[Qemu-devel] [PATCH v3 0/3] pc-bios/s390-ccw: Some few network boot improvements

[Qemu-devel] [PATCH v3 0/3] pc-bios/s390-ccw: Some few network boot improvements

[Thomas Huth]

Note: I've decided to removed the pxelinux.cfg patches from this series
for now, since full pxelinux support requires to parse some additional
DHCP options (see https://tools.ietf.org/html/rfc5071), and for this, the
SLOF libnet code needs to be changed first. So I guess I first have to
implement pxelinux.cfg support for PPC, too, which will likely take a
little bit longer...
Thus to keep this series short and reviewable, and to avoid that the other
patches bit-rot on my hard disk, I've now only included the patches that
are not related to pxelinux.cfg.

The first patch is just a minor code refactoring which should not have
any visible impact, but makes the following patches easier.

The second patch makes sure that we leave the machine in a sane state
before jumping into the Linux kernel - i.e. the netboot firmware now
resets the machine with diag308, too, just like the main s390-ccw
is doing it already.

Patch 3 adds support for loading kernels via .INS configuration files.
You can find these .INS config files on ISO images, so with this patch,
it should be possible to boot if the TFTP server is configured to use
the contents of such an ISO image.

Thomas Huth (3):
  pc-bios/s390-ccw/net: Split up net_load() into init, load and uninit
    parts
  pc-bios/s390-ccw/net: Use diag308 to reset machine before jumping to
    the OS
  pc-bios/s390-ccw/net: Add support for .INS config files

 pc-bios/s390-ccw/Makefile    |   4 +-
 pc-bios/s390-ccw/bootmap.c   |  63 +---------------
 pc-bios/s390-ccw/bootmap.h   |   4 --
 pc-bios/s390-ccw/jump2ipl.c  |  81 +++++++++++++++++++++
 pc-bios/s390-ccw/netboot.mak |   3 +-
 pc-bios/s390-ccw/netmain.c   | 168 +++++++++++++++++++++++++++++++++++--------
 pc-bios/s390-ccw/s390-ccw.h  |   4 ++
 7 files changed, 230 insertions(+), 97 deletions(-)
 create mode 100644 pc-bios/s390-ccw/jump2ipl.c

-- 
1.8.3.1

[Qemu-devel] [PATCH v3 1/3] pc-bios/s390-ccw/net: Split up net_load() into init, load and uninit parts

[Thomas Huth]

When we want to support pxelinux-style network booting later, we've got
to do several TFTP transfers - and we do not want to apply for a new IP
address via DHCP each time. So split up net_load into three parts:

1. net_init(), which initializes virtio-net, gets an IP address via DHCP
   and prints out the related information.

2. The tftp_load call is now moved directly into the main() function

3. A new net_release() function which should tear down the network stack
   before we are done in the firmware.

This will make it easier to extend the code in the next patches.

Signed-off-by: Thomas Huth <thuth@redhat.com>
---
 pc-bios/s390-ccw/netmain.c | 63 +++++++++++++++++++++++++++-------------------
 1 file changed, 37 insertions(+), 26 deletions(-)

diff --git a/pc-bios/s390-ccw/netmain.c b/pc-bios/s390-ccw/netmain.c
index d86d46b..8fa9e6c 100644
--- a/pc-bios/s390-ccw/netmain.c
+++ b/pc-bios/s390-ccw/netmain.c
@@ -128,13 +128,13 @@ static void seed_rng(uint8_t mac[])
     srand(seed);
 }
 
-static int tftp_load(filename_ip_t *fnip, void *buffer, int len,
-                     unsigned int retries, int ip_vers)
+static int tftp_load(filename_ip_t *fnip, void *buffer, int len)
 {
     tftp_err_t tftp_err;
     int rc;
 
-    rc = tftp(fnip, buffer, len, retries, &tftp_err, 1, 1428, ip_vers);
+    rc = tftp(fnip, buffer, len, DEFAULT_TFTP_RETRIES, &tftp_err, 1, 1428,
+              ip_version);
 
     if (rc > 0) {
         printf("  TFTP: Received %s (%d KBytes)\n", fnip->filename,
@@ -199,20 +199,19 @@ static int tftp_load(filename_ip_t *fnip, void *buffer, int len,
     return rc;
 }
 
-static int net_load(char *buffer, int len)
+static int net_init(filename_ip_t *fn_ip)
 {
-    filename_ip_t fn_ip;
     uint8_t mac[6];
     int rc;
 
-    memset(&fn_ip, 0, sizeof(filename_ip_t));
+    memset(fn_ip, 0, sizeof(filename_ip_t));
 
     rc = virtio_net_init(mac);
     if (rc < 0) {
         puts("Could not initialize network device");
         return -101;
     }
-    fn_ip.fd = rc;
+    fn_ip->fd = rc;
 
     printf("  Using MAC address: %02x:%02x:%02x:%02x:%02x:%02x\n",
            mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
@@ -220,10 +219,10 @@ static int net_load(char *buffer, int len)
     set_mac_address(mac);    /* init ethernet layer */
     seed_rng(mac);
 
-    rc = dhcp(&fn_ip, DEFAULT_BOOT_RETRIES);
+    rc = dhcp(fn_ip, DEFAULT_BOOT_RETRIES);
     if (rc >= 0) {
         if (ip_version == 4) {
-            set_ipv4_address(fn_ip.own_ip);
+            set_ipv4_address(fn_ip->own_ip);
         }
     } else {
         puts("Could not get IP address");
@@ -232,18 +231,18 @@ static int net_load(char *buffer, int len)
 
     if (ip_version == 4) {
         printf("  Using IPv4 address: %d.%d.%d.%d\n",
-              (fn_ip.own_ip >> 24) & 0xFF, (fn_ip.own_ip >> 16) & 0xFF,
-              (fn_ip.own_ip >>  8) & 0xFF, fn_ip.own_ip & 0xFF);
+              (fn_ip->own_ip >> 24) & 0xFF, (fn_ip->own_ip >> 16) & 0xFF,
+              (fn_ip->own_ip >>  8) & 0xFF, fn_ip->own_ip & 0xFF);
     } else if (ip_version == 6) {
         char ip6_str[40];
-        ipv6_to_str(fn_ip.own_ip6.addr, ip6_str);
+        ipv6_to_str(fn_ip->own_ip6.addr, ip6_str);
         printf("  Using IPv6 address: %s\n", ip6_str);
     }
 
     if (rc == -2) {
         printf("ARP request to TFTP server (%d.%d.%d.%d) failed\n",
-               (fn_ip.server_ip >> 24) & 0xFF, (fn_ip.server_ip >> 16) & 0xFF,
-               (fn_ip.server_ip >>  8) & 0xFF, fn_ip.server_ip & 0xFF);
+               (fn_ip->server_ip >> 24) & 0xFF, (fn_ip->server_ip >> 16) & 0xFF,
+               (fn_ip->server_ip >>  8) & 0xFF, fn_ip->server_ip & 0xFF);
         return -102;
     }
     if (rc == -4 || rc == -3) {
@@ -251,28 +250,31 @@ static int net_load(char *buffer, int len)
         return -107;
     }
 
+    printf("  Using TFTP server: ");
     if (ip_version == 4) {
-        printf("  Requesting file \"%s\" via TFTP from %d.%d.%d.%d\n",
-               fn_ip.filename,
-               (fn_ip.server_ip >> 24) & 0xFF, (fn_ip.server_ip >> 16) & 0xFF,
-               (fn_ip.server_ip >>  8) & 0xFF, fn_ip.server_ip & 0xFF);
+        printf("%d.%d.%d.%d\n",
+               (fn_ip->server_ip >> 24) & 0xFF, (fn_ip->server_ip >> 16) & 0xFF,
+               (fn_ip->server_ip >>  8) & 0xFF, fn_ip->server_ip & 0xFF);
     } else if (ip_version == 6) {
         char ip6_str[40];
-        printf("  Requesting file \"%s\" via TFTP from ", fn_ip.filename);
-        ipv6_to_str(fn_ip.server_ip6.addr, ip6_str);
+        ipv6_to_str(fn_ip->server_ip6.addr, ip6_str);
         printf("%s\n", ip6_str);
     }
 
-    /* Do the TFTP load and print error message if necessary */
-    rc = tftp_load(&fn_ip, buffer, len, DEFAULT_TFTP_RETRIES, ip_version);
-
-    if (ip_version == 4) {
-        dhcp_send_release(fn_ip.fd);
+    if (strlen((char *)fn_ip->filename) > 0) {
+        printf("  Bootfile name: '%s'\n", fn_ip->filename);
     }
 
     return rc;
 }
 
+static void net_release(filename_ip_t *fn_ip)
+{
+    if (ip_version == 4) {
+        dhcp_send_release(fn_ip->fd);
+    }
+}
+
 void panic(const char *string)
 {
     sclp_print(string);
@@ -344,6 +346,7 @@ static void virtio_setup(void)
 
 void main(void)
 {
+    filename_ip_t fn_ip;
     int rc;
 
     sclp_setup();
@@ -351,7 +354,15 @@ void main(void)
 
     virtio_setup();
 
