Commit Graph

388 Commits

Author SHA1 Message Date
Frank Blaschka
c67676711c vfio: fix adding memory listener to the right address space
Depending on the device, container->space->as contains the valid AddressSpace.
Using address_space_memory breaks devices sitting behind an iommu (and using
a separate address space).

Signed-off-by: Frank Blaschka <blaschka@linux.vnet.ibm.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-12-19 14:40:06 -07:00
Eric Auger
385f57cf9a vfio: migration to trace points
This patch removes all DPRINTF and replace them by trace points.
A few DPRINTF used in error cases were transformed into error_report.

Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-12-19 14:40:06 -07:00
Eric Auger
9fc0e2d8ac vfio: use kvm_resamplefds_enabled()
Use the kvm_resamplefds_enabled function

Signed-off-by: Eric Auger <eric.auger@linaro.org>
Acked-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-12-15 12:21:01 +01:00
Andrew Jones
dbc464d401 ivshmem: use error_report
Replace all the fprintf(stderr, ...) calls with error_report.
Also make sure exit() consistently uses the error code 1. A few calls
used -1. While at it cleanup some indentation in the printf argument
lists.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-10-31 17:02:22 +01:00
Andreas Färber
3a31cff112 ivshmem: Fix fd leak on error
Reported-by: Stefan Hajnoczi <stefanha@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-10-31 17:02:14 +01:00
Sebastian Krahmer
34bc07c528 ivshmem: Fix potential OOB r/w access
Fix OOB access via malformed incoming_posn parameters
and check that requested memory is actually alloc'ed.

Signed-off-by: Sebastian Krahmer <krahmer@suse.de>
[AF: Rebased, cleanups, avoid fd leak]
Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-10-31 17:02:07 +01:00
Stefan Hajnoczi
363ba1c72f ivshmem: validate incoming_posn value from server
Check incoming_posn to avoid out-of-bounds array accesses if the ivshmem
server on the host sends invalid values.

Cc: Cam Macdonell <cam@cs.ualberta.ca>
Reported-by: Sebastian Krahmer <krahmer@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
[AF: Tighten upper bound check for posn in close_guest_eventfds()]
Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-10-31 17:01:59 +01:00
Stefan Hajnoczi
a2e9011b41 ivshmem: Check ivshmem_read() size argument
The third argument to the fd_read() callback implemented by
ivshmem_read() is the number of bytes, not a flags field.  Fix this and
check we received enough bytes before accessing the buffer pointer.

Cc: Cam Macdonell <cam@cs.ualberta.ca>
Reported-by: Sebastian Krahmer <krahmer@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
[AF: Handle partial reads via FIFO]
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-10-31 17:01:44 +01:00
Nikunj A Dadhania
e4dc3f5909 Add skip_dump flag to ignore memory region during dump
The PCI MMIO might be disabled or the device in the reset state.
Make sure we do not dump these memory regions.

Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Acked-by: Alex Williamson <alex.williamson@redhat.com>
CC: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-10-31 11:29:01 +01:00
Dr. David Alan Gilbert
635117e71f omap_gpmc.c: Remove duplicate assignment
This looks like an old merge error and should have no effect.
(Build tested only)

Found by Coccinelle using Julia Lawall's script:
https://lkml.org/lkml/2014/8/23/128

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-id: 1414055855-6688-1-git-send-email-dgilbert@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-24 12:19:12 +01:00
Gonglei
d749e10c4f bootindex: move calling add_boot_device_patch to bootindex setter function
On this way, we can assure the new bootindex take effect
during vm rebooting.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15 10:46:01 +02:00
Gonglei
abc5b3bfe1 vfio: remove bootindex property from qdev to qom
Remove bootindex form qdev property to qom, things will
continue to work just fine, and we can use qom features
which are not supported by qdev property.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15 09:52:55 +02:00
Nikunj A Dadhania
75bd0c7253 vfio: make rom read endian sensitive
All memory regions used by VFIO are LITTLE_ENDIAN and they
already take care of endiannes when accessing real device BARs
except ROM - it was broken on BE hosts.

This fixes endiannes for ROM BARs the same way as it is done
for other BARs.

This has been tested on PPC64 BE/LE host/guest in all possible
combinations including TCG.

Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
[aik: added commit log]
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-09-22 15:27:43 -06:00
Alexey Kardashevskiy
6758008e2c Revert "vfio: Make BARs native endian"
This reverts commit c40708176a.

The resulting code wrongly assumed target and host endianness are
the same which is not always the case for PPC64.

[aw: or potentially any host supporting VFIO and TCG]

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-09-22 15:26:36 -06:00
Alexander Graf
b981289c49 PPC: Cuda: Use cuda timer to expose tbfreq to guest
Mac OS X calibrates a number of frequencies on bootup based on reading
tb values on bootup and comparing them to via cuda timer values.

The only variable we can really steer well (thanks to KVM) is the cuda
frequency. So let's use that one to fake Mac OS X into believing the
bus frequency is tbfreq * 4. That way Mac OS X will automatically
calculate the correct timebase frequency.

With this patch and the patch set I posted earlier I can successfully
run Mac OS X 10.2, 10.3 and 10.4 guests with -M mac99 on TCG and KVM.

Suggested-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08 12:50:52 +02:00
Alexander Graf
d696760b43 PPC: mac99: Fix core99 timer frequency
There is a special timer in the mac99 machine that we recently started
to emulate. Unfortunately we emulated it in the wrong frequency.

This patch adapts the frequency Mac OS X uses to evaluate results from
this timer, making calculations it bases off of it work.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08 12:50:51 +02:00
Alex Williamson
fe08275db9 vfio: Enable NVIDIA 88000 region quirk regardless of VGA
If we make use of OVMF for the BIOS then we can use GPUs without VGA
space access, but we still need this quirk.  Disassociate it from the
x-vga option and enable it on all NVIDIA VGA display class devices.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-08-25 12:10:15 -06:00
Peter Maydell
0e4a773705 SCSI changes that enable sending vendor-specific commands via virtio-scsi.
Memory changes for QOMification and automatic tracking of MR lifetime.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJT8et9AAoJEBvWZb6bTYbyIJAQAI3AlLSe27xWoUGfQUgWH30z
 Rt/pShHz3BJMfQpD79JfTH8u6uBpkQmKtflerNT7FhXN9ULDzNq+b/jRtke8nkuy
 ctCt05FhhK00rfWpUoRue4XiCuvbizBU7MK0DI3yCyNdXQyYnFvgnvsJtlqox8Zh
 J5HZcBJEmdCiWBxq7UPk0qBitp4PqNoy7jlD/Ex3m7fJN5WK2cyspQIT9zmhehVn
 B8Nwp+RitDDbXbwm0r18col5rFr/6Nj6+dW1gr+7sVJDLNsmJEqC2l3Kgk0wbPkG
 Uqwbih29me9PC9/L1VLGHY0ApKDQ8JGE0GrYgEg162hbhoxEHkjjoHMhDUfV6Pj8
 NkqcjjWl11UUhgkNqrGafayXbBVnOiEglxy8uXCeq14y9Xd/gjK9Fz6MQvRSOjms
 PFmaKknhdmpxh0DuZmTix7WBmKim8zOiCE0/vrAPvwx5L+d1bn5xh6yQvtVjBMpU
 Sru3Mhdm9bL9dUDBgOM/G6WCxSTVLBlExOblcYkQh03MfabD7bfplcrKYPXt5ull
 Y8YLjqkoIfoy5t0ErvtlpdBJjeEz99JXU+wLQ6NYHnzwzTV+oUtSaEph14mAFOcY
 XkFKdoPDI9PnyEfvy4193du8z/dSbhu7sWgHWbTCQyrcaNnSaVhlH43NUC+p23YN
 8vfEsVLd1X7MFkDBUmWp
 =M+/m
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

SCSI changes that enable sending vendor-specific commands via virtio-scsi.

Memory changes for QOMification and automatic tracking of MR lifetime.

# gpg: Signature made Mon 18 Aug 2014 13:03:09 BST using RSA key ID 9B4D86F2
# gpg: Good signature from "Paolo Bonzini <pbonzini@redhat.com>"
# gpg:                 aka "Paolo Bonzini <bonzini@gnu.org>"

* remotes/bonzini/tags/for-upstream:
  mtree: remove write-only field
  memory: Use canonical path component as the name
  memory: Use memory_region_name for name access
  memory: constify memory_region_name
  exec: Abstract away ref to memory region names
  loader: Abstract away ref to memory region names
  tpm_tis: remove instance_finalize callback
  memory: remove memory_region_destroy
  memory: convert memory_region_destroy to object_unparent
  ioport: split deletion and destruction
  nic: do not destroy memory regions in cleanup functions
  vga: do not dynamically allocate chain4_alias
  sysbus: remove unused function sysbus_del_io
  qom: object: move unparenting to the child property's release callback
  qom: object: delete properties before calling instance_finalize
  virtio-scsi: implement parse_cdb
  scsi-block, scsi-generic: implement parse_cdb
  scsi-block: extract scsi_block_is_passthrough
  scsi-bus: introduce parse_cdb in SCSIDeviceClass and SCSIBusInfo
  scsi-bus: prepare scsi_req_new for introduction of parse_cdb

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19 13:00:57 +01:00
Paolo Bonzini
469b046ead memory: remove memory_region_destroy
The function is empty after the previous patch, so remove it.

Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18 12:06:21 +02:00
Paolo Bonzini
d8d9581460 memory: convert memory_region_destroy to object_unparent
Explicitly call object_unparent in the few places where we
will re-create the memory region.  If the memory region is
simply being destroyed as part of device teardown, let QOM
handle it.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18 12:06:20 +02:00
Peter Maydell
142f4ac5d5 trivial patches for 2014-08-15
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQEcBAABAgAGBQJT7iN/AAoJEL7lnXSkw9fbgVcH/20bga0KUQ+FDMg7pr0jBK3J
 6d7DLwsmypEiKN8D7mQz/xDX4uwtWQu4PXERn8UEfE0xVrnNDGOYpYtj2kb7z3/T
 F33oosGHz9XKdhGg6x4ZLirhjJdVsj90SJ37D4haxFP5CeRjs8c3RFOekI0qwyXm
 /t+mDdWsADYaZ1WaFOo0kcNCROYudaRV2isubQFUqKgjWmIx+Y+2xSXtTWU3UAVx
 dDcEvTYdDNucor2kV1/F2iULHMXNOPjvvV59ARBkzTyaSday4waGptAOL9eQInSA
 DcJuRZwY2lpm1YuJN4b5UzZ849R3X9zA1vIW6aP+NcktLoKV/bu3qVwo0v5+LMs=
 =wZLU
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mjt/tags/trivial-patches-2014-08-15' into staging

trivial patches for 2014-08-15

# gpg: Signature made Fri 15 Aug 2014 16:13:03 BST using RSA key ID A4C3D7DB
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg:                 aka "Michael Tokarev <mjt@corpit.ru>"
# gpg:                 aka "Michael Tokarev <mjt@debian.org>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6EE1 95D1 886E 8FFB 810D  4324 457C E0A0 8044 65C5
#      Subkey fingerprint: 6F67 E18E 7C91 C5B1 5514  66A7 BEE5 9D74 A4C3 D7DB

* remotes/mjt/tags/trivial-patches-2014-08-15:
  ivshmem: check the value returned by fstat()
  l2cap: fix access to freed memory
  intc: i8259: Convert Array allocation to g_new0
  ppc: convert g_new(qemu_irq usages to g_new0
  ssi: xilinx_spi: Initialise CS GPIOs as NULL
  vl: free err
  qemu-options.hx: fix typo about l2tpv3
  vmxnet3: don't use 'Yoda conditions'
  vl: don't use 'Yoda conditions'
  spice: don't use 'Yoda conditions'
  don't use 'Yoda conditions'
  isa-bus: don't use 'Yoda conditions'
  audio: don't use 'Yoda conditions'
  usb: don't use 'Yoda conditions'
  CODING_STYLE: Section about conditional statement
  pci-host: update uncorresponding description
  pci-host: update obsolete reference about piix_pci.c
  qemu-options.hx: fix a typo of chardev
  memory: Update obsolete comment about AddrRange field type
  apic: Fix reported DFR content

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-15 18:44:48 +01:00
zhanghailiang
5edbdbcdf8 ivshmem: check the value returned by fstat()
The function fstat() may fail, so check its return value.

