Commit Graph

8785 Commits

Author SHA1 Message Date
Anthony Liguori
df9330070e Merge remote-tracking branch 'pmaydell/arm-devs.next' into staging
* pmaydell/arm-devs.next:
  hw/ds1338.c: Fix handling of DAY (wday) register.
  hw/ds1338.c: Implement support for the control register.
  hw/ds1338.c: Ensure state is properly initialized.
  hw/ds1338.c: Fix handling of HOURS register.
  hw/ds1338.c: Add definitions for various flags in the RTC registers.
  hw/ds1338.c: Correct bug in conversion to BCD.
  exynos4210/mct: Avoid infinite loop on non incremental timers
  hw/arm_gic: fix target CPUs affected by set enable/pending ops
  xilinx_zynq: Add one variable to avoid overwriting QSPI bus
  hw/arm_gic_common: Correct GICC_PMR reset value for newer GICs
  hw/arm_gic: Fix comparison with priority mask register
  hw/arm_boot, exynos4210, highbank: Fix secondary boot GIC init

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-13 11:41:57 -06:00
Antoine Mathys
871edc5fdb hw/ds1338.c: Fix handling of DAY (wday) register.
Per the datasheet, the DAY (wday) register is user defined. Implement this.

Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-13 14:05:28 +00:00
Antoine Mathys
996e91f04b hw/ds1338.c: Implement support for the control register.
Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-13 14:05:28 +00:00
Antoine Mathys
ed3d37d287 hw/ds1338.c: Ensure state is properly initialized.
Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-13 14:05:28 +00:00
Antoine Mathys
59dda8e05b hw/ds1338.c: Fix handling of HOURS register.
Per the datasheet, the mapping between 12 and 24 hours modes is:
      0      <->  12   PM
      1-12   <->  1-12 AM
      13-23  <->  1-11 PM

Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-13 14:05:27 +00:00
Antoine Mathys
95c9361598 hw/ds1338.c: Add definitions for various flags in the RTC registers.
Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-13 14:05:27 +00:00
Antoine Mathys
580f5c0008 hw/ds1338.c: Correct bug in conversion to BCD.
Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-13 14:05:27 +00:00
Amit Shah
a75bf14650 virtio-serial: delete timer if active during exit
The post_load timer was being freed, but not deleted.  This could cause
problems when the timer is armed, but the device is hot-unplugged before
the callback is executed.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
2012-12-13 16:01:26 +05:30
Amit Shah
bdb917bf8a virtio-serial: allocate post_load only at load-time
This saves us a few bytes in the VirtIOSerial struct.  Not a big
savings, but since the entire structure is used only during a short
while after migration, it's helpful to keep the struct cleaner and
smaller.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
2012-12-13 16:01:26 +05:30
Amit Shah
2e575a86ab virtio-serial: move active ports loading to separate function
The virtio_serial_load() function became too big, split the code that
gets the port info from the source into a separate function.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
2012-12-13 16:01:26 +05:30
Amit Shah
c3587ca1a2 virtio-serial: use uint32_t to count ports
Signed-off-by: Amit Shah <amit.shah@redhat.com>
2012-12-13 15:56:19 +05:30
Pavel Hrdina
a7f3d65b65 atapi: reset cdrom tray statuses on ide_reset
Tray statuses should be also reseted. Some guests may lock the tray
and after reset before any kernel is loaded the tray should be unlocked.

Also if you reset the real computer the tray is closed. We should
do the same in qemu.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-12-13 11:17:35 +01:00
Michael S. Tsirkin
29002d9e10 pci: prepare makefiles for pci code reorganization
To make it easier to move code around without breaking
build at intermedite steps, tweak makefiles
to look in pci/ and hw/ for include files, automatically.
This will be reverted at the end of the reorganization.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-12 23:41:03 +02:00
Jason Baron
6f918e40e6 Fixup q35/ich9 Licenses
Cleanup the q35/ich9 license headers.

Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Isaku Yamahata <yamahata@valinux.co.jp>
2012-12-12 23:36:20 +02:00
Dong Xu Wang
e478b448d7 use qemu_opts_create_nofail
We will use qemu_opts_create_nofail function, it can make code
more readable.

Signed-off-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-12-11 16:35:47 +01:00
Jean-Christophe DUBOIS
97331270e5 exynos4210/mct: Avoid infinite loop on non incremental timers
Check for a 0 "distance" value to avoid infinite loop when the
expired FCR timer was not programed with auto-increment.

With this change the behavior is coherent with the same type
of code in the exynos4210_gfrc_restart() function in the same
file.

Linux seems to mostly use this timer with auto-increment
which explain why it is not a problem most of the time.

However other OS might have a problem with this if they
don't use the auto-increment feature.

Signed-off-by: Jean-Christophe DUBOIS <jcd@tribudubois.net>
Reviewed-by: Evgeny Voevodin <e.voevodin@samsung.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-11 12:54:47 +00:00
Daniel Sangorrin
f47b48fb67 hw/arm_gic: fix target CPUs affected by set enable/pending ops
Fix a bug on the ARM GIC model where interrupts are not
set pending on the correct target CPUs when they are
triggered by writes to the Interrupt Set Enable or
Set Pending registers.

Signed-off-by: Daniel Sangorrin <dsl@ertl.jp>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-11 11:30:38 +00:00
walimis
79f5d67e9d xilinx_zynq: Add one variable to avoid overwriting QSPI bus
commit 7b482bcf xilinx_zynq: added QSPI controller

Adds one QSPI controller, which has two spi buses, one is for
spi0, and another is for spi1. But when initializing the spi1
bus, "dev" has been overwrited by the ssi_create_slave_no_init() function,
so that qdev_get_child_bus() returns NULL and the last two m25p80 flashes
won't be attached to the spi1 bus, but to main-system-bus.

Here we add one variable to avoid overwriting.

Signed-off-by: Liming Wang <walimisdev@gmail.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-11 11:30:37 +00:00
Peter Maydell
ee3f095680 hw/arm_gic_common: Correct GICC_PMR reset value for newer GICs
The GIC architecture specification for v1 and v2 GICs (as found
on the Cortex-A9 and newer) states that the GICC_PMR reset value
is zero; this differs from the 0xf0 reset value used on 11MPCore.
The NVIC is different again in not having a CPU interface; since
we share the GIC code we must force the priority mask field to
allow through all interrupts.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
2012-12-11 11:30:37 +00:00
Peter Maydell
cad065f18e hw/arm_gic: Fix comparison with priority mask register
The GIC spec states that only interrupts with higher priority
than the value in the GICC_PMR priority mask register are
passed through to the processor. We were incorrectly allowing
through interrupts with a priority equal to the specified
value: correct the comparison operation to match the spec.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
2012-12-11 11:30:37 +00:00
Peter Maydell
bf471f7950 hw/arm_boot, exynos4210, highbank: Fix secondary boot GIC init
Fix the code in the secondary CPU boot stubs so that it correctly
initialises the GIC rather than relying on bugs or implementation
dependent aspects of the QEMU GIC implementation:
 * set the GIC_PMR.Priority field to all-ones, so that all
   interrupts are passed through. The default of all-zeroes
   means all interrupts are masked, and QEMU only booted because
   of a bug in the priority masking in our GIC implementation.
 * add a barrier after GIC setup and before WFI to ensure that
   GIC config is complete before we go into a possible low power
   state. This isn't needed with the software GIC model but could
   be required when using KVM and executing this code on the
   real hardware CPU.

Note that of the three secondary stub implementations, only
the common generic one needs to support both v6 and v7 DSB
encodings; highbank and exynos4210 will always be v7 CPUs.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
2012-12-11 11:30:37 +00:00
Christian Borntraeger
2d0d2837dc Support default block interfaces per QEMUMachine
There are QEMUMachines that have neither IF_IDE nor IF_SCSI as a
default/standard interface to their block devices / drives. Therefore,
this patch introduces a new field default_block_type per QEMUMachine
struct. The prior use_scsi field becomes thereby obsolete and is
replaced through .default_block_type = IF_SCSI.

This patch also changes the default for s390x to IF_VIRTIO and
removes an early hack that converts IF_IDE drives.
Other parties have already claimed interest (e.g. IF_SD for exynos)

To create a sane default, for machines that dont specify a
default_block_type, this patch makes IF_IDE = 0 and IF_NONE = 1.
I checked all users of IF_NONE (blockdev.c and ww/device-hotplug.c)
as well as IF_IDE and it seems that it is ok to change the defines -
in other words, I found no obvious (to me) assumption in the code
regarding IF_NONE==0. IF_NONE is only set if there is an
explicit if=none. Without if=* the interface becomes IF_DEFAULT.

I would suggest to have some additional care, e.g. by letting
this patch sit some days in the block tree.

Based on an initial patch from Einar Lueck <elelueck@de.ibm.com>

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
CC: Igor Mitsyanko <i.mitsyanko@samsung.com>
CC: Markus Armbruster <armbru@redhat.com>
CC: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Acked-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-11 11:05:10 +01:00
David Gibson
d567e62f98 virtio-blk: Remove duplicate property definition
For the virtio-blk device (via virtio-pci) the property "config-wce" is
defined in two places.  First, it's defined from the
DEFINE_VIRTIO_BLK_FEATURES macro, second it's defined directly in
virtio-pci, just two lines above the call to that macro.

The direct definition in virtio-pci.c is broken, since it operates on the
'config_wce' field of VirtIOBlkConf, which is never used anywhere else.
Therefore, this patch removes both the extra property definition and the
redundant field it works on.

Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Cc: Paul 'Rusty' Russell <rusty@rustcorp.com.au>

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-11 11:04:25 +01:00
Alex Williamson
d281084d3e vfio-pci: Don't use kvm_irqchip_in_kernel
kvm_irqchip_in_kernel() has an architecture specific meaning, so
we shouldn't be using it to determine whether to enabled KVM INTx
bypass.  kvm_irqfds_enabled() seems most appropriate.  Also use this
to protect our other call to kvm_check_extension() as that explodes
when KVM isn't enabled.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Cc: qemu-stable@nongnu.org
2012-12-10 11:30:03 -07:00
Anthony Liguori
1c97e303d4 Merge remote-tracking branch 'afaerber/qom-cpu' into staging
* afaerber/qom-cpu:
  target-i386: Postpone cpuid_level update to realize time
  target-i386: Use define for cpuid vendor string size
  target-i386: Separate feature string parsing from CPU model lookup
  target-i386/cpu.c: Coding style fixes
  qdev: qdev_create(): use error_report() instead of hw_error()
  sysemu.h: Include qemu-types.h instead of qemu-common.h
  Create qemu-types.h for struct typedefs
  qlist.h: Do not include qemu-common.h
  qga/channel-posix.c: Include headers it needs
  qapi/qmp-registry.c: Include headers it needs
  ui/vnc-palette.c: Include headers it needs
  user: Rename qemu-types.h to qemu-user-types.h
  user: Move *-user/qemu-types.h to main directory

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-10 08:35:15 -06:00
Anthony Liguori
7c12fd9b29 Merge remote-tracking branch 'stefanha/trivial-patches' into staging
* stefanha/trivial-patches:
  pc_sysfw: Plug memory leak on pc_fw_add_pflash_drv() error path
  qemu-options: Fix space at EOL
  Fix spelling in comments and documentation
  Clean up pci_drive_hot_add()'s use of BlockInterfaceType
  arm: a9mpcore: remove un-used ptimer_iomem field
  target-sparc: Remove t0, t1 from CPUSPARCState
  target-m68k: Remove t1 from CPUM68KState
  target-alpha: Remove t0, t1 from CPUAlphaState
  s390x: Spelling fixes (endianess -> endianness, occured -> occurred)
  Fix comments (adress -> address, layed -> laid, wierd -> weird)
  Fix spelling (prefered -> preferred)
  configure: Remove stray debug output
  sd: Send debug printfery to stderr not stdout

Conflicts:
	configure

Resolve spelling conflict in configure.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-10 08:34:29 -06:00
Anthony Liguori
8385b173a0 Merge remote-tracking branch 'kraxel/acpi.1' into staging
* kraxel/acpi.1:
  acpi: drop debug port
  q35: update lpc pci config space according to configured devices
  apci: switch piix4 pci hotplug to memory api
  acpi: remove acpi_gpe_blk
  apci: switch piix4 gpe to memory api
  acpi: fix piix4 smbus mapping
  acpi: switch smbus to memory api
  acpi: cleanup ich9 memory region
  apci: switch ich9 smi to memory api
  apci: switch ich9 gpe to memory api
  acpi: cleanup vt82c686 memory region
  acpi: cleanup piix4 memory region
  apci: switch evt to memory api
  apci: switch cnt to memory api
  apci: switch timer to memory api
  apci: switch vt82c686 to memory api
  apci: switch ich9 to memory api
  apci: switch piix4 to memory api

Conflicts:
	hw/lpc_ich9.c

Resolved merge conflict due to apm_init adding an argument.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-10 08:33:11 -06:00
Anthony Liguori
c62adbee15 Merge remote-tracking branch 'kraxel/usb.74' into staging
* kraxel/usb.74:
  usb-tablet: Allow connecting to ehci
  ehci: Lower timer freq when the periodic schedule is idle
  usb: Allow overriding of usb_desc at the device level
  usb: Don't allow USB_RET_ASYNC for interrupt packets
  usb: Call wakeup when data becomes available for all devices with int eps
  add pc-1.4

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-10 08:31:19 -06:00
Blue Swirl
536b558f58 Merge branch 'master' of git.qemu-project.org:/pub/git/qemu
* 'master' of git.qemu-project.org:/pub/git/qemu:
  target-mips: Fix incorrect shift for SHILO and SHILOV
  target-mips: Fix incorrect code and test for INSV
  xilinx_uartlite: Accept input after rx FIFO pop
  xilinx_uartlite: suppress "cannot receive message"
  xilinx_axienet: Implement R_IS behaviour
2012-12-08 17:50:57 +00:00
Markus Armbruster
654598c944 pc_sysfw: Plug memory leak on pc_fw_add_pflash_drv() error path
Harmless, because we the error inevitably leads to another, fatal one
in pc_system_flash_init(): PC system firmware (pflash) not available.
Fix it anyway.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-07 12:34:12 +01:00
Stefan Weil
993d46ce7e Fix spelling in comments and documentation
These spelling bugs were found by codespell:

supressing -> suppressing
transfered -> transferred

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-07 12:34:12 +01:00
Markus Armbruster
4dbd84e26f Clean up pci_drive_hot_add()'s use of BlockInterfaceType
pci_drive_hot_add() parameter type has the wrong type: int instead of
BlockInterfaceType.  It's actually redundant, so we can just drop it.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-07 12:34:12 +01:00
Peter Crosthwaite
036f0f8356 arm: a9mpcore: remove un-used ptimer_iomem field
I'm guessing this is a hangover from a previous coreification of the mptimer
sub-module. This field is completely unused - removed.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-07 12:34:12 +01:00
Stefan Weil
8367a14fd3 s390x: Spelling fixes (endianess -> endianness, occured -> occurred)
Replace also "write into" by "write to".