-    rc = net_load(NULL, (long)_start);
+    rc = net_init(&fn_ip);
+    if (rc) {
+        panic("Network initialization failed. Halting.\n");
+    }
+
+    rc = tftp_load(&fn_ip, NULL, (long)_start);
+
+    net_release(&fn_ip);
+
     if (rc > 0) {
         sclp_print("Network loading done, starting kernel...\n");
         asm volatile (" lpsw 0(%0) " : : "r"(0) : "memory");
-- 
1.8.3.1

[Qemu-devel] [PATCH v3 2/3] pc-bios/s390-ccw/net: Use diag308 to reset machine before jumping to the OS

[Thomas Huth]

The netboot firmware so far simply jumped directly into the OS kernel
after the download has been completed. This, however, bears the risk
that the virtio-net device still might be active in the background and
incoming packets are still placed into the buffers - which could destroy
memory of the now-running Linux kernel in case it did not take over the
device fast enough. Also the SCLP console is not put into a well-defined
state here. We should hand over the system in a clean state when jumping
into the kernel, so let's use the same mechanism as it's done in the
main s390-ccw firmware and reset the machine with diag308 into a clean
state before jumping into the OS kernel code. To be able to share the
code with the main s390-ccw firmware, the related functions are now
extracted from bootmap.c into a new file called jump2ipl.c.

Signed-off-by: Thomas Huth <thuth@redhat.com>
---
 pc-bios/s390-ccw/Makefile    |  4 ++-
 pc-bios/s390-ccw/bootmap.c   | 63 +---------------------------------
 pc-bios/s390-ccw/bootmap.h   |  4 ---
 pc-bios/s390-ccw/jump2ipl.c  | 81 ++++++++++++++++++++++++++++++++++++++++++++
 pc-bios/s390-ccw/netboot.mak |  3 +-
 pc-bios/s390-ccw/netmain.c   | 11 +++++-
 pc-bios/s390-ccw/s390-ccw.h  |  4 +++
 7 files changed, 101 insertions(+), 69 deletions(-)
 create mode 100644 pc-bios/s390-ccw/jump2ipl.c

diff --git a/pc-bios/s390-ccw/Makefile b/pc-bios/s390-ccw/Makefile
index 1712c2d..439e3cc 100644
--- a/pc-bios/s390-ccw/Makefile
+++ b/pc-bios/s390-ccw/Makefile
@@ -9,7 +9,9 @@ $(call set-vpath, $(SRC_PATH)/pc-bios/s390-ccw)
 
 .PHONY : all clean build-all
 
-OBJECTS = start.o main.o bootmap.o sclp.o virtio.o virtio-scsi.o virtio-blkdev.o libc.o menu.o
+OBJECTS = start.o main.o bootmap.o jump2ipl.o sclp.o menu.o \
+	  virtio.o virtio-scsi.o virtio-blkdev.o libc.o
+
 QEMU_CFLAGS := $(filter -W%, $(QEMU_CFLAGS))
 QEMU_CFLAGS += -ffreestanding -fno-delete-null-pointer-checks -msoft-float
 QEMU_CFLAGS += -march=z900 -fPIE -fno-strict-aliasing
diff --git a/pc-bios/s390-ccw/bootmap.c b/pc-bios/s390-ccw/bootmap.c
index 9287b7a..7e63e6b 100644
--- a/pc-bios/s390-ccw/bootmap.c
+++ b/pc-bios/s390-ccw/bootmap.c
@@ -29,14 +29,6 @@
 /* Scratch space */
 static uint8_t sec[MAX_SECTOR_SIZE*4] __attribute__((__aligned__(PAGE_SIZE)));
 
-typedef struct ResetInfo {
-    uint32_t ipl_mask;
-    uint32_t ipl_addr;
-    uint32_t ipl_continue;
-} ResetInfo;
-
-static ResetInfo save;
-
 const uint8_t el_torito_magic[] = "EL TORITO SPECIFICATION"
                                   "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
 
@@ -57,53 +49,6 @@ static inline bool is_iso_vd_valid(IsoVolDesc *vd)
            vd->type <= VOL_DESC_TYPE_PARTITION;
 }
 
-static void jump_to_IPL_2(void)
-{
-    ResetInfo *current = 0;
-
-    void (*ipl)(void) = (void *) (uint64_t) current->ipl_continue;
-    *current = save;
-    ipl(); /* should not return */
-}
-
-static void jump_to_IPL_code(uint64_t address)
-{
-    /* store the subsystem information _after_ the bootmap was loaded */
-    write_subsystem_identification();
-
-    /* prevent unknown IPL types in the guest */
-    if (iplb.pbt == S390_IPL_TYPE_QEMU_SCSI) {
-        iplb.pbt = S390_IPL_TYPE_CCW;
-        set_iplb(&iplb);
-    }
-
-    /*
-     * The IPL PSW is at address 0. We also must not overwrite the
-     * content of non-BIOS memory after we loaded the guest, so we
-     * save the original content and restore it in jump_to_IPL_2.
-     */
-    ResetInfo *current = 0;
-
-    save = *current;
-    current->ipl_addr = (uint32_t) (uint64_t) &jump_to_IPL_2;
-    current->ipl_continue = address & 0x7fffffff;
-
-    debug_print_int("set IPL addr to", current->ipl_continue);
-
-    /* Ensure the guest output starts fresh */
-    sclp_print("\n");
-
-    /*
-     * HACK ALERT.
-     * We use the load normal reset to keep r15 unchanged. jump_to_IPL_2
-     * can then use r15 as its stack pointer.
-     */
-    asm volatile("lghi 1,1\n\t"
-                 "diag 1,1,0x308\n\t"
-                 : : : "1", "memory");
-    panic("\n! IPL returns !\n");
-}
-
 /***********************************************************************
  * IPL an ECKD DASD (CDL or LDL/CMS format)
  */
@@ -727,13 +672,7 @@ static void load_iso_bc_entry(IsoBcSection *load)
                         (void *)((uint64_t)bswap16(s.load_segment)),
                         blks_to_load);
 
-    /* Trying to get PSW at zero address */
-    if (*((uint64_t *)0) & IPL_PSW_MASK) {
-        jump_to_IPL_code((*((uint64_t *)0)) & 0x7fffffff);
-    }
-
-    /* Try default linux start address */
-    jump_to_IPL_code(KERN_IMAGE_START);
+    jump_to_low_kernel();
 }
 
 static uint32_t find_iso_bc(void)
diff --git a/pc-bios/s390-ccw/bootmap.h b/pc-bios/s390-ccw/bootmap.h
index 07eb600..bef81ff 100644
--- a/pc-bios/s390-ccw/bootmap.h
+++ b/pc-bios/s390-ccw/bootmap.h
@@ -355,10 +355,6 @@ static inline uint32_t iso_733_to_u32(uint64_t x)
 #define ISO_SECTOR_SIZE 2048
 /* El Torito specifies boot image size in 512 byte blocks */
 #define ET_SECTOR_SHIFT 2
-#define KERN_IMAGE_START 0x010000UL
-#define PSW_MASK_64 0x0000000100000000ULL
-#define PSW_MASK_32 0x0000000080000000ULL
-#define IPL_PSW_MASK (PSW_MASK_32 | PSW_MASK_64)
 
