[Qemu-devel] [RFC v3 PATCH 00/45] Initial support of multi-process qemu

[Qemu-devel] [RFC v3 PATCH 00/45] Initial support of multi-process qemu

[Jagannathan Raman]

Started with the presentation in October 2017 made by Marc-Andre (Red Hat)
and Konrad Wilk (Oracle) [1], and continued by Jag's BoF at KVM Forum 2018,
the multi-process project is now a prototype and presented in this patchset.

This first series enables the emulation of lsi53c895a in a separate process.

We posted the Proof Of Concept patches [2] before the BoF session in 2018.
Subsequently, we posted RFC v1 [3] & RFC v2 [4] of this series. 

Thanks to the v1 & v2 review, we were able to incorporate the feedback into
our goals.

In the summer of 2019, we participated in a conference with folks at RedHat,
who provided us with feedback to improve the design of this project. 

We want to present version 3 of this series which incorporates the feedback
we received for v2 & the enhancements suggested in the conference. Following
are the improvements made in this series:
  - The command-line arguments are Orchestrator friendly. A new option
    named "-remote" carries the command-line of the emulation process.
    Added "rid" suboption to the "-device" option and moved "-drive"
    option to the emulation process's command-line.
  - Redesigned Monitor interface allows direct access to the remote process,
    thereby making it more scalable, maintainable & Orchestrator friendly.
    We also enabled more monitor commands for the remote process.
  - Enabled the remote process to run multiple LSI controllers
  - Redesigned the communication link to support multiple channels. MMIO
    transactions are carried out in a separate channel.
  - Fixed the bugs discovered during testing. Individual patches provide
    the details of these fixes.

Following people contributed to this patchset:

John G Johnson <john.g.johnson@oracle.com>
Jagannathan Raman <jag.raman@oracle.com>
Elena Ufimtseva <elena.ufimtseva@oracle.com>
Kanth Ghatraju <kanth.ghatraju@oracle.com>

For full concept writeup about QEMU disaggregation refer to
docs/devel/qemu-multiprocess.txt. Please refer to 
docs/qemu-multiprocess.txt for usage information.

We are planning on making the following improvements in the future:
  - Live migration
  - Performance improvements
  - Libvirt support
  - Enforcement of security policies
  - blockdev support

We welcome all your ideas, concerns, and questions for this patchset.

Thank you!

[1]: http://events17.linuxfoundation.org/sites/events/files/slides/KVM%20FORUM%20multi-process.pdf
[1]: https://www.youtube.com/watch?v=Kq1-coHh7lg
[2]: https://www.mail-archive.com/qemu-devel@nongnu.org/msg566538.html
[3]: https://www.mail-archive.com/qemu-devel@nongnu.org/msg602285.html
[4]: https://www.mail-archive.com/qemu-devel@nongnu.org/msg624877.html

Elena Ufimtseva (20):
  multi-process: add a command line option for debug file
  multi-process: introduce proxy object
  mutli-process: build remote command line args
  multi-process: add support of device id to communication channel
  multi-process: modify BARs read/write to support dev_id
  multi-process: support dev id in config read/write
  multi-process: configure remote side devices
  multi-process: add qdev_proxy_add to create proxy devices
  multi-process: remote: add setup_devices and setup_drive msg
    processing
  multi-process: remote: use fd for socket from parent process
  multi-process: remote: add create_done condition
  multi-process: add processing of remote drive and device command line
  multi-process: refractor vl.c code to re-use in remote
  multi-process: add remote option
  multi-process: add remote options parser
  multi-process: add parse_cmdline in remote process
  multi-process: add support for multiple devices
  multi-process: add heartbeat timer and signal handler
  multi-process: handle heartbeat messages in remote process
  multi-process: add configure and usage information

Jagannathan Raman (24):
  multi-process: memory: alloc RAM from file at offset
  multi-process: util: Add qemu_thread_cancel() to cancel running thread
  multi-process: Add stub functions to facilate build of multi-process
  multi-process: Add config option for multi-process QEMU
  multi-process: build system for remote device process
  multi-process: define proxy-link object
  multi-process: add functions to synchronize proxy and remote endpoints
  multi-process: setup PCI host bridge for remote device
  multi-process: setup a machine object for remote device process
  multi-process: setup memory manager for remote device
  multi-process: remote process initialization
  multi-process: PCI BAR read/write handling for proxy & remote
    endpoints
  multi-process: Add LSI device proxy object
  multi-process: Synchronize remote memory
  multi-process: create IOHUB object to handle irq
  multi-process: Introduce build flags to separate remote process code
  multi-process: Use separate MMIO communication channel
  multi-process: perform device reset in the remote process
  multi-process/mon: stub functions to enable QMP module for remote
    process
  multi-process/mon: build system for QMP module in remote process
  multi-process/mon: Refactor monitor/chardev functions out of vl.c
  multi-process/mon: trim HMP command set for remote storage processes
  multi-process/mon: Initialize QMP module for remote processes
  multi-process: prevent duplicate memory initialization in remote

John G Johnson (1):
  multi-process: add the concept description to
    docs/devel/qemu-multiprocess

 Makefile                            |   2 +
 Makefile.objs                       |  33 ++
 Makefile.target                     |  91 +++++-
 accel/stubs/kvm-stub.c              |   5 +
 accel/stubs/tcg-stub.c              |  95 ++++++
 backends/Makefile.objs              |   2 +
 block/Makefile.objs                 |   2 +
 configure                           |  15 +
 docs/devel/qemu-multiprocess.txt    | 627 ++++++++++++++++++++++++++++++++++++
 docs/qemu-multiprocess.txt          |  86 +++++
 exec.c                              |  14 +-
 hmp-scsi-commands-info.hx           | 167 ++++++++++
 hmp-scsi-commands.hx                | 384 ++++++++++++++++++++++
 hw/Makefile.objs                    |   9 +
 hw/block/Makefile.objs              |   2 +
 hw/core/Makefile.objs               |  16 +
 hw/nvram/Makefile.objs              |   2 +
 hw/pci/Makefile.objs                |   4 +
 hw/proxy/Makefile.objs              |   1 +
 hw/proxy/memory-sync.c              | 226 +++++++++++++
 hw/proxy/proxy-lsi53c895a.c         | 168 ++++++++++
 hw/proxy/qemu-proxy.c               | 615 +++++++++++++++++++++++++++++++++++
 hw/scsi/Makefile.objs               |   2 +
 include/exec/address-spaces.h       |   2 +
 include/exec/ram_addr.h             |   2 +-
 include/glib-compat.h               |   4 +
 include/hw/pci/pci_ids.h            |   3 +
 include/hw/proxy/memory-sync.h      |  51 +++
 include/hw/proxy/proxy-lsi53c895a.h |  42 +++
 include/hw/proxy/qemu-proxy.h       | 106 ++++++
 include/hw/qdev-core.h              |   2 +
 include/io/proxy-link.h             | 202 ++++++++++++
 include/monitor/qdev.h              |  24 ++
 include/qemu-common.h               |   8 +
 include/qemu/log.h                  |   1 +
 include/qemu/mmap-alloc.h           |   3 +-
 include/qemu/thread.h               |   1 +
 include/remote/iohub.h              |  63 ++++
 include/remote/machine.h            |  48 +++
 include/remote/memory.h             |  34 ++
 include/remote/pcihost.h            |  59 ++++
 io/Makefile.objs                    |   2 +
 io/proxy-link.c                     | 363 +++++++++++++++++++++
 memory.c                            |   2 +-
 migration/Makefile.objs             |   2 +
 monitor/Makefile.objs               |   3 +
 monitor/misc.c                      |  84 ++---
 monitor/monitor-internal.h          |  38 +++
 qapi/Makefile.objs                  |   2 +
 qdev-monitor.c                      | 257 ++++++++++++++-
 qemu-options.hx                     |  21 ++
 qom/Makefile.objs                   |   5 +
 remote/Makefile.objs                |   6 +
 remote/iohub.c                      | 159 +++++++++
 remote/machine.c                    | 133 ++++++++
 remote/memory.c                     |  99 ++++++
 remote/pcihost.c                    |  84 +++++
 remote/remote-main.c                | 626 +++++++++++++++++++++++++++++++++++
 remote/remote-opts.c                | 123 +++++++
 remote/remote-opts.h                |  31 ++
 rules.mak                           |   2 +-
 stubs/gdbstub.c                     |  21 ++
 stubs/machine-init-done.c           |   4 +
 stubs/migration.c                   | 162 ++++++++++
 stubs/monitor.c                     |  65 ++++
 stubs/net-stub.c                    | 100 ++++++
 stubs/qapi-misc.c                   |  41 +++
 stubs/qapi-target.c                 |  49 +++
 stubs/replay.c                      |  18 ++
 stubs/ui-stub.c                     | 130 ++++++++
 stubs/vl-stub.c                     | 169 ++++++++++
 stubs/vmstate.c                     |  20 ++
 stubs/xen-mapcache.c                |  22 ++
 ui/Makefile.objs                    |   2 +
 util/log.c                          |   2 +
 util/mmap-alloc.c                   |   7 +-
 util/oslib-posix.c                  |   2 +-
 util/qemu-thread-posix.c            |  10 +
 vl-parse.c                          | 249 ++++++++++++++
 vl.c                                | 298 ++++++++---------
 vl.h                                |  58 ++++
 81 files changed, 6466 insertions(+), 228 deletions(-)
 create mode 100644 docs/devel/qemu-multiprocess.txt
 create mode 100644 docs/qemu-multiprocess.txt
 create mode 100644 hmp-scsi-commands-info.hx
 create mode 100644 hmp-scsi-commands.hx
 create mode 100644 hw/proxy/Makefile.objs
 create mode 100644 hw/proxy/memory-sync.c
 create mode 100644 hw/proxy/proxy-lsi53c895a.c
 create mode 100644 hw/proxy/qemu-proxy.c
 create mode 100644 include/hw/proxy/memory-sync.h
 create mode 100644 include/hw/proxy/proxy-lsi53c895a.h
 create mode 100644 include/hw/proxy/qemu-proxy.h
 create mode 100644 include/io/proxy-link.h
 create mode 100644 include/remote/iohub.h
 create mode 100644 include/remote/machine.h
 create mode 100644 include/remote/memory.h
 create mode 100644 include/remote/pcihost.h
 create mode 100644 io/proxy-link.c
 create mode 100644 remote/Makefile.objs
 create mode 100644 remote/iohub.c
 create mode 100644 remote/machine.c
 create mode 100644 remote/memory.c
 create mode 100644 remote/pcihost.c
 create mode 100644 remote/remote-main.c
 create mode 100644 remote/remote-opts.c
 create mode 100644 remote/remote-opts.h
 create mode 100644 stubs/migration.c
 create mode 100644 stubs/net-stub.c
 create mode 100644 stubs/qapi-misc.c
 create mode 100644 stubs/qapi-target.c
 create mode 100644 stubs/ui-stub.c
 create mode 100644 stubs/vl-stub.c
 create mode 100644 stubs/xen-mapcache.c
 create mode 100644 vl-parse.c
 create mode 100644 vl.h

-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 01/45] multi-process: memory: alloc RAM from file at offset

[Jagannathan Raman]

Allow RAM MemoryRegion to be created from an offset in a file, instead
of allocating at offset of 0 by default. This is needed to synchronize
RAM between QEMU & remote process.
This will be needed for the following patches.

Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 exec.c                    | 11 +++++++----
 include/exec/ram_addr.h   |  2 +-
 include/qemu/mmap-alloc.h |  3 ++-
 memory.c                  |  2 +-
 util/mmap-alloc.c         |  7 ++++---
 util/oslib-posix.c        |  2 +-
 6 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/exec.c b/exec.c
index 3e78de3..b3f1aa9 100644
--- a/exec.c
+++ b/exec.c
@@ -1885,6 +1885,7 @@ static void *file_ram_alloc(RAMBlock *block,
                             ram_addr_t memory,
                             int fd,
                             bool truncate,
+                            off_t offset,
                             Error **errp)
 {
     MachineState *ms = MACHINE(qdev_get_machine());
@@ -1936,7 +1937,8 @@ static void *file_ram_alloc(RAMBlock *block,
     }
 
     area = qemu_ram_mmap(fd, memory, block->mr->align,
-                         block->flags & RAM_SHARED, block->flags & RAM_PMEM);
+                         block->flags & RAM_SHARED, block->flags & RAM_PMEM,
+                         offset);
     if (area == MAP_FAILED) {
         error_setg_errno(errp, errno,
                          "unable to map backing store for guest RAM");
@@ -2325,7 +2327,7 @@ static void ram_block_add(RAMBlock *new_block, Error **errp, bool shared)
 #ifdef CONFIG_POSIX
 RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
                                  uint32_t ram_flags, int fd,
-                                 Error **errp)
+                                 off_t offset, Error **errp)
 {
     RAMBlock *new_block;
     Error *local_err = NULL;
@@ -2370,7 +2372,8 @@ RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
     new_block->used_length = size;
     new_block->max_length = size;
     new_block->flags = ram_flags;
-    new_block->host = file_ram_alloc(new_block, size, fd, !file_size, errp);
+    new_block->host = file_ram_alloc(new_block, size, fd, !file_size, offset,
+                                     errp);
     if (!new_block->host) {
         g_free(new_block);
         return NULL;
@@ -2400,7 +2403,7 @@ RAMBlock *qemu_ram_alloc_from_file(ram_addr_t size, MemoryRegion *mr,
         return NULL;
     }
 
-    block = qemu_ram_alloc_from_fd(size, mr, ram_flags, fd, errp);
+    block = qemu_ram_alloc_from_fd(size, mr, ram_flags, fd, 0, errp);
     if (!block) {
         if (created) {
             unlink(mem_path);
diff --git a/include/exec/ram_addr.h b/include/exec/ram_addr.h
index b7b2e60..15837a1 100644
--- a/include/exec/ram_addr.h
+++ b/include/exec/ram_addr.h
@@ -164,7 +164,7 @@ RAMBlock *qemu_ram_alloc_from_file(ram_addr_t size, MemoryRegion *mr,
                                    Error **errp);
 RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
                                  uint32_t ram_flags, int fd,
-                                 Error **errp);
+                                 off_t offset, Error **errp);
 
 RAMBlock *qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
                                   MemoryRegion *mr, Error **errp);
diff --git a/include/qemu/mmap-alloc.h b/include/qemu/mmap-alloc.h
index e786266..4f57985 100644
--- a/include/qemu/mmap-alloc.h
+++ b/include/qemu/mmap-alloc.h
@@ -25,7 +25,8 @@ void *qemu_ram_mmap(int fd,
                     size_t size,
                     size_t align,
                     bool shared,
-                    bool is_pmem);
+                    bool is_pmem,
+                    off_t start);
 
 void qemu_ram_munmap(int fd, void *ptr, size_t size);
 
diff --git a/memory.c b/memory.c
index 5d8c9a9..debed5e 100644
--- a/memory.c
+++ b/memory.c
@@ -1622,7 +1622,7 @@ void memory_region_init_ram_from_fd(MemoryRegion *mr,
     mr->destructor = memory_region_destructor_ram;
     mr->ram_block = qemu_ram_alloc_from_fd(size, mr,
                                            share ? RAM_SHARED : 0,
-                                           fd, &err);
+                                           fd, 0, &err);
     mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
     if (err) {
         mr->size = int128_zero();
diff --git a/util/mmap-alloc.c b/util/mmap-alloc.c
index f7f177d..4b727bd 100644
--- a/util/mmap-alloc.c
+++ b/util/mmap-alloc.c
@@ -86,7 +86,8 @@ void *qemu_ram_mmap(int fd,
                     size_t size,
                     size_t align,
                     bool shared,
-                    bool is_pmem)
+                    bool is_pmem,
+                    off_t start)
 {
     int flags;
     int map_sync_flags = 0;
@@ -147,7 +148,7 @@ void *qemu_ram_mmap(int fd,
     offset = QEMU_ALIGN_UP((uintptr_t)guardptr, align) - (uintptr_t)guardptr;
 
     ptr = mmap(guardptr + offset, size, PROT_READ | PROT_WRITE,
-               flags | map_sync_flags, fd, 0);
+               flags | map_sync_flags, fd, start);
 
     if (ptr == MAP_FAILED && map_sync_flags) {
         if (errno == ENOTSUP) {
@@ -172,7 +173,7 @@ void *qemu_ram_mmap(int fd,
          * we will remove these flags to handle compatibility.
          */
         ptr = mmap(guardptr + offset, size, PROT_READ | PROT_WRITE,
-                   flags, fd, 0);
+                   flags, fd, start);
     }
 
     if (ptr == MAP_FAILED) {
diff --git a/util/oslib-posix.c b/util/oslib-posix.c
index fe0309c..f6a243f 100644
--- a/util/oslib-posix.c
+++ b/util/oslib-posix.c
@@ -204,7 +204,7 @@ void *qemu_memalign(size_t alignment, size_t size)
 void *qemu_anon_ram_alloc(size_t size, uint64_t *alignment, bool shared)
 {
     size_t align = QEMU_VMALLOC_ALIGN;
-    void *ptr = qemu_ram_mmap(-1, size, align, shared, false);
+    void *ptr = qemu_ram_mmap(-1, size, align, shared, false, 0);
 
     if (ptr == MAP_FAILED) {
         return NULL;
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 02/45] multi-process: util: Add qemu_thread_cancel() to cancel running thread

[Jagannathan Raman]

qemu_thread_cancel() added to destroy a given running thread.
This will be needed in the following patches.

Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 include/qemu/thread.h    |  1 +
 util/qemu-thread-posix.c | 10 ++++++++++
 2 files changed, 11 insertions(+)

diff --git a/include/qemu/thread.h b/include/qemu/thread.h
index 55d83a9..78791be 100644
--- a/include/qemu/thread.h
+++ b/include/qemu/thread.h
@@ -156,6 +156,7 @@ void qemu_thread_create(QemuThread *thread, const char *name,
                         void *(*start_routine)(void *),
                         void *arg, int mode);
 void *qemu_thread_join(QemuThread *thread);
+void qemu_thread_cancel(QemuThread *thread);
 void qemu_thread_get_self(QemuThread *thread);
 bool qemu_thread_is_self(QemuThread *thread);
 void qemu_thread_exit(void *retval);
diff --git a/util/qemu-thread-posix.c b/util/qemu-thread-posix.c
index 1bf5e65..7c89071 100644
--- a/util/qemu-thread-posix.c
+++ b/util/qemu-thread-posix.c
@@ -573,3 +573,13 @@ void *qemu_thread_join(QemuThread *thread)
     }
     return ret;
 }
+
+void qemu_thread_cancel(QemuThread *thread)
+{
+    int err;
+
+    err = pthread_cancel(thread->thread);
+    if (err) {
+        error_exit(err, __func__);
+    }
+}
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 03/45] multi-process: add a command line option for debug file

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Can be used with -d rdebug command options when starting qemu.

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
 include/qemu/log.h | 1 +
 util/log.c         | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/include/qemu/log.h b/include/qemu/log.h
index b097a6c..ca6f490 100644
--- a/include/qemu/log.h
+++ b/include/qemu/log.h
@@ -45,6 +45,7 @@ static inline bool qemu_log_separate(void)
 /* LOG_TRACE (1 << 15) is defined in log-for-trace.h */
 #define CPU_LOG_TB_OP_IND  (1 << 16)
 #define CPU_LOG_TB_FPU     (1 << 17)
+#define LOG_REMOTE_DEBUG   (1 << 18)
 
 /* Lock output for a series of related logs.  Since this is not needed
  * for a single qemu_log / qemu_log_mask / qemu_log_mask_and_addr, we
diff --git a/util/log.c b/util/log.c
index 1d1b33f..78e3e82 100644
--- a/util/log.c
+++ b/util/log.c
@@ -273,6 +273,8 @@ const QEMULogItem qemu_log_items[] = {
     { CPU_LOG_TB_NOCHAIN, "nochain",
       "do not chain compiled TBs so that \"exec\" and \"cpu\" show\n"
       "complete traces" },
+    { LOG_REMOTE_DEBUG, "rdebug",
+      "log remote debug" },
     { 0, NULL, NULL },
 };
 
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 04/45] multi-process: Add stub functions to facilate build of multi-process

[Jagannathan Raman]

Add stub functions that are needed during compile time but not in
runtime.

Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 accel/stubs/kvm-stub.c    |  5 +++
 accel/stubs/tcg-stub.c    | 85 +++++++++++++++++++++++++++++++++++++++++++++++
 stubs/machine-init-done.c |  4 +++
 stubs/monitor.c           | 33 ++++++++++++++++++
 stubs/net-stub.c          | 31 +++++++++++++++++
 stubs/replay.c            | 14 ++++++++
 stubs/vl-stub.c           | 77 ++++++++++++++++++++++++++++++++++++++++++
 stubs/vmstate.c           | 20 +++++++++++
 stubs/xen-mapcache.c      | 22 ++++++++++++
 9 files changed, 291 insertions(+)
 create mode 100644 stubs/net-stub.c
 create mode 100644 stubs/vl-stub.c
 create mode 100644 stubs/xen-mapcache.c

diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c
index 6feb66e..f129dfb 100644
--- a/accel/stubs/kvm-stub.c
+++ b/accel/stubs/kvm-stub.c
@@ -31,6 +31,7 @@ bool kvm_allowed;
 bool kvm_readonly_mem_allowed;
 bool kvm_ioeventfd_any_length_allowed;
 bool kvm_msi_use_devid;
+bool kvm_halt_in_kernel_allowed;
 
 int kvm_destroy_vcpu(CPUState *cpu)
 {
@@ -58,6 +59,10 @@ void kvm_cpu_synchronize_post_init(CPUState *cpu)
 {
 }
 
+void kvm_cpu_synchronize_pre_loadvm(CPUState *cpu)
+{
+}
+
 int kvm_cpu_exec(CPUState *cpu)
 {
     abort();
diff --git a/accel/stubs/tcg-stub.c b/accel/stubs/tcg-stub.c
index 76ae461..52722c7 100644
--- a/accel/stubs/tcg-stub.c
+++ b/accel/stubs/tcg-stub.c
@@ -16,11 +16,96 @@
 #include "tcg/tcg.h"
 #include "exec/cpu-common.h"
 #include "exec/exec-all.h"
+#include "translate-all.h"
+#include "exec/ram_addr.h"
+
+bool parallel_cpus;
 
 void tb_flush(CPUState *cpu)
 {
 }
 
+void tb_check_watchpoint(CPUState *cpu)
+{
+}
+
+void tb_invalidate_phys_range(ram_addr_t start, ram_addr_t end)
+{
+}
+
+void tb_invalidate_phys_page_range(tb_page_addr_t start, tb_page_addr_t end,
+                                   int is_cpu_write_access)
+{
+}
+
+void tb_invalidate_phys_page_fast(struct page_collection *pages,
+                                  tb_page_addr_t start, int len)
+{
+}
+
+void tlb_init(CPUState *cpu)
+{
+}
+
 void tlb_set_dirty(CPUState *cpu, target_ulong vaddr)
 {
 }
+
+void tlb_flush(CPUState *cpu)
+{
+}
+
+void tlb_flush_page(CPUState *cpu, target_ulong addr)
+{
+}
+
+void tlb_reset_dirty(CPUState *cpu, ram_addr_t start1, ram_addr_t length)
+{
+}
+
+void tcg_region_init(void)
+{
+}
+
+void tcg_register_thread(void)
+{
+}
+
+void tcg_flush_softmmu_tlb(CPUState *cs)
+{
+}
+
+void cpu_loop_exit_noexc(CPUState *cpu)
+{
+    cpu->exception_index = -1;
+    cpu_loop_exit(cpu);
+}
+
+void cpu_loop_exit(CPUState *cpu)
+{
+    cpu->can_do_io = 1;
+    siglongjmp(cpu->jmp_env, 1);
+}
+
+void cpu_reloading_memory_map(void)
+{
+}
+
+int cpu_exec(CPUState *cpu)
+{
+    return 0;
+}
+
+void cpu_exec_step_atomic(CPUState *cpu)
+{
+}
+
+struct page_collection *
+page_collection_lock(tb_page_addr_t start, tb_page_addr_t end)
+{
+    return NULL;
+}
+
+void page_collection_unlock(struct page_collection *set)
+{
+}
diff --git a/stubs/machine-init-done.c b/stubs/machine-init-done.c
index cd8e813..3deabc9 100644
--- a/stubs/machine-init-done.c
+++ b/stubs/machine-init-done.c
@@ -6,3 +6,7 @@ bool machine_init_done = true;
 void qemu_add_machine_init_done_notifier(Notifier *notify)
 {
 }
+
+void qemu_remove_machine_init_done_notifier(Notifier *notify)
+{
+}
diff --git a/stubs/monitor.c b/stubs/monitor.c
index c3e9a2e..75dafce 100644
--- a/stubs/monitor.c
+++ b/stubs/monitor.c
@@ -2,6 +2,12 @@
 #include "qapi/error.h"
 #include "qapi/qapi-emit-events.h"
 #include "monitor/monitor.h"
+#include "qapi/qapi-types-misc.h"
+#include "qapi/qapi-commands-misc.h"
+#include "qapi/qapi-types-qom.h"
+#include "qapi/qapi-commands-qdev.h"
+#include "hw/qdev-core.h"
+#include "sysemu/sysemu.h"
 
 __thread Monitor *cur_mon;
 
@@ -27,3 +33,30 @@ void monitor_init_hmp(Chardev *chr, bool use_readline)
 void qapi_event_emit(QAPIEvent event, QDict *qdict)
 {
 }
+
+int monitor_get_cpu_index(void)
+{
+    return -ENOSYS;
+}
+int monitor_printf(Monitor *mon, const char *fmt, ...)
+{
+    return -ENOSYS;
+}
+
+bool monitor_cur_is_qmp(void)
+{
+    return false;
+}
+
+ObjectPropertyInfoList *qmp_device_list_properties(const char *typename,
+                                                   Error **errp)
+{
+    return NULL;
+}
+
+VMChangeStateEntry *qdev_add_vm_change_state_handler(DeviceState *dev,
+                                                     VMChangeStateHandler *cb,
+                                                     void *opaque)
+{
+    return NULL;
+}
diff --git a/stubs/net-stub.c b/stubs/net-stub.c
new file mode 100644
index 0000000..cb2274b
--- /dev/null
+++ b/stubs/net-stub.c
@@ -0,0 +1,31 @@
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "net/net.h"
+
+int qemu_find_net_clients_except(const char *id, NetClientState **ncs,
+                                 NetClientDriver type, int max)
+{
+    return -ENOSYS;
+}
+
+NetClientState *net_hub_port_find(int hub_id)
+{
+    return NULL;
+}
+
+int net_hub_id_for_client(NetClientState *nc, int *id)
+{
+    return -ENOSYS;
+}
+
+int qemu_show_nic_models(const char *arg, const char *const *models)
+{
+    return -ENOSYS;
+}
+
+int qemu_find_nic_model(NICInfo *nd, const char * const *models,
+                        const char *default_model)
+{
+    return -ENOSYS;
+}
+
diff --git a/stubs/replay.c b/stubs/replay.c
index 4ac6078..38fd1d3 100644
--- a/stubs/replay.c
+++ b/stubs/replay.c
@@ -80,3 +80,17 @@ void replay_mutex_lock(void)
 void replay_mutex_unlock(void)
 {
 }
+
+bool replay_has_checkpoint(void)
+{
+    return false;
+}
+
+int replay_get_instructions(void)
+{
+    return 0;
+}
+
+void replay_account_executed_instructions(void)
+{
+}
diff --git a/stubs/vl-stub.c b/stubs/vl-stub.c
new file mode 100644
index 0000000..89db36c
--- /dev/null
+++ b/stubs/vl-stub.c
@@ -0,0 +1,77 @@
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "qemu/uuid.h"
+#include "sysemu/sysemu.h"
+#include "exec/cpu-common.h"
+#include "exec/gdbstub.h"
+#include "sysemu/replay.h"
+#include "disas/disas.h"
+
+bool tcg_allowed;
+bool xen_allowed;
+bool boot_strict;
+
+int mem_prealloc;
+int smp_cpus;
+int vga_interface_type = VGA_NONE;
+int smp_cores = 1;
+int smp_threads = 1;
+int icount_align_option;
+int boot_menu;
+
+unsigned int max_cpus;
+const uint32_t arch_type;
+const char *mem_path;
+uint8_t qemu_extra_params_fw[2];
+uint8_t *boot_splash_filedata;
+size_t boot_splash_filedata_size;
+struct syminfo *syminfos;
+
+ram_addr_t ram_size;
+MachineState *current_machine;
+QemuUUID qemu_uuid;
+
+int runstate_is_running(void)
+{
+    return 0;
+}
+
+void runstate_set(RunState new_state)
+{
+}
+
+void vm_state_notify(int running, RunState state)
+{
+}
+
+bool qemu_vmstop_requested(RunState *r)
+{
+    return false;
+}
+
+void qemu_system_debug_request(void)
+{
+}
+
+char *qemu_find_file(int type, const char *name)
+{
+    return NULL;
+}
+
+void gdb_set_stop_cpu(CPUState *cpu)
+{
+}
+
+void replay_enable_events(void)
+{
+}
+
+void replay_disable_events(void)
+{
+}
+
+#ifdef TARGET_I386
+void x86_cpu_list(void)
+{
+}
+#endif
diff --git a/stubs/vmstate.c b/stubs/vmstate.c
index e1e89b8..a9824bc 100644
--- a/stubs/vmstate.c
+++ b/stubs/vmstate.c
@@ -1,8 +1,11 @@
 #include "qemu/osdep.h"
 #include "migration/vmstate.h"
+#include "migration/misc.h"
 
 const VMStateDescription vmstate_dummy = {};
 
+const VMStateInfo vmstate_info_timer;
+
 int vmstate_register_with_alias_id(DeviceState *dev,
                                    int instance_id,
                                    const VMStateDescription *vmsd,
@@ -23,3 +26,20 @@ bool vmstate_check_only_migratable(const VMStateDescription *vmsd)
 {
     return true;
 }
+
+void vmstate_register_ram(MemoryRegion *mr, DeviceState *dev)
+{
+}
+
+void vmstate_unregister_ram(MemoryRegion *mr, DeviceState *dev)
+{
+}
+
+void vmstate_register_ram_global(MemoryRegion *mr)
+{
+}
+
+bool migration_is_idle(void)
+{
+    return true;
+}
diff --git a/stubs/xen-mapcache.c b/stubs/xen-mapcache.c
new file mode 100644
index 0000000..af5c031
--- /dev/null
+++ b/stubs/xen-mapcache.c
@@ -0,0 +1,22 @@
+#include "qemu/osdep.h"
+#include "exec/hwaddr.h"
+#include "exec/cpu-common.h"
+#include "sysemu/xen-mapcache.h"
+
+#ifdef CONFIG_XEN
+
+void xen_invalidate_map_cache_entry(uint8_t *buffer)
+{
+}
+
+uint8_t *xen_map_cache(hwaddr phys_addr, hwaddr size, uint8_t lock, bool dma)
+{
+    return NULL;
+}
+
+ram_addr_t xen_ram_addr_from_mapcache(void *ptr)
+{
+    return 0;
+}
+
+#endif
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 05/45] multi-process: Add config option for multi-process QEMU

[Jagannathan Raman]

Add a configuration option to separate multi-process code

Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 configure | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/configure b/configure
index 714e7fb..b467441 100755
--- a/configure
+++ b/configure
@@ -499,6 +499,7 @@ docker="no"
 debug_mutex="no"
 libpmem=""
 default_devices="yes"
+mpqemu="no"
 
 # cross compilers defaults, can be overridden with --cross-cc-ARCH
 cross_cc_aarch64="aarch64-linux-gnu-gcc"
@@ -1543,6 +1544,10 @@ for opt do
   ;;
   --disable-libpmem) libpmem=no
   ;;
+  --enable-mpqemu) mpqemu=yes
+  ;;
+  --disable-mpqemu) mpqemu=no
+  ;;
   *)
       echo "ERROR: unknown option $opt"
       echo "Try '$0 --help' for more information"
@@ -1842,6 +1847,7 @@ disabled with --disable-FEATURE, default is enabled if available:
   capstone        capstone disassembler support
   debug-mutex     mutex debugging support
   libpmem         libpmem support
+  mpqemu          multi-process QEMU support
 
 NOTE: The object files are built at the place where configure is launched
 EOF
@@ -6481,6 +6487,7 @@ echo "docker            $docker"
 echo "libpmem support   $libpmem"
 echo "libudev           $libudev"
 echo "default devices   $default_devices"
+echo "multiprocess QEMU $mpqemu"
 
 if test "$supported_cpu" = "no"; then
     echo
@@ -7279,6 +7286,10 @@ if test "$libpmem" = "yes" ; then
   echo "CONFIG_LIBPMEM=y" >> $config_host_mak
 fi
 
+if test "$mpqemu" = "yes" ; then
+  echo "CONFIG_MPQEMU=y" >> $config_host_mak
+fi
+
 if test "$bochs" = "yes" ; then
   echo "CONFIG_BOCHS=y" >> $config_host_mak
 fi
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 06/45] multi-process: build system for remote device process

[Jagannathan Raman]

Modify Makefile to support the building of the remote
device process. Implements main() function of remote
device process.

Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 Makefile                |  2 ++
 Makefile.objs           | 22 +++++++++++++++++++++
 Makefile.target         | 51 +++++++++++++++++++++++++++++++++++++++++++++++--
 backends/Makefile.objs  |  2 ++
 block/Makefile.objs     |  2 ++
 hw/Makefile.objs        |  7 +++++++
 hw/block/Makefile.objs  |  2 ++
 hw/core/Makefile.objs   | 15 +++++++++++++++
 hw/nvram/Makefile.objs  |  2 ++
 hw/pci/Makefile.objs    |  4 ++++
 hw/scsi/Makefile.objs   |  2 ++
 migration/Makefile.objs |  2 ++
 qom/Makefile.objs       |  4 ++++
 remote/Makefile.objs    |  1 +
 remote/remote-main.c    | 35 +++++++++++++++++++++++++++++++++
 stubs/replay.c          |  4 ++++
 16 files changed, 155 insertions(+), 2 deletions(-)
 create mode 100644 remote/Makefile.objs
 create mode 100644 remote/remote-main.c

diff --git a/Makefile b/Makefile
index 85862fb..3c9d946 100644
--- a/Makefile
+++ b/Makefile
@@ -427,6 +427,8 @@ dummy := $(call unnest-vars,, \
                 qom-obj-y \
                 io-obj-y \
                 common-obj-y \
+                remote-pci-obj-y \
+                remote-lsi-obj-y \
                 common-obj-m \
                 ui-obj-y \
                 ui-obj-m \
diff --git a/Makefile.objs b/Makefile.objs
index 6a143dc..0668509 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -21,6 +21,28 @@ block-obj-$(CONFIG_REPLICATION) += replication.o
 
 block-obj-m = block/
 
+#########################################################
+# remote-pci-obj-y is common code used by remote devices
+
+remote-pci-obj-$(CONFIG_MPQEMU) += hw/
+remote-pci-obj-$(CONFIG_MPQEMU) += qom/
+remote-pci-obj-$(CONFIG_MPQEMU) += backends/
+remote-pci-obj-$(CONFIG_MPQEMU) += block/
+remote-pci-obj-$(CONFIG_MPQEMU) += migration/
+remote-pci-obj-$(CONFIG_MPQEMU) += remote/
+
+remote-pci-obj-$(CONFIG_MPQEMU) += cpus-common.o
+remote-pci-obj-$(CONFIG_MPQEMU) += dma-helpers.o
+remote-pci-obj-$(CONFIG_MPQEMU) += blockdev.o
+remote-pci-obj-$(CONFIG_MPQEMU) += qdev-monitor.o
+remote-pci-obj-$(CONFIG_MPQEMU) += bootdevice.o
+remote-pci-obj-$(CONFIG_MPQEMU) += iothread.o
+
+##############################################################
+# remote-lsi-obj-y is code used to implement remote LSI device
+
+remote-lsi-obj-$(CONFIG_MPQEMU) += hw/
+
 #######################################################################
 # crypto-obj-y is code used by both qemu system emulation and qemu-img
 
diff --git a/Makefile.target b/Makefile.target
index 933b274..42fb642 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -36,7 +36,12 @@ QEMU_PROG_BUILD = $(QEMU_PROG)
 endif
 endif
 
-PROGS=$(QEMU_PROG) $(QEMU_PROGW)
+ifdef CONFIG_MPQEMU
+SCSI_DEV_PROG=qemu-scsi-dev
+SCSI_DEV_BUILD = $(SCSI_DEV_PROG)
+endif
+
+PROGS=$(QEMU_PROG) $(QEMU_PROGW) $(SCSI_DEV_PROG)
 STPFILES=
 
 # Makefile Tests
@@ -122,6 +127,16 @@ obj-y += disas.o
 obj-$(call notempty,$(TARGET_XML_FILES)) += gdbstub-xml.o
 LIBS := $(libs_cpu) $(LIBS)
 
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += accel/stubs/kvm-stub.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += accel/stubs/tcg-stub.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += accel/stubs/hax-stub.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += accel/stubs/whpx-stub.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/vl-stub.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/net-stub.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/monitor.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/replay.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/xen-mapcache.o
+
 #########################################################
 # Linux user emulator target
 
@@ -178,6 +193,17 @@ endif # CONFIG_SOFTMMU
 dummy := $(call unnest-vars,,obj-y)
 all-obj-y := $(obj-y)
 
+dummy := $(call unnest-vars,..,remote-pci-tgt-obj-y)
+all-remote-pci-obj-y := $(remote-pci-tgt-obj-y)
+
+all-remote-pci-obj-y += memory.o
+all-remote-pci-obj-y += exec.o
+all-remote-pci-obj-y += ioport.o
+all-remote-pci-obj-y += cpus.o
+
+remote-pci-obj-y :=
+remote-lsi-obj-y :=
+
 include $(SRC_PATH)/Makefile.objs
 dummy := $(call unnest-vars,.., \
                authz-obj-y \
@@ -189,7 +215,10 @@ dummy := $(call unnest-vars,.., \
                qom-obj-y \
                io-obj-y \
                common-obj-y \
-               common-obj-m)
+               common-obj-m \
+               remote-pci-obj-y \
+               remote-lsi-obj-y)
+
 all-obj-y += $(common-obj-y)
 all-obj-y += $(qom-obj-y)
 all-obj-$(CONFIG_SOFTMMU) += $(authz-obj-y)
@@ -198,8 +227,19 @@ all-obj-$(CONFIG_USER_ONLY) += $(crypto-user-obj-y)
 all-obj-$(CONFIG_SOFTMMU) += $(crypto-obj-y)
 all-obj-$(CONFIG_SOFTMMU) += $(io-obj-y)
 
+all-remote-pci-obj-y += $(authz-obj-y)
+all-remote-pci-obj-y += $(block-obj-y)
+all-remote-pci-obj-y += $(crypto-obj-y)
+all-remote-pci-obj-y += $(io-obj-y)
+all-remote-pci-obj-y += $(chardev-obj-y)
+all-remote-pci-obj-y += $(remote-pci-obj-y)
+
+
+all-remote-lsi-obj-y += $(all-remote-pci-obj-y) $(remote-lsi-obj-y)
+
 ifdef CONFIG_SOFTMMU
 $(QEMU_PROG_BUILD): config-devices.mak
+$(SCSI_DEV_BUILD): config-devices.mak
 endif
 
 COMMON_LDADDS = ../libqemuutil.a
@@ -212,6 +252,13 @@ ifdef CONFIG_DARWIN
 	$(call quiet-command,SetFile -a C $@,"SETFILE","$(TARGET_DIR)$@")
 endif
 
+$(SCSI_DEV_BUILD): $(all-remote-lsi-obj-y) $(COMMON_LDADDS)
+	$(call LINK, $(filter-out %.mak, $^))
+ifdef CONFIG_DARWIN
+	$(call quiet-command,Rez -append $(SRC_PATH)/pc-bios/qemu.rsrc -o $@,"REZ","$(TARGET_DIR)$@")
+	$(call quiet-command,SetFile -a C $@,"SETFILE","$(TARGET_DIR)$@")
+endif
+
 gdbstub-xml.c: $(TARGET_XML_FILES) $(SRC_PATH)/scripts/feature_to_c.sh
 	$(call quiet-command,rm -f $@ && $(SHELL) $(SRC_PATH)/scripts/feature_to_c.sh $@ $(TARGET_XML_FILES),"GEN","$(TARGET_DIR)$@")
 
diff --git a/backends/Makefile.objs b/backends/Makefile.objs
index 981e8e1..d04200a 100644
--- a/backends/Makefile.objs
+++ b/backends/Makefile.objs
@@ -17,3 +17,5 @@ endif
 common-obj-$(call land,$(CONFIG_VHOST_USER),$(CONFIG_VIRTIO)) += vhost-user.o
 
 common-obj-$(CONFIG_LINUX) += hostmem-memfd.o
+
+remote-pci-obj-$(CONFIG_MPQEMU) += hostmem.o
diff --git a/block/Makefile.objs b/block/Makefile.objs
index 35f3bca..2352fcc 100644
--- a/block/Makefile.objs
+++ b/block/Makefile.objs
@@ -63,3 +63,5 @@ qcow.o-libs        := -lz
 linux-aio.o-libs   := -laio
 parallels.o-cflags := $(LIBXML2_CFLAGS)
 parallels.o-libs   := $(LIBXML2_LIBS)
+
+remote-pci-obj-$(CONFIG_MPQEMU) += stream.o
diff --git a/hw/Makefile.objs b/hw/Makefile.objs
index ece6cc3..4e28053 100644
--- a/hw/Makefile.objs
+++ b/hw/Makefile.objs
@@ -43,3 +43,10 @@ endif
 
 common-obj-y += $(devices-dirs-y)
 obj-y += $(devices-dirs-y)
+
+remote-pci-obj-$(CONFIG_MPQEMU) += core/
+remote-pci-obj-$(CONFIG_MPQEMU) += block/
+remote-pci-obj-$(CONFIG_MPQEMU) += pci/
+remote-pci-obj-$(CONFIG_MPQEMU) += nvram/
+
+remote-lsi-obj-$(CONFIG_MPQEMU) += scsi/
diff --git a/hw/block/Makefile.objs b/hw/block/Makefile.objs
index f5f643f..7286fbd 100644
--- a/hw/block/Makefile.objs
+++ b/hw/block/Makefile.objs
@@ -15,3 +15,5 @@ obj-$(CONFIG_VIRTIO_BLK) += virtio-blk.o
 obj-$(CONFIG_VHOST_USER_BLK) += vhost-user-blk.o
 
 obj-y += dataplane/
+
+remote-pci-obj-$(CONFIG_MPQEMU) += block.o cdrom.o hd-geometry.o
diff --git a/hw/core/Makefile.objs b/hw/core/Makefile.objs
index f8481d9..0229f4b 100644
--- a/hw/core/Makefile.objs
+++ b/hw/core/Makefile.objs
@@ -27,3 +27,18 @@ common-obj-$(CONFIG_SOFTMMU) += null-machine.o
 obj-$(CONFIG_SOFTMMU) += machine-qmp-cmds.o
 obj-$(CONFIG_SOFTMMU) += numa.o
 common-obj-$(CONFIG_SOFTMMU) += machine-hmp-cmds.o
+
+remote-pci-obj-$(CONFIG_MPQEMU) += qdev-properties.o
+remote-pci-obj-$(CONFIG_MPQEMU) += qdev.o
+remote-pci-obj-$(CONFIG_MPQEMU) += bus.o
+remote-pci-obj-$(CONFIG_MPQEMU) += irq.o
+remote-pci-obj-$(CONFIG_MPQEMU) += hotplug.o
+remote-pci-obj-$(CONFIG_MPQEMU) += machine.o
+remote-pci-obj-$(CONFIG_MPQEMU) += fw-path-provider.o
+remote-pci-obj-$(CONFIG_MPQEMU) += reset.o
+remote-pci-obj-$(CONFIG_MPQEMU) += sysbus.o
+remote-pci-obj-$(CONFIG_MPQEMU) += loader.o
+remote-pci-obj-$(CONFIG_MPQEMU) += nmi.o
+remote-pci-obj-$(CONFIG_MPQEMU) += qdev-properties-system.o
+remote-pci-obj-$(CONFIG_MPQEMU) += qdev-fw.o
+remote-pci-obj-$(CONFIG_MPQEMU) += numa.o
diff --git a/hw/nvram/Makefile.objs b/hw/nvram/Makefile.objs
index 26f7b4c..9802a31 100644
--- a/hw/nvram/Makefile.objs
+++ b/hw/nvram/Makefile.objs
@@ -6,3 +6,5 @@ common-obj-y += chrp_nvram.o
 common-obj-$(CONFIG_MAC_NVRAM) += mac_nvram.o
 obj-$(CONFIG_PSERIES) += spapr_nvram.o
 obj-$(CONFIG_NRF51_SOC) += nrf51_nvm.o
+
+remote-pci-obj-$(CONFIG_MPQEMU) += fw_cfg.o
diff --git a/hw/pci/Makefile.objs b/hw/pci/Makefile.objs
index c78f2fb..955be54 100644
--- a/hw/pci/Makefile.objs
+++ b/hw/pci/Makefile.objs
@@ -12,3 +12,7 @@ common-obj-$(CONFIG_PCI_EXPRESS) += pcie_port.o pcie_host.o
 
 common-obj-$(call lnot,$(CONFIG_PCI)) += pci-stub.o
 common-obj-$(CONFIG_ALL) += pci-stub.o
+
+remote-pci-obj-$(CONFIG_MPQEMU) += pci.o pci_bridge.o
+remote-pci-obj-$(CONFIG_MPQEMU) += msi.o msix.o
+remote-pci-obj-$(CONFIG_MPQEMU) += pcie.o
diff --git a/hw/scsi/Makefile.objs b/hw/scsi/Makefile.objs
index 54b36ed..ef97770 100644
--- a/hw/scsi/Makefile.objs
+++ b/hw/scsi/Makefile.objs
@@ -13,3 +13,5 @@ obj-y += virtio-scsi.o virtio-scsi-dataplane.o
 obj-$(CONFIG_VHOST_SCSI) += vhost-scsi-common.o vhost-scsi.o
 obj-$(CONFIG_VHOST_USER_SCSI) += vhost-scsi-common.o vhost-user-scsi.o
 endif
+
+remote-lsi-obj-$(CONFIG_MPQEMU) += scsi-generic.o scsi-bus.o lsi53c895a.o scsi-disk.o emulation.o
diff --git a/migration/Makefile.objs b/migration/Makefile.objs
index a4f3baf..016b6ab 100644
--- a/migration/Makefile.objs
+++ b/migration/Makefile.objs
@@ -13,3 +13,5 @@ common-obj-$(CONFIG_RDMA) += rdma.o
 common-obj-$(CONFIG_LIVE_BLOCK_MIGRATION) += block.o
 
 rdma.o-libs := $(RDMA_LIBS)
+
+remote-pci-obj-$(CONFIG_MPQEMU) += qemu-file.o vmstate.o qjson.o vmstate-types.o
diff --git a/qom/Makefile.objs b/qom/Makefile.objs
index aae478f..05da824 100644
--- a/qom/Makefile.objs
+++ b/qom/Makefile.objs
@@ -3,3 +3,7 @@ qom-obj-y += object_interfaces.o
 
 common-obj-y = cpu.o
 common-obj-$(CONFIG_SOFTMMU) += qom-hmp-cmds.o qom-qmp-cmds.o
+
+remote-pci-obj-$(CONFIG_MPQEMU) += object.o qom-qobject.o container.o
+remote-pci-obj-$(CONFIG_MPQEMU) += object_interfaces.o
+remote-pci-obj-$(CONFIG_MPQEMU) += cpu.o
diff --git a/remote/Makefile.objs b/remote/Makefile.objs
new file mode 100644
index 0000000..a9b2256
--- /dev/null
+++ b/remote/Makefile.objs
@@ -0,0 +1 @@
+remote-pci-obj-$(CONFIG_MPQEMU) += remote-main.o
diff --git a/remote/remote-main.c b/remote/remote-main.c
new file mode 100644
index 0000000..ffcf47f
--- /dev/null
+++ b/remote/remote-main.c
@@ -0,0 +1,35 @@
+/*
+ * Remote device initialization
+ *
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <stdio.h>
+
+#include "qemu/osdep.h"
+#include "qemu/module.h"
+
+int main(int argc, char *argv[])
+{
+    module_call_init(MODULE_INIT_QOM);
+
+    return 0;
+}
diff --git a/stubs/replay.c b/stubs/replay.c
index 38fd1d3..c52b621 100644
--- a/stubs/replay.c
+++ b/stubs/replay.c
@@ -94,3 +94,7 @@ int replay_get_instructions(void)
 void replay_account_executed_instructions(void)
 {
 }
+
+void replay_add_blocker(Error *reason)
+{
+}
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 07/45] multi-process: define proxy-link object

[Jagannathan Raman]

Defines proxy-link object which forms the communication link between
QEMU & emulation program.
Adds functions to configure members of proxy-link object instance.
Adds functions to send and receive messages over the communication
channel.
Adds GMainLoop to handle events received on the communication channel.

Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 v1 -> v2:
   - Use default context for main loop instead of a new context

 v2 -> v3:
   - Enabled multi-channel support in the communication link

 include/glib-compat.h   |   4 +
 include/io/proxy-link.h | 147 ++++++++++++++++++++++++
 io/Makefile.objs        |   2 +
 io/proxy-link.c         | 292 ++++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 445 insertions(+)
 create mode 100644 include/io/proxy-link.h
 create mode 100644 io/proxy-link.c

diff --git a/include/glib-compat.h b/include/glib-compat.h
index 1291628..6189b9a 100644
--- a/include/glib-compat.h
+++ b/include/glib-compat.h
@@ -19,12 +19,16 @@
 /* Ask for warnings for anything that was marked deprecated in
  * the defined version, or before. It is a candidate for rewrite.
  */
+#ifndef GLIB_VERSION_MIN_REQUIRED
 #define GLIB_VERSION_MIN_REQUIRED GLIB_VERSION_2_40
+#endif
 
 /* Ask for warnings if code tries to use function that did not
  * exist in the defined version. These risk breaking builds
  */
+#ifndef GLIB_VERSION_MAX_ALLOWED
 #define GLIB_VERSION_MAX_ALLOWED GLIB_VERSION_2_40
+#endif
 
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
diff --git a/include/io/proxy-link.h b/include/io/proxy-link.h
new file mode 100644
index 0000000..ee78cdd
--- /dev/null
+++ b/include/io/proxy-link.h
@@ -0,0 +1,147 @@
+/*
+ * Communication channel between QEMU and remote device process
+ *
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef PROXY_LINK_H
+#define PROXY_LINK_H
+
+#include <stddef.h>
+#include <stdint.h>
+#include <glib.h>
+#include <pthread.h>
+
+#include "qemu/osdep.h"
+#include "qom/object.h"
+#include "qemu/thread.h"
+
+typedef struct ProxyLinkState ProxyLinkState;
+
+#define TYPE_PROXY_LINK "proxy-link"
+#define PROXY_LINK(obj) \
+    OBJECT_CHECK(ProxyLinkState, (obj), TYPE_PROXY_LINK)
+
+#define REMOTE_MAX_FDS 8
+
+#define PROC_HDR_SIZE offsetof(ProcMsg, data1.u64)
+
+/*
+ * proc_cmd_t enum type to specify the command to be executed on the remote
+ * device
+ *
+ * Following commands are supported:
+ * CONF_READ        PCI config. space read
+ * CONF_WRITE       PCI config. space write
+ *
+ */
+typedef enum {
+    INIT = 0,
+    CONF_READ,
+    CONF_WRITE,
+    MAX,
+} proc_cmd_t;
+
+/*
+ * ProcMsg Format of the message sent to the remote device from QEMU
+ *
+ * cmd         The remote command
+ * bytestream  Indicates if the data to be shared is structured (data1)
+ *             or unstructured (data2)
+ * size        Size of the data to be shared
+ * data1       Structured data
+ * fds         File descriptors to be shared with remote device
+ * data2       Unstructured data
+ *
+ */
+typedef struct {
+    proc_cmd_t cmd;
+    int bytestream;
+    size_t size;
+
+    union {
+        uint64_t u64;
+    } data1;
+
+    int fds[REMOTE_MAX_FDS];
+    int num_fds;
+
+    uint8_t *data2;
+} ProcMsg;
+
+struct conf_data_msg {
+    uint32_t addr;
+    uint32_t val;
+    int l;
+};
+
+/*
+ * ProcChannel defines the channel that make up the communication link
+ * between QEMU and remote process
+ *
+ * gsrc       GSource object to be used by loop
+ * gpfd       GPollFD object containing the socket & events to monitor
+ * sock       Socket to send/receive communication, same as the one in gpfd
+ * lock       Mutex to synchronize access to the channel
+ */
+
+typedef struct ProcChannel {
+    GSource gsrc;
+    GPollFD gpfd;
+    int sock;
+    QemuMutex lock;
+} ProcChannel;
+
+typedef void (*proxy_link_callback)(GIOCondition cond, ProcChannel *chan);
+
+/*
+ * ProxyLinkState Instance info. of the communication
+ * link between QEMU and remote process. The Link could
+ * be made up of multiple channels.
+ *
+ * ctx        GMainContext to be used for communication
+ * loop       Main loop that would be used to poll for incoming data
+ * com        Communication channel to transport control messages
+ *
+ */
+struct ProxyLinkState {
+    Object obj;
+
+    GMainContext *ctx;
+    GMainLoop *loop;
+
+    ProcChannel *com;
+
+    proxy_link_callback callback;
+};
+
+ProxyLinkState *proxy_link_create(void);
+void proxy_link_finalize(ProxyLinkState *s);
+
+void proxy_proc_send(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan);
+int proxy_proc_recv(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan);
+
+void proxy_link_init_channel(ProxyLinkState *s, ProcChannel **chan, int fd);
+void proxy_link_destroy_channel(ProcChannel *chan);
+void proxy_link_set_callback(ProxyLinkState *s, proxy_link_callback callback);
+void start_handler(ProxyLinkState *s);
+
+#endif
diff --git a/io/Makefile.objs b/io/Makefile.objs
index 9a20fce..ff88b46 100644
--- a/io/Makefile.objs
+++ b/io/Makefile.objs
@@ -10,3 +10,5 @@ io-obj-y += channel-util.o
 io-obj-y += dns-resolver.o
 io-obj-y += net-listener.o
 io-obj-y += task.o
+
+io-obj-$(CONFIG_MPQEMU) += proxy-link.o
diff --git a/io/proxy-link.c b/io/proxy-link.c
new file mode 100644
index 0000000..5eb9718
--- /dev/null
+++ b/io/proxy-link.c
@@ -0,0 +1,292 @@
+/*
+ * Communication channel between QEMU and remote device process
+ *
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <assert.h>
+#include <errno.h>
+#include <pthread.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <unistd.h>
+
+#include "qemu/module.h"
+#include "io/proxy-link.h"
+#include "qemu/log.h"
+
+GSourceFuncs gsrc_funcs;
+
+static void proxy_link_inst_init(Object *obj)
+{
+    ProxyLinkState *s = PROXY_LINK(obj);
+
+    s->ctx = g_main_context_default();
+    s->loop = g_main_loop_new(s->ctx, FALSE);
+}
+
+static const TypeInfo proxy_link_info = {
+    .name = TYPE_PROXY_LINK,
+    .parent = TYPE_OBJECT,
+    .instance_size = sizeof(ProxyLinkState),
+    .instance_init = proxy_link_inst_init,
+};
+
+static void proxy_link_register_types(void)
+{
+    type_register_static(&proxy_link_info);
+}
+
+type_init(proxy_link_register_types)
+
+ProxyLinkState *proxy_link_create(void)
+{
+    return PROXY_LINK(object_new(TYPE_PROXY_LINK));
+}
+
+void proxy_link_finalize(ProxyLinkState *s)
+{
+    g_main_loop_unref(s->loop);
+    g_main_context_unref(s->ctx);
+    g_main_loop_quit(s->loop);
+
+    proxy_link_destroy_channel(s->com);
+
+    object_unref(OBJECT(s));
+}
+
+void proxy_proc_send(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan)
+{
+    int rc;
+    uint8_t *data;
+    union {
+        char control[CMSG_SPACE(REMOTE_MAX_FDS * sizeof(int))];
+        struct cmsghdr align;
+    } u;
+    struct msghdr hdr;
+    struct cmsghdr *chdr;
+    int sock = chan->sock;
+    QemuMutex *lock = &chan->lock;
+
+    struct iovec iov = {
+        .iov_base = (char *) msg,
+        .iov_len = PROC_HDR_SIZE,
+    };
+
+    memset(&hdr, 0, sizeof(hdr));
+    memset(&u, 0, sizeof(u));
+
+    hdr.msg_iov = &iov;
+    hdr.msg_iovlen = 1;
+
+    if (msg->num_fds > REMOTE_MAX_FDS) {
+        qemu_log_mask(LOG_REMOTE_DEBUG, "%s: Max FDs exceeded\n", __func__);
+        return;
+    }
+
+    if (msg->num_fds > 0) {
+        size_t fdsize = msg->num_fds * sizeof(int);
+
+        hdr.msg_control = &u;
+        hdr.msg_controllen = sizeof(u);
+
+        chdr = CMSG_FIRSTHDR(&hdr);
+        chdr->cmsg_len = CMSG_LEN(fdsize);
+        chdr->cmsg_level = SOL_SOCKET;
+        chdr->cmsg_type = SCM_RIGHTS;
+        memcpy(CMSG_DATA(chdr), msg->fds, fdsize);
+        hdr.msg_controllen = CMSG_SPACE(fdsize);
+    }
+
+    qemu_mutex_lock(lock);
+
+    do {
+        rc = sendmsg(sock, &hdr, 0);
+    } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
+
+    if (rc < 0) {
+        qemu_log_mask(LOG_REMOTE_DEBUG, "%s - sendmsg rc is %d, errno is %d,"
+                      " sock %d\n", __func__, rc, errno, sock);
+        qemu_mutex_unlock(lock);
+        return;
+    }
+
+    if (msg->bytestream) {
+        data = msg->data2;
+    } else {
+        data = (uint8_t *)msg + PROC_HDR_SIZE;
+    }
+
+    do {
+        rc = write(sock, data, msg->size);
+    } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
+
+    qemu_mutex_unlock(lock);
+}
+
+
+int proxy_proc_recv(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan)
+{
+    int rc;
+    uint8_t *data;
+    union {
+        char control[CMSG_SPACE(REMOTE_MAX_FDS * sizeof(int))];
+        struct cmsghdr align;
+    } u;
+    struct msghdr hdr;
+    struct cmsghdr *chdr;
+    size_t fdsize;
+    int sock = chan->sock;
+    QemuMutex *lock = &chan->lock;
+
+    struct iovec iov = {
+        .iov_base = (char *) msg,
+        .iov_len = PROC_HDR_SIZE,
+    };
+
+    memset(&hdr, 0, sizeof(hdr));
+    memset(&u, 0, sizeof(u));
+
+    hdr.msg_iov = &iov;
+    hdr.msg_iovlen = 1;
+    hdr.msg_control = &u;
+    hdr.msg_controllen = sizeof(u);
+
+    qemu_mutex_lock(lock);
+
+    do {
+        rc = recvmsg(sock, &hdr, 0);
+    } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
+
+    if (rc < 0) {
+        qemu_log_mask(LOG_REMOTE_DEBUG, "%s - recvmsg rc is %d, errno is %d,"
+                      " sock %d\n", __func__, rc, errno, sock);
+        qemu_mutex_unlock(lock);
+        return rc;
+    }
+
+    msg->num_fds = 0;
+    for (chdr = CMSG_FIRSTHDR(&hdr); chdr != NULL;
+         chdr = CMSG_NXTHDR(&hdr, chdr)) {
+        if ((chdr->cmsg_level == SOL_SOCKET) &&
+            (chdr->cmsg_type == SCM_RIGHTS)) {
+            fdsize = chdr->cmsg_len - CMSG_LEN(0);
+            msg->num_fds = fdsize / sizeof(int);
+            memcpy(msg->fds, CMSG_DATA(chdr), fdsize);
+            break;
+        }
+    }
+
+    if (msg->size && msg->bytestream) {
+        msg->data2 = calloc(1, msg->size);
+        data = msg->data2;
+    } else {
+        data = (uint8_t *)&msg->data1;
+    }
+
+    if (msg->size) {
+        do {
+            rc = read(sock, data, msg->size);
+        } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
+    }
+
+    qemu_mutex_unlock(lock);
+
+    return rc;
+}
+
+static gboolean proxy_link_handler_prepare(GSource *gsrc, gint *timeout)
+{
+    g_assert(timeout);
+
+    *timeout = -1;
+
+    return FALSE;
+}
+
+static gboolean proxy_link_handler_check(GSource *gsrc)
+{
+    ProcChannel *chan = (ProcChannel *)gsrc;
+
+    return chan->gpfd.events & chan->gpfd.revents;
+}
+
+static gboolean proxy_link_handler_dispatch(GSource *gsrc, GSourceFunc func,
+                                            gpointer data)
+{
+    ProxyLinkState *s = (ProxyLinkState *)data;
+    ProcChannel *chan = (ProcChannel *)gsrc;
+
+    s->callback(chan->gpfd.revents, chan);
+
+    if ((chan->gpfd.revents & G_IO_HUP) || (chan->gpfd.revents & G_IO_ERR)) {
+        return G_SOURCE_REMOVE;
+    }
+
+    return G_SOURCE_CONTINUE;
+}
+
+void proxy_link_set_callback(ProxyLinkState *s, proxy_link_callback callback)
+{
+    s->callback = callback;
+}
+
+void proxy_link_init_channel(ProxyLinkState *s, ProcChannel **chan, int fd)
+{
+    ProcChannel *src;
+
+    gsrc_funcs = (GSourceFuncs){
+        .prepare = proxy_link_handler_prepare,
+        .check = proxy_link_handler_check,
+        .dispatch = proxy_link_handler_dispatch,
+        .finalize = NULL,
+    };
+
+    src = (ProcChannel *)g_source_new(&gsrc_funcs, sizeof(ProcChannel));
+
+    src->sock = fd;
+    qemu_mutex_init(&src->lock);
+
+    g_source_set_callback(&src->gsrc, NULL, (gpointer)s, NULL);
+    src->gpfd.fd = fd;
+    src->gpfd.events = G_IO_IN | G_IO_HUP | G_IO_ERR;
+    g_source_add_poll(&src->gsrc, &src->gpfd);
+
+    *chan = src;
+}
+
+void proxy_link_destroy_channel(ProcChannel *chan)
+{
+    g_source_unref(&chan->gsrc);
+    close(chan->sock);
+    qemu_mutex_destroy(&chan->lock);
+}
+
+void start_handler(ProxyLinkState *s)
+{
+
+    g_assert(g_source_attach(&s->com->gsrc, s->ctx));
+
+    g_main_loop_run(s->loop);
+}
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 08/45] multi-process: add functions to synchronize proxy and remote endpoints

[Jagannathan Raman]

In some cases, for example MMIO read, QEMU has to wait for the remote to
complete a command before proceeding. An eventfd based mechanism is
added to synchronize QEMU & remote process.

Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 v1 -> v2:
   - Added timeout to synchronization functions

 include/io/proxy-link.h |  8 ++++++++
 io/proxy-link.c         | 42 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 50 insertions(+)

diff --git a/include/io/proxy-link.h b/include/io/proxy-link.h
index ee78cdd..b76c574 100644
--- a/include/io/proxy-link.h
+++ b/include/io/proxy-link.h
@@ -28,7 +28,9 @@
 #include <stddef.h>
 #include <stdint.h>
 #include <glib.h>
+#include <unistd.h>
 #include <pthread.h>
+#include <sys/eventfd.h>
 
 #include "qemu/osdep.h"
 #include "qom/object.h"
@@ -133,11 +135,17 @@ struct ProxyLinkState {
     proxy_link_callback callback;
 };
 
+#define GET_REMOTE_WAIT eventfd(0, 0)
+#define PUT_REMOTE_WAIT(wait) close(wait)
+#define PROXY_LINK_WAIT_DONE 1
+
 ProxyLinkState *proxy_link_create(void);
 void proxy_link_finalize(ProxyLinkState *s);
 
 void proxy_proc_send(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan);
 int proxy_proc_recv(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan);
+uint64_t wait_for_remote(int efd);
+void notify_proxy(int fd, uint64_t val);
 
 void proxy_link_init_channel(ProxyLinkState *s, ProcChannel **chan, int fd);
 void proxy_link_destroy_channel(ProcChannel *chan);
diff --git a/io/proxy-link.c b/io/proxy-link.c
index 5eb9718..381a38e 100644
--- a/io/proxy-link.c
+++ b/io/proxy-link.c
@@ -31,6 +31,8 @@
 #include <sys/socket.h>
 #include <sys/un.h>
 #include <unistd.h>
+#include <limits.h>
+#include <poll.h>
 
 #include "qemu/module.h"
 #include "io/proxy-link.h"
@@ -216,6 +218,46 @@ int proxy_proc_recv(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan)
     return rc;
 }
 
+uint64_t wait_for_remote(int efd)
+{
+    struct pollfd pfd = { .fd = efd, .events = POLLIN };
+    uint64_t val;
+    int ret;
+
+    ret = poll(&pfd, 1, 1000);
+
+    switch (ret) {
+    case 0:
+        qemu_log_mask(LOG_REMOTE_DEBUG, "Error wait_for_remote: Timed out\n");
+        /* TODO: Kick-off error recovery */
+        return ULLONG_MAX;
+    case -1:
+        qemu_log_mask(LOG_REMOTE_DEBUG, "Poll error wait_for_remote: %s\n",
+                      strerror(errno));
+        return ULLONG_MAX;
+    default:
+        if (read(efd, &val, sizeof(val)) == -1) {
+            qemu_log_mask(LOG_REMOTE_DEBUG, "Error wait_for_remote: %s\n",
+                          strerror(errno));
+            return ULLONG_MAX;
+        }
+    }
+
+    val = (val == ULLONG_MAX) ? val : (val - 1);
+
+    return val;
+}
+
+void notify_proxy(int efd, uint64_t val)
+{
+    val = (val == ULLONG_MAX) ? val : (val + 1);
+
+    if (write(efd, &val, sizeof(val)) == -1) {
+        qemu_log_mask(LOG_REMOTE_DEBUG, "Error notify_proxy: %s\n",
+                      strerror(errno));
+    }
+}
+
 static gboolean proxy_link_handler_prepare(GSource *gsrc, gint *timeout)
 {
     g_assert(timeout);
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 09/45] multi-process: setup PCI host bridge for remote device

[Jagannathan Raman]

PCI host bridge is setup for the remote device process. It is
implemented using remote-pcihost object. It is an extension of the PCI
host bridge setup by QEMU.
Remote-pcihost configures a PCI bus which could be used by the remote
 PCI device to latch on to.

Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 hw/pci/Makefile.objs     |  2 +-
 include/remote/pcihost.h | 59 ++++++++++++++++++++++++++++++++++
 remote/Makefile.objs     |  1 +
 remote/pcihost.c         | 84 ++++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 145 insertions(+), 1 deletion(-)
 create mode 100644 include/remote/pcihost.h
 create mode 100644 remote/pcihost.c

diff --git a/hw/pci/Makefile.objs b/hw/pci/Makefile.objs
index 955be54..90693a7 100644
--- a/hw/pci/Makefile.objs
+++ b/hw/pci/Makefile.objs
@@ -13,6 +13,6 @@ common-obj-$(CONFIG_PCI_EXPRESS) += pcie_port.o pcie_host.o
 common-obj-$(call lnot,$(CONFIG_PCI)) += pci-stub.o
 common-obj-$(CONFIG_ALL) += pci-stub.o
 
-remote-pci-obj-$(CONFIG_MPQEMU) += pci.o pci_bridge.o
+remote-pci-obj-$(CONFIG_MPQEMU) += pci.o pci_bridge.o pci_host.o pcie_host.o
 remote-pci-obj-$(CONFIG_MPQEMU) += msi.o msix.o
 remote-pci-obj-$(CONFIG_MPQEMU) += pcie.o
diff --git a/include/remote/pcihost.h b/include/remote/pcihost.h
new file mode 100644
index 0000000..b3c711d
--- /dev/null
+++ b/include/remote/pcihost.h
@@ -0,0 +1,59 @@
+/*
+ * PCI Host for remote device
+ *
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef REMOTE_PCIHOST_H
+#define REMOTE_PCIHOST_H
+
+#include <stddef.h>
+#include <stdint.h>
+
+#include "exec/memory.h"
+#include "hw/pci/pcie_host.h"
+
+#define TYPE_REMOTE_HOST_DEVICE "remote-pcihost"
+#define REMOTE_HOST_DEVICE(obj) \
+    OBJECT_CHECK(RemPCIHost, (obj), TYPE_REMOTE_HOST_DEVICE)
+
+typedef struct RemPCIHost {
+    /*< private >*/
+    PCIExpressHost parent_obj;
+    /*< public >*/
+
+    /*
+     * Memory Controller Hub (MCH) may not be necessary for the emulation
+     * program. The two important reasons for implementing a PCI host in the
+     * emulation program are:
+     * - Provide a PCI bus for IO devices
+     * - Enable translation of guest PA to the PCI bar regions
+     *
+     * For both the above mentioned purposes, it doesn't look like we would
+     * need the MCH
+     */
+
+    MemoryRegion *mr_pci_mem;
+    MemoryRegion *mr_sys_mem;
+    MemoryRegion *mr_sys_io;
+} RemPCIHost;
+
+#endif
diff --git a/remote/Makefile.objs b/remote/Makefile.objs
index a9b2256..2757f5a 100644
--- a/remote/Makefile.objs
+++ b/remote/Makefile.objs
@@ -1 +1,2 @@
 remote-pci-obj-$(CONFIG_MPQEMU) += remote-main.o
+remote-pci-obj-$(CONFIG_MPQEMU) += pcihost.o
diff --git a/remote/pcihost.c b/remote/pcihost.c
new file mode 100644
index 0000000..bcdd214
--- /dev/null
+++ b/remote/pcihost.c
@@ -0,0 +1,84 @@
+/*
+ * Remote PCI host device
+ *
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <sys/types.h>
+
+#include "qemu/osdep.h"
+#include "hw/pci/pci.h"
+#include "hw/pci/pci_host.h"
+#include "hw/pci/pcie_host.h"
+#include "remote/pcihost.h"
+#include "exec/memory.h"
+
+static const char *remote_host_root_bus_path(PCIHostState *host_bridge,
+                                             PCIBus *rootbus)
+{
+    return "0000:00";
+}
+
+static void remote_host_realize(DeviceState *dev, Error **errp)
+{
+    PCIHostState *pci = PCI_HOST_BRIDGE(dev);
+    RemPCIHost *s = REMOTE_HOST_DEVICE(dev);
+
+    /*
+     * TODO: the name of the bus would be provided by QEMU. Use
+     * "pcie.0" for now.
+     */
+    pci->bus = pci_root_bus_new(DEVICE(s), "pcie.0",
+                                s->mr_pci_mem, s->mr_sys_io,
+                                0, TYPE_PCIE_BUS);
+}
+
+static Property remote_host_props[] = {
+    DEFINE_PROP_END_OF_LIST(),
+};
+
+static void remote_host_class_init(ObjectClass *klass, void *data)
+{
+    DeviceClass *dc = DEVICE_CLASS(klass);
+    PCIHostBridgeClass *hc = PCI_HOST_BRIDGE_CLASS(klass);
+
+    hc->root_bus_path = remote_host_root_bus_path;
+    dc->realize = remote_host_realize;
+    dc->props = remote_host_props;
+
+    dc->user_creatable = false;
+    set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
+    dc->fw_name = "pci";
+}
+
+static const TypeInfo remote_host_info = {
+    .name = TYPE_REMOTE_HOST_DEVICE,
+    .parent = TYPE_PCIE_HOST_BRIDGE,
+    .instance_size = sizeof(RemPCIHost),
+    .class_init = remote_host_class_init,
+};
+
+static void remote_machine_register(void)
+{
+    type_register_static(&remote_host_info);
+}
+
+type_init(remote_machine_register)
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 10/45] multi-process: setup a machine object for remote device process

[Jagannathan Raman]

remote-machine object sets up various subsystems of the remote device
process. Instantiate PCI host bridge object and initialize RAM, IO &
PCI memory regions.

Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 exec.c                        |   3 +-
 include/exec/address-spaces.h |   2 +
 include/remote/machine.h      |  46 ++++++++++++++++
 remote/Makefile.objs          |   1 +
 remote/machine.c              | 118 ++++++++++++++++++++++++++++++++++++++++++
 remote/remote-main.c          |   7 +++
 6 files changed, 175 insertions(+), 2 deletions(-)
 create mode 100644 include/remote/machine.h
 create mode 100644 remote/machine.c

diff --git a/exec.c b/exec.c
index b3f1aa9..04d9663 100644
--- a/exec.c
+++ b/exec.c
@@ -197,7 +197,6 @@ typedef struct subpage_t {
 #define PHYS_SECTION_WATCH 3
 
 static void io_mem_init(void);
-static void memory_map_init(void);
 static void tcg_commit(MemoryListener *listener);
 
 static MemoryRegion io_mem_watch;
@@ -3165,7 +3164,7 @@ static void tcg_commit(MemoryListener *listener)
     tlb_flush(cpuas->cpu);
 }
 
-static void memory_map_init(void)
+void memory_map_init(void)
 {
     system_memory = g_malloc(sizeof(*system_memory));
 
diff --git a/include/exec/address-spaces.h b/include/exec/address-spaces.h
index db8bfa9..56a877b 100644
--- a/include/exec/address-spaces.h
+++ b/include/exec/address-spaces.h
@@ -33,6 +33,8 @@ MemoryRegion *get_system_memory(void);
  */
 MemoryRegion *get_system_io(void);
 
+void memory_map_init(void);
+
 extern AddressSpace address_space_memory;
 extern AddressSpace address_space_io;
 
diff --git a/include/remote/machine.h b/include/remote/machine.h
new file mode 100644
index 0000000..a00732d
--- /dev/null
+++ b/include/remote/machine.h
@@ -0,0 +1,46 @@
+/*
+ * Remote machine configuration
+ *
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef REMOTE_MACHINE_H
+#define REMOTE_MACHINE_H
+
+#include "qemu/osdep.h"
+#include "qom/object.h"
+#include "hw/boards.h"
+#include "remote/pcihost.h"
+#include "qemu/notify.h"
+
+typedef struct RemMachineState {
+    MachineState parent_obj;
+
+    RemPCIHost *host;
+} RemMachineState;
+
+#define TYPE_REMOTE_MACHINE "remote-machine"
+#define REMOTE_MACHINE(obj) \
+    OBJECT_CHECK(RemMachineState, (obj), TYPE_REMOTE_MACHINE)
+
+void qemu_run_machine_init_done_notifiers(void);
+
+#endif
diff --git a/remote/Makefile.objs b/remote/Makefile.objs
index 2757f5a..13d4c48 100644
--- a/remote/Makefile.objs
+++ b/remote/Makefile.objs
@@ -1,2 +1,3 @@
 remote-pci-obj-$(CONFIG_MPQEMU) += remote-main.o
 remote-pci-obj-$(CONFIG_MPQEMU) += pcihost.o
+remote-pci-obj-$(CONFIG_MPQEMU) += machine.o
diff --git a/remote/machine.c b/remote/machine.c
new file mode 100644
index 0000000..4ce197d
--- /dev/null
+++ b/remote/machine.c
@@ -0,0 +1,118 @@
+/*
+ * Machine for remote device
+ *
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <stdint.h>
+#include <sys/types.h>
+
+#include "qemu/osdep.h"
+#include "remote/pcihost.h"
+#include "remote/machine.h"
+#include "exec/address-spaces.h"
+#include "exec/memory.h"
+#include "exec/ioport.h"
+#include "exec/ramlist.h"
+#include "qemu/thread.h"
+#include "qom/object.h"
+#include "qemu/module.h"
+#include "qapi/error.h"
+#include "qemu/main-loop.h"
+#include "qemu-common.h"
+#include "sysemu/sysemu.h"
+#include "qemu/notify.h"
+
+static NotifierList machine_init_done_notifiers =
+    NOTIFIER_LIST_INITIALIZER(machine_init_done_notifiers);
+
+bool machine_init_done;
+
+void qemu_add_machine_init_done_notifier(Notifier *notify)
+{
+    notifier_list_add(&machine_init_done_notifiers, notify);
+    if (machine_init_done) {
+        notify->notify(notify, NULL);
+    }
+}
+
+void qemu_remove_machine_init_done_notifier(Notifier *notify)
+{
+    notifier_remove(notify);
+}
+
+void qemu_run_machine_init_done_notifiers(void)
+{
+    machine_init_done = true;
+    notifier_list_notify(&machine_init_done_notifiers, NULL);
+}
+
+static void remote_machine_init(Object *obj)
+{
+    RemMachineState *s = REMOTE_MACHINE(obj);
+    RemPCIHost *rem_host;
+    MemoryRegion *system_memory, *system_io, *pci_memory;
+
+    Error *error_abort = NULL;
+
+    qemu_mutex_init(&ram_list.mutex);
+
+    object_property_add_child(object_get_root(), "machine", obj, &error_abort);
+    if (error_abort) {
+        error_report_err(error_abort);
+    }
+
+    memory_map_init();
+
+    system_memory = get_system_memory();
+    system_io = get_system_io();
+
+    pci_memory = g_new(MemoryRegion, 1);
+    memory_region_init(pci_memory, NULL, "pci", UINT64_MAX);
+
+    rem_host = REMOTE_HOST_DEVICE(qdev_create(NULL, TYPE_REMOTE_HOST_DEVICE));
+
+    rem_host->mr_pci_mem = pci_memory;
+    rem_host->mr_sys_mem = system_memory;
+    rem_host->mr_sys_io = system_io;
+
+    s->host = rem_host;
+
+    qemu_mutex_lock_iothread();
+    memory_region_add_subregion_overlap(system_memory, 0x0, pci_memory, -1);
+    qemu_mutex_unlock_iothread();
+
+    qdev_init_nofail(DEVICE(rem_host));
+}
+
+static const TypeInfo remote_machine = {
+    .name = TYPE_REMOTE_MACHINE,
+    .parent = TYPE_MACHINE,
+    .instance_size = sizeof(RemMachineState),
+    .instance_init = remote_machine_init,
+};
+
+static void remote_machine_register_types(void)
+{
+    type_register_static(&remote_machine);
+}
+
+type_init(remote_machine_register_types);
diff --git a/remote/remote-main.c b/remote/remote-main.c
index ffcf47f..97dd832 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -26,10 +26,17 @@
 
 #include "qemu/osdep.h"
 #include "qemu/module.h"
+#include "remote/pcihost.h"
+#include "remote/machine.h"
+#include "hw/boards.h"
+#include "hw/qdev-core.h"
+#include "qemu/main-loop.h"
 
 int main(int argc, char *argv[])
 {
     module_call_init(MODULE_INIT_QOM);
 
+    current_machine = MACHINE(REMOTE_MACHINE(object_new(TYPE_REMOTE_MACHINE)));
+
     return 0;
 }
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 11/45] multi-process: setup memory manager for remote device

[Jagannathan Raman]

sync_sysmem_msg_t message format is defined. It is used to send
file descriptors of the RAM regions to remote device.
RAM on the remote device is configured with a set of file descriptors.
Old RAM regions are deleted and new regions, each with an fd, is
added to the RAM.

Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 Makefile.target         |  2 +
 include/io/proxy-link.h | 11 ++++++
 include/remote/memory.h | 34 +++++++++++++++++
 remote/memory.c         | 99 +++++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 146 insertions(+)
 create mode 100644 include/remote/memory.h
 create mode 100644 remote/memory.c

diff --git a/Makefile.target b/Makefile.target
index 42fb642..931ee80 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -137,6 +137,8 @@ remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/monitor.o
 remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/replay.o
 remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/xen-mapcache.o
 
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += remote/memory.o
+
 #########################################################
 # Linux user emulator target
 
diff --git a/include/io/proxy-link.h b/include/io/proxy-link.h
index b76c574..159c787 100644
--- a/include/io/proxy-link.h
+++ b/include/io/proxy-link.h
@@ -35,6 +35,8 @@
 #include "qemu/osdep.h"
 #include "qom/object.h"
 #include "qemu/thread.h"
+#include "exec/cpu-common.h"
+#include "exec/hwaddr.h"
 
 typedef struct ProxyLinkState ProxyLinkState;
 
@@ -53,12 +55,14 @@ typedef struct ProxyLinkState ProxyLinkState;
  * Following commands are supported:
  * CONF_READ        PCI config. space read
  * CONF_WRITE       PCI config. space write
+ * SYNC_SYSMEM      Shares QEMU's RAM with remote device's RAM
  *
  */
 typedef enum {
     INIT = 0,
     CONF_READ,
     CONF_WRITE,
+    SYNC_SYSMEM,
     MAX,
 } proc_cmd_t;
 
@@ -75,12 +79,19 @@ typedef enum {
  *
  */
 typedef struct {
+    hwaddr gpas[REMOTE_MAX_FDS];
+    uint64_t sizes[REMOTE_MAX_FDS];
+    ram_addr_t offsets[REMOTE_MAX_FDS];
+} sync_sysmem_msg_t;
+
+typedef struct {
     proc_cmd_t cmd;
     int bytestream;
     size_t size;
 
     union {
         uint64_t u64;
+        sync_sysmem_msg_t sync_sysmem;
     } data1;
 
     int fds[REMOTE_MAX_FDS];
diff --git a/include/remote/memory.h b/include/remote/memory.h
new file mode 100644
index 0000000..0ffbca0
--- /dev/null
+++ b/include/remote/memory.h
@@ -0,0 +1,34 @@
+/*
+ * Memory manager for remote device
+ *
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef REMOTE_MEMORY_H
+#define REMOTE_MEMORY_H
+
+#include "qemu/osdep.h"
+#include "exec/hwaddr.h"
+#include "io/proxy-link.h"
+
+void remote_sysmem_reconfig(ProcMsg *msg, Error **errp);
+
+#endif
diff --git a/remote/memory.c b/remote/memory.c
new file mode 100644
index 0000000..6f87729
--- /dev/null
+++ b/remote/memory.c
@@ -0,0 +1,99 @@
+/*
+ * Memory manager for remote device
+ *
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <stdint.h>
+#include <sys/types.h>
+
+#include "qemu/osdep.h"
+#include "qemu/queue.h"
+#include "qemu-common.h"
+#include "remote/memory.h"
+#include "exec/memory.h"
+#include "exec/address-spaces.h"
+#include "cpu.h"
+#include "exec/ram_addr.h"
+#include "io/proxy-link.h"
+#include "qemu/main-loop.h"
+#include "qapi/error.h"
+
+static void remote_ram_destructor(MemoryRegion *mr)
+{
+    qemu_ram_free(mr->ram_block);
+}
+
+static void remote_ram_init_from_fd(MemoryRegion *mr, int fd, uint64_t size,
+                                    ram_addr_t offset, Error **errp)
+{
+    char *name = g_strdup_printf("%d", fd);
+
+    memory_region_init(mr, NULL, name, size);
+    mr->ram = true;
+    mr->terminates = true;
+    mr->destructor = NULL;
+    mr->align = 0;
+    mr->ram_block = qemu_ram_alloc_from_fd(size, mr, RAM_SHARED, fd, offset,
+                                           errp);
+    mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
+
+    g_free(name);
+}
+
+void remote_sysmem_reconfig(ProcMsg *msg, Error **errp)
+{
+    sync_sysmem_msg_t *sysmem_info = &msg->data1.sync_sysmem;
+    MemoryRegion *sysmem, *subregion, *next;
+    Error *local_err = NULL;
+    int region;
+
+    sysmem = get_system_memory();
+
+    qemu_mutex_lock_iothread();
+
+    memory_region_transaction_begin();
+
+    QTAILQ_FOREACH_SAFE(subregion, &sysmem->subregions, subregions_link, next) {
+        if (subregion->ram) {
+            memory_region_del_subregion(sysmem, subregion);
+            remote_ram_destructor(subregion);
+        }
+    }
+
+    for (region = 0; region < msg->num_fds; region++) {
+        subregion = g_new(MemoryRegion, 1);
+        remote_ram_init_from_fd(subregion, msg->fds[region],
+                                sysmem_info->sizes[region],
+                                sysmem_info->offsets[region], &local_err);
+        if (local_err) {
+            error_propagate(errp, local_err);
+            break;
+        }
+
+        memory_region_add_subregion(sysmem, sysmem_info->gpas[region],
+                                    subregion);
+    }
+
+    memory_region_transaction_commit();
+
+    qemu_mutex_unlock_iothread();
+}
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 12/45] multi-process: remote process initialization

[Jagannathan Raman]

Adds the handler to process message from QEMU,
Initialize remote process main loop, handles SYNC_SYSMEM
message by updating its "system_memory" container using
shared file descriptors received from QEMU.

Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
---
 v1 -> v2:
   - Separate thread for message processing is removed

 v2 -> v3:
   - Added multi-channel support in the remote end

 remote/remote-main.c | 81 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 81 insertions(+)

diff --git a/remote/remote-main.c b/remote/remote-main.c
index 97dd832..72866ec 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -23,6 +23,8 @@
  */
 
 #include <stdio.h>
+#include <glib.h>
+#include <unistd.h>
 
 #include "qemu/osdep.h"
 #include "qemu/module.h"
@@ -31,12 +33,91 @@
 #include "hw/boards.h"
 #include "hw/qdev-core.h"
 #include "qemu/main-loop.h"
+#include "remote/memory.h"
+#include "io/proxy-link.h"
+#include "qapi/error.h"
+#include "qemu/main-loop.h"
+#include "sysemu/cpus.h"
+#include "qemu-common.h"
+#include "hw/pci/pci.h"
+#include "qemu/thread.h"
+#include "qemu/main-loop.h"
+#include "qemu/config-file.h"
+#include "sysemu/sysemu.h"
+#include "block/block.h"
+
+static ProxyLinkState *proxy_link;
+PCIDevice *remote_pci_dev;
+
+static void process_msg(GIOCondition cond, ProcChannel *chan)
+{
+    ProcMsg *msg = NULL;
+    Error *err = NULL;
+
+    if ((cond & G_IO_HUP) || (cond & G_IO_ERR)) {
+        error_setg(&err, "socket closed, cond is %d", cond);
+        goto finalize_loop;
+    }
+
+    msg = g_malloc0(sizeof(ProcMsg));
+
+    if (proxy_proc_recv(proxy_link, msg, chan) < 0) {
+        error_setg(&err, "Failed to receive message");
+        goto finalize_loop;
+    }
+
+    switch (msg->cmd) {
+    case INIT:
+        break;
+    case CONF_WRITE:
+        break;
+    case CONF_READ:
+        break;
+    default:
+        error_setg(&err, "Unknown command");
+        goto finalize_loop;
+    }
+
+    g_free(msg);
+
+    return;
+
+finalize_loop:
+    error_report_err(err);
+    g_free(msg);
+    proxy_link_finalize(proxy_link);
+    proxy_link = NULL;
+}
 
 int main(int argc, char *argv[])
 {
+    Error *err = NULL;
+
     module_call_init(MODULE_INIT_QOM);
 
+    bdrv_init_with_whitelist();
+
+    if (qemu_init_main_loop(&err)) {
+        error_report_err(err);
+        return -EBUSY;
+    }
+
+    qemu_init_cpu_loop();
+
+    page_size_init();
+
     current_machine = MACHINE(REMOTE_MACHINE(object_new(TYPE_REMOTE_MACHINE)));
 
+    proxy_link = proxy_link_create();
+    if (!proxy_link) {
+        printf("Could not create proxy link\n");
+        return -1;
+    }
+
+    proxy_link_init_channel(proxy_link, &proxy_link->com, STDIN_FILENO);
+    proxy_link_set_callback(proxy_link, process_msg);
+
+    start_handler(proxy_link);
+
     return 0;
 }
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 13/45] multi-process: introduce proxy object

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Defines a PCI Device proxy object as a parent of TYPE_PCI_DEVICE.
PCI Proxy Object is responsible for registering PCI BARs,i
MemoryRegionOps to handle access to the BARs and forwarding those
to the remote device.
PCI Proxy object intercepts config space reads and writes. In case
of pci config write it forwards it to the remote device using
communication channel set by proxy-link object.

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
 hw/Makefile.objs              |   2 +
 hw/proxy/Makefile.objs        |   1 +
 hw/proxy/qemu-proxy.c         | 247 ++++++++++++++++++++++++++++++++++++++++++
 include/hw/proxy/qemu-proxy.h |  81 ++++++++++++++
 remote/remote-main.c          |  28 +++++
 5 files changed, 359 insertions(+)
 create mode 100644 hw/proxy/Makefile.objs
 create mode 100644 hw/proxy/qemu-proxy.c
 create mode 100644 include/hw/proxy/qemu-proxy.h

diff --git a/hw/Makefile.objs b/hw/Makefile.objs
index 4e28053..e016100 100644
--- a/hw/Makefile.objs
+++ b/hw/Makefile.objs
@@ -44,6 +44,8 @@ endif
 common-obj-y += $(devices-dirs-y)
 obj-y += $(devices-dirs-y)
 
+common-obj-$(CONFIG_MPQEMU) += proxy/
+
 remote-pci-obj-$(CONFIG_MPQEMU) += core/
 remote-pci-obj-$(CONFIG_MPQEMU) += block/
 remote-pci-obj-$(CONFIG_MPQEMU) += pci/
diff --git a/hw/proxy/Makefile.objs b/hw/proxy/Makefile.objs
new file mode 100644
index 0000000..eb81624
--- /dev/null
+++ b/hw/proxy/Makefile.objs
@@ -0,0 +1 @@
+common-obj-$(CONFIG_MPQEMU) += qemu-proxy.o
diff --git a/hw/proxy/qemu-proxy.c b/hw/proxy/qemu-proxy.c
new file mode 100644
index 0000000..0ec7bb6
--- /dev/null
+++ b/hw/proxy/qemu-proxy.c
@@ -0,0 +1,247 @@
+/*
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <unistd.h>
+#include <assert.h>
+#include <string.h>
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "io/proxy-link.h"
+#include "exec/memory.h"
+#include "exec/cpu-common.h"
+#include "exec/address-spaces.h"
+#include "qemu/int128.h"
+#include "qemu/range.h"
+#include "hw/pci/pci.h"
+#include "qemu/option.h"
+#include "qemu/config-file.h"
+#include "qapi/qmp/qjson.h"
+#include "qapi/qmp/qstring.h"
+#include "sysemu/sysemu.h"
+#include "hw/proxy/qemu-proxy.h"
+
+static void pci_proxy_dev_realize(PCIDevice *dev, Error **errp);
+
+int remote_spawn(PCIProxyDev *pdev, const char *command, Error **errp)
+{
+    char *args[3];
+    pid_t rpid;
+    int fd[2] = {-1, -1};
+    Error *local_error = NULL;
+
+    if (pdev->managed) {
+        /* Child is forked by external program (such as libvirt). */
+        return -1;
+    }
+
+    if (socketpair(AF_UNIX, SOCK_STREAM, 0, fd)) {
+        error_setg(errp, "Unable to create unix socket.");
+        return -1;
+    }
+    /* TODO: Restrict the forked process' permissions and capabilities. */
+    rpid = qemu_fork(&local_error);
+
+    if (rpid == -1) {
+        error_setg(errp, "Unable to spawn emulation program.");
+        close(fd[0]);
+        close(fd[1]);
+        return -1;
+    }
+
+    if (rpid == 0) {
+        close(fd[0]);
+
+        args[0] = g_strdup(command);
+        args[1] = g_strdup_printf("%d", fd[1]);
+        args[2] = NULL;
+        execvp(args[0], (char *const *)args);
+        exit(1);
+    }
+    pdev->remote_pid = rpid;
+    pdev->rsocket = fd[0];
+
+    close(fd[1]);
+
+    return 0;
+}
+
+static int get_proxy_sock(PCIDevice *dev)
+{
+    PCIProxyDev *pdev;
+
+    pdev = PCI_PROXY_DEV(dev);
+
+    return pdev->rsocket;
+}
+
+static void set_proxy_sock(PCIDevice *dev, int socket)
+{
+    PCIProxyDev *pdev;
+
+    pdev = PCI_PROXY_DEV(dev);
+
+    pdev->rsocket = socket;
+    pdev->managed = true;
+
+}
+
+static int config_op_send(PCIProxyDev *dev, uint32_t addr, uint32_t *val, int l,
+                          unsigned int op)
+{
+    ProcMsg msg;
+    struct conf_data_msg conf_data;
+    int wait;
+
+    memset(&msg, 0, sizeof(ProcMsg));
+    conf_data.addr = addr;
+    conf_data.val = (op == CONF_WRITE) ? *val : 0;
+    conf_data.l = l;
+
+    msg.data2 = (uint8_t *)malloc(sizeof(conf_data));
+    if (!msg.data2) {
+        return -ENOMEM;
+    }
+
+    memcpy(msg.data2, (const uint8_t *)&conf_data, sizeof(conf_data));
+    msg.size = sizeof(conf_data);
+    msg.cmd = op;
+    msg.bytestream = 1;
+
+    if (op == CONF_WRITE) {
+        msg.num_fds = 0;
+    } else {
+        wait = GET_REMOTE_WAIT;
+        msg.num_fds = 1;
+        msg.fds[0] = wait;
+    }
+
+    proxy_proc_send(dev->proxy_link, &msg, dev->proxy_link->com);
+
+    if (op == CONF_READ) {
+        *val = (uint32_t)wait_for_remote(wait);
+        PUT_REMOTE_WAIT(wait);
+    }
+
+    free(msg.data2);
+
+    return 0;
+}
+
+static uint32_t pci_proxy_read_config(PCIDevice *d, uint32_t addr, int len)
+{
+    uint32_t val;
+
+    (void)pci_default_read_config(d, addr, len);
+
+    config_op_send(PCI_PROXY_DEV(d), addr, &val, len, CONF_READ);
+
+    return val;
+}
+
+static void pci_proxy_write_config(PCIDevice *d, uint32_t addr, uint32_t val,
+                                   int l)
+{
+    pci_default_write_config(d, addr, val, l);
+
+    config_op_send(PCI_PROXY_DEV(d), addr, &val, l, CONF_WRITE);
+}
+
+static void pci_proxy_dev_class_init(ObjectClass *klass, void *data)
+{
+    PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
+
+    k->realize = pci_proxy_dev_realize;
+    k->config_read = pci_proxy_read_config;
+    k->config_write = pci_proxy_write_config;
+}
+
+static const TypeInfo pci_proxy_dev_type_info = {
+    .name          = TYPE_PCI_PROXY_DEV,
+    .parent        = TYPE_PCI_DEVICE,
+    .instance_size = sizeof(PCIProxyDev),
+    .abstract      = true,
+    .class_size    = sizeof(PCIProxyDevClass),
+    .class_init    = pci_proxy_dev_class_init,
+    .interfaces = (InterfaceInfo[]) {
+        { INTERFACE_CONVENTIONAL_PCI_DEVICE },
+        { },
+    },
+};
+
+static void pci_proxy_dev_register_types(void)
+{
+    type_register_static(&pci_proxy_dev_type_info);
+}
+
+type_init(pci_proxy_dev_register_types)
+
+static void init_proxy(PCIDevice *dev, char *command, Error **errp)
+{
+    PCIProxyDev *pdev = PCI_PROXY_DEV(dev);
+    Error *local_error = NULL;
+
+    if (!pdev->managed) {
+        if (command) {
+            remote_spawn(pdev, command, &local_error);
+        } else {
+            return;
+        }
+    } else {
+        pdev->remote_pid = atoi(pdev->rid);
+        if (pdev->remote_pid == -1) {
+            error_setg(errp, "Remote PID is -1");
+            return;
+        }
+    }
+
+    pdev->proxy_link = proxy_link_create();
+
+    if (!pdev->proxy_link) {
+        error_setg(errp, "Failed to create proxy link");
+        return;
+    }
+
+    proxy_link_init_channel(pdev->proxy_link, &pdev->proxy_link->com,
+                            pdev->socket);
+}
+
+static void pci_proxy_dev_realize(PCIDevice *device, Error **errp)
+{
+    PCIProxyDev *dev = PCI_PROXY_DEV(device);
+    PCIProxyDevClass *k = PCI_PROXY_DEV_GET_CLASS(dev);
+    Error *local_err = NULL;
+
+    if (k->realize) {
+        k->realize(dev, &local_err);
+        if (local_err) {
+            error_propagate(errp, local_err);
+        }
+    }
+
+    dev->set_proxy_sock = set_proxy_sock;
+    dev->get_proxy_sock = get_proxy_sock;
+    dev->init_proxy = init_proxy;
+}
diff --git a/include/hw/proxy/qemu-proxy.h b/include/hw/proxy/qemu-proxy.h
new file mode 100644
index 0000000..ee21818
--- /dev/null
+++ b/include/hw/proxy/qemu-proxy.h
@@ -0,0 +1,81 @@
+/*
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef QEMU_PROXY_H
+#define QEMU_PROXY_H
+
+#include "io/proxy-link.h"
+
+#define TYPE_PCI_PROXY_DEV "pci-proxy-dev"
+
+#define PCI_PROXY_DEV(obj) \
+            OBJECT_CHECK(PCIProxyDev, (obj), TYPE_PCI_PROXY_DEV)
+
+#define PCI_PROXY_DEV_CLASS(klass) \
+            OBJECT_CLASS_CHECK(PCIProxyDevClass, (klass), TYPE_PCI_PROXY_DEV)
+
+#define PCI_PROXY_DEV_GET_CLASS(obj) \
+            OBJECT_GET_CLASS(PCIProxyDevClass, (obj), TYPE_PCI_PROXY_DEV)
+
+typedef struct PCIProxyDev {
+    PCIDevice parent_dev;
+
+    int n_mr_sections;
+    MemoryRegionSection *mr_sections;
+
+    ProxyLinkState *proxy_link;
+
+    EventNotifier intr;
+    EventNotifier resample;
+
+    pid_t remote_pid;
+    int rsocket;
+    int socket;
+
+    char *rid;
+
+    bool managed;
+    char *dev_id;
+
+    QLIST_ENTRY(PCIProxyDev) next;
+
+    void (*set_proxy_sock) (PCIDevice *dev, int socket);
+    int (*get_proxy_sock) (PCIDevice *dev);
+
+    void (*set_remote_opts) (PCIDevice *dev, QDict *qdict, unsigned int cmd);
+    void (*proxy_ready) (PCIDevice *dev);
+    void (*init_proxy) (PCIDevice *pdev, char *command, Error **errp);
+
+} PCIProxyDev;
+
+typedef struct PCIProxyDevClass {
+    PCIDeviceClass parent_class;
+
+    void (*realize)(PCIProxyDev *dev, Error **errp);
+
+    char *command;
+} PCIProxyDevClass;
+
+int remote_spawn(PCIProxyDev *pdev, const char *command, Error **errp);
+
+
+#endif /* QEMU_PROXY_H */
diff --git a/remote/remote-main.c b/remote/remote-main.c
index 72866ec..93b2d36 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -49,6 +49,32 @@
 static ProxyLinkState *proxy_link;
 PCIDevice *remote_pci_dev;
 
+static void process_config_write(ProcMsg *msg)
+{
+    struct conf_data_msg *conf = (struct conf_data_msg *)msg->data2;
+
+    qemu_mutex_lock_iothread();
+    pci_default_write_config(remote_pci_dev, conf->addr, conf->val, conf->l);
+    qemu_mutex_unlock_iothread();
+}
+
+static void process_config_read(ProcMsg *msg)
+{
+    struct conf_data_msg *conf = (struct conf_data_msg *)msg->data2;
+    uint32_t val;
+    int wait;
+
+    wait = msg->fds[0];
+
+    qemu_mutex_lock_iothread();
+    val = pci_default_read_config(remote_pci_dev, conf->addr, conf->l);
+    qemu_mutex_unlock_iothread();
+
+    notify_proxy(wait, val);
+
+    PUT_REMOTE_WAIT(wait);
+}
+
 static void process_msg(GIOCondition cond, ProcChannel *chan)
 {
     ProcMsg *msg = NULL;
@@ -70,8 +96,10 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
     case INIT:
         break;
     case CONF_WRITE:
+        process_config_write(msg);
         break;
     case CONF_READ:
+        process_config_read(msg);
         break;
     default:
         error_setg(&err, "Unknown command");
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 14/45] mutli-process: build remote command line args

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
 New patch in v3

 hw/proxy/qemu-proxy.c         | 80 +++++++++++++++++++++++++++++++++----------
 include/hw/proxy/qemu-proxy.h |  2 +-
 2 files changed, 62 insertions(+), 20 deletions(-)

diff --git a/hw/proxy/qemu-proxy.c b/hw/proxy/qemu-proxy.c
index 0ec7bb6..e5fd4bb 100644
--- a/hw/proxy/qemu-proxy.c
+++ b/hw/proxy/qemu-proxy.c
@@ -45,47 +45,89 @@
 
 static void pci_proxy_dev_realize(PCIDevice *dev, Error **errp);
 
+static int add_argv(char *command_str, char **argv, int argc)
+{
+    int max_args = 64;
+
+    if (argc < max_args - 1) {
+        argv[argc++] = command_str;
+        argv[argc] = 0;
+    } else {
+        return 0;
+    }
+
+    return argc;
+}
+
+static int make_argv(char *command_str, char **argv, int argc)
+{
+    int max_args = 64;
+
+    char *p2 = strtok(command_str, " ");
+    while (p2 && argc < max_args - 1) {
+        argv[argc++] = p2;
+        p2 = strtok(0, " ");
+    }
+    argv[argc] = 0;
+
+    return argc;
+}
+
 int remote_spawn(PCIProxyDev *pdev, const char *command, Error **errp)
 {
-    char *args[3];
     pid_t rpid;
     int fd[2] = {-1, -1};
     Error *local_error = NULL;
+    char *argv[64];
+    int argc = 0, _argc;
+    char *sfd;
+    char *exec_dir;
+    int rc = -EINVAL;
 
     if (pdev->managed) {
         /* Child is forked by external program (such as libvirt). */
-        return -1;
+        return rc;
     }
 
     if (socketpair(AF_UNIX, SOCK_STREAM, 0, fd)) {
         error_setg(errp, "Unable to create unix socket.");
-        return -1;
+        return rc;
     }
+    exec_dir = g_strdup_printf("%s/%s", qemu_get_exec_dir(), "qemu-scsi-dev");
+    argc = add_argv(exec_dir, argv, argc);
+    sfd = g_strdup_printf("%d", fd[1]);
+    argc = add_argv(sfd, argv, argc);
+    _argc = argc;
+    argc = make_argv((char *)command, argv, argc);
+
     /* TODO: Restrict the forked process' permissions and capabilities. */
     rpid = qemu_fork(&local_error);
 
     if (rpid == -1) {
         error_setg(errp, "Unable to spawn emulation program.");
         close(fd[0]);
-        close(fd[1]);
-        return -1;
+        goto fail;
     }
 
     if (rpid == 0) {
         close(fd[0]);
-
-        args[0] = g_strdup(command);
-        args[1] = g_strdup_printf("%d", fd[1]);
-        args[2] = NULL;
-        execvp(args[0], (char *const *)args);
+        execvp(argv[0], (char *const *)argv);
         exit(1);
     }
     pdev->remote_pid = rpid;
-    pdev->rsocket = fd[0];
+    pdev->rsocket = fd[1];
+    pdev->socket = fd[0];
 
+    rc = 0;
+
+fail:
     close(fd[1]);
 
-    return 0;
+    for (int i = 0; i < _argc; i++) {
+        g_free(argv[i]);
+    }
+
+    return rc;
 }
 
 static int get_proxy_sock(PCIDevice *dev)
@@ -94,7 +136,7 @@ static int get_proxy_sock(PCIDevice *dev)
 
     pdev = PCI_PROXY_DEV(dev);
 
-    return pdev->rsocket;
+    return pdev->socket;
 }
 
 static void set_proxy_sock(PCIDevice *dev, int socket)
@@ -103,7 +145,7 @@ static void set_proxy_sock(PCIDevice *dev, int socket)
 
     pdev = PCI_PROXY_DEV(dev);
 
-    pdev->rsocket = socket;
+    pdev->socket = socket;
     pdev->managed = true;
 
 }
@@ -198,16 +240,16 @@ static void pci_proxy_dev_register_types(void)
 
 type_init(pci_proxy_dev_register_types)
 
-static void init_proxy(PCIDevice *dev, char *command, Error **errp)
+static void init_proxy(PCIDevice *dev, char *command, bool need_spawn, Error **errp)
 {
     PCIProxyDev *pdev = PCI_PROXY_DEV(dev);
     Error *local_error = NULL;
 
     if (!pdev->managed) {
-        if (command) {
-            remote_spawn(pdev, command, &local_error);
-        } else {
-            return;
+        if (need_spawn) {
+            if (!remote_spawn(pdev, command, &local_error)) {
+                return;
+            }
         }
     } else {
         pdev->remote_pid = atoi(pdev->rid);
diff --git a/include/hw/proxy/qemu-proxy.h b/include/hw/proxy/qemu-proxy.h
index ee21818..3b37b65 100644
--- a/include/hw/proxy/qemu-proxy.h
+++ b/include/hw/proxy/qemu-proxy.h
@@ -63,7 +63,7 @@ typedef struct PCIProxyDev {
 
     void (*set_remote_opts) (PCIDevice *dev, QDict *qdict, unsigned int cmd);
     void (*proxy_ready) (PCIDevice *dev);
-    void (*init_proxy) (PCIDevice *pdev, char *command, Error **errp);
+    void (*init_proxy) (PCIDevice *dev, char *command, bool need_spawn, Error **errp);
 
 } PCIProxyDev;
 
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 15/45] multi-process: add support of device id to communication channel

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
 New patch in v3

 include/io/proxy-link.h |  3 +++
 io/proxy-link.c         | 37 ++++++++++++++++++++++++++++++++-----
 2 files changed, 35 insertions(+), 5 deletions(-)

diff --git a/include/io/proxy-link.h b/include/io/proxy-link.h
index 159c787..0785394 100644
--- a/include/io/proxy-link.h
+++ b/include/io/proxy-link.h
@@ -88,6 +88,7 @@ typedef struct {
     proc_cmd_t cmd;
     int bytestream;
     size_t size;
+    size_t size_id;
 
     union {
         uint64_t u64;
@@ -98,6 +99,8 @@ typedef struct {
     int num_fds;
 
     uint8_t *data2;
+    uint8_t *id;
+
 } ProcMsg;
 
 struct conf_data_msg {
diff --git a/io/proxy-link.c b/io/proxy-link.c
index 381a38e..6f60117 100644
--- a/io/proxy-link.c
+++ b/io/proxy-link.c
@@ -81,7 +81,7 @@ void proxy_link_finalize(ProxyLinkState *s)
 void proxy_proc_send(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan)
 {
     int rc;
-    uint8_t *data;
+    uint8_t *data, *buf = NULL;
     union {
         char control[CMSG_SPACE(REMOTE_MAX_FDS * sizeof(int))];
         struct cmsghdr align;
@@ -140,10 +140,19 @@ void proxy_proc_send(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan)
         data = (uint8_t *)msg + PROC_HDR_SIZE;
     }
 
+    if (msg->size_id > 0) {
+        buf = calloc(1, msg->size + msg->size_id);
+        assert(buf);
+        memcpy(buf, data, msg->size);
+        memcpy(buf + msg->size, msg->id, msg->size_id);
+        data = buf;
+    }
     do {
-        rc = write(sock, data, msg->size);
+        rc = write(sock, data, msg->size + msg->size_id);
     } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
 
+    free(buf);
+
     qemu_mutex_unlock(lock);
 }
 
@@ -151,7 +160,7 @@ void proxy_proc_send(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan)
 int proxy_proc_recv(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan)
 {
     int rc;
-    uint8_t *data;
+    uint8_t *data, *buf = NULL;
     union {
         char control[CMSG_SPACE(REMOTE_MAX_FDS * sizeof(int))];
         struct cmsghdr align;
@@ -207,10 +216,28 @@ int proxy_proc_recv(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan)
         data = (uint8_t *)&msg->data1;
     }
 
-    if (msg->size) {
+     if (msg->size) {
+        if (msg->size_id > 0) {
+            buf = calloc(1, msg->size + msg->size_id);
+            data = buf;
+        }
         do {
-            rc = read(sock, data, msg->size);
+            rc = read(sock, data, msg->size + msg->size_id);
         } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
+        if (rc < 0) {
+            fprintf(stderr, "Read sock is an error!\n");
+            return rc;
+        }
+    }
+    if (msg->size && msg->bytestream) {
+        memcpy(msg->data2, data, msg->size);
+    } else {
+        memcpy((uint8_t *)&msg->data1, data, msg->size);
+    }
+
+    if (msg->size_id > 0) {
+        msg->id = calloc(1, msg->size_id);
+        memcpy(msg->id, data + msg->size, msg->size_id);
     }
 
     qemu_mutex_unlock(lock);
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 16/45] multi-process: PCI BAR read/write handling for proxy & remote endpoints

[Jagannathan Raman]

Proxy device object implements handler for PCI BAR writes and reads. The handler
uses BAR_WRITE/BAR_READ message to communicate to the remote process with the BAR address and
value to be written/read.
The remote process implements handler for BAR_WRITE/BAR_READ message.

Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
 hw/proxy/qemu-proxy.c         | 50 +++++++++++++++++++++++++++++
 include/hw/proxy/qemu-proxy.h |  5 +++
 include/io/proxy-link.h       | 12 +++++++
 remote/remote-main.c          | 73 +++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 140 insertions(+)

diff --git a/hw/proxy/qemu-proxy.c b/hw/proxy/qemu-proxy.c
index e5fd4bb..44668bf 100644
--- a/hw/proxy/qemu-proxy.c
+++ b/hw/proxy/qemu-proxy.c
@@ -287,3 +287,53 @@ static void pci_proxy_dev_realize(PCIDevice *device, Error **errp)
     dev->get_proxy_sock = get_proxy_sock;
     dev->init_proxy = init_proxy;
 }
+
+static void send_bar_access_msg(ProxyLinkState *proxy_link, MemoryRegion *mr,
+                                bool write, hwaddr addr, uint64_t *val,
+                                unsigned size, bool memory)
+{
+    ProcMsg msg;
+    int wait;
+
+    memset(&msg, 0, sizeof(ProcMsg));
+
+    msg.bytestream = 0;
+    msg.size = sizeof(msg.data1);
+    msg.data1.bar_access.addr = mr->addr + addr;
+    msg.data1.bar_access.size = size;
+    msg.data1.bar_access.memory = memory;
+
+    if (write) {
+        msg.cmd = BAR_WRITE;
+        msg.data1.bar_access.val = *val;
+    } else {
+        wait = GET_REMOTE_WAIT;
+
+        msg.cmd = BAR_READ;
+        msg.num_fds = 1;
+        msg.fds[0] = wait;
+    }
+
+    proxy_proc_send(proxy_link, &msg, proxy_link->com);
+
+    if (!write) {
+        *val = wait_for_remote(wait);
+        PUT_REMOTE_WAIT(wait);
+    }
+}
+
+void proxy_default_bar_write(PCIProxyDev *dev, MemoryRegion *mr, hwaddr addr,
+                             uint64_t val, unsigned size, bool memory)
+{
+    send_bar_access_msg(dev->proxy_link, mr, true, addr, &val, size, memory);
+}
+
+uint64_t proxy_default_bar_read(PCIProxyDev *dev, MemoryRegion *mr, hwaddr addr,
+                                unsigned size, bool memory)
+{
+    uint64_t val;
+
+    send_bar_access_msg(dev->proxy_link, mr, false, addr, &val, size, memory);
+
+    return val;
+}
diff --git a/include/hw/proxy/qemu-proxy.h b/include/hw/proxy/qemu-proxy.h
index 3b37b65..a951570 100644
--- a/include/hw/proxy/qemu-proxy.h
+++ b/include/hw/proxy/qemu-proxy.h
@@ -77,5 +77,10 @@ typedef struct PCIProxyDevClass {
 
 int remote_spawn(PCIProxyDev *pdev, const char *command, Error **errp);
 
+void proxy_default_bar_write(PCIProxyDev *dev, MemoryRegion *mr, hwaddr addr,
+                             uint64_t val, unsigned size, bool memory);
+
+uint64_t proxy_default_bar_read(PCIProxyDev *dev, MemoryRegion *mr, hwaddr addr,
+                                unsigned size, bool memory);
 
 #endif /* QEMU_PROXY_H */
diff --git a/include/io/proxy-link.h b/include/io/proxy-link.h
index 0785394..2c290b2 100644
--- a/include/io/proxy-link.h
+++ b/include/io/proxy-link.h
@@ -56,6 +56,8 @@ typedef struct ProxyLinkState ProxyLinkState;
  * CONF_READ        PCI config. space read
  * CONF_WRITE       PCI config. space write
  * SYNC_SYSMEM      Shares QEMU's RAM with remote device's RAM
+ * BAR_WRITE        Writes to PCI BAR region
+ * BAR_READ         Reads from PCI BAR region
  *
  */
 typedef enum {
@@ -63,6 +65,8 @@ typedef enum {
     CONF_READ,
     CONF_WRITE,
     SYNC_SYSMEM,
+    BAR_WRITE,
+    BAR_READ,
     MAX,
 } proc_cmd_t;
 
@@ -85,6 +89,13 @@ typedef struct {
 } sync_sysmem_msg_t;
 
 typedef struct {
+    hwaddr addr;
+    uint64_t val;
+    unsigned size;
+    bool memory;
+} bar_access_msg_t;
+
+typedef struct {
     proc_cmd_t cmd;
     int bytestream;
     size_t size;
@@ -93,6 +104,7 @@ typedef struct {
     union {
         uint64_t u64;
         sync_sysmem_msg_t sync_sysmem;
+        bar_access_msg_t bar_access;
     } data1;
 
     int fds[REMOTE_MAX_FDS];
diff --git a/remote/remote-main.c b/remote/remote-main.c
index 93b2d36..43fe50a 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -45,6 +45,7 @@
 #include "qemu/config-file.h"
 #include "sysemu/sysemu.h"
 #include "block/block.h"
+#include "exec/memattrs.h"
 
 static ProxyLinkState *proxy_link;
 PCIDevice *remote_pci_dev;
@@ -75,6 +76,66 @@ static void process_config_read(ProcMsg *msg)
     PUT_REMOTE_WAIT(wait);
 }
 
+/* TODO: confirm memtx attrs. */
+static void process_bar_write(ProcMsg *msg, Error **errp)
+{
+    bar_access_msg_t *bar_access = &msg->data1.bar_access;
+    AddressSpace *as =
+        bar_access->memory ? &address_space_memory : &address_space_io;
+    MemTxResult res;
+
+    res = address_space_rw(as, bar_access->addr, MEMTXATTRS_UNSPECIFIED,
+                           (uint8_t *)&bar_access->val, bar_access->size, true);
+
+    if (res != MEMTX_OK) {
+        error_setg(errp, "Could not perform address space write operation,"
+                   " inaccessible address: %lx.", bar_access->addr);
+    }
+}
+
+static void process_bar_read(ProcMsg *msg, Error **errp)
+{
+    bar_access_msg_t *bar_access = &msg->data1.bar_access;
+    AddressSpace *as;
+    int wait = msg->fds[0];
+    MemTxResult res;
+    uint64_t val = 0;
+
+    as = bar_access->memory ? &address_space_memory : &address_space_io;
+
+    assert(bar_access->size <= sizeof(uint64_t));
+
+    res = address_space_rw(as, bar_access->addr, MEMTXATTRS_UNSPECIFIED,
+                           (uint8_t *)&val, bar_access->size, false);
+
+    if (res != MEMTX_OK) {
+        error_setg(errp, "Could not perform address space read operation,"
+                   " inaccessible address: %lx.", bar_access->addr);
+        val = (uint64_t)-1;
+        goto fail;
+    }
+
+    switch (bar_access->size) {
+    case 4:
+        val = *((uint32_t *)&val);
+        break;
+    case 2:
+        val = *((uint16_t *)&val);
+        break;
+    case 1:
+        val = *((uint8_t *)&val);
+        break;
+    default:
+        error_setg(errp, "Invalid PCI BAR read size");
+        return;
+    }
+
+fail:
+    notify_proxy(wait, val);
+
+    PUT_REMOTE_WAIT(wait);
+}
+
 static void process_msg(GIOCondition cond, ProcChannel *chan)
 {
     ProcMsg *msg = NULL;
@@ -101,6 +162,18 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
     case CONF_READ:
         process_config_read(msg);
         break;
+    case BAR_WRITE:
+        process_bar_write(msg, &err);
+        if (err) {
+            goto finalize_loop;
+        }
+        break;
+    case BAR_READ:
+        process_bar_read(msg, &err);
+        if (err) {
+            goto finalize_loop;
+        }
+        break;
     default:
         error_setg(&err, "Unknown command");
         goto finalize_loop;
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 17/45] multi-process: modify BARs read/write to support dev_id

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Reviewed-by: Liam Merwick <liam.merwick@oracle.com>
---
 New patch in v3

 hw/proxy/qemu-proxy.c | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/hw/proxy/qemu-proxy.c b/hw/proxy/qemu-proxy.c
index 44668bf..1021045 100644
--- a/hw/proxy/qemu-proxy.c
+++ b/hw/proxy/qemu-proxy.c
@@ -288,13 +288,16 @@ static void pci_proxy_dev_realize(PCIDevice *device, Error **errp)
     dev->init_proxy = init_proxy;
 }
 
-static void send_bar_access_msg(ProxyLinkState *proxy_link, MemoryRegion *mr,
+static void send_bar_access_msg(PCIProxyDev *dev, MemoryRegion *mr,
                                 bool write, hwaddr addr, uint64_t *val,
                                 unsigned size, bool memory)
 {
+    ProxyLinkState *proxy_link;
     ProcMsg msg;
     int wait;
 
+    proxy_link = dev->proxy_link;
+
     memset(&msg, 0, sizeof(ProcMsg));
 
     msg.bytestream = 0;
@@ -314,18 +317,31 @@ static void send_bar_access_msg(ProxyLinkState *proxy_link, MemoryRegion *mr,
         msg.fds[0] = wait;
     }
 
+    if (dev->dev_id) {
+        msg.size_id = strlen(dev->dev_id) + 1;
+        msg.id = calloc(1, msg.size_id);
+        memcpy(msg.id, dev->dev_id, msg.size_id);
+    } else {
+        msg.size_id = 0;
+    }
+
     proxy_proc_send(proxy_link, &msg, proxy_link->com);
 
     if (!write) {
         *val = wait_for_remote(wait);
         PUT_REMOTE_WAIT(wait);
     }
+
+    if (msg.id) {
+        free(msg.id);
+    }
+
 }
 
 void proxy_default_bar_write(PCIProxyDev *dev, MemoryRegion *mr, hwaddr addr,
                              uint64_t val, unsigned size, bool memory)
 {
-    send_bar_access_msg(dev->proxy_link, mr, true, addr, &val, size, memory);
+    send_bar_access_msg(dev, mr, true, addr, &val, size, memory);
 }
 
 uint64_t proxy_default_bar_read(PCIProxyDev *dev, MemoryRegion *mr, hwaddr addr,
@@ -333,7 +349,7 @@ uint64_t proxy_default_bar_read(PCIProxyDev *dev, MemoryRegion *mr, hwaddr addr,
 {
     uint64_t val;
 
-    send_bar_access_msg(dev->proxy_link, mr, false, addr, &val, size, memory);
+    send_bar_access_msg(dev, mr, false, addr, &val, size, memory);
 
     return val;
 }
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 18/45] multi-process: support dev id in config read/write

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
 New patch in v3

 hw/proxy/qemu-proxy.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/hw/proxy/qemu-proxy.c b/hw/proxy/qemu-proxy.c
index 1021045..789f39a 100644
--- a/hw/proxy/qemu-proxy.c
+++ b/hw/proxy/qemu-proxy.c
@@ -151,12 +151,16 @@ static void set_proxy_sock(PCIDevice *dev, int socket)
 }
 
 static int config_op_send(PCIProxyDev *dev, uint32_t addr, uint32_t *val, int l,
-                          unsigned int op)
+                          char *id, unsigned int op)
 {
     ProcMsg msg;
     struct conf_data_msg conf_data;
     int wait;
 
+    if (!id) {
+        return -EINVAL;
+    }
+
     memset(&msg, 0, sizeof(ProcMsg));
     conf_data.addr = addr;
     conf_data.val = (op == CONF_WRITE) ? *val : 0;
@@ -171,6 +175,8 @@ static int config_op_send(PCIProxyDev *dev, uint32_t addr, uint32_t *val, int l,
     msg.size = sizeof(conf_data);
     msg.cmd = op;
     msg.bytestream = 1;
+    msg.id = (uint8_t *)g_strdup(dev->dev_id);
+    msg.size_id = strlen(dev->dev_id) + 1;
 
     if (op == CONF_WRITE) {
         msg.num_fds = 0;
@@ -188,6 +194,7 @@ static int config_op_send(PCIProxyDev *dev, uint32_t addr, uint32_t *val, int l,
     }
 
     free(msg.data2);
+    free(msg.id);
 
     return 0;
 }
@@ -198,7 +205,8 @@ static uint32_t pci_proxy_read_config(PCIDevice *d, uint32_t addr, int len)
 
     (void)pci_default_read_config(d, addr, len);
 
-    config_op_send(PCI_PROXY_DEV(d), addr, &val, len, CONF_READ);
+    config_op_send(PCI_PROXY_DEV(d), addr, &val, len,
+                   PCI_PROXY_DEV(d)->dev_id, CONF_READ);
 
     return val;
 }
@@ -208,7 +216,8 @@ static void pci_proxy_write_config(PCIDevice *d, uint32_t addr, uint32_t val,
 {
     pci_default_write_config(d, addr, val, l);
 
-    config_op_send(PCI_PROXY_DEV(d), addr, &val, l, CONF_WRITE);
+    config_op_send(PCI_PROXY_DEV(d), addr, &val, l,
+                   PCI_PROXY_DEV(d)->dev_id, CONF_WRITE);
 }
 
 static void pci_proxy_dev_class_init(ObjectClass *klass, void *data)
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 19/45] multi-process: Add LSI device proxy object

[Jagannathan Raman]

Adds proxy-lsi53c895a object, as a derivative of the pci-proxy-dev
object. This object is the proxy for the lsi53c895a object
instantiated by the remote process.

Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 hw/proxy/Makefile.objs              |   1 +
 hw/proxy/proxy-lsi53c895a.c         | 162 ++++++++++++++++++++++++++++++++++++
 include/hw/proxy/proxy-lsi53c895a.h |  42 ++++++++++
 3 files changed, 205 insertions(+)
 create mode 100644 hw/proxy/proxy-lsi53c895a.c
 create mode 100644 include/hw/proxy/proxy-lsi53c895a.h

diff --git a/hw/proxy/Makefile.objs b/hw/proxy/Makefile.objs
index eb81624..f562f5a 100644
--- a/hw/proxy/Makefile.objs
+++ b/hw/proxy/Makefile.objs
@@ -1 +1,2 @@
 common-obj-$(CONFIG_MPQEMU) += qemu-proxy.o
+common-obj-$(CONFIG_MPQEMU) += proxy-lsi53c895a.o
diff --git a/hw/proxy/proxy-lsi53c895a.c b/hw/proxy/proxy-lsi53c895a.c
new file mode 100644
index 0000000..e8a8d36
--- /dev/null
+++ b/hw/proxy/proxy-lsi53c895a.c
@@ -0,0 +1,162 @@
+/*
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <sys/types.h>
+
+#include "qemu/osdep.h"
+#include "hw/qdev-core.h"
+#include "qemu/bitops.h"
+#include "hw/pci/pci.h"
+#include "hw/proxy/qemu-proxy.h"
+#include "hw/proxy/proxy-lsi53c895a.h"
+#include "exec/memory.h"
+
+static uint64_t proxy_lsi_io_read(void *opaque, hwaddr addr, unsigned size)
+{
+    ProxyLSIState *s = opaque;
+
+    return proxy_default_bar_read(PCI_PROXY_DEV(s), &s->io_io, addr, size,
+                                  false);
+}
+
+static void proxy_lsi_io_write(void *opaque, hwaddr addr, uint64_t val,
+                               unsigned size)
+{
+    ProxyLSIState *s = opaque;
+
+    proxy_default_bar_write(PCI_PROXY_DEV(s), &s->io_io, addr, val, size,
+                            false);
+}
+
+static const MemoryRegionOps proxy_lsi_io_ops = {
+    .read = proxy_lsi_io_read,
+    .write = proxy_lsi_io_write,
+    .endianness = DEVICE_NATIVE_ENDIAN,
+    .impl = {
+        .min_access_size = 1,
+        .max_access_size = 1,
+    },
+};
+
+static uint64_t proxy_lsi_ram_read(void *opaque, hwaddr addr, unsigned size)
+{
+    ProxyLSIState *s = opaque;
+
+    return proxy_default_bar_read(PCI_PROXY_DEV(s), &s->ram_io, addr, size,
+                                  true);
+}
+
+static void proxy_lsi_ram_write(void *opaque, hwaddr addr, uint64_t val,
+                                unsigned size)
+{
+    ProxyLSIState *s = opaque;
+
+    proxy_default_bar_write(PCI_PROXY_DEV(s), &s->ram_io, addr, val, size,
+                            true);
+}
+
+static const MemoryRegionOps proxy_lsi_ram_ops = {
+    .read = proxy_lsi_ram_read,
+    .write = proxy_lsi_ram_write,
+    .endianness = DEVICE_NATIVE_ENDIAN,
+};
+
+static uint64_t proxy_lsi_mmio_read(void *opaque, hwaddr addr, unsigned size)
+{
+    ProxyLSIState *s = opaque;
+
+    return proxy_default_bar_read(PCI_PROXY_DEV(s), &s->mmio_io, addr, size,
+                                  true);
+}
+
+static void proxy_lsi_mmio_write(void *opaque, hwaddr addr, uint64_t val,
+                                 unsigned size)
+{
+    ProxyLSIState *s = opaque;
+
+    proxy_default_bar_write(PCI_PROXY_DEV(s), &s->mmio_io, addr, val, size,
+                            true);
+}
+
+static const MemoryRegionOps proxy_lsi_mmio_ops = {
+    .read = proxy_lsi_mmio_read,
+    .write = proxy_lsi_mmio_write,
+    .endianness = DEVICE_NATIVE_ENDIAN,
+    .impl = {
+        .min_access_size = 1,
+        .max_access_size = 1,
+    },
+};
+
+static void proxy_lsi_realize(PCIProxyDev *dev, Error **errp)
+{
+    ProxyLSIState *s = LSI_PROXY_DEV(dev);
+    PCIDevice *pci_dev = PCI_DEVICE(dev);
+    uint8_t *pci_conf = pci_dev->config;
+
+    pci_conf[PCI_LATENCY_TIMER] = 0xff;
+    pci_conf[PCI_INTERRUPT_PIN] = 0x01;
+
+    memory_region_init_io(&s->mmio_io, OBJECT(s), &proxy_lsi_mmio_ops, s,
+                          "proxy-lsi-mmio", 0x400);
+    memory_region_init_io(&s->ram_io, OBJECT(s), &proxy_lsi_ram_ops, s,
+                          "proxy-lsi-ram", 0x2000);
+    memory_region_init_io(&s->io_io, OBJECT(s), &proxy_lsi_io_ops, s,
+                          "proxy-lsi-io", 256);
+
+    pci_register_bar(pci_dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io_io);
+    pci_register_bar(pci_dev, 1, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->mmio_io);
+    pci_register_bar(pci_dev, 2, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->ram_io);
+}
+
+static void proxy_lsi_class_init(ObjectClass *klass, void *data)
+{
+    DeviceClass *dc = DEVICE_CLASS(klass);
+    PCIDeviceClass *pci_class = PCI_DEVICE_CLASS(klass);
+    PCIProxyDevClass *proxy_class = PCI_PROXY_DEV_CLASS(klass);
+
+    proxy_class->realize = proxy_lsi_realize;
+    proxy_class->command = g_strdup("qemu-scsi-dev");
+
+    pci_class->vendor_id = PCI_VENDOR_ID_LSI_LOGIC;
+    pci_class->device_id = PCI_DEVICE_ID_LSI_53C895A;
+    pci_class->class_id = PCI_CLASS_STORAGE_SCSI;
+    pci_class->subsystem_id = 0x1000;
+
+    set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
+
+    dc->desc = "LSI Proxy Device";
+}
+
+static const TypeInfo lsi_proxy_dev_type_info = {
+    .name          = TYPE_PROXY_LSI53C895A,
+    .parent        = TYPE_PCI_PROXY_DEV,
+    .instance_size = sizeof(ProxyLSIState),
+    .class_init    = proxy_lsi_class_init,
+};
+
+static void lsi_proxy_dev_register_types(void)
+{
+    type_register_static(&lsi_proxy_dev_type_info);
+}
+
+type_init(lsi_proxy_dev_register_types)
diff --git a/include/hw/proxy/proxy-lsi53c895a.h b/include/hw/proxy/proxy-lsi53c895a.h
new file mode 100644
index 0000000..8afb8f3
--- /dev/null
+++ b/include/hw/proxy/proxy-lsi53c895a.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef LSI_PROXY_H
+#define LSI_PROXY_H
+
+#include "hw/proxy/qemu-proxy.h"
+
+#define TYPE_PROXY_LSI53C895A "proxy-lsi53c895a"
+
+#define LSI_PROXY_DEV(obj) \
+            OBJECT_CHECK(ProxyLSIState, (obj), TYPE_PROXY_LSI53C895A)
+
+typedef struct ProxyLSIState {
+    PCIProxyDev parent_dev;
+
+    MemoryRegion mmio_io;
+    MemoryRegion ram_io;
+    MemoryRegion io_io;
+
+} ProxyLSIState;
+
+#endif
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 20/45] multi-process: Synchronize remote memory

[Jagannathan Raman]

Add memory-listener object which is used to keep the view of the RAM
in sync between QEMU and remote process.
A MemoryListener is registered for system-memory AddressSpace. The
listener sends SYNC_SYSMEM message to the remote process when memory
listener commits the changes to memory, the remote process receives
the message and processes it in the handler for SYNC_SYSMEM message.

Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 v2 -> v3:
   - Refactored code to obtain fd from host address, added
     get_fd_from_hostaddr().
   - Discovered a bug which results in invalid FDs (-1) being
     sent over to the remote process. Fixed this by checking
     if the FD value is valid before sending over to remote.

 Makefile.target                |   1 +
 hw/proxy/memory-sync.c         | 226 +++++++++++++++++++++++++++++++++++++++++
 hw/proxy/qemu-proxy.c          |   5 +
 include/hw/proxy/memory-sync.h |  51 ++++++++++
 include/hw/proxy/qemu-proxy.h  |   2 +
 remote/remote-main.c           |  11 ++
 6 files changed, 296 insertions(+)
 create mode 100644 hw/proxy/memory-sync.c
 create mode 100644 include/hw/proxy/memory-sync.h

diff --git a/Makefile.target b/Makefile.target
index 931ee80..3aa2ac8 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -125,6 +125,7 @@ obj-$(CONFIG_TCG) += fpu/softfloat.o
 obj-y += target/$(TARGET_BASE_ARCH)/
 obj-y += disas.o
 obj-$(call notempty,$(TARGET_XML_FILES)) += gdbstub-xml.o
+obj-$(CONFIG_MPQEMU) += hw/proxy/memory-sync.o
 LIBS := $(libs_cpu) $(LIBS)
 
 remote-pci-tgt-obj-$(CONFIG_MPQEMU) += accel/stubs/kvm-stub.o
diff --git a/hw/proxy/memory-sync.c b/hw/proxy/memory-sync.c
new file mode 100644
index 0000000..5e57784
--- /dev/null
+++ b/hw/proxy/memory-sync.c
@@ -0,0 +1,226 @@
+/*
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "qemu/osdep.h"
+#include "qemu/compiler.h"
+#include "qemu/int128.h"
+#include "qemu/range.h"
+#include "exec/memory.h"
+#include "exec/cpu-common.h"
+#include "cpu.h"
+#include "exec/ram_addr.h"
+#include "exec/address-spaces.h"
+#include "io/proxy-link.h"
+#include "hw/proxy/memory-sync.h"
+
+static const TypeInfo remote_mem_sync_type_info = {
+    .name          = TYPE_MEMORY_LISTENER,
+    .parent        = TYPE_OBJECT,
+    .instance_size = sizeof(RemoteMemSync),
+};
+
+static void remote_mem_sync_register_types(void)
+{
+    type_register_static(&remote_mem_sync_type_info);
+}
+
+type_init(remote_mem_sync_register_types)
+
+static void proxy_ml_begin(MemoryListener *listener)
+{
+    RemoteMemSync *sync = container_of(listener, RemoteMemSync, listener);
+    int mrs;
+
+    for (mrs = 0; mrs < sync->n_mr_sections; mrs++) {
+        memory_region_unref(sync->mr_sections[mrs].mr);
+    }
+
+    g_free(sync->mr_sections);
+    sync->mr_sections = NULL;
+    sync->n_mr_sections = 0;
+}
+
+static int get_fd_from_hostaddr(uint64_t host, ram_addr_t *offset)
+{
+    MemoryRegion *mr;
+    ram_addr_t off;
+
+    mr = memory_region_from_host((void *)(uintptr_t)host, &off);
+
+    if (offset) {
+        *offset = off;
+    }
+
+    return memory_region_get_fd(mr);
+}
+
+static bool proxy_mrs_can_merge(uint64_t host, uint64_t prev_host, size_t size)
+{
+    bool merge;
+    int fd1, fd2;
+
+    fd1 = get_fd_from_hostaddr(host, NULL);
+
+    fd2 = get_fd_from_hostaddr(prev_host, NULL);
+
+    merge = (fd1 == fd2);
+
+    merge &= ((prev_host + size) == host);
+
+    return merge;
+}
+
+static void proxy_ml_region_addnop(MemoryListener *listener,
+                                   MemoryRegionSection *section)
+{
+    RemoteMemSync *sync = container_of(listener, RemoteMemSync, listener);
+    bool need_add = true;
+    uint64_t mrs_size, mrs_gpa, mrs_page;
+    uintptr_t mrs_host;
+    RAMBlock *mrs_rb;
+    MemoryRegionSection *prev_sec;
+
+    if (!(memory_region_is_ram(section->mr) &&
+          !memory_region_is_rom(section->mr))) {
+        return;
+    }
+
+    mrs_rb = section->mr->ram_block;
+    mrs_page = (uint64_t)qemu_ram_pagesize(mrs_rb);
+    mrs_size = int128_get64(section->size);
+    mrs_gpa = section->offset_within_address_space;
+    mrs_host = (uintptr_t)memory_region_get_ram_ptr(section->mr) +
+               section->offset_within_region;
+
+    if (get_fd_from_hostaddr(mrs_host, NULL) <= 0) {
+        return;
+    }
+
+    mrs_host = mrs_host & ~(mrs_page - 1);
+    mrs_gpa = mrs_gpa & ~(mrs_page - 1);
+    mrs_size = ROUND_UP(mrs_size, mrs_page);
+
+    if (sync->n_mr_sections) {
+        prev_sec = sync->mr_sections + (sync->n_mr_sections - 1);
+        uint64_t prev_gpa_start = prev_sec->offset_within_address_space;
+        uint64_t prev_size = int128_get64(prev_sec->size);
+        uint64_t prev_gpa_end   = range_get_last(prev_gpa_start, prev_size);
+        uint64_t prev_host_start =
+            (uintptr_t)memory_region_get_ram_ptr(prev_sec->mr) +
+            prev_sec->offset_within_region;
+        uint64_t prev_host_end = range_get_last(prev_host_start, prev_size);
+
+        if (mrs_gpa <= (prev_gpa_end + 1)) {
+            if (mrs_gpa < prev_gpa_start) {
+                assert(0);
+            }
+
+            if ((section->mr == prev_sec->mr) &&
+                proxy_mrs_can_merge(mrs_host, prev_host_start,
+                                    (mrs_gpa - prev_gpa_start))) {
+                uint64_t max_end = MAX(prev_host_end, mrs_host + mrs_size);
+                need_add = false;
+                prev_sec->offset_within_address_space =
+                    MIN(prev_gpa_start, mrs_gpa);
+                prev_sec->offset_within_region =
+                    MIN(prev_host_start, mrs_host) -
+                    (uintptr_t)memory_region_get_ram_ptr(prev_sec->mr);
+                prev_sec->size = int128_make64(max_end - MIN(prev_host_start,
+                                                             mrs_host));
+            }
+        }
+    }
+
+    if (need_add) {
+        ++sync->n_mr_sections;
+        sync->mr_sections = g_renew(MemoryRegionSection, sync->mr_sections,
+                                    sync->n_mr_sections);
+        sync->mr_sections[sync->n_mr_sections - 1] = *section;
+        sync->mr_sections[sync->n_mr_sections - 1].fv = NULL;
+        memory_region_ref(section->mr);
+    }
+}
+
+static void proxy_ml_commit(MemoryListener *listener)
+{
+    RemoteMemSync *sync = container_of(listener, RemoteMemSync, listener);
+    ProcMsg msg;
+    MemoryRegionSection section;
+    ram_addr_t offset;
+    uintptr_t host_addr;
+    int region;
+
+    memset(&msg, 0, sizeof(ProcMsg));
+
+    msg.cmd = SYNC_SYSMEM;
+    msg.bytestream = 0;
+    msg.num_fds = sync->n_mr_sections;
+    msg.size = sizeof(msg.data1);
+    assert(msg.num_fds <= REMOTE_MAX_FDS);
+
+    for (region = 0; region < sync->n_mr_sections; region++) {
+        section = sync->mr_sections[region];
+        msg.data1.sync_sysmem.gpas[region] =
+            section.offset_within_address_space;
+        msg.data1.sync_sysmem.sizes[region] = int128_get64(section.size);
+        host_addr = (uintptr_t)memory_region_get_ram_ptr(section.mr) +
+                    section.offset_within_region;
+        msg.fds[region] = get_fd_from_hostaddr(host_addr, &offset);
+        msg.data1.sync_sysmem.offsets[region] = offset;
+    }
+    proxy_proc_send(sync->proxy_link, &msg, sync->proxy_link->com);
+}
+
+void deconfigure_memory_sync(RemoteMemSync *sync)
+{
+    memory_listener_unregister(&sync->listener);
+}
+
+/*
+ * TODO: Memory Sync need not be instantianted once per every proxy device.
+ *       All remote devices are going to get the exact same updates at the
+ *       same time. It therefore makes sense to have a broadcast model.
+ *
+ *       Broadcast model would involve running the MemorySync object in a
+ *       thread. MemorySync would contain a list of proxy_link objects
+ *       that need notification. proxy_ml_commit() could send the same
+ *       message to all the links at the same time.
+ */
+void configure_memory_sync(RemoteMemSync *sync, ProxyLinkState *proxy_link)
+{
+    sync->n_mr_sections = 0;
+    sync->mr_sections = NULL;
+
+    sync->proxy_link = proxy_link;
+
+    sync->listener.begin = proxy_ml_begin;
+    sync->listener.commit = proxy_ml_commit;
+    sync->listener.region_add = proxy_ml_region_addnop;
+    sync->listener.region_nop = proxy_ml_region_addnop;
+    sync->listener.priority = 10;
+
+    memory_listener_register(&sync->listener, &address_space_memory);
+}
diff --git a/hw/proxy/qemu-proxy.c b/hw/proxy/qemu-proxy.c
index 789f39a..158d8d7 100644
--- a/hw/proxy/qemu-proxy.c
+++ b/hw/proxy/qemu-proxy.c
@@ -42,6 +42,8 @@
 #include "qapi/qmp/qstring.h"
 #include "sysemu/sysemu.h"
 #include "hw/proxy/qemu-proxy.h"
+#include "hw/proxy/memory-sync.h"
+#include "qom/object.h"
 
 static void pci_proxy_dev_realize(PCIDevice *dev, Error **errp);
 
@@ -277,6 +279,8 @@ static void init_proxy(PCIDevice *dev, char *command, bool need_spawn, Error **e
 
     proxy_link_init_channel(pdev->proxy_link, &pdev->proxy_link->com,
                             pdev->socket);
+
+    configure_memory_sync(pdev->sync, pdev->proxy_link);
 }
 
 static void pci_proxy_dev_realize(PCIDevice *device, Error **errp)
@@ -295,6 +299,7 @@ static void pci_proxy_dev_realize(PCIDevice *device, Error **errp)
     dev->set_proxy_sock = set_proxy_sock;
     dev->get_proxy_sock = get_proxy_sock;
     dev->init_proxy = init_proxy;
+    dev->sync = REMOTE_MEM_SYNC(object_new(TYPE_MEMORY_LISTENER));
 }
 
 static void send_bar_access_msg(PCIProxyDev *dev, MemoryRegion *mr,
diff --git a/include/hw/proxy/memory-sync.h b/include/hw/proxy/memory-sync.h
new file mode 100644
index 0000000..56d7268
--- /dev/null
+++ b/include/hw/proxy/memory-sync.h
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef MEMORY_SYNC_H
+#define MEMORY_SYNC_H
+
+#include <sys/types.h>
+
+#include "qemu/osdep.h"
+#include "qom/object.h"
+#include "exec/memory.h"
+#include "io/proxy-link.h"
+
+#define TYPE_MEMORY_LISTENER "memory-listener"
+#define REMOTE_MEM_SYNC(obj) \
+            OBJECT_CHECK(RemoteMemSync, (obj), TYPE_MEMORY_LISTENER)
+
+typedef struct RemoteMemSync {
+    Object obj;
+
+    MemoryListener listener;
+
+    int n_mr_sections;
+    MemoryRegionSection *mr_sections;
+
+    ProxyLinkState *proxy_link;
+} RemoteMemSync;
+
+void configure_memory_sync(RemoteMemSync *sync, ProxyLinkState *proxy_link);
+void deconfigure_memory_sync(RemoteMemSync *sync);
+
+#endif
diff --git a/include/hw/proxy/qemu-proxy.h b/include/hw/proxy/qemu-proxy.h
index a951570..cf8e006 100644
--- a/include/hw/proxy/qemu-proxy.h
+++ b/include/hw/proxy/qemu-proxy.h
@@ -24,6 +24,7 @@
 #define QEMU_PROXY_H
 
 #include "io/proxy-link.h"
+#include "hw/proxy/memory-sync.h"
 
 #define TYPE_PCI_PROXY_DEV "pci-proxy-dev"
 
@@ -44,6 +45,7 @@ typedef struct PCIProxyDev {
 
     ProxyLinkState *proxy_link;
 
+    RemoteMemSync *sync;
     EventNotifier intr;
     EventNotifier resample;
 
diff --git a/remote/remote-main.c b/remote/remote-main.c
index 43fe50a..bf2a77c 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -46,6 +46,7 @@
 #include "sysemu/sysemu.h"
 #include "block/block.h"
 #include "exec/memattrs.h"
+#include "exec/address-spaces.h"
 
 static ProxyLinkState *proxy_link;
 PCIDevice *remote_pci_dev;
@@ -174,6 +175,16 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
             goto finalize_loop;
         }
         break;
+    case SYNC_SYSMEM:
+        /*
+         * TODO: ensure no active DMA is happening when
+         * sysmem is being updated
+         */
+        remote_sysmem_reconfig(msg, &err);
+        if (err) {
+            goto finalize_loop;
+        }
+        break;
     default:
         error_setg(&err, "Unknown command");
         goto finalize_loop;
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 21/45] multi-process: create IOHUB object to handle irq

[Jagannathan Raman]

IOHUB object is added to manage PCI IRQs. It uses KVM_IRQFD
ioctl to create irqfd to injecting PCI interrupts to the guest.
IOHUB object forwards the irqfd to the remote process. Remote process
uses this fd to directly send interrupts to the guest, bypassing QEMU.

Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 Makefile.target               |   1 +
 hw/proxy/Makefile.objs        |   1 -
 hw/proxy/qemu-proxy.c         |  64 +++++++++++++++++
 include/hw/pci/pci_ids.h      |   3 +
 include/hw/proxy/qemu-proxy.h |   5 ++
 include/io/proxy-link.h       |   8 +++
 include/remote/iohub.h        |  63 +++++++++++++++++
 include/remote/machine.h      |   2 +
 remote/Makefile.objs          |   1 +
 remote/iohub.c                | 159 ++++++++++++++++++++++++++++++++++++++++++
 remote/machine.c              |  15 ++++
 remote/remote-main.c          |   4 ++
 12 files changed, 325 insertions(+), 1 deletion(-)
 create mode 100644 include/remote/iohub.h
 create mode 100644 remote/iohub.c

diff --git a/Makefile.target b/Makefile.target
index 3aa2ac8..a0c00c6 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -126,6 +126,7 @@ obj-y += target/$(TARGET_BASE_ARCH)/
 obj-y += disas.o
 obj-$(call notempty,$(TARGET_XML_FILES)) += gdbstub-xml.o
 obj-$(CONFIG_MPQEMU) += hw/proxy/memory-sync.o
+obj-$(CONFIG_MPQEMU) += hw/proxy/qemu-proxy.o
 LIBS := $(libs_cpu) $(LIBS)
 
 remote-pci-tgt-obj-$(CONFIG_MPQEMU) += accel/stubs/kvm-stub.o
diff --git a/hw/proxy/Makefile.objs b/hw/proxy/Makefile.objs
index f562f5a..ca89109 100644
--- a/hw/proxy/Makefile.objs
+++ b/hw/proxy/Makefile.objs
@@ -1,2 +1 @@
-common-obj-$(CONFIG_MPQEMU) += qemu-proxy.o
 common-obj-$(CONFIG_MPQEMU) += proxy-lsi53c895a.o
diff --git a/hw/proxy/qemu-proxy.c b/hw/proxy/qemu-proxy.c
index 158d8d7..f92d29a 100644
--- a/hw/proxy/qemu-proxy.c
+++ b/hw/proxy/qemu-proxy.c
@@ -27,6 +27,9 @@
 #include <unistd.h>
 #include <assert.h>
 #include <string.h>
+#include <linux/kvm.h>
+#include <errno.h>
+
 #include "qemu/osdep.h"
 #include "qapi/error.h"
 #include "io/proxy-link.h"
@@ -44,6 +47,9 @@
 #include "hw/proxy/qemu-proxy.h"
 #include "hw/proxy/memory-sync.h"
 #include "qom/object.h"
+#include "qemu/event_notifier.h"
+#include "sysemu/kvm.h"
+#include "util/event_notifier-posix.c"
 
 static void pci_proxy_dev_realize(PCIDevice *dev, Error **errp);
 
@@ -251,6 +257,63 @@ static void pci_proxy_dev_register_types(void)
 
 type_init(pci_proxy_dev_register_types)
 
+static void proxy_intx_update(PCIDevice *pci_dev)
+{
+    PCIProxyDev *dev = PCI_PROXY_DEV(pci_dev);
+    PCIINTxRoute route;
+    int pin = pci_get_byte(pci_dev->config + PCI_INTERRUPT_PIN) - 1;
+
+    if (dev->irqfd.fd) {
+        dev->irqfd.flags = KVM_IRQFD_FLAG_DEASSIGN;
+        (void) kvm_vm_ioctl(kvm_state, KVM_IRQFD, &dev->irqfd);
+        memset(&dev->irqfd, 0, sizeof(struct kvm_irqfd));
+    }
+
+    route = pci_device_route_intx_to_irq(pci_dev, pin);
+
+    dev->irqfd.fd = event_notifier_get_fd(&dev->intr);
+    dev->irqfd.resamplefd = event_notifier_get_fd(&dev->resample);
+    dev->irqfd.gsi = route.irq;
+    dev->irqfd.flags |= KVM_IRQFD_FLAG_RESAMPLE;
+    (void) kvm_vm_ioctl(kvm_state, KVM_IRQFD, &dev->irqfd);
+}
+
+static void setup_irqfd(PCIProxyDev *dev)
+{
+    PCIDevice *pci_dev = PCI_DEVICE(dev);
+    ProcMsg msg;
+
+    if (!dev->dev_id) {
+        fprintf(stderr, "Cannot setup IRQFD. No dev_id\n");
+        return;
+    }
+
+    event_notifier_init(&dev->intr, 0);
+    event_notifier_init(&dev->resample, 0);
+
+    memset(&msg, 0, sizeof(ProcMsg));
+    msg.cmd = SET_IRQFD;
+    msg.num_fds = 2;
+    msg.fds[0] = event_notifier_get_fd(&dev->intr);
+    msg.fds[1] = event_notifier_get_fd(&dev->resample);
+    msg.data1.set_irqfd.intx =
+        pci_get_byte(pci_dev->config + PCI_INTERRUPT_PIN) - 1;
+    msg.size = sizeof(msg.data1);
+
+    if (dev->dev_id) {
+        msg.id = (uint8_t *)dev->dev_id;
+        msg.size_id = strlen((char *)dev->dev_id) + 1;
+    }
+
+    proxy_proc_send(dev->proxy_link, &msg, dev->proxy_link->com);
+
+    memset(&dev->irqfd, 0, sizeof(struct kvm_irqfd));
+
+    proxy_intx_update(pci_dev);
+
+    pci_device_set_intx_routing_notifier(pci_dev, proxy_intx_update);
+}
+
 static void init_proxy(PCIDevice *dev, char *command, bool need_spawn, Error **errp)
 {
     PCIProxyDev *pdev = PCI_PROXY_DEV(dev);
@@ -281,6 +344,7 @@ static void init_proxy(PCIDevice *dev, char *command, bool need_spawn, Error **e
                             pdev->socket);
 
     configure_memory_sync(pdev->sync, pdev->proxy_link);
+    setup_irqfd(pdev);
 }
 
 static void pci_proxy_dev_realize(PCIDevice *device, Error **errp)
diff --git a/include/hw/pci/pci_ids.h b/include/hw/pci/pci_ids.h
index 0abe27a..9cc5e28 100644
--- a/include/hw/pci/pci_ids.h
+++ b/include/hw/pci/pci_ids.h
@@ -191,6 +191,9 @@
 #define PCI_DEVICE_ID_SUN_SIMBA          0x5000
 #define PCI_DEVICE_ID_SUN_SABRE          0xa000
 
+#define PCI_VENDOR_ID_ORACLE             0x108e
+#define PCI_DEVICE_ID_REMOTE_IOHUB       0xb000
+
 #define PCI_VENDOR_ID_CMD                0x1095
 #define PCI_DEVICE_ID_CMD_646            0x0646
 
diff --git a/include/hw/proxy/qemu-proxy.h b/include/hw/proxy/qemu-proxy.h
index cf8e006..e73835e 100644
--- a/include/hw/proxy/qemu-proxy.h
+++ b/include/hw/proxy/qemu-proxy.h
@@ -23,8 +23,11 @@
 #ifndef QEMU_PROXY_H
 #define QEMU_PROXY_H
 
+#include <linux/kvm.h>
+
 #include "io/proxy-link.h"
 #include "hw/proxy/memory-sync.h"
+#include "qemu/event_notifier.h"
 
 #define TYPE_PCI_PROXY_DEV "pci-proxy-dev"
 
@@ -46,6 +49,8 @@ typedef struct PCIProxyDev {
     ProxyLinkState *proxy_link;
 
     RemoteMemSync *sync;
+    struct kvm_irqfd irqfd;
+
     EventNotifier intr;
     EventNotifier resample;
 
diff --git a/include/io/proxy-link.h b/include/io/proxy-link.h
index 2c290b2..e70bf50 100644
--- a/include/io/proxy-link.h
+++ b/include/io/proxy-link.h
@@ -58,6 +58,8 @@ typedef struct ProxyLinkState ProxyLinkState;
  * SYNC_SYSMEM      Shares QEMU's RAM with remote device's RAM
  * BAR_WRITE        Writes to PCI BAR region
  * BAR_READ         Reads from PCI BAR region
+ * SET_IRQFD        Sets the IRQFD to be used to raise interrupts directly
+ *                  from remote device
  *
  */
 typedef enum {
@@ -67,6 +69,7 @@ typedef enum {
     SYNC_SYSMEM,
     BAR_WRITE,
     BAR_READ,
+    SET_IRQFD,
     MAX,
 } proc_cmd_t;
 
@@ -96,6 +99,10 @@ typedef struct {
 } bar_access_msg_t;
 
 typedef struct {
+    int intx;
+} set_irqfd_msg_t;
+
+typedef struct {
     proc_cmd_t cmd;
     int bytestream;
     size_t size;
@@ -105,6 +112,7 @@ typedef struct {
         uint64_t u64;
         sync_sysmem_msg_t sync_sysmem;
         bar_access_msg_t bar_access;
+        set_irqfd_msg_t set_irqfd;
     } data1;
 
     int fds[REMOTE_MAX_FDS];
diff --git a/include/remote/iohub.h b/include/remote/iohub.h
new file mode 100644
index 0000000..0a799d6
--- /dev/null
+++ b/include/remote/iohub.h
@@ -0,0 +1,63 @@
+/*
+ * IO Hub for remote device
+ *
+ * Copyright 2019, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef REMOTE_IOHUB_H
+#define REMOTE_IOHUB_H
+
+#include <sys/types.h>
+
+#include "qemu/osdep.h"
+#include "hw/pci/pci.h"
+#include "qemu/event_notifier.h"
+#include "qemu/thread-posix.h"
+#include "io/proxy-link.h"
+
+#define REMOTE_IOHUB_NB_PIRQS    8
+
+#define REMOTE_IOHUB_DEV         31
+#define REMOTE_IOHUB_FUNC        0
+
+#define TYPE_REMOTE_IOHUB_DEVICE "remote-iohub"
+#define REMOTE_IOHUB_DEVICE(obj) \
+    OBJECT_CHECK(RemoteIOHubState, (obj), TYPE_REMOTE_IOHUB_DEVICE)
+
+typedef struct RemoteIOHubState {
+    PCIDevice d;
+    uint8_t irq_num[PCI_SLOT_MAX][PCI_NUM_PINS];
+    EventNotifier irqfds[REMOTE_IOHUB_NB_PIRQS];
+    EventNotifier resamplefds[REMOTE_IOHUB_NB_PIRQS];
+    unsigned int irq_level[REMOTE_IOHUB_NB_PIRQS];
+    QemuMutex irq_level_lock[REMOTE_IOHUB_NB_PIRQS];
+} RemoteIOHubState;
+
+typedef struct ResampleToken {
+    RemoteIOHubState *iohub;
+    int pirq;
+} ResampleToken;
+
+int remote_iohub_map_irq(PCIDevice *pci_dev, int intx);
+void remote_iohub_set_irq(void *opaque, int pirq, int level);
+void process_set_irqfd_msg(PCIDevice *pci_dev, ProcMsg *msg);
+
+#endif
diff --git a/include/remote/machine.h b/include/remote/machine.h
index a00732d..0a16cc6 100644
--- a/include/remote/machine.h
+++ b/include/remote/machine.h
@@ -30,11 +30,13 @@
 #include "hw/boards.h"
 #include "remote/pcihost.h"
 #include "qemu/notify.h"
+#include "remote/iohub.h"
 
 typedef struct RemMachineState {
     MachineState parent_obj;
 
     RemPCIHost *host;
+    RemoteIOHubState *iohub;
 } RemMachineState;
 
 #define TYPE_REMOTE_MACHINE "remote-machine"
diff --git a/remote/Makefile.objs b/remote/Makefile.objs
index 13d4c48..cbb3065 100644
--- a/remote/Makefile.objs
+++ b/remote/Makefile.objs
@@ -1,3 +1,4 @@
 remote-pci-obj-$(CONFIG_MPQEMU) += remote-main.o
 remote-pci-obj-$(CONFIG_MPQEMU) += pcihost.o
 remote-pci-obj-$(CONFIG_MPQEMU) += machine.o
+remote-pci-obj-$(CONFIG_MPQEMU) += iohub.o
diff --git a/remote/iohub.c b/remote/iohub.c
new file mode 100644
index 0000000..c292269
--- /dev/null
+++ b/remote/iohub.c
@@ -0,0 +1,159 @@
+/*
+ * Remote IO Hub
+ *
+ * Copyright 2019, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <sys/types.h>
+
+#include "qemu/osdep.h"
+#include "hw/pci/pci.h"
+#include "hw/pci/pci_ids.h"
+#include "hw/pci/pci_bus.h"
+#include "remote/iohub.h"
+#include "qemu/thread.h"
+#include "hw/boards.h"
+#include "remote/machine.h"
+#include "qemu/main-loop.h"
+
+static void remote_iohub_initfn(Object *obj)
+{
+    RemoteIOHubState *iohub = REMOTE_IOHUB_DEVICE(obj);
+    int slot, intx, pirq;
+
+    memset(&iohub->irqfds, 0, sizeof(iohub->irqfds));
+    memset(&iohub->resamplefds, 0, sizeof(iohub->resamplefds));
+
+    for (slot = 0; slot < PCI_SLOT_MAX; slot++) {
+        for (intx = 0; intx < PCI_NUM_PINS; intx++) {
+            iohub->irq_num[slot][intx] = (slot + intx) % 4 + 4;
+        }
+    }
+
+    for (pirq = 0; pirq < REMOTE_IOHUB_NB_PIRQS; pirq++) {
+        qemu_mutex_init(&iohub->irq_level_lock[pirq]);
+        iohub->irq_level[pirq] = 0;
+    }
+}
+
+static void remote_iohub_class_init(ObjectClass *klass, void *data)
+{
+    PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
+    k->vendor_id = PCI_VENDOR_ID_ORACLE;
+    k->device_id = PCI_DEVICE_ID_REMOTE_IOHUB;
+}
+
+static const TypeInfo remote_iohub_info = {
+    .name       = TYPE_REMOTE_IOHUB_DEVICE,
+    .parent     = TYPE_PCI_DEVICE,
+    .instance_size = sizeof(RemoteIOHubState),
+    .instance_init = remote_iohub_initfn,
+    .class_init  = remote_iohub_class_init,
+    .interfaces = (InterfaceInfo[]) {
+        { INTERFACE_CONVENTIONAL_PCI_DEVICE },
+        { }
+    }
+};
+
+static void remote_iohub_register(void)
+{
+    type_register_static(&remote_iohub_info);
+}
+
+type_init(remote_iohub_register);
+
+int remote_iohub_map_irq(PCIDevice *pci_dev, int intx)
+{
+    BusState *bus = qdev_get_parent_bus(&pci_dev->qdev);
+    PCIBus *pci_bus = PCI_BUS(bus);
+    PCIDevice *pci_iohub =
+        pci_bus->devices[PCI_DEVFN(REMOTE_IOHUB_DEV, REMOTE_IOHUB_FUNC)];
+    RemoteIOHubState *iohub = REMOTE_IOHUB_DEVICE(pci_iohub);
+
+    return iohub->irq_num[PCI_SLOT(pci_dev->devfn)][intx];
+}
+
+/*
+ * TODO: Using lock to set the interrupt level could become a
+ *       performance bottleneck. Check if atomic arithmetic
+ *       is possible.
+ */
+void remote_iohub_set_irq(void *opaque, int pirq, int level)
+{
+    RemoteIOHubState *iohub = opaque;
+
+    assert(pirq >= 0);
+    assert(pirq < REMOTE_IOHUB_NB_PIRQS);
+
+    qemu_mutex_lock(&iohub->irq_level_lock[pirq]);
+
+    if (level) {
+        if (++iohub->irq_level[pirq] == 1) {
+            event_notifier_set(&iohub->irqfds[pirq]);
+        }
+    } else if (iohub->irq_level[pirq] > 0) {
+        iohub->irq_level[pirq]--;
+    }
+
+    qemu_mutex_unlock(&iohub->irq_level_lock[pirq]);
+}
+
+static void intr_resample_handler(void *opaque)
+{
+    ResampleToken *token = opaque;
+    RemoteIOHubState *iohub = token->iohub;
+    uint64_t val;
+    int pirq, s;
+
+    pirq = token->pirq;
+
+    s = read(event_notifier_get_fd(&iohub->resamplefds[pirq]), &val,
+             sizeof(uint64_t));
+
+    assert(s >= 0);
+
+    qemu_mutex_lock(&iohub->irq_level_lock[pirq]);
+
+    if (iohub->irq_level[pirq]) {
+        event_notifier_set(&iohub->irqfds[pirq]);
+    }
+
+    qemu_mutex_unlock(&iohub->irq_level_lock[pirq]);
+}
+
+void process_set_irqfd_msg(PCIDevice *pci_dev, ProcMsg *msg)
+{
+    RemMachineState *machine = REMOTE_MACHINE(current_machine);
+    RemoteIOHubState *iohub = machine->iohub;
+    ResampleToken *token;
+    int pirq = remote_iohub_map_irq(pci_dev, msg->data1.set_irqfd.intx);
+
+    assert(msg->num_fds == 2);
+
+    event_notifier_init_fd(&iohub->irqfds[pirq], msg->fds[0]);
+    event_notifier_init_fd(&iohub->resamplefds[pirq], msg->fds[1]);
+
+    token = g_malloc0(sizeof(ResampleToken));
+    token->iohub = iohub;
+    token->pirq = pirq;
+
+    qemu_set_fd_handler(msg->fds[1], intr_resample_handler, NULL, token);
+}
diff --git a/remote/machine.c b/remote/machine.c
index 4ce197d..5b03167 100644
--- a/remote/machine.c
+++ b/remote/machine.c
@@ -40,6 +40,8 @@
 #include "qemu-common.h"
 #include "sysemu/sysemu.h"
 #include "qemu/notify.h"
+#include "hw/pci/pci_host.h"
+#include "remote/iohub.h"
 
 static NotifierList machine_init_done_notifiers =
     NOTIFIER_LIST_INITIALIZER(machine_init_done_notifiers);
@@ -70,6 +72,8 @@ static void remote_machine_init(Object *obj)
     RemMachineState *s = REMOTE_MACHINE(obj);
     RemPCIHost *rem_host;
     MemoryRegion *system_memory, *system_io, *pci_memory;
+    PCIHostState *pci_host;
+    PCIDevice *pci_dev;
 
     Error *error_abort = NULL;
 
@@ -101,6 +105,17 @@ static void remote_machine_init(Object *obj)
     qemu_mutex_unlock_iothread();
 
     qdev_init_nofail(DEVICE(rem_host));
+
+    pci_host = PCI_HOST_BRIDGE(rem_host);
+    pci_dev = pci_create_simple_multifunction(pci_host->bus,
+                                              PCI_DEVFN(REMOTE_IOHUB_DEV,
+                                                        REMOTE_IOHUB_FUNC),
+                                              true, TYPE_REMOTE_IOHUB_DEVICE);
+
+    s->iohub = REMOTE_IOHUB_DEVICE(pci_dev);
+
+    pci_bus_irqs(pci_host->bus, remote_iohub_set_irq, remote_iohub_map_irq,
+                 s->iohub, REMOTE_IOHUB_NB_PIRQS);
 }
 
 static const TypeInfo remote_machine = {
diff --git a/remote/remote-main.c b/remote/remote-main.c
index bf2a77c..8af284e 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -47,6 +47,7 @@
 #include "block/block.h"
 #include "exec/memattrs.h"
 #include "exec/address-spaces.h"
+#include "remote/iohub.h"
 
 static ProxyLinkState *proxy_link;
 PCIDevice *remote_pci_dev;
@@ -185,6 +186,9 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
             goto finalize_loop;
         }
         break;
+    case SET_IRQFD:
+        process_set_irqfd_msg(remote_pci_dev, msg);
+        break;
     default:
         error_setg(&err, "Unknown command");
         goto finalize_loop;
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 22/45] multi-process: configure remote side devices

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Add functions to configure remote devices.

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
---
 hw/proxy/qemu-proxy.c         | 43 ++++++++++++++++++++++++++++++++++++++++++-
 include/hw/proxy/qemu-proxy.h |  2 ++
 include/io/proxy-link.h       |  4 ++++
 3 files changed, 48 insertions(+), 1 deletion(-)

diff --git a/hw/proxy/qemu-proxy.c b/hw/proxy/qemu-proxy.c
index f92d29a..dea6784 100644
--- a/hw/proxy/qemu-proxy.c
+++ b/hw/proxy/qemu-proxy.c
@@ -50,8 +50,47 @@
 #include "qemu/event_notifier.h"
 #include "sysemu/kvm.h"
 #include "util/event_notifier-posix.c"
+#include "hw/boards.h"
+#include "include/qemu/log.h"
 
 static void pci_proxy_dev_realize(PCIDevice *dev, Error **errp);
+static void setup_irqfd(PCIProxyDev *dev);
+
+static void proxy_ready(PCIDevice *dev)
+{
+    PCIProxyDev *pdev = PCI_PROXY_DEV(dev);
+
+    setup_irqfd(pdev);
+}
+
+static void set_remote_opts(PCIDevice *dev, QDict *qdict, unsigned int cmd)
+{
+    QString *qstr;
+    ProcMsg msg;
+    const char *str;
+    PCIProxyDev *pdev;
+
+    pdev = PCI_PROXY_DEV(dev);
+
+    qstr = qobject_to_json(QOBJECT(qdict));
+    str = qstring_get_str(qstr);
+
+    memset(&msg, 0, sizeof(ProcMsg));
+
+    msg.data2 = (uint8_t *)str;
+    msg.cmd = cmd;
+    msg.bytestream = 1;
+    msg.size = qstring_get_length(qstr) + 1;
+    msg.num_fds = 0;
+    if (pdev->dev_id) {
+        msg.id = (uint8_t *)pdev->dev_id;
+        msg.size_id = strlen((char *)pdev->dev_id) + 1;
+    }
+
+    proxy_proc_send(pdev->proxy_link, &msg, pdev->proxy_link->com);
+
+    return;
+}
 
 static int add_argv(char *command_str, char **argv, int argc)
 {
@@ -344,7 +383,6 @@ static void init_proxy(PCIDevice *dev, char *command, bool need_spawn, Error **e
                             pdev->socket);
 
     configure_memory_sync(pdev->sync, pdev->proxy_link);
-    setup_irqfd(pdev);
 }
 
 static void pci_proxy_dev_realize(PCIDevice *device, Error **errp)
@@ -364,6 +402,9 @@ static void pci_proxy_dev_realize(PCIDevice *device, Error **errp)
     dev->get_proxy_sock = get_proxy_sock;
     dev->init_proxy = init_proxy;
     dev->sync = REMOTE_MEM_SYNC(object_new(TYPE_MEMORY_LISTENER));
+
+    dev->set_remote_opts = set_remote_opts;
+    dev->proxy_ready = proxy_ready;
 }
 
 static void send_bar_access_msg(PCIProxyDev *dev, MemoryRegion *mr,
diff --git a/include/hw/proxy/qemu-proxy.h b/include/hw/proxy/qemu-proxy.h
index e73835e..4312f9e 100644
--- a/include/hw/proxy/qemu-proxy.h
+++ b/include/hw/proxy/qemu-proxy.h
@@ -28,6 +28,8 @@
 #include "io/proxy-link.h"
 #include "hw/proxy/memory-sync.h"
 #include "qemu/event_notifier.h"
+#include "hw/pci/pci.h"
+#include "block/qdict.h"
 
 #define TYPE_PCI_PROXY_DEV "pci-proxy-dev"
 
diff --git a/include/io/proxy-link.h b/include/io/proxy-link.h
index e70bf50..13fb312 100644
--- a/include/io/proxy-link.h
+++ b/include/io/proxy-link.h
@@ -70,6 +70,10 @@ typedef enum {
     BAR_WRITE,
     BAR_READ,
     SET_IRQFD,
+    DEV_OPTS,
+    DRIVE_OPTS,
+    DEVICE_ADD,
+    DEVICE_DEL,
     MAX,
 } proc_cmd_t;
 
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 23/45] multi-process: add qdev_proxy_add to create proxy devices

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

This is handled while parsing the command line options.
The parsed options are being sent to remote process
as the messgaes containing JSON strings.

Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 v1 -> v2:
   - parse socket and command suboptions of drive/device commands

 hw/proxy/qemu-proxy.c         |   3 +-
 include/hw/proxy/qemu-proxy.h |   7 ++
 include/monitor/qdev.h        |  24 ++++
 qdev-monitor.c                | 254 ++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 287 insertions(+), 1 deletion(-)

diff --git a/hw/proxy/qemu-proxy.c b/hw/proxy/qemu-proxy.c
index dea6784..61808c5 100644
--- a/hw/proxy/qemu-proxy.c
+++ b/hw/proxy/qemu-proxy.c
@@ -360,7 +360,8 @@ static void init_proxy(PCIDevice *dev, char *command, bool need_spawn, Error **e
 
     if (!pdev->managed) {
         if (need_spawn) {
-            if (!remote_spawn(pdev, command, &local_error)) {
+            if (remote_spawn(pdev, command, &local_error)) {
+                fprintf(stderr, "remote spawn failed\n");
                 return;
             }
         }
diff --git a/include/hw/proxy/qemu-proxy.h b/include/hw/proxy/qemu-proxy.h
index 4312f9e..fb408cf 100644
--- a/include/hw/proxy/qemu-proxy.h
+++ b/include/hw/proxy/qemu-proxy.h
@@ -86,6 +86,13 @@ typedef struct PCIProxyDevClass {
 
 int remote_spawn(PCIProxyDev *pdev, const char *command, Error **errp);
 
+typedef struct PCIProxyDevList {
+    QLIST_HEAD(, PCIProxyDev) devices;
+} proxy_dev_list_t;
+
+extern QemuMutex proxy_list_lock;
+extern proxy_dev_list_t proxy_dev_list;
+
 void proxy_default_bar_write(PCIProxyDev *dev, MemoryRegion *mr, hwaddr addr,
                              uint64_t val, unsigned size, bool memory);
 
diff --git a/include/monitor/qdev.h b/include/monitor/qdev.h
index 084799e..6b5020e 100644
--- a/include/monitor/qdev.h
+++ b/include/monitor/qdev.h
@@ -2,6 +2,7 @@
 #define MONITOR_QDEV_H
 
 #include "hw/qdev-core.h"
+#include "hw/proxy/qemu-proxy.h"
 
 /*** monitor commands ***/
 
@@ -9,7 +10,30 @@ void hmp_info_qtree(Monitor *mon, const QDict *qdict);
 void hmp_info_qdm(Monitor *mon, const QDict *qdict);
 void qmp_device_add(QDict *qdict, QObject **ret_data, Error **errp);
 
+DeviceState *qdev_remote_add(QemuOpts *opts, bool device, Error **errp);
+void qdev_proxy_fire(void);
+
 int qdev_device_help(QemuOpts *opts);
+DeviceState *qdev_proxy_add(const char *rid, const char *id, char *bus,
+                            char *command, int rsocket, bool managed,
+                            Error **errp);
+
+struct remote_process {
+    int rid;
+    int remote_pid;
+    unsigned int type;
+    int socket;
+    char *command;
+    QemuOpts *opts;
+
+    QLIST_ENTRY(remote_process) next;
+};
+
+void remote_process_register(struct remote_process *p);
+
+struct remote_process *get_remote_process_type(unsigned int type);
+struct remote_process *get_remote_process_rid(unsigned int rid);
+
 DeviceState *qdev_device_add(QemuOpts *opts, Error **errp);
 void qdev_set_id(DeviceState *dev, const char *id);
 
diff --git a/qdev-monitor.c b/qdev-monitor.c
index 58222c2..d6f7572 100644
--- a/qdev-monitor.c
+++ b/qdev-monitor.c
@@ -34,6 +34,17 @@
 #include "qemu/qemu-print.h"
 #include "sysemu/block-backend.h"
 #include "migration/misc.h"
+#include "hw/boards.h"
+#include "hw/proxy/qemu-proxy.h"
+#include "qapi/qmp/qjson.h"
+#include "qapi/qmp/qstring.h"
+#include "sysemu/sysemu.h"
+#include "hw/proxy/proxy-lsi53c895a.h"
+#include "include/qemu/cutils.h"
+#include "include/qemu/log.h"
+#include "qapi/qmp/qlist.h"
+#include "hw/proxy/qemu-proxy.h"
+#include "io/proxy-link.h"
 
 /*
  * Aliases were a bad idea from the start.  Let's keep them
@@ -46,6 +57,8 @@ typedef struct QDevAlias
     uint32_t arch_mask;
 } QDevAlias;
 
+proxy_dev_list_t proxy_dev_list;
+QemuMutex proxy_list_lock;
 /* Please keep this table sorted by typename. */
 static const QDevAlias qdev_alias_table[] = {
     { "e1000", "e1000-82540em" },
@@ -561,6 +574,247 @@ void qdev_set_id(DeviceState *dev, const char *id)
     }
 }
 
+static QLIST_HEAD(, remote_process) remote_processes;
+
+void remote_process_register(struct remote_process *p)
+{
+    QLIST_INSERT_HEAD(&remote_processes, p, next);
+}
+
+struct remote_process *get_remote_process_rid(unsigned int rid)
+{
+    struct remote_process *p;
+
+    QLIST_FOREACH(p, &remote_processes, next) {
+        if (rid == p->rid) {
+            return p;
+        }
+    }
+    return NULL;
+}
+
+struct remote_process *get_remote_process_type(unsigned int type)
+{
+    struct remote_process *p;
+
+    QLIST_FOREACH(p, &remote_processes, next) {
+        if (type == p->type) {
+            return p;
+        }
+    }
+    return NULL;
+}
+
+#if defined(CONFIG_MPQEMU)
+
+static PCIProxyDev *get_proxy_object_rid(const char *rid)
+{
+    PCIProxyDev *entry;
+    if (!proxy_list_lock.initialized) {
+        QLIST_INIT(&proxy_dev_list.devices);
+        qemu_mutex_init(&proxy_list_lock);
+    }
+
+    qemu_mutex_lock(&proxy_list_lock);
+    QLIST_FOREACH(entry, &proxy_dev_list.devices, next) {
+        if (strncmp(entry->rid, rid, strlen(entry->rid)) == 0) {
+            qemu_mutex_unlock(&proxy_list_lock);
+            return entry;
+        }
+    }
+    qemu_mutex_unlock(&proxy_list_lock);
+
+    return NULL;
+}
+
+#define MAX_RID_LENGTH 10
+void qdev_proxy_fire(void)
+{
+    PCIProxyDev *entry;
+
+    QLIST_FOREACH(entry, &proxy_dev_list.devices, next) {
+        if (entry->proxy_ready) {
+            entry->proxy_ready(PCI_DEVICE(entry));
+        }
+    }
+}
+
+DeviceState *qdev_proxy_add(const char *rid, const char *id, char *bus,
+                            char *command, int rsocket, bool managed,
+                            Error **errp)
+{
+    DeviceState *ds;
+    PCIProxyDev *pdev, *old_pdev;
+    QemuOpts *proxy_opts;
+    const char *proxy_type;
+    Error *local_err = NULL;
+    QDict *qdict;
+    const char *str;
+    bool need_spawn = false;
+    bool remote_exists = false;
+
+    if (strlen(rid) > MAX_RID_LENGTH) {
+        error_setg(errp, "rid %s is too long.", rid);
+        return NULL;
+    }
+
+    old_pdev = get_proxy_object_rid(rid);
+    if (old_pdev) {
+        remote_exists = true;
+        if (old_pdev->dev_id) {
+            if (id) {
+                if (strncmp(id, old_pdev->dev_id,
+                            strlen(old_pdev->dev_id)) == 0) {
+                    return DEVICE(old_pdev);
+                }
+            } else {
+            /* check if device belongs to this proxy, use bus */
+                if (bus) {
+                    if (strncmp(bus, old_pdev->dev_id,
+                                strlen(old_pdev->dev_id)) == 0) {
+                        return DEVICE(old_pdev);
+                    }
+                }
+            }
+        }
+    }
+
+    proxy_opts = qemu_opts_create(&qemu_device_opts, NULL, 0,
+                                  errp);
+
+    /* TODO: remove hardcoded type and add approptiate type identification. */
+    proxy_type = TYPE_PROXY_LSI53C895A;
+
+    qemu_opts_set_id(proxy_opts, (char *)rid);
+    qemu_opt_set(proxy_opts, "driver", proxy_type, &local_err);
+
+    qdict = qemu_opts_to_qdict(proxy_opts, NULL);
+    str = qstring_get_str(qobject_to_json(QOBJECT(qdict)));
+
+    ds = qdev_device_add(proxy_opts, &local_err);
+    if (!ds) {
+        error_setg(errp, "Could not create proxy device"
+                      " with opts %s.", str);
+        qemu_opts_del(proxy_opts);
+        return NULL;
+    }
+    qdev_set_id(ds, qemu_opts_id(proxy_opts));
+
+    pdev = PCI_PROXY_DEV(ds);
+    if (!pdev) {
+        error_setg(errp, "qdev_device_add failed.");
+        qemu_opts_del(proxy_opts);
+        return NULL;
+    }
+    pdev->rid = g_strdup(rid);
+    if (old_pdev) {
+        pdev->rsocket = old_pdev->rsocket;
+        pdev->socket = old_pdev->socket;
+        pdev->remote_pid = old_pdev->remote_pid;
+    } else {
+        pdev->rsocket = managed ? rsocket : -1;
+        pdev->socket = managed ? rsocket : -1;
+
+    }
+    pdev->managed = managed;
+
+    /* With no libvirt, we will need to spawn. For now, every time. */
+    if (!remote_exists) {
+        need_spawn = true;
+    }
+
+    pdev->init_proxy(PCI_DEVICE(ds), command, need_spawn, errp);
+
+    qemu_mutex_lock(&proxy_list_lock);
+    QLIST_INSERT_HEAD(&proxy_dev_list.devices, pdev, next);
+    qemu_mutex_unlock(&proxy_list_lock);
+
+    qemu_opts_del(proxy_opts);
+    return ds;
+}
+
+DeviceState *qdev_remote_add(QemuOpts *opts, bool device, Error **errp)
+{
+    PCIProxyDev *pdev = NULL;
+    DeviceState *dev;
+    const char *rid, *rsocket = NULL, *command = NULL;
+    QDict *qdict_new;
+    const char *id = NULL;
+    const char *driver = NULL;
+    const char *bus = NULL;
+
+    if (!proxy_list_lock.initialized) {
+        QLIST_INIT(&proxy_dev_list.devices);
+        qemu_mutex_init(&proxy_list_lock);
+    }
+
+    rid = qemu_opt_get(opts, "rid");
+    if (!rid) {
+        error_setg(errp, "rdevice option needs rid specified.");
+        return NULL;
+    }
+    if (device) {
+        driver = qemu_opt_get(opts, "driver");
+        /* TODO: properly identify the device class. */
+        if (strncmp(driver, "lsi", 3) == 0) {
+            id = qemu_opts_id(opts);
+            if (!id) {
+                error_setg(errp, "qdev_remote_add option needs id specified.");
+                return NULL;
+            }
+        }
+    }
+
+    rsocket = qemu_opt_get(opts, "socket");
+    if (rsocket) {
+        if (strlen(rsocket) > MAX_RID_LENGTH) {
+            error_setg(errp, "Socket number is incorrect.");
+            return NULL;
+        }
+    }
+    /*
+     * TODO: verify command with known commands and on remote end.
+     * How else can we verify the binary we launch without libvirtd support?
+     */
+    command = qemu_opt_get(opts, "command");
+    if (!rsocket && !command) {
+        error_setg(errp, "rdevice option needs socket or command specified.");
+        return NULL;
+    }
+
+    bus = qemu_opt_get(opts, "bus");
+    dev = qdev_proxy_add(rid, id, (char *)bus, (char *)command,
+                         rsocket ? atoi(rsocket) : -1,
+                         rsocket ? true : false, errp);
+    if (!dev) {
+        error_setg(errp, "qdev_proxy_add error.");
+        return NULL;
+    }
+
+    qdict_new = qemu_opts_to_qdict(opts, NULL);
+
+    if (!qdict_new) {
+        error_setg(errp, "Could not parse rdevice options.");
+        return NULL;
+    }
+
+    pdev = PCI_PROXY_DEV(dev);
+    if (!pdev->set_remote_opts) {
+        /* TODO: destroy proxy? */
+        error_setg(errp, "set_remote_opts failed.");
+        return NULL;
+    } else {
+        if (id && !pdev->dev_id) {
+            pdev->dev_id = g_strdup(id);
+        }
+        pdev->set_remote_opts(PCI_DEVICE(pdev), qdict_new,
+                              device ? DEV_OPTS : DRIVE_OPTS);
+    }
+
+    return dev;
+}
+#endif /*defined(CONFIG_MPQEMU)*/
+
 DeviceState *qdev_device_add(QemuOpts *opts, Error **errp)
 {
     DeviceClass *dc;
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 24/45] multi-process: remote: add setup_devices and setup_drive msg processing

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Receive by remote side the configuration messages and build the device
object from JSON device descriptions.

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
 v1 -> v2:
   - for new command line suboptions with libvirtd support, clean
     the options before creating drives/devices
   - use default pci bus/address for now

 include/hw/qdev-core.h |   2 +
 qdev-monitor.c         |   2 +-
 remote/remote-main.c   | 231 +++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 234 insertions(+), 1 deletion(-)

diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h
index 136df77..2f81894 100644
--- a/include/hw/qdev-core.h
+++ b/include/hw/qdev-core.h
@@ -360,6 +360,8 @@ BusState *qdev_get_parent_bus(DeviceState *dev);
 
 DeviceState *qdev_find_recursive(BusState *bus, const char *id);
 
+DeviceState *find_device_state(const char *id, Error **errp);
+
 /* Returns 0 to walk children, > 0 to skip walk, < 0 to terminate walk. */
 typedef int (qbus_walkerfn)(BusState *bus, void *opaque);
 typedef int (qdev_walkerfn)(DeviceState *dev, void *opaque);
diff --git a/qdev-monitor.c b/qdev-monitor.c
index d6f7572..69e467e 100644
--- a/qdev-monitor.c
+++ b/qdev-monitor.c
@@ -1017,7 +1017,7 @@ void qmp_device_add(QDict *qdict, QObject **ret_data, Error **errp)
     object_unref(OBJECT(dev));
 }
 
-static DeviceState *find_device_state(const char *id, Error **errp)
+DeviceState *find_device_state(const char *id, Error **errp)
 {
     Object *obj;
 
diff --git a/remote/remote-main.c b/remote/remote-main.c
index 8af284e..3e92a83 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -48,6 +48,21 @@
 #include "exec/memattrs.h"
 #include "exec/address-spaces.h"
 #include "remote/iohub.h"
+#include "qapi/qmp/qjson.h"
+#include "qapi/qmp/qobject.h"
+#include "qemu/option.h"
+#include "qemu/config-file.h"
+#include "monitor/qdev.h"
+#include "qapi/qmp/qdict.h"
+#include "sysemu/sysemu.h"
+#include "sysemu/blockdev.h"
+#include "block/block.h"
+#include "qapi/qmp/qstring.h"
+#include "hw/qdev-properties.h"
+#include "hw/scsi/scsi.h"
+#include "block/qdict.h"
+#include "qapi/qmp/qlist.h"
+#include "qemu/log.h"
 
 static ProxyLinkState *proxy_link;
 PCIDevice *remote_pci_dev;
@@ -138,6 +153,200 @@ fail:
     PUT_REMOTE_WAIT(wait);
 }
 
+static void process_device_add_msg(ProcMsg *msg)
+{
+    Error *local_err = NULL;
+    const char *json = (const char *)msg->data2;
+    int wait = msg->fds[0];
+    QObject *qobj = NULL;
+    QDict *qdict = NULL;
+    QemuOpts *opts = NULL;
+
+    qobj = qobject_from_json(json, &local_err);
+    if (local_err) {
+        goto fail;
+    }
+
+    qdict = qobject_to(QDict, qobj);
+    assert(qdict);
+
+    opts = qemu_opts_from_qdict(qemu_find_opts("device"), qdict, &local_err);
+    if (local_err) {
+        goto fail;
+    }
+
+    (void)qdev_device_add(opts, &local_err);
+    if (local_err) {
+        goto fail;
+    }
+
+fail:
+    if (local_err) {
+        error_report_err(local_err);
+        /* TODO: communicate the exact error message to proxy */
+    }
+
+    notify_proxy(wait, 1);
+
+    PUT_REMOTE_WAIT(wait);
+}
+
+static void process_device_del_msg(ProcMsg *msg)
+{
+    Error *local_err = NULL;
+    DeviceState *dev = NULL;
+    const char *json = (const char *)msg->data2;
+    int wait = msg->fds[0];
+    QObject *qobj = NULL;
+    QDict *qdict = NULL;
+    const char *id;
+
+    qobj = qobject_from_json(json, &local_err);
+    if (local_err) {
+        goto fail;
+    }
+
+    qdict = qobject_to(QDict, qobj);
+    assert(qdict);
+
+    id = qdict_get_try_str(qdict, "id");
+    assert(id);
+
+    dev = find_device_state(id, &local_err);
+    if (local_err) {
+        goto fail;
+    }
+
+    if (dev) {
+        qdev_unplug(dev, &local_err);
+    }
+
+fail:
+    if (local_err) {
+        error_report_err(local_err);
+        /* TODO: communicate the exact error message to proxy */
+    }
+
+    notify_proxy(wait, 1);
+
+    PUT_REMOTE_WAIT(wait);
+}
+
+static int init_drive(QDict *rqdict, Error **errp)
+{
+    QemuOpts *opts;
+    Error *local_error = NULL;
+
+    if (rqdict != NULL && qdict_size(rqdict) > 0) {
+        opts = qemu_opts_from_qdict(&qemu_drive_opts,
+                                    rqdict, &local_error);
+        if (!opts) {
+            error_propagate(errp, local_error);
+            return -EINVAL;
+        }
+    } else {
+        return -EINVAL;
+    }
+
+    qemu_opt_unset(opts, "rid");
+    qemu_opt_unset(opts, "socket");
+    qemu_opt_unset(opts, "remote");
+    qemu_opt_unset(opts, "command");
+
+    if (drive_new(opts, IF_IDE, &local_error) == NULL) {
+        error_propagate(errp, local_error);
+        return -EINVAL;
+    }
+
+    return 0;
+}
+
+static int setup_drive(ProcMsg *msg, Error **errp)
+{
+    QObject *obj;
+    QDict *qdict;
+    QString *qstr;
+    Error *local_error = NULL;
+    int rc = -EINVAL;
+
+    if (!msg->data2) {
+        return rc;
+    }
+
+    qstr = qstring_from_str((char *)msg->data2);
+    obj = qobject_from_json(qstring_get_str(qstr), &local_error);
+    if (!obj) {
+        error_propagate(errp, local_error);
+        return rc;
+    }
+
+    qdict = qobject_to(QDict, obj);
+    if (!qdict) {
+        return rc;
+    }
+
+    if (init_drive(qdict, &local_error)) {
+        error_setg(errp, "init_drive failed in setup_drive.");
+        return rc;
+    }
+
+    return 0;
+}
+
+static int setup_device(ProcMsg *msg, Error **errp)
+{
+    QObject *obj;
+    QDict *qdict;
+    QString *qstr;
+    QemuOpts *opts;
+    DeviceState *dev = NULL;
+    int rc = -EINVAL;
+    Error *local_error = NULL;
+
+    if (!msg->data2) {
+        return rc;
+    }
+
+    qstr = qstring_from_str((char *)msg->data2);
+    obj = qobject_from_json(qstring_get_str(qstr), &local_error);
+    if (!obj) {
+        error_setg(errp, "Could not get object!");
+        return rc;
+    }
+
+    qdict = qobject_to(QDict, obj);
+    if (!qdict) {
+        return rc;
+    }
+
+    g_assert(qdict_size(qdict) > 1);
+
+    opts = qemu_opts_from_qdict(&qemu_device_opts, qdict, &local_error);
+    qemu_opt_unset(opts, "rid");
+    qemu_opt_unset(opts, "socket");
+    qemu_opt_unset(opts, "remote");
+    qemu_opt_unset(opts, "command");
+    /*
+     * TODO: use the bus and addr from the device options. For now
+     * we use default value.
+     */
+    qemu_opt_unset(opts, "bus");
+    qemu_opt_unset(opts, "addr");
+
+    dev = qdev_device_add(opts, &local_error);
+    if (!dev) {
+        error_setg(errp, "Could not add device %s.",
+                   qstring_get_str(qobject_to_json(QOBJECT(qdict))));
+        return rc;
+    }
+    if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
+        remote_pci_dev = PCI_DEVICE(dev);
+    }
+    qemu_opts_del(opts);
+
+    return 0;
+}
+
 static void process_msg(GIOCondition cond, ProcChannel *chan)
 {
     ProcMsg *msg = NULL;
@@ -183,11 +392,33 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
          */
         remote_sysmem_reconfig(msg, &err);
         if (err) {
+            error_report_err(err);
             goto finalize_loop;
         }
         break;
     case SET_IRQFD:
         process_set_irqfd_msg(remote_pci_dev, msg);
+        qdev_machine_creation_done();
+        qemu_mutex_lock_iothread();
+        qemu_run_machine_init_done_notifiers();
+        qemu_mutex_unlock_iothread();
+
+        break;
+    case DRIVE_OPTS:
+        if (setup_drive(msg, &err)) {
+            error_report_err(err);
+        }
+        break;
+    case DEV_OPTS:
+        if (setup_device(msg, &err)) {
+            error_report_err(err);
+        }
+        break;
+    case DEVICE_ADD:
+        process_device_add_msg(msg);
+        break;
+    case DEVICE_DEL:
+        process_device_del_msg(msg);
         break;
     default:
         error_setg(&err, "Unknown command");
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 25/45] multi-process: remote: use fd for socket from parent process

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 remote/remote-main.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/remote/remote-main.c b/remote/remote-main.c
index 3e92a83..e284d5f 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -63,6 +63,7 @@
 #include "block/qdict.h"
 #include "qapi/qmp/qlist.h"
 #include "qemu/log.h"
+#include "qemu/cutils.h"
 
 static ProxyLinkState *proxy_link;
 PCIDevice *remote_pci_dev;
@@ -439,6 +440,7 @@ finalize_loop:
 int main(int argc, char *argv[])
 {
     Error *err = NULL;
+    int fd = -1;
 
     module_call_init(MODULE_INIT_QOM);
 
@@ -461,7 +463,13 @@ int main(int argc, char *argv[])
         return -1;
     }
 
-    proxy_link_init_channel(proxy_link, &proxy_link->com, STDIN_FILENO);
+    fd = qemu_parse_fd(argv[1]);
+    if (fd == -1) {
+        printf("Failed to parse fd for remote process.\n");
+        return -EINVAL;
+    }
+
+    proxy_link_init_channel(proxy_link, &proxy_link->com, fd);
     proxy_link_set_callback(proxy_link, process_msg);
 
     start_handler(proxy_link);
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 26/45] multi-process: remote: add create_done condition

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Do not allow BAR,MMIO handlers and irq setup to run before
the configuration of the devices completes.

Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 remote/remote-main.c | 29 ++++++++++++++++++++---------
 1 file changed, 20 insertions(+), 9 deletions(-)

diff --git a/remote/remote-main.c b/remote/remote-main.c
index e284d5f..0c0e085 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -67,6 +67,7 @@
 
 static ProxyLinkState *proxy_link;
 PCIDevice *remote_pci_dev;
+bool create_done;
 
 static void process_config_write(ProcMsg *msg)
 {
@@ -369,21 +370,31 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
     case INIT:
         break;
     case CONF_WRITE:
-        process_config_write(msg);
+        if (create_done) {
+            process_config_write(msg);
+        }
+
         break;
     case CONF_READ:
-        process_config_read(msg);
+        if (create_done) {
+            process_config_read(msg);
+        }
+
         break;
     case BAR_WRITE:
-        process_bar_write(msg, &err);
-        if (err) {
-            goto finalize_loop;
+        if (create_done) {
+            process_bar_write(msg, &err);
+            if (err) {
+                error_report_err(err);
+            }
         }
         break;
     case BAR_READ:
-        process_bar_read(msg, &err);
-        if (err) {
-            goto finalize_loop;
+        if (create_done) {
+            process_bar_read(msg, &err);
+            if (err) {
+                error_report_err(err);
+            }
         }
         break;
     case SYNC_SYSMEM:
@@ -403,7 +414,7 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
         qemu_mutex_lock_iothread();
         qemu_run_machine_init_done_notifiers();
         qemu_mutex_unlock_iothread();
-
+        create_done = true;
         break;
     case DRIVE_OPTS:
         if (setup_drive(msg, &err)) {
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 27/45] multi-process: add processing of remote drive and device command line

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Add processing of command line options drive and device.
After remote devices are created along with their proxies,
signal the proxies to finish the configuration steps.

Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 v1 -> v2:
   - change command line option for remote process drive/device to
     use existing -drive/-device options
   - process drive and device options only after non-remote devices
     and drives are added

 vl.c | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 76 insertions(+)

diff --git a/vl.c b/vl.c
index b426b32..f7dae56 100644
--- a/vl.c
+++ b/vl.c
@@ -32,6 +32,11 @@
 #include "qemu/uuid.h"
 #include "sysemu/seccomp.h"
 #include "sysemu/tcg.h"
+#include "qapi/qmp/qdict.h"
+#include "block/qdict.h"
+#include "qapi/qmp/qstring.h"
+#include "qapi/qmp/qjson.h"
+#include "qapi/qmp/qlist.h"
 
 #ifdef CONFIG_SDL
 #if defined(__APPLE__) || defined(main)
@@ -1135,11 +1140,43 @@ static int cleanup_add_fd(void *opaque, QemuOpts *opts, Error **errp)
 #define MTD_OPTS ""
 #define SD_OPTS ""
 
+#if defined(CONFIG_MPQEMU)
+static int rdrive_init_func(void *opaque, QemuOpts *opts, Error **errp)
+{
+    DeviceState *dev;
+
+    dev = qdev_remote_add(opts, false /* this is drive */, errp);
+    if (!dev) {
+        error_setg(errp, "qdev_remote_add failed for drive.");
+        return -1;
+    }
+    object_unref(OBJECT(dev));
+    return 0;
+}
+#endif
+
+static int pass;
+
 static int drive_init_func(void *opaque, QemuOpts *opts, Error **errp)
 {
     BlockInterfaceType *block_default_type = opaque;
 
+#if defined(CONFIG_MPQEMU)
+    const char *remote;
+
+    remote = qemu_opt_get(opts, "remote");
+    if (pass && remote) {
+        return rdrive_init_func(opaque, opts, errp);
+    } else {
+        if (!remote && !pass) {
+            drive_new(opts, *block_default_type, errp);
+        }
+    }
+
+    return 0;
+#else
     return drive_new(opts, *block_default_type, errp) == NULL;
+#endif
 }
 
 static int drive_enable_snapshot(void *opaque, QemuOpts *opts, Error **errp)
@@ -2184,10 +2221,35 @@ static int device_help_func(void *opaque, QemuOpts *opts, Error **errp)
     return qdev_device_help(opts);
 }
 
+#if defined(CONFIG_MPQEMU)
+static int rdevice_init_func(void *opaque, QemuOpts *opts, Error **errp)
+{
+    DeviceState *dev;
+
+    dev = qdev_remote_add(opts, true /* this is device */, errp);
+    if (!dev) {
+        error_setg(errp, "qdev_remote_add failed for device.");
+        return -1;
+    }
+    object_unref(OBJECT(dev));
+    return 0;
+}
+#endif
+
 static int device_init_func(void *opaque, QemuOpts *opts, Error **errp)
 {
     DeviceState *dev;
 
+#if defined(CONFIG_MPQEMU)
+    const char *remote;
+
+    remote = qemu_opt_get(opts, "remote");
+    if (remote) {
+        /* This will be a remote process */
+        return rdevice_init_func(opaque, opts, errp);
+    }
+#endif
+
     dev = qdev_device_add(opts, errp);
     if (!dev) {
         return -1;
@@ -4367,6 +4429,17 @@ int main(int argc, char **argv, char **envp)
     /* Check if IGD GFX passthrough. */
     igd_gfx_passthru();
 
+#if defined(CONFIG_MPQEMU)
+    /*
+     * Parse the list for remote drives here as we launch PCIProxyDev here and
+     * need PCI host initialized. As a TODO: could defer init of PCIProxyDev instead.
+     */
+    if (qemu_opts_foreach(qemu_find_opts("drive"), drive_init_func,
+                          &machine_class->block_default_type, &error_fatal)) {
+        exit(0);
+    }
+#endif
+
     /* init generic devices */
     rom_set_order_override(FW_CFG_ORDER_OVERRIDE_DEVICE);
     qemu_opts_foreach(qemu_find_opts("device"),
@@ -4424,6 +4497,9 @@ int main(int argc, char **argv, char **envp)
     qemu_register_reset(qbus_reset_all_fn, sysbus_get_default());
     qemu_run_machine_init_done_notifiers();
 
+#if defined(CONFIG_MPQEMU)
+    qdev_proxy_fire();
+#endif
     if (rom_check_and_register_reset() != 0) {
         error_report("rom check and register reset failed");
         exit(1);
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 28/45] multi-process: Introduce build flags to separate remote process code

[Jagannathan Raman]

Introduce SCSI_PROCESS & REMOTE_PROCESS build flags to separate
code that applies only to remote processes.