Acked-by: Levente Kurusa <lkurusa@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-15 19:12:58 +04:00
Levente Kurusa
7f9efb6b80 ivshmem: fix building when debug mode is enabled
ivsmem_offset was removed, however this debug statement was not updated.
Modify the statement to fit the new mechanic.

Signed-off-by: Levente Kurusa <lkurusa@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-08-14 13:22:25 +02:00
Alex Williamson
9b3af4c0e4 vfio: Don't cache MSIMessage
Commit 40509f7f added a test to avoid updating KVM MSI routes when the
MSIMessage is unchanged and f4d45d47 switched to relying on this
rather than doing our own comparison.  Our cached msg is effectively
unused now.  Remove it.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-08-05 13:05:57 -06:00
Alex Williamson
c048be5cc9 vfio: Fix MSI-X vector expansion
When new MSI-X vectors are enabled we need to disable MSI-X and
re-enable it with the correct number of vectors.  That means we need
to reprogram the eventfd triggers for each vector.  Prior to f4d45d47
vector->use tracked whether a vector was masked or unmasked and we
could always pick the KVM path when available for unmasked vectors.
Now vfio doesn't track mask state itself and vector->use and virq
remains configured even for masked vectors.  Therefore we need to ask
the MSI-X code whether a vector is masked in order to select the
correct signaling path.  As noted in the comment, MSI relies on
hardware to handle masking.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Cc: qemu-stable@nongnu.org # QEMU 2.1
2014-08-05 13:05:52 -06:00
Peter Maydell
ef493d5c29 hw/misc/imx_ccm.c: Add missing VMState list terminator
The VMStateDescription for the imx_ccm device was missing its
terminator. Found by static search of the codebase using
a regex based on one suggested by Ian Jackson:
  pcregrep -rMi '(?s)VMStateField(?:(?!END_OF_LIST).)*?;' $(git grep -l 'VMStateField\[\]')

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-stable@nongnu.org
2014-07-22 17:53:36 +01:00
Gavin Shan
27e27782f7 sPAPR/IOMMU: Fix TCE entry permission
The permission of TCE entry should exclude physical base address.
Otherwise, unmapping TCE entry can be interpreted to mapping TCE
entry wrongly for VFIO devices.

Signed-off-by: Gavin Shan <gwshan@linux.vnet.ibm.com>
Acked-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-07-15 16:11:59 +02:00
Andreas Färber
f3c7d0389f hw: Fix qemu_allocate_irqs() leaks
Replace qemu_allocate_irqs(foo, bar, 1)[0]
with qemu_allocate_irq(foo, bar, 0).

This avoids leaking the dereferenced qemu_irq *.

Cc: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
[PC Changes:
 * Applied change to instance in sh4/sh7750.c
]
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Kirill Batuzov <batuzovk@ispras.ru>
[AF: Fix IRQ index in sh4/sh7750.c]
Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-06-30 21:13:30 +02:00
Paolo Bonzini
ba29776fd8 vfio: use correct runstate
io-error is for block device errors; it should always be preceded
by a BLOCK_IO_ERROR event.  I think vfio wants to use
RUN_STATE_INTERNAL_ERROR instead.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-06-30 09:56:08 -06:00
Alexey Kardashevskiy
c40708176a vfio: Make BARs native endian
Slow BAR access path is used when VFIO fails to mmap() BAR.
Since this is just a transport between the guest and a device, there is
no need to do endianness swapping.

This changes BARs to use native endianness. Since non-ROM BARs were
doing byte swapping, we need to remove it so does the patch.
As the result, this eliminates cancelling byte swaps and there is
no change in behavior for non-ROM BARs.

ROM BARs were declared little endian too but byte swapping was not
implemented for them so they never actually worked on big endian systems
as there was no cancelling byte swap. This fixes endiannes for ROM BARs
by declaring them native endian and only fixing access sizes as it is
done for non-ROM BARs.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-06-30 09:52:58 -06:00
Alex Williamson
f4d45d4782 vfio-pci: Fix MSI-X masking performance
There are still old guests out there that over-exercise MSI-X masking.
The current code completely sets-up and tears-down an MSI-X vector on
the "use" and "release" callbacks.  While this is functional, it can
slow an old guest to a crawl.  We can easily skip the KVM parts of
this so that we keep the MSI route and irqfd setup.  We do however
need to switch VFIO to trigger a different eventfd while masked.
Actually, we have the option of continuing to use -1 to disable the
trigger, but by using another EventNotifier we can allow the MSI-X
core to emulate pending bits and re-fire the vector once unmasked.
MSI code gets updated as well to use the same setup and teardown
structures and functions.

Prior to this change, an igbvf assigned to a RHEL5 guest gets about
20Mbps and 50 transactions/s with netperf (remote or VF->PF).  With
this change, we get line rate and 3k transactions/s remote or 2Gbps
and 6k+ transactions/s to the PF.  No significant change is expected
for newer guests with more well behaved MSI-X support.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-06-30 09:50:33 -06:00
Alex Williamson
9035f8c09b vfio-pci: Fix MSI/X debug code
Use the correct MSI message function for debug info.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-06-30 09:50:33 -06:00
Alexey Kardashevskiy
591812634c vfio: Enable for SPAPR
This turns the sPAPR support on and enables VFIO container use
in the kernel.

This extends vfio_connect_container to support VFIO_SPAPR_TCE_IOMMU type
in the host kernel.

This registers a memory listener which sPAPR IOMMU will notify when
executing H_PUT_TCE/etc DMA calls. The listener then will notify the host
kernel about DMA map/unmap operation via VFIO_IOMMU_MAP_DMA/
VFIO_IOMMU_UNMAP_DMA ioctls.

This executes VFIO_IOMMU_ENABLE ioctl to make sure that the IOMMU is free
of mappings and can be exclusively given to the user. At the moment SPAPR
is the only platform requiring this call to be implemented.

Note that the host kernel function implementing VFIO_IOMMU_DISABLE
is called automatically when container's fd is closed so there is
no need to call it explicitly from QEMU. We may need to call
VFIO_IOMMU_DISABLE explicitly in the future for some sort of dynamic
reconfiguration (PCI hotplug or dynamic IOMMU group management).

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Acked-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-27 13:48:23 +02:00
Alexey Kardashevskiy
6d8be4c343 vfio: Add vfio_container_ioctl()
While most operations with VFIO IOMMU driver are generic and used inside
vfio.c, there are still some operations which only specific VFIO IOMMU
drivers implement. The first example of it will be reading a DMA window
start from the host.

This adds a helper which passes an ioctl request to the container's fd.

The helper will check if @req is known. For this, stub is added. This return
-1 on any requests for now.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Acked-by: Alex Williamson <alex.williamson@redhat.com>
Acked-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-27 13:48:23 +02:00
Wenchao Xia
3a44969037 qapi event: convert GUEST_PANICKED
'monitor.h' is still included in target-s390x/kvm.c, since I have
no good way to verify whether other code need it on my x86 host.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2014-06-23 11:12:28 -04:00
Alexander Graf
9397a7c831 macio: Fix timer endianness
The timer registers on our KeyLargo macio emulation are read as byte reversed
from the big endian guest, so we better expose them endian reversed as well.

This fixes initial hickups of booting Mac OS X with -M mac99 for me.

Signed-off-by: Alexander Graf <agraf@suse.de>
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
2014-06-16 13:24:38 +02:00
Alexander Graf
3e300fa6ad macio ide: Do remainder access asynchronously
The macio IDE controller has some pretty nasty magic in its implementation to
allow for unaligned sector accesses. We used to handle these accesses
synchronously inside the IO callback handler.

However, the block infrastructure changed below our feet and now it's impossible
to call a synchronous block read/write from the aio callback handler of a
previous block access.

Work around that limitation by making the unaligned handling bits also go
through our asynchronous handler.

This fixes booting Mac OS X for me.

Reported-by: John Arbuckle <programmingkidx@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:38 +02:00
David Gibson
5e70018b00 vfio: Add guest side IOMMU support
This patch uses the new IOMMU notifiers to allow VFIO pass through devices
to work with guest side IOMMUs, as long as the host-side VFIO iommu has
sufficient capability and granularity to match the guest side. This works
by tracking all map and unmap operations on the guest IOMMU using the
notifiers, and mirroring them into VFIO.

There are a number of FIXMEs, and the scheme involves rather more notifier
structures than I'd like, but it should make for a reasonable proof of
concept.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-05-30 13:10:07 -06:00
David Gibson
0688448b71 vfio: Create VFIOAddressSpace objects as needed
So far, VFIO has a notion of different logical DMA address spaces, but
only ever uses one (system memory).  This patch extends this, creating
new VFIOAddressSpace objects as necessary, according to the AddressSpace
reported by the PCI subsystem for this device's DMAs.

This isn't enough yet to support guest side IOMMUs with VFIO, but it does
mean we could now support VFIO devices on, for example, a guest side PCI
host bridge which maps system memory at somewhere other than 0 in PCI
space.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-05-30 13:09:14 -06:00
David Gibson
3df3e0a587 vfio: Introduce VFIO address spaces
The only model so far supported for VFIO passthrough devices is the model
usually used on x86, where all of the guest's RAM is mapped into the
(host) IOMMU and there is no IOMMU visible in the guest.

This patch begins to relax this model, introducing the notion of a
VFIOAddressSpace.  This represents a logical DMA address space which will
be visible to one or more VFIO devices by appropriate mapping in the (host)
IOMMU.  Thus the currently global list of containers becomes local to
a VFIOAddressSpace, and we verify that we don't attempt to add a VFIO
group to multiple address spaces.

For now, only one VFIOAddressSpace is created and used, corresponding to
main system memory, that will change in future patches.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-05-30 13:05:19 -06:00
Alexey Kardashevskiy
279a35ab4a vfio: Rework to have error paths
This reworks vfio_connect_container() and vfio_get_group() to have
common exit path at the end of the function bodies.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-05-30 13:03:21 -06:00
Alexey Kardashevskiy
7532d3cbf1 vfio: Fix 128 bit handling
Upcoming VFIO on SPAPR PPC64 support will initialize the IOMMU
memory region with UINT64_MAX (2^64 bytes) size so int128_get64()
will assert.

The patch takes care of this check. The existing type1 IOMMU code
is not expected to map all 64 bits of RAM so the patch does not
touch that part.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-05-30 13:02:02 -06:00
Alex Williamson
4cb47d281a vfio-pci: Quirk RTL8168 NIC
This device is ridiculous.  It has two MMIO BARs, BAR4 and BAR2.  BAR4
hosts the MSI-X table, so oviously it would be too easy to access it
directly, instead it creates a window register in BAR2 that, among
other things, provides access to the MSI-X table.  This means MSI-X
doesn't work in the guest because the driver actually manages to
program the physical table.  When interrupt remapping is present, the
device MSI will be blocked.  The Linux driver doesn't make use of this
window, so apparently it's not required to make use of MSI-X.  This
quirk makes the device work with the Windows driver that does use this
window for MSI-X, but I certainly cannot recommend this device for
assignment (the Windows 7 driver also constantly pokes PCI config
space).

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-05-30 12:43:50 -06:00
Michael Walle
25156d1061 lm32: remove lm32_sys
Since we have now semihosting on the lm32 target, this device is no longer
needed. Remove it.

