Received: by 2002:a05:600c:4690:b0:426:6696:9e50 with SMTP id 5b1f17b1804b1-427c2cb0869mr2671695e9.14.1721192615832; Tue, 16 Jul 2024 22:03:35 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF0dJd1zzIHD6YIbXa+f5V3qfglRo8jsbLkdiBokdBFJ2faTewrH4mT6rdxGu48prFtIHsKVw== X-Received: by 2002:a05:600c:4690:b0:426:6696:9e50 with SMTP id 5b1f17b1804b1-427c2cb0869mr2671585e9.14.1721192615513; Tue, 16 Jul 2024 22:03:35 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-427a5e77488sm158244645e9.9.2024.07.16.22.03.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:03:34 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Michael Roth , =?utf-8?q?Daniel_P_=2E_Berrang?= =?utf-8?q?=C3=A9?= , kvm@vger.kernel.org Subject: [PULL 01/20] i386/sev: Don't allow automatic fallback to legacy KVM_SEV*_INIT Date: Wed, 17 Jul 2024 07:03:11 +0200 Message-ID: <20240717050331.295371-2-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.133.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Michael Roth Currently if the 'legacy-vm-type' property of the sev-guest object is 'on', QEMU will attempt to use the newer KVM_SEV_INIT2 kernel interface in conjunction with the newer KVM_X86_SEV_VM and KVM_X86_SEV_ES_VM KVM VM types. This can lead to measurement changes if, for instance, an SEV guest was created on a host that originally had an older kernel that didn't support KVM_SEV_INIT2, but is booted on the same host later on after the host kernel was upgraded. Instead, if legacy-vm-type is 'off', QEMU should fail if the KVM_SEV_INIT2 interface is not provided by the current host kernel. Modify the fallback handling accordingly. In the future, VMSA features and other flags might be added to QEMU which will require legacy-vm-type to be 'off' because they will rely on the newer KVM_SEV_INIT2 interface. It may be difficult to convey to users what values of legacy-vm-type are compatible with which features/options, so as part of this rework, switch legacy-vm-type to a tri-state OnOffAuto option. 'auto' in this case will automatically switch to using the newer KVM_SEV_INIT2, but only if it is required to make use of new VMSA features or other options only available via KVM_SEV_INIT2. Defining 'auto' in this way would avoid inadvertantly breaking compatibility with older kernels since it would only be used in cases where users opt into newer features that are only available via KVM_SEV_INIT2 and newer kernels, and provide better default behavior than the legacy-vm-type=off behavior that was previously in place, so make it the default for 9.1+ machine types. Cc: Daniel P. Berrangé Cc: Paolo Bonzini cc: kvm@vger.kernel.org Signed-off-by: Michael Roth Reviewed-by: Daniel P. Berrangé Link: https://lore.kernel.org/r/20240710041005.83720-1-michael.roth@amd.com Signed-off-by: Paolo Bonzini --- qapi/qom.json | 18 ++++++---- hw/i386/pc.c | 2 +- target/i386/sev.c | 87 +++++++++++++++++++++++++++++++++++++++-------- 3 files changed, 84 insertions(+), 23 deletions(-) diff --git a/qapi/qom.json b/qapi/qom.json index 8e75a419c30..7eccd2e14e2 100644 --- a/qapi/qom.json +++ b/qapi/qom.json @@ -924,12 +924,16 @@ # @handle: SEV firmware handle (default: 0) # # @legacy-vm-type: Use legacy KVM_SEV_INIT KVM interface for creating the VM. -# The newer KVM_SEV_INIT2 interface syncs additional vCPU -# state when initializing the VMSA structures, which will -# result in a different guest measurement. Set this to -# maintain compatibility with older QEMU or kernel versions -# that rely on legacy KVM_SEV_INIT behavior. -# (default: false) (since 9.1) +# The newer KVM_SEV_INIT2 interface, from Linux >= 6.10, syncs +# additional vCPU state when initializing the VMSA structures, +# which will result in a different guest measurement. Set +# this to 'on' to force compatibility with older QEMU or kernel +# versions that rely on legacy KVM_SEV_INIT behavior. 'auto' +# will behave identically to 'on', but will automatically +# switch to using KVM_SEV_INIT2 if the user specifies any +# additional options that require it. If set to 'off', QEMU +# will require KVM_SEV_INIT2 unconditionally. +# (default: off) (since 9.1) # # Since: 2.12 ## @@ -939,7 +943,7 @@ '*session-file': 'str', '*policy': 'uint32', '*handle': 'uint32', - '*legacy-vm-type': 'bool' } } + '*legacy-vm-type': 'OnOffAuto' } } ## # @SevSnpGuestProperties: diff --git a/hw/i386/pc.c b/hw/i386/pc.c index 4fbc5774708..c74931d577a 100644 --- a/hw/i386/pc.c +++ b/hw/i386/pc.c @@ -83,7 +83,7 @@ GlobalProperty pc_compat_9_0[] = { { TYPE_X86_CPU, "x-amd-topoext-features-only", "false" }, { TYPE_X86_CPU, "x-l1-cache-per-thread", "false" }, { TYPE_X86_CPU, "guest-phys-bits", "0" }, - { "sev-guest", "legacy-vm-type", "true" }, + { "sev-guest", "legacy-vm-type", "on" }, { TYPE_X86_CPU, "legacy-multi-node", "on" }, }; const size_t pc_compat_9_0_len = G_N_ELEMENTS(pc_compat_9_0); diff --git a/target/i386/sev.c b/target/i386/sev.c index 2ba5f517228..a1157c0ede6 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -144,7 +144,7 @@ struct SevGuestState { uint32_t policy; char *dh_cert_file; char *session_file; - bool legacy_vm_type; + OnOffAuto legacy_vm_type; }; struct SevSnpGuestState { @@ -1369,6 +1369,17 @@ sev_vm_state_change(void *opaque, bool running, RunState state) } } +/* + * This helper is to examine sev-guest properties and determine if any options + * have been set which rely on the newer KVM_SEV_INIT2 interface and associated + * KVM VM types. + */ +static bool sev_init2_required(SevGuestState *sev_guest) +{ + /* Currently no KVM_SEV_INIT2-specific options are exposed via QEMU */ + return false; +} + static int sev_kvm_type(X86ConfidentialGuest *cg) { SevCommonState *sev_common = SEV_COMMON(cg); @@ -1379,14 +1390,39 @@ static int sev_kvm_type(X86ConfidentialGuest *cg) goto out; } - kvm_type = (sev_guest->policy & SEV_POLICY_ES) ? - KVM_X86_SEV_ES_VM : KVM_X86_SEV_VM; - if (kvm_is_vm_type_supported(kvm_type) && !sev_guest->legacy_vm_type) { - sev_common->kvm_type = kvm_type; - } else { + /* These are the only cases where legacy VM types can be used. */ + if (sev_guest->legacy_vm_type == ON_OFF_AUTO_ON || + (sev_guest->legacy_vm_type == ON_OFF_AUTO_AUTO && + !sev_init2_required(sev_guest))) { sev_common->kvm_type = KVM_X86_DEFAULT_VM; + goto out; } + /* + * Newer VM types are required, either explicitly via legacy-vm-type=on, or + * implicitly via legacy-vm-type=auto along with additional sev-guest + * properties that require the newer VM types. + */ + kvm_type = (sev_guest->policy & SEV_POLICY_ES) ? + KVM_X86_SEV_ES_VM : KVM_X86_SEV_VM; + if (!kvm_is_vm_type_supported(kvm_type)) { + if (sev_guest->legacy_vm_type == ON_OFF_AUTO_AUTO) { + error_report("SEV: host kernel does not support requested %s VM type, which is required " + "for the set of options specified. To allow use of the legacy " + "KVM_X86_DEFAULT_VM VM type, please disable any options that are not " + "compatible with the legacy VM type, or upgrade your kernel.", + kvm_type == KVM_X86_SEV_VM ? "KVM_X86_SEV_VM" : "KVM_X86_SEV_ES_VM"); + } else { + error_report("SEV: host kernel does not support requested %s VM type. To allow use of " + "the legacy KVM_X86_DEFAULT_VM VM type, the 'legacy-vm-type' argument " + "must be set to 'on' or 'auto' for the sev-guest object.", + kvm_type == KVM_X86_SEV_VM ? "KVM_X86_SEV_VM" : "KVM_X86_SEV_ES_VM"); + } + + return -1; + } + + sev_common->kvm_type = kvm_type; out: return sev_common->kvm_type; } @@ -1477,14 +1513,24 @@ static int sev_common_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) } trace_kvm_sev_init(); - if (x86_klass->kvm_type(X86_CONFIDENTIAL_GUEST(sev_common)) == KVM_X86_DEFAULT_VM) { + switch (x86_klass->kvm_type(X86_CONFIDENTIAL_GUEST(sev_common))) { + case KVM_X86_DEFAULT_VM: cmd = sev_es_enabled() ? KVM_SEV_ES_INIT : KVM_SEV_INIT; ret = sev_ioctl(sev_common->sev_fd, cmd, NULL, &fw_error); - } else { + break; + case KVM_X86_SEV_VM: + case KVM_X86_SEV_ES_VM: + case KVM_X86_SNP_VM: { struct kvm_sev_init args = { 0 }; ret = sev_ioctl(sev_common->sev_fd, KVM_SEV_INIT2, &args, &fw_error); + break; + } + default: + error_setg(errp, "%s: host kernel does not support the requested SEV configuration.", + __func__); + return -1; } if (ret) { @@ -2074,14 +2120,23 @@ sev_guest_set_session_file(Object *obj, const char *value, Error **errp) SEV_GUEST(obj)->session_file = g_strdup(value); } -static bool sev_guest_get_legacy_vm_type(Object *obj, Error **errp) +static void sev_guest_get_legacy_vm_type(Object *obj, Visitor *v, + const char *name, void *opaque, + Error **errp) { - return SEV_GUEST(obj)->legacy_vm_type; + SevGuestState *sev_guest = SEV_GUEST(obj); + OnOffAuto legacy_vm_type = sev_guest->legacy_vm_type; + + visit_type_OnOffAuto(v, name, &legacy_vm_type, errp); } -static void sev_guest_set_legacy_vm_type(Object *obj, bool value, Error **errp) +static void sev_guest_set_legacy_vm_type(Object *obj, Visitor *v, + const char *name, void *opaque, + Error **errp) { - SEV_GUEST(obj)->legacy_vm_type = value; + SevGuestState *sev_guest = SEV_GUEST(obj); + + visit_type_OnOffAuto(v, name, &sev_guest->legacy_vm_type, errp); } static void @@ -2107,9 +2162,9 @@ sev_guest_class_init(ObjectClass *oc, void *data) sev_guest_set_session_file); object_class_property_set_description(oc, "session-file", "guest owners session parameters (encoded with base64)"); - object_class_property_add_bool(oc, "legacy-vm-type", - sev_guest_get_legacy_vm_type, - sev_guest_set_legacy_vm_type); + object_class_property_add(oc, "legacy-vm-type", "OnOffAuto", + sev_guest_get_legacy_vm_type, + sev_guest_set_legacy_vm_type, NULL, NULL); object_class_property_set_description(oc, "legacy-vm-type", "use legacy VM type to maintain measurement compatibility with older QEMU or kernel versions."); } @@ -2125,6 +2180,8 @@ sev_guest_instance_init(Object *obj) object_property_add_uint32_ptr(obj, "policy", &sev_guest->policy, OBJ_PROP_FLAG_READWRITE); object_apply_compat_props(obj); + + sev_guest->legacy_vm_type = ON_OFF_AUTO_AUTO; } /* guest info specific sev/sev-es */ From patchwork Wed Jul 17 05:03:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735082 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 560E3C3DA60 for ; Wed, 17 Jul 2024 05:07:36 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwpT-0000Pk-6Q; Wed, 17 Jul 2024 01:03:51 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpO-000081-Rn for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:03:47 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpM-0001wv-0w for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:03:46 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192622; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=JU35dLNvZmB9zyjiP8aa02bKtvhRGQs0KzD05llqlsY=; b=hv1ixv7JLwupuW26e/utQSPHBoHWs04nUmArg/fykullZtPBcO5O1i03hXdgirBD7sgUMJ IYHptZNzocAC8g3yI/X4TCBgw4xzTnnlIpBMXb/Lhoq+CAacN+NhXbbm2jcV6wtsprHhl4 wz+gGX79M+RtHqby0lA7s6/kY6PUOGE= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-65-A1ewqb39MnK3xHsdIYiHbw-1; Wed, 17 Jul 2024 01:03:39 -0400 X-MC-Unique: A1ewqb39MnK3xHsdIYiHbw-1 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-4279837c024so45114005e9.2 for ; Tue, 16 Jul 2024 22:03:39 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192618; x=1721797418; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JU35dLNvZmB9zyjiP8aa02bKtvhRGQs0KzD05llqlsY=; b=vuX7RDskpZQSnEZszSfffFFm302xdYwkeSvObObrShMtEgg+djN9r2f7BmPMwL0Wlh XODCjN6MTnQKX1zgDxTO+BIu5RXVvns0iq5Oymd7rfIri91pectfQnPkJKki5f0igjzT Onoupsya/CW79tvuLkemsjkzJa/dr7QB9AnEVD2+9iAXeYtDJcLdFpvN/XuMrebfe02h nGS+J/8biCb3RUc03JkGwYTRCEJ0jmgXeTrzMlX36Daf/g3FXeTiy2CLkCB5xAt1OIly mjtDw5LPPVfzoWCfz30KLI1km+q4urXj7ASydcvuSgSceNof4ZOoD7kBgVWYxk+K/ULF mo4Q== X-Gm-Message-State: AOJu0YytuPtVsdJE2tUtaO3NDVDYmk2g8cLeKytF8FuzAIvDL8HvTH3J Z0U9VgP1lgv8hcJTNe01foJSy2mBRvKOh54uCbW6X+j5MDVd+7cWV9DAZEdlNeDLnXzJ5klvefD +L8oDTPmC15jpw9u+dhgzQiBlJ8rOtHqqT7xOefvgJIfEcYIkOSGtH9lLWs4XKUIo5JjPKk4JAl WeKKfeBW2esj3K6GC6x1KrU5JAIv6WXfiA6EgO X-Received: by 2002:a05:600c:4e92:b0:426:6388:d59f with SMTP id 5b1f17b1804b1-427c2cadf1emr3306475e9.1.1721192618144; Tue, 16 Jul 2024 22:03:38 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHVT6zbwClVl+Iqr5cWcyx85w3o+8Wvh1FDT0tZOUXOTkXjRfqRL1TjpWo29ss80g4efIHDyA== X-Received: by 2002:a05:600c:4e92:b0:426:6388:d59f with SMTP id 5b1f17b1804b1-427c2cadf1emr3306345e9.1.1721192617770; Tue, 16 Jul 2024 22:03:37 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4279f2cc244sm186903535e9.37.2024.07.16.22.03.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:03:36 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Sergey Dyasli Subject: [PULL 02/20] Revert "qemu-char: do not operate on sources from finalize callbacks" Date: Wed, 17 Jul 2024 07:03:12 +0200 Message-ID: <20240717050331.295371-3-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Sergey Dyasli This reverts commit 2b316774f60291f57ca9ecb6a9f0712c532cae34. After 038b4217884c ("Revert "chardev: use a child source for qio input source"") we've been observing the "iwp->src == NULL" assertion triggering periodically during the initial capabilities querying by libvirtd. One of possible backtraces: Thread 1 (Thread 0x7f16cd4f0700 (LWP 43858)): 0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 1 0x00007f16c6c21e65 in __GI_abort () at abort.c:79 2 0x00007f16c6c21d39 in __assert_fail_base at assert.c:92 3 0x00007f16c6c46e86 in __GI___assert_fail (assertion=assertion@entry=0x562e9bcdaadd "iwp->src == NULL", file=file@entry=0x562e9bcdaac8 "../chardev/char-io.c", line=line@entry=99, function=function@entry=0x562e9bcdab10 <__PRETTY_FUNCTION__.20549> "io_watch_poll_finalize") at assert.c:101 4 0x0000562e9ba20c2c in io_watch_poll_finalize (source=) at ../chardev/char-io.c:99 5 io_watch_poll_finalize (source=) at ../chardev/char-io.c:88 6 0x00007f16c904aae0 in g_source_unref_internal () from /lib64/libglib-2.0.so.0 7 0x00007f16c904baf9 in g_source_destroy_internal () from /lib64/libglib-2.0.so.0 8 0x0000562e9ba20db0 in io_remove_watch_poll (source=0x562e9d6720b0) at ../chardev/char-io.c:147 9 remove_fd_in_watch (chr=chr@entry=0x562e9d5f3800) at ../chardev/char-io.c:153 10 0x0000562e9ba23ffb in update_ioc_handlers (s=0x562e9d5f3800) at ../chardev/char-socket.c:592 11 0x0000562e9ba2072f in qemu_chr_fe_set_handlers_full at ../chardev/char-fe.c:279 12 0x0000562e9ba207a9 in qemu_chr_fe_set_handlers at ../chardev/char-fe.c:304 13 0x0000562e9ba2ca75 in monitor_qmp_setup_handlers_bh (opaque=0x562e9d4c2c60) at ../monitor/qmp.c:509 14 0x0000562e9bb6222e in aio_bh_poll (ctx=ctx@entry=0x562e9d4c2f20) at ../util/async.c:216 15 0x0000562e9bb4de0a in aio_poll (ctx=0x562e9d4c2f20, blocking=blocking@entry=true) at ../util/aio-posix.c:722 16 0x0000562e9b99dfaa in iothread_run (opaque=0x562e9d4c26f0) at ../iothread.c:63 17 0x0000562e9bb505a4 in qemu_thread_start (args=0x562e9d4c7ea0) at ../util/qemu-thread-posix.c:543 18 0x00007f16c70081ca in start_thread (arg=) at pthread_create.c:479 19 0x00007f16c6c398d3 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 io_remove_watch_poll(), which makes sure that iwp->src is NULL, calls g_source_destroy() which finds that iwp->src is not NULL in the finalize callback. This can only happen if another thread has managed to trigger io_watch_poll_prepare() callback in the meantime. Move iwp->src destruction back to the finalize callback to prevent the described race, and also remove the stale comment. The deadlock glib bug was fixed back in 2010 by b35820285668 ("gmain: move finalization of GSource outside of context lock"). Suggested-by: Paolo Bonzini Signed-off-by: Sergey Dyasli Link: https://lore.kernel.org/r/20240712092659.216206-1-sergey.dyasli@nutanix.com Signed-off-by: Paolo Bonzini --- chardev/char-io.c | 19 +++++-------------- 1 file changed, 5 insertions(+), 14 deletions(-) diff --git a/chardev/char-io.c b/chardev/char-io.c index dab77b112e3..3be17b51ca5 100644 --- a/chardev/char-io.c +++ b/chardev/char-io.c @@ -87,16 +87,12 @@ static gboolean io_watch_poll_dispatch(GSource *source, GSourceFunc callback, static void io_watch_poll_finalize(GSource *source) { - /* - * Due to a glib bug, removing the last reference to a source - * inside a finalize callback causes recursive locking (and a - * deadlock). This is not a problem inside other callbacks, - * including dispatch callbacks, so we call io_remove_watch_poll - * to remove this source. At this point, iwp->src must - * be NULL, or we would leak it. - */ IOWatchPoll *iwp = io_watch_poll_from_source(source); - assert(iwp->src == NULL); + if (iwp->src) { + g_source_destroy(iwp->src); + g_source_unref(iwp->src); + iwp->src = NULL; + } } static GSourceFuncs