Commit Graph

10790 Commits

Author SHA1 Message Date
Alexey Kardashevskiy
8ffe04ed2e xics: move reset and cpu_setup
This simple change makes following patches nicer.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-10-25 23:25:46 +02:00
Alexey Kardashevskiy
4fe822e075 spapr-rtas: fix h_rtas parameters reading
On the real hardware, RTAS is called in real mode and therefore
top 4 bits of the address passed in the call are ignored.
So does the patch.

This converts h_rtas() to use existing rtas_ld() handlers.

This fixed rtas_ld()/rtas_st() to ignore top 4 bits.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-10-25 23:25:46 +02:00
Alexey Kardashevskiy
dcb861cb88 spapr: Add ibm, purr property on power7 and newer
PAPR+ says that no "ibm,purr" tells the guest that H_PURR is not
supported. However some guests still try calling H_PURR on POWER7 unless
the property is present and equal to 0. This adds the property for CPUs
supporting the PURR special register.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-10-25 23:25:46 +02:00
Alexey Kardashevskiy
3bf6eedd4b spapr: increase temporary fdt buffer size
At the moment the size of the buffer is set to 64K which is
enough for approximately 150 VCPUs which is not the limit.

This increases the buffer up to 256K which allows having
a tree for approximately 600 VCPUs which is way beyond the real
number we need.

As only the real size of the tree is copied to the guest, there
will be no impact on existing configurations.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-10-25 23:25:46 +02:00
Benjamin Herrenschmidt
16457e7f4a pseries: Fix loading of little endian kernels
Try loading the kernel as little endian if it fails big endian.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-10-25 23:25:45 +02:00
Edgar E. Iglesias
ec426ff808 hw/microblaze: Add support for loading initrd images
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-10-24 22:56:48 +02:00
Edgar E. Iglesias
d0b022a0e9 hw/microblaze: Indentation cleanups
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-10-24 22:32:56 +02:00
Hans de Goede
c90daa1c10 usb-hcd-xhci: Update endpoint context dequeue pointer for streams too
With streams the endpoint context dequeue pointer should point to the
dequeue value for the currently active stream.

At least Linux guests expect it to point to value set by an set_ep_dequeue
upon completion of the set_ep_dequeue (before kicking the ep).

Otherwise the Linux kernel will complain (and things won't work):

xhci_hcd 0000:00:05.0: Mismatch between completed Set TR Deq Ptr command & xHCI internal state.
xhci_hcd 0000:00:05.0: ep deq seg = ffff8800366f0880, deq ptr = ffff8800366ec010

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-10-22 16:28:49 +02:00
Hans de Goede
582d6f4aba usb-hcd-xhci: Report completion of active transfer with CC_STOPPED on ep stop
As we should per the XHCI spec "4.6.9 Stop Endpoint".

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-10-22 16:28:49 +02:00
Hans de Goede
8de1838afe usb-hcd-xhci: Remove unused cancelled member from XHCITransfer
Since qemu's USB model is geared towards emulated devices cancellation
is instanteneous, so no need to wait for cancellation to complete, as
such there is no wait for cancellation code, and the cancelled bool
as well as the bogus comment about it can be removed.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-10-22 16:28:49 +02:00
Hans de Goede
946ff2c0c3 usb-hcd-xhci: Remove unused sstreamsm member from XHCIStreamContext
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-10-22 16:28:49 +02:00
Hans de Goede
f34d5c7508 usb-host-libusb: Detach kernel drivers earlier
If we detach the kernel drivers on the first set_config, then they will
be still attached when the device gets its initial reset. Causing the drivers
to re-initialize the device after the reset, dirtying the device state.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-10-22 16:28:49 +02:00
Hans de Goede
1294ca797c usb-host-libusb: Configuration 0 may be a valid configuration
Quoting from: linux/Documentation/ABI/stable/sysfs-bus-usb:

	Note that some devices, in violation of the USB spec, have a
	configuration with a value equal to 0. Writing 0 to
	bConfigurationValue for these devices will install that
	configuration, rather then unconfigure the device.

So don't compare the configuration value against 0 to check for unconfigured
devices, instead check for a LIBUSB_ERROR_NOT_FOUND return from
libusb_get_active_config_descriptor().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-10-22 16:28:49 +02:00
Hans de Goede
5af35d7fec usb-host-libusb: Fix reset handling
The guest will issue an initial device reset when the device is attached, but
since the current usb-host-libusb code only actually does the reset when
udev->configuration != 0, and on attach the device is not yet configured,
the reset gets ignored. This means that the device gets passed to the guest
in an unknown state, which is not good.

The udev->configuration check is there because of the release / claim
interfaces done around the libusb_device_reset call, but these are not
necessary. If interfaces are claimed when libusb_device_reset gets called
libusb will release + reclaim them itself.

The usb_host_ep_update call also is not necessary. If the reset succeeds the
original config and interface alt settings will be restored.

Last if the reset fails, that means the device has either disconnected or
morphed into an another device and has been completely re-enumerated,
so it is treated by the host as a new device and our handle is invalid,
so on reset failure we need to call usb_host_nodev().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-10-22 16:28:48 +02:00
Anthony Liguori
fc8ead7467 Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
# By Paolo Bonzini (2) and Jan Kiszka (1)
# Via Gleb Natapov
* qemu-kvm/uq/master:
  kvmvapic: Prevent reading beyond the end of guest RAM
  x86: cpuid: reconstruct leaf 0Dh data
  x86: fix migration from pre-version 12

Message-id: 1382108641-4862-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-10-18 10:03:24 -07:00
Anthony Liguori
3551643eb7 Merge remote-tracking branch 'stefanha/net' into staging
# By Amos Kong
# Via Stefan Hajnoczi
* stefanha/net:
  net/rtl8139: update network information when macaddr is changed in guest
  net/e1000: update network information when macaddr is changed in guest
  net: update nic info during device reset

Message-id: 1382103314-21608-1-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-10-18 10:02:48 -07:00
Anthony Liguori
1da9772d83 Merge remote-tracking branch 'stefanha/block' into staging
# By Fam Zheng (3) and others
# Via Stefan Hajnoczi
* stefanha/block:
  vmdk: fix VMFS extent parsing
  vmdk: Only read cid from image file when opening
  virtio: Remove unneeded memcpy
  block/raw-win32: Always use -errno in hdev_open
  blockdev: fix cdrom read_only flag
  sd: Avoid access to NULL BlockDriverState
  hmp: drop bogus "[not inserted]"

Message-id: 1382105915-27735-1-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-10-18 10:02:14 -07:00
Anthony Liguori
989644915c Merge remote-tracking branch 'bonzini/iommu-for-anthony' into staging
# By Paolo Bonzini (10) and others
# Via Paolo Bonzini
* bonzini/iommu-for-anthony:
  exec: remove qemu_safe_ram_ptr
  icount: make it thread-safe
  icount: document (future) locking rules for icount
  icount: prepare the code for future races in calling qemu_clock_warp
  icount: reorganize icount_warp_rt
  icount: use cpu_get_icount() directly
  timer: add timer_mod_anticipate and timer_mod_anticipate_ns
  timer: extract timer_mod_ns_locked and timerlist_rearm
  timer: make qemu_clock_enable sync between disable and timer's cb
  qemu-thread: add QemuEvent
  timer: protect timers_state's clock with seqlock
  seqlock: introduce read-write seqlock
  vga: Mark relevant portio lists regions as coalesced MMIO flushing
  cirrus: Mark vga io region as coalesced MMIO flushing
  portio: Allow to mark portio lists as coalesced MMIO flushing
  compatfd: switch to QemuThread
  memory: fix 128 arithmetic in info mtree

Message-id: 1382024935-28297-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-10-18 10:01:49 -07:00
Anthony Liguori
1cb9b64df3 Merge remote-tracking branch 'bonzini/configure' into staging
# By Peter Maydell (3) and Ákos Kovács (2)
# Via Paolo Bonzini
* bonzini/configure:
  ui/Makefile.objs: delete unnecessary cocoa.o dependency
  default-configs/: CONFIG_GDBSTUB_XML removed
  Makefile.target: CONFIG_NO_* variables removed
  rules.mak: New string testing functions
  rules.mak: New logical functions for handling y/n values
2013-10-18 10:01:37 -07:00
Amos Kong
23c37c37f0 net/rtl8139: update network information when macaddr is changed in guest
rtl8139 has same problem as e1000, nic info isn't updated when macaddr
is changed in guest.

