Commit Graph

7241 Commits

Author SHA1 Message Date
Gerd Hoffmann
0cd178ca2c uhci: renumber uhci_handle_td return codes
Step #2 (separate for better bisectability): renumber so the silly '-1'
goes away.  Pick a range which doesn't overlap the old values.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-13 10:15:32 +01:00
Gerd Hoffmann
60e1b2a6dd uhci: use enum for uhci_handle_td return codes
Step #1 (separate for better bisectability): replace numbers with names.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-13 10:15:32 +01:00
Gerd Hoffmann
50dcc0f85d uhci: tracing support
Zap DPRINTF, add tracepoints instead.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-13 10:15:32 +01:00
Gerd Hoffmann
d9a528db7f uhci: cancel on schedule stop.
Cancel any in-flight transaction when the guest stops the uhci schedule.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-13 10:15:32 +01:00
Gerd Hoffmann
60f8afcb5d uhci: fix uhci_async_cancel_all
It should also free all queues.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-13 10:15:32 +01:00
Gerd Hoffmann
16ce543ed1 uhci: pass addr to uhci_async_alloc
Also do async->td initialization in uhci_async_alloc now.
Prepares for adding tracepoints.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-13 10:15:32 +01:00
Gerd Hoffmann
5ac2731cf8 usb: improve packet state sanity checks
Add a new function to check whenever the packet state is as expected,
log more informations in case it isn't.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-13 10:15:32 +01:00
Wei Yang
86e18cae20 usb-ohci: DMA writeback bug fixes
This patch fixes two bugs in the OHCI device where the device writes
back data to system memory that should be exclusively under the
control of the guest side driver.

In OHCI specification Section 5.2.7, it mentioned "In all cases, Host
Controller Driver is responsible for the insertion and removal of all
Endpoint Descriptors in the various Host Controller Endpoint
Descriptor lists".  In the ohci_frame_boundary(), ohci_put_hcca()
writes the entire hcca back including the interrupt ED lists which
should be under driver control. This violates the specification and
can race with a host driver updating that list at the same time.

In the OHCI Spec Section 4.6, Transfer Descriptor Queue Processing, it
mentioned "Since the TD pointed to by TailP is not accessed by the HC,
the Host Controller Driver can initialize that TD and link at least
one other to it without creating a coherency or synchronization
problem".  While the function ohci_put_ed() writes the entire endpoint
descriptor back including the TailP which should under driver
control. This violate the specification and can race with a host
driver updating the TD list at the same time.

In each case the solution is to make sure we don't write data which is
under driver control.

Cc: Gerd Hoffman <kraxel@redhat.com>

Signed-off-by: Wei Yang <weiyang@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-13 10:15:32 +01:00
Hans de Goede
fcb70eca3f usb-ehci: drop unused isoch_pause variable
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-13 10:15:32 +01:00
Gerd Hoffmann
afb9a60ecb usb: zap hw/ush-{ohic,uhci}.h + init wrappers
Remove the uhci and ohci init wrappers, which all wrapped a
pci_create_simple() one-liner.  Switch callsites to call
pci_create_simple directly.  Remove the header files where
the wrappers where declared.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-13 10:15:32 +01:00
Gerd Hoffmann
f1ae32a1ec usb: the big rename
Reorganize usb source files.  Create a new hw/usb/ directory and move
all usb source code to that place.  Also make filenames a bit more
descriptive.  Host adapters are prefixed with "hch-" now, usb device
emulations are prefixed with "dev-".  Fixup paths Makefile and include
paths to make it compile.  No code changes.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-13 10:15:32 +01:00
Anthony Liguori
cbedde0969 Merge remote-tracking branch 'stefanha/tracing' into staging
* stefanha/tracing:
  vga: add trace event for ppm_save
  console: add some trace events
  maintainers: Add docs/tracing.txt to Tracing
  docs: correct ./configure line in tracing.txt
  trace: make trace_thread_create() use its function arg
  tracetool: Omit useless QEMU_*_ENABLED() check
  trace: Provide a per-event status define for conditional compilation
2012-03-12 20:49:13 -05:00
Paolo Bonzini
66d341e54f qdev: accept empty string properties
These were stored as NULL due to wrong cut-and-paste from set_pointer.

Reported-by: Gerhard Wiesinger <lists@wiesinger.com>
Tested-by: Gerhard Wiesinger <lists@wiesinger.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-12 14:05:25 -05:00
Alon Levy
727500181a vga: add trace event for ppm_save
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-03-12 10:30:27 +00:00
Stefan Weil
a348f10884 Add missing const attributes for MemoryRegionOps
Most MemoryRegionOps already had the const attribute.
This patch adds it to the remaining ones.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-11 11:40:15 +00:00
Anthony Liguori
dac6b1b22c Merge remote-tracking branch 'stefanha/trivial-patches' into staging
* stefanha/trivial-patches:
  configure: Quote the configure args printed in config.log
  osdep: Remove local definition of macro offsetof
  libcacard: Spelling and grammar fixes in documentation
  Spelling fixes in comments (it's -> its)
  vnc: Add break statement
  libcacard: Use format specifier %u instead of %d for unsigned values
  Fix sign of sscanf format specifiers
  block/vmdk: Fix warning from splint (comparision of unsigned value)
  qmp: Fix spelling fourty -> forty
  qom: Fix spelling in documentation
  sh7750: Remove redundant 'struct' from MemoryRegionOps
2012-03-09 12:30:20 -06:00
Anthony Liguori
bf75fec175 Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
* qemu-kvm/uq/master:
  kvm: fill in padding to help valgrind
  kvm: x86: Add user space part for in-kernel i8254
  kvm: Add kvm_has_pit_state2 helper
  i8254: Open-code timer restore
  i8254: Factor out base class for KVM reuse
2012-03-09 12:29:55 -06:00
Anthony Liguori
9f1d43b133 Merge remote-tracking branch 'kraxel/usb.42' into staging
* kraxel/usb.42:
  xhci: fix port status
  xhci: fix control xfers
  usb: add shortcut for control transfers
  usb-host: enable pipelineing for bulk endpoints.
  usb: add pipelining option to usb endpoints
  usb: queue can have async packets
  uhci_fill_queue: zap debug printf
  usb: add USB_RET_IOERROR
  usb: return BABBLE rather then NAK when we receive too much data
  usb-ehci: Cleanup itd error handling
  usb-ehci: Fix and simplify nakcnt handling
  usb-ehci: Remove dead nakcnt code
  usb-ehci: Fix cerr tracking
  usb-ehci: Any packet completion except for NAK should set the interrupt
  usb-ehci: Rip the queues when the async or period schedule is halted
  usb-ehci: Drop cached qhs when the doorbell gets rung
  usb-ehci: always call ehci_queues_rip_unused for period queues
  usb-ehci: split our qh queue into async and periodic queues
  usb-ehci: Never follow table entries with the T-bit set
  usb-redir: Set ep type and interface
2012-03-09 12:29:40 -06:00
Anthony Liguori
0d10f62708 xilinx_zynq: fix the build
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-09 07:02:50 -06:00
Stefan Weil
93148aa5c3 Spelling fixes in comments (it's -> its)
* it's -> its (fixed for all files)
* dont -> don't (only fixed in a line which was touched by the previous fix)
* distrub -> disturb (fixed in the same line)

Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-03-08 15:22:11 +00:00
Stefan Weil
12f30833b9 sh7750: Remove redundant 'struct' from MemoryRegionOps
The 'struct' is not needed, and all other MemoryRegionOps don't use it.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-03-07 13:03:50 +00:00
Gerd Hoffmann
cf21a4aef7 xhci: fix port status
Don't signal port status change if the usb device isn't in attached
state.  Happens with usb-host devices with the pass-through device
being plugged out at the host.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:05 +01:00
Gerd Hoffmann
2850ca9ed1 xhci: fix control xfers
Use the new, direct control transfer submission method instead of
bypassing the usb core by calling usb_device_handle_control directly.
The later fails for async control transfers.

This patch gets xhci + usb-host combo going.
2012-03-07 12:28:05 +01:00
Gerd Hoffmann
1b4b29a114 usb: add shortcut for control transfers
Add a more direct code path to submit control transfers.  Instead of
feeding three usb packets (setup, data, ack) to usb_handle_packet and
have the do_token_* functions in usb.c poke the control transfer
parameters out of it just submit a single packet carrying the actual
data with the control xfer parameters filled into USBPacket->parameters.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:05 +01:00
Gerd Hoffmann
7936e0f0d2 usb: add pipelining option to usb endpoints
With this patch applied USB drivers can enable pipelining per endpoint.
With pipelining enabled the usb core will continue submitting packets
even when there are still async transfers in flight instead of passing
them on one by one.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:05 +01:00
Gerd Hoffmann
eb9d4673e3 usb: queue can have async packets
This can happen today in case the ->complete() callback queues up the
next packet.  Also we'll support pipelining soon, which allows to have
multiple packets per queue in flight (aka ASYNC) state.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:05 +01:00
Gerd Hoffmann
7c308b7e38 uhci_fill_queue: zap debug printf 2012-03-07 12:28:04 +01:00
Hans de Goede
d61000a8b1 usb: add USB_RET_IOERROR
We already have USB_RET_NAK, but that means that a device does not want
to send/receive right now. But with host / network redirection we can
actually have a transaction fail due to some io error, rather then ie
the device just not having any data atm.

This patch adds a new error code named USB_RET_IOERROR for this, and uses
it were appropriate.

Notes:
-Currently all usb-controllers handle this the same as NODEV, but that
 may change in the future, OHCI could indicate a CRC error instead for example.
-This patch does not touch hw/usb-musb.c, that is because the code in there
 handles STALL and NAK specially and has a if status < 0 generic catch all
 for all other errors

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:04 +01:00
Hans de Goede
5eafd438c9 usb-ehci: Cleanup itd error handling
All error statuses except for NAK are handled in a switch case, move the
handling of NAK into the same switch case.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:04 +01:00
Hans de Goede
553a6a59f6 usb-ehci: Fix and simplify nakcnt handling
The nakcnt code in ehci_execute_complete() marked transactions as finished
when a packet completed with a result of USB_RET_NAK, but USB_RET_NAK
means that the device cannot receive / send data at that time and that
the transaction should be retried later, which is also what the usb-uhci
and usb-ohci code does.

Note that there already was some special code in place to handle this
for interrupt endpoints in the form of doing a return from
ehci_execute_complete() when reload == 0, but that for bulk transactions
this was not handled correctly (where as for example the usb-ccid device does
return USB_RET_NAK for bulk packets).

Besides that the code in ehci_execute_complete() decrement nakcnt by 1
on a packet result of USB_RET_NAK, but
-since the transaction got marked as finished,
 nakcnt would never be decremented again
-there is no code checking for nakcnt becoming 0
-there is no use in re-trying the transaction within the same usb frame /
 usb-ehci frame-timer call, since the status of emulated devices won't change
 as long as the usb-ehci frame-timer is running
So we should simply set the nakcnt to 0 when we get a USB_RET_NAK, thus
claiming that we've tried reload times (or as many times as possible if
reload is 0).

Besides the code in ehci_execute_complete() handling USB_RET_NAK there
was also code handling it in ehci_state_executing(), which calls
ehci_execute_complete(), and then does its own handling on top of the handling
in ehci_execute_complete(), this code would decrement nakcnt *again* (if not
already 0), or restore the reload value (which was never changed) on success.

Since the double decrement was wrong to begin with, and is no longer needed
now that we set nakcnt directly to 0 on USB_RET_NAK, and the restore of reload
is not needed either, this patch simply removes all nakcnt handling from
ehci_state_executing().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:04 +01:00
Hans de Goede
aa73fcdcc1 usb-ehci: Remove dead nakcnt code
This patch removes 2 bits of dead nakcnt code:

1) usb_ehci_execute calls ehci_qh_do_overlay which does:
nakcnt = reload;
and then has a block of code which is conditional on:
if (reload && !nakcnt) {
which ofcourse is never true now as nakcnt == reload.

2) ehci_state_fetchqh does:
nakcnt = reload;
but before nakcnt is ever used ehci_state_fetchqh is always followed
by a ehci_qh_do_overlay call which also does:
nakcnt = reload;
So doing this from ehci_state_fetchqh is redundant.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:04 +01:00
Hans de Goede
dd54cfe0bc usb-ehci: Fix cerr tracking
cerr should only be decremented on errors which cause XactErr to be set, and
when that happens the failing transaction should be retried until cerr reaches
0 and only then should USBSTS_ERRINT be set (and inactive cleared and
USBSTS_INT set if requested).

Since we don't have any hardware level errors (and in case of redirection
the real hardware has already retried), re-trying makes no sense, so
immediately set cerr to 0 on errors which set XactErr.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:03 +01:00
Hans de Goede
2763cbc751 usb-ehci: Any packet completion except for NAK should set the interrupt
As clearly stated in the 2.3.2 of the EHCI spec, any time USBERRINT get
sets then if the td has its IOC bit set USBINT should be set as well.

This means that for any status except for USB_RET_NAK we should set
USBINT if the IOC bit is set.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:03 +01:00
Hans de Goede
e850c2b453 usb-ehci: Rip the queues when the async or period schedule is halted
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:03 +01:00
Hans de Goede
4be23939ab usb-ehci: Drop cached qhs when the doorbell gets rung
The purpose of the IAAD bit / the doorbell is to make the ehci controller
forget about cached qhs, this is mainly used when cancelling transactions,
the qh is unlinked from the async schedule and then the doorbell gets rung,
once the doorbell is acked by the controller the hcd knows that the qh is
no longer in use and that it can do something else with the memory, such
as re-use it for a new qh! But we keep our struct representing this qh around
for circa 250 ms. This allows for a (mightily large) race window where the
following could happen:
-hcd submits a qh at address 0xdeadbeef
-our ehci code sees the qh, sends a request to a usb-device, gets a result
 of USB_RET_ASYNC, sets the async_state of the qh to EHCI_ASYNC_INFLIGHT
-hcd unlinks the qh at address 0xdeadbeef
-hcd rings the doorbell, wait for us to ack it
-hcd re-uses the qh at address 0xdeadbeef
-our ehci code sees the qh, looks in the async_queue, sees there already is
 a qh at address 0xdeadbeef there with async_state of EHCI_ASYNC_INFLIGHT,
 does nothing
-the *original* (which the hcd thinks it has cancelled) transaction finishes
-our ehci code sees the qh on yet another pass through the async list,
 looks in the async_queue, sees there already is a qh at address 0xdeadbeef
 there with async_state of EHCI_ASYNC_COMPLETED, and finished the transaction
 with the results of the *original* transaction.

Not good (tm), this patch fixes this race by removing all qhs which have not
been seen during the last cycle through the async list immidiately when the
doorbell is rung.

Note this patch does not fix any actually observed problem, but upon
reading of the EHCI spec it became apparent to me that the above race could
happen and the usb-ehci behavior from before this patch is not good.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:03 +01:00
Hans de Goede
7bce354e14 usb-ehci: always call ehci_queues_rip_unused for period queues
Before this patch USB 2 devices with interrupt endpoints were not working
properly. The problem is that to avoid loops we stop processing as soon
as we encounter a queue-head (qh) we've already seen since qhs can be linked
in a circular fashion, this is tracked by the seen flag in our qh struct.

The resetting of the seen flag is done from ehci_queues_rip_unused which
before this patch was only called when executing the statemachine for the
async schedule.

But packets for interrupt endpoints are part of the periodic schedule! So what
would happen is that when there were no ctrl or bulk packets for a USB 2
device with an interrupt endpoint, the async schedule would become non
active, then ehci_queues_rip_unused would no longer get called and when
processing the qhs for the interrupt endpoints from the periodic schedule
their seen bit would still be 1 and they would be skipped.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:03 +01:00
Hans de Goede
df5d5c5c9e usb-ehci: split our qh queue into async and periodic queues
qhs can be part of both the async and the periodic schedule, as is shown
in later patches in this series it is useful to keep track of the qhs on
a per schedule basis.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:03 +01:00
Hans de Goede
2a5ff735dc usb-ehci: Never follow table entries with the T-bit set
Before this patch the T-bit was not checked in 2 places, while it should be.

Once we properly check the T-bit everywhere we no longer need the weird
entry < 0x1000 and entry > 0x1000 checks, so this patch removes them.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-07 12:28:02 +01:00
Jan Kiszka
5d17c0d2df kvm: x86: Add user space part for in-kernel i8254
This provides the required user space stubs to enable the in-kernel
i8254 emulation of KVM.

The in-kernel model supports lost tick compensation according to the
"delay" policy. This is enabled by default and can be switched off via a
device property.

Depending on the feature set of the host kernel (before 2.6.32), we may
have to disable the HPET or lack sound output from the PC speaker.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2012-03-07 12:27:43 +02:00
Jan Kiszka
3fbc1c0c13 i8254: Open-code timer restore
Same as for the APIC: To enable migration between accelerated and
non-accelerated models, we need to arm the channel 0 timer only inside
the emulated PIT model. The common code just saves/restores that timer
to the the next_transition_time field.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2012-03-07 12:27:41 +02:00
Jan Kiszka
d11e859e4a i8254: Factor out base class for KVM reuse
Applying the concept used for the *PICs once again: establish a base
class for the i8254 that can be used both by the current user space
emulation and the upcoming KVM in-kernel version. We share most of the
public interface of the i8254, specifically to the pcspk, vmstate, reset
and certain init parts.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2012-03-07 12:27:40 +02:00
Peter A. G. Crosthwaite
e32605062c xilinx_zynq: machine model initial version
Xilinx zynq-7000 machine model. Also includes device model for the zynq-specific
system level control register (SLCR) module.

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-03-07 02:20:19 +01:00
Peter A. G. Crosthwaite
e9f186e514 cadence_gem: initial version of device model
Device model for cadence gem ethernet controller.

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
Signed-off-by: John Linn <john.linn@xilinx.com>
Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-03-07 02:20:19 +01:00
Peter A. G. Crosthwaite
f3a6cc0712 cadence_ttc: initial version of device model
Implemented cadence Triple Timer Counter (TCC)

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
Signed-off-by: John Linn <john.linn@xilinx.com>
Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-03-07 02:20:19 +01:00
Peter A. G. Crosthwaite
35548b06cf cadence_uart: initial version of device model
Implemented cadence UART serial controller

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
Signed-off-by: John Linn <john.linn@xilinx.com>
Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-03-07 02:20:19 +01:00
Peter A. G. Crosthwaite
da71ebd145 microblaze_boot: enabled -dtb argument
Use the -dtb argument for passing is a custom dtb rather than the old
hardcoded "mb.dtb"

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-03-05 23:00:15 +01:00
Peter A. G. Crosthwaite
cba1fd3655 petalogix_s2adsp1800: macro'd magic numbers
defined macros for the addresses of the peripherals in machine model

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-03-05 23:00:15 +01:00
Peter A. G. Crosthwaite
1f28fac87e petalogix_s2adsp1800: moved rst logic to rst fn
This belongs in the machine specific reset function

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-03-05 23:00:14 +01:00
Peter A. G. Crosthwaite
d94e743476 microblaze: factored out common boot code
factored out the copy-pasted common boot code from the two microblaze platforms
into a dedicated microblaze bootloader (microblaze_boot.o).

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-03-05 23:00:14 +01:00
Christian Borntraeger
1edb493490 s390: Rework kernel loading: supports elf and newer kernels
This reworks the image loading on s390.

Newer kernels will not always have a 0dd0 (basr 13,0) at address 0x10000.
We must not rely on specific code at certain  addresses. This check was
introduced to warn users that tried to load vmlinux, since ELF loading
was not supported. Lets wire that up. If elf loading fails, we assume
that this is a standard kernel image and load that via load_image_targphys.
This patch also changes all other users of load_image to
load_image_targphys to be consistent. (the elf loader registers the kernel
as rom).

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-03-05 19:51:18 +01:00
Blue Swirl
d9bafcd1db Merge branch 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm
* 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm:
  hw/arm11mpcore: Fix broken realview_mpcore/arm11mpcore_priv properties
  arm: add device tree support
  arm: make sure that number of irqs can be represented in GICD_TYPER.
  arm: clean up GIC constants
2012-03-03 17:53:56 +00:00
Peter Maydell
0f58a1882b hw/arm11mpcore: Fix broken realview_mpcore/arm11mpcore_priv properties
Fix confusion in the Property arrays for the "arm11mpcore_priv"
(per-CPU devices for the ARM11MPcore CPU) and "realview_mpcore"
(realview-eb board specific device encapsulating CPU and some
extra interrupt controllers) -- the num-irq property was defined
on the wrong device and the mpcore_rirq_properties were defined
as offsets in the wrong structure. The effect was that the
realview-eb-mpcore machine would abort on startup trying to
allocate an insane amount of memory. (This bug was introduced in
the QOM conversion in commit 999e12bb.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-02 11:56:39 +00:00
Grant Likely
412beee6a0 arm: add device tree support
If compiled with CONFIG_FDT, allow user to specify a device tree file using
the -dtb argument.  If the machine supports it then the dtb will be loaded
into memory and passed to the kernel on boot.

Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
[Peter Maydell: Use machine opt rather than global to pass dtb filename]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-02 11:56:38 +00:00
Rusty Russell
41c1e2f54e arm: make sure that number of irqs can be represented in GICD_TYPER.
We currently assume that the number of interrupts (ITLinesNumber in
the architecture reference manual) is divisible by 32, since we
present it to the guest when it reads GICD_TYPER (in gic_dist_readb())
as (N / 32) - 1.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-02 11:56:38 +00:00
Rusty Russell
6925380062 arm: clean up GIC constants
Interrupts numbers 0-31 are private to the processor interface, 32-1019 are
general interrupts.  Add GIC_INTERNAL and substitute everywhere.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
[Peter Maydell: converted some tabs to spaces]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-03-02 11:56:38 +00:00
Anthony Liguori
14655e482b Merge remote-tracking branch 'qemu-kvm/memory/core' into staging
* qemu-kvm/memory/core: (30 commits)
  memory: allow phys_map tree paths to terminate early
  memory: unify PhysPageEntry::node and ::leaf
  memory: change phys_page_set() to set multiple pages
  memory: switch phys_page_set() to a recursive implementation
  memory: replace phys_page_find_alloc() with phys_page_set()
  memory: simplify multipage/subpage registration
  memory: give phys_page_find() its own tree search loop
  memory: make phys_page_find() return a MemoryRegionSection
  memory: move tlb flush to MemoryListener commit callback
  memory: unify the two branches of cpu_register_physical_memory_log()
  memory: fix RAM subpages in newly initialized pages
  memory: compress phys_map node pointers to 16 bits
  memory: store MemoryRegionSection pointers in phys_map
  memory: unify phys_map last level with intermediate levels
  memory: remove first level of l1_phys_map
  memory: change memory registration to rebuild the memory map on each change
  memory: support stateless memory listeners
  memory: split memory listener for the two address spaces
  xen: ignore I/O memory regions
  memory: allow MemoryListeners to observe a specific address space
  ...
2012-03-01 15:26:25 -06:00
Anthony Liguori
5918ff68ff Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
* qemu-kvm/uq/master:
  pc-bios: update kvmvapic.bin
  kvmvapic: Use optionrom helpers
  optionsrom: Reserve space for checksum
  kvmvapic: Simplify mp/up_set_tpr
  kvmvapic: Introduce TPR access optimization for Windows guests
  kvmvapic: Add option ROM
  target-i386: Add infrastructure for reporting TPR MMIO accesses
  Allow to use pause_all_vcpus from VCPU context
  Process pending work while waiting for initial kick-off in TCG mode
  Remove useless casts from cpu iterators
  kvm: Set cpu_single_env only once
  kvm: Synchronize cpu state in kvm_arch_stop_on_emulation_error()
2012-03-01 15:26:01 -06:00
Anthony Liguori
7c51c1aa03 Merge remote-tracking branch 'kwolf/for-anthony' into staging
* kwolf/for-anthony: (27 commits)
  qemu-img: fix segment fault when the image format is qed
  qemu-io: fix segment fault when the image format is qed
  qemu-tool: revert cpu_get_clock() abort(3)
  qemu-iotests: Test rebase with short backing file
  qemu-iotests: 026: Reduce output changes for cache=none qcow2
  qemu-iotests: Filter out DOS line endings
  test: add image streaming tests
  qemu-iotests: add iotests Python module
  qemu-iotests: export TEST_DIR for non-bash tests
  QMP: Add qmp command for blockdev-group-snapshot-sync
  qapi: Introduce blockdev-group-snapshot-sync command
  qcow2: Reject too large header extensions
  qcow2: Fix offset in qcow2_read_extensions
  block: drop aio_multiwrite in BlockDriver
  block: remove unused fields in BlockDriverState
  qcow2: Fix build with DEBUG_EXT enabled
  ide: fail I/O to empty disk
  fdc: DIR (Digital Input Register) should return status of current drive...
  fdc: fix seek command, which shouldn't check tracks
  fdc: check if media rate is correct before doing any transfer
  ...
2012-02-29 12:57:28 -06:00
Anthony Liguori
f06d0f0755 Merge remote-tracking branch 'spice/spice.v49' into staging
* spice/spice.v49:
  qxl: properly handle upright and non-shared surfaces
  Error out when tls-channel option is used without TLS
  spice: use error_report to report errors
  qxl: add optinal 64bit vram bar
  qxl: make qxl_render_update async
  qxl: introduce QXLCookie
  qxl: remove flipped
  qxl: require spice >= 0.8.2
  qxl: drop qxl_spice_update_area_async definition
  sdl: remove NULL check, g_malloc0 can't fail
  qxl: fix spice+sdl no cursor regression
2012-02-29 12:54:08 -06:00
Anthony Liguori
5ca2358ac8 Merge remote-tracking branch 'kraxel/usb.39' into staging
* kraxel/usb.39: (21 commits)
  usb: Resolve warnings about unassigned bus on usb device creation
  usb-redir: Return USB_RET_NAK when we've no data for an interrupt endpoint
  usb-redir: Limit return values returned by iso packets
  usb-redir: Let the usb-host know about our device filtering
  usb-redir: Always clear device state on filter reject
  usb-redir: Fix printing of device version
  ehci: drop old stuff
  usb-ehci: Handle ISO packets failing with an error other then NAK
  libcacard: fix reported ATR length
  usb-ccid: advertise SELF_POWERED
  libcacard: link with glib for g_strndup
  usb-desc: fix user trigerrable segfaults (!config)
  usb-ehci: sanity-check iso xfers
  usb: add tracepoint for usb packet state changes.
  usb-xhci: enable packet queuing
  usb-uhci: implement packet queuing
  usb-uhci: process uhci_handle_td return code via switch.
  usb-uhci: add UHCIQueue
  usb-uhci: cleanup UHCIAsync allocation & initialization.
  usb-ehci: fix reset
  ...
2012-02-29 09:11:00 -06:00
Paolo Bonzini
d53cdb307a ide: fail I/O to empty disk
Requesting a read or a write operation on an empty disk can lead
to QEMU dumping core.

Also fix a few braces here and there.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-02-29 12:48:46 +01:00
Hervé Poussineau
a2df5fa324 fdc: DIR (Digital Input Register) should return status of current drive...
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-02-29 12:48:46 +01:00
Hervé Poussineau
b072a3c85d fdc: fix seek command, which shouldn't check tracks
The seek command just sends step pulses to the drive and doesn't care if
there is a medium inserted of if it is banging the head against the drive.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-02-29 12:48:46 +01:00
Hervé Poussineau
844f65d661 fdc: check if media rate is correct before doing any transfer
The programmed rate has to be the same as the required rate for the
floppy format ; if that's not the case, the transfer should abort.
This check can be disabled by using the 'check_media_rate' property.

Save media rate value only if media rate check is enabled.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-02-29 12:48:46 +01:00
Hervé Poussineau
09c6d5850f fdc: add a 'check media rate' property. Not used yet
Set it to true for current Qemu versions, and false for previous ones

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-02-29 12:48:46 +01:00
Hervé Poussineau
f8d3d12857 block: add a transfer rate for floppy types
Floppies must be read at a specific transfer rate, depending of its own format.
Update floppy description table to include required transfer rate.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-02-29 12:48:46 +01:00
Hervé Poussineau
a758f8f415 fdc: add CCR (Configuration Control Register) write register
DIR and CCR registers share the same address ; DIR is read-only
while CCR is write-only

CCR register is used to change media transfer rate, which will be
checked in following changes.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-02-29 12:48:46 +01:00
Hervé Poussineau
8510854ee7 fdc: handle read-only floppies (abort early on write commands)
A real floppy doesn't attempt to write to read-only media either.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-02-29 12:48:46 +01:00
Hervé Poussineau
a005186c17 fdc: most control commands do not generate interrupts
In fact, only three control commands generate an interrupt:
read_id, recalibrate and seek

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-02-29 12:48:46 +01:00
Hervé Poussineau
1457a75843 fdc: set busy bit when starting a command
This bit must be active while a command is currently executed.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-02-29 12:48:46 +01:00
Hervé Poussineau
08388273a3 fdc: take side count into account
Floppies can be simple or double-sided. However, current code
was only taking the common case into account (ie 2 sides).

This repairs single-sided floppies, which where totally broken
before this patch : for track > 0, wrong sector number was
calculated, and data was read/written at wrong place on
underlying device.

Fortunately, only some 360 kB floppies are single-sided, so
this bug was probably not seen much.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-02-29 12:48:46 +01:00
Avi Kivity
50c1e1491e memory: support stateless memory listeners
Current memory listeners are incremental; that is, they are expected to
maintain their own state, and receive callbacks for changes to that state.

This patch adds support for stateless listeners; these work by receiving
a ->begin() callback (which tells them that new state is coming), a
sequence of ->region_add() and ->region_nop() callbacks, and then a
->commit() callback which signifies the end of the new state.  They should
ignore ->region_del() callbacks.

Signed-off-by: Avi Kivity <avi@redhat.com>
2012-02-29 13:44:42 +02:00
Avi Kivity
7376e5827a memory: allow MemoryListeners to observe a specific address space
Ignore any regions not belonging to a specified address space.

Signed-off-by: Avi Kivity <avi@redhat.com>
2012-02-29 13:44:42 +02:00
Avi Kivity
80a1ea3748 memory: move ioeventfd ops to MemoryListener
This way the accelerator (kvm) can handle them directly.

Signed-off-by: Avi Kivity <avi@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
2012-02-29 13:44:41 +02:00
Avi Kivity
72e22d2fe1 memory: switch memory listeners to a QTAILQ
This allows reverse iteration, which in turns allows consistent ordering
among multiple listeners:

  l1->add
  l2->add
  l2->del
  l1->del

Signed-off-by: Avi Kivity <avi@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
2012-02-29 13:44:41 +02:00
Gerd Hoffmann
e2efc0a326 qxl: properly handle upright and non-shared surfaces
Although qxl creates a shared displaysurface when the qxl surface is
upright and doesn't need to be flipped there is no guarantee that the
surface doesn't become unshared for some reason.  Rename qxl_flip to
qxl_blit and fix it to handle both flip and non-flip cases.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-28 17:22:30 +01:00
Gerd Hoffmann
6f2b175a09 qxl: add optinal 64bit vram bar
This patch adds an 64bit pci bar for vram.  It is turned off by default.
It can be enabled by setting the size of the 64bit bar to be larger than
the 32bit bar.  Both 32bit and 64bit bar refer to the same memory.  Only
the first part of the memory is available via 32bit bar.

The intention is to allow large vram sizes for 64bit guests, by allowing
the vram bar being mapped above 4G, so we don't have to squeeze it into
the pci I/O window below 4G.

With vram_size_mb=16 and vram64_size_mb=256 it looks like this:

00:02.0 VGA compatible controller: Red Hat, Inc. Device 0100 (rev 02) (prog-if 00 [VGA controller])
        Subsystem: Red Hat, Inc Device 1100
        Physical Slot: 2
        Flags: fast devsel, IRQ 10
        Memory at f8000000 (32-bit, non-prefetchable) [size=64M]
        Memory at fc000000 (32-bit, non-prefetchable) [size=16M]
        Memory at fd020000 (32-bit, non-prefetchable) [size=8K]
        I/O ports at c5a0 [size=32]
        Memory at ffe0000000 (64-bit, prefetchable) [size=256M]
        Expansion ROM at fd000000 [disabled] [size=64K]

[ mapping above 4G needs patched seabios:
  http://www.kraxel.org/cgit/seabios/commit/?h=pci64 ]
2012-02-28 17:20:15 +01:00
Anthony Liguori
b55c952aea Merge remote-tracking branch 'aneesh/for-upstream' into staging
* aneesh/for-upstream:
  hw/9pfs: Endian fixes for virtfs
  ./configure: add option for disabling VirtFS
2012-02-27 11:19:27 -06:00
Jan Kiszka
3741715cf2 usb: Resolve warnings about unassigned bus on usb device creation
When creating an USB device the old way, there is no way to specify the
target bus. Thus the warning issued by usb_create makes no sense and
rather confuses our users.

Resolve this by passing a bus reference to the usbdevice_init handler
and letting those handlers forward it to usb_create.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 15:40:53 +01:00
Gerd Hoffmann
01cd4e98dc ehci: drop old stuff
Drop the "ehci under development" banner.
Drop unused & inactive (#if 0) code.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 13:37:36 +01:00
Hans de Goede
df7871851e usb-ehci: Handle ISO packets failing with an error other then NAK
Before this patch the ehci code was not checking for any other errors other
then USB_RET_NAK. This causes 2 problems:
1) Other errors are not reported to the guest.
2) When transactions with the ITD_XACT_IOC bit set completing with another
   error would not result in USBSTS_INT getting set.

I hit this problem when unplugging devices while iso data was streaming from
the device to the guest. When this happens it takes a while for the guest to
process the unplugging and remove ISO transactions from the ehci schedule, in
the mean time these transactions would complete with a result of USB_RET_NODEV,
which was not handled. This lead to the Linux guest's usb subsystem "hanging",
that is it would no longer see new usb devices getting plugged in and running
for example lsusb would lead to a stuck (D state) lsusb process. This patch
fixes this.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 13:37:36 +01:00
Alon Levy
cff17894e3 usb-ccid: advertise SELF_POWERED
Before commit ed5a83ddd8 each device
provided it's own response to USB_REQ_GET_STATUS, but after it that
response was based on bmAttributes, which was errounously set for
usb-ccid as 0xa0 and not 0xe0.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 13:37:36 +01:00
Alon Levy
8db36e9ddd usb-desc: fix user trigerrable segfaults (!config)
Check for dev->config being NULL in two places:
 USB_REQ_GET_CONFIGURATION and USB_REQ_GET_STATUS.

The behavior of USB_REQ_GET_STATUS is unspecified in the Default state,
that corresponds to dev->config being NULL (it defaults to NULL and is
reset whenever a SET_CONFIGURATION with value 0, or attachment). I
implemented it to correspond with the state before
ed5a83ddd8, the commit moving SET_STATUS
to usb-desc; if dev->config is not set we return whatever is in the
first configuration.

The behavior of USB_REQ_GET_CONFIGURATION is also undefined before any
SET_CONFIGURATION, but here we just return 0 (same as specified for the
Address state).

A win7 guest failed to initialize the device before this patch,
segfaulting when GET_STATUS was called with dev->config == NULL. With
this patch the passthrough device still doesn't work but the failure is
unrelated.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 13:37:36 +01:00
Gerd Hoffmann
aa0568ff25 usb-ehci: sanity-check iso xfers
This patch adds a sanity check to itd processing to make sure the
endpoint addressed by the guest is actually an iso endpoint.  Also
verify that usb drivers don't return USB_RET_ASYNC which is illegal for
iso xfers.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 13:37:36 +01:00
Gerd Hoffmann
808aeb98ff usb: add tracepoint for usb packet state changes.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 13:37:36 +01:00
Gerd Hoffmann
7d1994f863 usb-xhci: enable packet queuing
qemu usb core has packet queues now, so flip lets the switch.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 13:37:36 +01:00
Gerd Hoffmann
5a248289a8 usb-uhci: implement packet queuing
When a usb device is busy processing a packet (and returns
USB_RET_ASYNC), continue walking the transfer descriptor list
and process them to fill the request queue.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 11:13:27 +01:00
Gerd Hoffmann
971a5a406e usb-uhci: process uhci_handle_td return code via switch.
Restruct the uhci_handle_td return code processing to make the
control flow more clear and the code more readable.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 11:13:27 +01:00
Gerd Hoffmann
f8af1e889b usb-uhci: add UHCIQueue
UHCIAsync structs (in-flight requests) grouped in UHCIQueue now.
Each (active) usb endpoint gets its own UHCIQueue.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 11:13:27 +01:00
Gerd Hoffmann
326700e35d usb-uhci: cleanup UHCIAsync allocation & initialization.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 11:13:26 +01:00
Gerd Hoffmann
81d37739df usb-ehci: fix reset
Two reset fixes:
  * pick up s->usbcmd value after ehci_reset call to make sure it
    keeps the reset value and doesn't get rubbish filled in when
    val is written back to the mmio register array later on.
  * make sure the frame timer is zapped on reset.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 11:13:26 +01:00
Gerd Hoffmann
299aa1c6df usb-hid: fix tablet activation
Activate usb hid pointer devices (mouse+tablet) unconditionally
on polls, even if we NAK the poll due to lack of new events.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 11:13:26 +01:00
Alon Levy
81fb6f1504 qxl: make qxl_render_update async
RHBZ# 747011

Removes the last user of QXL_SYNC when using update drivers that use the
_ASYNC io ports.

The last user is qxl_render_update, it is called both by qxl_hw_update
which is the vga_hw_update_ptr passed to graphic_console_init, and by
qxl_hw_screen_dump.

At the same time the QXLRect area being passed to the red_worker thread
is passed as a copy, as part of the QXLCookie.

The implementation uses interface_update_area_complete with a bh to make
sure dpy_update and qxl_flip are called from the io thread, otherwise
the vga->ds->surface.data can change under our feet.

With this patch sdl+spice works fine. But spice by itself doesn't
produce the expected screendumps unless repeated a few times, due to
ppm_save being called before update_area (rendering done in spice server
thread) having a chance to complete. Fixed by next patch, but see commit
message for problem introduced by it.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 09:46:52 +01:00
Alon Levy
2e1a98c9c1 qxl: introduce QXLCookie
Will be used in the next patch.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 09:46:52 +01:00
Alon Levy
4c19ebb51d qxl: remove flipped
Tested on linux and windows guests. For negative stride, qxl_flip copies
directly to vga->ds->surface->data, for positive it's reallocated to
share qxl->guest_primary.data

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 09:46:52 +01:00
Alon Levy
4295e15aa7 qxl: require spice >= 0.8.2
drop all ifdefs on SPICE_INTERFACE_QXL_MINOR >= 1 as a result,
any check for SPICE_SERVER_VERSION that is now always satisfied,
and SPICE_INTERFACE_CORE_MINOR >= 3 tests, because
0.8.2 has SPICE_INTERFACE_QXL_MINOR == 1 and
SPICE_INTERFACE_CORE_MINOR == 3.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 09:46:51 +01:00
Alon Levy
45a4b48528 qxl: drop qxl_spice_update_area_async definition
It was never used. Introduced in
5ff4e36c80
qxl: async io support using new spice api

But not used even then.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 09:46:51 +01:00
Alon Levy
bb5a8cd5b0 qxl: fix spice+sdl no cursor regression
regression introduced by 0753609458,

v2: lock around qemu_spice_cursor_refresh_unlocked

Reported-by: Fabiano Fidêncio <fabiano@fidencio.org>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 09:46:51 +01:00
Gerd Hoffmann
9ebe95fb60 nic: zap obsolote romloading bits from ne2k + pcnet
These days one just needs to specify the romfile in PCiDeviceInfo and
everything magically works.  It also allows to disable pxe rom loading
via "romfile=<emptystring>" like it is possible for all other nics.

[ v2: rebased & adapted to qom changes ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:05 -06:00
Gerd Hoffmann
45efb16124 optimize screendump for the common non-switch case
switch console only if needed, also pass down whenever the console was
switched or not because a displaysurface redraw is only needed in case
the console was switched.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:05 -06:00
Gerd Hoffmann
1673510204 Remove screendump dummy functions.
The code in console.c verifies whenever a screen_dump function
pointer is present before calling it, so there is no need to supply an
dummy function.  Remove them.  Also report an error to notify the user
that he didn't got a screenshot.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:04 -06:00
Gerd Hoffmann
9a51f5b067 vga: simplify screendump
The displaychangelistener isn't needed at all, we can simply save the
image when vga_hw_update is done instead of hooking into the update
process.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:04 -06:00
Gerd Hoffmann
6595abc044 suspend: make acpi timer wakeup the guest.
Make the acpi timer wake up the guest.
Guests can enable/disable this via acpi too.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:04 -06:00
Gerd Hoffmann
62aeb0f765 suspend: make rtc alarm wakeup the guest.
Make the rtc wake up the guest when the alarm fires.
Add acpi windup to property support RTC_EN, so guests
can enable and disable this.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:03 -06:00
Gerd Hoffmann
9826fd597d suspend: make serial ports wakeup the guest.
Add a 'wakeup' property to the serial port.  It is off by default.  When
enabled any incoming character on the serial line will wake up the
guest.  Useful for guests which have a serial console configured.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:03 -06:00
Gerd Hoffmann
fd214d1828 suspend: make ps/2 devices wakeup the guest
This patch adds wakeup support to ps/2 emulation.  Any key press on the
ps/2 keyboard will wakeup the guest.  Likewise any mouse button press
will wakeup the guest.  Mouse moves are ignored, so the guest will not
wakeup in case your mouse crosses the vnc window of a suspended guest by
accident.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:03 -06:00
Gerd Hoffmann
da98c8eb4c suspend: switch acpi s3 to new infrastructure.
This patch switches pc s3 suspend over to the new infrastructure.
The cmos_s3 qemu_irq is killed, the new notifier is used instead.
The xen hack goes away with that too, the hypercall can simply be
done in a notifier function now.