 #define ISO_PRIMARY_VD_SECTOR 16
 
diff --git a/pc-bios/s390-ccw/jump2ipl.c b/pc-bios/s390-ccw/jump2ipl.c
new file mode 100644
index 0000000..21b25d8
--- /dev/null
+++ b/pc-bios/s390-ccw/jump2ipl.c
@@ -0,0 +1,81 @@
+/*
+ * QEMU s390-ccw firmware - jump to IPL code
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or (at
+ * your option) any later version. See the COPYING file in the top-level
+ * directory.
+ */
+
+#include "libc.h"
+#include "s390-ccw.h"
+
+#define KERN_IMAGE_START 0x010000UL
+#define PSW_MASK_64 0x0000000100000000ULL
+#define PSW_MASK_32 0x0000000080000000ULL
+#define IPL_PSW_MASK (PSW_MASK_32 | PSW_MASK_64)
+
+typedef struct ResetInfo {
+    uint32_t ipl_mask;
+    uint32_t ipl_addr;
+    uint32_t ipl_continue;
+} ResetInfo;
+
+static ResetInfo save;
+
+static void jump_to_IPL_2(void)
+{
+    ResetInfo *current = 0;
+
+    void (*ipl)(void) = (void *) (uint64_t) current->ipl_continue;
+    *current = save;
+    ipl(); /* should not return */
+}
+
+void jump_to_IPL_code(uint64_t address)
+{
+    /* store the subsystem information _after_ the bootmap was loaded */
+    write_subsystem_identification();
+
+    /* prevent unknown IPL types in the guest */
+    if (iplb.pbt == S390_IPL_TYPE_QEMU_SCSI) {
+        iplb.pbt = S390_IPL_TYPE_CCW;
+        set_iplb(&iplb);
+    }
+
+    /*
+     * The IPL PSW is at address 0. We also must not overwrite the
+     * content of non-BIOS memory after we loaded the guest, so we
+     * save the original content and restore it in jump_to_IPL_2.
+     */
+    ResetInfo *current = 0;
+
+    save = *current;
+    current->ipl_addr = (uint32_t) (uint64_t) &jump_to_IPL_2;
+    current->ipl_continue = address & 0x7fffffff;
+
+    debug_print_int("set IPL addr to", current->ipl_continue);
+
+    /* Ensure the guest output starts fresh */
+    sclp_print("\n");
+
+    /*
+     * HACK ALERT.
+     * We use the load normal reset to keep r15 unchanged. jump_to_IPL_2
+     * can then use r15 as its stack pointer.
+     */
+    asm volatile("lghi 1,1\n\t"
+                 "diag 1,1,0x308\n\t"
+                 : : : "1", "memory");
+    panic("\n! IPL returns !\n");
+}
+
+void jump_to_low_kernel(void)
+{
+    /* Trying to get PSW at zero address */
+    if (*((uint64_t *)0) & IPL_PSW_MASK) {
+        jump_to_IPL_code((*((uint64_t *)0)) & 0x7fffffff);
+    }
+
+    /* Try default linux start address */
+    jump_to_IPL_code(KERN_IMAGE_START);
+}
diff --git a/pc-bios/s390-ccw/netboot.mak b/pc-bios/s390-ccw/netboot.mak
index a25d238..4f64128 100644
--- a/pc-bios/s390-ccw/netboot.mak
+++ b/pc-bios/s390-ccw/netboot.mak
@@ -1,7 +1,8 @@
 
 SLOF_DIR := $(SRC_PATH)/roms/SLOF
 
-NETOBJS := start.o sclp.o virtio.o virtio-net.o netmain.o libnet.a libc.a
+NETOBJS := start.o sclp.o virtio.o virtio-net.o jump2ipl.o netmain.o \
+	   libnet.a libc.a
 
 LIBC_INC := -nostdinc -I$(SLOF_DIR)/lib/libc/include
 LIBNET_INC := -I$(SLOF_DIR)/lib/libnet
diff --git a/pc-bios/s390-ccw/netmain.c b/pc-bios/s390-ccw/netmain.c
index 8fa9e6c..5f28ea0 100644
--- a/pc-bios/s390-ccw/netmain.c
+++ b/pc-bios/s390-ccw/netmain.c
@@ -283,6 +283,15 @@ void panic(const char *string)
     }
 }
 
+void write_subsystem_identification(void)
+{
+    uint32_t *schid = (uint32_t *) 184;
+    uint32_t *zeroes = (uint32_t *) 188;
+
+    *schid = 0;         /* We must not set this for virtio-net */
+    *zeroes = 0;
+}
+
 static bool find_net_dev(Schib *schib, int dev_no)
 {
     int i, r;
@@ -365,7 +374,7 @@ void main(void)
 
     if (rc > 0) {
         sclp_print("Network loading done, starting kernel...\n");
-        asm volatile (" lpsw 0(%0) " : : "r"(0) : "memory");
+        jump_to_low_kernel();
     }
 
     panic("Failed to load OS from network\n");
diff --git a/pc-bios/s390-ccw/s390-ccw.h b/pc-bios/s390-ccw/s390-ccw.h
index fd18da2..d88e637 100644
--- a/pc-bios/s390-ccw/s390-ccw.h
+++ b/pc-bios/s390-ccw/s390-ccw.h
@@ -87,6 +87,10 @@ ulong get_second(void);
 /* bootmap.c */
 void zipl_load(void);
 
+/* jump2ipl.c */
+void jump_to_IPL_code(uint64_t address);
+void jump_to_low_kernel(void);
+
 /* menu.c */
 void menu_set_parms(uint8_t boot_menu_flag, uint32_t boot_menu_timeout);
 int menu_get_zipl_boot_index(const char *menu_data);
-- 
1.8.3.1

[Qemu-devel] [PATCH v3 3/3] pc-bios/s390-ccw/net: Add support for .INS config files

[Thomas Huth]

The .INS config files can normally be found on CD-ROM ISO images,
so by supporting these files, it is now possible to boot directly
when the TFTP server is set up with the contents of such an CD-ROM
image.

Signed-off-by: Thomas Huth <thuth@redhat.com>
---
 pc-bios/s390-ccw/netmain.c | 100 ++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 95 insertions(+), 5 deletions(-)

diff --git a/pc-bios/s390-ccw/netmain.c b/pc-bios/s390-ccw/netmain.c
index 5f28ea0..c10b0ac 100644
--- a/pc-bios/s390-ccw/netmain.c
+++ b/pc-bios/s390-ccw/netmain.c
@@ -39,8 +39,12 @@
 
 extern char _start[];
 
+#define KERNEL_ADDR             ((void *)0L)
+#define KERNEL_MAX_SIZE         ((long)_start)
+
 char stack[PAGE_SIZE * 8] __attribute__((aligned(PAGE_SIZE)));
 IplParameterBlock iplb __attribute__((aligned(PAGE_SIZE)));
+static char cfgbuf[2048];
 
 static SubChannelId net_schid = { .one = 1 };
 static int ip_version = 4;
@@ -136,9 +140,15 @@ static int tftp_load(filename_ip_t *fnip, void *buffer, int len)
     rc = tftp(fnip, buffer, len, DEFAULT_TFTP_RETRIES, &tftp_err, 1, 1428,
               ip_version);
 
-    if (rc > 0) {
-        printf("  TFTP: Received %s (%d KBytes)\n", fnip->filename,
-               rc / 1024);
+    if (rc < 0) {
+        /* Make sure that error messages are put into a new line */
+        printf("\n  ");
+    }
+
+    if (rc > 1024) {
+        printf("  TFTP: Received %s (%d KBytes)\n", fnip->filename, rc / 1024);
+    } else if (rc > 0) {
+        printf("  TFTP: Received %s (%d Bytes)\n", fnip->filename, rc);
     } else if (rc == -1) {
         puts("unknown TFTP error");
     } else if (rc == -2) {
@@ -275,6 +285,83 @@ static void net_release(filename_ip_t *fn_ip)
     }
 }
 
+/**
+ * Load via information from a .INS file (which can be found on CD-ROMs
+ * for example)
+ */
+static int handle_ins_cfg(filename_ip_t *fn_ip, char *cfg, int cfgsize)
+{
+    char *ptr;
+    int rc = -1, llen;
+    void *destaddr;
+    char *insbuf = cfg;
+
+    ptr = strchr(insbuf, '\n');
+    if (!ptr) {
+        puts("Does not seem to be a valid .INS file");
+        return -1;
+    }
+
+    *ptr = 0;
+    printf("\nParsing .INS file:\n %s\n", &insbuf[2]);
+
+    insbuf = ptr + 1;
+    while (*insbuf && insbuf < cfg + cfgsize) {
+        ptr = strchr(insbuf, '\n');
+        if (ptr) {
+            *ptr = 0;
+        }
+        llen = strlen(insbuf);
+        if (!llen) {
+            insbuf = ptr + 1;
+            continue;
+        }
+        ptr = strchr(insbuf, ' ');
+        if (!ptr) {
+            puts("Missing space separator in .INS file");
+            return -1;
+        }
+        *ptr = 0;
+        strncpy((char *)fn_ip->filename, insbuf, sizeof(fn_ip->filename));
+        destaddr = (char *)atol(ptr + 1);
+        rc = tftp_load(fn_ip, destaddr, (long)_start - (long)destaddr);
+        if (rc <= 0) {
+            break;
+        }
+        insbuf += llen + 1;
+    }
+
+    return rc;
+}
+
+static int net_try_bootfile_load(filename_ip_t *fn_ip)
+{
+    int rc;
+    void *loadaddr = (void *)0x2000;  /* Load right after the low-core */
+
+    rc = tftp_load(fn_ip, loadaddr, KERNEL_MAX_SIZE - (long)loadaddr);
+    if (rc < 0) {
+        return rc;
+    } else if (rc < 8) {
+        printf("'%s' is too small (%i bytes only).\n", fn_ip->filename, rc);
+        return -1;
+    }
+
+    /* Check whether it is a configuration file instead of a kernel */
+    if (rc < sizeof(cfgbuf) - 1) {
+        memcpy(cfgbuf, loadaddr, rc);
+        cfgbuf[rc] = 0;    /* Make sure that it is NUL-terminated */
+        if (!strncmp("* ", cfgbuf, 2)) {
+            return handle_ins_cfg(fn_ip, cfgbuf, rc);
+        }
+    }
+
+    /* Move kernel to right location */
+    memmove(KERNEL_ADDR, loadaddr, rc);
+
+    return rc;
+}
+
 void panic(const char *string)
 {
     sclp_print(string);
@@ -356,7 +443,7 @@ static void virtio_setup(void)
 void main(void)
 {
     filename_ip_t fn_ip;
-    int rc;
+    int rc, fnlen;
 