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
---
 New patch in v3

 Makefile.target | 4 ++++
 rules.mak       | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/Makefile.target b/Makefile.target
index a0c00c6..ac545fc 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -256,6 +256,10 @@ ifdef CONFIG_DARWIN
 	$(call quiet-command,SetFile -a C $@,"SETFILE","$(TARGET_DIR)$@")
 endif
 
+ifdef CONFIG_MPQEMU
+$(SCSI_DEV_BUILD): REMOTE_FLAGS = -DREMOTE_PROCESS -DSCSI_PROCESS
+endif
+
 $(SCSI_DEV_BUILD): $(all-remote-lsi-obj-y) $(COMMON_LDADDS)
 	$(call LINK, $(filter-out %.mak, $^))
 ifdef CONFIG_DARWIN
diff --git a/rules.mak b/rules.mak
index 967295d..22e0c36 100644
--- a/rules.mak
+++ b/rules.mak
@@ -67,7 +67,7 @@ expand-objs = $(strip $(sort $(filter %.o,$1)) \
 
 %.o: %.c
 	$(call quiet-command,$(CC) $(QEMU_LOCAL_INCLUDES) $(QEMU_INCLUDES) \
-	       $(QEMU_CFLAGS) $(QEMU_DGFLAGS) $(CFLAGS) $($@-cflags) \
+	       $(QEMU_CFLAGS) $(QEMU_DGFLAGS) $(CFLAGS) $($@-cflags) $(REMOTE_FLAGS) \
 	       -c -o $@ $<,"CC","$(TARGET_DIR)$@")
 %.o: %.rc
 	$(call quiet-command,$(WINDRES) -I. -o $@ $<,"RC","$(TARGET_DIR)$@")
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 29/45] multi-process: refractor vl.c code to re-use in remote

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
 New patch in v3

 Makefile.objs        |   2 +
 remote/Makefile.objs |   1 +
 vl-parse.c           | 157 +++++++++++++++++++++++++++++++++++++++++++++++++++
 vl.c                 | 150 +-----------------------------------------------
 vl.h                 |  54 ++++++++++++++++++
 5 files changed, 215 insertions(+), 149 deletions(-)
 create mode 100644 vl-parse.c
 create mode 100644 vl.h

diff --git a/Makefile.objs b/Makefile.objs
index 0668509..f817cf6 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -104,6 +104,8 @@ qemu-seccomp.o-libs := $(SECCOMP_LIBS)
 
 common-obj-$(CONFIG_FDT) += device_tree.o
 
+common-obj-y += vl-parse.o
+
 ######################################################################
 # qapi
 
diff --git a/remote/Makefile.objs b/remote/Makefile.objs
index cbb3065..c1349ad 100644
--- a/remote/Makefile.objs
+++ b/remote/Makefile.objs
@@ -2,3 +2,4 @@ remote-pci-obj-$(CONFIG_MPQEMU) += remote-main.o
 remote-pci-obj-$(CONFIG_MPQEMU) += pcihost.o
 remote-pci-obj-$(CONFIG_MPQEMU) += machine.o
 remote-pci-obj-$(CONFIG_MPQEMU) += iohub.o
+remote-pci-obj-$(CONFIG_MPQEMU) +=../vl-parse.o
diff --git a/vl-parse.c b/vl-parse.c
new file mode 100644
index 0000000..d3716d1
--- /dev/null
+++ b/vl-parse.c
@@ -0,0 +1,157 @@
+/*
+ * Copyright (c) 2003-2008 Fabrice Bellard
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/units.h"
+#include "qapi/error.h"
+#include "qemu/cutils.h"
+#include "qemu/error-report.h"
+#include "hw/qdev.h"
+#include "monitor/qdev.h"
+#include "sysemu/sysemu.h"
+#include "qemu/option.h"
+#include "qemu-options.h"
+#include "sysemu/blockdev.h"
+
+#include "chardev/char.h"
+#include "monitor/monitor.h"
+#include "qemu/config-file.h"
+
+#include "sysemu/arch_init.h"
+
+#include "vl.h"
+
+/***********************************************************/
+/* QEMU Block devices */
+
+static const QEMUOption qemu_options[] = {
+    { "h", 0, QEMU_OPTION_h, QEMU_ARCH_ALL },
+#define QEMU_OPTIONS_GENERATE_OPTIONS
+#include "qemu-options-wrapper.h"
+    { NULL },
+};
+
+const QEMUOption *lookup_opt(int argc, char **argv,
+                                    const char **poptarg, int *poptind)
+{
+    const QEMUOption *popt;
+    int optind = *poptind;
+    char *r = argv[optind];
+    const char *optarg;
+
+    loc_set_cmdline(argv, optind, 1);
+    optind++;
+    /* Treat --foo the same as -foo.  */
+    if (r[1] == '-') {
+        r++;
+    }
+    popt = qemu_options;
+    if (!popt) {
+        error_report("No valide qemu_options");
+    }
+    for (;;) {
+        if (!popt->name) {
+            error_report("invalid option*");
+            exit(1);
+            popt++;
+            continue;
+        }
+        if (!strcmp(popt->name, r + 1)) {
+            break;
+        }
+        popt++;
+    }
+    if (popt->flags & HAS_ARG) {
+        if (optind >= argc) {
+            error_report("optind %d, argc %d", optind, argc);
+            error_report("requires an argument");
+            exit(1);
+        }
+        optarg = argv[optind++];
+        loc_set_cmdline(argv, optind - 2, 2);
+    } else {
+        optarg = NULL;
+    }
+
+    *poptarg = optarg;
+    *poptind = optind;
+
+    return popt;
+}
+
+int drive_init_func(void *opaque, QemuOpts *opts, Error **errp)
+{
+    BlockInterfaceType *block_default_type = opaque;
+
+    if (!drive_new(opts, *block_default_type, errp)) {
+        error_report_err(*errp);
+    }
+
+    return 0;
+}
+
+#if defined(CONFIG_MPQEMU)
+int rdrive_init_func(void *opaque, QemuOpts *opts, Error **errp)
+{
+    DeviceState *dev;
+
+    dev = qdev_remote_add(opts, false /* this is drive */, errp);
+    if (!dev) {
+        error_setg(errp, "qdev_remote_add failed for drive.");
+        return -1;
+    }
+    object_unref(OBJECT(dev));
+    return 0;
+}
+#endif
+
+#if defined(CONFIG_MPQEMU)
+int rdevice_init_func(void *opaque, QemuOpts *opts, Error **errp)
+{
+    DeviceState *dev;
+
+    dev = qdev_remote_add(opts, true /* this is device */, errp);
+    if (!dev) {
+        error_setg(errp, "qdev_remote_add failed for device.");
+        return -1;
+    }
+    return 0;
+}
+#endif
+
+int device_init_func(void *opaque, QemuOpts *opts, Error **errp)
+{
+    DeviceState *dev;
+    const char *remote = NULL;
+
+    remote = qemu_opt_get(opts, "rid");
+    if (remote) {
+        return 0;
+    }
+
+    dev = qdev_device_add(opts, errp);
+    if (!dev) {
+        return -1;
+    }
+    object_unref(OBJECT(dev));
+    return 0;
+}
diff --git a/vl.c b/vl.c
index f7dae56..dc2558c 100644
--- a/vl.c
+++ b/vl.c
@@ -37,6 +37,7 @@
 #include "qapi/qmp/qstring.h"
 #include "qapi/qmp/qjson.h"
 #include "qapi/qmp/qlist.h"
+#include "vl.h"
 
 #ifdef CONFIG_SDL
 #if defined(__APPLE__) || defined(main)
@@ -1133,52 +1134,6 @@ static int cleanup_add_fd(void *opaque, QemuOpts *opts, Error **errp)
 /***********************************************************/
 /* QEMU Block devices */
 
-#define HD_OPTS "media=disk"
-#define CDROM_OPTS "media=cdrom"
-#define FD_OPTS ""
-#define PFLASH_OPTS ""
-#define MTD_OPTS ""
-#define SD_OPTS ""
-
-#if defined(CONFIG_MPQEMU)
-static int rdrive_init_func(void *opaque, QemuOpts *opts, Error **errp)
-{
-    DeviceState *dev;
-
-    dev = qdev_remote_add(opts, false /* this is drive */, errp);
-    if (!dev) {
-        error_setg(errp, "qdev_remote_add failed for drive.");
-        return -1;
-    }
-    object_unref(OBJECT(dev));
-    return 0;
-}
-#endif
-
-static int pass;
-
-static int drive_init_func(void *opaque, QemuOpts *opts, Error **errp)
-{
-    BlockInterfaceType *block_default_type = opaque;
-
-#if defined(CONFIG_MPQEMU)
-    const char *remote;
-
-    remote = qemu_opt_get(opts, "remote");
-    if (pass && remote) {
-        return rdrive_init_func(opaque, opts, errp);
-    } else {
-        if (!remote && !pass) {
-            drive_new(opts, *block_default_type, errp);
-        }
-    }
-
-    return 0;
-#else
-    return drive_new(opts, *block_default_type, errp) == NULL;
-#endif
-}
-
 static int drive_enable_snapshot(void *opaque, QemuOpts *opts, Error **errp)
 {
     if (qemu_opt_get(opts, "snapshot") == NULL) {
@@ -1860,21 +1815,6 @@ static void help(int exitcode)
     exit(exitcode);
 }
 
-#define HAS_ARG 0x0001
-
-typedef struct QEMUOption {
-    const char *name;
-    int flags;
-    int index;
-    uint32_t arch_mask;
-} QEMUOption;
-
-static const QEMUOption qemu_options[] = {
-    { "h", 0, QEMU_OPTION_h, QEMU_ARCH_ALL },
-#define QEMU_OPTIONS_GENERATE_OPTIONS
-#include "qemu-options-wrapper.h"
-    { NULL },
-};
 
 typedef struct VGAInterfaceInfo {
     const char *opt_name;    /* option name */
@@ -2221,43 +2161,6 @@ static int device_help_func(void *opaque, QemuOpts *opts, Error **errp)
     return qdev_device_help(opts);
 }
 
-#if defined(CONFIG_MPQEMU)
-static int rdevice_init_func(void *opaque, QemuOpts *opts, Error **errp)
-{
-    DeviceState *dev;
-
-    dev = qdev_remote_add(opts, true /* this is device */, errp);
-    if (!dev) {
-        error_setg(errp, "qdev_remote_add failed for device.");
-        return -1;
-    }
-    object_unref(OBJECT(dev));
-    return 0;
-}
-#endif
-
-static int device_init_func(void *opaque, QemuOpts *opts, Error **errp)
-{
-    DeviceState *dev;
-
-#if defined(CONFIG_MPQEMU)
-    const char *remote;
-
-    remote = qemu_opt_get(opts, "remote");
-    if (remote) {
-        /* This will be a remote process */
-        return rdevice_init_func(opaque, opts, errp);
-    }
-#endif
-
-    dev = qdev_device_add(opts, errp);
-    if (!dev) {
-        return -1;
-    }
-    object_unref(OBJECT(dev));
-    return 0;
-}
-
 static int chardev_init_func(void *opaque, QemuOpts *opts, Error **errp)
 {
     Error *local_err = NULL;
@@ -2587,46 +2490,6 @@ static void qemu_run_machine_init_done_notifiers(void)
     notifier_list_notify(&machine_init_done_notifiers, NULL);
 }
 
-static const QEMUOption *lookup_opt(int argc, char **argv,
-                                    const char **poptarg, int *poptind)
-{
-    const QEMUOption *popt;
-    int optind = *poptind;
-    char *r = argv[optind];
-    const char *optarg;
-
-    loc_set_cmdline(argv, optind, 1);
-    optind++;
-    /* Treat --foo the same as -foo.  */
-    if (r[1] == '-')
-        r++;
-    popt = qemu_options;
-    for(;;) {
-        if (!popt->name) {
-            error_report("invalid option");
-            exit(1);
-        }
-        if (!strcmp(popt->name, r + 1))
-            break;
-        popt++;
-    }
-    if (popt->flags & HAS_ARG) {
-        if (optind >= argc) {
-            error_report("requires an argument");
-            exit(1);
-        }
-        optarg = argv[optind++];
-        loc_set_cmdline(argv, optind - 2, 2);
-    } else {
-        optarg = NULL;
-    }
-
-    *poptarg = optarg;
-    *poptind = optind;
-
-    return popt;
-}
-
 static MachineClass *select_machine(void)
 {
     GSList *machines = object_class_get_list(TYPE_MACHINE, false);
@@ -4429,17 +4292,6 @@ int main(int argc, char **argv, char **envp)
     /* Check if IGD GFX passthrough. */
     igd_gfx_passthru();
 
-#if defined(CONFIG_MPQEMU)
-    /*
-     * Parse the list for remote drives here as we launch PCIProxyDev here and
-     * need PCI host initialized. As a TODO: could defer init of PCIProxyDev instead.
-     */
-    if (qemu_opts_foreach(qemu_find_opts("drive"), drive_init_func,
-                          &machine_class->block_default_type, &error_fatal)) {
-        exit(0);
-    }
-#endif
-
     /* init generic devices */
     rom_set_order_override(FW_CFG_ORDER_OVERRIDE_DEVICE);
     qemu_opts_foreach(qemu_find_opts("device"),
diff --git a/vl.h b/vl.h
new file mode 100644
index 0000000..8c40fed
--- /dev/null
+++ b/vl.h
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2003-2008 Fabrice Bellard
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef VL_H
+#define VL_H
+
+/***********************************************************/
+/* QEMU Block devices */
+
+#define HD_OPTS "media=disk"
+#define CDROM_OPTS "media=cdrom"
+#define FD_OPTS ""
+#define PFLASH_OPTS ""
+#define MTD_OPTS ""
+#define SD_OPTS ""
+
+
+#define HAS_ARG 0x0001
+typedef struct QEMUOption {
+    const char *name;
+    int flags;
+    int index;
+    uint32_t arch_mask;
+} QEMUOption;
+
+const QEMUOption *lookup_opt(int argc, char **argv,
+                                    const char **poptarg, int *poptind);
+
+int drive_init_func(void *opaque, QemuOpts *opts, Error **errp);
+int device_init_func(void *opaque, QemuOpts *opts, Error **errp);
+int rdrive_init_func(void *opaque, QemuOpts *opts, Error **errp);
+int rdevice_init_func(void *opaque, QemuOpts *opts, Error **errp);
+
+#endif /* VL_H */
+
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 30/45] multi-process: add remote option

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
 New patch in v3

 qemu-options.hx | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/qemu-options.hx b/qemu-options.hx
index 9621e93..e2dca3d 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -27,6 +27,27 @@ STEXI
 Display version information and exit
 ETEXI
 
+DEF("remote", HAS_ARG, QEMU_OPTION_remote,
+    "-remote socket[,prop[=value][,...]]\n"
+    "                add remote process\n"
+    "                prop=value,... sets driver properties\n"
+    "                use '-remote help' to print all possible properties\n",
+    QEMU_ARCH_ALL)
+STEXI
+@table @option
+@item rid
+@findex -rid
+remote id
+@item socket
+@findex -socket
+Remote process socket
+@item command
+@findex -command
+Remote process command.
+
+@end table
+ETEXI
+
 DEF("machine", HAS_ARG, QEMU_OPTION_machine, \
     "-machine [type=]name[,prop[=value][,...]]\n"
     "                selects emulated machine ('-machine help' for list)\n"
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 31/45] multi-process: add remote options parser

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
 New patch in v3

 vl.c | 117 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 117 insertions(+)

diff --git a/vl.c b/vl.c
index dc2558c..08e9c09 100644
--- a/vl.c
+++ b/vl.c
@@ -279,6 +279,28 @@ static QemuOptsList qemu_option_rom_opts = {
     },
 };
 
+static QemuOptsList qemu_remote_opts = {
+    .name = "remote",
+    .head = QTAILQ_HEAD_INITIALIZER(qemu_remote_opts.head),
+    .desc = {
+        {
+            .name = "rid",
+            .type = QEMU_OPT_NUMBER,
+            .help = "id of the remote process"
+        },{
+            .name = "socket",
+            .type = QEMU_OPT_NUMBER,
+            .help = "Socket for remote",
+        },{
+            .name = "command",
+            .type = QEMU_OPT_STRING,
+            .help = "command to run",
+        },
+        { /* end of list */ }
+    },
+};
+
+
 static QemuOptsList qemu_machine_opts = {
     .name = "machine",
     .implied_opt_name = "type",
@@ -346,6 +368,87 @@ static QemuOptsList qemu_boot_opts = {
     },
 };
 
+#if defined(CONFIG_MPQEMU)
+static int device_remote_add(void *opaque, QemuOpts *opts, Error **errp)
+{
+    unsigned int rid = *(unsigned int *)opaque;
+    const char *opt_rid = NULL;
+    struct remote_process *p = NULL;;
+
+    opt_rid = qemu_opt_get(opts, "rid");
+    if (!opt_rid) {
+        return 0;
+    }
+
+    p = get_remote_process_rid(rid);
+    if (!p) {
+        return -EINVAL;
+    }
+
+    if (atoi(opt_rid) == rid) {
+        qemu_opt_set(opts, "command", p->command, errp);
+        rdevice_init_func(opaque, opts, errp);
+        qemu_opts_del(opts);
+    }
+    return 0;
+}
+
+static int parse_remote(void *opaque, QemuOpts *opts, Error **errp)
+{
+    int rid;
+    int socket;
+    char  *c_sock;
+    const char *command = NULL;
+    struct remote_process r_proc;
+
+    rid = atoi(qemu_opt_get(opts, "rid"));
+    if (rid < 0) {
+        error_setg(errp, "rid is required.");
+        return -1;
+    }
+    if (get_remote_process_rid(rid)) {
+        error_setg(errp, "There is already process with rid %d", rid);
+        goto cont_devices;
+    }
+
+    c_sock = (char *)qemu_opt_get(opts, "socket");
+    if (c_sock) {
+        socket = atoi(c_sock);
+    } else {
+        socket = -1;
+    }
+
+    command = qemu_opt_get(opts, "command");
+
+    if (socket <= STDERR_FILENO && socket != -1) {
+        socket = -1;
+    }
+
+    if (!command && socket < 0) {
+        error_setg(errp, "No correct  socket or command defined for remote.");
+        return -1;
+    }
+
+    if (rid < 0) {
+        error_setg(errp, "id option is required and must be non-negative");
+        return -1;
+    }
+    r_proc.rid = rid;
+    r_proc.socket = socket;
+    r_proc.command = g_strdup(command);
+    remote_process_register(&r_proc);
+
+ cont_devices:
+    if (qemu_opts_foreach(qemu_find_opts("device"), device_remote_add,
+                          &rid, NULL)) {
+        error_setg(errp, "Could not process some of the remote devices.");
+    }
+
+    return 0;
+}
+
+#endif
+
 static QemuOptsList qemu_add_fd_opts = {
     .name = "add-fd",
     .head = QTAILQ_HEAD_INITIALIZER(qemu_add_fd_opts.head),
@@ -2861,6 +2964,7 @@ int main(int argc, char **argv, char **envp)
     qemu_add_opts(&qemu_icount_opts);
     qemu_add_opts(&qemu_semihosting_config_opts);
     qemu_add_opts(&qemu_fw_cfg_opts);
+    qemu_add_opts(&qemu_remote_opts);
     module_call_init(MODULE_INIT_OPTS);
 
     runstate_init();
@@ -3697,6 +3801,14 @@ int main(int argc, char **argv, char **envp)
                 exit(1);
 #endif
                 break;
+            case QEMU_OPTION_remote:
+                opts = qemu_opts_parse_noisily(qemu_find_opts("remote"),
+                                               optarg, false);
+                if (!opts) {
+                    exit(1);
+                }
+                break;
+
             case QEMU_OPTION_object:
                 opts = qemu_opts_parse_noisily(qemu_find_opts("object"),
                                                optarg, true);
@@ -4297,6 +4409,11 @@ int main(int argc, char **argv, char **envp)
     qemu_opts_foreach(qemu_find_opts("device"),
                       device_init_func, NULL, &error_fatal);
 
+#ifdef CONFIG_MPQEMU
+    qemu_opts_foreach(qemu_find_opts("remote"),
+                      parse_remote, NULL, &error_fatal);
+#endif
+
     cpu_synchronize_all_post_init();
 
     rom_reset_order_override();
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 32/45] multi-process: add parse_cmdline in remote process

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
 New patch in v3

 remote/Makefile.objs |   1 +
 remote/remote-main.c |  11 +++++
 remote/remote-opts.c | 113 +++++++++++++++++++++++++++++++++++++++++++++++++++
 remote/remote-opts.h |  31 ++++++++++++++
 4 files changed, 156 insertions(+)
 create mode 100644 remote/remote-opts.c
 create mode 100644 remote/remote-opts.h

diff --git a/remote/Makefile.objs b/remote/Makefile.objs
index c1349ad..a677fce 100644
--- a/remote/Makefile.objs
+++ b/remote/Makefile.objs
@@ -1,4 +1,5 @@
 remote-pci-obj-$(CONFIG_MPQEMU) += remote-main.o
+remote-pci-obj-$(CONFIG_MPQEMU) += remote-opts.o
 remote-pci-obj-$(CONFIG_MPQEMU) += pcihost.o
 remote-pci-obj-$(CONFIG_MPQEMU) += machine.o
 remote-pci-obj-$(CONFIG_MPQEMU) += iohub.o
diff --git a/remote/remote-main.c b/remote/remote-main.c
index 0c0e085..416b8a1 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -64,6 +64,7 @@
 #include "qapi/qmp/qlist.h"
 #include "qemu/log.h"
 #include "qemu/cutils.h"
+#include "remote-opts.h"
 
 static ProxyLinkState *proxy_link;
 PCIDevice *remote_pci_dev;
@@ -468,6 +469,13 @@ int main(int argc, char *argv[])
 
     current_machine = MACHINE(REMOTE_MACHINE(object_new(TYPE_REMOTE_MACHINE)));
 
+    qemu_add_opts(&qemu_device_opts);
+    qemu_add_opts(&qemu_drive_opts);
+    qemu_add_drive_opts(&qemu_legacy_drive_opts);
+    qemu_add_drive_opts(&qemu_common_drive_opts);
+    qemu_add_drive_opts(&qemu_drive_opts);
+    qemu_add_drive_opts(&bdrv_runtime_opts);
+
     proxy_link = proxy_link_create();
     if (!proxy_link) {
         printf("Could not create proxy link\n");
@@ -481,6 +489,9 @@ int main(int argc, char *argv[])
     }
 
     proxy_link_init_channel(proxy_link, &proxy_link->com, fd);
+
+    parse_cmdline(argc - 2, argv + 2, NULL);
+
     proxy_link_set_callback(proxy_link, process_msg);
 
     start_handler(proxy_link);
diff --git a/remote/remote-opts.c b/remote/remote-opts.c
new file mode 100644
index 0000000..416ff59
--- /dev/null
+++ b/remote/remote-opts.c
@@ -0,0 +1,113 @@
+/*
+ * Remote device initialization
+ *
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include <stdio.h>
+#include <glib.h>
+#include <unistd.h>
+#include "qemu/osdep.h"
+#include "qemu/module.h"
+#include "qapi/error.h"
+#include "qemu/error-report.h"
+#include "qemu-common.h"
+
+#include "remote/pcihost.h"
+#include "remote/machine.h"
+#include "hw/boards.h"
+#include "hw/qdev-core.h"
+#include "qemu/main-loop.h"
+#include "remote/memory.h"
+#include "io/proxy-link.h"
+#include "qapi/error.h"
+#include "qemu-options.h"
+#include "sysemu/arch_init.h"
+
+#include "qapi/qmp/qjson.h"
+#include "qapi/qmp/qobject.h"
+#include "qemu/option.h"
+#include "qemu/config-file.h"
+#include "monitor/qdev.h"
+#include "qapi/qmp/qdict.h"
+#include "sysemu/sysemu.h"
+#include "sysemu/blockdev.h"
+#include "block/block.h"
+#include "remote/remote-opts.h"
+#include "include/qemu-common.h"
+
+#include "vl.h"
+/*
+ * In remote process, we parse only subset of options. The code
+ * taken from vl.c to re-use in remote command line parser.
+ */
+void parse_cmdline(int argc, char **argv, char **envp)
+{
+    int optind;
+    const char *optarg;
+    MachineClass *mc;
+
+    /* from vl.c */
+    optind = 0;
+
+    /* second pass of option parsing */
+
+    for (;;) {
+        if (optind >= argc) {
+            break;
+        }
+        if (argv[optind][0] != '-') {
+            loc_set_cmdline(argv, optind, 1);
+            drive_add(IF_DEFAULT, 0, argv[optind++], HD_OPTS);
+        } else {
+            const QEMUOption *popt;
+
+            popt = lookup_opt(argc, argv, &optarg, &optind);
+            #ifndef REMOTE_PROCESS
+            if (!(popt->arch_mask & arch_type)) {
+                error_report("Option not supported for this target, %x arch_mask, %x arch_type",
+                             popt->arch_mask, arch_type);
+                exit(1);
+            }
+            #endif
+            switch (popt->index) {
+            case QEMU_OPTION_drive:
+                if (drive_def(optarg) == NULL) {
+                    fprintf(stderr, "Could not init drive\n");
+                    exit(1);
+                }
+                break;
+            default:
+                break;
+            }
+        }
+    }
+    mc = MACHINE_GET_CLASS(current_machine);
+
+    mc->block_default_type = IF_IDE;
+    if (qemu_opts_foreach(qemu_find_opts("drive"), drive_init_func,
+                          &mc->block_default_type, &error_fatal)) {
+        /* We printed help */
+        exit(0);
+    }
+
+    return;
+}
diff --git a/remote/remote-opts.h b/remote/remote-opts.h
new file mode 100644
index 0000000..e15c29b
--- /dev/null
+++ b/remote/remote-opts.h
@@ -0,0 +1,31 @@
+/*
+ * Remote device initialization
+ *
+ * Copyright 2019, Oracle and/or its affiliates.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef REMOTE_OPTS_H
+#define REMOTE_OPTS_H
+
+void parse_cmdline(int argc, char **argv, char **envp);
+
+#endif
+
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 33/45] multi-process: add support for multiple devices

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Add suport for multiple devices in one remote process.

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
 New patch in v3

 remote/remote-main.c | 140 ++++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 115 insertions(+), 25 deletions(-)

diff --git a/remote/remote-main.c b/remote/remote-main.c
index 416b8a1..5552712 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -67,19 +67,83 @@
 #include "remote-opts.h"
 
 static ProxyLinkState *proxy_link;
-PCIDevice *remote_pci_dev;
-bool create_done;
 
-static void process_config_write(ProcMsg *msg)
+typedef struct remote_pci_devs {
+    char *id;
+    DeviceState *ds;
+    unsigned int created;
+    QLIST_ENTRY(remote_pci_devs) next;
+} remote_pci_devs;
+typedef struct pci_devs_listhead pci_devs_listhead;
+
+QLIST_HEAD(pci_devs_listhead, remote_pci_devs) pci_devs_head;
+/* This is needed to distinguish between different devices being initialized. */
+
+QemuMutex remote_ds_lock;
+static bool done_init;
+
+
+static remote_pci_devs *get_ds_from_list(const char *id, unsigned int size_id)
+{
+    remote_pci_devs *d;
+
+    qemu_mutex_lock(&remote_ds_lock);
+    QLIST_FOREACH(d, &pci_devs_head, next) {
+        if (id && d->id) {
+            if (strncmp(id, d->id, size_id) == 0) {
+                qemu_mutex_unlock(&remote_ds_lock);
+                return d;
+            }
+       }
+    }
+    qemu_mutex_unlock(&remote_ds_lock);
+
+    return NULL;
+}
+
+static void add_to_pci_devs_list(DeviceState *dev)
+{
+   remote_pci_devs *d;
+
+   if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
+        d = g_malloc(sizeof(remote_pci_devs));
+        d->ds = dev;
+        d->id = g_strdup(dev->id);
+        if (!d->id) {
+            return;
+        }
+        qemu_mutex_lock(&remote_ds_lock);
+        QLIST_INSERT_HEAD(&pci_devs_head, d, next);
+        qemu_mutex_unlock(&remote_ds_lock);
+
+    }
+}
+
+static void del_from_pci_devs_list(const char *id)
+{
+    remote_pci_devs *d;
+
+    d = get_ds_from_list((char *)id, strlen((char *)id));
+    if (!d) {
+        return;
+    }
+    g_free(d->id);
+    qemu_mutex_lock(&remote_ds_lock);
+    QLIST_REMOVE(d, next);
+    qemu_mutex_unlock(&remote_ds_lock);
+    g_free(d);
+}
+
+static void process_config_write(ProcMsg *msg, DeviceState *ds)
 {
     struct conf_data_msg *conf = (struct conf_data_msg *)msg->data2;
 
     qemu_mutex_lock_iothread();
-    pci_default_write_config(remote_pci_dev, conf->addr, conf->val, conf->l);
+    pci_default_write_config(PCI_DEVICE(ds), conf->addr, conf->val, conf->l);
     qemu_mutex_unlock_iothread();
 }
 
-static void process_config_read(ProcMsg *msg)
+static void process_config_read(ProcMsg *msg, DeviceState *ds)
 {
     struct conf_data_msg *conf = (struct conf_data_msg *)msg->data2;
     uint32_t val;
@@ -88,7 +152,7 @@ static void process_config_read(ProcMsg *msg)
     wait = msg->fds[0];
 
     qemu_mutex_lock_iothread();
-    val = pci_default_read_config(remote_pci_dev, conf->addr, conf->l);
+    val = pci_default_read_config(PCI_DEVICE(ds), conf->addr, conf->l);
     qemu_mutex_unlock_iothread();
 
     notify_proxy(wait, val);
@@ -233,6 +297,8 @@ fail:
     notify_proxy(wait, 1);
 
     PUT_REMOTE_WAIT(wait);
+
+    del_from_pci_devs_list((const char *)msg->id);
 }
 
 static int init_drive(QDict *rqdict, Error **errp)
@@ -313,7 +379,7 @@ static int setup_device(ProcMsg *msg, Error **errp)
     qstr = qstring_from_str((char *)msg->data2);
     obj = qobject_from_json(qstring_get_str(qstr), &local_error);
     if (!obj) {
-        error_setg(errp, "Could not get object!");
+        error_setg(errp, "Could not get object");
         return rc;
     }
 
@@ -338,13 +404,12 @@ static int setup_device(ProcMsg *msg, Error **errp)
 
     dev = qdev_device_add(opts, &local_error);
     if (!dev) {
-        error_setg(errp, "Could not add device %s.",
+        error_setg(errp, "Could not add device %s",
                    qstring_get_str(qobject_to_json(QOBJECT(qdict))));
         return rc;
     }
-    if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
-        remote_pci_dev = PCI_DEVICE(dev);
-    }
+
+    add_to_pci_devs_list(dev);
     qemu_opts_del(opts);
 
     return 0;
@@ -354,10 +419,13 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
 {
     ProcMsg *msg = NULL;
     Error *err = NULL;
+    remote_pci_devs *r = NULL;
 
     if ((cond & G_IO_HUP) || (cond & G_IO_ERR)) {
         error_setg(&err, "socket closed, cond is %d", cond);
-        goto finalize_loop;
+        proxy_link_finalize(proxy_link);
+        proxy_link = NULL;
+        return;
     }
 
     msg = g_malloc0(sizeof(ProcMsg));
@@ -367,23 +435,32 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
         goto finalize_loop;
     }
 
+    if (msg->cmd != DEV_OPTS && msg->cmd != DRIVE_OPTS &&
+        msg->cmd != SYNC_SYSMEM) {
+        r = get_ds_from_list((const char *)msg->id, msg->size_id);
+        if (!r) {
+            error_setg(&err, "Message was received for unknown device");
+            goto exit_loop;
+        }
+    }
+
     switch (msg->cmd) {
     case INIT:
         break;
     case CONF_WRITE:
-        if (create_done) {
-            process_config_write(msg);
+        if (r->created) {
+            process_config_write(msg, r->ds);
         }
 
         break;
     case CONF_READ:
-        if (create_done) {
-            process_config_read(msg);
+        if (r->created) {
+            process_config_read(msg, r->ds);
         }
 
         break;
     case BAR_WRITE:
-        if (create_done) {
+        if (r->created) {
             process_bar_write(msg, &err);
             if (err) {
                 error_report_err(err);
@@ -391,7 +468,7 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
         }
         break;
     case BAR_READ:
-        if (create_done) {
+        if (r->created) {
             process_bar_read(msg, &err);
             if (err) {
                 error_report_err(err);
@@ -410,12 +487,15 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
         }
         break;
     case SET_IRQFD:
-        process_set_irqfd_msg(remote_pci_dev, msg);
-        qdev_machine_creation_done();
-        qemu_mutex_lock_iothread();
-        qemu_run_machine_init_done_notifiers();
-        qemu_mutex_unlock_iothread();
-        create_done = true;
+        process_set_irqfd_msg(PCI_DEVICE(r->ds), msg);
+        r->created = true;
+        if (!done_init) {
+            qdev_machine_creation_done();
+            qemu_mutex_lock_iothread();
+            qemu_run_machine_init_done_notifiers();
+            qemu_mutex_unlock_iothread();
+            done_init = true;
+        }
         break;
     case DRIVE_OPTS:
         if (setup_drive(msg, &err)) {
@@ -438,18 +518,26 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
         goto finalize_loop;
     }
 
+exit_loop:
+    if (msg->id) {
+        free(msg->id);
+    }
     g_free(msg);
 
     return;
 
 finalize_loop:
     error_report_err(err);
+    if (msg->id) {
+        free(msg->id);
+    }
     g_free(msg);
+
     proxy_link_finalize(proxy_link);
     proxy_link = NULL;
 }
 
-int main(int argc, char *argv[])
+int main(int argc, char *argv[], char **envp)
 {
     Error *err = NULL;
     int fd = -1;
@@ -491,6 +579,8 @@ int main(int argc, char *argv[])
     proxy_link_init_channel(proxy_link, &proxy_link->com, fd);
 
     parse_cmdline(argc - 2, argv + 2, NULL);
+    qemu_mutex_init(&remote_ds_lock);
+    QLIST_INIT(&pci_devs_head);
 
     proxy_link_set_callback(proxy_link, process_msg);
 
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 34/45] multi-process: add heartbeat timer and signal handler

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Add a signal handler for launched remote processes and set up
the heartbeat timer for remote processes.

Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
---
 hw/proxy/qemu-proxy.c   | 101 ++++++++++++++++++++++++++++++++++++++++++++++++
 include/io/proxy-link.h |   1 +
 2 files changed, 102 insertions(+)

diff --git a/hw/proxy/qemu-proxy.c b/hw/proxy/qemu-proxy.c
index 61808c5..699a0b1 100644
--- a/hw/proxy/qemu-proxy.c
+++ b/hw/proxy/qemu-proxy.c
@@ -53,14 +53,96 @@
 #include "hw/boards.h"
 #include "include/qemu/log.h"
 
+QEMUTimer *hb_timer;
 static void pci_proxy_dev_realize(PCIDevice *dev, Error **errp);
 static void setup_irqfd(PCIProxyDev *dev);
+static void pci_dev_exit(PCIDevice *dev);
+static void start_heartbeat_timer(void);
+static void stop_heartbeat_timer(void);
+static void childsig_handler(int sig, siginfo_t *siginfo, void *ctx);
+static void broadcast_msg(ProcMsg *msg, bool need_reply);
+
+static void childsig_handler(int sig, siginfo_t *siginfo, void *ctx)
+{
+    /* TODO: Add proper handler. */
+    printf("Child (pid %d) is dead? Signal is %d, Exit code is %d.\n",
+           siginfo->si_pid, siginfo->si_signo, siginfo->si_code);
+}
+
+static void broadcast_msg(ProcMsg *msg, bool need_reply)
+{
+    PCIProxyDev *entry;
+    unsigned int pid;
+    int wait;
+
+    QLIST_FOREACH(entry, &proxy_dev_list.devices, next) {
+        if (need_reply) {
+            wait = GET_REMOTE_WAIT;
+            msg->num_fds = 1;
+            msg->fds[0] = wait;
+        }
+
+        proxy_proc_send(entry->proxy_link, msg, entry->proxy_link->com);
+        if (need_reply) {
+            pid = (uint32_t)wait_for_remote(wait);
+            PUT_REMOTE_WAIT(wait);
+            /* TODO: Add proper handling. */
+            if (pid) {
+                need_reply = 0;
+            }
+        }
+    }
+}
+
+#define NOP_INTERVAL 1000000
+
+static void remote_ping(void *opaque)
+{
+    ProcMsg msg;
+
+    memset(&msg, 0, sizeof(ProcMsg));
+
+    msg.num_fds = 0;
+    msg.cmd = PROXY_PING;
+    msg.bytestream = 0;
+    msg.size = 0;
+
+    broadcast_msg(&msg, true);
+    timer_mod(hb_timer, qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + NOP_INTERVAL);
+
+}
+
+void start_heartbeat_timer(void)
+{
+    hb_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL,
+                                            remote_ping,
+                                            &proxy_dev_list);
+    timer_mod(hb_timer, qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + NOP_INTERVAL);
+
+}
+
+static void stop_heartbeat_timer(void)
+{
+    timer_del(hb_timer);
+    timer_free(hb_timer);
+}
+
+static void set_sigchld_handler(void)
+{
+    struct sigaction sa_sigterm;
+    memset(&sa_sigterm, 0, sizeof(sa_sigterm));
+    sa_sigterm.sa_sigaction = childsig_handler;
+    sa_sigterm.sa_flags = SA_SIGINFO | SA_NOCLDWAIT | SA_NOCLDSTOP;
+    sigaction(SIGCHLD, &sa_sigterm, NULL);
+}
 
 static void proxy_ready(PCIDevice *dev)
 {
     PCIProxyDev *pdev = PCI_PROXY_DEV(dev);
 
     setup_irqfd(pdev);
+    set_sigchld_handler();
+    start_heartbeat_timer();
 }
 
 static void set_remote_opts(PCIDevice *dev, QDict *qdict, unsigned int cmd)
@@ -272,6 +354,7 @@ static void pci_proxy_dev_class_init(ObjectClass *klass, void *data)
     PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
 
     k->realize = pci_proxy_dev_realize;
+    k->exit = pci_dev_exit;
     k->config_read = pci_proxy_read_config;
     k->config_write = pci_proxy_write_config;
 }
@@ -408,6 +491,24 @@ static void pci_proxy_dev_realize(PCIDevice *device, Error **errp)
     dev->proxy_ready = proxy_ready;
 }
 
+static void pci_dev_exit(PCIDevice *pdev)
+{
+    PCIProxyDev *entry, *sentry;
+    PCIProxyDev *dev = PCI_PROXY_DEV(pdev);
+
+    stop_heartbeat_timer();
+
+    QLIST_FOREACH_SAFE(entry, &proxy_dev_list.devices, next, sentry) {
+        if (entry->remote_pid == dev->remote_pid) {
+            QLIST_REMOVE(entry, next);
+        }
+    }
+
+    if (!QLIST_EMPTY(&proxy_dev_list.devices)) {
+        start_heartbeat_timer();
+    }
+}
+
 static void send_bar_access_msg(PCIProxyDev *dev, MemoryRegion *mr,
                                 bool write, hwaddr addr, uint64_t *val,
                                 unsigned size, bool memory)
diff --git a/include/io/proxy-link.h b/include/io/proxy-link.h
index 13fb312..ae98eac 100644
--- a/include/io/proxy-link.h
+++ b/include/io/proxy-link.h
@@ -74,6 +74,7 @@ typedef enum {
     DRIVE_OPTS,
     DEVICE_ADD,
     DEVICE_DEL,
+    PROXY_PING,
     MAX,
 } proc_cmd_t;
 
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 35/45] multi-process: handle heartbeat messages in remote process

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

and reply back to proxy object.

Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
---
 remote/remote-main.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/remote/remote-main.c b/remote/remote-main.c
index 5552712..f0a4de9 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -420,6 +420,7 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
     ProcMsg *msg = NULL;
     Error *err = NULL;
     remote_pci_devs *r = NULL;
+    int wait;
 
     if ((cond & G_IO_HUP) || (cond & G_IO_ERR)) {
         error_setg(&err, "socket closed, cond is %d", cond);
@@ -513,6 +514,11 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
     case DEVICE_DEL:
         process_device_del_msg(msg);
         break;
+    case PROXY_PING:
+        wait = msg->fds[0];
+        notify_proxy(wait, (uint32_t)getpid());
+        PUT_REMOTE_WAIT(wait);
+        break;
     default:
         error_setg(&err, "Unknown command");
         goto finalize_loop;
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 36/45] multi-process: Use separate MMIO communication channel

[Jagannathan Raman]

Using a separate communication channel for MMIO helps
with improving Performance

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
 New patch in v3

 hw/proxy/qemu-proxy.c         | 38 ++++++++++++++++++++++++++------------
 include/hw/proxy/qemu-proxy.h |  1 +
 include/io/proxy-link.h       |  7 +++++++
 io/proxy-link.c               |  2 ++
 qdev-monitor.c                |  1 +
 remote/remote-main.c          | 20 ++++++++++++++------
 6 files changed, 51 insertions(+), 18 deletions(-)

diff --git a/hw/proxy/qemu-proxy.c b/hw/proxy/qemu-proxy.c
index 699a0b1..db9a208 100644
--- a/hw/proxy/qemu-proxy.c
+++ b/hw/proxy/qemu-proxy.c
@@ -205,20 +205,22 @@ static int make_argv(char *command_str, char **argv, int argc)
 int remote_spawn(PCIProxyDev *pdev, const char *command, Error **errp)
 {
     pid_t rpid;
-    int fd[2] = {-1, -1};
+    int fd[2], mmio[2];
     Error *local_error = NULL;
     char *argv[64];
     int argc = 0, _argc;
     char *sfd;
     char *exec_dir;
     int rc = -EINVAL;
+    struct timeval timeout = {.tv_sec = 10, .tv_usec = 0};
 
     if (pdev->managed) {
         /* Child is forked by external program (such as libvirt). */
         return rc;
     }
 
-    if (socketpair(AF_UNIX, SOCK_STREAM, 0, fd)) {
+    if (socketpair(AF_UNIX, SOCK_STREAM, 0, fd) ||
+        socketpair(AF_UNIX, SOCK_STREAM, 0, mmio)) {
         error_setg(errp, "Unable to create unix socket.");
         return rc;
     }
@@ -226,6 +228,8 @@ int remote_spawn(PCIProxyDev *pdev, const char *command, Error **errp)
     argc = add_argv(exec_dir, argv, argc);
     sfd = g_strdup_printf("%d", fd[1]);
     argc = add_argv(sfd, argv, argc);
+    sfd = g_strdup_printf("%d", mmio[1]);
+    argc = add_argv(sfd, argv, argc);
     _argc = argc;
     argc = make_argv((char *)command, argv, argc);
 
@@ -235,22 +239,32 @@ int remote_spawn(PCIProxyDev *pdev, const char *command, Error **errp)
     if (rpid == -1) {
         error_setg(errp, "Unable to spawn emulation program.");
         close(fd[0]);
+        close(mmio[0]);
         goto fail;
     }
 
     if (rpid == 0) {
         close(fd[0]);
+        close(mmio[0]);
         execvp(argv[0], (char *const *)argv);
         exit(1);
     }
     pdev->remote_pid = rpid;
     pdev->rsocket = fd[1];
     pdev->socket = fd[0];
+    pdev->mmio_sock = mmio[0];
+
+    if (setsockopt(mmio[0], SOL_SOCKET, SO_RCVTIMEO, (char *)&timeout,
+                   sizeof(timeout)) < 0) {
+        error_setg(errp, "Unable to set timeout for socket");
+        goto fail;
+    }
 
     rc = 0;
 
 fail:
     close(fd[1]);
+    close(mmio[1]);
 
     for (int i = 0; i < _argc; i++) {
         g_free(argv[i]);
@@ -466,6 +480,9 @@ static void init_proxy(PCIDevice *dev, char *command, bool need_spawn, Error **e
     proxy_link_init_channel(pdev->proxy_link, &pdev->proxy_link->com,
                             pdev->socket);
 
+    proxy_link_init_channel(pdev->proxy_link, &pdev->proxy_link->mmio,
+                            pdev->mmio_sock);
+
     configure_memory_sync(pdev->sync, pdev->proxy_link);
 }
 
@@ -514,8 +531,7 @@ static void send_bar_access_msg(PCIProxyDev *dev, MemoryRegion *mr,
                                 unsigned size, bool memory)
 {
     ProxyLinkState *proxy_link;
-    ProcMsg msg;
-    int wait;
+    ProcMsg msg, ret;
 
     proxy_link = dev->proxy_link;
 
@@ -531,11 +547,7 @@ static void send_bar_access_msg(PCIProxyDev *dev, MemoryRegion *mr,
         msg.cmd = BAR_WRITE;
         msg.data1.bar_access.val = *val;
     } else {
-        wait = GET_REMOTE_WAIT;
-
         msg.cmd = BAR_READ;
-        msg.num_fds = 1;
-        msg.fds[0] = wait;
     }
 
     if (dev->dev_id) {
@@ -546,17 +558,19 @@ static void send_bar_access_msg(PCIProxyDev *dev, MemoryRegion *mr,
         msg.size_id = 0;
     }
 
-    proxy_proc_send(proxy_link, &msg, proxy_link->com);
+    proxy_proc_send(proxy_link, &msg, proxy_link->mmio);
 
-    if (!write) {
-        *val = wait_for_remote(wait);
-        PUT_REMOTE_WAIT(wait);
+    if (write) {
+        return;
     }
 
     if (msg.id) {
         free(msg.id);
     }
 
+    proxy_proc_recv(proxy_link, &ret, proxy_link->mmio);
+
+    *val = ret.data1.mmio_ret.val;
 }
 
 void proxy_default_bar_write(PCIProxyDev *dev, MemoryRegion *mr, hwaddr addr,
diff --git a/include/hw/proxy/qemu-proxy.h b/include/hw/proxy/qemu-proxy.h
index fb408cf..a03c6cc 100644
--- a/include/hw/proxy/qemu-proxy.h
+++ b/include/hw/proxy/qemu-proxy.h
@@ -59,6 +59,7 @@ typedef struct PCIProxyDev {
     pid_t remote_pid;
     int rsocket;
     int socket;
+    int mmio_sock;
 
     char *rid;
 
diff --git a/include/io/proxy-link.h b/include/io/proxy-link.h
index ae98eac..32b2c1a 100644
--- a/include/io/proxy-link.h
+++ b/include/io/proxy-link.h
@@ -75,6 +75,7 @@ typedef enum {
     DEVICE_ADD,
     DEVICE_DEL,
     PROXY_PING,
+    MMIO_RETURN,
     MAX,
 } proc_cmd_t;
 
@@ -108,6 +109,10 @@ typedef struct {
 } set_irqfd_msg_t;
 
 typedef struct {
+    uint64_t val;
+} mmio_ret_msg_t;
+
+typedef struct {
     proc_cmd_t cmd;
     int bytestream;
     size_t size;
@@ -118,6 +123,7 @@ typedef struct {
         sync_sysmem_msg_t sync_sysmem;
         bar_access_msg_t bar_access;
         set_irqfd_msg_t set_irqfd;
+        mmio_ret_msg_t mmio_ret;
     } data1;
 
     int fds[REMOTE_MAX_FDS];
@@ -170,6 +176,7 @@ struct ProxyLinkState {
     GMainLoop *loop;
 
     ProcChannel *com;
+    ProcChannel *mmio;
 
     proxy_link_callback callback;
 };
diff --git a/io/proxy-link.c b/io/proxy-link.c
index 6f60117..3ca0185 100644
--- a/io/proxy-link.c
+++ b/io/proxy-link.c
@@ -74,6 +74,7 @@ void proxy_link_finalize(ProxyLinkState *s)
     g_main_loop_quit(s->loop);
 
     proxy_link_destroy_channel(s->com);
+    proxy_link_destroy_channel(s->mmio);
 
     object_unref(OBJECT(s));
 }
@@ -356,6 +357,7 @@ void start_handler(ProxyLinkState *s)
 {
 
     g_assert(g_source_attach(&s->com->gsrc, s->ctx));
+    g_assert(g_source_attach(&s->mmio->gsrc, s->ctx));
 
     g_main_loop_run(s->loop);
 }
diff --git a/qdev-monitor.c b/qdev-monitor.c
index 69e467e..f1065af 100644
--- a/qdev-monitor.c
+++ b/qdev-monitor.c
@@ -710,6 +710,7 @@ DeviceState *qdev_proxy_add(const char *rid, const char *id, char *bus,
     if (old_pdev) {
         pdev->rsocket = old_pdev->rsocket;
         pdev->socket = old_pdev->socket;
+        pdev->mmio_sock = old_pdev->mmio_sock;
         pdev->remote_pid = old_pdev->remote_pid;
     } else {
         pdev->rsocket = managed ? rsocket : -1;
diff --git a/remote/remote-main.c b/remote/remote-main.c
index f0a4de9..2a9ebae 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -180,8 +180,8 @@ static void process_bar_write(ProcMsg *msg, Error **errp)
 static void process_bar_read(ProcMsg *msg, Error **errp)
 {
     bar_access_msg_t *bar_access = &msg->data1.bar_access;
+    ProcMsg ret = { 0 };
     AddressSpace *as;
-    int wait = msg->fds[0];
     MemTxResult res;
     uint64_t val = 0;
 
@@ -215,9 +215,10 @@ static void process_bar_read(ProcMsg *msg, Error **errp)
     }
 
 fail:
-    notify_proxy(wait, val);
-
-    PUT_REMOTE_WAIT(wait);
+    ret.cmd = MMIO_RETURN;
+    ret.data1.mmio_ret.val = val;
+    ret.size = sizeof(ret.data1);
+    proxy_proc_send(proxy_link, &ret, proxy_link->mmio);
 }
 
 static void process_device_add_msg(ProcMsg *msg)
@@ -581,10 +582,17 @@ int main(int argc, char *argv[], char **envp)
         printf("Failed to parse fd for remote process.\n");
         return -EINVAL;
     }
-
     proxy_link_init_channel(proxy_link, &proxy_link->com, fd);
 
-    parse_cmdline(argc - 2, argv + 2, NULL);
+    fd = qemu_parse_fd(argv[2]);
+    if (fd == -1) {
+        printf("Failed to parse fd for remote process.\n");
+        return -EINVAL;
+    }
+    proxy_link_init_channel(proxy_link, &proxy_link->mmio, fd);
+
+    parse_cmdline(argc - 3, argv + 3, NULL);
+
     qemu_mutex_init(&remote_ds_lock);
     QLIST_INIT(&pci_devs_head);
 
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 37/45] multi-process: perform device reset in the remote process

[Jagannathan Raman]

Perform device reset in the remote process when QEMU performs
device reset. This is required to reset the internal state
(like registers, etc...) of emulated devices

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
---
 New patch in v3

 hw/proxy/proxy-lsi53c895a.c   |  6 ++++++
 hw/proxy/qemu-proxy.c         | 14 ++++++++++++++
 include/hw/proxy/qemu-proxy.h |  2 ++
 include/io/proxy-link.h       |  1 +
 remote/remote-main.c          | 11 +++++++++++
 5 files changed, 34 insertions(+)

diff --git a/hw/proxy/proxy-lsi53c895a.c b/hw/proxy/proxy-lsi53c895a.c
index e8a8d36..8640749 100644
--- a/hw/proxy/proxy-lsi53c895a.c
+++ b/hw/proxy/proxy-lsi53c895a.c
@@ -128,6 +128,11 @@ static void proxy_lsi_realize(PCIProxyDev *dev, Error **errp)
     pci_register_bar(pci_dev, 2, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->ram_io);
 }
 
+static void proxy_lsi_reset(DeviceState *dev)
+{
+    proxy_device_reset(dev);
+}
+
 static void proxy_lsi_class_init(ObjectClass *klass, void *data)
 {
     DeviceClass *dc = DEVICE_CLASS(klass);
@@ -145,6 +150,7 @@ static void proxy_lsi_class_init(ObjectClass *klass, void *data)
     set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
 
     dc->desc = "LSI Proxy Device";
+    dc->reset = proxy_lsi_reset;
 }
 
 static const TypeInfo lsi_proxy_dev_type_info = {
diff --git a/hw/proxy/qemu-proxy.c b/hw/proxy/qemu-proxy.c
index db9a208..c812145 100644
--- a/hw/proxy/qemu-proxy.c
+++ b/hw/proxy/qemu-proxy.c
@@ -588,3 +588,17 @@ uint64_t proxy_default_bar_read(PCIProxyDev *dev, MemoryRegion *mr, hwaddr addr,
 
     return val;
 }
+
+void proxy_device_reset(DeviceState *dev)
+{
+    PCIProxyDev *pdev = PCI_PROXY_DEV(dev);
+    ProcMsg msg;
+
+    memset(&msg, 0, sizeof(ProcMsg));
+
+    msg.bytestream = 0;
+    msg.size = sizeof(msg.data1);
+    msg.cmd = DEVICE_RESET;
+
+    proxy_proc_send(pdev->proxy_link, &msg, pdev->proxy_link->com);
+}
diff --git a/include/hw/proxy/qemu-proxy.h b/include/hw/proxy/qemu-proxy.h
index a03c6cc..d88fbd4 100644
--- a/include/hw/proxy/qemu-proxy.h
+++ b/include/hw/proxy/qemu-proxy.h
@@ -100,4 +100,6 @@ void proxy_default_bar_write(PCIProxyDev *dev, MemoryRegion *mr, hwaddr addr,
 uint64_t proxy_default_bar_read(PCIProxyDev *dev, MemoryRegion *mr, hwaddr addr,
                                 unsigned size, bool memory);
 
+void proxy_device_reset(DeviceState *dev);
+
 #endif /* QEMU_PROXY_H */
diff --git a/include/io/proxy-link.h b/include/io/proxy-link.h
index 32b2c1a..eb51d29 100644
--- a/include/io/proxy-link.h
+++ b/include/io/proxy-link.h
@@ -76,6 +76,7 @@ typedef enum {
     DEVICE_DEL,
     PROXY_PING,
     MMIO_RETURN,
+    DEVICE_RESET,
     MAX,
 } proc_cmd_t;
 
diff --git a/remote/remote-main.c b/remote/remote-main.c
index 2a9ebae..a6ff338 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -66,6 +66,9 @@
 #include "qemu/cutils.h"
 #include "remote-opts.h"
 
+#include "monitor/monitor.h"
+#include "sysemu/reset.h"
+
 static ProxyLinkState *proxy_link;
 
 typedef struct remote_pci_devs {
@@ -302,6 +305,11 @@ fail:
     del_from_pci_devs_list((const char *)msg->id);
 }
 
+static void process_device_reset_msg(ProcMsg *msg)
+{
+    qemu_devices_reset();
+}
+
 static int init_drive(QDict *rqdict, Error **errp)
 {
     QemuOpts *opts;
@@ -520,6 +528,9 @@ static void process_msg(GIOCondition cond, ProcChannel *chan)
         notify_proxy(wait, (uint32_t)getpid());
         PUT_REMOTE_WAIT(wait);
         break;
+    case DEVICE_RESET:
+        process_device_reset_msg(msg);
+        break;
     default:
         error_setg(&err, "Unknown command");
         goto finalize_loop;
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 38/45] multi-process/mon: stub functions to enable QMP module for remote process

[Jagannathan Raman]

QMP module doesn't need some functions to run independently on the
remote processes. However, these functions are necessary for
compilation. Therefore, these functions are stub'ed out. The
stub functions raise an assert if QEMU is built in debug mode
(--enable-debug).

