[Qemu-devel] [PULL 0/3] s390 patch queue 2013-07-29

[Qemu-devel] [PULL 0/3] s390 patch queue 2013-07-29

[Alexander Graf]

Hi Blue / Aurelien / Anthony,

This is my current patch queue for s390.  Please pull.

Alex


The following changes since commit 461bdb3414c40d6806194bf68c91521496b1042d:
  Aurelien Jarno (1):
        Merge branch 'trivial-patches' of git://git.corpit.ru/qemu

are available in the git repository at:

  git://github.com/agraf/qemu.git s390-for-upstream

Alexander Graf (1):
      s390: update s390-ccw.img

Christian Borntraeger (1):
      s390/ipl: Fix boot order

Dominik Dingel (1):
      s390/IPL: Allow boot from other ssid than 0

 hw/s390x/ipl.c              |   22 ++++++++++++----------
 pc-bios/s390-ccw.img        |  Bin 9432 -> 9432 bytes
 pc-bios/s390-ccw/cio.h      |   20 ++++++++++++++++++++
 pc-bios/s390-ccw/main.c     |    7 +++++++
 pc-bios/s390-ccw/s390-ccw.h |    1 +
 pc-bios/s390-ccw/virtio.c   |   18 ++++++++++++++++++
 6 files changed, 58 insertions(+), 10 deletions(-)

[Qemu-devel] [PULL 1/3] s390/IPL: Allow boot from other ssid than 0

[Alexander Graf]

From: Dominik Dingel <dingel@linux.vnet.ibm.com>

We now take the subchannel set id also into account to find the boot device.
If we want to use a subchannel set other than the default set 0, we first
need to enable the mss facility.

Signed-off-by: Dominik Dingel <dingel@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
---
 pc-bios/s390-ccw/cio.h      |   20 ++++++++++++++++++++
 pc-bios/s390-ccw/main.c     |    7 +++++++
 pc-bios/s390-ccw/s390-ccw.h |    1 +
 pc-bios/s390-ccw/virtio.c   |   18 ++++++++++++++++++
 4 files changed, 46 insertions(+), 0 deletions(-)

diff --git a/pc-bios/s390-ccw/cio.h b/pc-bios/s390-ccw/cio.h
index cb5815a..f5b4549 100644
--- a/pc-bios/s390-ccw/cio.h
+++ b/pc-bios/s390-ccw/cio.h
@@ -93,6 +93,26 @@ struct subchannel_id {
         __u32 sch_no : 16;
 } __attribute__ ((packed, aligned(4)));
 
+struct chsc_header {
+    __u16 length;
+    __u16 code;
+} __attribute__((packed));
+
+struct chsc_area_sda {
+    struct chsc_header request;
+    __u8 reserved1:4;
+    __u8 format:4;
+    __u8 reserved2;
+    __u16 operation_code;
+    __u32 reserved3;
+    __u32 reserved4;
+    __u32 operation_data_area[252];
+    struct chsc_header response;
+    __u32 reserved5:4;
+    __u32 format2:4;
+    __u32 reserved6:24;
+} __attribute__((packed));
+
 /*
  * TPI info structure
  */
diff --git a/pc-bios/s390-ccw/main.c b/pc-bios/s390-ccw/main.c
index 1665c57..c5d5332 100644
--- a/pc-bios/s390-ccw/main.c
+++ b/pc-bios/s390-ccw/main.c
@@ -35,6 +35,13 @@ static void virtio_setup(uint64_t dev_info)
         check_devno = true;
         dev_no = dev_info & 0xffff;
         debug_print_int("device no. ", dev_no);
+        blk_schid.ssid = (dev_info >> 16) & 0x3;
+        if (blk_schid.ssid != 0) {
+            debug_print_int("ssid ", blk_schid.ssid);
+            if (enable_mss_facility() != 0) {
+                virtio_panic("Failed to enable mss facility\n");
+            }
+        }
     }
 
     for (i = 0; i < 0x10000; i++) {
diff --git a/pc-bios/s390-ccw/s390-ccw.h b/pc-bios/s390-ccw/s390-ccw.h
index 8241b0a..5e871ac 100644
--- a/pc-bios/s390-ccw/s390-ccw.h
+++ b/pc-bios/s390-ccw/s390-ccw.h
@@ -61,6 +61,7 @@ unsigned long virtio_load_direct(ulong rec_list1, ulong rec_list2,
 bool virtio_is_blk(struct subchannel_id schid);
 void virtio_setup_block(struct subchannel_id schid);
 int virtio_read(ulong sector, void *load_addr);
+int enable_mss_facility(void);
 
 /* bootmap.c */
 int zipl_load(void);
diff --git a/pc-bios/s390-ccw/virtio.c b/pc-bios/s390-ccw/virtio.c
index f438af1..49f2d29 100644
--- a/pc-bios/s390-ccw/virtio.c
+++ b/pc-bios/s390-ccw/virtio.c
@@ -13,6 +13,8 @@
 
 struct vring block;
 
+static char chsc_page[PAGE_SIZE] __attribute__((__aligned__(PAGE_SIZE)));
+
 static long kvm_hypercall(unsigned long nr, unsigned long param1,
                           unsigned long param2)
 {
@@ -301,3 +303,19 @@ bool virtio_is_blk(struct subchannel_id schid)
     return true;
 }
 
+int enable_mss_facility(void)
+{
+    int ret;
+    struct chsc_area_sda *sda_area = (struct chsc_area_sda *) chsc_page;
+
+    memset(sda_area, 0, PAGE_SIZE);
+    sda_area->request.length = 0x0400;
+    sda_area->request.code = 0x0031;
+    sda_area->operation_code = 0x2;
+
+    ret = chsc(sda_area);
+    if ((ret == 0) && (sda_area->response.code == 0x0001)) {
+        return 0;
+    }
+    return -EIO;
+}
-- 
1.6.0.2

[Qemu-devel] [PULL 2/3] s390/ipl: Fix boot order

[Alexander Graf]

From: Christian Borntraeger <borntraeger@de.ibm.com>

The latest ipl code adaptions collided with some of the virtio
refactoring rework. This resulted in always booting the first
disk. Let's fix booting from a given ID.
The new code also checks for command lines without bootindex to
avoid random behaviour when accessing dev_st (==0).