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-07 12:34:11 +01:00
Peter Crosthwaite
038d3d4459 sd: Send debug printfery to stderr not stdout
Some debug printfs for SD are coming up in stdout. Redirected them to stderr
instead.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-07 12:34:11 +01:00
Eduardo Habkost
23e3fbec33 qdev: qdev_create(): use error_report() instead of hw_error()
hw_error() is specific for fatal hardware emulation errors, not for
internal errors related to the qdev object/class abstraction or object
initialization.

Replace it with an error_report() call, followed by abort().

This will also help reduce dependencies of the qdev code (as hw_error()
is from cpus.o, and depends on the CPU list from exec.o).

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-06 09:17:05 +01:00
Eduardo Habkost
394e1bb795 Create qemu-types.h for struct typedefs
Instead of keeping all those struct typedefs in qemu-common.h, move it
to a header that can be safely included by other headers, containing
only the struct typedefs and not pulling in other dependencies.

Also, move some of the qdev-core.h typedefs to the new file, too, so
other headers don't need to include qdev-core.h only because of
DeviceState and other typedefs.

This will help us remove qemu-common.h dependencies from some headers
later.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-06 09:17:05 +01:00
Peter Crosthwaite
80625b97b5 xilinx_uartlite: Accept input after rx FIFO pop
The device return false from the can receive function when the FIFO is
full. This mean the device should check for buffered input whenever a byte is
popped from the FIFO.

Reported-by: Jason Wu <huanyu@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-12-05 09:20:36 +01:00
Peter Crosthwaite
859cc10d23 xilinx_uartlite: suppress "cannot receive message"
This message is not an error condition, its just informing the user that
the device is corking the uart traffic to not drop characters.

Reported-by: Jason Wu <huanyu@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-12-05 09:20:36 +01:00
Peter Crosthwaite
d4d230da08 xilinx_axienet: Implement R_IS behaviour
The interrupt status register R_IS is the standard clear-on-write behaviour.
This was unimplemented and defaulting to updating the register to the written
value. Implemented clear-on-write.

Reported-by: Jason Wu <huanyu@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-12-05 09:20:36 +01:00
Julien Grall
5822993368 hw/dma.c: Replace register_ioport_*
Replace all register_ioport_*() with the new Memory API functions.
This permits to use the new Memory stuff like listeners.

Signed-off-by: Julien Grall <julien.grall@citrix.com>
Acked-by: Avi Kivity <avi@redhat.com>
[AF: Rebased onto hwaddr]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-04 14:50:22 +01:00
Julien Grall
258711c644 hw/pc.c: Replace register_ioport_*
Replace all register_ioport_*() with portio_*() or a MemoryRegion.
This permits to use the new Memory stuff like listeners.

Signed-off-by: Julien Grall <julien.grall@citrix.com>
Acked-by: Avi Kivity <avi@redhat.com>
[AF: Rebased onto hwaddr]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-04 14:50:22 +01:00
Julien Grall
568fd159e4 serial: Replace register_ioport_*
Replace all register_ioport_*() with a MemoryRegion.
This permits to use the new Memory stuff like listeners.

For more flexibility, the IO address space is passed as an argument.

Signed-off-by: Julien Grall <julien.grall@citrix.com>
Acked-by: Avi Kivity <avi@redhat.com>
[AF: Rebased onto serial split]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-04 14:50:22 +01:00
Julien Grall
c75e6d8e35 hw/cirrus_vga.c: Replace register_ioport_*
Replace all register_ioport_*() with the new Memory API.
This permits to use the new Memory stuff like listeners.

Signed-off-by: Julien Grall <julien.grall@citrix.com>
Acked-by: Avi Kivity <avi@redhat.com>
[AF: Rebased onto hwaddr]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-04 14:50:21 +01:00
Julien Grall
42d8a3cf96 hw/apm.c: Replace register_ioport_*
Replace all register_ioport_*() with a MemoryRegion.
This permits to use the new Memory stuff like listeners.

Moreover, the PCI device is added as an argument for apm_init(),
so we can register IO inside the PCI IO address space.

Signed-off-by: Julien Grall <julien.grall@citrix.com>
Acked-by: Avi Kivity <avi@redhat.com>
[AF: Rebased onto hwaddr and q35]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-04 14:50:21 +01:00
Julien Grall
ac10027327 isa: Add isa_address_space_io()
This function permits to retrieve ISA IO address space.
It will be usefull when we need to pass IO address space as argument.

Signed-off-by: Julien Grall <julien.grall@citrix.com>
Acked-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-04 14:50:21 +01:00
Hans de Goede
427e3aa151 usb-tablet: Allow connecting to ehci
Our ehci code has is capable of significantly lowering the wakeup rate
for the hcd emulation while the device is idle. It is possible to add
similar code ot the uhci emulation, but that simply is not there atm,
and there is no reason why a (virtual) usb-tablet can not be a USB-2 device.

Making usb-hid devices connect to the emulated ehci controller instead
of the emulated uhci controller on vms which have both lowers the cpuload
for a fully idle vm from 20% to 2-3% (on my laptop).

An alternative implementation to using a property to select the tablet
type, would be simply making it a new device type, ie usb-tablet2, but the
downside of that is that this will require libvirt changes to be available
through libvirt at all, and then management tools changes to become the
default for new vms, where as using a property will automatically get
any pc-1.3 type vms the lower cpuload.

[ kraxel: adapt compat property for post-1.3 merge ]

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

tablet compat fixup

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:42:05 +01:00
Hans de Goede
8082624099 ehci: Lower timer freq when the periodic schedule is idle
Lower the timer freq if no iso schedule packets complete for 64 frames in
a row.

We can safely do this, without adding latency, because:
1) If there is isoc traffic this will never trigger
2) For async handled interrupt packets (only usb-host), the completion handler
   will immediately schedule the frame_timer from a bh
3) All devices using NAK to signal no data for interrupt endpoints now use
   wakeup, which will immediately schedule the frame_timer from a bh

The advantage of this is that when we only have interrupt packets in the
periodic schedule, async_stepdown can do its work and significantly lower
the frequency at which the frame_timer runs.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Hans de Goede
386ab487eb usb: Allow overriding of usb_desc at the device level
This allows devices to present a different set of descriptors based on
device properties.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Hans de Goede
be41efde3c usb: Don't allow USB_RET_ASYNC for interrupt packets
It is tempting to use USB_RET_ASYNC for interrupt packets, rather then the
current NAK + polling approach, but this causes issues for migration, as
an async completed packet will not getting written back to guest memory until
the next poll time, and if a migration happens in between it will get lost!

Make an exception for host devices, because:
1) host-linux actually uses async completion for interrupt endpoints
2) host devices don't migrate anyways

Ideally we would convert host-linux.c to handle (input) interrupt endpoints in
a buffered manner like it does for isoc endpoints, keeping multiple urbs
submitted to ensure the devices timing requirements are met, as well as making
its interrupt ep handling the same as other usb-devices.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Hans de Goede
8beba93043 usb: Call wakeup when data becomes available for all devices with int eps
This is necessary for proper interaction with the xhci controller, and it
will allow other hcds to lower there frame timer while waiting for interrupt
data.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Gerd Hoffmann
f1ae2e3883 add pc-1.4
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Gerd Hoffmann
3e43749882 acpi: drop debug port
I'm pretty sure this isn't needed any more.  I think this predates the
switch to seabios, and the seabios DSDT table has a DBUG() aml macro
which writes stuff to the seabios debug port (0x402).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
3f5bc9e8af q35: update lpc pci config space according to configured devices
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
c177684c75 apci: switch piix4 pci hotplug to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
c84649ca66 acpi: remove acpi_gpe_blk
With gpe being switched to memory api this is no longer needed.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
b65b93f24c apci: switch piix4 gpe to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
24fe083de6 acpi: fix piix4 smbus mapping
Make write to the smbus base register and enable bit actually work.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
798512e552 acpi: switch smbus to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
4a522de090 acpi: cleanup ich9 memory region
Nothing left to do, everything handled by subregions,
we can zap the reaw/write handlers now.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
10cc69b0de apci: switch ich9 smi to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
76a7daf974 apci: switch ich9 gpe to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
a0f95659da acpi: cleanup vt82c686 memory region
Nothing left to do, everything handled by subregions,
we can zap the reaw/write handlers now.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
ca5d64b4b4 acpi: cleanup piix4 memory region
Nothing left to do, everything handled by subregions,
we can zap the reaw/write handlers now.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
b5a7c024d2 apci: switch evt to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
afafe4bbe0 apci: switch cnt to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
77d58b1e47 apci: switch timer to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
a29028214c apci: switch vt82c686 to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
cacaab8bdd apci: switch ich9 to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
af11110bb8 apci: switch piix4 to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Michael Contreras
b0d9ffcd02 e1000: Discard packets that are too long if !SBP and !LPE
The e1000_receive function for the e1000 needs to discard packets longer than
1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes
this behavior and allocates memory based on this assumption.

Signed-off-by: Michael Contreras <michael@inetric.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-03 08:14:10 -06:00
Anthony Liguori
90e07938aa Merge remote-tracking branch 'kwolf/for-anthony' into staging
* kwolf/for-anthony:
  coroutine-sigaltstack.c: Use stack_t, not struct sigaltstack
  stream: fix ratelimit_set_speed
  atapi: make change media detection for guests easier
  Documentation: Update image format information
  Documentation: Update block cache mode information

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-30 10:24:24 -06:00
Anthony Liguori
3235f92784 Merge remote-tracking branch 'spice/spice.v65' into staging
* spice/spice.v65:
  qxl: reload memslots after migration, when qxl is in UNDEFINED mode

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-30 10:20:36 -06:00
Anthony Liguori
923fd9897b Merge remote-tracking branch 'kraxel/usb.73' into staging
* kraxel/usb.73:
  ehci-sysbus: Attach DMA context.
  usb: fail usbdevice_create() when there is no USB bus
  usb: tag usb host adapters as not hotpluggable.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-30 10:20:21 -06:00
Pavel Hrdina
0c6f08b0b0 atapi: make change media detection for guests easier
If you have a guest with a media in the optical drive and you change
it, the windows guest cannot properly recognize this media change.

Windows needs to detect sense "NOT_READY with ASC_MEDIUM_NOT_PRESENT"
before we send sense "UNIT_ATTENTION with ASC_MEDIUM_MAY_HAVE_CHANGED".

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-30 11:33:24 +01:00
Michael S. Tsirkin
e1f7b4812e virtio: limit avail bytes lookahead
Commit 0d8d769085 introduced
a regression in virtio-net performance because it looks
into the ring aggressively while we really only care
about a single packet worth of buffers.
Reported as bugzilla 1066055 in launchpad.

To fix, add parameters limiting lookahead, and
use in virtqueue_avail_bytes.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reported-by: Edivaldo de Araujo Pereira <edivaldoapereira@yahoo.com.br>
Tested-by: Edivaldo de Araujo Pereira <edivaldoapereira@yahoo.com.br>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-29 17:25:02 -06:00
Anthony Liguori
e912c96f7d qdev: relax bus type check in qdev_device_add() (v2)
We are currently checking for an exact type match.  Use QOM dynamic_cast to
check for a compatible type instead.

