this fixes invalid rectangle updates observed after commit 12b316d
with the vmware VGA driver. The issues occured because the server
and client surface update seems to be out of sync at some points
and the max width of the surface is not dividable by
VNC_DIRTY_BITS_PER_PIXEL (16).
Reported-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
valgrind complains about a memory leak in irq setup of sclpconsole:
==42117== 8 bytes in 1 blocks are definitely lost in loss record 89of 833
==42117== at 0x4031AFE: malloc (vg_replace_malloc.c:292)
==42117== by 0x8022F855: malloc_and_trace (vl.c:2715)
==42117== by 0x4145569: g_malloc (in /usr/lib64/libglib-2.0.so.0.3400.2)
==42117== by 0x800F696D: qemu_extend_irqs (irq.c:51)
==42117== by 0x800F6AF7: qemu_allocate_irqs (irq.c:68)
==42117== by 0x800F5685: console_init (sclpconsole.c:235)
==42117== by 0x80297C79: event_realize (event-facility.c:386)
==42117== by 0x80105071: device_set_realized (qdev.c:693)
==42117== by 0x801CDC4B: property_set_bool (object.c:1337)
==42117== by 0x801CBD7F: object_property_set (object.c:819)
[...]
We dont need the indirection of an qemu irq to inject an slcp interrupt.
Fixes a valgrind error and makes the code simpler.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
valgrind complains about a memory leak in irq setup of sclpconsole:
==42117== 8 bytes in 1 blocks are definitely lost in loss record 89 of 833
==42117== at 0x4031AFE: malloc (vg_replace_malloc.c:292)
==42117== by 0x8022F855: malloc_and_trace (vl.c:2715)
==42117== by 0x4145569: g_malloc (in /usr/lib64/libglib-2.0.so.0.3400.2)
==42117== by 0x800F696D: qemu_extend_irqs (irq.c:51)
==42117== by 0x800F6AF7: qemu_allocate_irqs (irq.c:68)
==42117== by 0x800F5685: console_init (sclpconsole.c:235)
==42117== by 0x80297C79: event_realize (event-facility.c:386)
==42117== by 0x80105071: device_set_realized (qdev.c:693)
==42117== by 0x801CDC4B: property_set_bool (object.c:1337)
==42117== by 0x801CBD7F: object_property_set (object.c:819)
[...]
Turns out that we actually dont need the indirection, so trigger the
sclp interrupt directly.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
valgrind complains about the following:
==42117== 8 bytes in 1 blocks are definitely lost in loss record 88 of 833
==42117== at 0x4031AFE: malloc (vg_replace_malloc.c:292)
==42117== by 0x8022F855: malloc_and_trace (vl.c:2715)
==42117== by 0x4145569: g_malloc (in /usr/lib64/libglib-2.0.so.0.3400.2)
==42117== by 0x800F696D: qemu_extend_irqs (irq.c:51)
==42117== by 0x800F6AF7: qemu_allocate_irqs (irq.c:68)
==42117== by 0x8029FA4B: irq_cpu_hotplug_init (sclpcpu.c:84)
==42117== by 0x80297C79: event_realize (event-facility.c:386)
==42117== by 0x80105071: device_set_realized (qdev.c:693)
[...]
Right it is. Don't drop the pointer of the irq.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Jason J. Herne <jjherne@us.ibm.com>
commit 18674b2678
(elf-loader: add more return codes) enabled the elf loader to return
other errors than -1.
Lets also handle that case for our "BIOS" on s390.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
CC: Alexey Kardashevskiy <aik@ozlabs.ru>
CC: Alexander Graf <agraf@suse.de>
Set the reset-cbar property on CPUs used by the virt board,
if they have it. This isn't necessary for correct functioning
under Linux (since the A9 isn't a valid CPU for the virt board),
but it is the correct behaviour.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1394462692-8871-5-git-send-email-peter.maydell@linaro.org
Set the reset-cbar property of the Exynos4210 SoC's Cortex-A9
CPUs, so that Linux doesn't misrecognize them as a broken
uniprocessor SoC.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1394462692-8871-4-git-send-email-peter.maydell@linaro.org
If the CPU is a Cortex-A9 then we should set its reset-cbar property
so that the guest can read the correct PERIPHBASE/CBAR register value;
newer versions of the Linux kernel (as of commit bc41b8724 in 3.12)
will otherwise assume the CPU is a buggy single core A9 SoC. The
realview-pbx-a9 is the only one of the cluster of boards in realview.c
which works with the Cortex-A9 (ie which gets an a9mpcore_priv device);
make sure it also has reset-cbar set correctly.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1394462692-8871-3-git-send-email-peter.maydell@linaro.org
Newer versions of the Linux kernel (as of commit bc41b8724 in 3.12)
now assume that if the CPU is a Cortex-A9 and the reset value of the
PERIPHBASE/CBAR register is zero then the CPU is a specific buggy
single core A9 SoC, and will not try to start other cores. Since we
now have a CPU property for the reset value of the CBAR, we can
just fix the vexpress board model to correctly set CBAR so SMP
works again. To avoid duplicate boilerplate code in both the A9
and A15 daughterboard init functions, we split out the CPU and
private memory region init to its own function.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reported-by: Rob Herring <rob.herring@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1394462692-8871-2-git-send-email-peter.maydell@linaro.org
Codespell found and fixed these new typos:
* doesnt -> doesn't
* funtion -> function
* perfomance -> performance
* remaing -> remaining
A coding style issue (line too long) was fixed manually.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The GPTIMER uses 32-bit registers. Use a 64-bit operation to get the
ptimer count, otherwise we end up with a count of 0 for GPTIMER counter
values of 0xffffffff.
Use the GPTIMER counter value for tracing to avoid an overflow of the
32-bit value passed to trace_grlib_gptimer_enable().
Reviewed-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
c5f52875 changed the size of sense array in vmstate_scsi_device by
mistake. This patch restores the old size, and add a subsection for the
remaining part of the buffer size. So that migration is not broken.
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Normally VIOSRP_OK (0) means success and non-zero value means error
except VIOSRP_OK2 (0x99) which is another success code by weird accident.
This uses 0 as success code always as some guests do not cope with
the 0x99 value well. The existing linux driver checks for both VIOSRP_OK
and VIOSRP_OK2 since 2.6.32.
This returns non-zero code (VIOSRP_ADAPTER_FAIL == 0x10) on errors which
can only happen if DMA write failed.
Suggested-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit 0399a3819b (virtio-console: QOM
cast cleanup for VirtConsole) broke virtserialport since it shares
functions and state struct with virtconsole. Let virtconsole inherit
from virtserialport, and use virtserialport type for casting.
Note that virtio-serial-port is the abstract base type in
virtio-serial-bus.c, whereas virtserialport is the user-instantiatable
type in virtio-console.c. Therefore using TYPE_VIRTIO_CONSOLE_SERIAL_PORT.
Reported-by: Richard W.M. Jones <rjones@redhat.com>
Acked-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Before spapr_vga_init will returned false if the vga is specified by
the command '-device VGA' because vga_interface_type was evaluated to
VGA_NONE. With the change in previous patch of this series,
spapr_vga_init should return true if it's told that the vga will be
initialized in flow of the generic devices initialization.
To keep '-nodefaults' have the semantics of bare minimum, it adds a
check of 'has_defaults' in usb_enabled() to avoid that a USB controller
is added by '-nodefautls, -device VGA' implicitly.
This patch also makes two cleanups:
1. skip initialization for VGA_NONE
2. remove the useless 'break'
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Mark Wu <wudxw@linux.vnet.ibm.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Raven datasheet explains where firmware lives in system memory, so do
it there instead of in board code. Other boards using the same PCI
host will not have to copy the firmware loading code.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
[AF: Drop BIOS size workaround in favor of replacing our firmware blob]
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
When on KVM mode, enable x2apic by default on all CPU models.