This patch updates the nic info when the last bit of macaddr is written.

Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-10-18 13:28:09 +02:00
Amos Kong
7c36507c2b net/e1000: update network information when macaddr is changed in guest
If we change macaddr in guest by 'ifconfig eth0 hw ether 12:12:12:34:35:36',
the mac register of e1000 is already updated, but we don't update
network information in qemu. Therefor, the information in monitor
is wrong.

This patch updates nic info when the second part of macaddr is written.

Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-10-18 13:28:09 +02:00
Amos Kong
655d3b63b0 net: update nic info during device reset
macaddr is reset during device reset, but nic info
isn't updated, this problem exists in e1000 & rtl8139

Signed-off-by: Amos Kong <akong@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-10-18 13:28:09 +02:00
Stefan Weil
b432779a9f virtio: Remove unneeded memcpy
Report from valgrind:

==19521== Source and destination overlap in memcpy(0x31d38938, 0x31d38938, 64)
==19521==    at 0x4A0A343: memcpy@@GLIBC_2.14 (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==19521==    by 0x42774E: virtio_blk_device_init (virtio-blk.c:686)
==19521==    by 0x46EE9E: virtio_device_init (virtio.c:1158)
==19521==    by 0x25405E: device_realize (qdev.c:178)
==19521==    by 0x2559B5: device_set_realized (qdev.c:699)
==19521==    by 0x3A819B: property_set_bool (object.c:1315)
==19521==    by 0x3A6CE0: object_property_set (object.c:803)

Valgrind is right: blk == &s->blks, so it is a memcpy of 64 byte with
source == destination which can be removed.

Reported-by: Dave Airlie <airlied@gmail.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-10-18 13:02:57 +02:00
Jan Kiszka
c46860ea53 vga: Mark relevant portio lists regions as coalesced MMIO flushing
This allows to remove the explicit qemu_flush_coalesced_mmio_buffer
calls.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-10-17 17:24:15 +02:00
Jan Kiszka
eb25a1d9d4 cirrus: Mark vga io region as coalesced MMIO flushing
This allows to remove the explicit qemu_flush_coalesced_mmio_buffer
calls - the memory core will invoke them now.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-10-17 17:24:15 +02:00
Gerd Hoffmann
0624c7f916 e820: pass high memory too.
We have a fw_cfg entry to pass e820 entries from qemu to the firmware.
Today it's used to pass reservations only.  This patch makes qemu pass
entries for RAM too.

This allows to pass RAM sizes larger than 1TB to the firmware and it
will also allow to pass non-contignous memory ramges should we decide
to implement that some day, say for our virtual numa nodes.

Obviously this needs some extra care to not break existing firware.

SeaBIOS loads the entries and happily adds them without looking at the
type.  Which is problematic for memory below 4g as this will overwrite
reservations added for bios memory etc.  For memory above 4g it works
just fine, seabios will merge the entry derived from cmos with the one
loaded from fw_cfg.

OVMF doesn't look at the fw_cfg e820 table.
coreboot doesn't look at the fw_cfg e820 table.

Cc: Andrea Arcangeli <aarcange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-By: Igor Mammedov <imammedo@redhat.com>
2013-10-17 13:06:11 +02:00
Gerd Hoffmann
9fa032866d spice: fix multihead support
This patch fixes spice display initialization to handle
multihead properly.

spice-core now keeps track of which QemuConsole has a spice
display channel attached to it and which has not.  It also
manages display channel ids.

spice-display looks at all QemuConsoles and will pick up any
graphic console not yet bound to a spice channel (which in practice
are all non-qxl graphic devices).

Result is that
 (a) you'll get a spice client window for each graphical device
     now (first only without this patch), and
 (b) mixing qxl and non-qxl vga cards works properly.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-10-17 12:42:54 +02:00
Marc-André Lureau
26defe81f6 spice: replace use of deprecated API
hose API are deprecated since 0.11, and qemu depends on 0.12 already.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-10-17 12:25:25 +02:00
Andreas Färber
794cbc26eb sd: Avoid access to NULL BlockDriverState
Commit 4f8a066b5f (blockdev: Remove IF_*
check for read-only blockdev_init) added a usage of bdrv_is_read_only()
to sd_init(), which is called for versatilepb, versatileab and
xilinx-zynq-a9 machines among others with NULL argument by default,
causing the new qom-test to fail.

Add a check to prevent this.

Suggested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-10-17 10:15:18 +02:00
Ákos Kovács
cf01ba9eef Makefile.target: CONFIG_NO_* variables removed
CONFIG_NO_* variables replaced with the lnot logical function

Signed-off-by: Ákos Kovács <akoskovacs@gmx.com>
[PMM: fixed a few CONFIG_NO_* uses that were missed]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-10-16 18:21:00 +02:00
Anthony Liguori
08683cb532 vfio-pci updates include:
- Forgotten MSI affinity patch posted several months ago
  - Lazy option ROM loading to delay load until after device/bus resets
  - Error reporting cleanups
  - PCI hot reset support introduced with Linux v3.12 development kernels
  - Debug build fix for int128
 
 The lazy ROM loading and hot reset should help VGA assignment as we can
 now do a bus reset when there are multiple devices on the bus, ex.
 multi-function graphics and audio cards.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.14 (GNU/Linux)
 
 iQIcBAABAgAGBQJSVvFfAAoJECObm247sIsiouoP/iQELtqRd3YwkzXy+DgIrcXu
 DdA9egGx2ECvjeDm5ekhvqRDv5U4mVeZZ9z6r/bEwQKqHB62zxU8DkRj7+wUTY7j
 AqmfqHq9EbhnPfuXcC05WTdXdhhR9Md08SuC+BKzWvQ3GNUAh1npBFzYPM7XAPfE
 Xlld/6tjs/48F4k32+pTebyIooXRvEUnE1kkZED3eaZ/94jQcch0nWhEZk+RvmT4
 3HCngMfwu3VWv32q65zWLLwnBhW3On8y8B6GWhQBkFCVD/MO+rpVS6MGt2/8+U0S
 PIBkmk5smMIlBjsQHFAgjVGWWdaMFf81rOK9NyWwmjyvDRPXsYS6tcMGrU2acAOX
 EkP5RcRzUwx9WqjEMAssU2NRHhJzpeAf0cqpD8QH2/xncjc4P05jLqpndI+SWvLw
 bmWxJb/hWna/K4RA94hvcoggDm1/T79u9PR2CvNJyUm+5zD/GWaSb32i8M+7JUe8
 oipeaohUhcMo+kruEP/ZMH3UNUuV4p29qq5Cen4fo2CJCcEpwdjN5phHk7+7gGxR
 IYOWcoAhk5gJG+JYJVtiPux+gholYb0CSnWcdrdXPam7bF5F8ddj7an4NIutpadD
 +3+9lPlHmpZAiVxvyCOz4boOx8OEBvj5shsfKo3NvFJ3ajdbFV4giW56SOTC5Ayz
 lCwOr6EInv4W4siaAMnM
 =SyvS
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'awilliam/tags/vfio-pci-for-qemu-20131010.0' into staging

vfio-pci updates include:
 - Forgotten MSI affinity patch posted several months ago
 - Lazy option ROM loading to delay load until after device/bus resets
 - Error reporting cleanups
 - PCI hot reset support introduced with Linux v3.12 development kernels
 - Debug build fix for int128

The lazy ROM loading and hot reset should help VGA assignment as we can
now do a bus reset when there are multiple devices on the bus, ex.
multi-function graphics and audio cards.