io_watch_poll_funcs = { @@ -139,11 +135,6 @@ static void io_remove_watch_poll(GSource *source) IOWatchPoll *iwp; iwp = io_watch_poll_from_source(source); - if (iwp->src) { - g_source_destroy(iwp->src); - g_source_unref(iwp->src); - iwp->src = NULL; - } g_source_destroy(&iwp->parent); } From patchwork Wed Jul 17 05:03:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735076 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C8A48C3DA4B for ; Wed, 17 Jul 2024 05:07:05 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwpR-0000HI-CT; Wed, 17 Jul 2024 01:03:49 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpO-00007w-RD for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:03:47 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpM-0001xK-Lu for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:03:46 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192624; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=6DP8/Gbiiia96Dtq1DrYBPLXdImupj3svM1Xar5lzxE=; b=SCCX3BpYfSVeHriXteyEiYT5ZPX8TCFGVun4GmJHLdQnmYnQ5lA34efmEvVa4k+1Je0oCi a9vBv83hC53PfnXD1xt3IZzYHVwuIx9Yl7/kU5CoX4ML6pC+zq48n/LeW8u3bSDFSDqA3D bSQ0HFkKgILBYZeUTIqy8s77Zr/pdzQ= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-292-gi9Z7OvqP0GSD3Fr7gqB-Q-1; Wed, 17 Jul 2024 01:03:42 -0400 X-MC-Unique: gi9Z7OvqP0GSD3Fr7gqB-Q-1 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-42725ec6e0aso47708995e9.0 for ; Tue, 16 Jul 2024 22:03:41 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192620; x=1721797420; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6DP8/Gbiiia96Dtq1DrYBPLXdImupj3svM1Xar5lzxE=; b=oNiozwut12p6qGQnDJkmuowfehc9jh/ZeGbXFqfJ6dE8XL1D2KfHBz5/JdCCx4Mo1+ CmuWqQ0+b4GZ347lgVYEUwQEll4iMOLLk5TEGU52zYvJppqj10ylMbOgG3UlZde4rXfQ s+0sqAHxo2pyRRcdkrRWhNHqIPeja4Lk26vNQACHjSqcwvt1TzHaNwPOHGNhAJjfxC9e Gf09VsmUNt6gTaxPyZ5E8dGko0yTNfvYiYlwTwZH6zr6kmie5PoeJ7Ac7MrmyvIXJX5Z wiDTynJL1pwR4Wzkkg3RYQ4V7epn2uJbnCJ7SvkF0/x23mDVmzXJlPCdTP9wC4ltPkBt 1fxg== X-Gm-Message-State: AOJu0Ywt8UZsEG2qjcjMDf6ll8sSsJhYbEoF303OyA3usF36QlmdYpSt VwnWrbkDoK8fmBbB3xl0yh82V+19aLU3g4uXQYzWe9G15bjET9wvKpLp2qnMp2Tt3lMaQWP8cc+ uspR4Xpimnz0+JKy+wTpdI8DCUOhJW3TPGja/YhOROpB+mgF2cDmvDnGFLDRqJU4EYKixfQe6Qk vGq20+lr+Xo0SloeYO2HXPys7SwJTDBHy8Gr4n X-Received: by 2002:a05:600c:1987:b0:426:5b3a:96c with SMTP id 5b1f17b1804b1-427c2cfc334mr3323235e9.28.1721192620525; Tue, 16 Jul 2024 22:03:40 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEF/oCM6jxb6rD3crbjRpBOTyWrpR70yo1vgX4+r3JV8L3Z/ZOLhd3dKmUMKZmxq4oiMEGoeA== X-Received: by 2002:a05:600c:1987:b0:426:5b3a:96c with SMTP id 5b1f17b1804b1-427c2cfc334mr3323075e9.28.1721192620130; Tue, 16 Jul 2024 22:03:40 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-427a5edb525sm153459715e9.34.2024.07.16.22.03.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:03:38 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Akihiko Odaki Subject: [PULL 03/20] cpu: Free queued CPU work Date: Wed, 17 Jul 2024 07:03:13 +0200 Message-ID: <20240717050331.295371-4-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.133.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Akihiko Odaki Running qemu-system-aarch64 -M virt -nographic and terminating it will result in a LeakSanitizer error due to remaining queued CPU work so free it. Signed-off-by: Akihiko Odaki Link: https://lore.kernel.org/r/20240714-cpu-v1-1-19c2f8de2055@daynix.com Signed-off-by: Paolo Bonzini --- include/hw/core/cpu.h | 6 ++++++ cpu-common.c | 11 +++++++++++ hw/core/cpu-common.c | 1 + 3 files changed, 18 insertions(+) diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h index a2c8536943f..8e6466c1dda 100644 --- a/include/hw/core/cpu.h +++ b/include/hw/core/cpu.h @@ -1000,6 +1000,12 @@ void cpu_resume(CPUState *cpu); */ void cpu_remove_sync(CPUState *cpu); +/** + * free_queued_cpu_work() - free all items on CPU work queue + * @cpu: The CPU which work queue to free. + */ +void free_queued_cpu_work(CPUState *cpu); + /** * process_queued_cpu_work() - process all items on CPU work queue * @cpu: The CPU which work queue to process. diff --git a/cpu-common.c b/cpu-common.c index ce78273af59..7ae136f98ca 100644 --- a/cpu-common.c +++ b/cpu-common.c @@ -331,6 +331,17 @@ void async_safe_run_on_cpu(CPUState *cpu, run_on_cpu_func func, queue_work_on_cpu(cpu, wi); } +void free_queued_cpu_work(CPUState *cpu) +{ + while (!QSIMPLEQ_EMPTY(&cpu->work_list)) { + struct qemu_work_item *wi = QSIMPLEQ_FIRST(&cpu->work_list); + QSIMPLEQ_REMOVE_HEAD(&cpu->work_list, node); + if (wi->free) { + g_free(wi); + } + } +} + void process_queued_cpu_work(CPUState *cpu) { struct qemu_work_item *wi; diff --git a/hw/core/cpu-common.c b/hw/core/cpu-common.c index b19e1fdacf2..d2e3e4570ab 100644 --- a/hw/core/cpu-common.c +++ b/hw/core/cpu-common.c @@ -281,6 +281,7 @@ static void cpu_common_finalize(Object *obj) g_free(cpu->plugin_state); } #endif + free_queued_cpu_work(cpu); g_array_free(cpu->gdb_regs, TRUE); qemu_lockcnt_destroy(&cpu->in_ioctl_lock); qemu_mutex_destroy(&cpu->work_mutex); From patchwork Wed Jul 17 05:03:14 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735074 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 73BE2C3DA60 for ; Wed, 17 Jul 2024 05:07:02 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwpT-0000S1-Pf; Wed, 17 Jul 2024 01:03:51 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpS-0000L3-2Y for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:03:50 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpP-0001xc-1w for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:03:49 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192626; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=MiZsDxj20LLlzrMi2/7wvwlwKsAWITaw1ARYKEIkALs=; b=aMIBozwBpoMPiQWyEx0xcxOQo/5N40J66hk1hNt43FIlC9eP9bGhxBHl15cKxZ7FRKvplv R3hItdq4nwGjZL8vI3d8vuzrECxwxAna4vQSU0qeHJQd87EV6w7ua3oMDjiriPbxVUS7mI GAyiJZGJzcDz1rlGmfaquvQT6hvQpw0= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-349-aq3PH_YnPIaxNUUrl5YLLA-1; Wed, 17 Jul 2024 01:03:44 -0400 X-MC-Unique: aq3PH_YnPIaxNUUrl5YLLA-1 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-36835f6ebdcso75958f8f.1 for ; Tue, 16 Jul 2024 22:03:44 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192622; x=1721797422; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MiZsDxj20LLlzrMi2/7wvwlwKsAWITaw1ARYKEIkALs=; b=G8dlro5P8aNg9upNtpPwzDgZ8KIBJMDXBI0irVI/inlE3NE6rPYtc+yetgiDTqLdtv MP3r2KrvCwwf9tiNeOrQp1ltHckIok+Wix67/6zBBDXH1bRZ27kyNwFa/EorjIi0ivoW Q6pVTvKQVj+9AnO+OCyQLxVC0OEcrtg7UMLdnDJ9jjTl46m3U/xvASft7Gy1J2eVOqrN P0qsI4PXS112ndVAtxd+AWYfOS5qfZbb06iqBF2hmDHDn4WvVWpZfqEmG4xcudnP2Fdo /c7FlNRq5DMU/RpzcejlKIEvhWWge6iTYnAuwFCBVUueSlWlPzeSbcThRcuyEjsELlh4 QGkQ== X-Gm-Message-State: AOJu0Yw5GwOs6YPr9LYrMhxEAgIW5PlMHcEJHn0Whp/3SevU5JmCltkr GAwtiaXp84UvsAIhui+um9Kq9aUFRRrVzlE/kRFFxkuHQH8T1yvbjtqgMY4h5VxeQoWpdQJNgLm 2yTbwUnsIXWo3yvH9cHjS1pw7Gd5DyPQfAehbHcgS7u8aeFlHphYlUK7idTTG8sl3SfGOS+tB4F p+XEtrbaozctOGuYglIFj18xejA75c4zX0yBat X-Received: by 2002:a5d:526b:0:b0:367:9522:5e70 with SMTP id ffacd0b85a97d-3683170e342mr428168f8f.52.1721192622671; Tue, 16 Jul 2024 22:03:42 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGg+xzseiguqIS0pY0p8S+8AYayez7L3kuE7gxLZP5LYWbQArHCdhyVRIp3UTLQEtD/M6nJcQ== X-Received: by 2002:a5d:526b:0:b0:367:9522:5e70 with SMTP id ffacd0b85a97d-3683170e342mr428153f8f.52.1721192622352; Tue, 16 Jul 2024 22:03:42 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3680dabf539sm10677999f8f.47.2024.07.16.22.03.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:03:40 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Gustavo Romero , Peter Maydell , Richard Henderson Subject: [PULL 04/20] disas: Fix build against Capstone v6 Date: Wed, 17 Jul 2024 07:03:14 +0200 Message-ID: <20240717050331.295371-5-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Gustavo Romero Capstone v6 made major changes, such as renaming for AArch64, which broke programs using the old headers, like QEMU. However, Capstone v6 provides the CAPSTONE_AARCH64_COMPAT_HEADER compatibility definition allowing to build against v6 with the old definitions, so fix the QEMU build using it. We can lift that definition and switch to the new naming once our supported distros have Capstone v6 in place. Signed-off-by: Gustavo Romero Suggested-by: Peter Maydell Reviewed-by: Richard Henderson Link: https://lore.kernel.org/r/20240715213943.1210355-1-gustavo.romero@linaro.org Signed-off-by: Paolo Bonzini --- include/disas/capstone.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/disas/capstone.h b/include/disas/capstone.h index e29068dd977..a11985151d3 100644 --- a/include/disas/capstone.h +++ b/include/disas/capstone.h @@ -3,6 +3,7 @@ #ifdef CONFIG_CAPSTONE +#define CAPSTONE_AARCH64_COMPAT_HEADER #include #else From patchwork Wed Jul 17 05:03:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735063 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 08092C3DA4B for ; Wed, 17 Jul 2024 05:04:52 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwph-0001Ea-8l; Wed, 17 Jul 2024 01:04:05 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpb-0000xU-KX for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:00 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpa-0001yy-0V for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:03:59 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192636; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=SfnYhM6E2CaFv2IA7/dxTNaC2rVmX5k5keNeCLuDmSs=; b=Q8Nk3EJIgWkndoibj46kb10Mrb9aGYGmKIQgH474UCQB4+8mFFhT94buQMw1sMOYRLSuUt Us7o+n4BgmUEEz5ax+106PiCY2P2G0YLDyJpwZ97gx96JCgOVptDLRL0ujtSBYthUoL8dc 0QCslazswFYQVQ0UGp2mf6erGYVyS94= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-211-BGfExDs_N56xH3b5PYyICQ-1; Wed, 17 Jul 2024 01:03:46 -0400 X-MC-Unique: BGfExDs_N56xH3b5PYyICQ-1 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-42668796626so45404245e9.0 for ; Tue, 16 Jul 2024 22:03:46 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192625; x=1721797425; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=SfnYhM6E2CaFv2IA7/dxTNaC2rVmX5k5keNeCLuDmSs=; b=KYMIFV7lh+nsjftSIrgY4Y5qpFSVAv5lwe1Vevc118CBtA2zA+J/TvsfiA9nc4UmBC WpoT4VF52AfiT5DYMEsPzjgJe//QpMQqDLgpXJO2rDYqHKGuUAGHymXxOjui+7qNnJPL p0eeqZbNup4J+eh6f6u/Bj+v2VZj1ST+6YHcPp30o9fJLczmSUCvGmj8JqOwbwL9YPKA /Tu085hsVDkC+JI+7qsuigsNBEM+E3PqazxCRBlZBh5OU2zjbAMlwxFscWK5Kf1FXcr2 iz6xM9usJsPN/cbIR5oamQzmKYmU61LJgqJyh6d8oP4JENEXBCC8/13xxK+ljZYBahCP /9cg== X-Gm-Message-State: AOJu0YwAhned4DkP4M/d2jyjExW1pQWMw3452AC8zcFM1NZBx3PH2bqV Ds4Pr8YH29vHYogKZ9YJzcq8WnMq5J9/k0ZSyDjJUs/UJYPPBF1MHBwZGLbbwnOn+CCpvq9UwPQ K/6AaABMZD6/GY6jmzTgtPA8/3AXgLKGqkxUVn8fJl/kvuNeWTW7bTMESWYGxrObRIq83KkAyno iKbwQJS2wVOKIbBPZudpFd211Og3k8jCZp7CT+ X-Received: by 2002:a05:600c:450c:b0:426:6099:6ea4 with SMTP id 5b1f17b1804b1-427c2d0d87cmr3203045e9.38.1721192624784; Tue, 16 Jul 2024 22:03:44 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF61v6pCOFB0Fv03dXNsIYoawym27UDJ/1D/Wj6PTCRKBu0WrCfQj1M8LDz5ZuRKp5upW0CTQ== X-Received: by 2002:a05:600c:450c:b0:426:6099:6ea4 with SMTP id 5b1f17b1804b1-427c2d0d87cmr3202885e9.38.1721192624346; Tue, 16 Jul 2024 22:03:44 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-427a8799e7esm143550615e9.18.2024.07.16.22.03.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:03:43 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Fiona Ebner , qemu-stable@nongnu.org, Sven Schnelle Subject: [PULL 05/20] hw/scsi/lsi53c895a: bump instruction limit in scripts processing to fix regression Date: Wed, 17 Jul 2024 07:03:15 +0200 Message-ID: <20240717050331.295371-6-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Fiona Ebner Commit 9876359990 ("hw/scsi/lsi53c895a: add timer to scripts processing") reduced the maximum allowed instruction count by a factor of 100 all the way down to 100. This causes the "Check Point R81.20 Gaia" appliance [0] to fail to boot after fully finishing the installation via the appliance's web interface (there is already one reboot before that). With a limit of 150, the appliance still fails to boot, while with a limit of 200, it works. Bump to 500 to fix the regression and be on the safe side. Originally reported in the Proxmox community forum[1]. [0]: https://support.checkpoint.com/results/download/124397 [1]: https://forum.proxmox.com/threads/149772/post-683459 Cc: qemu-stable@nongnu.org Fixes: 9876359990 ("hw/scsi/lsi53c895a: add timer to scripts processing") Signed-off-by: Fiona Ebner Acked-by: Sven Schnelle Link: https://lore.kernel.org/r/20240715131403.223239-1-f.ebner@proxmox.com Signed-off-by: Paolo Bonzini --- hw/scsi/lsi53c895a.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c index eb9828dd5ef..f1935e53280 100644 --- a/hw/scsi/lsi53c895a.c +++ b/hw/scsi/lsi53c895a.c @@ -188,7 +188,7 @@ static const char *names[] = { #define LSI_TAG_VALID (1 << 16) /* Maximum instructions to process. */ -#define LSI_MAX_INSN 100 +#define LSI_MAX_INSN 500 typedef struct lsi_request { SCSIRequest *req; From patchwork Wed Jul 17 05:03:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735070 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id F0452C3DA42 for ; Wed, 17 Jul 2024 05:05:44 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwpa-0000sv-Fy; Wed, 17 Jul 2024 01:03:58 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpY-0000jE-2D for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:03:56 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpW-0001yS-EC for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:03:55 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192633; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=GbnyQIMsldrG9/GwANRlbJs0iH4w8UnSheZCAFBdDoE=; b=CBU4h3dzFF7cqhW6f6t0CvKKGAv3JywHizmwgUyrOe2H/9K3sy9AlGti0Cp06YYidxgKjY 0sWRp2hrNJ8t/zPACDspvgXULy3PpviqkdUpORigmKi/l3eJqY4uQnGGTd2b26be4Uqh31 xwCD/YlvLmXCasQmKY7TAB9HyLOW4L0= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-668-ET2ZLuOsM1y5ttd8r602Yg-1; Wed, 17 Jul 2024 01:03:50 -0400 X-MC-Unique: ET2ZLuOsM1y5ttd8r602Yg-1 Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-4279418eb2bso41747965e9.1 for ; Tue, 16 Jul 2024 22:03:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192627; x=1721797427; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GbnyQIMsldrG9/GwANRlbJs0iH4w8UnSheZCAFBdDoE=; b=I+WwMfECV7APbjJu0pYHU5Nhec0I3q9iHd4boAr6uW4B9eCAF5LetVRkUzG4NH7LnO 2SmUmRODYDzreplxXq4Pf2HQk7oSPXRSKT339kQlHcxtMDuffkBJzn3lRyVfIQml3hYv MIdM74zjwvy+B/Vc/dJfjkkm2vMR7LFq/IyIFiGn6GayQHqAvqPdA9SA/zeQVyl1ib8A ImTYiSWWebMIzEobeAWiDQPetE23JKZd3xo7IQ+Skmsds8yIR4fzzRV2sCzPS81mzy3/ WXA3AWuEDsXRaTNnDb28gOSl9Rzn3K2C52EBfxt+7dbnpF/dVxSUMDsfneFUyegN8vlQ GT2Q== X-Gm-Message-State: AOJu0YxH1XmJDd7zHRwfk1qvMyv3Ezx7ZNIN0i8vIXbbhTe7vJ9BNmLA XqHiwsLEnxCccOIJOOaw2qiJS3NQc0MW6KgeNKjIQaN/7dWxJhjP6JtRqabyGr2ViZEIOBhGjqL pDwNxFpdTqoN65HbfLgj/gG4Rav8vLuQISjyT3dsYPxbZ6oPK4pkWFgYGPTJlZh8ve0nLMRCVZ/ 74qxWlzB630BU3+BOieUgV9feNLRdCqkpgEKi3 X-Received: by 2002:a05:600c:3152:b0:426:6e86:f82 with SMTP id 5b1f17b1804b1-427c2ce7bedmr3008375e9.22.1721192627752; Tue, 16 Jul 2024 22:03:47 -0700 (PDT) X-Google-Smtp-Source: AGHT+IErtDjsDt+sQrMXLLCQrLyGSe7EhKYsVbJMS7Ry+HQOCsJue6vDfyNpDRVB3jeSKfYXVC6/4w== X-Received: by 2002:a05:600c:3152:b0:426:6e86:f82 with SMTP id 5b1f17b1804b1-427c2ce7bedmr3008215e9.22.1721192627391; Tue, 16 Jul 2024 22:03:47 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3680db03900sm10649195f8f.92.2024.07.16.22.03.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:03:45 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Fiona Ebner , qemu-stable@nongnu.org, Kevin Wolf Subject: [PULL 06/20] scsi: fix regression and honor bootindex again for legacy drives Date: Wed, 17 Jul 2024 07:03:16 +0200 Message-ID: <20240717050331.295371-7-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.133.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Fiona Ebner Commit 3089637461 ("scsi: Don't ignore most usb-storage properties") removed the call to object_property_set_int() and thus the 'set' method for the bootindex property was also not called anymore. Here that method is device_set_bootindex() (as configured by scsi_dev_instance_init() -> device_add_bootindex_property()) which as a side effect registers the device via add_boot_device_path(). As reported by a downstream user [0], the bootindex property did not have the desired effect anymore for legacy drives. Fix the regression by explicitly calling the add_boot_device_path() function after checking that the bootindex is not yet used (to avoid add_boot_device_path() calling exit()). [0]: https://forum.proxmox.com/threads/149772/post-679433 Cc: qemu-stable@nongnu.org Fixes: 3089637461 ("scsi: Don't ignore most usb-storage properties") Suggested-by: Kevin Wolf Signed-off-by: Fiona Ebner Link: https://lore.kernel.org/r/20240710152529.1737407-1-f.ebner@proxmox.com Signed-off-by: Paolo Bonzini --- hw/scsi/scsi-bus.