     sclp_setup();
     sclp_print("Network boot starting...\n");
@@ -368,7 +455,10 @@ void main(void)
         panic("Network initialization failed. Halting.\n");
     }
 
-    rc = tftp_load(&fn_ip, NULL, (long)_start);
+    fnlen = strlen((char *)fn_ip.filename);
+    if (fnlen > 0 && fn_ip.filename[fnlen - 1] != '/') {
+        rc = net_try_bootfile_load(&fn_ip);
+    }
 
     net_release(&fn_ip);
 
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH v3 2/3] pc-bios/s390-ccw/net: Use diag308 to reset machine before jumping to the OS

[Christian Borntraeger]

On 04/25/2018 11:08 AM, Thomas Huth wrote:

> --- a/pc-bios/s390-ccw/netmain.c
> +++ b/pc-bios/s390-ccw/netmain.c
> @@ -283,6 +283,15 @@ void panic(const char *string)
>      }
>  }
>  
> +void write_subsystem_identification(void)
> +{
> +    uint32_t *schid = (uint32_t *) 184;
> +    uint32_t *zeroes = (uint32_t *) 188;
> +
> +    *schid = 0;         /* We must not set this for virtio-net */
> +    *zeroes = 0;
> +}
> +


I think we actually want to have the CCW devno of that network device
stored. It has some value to know which CCW device we bootet from, no?

Re: [Qemu-devel] [PATCH v3 2/3] pc-bios/s390-ccw/net: Use diag308 to reset machine before jumping to the OS

[Thomas Huth]

On 25.04.2018 14:18, Christian Borntraeger wrote:
> 
> On 04/25/2018 11:08 AM, Thomas Huth wrote:
> 
>> --- a/pc-bios/s390-ccw/netmain.c
>> +++ b/pc-bios/s390-ccw/netmain.c
>> @@ -283,6 +283,15 @@ void panic(const char *string)
>>      }
>>  }
>>  
>> +void write_subsystem_identification(void)
>> +{
>> +    uint32_t *schid = (uint32_t *) 184;
>> +    uint32_t *zeroes = (uint32_t *) 188;
>> +
>> +    *schid = 0;         /* We must not set this for virtio-net */
>> +    *zeroes = 0;
>> +}
>> +
> 
> I think we actually want to have the CCW devno of that network device
> stored. It has some value to know which CCW device we bootet from, no?

Actually, I tried that first (and it took quite some time to debug it),
but the Linux kernel then bails out quite early, without any error
message. The trace looks like this:

0x0000000007801802:  diag	%r1,%r1,776
0x0000000007801780:  larl	%r2,0x7831004
0x0000000007801786:  llgf	%r1,8
0x000000000780178c:  mvc	0(12,%r0),0(%r2)
0x0000000007801792:  br	%r1
0x0000000000000418:  bas	%r14,512
0x0000000000000200:  mvi	163,1
0x0000000000000204:  slr	%r0,%r0
0x0000000000000206:  lhi	%r1,2
0x000000000000020a:  sigp	%r1,%r0,18
0x000000000000020e:  bras	%r13,0x252
0x0000000000000252:  lmh	%r0,%r15,0(%r13)
0x0000000000000258:  sam31
0x000000000000025a:  br	%r14
0x000000000000041c:  lh	%r1,184
0x0000000000000420:  bct	%r1,1322
0x0000000000000424:  l	%r1,184
0x0000000000000428:  la	%r2,1840
0x000000000000042c:  bas	%r14,640
0x0000000000000280:  la	%r4,0(%r14)
0x0000000000000284:  la	%r3,792
0x0000000000000288:  la	%r5,804
0x000000000000028c:  la	%r6,888
0x0000000000000290:  la	%r7,20
0x0000000000000294:  st	%r2,4(%r6)
0x0000000000000298:  la	%r2,80(%r2)
0x000000000000029c:  la	%r6,8(%r6)
0x00000000000002a0:  bct	%r7,660
0x00000000000002a4:  lctl	%c6,%c6,868
0x00000000000002a8:  slr	%r2,%r2
0x00000000000002aa:  ssch	0(%r3)
0x00000000000002ae:  bne	786
0x0000000000000312:  lpsw	880
Guest crashed on cpu 0: disabled-wait
PSW: 0x000a000000000000 0x0000000000000000

That's the Lloader function in arch/s390/kernel/head.S which is failing
here, so seems like Linux tries to load from a block device in case
there is a value in 184. Thus I assume that 184 has to contain 0 in this
case.

 Thomas

Re: [Qemu-devel] [PATCH v3 2/3] pc-bios/s390-ccw/net: Use diag308 to reset machine before jumping to the OS

[Christian Borntraeger]

You load from address 0. 

On 04/25/2018 02:34 PM, Thomas Huth wrote:
> On 25.04.2018 14:18, Christian Borntraeger wrote:
>>
>> On 04/25/2018 11:08 AM, Thomas Huth wrote:
>>
>>> --- a/pc-bios/s390-ccw/netmain.c
>>> +++ b/pc-bios/s390-ccw/netmain.c
>>> @@ -283,6 +283,15 @@ void panic(const char *string)
>>>      }
>>>  }
>>>  
>>> +void write_subsystem_identification(void)
>>> +{
>>> +    uint32_t *schid = (uint32_t *) 184;
>>> +    uint32_t *zeroes = (uint32_t *) 188;
>>> +
>>> +    *schid = 0;         /* We must not set this for virtio-net */
>>> +    *zeroes = 0;
>>> +}
>>> +
>>
>> I think we actually want to have the CCW devno of that network device
>> stored. It has some value to know which CCW device we bootet from, no?
> 
> Actually, I tried that first (and it took quite some time to debug it),
> but the Linux kernel then bails out quite early, without any error
> message. The trace looks like this:
> 
> 0x0000000007801802:  diag	%r1,%r1,776
> 0x0000000007801780:  larl	%r2,0x7831004
> 0x0000000007801786:  llgf	%r1,8
> 0x000000000780178c:  mvc	0(12,%r0),0(%r2)
> 0x0000000007801792:  br	%r1
> 0x0000000000000418:  bas	%r14,512
> 0x0000000000000200:  mvi	163,1
> 0x0000000000000204:  slr	%r0,%r0
> 0x0000000000000206:  lhi	%r1,2
> 0x000000000000020a:  sigp	%r1,%r0,18
> 0x000000000000020e:  bras	%r13,0x252
> 0x0000000000000252:  lmh	%r0,%r15,0(%r13)
> 0x0000000000000258:  sam31
> 0x000000000000025a:  br	%r14
> 0x000000000000041c:  lh	%r1,184
> 0x0000000000000420:  bct	%r1,1322
> 0x0000000000000424:  l	%r1,184
> 0x0000000000000428:  la	%r2,1840
> 0x000000000000042c:  bas	%r14,640
> 0x0000000000000280:  la	%r4,0(%r14)
> 0x0000000000000284:  la	%r3,792
> 0x0000000000000288:  la	%r5,804
> 0x000000000000028c:  la	%r6,888
> 0x0000000000000290:  la	%r7,20
> 0x0000000000000294:  st	%r2,4(%r6)
> 0x0000000000000298:  la	%r2,80(%r2)
> 0x000000000000029c:  la	%r6,8(%r6)
> 0x00000000000002a0:  bct	%r7,660
> 0x00000000000002a4:  lctl	%c6,%c6,868
> 0x00000000000002a8:  slr	%r2,%r2
> 0x00000000000002aa:  ssch	0(%r3)
> 0x00000000000002ae:  bne	786
> 0x0000000000000312:  lpsw	880
> Guest crashed on cpu 0: disabled-wait
> PSW: 0x000a000000000000 0x0000000000000000
> 
> That's the Lloader function in arch/s390/kernel/head.S which is failing
> here, so seems like Linux tries to load from a block device in case
> there is a value in 184. Thus I assume that 184 has to contain 0 in this
> case.