# gpg: Signature made Thu 10 Oct 2013 11:26:39 AM PDT using RSA key ID 3BB08B22
# gpg: Can't check signature: public key not found

# By Alex Williamson (7) and Alexey Kardashevskiy (1)
# Via Alex Williamson
* awilliam/tags/vfio-pci-for-qemu-20131010.0:
  vfio-pci: Fix endian issues in vfio_pci_size_rom()
  vfio-pci: Add dummy PCI ROM write accessor
  vfio: Fix debug output for int128 values
  vfio-pci: Implement PCI hot reset
  vfio-pci: Cleanup error_reports
  vfio-pci: Lazy PCI option ROM loading
  vfio-pci: Test device reset capabilities
  vfio-pci: Add support for MSI affinity

Message-id: 20131010184122.31667.28382.stgit@bling.home
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-10-14 09:14:30 -07:00
Michael S. Tsirkin
742f5d2ed5 ssdt-proc: update generated file
Update generated ssdt proc hex file (used for systems
lacking IASL) after P_BLK length change.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:57 +03:00
Michael S. Tsirkin
6ec80ef150 ssdt: fix PBLK length
We don't really support CPU throttling, so supply 0 PBLK length.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:57 +03:00
Michael S. Tsirkin
72c194f7e7 i386: ACPI table generation code from seabios
This adds C code for generating ACPI tables at runtime,
imported from seabios git tree
    commit 51684b7ced75fb76776e8ee84833fcfb6ecf12dd

Although ACPI tables come from a system BIOS on real hw,
it makes sense that the ACPI tables are coupled with the
virtual machine, since they have to abstract the x86 machine to
the OS's.

This is widely desired as a way to avoid the churn
and proliferation of QEMU-specific interfaces
associated with ACPI tables in bios code.

Notes:
As BIOS can reprogram devices prior to loading
ACPI tables, we pre-format ACPI tables but defer loading
hardware configuration there until tables are loaded.

The code structure was intentionally kept as close
to the seabios original as possible, to simplify
comparison and making sure we didn't lose anything
in translation.

Minor code duplication results, to help ensure there are no functional
regressions, I think it's better to merge it like this and do more code
changes in follow-up patches.

Cross-version compatibility concerns have been addressed:
    ACPI tables are exposed to guest as FW_CFG entries.
    When running with -M 1.5 and older, this patch disables ACPI
    table generation, and doesn't expose ACPI
    tables to guest.

    As table content is likely to change over time,
    the following measures are taken to simplify
    cross-version migration:
    - All tables besides the RSDP are packed in a single FW CFG entry.
      This entry size is currently 23K. We round it up to 64K
      to avoid too much churn there.
    - Tables are placed in special ROM blob (not mapped into guest memory)
      which is automatically migrated together with the guest, same
      as BIOS code.
    - Offsets where hardware configuration is loaded in ACPI tables
      are also migrated, this is in case future ACPI changes make us
      rearrange the tables in memory.

This patch reuses some code from SeaBIOS, which was originally under
LGPLv2 and then relicensed to GPLv3 or LGPLv3, in QEMU under GPLv2+. This
relicensing has been acked by all contributors that had contributed to the
code since the v2->v3 relicense. ACKs approving the v2+ relicensing are
listed below. The list might include ACKs from people not holding
copyright on any parts of the reused code, but it's better to err on the
side of caution and include them.

Affected SeaBIOS files (GPLv2+ license headers added)
<http://thread.gmane.org/gmane.comp.bios.coreboot.seabios/5949>:

 src/acpi-dsdt-cpu-hotplug.dsl
 src/acpi-dsdt-dbug.dsl
 src/acpi-dsdt-hpet.dsl
 src/acpi-dsdt-isa.dsl
 src/acpi-dsdt-pci-crs.dsl
 src/acpi.c
 src/acpi.h
 src/ssdt-misc.dsl
 src/ssdt-pcihp.dsl
 src/ssdt-proc.dsl
 tools/acpi_extract.py
 tools/acpi_extract_preprocess.py

Each one of the listed people agreed to the following:

> If you allow the use of your contribution in QEMU under the
> terms of GPLv2 or later as proposed by this patch,
> please respond to this mail including the line:
>
> Acked-by: Name <email address>

  Acked-by: Gerd Hoffmann <kraxel@redhat.com>
  Acked-by: Jan Kiszka <jan.kiszka@siemens.com>
  Acked-by: Jason Baron <jbaron@akamai.com>
  Acked-by: David Woodhouse <David.Woodhouse@intel.com>
  Acked-by: Gleb Natapov <gleb@redhat.com>
  Acked-by: Marcelo Tosatti <mtosatti@redhat.com>
  Acked-by: Dave Frodin <dave.frodin@se-eng.com>
  Acked-by: Paolo Bonzini <pbonzini@redhat.com>
  Acked-by: Kevin O'Connor <kevin@koconnor.net>
  Acked-by: Laszlo Ersek <lersek@redhat.com>
  Acked-by: Kenji Kaneshige <kaneshige.kenji@jp.fujitsu.com>
  Acked-by: Isaku Yamahata <yamahata@valinux.co.jp>
  Acked-by: Magnus Christensson <magnus.christensson@intel.com>
  Acked-by: Hu Tao <hutao@cn.fujitsu.com>
  Acked-by: Eduardo Habkost <ehabkost@redhat.com>

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:57 +03:00
Michael S. Tsirkin
1a4b2666df pc: use new api to add builtin tables
At this point the only builtin table we have is
the DSDT used for Q35.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:57 +03:00
Michael S. Tsirkin
60de1163d5 acpi: add interface to access user-installed tables
Also add a new API to install builtin tables, so
that we can distinguish between the two.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:53 +03:00
Michael S. Tsirkin
64e9df8d34 hpet: add API to find it
Add API to find HPET using QOM.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:52 +03:00
Michael S. Tsirkin
309cd62d6b pvpanic: add API to access io port
Add API to find pvpanic device and get its io port.
Will be used to fill in guest info structure.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:52 +03:00
Michael S. Tsirkin
6f1426ab0f ich9: APIs for pc guest info
This adds APIs that will be used to fill in
acpi tables, implemented using QOM,
to various ich9 components.
Some information is still missing in QOM,
so we fall back on lookups by type instead.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:52 +03:00
Michael S. Tsirkin
277e9340e6 piix: APIs for pc guest info
This adds APIs that will be used to fill in guest acpi tables.
Some required information is still lacking in QOM, so we
fall back on lookups by type and returning explicit types.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:52 +03:00
Michael S. Tsirkin
f854ecc799 acpi/piix: add macros for acpi property names
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:52 +03:00
Michael S. Tsirkin
b20c9bd5f6 i386: define pc guest info
This defines a structure that will be used to fill in acpi tables
where relevant properties are not yet available using QOM.

Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:52 +03:00
Michael S. Tsirkin
d916b46494 loader: allow adding ROMs in done callbacks
Don't abort if machine done callbacks add ROMs.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:52 +03:00
Michael S. Tsirkin
bc70232918 i386: add bios linker/loader
This adds a dynamic bios linker/loader.
This will be used by acpi table generation
code to:
    - load each table in the appropriate memory segment
    - link tables to each other
    - fix up checksums after said linking

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:52 +03:00
Michael S. Tsirkin
35c12e60c8 loader: use file path size from fw_cfg.h
Avoid a bit of code duplication, make
max file path constant reusable.

Suggested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:52 +03:00
Michael S. Tsirkin
544d2bfa84 acpi: ssdt pcihp: updat generated file
update generated file, not sure what changed

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:52 +03:00
Michael S. Tsirkin
d512d0d723 acpi: pre-compiled ASL files
Add pre-compiled ASL files. Useful for systems that
do not have IASL.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:51 +03:00
Michael S. Tsirkin
a31a864273 acpi: add rules to compile ASL source
Detect presence of IASL compiler and use it
to process ASL source. If not there, use pre-compiled
files in-tree. Add script to update the in-tree files.