Cc: Konrad Frederic <fred.konrad@greensocs.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
v1 -> v2:
 - also add cast to qbus_find_recursive (Peter)
 - simplify by doing object_dynamic_cast instead of messing with classes
2012-11-29 09:11:03 -06:00
Peter Crosthwaite
2b29f492c8 ehci-sysbus: Attach DMA context.
This was left as NULL on the initial merge due to debate on the mailing list on
how to handle DMA contexts for sysbus devices. Patch
9e11908f12 was later merged to fix OHCI. This is the,
equivalent fix for sysbus EHCI.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-29 08:04:13 +01:00
Stefan Hajnoczi
c128d6a6d7 usb: fail usbdevice_create() when there is no USB bus
Report an error instead of segfaulting when attaching a USB device to a
machine with no USB busses:

  $ qemu-system-arm -machine vexpress-a9 \
      -sd Fedora-17-armhfp-vexpress-mmcblk0.img \
      -kernel vmlinuz-3.4.2-3.fc17.armv7hl \
      -initrd initramfs-3.4.2-3.fc17.armv7hl.img \
      -usbdevice disk:format=raw:test.img

Note that the vexpress-a9 machine does not have a USB host controller.

Reported-by: David Abdurachmanov <David.Abdurachmanov@cern.ch>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-29 08:04:13 +01:00
Gerd Hoffmann
6c2d1c32d0 usb: tag usb host adapters as not hotpluggable.
Hotplugging them simply doesn't work, so tag them accordingly to
avoid users trying and then crashing qemu.

For xhci there is nothing fundamental which prevents hotplug from
working, we'll "only" need a exit() function which cleans up
everything properly.  That isn't for 1.3 though.

For ehci+uhci+ohci hotplug can't be supported until qemu gains the
capability to hotplug multifunction pci devices.

https://bugzilla.redhat.com/show_bug.cgi?id=879096

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-29 08:04:13 +01:00
Yonit Halperin
fa98efe932 qxl: reload memslots after migration, when qxl is in UNDEFINED mode
The devram memslot stays active when qxl enters UNDEFINED mode (i.e, no
primary surface). If migration has occurred while the device is in
UNDEFINED stae, the memslots have to be reloaded at the destination.

Fixes rhbz#874574

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-29 07:58:45 +01:00
Anthony Liguori
e6451fd372 Merge remote-tracking branch 'bonzini/scsi-next' into staging
* bonzini/scsi-next:
  virtio-scsi: Fix subtle (guest) endian bug
  virtio-scsi: Fix some endian bugs with virtio-scsi
  iscsi: do not assume device is zero initialized
  iscsi: fix deadlock during login
  iscsi: fix segfault in url parsing

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-28 13:19:24 -06:00
Anthony Liguori
0a6b2ac0cf Merge remote-tracking branch 'agraf/s390-for-upstream-1.3' into staging
* agraf/s390-for-upstream-1.3:
  sclp: Fix uninitialized var in handle_write_event_buf().
  s390: Fix ram_size updating in machine init

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-28 13:19:16 -06:00
Anthony Liguori
7e68494b0b Merge remote-tracking branch 'agraf/ppc-for-upstream-1.3' into staging
* agraf/ppc-for-upstream-1.3:
  fbdev: fix pixman compile on old pixman
  vl.c: Fix broken -usb option
  pseries: Fix bug in PCI MSI allocation
  kvm: fix incorrect length in a loop over kvm dirty pages map
  PPC: Fix missing TRACE exception
  hw/ide/macio: Fix segfault caused by NULL DMAContext*

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-28 13:19:06 -06:00
David Gibson
863d1050c9 virtio-scsi: Fix subtle (guest) endian bug
The virtio-scsi config space is, by specification, in guest endian (which
is ill-defined, but there you go).  In virtio_scsi_get_config() we set up
all the fields in there, using stl_raw().  Which is a problem for the
max_channel and max_target fields, which are 16-bit, not 32-bit.  For
little-endian targets we get away with it by accident, since the first
two bytes will still be correct, and the extra two bytes written (with
zeroes) will be overwritten correctly by the next store.

But for big-endian guests, this means the max_target field ends up as zero,
which means the guest will only recognize a single disk on the virtio-scsi
bus.  This patch fixes the problem.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Paul 'Rusty' Russell <rusty@rustcorp.com.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-28 12:52:00 +01:00
David Gibson
474ee55a18 virtio-scsi: Fix some endian bugs with virtio-scsi
The virtio-scsi specification does not specify the correct endianness for
fields in the request structure.  It's therefore best to assume that it is
"guest native" endian since that's the (stupid and poorly defined) norm in
virtio.

However, the qemu device for virtio-scsi has no byteswaps at all, and so
will break if the guest has different endianness from the host.  This patch
fixes it by adding tswap() calls for the sense_len and resid fields in
the request structure.  In theory status_qualifier needs swaps as well,
but that field is never actually touched.  The tag field is a uint64_t, but
since its value is completely arbitrary, it might as well be uint8_t[8]
and so it does not need swapping.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Paul 'Rusty' Russell <rusty@rustcorp.com.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-28 12:52:00 +01:00
Alex Horn
02c6ccc6dd rtc: Only call rtc_set_cmos when Register B SET flag is disabled.
This bug occurs when the SET flag of Register B is enabled. When an RTC
data register (i.e. any of the ten time/calender CMOS bytes) is set, the
data is (as expected) correctly stored in the cmos_data array. However,
since the SET flag is enabled, the function rtc_set_time is not invoked.
As a result, the field base_rtc in RTCState remains uninitialized. This
causes a problem on subsequent writes which can end up overwriting data.
To see this, consider writing data to Register A after having written
data to any of the RTC data registers; the following figure illustrates
the call stack for the Register A write operation:

 +- cmos_io_port_write
 +-- check_update_timer
 +---- get_next_alarm
 +------ rtc_update_time

In rtc_update_time, get_guest_rtc calculates the wrong time and
overwrites the previously written RTC data register values.

Signed-off-by: Alex Horn <alex.horn@cs.ox.ac.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-27 11:04:33 -06:00
Paolo Bonzini
03a36f17d7 virtio-rng: do not use g_assert_cmpint
g_assert_cmpint is not available on glib 2.12, which is the minimum
version required to build QEMU (we only require 2.16 to run tests,
since that is the first version including GTester).  Do not use it
in hardware models, use a normal assertion instead.

This fixes the buildbot failure for default_x86_64_rhel5.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-27 08:51:07 -06:00
Amit Shah
42015c9acb virtio-rng: fix typos, comments
Fix typos, whitespace and update comments to match current
implementation.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 14:26:37 -06:00
Amit Shah
8cc6774354 virtio-rng: disable timer on device removal
Disable the rate-limit timer on device remove (e.g. hot-unplug).

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 14:26:37 -06:00
Amit Shah
4621c1768e virtio-rng: remove extra request for entropy
If we got fewer bytes from the backend than requested, don't poke the
backend for more bytes; the guest will ask for more (or if the guest has
already asked for more, the backend knows about it via handle_input()).

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 14:26:37 -06:00
Amit Shah
1441703965 virtio-rng: use virtqueue_get_avail_bytes, fix migration
Popping an elem from the vq just to find out its length causes problems
with save/load later on.  Use the new virtqueue_get_avail_bytes()
function instead, saves us the complexity in the migration code, as well
as makes the migration endian-safe.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 14:26:37 -06:00
Andreas Färber
25d87288b1 i8259: Fix PIC_COMMON() macro
It used a wrong struct type name since its introduction in
8f04ee0882 (isa: pic: convert to QEMU
Object Model), apparently it is unused so far.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 14:25:42 -06:00
Paolo Bonzini
64b625f4b2 qdev: simplify (de)allocation of buses
All conditional deallocation can now be done with object_delete.
Remove the @qom_allocated and @glib_allocated fields; replace the latter
with a direct assignment of the @free function pointer.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 13:41:00 -06:00
Paolo Bonzini
667d22d1ae qdev: move bus removal to object_unparent
Add an ObjectClass method that is done at object_unparent time.  It
should remove any backlinks to the object in the composition tree,
so that object_delete will be able to drop the last reference and
free the object.

Use it for qdev buses.

Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 13:41:00 -06:00
Cornelia Huck
773de5c786 sclp: Fix uninitialized var in handle_write_event_buf().
Some gcc versions rightly complain about a possibly unitialized rc,
so let's move setting it before the QTAILQ_FOREACH().

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-11-26 20:16:26 +01:00
Heinz Graalfs
8c7c3c58e3 s390: Fix ram_size updating in machine init
The global variable 'ram_size' is hidden by the local variable
declaration in s390_init(). Since we want to update the global
ram size in certain cases we must not use a local ram_size
variable.
- This fixes booting with unusual ram sizes like -m 67001
- This changes behaviour back to the situation before commit
  5f072e1f30
  (create struct for machine initialization arguments)

Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-11-26 20:16:26 +01:00
Alexey Kardashevskiy
70c68cf638 pseries: Fix bug in PCI MSI allocation
In one of the recent reworks to the XICS code, a bug was introduced where
we use the wrong sense and allocate level interrupts instead of message
interrupts for PCI MSIs.  This patch fixes it.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-11-26 19:53:26 +01:00
Peter Maydell
d688e5239a hw/ide/macio: Fix segfault caused by NULL DMAContext*
Pass qemu_sglist_init the global dma_context_memory rather than a NULL
pointer; this fixes a segfault in dma_memory_map() when the guest
starts using DMA.

Reported-by: Amadeusz Sławiński <amade@asmblr.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-11-26 19:53:26 +01:00
Paolo Bonzini
b5007bcc97 hmp: do not crash on invalid SCSI hotplug
Commit 0d93692 (qdev: Convert busses to QEMU Object Model, 2012-05-02)
removed a check on the type of the bus where a SCSI disk is hotplugged.
However, hot-plugging to the wrong kind of device now causes a crash
due to either a NULL pointer dereference (avoided by the previous patch)
or a failed QOM cast.

Instead, in this case we need to use object_dynamic_cast and check for
the result, similar to what was done before that commit.

Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:38:54 -06:00
Jan Kiszka
21022c92dc q35: Add kvmclock support
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:37 -06:00
Jan Kiszka
243b95111c q35: Fix non-PCI IRQ processing in ich9_lpc_update_apic
Avoid passing a non-PCI IRQ to ich9_gsi_to_pirq. It's wrong and triggers
an assertion.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:37 -06:00
Jan Kiszka
21bcfdd9a4 q35: Suppress SMM BIOS initialization under KVM
Same as for i44fx: KVM does not support SMM yet. Signal it initialized
to Seabios to avoid failures.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:37 -06:00
Jason Baron
a1c9304683 ich9: Add i82801b11 dmi-to-pci bridge
Add the dmi-to-pci i82801b11 bridge chip. This is the pci bridge chip
that q35 uses on its host bus for PCI bus arbitration.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:37 -06:00
Isaku Yamahata
df2d8b3ed4 q35: Introduce q35 pc based chipset emulator
pc q35 based chipset emulator to support pci express natively. Based on
Anthony Liguori's suggestion, the machine name is 'q35-next', with an alias
of 'q35'. At this point, there are no compatibility guarantees. When the
chipset stabilizes more, we will begin to version the machine names.

Major features which still need to be added:

-Migration support (mostly around ahci)
-ACPI hotplug support (pcie hotplug support is working)
-Passthrough support

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:36 -06:00
Jason Baron
678e7b94b1 ich9: Add smbus
Add support for the ich9 smbus chip.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:36 -06:00
Jason Baron
4d00636e97 ich9: Add the lpc chip
Add support for the ICH9 LPC chip.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:35 -06:00
Jason Baron
e516572fde ich9: Add acpi support and definitions
Lay the groundwork for subsequent ich9 support.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:35 -06:00
Isaku Yamahata
410edd922d pc/piix_pci: factor out smram/pam logic
Factor out smram/pam logic for use by other chipsets, namely q35
at this point.

Note: Should be factored out into a generic North Bridge Class.

[jbaron@redhat.com: changes for updated memory API]
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:35 -06:00
Jason Baron
d8ee03843f pc_piix: Move kvm irq routing functions out of pc_piix.c
Rename: kvm_piix3_gsi_handlei() -> kvm_pc_gsi_handler()
        kvm_piix3_setup_irq_routing() -> kvm_pc_setup_irq_routing()

This is in preparation for other users, namely q35 at this time.

Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:35 -06:00
Jason Baron
a39e356458 pc: Move ioapic_init() from pc_piix.c to pc.c
Move ioapic_init() from pc_piix.c to pc.c, to make it a common function.
Rename ioapic_init() -> ioapic_init_gsi().
Move to pc.h so q35 can use them as well.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:35 -06:00
Isaku Yamahata
9011a1a7bb pc, pc_piix: split out pc nic initialization
Factor out pc nic initialization.
This simplifies the pc initialization and will reduce the code
duplication of q35 pc initialization.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:35 -06:00
Anthony Liguori
95a6e48d77 Merge remote-tracking branch 'kraxel/usb.72' into staging
* kraxel/usb.72:
  usb-redir: Don't handle interrupt output packets async
  usb-redir: Split usb_handle_interrupt_data into separate in/out functions
  usb-smartcard-reader: Properly NAK interrupt eps when we've no events
  usb-bt: Return NAK instead of STALL when interrupt ep has no data
  uhci: Fix double unlink
  uhci: Don't allow the guest to set port-enabled when there is no dev connected
  uhci: Add a completions_only flag for async completions

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 08:19:20 -06:00
Hans de Goede
723aedd532 usb-redir: Don't handle interrupt output packets async
Instead report them as successfully completed directly on submission, this
has 2 advantages:

1) This matches the timing of interrupt output packets on real hardware,
with the previous async handling, if an ep has an interval of say 500 ms,
then there would be 500+ ms between the submission and the guest seeing the
completion, as we wont do the write back until the qh gets polled again. And
in the mean time the guest may very well have timed out, as the guest can
reasonable expect a much quicker completion.