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
---
 New patch in v3

 accel/stubs/tcg-stub.c |  10 +++
 configure              |   4 ++
 include/qemu-common.h  |   8 +++
 stubs/gdbstub.c        |  21 +++++++
 stubs/migration.c      | 162 +++++++++++++++++++++++++++++++++++++++++++++++++
 stubs/monitor.c        |  32 ++++++++++
 stubs/net-stub.c       |  69 +++++++++++++++++++++
 stubs/qapi-misc.c      |  41 +++++++++++++
 stubs/qapi-target.c    |  49 +++++++++++++++
 stubs/ui-stub.c        | 130 +++++++++++++++++++++++++++++++++++++++
 stubs/vl-stub.c        |  92 ++++++++++++++++++++++++++++
 11 files changed, 618 insertions(+)
 create mode 100644 stubs/migration.c
 create mode 100644 stubs/qapi-misc.c
 create mode 100644 stubs/qapi-target.c
 create mode 100644 stubs/ui-stub.c

diff --git a/accel/stubs/tcg-stub.c b/accel/stubs/tcg-stub.c
index 52722c7..37e035b 100644
--- a/accel/stubs/tcg-stub.c
+++ b/accel/stubs/tcg-stub.c
@@ -109,3 +109,13 @@ page_collection_lock(tb_page_addr_t start, tb_page_addr_t end)
 void page_collection_unlock(struct page_collection *set)
 {
 }
+
+void dump_exec_info(void)
+{
+    qemu_debug_assert(0);
+}
+
+void dump_opcount_info(void)
+{
+    qemu_debug_assert(0);
+}
diff --git a/configure b/configure
index b467441..5ee2438 100755
--- a/configure
+++ b/configure
@@ -7290,6 +7290,10 @@ if test "$mpqemu" = "yes" ; then
   echo "CONFIG_MPQEMU=y" >> $config_host_mak
 fi
 
+if test "$debug" = "yes" ; then
+  echo "CONFIG_DEBUG=y" >> $config_host_mak
+fi
+
 if test "$bochs" = "yes" ; then
   echo "CONFIG_BOCHS=y" >> $config_host_mak
 fi
diff --git a/include/qemu-common.h b/include/qemu-common.h
index 0235cd3..9f33af3 100644
--- a/include/qemu-common.h
+++ b/include/qemu-common.h
@@ -10,6 +10,8 @@
 #ifndef QEMU_COMMON_H
 #define QEMU_COMMON_H
 
+#include <assert.h>
+
 #define TFR(expr) do { if ((expr) != -1) break; } while (errno == EINTR)
 
 /* Copyright string for -version arguments, About dialogs, etc */
@@ -130,4 +132,10 @@ void page_size_init(void);
  * returned. */
 bool dump_in_progress(void);
 
+#ifdef CONFIG_DEBUG
+#define qemu_debug_assert(x) assert(x)
+#else
+#define qemu_debug_assert(x)
+#endif
+
 #endif
diff --git a/stubs/gdbstub.c b/stubs/gdbstub.c
index 2b7aee5..28c574a 100644
--- a/stubs/gdbstub.c
+++ b/stubs/gdbstub.c
@@ -1,6 +1,27 @@
 #include "qemu/osdep.h"
+#include "qemu-common.h"
 #include "exec/gdbstub.h"       /* xml_builtin */
 
 const char *const xml_builtin[][2] = {
   { NULL, NULL }
 };
+
+#ifdef CONFIG_USER_ONLY
+
+int gdbserver_start(int port)
+{
+    qemu_debug_assert(0);
+
+    return -ENOSYS;
+}
+
+#else
+
+int gdbserver_start(const char *device)
+{
+    qemu_debug_assert(0);
+
+    return -ENOSYS;
+}
+
+#endif
diff --git a/stubs/migration.c b/stubs/migration.c
new file mode 100644
index 0000000..28ccf80
--- /dev/null
+++ b/stubs/migration.c
@@ -0,0 +1,162 @@
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+
+#include "migration/misc.h"
+#include "migration/snapshot.h"
+#include "qapi/qapi-types-migration.h"
+#include "qapi/qapi-commands-migration.h"
+#include "qapi/qapi-types-net.h"
+
+MigrationInfo *qmp_query_migrate(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+void qmp_migrate_set_capabilities(MigrationCapabilityStatusList *params,
+                                  Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+MigrationCapabilityStatusList *qmp_query_migrate_capabilities(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+void qmp_migrate_set_parameters(MigrateSetParameters *params, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+MigrationParameters *qmp_query_migrate_parameters(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+void qmp_migrate_start_postcopy(Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void qmp_migrate_cancel(Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void qmp_migrate_continue(MigrationStatus state, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void qmp_migrate_set_downtime(double value, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void qmp_migrate_set_speed(int64_t value, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void qmp_migrate_set_cache_size(int64_t value, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+int64_t qmp_query_migrate_cache_size(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return 0;
+}
+
+void qmp_migrate(const char *uri, bool has_blk, bool blk,
+                 bool has_inc, bool inc, bool has_detach, bool detach,
+                 bool has_resume, bool resume, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void qmp_migrate_incoming(const char *uri, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void qmp_migrate_recover(const char *uri, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void qmp_migrate_pause(Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void qmp_x_colo_lost_heartbeat(Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void qmp_xen_save_devices_state(const char *filename, bool has_live, bool live,
+                                Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void qmp_xen_set_replication(bool enable, bool primary,
+                             bool has_failover, bool failover,
+                             Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+ReplicationStatus *qmp_query_xen_replication_status(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+void qmp_xen_colo_do_checkpoint(Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+COLOStatus *qmp_query_colo_status(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+void migration_global_dump(Monitor *mon)
+{
+    qemu_debug_assert(0);
+}
+
+int load_snapshot(const char *name, Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return -ENOSYS;
+}
+
+int save_snapshot(const char *name, Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return -ENOSYS;
+}
+
+AnnounceParameters *migrate_announce_params(void)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
diff --git a/stubs/monitor.c b/stubs/monitor.c
index 75dafce..0dcbe09 100644
--- a/stubs/monitor.c
+++ b/stubs/monitor.c
@@ -1,4 +1,5 @@
 #include "qemu/osdep.h"
+#include "qemu-common.h"
 #include "qapi/error.h"
 #include "qapi/qapi-emit-events.h"
 #include "monitor/monitor.h"
@@ -8,16 +9,37 @@
 #include "qapi/qapi-commands-qdev.h"
 #include "hw/qdev-core.h"
 #include "sysemu/sysemu.h"
+#include "monitor/qdev.h"
+#include "sysemu/blockdev.h"
+#include "sysemu/sysemu.h"
+#include "monitor/hmp.h"
+
+#include "qapi/qapi-types-block-core.h"
+#include "qapi/qapi-commands-block-core.h"
+
+#pragma weak cur_mon
+#pragma weak monitor_vprintf
+#pragma weak monitor_get_fd
+#pragma weak monitor_init
+#pragma weak qapi_event_emit
+#pragma weak monitor_get_cpu_index
+#pragma weak monitor_printf
+#pragma weak monitor_cur_is_qmp
+#pragma weak qmp_device_list_properties
+#pragma weak monitor_init_qmp
+#pragma weak monitor_init_hmp
 
 __thread Monitor *cur_mon;
 
 int monitor_vprintf(Monitor *mon, const char *fmt, va_list ap)
 {
+    qemu_debug_assert(0);
     abort();
 }
 
 int monitor_get_fd(Monitor *mon, const char *name, Error **errp)
 {
+    qemu_debug_assert(0);
     error_setg(errp, "only QEMU supports file descriptor passing");
     return -1;
 }
@@ -28,29 +50,39 @@ void monitor_init_qmp(Chardev *chr, bool pretty)
 
 void monitor_init_hmp(Chardev *chr, bool use_readline)
 {
+    qemu_debug_assert(0);
 }
 
 void qapi_event_emit(QAPIEvent event, QDict *qdict)
 {
+    qemu_debug_assert(0);
 }
 
 int monitor_get_cpu_index(void)
 {
+    qemu_debug_assert(0);
+
     return -ENOSYS;
 }
 int monitor_printf(Monitor *mon, const char *fmt, ...)
 {
+    qemu_debug_assert(0);
+
     return -ENOSYS;
 }
 
 bool monitor_cur_is_qmp(void)
 {
+    qemu_debug_assert(0);
+
     return false;
 }
 
 ObjectPropertyInfoList *qmp_device_list_properties(const char *typename,
                                                    Error **errp)
 {
+    qemu_debug_assert(0);
+
     return NULL;
 }
 
diff --git a/stubs/net-stub.c b/stubs/net-stub.c
index cb2274b..962827e 100644
--- a/stubs/net-stub.c
+++ b/stubs/net-stub.c
@@ -2,6 +2,9 @@
 #include "qemu-common.h"
 #include "net/net.h"
 
+#include "qapi/qapi-commands-net.h"
+#include "qapi/qapi-commands-rocker.h"
+
 int qemu_find_net_clients_except(const char *id, NetClientState **ncs,
                                  NetClientDriver type, int max)
 {
@@ -29,3 +32,69 @@ int qemu_find_nic_model(NICInfo *nd, const char * const *models,
     return -ENOSYS;
 }
 
+void qmp_set_link(const char *name, bool up, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void qmp_netdev_del(const char *id, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+RxFilterInfoList *qmp_query_rx_filter(bool has_name, const char *name,
+                                      Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+void qmp_announce_self(AnnounceParameters *params, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+RockerSwitch *qmp_query_rocker(const char *name, Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+RockerPortList *qmp_query_rocker_ports(const char *name, Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+RockerOfDpaFlowList *qmp_query_rocker_of_dpa_flows(const char *name,
+                                                   bool has_tbl_id,
+                                                   uint32_t tbl_id,
+                                                   Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+RockerOfDpaGroupList *qmp_query_rocker_of_dpa_groups(const char *name,
+                                                     bool has_type,
+                                                     uint8_t type,
+                                                     Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+void qmp_netdev_add(QDict *qdict, QObject **ret, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void netdev_add(QemuOpts *opts, Error **errp)
+{
+    qemu_debug_assert(0);
+}
diff --git a/stubs/qapi-misc.c b/stubs/qapi-misc.c
new file mode 100644
index 0000000..3eeedd9
--- /dev/null
+++ b/stubs/qapi-misc.c
@@ -0,0 +1,41 @@
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+
+#include "qapi/qapi-commands-misc.h"
+#include "./qapi/qapi-types-dump.h"
+#include "qapi/qapi-commands-dump.h"
+
+void qmp_dump_guest_memory(bool paging, const char *file,
+                           bool has_detach, bool detach,
+                           bool has_begin, int64_t begin, bool has_length,
+                           int64_t length, bool has_format,
+                           DumpGuestMemoryFormat format, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+DumpQueryResult *qmp_query_dump(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+DumpGuestMemoryCapability *qmp_query_dump_guest_memory_capability(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+void qmp_xen_load_devices_state(const char *filename, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+bool dump_in_progress(void)
+{
+    qemu_debug_assert(0);
+
+    return FALSE;
+}
diff --git a/stubs/qapi-target.c b/stubs/qapi-target.c
new file mode 100644
index 0000000..b3a3ffc
--- /dev/null
+++ b/stubs/qapi-target.c
@@ -0,0 +1,49 @@
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+
+#include "qapi/qapi-types-misc-target.h"
+#include "qapi/qapi-commands-misc-target.h"
+#include "qapi/qapi-types-machine-target.h"
+#include "qapi/qapi-commands-machine-target.h"
+
+void qmp_rtc_reset_reinjection(Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+SevInfo *qmp_query_sev(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+SevCapability *qmp_query_sev_capabilities(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+CpuModelExpansionInfo *qmp_query_cpu_model_expansion(CpuModelExpansionType type,
+                                                     CpuModelInfo *model,
+                                                     Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+CpuDefinitionInfoList *qmp_query_cpu_definitions(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
diff --git a/stubs/ui-stub.c b/stubs/ui-stub.c
new file mode 100644
index 0000000..a5a63ea
--- /dev/null
+++ b/stubs/ui-stub.c
@@ -0,0 +1,130 @@
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+
+#include "ui/console.h"
+#include "ui/input.h"
+#include "ui/qemu-spice.h"
+
+#include "qapi/qapi-types-ui.h"
+#include "qapi/qapi-commands-ui.h"
+
+void qmp_screendump(const char *filename, bool has_device, const char *device,
+                    bool has_head, int64_t head, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+VncInfo *qmp_query_vnc(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+VncInfo2List *qmp_query_vnc_servers(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+MouseInfoList *qmp_query_mice(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+void qmp_send_key(KeyValueList *keys, bool has_hold_time, int64_t hold_time,
+                  Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void qmp_input_send_event(bool has_device, const char *device,
+                          bool has_head, int64_t head,
+                          InputEventList *events, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void vnc_display_open(const char *id, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+void vnc_display_add_client(const char *id, int csock, bool skipauth)
+{
+    qemu_debug_assert(0);
+}
+
+void qemu_input_queue_rel(QemuConsole *src, InputAxis axis, int value)
+{
+    qemu_debug_assert(0);
+}
+
+void qemu_input_queue_btn(QemuConsole *src, InputButton btn, bool down)
+{
+    qemu_debug_assert(0);
+}
+
+void qemu_input_event_sync(void)
+{
+    qemu_debug_assert(0);
+}
+
+void qemu_input_update_buttons(QemuConsole *src, uint32_t *button_map,
+                               uint32_t button_old, uint32_t button_new)
+{
+    qemu_debug_assert(0);
+}
+
+#ifdef CONFIG_SPICE
+
+int using_spice;
+
+SpiceInfo *qmp_query_spice(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+int qemu_spice_migrate_info(const char *hostname, int port, int tls_port,
+                            const char *subject)
+{
+    qemu_debug_assert(0);
+
+    return -ENOSYS;
+}
+
+int qemu_spice_display_add_client(int csock, int skipauth, int tls)
+{
+    qemu_debug_assert(0);
+
+    return -ENOSYS;
+}
+
+int qemu_spice_set_passwd(const char *passwd, bool fail_if_conn,
+                          bool disconnect_if_conn)
+{
+    qemu_debug_assert(0);
+
+    return -ENOSYS;
+}
+
+int qemu_spice_set_pw_expire(time_t expires)
+{
+    qemu_debug_assert(0);
+
+    return -ENOSYS;
+}
+
+#endif
+
+int index_from_key(const char *key, size_t key_length)
+{
+    qemu_debug_assert(0);
+
+    return -ENOSYS;
+}
diff --git a/stubs/vl-stub.c b/stubs/vl-stub.c
index 89db36c..4415990 100644
--- a/stubs/vl-stub.c
+++ b/stubs/vl-stub.c
@@ -7,6 +7,12 @@
 #include "sysemu/replay.h"
 #include "disas/disas.h"
 
+#include "qapi/qapi-commands-ui.h"
+#include "qapi/qapi-commands-run-state.h"
+#include "sysemu/watchdog.h"
+#include "disas/disas.h"
+#include "audio/audio.h"
+
 bool tcg_allowed;
 bool xen_allowed;
 bool boot_strict;
@@ -19,6 +25,8 @@ int smp_threads = 1;
 int icount_align_option;
 int boot_menu;
 
+#pragma weak arch_type
+
 unsigned int max_cpus;
 const uint32_t arch_type;
 const char *mem_path;
@@ -31,6 +39,11 @@ ram_addr_t ram_size;
 MachineState *current_machine;
 QemuUUID qemu_uuid;
 
+int singlestep;
+const char *qemu_name;
+int no_shutdown;
+int autostart;
+
 int runstate_is_running(void)
 {
     return 0;
@@ -75,3 +88,82 @@ void x86_cpu_list(void)
 {
 }
 #endif
+
+void qemu_system_shutdown_request(ShutdownCause reason)
+{
+    qemu_debug_assert(0);
+}
+
+void qemu_system_reset_request(ShutdownCause reason)
+{
+    qemu_debug_assert(0);
+}
+
+void qemu_system_powerdown_request(void)
+{
+    qemu_debug_assert(0);
+}
+
+void qemu_exit_preconfig_request(void)
+{
+    qemu_debug_assert(0);
+}
+
+bool runstate_needs_reset(void)
+{
+    qemu_debug_assert(0);
+
+    return FALSE;
+}
+
+bool qemu_wakeup_suspend_enabled(void)
+{
+    qemu_debug_assert(0);
+
+    return FALSE;
+}
+
+void qemu_system_wakeup_request(WakeupReason reason, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+DisplayOptions *qmp_query_display_options(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+StatusInfo *qmp_query_status(Error **errp)
+{
+    qemu_debug_assert(0);
+
+    return NULL;
+}
+
+void qmp_watchdog_set_action(WatchdogAction action, Error **errp)
+{
+    qemu_debug_assert(0);
+}
+
+int select_watchdog_action(const char *p)
+{
+    qemu_debug_assert(0);
+
+    return -1;
+}
+
+void monitor_disas(Monitor *mon, CPUState *cpu,
+                   target_ulong pc, int nb_insn, int is_physical)
+{
+    qemu_debug_assert(0);
+}
+
+int wav_start_capture(CaptureState *s, const char *path, int freq,
+                      int bits, int nchannels)
+{
+    qemu_debug_assert(0);
+
+    return -1;
+}
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 39/45] multi-process/mon: build system for QMP module in remote process

[Jagannathan Raman]

Makefile changes necessary to compile QMP module for the remote process

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
---
 New patch in v3

 Makefile.objs         |  7 +++++++
 Makefile.target       | 20 +++++++++++++++++++-
 hw/core/Makefile.objs |  1 +
 monitor/Makefile.objs |  3 +++
 qapi/Makefile.objs    |  2 ++
 qom/Makefile.objs     |  1 +
 ui/Makefile.objs      |  2 ++
 7 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/Makefile.objs b/Makefile.objs
index f817cf6..04af900 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -30,6 +30,7 @@ remote-pci-obj-$(CONFIG_MPQEMU) += backends/
 remote-pci-obj-$(CONFIG_MPQEMU) += block/
 remote-pci-obj-$(CONFIG_MPQEMU) += migration/
 remote-pci-obj-$(CONFIG_MPQEMU) += remote/
+remote-pci-obj-$(CONFIG_MPQEMU) += monitor/
 
 remote-pci-obj-$(CONFIG_MPQEMU) += cpus-common.o
 remote-pci-obj-$(CONFIG_MPQEMU) += dma-helpers.o
@@ -42,6 +43,7 @@ remote-pci-obj-$(CONFIG_MPQEMU) += iothread.o
 # remote-lsi-obj-y is code used to implement remote LSI device
 
 remote-lsi-obj-$(CONFIG_MPQEMU) += hw/
+remote-lsi-obj-$(CONFIG_MPQEMU) += ui/
 
 #######################################################################
 # crypto-obj-y is code used by both qemu system emulation and qemu-img
@@ -112,6 +114,11 @@ common-obj-y += vl-parse.o
 common-obj-y += qapi/
 endif
 
+remote-pci-obj-$(CONFIG_MPQEMU) += qapi/
+remote-pci-obj-$(CONFIG_MPQEMU) += blockdev-nbd.o
+remote-pci-obj-$(CONFIG_MPQEMU) += job-qmp.o
+remote-pci-obj-$(CONFIG_MPQEMU) += balloon.o
+
 #######################################################################
 # Target-independent parts used in system and user emulation
 common-obj-y += cpus-common.o
diff --git a/Makefile.target b/Makefile.target
index ac545fc..0ca832f 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -135,11 +135,29 @@ remote-pci-tgt-obj-$(CONFIG_MPQEMU) += accel/stubs/hax-stub.o
 remote-pci-tgt-obj-$(CONFIG_MPQEMU) += accel/stubs/whpx-stub.o
 remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/vl-stub.o
 remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/net-stub.o
-remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/monitor.o
 remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/replay.o
 remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/xen-mapcache.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/migration.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/ui-stub.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/gdbstub.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/qapi-target.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += stubs/qapi-misc.o
 
 remote-pci-tgt-obj-$(CONFIG_MPQEMU) += remote/memory.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += arch_init.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += monitor/misc.o
+
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += qapi/qapi-introspect.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += qapi/qapi-commands-block-core.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += qapi/qapi-commands-block.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += qapi/qapi-commands-misc.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += qapi/qapi-commands.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += qapi/qapi-commands-machine-target.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += qapi/qapi-commands-misc-target.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += qapi/qapi-visit-machine-target.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += qapi/qapi-visit-misc-target.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += qapi/qapi-types-machine-target.o
+remote-pci-tgt-obj-$(CONFIG_MPQEMU) += qapi/qapi-types-misc-target.o
 
 #########################################################
 # Linux user emulator target
diff --git a/hw/core/Makefile.objs b/hw/core/Makefile.objs
index 0229f4b..d2c5658 100644
--- a/hw/core/Makefile.objs
+++ b/hw/core/Makefile.objs
@@ -42,3 +42,4 @@ remote-pci-obj-$(CONFIG_MPQEMU) += nmi.o
 remote-pci-obj-$(CONFIG_MPQEMU) += qdev-properties-system.o
 remote-pci-obj-$(CONFIG_MPQEMU) += qdev-fw.o
 remote-pci-obj-$(CONFIG_MPQEMU) += numa.o
+remote-pci-obj-$(CONFIG_MPQEMU) += machine-qmp-cmds.o
diff --git a/monitor/Makefile.objs b/monitor/Makefile.objs
index e91a858..11c42ec 100644
--- a/monitor/Makefile.objs
+++ b/monitor/Makefile.objs
@@ -1,3 +1,6 @@
 obj-y += misc.o
 common-obj-y += monitor.o qmp.o hmp.o
 common-obj-y += qmp-cmds.o hmp-cmds.o
+
+remote-pci-obj-$(CONFIG_MPQEMU) += monitor.o qmp.o hmp.o
+remote-pci-obj-$(CONFIG_MPQEMU) += qmp-cmds.o hmp-cmds.o
diff --git a/qapi/Makefile.objs b/qapi/Makefile.objs
index c5a29e8..972bdb2 100644
--- a/qapi/Makefile.objs
+++ b/qapi/Makefile.objs
@@ -30,3 +30,5 @@ obj-y += $(QAPI_TARGET_MODULES:%=qapi-events-%.o)
 obj-y += qapi-events.o
 obj-y += $(QAPI_TARGET_MODULES:%=qapi-commands-%.o)
 obj-y += qapi-commands.o
+
+remote-pci-obj-$(CONFIG_MPQEMU) += $(QAPI_COMMON_MODULES:%=qapi-commands-%.o)
diff --git a/qom/Makefile.objs b/qom/Makefile.objs
index 05da824..e42ea7a 100644
--- a/qom/Makefile.objs
+++ b/qom/Makefile.objs
@@ -7,3 +7,4 @@ common-obj-$(CONFIG_SOFTMMU) += qom-hmp-cmds.o qom-qmp-cmds.o
 remote-pci-obj-$(CONFIG_MPQEMU) += object.o qom-qobject.o container.o
 remote-pci-obj-$(CONFIG_MPQEMU) += object_interfaces.o
 remote-pci-obj-$(CONFIG_MPQEMU) += cpu.o
+remote-pci-obj-$(CONFIG_MPQEMU) += qom-qmp-cmds.o
diff --git a/ui/Makefile.objs b/ui/Makefile.objs
index cc2bf5b..7b5219d 100644
--- a/ui/Makefile.objs
+++ b/ui/Makefile.objs
@@ -65,3 +65,5 @@ console-gl.o-libs += $(OPENGL_LIBS)
 egl-helpers.o-libs += $(OPENGL_LIBS)
 egl-context.o-libs += $(OPENGL_LIBS)
 egl-headless.o-libs += $(OPENGL_LIBS)
+
+remote-lsi-obj-$(CONFIG_MPQEMU) += vnc-stubs.o
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 40/45] multi-process/mon: Refactor monitor/chardev functions out of vl.c

[Jagannathan Raman]

Some of the initialization helper functions w.r.t monitor & chardev
in vl.c are also used by the remote process. Therefore, these functions
are refactored into a shared file that both QEMU & remote process
could use.

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
---
 New patch in v3

 vl-parse.c | 92 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 vl.c       | 91 -------------------------------------------------------------
 vl.h       |  4 +++
 3 files changed, 96 insertions(+), 91 deletions(-)

diff --git a/vl-parse.c b/vl-parse.c
index d3716d1..bee904d 100644
--- a/vl-parse.c
+++ b/vl-parse.c
@@ -155,3 +155,95 @@ int device_init_func(void *opaque, QemuOpts *opts, Error **errp)
     object_unref(OBJECT(dev));
     return 0;
 }
+
+void monitor_parse(const char *optarg, const char *mode, bool pretty)
+{
+    static int monitor_device_index;
+    QemuOpts *opts;
+    const char *p;
+    char label[32];
+
+    if (strstart(optarg, "chardev:", &p)) {
+        snprintf(label, sizeof(label), "%s", p);
+    } else {
+        snprintf(label, sizeof(label), "compat_monitor%d",
+                 monitor_device_index);
+        opts = qemu_chr_parse_compat(label, optarg, true);
+        if (!opts) {
+            error_report("parse error: %s", optarg);
+            exit(1);
+        }
+    }
+
+    opts = qemu_opts_create(qemu_find_opts("mon"), label, 1, &error_fatal);
+    qemu_opt_set(opts, "mode", mode, &error_abort);
+    qemu_opt_set(opts, "chardev", label, &error_abort);
+    if (!strcmp(mode, "control")) {
+        qemu_opt_set_bool(opts, "pretty", pretty, &error_abort);
+    } else {
+        assert(pretty == false);
+    }
+    monitor_device_index++;
+}
+
+int mon_init_func(void *opaque, QemuOpts *opts, Error **errp)
+{
+    Chardev *chr;
+    bool qmp;
+    bool pretty = false;
+    const char *chardev;
+    const char *mode;
+
+    mode = qemu_opt_get(opts, "mode");
+    if (mode == NULL) {
+        mode = "readline";
+    }
+    if (strcmp(mode, "readline") == 0) {
+        qmp = false;
+    } else if (strcmp(mode, "control") == 0) {
+        qmp = true;
+    } else {
+        error_setg(errp, "unknown monitor mode \"%s\"", mode);
+        return -1;
+    }
+
+    if (!qmp && qemu_opt_get(opts, "pretty")) {
+        warn_report("'pretty' is deprecated for HMP monitors, it has no effect "
+                    "and will be removed in future versions");
+    }
+    if (qemu_opt_get_bool(opts, "pretty", 0)) {
+        pretty = true;
+    }
+
+    chardev = qemu_opt_get(opts, "chardev");
+    if (!chardev) {
+        error_report("chardev is required");
+        exit(1);
+    }
+    chr = qemu_chr_find(chardev);
+    if (chr == NULL) {
+        error_setg(errp, "chardev \"%s\" not found", chardev);
+        return -1;
+    }
+
+    if (qmp) {
+        monitor_init_qmp(chr, pretty);
+    } else {
+        monitor_init_hmp(chr, true);
+    }
+    return 0;
+}
+
+int chardev_init_func(void *opaque, QemuOpts *opts, Error **errp)
+{
+    Error *local_err = NULL;
+
+    if (!qemu_chr_new_from_opts(opts, NULL, &local_err)) {
+        if (local_err) {
+            error_propagate(errp, local_err);
+            return -1;
+        }
+        exit(0);
+    }
+    return 0;
+}
diff --git a/vl.c b/vl.c
index 08e9c09..3c03405 100644
--- a/vl.c
+++ b/vl.c
@@ -2264,19 +2264,6 @@ static int device_help_func(void *opaque, QemuOpts *opts, Error **errp)
     return qdev_device_help(opts);
 }
 
-static int chardev_init_func(void *opaque, QemuOpts *opts, Error **errp)
-{
-    Error *local_err = NULL;
-
-    if (!qemu_chr_new_from_opts(opts, NULL, &local_err)) {
-        if (local_err) {
-            error_propagate(errp, local_err);
-            return -1;
-        }
-        exit(0);
-    }
-    return 0;
-}
 
 #ifdef CONFIG_VIRTFS
 static int fsdev_init_func(void *opaque, QemuOpts *opts, Error **errp)
@@ -2285,84 +2272,6 @@ static int fsdev_init_func(void *opaque, QemuOpts *opts, Error **errp)
 }
 #endif
 
-static int mon_init_func(void *opaque, QemuOpts *opts, Error **errp)
-{
-    Chardev *chr;
-    bool qmp;
-    bool pretty = false;
-    const char *chardev;
-    const char *mode;
-
-    mode = qemu_opt_get(opts, "mode");
-    if (mode == NULL) {
-        mode = "readline";
-    }
-    if (strcmp(mode, "readline") == 0) {
-        qmp = false;
-    } else if (strcmp(mode, "control") == 0) {
-        qmp = true;
-    } else {
-        error_setg(errp, "unknown monitor mode \"%s\"", mode);
-        return -1;
-    }
-
-    if (!qmp && qemu_opt_get(opts, "pretty")) {
-        warn_report("'pretty' is deprecated for HMP monitors, it has no effect "
-                    "and will be removed in future versions");
-    }
-    if (qemu_opt_get_bool(opts, "pretty", 0)) {
-        pretty = true;
-    }
-
-    chardev = qemu_opt_get(opts, "chardev");
-    if (!chardev) {
-        error_report("chardev is required");
-        exit(1);
-    }
-    chr = qemu_chr_find(chardev);
-    if (chr == NULL) {
-        error_setg(errp, "chardev \"%s\" not found", chardev);
-        return -1;
-    }
-
-    if (qmp) {
-        monitor_init_qmp(chr, pretty);
-    } else {
-        monitor_init_hmp(chr, true);
-    }
-    return 0;
-}
-
-static void monitor_parse(const char *optarg, const char *mode, bool pretty)
-{
-    static int monitor_device_index = 0;
-    QemuOpts *opts;
-    const char *p;
-    char label[32];
-
-    if (strstart(optarg, "chardev:", &p)) {
-        snprintf(label, sizeof(label), "%s", p);
-    } else {
-        snprintf(label, sizeof(label), "compat_monitor%d",
-                 monitor_device_index);
-        opts = qemu_chr_parse_compat(label, optarg, true);
-        if (!opts) {
-            error_report("parse error: %s", optarg);
-            exit(1);
-        }
-    }
-
-    opts = qemu_opts_create(qemu_find_opts("mon"), label, 1, &error_fatal);
-    qemu_opt_set(opts, "mode", mode, &error_abort);
-    qemu_opt_set(opts, "chardev", label, &error_abort);
-    if (!strcmp(mode, "control")) {
-        qemu_opt_set_bool(opts, "pretty", pretty, &error_abort);
-    } else {
-        assert(pretty == false);
-    }
-    monitor_device_index++;
-}
-
 struct device_config {
     enum {
         DEV_USB,       /* -usbdevice     */
diff --git a/vl.h b/vl.h
index 8c40fed..21ca747 100644
--- a/vl.h
+++ b/vl.h
@@ -50,5 +50,9 @@ int device_init_func(void *opaque, QemuOpts *opts, Error **errp);
 int rdrive_init_func(void *opaque, QemuOpts *opts, Error **errp);
 int rdevice_init_func(void *opaque, QemuOpts *opts, Error **errp);
 
+void monitor_parse(const char *optarg, const char *mode, bool pretty);
+int mon_init_func(void *opaque, QemuOpts *opts, Error **errp);
+int chardev_init_func(void *opaque, QemuOpts *opts, Error **errp);
+
 #endif /* VL_H */
 
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 41/45] multi-process/mon: trim HMP command set for remote storage processes

[Jagannathan Raman]

Trim down the list of HMP commands available for storage class of
remote processes.

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
---
 New patch in v3

 Makefile.objs              |   2 +
 Makefile.target            |  14 +-
 hmp-scsi-commands-info.hx  | 167 ++++++++++++++++++++
 hmp-scsi-commands.hx       | 384 +++++++++++++++++++++++++++++++++++++++++++++
 monitor/misc.c             |  84 +++++-----
 monitor/monitor-internal.h |  38 +++++
 qom/Makefile.objs          |   2 +-
 7 files changed, 651 insertions(+), 40 deletions(-)
 create mode 100644 hmp-scsi-commands-info.hx
 create mode 100644 hmp-scsi-commands.hx

diff --git a/Makefile.objs b/Makefile.objs
index 04af900..11cd7be 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -45,6 +45,8 @@ remote-pci-obj-$(CONFIG_MPQEMU) += iothread.o
 remote-lsi-obj-$(CONFIG_MPQEMU) += hw/
 remote-lsi-obj-$(CONFIG_MPQEMU) += ui/
 
+remote-lsi-obj-$(CONFIG_MPQEMU) += device-hotplug.o
+
 #######################################################################
 # crypto-obj-y is code used by both qemu system emulation and qemu-img
 
diff --git a/Makefile.target b/Makefile.target
index 0ca832f..00a4b85 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -210,6 +210,10 @@ endif
 generated-files-y += hmp-commands.h hmp-commands-info.h
 generated-files-y += config-devices.h
 
+ifdef CONFIG_MPQEMU
+generated-files-y += hmp-scsi-commands.h hmp-scsi-commands-info.h
+endif
+
 endif # CONFIG_SOFTMMU
 
 dummy := $(call unnest-vars,,obj-y)
@@ -294,10 +298,18 @@ hmp-commands.h: $(SRC_PATH)/hmp-commands.hx $(SRC_PATH)/scripts/hxtool
 hmp-commands-info.h: $(SRC_PATH)/hmp-commands-info.hx $(SRC_PATH)/scripts/hxtool
 	$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$(TARGET_DIR)$@")
 
+ifdef CONFIG_MPQEMU
+hmp-scsi-commands.h: $(SRC_PATH)/hmp-scsi-commands.hx $(SRC_PATH)/scripts/hxtool
+	$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$(TARGET_DIR)$@")
+
+hmp-scsi-commands-info.h: $(SRC_PATH)/hmp-scsi-commands-info.hx $(SRC_PATH)/scripts/hxtool
+	$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$(TARGET_DIR)$@")
+endif
+
 clean: clean-target
 	rm -f *.a *~ $(PROGS)
 	rm -f $(shell find . -name '*.[od]')
-	rm -f hmp-commands.h gdbstub-xml.c
+	rm -f hmp-commands.h gdbstub-xml.c hmp-scsi-commands.h hmp-scsi-commands-info.h
 	rm -f trace/generated-helpers.c trace/generated-helpers.c-timestamp
 ifdef CONFIG_TRACE_SYSTEMTAP
 	rm -f *.stp
diff --git a/hmp-scsi-commands-info.hx b/hmp-scsi-commands-info.hx
new file mode 100644
index 0000000..315a445
--- /dev/null
+++ b/hmp-scsi-commands-info.hx
@@ -0,0 +1,167 @@
+HXCOMM Use DEFHEADING() to define headings in both help text and texi
+HXCOMM Text between STEXI and ETEXI are copied to texi version and
+HXCOMM discarded from C version
+HXCOMM DEF(command, args, callback, arg_string, help) is used to construct
+HXCOMM monitor info commands
+HXCOMM HXCOMM can be used for comments, discarded from both texi and C
+
+STEXI
+@table @option
+@item info @var{subcommand}
+@findex info
+Show various information about the system state.
+@table @option
+ETEXI
+
+    {
+        .name       = "version",
+        .args_type  = "",
+        .params     = "",
+        .help       = "show the version of QEMU",
+        .cmd        = hmp_info_version,
+        .flags      = "p",
+    },
+
+STEXI
+@item info version
+@findex info version
+Show the version of QEMU.
+ETEXI
+
+    {
+        .name       = "chardev",
+        .args_type  = "",
+        .params     = "",
+        .help       = "show the character devices",
+        .cmd        = hmp_info_chardev,
+        .flags      = "p",
+    },
+
+STEXI
+@item info chardev
+@findex info chardev
+Show the character devices.
+ETEXI
+
+    {
+        .name       = "block",
+        .args_type  = "nodes:-n,verbose:-v,device:B?",
+        .params     = "[-n] [-v] [device]",
+        .help       = "show info of one block device or all block devices "
+                      "(-n: show named nodes; -v: show details)",
+        .cmd        = hmp_info_block,
+    },
+
+STEXI
+@item info block
+@findex info block
+Show info of one block device or all block devices.
+ETEXI
+
+    {
+        .name       = "blockstats",
+        .args_type  = "",
+        .params     = "",
+        .help       = "show block device statistics",
+        .cmd        = hmp_info_blockstats,
+    },
+
+STEXI
+@item info blockstats
+@findex info blockstats
+Show block device statistics.
+ETEXI
+
+    {
+        .name       = "block-jobs",
+        .args_type  = "",
+        .params     = "",
+        .help       = "show progress of ongoing block device operations",
+        .cmd        = hmp_info_block_jobs,
+    },
+
+STEXI
+@item info block-jobs
+@findex info block-jobs
+Show progress of ongoing block device operations.
+ETEXI
+
+    {
+        .name       = "history",
+        .args_type  = "",
+        .params     = "",
+        .help       = "show the command line history",
+        .cmd        = hmp_info_history,
+        .flags      = "p",
+    },
+
+STEXI
+@item info history
+@findex info history
+Show the command line history.
+ETEXI
+
+    {
+        .name       = "pci",
+        .args_type  = "",
+        .params     = "",
+        .help       = "show PCI info",
+        .cmd        = hmp_info_pci,
+    },
+
+STEXI
+@item info pci
+@findex info pci
+Show PCI information.
+ETEXI
+
+    {
+        .name       = "qtree",
+        .args_type  = "",
+        .params     = "",
+        .help       = "show device tree",
+        .cmd        = hmp_info_qtree,
+    },
+
+STEXI
+@item info qtree
+@findex info qtree
+Show device tree.
+ETEXI
+
+    {
+        .name       = "qdm",
+        .args_type  = "",
+        .params     = "",
+        .help       = "show qdev device model list",
+        .cmd        = hmp_info_qdm,
+    },
+
+STEXI
+@item info qdm
+@findex info qdm
+Show qdev device model list.
+ETEXI
+
+    {
+        .name       = "qom-tree",
+        .args_type  = "path:s?",
+        .params     = "[path]",
+        .help       = "show QOM composition tree",
+        .cmd        = hmp_info_qom_tree,
+        .flags      = "p",
+    },
+
+STEXI
+@item info qom-tree
+@findex info qom-tree
+Show QOM composition tree.
+ETEXI
+
+STEXI
+@end table
+ETEXI
+
+STEXI
+@end table
+ETEXI
diff --git a/hmp-scsi-commands.hx b/hmp-scsi-commands.hx
new file mode 100644
index 0000000..d3438f3
--- /dev/null
+++ b/hmp-scsi-commands.hx
@@ -0,0 +1,384 @@
+HXCOMM Use DEFHEADING() to define headings in both help text and texi
+HXCOMM Text between STEXI and ETEXI are copied to texi version and
+HXCOMM discarded from C version
+HXCOMM DEF(command, args, callback, arg_string, help) is used to construct
+HXCOMM monitor commands
+HXCOMM HXCOMM can be used for comments, discarded from both texi and C
+
+STEXI
+@table @option
+ETEXI
+
+    {
+        .name       = "help|?",
+        .args_type  = "name:S?",
+        .params     = "[cmd]",
+        .help       = "show the help",
+        .cmd        = do_help_cmd,
+        .flags      = "p",
+    },
+
+STEXI
+@item help or ? [@var{cmd}]
+@findex help
+Show the help for all commands or just for command @var{cmd}.
+ETEXI
+
+    {
+        .name       = "q|quit",
+        .args_type  = "",
+        .params     = "",
+        .help       = "quit the emulator",
+        .cmd        = hmp_quit,
+    },
+
+STEXI
+@item q or quit
+@findex quit
+Quit the emulator.
+ETEXI
+
+    {
+        .name       = "block_resize",
+        .args_type  = "device:B,size:o",
+        .params     = "device size",
+        .help       = "resize a block image",
+        .cmd        = hmp_block_resize,
+    },
+
+STEXI
+@item block_resize
+@findex block_resize
+Resize a block image while a guest is running.  Usually requires guest
+action to see the updated size.  Resize to a lower size is supported,
+but should be used with extreme caution.  Note that this command only
+resizes image files, it can not resize block devices like LVM volumes.
+ETEXI
+
+    {
+        .name       = "block_stream",
+        .args_type  = "device:B,speed:o?,base:s?",
+        .params     = "device [speed [base]]",
+        .help       = "copy data from a backing file into a block device",
+        .cmd        = hmp_block_stream,
+    },
+
+STEXI
+@item block_stream
+@findex block_stream
+Copy data from a backing file into a block device.
+ETEXI
+
+    {
+        .name       = "block_job_set_speed",
+        .args_type  = "device:B,speed:o",
+        .params     = "device speed",
+        .help       = "set maximum speed for a background block operation",
+        .cmd        = hmp_block_job_set_speed,
+    },
+
+STEXI
+@item block_job_set_speed
+@findex block_job_set_speed
+Set maximum speed for a background block operation.
+ETEXI
+
+    {
+        .name       = "block_job_cancel",
+        .args_type  = "force:-f,device:B",
+        .params     = "[-f] device",
+        .help       = "stop an active background block operation (use -f"
+                      "\n\t\t\t if you want to abort the operation immediately"
+                      "\n\t\t\t instead of keep running until data is in sync)",
+        .cmd        = hmp_block_job_cancel,
+    },
+
+STEXI
+@item block_job_cancel
+@findex block_job_cancel
+Stop an active background block operation (streaming, mirroring).
+ETEXI
+
+    {
+        .name       = "block_job_complete",
+        .args_type  = "device:B",
+        .params     = "device",
+        .help       = "stop an active background block operation",
+        .cmd        = hmp_block_job_complete,
+    },
+
+STEXI
+@item block_job_complete
+@findex block_job_complete
+Manually trigger completion of an active background block operation.
+For mirroring, this will switch the device to the destination path.
+ETEXI
+
+    {
+        .name       = "block_job_pause",
+        .args_type  = "device:B",
+        .params     = "device",
+        .help       = "pause an active background block operation",
+        .cmd        = hmp_block_job_pause,
+    },
+
+STEXI
+@item block_job_pause
+@findex block_job_pause
+Pause an active block streaming operation.
+ETEXI
+
+    {
+        .name       = "block_job_resume",
+        .args_type  = "device:B",
+        .params     = "device",
+        .help       = "resume a paused background block operation",
+        .cmd        = hmp_block_job_resume,
+    },
+
+STEXI
+@item block_job_resume
+@findex block_job_resume
+Resume a paused block streaming operation.
+ETEXI
+
+    {
+        .name       = "eject",
+        .args_type  = "force:-f,device:B",
+        .params     = "[-f] device",
+        .help       = "eject a removable medium (use -f to force it)",
+        .cmd        = hmp_eject,
+    },
+
+STEXI
+@item eject [-f] @var{device}
+@findex eject
+Eject a removable medium (use -f to force it).
+ETEXI
+
+    {
+        .name       = "drive_del",
+        .args_type  = "id:B",
+        .params     = "device",
+        .help       = "remove host block device",
+        .cmd        = hmp_drive_del,
+    },
+
+STEXI
+@item drive_del @var{device}
+@findex drive_del
+Remove host block device.  The result is that guest generated IO is no longer
+submitted against the host device underlying the disk.  Once a drive has
+been deleted, the QEMU Block layer returns -EIO which results in IO
+errors in the guest for applications that are reading/writing to the device.
+These errors are always reported to the guest, regardless of the drive's error
+actions (drive options rerror, werror).
+ETEXI
+
+    {
+        .name       = "change",
+        .args_type  = "device:B,target:F,arg:s?,read-only-mode:s?",
+        .params     = "device filename [format [read-only-mode]]",
+        .help       = "change a removable medium, optional format",
+        .cmd        = hmp_change,
+    },
+
+STEXI
+@item change @var{device} @var{setting}
+@findex change
+Change the configuration of a device.
+
+@table @option
+@item change @var{diskdevice} @var{filename} [@var{format} [@var{read-only-mode}]]
+Change the medium for a removable disk device to point to @var{filename}. eg
+
+@example
+(qemu) change ide1-cd0 /path/to/some.iso
+@end example
+
+@var{format} is optional.
+
+@var{read-only-mode} may be used to change the read-only status of the device.
+It accepts the following values:
+
+@table @var
+@item retain
+Retains the current status; this is the default.
+
+@item read-only
+Makes the device read-only.
+
+@item read-write
+Makes the device writable.
+@end table
+
+@item change vnc @var{display},@var{options}
+Change the configuration of the VNC server. The valid syntax for @var{display}
+and @var{options} are described at @ref{sec_invocation}. eg
+
+@example
+(qemu) change vnc localhost:1
+@end example
+
+@item change vnc password [@var{password}]
+
+Change the password associated with the VNC server. If the new password is not
+supplied, the monitor will prompt for it to be entered. VNC passwords are only
+significant up to 8 letters. eg
+
+@example
+(qemu) change vnc password
+Password: ********
+@end example
+
+@end table
+ETEXI
+
+    {
+        .name       = "device_add",
+        .args_type  = "device:O",
+        .params     = "driver[,prop=value][,...]",
+        .help       = "add device, like -device on the command line",
+        .cmd        = hmp_device_add,
+        .command_completion = device_add_completion,
+    },
+
+STEXI
+@item device_add @var{config}
+@findex device_add
+Add device.
+ETEXI
+
+    {
+        .name       = "device_del",
+        .args_type  = "id:s",
+        .params     = "device",
+        .help       = "remove device",
+        .cmd        = hmp_device_del,
+        .command_completion = device_del_completion,
+    },
+
+STEXI
+@item device_del @var{id}
+@findex device_del
+Remove device @var{id}. @var{id} may be a short ID
+or a QOM object path.
+ETEXI
+
+    {
+        .name       = "drive_backup",
+        .args_type  = "reuse:-n,full:-f,compress:-c,device:B,target:s,format:s?",
+        .params     = "[-n] [-f] [-c] device target [format]",
+        .help       = "initiates a point-in-time\n\t\t\t"
+                      "copy for a device. The device's contents are\n\t\t\t"
+                      "copied to the new image file, excluding data that\n\t\t\t"
+                      "is written after the command is started.\n\t\t\t"
+                      "The -n flag requests QEMU to reuse the image found\n\t\t\t"
+                      "in new-image-file, instead of recreating it from scratch.\n\t\t\t"
+                      "The -f flag requests QEMU to copy the whole disk,\n\t\t\t"
+                      "so that the result does not need a backing file.\n\t\t\t"
+                      "The -c flag requests QEMU to compress backup data\n\t\t\t"
+                      "(if the target format supports it).\n\t\t\t",
+        .cmd        = hmp_drive_backup,
+    },
+STEXI
+@item drive_backup
+@findex drive_backup
+Start a point-in-time copy of a block device to a specificed target.
+ETEXI
+
+    {
+        .name       = "drive_add",
+        .args_type  = "node:-n,pci_addr:s,opts:s",
+        .params     = "[-n] [[<domain>:]<bus>:]<slot>\n"
+                      "[file=file][,if=type][,bus=n]\n"
+                      "[,unit=m][,media=d][,index=i]\n"
+                      "[,snapshot=on|off][,cache=on|off]\n"
+                      "[,readonly=on|off][,copy-on-read=on|off]",
+        .help       = "add drive to PCI storage controller",
+        .cmd        = hmp_drive_add,
+    },
+
+STEXI
+@item drive_add
+@findex drive_add
+Add drive to PCI storage controller.
+ETEXI
+
+    {
+        .name       = "chardev-add",
+        .args_type  = "args:s",
+        .params     = "args",
+        .help       = "add chardev",
+        .cmd        = hmp_chardev_add,
+        .command_completion = chardev_add_completion,
+    },
+
+STEXI
+@item chardev-add args
+@findex chardev-add
+chardev-add accepts the same parameters as the -chardev command line switch.
+
+ETEXI
+
+    {
+        .name       = "chardev-change",
+        .args_type  = "id:s,args:s",
+        .params     = "id args",
+        .help       = "change chardev",
+        .cmd        = hmp_chardev_change,
+    },
+
+STEXI
+@item chardev-change args
+@findex chardev-change
+chardev-change accepts existing chardev @var{id} and then the same arguments
+as the -chardev command line switch (except for "id").
+
+ETEXI
+
+    {
+        .name       = "chardev-remove",
+        .args_type  = "id:s",
+        .params     = "id",
+        .help       = "remove chardev",
+        .cmd        = hmp_chardev_remove,
+        .command_completion = chardev_remove_completion,
+    },
+
+STEXI
+@item chardev-remove id
+@findex chardev-remove
+Removes the chardev @var{id}.
+
+ETEXI
+
+    {
+        .name       = "chardev-send-break",
+        .args_type  = "id:s",
+        .params     = "id",
+        .help       = "send a break on chardev",
+        .cmd        = hmp_chardev_send_break,
+        .command_completion = chardev_remove_completion,
+    },
+
+STEXI
+@item chardev-send-break id
+@findex chardev-send-break
+Send a break on the chardev @var{id}.
+
+ETEXI
+
+    {
+        .name       = "info",
+        .args_type  = "item:s?",
+        .params     = "[subcommand]",
+        .help       = "show various information about the system state",
+        .cmd        = hmp_info_help,
+        .sub_table  = hmp_info_cmds,
+        .flags      = "p",
+    },
+
+STEXI
+@end table
+ETEXI
diff --git a/monitor/misc.c b/monitor/misc.c
index 00338c0..4914f46 100644
--- a/monitor/misc.c
+++ b/monitor/misc.c
@@ -176,12 +176,12 @@ int hmp_compare_cmd(const char *name, const char *list)
     return 0;
 }
 
-static void do_help_cmd(Monitor *mon, const QDict *qdict)
+void do_help_cmd(Monitor *mon, const QDict *qdict)
 {
     help_cmd(mon, qdict_get_try_str(qdict, "name"));
 }
 
-static void hmp_trace_event(Monitor *mon, const QDict *qdict)
+void hmp_trace_event(Monitor *mon, const QDict *qdict)
 {
     const char *tp_name = qdict_get_str(qdict, "name");
     bool new_state = qdict_get_bool(qdict, "option");
@@ -225,7 +225,7 @@ static void hmp_trace_file(Monitor *mon, const QDict *qdict)
 }
 #endif
 
-static void hmp_info_help(Monitor *mon, const QDict *qdict)
+void hmp_info_help(Monitor *mon, const QDict *qdict)
 {
     help_cmd(mon, "info");
 }
@@ -436,7 +436,7 @@ int monitor_get_cpu_index(void)
     return cs ? cs->cpu_index : UNASSIGNED_CPU_INDEX;
 }
 
-static void hmp_info_registers(Monitor *mon, const QDict *qdict)
+void hmp_info_registers(Monitor *mon, const QDict *qdict)
 {
     bool all_cpus = qdict_get_try_bool(qdict, "cpustate_all", false);
     CPUState *cs;
@@ -459,7 +459,7 @@ static void hmp_info_registers(Monitor *mon, const QDict *qdict)
 }
 
 #ifdef CONFIG_TCG
-static void hmp_info_jit(Monitor *mon, const QDict *qdict)
+void hmp_info_jit(Monitor *mon, const QDict *qdict)
 {
     if (!tcg_enabled()) {
         error_report("JIT information is only available with accel=tcg");
@@ -470,13 +470,13 @@ static void hmp_info_jit(Monitor *mon, const QDict *qdict)
     dump_drift_info();
 }
 
-static void hmp_info_opcount(Monitor *mon, const QDict *qdict)
+void hmp_info_opcount(Monitor *mon, const QDict *qdict)
 {
     dump_opcount_info();
 }
 #endif
 
-static void hmp_info_sync_profile(Monitor *mon, const QDict *qdict)
+void hmp_info_sync_profile(Monitor *mon, const QDict *qdict)
 {
     int64_t max = qdict_get_try_int(qdict, "max", 10);
     bool mean = qdict_get_try_bool(qdict, "mean", false);
@@ -487,7 +487,7 @@ static void hmp_info_sync_profile(Monitor *mon, const QDict *qdict)
     qsp_report(max, sort_by, coalesce);
 }
 
-static void hmp_info_history(Monitor *mon, const QDict *qdict)
+void hmp_info_history(Monitor *mon, const QDict *qdict)
 {
     MonitorHMP *hmp_mon = container_of(mon, MonitorHMP, common);
     int i;
@@ -507,7 +507,7 @@ static void hmp_info_history(Monitor *mon, const QDict *qdict)
     }
 }
 
-static void hmp_info_cpustats(Monitor *mon, const QDict *qdict)
+void hmp_info_cpustats(Monitor *mon, const QDict *qdict)
 {
     CPUState *cs = mon_get_cpu();
 
@@ -518,7 +518,7 @@ static void hmp_info_cpustats(Monitor *mon, const QDict *qdict)
     cpu_dump_statistics(cs, 0);
 }
 
-static void hmp_info_trace_events(Monitor *mon, const QDict *qdict)
+void hmp_info_trace_events(Monitor *mon, const QDict *qdict)
 {
     const char *name = qdict_get_try_str(qdict, "name");
     bool has_vcpu = qdict_haskey(qdict, "vcpu");
@@ -578,7 +578,7 @@ void qmp_client_migrate_info(const char *protocol, const char *hostname,
     error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "protocol", "spice");
 }
 
-static void hmp_logfile(Monitor *mon, const QDict *qdict)
+void hmp_logfile(Monitor *mon, const QDict *qdict)
 {
     Error *err = NULL;
 
@@ -588,7 +588,7 @@ static void hmp_logfile(Monitor *mon, const QDict *qdict)
     }
 }
 
-static void hmp_log(Monitor *mon, const QDict *qdict)
+void hmp_log(Monitor *mon, const QDict *qdict)
 {
     int mask;
     const char *items = qdict_get_str(qdict, "items");
@@ -605,7 +605,7 @@ static void hmp_log(Monitor *mon, const QDict *qdict)
     qemu_set_log(mask);
 }
 
-static void hmp_singlestep(Monitor *mon, const QDict *qdict)
+void hmp_singlestep(Monitor *mon, const QDict *qdict)
 {
     const char *option = qdict_get_try_str(qdict, "option");
     if (!option || !strcmp(option, "on")) {
@@ -617,7 +617,7 @@ static void hmp_singlestep(Monitor *mon, const QDict *qdict)
     }
 }
 
-static void hmp_gdbserver(Monitor *mon, const QDict *qdict)
+void hmp_gdbserver(Monitor *mon, const QDict *qdict)
 {
     const char *device = qdict_get_try_str(qdict, "device");
     if (!device)
@@ -633,7 +633,7 @@ static void hmp_gdbserver(Monitor *mon, const QDict *qdict)
     }
 }
 
-static void hmp_watchdog_action(Monitor *mon, const QDict *qdict)
+void hmp_watchdog_action(Monitor *mon, const QDict *qdict)
 {
     const char *action = qdict_get_str(qdict, "action");
     if (select_watchdog_action(action) == -1) {
@@ -775,7 +775,7 @@ static void memory_dump(Monitor *mon, int count, int format, int wsize,
     }
 }
 
-static void hmp_memory_dump(Monitor *mon, const QDict *qdict)
+void hmp_memory_dump(Monitor *mon, const QDict *qdict)
 {
     int count = qdict_get_int(qdict, "count");
     int format = qdict_get_int(qdict, "format");
@@ -785,7 +785,7 @@ static void hmp_memory_dump(Monitor *mon, const QDict *qdict)
     memory_dump(mon, count, format, size, addr, 0);
 }
 
-static void hmp_physical_memory_dump(Monitor *mon, const QDict *qdict)
+void hmp_physical_memory_dump(Monitor *mon, const QDict *qdict)
 {
     int count = qdict_get_int(qdict, "count");
     int format = qdict_get_int(qdict, "format");
@@ -815,7 +815,7 @@ static void *gpa2hva(MemoryRegion **p_mr, hwaddr addr, Error **errp)
     return qemu_map_ram_ptr(mrs.mr->ram_block, mrs.offset_within_region);
 }
 
-static void hmp_gpa2hva(Monitor *mon, const QDict *qdict)
+void hmp_gpa2hva(Monitor *mon, const QDict *qdict)
 {
     hwaddr addr = qdict_get_int(qdict, "addr");
     Error *local_err = NULL;
@@ -835,7 +835,7 @@ static void hmp_gpa2hva(Monitor *mon, const QDict *qdict)
     memory_region_unref(mr);
 }
 
-static void hmp_gva2gpa(Monitor *mon, const QDict *qdict)
+void hmp_gva2gpa(Monitor *mon, const QDict *qdict)
 {
     target_ulong addr = qdict_get_int(qdict, "addr");
     MemTxAttrs attrs;
@@ -890,7 +890,7 @@ out:
     return ret;
 }
 
-static void hmp_gpa2hpa(Monitor *mon, const QDict *qdict)
+void hmp_gpa2hpa(Monitor *mon, const QDict *qdict)
 {
     hwaddr addr = qdict_get_int(qdict, "addr");
     Error *local_err = NULL;
@@ -917,7 +917,7 @@ static void hmp_gpa2hpa(Monitor *mon, const QDict *qdict)
 }
 #endif
 
-static void do_print(Monitor *mon, const QDict *qdict)
+void do_print(Monitor *mon, const QDict *qdict)
 {
     int format = qdict_get_int(qdict, "format");
     hwaddr val = qdict_get_int(qdict, "val");
@@ -943,7 +943,7 @@ static void do_print(Monitor *mon, const QDict *qdict)
     monitor_printf(mon, "\n");
 }
 
-static void hmp_sum(Monitor *mon, const QDict *qdict)
+void hmp_sum(Monitor *mon, const QDict *qdict)
 {
     uint32_t addr;
     uint16_t sum;
@@ -963,7 +963,7 @@ static void hmp_sum(Monitor *mon, const QDict *qdict)
 
 static int mouse_button_state;
 
-static void hmp_mouse_move(Monitor *mon, const QDict *qdict)
+void hmp_mouse_move(Monitor *mon, const QDict *qdict)
 {
     int dx, dy, dz, button;
     const char *dx_str = qdict_get_str(qdict, "dx_str");
@@ -987,7 +987,7 @@ static void hmp_mouse_move(Monitor *mon, const QDict *qdict)
     qemu_input_event_sync();
 }
 
-static void hmp_mouse_button(Monitor *mon, const QDict *qdict)
+void hmp_mouse_button(Monitor *mon, const QDict *qdict)
 {
     static uint32_t bmap[INPUT_BUTTON__MAX] = {
         [INPUT_BUTTON_LEFT]       = MOUSE_EVENT_LBUTTON,
@@ -1004,7 +1004,7 @@ static void hmp_mouse_button(Monitor *mon, const QDict *qdict)
     mouse_button_state = button_state;
 }
 
-static void hmp_ioport_read(Monitor *mon, const QDict *qdict)
+void hmp_ioport_read(Monitor *mon, const QDict *qdict)
 {
     int size = qdict_get_int(qdict, "size");
     int addr = qdict_get_int(qdict, "addr");
@@ -1038,7 +1038,7 @@ static void hmp_ioport_read(Monitor *mon, const QDict *qdict)
                    suffix, addr, size * 2, val);
 }
 
-static void hmp_ioport_write(Monitor *mon, const QDict *qdict)
+void hmp_ioport_write(Monitor *mon, const QDict *qdict)
 {
     int size = qdict_get_int(qdict, "size");
     int addr = qdict_get_int(qdict, "addr");
@@ -1060,7 +1060,7 @@ static void hmp_ioport_write(Monitor *mon, const QDict *qdict)
     }
 }
 
-static void hmp_boot_set(Monitor *mon, const QDict *qdict)
+void hmp_boot_set(Monitor *mon, const QDict *qdict)
 {
     Error *local_err = NULL;
     const char *bootdevice = qdict_get_str(qdict, "bootdevice");
@@ -1073,7 +1073,7 @@ static void hmp_boot_set(Monitor *mon, const QDict *qdict)
     }
 }
 
-static void hmp_info_mtree(Monitor *mon, const QDict *qdict)
+void hmp_info_mtree(Monitor *mon, const QDict *qdict)
 {
     bool flatview = qdict_get_try_bool(qdict, "flatview", false);
     bool dispatch_tree = qdict_get_try_bool(qdict, "dispatch_tree", false);
@@ -1086,7 +1086,7 @@ static void hmp_info_mtree(Monitor *mon, const QDict *qdict)
 
 int64_t dev_time;
 
-static void hmp_info_profile(Monitor *mon, const QDict *qdict)
+void hmp_info_profile(Monitor *mon, const QDict *qdict)
 {
     static int64_t last_cpu_exec_time;
     int64_t cpu_exec_time;
@@ -1103,7 +1103,7 @@ static void hmp_info_profile(Monitor *mon, const QDict *qdict)
     dev_time = 0;
 }
 #else
-static void hmp_info_profile(Monitor *mon, const QDict *qdict)
+void hmp_info_profile(Monitor *mon, const QDict *qdict)
 {
     monitor_printf(mon, "Internal profiler not compiled\n");
 }
@@ -1112,7 +1112,7 @@ static void hmp_info_profile(Monitor *mon, const QDict *qdict)
 /* Capture support */
 static QLIST_HEAD (capture_list_head, CaptureState) capture_head;
 
-static void hmp_info_capture(Monitor *mon, const QDict *qdict)
+void hmp_info_capture(Monitor *mon, const QDict *qdict)
 {
     int i;
     CaptureState *s;
@@ -1123,7 +1123,7 @@ static void hmp_info_capture(Monitor *mon, const QDict *qdict)
     }
 }
 
-static void hmp_stopcapture(Monitor *mon, const QDict *qdict)
+void hmp_stopcapture(Monitor *mon, const QDict *qdict)
 {
     int i;
     int n = qdict_get_int(qdict, "n");
@@ -1139,7 +1139,7 @@ static void hmp_stopcapture(Monitor *mon, const QDict *qdict)
     }
 }
 
-static void hmp_wavcapture(Monitor *mon, const QDict *qdict)
+void hmp_wavcapture(Monitor *mon, const QDict *qdict)
 {
     const char *path = qdict_get_str(qdict, "path");
     int has_freq = qdict_haskey(qdict, "freq");
@@ -1192,7 +1192,7 @@ static void hmp_warn_acl(void)
     warn_acl = true;
 }
 
-static void hmp_acl_show(Monitor *mon, const QDict *qdict)
+void hmp_acl_show(Monitor *mon, const QDict *qdict)
 {
     const char *aclname = qdict_get_str(qdict, "aclname");
     QAuthZList *auth = find_auth(mon, aclname);
@@ -1219,7 +1219,7 @@ static void hmp_acl_show(Monitor *mon, const QDict *qdict)
     }
 }
 
-static void hmp_acl_reset(Monitor *mon, const QDict *qdict)
+void hmp_acl_reset(Monitor *mon, const QDict *qdict)
 {
     const char *aclname = qdict_get_str(qdict, "aclname");
     QAuthZList *auth = find_auth(mon, aclname);
@@ -1236,7 +1236,7 @@ static void hmp_acl_reset(Monitor *mon, const QDict *qdict)
     monitor_printf(mon, "acl: removed all rules\n");
 }
 
-static void hmp_acl_policy(Monitor *mon, const QDict *qdict)
+void hmp_acl_policy(Monitor *mon, const QDict *qdict)
 {
     const char *aclname = qdict_get_str(qdict, "aclname");
     const char *policy = qdict_get_str(qdict, "policy");
@@ -1277,7 +1277,7 @@ static QAuthZListFormat hmp_acl_get_format(const char *match)
     }
 }
 
-static void hmp_acl_add(Monitor *mon, const QDict *qdict)
+void hmp_acl_add(Monitor *mon, const QDict *qdict)
 {
     const char *aclname = qdict_get_str(qdict, "aclname");
     const char *match = qdict_get_str(qdict, "match");
@@ -1330,7 +1330,7 @@ static void hmp_acl_add(Monitor *mon, const QDict *qdict)
     }
 }
 
-static void hmp_acl_remove(Monitor *mon, const QDict *qdict)
+void hmp_acl_remove(Monitor *mon, const QDict *qdict)
 {
     const char *aclname = qdict_get_str(qdict, "aclname");
     const char *match = qdict_get_str(qdict, "match");
@@ -1799,13 +1799,21 @@ int monitor_fd_param(Monitor *mon, const char *fdname, Error **errp)
 
 /* Please update hmp-commands.hx when adding or changing commands */
 static HMPCommand hmp_info_cmds[] = {
+#if defined(SCSI_PROCESS)
+#include "hmp-scsi-commands-info.h"
+#else
 #include "hmp-commands-info.h"
+#endif
     { NULL, NULL, },
 };
 
 /* hmp_cmds and hmp_info_cmds would be sorted at runtime */
 HMPCommand hmp_cmds[] = {
+#if defined(SCSI_PROCESS)
+#include "hmp-scsi-commands.h"
+#else
 #include "hmp-commands.h"
+#endif
     { NULL, NULL, },
 };
 
diff --git a/monitor/monitor-internal.h b/monitor/monitor-internal.h
index 7760b22..5e8abd6 100644
--- a/monitor/monitor-internal.h
+++ b/monitor/monitor-internal.h
@@ -180,4 +180,42 @@ void help_cmd(Monitor *mon, const char *name);
 void handle_hmp_command(MonitorHMP *mon, const char *cmdline);
 int hmp_compare_cmd(const char *name, const char *list);
 
+void do_help_cmd(Monitor *mon, const QDict *qdict);
+void hmp_trace_event(Monitor *mon, const QDict *qdict);
+void hmp_info_help(Monitor *mon, const QDict *qdict);
+void hmp_info_registers(Monitor *mon, const QDict *qdict);
+void hmp_info_jit(Monitor *mon, const QDict *qdict);
+void hmp_info_opcount(Monitor *mon, const QDict *qdict);
+void hmp_info_sync_profile(Monitor *mon, const QDict *qdict);
+void hmp_info_history(Monitor *mon, const QDict *qdict);
+void hmp_info_cpustats(Monitor *mon, const QDict *qdict);
+void hmp_info_trace_events(Monitor *mon, const QDict *qdict);
+void hmp_logfile(Monitor *mon, const QDict *qdict);
+void hmp_log(Monitor *mon, const QDict *qdict);
+void hmp_singlestep(Monitor *mon, const QDict *qdict);
+void hmp_gdbserver(Monitor *mon, const QDict *qdict);
+void hmp_watchdog_action(Monitor *mon, const QDict *qdict);
+void hmp_memory_dump(Monitor *mon, const QDict *qdict);
+void hmp_physical_memory_dump(Monitor *mon, const QDict *qdict);
+void hmp_gpa2hva(Monitor *mon, const QDict *qdict);
+void hmp_gva2gpa(Monitor *mon, const QDict *qdict);
+void hmp_gpa2hpa(Monitor *mon, const QDict *qdict);
+void do_print(Monitor *mon, const QDict *qdict);
+void hmp_sum(Monitor *mon, const QDict *qdict);
+void hmp_mouse_move(Monitor *mon, const QDict *qdict);
+void hmp_mouse_button(Monitor *mon, const QDict *qdict);
+void hmp_ioport_read(Monitor *mon, const QDict *qdict);
+void hmp_ioport_write(Monitor *mon, const QDict *qdict);
+void hmp_boot_set(Monitor *mon, const QDict *qdict);
+void hmp_info_mtree(Monitor *mon, const QDict *qdict);
+void hmp_info_profile(Monitor *mon, const QDict *qdict);
+void hmp_info_capture(Monitor *mon, const QDict *qdict);
+void hmp_stopcapture(Monitor *mon, const QDict *qdict);
+void hmp_wavcapture(Monitor *mon, const QDict *qdict);
+void hmp_acl_show(Monitor *mon, const QDict *qdict);
+void hmp_acl_reset(Monitor *mon, const QDict *qdict);
+void hmp_acl_policy(Monitor *mon, const QDict *qdict);
+void hmp_acl_add(Monitor *mon, const QDict *qdict);
+void hmp_acl_remove(Monitor *mon, const QDict *qdict);
+
 #endif
diff --git a/qom/Makefile.objs b/qom/Makefile.objs
index e42ea7a..4410d71 100644
--- a/qom/Makefile.objs
+++ b/qom/Makefile.objs
@@ -7,4 +7,4 @@ common-obj-$(CONFIG_SOFTMMU) += qom-hmp-cmds.o qom-qmp-cmds.o
 remote-pci-obj-$(CONFIG_MPQEMU) += object.o qom-qobject.o container.o
 remote-pci-obj-$(CONFIG_MPQEMU) += object_interfaces.o
 remote-pci-obj-$(CONFIG_MPQEMU) += cpu.o
-remote-pci-obj-$(CONFIG_MPQEMU) += qom-qmp-cmds.o
+remote-pci-obj-$(CONFIG_MPQEMU) += qom-qmp-cmds.o qom-hmp-cmds.o
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 42/45] multi-process/mon: Initialize QMP module for remote processes

[Jagannathan Raman]

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
---
 New patch in v3

 remote/remote-main.c | 11 +++++++++++
 remote/remote-opts.c | 10 ++++++++++
 2 files changed, 21 insertions(+)

diff --git a/remote/remote-main.c b/remote/remote-main.c
index a6ff338..41da405 100644
--- a/remote/remote-main.c
+++ b/remote/remote-main.c
@@ -68,6 +68,7 @@
 
 #include "monitor/monitor.h"
 #include "sysemu/reset.h"
+#include "vl.h"
 
 static ProxyLinkState *proxy_link;
 
@@ -562,6 +563,8 @@ int main(int argc, char *argv[], char **envp)
 
     module_call_init(MODULE_INIT_QOM);
 
+    monitor_init_globals();
+
     bdrv_init_with_whitelist();
 
     if (qemu_init_main_loop(&err)) {
@@ -577,6 +580,8 @@ int main(int argc, char *argv[], char **envp)
 
     qemu_add_opts(&qemu_device_opts);
     qemu_add_opts(&qemu_drive_opts);
+    qemu_add_opts(&qemu_chardev_opts);
+    qemu_add_opts(&qemu_mon_opts);
     qemu_add_drive_opts(&qemu_legacy_drive_opts);
     qemu_add_drive_opts(&qemu_common_drive_opts);
     qemu_add_drive_opts(&qemu_drive_opts);
@@ -609,6 +614,12 @@ int main(int argc, char *argv[], char **envp)
 
     proxy_link_set_callback(proxy_link, process_msg);
 
+    qemu_opts_foreach(qemu_find_opts("chardev"),
+                      chardev_init_func, NULL, &error_fatal);
+
+    qemu_opts_foreach(qemu_find_opts("mon"),
+                      mon_init_func, NULL, &error_fatal);
+
     start_handler(proxy_link);
 
     return 0;
diff --git a/remote/remote-opts.c b/remote/remote-opts.c
index 416ff59..7ddfe5c 100644
--- a/remote/remote-opts.c
+++ b/remote/remote-opts.c
@@ -95,6 +95,16 @@ void parse_cmdline(int argc, char **argv, char **envp)
                     exit(1);
                 }
                 break;
+            case QEMU_OPTION_qmp:
+                monitor_parse(optarg, "control", false);
+                break;
+            case QEMU_OPTION_monitor:
+                if (!strncmp(optarg, "stdio", 5)) {
+                    warn_report("STDIO not supported in remote process");
+                } else if (strncmp(optarg, "none", 4)) {
+                    monitor_parse(optarg, "readline", false);
+                }
+                break;
             default:
                 break;
             }
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 43/45] multi-process: prevent duplicate memory initialization in remote

[Jagannathan Raman]

When multiple controllers are configured in a remote process,
it's better for the memory to be managed by only one of the proxy
objects for that process, in order to conserve file descriptors. Added
"mem_int" flag for this purpose.