Normally we try to keep the CPU model definitions as close as the real
CPUs as possible, but x2apic can be emulated by KVM without host CPU
support for x2apic, and it improves performance by reducing APIC access
overhead. x2apic emulation is available on KVM since 2009 (Linux
2.6.32-rc1), there's no reason for not enabling x2apic by default when
running KVM.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Instead of the feature-specific disable_kvm_pv_eoi() function, create a
more general function that can be used to disable other feature bits in
machine-type compat code.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Commits fdfba1a298,
ab1da85791,
f606604f1c and
2c17449b30 added usages of ENV_GET_CPU()
macro in target-specific code.
Use ppc_env_get_cpu() instead.
Cc: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Today virtio-blk dataplane uses a 1:1 device-per-thread model. Now that
IOThreads have been introduced we can generalize this to N:M devices per
threads.
This patch drops thread code from dataplane in favor of running inside
an IOThread AioContext.
As a bonus we solve the case where a guest keeps submitting I/O requests
while dataplane is trying to stop. Previously the dataplane thread
would continue to process requests until the request gave it a break.
Now we can shut down in bounded time thanks to
aio_context_acquire/release.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Add a "iothread" qdev property type so devices can be hooked up to an
IOThread from the comand-line:
qemu -object iothread,id=iothread0 \
-device some-device,x-iothread=iothread0
Note that Paolo Bonzini <pbonzini@redhat.com> has suggested using QOM
links instead. This way the relationship between the objects is
reflected in QOM. There are currently shortcomings of
object_property_add_link() which prevent this use case. I will attempt
to fix them and move to QOM links in a separate series.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
get_pointer()'s print() callback might return a heap allocated
string, to avoid adding dedicated get_pointer_foo for this case
convert current print() callbacks to return temporary heap
allocated string and make get_pointer() free it.
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This converts the old-style SysBusDevice::init() callback to a new-style
DeviceClass::realize() callback.
As a part of conversion, this replaces fprintf(stderr) with error_setg()
as realize() does not "return" any value, instead it puts the extended
error into **errp.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Mike Day <ncmike@ncultra.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Currently interrupt priorities are set to 0 (highest) at the very
beginning of the guest execution which is not correct and makes the guest
produce random interrupt error messages such as:
"Interrupt 0x1001 (real) is invalid, disabling it".
This also prevents interrupt states from correct migration.
This initializes priority to 0xFF as the emulated XICS does.
Suggested-by: Paul Mackerras <paulus@samba.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Use the realize and unrealize hooks to register and unregister
vmstate_pcibus respectively.
Relocate some stuff to avoid forward declarations.
Signed-off-by: Bandan Das <bsd@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
[AF: Keep using PCI_BUS() cast macro]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Integrate (un)realization of child buses with realization/unrealization
of the device hosting them. Code in device_unparent() is reordered for
unrealization of buses to work as part of device unrealization.
That way no changes need to be made to bus instantiation.
Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Add a "realized" property calling realize/unrealize hooks as for devices.
Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
The main functional change is to convert QEMUMachine into MachineClass
and QEMUMachineInitArgs into MachineState, instance of MachineClass.
As a first step, in order to make possible an incremental development,
both QEMUMachine and QEMUMachineInitArgs are being embedded into the
new types.
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Previously libvirt required the first/default PCI bus to have name "pci".
Since QEMU can support multiple buses now, libvirt wants "pci.0" now.
This removes custom bus name and lets QEMU make up default names.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Define and use QOM cast macro. Removes some usages of legacy casting
systems.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
[AF: Rename parent field]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Create an abstract class that encompasses both max111x variants. This is
needed for QOM cast macro creation (and is the right thing to do
anyway). Macroify type-names in the process.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Remove two legacy ->qbus style casts from TYPE_SSI_BUS to TYPE_BUS in
ssi.c.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
[AF: Convert one missing ->qbus and rename parent field]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Convert legacy ->qdev style casts from TYPE_SSI_SLAVE to TYPE_DEVICE.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
[AF: Introduce local DeviceState variable for transition to QOM realize]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Move setting DeviceClass::hotpluggable default from device's
class_base_init() to device's class_init().
Reported-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Commit 1a37eca107 (qdev: add
"hotpluggable" property to Device) added a property "hotpluggable" to
each device, with its getter accessing parent_bus->allow_hotplug.
Add a NULL check.
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
More small fixes: the issues annoy developers so
I thought they are worth fixing quickly.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJTHvMwAAoJECgfDbjSjVRp2SIH/Rh5X1U+tUjr0xnvWllXTgdP
ixot7AxXO2UkmPqhyAPV/oEr/3xBFyp8C8ZysQzaHsUqDyq40DtkKp+UWvG6EjpY
3Ser+wA9NzsT67ixtEIN2z1qnO7l29ErggS8EfTOh7gyFJzSKN8x3GV2ENB/FBJW
k0LSO7aJ0rmTdg63u9T3RIctKPbtCBO8wlE6wuS461pBshYNr6aVkMWDY9bVpx/f
ol/aoJs7xaPkJs1qFzOfOisYi3LeBZR4O9gRRixqzwJtwWl5rMG3y/oBxbYDfyZw
NbP7zFAWCj/YYgG0U8L9SR4P28n65FoULAvQ9CRY1+fF7Ozwj0SzoU2Ld6fvINw=
=VRRB
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
acpi,pc,test bug fixes
More small fixes: the issues annoy developers so
I thought they are worth fixing quickly.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Tue 11 Mar 2014 11:27:44 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
acpi-test: update expected SSDT files
acpi-build: don't access unaligned addresses
q35: Correct typo BRDIGE -> BRIDGE
configure: don't modify .status on error
pc: avoid duplicate names for ROM MRs
loader: rename in_ram/has_mr
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* implement WFE as yield (improves performance with emulated SMP)
* fixes to avoid undefined behaviour shifting left into sign bit
* libvixl format string fixes for 32 bit hosts
* fix build error when intptr_t and tcg_target_long are different
sizes (eg x32)
* implement PMCCNTR register
* fix incorrect setting of E bit in CPSR (broke booting under
KVM on ARM)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCAAGBQJTHdS1AAoJEDwlJe0UNgze0B8P/3DkFSe5hKQhU4mcqsQ8/bXJ
ub75hyA/vm1anZIsrKQkOz0+ySNjphyhGtQVDCERc/r2hhwYl7v+9KZ/LS8LECYD
Dl0Rf7woTYNwJKwyKuXbFjHkl443gDa5FS0HR1QD1t3gp1T/AMkgq7XsjUOlx6Up
h14m0/3NQB3fgU5VmqYeUC4wVuH6SVhPo9CSVH864HGX4lBL30zfMoJjluZCQ6Y9
Qo3FOPXT+rWmLmiiFgbEVHs96mfN05ooiIbpISCKSKL/9LujoeX6PV2qX6KFyk3T
zhWY4X65Gz6PqW1LZR9DUkl4NWxIjdYVS2DE2cOgQJLz6guy6JEfLoWechHyzBXa
w4evOmoexaVlY713joMtDceRrIeAzPLS69rS1HuRj85MikFpqNrY4g2lEqGgCaWH
oQ3W8UpcEMfvBIKXyAF8i8UJNH8q5YkI+z4KT2TOX3y+KiVcwixDuWizsjW7uLUN
zdLaYWXYRLa026b37AY0Y0k/K2kQt1yXemI5hk4P4jCQM/2/hireO5Z9TYBpD8ym
Igsq0ljH7gpyExhXsyvL73ZmFOTmdO1RwU5ybSR8ZzfpAT6W+e1acQOZ/8WyWVcz
gsrwVeuTlK04nte9fpmrN54MeEHr3Jn2K4bsOfeKFRPD/pvORRAzLIHQJO/SPXoA
Cmn/627VVNTnpBhtlSlc
=SHmz
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140310' into staging
target-arm queue:
* implement WFE as yield (improves performance with emulated SMP)
* fixes to avoid undefined behaviour shifting left into sign bit
* libvixl format string fixes for 32 bit hosts
* fix build error when intptr_t and tcg_target_long are different
sizes (eg x32)
* implement PMCCNTR register
* fix incorrect setting of E bit in CPSR (broke booting under
KVM on ARM)
# gpg: Signature made Mon 10 Mar 2014 15:05:25 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-20140310:
target-arm: Implement WFE as a yield operation
hw/arm/musicpal: Avoid shifting left into sign bit
hw/ssi/xilinx_spips.c: Avoid shifting left into sign bit
hw/arm/omap1.c: Avoid shifting left into sign bit
pxa2xx: Don't shift into sign bit
libvixl: Fix format strings for several int64_t values
target-arm: Fix intptr_t vs tcg_target_long
target-arm: Implements the ARM PMCCNTR register
target-arm: Fix incorrect setting of E bit in CPSR
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
casting an unaligned address to e.g.
