Commit Graph

36231 Commits

Author SHA1 Message Date
Kevin Wolf
ea3beed41d Merge remote-tracking branch 'mreitz/block' into queue-block
* mreitz/block:
  block/vdi: Limit maximum size even futher
2014-11-10 10:41:34 +01:00
Max Reitz
d20418ee51 block/vdi: Limit maximum size even futher
The block layer read and write functions do not like requests which are
bigger than INT_MAX bytes. Since the VDI bmap is read and written in a
single operation, its size is therefore limited accordingly. This
reduces the maximum VDI image size supported by QEMU to half of what it
currently is (down to approximately 512 TB).

The VDI test 084 has to be adapted accordingly. Actually, one could
clearly see that it was broken from the "Could not open
'TEST_DIR/t.IMGFMT': Invalid argument" line for an image which was
supposed to work just fine.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Peter Lieven <pl@kamp.de>
2014-11-09 23:39:50 +01:00
Max Reitz
d21de4d97f qapi: Complete BlkdebugEvent
Several events were missing from the QAPI enum, add them.

Reported-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-11-07 17:38:18 +01:00
Paolo Bonzini
55783a5521 virtio-scsi: work around bug in old BIOSes
Old BIOSes left some padding by mistake after the req_size/resp_size.
New QEMU does not like it, thinking it is a bidirectional command.

As a workaround, we can check if the ANY_LAYOUT bit is set; if not, we
always consider the first buffer as the virtio-scsi request/response,
because, back when QEMU did not support ANY_LAYOUT, it expected the
payload to start at the second element of the iovec.

This can show up during migration.

Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-11-07 16:09:57 +01:00
Yongbok Kim
cb269f273f target-mips: fix multiple TCG registers covering same data
Avoid to allocate different TCG registers for the FPU registers
that are mapped on the MSA vectore registers.

Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2014-11-07 14:15:28 +00:00
Maciej W. Rozycki
342368aff7 mips: Ensure PC update with MTC0 single-stepping
Correct the way PC is updated when single-stepping instructions, by
keeping the old PC only for the BS_EXCP (exception condition) state.

Some MTC0 (and possibly other) instructions switch to the BS_STOP state
to terminate the current translation block, so that the state transition
of the simulated CPU resulting from the CP0 operation takes effect with
the following instruction.  This happens with `mtc0 <reg>,c0_config' for
example, typically used to set KSEG0 cacheability.

While single-stepping this has a side-effect of not advancing the PC
past the instruction just executed; subsequent single-step traps will
stop at the same instruction repeatedly.  Example:

(gdb) stepi
0x80004d24 in _start ()
5: x/i $pc
=> 0x80004d24 <_start+364>:     mfc0    t1,c0_config
(gdb)
0x80004d28 in _start ()
5: x/i $pc
=> 0x80004d28 <_start+368>:     li      at,-8
(gdb)
0x80004d2c in _start ()
5: x/i $pc
=> 0x80004d2c <_start+372>:     and     t1,t1,at
(gdb)
0x80004d30 in _start ()
5: x/i $pc
=> 0x80004d30 <_start+376>:     ori     t1,t1,0x3
(gdb)
0x80004d34 in _start ()
5: x/i $pc
=> 0x80004d34 <_start+380>:     mtc0    t1,c0_config
(gdb)
0x80004d34 in _start ()
5: x/i $pc
=> 0x80004d34 <_start+380>:     mtc0    t1,c0_config
(gdb)
0x80004d34 in _start ()
5: x/i $pc
=> 0x80004d34 <_start+380>:     mtc0    t1,c0_config
(gdb)
0x80004d34 in _start ()
5: x/i $pc
=> 0x80004d34 <_start+380>:     mtc0    t1,c0_config
(gdb)

-- oops!

Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2014-11-07 14:15:28 +00:00
Leon Alrae
854795753c target-mips: fix for missing delay slot in BC1EQZ and BC1NEZ
New R6 COP1 conditional branches currently don't have delay slot. Fixing this
by setting MIPS_HFLAG_BDS32 flag which is required for branches having 4-byte
delay slot.

Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
2014-11-07 14:15:28 +00:00
Maciej W. Rozycki
e30614d517 mips: Set the CP0.Config3.DSP and CP0.Config3.DSP2P bits
Set the CP0.Config3.DSP2P bit for the 74kf processor and both that bit
and the CP0.Config3.DSP bit for the artificial mips32r5-generic and
mips64dspr2 processors.  They have the DSPr2 ASE enabled in `insn_flags'
and CPUs that implement that ASE need to have both CP0.Config3.DSP and
CP0.Config3.DSP2P set or software won't detect its presence.

Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
[leon.alrae@imgtec.com: remove DSP flags from mips32r5-generic]
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2014-11-07 14:15:28 +00:00
Maciej W. Rozycki
70409e6726 mips: Add macros for CP0.Config3 and CP0.Config4 bits
Define macros for CP0.Config3 and CP0.Config4 bits.  These used to be
exhaustive as at MIPS32r3, but more bits may have been added since.

Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2014-11-07 14:15:28 +00:00
Hannes Reinecke
c3543fb5fe esp-pci: fixup deadlock with linux
A linux guest will be issuing messages:

[   32.124042] DC390: Deadlock in DataIn_0: DMA aborted unfinished: 000000 bytes remain!!
[   32.126348] DC390: DataIn_0: DMA State: 0

and the HBA will fail to work properly.
Reason is the emulation is not setting the 'DMA transfer done'
status correctly.

Signed-off-by: Hannes Reinecke <hare@suse.de>
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-11-07 13:31:19 +01:00
Maciej W. Rozycki
272f458dc8 mips: Respect CP0.Status.CU1 for microMIPS FP branches
Make microMIPS FP branches respect CP0.Status.CU1 and trap with a
Coprocessor Unusable exception if COP1 has been disabled; also trap if
no FPU is present at all.

Standard MIPS FP instruction encodings have a more regular structure and
branches are covered with a single umbrella along other instructions.
This is not the case with the microMIPS encoding, this case has to be
taken care of explicitly here.  Code to do so has been copied from the
standard MIPS code handler for OPC_CP1, in `decode_opc'.

Problems arising from this bug will generally only show up on user
context switches in operating systems making use of lazy FP context
switches, such as Linux.  It will also more readily trigger if software
FPU emulation is used, either implicitly on a non-float CPU, or forced
on a hard-float CPU such as with the "nofpu" Linux kernel command line
argument.

The problem may have been easily missed because we have no hard-float
microMIPS CPU configuration present; in fact we have no microMIPS CPU
configuration of any kind present.

Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2014-11-07 11:16:16 +00:00
Maciej W. Rozycki
dff4021730 mips: Remove CONFIG_VT82C686 from non-Fulong configs
Fix the regression introduced with commit
47934d0aad [hw: move ISA bridges and
devices to hw/isa/, configure with default-configs/], by removing
CONFIG_VT82C686 from configurations that previously did not enable it.
That southbridge is only available on Fulong platforms (CONFIG_FULONG)
that are exclusively little-endian, 64-bit MIPS.  Previously vt82c686.o
was pulled explicitly with obj-$(CONFIG_FULONG).

Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2014-11-07 11:15:49 +00:00
Marc-André Lureau
7eb7311427 virtio-serial: avoid crash when port has no name
It seems "name" is not mandatory, and the following command line (based
on one generated by current libvirt) will crash qemu at start:

qemu-system-x86_64 \
    -device virtio-serial-pci \
    -device virtserialport,name=foo \
    -device virtconsole

Program received signal SIGSEGV, Segmentation fault.
__strcmp_ssse3 () at ../sysdeps/x86_64/strcmp.S:210
210        movlpd    (%rsi), %xmm2
Missing separate debuginfos, use: debuginfo-install
python-libs-2.7.5-13.fc20.x86_64
(gdb) bt
 #0  __strcmp_ssse3 () at ../sysdeps/x86_64/strcmp.S:210
 #1  0x000055555566bdc6 in find_port_by_name (name=0x0) at /home/elmarco/src/qemu/hw/char/virtio-serial-bus.c:67