This patch also makes the guest actually stay suspended instead
of leaving suspend instantly, so it is useful for more than just
testing whenever the suspend/resume cycle actually works.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:03 -06:00
Gerd Hoffmann
8283c4f565 acpi: add acpi_pm1_evt_write_en
Do APCIREGS->pm1.evt.en updates using the new acpi_pm1_evt_write_en
function, so the acpi code will see those updates.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:02 -06:00
Gerd Hoffmann
2886be1b01 acpi: don't pass overflow_time to acpi_pm1_evt_get_sts
Pretty pointless, can easily be reached via ACPIREGS now.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:02 -06:00
Gerd Hoffmann
355bf2e5ba acpi: add ACPIREGS
All those acpi structs are not independent from each other.
Various acpi functions expecting multiple acpi structs passed
in are a clean indicator for that ;)

So this patch bundles all acpi structs in the new ACPIREGS
struct, then use it everythere pass around acpi state.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:02 -06:00
Gerd Hoffmann
067866d61c acpi: move around structs
Group all structs at the top of hw/acpi.h.
Just moving around lines, no code changes.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 13:36:02 -06:00
Anthony Liguori
7c1daf341f Merge remote-tracking branch 'qmp/queue/qmp' into staging
* qmp/queue/qmp:
  qmp: add DEVICE_TRAY_MOVED event
  ide: drop ide_tray_state_post_load()
  block: Don't call bdrv_eject() if the tray state didn't change
  block: bdrv_eject(): Make eject_flag a real bool
  block: Rename bdrv_mon_event() & BlockMonEventAction
2012-02-24 09:45:22 -06:00
Anthony Liguori
9ef1300b1b Merge remote-tracking branch 'bonzini/virtio-scsi' into staging
* bonzini/virtio-scsi:
  scsi-block: always use scsi_generic_ops for cache != none
  scsi: fix searching for an empty id
  scsi: fix wrong return for target INQUIRY
  virtio-scsi: add migration support
  virtio-scsi: process control queue requests
  virtio-scsi: add basic SCSI bus operation
  virtio-scsi: Add basic request processing infrastructure
  virtio-scsi: Add virtio-scsi stub device
  scsi-disk: add migration support
  scsi-generic: add migration support
  scsi: add SCSIDevice vmstate definitions
  scsi-disk: enable scatter/gather functionality
  scsi: add scatter/gather functionality
  scsi: pass residual amount to command_complete
  ahci: use new DMA helpers
  dma-helpers: add accounting wrappers
  dma-helpers: add dma_buf_read and dma_buf_write
  dma-helpers: make QEMUSGList target independent
2012-02-24 09:33:03 -06:00
Markus Armbruster
1f51470d04 Revert "qemu-char: Print strerror message on failure" and deps
The commit's purpose is laudable:

    The only way for chardev drivers to communicate an error was to
    return a NULL pointer, which resulted in an error message that
    said _that_ something went wrong, but not _why_.

It attempts to achieve it by changing the interface to return 0/-errno
and update qemu_chr_open_opts() to use strerror() to display a more
helpful error message.  Unfortunately, it has serious flaws:

1. Backends "socket" and "udp" return bogus error codes, because
qemu_chr_open_socket() and qemu_chr_open_udp() assume that
unix_listen_opts(), unix_connect_opts(), inet_listen_opts(),
inet_connect_opts() and inet_dgram_opts() fail with errno set
appropriately.  That assumption is wrong, and the commit turns
unspecific error messages into misleading error messages.  For
instance:

    $ qemu-system-x86_64 -nodefaults -vnc :0 -chardev socket,id=bar,host=xxx
    inet_connect: host and/or port not specified
    chardev: opening backend "socket" failed: No such file or directory

ENOENT is what happens to be in my errno when the backend returns
-errno.  Let's put ERANGE there just for giggles:

    $ qemu-system-x86_64 -nodefaults -vnc :0 -chardev socket,id=bar,host=xxx -drive if=none,iops=99999999999999999999
    inet_connect: host and/or port not specified
    chardev: opening backend "socket" failed: Numerical result out of range

Worse: when errno happens to be zero, return -errno erroneously
signals success, and qemu_chr_new_from_opts() dies dereferencing
uninitialized chr.  I observe this with "-serial unix:".

2. All qemu_chr_open_opts() knows about the error is an errno error
code.  That's simply not enough for a decent message.  For instance,
when inet_dgram() can't resolve the parameter host, which errno code
should it use?  What if it can't resolve parameter localaddr?

Clue: many backends already report errors in their open methods.
Let's revert the flawed commit along with its dependencies, and fix up
the silent error paths instead.

This reverts commit 6e1db57b2a.

Conflicts:

	console.c
	hw/baum.c
	qemu-char.c

This reverts commit aad04cd024.

The parts of commit db418a0a "Add stdio char device on windows" that
depend on the reverted change fixed up.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:56 -06:00
Paolo Bonzini
eaccf49e95 scsi-block: always use scsi_generic_ops for cache != none
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-24 14:54:51 +01:00
Paolo Bonzini
d3d250bddb scsi: fix searching for an empty id
The conditions for detecting no free target or LUN were wrong.

The LUN loop was followed by an "if" condition that is never
true, because the loop is exited as soon as lun becomes equal
to bus->info->max_lun, and never becomes greater than it.

The target loop had a wrong condition (<= instead of <).  Once
this is fixed, the loop would fail in the same way as the LUN
loop.

The fix is to see whether scsi_device_find returned the device with the
last (channel, target, LUN) pair, and fail if so.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-24 14:54:51 +01:00
Paolo Bonzini
9fac25bf6e scsi: fix wrong return for target INQUIRY
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-24 14:54:51 +01:00
Paolo Bonzini
5db1764cc1 virtio-scsi: add migration support
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-24 14:54:51 +01:00
Paolo Bonzini
06114d72f6 virtio-scsi: process control queue requests
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-24 14:54:51 +01:00
Benjamin Herrenschmidt
67d6fa5362 hw/9pfs: Endian fixes for virtfs
This patch fixes several endian bugs in virtfs.

Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-02-24 14:01:19 +05:30
Luiz Capitulino
bde25388d1 ide: drop ide_tray_state_post_load()
This is used to sync the physical tray state after migration when
using CD-ROM passthrough. However, migrating when using passthrough
is broken anyway and shouldn't be supported...

So, drop this function as it causes a problem with the DEVICE_TRAY_MOVED
event, which is going to be introduced by the next commit.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Kevin Wolf <kwolf@redhat.com>
2012-02-22 17:23:33 -02:00
Luiz Capitulino
d88b1819dd block: Don't call bdrv_eject() if the tray state didn't change
It's not needed. Besides we can then assume that bdrv_eject() is
only called when there's a tray state change, which is useful to
the DEVICE_TRAY_MOVED event (going to be added in a future
commit).

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Kevin Wolf <kwolf@redhat.com>
2012-02-22 17:23:21 -02:00
Luiz Capitulino
329c0a48a9 block: Rename bdrv_mon_event() & BlockMonEventAction
They are QMP events, not monitor events. Rename them accordingly.

Also, move bdrv_emit_qmp_error_event() up in the file. A new event will
be added soon and it's good to have them next each other.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Kevin Wolf <kwolf@redhat.com>
2012-02-22 17:22:35 -02:00
Hervé Poussineau
b39506e44d jazz-led: convert to QOM
Some simplifications in I/O functions are possible because
Jazz LED only registers one byte of I/O.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-22 09:02:19 -06:00
Hervé Poussineau
63b9932dd0 jazz-led: use trace framework
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-22 09:02:19 -06:00
Michael S. Tsirkin
d5f27e8869 pci: set memory type for memory behind the bridge
As we make upper bits in IO and prefetcheable memory
registers writeable, we should declare support
for 64 bit prefetcheable memory and 32 bit io
in the bridge.

This changes the default for apb, dec, but I'm guessing
they got the defaults wrong by accident.
Alternatively, we could let bridges declare lack of
64 bit support and make the upper bits read-only zero.

With this applied, we can drop these bits
from express code.

Reported-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

Could someone familiar with apb,dec ack this please?
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-22 09:02:18 -06:00
Michael S. Tsirkin
c9f50cea70 pci: add accessors to get/set registers by mask
pci_regs.h specifies many registers by mask +
shifted register values.
There's always some duplication when using such:
for example to override device type, we would need:

pci_word_test_and_clear_mask(cap + PCI_EXP_FLAGS,
     PCI_EXP_FLAGS_TYPE);
pci_word_test_and_set_mask(cap + PCI_EXP_FLAGS,
    PCI_EXP_TYPE_ENDPOINT << (ffs(PCI_EXP_FLAGS_TYPE) - 1));

Getting such registers also uses some duplication:

word = pci_get_word(cap + PCI_EXP_FLAGS) & PCI_EXP_FLAGS_TYPE;
if ((word >> ffs((PCI_EXP_FLAGS_TYPE) - 1)) == PCI_EXP_TYPE_ENDPOINT)

Add API to access such registers in one line:
pci_set_word_by_mask(cap + PCI_EXP_FLAGS, PCI_EXP_FLAGS_TYPE,
		     PCI_EXP_TYPE_ENDPOINT)

and
word = pci_get_word_by_mask(cap + PCI_EXP_FLAGS, PCI_EXP_FLAGS_TYPE)
if (word == PCI_EXP_TYPE_ENDPOINT)

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-22 09:02:18 -06:00
Jordan Justen
1b89fafe47 pc_piix/pc_sysfw: enable flash by default
Now, the pc-sysfw:rom_only property will default
to false which enables flash by default.

All pc types below pc-1.1 set rom_only to true.
This prevents flash from being enabled on these
pc machine types.

For pc-1.1 rom_only will use the default (false),
which will allow flash to be used for pc-1.1.

Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-22 09:02:18 -06:00
Jordan Justen
382b3a681d hw/pc_piix: add pc-1.1
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-22 09:02:18 -06:00
Jordan Justen
ed778c8d9f hw/pc_piix: remove is_default for pc-0.15
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-22 09:02:18 -06:00
Jordan Justen
bd183c79b5 hw/pc_sysfw: support system flash memory with pflash
Flash can be enabled by calling pc_system_firmware_init
with the system_flash_enabled parameter being non-zero.
If system_flash_enabled is zero, then the older qemu
rom creation method will be used.

If flash is enabled and a pflash image is found, then
it is used for the system firmware image.

If flash is enabled and a pflash image is not initially
found, then a read-only pflash device is created using
the -bios filename.

KVM cannot execute from a pflash region currently.
Therefore, when KVM is enabled, the old rom based
initialization method is used.

Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-22 09:02:18 -06:00
Jordan Justen
90ccf9f6bf hw/pc_sysfw: enable pc-sysfw as a qdev
Setup a pc-sysfw device type.  It contains a single
property of 'rom_only' which is defaulted to enabled.

Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-22 09:02:18 -06:00
Jordan Justen
cbc5b5f3aa hw/pc: move rom init to pc_sysfw.c
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-22 09:02:17 -06:00
Jordan Justen
2c8cffa599 vl: make find_default_machine externally visible
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-22 09:02:17 -06:00
Jordan Justen
de8efe8f6c pflash_cfi01/02: support read-only pflash devices
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-22 09:02:17 -06:00
Anthony Liguori
4732dcaf5a Merge remote-tracking branch 'bonzini/qdev-props-for-anthony' into staging
* bonzini/qdev-props-for-anthony:
  qdev: drop unnecessary parse/print methods
  qdev: use built-in QOM string parser
  qdev: accept hex properties only if prefixed by 0x
  qdev: accept both strings and integers for PCI addresses
  qom: add generic string parsing/printing
  qapi: add tests for string-based visitors
  qapi: add string-based visitors
  qapi: drop qmp_input_end_optional
  qapi: allow sharing enum implementation across visitors
2012-02-22 07:35:03 -06:00
Paolo Bonzini
2ccdcd8d2b virtio-scsi: add basic SCSI bus operation
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 13:40:06 +01:00
Stefan Hajnoczi
326799c0d0 virtio-scsi: Add basic request processing infrastructure
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 13:40:06 +01:00
Stefan Hajnoczi
973abc7f41 virtio-scsi: Add virtio-scsi stub device
Add a useless virtio SCSI HBA device:

  qemu -device virtio-scsi-pci

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 13:39:59 +01:00
Paolo Bonzini
43b978b932 scsi-disk: add migration support
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 13:29:08 +01:00
Paolo Bonzini
56b1fc4823 scsi-generic: add migration support
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 13:29:08 +01:00
Paolo Bonzini
63f740dd9e scsi: add SCSIDevice vmstate definitions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 13:29:08 +01:00
Paolo Bonzini
5d0d246792 scsi-disk: enable scatter/gather functionality
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 13:29:08 +01:00
Paolo Bonzini
3d5aba97e9 scsi: add scatter/gather functionality
Scatter/gather functionality uses the newly added DMA helpers.  The
device can choose between doing DMA itself, or calling scsi_req_data
as usual, which will use the newly added DMA helpers to copy piecewise
to/from the destination area(s).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 13:29:08 +01:00
Paolo Bonzini
01e9545588 scsi: pass residual amount to command_complete
With the upcoming sglist support, HBAs will not see any transfer_data
call and will not have a way to detect short transfers.  So pass the
residual amount of data upon command completion.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 13:29:07 +01:00
Paolo Bonzini
da22132752 ahci: use new DMA helpers
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 13:29:07 +01:00
Paolo Bonzini
5cb9b56acf qdev: drop unnecessary parse/print methods
More qdev printers could have been removed in the previous series, and
object_property_parse also made several parsers unnecessary.  In fact,
the new code is even more robust with respect to overflows, so clean
them up!

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 08:31:25 +01:00
Paolo Bonzini
0c96e2856e qdev: use built-in QOM string parser
object_property_parse lets us drop the legacy setters when their task
is done just as well by the string visitors.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 08:31:25 +01:00
Paolo Bonzini
97aa6e9b8f qdev: accept hex properties only if prefixed by 0x
Hex properties are an obstacle to removal of old qdev string parsing, but
even here we can lay down the foundations for future simplification.  In
general, they are rarely used and their printed form is more interesting
than the parsing.  For example you'd usually set isa-serial.index
instead of isa-serial.iobase.  And luckily our main client, libvirt
only cares about few of these, and always sets them with a 0x prefix.
So the series stops accepting bare hexadecimal numbers, preparing for
making legacy properties read-only in 1.3 or so.  The read side will
stay as long as "info qtree" is with us.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 08:31:24 +01:00
Paolo Bonzini
768a9ebe18 qdev: accept both strings and integers for PCI addresses
Visitors allow a limited form of polymorphism.  Exploit it to support
setting the non-legacy PCI address property both as a DD.F string
and as an 8-bit integer.

The 8-bit integer form is just too clumsy, it is unlikely that we will
ever drop it.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-22 08:31:24 +01:00
Gerd Hoffmann
017438eeb1 qxl: add user-friendly bar size properties
Add two properties to specify bar sizes in megabytes instead of bytes,
which is alot more user-friendly.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-21 10:36:05 +01:00
Gerd Hoffmann
a974192c80 qxl: move ram size init to new function
Factor memory bar sizing bits out to a separate function.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-21 10:36:05 +01:00
Gerd Hoffmann
80105bbfb2 qxl: drop vram bar minimum size
There is no reason to require a minimum size of 16 MB for the vram.
Lower the limit to 4096 (one page).  Make it disapper completely would
break guests.
2012-02-21 10:36:05 +01:00
Yonit Halperin
2aa9e85c46 qxl: make sure primary surface is saved on migration also in compat mode
RHBZ #790083

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-21 10:36:04 +01:00
Yonit Halperin
e25139b34d qxl: set only off-screen surfaces dirty instead of the whole vram
We used to assure the guest surfaces were saved before migration by
setting the whole vram dirty. This patch sets dirty only the areas
that are actually used in the vram.

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-21 10:36:04 +01:00
Gerd Hoffmann
7844e448d1 qxl: don't render stuff when the vm is stopped.
This patch fixes the local qxl renderer to not kick spice-server
in case the vm is stopped.  First it is largely pointless because
we ask spice-server to process all not-yet processed commands when
the vm is stopped, so there isn't much do do anyway.  Second we
avoid triggering an assert in spice-server.

The patch makes sure we still honor redraw requests, even if we don't
ask spice-server for updates.  This is needed to handle displaysurface
changes with a stopped vm correctly.

With this patch applied it is possible to take screen shots (via
screendump monitor command) from a qxl gpu even in case the guest
is stopped.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-21 10:36:04 +01:00
Gerd Hoffmann
f4a8a424fc qxl: fix warnings on 32bit
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-21 10:36:04 +01:00
Jan Kiszka
e5ad936b0f kvmvapic: Introduce TPR access optimization for Windows guests
This enables acceleration for MMIO-based TPR registers accesses of
32-bit Windows guest systems. It is mostly useful with KVM enabled,
either on older Intel CPUs (without flexpriority feature, can also be
manually disabled for testing) or any current AMD processor.

The approach introduced here is derived from the original version of
qemu-kvm. It was refactored, documented, and extended by support for
user space APIC emulation, both with and without KVM acceleration. The
VMState format was kept compatible, so was the ABI to the option ROM
that implements the guest-side para-virtualized driver service. This
enables seamless migration from qemu-kvm to upstream or, one day,
between KVM and TCG mode.

The basic concept goes like this:
 - VAPIC PV interface consisting of I/O port 0x7e and (for KVM in-kernel
   irqchip) a vmcall hypercall is registered
 - VAPIC option ROM is loaded into guest
 - option ROM activates TPR MMIO access reporting via port 0x7e
 - TPR accesses are trapped and patched in the guest to call into option
   ROM instead, VAPIC support is enabled
 - option ROM TPR helpers track state in memory and invoke hypercall to
   poll for pending IRQs if required

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2012-02-18 12:15:59 +02:00
Jan Kiszka
d362e757d3 target-i386: Add infrastructure for reporting TPR MMIO accesses
This will allow the APIC core to file a TPR access report. Depending on
the accelerator and kernel irqchip mode, it will either be delivered
right away or queued for later reporting.

In TCG mode, we can restart the triggering instruction and can therefore
forward the event directly. KVM does not allows us to restart, so we
postpone the delivery of events recording in the user space APIC until
the current instruction is completed.

Note that KVM without in-kernel irqchip will report the address after
the instruction that triggered the access.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2012-02-18 12:15:55 +02:00
Jan Kiszka
aa24822bdc i8259: Do not clear level-triggered lines in IRR on init
When an input line is handled as level-triggered, it will immediately
raise an IRQ on the output of a PIC again that goes through an init
reset. So only clear the edge-triggered inputs from IRR in that
scenario.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-17 09:58:22 -06:00
Jan Kiszka
4aa5d2853a i8254: Factor out pit_get_channel_info
Instead of providing 4 individual query functions for mode, gate, output
and initial counter state, introduce a service that queries all
information at once. This comes with tiny additional costs for
pcspk_callback but with a much cleaner interface. Also, it will simplify
the implementation of the KVM in-kernel PIT model.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-17 09:58:22 -06:00
Jan Kiszka
302fe51b59 pcspk: Convert to qdev
Convert the PC speaker device to a qdev ISA model. Move the public
interface to a dedicated header file at this chance.

CC: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-17 09:58:22 -06:00
Jan Kiszka
ce967e2f33 i8254: Rework & fix interaction with HPET in legacy mode
When the HPET enters legacy mode, the IRQ output of the PIT is
suppressed and replaced by the HPET timer 0. But the current code to
emulate this was broken in many ways. It reset the PIT state after
re-enabling, it worked against a stale static PIT structure, and it did
not properly saved/restored the IRQ output mask in the PIT vmstate.

This patch solves the PIT IRQ control in a different way. On x86, it
both redirects the PIT IRQ to the HPET, just like the RTC. But it also
keeps the control line from the HPET to the PIT. This allows to disable
the PIT QEMU timer when it is not needed. The PIT's view on the control
line state is now saved in the same format that qemu-kvm is already
using.

Note that, in contrast to the suppressed RTC IRQ line, we do not need to
save/restore the PIT line state in the HPET. As we trigger a PIT IRQ
update via the control line, the line state is reconstructed on mode
switch.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-17 09:58:22 -06:00
Jan Kiszka
319ba9f527 i8254: Pass alternative IRQ output object on initialization
HPET legacy emulation will require control over the PIT IRQ output. To
enable this, add support for an alternative IRQ output object to the PIT
factory function. If the isa_irq number is < 0, this object will be
used.

This also removes the IRQ number property from the PIT class as we now
use a generic GPIO output pin that is connected by the factory function.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-17 09:58:22 -06:00
Jan Kiszka
b1277b03d4 i8254: Factor out interface header
Move the public interface of the PIT into its own header file and update
all users.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-17 09:58:22 -06:00
Jan Kiszka
5904ae4eba hpet: Save/restore cached RTC IRQ level
In legacy mode, the HPET suppresses the RTC interrupt delivery via IRQ
8 but keeps track of the RTC output level and applies it when legacy
mode is turned off again. This value has to be preserved across save/
restore as it cannot be reconstructed otherwise.

To document that a raised rtc_irq_level won't survive a vmload without
a hpet/rtc_irq_level subsection, add an explicit clearing to the reset
handler.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-17 09:58:22 -06:00
Jan Kiszka
61b7b67df2 i8254: Do not raise IRQ level on reset
Avoid changing the IRQ level to high on reset as it may trigger spurious
events. Instead, open-code the effects of pit_load_count(0) in the reset
handler.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-17 09:58:22 -06:00
Andreas Färber
4ed658ca92 qdev: Fix qdev_try_create() semantics
Since QOM'ification, qdev_try_create() uses object_new() internally,
which asserts "type != NULL" when the type is not registered.
This was revealed by the combination of kvmclock's kvm_enabled() check
and early QOM type registration.

Check whether the class exists before calling object_new(), so that
the caller (e.g., qdev_create) can fail gracefully, telling us which
device could not be created.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Anthony Liguori <aliguori@codemonkey.ws>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-17 09:58:21 -06:00
Anthony Liguori
3d7f572140 Merge remote-tracking branch 'pmaydell/arm-devs.for-upstream' into staging
* pmaydell/arm-devs.for-upstream: (22 commits)
  hw/pl031: Actually raise interrupt on timer expiry
  MAINTAINERS: Add hw/highbank.c maintainer
  Remove unnecessary includes of primecell.h
  hw/primecell.h: Remove obsolete pl080_init() declaration
  hw/arm_sysctl: Drop legacy init function
  hw/vexpress.c: Add vexpress-a15 machine
  arm_boot: Pass base address of GIC CPU interface, not whole GIC
  hw/vexpress.c: Instantiate the motherboard CLCD
  hw/vexpress.c: Factor out daughterboard-specific initialization
  hw/vexpress.c: Move secondary CPU boot code to SRAM
  hw/vexpress.c: Make motherboard peripheral memory map table-driven
  hw/a15mpcore.c: Add Cortex-A15 private peripheral model
  MAINTAINERS: Add maintainers for Exynos SOC.
  Exynos4210: added display controller implementation
  hw/exynos4210.c: Add LAN support for SMDKC210.
  hw/lan9118: Add basic 16-bit mode support.
  ARM: exynos4210: MCT support.
  ARM: exynos4210: basic Power Management Unit implementation
  ARM: exynos4210: PWM support.
  ARM: exynos4210: UART support
  ...
2012-02-17 06:50:07 -06:00
Anthony Liguori
a19255a369 Merge remote-tracking branch 'stefanha/trivial-patches' into staging
* stefanha/trivial-patches:
  linux-user: brk() debugging
  virtio: Remove unneeded g_free() check in virtio_cleanup()
  net: remove extra spaces in help messages
  fmopl: Fix typo in function name
  vl.c: Fix typo in variable name
  ide: fix compilation errors when DEBUG_IDE is set
  cpu-exec.c: Correct comment about this file and indentation cleanup
  CODING_STYLE: Clarify style for enum and function type names
  linux-user: fail execve() if env/args too big
2012-02-17 06:48:47 -06:00
Peter Maydell
13a16f1d91 hw/pl031: Actually raise interrupt on timer expiry
Fix a typo in pl031_interrupt() which meant we were setting a bit
in the interrupt mask rather than the interrupt status register
and thus not actually raising an interrupt. This fix allows the
rtctest program from the kernel's Documentation/rtc.txt to pass
rather than hanging.