Hmm, I think this is because we jump to 418 for your kernel (which is the loader
that tries to bootstrap the ccw ipl). When you look at ipl.c we override that
and jump to 0x10000 instead for linux (which is also hackish) for image files.
So I guess if we would do a psw restart instead (like you do) on a kernel image
the normal ipl would also fail....

Re: [Qemu-devel] [PATCH v3 2/3] pc-bios/s390-ccw/net: Use diag308 to reset machine before jumping to the OS

[Christian Borntraeger]

On 04/25/2018 02:41 PM, Christian Borntraeger wrote:
> You load from address 0. 
> 
> On 04/25/2018 02:34 PM, Thomas Huth wrote:
>> On 25.04.2018 14:18, Christian Borntraeger wrote:
>>>
>>> On 04/25/2018 11:08 AM, Thomas Huth wrote:
>>>
>>>> --- a/pc-bios/s390-ccw/netmain.c
>>>> +++ b/pc-bios/s390-ccw/netmain.c
>>>> @@ -283,6 +283,15 @@ void panic(const char *string)
>>>>      }
>>>>  }
>>>>  
>>>> +void write_subsystem_identification(void)
>>>> +{
>>>> +    uint32_t *schid = (uint32_t *) 184;
>>>> +    uint32_t *zeroes = (uint32_t *) 188;
>>>> +
>>>> +    *schid = 0;         /* We must not set this for virtio-net */
>>>> +    *zeroes = 0;
>>>> +}
>>>> +
>>>
>>> I think we actually want to have the CCW devno of that network device
>>> stored. It has some value to know which CCW device we bootet from, no?
>>
>> Actually, I tried that first (and it took quite some time to debug it),
>> but the Linux kernel then bails out quite early, without any error
>> message. The trace looks like this:
>>
>> 0x0000000007801802:  diag	%r1,%r1,776
>> 0x0000000007801780:  larl	%r2,0x7831004
>> 0x0000000007801786:  llgf	%r1,8
>> 0x000000000780178c:  mvc	0(12,%r0),0(%r2)
>> 0x0000000007801792:  br	%r1
>> 0x0000000000000418:  bas	%r14,512
>> 0x0000000000000200:  mvi	163,1
>> 0x0000000000000204:  slr	%r0,%r0
>> 0x0000000000000206:  lhi	%r1,2
>> 0x000000000000020a:  sigp	%r1,%r0,18
>> 0x000000000000020e:  bras	%r13,0x252
>> 0x0000000000000252:  lmh	%r0,%r15,0(%r13)
>> 0x0000000000000258:  sam31
>> 0x000000000000025a:  br	%r14
>> 0x000000000000041c:  lh	%r1,184
>> 0x0000000000000420:  bct	%r1,1322
>> 0x0000000000000424:  l	%r1,184
>> 0x0000000000000428:  la	%r2,1840
>> 0x000000000000042c:  bas	%r14,640
>> 0x0000000000000280:  la	%r4,0(%r14)
>> 0x0000000000000284:  la	%r3,792
>> 0x0000000000000288:  la	%r5,804
>> 0x000000000000028c:  la	%r6,888
>> 0x0000000000000290:  la	%r7,20
>> 0x0000000000000294:  st	%r2,4(%r6)
>> 0x0000000000000298:  la	%r2,80(%r2)
>> 0x000000000000029c:  la	%r6,8(%r6)
>> 0x00000000000002a0:  bct	%r7,660
>> 0x00000000000002a4:  lctl	%c6,%c6,868
>> 0x00000000000002a8:  slr	%r2,%r2
>> 0x00000000000002aa:  ssch	0(%r3)
>> 0x00000000000002ae:  bne	786
>> 0x0000000000000312:  lpsw	880
>> Guest crashed on cpu 0: disabled-wait
>> PSW: 0x000a000000000000 0x0000000000000000
>>
>> That's the Lloader function in arch/s390/kernel/head.S which is failing
>> here, so seems like Linux tries to load from a block device in case
>> there is a value in 184. Thus I assume that 184 has to contain 0 in this
>> case.
> 
> Hmm, I think this is because we jump to 418 for your kernel (which is the loader
> that tries to bootstrap the ccw ipl). When you look at ipl.c we override that
> and jump to 0x10000 instead for linux (which is also hackish) for image files.
> So I guess if we would do a psw restart instead (like you do) on a kernel image
> the normal ipl would also fail....
> 

FWIW, zipl also loads linux kernels from 0x10000
$ git grep 0x10000
boot/head.S:.Lstack: .long  0x10000-160
boot/stage2dump.c:      if (prefix < 0x10000) /* if < linux-start addr */
boot/tape0.S:KERNEL_OFF         = 0x10000               # kernel start code offset
boot/tape0.S:KERNEL_ADDR                = 0x10000               # default kernel load addr
include/zipl.h:#define DEFAULT_IMAGE_ADDRESS            0x10000LL
include/zipl.h:#define MINIMUM_ADDRESS          0x10000LL
src/bootmap.c:          size += DIV_ROUND_UP(st.st_size - 0x10000,
src/job.c:                          &ipl->image_addr, 0, 0x10000,
src/job.c:                      &ipl->ramdisk_addr, 0, 0, 0x10000);
src/job.c:                          &dump->image_addr, 0, 0x10000,
src/job.c:                                  0, 0, 0x10000);
src/job.c:                          &ipl_tape->image_addr, 0, 0x10000,
src/job.c:                                  0, 0, 0x10000);

Re: [Qemu-devel] [PATCH v3 0/3] pc-bios/s390-ccw: Some few network boot improvements

[Viktor VM Mihajlovski]

On 25.04.2018 11:08, Thomas Huth wrote:
> Note: I've decided to removed the pxelinux.cfg patches from this series
> for now, since full pxelinux support requires to parse some additional
> DHCP options (see https://tools.ietf.org/html/rfc5071), and for this, the
> SLOF libnet code needs to be changed first. So I guess I first have to
> implement pxelinux.cfg support for PPC, too, which will likely take a
> little bit longer...
> Thus to keep this series short and reviewable, and to avoid that the other
> patches bit-rot on my hard disk, I've now only included the patches that
> are not related to pxelinux.cfg.
Makes sense to me.
> 
> The first patch is just a minor code refactoring which should not have
> any visible impact, but makes the following patches easier.
> 
> The second patch makes sure that we leave the machine in a sane state
> before jumping into the Linux kernel - i.e. the netboot firmware now
> resets the machine with diag308, too, just like the main s390-ccw
> is doing it already.
> 
> Patch 3 adds support for loading kernels via .INS configuration files.
> You can find these .INS config files on ISO images, so with this patch,
> it should be possible to boot if the TFTP server is configured to use
> the contents of such an ISO image.
I will try out this insfile support but probably won't be able to do
that before next week.
> 
> Thomas Huth (3):
>   pc-bios/s390-ccw/net: Split up net_load() into init, load and uninit
>     parts
>   pc-bios/s390-ccw/net: Use diag308 to reset machine before jumping to
>     the OS
>   pc-bios/s390-ccw/net: Add support for .INS config files
> 
>  pc-bios/s390-ccw/Makefile    |   4 +-
>  pc-bios/s390-ccw/bootmap.c   |  63 +---------------
>  pc-bios/s390-ccw/bootmap.h   |   4 --
>  pc-bios/s390-ccw/jump2ipl.c  |  81 +++++++++++++++++++++
>  pc-bios/s390-ccw/netboot.mak |   3 +-
>  pc-bios/s390-ccw/netmain.c   | 168 +++++++++++++++++++++++++++++++++++--------
>  pc-bios/s390-ccw/s390-ccw.h  |   4 ++
>  7 files changed, 230 insertions(+), 97 deletions(-)
>  create mode 100644 pc-bios/s390-ccw/jump2ipl.c
> 


-- 
Regards,
  Viktor Mihajlovski

Re: [Qemu-devel] [PATCH v3 2/3] pc-bios/s390-ccw/net: Use diag308 to reset machine before jumping to the OS

[Thomas Huth]