Signed-off-by: Marc-André Lureau <marcandre.lureau@gmail.com>
Reviewed-by: Amos Kong <akong@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
2014-11-07 10:27:11 +05:30
Max Reitz
c4d01535dc iotests: Add test for non-existing backing file
Test the error message when a COW file is about to be created which is
supposed to inherit the size of its backing file, while the backing file
given does not actually exist.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-11-06 12:45:47 +01:00
Max Reitz
e56934bece block: Propagate error in bdrv_img_create()
If the specified backing file could not be opened, do not generate a new
error message which contains the message which has been generated by
bdrv_open(), but just propagate the latter.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-11-06 12:45:47 +01:00
Max Reitz
cc4d3ee435 qemu-img: Omit error_report() after img_open()
img_open() already prints an error if the operation failed, so there
should not be another error_report() afterwards.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-11-06 12:45:47 +01:00
Heinz Graalfs
bb3e9e1fd7 s390x/sclpconsole: Avoid hanging SCLP ASCII console
Force recalculation of file descriptor sets for main loop's poll(),
in order to be able to readd a possibly removed input file descriptor
after can_read() returned 0 (zero).

Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2014-11-05 16:35:56 +01:00
Heinz Graalfs
87f2eff016 s390x/sclpconsole-lm: Fix hanging SCLP line mode console
Trigger recalculating sets of file descriptors for the main loop's poll()
in order to make sure a possibly removed FD 0 from the poll() file
descriptor array is re-added. FD 0 is removed from the decriptor array
when the console's can_read() callback returns 0.

Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2014-11-05 16:35:56 +01:00
Heinz Graalfs
b3191432cf s390x/sclpconsole-lm: truncate input if line is too long
As the SCLP line mode console input length is limited by the available
SCCB buffer space, it might lock up if the input does not fit into the
buffer.

With this patch, characters that don't fit are 'eaten' up to the next
CR/LF and the input line is sent truncated to the guest.

Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2014-11-05 16:35:55 +01:00
Thomas Huth
f0d4dc18ce s390x/kvm: Fix warning from sparse
When running "sparse" with the s390x kvm.c code, it complains that
"constant 0x00400f1d40330000 is so big it is long" - let's fix this
by appending a proper suffix.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2014-11-05 16:35:55 +01:00
Frank Blaschka
80765f0734 s390x/kvm: Fix opcode decoding for eb instruction handler
The second byte of the opcode is encoded in the lowest byte of the ipb
field, not the lowest byte of the ipa field.

Signed-off-by: Frank Blaschka <blaschka@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Thomas Huth <thuth@linux.vnet.ibm.com>
2014-11-05 16:35:55 +01:00
Peter Maydell
6e76d125f2 Update version for v2.2.0-rc0 release
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-11-05 15:21:04 +00:00
Peter Maydell
3752ac8932 Patch queue for s390 - 2014-11-05
Two simple bug fixes to enable slightly newer guest kernels
 and preliminary -M s390-ccw support for TCG (virtio doesn't work yet!)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.9 (GNU/Linux)
 
 iQIcBAABAgAGBQJUWgOjAAoJECszeR4D/txgf9IQAI7L/qzhCWLJyY5SIMeI/W+M
 pNBYiPCIDmVhe+/E/cfUaU9guXo8K6kvGEMJ8xmMRdOvw6YzkPfGxAXu1wV0ljFg
 ZK+zeLtQjsSZ/MQiRFy0H2u6Vcepq4IxuaVjV0czvWGXfT+WesU831mUY45sOPY/
 9/C4oPpTKJwAdS5hYjCjlC/lnf5oH9qV+skEGvsNuRWzNYKPj06vVG6tvqVabu3I
 lk62VnujxXjTQiHcx7ME3S6ZM3IT4wipQvl8FZU5kLk/09ipwxeVECBysHrXLIpy
 1UgdJccu4DlSVaE1dtKJ2LfBbkjZWzuewKFFndG4fvmuUHJClOfmnF6y8ULy5n41
 MxK9pWRJmaz8Dith6y2Be+TERoP8W+Ws12jayafY+SnFYlCtW4sfJjKKKvwMe1ob
 h5Pz0DNMvoL7JTuJCejGMnpBF9TAP7EfooD5/gJChdT+R3a9S7RZDShQU+teS0W9
 7QmEJXPMSGE8HYtsyiv3qqkVQjzJL7Fzq1ZjSz4WBmdjZuGmEclrftAlWHYbGIZF
 vQ7cardFYCZVnjNki8xBmQVcWA1hKFHNtL1wPebiEXo80BQPiIOV+sT0uN04t3UR
 zB+SxLIkiwLwOTFtqKylONHYf5ZUGpO/rt/TDpeF8AvoXroOt20rRdgV5bdElMtH
 0mZ6r6WVTg7SFHKLfvWd
 =lHQg
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/agraf/tags/signed-s390-for-upstream' into staging