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c index 9e40b0c920b..53eff5dd3d6 100644 --- a/hw/scsi/scsi-bus.c +++ b/hw/scsi/scsi-bus.c @@ -384,6 +384,7 @@ SCSIDevice *scsi_bus_legacy_add_drive(SCSIBus *bus, BlockBackend *blk, DeviceState *dev; SCSIDevice *s; DriveInfo *dinfo; + Error *local_err = NULL; if (blk_is_sg(blk)) { driver = "scsi-generic"; @@ -403,6 +404,14 @@ SCSIDevice *scsi_bus_legacy_add_drive(SCSIBus *bus, BlockBackend *blk, s = SCSI_DEVICE(dev); s->conf = *conf; + check_boot_index(conf->bootindex, &local_err); + if (local_err) { + object_unparent(OBJECT(dev)); + error_propagate(errp, local_err); + return NULL; + } + add_boot_device_path(conf->bootindex, dev, NULL); + qdev_prop_set_uint32(dev, "scsi-id", unit); if (object_property_find(OBJECT(dev), "removable")) { qdev_prop_set_bit(dev, "removable", removable); From patchwork Wed Jul 17 05:03:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735078 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id DE3B0C3DA42 for ; Wed, 17 Jul 2024 05:07:34 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwpd-00013n-18; Wed, 17 Jul 2024 01:04:01 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpZ-0000q2-P4 for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:03:57 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpY-0001yp-9i for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:03:57 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192635; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=tYdvr4qiEpyG2gw0AyoyI4aNLrC174pqQVM5gsiHlBw=; b=IzruuN2XXRGFx0eOePFm1ijSGCWa9KfJPP5WaFrA4VgMKl8Z5XO4HNSSO9v37fo5b7cZxv CVvwXnTYf7BTjX64JNM0yAg/qN7px9SENXigPBGbcfeqxVZVe2xod8znf8v02tB/vSFPWR P32G1V/DQPvBs0B9h4C6zIE4BMrra/M= Received: from mail-lj1-f199.google.com (mail-lj1-f199.google.com [209.85.208.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-152-DboOiFK8NV28eycv0kemmQ-1; Wed, 17 Jul 2024 01:03:53 -0400 X-MC-Unique: DboOiFK8NV28eycv0kemmQ-1 Received: by mail-lj1-f199.google.com with SMTP id 38308e7fff4ca-2ee97349a5fso63506931fa.3 for ; Tue, 16 Jul 2024 22:03:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192632; x=1721797432; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tYdvr4qiEpyG2gw0AyoyI4aNLrC174pqQVM5gsiHlBw=; b=Y/x0keQbNDqFxHfs4ScYvxeFjhl7qPjUkzpRi3zP6qc5M+kQxNJIIz8FswScdC7Lhc MpM0VOiDcOL3vewCeWvGpMDUIb8ILCjG9FXOIJZ0lvAo87EcboAshamZfueWt9f8Fu14 FWcJBTcxg7In2lZsUC+0qgRTlRhaZEwQ82AbfCg62L5QWp1aCu8LstopJYLzGi0JnJK3 u2ksDTKGkKiVwz37/D/t0Nl1kXYKN5M+zYr3W7w420MYzHlK9rqxAA9NYlhNkhMzevNv ceI6h6pECEFr+BrQHm4imwl/bXXfhT3jKGzSRrVmX7Xu3dKO8NZyGIwZCKIpRWxYs9bc 90Tg== X-Gm-Message-State: AOJu0YzLt1Htru1jQldXx6iIjQwhfjuAy5O/ALnbpxEVNZU6ogw8cZE0 rd7pGCGJlg3QUDLTeahopVIhYz8PfOP0lDHYJ+NMwwoo8x2GAbez0+FSvwPYwo/dYDk4XuDQXpN oyDeFcEFRAHh47EzWSf+nyn74Ru95HXIBgqvaopnCAezLOuF+j6UVmystiHK6FsXFHY1pPw3FN6 1QJ9k4LgKGp8GyMks0UaXBVXzL41ttwkI3dp13 X-Received: by 2002:a05:651c:1992:b0:2ec:565f:ef56 with SMTP id 38308e7fff4ca-2eefd04f491mr4406211fa.7.1721192631907; Tue, 16 Jul 2024 22:03:51 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFt/L5LAd88TY+69Z6aGmfcWsh8wIg3ukTbGNyw2A1QQPbyF0tR7GM1b7TQzBXdozVqmIDa9Q== X-Received: by 2002:a05:651c:1992:b0:2ec:565f:ef56 with SMTP id 38308e7fff4ca-2eefd04f491mr4406081fa.7.1721192631433; Tue, 16 Jul 2024 22:03:51 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-427a5edb525sm153463965e9.34.2024.07.16.22.03.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:03:48 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Song Gao Subject: [PULL 07/20] qemu/timer: Add host ticks function for LoongArch Date: Wed, 17 Jul 2024 07:03:17 +0200 Message-ID: <20240717050331.295371-8-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.133.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Song Gao Signed-off-by: Song Gao Link: https://lore.kernel.org/r/20240716031500.4193498-1-gaosong@loongson.cn Signed-off-by: Paolo Bonzini --- include/qemu/timer.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/include/qemu/timer.h b/include/qemu/timer.h index 5ce83c79112..fa56ec9481d 100644 --- a/include/qemu/timer.h +++ b/include/qemu/timer.h @@ -1016,6 +1016,15 @@ static inline int64_t cpu_get_host_ticks(void) return val; } +#elif defined(__loongarch64) +static inline int64_t cpu_get_host_ticks(void) +{ + uint64_t val; + + asm volatile("rdtime.d %0, $zero" : "=r"(val)); + return val; +} + #else /* The host CPU doesn't have an easily accessible cycle counter. Just return a monotonically increasing value. This will be From patchwork Wed Jul 17 05:03:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735069 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0A479C3DA42 for ; Wed, 17 Jul 2024 05:05:40 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwps-0001fp-BZ; Wed, 17 Jul 2024 01:04:18 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpj-0001Td-Fn for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:08 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpg-0001zn-Ao for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:05 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192642; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=6FjeY3lbHr8W1TqtDdS/6AWEH+6oPWgu9f9eGwYiFZw=; b=jISuEmpQ0xxM2EUuAAtYnuhOR8Hl1xywGtkqDpPY3oChNYY/A+EY6Z62FFVhVMQ7wpCb4c OEIZTba12dUpG/7ZeLTlUXJWJPILrsjR/1aVjbTY4bvdOm4EWprROsvhdI1xidZ8wdRguG RuTHbhFHseBrGibJ92Oio182gphbGxs= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-370--pp0sM_KMd2b-DFSkHgHdA-1; Wed, 17 Jul 2024 01:03:55 -0400 X-MC-Unique: -pp0sM_KMd2b-DFSkHgHdA-1 Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-42667cc80e8so45300295e9.2 for ; Tue, 16 Jul 2024 22:03:55 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192633; x=1721797433; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6FjeY3lbHr8W1TqtDdS/6AWEH+6oPWgu9f9eGwYiFZw=; b=AUlOklkiqUY1lXawuXC0yq2SPZiylVhxgGiquihSDtQAKUsHrxFBv06Za0GF5n7Nv7 8fnaYM3Zz6ujCEYVLEEnZeH+foEnowbJTLYal4j+OexgH7zlTfyjmr7W0b6kFuoZvlSj Vc6UUpwn6/UGap9N/r7CFtJx0dmLgGJuZSu2LNnSKhU94SjfvNNbbT210Be4vJigFqY/ dwnX4b9PfsrE/NZ7QVdY3rtZmToxX5H4zr75csNoNQ8TAXElZEhfdvSlagoffopKIghW ZmP693iOFtqQdW12OGg25vJk0OzWTe6XlVrRRJD03YzWDf9BevgRruTDbnjh/HFTetNA 3MUA== X-Gm-Message-State: AOJu0YxOCwVoPSFMQ2Xk747hPKg+N0CUQsdhqvnb6KI8SSkUsMV11uMy qTktqGDDKrrmTr6nbfSEt7wE3yBeNkTCvWmrlbiyjAWmw7bfvz/HokfceqdvW1pBqWftE+hMm/k NbZ09nRCzmv+MiNcKqCQIwGTp4fa1BauohqOD6NT++64MhrgV3PQN8bk2Ep4RhtJBOaowH81D2f BId1Oo3KyYbEzQM6fHKxV/8crwA8HU4uK9Gbqc X-Received: by 2002:a05:600c:1e83:b0:426:5dd0:a1ee with SMTP id 5b1f17b1804b1-427c2ca7be4mr3055295e9.2.1721192633515; Tue, 16 Jul 2024 22:03:53 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFvgbbMCEY6VL70OiL+pHbqocOx/rqpql070/K80aimw8zTVxTKG7nqY/nje/0wmGowlQTXOg== X-Received: by 2002:a05:600c:1e83:b0:426:5dd0:a1ee with SMTP id 5b1f17b1804b1-427c2ca7be4mr3055155e9.2.1721192633152; Tue, 16 Jul 2024 22:03:53 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3680db047c4sm10715755f8f.108.2024.07.16.22.03.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:03:52 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Boqiao Fu Subject: [PULL 08/20] docs: Update description of 'user=username' for '-run-with' Date: Wed, 17 Jul 2024 07:03:18 +0200 Message-ID: <20240717050331.295371-9-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.133.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Boqiao Fu The description of '-runas' and '-run-with' didn't explain that QEMU will use setuid/setgid to implement the option, so the user might get confused if using 'elevateprivileges=deny' as well. Since '-runas' is going to be deprecated and replaced by '-run-with' in the coming qemu9.1, add the message there. Signed-off-by: Boqiao Fu Link: https://lore.kernel.org/r/CAFRHJ6J9uMk+HMZL+W+KE1yoRCOLPgbPUVVDku55sdXYiGXXHg@mail.gmail.com Signed-off-by: Paolo Bonzini --- qemu-options.hx | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/qemu-options.hx b/qemu-options.hx index ad6521ef5e7..694fa37f284 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -5024,8 +5024,11 @@ SRST in combination with -runas. ``user=username`` or ``user=uid:gid`` can be used to drop root privileges - by switching to the specified user (via username) or user and group - (via uid:gid) immediately before starting guest execution. + before starting guest execution. QEMU will use the ``setuid`` and ``setgid`` + system calls to switch to the specified identity. Note that the + ``user=username`` syntax will also apply the full set of supplementary + groups for the user, whereas the ``user=uid:gid`` will use only the + ``gid`` group. ERST #endif From patchwork Wed Jul 17 05:03:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735068 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 346FCC3DA4B for ; Wed, 17 Jul 2024 05:05:40 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwpl-0001aT-8A; Wed, 17 Jul 2024 01:04:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpe-00018C-61 for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:03 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpc-0001za-IZ for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:01 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192639; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=aPrZh1EXv7kaFvhhCibNvYsmIuHRfgJwPxgiKZ4HtGI=; b=QdhLYf3BsTX8oN40LPCLZXlYgrajJz7yyKq9NOKztPy2eJZA9hSLnmW0IMMdlVRkyL9C3G cu5WKFtZ7bb8HU2w6xTbOlXgvzggjExx6F0V7TAPZm9uF872fNavKijTut8UUe54DwPgCX LF6mCB8W2uyfMw/uffUwEkrzCxUvgOw= Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-134-UUp-bLDJMx-2aD_3J_BOTQ-1; Wed, 17 Jul 2024 01:03:57 -0400 X-MC-Unique: UUp-bLDJMx-2aD_3J_BOTQ-1 Received: by mail-wr1-f69.google.com with SMTP id ffacd0b85a97d-367987e6ebcso4587321f8f.2 for ; Tue, 16 Jul 2024 22:03:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192635; x=1721797435; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=aPrZh1EXv7kaFvhhCibNvYsmIuHRfgJwPxgiKZ4HtGI=; b=gdHJX5Uf3QSGTPUDTTc2BqWzrblQH4p39DgVTo0R8s9y64FpE25GCPnSTpzeCgjFRw muD/ZQhj/o7D5tR1PWi9Vjb+qZv3c9/Uu9jmpYAxALGB74dp9IW84Od6JX8PBh/SAtfv wy5beZFc78i4G8R47NDQirr0vR4Jxt7EtYKR4xOOBG8VvkQNPPVty/HhBwITq4D4nw4g x8cXmdsPhSHgsVfwxwIKoDkapyTLk6XlHnSiF6D+X3sUuX/IvkL3xRSor5kQ0phgoEY2 vpeUSE8CPF5vSlYuKU2MAfeXDKtxyatAKYSIxuOpqc6YxJy7blB/ZTh2L6UwifKbn6+i ajGw== X-Gm-Message-State: AOJu0YymQfWhY8Fituui4HxHAtd3dShAWQ1EStHawQY+Tt+3KDez50ys tgnh2E4RYXH5RE3xx/j7qqESWeoAo/ivRNGLB2eJP9Tjj2GPCEmI5nu50+GOhGuBy+47Q9Glv7W VgBPLFMIe9+13/FNJp1abAgAV07aunrH/Z7FIkm0K1OYQrpSGH+iSmmq3vpo4gHg9LjDLXB9Nd/ fqPjlXO0gIzFbu9usmN83/TuCLAYRz/X7hqGfn X-Received: by 2002:a05:6000:1fa6:b0:368:38af:9a2e with SMTP id ffacd0b85a97d-36838af9ceemr2342f8f.21.1721192635670; Tue, 16 Jul 2024 22:03:55 -0700 (PDT) X-Google-Smtp-Source: AGHT+IELBO43EGmalceKyhDuved+qHLFLgyogTGar+IdSl0yXUQv8ul3MlkHmVKkw7Ql2Ew5KYw0Xw== X-Received: by 2002:a05:6000:1fa6:b0:368:38af:9a2e with SMTP id ffacd0b85a97d-36838af9ceemr2331f8f.21.1721192635299; Tue, 16 Jul 2024 22:03:55 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3680daccc86sm10682437f8f.61.2024.07.16.22.03.53 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:03:53 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Subject: [PULL 09/20] hpet: fix clamping of period Date: Wed, 17 Jul 2024 07:03:19 +0200 Message-ID: <20240717050331.295371-10-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.133.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org When writing a new period, the clamping should use a maximum value rather tyhan a bit mask. Also, when writing the high bits new_val is shifted right by 32, so the maximum allowed period should also be shifted right. Signed-off-by: Paolo Bonzini --- hw/timer/hpet.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/hw/timer/hpet.c b/hw/timer/hpet.c index 01efe4885db..ad881448bf3 100644 --- a/hw/timer/hpet.c +++ b/hw/timer/hpet.c @@ -548,7 +548,9 @@ static void hpet_ram_write(void *opaque, hwaddr addr, * FIXME: Clamp period to reasonable min value? * Clamp period to reasonable max value */ - new_val &= (timer->config & HPET_TN_32BIT ? ~0u : ~0ull) >> 1; + if (timer->config & HPET_TN_32BIT) { + new_val = MIN(new_val, ~0u >> 1); + } timer->period = (timer->period & 0xffffffff00000000ULL) | new_val; } @@ -567,7 +569,7 @@ static void hpet_ram_write(void *opaque, hwaddr addr, * FIXME: Clamp period to reasonable min value? * Clamp period to reasonable max value */ - new_val &= (timer->config & HPET_TN_32BIT ? ~0u : ~0ull) >> 1; + new_val = MIN(new_val, ~0u >> 1); timer->period = (timer->period & 0xffffffffULL) | new_val << 32; } From patchwork Wed Jul 17 05:03:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735081 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 55479C41513 for ; Wed, 17 Jul 2024 05:07:35 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwpy-000213-5k; Wed, 17 Jul 2024 01:04:23 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpl-0001bX-Da for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:09 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwph-000203-EG for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:08 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192644; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=nJbrLLVXpXeNx7wVIlep8y3RawRslaxRsonV5x8RR/g=; b=P9swUp7Onu1NqBd3tOUchahvvBVWpFbr31VsJOI1pbrtHVpgtfRhVP70IyNQLLR/6ELlBb Zujv6Hxd7naCEZCn6kNRtWP09MTRhqsFmP9iexJgar1oyLBnVluY1+YfMTkb+KgCIVHlCK KUlcE+x97MahsS92IPRoQa4MGDaPSeE= Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com [209.85.221.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-192-RV15qMSdPlWajIrIVpAPWQ-1; Wed, 17 Jul 2024 01:03:59 -0400 X-MC-Unique: RV15qMSdPlWajIrIVpAPWQ-1 Received: by mail-wr1-f71.google.com with SMTP id ffacd0b85a97d-36832c7023bso130419f8f.2 for ; Tue, 16 Jul 2024 22:03:59 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192637; x=1721797437; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=nJbrLLVXpXeNx7wVIlep8y3RawRslaxRsonV5x8RR/g=; b=aKD+/Qm7dV4UxUuNuROcf7hJGAfzuqYULW7xaYosqvrW9ieUurYzMOYZ6mimVaUoH5 rQb1dNldzBZ5VpNaEOQBCZ50BII1oX18yS3MwHq79/KbNs6L/yR5ycdLP++V0+qF5Jrd YXBOuje7CEcTf/jwo2rpVkOMdsmQwvCLIm+/3h1vbz0feWnanAbLPtqXSzy2CwUYXuto 01cD/kySzgBjiuE8QldakRo2qYGXp9IqaU4sB9a7jNcjqpri6UAg9ZMdh7C+Y/imIt1B 4h5ynmYh5Zu4HOXtphW3VEpPfM74eAjp2rY1fPhVtYpKO1pBiRivwtsAYKN8o+mrIixt feTg== X-Gm-Message-State: AOJu0Yx3nuVEibx06vqo4hVgMNFr6GFgehegOEBvGAwa2FMpPKXDTN5d JOIroKVNvvzhXBnRu2J4Mwb5heOF5rbCCOzIIH21UljBQDtyA3QZ7zzTDarpgbQWNmfw42FXAEA aDT5OIyZ2JcPlzwXwD0IPX9XsVSFT89Ht5JzNXjGe/5W//Q3GNrrFmnLaTdISxkdxZt0sZf/T2K /ZB+qxzFieVHZphGbHsbbt3zJfUd/6fE7KCv55 X-Received: by 2002:adf:ef4a:0:b0:368:12ef:92cf with SMTP id ffacd0b85a97d-3683171149cmr675477f8f.48.1721192637149; Tue, 16 Jul 2024 22:03:57 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFOrqoHXNIOgCEmK6hCnrcXIGxKeV0K33RFTLIDL6PngL/fnn8Zg+dEUelp61bnd2U3kl0Lpg== X-Received: by 2002:adf:ef4a:0:b0:368:12ef:92cf with SMTP id ffacd0b85a97d-3683171149cmr675458f8f.48.1721192636873; Tue, 16 Jul 2024 22:03:56 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4279f2cc229sm191252725e9.38.2024.07.16.22.03.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:03:56 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: TaiseiIto Subject: [PULL 10/20] hpet: fix HPET_TN_SETVAL for high 32-bits of the comparator Date: Wed, 17 Jul 2024 07:03:20 +0200 Message-ID: <20240717050331.295371-11-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.133.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Commit 3787324101b ("hpet: Fix emulation of HPET_TN_SETVAL (Jan Kiszka)", 2009-04-17) applied the fix only to the low 32-bits of the comparator, but it should be done for the high bits as well. Otherwise, the high 32-bits of the comparator cannot be written and they remain fixed to 0xffffffff. Co-developed-by: TaiseiIto Signed-off-by: TaiseiIto Signed-off-by: Paolo Bonzini --- hw/timer/hpet.