Various patches related to single binary effort:
- Endianness cleanups on various targets (PPC in particular)
- Few cleanups around target_ulong type on Alpha
- Have CPUClass::disas_set_info() take a const CPUState
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmmCDTkACgkQ4+MsLN6t
# wN7vHQ/+LCAYESbTy7cXeKGgAslwPbX1Q2zYGk0rhGMgrbBtQThbgQSkNsAwYmzg
# 6vx5crw9vYA/kLq0jyJQPTRIAKzXH9BzdEfTsEt5AIpZv6Cc4im6JBZdrxUa6S0O
# AMGb4pn9bpkcwHOv2ufotJbl0fa+id4WgQgXyLDEgwgNVvY18fVWfn5OwAon2bWo
# nb6zqRfwgdyAB+liwmlPNI+M4hZ3vDdct7whUP8t37FjTL0lNrsyG/Epr0xJB5ru
# CRsjubBkXAq8HlmwHZp8JSM/Lriitp8Z2ubD8VBqYbMYI25XUnRlBWWxTnQKkaDD
# Vgbq67UqS/k/X6vV5cfJaeS2qOdgF98V0VmrOqlNXTwMU56lzMn0ThgLqUXznRos
# IUfTUvmjfGu63aAWG2l+HBrehK5JEAGYzK6ZTiTA6abpvfHUjehslsQlAlMgcSnL
# TnMsM7mxS+XNbf6bsew0azTt2p/V81JDVrQuQgmAJS9ZOpALMFGep5YAYKvN/kLf
# cSbl+hQRsxqxQPoc6y0NrnCcfT33U1+I+IXpMIR/VyC0RgseW9HeRdJWuNyKBW/4
# VUBnQnYNhZM9hDHKp5PzU2KhoeudAlK3gws8zvtWfLCFyAvfmEYX0Gt5r23JkoxT
# IO340Jz5XRwfXMWENc6Bm8lqr7HilQi28HFNXWdy897YfNS83Ow=
# =J0gm
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 04 Feb 2026 12:59:05 AM AEST
# gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE
* tag 'single-binary-20260203' of https://github.com/philmd/qemu: (30 commits)
disas: Have disas_set_info() take a const CPUState
disas: Make disassemble_info::target_info field const
disas/riscv: Make rv_decode::cfg const
target/arm: Have arm_sctlr_b() take a const @env argument
target/arm: Have is_64() take a const @env argument
target/arm: Have cpu_isar_feature() use a const ARMCPU object
target/arm: Have arm_feature() take a const @env argument
target/alpha: Expand TCGv type for 64-bit target
target/alpha: Remove target_ulong uses in get_physical_address()
target/alpha: Do not use target_ulong for page table entries / indexes
target/alpha: Do not use target_ulong for trap arguments
target/alpha: Replace target_ulong -> uint64_t in gdb_write_register()
target/alpha: Build system units in common source set
target/alpha: Avoid target-specific migration headers in machine.c
target/m68k: Inline translator_ld[uw,l,q]() calls
target/i386: Inline translator_ld[uw,l,q]() calls
target/riscv: Inline translator_ld[uw,l,q]() calls
target/riscv: Inline cpu_ld[lq]_code() calls
target/ppc: Inline cpu_ldl_code() call in ppc_ldl_code()
target/ppc: Check endianness at runtime in ppc_data_endian_env()
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The CPUClass::disas_set_info() handler is meant to initialize
the %disassemble_info structure; it shoudn't alter the CPU state.
Enforce the CPUState can not be modified by having the handler
take a const pointer.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20260202222412.24923-8-philmd@linaro.org>
Disassembler is not expected to alter the CPU config.
Besides, all other RISC-V methods takes a const RISCVCPUConfig.
Make the @cfg field of the rv_decode structure const, passing
a const pointer to disasm_inst().
