Commit Graph

557 Commits

Author SHA1 Message Date
Hans de Goede
4a9ef2c042 ehci: Don't call commit_irq after raising PCD
ehci_raise_irq(s, USBSTS_PCD), gets applied immediately so there is no need
to call commit_irq after it.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
52c15e5986 ehci: Further speedup rescanning if async schedule after raising an interrupt
I tried lowering the time between raising an interrupt and rescanning the
async schedule to see if the guest has queued a new transfer before, but
that did not have any positive effect. I now believe the cause for this is
that lowering this time made it more likely to hit the 1 ms interrupt
threshold penalty for the next packet, as described in my
"ehci: Use uframe precision for interrupt threshold checking" commit.

Now that we do interrupt threshold handling with uframe precision, futher
lowering this time from .5 to .25 ms gives an extra 15% improvement in speed
(MB/s) reading from a simple USB-2.0 thumb-drive.

While at it also properly set the int_req_by_async flag for short packet
completions.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
9359a58b12 ehci: Use uframe precision for interrupt threshold checking (v2)
Before this patch, the following could happen:
1) Transfer completes, raises interrupt
2) .5 ms later we check if the guest has queued up any new transfers
3) We find and execute a new transfer
4) .2 ms later the new transfer completes
5) We re-run our frame_timer to write back the completion, but less then
   1 ms has passed since our last run, so frindex is not changed, so the
   interrupt threshold code delays the interrupt
6) 1 ms from the re-run our frame-timer runs again and finally delivers
   the interrupt

This leads to unnecessary large delays of interrupts, this code fixes this
by changing frindex to uframe precision and using that for interrupt threshold
control, making the interrupt fire at step 5 for guest which have low interrupt
threshold settings (like Linux).

Note that the guest still sees the frindex move in steps of 8 for migration
compatibility.

This boosts Linux read speed of a simple cheap USB thumb drive by 6 %.

Changes in v2:
-Make the guest see frindex move in steps of 8 by modifying ehci_opreg_read,
 rather then using a shadow variable

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
bbbc39ccac ehci: Verify a queue's ep direction does not change
ehci_fill_queue assumes that there is a one on one relationship between an ep
and a qh, this patch adds a check to ensure this.

Note I don't expect this to ever trigger, this is just something I noticed
the guest might do while working on other stuff. The only way this check can
trigger is if a guest mixes in and out qtd-s in a single qh for a non
control ep.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
51e0c5d029 ehci: Add an ehci_get_pid helper function
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
e3fdfd488c ehci: Verify qtd for async completed packets
Remove the short-circuiting of fetchqtd in fetchqh, so that the
qtd gets properly verified before completing the transaction.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
2b3de6ada5 ehci: writeback_async_complete_packet: verify qh and qtd
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
190d849249 ehci: Move get / put_dwords upwards
No other changes.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
d066c57b1c ehci: Verify guest does not change the token of inflight qtd-s
This is not allowed, except for clearing active on cancellation, so don't
warn when the new token does not have its active bit set.

This unifies the cancellation path for modified qtd-s, and prepares
ehci_verify_qtd to be used ad an extra check inside
ehci_writeback_async_complete_packet().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
c643263409 ehci: Add ehci_verify_qh and ehci_verify_qtd helper functions
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
f881c8d36b ehci: Add a ehci_writeback_async_complete_packet helper function
Also drop the warning printf, which was there mainly because this was an
untested code path (as the previous bug fixes to it show), but that no
longer is the case now :)

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Alon Levy
62054c06d4 usb/redirect.c: unbreak compilation due to include/char/char.h
Broken since:

commit 927d4878b0
Author: Paolo Bonzini <pbonzini@redhat.com>
Date:   Mon Dec 17 18:20:05 2012 +0100

    softmmu: move remaining include files to include/ subdirectories

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-12-28 16:09:33 +00:00
Paolo Bonzini
927d4878b0 softmmu: move remaining include files to include/ subdirectories
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:32:46 +01:00
Paolo Bonzini
9c17d615a6 softmmu: move include files to include/sysemu/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:32:45 +01:00
Paolo Bonzini
1de7afc984 misc: move include files to include/qemu/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:32:39 +01:00
Paolo Bonzini
83c9089e73 monitor: move include files to include/monitor/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:32 +01:00
Paolo Bonzini
022c62cbbc exec: move include files to include/exec/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:31 +01:00
Paolo Bonzini
cb9c377f54 janitor: add guards to headers
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:31 +01:00
Paolo Bonzini
28ecbaeecb ui: move files to ui/ and include/ui/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:30 +01:00
Paolo Bonzini
1422e32db5 net: reorganize headers
Move public headers to include/net, and leave private headers in net/.
Put the virtio headers in include/net/tap.h, removing the multiple copies
that existed.  Leave include/net/tap.h as the interface for NICs, and
net/tap_int.h as the interface for OS-specific parts of the tap backend.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:29 +01:00
Paolo Bonzini
090f7ac5ba net: move Bluetooth stuff out of net.h
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:29:59 +01:00
Paolo Bonzini
077805fa92 janitor: do not rely on indirect inclusions of or from qemu-char.h
Various header files rely on qemu-char.h including qemu-config.h or
main-loop.h, but they really do not need qemu-char.h at all (particularly
interesting is the case of the block layer!).  Clean this up, and also
add missing inclusions of qemu-char.h itself.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:29:52 +01:00
Michael S. Tsirkin
a2cb15b0dd pci: update all users to look in pci/
update all users so we can remove the makefile hack.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-17 13:02:26 +02:00
Hans de Goede
427e3aa151 usb-tablet: Allow connecting to ehci
Our ehci code has is capable of significantly lowering the wakeup rate
for the hcd emulation while the device is idle. It is possible to add
similar code ot the uhci emulation, but that simply is not there atm,
and there is no reason why a (virtual) usb-tablet can not be a USB-2 device.

Making usb-hid devices connect to the emulated ehci controller instead
of the emulated uhci controller on vms which have both lowers the cpuload
for a fully idle vm from 20% to 2-3% (on my laptop).

An alternative implementation to using a property to select the tablet
type, would be simply making it a new device type, ie usb-tablet2, but the
downside of that is that this will require libvirt changes to be available
through libvirt at all, and then management tools changes to become the
default for new vms, where as using a property will automatically get
any pc-1.3 type vms the lower cpuload.

[ kraxel: adapt compat property for post-1.3 merge ]

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

tablet compat fixup

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:42:05 +01:00
Hans de Goede
8082624099 ehci: Lower timer freq when the periodic schedule is idle
Lower the timer freq if no iso schedule packets complete for 64 frames in
a row.

We can safely do this, without adding latency, because:
1) If there is isoc traffic this will never trigger
2) For async handled interrupt packets (only usb-host), the completion handler
   will immediately schedule the frame_timer from a bh
3) All devices using NAK to signal no data for interrupt endpoints now use
   wakeup, which will immediately schedule the frame_timer from a bh

The advantage of this is that when we only have interrupt packets in the
periodic schedule, async_stepdown can do its work and significantly lower
the frequency at which the frame_timer runs.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Hans de Goede
386ab487eb usb: Allow overriding of usb_desc at the device level
This allows devices to present a different set of descriptors based on
device properties.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Hans de Goede
be41efde3c usb: Don't allow USB_RET_ASYNC for interrupt packets
It is tempting to use USB_RET_ASYNC for interrupt packets, rather then the
current NAK + polling approach, but this causes issues for migration, as
an async completed packet will not getting written back to guest memory until
the next poll time, and if a migration happens in between it will get lost!

Make an exception for host devices, because:
1) host-linux actually uses async completion for interrupt endpoints
2) host devices don't migrate anyways

Ideally we would convert host-linux.c to handle (input) interrupt endpoints in
a buffered manner like it does for isoc endpoints, keeping multiple urbs
submitted to ensure the devices timing requirements are met, as well as making
its interrupt ep handling the same as other usb-devices.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Hans de Goede
8beba93043 usb: Call wakeup when data becomes available for all devices with int eps
This is necessary for proper interaction with the xhci controller, and it
will allow other hcds to lower there frame timer while waiting for interrupt
data.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Peter Crosthwaite
2b29f492c8 ehci-sysbus: Attach DMA context.
This was left as NULL on the initial merge due to debate on the mailing list on
how to handle DMA contexts for sysbus devices. Patch
9e11908f12 was later merged to fix OHCI. This is the,
equivalent fix for sysbus EHCI.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-29 08:04:13 +01:00
Stefan Hajnoczi
c128d6a6d7 usb: fail usbdevice_create() when there is no USB bus
Report an error instead of segfaulting when attaching a USB device to a
machine with no USB busses:

  $ qemu-system-arm -machine vexpress-a9 \
      -sd Fedora-17-armhfp-vexpress-mmcblk0.img \
      -kernel vmlinuz-3.4.2-3.fc17.armv7hl \
      -initrd initramfs-3.4.2-3.fc17.armv7hl.img \
      -usbdevice disk:format=raw:test.img

Note that the vexpress-a9 machine does not have a USB host controller.

Reported-by: David Abdurachmanov <David.Abdurachmanov@cern.ch>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-29 08:04:13 +01:00
Gerd Hoffmann
6c2d1c32d0 usb: tag usb host adapters as not hotpluggable.
Hotplugging them simply doesn't work, so tag them accordingly to
avoid users trying and then crashing qemu.

For xhci there is nothing fundamental which prevents hotplug from
working, we'll "only" need a exit() function which cleans up
everything properly.  That isn't for 1.3 though.

For ehci+uhci+ohci hotplug can't be supported until qemu gains the
capability to hotplug multifunction pci devices.

https://bugzilla.redhat.com/show_bug.cgi?id=879096

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-29 08:04:13 +01:00
Hans de Goede
723aedd532 usb-redir: Don't handle interrupt output packets async
Instead report them as successfully completed directly on submission, this
has 2 advantages:

1) This matches the timing of interrupt output packets on real hardware,
with the previous async handling, if an ep has an interval of say 500 ms,
then there would be 500+ ms between the submission and the guest seeing the
completion, as we wont do the write back until the qh gets polled again. And
in the mean time the guest may very well have timed out, as the guest can
reasonable expect a much quicker completion.

2) This fixes interrupt output packets potentially getting send twice
surrounding a migration. As we delay the writeback to guest memory until
the qh gets polled again, there is a window between completion and writeback
where migration can happen, in this case the destination will not know
about the completion, and it will execute the packet *again*

But it does also come with a disadvantage:

1) If the actual interrupt out to the real usb device fails, there is no
way to report this back to the guest.