uint32_t can trigger undefined behaviour in C.
Replace cast + assignment with memcpy.
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Since
commit 04920fc0fa
loader: store FW CFG ROM files in RAM
RAM MRs including ROM files in FW CFGs are created
and named using the file basename.
This becomes problematic if these names are
supplied by user, since the basename might not
be unique.
There are two cases we care about:
- option-rom flag.
- option ROM for devices. This triggers e.g. when
using rombar=0.
At the moment we get an assert. E.g
qemu -option-rom /usr/share/ipxe/8086100e.rom -option-rom
/usr/share/ipxe.efi/8086100e.rom
RAMBlock "/rom@genroms/8086100e.rom" already registered, abort!
This is a regression from 1.6.
For now let's keep it simple and just avoid creating the
MRs in case of option ROMs.
when using 1.7 machine types, enable
option ROMs in RAM to match that version.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
we put copy of ROMs in MR for migration.
but the name rom_in_ram makes one think we
load it in guest RAM.
Rename has_mr to make intent clearer.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Both QEMU and KVM have already accumulated a significant number of
optimizations based on the hard-coded assumption that ioapic polarity
will always use the ActiveHigh convention, where the logical and
physical states of level-triggered irq lines always match (i.e.,
active(asserted) == high == 1, inactive == low == 0). QEMU guests
are expected to follow directions given via ACPI and configure the
ioapic with polarity 0 (ActiveHigh). However, even when misbehaving
guests (e.g. OS X <= 10.9) set the ioapic polarity to 1 (ActiveLow),
QEMU will still use the ActiveHigh signaling convention when
interfacing with the emulated ioapic.
This patch modifies the emulated ioapic to completely ignore polarity
as set by the guest OS, enabling misbehaving guests to work alongside
those which comply with the ActiveHigh polarity specified by QEMU's
ACPI tables.
Signed-off-by: Gabriel L. Somlo <somlo@cmu.edu>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Bit 7 of Input Port is the keyboard inhibit switch.
0 means keyboard inhibited, while 1 means keyboard enabled.
Incidentaly, this also fixes an error encountered while booting
an Award BIOS: "Keyboard is locked out - Unlock the key".
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
In write-only mode, writes are forwarded to RAM, while reads should not be
handled (ie should return 0xff).
Assume that in this mode, no read access is ever done, as they shouldn't
give any sensible result.
So, in write-only mode, alias PAM region to RAM, instead of PCI memory
(which can even be mapped to some device!)
This fixes Award BIOS, which use this mode to shadow system BIOS and video BIOS.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
If enabled, set the thread name at creation (on GNU systems with
pthread_set_np)
Fix up all the callers with a thread name
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
PCIE is causing asserts each time a multifunction device is added
on command line (coldplug).
This is caused by
commit a66e657e18
pci/pcie: convert PCIE hotplug to use hotplug-handler API
QEMU abort is caused by misplaced assertion, which should
be checked only when device is hotplugged.
Reference to regression report:
http://www.mail-archive.com/qemu-devel@nongnu.org/msg216226.html
Fixes: a66e657e18
Reported-By: Nigel Kukard <nkukard+qemu@lbsd.net>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
peer_{de,at}tach were called from inside assert().
We don't support building without NDEBUG but it's not tidy.
Rearrange to attach peer outside assert calls.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
As reported in
http://article.gmane.org/gmane.comp.emulators.qemu/253987
Mac OSX actually requires describing all occupied slots
in ACPI - even if hotplug isn't enabled.
I didn't expect this so I dropped description of all
non hotpluggable slots from ACPI.
As a result: before
commit 99fd437dee (enable
hotplug for pci bridges), PCI cards show up in the "device tree" of OS X
(System Information). E.g., on MountainLion users have:
Hardware -> PCI Cards:
Card Type Driver Installed Slot
*ethernet Ethernet Controller Yes PCI Slot 2
pci8086,2934 USB UHC Yes PCI Slot 29
ethernet:
Type: Ethernet Controller
Driver Installed: Yes
MSI: No
Bus: PCI
Slot PCI Slot 2
Vendor ID: 0x8086
Device ID: 0x100e
Subsystem Vendor ID: 0x1af4
Subsystem ID: 0x1100
Revision ID: 0x0003
Hardware -> Ethernet Cards
ethernet:
Type: Ethernet Controller
Bus: PCI
Slot PCI Slot 2
Vendor ID: 0x8086
Device ID: 0x100e
Subsystem Vendor ID: 0x1af4
Subsystem ID: 0x1100
Revision ID: 0x0003
BSD name: en0
Kext name: AppleIntel8254XEthernet.kext
Location: /System/Library/Extensions/...
Version: 3.1.1b1
After commit 99fd437dee, users get:
Hardware -> PCI Cards:
This computer doesn't contain any PCI cards. If you installed PCI
cards, make sure they're properly installed.
Hardware -> Ethernet Cards
ethernet:
Type: Ethernet Controller
Bus: PCI
Vendor ID: 0x8086
Device ID: 0x100e
Subsystem Vendor ID: 0x1af4
Subsystem ID: 0x1100
Revision ID: 0x0003
BSD name: en0
Kext name: AppleIntel8254XEthernet.kext
Location: /System/Library/Extensions/...
Version: 3.1.1b1
Ethernet still works, but it's not showing up on the PCI bus, and it
no longer thinks it's plugged in to slot #2, as it used to before the
change.
To fix, append description for all occupied non hotpluggable PCI slots.
One need to be careful when doing this: VGA devices
are now described in SSDT, so we need to drop description from DSDT.
And ISA devices are used in DSDT so drop them from SSDT.