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/hw/timer/hpet.c b/hw/timer/hpet.c index ad881448bf3..4cb5393c0b5 100644 --- a/hw/timer/hpet.c +++ b/hw/timer/hpet.c @@ -554,6 +554,10 @@ static void hpet_ram_write(void *opaque, hwaddr addr, timer->period = (timer->period & 0xffffffff00000000ULL) | new_val; } + /* + * FIXME: on a 64-bit write, HPET_TN_SETVAL should apply to the + * high bits part as well. + */ timer->config &= ~HPET_TN_SETVAL; if (hpet_enabled(s)) { hpet_set_timer(timer); @@ -564,7 +568,8 @@ static void hpet_ram_write(void *opaque, hwaddr addr, if (!timer_is_periodic(timer) || (timer->config & HPET_TN_SETVAL)) { timer->cmp = (timer->cmp & 0xffffffffULL) | new_val << 32; - } else { + } + if (timer_is_periodic(timer)) { /* * FIXME: Clamp period to reasonable min value? * Clamp period to reasonable max value @@ -572,12 +577,12 @@ static void hpet_ram_write(void *opaque, hwaddr addr, new_val = MIN(new_val, ~0u >> 1); timer->period = (timer->period & 0xffffffffULL) | new_val << 32; - } - timer->config &= ~HPET_TN_SETVAL; - if (hpet_enabled(s)) { - hpet_set_timer(timer); - } - break; + } + timer->config &= ~HPET_TN_SETVAL; + if (hpet_enabled(s)) { + hpet_set_timer(timer); + } + break; case HPET_TN_ROUTE: timer->fsb = (timer->fsb & 0xffffffff00000000ULL) | new_val; break; From patchwork Wed Jul 17 05:03:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735080 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 2BF94C3DA61 for ; Wed, 17 Jul 2024 05:07:36 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwpv-0001xM-Cn; Wed, 17 Jul 2024 01:04:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpl-0001bU-DN for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:09 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwph-0001zy-E0 for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:08 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192644; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=z7mvDdgjDew4bcumhdVippQPV/asFmWc10+8vble7j0=; b=UUh65Mrtol54rXsfbSPDBG0sFUE2vwozWhKptDt2mzl0diOK7J+/pJwWXbYOTwHIYjzKZU TAlX5kpgmS2sROgWCPKC8xqchICDp4W8UpV0KagZlkTTEQcf8XmybylB/9cxKInAK5YRur RV5/XOkWUbNH4WnM2eXhz1oN/2Qy0m0= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-121-5FtpdzEWMcKbAAaMyBCLHA-1; Wed, 17 Jul 2024 01:04:01 -0400 X-MC-Unique: 5FtpdzEWMcKbAAaMyBCLHA-1 Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-426724679f0so1650105e9.0 for ; Tue, 16 Jul 2024 22:04:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192640; x=1721797440; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=z7mvDdgjDew4bcumhdVippQPV/asFmWc10+8vble7j0=; b=qqAgStfuicBj3ZuYFl/PnrU8hzHAYl1fMOyykMVMo9W/bHGZzfwxz9lrW+XEDPObHF 4/yy2OX+FYRsaSGa2NIQLMs2znUFHM2cjIKFnxKbnpl0rlpnBauVdI96/ivro1WSqfic MOspoN/LdmiD1KbDi3Ju4xBVNG37g1ania31iEvTWh2Q7HIL4hQQ+Jb4pfan6Ca4f/5J 0d3W7jAf/Q9t1nwu+ClxRl9zj44c5itw7DOkYujxhGUIy/1sAJi9TzrcitIIi+UieJV/ vvIUtT/brm400R+/zCU02F4GSp/Li69Hd5OUAdia0kniJIqBXBcDK9VJKEHVX6vlY1dD BHpA== X-Gm-Message-State: AOJu0YyH6W1w6EB7Ldx6WcC5+/8B1WaAbZFICghrBiu/LdABNwJmUmKj iiSvHbcXtewIiBFOpf50YGEiv2aBjYe1t/ypVTp8Bq9c1T19BGU2sw2aNijcUFzkqQFUhrj+yh6 53b7GpDWc3ntV+bOwkFurHSs9k0GhRbsD5DXfkxirOWGYUKpNMsxnz1ArY7hzyU7d9EdKB0XrMM pmC3XHkN69Py0cWgnO0eIhOLNkes0O8NeTKg7y X-Received: by 2002:a05:6000:d86:b0:367:895f:619e with SMTP id ffacd0b85a97d-368273d1a7bmr2772871f8f.11.1721192639804; Tue, 16 Jul 2024 22:03:59 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEJ2x2hU0tVVsbdY46jhdNJmMN4aGSAQdGHTf4Aoi3HyRO7SmX84i0JAOlI65T1+Y4wjDKkRg== X-Received: by 2002:a05:6000:d86:b0:367:895f:619e with SMTP id ffacd0b85a97d-368273d1a7bmr2772859f8f.11.1721192639422; Tue, 16 Jul 2024 22:03:59 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-427a5e7751asm157155705e9.3.2024.07.16.22.03.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:03:57 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: =?utf-8?q?Cl=C3=A9ment_Chigot?= , Richard Henderson Subject: [PULL 11/20] target/i386/tcg: fix POP to memory in long mode Date: Wed, 17 Jul 2024 07:03:21 +0200 Message-ID: <20240717050331.295371-12-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org In long mode, POP to memory will write a full 64-bit value. However, the call to gen_writeback() in gen_POP will use MO_32 because the decoding table is incorrect. The bug was latent until commit aea49fbb01a ("target/i386: use gen_writeback() within gen_POP()", 2024-06-08), and then became visible because gen_op_st_v now receives op->ot instead of the "ot" returned by gen_pop_T0. Analyzed-by: Clément Chigot Fixes: 5e9e21bcc4d ("target/i386: move 60-BF opcodes to new decoder", 2024-05-07) Tested-by: Clément Chigot Reviewed-by: Richard Henderson Signed-off-by: Paolo Bonzini --- target/i386/tcg/decode-new.c.inc | 2 +- target/i386/tcg/emit.c.inc | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc index 0d846c32c22..d2da1d396d5 100644 --- a/target/i386/tcg/decode-new.c.inc +++ b/target/i386/tcg/decode-new.c.inc @@ -1717,7 +1717,7 @@ static const X86OpEntry opcodes_root[256] = { [0x8C] = X86_OP_ENTRYwr(MOV, E,v, S,w, op0_Mw), [0x8D] = X86_OP_ENTRYwr(LEA, G,v, M,v, nolea), [0x8E] = X86_OP_ENTRYwr(MOV, S,w, E,w), - [0x8F] = X86_OP_GROUPw(group1A, E,v), + [0x8F] = X86_OP_GROUPw(group1A, E,d64), [0x98] = X86_OP_ENTRY1(CBW, 0,v), /* rAX */ [0x99] = X86_OP_ENTRYwr(CWD, 2,v, 0,v), /* rDX, rAX */ diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc index fc7477833bc..016dce81464 100644 --- a/target/i386/tcg/emit.c.inc +++ b/target/i386/tcg/emit.c.inc @@ -2788,6 +2788,7 @@ static void gen_POP(DisasContext *s, X86DecodedInsn *decode) X86DecodedOp *op = &decode->op[0]; MemOp ot = gen_pop_T0(s); + assert(ot >= op->ot); if (op->has_ea || op->unit == X86_OP_SEG) { /* NOTE: order is important for MMU exceptions */ gen_writeback(s, decode, 0, s->T0); From patchwork Wed Jul 17 05:03:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735075 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 04CB9C3DA61 for ; Wed, 17 Jul 2024 05:07:03 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwqB-00030J-2j; Wed, 17 Jul 2024 01:04:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpm-0001ha-UO for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:13 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpj-00020b-8A for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:09 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192645; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=zysmERLOD7LqFn2JG/XTo8hRSGrS1y0PB/cgSbGIed8=; b=FxTUQAjZNwVigzM7Vxu6NRxzxhHbwtl3CpiZJVrLg4xMUD84hGEoLClvHLd6CXJjauYezr Y6QdVD1dfmrdXrNuWy3TmZSoWvlF01KTSMMStWnr2pZG5ZGi63jAGWEroqBlZhiiyobiIj 6pTldE5BEZ7IG/Vem9HaZH+heSAeQQg= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-197-sZJdK71PNhGR5_K67R6Pbw-1; Wed, 17 Jul 2024 01:04:03 -0400 X-MC-Unique: sZJdK71PNhGR5_K67R6Pbw-1 Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-426d0bead0aso46484945e9.1 for ; Tue, 16 Jul 2024 22:04:03 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192642; x=1721797442; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=zysmERLOD7LqFn2JG/XTo8hRSGrS1y0PB/cgSbGIed8=; b=ghUCFQNlZUqxFbi7YQw1pEYT8KE0Kk7b5F1l6WepDjS4VGPSUMkRmu/pg9g74UzwVu GhQZNWe5ItV3B3YuIt58vv1xkt77oaTmq/U2v7JNftvkjFva2vQxDf5Fqmd8Lg5YhJJp gxcVJdwxQUBHZX370zaXHYjnnNBCXzC/oCEz5Foq99JrytvOcCaG1xFAjVDK+nRoRt1F E/0piJ/darAAKsgf8BqW1sBvPOtNoQ0Xy4NY/xLF1GRbwWajlUC7EVdJmrFNrq5WNSTg dSjCYMoXV0TAp22ZLtMH/QO9KtRvQsa+aOpXAcliZIXV2BkEHkOV0nQu2WPYqbjdcFm3 Ko+A== X-Gm-Message-State: AOJu0YzeBgCTKYqX5PSSgOWgrmTrpZfLp32NJfJ7nlCbkKW6+Rc8MWKk EHgmFuRYslJ/5+CphwS4NzfhCom+wVzdU7ouNYoorgDQFFD2urIFqaRPT5akbTmFsyMOrm8R0WW mNZhSbgjGJ6IorcAkQedpSnJQgPpmjyzzXA2AIpXoqzRPt8tXQRMBgSDrn5xHiVK2Q6YFtUSWKg Z4tHT88EW7Dabrkdys6rVArdF4++LkrK74onpC X-Received: by 2002:a05:600c:b8e:b0:426:6edf:6597 with SMTP id 5b1f17b1804b1-427c2cb563bmr2989595e9.19.1721192642354; Tue, 16 Jul 2024 22:04:02 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG8M2wlTqxVCxVolKnlhAe9gOdS0ZCl7n9PZPaMlm8ykk7/w7WhcFj4y4iCaR4irQpTJHZRgA== X-Received: by 2002:a05:600c:b8e:b0:426:6edf:6597 with SMTP id 5b1f17b1804b1-427c2cb563bmr2989395e9.19.1721192641979; Tue, 16 Jul 2024 22:04:01 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-427bb99a23dsm37140505e9.1.2024.07.16.22.04.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:04:00 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Richard Henderson Subject: [PULL 12/20] target/i386/tcg: Remove SEG_ADDL Date: Wed, 17 Jul 2024 07:03:22 +0200 Message-ID: <20240717050331.295371-13-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Richard Henderson This truncation is now handled by MMU_*32_IDX. The introduction of MMU_*32_IDX in fact applied correct 32-bit wraparound to 16-bit accesses with a high segment base (e.g. big real mode or vm86 mode), which did not use SEG_ADDL. Signed-off-by: Richard Henderson Link: https://lore.kernel.org/r/20240617161210.4639-3-richard.henderson@linaro.org Signed-off-by: Paolo Bonzini --- target/i386/tcg/seg_helper.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c index aee3d19f29b..19d6b41a589 100644 --- a/target/i386/tcg/seg_helper.c +++ b/target/i386/tcg/seg_helper.c @@ -579,10 +579,6 @@ int exception_has_error_code(int intno) } while (0) #endif -/* in 64-bit machines, this can overflow. So this segment addition macro - * can be used to trim the value to 32-bit whenever needed */ -#define SEG_ADDL(ssp, sp, sp_mask) ((uint32_t)((ssp) + (sp & (sp_mask)))) - /* XXX: add a is_user flag to have proper security support */ #define PUSHW_RA(ssp, sp, sp_mask, val, ra) \ { \ @@ -593,7 +589,7 @@ int exception_has_error_code(int intno) #define PUSHL_RA(ssp, sp, sp_mask, val, ra) \ { \ sp -= 4; \ - cpu_stl_kernel_ra(env, SEG_ADDL(ssp, sp, sp_mask), (uint32_t)(val), ra); \ + cpu_stl_kernel_ra(env, (ssp) + (sp & (sp_mask)), (val), ra); \ } #define POPW_RA(ssp, sp, sp_mask, val, ra) \ @@ -604,7 +600,7 @@ int exception_has_error_code(int intno) #define POPL_RA(ssp, sp, sp_mask, val, ra) \ { \ - val = (uint32_t)cpu_ldl_kernel_ra(env, SEG_ADDL(ssp, sp, sp_mask), ra); \ + val = (uint32_t)cpu_ldl_kernel_ra(env, (ssp) + (sp & (sp_mask)), ra); \ sp += 4; \ } From patchwork Wed Jul 17 05:03:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735071 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 730E5C3DA42 for ; Wed, 17 Jul 2024 05:05:49 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwpz-00027Y-Cb; Wed, 17 Jul 2024 01:04:23 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpm-0001e6-35 for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:10 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpj-00021f-Vi for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:09 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192647; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=GX5s7D3GnRktYpy0eRl8MIaqx1kf57JyUnrHen/Omzg=; b=CIx52k2oCrS3r52uudJ+aaFP+TpyDZPz70TvEyFlYK16jfqPnX+l78YPk1lN04eYhWsLYk Mq+2jBo9YSLn5+x6E/GhyAj04nhhh3JGKJs/x3pn5DgfAwDglafo3SGMYJfE8ADT7KomjQ QaR9kOyr7VH2dnw5amhQg+fi4Y0D3lo= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-427-5wznoTtOOySEvflGssw6Wg-1; Wed, 17 Jul 2024 01:04:05 -0400 X-MC-Unique: 5wznoTtOOySEvflGssw6Wg-1 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-42490ae735dso59278175e9.0 for ; Tue, 16 Jul 2024 22:04:05 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192644; x=1721797444; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GX5s7D3GnRktYpy0eRl8MIaqx1kf57JyUnrHen/Omzg=; b=DgAkjMeV4qeNJesCgzMbStULMcZCIXn9UC3UlKoADCmOiZjV2gdRg4diy18fRdx2Il nbUxGWiLjwoCNO48Tz0PwotLgZa00tzQtqXrNfy/l1ZOWmaV+e3VAUZWBs7pIjOVVg9Z vN16LyM3fnoujL0M0rDXLygVdJSdfDk4tWU/QJCdyvgBvPnS6Fj4EioFf7Jky3Hg6zkx 8Pjpagq6MULdgpPwpEjK/CVuiZS1w+X6Oj4DP9zC9j/quMc6rFoujTV9AUn3/Rd+C8FR FnvbomPU3DxENdzaAzpTzViuiE+6Wrmow6bjr/HA26RiCcSF75cjMsgDsAkgSBWrFBbx BbAg== X-Gm-Message-State: AOJu0YzRe2Vp+sF2pSmLheIR5ZlpOTBbTUuaQoACVcYecH1reFwhoceQ KTO8uQyiZNrFyNie7JNorXmBAA68Shz76GeZTpWGAg+7edtGcp4W3EKzFKCLJIQKElLfp4di+4S TCCjvMK7T89PL7cEGQ9xi/t5FffOIPAo+d91uhY6MrcqKUHqJDC5TbwnK1WUW77BC2u+vaCMSfT oZaNFBitWQFpGBzTtczRCUKSzrQlXFj65ob7KY X-Received: by 2002:a05:600c:1d20:b0:426:6ed5:fcb with SMTP id 5b1f17b1804b1-427c2cad3c2mr4127345e9.4.1721192643737; Tue, 16 Jul 2024 22:04:03 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHBneeN4Xl3hCfzOthJMiVTLnL0lOX5y+PHTBpnSrSZd0JkW0Nlg+W5wuB3v758h+2MSjUQZQ== X-Received: by 2002:a05:600c:1d20:b0:426:6ed5:fcb with SMTP id 5b1f17b1804b1-427c2cad3c2mr4127225e9.4.1721192643400; Tue, 16 Jul 2024 22:04:03 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4279f239883sm191011495e9.10.2024.07.16.22.04.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:04:03 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: "Robert R . Henry" , Richard Henderson Subject: [PULL 13/20] target/i386/tcg: Allow IRET from user mode to user mode with SMAP Date: Wed, 17 Jul 2024 07:03:23 +0200 Message-ID: <20240717050331.295371-14-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This fixes a bug wherein i386/tcg assumed an interrupt return using the IRET instruction was always returning from kernel mode to either kernel mode or user mode. This assumption is violated when IRET is used as a clever way to restore thread state, as for example in the dotnet runtime. There, IRET returns from user mode to user mode. This bug is that stack accesses from IRET and RETF, as well as accesses to the parameters in a call gate, are normal data accesses using the current CPL. This manifested itself as a page fault in the guest Linux kernel due to SMAP preventing the access. This bug appears to have been in QEMU since the beginning. Analyzed-by: Robert R. Henry Co-developed-by: Robert R. Henry Signed-off-by: Robert R. Henry Reviewed-by: Richard Henderson Signed-off-by: Paolo Bonzini --- target/i386/tcg/seg_helper.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c index 19d6b41a589..224e73e9ed0 100644 --- a/target/i386/tcg/seg_helper.c +++ b/target/i386/tcg/seg_helper.c @@ -594,13 +594,13 @@ int exception_has_error_code(int intno) #define POPW_RA(ssp, sp, sp_mask, val, ra) \ { \ - val = cpu_lduw_kernel_ra(env, (ssp) + (sp & (sp_mask)), ra); \ + val = cpu_lduw_data_ra(env, (ssp) + (sp & (sp_mask)), ra); \ sp += 2; \ } #define POPL_RA(ssp, sp, sp_mask, val, ra) \ { \ - val = (uint32_t)cpu_ldl_kernel_ra(env, (ssp) + (sp & (sp_mask)), ra); \ + val = (uint32_t)cpu_ldl_data_ra(env, (ssp) + (sp & (sp_mask)), ra); \ sp += 4; \ } @@ -847,7 +847,7 @@ static void do_interrupt_protected(CPUX86State *env, int intno, int is_int, #define POPQ_RA(sp, val, ra) \ { \ - val = cpu_ldq_kernel_ra(env, sp, ra); \ + val = cpu_ldq_data_ra(env, sp, ra); \ sp += 8; \ } @@ -1797,18 +1797,18 @@ void helper_lcall_protected(CPUX86State *env, int new_cs, target_ulong new_eip, PUSHL_RA(ssp, sp, sp_mask, env->segs[R_SS].selector, GETPC()); PUSHL_RA(ssp, sp, sp_mask, env->regs[R_ESP], GETPC()); for (i = param_count - 1; i >= 0; i--) { - val = cpu_ldl_kernel_ra(env, old_ssp + - ((env->regs[R_ESP] + i * 4) & - old_sp_mask), GETPC()); + val = cpu_ldl_data_ra(env, + old_ssp + ((env->regs[R_ESP] + i * 4) & old_sp_mask), + GETPC()); PUSHL_RA(ssp, sp, sp_mask, val, GETPC()); } } else { PUSHW_RA(ssp, sp, sp_mask, env->segs[R_SS].selector, GETPC()); PUSHW_RA(ssp, sp, sp_mask, env->regs[R_ESP], GETPC()); for (i = param_count - 1; i >= 0; i--) { - val = cpu_lduw_kernel_ra(env, old_ssp + - ((env->regs[R_ESP] + i * 2) & - old_sp_mask), GETPC()); + val = cpu_lduw_data_ra(env, + old_ssp + ((env->regs[R_ESP] + i * 2) & old_sp_mask), + GETPC()); PUSHW_RA(ssp, sp, sp_mask, val, GETPC()); } } From patchwork Wed Jul 17 05:03:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735079 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 48EB7C3DA4B for ; Wed, 17 Jul 2024 05:07:35 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwpv-0001zM-OH; Wed, 17 Jul 2024 01:04:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpo-0001mS-7D for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:15 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpm-00022W-Mv for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192650; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=NHF1gm359CBBwWB+U+NepPClCcmLSyfmhAFVt5pGW6Y=; b=a+a6X/RBWIikZdpYHuwJ9eSSSS69Gr+ynK3x8MFDwS90+rG3W6DXty8oKvSCDPIAz8ZlXX vmhP1GRZ7ZGTGdLg8YZcJdECgB51vDE1BrTXFJCPQB6UGBy3nTYlWUPKycvFdTlupF5a8o fl/KxlO2RstQLOrdULHdAbNWw9inMpI= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-227-5eqt7j0INRW4H9xh6ct6kA-1; Wed, 17 Jul 2024 01:04:07 -0400 X-MC-Unique: 5eqt7j0INRW4H9xh6ct6kA-1 Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-426724679f0so1650625e9.0 for ; Tue, 16 Jul 2024 22:04:07 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192645; x=1721797445; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NHF1gm359CBBwWB+U+NepPClCcmLSyfmhAFVt5pGW6Y=; b=l/7/iuA4E05NIsOifZOcoozlGNl2j5dzAj4JfCbXmTI1oymo7EW60qKh1MufusJKfU DWwfrP5cCCAB2NJ3/eTI25PjrxAnKEtpsKrJyAu1RCJGlxFhYXDT90yYfswcwDIgGZod +O+hRZiGx959woJyd+3AA84XDmbOmti+tDmTSuF5OtoIY0J2LIa+lnxjuI5m+dzTRI/Q h7Gyf3s+lHTYN21bt11zwbPdTJp3GjcatzLvcaTIIYR7aD4sB+r+RmHvMhF2kXQa3ouP GOhXvn4gRttBG375INl0NSFgr1WGFEVAi3JiP0BkKDKSEgEZCkkwQBkhTXpegrvuG7RK 9PnQ== X-Gm-Message-State: AOJu0Yy1PuoFbI6bj/ZHZljzOwZFSdg8I9ZpyUujcQ9LLxHfmCPXgjjh hKlcKYr7Kd6+k1gYN6tW9JyCHzC6Z12EW5UVed5e2rL90jEF2GxXKL3md30WxANx4EfJaOzwd/h 0KdgVPXpupQujC0aC4ViIL1jDD41vFbe8ce9A7qggKGPkjq4HnIcjNG1mn2taZFGMAxD1cMNxQ2 JpOqY7y1OgtDWtgZKlm2XsPjrvar31Rj+2vzqW X-Received: by 2002:a05:600c:3501:b0:426:6252:61d9 with SMTP id 5b1f17b1804b1-427bb6c3468mr25812915e9.11.1721192645699; Tue, 16 Jul 2024 22:04:05 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEbxkbEvd4RtiGQkzRN+KjisgQ8KAV5NOWS34YQPAuPO7RBm6Pp8zYYZ3gfbsW5eTQmnyLgpQ== X-Received: by 2002:a05:600c:3501:b0:426:6252:61d9 with SMTP id 5b1f17b1804b1-427bb6c3468mr25812825e9.11.1721192645386; Tue, 16 Jul 2024 22:04:05 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3680dafbe7csm10688685f8f.83.2024.07.16.22.04.