This patch assumes however that interrupt outs in practice never fail, as
they are only used by specialized drivers, which are unlikely to issue illegal
requests (unlike general class drivers which often issue requests which some
devices don't implement). And that thus the advantages outway the disadvantage.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
234e810cce usb-redir: Split usb_handle_interrupt_data into separate in/out functions
No functional changes.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
c4020746ff usb-smartcard-reader: Properly NAK interrupt eps when we've no events
When we've no data to return from the interrupt endpoint, return NAK rather
then a 0 length packet.

CC: Alon Levy <alevy@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
33c1a6856f usb-bt: Return NAK instead of STALL when interrupt ep has no data
I noticed this while making all devices with interrupt endpoints properly
do wakeup. While at it also add wakeup support.

Note that I've not tested this, but returning STALL for an interrupt ep
which has no data is cleary the wrong thing to do.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
71d2c9cf65 uhci: Fix double unlink
uhci_async_cancel() already does a uhci_async_unlink().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
1cbdde909f uhci: Don't allow the guest to set port-enabled when there is no dev connected
It is possible for device disconnect and the guest trying to reset the port
(because of USB xact errors prior to the disconnect getting signaled) to race,
when we hit this race, the guest will write the port-control register with its
pre-disconnect value + the reset bit set, after which we have a disconnected
device with its port-enabled bit set in its port-control register, which
is no good :)

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
887938160e uhci: Add a completions_only flag for async completions
Add a completions_only flag, and set this when running process_frame for async
completion handling, this fixes 2 issues in a single patch:

1) It makes sure async completed packets get written to guest mem immediately,
even if all the bandwidth for the frame was consumed from the timer run
process_frame. This is necessary as delaying their writeback to the next frame
can cause the completion to get lost on migration.

2) The calling of process_frame from a bh on async completion causes iso
tds to get server more often they should, messing up usb sound class device
timing. By only processing completed packets, the iso tds get skipped fixing
this.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Gerd Hoffmann
71e0aa3930 usb-host: fix splitted transfers
USBPacket->actual_length wasn't updated correctly for USBPackets
splitted into multiple urbs.  Fix it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Gerd Hoffmann
8c908fca58 usb-host: update tracing
Now that we have separate status and length fields in USBPacket
update the completion tracepoint to log both.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
618fbc951d usb-redir: Set default debug level to warning
The previous default of 0 means that even errors and warnings would not
get printed, which is really not a good default.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
2cb343b442 usb-redir: Only add actually in flight packets to the in flight queue
Packets which are queued up, but not yet handed over to the device, are
*not* in flight.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Gerd Hoffmann
55903f1d2d ehci: handle dma errors
Starting with commit 1c380f9460 dma
transfers can actually fail.  This patch makes ehci keep track
of the busmaster bit in pci config space, by setting/clearing the
dma_context pointer.  Attempts to dma without context will result
in raising HSE (Host System Error) interrupt and stopping the host
controller.

This patch fixes WinXP not booting with a usb stick attached to ehci.
Root cause is seabios activating ehci so you can boot from the stick,
and WinXP clearing the busmaster bit before resetting the host
controller, leading to ehci actually trying dma while it is disabled.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Gerd Hoffmann
40862309a9 ehci: keep the frame timer running in case the guest asked for frame list rollover interrupts
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
2c7b15c1de ehci: Don't verify the next pointer for periodic qh-s and qtd-s
While testing the move to async packet handling for interrupt endpoints I
noticed that Windows-XP likes to play tricks with the next pointer for
periodic qh-s, so we should not fail qh / qtd verification when it changes.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
601a234731 ehci: Better detection for qtd-s linked in circles
Windows links interrupt qtd-s in circles, which means that when interrupt
endpoints return USB_RET_ASYNC, combined with the recent
"ehci: Retry to fill the queue while waiting for td completion" patch,
we keep adding the tds to the queue over and over again, as we detect the
circle from fill_queue, but we call it over and over again ...

This patch fixes this by changing the circle detection to also detect
circling into tds already queued up previously.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
ff80ce599e ehci: Fixup q->qtdaddr after cancelling an already completed packet
This avoids the q->qtdaddr == p->qtdaddr asserts we have triggering, when
a queue contains multiple completed packages when we cancel the queue.

I triggered this with windows7 + async interrupt endpoint handling (*)
+ not detecting circles in ehci_fill_queue() properly, which makes the qtd
validation in ehci_fill_queue fail, causing cancellation of the queue on every
mouse event ...

*) Which is not going upstream as it will cause loss of interrupt events on
migration.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
30d68cf6e1 ehci: Don't access packet after freeing it
ehci_state_writeback() will free the packet, so we should not access
the packet after calling ehci_state_writeback().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Jan Kiszka
537e8f1aa8 usb: host-linux: Ignore parsing errors of the device descriptors
The Linux is more tolerant here as well: Just stop parsing the device
descriptors when an error is detected but do not reset what was found
so far. This allows to run buggy devices with partially invalid
descriptors.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Gerd Hoffmann
c06c68c928 usb-host: scan for usb devices when the vm starts
Commit a844ed842d leads to usb-host
detecting devices not right after qemu startup because the guest
isn't running yet.  Instead they are found on the first of the
regular usb device poll runs.  Which is too late for seabios to see
them, so booting from usb sticks fails.

Fix this by adding a vm state change handler which triggers a device
scan when the vm is started.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:05 +01:00
David Gibson
155de06f24 usb: Fix (another) bug in usb_packet_map() for IOMMU handling
Elements in qemu SGLists can cross IOMMU page boundaries.  So, in commit
39c138c842 "usb: Fix usb_packet_map() in the
presence of IOMMUs", I changed usb_packet_map() to split up each SGList
element on IOMMU page boundaries and each resulting piece of qemu's memory
space separately to the iovec the usb code uses internally.

That was correct in concept, but the patch has a bug.  The 'base' variable
correctly steps through the dma address of each piece, but then we call
the dma_memory_map() function on the base address of the whole SGList
element every time.

This patch fixes at least one problem using XHCI on the pseries guest
machine.  It didn't affect OHCI because that doesn't use usb_packet_map().
In theory it also affects EHCI, but we haven't observed that in practice.
I think the transfers were small enough on EHCI that they never crossed an
IOMMU page boundary in practice.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:05 +01:00
Anthony Liguori
5f580e9411 Merge remote-tracking branch 'bonzini/scsi-next' into staging
* bonzini/scsi-next:
  virtio-scsi: use dma_context_memory
  dma: Define dma_context_memory and use in sysbus-ohci
  megasas: Correct target/lun mapping
  scsi-disk: flush cache after disabling it
  megasas: do not include block_int.h
  scsi: remove superfluous call to scsi_device_set_ua
  virtio-scsi: factor checks for VIRTIO_SCSI_S_DRIVER_OK when reporting events
  scsi: do not return short responses for emulated commands

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-14 08:50:45 -06:00
Peter Maydell
9e11908f12 dma: Define dma_context_memory and use in sysbus-ohci
Define a new global dma_context_memory which is a DMAContext corresponding
to the global address_space_memory AddressSpace. This can be used by
sysbus peripherals like sysbus-ohci which need to do DMA.

In particular, use it in the sysbus-ohci device, which fixes a
segfault when attempting to use that device.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
2012-11-12 16:44:57 +01:00
Gerd Hoffmann
9d1530470b ehci: fix migration
Commit 5010d4dc61 reorganized vmstate to
split core + pci, but got two little details wrong.  Fix them.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-09 09:09:34 +01:00
David Gibson
616b5d53ae xhci: Fix some DMA host endian bugs
The xhci device does correct endian switches on the results of some DMAs
but not all.  In particular, there are many DMAs of what are essentially
arrays of 32-bit integers which never get byteswapped.  This causes them
to be interpreted incorrectly on big-endian hosts, since (as per the xhci
spec) these arrays are always little-endian in guest memory.

This patch adds some helper functions to fix these bugs.  This may not be
all the endian bugs in the xhci code, but it's certainly some of them and
the Linux guest xhci driver certainly gets further with these fixes.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-09 08:27:55 +01:00
Hans de Goede
ffd8a97fb3 usb/combined-packet: Move freeing of combined to usb_combined_packet_remove()
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-08 18:41:47 +01:00
Hans de Goede
9b8251c5c4 xhci: Add support for packets with both data and an error status
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-08 18:41:47 +01:00
Hans de Goede
e696b1da42 ehci: Add support for packets with both data and an error status
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-08 18:41:47 +01:00
Hans de Goede
01e26b0ea3 ehci: Get rid of the magical PROC_ERR status
Instead make ehci_execute and ehci_fill_queue return the again value.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-08 18:41:46 +01:00
Hans de Goede
e94ca437ba usb-redir: Allow packets to have both data and an error-status
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-08 18:41:46 +01:00
Hans de Goede
9a77a0f589 usb: split packet result into actual_length + status
Since with the ehci and xhci controllers a single packet can be larger
then maxpacketsize, it is possible for the result of a single packet
to be both having transferred some data as well as the transfer to have
an error.

An example would be an input transfer from a bulk endpoint successfully
receiving 1 or more maxpacketsize packets from the device, followed
by a packet signalling halt.

While already touching all the devices and controllers handle_packet /
handle_data / handle_control code, also change the return type of
these functions to void, solely storing the status in the packet. To
make the code paths for regular versus async packet handling more
uniform.

This patch unfortunately is somewhat invasive, since makeing the qemu
usb core deal with this requires changes everywhere. This patch only
prepares the usb core for this, all the hcd / device changes are done
in such a way that there are no functional changes.

This patch has been tested with uhci and ehci hcds, together with usb-audio,
usb-hid and usb-storage devices, as well as with usb-redir redirection
with a wide variety of real devices.

Note that there is usually no need to directly set packet->actual_length
form devices handle_data callback, as that is done by usb_packet_copy()

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-08 18:41:46 +01:00
Hans de Goede
95a59dc039 usb-redir: Allow redirecting super speed devices to high speed controllers
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:21:01 +01:00
Jan Kiszka
cdfd3530fa usb-redir: Allow to attach USB 2.0 devices to 1.1 host controller
This follows the logic of host-linux: If a 2.0 device has no ISO
endpoint and no interrupt endpoint with a packet size > 64, we can
attach it also to an 1.1 host controller. In case the redir server does
not report endpoint sizes, play safe and remove the 1.1 compatibility as
well. Moreover, if we detect a conflicting change in the configuration
after the device was already attached, it will be disconnected
immediately.