Signed-off-by: Michael Walle <michael@walle.cc>
2014-05-24 19:43:52 +02:00
Peter Maydell
895527eea5 migration/next for 20140515
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJTdBkpAAoJEPSH7xhYctcj5jAQAJKiJ/43TBk0S0wlpoPjw1yA
 WSC/oJ2yvf+i6EndJPdnxIA/3K3s7suRFBJVYwLVnGJTUZ6gwGcI7cc/EX/iK0vf
 1Ffv/RAuh3nkohFw1ZMLQGqACFskSer0K1wZgQg+YjiJRPzzpVOpaAVm3+c04LRN
 AjO9LTqudi2pFaDHfGQMFES3j/5+h2srdad7YLMu4h/17SLtcowO7Yf7GT+GHRyD
 c3OHcL6vNoCKkIJQULC8X5czh6zapQZG3SRZ/nLt58yjEyVuq4L2cNRA/614K+5b
 1YLz4dX6slj8y17tg8On60emU0Sdu4mOws9HtYSytfmEu045iuF+Wr4kNjO74UGd
 NnnjD1pdnuF7356pz87PiVBf7qer5yrv+Bog1KRUwn3ETFqpSOMiKJo0JAGBMKdN
 w6Mbkg9C7IR62OfmM5157Mj2Xd681GImNiYzerBMfuFAWk5XsMxuz9Xh03I7WpzS
 ASow6SCBIr7bsiKENV7twuz1mIQclsYWXaVt8ldH8bMsTCqiefVeDs4o6A3Na+WC
 LztUHzlhVLZU92uJDiIsyQnwmsw032RjhKY9sV/NMa5HLAhF/zZLcn1OfXshrv8t
 mVnWngGbY185kml0GmLu9TSnSCBSD8lcwZlRA9JVyxfusxElJUOrQzKzvu69Rn6U
 XBWPBwppnDQ0MjOgSZD+
 =gg8m
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20140515' into staging

migration/next for 20140515

# gpg: Signature made Thu 15 May 2014 02:32:25 BST using RSA key ID 5872D723
# gpg: Can't check signature: public key not found

* remotes/juanquintela/tags/migration/20140515:
  usb: fix up post load checks
  migration: show average throughput when migration finishes
  savevm: Remove all the unneeded version_minimum_id_old (rest)
  savevm: Remove all the unneeded version_minimum_id_old (usb)
  Split ram_save_block
  arch_init: Simplify code for load_xbzrle()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-05-15 17:29:03 +01:00
Juan Quintela
35d08458a9 savevm: Remove all the unneeded version_minimum_id_old (rest)
After previous Peter patch, they are redundant.  This way we don't
assign them except when needed.  Once there, there were lots of case
where the ".fields" indentation was wrong:

     .fields = (VMStateField []) {
and
     .fields =      (VMStateField []) {

Change all the combinations to:

     .fields = (VMStateField[]){

The biggest problem (appart from aesthetics) was that checkpatch complained
when we copy&pasted the code from one place to another.

Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2014-05-14 15:24:51 +02:00
Peter Maydell
89f26e6b7b hw/arm/omap_gpmc: Avoid buffer overrun filling prefetch FIFO
In fill_prefetch_fifo(), if the device we are reading from is 16 bit,
then we must not try to transfer an odd number of bytes into the FIFO.
This could otherwise have resulted in our overrunning the prefetch.fifo
array by one byte.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
2014-05-13 16:09:39 +01:00
Juan Quintela
8f1e884b38 savevm: Remove all the unneeded version_minimum_id_old (arm)
After commit 767adce2d, they are redundant.  This way we don't assign them
except when needed.  Once there, there were lots of cases where the ".fields"
indentation was wrong:

     .fields = (VMStateField []) {
and
     .fields =      (VMStateField []) {

Change all the combinations to:

     .fields = (VMStateField[]){

The biggest problem (apart from aesthetics) was that checkpatch complained
when we copy&pasted the code from one place to another.

Signed-off-by: Juan Quintela <quintela@redhat.com>
[PMM: fixed minor conflict, corrected commit message typos]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-05-13 16:09:35 +01:00
Markus Armbruster
65cd9064e1 qom: Clean up fragile use of error_is_set() in set() methods
Using error_is_set(ERRP) to find out whether a function failed is
either wrong, fragile, or unnecessarily opaque.  It's wrong when ERRP
may be null, because errors go undetected when it is.  It's fragile
when proving ERRP non-null involves a non-local argument.  Else, it's
unnecessarily opaque (see commit 84d18f0).

I guess the error_is_set(errp) in the ObjectProperty set() methods are
merely fragile right now, because I can't find a call chain that
passes a null errp argument.

Make the code more robust and more obviously correct: receive the
error in a local variable, then propagate it through the parameter.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-05-05 19:08:49 +02:00
Cole Robinson
f231b88db1 qerror.h: Remove QERR defines that are only used once
Just hardcode them in the callers

Cc: Luiz Capitulino <lcapitulino@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2014-04-25 09:19:59 -04:00
Peter Crosthwaite
6954a1cd97 misc: zynq_slcr: Make DB_PRINTs always compile
Change the DB_PRINT macro over to a regular if() rather than
conditional compilation to give constant compile testing of formats.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 942477847353c5cff5f45a228cc88c633dc012f3.1396503037.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-04-17 21:34:07 +01:00
Peter Crosthwaite
15e3611e1c misc: zynq_slcr: Convert SBD::init to object init
To bring it up to date with styling guidelines.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 2e837af80a18216c21e73241032e048f39d78b99.1396503037.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-04-17 21:34:07 +01:00
Peter Crosthwaite
db302f8f93 misc: zynq-slcr: Rewrite
Near total rewrite of this device model. It is stylistically
obsolete, has numerous coverity fails and is not up to date with latest
Xilinx documentation. Fix.

The registers are flattened into a single array. This greatly simplifies
the MMIO accessor functions.

We take the oppurtunity to update the register Macro definitions to
match the latest TRM. Xilinx has de-documented some regs hence there are
some straight deletions. We only do this however in the case or a stock
read-as-written reset-zero register. Non-zero resets are always
preserved. New register definitions are added as needed.

This all comes with a VMSD version break as the union layout from before
was a bit strange and we are better off without it.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 3aa016167b352ed224666909217137285fd3351d.1396503037.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-04-17 21:34:06 +01:00
Paolo Bonzini
efdf6a56a7 tmp105: Read temperature in milli-celsius
Right now, the temperature property must be written in milli-celsius,
but it reads back the value in 8.8 fixed point.  Fix this by letting the
property read back the original value (possibly rounded).  Also simplify
the code that does the conversion.

Before:

    (QEMU) qom-set path=/machine/peripheral/sensor property=temperature value=20000
    {u'return': {}}
    (QEMU) qom-get path=sensor property=temperature
    {u'return': 5120}

After:

    (QEMU) qom-set path=/machine/peripheral/sensor property=temperature value=20000
    {u'return': {}}
    (QEMU) qom-get path=sensor property=temperature
    {u'return': 20000}

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-31 22:49:40 +02:00
Alex Williamson
4e505ddd9a vfio: Cosmetic error reporting fixes
* Remove terminating newlines from hw_error() and error_report() calls
* Fix cut-n-paste error in text (s/to/from/)

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-03-25 12:08:52 -06:00
Bandan Das
db01eedb6d vfio: Correction in vfio_rom_read when attempting rom loading
commit e638073c56 added a flag to track whether
a previous rom read had failed. Accidentally, the code
ended up adding vfio_load_option_rom twice. (Thanks to Alex
for spotting it)

Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-03-25 08:24:20 -06:00
Peter Crosthwaite
7c77b654c5 misc/max111x: QOM casting sweep
Define and use QOM cast macro. Removes some usages of legacy casting
systems.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
[AF: Rename parent field]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-12 20:13:02 +01:00
Peter Crosthwaite
5ef4a1c304 misc/max111x: Create abstract max111x type
Create an abstract class that encompasses both max111x variants. This is
needed for QOM cast macro creation (and is the right thing to do
anyway). Macroify type-names in the process.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-12 20:13:02 +01:00
Peter Crosthwaite
1a7d9ee6dd ssi: Convert legacy SSI_SLAVE -> DEVICE casts
Convert legacy ->qdev style casts from TYPE_SSI_SLAVE to TYPE_DEVICE.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
[AF: Introduce local DeviceState variable for transition to QOM realize]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-12 20:13:02 +01:00
Peter Maydell
73795cea96 Updates include:
- Coverify fixes for vfio & pci-assign (Markus)
  - VFIO blacklisting support for known brokwn PCI option ROMs (Bandan)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJTDi9AAAoJECObm247sIsi5nwP/2hwA3YVzx4eamWWAK4IDuZO
 8Umga2wYQcpFkyb5zEDfZgYIQ+YcLFLVO0R9Uszlkl4Lmlu8Nl0Xoknn41NTEghH
 V9wGwlVfAcsnF2bP5aMN26Yd6pQditfL4Oj+o+kM6Vz63u7k3tCtiH+gDN0YYc/A
 wvyCmfv9nZGCKmtRljbeuSi7cYrDHld4LDXMeXkQCkc/x3BdsmyiCmw6uMuMPLP3
 LD8eCu6j08YowoPrQXSbJOw0kbYmWn/7pXMWdDZxswNQhNgBO+zt7niaEPTnql+s
 grxMzCABP3C1QIG/tMF1HM2CjSitM1qZJnO1W0UWup5+BrjdweZ5qnTTDmYi/XmT
 bne24I0zsLVIlEOTZeIZybeEnfbqHM2LfkyUJP/jwF8L1K+hsSdx0X6h1SJ+2PlV
 0hUBovhqvln1n9SH6WQ0e/bTfeERUr9QF9TfKZNIFpDSg2a+TQqQYFBtx/2I6wV6
 7BYRULG4/ykMEPu801iuxbLLgzXqSuY4HR775j0jVzqJp7jsO5a6mRiHqWHd2Rok
 r2jA/KA/9uWeeey+AumndL1olTMxBTlhTCKiX87bPCn/rYjld2oioIpft6JSVc9U
 PXoS5h16iyY4SWwCV9OkvluPYzx6o++Tb0rWdvnTyHPebf8EoDQeaKgxjU1bUpDa
 kYxTBa5mC03lNEoZ2XmQ
 =d8HV
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/awilliam/tags/vfio-pci-for-qemu-20140226.0' into staging

Updates include:
 - Coverify fixes for vfio & pci-assign (Markus)
 - VFIO blacklisting support for known brokwn PCI option ROMs (Bandan)

# gpg: Signature made Wed 26 Feb 2014 18:15:28 GMT using RSA key ID 3BB08B22
# gpg: Can't check signature: public key not found

* remotes/awilliam/tags/vfio-pci-for-qemu-20140226.0:
  vfio: blacklist loading of unstable roms
  qdev-monitor: set DeviceState opts before calling realize
  pci-assign: Fix potential read beyond buffer on -EBUSY
  vfio: Fix overrun after readlink() fills buffer completely

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-02-27 11:31:52 +00:00
Bandan Das
4b9430294e vfio: blacklist loading of unstable roms
Certain cards such as the Broadcom BCM57810 have rom quirks
that exhibit unstable system behavior duing device assignment. In
the particular case of 57810, rom execution hangs and if a FLR
follows, the device becomes inoperable until a power cycle. This
change blacklists loading of rom for such cards unless the user
specifies a romfile or rombar=1 on the cmd line

Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-02-26 10:33:45 -07:00
Markus Armbruster
13665a2d2f vfio: Fix overrun after readlink() fills buffer completely
readlink() returns the number of bytes written to the buffer, and it
doesn't write a terminating null byte.  vfio_init() writes it itself.
Overruns the buffer when readlink() filled it completely.

Fix by treating readlink() filling the buffer completely as error,
like we do in pci-assign.c's assign_failed_examine().