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:04:04 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Richard Henderson Subject: [PULL 14/20] target/i386/tcg: use PUSHL/PUSHW for error code Date: Wed, 17 Jul 2024 07:03:24 +0200 Message-ID: <20240717050331.295371-15-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Do not pre-decrement esp, let the macros subtract the appropriate operand size. Reviewed-by: Richard Henderson Signed-off-by: Paolo Bonzini --- target/i386/tcg/seg_helper.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c index 224e73e9ed0..b985382d704 100644 --- a/target/i386/tcg/seg_helper.c +++ b/target/i386/tcg/seg_helper.c @@ -670,22 +670,20 @@ static void do_interrupt_protected(CPUX86State *env, int intno, int is_int, } shift = switch_tss(env, intno * 8, e1, e2, SWITCH_TSS_CALL, old_eip); if (has_error_code) { - uint32_t mask; - /* push the error code */ if (env->segs[R_SS].flags & DESC_B_MASK) { - mask = 0xffffffff; + sp_mask = 0xffffffff; } else { - mask = 0xffff; + sp_mask = 0xffff; } - esp = (env->regs[R_ESP] - (2 << shift)) & mask; - ssp = env->segs[R_SS].base + esp; + esp = env->regs[R_ESP]; + ssp = env->segs[R_SS].base; if (shift) { - cpu_stl_kernel(env, ssp, error_code); + PUSHL(ssp, esp, sp_mask, error_code); } else { - cpu_stw_kernel(env, ssp, error_code); + PUSHW(ssp, esp, sp_mask, error_code); } - SET_ESP(esp, mask); + SET_ESP(esp, sp_mask); } return; } From patchwork Wed Jul 17 05:03:25 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735067 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id F32B9C3DA4B for ; Wed, 17 Jul 2024 05:05:27 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwq7-0002hj-Rk; Wed, 17 Jul 2024 01:04:31 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpu-0001vx-8j for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:19 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpp-00022m-6L for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:17 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192652; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=riytJjgbE6x/tv0Qu82lUf7rTP82b0wZOff0TXFI5UI=; b=fePrCsBtmBY3aOAEoKqMOGps68oF/M0NfBlcit+3WLVtxlYyZLbtaq7xPh6iaTYi1o4/P1 DZYnamiODtZ8JKjPxYr9ZqdisTJzeQ8XZNjaqk7VSAPgoaAB2SOvr2jIAcdhDYsI20FcdK ZTVbY72oZaqjZCQs5AeaQzrtN3dWNzg= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-517-lXhlOXZgO2ygsk73P-jqSQ-1; Wed, 17 Jul 2024 01:04:10 -0400 X-MC-Unique: lXhlOXZgO2ygsk73P-jqSQ-1 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-36832c7023bso130531f8f.2 for ; Tue, 16 Jul 2024 22:04:10 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192648; x=1721797448; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=riytJjgbE6x/tv0Qu82lUf7rTP82b0wZOff0TXFI5UI=; b=gDNMxV9TO7ITNvV8cka2dgnSMUh99ecZTHRnINbNT7Ydadb8EuqUcXRySeSWx6m/MV PCsenGRK6WJilqiV2exuWjHZ8n6Mii4M8yodDyFSCkNmPKC9vs7vFVOwlZB2lPAVKu/2 7vP9sb9h1X6VGwX8vVQ8kLkb32Zpzt3Tai/8BIpYOkeg3snOLLsawKlxCAyTBehwrfra +1OjLP65hiz02ZsowtjEAwuz3XBIou9zM5mXEKk+ihr6v+qFOR2d6J1dGNwkEyjsAdkt nwfB8UD2JaXpLFOlkQDoKJDUqB6UcxEH+lODfVJpSzsiFtJWmscGovMFeye/EwdAV1/Q Qj4A== X-Gm-Message-State: AOJu0YzYUOnixWFo792HOOHp+7ICuhRqKf2IpMdogkhgXdwr/jhg/XpR gP6f96PDMKNz3xpAOVDwhxxNthCa1CItAZ7n6j3l7hRc1GWR+J6V66m5dwk+vvfR99grO5RqsN9 Ijo0Cvi66F0hrYNLhTpTTex4nk89PtyuD/ziGuMCzLG+oPpGlpIet0cK39/2zB89vxoVKXzr+xP RLI2IxLLmfW7VyxX5d7xJiC41vNRShXRo9cUq0 X-Received: by 2002:a05:6000:1fad:b0:368:683:b5d with SMTP id ffacd0b85a97d-368315ffe63mr746013f8f.7.1721192648329; Tue, 16 Jul 2024 22:04:08 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHwAt6M4bRADMSdLh6EcDwmqPZfdRVR174r+osCyXzct7MDnT21LbA5Xe1zcdJxkn491kolBg== X-Received: by 2002:a05:6000:1fad:b0:368:683:b5d with SMTP id ffacd0b85a97d-368315ffe63mr745974f8f.7.1721192647582; Tue, 16 Jul 2024 22:04:07 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-368337e1d12sm320717f8f.31.2024.07.16.22.04.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:04:06 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Richard Henderson Subject: [PULL 15/20] target/i386/tcg: Reorg push/pop within seg_helper.c Date: Wed, 17 Jul 2024 07:03:25 +0200 Message-ID: <20240717050331.295371-16-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Richard Henderson Interrupts and call gates should use accesses with the DPL as the privilege level. While computing the applicable MMU index is easy, the harder thing is how to plumb it in the code. One possibility could be to add a single argument to the PUSH* macros for the privilege level, but this is repetitive and risks confusion between the involved privilege levels. Another possibility is to pass both CPL and DPL, and adjusting both PUSH* and POP* to use specific privilege levels (instead of using cpu_{ld,st}*_data). This makes the code more symmetric. However, a more complicated but much nicer approach is to use a structure to contain the stack parameters, env, unwind return address, and rewrite the macros into functions. The struct provides an easy home for the MMU index as well. Signed-off-by: Richard Henderson Link: https://lore.kernel.org/r/20240617161210.4639-4-richard.henderson@linaro.org Signed-off-by: Paolo Bonzini --- target/i386/tcg/seg_helper.c | 481 +++++++++++++++++++---------------- 1 file changed, 259 insertions(+), 222 deletions(-) diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c index b985382d704..b6902ca3fba 100644 --- a/target/i386/tcg/seg_helper.c +++ b/target/i386/tcg/seg_helper.c @@ -28,6 +28,68 @@ #include "helper-tcg.h" #include "seg_helper.h" +#ifdef TARGET_X86_64 +#define SET_ESP(val, sp_mask) \ + do { \ + if ((sp_mask) == 0xffff) { \ + env->regs[R_ESP] = (env->regs[R_ESP] & ~0xffff) | \ + ((val) & 0xffff); \ + } else if ((sp_mask) == 0xffffffffLL) { \ + env->regs[R_ESP] = (uint32_t)(val); \ + } else { \ + env->regs[R_ESP] = (val); \ + } \ + } while (0) +#else +#define SET_ESP(val, sp_mask) \ + do { \ + env->regs[R_ESP] = (env->regs[R_ESP] & ~(sp_mask)) | \ + ((val) & (sp_mask)); \ + } while (0) +#endif + +/* XXX: use mmu_index to have proper DPL support */ +typedef struct StackAccess +{ + CPUX86State *env; + uintptr_t ra; + target_ulong ss_base; + target_ulong sp; + target_ulong sp_mask; +} StackAccess; + +static void pushw(StackAccess *sa, uint16_t val) +{ + sa->sp -= 2; + cpu_stw_kernel_ra(sa->env, sa->ss_base + (sa->sp & sa->sp_mask), + val, sa->ra); +} + +static void pushl(StackAccess *sa, uint32_t val) +{ + sa->sp -= 4; + cpu_stl_kernel_ra(sa->env, sa->ss_base + (sa->sp & sa->sp_mask), + val, sa->ra); +} + +static uint16_t popw(StackAccess *sa) +{ + uint16_t ret = cpu_lduw_data_ra(sa->env, + sa->ss_base + (sa->sp & sa->sp_mask), + sa->ra); + sa->sp += 2; + return ret; +} + +static uint32_t popl(StackAccess *sa) +{ + uint32_t ret = cpu_ldl_data_ra(sa->env, + sa->ss_base + (sa->sp & sa->sp_mask), + sa->ra); + sa->sp += 4; + return ret; +} + int get_pg_mode(CPUX86State *env) { int pg_mode = 0; @@ -559,68 +621,19 @@ int exception_has_error_code(int intno) return 0; } -#ifdef TARGET_X86_64 -#define SET_ESP(val, sp_mask) \ - do { \ - if ((sp_mask) == 0xffff) { \ - env->regs[R_ESP] = (env->regs[R_ESP] & ~0xffff) | \ - ((val) & 0xffff); \ - } else if ((sp_mask) == 0xffffffffLL) { \ - env->regs[R_ESP] = (uint32_t)(val); \ - } else { \ - env->regs[R_ESP] = (val); \ - } \ - } while (0) -#else -#define SET_ESP(val, sp_mask) \ - do { \ - env->regs[R_ESP] = (env->regs[R_ESP] & ~(sp_mask)) | \ - ((val) & (sp_mask)); \ - } while (0) -#endif - -/* XXX: add a is_user flag to have proper security support */ -#define PUSHW_RA(ssp, sp, sp_mask, val, ra) \ - { \ - sp -= 2; \ - cpu_stw_kernel_ra(env, (ssp) + (sp & (sp_mask)), (val), ra); \ - } - -#define PUSHL_RA(ssp, sp, sp_mask, val, ra) \ - { \ - sp -= 4; \ - cpu_stl_kernel_ra(env, (ssp) + (sp & (sp_mask)), (val), ra); \ - } - -#define POPW_RA(ssp, sp, sp_mask, val, ra) \ - { \ - val = cpu_lduw_data_ra(env, (ssp) + (sp & (sp_mask)), ra); \ - sp += 2; \ - } - -#define POPL_RA(ssp, sp, sp_mask, val, ra) \ - { \ - val = (uint32_t)cpu_ldl_data_ra(env, (ssp) + (sp & (sp_mask)), ra); \ - sp += 4; \ - } - -#define PUSHW(ssp, sp, sp_mask, val) PUSHW_RA(ssp, sp, sp_mask, val, 0) -#define PUSHL(ssp, sp, sp_mask, val) PUSHL_RA(ssp, sp, sp_mask, val, 0) -#define POPW(ssp, sp, sp_mask, val) POPW_RA(ssp, sp, sp_mask, val, 0) -#define POPL(ssp, sp, sp_mask, val) POPL_RA(ssp, sp, sp_mask, val, 0) - /* protected mode interrupt */ static void do_interrupt_protected(CPUX86State *env, int intno, int is_int, int error_code, unsigned int next_eip, int is_hw) { SegmentCache *dt; - target_ulong ptr, ssp; + target_ulong ptr; int type, dpl, selector, ss_dpl, cpl; int has_error_code, new_stack, shift; - uint32_t e1, e2, offset, ss = 0, esp, ss_e1 = 0, ss_e2 = 0; - uint32_t old_eip, sp_mask, eflags; + uint32_t e1, e2, offset, ss = 0, ss_e1 = 0, ss_e2 = 0; + uint32_t old_eip, eflags; int vm86 = env->eflags & VM_MASK; + StackAccess sa; bool set_rf; has_error_code = 0; @@ -662,6 +675,9 @@ static void do_interrupt_protected(CPUX86State *env, int intno, int is_int, raise_exception_err(env, EXCP0D_GPF, intno * 8 + 2); } + sa.env = env; + sa.ra = 0; + if (type == 5) { /* task gate */ /* must do that check here to return the correct error code */ @@ -672,18 +688,18 @@ static void do_interrupt_protected(CPUX86State *env, int intno, int is_int, if (has_error_code) { /* push the error code */ if (env->segs[R_SS].flags & DESC_B_MASK) { - sp_mask = 0xffffffff; + sa.sp_mask = 0xffffffff; } else { - sp_mask = 0xffff; + sa.sp_mask = 0xffff; } - esp = env->regs[R_ESP]; - ssp = env->segs[R_SS].base; + sa.sp = env->regs[R_ESP]; + sa.ss_base = env->segs[R_SS].base; if (shift) { - PUSHL(ssp, esp, sp_mask, error_code); + pushl(&sa, error_code); } else { - PUSHW(ssp, esp, sp_mask, error_code); + pushw(&sa, error_code); } - SET_ESP(esp, sp_mask); + SET_ESP(sa.sp, sa.sp_mask); } return; } @@ -717,6 +733,7 @@ static void do_interrupt_protected(CPUX86State *env, int intno, int is_int, } if (dpl < cpl) { /* to inner privilege */ + uint32_t esp; get_ss_esp_from_tss(env, &ss, &esp, dpl, 0); if ((ss & 0xfffc) == 0) { raise_exception_err(env, EXCP0A_TSS, ss & 0xfffc); @@ -740,17 +757,18 @@ static void do_interrupt_protected(CPUX86State *env, int intno, int is_int, raise_exception_err(env, EXCP0A_TSS, ss & 0xfffc); } new_stack = 1; - sp_mask = get_sp_mask(ss_e2); - ssp = get_seg_base(ss_e1, ss_e2); + sa.sp = esp; + sa.sp_mask = get_sp_mask(ss_e2); + sa.ss_base = get_seg_base(ss_e1, ss_e2); } else { /* to same privilege */ if (vm86) { raise_exception_err(env, EXCP0D_GPF, selector & 0xfffc); } new_stack = 0; - sp_mask = get_sp_mask(env->segs[R_SS].flags); - ssp = env->segs[R_SS].base; - esp = env->regs[R_ESP]; + sa.sp = env->regs[R_ESP]; + sa.sp_mask = get_sp_mask(env->segs[R_SS].flags); + sa.ss_base = env->segs[R_SS].base; } shift = type >> 3; @@ -775,36 +793,36 @@ static void do_interrupt_protected(CPUX86State *env, int intno, int is_int, if (shift == 1) { if (new_stack) { if (vm86) { - PUSHL(ssp, esp, sp_mask, env->segs[R_GS].selector); - PUSHL(ssp, esp, sp_mask, env->segs[R_FS].selector); - PUSHL(ssp, esp, sp_mask, env->segs[R_DS].selector); - PUSHL(ssp, esp, sp_mask, env->segs[R_ES].selector); + pushl(&sa, env->segs[R_GS].selector); + pushl(&sa, env->segs[R_FS].selector); + pushl(&sa, env->segs[R_DS].selector); + pushl(&sa, env->segs[R_ES].selector); } - PUSHL(ssp, esp, sp_mask, env->segs[R_SS].selector); - PUSHL(ssp, esp, sp_mask, env->regs[R_ESP]); + pushl(&sa, env->segs[R_SS].selector); + pushl(&sa, env->regs[R_ESP]); } - PUSHL(ssp, esp, sp_mask, eflags); - PUSHL(ssp, esp, sp_mask, env->segs[R_CS].selector); - PUSHL(ssp, esp, sp_mask, old_eip); + pushl(&sa, eflags); + pushl(&sa, env->segs[R_CS].selector); + pushl(&sa, old_eip); if (has_error_code) { - PUSHL(ssp, esp, sp_mask, error_code); + pushl(&sa, error_code); } } else { if (new_stack) { if (vm86) { - PUSHW(ssp, esp, sp_mask, env->segs[R_GS].selector); - PUSHW(ssp, esp, sp_mask, env->segs[R_FS].selector); - PUSHW(ssp, esp, sp_mask, env->segs[R_DS].selector); - PUSHW(ssp, esp, sp_mask, env->segs[R_ES].selector); + pushw(&sa, env->segs[R_GS].selector); + pushw(&sa, env->segs[R_FS].selector); + pushw(&sa, env->segs[R_DS].selector); + pushw(&sa, env->segs[R_ES].selector); } - PUSHW(ssp, esp, sp_mask, env->segs[R_SS].selector); - PUSHW(ssp, esp, sp_mask, env->regs[R_ESP]); + pushw(&sa, env->segs[R_SS].selector); + pushw(&sa, env->regs[R_ESP]); } - PUSHW(ssp, esp, sp_mask, eflags); - PUSHW(ssp, esp, sp_mask, env->segs[R_CS].selector); - PUSHW(ssp, esp, sp_mask, old_eip); + pushw(&sa, eflags); + pushw(&sa, env->segs[R_CS].selector); + pushw(&sa, old_eip); if (has_error_code) { - PUSHW(ssp, esp, sp_mask, error_code); + pushw(&sa, error_code); } } @@ -822,10 +840,10 @@ static void do_interrupt_protected(CPUX86State *env, int intno, int is_int, cpu_x86_load_seg_cache(env, R_GS, 0, 0, 0, 0); } ss = (ss & ~3) | dpl; - cpu_x86_load_seg_cache(env, R_SS, ss, - ssp, get_seg_limit(ss_e1, ss_e2), ss_e2); + cpu_x86_load_seg_cache(env, R_SS, ss, sa.ss_base, + get_seg_limit(ss_e1, ss_e2), ss_e2); } - SET_ESP(esp, sp_mask); + SET_ESP(sa.sp, sa.sp_mask); selector = (selector & ~3) | dpl; cpu_x86_load_seg_cache(env, R_CS, selector, @@ -837,20 +855,18 @@ static void do_interrupt_protected(CPUX86State *env, int intno, int is_int, #ifdef TARGET_X86_64 -#define PUSHQ_RA(sp, val, ra) \ - { \ - sp -= 8; \ - cpu_stq_kernel_ra(env, sp, (val), ra); \ - } +static void pushq(StackAccess *sa, uint64_t val) +{ + sa->sp -= 8; + cpu_stq_kernel_ra(sa->env, sa->sp, val, sa->ra); +} -#define POPQ_RA(sp, val, ra) \ - { \ - val = cpu_ldq_data_ra(env, sp, ra); \ - sp += 8; \ - } - -#define PUSHQ(sp, val) PUSHQ_RA(sp, val, 0) -#define POPQ(sp, val) POPQ_RA(sp, val, 0) +static uint64_t popq(StackAccess *sa) +{ + uint64_t ret = cpu_ldq_data_ra(sa->env, sa->sp, sa->ra); + sa->sp += 8; + return ret; +} static inline target_ulong get_rsp_from_tss(CPUX86State *env, int level) { @@ -893,8 +909,9 @@ static void do_interrupt64(CPUX86State *env, int intno, int is_int, int type, dpl, selector, cpl, ist; int has_error_code, new_stack; uint32_t e1, e2, e3, ss, eflags; - target_ulong old_eip, esp, offset; + target_ulong old_eip, offset; bool set_rf; + StackAccess sa; has_error_code = 0; if (!is_int && !is_hw) { @@ -962,10 +979,15 @@ static void do_interrupt64(CPUX86State *env, int intno, int is_int, if (e2 & DESC_C_MASK) { dpl = cpl; } + + sa.env = env; + sa.ra = 0; + sa.sp_mask = -1; + sa.ss_base = 0; if (dpl < cpl || ist != 0) { /* to inner privilege */ new_stack = 1; - esp = get_rsp_from_tss(env, ist != 0 ? ist + 3 : dpl); + sa.sp = get_rsp_from_tss(env, ist != 0 ? ist + 3 : dpl); ss = 0; } else { /* to same privilege */ @@ -973,9 +995,9 @@ static void do_interrupt64(CPUX86State *env, int intno, int is_int, raise_exception_err(env, EXCP0D_GPF, selector & 0xfffc); } new_stack = 0; - esp = env->regs[R_ESP]; + sa.sp = env->regs[R_ESP]; } - esp &= ~0xfLL; /* align stack */ + sa.sp &= ~0xfLL; /* align stack */ /* See do_interrupt_protected. */ eflags = cpu_compute_eflags(env); @@ -983,13 +1005,13 @@ static void do_interrupt64(CPUX86State *env, int intno, int is_int, eflags |= RF_MASK; } - PUSHQ(esp, env->segs[R_SS].selector); - PUSHQ(esp, env->regs[R_ESP]); - PUSHQ(esp, eflags); - PUSHQ(esp, env->segs[R_CS].selector); - PUSHQ(esp, old_eip); + pushq(&sa, env->segs[R_SS].selector); + pushq(&sa, env->regs[R_ESP]); + pushq(&sa, eflags); + pushq(&sa, env->segs[R_CS].selector); + pushq(&sa, old_eip); if (has_error_code) { - PUSHQ(esp, error_code); + pushq(&sa, error_code); } /* interrupt gate clear IF mask */ @@ -1002,7 +1024,7 @@ static void do_interrupt64(CPUX86State *env, int intno, int is_int, ss = 0 | dpl; cpu_x86_load_seg_cache(env, R_SS, ss, 0, 0, dpl << DESC_DPL_SHIFT); } - env->regs[R_ESP] = esp; + env->regs[R_ESP] = sa.sp; selector = (selector & ~3) | dpl; cpu_x86_load_seg_cache(env, R_CS, selector, @@ -1074,10 +1096,11 @@ static void do_interrupt_real(CPUX86State *env, int intno, int is_int, int