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
---
 hw/s390x/ipl.c |   22 ++++++++++++----------
 1 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/hw/s390x/ipl.c b/hw/s390x/ipl.c
index 0aeb003..d69adb2 100644
--- a/hw/s390x/ipl.c
+++ b/hw/s390x/ipl.c
@@ -154,17 +154,19 @@ static void s390_ipl_reset(DeviceState *dev)
     env->psw.mask = IPL_PSW_MASK;
 
     if (!ipl->kernel) {
-        /* booting firmware, tell what device to boot from */
+        /* Tell firmware, if there is a preferred boot device */
+        env->regs[7] = -1;
         DeviceState *dev_st = get_boot_device(0);
-        VirtioCcwDevice *ccw_dev = (VirtioCcwDevice *) object_dynamic_cast(
-                OBJECT(&(dev_st->parent_obj)), "virtio-blk-ccw");
-
-        if (ccw_dev) {
-            env->regs[7] = ccw_dev->sch->cssid << 24 |
-                           ccw_dev->sch->ssid << 16 |
-                           ccw_dev->sch->devno;
-        } else {
-            env->regs[7] = -1;
+        if (dev_st) {
+            VirtioCcwDevice *ccw_dev = (VirtioCcwDevice *) object_dynamic_cast(
+                OBJECT(qdev_get_parent_bus(dev_st)->parent),
+                TYPE_VIRTIO_CCW_DEVICE);
+
+            if (ccw_dev) {
+                env->regs[7] = ccw_dev->sch->cssid << 24 |
+                               ccw_dev->sch->ssid << 16 |
+                               ccw_dev->sch->devno;
+            }
         }
     }
 
-- 
1.6.0.2

[Qemu-devel] [PULL 3/3] s390: update s390-ccw.img

[Alexander Graf]

This enables the following patches:

  s390/IPL: Allow boot from other ssid than 0
  s390/ipl: Fix spurious errors in virtio

Signed-off-by: Alexander Graf <agraf@suse.de>
---
 pc-bios/s390-ccw.img |  Bin 9432 -> 9432 bytes
 1 files changed, 0 insertions(+), 0 deletions(-)

diff --git a/pc-bios/s390-ccw.img b/pc-bios/s390-ccw.img
index 1b2a11e728d1e17d386d64a9f13a90b4635dc2ba..05fc7c2fae97caf222d9ccce88631d8a20ccd565 100644
GIT binary patch
delta 1800
zcmY*ae{54l9RJ?y+uoyW<+X*a-MXzCb3fR^iZK(6kroj~B&LB8z!)6}L}a=V_QxQ^
z5(ODDShoX%iAob_jzHA1xgh`OQ}+iN!WtsUFcS(5hNKYQ;?yz5&hK3p442&d-1pbr
z=X>|Pdn2nxRz*t{d#u;L!afJGZ4UIdH<CmzJ6Pds5-Kf~_Y|UPuh3)LI}j$OBckM*
zcK~wMuyKG)n-zdcGl}xSw8d-qPBRMn`uoCzBuxXy=?(rU#1{Zb2Mho;j1pVQIol7N
z88;Y^7q8+En~fxRem-P?v!Gmh_#u~dz<PEDh^Li(2N2%|5ZY&*W=1FH@hd=riKybK
z-e5#&n^8*6(xZkil9O-V;hgu0B?SfBE%Aj>R|Q)RPBB(*3ffQXJJ7P9r`R~ZYx>bT
zC5eB4az@4<mUbp>!-9;Qe>2)oq6F*`CNj=H)3i*F6$CB26Z2`Fv#jCfHJcSP0Q1yk
z`0p}w@o_L!ky$8e`ptcy@dh)7-+KDGvyAxY9%nIe&`+IJ%Jd}t-dR%ifHiP_QH6fi
z!T*pGb;+DEa(t9dI%~<Bw9@tbD-k?^7QU0!0+<2Nrcap({Kka0a=<h(yT)s_1epI*
zS|lh<_uw&U)7>)W5RJLYot<eT>49=K1ohI^Nw2!9$rd{4s(baaTvwI=tVUk-lFdq?
zwGGR0C><O#KxMU@XMV6IK-I>j^^#nz3is=rU}L*M+uifDNnAnCb<=M5%j7yuy8U@M
zDfR+5%rNLVx9OC7Ejd3Bo?E3T&2idUP`a@BINL~Uax=p?uiktl6c{UGtAL<hk^1HR
zIb((yL|cRo6%3O{^jKkY1ZM<t71Pvb-xPtfN14}vKJWvp!{9<b#XKqmjQ}tYEJ9Qe
z6~x^Bw;<480Y;YrK9>_uPrF8*Q^H~+HCBViGZ!kfX;uS}9bq|~w3@Q_f_#C;(uBuC
z9~F8dk0)_X@YDqjYk)0*XG1~6ji3tJkMCizb-;&dzcmQG@h@|O7YpDgtPXwcfs7AS
z$j@8`0{L-AZV+SLX^81i$#j6QKL$9{DNh~FWrTX8fCmVmr=u|gDnrg;9xt>|7mIi>
z00{&Q;etjr2!=?Lq|KNICBqbYF+#mqC=J#r5o18uu+GWF5;1?1VGRbs`UcZDFRAy4
zdjhlY<ZD39oE*bq)5iN$>jF|*0*jE`1*AqArSooisqTrQAf-a{$nkWbumD~~v=A(p
zJ+#uhH2<;ZNA_#>0#4nb?cRB$h<@y?e&)LHo4kO2_cd&$1^SwV*@EA%((NsP<i{rm
z=@oBL>55I;TeoiUceMGpzQ1X6>sJ4JyLS1vZF+lq>-LV_cKWAxnTG4yu+!?Ivo?Zw
zxoAg3Jbw<(|H4NIP9Xk<Xmb8{9^wS&|Ga@|U=jS=jTlD6ohR>bK7nzhi}Q#0oRS1m
z6y=x1l)CUf0^%`54<f!tN|5uZ7Q_u$1|}l<$Tk-_d|ez?NMoOGUh!(jgfe45sK+j!
zW-UdUX~5S&PSX}&wO8;HZ5ehS_IpCmQmTi>d}U;an!aihrFU_Bg6bs=UgRsA9lw>x
z@pB<*DQ%R7ON!Sa12UA==r0Py_AYi@os0@WOX+6>qTI5gC+BGH5v^N4JnIwtq1me)
zBTx9Ezmg}sw3J;RI8!p9l&dJ=^k7^0+B#4_QqLWqfBTp8x*LNFZq+6q%o!aX__o|m
y6nm1I6)%wl<rQr%`wZKn86=%_-~5HH>^}?h#m$y&FExewQdaWKpt88Ha^yc*4tkgX