HdG: Several small cleanups and fixes

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:21:01 +01:00
Hans de Goede
24ac283aa2 usb-redir: Use reject rather the disconnect on bad ep info
So that the client gets a notification about us disconnecting the device.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:21:01 +01:00
Hans de Goede
7e03d17816 usb-redir: Add an usbredir_setup_usb_eps() helper function
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:21:01 +01:00
Hans de Goede
1b36c4d826 usb-redir: Add support for input pipelining
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:20:46 +01:00
Hans de Goede
c19a798133 usb-redir: Add support for 32 bits bulk packet length
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Hans de Goede
579967bea6 combined-packet: Add a workaround for Linux usbfs + live migration
Older versions (anything but the latest) of Linux usbfs + libusb(x),
will submit larger (bulk) transfers split into multiple 16k submissions,
which means that rather then all tds getting linked into the queue in
one atomic operarion they get linked in a bunch at a time, which could
cause problems if:
1) We scan the queue while libusb is in the middle of submitting a split
   bulk transfer
2) While this bulk transfer is pending we migrate to another host.

The problem is that after 2, the new host will rescan the queue and
combine the packets in one large transfer, where as 1) has caused the
original host to see them as 2 transfers. This patch fixes this by stopping
combinging if we detect a 16k transfer with its int_req flag set.

This should not adversely effect performance for other cases as:
1) Linux never sets the interrupt flag on packets other then the last
2) Windows does set the in_req flag on each td, but will submit large
transfers in 20k tds thus never triggering the check

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Hans de Goede
a552a966f1 usb: Add packet combining functions
Currently we only do pipelining for output endpoints, since to properly
support short-not-ok semantics we can only have one outstanding input
packet. Since the ehci and uhci controllers have a limited per td packet
size guests will split large input transfers to into multiple packets,
and since we don't pipeline these, this comes with a serious performance
penalty.

This patch adds helper functions to (re-)combine packets which belong to 1
transfer at the guest device-driver level into 1 large transger. This can be
used by (redirection) usb-devices to enable pipelining for input endpoints.

This patch will combine packets together until a transfer terminating packet
is encountered. A terminating packet is a packet which meets one or more of
the following conditions:
1) The packet size is *not* a multiple of the endpoint max packet size
2) The packet does *not* have its short-not-ok flag set
3) The packet has its interrupt-on-complete flag set

The short-not-ok flag of the combined packet is that of the terminating packet.
Multiple combined packets may be submitted to the device, if the combined
packets do not have their short-not-ok flag set, enabling true pipelining.

If a combined packet does have its short-not-ok flag set the queue will
wait with submitting further packets to the device until that packet has
completed.

Once enabled in the usb-redir and ehci code, this improves the speed (MB/s)
of a Linux guest reading from a USB mass storage device by a factor of
1.2 - 1.5.

And the main reason why I started working on this, when reading from a pl2303
USB<->serial converter, it combines the previous 4 packets submitted per
device-driver level read into 1 big read, reducing the number of packets / sec
by a factor 4, and it allows to have multiple reads outstanding. This allows
for much better latency tolerance without the pl2303's internal buffer
overflowing (which was happening at 115200 bps, without serial flow control).

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Hans de Goede
7f102ebeb5 uhci: Don't crash on device disconnect
My recent uhci cleanup series has introduced a regression, where
qemu sometimes crashes on a device disconnect. The problem is that
the uhci code never checked for a device not / no longer existing, instead
it was relying on usb_handle_packet accepting a NULL device.

But since we now pass usb_handle_packet q->ep->dev, rather then just
a local dev variable, we crash as q->ep == NULL due to the device no longer
existing.

This patch fixes this. Note that this patch also improves over
the old behavior were we would:
1) create a queue for the device
2) create an async for the packet
3) have usb_handle_packet fail
4) destroy the async
5) wait for the queue to be idle for 32 frames
6) destroy the queue

Which was rather sub-optimal.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Hans de Goede
faccca000f uhci: Add a uhci_handle_td_error() helper function
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Gerd Hoffmann
bb4d2b2f0a usb/ehci-pci: add helper to create ich9 usb controllers
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Gerd Hoffmann
ba07630c79 usb/ehci-pci: add ich9 00:1a.* variant
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Gerd Hoffmann
df01318777 usb/ehci-pci: dynamic type generation
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:57 +01:00
Gerd Hoffmann
74625ea27c uhci: add ich9 00:1a.* variants
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:57 +01:00
Gerd Hoffmann
8f3f90b0c7 uhci: stick irq routing info into UHCIInfo too.
Kills the ugly "switch (device_id) { ... }" struct and makes it easier
to figure what the differences between the uhci variants are.

Need our own DeviceClass struct for that so we can allocate some space
to store UHCIInfo.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:57 +01:00
Gerd Hoffmann
2c2e852509 uhci: dynamic type generation
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:57 +01:00
Gerd Hoffmann
e433785a76 usb/ehci: add sysbus variant
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:10 +01:00
Gerd Hoffmann
0bf96f9457 usb/ehci: split into multiple source files
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:10 +01:00
Peter Crosthwaite
569c7fc840 usb/ehci: Guard definition of EHCI_DEBUG
Guard against re-definition of EHCI_DEBUG. Allows for turning on of debug info
from configure (using --qemu-extra-cflags="-DEHCI_DEBUG=1") rather than source
code hacking.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:10 +01:00
Peter Crosthwaite
5010d4dc61 usb/ehci: seperate out PCIisms
Seperate the PCI stuff from the EHCI components. Extracted the PCIDevice
out into a new wrapper struct to make EHCIState non-PCI-specific. Seperated
tho non PCI init component out into a seperate "common" init function.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:10 +01:00
Peter Crosthwaite
7ae6ce0258 usb/ehci: Abstract away PCI DMA API
Pull the DMAContext for the PCI DMA out at device init time and put it into
the device state. Use dma_memory_read/write() instead of pci specific versions.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Peter Crosthwaite
27a11324e0 usb/ehci: parameterise the register region offsets
The capabilities register and operational register offsets can vary from one
EHCI implementation to the next. Parameterise accordingly.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
0bc85da69e xhci: allow address slot being called multiple times
win8 guests do that for some reason ...

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
4f47f0f82e xhci: add port trace points
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
b62b08282d xhci: set pls in xhci_port_update & xhci_port_reset
Set the port link state to the correct values in xhci_port_update and
xhci_port_reset functions.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
40030130d1 xhci: add xhci_port_reset
Move port reset logic to its own function.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
f705a36280 xhci: add xhci_port_notify
Create a function to notify the guest about port
status changes and put it into use.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
6a32f80f05 xhci: add xhci_port_have_device
Factor out the code which checks whenever a usb device is attached
to the port in question.  No functional change.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
f321402785 xhci: s/xhci_update_port/xhci_port_update/
Rename the function for xhci_port_* naming scheme, also drop
the xhci parameter as port carries a pointer to xhci anyway.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
85e05d825f xhci: add {get,set}_field macros & enum for pls
Add {get,set}_field macros (simliar to ehci) to read and update
some bits of a word.  Put them into use for updating pls (port
link state) values.  Also add a enum for pls values.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
0ebfb144e8 xhci: fix usb name in caps
Used to be "UTB" not "USB".

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 14:38:12 +02:00
Gerd Hoffmann
91062ae00f xhci: make number of interrupters and slots configurable
Add properties to tweak the numbers of available interrupters and slots.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 14:37:34 +02:00
Gerd Hoffmann
e099ad4b7e xhci: allow disabling interrupters
For secondary interrupters this is explicitly allowed in the specs.
For the primary interrupter behavior is undefined, lets be friendly
and allow disabling too.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 14:35:55 +02:00
Gerd Hoffmann
3f973ee84e xhci: flush endpoint context unconditinally
Not updating the endpoint context in case the state didn't change is
wrong.  Other context fields might have changed, for example the
dequeue pointer in response to a CR_SET_TR_DEQUEUE command.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 14:35:47 +02:00
Gerd Hoffmann
79a8af3509 xhci: fix function name in error message
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 14:35:39 +02:00
Hans de Goede
6fe30910ab uhci: Use only one queue for ctrl endpoints
ctrl endpoints use different pids for different phases of a control
transfer, this patch makes us use only one queue for a ctrl ep, rather
then 3.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:12 +02:00
Hans de Goede
8928c9c43d uhci: Retry to fill the queue while waiting for td completion
If the guest is using multiple transfers to try and keep the usb bus busy /
used at maximum efficiency, currently we would see / do the following:

1) submit transfer 1 to the device
2) submit transfer 2 to the device
3) report transfer 1 completion to guest
4) report transfer 2 completion to guest
5) submit transfer 1 to the device
6) report transfer 1 completion to guest
7) submit transfer 2 to the device
8) report transfer 2 completion to guest
etc.

So after the initial submission we would effectively only have 1 transfer
in flight, rather then 2. This is caused by us not checking the queue for
addition of new transfers by the guest (ie the resubmission of a recently
finished transfer), while waiting for a pending transfer to complete.
This patch does add a check for this, changing the sequence to:

1) submit transfer 1 to the device
2) submit transfer 2 to the device
3) report transfer 1 completion to guest
4) submit transfer 1 to the device
5) report transfer 2 completion to guest
6) submit transfer 2 to the device
etc.

Thus keeping 2 transfers in flight (most of the time, and always 1),
as intended by the guest.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:12 +02:00
Hans de Goede
3905097ea8 uhci: Always mark a queue valid when we encounter it
Before this patch we would not mark a queue valid when its head was a
non-active td. This causes us to misbehave in the following scenario:

1) queue with multiple input transfers queued
2) We hit some latency issue, causing qemu to get behind processing frames
3) When qemu gets to run again, it notices the first transfer ends short,
   marking the head td non-active
4) It now processes 32+ frames in a row without giving the guest a chance
   to run since it is behind
5) valid is decreased to 0, causing the queue to get cancelled also cancelling
   already queued up further input transfers
6) guest gets to run, notices the inactive td, cleanups up further tds
   from the short transfer, and lets the queue continue at the first td of
   the next input transfer
7) we re-start the queue, issuing the second input transfer for the *second*
   time, and any data read by the first time we issued it has been lost

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:12 +02:00
Hans de Goede
420ca987d5 uhci: When the guest marks a pending td non-active, cancel the queue
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:12 +02:00
Hans de Goede
8c75a899f8 uhci: Detect guest td re-use
A td can be reused by the guest in a different queue, before we notice
the original queue has been unlinked. So search for tds by addr only, detect
guest td reuse, and cancel the original queue, this is necessary to keep our
packet ids unique.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
66a08cbe6a uhci: Verify queue has not been changed by guest
According to the spec a guest can unlink a qh, and then as soon as frindex
has changed by 1 since the unlink, assume it is idle and re-use it. However
for various reasons, we cannot simply consider a qh as unlinked if we've not
seen it for 1 frame. This means that it is possible for a guest to re-use /
restart the queue while we still see its old state. This patch adds a safety
check for this, and "early" retires queues when they were changed by the guest.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
5ad23e873c uhci: Immediately free queues on device disconnect
There is no need to just cancel any in-flight packets, and then wait
for validate-end to clean things up, we can simply clean things up
immediately on device removal.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
11d15e402b uhci: Store ep in UHCIQueue
This avoids the need to repeatedly lookup the device, and ep.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
a4f30cd766 uhci: Make uhci_fill_queue() actually operate on an UHCIQueue
And move its calling point to handle_td, this removes the ep_ret ugliness,
and prepates the way for further cleanups in the follow-up patches in this
patch-set.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
963a68b54f uhci: Add uhci_read_td() helper function
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
1f250cc772 uhci: Rename UHCIAsync->td to UHCIAsync->td_addr
We use the name td both to refer to a UHCI_TD read from guest memory as
well as to refer to the guest address where a td is stored, switch over
to always use td_addr in the second case for consistency.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
4050737726 uhci: Move emptying of the queue's asyncs' queue to uhci_queue_free
Cleanup: all callers of uhci_queue_free first unconditionally cancel
all remaining asyncs in the queue, so lets move this to uhci_queue_free().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
3c87c76d1a uhci: Drop unnecessary forward declaration of some static functions
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
a89e255b0c uhci: Don't retry on error
Since we are either dealing with emulated devices, where retrying is
not going to help, or with redirected devices where the host OS will
have already retried, don't bother retrying on failed transfers.