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260202222412.24923-6-philmd@linaro.org>
The Alpha targets are only built as 64-bit:
$ git grep TARGET_LONG_BITS configs/targets/alpha-*
configs/targets/alpha-linux-user.mak:4:TARGET_LONG_BITS=64
configs/targets/alpha-softmmu.mak:2:TARGET_LONG_BITS=64
Replace:
TCGv -> TCGv_i64
tcg_temp_new -> tcg_temp_new_i64
This is a mechanical replacement, adapting style to pass
the checkpatch.pl script.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260202234550.34156-8-philmd@linaro.org>
%L[123]pte are loaded calling ldq_le_phys() which returns
a uint64_t. %pt is loaded with @ptbr, declared as uint64_t
in target/alpha/cpu.h:
236 uint64_t ptbr;
%index is at most 1024 so can fit in uint16_t.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260202234550.34156-6-philmd@linaro.org>
%mmcsr and %cause are filled with @trap_arg1 / @trap_arg2,
both declared as uint64_t in target/alpha/cpu.h:
229 uint64_t trap_arg1;
230 uint64_t trap_arg2;
...
Use uint64_t instead of target_ulong.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260202234550.34156-5-philmd@linaro.org>
Since commits bb5de52524 ("target: Widen pc/cs_base in
cpu_get_tb_cpu_state") and 32f0c394bb ("target: Use vaddr
in gen_intermediate_code") we remove all uses of the target_ulong
type in target/alpha/. Use the meson target_common_system_arch[]
source set to prevent further uses of target-specific types.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260202234550.34156-3-philmd@linaro.org>
machine.c doesn't use any target-specific macro defined by
the "migration/cpu.h" header. Use the minimum header required:
"migration/qemu-file-types.h" and "migration/vmstate.h", which
are not target-specific.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260202234550.34156-2-philmd@linaro.org>
In preparation of removing the translator_ld[uw,l,q]() methods,
inline them for the m68k target, expanding MO_TE -> MO_BE since
this architecture is only available in big endianness.
Mechanical change using the following Coccinelle 'spatch' script:
@@
expression env, db, pc, do_swap;
@@
(
- translator_lduw(env, db, pc)
+ translator_lduw_end(env, db, pc, MO_BE)
|
- translator_ldl(env, db, pc)
+ translator_ldl_end(env, db, pc, MO_BE)
|
- translator_ldq(env, db, pc)
+ translator_ldq_end(env, db, pc, MO_BE)
)
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-ID: <20260202214050.98935-1-philmd@linaro.org>
In preparation of removing the cpu_ldl_code() and cpu_ldq_code()
wrappers, inline them.
Since RISC-V instructions are always stored in little-endian order
(see "Volume I: RISC-V Unprivileged ISA" document, chapter
'Instruction Encoding Spaces and Prefixes': "instruction fetch
in RISC-V is little-endian"), replace MO_TE -> MO_LE.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20260202214317.99090-1-philmd@linaro.org>
In preparation of removing the cpu_ldl_code wrapper, inline it.
Get the runtime endianness with ppc_data_endian_env(), passing it
to cpu_ldl_code_mmu(). No need to swap versus qemu-system binary
anymore.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Anton Johansson <anjo@rev.ng>
Message-Id: <20260202210106.93257-12-philmd@linaro.org>
Rather than using a boolean with translator_ldl_swap(),
get the MemOp endianness with ppc_code_endian() and pass
it to translator_ldl_end().
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Anton Johansson <anjo@rev.ng>
Message-Id: <20260202210106.93257-8-philmd@linaro.org>
Introduce the ppc_code_endian_dc() helper which returns the
MemOp endianness for the CODE path.
Use it in need_byteswap(), removing one TARGET_BIG_ENDIAN.
Note, the target MemOp endianness can be evaluated as (see
commit 5c43a750b6 "accel/tcg: Implement translator_ld*_end"):
MO_TE ^ (do_swap * MO_BSWAP)
For PPC we use the DisasContext::le_mode field to swap the
default (big-endian) order, so to get the PPC MemOp endianness
we can directly use:
MO_BE ^ (ctx->le_mode * MO_BSWAP)
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Anton Johansson <anjo@rev.ng>
Message-ID: <20260202210106.93257-7-philmd@linaro.org>
Introduce ppc_data_endian_env() which returns the endian MemOp
of the data path from the vCPU env pointer. Keep it hardcoded
as MO_TE, the target built-time endianness.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Anton Johansson <anjo@rev.ng>
Message-ID: <20260202210106.93257-6-philmd@linaro.org>
In preparation of removing the cpu_ld*_data_ra() and
cpu_st*_data_ra() calls, inline them. No logical change
intended.