On 25.04.2018 14:44, Christian Borntraeger wrote:
> 
> 
> On 04/25/2018 02:41 PM, Christian Borntraeger wrote:
>> You load from address 0. 
>>
>> On 04/25/2018 02:34 PM, Thomas Huth wrote:
>>> On 25.04.2018 14:18, Christian Borntraeger wrote:
>>>>
>>>> On 04/25/2018 11:08 AM, Thomas Huth wrote:
>>>>
>>>>> --- a/pc-bios/s390-ccw/netmain.c
>>>>> +++ b/pc-bios/s390-ccw/netmain.c
>>>>> @@ -283,6 +283,15 @@ void panic(const char *string)
>>>>>      }
>>>>>  }
>>>>>  
>>>>> +void write_subsystem_identification(void)
>>>>> +{
>>>>> +    uint32_t *schid = (uint32_t *) 184;
>>>>> +    uint32_t *zeroes = (uint32_t *) 188;
>>>>> +
>>>>> +    *schid = 0;         /* We must not set this for virtio-net */
>>>>> +    *zeroes = 0;
>>>>> +}
>>>>> +
>>>>
>>>> I think we actually want to have the CCW devno of that network device
>>>> stored. It has some value to know which CCW device we bootet from, no?
>>>
>>> Actually, I tried that first (and it took quite some time to debug it),
>>> but the Linux kernel then bails out quite early, without any error
>>> message. The trace looks like this:
>>>
>>> 0x0000000007801802:  diag	%r1,%r1,776
>>> 0x0000000007801780:  larl	%r2,0x7831004
>>> 0x0000000007801786:  llgf	%r1,8
>>> 0x000000000780178c:  mvc	0(12,%r0),0(%r2)
>>> 0x0000000007801792:  br	%r1
>>> 0x0000000000000418:  bas	%r14,512
>>> 0x0000000000000200:  mvi	163,1
>>> 0x0000000000000204:  slr	%r0,%r0
>>> 0x0000000000000206:  lhi	%r1,2
>>> 0x000000000000020a:  sigp	%r1,%r0,18
>>> 0x000000000000020e:  bras	%r13,0x252
>>> 0x0000000000000252:  lmh	%r0,%r15,0(%r13)
>>> 0x0000000000000258:  sam31
>>> 0x000000000000025a:  br	%r14
>>> 0x000000000000041c:  lh	%r1,184
>>> 0x0000000000000420:  bct	%r1,1322
>>> 0x0000000000000424:  l	%r1,184
>>> 0x0000000000000428:  la	%r2,1840
>>> 0x000000000000042c:  bas	%r14,640
>>> 0x0000000000000280:  la	%r4,0(%r14)
>>> 0x0000000000000284:  la	%r3,792
>>> 0x0000000000000288:  la	%r5,804
>>> 0x000000000000028c:  la	%r6,888
>>> 0x0000000000000290:  la	%r7,20
>>> 0x0000000000000294:  st	%r2,4(%r6)
>>> 0x0000000000000298:  la	%r2,80(%r2)
>>> 0x000000000000029c:  la	%r6,8(%r6)
>>> 0x00000000000002a0:  bct	%r7,660
>>> 0x00000000000002a4:  lctl	%c6,%c6,868
>>> 0x00000000000002a8:  slr	%r2,%r2
>>> 0x00000000000002aa:  ssch	0(%r3)
>>> 0x00000000000002ae:  bne	786
>>> 0x0000000000000312:  lpsw	880
>>> Guest crashed on cpu 0: disabled-wait
>>> PSW: 0x000a000000000000 0x0000000000000000
>>>
>>> That's the Lloader function in arch/s390/kernel/head.S which is failing
>>> here, so seems like Linux tries to load from a block device in case
>>> there is a value in 184. Thus I assume that 184 has to contain 0 in this
>>> case.
>>
>> Hmm, I think this is because we jump to 418 for your kernel (which is the loader
>> that tries to bootstrap the ccw ipl). When you look at ipl.c we override that
>> and jump to 0x10000 instead for linux (which is also hackish) for image files.
>> So I guess if we would do a psw restart instead (like you do) on a kernel image
>> the normal ipl would also fail....
> 
> FWIW, zipl also loads linux kernels from 0x10000

OK, I just checked, and indeed, if I change to code to jump to 0x10000,
it also works when setting a value into 184. So I'll change this patch
here accordingly.

 Thomas

Re: [Qemu-devel] [PATCH v3 2/3] pc-bios/s390-ccw/net: Use diag308 to reset machine before jumping to the OS

[Christian Borntraeger]

On 04/25/2018 05:36 PM, Thomas Huth wrote:
> On 25.04.2018 14:44, Christian Borntraeger wrote:
>>
>>
>> On 04/25/2018 02:41 PM, Christian Borntraeger wrote:
>>> You load from address 0. 
>>>
>>> On 04/25/2018 02:34 PM, Thomas Huth wrote:
>>>> On 25.04.2018 14:18, Christian Borntraeger wrote:
>>>>>
>>>>> On 04/25/2018 11:08 AM, Thomas Huth wrote:
>>>>>
>>>>>> --- a/pc-bios/s390-ccw/netmain.c
>>>>>> +++ b/pc-bios/s390-ccw/netmain.c
>>>>>> @@ -283,6 +283,15 @@ void panic(const char *string)
>>>>>>      }
>>>>>>  }
>>>>>>  
>>>>>> +void write_subsystem_identification(void)
>>>>>> +{
>>>>>> +    uint32_t *schid = (uint32_t *) 184;
>>>>>> +    uint32_t *zeroes = (uint32_t *) 188;
>>>>>> +
>>>>>> +    *schid = 0;         /* We must not set this for virtio-net */
>>>>>> +    *zeroes = 0;
>>>>>> +}
>>>>>> +
>>>>>
>>>>> I think we actually want to have the CCW devno of that network device
>>>>> stored. It has some value to know which CCW device we bootet from, no?
>>>>
>>>> Actually, I tried that first (and it took quite some time to debug it),
>>>> but the Linux kernel then bails out quite early, without any error
>>>> message. The trace looks like this:
>>>>
>>>> 0x0000000007801802:  diag	%r1,%r1,776
>>>> 0x0000000007801780:  larl	%r2,0x7831004
>>>> 0x0000000007801786:  llgf	%r1,8
>>>> 0x000000000780178c:  mvc	0(12,%r0),0(%r2)
>>>> 0x0000000007801792:  br	%r1
>>>> 0x0000000000000418:  bas	%r14,512
>>>> 0x0000000000000200:  mvi	163,1
>>>> 0x0000000000000204:  slr	%r0,%r0
>>>> 0x0000000000000206:  lhi	%r1,2
>>>> 0x000000000000020a:  sigp	%r1,%r0,18
>>>> 0x000000000000020e:  bras	%r13,0x252
>>>> 0x0000000000000252:  lmh	%r0,%r15,0(%r13)
>>>> 0x0000000000000258:  sam31
>>>> 0x000000000000025a:  br	%r14
>>>> 0x000000000000041c:  lh	%r1,184
>>>> 0x0000000000000420:  bct	%r1,1322
>>>> 0x0000000000000424:  l	%r1,184
>>>> 0x0000000000000428:  la	%r2,1840
>>>> 0x000000000000042c:  bas	%r14,640
>>>> 0x0000000000000280:  la	%r4,0(%r14)
>>>> 0x0000000000000284:  la	%r3,792
>>>> 0x0000000000000288:  la	%r5,804
>>>> 0x000000000000028c:  la	%r6,888
>>>> 0x0000000000000290:  la	%r7,20
>>>> 0x0000000000000294:  st	%r2,4(%r6)
>>>> 0x0000000000000298:  la	%r2,80(%r2)
>>>> 0x000000000000029c:  la	%r6,8(%r6)
>>>> 0x00000000000002a0:  bct	%r7,660
>>>> 0x00000000000002a4:  lctl	%c6,%c6,868
>>>> 0x00000000000002a8:  slr	%r2,%r2
>>>> 0x00000000000002aa:  ssch	0(%r3)
>>>> 0x00000000000002ae:  bne	786
>>>> 0x0000000000000312:  lpsw	880
>>>> Guest crashed on cpu 0: disabled-wait
>>>> PSW: 0x000a000000000000 0x0000000000000000
>>>>
>>>> That's the Lloader function in arch/s390/kernel/head.S which is failing
>>>> here, so seems like Linux tries to load from a block device in case
>>>> there is a value in 184. Thus I assume that 184 has to contain 0 in this
>>>> case.
>>>
>>> Hmm, I think this is because we jump to 418 for your kernel (which is the loader
>>> that tries to bootstrap the ccw ipl). When you look at ipl.c we override that
>>> and jump to 0x10000 instead for linux (which is also hackish) for image files.
>>> So I guess if we would do a psw restart instead (like you do) on a kernel image
>>> the normal ipl would also fail....
>>
>> FWIW, zipl also loads linux kernels from 0x10000
> 
> OK, I just checked, and indeed, if I change to code to jump to 0x10000,
> it also works when setting a value into 184. So I'll change this patch
> here accordingly.

