diff options
| -rw-r--r-- | hw/nvme/ctrl.c | 31 | ||||
| -rw-r--r-- | hw/nvme/trace-events | 2 | ||||
| -rw-r--r-- | include/block/nvme.h | 5 | ||||
| -rw-r--r-- | linux-user/aarch64/cpu_loop.c | 32 | ||||
| -rw-r--r-- | linux-user/arm/cpu_loop.c | 63 | ||||
| -rw-r--r-- | linux-user/signal-common.h | 1 | ||||
| -rw-r--r-- | linux-user/signal.c | 19 |
7 files changed, 71 insertions, 82 deletions
diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c index 6baf9e0420..2f247a9275 100644 --- a/hw/nvme/ctrl.c +++ b/hw/nvme/ctrl.c @@ -3893,6 +3893,10 @@ static uint16_t nvme_io_cmd(NvmeCtrl *n, NvmeRequest *req) return ns->status; } + if (NVME_CMD_FLAGS_FUSE(req->cmd.flags)) { + return NVME_INVALID_FIELD; + } + req->ns = ns; switch (req->cmd.opcode) { @@ -5191,7 +5195,7 @@ static uint16_t nvme_ns_attachment(NvmeCtrl *n, NvmeRequest *req) uint16_t list[NVME_CONTROLLER_LIST_SIZE] = {}; uint32_t nsid = le32_to_cpu(req->cmd.nsid); uint32_t dw10 = le32_to_cpu(req->cmd.cdw10); - bool attach = !(dw10 & 0xf); + uint8_t sel = dw10 & 0xf; uint16_t *nr_ids = &list[0]; uint16_t *ids = &list[1]; uint16_t ret; @@ -5224,7 +5228,8 @@ static uint16_t nvme_ns_attachment(NvmeCtrl *n, NvmeRequest *req) return NVME_NS_CTRL_LIST_INVALID | NVME_DNR; } - if (attach) { + switch (sel) { + case NVME_NS_ATTACHMENT_ATTACH: if (nvme_ns(ctrl, nsid)) { return NVME_NS_ALREADY_ATTACHED | NVME_DNR; } @@ -5235,7 +5240,10 @@ static uint16_t nvme_ns_attachment(NvmeCtrl *n, NvmeRequest *req) nvme_attach_ns(ctrl, ns); nvme_select_iocs_ns(ctrl, ns); - } else { + + break; + + case NVME_NS_ATTACHMENT_DETACH: if (!nvme_ns(ctrl, nsid)) { return NVME_NS_NOT_ATTACHED | NVME_DNR; } @@ -5244,6 +5252,11 @@ static uint16_t nvme_ns_attachment(NvmeCtrl *n, NvmeRequest *req) ns->attached--; nvme_update_dmrsl(ctrl); + + break; + + default: + return NVME_INVALID_FIELD | NVME_DNR; } /* @@ -5466,6 +5479,10 @@ static uint16_t nvme_admin_cmd(NvmeCtrl *n, NvmeRequest *req) return NVME_INVALID_FIELD | NVME_DNR; } + if (NVME_CMD_FLAGS_FUSE(req->cmd.flags)) { + return NVME_INVALID_FIELD; + } + switch (req->cmd.opcode) { case NVME_ADM_CMD_DELETE_SQ: return nvme_del_sq(n, req); @@ -5623,14 +5640,6 @@ static int nvme_start_ctrl(NvmeCtrl *n) trace_pci_nvme_err_startfail_sq(); return -1; } - if (unlikely(!asq)) { - trace_pci_nvme_err_startfail_nbarasq(); - return -1; - } - if (unlikely(!acq)) { - trace_pci_nvme_err_startfail_nbaracq(); - return -1; - } if (unlikely(asq & (page_size - 1))) { trace_pci_nvme_err_startfail_asq_misaligned(asq); return -1; diff --git a/hw/nvme/trace-events b/hw/nvme/trace-events index 430eeb395b..ff6cafd520 100644 --- a/hw/nvme/trace-events +++ b/hw/nvme/trace-events @@ -159,8 +159,6 @@ pci_nvme_err_invalid_setfeat(uint32_t dw10) "invalid set features, dw10=0x%"PRIx pci_nvme_err_invalid_log_page(uint16_t cid, uint16_t lid) "cid %"PRIu16" lid 0x%"PRIx16"" pci_nvme_err_startfail_cq(void) "nvme_start_ctrl failed because there are non-admin completion queues" pci_nvme_err_startfail_sq(void) "nvme_start_ctrl failed because there