Reported-by: Gabriel L. Somlo <gsomlo@gmail.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Also update generated dsdt and pcihp hex dump files.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
* remotes/kvaneesh/for-upstream:
hw/9pfs: Include virtio-9p-device.o in build
hw/9pfs: use g_strdup_printf() instead of PATH_MAX limitation
hw/9pfs/virtio-9p-local.c: use snprintf() instead of sprintf()
hw/9pfs/virtio-9p-local.c: move v9fs_string_free() to below "err_out:"
fsdev: Fix overrun after readlink() fills buffer completely
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJTGcncAAoJEH8JsnLIjy/WaIwP/iXPS19/Xax3kXyVDdMONhmQ
6hT8oilKRIVwo+1dw59IWxvLPisY0cTtChzsKUxVAAKtjlc5LgAVxX+3memM9AHr
WA8FjW+fmOf2D+3iNv/Vg/aCf0ck8ghHIDW68vAHhcdmiD7DThm7MTGzsPTANQ2/
HhTg1/p7vDdpq5LXvpJCRKZjyeQqUOlv+Y8ctFpAiQ+iQT19eG7wVZNHLu4jhnN9
qzpgpbvv8T7Ayx4XocWYsXZrT/cnmipj1DOC7IjTLoHfynq13l9UazBb3xSdFqzz
hpHc8KlEXvZkX1L3BXl/GKC4GN0pdbPp/Vj9/F3b++logGnDMIVgt4JFdJLjoeyA
R8mHevbXiecJRaOagdQoIzDpglZ5fHSUjbk+zy/yISsYxjlndVs+K61O7UFGzpoG
auBlQD31JZGc2/5ygNL0QHvCZVF2DHF3UOS5HWwO0U5AYAall932GtMdm6hQJ5GO
2VJgv20d2GF1kTkaZPcuSG8W9mFDO0Uf24JTMtAbq3+s3u+IGTJiRk1GycfSBdLy
DqK1lovq/AxCo+VF/WQacxn9G1vXN0wOJZ31PQmUme9Q/qyxIFGV4EskEDcMvfWx
AC2tjsA3T8YxwTO+379Ls0RbIYuiuIXlHGKl8jJ0Gz9kaUDpQf35Sm2zkpW564Px
D+nD26nj43Lt8uhoha9m
=6sTe
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Block patches
# gpg: Signature made Fri 07 Mar 2014 13:30:04 GMT using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
* remotes/kevin/tags/for-upstream:
block: qemu-iotests 085 - live snapshots tests
hw/ide/ahci.h: Avoid shifting left into sign bit
block: Fix error path segfault in bdrv_open()
qemu-iotests: Test a few blockdev-add error cases
blockdev: Fix NULL pointer dereference in blockdev-add
blockdev: Fail blockdev-add with encrypted images
block/raw-win32: Strip "file:" prefix on creation
block/raw-win32: Implement bdrv_parse_filename()
block/raw-posix: Strip "file:" prefix on creation
block/raw-posix: Implement bdrv_parse_filename()
block: Keep "filename" option after parsing
block: mirror - remove code cruft that has no function
block: make bdrv_swap rebuild the bs graph node list field.
block: Fix bs->request_alignment assertion for bs->sg=1
iscsi: Use bs->sg for everything else than disks
qemu-iotests: Test progress output for conversion
qemu-img convert: Fix progress output
gluster: Remove unused defines and header include
gluster: Change licence to GPLv2+
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
In commit 5643706a09 (console: add head
to index to qemu consoles.) graphic_console_init() was extended to take
an additional argument, but xenfb was not updated accordingly. Fix it.
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Don Slutz <dslutz@verizon.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1394228528-31625-1-git-send-email-afaerber@suse.de
Add 'U' suffixes to avoid undefined behaviour shifting left into
the signed bit of a signed integer type. Clang's sanitizer will
warn about this:
hw/ide/ahci.c:1210:27: runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Handle the new CCW_CMD_SET_IND_ADAPTER command enabling adapter interrupts
on guest request. When active, host->guest notifications will be handled
via global_indicator -> queue indicators instead of queue indicators +
subchannel I/O interrupt. Indicators for virtqueues may be present at an
offset.
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
This makes use of @cpu_dt_id and related API in:
1. emulated XICS hypercall handlers as they receive fixed CPU indexes;
2. XICS-KVM to enable in-kernel XICS on right CPU;
3. device-tree renderer.
This removes @cpu_index fixup as @cpu_dt_id is used instead so QEMU monitor
can accept command-line CPU indexes again.
This changes kvm_arch_vcpu_id() to use ppc_get_vcpu_dt_id() as at the moment
KVM CPU id and device tree ID are calculated using the same algorithm.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Acked-by: Mike Day <ncmike@ncultra.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Normally CPUState::cpu_index is used to pick the right CPU for various
operations. However default consecutive numbering does not always work
for POWERPC.
These indexes are reflected in /proc/device-tree/cpus/PowerPC,POWER7@XX
and used to call KVM VCPU's ioctls. In order to achieve this,
kvmppc_fixup_cpu() was introduced. Roughly speaking, it multiplies
cpu_index by the number of threads per core.
This approach has disadvantages such as:
1. NUMA configuration stays broken after the fixup;
2. CPU-targeted commands from the QEMU Monitor do not work properly as
CPU indexes have been fixed and there is no clear way for the user to
know what the new CPU indexes are.
This introduces a @cpu_dt_id field in the CPUPPCState struct which
is initialized from @cpu_index by default and can be fixed later
to meet the device tree requirements.
This adds an API to handle @cpu_dt_id.
This removes kvmppc_fixup_cpu() as it is not more needed, @cpu_dt_id
is calculated in ppc_cpu_realize().
This will be used later in machine code.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Acked-by: Mike Day <ncmike@ncultra.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch introduces the hypervisor call H_GET_TCE which is basically the
reverse of H_PUT_TCE, as defined in the Power Architecture Platform
Requirements (PAPR).
The hcall H_GET_TCE is required by the kdump kernel which is calling it to
retrieve the TCE set up by the panicing kernel.
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
For updating in kernel htab we need to provide both pte0 and pte1, hence update
the interface to take pte0 and pte1 together
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
[ ldq_phys() API change, Greg Kurz <gkurz@linux.vnet.ibm.com> ]
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
With kvm enabled, we store the hash page table information in the hypervisor.
Use ioctl to read the htab contents. Without this we get the below error when
trying to read the guest address
(gdb) x/10 do_fork
0xc000000000098660 <do_fork>: Cannot access memory at address 0xc000000000098660
(gdb)
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
[ fixes for 32 bit build (casts!), ldq_phys() API change,
Greg Kurz <gkurz@linux.vnet.ibm.com ]
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Correctly update the htab_mask using the return value of
KVM_PPC_ALLOCATE_HTAB ioctl. Also we don't update sdr1
on GET_SREGS for HV. We check for external htab and if
found true, we don't need to update sdr1
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
[ fixed pte group offset computation in ppc_hash64_htab_lookup() that
caused TCG to fail, Greg Kurz <gkurz@linux.vnet.ibm.com> ]
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
We currently size the msi window trap page according to the host's page
size so that we poke a working hole into a memory slot in case we overlap.
However, this is only ever necessary with KVM active. Without KVM, we should
rather try to be host platform agnostic and use a constant size: 4k.
This fixes a build breakage on win32 hosts.
Signed-off-by: Alexander Graf <agraf@suse.de>
When the guests adds buffers to receive queue, the network device
should flush its queue of pending packets. This is done with
qemu_flush_queued_packets.
This adds a call to qemu_flush_queued_packets() which wakes up the main
loop and let QEMU update the network device status which now is "can
receive". The patch basically does the same thing as e8b4c68 does.
Suggested-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
When we have 2 separate qdev devices that both create a qbus of the
same type without specifying a bus name or device name, we end up
with two buses of the same name, such as ide.0 on the Mac machines:
dev: macio-ide, id ""
bus: ide.0
type IDE
dev: macio-ide, id ""
bus: ide.0
type IDE
If we now spawn a device that connects to a ide.0 the last created
bus gets the device, with the first created bus inaccessible to the
command line.
After some discussion on IRC we concluded that the best quick fix way
forward for this is to make automated bus-class type based allocation
count a global counter. That's what this patch implements. With this
we instead get
dev: macio-ide, id ""
bus: ide.1
type IDE
dev: macio-ide, id ""
bus: ide.0
type IDE
on the example mentioned above.
This also means that if you did -device ...,bus=ide.0 you got a device
on the first bus (the last created one) before this patch and get that
device on the second one (the first created one) now. Breaks
migration unless you change bus=ide.0 to bus=ide.1 on the destination.