At the same time it might make sense to change this code in head.S in the kernel
to continue the normal startup (at 10000) if the device is a virtio device (similar
to what it does when the value at 184 is 0)

Re: [Qemu-devel] [PATCH v3 1/3] pc-bios/s390-ccw/net: Split up net_load() into init, load and uninit parts

[Farhan Ali]

On 04/25/2018 05:08 AM, Thomas Huth wrote:
> When we want to support pxelinux-style network booting later, we've got
> to do several TFTP transfers - and we do not want to apply for a new IP
> address via DHCP each time. So split up net_load into three parts:
> 
> 1. net_init(), which initializes virtio-net, gets an IP address via DHCP
>     and prints out the related information.
> 
> 2. The tftp_load call is now moved directly into the main() function
> 
> 3. A new net_release() function which should tear down the network stack
>     before we are done in the firmware.
> 
> This will make it easier to extend the code in the next patches.
> 
> Signed-off-by: Thomas Huth<thuth@redhat.com>

You might want to change the commit header "uninit parts" to "release 
parts" :)

Re: [Qemu-devel] [PATCH v3 2/3] pc-bios/s390-ccw/net: Use diag308 to reset machine before jumping to the OS

[Christian Borntraeger]

On 04/25/2018 05:36 PM, Thomas Huth wrote:
> On 25.04.2018 14:44, Christian Borntraeger wrote:
>>
>>
>> On 04/25/2018 02:41 PM, Christian Borntraeger wrote:
>>> You load from address 0. 
>>>
>>> On 04/25/2018 02:34 PM, Thomas Huth wrote:
>>>> On 25.04.2018 14:18, Christian Borntraeger wrote:
>>>>>
>>>>> On 04/25/2018 11:08 AM, Thomas Huth wrote:
>>>>>
>>>>>> --- a/pc-bios/s390-ccw/netmain.c
>>>>>> +++ b/pc-bios/s390-ccw/netmain.c
>>>>>> @@ -283,6 +283,15 @@ void panic(const char *string)
>>>>>>      }
>>>>>>  }
>>>>>>  
>>>>>> +void write_subsystem_identification(void)
>>>>>> +{
>>>>>> +    uint32_t *schid = (uint32_t *) 184;
>>>>>> +    uint32_t *zeroes = (uint32_t *) 188;
>>>>>> +
>>>>>> +    *schid = 0;         /* We must not set this for virtio-net */
>>>>>> +    *zeroes = 0;
>>>>>> +}
>>>>>> +
>>>>>
>>>>> I think we actually want to have the CCW devno of that network device
>>>>> stored. It has some value to know which CCW device we bootet from, no?
>>>>
>>>> Actually, I tried that first (and it took quite some time to debug it),
>>>> but the Linux kernel then bails out quite early, without any error
>>>> message. The trace looks like this:
>>>>
>>>> 0x0000000007801802:  diag	%r1,%r1,776
>>>> 0x0000000007801780:  larl	%r2,0x7831004
>>>> 0x0000000007801786:  llgf	%r1,8
>>>> 0x000000000780178c:  mvc	0(12,%r0),0(%r2)
>>>> 0x0000000007801792:  br	%r1
>>>> 0x0000000000000418:  bas	%r14,512
>>>> 0x0000000000000200:  mvi	163,1
>>>> 0x0000000000000204:  slr	%r0,%r0
>>>> 0x0000000000000206:  lhi	%r1,2
>>>> 0x000000000000020a:  sigp	%r1,%r0,18
>>>> 0x000000000000020e:  bras	%r13,0x252
>>>> 0x0000000000000252:  lmh	%r0,%r15,0(%r13)
>>>> 0x0000000000000258:  sam31
>>>> 0x000000000000025a:  br	%r14
>>>> 0x000000000000041c:  lh	%r1,184
>>>> 0x0000000000000420:  bct	%r1,1322
>>>> 0x0000000000000424:  l	%r1,184
>>>> 0x0000000000000428:  la	%r2,1840
>>>> 0x000000000000042c:  bas	%r14,640
>>>> 0x0000000000000280:  la	%r4,0(%r14)
>>>> 0x0000000000000284:  la	%r3,792
>>>> 0x0000000000000288:  la	%r5,804
>>>> 0x000000000000028c:  la	%r6,888
>>>> 0x0000000000000290:  la	%r7,20
>>>> 0x0000000000000294:  st	%r2,4(%r6)
>>>> 0x0000000000000298:  la	%r2,80(%r2)
>>>> 0x000000000000029c:  la	%r6,8(%r6)
>>>> 0x00000000000002a0:  bct	%r7,660
>>>> 0x00000000000002a4:  lctl	%c6,%c6,868
>>>> 0x00000000000002a8:  slr	%r2,%r2
>>>> 0x00000000000002aa:  ssch	0(%r3)
>>>> 0x00000000000002ae:  bne	786
>>>> 0x0000000000000312:  lpsw	880
>>>> Guest crashed on cpu 0: disabled-wait
>>>> PSW: 0x000a000000000000 0x0000000000000000
>>>>
>>>> That's the Lloader function in arch/s390/kernel/head.S which is failing
>>>> here, so seems like Linux tries to load from a block device in case
>>>> there is a value in 184. Thus I assume that 184 has to contain 0 in this
>>>> case.
>>>
>>> Hmm, I think this is because we jump to 418 for your kernel (which is the loader
>>> that tries to bootstrap the ccw ipl). When you look at ipl.c we override that
>>> and jump to 0x10000 instead for linux (which is also hackish) for image files.
>>> So I guess if we would do a psw restart instead (like you do) on a kernel image
>>> the normal ipl would also fail....
>>
>> FWIW, zipl also loads linux kernels from 0x10000
> 
> OK, I just checked, and indeed, if I change to code to jump to 0x10000,
> it also works when setting a value into 184. So I'll change this patch
> here accordingly.

This will of course break loading non-Linux binaries.
Could we maybe check 0x10008 for S390EP (see head.S) which indicates Linux since 3.2 or so
and only in that case change the address to 0x10000?

Re: [Qemu-devel] [PATCH v3 2/3] pc-bios/s390-ccw/net: Use diag308 to reset machine before jumping to the OS

[Thomas Huth]