Reported-by: Daniel Forsgren <daniel.forsgren@enea.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
2012-02-17 11:13:45 +00:00
Peter Maydell
22168e6660 Remove unnecessary includes of primecell.h
The primecell.h header now only has the definitions of constants
indicating the usage of the arm_sysctl GPIO lines; remove obsolete
includes of it from source files which don't care about those GPIO
lines.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:13:42 +00:00
Peter Maydell
2a9577034a hw/primecell.h: Remove obsolete pl080_init() declaration
Remove an obsolete declaration of pl080_init(), which has been
incorrect since the conversion of pl080 to qdev back in 2009.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:13:39 +00:00
Peter Maydell
54de1e5b3a hw/arm_sysctl: Drop legacy init function
Drop the legacy init function arm_sysctl_init(), since it has no
users left any more. This allows us to drop the awkward '1' from
the actual device init function.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
2012-02-17 11:13:36 +00:00
Peter Maydell
961f195e6c hw/vexpress.c: Add vexpress-a15 machine
Add the vexpress-a15 machine, and the A-Series memory map it uses.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
2012-02-17 11:13:34 +00:00
Peter Maydell
96eacf6413 arm_boot: Pass base address of GIC CPU interface, not whole GIC
The arm_boot secondary boot loader code needs the address of
the GIC CPU interface. Obtaining this from the base address
of the private peripheral region was possible for A9 and 11MPcore,
but the A15 puts the GIC CPU interface in a different place.
So make boards pass in the GIC CPU interface address directly.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:13:26 +00:00
Peter Maydell
b720687868 hw/vexpress.c: Instantiate the motherboard CLCD
Instantiate the CLCD on the vexpress motherboard as well as one on
the daughterboard -- the A15 daughterboard does not have a CLCD
and so relies on the motherboard one.

At the moment QEMU doesn't provide infrastructure for selecting
which display device gets to actually show graphics -- the first
one registered is it. Fortunately this works for the major use
case (Linux): if the daughterboard has a CLCD it will come first
and be used, otherwise we fall back to the motherboard CLCD.
So we don't (currently) need to implement the control register
which allows software to tell the mux which video output to pass
through to the outside world.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
2012-02-17 11:13:24 +00:00
Peter Maydell
4c3b29b8ad hw/vexpress.c: Factor out daughterboard-specific initialization
Factor out daughterboard specifics into a data structure and
daughterboard initialization function, in preparation for adding
vexpress-a15 support.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:13:23 +00:00
Peter Maydell
aac1e02c1d hw/vexpress.c: Move secondary CPU boot code to SRAM
On real Versatile Express hardware, the boot ROM puts the secondary
CPU bootcode/holding pen in SRAM. We can therefore rely on Linux not
trashing this memory until secondary CPUs have booted up, and can
put our QEMU-specific pen code in the same place. This allows us to
drop the odd "hack" RAM page we were using before.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:13:21 +00:00
Peter Maydell
2558e0a67b hw/vexpress.c: Make motherboard peripheral memory map table-driven
Pull the addresses used for mapping motherboard peripherals into
memory out into a table. This will allow us to simply provide a
second table to implement the "Cortex-A Series" memory map used by
the A15 variant of Versatile Express, as well as the current
"Legacy" map used by A9.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
2012-02-17 11:13:19 +00:00
Peter Maydell
5d782e0805 hw/a15mpcore.c: Add Cortex-A15 private peripheral model
Add a model of the Cortex-A15 memory mapped private peripheral
space. This is fairly simple because the only memory mapped
bit of the A15 is the GIC.

Note that we don't currently model a VGIC and therefore don't
map the VGIC related bits of the GIC.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:13:17 +00:00
Mitsyanko Igor
30628cb12d Exynos4210: added display controller implementation
Exynos4210 display controller (FIMD) has 5 hardware windows with alpha and
chroma key blending functions.

Signed-off-by: Mitsyanko Igor <i.mitsyanko@samsung.com>
Signed-off-by: Evgeny Voevodin <e.voevodin@samsung.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:13:14 +00:00
Evgeny Voevodin
2c2c6496f8 hw/exynos4210.c: Add LAN support for SMDKC210.
SMDKC210 uses lan9215 chip, but lan9118 in 16-bit mode seems to
be enough.

Signed-off-by: Evgeny Voevodin <e.voevodin@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:13:12 +00:00
Evgeny Voevodin
1248f8d4cb hw/lan9118: Add basic 16-bit mode support.
Signed-off-by: Evgeny Voevodin <e.voevodin@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:13:11 +00:00
Evgeny Voevodin
12c775db14 ARM: exynos4210: MCT support.
Signed-off-by: Evgeny Voevodin <e.voevodin@samsung.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:13:09 +00:00
Maksim Kozlov
df91b48f64 ARM: exynos4210: basic Power Management Unit implementation
Patch adds basic model for Exynos4210 SoC PMU.
This model implements PMU registers just as a bulk of memory. Currently,
the only reason this device exists is that secondary CPU boot loader
uses PMU INFORM5 register as a holding pen.

Signed-off-by: Maksim Kozlov <m.kozlov@samsung.com>
Signed-off-by: Evgeny Voevodin <e.voevodin@samsung.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:13:07 +00:00
Evgeny Voevodin
62db8bf39b ARM: exynos4210: PWM support.
Signed-off-by: Evgeny Voevodin <e.voevodin@samsung.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:13:05 +00:00
Maksim Kozlov
e5a4914efc ARM: exynos4210: UART support
Add basic support of exynos4210 UART

Signed-off-by: Maksim Kozlov <m.kozlov@samsung.com>
Signed-off-by: Evgeny Voevodin <e.voevodin@samsung.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:13:02 +00:00
Evgeny Voevodin
0caa711335 ARM: Samsung exynos4210-based boards emulation
Add initial support of NURI and SMDKC210 boards

Signed-off-by: Evgeny Voevodin <e.voevodin@samsung.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:12:59 +00:00
Evgeny Voevodin
8e03cf1eeb ARM: exynos4210: IRQ subsystem support.
Signed-off-by: Evgeny Voevodin <e.voevodin@samsung.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-17 11:12:57 +00:00
Stefan Weil
761c9eb0fa hw/arm: Remove redundant arguments from set_kernel_args*
The parameters initrd_size and base are already included
in the info parameter, so there is no need to pass them
separately.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>,
2012-02-17 08:30:19 +01:00
Vasily Khoruzhick
4f56da61b9 pxa2xx_lcd: SRAM is valid location for the framebuffer
Signed-off-by: Vasily Khoruzhick <anarsoul@gmail.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2012-02-17 08:25:43 +01:00
Paolo Bonzini
dd4427a619 nseries: attach monitor powerdown request to menelaus
I noticed some unused code in the twl92230, probably from before
qdev-ification.  This patch makes the machine use the chip's pwrbtn
signal.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2012-02-17 07:42:22 +01:00
Anthony Liguori
6c263e26a5 Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
* qemu-kvm/uq/master:
  apic: Fix legacy vmstate loading for KVM
  kvm: Implement kvm_irqchip_in_kernel like kvm_enabled
  kvm: Allow to set shadow MMU size
2012-02-15 18:41:28 -06:00
Anthony Liguori
7718564ba1 Merge remote-tracking branch 'kraxel/usb.38' into staging
* kraxel/usb.38: (28 commits)
  xhci: handle USB_RET_NAK
  xhci: remote wakeup support
  xhci: kill port arg from xhci_setup_packet
  xhci: stop on errors
  xhci: add trb type name lookup support.
  xhci: signal low- and fullspeed support
  usb: add USBBusOps->wakeup_endpoint
  usb: pass USBEndpoint to usb_wakeup
  usb: maintain async packet list per endpoint
  usb: Set USBEndpoint in usb_packet_setup().
  usb: add USBEndpoint->{nr,pid}
  usb: USBPacket: add status, rename owner -> ep
  usb: fold usb_generic_handle_packet into usb_handle_packet
  usb: kill handle_packet callback
  usb-xhci: switch to usb_find_device()
  usb-musb: switch to usb_find_device()
  usb-ohci: switch to usb_find_device()
  usb-ehci: switch to usb_find_device()
  usb-uhci: switch to usb_find_device()
  usb: handle dev == NULL in usb_handle_packet()
  ...
2012-02-15 17:25:25 -06:00
Anthony Liguori
65b31cc207 Merge remote-tracking branch 'kwolf/for-anthony' into staging
* kwolf/for-anthony:
  AHCI: Masking of IRQs actually masks them
  sheepdog: fix co_recv coroutine context
  AHCI: Fix port reset race
  rewrite QEMU_BUILD_BUG_ON
  qcow2: Keep unknown header extension when rewriting header
  qcow2: Update whole header at once
  vpc: Round up image size during fixed image creation
  vpc: Add support for Fixed Disk type
  iSCSI: add configuration variables for iSCSI
  qemu-io: add write -z option for bdrv_co_write_zeroes
  qed: add .bdrv_co_write_zeroes() support
  qed: replace is_write with flags field
  block: perform zero-detection during copy-on-read
  block: add .bdrv_co_write_zeroes() interface
  cutils: extract buffer_is_zero() from qemu-img.c
2012-02-15 17:18:04 -06:00
Anthony Liguori
b2d4b3f7b8 device_add: don't add a /peripheral link until init is complete
Otherwise we end up with a dangling reference which causes qdev_free() to fail.

Reported-by: Michael Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-15 09:39:21 -06:00
Andreas Färber
83f7d43a9e qom: Unify type registration
Replace device_init() with generalized type_init().

While at it, unify naming convention: type_init([$prefix_]register_types)
Also, type_init() is a function, so add preceding blank line where
necessary and don't put a semicolon after the closing brace.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Anthony Liguori <anthony@codemonkey.ws>
Cc: malc <av1474@comtv.ru>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-15 09:39:21 -06:00
Paolo Bonzini
59f971d451 qdev: print error message before aborting
qdev_prop_set_* functions are always called by machine init functions
that should know what they're doing, so they abort on error.  Still,
an assert(!errp) does not aid debugging.  Print an error before aborting.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-02-14 18:57:33 +00:00
Paolo Bonzini
0a54a0ce3e qdev: allow setting properties to NULL
SPARC and PPC set properties to NULL.  This can be done with an
empty string value.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-02-14 18:57:32 +00:00
Jan Kiszka
bda254daf8 cfi02: Fix lazy ROMD switching - once again
The conversion to memory regions broke lazy ROMD switching by forgetting
to update the rom_mode state variable.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-02-11 10:58:09 +00:00
Jan Kiszka
734781c9a0 vga: Fix full updates in graphic mode
This fixes the regression introduced by cd7a45c95e: We lost the or'ing
with the full_update flag.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-02-11 10:39:57 +00:00
Blue Swirl
d1f3dd343c
Fix memory dirty getting API change fallout
Fix confusion in length calculation in commit
cd7a45c95e.

Reported-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-02-11 10:39:13 +00:00
Gerd Hoffmann
7c605a23b2 xhci: handle USB_RET_NAK
Add a field to XHCITransfer to correctly keep track of NAK'ed usb
packets.  Retry transfers when the endpoint is kicked again.  Implement
wakeup_endpoint bus op so we can kick the endpoint when needed.

With this patch applied the emulated hid devices are working correctly
when hooked up to xhci.  usb-tabled without polling, yay!

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 12:16:31 +01:00
Gerd Hoffmann
8c735e431d xhci: remote wakeup support
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 12:16:31 +01:00
Gerd Hoffmann
b819d7169a xhci: kill port arg from xhci_setup_packet
Unused argument, remove it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 12:16:31 +01:00
Gerd Hoffmann
3c4866e07e xhci: stop on errors
When some error happened we'll have to stop processing the endpoint.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 12:16:30 +01:00
Gerd Hoffmann
f10de44e7e xhci: add trb type name lookup support.
When logging TRBs add a the type name for more readable debug output.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 12:16:30 +01:00
Gerd Hoffmann
606352b735 xhci: signal low- and fullspeed support
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 12:16:30 +01:00
Gerd Hoffmann
37f32f0fdd usb: add USBBusOps->wakeup_endpoint
Add usb bus op which is called whenever a usb endpoint becomes ready,
so the host adapter emulation can react on that event.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 12:16:30 +01:00
Gerd Hoffmann
7567b51fbe usb: pass USBEndpoint to usb_wakeup
Devices must specify which endpoint has data to transfer now.
The plan is to use the usb_wakeup() not only for remove wakeup support,
but for "data ready" signaling in general, so we can move away from
constant polling to event driven usb device emulation.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 12:16:30 +01:00
Gerd Hoffmann
db4be873d3 usb: maintain async packet list per endpoint
Maintain a list of async packets per endpoint.  With the current code
the list will never receive more than a single item.  I think you can
guess what the future plan is though ;)

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 12:16:18 +01:00
Luiz Capitulino
6f79e06b35 virtio: Remove unneeded g_free() check in virtio_cleanup()
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-02-10 10:44:52 +00:00
Stefan Weil
31de83140d fmopl: Fix typo in function name
Fix a typo in a local function name.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-02-10 10:44:52 +00:00
Hervé Poussineau
cb67be85a6 ide: fix compilation errors when DEBUG_IDE is set
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-02-10 10:44:52 +00:00
Gerd Hoffmann
079d0b7f1e usb: Set USBEndpoint in usb_packet_setup().
With the separation of the device lookup (via usb_find_device) and
packet processing we can lookup device and endpoint before setting up
the usb packet.  So we can initialize USBPacket->ep early and keep it
valid for the whole lifecycle of the USBPacket.  Also the devaddr and
devep fields are not needed any more.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:31:57 +01:00
Gerd Hoffmann
63095ab54c usb: add USBEndpoint->{nr,pid}
Add a "nr" and "pid" fields to USBEndpoint so you can easily figure the
endpoint number and direction of any given endpoint.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:31:57 +01:00
Gerd Hoffmann
f53c398aa6 usb: USBPacket: add status, rename owner -> ep
Add enum to track the status of USBPackets, use that instead of the
owner pointer to figure whenever a usb packet is currently in flight
or not.  Add some more packet status sanity checks.  Also rename the
USBEndpoint pointer from "owner" to "ep".

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:31:57 +01:00
Gerd Hoffmann
1977f93dac usb: fold usb_generic_handle_packet into usb_handle_packet
There is no reason to have a separate usb_generic_handle_packet function
any more, fold it into usb_handle_packet().  Also call the do_token_*
functions which handle control transfer emulation for control pipe
packets only.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:31:57 +01:00
Gerd Hoffmann
7f74a56b14 usb: kill handle_packet callback
All drivers except usb-hub use usb_generic_handle_packet.  The only
reason the usb hub has its own function is that it used to be called
with packets which are intended for downstream devices.  With the new,
separate device lookup step this doesn't happen any more, so the need
for a different handle_packet callback is gone.

So we can kill the handle_packet callback and just call
usb_generic_handle_packet directly.  The special hub handling in
usb_handle_packet() can go away for the same reason.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:31:57 +01:00
Gerd Hoffmann
e74495e3ad usb-xhci: switch to usb_find_device()
Switch over xHCI to use the new usb_find_device()
function for device lookup.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:31:57 +01:00
Gerd Hoffmann
87e043f17e usb-musb: switch to usb_find_device()
Switch over musb to use the new usb_find_device()
function for device lookup.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:31:57 +01:00
Gerd Hoffmann
993048bb6b usb-ohci: switch to usb_find_device()
Switch over OHCI to use the new usb_find_device()
function for device lookup.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:31:57 +01:00
Gerd Hoffmann
828143c621 usb-ehci: switch to usb_find_device()
Switch over EHCI to use the new usb_find_device()
function for device lookup.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:31:57 +01:00
Gerd Hoffmann
461700c1dc usb-uhci: switch to usb_find_device()
Switch over UHCI to use the new usb_find_device()
function for device lookup.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:31:57 +01:00
Gerd Hoffmann
98861f512b usb: handle dev == NULL in usb_handle_packet()
Allow passing in a NULL pointer, return USB_RET_NODEV in that case.
Removes the burden to to a NULL pointer check from the callers.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:31:57 +01:00
Gerd Hoffmann
06c750888c usb-hub: implement find_device
Implement the find_device callback for the usb hub.  It'll loop over all
ports, calling usb_find_device for all enabled ports until it finds a
matching device.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:31:57 +01:00
Gerd Hoffmann
73796fe622 usb: add usb_find_device()
Add usb_find_device().  This function will check whenever a device with
a specific address is connected to the specified port.  Usually this
will just check state and address of the device hooked up to the port,
but in case of a hub it will ask the hub to check all hub ports for a
matching device.

This patch doesn't put the code into use yet, see the following patches
for details.

The master plan is to separate device lookup and packet processing.
Right now the usb code simply walks all devices, calls
usb_handle_packet() on each until one accepts the packet (by returning
something different that USB_RET_NODEV).  I want to have a device lookup
first, then call usb_handle_packet() once, for the device which actually
processes the packet.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:31:48 +01:00
Gerd Hoffmann
70fc20d4dc usb: kill usb_send_msg
No users left.  Zap it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:12:04 +01:00
Gerd Hoffmann
d28f4e2d86 usb: kill USB_MSG_RESET
The USB subsystem pipes internal reset notifications through
usb_handle_packet() with a special magic PID.  This indirection
is a pretty pointless excercise as it ends up being handled by
usb_generic_handle_packet anyway.

Replace the USB_MSG_RESET with a usb_device_reset() function
which can be called directly.  Also rename the existing usb_reset()
function to usb_port_reset() to avoid confusion.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:12:04 +01:00
Gerd Hoffmann
d1f8b53618 usb: kill USB_MSG_{ATTACH,DETACH}
The USB subsystem pipes internal attach/detach notifications through
usb_handle_packet() with a special magic PID.  This indirection is a
pretty pointless excercise as it ends up being handled by
usb_generic_handle_packet anyway.  Remove it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:12:04 +01:00
Hans de Goede
f76e1d8142 usb-ehci: Clear the portstatus powner bit on device disconnect
According to the EHCI spec port ownership should revert to the EHCI controller
on device disconnect. This fixes the problem of a port getting stuck on USB 1
when using redirection and plugging in a USB 2 device after a USB 1 device
has been redirected.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:12:04 +01:00
Gerd Hoffmann
3200d1085d usb-uhci: implement bandwidth management
The OS is allowed to make the UHCI Controller run in circles.  That is
usually done to serve multiple connected USB devices in a robin-round
fashion, so the available USB bandwidth is evenly distributed between
devices.

The uhci emulation handles this in a very poor way though.  When it
figures it runs in circles it stops processing unconditionally, so
it usually processes at most a single transfer desriptor per queue,
even if there are multiple transfer descriptors are queued up.

This patch makes uhci act in a more sophisticated way.  It keeps track
of successful processed transfer descriptors and transfered bytes.  Then
it will stop processing when there is nothing to do (no transfer
descriptor was completed the last round) or when the transfered data
reaches the usb bandwidth limit.

Result is that the usb-storage devices connected to uhci are ten times
faster, mkfs.vfat time for a 64M stick goes down from five seconds to
a half second.  Reason for this is that we are now processing up to 20
transfer descriptors (with 64 bytes each) per frame instead of a single
one.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-10 11:11:01 +01:00
Alexander Graf
b867672884 AHCI: Masking of IRQs actually masks them
When masking IRQ lines, we should actually mask them out and not declare
them active anymore. Once we mask them in again, they are allowed to trigger
again.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-02-09 16:17:51 +01:00
Alexander Graf
c9b308d20b AHCI: Fix port reset race
bdrv_aio_cancel() can trigger bdrv_aio_flush() which makes all aio
that is currently in flight finish. So what we do is:

  port reset
  detect ncq in flight
  cancel ncq
  delete ncq sg list

at which point we have double freed the sg list. Instead, with this
patch we do:

  port reset
  detect ncq in flight
  cancel ncq
  check if we are really still in flight
  delete ncq sg list

which makes things work and gets rid of the race.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-02-09 16:17:51 +01:00
Peter Maydell
7a65c8cc31 ARM devboards: Set arm_sysctl properties before init, not after
The ARM devboard models (vexpress-a9, realview, versatilepb, etc)
were accidentally trying to set one of the arm_sysctl properties
after device init. This has now become a fatal error; set the property
before device init where it should be done instead.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-02-09 12:10:35 +00:00
Jan Kiszka
a4aecd2819 apic: Fix legacy vmstate loading for KVM
Also in case of loading pre-vmstate machines, we also need to open-code
the reading of the timer expires value and instead call the post_load
callback to apply it (or not). This fixes loading of legacy states into
the KVM APIC.

Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2012-02-08 15:57:51 -02:00
Jan Kiszka
3d4b26494f kvm: Implement kvm_irqchip_in_kernel like kvm_enabled
To both avoid that kvm_irqchip_in_kernel always has to be paired with
kvm_enabled and that the former ends up in a function call, implement it
like the latter. This means keeping the state in a global variable and
defining kvm_irqchip_in_kernel as a preprocessor macro.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2012-02-08 15:57:50 -02:00
Anthony Liguori
a642153013 Merge remote-tracking branch 'bonzini/qdev-props-for-anthony' into staging
* bonzini/qdev-props-for-anthony: (25 commits)
  qdev: remove unused fields from PropertyInfo
  qdev: initialize properties via QOM
  qdev: inline qdev_prop_set into qdev_prop_set_ptr
  qdev: access properties via QOM
  qdev: fix off-by-one
  qdev: let QOM free properties
  qdev: remove parse/print methods for pointer properties
  qdev: make the non-legacy pci address property accept an integer
  qdev: remove parse/print methods for mac properties
  qdev: remove print/parse methods from LostTickPolicy properties
  qdev: remove parse method for string properties
  qdev: allow reusing get/set for legacy property
  qdev: remove direct calls to print/parse
  qom: add property get/set wrappers for links
  qom: fix canonical paths vs. interfaces
  qom: use object_resolve_path_type for links
  qom: add object_resolve_path_type
  qom: fix off-by-one
  qom: add property get/set wrappers for C types
  qom: add QObject-based property get/set wrappers
  ...
2012-02-08 07:24:37 -06:00
Anthony Liguori
dc717bfd05 Merge remote-tracking branch 'aneesh/for-upstream' into staging
* aneesh/for-upstream:
  hw/9pfs: Remove O_NOATIME flag from 9pfs open() calls in readonly mode
  hw/9pfs: Update MAINTAINERS file
  fsdev: Fix parameter parsing for proxy helper
  hw/9pfs: Fix crash when mounting with synthfs
  hw/9pfs: Preserve S_ISGID
  hw/9pfs: Add new security model mapped-file.
2012-02-08 07:23:55 -06:00
malc
cf4dc461a4 Restore consistent formatting
Signed-off-by: malc <av1474@comtv.ru>
2012-02-07 22:11:04 +04:00
Paolo Bonzini
a3d4a1b047 qdev: remove unused fields from PropertyInfo
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-07 13:52:42 +01:00
Paolo Bonzini
4f2d3d705c qdev: initialize properties via QOM
Similarly, use the object properties also to set the default
values of the qdev properties.  This requires reordering
registration and initialization.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-07 13:52:42 +01:00
Paolo Bonzini
7a7aae21cc qdev: inline qdev_prop_set into qdev_prop_set_ptr
qdev_prop_set is not needed anymore except for hacks, simplify it and
inline it.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-07 13:52:42 +01:00
Paolo Bonzini
9b170e60ad qdev: access properties via QOM
Do not poke anymore in the struct when accessing qdev properties.
Instead, ask the object to set the right value.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-07 13:52:42 +01:00
Paolo Bonzini
6350b09046 qdev: fix off-by-one
Integer properties did not work.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-07 13:52:42 +01:00
Paolo Bonzini
dd0ba250ca qdev: let QOM free properties
Drop the special free callback.  Instead, register a "regular"
release method in the non-legacy property.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-07 13:52:42 +01:00
Paolo Bonzini
7b009e5d09 qdev: remove parse/print methods for pointer properties
Pointer properties (except for PROP_PTR of course) should not need a
legacy counterpart.  In the future, relative paths will ensure that
QEMU will support the same syntax as now for drives etc..

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-07 13:52:41 +01:00
Paolo Bonzini
b403298adb qdev: make the non-legacy pci address property accept an integer
PCI addresses are set with qdev_prop_uint32.  Thus we make the QOM
property accept a device and function encoded in an 8-bit integer,
instead of the magic dd.f hex string.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-07 13:52:41 +01:00
Paolo Bonzini
e39e5d60c9 qdev: remove parse/print methods for mac properties
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-07 13:52:41 +01:00
Paolo Bonzini
1ce0512557 qdev: remove print/parse methods from LostTickPolicy properties
Also generalize the code so that we can have more enum properties
in the future.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-07 13:52:41 +01:00
Paolo Bonzini
acbac4a1dc qdev: remove parse method for string properties
We need the print method to put double quotes, but parsing is not special.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-07 13:52:41 +01:00
Paolo Bonzini
68ee356941 qdev: allow reusing get/set for legacy property
In some cases, a legacy property does need a special print method
but not a special parse method.  In this case, we can reuse the get/set
from the static (non-legacy) property.

If neither parse nor print is needed, though, do not register the
legacy property at all.  The previous patch ensures that the right
fallback will be used.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-07 13:52:41 +01:00
Paolo Bonzini
d822979bdf qdev: remove direct calls to print/parse
There's no need to call into ->parse and ->print manually.  The
QOM legacy properties do that for us.

Furthermore, in some cases legacy and static properties have exactly
the same behavior, and we could drop the legacy properties right away.
Add an appropriate fallback to prepare for this.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-02-07 13:52:41 +01:00
Anthony Liguori
e87f7fc679 s390x: fix qom-ification fall-out
Tested-by: Andreas Faerber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-06 11:16:20 -06:00
Jan Kiszka
4cafe60604 KVM: Fix breakages of QOM conversion
KVM APIC and PIC require instance sizes.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-06 10:17:20 -06:00
Blue Swirl
47c012e21c vga: improve documentation
Add links to chipset docs and FreeVGA site.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-02-04 12:45:10 +00:00
Blue Swirl
5e55efc9e7 vga: use constants from vga.h
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-02-04 12:45:10 +00:00
Blue Swirl
0dad6c35fc vga.h: remove unused stuff and reformat
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-02-04 12:45:10 +00:00
Blue Swirl
b134886a9e Add vga.h unmodified from Linux
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-02-04 12:45:10 +00:00
Blue Swirl
94d7b48334 vga: move Cirrus VGA template to its own file
Standard VGA does not use vga_draw_cursor_line_* functions.
Move the template to cirrus_vga_template.h.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-02-04 12:45:10 +00:00
Blue Swirl
cd7a45c95e memory: change dirty getting API to take a size
Instead of each device knowing or guessing the guest page size,
just pass the desired size of dirtied memory area.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-02-04 12:45:10 +00:00
Anthony Liguori
8b45d447ce container: make a decendent of Object
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
v1 -> v2
 - Add license (Paolo)
2012-02-03 10:41:08 -06:00
Anthony Liguori
d03d6b4e5c info qdm: do not require a parent_bus to be set
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:08 -06:00
Anthony Liguori
60adba3769 qdev: implement cleanup logic in finalize
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:08 -06:00
Anthony Liguori
57c9fafe0f qom: move properties from qdev to object
This is mostly code movement although not entirely.  This makes properties part
of the Object base class which means that we can now start using Object in a
meaningful way outside of qdev.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:08 -06:00
Anthony Liguori
0beb494207 qdev: nuke qdev_init_chardev()
I'm sure the intentions were good here, but there's no reason this should be in
qdev.  Move it to qemu-char where it belongs.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:08 -06:00
Anthony Liguori
ee46d8a503 qdev: split out UI portions into a new function
qdev-monitor.c deals with the -device, device_add, and info qdm/qtree
interfaces.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:08 -06:00
Anthony Liguori
9fbe61277f qdev: refactor away qdev_create_from_info
Note that the FIXME gets fixed in series 4/4.  We need to convert BusState to
QOM before we can make parent_bus a link.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:08 -06:00
Anthony Liguori
9674bfe420 qdev: split out common init to instance_init
This gets us closer to being able to object_new() a qdev type and have a
functioning object verses having to call qdev_create().

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:08 -06:00
Anthony Liguori
6acbe4c6f1 qdev: remove baked in notion of aliases (v2)
Limit them to the device_add functionality.  Device aliases were a hack based
on the fact that virtio was modeled the wrong way.  The mechanism for aliasing
is very limited in that only one alias can exist for any device.

We have to support it for the purposes of compatibility but we only need to
support it in device_add so restrict it to that piece of code.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
v1 -> v2
 - Use a table for aliases (Paolo)
2012-02-03 10:41:07 -06:00
Anthony Liguori
d307af795d qdev: kill off DeviceInfo
It is no longer used in the tree since everything is done natively through
QEMU Object Model.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:06 -06:00
Anthony Liguori
39bffca203 qdev: register all types natively through QEMU Object Model
This was done in a mostly automated fashion.  I did it in three steps and then
rebased it into a single step which avoids repeatedly touching every file in
the tree.

The first step was a sed-based addition of the parent type to the subclass
registration functions.

The second step was another sed-based removal of subclass registration functions
while also adding virtual functions from the base class into a class_init
function as appropriate.

Finally, a python script was used to convert the DeviceInfo structures and
qdev_register_subclass functions to TypeInfo structures, class_init functions,
and type_register_static calls.

We are almost fully converted to QOM after this commit.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:06 -06:00
Anthony Liguori
212ad11168 qdev: kill off DeviceInfo list
Teach the various bits of code that need to walk through available devices to
do so via QOM.

Signed-off-by: Anthony Liguori
2012-02-03 10:41:06 -06:00
Anthony Liguori
18b6dade8c qdev: refactor device creation to allow bus_info to be set only in class
As we use class_init to set class members, DeviceInfo no longer holds this
information.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:05 -06:00
Anthony Liguori
d253e09619 qdev: allow classes to overload qdev functions
This allows us to drop per-Device registration functions by allowing the
class_init functions to overload qdev methods.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:05 -06:00
Anthony Liguori
6e008585eb qdev: remove info from class
Now DeviceInfo is no longer used after object construction.  All of the
relevant members have been moved to DeviceClass.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:05 -06:00
Anthony Liguori
4be9f0d11c qdev: make DeviceInfo private
Introduce accessors and remove any code that directly accesses DeviceInfo
members.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:04 -06:00
Anthony Liguori
ba02430f1a usb: separate out legacy usb registration from type registration
Type registeration is going to get turned into a QOM call so decouple the
legacy support.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:03 -06:00
Anthony Liguori
7f595609b4 usb-hid: simplify class initialization a bit
We can probably model USBHidDevice as a base class to get even better code
sharing but for now, just use a common function to initialize the common class
members.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-03 10:41:03 -06:00
Gerhard Wiesinger
069ab0eb8a hw/vmmouse.c: Disable vmmouse after reboot
Bugfix after reboot when vmmouse was enabled and another OS which uses e.g. PS/2
mouse.

Details:
When a guest activated the vmmouse followed by a reboot the vmmouse was still
enabled and the PS/2 mouse was therefore unsusable. When another guest is then
booted without vmmouse support (e.g. PS/2 mouse) the mouse is not working.

Reason is that VMMouse has priority and disables all other mouse entities
and therefore must be disabled on reset.

Testscenario:
1.) Boot e.g. OS with VMMouse support (e.g. Windows with VMMouse tools)
2.) reboot
3.) Boot e.g. OS without VMMouse support (e.g. DOS) => PS/2 mouse doesn't work
     any more. Fixes that issue.

Testscenario 2 by Jan Kiszka <jan.kiszka@siemens.com>:
Confirm that this patch fixes a real issue. Setup: qemu.git,
opensuse 11.4 guest, SDL graphic, system_reset while guest is using the
vmmouse. Without the patch, the vmmouse become unusable after the
reboot. Also, the mouse stays in absolute mode even before X starts again.

Fixed by:
Disabling the vmmouse in its reset handler.

Tested-by: Andreas F=E4rber <afaerber@suse.de>
Signed-off-by: Gerhard Wiesinger <lists@wiesinger.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-01 16:24:38 -06:00
Jan Kiszka
433acf0dac mc146818rtc: Use lost_tick_policy property
Allow to configure the MC146818 RTC via the new lost tick policy
property and replace rtc_td_hack with this mechanism.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-01 14:45:01 -06:00
Jan Kiszka
4e4fa398db qdev: Introduce lost tick policy property
Potentially tick-generating timer devices will gain a common property:
lock_tick_policy. It allows to encode 4 different ways how to deal with
tick events the guest did not process in time:

discard - ignore lost ticks (e.g. if the guest compensates for them
          already)
delay   - replay all lost ticks in a row once the guest accepts them
          again
merge   - if multiple ticks are lost, all of them are merged into one
          which is replayed once the guest accepts it again
slew    - lost ticks are gradually replayed at a higher frequency than
          the original tick

Not all timer device will need to support all modes. However, all need
to accept the configuration via this common property.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-01 14:45:01 -06:00
Paolo Bonzini
1d84950234 m48t59: use rtc_clock for alarm timer
This lets the RTC get adjustments from the host NTP client.
The watchdog still uses the vm_clock.  The previous behavior is
available with "-rtc clock=vm".

Cc: Andreas Färber <afaerber@suse.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-01-30 19:14:59 +00:00
Fabien Chouteau
0c685d2827 GRLIB UART: Add RX channel
This patch implements the RX channel of GRLIB UART with a FIFO to
improve data rate.

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-01-30 19:13:21 +00:00
Daniel P. Berrange
eed968607d hw/9pfs: Remove O_NOATIME flag from 9pfs open() calls in readonly mode
When 2c74c2cb4b added support for
the 'readonly' flag against 9p filesystems, it also made QEMU
add the O_NOATIME flag as a side-effect.

The O_NOATIME flag, however, may only be set by the file owner,
or a user with CAP_FOWNER capability.  QEMU cannot assume that
this is the case for filesytems exported to QEMU.

eg, run QEMU as non-root, and attempt to pass the host OS
filesystem through to the guest OS with readonly enable.
The result is that the guest OS cannot open any files at
all.

If O_NOATIME is really required, it should be optionally
enabled via a separate QEMU command line flag.

 * hw/9pfs/virtio-9p.c: Remove O_NOATIME

Acked-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-30 10:54:17 +05:30
Aneesh Kumar K.V
71f86cd6f3 hw/9pfs: Fix crash when mounting with synthfs
Some Fsdriver backend don't have fs_root. So check for that in
migrate message.

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-30 10:54:16 +05:30
M. Mohan Kumar
2d40564aaa hw/9pfs: Preserve S_ISGID
In passthrough security model in local fs driver, after a file creation
chown and chmod are done to set the file credentials and mode as requested
by 9p client. But if there was a request to create a file with S_ISGID
bit, doing chown on that file resets the S_ISGID bit. So first call
chown and then invoking chmod with proper mode bit retains the S_ISGID
(if present/requested)

This resulted in LTP mknod02, mknod03, mknod05, open10 test case
failures. This patch fixes this issue.

man 2 chown
When the owner or group of an executable file are changed by an unprivileged
user the S_ISUID  and  S_ISGID mode  bits are cleared.  POSIX does not specify
whether this also should happen when root does the chown(); the Linux behavior
depends on the kernel version.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-30 10:54:16 +05:30
Andreas Färber
0f36036c5c unin_pci: Fix typos in device names
Commit 999e12bbe8 (sysbus: apic: ioapic:
convert to QEMU Object Model) introduced two typos, one of which broke
the mac99 machine.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 14:55:36 -06:00
Anthony Liguori
7309335441 qdev: change ambiguous qdev names
Reported-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:55 -06:00
Anthony Liguori
19b6914a00 virtio-s390: convert to QEMU Object Model
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:55 -06:00
Anthony Liguori
999e12bbe8 sysbus: apic: ioapic: convert to QEMU Object Model
This converts three devices because apic and ioapic are subclasses of sysbus.
Converting subclasses independently of their base class is prohibitively hard.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:50 -06:00
Anthony Liguori
40021f0888 pci: convert to QEMU Object Model
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:50 -06:00
Andreas Färber
6e4ec3f9bb unin_pci: Drop unused reset handler
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-27 10:50:50 -06:00
Andreas Färber
ff452aceaf unin_pci: Drop duplicate busdev
PCIHostState already has a busdev.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-27 10:50:49 -06:00
Andreas Färber
70f9c98744 unin_pci: Clean up qdev names
Add -pcihost to SysBus devices to resolve name conflicts,
and clarify PCI vs. Internal PCI.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-27 10:50:49 -06:00
Anthony Liguori
f82e35e38c virtio-serial: convert to QEMU Object Model
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:49 -06:00
Anthony Liguori
3954d33ab7 spapr: convert to QEMU Object Model (v2)
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
v1 -> v2
 - use QOM to check for the default console
2012-01-27 10:50:49 -06:00
Anthony Liguori
b9eea3e6a4 scsi: convert to QEMU Object Model
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:49 -06:00
Anthony Liguori
d148211c6d ide: convert to QEMU Object Model
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:49 -06:00
Anthony Liguori
dbaa790451 hda-codec: convert to QEMU Object Model
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:48 -06:00
Anthony Liguori
b5ea932781 i2c: smbus: convert to QEMU Object Model
This converts two types because smbus is implemented as a subclass of i2c.  It's
extremely difficult to convert these two independently.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:47 -06:00
Anthony Liguori
9e07bdf816 i2c: rename i2c_slave -> I2CSlave
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:47 -06:00
Anthony Liguori
cd6c4cf28b ssi: convert to QEMU Object Model
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:47 -06:00
Anthony Liguori
ba7c05205c ccid: convert to QEMU Object Model
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:47 -06:00
Anthony Liguori
62aed76583 usb: convert to QEMU Object Model
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:47 -06:00
Anthony Liguori
8f04ee0882 isa: pic: convert to QEMU Object Model
This converts two devices at once because PIC subclasses ISA and converting
subclasses independently is extremely hard.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:47 -06:00
Anthony Liguori
e855761ca8 qdev: prepare source tree for code conversion
These are various small stylistic changes which help make things more
consistent such that the automated conversion script can be simpler.

It's not necessary to agree or disagree with these style changes because all
of this code is going to be rewritten by the patch monkey script anyway.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:47 -06:00
Anthony Liguori
3dde52d2fe qdev: add class_init to DeviceInfo
Since we are still dynamically creating TypeInfo, we need to chain the
class_init function in order to be able to make use of it within subclasses of
TYPE_DEVICE.

This will disappear once we register TypeInfos directly.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:46 -06:00
Anthony Liguori
3cc90eb2b7 qdev: add a interface to register subclasses
In order to introduce inheritance while still using the qdev registration
interfaces, we need to be able to use a parent other than TYPE_DEVICE.  Add a
new interface that allows this.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:46 -06:00
Anthony Liguori
94afdadcb3 qdev: use a wrapper to access reset and promote reset to a class method
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:46 -06:00
Anthony Liguori
f79f2bfc6a qdev: don't access name through info
We already have a QOM interface for this so let's use it.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:39 -06:00
Anthony Liguori
30fbb9fc7c qdev: move qdev->info to class
Right now, DeviceInfo acts as the class for qdev.  In order to switch to a
proper ObjectClass derivative, we need to ween all of the callers off of
interacting directly with the info pointer.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:50:34 -06:00
Anthony Liguori
32fea4025b qdev: integrate with QEMU Object Model (v2)
This is a very shallow integration.  We register a TYPE_DEVICE but only use
QOM as basically a memory allocator.  This will make all devices show up as
QOM objects but they will all carry the TYPE_DEVICE.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
v1 -> v2
 - update for new location of object.h
2012-01-27 10:28:30 -06:00
Anthony Liguori
6fc4925bf6 pci: call reset unconditionally
Because now all PCI devices are converted to qdev.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:28:30 -06:00
Anthony Liguori
8a5faa1d3e openpic: remove dead code to make a PCI device version
bus is always NULL so the code in this if clause is dead (and therefore
untested).

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:28:30 -06:00
Anthony Liguori
d8c51b052b macio: convert to qdev
This is a "shallow", half hearted, and untested conversion.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-27 10:28:30 -06:00
Anthony Liguori
31841e463f Merge remote-tracking branch 'pmaydell/arm-devs.for-upstream' into staging
* pmaydell/arm-devs.for-upstream:
  arm: SoC model for Calxeda Highbank
  arm_boot: support board IDs more than 16 bits wide
  arm: add secondary cpu boot callbacks to arm_boot.c
  ahci: add support for non-PCI based controllers
  Add xgmac ethernet model
2012-01-27 09:00:03 -06:00
Anthony Liguori
21fe5bc678 Merge remote-tracking branch 'kwolf/for-anthony' into staging
* kwolf/for-anthony: (22 commits)
  scsi: Guard against buflen exceeding req->cmd.xfer in scsi_disk_emulate_command
  qcow: Use bdrv functions to replace file operation
  qcow: Return real error code in qcow_open
  block/vdi: Zero unused parts when allocating a new block (fix #919242)
  virtio-blk: add virtio_blk_handle_read trace event
  docs: describe live block operations
  block: add support for partial streaming
  add QERR_BASE_NOT_FOUND
  block: add bdrv_find_backing_image
  blockdev: make image streaming safe across hotplug
  qmp: add query-block-jobs
  qmp: add block_job_cancel command
  qmp: add block_job_set_speed command
  qmp: add block_stream command
  block: rate-limit streaming operations
  block: add image streaming block job
  block: add BlockJob interface for long-running operations
  block: make copy-on-read a per-request flag
  block: check bdrv_in_use() before blockdev operations
  coroutine: add co_sleep_ns() coroutine sleep function
  ...
2012-01-27 08:58:52 -06:00
Jan Kiszka
9f2a8d7ae8 pcnet: Preserve link state across device reset
A device reset does not affect the link state, only set_link does.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-01-27 06:21:01 +00:00
Jan Kiszka
b1927cf1ae e1000: Preserve link state across device reset
A device reset does not affect the link state, only set_link does.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-01-27 06:20:37 +00:00
Jan Kiszka
c455d17c09 qdev-property: Make bit property parsing stricter
By using strncasecmp, we allow for arbitrary characters after the
"on"/"off" string. Fix this by switching to strcasecmp.

Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-01-27 05:50:16 +00:00
Thomas Higdon
e2f0c49ffa scsi: Guard against buflen exceeding req->cmd.xfer in scsi_disk_emulate_command
Limit the return value (corresponding to the length of the buffer to be
DMAed back to the intiator) to the value in req->cmd.xfer, which is the
amount of data that the initiator expects. Eliminate now-duplicate code
that does this guarding in the functions for individual commands.

Without this, the SCRIPTS code in the emulated LSI device eventually
raises a DMA interrupt for a data overrun when an INQUIRY command whose
buflen exceeds req->cmd.xfer is processed. It's the responsibility of
the client to provide a request buffer and allocation length that are
large enough for the result of the command.

Signed-off-by: Thomas Higdon <thigdon@akamai.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-01-26 14:49:18 +01:00
Stefan Hajnoczi
81b6b9faef virtio-blk: add virtio_blk_handle_read trace event
There already exists a virtio_blk_handle_write trace event as well as
completion events.  Add the virtio_blk_handle_read event so it's easy to
trace virtio-blk requests for both read and write operations.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-01-26 14:49:18 +01:00
Rob Herring
2488514cef arm: SoC model for Calxeda Highbank
Adds support for Calxeda's Highbank SoC.

Signed-off-by: Rob Herring <rob.herring@calxeda.com>
Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-26 11:49:09 +00:00
Peter Maydell
f8414cb5c8 arm_boot: support board IDs more than 16 bits wide
Support passing a board ID value to the kernel in r1
that is more than 16 bits wide. This is needed to pass
the '-1 == invalid' value for boards which only support
device tree booting.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
2012-01-26 11:49:09 +00:00
Mark Langsdorf
9d5ba9bfbc arm: add secondary cpu boot callbacks to arm_boot.c
Create two functions, write_secondary_boot() and secondary_cpu_reset_hook(),
to allow platforms more control of how secondary CPUs are brought up. The
new functions default to NULL and aren't called unless they are populated
so there are no changes to existing platform models.

Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-26 11:43:48 +00:00
Rob Herring
d9fa31a3e2 ahci: add support for non-PCI based controllers
Add support for ahci on sysbus.

Signed-off-by: Rob Herring <rob.herring@calxeda.com>
Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-26 11:43:47 +00:00
Rob Herring
4c0e167c9d Add xgmac ethernet model
This adds very basic support for the xgmac ethernet core. Missing things
include:

- statistics counters
- WoL support
- rx checksum offload
- chained descriptors (only linear descriptor ring)
- broadcast and multicast handling

Signed-off-by: Rob Herring <rob.herring@calxeda.com>
Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-26 11:43:47 +00:00
Blue Swirl
331636431a vga: compile cirrus_vga in hwlib
Remove target dependencies and compile Cirrus VGA in hwlib.

Address masking can be removed since memory API handles that now.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-01-25 18:32:59 +00:00
Blue Swirl
fd4aa97903 memory: change dirty setting APIs to take a size
Instead of each target knowing or guessing the guest page size,
just pass the desired size of dirtied memory area.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-01-25 18:32:47 +00:00
Anthony Liguori
5b4448d27d Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
* qemu-kvm/uq/master:
  kvm: Activate in-kernel irqchip support
  kvm: x86: Add user space part for in-kernel IOAPIC
  kvm: x86: Add user space part for in-kernel i8259
  kvm: x86: Add user space part for in-kernel APIC
  kvm: x86: Establish IRQ0 override control
  kvm: Introduce core services for in-kernel irqchip support
  memory: Introduce memory_region_init_reservation
  ioapic: Factor out base class for KVM reuse
  ioapic: Drop post-load irr initialization
  i8259: Factor out base class for KVM reuse
  i8259: Completely privatize PicState
  apic: Open-code timer save/restore
  apic: Factor out base class for KVM reuse
  apic: Introduce apic_report_irq_delivered
  apic: Inject external NMI events via LINT1
  apic: Stop timer on reset
  kvm: Move kvmclock into hw/kvm folder
  msi: Generalize msix_supported to msi_supported
  hyper-v: initialize Hyper-V CPUID leaves.
  hyper-v: introduce Hyper-V support infrastructure.

Conflicts:
	Makefile.target

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-23 11:00:26 -06:00
Anthony Liguori
c4ccbeaca5 Merge remote-tracking branch 'afaerber/prep-up' into staging
* afaerber/prep-up:
  prep: Use i82378 PCI->ISA bridge for 'prep' machine
  prep: Add i82378 PCI-to-ISA bridge emulation
  prep: Add i82374 DMA emulation
  MAINTAINERS: Add PCI host bridge files to PReP machine
  prep: qdev'ify Raven host bridge (SysBus)
  prep_pci: Update I/O to MemoryRegion ops
  prep_pci: Simplify I/O endianness
  prep: qdev'ify Raven host bridge (PCIDevice)
  prep: Use ISA m48t59
  prep: Fix offset of BIOS MemoryRegion
2012-01-23 10:58:02 -06:00
Anthony Liguori
65f82df0d7 e1000: bounds packet size against buffer size
Otherwise we can write beyond the buffer and corrupt memory.  This is tracked
as CVE-2012-0029.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-23 07:30:43 -06:00
Blue Swirl
6618f9095c sga: fix copypasta
Fix the name of the init function.

Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-01-22 07:29:16 +00:00
Blue Swirl
3d402831de vga: make Cirrus ISA device optional
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-01-22 07:28:23 +00:00
Blue Swirl
a369da5f31 vga: improve VGA logic
Improve VGA selection logic, push check for device availabilty to vl.c.
Create the devices at board level unconditionally.

Remove now unused pci_try_create*() functions.

Make PCI VGA devices optional.

Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-01-22 07:27:06 +00:00
Andreas Färber
0ae4699694 grackle_pci: Clean up qdev names
Rename SysBus device from 'grackle' to 'grackle-pcihost' to resolve a
name conflict.

Also mark both devices as no_user.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Alexander Graf <agraf@suse.de>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:04 +01:00
Alexander Graf
88045ac555 PPC: Pseries: Check for PCI boundaries
We call pci_host_config_{read,write}_common() which perform PCI config
accesses. However they don't do all limit checking the way we expect
it to.

So let's introduce a small wrapper around them, making them behave the
way we would without touching generic code.

This patch is based on a patch by David Gibson which put this logic into
the generic code.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:02 +01:00
Benjamin Herrenschmidt
4d8d5467cd pseries: SLOF PCI flag day
Currently on the pseries machine the SLOF firmware is used normally,
but we bypass it when -kernel is specified.  Having these two

different boot paths can cause some confusion.

In particular at present we need to "probe" the (emulated) PCI bus and
produce device tree nodes for the PCI devices in qemu, for the -kernel
case.  In the SLOF case, it takes the device tree from qemu adds some
stuff to it then passes it on to the kernel.

It's been decided that a better approach is to always boot through
SLOF, even when using -kernel.  WIth this approach we can leave PCI
probing and device node creation to SLOF in all cases which removes a
bunch of code in qemu, and avoids iterating the PCI devices from the
machine specific init code which we're not supposed to do.

This patch changes qemu to always boot through SLOF, and not to create
PCI nodes.  Simultaneously it updates the included version of SLOF
(submodule and binary image) to one which supports (and requires) the
new approach.

The new SLOF version also includes a number of unrelated enhancements:
support for booting from virtio-pci devices and e1000, greatly
improved FCode support and many bugfixes.  It also makes SLOF ready to
be used even when specifying a kernel on the qemu command line.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:02 +01:00
David Gibson
c9c3c80af7 pseries: Use correct dispatcher for PCI config space accesses
The pseries machine expects a para-virtualized guest and so supplies RTAS
functions (via a hypercall) for performing PCI config space access.
Currently the implementation of these calls into
pci_default_{read,write}_config().  However this would be incorrect for
any PCI device which overrides the default config read/write functions.
AFAICT there's only one such device today, but we should still get it
right.  In addition the pci_host_config_{read,write}_common() functions
which do correctly do this dispatch, perform bounds checking on the config
space address, lack of which currently leads to an exploitable bug.

This patch corrects the problem.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:02 +01:00
Benjamin Herrenschmidt
3f7565c957 pseries: Support PCI extended config space in RTAS calls
On the pseries machine (which expexts a paravirtualized guest), guest
access to PCI config space is via host-provided RTAS functions.  This
patch extends these RTAS functions to permit access to PCI extended
config space, as specified in PAPR.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:02 +01:00
David Gibson
964455f39e Correct types in bmdma_addr_{read,write}
Back when I made patches introducing dma_addr_t and various PCI DMA
wrapper functions, I made a mistake.  The bmdma_addr_{read,write} functions
need to take target_phys_addr_t not dma_addr_t, since they are assigned
to MemoryRegionOps callbacks.

This patch corrects my error.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:01 +01:00
Benjamin Herrenschmidt
17df768c1e load_image_targphys() should enforce the max size
load_image_targphys() gets passed a max size for the file, but doesn't
enforce it at all. Add a check and return -1 (error) if the file is
too big, without loading it.  Fix the bracing style in the function
while we're at it.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:01 +01:00
Alexander Graf
06dbfc6f88 virtio: change memcpy to guest reads
When accessing the device specific virtio config space, we memcpy
the data into a variable in QEMU. At that point we're basically
pulling host endianness into the game which is a really bad idea.

So instead, let's use the target specific load/store helpers for
memory pointers which fetch things in target endianness. The whole
array is already populated in target endianness anyways
(see virtio-blk).

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-21 05:17:01 +01:00
Benjamin Herrenschmidt
82afa58641 virtio-pci: Fix endianness of virtio config
The virtio config area in PIO space is a bit special. The initial
header is little endian but the rest (device specific) is guest
native endian.

The PIO accessors for PCI on machines that don't have native IO ports
assume that all PIO is little endian, which works fine for everything
except the above.

A complicated way to fix it would be to split the BAR into two memory
regions with different endianess settings, but this isn't practical
to do, besides, the PIO code doesn't honor region endianness anyway
(I have a patch for that too but it isn't necessary at this stage).

So I decided to go for the quick fix instead which consists of
reverting the swap in virtio-pci in selected places, hoping that when
we eventually do a "v2" of the virtio protocols, we sort that out once
and for all using a fixed endian setting for everything.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
[agraf: keep virtio in libhw and determine endianness through a
        helper function in exec.c]
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-21 05:17:01 +01:00
Alexander Graf
34ba1dc873 PPC: Bamboo: Integrate SoC instatiation, use qdev for PCI
Now that we have the SoC init function in the same file, let's integrate
it with the board initialization.

While at it, also make use of the newly qdev'ified PCI host controller.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:01 +01:00
Alexander Graf
3960b04d62 PPC: Bamboo: fold ppc440.c and ppc440_bamboo.c into a single file
The separation of ppc440 and ppc440_bamboo makes some sense, since ppc440
is the SoC while ppc440_bamboo is the actual board. But the separation
makes things harder for us for no good reason, so let's just fold them
in together with each other.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:01 +01:00
Alexander Graf
623f7c2172 PPC: 4xx: Qdevify the 440 PCI host controller
Due to popular demand, this qdevifies the PCI host controller of 4xx SoCs
the same way as e500.

We have to introduce a small stub function for pci init that will be
removed in a later patch, once we qdev'ified the board, to keep the build
working.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:01 +01:00
Alexander Graf
acd1bf9083 PPC: bamboo: fix whitespace
Tabs followed by spaces are a no-go. My editor shows it red, distracting
me from actual work! :)

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:00 +01:00
Alexander Graf
d3c4548b8e PPC: bamboo: remove old machine descriptions
Nobody needs to run bamboo in 0.12 compat mode. Remove the machine.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:00 +01:00
Alexander Graf
e5ba83c53a PPC: 440: Default to 440EP CPU
Today we're exposing a Virtex 440 CPU to the guest despite the fact
that we're telling the guest that we're running on a 440EP one in the
device tree.

So let's better default to a real 440EP to make things synced again.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:00 +01:00
Alexander Graf
d49bc1fb3e PPC: 440: Ignore invalid PCI IRQs
When running a 440 target, we currently get invalid irq_num values (-1)
which completely confuse the IRQ setting code.

This is most likely due to the missing qdev conversion.

While this shouldn't happen in the first place and should really rather
be fixed by converting the target, I dislike segfaults. So for now, let's
just print a warning and ignore invalid irq_num values.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:00 +01:00
Alexander Graf
72718e9a4a PPC: Bamboo: Set initial TLB entry
Back in the day when the bamboo target got introduced, the initial TLB was
dictated by KVM. TCG has been missing initial TLB values ever since, rendering
the target unusable for TCG usage.

This patch adds linear TLB maps the way Linux expects them, making the target
work.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:17:00 +01:00
Alexander Graf
b10a04b5ae PPC: Bamboo: Register CPU reset
To be able to support CPU reset, we need to put all register initialization
and initial state into a CPU reset hook instead of a function that is only
called once on bootup.

This is a preparation step for the initial TLB setting code and brings bamboo
more in line with what e500 and virtex already do.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:16:59 +01:00
Alexander Graf
d29d3404fc PPC: 440EP: Initialize timer
When using TCG with a BookE PowerPC core, we need to explicitly initialize
the BookE timers with the correct frequencies.

This was missing for 440EP, since that code came from KVM and was never used
with TCG.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-21 05:16:59 +01:00
Andreas Färber
506b7ddf88 prep: Use i82378 PCI->ISA bridge for 'prep' machine
Speaker I/O, ISA bus, i8259 PIC, RTC and DMA are no longer set up
individually by the machine. Effectively, no-op speaker I/O is replaced
by pcspk; PIT and i82374 DMA are introduced.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>

Remove related dead, alternative code.
Wire up PCI host bridge IRQs via GPIO-in IRQs of PCI->ISA bridge.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Cc: Alexander Graf <agraf@suse.de>
Cc: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-20 00:27:13 +01:00
Andreas Färber
a04ff94097 prep: Add i82378 PCI-to-ISA bridge emulation
Prepare Intel 82378 emulation for use by PReP platforms.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>

Create ISA bus in this device (suggested by Markus).
Rebase onto Memory API, mark memory ops as Little Endian.
Add VMState. Provide access to i8259 IRQs via qdev GPIOs.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-20 00:27:12 +01:00
Andreas Färber
23b96cdb15 prep: Add i82374 DMA emulation
Prepare Intel 82374 emulation for use by Intel 82378 PCI->ISA bridge.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>

Confine to CONFIG_I82374. Add VMState.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Reviewed-by: Alexander Graf <agraf@suse.de>
2012-01-20 00:27:12 +01:00
Andreas Färber
8ca8c7bce0 prep: qdev'ify Raven host bridge (SysBus)
Drop pci_prep_init() in favor of extended device state. Inspired by
patches from Hervé and Alex.

Assign the 4 IRQs from the board after device instantiation. This moves
the knowledge out of prep_pci and allows for future machines with
different IRQ wiring (IBM 40P). Suggested by Alex.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Reviewed-by: Alexander Graf <agraf@suse.de>
Cc: Hervé Poussineau <hpoussin@reactos.org>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>
2012-01-20 00:27:12 +01:00
Andreas Färber
7e5610ff72 prep_pci: Update I/O to MemoryRegion ops
Convert to new-style read/write callbacks.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Cc: Alexander Graf <agraf@suse.de>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Avi Kivity <avi@redhat.com>
Cc: Benoît Canet <benoit.canet@gmail.com>
2012-01-20 00:27:12 +01:00
Andreas Färber
9c95f183fb prep_pci: Simplify I/O endianness
The prep PowerPC CPU is Big Endian. An explicit byte swap therefore
effectively becomes Little Endian.

Remove explicit byte swaps and mark as Little Endian.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Reviewed-by: Alexander Graf <agraf@suse.de>
Cc: Michael S. Tsirkin <mst@redhat.com>
2012-01-20 00:27:12 +01:00
Andreas Färber
555260540d prep: qdev'ify Raven host bridge (PCIDevice)
Move initialization of vendor ID, etc. to PCIDeviceInfo.
Introduce VMState.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Reviewed-by: Alexander Graf <agraf@suse.de>
Cc: Hervé Poussineau <hpoussin@reactos.org>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>
2012-01-20 00:27:12 +01:00
Andreas Färber
48e937283a prep: Use ISA m48t59
This simplifies the code later when the i8259 moves to the i82378
PCI->ISA bridge and happens to fix a SysBus m48t59 io_base issue
introduced by commit 0fb56ffc5e (m48t59:
drop obsolete address base arithmetic). Suggested by Hervé and Jan.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Cc: Hervé Poussineau <hpoussin@reactos.org>
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Cc: Blue Swirl <blauwirbel@gmail.com>
2012-01-20 00:27:12 +01:00
Andreas Färber
809680c017 prep: Fix offset of BIOS MemoryRegion
Since 0c90c52fab (ppc_prep: convert to memory
API) OHW was "Trying to execute code outside RAM or ROM at 0xfff00700".

The BIOS MemoryRegion is created with a fixed size of 1 MiB.
Ensure that the full size can be accessed since the exception
vectors are located at 0xfff00000 and the BIOS may want to use them.

It thereby no longer depends on the actual BIOS binary size.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Avi Kivity <avi@redhat.com>
Cc: Alexander Graf <agraf@suse.de>
2012-01-20 00:27:12 +01:00
Anthony Liguori
515689235c Merge remote-tracking branch 'spice/spice.v47' into staging
* spice/spice.v47:
  qxl: Slot sanity check in qxl_phys2virt() is off by one, fix
2012-01-19 12:51:02 -06:00
Anthony Liguori
a75e6678fe Merge remote-tracking branch 'stefanha/trivial-patches' into staging
* stefanha/trivial-patches:
  Makefile: Remove generated headers on clean
  Makefile: Exclude tests/Makefile in unconfigured tree
  lm32: Fix mixup of uint32 and uint32_t
  tests: Silence gtester in Makefile
  qemu-tool: Fix mixup of int64 and int64_t
2012-01-19 09:23:59 -06:00
Anthony Liguori
5414b32542 Merge remote-tracking branch 'pmaydell/arm-devs.for-upstream' into staging
* pmaydell/arm-devs.for-upstream:
  arm: make the number of GIC interrupts configurable
  hw/lan9118: Add save/load support
  arm: Remove incorrect comment in arm_timer
  vexpress, realview: Add (dummy) L2 cache controller
2012-01-19 09:19:44 -06:00
Anthony Liguori
9ca2140ab1 Merge remote-tracking branch 'kraxel/usb.37' into staging
* kraxel/usb.37:
  usb-redir: Improve some debugging messages
  usb-redir: Try to keep our buffer size near the target size
  usb-redir: Pre-fill our isoc input buffer before sending pkts to the host
  usb-redir: Dynamically adjust iso buffering size based on ep interval
  usb-redir: Clear iso / irq error when stopping the stream
  usb: link packets to endpoints not devices
  usb: add max_packet_size to USBEndpoint
  usb/debug: add usb_ep_dump
  usb-desc: USBEndpoint support
  usb: add ifnum to USBEndpoint
  usb: add USBEndpoint
  xhci: Initial xHCI implementation
  usb: add audio device model
  usb-desc: audio endpoint support
  usb: track altsetting in USBDevice
  usb: track configuration and interface count in USBDevice.
  usb-host: rip out legacy procfs support
2012-01-19 08:34:38 -06:00
Jan Kiszka
a39c1d47ac kvm: x86: Add user space part for in-kernel IOAPIC
This introduces the KVM-accelerated IOAPIC model 'kvm-ioapic' and
extends the IRQ routing setup by the 0->2 redirection when needed.

The kvm-ioapic model has a property that allows to define its GSI base
for injecting interrupts into the kernel model. This will allow to
disentangle PIC and IOAPIC pins for chipsets that support more
sophisticated IRQ routes than the PIIX3. So far the base is kept at 0,
i.e. PIC and IOAPIC share pins 0..15.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:42 +01:00
Jan Kiszka
10b6188275 kvm: x86: Add user space part for in-kernel i8259
Introduce the alternative 'kvm-i8259' device model that exploits KVM
in-kernel acceleration.

The PIIX3 initialization code is furthermore extended by KVM specific
IRQ route setup. GSI injection differs in KVM mode from the user space
model. As we can dispatch ISA-range IRQs to both IOAPIC and PIC inside
the kernel, we do not need to inject them separately. This is reflected
by a KVM-specific GSI handler.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:42 +01:00
Jan Kiszka
680c1c6fd7 kvm: x86: Add user space part for in-kernel APIC
This introduces the alternative APIC device which makes use of KVM's
in-kernel device model. External NMI injection via LINT1 is emulated by
checking the current state of the in-kernel APIC, only injecting a NMI
into the VCPU if LINT1 is unmasked and configured to DM_NMI.

MSI is not yet supported, so we disable this when the in-kernel model is
in use.

CC: Lai Jiangshan <laijs@cn.fujitsu.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:42 +01:00
Jan Kiszka
9b5b76d449 kvm: x86: Establish IRQ0 override control
KVM is forced to disable the IRQ0 override when we run with in-kernel
irqchip but without IRQ routing support of the kernel. Set the fwcfg
value correspondingly. This aligns us with qemu-kvm.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:42 +01:00
Jan Kiszka
244ac3af23 ioapic: Factor out base class for KVM reuse
Split up the IOAPIC analogously to APIC and i8259. KVM will share the
IOAPICCommonState, the vmstate, reset logic and certain init parts with
the user space model.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:41 +01:00
Jan Kiszka
ac791b8814 ioapic: Drop post-load irr initialization
As all devices undergo a reset prior to vmloa, and the reset value of
irr is 0, we do not need to do this clearing for older vmstates
explicitly. Dropping this redundant code will also make KVM integration
a bit simpler.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:41 +01:00
Jan Kiszka
512709f559 i8259: Factor out base class for KVM reuse
Analogously to the APIC, we will reuse some parts of the user space
i8259 model for KVM. The base class provides a common device state, the
vmstate, the property list, a reset core and some shared init bits.