2) This fixes interrupt output packets potentially getting send twice
surrounding a migration. As we delay the writeback to guest memory until
the qh gets polled again, there is a window between completion and writeback
where migration can happen, in this case the destination will not know
about the completion, and it will execute the packet *again*

But it does also come with a disadvantage:

1) If the actual interrupt out to the real usb device fails, there is no
way to report this back to the guest.

This patch assumes however that interrupt outs in practice never fail, as
they are only used by specialized drivers, which are unlikely to issue illegal
requests (unlike general class drivers which often issue requests which some
devices don't implement). And that thus the advantages outway the disadvantage.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
234e810cce usb-redir: Split usb_handle_interrupt_data into separate in/out functions
No functional changes.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
c4020746ff usb-smartcard-reader: Properly NAK interrupt eps when we've no events
When we've no data to return from the interrupt endpoint, return NAK rather
then a 0 length packet.

CC: Alon Levy <alevy@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
33c1a6856f usb-bt: Return NAK instead of STALL when interrupt ep has no data
I noticed this while making all devices with interrupt endpoints properly
do wakeup. While at it also add wakeup support.

Note that I've not tested this, but returning STALL for an interrupt ep
which has no data is cleary the wrong thing to do.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
71d2c9cf65 uhci: Fix double unlink
uhci_async_cancel() already does a uhci_async_unlink().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
1cbdde909f uhci: Don't allow the guest to set port-enabled when there is no dev connected
It is possible for device disconnect and the guest trying to reset the port
(because of USB xact errors prior to the disconnect getting signaled) to race,
when we hit this race, the guest will write the port-control register with its
pre-disconnect value + the reset bit set, after which we have a disconnected
device with its port-enabled bit set in its port-control register, which
is no good :)

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
887938160e uhci: Add a completions_only flag for async completions
Add a completions_only flag, and set this when running process_frame for async
completion handling, this fixes 2 issues in a single patch:

1) It makes sure async completed packets get written to guest mem immediately,
even if all the bandwidth for the frame was consumed from the timer run
process_frame. This is necessary as delaying their writeback to the next frame
can cause the completion to get lost on migration.

2) The calling of process_frame from a bh on async completion causes iso
tds to get server more often they should, messing up usb sound class device
timing. By only processing completed packets, the iso tds get skipped fixing
this.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Kevin Wolf
72bcca73c7 ide: Fix status register after short PRDs
When failing a request because the length of the regions described by
the PRDT was too short for the requested number of sectors, the IDE
emulation forgot to update the status register, so that the device would
keep the BSY flag set indefinitely.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-11-21 09:47:34 +01:00
Kevin Wolf
038268e2e8 ide: Fix crash with too long PRD
Without this, s->nsector can become negative and badness happens (trying
to malloc huge amount of memory and glib calls abort())

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-11-21 09:47:34 +01:00
Anthony Liguori
ad1db3b341 Merge remote-tracking branch 'kwolf/for-anthony' into staging
* kwolf/for-anthony: (26 commits)
  qemu-io: Use bdrv_drain_all instead of qemu_aio_flush
  megasas: Use bdrv_drain_all instead of qemu_aio_flush
  vmdk: Fix data corruption bug in WRITE and READ handling
  fdc: remove last usage of FD_STATE_SEEK
  fdc: fix typo in zero constant
  fdc: remove double affectation of FD_MSR_CMDBUSY flag
  fdc-tests: add tests for VERIFY command
  fdc: implement VERIFY command
  fdc-test: Check READ ID
  fdc: fix false FD_SR0_SEEK
  fdc: fix FD_SR0_SEEK for initial seek on DMA transfers
  fdc: fix FD_SR0_SEEK for non-DMA transfers and multi sectors transfers
  fdc: use status0 field instead of a local variable
  fdc-test: add tests for non-DMA READ command
  fdc-test: insert media before fuzzing registers
  fdc-test: split test_media_change() test, so insert part can be reused
  fdc: Remove status0 parameter from fdctrl_set_fifo()
  aio: rename AIOPool to AIOCBInfo
  aio: use g_slice_alloc() for AIOCB pooling
  aio: switch aiocb_size type int -> size_t
  ...

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-19 09:27:00 -06:00
Anthony Liguori
5cc82c2d20 Merge remote-tracking branch 'kraxel/usb.71' into staging
* kraxel/usb.71:
  usb-host: fix splitted transfers
  usb-host: update tracing
  usb-redir: Set default debug level to warning
  usb-redir: Only add actually in flight packets to the in flight queue
  ehci: handle dma errors
  ehci: keep the frame timer running in case the guest asked for frame list rollover interrupts
  ehci: Don't verify the next pointer for periodic qh-s and qtd-s
  ehci: Better detection for qtd-s linked in circles
  ehci: Fixup q->qtdaddr after cancelling an already completed packet
  ehci: Don't access packet after freeing it
  usb: host-linux: Ignore parsing errors of the device descriptors
  usb-host: scan for usb devices when the vm starts
  usb: Fix (another) bug in usb_packet_map() for IOMMU handling
  fix live migration

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-19 09:26:48 -06:00
Anthony Liguori
698229eb28 Merge remote-tracking branch 'amit/loadvm-irq-inj-fix' into staging
* amit/loadvm-irq-inj-fix:
  virtio-serial-bus: post_load send_event when vm is running

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-19 08:31:48 -06:00
Anthony Liguori
f44d771a8c Merge remote-tracking branch 'afaerber/qom-cpu' into staging
* afaerber/qom-cpu:
  target-i386: Add Haswell CPU model
  target-i386/cpu: Add new Opteron CPU model
  target-i386/cpu: Name new CPUID bits
  qapi-types.h: Don't include qemu-common.h
  osdep: Move qemu_{open,close}() prototypes
  qemu-config.h: Include headers it needs
  vnc-palette.h: Include <stdbool.h>
  qemu-fsdev-dummy.c: Include module.h
  qdev: Split up header so it can be used in cpu.h
  Move qemu_irq typedef out of qemu-common.h
  qemu-common.h: Comment about usage rules

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-19 08:31:24 -06:00
Anthony Liguori
d167dac993 Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
* qemu-kvm/uq/master:
  kvm: Actually remove software breakpoints from list on cleanup
  acpi_piix4: fix migration of gpe fields

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-19 08:30:45 -06:00
Blue Swirl
ab4dd33dc3 Merge branch 'vga.1' of git://git.kraxel.org/qemu
* 'vga.1' of git://git.kraxel.org/qemu:
  vga: fix mmio vga register mapping
  vga: fix bochs alignment issue
2012-11-17 16:38:05 +00:00
Anthony Liguori
500054f161 virtio-rng-pci: create a default backend if none exists
This allows you to specify:

  $ qemu -device virtio-rng-pci

And things will Just Work with a reasonable default.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-16 08:36:14 -06:00
Anthony Liguori
904d6f5880 virtio-rng: add rate limiting support
This adds parameters to virtio-rng-pci to allow rate limiting the entropy a
guest receives.  An example command line:

$ qemu -device virtio-rng-pci,max-bytes=1024,period=1000

Would limit entropy collection to 1Kb/s.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-16 08:36:13 -06:00
Amit Shah
16c915ba42 virtio-rng: hardware random number generator device
The Linux kernel already has a virtio-rng driver, this is the device
implementation.

When the guest asks for entropy from the virtio hwrng, it puts a buffer
in the vq.  We then put entropy into that buffer, and push it back to
the guest.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
aliguori: converted to new RngBackend interface
aliguori: remove entropy needed event
aliguori: fix migration
2012-11-16 08:36:13 -06:00
Gerd Hoffmann
71e0aa3930 usb-host: fix splitted transfers
USBPacket->actual_length wasn't updated correctly for USBPackets
splitted into multiple urbs.  Fix it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Gerd Hoffmann
8c908fca58 usb-host: update tracing
Now that we have separate status and length fields in USBPacket
update the completion tracepoint to log both.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
618fbc951d usb-redir: Set default debug level to warning
The previous default of 0 means that even errors and warnings would not
get printed, which is really not a good default.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
2cb343b442 usb-redir: Only add actually in flight packets to the in flight queue
Packets which are queued up, but not yet handed over to the device, are
*not* in flight.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Gerd Hoffmann
55903f1d2d ehci: handle dma errors
Starting with commit 1c380f9460 dma
transfers can actually fail.  This patch makes ehci keep track
of the busmaster bit in pci config space, by setting/clearing the
dma_context pointer.  Attempts to dma without context will result
in raising HSE (Host System Error) interrupt and stopping the host
controller.

This patch fixes WinXP not booting with a usb stick attached to ehci.
Root cause is seabios activating ehci so you can boot from the stick,
and WinXP clearing the busmaster bit before resetting the host
controller, leading to ehci actually trying dma while it is disabled.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Gerd Hoffmann
40862309a9 ehci: keep the frame timer running in case the guest asked for frame list rollover interrupts
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
2c7b15c1de ehci: Don't verify the next pointer for periodic qh-s and qtd-s
While testing the move to async packet handling for interrupt endpoints I
noticed that Windows-XP likes to play tricks with the next pointer for
periodic qh-s, so we should not fail qh / qtd verification when it changes.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
601a234731 ehci: Better detection for qtd-s linked in circles
Windows links interrupt qtd-s in circles, which means that when interrupt
endpoints return USB_RET_ASYNC, combined with the recent
"ehci: Retry to fill the queue while waiting for td completion" patch,
we keep adding the tds to the queue over and over again, as we detect the
circle from fill_queue, but we call it over and over again ...

This patch fixes this by changing the circle detection to also detect
circling into tds already queued up previously.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
ff80ce599e ehci: Fixup q->qtdaddr after cancelling an already completed packet
This avoids the q->qtdaddr == p->qtdaddr asserts we have triggering, when
a queue contains multiple completed packages when we cancel the queue.

I triggered this with windows7 + async interrupt endpoint handling (*)
+ not detecting circles in ehci_fill_queue() properly, which makes the qtd
validation in ehci_fill_queue fail, causing cancellation of the queue on every
mouse event ...

*) Which is not going upstream as it will cause loss of interrupt events on
migration.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
30d68cf6e1 ehci: Don't access packet after freeing it
ehci_state_writeback() will free the packet, so we should not access
the packet after calling ehci_state_writeback().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Jan Kiszka
537e8f1aa8 usb: host-linux: Ignore parsing errors of the device descriptors
The Linux is more tolerant here as well: Just stop parsing the device
descriptors when an error is detected but do not reset what was found
so far. This allows to run buggy devices with partially invalid
descriptors.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Gerd Hoffmann
c96c53b5f1 vga: fix mmio vga register mapping 2012-11-16 11:27:07 +01:00
Gerd Hoffmann
df9ffb726f vga: fix bochs alignment issue
The bochs dispi interface traditionally uses port 0x1ce as 16bit index
register and port 0x1cf as 16bit data register.  The later is unaligned,
and probably for that reason the the data register was moved to 0x1d0
for non-x86 archs.

This patch makes the data register available at 0x1d0 on x86 too.  The
old x86 location is kept for compatibility reasons, so both 0x1cf and
0x1d0 can be used as data register on x86.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:06 +01:00
Gerd Hoffmann
c06c68c928 usb-host: scan for usb devices when the vm starts
Commit a844ed842d leads to usb-host
detecting devices not right after qemu startup because the guest
isn't running yet.  Instead they are found on the first of the
regular usb device poll runs.  Which is too late for seabios to see
them, so booting from usb sticks fails.

Fix this by adding a vm state change handler which triggers a device
scan when the vm is started.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:05 +01:00
David Gibson
155de06f24 usb: Fix (another) bug in usb_packet_map() for IOMMU handling
Elements in qemu SGLists can cross IOMMU page boundaries.  So, in commit
39c138c842 "usb: Fix usb_packet_map() in the
presence of IOMMUs", I changed usb_packet_map() to split up each SGList
element on IOMMU page boundaries and each resulting piece of qemu's memory
space separately to the iovec the usb code uses internally.

That was correct in concept, but the patch has a bug.  The 'base' variable
correctly steps through the dma address of each piece, but then we call
the dma_memory_map() function on the base address of the whole SGList
element every time.