On 25.04.2018 18:03, Christian Borntraeger wrote:
> 
> 
> On 04/25/2018 05:36 PM, Thomas Huth wrote:
>> On 25.04.2018 14:44, Christian Borntraeger wrote:
>>>
>>>
>>> On 04/25/2018 02:41 PM, Christian Borntraeger wrote:
>>>> You load from address 0. 
>>>>
>>>> On 04/25/2018 02:34 PM, Thomas Huth wrote:
>>>>> On 25.04.2018 14:18, Christian Borntraeger wrote:
>>>>>>
>>>>>> On 04/25/2018 11:08 AM, Thomas Huth wrote:
>>>>>>
>>>>>>> --- a/pc-bios/s390-ccw/netmain.c
>>>>>>> +++ b/pc-bios/s390-ccw/netmain.c
>>>>>>> @@ -283,6 +283,15 @@ void panic(const char *string)
>>>>>>>      }
>>>>>>>  }
>>>>>>>  
>>>>>>> +void write_subsystem_identification(void)
>>>>>>> +{
>>>>>>> +    uint32_t *schid = (uint32_t *) 184;
>>>>>>> +    uint32_t *zeroes = (uint32_t *) 188;
>>>>>>> +
>>>>>>> +    *schid = 0;         /* We must not set this for virtio-net */
>>>>>>> +    *zeroes = 0;
>>>>>>> +}
>>>>>>> +
>>>>>>
>>>>>> I think we actually want to have the CCW devno of that network device
>>>>>> stored. It has some value to know which CCW device we bootet from, no?
>>>>>
>>>>> Actually, I tried that first (and it took quite some time to debug it),
>>>>> but the Linux kernel then bails out quite early, without any error
>>>>> message. The trace looks like this:
>>>>>
>>>>> 0x0000000007801802:  diag	%r1,%r1,776
>>>>> 0x0000000007801780:  larl	%r2,0x7831004
>>>>> 0x0000000007801786:  llgf	%r1,8
>>>>> 0x000000000780178c:  mvc	0(12,%r0),0(%r2)
>>>>> 0x0000000007801792:  br	%r1
>>>>> 0x0000000000000418:  bas	%r14,512
>>>>> 0x0000000000000200:  mvi	163,1
>>>>> 0x0000000000000204:  slr	%r0,%r0
>>>>> 0x0000000000000206:  lhi	%r1,2
>>>>> 0x000000000000020a:  sigp	%r1,%r0,18
>>>>> 0x000000000000020e:  bras	%r13,0x252
>>>>> 0x0000000000000252:  lmh	%r0,%r15,0(%r13)
>>>>> 0x0000000000000258:  sam31
>>>>> 0x000000000000025a:  br	%r14
>>>>> 0x000000000000041c:  lh	%r1,184
>>>>> 0x0000000000000420:  bct	%r1,1322
>>>>> 0x0000000000000424:  l	%r1,184
>>>>> 0x0000000000000428:  la	%r2,1840
>>>>> 0x000000000000042c:  bas	%r14,640
>>>>> 0x0000000000000280:  la	%r4,0(%r14)
>>>>> 0x0000000000000284:  la	%r3,792
>>>>> 0x0000000000000288:  la	%r5,804
>>>>> 0x000000000000028c:  la	%r6,888
>>>>> 0x0000000000000290:  la	%r7,20
>>>>> 0x0000000000000294:  st	%r2,4(%r6)
>>>>> 0x0000000000000298:  la	%r2,80(%r2)
>>>>> 0x000000000000029c:  la	%r6,8(%r6)
>>>>> 0x00000000000002a0:  bct	%r7,660
>>>>> 0x00000000000002a4:  lctl	%c6,%c6,868
>>>>> 0x00000000000002a8:  slr	%r2,%r2
>>>>> 0x00000000000002aa:  ssch	0(%r3)
>>>>> 0x00000000000002ae:  bne	786
>>>>> 0x0000000000000312:  lpsw	880
>>>>> Guest crashed on cpu 0: disabled-wait
>>>>> PSW: 0x000a000000000000 0x0000000000000000
>>>>>
>>>>> That's the Lloader function in arch/s390/kernel/head.S which is failing
>>>>> here, so seems like Linux tries to load from a block device in case
>>>>> there is a value in 184. Thus I assume that 184 has to contain 0 in this
>>>>> case.
>>>>
>>>> Hmm, I think this is because we jump to 418 for your kernel (which is the loader
>>>> that tries to bootstrap the ccw ipl). When you look at ipl.c we override that
>>>> and jump to 0x10000 instead for linux (which is also hackish) for image files.
>>>> So I guess if we would do a psw restart instead (like you do) on a kernel image
>>>> the normal ipl would also fail....
>>>
>>> FWIW, zipl also loads linux kernels from 0x10000
>>
>> OK, I just checked, and indeed, if I change to code to jump to 0x10000,
>> it also works when setting a value into 184. So I'll change this patch
>> here accordingly.
> 
> This will of course break loading non-Linux binaries.
> Could we maybe check 0x10008 for S390EP (see head.S) which indicates Linux since 3.2 or so
> and only in that case change the address to 0x10000?

Sounds like a good idea! I assume load_iso_bc_entry() in bootmap.c
should use that mechanism, too? And what about hw/s390/ipl.c, should we
change the code there, too?

 Thomas

Re: [Qemu-devel] [PATCH v3 2/3] pc-bios/s390-ccw/net: Use diag308 to reset machine before jumping to the OS

[Christian Borntraeger]

On 04/26/2018 05:43 AM, Thomas Huth wrote:
> On 25.04.2018 18:03, Christian Borntraeger wrote:
>>
>>
>> On 04/25/2018 05:36 PM, Thomas Huth wrote:
>>> On 25.04.2018 14:44, Christian Borntraeger wrote:
>>>>
>>>>
>>>> On 04/25/2018 02:41 PM, Christian Borntraeger wrote:
>>>>> You load from address 0. 
>>>>>
>>>>> On 04/25/2018 02:34 PM, Thomas Huth wrote:
>>>>>> On 25.04.2018 14:18, Christian Borntraeger wrote:
>>>>>>>
>>>>>>> On 04/25/2018 11:08 AM, Thomas Huth wrote:
>>>>>>>
>>>>>>>> --- a/pc-bios/s390-ccw/netmain.c
>>>>>>>> +++ b/pc-bios/s390-ccw/netmain.c
>>>>>>>> @@ -283,6 +283,15 @@ void panic(const char *string)
>>>>>>>>      }
>>>>>>>>  }
>>>>>>>>  
>>>>>>>> +void write_subsystem_identification(void)
>>>>>>>> +{
>>>>>>>> +    uint32_t *schid = (uint32_t *) 184;
>>>>>>>> +    uint32_t *zeroes = (uint32_t *) 188;
>>>>>>>> +
>>>>>>>> +    *schid = 0;         /* We must not set this for virtio-net */
>>>>>>>> +    *zeroes = 0;
>>>>>>>> +}
>>>>>>>> +
>>>>>>>
>>>>>>> I think we actually want to have the CCW devno of that network device
>>>>>>> stored. It has some value to know which CCW device we bootet from, no?
>>>>>>
>>>>>> Actually, I tried that first (and it took quite some time to debug it),
>>>>>> but the Linux kernel then bails out quite early, without any error
>>>>>> message. The trace looks like this:
>>>>>>
>>>>>> 0x0000000007801802:  diag	%r1,%r1,776
>>>>>> 0x0000000007801780:  larl	%r2,0x7831004
>>>>>> 0x0000000007801786:  llgf	%r1,8
>>>>>> 0x000000000780178c:  mvc	0(12,%r0),0(%r2)
>>>>>> 0x0000000007801792:  br	%r1
>>>>>> 0x0000000000000418:  bas	%r14,512
>>>>>> 0x0000000000000200:  mvi	163,1
>>>>>> 0x0000000000000204:  slr	%r0,%r0
>>>>>> 0x0000000000000206:  lhi	%r1,2
>>>>>> 0x000000000000020a:  sigp	%r1,%r0,18
>>>>>> 0x000000000000020e:  bras	%r13,0x252
>>>>>> 0x0000000000000252:  lmh	%r0,%r15,0(%r13)
>>>>>> 0x0000000000000258:  sam31
>>>>>> 0x000000000000025a:  br	%r14
>>>>>> 0x000000000000041c:  lh	%r1,184
>>>>>> 0x0000000000000420:  bct	%r1,1322
>>>>>> 0x0000000000000424:  l	%r1,184
>>>>>> 0x0000000000000428:  la	%r2,1840
>>>>>> 0x000000000000042c:  bas	%r14,640
>>>>>> 0x0000000000000280:  la	%r4,0(%r14)
>>>>>> 0x0000000000000284:  la	%r3,792
>>>>>> 0x0000000000000288:  la	%r5,804
>>>>>> 0x000000000000028c:  la	%r6,888
>>>>>> 0x0000000000000290:  la	%r7,20
>>>>>> 0x0000000000000294:  st	%r2,4(%r6)
>>>>>> 0x0000000000000298:  la	%r2,80(%r2)
>>>>>> 0x000000000000029c:  la	%r6,8(%r6)
>>>>>> 0x00000000000002a0:  bct	%r7,660
>>>>>> 0x00000000000002a4:  lctl	%c6,%c6,868
>>>>>> 0x00000000000002a8:  slr	%r2,%r2
>>>>>> 0x00000000000002aa:  ssch	0(%r3)
>>>>>> 0x00000000000002ae:  bne	786
>>>>>> 0x0000000000000312:  lpsw	880
>>>>>> Guest crashed on cpu 0: disabled-wait
>>>>>> PSW: 0x000a000000000000 0x0000000000000000
>>>>>>
>>>>>> That's the Lloader function in arch/s390/kernel/head.S which is failing
>>>>>> here, so seems like Linux tries to load from a block device in case
>>>>>> there is a value in 184. Thus I assume that 184 has to contain 0 in this
>>>>>> case.
>>>>>
>>>>> Hmm, I think this is because we jump to 418 for your kernel (which is the loader
>>>>> that tries to bootstrap the ccw ipl). When you look at ipl.c we override that
>>>>> and jump to 0x10000 instead for linux (which is also hackish) for image files.
>>>>> So I guess if we would do a psw restart instead (like you do) on a kernel image
>>>>> the normal ipl would also fail....
>>>>
>>>> FWIW, zipl also loads linux kernels from 0x10000
>>>
>>> OK, I just checked, and indeed, if I change to code to jump to 0x10000,
>>> it also works when setting a value into 184. So I'll change this patch
>>> here accordingly.
>>
>> This will of course break loading non-Linux binaries.
>> Could we maybe check 0x10008 for S390EP (see head.S) which indicates Linux since 3.2 or so
>> and only in that case change the address to 0x10000?
> 
> Sounds like a good idea! I assume load_iso_bc_entry() in bootmap.c
> should use that mechanism, too? And what about hw/s390/ipl.c, should we
> change the code there, too?

Yes, we should fix them all.