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
---
 New patch in v3

 hw/proxy/qemu-proxy.c         | 13 ++++++++++++-
 include/hw/proxy/qemu-proxy.h |  1 +
 qdev-monitor.c                |  2 +-
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/hw/proxy/qemu-proxy.c b/hw/proxy/qemu-proxy.c
index c812145..8b820cf 100644
--- a/hw/proxy/qemu-proxy.c
+++ b/hw/proxy/qemu-proxy.c
@@ -363,6 +363,13 @@ static void pci_proxy_write_config(PCIDevice *d, uint32_t addr, uint32_t val,
                    PCI_PROXY_DEV(d)->dev_id, CONF_WRITE);
 }
 
+static void pci_proxy_dev_inst_init(Object *obj)
+{
+    PCIProxyDev *dev = PCI_PROXY_DEV(obj);
+
+    dev->mem_init = false;
+}
+
 static void pci_proxy_dev_class_init(ObjectClass *klass, void *data)
 {
     PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
@@ -377,6 +384,7 @@ static const TypeInfo pci_proxy_dev_type_info = {
     .name          = TYPE_PCI_PROXY_DEV,
     .parent        = TYPE_PCI_DEVICE,
     .instance_size = sizeof(PCIProxyDev),
+    .instance_init = pci_proxy_dev_inst_init,
     .abstract      = true,
     .class_size    = sizeof(PCIProxyDevClass),
     .class_init    = pci_proxy_dev_class_init,
@@ -483,7 +491,10 @@ static void init_proxy(PCIDevice *dev, char *command, bool need_spawn, Error **e
     proxy_link_init_channel(pdev->proxy_link, &pdev->proxy_link->mmio,
                             pdev->mmio_sock);
 
-    configure_memory_sync(pdev->sync, pdev->proxy_link);
+    if (!pdev->mem_init) {
+        pdev->mem_init = true;
+        configure_memory_sync(pdev->sync, pdev->proxy_link);
+    }
 }
 
 static void pci_proxy_dev_realize(PCIDevice *device, Error **errp)
diff --git a/include/hw/proxy/qemu-proxy.h b/include/hw/proxy/qemu-proxy.h
index d88fbd4..610695f 100644
--- a/include/hw/proxy/qemu-proxy.h
+++ b/include/hw/proxy/qemu-proxy.h
@@ -51,6 +51,7 @@ typedef struct PCIProxyDev {
     ProxyLinkState *proxy_link;
 
     RemoteMemSync *sync;
+    bool mem_init;
     struct kvm_irqfd irqfd;
 
     EventNotifier intr;
diff --git a/qdev-monitor.c b/qdev-monitor.c
index f1065af..3b08e23 100644
--- a/qdev-monitor.c
+++ b/qdev-monitor.c
@@ -712,10 +712,10 @@ DeviceState *qdev_proxy_add(const char *rid, const char *id, char *bus,
         pdev->socket = old_pdev->socket;
         pdev->mmio_sock = old_pdev->mmio_sock;
         pdev->remote_pid = old_pdev->remote_pid;
+        pdev->mem_init = true;
     } else {
         pdev->rsocket = managed ? rsocket : -1;
         pdev->socket = managed ? rsocket : -1;
-
     }
     pdev->managed = managed;
 
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 44/45] multi-process: add the concept description to docs/devel/qemu-multiprocess

[Jagannathan Raman]

From: John G Johnson <john.g.johnson@oracle.com>

Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
---
 v2 -> v3:
   - Updated with latest design of this project

 docs/devel/qemu-multiprocess.txt | 627 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 627 insertions(+)
 create mode 100644 docs/devel/qemu-multiprocess.txt

diff --git a/docs/devel/qemu-multiprocess.txt b/docs/devel/qemu-multiprocess.txt
new file mode 100644
index 0000000..5b94c8d
--- /dev/null
+++ b/docs/devel/qemu-multiprocess.txt
@@ -0,0 +1,627 @@
+Disaggregating QEMU
+
+This document describes implementation details of multi-process
+qemu.
+
+QEMU can be broadly described as providing three main services. One is a
+VM control point, where VMs can be created, migrated, re-configured, and
+destroyed. A second is to emulate the CPU instructions within the VM,
+often accelerated by HW virtualization features such as Intel’s VT
+extensions. Finally, it provides IO services to the VM by emulating HW
+IO devices, such as disk and network devices.
+
+A disaggregated QEMU
+
+A disaggregated QEMU involves separating QEMU services into separate
+host processes. Each of these processes can be given only the privileges
+it needs to provide its service, e.g., a disk service could be given
+access only the the disk images it provides, and not be allowed to
+access other files, or any network devices. An attacker who compromised
+this service would not be able to use this exploit to access files or
+devices beyond what the disk service was given access to.
+
+A QEMU control process would remain, but in disaggregated mode, it would
+be a control point that executes the processes needed to support the VM
+being created, but have no direct interfaces to the VM. During VM
+execution, it would still provide the user interface to hot-plug devices
+or live migrate the VM.
+
+A first step in creating a disaggregated QEMU is to separate IO services
+from the main QEMU program, which would continue to provide CPU
+emulation. i.e., the control process would also be the CPU emulation
+process. In a later phase, CPU emulation could be separated from the
+control process.
+
+
+Disaggregating IO services
+
+Disaggregating IO services is a good place to begin QEMU disaggregating
+for a couple of reasons. One is the sheer number of IO devices QEMU can
+emulate provides a large surface of interfaces which could potentially
+be exploited, and, indeed, have been a source of exploits in the past.
+Another is the modular nature of QEMU device emulation code provides
+interface points where the QEMU functions that perform device emulation
+can be separated from the QEMU functions that manage the emulation of
+guest CPU instructions.
+
+QEMU device emulation
+
+QEMU uses a object oriented SW architecture for device emulation code.
+Configured objects are all compiled into the QEMU binary, then objects
+are instantiated by name when used by the guest VM. For example, the
+code to emulate a device named “foo” is always present in QEMU, but its
+instantiation code is only run when the device is included in the target
+VM. (e.g., via the QEMU command line as _-device foo_)
+
+The object model is hierarchical, so device emulation code names its
+parent object (such as “pci-device” for a PCI device) and QEMU will
+instantiate a parent object before calling the device’s instantiation
+code.
+
+Current separation models
+
+In order to separate the device emulation code from the CPU emulation
+code, the device object code must run in a different process. There are
+a couple of existing QEMU features that can run emulation code
+separately from the main QEMU process. These are examined below.
+
+vhost user model
+
+Virtio guest device drivers can be connected to vhost user applications
+in order to perform their IO operations. This model uses special virtio
+device drivers in the guest and vhost user device objects in QEMU, but
+once the QEMU vhost user code has configured the vhost user application,
+mission-mode IO is performed by the application. The vhost user
+application is a daemon process that can be contacted via a known UNIX
+domain socket.
+
+vhost socket
+
+As mentioned above, one of the tasks of the vhost device object within
+QEMU is to contact the vhost application and send it configuration
+information about this device instance. As part of the configuration
+process, the application can also be sent other file descriptors over
+the socket, which then can be used by the vhost user application in
+various ways, some of which are described below.
+
+vhost MMIO store acceleration
+
+VMs are often run using HW virtualization features via the KVM kernel
+driver. This driver allows QEMU to accelerate the emulation of guest CPU
+instructions by running the guest in a virtual HW mode. When the guest
+executes instructions that cannot be executed by virtual HW mode,
+execution returns to the KVM driver so it can inform QEMU to emulate the
+instructions in SW.
+
+One of the events that can cause a return to QEMU is when a guest device
+driver accesses an IO location. QEMU then dispatches the memory
+operation to the corresponding QEMU device object. In the case of a
+vhost user device, the memory operation would need to be sent over a
+socket to the vhost application. This path is accelerated by the QEMU
+virtio code by setting up an eventfd file descriptor that the vhost
+application can directly receive MMIO store notifications from the KVM
+driver, instead of needing them to be sent to the QEMU process first.
+
+vhost interrupt acceleration
+
+Another optimization used by the vhost application is the ability to
+directly inject interrupts into the VM via the KVM driver, again,
+bypassing the need to send the interrupt back to the QEMU process first.
+The QEMU virtio setup code configures the KVM driver with an eventfd
+that triggers the device interrupt in the guest when the eventfd is
+written. This irqfd file descriptor is then passed to the vhost user
+application program.
+
+vhost access to guest memory
+
+The vhost application is also allowed to directly access guest memory,
+instead of needing to send the data as messages to QEMU. This is also
+done with file descriptors sent to the vhost user application by QEMU.
+These descriptors can be passed to mmap() by the vhost application to
+map the guest address space into the vhost application.
+
+IOMMUs introduce another level of complexity, since the address given to
+the guest virtio device to DMA to or from is not a guest physical
+address. This case is handled by having vhost code within QEMU register
+as a listener for IOMMU mapping changes. The vhost application maintains
+a cache of IOMMMU translations: sending translation requests back to
+QEMU on cache misses, and in turn receiving flush requests from QEMU
+when mappings are purged.
+
+applicability to device separation
+
+Much of the vhost model can be re-used by separated device emulation. In
+particular, the ideas of using a socket between QEMU and the device
+emulation application, using a file descriptor to inject interrupts into
+the VM via KVM, and allowing the application to mmap() the guest should
+be re used.
+
+There are, however, some notable differences between how a vhost
+application works and the needs of separated device emulation. The most
+basic is that vhost uses custom virtio device drivers which always
+trigger IO with MMIO stores. A separated device emulation model must
+work with existing IO device models and guest device drivers. MMIO loads
+break vhost store acceleration since they are synchronous - guest
+progress cannot continue until the load has been emulated. By contrast,
+stores are asynchronous, the guest can continue after the store event
+has been sent to the vhost application.
+
+Another difference is that in the vhost user model, a single daemon can
+support multiple QEMU instances. This is contrary to the security regime
+desired, in which the emulation application should only be allowed to
+access the files or devices the VM it’s running on behalf of can access.
+
+
+New separation model based on proxy objects
+
+A different model based on proxy objects in the QEMU program
+communicating with remote emulation programs could provide separation
+while minimizing the changes needed to the device emulation code. The
+rest of this section is a discussion of how a proxy object model would
+work.
+
+
+Remote emulation processes
+
+The remote emulation process will run the QEMU object hierarchy without
+modification. The device emulation objects will be also be based on the
+QEMU code, because for anything but the simplest device, it would not be
+a tractable to re-implement both the object model and the many device
+backends that QEMU has.
+
+The processes will communicate with the QEMU process over UNIX domain
+sockets. The processes can be executed either as standalone processes,
+or be executed by QEMU. In both cases, the host backends the emulation
+processes will provide are specified on its command line, as they would
+be for QEMU. For example:
+
+    disk-proc -blockdev driver=file,node-name=file0,filename=disk-file0  \
+    -blockdev driver=qcow2,node-name=drive0,file=file0
+
+would indicate process _disk-proc_ uses a qcow2 emulated disk named
+_file0_ as its backend.
+
+Emulation processes may emulate more than one guest controller. A common
+configuration might be to put all controllers of the same device class
+(e.g., disk, network, etc.) in a single process, so that all backends of
+the same type can be managed by a single QMP monitor.
+
+communication with QEMU
+
+Remote emulation processes will recognize a _-socket_ argument that
+specifies the path of a UNIX domain socket used to communicate with the
+QEMU process. If no _-socket_ argument is present, the process will use
+file descriptor 0 to communicate with QEMU. For example,
+
+    disk-proc -socket /tmp/disk0-sock <backend list>
+
+will communicate with QEMU using the socket path _/tmp/disk0-sock_.
+
+remote process QMP monitor
+
+Remote emulation processes can be monitored via QMP, similar to QEMU
+itself. The QMP monitor socket is specified the same as for a QEMU
+process:
+
+    disk-proc -qmp unix:/tmp/disk-mon,server
+
+can be monitored over the UNIX socket path _/tmp/disk-mon_.
+
+QEMU command line
+
+The QEMU command line options will need to be modified to indicate which
+items are emulated by a separate program, and which remain emulated by
+QEMU itself.
+
+identifying remote emulation processes
+
+Remote emulation processes will be identified to QEMU using a _-remote_
+command line option. This option can either specify a command that QEMU
+will execute, or can specify a UNIX domain socket that QEMU can use to
+connect to an existing process. Both forms require a “id” option that
+identifies the process to later _-device_ options. The process version
+is:
+
+    -remote id=disk-proc,command="disk-proc <backend list>"
+
+And the socket version is:
+
+    -remote id=disk-proc,socket="/tmp/disk0-sock"
+
+In the latter case, the remote process must be given the same socket on
+its command line when it is executed:
+
+    disk-proc -socket /tmp/disk0-sock <backend list>
+
+identifying devices emulated remotely
+
+Devices that are to be emulated in a separate process will be identify
+the remote process with a “remote” option on their _-device_ command
+line specification. e.g., an LSI SCSI controller and disk can be
+specified as:
+
+    -device lsi53c895a,id=scsi0
+    -device scsi-hd,drive=drive0,bus=scsi0.0,scsi-id=0
+
+If these devices are emulated by remote process “disk-proc,” as
+described in the previous section, the QEMU command line would be:
+
+    -device lsi53c895a,id=scsi0,remote=disk-proc
+    -device scsi-hd,drive=drive0,bus=scsi0.0,scsi-id=0,remote=disk-proc
+
+Some devices are implicitly created by the machine object. e.g., the q35
+machine object will create its PCI bus, and attach an ich9-ahci IDE
+controller to it. In this case, options will need to be added to the
+_-machine_ command line. e.g.,
+
+    -machine pc-q35,ide-remote=disk-proc
+
+will use the remote process with an “id” of “disk-proc” to emulate the
+IDE controller and its disks.
+
+The disks themselves still need to be specified with _-remote_ option,
+as in the example above. e.g.,
+
+    -device ide-hd,drive=drive0,bus=ide.0,unit=0,remote=disk-proc
+
+
+QEMU management of remote processes
+
+Each _-remote_ instance on the QEMU command line will create a remote
+process proxy instance in QEMU. They will be held on a _QList_ that can
+be searched for by its “id” property. The remote process proxy will also
+establish a communication channel between QEMU and the remote process.
+This can be done in one of two methods: direction execution of the
+process by QEMU with fork() and exec() system calls, or by connecting to
+an existing process.
+
+direct execution
+
+When the remote process is directly executed, the remote process proxy
+will setup a communication channel between itself and the emulation
+process. This channel will be created using socketpair() and the remote
+process side of the pair will be given to the process as file descriptor
+0.
+
+connecting to an existing process
+
+Some environments wish to deny QEMU the ability to execute fork() and
+exec() In these case, emulation processes will be started before QEMU,
+and a UNIX domain socket will be given to each emulation process to
+communicate with QEMU over. After communication is established, the
+socket will be unlinked from the file system space by the QEMU process.
+
+communication with emulation process
+
+primary socket
+
+Whether the process was executed by QEMU or externally, there will be a
+primary socket for communication between QEMU and the remote process.
+This channel will handle configuration commands from QEMU to the
+process, either from the QEMU command line, or from QMP commands that
+affect the devices being emulated by the process. This channel will only
+allow one message to be pending at a time; if additional messages
+arrive, they must wait for previous ones to be acknowledged from the
+remote side.
+
+secondary sockets
+
+The primary socket can pass the file descriptors of secondary sockets
+for operations that occur in parallel with commands on the primary
+channel. These include MMIO operations generated by the guest, interrupt
+notifications generated by the devices being emulated, or _vmstate_ for
+live migration. These secondary sockets will be created at the behest of
+the device proxies that require them. A disk device proxy wouldn’t need
+any secondary sockets, but a disk controller device proxy may need both
+an MMIO socket and an interrupt socket.
+
+emulation process attached via QMP command
+
+There will be a new “attach-process” QMP command to facilitate device
+hot-plug. This command’s arguments will be the same as the _-remote_
+command line when it’s used to attach to a remote process. i.e., it will
+need an “id” argument so that hot-plugged devices can later find it, and
+a “socket” argument to identify the UNIX domain socket that will be used
+to communicate with QEMU.
+
+
+QEMU device proxy objects
+
+QEMU has an object model based on sub-classes inherited from the
+“object” super-class. The sub-classes that are of interest here are the
+“device” and “bus” sub-classes whose child sub-classes make up the
+device tree of a QEMU emulated system.
+
+The proxy object model will use device proxy objects to replace the
+device emulation code within the QEMU process. These objects will live
+in the same place in the object and bus hierarchies as the objects they
+replace. i.e., the proxy object for an LSI SCSI controller will be a
+sub-class of the “pci-device” class, and will have the same PCI bus
+parent and the same SCSI bus child objects as the LSI controller object
+it replaces.
+
+After the QEMU command line has been parsed, the remote devices will be
+instantiated in the same manner as local devices are. (i.e.,
+qdev_device_add()). In order to distinguish them from regular _-device_
+device objects, their class name will be the name of the class it
+replaces, with “-proxy” appended. e.g., the “lsi53c895a” proxy class
+will be “lsi53c895a-proxy.”
+
+device JSON description
+
+The remote process needs a JSON representation of the command line
+options used to create the object. This JSON representation is used to
+create the corresponding object in the emulation process. e.g., for an
+LSI SCSI controller invoked as:
+
+     -device lsi53c895a,id=scsi0,remote=lsi-scsi
+
+the proxy object would create a
+
+    { "driver" : "lsi53c895a", "id" : "scsi0" }
+
+JSON description. The “driver” option is assigned to the device name
+when the command line is parsed, so the “-proxy” appended by the command
+line parsing code is removed. The “remote” option isn’t needed in the
+JSON description since it only applies to the proxy object in the QEMU
+process.
+
+device object whitelist
+
+Some device objects may not need a proxy. These are devices with no
+direct guest interfaces. (e.g., no MMIO, PIO, or interrupts). There will
+be a whitelist of such devices, and any devices on this list will not be
+instantiated in QEMU. Their JSON representation will still be sent to
+the remote process, so the object can be created there.
+
+object initialization
+
+QEMU object initialization occurs in two phases. The first
+initialization happens once per object class. (i.e., there can be many
+SCSI disks in an emulated system, but the “scsi-hd” class has its
+class_init() function called only once) The second phase happens when
+each object’s instance_init() function is called to initialize each
+instance of the object.
+
+All device objects are sub-classes of the “device” class, so they also
+have a realize() function that is called after instance_init() is called
+and after the object’s static properties have been initialized. Many
+device objects don’t even provide an instance_init() function, and do
+all their per-instance work in realize().
+
+class_init
+
+The class_init() method of a proxy object will, in general behave
+similarly to the object it replaces, including setting any static
+properties and methods needed by the proxy.
+
+instance_init / realize
+
+The instance_init() and realize() functions would only need to perform
+tasks related to being a proxy, such are registering its own MMIO
+handlers, or creating a child bus that other proxy devices can be
+attached to later.
+
+Other tasks will are device-specific. For example, PCI device objects
+will initialize the PCI config space in order to make a valid PCI device
+tree within the QEMU process.
+
+address space registration
+
+Most devices are driven by guest device driver accesses to IO addresses
+or ports. The QEMU device emulation code uses QEMU’s memory region
+function calls (such as memory_region_init_io()) to add callback
+functions that QEMU will invoke when the guest accesses the device’s
+areas of the IO address space. When a guest driver does access the
+device, the VM will exit HW virtualization mode and return to QEMU,
+which will then lookup and execute the corresponding callback function.
+
+A proxy object would need to mirror the memory region calls the actual
+device emulator would perform in its initialization code, but with its
+own callbacks. When invoked by QEMU as a result of a guest IO operation,
+they will forward the operation to the device emulation process.
+
+PCI config space
+
+PCI devices also have a configuration space that can be accessed by the
+guest driver. Guest accesses to this space is not handled by the device
+emulation object, but by its PCI parent object. Much of this space is
+read-only, but certain registers (especially BAR and MSI-related ones)
+need to be propagated to the emulation process.
+
+PCI parent proxy
+
+One way to propagate guest PCI config accesses is to create a
+“pci-device-proxy” class that can serve as the parent of a PCI device
+proxy object. This class’s parent would be “pci-device” and it would
+override the PCI parent’s config_read() and config_write() methods with
+ones that forward these operations to the emulation program.
+
+interrupt receipt
+
+A proxy for a device that generates interrupts will need to create a
+socket to receive interrupt indications from the emulation process. An
+incoming interrupt indication would then be sent up to its bus parent to
+be injected into the guest. For example, a PCI device object may use
+pci_set_irq().
+
+live migration
+
+The proxy will register to save and restore any _vmstate_ it needs over
+a live migration event. The device proxy does not need to manage the
+remote device’s _vmstate_; that will be handled by the remote process
+proxy (see below).
+
+
+QEMU remote device operation
+
+Generic device operations, such as DMA, will be performs by the remote
+process proxy by sending messages to the remote process.
+
+DMA operations
+
+DMA operations would be handled much like vhost applications do. One of
+the initial messages sent to the emulation process is a guest memory
+table. Each entry in this table consists of a file descriptor and size
+that the emulation process can mmap() to directly access guest memory,
+similar to vhost_user_set_mem_table(). Note guest memory must be backed
+by file descriptors, such as when QEMU is given the _-mem-path_ command
+line option.
+
+IOMMU operations
+
+When the emulated system includes an IOMMU, the remote process proxy in
+QEMU will need to create a socket for IOMMU requests from the emulation
+process. It will handle those requests with an
+address_space_get_iotlb_entry() call. In order to handle IOMMU unmaps,
+the remote process proxy will also register as a listener on the
+device’s DMA address space. When an IOMMU memory region is created
+within the DMA address space, an IOMMU notifier for unmaps will be added
+to the memory region that will forward unmaps to the emulation process
+over the IOMMU socket.
+
+device hot-plug via QMP
+
+An QMP “device_add” command can add a device emulated by a remote
+process. It needs to add a “remote” option to the command, just as the
+_-device_ command line option does. The remote process may either be one
+started at QEMU startup, or be one added by the “add-process” QMP
+command described above. In either case, the remote process proxy will
+forward the new device’s JSON description to the corresponding emulation
+process.
+
+live migration
+
+The remote process proxy will also register for live migration
+notifications with vmstate_register(). When called to save state, the
+proxy will send the remote process a secondary socket file descriptor to
+save the remote process’s device _vmstate_ over. The incoming byte
+stream length and data will be saved as the proxy’s _vmstate_. When the
+proxy is resumed on its new host, this _vmstate_ will be extracted, and
+a secondary socket file descriptor will be sent to the new remote
+process through which it receives the _vmstate_ in order to restore the
+devices there.
+
+device emulation in remote process
+
+The parts of QEMU that the emulation program will need include the
+object model; the memory emulation objects; the device emulation objects
+of the targeted device, and any dependent devices; and, the device’s
+backends. It will also need code to setup the machine environment,
+handle requests from the QEMU process, and route machine-level requests
+(such as interrupts or IOMMU mappings) back to the QEMU process.
+
+initialization
+
+The process initialization sequence will follow the same sequence
+followed by QEMU. It will first initialize the backend objects, then
+device emulation objects. The JSON descriptions sent by the QEMU process
+will drive which objects need to be created.
+
+-   address spaces
+
+    Before the device objects are created, the initial address spaces
+    and memory regions must be configured with memory_map_init(). This
+    creates a RAM memory region object (_system_memory_) and an IO
+    memory region object (_system_io_).
+
+-   RAM
+
+    RAM memory region creation will follow how pc_memory_init() creates
+    them, but must use memory_region_init_ram_from_fd() instead of
+    memory_region_allocate_system_memory(). The file descriptors needed
+    will be supplied by the guest memory table from above. Those RAM
+    regions would then be added to the _system_memory_ memory region
+    with memory_region_add_subregion().
+
+-   PCI
+
+    IO initialization will be driven by the JSON descriptions sent from
+    the QEMU process. For a PCI device, a PCI bus will need to be
+    created with pci_root_bus_new(), and a PCI memory region will need
+    to be created and added to the _system_memory_ memory region with
+    memory_region_add_subregion_overlap(). The overlap version is
+    required for architectures where PCI memory overlaps with RAM
+    memory.
+
+MMIO handling
+
+The device emulation objects will use memory_region_init_io() to install
+their MMIO handlers, and pci_register_bar() to associate those handlers
+with a PCI BAR, as they do within QEMU currently.
+
+In order to use address_space_rw() in the emulation process to handle
+MMIO requests from QEMU, the PCI physical addresses must be the same in
+the QEMU process and the device emulation process. In order to
+accomplish that, guest BAR programming must also be forwarded from QEMU
+to the emulation process.
+
+interrupt injection
+
+When device emulation wants to inject an interrupt into the VM, the
+request climbs the device’s bus object hierarchy until the point where a
+bus object knows how to signal the interrupt to the guest. The details
+depend on the type of interrupt being raised.
+
+-   PCI pin interrupts
+
+    On x86 systems, there is an emulated IOAPIC object attached to the
+    root PCI bus object, and the root PCI object forwards interrupt
+    requests to it. The IOAPIC object, in turn, calls the KVM driver to
+    inject the corresponding interrupt into the VM. The simplest way to
+    handle this in an emulation process would be to setup the root PCI
+    bus driver (via pci_bus_irqs()) to send a interrupt request back to
+    the QEMU process, and have the device proxy object reflect it up the
+    PCI tree there.
+
+-   PCI MSI/X interrupts
+
+    PCI MSI/X interrupts are implemented in HW as DMA writes to a
+    CPU-specific PCI address. In QEMU on x86, a KVM APIC object receives
+    these DMA writes, then calls into the KVM driver to inject the
+    interrupt into the VM. A simple emulation process implementation
+    would be to send the MSI DMA address from QEMU as a message at
+    initialization, then install an address space handler at that
+    address which forwards the MSI message back to QEMU.
+
+DMA operations
+
+When a emulation object wants to DMA into or out of guest memory, it
+first must use dma_memory_map() to convert the DMA address to a local
+virtual address. The emulation process memory region objects setup above
+will be used to translate the DMA address to a local virtual address the
+device emulation code can access.
+
+IOMMU
+
+When an IOMMU is in use in QEMU, DMA translation uses IOMMU memory
+regions to translate the DMA address to a guest physical address before
+that physical address can be translated to a local virtual address. The
+emulation process will need similar functionality.
+
+-   IOTLB cache
+
+    The emulation process will maintain a cache of recent IOMMU
+    translations (the IOTLB). When the translate() callback of an IOMMU
+    memory region is invoked, the IOTLB cache will be searched for an
+    entry that will map the DMA address to a guest PA. On a cache miss,
+    a message will be sent back to QEMU requesting the corresponding
+    translation entry, which be both be used to return a guest address
+    and be added to the cache.
+
+-   IOTLB purge
+
+    The IOMMU emulation will also need to act on unmap requests from
+    QEMU. These happen when the guest IOMMU driver purges an entry from
+    the guest’s translation table.
+
+live migration
+
+When a remote process receives a live migration indication from QEMU, it
+will set up a channel using the received file descriptor with
+qio_channel_socket_new_fd(). This channel will be used to create a
+_QEMUfile_ that can be passed to qemu_save_device_state() to send the
+process’s device state back to QEMU. This method will be reversed on
+restore - the channel will be passed to qemu_loadvm_state() to restore
+the device state.
+
-- 
1.8.3.1

[Qemu-devel] [RFC v3 PATCH 45/45] multi-process: add configure and usage information

[Jagannathan Raman]

From: Elena Ufimtseva <elena.ufimtseva@oracle.com>

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
---
Changes in v3:
 - since the changes were made to use existing device/drive options,
the document was modified to reflect this.
---
 docs/qemu-multiprocess.txt | 86 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 86 insertions(+)
 create mode 100644 docs/qemu-multiprocess.txt

diff --git a/docs/qemu-multiprocess.txt b/docs/qemu-multiprocess.txt
new file mode 100644
index 0000000..c29f4df
--- /dev/null
+++ b/docs/qemu-multiprocess.txt
@@ -0,0 +1,86 @@
+Multi-process QEMU
+==================
+
+This document describes how to configure and use multi-process qemu.
+For the design document refer to docs/devel/qemu-multiprocess.
+
+1) Configuration
+----------------
+
+To enable support for multi-process add --enable-mpqemu
+to the list of options for the "configure" script.
+
+
+2) Usage
+--------
+
+To start qemu with devices intended to run in a separate emulation
+process without libvirtd support, the following should be used on QEMU
+command line. As of now, we only support the emulation of lsi53c895a
+in a separate process
+
+* Since parts of the RAM are shared between QEMU & remote process, a
+  memory-backend-file is required to facilitate this, as follows:
+
+  -object memory-backend-file,id=mem,mem-path=/dev/shm/,size=4096M,share=on
+
+* The devices to be emulated in the separate process are defined as
+  before with addition of "rid" suboption that serves as a remote group
+  identificator.
+
+  -device <device options>,rid="remote process id"
+
+  For exmaple, for non multi-process qemu:
+    -device lsi53c895a,id=scsi0 device
+    -device scsi-hd,drive=drive0,bus=scsi0.0,scsi-id=0
+    -drive id=drive0,file=data-disk.img
+
+  and for multi-process qemu and no libvirt
+  support (i.e. QEMU forks child processes):
+    -device lsi53c895a,id=scsi0,rid=0
+    -device scsi-hd,drive=drive0,bus=scsi0.0,scsi-id=0,rid="0"
+
+* The command-line options for the remote process is added to the "command"
+  suboption of the newly added "-remote" option. 
+
+   -remote [socket],rid=,command="..."
+
+  The drives to be emulated by the remote process are specified as part of
+  this command sub-option. The device to be used to connect to the monitor
+  is also specified as part of this suboption.
+
+  For example, the following option adds a drive and monitor to the remote
+  process:
+  -remote rid=0,command="-drive id=drive0,,file=data-disk.img -monitor unix:/home/qmp-sock,,server,,nowait"
+
+  Note: There's an issue with this "command" subtion which we are in the
+  process of fixing. To work around this issue, it requires additional
+  "comma" characters as illustrated above, and in the example below.
+
+* Example QEMU command-line to launch lsi53c895a in a remote process
+
+  #/bin/sh
+  qemu-system-x86_64 \
+  -name "OL7.4" \
+  -machine q35,accel=kvm \
+  -smp sockets=1,cores=1,threads=1 \
+  -cpu host \
+  -m 2048 \
+  -object memory-backend-file,id=mem,mem-path=/dev/shm/,size=2G,share=on \
+  -numa node,memdev=mem \
+  -device virtio-scsi-pci,id=virtio_scsi_pci0 \
+  -drive id=drive_image1,if=none,format=raw,file=/root/ol7.qcow2 \
+  -device scsi-hd,id=image1,drive=drive_image1,bus=virtio_scsi_pci0.0 \
+  -boot d \
+  -monitor stdio \
+  -vnc :0 \
+  -device lsi53c895a,id=lsi0,remote,rid=8,command="qemu-scsi-dev" \
+  -device scsi-hd,id=drive2,drive=drive_image2,bus=lsi0.0,scsi-id=0,remote,rid=8,command="qemu-scsi-dev"\
+  -remote rid=8,command="-drive id=drive_image2,,file=/root/remote-process-disk.img -monitor unix:/home/qmp-sock,,server,,nowait"
+
+  We could connect to the monitor using the following command:
+  socat /home/qmp-sock stdio
+
+  After hotplugging disks to the remote process, please execute the
+  following command in the guest to refresh the list of storage devices:
+  rescan_scsi_bus.sh -a
-- 
1.8.3.1

Re: [Qemu-devel] [RFC v3 PATCH 01/45] multi-process: memory: alloc RAM from file at offset

[Dr. David Alan Gilbert]

* Jagannathan Raman (jag.raman@oracle.com) wrote:
> Allow RAM MemoryRegion to be created from an offset in a file, instead
> of allocating at offset of 0 by default. This is needed to synchronize
> RAM between QEMU & remote process.
> This will be needed for the following patches.
> 
> Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
> Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
> Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
> ---
>  exec.c                    | 11 +++++++----
>  include/exec/ram_addr.h   |  2 +-
>  include/qemu/mmap-alloc.h |  3 ++-
>  memory.c                  |  2 +-
>  util/mmap-alloc.c         |  7 ++++---
>  util/oslib-posix.c        |  2 +-
>  6 files changed, 16 insertions(+), 11 deletions(-)

I'm surprised this doesn't change something in
vhost-user.c:vhost_user_set_mem_table so that the vhost-user client
knows what it's mapping?

Dave

> diff --git a/exec.c b/exec.c
> index 3e78de3..b3f1aa9 100644
> --- a/exec.c
> +++ b/exec.c
> @@ -1885,6 +1885,7 @@ static void *file_ram_alloc(RAMBlock *block,
>                              ram_addr_t memory,
>                              int fd,
>                              bool truncate,
> +                            off_t offset,
>                              Error **errp)
>  {
>      MachineState *ms = MACHINE(qdev_get_machine());
> @@ -1936,7 +1937,8 @@ static void *file_ram_alloc(RAMBlock *block,
>      }
>  
>      area = qemu_ram_mmap(fd, memory, block->mr->align,
> -                         block->flags & RAM_SHARED, block->flags & RAM_PMEM);
> +                         block->flags & RAM_SHARED, block->flags & RAM_PMEM,
> +                         offset);
>      if (area == MAP_FAILED) {
>          error_setg_errno(errp, errno,
>                           "unable to map backing store for guest RAM");
> @@ -2325,7 +2327,7 @@ static void ram_block_add(RAMBlock *new_block, Error **errp, bool shared)
>  #ifdef CONFIG_POSIX
>  RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
>                                   uint32_t ram_flags, int fd,
> -                                 Error **errp)
> +                                 off_t offset, Error **errp)
>  {
>      RAMBlock *new_block;
>      Error *local_err = NULL;
> @@ -2370,7 +2372,8 @@ RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
>      new_block->used_length = size;
>      new_block->max_length = size;
>      new_block->flags = ram_flags;
> -    new_block->host = file_ram_alloc(new_block, size, fd, !file_size, errp);
> +    new_block->host = file_ram_alloc(new_block, size, fd, !file_size, offset,
> +                                     errp);
>      if (!new_block->host) {
>          g_free(new_block);
>          return NULL;
> @@ -2400,7 +2403,7 @@ RAMBlock *qemu_ram_alloc_from_file(ram_addr_t size, MemoryRegion *mr,
>          return NULL;
>      }
>  
> -    block = qemu_ram_alloc_from_fd(size, mr, ram_flags, fd, errp);
> +    block = qemu_ram_alloc_from_fd(size, mr, ram_flags, fd, 0, errp);
>      if (!block) {
>          if (created) {
>              unlink(mem_path);
> diff --git a/include/exec/ram_addr.h b/include/exec/ram_addr.h
> index b7b2e60..15837a1 100644
> --- a/include/exec/ram_addr.h
> +++ b/include/exec/ram_addr.h
> @@ -164,7 +164,7 @@ RAMBlock *qemu_ram_alloc_from_file(ram_addr_t size, MemoryRegion *mr,
>                                     Error **errp);
>  RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
>                                   uint32_t ram_flags, int fd,
> -                                 Error **errp);
> +                                 off_t offset, Error **errp);
>  
>  RAMBlock *qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
>                                    MemoryRegion *mr, Error **errp);
> diff --git a/include/qemu/mmap-alloc.h b/include/qemu/mmap-alloc.h
> index e786266..4f57985 100644
> --- a/include/qemu/mmap-alloc.h
> +++ b/include/qemu/mmap-alloc.h
> @@ -25,7 +25,8 @@ void *qemu_ram_mmap(int fd,
>                      size_t size,
>                      size_t align,
>                      bool shared,
> -                    bool is_pmem);
> +                    bool is_pmem,
> +                    off_t start);
>  
>  void qemu_ram_munmap(int fd, void *ptr, size_t size);
>  
> diff --git a/memory.c b/memory.c
> index 5d8c9a9..debed5e 100644
> --- a/memory.c
> +++ b/memory.c
> @@ -1622,7 +1622,7 @@ void memory_region_init_ram_from_fd(MemoryRegion *mr,
>      mr->destructor = memory_region_destructor_ram;
>      mr->ram_block = qemu_ram_alloc_from_fd(size, mr,
>                                             share ? RAM_SHARED : 0,
> -                                           fd, &err);
> +                                           fd, 0, &err);
>      mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
>      if (err) {
>          mr->size = int128_zero();
> diff --git a/util/mmap-alloc.c b/util/mmap-alloc.c
> index f7f177d..4b727bd 100644
> --- a/util/mmap-alloc.c
> +++ b/util/mmap-alloc.c
> @@ -86,7 +86,8 @@ void *qemu_ram_mmap(int fd,
>                      size_t size,
>                      size_t align,
>                      bool shared,
> -                    bool is_pmem)
> +                    bool is_pmem,
> +                    off_t start)
>  {
>      int flags;
>      int map_sync_flags = 0;
> @@ -147,7 +148,7 @@ void *qemu_ram_mmap(int fd,
>      offset = QEMU_ALIGN_UP((uintptr_t)guardptr, align) - (uintptr_t)guardptr;
>  
>      ptr = mmap(guardptr + offset, size, PROT_READ | PROT_WRITE,
> -               flags | map_sync_flags, fd, 0);
> +               flags | map_sync_flags, fd, start);
>  
>      if (ptr == MAP_FAILED && map_sync_flags) {
>          if (errno == ENOTSUP) {
> @@ -172,7 +173,7 @@ void *qemu_ram_mmap(int fd,
>           * we will remove these flags to handle compatibility.
>           */
>          ptr = mmap(guardptr + offset, size, PROT_READ | PROT_WRITE,
> -                   flags, fd, 0);
> +                   flags, fd, start);
>      }
>  
>      if (ptr == MAP_FAILED) {
> diff --git a/util/oslib-posix.c b/util/oslib-posix.c
> index fe0309c..f6a243f 100644
> --- a/util/oslib-posix.c
> +++ b/util/oslib-posix.c
> @@ -204,7 +204,7 @@ void *qemu_memalign(size_t alignment, size_t size)
>  void *qemu_anon_ram_alloc(size_t size, uint64_t *alignment, bool shared)
>  {
>      size_t align = QEMU_VMALLOC_ALIGN;
> -    void *ptr = qemu_ram_mmap(-1, size, align, shared, false);
> +    void *ptr = qemu_ram_mmap(-1, size, align, shared, false, 0);
>  
>      if (ptr == MAP_FAILED) {
>          return NULL;
> -- 
> 1.8.3.1
> 
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK

Re: [Qemu-devel] [RFC v3 PATCH 07/45] multi-process: define proxy-link object

[Daniel P. Berrangé]

On Tue, Sep 03, 2019 at 04:37:33PM -0400, Jagannathan Raman wrote:
> Defines proxy-link object which forms the communication link between
> QEMU & emulation program.
> Adds functions to configure members of proxy-link object instance.
> Adds functions to send and receive messages over the communication
> channel.
> Adds GMainLoop to handle events received on the communication channel.
> 
> Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
> Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
> Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
> ---
>  v1 -> v2:
>    - Use default context for main loop instead of a new context
> 
>  v2 -> v3:
>    - Enabled multi-channel support in the communication link
> 
>  include/glib-compat.h   |   4 +
>  include/io/proxy-link.h | 147 ++++++++++++++++++++++++
>  io/Makefile.objs        |   2 +
>  io/proxy-link.c         | 292 ++++++++++++++++++++++++++++++++++++++++++++++++
>  4 files changed, 445 insertions(+)
>  create mode 100644 include/io/proxy-link.h
>  create mode 100644 io/proxy-link.c
> 
> diff --git a/include/glib-compat.h b/include/glib-compat.h
> index 1291628..6189b9a 100644
> --- a/include/glib-compat.h
> +++ b/include/glib-compat.h
> @@ -19,12 +19,16 @@
>  /* Ask for warnings for anything that was marked deprecated in
>   * the defined version, or before. It is a candidate for rewrite.
>   */
> +#ifndef GLIB_VERSION_MIN_REQUIRED
>  #define GLIB_VERSION_MIN_REQUIRED GLIB_VERSION_2_40
> +#endif
>  
>  /* Ask for warnings if code tries to use function that did not
>   * exist in the defined version. These risk breaking builds
>   */
> +#ifndef GLIB_VERSION_MAX_ALLOWED
>  #define GLIB_VERSION_MAX_ALLOWED GLIB_VERSION_2_40
> +#endif

This does not look good. This header can only be included
once thanks to the #ifndef QEMU_GLIB_COMPAT_H. So the fact
that you need these conditionals is a hint of a bug elsewhere
in the code related to glib usage.


> diff --git a/include/io/proxy-link.h b/include/io/proxy-link.h
> new file mode 100644
> index 0000000..ee78cdd
> --- /dev/null
> +++ b/include/io/proxy-link.h
> @@ -0,0 +1,147 @@
> +/*
> + * Communication channel between QEMU and remote device process
> + *
> + * Copyright 2019, Oracle and/or its affiliates.
> + *
> + * Permission is hereby granted, free of charge, to any person obtaining a copy
> + * of this software and associated documentation files (the "Software"), to deal
> + * in the Software without restriction, including without limitation the rights
> + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
> + * copies of the Software, and to permit persons to whom the Software is
> + * furnished to do so, subject to the following conditions:
> + *
> + * The above copyright notice and this permission notice shall be included in
> + * all copies or substantial portions of the Software.
> + *
> + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
> + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
> + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
> + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
> + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
> + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
> + * THE SOFTWARE.
> + */
> +
> +#ifndef PROXY_LINK_H
> +#define PROXY_LINK_H
> +
> +#include <stddef.h>
> +#include <stdint.h>
> +#include <glib.h>

I'm guessing this is the cause - nothing should be including this
directly - it is pulled  in for you via qemu/osdep.h

> +#include <pthread.h>
> +
> +#include "qemu/osdep.h"
> +#include "qom/object.h"
> +#include "qemu/thread.h"

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [RFC v3 PATCH 40/45] multi-process/mon: Refactor monitor/chardev functions out of vl.c

[Dr. David Alan Gilbert]

* Jagannathan Raman (jag.raman@oracle.com) wrote:
> Some of the initialization helper functions w.r.t monitor & chardev
> in vl.c are also used by the remote process. Therefore, these functions
> are refactored into a shared file that both QEMU & remote process
> could use.
> 
> Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
> Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
> Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>

Shouldn't the monitor parts be moved into something under monitor/ and
the chardev parts be moved into chardev/ ?

Dave

> ---
>  New patch in v3
> 
>  vl-parse.c | 92 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>  vl.c       | 91 -------------------------------------------------------------
>  vl.h       |  4 +++
>  3 files changed, 96 insertions(+), 91 deletions(-)
> 
> diff --git a/vl-parse.c b/vl-parse.c
> index d3716d1..bee904d 100644
> --- a/vl-parse.c
> +++ b/vl-parse.c
> @@ -155,3 +155,95 @@ int device_init_func(void *opaque, QemuOpts *opts, Error **errp)
>      object_unref(OBJECT(dev));
>      return 0;
>  }
> +
> +void monitor_parse(const char *optarg, const char *mode, bool pretty)
> +{
> +    static int monitor_device_index;
> +    QemuOpts *opts;
> +    const char *p;
> +    char label[32];
> +
> +    if (strstart(optarg, "chardev:", &p)) {
> +        snprintf(label, sizeof(label), "%s", p);
> +    } else {
> +        snprintf(label, sizeof(label), "compat_monitor%d",
> +                 monitor_device_index);
> +        opts = qemu_chr_parse_compat(label, optarg, true);
> +        if (!opts) {
> +            error_report("parse error: %s", optarg);
> +            exit(1);
> +        }
> +    }
> +
> +    opts = qemu_opts_create(qemu_find_opts("mon"), label, 1, &error_fatal);
> +    qemu_opt_set(opts, "mode", mode, &error_abort);
> +    qemu_opt_set(opts, "chardev", label, &error_abort);
> +    if (!strcmp(mode, "control")) {
> +        qemu_opt_set_bool(opts, "pretty", pretty, &error_abort);
> +    } else {
> +        assert(pretty == false);
> +    }
> +    monitor_device_index++;
> +}
> +
> +int mon_init_func(void *opaque, QemuOpts *opts, Error **errp)
> +{
> +    Chardev *chr;
> +    bool qmp;
> +    bool pretty = false;
> +    const char *chardev;
> +    const char *mode;
> +
> +    mode = qemu_opt_get(opts, "mode");
> +    if (mode == NULL) {
> +        mode = "readline";
> +    }
> +    if (strcmp(mode, "readline") == 0) {
> +        qmp = false;
> +    } else if (strcmp(mode, "control") == 0) {
> +        qmp = true;
> +    } else {
> +        error_setg(errp, "unknown monitor mode \"%s\"", mode);
> +        return -1;
> +    }
> +
> +    if (!qmp && qemu_opt_get(opts, "pretty")) {
> +        warn_report("'pretty' is deprecated for HMP monitors, it has no effect "
> +                    "and will be removed in future versions");
> +    }
> +    if (qemu_opt_get_bool(opts, "pretty", 0)) {
> +        pretty = true;
> +    }
> +
> +    chardev = qemu_opt_get(opts, "chardev");
> +    if (!chardev) {
> +        error_report("chardev is required");
> +        exit(1);
> +    }
> +    chr = qemu_chr_find(chardev);
> +    if (chr == NULL) {
> +        error_setg(errp, "chardev \"%s\" not found", chardev);
> +        return -1;
> +    }
> +
> +    if (qmp) {
> +        monitor_init_qmp(chr, pretty);
> +    } else {
> +        monitor_init_hmp(chr, true);
> +    }
> +    return 0;
> +}
> +
> +int chardev_init_func(void *opaque, QemuOpts *opts, Error **errp)
> +{
> +    Error *local_err = NULL;
> +
> +    if (!qemu_chr_new_from_opts(opts, NULL, &local_err)) {
> +        if (local_err) {
> +            error_propagate(errp, local_err);
> +            return -1;
> +        }
> +        exit(0);
> +    }
> +    return 0;
> +}
> diff --git a/vl.c b/vl.c
> index 08e9c09..3c03405 100644
> --- a/vl.c
> +++ b/vl.c
> @@ -2264,19 +2264,6 @@ static int device_help_func(void *opaque, QemuOpts *opts, Error **errp)
>      return qdev_device_help(opts);
>  }
>  
> -static int chardev_init_func(void *opaque, QemuOpts *opts, Error **errp)
> -{
> -    Error *local_err = NULL;
> -
> -    if (!qemu_chr_new_from_opts(opts, NULL, &local_err)) {
> -        if (local_err) {
> -            error_propagate(errp, local_err);
> -            return -1;
> -        }
> -        exit(0);
> -    }
> -    return 0;
> -}
>  
>  #ifdef CONFIG_VIRTFS
>  static int fsdev_init_func(void *opaque, QemuOpts *opts, Error **errp)
> @@ -2285,84 +2272,6 @@ static int fsdev_init_func(void *opaque, QemuOpts *opts, Error **errp)
>  }
>  #endif
>  
> -static int mon_init_func(void *opaque, QemuOpts *opts, Error **errp)
> -{
> -    Chardev *chr;
> -    bool qmp;
> -    bool pretty = false;
> -    const char *chardev;
> -    const char *mode;
> -
> -    mode = qemu_opt_get(opts, "mode");
> -    if (mode == NULL) {
> -        mode = "readline";
> -    }
> -    if (strcmp(mode, "readline") == 0) {
> -        qmp = false;
> -    } else if (strcmp(mode, "control") == 0) {
> -        qmp = true;
> -    } else {
> -        error_setg(errp, "unknown monitor mode \"%s\"", mode);
> -        return -1;
> -    }
> -
> -    if (!qmp && qemu_opt_get(opts, "pretty")) {
> -        warn_report("'pretty' is deprecated for HMP monitors, it has no effect "
> -                    "and will be removed in future versions");
> -    }
> -    if (qemu_opt_get_bool(opts, "pretty", 0)) {
> -        pretty = true;
> -    }
> -
> -    chardev = qemu_opt_get(opts, "chardev");
> -    if (!chardev) {
> -        error_report("chardev is required");
> -        exit(1);
> -    }
> -    chr = qemu_chr_find(chardev);
> -    if (chr == NULL) {
> -        error_setg(errp, "chardev \"%s\" not found", chardev);
> -        return -1;
> -    }
> -
> -    if (qmp) {
> -        monitor_init_qmp(chr, pretty);
> -    } else {
> -        monitor_init_hmp(chr, true);
> -    }
> -    return 0;
> -}
> -
> -static void monitor_parse(const char *optarg, const char *mode, bool pretty)
> -{
> -    static int monitor_device_index = 0;
> -    QemuOpts *opts;
> -    const char *p;
> -    char label[32];
> -
> -    if (strstart(optarg, "chardev:", &p)) {
> -        snprintf(label, sizeof(label), "%s", p);
> -    } else {
> -        snprintf(label, sizeof(label), "compat_monitor%d",
> -                 monitor_device_index);
> -        opts = qemu_chr_parse_compat(label, optarg, true);
> -        if (!opts) {
> -            error_report("parse error: %s", optarg);
> -            exit(1);
> -        }
> -    }
> -
> -    opts = qemu_opts_create(qemu_find_opts("mon"), label, 1, &error_fatal);
> -    qemu_opt_set(opts, "mode", mode, &error_abort);
> -    qemu_opt_set(opts, "chardev", label, &error_abort);
> -    if (!strcmp(mode, "control")) {
> -        qemu_opt_set_bool(opts, "pretty", pretty, &error_abort);
> -    } else {
> -        assert(pretty == false);
> -    }
> -    monitor_device_index++;
> -}
> -
>  struct device_config {
>      enum {
>          DEV_USB,       /* -usbdevice     */
> diff --git a/vl.h b/vl.h
> index 8c40fed..21ca747 100644
> --- a/vl.h
> +++ b/vl.h
> @@ -50,5 +50,9 @@ int device_init_func(void *opaque, QemuOpts *opts, Error **errp);
>  int rdrive_init_func(void *opaque, QemuOpts *opts, Error **errp);
>  int rdevice_init_func(void *opaque, QemuOpts *opts, Error **errp);
>  
> +void monitor_parse(const char *optarg, const char *mode, bool pretty);
> +int mon_init_func(void *opaque, QemuOpts *opts, Error **errp);
> +int chardev_init_func(void *opaque, QemuOpts *opts, Error **errp);
> +
>  #endif /* VL_H */
>  
> -- 
> 1.8.3.1
> 
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK

Re: [Qemu-devel] [RFC v3 PATCH 41/45] multi-process/mon: trim HMP command set for remote storage processes

[Dr. David Alan Gilbert]

* Jagannathan Raman (jag.raman@oracle.com) wrote:
> Trim down the list of HMP commands available for storage class of
> remote processes.
> 
> Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
> Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
> Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
> ---
>  New patch in v3
> 
>  Makefile.objs              |   2 +
>  Makefile.target            |  14 +-
>  hmp-scsi-commands-info.hx  | 167 ++++++++++++++++++++
>  hmp-scsi-commands.hx       | 384 +++++++++++++++++++++++++++++++++++++++++++++
>  monitor/misc.c             |  84 +++++-----
>  monitor/monitor-internal.h |  38 +++++
>  qom/Makefile.objs          |   2 +-
>  7 files changed, 651 insertions(+), 40 deletions(-)
>  create mode 100644 hmp-scsi-commands-info.hx
>  create mode 100644 hmp-scsi-commands.hx
> 
> diff --git a/Makefile.objs b/Makefile.objs
> index 04af900..11cd7be 100644
> --- a/Makefile.objs
> +++ b/Makefile.objs
> @@ -45,6 +45,8 @@ remote-pci-obj-$(CONFIG_MPQEMU) += iothread.o
>  remote-lsi-obj-$(CONFIG_MPQEMU) += hw/
>  remote-lsi-obj-$(CONFIG_MPQEMU) += ui/
>  
> +remote-lsi-obj-$(CONFIG_MPQEMU) += device-hotplug.o
> +
>  #######################################################################
>  # crypto-obj-y is code used by both qemu system emulation and qemu-img
>  
> diff --git a/Makefile.target b/Makefile.target
> index 0ca832f..00a4b85 100644
> --- a/Makefile.target
> +++ b/Makefile.target
> @@ -210,6 +210,10 @@ endif
>  generated-files-y += hmp-commands.h hmp-commands-info.h
>  generated-files-y += config-devices.h
>  
> +ifdef CONFIG_MPQEMU
> +generated-files-y += hmp-scsi-commands.h hmp-scsi-commands-info.h
> +endif
> +
>  endif # CONFIG_SOFTMMU
>  
>  dummy := $(call unnest-vars,,obj-y)
> @@ -294,10 +298,18 @@ hmp-commands.h: $(SRC_PATH)/hmp-commands.hx $(SRC_PATH)/scripts/hxtool
>  hmp-commands-info.h: $(SRC_PATH)/hmp-commands-info.hx $(SRC_PATH)/scripts/hxtool
>  	$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$(TARGET_DIR)$@")
>  
> +ifdef CONFIG_MPQEMU
> +hmp-scsi-commands.h: $(SRC_PATH)/hmp-scsi-commands.hx $(SRC_PATH)/scripts/hxtool
> +	$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$(TARGET_DIR)$@")
> +
> +hmp-scsi-commands-info.h: $(SRC_PATH)/hmp-scsi-commands-info.hx $(SRC_PATH)/scripts/hxtool
> +	$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$(TARGET_DIR)$@")
> +endif
> +
>  clean: clean-target
>  	rm -f *.a *~ $(PROGS)
>  	rm -f $(shell find . -name '*.[od]')
> -	rm -f hmp-commands.h gdbstub-xml.c
> +	rm -f hmp-commands.h gdbstub-xml.c hmp-scsi-commands.h hmp-scsi-commands-info.h
>  	rm -f trace/generated-helpers.c trace/generated-helpers.c-timestamp
>  ifdef CONFIG_TRACE_SYSTEMTAP
>  	rm -f *.stp
> diff --git a/hmp-scsi-commands-info.hx b/hmp-scsi-commands-info.hx
> new file mode 100644
> index 0000000..315a445
> --- /dev/null
> +++ b/hmp-scsi-commands-info.hx
> @@ -0,0 +1,167 @@
> +HXCOMM Use DEFHEADING() to define headings in both help text and texi
> +HXCOMM Text between STEXI and ETEXI are copied to texi version and
> +HXCOMM discarded from C version
> +HXCOMM DEF(command, args, callback, arg_string, help) is used to construct
> +HXCOMM monitor info commands
> +HXCOMM HXCOMM can be used for comments, discarded from both texi and C
> +
> +STEXI
> +@table @option
> +@item info @var{subcommand}
> +@findex info
> +Show various information about the system state.
> +@table @option
> +ETEXI
> +
> +    {
> +        .name       = "version",
> +        .args_type  = "",
> +        .params     = "",
> +        .help       = "show the version of QEMU",
> +        .cmd        = hmp_info_version,
> +        .flags      = "p",
> +    },
> +
> +STEXI
> +@item info version
> +@findex info version
> +Show the version of QEMU.
> +ETEXI

It feels like you need a way to share this stuff without copying it;
'info version' isn't really a scsi specific command!
One idea is you could add a new field, e.g.

     .subcommands = "scsi,somethingelse"

and then you process it to pick that up?

<snip>

> diff --git a/monitor/misc.c b/monitor/misc.c
> index 00338c0..4914f46 100644
> --- a/monitor/misc.c
> +++ b/monitor/misc.c
> @@ -176,12 +176,12 @@ int hmp_compare_cmd(const char *name, const char *list)
>      return 0;
>  }
>  
> -static void do_help_cmd(Monitor *mon, const QDict *qdict)
> +void do_help_cmd(Monitor *mon, const QDict *qdict)

If you're unstatic'ing things that don't have hmp in the name then you
need to add it, i.e. hmp_do_help_cmd.

Dave

>  {
>      help_cmd(mon, qdict_get_try_str(qdict, "name"));
>  }
>  
> -static void hmp_trace_event(Monitor *mon, const QDict *qdict)
> +void hmp_trace_event(Monitor *mon, const QDict *qdict)
>  {
>      const char *tp_name = qdict_get_str(qdict, "name");
>      bool new_state = qdict_get_bool(qdict, "option");
> @@ -225,7 +225,7 @@ static void hmp_trace_file(Monitor *mon, const QDict *qdict)
>  }
>  #endif
>  
> -static void hmp_info_help(Monitor *mon, const QDict *qdict)
> +void hmp_info_help(Monitor *mon, const QDict *qdict)
>  {
>      help_cmd(mon, "info");
>  }
> @@ -436,7 +436,7 @@ int monitor_get_cpu_index(void)
>      return cs ? cs->cpu_index : UNASSIGNED_CPU_INDEX;
>  }
>  
> -static void hmp_info_registers(Monitor *mon, const QDict *qdict)
> +void hmp_info_registers(Monitor *mon, const QDict *qdict)
>  {
>      bool all_cpus = qdict_get_try_bool(qdict, "cpustate_all", false);
>      CPUState *cs;
> @@ -459,7 +459,7 @@ static void hmp_info_registers(Monitor *mon, const QDict *qdict)
>  }
>  
>  #ifdef CONFIG_TCG
> -static void hmp_info_jit(Monitor *mon, const QDict *qdict)
> +void hmp_info_jit(Monitor *mon, const QDict *qdict)
>  {
>      if (!tcg_enabled()) {
>          error_report("JIT information is only available with accel=tcg");
> @@ -470,13 +470,13 @@ static void hmp_info_jit(Monitor *mon, const QDict *qdict)
>      dump_drift_info();
>  }
>  
> -static void hmp_info_opcount(Monitor *mon, const QDict *qdict)
> +void hmp_info_opcount(Monitor *mon, const QDict *qdict)
>  {
>      dump_opcount_info();
>  }
>  #endif
>  
> -static void hmp_info_sync_profile(Monitor *mon, const QDict *qdict)
> +void hmp_info_sync_profile(Monitor *mon, const QDict *qdict)
>  {
>      int64_t max = qdict_get_try_int(qdict, "max", 10);
>      bool mean = qdict_get_try_bool(qdict, "mean", false);
> @@ -487,7 +487,7 @@ static void hmp_info_sync_profile(Monitor *mon, const QDict *qdict)
>      qsp_report(max, sort_by, coalesce);
>  }
>  
> -static void hmp_info_history(Monitor *mon, const QDict *qdict)
> +void hmp_info_history(Monitor *mon, const QDict *qdict)
>  {
>      MonitorHMP *hmp_mon = container_of(mon, MonitorHMP, common);
>      int i;
> @@ -507,7 +507,7 @@ static void hmp_info_history(Monitor *mon, const QDict *qdict)
>      }
>  }
>  
> -static void hmp_info_cpustats(Monitor *mon, const QDict *qdict)
> +void hmp_info_cpustats(Monitor *mon, const QDict *qdict)
>  {
>      CPUState *cs = mon_get_cpu();
>  
> @@ -518,7 +518,7 @@ static void hmp_info_cpustats(Monitor *mon, const QDict *qdict)
>      cpu_dump_statistics(cs, 0);
>  }
>  
> -static void hmp_info_trace_events(Monitor *mon, const QDict *qdict)
> +void hmp_info_trace_events(Monitor *mon, const QDict *qdict)
>  {
>      const char *name = qdict_get_try_str(qdict, "name");
>      bool has_vcpu = qdict_haskey(qdict, "vcpu");
> @@ -578,7 +578,7 @@ void qmp_client_migrate_info(const char *protocol, const char *hostname,
>      error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "protocol", "spice");
>  }
>  
> -static void hmp_logfile(Monitor *mon, const QDict *qdict)
> +void hmp_logfile(Monitor *mon, const QDict *qdict)
>  {
>      Error *err = NULL;
>  
> @@ -588,7 +588,7 @@ static void hmp_logfile(Monitor *mon, const QDict *qdict)
>      }
>  }
>  
> -static void hmp_log(Monitor *mon, const QDict *qdict)
> +void hmp_log(Monitor *mon, const QDict *qdict)
>  {
>      int mask;
>      const char *items = qdict_get_str(qdict, "items");
> @@ -605,7 +605,7 @@ static void hmp_log(Monitor *mon, const QDict *qdict)
>      qemu_set_log(mask);
>  }
>  
> -static void hmp_singlestep(Monitor *mon, const QDict *qdict)
> +void hmp_singlestep(Monitor *mon, const QDict *qdict)
>  {
>      const char *option = qdict_get_try_str(qdict, "option");
>      if (!option || !strcmp(option, "on")) {
> @@ -617,7 +617,7 @@ static void hmp_singlestep(Monitor *mon, const QDict *qdict)
>      }
>  }
>  
> -static void hmp_gdbserver(Monitor *mon, const QDict *qdict)
> +void hmp_gdbserver(Monitor *mon, const QDict *qdict)
>  {
>      const char *device = qdict_get_try_str(qdict, "device");
>      if (!device)
> @@ -633,7 +633,7 @@ static void hmp_gdbserver(Monitor *mon, const QDict *qdict)
>      }
>  }
>  
> -static void hmp_watchdog_action(Monitor *mon, const QDict *qdict)
> +void hmp_watchdog_action(Monitor *mon, const QDict *qdict)
>  {
>      const char *action = qdict_get_str(qdict, "action");
>      if (select_watchdog_action(action) == -1) {
> @@ -775,7 +775,7 @@ static void memory_dump(Monitor *mon, int count, int format, int wsize,
>      }
>  }
>  
> -static void hmp_memory_dump(Monitor *mon, const QDict *qdict)
> +void hmp_memory_dump(Monitor *mon, const QDict *qdict)
>  {
>      int count = qdict_get_int(qdict, "count");
>      int format = qdict_get_int(qdict, "format");
> @@ -785,7 +785,7 @@ static void hmp_memory_dump(Monitor *mon, const QDict *qdict)
>      memory_dump(mon, count, format, size, addr, 0);
>  }
>  
> -static void hmp_physical_memory_dump(Monitor *mon, const QDict *qdict)
> +void hmp_physical_memory_dump(Monitor *mon, const QDict *qdict)
>  {
>      int count = qdict_get_int(qdict, "count");
>      int format = qdict_get_int(qdict, "format");
> @@ -815,7 +815,7 @@ static void *gpa2hva(MemoryRegion **p_mr, hwaddr addr, Error **errp)
>      return qemu_map_ram_ptr(mrs.mr->ram_block, mrs.offset_within_region);
>  }
>  
> -static void hmp_gpa2hva(Monitor *mon, const QDict *qdict)
> +void hmp_gpa2hva(Monitor *mon, const QDict *qdict)
>  {
>      hwaddr addr = qdict_get_int(qdict, "addr");
>      Error *local_err = NULL;
> @@ -835,7 +835,7 @@ static void hmp_gpa2hva(Monitor *mon, const QDict *qdict)
>      memory_region_unref(mr);
>  }
>  
> -static void hmp_gva2gpa(Monitor *mon, const QDict *qdict)
> +void hmp_gva2gpa(Monitor *mon, const QDict *qdict)
>  {
>      target_ulong addr = qdict_get_int(qdict, "addr");
>      MemTxAttrs attrs;
> @@ -890,7 +890,7 @@ out:
>      return ret;
>  }
>  
> -static void hmp_gpa2hpa(Monitor *mon, const QDict *qdict)
> +void hmp_gpa2hpa(Monitor *mon, const QDict *qdict)
>  {
>      hwaddr addr = qdict_get_int(qdict, "addr");
>      Error *local_err = NULL;
> @@ -917,7 +917,7 @@ static void hmp_gpa2hpa(Monitor *mon, const QDict *qdict)
>  }
>  #endif
>  
> -static void do_print(Monitor *mon, const QDict *qdict)
> +void do_print(Monitor *mon, const QDict *qdict)
>  {
>      int format = qdict_get_int(qdict, "format");
>      hwaddr val = qdict_get_int(qdict, "val");
> @@ -943,7 +943,7 @@ static void do_print(Monitor *mon, const QDict *qdict)
>      monitor_printf(mon, "\n");
>  }
>  
> -static void hmp_sum(Monitor *mon, const QDict *qdict)
> +void hmp_sum(Monitor *mon, const QDict *qdict)
>  {
>      uint32_t addr;
>      uint16_t sum;
> @@ -963,7 +963,7 @@ static void hmp_sum(Monitor *mon, const QDict *qdict)
>  
>  static int mouse_button_state;
>  
> -static void hmp_mouse_move(Monitor *mon, const QDict *qdict)
> +void hmp_mouse_move(Monitor *mon, const QDict *qdict)
>  {
>      int dx, dy, dz, button;
>      const char *dx_str = qdict_get_str(qdict, "dx_str");
> @@ -987,7 +987,7 @@ static void hmp_mouse_move(Monitor *mon, const QDict *qdict)
>      qemu_input_event_sync();
>  }
>  
> -static void hmp_mouse_button(Monitor *mon, const QDict *qdict)
> +void hmp_mouse_button(Monitor *mon, const QDict *qdict)
>  {
>      static uint32_t bmap[INPUT_BUTTON__MAX] = {
>          [INPUT_BUTTON_LEFT]       = MOUSE_EVENT_LBUTTON,
> @@ -1004,7 +1004,7 @@ static void hmp_mouse_button(Monitor *mon, const QDict *qdict)
>      mouse_button_state = button_state;
>  }
>  
> -static void hmp_ioport_read(Monitor *mon, const QDict *qdict)
> +void hmp_ioport_read(Monitor *mon, const QDict *qdict)
>  {
>      int size = qdict_get_int(qdict, "size");
>      int addr = qdict_get_int(qdict, "addr");
> @@ -1038,7 +1038,7 @@ static void hmp_ioport_read(Monitor *mon, const QDict *qdict)
>                     suffix, addr, size * 2, val);
>  }
>  
> -static void hmp_ioport_write(Monitor *mon, const QDict *qdict)
> +void hmp_ioport_write(Monitor *mon, const QDict *qdict)
>  {
>      int size = qdict_get_int(qdict, "size");
>      int addr = qdict_get_int(qdict, "addr");
> @@ -1060,7 +1060,7 @@ static void hmp_ioport_write(Monitor *mon, const QDict *qdict)
>      }
>  }
>  
> -static void hmp_boot_set(Monitor *mon, const QDict *qdict)
> +void hmp_boot_set(Monitor *mon, const QDict *qdict)
>  {
>      Error *local_err = NULL;
>      const char *bootdevice = qdict_get_str(qdict, "bootdevice");
> @@ -1073,7 +1073,7 @@ static void hmp_boot_set(Monitor *mon, const QDict *qdict)
>      }
>  }
>  
> -static void hmp_info_mtree(Monitor *mon, const QDict *qdict)
> +void hmp_info_mtree(Monitor *mon, const QDict *qdict)
>  {
>      bool flatview = qdict_get_try_bool(qdict, "flatview", false);
>      bool dispatch_tree = qdict_get_try_bool(qdict, "dispatch_tree", false);
> @@ -1086,7 +1086,7 @@ static void hmp_info_mtree(Monitor *mon, const QDict *qdict)
>  
>  int64_t dev_time;
>  
> -static void hmp_info_profile(Monitor *mon, const QDict *qdict)
> +void hmp_info_profile(Monitor *mon, const QDict *qdict)
>  {
>      static int64_t last_cpu_exec_time;
>      int64_t cpu_exec_time;
> @@ -1103,7 +1103,7 @@ static void hmp_info_profile(Monitor *mon, const QDict *qdict)
>      dev_time = 0;
>  }
>  #else
> -static void hmp_info_profile(Monitor *mon, const QDict *qdict)
> +void hmp_info_profile(Monitor *mon, const QDict *qdict)
>  {
>      monitor_printf(mon, "Internal profiler not compiled\n");
>  }
> @@ -1112,7 +1112,7 @@ static void hmp_info_profile(Monitor *mon, const QDict *qdict)
>  /* Capture support */
>  static QLIST_HEAD (capture_list_head, CaptureState) capture_head;
>  
> -static void hmp_info_capture(Monitor *mon, const QDict *qdict)
> +void hmp_info_capture(Monitor *mon, const QDict *qdict)
>  {
>      int i;
>      CaptureState *s;
> @@ -1123,7 +1123,7 @@ static void hmp_info_capture(Monitor *mon, const QDict *qdict)
>      }
>  }
>  
> -static void hmp_stopcapture(Monitor *mon, const QDict *qdict)
> +void hmp_stopcapture(Monitor *mon, const QDict *qdict)
>  {
>      int i;
>      int n = qdict_get_int(qdict, "n");
> @@ -1139,7 +1139,7 @@ static void hmp_stopcapture(Monitor *mon, const QDict *qdict)
>      }
>  }
>  
> -static void hmp_wavcapture(Monitor *mon, const QDict *qdict)
> +void hmp_wavcapture(Monitor *mon, const QDict *qdict)
>  {
>      const char *path = qdict_get_str(qdict, "path");
>      int has_freq = qdict_haskey(qdict, "freq");
> @@ -1192,7 +1192,7 @@ static void hmp_warn_acl(void)
>      warn_acl = true;
>  }
>  
> -static void hmp_acl_show(Monitor *mon, const QDict *qdict)
> +void hmp_acl_show(Monitor *mon, const QDict *qdict)
>  {
>      const char *aclname = qdict_get_str(qdict, "aclname");
>      QAuthZList *auth = find_auth(mon, aclname);
> @@ -1219,7 +1219,7 @@ static void hmp_acl_show(Monitor *mon, const QDict *qdict)
>      }
>  }
>  
> -static void hmp_acl_reset(Monitor *mon, const QDict *qdict)
> +void hmp_acl_reset(Monitor *mon, const QDict *qdict)
>  {
>      const char *aclname = qdict_get_str(qdict, "aclname");
>      QAuthZList *auth = find_auth(mon, aclname);
> @@ -1236,7 +1236,7 @@ static void hmp_acl_reset(Monitor *mon, const QDict *qdict)
>      monitor_printf(mon, "acl: removed all rules\n");
>  }
>  
> -static void hmp_acl_policy(Monitor *mon, const QDict *qdict)
> +void hmp_acl_policy(Monitor *mon, const QDict *qdict)
>  {
>      const char *aclname = qdict_get_str(qdict, "aclname");
>      const char *policy = qdict_get_str(qdict, "policy");
> @@ -1277,7 +1277,7 @@ static QAuthZListFormat hmp_acl_get_format(const char *match)
>      }
>  }
>  
> -static void hmp_acl_add(Monitor *mon, const QDict *qdict)
> +void hmp_acl_add(Monitor *mon, const QDict *qdict)
>  {
>      const char *aclname = qdict_get_str(qdict, "aclname");
>      const char *match = qdict_get_str(qdict, "match");
> @@ -1330,7 +1330,7 @@ static void hmp_acl_add(Monitor *mon, const QDict *qdict)
>      }
>  }
>  
> -static void hmp_acl_remove(Monitor *mon, const QDict *qdict)
> +void hmp_acl_remove(Monitor *mon, const QDict *qdict)
>  {
>      const char *aclname = qdict_get_str(qdict, "aclname");
>      const char *match = qdict_get_str(qdict, "match");
> @@ -1799,13 +1799,21 @@ int monitor_fd_param(Monitor *mon, const char *fdname, Error **errp)
>  
>  /* Please update hmp-commands.hx when adding or changing commands */
>  static HMPCommand hmp_info_cmds[] = {
> +#if defined(SCSI_PROCESS)
> +#include "hmp-scsi-commands-info.h"
> +#else
>  #include "hmp-commands-info.h"
> +#endif
>      { NULL, NULL, },
>  };
>  
>  /* hmp_cmds and hmp_info_cmds would be sorted at runtime */
>  HMPCommand hmp_cmds[] = {
> +#if defined(SCSI_PROCESS)
> +#include "hmp-scsi-commands.h"
> +#else
>  #include "hmp-commands.h"
> +#endif
>      { NULL, NULL, },
>  };
>  
> diff --git a/monitor/monitor-internal.h b/monitor/monitor-internal.h
> index 7760b22..5e8abd6 100644
> --- a/monitor/monitor-internal.h
> +++ b/monitor/monitor-internal.h
> @@ -180,4 +180,42 @@ void help_cmd(Monitor *mon, const char *name);
>  void handle_hmp_command(MonitorHMP *mon, const char *cmdline);
>  int hmp_compare_cmd(const char *name, const char *list);
>  
> +void do_help_cmd(Monitor *mon, const QDict *qdict);
> +void hmp_trace_event(Monitor *mon, const QDict *qdict);
> +void hmp_info_help(Monitor *mon, const QDict *qdict);
> +void hmp_info_registers(Monitor *mon, const QDict *qdict);
> +void hmp_info_jit(Monitor *mon, const QDict *qdict);
> +void hmp_info_opcount(Monitor *mon, const QDict *qdict);
> +void hmp_info_sync_profile(Monitor *mon, const QDict *qdict);
> +void hmp_info_history(Monitor *mon, const QDict *qdict);
> +void hmp_info_cpustats(Monitor *mon, const QDict *qdict);
> +void hmp_info_trace_events(Monitor *mon, const QDict *qdict);
> +void hmp_logfile(Monitor *mon, const QDict *qdict);
> +void hmp_log(Monitor *mon, const QDict *qdict);
> +void hmp_singlestep(Monitor *mon, const QDict *qdict);
> +void hmp_gdbserver(Monitor *mon, const QDict *qdict);
> +void hmp_watchdog_action(Monitor *mon, const QDict *qdict);
> +void hmp_memory_dump(Monitor *mon, const QDict *qdict);
> +void hmp_physical_memory_dump(Monitor *mon, const QDict *qdict);
> +void hmp_gpa2hva(Monitor *mon, const QDict *qdict);
> +void hmp_gva2gpa(Monitor *mon, const QDict *qdict);
> +void hmp_gpa2hpa(Monitor *mon, const QDict *qdict);
> +void do_print(Monitor *mon, const QDict *qdict);
> +void hmp_sum(Monitor *mon, const QDict *qdict);
> +void hmp_mouse_move(Monitor *mon, const QDict *qdict);
> +void hmp_mouse_button(Monitor *mon, const QDict *qdict);
> +void hmp_ioport_read(Monitor *mon, const QDict *qdict);
> +void hmp_ioport_write(Monitor *mon, const QDict *qdict);
> +void hmp_boot_set(Monitor *mon, const QDict *qdict);
> +void hmp_info_mtree(Monitor *mon, const QDict *qdict);
> +void hmp_info_profile(Monitor *mon, const QDict *qdict);
> +void hmp_info_capture(Monitor *mon, const QDict *qdict);
> +void hmp_stopcapture(Monitor *mon, const QDict *qdict);
> +void hmp_wavcapture(Monitor *mon, const QDict *qdict);
> +void hmp_acl_show(Monitor *mon, const QDict *qdict);
> +void hmp_acl_reset(Monitor *mon, const QDict *qdict);
> +void hmp_acl_policy(Monitor *mon, const QDict *qdict);
> +void hmp_acl_add(Monitor *mon, const QDict *qdict);
> +void hmp_acl_remove(Monitor *mon, const QDict *qdict);
> +
>  #endif
> diff --git a/qom/Makefile.objs b/qom/Makefile.objs
> index e42ea7a..4410d71 100644
> --- a/qom/Makefile.objs
> +++ b/qom/Makefile.objs
> @@ -7,4 +7,4 @@ common-obj-$(CONFIG_SOFTMMU) += qom-hmp-cmds.o qom-qmp-cmds.o
>  remote-pci-obj-$(CONFIG_MPQEMU) += object.o qom-qobject.o container.o
>  remote-pci-obj-$(CONFIG_MPQEMU) += object_interfaces.o
>  remote-pci-obj-$(CONFIG_MPQEMU) += cpu.o
> -remote-pci-obj-$(CONFIG_MPQEMU) += qom-qmp-cmds.o
> +remote-pci-obj-$(CONFIG_MPQEMU) += qom-qmp-cmds.o qom-hmp-cmds.o
> -- 
> 1.8.3.1
> 
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK

Re: [Qemu-devel] [RFC v3 PATCH 02/45] multi-process: util: Add qemu_thread_cancel() to cancel running thread

[Daniel P. Berrangé]

On Tue, Sep 03, 2019 at 04:37:28PM -0400, Jagannathan Raman wrote:
> qemu_thread_cancel() added to destroy a given running thread.
> This will be needed in the following patches.