error_code, unsigned int next_eip) { SegmentCache *dt; - target_ulong ptr, ssp; + target_ulong ptr; int selector; - uint32_t offset, esp; + uint32_t offset; uint32_t old_cs, old_eip; + StackAccess sa; /* real mode (simpler!) */ dt = &env->idt; @@ -1087,8 +1110,13 @@ static void do_interrupt_real(CPUX86State *env, int intno, int is_int, ptr = dt->base + intno * 4; offset = cpu_lduw_kernel(env, ptr); selector = cpu_lduw_kernel(env, ptr + 2); - esp = env->regs[R_ESP]; - ssp = env->segs[R_SS].base; + + sa.env = env; + sa.ra = 0; + sa.sp = env->regs[R_ESP]; + sa.sp_mask = 0xffff; + sa.ss_base = env->segs[R_SS].base; + if (is_int) { old_eip = next_eip; } else { @@ -1096,12 +1124,12 @@ static void do_interrupt_real(CPUX86State *env, int intno, int is_int, } old_cs = env->segs[R_CS].selector; /* XXX: use SS segment size? */ - PUSHW(ssp, esp, 0xffff, cpu_compute_eflags(env)); - PUSHW(ssp, esp, 0xffff, old_cs); - PUSHW(ssp, esp, 0xffff, old_eip); + pushw(&sa, cpu_compute_eflags(env)); + pushw(&sa, old_cs); + pushw(&sa, old_eip); /* update processor state */ - env->regs[R_ESP] = (env->regs[R_ESP] & ~0xffff) | (esp & 0xffff); + SET_ESP(sa.sp, sa.sp_mask); env->eip = offset; env->segs[R_CS].selector = selector; env->segs[R_CS].base = (selector << 4); @@ -1544,21 +1572,23 @@ void helper_ljmp_protected(CPUX86State *env, int new_cs, target_ulong new_eip, void helper_lcall_real(CPUX86State *env, uint32_t new_cs, uint32_t new_eip, int shift, uint32_t next_eip) { - uint32_t esp, esp_mask; - target_ulong ssp; + StackAccess sa; + + sa.env = env; + sa.ra = GETPC(); + sa.sp = env->regs[R_ESP]; + sa.sp_mask = get_sp_mask(env->segs[R_SS].flags); + sa.ss_base = env->segs[R_SS].base; - esp = env->regs[R_ESP]; - esp_mask = get_sp_mask(env->segs[R_SS].flags); - ssp = env->segs[R_SS].base; if (shift) { - PUSHL_RA(ssp, esp, esp_mask, env->segs[R_CS].selector, GETPC()); - PUSHL_RA(ssp, esp, esp_mask, next_eip, GETPC()); + pushl(&sa, env->segs[R_CS].selector); + pushl(&sa, next_eip); } else { - PUSHW_RA(ssp, esp, esp_mask, env->segs[R_CS].selector, GETPC()); - PUSHW_RA(ssp, esp, esp_mask, next_eip, GETPC()); + pushw(&sa, env->segs[R_CS].selector); + pushw(&sa, next_eip); } - SET_ESP(esp, esp_mask); + SET_ESP(sa.sp, sa.sp_mask); env->eip = new_eip; env->segs[R_CS].selector = new_cs; env->segs[R_CS].base = (new_cs << 4); @@ -1570,9 +1600,10 @@ void helper_lcall_protected(CPUX86State *env, int new_cs, target_ulong new_eip, { int new_stack, i; uint32_t e1, e2, cpl, dpl, rpl, selector, param_count; - uint32_t ss = 0, ss_e1 = 0, ss_e2 = 0, type, ss_dpl, sp_mask; + uint32_t ss = 0, ss_e1 = 0, ss_e2 = 0, type, ss_dpl; uint32_t val, limit, old_sp_mask; - target_ulong ssp, old_ssp, offset, sp; + target_ulong old_ssp, offset; + StackAccess sa; LOG_PCALL("lcall %04x:" TARGET_FMT_lx " s=%d\n", new_cs, new_eip, shift); LOG_PCALL_STATE(env_cpu(env)); @@ -1584,6 +1615,10 @@ void helper_lcall_protected(CPUX86State *env, int new_cs, target_ulong new_eip, } cpl = env->hflags & HF_CPL_MASK; LOG_PCALL("desc=%08x:%08x\n", e1, e2); + + sa.env = env; + sa.ra = GETPC(); + if (e2 & DESC_S_MASK) { if (!(e2 & DESC_CS_MASK)) { raise_exception_err_ra(env, EXCP0D_GPF, new_cs & 0xfffc, GETPC()); @@ -1611,14 +1646,14 @@ void helper_lcall_protected(CPUX86State *env, int new_cs, target_ulong new_eip, #ifdef TARGET_X86_64 /* XXX: check 16/32 bit cases in long mode */ if (shift == 2) { - target_ulong rsp; - /* 64 bit case */ - rsp = env->regs[R_ESP]; - PUSHQ_RA(rsp, env->segs[R_CS].selector, GETPC()); - PUSHQ_RA(rsp, next_eip, GETPC()); + sa.sp = env->regs[R_ESP]; + sa.sp_mask = -1; + sa.ss_base = 0; + pushq(&sa, env->segs[R_CS].selector); + pushq(&sa, next_eip); /* from this point, not restartable */ - env->regs[R_ESP] = rsp; + env->regs[R_ESP] = sa.sp; cpu_x86_load_seg_cache(env, R_CS, (new_cs & 0xfffc) | cpl, get_seg_base(e1, e2), get_seg_limit(e1, e2), e2); @@ -1626,15 +1661,15 @@ void helper_lcall_protected(CPUX86State *env, int new_cs, target_ulong new_eip, } else #endif { - sp = env->regs[R_ESP]; - sp_mask = get_sp_mask(env->segs[R_SS].flags); - ssp = env->segs[R_SS].base; + sa.sp = env->regs[R_ESP]; + sa.sp_mask = get_sp_mask(env->segs[R_SS].flags); + sa.ss_base = env->segs[R_SS].base; if (shift) { - PUSHL_RA(ssp, sp, sp_mask, env->segs[R_CS].selector, GETPC()); - PUSHL_RA(ssp, sp, sp_mask, next_eip, GETPC()); + pushl(&sa, env->segs[R_CS].selector); + pushl(&sa, next_eip); } else { - PUSHW_RA(ssp, sp, sp_mask, env->segs[R_CS].selector, GETPC()); - PUSHW_RA(ssp, sp, sp_mask, next_eip, GETPC()); + pushw(&sa, env->segs[R_CS].selector); + pushw(&sa, next_eip); } limit = get_seg_limit(e1, e2); @@ -1642,7 +1677,7 @@ void helper_lcall_protected(CPUX86State *env, int new_cs, target_ulong new_eip, raise_exception_err_ra(env, EXCP0D_GPF, new_cs & 0xfffc, GETPC()); } /* from this point, not restartable */ - SET_ESP(sp, sp_mask); + SET_ESP(sa.sp, sa.sp_mask); cpu_x86_load_seg_cache(env, R_CS, (new_cs & 0xfffc) | cpl, get_seg_base(e1, e2), limit, e2); env->eip = new_eip; @@ -1737,13 +1772,13 @@ void helper_lcall_protected(CPUX86State *env, int new_cs, target_ulong new_eip, /* to inner privilege */ #ifdef TARGET_X86_64 if (shift == 2) { - sp = get_rsp_from_tss(env, dpl); ss = dpl; /* SS = NULL selector with RPL = new CPL */ new_stack = 1; - sp_mask = 0; - ssp = 0; /* SS base is always zero in IA-32e mode */ + sa.sp = get_rsp_from_tss(env, dpl); + sa.sp_mask = -1; + sa.ss_base = 0; /* SS base is always zero in IA-32e mode */ LOG_PCALL("new ss:rsp=%04x:%016llx env->regs[R_ESP]=" - TARGET_FMT_lx "\n", ss, sp, env->regs[R_ESP]); + TARGET_FMT_lx "\n", ss, sa.sp, env->regs[R_ESP]); } else #endif { @@ -1752,7 +1787,6 @@ void helper_lcall_protected(CPUX86State *env, int new_cs, target_ulong new_eip, LOG_PCALL("new ss:esp=%04x:%08x param_count=%d env->regs[R_ESP]=" TARGET_FMT_lx "\n", ss, sp32, param_count, env->regs[R_ESP]); - sp = sp32; if ((ss & 0xfffc) == 0) { raise_exception_err_ra(env, EXCP0A_TSS, ss & 0xfffc, GETPC()); } @@ -1775,63 +1809,64 @@ void helper_lcall_protected(CPUX86State *env, int new_cs, target_ulong new_eip, raise_exception_err_ra(env, EXCP0A_TSS, ss & 0xfffc, GETPC()); } - sp_mask = get_sp_mask(ss_e2); - ssp = get_seg_base(ss_e1, ss_e2); + sa.sp = sp32; + sa.sp_mask = get_sp_mask(ss_e2); + sa.ss_base = get_seg_base(ss_e1, ss_e2); } /* push_size = ((param_count * 2) + 8) << shift; */ - old_sp_mask = get_sp_mask(env->segs[R_SS].flags); old_ssp = env->segs[R_SS].base; + #ifdef TARGET_X86_64 if (shift == 2) { /* XXX: verify if new stack address is canonical */ - PUSHQ_RA(sp, env->segs[R_SS].selector, GETPC()); - PUSHQ_RA(sp, env->regs[R_ESP], GETPC()); + pushq(&sa, env->segs[R_SS].selector); + pushq(&sa, env->regs[R_ESP]); /* parameters aren't supported for 64-bit call gates */ } else #endif if (shift == 1) { - PUSHL_RA(ssp, sp, sp_mask, env->segs[R_SS].selector, GETPC()); - PUSHL_RA(ssp, sp, sp_mask, env->regs[R_ESP], GETPC()); + pushl(&sa, env->segs[R_SS].selector); + pushl(&sa, env->regs[R_ESP]); for (i = param_count - 1; i >= 0; i--) { val = cpu_ldl_data_ra(env, old_ssp + ((env->regs[R_ESP] + i * 4) & old_sp_mask), GETPC()); - PUSHL_RA(ssp, sp, sp_mask, val, GETPC()); + pushl(&sa, val); } } else { - PUSHW_RA(ssp, sp, sp_mask, env->segs[R_SS].selector, GETPC()); - PUSHW_RA(ssp, sp, sp_mask, env->regs[R_ESP], GETPC()); + pushw(&sa, env->segs[R_SS].selector); + pushw(&sa, env->regs[R_ESP]); for (i = param_count - 1; i >= 0; i--) { val = cpu_lduw_data_ra(env, old_ssp + ((env->regs[R_ESP] + i * 2) & old_sp_mask), GETPC()); - PUSHW_RA(ssp, sp, sp_mask, val, GETPC()); + pushw(&sa, val); } } new_stack = 1; } else { /* to same privilege */ - sp = env->regs[R_ESP]; - sp_mask = get_sp_mask(env->segs[R_SS].flags); - ssp = env->segs[R_SS].base; + sa.sp = env->regs[R_ESP]; + sa.sp_mask = get_sp_mask(env->segs[R_SS].flags); + sa.ss_base = env->segs[R_SS].base; /* push_size = (4 << shift); */ new_stack = 0; } #ifdef TARGET_X86_64 if (shift == 2) { - PUSHQ_RA(sp, env->segs[R_CS].selector, GETPC()); - PUSHQ_RA(sp, next_eip, GETPC()); + pushq(&sa, env->segs[R_CS].selector); + pushq(&sa, next_eip); } else #endif if (shift == 1) { - PUSHL_RA(ssp, sp, sp_mask, env->segs[R_CS].selector, GETPC()); - PUSHL_RA(ssp, sp, sp_mask, next_eip, GETPC()); + pushl(&sa, env->segs[R_CS].selector); + pushl(&sa, next_eip); } else { - PUSHW_RA(ssp, sp, sp_mask, env->segs[R_CS].selector, GETPC()); - PUSHW_RA(ssp, sp, sp_mask, next_eip, GETPC()); + pushw(&sa, env->segs[R_CS].selector); + pushw(&sa, next_eip); } /* from this point, not restartable */ @@ -1845,7 +1880,7 @@ void helper_lcall_protected(CPUX86State *env, int new_cs, target_ulong new_eip, { ss = (ss & ~3) | dpl; cpu_x86_load_seg_cache(env, R_SS, ss, - ssp, + sa.ss_base, get_seg_limit(ss_e1, ss_e2), ss_e2); } @@ -1856,7 +1891,7 @@ void helper_lcall_protected(CPUX86State *env, int new_cs, target_ulong new_eip, get_seg_base(e1, e2), get_seg_limit(e1, e2), e2); - SET_ESP(sp, sp_mask); + SET_ESP(sa.sp, sa.sp_mask); env->eip = offset; } } @@ -1864,26 +1899,28 @@ void helper_lcall_protected(CPUX86State *env, int new_cs, target_ulong new_eip, /* real and vm86 mode iret */ void helper_iret_real(CPUX86State *env, int shift) { - uint32_t sp, new_cs, new_eip, new_eflags, sp_mask; - target_ulong ssp; + uint32_t new_cs, new_eip, new_eflags; int eflags_mask; + StackAccess sa; + + sa.env = env; + sa.ra = GETPC(); + sa.sp_mask = 0xffff; /* XXXX: use SS segment size? */ + sa.sp = env->regs[R_ESP]; + sa.ss_base = env->segs[R_SS].base; - sp_mask = 0xffff; /* XXXX: use SS segment size? */ - sp = env->regs[R_ESP]; - ssp = env->segs[R_SS].base; if (shift == 1) { /* 32 bits */ - POPL_RA(ssp, sp, sp_mask, new_eip, GETPC()); - POPL_RA(ssp, sp, sp_mask, new_cs, GETPC()); - new_cs &= 0xffff; - POPL_RA(ssp, sp, sp_mask, new_eflags, GETPC()); + new_eip = popl(&sa); + new_cs = popl(&sa) & 0xffff; + new_eflags = popl(&sa); } else { /* 16 bits */ - POPW_RA(ssp, sp, sp_mask, new_eip, GETPC()); - POPW_RA(ssp, sp, sp_mask, new_cs, GETPC()); - POPW_RA(ssp, sp, sp_mask, new_eflags, GETPC()); + new_eip = popw(&sa); + new_cs = popw(&sa); + new_eflags = popw(&sa); } - env->regs[R_ESP] = (env->regs[R_ESP] & ~sp_mask) | (sp & sp_mask); + SET_ESP(sa.sp, sa.sp_mask); env->segs[R_CS].selector = new_cs; env->segs[R_CS].base = (new_cs << 4); env->eip = new_eip; @@ -1936,47 +1973,49 @@ static inline void helper_ret_protected(CPUX86State *env, int shift, uint32_t new_es, new_ds, new_fs, new_gs; uint32_t e1, e2, ss_e1, ss_e2; int cpl, dpl, rpl, eflags_mask, iopl; - target_ulong ssp, sp, new_eip, new_esp, sp_mask; + target_ulong new_eip, new_esp; + StackAccess sa; + + sa.env = env; + sa.ra = retaddr; #ifdef TARGET_X86_64 if (shift == 2) { - sp_mask = -1; + sa.sp_mask = -1; } else #endif { - sp_mask = get_sp_mask(env->segs[R_SS].flags); + sa.sp_mask = get_sp_mask(env->segs[R_SS].flags); } - sp = env->regs[R_ESP]; - ssp = env->segs[R_SS].base; + sa.sp = env->regs[R_ESP]; + sa.ss_base = env->segs[R_SS].base; new_eflags = 0; /* avoid warning */ #ifdef TARGET_X86_64 if (shift == 2) { - POPQ_RA(sp, new_eip, retaddr); - POPQ_RA(sp, new_cs, retaddr); - new_cs &= 0xffff; + new_eip = popq(&sa); + new_cs = popq(&sa) & 0xffff; if (is_iret) { - POPQ_RA(sp, new_eflags, retaddr); + new_eflags = popq(&sa); } } else #endif { if (shift == 1) { /* 32 bits */ - POPL_RA(ssp, sp, sp_mask, new_eip, retaddr); - POPL_RA(ssp, sp, sp_mask, new_cs, retaddr); - new_cs &= 0xffff; + new_eip = popl(&sa); + new_cs = popl(&sa) & 0xffff; if (is_iret) { - POPL_RA(ssp, sp, sp_mask, new_eflags, retaddr); + new_eflags = popl(&sa); if (new_eflags & VM_MASK) { goto return_to_vm86; } } } else { /* 16 bits */ - POPW_RA(ssp, sp, sp_mask, new_eip, retaddr); - POPW_RA(ssp, sp, sp_mask, new_cs, retaddr); + new_eip = popw(&sa); + new_cs = popw(&sa); if (is_iret) { - POPW_RA(ssp, sp, sp_mask, new_eflags, retaddr); + new_eflags = popw(&sa); } } } @@ -2012,7 +2051,7 @@ static inline void helper_ret_protected(CPUX86State *env, int shift, raise_exception_err_ra(env, EXCP0B_NOSEG, new_cs & 0xfffc, retaddr); } - sp += addend; + sa.sp += addend; if (rpl == cpl && (!(env->hflags & HF_CS64_MASK) || ((env->hflags & HF_CS64_MASK) && !is_iret))) { /* return to same privilege level */ @@ -2024,21 +2063,19 @@ static inline void helper_ret_protected(CPUX86State *env, int shift, /* return to different privilege level */ #ifdef TARGET_X86_64 if (shift == 2) { - POPQ_RA(sp, new_esp, retaddr); - POPQ_RA(sp, new_ss, retaddr); - new_ss &= 0xffff; + new_esp = popq(&sa); + new_ss = popq(&sa) & 0xffff; } else #endif { if (shift == 1) { /* 32 bits */ - POPL_RA(ssp, sp, sp_mask, new_esp, retaddr); - POPL_RA(ssp, sp, sp_mask, new_ss, retaddr); - new_ss &= 0xffff; + new_esp = popl(&sa); + new_ss = popl(&sa) & 0xffff; } else { /* 16 bits */ - POPW_RA(ssp, sp, sp_mask, new_esp, retaddr); - POPW_RA(ssp, sp, sp_mask, new_ss, retaddr); + new_esp = popw(&sa); + new_ss = popw(&sa); } } LOG_PCALL("new ss:esp=%04x:" TARGET_FMT_lx "\n", @@ -2088,14 +2125,14 @@ static inline void helper_ret_protected(CPUX86State *env, int shift, get_seg_base(e1, e2), get_seg_limit(e1, e2), e2); - sp = new_esp; + sa.sp = new_esp; #ifdef TARGET_X86_64 if (env->hflags & HF_CS64_MASK) { - sp_mask = -1; + sa.sp_mask = -1; } else #endif { - sp_mask = get_sp_mask(ss_e2); + sa.sp_mask = get_sp_mask(ss_e2); } /* validate data segments */ @@ -2104,9 +2141,9 @@ static inline void helper_ret_protected(CPUX86State *env, int shift, validate_seg(env, R_FS, rpl); validate_seg(env, R_GS, rpl); - sp += addend; + sa.sp += addend; } - SET_ESP(sp, sp_mask); + SET_ESP(sa.sp, sa.sp_mask); env->eip = new_eip; if (is_iret) { /* NOTE: 'cpl' is the _old_ CPL */ @@ -2126,12 +2163,12 @@ static inline void helper_ret_protected(CPUX86State *env, int shift, return; return_to_vm86: - POPL_RA(ssp, sp, sp_mask, new_esp, retaddr); - POPL_RA(ssp, sp, sp_mask, new_ss, retaddr); - POPL_RA(ssp, sp, sp_mask, new_es, retaddr); - POPL_RA(ssp, sp, sp_mask, new_ds, retaddr); - POPL_RA(ssp, sp, sp_mask, new_fs, retaddr); - POPL_RA(ssp, sp, sp_mask, new_gs, retaddr); + new_esp = popl(&sa); + new_ss = popl(&sa); + new_es = popl(&sa); + new_ds = popl(&sa); + new_fs = popl(&sa); + new_gs = popl(&sa); /* modify processor state */ cpu_load_eflags(env, new_eflags, TF_MASK | AC_MASK | ID_MASK | From patchwork Wed Jul 17 05:03:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735073 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5AF44C3DA42 for ; Wed, 17 Jul 2024 05:07:01 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwq7-0002hn-S9; Wed, 17 Jul 2024 01:04:31 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpu-0001vg-07 for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:20 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpr-00022s-Uy for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:17 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192655; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=yKHaLhM9UAuURgVWP4GssGjRnYIMl9btSsv/NKhFweE=; b=WXoaf+nUGM0yOOz2FKuov91eFX5OzbtZU0y5gAh7il/AVI4ICW/wUikMqF+MDT97P/6ILH dM0g6i1zda0wMVjcBX0rE+OIdGLmCQosu4vUJWOHZ2SLY4r3NmKCA7fK3/vAS1dz2fzS5M +qwVi//gEypXxqOO5Yi2kaWcRSaWqEs= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-371-I-BKg60pMmS67cezwKZthQ-1; Wed, 17 Jul 2024 01:04:12 -0400 X-MC-Unique: I-BKg60pMmS67cezwKZthQ-1 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-426d316a96cso45214095e9.0 for ; Tue, 16 Jul 2024 22:04:12 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192651; x=1721797451; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yKHaLhM9UAuURgVWP4GssGjRnYIMl9btSsv/NKhFweE=; b=tBnR5DRbmHZz0jE5WSfoZc2PpZwlservFDaPaza0OVOQKdVVZgX3xAfoxIuD8T8z+n wdvEBljTA0wpSJzRQ7yRPyhXhJLuff27ZAlIKV05YAIRbq4f3JAupOfem0PUCvogM6ft Lmc6SWinS6BlTu/7b0xS8tqvIr/Om3NiTw9XK5vTYlg80lAWoxBnEYNxFlIIZ5aU6UY2 s9l1I0paDN7j6Q+zwlQMu6IEW0PxHhDUmTmQqHL/Sa9i+BCUUmOgLgpThaaqlzDCYGEn EnJnbnBo17ledOafDcsbqyXUkYY74JlDKGB1jg+aoaFHVYbwQEQMGNMTP0jxVNAbQJTN EfTg== X-Gm-Message-State: AOJu0YzpGKIhchPMV5RtwHaN6CBm6pyJid/IYiwoDAUKWW1GDb185zAn 67IbGej2So9ZycsANxSrisXTXdFMQWPzEpKuHXqoySTmKV/z2eUyMejojCJO/qHBf6KVTSdr+cL u/av5E9z7FnRYaVIFnHGZC85J1cpbVLTXJl5+xNfENIReBLgFM2Ct48fOc7+nYzVFwaLcPQG041 BfrNF6G2gkkqCngAsxoqzMSTbH912f9DFOXda0 X-Received: by 2002:a05:6000:1449:b0:367:9224:9621 with SMTP id ffacd0b85a97d-36831652dbemr560831f8f.31.1721192650830; Tue, 16 Jul 2024 22:04:10 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGw2I5D3daTJc3397Rln35HQ/I8rX9TK6ncyWsdAnpIbjPtqEW6AKO1wjHptuXJfZprsFJpuw== X-Received: by 2002:a05:6000:1449:b0:367:9224:9621 with SMTP id ffacd0b85a97d-36831652dbemr560814f8f.31.1721192650507; Tue, 16 Jul 2024 22:04:10 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3680dafbe5dsm10661527f8f.81.2024.07.16.22.04.