Also move some common/indentical code out of all the error cases
into the generic error path.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
2f2ee2689f uhci: cleanup: Add an unlink call to uhci_async_cancel()
All callers of uhci_async_cancel() call uhci_async_unlink() first, so
lets move the unlink call to uhci_async_cancel()

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
5b352ed537 uhci: No need to handle async completion of isoc packets
No devices ever return async for isoc endpoints and the core
already enforces this.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
aaac74343d usb: Enforce iso endpoints never returing USB_RET_ASYNC
ehci was already testing for this, and we depend in various places
on no devices doing this, so lets move the check for this to the
usb core.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
a6fb2ddb14 usb: Add an int_req flag to USBPacket
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
6ba43f1f6b usb: Move short-not-ok handling to the core
After a short-not-ok packet ending short, we should not advance the queue.
Move enforcing this to the core, rather then handling it in the hcd code.

This may result in the queue now actually containing multiple input packets
(which would not happen before), and this requires special handling in
combination with pipelining, so disable pipleining for input endpoints
(for now).

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
0cae7b1a00 usb: Move clearing of queue on halt to the core
hcds which queue up more then one packet at once (uhci, ehci and xhci),
must clear the queue after an error which has caused the queue to halt.

Currently this is handled as a special case inside the hcd code, this
patch instead adds an USB_RET_REMOVE_FROM_QUEUE packet result code, teaches
the 3 hcds about this and moves the clearing of the queue on a halt into
the USB core.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
36dfe324fd usb: Add USB_RET_ADD_TO_QUEUE packet result code
This can be used by usb-device code which wishes to process an entire endpoint
queue at once, to do this the usb-device code returns USB_RET_ADD_TO_QUEUE
from its handle_data class method and defines a flush_ep_queue class method
to call when the hcd is done queuing up packets.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
d0ff81b871 usb: Rename __usb_packet_complete to usb_packet_complete_one
And make it available for use outside of core.c

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
3151f2096d xhci: Add a xhci_ep_nuke_one_xfer helper function
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
b4ea866499 ehci: Retry to fill the queue while waiting for td completion
If the guest is using multiple transfers to try and keep the usb bus busy /
used at maximum efficiency, currently we would see / do the following:

1) submit transfer 1 to the device
2) submit transfer 2 to the device
3) report transfer 1 completion to guest
4) report transfer 2 completion to guest
5) submit transfer 1 to the device
6) report transfer 1 completion to guest
7) submit transfer 2 to the device
8) report transfer 2 completion to guest
etc.

So after the initial submission we would effectively only have 1 transfer
in flight, rather then 2. This is caused by us not checking the queue for
addition of new transfers by the guest (ie the resubmission of a recently
finished transfer), while waiting for a pending transfer to complete.
This patch does add a check for this, changing the sequence to:

1) submit transfer 1 to the device
2) submit transfer 2 to the device
3) report transfer 1 completion to guest
4) submit transfer 1 to the device
5) report transfer 2 completion to guest
6) submit transfer 2 to the device
etc.

Thus keeping 2 transfers in flight (most of the time, and always 1),
as intended by the guest.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
e3a36bce1d ehci: Detect going in circles when filling the queue
For ctrl endpoints Windows (atleast Win7) creates circular td lists, so far
these were not a problem because we would stop filling the queue if altnext
was set. Since further patches in this patchset remove the altnext check this
does become a problem and we need detection for going in circles.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
44272b0f88 ehci: Speed up the timer of raising int from the async schedule
Often the guest will queue up new packets in response to a packet, in the
async schedule with its IOC flag set, completing. By speeding up the
frame-timer, we notice these new packets earlier. This increases the
speed (MB/s) of a Linux guest reading from a USB mass storage device by a
factor of 1.15 on top of the "Improve latency of interrupt delivery"
speed-ups, both with and without input pipelining enabled.

I've not tested the speed-up of this patch without the
"Improve latency of interrupt delivery" patch.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
0262f65aaa ehci: Improve latency of interrupt delivery and async schedule scanning
While doing various performance tests of reading from USB mass storage devices
I noticed the following::
1) When an async handled packet completes, we don't immediately report an
   interrupt to the guest, instead we wait for the frame-timer to run and
   report it from there
2) If 1) has been fixed and an async handled packet takes a while to complete,
   then async_stepdown will become a high value, which means that there
   will be a large latency before any new packets queued by the guest in
   response to the interrupt get seen

1) was done deliberately as part of commit f0ad01f92:
http://www.kraxel.org/cgit/qemu/commit/?h=usb.57&id=f0ad01f92ca02eee7cadbfd225c5de753ebd5fce
Since setting the interrupt immediately on async packet completion was causing
issues with Linux guests, I believe this recently fixed Linux bug explains
why this is happening:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commitdiff;h=361aabf395e4a23cf554cf4ec0c0c6963b8beb01

Note that we can *not* count on this fix being present in all Linux guests!

I was hoping that the recently added support for Interrupt Threshold Control
would fix the issues with Linux guests, but adding a simple ehci_commit_irq()
call to ehci_async_bh() still caused problems with Linux guests.

The problem is, that when doing ehci_commit_irq() from ehci_async_bh(),
the "old" frindex value is used to calculate usbsts_frindex, and when
the frame-timer then runs possibly very shortly after ehci_async_bh(),
it increases the frame-timer, and thus any interrupts raised from that
frame-timer run, will also get reported to the guest immediately, rather
then being delayed to the next frame-timer run.

Luckily the solution for this is simple, this means that we need to
increase frindex before calling ehci_commit_irq() from ehci_async_bh(),
which in the end boils down to simple calling ehci_frame_timer() instead
of ehci_async_bh() from the bh.

This may seem like it causes a lot of extra work to be done, but this
is not true. Any work done from the frame-timer processing the periodic
schedule is work which then does not need to be done the next time the
frame timer runs, also the frame-timer will re-arm itself at (possibly)
a later time then it was armed for saving a vmexit at that time.

As an additional advantage moving to simply calling the frame-timer also
fixes 2) as the packet completion will set async_stepdown to 0, and the
re-arming of the timer with an async_stepdown of 0 ensures that any
newly queued up packets get seen in a reasonable amount of time.

This improves the speed (MB/s) of a Linux guest reading from a USB mass
storage device by a factor of 1.5 - 1.7 with input pipelining disabled,
and by a factor of 1.8 with input pipelining enabled.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
cf08a8a1f6 ehci: Set int flag on a short input packet
According to 4.15.1.2 an interrupt must be raised when a short packet
is received. If we don't do this it may take a significant time for
the guest to notice a short trasnfer has completed, since only the last td
will have its IOC flag set, and a short transfer may complete in an earlier
packet.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
549a3c3d96 ehci: Get rid of packet tbytes field
This field is used in some places to track the tbytes field of the token, but
in other places the field is used directly, use it directly everywhere for
consistency.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
7c2eaca4ef uhci: Move checks to continue queuing to uhci_fill_queue()
Rather then having a special check to start queuing after the first packet,
and then another check for the other packets in uhci_fill_queue(), simply
check the previous packet beforehand in uhci_fill_queue()

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:08 +02:00
Hans de Goede
00a0770de3 uhci: Properly unmap packets on cancel / invalid pid
Packets with an invalid pid, or which were cancelled have
usb_packet_map() called on them on init, but not usb_packet_unmap()
before being freed.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:08 +02:00
Avi Kivity
a8170e5e97 Rename target_phys_addr_t to hwaddr
target_phys_addr_t is unwieldly, violates the C standard (_t suffixes are
reserved) and its purpose doesn't match the name (most target_phys_addr_t
addresses are not target specific).  Replace it with a finger-friendly,
standards conformant hwaddr.

Outstanding patchsets can be fixed up with the command

  git rebase -i --exec 'find -name "*.[ch]"
                        | xargs s/target_phys_addr_t/hwaddr/g' origin

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-10-23 08:58:25 -05:00
Gerd Hoffmann
da124e62de usb-serial: only expose device in guest when the chardev is open
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-10-22 13:26:42 -05:00
Gerd Hoffmann
70330fb3da usb-serial: don't magically zap chardev on umplug
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-10-22 13:26:42 -05:00
Hans de Goede
883bca776d uhci: Raise interrupt when requested even for non active tds
According to the spec we must raise an interrupt when one is requested
even for non active tds.

Linux depends on this, for bulk transfers it runs an inactivity timer
to work around a bug in early uhci revisions, when we take longer then
200 ms to process a packet, this timer goes of, and as part of the
handling Linux then unlinks the qh, and relinks it after the frindex
has increased by atleast 1, the problem is Linux only checks for the
frindex increases on an interrupt, and we don't send that, causing
the qh to go inactive for more then 32 frames, at which point we
consider the packet cancelled.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-11 09:33:33 +02:00
Hans de Goede
5c16f76781 usb-redir: Don't make migration fail in none seamless case
Instead simple disconnect the device like host redirection does on
migration.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-11 09:32:10 +02:00
Hans de Goede
dbbf01958e usb-redir: Change usbredir_open_chardev into usbredir_create_parser
As we need to create the parser at more places.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-11 09:32:10 +02:00
Aurelien Jarno
048d3612a5 Merge branch 'trivial-patches' of git://github.com/stefanha/qemu
* 'trivial-patches' of git://github.com/stefanha/qemu:
  versatilepb: Use symbolic indices for ARM PIC
  qdev: kill bogus comment
  qemu-barrier: Fix compiler version check for future gcc versions
  hw: Add missing 'static' attribute for QEMUMachine
  cleanup useless return sentence
  qemu-sockets: Fix compiler warning (regression for MinGW)
  vnc: Fix spelling (hellmen -> hellman) in comment
  slirp: Fix spelling in comment (enought -> enough, insure -> ensure)
  tcg/arm: Use tcg_out_mov_reg rather than inline equivalent code
  cpu: Add missing 'static' attribute to qemu_global_mutex
  configure: Support empty target list (--target-list=)
  hw: Fix return value check for bdrv_read, bdrv_write
2012-10-06 18:54:14 +02:00
Stefan Weil
c9159fe9aa Remove libhw
The entries for libhw* are no longer needed in .gitignore.