This is intended and makes the bus enumeration work as expected.
As per review request follows a list of otherwise affected boards and
the reasoning for the conclusion that they are ok:
target machine bus id times
------ ------- ------ -----
aarch64 n800 i2c-bus.0 2
aarch64 n810 i2c-bus.0 2
arm n800 i2c-bus.0 2
arm n810 i2c-bus.0 2
-> Devices are only created explicitly on one of the two buses, using
s->mpu->i2c[0], so no change to the guest.
aarch64 vexpress-a15 virtio-mmio-bus.0 4
aarch64 vexpress-a9 virtio-mmio-bus.0 4
aarch64 virt virtio-mmio-bus.0 32
arm vexpress-a15 virtio-mmio-bus.0 4
arm vexpress-a9 virtio-mmio-bus.0 4
arm virt virtio-mmio-bus.0 32
-> Makes -device bus= work for all virtio-mmio buses. Breaks
migration. Workaround for migration from old to new: specify
virtio-mmio-bus.4 or .32 respectively rather than .0 on the
destination.
aarch64 xilinx-zynq-a9 usb-bus.0 2
arm xilinx-zynq-a9 usb-bus.0 2
mips64el fulong2e usb-bus.0 2
-> Normal USB operation not affected. Migration driver needs command
line to use the other bus.
i386 isapc ide.0 2
x86_64 isapc ide.0 2
mips mips ide.0 2
mips64 mips ide.0 2
mips64el mips ide.0 2
mipsel mips ide.0 2
ppc g3beige ide.0 2
ppc mac99 ide.0 2
ppc prep ide.0 2
ppc64 g3beige ide.0 2
ppc64 mac99 ide.0 2
ppc64 prep ide.0 2
-> Makes -device bus= work for all IDE buses. Breaks migration.
Workaround for migration from old to new: specify ide.1 rather than
ide.0 on the destination.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Andreas Faerber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We will use this in later patches to make sure we use the right load
functions when copying hpte entries.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This makes use of new error codes which load_elf() can return and
prints more informative error message.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
The existing load_elf() just returns -1 if it fails to load ELF. However
it could be smarter than this and tell more about the failure such as
wrong endianness or incompatible platform.
This adds additional return codes for wrong architecture, wrong
endianness and if the image is not ELF at all.
This adds a load_elf_strerror() helper to convert return codes into
string messages.
This fixes handling of what load_elf() returns for s390x, other
callers just check the return value for <0 and this remains unchanged.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
At the moment in the case of error, load_elf() returns -1 so load_kernel()
will not signal error at all.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently everybody uses ELF kernel images with "-kernel" option on
pseries machine but QEMU still tries to boot from an image even it
fails to recognize it is ELF. This produces undefined behaviour if
the user tries a kernel image compiled for another architecture.
This removes support of raw kernel images.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
This implementation doesn't include ring priority, TCP/IP Off-Load, QoS.
Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
[agraf: fix up stray quotes and newlines in strings]
Signed-off-by: Alexander Graf <agraf@suse.de>
Intercept REPORT_LUNS commands addressed either to SRP LUN 0 or the well-known
LUN for REPORT_LUNS commands. This is required to implement the SAM and SPC
specifications.
Since SRP implements only a single SCSI target port per connection, the SRP
target is required to report all available LUNs in response to a REPORT_LUNS
command addressed either to LUN 0 or the well-known LUN. Instead, QEMU was
forwarding such requests to the first QEMU SCSI target, with the result that
initiators that relied on this feature would only see LUNs on the first QEMU
SCSI target.
Behavior for REPORT_LUNS commands addressed to any other LUN is not specified
by the standard and so is left unchanged. This preserves behavior under Linux
and SLOF, which enumerate possible LUNs by hand and so address no commands
either to LUN 0 or the well-known REPORT_LUNS LUN.
Signed-off-by: Nathan Whitehorn <nwhitehorn@freebsd.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
[agraf: define constant as ULL for 32bit hosts]
Signed-off-by: Alexander Graf <agraf@suse.de>
Recent changes introduced cannot_instantiate_with_device_add_yet
and removed capability of adding yet another PCI host bridge via
command line for SPAPR platform (POWERPC64 server).
This brings the capability back and puts SPAPR PHB into "bridge"
category.
This is not much use for emulated PHB but it is absolutely required
for VFIO as we put an IOMMU group onto a separate PHB on SPAPR.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Targets like ppc64 support different types of KVM, one which use
hypervisor mode and the other which doesn't. Add a new machine
option kvm-type that helps in selecting the respective ones
We also add a new QEMUMachine callback get_vm_type that helps
in mapping the string representation of kvm type specified.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
[agraf: spelling fixes, use error_report(), use qemumachine.h]
Signed-off-by: Alexander Graf <agraf@suse.de>
- sclp event facility: cleanup structure. This allows to use
realize/unrealize as well as migration support via vmsd
- reboot: Two fixes that make reboot much more reliable
- ipl: make elf loading more robust
- flic interrupt controller: This allows to migrate floating
interrupts, as well as clear them on reset etc.
- enable async_pf feature of KVM on s390
- several sclp fixes and cleanups
- several sigp fixes and cleanups
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABAgAGBQJTDwZVAAoJEBF7vIC1phx8lx4P/Rv+UVD9XDFFF8yHuye1am40
NpRGjdarQ/9QUkS4gqyKwYUvIjAClk5id7U2d5zrfdc8XC49AH0ZhVFMdRupaOon
AUqXjOXD5zAh9bfUcewg1EK1P1VuKcp0hyh0jFlIqk9Xmidw8N5guQ6iBoTqGJD5
UYTp0PuSqIjY1RCuF4fCTCurzRd1+J2oKcQBip7BSWlVuWZlg2/hPxoIraLezlz2
huwOU9tkSGXwSRv4C6fCcukEwlqnvkE6W0MCrHrcb2T8xYwAR2Jjs0TsscbKxb+t
lIjZRiCxBrFwOLUqGN8DMYtZPffR+cigZ5bYb4o3PPJ0DQL4vLQVd8SPMPrdJhbb
M7UOaeTclSTQuzmM/Uuc1pmrFc8PDq0dg50dT3weH2bW8aSgyqutYGpmUcm1Q6kq
JLFuyswOBr1vS9o0TlBunP4+TqJJrnGvtIQ4EbRZm7zP78mBaIIrUcAZlbgOI+XI
cSjtFXkBOCz0j28J9GSHrsWMC7RQ179TGdcH/FjDpu0dNDOxH7eH5gZPQoQDAqwC
SjstqJdIFnd0qxOB1EqcgMUxbSqQYq3hoGvJ644ZrMA3T5trBn0fSw3J9ZU/qAK7
EvOKRacMfcacIj4l0aEQgpwqVmktwIYnkfetX/QAKw/4AImJz/R9GRkmYgjCfOH8
/CUfXM71zWLEdv1o5uJ5
=toIt
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/borntraeger/tags/kvm-s390-20140227' into staging
Several features, fixes and cleanups for kvm/s390:
- sclp event facility: cleanup structure. This allows to use
realize/unrealize as well as migration support via vmsd
- reboot: Two fixes that make reboot much more reliable
- ipl: make elf loading more robust
- flic interrupt controller: This allows to migrate floating
interrupts, as well as clear them on reset etc.