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:04:08 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Richard Henderson Subject: [PULL 16/20] target/i386/tcg: Introduce x86_mmu_index_{kernel_,}pl Date: Wed, 17 Jul 2024 07:03:26 +0200 Message-ID: <20240717050331.295371-17-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Richard Henderson Disconnect mmu index computation from the current pl as stored in env->hflags. Signed-off-by: Richard Henderson Link: https://lore.kernel.org/r/20240617161210.4639-2-richard.henderson@linaro.org Signed-off-by: Paolo Bonzini --- target/i386/cpu.h | 11 ++--------- target/i386/cpu.c | 27 ++++++++++++++++++++++++--- 2 files changed, 26 insertions(+), 12 deletions(-) diff --git a/target/i386/cpu.h b/target/i386/cpu.h index c43ac01c794..1e121acef54 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -2445,15 +2445,8 @@ static inline bool is_mmu_index_32(int mmu_index) return mmu_index & 1; } -static inline int cpu_mmu_index_kernel(CPUX86State *env) -{ - int mmu_index_32 = (env->hflags & HF_LMA_MASK) ? 0 : 1; - int mmu_index_base = - !(env->hflags & HF_SMAP_MASK) ? MMU_KNOSMAP64_IDX : - ((env->hflags & HF_CPL_MASK) < 3 && (env->eflags & AC_MASK)) ? MMU_KNOSMAP64_IDX : MMU_KSMAP64_IDX; - - return mmu_index_base + mmu_index_32; -} +int x86_mmu_index_pl(CPUX86State *env, unsigned pl); +int cpu_mmu_index_kernel(CPUX86State *env); #define CC_DST (env->cc_dst) #define CC_SRC (env->cc_src) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index c05765eeafc..4688d140c2d 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -8122,18 +8122,39 @@ static bool x86_cpu_has_work(CPUState *cs) return x86_cpu_pending_interrupt(cs, cs->interrupt_request) != 0; } -static int x86_cpu_mmu_index(CPUState *cs, bool ifetch) +int x86_mmu_index_pl(CPUX86State *env, unsigned pl) { - CPUX86State *env = cpu_env(cs); int mmu_index_32 = (env->hflags & HF_CS64_MASK) ? 0 : 1; int mmu_index_base = - (env->hflags & HF_CPL_MASK) == 3 ? MMU_USER64_IDX : + pl == 3 ? MMU_USER64_IDX : !(env->hflags & HF_SMAP_MASK) ? MMU_KNOSMAP64_IDX : (env->eflags & AC_MASK) ? MMU_KNOSMAP64_IDX : MMU_KSMAP64_IDX; return mmu_index_base + mmu_index_32; } +static int x86_cpu_mmu_index(CPUState *cs, bool ifetch) +{ + CPUX86State *env = cpu_env(cs); + return x86_mmu_index_pl(env, env->hflags & HF_CPL_MASK); +} + +static int x86_mmu_index_kernel_pl(CPUX86State *env, unsigned pl) +{ + int mmu_index_32 = (env->hflags & HF_LMA_MASK) ? 0 : 1; + int mmu_index_base = + !(env->hflags & HF_SMAP_MASK) ? MMU_KNOSMAP64_IDX : + (pl < 3 && (env->eflags & AC_MASK) + ? MMU_KNOSMAP64_IDX : MMU_KSMAP64_IDX); + + return mmu_index_base + mmu_index_32; +} + +int cpu_mmu_index_kernel(CPUX86State *env) +{ + return x86_mmu_index_kernel_pl(env, env->hflags & HF_CPL_MASK); +} + static void x86_disas_set_info(CPUState *cs, disassemble_info *info) { X86CPU *cpu = X86_CPU(cs); From patchwork Wed Jul 17 05:03:27 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735077 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id DEC6CC3DA42 for ; Wed, 17 Jul 2024 05:07:07 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwq8-0002r8-Kh; Wed, 17 Jul 2024 01:04:32 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwq0-0002J5-Oc for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:25 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpv-00023C-J9 for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:24 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192659; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=TSrKWshh3GKRJaKaC48z20K8ZcvddsFT5215e+ccso8=; b=UpjD553Tea1xkMrBz+2AKoGUXf6xhY3BMKyAq65V/+0fowVRzFx0waqoY1KTFLfNx6/89R K2EJSrOYJnMiMLyUp39V2Pv75KQhcF02v235dRJQTxDrc6MvzAsDtf1tBjjiUj5+lVuCeA a1JHjOEjIHZQJsHwomGma+/unRCU+MQ= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-149-dMYvJ4pUMfiuY6aw5b-rRA-1; Wed, 17 Jul 2024 01:04:15 -0400 X-MC-Unique: dMYvJ4pUMfiuY6aw5b-rRA-1 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-42794cb8251so41227845e9.2 for ; Tue, 16 Jul 2024 22:04:15 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192653; x=1721797453; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TSrKWshh3GKRJaKaC48z20K8ZcvddsFT5215e+ccso8=; b=Y6HTqkSRCP5oT51P6vUxjYUZNKHeuksj31qO6AxK7A9An/QTxu/0tY43ewHIimCfSR b8XXXeXlgv8vg9okOYCwSOgJ66BoCgqxu11lcLiirRiQSsU9jfM4h9fbNdR/QdATsUr9 jR8pKI+iZVjqcxSe/jlRwnvmLUh1sJ9zae5joqihKTeukFI+2KvcBQnuY/WmY2uLgM9i uMXQahsJBBTCPepnExfWPoZtO23XIbmvlupCkAxP3eWW6qMAc8rwQKIL7zz1Nu/qyPUz 288WT4/DtCos58LqDZ3BR41noAdpdF3TVchepUlKia7zw+gi95sZrvcXx+S5mv1uWP0c IAow== X-Gm-Message-State: AOJu0Yz0AUyawGHE6E+3VAMN8PglhZm6yayurpugWoLHSCzHMF9EqZFJ 5PWVl9i1DSVTtcsc9devfIC3s4xPRER3XB3/Gwnr575V+zq7D136VQ14DrBaNwX2EHhJbgze/Dt C1XBRiEHAaCldB3NspdoFqEHO5zYeGauKwJvFa1nLsraKZMo98XbY81Tn7hn26ggLtOtynE6FSB qT/chilYBeLfRCubUlf/pTHoVuAc/i6J60SItZ X-Received: by 2002:a05:600c:5494:b0:426:6087:198f with SMTP id 5b1f17b1804b1-427c2d05d3cmr2806475e9.39.1721192653161; Tue, 16 Jul 2024 22:04:13 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHsPdCkw9GE77lZWpf8EGhk4iuzWYJmu+VDg87AyO3UsySDfAkrohFyOX5Ur8CQWRaikUwmrg== X-Received: by 2002:a05:600c:5494:b0:426:6087:198f with SMTP id 5b1f17b1804b1-427c2d05d3cmr2806335e9.39.1721192652747; Tue, 16 Jul 2024 22:04:12 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-427a5ef57aesm151574385e9.45.2024.07.16.22.04.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:04:11 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Richard Henderson Subject: [PULL 17/20] target/i386/tcg: Compute MMU index once Date: Wed, 17 Jul 2024 07:03:27 +0200 Message-ID: <20240717050331.295371-18-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Add the MMU index to the StackAccess struct, so that it can be cached or (in the next patch) computed from information that is not in CPUX86State. Co-developed-by: Richard Henderson Signed-off-by: Richard Henderson Signed-off-by: Paolo Bonzini --- target/i386/tcg/seg_helper.c | 35 ++++++++++++++++++++++------------- 1 file changed, 22 insertions(+), 13 deletions(-) diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c index b6902ca3fba..8a6d92b3583 100644 --- a/target/i386/tcg/seg_helper.c +++ b/target/i386/tcg/seg_helper.c @@ -56,36 +56,37 @@ typedef struct StackAccess target_ulong ss_base; target_ulong sp; target_ulong sp_mask; + int mmu_index; } StackAccess; static void pushw(StackAccess *sa, uint16_t val) { sa->sp -= 2; - cpu_stw_kernel_ra(sa->env, sa->ss_base + (sa->sp & sa->sp_mask), - val, sa->ra); + cpu_stw_mmuidx_ra(sa->env, sa->ss_base + (sa->sp & sa->sp_mask), + val, sa->mmu_index, sa->ra); } static void pushl(StackAccess *sa, uint32_t val) { sa->sp -= 4; - cpu_stl_kernel_ra(sa->env, sa->ss_base + (sa->sp & sa->sp_mask), - val, sa->ra); + cpu_stl_mmuidx_ra(sa->env, sa->ss_base + (sa->sp & sa->sp_mask), + val, sa->mmu_index, sa->ra); } static uint16_t popw(StackAccess *sa) { - uint16_t ret = cpu_lduw_data_ra(sa->env, - sa->ss_base + (sa->sp & sa->sp_mask), - sa->ra); + uint16_t ret = cpu_lduw_mmuidx_ra(sa->env, + sa->ss_base + (sa->sp & sa->sp_mask), + sa->mmu_index, sa->ra); sa->sp += 2; return ret; } static uint32_t popl(StackAccess *sa) { - uint32_t ret = cpu_ldl_data_ra(sa->env, - sa->ss_base + (sa->sp & sa->sp_mask), - sa->ra); + uint32_t ret = cpu_ldl_mmuidx_ra(sa->env, + sa->ss_base + (sa->sp & sa->sp_mask), + sa->mmu_index, sa->ra); sa->sp += 4; return ret; } @@ -677,6 +678,7 @@ static void do_interrupt_protected(CPUX86State *env, int intno, int is_int, sa.env = env; sa.ra = 0; + sa.mmu_index = cpu_mmu_index_kernel(env); if (type == 5) { /* task gate */ @@ -858,12 +860,12 @@ static void do_interrupt_protected(CPUX86State *env, int intno, int is_int, static void pushq(StackAccess *sa, uint64_t val) { sa->sp -= 8; - cpu_stq_kernel_ra(sa->env, sa->sp, val, sa->ra); + cpu_stq_mmuidx_ra(sa->env, sa->sp, val, sa->mmu_index, sa->ra); } static uint64_t popq(StackAccess *sa) { - uint64_t ret = cpu_ldq_data_ra(sa->env, sa->sp, sa->ra); + uint64_t ret = cpu_ldq_mmuidx_ra(sa->env, sa->sp, sa->mmu_index, sa->ra); sa->sp += 8; return ret; } @@ -982,6 +984,7 @@ static void do_interrupt64(CPUX86State *env, int intno, int is_int, sa.env = env; sa.ra = 0; + sa.mmu_index = cpu_mmu_index_kernel(env); sa.sp_mask = -1; sa.ss_base = 0; if (dpl < cpl || ist != 0) { @@ -1116,6 +1119,7 @@ static void do_interrupt_real(CPUX86State *env, int intno, int is_int, sa.sp = env->regs[R_ESP]; sa.sp_mask = 0xffff; sa.ss_base = env->segs[R_SS].base; + sa.mmu_index = cpu_mmu_index_kernel(env); if (is_int) { old_eip = next_eip; @@ -1579,6 +1583,7 @@ void helper_lcall_real(CPUX86State *env, uint32_t new_cs, uint32_t new_eip, sa.sp = env->regs[R_ESP]; sa.sp_mask = get_sp_mask(env->segs[R_SS].flags); sa.ss_base = env->segs[R_SS].base; + sa.mmu_index = cpu_mmu_index_kernel(env); if (shift) { pushl(&sa, env->segs[R_CS].selector); @@ -1618,6 +1623,7 @@ void helper_lcall_protected(CPUX86State *env, int new_cs, target_ulong new_eip, sa.env = env; sa.ra = GETPC(); + sa.mmu_index = cpu_mmu_index_kernel(env); if (e2 & DESC_S_MASK) { if (!(e2 & DESC_CS_MASK)) { @@ -1905,6 +1911,7 @@ void helper_iret_real(CPUX86State *env, int shift) sa.env = env; sa.ra = GETPC(); + sa.mmu_index = x86_mmu_index_pl(env, 0); sa.sp_mask = 0xffff; /* XXXX: use SS segment size? */ sa.sp = env->regs[R_ESP]; sa.ss_base = env->segs[R_SS].base; @@ -1976,8 +1983,11 @@ static inline void helper_ret_protected(CPUX86State *env, int shift, target_ulong new_eip, new_esp; StackAccess sa; + cpl = env->hflags & HF_CPL_MASK; + sa.env = env; sa.ra = retaddr; + sa.mmu_index = x86_mmu_index_pl(env, cpl); #ifdef TARGET_X86_64 if (shift == 2) { @@ -2032,7 +2042,6 @@ static inline void helper_ret_protected(CPUX86State *env, int shift, !(e2 & DESC_CS_MASK)) { raise_exception_err_ra(env, EXCP0D_GPF, new_cs & 0xfffc, retaddr); } - cpl = env->hflags & HF_CPL_MASK; rpl = new_cs & 3; if (rpl < cpl) { raise_exception_err_ra(env, EXCP0D_GPF, new_cs & 0xfffc, retaddr); From patchwork Wed Jul 17 05:03:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735064 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 07D8EC3DA42 for ; Wed, 17 Jul 2024 05:05:01 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwq7-0002nn-Vd; Wed, 17 Jul 2024 01:04:32 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpw-00023o-Sw for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:22 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwpv-00023A-F9 for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:20 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192658; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=MemgVytbS+CGobXmYk8UiKu3v/T5gfVxuzswj90V1FQ=; b=afW28lMM0vW/eKiKyAwo9yPkz5ykNcij9d034UD6w4VoQwYqsotKr+wSl89HD+xZQ/gOzH FzpyX11abUkCXW6smamAMc4QNULLffQGr0yh2TuTo7vv8meM6ww9IePSBT7cZ7o3Mu1LZW Buk5Em2lhOmfGagRsveaXH8M7zIyKjs= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-538-f3ScbaGgNEWP15LMXIty1A-1; Wed, 17 Jul 2024 01:04:17 -0400 X-MC-Unique: f3ScbaGgNEWP15LMXIty1A-1 Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-426d0bead0aso46486545e9.1 for ; Tue, 16 Jul 2024 22:04:17 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192655; x=1721797455; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MemgVytbS+CGobXmYk8UiKu3v/T5gfVxuzswj90V1FQ=; b=RBgBqllgToC0l0GVyrbQ+sh0idUKm8wltSt4zkC7eD+MzyM/YiK0zdBuWUwNNKbOEl JygI2piKTvWwl3GwjoTR68Ck0dFUD5Re5QqxePcdOotWs+vBs01B3e0X25MZl9glT/Ak muRqYPLcwk/8R6CHUxnPERiBWWBrGP0W3yB2i1dkOou0loBbfcaOpNDlyUkl3edNjNL8 4+SwRu3wImfDXryU2KhoBM8pTM61Y5Ywk+5a0MB7PU+DL38737+F8nIc8ay3lAOXhn8U 8OnwQ5QX43Q6MLs24nbNNr1GqzstuufIxgPFt/mIbC2e0aj1RQ6jkuveF8r08fijSeIq +bnw== X-Gm-Message-State: AOJu0Yz9EPxyHJZ+e5oeC4vTbt1+JhQhLa6fguJ9k779b6xI2z4qur/f blUvwzlp77lZYFx3IieTfR/rqiOTEqkatC4davAKr1XAHNC62/Os3FgqLLaD83vzKBdHGdxMS// oHVpbBf+bR4TDV98W9qGgcuKxrL5GEt9cIsusPbtHzprf0nfVnofJzESJ+tlVyJnLTAjT6d3Qvb zpODUEITS46bZfopZI0TqX0kjmz9Ox30u+gvo4 X-Received: by 2002:a05:6000:1802:b0:367:9abc:3c70 with SMTP id ffacd0b85a97d-36831600e15mr424880f8f.17.1721192655603; Tue, 16 Jul 2024 22:04:15 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGYhZqLsorCNzfvwBD/6DDPi939BmVcjAjXEp7lJ49SXvXKp7PuCWcIMmjaT+4rul+nSaPkvA== X-Received: by 2002:a05:6000:1802:b0:367:9abc:3c70 with SMTP id ffacd0b85a97d-36831600e15mr424862f8f.17.1721192655305; Tue, 16 Jul 2024 22:04:15 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3680db038dbsm10558680f8f.95.2024.07.16.22.04.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:04:13 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Richard Henderson Subject: [PULL 18/20] target/i386/tcg: check for correct busy state before switching to a new task Date: Wed, 17 Jul 2024 07:03:28 +0200 Message-ID: <20240717050331.295371-19-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.133.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This step is listed in the Intel manual: "Checks that the new task is available (call, jump, exception, or interrupt) or busy (IRET return)". The AMD manual lists the same operation under the "Preventing recursion" paragraph of "12.3.4 Nesting Tasks", though it is not clear if the processor checks the busy bit in the IRET case. Reviewed-by: Richard Henderson Signed-off-by: Paolo Bonzini --- target/i386/tcg/seg_helper.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c index 8a6d92b3583..a5d5ce61f59 100644 --- a/target/i386/tcg/seg_helper.c +++ b/target/i386/tcg/seg_helper.c @@ -369,6 +369,11 @@ static int switch_tss_ra(CPUX86State *env, int tss_selector, old_tss_limit_max = 43; } + /* new TSS must be busy iff the source is an IRET instruction */ + if (!!(e2 & DESC_TSS_BUSY_MASK) != (source == SWITCH_TSS_IRET)) { + raise_exception_err_ra(env, EXCP0A_TSS, tss_selector & 0xfffc, retaddr); + } + /* read all the registers from the new TSS */ if (type & 8) { /* 32 bit */ From patchwork Wed Jul 17 05:03:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735065 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id EB4A5C3DA60 for ; Wed, 17 Jul 2024 05:05:01 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwq9-0002w0-KS; Wed, 17 Jul 2024 01:04:33 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwq2-0002Rd-SB for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:27 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwq1-000249-0D for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:26 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192664; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=mW7YmLYFztI0TmaauIhH2adwAIExV2ZPdEOQTsbrNGk=; b=D2sM2RCdleKTN7cWVT6AEjS4hytzphXXbTh1r27conmtspTB4iraO2G+4qNHrD706TeyAn NoLHt+7ehh/a26WIkQ4X+YzWu7tx0DMkbfLdL2QLB2q6sTYFVoMEGgyphE8Awm2rSF1cRf 5LGf0PtaCsLpn1N8+zBqsNPBdGLm+GY= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-61-O1_aPniQOeCxqk3jWzl_eg-1; Wed, 17 Jul 2024 01:04:19 -0400 X-MC-Unique: O1_aPniQOeCxqk3jWzl_eg-1 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-42668857c38so46754225e9.1 for ; Tue, 16 Jul 2024 22:04:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192658; x=1721797458; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=mW7YmLYFztI0TmaauIhH2adwAIExV2ZPdEOQTsbrNGk=; b=V6K6FupC5d92uZhvyOzN5Ciu6AiHfdIjMwKFUiODOQBWco6+psKmj8nSFvklaZSVB1 uDQR5BLOYm98X+GyetsdSuWAiRQ4MnRWXIgQJbybd14rULEZWYuDq7przoFVtwQNEH7n qj9N5iR1hKiZG19Izl9JLqe3drYPzorFaQHKxarEG3LOjn+Cxx4DS/m1TDpWOaoUN364 CaPd5pLb1jWj3oAqWTJpqTpkCszNbvYpz6Wph5exuGVYkMDw4VtVvhFL/dZAKeZK+YaY sBVSR6yVBOYKDx0VObe6YcykR99hvhcp9RE/IGU5+6ONr7ktBuSe88fTk6wzsS7fiA4p /QWg== X-Gm-Message-State: AOJu0YyAzpLlepPMzRuZU2LooNpBVXQ5mPfchxGzxCzSgkuI47BnUqoV GcRTJZpsVNTfTm9F4NiY/E+lWdg4RHMYtcfG0A+0eX0q2wSUJ1HCkBiZepjzl5/afS7ClH/21WD BVFd5JD8pw4BxeVDuJ/yzzc0jPqBPFzCChjewmLbcvSuOCjuDjnFFqVCk/X2mroQmjKCbibWnZb Bp88omC8khqKT+K4ubeL16drpX7jyRyO7HufGH X-Received: by 2002:a5d:58e7:0:b0:367:9765:b2ae with SMTP id ffacd0b85a97d-3683179cb2bmr333383f8f.61.1721192657756; Tue, 16 Jul 2024 22:04:17 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGXvBz1oM06hkAWVWL9O4bNTPNQx0pS0y8tsgs6K/cbyTMO42x215yz0kHHbgWQsHZIvBJJjw== X-Received: by 2002:a5d:58e7:0:b0:367:9765:b2ae with SMTP id ffacd0b85a97d-3683179cb2bmr333370f8f.61.1721192657331; Tue, 16 Jul 2024 22:04:17 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3680db03e41sm10638286f8f.98.2024.07.16.22.04.