There is also no longer a difference between common-obj-y and
hw-obj-y, so one of those two macros is sufficient.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-10-05 16:07:49 -05:00
Amos Kong
4d5b97da35 cleanup useless return sentence
This patch cleans up return sentences in the end of void functions.

Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
2012-10-05 15:10:21 +02:00
David Gibson
39c138c842 usb: Fix usb_packet_map() in the presence of IOMMUs
With the IOMMU infrastructure introduced before 1.2, we need to use
dma_memory_map() to obtain a qemu pointer to memory from an IO bus address.
However, dma_memory_map() alters the given length to reflect the length
over which the used DMA translation is valid - which could be either more
or less than the requested length.

usb_packet_map() does not correctly handle these cases, simply failing if
dma_memory_map() alters the requested length.  If dma_memory_map()
increased the length, we just need to use the requested length for the
qemu_iovec_add().  However, if it decreased the length, it means that a
single DMA translation is not valid for the whole sglist element, and so
we need to loop, splitting it up into multiple iovec entries for each
piece with a DMA translation (in practice >2 pieces is unlikely).

This patch implements the correct behaviour

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-26 09:24:42 +02:00
Hans de Goede
cae5d3f4b3 ehci: Fix interrupt packet MULT handling
There are several issues with our handling of the MULT epcap field
of interrupt qhs, which this patch fixes.

1) When we don't execute a transaction because of the transaction counter
being 0, p->async stays EHCI_ASYNC_NONE, and the next time we process the
same qtd we hit an assert in ehci_state_fetchqtd because of this. Even though
I believe that this is caused by 3 below, this patch still removes the assert,
as that can still happen without 3, when multiple packets are queued for the
same interrupt ep.

2) We only *check* the transaction counter from ehci_state_execute, any
packets queued up by fill_queue bypass this check. This is fixed by not calling
fill_queue for interrupt packets.

3) Some versions of Windows set the MULT field of the qh to 0, which is a
clear violation of the EHCI spec, but still they do it. This means that we
will never execute a qtd for these, making interrupt ep-s on USB-2 devices
not work, and after recent changes, triggering 1).

So far we've stored the transaction counter in our copy of the mult field,
but with this beginnig at 0 already when dealing with these version of windows
this won't work. So this patch adds a transact_ctr field to our qh struct,
and sets this to the MULT field value on fetchqh. When the MULT field value
is 0, we set it to 4. Assuming that windows gets way with setting it to 0,
by the actual hardware going horizontal on a 1 -> 0 transition, which will
give it 4 transactions (MULT goes from 0 - 3).

Note that we cannot stop on detecting the 1 -> 0 transition, as our decrement
of the transaction counter, and checking for it are done in 2 different places.

Reported-by: Shawn Starr <shawn.starr@rogers.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-26 09:24:41 +02:00
Gerd Hoffmann
1d8a4e69ee xhci: create a memory region for each port
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-26 09:24:41 +02:00
Gerd Hoffmann
ccaf87a085 xhci: route string & usb hub support
Parse route string in slot contexts and
support devices connected via hub.
2012-09-26 09:24:41 +02:00
Gerd Hoffmann
d95e74eaed xhci: tweak limits
Set maxports to 15.  This is what the usb3 route string can handle.

Set maxslots to 64.  This is more than the number of root ports we
can have, but with additional hubs you can end up with more devices.

Set maxintrs (aka msi vectors) to 16.  Should be enougth, especially
considering that vectors are a limited ressource.  Linux guests use
only three at the moment.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-26 09:24:41 +02:00
Aurelien Jarno
cfb75cb980 Merge branch 'usb.65' of git://git.kraxel.org/qemu
* 'usb.65' of git://git.kraxel.org/qemu:
  uhci: Don't queue up packets after one with the SPD flag set
  usb-redir: Revert usb-redir part of commit 93bfef4c
  usb-redir: Add chardev open / close debug logging
  usb-redir: Add support for migration
  usb-redir: Store max_packet_size in endp_data
  usb-redir: Add an already_in_flight packet-id queue
  usb-redir: Change cancelled packet code into a generic packet-id queue
  ehci: Walk async schedule before and after migration
  ehci: Don't set seen to 0 when removing unseen queue-heads
  configure: usbredir fixes
  ehci: Don't process too much frames in 1 timer tick (v2)
  ehci: Fix interrupts stopping when Interrupt Threshold Control is 8
  ehci: switch to new-style memory ops
  usb-host: allow emulated (non-async) control requests without USBPacket
2012-09-21 19:53:26 +02:00
Stefan Hajnoczi
190563f9a9 net: fix usbnet_receive() packet drops
The USB network interface has a single buffer which the guest reads
from.  This patch prevents multiple calls to usbnet_receive() from
clobbering the input buffer.  Instead we queue packets until buffer
space becomes available again.

This is inspired by virtio-net and e1000 rxbuf handling.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14 08:40:32 +01:00
Stefan Hajnoczi
f237ddbb89 net: clean up usbnet_receive()
The USB network interface has two code paths depending on whether or not
RNDIS mode is enabled.  Refactor usbnet_receive() so that there is a
common path throughout the function instead of duplicating everything
across if (is_rndis(s)) ... else ... code paths.

Clean up coding style and 80 character line wrap along the way.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14 08:40:32 +01:00
Hans de Goede
72a04d0c17 uhci: Don't queue up packets after one with the SPD flag set
Don't queue up packets after a packet with the SPD (short packet detect)
flag set. Since we won't know if the packet will actually be short until it
has completed, and if it is short we should stop the queue.

This fixes a miniature photoframe emulating a USB cdrom with the windows
software for it not working.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-13 09:50:47 +02:00
Hans de Goede
35efba2cc6 usb-redir: Revert usb-redir part of commit 93bfef4c
Commit 93bfef4c6e makes qemu-devices
which report the qemu version string to the guest in some way use a
qemu_get_version function which reports a machine-specific version string.

However usb-redir does not expose the qemu version to the guest, only to
the usbredir-host as part of the initial handshake. This can then be logged
on the usbredir-host side for debugging purposes and is otherwise completely
unused! For debugging purposes it is important to have the real qemu version
in there, rather then the machine-specific version.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-13 09:50:47 +02:00
Hans de Goede
09054d19e7 usb-redir: Add chardev open / close debug logging
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-13 09:50:47 +02:00
Hans de Goede
fc3f6e1b10 usb-redir: Add support for migration
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-13 09:50:47 +02:00
Hans de Goede
3f4be32824 usb-redir: Store max_packet_size in endp_data
So that we've a place to migrate it to / from to allow restoring it after
migration.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-13 09:50:46 +02:00
Hans de Goede
9a8d4067a6 usb-redir: Add an already_in_flight packet-id queue
After a live migration, the usb-hcd will re-queue all packets by
walking over the schedule in the guest memory again, but requests which
were encountered on the migration source before will already be in flight,
so these should *not* be re-send to the usbredir-host.

This patch adds an already in flight packet ud queue, which will be filled by
the source before migration and then moved over to the migration dest, any
async handled packets are then checked against this queue to avoid sending
the same packet to the usbredir-host twice.

Signed-off-by: Hans de Goede <hdegoede@redhat,com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-13 09:50:46 +02:00
Hans de Goede
8e60452a95 usb-redir: Change cancelled packet code into a generic packet-id queue
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-13 09:50:46 +02:00
Hans de Goede
ceab6f9645 ehci: Walk async schedule before and after migration
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-13 09:50:46 +02:00
Hans de Goede
8f5457eb04 ehci: Don't set seen to 0 when removing unseen queue-heads
When removing unseen queue-heads from the async queue list, we should not
set the seen flag to 0, as this may cause them to be removed by
ehci_queues_rip_unused() during the next call to ehci_advance_async_state()
if the timer is late or running at a low frequency.

Note:
1) This *may* have caused the instant unlink / relinks described in commit
   9bc3a3a216

2) Rather then putting more if-s inside ehci_queues_rip_unused, this patch
   instead introduces a new ehci_queues_rip_unseen function.

3) This patch also makes it save to call ehci_queues_rip_unseen() multiple
   times, which gets used in the folluw up patch titled:
   "ehci: Walk async schedule before and after migration"

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-13 09:50:46 +02:00
Hans de Goede
8f74ed1e43 ehci: Don't process too much frames in 1 timer tick (v2)
The Linux ehci isoc scheduling code fills the entire schedule ahead of
time minus 80 frames. If we make a large jump in where we are in the
schedule, ie 40 frames, then the scheduler all of a sudden will only have
40 frames left to work in, causing it to fail packet submissions
with error -27 (-EFBIG).

Changes in v2:
-Don't hardcode a maximum number of frames to process in one tick, instead:
 -Process a minimum number of frames to ensure we do eventually catch up
 -Stop (after the minimum number) when the guest has requested an irq

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-12 08:09:49 +02:00
Hans de Goede
ffa1f2e088 ehci: Fix interrupts stopping when Interrupt Threshold Control is 8
If Interrupt Threshold Control is 8 or a multiple of 8, then
s->usbsts_frindex can become exactly 0x4000, at which point
(s->usbsts_frindex > s->frindex) will never become true, as
s->usbsts_frindex will not be lowered / reset in this case.

This patch fixes this.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-12 08:09:49 +02:00
Gerd Hoffmann
3e4f910c8d ehci: switch to new-style memory ops
Also register different memory regions for capabilities,
operational registers and port status registers.  Create
separate tracepoints for operational regs and port status
regs.  Ditch a bunch of sanity checks because the memory
core will do this for us now.

Offloading the byte, word and dword access handling to the
memory core also has the side effect of fixing ehci register
access on bigendian hosts.