are non-admin submission queues" -pci_nvme_err_startfail_nbarasq(void) "nvme_start_ctrl failed because the admin submission queue address is null" -pci_nvme_err_startfail_nbaracq(void) "nvme_start_ctrl failed because the admin completion queue address is null" pci_nvme_err_startfail_asq_misaligned(uint64_t addr) "nvme_start_ctrl failed because the admin submission queue address is misaligned: 0x%"PRIx64"" pci_nvme_err_startfail_acq_misaligned(uint64_t addr) "nvme_start_ctrl failed because the admin completion queue address is misaligned: 0x%"PRIx64"" pci_nvme_err_startfail_page_too_small(uint8_t log2ps, uint8_t maxlog2ps) "nvme_start_ctrl failed because the page size is too small: log2size=%u, min=%u" diff --git a/include/block/nvme.h b/include/block/nvme.h index 77aae01174..e3bd47bf76 100644 --- a/include/block/nvme.h +++ b/include/block/nvme.h @@ -1154,6 +1154,11 @@ enum NvmeIdCtrlCmic { NVME_CMIC_MULTI_CTRL = 1 << 1, }; +enum NvmeNsAttachmentOperation { + NVME_NS_ATTACHMENT_ATTACH = 0x0, + NVME_NS_ATTACHMENT_DETACH = 0x1, +}; + #define NVME_CTRL_SQES_MIN(sqes) ((sqes) & 0xf) #define NVME_CTRL_SQES_MAX(sqes) (((sqes) >> 4) & 0xf) #define NVME_CTRL_CQES_MIN(cqes) ((cqes) & 0xf) diff --git a/linux-user/aarch64/cpu_loop.c b/linux-user/aarch64/cpu_loop.c index 5425b85659..034b737435 100644 --- a/linux-user/aarch64/cpu_loop.c +++ b/linux-user/aarch64/cpu_loop.c @@ -79,9 +79,8 @@ void cpu_loop(CPUARMState *env) { CPUState *cs = env_cpu(env); - int trapnr, ec, fsc; + int trapnr, ec, fsc, si_code; abi_long ret; - target_siginfo_t info; for (;;) { cpu_exec_start(cs); @@ -110,18 +109,10 @@ void cpu_loop(CPUARMState *env) /* just indicate that signals should be handled asap */ break; case EXCP_UDEF: - info.si_signo = TARGET_SIGILL; - info.si_errno = 0; - info.si_code = TARGET_ILL_ILLOPN; - info._sifields._sigfault._addr = env->pc; - queue_signal(env, info.si_signo, QEMU_SI_FAULT, &info); + force_sig_fault(TARGET_SIGILL, TARGET_ILL_ILLOPN, env->pc); break; case EXCP_PREFETCH_ABORT: case EXCP_DATA_ABORT: - info.si_signo = TARGET_SIGSEGV; - info.si_errno = 0; - info._sifields._sigfault._addr = env->exception.vaddress; - /* We should only arrive here with EC in {DATAABORT, INSNABORT}. */ ec = syn_get_ec(env->exception.syndrome); assert(ec == EC_DATAABORT || ec == EC_INSNABORT); @@ -130,27 +121,24 @@ void cpu_loop(CPUARMState *env) fsc = extract32(env->exception.syndrome, 0, 6); switch (fsc) { case 0x04 ... 0x07: /* Translation fault, level {0-3} */ - info.si_code = TARGET_SEGV_MAPERR; + si_code = TARGET_SEGV_MAPERR; break; case 0x09 ... 0x0b: /* Access flag fault, level {1-3} */ case 0x0d ... 