Spotted by Coverity.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-02-26 10:28:36 -07:00
Peter Maydell
ec1efab957 hw/misc/arm_sysctl: Fix bad boundary check on mb clock accesses
Fix incorrect use of sizeof() rather than ARRAY_SIZE() to guard
accesses into the mb_clock[] array, which was allowing a malicious
guest to overwrite the end of the array.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1392647854-8067-2-git-send-email-peter.maydell@linaro.org
Cc: qemu-stable@nongnu.org
2014-02-26 17:19:57 +00:00
Paolo Bonzini
c7bcc85d66 qdev: Remove hex8/32/64 property types
Replace them with uint8/32/64.

Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-02-14 21:12:04 +01:00
Peter Maydell
8fa7574904 target-arm queue:
* more A64 Neon instructions
  * AArch32 VCVTB and VCVTT ARMv8 instructions
  * fixes to inaccuracies in GIC emulation
  * libvixl disassembler for A64
  * Allwinner SoC ethernet controller
  * zynq software system reset support
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABCAAGBQJS9lLhAAoJEDwlJe0UNgzewoEP/1ilCOwrepJ4zkIfhzoFpyu6
 OtS/H6ORzE/pAr3r890CPEMPCgQZ4Fw5BdUloo/BtIC/fETEPaxAxIdDFvvVwSo6
 atX/RSHdSHbJwcwzJ2YW3sHFeZrHX2V0Qzx/bKPu20qcFE39eG4+b3tJfoSURClE
 o3Jis32j5MLTGphp9ulhfOVVt14ToTqk6M2mDpBVkK2XofKD3ytYMG6els2n04D4
 6JTdXDRN53+MfF9B5VoQGlc90OsIQHYycnEMjVGSr1Clxd3AHNYaMNZ+kSLbILZi
 uYE3s6xwQHBh5L3NuQU6zIrx7MBtA2flNA2BiQiabJaN76qkvZHlkxTIm9D0UlRC
 xVbSEp3pwu/KZGCtZobcK/dkrJOsGxOJeswDxEQy/MJUneSMnpDRuOwKO/zG7pW5
 nXV+fUAVH+xR9PZUvLzpZAxSFLH4A5kR7ezQkl8SLX6+zTN6bH1e7If/Z0c0WffH
 XNvEarVCbKkbBh/8FOvhJoYuz902ZFnaje1pi26dmxpd7fyswlHkR3ewLYJLlOXq
 26lG/aVqMJ+JqzvzL0PpWX9+Am43sVkRhNiedT7RWyu20eCGWjwVvl0TISw7gFge
 0yRUhdMQtcdVhREqUScxDyGQrtN0+5U77yIRs+SVH3hjDu6riTbeHQ4uJakJssVn
 03Fs0aFWNIv9g7cGhg8C
 =6kX6
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140208' into staging

target-arm queue:
 * more A64 Neon instructions
 * AArch32 VCVTB and VCVTT ARMv8 instructions
 * fixes to inaccuracies in GIC emulation
 * libvixl disassembler for A64
 * Allwinner SoC ethernet controller
 * zynq software system reset support

# gpg: Signature made Sat 08 Feb 2014 15:53:05 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"

* remotes/pmaydell/tags/pull-target-arm-20140208: (29 commits)
  arm/zynq: Add software system reset via SCLR
  hw/arm/allwinner-a10: initialize EMAC
  hw/net: add support for Allwinner EMAC Fast Ethernet controller
  util/fifo8: clear fifo head upon reset
  util/fifo8: implement push/pop of multiple bytes
  disas: Implement disassembly output for A64
  disas/libvixl: Fix upstream libvixl compilation issues
  disas: Add subset of libvixl sources for A64 disassembler
  rules.mak: Link with C++ if we have a C++ compiler
  rules.mak: Support .cc as a C++ source file suffix
  arm_gic: Add GICC_APRn state to the GICState
  vmstate: Add uint32 2D-array support
  arm_gic: Support setting/getting binary point reg
  arm_gic: Keep track of SGI sources
  arm_gic: Fix GIC pending behavior
  target-arm: Add support for AArch32 64bit VCVTB and VCVTT
  target-arm: A64: Add FNEG and FABS to the SIMD 2-reg-misc group
  target-arm: A64: Add 2-reg-misc REV* instructions
  target-arm: A64: Add narrowing 2-reg-misc instructions
  target-arm: A64: Implement 2-reg-misc CNT, NOT and RBIT
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-02-11 11:26:36 +00:00
Sebastian Huber
69991d7dcb arm/zynq: Add software system reset via SCLR
Support software-driven system reset via the register in the SCLR.

Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-02-08 14:50:48 +00:00
Michael Walle
8c5edce5b7 lm32_sys: dump cpu state if test case fails
This will ease debugging the test cases.

Signed-off-by: Michael Walle <michael@walle.cc>
2014-02-04 19:47:39 +01:00
Michael Walle
9a59e6e307 lm32_sys: print test result on stderr
Do not use qemu_log().

Signed-off-by: Michael Walle <michael@walle.cc>
2014-02-04 19:47:27 +01:00
Michael Walle
e67b3ca53a lm32_sys: increase test case name length limit
The new MMU tests use longer names.

Signed-off-by: Michael Walle <michael@walle.cc>
2014-02-04 19:34:29 +01:00
Peter Maydell
850bbe1b94 vfio-pci updates include:
- Destroy MemoryRegions on device teardown
  - Print warnings around PCI option ROM failures
  - Skip bogus mappings from 64bit BAR sizing
  - Act on DMA mapping failures
  - Fix alignment to avoid MSI-X table mapping
  - Fix debug macro typo
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJS58xzAAoJECObm247sIsiuqIP/24fhvWwRRwgc/gFpQ/7KbeP
 nUkQdx6TEOK6f0+HOQOD9HtQAiSytJhB6jZQVYfN8MWrp3QzizGH56enR6FOj86C
 9/bnpWYvjDpO/CkdxOdl7aEX/S4LMjoz/2+UmulTxrpt5cpJrsnBTqEuBiMfqwDP
 A50DHHk89uEZWaDkZvdUOc8cOFNAw4p+c20UY6DWIi/SSJlD2BPdH2FhxWE2sT9Z
 60qShybMBTYBYdom3PURzIX8g+DyY9Kzn0d2g108ereaVvYjjwOLcB3HM4W/dSJ6
 rKNGQH+lZHmL4LpWflXlqkZPn31OhOkkks6xncLnfGztRz8ghBs/wj9M+wd8hFKT
 tTf+iwmTCMFF/Lg8RIK4zUMmWgeGq0KN+9bgtJ02nuXe2q782xghxjowJPkbkuHr
 Z+ja+xmL84MyU0UD66oOubxO1RmkBPAzagBjzkJEzj/Kl0JgTqFLYhdo1bQJ1KlV
 3AbnhyR+7p+eHh7AayymhLbwdW1p6qNnEKEKc2yofsV58u4j5teed6WL/QOQQsR2
 lAdR2o6/BjELVQ/ibsbR6yqQxGoG2Y/FdPwiA3IiN+g5dw/oiYOEOHvTHAVB3f4C
 gMPCny+qO4v27Am0iuNrlA6udpc8zNMcgwrVFU+ZmCvePU08+6Jvu8PwgJLruSTx
 l29PsKGSk8fa4a2d0DJO
 =J3ON
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/awilliam/tags/vfio-pci-for-qemu-20140128.0' into staging

vfio-pci updates include:
 - Destroy MemoryRegions on device teardown
 - Print warnings around PCI option ROM failures
 - Skip bogus mappings from 64bit BAR sizing
 - Act on DMA mapping failures
 - Fix alignment to avoid MSI-X table mapping
 - Fix debug macro typo

# gpg: Signature made Tue 28 Jan 2014 15:27:47 GMT using RSA key ID 3BB08B22
# gpg: Can't check signature: public key not found

* remotes/awilliam/tags/vfio-pci-for-qemu-20140128.0:
  vfio: correct debug macro typo
  vfio: fix mapping of MSIX bar
  kvm: initialize qemu_host_page_size
  vfio-pci: Fail initfn on DMA mapping errors
  vfio: Filter out bogus mappings
  vfio: Do not reattempt a failed rom read
  vfio: warn if host device rom can't be read
  vfio: Destroy memory regions

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-02-01 21:08:06 +00:00
Bandan Das
8b6d14087d vfio: correct debug macro typo
Change to DEBUG_VFIO in vfio_msi_interrupt() for debug
messages to get printed

Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-01-28 08:23:19 -07:00
Gabriel L. Somlo
15bce1b7c5 Add DSDT node for AppleSMC
AppleSMC (-device isa-applesmc) is required to boot OS X guests.
OS X expects a SMC node to be present in the ACPI DSDT. This patch
adds a SMC node to the DSDT, and dynamically patches the return value
of SMC._STA to either 0x0B if the chip is present, or otherwise to 0x00,
before booting the guest.

Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-01-26 13:06:48 +02:00
Alexey Kardashevskiy
8d7b5a1da0 vfio: fix mapping of MSIX bar
VFIO virtualizes MSIX table for the guest but not mapping the part of
a BAR which contains an MSIX table. Since vfio_mmap_bar() mmaps chunks
before and after the MSIX table, they have to be aligned to the host
page size which may be TARGET_PAGE_MASK (4K) or 64K in case of PPC64.

This fixes boundaries calculations to use the real host page size.

Without the patch, the chunk before MSIX table may overlap with the MSIX
table and mmap will fail in the host kernel. The result will be serious
slowdown as the whole BAR will be emulated by QEMU.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-01-17 11:12:56 -07:00
Alex Williamson
87ca1f77b1 vfio-pci: Fail initfn on DMA mapping errors
The vfio-pci initfn will currently succeed even if DMA mappings fail.
A typical reason for failure is if the user does not have sufficient
privilege to lock all the memory for the guest.  In this case, the
device gets attached, but can only access a portion of guest memory
and is extremely unlikely to work.

DMA mappings are done via a MemoryListener, which provides no direct
error return path.  We therefore stuff the errno into our container
structure and check for error after registration completes.  We can
also test for mapping errors during runtime, but our only option for
resolution at that point is to kill the guest with a hw_error.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-01-16 09:22:07 -07:00
Alex Williamson
d3a2fd9b29 vfio: Filter out bogus mappings
Since 57271d63 we now see spurious mappings with the upper bits set
if 64bit PCI BARs are sized while enabled.  The guest writes a mask
of 0xffffffff to the lower BAR to size it, then restores it, then
writes the same mask to the upper BAR resulting in a spurious BAR
mapping into the last 4G of the 64bit address space.  Most
architectures do not support or make use of the full 64bits address
space for PCI BARs, so we filter out mappings with the high bit set.
Long term, we probably need to think about vfio telling us the
address width limitations of the IOMMU.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2014-01-16 09:22:07 -07:00
Bandan Das
e638073c56 vfio: Do not reattempt a failed rom read
During lazy rom loading, if rom read fails, and the
guest attempts a read again, vfio will again attempt it.
Add a boolean to prevent this. There could be a case where
a failed rom read might succeed the next time because of
a device reset or such, but it's best to exclude unpredictable
behavior

Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-01-15 10:11:52 -07:00
Bandan Das
d20b43dfea vfio: warn if host device rom can't be read
If the device rom can't be read, report an error to the
user. This alerts the user that the device has a bad
state that is causing rom read failure or option rom
loading has been disabled from the device boot menu
(among other reasons).

Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-01-15 10:11:06 -07:00
Alex Williamson
7c4228b477 vfio: Destroy memory regions
Somehow this has been lurking for a while; we remove our subregions
from the base BAR and VGA region mappings, but we don't destroy them,
creating a leak and more serious problems when we try to migrate after
removing these devices.  Add the trivial bit of final cleanup to
remove these entirely.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2014-01-15 10:07:26 -07:00
Anthony Liguori
c06f13c6da QOM infrastructure fixes and device conversions
* QOM interface fixes and unit test
 * Device no_user sanitization and documentation
 * Device error reporting improvement
 * Conversion of APIC, ICC, IOAPIC to QOM realization model
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJSub6FAAoJEPou0S0+fgE/JGcP/RvIMVyldoUN1buS+ynXkNGS
 UXCwnGGwE6dw7V8eTHxgm7vj1SznaIFZd1jxhbU/PSRn7SkLjHhM4Ei5Nu06nsJD
 Dwe22muiGxPIucnwhhuyPni9gP386yR7/4cwqMqvEuB696ZO7tdcMQ4PxwMWW6GN
 8XsgF/3nlNFYTTxkG5KhmqqYEQdoQc5aloR7BZiziNaSIXLgIKAFp/T3vl+cwOyV
 j2N4Wq+egPNA821Y+sb9V8ZDkwQamE4qsSdIvWSaR24vFEQ8D+U6Sll2qkfcKo4H
 dmVu27OYFGJ4hJfyNoJ+7RKF1ET+IcmPW6Hcdri0CZNg5f3rHWur3mvasEMB3I3S
 sSQNfItp2bSj0LlTnOcbjE7kP3DTrunAoQ9TJaHo9N94sjXwr8EnCIwHqOZODZbr
 j07uKaRyQp4BCSQwP5QP4XEirLvzJOYCxCmT9pXELW/DMjgzjl1XgZVtEowvzHx4
 JNoF9mVGjVLDdwb9Tm+nR+9dQsNiGyF7HUYfIf1EwKshp6kwqOmO+YkNKq05kfRN
 0GhQB5exB6xN4zUqZTQ544WxB+hls6bOXpOlbKAEWQWpJ2Gj2hlBYTPCuFMwWrfl
 rH0jhC9zzlNqRyTUN+KZjU3GTa0T6neOSIXtDiS/VXWKDEV35zohYgwdpAfvpse2
 61a4MkgXwy7eqUeZ0Jqu
 =WrhM
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'afaerber/tags/qom-devices-for-anthony' into staging

QOM infrastructure fixes and device conversions

* QOM interface fixes and unit test
* Device no_user sanitization and documentation
* Device error reporting improvement
* Conversion of APIC, ICC, IOAPIC to QOM realization model

# gpg: Signature made Tue 24 Dec 2013 09:04:05 AM PST using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg:                 aka "Andreas Färber <afaerber@suse.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 174F 0347 1BCC 221A 6175  6F96 FA2E D12D 3E7E 013F

* afaerber/tags/qom-devices-for-anthony: (24 commits)
  qdev-monitor: Improve error message for -device nonexistant
  ioapic: QOM'ify ioapic
  ioapic: Cleanup for QOM'ification
  icc_bus: QOM'ify ICC
  apic: QOM'ify APIC
  apic: Cleanup for QOM'ification
  qdev: Drop misleading qbus_free() function
  qom: Detect bad reentrance during object_class_foreach()
  tests: Test QOM interface casting
  qom: Do not register interface "types" in the type table and fix names
  qom: Split out object and class caches
  qdev: Document that pointer properties kill device_add
  hw: cannot_instantiate_with_device_add_yet due to pointer props
  qdev-monitor: Avoid device_add crashing on non-device driver name
  qdev: Do not let the user try to device_add when it cannot work
  isa: Clean up use of cannot_instantiate_with_device_add_yet
  vt82c686: Clean up use of cannot_instantiate_with_device_add_yet
  piix3 piix4: Clean up use of cannot_instantiate_with_device_add_yet
  ich9: Document why cannot_instantiate_with_device_add_yet
  pci-host: Consistently set cannot_instantiate_with_device_add_yet
  ...
2014-01-09 11:24:48 -08:00
Stefan Weil
c46b07f0d7 exynos4210: Use macro ARRAY_SIZE where possible
This improves readability and simplifies the code.

Cc: Dmitry Solodkiy <d.solodkiy@samsung.com>
Cc: Evgeny Voevodin <e.voevodin@samsung.com>
Cc: Igor Mitsyanko <i.mitsyanko@gmail.com>
Cc: Maksim Kozlov <m.kozlov@samsung.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-12-23 16:02:19 +04:00
Markus Armbruster
f3b176402f isa: Clean up use of cannot_instantiate_with_device_add_yet
Drop it when there's no obvious reason why device_add could not work.
Else keep and document why.

* isa-fdc: drop

* i8042: drop, even though its I/O base is hardcoded (because you
  could conceivably still add one to a board that has none), and even
  though PC board code wires up the A20 line (because that wiring is
  optional)

* port92: keep because it needs additional wiring by port92_init()

* mc146818rtc: keep because it needs to be wired up by rtc_init()

* m48t59_isa: keep because needs to be wired up by m48t59_init_isa()

* isa-pit, kvm-pit: keep (in their abstract base pic-common) because
  the PIT needs additional wiring by board code, depending on HPET
  presence

* pcspk: keep because of pointer property pit, and because realize
  sets global pcspk_state

* vmmouse: keep because of pointer property ps2_mouse

* vmport: keep because realize sets global port_state

* isa-i8259, kvm-i8259: keep (in their abstract base pic-common),
  because the PICs' IRQ input lines are set up by board code, and the
  wiring of the slave to the master is hard-coded in device model code

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-12-23 00:27:23 +01:00
Markus Armbruster
837d37167d sysbus: Set cannot_instantiate_with_device_add_yet
device_add plugs devices into suitable bus.  For "real" buses, that
actually connects the device.  For sysbus, the connections need to be
made separately, and device_add can't do that.  The device would be
left unconnected, and could not possibly work.

Quite a few, but not all sysbus devices already set
cannot_instantiate_with_device_add_yet in their class init function.

Set it in their abstract base's class init function
sysbus_device_class_init(), and remove the now redundant assignments
from device class init functions.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-12-23 00:27:22 +01:00
Markus Armbruster
efec3dd631 qdev: Replace no_user by cannot_instantiate_with_device_add_yet
In an ideal world, machines can be built by wiring devices together
with configuration, not code.  Unfortunately, that's not the world we
live in right now.  We still have quite a few devices that need to be
wired up by code.  If you try to device_add such a device, it'll fail
in sometimes mysterious ways.  If you're lucky, you get an
unmysterious immediate crash.

To protect users from such badness, DeviceClass member no_user used to
make device models unavailable with -device / device_add, but that
regressed in commit 18b6dad.  The device model is still omitted from
help, but is available anyway.

Attempts to fix the regression have been rejected with the argument
that the purpose of no_user isn't clear, and it's prone to misuse.

This commit clarifies no_user's purpose.  Anthony suggested to rename
it cannot_instantiate_with_device_add_yet_due_to_internal_bugs, which
I shorten somewhat to keep checkpatch happy.  While there, make it
bool.

Every use of cannot_instantiate_with_device_add_yet gets a FIXME
comment asking for rationale.  The next few commits will clean them
all up, either by providing a rationale, or by getting rid of the use.

With that done, the regression fix is hopefully acceptable.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-12-23 00:27:22 +01:00
Alex Williamson
3e40ba0faf vfio-pci: Release all MSI-X vectors when disabled
We were relying on msix_unset_vector_notifiers() to release all the
vectors when we disable MSI-X, but this only happens when MSI-X is
still enabled on the device.  Perform further cleanup by releasing
any remaining vectors listed as in-use after this call.  This caused
a leak of IRQ routes on hotplug depending on how the guest OS prepared
the device for removal.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Cc: qemu-stable@nongnu.org
2013-12-06 11:16:40 -07:00
Alex Williamson
b3ebc10c37 vfio-pci: Add debug config options to disable MSI/X KVM support
It's sometimes useful to be able to verify interrupts are passing
through correctly.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-12-06 11:16:29 -07:00
Alex Williamson
96eeeba0db vfio-pci: Fix Nvidia MSI ACK through 0x88000 quirk
When MSI is enabled on Nvidia GeForce cards the driver seems to
acknowledge the interrupt by writing a 0xff byte to the MSI capability
ID register using the PCI config space mirror at offset 0x88000 from
BAR0.  Without this, the device will only fire a single interrupt.
VFIO handles the PCI capability ID/next registers as virtual w/o write
support, so any write through config space is currently dropped.  Add
a check for this and allow the write through the BAR window.  The
registers are read-only anyway.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-12-06 11:16:23 -07:00
Alex Williamson
5b49ab188f vfio-pci: Make use of new KVM-VFIO device
Add and remove groups from the KVM virtual VFIO device as we make
use of them.  This allows KVM to optimize for performance and
correctness based on properties of the group.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-12-06 11:16:13 -07:00
Alex Williamson
8d07d6c465 vfio-pci: Fix multifunction=on
When an assigned device is initialized it copies the device config
space into the emulated config space.  Unfortunately multifunction is
setup prior to the device initfn and gets clobbered.  We need to
restore it just like pci-assign does.

Cc: qemu-stable@nongnu.org
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-11-21 17:39:04 +01:00
Paolo Bonzini
7839ff593b pc: get rid of builtin pvpanic for "-M pc-1.5"
This causes two slight backwards-incompatibilities between "-M pc-1.5"
and 1.5's "-M pc":

(1) a fw_cfg file is removed with this patch.  This is only a problem
if migration stops the virtual machine exactly during fw_cfg enumeration.

(2) after migration, a VM created without an explicit "-device pvpanic"
will stop reporting panics to management.

The first problem only occurs if migration is done at a very, very
early point (and I'm not sure it can happen in practice for reasonable-size
VMs, since it will likely take more time to send the RAM to destination,
than it will take for BIOS to scan fw_cfg).

The second problem only occurs if the guest panics _and_ has a guest
driver _and_ management knows to look at the crash event, so it is
mostly theoretical at this point in time.

Thus keep the code simple, and pretend it was never broken.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-11-21 17:38:54 +01:00
Andreas Färber
d1f2c96a81 pcmcia: QOM'ify PCMCIACardState and MicroDriveState
Turn PCMCIACardState into a device.
Move callbacks to new PCMCIACardClass.

Derive TYPE_MICRODRIVE from TYPE_PCMCIA_CARD.
Replace ide_init2_with_non_qdev_drives().

Signed-off-by: Othmar Pasteka <pasteka@kabsi.at>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05 18:06:52 +01:00
Andreas Färber
853ca11daf pxa: Fix typo "dettach"
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05 18:06:51 +01:00
Andreas Färber
53cb9a1c2f arm11mpcore: Split off SCU device
Inspired by a9scu.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05 17:47:30 +01:00
Andreas Färber
b4a37f17fe a9scu: Build only once
It does not have a target or ARMCPU dependency.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-11-05 17:47:30 +01:00
Andreas Färber
fc719d7741 a9mpcore: Embed A9SCUState
Prepares for QOM realize.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2013-11-05 17:47:29 +01:00
Andreas Färber
9eb39db520 a9scu: QOM cleanups
Rename A9SCUState::busdev field to parent_obj and turn realizefn into an
instance_init function to allow early MMIO mapping.

Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2013-11-05 17:47:29 +01:00
Anthony Liguori
b0eb759fb2 pci, pc, acpi fixes, enhancements
This includes some pretty big changes:
 - pci master abort support by Marcel
 - pci IRQ API rework by Marcel
 - acpi generation support by myself
 
 Everything has gone through several revisions, latest versions have been on
 list for a while without any more comments, tested by several
 people.
 