Cc: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-12 08:09:49 +02:00
Gerd Hoffmann
63587e3135 usb-host: allow emulated (non-async) control requests without USBPacket
xhci needs this for USB_REQ_SET_ADDRESS due to the way
usb addressing is handled by the xhci hardware.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-12 08:09:48 +02:00
Gerd Hoffmann
6ee021d410 xhci: allow bytewise capability register reads
Some guests need this according to
Alejandro Martinez Ruiz <alex@securiforest.com>

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:02 +02:00
Gerd Hoffmann
1b067564ce xhci: kill xhci_mem_{read,write} dispatcher functions
... and register subregions instead, so we offload the dispatching
to the the memory subsystem which is designed to handle it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:02 +02:00
Gerd Hoffmann
fa8ee89e8b xhci: support multiple interrupters
Everything is in place, flip the big switch now
and enable support for multiple interrupters.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:02 +02:00
Gerd Hoffmann
2d1de8508f xhci: pick target interrupter
Pick the correct interrupter when queuing an event.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:02 +02:00
Gerd Hoffmann
43d9d6047e xhci: prepare xhci_runtime_{read,write} for multiple interrupters
Prepare xhci runtime register access function for multiple interrupters.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:02 +02:00
Gerd Hoffmann
962d11e172 xhci: add XHCIInterrupter
Move all state belonging to the (single) interrupter into a separate
struct.  First step in adding support for multiple interrupters.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:02 +02:00
Gerd Hoffmann
2cae41195b xhci: move register update into xhci_intr_raise
Now that we have a separate function to raise an IRQ we can move
some comon code into the function.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:02 +02:00
Gerd Hoffmann
4c47f80063 xhci: add msix support
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:02 +02:00
Gerd Hoffmann
4c4abe7cc9 xhci: rework interrupt handling
Split xhci_irq_update into a function which handles intx updates
(including lowering the irq line once the guests acks the interrupt)
and one which is used for raising an irq only.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
c5e9b02dee xhci: fix & cleanup msi.
Drop custom write_config function which isn't needed any more.
Make the msi property a bit property so it accepts 'on' & 'off'.
Enable MSI by default.

TODO: add compat property to disable on old machine types.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
79b40459ba usb-storage: usb3 support
Add usb3 descriptors to usb-storage, so it shows up as superspeed
device when connected to xhci.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
2077469b58 usb3: bos decriptor
Add support for creating BOS descriptor and
device cappability descriptors.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
b43a285176 usb3: superspeed endpoint companion
Add support for building superspeed endpoint companion descriptors,
create them for superspeed usb devices.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
6d51b2bb07 usb3: superspeed descriptors
Add superspeed descriptor entry to USBDesc,
advertise superspeed support when present.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
0846e6359c xhci: update port handling
This patch changes the way xhci ports are linked to USBPorts.  The fixed
1:1 relationship between xhci ports and USBPorts is gone.  Now each
USBPort represents a physical plug which has usually two xhci ports
assigned: one usb2 and ond usb3 port.  usb devices show up at one or the
other, depending on whenever they support superspeed or not.

This patch also makes the number of usb2 and usb3 ports runtime
configurable by adding 'p2' and 'p3' properties.  It is allowed to
have different numbers of usb2 and usb3 ports.  Specifying p2=4,p3=2
will give you an xhci adapter which supports all speeds on physical
ports 1+2 and usb2 only on ports 3+4.
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
106b214c4f xhci: update register layout
Change the register layout to be a bit more sparse and also not depend
on the number of ports.  Useful when for making the number of ports
runtime-configurable.
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
8e9f18b6db xhci: fix runtime write tracepoint
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
d829fde97d xhci: add trace_usb_xhci_ep_set_dequeue
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
873123fe09 xhci: trace cc codes in cleartext
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
3d1396842d xhci: iso xfer support
Add support for iso transfers.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
01546fa662 xhci: implement mfindex
Implement mfindex register and mfindex wrap event.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
5c08106ff6 xhci: move device lookup into xhci_setup_packet
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
d5a15814b4 xhci: drop buffering
This patch splits the xhci_xfer_data function into three.
The xhci_xfer_data function used to do does two things:

  (1) copy transfer data between guest memory and a temporary buffer.
  (2) report transfer results to the guest using events.

Now we three functions to handle this:

  (1) xhci_xfer_map creates a scatter list for the transfer and
      uses that (instead of the temporary buffer) to build a
      USBPacket.
  (2) xhci_xfer_unmap undoes the mapping.
  (3) xhci_xfer_report sends out events.

The patch also fixes reporting of transaction errors which must be
reported unconditinally, not only in case the guest asks for it
using the ISP flag.

[ v2: fix warning ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:01 +02:00
Gerd Hoffmann
331e9406f1 xhci: rip out background transfer code
original xhci code (the one which used libusb directly) used to use
'background transfers' for iso streams.  In upstream qemu the iso
stream buffering is handled by usb-host & usb-redir, so we will
never ever need this.  It has been left in as reference, but is dead
code anyway.  Rip it out.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Gerd Hoffmann
2bbd086c41 usb-audio: fix usb version
usb-audio is a full speed (1.1) device,
but bcdUSB claims it is usb 2.0.  Fix it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Samuel Thibault
2964cd9bfa Better name usb braille device
Windows users need to know that they have to use the Baum driver to make
the qemu braille device work.

Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Hans de Goede
6c67446a42 usb-redir: Enable pipelining for bulk endpoints
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Hans de Goede
a508cc42e2 usb-redir: Ensure our peer has the necessary caps when redirecting to XHCI
In order for redirection to work properly when redirecting to an emulated
XHCI controller, the usb-redir-host must support both
usb_redir_cap_ep_info_max_packet_size and usb_redir_cap_64bits_ids,
reject any devices redirected to an XHCI controller when these are not
supported.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Hans de Goede
910c1e6b14 usb-redir: Add a usbredir_reject_device helper function
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Hans de Goede
0fde3b7a82 usb-redir: Set ep max_packet_size if available
This is needed for usb-redir to work properly with the xhci emulation.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Hans de Goede
be4a892846 usb-redir: Convert to new libusbredirparser 0.5 API
This gives us support for 64 bit ids which is needed for using XHCI with
the new hcd generated ids.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Hans de Goede
2979a36183 usb-redir: Return babble when getting more bulk data then requested
Babble is the appropriate error in this case (rather then signalling a stall).

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Hans de Goede
de550a6afb usb-redir: Move to core packet id and queue handling
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Hans de Goede
206e7f20fe usb-redir: Get rid of unused async-struct dev member
This is a preparation patch for completely getting rid of the async-packet
struct in usb-redir, instead relying on the (new) per ep queues in the
qemu usb core.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Hans de Goede
104981d52b usb-redir: Get rid of local shadow copy of packet headers
The shadow copy only serves as an extra check (besides the packet-id) to
ensure the packet we get back is a reply to the packet we think it is.

This check has never triggered in all the time usb-redir is in use now,
and since the verified data in the returned packet-header is not used
otherwise, removing the check does not open any possibilities for the
usbredirhost to confuse us.

This is a preparation patch for completely getting rid of the async-packet
struct in usb-redir, instead relying on the (new) per ep queues in the
qemu usb core.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Hans de Goede
cb897117cd usb-redir: Get rid of async-struct get member
This is a preparation patch for completely getting rid of the async-packet
struct in usb-redir, instead relying on the (new) per ep queues in the
qemu usb core.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Hans de Goede
ed9873bfbf usb-redir: Don't delay handling of open events to a bottom half
There is no need for this, and doing so means that a backend trying to
write immediately after an open event will see qemu_chr_be_can_write
returning 0, which not all backends handle well as there is no wakeup
mechanism to detect when the frontend does become writable.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:43:00 +02:00
Hans de Goede
181133404f usb-redir: Never return USB_RET_NAK for async handled packets
USB_RET_NAK is not a valid response for async handled packets (and will
trigger an assert as such).

Also drop the warning when receiving a status of cancelled for packets not
cancelled by qemu itself, this can happen when a device gets unredirected
by the usbredir-host while transfers are pending.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:42:59 +02:00
Hans de Goede
cf1f81691d ehci: Correct a comment in fetchqtd packet processing
Since my previous comment said "Should never happen", I tried changing the
next line to an assert(0), which did not go well, which as the new comments
explains is logical if you think about it for a moment.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:42:59 +02:00
Hans de Goede
eff6dce79b ehci: Handle USB_RET_PROCERR in ehci_fill_queue
USB_RET_PROCERR can be triggered by the guest (by for example requesting more
then BUFFSIZE bytes), so don't assert on it.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:42:59 +02:00
Hans de Goede
ef5b234477 ehci: Fix memory leak in handling of NAK-ed packets
Currently each time we try to execute a NAK-ed packet we redo
ehci_init_transfer, and usb_packet_map, re-allocing (without freeing) the
sg list every time.

This patch fixes this, it does this by introducing another async state, so
that we also properly cleanup a NAK-ed packet on cancel.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:42:59 +02:00
Hans de Goede
3a8ca08e01 ehci: Add some additional ehci_trace_guest_bug() calls
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:42:59 +02:00
Gerd Hoffmann
1defcbd1e8 ehci: add doorbell trace events
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:42:59 +02:00
Gerd Hoffmann
5c514681ab ehci: trace guest bugs
make qemu_queue_{cancel,reset} return the number of packets released,
so the caller can figure whenever there have been active packets even
though there shouldn't have been any.  Add tracepoint to log this.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:42:59 +02:00
Gerd Hoffmann
616789cde2 ehci: check for EHCI_ASYNC_FINISHED first in ehci_free_packet
Otherwise we'll see the packet free twice in the trace log even though
it actually happens only once.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:42:59 +02:00
Hans de Goede
4b63a0df3b ehci: Properly report completed but not yet processed packets to the guest
Reported packets which have completed before being cancelled as such to the
host. Note that the new code path this patch adds is untested since it I've
been unable to actually trigger the race which needs this code path.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
2012-09-11 07:42:59 +02:00
Hans de Goede
0e7953525f ehci: Properly cleanup packets on cancel
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
2012-09-11 07:42:59 +02:00
Hans de Goede
522079dd44 ehci: Update copyright headers to reflect recent work
Update copyright headers to reflect all the work Gerd and I have been doing
on the EHCI emulation.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
2012-09-11 07:42:59 +02:00
Hans de Goede
dafe31fc2a ehci: Validate qh is not changed unexpectedly by the guest
-combine the qh check with the check for devaddr changes
-also ensure that p gets set to NULL when the queue gets cancelled on
 devaddr change, which was not done properly before this patch

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
2012-09-11 07:42:59 +02:00
Hans de Goede
66f092d256 Revert "ehci: don't flush cache on doorbell rings."
This reverts commit 9bc3a3a216, which got
added to fix an issue where the real, underlying cause was not stopping
the ep queue on an error.

Now that the underlying cause is fixed by the "usb: Halt ep queue and
cancel pending packets on a packet error" patch, the "don't flush" fix
is no longer needed.