This patch fixes at least one problem using XHCI on the pseries guest
machine.  It didn't affect OHCI because that doesn't use usb_packet_map().
In theory it also affects EHCI, but we haven't observed that in practice.
I think the transfers were small enough on EHCI that they never crossed an
IOMMU page boundary in practice.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:05 +01:00
Gerd Hoffmann
4ea375bf37 fix live migration
Commit 1c380f9460 breaks live migration.
DMA stops working for ehci (and probably for any pci device) after
restoring the guest because the bus master region never gets enabled.
Add code doing that after loading the pci config space from vmstate.

Cc: Avi Kivity <avi@redhat.com>
Cc: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:05 +01:00
Alon Levy
80dcfb8532 virtio-serial-bus: post_load send_event when vm is running
Alexander Larsson found irq injection to Windows guests stopped after a
migration.  The symptom was the mouse stopped working.

Reproduction steps are:
1. On src, start qemu with a virtio-serial port without any backend
2. On dest, start qemu with a virtio-serial port with a backend
3. Migrate.

Upon migration, the older code detected the change in backend connection
status, and sent a notification to the guest.  However, it's not
guaranteed that the apic is ready to inject irqs into the guest, and the
irq line remained high, resulting in any future interrupts going
unnoticed by the guest as well.

Add a new timer based on vm_clock for 1 ns in the future from post_load
to do the event send in case host_connected differs between migration
source and target.

RHBZ: 867366

Signed-off-by: Alon Levy <alevy@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com> # verbose commit log
2012-11-16 14:10:37 +05:30
Aurelien Jarno
68d001928b mips/malta: fix CBUS UART interrupt pin
According to the MIPS Malta Developement Platform User's Manual, the
i8259 interrupt controller is supposed to be connected to the hardware
IRQ0, and the CBUS UART to the hardware interrupt 2.

In QEMU they are both connected to hardware interrupt 0, the CBUS UART
interrupt being wrong. This patch fixes that. It should be noted that
the irq array in QEMU includes the software interrupts, hence
env->irq[2] is the first hardware interrupt.

Cc: Ralf Baechle <ralf@linux-mips.org>
Reviewed-by: Eric Johnson <ericj@mips.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-11-15 14:37:55 +01:00
Anthony Liguori
074a86fccd qdev: Split up header so it can be used in cpu.h
Header file dependency is a frickin' nightmare right now.  cpu.h tends
to get included in our 'include everything' header files but qdev also
needs to include those headers mainly for qdev-properties since it knows
about CharDriverState and friends.

We can solve this for now by splitting out qdev.h along the same lines
that we previously split the C file.  Then cpu.h just needs to include
qdev-core.h.

hw/qdev.h is split into following new headers:
    hw/qdev-core.h
    hw/qdev-properties.h
    hw/qdev-monitor.h

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

[ehabkost: re-add DEFINE_PROP_PCI_HOST_DEVADDR, that was removed on the
 original patch (by mistake, I guess)]
[ehabkost: kill qdev_prop_set_vlan() declaration]
[ehabkost: moved get_fw_dev_path() comment to the original location
 (I don't know why it was moved)]
[ehabkost: removed qdev_exists() declaration]
[ehabkost: keep using 'QemuOpts' instead of 'struct QemuOpts', as
 qdev-core.h includes qemu-option.h]

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-11-15 02:18:55 +01:00
Igor Mammedov
5202ef942f Move qemu_irq typedef out of qemu-common.h
It's necessary for making CPU child of DEVICE without
causing circular header deps.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
[ehabkost: re-added the typedef to hw/irq.h after rebasing]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-11-15 01:57:02 +01:00
Marcelo Tosatti
b0b873a078 acpi_piix4: fix migration of gpe fields
Migrate 16 bytes for en/sts fields (which is the correct size),
increase version to 3, and document how to support incoming
migration from qemu-kvm 1.2.

Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2012-11-14 20:15:37 -02:00
Kevin Wolf
b618f4a1c1 megasas: Use bdrv_drain_all instead of qemu_aio_flush
Calling qemu_aio_flush() directly can hang when combined with I/O
throttling.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-14 18:20:06 +01:00
Hervé Poussineau
cd30b53d22 fdc: remove last usage of FD_STATE_SEEK
Replace it by directly setting FD_SR0_SEEK if required

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
c83f97b563 fdc: fix typo in zero constant
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
27c86e24e9 fdc: remove double affectation of FD_MSR_CMDBUSY flag
FD_MSR_CMDBUSY flag is already set in fdctrl_write_data(), just
before calling the command handler (fdctrl_start_transfer() here).

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
7ea004ed67 fdc: implement VERIFY command
VERIFY command is like a READ command, except that read data is not
transfered by DMA.
As DMA engine is not used, so we have to start data transfer ourselves.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
075f5532f1 fdc: fix false FD_SR0_SEEK
Do not always set FD_SR0_SEEK, as callers already set it if needed.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
d6ed4e2106 fdc: fix FD_SR0_SEEK for initial seek on DMA transfers
fdctrl_start_transfer() used to set FD_SR0_SEEK no matter if
there actually was a seek or not. This is obviously wrong.

fdctrl_start_transfer() has this information because it performs
the initial seek itself.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
c5139bd9a9 fdc: fix FD_SR0_SEEK for non-DMA transfers and multi sectors transfers
On non-DMA transfers, fdctrl_stop_transfer() used to set FD_SR0_SEEK
no matter if there actually was a seek or not. This is obviously wrong.

fdctrl_seek_to_next_sect() has this information because it performs
the seek itself.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
d497d53497 fdc: use status0 field instead of a local variable
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Kevin Wolf
34abf9a7d8 fdc: Remove status0 parameter from fdctrl_set_fifo()
It decided whether an interrupt is triggered. Only one caller made use
of this functionality, so move the code there.

In this one caller, the interrupt must actually be triggered
unconditionally, like it was before commit 2fee0088. For example, a
successful read without an implied seek can result in st0 = 0, but still
triggers the interrupt.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Tested-by: Hervé Poussineau <hpoussin@reactos.org>
2012-11-14 18:19:21 +01:00
Stefan Hajnoczi
d7331bed11 aio: rename AIOPool to AIOCBInfo
Now that AIOPool no longer keeps a freelist, it isn't really a "pool"
anymore.  Rename it to AIOCBInfo and make it const since it no longer
needs to be modified.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:21 +01:00
Anthony Liguori
ce34cf72fe vfio-pci: KVM INTx accel & common msi_get_message
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQIcBAABAgAGBQJQoqBtAAoJECObm247sIsidvMP/RCO4cyEAhCKjjjx6ujcwe1t
 PgBtqmcmlbyPgZvJ0cBdAx9EjU2cD48um9FuR+/oa1IXgORM3/2H7jS/HdxsL+wE
 jUEQqbT3U+f9VyAKuldMxk8Ojz8VBFZHxTVGwZAzQLjSehOZhcJ8SOd0wHcZUIQ/
 8ZxDRvrs2YO4+D0nYL/SKrfejHUoZW3uX86bW8XKBQaM6rAauAFZ96csQiquAQP4
 1q+QkYOXGf9WhIGUG3dD/UTkCUgFWLyZXtQISitTRs9Kfpq4ZXbvJ4Vl8+GmuVn+
 mH45Zg5RrFrRwiXRT/K0PUgNbwndp79Byr/q3VvhC2oM1xjdCChm3AQLr1cLkp3I
 C2ra0DhgrR6Ifo4g0m1dOZmGQoNn0fjzqhrSjp5m+dWnt5KpZ+QQs9UHNlnXwmVw
 iuxxbiwkUp58OihFkD8oGMLb08O+VpD+Avwn8/bMeO7l1onBKhIZc7wdsnwno9NY
 NVtlaF+GQm8P4sNA1WK8XHr3Hnm7FuZnluP/kFhr7vh7uiFSYtNdDb+8jtGBoeoN
 ngf9OLn5i9GJv1GHOTeam9nihb0KkihrjnFc1220W9XoWo6UZgi8iUz4ibpopPFP
 gxooE/nKA1dLcaFoOXq0RbirWSH8siqmnv+miZ9LaLCqhmfVWZFbbQDIdHSj6dl2
 /Q/vqEZwWlo+7As6UOCi
 =jze5
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'awilliam/tags/vfio-pci-for-qemu-1.3.0-rc0' into staging

vfio-pci: KVM INTx accel & common msi_get_message

* awilliam/tags/vfio-pci-for-qemu-1.3.0-rc0:
  vfio-pci: Use common msi_get_message
  vfio-pci: Add KVM INTx acceleration
  linux-headers: Update to 3.7-rc5

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-14 08:53:40 -06:00
Anthony Liguori
5f580e9411 Merge remote-tracking branch 'bonzini/scsi-next' into staging
* bonzini/scsi-next:
  virtio-scsi: use dma_context_memory
  dma: Define dma_context_memory and use in sysbus-ohci
  megasas: Correct target/lun mapping
  scsi-disk: flush cache after disabling it
  megasas: do not include block_int.h
  scsi: remove superfluous call to scsi_device_set_ua
  virtio-scsi: factor checks for VIRTIO_SCSI_S_DRIVER_OK when reporting events
  scsi: do not return short responses for emulated commands

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-14 08:50:45 -06:00
Anthony Liguori
ce5e5b522e Merge remote-tracking branch 'kraxel/usb.70' into staging
* kraxel/usb.70:
  ehci: fix migration
  xhci: Fix some DMA host endian bugs
  usb/combined-packet: Move freeing of combined to usb_combined_packet_remove()
  xhci: Add support for packets with both data and an error status
  ehci: Add support for packets with both data and an error status
  ehci: Get rid of the magical PROC_ERR status
  usb-redir: Allow packets to have both data and an error-status
  usb: split packet result into actual_length + status

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-14 08:50:18 -06:00
Anthony Liguori
bf0dfb69f8 Merge remote-tracking branch 'spice/spice.v63' into staging
* spice/spice.v63:
  spice: fix initialization order
  pflib: unused, remove it.
  spice: switch to pixman
  qxl: call dpy_gfx_resize when entering vga mode
  qxl: fix cursor reset
  hw/qxl: qxl_send_events: nop if stopped
  hw/qxl: guest bug on primary create with stride %4 != 0

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-14 08:49:54 -06:00
Alex Williamson
a771c51703 vfio-pci: Use common msi_get_message
We can get rid of our local version now that a helper exists.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2012-11-13 12:27:40 -07:00
Alex Williamson
e1d1e5867d vfio-pci: Add KVM INTx acceleration
This makes use of the new level irqfd support enabling bypass of qemu
userspace both on INTx injection and unmask.  This significantly
boosts the performance of devices making use of legacy interrupts (ex.
~60% better netperf TCP_RR scores for an e1000e assigned to a Linux
guest and booted with pci=nomsi).  This also avoids flipping mmaps on
and off to simulate EOIs, so greatly improves performance of device
access in addition to interrupt latency.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2012-11-13 12:27:40 -07:00
Paolo Bonzini
dd72fdd062 virtio-scsi: use dma_context_memory
Until address_space_rw was introduced, NULL was accepted as a
placeholder for DMA with no IOMMU (to address_space_memory).

This does not work anymore, and dma_context_memory needs to
be specified explicitly.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-12 16:44:57 +01:00
Peter Maydell
9e11908f12 dma: Define dma_context_memory and use in sysbus-ohci
Define a new global dma_context_memory which is a DMAContext corresponding
to the global address_space_memory AddressSpace. This can be used by
sysbus peripherals like sysbus-ohci which need to do DMA.

In particular, use it in the sysbus-ohci device, which fixes a
segfault when attempting to use that device.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
2012-11-12 16:44:57 +01:00
Hannes Reinecke
4003e24fce megasas: Correct target/lun mapping
The structure to reference a logical drive has an unused field,
which can be used to carry the lun ID. This enabled seabios to
establish the proper target/LUN mapping.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-12 16:42:56 +01:00
Paolo Bonzini
accfeb2dd3 scsi-disk: flush cache after disabling it
SBC says that "if an application client changes the WCE bit from one to
zero via a MODE SELECT command, then the device server shall write
any data in volatile cache to non-volatile medium before completing
the command".

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-12 15:00:27 +01:00
Paolo Bonzini
346a3017ec megasas: do not include block_int.h
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-12 15:00:27 +01:00
Paolo Bonzini
b5232e904f scsi: remove superfluous call to scsi_device_set_ua
Suggested by Laszlo Ersek.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-12 15:00:27 +01:00
Paolo Bonzini
cd41a671b3 virtio-scsi: factor checks for VIRTIO_SCSI_S_DRIVER_OK when reporting events
Suggested by Laszlo Ersek.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-12 15:00:27 +01:00
Paolo Bonzini
c8dcb531bc scsi: do not return short responses for emulated commands
The inquiry command, for the case of VPD=1, was returning short
responses; the number of returned bytes was just the number of bytes
in the request, without padding to the specified allocation length
with zero bytes.  This is usually harmless, but it is a violation
of the SCSI specification.

To fix this, always pad with zero bytes to r->cmd.xfer in
scsi_disk_emulate_command, and return at most r->buflen bytes
(the size of the buffer for command data) rather than at most
buflen bytes (the number of bytes that was filled in).