Patch queue for s390 - 2014-11-05

Two simple bug fixes to enable slightly newer guest kernels
and preliminary -M s390-ccw support for TCG (virtio doesn't work yet!)

# gpg: Signature made Wed 05 Nov 2014 11:01:55 GMT using RSA key ID 03FEDC60
# gpg: Good signature from "Alexander Graf <agraf@suse.de>"
# gpg:                 aka "Alexander Graf <alex@csgraf.de>"

* remotes/agraf/tags/signed-s390-for-upstream:
  s390x: Implement SAM{24,31,64}
  s390x: Fix sclp console input

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-11-05 14:14:47 +00:00
Gonglei
30de46db50 vhost-user-test: Fix 'make check' broken on glib < 2.26
After commit 89b516d8, some logics is turbid and
breaks 'make check' as below errors:
tests/vhost-user-test.c: In function '_cond_wait_until':
tests/vhost-user-test.c:154: error: 'G_TIME_SPAN_SECOND' undeclared (first use in this function)
tests/vhost-user-test.c:154: error: (Each undeclared identifier is reported only once
tests/vhost-user-test.c:154: error: for each function it appears in.)
tests/vhost-user-test.c: In function 'read_guest_mem':
tests/vhost-user-test.c:192: warning: implicit declaration of function 'g_get_monotonic_time'
tests/vhost-user-test.c:192: warning: nested extern declaration of 'g_get_monotonic_time'
tests/vhost-user-test.c:192: error: 'G_TIME_SPAN_SECOND' undeclared (first use in this function)
make: *** [tests/vhost-user-test.o] Error 1

First, vhost-usr-test.c rely on glib-compat.h because
of using G_TIME_SPAN_SECOND [glib < 2.26] and g_get_monotonic_time(),
but vhost-usr-test.c defined QEMU_GLIB_COMPAT_H, which make
glib-compat.h will not be included.
Second, if we remove QEMU_GLIB_COMPAT_H definability in
vhost-usr-test.c, then we will get below warnings:

tests/vhost-user-test.c: In function 'read_guest_mem':
tests/vhost-user-test.c:190: warning: passing argument 1 of 'g_mutex_lock' from incompatible pointer type
tests/vhost-user-test.c:234: warning: passing argument 1 of 'g_mutex_unlock' from incompatible pointer type

That's because glib-compat.h redefine the g_mutex_lock/unlock
function. Those functions' arguments is CompatGMutex/CompatGCond,
but vhost-user-test.c is using GMutex/GCond, which cause the type
is not consistent.

We can rerealize those functions of vhost-user-test.c,
which need a lots of patches. Let's simply address it, and
leave this file alone.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Message-id: 1415149259-6188-1-git-send-email-arei.gonglei@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-11-05 12:53:08 +00:00
Alexander Graf
44dd33ba8f s390x: Implement SAM{24,31,64}
The SAM instructions simply change 2 bits in PSW.MASK to advertise
the current memory mode. While we can't fully guarantee that 31 bit
mode (or even remotely 24 bit mode) actually work correctly, we don't
check whether lpswe modifies these bits, so we shouldn't keep the
guest from executing SAM instructions either.