 Please pull for 1.7.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.15 (GNU/Linux)
 
 iQEcBAABAgAGBQJSXNO8AAoJECgfDbjSjVRp7VAH/0B73mCOiyVACGx7fazK3SGK
 X8TxZWVtG5A77ISqKyrtjLAhK9DCQjEzQTbMNhXHM3Ar6crwo7nJZnQvH2Gh1X2p
 34BOQSVc4rtXz5pwDIr48dBLrxeslwXub79chUs+IK1/4RSn3h3nuS3k6JVkmLJN
 rcHMj4ljJmi4Hd9vOpmS1jo/a61usi36hhU7CMgcrsXzStZycBBzCozOB3VW8p1X
 /iwyf91YjmNPkn9gA3/aViGjszu8jE91dkA0C+ljwvcGbs2yEl3LCWEJfsMvoh5P
 2M+k0XXbHwq/P9PFMa/2/lWOo4EO4Oxa+G/6QvovJrteYnktr+E9DqjU8pCT7yI=
 =CVfs
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mst/tags/for_anthony' into staging

pci, pc, acpi fixes, enhancements

This includes some pretty big changes:
- pci master abort support by Marcel
- pci IRQ API rework by Marcel
- acpi generation support by myself

Everything has gone through several revisions, latest versions have been on
list for a while without any more comments, tested by several
people.

Please pull for 1.7.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Tue 15 Oct 2013 07:33:48 AM CEST using RSA key ID D28D5469
# gpg: Can't check signature: public key not found

* mst/tags/for_anthony: (39 commits)
  ssdt-proc: update generated file
  ssdt: fix PBLK length
  i386: ACPI table generation code from seabios
  pc: use new api to add builtin tables
  acpi: add interface to access user-installed tables
  hpet: add API to find it
  pvpanic: add API to access io port
  ich9: APIs for pc guest info
  piix: APIs for pc guest info
  acpi/piix: add macros for acpi property names
  i386: define pc guest info
  loader: allow adding ROMs in done callbacks
  i386: add bios linker/loader
  loader: use file path size from fw_cfg.h
  acpi: ssdt pcihp: updat generated file
  acpi: pre-compiled ASL files
  acpi: add rules to compile ASL source
  i386: add ACPI table files from seabios
  q35: expose mmcfg size as a property
  q35: use macro for MCFG property name
  ...

Message-id: 1381818560-18367-1-git-send-email-mst@redhat.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-10-31 16:58:32 +01:00
Alex Bennée
b86160555f integrator: fix Linux boot failure by emulating dbg region
Commit 9b8c69243 (since reverted) broke the ability to boot the kernel
as the value returned by unassigned_mem_read returned non-zero and left
the kernel looping forever waiting for it to change (see
integrator_led_set in the kernel code).

Relying on a varying implementation detail is incorrect anyway so this
introduces a basic stub of a memory region for the debug/LED section
on the integrator board.

Signed-off-by: Alex Bennée <alex@bennee.com>
Message-id: 1382451366-9539-1-git-send-email-alex.bennee@linaro.org
[PMM: removed three unused fields from struct IntegratorDebugState]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-10-31 14:00:16 +01:00
Michael S. Tsirkin
309cd62d6b pvpanic: add API to access io port
Add API to find pvpanic device and get its io port.
Will be used to fill in guest info structure.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:52 +03:00
Marcel Apfelbaum
9e64f8a3fc hw: set interrupts using pci irq wrappers
pci_set_irq and the other pci irq wrappers use
PCI_INTERRUPT_PIN config register to compute device
INTx pin to assert/deassert.

An irq is allocated using pci_allocate_irq wrapper
only if is needed by non pci devices.

Removed irq related fields from state if not used anymore.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:11:45 +03:00
Marcel Apfelbaum
68919cace8 hw/vfio: set interrupts using pci irq wrappers
pci_set_irq and the other pci irq wrappers use
PCI_INTERRUPT_PIN config register to compute device
INTx pin to assert/deassert.

save INTX pin into the config register before calling
pci_set_irq

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:11:45 +03:00
Alex Williamson
b1c50c5f24 vfio-pci: Fix endian issues in vfio_pci_size_rom()
VFIO is always little endian so do byte swapping of our mask on the
way in and byte swapping of the size on the way out.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Reported-by: Alexey Kardashevskiy <aik@ozlabs.ru>
2013-10-04 12:50:51 -06:00
Alex Williamson
64fa25a0ef vfio-pci: Add dummy PCI ROM write accessor
Just to be sure we don't jump off any NULL pointer cliffs.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Reported-by: Paolo Bonzini <pbonzini@redhat.com>
2013-10-04 08:51:36 -06:00
Alexey Kardashevskiy
1d5bf692e5 vfio: Fix debug output for int128 values
Memory regions can easily be 2^64 byte long and therefore overflow
for just a bit but that is enough for int128_get64() to assert.

This takes care of debug printing of huge section sizes.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-10-03 09:10:09 -06:00
Alex Williamson
f16f39c3fc vfio-pci: Implement PCI hot reset
Now that VFIO has a PCI hot reset interface, take advantage of it.
There are two modes that we need to consider.  The first is when only
one device within the set of devices affected is actually assigned to
the guest.  In this case the other devices are are just held by VFIO
for isolation and we can pretend they're not there, doing an entire
bus reset whenever the device reset callback is triggered.  Supporting
this case separately allows us to do the best reset we can do of the
device even if the device is hotplugged.

The second mode is when multiple affected devices are all exposed to
the guest.  In this case we can only do a hot reset when the entire
system is being reset.  However, this also allows us to track which
individual devices are affected by a reset and only do them once.

We split our reset function into pre- and post-reset helper functions
prioritize the types of device resets available to us, and create
separate _one vs _multi reset interfaces to handle the distinct cases
above.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-10-02 13:51:00 -06:00
Alex Williamson
8fbf47c3a8 vfio-pci: Cleanup error_reports
Remove carriage returns and tweak formatting for error_reports.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-10-02 12:52:38 -06:00
Alex Williamson
6f864e6ec8 vfio-pci: Lazy PCI option ROM loading
During vfio-pci initfn, the device is not always in a state where the
option ROM can be read.  In the case of graphics cards, there's often
no per function reset, which means we have host driver state affecting
whether the option ROM is usable.  Ideally we want to move reading the
option ROM past any co-assigned device resets to the point where the
guest first tries to read the ROM itself.

To accomplish this, we switch the memory region for the option rom to
an I/O region rather than a memory mapped region.  This has the side
benefit that we don't waste KVM memory slots for a BAR where we don't
care about performance.  This also allows us to delay loading the ROM
from the device until the first read by the guest.  We then use the
PCI config space size of the ROM BAR when setting up the BAR through
QEMU PCI.

Another benefit of this approach is that previously when a user set
the ROM to a file using the romfile= option, we still probed VFIO for
the parameters of the ROM, which can result in dmesg errors about an
invalid ROM.  We now only probe VFIO to get the ROM contents if the
guest actually tries to read the ROM.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-10-02 12:52:38 -06:00
Alex Williamson
befe5176ef vfio-pci: Test device reset capabilities
Not all resets are created equal.  PM reset is not very reliable,
especially for GPUs, so we might want to opt for a bus reset if a
standard reset will only do a D3hot->D0 transition.  We can also
use this to tell if the standard reset will do a bus reset (if
neither has_pm_reset or has_flr is probed, but the device still
supports reset).

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-10-02 12:52:38 -06:00
Alex Williamson
c7679d450e vfio-pci: Add support for MSI affinity
When MSI is accelerated through KVM the vectors are only programmed
when the guest first enables MSI support.  Subsequent writes to the
vector address or data fields are ignored.  Unfortunately that means
we're ignore updates done to adjust SMP affinity of the vectors.
MSI SMP affinity already works in non-KVM mode because the address
and data fields are read from their backing store on each interrupt.

This patch stores the MSIMessage programmed into KVM so that we can
determine when changes are made and update the routes.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-10-02 12:52:38 -06:00
Andreas Färber
213f0c4f61 qom: Pass available size to object_initialize()
To be passed on to object_initialize_with_type().

Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com> (virtio-ccw)
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 21:15:44 +02:00
Andreas Färber
fb17dfe057 qdev: Pass size to qbus_create_inplace()
To be passed to object_initialize().

Since commit 39355c3826 the argument is
void*, so drop some superfluous (BusState *) casts or direct parent
field usages.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 21:15:35 +02:00
Anthony Liguori
b5d54bd421 Merge remote-tracking branch 'qemu-kvm/uq/master' into stable-1.5
* qemu-kvm/uq/master:
  kvm-stub: fix compilation
  kvm: shorten the parameter list for get_real_device()
  kvm: i386: fix LAPIC TSC deadline timer save/restore
  kvm-all.c: max_cpus should not exceed KVM vcpu limit
  kvm: Simplify kvm_handle_io
  kvm: x86: fix setting IA32_FEATURE_CONTROL with nested VMX disabled
  kvm: add KVM_IRQFD_FLAG_RESAMPLE support
  kvm: migrate vPMU state
  target-i386: remove tabs from target-i386/cpu.h
  Initialize IA32_FEATURE_CONTROL MSR in reset and migration

Conflicts:
	target-i386/cpu.h
	target-i386/kvm.c

aliguori: fixup trivial conflicts due to whitespace and added cpu
          argument

Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-08-29 17:21:51 -05:00
Alex Bligh
bc72ad6754 aio / timers: Switch entire codebase to the new timer API
This is an autogenerated patch using scripts/switch-timer-api.

Switch the entire code base to using the new timer API.

Note this patch may introduce some line length issues.

Signed-off-by: Alex Bligh <alex@alex.org.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-08-22 19:14:24 +02:00
Marcel Apfelbaum
a5d3f640a0 hw/misc: make pvpanic known to user
This patch is based on Hu Tao's:
http://lists.nongnu.org/archive/html/qemu-devel/2013-08/msg00125.html

The pvpanic device may be enabled now with "-device pvpanic"
from command line.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Hu Tao <hutao@cn.fujitsu.com>
Message-id: 1376233843-19410-3-git-send-email-marcel.a@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-08-12 11:20:57 -05:00
Vincenzo Maffione
ca916d3729 kvm: add KVM_IRQFD_FLAG_RESAMPLE support
Added an EventNotifier* parameter to
kvm-all.c:kvm_irqchip_add_irqfd_notifier(), in order to give KVM
another eventfd to be used as "resamplefd". See the documentation
in the linux kernel sources in Documentation/virtual/kvm/api.txt
(section 4.75) for more details.
When the added parameter is passed NULL, the behaviour of the
function is unchanged with respect to the previous versions.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-08-09 21:19:54 +02:00
Andreas Färber
a054e2c2dd zynq_slcr: QOM cast cleanup
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:59 +02:00
Andreas Färber
f1a0a79f4f slavio_misc: QOM cast cleanup for APCState
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:59 +02:00
Andreas Färber
95eb2084f9 slavio_misc: QOM cast cleanup for MiscState
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:59 +02:00
Andreas Färber
af89a44493 puv3_pm: QOM cast cleanup
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:59 +02:00
Andreas Färber
5c0e12f5a6 mst_fpga: QOM cast cleanup
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:59 +02:00
Andreas Färber
aee31f7b4b milkymist-pfpu: QOM cast cleanup
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:58 +02:00
Andreas Färber
829617a97c milkymist-hpdmc: QOM cast cleanup
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:58 +02:00
Andreas Färber
816d323be3 lm32_sys: QOM cast cleanup
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:58 +02:00
Andreas Färber
b6e1df2e91 exynos4210_pmu: QOM cast cleanup
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:58 +02:00
Andreas Färber
100bb15cb8 eccmemctl: QOM cast cleanup
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:58 +02:00
Andreas Färber
ba4ea5bd29 arm_sysctl: QOM cast cleanup
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:58 +02:00
Andreas Färber
0e8982e969 arm_l2x0: QOM cast cleanup
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:58 +02:00
Andreas Färber
ae1953d045 arm_l2x0: Rename l2x0_state to L2x0State
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:58 +02:00
Andreas Färber
bcb34c7a61 imx_ccm: QOM cast cleanup
Introduce type constant and use QOM casts.