Before this patch, "strace sg_inq -p0x83 /dev/sda" would report a
non-zero resid value.  After this patch, it reports resid=0.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-12 15:00:27 +01:00
Blue Swirl
e62774c410 sun4c: remove unused functions
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-11-10 13:49:20 +00:00
Blue Swirl
4d4d9b3adb m48t59: remove unused m48t59_set_addr
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-11-10 13:49:20 +00:00
BALATON Zoltan
1f202568e0 vmware_vga: Add back some info in local state partially reverting aa32b38c
Keep saving display surface parameters at init and using these cached
values instead of getting them when needed. Not sure why this is
needed (maybe due to the interaction with the vga device) but not
doing this broke the Xorg vmware driver at least.

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Tested-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-11-10 12:26:48 +00:00
Jan Kiszka
5c61afec86 kvmvapic: Fix TB invalidation after instruction patching
Since 0b57e287, cpu_memory_rw_debug already triggers a TB invalidation.
As it doesn't (and cannot) set is_cpu_write_access=1 but "consumes" the
currently executed TB, the tb_invalidate_phys_page_range call from
patch_instruction didn't work anymore.

Fix this by open-coding the required bits to restore the CPU state from
the current TB position before patching and resume execution on the
patched instruction afterward.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Tested-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-11-10 12:25:17 +00:00
Gerd Hoffmann
9d1530470b ehci: fix migration
Commit 5010d4dc61 reorganized vmstate to
split core + pci, but got two little details wrong.  Fix them.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-09 09:09:34 +01:00
David Gibson
616b5d53ae xhci: Fix some DMA host endian bugs
The xhci device does correct endian switches on the results of some DMAs
but not all.  In particular, there are many DMAs of what are essentially
arrays of 32-bit integers which never get byteswapped.  This causes them
to be interpreted incorrectly on big-endian hosts, since (as per the xhci
spec) these arrays are always little-endian in guest memory.

This patch adds some helper functions to fix these bugs.  This may not be
all the endian bugs in the xhci code, but it's certainly some of them and
the Linux guest xhci driver certainly gets further with these fixes.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-09 08:27:55 +01:00
Hans de Goede
ffd8a97fb3 usb/combined-packet: Move freeing of combined to usb_combined_packet_remove()
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-08 18:41:47 +01:00
Hans de Goede
9b8251c5c4 xhci: Add support for packets with both data and an error status
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-08 18:41:47 +01:00
Hans de Goede
e696b1da42 ehci: Add support for packets with both data and an error status
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-08 18:41:47 +01:00
Hans de Goede
01e26b0ea3 ehci: Get rid of the magical PROC_ERR status
Instead make ehci_execute and ehci_fill_queue return the again value.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-08 18:41:46 +01:00
Hans de Goede
e94ca437ba usb-redir: Allow packets to have both data and an error-status
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-08 18:41:46 +01:00
Hans de Goede
9a77a0f589 usb: split packet result into actual_length + status
Since with the ehci and xhci controllers a single packet can be larger
then maxpacketsize, it is possible for the result of a single packet
to be both having transferred some data as well as the transfer to have
an error.

An example would be an input transfer from a bulk endpoint successfully
receiving 1 or more maxpacketsize packets from the device, followed
by a packet signalling halt.

While already touching all the devices and controllers handle_packet /
handle_data / handle_control code, also change the return type of
these functions to void, solely storing the status in the packet. To
make the code paths for regular versus async packet handling more
uniform.

This patch unfortunately is somewhat invasive, since makeing the qemu
usb core deal with this requires changes everywhere. This patch only
prepares the usb core for this, all the hcd / device changes are done
in such a way that there are no functional changes.

This patch has been tested with uhci and ehci hcds, together with usb-audio,
usb-hid and usb-storage devices, as well as with usb-redir redirection
with a wide variety of real devices.

Note that there is usually no need to directly set packet->actual_length
form devices handle_data callback, as that is done by usb_packet_copy()

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-08 18:41:46 +01:00
Gerd Hoffmann
bdd4df332a spice: fix initialization order
Register displaychangelistener last, after spice is fully initialized,
otherwise we may hit NULL pointer dereferences when qemu starts calling
our callbacks.

Commit e250d949fe triggers this bug.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-05 11:54:49 +01:00
Gerd Hoffmann
e32c25b5f2 qxl: call dpy_gfx_resize when entering vga mode
When entering vga mode the display size likely changes,
notify all displaychangelisteners about this.

Probably went unnoticed for a while as one if the first
things the guest does after leaving qxl native mode and
entering qxl vga mode is to set the vga video mode.  But
there is still a small window where qemu can operate on
stale data, leading to crashes now and then.

https://bugzilla.redhat.com/show_bug.cgi?id=865767

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-05 11:49:22 +01:00
Gerd Hoffmann
958c2bceba qxl: fix cursor reset
When resetting the qxl cursor notify the qemu displaystate too.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-05 11:49:22 +01:00
Alon Levy
511aefb0c6 hw/qxl: qxl_send_events: nop if stopped
Added a trace point for easy logging.

RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=870972

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-05 11:49:22 +01:00
Alon Levy
48f4ba671b hw/qxl: guest bug on primary create with stride %4 != 0
Due to usage of pixman for rendering on all spice surfaces we have
pixman's requirement that the stride be word aligned. A guest not
honoring that can crash spice and qemu with it due to failure to create
a surface (in spice-server). Avoid this early on in primary surface
creation and offscreen surface creation.

Recently windows guests got odd width support which triggers a non word
aligned primary surface in 16bit color depth. Off screen surfaces have
always been word aligned, but doesn't hurt to check them here too.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-05 11:49:21 +01:00
BALATON Zoltan
b51d7b2e10 vmware_vga: Allow simple drivers to work without using the fifo
Postpone stopping the dirty log to the point where the command fifo is
configured to allow drivers which don't use the fifo to work too.
(Without this the picture rendered into the vram never got to the
screen and the DIRECT_VRAM option meant to support this case was
removed a year ago.)

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-11-03 13:26:54 +00:00
BALATON Zoltan
5b9575c8b7 vmware_vga: Return a value for FB_SIZE before the device is enabled
According to the documentation drivers using this device should read
FB_SIZE before enabling the device to know what memory to map. This
would not work if we return 0 before enabled. The docs also mention
reading SVGA_REG_DEPTH but not writing it. (Only SVGA_REG_BITS_PER_PIXEL
can be written but we don't really support that either.)

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-11-03 13:26:53 +00:00
BALATON Zoltan
aa32b38c5b vmware_vga: Remove duplicated info from local state
Removed info from vmsvga_state that is available from elsewhere and
thus was duplicated here unnecessarily.

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-11-03 13:26:52 +00:00
BALATON Zoltan
0d7937974c vmware_vga: Coding style cleanup
Fix coding style as suggested by checkpatch.pl

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-11-03 13:26:51 +00:00
Blue Swirl
ef84755ebb Merge branch 'trivial-patches' of git://github.com/stefanha/qemu
* 'trivial-patches' of git://github.com/stefanha/qemu:
  pc: Drop redundant test for ROM memory region
  exec: make some functions static
  target-ppc: make some functions static
  ppc: add missing static
  vnc: add missing static
  vl.c: add missing static
  target-sparc: make do_unaligned_access static
  m68k: Return semihosting errno values correctly
  cadence_uart: More debug information

Conflicts:
	target-m68k/m68k-semi.c
2012-11-03 12:55:05 +00:00
Gerd Hoffmann
dc63936df7 xenfb: fix build breakage caused by console cleanup series
Console cleanup series renamed dpy_resize and dpy_update all over the
tree, but hw/xenfb.c was forgotten.  Update it too so it builds again.

Reported-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-02 11:12:30 -05:00
Anthony Liguori
de0a36cd01 Merge remote-tracking branch 'kraxel/usb.69' into staging
* kraxel/usb.69: (31 commits)
  usb-redir: Allow redirecting super speed devices to high speed controllers
  usb-redir: Allow to attach USB 2.0 devices to 1.1 host controller
  usb-redir: Use reject rather the disconnect on bad ep info
  usb-redir: Add an usbredir_setup_usb_eps() helper function
  usb-redir: Add support for input pipelining
  usb-redir: Add support for 32 bits bulk packet length
  combined-packet: Add a workaround for Linux usbfs + live migration
  usb: Add packet combining functions
  uhci: Don't crash on device disconnect
  uhci: Add a uhci_handle_td_error() helper function
  usb/ehci-pci: add helper to create ich9 usb controllers
  usb/ehci-pci: add ich9 00:1a.* variant
  usb/ehci-pci: dynamic type generation
  uhci: add ich9 00:1a.* variants
  uhci: stick irq routing info into UHCIInfo too.
  uhci: dynamic type generation
  xilinx_zynq: add USB controllers
  usb/ehci: add sysbus variant
  usb/ehci: split into multiple source files
  usb/ehci: Guard definition of EHCI_DEBUG
  ...

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-01 14:34:13 -05:00
Jan Kiszka
0d3cf3b6ff pc: Drop redundant test for ROM memory region
Just a few lines above, we already initialize rom_memory accordingly.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-11-01 19:50:57 +01:00
Blue Swirl
434482925e ppc: add missing static
Add missing 'static' qualifiers.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-11-01 19:49:45 +01:00
Peter Crosthwaite
2ddef11bed cadence_uart: More debug information
Add more helpful debug information to the cadence UART.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-11-01 19:42:35 +01:00
Anthony Liguori
4ba79505f4 Merge remote-tracking branch 'kraxel/pixman.v3' into staging
* kraxel/pixman.v3: (22 commits)
  pixman: drop obsolete fields from DisplaySurface
  pixman/vnc: remove dead code.
  pixman/vnc: remove rgb_prepare_row* functions
  pixman/vnc: use pixman images in vnc.
  pixman: switch screendump function.
  vga: stop direct access to DisplaySurface fields.
  qxl: stop direct access to DisplaySurface fields.
  console: don't set PixelFormat alpha fields for 32bpp
  console: make qemu_alloc_display static
  pixman: add pixman image to DisplaySurface
  pixman: helper functions
  pixman: windup in configure & makefiles
  pixman: add submodule
  console: remove DisplayAllocator
  console: remove dpy_gfx_fill
  vga: fix text mode updating
  console: init displaychangelisteners on register
  console: untangle gfx & txt updates
  console: s/TextConsole/QemuConsole/
  console: move set_mouse + cursor_define callbacks
  ...

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-01 11:14:39 -05:00
Anthony Liguori
d971919f08 Merge remote-tracking branch 'stefanha/net' into staging
* stefanha/net:
  e1000: pre-initialize RAH/RAL registers
  net: Reject non-netdevs in qmp_netdev_del()
  net: use "socket" model name for UDP sockets
  e1000: drop check_rxov, always treat RX ring with RDH == RDT as empty

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-01 11:13:59 -05:00
Anthony Liguori
5a34dbb559 Merge remote-tracking branch 'bonzini/threadpool' into staging
* bonzini/threadpool: (39 commits)
  raw-win32: implement native asynchronous I/O
  raw-posix: move linux-aio.c to block/
  raw-win32: add emulated AIO support
  raw-posix: rename raw-posix-aio.h, hide unavailable prototypes
  raw: merge posix-aio-compat.c into block/raw-posix.c
  block: switch posix-aio-compat to threadpool
  threadpool: do not take lock in event_notifier_ready
  aio: add generic thread-pool facility
  qemu-thread: add QemuSemaphore
  linux-aio: use event notifiers
  aio: clean up now-unused functions
  main-loop: use aio_notify for qemu_notify_event
  main-loop: use GSource to poll AIO file descriptors
  aio: call aio_notify after setting I/O handlers
  aio: add aio_notify
  aio: make AioContexts GSources
  aio: add Win32 implementation
  aio: prepare for introducing GSource-based dispatch
  aio: add non-blocking variant of aio_wait
  aio: test node->deleted before calling io_flush
  ...

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-01 11:13:39 -05:00
Anthony Liguori
43552994c4 Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
* qemu-kvm/uq/master: (28 commits)
  update-linux-headers.sh: Handle new kernel uapi/ directories
  target-i386: kvm_cpu_fill_host: use GET_SUPPORTED_CPUID
  target-i386: cpu: make -cpu host/check/enforce code KVM-specific
  target-i386: make cpu_x86_fill_host() void
  Emulate qemu-kvms -no-kvm option
  Issue warning when deprecated -tdf option is used
  Issue warning when deprecated drive parameter boot=on|off is used
  Use global properties to emulate -no-kvm-pit-reinjection
  Issue warning when deprecated -no-kvm-pit is used
  Use machine options to emulate -no-kvm-irqchip
  cirrus_vga: allow configurable vram size
  target-i386: Add missing kvm cpuid feature name
  i386: cpu: add missing CPUID[EAX=7,ECX=0] flag names
  i386: kvm: filter CPUID leaf 7 based on GET_SUPPORTED_CPUID, too
  i386: kvm: reformat filter_features_for_kvm() code
  i386: kvm: filter CPUID feature words earlier, on cpu.c
  i386: kvm: mask cpuid_ext4_features bits earlier
  i386: kvm: mask cpuid_kvm_features earlier
  i386: kvm: x2apic is not supported without in-kernel irqchip
  i386: kvm: set CPUID_EXT_TSC_DEADLINE_TIMER on kvm_arch_get_supported_cpuid()
  ...