Not only is it not needed, it causes us to see cancellations (unlinks)
done by the Linux EHCI driver too late, which in combination with the new
usb-core packet-id generation where qtd addresses are used as ids, causes
duplicate ids for in flight packets.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
2012-09-11 07:42:59 +02:00
Hans de Goede
9c1f67654a usb-core: Allow the first packet of a pipelined ep to complete immediately
This can happen with usb-redir live-migration when the packet gets re-queued
after the migration and the original queuing from the migration source side
has already finished.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:42:59 +02:00
Hans de Goede
c13a9e6136 usb-core: Add a usb_ep_find_packet_by_id() helper function
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:42:59 +02:00
Hans de Goede
cc40997489 usb-core: Don't set packet state to complete on a nak
This way the hcd can re-use the same packet to retry without needing
to re-init it.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:42:58 +02:00
Hans de Goede
45b339b18c usb: controllers do not need to check for babble themselves
If an (emulated) usb-device tries to write more data to a packet then
its iov len, this will trigger an assert in usb_packet_copy(), and if
a driver somehow circumvents that check and writes more data to the
iov then there is space, we have a much bigger problem then not correctly
reporting babble to the guest.

In practice babble will only happen with (real) redirected devices, and there
both the usb-host os and the qemu usb-device code already check for it.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-11 07:42:58 +02:00
Gerd Hoffmann
347e40ffe6 uas: move transfer kickoff
Kick next scsi transfer from request release callback instead of command
completion callback, otherwise we might get stuck in case scsi_req_unref()
doesn't release the request instantly due to someone else holding a
reference too.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-08-31 15:47:57 +02:00
Hans de Goede
adf478342b ehci: Fix interrupt endpoints no longer working
One of the recent changes (likely the addition of queuing support) has broken
interrupt endpoints, this patch fixes this.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
2012-08-31 15:47:57 +02:00
Gerd Hoffmann
287fd3f1dd ehci: handle TD deactivation of inflight packets
Check the TDs of inflight packets, cancel
packets in case the guest clears the active bit.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-08-31 15:47:35 +02:00
Gerd Hoffmann
c7cdca3b85 ehci: add ehci_cancel_queue()
Factor out function to cancel all packets of a queue.
No behavior change.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-08-31 12:02:15 +02:00
Hans de Goede
574ef17191 ehci: simplify ehci_state_executing
ehci_state_executing does not need to check for p->usb_status == USB_RET_ASYNC
or USB_RET_PROCERR, since ehci_execute_complete already does a similar check
and will trigger an assert if either value is encountered.

USB_RET_ASYNC should never be the packet status when execute_complete runs
for obvious reasons, and USB_RET_PROCERR is only used by ehci_state_execute /
ehci_execute not by ehci_state_executing / ehci_execute_complete.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-08-31 12:02:15 +02:00
Hans de Goede
53dd6f7032 ehci: Remove unnecessary ehci_flush_qh call
ehci_qh_do_overlay() already calls ehci_flush_qh() before it returns, calling
it twice is useless.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-08-31 11:58:03 +02:00
Hans de Goede
a1c3e4b839 ehci: Schedule async-bh when IAAD bit gets set
After the "ehci: Print a warning when a queue unexpectedly contains packets
on cancel" commit. Under certain reproducable conditions I was getting the
following message: "EHCI: Warning queue not empty on queue reset".

After aprox. 8 hours of debugging I've finally found the cause. The Linux EHCI
driver has an IAAD watchdog, to work around certain EHCI hardware sometimes
not acknowledging the doorbell at all. This watchdog has a timeout of 10 ms,
which is less then the time between 2 runs through the async schedule when
async_stepdown is at its highest value.

Thus the watchdog can trigger, after which Linux clears the IAAD bit and
re-uses the QH. IOW we were not properly detecting the unlink of the qh, due
to us missing (ignoring for more then 10 ms) the IAAD command, which triggered
the warning.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
2012-08-31 11:58:03 +02:00
Hans de Goede
7ce86aa1aa ehci: Fix NULL ptr deref when unplugging an USB dev with an iso stream active
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
2012-08-31 11:57:41 +02:00
Gerd Hoffmann
e983395d30 usb: unique packet ids
This patch adds IDs to usb packets.  Those IDs are (a) supposed to be
unique for the lifecycle of a packet (from packet setup until the packet
is either completed or canceled) and (b) stable across migration.

uhci, ohci, ehci and xhci use the guest physical address of the transfer
descriptor for this.

musb needs a different approach because there is no transfer descriptor.
But musb also doesn't support pipelining, so we have never more than one
packet per endpoint in flight.  So we go create an ID based on endpoint
and device address.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-08-31 11:57:23 +02:00
Hans de Goede
0132b4b659 usb: Halt ep queue en cancel pending packets on a packet error
For controllers which queue up more then 1 packet at a time, we must halt the
ep queue, and inside the controller code cancel all pending packets on an
error.

There are multiple reasons for this:
1) Guests expect the controllers to halt ep queues on error, so that they
get the opportunity to cancel transfers which the scheduled after the failing
one, before processing continues

2) Not cancelling queued up packets after a failed transfer also messes up
the controller state machine, in the case of EHCI causing the following
assert to trigger: "assert(p->qtdaddr == q->qtdaddr)" at hcd-ehci.c:2075

3) For bulk endpoints with pipelining enabled (redirection to a real USB
device), we must cancel all the transfers after this a failed one so that:
a) If they've completed already, they are not processed further causing more
   stalls to be reported, originating from the same failed transfer
b) If still in flight, they are cancelled before the guest does
   a clear stall, otherwise the guest and device can loose sync!

Note this patch only touches the ehci and uhci controller changes, since AFAIK
no other controllers actually queue up multiple transfer. If I'm wrong on this
other controllers need to be updated too!

Also note that this patch was heavily tested with the ehci code, where I had
a reproducer for a device causing a transfer to fail. The uhci code is not
tested with actually failing transfers and could do with a thorough review!

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-08-31 11:55:17 +02:00
Hans de Goede
47d073cc3b ehci: Fix setting of halt bit from usbcmd register updates
This fixes linux guests started without any USB devices not seeing newly
plugged devices until "lsusb" is done inside the guest.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-08-16 11:48:25 +02:00
Gerd Hoffmann
6d3b6d3d2d ehci: fix Interrupt Threshold Control implementation
First, not all interrupts are subject to Interrupt Threshold Control,
some of them must be delivered without delay.

Second, Interrupt Threshold Control state must be part of vmstate,
otherwise we might loose IRQs on migration.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-08-16 08:39:50 +02:00
Gerd Hoffmann
0daf53047d usb: update uas product id
Pick other product id to fix clash with audio.

Current usage list (after applying this patch):

46f4:0001 -- usb-storage
46f4:0002 -- usb-audio
46f4:0003 -- usb-uas

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-08-16 08:39:49 +02:00
Gerd Hoffmann
c19537a114 usb: async control xfer fixup
Need to clear p->result after copying setup data using usb_packet_copy()
because we'll reuse the USBPacket for the data transfer.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-08-16 08:39:49 +02:00
Alejandro Martinez Ruiz
df6839c7f7 ehci: fix assertion typo
Signed-off-by: Alejandro Martinez Ruiz <alex@securiforest.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-08-15 15:18:53 +01:00
Gerd Hoffmann
54414218d7 usb-storage: fix SYNCHRONIZE_CACHE
Commit 5931065907 is incomplete,
we'll arrive in the scsi command complete callback in CSW state
and must handle that case correctly.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-08-07 10:49:06 +02:00
Gerd Hoffmann
06f9847dc3 usb-storage: improve debug logging
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-08-07 10:49:06 +02:00
Stefan Hajnoczi
b20c6b9e47 net: Rename qemu_del_vlan_client() to qemu_del_net_client()
Another step in moving the vlan feature out of net core.  Users only
deal with NetClientState and therefore qemu_del_vlan_client() should be
named qemu_del_net_client().

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2012-08-01 13:32:10 +01:00
Stefan Hajnoczi
4e68f7a081 net: Rename VLANClientState to NetClientState
The vlan feature is no longer part of net core.  Rename VLANClientState
to NetClientState because net clients are not explicitly associated with
a vlan at all, instead they have a peer net client to which they are
connected.

This patch is a mechanical search-and-replace except for a few
whitespace fixups where changing VLANClientState to NetClientState
misaligned whitespace.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2012-08-01 13:32:10 +01:00
Michael S. Tsirkin
5e59b02435 Merge branch pci into master
Merge master and pci branch, resolve build breakage in hw/esp.c
introduced by f90c2bcd.

Conflicts:
	hw/esp.c
2012-07-29 17:05:35 +03:00
Laszlo Ersek
2be64a68ed hw, net: "net_client_type" -> "NetClientOptionsKind" (qapi-generated)
NET_CLIENT_TYPE_ -> NET_CLIENT_OPTIONS_KIND_

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-07-23 11:55:18 +01:00
Anthony Liguori
dfe1ce5d80 Merge remote-tracking branch 'kwolf/for-anthony' into staging
* kwolf/for-anthony: (41 commits)
  fdc-test: Clean up a bit
  fdc-test: introduce test_relative_seek
  fdc: fix relative seek
  qemu-iotests: Valgrind support
  coroutine-ucontext: Help valgrind understand coroutines
  qemu-io: Fix memory leaks
  hw/block-common: Factor out fall back to legacy -drive cyls=...
  blockdev: Don't limit DriveInfo serial to 20 characters
  hw/block-common: Factor out fall back to legacy -drive serial=...
  hw/block-common: Move BlockConf & friends from block.h
  Relax IDE CHS limits from 16383,16,63 to 65535,16,255
  blockdev: Drop redundant CHS validation for if=ide
  hd-geometry: Compute BIOS CHS translation in one place
  qtest: Test we don't put hard disk info into CMOS for a CD-ROM
  ide pc: Put hard disk info into CMOS only for hard disks
  block: Geometry and translation hints are now useless, purge them
  qtest: Cover qdev property for BIOS CHS translation
  ide: qdev property for BIOS CHS translation
  qdev: New property type chs-translation
  qdev: Collect private helpers in one place
  ...
2012-07-18 14:44:50 -05:00
Markus Armbruster
911525dba9 hw/block-common: Factor out fall back to legacy -drive serial=...
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-07-17 16:48:32 +02:00
Gerd Hoffmann
afb7a0b85b ehci: improve expire time calculation
Move down the expire time calculation down in the frame timer, to the
point where the timer is actually reloaded.  This way we'll notice any
async_stepdown changes (especially resetting to 0 due to usb activity).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-12 15:00:50 +02:00
Gerd Hoffmann
7efc17af9a ehci: implement Interrupt Threshold Control support
Also reorganize and comment the irq functions while being at it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-12 15:00:50 +02:00
Gerd Hoffmann
f0ad01f92c ehci: raise irq in the frame timer
With the async schedule being kicked from other places than the frame
timer (commit 0f588df8b3) it may happen
that we call ehci_commit_interrupt() more than once per frame.

Move the call from the async schedule handler to the frame timer to
restore old irq behavior, which is more correct.  Fixes regressions
with some linux kernel versions.