0x0f: /* Permission fault, level {1-3} */ - info.si_code = TARGET_SEGV_ACCERR; + si_code = TARGET_SEGV_ACCERR; break; case 0x11: /* Synchronous Tag Check Fault */ - info.si_code = TARGET_SEGV_MTESERR; + si_code = TARGET_SEGV_MTESERR; break; default: g_assert_not_reached(); } - queue_signal(env, info.si_signo, QEMU_SI_FAULT, &info); + force_sig_fault(TARGET_SIGSEGV, si_code, env->exception.vaddress); break; case EXCP_DEBUG: case EXCP_BKPT: - info.si_signo = TARGET_SIGTRAP; - info.si_errno = 0; - info.si_code = TARGET_TRAP_BRKPT; - queue_signal(env, info.si_signo, QEMU_SI_FAULT, &info); + force_sig_fault(TARGET_SIGTRAP, TARGET_TRAP_BRKPT, env->pc); break; case EXCP_SEMIHOST: env->xregs[0] = do_common_semihosting(cs); @@ -170,11 +158,7 @@ void cpu_loop(CPUARMState *env) /* Check for MTE asynchronous faults */ if (unlikely(env->cp15.tfsr_el[0])) { env->cp15.tfsr_el[0] = 0; - info.si_signo = TARGET_SIGSEGV; - info.si_errno = 0; - info._sifields._sigfault._addr = 0; - info.si_code = TARGET_SEGV_MTEAERR; - queue_signal(env, info.si_signo, QEMU_SI_FAULT, &info); + force_sig_fault(TARGET_SIGSEGV, TARGET_SEGV_MTEAERR, 0); } process_pending_signals(env); diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c index 07032b3006..ae09adcb95 100644 --- a/linux-user/arm/cpu_loop.c +++ b/linux-user/arm/cpu_loop.c @@ -94,7 +94,6 @@ static void arm_kernel_cmpxchg64_helper(CPUARMState *env) { uint64_t oldval, newval, val; uint32_t addr, cpsr; - target_siginfo_t info; /* Based on the 32 bit code in do_kernel_trap */ @@ -143,12 +142,9 @@ segv: end_exclusive(); /* We get the PC of the entry address - which is as good as anything, on a real kernel what you get depends on which mode it uses. */ - info.si_signo = TARGET_SIGSEGV; - info.si_errno = 0; /* XXX: check env->error_code */ - info.si_code = TARGET_SEGV_MAPERR; - info._sifields._sigfault._addr = env->exception.vaddress; - queue_signal(env, info.si_signo, QEMU_SI_FAULT, &info); + force_sig_fault(TARGET_SIGSEGV, TARGET_SEGV_MAPERR, + env->exception.vaddress); } /* Handle a jump to the kernel code page. */ @@ -268,16 +264,13 @@ static bool emulate_arm_fpa11(CPUARMState *env, uint32_t opcode) ts->fpa.fpsr |= raise & ~enabled; if (raise & enabled) { - target_siginfo_t info = { }; - /* * The kernel's nwfpe emulator does not pass a real si_code. - * It merely uses send_sig(SIGFPE, current, 1). + * It merely uses send_sig(SIGFPE, current, 1), which results in + * __send_signal() filling out SI_KERNEL with pid and uid 0 (under + * the "SEND_SIG_PRIV" case). That's what our force_sig() does. */ - info.si_signo = TARGET_SIGFPE; - info.si_code = TARGET_SI_KERNEL; - - queue_signal(env, info.si_signo, QEMU_SI_FAULT, &info); + force_sig(TARGET_SIGFPE); } else { env->regs[15] += 4; } @@ -289,8 +282,6 @@ void cpu_loop(CPUARMState *env) CPUState *cs = env_cpu(env); int trapnr; unsigned int n, insn; - target_siginfo_t info; - uint32_t addr; abi_ulong ret; for(;;) { @@ -325,11 +316,8 @@ void cpu_loop(CPUARMState *env) break; } - info.si_signo = TARGET_SIGILL; - info.si_errno = 0; - info.si_code = TARGET_ILL_ILLOPN; - info._sifields._sigfault._addr = env->regs[15]; - queue_signal(env, info.si_signo, QEMU_SI_FAULT, &info); + force_sig_fault(TARGET_SIGILL, TARGET_ILL_ILLOPN, + env->regs[15]); } break; case EXCP_SWI: @@ -397,18 +385,14 @@ void cpu_loop(CPUARMState *env) * Otherwise SIGILL. This includes any SWI with * immediate not originally 0x9fxxxx, because * of