- enable async_pf feature of KVM on s390
- several sclp fixes and cleanups
- several sigp fixes and cleanups
* remotes/borntraeger/tags/kvm-s390-20140227: (22 commits)
s390x/ipl: Fix crash of ELF images with arbitrary entry points
s390x/kvm: Rework priv instruction handlers
s390x/kvm: Add missing SIGP CPU RESET order
s390x/kvm: Rework SIGP INITIAL CPU RESET handler
s390x/cpu: Use ioctl to reset state in the kernel
s390-ccw.img: new binary rom to match latest fixes
s390-ccw.img: Fix sporadic errors with ccw boot image - initialize css
s390-ccw.img: Fix sporadic reboot hangs: Initialize next_idx
s390x/event-facility: exploit realize/unrealize
s390x/event-facility: add support for live migration
s390x/event-facility: code restructure
s390x/event-facility: some renaming
s390x/sclp: Fixed setting of condition code register
s390x/sclp: Add missing checks to SCLP handler
s390x/sclp: Fixed the size of sccb and code parameter
s390x/eventfacility: mask out commands
s390x/virtio-hcall: Specification exception for illegal subcodes
s390x/virtio-hcall: Add range check for hypervisor call
s390x/kvm: Fixed bad SIGP SET-ARCHITECTURE handler
s390x/async_pf: Check for apf extension and enable pfault
...
Conflicts:
linux-headers/linux/kvm.h
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/bonzini/scsi-next:
block/iscsi: fix segfault if writesame fails
scsi-disk: Add support for port WWN and index descriptors in VPD page 83h
block/iscsi: query for supported VPD pages
block/iscsi: fix deadlock on scsi check condition
scsi-bus: Fix transfer length for VERIFY with BYTCHK=11b
scsi: report thin provisioning errors with werror=report
scsi: Change scsi sense buf size to 252
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/mcayland/qemu-sparc:
sun4m: Add Sun CG3 framebuffer initialisation function
sun4m: Add Sun CG3 framebuffer and corresponding OpenBIOS FCode ROM
sun4m: fix slavio timer RUN/STOP bit
sun4m: Set HostID in NVRAM
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
After commit ba1183da9a we are including
hw/Makefile.objs directly from Makefile.target. Make sure hw/Makefile.objs
rules doesn't depend on variable defined in Makefile.objs
Tested-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
When path is truncated by PATH_MAX limitation, it causes QEMU to access
incorrect file. So use original full path instead of PATH_MAX within
9pfs (need check/process ENOMEM for related memory allocation).
The related test:
- Environments (for qemu-devel):
- Host is under fedora17 desktop with ext4fs:
qemu-system-x86_64 -hda test.img -m 1024 \
-net nic,vlan=4,model=virtio,macaddr=00:16:35:AF:94:04 \
-net tap,vlan=4,ifname=tap4,script=no,downscript=no \
-device virtio-9p-pci,id=fs0,fsdev=fsdev0,mount_tag=hostshare \
-fsdev local,security_model=passthrough,id=fsdev0,\
path=/upstream/vm/data/share/1234567890abcdefghijklmnopqrstuvwxyz\
ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890acdefghijklmnopqrstuvwxyz\
ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890/111111111111111111111111111\
1111111111111111111111111111111111111111111111111111222222222222\
2222222222222222222222222222222222222222222222222222222222222222\
2222222222222222222222222222222222233333333333333333333333333333\
3333333333333333333333333333333333
- Guest is ubuntu12 server with 9pfs.
mount -t 9p -o trans=virtio,version=9p2000.L hostshare /share
- Limitations:
full path limitation is PATH_MAX (4096B include nul) under Linux.
file/dir node name maximized length is 256 (include nul) under ext4.
- Special test:
Under host, modify the file: "/upstream/vm/data/share/1234567890abcdefg\
hijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890acdefghijklmno\
pqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890/111111111111111111111\
111111111111111111111111111111111111111111111111111111111122222222222\
222222222222222222222222222222222222222222222222222222222222222222222\
222222222222222222222222222222233333333333333333333333333333333333333\
3333333333333333333333333/4444444444444444444444444444444444444444444\
444444444444444444444444444444444444444444444444444444444444444444444\
444444444444444444444444444444444444444444444444444444444444444444444\
444444444444444444444444444444444444444/55555555555555555555555555555\
555555555555555555555555555555555555555555555555555555555555555555555\
555555555555555555555555555555555555555555555555555555555555555555555\
555555555555555555555555555555555555555555555555555555555555555555555\
55555555/666666666666666666666666666666666666666666666666666666666666\
666666666666666666666666666666666666666666666666666666666666666666666\
666666666666666666666666666666666666666666666666666666666666666666666\
666666666666666666666/77777777777777777777777777777777777777777777777\
777777777777777777777777777777777777777777777777777777777777777777777\
777777777777777777777777777777777777777777777777777777777777777777777\
77777777777777777777777777777777777777777777777777777777777/888888888\
888888888888888888888888888888888888888888888888888888888888888888888\
888888888888888888888888888888888888888888888888888888888888888888888\
888888888888888888888888888888888888888888888888888888888888888888888\
888888888/99999999999999999999999999999999999999999999999999999999999\
999999999999999999999999999999999999999999999999999999999999999999999\
999999999999999999999999999999999999999999999999999999999999999999999\
99999999999999999999999999999999999999999/000000000000000000000000000\
000000000000000000000000000000000000000000000000000000000000000000000\
000000000000000000000000000000000000000000000000000000000000000000000\
000000000000000000000000000000000000000000000000/aaaaaaaaaaaaaaaaaaaa\
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbb\
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb\
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb\
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ccccccccc\
ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\
ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\
ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\
cccccccccc/dddddddddddddddddddddddddddddddddddddddddddddddddddddddddd\
ddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd\
ddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd\
dddddddddddddddddddddd/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee\
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee\
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee\
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee/fffffffffffffff\
fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\
fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffff/gggggggggg\
ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg\
ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg\
ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg\
ggggggggggggggggggggggg/iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii\
iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii\
iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii\
iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii/jjjjjjjjjjjjj\
jjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj\
jjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj/ppppppppppppppppppppp\
ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp\
ppppppppppppppppppppppppppppppppppppppp/test1234567890file.log"
(need enter dir firstly, then modify file, or can not open it).
Under guest, still allow modify "test1234567890file.log" (will generate
"test123456" file with contents).
After apply this patch, can not open "test1234567890file.log" under guest
(permission denied).
- Common test:
All are still OK after apply this path.
"mkdir -p", "create/open file/dir", "modify file/dir", "rm file/dir".
change various mount point paths under host and/or guest.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
'ctx->fs_root' + 'path'/'fullname.data' may be larger than PATH_MAX, so
need use snprintf() instead of sprintf() just like another area have done
in 9pfs. This could possibly result in the truncation of pathname, which we
address in the follow up patch.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
When "goto err_out", 'v9fs_string' already was allocated, so still need
free 'v9fs_string' before return.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
In order to allow the user to choose the framebuffer for sparc-softmmu, add
-vga tcx and -vga cg3 options to the QEMU command line. If no option is
specified, the default TCX framebuffer is used.
Since proprietary FCode ROMs use a resolution of 1152x900, slightly relax the
validation rules to allow both displays to be initiated at the higher
resolution used by these ROMs upon request (OpenBIOS FCode ROMs default to
the normal QEMU sun4m default resolution of 1024x768).
Finally move any fprintf(stderr ...) statements in the areas affected by this
patch over to the new error_report() function.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
CC: Blue Swirl <blauwirbel@gmail.com>
CC: Anthony Liguori <aliguori@amazon.com>
CC: Peter Maydell <peter.maydell@linaro.org>
CC: Bob Breuer <breuerr@mc.net>
CC: Artyom Tarasenko <atar4qemu@gmail.com>
The CG3 framebuffer is a simple 8-bit framebuffer for use with operating
systems such as early Solaris that do not have drivers for TCX.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
CC: Blue Swirl <blauwirbel@gmail.com>
CC: Anthony Liguori <aliguori@amazon.com>
CC: Peter Maydell <peter.maydell@linaro.org>
CC: Bob Breuer <breuerr@mc.net>
CC: Artyom Tarasenko <atar4qemu@gmail.com>
The sun4m architecture has one 'system' timer and one timer per CPU.