delta 1514
zcmY*ZZ%iCT6o0dKunPj&J186+9D8)bLBVp-#8P7GQ7S^X;3fVk#1BP2G}@Q|=2Q}!
z^crh4YFltxW0M-!wq(F2f?TVRG_p3Rgw)c+R7tAl;)Vu2G~48iXe;BJh1T>XJHMIt
z-n{pl_hx6YeX)HgAmvOAYpuEYbKpq++;IOx#2998RQba~Bd6}W2T>IldX#uFM$Ce}
z<VSM}!2L7J0HpiuFzA-eYxsa^fbzI4Y-G$-aem`HVh~GJ(V10p&JM#K_C65bvup}r
zWFJ6t!amCeIUl(KBr;)0zEGEH&=1uBIZ3}z%X{4)nM<7WkGnJjL|oTNF~YpJitPrE
z!{Rl;;;y|LEr)rEW%#nGVcH>w%?r3rV`e}+C(G$$b_8_uD%!uIJ)X*jL)Tokp#t(#
zoLvW;ti30|bh9|@X&y2)GXXO1HVqt~rk{8!Nh`hL@smdSo2Pmw*PH7#u)>-G?rAqX
zV`(BcYln5xj5TnM`bie&KRF4uILAmk^Dyo7))F@z^lp1Jh=uIo1FRNzhCyEY)||j`
zUU*Bdn<f@u@tSJ_%)3-w-wCQ~(^zhK?K5Xjl4iU?&uL4&>VqJgg?h(!npPKv$Whu^
zSSP<I^14Q8qHt5kOAeD}D{@ms#<iTMXY5sQ%NfUKzY{$s%I0KG;OsiGBP_(f!TCiq
zhLKK*W@qo9slpcWD%Fd$yzE@o1O;eRvh!%H=m~N?dA6uplA;Ura&f>LonhU?<rF!F
zd6ekq^mcKX6dj|!k_GYsT`qYtFFkI@)|*5I=y{)Za4pPy0KU42YA4xtc%V6g*bQ!n
zViop14t>}krDMg?><chFT@05-3bG^Va&SX_`Z5s6k7)*sY|V~XU?`wZD-g6aY`l)e
z0#KNOce4&-7h>!)7+Y=jEbx&M8!Xjm@qr!z6+}o2>@%RZsrCgV^C@nF*o2`mp9(S6
zJ{JLdT#)*AQCvpI!P?e<J3W3=p%+X24_<Pv=!&Q>$r66I4*l<Or}AJqmN?e<h%8g3
z?2*lu?@Klh#EE?W$kzbVMNo&gstGYFv}?U|e_3ezjI*;Acm8hLSPtFn!7*s{_W<ZD
zbE_7+1&}p4i68+<;9_0qA7#5}qkoM4>fd)z{POvnXRt0Xgt&q@#rdCNZFByYhU_)Y
zS7V56h{q9oIR86>nBe@MJj78vTM^<M=eMJXtB75gR7J!GKx)Jq;m<2QhcShqFM0tP
zEXbqZm$ymq3)Lz%`CAKCC1F{YdV~XFDyIn0SVaSg(L_b4G$C{-yYMT=PY?z<<(j2t
zMJ4H{sfrMJm@0uvvYXZf8cLlQ=#q<{j%iOJf}E1yr2PT^4$MMkH#ExvaoyB<EbD0Y
z5&0eE?VPuAqXmoivLbjC5g|uUrUFSRX^=(|bfZcf%k^02Q}DyKmJaRs%S%?FviHV`
znO8#3Z;2<*2Xl#(vrNsZoy4HLs?VFVk+Aem;x?Mtyw$t@Dg&&)(ik&NO`#seDT;ps
JCGA~(@jv0P6qNt~

-- 
1.6.0.2

[Qemu-devel] [PULL 0/8] s390 patch queue part 2

[Christian Borntraeger]

Hi Anthony / Blue / Aurelien,

on top of these patches, 
the following changes since commit 0e0259ad7425417d28a9428c4aab959dae2e35ca:

  s390: update s390-ccw.img (2013-07-29 11:46:10 +0200)

are available in the git repository at:

  git://github.com/borntraeger/qemu.git s390-for-1.6

for you to fetch changes up to 3d8318cd709fd2e643cefb68ea4b1b2deeac0a95:

  s390: Implement dump-guest-memory support for target s390x (2013-07-29 15:49:28 +0200)i


all patches have been posted to the list. Please apply for 1.6


Christian

----------------------------------------------------------------
Ekaterina Tumanova (1):
      s390: Implement dump-guest-memory support for target s390x

Heinz Graalfs (1):
      s390/sclpconsole: handle char layer busy conditions

Thomas Huth (6):
      s390x/ioinst: Add missing alignment checks for IO instructions
      s390x/ioinst: Throw addressing exception when memory_map failed
      s390x/ioinst: Fixed alignment check in SCHM instruction
      s390x/ioinst: Fixed priority of operand exceptions
      s390x/kvm: Reworked/fixed handling of cc3 in kvm_handle_css_inst()
      s390x/kvm: Remove redundant return code

 hw/char/sclpconsole.c      |  18 +---
 include/elf.h              |   6 ++
 target-s390x/Makefile.objs |   2 +-
 target-s390x/arch_dump.c   | 212 +++++++++++++++++++++++++++++++++++++++++++++
 target-s390x/cpu-qom.h     |   5 ++
 target-s390x/cpu.c         |   2 +
 target-s390x/ioinst.c      |  65 +++++++++-----
 target-s390x/kvm.c         |  64 +++-----------
 8 files changed, 283 insertions(+), 91 deletions(-)
 create mode 100644 target-s390x/arch_dump.c

[Qemu-devel] [PATCH 1/8] s390/sclpconsole: handle char layer busy conditions

[Christian Borntraeger]

From: Heinz Graalfs <graalfs@linux.vnet.ibm.com>

Handle busy conditions (errno=EAGAIN) in char layer by using
the new char layer in the sclp console.

Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
---
 hw/char/sclpconsole.c | 18 +-----------------
 1 file changed, 1 insertion(+), 17 deletions(-)

diff --git a/hw/char/sclpconsole.c b/hw/char/sclpconsole.c
index bcc7893..eb3988c 100644
--- a/hw/char/sclpconsole.c
+++ b/hw/char/sclpconsole.c
@@ -184,8 +184,6 @@ static int read_event_data(SCLPEvent *event, EventBufferHeader *evt_buf_hdr,
 static ssize_t write_console_data(SCLPEvent *event, const uint8_t *buf,
                                   size_t len)
 {
-    ssize_t ret = 0;
-    const uint8_t *iov_offset;
     SCLPConsole *scon = DO_UPCAST(SCLPConsole, event, event);
 
     if (!scon->chr) {
@@ -193,21 +191,7 @@ static ssize_t write_console_data(SCLPEvent *event, const uint8_t *buf,
         return len;
     }
 
-    iov_offset = buf;
-    while (len > 0) {
-        ret = qemu_chr_fe_write(scon->chr, buf, len);
-        if (ret == 0) {
-            /* a pty doesn't seem to be connected - no error */
-            len = 0;
-        } else if (ret == -EAGAIN || (ret > 0 && ret < len)) {
-            len -= ret;
-            iov_offset += ret;
-        } else {
-            len = 0;
-        }
-    }
-
-    return ret;
+    return qemu_chr_fe_write_all(scon->chr, buf, len);
 }
 
 static int write_event_data(SCLPEvent *event, EventBufferHeader *evt_buf_hdr)
-- 
1.8.3.1

[Qemu-devel] [PATCH 2/8] s390x/ioinst: Add missing alignment checks for IO instructions

[Christian Borntraeger]

From: Thomas Huth <thuth@linux.vnet.ibm.com>

The IO instructions MSCH, SSCH, STSCH, TSCH, STCRW and TPI require
that the second operand address must be aligned on a word boundary.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
---
 target-s390x/ioinst.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/target-s390x/ioinst.c b/target-s390x/ioinst.c
index 28c508d..91cc41b 100644
--- a/target-s390x/ioinst.c
+++ b/target-s390x/ioinst.c
@@ -157,6 +157,10 @@ int ioinst_handle_msch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
     }
     trace_ioinst_sch_id("msch", cssid, ssid, schid);
     addr = decode_basedisp_s(env, ipb);
+    if (addr & 3) {
+        program_interrupt(env, PGM_SPECIFICATION, 2);
+        return -EIO;
+    }
     schib = s390_cpu_physical_memory_map(env, addr, &len, 0);
     if (!schib || len != sizeof(*schib)) {
         program_interrupt(env, PGM_SPECIFICATION, 2);
@@ -228,6 +232,10 @@ int ioinst_handle_ssch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
     }
     trace_ioinst_sch_id("ssch", cssid, ssid, schid);
     addr = decode_basedisp_s(env, ipb);
+    if (addr & 3) {
+        program_interrupt(env, PGM_SPECIFICATION, 2);
+        return -EIO;
+    }
     orig_orb = s390_cpu_physical_memory_map(env, addr, &len, 0);
     if (!orig_orb || len != sizeof(*orig_orb)) {
         program_interrupt(env, PGM_SPECIFICATION, 2);
@@ -272,6 +280,10 @@ int ioinst_handle_stcrw(CPUS390XState *env, uint32_t ipb)
     hwaddr len = sizeof(*crw);
 
     addr = decode_basedisp_s(env, ipb);
+    if (addr & 3) {
+        program_interrupt(env, PGM_SPECIFICATION, 2);
+        return -EIO;
+    }
     crw = s390_cpu_physical_memory_map(env, addr, &len, 1);
     if (!crw || len != sizeof(*crw)) {
         program_interrupt(env, PGM_SPECIFICATION, 2);
@@ -300,6 +312,10 @@ int ioinst_handle_stsch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
     }
     trace_ioinst_sch_id("stsch", cssid, ssid, schid);
     addr = decode_basedisp_s(env, ipb);
+    if (addr & 3) {
+        program_interrupt(env, PGM_SPECIFICATION, 2);
+        return -EIO;
+    }
     schib = s390_cpu_physical_memory_map(env, addr, &len, 1);
     if (!schib || len != sizeof(*schib)) {
         program_interrupt(env, PGM_SPECIFICATION, 2);
@@ -345,6 +361,10 @@ int ioinst_handle_tsch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
     }
     trace_ioinst_sch_id("tsch", cssid, ssid, schid);
     addr = decode_basedisp_s(env, ipb);
+    if (addr & 3) {
+        program_interrupt(env, PGM_SPECIFICATION, 2);
+        return -EIO;
+    }
     irb = s390_cpu_physical_memory_map(env, addr, &len, 1);
     if (!irb || len != sizeof(*irb)) {
         program_interrupt(env, PGM_SPECIFICATION, 2);
@@ -625,6 +645,11 @@ int ioinst_handle_tpi(CPUS390XState *env, uint32_t ipb)
 
     trace_ioinst("tpi");
     addr = decode_basedisp_s(env, ipb);
+    if (addr & 3) {
+        program_interrupt(env, PGM_SPECIFICATION, 2);
+        return -EIO;
+    }
+
     lowcore = addr ? 0 : 1;
     len = lowcore ? 8 /* two words */ : 12 /* three words */;
     orig_len = len;
-- 
1.8.3.1

[Qemu-devel] [PATCH 3/8] s390x/ioinst: Throw addressing exception when memory_map failed

[Christian Borntraeger]