This patch implements all SAM instrutions with their actual PSW changing
semantics, making more recent Linux kernels boot properly which do issue
a SAM31 call during early boot.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
2014-11-05 12:01:28 +01:00
Alexander Graf
d4827355f6 s390x: Fix sclp console input
When injecting an sclp console interrupt into the guest, we increase
the PC by 4 for some reason. I have no idea why I put that code there,
but it's clearly wrong. Remove the increment.

This patch fixes sclp serial input for the ccw machine.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
2014-11-05 12:01:28 +01:00
Gonglei
63c693f8d0 qemu-doc.texi: fix typos in x509 examples
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-11-05 09:53:18 +03:00
Peter Maydell
c8d943303d Patch queue for ppc - 2014-11-04
Fun things for 2.2:
 
   - e500 virt machine: power off support (needs 3.19 guests)
   - e500 virt machine: -device eTSEC support
   - new framework to allow dynamic spawning of sysbus devices
   - spapr: enable migration of nvram
   - new 440x5wDFPU cpu type
   - Altivec and other random fixes
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iQIcBAABAgAGBQJUWVKfAAoJECszeR4D/txguC8QAIjVzZztg83ubBC8Wtb2BwIO
 pnyiFBtWCGpziOvUILFNQyX1DuxNMUciyzM3RheN6HyW6Z8ON1dVxqGvt2efkoEW
 2JEwTDM9jWpbvinWX/oomGSqnazj3p6T+Yd1+6vpUnq7aax0tDvgPxQZZp5xVDBk
 dHT+X/EbIg1zERK+pKng+f3i9FQSpQR3pnQMCBg3namJaNll+EVwT5r0IdqKfRb2
 OTXgdCUMkT3B1SmWAJDJZeZKpoj+o1e3Y4e3LAY9cha4ixlpMb2RCNd36O9wENf/
 uZX8UeDdb56JpQy4Eyqk/eaYRpmyaA5XVQJRRrpF+iIWGMi290YQWQvfVKLyEAXl
 z7dstSQiJ38ZwAVEGASD4X/THvEr9XE03EKzxFLEH0sD7DN4YjMQuPm/BrHTywhB
 HKPlUu1nvHIbPA+yUePD6pUN2gBGMpYRSJpJkhUQwU9erdlyTx/Jhgg6+KUgl74D
 1ub+Xd+/RLwAccvHISq5Sm5fbVi9Ti+SEAmHoYFV44YxspGlABq4FovXfXmpgvpj
 lC9nO49ZiPGWRD6J3JphQoH0YCoCW/ld7uQjkN4rhRxBNLAIeTGgPq6ikarC3JJl
 Yg4gPkGqtOr4nJ0XNSdsY5iEPjCoG3p8bYiIrrNMBlTOniDwr9vIo9H3s0nA1QN8
 JtFbYPqsSOI2ukazdlzq
 =X+W0
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/agraf/tags/signed-ppc-for-upstream' into staging

Patch queue for ppc - 2014-11-04

Fun things for 2.2:

  - e500 virt machine: power off support (needs 3.19 guests)
  - e500 virt machine: -device eTSEC support
  - new framework to allow dynamic spawning of sysbus devices
  - spapr: enable migration of nvram
  - new 440x5wDFPU cpu type
  - Altivec and other random fixes

# gpg: Signature made Tue 04 Nov 2014 22:26:39 GMT using RSA key ID 03FEDC60
# gpg: Good signature from "Alexander Graf <agraf@suse.de>"
# gpg:                 aka "Alexander Graf <alex@csgraf.de>"