The CPU timers can be configured in two modes:
* 22 bits Counter/Timer. Periodic interrupts.
* 54 bits User timer. For profiling. In this mode, the Run/Stop bit
controls the timer.
The run/stop bit controls the timer only when it is in "User" mode, but
its state shall be persistent.
Signed-off-by: Olivier Danet <odanet@caramail.com>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
When loading S390 kernels, the current code expects an ELF file with the
start address 0x10000. Other ELF files cause a segmentation fault. To avoid
these crashes, we should get the start address from the ELF file instead
of always using a hard-coded address.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
init/exit functionality of abstract SCLPEvent class is now exploiting
realize/unrealize.
Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Add support for live migration using VMStateDescription.
Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Code restructure in order to simplify class hierarchy
- remove S390SCLPDevice abstract base class
and move function pointers into new SCLPEventFacilityClass
- implement SCLPEventFacility as SysBusDevice
- use define constants for instance creation strings
The following ascii-art shows the class structure wrt the SCLP EventFacility
before (CURRENT) and after the restructure (NEW):
----
CURRENT:
"s390-sclp-events-bus"
+-------------------------+
| SCLPEventsBus |
|-------------------------|
|BusState qbus |
+-------------------------+
+-------------------------+
| SCLPEventFacility | - to be replaced by new SCLPEventFacility,
|-------------------------| which will be a SysBusDevice
|SCLPEventsBus sbus |
|DeviceState *qdev |
|unsigned int receive_mask|
+-------------------------+
+-------------------------+
| S390SCLPDeviceClass | - to be replaced by new SCLPEventFacilityClass
|-------------------------|
|DeviceClass qdev |
|*(init)() |
+-------------------------+
"s390-sclp-event-facility"
|
instance-of
|
V
"s390-sclp-device" - this is an abstract class
+-------------------------+
| S390SCLPDevice (A)| - to be replaced by new SCLPEventFacility
|-------------------------|
|SysBusDevice busdev |
|SCLPEventFacility *ef |
| |
|*(sclp_command_handler)()| - these 2 go to new SCLPEventFacilityClass
|*(event_pending)() |
+-------------------------+
----
NEW:
"s390-sclp-events-bus"
+-------------------------+
| SCLPEventsBus |
|-------------------------|
|BusState qbus |
+-------------------------+
+-------------------------+
| SCLPEventFacilityClass |
|-------------------------|
|DeviceClass parent_class |
| |
|*(init)() |
|*(command_handler)() |
|*(event_pending)() |
+-------------------------+
"s390-sclp-event-facility"
+-------------------------+
| SCLPEventFacility |
|-------------------------|
|SysBusDevice parent_class|
|SCLPEventsBus sbus |
|unsigned int receive_mask|
+-------------------------+
Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Do some renaming to shorten some identifiers and to emphasize sclp.
Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
If the 51 most significant bits of the SCCB address are zero or equal to
the prefix, we should throw an specification exception, too.
Also moved the check for privileged mode to sclp_service_call() to have
all program checks in one place now.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
The pointer to the SCCB should not be limited to 32 bits only.
In contrast to this, the command word parameter is only 32 bits
(the upper 32 bits should be ignored).
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
As a followup to commit 5f04c14a10
(s390-sclp: Define New SCLP Codes) we should mask the sclp command
not only in base sclp, but also in the event facility.
Based on an initial patch from Ralf Hoppe.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
So far, the DIAG 500 hypervisor call was only setting -EINVAL in
R2 when a guest tried to call this function with an illegal subcode.
This patch now changes the behavior so that a specification exception
is thrown instead, since this is the common behavior of other DIAG
functions (and other CPU instructions) when being called with illegal
parameters.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
The handler for diag 500 did not check whether the requested function
was in the supported range, so illegal values could crash QEMU in the
worst case.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
CC: qemu-stable@nongnu.org
S390 can also use async page faults, to enhance guest scheduling.
In case of live migration we want to disable the feature and let
all pending request finish.
Signed-off-by: Dominik Dingel <dingel@linux.vnet.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
This patch implements a floating-interrupt controller device (flic)
which interacts with the s390 flic kvm_device.
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
* fixes for various Coverity-spotted bugs
* support new KVM device control API for VGIC
* support KVM VGIC save/restore/migration
* more AArch64 system mode foundations
* support ARMv8 CRC instructions for A32/T32
* PL330 minor fixes and cleanup
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCAAGBQJTDimkAAoJEDwlJe0UNgzeJckQAIgv++tjcGk9d5gl0QQMyHJJ
GNb0raWPHSvVqsuGJzdzgfd5dt0FN3fvqKs4ThtstLjcmkiIqDoIaDuDDFdU/Zt0
YAMA07cQ7xZNoVB8x8zqMD/yrLV99CKZlC5/Cr4yq8SPNrOKZkpnFViSC2wgrrDt
JyCRjc6GIv3SofkOP8sCF3Fg7JMi0J9qFCCw2fGWrRBq1TEMYlaCn5rSO4O9jiW3
g8YMVUeYFjKkLUnoNOA93NQhhkrQNl5xkXmCo+JF7TPL9w2lH/G76RWmLtaPGLuh
IkwfG+7/AVbtoK8Njp9scsmu56hau1RkNip/yquLM1ONb2H7h94AkpRCGQXOXBW3
rEocDKR3cR7quvLHtQ54blR5/TJMhFZfchX5cvGYT4pH2+8yxyP0UeFpNVJawoLO
Bb1zYTswjXfAfe0jk/nr91P5lSNa6lkk42mh7k7Shc7bvCjkaLQDbNRDBB1B6gLr
0b0vj73U8+Gz+5WoWbu0GJhuR5NdWxnAiuTYXEJ8roTaZL2AP6fuef4OZ+Nnpw/K
dBRoO6NWrKT04ZaYu6tB/q31sa6ff6S+hRpqr8lp/S8PGFWC0Pni8Pz0rYLpyhVh
yZRqkY7C6FRE5EmXSWt0ZkpSkykwnibL/xXigHIvmGEBiohR0f4SGSIDLqTGkYqQ
HWtue+3jyM/1kirp2QLx
=1X50
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140226' into staging
target-arm queue:
* fixes for various Coverity-spotted bugs
* support new KVM device control API for VGIC
* support KVM VGIC save/restore/migration
* more AArch64 system mode foundations
* support ARMv8 CRC instructions for A32/T32
* PL330 minor fixes and cleanup
# gpg: Signature made Wed 26 Feb 2014 17:51:32 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-20140226: (45 commits)
dma/pl330: implement dmaadnh instruction
dma/pl330: Fix buffer depth
dma/pl330: Add event debugging printfs
dma/pl330: Rename parent_obj
dma/pl330: printf format type sweep.