We note the page translation hash address is expected to
be aligned, so the MO_UNALN flag is misleading. Next commit
will remove it.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Anton Johansson <anjo@rev.ng>
Message-Id: <20260202210106.93257-4-philmd@linaro.org>
Inline the cpu_ldl_data_ra() call in preparation of
removing it. Since the returned value is discarded,
don't bother to set the access endianness.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Anton Johansson <anjo@rev.ng>
Message-Id: <20260202210106.93257-2-philmd@linaro.org>
Use the new acpi_build_madt_standalone() function to fill the MADT
parameter field.
The IGVM parameter can be consumed by Coconut SVSM [1], instead of
relying on the fw_cfg interface, which has caused problems before due to
unexpected access [2,3]. Using IGVM parameters is the default way for
Coconut SVSM across hypervisors; switching over would allow removing
specialized code paths for QEMU in Coconut.
Coconut SVSM needs to know the SMP configuration, but does not look at
any other ACPI data, nor does it interact with the PCI bus settings.
Since the MADT is static and not linked with other ACPI tables, it can
be supplied stand-alone like this.
Generating the MADT twice (during ACPI table building and IGVM processing)
seems acceptable, since there is no infrastructure to obtain the MADT
out of the ACPI table memory area.
In any case OVMF, which runs after SVSM has already been initialized,
will continue reading all ACPI tables via fw_cfg and provide fixed up
ACPI data to the OS as before without any changes.
The IGVM parameter handler is implemented for the i386 machine target
and stubbed for all others.
[1] https://github.com/coconut-svsm/svsm/pull/858
[2] https://gitlab.com/qemu-project/qemu/-/issues/2882
[3] https://github.com/coconut-svsm/svsm/issues/646
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
Message-ID: <20260130054714.715928-10-osteffen@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Change meson script to only include the IGVM stubs file if the IGVM
feature is enabled. It is used to handle architecture specific
differences within the IGVM backend, not to provide stubs of the backend
itself.
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
Message-ID: <20260130054714.715928-9-osteffen@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Pass the full MachineState to the IGVM backend during file processing,
instead of just the ConfidentialGuestSupport struct (which is a member
of the MachineState).
This replaces the cgs parameter of qigvm_process_file() with the machine
state to make it available in the IGVM processing context.
We will use it later to generate MADT data there to pass to the guest
as IGVM parameter.
Reviewed-by: Luigi Leonardi <leonardi@redhat.com>
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
Message-ID: <20260130054714.715928-8-osteffen@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Use qigvm_find_param_entry() also in qigvm_parameter_insert().
This changes behavior: Processing now stops after the first parameter
entry found. That is OK, because we expect only one matching entry
anyway.
Reviewed-by: Luigi Leonardi <leonardi@redhat.com>
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
Message-ID: <20260130054714.715928-7-osteffen@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Move repeating code for finding the parameter entries in the IGVM
backend out of the parameter handlers into a common function.
A warning message is emitted in case a no parameter entry can be found
for a given index.
Reviewed-by: Luigi Leonardi <leonardi@redhat.com>
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
Message-ID: <20260130054714.715928-6-osteffen@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Move QIgvm and QIgvmParameter struct definitions from the source file
into an IGVM internal header file to allow implementing architecture
specific IGVM code in other places, for example target/i386/igvm.c.
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
Message-ID: <20260130054714.715928-5-osteffen@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Make the BIOS linker optional in acpi_table_end() and calculate the ACPI
table checksum directly if no linker is provided.
This makes it possible to call for example
acpi_build_madt() from outside the ACPI table builder context.
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
Message-ID: <20260130054714.715928-3-osteffen@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Move igvm file processing from machine init to reset callbacks. With
that the igvm file is properly re-loaded on reset. Also the loading
happens later in the init process now. This will simplify future
support for some IGVM parameters which depend on initialization steps
which happen after machine init.
Reviewed-by: Ani Sinha <anisinha@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-ID: <20260126123755.357378-6-kraxel@redhat.com>
Add UserCreatableClass->complete callback function for igvm-cfg object.
Move file loading and parsing of the igvm file from the process function
to the new complete() callback function. Keep the igvm file loaded
after processing, release it in finalize() instead, so we parse it only
once.
Reviewed-by: Ani Sinha <anisinha@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-ID: <20260126123755.357378-4-kraxel@redhat.com>
Add TYPE_RESETTABLE_INTERFACE to interfaces. Register callbacks for the
reset phases. Add trace points for logging and debugging. No
functional change, that will come in followup patches.