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-01 11:12:50 -05:00
Anthony Liguori
98c8a73b2e Merge remote-tracking branch 'afaerber/qom-cpu' into staging
* afaerber/qom-cpu: (35 commits)
  target-i386: Pass X86CPU to kvm_handle_halt()
  target-i386: Pass X86CPU to kvm_get_mp_state()
  cpu: Move thread_id to CPUState
  cpus: Pass CPUState to run_on_cpu()
  target-i386: Pass X86CPU to cpu_x86_inject_mce()
  target-i386: Pass X86CPU to kvm_mce_inject()
  cpus: Pass CPUState to [qemu_]cpu_has_work()
  spapr: Pass PowerPCCPU to hypercalls
  spapr: Pass PowerPCCPU to spapr_hypercall()
  target-ppc: Pass PowerPCCPU to cpu_ppc_hypercall
  target-ppc: Pass PowerPCCPU to powerpc_excp()
  xtensa_pic: Pass XtensaCPU to xtensa_ccompare_cb()
  cpus: Pass CPUState to qemu_wait_io_event_common()
  cpus: Pass CPUState to flush_queued_work()
  cpu: Move queued_work_{first,last} to CPUState
  cpus: Pass CPUState to qemu_cpu_kick()
  target-ppc: Rename kvm_kick_{env => cpu} and pass PowerPCCPU
  ppc: Pass PowerPCCPU to {ppc6xx,ppc970,power7,ppc40x,ppce500}_set_irq()
  cpus: Pass CPUState to qemu_tcg_init_vcpu()
  cpus: Pass CPUState to qemu_tcg_cpu_thread_fn
  ...

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-01 11:12:32 -05:00
Peter Maydell
fc53b7d4b7 arm_boot: Change initrd load address to "halfway through RAM"
To avoid continually having to bump the initrd load address
to account for larger kernel images, put the initrd halfway
through RAM. This allows large kernels on new boards with lots
of RAM to work OK, without breaking existing usecases for
boards with only 32MB of RAM.

Note that this change fixes in passing a bug where we were
passing an overly large max_size to load_image_targphys()
for the initrd, which meant that we wouldn't correctly refuse
to load an enormous initrd that didn't actually fit into RAM.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
Tested-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-11-01 17:04:11 +01:00
Aurelien Jarno
46a3f23413 Merge branch 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf
* 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf:
  pseries: Cleanup duplications of ics_valid_irq() code
  pseries: Clean up inconsistent variable name in xics.c
  target-ppc: Extend FPU state for newer POWER CPUs
  target-ppc: Rework storage of VPA registration state
  Revert "PPC: pseries: Remove hack for PIO window"
2012-11-01 16:42:49 +01:00
Aurelien Jarno
735c1eeb85 Merge branch 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm
* 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm: (28 commits)
  hw/sd.c: add SD card save/load support
  vmstate: Add support for saving/loading bitmaps
  hw/sd.c: Fix erase for high capacity cards
  pflash_cfi01: Fix debug mode printfery
  pflash_cfi0x: QOMified
  pflash_cfi01: remove unused total_len field
  pflash_cfi0x: remove unused base field
  hw/versatile_i2c: Use LOG_GUEST_ERROR
  hw/arm_l2x0: Use LOG_GUEST_ERROR
  hw/arm_sysctl: Use LOG_GUEST_ERROR
  hw/armv7m_nvic: Use LOG_GUEST_ERROR and LOG_UNIMP
  hw/arm_timer: Use LOG_GUEST_ERROR and LOG_UNIMP
  hw/arm_gic: Use LOG_GUEST_ERROR
  hw/arm11mpcore: Use LOG_GUEST_ERROR rather than hw_error()
  hw/pl190: Use LOG_UNIMP rather than hw_error()
  hw/pl110: Use LOG_GUEST_ERROR rather than hw_error()
  hw/pl080: Use LOG_GUEST_ERROR and LOG_UNIMP
  hw/pl061: Use LOG_GUEST_ERROR
  hw/pl050: Use LOG_GUEST_ERROR
  hw/exynos4_boards: Don't prematurely explode QEMUMachineInitArgs
  ...
2012-11-01 16:42:29 +01:00
Hans de Goede
95a59dc039 usb-redir: Allow redirecting super speed devices to high speed controllers
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:21:01 +01:00
Jan Kiszka
cdfd3530fa usb-redir: Allow to attach USB 2.0 devices to 1.1 host controller
This follows the logic of host-linux: If a 2.0 device has no ISO
endpoint and no interrupt endpoint with a packet size > 64, we can
attach it also to an 1.1 host controller. In case the redir server does
not report endpoint sizes, play safe and remove the 1.1 compatibility as
well. Moreover, if we detect a conflicting change in the configuration
after the device was already attached, it will be disconnected
immediately.

HdG: Several small cleanups and fixes

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:21:01 +01:00
Hans de Goede
24ac283aa2 usb-redir: Use reject rather the disconnect on bad ep info
So that the client gets a notification about us disconnecting the device.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:21:01 +01:00
Hans de Goede
7e03d17816 usb-redir: Add an usbredir_setup_usb_eps() helper function
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:21:01 +01:00
Hans de Goede
1b36c4d826 usb-redir: Add support for input pipelining
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:20:46 +01:00
Hans de Goede
c19a798133 usb-redir: Add support for 32 bits bulk packet length
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Hans de Goede
579967bea6 combined-packet: Add a workaround for Linux usbfs + live migration
Older versions (anything but the latest) of Linux usbfs + libusb(x),
will submit larger (bulk) transfers split into multiple 16k submissions,
which means that rather then all tds getting linked into the queue in
one atomic operarion they get linked in a bunch at a time, which could
cause problems if:
1) We scan the queue while libusb is in the middle of submitting a split
   bulk transfer
2) While this bulk transfer is pending we migrate to another host.

The problem is that after 2, the new host will rescan the queue and
combine the packets in one large transfer, where as 1) has caused the
original host to see them as 2 transfers. This patch fixes this by stopping
combinging if we detect a 16k transfer with its int_req flag set.

This should not adversely effect performance for other cases as:
1) Linux never sets the interrupt flag on packets other then the last
2) Windows does set the in_req flag on each td, but will submit large
transfers in 20k tds thus never triggering the check

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Hans de Goede
a552a966f1 usb: Add packet combining functions
Currently we only do pipelining for output endpoints, since to properly
support short-not-ok semantics we can only have one outstanding input
packet. Since the ehci and uhci controllers have a limited per td packet
size guests will split large input transfers to into multiple packets,
and since we don't pipeline these, this comes with a serious performance
penalty.

This patch adds helper functions to (re-)combine packets which belong to 1
transfer at the guest device-driver level into 1 large transger. This can be
used by (redirection) usb-devices to enable pipelining for input endpoints.

This patch will combine packets together until a transfer terminating packet
is encountered. A terminating packet is a packet which meets one or more of
the following conditions:
1) The packet size is *not* a multiple of the endpoint max packet size
2) The packet does *not* have its short-not-ok flag set
3) The packet has its interrupt-on-complete flag set

The short-not-ok flag of the combined packet is that of the terminating packet.
Multiple combined packets may be submitted to the device, if the combined
packets do not have their short-not-ok flag set, enabling true pipelining.

If a combined packet does have its short-not-ok flag set the queue will
wait with submitting further packets to the device until that packet has
completed.

Once enabled in the usb-redir and ehci code, this improves the speed (MB/s)
of a Linux guest reading from a USB mass storage device by a factor of
1.2 - 1.5.

And the main reason why I started working on this, when reading from a pl2303
USB<->serial converter, it combines the previous 4 packets submitted per
device-driver level read into 1 big read, reducing the number of packets / sec
by a factor 4, and it allows to have multiple reads outstanding. This allows
for much better latency tolerance without the pl2303's internal buffer
overflowing (which was happening at 115200 bps, without serial flow control).

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Hans de Goede
7f102ebeb5 uhci: Don't crash on device disconnect
My recent uhci cleanup series has introduced a regression, where
qemu sometimes crashes on a device disconnect. The problem is that
the uhci code never checked for a device not / no longer existing, instead
it was relying on usb_handle_packet accepting a NULL device.

But since we now pass usb_handle_packet q->ep->dev, rather then just
a local dev variable, we crash as q->ep == NULL due to the device no longer
existing.

This patch fixes this. Note that this patch also improves over
the old behavior were we would:
1) create a queue for the device
2) create an async for the packet
3) have usb_handle_packet fail
4) destroy the async
5) wait for the queue to be idle for 32 frames
6) destroy the queue

Which was rather sub-optimal.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Hans de Goede
faccca000f uhci: Add a uhci_handle_td_error() helper function
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Gerd Hoffmann
bb4d2b2f0a usb/ehci-pci: add helper to create ich9 usb controllers
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Gerd Hoffmann
ba07630c79 usb/ehci-pci: add ich9 00:1a.* variant
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:58 +01:00
Gerd Hoffmann
df01318777 usb/ehci-pci: dynamic type generation
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:57 +01:00
Gerd Hoffmann
74625ea27c uhci: add ich9 00:1a.* variants
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:57 +01:00
Gerd Hoffmann
8f3f90b0c7 uhci: stick irq routing info into UHCIInfo too.
Kills the ugly "switch (device_id) { ... }" struct and makes it easier
to figure what the differences between the uhci variants are.

Need our own DeviceClass struct for that so we can allocate some space
to store UHCIInfo.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:57 +01:00
Gerd Hoffmann
2c2e852509 uhci: dynamic type generation
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:57 +01:00
Peter Crosthwaite
892776ce02 xilinx_zynq: add USB controllers
Add the two usb controllers in Zynq.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 15:17:57 +01:00
Gerd Hoffmann
b12f32c408 pixman: switch screendump function.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 14:00:04 +01:00
Gerd Hoffmann
1fd2510a37 vga: stop direct access to DisplaySurface fields.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 14:00:04 +01:00
Gerd Hoffmann
b6e9f63711 qxl: stop direct access to DisplaySurface fields.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 14:00:04 +01:00
Gerd Hoffmann
e433785a76 usb/ehci: add sysbus variant
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:10 +01:00
Gerd Hoffmann
0bf96f9457 usb/ehci: split into multiple source files
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:10 +01:00
Peter Crosthwaite
569c7fc840 usb/ehci: Guard definition of EHCI_DEBUG
Guard against re-definition of EHCI_DEBUG. Allows for turning on of debug info
from configure (using --qemu-extra-cflags="-DEHCI_DEBUG=1") rather than source
code hacking.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:10 +01:00
Peter Crosthwaite
5010d4dc61 usb/ehci: seperate out PCIisms
Seperate the PCI stuff from the EHCI components. Extracted the PCIDevice
out into a new wrapper struct to make EHCIState non-PCI-specific. Seperated
tho non PCI init component out into a seperate "common" init function.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:10 +01:00
Peter Crosthwaite
7ae6ce0258 usb/ehci: Abstract away PCI DMA API
Pull the DMAContext for the PCI DMA out at device init time and put it into
the device state. Use dma_memory_read/write() instead of pci specific versions.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Peter Crosthwaite
27a11324e0 usb/ehci: parameterise the register region offsets
The capabilities register and operational register offsets can vary from one
EHCI implementation to the next. Parameterise accordingly.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
0bc85da69e xhci: allow address slot being called multiple times
win8 guests do that for some reason ...

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
4f47f0f82e xhci: add port trace points
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
b62b08282d xhci: set pls in xhci_port_update & xhci_port_reset
Set the port link state to the correct values in xhci_port_update and
xhci_port_reset functions.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
40030130d1 xhci: add xhci_port_reset
Move port reset logic to its own function.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
f705a36280 xhci: add xhci_port_notify
Create a function to notify the guest about port
status changes and put it into use.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
6a32f80f05 xhci: add xhci_port_have_device
Factor out the code which checks whenever a usb device is attached
to the port in question.  No functional change.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
f321402785 xhci: s/xhci_update_port/xhci_port_update/
Rename the function for xhci_port_* naming scheme, also drop
the xhci parameter as port carries a pointer to xhci anyway.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
85e05d825f xhci: add {get,set}_field macros & enum for pls
Add {get,set}_field macros (simliar to ehci) to read and update
some bits of a word.  Put them into use for updating pls (port
link state) values.  Also add a enum for pls values.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:09 +01:00
Gerd Hoffmann
9678aedd8e vga: fix text mode updating
With both text (curses) and graphics (vnc/sdl/spice/...) display active
vga text mode emulation fails to update both correctly.  Depending on
whenever vga_update_text() or vga_draw_text() happens to be called first
only the text display or only the graphics display will see display
resolution changes and full redraws.

Fix it by calling both text/gfx resize functions in both code paths and
keep track of full screen redraws needed in VGACommonState fields.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:06 +01:00
Gerd Hoffmann
a93a4a226a console: untangle gfx & txt updates
Stop abusing displaysurface fields for text mode displays.
(bpp = 0, width = cols, height = lines).

Add flags to displaystate indicating whenever text mode display
(curses) or gfx mode displays (sdl, vnc, ...) are present.

Add separate displaychangelistener callbacks for text / gfx mode
resize & updates.