From: Thomas Huth <thuth@linux.vnet.ibm.com>

So far, the IO instructions were throwing specification exceptions when
there was a problem with accessing the memory. However, the better way
is to throw an addressing exception instead.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
---
 target-s390x/ioinst.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/target-s390x/ioinst.c b/target-s390x/ioinst.c
index 91cc41b..0dc258f 100644
--- a/target-s390x/ioinst.c
+++ b/target-s390x/ioinst.c
@@ -163,7 +163,7 @@ int ioinst_handle_msch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
     }
     schib = s390_cpu_physical_memory_map(env, addr, &len, 0);
     if (!schib || len != sizeof(*schib)) {
-        program_interrupt(env, PGM_SPECIFICATION, 2);
+        program_interrupt(env, PGM_ADDRESSING, 2);
         cc = -EIO;
         goto out;
     }
@@ -238,7 +238,7 @@ int ioinst_handle_ssch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
     }
     orig_orb = s390_cpu_physical_memory_map(env, addr, &len, 0);
     if (!orig_orb || len != sizeof(*orig_orb)) {
-        program_interrupt(env, PGM_SPECIFICATION, 2);
+        program_interrupt(env, PGM_ADDRESSING, 2);
         cc = -EIO;
         goto out;
     }
@@ -286,7 +286,7 @@ int ioinst_handle_stcrw(CPUS390XState *env, uint32_t ipb)
     }
     crw = s390_cpu_physical_memory_map(env, addr, &len, 1);
     if (!crw || len != sizeof(*crw)) {
-        program_interrupt(env, PGM_SPECIFICATION, 2);
+        program_interrupt(env, PGM_ADDRESSING, 2);
         cc = -EIO;
         goto out;
     }
@@ -318,7 +318,7 @@ int ioinst_handle_stsch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
     }
     schib = s390_cpu_physical_memory_map(env, addr, &len, 1);
     if (!schib || len != sizeof(*schib)) {
-        program_interrupt(env, PGM_SPECIFICATION, 2);
+        program_interrupt(env, PGM_ADDRESSING, 2);
         cc = -EIO;
         goto out;
     }
@@ -367,7 +367,7 @@ int ioinst_handle_tsch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
     }
     irb = s390_cpu_physical_memory_map(env, addr, &len, 1);
     if (!irb || len != sizeof(*irb)) {
-        program_interrupt(env, PGM_SPECIFICATION, 2);
+        program_interrupt(env, PGM_ADDRESSING, 2);
         cc = -EIO;
         goto out;
     }
@@ -600,7 +600,7 @@ int ioinst_handle_chsc(CPUS390XState *env, uint32_t ipb)
     }
     req = s390_cpu_physical_memory_map(env, addr, &map_size, 1);
     if (!req || map_size != TARGET_PAGE_SIZE) {
-        program_interrupt(env, PGM_SPECIFICATION, 2);
+        program_interrupt(env, PGM_ADDRESSING, 2);
         ret = -EIO;
         goto out;
     }
@@ -655,7 +655,7 @@ int ioinst_handle_tpi(CPUS390XState *env, uint32_t ipb)
     orig_len = len;
     int_code = s390_cpu_physical_memory_map(env, addr, &len, 1);
     if (!int_code || (len != orig_len)) {
-        program_interrupt(env, PGM_SPECIFICATION, 2);
+        program_interrupt(env, PGM_ADDRESSING, 2);
         ret = -EIO;
         goto out;
     }
-- 
1.8.3.1

[Qemu-devel] [PATCH 4/8] s390x/ioinst: Fixed alignment check in SCHM instruction

[Christian Borntraeger]

From: Thomas Huth <thuth@linux.vnet.ibm.com>

Register 2 only has to be aligned to a 32-byte boundary, not a
full page boundary.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
---
 target-s390x/ioinst.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/target-s390x/ioinst.c b/target-s390x/ioinst.c
index 0dc258f..098bd8d 100644
--- a/target-s390x/ioinst.c
+++ b/target-s390x/ioinst.c
@@ -688,7 +688,7 @@ int ioinst_handle_schm(CPUS390XState *env, uint64_t reg1, uint64_t reg2,
     update = SCHM_REG1_UPD(reg1);
     dct = SCHM_REG1_DCT(reg1);
 
-    if (update && (reg2 & 0x0000000000000fff)) {
+    if (update && (reg2 & 0x000000000000001f)) {
         program_interrupt(env, PGM_OPERAND, 2);
         return -EIO;
     }
-- 
1.8.3.1

[Qemu-devel] [PATCH 5/8] s390x/ioinst: Fixed priority of operand exceptions

[Christian Borntraeger]

From: Thomas Huth <thuth@linux.vnet.ibm.com>

Operand exceptions have a lower priority than specification and address
exceptions. Thus the checks for operand exceptions must be done later.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
---
 target-s390x/ioinst.c | 30 +++++++++++++-----------------
 1 file changed, 13 insertions(+), 17 deletions(-)

diff --git a/target-s390x/ioinst.c b/target-s390x/ioinst.c
index 098bd8d..85fd285 100644
--- a/target-s390x/ioinst.c
+++ b/target-s390x/ioinst.c
@@ -151,11 +151,6 @@ int ioinst_handle_msch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
     int cc;
     hwaddr len = sizeof(*schib);
 
-    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
-        program_interrupt(env, PGM_OPERAND, 2);
-        return -EIO;
-    }
-    trace_ioinst_sch_id("msch", cssid, ssid, schid);
     addr = decode_basedisp_s(env, ipb);
     if (addr & 3) {
         program_interrupt(env, PGM_SPECIFICATION, 2);
@@ -167,11 +162,13 @@ int ioinst_handle_msch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
         cc = -EIO;
         goto out;
     }
-    if (!ioinst_schib_valid(schib)) {
+    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid) ||
+        !ioinst_schib_valid(schib)) {
         program_interrupt(env, PGM_OPERAND, 2);
         cc = -EIO;
         goto out;
     }
+    trace_ioinst_sch_id("msch", cssid, ssid, schid);
     sch = css_find_subch(m, cssid, ssid, schid);
     if (sch && css_subch_visible(sch)) {
         ret = css_do_msch(sch, schib);
@@ -226,11 +223,6 @@ int ioinst_handle_ssch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
     int cc;
     hwaddr len = sizeof(*orig_orb);
 
-    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
-        program_interrupt(env, PGM_OPERAND, 2);
-        return -EIO;
-    }
-    trace_ioinst_sch_id("ssch", cssid, ssid, schid);
     addr = decode_basedisp_s(env, ipb);
     if (addr & 3) {
         program_interrupt(env, PGM_SPECIFICATION, 2);
@@ -243,11 +235,13 @@ int ioinst_handle_ssch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
         goto out;
     }
     copy_orb_from_guest(&orb, orig_orb);
-    if (!ioinst_orb_valid(&orb)) {
+    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid) ||
+        !ioinst_orb_valid(&orb)) {
         program_interrupt(env, PGM_OPERAND, 2);
         cc = -EIO;
         goto out;
     }
+    trace_ioinst_sch_id("ssch", cssid, ssid, schid);
     sch = css_find_subch(m, cssid, ssid, schid);
     if (sch && css_subch_visible(sch)) {
         ret = css_do_ssch(sch, &orb);
@@ -306,11 +300,6 @@ int ioinst_handle_stsch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
     SCHIB *schib;
     hwaddr len = sizeof(*schib);
 