Note: distros are known to silently update iasl
so detect correct iasl flags for the installed version on each run as
opposed to at configure time.

Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:51 +03:00
Michael S. Tsirkin
74523b8501 i386: add ACPI table files from seabios
This adds ASL code as well as scripts for processing it,
imported from seabios git tree
commit 51684b7ced75fb76776e8ee84833fcfb6ecf12dd

Will be used for runtime acpi table generation.

Note:
This patch reuses some code from SeaBIOS, which was originally under
LGPLv2 and then relicensed to GPLv3 or LGPLv3, in QEMU under GPLv2+. This
relicensing has been acked by all contributors that had contributed to the
code since the v2->v3 relicense. ACKs approving the v2+ relicensing are
listed below. The list might include ACKs from people not holding
copyright on any parts of the reused code, but it's better to err on the
side of caution and include them.

Affected SeaBIOS files (GPLv2+ license headers added)
<http://thread.gmane.org/gmane.comp.bios.coreboot.seabios/5949>:

 src/acpi-dsdt-cpu-hotplug.dsl
 src/acpi-dsdt-dbug.dsl
 src/acpi-dsdt-hpet.dsl
 src/acpi-dsdt-isa.dsl
 src/acpi-dsdt-pci-crs.dsl
 src/acpi.c
 src/acpi.h
 src/ssdt-misc.dsl
 src/ssdt-pcihp.dsl
 src/ssdt-proc.dsl
 tools/acpi_extract.py
 tools/acpi_extract_preprocess.py

Each one of the listed people agreed to the following:

> If you allow the use of your contribution in QEMU under the
> terms of GPLv2 or later as proposed by this patch,
> please respond to this mail including the line:
>
> Acked-by: Name <email address>

  Acked-by: Gerd Hoffmann <kraxel@redhat.com>
  Acked-by: Jan Kiszka <jan.kiszka@siemens.com>
  Acked-by: Jason Baron <jbaron@akamai.com>
  Acked-by: David Woodhouse <David.Woodhouse@intel.com>
  Acked-by: Gleb Natapov <gleb@redhat.com>
  Acked-by: Marcelo Tosatti <mtosatti@redhat.com>
  Acked-by: Dave Frodin <dave.frodin@se-eng.com>
  Acked-by: Paolo Bonzini <pbonzini@redhat.com>
  Acked-by: Kevin O'Connor <kevin@koconnor.net>
  Acked-by: Laszlo Ersek <lersek@redhat.com>
  Acked-by: Kenji Kaneshige <kaneshige.kenji@jp.fujitsu.com>
  Acked-by: Isaku Yamahata <yamahata@valinux.co.jp>
  Acked-by: Magnus Christensson <magnus.christensson@intel.com>
  Acked-by: Hu Tao <hutao@cn.fujitsu.com>
  Acked-by: Eduardo Habkost <ehabkost@redhat.com>

Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Hu Tao <hutao@cn.fujitsu.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:51 +03:00
Michael S. Tsirkin
cbcaf79e3c q35: expose mmcfg size as a property
Address is already exposed, expose size for symmetry.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:51 +03:00
Michael S. Tsirkin
87f65245db q35: use macro for MCFG property name
Useful to make it accessible through QOM.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:51 +03:00
Michael S. Tsirkin
6f6d282330 pcie_host: expose address format
Callers pass in the address so it's helpful for
them to be able to decode it.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:51 +03:00
Michael S. Tsirkin
079e3e7012 pcie_host: expose UNMAPPED macro
Make it possible to test unmapped status through QMP.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:51 +03:00
Michael S. Tsirkin
48354cc5a3 loader: support for unmapped ROM blobs
Support ROM blobs not mapped into guest memory:
same as ROM files really but use caller's buffer.

Support invoking callback on access and
return memory pointer making it easier
for caller to update memory if necessary.

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:51 +03:00
Michael S. Tsirkin
d87072ceec fw_cfg: interface to trigger callback on read
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:51 +03:00
Michael S. Tsirkin
77d6f4ea76 pci: fix up w64 size calculation helper
BAR base was calculated incorrectly.
Use existing pci_bar_address to get it right.

Tested-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:48:45 +03:00
Marcel Apfelbaum
c31d04b516 hw/pci: removed irq field from PCIDevice
Instead of exposing the the irq field,
pci wrappers to qemu_set_irq or qemu_irq_*
can be used.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:11:45 +03:00
Marcel Apfelbaum
5a03e708f2 hw/pcie: AER and hot-plug events must use device's interrupt
The fields hpev_intx and aer_intx were removed because
both AER and hot-plug events must use device's interrupt.
Assert/deassert interrupts using pci irq wrappers instead.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:11:45 +03:00
Marcel Apfelbaum
9e64f8a3fc hw: set interrupts using pci irq wrappers
pci_set_irq and the other pci irq wrappers use
PCI_INTERRUPT_PIN config register to compute device
INTx pin to assert/deassert.

An irq is allocated using pci_allocate_irq wrapper
only if is needed by non pci devices.

Removed irq related fields from state if not used anymore.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:11:45 +03:00
Marcel Apfelbaum
68919cace8 hw/vfio: set interrupts using pci irq wrappers
pci_set_irq and the other pci irq wrappers use
PCI_INTERRUPT_PIN config register to compute device
INTx pin to assert/deassert.

save INTX pin into the config register before calling
pci_set_irq

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:11:45 +03:00
Marcel Apfelbaum
4c89e3e593 hw/vmxnet3: set interrupts using pci irq wrappers
pci_set_irq uses PCI_INTERRUPT_PIN config register
to compute device INTx pin to assert/deassert.

An assert is used to ensure that intx received
from the quest OS corresponds to PCI_INTERRUPT_PIN.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:11:45 +03:00
Marcel Apfelbaum
c008ac0c1c hw/pci-bridge: set PCI_INTERRUPT_PIN register before shpc init
The PCI_INTERRUPT_PIN will be used by shpc init, so
was moved before the call to shpc_init.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:11:45 +03:00
Marcel Apfelbaum
d98f08f54e hw/pci: add pci wrappers for allocating and asserting irqs
Interrupt pin is selected and saved into PCI_INTERRUPT_PIN
register during device initialization. Devices should not call
directly qemu_set_irq and specify the INTx pin on each call.

Added pci_* wrappers to replace qemu_set_irq, qemu_irq_raise,
qemu_irq_lower and qemu_irq_pulse, setting the irq
based on PCI_INTERRUPT_PIN.

Added pci_allocate_irq wrapper to be used by devices that
still need PCIDevice infrastructure to assert irqs.

Renamed a static method which was named already pci_set_irq.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:11:44 +03:00
Marcel Apfelbaum
a8a9d30bab hw/core: Add interface to allocate and free a single IRQ
qemu_allocate_irq returns a single qemu_irq.
The interface allows to specify an interrupt number.

qemu_free_irq frees it.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:11:44 +03:00
Marcel Apfelbaum
a53ae8e934 hw/pci: partially handle pci master abort
A MemoryRegion with negative priority was created and
it spans over all the pci address space.
It "intercepts" the accesses to unassigned pci
address space and will follow the pci spec:
 1. returns -1 on read
 2. does nothing on write

Note: setting the RECEIVED MASTER ABORT bit in the STATUS register
      of the device that initiated the transaction will be
      implemented in another series

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:11:44 +03:00
Marcel Apfelbaum
a1ff8ae066 memory: Change MemoryRegion priorities from unsigned to signed
When memory regions overlap, priority can be used to specify
which of them takes priority. By making the priority values signed
rather than unsigned, we make it more convenient to implement
a situation where one "background" region should appear only
where no other region exists: rather than having to explicitly
specify a high priority for all the other regions, we can let them take
the default (zero) priority and specify a negative priority for the
background region.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-10-14 17:11:44 +03:00
Kevin Wolf
4f8a066b5f blockdev: Remove IF_* check for read-only blockdev_init
IF_NONE allows read-only, which makes forbidding it in this place
for other types pretty much pointless.