I don't see anything in the following patches that actually uses
this new function.

That is good though, because it is incredibly difficult to
correctly use pthread_cancel() in such a way that you correctly
release all memory and other resources (file descriptors) owned
by the thread being cancelled.

So this looks like it can thankfully be dropped.

> 
> Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
> Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
> Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
> ---
>  include/qemu/thread.h    |  1 +
>  util/qemu-thread-posix.c | 10 ++++++++++
>  2 files changed, 11 insertions(+)

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [RFC v3 PATCH 00/45] Initial support of multi-process qemu

[Daniel P. Berrangé]

On Tue, Sep 03, 2019 at 04:37:26PM -0400, Jagannathan Raman wrote:
> Started with the presentation in October 2017 made by Marc-Andre (Red Hat)
> and Konrad Wilk (Oracle) [1], and continued by Jag's BoF at KVM Forum 2018,
> the multi-process project is now a prototype and presented in this patchset.
> 
> This first series enables the emulation of lsi53c895a in a separate process.
> 
> We posted the Proof Of Concept patches [2] before the BoF session in 2018.
> Subsequently, we posted RFC v1 [3] & RFC v2 [4] of this series. 
> 
> Thanks to the v1 & v2 review, we were able to incorporate the feedback into
> our goals.
> 
> In the summer of 2019, we participated in a conference with folks at RedHat,
> who provided us with feedback to improve the design of this project. 
> 
> We want to present version 3 of this series which incorporates the feedback
> we received for v2 & the enhancements suggested in the conference. Following
> are the improvements made in this series:

This patch series fails to apply to git master when I attempt and confirmed
by patchew's failed attempt too

  https://patchew.org/QEMU/cover.1567534653.git.jag.raman@oracle.com/

Can you do one of the following

 - Tell us what git hash it was based on instead of master
or
 - provide a pointer to a publically accessible git repo with it applied
or
 - Repost with based on current git master

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [Qemu-devel] [RFC v3 PATCH 00/45] Initial support of multi-process qemu

[Jag Raman]

On 9/4/2019 5:18 AM, Daniel P. Berrangé wrote:
> On Tue, Sep 03, 2019 at 04:37:26PM -0400, Jagannathan Raman wrote:
>> Started with the presentation in October 2017 made by Marc-Andre (Red Hat)
>> and Konrad Wilk (Oracle) [1], and continued by Jag's BoF at KVM Forum 2018,
>> the multi-process project is now a prototype and presented in this patchset.
>>
>> This first series enables the emulation of lsi53c895a in a separate process.
>>
>> We posted the Proof Of Concept patches [2] before the BoF session in 2018.
>> Subsequently, we posted RFC v1 [3] & RFC v2 [4] of this series.
>>
>> Thanks to the v1 & v2 review, we were able to incorporate the feedback into
>> our goals.
>>
>> In the summer of 2019, we participated in a conference with folks at RedHat,
>> who provided us with feedback to improve the design of this project.
>>
>> We want to present version 3 of this series which incorporates the feedback
>> we received for v2 & the enhancements suggested in the conference. Following
>> are the improvements made in this series:
> 
> This patch series fails to apply to git master when I attempt and confirmed
> by patchew's failed attempt too
> 
>    https://patchew.org/QEMU/cover.1567534653.git.jag.raman@oracle.com/
> 
> Can you do one of the following
> 
>   - Tell us what git hash it was based on instead of master

Hi Daniel,

These patches are based on the latest release, v4.1.0. They are on top
of the following git hash:
9e06029aea3 Update version for v4.1.0 release

> or
>   - provide a pointer to a publically accessible git repo with it applied

They are also publicly available from the following gitub repo.:
https://github.com/oracle/qemu.git  [branch multi-process-qemu-v0.3]

Thanks!
--
Jag

> or
>   - Repost with based on current git master
> 
> Regards,
> Daniel
> 

Re: [Qemu-devel] [RFC v3 PATCH 44/45] multi-process: add the concept description to docs/devel/qemu-multiprocess

[Gerd Hoffmann]

  Hi,

> +Current separation models
> +
> +In order to separate the device emulation code from the CPU emulation
> +code, the device object code must run in a different process. There are
> +a couple of existing QEMU features that can run emulation code
> +separately from the main QEMU process. These are examined below.

There also is vfio+mdev.  Right now a kernel interface, so
(hardware-assisted) device emulation runs in the linux kernel.
IIRC someone suggested to build a process->process interface
based on the vfio api.  What happened to that idea?

> +If these devices are emulated by remote process “disk-proc,” as
> +described in the previous section, the QEMU command line would be:
> +
> +    -device lsi53c895a,id=scsi0,remote=disk-proc
> +    -device scsi-hd,drive=drive0,bus=scsi0.0,scsi-id=0,remote=disk-proc

Does that work with the patch series?
Why does qemu need to know about scsi-hd?

cheers,
  Gerd

Re: [Qemu-devel] [RFC v3 PATCH 44/45] multi-process: add the concept description to docs/devel/qemu-multiprocess

[Peter Maydell]

On Tue, 3 Sep 2019 at 22:19, Jagannathan Raman <jag.raman@oracle.com> wrote:
>
> From: John G Johnson <john.g.johnson@oracle.com>
>
> Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
> Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
> Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
> ---
>  v2 -> v3:
>    - Updated with latest design of this project
>
>  docs/devel/qemu-multiprocess.txt | 627 +++++++++++++++++++++++++++++++++++++++
>  1 file changed, 627 insertions(+)
>  create mode 100644 docs/devel/qemu-multiprocess.txt

Hi; you can ignore this review comment until there's more
consensus on whether we want to take this patch series, but
new documents in docs/ should be in RST format and included
in the relevant contents page (here docs/devel/index.rst),
please.

thanks
-- PMM

Re: [Qemu-devel] [RFC v3 PATCH 19/45] multi-process: Add LSI device proxy object

[Gerd Hoffmann]

  Hi,

> +static uint64_t proxy_lsi_io_read(void *opaque, hwaddr addr, unsigned size)
> +{
> +    ProxyLSIState *s = opaque;
> +
> +    return proxy_default_bar_read(PCI_PROXY_DEV(s), &s->io_io, addr, size,
> +                                  false);
> +}
> +
> +static void proxy_lsi_io_write(void *opaque, hwaddr addr, uint64_t val,
> +                               unsigned size)
> +{
> +    ProxyLSIState *s = opaque;
> +
> +    proxy_default_bar_write(PCI_PROXY_DEV(s), &s->io_io, addr, val, size,
> +                            false);
> +}
> +
> +static const MemoryRegionOps proxy_lsi_io_ops = {
> +    .read = proxy_lsi_io_read,
> +    .write = proxy_lsi_io_write,
> +    .endianness = DEVICE_NATIVE_ENDIAN,
> +    .impl = {
> +        .min_access_size = 1,
> +        .max_access_size = 1,
> +    },
> +};

Hmm, as more devices get proxy support there will be alot of simliar
boilerplate.

I think it would be useful to have a

struct pci_device_description {
	u16 vendor_id,
	u16 device_id,
	[ ... ]
	struct {
		[ ... ]
	} bar[6];
};

> +    proxy_class->realize = proxy_lsi_realize;
> +    proxy_class->command = g_strdup("qemu-scsi-dev");

Hook that up here (proxy_class->description = &lsi_description),
then have the pci proxy realize function setup everything.  All pci
bar access is just forwarded to the proxy, that should be doable
without duplicating the code for each proxied pci device ...

At least parts of the pci_device_description can probably also used for
non-proxy device setup (should work for pci config space, probably
would not work for memory regions as they are very device specific).

cheers,
  Gerd

Re: [Qemu-devel] [RFC v3 PATCH 07/45] multi-process: define proxy-link object

[Eric Blake]

On 9/4/19 3:22 AM, Daniel P. Berrangé wrote:
> On Tue, Sep 03, 2019 at 04:37:33PM -0400, Jagannathan Raman wrote:
>> Defines proxy-link object which forms the communication link between
>> QEMU & emulation program.
>> Adds functions to configure members of proxy-link object instance.
>> Adds functions to send and receive messages over the communication
>> channel.
>> Adds GMainLoop to handle events received on the communication channel.

>> +
>> +#ifndef PROXY_LINK_H
>> +#define PROXY_LINK_H
>> +
>> +#include <stddef.h>
>> +#include <stdint.h>
>> +#include <glib.h>
> 
> I'm guessing this is the cause - nothing should be including this
> directly - it is pulled  in for you via qemu/osdep.h
> 
>> +#include <pthread.h>
>> +
>> +#include "qemu/osdep.h"

For that matter, "qemu/osdep.h" should ALWAYS be listed first, before
any system headers, and inclusion of <stddef.h> and <stdint.h> is also
redundant, just as the <glib.h>.


-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [RFC v3 PATCH 01/45] multi-process: memory: alloc RAM from file at offset

[Jag Raman]

On 9/4/2019 4:11 AM, Dr. David Alan Gilbert wrote:
> * Jagannathan Raman (jag.raman@oracle.com) wrote:
>> Allow RAM MemoryRegion to be created from an offset in a file, instead
>> of allocating at offset of 0 by default. This is needed to synchronize
>> RAM between QEMU & remote process.
>> This will be needed for the following patches.
>>
>> Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
>> Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
>> Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
>> ---
>>   exec.c                    | 11 +++++++----
>>   include/exec/ram_addr.h   |  2 +-
>>   include/qemu/mmap-alloc.h |  3 ++-
>>   memory.c                  |  2 +-
>>   util/mmap-alloc.c         |  7 ++++---
>>   util/oslib-posix.c        |  2 +-
>>   6 files changed, 16 insertions(+), 11 deletions(-)
> 
> I'm surprised this doesn't change something in
> vhost-user.c:vhost_user_set_mem_table so that the vhost-user client
> knows what it's mapping?

Hi Dave,

vhost-user does not use the functions addressed in this patch for
mapping the RAM onto the remote process. It calls mmap() for this
purpose (vu_set_mem_table_exec()).

Thanks!
--
Jag

> 
> Dave
> 
>> diff --git a/exec.c b/exec.c
>> index 3e78de3..b3f1aa9 100644
>> --- a/exec.c
>> +++ b/exec.c
>> @@ -1885,6 +1885,7 @@ static void *file_ram_alloc(RAMBlock *block,
>>                               ram_addr_t memory,
>>                               int fd,
>>                               bool truncate,
>> +                            off_t offset,
>>                               Error **errp)
>>   {
>>       MachineState *ms = MACHINE(qdev_get_machine());
>> @@ -1936,7 +1937,8 @@ static void *file_ram_alloc(RAMBlock *block,
>>       }
>>   
>>       area = qemu_ram_mmap(fd, memory, block->mr->align,
>> -                         block->flags & RAM_SHARED, block->flags & RAM_PMEM);
>> +                         block->flags & RAM_SHARED, block->flags & RAM_PMEM,
>> +                         offset);
>>       if (area == MAP_FAILED) {
>>           error_setg_errno(errp, errno,
>>                            "unable to map backing store for guest RAM");
>> @@ -2325,7 +2327,7 @@ static void ram_block_add(RAMBlock *new_block, Error **errp, bool shared)
>>   #ifdef CONFIG_POSIX
>>   RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
>>                                    uint32_t ram_flags, int fd,
>> -                                 Error **errp)
>> +                                 off_t offset, Error **errp)
>>   {
>>       RAMBlock *new_block;
>>       Error *local_err = NULL;
>> @@ -2370,7 +2372,8 @@ RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
>>       new_block->used_length = size;
>>       new_block->max_length = size;
>>       new_block->flags = ram_flags;
>> -    new_block->host = file_ram_alloc(new_block, size, fd, !file_size, errp);
>> +    new_block->host = file_ram_alloc(new_block, size, fd, !file_size, offset,
>> +                                     errp);
>>       if (!new_block->host) {
>>           g_free(new_block);
>>           return NULL;
>> @@ -2400,7 +2403,7 @@ RAMBlock *qemu_ram_alloc_from_file(ram_addr_t size, MemoryRegion *mr,
>>           return NULL;
>>       }
>>   
>> -    block = qemu_ram_alloc_from_fd(size, mr, ram_flags, fd, errp);
>> +    block = qemu_ram_alloc_from_fd(size, mr, ram_flags, fd, 0, errp);
>>       if (!block) {
>>           if (created) {
>>               unlink(mem_path);
>> diff --git a/include/exec/ram_addr.h b/include/exec/ram_addr.h
>> index b7b2e60..15837a1 100644
>> --- a/include/exec/ram_addr.h
>> +++ b/include/exec/ram_addr.h
>> @@ -164,7 +164,7 @@ RAMBlock *qemu_ram_alloc_from_file(ram_addr_t size, MemoryRegion *mr,
>>                                      Error **errp);
>>   RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
>>                                    uint32_t ram_flags, int fd,
>> -                                 Error **errp);
>> +                                 off_t offset, Error **errp);
>>   
>>   RAMBlock *qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
>>                                     MemoryRegion *mr, Error **errp);
>> diff --git a/include/qemu/mmap-alloc.h b/include/qemu/mmap-alloc.h
>> index e786266..4f57985 100644
>> --- a/include/qemu/mmap-alloc.h
>> +++ b/include/qemu/mmap-alloc.h
>> @@ -25,7 +25,8 @@ void *qemu_ram_mmap(int fd,
>>                       size_t size,
>>                       size_t align,
>>                       bool shared,
>> -                    bool is_pmem);
>> +                    bool is_pmem,
>> +                    off_t start);
>>   
>>   void qemu_ram_munmap(int fd, void *ptr, size_t size);
>>   
>> diff --git a/memory.c b/memory.c
>> index 5d8c9a9..debed5e 100644
>> --- a/memory.c
>> +++ b/memory.c
>> @@ -1622,7 +1622,7 @@ void memory_region_init_ram_from_fd(MemoryRegion *mr,
>>       mr->destructor = memory_region_destructor_ram;
>>       mr->ram_block = qemu_ram_alloc_from_fd(size, mr,
>>                                              share ? RAM_SHARED : 0,
>> -                                           fd, &err);
>> +                                           fd, 0, &err);
>>       mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
>>       if (err) {
>>           mr->size = int128_zero();
>> diff --git a/util/mmap-alloc.c b/util/mmap-alloc.c
>> index f7f177d..4b727bd 100644
>> --- a/util/mmap-alloc.c
>> +++ b/util/mmap-alloc.c
>> @@ -86,7 +86,8 @@ void *qemu_ram_mmap(int fd,
>>                       size_t size,
>>                       size_t align,
>>                       bool shared,
>> -                    bool is_pmem)
>> +                    bool is_pmem,
>> +                    off_t start)
>>   {
>>       int flags;
>>       int map_sync_flags = 0;
>> @@ -147,7 +148,7 @@ void *qemu_ram_mmap(int fd,
>>       offset = QEMU_ALIGN_UP((uintptr_t)guardptr, align) - (uintptr_t)guardptr;
>>   
>>       ptr = mmap(guardptr + offset, size, PROT_READ | PROT_WRITE,
>> -               flags | map_sync_flags, fd, 0);
>> +               flags | map_sync_flags, fd, start);
>>   
>>       if (ptr == MAP_FAILED && map_sync_flags) {
>>           if (errno == ENOTSUP) {
>> @@ -172,7 +173,7 @@ void *qemu_ram_mmap(int fd,
>>            * we will remove these flags to handle compatibility.
>>            */
>>           ptr = mmap(guardptr + offset, size, PROT_READ | PROT_WRITE,
>> -                   flags, fd, 0);
>> +                   flags, fd, start);
>>       }
>>   
>>       if (ptr == MAP_FAILED) {
>> diff --git a/util/oslib-posix.c b/util/oslib-posix.c
>> index fe0309c..f6a243f 100644
>> --- a/util/oslib-posix.c
>> +++ b/util/oslib-posix.c
>> @@ -204,7 +204,7 @@ void *qemu_memalign(size_t alignment, size_t size)
>>   void *qemu_anon_ram_alloc(size_t size, uint64_t *alignment, bool shared)
>>   {
>>       size_t align = QEMU_VMALLOC_ALIGN;
>> -    void *ptr = qemu_ram_mmap(-1, size, align, shared, false);
>> +    void *ptr = qemu_ram_mmap(-1, size, align, shared, false, 0);
>>   
>>       if (ptr == MAP_FAILED) {
>>           return NULL;
>> -- 
>> 1.8.3.1
>>
> --
> Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
> 

Re: [Qemu-devel] [RFC v3 PATCH 02/45] multi-process: util: Add qemu_thread_cancel() to cancel running thread

[Jag Raman]

On 9/4/2019 5:11 AM, Daniel P. Berrangé wrote:
> On Tue, Sep 03, 2019 at 04:37:28PM -0400, Jagannathan Raman wrote:
>> qemu_thread_cancel() added to destroy a given running thread.
>> This will be needed in the following patches.
> 
> I don't see anything in the following patches that actually uses
> this new function.
> 
> That is good though, because it is incredibly difficult to
> correctly use pthread_cancel() in such a way that you correctly
> release all memory and other resources (file descriptors) owned
> by the thread being cancelled.
> 
> So this looks like it can thankfully be dropped.

Thanks Daniel. Will drop this in the next revision.
--
Jag

> 
>>
>> Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
>> Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
>> Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
>> ---
>>   include/qemu/thread.h    |  1 +
>>   util/qemu-thread-posix.c | 10 ++++++++++
>>   2 files changed, 11 insertions(+)
> 
> Regards,
> Daniel
> 

Re: [Qemu-devel] [RFC v3 PATCH 01/45] multi-process: memory: alloc RAM from file at offset

[Dr. David Alan Gilbert]

* Jag Raman (jag.raman@oracle.com) wrote:
> 
> 
> On 9/4/2019 4:11 AM, Dr. David Alan Gilbert wrote:
> > * Jagannathan Raman (jag.raman@oracle.com) wrote:
> > > Allow RAM MemoryRegion to be created from an offset in a file, instead
> > > of allocating at offset of 0 by default. This is needed to synchronize
> > > RAM between QEMU & remote process.
> > > This will be needed for the following patches.
> > > 
> > > Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
> > > Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
> > > Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
> > > ---
> > >   exec.c                    | 11 +++++++----
> > >   include/exec/ram_addr.h   |  2 +-
> > >   include/qemu/mmap-alloc.h |  3 ++-
> > >   memory.c                  |  2 +-
> > >   util/mmap-alloc.c         |  7 ++++---
> > >   util/oslib-posix.c        |  2 +-
> > >   6 files changed, 16 insertions(+), 11 deletions(-)
> > 
> > I'm surprised this doesn't change something in
> > vhost-user.c:vhost_user_set_mem_table so that the vhost-user client
> > knows what it's mapping?
> 
> Hi Dave,
> 
> vhost-user does not use the functions addressed in this patch for
> mapping the RAM onto the remote process. It calls mmap() for this
> purpose (vu_set_mem_table_exec()).

It should at least check that the file it's sending over set-mem-table
has a 0 offset, otherwise things could get confused if someone tries
to run a vhost-user device on a system that's also running multi-process
(which should be a whole world of fun!)

dave

> Thanks!
> --
> Jag
> 
> > 
> > Dave
> > 
> > > diff --git a/exec.c b/exec.c
> > > index 3e78de3..b3f1aa9 100644
> > > --- a/exec.c
> > > +++ b/exec.c
> > > @@ -1885,6 +1885,7 @@ static void *file_ram_alloc(RAMBlock *block,
> > >                               ram_addr_t memory,
> > >                               int fd,
> > >                               bool truncate,
> > > +                            off_t offset,
> > >                               Error **errp)
> > >   {
> > >       MachineState *ms = MACHINE(qdev_get_machine());
> > > @@ -1936,7 +1937,8 @@ static void *file_ram_alloc(RAMBlock *block,
> > >       }
> > >       area = qemu_ram_mmap(fd, memory, block->mr->align,
> > > -                         block->flags & RAM_SHARED, block->flags & RAM_PMEM);
> > > +                         block->flags & RAM_SHARED, block->flags & RAM_PMEM,
> > > +                         offset);
> > >       if (area == MAP_FAILED) {
> > >           error_setg_errno(errp, errno,
> > >                            "unable to map backing store for guest RAM");
> > > @@ -2325,7 +2327,7 @@ static void ram_block_add(RAMBlock *new_block, Error **errp, bool shared)
> > >   #ifdef CONFIG_POSIX
> > >   RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
> > >                                    uint32_t ram_flags, int fd,
> > > -                                 Error **errp)
> > > +                                 off_t offset, Error **errp)
> > >   {
> > >       RAMBlock *new_block;
> > >       Error *local_err = NULL;
> > > @@ -2370,7 +2372,8 @@ RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
> > >       new_block->used_length = size;
> > >       new_block->max_length = size;
> > >       new_block->flags = ram_flags;
> > > -    new_block->host = file_ram_alloc(new_block, size, fd, !file_size, errp);
> > > +    new_block->host = file_ram_alloc(new_block, size, fd, !file_size, offset,
> > > +                                     errp);
> > >       if (!new_block->host) {
> > >           g_free(new_block);
> > >           return NULL;
> > > @@ -2400,7 +2403,7 @@ RAMBlock *qemu_ram_alloc_from_file(ram_addr_t size, MemoryRegion *mr,
> > >           return NULL;
> > >       }
> > > -    block = qemu_ram_alloc_from_fd(size, mr, ram_flags, fd, errp);
> > > +    block = qemu_ram_alloc_from_fd(size, mr, ram_flags, fd, 0, errp);
> > >       if (!block) {
> > >           if (created) {
> > >               unlink(mem_path);
> > > diff --git a/include/exec/ram_addr.h b/include/exec/ram_addr.h
> > > index b7b2e60..15837a1 100644
> > > --- a/include/exec/ram_addr.h
> > > +++ b/include/exec/ram_addr.h
> > > @@ -164,7 +164,7 @@ RAMBlock *qemu_ram_alloc_from_file(ram_addr_t size, MemoryRegion *mr,
> > >                                      Error **errp);
> > >   RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
> > >                                    uint32_t ram_flags, int fd,
> > > -                                 Error **errp);
> > > +                                 off_t offset, Error **errp);
> > >   RAMBlock *qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
> > >                                     MemoryRegion *mr, Error **errp);
> > > diff --git a/include/qemu/mmap-alloc.h b/include/qemu/mmap-alloc.h
> > > index e786266..4f57985 100644
> > > --- a/include/qemu/mmap-alloc.h
> > > +++ b/include/qemu/mmap-alloc.h
> > > @@ -25,7 +25,8 @@ void *qemu_ram_mmap(int fd,
> > >                       size_t size,
> > >                       size_t align,
> > >                       bool shared,
> > > -                    bool is_pmem);
> > > +                    bool is_pmem,
> > > +                    off_t start);
> > >   void qemu_ram_munmap(int fd, void *ptr, size_t size);
> > > diff --git a/memory.c b/memory.c
> > > index 5d8c9a9..debed5e 100644
> > > --- a/memory.c
> > > +++ b/memory.c
> > > @@ -1622,7 +1622,7 @@ void memory_region_init_ram_from_fd(MemoryRegion *mr,
> > >       mr->destructor = memory_region_destructor_ram;
> > >       mr->ram_block = qemu_ram_alloc_from_fd(size, mr,
> > >                                              share ? RAM_SHARED : 0,
> > > -                                           fd, &err);
> > > +                                           fd, 0, &err);
> > >       mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
> > >       if (err) {
> > >           mr->size = int128_zero();
> > > diff --git a/util/mmap-alloc.c b/util/mmap-alloc.c
> > > index f7f177d..4b727bd 100644
> > > --- a/util/mmap-alloc.c
> > > +++ b/util/mmap-alloc.c
> > > @@ -86,7 +86,8 @@ void *qemu_ram_mmap(int fd,
> > >                       size_t size,
> > >                       size_t align,
> > >                       bool shared,
> > > -                    bool is_pmem)
> > > +                    bool is_pmem,
> > > +                    off_t start)
> > >   {
> > >       int flags;
> > >       int map_sync_flags = 0;
> > > @@ -147,7 +148,7 @@ void *qemu_ram_mmap(int fd,
> > >       offset = QEMU_ALIGN_UP((uintptr_t)guardptr, align) - (uintptr_t)guardptr;
> > >       ptr = mmap(guardptr + offset, size, PROT_READ | PROT_WRITE,
> > > -               flags | map_sync_flags, fd, 0);
> > > +               flags | map_sync_flags, fd, start);
> > >       if (ptr == MAP_FAILED && map_sync_flags) {
> > >           if (errno == ENOTSUP) {
> > > @@ -172,7 +173,7 @@ void *qemu_ram_mmap(int fd,
> > >            * we will remove these flags to handle compatibility.
> > >            */
> > >           ptr = mmap(guardptr + offset, size, PROT_READ | PROT_WRITE,
> > > -                   flags, fd, 0);
> > > +                   flags, fd, start);
> > >       }
> > >       if (ptr == MAP_FAILED) {
> > > diff --git a/util/oslib-posix.c b/util/oslib-posix.c
> > > index fe0309c..f6a243f 100644
> > > --- a/util/oslib-posix.c
> > > +++ b/util/oslib-posix.c
> > > @@ -204,7 +204,7 @@ void *qemu_memalign(size_t alignment, size_t size)
> > >   void *qemu_anon_ram_alloc(size_t size, uint64_t *alignment, bool shared)
> > >   {
> > >       size_t align = QEMU_VMALLOC_ALIGN;
> > > -    void *ptr = qemu_ram_mmap(-1, size, align, shared, false);
> > > +    void *ptr = qemu_ram_mmap(-1, size, align, shared, false, 0);
> > >       if (ptr == MAP_FAILED) {
> > >           return NULL;
> > > -- 
> > > 1.8.3.1
> > > 
> > --
> > Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
> > 
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK

Re: [Qemu-devel] [RFC v3 PATCH 07/45] multi-process: define proxy-link object

[Jag Raman]

On 9/5/2019 10:37 AM, Eric Blake wrote:
> On 9/4/19 3:22 AM, Daniel P. Berrangé wrote:
>> On Tue, Sep 03, 2019 at 04:37:33PM -0400, Jagannathan Raman wrote:
>>> Defines proxy-link object which forms the communication link between
>>> QEMU & emulation program.
>>> Adds functions to configure members of proxy-link object instance.
>>> Adds functions to send and receive messages over the communication
>>> channel.
>>> Adds GMainLoop to handle events received on the communication channel.
> 
>>> +
>>> +#ifndef PROXY_LINK_H
>>> +#define PROXY_LINK_H
>>> +
>>> +#include <stddef.h>
>>> +#include <stdint.h>
>>> +#include <glib.h>
>>
>> I'm guessing this is the cause - nothing should be including this
>> directly - it is pulled  in for you via qemu/osdep.h
>>
>>> +#include <pthread.h>
>>> +
>>> +#include "qemu/osdep.h"
> 
> For that matter, "qemu/osdep.h" should ALWAYS be listed first, before
> any system headers, and inclusion of <stddef.h> and <stdint.h> is also
> redundant, just as the <glib.h>.

Removing <glib.h> resolved the build issue. We'll remove <glib.h> in all
files in the next rev.

We soon realized the "qemu/osdep.h" should be the first include in all
the files. We'll ensure that this is the case for all files in the next
revision.

Thanks!
--
Jag

> 
> 

Re: [Qemu-devel] [RFC v3 PATCH 19/45] multi-process: Add LSI device proxy object

[Jag Raman]

On 9/5/2019 6:22 AM, Gerd Hoffmann wrote:
>    Hi,
> 
>> +static uint64_t proxy_lsi_io_read(void *opaque, hwaddr addr, unsigned size)
>> +{
>> +    ProxyLSIState *s = opaque;
>> +
>> +    return proxy_default_bar_read(PCI_PROXY_DEV(s), &s->io_io, addr, size,
>> +                                  false);
>> +}
>> +
>> +static void proxy_lsi_io_write(void *opaque, hwaddr addr, uint64_t val,
>> +                               unsigned size)
>> +{
>> +    ProxyLSIState *s = opaque;
>> +
>> +    proxy_default_bar_write(PCI_PROXY_DEV(s), &s->io_io, addr, val, size,
>> +                            false);
>> +}
>> +
>> +static const MemoryRegionOps proxy_lsi_io_ops = {
>> +    .read = proxy_lsi_io_read,
>> +    .write = proxy_lsi_io_write,
>> +    .endianness = DEVICE_NATIVE_ENDIAN,
>> +    .impl = {
>> +        .min_access_size = 1,
>> +        .max_access_size = 1,
>> +    },
>> +};
> 
> Hmm, as more devices get proxy support there will be alot of simliar
> boilerplate.
> 
> I think it would be useful to have a
> 
> struct pci_device_description {
> 	u16 vendor_id,
> 	u16 device_id,
> 	[ ... ]
> 	struct {
> 		[ ... ]
> 	} bar[6];
> };
> 
>> +    proxy_class->realize = proxy_lsi_realize;
>> +    proxy_class->command = g_strdup("qemu-scsi-dev");
> 
> Hook that up here (proxy_class->description = &lsi_description),
> then have the pci proxy realize function setup everything.  All pci
> bar access is just forwarded to the proxy, that should be doable
> without duplicating the code for each proxied pci device ...
> 
> At least parts of the pci_device_description can probably also used for
> non-proxy device setup (should work for pci config space, probably
> would not work for memory regions as they are very device specific).

Sounds great. We'll move similar boilerplate code to the pci proxy
class in the next rev.

Thanks!
--
Jag

> 
> cheers,
>    Gerd
> 
> 

Re: [Qemu-devel] [RFC v3 PATCH 40/45] multi-process/mon: Refactor monitor/chardev functions out of vl.c

[Jag Raman]

On 9/4/2019 4:37 AM, Dr. David Alan Gilbert wrote:
> * Jagannathan Raman (jag.raman@oracle.com) wrote:
>> Some of the initialization helper functions w.r.t monitor & chardev
>> in vl.c are also used by the remote process. Therefore, these functions
>> are refactored into a shared file that both QEMU & remote process
>> could use.
>>
>> Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
>> Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
>> Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
> 
> Shouldn't the monitor parts be moved into something under monitor/ and
> the chardev parts be moved into chardev/ ?

Sure, will do.

Thanks!
--
Jag

> 
> Dave
> 
>> ---
>>   New patch in v3
>>
>>   vl-parse.c | 92 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>>   vl.c       | 91 -------------------------------------------------------------
>>   vl.h       |  4 +++
>>   3 files changed, 96 insertions(+), 91 deletions(-)
>>
>> diff --git a/vl-parse.c b/vl-parse.c
>> index d3716d1..bee904d 100644
>> --- a/vl-parse.c
>> +++ b/vl-parse.c
>> @@ -155,3 +155,95 @@ int device_init_func(void *opaque, QemuOpts *opts, Error **errp)
>>       object_unref(OBJECT(dev));
>>       return 0;
>>   }
>> +
>> +void monitor_parse(const char *optarg, const char *mode, bool pretty)
>> +{
>> +    static int monitor_device_index;
>> +    QemuOpts *opts;
>> +    const char *p;
>> +    char label[32];
>> +
>> +    if (strstart(optarg, "chardev:", &p)) {
>> +        snprintf(label, sizeof(label), "%s", p);
>> +    } else {
>> +        snprintf(label, sizeof(label), "compat_monitor%d",
>> +                 monitor_device_index);
>> +        opts = qemu_chr_parse_compat(label, optarg, true);
>> +        if (!opts) {
>> +            error_report("parse error: %s", optarg);
>> +            exit(1);
>> +        }
>> +    }
>> +
>> +    opts = qemu_opts_create(qemu_find_opts("mon"), label, 1, &error_fatal);
>> +    qemu_opt_set(opts, "mode", mode, &error_abort);
>> +    qemu_opt_set(opts, "chardev", label, &error_abort);
>> +    if (!strcmp(mode, "control")) {
>> +        qemu_opt_set_bool(opts, "pretty", pretty, &error_abort);
>> +    } else {
>> +        assert(pretty == false);
>> +    }
>> +    monitor_device_index++;
>> +}
>> +
>> +int mon_init_func(void *opaque, QemuOpts *opts, Error **errp)
>> +{
>> +    Chardev *chr;
>> +    bool qmp;
>> +    bool pretty = false;
>> +    const char *chardev;
>> +    const char *mode;
>> +
>> +    mode = qemu_opt_get(opts, "mode");
>> +    if (mode == NULL) {
>> +        mode = "readline";
>> +    }
>> +    if (strcmp(mode, "readline") == 0) {
>> +        qmp = false;
>> +    } else if (strcmp(mode, "control") == 0) {
>> +        qmp = true;
>> +    } else {
>> +        error_setg(errp, "unknown monitor mode \"%s\"", mode);
>> +        return -1;
>> +    }
>> +
>> +    if (!qmp && qemu_opt_get(opts, "pretty")) {
>> +        warn_report("'pretty' is deprecated for HMP monitors, it has no effect "
>> +                    "and will be removed in future versions");
>> +    }
>> +    if (qemu_opt_get_bool(opts, "pretty", 0)) {
>> +        pretty = true;
>> +    }
>> +
>> +    chardev = qemu_opt_get(opts, "chardev");
>> +    if (!chardev) {
>> +        error_report("chardev is required");
>> +        exit(1);
>> +    }
>> +    chr = qemu_chr_find(chardev);
>> +    if (chr == NULL) {
>> +        error_setg(errp, "chardev \"%s\" not found", chardev);
>> +        return -1;
>> +    }
>> +
>> +    if (qmp) {
>> +        monitor_init_qmp(chr, pretty);
>> +    } else {
>> +        monitor_init_hmp(chr, true);
>> +    }
>> +    return 0;
>> +}
>> +
>> +int chardev_init_func(void *opaque, QemuOpts *opts, Error **errp)
>> +{
>> +    Error *local_err = NULL;
>> +
>> +    if (!qemu_chr_new_from_opts(opts, NULL, &local_err)) {
>> +        if (local_err) {
>> +            error_propagate(errp, local_err);
>> +            return -1;
>> +        }
>> +        exit(0);
>> +    }
>> +    return 0;
>> +}
>> diff --git a/vl.c b/vl.c
>> index 08e9c09..3c03405 100644
>> --- a/vl.c
>> +++ b/vl.c
>> @@ -2264,19 +2264,6 @@ static int device_help_func(void *opaque, QemuOpts *opts, Error **errp)
>>       return qdev_device_help(opts);
>>   }
>>   
>> -static int chardev_init_func(void *opaque, QemuOpts *opts, Error **errp)
>> -{
>> -    Error *local_err = NULL;
>> -
>> -    if (!qemu_chr_new_from_opts(opts, NULL, &local_err)) {
>> -        if (local_err) {
>> -            error_propagate(errp, local_err);
>> -            return -1;
>> -        }
>> -        exit(0);
>> -    }
>> -    return 0;
>> -}
>>   
>>   #ifdef CONFIG_VIRTFS
>>   static int fsdev_init_func(void *opaque, QemuOpts *opts, Error **errp)
>> @@ -2285,84 +2272,6 @@ static int fsdev_init_func(void *opaque, QemuOpts *opts, Error **errp)
>>   }
>>   #endif
>>   
>> -static int mon_init_func(void *opaque, QemuOpts *opts, Error **errp)
>> -{
>> -    Chardev *chr;
>> -    bool qmp;
>> -    bool pretty = false;
>> -    const char *chardev;
>> -    const char *mode;
>> -
>> -    mode = qemu_opt_get(opts, "mode");
>> -    if (mode == NULL) {
>> -        mode = "readline";
>> -    }
>> -    if (strcmp(mode, "readline") == 0) {
>> -        qmp = false;
>> -    } else if (strcmp(mode, "control") == 0) {
>> -        qmp = true;
>> -    } else {
>> -        error_setg(errp, "unknown monitor mode \"%s\"", mode);
>> -        return -1;
>> -    }
>> -
>> -    if (!qmp && qemu_opt_get(opts, "pretty")) {
>> -        warn_report("'pretty' is deprecated for HMP monitors, it has no effect "
>> -                    "and will be removed in future versions");
>> -    }
>> -    if (qemu_opt_get_bool(opts, "pretty", 0)) {
>> -        pretty = true;
>> -    }
>> -
>> -    chardev = qemu_opt_get(opts, "chardev");
>> -    if (!chardev) {
>> -        error_report("chardev is required");
>> -        exit(1);
>> -    }
>> -    chr = qemu_chr_find(chardev);
>> -    if (chr == NULL) {
>> -        error_setg(errp, "chardev \"%s\" not found", chardev);
>> -        return -1;
>> -    }
>> -
>> -    if (qmp) {
>> -        monitor_init_qmp(chr, pretty);
>> -    } else {
>> -        monitor_init_hmp(chr, true);
>> -    }
>> -    return 0;
>> -}
>> -
>> -static void monitor_parse(const char *optarg, const char *mode, bool pretty)
>> -{
>> -    static int monitor_device_index = 0;
>> -    QemuOpts *opts;
>> -    const char *p;
>> -    char label[32];
>> -
>> -    if (strstart(optarg, "chardev:", &p)) {
>> -        snprintf(label, sizeof(label), "%s", p);
>> -    } else {
>> -        snprintf(label, sizeof(label), "compat_monitor%d",
>> -                 monitor_device_index);
>> -        opts = qemu_chr_parse_compat(label, optarg, true);
>> -        if (!opts) {
>> -            error_report("parse error: %s", optarg);
>> -            exit(1);
>> -        }
>> -    }
>> -
>> -    opts = qemu_opts_create(qemu_find_opts("mon"), label, 1, &error_fatal);
>> -    qemu_opt_set(opts, "mode", mode, &error_abort);
>> -    qemu_opt_set(opts, "chardev", label, &error_abort);
>> -    if (!strcmp(mode, "control")) {
>> -        qemu_opt_set_bool(opts, "pretty", pretty, &error_abort);
>> -    } else {
>> -        assert(pretty == false);
>> -    }
>> -    monitor_device_index++;
>> -}
>> -
>>   struct device_config {
>>       enum {
>>           DEV_USB,       /* -usbdevice     */
>> diff --git a/vl.h b/vl.h
>> index 8c40fed..21ca747 100644
>> --- a/vl.h
>> +++ b/vl.h
>> @@ -50,5 +50,9 @@ int device_init_func(void *opaque, QemuOpts *opts, Error **errp);
>>   int rdrive_init_func(void *opaque, QemuOpts *opts, Error **errp);
>>   int rdevice_init_func(void *opaque, QemuOpts *opts, Error **errp);
>>   
>> +void monitor_parse(const char *optarg, const char *mode, bool pretty);
>> +int mon_init_func(void *opaque, QemuOpts *opts, Error **errp);
>> +int chardev_init_func(void *opaque, QemuOpts *opts, Error **errp);
>> +
>>   #endif /* VL_H */
>>   
>> -- 
>> 1.8.3.1
>>
> --
> Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
> 

Re: [Qemu-devel] [RFC v3 PATCH 41/45] multi-process/mon: trim HMP command set for remote storage processes

[Jag Raman]

On 9/4/2019 4:56 AM, Dr. David Alan Gilbert wrote:
> * Jagannathan Raman (jag.raman@oracle.com) wrote:
>> Trim down the list of HMP commands available for storage class of
>> remote processes.
>>
>> Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
>> Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
>> Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
>> ---
>>   New patch in v3
>>
>>   Makefile.objs              |   2 +
>>   Makefile.target            |  14 +-
>>   hmp-scsi-commands-info.hx  | 167 ++++++++++++++++++++
>>   hmp-scsi-commands.hx       | 384 +++++++++++++++++++++++++++++++++++++++++++++
>>   monitor/misc.c             |  84 +++++-----
>>   monitor/monitor-internal.h |  38 +++++
>>   qom/Makefile.objs          |   2 +-
>>   7 files changed, 651 insertions(+), 40 deletions(-)
>>   create mode 100644 hmp-scsi-commands-info.hx
>>   create mode 100644 hmp-scsi-commands.hx
>>
>> diff --git a/Makefile.objs b/Makefile.objs
>> index 04af900..11cd7be 100644
>> --- a/Makefile.objs
>> +++ b/Makefile.objs
>> @@ -45,6 +45,8 @@ remote-pci-obj-$(CONFIG_MPQEMU) += iothread.o
>>   remote-lsi-obj-$(CONFIG_MPQEMU) += hw/
>>   remote-lsi-obj-$(CONFIG_MPQEMU) += ui/
>>   
>> +remote-lsi-obj-$(CONFIG_MPQEMU) += device-hotplug.o
>> +
>>   #######################################################################
>>   # crypto-obj-y is code used by both qemu system emulation and qemu-img
>>   
>> diff --git a/Makefile.target b/Makefile.target
>> index 0ca832f..00a4b85 100644
>> --- a/Makefile.target
>> +++ b/Makefile.target
>> @@ -210,6 +210,10 @@ endif
>>   generated-files-y += hmp-commands.h hmp-commands-info.h
>>   generated-files-y += config-devices.h
>>   
>> +ifdef CONFIG_MPQEMU
>> +generated-files-y += hmp-scsi-commands.h hmp-scsi-commands-info.h
>> +endif
>> +
>>   endif # CONFIG_SOFTMMU
>>   
>>   dummy := $(call unnest-vars,,obj-y)
>> @@ -294,10 +298,18 @@ hmp-commands.h: $(SRC_PATH)/hmp-commands.hx $(SRC_PATH)/scripts/hxtool
>>   hmp-commands-info.h: $(SRC_PATH)/hmp-commands-info.hx $(SRC_PATH)/scripts/hxtool
>>   	$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$(TARGET_DIR)$@")
>>   
>> +ifdef CONFIG_MPQEMU
>> +hmp-scsi-commands.h: $(SRC_PATH)/hmp-scsi-commands.hx $(SRC_PATH)/scripts/hxtool
>> +	$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$(TARGET_DIR)$@")
>> +
>> +hmp-scsi-commands-info.h: $(SRC_PATH)/hmp-scsi-commands-info.hx $(SRC_PATH)/scripts/hxtool
>> +	$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$(TARGET_DIR)$@")
>> +endif
>> +
>>   clean: clean-target
>>   	rm -f *.a *~ $(PROGS)
>>   	rm -f $(shell find . -name '*.[od]')
>> -	rm -f hmp-commands.h gdbstub-xml.c
>> +	rm -f hmp-commands.h gdbstub-xml.c hmp-scsi-commands.h hmp-scsi-commands-info.h
>>   	rm -f trace/generated-helpers.c trace/generated-helpers.c-timestamp
>>   ifdef CONFIG_TRACE_SYSTEMTAP
>>   	rm -f *.stp
>> diff --git a/hmp-scsi-commands-info.hx b/hmp-scsi-commands-info.hx
>> new file mode 100644
>> index 0000000..315a445
>> --- /dev/null
>> +++ b/hmp-scsi-commands-info.hx
>> @@ -0,0 +1,167 @@
>> +HXCOMM Use DEFHEADING() to define headings in both help text and texi
>> +HXCOMM Text between STEXI and ETEXI are copied to texi version and
>> +HXCOMM discarded from C version
>> +HXCOMM DEF(command, args, callback, arg_string, help) is used to construct
>> +HXCOMM monitor info commands
>> +HXCOMM HXCOMM can be used for comments, discarded from both texi and C
>> +
>> +STEXI
>> +@table @option
>> +@item info @var{subcommand}
>> +@findex info
>> +Show various information about the system state.
>> +@table @option
>> +ETEXI
>> +
>> +    {
>> +        .name       = "version",
>> +        .args_type  = "",
>> +        .params     = "",
>> +        .help       = "show the version of QEMU",
>> +        .cmd        = hmp_info_version,
>> +        .flags      = "p",
>> +    },
>> +
>> +STEXI
>> +@item info version
>> +@findex info version
>> +Show the version of QEMU.
>> +ETEXI
> 
> It feels like you need a way to share this stuff without copying it;
> 'info version' isn't really a scsi specific command!
> One idea is you could add a new field, e.g.
> 
>       .subcommands = "scsi,somethingelse"
> 
> and then you process it to pick that up?

What do you think about breaking up hmp-commands-info.hx into smaller
files based on the types of devices it applies to - for example,
storage, network, console, etc..? We could then include the generated
file based on the device type.

Thanks!
--
Jag

> 
> <snip>
> 
>> diff --git a/monitor/misc.c b/monitor/misc.c
>> index 00338c0..4914f46 100644
>> --- a/monitor/misc.c
>> +++ b/monitor/misc.c
>> @@ -176,12 +176,12 @@ int hmp_compare_cmd(const char *name, const char *list)
>>       return 0;
>>   }
>>   
>> -static void do_help_cmd(Monitor *mon, const QDict *qdict)
>> +void do_help_cmd(Monitor *mon, const QDict *qdict)
> 
> If you're unstatic'ing things that don't have hmp in the name then you
> need to add it, i.e. hmp_do_help_cmd.
> 
> Dave
> 
>>   {
>>       help_cmd(mon, qdict_get_try_str(qdict, "name"));
>>   }
>>   
>> -static void hmp_trace_event(Monitor *mon, const QDict *qdict)
>> +void hmp_trace_event(Monitor *mon, const QDict *qdict)
>>   {
>>       const char *tp_name = qdict_get_str(qdict, "name");
>>       bool new_state = qdict_get_bool(qdict, "option");
>> @@ -225,7 +225,7 @@ static void hmp_trace_file(Monitor *mon, const QDict *qdict)
>>   }
>>   #endif
>>   
>> -static void hmp_info_help(Monitor *mon, const QDict *qdict)
>> +void hmp_info_help(Monitor *mon, const QDict *qdict)
>>   {
>>       help_cmd(mon, "info");
>>   }
>> @@ -436,7 +436,7 @@ int monitor_get_cpu_index(void)
>>       return cs ? cs->cpu_index : UNASSIGNED_CPU_INDEX;
>>   }
>>   
>> -static void hmp_info_registers(Monitor *mon, const QDict *qdict)
>> +void hmp_info_registers(Monitor *mon, const QDict *qdict)
>>   {
>>       bool all_cpus = qdict_get_try_bool(qdict, "cpustate_all", false);
>>       CPUState *cs;
>> @@ -459,7 +459,7 @@ static void hmp_info_registers(Monitor *mon, const QDict *qdict)
>>   }
>>   
>>   #ifdef CONFIG_TCG
>> -static void hmp_info_jit(Monitor *mon, const QDict *qdict)
>> +void hmp_info_jit(Monitor *mon, const QDict *qdict)
>>   {
>>       if (!tcg_enabled()) {
>>           error_report("JIT information is only available with accel=tcg");
>> @@ -470,13 +470,13 @@ static void hmp_info_jit(Monitor *mon, const QDict *qdict)
>>       dump_drift_info();
>>   }
>>   
>> -static void hmp_info_opcount(Monitor *mon, const QDict *qdict)
>> +void hmp_info_opcount(Monitor *mon, const QDict *qdict)
>>   {
>>       dump_opcount_info();
>>   }
>>   #endif
>>   
>> -static void hmp_info_sync_profile(Monitor *mon, const QDict *qdict)
>> +void hmp_info_sync_profile(Monitor *mon, const QDict *qdict)
>>   {
>>       int64_t max = qdict_get_try_int(qdict, "max", 10);
>>       bool mean = qdict_get_try_bool(qdict, "mean", false);
>> @@ -487,7 +487,7 @@ static void hmp_info_sync_profile(Monitor *mon, const QDict *qdict)
>>       qsp_report(max, sort_by, coalesce);
>>   }
>>   
>> -static void hmp_info_history(Monitor *mon, const QDict *qdict)
>> +void hmp_info_history(Monitor *mon, const QDict *qdict)
>>   {
>>       MonitorHMP *hmp_mon = container_of(mon, MonitorHMP, common);
>>       int i;
>> @@ -507,7 +507,7 @@ static void hmp_info_history(Monitor *mon, const QDict *qdict)
>>       }
>>   }
>>   
>> -static void hmp_info_cpustats(Monitor *mon, const QDict *qdict)
>> +void hmp_info_cpustats(Monitor *mon, const QDict *qdict)
>>   {
>>       CPUState *cs = mon_get_cpu();
>>   
>> @@ -518,7 +518,7 @@ static void hmp_info_cpustats(Monitor *mon, const QDict *qdict)
>>       cpu_dump_statistics(cs, 0);
>>   }
>>   
>> -static void hmp_info_trace_events(Monitor *mon, const QDict *qdict)
>> +void hmp_info_trace_events(Monitor *mon, const QDict *qdict)
>>   {
>>       const char *name = qdict_get_try_str(qdict, "name");
>>       bool has_vcpu = qdict_haskey(qdict, "vcpu");
>> @@ -578,7 +578,7 @@ void qmp_client_migrate_info(const char *protocol, const char *hostname,
>>       error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "protocol", "spice");
>>   }
>>   
>> -static void hmp_logfile(Monitor *mon, const QDict *qdict)
>> +void hmp_logfile(Monitor *mon, const QDict *qdict)
>>   {
>>       Error *err = NULL;
>>   
>> @@ -588,7 +588,7 @@ static void hmp_logfile(Monitor *mon, const QDict *qdict)
>>       }
>>   }
>>   
>> -static void hmp_log(Monitor *mon, const QDict *qdict)
>> +void hmp_log(Monitor *mon, const QDict *qdict)
>>   {
>>       int mask;
>>       const char *items = qdict_get_str(qdict, "items");
>> @@ -605,7 +605,7 @@ static void hmp_log(Monitor *mon, const QDict *qdict)
>>       qemu_set_log(mask);
>>   }
>>   
>> -static void hmp_singlestep(Monitor *mon, const QDict *qdict)
>> +void hmp_singlestep(Monitor *mon, const QDict *qdict)
>>   {
>>       const char *option = qdict_get_try_str(qdict, "option");
>>       if (!option || !strcmp(option, "on")) {
>> @@ -617,7 +617,7 @@ static void hmp_singlestep(Monitor *mon, const QDict *qdict)
>>       }
>>   }
>>   
>> -static void hmp_gdbserver(Monitor *mon, const QDict *qdict)
>> +void hmp_gdbserver(Monitor *mon, const QDict *qdict)
>>   {
>>       const char *device = qdict_get_try_str(qdict, "device");
>>       if (!device)
>> @@ -633,7 +633,7 @@ static void hmp_gdbserver(Monitor *mon, const QDict *qdict)
>>       }
>>   }
>>   
>> -static void hmp_watchdog_action(Monitor *mon, const QDict *qdict)
>> +void hmp_watchdog_action(Monitor *mon, const QDict *qdict)
>>   {
>>       const char *action = qdict_get_str(qdict, "action");
>>       if (select_watchdog_action(action) == -1) {
>> @@ -775,7 +775,7 @@ static void memory_dump(Monitor *mon, int count, int format, int wsize,
>>       }
>>   }
>>   
>> -static void hmp_memory_dump(Monitor *mon, const QDict *qdict)
>> +void hmp_memory_dump(Monitor *mon, const QDict *qdict)
>>   {
>>       int count = qdict_get_int(qdict, "count");
>>       int format = qdict_get_int(qdict, "format");
>> @@ -785,7 +785,7 @@ static void hmp_memory_dump(Monitor *mon, const QDict *qdict)
>>       memory_dump(mon, count, format, size, addr, 0);
>>   }
>>   
>> -static void hmp_physical_memory_dump(Monitor *mon, const QDict *qdict)
>> +void hmp_physical_memory_dump(Monitor *mon, const QDict *qdict)
>>   {
>>       int count = qdict_get_int(qdict, "count");
>>       int format = qdict_get_int(qdict, "format");
>> @@ -815,7 +815,7 @@ static void *gpa2hva(MemoryRegion **p_mr, hwaddr addr, Error **errp)
>>       return qemu_map_ram_ptr(mrs.mr->ram_block, mrs.offset_within_region);
>>   }
>>   
>> -static void hmp_gpa2hva(Monitor *mon, const QDict *qdict)
>> +void hmp_gpa2hva(Monitor *mon, const QDict *qdict)
>>   {
>>       hwaddr addr = qdict_get_int(qdict, "addr");
>>       Error *local_err = NULL;
>> @@ -835,7 +835,7 @@ static void hmp_gpa2hva(Monitor *mon, const QDict *qdict)
>>       memory_region_unref(mr);
>>   }
>>   
>> -static void hmp_gva2gpa(Monitor *mon, const QDict *qdict)
>> +void hmp_gva2gpa(Monitor *mon, const QDict *qdict)
>>   {
>>       target_ulong addr = qdict_get_int(qdict, "addr");
>>       MemTxAttrs attrs;
>> @@ -890,7 +890,7 @@ out:
>>       return ret;
>>   }
>>   
>> -static void hmp_gpa2hpa(Monitor *mon, const QDict *qdict)
>> +void hmp_gpa2hpa(Monitor *mon, const QDict *qdict)
>>   {
>>       hwaddr addr = qdict_get_int(qdict, "addr");
>>       Error *local_err = NULL;
>> @@ -917,7 +917,7 @@ static void hmp_gpa2hpa(Monitor *mon, const QDict *qdict)
>>   }
>>   #endif
>>   
>> -static void do_print(Monitor *mon, const QDict *qdict)
>> +void do_print(Monitor *mon, const QDict *qdict)
>>   {
>>       int format = qdict_get_int(qdict, "format");
>>       hwaddr val = qdict_get_int(qdict, "val");
>> @@ -943,7 +943,7 @@ static void do_print(Monitor *mon, const QDict *qdict)
>>       monitor_printf(mon, "\n");
>>   }
>>   
>> -static void hmp_sum(Monitor *mon, const QDict *qdict)
>> +void hmp_sum(Monitor *mon, const QDict *qdict)
>>   {
>>       uint32_t addr;
>>       uint16_t sum;
>> @@ -963,7 +963,7 @@ static void hmp_sum(Monitor *mon, const QDict *qdict)
>>   
>>   static int mouse_button_state;
>>   
>> -static void hmp_mouse_move(Monitor *mon, const QDict *qdict)
>> +void hmp_mouse_move(Monitor *mon, const QDict *qdict)
>>   {
>>       int dx, dy, dz, button;
>>       const char *dx_str = qdict_get_str(qdict, "dx_str");
>> @@ -987,7 +987,7 @@ static void hmp_mouse_move(Monitor *mon, const QDict *qdict)
>>       qemu_input_event_sync();
>>   }
>>   
>> -static void hmp_mouse_button(Monitor *mon, const QDict *qdict)
>> +void hmp_mouse_button(Monitor *mon, const QDict *qdict)
>>   {
>>       static uint32_t bmap[INPUT_BUTTON__MAX] = {
>>           [INPUT_BUTTON_LEFT]       = MOUSE_EVENT_LBUTTON,
>> @@ -1004,7 +1004,7 @@ static void hmp_mouse_button(Monitor *mon, const QDict *qdict)
>>       mouse_button_state = button_state;
>>   }
>>   
>> -static void hmp_ioport_read(Monitor *mon, const QDict *qdict)
>> +void hmp_ioport_read(Monitor *mon, const QDict *qdict)
>>   {
>>       int size = qdict_get_int(qdict, "size");
>>       int addr = qdict_get_int(qdict, "addr");
>> @@ -1038,7 +1038,7 @@ static void hmp_ioport_read(Monitor *mon, const QDict *qdict)
>>                      suffix, addr, size * 2, val);
>>   }
>>   
>> -static void hmp_ioport_write(Monitor *mon, const QDict *qdict)
>> +void hmp_ioport_write(Monitor *mon, const QDict *qdict)
>>   {
>>       int size = qdict_get_int(qdict, "size");
>>       int addr = qdict_get_int(qdict, "addr");
>> @@ -1060,7 +1060,7 @@ static void hmp_ioport_write(Monitor *mon, const QDict *qdict)
>>       }
>>   }
>>   
>> -static void hmp_boot_set(Monitor *mon, const QDict *qdict)
>> +void hmp_boot_set(Monitor *mon, const QDict *qdict)
>>   {
>>       Error *local_err = NULL;
>>       const char *bootdevice = qdict_get_str(qdict, "bootdevice");
>> @@ -1073,7 +1073,7 @@ static void hmp_boot_set(Monitor *mon, const QDict *qdict)
>>       }
>>   }
>>   
>> -static void hmp_info_mtree(Monitor *mon, const QDict *qdict)
>> +void hmp_info_mtree(Monitor *mon, const QDict *qdict)
>>   {
>>       bool flatview = qdict_get_try_bool(qdict, "flatview", false);
>>       bool dispatch_tree = qdict_get_try_bool(qdict, "dispatch_tree", false);
>> @@ -1086,7 +1086,7 @@ static void hmp_info_mtree(Monitor *mon, const QDict *qdict)
>>   
>>   int64_t dev_time;
>>   
>> -static void hmp_info_profile(Monitor *mon, const QDict *qdict)
>> +void hmp_info_profile(Monitor *mon, const QDict *qdict)
>>   {
>>       static int64_t last_cpu_exec_time;
>>       int64_t cpu_exec_time;
>> @@ -1103,7 +1103,7 @@ static void hmp_info_profile(Monitor *mon, const QDict *qdict)
>>       dev_time = 0;
>>   }
>>   #else
>> -static void hmp_info_profile(Monitor *mon, const QDict *qdict)
>> +void hmp_info_profile(Monitor *mon, const QDict *qdict)
>>   {
>>       monitor_printf(mon, "Internal profiler not compiled\n");
>>   }
>> @@ -1112,7 +1112,7 @@ static void hmp_info_profile(Monitor *mon, const QDict *qdict)
>>   /* Capture support */
>>   static QLIST_HEAD (capture_list_head, CaptureState) capture_head;
>>   
>> -static void hmp_info_capture(Monitor *mon, const QDict *qdict)
>> +void hmp_info_capture(Monitor *mon, const QDict *qdict)
>>   {
>>       int i;
>>       CaptureState *s;
>> @@ -1123,7 +1123,7 @@ static void hmp_info_capture(Monitor *mon, const QDict *qdict)
>>       }
>>   }
>>   
>> -static void hmp_stopcapture(Monitor *mon, const QDict *qdict)
>> +void hmp_stopcapture(Monitor *mon, const QDict *qdict)
>>   {
>>       int i;
>>       int n = qdict_get_int(qdict, "n");
>> @@ -1139,7 +1139,7 @@ static void hmp_stopcapture(Monitor *mon, const QDict *qdict)
>>       }
>>   }
>>   
>> -static void hmp_wavcapture(Monitor *mon, const QDict *qdict)
>> +void hmp_wavcapture(Monitor *mon, const QDict *qdict)
>>   {
>>       const char *path = qdict_get_str(qdict, "path");
>>       int has_freq = qdict_haskey(qdict, "freq");
>> @@ -1192,7 +1192,7 @@ static void hmp_warn_acl(void)
>>       warn_acl = true;
>>   }
>>   
>> -static void hmp_acl_show(Monitor *mon, const QDict *qdict)
>> +void hmp_acl_show(Monitor *mon, const QDict *qdict)
>>   {
>>       const char *aclname = qdict_get_str(qdict, "aclname");
>>       QAuthZList *auth = find_auth(mon, aclname);
>> @@ -1219,7 +1219,7 @@ static void hmp_acl_show(Monitor *mon, const QDict *qdict)
>>       }
>>   }
>>   
>> -static void hmp_acl_reset(Monitor *mon, const QDict *qdict)
>> +void hmp_acl_reset(Monitor *mon, const QDict *qdict)
>>   {
>>       const char *aclname = qdict_get_str(qdict, "aclname");
>>       QAuthZList *auth = find_auth(mon, aclname);
>> @@ -1236,7 +1236,7 @@ static void hmp_acl_reset(Monitor *mon, const QDict *qdict)
>>       monitor_printf(mon, "acl: removed all rules\n");
>>   }
>>   
>> -static void hmp_acl_policy(Monitor *mon, const QDict *qdict)
>> +void hmp_acl_policy(Monitor *mon, const QDict *qdict)
>>   {
>>       const char *aclname = qdict_get_str(qdict, "aclname");
>>       const char *policy = qdict_get_str(qdict, "policy");
>> @@ -1277,7 +1277,7 @@ static QAuthZListFormat hmp_acl_get_format(const char *match)
>>       }
>>   }
>>   
>> -static void hmp_acl_add(Monitor *mon, const QDict *qdict)
>> +void hmp_acl_add(Monitor *mon, const QDict *qdict)
>>   {
>>       const char *aclname = qdict_get_str(qdict, "aclname");
>>       const char *match = qdict_get_str(qdict, "match");
>> @@ -1330,7 +1330,7 @@ static void hmp_acl_add(Monitor *mon, const QDict *qdict)
>>       }
>>   }
>>   
>> -static void hmp_acl_remove(Monitor *mon, const QDict *qdict)
>> +void hmp_acl_remove(Monitor *mon, const QDict *qdict)
>>   {
>>       const char *aclname = qdict_get_str(qdict, "aclname");
>>       const char *match = qdict_get_str(qdict, "match");
>> @@ -1799,13 +1799,21 @@ int monitor_fd_param(Monitor *mon, const char *fdname, Error **errp)
>>   
>>   /* Please update hmp-commands.hx when adding or changing commands */
>>   static HMPCommand hmp_info_cmds[] = {
>> +#if defined(SCSI_PROCESS)
>> +#include "hmp-scsi-commands-info.h"
>> +#else
>>   #include "hmp-commands-info.h"
>> +#endif
>>       { NULL, NULL, },
>>   };
>>   
>>   /* hmp_cmds and hmp_info_cmds would be sorted at runtime */
>>   HMPCommand hmp_cmds[] = {
>> +#if defined(SCSI_PROCESS)
>> +#include "hmp-scsi-commands.h"
>> +#else
>>   #include "hmp-commands.h"
>> +#endif
>>       { NULL, NULL, },
>>   };
>>   
>> diff --git a/monitor/monitor-internal.h b/monitor/monitor-internal.h
>> index 7760b22..5e8abd6 100644
>> --- a/monitor/monitor-internal.h
>> +++ b/monitor/monitor-internal.h
>> @@ -180,4 +180,42 @@ void help_cmd(Monitor *mon, const char *name);
>>   void handle_hmp_command(MonitorHMP *mon, const char *cmdline);
>>   int hmp_compare_cmd(const char *name, const char *list);
>>   
>> +void do_help_cmd(Monitor *mon, const QDict *qdict);
>> +void hmp_trace_event(Monitor *mon, const QDict *qdict);
>> +void hmp_info_help(Monitor *mon, const QDict *qdict);
>> +void hmp_info_registers(Monitor *mon, const QDict *qdict);
>> +void hmp_info_jit(Monitor *mon, const QDict *qdict);
>> +void hmp_info_opcount(Monitor *mon, const QDict *qdict);
>> +void hmp_info_sync_profile(Monitor *mon, const QDict *qdict);
>> +void hmp_info_history(Monitor *mon, const QDict *qdict);
>> +void hmp_info_cpustats(Monitor *mon, const QDict *qdict);
>> +void hmp_info_trace_events(Monitor *mon, const QDict *qdict);
>> +void hmp_logfile(Monitor *mon, const QDict *qdict);
>> +void hmp_log(Monitor *mon, const QDict *qdict);
>> +void hmp_singlestep(Monitor *mon, const QDict *qdict);
>> +void hmp_gdbserver(Monitor *mon, const QDict *qdict);
>> +void hmp_watchdog_action(Monitor *mon, const QDict *qdict);
>> +void hmp_memory_dump(Monitor *mon, const QDict *qdict);
>> +void hmp_physical_memory_dump(Monitor *mon, const QDict *qdict);
>> +void hmp_gpa2hva(Monitor *mon, const QDict *qdict);
>> +void hmp_gva2gpa(Monitor *mon, const QDict *qdict);
>> +void hmp_gpa2hpa(Monitor *mon, const QDict *qdict);
>> +void do_print(Monitor *mon, const QDict *qdict);
>> +void hmp_sum(Monitor *mon, const QDict *qdict);
>> +void hmp_mouse_move(Monitor *mon, const QDict *qdict);
>> +void hmp_mouse_button(Monitor *mon, const QDict *qdict);
>> +void hmp_ioport_read(Monitor *mon, const QDict *qdict);
>> +void hmp_ioport_write(Monitor *mon, const QDict *qdict);
>> +void hmp_boot_set(Monitor *mon, const QDict *qdict);
>> +void hmp_info_mtree(Monitor *mon, const QDict *qdict);
>> +void hmp_info_profile(Monitor *mon, const QDict *qdict);
>> +void hmp_info_capture(Monitor *mon, const QDict *qdict);
>> +void hmp_stopcapture(Monitor *mon, const QDict *qdict);
>> +void hmp_wavcapture(Monitor *mon, const QDict *qdict);
>> +void hmp_acl_show(Monitor *mon, const QDict *qdict);
>> +void hmp_acl_reset(Monitor *mon, const QDict *qdict);
>> +void hmp_acl_policy(Monitor *mon, const QDict *qdict);
>> +void hmp_acl_add(Monitor *mon, const QDict *qdict);
>> +void hmp_acl_remove(Monitor *mon, const QDict *qdict);
>> +
>>   #endif
>> diff --git a/qom/Makefile.objs b/qom/Makefile.objs
>> index e42ea7a..4410d71 100644
>> --- a/qom/Makefile.objs
>> +++ b/qom/Makefile.objs
>> @@ -7,4 +7,4 @@ common-obj-$(CONFIG_SOFTMMU) += qom-hmp-cmds.o qom-qmp-cmds.o
>>   remote-pci-obj-$(CONFIG_MPQEMU) += object.o qom-qobject.o container.o
>>   remote-pci-obj-$(CONFIG_MPQEMU) += object_interfaces.o
>>   remote-pci-obj-$(CONFIG_MPQEMU) += cpu.o
>> -remote-pci-obj-$(CONFIG_MPQEMU) += qom-qmp-cmds.o
>> +remote-pci-obj-$(CONFIG_MPQEMU) += qom-qmp-cmds.o qom-hmp-cmds.o
>> -- 
>> 1.8.3.1
>>
> --
> Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
> 