-    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
-        program_interrupt(env, PGM_OPERAND, 2);
-        return -EIO;
-    }
-    trace_ioinst_sch_id("stsch", cssid, ssid, schid);
     addr = decode_basedisp_s(env, ipb);
     if (addr & 3) {
         program_interrupt(env, PGM_SPECIFICATION, 2);
@@ -322,6 +311,13 @@ int ioinst_handle_stsch(CPUS390XState *env, uint64_t reg1, uint32_t ipb)
         cc = -EIO;
         goto out;
     }
+
+    if (ioinst_disassemble_sch_ident(reg1, &m, &cssid, &ssid, &schid)) {
+        program_interrupt(env, PGM_OPERAND, 2);
+        cc = -EIO;
+        goto out;
+    }
+    trace_ioinst_sch_id("stsch", cssid, ssid, schid);
     sch = css_find_subch(m, cssid, ssid, schid);
     if (sch) {
         if (css_subch_visible(sch)) {
-- 
1.8.3.1

[Qemu-devel] [PATCH 6/8] s390x/kvm: Reworked/fixed handling of cc3 in kvm_handle_css_inst()

[Christian Borntraeger]

From: Thomas Huth <thuth@linux.vnet.ibm.com>

Consolidated the setting of the condition code in kvm_handle_css_inst().
For the (unhandled) instructions EQBS and SQBS, we have to return
an operation exception instead of cc3. Also removed the is_ioinst()
function to avoid decoding the opcode twice.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
---
 target-s390x/kvm.c | 59 ++++++++++--------------------------------------------
 1 file changed, 11 insertions(+), 48 deletions(-)

diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c
index 85f0112..a7b845d 100644
--- a/target-s390x/kvm.c
+++ b/target-s390x/kvm.c
@@ -528,50 +528,19 @@ static int kvm_handle_css_inst(S390CPU *cpu, struct kvm_run *run,
         no_cc = 1;
         r = ioinst_handle_sal(env, env->regs[1]);
         break;
-    default:
-        r = -1;
+    case PRIV_SIGA:
+        /* Not provided, set CC = 3 for subchannel not operational */
+        r = 3;
         break;
+    default:
+        return -1;
     }
 
-    if (r >= 0) {
-        if (!no_cc) {
-            setcc(cpu, r);
-        }
-        r = 0;
-    } else if (r < -1) {
-        r = 0;
-    }
-    return r;
-}
-
-static int is_ioinst(uint8_t ipa0, uint8_t ipa1, uint8_t ipb)
-{
-    int ret = 0;
-    uint16_t ipa = (ipa0 << 8) | ipa1;
-
-    switch (ipa) {
-    case IPA0_B2 | PRIV_CSCH:
-    case IPA0_B2 | PRIV_HSCH:
-    case IPA0_B2 | PRIV_MSCH:
-    case IPA0_B2 | PRIV_SSCH:
-    case IPA0_B2 | PRIV_STSCH:
-    case IPA0_B2 | PRIV_TPI:
-    case IPA0_B2 | PRIV_SAL:
-    case IPA0_B2 | PRIV_RSCH:
-    case IPA0_B2 | PRIV_STCRW:
-    case IPA0_B2 | PRIV_STCPS:
-    case IPA0_B2 | PRIV_RCHP:
-    case IPA0_B2 | PRIV_SCHM:
-    case IPA0_B2 | PRIV_CHSC:
-    case IPA0_B2 | PRIV_SIGA:
-    case IPA0_B2 | PRIV_XSCH:
-    case IPA0_B9 | PRIV_EQBS:
-    case IPA0_EB | PRIV_SQBS:
-        ret = 1;
-        break;
+    if (r >= 0 && !no_cc) {
+        setcc(cpu, r);
     }
 
-    return ret;
+    return 0;
 }
 
 static int handle_priv(S390CPU *cpu, struct kvm_run *run,
@@ -587,15 +556,9 @@ static int handle_priv(S390CPU *cpu, struct kvm_run *run,
             r = kvm_sclp_service_call(cpu, run, ipbh0);
             break;
         default:
-            if (is_ioinst(ipa0, ipa1, ipb)) {
-                r = kvm_handle_css_inst(cpu, run, ipa0, ipa1, ipb);
-                if (r == -1) {
-                    setcc(cpu, 3);
-                    r = 0;
-                }
-            } else {
-                dprintf("KVM: unknown PRIV: 0x%x\n", ipa1);
-                r = -1;
+            r = kvm_handle_css_inst(cpu, run, ipa0, ipa1, ipb);
+            if (r == -1) {
+                dprintf("KVM: unhandled PRIV: 0x%x\n", ipa1);
             }
             break;
     }
-- 
1.8.3.1

[Qemu-devel] [PATCH 7/8] s390x/kvm: Remove redundant return code

[Christian Borntraeger]

From: Thomas Huth <thuth@linux.vnet.ibm.com>

Removed the redundant return code statement from handle_instruction() - it
always returned 0 and never reports any errors to its caller, since errors
from the sub-functions are already reported via program exceptions instead.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
---
 target-s390x/kvm.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c
index a7b845d..960b3cf 100644
--- a/target-s390x/kvm.c
+++ b/target-s390x/kvm.c
@@ -693,7 +693,7 @@ out:
     return 0;
 }
 
-static int handle_instruction(S390CPU *cpu, struct kvm_run *run)
+static void handle_instruction(S390CPU *cpu, struct kvm_run *run)
 {
     unsigned int ipa0 = (run->s390_sieic.ipa & 0xff00);
     uint8_t ipa1 = run->s390_sieic.ipa & 0x00ff;
@@ -718,7 +718,6 @@ static int handle_instruction(S390CPU *cpu, struct kvm_run *run)
     if (r < 0) {
         enter_pgmcheck(cpu, 0x0001);
     }
-    return 0;
 }
 
 static bool is_special_wait_psw(CPUState *cs)
@@ -738,7 +737,7 @@ static int handle_intercept(S390CPU *cpu)
             (long)cs->kvm_run->psw_addr);
     switch (icpt_code) {
         case ICPT_INSTRUCTION:
-            r = handle_instruction(cpu, run);
+            handle_instruction(cpu, run);
             break;
         case ICPT_WAITPSW:
             /* disabled wait, since enabled wait is handled in kernel */
-- 
1.8.3.1

[Qemu-devel] [PATCH 8/8] s390: Implement dump-guest-memory support for target s390x

[Christian Borntraeger]

From: Ekaterina Tumanova <tumanova@linux.vnet.ibm.com>

With this patch dump-guest-memory on s390 produces an ELF formatted,
crash-readable dump.
In order to implement this, the arch-specific part of dump-guest-memory
was added:
target-s390x/arch_dump.c contains the whole set of function for writing
Elf note sections of all types for s390x.