This also introduces a common helper to instantiate a single i8259 chip
from the cascade-creating i8259_init function.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:40 +01:00
Jan Kiszka
9aa78c425f i8259: Completely privatize PicState
Use DeviceState instead of PicState in the public i8259 API. This is
cleaner and allows to reorganize the PIC data structures for KVM reuse.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:40 +01:00
Jan Kiszka
7a380ca350 apic: Open-code timer save/restore
To enable migration between accelerated and non-accelerated APIC models,
we will need to handle the timer saving and restoring specially and can
no longer rely on the automatics of VMSTATE_TIMER. Specifically,
accelerated model will not start any QEMUTimer.

This patch therefore factors out the generic bits into apic_next_timer
and use a post-load callback to implemented model-specific logic.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:40 +01:00
Jan Kiszka
dae0168528 apic: Factor out base class for KVM reuse
The KVM in-kernel APIC model will reuse parts of the user space model
while providing the same frontend view to guest and most management
interfaces.

Factor out an APIC base class to encapsulate those parts that will be
shared by user space and KVM model. This class offers callback hooks for
init, base/tpr setting, and the external NMI delivery that will be
set via APICCommonInfo structure and implemented specifically in the
subclasses.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:40 +01:00
Jan Kiszka
343270ea87 apic: Introduce apic_report_irq_delivered
The in-kernel i8259 and IOAPIC backends for KVM will need this, so
encapsulate the shared bits.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:40 +01:00
Jan Kiszka
02c091953c apic: Inject external NMI events via LINT1
On real hardware, NMI button events are injected via the LINT1 line of
the APICs. E.g. kdump expect this wiring and gets upset if the per-APIC
LINT1 mask is not respected, i.e. if NMIs are injected to VCPUs that
should not receive them. Change the APIC emulation code to reflect this.

Based on qemu-kvm patch by Lai Jiangshan.

CC: Lai Jiangshan <laijs@cn.fujitsu.com>
Reported-by: Kenji Kaneshige <kaneshige.kenji@jp.fujitsu.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:40 +01:00
Jan Kiszka
ab388a9814 apic: Stop timer on reset
All LVTs are masked on reset, so the timer becomes ineffective. Letting
it tick nevertheless is harmless, but will at least create a spurious
trace event.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:39 +01:00
Jan Kiszka
3b9a6ee50e kvm: Move kvmclock into hw/kvm folder
More KVM-specific devices will come, so let's start with moving the
kvmclock into a dedicated folder.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:39 +01:00
Jan Kiszka
60ba3cc231 msi: Generalize msix_supported to msi_supported
Rename msix_supported to msi_supported and control MSI and MSI-X
activation this way. That was likely to original intention for this
flag, but MSI support came after MSI-X.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-19 12:14:39 +01:00
Andreas Färber
0f3c3cc950 lm32: Fix mixup of uint32 and uint32_t
Commit d23948b15a (lm32: add Milkymist
VGAFB support) introduced a stray usage of the softfloat uint32 type.

Use uint32_t instead.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Michael Walle <michael@walle.cc>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-01-19 08:16:41 +00:00
Aneesh Kumar K.V
2c30dd744a hw/9pfs: Add new security model mapped-file.
This enable us to do passthrough equivalent security model on NFS directory.
NFS server mostly do root squashing and don't support xattr. Hence we cannot
use 'passthrough' or 'mapped' security model

Also added "mapped-xattr" security to indicate earlier "mapped" security model
Older name is still supported.

POSIX rules regarding ctime update on chmod are not followed by this security model.

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-19 12:21:11 +05:30
Markus Armbruster
6b7332eb40 qxl: Slot sanity check in qxl_phys2virt() is off by one, fix
Spotted by Coverity.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-17 16:30:57 +01:00
Mark Langsdorf
a32134aad8 arm: make the number of GIC interrupts configurable
Increase the maximum number of GIC interrupts for a9mp and a11mp to 1020,
and create a configurable property for each defaulting to 96 and 64
(respectively) so that device modelers can set the value appropriately
for their SoC. Other ARM processors also set their maximum number of
used IRQs appropriately.

Set the maximum theoretical number of GIC interrupts to 1020 and
update the save/restore code to only use the appropriate number for
each SoC.

Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
[Peter Maydell: fixed minor whitespace snafu]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-17 10:54:07 +00:00
Peter Maydell
b09da0c335 hw/lan9118: Add save/load support
Implement save/load for the LAN9118.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
2012-01-17 10:54:07 +00:00
Mark Langsdorf
100cf55ff9 arm: Remove incorrect comment in arm_timer
The current comment says that the arm_timers are restricted to between
32 KHz and 1 MHz, but sp804 TRM does not specify those limits.

Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-17 10:54:07 +00:00
Peter Maydell
5a15758874 vexpress, realview: Add (dummy) L2 cache controller
Instantiate the L2 cache controller on the ARM devboards which have one,
since we have a dummy model of it now. Note that the only non-MP board
with an L2x0 is the PB1176, which we don't model.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-17 10:54:07 +00:00
Gerd Hoffmann
25d5de7d81 usb: link packets to endpoints not devices
Add USBEndpoint for the control endpoint to USBDevices.  Link async
packets to the USBEndpoint instead of the USBDevice.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-17 09:44:50 +01:00
Gerd Hoffmann
f003397ce9 usb: add max_packet_size to USBEndpoint
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-17 09:44:50 +01:00
Gerd Hoffmann
5b6780d045 usb/debug: add usb_ep_dump
Add function to dump endpoint data, for debugging purposes.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-17 09:44:50 +01:00
Gerd Hoffmann
83a53bbcda usb-desc: USBEndpoint support
Initialize USBEndpoint structs from USBDesc* data.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-17 09:44:50 +01:00
Gerd Hoffmann
82f02fe965 usb: add ifnum to USBEndpoint
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-17 09:44:50 +01:00
Gerd Hoffmann
d8e17efdec usb: add USBEndpoint
Start maintaining endpoint state at USBDevice level.  Add USBEndpoint
struct and some helper functions to deal with it.  For now it contains
the endpoint type only.  Moved over some bits from usb-linux.c

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-17 09:44:50 +01:00
Hector Martin
62c6ae04cf xhci: Initial xHCI implementation
Based on the implementation from Hector Martin <hector@marcansoft.com>

Hectors's implementation completely sidestepped the qemu usb system and
used libusb directly for usb device pass through.  So I've ripped out
the libusb bits (or left them in disabled, as reference for further
coding) and hooked up the qemu subsystem instead.  That work is not
complete yet though, partly due to limitations of the qemu usb
subsystem.  Nevertheless I think it is better to continue development
in-tree, especially as the qemu usb bits need a bunch of improvements
too for decent usb 3.0 support.

Current state:
  - usb-storage emulation should work ok.
  - Devices which need constant polling (HID emulation like usb-tablet)
    are known to not work.
  - ISO xfers are not implemented yet.
  - superspeed ports are not implemented yet.
  - usb pass-through is completely untested so far.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-17 09:44:32 +01:00
Andrzej Zaborowski
8c4ec5c026 pxa2xx_keypad: fix unbalanced parenthesis.
Breakage introduced by me when ammending a previous patch, sorry.
2012-01-17 02:14:42 +01:00
Evgeny Voevodin
078758d074 hw/arm_boot.c: Make SMP boards specify address to poll in bootup loop
The secondary CPU bootloader in arm_boot.c holds secondary CPUs in a
pen until the primary CPU releases them. Make boards specify the
address to be polled to determine whether to leave the pen (it was
previously hardcoded to 0x10000030, which is a Versatile Express/
Realview specific system register address).

Signed-off-by: Evgeny Voevodin <e.voevodin@samsung.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2012-01-17 02:08:22 +01:00
Evgeny Voevodin
ea0e68411e hw/sysbus.h: Increase maximum number of device IRQs.
Samsung exynos4210 Interrupt Combiner needs 512 IRQ sources.

Signed-off-by: Evgeny Voevodin <e.voevodin@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2012-01-17 02:08:19 +01:00
Vasily Khoruzhick
753a97c6b4 pxa2xx_keypad: make single automatic scans work
u-boot uses single automatic scans and polling in
pxa2xx_keypad driver, so clear KPC_AS bit immediately
and update keys state even if KPC_AS and KPC_ASACT are
cleared.

Signed-off-by: Vasily Khoruzhick <anarsoul@gmail.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2012-01-17 01:48:47 +01:00
Vasily Khoruzhick
7ab3aedfe3 pxa2xx_lcd: fix palette parser
Pallete entry size for 16bpp format is 2 bytes, not 4

Signed-off-by: Vasily Khoruzhick <anarsoul@gmail.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2012-01-17 01:40:18 +01:00
Jan Kiszka
ddcada7889 isapc: Fix segfault during initialization
Obviously, linking the RTC device state to the PIIX does not belong into
the common path that is shared with the isapc.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2012-01-15 17:23:09 +01:00
Paolo Bonzini
6b620ca3b0 prepare for future GPLv2+ relicensing
All files under GPLv2 will get GPLv2+ changes starting tomorrow.
event_notifier.c and exec-obsolete.h were only ever touched by Red Hat
employees and can be relicensed now.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-13 10:55:56 -06:00
Amit Shah
a10348c3ad virtio-console: no need to remove char handlers explicitly
qdev is now equipped (thanks to the last commit) to disassociate
chardevs from the qdev devices on the devices going away.  So doing it
in the virtio-console driver is not necessary.

Since that was the only thing being done in the qdev exit method, drop
it entirely.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-13 10:21:03 -06:00
Amit Shah
a87f3e8b08 qdev: Add a 'free' method to disassociate chardev from qdev device
When a device is removed, remove the association with a chardev, if any,
so that the chardev can be re-used later for other devices.

Reported-by: Qunfang Zhang <qzhang@redhat.com>
Fix-suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-13 10:21:03 -06:00
Paolo Bonzini
1ba1f2e319 virtio-blk: refuse SG_IO requests with scsi=off
QEMU does have a "scsi" option (to be used like -device
virtio-blk-pci,drive=foo,scsi=off).  However, it only
masks the feature bit, and does not reject the command
if a malicious guest disregards the feature bits and
issues a request.

Without this patch, using scsi=off does not protect you
from CVE-2011-4127.

Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-13 10:20:51 -06:00
Paolo Bonzini
701a8f76aa vmstate: extract declarations out of hw/hw.h
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-13 10:20:51 -06:00
Paolo Bonzini
49d4d9b63e ptimer: move declarations to ptimer.h
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-13 10:20:50 -06:00
Paolo Bonzini
fbc15e27f7 rtc: clear non-PF bits when reinjecting on ack
When an rtc interrupt is reinjected immediately after being acked,
other interrupts should not be reinjected, so do clear their bits.

Also, if the periodic interrupts have been disabled before acking,
do not reinject, as the guest might get very confused!

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-13 10:20:50 -06:00
Paolo Bonzini
663447d4ea rtc: raise PF bit when the periodic timer triggers but PIE=0
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-13 10:20:49 -06:00
Paolo Bonzini
eea8667360 rtc: raise AF bit when the alarm is encountered but AIE=0
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-13 10:20:49 -06:00
Paolo Bonzini
3b89eb43b6 rtc: fix 12-hour mode
Hours in 12-hour mode are in the 1-12 range, not 0-11.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-13 10:20:49 -06:00
Anthony Liguori
024a6fbdb9 qdev: fix device_del by refactoring reference counting
Commit 8eb0283 broken device_del by having too overzealous reference counting
checks.  Move the reference count checks to qdev_free(), make sure to remove
the parent link on free, and decrement the reference count on property removal.

Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-13 10:20:49 -06:00
Stefan Weil
0b0404bf84 Add 'fall through' comments to case statements without break
These comments are used by static code analysis tools and in code reviews
to avoid false warnings because of missing break statements.

The case statements handled here were reported by coverity.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-01-13 10:36:59 +00:00
Stefan Hajnoczi
3c8359d11a omap_dss: correct chip[1] index in RFBI_READ/RFBI_STATUS
The RFBI_READ/RFBI_STATUS code incorrectly uses chip[0] when it should
be using chip[1].  Andrzej Zaborowski <balrog@zabor.org> confirmed this
bug since I don't know this code well.

Reported-by: Dr David Alan Gilbert <davidagilbert@uk.ibm.com>
Reviewed-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-01-13 10:36:59 +00:00
H. Peter Anvin
b870472db5 usb: add audio device model
This brings a usb audio device to qemu.  Output only, fixed at
16bit stereo @ 480000 Hz.  Based on a patch from
H. Peter Anvin <hpa@linux.intel.com>

Usage: add '-device usb-audio' to your qemu command line.

Works sorta ok on a idle machine.  Known issues:

 * Is *very* sensitive to latencies.
 * Burns quite some CPU due to usb polling.

In short:  It brings the qemu usb emulation to its limits.  Enjoy!

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-13 10:25:44 +01:00
Gerd Hoffmann
cc5f13956c usb-desc: audio endpoint support
Add support for audio endpoints which have two more fields in the
descriptor.  Also add support for extra class specific endpoint
descriptors.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-13 10:25:44 +01:00
Gerd Hoffmann
1de14d43e2 usb: track altsetting in USBDevice
Also handle {GET,SET}_INTERFACE in common code (usb-desc.c).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-13 10:25:44 +01:00
Gerd Hoffmann
65360511a2 usb: track configuration and interface count in USBDevice.
Move fields from USBHostDevice to USBDevice.
Add bits to usb-desc.c to fill them for emulated devices too.
Also allow to set configuration 0 (== None) for emulated devices.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-13 10:25:44 +01:00
Avi Kivity
a0f426109e vga: optimize ppm_save() divisions
ppm_save() spends upwards of 50% of its time doing divisions. Replace them
with shifts.

Reviewed-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-12 10:03:28 -06:00
Lars Persson
73a511decc etraxfs-dma: Model metadata and eop
- Send EOP flags to the out channels.
- Send data descriptor metadata to the out channels.

Signed-off-by: Lars Persson <larper@axis.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-01-12 13:54:17 +01:00
Stefan Weil
9841aee16f wm8750: Fix calculation of number of array elements
Coverity says that the division by sizeof(*s->rate) might be wrong.
I think that coverity is right.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2012-01-10 18:47:06 +01:00
Stefan Weil
c7c530cd3e elf: Improve symbol lookup (optimize, fix for bsd-user)
Coverity complained about local variable key which was only partially
initiated. Only key.st_value was set. As this was also the only part
of key which was used in function symfind, the code could be optimized
by directly passing a pointer to orig_addr.

In bsd-user/elfload.c, fix ec822001a2
was missing. This was a simple replacement of > by >= in symfind, so
I fixed it here without creating an additional patch.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2012-01-10 18:40:09 +01:00
Peter Maydell
563c2bf35c hw/integratorcp: Simplify flash remap code
Use the new memory mutator API to simplify the flash remap code;
this allows us to drop the flash_mapped flag.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2012-01-10 18:40:01 +01:00
Peter Maydell
4753dea8c1 hw/integratorcp: Fix sense of REMAP bit
Fix the sense of the REMAP bit: 0 should mean "map flash",
1 should mean "map RAM".

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2012-01-10 18:39:57 +01:00
Aurelien Jarno
14763ec873 Merge branch 's390-next' of git://repo.or.cz/qemu/agraf
* 's390-next' of git://repo.or.cz/qemu/agraf:
  s390: fix cpu hotplug / cpu activity on interrupts
  s390x: add TR function for EXECUTE
  Expose drive_add on all architectures
  Add generic drive hotplugging
  Compile device-hotplug on all targets
  [S390] Add hotplug support
2012-01-10 18:24:11 +01:00
Avi Kivity
c49450b98f vhost: improve region filtering
vhost memory management doesn't care about non-memory (e.g. PIO) or non-RAM
regions.  Adjust the filtering to reflect that, and move it earlier so it
applies to mem_sections too.

Signed-off-by: Avi Kivity <avi@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
2012-01-09 14:01:39 +02:00
Avi Kivity
637f7a6a01 vhost: fix mem_sections memory corruption
A memset() used to delete an entry in an array did not take into account
the array element's size.

Signed-off-by: Avi Kivity <avi@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
2012-01-09 13:59:50 +02:00
Avi Kivity
d743c38286 vhost: fix incorrect userspace address
MemoryListener::region_add() gives us a slice of a MemoryRegion, not a
region.  Adjust the userspace address to reflect that.

Signed-off-by: Avi Kivity <avi@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
2012-01-09 13:09:40 +02:00
Aurelien Jarno
15f43ccda1 Merge branch 'ppc-next' of git://repo.or.cz/qemu/agraf
* 'ppc-next' of git://repo.or.cz/qemu/agraf:
  PPC: Add description for the Freescale e500mc core.
  pseries: Check for duplicate addresses on the spapr-vio bus
  pseries: Populate "/chosen/linux,stdout-path" in the FDT
  pseries: Add a routine to find a stable "default" vty and use it
  pseries: Emit device tree nodes in reg order
  pseries: FDT NUMA extensions to support multi-node guests
  pseries: Remove hcalls callback
  kvm-ppc: halt secondary cpus when guest reset
  console: Fix segfault on screendump without VGA adapter
  PPC: monitor: add ability to dump SLB entries
2012-01-07 22:01:57 +01:00
Stefan Weil
c27808657b sm501: Fix size of color_reg
color_reg is expected to hold 32 bit values, so it was too small.

This bug was reported by coverity:

hw/sm501.c:624:
result_independent_of_operands:
color_reg >> 16 is 0 regardless of the values of its operands.
This occurs as the bitwise first operand of '&'.

Cc: Shin-ichiro Kawasaki <kawasaki@juno.dti.ne.jp>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-01-07 21:29:26 +01:00
Stefan Weil
e9b40fd34c malta: Fix regression (i8259 interrupts did not work)
Commit 5632ae46d5 passes the address
of i8259 to qemu_irq_proxy. i8259 is an auto variable with undefined
value outside of mips_malta_init.

This made the interrupt proxy unusable: either QEMU crashes, or
the interrupt handler was not called.

Ethernet for example no longer worked with MIPS Malta.

v2:
While v1 used a static variable for i8259, this patch introduces
a qdev for the malta machine. i8259 is now part of the device status.
This is a minimal qdev implementation to keep the patch small.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-01-07 18:16:24 +01:00
Anthony Liguori
a2e4d53ec5 Merge remote-tracking branch 'stefanha/trivial-patches' into staging
* stefanha/trivial-patches:
  qemu-nbd: drop loop which can never loop
  Make python mandatory
  net/socket.c: Fix fd leak in net_socket_listen_init() error paths
  gdbstub: Fix fd leak in gdbserver_open() error path
  configure: Fix test for supported host CPU type
  configure: CONFIG_QEMU_INTERP_PREFIX only for user mode
  scsi virtio-blk usb-msd: Clean up device init error messages
  Strip trailing '\n' from error_report()'s first argument (again)
  qemu-options.hx: fix tls-channel help text
2012-01-06 12:51:21 -06:00
Peter Maydell
2afee49fc4 virtio-9p-proxy: Fix typo causing compile failure on 32 bit hosts
Fix a compile failure on 32 bit hosts (integer constant is too large
for 'unsigned long' type) by correcting a typo where the mask used
for filling in the second f_fsid word had too many 'F's in it.
Also drop the 'L' suffix that allowed this typo to go undetected on
64 bit hosts.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-01-06 12:50:44 -06:00
Markus Armbruster
6a84cb1f28 scsi virtio-blk usb-msd: Clean up device init error messages
Replace

    error_report("DEVICE-NAME: MESSAGE");

by just

    error_report("MESSAGE");

in block device init functions.

DEVICE-NAME is bogus in some cases: it's "scsi-disk" for device
scsi-hd and scsi-cd, "virtio-blk-pci" for virtio-blk-s390, and
"usb-msd" for usb-storage.

There is no real need to put a device name in the message, because
error_report() points to the offending command line option already:

$ qemu-system-x86_64 --nodefaults --enable-kvm -vnc :0 -S -monitor stdio -usb -device virtio-blk-pci
upstream-qemu: -device virtio-blk-pci: virtio-blk-pci: drive property not set
upstream-qemu: -device virtio-blk-pci: Device 'virtio-blk-pci' could not be initialized

And for a monitor command, it's obvious anyway:

$ qemu-system-x86_64 --nodefaults --enable-kvm -vnc :0 -S -monitor stdio -usb
(qemu) device_add virtio-blk-pci
virtio-blk-pci: drive property not set
Device 'virtio-blk-pci' could not be initialized

Reported-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-01-06 15:07:00 +00:00
Markus Armbruster
be62a2ebab Strip trailing '\n' from error_report()'s first argument (again)
Commit 6daf194d got rid of them, but Hans and Gerd added some more
lately.  Tracked down with this Coccinelle semantic patch:

@r@
    expression fmt;
    position p;
@@
    error_report(fmt, ...)@p
@script:python@
    fmt << r.fmt;
    p << r.p;
@@
if "\\n" in str(fmt):
    print "%s:%s:%s:%s" % (p[0].file, p[0].line, p[0].column, fmt)

Signed-off-by: Markus Armbruster <armbru@redhat.com>
2012-01-06 15:07:00 +00:00
Anthony Liguori
f40b7d113d Merge remote-tracking branch 'amit/master' into staging
* amit/master:
  virtio-console: Fix failure on unconnected pty
2012-01-06 08:15:39 -06:00
Anthony Liguori
74b728e4f3 Merge remote-tracking branch 'aneesh/for-upstream' into staging
* aneesh/for-upstream:
  hw/9pfs: Add support to use named socket for proxy FS
  hw/9pfs: man page for proxy helper
  hw/9pfs: Documentation changes related to proxy fs
  hw/9pfs: Proxy getversion
  hw/9pfs: xattr interfaces in proxy filesystem driver
  hw/9pfs: File ownership and others
  hw/9pfs: Add stat/readlink/statfs for proxy FS
  hw/9pfs: Create other filesystem objects
  hw/9pfs: Open and create files
  hw/9pfs: File system helper process for qemu 9p proxy FS
  hw/9pfs: Add new proxy filesystem driver
  hw/9pfs: Add validation to {un}marshal code
  hw/9pfs: Move pdu_marshal/unmarshal code to a seperate file
  hw/9pfs: Move opt validation to FsDriver callback
2012-01-06 08:14:28 -06:00
Anthony Liguori
f3e8275f49 Merge remote-tracking branch 'kraxel/usb.33' into staging
* kraxel/usb.33:
  usb-ohci: td.cbp incorrectly updated near page end
  usb-host: properly release port on unplug & exit
  usb-storage: cancel I/O on reset
  Fix parse of usb device description with multiple configurations
2012-01-06 08:11:41 -06:00
Andriy Gapon
fd891c9318 usb-ohci: td.cbp incorrectly updated near page end
The current code that updates the cbp value after a transfer looks like this:
td.cbp += ret;
if ((td.cbp & 0xfff) + ret > 0xfff) {
	<handle page overflow>
because the 'ret' value is effectively added twice the check may fire too early
when the overflow hasn't happened yet.