* remotes/agraf/tags/signed-ppc-for-upstream: (34 commits)
  spapr: Allow dynamic creation of PHB
  target-ppc: Fix Altivec Round Opcodes
  target-ppc: Fix vcmpbfp. Unordered Case
  target-ppc: Fix Altivec Shifts
  target-ppc: simplify AES emulation
  e500: Add support for eTSEC in device tree
  PPC: e500: Support dynamically spawned sysbus devices
  sysbus: Add new platform bus helper device
  sysbus: Expose MMIO enumeration helper
  sysbus: Expose IRQ enumeration helpers
  sysbus: Make devices spawnable via -device
  sysbus: Add dynamic sysbus device search
  hw/ppc/spapr_pci.c: Avoid functions not in glib 2.12 (g_hash_table_iter_*)
  ppc: do not look at the MMU index to detect PR/HV mode
  target-ppc: kvm: Fix memory overflow issue about strncat()
  spapr_nvram: Enable migration
  PPC: E500: Hook up power off GPIO to GPIO controller
  PPC: E500: Instantiate MPC8XXX gpio controller on virt machine
  PPC: Add MPC8XXX gpio controller
  target-ppc: Fix an invalid free in opcode table handling code.
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-11-04 22:27:23 +00:00
Alexander Graf
9e3f973335 spapr: Allow dynamic creation of PHB
Now that we finally check for presence of dangling sysbus devices, make check
started complaining that the sPAPR PHB is one such device.

However, it really isn't. The spapr PHB is not really a traditional sysbus
device, but much more a special spapr pv device which is already able to get
created dynamically.

Move spapr to its own dynamic sysbus check handling and allow PHB devices to
get allocated dynamically.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:15 +01:00
Tom Musta
abe60a439b target-ppc: Fix Altivec Round Opcodes
Correct the opcodes for the vrfim, vrfin and vrfiz instructions.

Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:15 +01:00
Tom Musta
4007b8de6e target-ppc: Fix vcmpbfp. Unordered Case
Fix the implementation of Vector Compare Bounds Single Precision.
Specifically, fix the case where the operands are unordered -- since
the result is non-zero, the CR[6] field should be set to zero.

Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:15 +01:00
Tom Musta
24e669ba53 target-ppc: Fix Altivec Shifts
Fix the implementation of the Altivec shift left and shift right
instructions (vsl, vsr) which erroneously inverts shift direction
on big endian hosts.

Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:15 +01:00
Aurelien Jarno
36cbde7c30 target-ppc: simplify AES emulation
This patch simplifies the AES code, by directly accessing the newly added
S-Box, InvS-Box tables instead of recreating them by using the AES_Te and
AES_Td tables.

Cc: Alexander Graf <agraf@suse.de>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:15 +01:00
Alexander Graf
fdfb7f2cdb e500: Add support for eTSEC in device tree
This patch adds support to expose eTSEC devices in the dynamically created
guest facing device tree. This allows us to expose eTSEC devices into guests
without changes in the machine file.

Because we can now tell the guest about eTSEC devices this patch allows the
user to specify eTSEC devices via -device at all.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:15 +01:00
Alexander Graf
f70873438d PPC: e500: Support dynamically spawned sysbus devices
For e500 our approach to supporting dynamically spawned sysbus devices is to
create a simple bus from the guest's point of view within which we map those
devices dynamically.

We allocate memory regions always within the "platform" hole in address
space and map IRQs to predetermined IRQ lines that are reserved for platform
device usage.

This maps really nicely into device tree logic, so we can just tell the
guest about our virtual simple bus in device tree as well.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:14 +01:00
Alexander Graf
7634fe3c27 sysbus: Add new platform bus helper device
We need to support spawning of sysbus devices dynamically via the command line.
The easiest way to represent these dynamically spawned devices in the guest's
memory and IRQ layout is by preallocating some space for dynamic sysbus devices.

This is what the "platform bus" device does. It is a sysbus device that exports
a configurably sized MMIO region and a configurable number of IRQ lines. When
this device encounters sysbus devices that have been dynamically created and not
manually wired up, it dynamically connects them to its own pool of resources.

The machine model can then loop through all of these devices and create a guest
configuration (device tree) to make them visible to the guest.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:14 +01:00
Alexander Graf
471a9bc144 sysbus: Expose MMIO enumeration helper
Sysbus devices have a range of MMIO regions they expose. The exact number
of regions is device specific and internal information to the device model.

Expose whether a region exists via a public interface. That way our platform
bus enumeration code can dynamically determine how many regions exist.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:14 +01:00
Alexander Graf
b797318666 sysbus: Expose IRQ enumeration helpers
Sysbus devices can get their IRQ lines connected to other devices. It is
possible to figure out which IRQ line a connection is on and whether a sysbus
device even provides an IRQ connector at a specific offset.