Instead, make sure that all devices for which the check would have
errored out check in their init function that they don't get a read-only
BlockDriverState. This catches even cases where IF_NONE and -device is
used.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2013-10-11 16:50:01 +02:00
Michael S. Tsirkin
13164591f3 ahci: set ahci mode on reset
ATM we set AHCI mode on 1st GHC write.
Spec says we should set it on reset.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-10-11 16:49:59 +02:00
Anthony Liguori
f2c6bcfc2e Merge remote-tracking branch 'sstabellini/xen-2013-10-10' into staging
# By Matthew Daley (1) and Roger Pau Monné (1)
# Via Stefano Stabellini
* sstabellini/xen-2013-10-10:
  qemu/xen: make use of xenstore relative paths
  xen_disk: mark ioreq as mapped before unmapping in error case
2013-10-10 10:03:38 -07:00
Anthony Liguori
634ebf4b17 Merge remote-tracking branch 'bonzini/scsi-next' into staging
# By Asias He (1) and Peter Lieven (1)
# Via Paolo Bonzini
* bonzini/scsi-next:
  scsi: Allocate SCSITargetReq r->buf dynamically [CVE-2013-4344]
  block/iscsi: reenable iscsi_co_get_block_status

Message-id: 1381332391-8781-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-10-10 10:03:00 -07:00
Roger Pau Monné
33876dfad6 qemu/xen: make use of xenstore relative paths
Qemu has several hardcoded xenstore paths that are only valid on Dom0.
Attempts to launch a Qemu instance (to act as a userspace backend for
PV disks) will fail because Qemu is not able to access those paths
when running on a domain different than Dom0.

Instead make the xenstore paths relative to the domain where Qemu is
actually running.

Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Cc: xen-devel@lists.xenproject.org
Cc: Anthony PERARD <anthony.perard@citrix.com>
2013-10-10 14:25:52 +00:00
Matthew Daley
a76f48e533 xen_disk: mark ioreq as mapped before unmapping in error case
Commit 4472beae modified the semantics of ioreq_{un,}map so that they are
idempotent if called when they're not needed (ie., twice in a row). However,
it neglected to handle the case where batch mapping is not being used (the
default), and one of the grants fails to map. In this case, ioreq_unmap will
be called to unwind and unmap any mappings already performed, but ioreq_unmap
simply returns due to the aforementioned change (the ioreq has not already
been marked as mapped).

The frontend user can therefore force xen_disk to leak grant mappings, a
per-domain limited resource.

Fix by marking the ioreq as mapped before calling ioreq_unmap in this
situation.

Signed-off-by: Matthew Daley <mattjd@gmail.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2013-10-10 14:23:45 +00:00
Asias He
846424350b scsi: Allocate SCSITargetReq r->buf dynamically [CVE-2013-4344]
r->buf is hardcoded to 2056 which is (256 + 1) * 8, allowing 256 luns at
most. If more than 256 luns are specified by user, we have buffer
overflow in scsi_target_emulate_report_luns.

To fix, we allocate the buffer dynamically.

Signed-off-by: Asias He <asias@redhat.com>
Tested-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-10-09 17:24:18 +02:00
Daniel P. Berrange
8af0020544 hw/9pfs: Fix errno value for xattr functions
If there is no operation driver for the xattr type the
functions return '-1' and set errno to '-EOPNOTSUPP'.
When the calling code sets 'ret = -errno' this turns
into a large positive number.

In Linux 3.11, the kernel has switched to using 9p
version 9p2000.L, instead of 9p2000.u, which enables
support for xattr operations. This on its own is harmless,
but for another change which makes it request the xattr
with a name 'security.capability'.

The result is that the guest sees a succesful return
of 95 bytes of data, instead of a failure with errno
set to 95. Since the kernel expects a maximum of 20
bytes for an xattr return this gets translated to the
unexpected errno ERANGE.

This all means that when running a binary off a 9p fs
in 3.11 kernels you get a fun result of:

  # ./date
  sh: ./date: Numerical result out of range

The only workaround is to pass 'version=9p2000.u' when
mounting the 9p fs in the guest, to disable all use of
xattrs.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-05 13:05:28 +04:00
Alex Williamson
b1c50c5f24 vfio-pci: Fix endian issues in vfio_pci_size_rom()
VFIO is always little endian so do byte swapping of our mask on the
way in and byte swapping of the size on the way out.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Reported-by: Alexey Kardashevskiy <aik@ozlabs.ru>
2013-10-04 12:50:51 -06:00
Alex Williamson
64fa25a0ef vfio-pci: Add dummy PCI ROM write accessor
Just to be sure we don't jump off any NULL pointer cliffs.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Reported-by: Paolo Bonzini <pbonzini@redhat.com>
2013-10-04 08:51:36 -06:00
Jan Kiszka
7174e54cf1 kvmvapic: Prevent reading beyond the end of guest RAM
rom_state_paddr is guest provided (caller address of outw(VAPIC_PORT) +
writen 16-bit value) and can be influenced to point beyond the end of
the host memory backing the guest's RAM. Make sure we do not use this
pointer to actually read beyond the limits.

Reading arbitrary guest bytes is harmless, the guest kernel has to
manage access to this I/O port anyway.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>
2013-10-04 13:13:16 +03:00
Alexey Kardashevskiy
1d5bf692e5 vfio: Fix debug output for int128 values
Memory regions can easily be 2^64 byte long and therefore overflow
for just a bit but that is enough for int128_get64() to assert.

This takes care of debug printing of huge section sizes.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-10-03 09:10:09 -06:00
Alex Williamson
f16f39c3fc vfio-pci: Implement PCI hot reset
Now that VFIO has a PCI hot reset interface, take advantage of it.
There are two modes that we need to consider.  The first is when only
one device within the set of devices affected is actually assigned to
the guest.  In this case the other devices are are just held by VFIO
for isolation and we can pretend they're not there, doing an entire
bus reset whenever the device reset callback is triggered.  Supporting
this case separately allows us to do the best reset we can do of the
device even if the device is hotplugged.

The second mode is when multiple affected devices are all exposed to
the guest.  In this case we can only do a hot reset when the entire
system is being reset.  However, this also allows us to track which
individual devices are affected by a reset and only do them once.

We split our reset function into pre- and post-reset helper functions
prioritize the types of device resets available to us, and create
separate _one vs _multi reset interfaces to handle the distinct cases
above.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-10-02 13:51:00 -06:00
Ján Veselý
4b351a0f21 pci-ohci: Add missing 'break' in ohci_service_td
Device communication errors need to be reported to driver.
Add a debug message while at it.

Signed-off-by: Jan Vesely <jano.vesely@gmail.com>
Acked-by: Gerd Hoffmann <kraxel@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-02 22:55:28 +04:00
Guenter Roeck
84faf7c392 sh4: Fix serial line access for Linux kernels later than 3.2
With Linux kernel version 3.3 or later, qemu fails with the following message:

sh_serial: unsupported read from 0x18
  Aborted

Reported-and-analyzed-by: Rob Landley <rob@landley.net>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-02 22:55:28 +04:00
Stefan Weil
9b2caaf40b hw/alpha: Fix compiler warning (integer constant is too large)
From buildbot default_i386_rhel61:

  CC    alpha-softmmu/hw/alpha/typhoon.o
hw/alpha/typhoon.c: In function 'typhoon_translate_iommu':
hw/alpha/typhoon.c:703: warning: integer constant is too large for 'long' type
hw/alpha/typhoon.c:703: warning: integer constant is too large for 'long' type

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Acked-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-02 22:55:28 +04:00
Alex Williamson
8fbf47c3a8 vfio-pci: Cleanup error_reports
Remove carriage returns and tweak formatting for error_reports.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-10-02 12:52:38 -06:00
Alex Williamson
6f864e6ec8 vfio-pci: Lazy PCI option ROM loading
During vfio-pci initfn, the device is not always in a state where the
option ROM can be read.  In the case of graphics cards, there's often
no per function reset, which means we have host driver state affecting
whether the option ROM is usable.  Ideally we want to move reading the
option ROM past any co-assigned device resets to the point where the
guest first tries to read the ROM itself.