This allows to enable gfx and txt diplays at the same time and also
paves the way for more cleanups in the future.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:06 +01:00
Gerd Hoffmann
bf2fde70fe console: move set_mouse + cursor_define callbacks
When adding DisplayChangeListeners the set_mouse and cursor_define
callbacks have been left in DisplayState for some reason.  Fix it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:05 +01:00
Gerd Hoffmann
87e487a14b console: QLIST-ify display change listeners.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-01 13:10:05 +01:00
David Gibson
1ecbbab469 pseries: Cleanup duplications of ics_valid_irq() code
A couple of places in xics.c open-coded the same logic as is already
implemented in ics_valid_irq().  This patch fixes the code duplication.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-11-01 13:02:22 +01:00
David Gibson
bf0175de6c pseries: Clean up inconsistent variable name in xics.c
Throughout xics.c 'nr' is used to refer to a global interrupt number, and
'server' is used to refer to an interrupt server number (i.e. CPU number).
Except in icp_set_mfrr(), where 'nr' is used as a server number.  Fix this
confusing inconsistency.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-11-01 13:02:22 +01:00
David Gibson
a3cfa18eb0 Revert "PPC: pseries: Remove hack for PIO window"
This reverts commit a178274efa.

Contrary to that commit's message, the users of old_portio are not all
gone.  In particular VGA still uses it via portio_list_add().

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-11-01 13:02:21 +01:00
Gabriel L. Somlo
372254c6e5 e1000: pre-initialize RAH/RAL registers
Some guest operating systems' drivers (Mac OS X in particular) fail to
properly initialize the Receive Address registers (probably expecting
them to be pre-initialized by an earlier component, such as a specific
proprietary BIOS). This patch pre-initializes the RA registers, allowing
OS X networking to function properly. Other guest operating systems are
not affected, and free to (re)initialize these registers during boot.

[According to the datasheet the Address Valid bits in the RA registers
are cleared on PCI or software reset.  This patch adds the NIC's MAC
address and sets Address Valid on reset.  So we diverge from real
hardware behavior here. -- Stefan]

Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-11-01 12:02:17 +01:00
Dmitry Fleytman
e5b8b0d4ba e1000: drop check_rxov, always treat RX ring with RDH == RDT as empty
Real HW always treats RX ring with RDH == RDT as empty.
Emulation is supposed to behave the same.

Reported-by: Chris Webb <chris.webb@elastichosts.com>
Reported-by: Richard Davies <richard.davies@elastichosts.com>
Signed-off-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-11-01 10:59:59 +01:00
Paolo Bonzini
f563a5d7a8 Merge remote-tracking branch 'origin/master' into threadpool
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-10-31 10:42:51 +01:00
Andreas Färber
f100f0b38f cpus: Pass CPUState to run_on_cpu()
CPUArchState is no longer needed.

Move the declaration to include/qemu/cpu.h and add documentation.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-10-31 04:12:23 +01:00
Andreas Färber
3993c6bddf cpus: Pass CPUState to [qemu_]cpu_has_work()
For target-mips also change the return type to bool.

Make include paths for cpu-qom.h consistent for alpha and unicore32.

Signed-off-by: Andreas Färber <afaerber@suse.de>
[AF: Updated new target-openrisc function accordingly]
Acked-by: Richard Henderson <rth@twiddle.net> (for alpha)
2012-10-31 04:11:37 +01:00
Marcelo Tosatti
19403a68fb cirrus_vga: allow configurable vram size
Allow RAM size to be configurable for cirrus, to allow migration
compatibility from qemu-kvm.

Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2012-10-30 23:39:50 -02:00
Andreas Färber
b13ce26d3e spapr: Pass PowerPCCPU to hypercalls
Needed for changing cpu_has_work() argument type to CPUState,
used in h_cede().

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-10-31 01:02:46 +01:00
Andreas Färber
aa100fa4c9 spapr: Pass PowerPCCPU to spapr_hypercall()
Needed for changing the hypercall handlers' argument type to PowerPCCPU.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-10-31 01:02:45 +01:00
Andreas Färber
1b14670a38 target-ppc: Pass PowerPCCPU to cpu_ppc_hypercall
Adapt emulate_spapr_hypercall() accordingly.

Needed for changing spapr_hypercall() argument type to PowerPCCPU.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-10-31 01:02:45 +01:00
Andreas Färber
79bbf20bca xtensa_pic: Pass XtensaCPU to xtensa_ccompare_cb()
Needed for changing cpu_has_work() argument type to CPUState.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Max Filippov <jcmvbkbc@gmail.com>
2012-10-31 01:02:45 +01:00
Andreas Färber
c08d7424d6 cpus: Pass CPUState to qemu_cpu_kick()
CPUArchState is no longer needed there.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-10-31 01:02:45 +01:00
Andreas Färber
a096124571 ppc: Pass PowerPCCPU to {ppc6xx,ppc970,power7,ppc40x,ppce500}_set_irq()
Needed for changing qemu_cpu_kick() argument type to CPUState and
for moving halted field into CPUState.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-10-31 01:02:45 +01:00
Andreas Färber
f324e7667a cpu: Move stopped field to CPUState
Change its type to bool.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-10-31 01:02:44 +01:00
Andreas Färber
b6444a42c0 ppce500_spin: Store PowerPCCPU in SpinKick
Needed for moving stopped field to CPUState.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-10-31 01:02:44 +01:00
Andreas Färber
60e82579c7 cpus: Pass CPUState to qemu_cpu_is_self()
Change return type to bool, move to include/qemu/cpu.h and
add documentation.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
[AF: Updated new caller qemu_in_vcpu_thread()]
2012-10-31 01:02:39 +01:00
Andreas Färber
e9f9d6b165 target-i386: Pass X86CPU to cpu_x86_load_seg_cache_sipi()
Simplifies the call in apic_sipi() again and needed for moving halted
field to CPUState.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
2012-10-30 22:38:37 +01:00
Andreas Färber
60671e583c apic: Store X86CPU in APICCommonState
Prepares for using a link<> property to connect APIC with CPU and for
changing the CPU APIs to CPUState.

Resolve Coding Style warnings by moving the closing parenthesis of
foreach_apic() macro to next line.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
2012-10-30 22:38:37 +01:00
Andreas Färber
449994eb58 target-i386: Inline APIC cpu_env property setting
This prepares for changing the variable type from void*.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
2012-10-30 22:38:37 +01:00
Igor Mammedov
bdeec80217 target-i386: Initialize APIC at CPU level
(L)APIC is a part of cpu [1] so move APIC initialization inside of
x86_cpu object. Since cpu_model and override flags currently specify
whether APIC should be created or not, APIC creation&initialization is
moved into x86_cpu_apic_init() which is called from x86_cpu_realize().

[1] - all x86 cpus have integrated APIC if we overlook existence of i486,
and it's more convenient to model after majority of them.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-10-30 22:38:37 +01:00
Blue Swirl
742a40229d Merge branch 'qspi.2' of git://developer.petalogix.com/public/qemu
* 'qspi.2' of git://developer.petalogix.com/public/qemu:
  xilinx_zynq: added QSPI controller
  xilinx_spips: Generalised to model QSPI
  m25p80: Support for Quad SPI
2012-10-30 18:35:18 +00:00
Paolo Bonzini
f627aab1cc aio: introduce AioContext, move bottom halves there
Start introducing AioContext, which will let us remove globals from
aio.c/async.c, and introduce multiple I/O threads.

The bottom half functions now take an additional AioContext argument.
A bottom half is created with a specific AioContext that remains the
same throughout the lifetime.  qemu_bh_new is just a wrapper that
uses a global context.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-10-30 09:30:53 +01:00
Igor Mitsyanko
50a5be6c3d hw/sd.c: add SD card save/load support
This patch updates SD card model to support save/load of card's state.

Signed-off-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:12 +00:00
Igor Mitsyanko
f2d189d384 hw/sd.c: Fix erase for high capacity cards
Standard capacity cards SDSC use byte unit address while SDHC and SDXC cards use
block unit address (512 bytes) when setting ERASE_START and ERASE_END with CMD32
and CMD33, we have to account for this.

Signed-off-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:12 +00:00
Peter Crosthwaite
fc5b64d082 pflash_cfi01: Fix debug mode printfery
This DPRINTF was throwing a warning due to a missing cast.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:11 +00:00
Peter Crosthwaite
368a354f02 pflash_cfi0x: QOMified
QOMified the pflash_cfi0x so machine models can connect them up in custom ways.

Kept the pflash_cfi0x_register functions as is. They can still be used to
create a flash straight onto system memory.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:11 +00:00
Peter Crosthwaite
be65f89992 pflash_cfi01: remove unused total_len field
This field is completely unused.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:11 +00:00
Peter Crosthwaite
b7dff23a48 pflash_cfi0x: remove unused base field
This field is completely unused. The base address should also be abstracted
away from the device anyway. Removed.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:11 +00:00
Peter Maydell
5170d661dc hw/versatile_i2c: Use LOG_GUEST_ERROR
Use LOG_GUEST_ERROR to report bad guest accesses.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:11 +00:00
Peter Maydell
a35d4e4223 hw/arm_l2x0: Use LOG_GUEST_ERROR
Use LOG_GUEST_ERROR to report bad guest accesses.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:10 +00:00
Peter Maydell
0c896f0662 hw/arm_sysctl: Use LOG_GUEST_ERROR
Use LOG_GUEST_ERROR to report bad guest accesses.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:10 +00:00
Peter Maydell
e72e3ffc3d hw/armv7m_nvic: Use LOG_GUEST_ERROR and LOG_UNIMP
Use LOG_GUEST_ERROR and LOG_UNIMP rather than hw_error() where
appropriate.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:10 +00:00
Peter Maydell
edb94a41e3 hw/arm_timer: Use LOG_GUEST_ERROR and LOG_UNIMP
Use LOG_GUEST_ERROR to report guest accesses to bad register
offsets, and LOG_UNIMP for access to the unimplemented
test registers.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:10 +00:00
Peter Maydell
8c8dc39fa6 hw/arm_gic: Use LOG_GUEST_ERROR
Use LOG_GUEST_ERROR to report guest accesses to bad offsets.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:10 +00:00
Peter Maydell
f9fe7bdad8 hw/arm11mpcore: Use LOG_GUEST_ERROR rather than hw_error()
Use LOG_GUEST_ERROR to report guest accesses to bad offsets.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:09 +00:00
Peter Maydell
2d746989bf hw/pl190: Use LOG_UNIMP rather than hw_error()
Use LOG_UNIMP to report attempts to use the unimplemented test mode.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:09 +00:00
Peter Maydell
375cb56029 hw/pl110: Use LOG_GUEST_ERROR rather than hw_error()
Use LOG_GUEST_ERROR to report guest accesses to invalid register
offsets.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:09 +00:00
Peter Maydell
df37416218 hw/pl080: Use LOG_GUEST_ERROR and LOG_UNIMP
Use LOG_GUEST_ERROR and LOG_UNIMP in preference to hw_error().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:09 +00:00
Peter Maydell
abff909c94 hw/pl061: Use LOG_GUEST_ERROR
Use LOG_GUEST_ERROR to report guest attempts to access bad register offsets.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:09 +00:00
Peter Maydell
fbfecf43e9 hw/pl050: Use LOG_GUEST_ERROR
Use LOG_GUEST_ERROR for reporting guest attempts to access invalid register
offsets.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:08 +00:00
Peter Maydell
7f0f774003 hw/exynos4_boards: Don't prematurely explode QEMUMachineInitArgs
Don't explode QEMUMachineInitArgs before passing it to
exynos4_boards_init_common().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:08 +00:00
Peter Maydell
6efa6d5038 hw/mainstone: Don't prematurely explode QEMUMachineInitArgs
Don't explode QEMUMachineInitArgs before passing it to mainstone_init().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:08 +00:00
Peter Maydell
462b69bba3 hw/nseries: Don't prematurely explode QEMUMachineInitArgs
Don't explode QEMUMachineInitArgs before passing it to n8x0_init().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:08 +00:00
Peter Maydell
6952625da8 hw/omap_sx1: Don't prematurely explode QEMUMachineInitArgs
Don't explode QEMUMachineInitArgs before passing it to the
omap_sx1 common init function.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:08 +00:00
Peter Maydell
72a9f5b7c3 hw/spitz: Don't prematurely explode QEMUMachineInitArgs
Don't explode QEMUMachineInitArgs before calling common init function.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:07 +00:00
Peter Maydell
1b523b5bfc hw/versatilepb: Don't prematurely explode QEMUMachineInitArgs
Don't explode QEMUMachineInitArgs before passing it to the common
versatile init function.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:07 +00:00
Peter Maydell
db4ff6f111 hw/realview.c: Don't prematurely explode QEMUMachineInitArgs
Don't explode QEMUMachineInitArgs in every realview init
function; just pass it to the common realview_init() code
instead.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:07 +00:00
Peter Maydell
f3cdbc329f hw/vexpress.c: Don't prematurely explode QEMUMachineInitArgs
Don't explode QEMUMachineInitArgs before passing it to the vexpress
common init function.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-30 07:45:07 +00:00