dma/pl330: Fix misleading type
dma/pl330: Delete overly verbose debug printf
target-arm: Add support for AArch32 ARMv8 CRC32 instructions
include/qemu/crc32c.h: Rename include guards to match filename
target-arm: Add utility function for checking AA32/64 state of an EL
target-arm: Implement AArch64 view of CPACR
target-arm: A64: Implement MSR (immediate) instructions
target-arm: Store AIF bits in env->pstate for AArch32
target-arm: A64: Implement WFI
target-arm: Get MMU index information correct for A64 code
target-arm: Implement AArch64 OSLAR_EL1 sysreg as WI
target-arm: Implement AArch64 dummy breakpoint and watchpoint registers
target-arm: Implement AArch64 ID and feature registers
target-arm: Implement AArch64 generic timers
target-arm: Implement AArch64 MPIDR
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJTDJtxAAoJEJykq7OBq3PIEBAH/0Fh1TUsHpLGwtVC+HObl4HF
19KJpaXfG3L1x5pV4qbRvsmgXDNjnm8sSAbAvINn5uKJqk371qshvgssaIyLOA/o
VD+9lR1mwE9mwiktCfFniddoZmTsMyGxsbE4i1dZAxsGuuiJ3x2zRotpQCLjmWMJ
OSIdy1v657tR0EnhjI19g4fNvCpfOwX3tvMt20vgL6/x9AuNjMfFeP6S/KNuxBBC
6vflVNmN0AIc/tIbR5bql5/wcDixJcxobFXHxAmIbaaJTNtFXq0PNpo0kfLi5Zzx
s6iVoYVXNMx1xqpegBEVLyIvtcX7SCggO8FT+bhzaOfPVL8NaSXRJMRjH22V+D0=
=UA+s
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging
Net patches
# gpg: Signature made Tue 25 Feb 2014 13:32:33 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/net-pull-request:
virtio-net: use qemu_get_queue() where possible
vhost_net: use offload API instead of bypassing it
net: remove implicit peer from offload API
net: Disable netmap backend when not supported
net: add offloading support to netmap backend
net: make tap offloading callbacks static
net: virtio-net and vmxnet3 use offloading API
net: TAP uses NetClientInfo offloading callbacks
net: extend NetClientInfo for offloading
net: change vnet-hdr TAP prototypes
opencores_eth: flush queue whenever can_receive can go from false to true
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Certain cards such as the Broadcom BCM57810 have rom quirks
that exhibit unstable system behavior duing device assignment. In
the particular case of 57810, rom execution hangs and if a FLR
follows, the device becomes inoperable until a power cycle. This
change blacklists loading of rom for such cards unless the user
specifies a romfile or rombar=1 on the cmd line
Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
readlink() doesn't write a terminating null byte.
assign_failed_examine() passes the unterminated string to strrchr().
Oops. Terminate it.
Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
readlink() returns the number of bytes written to the buffer, and it
doesn't write a terminating null byte. vfio_init() writes it itself.
Overruns the buffer when readlink() filled it completely.
Fix by treating readlink() filling the buffer completely as error,
like we do in pci-assign.c's assign_failed_examine().
Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Implement the missing DMAADNH instruction. This is a minor variant
of the DMAADDH instruction, so factor out to a common implementation
for both (dmaadxh).
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 73ab13532a7cae53441da89b46c279b5f50785e3.1393372019.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This is the product of the data-width and the depth arguments, I.e the
depth of the FIFO is in terms of data entries and not bytes (which is
what the original implementation was suggesting). Fix.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: c34de31031511538ccdb3164b48ee8a6a973ebd4.1393372019.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Use PRI formats as appropriate rather than raw %x and %d. This fixes
debug printfery on some host platforms. Fix types of debug only
variables as appropriate.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: dbb5f5fd048b2d4a3cb5c6357577d11211a7a585.1393372019.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This type really should just be a regular int as no usages rely on it's
32 bitness (it's only meaningful as a bit position and not a bit mask).
This also fixes a printf which uses the variable with a regular %d.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 2a99d31f377aee371476d9da8fd0d1b7efa30f63.1393372019.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
When using event synchronisation, this particular debug printf floods.
Just delete it.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: dd94d19493f97c47497b9d8caf74ca43e70d58fd.1393372019.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
To avoid complication in code that otherwise would not need to
care about whether EL1 is AArch32 or AArch64, we should store
the interrupt mask bits (CPSR.AIF in AArch32 and PSTATE.DAIF
in AArch64) in one place consistently regardless of EL1's mode.
Since AArch64 has an extra enable bit (D for debug exceptions)
which isn't visible in AArch32, this means we need to keep
the enables in env->pstate. (This is also consistent with the
general approach we're taking that we handle 32 bit CPUs as
being like AArch64/ARMv8 CPUs but which only run in 32 bit mode.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Implement the AArch64 TTBR* registers. For v7 these were already 64 bits
to handle LPAE, but implemented as two separate uint32_t fields.
Combine them into a single uint64_t which can be used for all purposes.
Since this requires touching every use, take the opportunity to rename
the field to the architectural name.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Save and restore the ARM KVM VGIC state from the kernel. We rely on
QEMU to marshal the GICState data structure and therefore simply
synchronize the kernel state with the QEMU emulated state in both
directions.
We take some care on the restore path to check the VGIC has been
configured with enough IRQs and CPU interfaces that we can properly
restore the state, and for separate set/clear registers we first fully
clear the registers and then set the required bits.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1392687921-26921-1-git-send-email-christoffer.dall@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Support creating the ARM vgic device through the device control API and
setting the base address for the distributor and cpu interfaces in KVM
VMs using this API.
Because the older KVM_CREATE_IRQCHIP interface needs the irq chip to be
created prior to creating the VCPUs, we first test if we can use the
device control API in kvm_arch_irqchip_create (using the test flag from
the device control API). If we cannot, it means we have to fall back to
KVM_CREATE_IRQCHIP and use the older ioctl at this point in time. If
however, we can use the device control API, we don't do anything and
wait until the arm_gic_kvm driver initializes and let that use the
device control API.
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1392687720-26806-5-git-send-email-christoffer.dall@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The GIC_SET_LEVEL macro unfortunately overwrote the entire level
bitmask instead of just or'ing on the necessary bits, causing active
level PPIs on a core to clear PPIs on other cores.
Cc: qemu-stable@nongnu.org
Reported-by: Rob Herring <rob.herring@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1393031030-8692-1-git-send-email-christoffer.dall@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The ethernet device in the musicpal only has two tx queues,
but we modelled it with four CTDP registers, presumably a
cut and paste from the rx queue registers. Since the tx_queue[]
array is only 2 entries long this allowed a guest to overrun
this buffer. Remove the nonexistent registers.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1392737293-10073-1-git-send-email-peter.maydell@linaro.org
Acked-by: Jan Kiszka <jan.kiszka@web.de>
Cc: qemu-stable@nongnu.org
The Exynos4210 combiner has IIC_NIRQ inputs and IIC_NGRP outputs;
use the correct constant in the loop initializing our output
sysbus IRQs so that we don't overrun the output_irq[] array.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1392659611-8439-1-git-send-email-peter.maydell@linaro.org
Reviewed-by: Andreas Färber <afaerber@suse.de>
Cc: qemu-stable@nongnu.org
The integrator's timer read/write functions log an error for
bad addresses in guest accesses, but were falling through and
using an out of bounds array index rather than returning early.
Fix this.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1392647854-8067-4-git-send-email-peter.maydell@linaro.org
Cc: qemu-stable@nongnu.org
Add a cast to avoid an unintended sign extension that
would mean we returned 0xffffffff in the high 32 bits
for an IA0 read if bit 31 in the MAC address was 1.
(This is harmless since we'll only be doing 4 byte
reads, but it could be confusing, so best avoided.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1392647854-8067-3-git-send-email-peter.maydell@linaro.org
Fix incorrect use of sizeof() rather than ARRAY_SIZE() to guard
accesses into the mb_clock[] array, which was allowing a malicious
guest to overwrite the end of the array.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1392647854-8067-2-git-send-email-peter.maydell@linaro.org
Cc: qemu-stable@nongnu.org
This is now obsolete - remove the header and all its inclusions.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Inline the only usage of each of xilinx_axiethernet_init and
xilinx_axidma_init. Converts this init to at least a semi-recent QOM
styling.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Inline the only usage. Converts this init to at least a semi-recent QOM
styling.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Inline these usages. Converts these init to at least a semi-recent QOM
styling.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Inline these usages. Converts these init to at least a semi-recent QOM
styling.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Define (missing) macros for the interrupt and memory maps for the sake
of self documentation.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>