Signed-off-by: Ekaterina Tumanova <tumanova@linux.vnet.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
[fixed indentation, use CamelCase, rename note_t to Note, use S390CPU]
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
---
 include/elf.h              |   6 ++
 target-s390x/Makefile.objs |   2 +-
 target-s390x/arch_dump.c   | 212 +++++++++++++++++++++++++++++++++++++++++++++
 target-s390x/cpu-qom.h     |   5 ++
 target-s390x/cpu.c         |   2 +
 5 files changed, 226 insertions(+), 1 deletion(-)
 create mode 100644 target-s390x/arch_dump.c

diff --git a/include/elf.h b/include/elf.h
index cf0d3e2..58bfbf8 100644
--- a/include/elf.h
+++ b/include/elf.h
@@ -1348,11 +1348,17 @@ typedef struct elf64_shdr {
 
 /* Notes used in ET_CORE */
 #define NT_PRSTATUS	1
+#define NT_FPREGSET     2
 #define NT_PRFPREG	2
 #define NT_PRPSINFO	3
 #define NT_TASKSTRUCT	4
 #define NT_AUXV		6
 #define NT_PRXFPREG     0x46e62b7f      /* copied from gdb5.1/include/elf/common.h */
+#define NT_S390_PREFIX  0x305           /* s390 prefix register */
+#define NT_S390_CTRS    0x304           /* s390 control registers */
+#define NT_S390_TODPREG 0x303           /* s390 TOD programmable register */
+#define NT_S390_TODCMP  0x302           /* s390 TOD clock comparator register */
+#define NT_S390_TIMER   0x301           /* s390 timer register */
 