Below is one of the possible changes that correct the behavior:

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-06 12:36:14 +01:00
Gerd Hoffmann
24a5bbe1c8 usb-storage: cancel I/O on reset
When resetting the usb-storage device we'll have to carefully cancel
and clear any requests which might be in flight, otherwise we'll confuse
the state machine.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-01-06 12:36:14 +01:00
Anthony Liguori
c47f322365 Merge remote-tracking branch 'pmaydell/arm-devs.for-upstream' into staging
* pmaydell/arm-devs.for-upstream:
  add L2x0/PL310 cache controller device
  arm: add dummy gic security registers
  arm: Set frequencies for arm_timer
  arm: add missing scu registers
  hw/omap_gpmc: Fix region map/unmap when configuring prefetch engine
  hw/omap1.c: Drop unused includes
  hw/omap1.c: Separate dpll_ctl from omap_mpu_state
  hw/omap1.c: Separate PWT from omap_mpu_state
  hw/omap1.c: Separate PWL from omap_mpu_state
  hw/omap1.c: omap_mpuio_init() need not be public
  hw/pl110.c: Add post-load hook to invalidate display
  hw/pl181.c: Add save/load support
2012-01-04 10:06:25 -06:00
M. Mohan Kumar
84a87cc4cc hw/9pfs: Add support to use named socket for proxy FS
Add option to use named socket for communicating between proxy helper
and qemu proxy FS. Access to socket can be given by using command line
options -u and -g.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 21:23:55 +05:30
M. Mohan Kumar
d090e452d4 hw/9pfs: Proxy getversion
Add proxy getversion to get generation number

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:20:55 +05:30
M. Mohan Kumar
d52b09e475 hw/9pfs: xattr interfaces in proxy filesystem driver
Add xattr support for proxy FS

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:20:46 +05:30
M. Mohan Kumar
ea75fc4ec5 hw/9pfs: File ownership and others
Add file ownership interfaces like chmod/chown, utime update, rename,
remove and truncating files for proxy FS

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:19:48 +05:30
M. Mohan Kumar
b178adc3e7 hw/9pfs: Add stat/readlink/statfs for proxy FS
Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:19:39 +05:30
M. Mohan Kumar
39f8c32c3f hw/9pfs: Create other filesystem objects
Add interfaces to create filesystem objects like directory,
device nodes, symbolic links, links for proxy filesytem driver

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:18:09 +05:30
M. Mohan Kumar
daf0b9aca9 hw/9pfs: Open and create files
Add interfaces to open and create files for proxy file system driver.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:14:28 +05:30
M. Mohan Kumar
17bff52b62 hw/9pfs: File system helper process for qemu 9p proxy FS
Provide root privilege access to QEMU 9p proxy filesystem using socket
communication.

Proxy helper is started by root user as:
~ # virtfs-proxy-helper -f|--fd <socket descriptor> -p|--path <path-to-share>

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:14:02 +05:30
M. Mohan Kumar
4c793dda22 hw/9pfs: Add new proxy filesystem driver
Add new proxy filesystem driver to add root privilege to qemu process.
It needs a helper process to be started by root user.

Following command line can be used to utilize proxy filesystem driver
-virtfs proxy,id=<id>,mount_tag=<tag>,socket_fd=<socket-fd>

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:13:39 +05:30
M. Mohan Kumar
ddca7f86ac hw/9pfs: Add validation to {un}marshal code
Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 19:53:22 +05:30
M. Mohan Kumar
10925bf089 hw/9pfs: Move pdu_marshal/unmarshal code to a seperate file
Move p9 marshaling/unmarshaling code to a separate file so that
proxy filesytem driver can use these calls. Also made marshaling
code generic to accept "struct iovec" instead of V9fsPDU.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 19:51:28 +05:30
Aneesh Kumar K.V
99519f0a77 hw/9pfs: Move opt validation to FsDriver callback
This remove all conditional code from common code path and
make opt validation a FSDriver callback.

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 19:51:28 +05:30
Rob Herring
b2123a4856 add L2x0/PL310 cache controller device
This is just a dummy device for ARM L2 cache controllers, based on the
pl310. The cache type parameter can be defined by a property value
and has a meaningful default.

Signed-off-by: Rob Herring <rob.herring@calxeda.com>
Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
[Peter Maydell: removed stray blank line at end]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-04 13:41:42 +00:00
Rob Herring
b79f22656f arm: add dummy gic security registers
Implement handling for the RAZ/WI gic security registers.

Signed-off-by: Rob Herring <rob.herring@calxeda.com>
Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-04 13:41:42 +00:00
Mark Langsdorf
104a26a236 arm: Set frequencies for arm_timer
Use qdev properties to allow board modelers to set the frequencies
for the sp804 timer. Each of the sp804's timers can have an
individual frequency. The timers default to 1MHz.

Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-04 13:41:42 +00:00
Rob Herring
78aca8a712 arm: add missing scu registers
Add power control register to a9mpcore

Signed-off-by: Rob Herring <rob.herring@calxeda.com>
Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-04 13:41:42 +00:00
Peter Maydell
0ec6dc730c hw/omap_gpmc: Fix region map/unmap when configuring prefetch engine
When configuring the prefetch engine (and also when resetting from
a state where the prefetch engine was enabled) be careful to adhere
to the "unmap/change config fields/map" ordering, to avoid trying
to delete the wrong MemoryRegions. This fixes an assertion failure
in some cases.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reported-by: Alexander Graf <agraf@suse.de>
Tested-by: Alexander Graf <agraf@suse.de>
2012-01-04 13:41:42 +00:00
Peter Maydell
e023668198 hw/omap1.c: Drop unused includes
Drop includes of qemu-timer.h, qemu-char.h and pc.h as they are no
longer needed.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-04 13:41:42 +00:00
Juha Riihimäki
b9f7bc40ed hw/omap1.c: Separate dpll_ctl from omap_mpu_state
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-04 13:41:42 +00:00
Juha Riihimäki
0375953475 hw/omap1.c: Separate PWT from omap_mpu_state
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-04 13:41:25 +00:00
Avi Kivity
c5705a7728 vmstate, memory: decouple vmstate from memory API
Currently creating a memory region automatically registers it for
live migration.  This differs from other state (which is enumerated
in a VMStateDescription structure) and ties the live migration code
into the memory core.

Decouple the two by introducing a separate API, vmstate_register_ram(),
for registering a RAM block for migration.  Currently the same
implementation is reused, but later it can be moved into a separate list,
and registrations can be moved to VMStateDescription blocks.

Signed-off-by: Avi Kivity <avi@redhat.com>
2012-01-04 13:34:48 +02:00
Juha Riihimäki
8717d88ac7 hw/omap1.c: Separate PWL from omap_mpu_state
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-04 10:35:22 +00:00
Peter Maydell
3b204c8129 hw/omap1.c: omap_mpuio_init() need not be public
omap_mpuio_init() is only used and defined in omap1.c, so make it static.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-04 10:35:09 +00:00
Peter Maydell
128939a954 hw/pl110.c: Add post-load hook to invalidate display
Add a post-load hook which invalidates the display. In particular, if we
don't do this and the display size we've just reloaded is larger than
the default then we will segfault trying to read off the end of the buffer.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-04 10:32:16 +00:00
Peter Maydell
624923be11 hw/pl181.c: Add save/load support
Add save/load support to the PL181.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-01-04 10:31:56 +00:00
Alexander Graf
dd97aa8adc Add generic drive hotplugging
The monitor command for hotplugging is in i386 specific code. This is just
plain wrong, as S390 just learned how to do hotplugging too and needs to
get drives for that.

So let's add a generic copy to generic code that handles drive_add in a
way that doesn't have pci dependencies. All pci specific code can then
be handled in a pci specific function.

Signed-off-by: Alexander Graf <agraf@suse.de>

---

v1 -> v2:

  - align generic drive_add to pci specific one
  - rework to split between generic and pci code

v2 -> v3:

  - remove comment
2012-01-04 02:48:14 +01:00
Alexander Graf
7fa41e536b [S390] Add hotplug support
I just submitted a few patches that enable the s390 virtio bus to receive
a hotplug add event. This patch implements the qemu side of it, so that new
hotplug events can be submitted to the guest.

Signed-off-by: Alexander Graf <agraf@suse.de>

---

v1 -> v2:

  - make s390 virtio hoplug code emulate-capable
2012-01-04 02:48:14 +01:00
Anthony Liguori
f3c6a169a3 Merge remote-tracking branch 'qemu-kvm/memory/page_desc' into staging
* qemu-kvm/memory/page_desc: (22 commits)
  Remove cpu_get_physical_page_desc()
  sparc: avoid cpu_get_physical_page_desc()
  virtio-balloon: avoid cpu_get_physical_page_desc()
  vhost: avoid cpu_get_physical_page_desc()
  kvm: avoid cpu_get_physical_page_desc()
  memory: remove CPUPhysMemoryClient
  xen: convert to MemoryListener API
  memory: temporarily add memory_region_get_ram_addr()
  xen, vga: add API for registering the framebuffer
  vhost: convert to MemoryListener API
  kvm: convert to MemoryListener API
  kvm: switch kvm slots to use host virtual address instead of ram_addr_t
  memory: add API for observing updates to the physical memory map
  memory: replace cpu_physical_sync_dirty_bitmap() with a memory API
  framebuffer: drop use of cpu_physical_sync_dirty_bitmap()
  loader: remove calls to cpu_get_physical_page_desc()
  framebuffer: drop use of cpu_get_physical_page_desc()
  memory: introduce memory_region_find()
  memory: add memory_region_is_logging()
  memory: add memory_region_is_rom()
  ...
2012-01-03 14:39:05 -06:00
Avi Kivity
b7c28c74af virtio-balloon: avoid cpu_get_physical_page_desc()
This reaches into the innards of the memory core, which are being
changed.  Switch to a memory API version.

Signed-off-by: Avi Kivity <avi@redhat.com>
2012-01-03 19:19:28 +02:00
Avi Kivity
2817b260e3 vhost: avoid cpu_get_physical_page_desc()
This reaches into the innards of the memory core, which are being
changed.  Switch to a memory API version.

Signed-off-by: Avi Kivity <avi@redhat.com>
2012-01-03 19:19:28 +02:00
Michael Ellerman
9fc380d3ed pseries: Check for duplicate addresses on the spapr-vio bus
Check that devices on the spapr vio bus aren't given duplicate
addresses. Currently we will not run with duplicate devices, the
fdt code will spot it, but the error reporting is not great. With
this patch we can report the error nicely in terms of the device
names given by the user.

Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-03 15:49:12 +01:00
David Gibson
68f3a94c64 pseries: Populate "/chosen/linux,stdout-path" in the FDT
There is a device tree property "/chosen/linux,stdout-path" which indicates
which device should be used as stdout - ie. "the console".

Currently we don't specify anything, which means both firmware and Linux
choose something arbitrarily. Use the routine we added in the last patch
to pick a default vty and specify it as stdout.

Currently SLOF doesn't use the property, but we are hoping to update it
to do so.

Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-03 15:49:12 +01:00
David Gibson
98331f8ad6 pseries: Add a routine to find a stable "default" vty and use it
In vty_lookup() we have a special case for supporting early debug in
the kernel. This accepts reg == 0 as a special case to mean "any vty".

We implement this by searching the vtys on the bus and returning the
first we find. This means that the vty we chose depends on the order
the vtys are specified on the QEMU command line - because that determines
the order of the vtys on the bus.

We'd rather the command line order was irrelevant, so instead return
the vty with the lowest reg value. This is still a guess as to what the
user really means, but it is at least stable WRT command line ordering.

Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>

[agraf] fix braces
2012-01-03 15:49:11 +01:00
David Gibson
05c194384f pseries: Emit device tree nodes in reg order
Although in theory the device tree has no inherent ordering, in practice
the order of nodes in the device tree does effect the order that devices
are detected by software.

Currently the ordering is determined by the order the devices appear on
the QEMU command line. Although that does give the user control over the
ordering, it is fragile, especially when the user does not generate the
command line manually - eg. when using libvirt etc.

So order the device tree based on the reg value, ie. the address of on
the VIO bus of the devices. This gives us a sane and stable ordering.

Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>

[agraf] add braces
2012-01-03 15:49:11 +01:00
Bharata B Rao
6e806cc38b pseries: FDT NUMA extensions to support multi-node guests
Add NUMA specific properties to guest's device tree to boot a multi-node
guests. This patch adds the following properties:

ibm,associativity
ibm,architecture-vec-5
ibm,associativity-reference-points

With this, it becomes possible to use -numa option on pseries targets.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-03 15:49:11 +01:00
David Gibson
1fc02533e7 pseries: Remove hcalls callback
For forgotten historical reasons, PAPR hypercalls for specific virtual IO
devices (oh which there are quite a number) are registered via a callback
in the VIOsPAPRDeviceInfo structure.

This is kind of ugly, so this patch instead registers hypercalls from
device_init() functions for each device type.  This works just as well,
and is cleaner.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-01-03 15:49:11 +01:00
Liu Yu-B13201
157feeadba kvm-ppc: halt secondary cpus when guest reset
When guest reset, we need to halt secondary cpus until guest kick them.
This already works for tcg. The patch add the support for kvm.

Signed-off-by: Liu Yu <yu.liu@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
[agraf: remove in-kernel irqchip code]
2012-01-03 15:48:20 +01:00
Christian Borntraeger
ed8e5a85a1 virtio-console: Fix failure on unconnected pty
when I tried qemu with -virtio-console pty the guest hangs and attaching
on /dev/pts/<x> does not return anything if the attachment is too late.

This results in pty_chr_write() returning 0, which causes the port to
get throttled. This results in the guest getting frozen as the
guest->host virtio_console writes don't return until the host releases
the vq element back to the guest.

For the virtio-serial use case we don't want to lose data but for the
console case we better drop data instead of "killing" the guest
console. If we get chardev->frontend notification and a better behaving
virtio-console we can revert this fix.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
2011-12-30 11:10:10 +05:30
Anthony Liguori
4e1ea514f9 Merge remote-tracking branch 'aneesh/for-upstream' into staging
* aneesh/for-upstream:
  scripts/analyse-9p-simpletrace.py:	Add symbolic names for 9p operations.
  hw/9pfs: iattr_valid flags are kernel internal flags map them to 9p values.
  hw/9pfs: Use the correct signed type for different variables
  hw/9pfs: replace iovec manipulation with QEMUIOVector
2011-12-27 08:53:35 -06:00
Vasilis Liaskovitis
991dfefdee Set numa topology for max_cpus
qemu-kvm passes numa/SRAT topology information for smp_cpus to SeaBIOS. However
SeaBIOS always expects to setup max_cpus number of SRAT cpu entries
(MaxCountCPUs variable in build_srat function of Seabios). When qemu-kvm runs
with smp_cpus != max_cpus (e.g. -smp 2,maxcpus=4), Seabios will mistakenly use
memory SRAT info for setting up CPU SRAT entries for the offline CPUs. Wrong
SRAT memory entries are also created. This breaks NUMA in a guest.
Fix by setting up SRAT info for max_cpus in qemu-kvm.

Signed-off-by: Vasilis Liaskovitis <vasilis.liaskovitis@profitbricks.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2011-12-22 14:53:01 -02:00
Amit Shah
03ecd2c80a virtio-serial-bus: Ports are expected to implement 'have_data' callback
There's no need to check if ports can accept any incoming data from the
guest each time the guest sends data.  Check if the port implements such
functionality during port initialisation.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-12-21 15:00:29 -06:00
Amit Shah
05e7af694c virtio-console: Properly initialise class methods
The earlier code really was a hack: initialising class methods in an
object init function as noted by Anthony.

The motivation for that was to not have the virtio-serial-bus call into
the callback functions if there was no chardev backend registered.
However, that really wasn't a worthwhile optimisation, and definitely
not one that was well-implemented.  Get rid of it.

Reported-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-12-21 15:00:29 -06:00
Amit Shah
6640422c17 virtio-console: Check if chardev backends available before calling into them
For the callback functions invoked by the virtio-serial-bus code, check
if we have chardev backends registered before we call into the chardev
functions.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reported-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-12-21 15:00:29 -06:00
Aneesh Kumar K.V
e4027caf93 hw/9pfs: iattr_valid flags are kernel internal flags map them to 9p values.
Kernel internal values can change, add protocol values for these constant and
use them.

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-12-21 12:37:23 +05:30
Aneesh Kumar K.V
2f008a8c97 hw/9pfs: Use the correct signed type for different variables
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-12-21 12:37:23 +05:30
Stefan Hajnoczi
302a0d3ed7 hw/9pfs: replace iovec manipulation with QEMUIOVector
The v9fs_read() and v9fs_write() functions rely on iovec[] manipulation
code should be replaced with QEMUIOVector to avoid duplicating code.
In the future it may be possible to make the code even more concise by
using QEMUIOVector consistently across virtio and 9pfs.

The "v" format specifier for pdu_marshal() and pdu_unmarshal() is
dropped since it does not actually pack/unpack anything.  The specifier
was also not implemented to update the offset variable and could only be
used at the end of a format string, another sign that this shouldn't
really be a format specifier.  Instead, see the new
v9fs_init_qiov_from_pdu() function.

This change avoids a possible iovec[] buffer overflow when indirect
vrings are used since the number of vectors is now limited by the
underlying VirtQueueElement and cannot be out-of-bounds.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-12-21 12:37:22 +05:30
Andrzej Zaborowski
3799ce4ab6 sd: Remember to reset .expecting_acmd on reset.
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-12-21 05:04:21 +01:00
Peter Maydell
fcfa9351c5 hw/sd.c: Clear status bits when read via response r6
Response format r6 includes a subset of the status bits;
clear the clear-on-read bits which are read by an r6 response.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-12-21 05:01:49 +01:00
Peter Maydell
1d06cb7ab9 hw/sd.c: Correct handling of APP_CMD status bit
Fix some bugs in our implementation of the APP_CMD status bit:
 * the response to an ACMD should have APP_CMD set, not cleared
 * if an illegal ACMD is sent then the next command should be
   handled as a normal command

This requires that we split "card is expecting an ACMD" from
the state of the APP_CMD status bit (the latter indicates
both "expecting ACMD" and "that was an ACMD").

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-12-21 05:01:46 +01:00
Peter Maydell
10a412dab3 hw/sd.c: Correct handling of type B SD status bits
Correct how we handle the type B ("cleared on valid command")
status bits. In particular, the CURRENT_STATE bits in a response
should be the state of the card when it received that command,
not the state when it received the preceding command. (This is
one of the issues noted in LP:597641.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-12-21 05:01:42 +01:00
Peter Maydell
5b08bfe2e9 hw/sd.c: Set ILLEGAL_COMMAND for ACMDs in invalid state
App commands in an invalid state should set ILLEGAL_COMMAND, not
merely return a zero response.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-12-21 05:01:39 +01:00
Peter Maydell
b1f517ed43 hw/sd.c: Handle CRC and locked-card errors in normal code path
Handle returning CRC and locked-card errors in the same code path
we use for other responses. This makes no difference in behaviour
but means that these error responses will be printed by the debug
logging code.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-12-21 05:01:35 +01:00
Peter Maydell
53bb8cc485 hw/sd.c: Handle illegal commands in sd_do_command
Add an extra sd_illegal value to the sd_rsp_type_t enum so that
sd_app_command() and sd_normal_command() can tell sd_do_command()
that the command was illegal. This is needed so we can do things
like reset certain status bits only on receipt of a valid command.
For the moment, just use it to pull out the setting of the
ILLEGAL_COMMAND status bit into sd_do_command().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-12-21 05:01:31 +01:00
Peter Maydell
e30d59388b hw/sd.c: When setting ADDRESS_ERROR bit, don't clear everything else
Fix a typo that meant that ADDRESS_ERRORs setting or clearing write
protection would clear every other bit in the status register.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-12-21 05:01:27 +01:00
Peter Maydell
abda1f37ee hw/sd.c: On CRC error, set CRC error status bit rather than clearing it
If we fail to validate the CRC for an SD command we should be setting
COM_CRC_ERROR, not clearing it. (This bug actually has no effect currently
because sd_req_crc_validate() always returns success.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-12-21 05:01:21 +01:00
Peter Maydell
b8d334c828 hw/sd.c: Add comment regarding CARD_STATUS_* defines
Add a clarifying comment about what the CARD_STATUS_[ABC]
macros are defining.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-12-21 05:01:17 +01:00