To accomplish this, we switch the memory region for the option rom to
an I/O region rather than a memory mapped region.  This has the side
benefit that we don't waste KVM memory slots for a BAR where we don't
care about performance.  This also allows us to delay loading the ROM
from the device until the first read by the guest.  We then use the
PCI config space size of the ROM BAR when setting up the BAR through
QEMU PCI.

Another benefit of this approach is that previously when a user set
the ROM to a file using the romfile= option, we still probed VFIO for
the parameters of the ROM, which can result in dmesg errors about an
invalid ROM.  We now only probe VFIO to get the ROM contents if the
guest actually tries to read the ROM.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-10-02 12:52:38 -06:00
Alex Williamson
befe5176ef vfio-pci: Test device reset capabilities
Not all resets are created equal.  PM reset is not very reliable,
especially for GPUs, so we might want to opt for a bus reset if a
standard reset will only do a D3hot->D0 transition.  We can also
use this to tell if the standard reset will do a bus reset (if
neither has_pm_reset or has_flr is probed, but the device still
supports reset).

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-10-02 12:52:38 -06:00
Alex Williamson
c7679d450e vfio-pci: Add support for MSI affinity
When MSI is accelerated through KVM the vectors are only programmed
when the guest first enables MSI support.  Subsequent writes to the
vector address or data fields are ignored.  Unfortunately that means
we're ignore updates done to adjust SMP affinity of the vectors.
MSI SMP affinity already works in non-KVM mode because the address
and data fields are read from their backing store on each interrupt.

This patch stores the MSIMessage programmed into KVM so that we can
determine when changes are made and update the routes.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2013-10-02 12:52:38 -06:00
Anthony Liguori
eb322b8155 pc,pci,virtio fixes and cleanups
This includes pc and pci cleanups and enhancements,
 and a virtio-net bugfix related to softmac programming.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.14 (GNU/Linux)
 
 iQEcBAABAgAGBQJSR83kAAoJECgfDbjSjVRpX08H/jKgYBNJaChev1TROIVHEGbu
 IzvkjfocvKO+6wmhOf5x+xwFmzrijUMa1CPvOkCp8c2A3Iek7rmnedknlhXYh7dM
 z5mXcvFGjnu7ST38ydF/Emk9+Z6rRg5Y/hkmlDyr+9lNcoiCDLXXcUrKjeIHNoWl
 e8w3yiPCJ528QyrLwQ890XetJphv67pMlsjMgLQ2betMk++Ac/ctUf1D2p1X4NeQ
 Q2drbo5Z4yDk0i6QMA3iLq1Bh/AhE10bCDq9rCzfZGIKVyncL6ne2pSi/xDvpLrF
 dmxoiJ5QrK6xLnagCcn5T6SB9DkwbEPdL7qCqlxZ8USr7cVyPdzYtHtGSBWdeXY=
 =xF01
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mst/tags/for_anthony' into staging

pc,pci,virtio fixes and cleanups

This includes pc and pci cleanups and enhancements,
and a virtio-net bugfix related to softmac programming.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Sun 29 Sep 2013 01:51:16 AM CDT using RSA key ID D28D5469
# gpg: Can't check signature: public key not found

# By Michael S. Tsirkin (8) and others
# Via Michael S. Tsirkin
* mst/tags/for_anthony:
  smbios: Factor out smbios_maybe_add_str()
  smbios: Make multiple -smbios type= accumulate sanely
  smbios: Improve diagnostics for conflicting entries
  smbios: Convert to QemuOpts
  smbios: Normalize smbios_entry_add()'s error handling to exit(1)
  virtio-net: fix up HMP NIC info string on reset
  pci: remove explicit check to 64K ioport size
  piix4: disable io on reset
  piix: use 64 bit window programmed by guest
  q35: use 64 bit window programmed by guest
  pci: add helper to retrieve the 64-bit range
  range: add min/max operations on ranges
  range: add Range to typedefs
  q35: make pci window address/size match guest cfg

Message-id: 1380437951-21788-1-git-send-email-mst@redhat.com
2013-09-30 17:15:01 -05:00
Anthony Liguori
3469a60d9f Merge remote-tracking branch 'sstabellini/xen-2013-09-25' into staging
# By Anthony PERARD (2) and Liu, Jinsong (2)
# Via Stefano Stabellini
* sstabellini/xen-2013-09-25:
  xen: Enable cpu-hotplug on xenfv machine.
  xen: Fix vcpu initialization.
  qemu: Add qemu xen logic for Xen HVM S3 resume
  qemu: Adjust qemu wakeup

Message-id: alpine.DEB.2.02.1309251749180.5498@kaball.uk.xensource.com
2013-09-30 17:14:10 -05:00
Anthony Liguori
d7f0efcb22 Merge remote-tracking branch 'kraxel/audio.1' into staging
# By Bandan Das (3) and Gerd Hoffmann (1)
# Via Gerd Hoffmann
* kraxel/audio.1:
  audio: remove CONFIG_MIXEMU configure option
  hda-codec: make mixemu selectable at runtime
  hda-codec: refactor common definitions into a header file
  audio maintainers update

Message-id: 1380011943-15083-1-git-send-email-kraxel@redhat.com
2013-09-30 17:13:32 -05:00
Anthony Liguori
1b365b2eb6 This is a bunch of fixes/changes for the s390 architecture. It also
contains the fixes from the previous pull request, which did not make
 it yet.
 Overall it contains
 - a fix for kexec without kdump (which uses diag308 subcode 0 instead of 1)
 - several sclp related fixes
 - some initial sclp migration code
 - the sclp line mode console
 - A fix for a boot problem with the virtio ccw ipl bios
 - zeroed out padding bytes for the notes section of dump-guest-memory
 - some cleanups
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABAgAGBQJSQTzUAAoJEBF7vIC1phx8hR8P/R2DsdjnNhDbfVxr/1JVj8Ad
 v/IOoqSPA8Nf5nGpFe2pmFokHJ88Jzv/8DGlPQfBNH95SBmU6qarHTUG9l6/BWTL
 yTx7kzYfy4FGQE6zdoTHByScnzPSJh2hTAiPyXCo7L2QjGPfZgZmxZZVvQUbRoRo
 uKslsWSHaSBYs4cYvvZMiUdSA0q4FSIcUNTewMZDoILcIExSvES/dll12q1iRgSF
 r8HSK7WppES5nXeJQAZEjJsDXah8Fl71ngcqi+d96if5KrYexkG91Rxz8qavhsFO
 2UbXcMIal1Iuq8dEryjymxuKHcfpqKIqmielMjyg4icTS0WXf+Z7uH7jfEmrkYnP
 wZbfSZ2AcGd6chRptXsXTxbXYeSKfUxj8VFYg8765DlU+9ACwMZeXwaK0PrtBkl8
 WEIyi4XNa2KQ6T+ZoRcl5lqaaGcZZAyJlZzcOeZq4EhbtcLymHTNIVY9gbGloWR8
 FLgEcfvx71N2LPH0AapUNfrl5DlLGOHX9gR58ZlRCupULc86NniOsH0y2mcVjjoT
 Tbc+4NV3Es0qUIwB44HVRKo+WpRqM7/bMOhDDsfONcKyozuxbySaCcfn8CnoR5LD
 C/HqyU3OClg9P785wVvgf7GPT03Zf0KrHKMqQYjsrPu1rX319asgOAz8W5IxnjAw
 2d8ZzMX9CZfJDCr7I8hO
 =4rT1
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'borntraeger/tags/s390-next-20130924' into staging