This patch exposes helpers to make this information publicly accessible. We
will need it for the platform bus dynamic sysbus enumeration.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:14 +01:00
Alexander Graf
33cd52b5d7 sysbus: Make devices spawnable via -device
Now that we can properly map sysbus devices that haven't been connected to
something forcefully by C code, we can allow the -device command line option
to spawn them.

For machines that don't implement dynamic sysbus assignment in their board
files we add a new bool "has_dynamic_sysbus" to the machine class.
When that property is false (default), we bail out when we see dynamically
spawned sysbus devices, like we did before.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:14 +01:00
Alexander Graf
eb5722801c sysbus: Add dynamic sysbus device search
Sysbus devices can be spawned by C code or dynamically via the command line.
In the latter case, we need to be able to find the dynamically created devices
to do things with them.

This patch adds a search helper that makes it easy to look for dynamically
spawned sysbus devices.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:14 +01:00
Peter Maydell
f8833a37c0 hw/ppc/spapr_pci.c: Avoid functions not in glib 2.12 (g_hash_table_iter_*)
The g_hash_table_iter_* functions for iterating through a hash table
are not present in glib 2.12, which is our current minimum requirement.
Rewrite the code to use g_hash_table_foreach() instead.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:13 +01:00
Paolo Bonzini
c47493f24f ppc: do not look at the MMU index to detect PR/HV mode
The MMU index is an internal detail that should not be needed by the
translator (except to generate loads and stores).  Look at the MSR
directly.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:13 +01:00
Chen Gang
cc64b1a194 target-ppc: kvm: Fix memory overflow issue about strncat()
strncat() will append additional '\0' to destination buffer, so need
additional 1 byte for it, or may cause memory overflow, just like other
area within QEMU have done.

And can use g_strdup_printf() instead of strncat(), which may be more
easier understanding.

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:13 +01:00
Alexey Kardashevskiy
f58aa48314 spapr_nvram: Enable migration
The only case when sPAPR NVRAM migrates now is if is backed by a file and
copy-storage migration is performed. In other cases NVRAM does not
migrate regardless whether it is backed by a file or not.

This enables shadow copy of NVRAM in RAM which is read from a file
(if used) and used for reads. Writes to NVRAM are mirrored to the file.

This defines a VMSTATE descriptor for NVRAM device so the memory copy
of NVRAM can migrate and be flushed to a backing file on the destination
if one is specified.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:13 +01:00
Alexander Graf
016f775898 PPC: E500: Hook up power off GPIO to GPIO controller
Now that we have a working GPIO controller on the virt machine, we can use
one pin to notify QEMU that the guests wants to power off the system.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:13 +01:00
Alexander Graf
b88e77f493 PPC: E500: Instantiate MPC8XXX gpio controller on virt machine
With the e500 virt machine, we don't have to adhere to the exact hardware
layout of an mpc8544ds board. So there we can just add a qoriq compatible
GPIO controller into the system that we can add a power off hook to.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:12 +01:00
Alexander Graf
228aa992fc PPC: Add MPC8XXX gpio controller
On e500 systems most SoCs implement a common GPIO controller that Linux
calls the "mpc8xxx" gpio controller. This patch adds an emulation model
for this device.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:12 +01:00
Bharata B Rao
81f194dd69 target-ppc: Fix an invalid free in opcode table handling code.
Opcode table has direct, indirect and double indirect handlers, but
ppc_cpu_unrealizefn() frees direct handlers which are never allocated
and never frees double indirect handlers.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:12 +01:00
Bharata B Rao
54ff58bb10 target-ppc: Use macros in opcodes table handling code
Define and use macros instead of direct numbers wherever
possible in ppc opcodes table handling code.

This doesn't change any code functionality.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:12 +01:00
Peter Maydell
bf362e9610 hw/pci/ppc4xx_pci.c: Remove unused pci4xx_cfgaddr_read/write/ops
The MemoryRegionOps struct pci4xx_cfgaddr_ops and the read and
write functions it references are all unused; remove them.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04 23:26:12 +01:00