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:04:16 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Richard Henderson Subject: [PULL 19/20] target/i386/tcg: use X86Access for TSS access Date: Wed, 17 Jul 2024 07:03:29 +0200 Message-ID: <20240717050331.295371-20-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This takes care of probing the vaddr range in advance, and is also faster because it avoids repeated TLB lookups. It also matches the Intel manual better, as it says "Checks that the current (old) TSS, new TSS, and all segment descriptors used in the task switch are paged into system memory"; note however that it's not clear how the processor checks for segment descriptors, and this check is not included in the AMD manual. Reviewed-by: Richard Henderson Signed-off-by: Paolo Bonzini --- target/i386/tcg/seg_helper.c | 110 ++++++++++++++++++----------------- 1 file changed, 58 insertions(+), 52 deletions(-) diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c index a5d5ce61f59..36d2f089cae 100644 --- a/target/i386/tcg/seg_helper.c +++ b/target/i386/tcg/seg_helper.c @@ -27,6 +27,7 @@ #include "exec/log.h" #include "helper-tcg.h" #include "seg_helper.h" +#include "access.h" #ifdef TARGET_X86_64 #define SET_ESP(val, sp_mask) \ @@ -313,14 +314,15 @@ static int switch_tss_ra(CPUX86State *env, int tss_selector, uint32_t e1, uint32_t e2, int source, uint32_t next_eip, uintptr_t retaddr) { - int tss_limit, tss_limit_max, type, old_tss_limit_max, old_type, v1, v2, i; + int tss_limit, tss_limit_max, type, old_tss_limit_max, old_type, i; target_ulong tss_base; uint32_t new_regs[8], new_segs[6]; uint32_t new_eflags, new_eip, new_cr3, new_ldt, new_trap; uint32_t old_eflags, eflags_mask; SegmentCache *dt; - int index; + int mmu_index, index; target_ulong ptr; + X86Access old, new; type = (e2 >> DESC_TYPE_SHIFT) & 0xf; LOG_PCALL("switch_tss: sel=0x%04x type=%d src=%d\n", tss_selector, type, @@ -374,35 +376,45 @@ static int switch_tss_ra(CPUX86State *env, int tss_selector, raise_exception_err_ra(env, EXCP0A_TSS, tss_selector & 0xfffc, retaddr); } + /* X86Access avoids memory exceptions during the task switch */ + mmu_index = cpu_mmu_index_kernel(env); + access_prepare_mmu(&old, env, env->tr.base, old_tss_limit_max, + MMU_DATA_STORE, mmu_index, retaddr); + + if (source == SWITCH_TSS_CALL) { + /* Probe for future write of parent task */ + probe_access(env, tss_base, 2, MMU_DATA_STORE, + mmu_index, retaddr); + } + access_prepare_mmu(&new, env, tss_base, tss_limit, + MMU_DATA_LOAD, mmu_index, retaddr); + /* read all the registers from the new TSS */ if (type & 8) { /* 32 bit */ - new_cr3 = cpu_ldl_kernel_ra(env, tss_base + 0x1c, retaddr); - new_eip = cpu_ldl_kernel_ra(env, tss_base + 0x20, retaddr); - new_eflags = cpu_ldl_kernel_ra(env, tss_base + 0x24, retaddr); + new_cr3 = access_ldl(&new, tss_base + 0x1c); + new_eip = access_ldl(&new, tss_base + 0x20); + new_eflags = access_ldl(&new, tss_base + 0x24); for (i = 0; i < 8; i++) { - new_regs[i] = cpu_ldl_kernel_ra(env, tss_base + (0x28 + i * 4), - retaddr); + new_regs[i] = access_ldl(&new, tss_base + (0x28 + i * 4)); } for (i = 0; i < 6; i++) { - new_segs[i] = cpu_lduw_kernel_ra(env, tss_base + (0x48 + i * 4), - retaddr); + new_segs[i] = access_ldw(&new, tss_base + (0x48 + i * 4)); } - new_ldt = cpu_lduw_kernel_ra(env, tss_base + 0x60, retaddr); - new_trap = cpu_ldl_kernel_ra(env, tss_base + 0x64, retaddr); + new_ldt = access_ldw(&new, tss_base + 0x60); + new_trap = access_ldl(&new, tss_base + 0x64); } else { /* 16 bit */ new_cr3 = 0; - new_eip = cpu_lduw_kernel_ra(env, tss_base + 0x0e, retaddr); - new_eflags = cpu_lduw_kernel_ra(env, tss_base + 0x10, retaddr); + new_eip = access_ldw(&new, tss_base + 0x0e); + new_eflags = access_ldw(&new, tss_base + 0x10); for (i = 0; i < 8; i++) { - new_regs[i] = cpu_lduw_kernel_ra(env, tss_base + (0x12 + i * 2), retaddr); + new_regs[i] = access_ldw(&new, tss_base + (0x12 + i * 2)); } for (i = 0; i < 4; i++) { - new_segs[i] = cpu_lduw_kernel_ra(env, tss_base + (0x22 + i * 2), - retaddr); + new_segs[i] = access_ldw(&new, tss_base + (0x22 + i * 2)); } - new_ldt = cpu_lduw_kernel_ra(env, tss_base + 0x2a, retaddr); + new_ldt = access_ldw(&new, tss_base + 0x2a); new_segs[R_FS] = 0; new_segs[R_GS] = 0; new_trap = 0; @@ -412,16 +424,6 @@ static int switch_tss_ra(CPUX86State *env, int tss_selector, chapters 12.2.5 and 13.2.4 on how to implement TSS Trap bit */ (void)new_trap; - /* NOTE: we must avoid memory exceptions during the task switch, - so we make dummy accesses before */ - /* XXX: it can still fail in some cases, so a bigger hack is - necessary to valid the TLB after having done the accesses */ - - v1 = cpu_ldub_kernel_ra(env, env->tr.base, retaddr); - v2 = cpu_ldub_kernel_ra(env, env->tr.base + old_tss_limit_max, retaddr); - cpu_stb_kernel_ra(env, env->tr.base, v1, retaddr); - cpu_stb_kernel_ra(env, env->tr.base + old_tss_limit_max, v2, retaddr); - /* clear busy bit (it is restartable) */ if (source == SWITCH_TSS_JMP || source == SWITCH_TSS_IRET) { tss_set_busy(env, env->tr.selector, 0, retaddr); @@ -434,35 +436,35 @@ static int switch_tss_ra(CPUX86State *env, int tss_selector, /* save the current state in the old TSS */ if (old_type & 8) { /* 32 bit */ - cpu_stl_kernel_ra(env, env->tr.base + 0x20, next_eip, retaddr); - cpu_stl_kernel_ra(env, env->tr.base + 0x24, old_eflags, retaddr); - cpu_stl_kernel_ra(env, env->tr.base + (0x28 + 0 * 4), env->regs[R_EAX], retaddr); - cpu_stl_kernel_ra(env, env->tr.base + (0x28 + 1 * 4), env->regs[R_ECX], retaddr); - cpu_stl_kernel_ra(env, env->tr.base + (0x28 + 2 * 4), env->regs[R_EDX], retaddr); - cpu_stl_kernel_ra(env, env->tr.base + (0x28 + 3 * 4), env->regs[R_EBX], retaddr); - cpu_stl_kernel_ra(env, env->tr.base + (0x28 + 4 * 4), env->regs[R_ESP], retaddr); - cpu_stl_kernel_ra(env, env->tr.base + (0x28 + 5 * 4), env->regs[R_EBP], retaddr); - cpu_stl_kernel_ra(env, env->tr.base + (0x28 + 6 * 4), env->regs[R_ESI], retaddr); - cpu_stl_kernel_ra(env, env->tr.base + (0x28 + 7 * 4), env->regs[R_EDI], retaddr); + access_stl(&old, env->tr.base + 0x20, next_eip); + access_stl(&old, env->tr.base + 0x24, old_eflags); + access_stl(&old, env->tr.base + (0x28 + 0 * 4), env->regs[R_EAX]); + access_stl(&old, env->tr.base + (0x28 + 1 * 4), env->regs[R_ECX]); + access_stl(&old, env->tr.base + (0x28 + 2 * 4), env->regs[R_EDX]); + access_stl(&old, env->tr.base + (0x28 + 3 * 4), env->regs[R_EBX]); + access_stl(&old, env->tr.base + (0x28 + 4 * 4), env->regs[R_ESP]); + access_stl(&old, env->tr.base + (0x28 + 5 * 4), env->regs[R_EBP]); + access_stl(&old, env->tr.base + (0x28 + 6 * 4), env->regs[R_ESI]); + access_stl(&old, env->tr.base + (0x28 + 7 * 4), env->regs[R_EDI]); for (i = 0; i < 6; i++) { - cpu_stw_kernel_ra(env, env->tr.base + (0x48 + i * 4), - env->segs[i].selector, retaddr); + access_stw(&old, env->tr.base + (0x48 + i * 4), + env->segs[i].selector); } } else { /* 16 bit */ - cpu_stw_kernel_ra(env, env->tr.base + 0x0e, next_eip, retaddr); - cpu_stw_kernel_ra(env, env->tr.base + 0x10, old_eflags, retaddr); - cpu_stw_kernel_ra(env, env->tr.base + (0x12 + 0 * 2), env->regs[R_EAX], retaddr); - cpu_stw_kernel_ra(env, env->tr.base + (0x12 + 1 * 2), env->regs[R_ECX], retaddr); - cpu_stw_kernel_ra(env, env->tr.base + (0x12 + 2 * 2), env->regs[R_EDX], retaddr); - cpu_stw_kernel_ra(env, env->tr.base + (0x12 + 3 * 2), env->regs[R_EBX], retaddr); - cpu_stw_kernel_ra(env, env->tr.base + (0x12 + 4 * 2), env->regs[R_ESP], retaddr); - cpu_stw_kernel_ra(env, env->tr.base + (0x12 + 5 * 2), env->regs[R_EBP], retaddr); - cpu_stw_kernel_ra(env, env->tr.base + (0x12 + 6 * 2), env->regs[R_ESI], retaddr); - cpu_stw_kernel_ra(env, env->tr.base + (0x12 + 7 * 2), env->regs[R_EDI], retaddr); + access_stw(&old, env->tr.base + 0x0e, next_eip); + access_stw(&old, env->tr.base + 0x10, old_eflags); + access_stw(&old, env->tr.base + (0x12 + 0 * 2), env->regs[R_EAX]); + access_stw(&old, env->tr.base + (0x12 + 1 * 2), env->regs[R_ECX]); + access_stw(&old, env->tr.base + (0x12 + 2 * 2), env->regs[R_EDX]); + access_stw(&old, env->tr.base + (0x12 + 3 * 2), env->regs[R_EBX]); + access_stw(&old, env->tr.base + (0x12 + 4 * 2), env->regs[R_ESP]); + access_stw(&old, env->tr.base + (0x12 + 5 * 2), env->regs[R_EBP]); + access_stw(&old, env->tr.base + (0x12 + 6 * 2), env->regs[R_ESI]); + access_stw(&old, env->tr.base + (0x12 + 7 * 2), env->regs[R_EDI]); for (i = 0; i < 4; i++) { - cpu_stw_kernel_ra(env, env->tr.base + (0x22 + i * 2), - env->segs[i].selector, retaddr); + access_stw(&old, env->tr.base + (0x22 + i * 2), + env->segs[i].selector); } } @@ -470,7 +472,11 @@ static int switch_tss_ra(CPUX86State *env, int tss_selector, context */ if (source == SWITCH_TSS_CALL) { - cpu_stw_kernel_ra(env, tss_base, env->tr.selector, retaddr); + /* + * Thanks to the probe_access above, we know the first two + * bytes addressed by &new are writable too. + */ + access_stw(&new, tss_base, env->tr.selector); new_eflags |= NT_MASK; } From patchwork Wed Jul 17 05:03:30 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 13735072 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 7F24FC3DA42 for ; Wed, 17 Jul 2024 05:06:30 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTwq9-0002u2-5S; Wed, 17 Jul 2024 01:04:33 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwq3-0002U0-GD for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:28 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTwq0-00023z-Hh for qemu-devel@nongnu.org; Wed, 17 Jul 2024 01:04:27 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721192663; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=wgJ+cIl6ZeRPyItJ8FIMr9ODJcaa5ZrbsqamH1sXMi8=; b=RwArKBSJYCYNEK8E+i3M3hohdkCjCU+Ao9c8Xw7sL9qwC2ReUL5uC2kkuMbhB6Ary0pu71 26eaSpVIUdLODKwAVUUesJ1nQh64/f5IoxArRoYcEVjnqv8NlzOrNyNOROuWGN6TflC6bv vFOyhux3Nexhey5ZDqLt2UrIZXRqVjE= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-225-bQCrSoO4Op-vt-YBFoEeWA-1; Wed, 17 Jul 2024 01:04:21 -0400 X-MC-Unique: bQCrSoO4Op-vt-YBFoEeWA-1 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-42671a6fb9dso41256465e9.3 for ; Tue, 16 Jul 2024 22:04:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721192660; x=1721797460; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=wgJ+cIl6ZeRPyItJ8FIMr9ODJcaa5ZrbsqamH1sXMi8=; b=iISydYKPLJuVHwY4fXTd+0v7nDpYD94acVjvoDqtQu3sBEl8zsXOtCNJ6SHfKFCJ9D qqIIlQm4gSMiakYy935EPqkq4PSo91a3lzRSriSCGr46QK0fqjWDzYJn5OxhJAkrxBRK H8NWtoA3mCXDQQ4vxDOvXSJ+Gasa0S/G5Jtze2Sp2ziT+cSaavcvfLy571/cQVEh3ccM YjOzWYVnDp9wP6QBiXd1C7E0YNugg+3jsVn1hpfIybRz5f6EyGxbu/D7g4gdvtSQSWT7 BomUedOJ1HIVqBxOm/KJzvzTPyHmI3ojG7N3YYS1RJm/Y+JW45Kii9lqdOR/FQD31HIa LDYg== X-Gm-Message-State: AOJu0YziX+xCfum37SdTF1eCfI3DQ+LHxt6IXUgzOBp/wO5e481Lt5DT Rrf3r8r1E7dGZECWrriQRhTqeSOF/nEhUzdwsuZ5Q3tM4Sc0EK11tW3Q8bpoYv6S5uG4Q5dfd2d kMetEmNQyXNJozucqcQdkXC8Tl2AUoQoMezw3ENtsw07nryYPtjifqtizRKftBNbPP1c8lZu4RS pgDuY5K+dzo3nJPkWTH6LRpv4ChReH65Iwt/lh X-Received: by 2002:a05:600c:3b8c:b0:427:abf6:f0e6 with SMTP id 5b1f17b1804b1-427c2cb0878mr4119435e9.9.1721192660134; Tue, 16 Jul 2024 22:04:20 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEmfcSjEEkPlnqy9uIl5p2L+59w904DAu2aVTVUd2t6WJ4fh6R7CQbyEVL67ez/HeLUG2VjDg== X-Received: by 2002:a05:600c:3b8c:b0:427:abf6:f0e6 with SMTP id 5b1f17b1804b1-427c2cb0878mr4119255e9.9.1721192659730; Tue, 16 Jul 2024 22:04:19 -0700 (PDT) Received: from avogadro.local ([151.95.101.29]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4279f276c52sm190639715e9.22.2024.07.16.22.04.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jul 2024 22:04:18 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Richard Henderson Subject: [PULL 20/20] target/i386/tcg: save current task state before loading new one Date: Wed, 17 Jul 2024 07:03:30 +0200 Message-ID: <20240717050331.295371-21-pbonzini@redhat.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240717050331.295371-1-pbonzini@redhat.com> References: <20240717050331.295371-1-pbonzini@redhat.com> MIME-Version: 1.0 Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This is how the steps are ordered in the manual. EFLAGS.NT is overwritten after the fact in the saved image. Reviewed-by: Richard Henderson Signed-off-by: Paolo Bonzini --- target/i386/tcg/seg_helper.c | 85 +++++++++++++++++++----------------- 1 file changed, 45 insertions(+), 40 deletions(-) diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c index 36d2f089cae..aac092a356b 100644 --- a/target/i386/tcg/seg_helper.c +++ b/target/i386/tcg/seg_helper.c @@ -389,6 +389,42 @@ static int switch_tss_ra(CPUX86State *env, int tss_selector, access_prepare_mmu(&new, env, tss_base, tss_limit, MMU_DATA_LOAD, mmu_index, retaddr); + /* save the current state in the old TSS */ + old_eflags = cpu_compute_eflags(env); + if (old_type & 8) { + /* 32 bit */ + access_stl(&old, env->tr.base + 0x20, next_eip); + access_stl(&old, env->tr.base + 0x24, old_eflags); + access_stl(&old, env->tr.base + (0x28 + 0 * 4), env->regs[R_EAX]); + access_stl(&old, env->tr.base + (0x28 + 1 * 4), env->regs[R_ECX]); + access_stl(&old, env->tr.base + (0x28 + 2 * 4), env->regs[R_EDX]); + access_stl(&old, env->tr.base + (0x28 + 3 * 4), env->regs[R_EBX]); + access_stl(&old, env->tr.base + (0x28 + 4 * 4), env->regs[R_ESP]); + access_stl(&old, env->tr.base + (0x28 + 5 * 4), env->regs[R_EBP]); + access_stl(&old, env->tr.base + (0x28 + 6 * 4), env->regs[R_ESI]); + access_stl(&old, env->tr.base + (0x28 + 7 * 4), env->regs[R_EDI]); + for (i = 0; i < 6; i++) { + access_stw(&old, env->tr.base + (0x48 + i * 4), + env->segs[i].selector); + } + } else { + /* 16 bit */ + access_stw(&old, env->tr.base + 0x0e, next_eip); + access_stw(&old, env->tr.base + 0x10, old_eflags); + access_stw(&old, env->tr.base + (0x12 + 0 * 2), env->regs[R_EAX]); + access_stw(&old, env->tr.base + (0x12 + 1 * 2), env->regs[R_ECX]); + access_stw(&old, env->tr.base + (0x12 + 2 * 2), env->regs[R_EDX]); + access_stw(&old, env->tr.base + (0x12 + 3 * 2), env->regs[R_EBX]); + access_stw(&old, env->tr.base + (0x12 + 4 * 2), env->regs[R_ESP]); + access_stw(&old, env->tr.base + (0x12 + 5 * 2), env->regs[R_EBP]); + access_stw(&old, env->tr.base + (0x12 + 6 * 2), env->regs[R_ESI]); + access_stw(&old, env->tr.base + (0x12 + 7 * 2), env->regs[R_EDI]); + for (i = 0; i < 4; i++) { + access_stw(&old, env->tr.base + (0x22 + i * 2), + env->segs[i].selector); + } + } + /* read all the registers from the new TSS */ if (type & 8) { /* 32 bit */ @@ -428,49 +464,16 @@ static int switch_tss_ra(CPUX86State *env, int tss_selector, if (source == SWITCH_TSS_JMP || source == SWITCH_TSS_IRET) { tss_set_busy(env, env->tr.selector, 0, retaddr); } - old_eflags = cpu_compute_eflags(env); + if (source == SWITCH_TSS_IRET) { old_eflags &= ~NT_MASK; + if (old_type & 8) { + access_stl(&old, env->tr.base + 0x24, old_eflags); + } else { + access_stw(&old, env->tr.base + 0x10, old_eflags); + } } - /* save the current state in the old TSS */ - if (old_type & 8) { - /* 32 bit */ - access_stl(&old, env->tr.base + 0x20, next_eip); - access_stl(&old, env->tr.base + 0x24, old_eflags); - access_stl(&old, env->tr.base + (0x28 + 0 * 4), env->regs[R_EAX]); - access_stl(&old, env->tr.base + (0x28 + 1 * 4), env->regs[R_ECX]); - access_stl(&old, env->tr.base + (0x28 + 2 * 4), env->regs[R_EDX]); - access_stl(&old, env->tr.base + (0x28 + 3 * 4), env->regs[R_EBX]); - access_stl(&old, env->tr.base + (0x28 + 4 * 4), env->regs[R_ESP]); - access_stl(&old, env->tr.base + (0x28 + 5 * 4), env->regs[R_EBP]); - access_stl(&old, env->tr.base + (0x28 + 6 * 4), env->regs[R_ESI]); - access_stl(&old, env->tr.base + (0x28 + 7 * 4), env->regs[R_EDI]); - for (i = 0; i < 6; i++) { - access_stw(&old, env->tr.base + (0x48 + i * 4), - env->segs[i].selector); - } - } else { - /* 16 bit */ - access_stw(&old, env->tr.base + 0x0e, next_eip); - access_stw(&old, env->tr.base + 0x10, old_eflags); - access_stw(&old, env->tr.base + (0x12 + 0 * 2), env->regs[R_EAX]); - access_stw(&old, env->tr.base + (0x12 + 1 * 2), env->regs[R_ECX]); - access_stw(&old, env->tr.base + (0x12 + 2 * 2), env->regs[R_EDX]); - access_stw(&old, env->tr.base + (0x12 + 3 * 2), env->regs[R_EBX]); - access_stw(&old, env->tr.base + (0x12 + 4 * 2), env->regs[R_ESP]); - access_stw(&old, env->tr.base + (0x12 + 5 * 2), env->regs[R_EBP]); - access_stw(&old, env->tr.base + (0x12 + 6 * 2), env->regs[R_ESI]); - access_stw(&old, env->tr.base + (0x12 + 7 * 2), env->regs[R_EDI]); - for (i = 0; i < 4; i++) { - access_stw(&old, env->tr.base + (0x22 + i * 2), - env->segs[i].selector); - } - } - - /* now if an exception occurs, it will occurs in the next task - context */ - if (source == SWITCH_TSS_CALL) { /* * Thanks to the probe_access above, we know the first two @@ -486,7 +489,9 @@ static int switch_tss_ra(CPUX86State *env, int tss_selector, } /* set the new CPU state */ - /* from this point, any exception which occurs can give problems */ + + /* now if an exception occurs, it will occur in the next task context */ + env->cr[0] |= CR0_TS_MASK; env->hflags |= HF_TS_MASK; env->tr.selector = tss_selector;