This is a bunch of fixes/changes for the s390 architecture. It also
contains the fixes from the previous pull request, which did not make
it yet.
Overall it contains
- a fix for kexec without kdump (which uses diag308 subcode 0 instead of 1)
- several sclp related fixes
- some initial sclp migration code
- the sclp line mode console
- A fix for a boot problem with the virtio ccw ipl bios
- zeroed out padding bytes for the notes section of dump-guest-memory
- some cleanups

# gpg: Signature made Tue 24 Sep 2013 02:18:44 AM CDT using RSA key ID B5A61C7C
# gpg: Can't check signature: public key not found

# By Christian Borntraeger (6) and others
# Via Christian Borntraeger
* borntraeger/tags/s390-next-20130924:
  s390/sclplmconsole: Add support for SCLP line-mode console
  s390/ebcdic: Move conversion tables to header file
  s390/eventfacility: allow childs to handle more than 1 event type
  s390/eventfacility: remove unused event_type variable
  s390/eventfacility: Fix receive/send masks
  s390/eventfacility: fix multiple Read Event Data sources
  s390/sclp: add reset() functions
  s390/sclpquiesce: Add code to support live migration
  s390/sclpconsole: Add code to support live migration for sclpconsole
  s390/sclpconsole: modify definition of input buffer
  s390/kexec: Implement diag308 subcode 0
  s390/ioinst: Moved the CC setting to the IO instruction handlers
  s390/cpu: Make setcc() function available to other files
  s390/ipl: Update the s390-ccw.img rom
  s390/ipl: Fix waiting for virtio processing
  s390/dump: zero out padding bytes in notes sections
  s390/kvm: Add check for priviledged SCLP handler

Message-id: 1380007671-18976-1-git-send-email-borntraeger@de.ibm.com
2013-09-30 17:13:18 -05:00
Markus Armbruster
e26d3e7346 smbios: Factor out smbios_maybe_add_str()
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-28 23:49:39 +03:00
Markus Armbruster
fc3b32958a smbios: Make multiple -smbios type= accumulate sanely
Currently, -smbios type=T,NAME=VAL,... adds one field (T,NAME) with
value VAL to fw_cfg for each unique NAME.  If NAME occurs multiple
times, the last one's VAL is used (before the QemuOpts conversion, the
first one was used).

Multiple -smbios can add multiple fields with the same (T, NAME).
SeaBIOS reads all of them from fw_cfg, but uses only the first field
(T, NAME).  The others are ignored.

"First one wins, subsequent ones get ignored silently" isn't nice.  We
commonly let the last option win.  Useful, because it lets you
-readconfig first, then selectively override with command line
options.

Clean up -smbios to work the common way.  Accumulate the settings,
with later ones overwriting earlier ones.  Put the result into fw_cfg
(no more useless duplicates).

Bonus cleanup: qemu_uuid_parse() no longer sets SMBIOS system uuid by
side effect.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-28 23:49:39 +03:00
Markus Armbruster
ec2df8c10a smbios: Improve diagnostics for conflicting entries
We allow either tables or fields for the same type.  Makes sense,
because SeaBIOS uses fields only when no tables are present.

We do this by searching the SMBIOS blob for a previously added table
or field.  Error messages look like this:

    qemu-system-x86_64: -smbios type=1,serial=42: SMBIOS type 1 table already defined, cannot add field

User needs to know that "table" is defined by -smbios file=..., and
"field" by -smbios type=...

Instead of searching the blob, record additions of interest, and check
that.  Simpler, and makes better error messages possible:

    qemu-system-x86_64: -smbios file=smbios_type_1.bin: Can't mix file= and type= for same type
    qemu-system-x86_64: -smbios type=1,serial=42,serial=99: This is the conflicting setting

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-28 23:49:39 +03:00
Markus Armbruster
4f953d2fc8 smbios: Convert to QemuOpts
So that it can be set in config file for -readconfig.

This tightens parsing of -smbios, and makes it more consistent with
other options: unknown parameters are rejected, numbers with trailing
junk are rejected, when a parameter is given multiple times, last
rather than first wins, ...

MST: drop one chunk to fix build errors

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-28 23:49:06 +03:00
Markus Armbruster
351a6a73ca smbios: Normalize smbios_entry_add()'s error handling to exit(1)
It exits on all error conditions but one, where it returns -1.
Normalize, and return void.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-28 22:40:58 +03:00
Anthony PERARD
594278d9f2 xen: Enable cpu-hotplug on xenfv machine.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2013-09-25 16:43:12 +00:00
Liu, Jinsong
4bc78a8772 qemu: Adjust qemu wakeup
Currently Xen hvm s3 has a bug coming from the difference between
qemu-traditioanl and qemu-xen. For qemu-traditional, the way to
resume from hvm s3 is via 'xl trigger' command. However, for
qemu-xen, the way to resume from hvm s3 inherited from standard
qemu, i.e. via QMP, and it doesn't work under Xen.

The root cause is, for qemu-xen, 'xl trigger' command didn't reset
devices, while QMP didn't unpause hvm domain though they did qemu
system reset.

We have two qemu patches and one xl patch to fix Xen hvm s3 bug.
This patch is the qemu patch 1. It adjusts qemu wakeup so that
Xen s3 resume logic (which will be implemented at qemu patch 2)
will be notified after qemu system reset.

Signed-off-by: Liu Jinsong <jinsong.liu@intel.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
2013-09-25 16:38:29 +00:00
Bandan Das
19b0dfc19c audio: remove CONFIG_MIXEMU configure option
Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-24 10:29:34 +02:00
Bandan Das
2690e61e8e hda-codec: make mixemu selectable at runtime
Define PARAM so that we have two versions of the "desc_codec
and family" structs. Add a property called "mixer" whose default
value depends on whether CONFIG_MIXEMU is defined or not which
will help us call the appropriate instance init functions.

Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-24 10:29:34 +02:00
Bandan Das
7953793c03 hda-codec: refactor common definitions into a header file
Move common defines and structs to a header file.
The next commit will include it twice, once for a device with a
mixer, and once for device without a mixer.

Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-24 10:29:34 +02:00
Anthony Liguori
feb678c6f7 Merge remote-tracking branch 'stefanha/net' into staging
# By Aurelien Jarno (1) and Vincenzo Maffione (1)
# Via Stefan Hajnoczi
* stefanha/net:
  e1000: NetClientInfo.receive_iov implemented
  pcnet-pci: mark I/O and MMIO as LITTLE_ENDIAN

Message-id: 1379699613-5338-1-git-send-email-stefanha@redhat.com
2013-09-23 11:53:11 -05:00
Anthony Liguori
16121fa39e Merge remote-tracking branch 'stefanha/block' into staging
# By Stefan Hajnoczi (4) and others
# Via Stefan Hajnoczi
* stefanha/block:
  virtio-blk: do not relay a previous driver's WCE configuration to the current
  blockdev: do not default cache.no-flush to true
  block: don't lose data from last incomplete sector
  qcow2: Correct snapshots size for overlap check
  coroutine: fix /perf/nesting coroutine benchmark
  coroutine: add qemu_coroutine_yield benchmark
  qemu-timer: do not take the lock in timer_pending
  qemu-timer: make qemu_timer_mod_ns() and qemu_timer_del() thread-safe
  qemu-timer: drop outdated signal safety comments
  osdep: warn if open(O_DIRECT) on fails with EINVAL
  libcacard: link against qemu-error.o for error_report()