Reviewed-by: Ani Sinha <anisinha@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-ID: <20260126123755.357378-3-kraxel@redhat.com>
Add a new igvm-internal.h header file. Structs and declarations which
depend on the igvm library header go into that file.
Also declare IgvmCfg in typedefs.h, so the type can be used without
including igvm header files.
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-ID: <20260126123755.357378-2-kraxel@redhat.com>
Payload size is the variable request size, not the total buffer size.
Take that into account and subtract header sizes.
Fixes: db1ecfb473 ("hw/uefi: add var-service-vars.c")
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-ID: <20260114104745.3465860-1-kraxel@redhat.com>
Only execute the time time check if the EFI_VARIABLE_APPEND_WRITE bit is
clear. For append-write updates the timestamp verification is not
needed.
See uefi spec, section "8.2.6 Using the EFI_VARIABLE_AUTHENTICATION_2
descriptor"
Fixes: db1ecfb473 ("hw/uefi: add var-service-vars.c")
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-ID: <20251104102714.733078-1-kraxel@redhat.com>
Misc HW & memory API patches
- Add unit test for qemu_hexdump()
- Remove legacy native endianness API uses on the Alpha target
- Remove unused memory_region_init_rom_device_nomigrate()
- Fix use-after-free in NvmeNamespace "bootindex" suffix
- Correct documentation of SCSI Rotation Rate field
- Make iotlb_to_section() work with non-CPU AddressSpaces
- Reduce few monitor target-specific methods
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmmBFLoACgkQ4+MsLN6t
# wN4jrhAAjSb6hqXTTGWqVdyovdjCWmUOa3b8CZvTVycI2xTRA2HDqawnZSZrYwJS
# Wz20vyfylaoVI9OUibQOYBrpuZw1TBI4G7IeLBgdtzVW6oygIiHO1IlhtEENJtm7
# IXOMoU59ToQ85JWUZN6dwd6mbhBkR5roPJzJseyh/D5gf3t7/BE+jMXyAPNgls2A
# jnrgxw/1f1/DnIfAwbKaQfPuTVGerFmuicLhZsIrE9KFW2z8+acEPckAQKugsUqO
# vRrNz4m5ekNIijQfQwgU5XMhLDmiOfh0lRruecWOmCham3IKUaQ4YngGiArM8Q/p
# I9zcejrISWqlEYteu65OvB0ZOStEDGuCCu+sCDdvvFLTTfzkAEyyAKf4+rLdYS3L
# AWk1pm5YRQUb62VdNnFYXNVatDODixOSj2icoj4ojud2J9BsdHgvf7qPJ9IMgp2a
# eGnLj/F/38OUKRkj6kzzIUf5t/g9ZmC+JsdLcW1EleQLGiv4+yXqiH7c7swalXK5
# dZCjIrr92/iiemx9/kIi6oxkjlibzhDm9fF0NLoHhMOs9YGarbJx+J1YjRfQSnvh
# MehsqLV/D8KQvhy4VLsrEIPEx53g38SnXeHKBmyBXvZKeD2aqvzfaSilgHbrmFpu
# F6fD8FASkS+QVK0Fo+zOU7Zq3wuMebiDD7ioiE1JO8yg3KFS8jQ=
# =djFg
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 03 Feb 2026 07:18:50 AM AEST
# gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE
* tag 'hw-misc-20260202' of https://github.com/philmd/qemu:
monitor: Reduce target-specific methods
monitor: Add hmp_cmds_for_target() helper
monitor: Reduce target-specific declarations
target/i386: Include missing 'svm.h' header in 'sev.h'
system/physmem: Remove the assertion of page-aligned section number
accel/tcg: Fix iotlb_to_section() for different AddressSpace
accel/tcg: Send the CPUTLBEntryFull struct into io_prepare()
hw/ide, scsi-disk: Fix typo on the rotation_rate documentation
hw/nvme: Fix bootindex suffix use-after-free
memory: Add internal memory_region_set_ops helper function
memory: Remove memory_region_init_rom_device_nomigrate()
target/alpha: Replace legacy ld_phys() -> address_space_ld()
configs/targets: Forbid Alpha to use legacy native endianness APIs
target/alpha: Inline translator_ldl()
target/alpha: Use explicit little-endian LD/ST API
tests/unit: add unit test for qemu_hexdump()
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