the earlier XOR. + * Like the real kernel, we report the addr of the + * SWI in the siginfo si_addr but leave the PC + * pointing at the insn after the SWI. */ - info.si_signo = TARGET_SIGILL; - info.si_errno = 0; - info.si_code = TARGET_ILL_ILLTRP; - info._sifields._sigfault._addr = env->regs[15]; - if (env->thumb) { - info._sifields._sigfault._addr -= 2; - } else { - info._sifields._sigfault._addr -= 4; - } - queue_signal(env, info.si_signo, - QEMU_SI_FAULT, &info); + abi_ulong faultaddr = env->regs[15]; + faultaddr -= env->thumb ? 2 : 4; + force_sig_fault(TARGET_SIGILL, TARGET_ILL_ILLTRP, + faultaddr); } break; } @@ -439,23 +423,14 @@ void cpu_loop(CPUARMState *env) break; case EXCP_PREFETCH_ABORT: case EXCP_DATA_ABORT: - addr = env->exception.vaddress; - { - info.si_signo = TARGET_SIGSEGV; - info.si_errno = 0; - /* XXX: check env->error_code */ - info.si_code = TARGET_SEGV_MAPERR; - info._sifields._sigfault._addr = addr; - queue_signal(env, info.si_signo, QEMU_SI_FAULT, &info); - } + /* XXX: check env->error_code */ + force_sig_fault(TARGET_SIGSEGV, TARGET_SEGV_MAPERR, + env->exception.vaddress); break; case EXCP_DEBUG: case EXCP_BKPT: excp_debug: - info.si_signo = TARGET_SIGTRAP; - info.si_errno = 0; - info.si_code = TARGET_TRAP_BRKPT; - queue_signal(env, info.si_signo, QEMU_SI_FAULT, &info); + force_sig_fault(TARGET_SIGTRAP, TARGET_TRAP_BRKPT, env->regs[15]); break; case EXCP_KERNEL_TRAP: if (do_kernel_trap(env)) diff --git a/linux-user/signal-common.h b/linux-user/signal-common.h index 58ea23f6ea..79511becb4 100644 --- a/linux-user/signal-common.h +++ b/linux-user/signal-common.h @@ -40,6 +40,7 @@ void tswap_siginfo(target_siginfo_t *tinfo, void set_sigmask(const sigset_t *set); void force_sig(int sig); void force_sigsegv(int oldsig); +void force_sig_fault(int sig, int code, abi_ulong addr); #if defined(TARGET_ARCH_HAS_SETUP_FRAME) void setup_frame(int sig, struct target_sigaction *ka, target_sigset_t *set, CPUArchState *env); diff --git a/linux-user/signal.c b/linux-user/signal.c index f8346f5ec5..2038216455 100644 --- a/linux-user/signal.c +++ b/linux-user/signal.c @@ -641,7 +641,7 @@ void force_sig(int sig) { CPUState *cpu = thread_cpu; CPUArchState *env = cpu->env_ptr; - target_siginfo_t info; + target_siginfo_t info = {}; info.si_signo = sig; info.si_errno = 0; @@ -651,6 +651,23 @@ void force_sig(int sig) queue_signal(env, info.si_signo, QEMU_SI_KILL, &info); } +/* + * Force a synchronously taken QEMU_SI_FAULT signal. For QEMU the + * 'force' part is handled in process_pending_signals(). + */ +void force_sig_fault(int sig, int code, abi_ulong addr) +{ + CPUState *cpu = thread_cpu; + CPUArchState *env = cpu->env_ptr; + target_siginfo_t info = {}; + + info.si_signo = sig; + info.si_errno = 0; + info.si_code = code; + info._sifields._sigfault._addr = addr; + queue_signal(env, sig, QEMU_SI_FAULT, &info); +} + /* Force a SIGSEGV if we couldn't write to memory trying to set * up the signal frame. oldsig is the signal we were trying to handle * at the point of failure. |