 
 /* Note header in a PT_NOTE section */
diff --git a/target-s390x/Makefile.objs b/target-s390x/Makefile.objs
index ab938e7..f873146 100644
--- a/target-s390x/Makefile.objs
+++ b/target-s390x/Makefile.objs
@@ -1,5 +1,5 @@
 obj-y += translate.o helper.o cpu.o interrupt.o
 obj-y += int_helper.o fpu_helper.o cc_helper.o mem_helper.o misc_helper.o
 obj-y += gdbstub.o
-obj-$(CONFIG_SOFTMMU) += ioinst.o
+obj-$(CONFIG_SOFTMMU) += ioinst.o arch_dump.o
 obj-$(CONFIG_KVM) += kvm.o
diff --git a/target-s390x/arch_dump.c b/target-s390x/arch_dump.c
new file mode 100644
index 0000000..f3e5144
--- /dev/null
+++ b/target-s390x/arch_dump.c
@@ -0,0 +1,212 @@
+/*
+ * writing ELF notes for s390x arch
+ *
+ *
+ * Copyright IBM Corp. 2012, 2013
+ *
+ *     Ekaterina Tumanova <tumanova@linux.vnet.ibm.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "cpu.h"
+#include "elf.h"
+#include "exec/cpu-all.h"
+#include "sysemu/dump.h"
+#include "sysemu/kvm.h"
+
+
+struct S390xUserRegsStruct {
+    uint64_t psw[2];
+    uint64_t gprs[16];
+    uint32_t acrs[16];
+} QEMU_PACKED;
+
+typedef struct S390xUserRegsStruct S390xUserRegs;
+
+struct S390xElfPrstatusStruct {
+    uint8_t pad1[32];
+    uint32_t pid;
+    uint8_t pad2[76];
+    S390xUserRegs regs;
+    uint8_t pad3[16];
+} QEMU_PACKED;
+
+typedef struct S390xElfPrstatusStruct S390xElfPrstatus;
+
+struct S390xElfFpregsetStruct {
+    uint32_t fpc;
+    uint32_t pad;
+    uint64_t fprs[16];
+} QEMU_PACKED;
+
+typedef struct S390xElfFpregsetStruct S390xElfFpregset;
+
+typedef struct noteStruct {
+    Elf64_Nhdr hdr;
+    char name[5];
+    char pad3[3];
+    union {
+        S390xElfPrstatus prstatus;
+        S390xElfFpregset fpregset;
+        uint32_t prefix;
+        uint64_t timer;
+        uint64_t todcmp;
+        uint32_t todpreg;
+        uint64_t ctrs[16];
+    } contents;
+} QEMU_PACKED Note;
+
+static void s390x_write_elf64_prstatus(Note *note, S390CPU *cpu)
+{
+    int i;
+    S390xUserRegs *regs;
+
+    note->hdr.n_type = cpu_to_be32(NT_PRSTATUS);
+
+    regs = &(note->contents.prstatus.regs);
+    regs->psw[0] = cpu_to_be64(cpu->env.psw.mask);
+    regs->psw[1] = cpu_to_be64(cpu->env.psw.addr);
+    for (i = 0; i <= 15; i++) {
+        regs->acrs[i] = cpu_to_be32(cpu->env.aregs[i]);
+        regs->gprs[i] = cpu_to_be64(cpu->env.regs[i]);
+    }
+}
+
+static void s390x_write_elf64_fpregset(Note *note, S390CPU *cpu)
+{
+    int i;
+
+    note->hdr.n_type = cpu_to_be32(NT_FPREGSET);
+    note->contents.fpregset.fpc = cpu_to_be32(cpu->env.fpc);
+    for (i = 0; i <= 15; i++) {
+        note->contents.fpregset.fprs[i] = cpu_to_be64(cpu->env.fregs[i].ll);
+    }
+}
+
+
+static void s390x_write_elf64_timer(Note *note, S390CPU *cpu)
+{
+    note->hdr.n_type = cpu_to_be32(NT_S390_TIMER);
+    note->contents.timer = cpu_to_be64((uint64_t)(cpu->env.cputm));
+}
+
+static void s390x_write_elf64_todcmp(Note *note, S390CPU *cpu)
+{
+    note->hdr.n_type = cpu_to_be32(NT_S390_TODCMP);
+    note->contents.todcmp = cpu_to_be64((uint64_t)(cpu->env.ckc));
+}
+
+static void s390x_write_elf64_todpreg(Note *note, S390CPU *cpu)
+{
+    note->hdr.n_type = cpu_to_be32(NT_S390_TODPREG);
+    note->contents.todpreg = cpu_to_be32((uint32_t)(cpu->env.todpr));
+}
+
+static void s390x_write_elf64_ctrs(Note *note, S390CPU *cpu)
+{
+    int i;
+
+    note->hdr.n_type = cpu_to_be32(NT_S390_CTRS);
+
+    for (i = 0; i <= 15; i++) {
+        note->contents.ctrs[i] = cpu_to_be64(cpu->env.cregs[i]);
+    }
+}
+
+static void s390x_write_elf64_prefix(Note *note, S390CPU *cpu)
+{
+    note->hdr.n_type = cpu_to_be32(NT_S390_PREFIX);
+    note->contents.prefix = cpu_to_be32((uint32_t)(cpu->env.psa));
+}
+
+
+struct NoteFuncDescStruct {
+    int contents_size;
+    void (*note_contents_func)(Note *note, S390CPU *cpu);
+} note_func[] = {
+    {sizeof(((Note *)0)->contents.prstatus), s390x_write_elf64_prstatus},
+    {sizeof(((Note *)0)->contents.prefix),   s390x_write_elf64_prefix},
+    {sizeof(((Note *)0)->contents.fpregset), s390x_write_elf64_fpregset},
+    {sizeof(((Note *)0)->contents.ctrs),     s390x_write_elf64_ctrs},
+    {sizeof(((Note *)0)->contents.timer),    s390x_write_elf64_timer},
+    {sizeof(((Note *)0)->contents.todcmp),   s390x_write_elf64_todcmp},
+    {sizeof(((Note *)0)->contents.todpreg),  s390x_write_elf64_todpreg},
+    { 0, NULL}
+};
+
+typedef struct NoteFuncDescStruct NoteFuncDesc;
+
+
+static int s390x_write_all_elf64_notes(const char *note_name,
+                                       WriteCoreDumpFunction f,
+                                       S390CPU *cpu, int id,
+                                       void *opaque)
+{
+    Note note;
+    NoteFuncDesc *nf;
+    int note_size;
+    int ret = -1;
+
+    for (nf = note_func; nf->note_contents_func; nf++) {
+        note.hdr.n_namesz = cpu_to_be32(sizeof(note.name));
+        note.hdr.n_descsz = cpu_to_be32(nf->contents_size);
+        strncpy(note.name, note_name, sizeof(note.name));
+        (*nf->note_contents_func)(&note, cpu);
+
+        note_size = sizeof(note) - sizeof(note.contents) + nf->contents_size;
+        ret = f(&note, note_size, opaque);
+
+        if (ret < 0) {
+            return -1;
+        }
+
+    }
+
+    return 0;
+}
+
+
+int s390_cpu_write_elf64_note(WriteCoreDumpFunction f, CPUState *cs,
+                              int cpuid, void *opaque)
+{
+    S390CPU *cpu = S390_CPU(cs);
+    return s390x_write_all_elf64_notes("CORE", f, cpu, cpuid, opaque);
+}
+
+int cpu_get_dump_info(ArchDumpInfo *info)
+{
+    info->d_machine = EM_S390;
+    info->d_endian = ELFDATA2MSB;
+    info->d_class = ELFCLASS64;
+
+    return 0;
+}
+
+ssize_t cpu_get_note_size(int class, int machine, int nr_cpus)
+{
+    int name_size = 8; /* "CORE" or "QEMU" rounded */
+    size_t elf_note_size = 0;
+    int note_head_size;
+    NoteFuncDesc *nf;
+
+    assert(class == ELFCLASS64);
+    assert(machine == EM_S390);
+
+    note_head_size = sizeof(Elf64_Nhdr);
+
+    for (nf = note_func; nf->note_contents_func; nf++) {
+        elf_note_size = elf_note_size + note_head_size + name_size +
+                        nf->contents_size;
+    }
+
+    return (elf_note_size) * nr_cpus;
+}
+
+int s390_cpu_write_elf64_qemunote(WriteCoreDumpFunction f,
+                                  CPUState *cpu, void *opaque)
+{
+    return 0;
+}
diff --git a/target-s390x/cpu-qom.h b/target-s390x/cpu-qom.h
index 0d63b1c..cbe2341 100644
--- a/target-s390x/cpu-qom.h
+++ b/target-s390x/cpu-qom.h
@@ -74,6 +74,11 @@ static inline S390CPU *s390_env_get_cpu(CPUS390XState *env)
 void s390_cpu_do_interrupt(CPUState *cpu);
 void s390_cpu_dump_state(CPUState *cpu, FILE *f, fprintf_function cpu_fprintf,
                          int flags);
+int s390_cpu_write_elf64_note(WriteCoreDumpFunction f, CPUState *cs,
+                              int cpuid, void *opaque);
+
+int s390_cpu_write_elf64_qemunote(WriteCoreDumpFunction f,
+                                  CPUState *cpu, void *opaque);
 hwaddr s390_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr);
 int s390_cpu_gdb_read_register(CPUState *cpu, uint8_t *buf, int reg);
 int s390_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
diff --git a/target-s390x/cpu.c b/target-s390x/cpu.c
index 1d16da3..a414750 100644
--- a/target-s390x/cpu.c
+++ b/target-s390x/cpu.c
@@ -177,6 +177,8 @@ static void s390_cpu_class_init(ObjectClass *oc, void *data)
     cc->gdb_write_register = s390_cpu_gdb_write_register;
 #ifndef CONFIG_USER_ONLY
     cc->get_phys_page_debug = s390_cpu_get_phys_page_debug;
+    cc->write_elf64_note = s390_cpu_write_elf64_note;
+    cc->write_elf64_qemunote = s390_cpu_write_elf64_qemunote;
 #endif
     dc->vmsd = &vmstate_s390_cpu;
     cc->gdb_num_core_regs = S390_NUM_REGS;
-- 
1.8.3.1