Acked-by: Peter Chubb <peter.chubb@nicta.com.au>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-29 21:06:05 +02:00
Marcel Apfelbaum
125ee0ed9c devices: Associate devices to their logical category
The category will be used to sort the devices displayed in
the command line help.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Message-id: 1375107465-25767-4-git-send-email-marcel.a@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-07-29 10:37:09 -05:00
Paolo Bonzini
d2f5ea9704 pc-testdev: add I/O port to test memory.c auto split/combine
The ports at 0xe8..0xeb have impl.min/max_access_size == 1, so
that memory accesses are split and combined by the memory core.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1374501278-31549-29-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-07-25 08:12:28 -05:00
Paolo Bonzini
504054357b pc-testdev: remove useless cpu_to_le64/le64_to_cpu
So far the device was only used on little-endian machines.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1374501278-31549-18-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-07-25 08:12:27 -05:00
Paolo Bonzini
b7faba7163 pc-testdev: support 8 and 16-bit accesses to 0xe0
This will let us use the testdev to test endianness.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1374501278-31549-17-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-07-25 08:12:27 -05:00
Andreas Färber
b7578eaadd misc/ivshmem: QOM parent field cleanup
Replace direct uses of IVShmemState::dev with QOM casts and rename it to
parent_obj.

Acked-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-23 00:37:34 +02:00
Peter Crosthwaite
eb3fedf3d4 misc/ivshmem: QOM Upcast Sweep
Define and use standard QOM cast macro. Remove usages of DO_UPCAST()
and direct -> style upcasting.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
[AF: Simplified casts and converted two more DO_UPCAST()s]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-23 00:37:34 +02:00
Andreas Färber
6d27a4099e misc/pci-testdev: QOM parent field cleanup
Replace direct uses of PCITestDevState::dev with QOM casts and rename it
to parent_obj.

Acked-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-23 00:37:34 +02:00
Peter Crosthwaite
40108d0a6d misc/pci-testdev: QOM Upcast Sweep
Define and use standard QOM cast macro. Remove usages of DO_UPCAST()
and direct -> style upcasting.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
[AF: Replaced another DO_UPCAST()]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-23 00:37:33 +02:00
Anthony Liguori
90c66f587c Merge remote-tracking branch 'stefanha/tracing' into staging
# By Markus Armbruster
# Via Stefan Hajnoczi
* stefanha/tracing:
  trace-events: Fix up source file comments
  trace-events: Drop unused events
  milkymist-minimac2: Fix minimac2_read/_write tracepoints
  slavio_misc: Fix slavio_led_mem_readw/_writew tracepoints
  cleanup-trace-events.pl: New

Message-id: 1374119369-26496-1-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-07-22 10:13:15 -05:00
Markus Armbruster
f3a64b8c89 slavio_misc: Fix slavio_led_mem_readw/_writew tracepoints
Broken since they got added in commit 97bf485.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-07-18 11:44:42 +08:00
Vijay Mohan Pandarathil
7b4b0e9eda vfio: QEMU-AER: Qemu changes to support AER for VFIO-PCI devices
Add support for error containment when a VFIO device assigned to a KVM
guest encounters an error. This is for PCIe devices/drivers that support AER
functionality. When the host OS is notified of an error in a device either
through the firmware first approach or through an interrupt handled by the AER
root port driver, the error handler registered by the vfio-pci driver gets
invoked. The qemu process is signaled through an eventfd registered per
VFIO device by the qemu process. In the eventfd handler, qemu decides on
what action to take. In this implementation, guest is brought down to
contain the error.

The kernel patches for the above functionality has been already accepted.

This is a refresh of the QEMU patch which was reviewed earlier.
http://marc.info/?l=linux-kernel&m=136281557608087&w=2
This patch has the same contents and has been built after refreshing
to latest upstream and after the linux headers have been updated in qemu.

	- Create eventfd per vfio device assigned to a guest and register an
          event handler

	- This fd is passed to the vfio_pci driver through the SET_IRQ ioctl

	- When the device encounters an error, the eventfd is signalled
          and the qemu eventfd handler gets invoked.

	- In the handler decide what action to take. Current action taken
          is to stop the guest.

Signed-off-by: Vijay Mohan Pandarathil <vijaymohan.pandarathil@hp.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-07-15 15:49:49 -06:00
Alex Williamson
39360f0b91 vfio-pci: VGA quirk update
Turns out all the suspicions for AMD devices were correct, everywhere
we read a BAR address that the address matches the config space offset,
there's full access to PCI config space.  Attempt to generalize some
helpers to allow quirks to easily be added for mirrors and windows.
Also fill in complete config space for AMD.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-07-15 15:48:11 -06:00
Alexander Graf
a0f9fdfd98 PPC: Add timer handler for newworld mac-io
Mac OS X accesses fancy timer registers inside of the mac-io on bootup.

These really should be ticking at the mac-io bus frequency, but I don't
see anyone upset when we just make them as fast as we want to.

With this patch on top of my previous patch queue and latest OpenBIOS
I am able to boot Mac OS X 10.4 with -M mac99.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-07-11 18:51:25 +02:00
Alexander Graf
03ee3b1e58 PPC: dbdma: Move processing to io
Soon we will introduce intermediate processing pauses which will
allow the bottom half to restart a DMA request that couldn't be
fulfilled yet.

For that to work, move the processing variable into the io struct
which is what DMA providers work with.

While touching it, also change it into a bool

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-07-11 18:51:25 +02:00
Alexander Graf
d2f0ce2189 PPC: dbdma: Move static bh variable to device struct
The DBDMA controller has a bottom half to asynchronously process DMA
request queues.

This bh was stored as a gross static variable. Move it into the device
struct instead.

While at it, move all users of it to the new generic kick function.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-07-11 18:51:24 +02:00
Alexander Graf
d1e562deb2 PPC: dbdma: Introduce kick function
The DBDMA engine really is running all the time, waiting for input. However
we don't want to waste cycles constantly polling.

So introduce a kick function that data providers can call to notify the
DBDMA controller of new input.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-07-11 18:51:24 +02:00
Alexander Graf
f2f963fd07 PPC: dbdma: Move defines into header file
We usually keep struct and constant definitions in header files. Move
them there to stay consistent and to make access to fields easier.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-07-11 18:51:24 +02:00
Alexander Graf
7eaba824b6 PPC: dbdma: Allow new commands in RUN state
The DBDMA controller can not change its command stream while it's
actively streaming data, true. But the fact that it's in RUN state
doesn't actually indicate anything. It could just as well be in
WAIT while in RUN. And then it's legal to change commands.

This fixes a real world issue I've encountered with Mac OS X.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-07-11 18:51:24 +02:00
Alexander Graf
58c0c31183 PPC: dbdma: Fix debug print
There was a debug print that didn't compile for me because the format
and the arguments weren't in sync. Fix it up.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-07-11 18:51:24 +02:00
Alexander Graf
33ce36bb33 PPC: Mac: Add debug prints in macio and dbdma code
The macio code is basically undebuggable as it stands today, with no
debug prints anywhere whatsoever. DBDMA was better, but I needed a
few more to create reasonable logs that tell me where breakage is.

Add a DPRINTF macro in the macio source file and add a bunch of debug
prints that are all disabled by default of course.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-07-11 18:51:24 +02:00
Alexander Graf
9e23242878 PPC: dbdma: Replace tabs with spaces
s/^I/        /g on the file with a few manual tweaks to align things.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-07-11 18:51:24 +02:00
Alexander Graf
14eefd0ec3 PPC: g3beige: Move secondary IDE bus to mac-io
On a real G3 Beige the secondary IDE bus lives on the mac-io chip, not
on some random PCI device. Move it there to become more compatible.

While at it, also clean up the IDE channel connection logic.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-07-11 18:51:24 +02:00
Andreas Färber
4917cf4432 cpu: Replace cpu_single_env with CPUState current_cpu
Move it to qom/cpu.h.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-09 21:20:28 +02:00
Anthony Liguori
dc11549ec2 pci,misc enhancements
This includes some pci enhancements:
 
 Better support for systems with multiple PCI root buses
 FW cfg interface for more robust pci programming in BIOS
 Minor fixes/cleanups for fw cfg and cross-version migration -
     because of dependencies with other patches
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.13 (GNU/Linux)
 
 iQEcBAABAgAGBQJR2ctmAAoJECgfDbjSjVRpQpAH/Rk00yLrQ2R5ScNa8AL9LeaJ
 gVFndBmmuRz4gdhyATx6lzR98ic32iTr0+YR5mL51btgmM5a0bEd/SIu34nXriWj
 PsM0wdXfo/oEygdttxhvzJOH17tohRV9xg2WA2d8BEwDzrDyqoQ4J0VJlHlG7u3W
 nq4KVDVUpLNQFKG8ZgJ2vW0WMw/mBSj2rluhQUALhcuvChphtvAFZ2rsSfJr6bzD
 aBELrtIvfLvPGN/0WVeYs9qlp4EE03H3X6gN61QvV3/YElxubKUV5XyMDOX2dW3D
 2j0NQi84LYHn0SFap2r/Kgm47/F6Q56SFk5lrgZrg60mhQTwocw7PfL8CGxjXRI=
 =gxxc
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mst/tags/for_anthony' into staging

pci,misc enhancements

This includes some pci enhancements:

Better support for systems with multiple PCI root buses
FW cfg interface for more robust pci programming in BIOS
Minor fixes/cleanups for fw cfg and cross-version migration -
    because of dependencies with other patches

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Sun 07 Jul 2013 03:11:18 PM CDT using RSA key ID D28D5469
# gpg: Can't check signature: public key not found

# By David Gibson (10) and others
# Via Michael S. Tsirkin
* mst/tags/for_anthony:
  pci: Fold host_buses list into PCIHostState functionality
  pci: Remove domain from PCIHostBus
  pci: Simpler implementation of primary PCI bus
  pci: Add root bus parameter to pci_nic_init()
  pci: Add root bus argument to pci_get_bus_devfn()
  pci: Replace pci_find_domain() with more general pci_root_bus_path()
  pci: Use helper to find device's root bus in pci_find_domain()
  pci: Abolish pci_find_root_bus()
  pci: Move pci_read_devaddr to pci-hotplug-old.c
  pci: Cleanup configuration for pci-hotplug.c
  pvpanic: fix fwcfg for big endian hosts
  pvpanic: initialization cleanup
  MAINTAINERS: s/Marcelo/Paolo/
  e1000: cleanup process_tx_desc
  pc_piix: cleanup init compat handling
  pc: pass PCI hole ranges to Guests
  pci: store PCI hole ranges in guestinfo structure
  range: add Range structure

Message-id: 1373228271-31223-1-git-send-email-mst@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-07-08 08:00:23 -05:00
Paolo Bonzini
3c16154210 hw/m*: pass owner to memory_region_init* functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-07-04 17:42:48 +02:00
Paolo Bonzini
5cb022a1bf vfio: pass device to vfio_mmap_bar and use it to set owner
Cc: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-07-04 17:42:47 +02:00
Paolo Bonzini
dfde4e6e1a memory: add ref/unref calls
Add ref/unref calls at the following places:

- places where memory regions are stashed by a listener and
  used outside the BQL (including in Xen or KVM).

- memory_region_find callsites

- creation of aliases and containers (only the aliased/contained
  region gets a reference to avoid loops)

- around calls to del_subregion/add_subregion, where the region
  could disappear after the first call

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-07-04 17:42:45 +02:00
Paolo Bonzini
2c9b15cab1 memory: add owner argument to initialization functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-07-04 17:42:44 +02:00
Jan Kiszka
d67f679d99 vmport: Disentangle read handler type from portio
In case the latter may vanish one day, make sure the vmport read handler
type will remain unaffected. This is also conceptually cleaner.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-07-04 17:42:44 +02:00
Jan Kiszka
e3914e3ad8 applesmc: replace register_ioport*
Convert over to memory regions to obsolete register_ioport*.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-07-04 17:42:43 +02:00
Michael S. Tsirkin
fea7d5966a pvpanic: fix fwcfg for big endian hosts
Convert port number to little endian when
exposing it in fw cfg.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-07-04 10:42:51 +03:00
Michael S. Tsirkin
bc3e6a0d6c pvpanic: initialization cleanup
Avoid use of static variables: PC systems
initialize pvpanic device through pvpanic_init,
so we can simply create the fw_cfg file at that point.
This also makes it possible to skip device
creation completely if fw_cfg is not there, e.g. for xen -
so the ports it reserves are not discoverable by guests.