TODO: implement full Interrupt Threshold Control support.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-12 15:00:50 +02:00
Gerd Hoffmann
75f151cd27 uhci: initialize expire_time when loading v1 vmstate
$subject says all: when loading old (v1) vmstate which doesn't contain
expire_time initialize it with a reasonable default (current time).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-12 15:00:50 +02:00
Gerd Hoffmann
0f58f68b58 usb: add usb attached scsi emulation
$subject says all.  First cut.

It's a pure UAS (usb attached scsi) emulation, without BOT (bulk-only
transport) compatibility.  If your guest can't handle it use usb-storage
instead.

The emulation works like any other scsi hba emulation (eps, lsi, virtio,
megasas, ...).  It provides just the HBA where you can attach scsi
devices as you like using '-device'.  A single scsi target with up to
256 luns is supported.

For now only usb 2.0 transport is supported.  This will change in the
future though as I plan to use this as playground when codeing up &
testing usb 3.0 transport and streams support in the qemu usb core and
the xhci emulation.

No migration support yet.  I'm planning to add usb 3.0 support first as
this probably requires saving additional state.

Special thanks go to Paolo for bringing the qemu scsi emulation into
shape, so this can be added nicely without having to touch a single line
of scsi code.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-12 15:00:39 +02:00
Anthony Liguori
23797df3d9 Merge remote-tracking branch 'mjt/mjt-iov2' into staging
* mjt/mjt-iov2:
  rewrite iov_send_recv() and move it to iov.c
  cleanup qemu_co_sendv(), qemu_co_recvv() and friends
  export iov_send_recv() and use it in iov_send() and iov_recv()
  rename qemu_sendv to iov_send, change proto and move declarations to iov.h
  change qemu_iovec_to_buf() to match other to,from_buf functions
  consolidate qemu_iovec_copy() and qemu_iovec_concat() and make them consistent
  allow qemu_iovec_from_buffer() to specify offset from which to start copying
  consolidate qemu_iovec_memset{,_skip}() into single function and use existing iov_memset()
  rewrite iov_* functions
  change iov_* function prototypes to be more appropriate
  virtio-serial-bus: use correct lengths in control_out() message

Conflicts:
	tests/Makefile

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-07-09 12:35:06 -05:00
Gerd Hoffmann
c32da15188 usb-host: add trace events for iso xfers
Replace iso transfer fprintf's with trace points.  Also rename existing
tracepoints so they all match usb_host_iso_*.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-09 11:59:55 +02:00
Gerd Hoffmann
7c37e6a4c4 usb: fix interface initialization
zero is a valid interface number, so don't use it when resetting the
endpoints.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-09 11:59:55 +02:00
Gerd Hoffmann
19deaa089c usb: split endpoint init and reset
Create a new usb_ep_reset() function to reset endpoint state, without
re-initialiting the queues, so we don't unlink in-flight packets just
because usb-host has to re-parse the descriptor tables.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-09 11:59:54 +02:00
Hans de Goede
adae502c0a usb-redir: Correctly handle the usb_redir_babble usbredir status
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-09 11:59:54 +02:00
Hans de Goede
379521175c ehci: Kick async schedule on wakeup in the non companion case
Commit 0f588df8b3, added code
to ehci_wakeup to kick the async schedule on wakeup, but the else
was positioned wrong making it trigger for devices which are routed
to the companion rather then to the ehci controller itself.

This patch fixes this. Note that the "programming style" with using the
return at the end of the companion block matches how the companion case
is handled in the other ports ops, and is done this way for consistency.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-09 11:59:54 +02:00
Hans de Goede
7341ea075c usb-ehci: Fix an assert whenever isoc transfers are used
hcd-ehci.c is missing an usb_packet_init() call for the ipacket UsbPacket
it uses for isoc transfers, triggering an assert (taking the entire vm down)
in usb_packet_setup as soon as any isoc transfers are done by a high speed
USB device.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-09 11:59:54 +02:00
Gerd Hoffmann
9bc3a3a216 ehci: don't flush cache on doorbell rings.
Commit 4be23939ab makes ehci instantly
zap any unlinked queue heads when the guest rings the doorbell.

While hacking up uas support this turned out to be a problem.  The linux
kernel can unlink and instantly relink the very same queue head, thereby
killing any async packets in flight.  That alone isn't an issue yet, the
packet will canceled and resubmitted and everything is fine.  We'll run
into trouble though in case the async packet is completed already, so we
can't cancel it any more.  The transaction is simply lost then.

usb_ehci_qh_ptrs q (nil) - QH @ 39c4f000: next 39c4f122 qtds 00000000,00000001,39c50000
usb_ehci_qh_fields QH @ 39c4f000 - rl 0, mplen 0, eps 0, ep 0, dev 0
usb_ehci_qh_ptrs q 0x7f95feba90a0 - QH @ 39c4f000: next 39c4f122 qtds 00000000,00000001,39c50000
usb_ehci_qh_fields QH @ 39c4f000 - rl 0, mplen 0, eps 0, ep 0, dev 0
usb_ehci_qh_ptrs q 0x7f95fe515210 - QH @ 39c4f120: next 39c4f0c2 qtds 29dbce40,29dbc4e0,00000009
usb_ehci_qh_fields QH @ 39c4f120 - rl 4, mplen 512, eps 2, ep 1, dev 2
usb_ehci_packet_action q 0x7f95fe515210 p 0x7f95fdec32a0: alloc
usb_packet_state_change bus 0, port 2, ep 1, packet 0x7f95fdec32e0, state undef -> setup
usb_ehci_packet_action q 0x7f95fe515210 p 0x7f95fdec32a0: process
usb_uas_command dev 2, tag 0x2, lun 0, lun64 00000000-00000000
scsi_req_parsed target 0 lun 0 tag 2 command 42 dir 2 length 16384
scsi_req_parsed_lba target 0 lun 0 tag 2 command 42 lba 5933312
scsi_req_alloc target 0 lun 0 tag 2
scsi_req_continue target 0 lun 0 tag 2
scsi_req_data target 0 lun 0 tag 2 len 16384
usb_uas_scsi_data dev 2, tag 0x2, bytes 16384
usb_uas_write_ready dev 2, tag 0x2
usb_packet_state_change bus 0, port 2, ep 1, packet 0x7f95fdec32e0, state setup -> complete
usb_ehci_packet_action q 0x7f95fe515210 p 0x7f95fdec32a0: free
usb_ehci_qh_ptrs q 0x7f95fdec3210 - QH @ 39c4f0c0: next 39c4f002 qtds 29dbce40,00000001,00000009
usb_ehci_qh_fields QH @ 39c4f0c0 - rl 4, mplen 512, eps 2, ep 2, dev 2
usb_ehci_queue_action q 0x7f95fe5152a0: free
usb_packet_state_change bus 0, port 2, ep 2, packet 0x7f95feba9170, state async -> complete
^^^ async packets completes.
usb_ehci_packet_action q 0x7f95fdec3210 p 0x7f95feba9130: wakeup

usb_ehci_qh_ptrs q (nil) - QH @ 39c4f000: next 39c4f122 qtds 00000000,00000001,39c50000
usb_ehci_qh_fields QH @ 39c4f000 - rl 0, mplen 0, eps 0, ep 0, dev 0
usb_ehci_qh_ptrs q 0x7f95feba90a0 - QH @ 39c4f000: next 39c4f122 qtds 00000000,00000001,39c50000
usb_ehci_qh_fields QH @ 39c4f000 - rl 0, mplen 0, eps 0, ep 0, dev 0
usb_ehci_qh_ptrs q 0x7f95fe515210 - QH @ 39c4f120: next 39c4f002 qtds 29dbc4e0,29dbc8a0,00000009
usb_ehci_qh_fields QH @ 39c4f120 - rl 4, mplen 512, eps 2, ep 1, dev 2
usb_ehci_queue_action q 0x7f95fdec3210: free
usb_ehci_packet_action q 0x7f95fdec3210 p 0x7f95feba9130: free
^^^ endpoint #2 queue head removed from schedule, doorbell makes ehci zap the queue,
    the (completed) usb packet is freed too and gets lost.

usb_ehci_qh_ptrs q (nil) - QH @ 39c4f000: next 39c4f0c2 qtds 00000000,00000001,39c50000
usb_ehci_qh_fields QH @ 39c4f000 - rl 0, mplen 0, eps 0, ep 0, dev 0
usb_ehci_qh_ptrs q 0x7f95feba90a0 - QH @ 39c4f000: next 39c4f0c2 qtds 00000000,00000001,39c50000
usb_ehci_qh_fields QH @ 39c4f000 - rl 0, mplen 0, eps 0, ep 0, dev 0
usb_ehci_queue_action q 0x7f9600dff570: alloc
usb_ehci_qh_ptrs q 0x7f9600dff570 - QH @ 39c4f0c0: next 39c4f122 qtds 29dbce40,00000001,00000009
usb_ehci_qh_fields QH @ 39c4f0c0 - rl 4, mplen 512, eps 2, ep 2, dev 2
usb_ehci_packet_action q 0x7f9600dff570 p 0x7f95feba9130: alloc
usb_packet_state_change bus 0, port 2, ep 2, packet 0x7f95feba9170, state undef -> setup
usb_ehci_packet_action q 0x7f9600dff570 p 0x7f95feba9130: process
usb_packet_state_change bus 0, port 2, ep 2, packet 0x7f95feba9170, state setup -> async
usb_ehci_packet_action q 0x7f9600dff570 p 0x7f95feba9130: async
^^^ linux kernel relinked the queue head, ehci creates a new usb packet,
    but we should have delivered the completed one instead.
usb_ehci_qh_ptrs q 0x7f95fe515210 - QH @ 39c4f120: next 39c4f002 qtds 29dbc4e0,29dbc8a0,00000009
usb_ehci_qh_fields QH @ 39c4f120 - rl 4, mplen 512, eps 2, ep 1, dev 2

So instead of instantly zapping the queue we'll set a flag that the
queue needs revalidation in case we'll see it again in the schedule.
ehci then checks that the queue head fields addressing / describing the
endpoint and the qtd pointer match the cached content before reusing it.

Cc: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-09 11:59:53 +02:00
Gerd Hoffmann
4ed1c57a64 ehci: fix td writeback
Only write back the dwords the hc is supposed to update.  Should not
make a difference in theory as the guest must not touch the td while
it is active to avoid races.  But it is still more correct.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-09 09:57:46 +02:00
Gerd Hoffmann
a5e0139ab6 ehci: fix ehci_qh_do_overlay
Use ehci_flush_qh to make sure we touch inly the fields the hc is
allowed to touch.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-07-09 09:57:46 +02:00
Alex Williamson
f90c2bcdbc pci: convert PCIUnregisterFunc to void
Not a single driver has any possibility of failure on their
exit function, let's keep it that way.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-07-04 15:52:55 +03:00