Re: [Qemu-devel] [RFC v3 PATCH 41/45] multi-process/mon: trim HMP command set for remote storage processes

[Dr. David Alan Gilbert]

* Jag Raman (jag.raman@oracle.com) wrote:
> 
> 
> On 9/4/2019 4:56 AM, Dr. David Alan Gilbert wrote:
> > * Jagannathan Raman (jag.raman@oracle.com) wrote:
> > > Trim down the list of HMP commands available for storage class of
> > > remote processes.
> > > 
> > > Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
> > > Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
> > > Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
> > > ---
> > >   New patch in v3
> > > 
> > >   Makefile.objs              |   2 +
> > >   Makefile.target            |  14 +-
> > >   hmp-scsi-commands-info.hx  | 167 ++++++++++++++++++++
> > >   hmp-scsi-commands.hx       | 384 +++++++++++++++++++++++++++++++++++++++++++++
> > >   monitor/misc.c             |  84 +++++-----
> > >   monitor/monitor-internal.h |  38 +++++
> > >   qom/Makefile.objs          |   2 +-
> > >   7 files changed, 651 insertions(+), 40 deletions(-)
> > >   create mode 100644 hmp-scsi-commands-info.hx
> > >   create mode 100644 hmp-scsi-commands.hx
> > > 
> > > diff --git a/Makefile.objs b/Makefile.objs
> > > index 04af900..11cd7be 100644
> > > --- a/Makefile.objs
> > > +++ b/Makefile.objs
> > > @@ -45,6 +45,8 @@ remote-pci-obj-$(CONFIG_MPQEMU) += iothread.o
> > >   remote-lsi-obj-$(CONFIG_MPQEMU) += hw/
> > >   remote-lsi-obj-$(CONFIG_MPQEMU) += ui/
> > > +remote-lsi-obj-$(CONFIG_MPQEMU) += device-hotplug.o
> > > +
> > >   #######################################################################
> > >   # crypto-obj-y is code used by both qemu system emulation and qemu-img
> > > diff --git a/Makefile.target b/Makefile.target
> > > index 0ca832f..00a4b85 100644
> > > --- a/Makefile.target
> > > +++ b/Makefile.target
> > > @@ -210,6 +210,10 @@ endif
> > >   generated-files-y += hmp-commands.h hmp-commands-info.h
> > >   generated-files-y += config-devices.h
> > > +ifdef CONFIG_MPQEMU
> > > +generated-files-y += hmp-scsi-commands.h hmp-scsi-commands-info.h
> > > +endif
> > > +
> > >   endif # CONFIG_SOFTMMU
> > >   dummy := $(call unnest-vars,,obj-y)
> > > @@ -294,10 +298,18 @@ hmp-commands.h: $(SRC_PATH)/hmp-commands.hx $(SRC_PATH)/scripts/hxtool
> > >   hmp-commands-info.h: $(SRC_PATH)/hmp-commands-info.hx $(SRC_PATH)/scripts/hxtool
> > >   	$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$(TARGET_DIR)$@")
> > > +ifdef CONFIG_MPQEMU
> > > +hmp-scsi-commands.h: $(SRC_PATH)/hmp-scsi-commands.hx $(SRC_PATH)/scripts/hxtool
> > > +	$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$(TARGET_DIR)$@")
> > > +
> > > +hmp-scsi-commands-info.h: $(SRC_PATH)/hmp-scsi-commands-info.hx $(SRC_PATH)/scripts/hxtool
> > > +	$(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@,"GEN","$(TARGET_DIR)$@")
> > > +endif
> > > +
> > >   clean: clean-target
> > >   	rm -f *.a *~ $(PROGS)
> > >   	rm -f $(shell find . -name '*.[od]')
> > > -	rm -f hmp-commands.h gdbstub-xml.c
> > > +	rm -f hmp-commands.h gdbstub-xml.c hmp-scsi-commands.h hmp-scsi-commands-info.h
> > >   	rm -f trace/generated-helpers.c trace/generated-helpers.c-timestamp
> > >   ifdef CONFIG_TRACE_SYSTEMTAP
> > >   	rm -f *.stp
> > > diff --git a/hmp-scsi-commands-info.hx b/hmp-scsi-commands-info.hx
> > > new file mode 100644
> > > index 0000000..315a445
> > > --- /dev/null
> > > +++ b/hmp-scsi-commands-info.hx
> > > @@ -0,0 +1,167 @@
> > > +HXCOMM Use DEFHEADING() to define headings in both help text and texi
> > > +HXCOMM Text between STEXI and ETEXI are copied to texi version and
> > > +HXCOMM discarded from C version
> > > +HXCOMM DEF(command, args, callback, arg_string, help) is used to construct
> > > +HXCOMM monitor info commands
> > > +HXCOMM HXCOMM can be used for comments, discarded from both texi and C
> > > +
> > > +STEXI
> > > +@table @option
> > > +@item info @var{subcommand}
> > > +@findex info
> > > +Show various information about the system state.
> > > +@table @option
> > > +ETEXI
> > > +
> > > +    {
> > > +        .name       = "version",
> > > +        .args_type  = "",
> > > +        .params     = "",
> > > +        .help       = "show the version of QEMU",
> > > +        .cmd        = hmp_info_version,
> > > +        .flags      = "p",
> > > +    },
> > > +
> > > +STEXI
> > > +@item info version
> > > +@findex info version
> > > +Show the version of QEMU.
> > > +ETEXI
> > 
> > It feels like you need a way to share this stuff without copying it;
> > 'info version' isn't really a scsi specific command!
> > One idea is you could add a new field, e.g.
> > 
> >       .subcommands = "scsi,somethingelse"
> > 
> > and then you process it to pick that up?
> 
> What do you think about breaking up hmp-commands-info.hx into smaller
> files based on the types of devices it applies to - for example,
> storage, network, console, etc..? We could then include the generated
> file based on the device type.

Yes that makes sense; however the question is whether the things your
programs need split so neatly.

Dave

> Thanks!
> --
> Jag
> 
> > 
> > <snip>
> > 
> > > diff --git a/monitor/misc.c b/monitor/misc.c
> > > index 00338c0..4914f46 100644
> > > --- a/monitor/misc.c
> > > +++ b/monitor/misc.c
> > > @@ -176,12 +176,12 @@ int hmp_compare_cmd(const char *name, const char *list)
> > >       return 0;
> > >   }
> > > -static void do_help_cmd(Monitor *mon, const QDict *qdict)
> > > +void do_help_cmd(Monitor *mon, const QDict *qdict)
> > 
> > If you're unstatic'ing things that don't have hmp in the name then you
> > need to add it, i.e. hmp_do_help_cmd.
> > 
> > Dave
> > 
> > >   {
> > >       help_cmd(mon, qdict_get_try_str(qdict, "name"));
> > >   }
> > > -static void hmp_trace_event(Monitor *mon, const QDict *qdict)
> > > +void hmp_trace_event(Monitor *mon, const QDict *qdict)
> > >   {
> > >       const char *tp_name = qdict_get_str(qdict, "name");
> > >       bool new_state = qdict_get_bool(qdict, "option");
> > > @@ -225,7 +225,7 @@ static void hmp_trace_file(Monitor *mon, const QDict *qdict)
> > >   }
> > >   #endif
> > > -static void hmp_info_help(Monitor *mon, const QDict *qdict)
> > > +void hmp_info_help(Monitor *mon, const QDict *qdict)
> > >   {
> > >       help_cmd(mon, "info");
> > >   }
> > > @@ -436,7 +436,7 @@ int monitor_get_cpu_index(void)
> > >       return cs ? cs->cpu_index : UNASSIGNED_CPU_INDEX;
> > >   }
> > > -static void hmp_info_registers(Monitor *mon, const QDict *qdict)
> > > +void hmp_info_registers(Monitor *mon, const QDict *qdict)
> > >   {
> > >       bool all_cpus = qdict_get_try_bool(qdict, "cpustate_all", false);
> > >       CPUState *cs;
> > > @@ -459,7 +459,7 @@ static void hmp_info_registers(Monitor *mon, const QDict *qdict)
> > >   }
> > >   #ifdef CONFIG_TCG
> > > -static void hmp_info_jit(Monitor *mon, const QDict *qdict)
> > > +void hmp_info_jit(Monitor *mon, const QDict *qdict)
> > >   {
> > >       if (!tcg_enabled()) {
> > >           error_report("JIT information is only available with accel=tcg");
> > > @@ -470,13 +470,13 @@ static void hmp_info_jit(Monitor *mon, const QDict *qdict)
> > >       dump_drift_info();
> > >   }
> > > -static void hmp_info_opcount(Monitor *mon, const QDict *qdict)
> > > +void hmp_info_opcount(Monitor *mon, const QDict *qdict)
> > >   {
> > >       dump_opcount_info();
> > >   }
> > >   #endif
> > > -static void hmp_info_sync_profile(Monitor *mon, const QDict *qdict)
> > > +void hmp_info_sync_profile(Monitor *mon, const QDict *qdict)
> > >   {
> > >       int64_t max = qdict_get_try_int(qdict, "max", 10);
> > >       bool mean = qdict_get_try_bool(qdict, "mean", false);
> > > @@ -487,7 +487,7 @@ static void hmp_info_sync_profile(Monitor *mon, const QDict *qdict)
> > >       qsp_report(max, sort_by, coalesce);
> > >   }
> > > -static void hmp_info_history(Monitor *mon, const QDict *qdict)
> > > +void hmp_info_history(Monitor *mon, const QDict *qdict)
> > >   {
> > >       MonitorHMP *hmp_mon = container_of(mon, MonitorHMP, common);
> > >       int i;
> > > @@ -507,7 +507,7 @@ static void hmp_info_history(Monitor *mon, const QDict *qdict)
> > >       }
> > >   }
> > > -static void hmp_info_cpustats(Monitor *mon, const QDict *qdict)
> > > +void hmp_info_cpustats(Monitor *mon, const QDict *qdict)
> > >   {
> > >       CPUState *cs = mon_get_cpu();
> > > @@ -518,7 +518,7 @@ static void hmp_info_cpustats(Monitor *mon, const QDict *qdict)
> > >       cpu_dump_statistics(cs, 0);
> > >   }
> > > -static void hmp_info_trace_events(Monitor *mon, const QDict *qdict)
> > > +void hmp_info_trace_events(Monitor *mon, const QDict *qdict)
> > >   {
> > >       const char *name = qdict_get_try_str(qdict, "name");
> > >       bool has_vcpu = qdict_haskey(qdict, "vcpu");
> > > @@ -578,7 +578,7 @@ void qmp_client_migrate_info(const char *protocol, const char *hostname,
> > >       error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "protocol", "spice");
> > >   }
> > > -static void hmp_logfile(Monitor *mon, const QDict *qdict)
> > > +void hmp_logfile(Monitor *mon, const QDict *qdict)
> > >   {
> > >       Error *err = NULL;
> > > @@ -588,7 +588,7 @@ static void hmp_logfile(Monitor *mon, const QDict *qdict)
> > >       }
> > >   }
> > > -static void hmp_log(Monitor *mon, const QDict *qdict)
> > > +void hmp_log(Monitor *mon, const QDict *qdict)
> > >   {
> > >       int mask;
> > >       const char *items = qdict_get_str(qdict, "items");
> > > @@ -605,7 +605,7 @@ static void hmp_log(Monitor *mon, const QDict *qdict)
> > >       qemu_set_log(mask);
> > >   }
> > > -static void hmp_singlestep(Monitor *mon, const QDict *qdict)
> > > +void hmp_singlestep(Monitor *mon, const QDict *qdict)
> > >   {
> > >       const char *option = qdict_get_try_str(qdict, "option");
> > >       if (!option || !strcmp(option, "on")) {
> > > @@ -617,7 +617,7 @@ static void hmp_singlestep(Monitor *mon, const QDict *qdict)
> > >       }
> > >   }
> > > -static void hmp_gdbserver(Monitor *mon, const QDict *qdict)
> > > +void hmp_gdbserver(Monitor *mon, const QDict *qdict)
> > >   {
> > >       const char *device = qdict_get_try_str(qdict, "device");
> > >       if (!device)
> > > @@ -633,7 +633,7 @@ static void hmp_gdbserver(Monitor *mon, const QDict *qdict)
> > >       }
> > >   }
> > > -static void hmp_watchdog_action(Monitor *mon, const QDict *qdict)
> > > +void hmp_watchdog_action(Monitor *mon, const QDict *qdict)
> > >   {
> > >       const char *action = qdict_get_str(qdict, "action");
> > >       if (select_watchdog_action(action) == -1) {
> > > @@ -775,7 +775,7 @@ static void memory_dump(Monitor *mon, int count, int format, int wsize,
> > >       }
> > >   }
> > > -static void hmp_memory_dump(Monitor *mon, const QDict *qdict)
> > > +void hmp_memory_dump(Monitor *mon, const QDict *qdict)
> > >   {
> > >       int count = qdict_get_int(qdict, "count");
> > >       int format = qdict_get_int(qdict, "format");
> > > @@ -785,7 +785,7 @@ static void hmp_memory_dump(Monitor *mon, const QDict *qdict)
> > >       memory_dump(mon, count, format, size, addr, 0);
> > >   }
> > > -static void hmp_physical_memory_dump(Monitor *mon, const QDict *qdict)
> > > +void hmp_physical_memory_dump(Monitor *mon, const QDict *qdict)
> > >   {
> > >       int count = qdict_get_int(qdict, "count");
> > >       int format = qdict_get_int(qdict, "format");
> > > @@ -815,7 +815,7 @@ static void *gpa2hva(MemoryRegion **p_mr, hwaddr addr, Error **errp)
> > >       return qemu_map_ram_ptr(mrs.mr->ram_block, mrs.offset_within_region);
> > >   }
> > > -static void hmp_gpa2hva(Monitor *mon, const QDict *qdict)
> > > +void hmp_gpa2hva(Monitor *mon, const QDict *qdict)
> > >   {
> > >       hwaddr addr = qdict_get_int(qdict, "addr");
> > >       Error *local_err = NULL;
> > > @@ -835,7 +835,7 @@ static void hmp_gpa2hva(Monitor *mon, const QDict *qdict)
> > >       memory_region_unref(mr);
> > >   }
> > > -static void hmp_gva2gpa(Monitor *mon, const QDict *qdict)
> > > +void hmp_gva2gpa(Monitor *mon, const QDict *qdict)
> > >   {
> > >       target_ulong addr = qdict_get_int(qdict, "addr");
> > >       MemTxAttrs attrs;
> > > @@ -890,7 +890,7 @@ out:
> > >       return ret;
> > >   }
> > > -static void hmp_gpa2hpa(Monitor *mon, const QDict *qdict)
> > > +void hmp_gpa2hpa(Monitor *mon, const QDict *qdict)
> > >   {
> > >       hwaddr addr = qdict_get_int(qdict, "addr");
> > >       Error *local_err = NULL;
> > > @@ -917,7 +917,7 @@ static void hmp_gpa2hpa(Monitor *mon, const QDict *qdict)
> > >   }
> > >   #endif
> > > -static void do_print(Monitor *mon, const QDict *qdict)
> > > +void do_print(Monitor *mon, const QDict *qdict)
> > >   {
> > >       int format = qdict_get_int(qdict, "format");
> > >       hwaddr val = qdict_get_int(qdict, "val");
> > > @@ -943,7 +943,7 @@ static void do_print(Monitor *mon, const QDict *qdict)
> > >       monitor_printf(mon, "\n");
> > >   }
> > > -static void hmp_sum(Monitor *mon, const QDict *qdict)
> > > +void hmp_sum(Monitor *mon, const QDict *qdict)
> > >   {
> > >       uint32_t addr;
> > >       uint16_t sum;
> > > @@ -963,7 +963,7 @@ static void hmp_sum(Monitor *mon, const QDict *qdict)
> > >   static int mouse_button_state;
> > > -static void hmp_mouse_move(Monitor *mon, const QDict *qdict)
> > > +void hmp_mouse_move(Monitor *mon, const QDict *qdict)
> > >   {
> > >       int dx, dy, dz, button;
> > >       const char *dx_str = qdict_get_str(qdict, "dx_str");
> > > @@ -987,7 +987,7 @@ static void hmp_mouse_move(Monitor *mon, const QDict *qdict)
> > >       qemu_input_event_sync();
> > >   }
> > > -static void hmp_mouse_button(Monitor *mon, const QDict *qdict)
> > > +void hmp_mouse_button(Monitor *mon, const QDict *qdict)
> > >   {
> > >       static uint32_t bmap[INPUT_BUTTON__MAX] = {
> > >           [INPUT_BUTTON_LEFT]       = MOUSE_EVENT_LBUTTON,
> > > @@ -1004,7 +1004,7 @@ static void hmp_mouse_button(Monitor *mon, const QDict *qdict)
> > >       mouse_button_state = button_state;
> > >   }
> > > -static void hmp_ioport_read(Monitor *mon, const QDict *qdict)
> > > +void hmp_ioport_read(Monitor *mon, const QDict *qdict)
> > >   {
> > >       int size = qdict_get_int(qdict, "size");
> > >       int addr = qdict_get_int(qdict, "addr");
> > > @@ -1038,7 +1038,7 @@ static void hmp_ioport_read(Monitor *mon, const QDict *qdict)
> > >                      suffix, addr, size * 2, val);
> > >   }
> > > -static void hmp_ioport_write(Monitor *mon, const QDict *qdict)
> > > +void hmp_ioport_write(Monitor *mon, const QDict *qdict)
> > >   {
> > >       int size = qdict_get_int(qdict, "size");
> > >       int addr = qdict_get_int(qdict, "addr");
> > > @@ -1060,7 +1060,7 @@ static void hmp_ioport_write(Monitor *mon, const QDict *qdict)
> > >       }
> > >   }
> > > -static void hmp_boot_set(Monitor *mon, const QDict *qdict)
> > > +void hmp_boot_set(Monitor *mon, const QDict *qdict)
> > >   {
> > >       Error *local_err = NULL;
> > >       const char *bootdevice = qdict_get_str(qdict, "bootdevice");
> > > @@ -1073,7 +1073,7 @@ static void hmp_boot_set(Monitor *mon, const QDict *qdict)
> > >       }
> > >   }
> > > -static void hmp_info_mtree(Monitor *mon, const QDict *qdict)
> > > +void hmp_info_mtree(Monitor *mon, const QDict *qdict)
> > >   {
> > >       bool flatview = qdict_get_try_bool(qdict, "flatview", false);
> > >       bool dispatch_tree = qdict_get_try_bool(qdict, "dispatch_tree", false);
> > > @@ -1086,7 +1086,7 @@ static void hmp_info_mtree(Monitor *mon, const QDict *qdict)
> > >   int64_t dev_time;
> > > -static void hmp_info_profile(Monitor *mon, const QDict *qdict)
> > > +void hmp_info_profile(Monitor *mon, const QDict *qdict)
> > >   {
> > >       static int64_t last_cpu_exec_time;
> > >       int64_t cpu_exec_time;
> > > @@ -1103,7 +1103,7 @@ static void hmp_info_profile(Monitor *mon, const QDict *qdict)
> > >       dev_time = 0;
> > >   }
> > >   #else
> > > -static void hmp_info_profile(Monitor *mon, const QDict *qdict)
> > > +void hmp_info_profile(Monitor *mon, const QDict *qdict)
> > >   {
> > >       monitor_printf(mon, "Internal profiler not compiled\n");
> > >   }
> > > @@ -1112,7 +1112,7 @@ static void hmp_info_profile(Monitor *mon, const QDict *qdict)
> > >   /* Capture support */
> > >   static QLIST_HEAD (capture_list_head, CaptureState) capture_head;
> > > -static void hmp_info_capture(Monitor *mon, const QDict *qdict)
> > > +void hmp_info_capture(Monitor *mon, const QDict *qdict)
> > >   {
> > >       int i;
> > >       CaptureState *s;
> > > @@ -1123,7 +1123,7 @@ static void hmp_info_capture(Monitor *mon, const QDict *qdict)
> > >       }
> > >   }
> > > -static void hmp_stopcapture(Monitor *mon, const QDict *qdict)
> > > +void hmp_stopcapture(Monitor *mon, const QDict *qdict)
> > >   {
> > >       int i;
> > >       int n = qdict_get_int(qdict, "n");
> > > @@ -1139,7 +1139,7 @@ static void hmp_stopcapture(Monitor *mon, const QDict *qdict)
> > >       }
> > >   }
> > > -static void hmp_wavcapture(Monitor *mon, const QDict *qdict)
> > > +void hmp_wavcapture(Monitor *mon, const QDict *qdict)
> > >   {
> > >       const char *path = qdict_get_str(qdict, "path");
> > >       int has_freq = qdict_haskey(qdict, "freq");
> > > @@ -1192,7 +1192,7 @@ static void hmp_warn_acl(void)
> > >       warn_acl = true;
> > >   }
> > > -static void hmp_acl_show(Monitor *mon, const QDict *qdict)
> > > +void hmp_acl_show(Monitor *mon, const QDict *qdict)
> > >   {
> > >       const char *aclname = qdict_get_str(qdict, "aclname");
> > >       QAuthZList *auth = find_auth(mon, aclname);
> > > @@ -1219,7 +1219,7 @@ static void hmp_acl_show(Monitor *mon, const QDict *qdict)
> > >       }
> > >   }
> > > -static void hmp_acl_reset(Monitor *mon, const QDict *qdict)
> > > +void hmp_acl_reset(Monitor *mon, const QDict *qdict)
> > >   {
> > >       const char *aclname = qdict_get_str(qdict, "aclname");
> > >       QAuthZList *auth = find_auth(mon, aclname);
> > > @@ -1236,7 +1236,7 @@ static void hmp_acl_reset(Monitor *mon, const QDict *qdict)
> > >       monitor_printf(mon, "acl: removed all rules\n");
> > >   }
> > > -static void hmp_acl_policy(Monitor *mon, const QDict *qdict)
> > > +void hmp_acl_policy(Monitor *mon, const QDict *qdict)
> > >   {
> > >       const char *aclname = qdict_get_str(qdict, "aclname");
> > >       const char *policy = qdict_get_str(qdict, "policy");
> > > @@ -1277,7 +1277,7 @@ static QAuthZListFormat hmp_acl_get_format(const char *match)
> > >       }
> > >   }
> > > -static void hmp_acl_add(Monitor *mon, const QDict *qdict)
> > > +void hmp_acl_add(Monitor *mon, const QDict *qdict)
> > >   {
> > >       const char *aclname = qdict_get_str(qdict, "aclname");
> > >       const char *match = qdict_get_str(qdict, "match");
> > > @@ -1330,7 +1330,7 @@ static void hmp_acl_add(Monitor *mon, const QDict *qdict)
> > >       }
> > >   }
> > > -static void hmp_acl_remove(Monitor *mon, const QDict *qdict)
> > > +void hmp_acl_remove(Monitor *mon, const QDict *qdict)
> > >   {
> > >       const char *aclname = qdict_get_str(qdict, "aclname");
> > >       const char *match = qdict_get_str(qdict, "match");
> > > @@ -1799,13 +1799,21 @@ int monitor_fd_param(Monitor *mon, const char *fdname, Error **errp)
> > >   /* Please update hmp-commands.hx when adding or changing commands */
> > >   static HMPCommand hmp_info_cmds[] = {
> > > +#if defined(SCSI_PROCESS)
> > > +#include "hmp-scsi-commands-info.h"
> > > +#else
> > >   #include "hmp-commands-info.h"
> > > +#endif
> > >       { NULL, NULL, },
> > >   };
> > >   /* hmp_cmds and hmp_info_cmds would be sorted at runtime */
> > >   HMPCommand hmp_cmds[] = {
> > > +#if defined(SCSI_PROCESS)
> > > +#include "hmp-scsi-commands.h"
> > > +#else
> > >   #include "hmp-commands.h"
> > > +#endif
> > >       { NULL, NULL, },
> > >   };
> > > diff --git a/monitor/monitor-internal.h b/monitor/monitor-internal.h
> > > index 7760b22..5e8abd6 100644
> > > --- a/monitor/monitor-internal.h
> > > +++ b/monitor/monitor-internal.h
> > > @@ -180,4 +180,42 @@ void help_cmd(Monitor *mon, const char *name);
> > >   void handle_hmp_command(MonitorHMP *mon, const char *cmdline);
> > >   int hmp_compare_cmd(const char *name, const char *list);
> > > +void do_help_cmd(Monitor *mon, const QDict *qdict);
> > > +void hmp_trace_event(Monitor *mon, const QDict *qdict);
> > > +void hmp_info_help(Monitor *mon, const QDict *qdict);
> > > +void hmp_info_registers(Monitor *mon, const QDict *qdict);
> > > +void hmp_info_jit(Monitor *mon, const QDict *qdict);
> > > +void hmp_info_opcount(Monitor *mon, const QDict *qdict);
> > > +void hmp_info_sync_profile(Monitor *mon, const QDict *qdict);
> > > +void hmp_info_history(Monitor *mon, const QDict *qdict);
> > > +void hmp_info_cpustats(Monitor *mon, const QDict *qdict);
> > > +void hmp_info_trace_events(Monitor *mon, const QDict *qdict);
> > > +void hmp_logfile(Monitor *mon, const QDict *qdict);
> > > +void hmp_log(Monitor *mon, const QDict *qdict);
> > > +void hmp_singlestep(Monitor *mon, const QDict *qdict);
> > > +void hmp_gdbserver(Monitor *mon, const QDict *qdict);
> > > +void hmp_watchdog_action(Monitor *mon, const QDict *qdict);
> > > +void hmp_memory_dump(Monitor *mon, const QDict *qdict);
> > > +void hmp_physical_memory_dump(Monitor *mon, const QDict *qdict);
> > > +void hmp_gpa2hva(Monitor *mon, const QDict *qdict);
> > > +void hmp_gva2gpa(Monitor *mon, const QDict *qdict);
> > > +void hmp_gpa2hpa(Monitor *mon, const QDict *qdict);
> > > +void do_print(Monitor *mon, const QDict *qdict);
> > > +void hmp_sum(Monitor *mon, const QDict *qdict);
> > > +void hmp_mouse_move(Monitor *mon, const QDict *qdict);
> > > +void hmp_mouse_button(Monitor *mon, const QDict *qdict);
> > > +void hmp_ioport_read(Monitor *mon, const QDict *qdict);
> > > +void hmp_ioport_write(Monitor *mon, const QDict *qdict);
> > > +void hmp_boot_set(Monitor *mon, const QDict *qdict);
> > > +void hmp_info_mtree(Monitor *mon, const QDict *qdict);
> > > +void hmp_info_profile(Monitor *mon, const QDict *qdict);
> > > +void hmp_info_capture(Monitor *mon, const QDict *qdict);
> > > +void hmp_stopcapture(Monitor *mon, const QDict *qdict);
> > > +void hmp_wavcapture(Monitor *mon, const QDict *qdict);
> > > +void hmp_acl_show(Monitor *mon, const QDict *qdict);
> > > +void hmp_acl_reset(Monitor *mon, const QDict *qdict);
> > > +void hmp_acl_policy(Monitor *mon, const QDict *qdict);
> > > +void hmp_acl_add(Monitor *mon, const QDict *qdict);
> > > +void hmp_acl_remove(Monitor *mon, const QDict *qdict);
> > > +
> > >   #endif
> > > diff --git a/qom/Makefile.objs b/qom/Makefile.objs
> > > index e42ea7a..4410d71 100644
> > > --- a/qom/Makefile.objs
> > > +++ b/qom/Makefile.objs
> > > @@ -7,4 +7,4 @@ common-obj-$(CONFIG_SOFTMMU) += qom-hmp-cmds.o qom-qmp-cmds.o
> > >   remote-pci-obj-$(CONFIG_MPQEMU) += object.o qom-qobject.o container.o
> > >   remote-pci-obj-$(CONFIG_MPQEMU) += object_interfaces.o
> > >   remote-pci-obj-$(CONFIG_MPQEMU) += cpu.o
> > > -remote-pci-obj-$(CONFIG_MPQEMU) += qom-qmp-cmds.o
> > > +remote-pci-obj-$(CONFIG_MPQEMU) += qom-qmp-cmds.o qom-hmp-cmds.o
> > > -- 
> > > 1.8.3.1
> > > 
> > --
> > Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
> > 
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK

Re: [Qemu-devel] [RFC v3 PATCH 44/45] multi-process: add the concept description to docs/devel/qemu-multiprocess

[Elena Ufimtseva]

On Thu, Sep 5, 2019 at 3:19 AM Peter Maydell <peter.maydell@linaro.org>
wrote:

> On Tue, 3 Sep 2019 at 22:19, Jagannathan Raman <jag.raman@oracle.com>
> wrote:
> >
> > From: John G Johnson <john.g.johnson@oracle.com>
> >
> > Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
> > Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
> > Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
> > ---
> >  v2 -> v3:
> >    - Updated with latest design of this project
> >
> >  docs/devel/qemu-multiprocess.txt | 627
> +++++++++++++++++++++++++++++++++++++++
> >  1 file changed, 627 insertions(+)
> >  create mode 100644 docs/devel/qemu-multiprocess.txt
>
> Hi; you can ignore this review comment until there's more
> consensus on whether we want to take this patch series, but
> new documents in docs/ should be in RST format and included
> in the relevant contents page (here docs/devel/index.rst),
> please.
>
> thanks
> -- PMM
>
> Thanks Peter, will change this.

-- 
Elena

Re: [Qemu-devel] [RFC v3 PATCH 05/45] multi-process: Add config option for multi-process QEMU

[Stefan Hajnoczi]

[-- Attachment #1: Type: text/plain, Size: 1154 bytes --]

On Tue, Sep 03, 2019 at 04:37:31PM -0400, Jagannathan Raman wrote:
> @@ -1543,6 +1544,10 @@ for opt do
>    ;;
>    --disable-libpmem) libpmem=no
>    ;;
> +  --enable-mpqemu) mpqemu=yes
> +  ;;
> +  --disable-mpqemu) mpqemu=no

A previous patch used "remote" instead of "mpqemu", which is confusing.

"mpqemu" seems reasonable.  "remote" is too generic.  Can you use
"mpqemu" everywhere?

> +  ;;
>    *)
>        echo "ERROR: unknown option $opt"
>        echo "Try '$0 --help' for more information"
> @@ -1842,6 +1847,7 @@ disabled with --disable-FEATURE, default is enabled if available:
>    capstone        capstone disassembler support
>    debug-mutex     mutex debugging support
>    libpmem         libpmem support
> +  mpqemu          multi-process QEMU support
>  
>  NOTE: The object files are built at the place where configure is launched
>  EOF
> @@ -6481,6 +6487,7 @@ echo "docker            $docker"
>  echo "libpmem support   $libpmem"
>  echo "libudev           $libudev"
>  echo "default devices   $default_devices"
> +echo "multiprocess QEMU $mpqemu"

multi-process (see above) or multiprocess? :-)

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [Qemu-devel] [RFC v3 PATCH 07/45] multi-process: define proxy-link object

[Stefan Hajnoczi]

[-- Attachment #1: Type: text/plain, Size: 12918 bytes --]

On Tue, Sep 03, 2019 at 04:37:33PM -0400, Jagannathan Raman wrote:
> diff --git a/include/io/proxy-link.h b/include/io/proxy-link.h
> new file mode 100644
> index 0000000..ee78cdd
> --- /dev/null
> +++ b/include/io/proxy-link.h
> @@ -0,0 +1,147 @@

Regarding naming: so far I've seen "remote", "mpqemu", and "proxy".
These concepts aren't well-defined and I'm not sure if they refer to the
same thing or are different.  ProxyLinkState should be named
MPQemuLinkState?

It's also unclear to me how tightly coupled this "proxy link" is to PCI
(since it has PCI Configuration Space commands and how it would be
cleanly extended to support other busses).

> +/*
> + * Communication channel between QEMU and remote device process
> + *
> + * Copyright 2019, Oracle and/or its affiliates.
> + *
> + * Permission is hereby granted, free of charge, to any person obtaining a copy
> + * of this software and associated documentation files (the "Software"), to deal
> + * in the Software without restriction, including without limitation the rights
> + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
> + * copies of the Software, and to permit persons to whom the Software is
> + * furnished to do so, subject to the following conditions:
> + *
> + * The above copyright notice and this permission notice shall be included in
> + * all copies or substantial portions of the Software.
> + *
> + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
> + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
> + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
> + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
> + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
> + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
> + * THE SOFTWARE.
> + */
> +
> +#ifndef PROXY_LINK_H
> +#define PROXY_LINK_H
> +
> +#include <stddef.h>
> +#include <stdint.h>
> +#include <glib.h>
> +#include <pthread.h>
> +
> +#include "qemu/osdep.h"
> +#include "qom/object.h"
> +#include "qemu/thread.h"
> +
> +typedef struct ProxyLinkState ProxyLinkState;
> +
> +#define TYPE_PROXY_LINK "proxy-link"
> +#define PROXY_LINK(obj) \
> +    OBJECT_CHECK(ProxyLinkState, (obj), TYPE_PROXY_LINK)
> +
> +#define REMOTE_MAX_FDS 8
> +
> +#define PROC_HDR_SIZE offsetof(ProcMsg, data1.u64)
> +
> +/*
> + * proc_cmd_t enum type to specify the command to be executed on the remote
> + * device
> + *
> + * Following commands are supported:
> + * CONF_READ        PCI config. space read
> + * CONF_WRITE       PCI config. space write
> + *
> + */
> +typedef enum {
> +    INIT = 0,
> +    CONF_READ,
> +    CONF_WRITE,
> +    MAX,
> +} proc_cmd_t;
> +
> +/*
> + * ProcMsg Format of the message sent to the remote device from QEMU
> + *
> + * cmd         The remote command
> + * bytestream  Indicates if the data to be shared is structured (data1)
> + *             or unstructured (data2)
> + * size        Size of the data to be shared
> + * data1       Structured data
> + * fds         File descriptors to be shared with remote device
> + * data2       Unstructured data
> + *
> + */
> +typedef struct {
> +    proc_cmd_t cmd;
> +    int bytestream;

Please use bool.

> +    size_t size;
> +
> +    union {
> +        uint64_t u64;
> +    } data1;
> +
> +    int fds[REMOTE_MAX_FDS];
> +    int num_fds;
> +
> +    uint8_t *data2;
> +} ProcMsg;
> +
> +struct conf_data_msg {
> +    uint32_t addr;
> +    uint32_t val;
> +    int l;

Please pick a descriptive name for this field.

> +};
> +
> +/*
> + * ProcChannel defines the channel that make up the communication link
> + * between QEMU and remote process
> + *
> + * gsrc       GSource object to be used by loop
> + * gpfd       GPollFD object containing the socket & events to monitor
> + * sock       Socket to send/receive communication, same as the one in gpfd
> + * lock       Mutex to synchronize access to the channel
> + */

Please see the doc comment style in include/qom/object.h for examples of
how to format doc comments.

> +
> +typedef struct ProcChannel {
> +    GSource gsrc;
> +    GPollFD gpfd;
> +    int sock;
> +    QemuMutex lock;
> +} ProcChannel;
> +
> +typedef void (*proxy_link_callback)(GIOCondition cond, ProcChannel *chan);
> +
> +/*
> + * ProxyLinkState Instance info. of the communication
> + * link between QEMU and remote process. The Link could
> + * be made up of multiple channels.
> + *
> + * ctx        GMainContext to be used for communication
> + * loop       Main loop that would be used to poll for incoming data
> + * com        Communication channel to transport control messages
> + *
> + */
> +struct ProxyLinkState {
> +    Object obj;
> +
> +    GMainContext *ctx;
> +    GMainLoop *loop;
> +
> +    ProcChannel *com;
> +
> +    proxy_link_callback callback;
> +};
> +
> +ProxyLinkState *proxy_link_create(void);
> +void proxy_link_finalize(ProxyLinkState *s);
> +
> +void proxy_proc_send(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan);
> +int proxy_proc_recv(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan);
> +
> +void proxy_link_init_channel(ProxyLinkState *s, ProcChannel **chan, int fd);
> +void proxy_link_destroy_channel(ProcChannel *chan);
> +void proxy_link_set_callback(ProxyLinkState *s, proxy_link_callback callback);
> +void start_handler(ProxyLinkState *s);
> +
> +#endif
> diff --git a/io/Makefile.objs b/io/Makefile.objs
> index 9a20fce..ff88b46 100644
> --- a/io/Makefile.objs
> +++ b/io/Makefile.objs
> @@ -10,3 +10,5 @@ io-obj-y += channel-util.o
>  io-obj-y += dns-resolver.o
>  io-obj-y += net-listener.o
>  io-obj-y += task.o
> +
> +io-obj-$(CONFIG_MPQEMU) += proxy-link.o
> diff --git a/io/proxy-link.c b/io/proxy-link.c
> new file mode 100644
> index 0000000..5eb9718
> --- /dev/null
> +++ b/io/proxy-link.c
> @@ -0,0 +1,292 @@
> +/*
> + * Communication channel between QEMU and remote device process
> + *
> + * Copyright 2019, Oracle and/or its affiliates.
> + *
> + * Permission is hereby granted, free of charge, to any person obtaining a copy
> + * of this software and associated documentation files (the "Software"), to deal
> + * in the Software without restriction, including without limitation the rights
> + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
> + * copies of the Software, and to permit persons to whom the Software is
> + * furnished to do so, subject to the following conditions:
> + *
> + * The above copyright notice and this permission notice shall be included in
> + * all copies or substantial portions of the Software.
> + *
> + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
> + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
> + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
> + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
> + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
> + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
> + * THE SOFTWARE.
> + */
> +
> +#include <assert.h>
> +#include <errno.h>
> +#include <pthread.h>
> +#include <stdio.h>
> +#include <stdlib.h>
> +#include <sys/types.h>
> +#include <sys/socket.h>
> +#include <sys/un.h>
> +#include <unistd.h>
> +
> +#include "qemu/module.h"
> +#include "io/proxy-link.h"
> +#include "qemu/log.h"
> +
> +GSourceFuncs gsrc_funcs;
> +
> +static void proxy_link_inst_init(Object *obj)
> +{
> +    ProxyLinkState *s = PROXY_LINK(obj);
> +
> +    s->ctx = g_main_context_default();
> +    s->loop = g_main_loop_new(s->ctx, FALSE);
> +}
> +
> +static const TypeInfo proxy_link_info = {
> +    .name = TYPE_PROXY_LINK,
> +    .parent = TYPE_OBJECT,
> +    .instance_size = sizeof(ProxyLinkState),
> +    .instance_init = proxy_link_inst_init,
> +};
> +
> +static void proxy_link_register_types(void)
> +{
> +    type_register_static(&proxy_link_info);
> +}
> +
> +type_init(proxy_link_register_types)
> +
> +ProxyLinkState *proxy_link_create(void)
> +{
> +    return PROXY_LINK(object_new(TYPE_PROXY_LINK));
> +}
> +
> +void proxy_link_finalize(ProxyLinkState *s)
> +{
> +    g_main_loop_unref(s->loop);
> +    g_main_context_unref(s->ctx);
> +    g_main_loop_quit(s->loop);
> +
> +    proxy_link_destroy_channel(s->com);
> +
> +    object_unref(OBJECT(s));
> +}

It's strange that the destruction of ProxyLinkState does not use QEMU's
object system.  How about implementing .instance_finalize(), dropping
proxy_link_finalize(), and letting the caller unref ProxyLinkState like
a regular Object?

> +
> +void proxy_proc_send(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan)
> +{
> +    int rc;
> +    uint8_t *data;
> +    union {
> +        char control[CMSG_SPACE(REMOTE_MAX_FDS * sizeof(int))];
> +        struct cmsghdr align;
> +    } u;
> +    struct msghdr hdr;
> +    struct cmsghdr *chdr;
> +    int sock = chan->sock;
> +    QemuMutex *lock = &chan->lock;
> +
> +    struct iovec iov = {
> +        .iov_base = (char *) msg,
> +        .iov_len = PROC_HDR_SIZE,
> +    };
> +
> +    memset(&hdr, 0, sizeof(hdr));
> +    memset(&u, 0, sizeof(u));
> +
> +    hdr.msg_iov = &iov;
> +    hdr.msg_iovlen = 1;
> +
> +    if (msg->num_fds > REMOTE_MAX_FDS) {
> +        qemu_log_mask(LOG_REMOTE_DEBUG, "%s: Max FDs exceeded\n", __func__);
> +        return;
> +    }
> +
> +    if (msg->num_fds > 0) {
> +        size_t fdsize = msg->num_fds * sizeof(int);
> +
> +        hdr.msg_control = &u;
> +        hdr.msg_controllen = sizeof(u);
> +
> +        chdr = CMSG_FIRSTHDR(&hdr);
> +        chdr->cmsg_len = CMSG_LEN(fdsize);
> +        chdr->cmsg_level = SOL_SOCKET;
> +        chdr->cmsg_type = SCM_RIGHTS;
> +        memcpy(CMSG_DATA(chdr), msg->fds, fdsize);
> +        hdr.msg_controllen = CMSG_SPACE(fdsize);
> +    }
> +
> +    qemu_mutex_lock(lock);
> +
> +    do {
> +        rc = sendmsg(sock, &hdr, 0);
> +    } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
> +
> +    if (rc < 0) {
> +        qemu_log_mask(LOG_REMOTE_DEBUG, "%s - sendmsg rc is %d, errno is %d,"
> +                      " sock %d\n", __func__, rc, errno, sock);
> +        qemu_mutex_unlock(lock);
> +        return;
> +    }
> +
> +    if (msg->bytestream) {
> +        data = msg->data2;
> +    } else {
> +        data = (uint8_t *)msg + PROC_HDR_SIZE;
> +    }
> +
> +    do {
> +        rc = write(sock, data, msg->size);
> +    } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
> +
> +    qemu_mutex_unlock(lock);

Can this message be transmitted in a single sendmsg() by including 2
iovecs instead of just 1?  Then no locking is needed and only one
syscall is required.

> +}
> +
> +
> +int proxy_proc_recv(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan)
> +{
> +    int rc;
> +    uint8_t *data;
> +    union {
> +        char control[CMSG_SPACE(REMOTE_MAX_FDS * sizeof(int))];
> +        struct cmsghdr align;
> +    } u;
> +    struct msghdr hdr;
> +    struct cmsghdr *chdr;
> +    size_t fdsize;
> +    int sock = chan->sock;
> +    QemuMutex *lock = &chan->lock;
> +
> +    struct iovec iov = {
> +        .iov_base = (char *) msg,
> +        .iov_len = PROC_HDR_SIZE,
> +    };
> +
> +    memset(&hdr, 0, sizeof(hdr));
> +    memset(&u, 0, sizeof(u));
> +
> +    hdr.msg_iov = &iov;
> +    hdr.msg_iovlen = 1;
> +    hdr.msg_control = &u;
> +    hdr.msg_controllen = sizeof(u);
> +
> +    qemu_mutex_lock(lock);

Sockets are full-duplex (sending and receiving are independent).  Is it
necessary to use the same lock for both send and receive?

> +
> +    do {
> +        rc = recvmsg(sock, &hdr, 0);
> +    } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
> +
> +    if (rc < 0) {
> +        qemu_log_mask(LOG_REMOTE_DEBUG, "%s - recvmsg rc is %d, errno is %d,"
> +                      " sock %d\n", __func__, rc, errno, sock);
> +        qemu_mutex_unlock(lock);
> +        return rc;
> +    }
> +
> +    msg->num_fds = 0;
> +    for (chdr = CMSG_FIRSTHDR(&hdr); chdr != NULL;
> +         chdr = CMSG_NXTHDR(&hdr, chdr)) {
> +        if ((chdr->cmsg_level == SOL_SOCKET) &&
> +            (chdr->cmsg_type == SCM_RIGHTS)) {
> +            fdsize = chdr->cmsg_len - CMSG_LEN(0);
> +            msg->num_fds = fdsize / sizeof(int);
> +            memcpy(msg->fds, CMSG_DATA(chdr), fdsize);

Please validate num_fds before memcpy to prevent the buffer overflow.

> +            break;
> +        }
> +    }
> +
> +    if (msg->size && msg->bytestream) {
> +        msg->data2 = calloc(1, msg->size);
> +        data = msg->data2;
> +    } else {
> +        data = (uint8_t *)&msg->data1;
> +    }
> +
> +    if (msg->size) {
> +        do {
> +            rc = read(sock, data, msg->size);
> +        } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
> +    }

Please validate size to prevent the buffer overflow.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [Qemu-devel] [RFC v3 PATCH 08/45] multi-process: add functions to synchronize proxy and remote endpoints

[Stefan Hajnoczi]

[-- Attachment #1: Type: text/plain, Size: 2959 bytes --]

On Tue, Sep 03, 2019 at 04:37:34PM -0400, Jagannathan Raman wrote:
> In some cases, for example MMIO read, QEMU has to wait for the remote to
> complete a command before proceeding. An eventfd based mechanism is
> added to synchronize QEMU & remote process.
> 
> Signed-off-by: John G Johnson <john.g.johnson@oracle.com>
> Signed-off-by: Jagannathan Raman <jag.raman@oracle.com>
> Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
> ---
>  v1 -> v2:
>    - Added timeout to synchronization functions
> 
>  include/io/proxy-link.h |  8 ++++++++
>  io/proxy-link.c         | 42 ++++++++++++++++++++++++++++++++++++++++++
>  2 files changed, 50 insertions(+)
> 
> diff --git a/include/io/proxy-link.h b/include/io/proxy-link.h
> index ee78cdd..b76c574 100644
> --- a/include/io/proxy-link.h
> +++ b/include/io/proxy-link.h
> @@ -28,7 +28,9 @@
>  #include <stddef.h>
>  #include <stdint.h>
>  #include <glib.h>
> +#include <unistd.h>
>  #include <pthread.h>
> +#include <sys/eventfd.h>
>  
>  #include "qemu/osdep.h"
>  #include "qom/object.h"
> @@ -133,11 +135,17 @@ struct ProxyLinkState {
>      proxy_link_callback callback;
>  };
>  
> +#define GET_REMOTE_WAIT eventfd(0, 0)
> +#define PUT_REMOTE_WAIT(wait) close(wait)

Can you use functions instead of macros?  eventfd() is Linux-specific so
this code is not portable.  QEMU has an EventNotifier abstraction but
I'm not sure if it can be used since this patch doesn't include any code
that calls GET_REMOTE_WAIT/PUT_REMOTE_WAIT and there are no comments.  I
don't know what the expected semantics are.

> +#define PROXY_LINK_WAIT_DONE 1
> +
>  ProxyLinkState *proxy_link_create(void);
>  void proxy_link_finalize(ProxyLinkState *s);
>  
>  void proxy_proc_send(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan);
>  int proxy_proc_recv(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan);
> +uint64_t wait_for_remote(int efd);
> +void notify_proxy(int fd, uint64_t val);
>  
>  void proxy_link_init_channel(ProxyLinkState *s, ProcChannel **chan, int fd);
>  void proxy_link_destroy_channel(ProcChannel *chan);
> diff --git a/io/proxy-link.c b/io/proxy-link.c
> index 5eb9718..381a38e 100644
> --- a/io/proxy-link.c
> +++ b/io/proxy-link.c
> @@ -31,6 +31,8 @@
>  #include <sys/socket.h>
>  #include <sys/un.h>
>  #include <unistd.h>
> +#include <limits.h>
> +#include <poll.h>
>  
>  #include "qemu/module.h"
>  #include "io/proxy-link.h"
> @@ -216,6 +218,46 @@ int proxy_proc_recv(ProxyLinkState *s, ProcMsg *msg, ProcChannel *chan)
>      return rc;
>  }
>  
> +uint64_t wait_for_remote(int efd)

Hard to tell if this makes sense without any context.  I notice that
EFD_CLOEXEC and EFD_NONBLOCK were not used.  It's likely that
EFD_CLOEXEC should be used.  Since the eventfd is used with poll(2)
EFD_NONBLOCK should probably also be used so it's certain that read()
will not block (which could exceed the timeout).

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [Qemu-devel] [RFC v3 PATCH 07/45] multi-process: define proxy-link object

[Stefan Hajnoczi]

[-- Attachment #1: Type: text/plain, Size: 1469 bytes --]

On Thu, Sep 12, 2019 at 05:34:35PM +0200, Stefan Hajnoczi wrote:
> On Tue, Sep 03, 2019 at 04:37:33PM -0400, Jagannathan Raman wrote:
> > +    msg->num_fds = 0;
> > +    for (chdr = CMSG_FIRSTHDR(&hdr); chdr != NULL;
> > +         chdr = CMSG_NXTHDR(&hdr, chdr)) {
> > +        if ((chdr->cmsg_level == SOL_SOCKET) &&
> > +            (chdr->cmsg_type == SCM_RIGHTS)) {
> > +            fdsize = chdr->cmsg_len - CMSG_LEN(0);
> > +            msg->num_fds = fdsize / sizeof(int);
> > +            memcpy(msg->fds, CMSG_DATA(chdr), fdsize);
> 
> Please validate num_fds before memcpy to prevent the buffer overflow.
> 
> > +            break;
> > +        }
> > +    }
> > +
> > +    if (msg->size && msg->bytestream) {
> > +        msg->data2 = calloc(1, msg->size);
> > +        data = msg->data2;
> > +    } else {
> > +        data = (uint8_t *)&msg->data1;
> > +    }
> > +
> > +    if (msg->size) {
> > +        do {
> > +            rc = read(sock, data, msg->size);
> > +        } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
> > +    }
> 
> Please validate size to prevent the buffer overflow.

I didn't see a reply so I want to highlight that the effort to introduce
isolation between devices is pointless if the communications link is not
coded securely.

Multi-process QEMU adds no security if one process can corrupt the
memory of another process by sending invalid inputs.  Please audit the
code.

Stefan

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [Qemu-devel] [RFC v3 PATCH 07/45] multi-process: define proxy-link object

[Elena Ufimtseva]

On Wed, Oct 09, 2019 at 02:37:24PM +0100, Stefan Hajnoczi wrote:
> On Thu, Sep 12, 2019 at 05:34:35PM +0200, Stefan Hajnoczi wrote:
> > On Tue, Sep 03, 2019 at 04:37:33PM -0400, Jagannathan Raman wrote:
> > > +    msg->num_fds = 0;
> > > +    for (chdr = CMSG_FIRSTHDR(&hdr); chdr != NULL;
> > > +         chdr = CMSG_NXTHDR(&hdr, chdr)) {
> > > +        if ((chdr->cmsg_level == SOL_SOCKET) &&
> > > +            (chdr->cmsg_type == SCM_RIGHTS)) {
> > > +            fdsize = chdr->cmsg_len - CMSG_LEN(0);
> > > +            msg->num_fds = fdsize / sizeof(int);
> > > +            memcpy(msg->fds, CMSG_DATA(chdr), fdsize);
> > 
> > Please validate num_fds before memcpy to prevent the buffer overflow.
> > 
> > > +            break;
> > > +        }
> > > +    }
> > > +
> > > +    if (msg->size && msg->bytestream) {
> > > +        msg->data2 = calloc(1, msg->size);
> > > +        data = msg->data2;
> > > +    } else {
> > > +        data = (uint8_t *)&msg->data1;
> > > +    }
> > > +
> > > +    if (msg->size) {
> > > +        do {
> > > +            rc = read(sock, data, msg->size);
> > > +        } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
> > > +    }
> > 
> > Please validate size to prevent the buffer overflow.
> 
> I didn't see a reply so I want to highlight that the effort to introduce
> isolation between devices is pointless if the communications link is not
> coded securely.
> 
> Multi-process QEMU adds no security if one process can corrupt the
> memory of another process by sending invalid inputs.  Please audit the
> code.
>

Hi Stefan

Sorry for not replyingi earlier. We have reviewed all the comments we received
on the this patch series and working on the code improvements which are
mostly done.
We recognize the importance of the secure code and making efforts to
eliminate as much as possible these mentioned unverified inputs along with other changes.

The changes will be in the next version of the patchset we are actively
working on.

The other your suggestion about reducing the number of syscalls by
stuffing all of the parts of the message in the io_vec and using one
sendmsg/recvmsg cannot be done at this point with the way we have
organized the messages structure. But we are looking into the
adoption of shared ring buffer for communication channel instead of the
current mechanism to reduce the number of syscalls.
Though this change will not be a part of the next patchset as we are
tinkering with live migration.
But all other recommendations and comments will be taken into account.

Regards,
Elena & Jag & JJ.


> Stefan

Re: [Qemu-devel] [RFC v3 PATCH 07/45] multi-process: define proxy-link object

[Jag Raman]

On 10/9/2019 1:58 PM, Elena Ufimtseva wrote:
> On Wed, Oct 09, 2019 at 02:37:24PM +0100, Stefan Hajnoczi wrote:
>> On Thu, Sep 12, 2019 at 05:34:35PM +0200, Stefan Hajnoczi wrote:
>>> On Tue, Sep 03, 2019 at 04:37:33PM -0400, Jagannathan Raman wrote:
>>>> +    msg->num_fds = 0;
>>>> +    for (chdr = CMSG_FIRSTHDR(&hdr); chdr != NULL;
>>>> +         chdr = CMSG_NXTHDR(&hdr, chdr)) {
>>>> +        if ((chdr->cmsg_level == SOL_SOCKET) &&
>>>> +            (chdr->cmsg_type == SCM_RIGHTS)) {
>>>> +            fdsize = chdr->cmsg_len - CMSG_LEN(0);
>>>> +            msg->num_fds = fdsize / sizeof(int);
>>>> +            memcpy(msg->fds, CMSG_DATA(chdr), fdsize);
>>>
>>> Please validate num_fds before memcpy to prevent the buffer overflow.
>>>
>>>> +            break;
>>>> +        }
>>>> +    }
>>>> +
>>>> +    if (msg->size && msg->bytestream) {
>>>> +        msg->data2 = calloc(1, msg->size);
>>>> +        data = msg->data2;
>>>> +    } else {
>>>> +        data = (uint8_t *)&msg->data1;
>>>> +    }
>>>> +
>>>> +    if (msg->size) {
>>>> +        do {
>>>> +            rc = read(sock, data, msg->size);
>>>> +        } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
>>>> +    }
>>>
>>> Please validate size to prevent the buffer overflow.
>>
>> I didn't see a reply so I want to highlight that the effort to introduce
>> isolation between devices is pointless if the communications link is not
>> coded securely.
>>
>> Multi-process QEMU adds no security if one process can corrupt the
>> memory of another process by sending invalid inputs.  Please audit the
>> code.
>>
> 
> Hi Stefan
> 
> Sorry for not replyingi earlier. We have reviewed all the comments we received
> on the this patch series and working on the code improvements which are
> mostly done.
> We recognize the importance of the secure code and making efforts to
> eliminate as much as possible these mentioned unverified inputs along with other changes.
> 
> The changes will be in the next version of the patchset we are actively
> working on.
> 
> The other your suggestion about reducing the number of syscalls by
> stuffing all of the parts of the message in the io_vec and using one
> sendmsg/recvmsg cannot be done at this point with the way we have
> organized the messages structure. But we are looking into the
> adoption of shared ring buffer for communication channel instead of the
> current mechanism to reduce the number of syscalls.
> Though this change will not be a part of the next patchset as we are
> tinkering with live migration.
> But all other recommendations and comments will be taken into account.

Thanks Elena!

Hi Stefan,

I'd like to confirm that we are targeting Live Migration for next
version and we are also discussing another use case for this project.

The other use case we are discussing is testing emulated devices (as 
separate processes) with libfuzzer. We could test corner cases and the 
handling of error conditions on emulated devices using this approach.

Thanks!
--
Jag

> 
> Regards,
> Elena & Jag & JJ.
> 
> 
>> Stefan
> 
> 
>