Also, make pvpanic_init void since callers ignore return
status anyway.

Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Paul Durrant <Paul.Durrant@citrix.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-07-04 10:42:51 +03:00
Alexander Graf
0d54a5024f mac-io: Add escc-legacy memory alias region
Mac OS X's debugging serial driver accesses the ESCC through a different
register layout, called "escc-legacy". This layout differs from the normal
escc register layout purely by the location of the respective registers.

This patch adds a memory alias region that takes normal escc registers and
maps them into the escc-legacy register space.

With this patch applied, a Mac OS X guest successfully emits debug output
on the serial port when run with debug parameters set, for example by running:

  $ qemu-system-ppc -prom-env -'boot-args=-v debug=0x8 io=0xff serial=0x3' \
                    -cdrom 10.4.iso -boot d

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-07-01 01:11:17 +02:00
Andreas Färber
cb446ecab7 kvm: Change cpu_synchronize_state() argument to CPUState
Change Monitor::mon_cpu to CPUState as well.

Reviewed-by: liguang <lig.fnst@cn.fujitsu.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-28 13:25:12 +02:00
Stefan Weil
f3c8fac25f i.MX31: Fix PRCS bit test
cppcheck detected a condition which was always false.

According to the MCIMX31 Reference Manual, the PRCS bits have to be 01
to select the Frequency Pre-Multiplier (FPM). PRCS uses bits 1 and 2,
so we have to test for 2.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Peter Chubb <peter.chubb@nicta.com.au>
Message-id: 1370810662-32320-1-git-send-email-sw@weilnetz.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-06-25 18:42:49 +01:00
Avi Kivity
06d985f5d8 vfio: abort if an emulated iommu is used
vfio doesn't support guest iommus yet, indicate it to the user
by gently depositing a core on their disk.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Avi Kivity <avi.kivity@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20 16:32:47 +02:00
Paolo Bonzini
052e87b073 memory: make section size a 128-bit integer
So far, the size of all regions passed to listeners could fit in 64 bits,
because artificial regions (containers and aliases) are eliminated by
the memory core, leaving only device regions which have reasonable sizes

An IOMMU however cannot be eliminated by the memory core, and may have
an artificial size, hence we may need 65 bits to represent its size.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-20 16:32:47 +02:00
Blue Swirl
371a775dc1 Merge branch 'realize-isa.v2' of git://github.com/afaerber/qemu-cpu
* 'realize-isa.v2' of git://github.com/afaerber/qemu-cpu:
  qdev: Drop FROM_QBUS() macro
  isa: QOM'ify ISADevice
  isa: QOM'ify ISABus
  i8259: Convert PICCommonState to use QOM realizefn
  kvm/i8259: QOM'ify some more
  i8259: QOM'ify some more
  i8254: Convert PITCommonState to QOM realizefn
  kvm/i8254: QOM'ify some more
  i8254: QOM'ify some more
  isa: Use realizefn for ISADevice
  cs4231a: QOM'ify some more
  gus: QOM'ify some more
2013-06-15 10:53:44 +00:00
Stefan Hajnoczi
baefb8bf8e ivshmem: add missing error exit(2)
If the user fails to specify 'chardev' or 'shm' then we cannot continue.
Exit right away so that we don't invoke shm_open(3) with a NULL pointer.

It would be nice to replace exit(1) with error returns in the PCI device
.init() function, but leave that for another patch since exit(1) is
currently used elsewhere.

Spotted by Coverity.

Cc: Cam Macdonell <cam@cs.ualberta.ca>
Cc: qemu-stable@nongnu.org
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-06-12 13:17:53 +04:00
Andreas Färber
db895a1e6a isa: Use realizefn for ISADevice
Drop ISADeviceClass::init and the resulting no-op initfn and let
children implement their own realizefn. Adapt error handling.
Split off an instance_init where sensible.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-06-07 12:14:45 +02:00
Michael S. Tsirkin
c3c4fe35be pvpanic: use FWCfgState explicitly
Use the type-safe FWCfgState structure instead
of the unsafe void *.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-06-02 18:14:15 +03:00
Michael S. Tsirkin
600c60b76d fw_cfg: add API to find FW cfg object
Remove some code duplication by adding a
function to look up the fw cfg file.
This way, we don't need to duplicate same strings everywhere.
Use by both fw cfg and pvpanic device.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-06-02 18:14:14 +03:00
Michael Tokarev
997aba8e25 remove some double-includes
Some source files #include the same header more than
once for no good reason.  Remove second #includes in
such cases.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-05-18 16:35:12 +04:00
Hu Tao
3ab135f346 pvpanic: create pvpanic by default for machine 1.5
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Hu Tao <hutao@cn.fujitsu.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: f840042f0e1205041f8feaf0d39ca639884f3a00.1366945969.git.hutao@cn.fujitsu.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-30 10:30:01 -05:00
Hu Tao
10a584b287 pvpanic: pass configurable ioport to seabios
This lets seabios patch the corresponding SSDT entry.

Also add fw_cfg object to /machine/fw_cfg so we can reference
it elsewhere.

Signed-off-by: Hu Tao <hutao@cn.fujitsu.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 60c65d95fe2b23b12bea67099126566010a11a1a.1366945969.git.hutao@cn.fujitsu.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-30 10:30:01 -05:00
Hu Tao
eec3d2adc9 introduce a new qom device to deal with panicked event
pvpanic device is used to send guest panic event from guest to qemu.

When guest panic happens, pvpanic device driver will write a event
number to IO port 0x505(which is the IO port occupied by pvpanic device,
by default). On receiving the event, pvpanic device will pause guest
cpu(s), and send a qmp event QEVENT_GUEST_PANICKED.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Hu Tao <hutao@cn.fujitsu.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: b66077a40235b3531632a05a6ff373850afc7d2e.1366945969.git.hutao@cn.fujitsu.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-30 10:30:01 -05:00
Andreas Färber
f02317ad4e vmport: QOM'ify
Introduce type constant and cast macro to obsolete DO_UPCAST().
Prepares for ISA realizefn.

Drop reserved underscore from struct name while at it.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Message-id: 1367093935-29091-20-git-send-email-afaerber@suse.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-29 08:27:50 -05:00
Andreas Färber
b582b5a398 sga: QOM'ify
Introduce type constant and cast macro.

Prepares for ISA realizefn.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Message-id: 1367093935-29091-17-git-send-email-afaerber@suse.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-29 08:27:49 -05:00
Andreas Färber
82407b6c34 applesmc: QOM'ify
Add a typedef for the state struct and rename from Status to State.
Add type constant and cast macro to obsolete DO_UPCAST().

Prepares for ISA realizefn.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Message-id: 1367093935-29091-2-git-send-email-afaerber@suse.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-29 08:27:46 -05:00
Anthony Liguori
f691df5283 Merge remote-tracking branch 'stefanha/trivial-patches' into staging
# By Stefan Weil (3) and others
# Via Stefan Hajnoczi
* stefanha/trivial-patches:
  m25p80: Remove bogus include of devices.h
  ssh: Remove unnecessary use of strlen function.
  block/ssh: Add missing gcc format attributes
  linux-user: change do_semop to return target errno when unsuccessful
  w64: Fix compiler warnings (wrong format specifier)
  Remove unneeded type casts
  virtio.h: drop unused function prototypes
  bswap: fix compiler warning

Message-id: 1366371241-23430-1-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-19 08:38:16 -05:00
Anthony Liguori
5dff24beba pci: add pci test device
This adds a new device that we can use for testing PCI PIO and MMIO, with and
 without ioeventfd in different configurations.  FAST_MMIO will be added if/when
 kvm supports it.  Also included are minor cleanups in kvm APIs that it needs.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.13 (GNU/Linux)
 
 iQEcBAABAgAGBQJRbIJQAAoJECgfDbjSjVRpQuoH/RfMHb6YYfsuwJKUsjCKxhdr
 695YqNsBLmh7E/+wr1dwUsKrMGSF97VSGAIPeX0u4wwP6jrORhA9iycCevXYlh/S
 O7RTcePqVEQrwnMX5rOAEWGARVzg4hAT8i4Pdza1A+gBvaO/WLZIVJfUOHBAZNL7
 2TTDymfixipErcTcxckITHfaShn9ajZgt/Yo8oVX70VqklWU+OEU/tYEXmvTC0H3
 bTuTU3vpeAlCubF0AHHZqWA9g7myrKMCxwv4LWx7gmQGXoyQesy4s5C9KMrld1On
 RovLw0REbtjB2xGjAj3g82ESK5eoi295Th/E7Fu1NJNYyDyfhxB7/cnbRa+Wpsg=
 =jvZE
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mst/tags/for_anthony' into staging

pci: add pci test device

This adds a new device that we can use for testing PCI PIO and MMIO, with and
without ioeventfd in different configurations.  FAST_MMIO will be added if/when
kvm supports it.  Also included are minor cleanups in kvm APIs that it needs.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Mon 15 Apr 2013 05:42:24 PM CDT using RSA key ID D28D5469
# gpg: Can't check signature: public key not found

# By Michael S. Tsirkin
# Via Michael S. Tsirkin
* mst/tags/for_anthony:
  pci: add pci test device
  kvm: support non datamatch ioeventfd
  kvm: support any size for pio eventfd
  kvm: remove unused APIs

Message-id: cover.1366272004.git.mst@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-19 08:38:05 -05:00
Stefan Weil
e1fe50dcb3 Remove unneeded type casts
cpu_physical_memory_read, cpu_physical_memory_write take any pointer
as 2nd argument without needing a type cast.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-04-19 11:36:33 +02:00
Michael S. Tsirkin
22773d6066 pci: add pci test device
This device is used for kvm unit tests,
currently it supports testing performance of ioeventfd.
Using updated kvm unittest, here's an example output:
        mmio-no-eventfd:pci-mem 8796
        mmio-wildcard-eventfd:pci-mem 3609
        mmio-datamatch-eventfd:pci-mem 3685
        portio-no-eventfd:pci-io 5287
        portio-wildcard-eventfd:pci-io 1762
        portio-datamatch-eventfd:pci-io 1777

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-04-16 01:41:53 +03:00
Paolo Bonzini
dccfcd0e5f sysemu: avoid proliferation of include/ subdirectories
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-15 18:19:25 +02:00
Peter Maydell
bd2be15003 arm: fix location of some include files
The recent rearrangement of include files had some minor errors:
 devices.h is not ARM specific and should not be in arm/
 arm.h should be in arm/

Move these two headers to correct this.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-15 15:16:01 +02:00
Paolo Bonzini
47b43a1f41 hw: move private headers to hw/ subdirectories.
Many headers are used only in a single directory.  These can be
kept in hw/.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-08 18:13:16 +02:00
Paolo Bonzini
e28bee8ee6 hw: move other devices to hw/misc/, configure with default-configs/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-08 18:13:16 +02:00
Paolo Bonzini
ba25df88cc hw: move VFIO and ivshmem to hw/misc/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-08 18:13:14 +02:00
Paolo Bonzini
49ab747f66 hw: move target-independent files to subdirectories
This patch tackles all files that are compiled once, moving
them to subdirectories of hw/.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-08 18:13:12 +02:00
Paolo Bonzini
1fd6bb44ed hw: make subdirectories for devices
Prepare the new directory structure.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-08 18:13:11 +02:00