Message-id: 1379698931-946-1-git-send-email-stefanha@redhat.com
2013-09-23 11:53:05 -05:00
Anthony Liguori
2e6ae666c8 Merge remote-tracking branch 'mjt/trivial-patches' into staging
# By Stefan Weil (8) and others
# Via Michael Tokarev
* mjt/trivial-patches:
  tests/.gitignore: ignore test-throttle
  exec: Fix broken build for MinGW (regression)
  kvm: Fix compiler warning (clang)
  tcg-sparc: Fix parenthesis warning
  Makefile: Remove some more files when cleaning
  target-i386: Fix segment cache dump
  iov: avoid "orig_len may be used unitialized" warning
  vscclient: remove unnecessary use of uninitialized variable
  trace-events: Clean up with scripts/cleanup-trace-events.pl again
  tci: Fix qemu-alpha on 32 bit hosts (wrong assertions)
  *-user: Improve documentation for lock_user function
  MAINTAINERS: Add missing entry to filelist for TCI target
  translate-all: Fix formatting of dump output
  *-user: Fix typo in comment (ulocking -> unlocking)
  docs: Fix IO port number for CPU present bitmap.
  q35: Fix typo in constant DEFUALT -> DEFAULT.
  configure: Undefine _FORTIFY_SOURCE prior using it

Message-id: 1379696296-32105-1-git-send-email-mjt@msgid.tls.msk.ru
2013-09-23 11:52:55 -05:00
Anthony Liguori
3e4be9c297 Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
# By Alexey Kardashevskiy (3) and others
# Via Paolo Bonzini
* qemu-kvm/uq/master:
  target-i386: add feature kvm_pv_unhalt
  linux-headers: update to 3.12-rc1
  target-i386: forward CPUID cache leaves when -cpu host is used
  linux-headers: update to 3.11
  kvm: fix traces to use %x instead of %d
  kvmvapic: Clear also physical ROM address when entering INACTIVE state
  kvmvapic: Enter inactive state on hardware reset
  kvmvapic: Catch invalid ROM size
  kvm irqfd: support direct msimessage to irq translation
  fix steal time MSR vmsd callback to proper opaque type
  kvm: warn if num cpus is greater than num recommended
  cpu: Move cpu state syncs up into cpu_dump_state()
  exec: always use MADV_DONTFORK

Message-id: 1379694292-1601-1-git-send-email-pbonzini@redhat.com
2013-09-23 11:52:49 -05:00
Anthony Liguori
f3ca508f00 Merge remote-tracking branch 'bonzini/scsi-next' into staging
# By Hervé Poussineau (5) and Stefan Weil (1)
# Via Paolo Bonzini
* bonzini/scsi-next:
  block/iscsi: Drop iscsi_co_get_block_status for older versions of libiscsi
  lsi: add 53C810 variant
  lsi: remove todo
  lsi: ignore write accesses to CTEST0 registers
  lsi: check ssid versus sdid only if ssid is valid
  lsi: use constant name instead of its value
2013-09-23 11:52:32 -05:00
Michael S. Tsirkin
702d66a813 virtio-net: fix up HMP NIC info string on reset
When mac is updated on reset, info string has stale data.
Fix it up.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-22 09:30:22 +03:00
Vincenzo Maffione
97410dde60 e1000: NetClientInfo.receive_iov implemented
This patch implements the NetClientInfo.receive_iov method for the
e1000 device emulation. In this way a network backend that uses
qemu_sendv_packet() can deliver the fragmented packet without
requiring an additional copy in the frontend/backend network code
(nc_sendv_compat() function).

The existing method NetClientInfo.receive has been reimplemented
using the new method.

Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-09-20 19:49:14 +02:00
Aurelien Jarno
a26405b350 pcnet-pci: mark I/O and MMIO as LITTLE_ENDIAN
Now that the memory subsystem is propagating the endianness correctly,
the pcnet-pci device should have its I/O ports and MMIO memory marked
as LITTLE_ENDIAN, as PCI devices are little endian.

This makes the pcnet-pci NIC to work again on big endian MIPS Malta
(default NIC).

Cc: qemu-stable@nongnu.org
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-09-20 19:49:14 +02:00
Paolo Bonzini
ef5bc96268 virtio-blk: do not relay a previous driver's WCE configuration to the current
The following sequence happens:
- the SeaBIOS virtio-blk driver does not support the WCE feature, which
causes QEMU to disable writeback caching

- the Linux virtio-blk driver resets the device, finds WCE is available
but writeback caching is disabled; tells block layer to not send cache
flush commands

- the Linux virtio-blk driver sets the DRIVER_OK bit, which causes
writeback caching to be re-enabled, but the Linux virtio-blk driver does
not know of this side effect and cache flushes remain disabled

The bug is at the third step.  If the guest does know about CONFIG_WCE,
QEMU should ignore the WCE feature's state.  The guest will control the
cache mode solely using configuration space.  This change makes Linux
do flushes correctly, but Linux will keep SeaBIOS's writethrough mode.

Hence, whenever the guest is reset, the cache mode of the disk should
be reset to whatever was specified in the "-drive" option.  With this
change, the Linux virtio-blk driver finds that writeback caching is
enabled, and tells the block layer to send cache flush commands
appropriately.

Reported-by: Rusty Russell <rusty@au1.ibm.com
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-09-20 19:27:48 +02:00
Stefan Weil
e76d05c2b5 kvm: Fix compiler warning (clang)
Report from clang analyzer:

clock.c:42:15: warning:
Value stored to 'cpu' during its initialization is never read

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-09-20 20:11:32 +04:00
Richard W.M. Jones
451f7846ec q35: Fix typo in constant DEFUALT -> DEFAULT.
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-09-20 20:09:23 +04:00
Anthony Liguori
2571f8f5fb Merge remote-tracking branch 'spice/spice.v74' into staging
# By Gerd Hoffmann
# Via Gerd Hoffmann
* spice/spice.v74:
  qxl: compile only once
  qxl: simplify page dirtying
  qxl: simplify qxl_rom_size
  qxl: define qxl operating on 4k pages

Message-id: 1379583534-7831-1-git-send-email-kraxel@redhat.com
2013-09-20 08:08:18 -05:00
Heinz Graalfs
6a444f8507 s390/sclplmconsole: Add support for SCLP line-mode console
Add simple support for SCLP line-mode also known as operating
system messages. This can be added in addition to or instead of
the SCLP full screen console with -device sclplmconsole.

Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2013-09-20 13:55:30 +02:00
Christian Borntraeger
c3d9f24a39 s390/eventfacility: allow childs to handle more than 1 event type
Currently all handlers (quiesce, console) only handle one event type.
Some drivers will handle multiple (compatible) event types. Rework the
code accordingly.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
2013-09-20 13:55:30 +02:00
Christian Borntraeger
8b8b1138df s390/eventfacility: remove unused event_type variable
The event_type variable is never used. Get rid of it.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
2013-09-20 13:55:30 +02:00
Ralf Hoppe
a0c8699b23 s390/eventfacility: fix multiple Read Event Data sources
Make the handler for SCLP Read Event Data deal with notifications
for multiple sources correctly.

Signed-off-by: Ralf Hoppe <rhoppe@de.ibm.com>
Reviewed-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
[split bigger patch into smaller independent chunks]
Reviewed-by: Alexander Graf <agraf@suse.de>
2013-09-20 13:55:29 +02:00
Heinz Graalfs
3af6de321f s390/sclp: add reset() functions
Add reset() functions for event-facility, sclpconsole, and sclpquiesce.
The reset() functions perform variable initialization
at IPL and e.g. when monitor system_reset is called.

Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2013-09-20 13:55:29 +02:00
Heinz Graalfs
7e36b7a356 s390/sclpquiesce: Add code to support live migration
This patch adds the necessary life migration pieces to sclpquiesce
by using the vmstate_register.

Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2013-09-20 13:55:29 +02:00
Heinz Graalfs
cb335bebe1 s390/sclpconsole: Add code to support live migration for sclpconsole
This patch adds the necessary life migration pieces to the sclp code
by using vmstate_register.

Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2013-09-20 13:55:29 +02:00
Heinz Graalfs
ea9ad3e945 s390/sclpconsole: modify definition of input buffer
To use VMState for migration, we need to adapt some sclp code:
   - allocate console buffer as part of the console
   - change semantic of sclpconsole offset fields

Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2013-09-20 13:55:29 +02:00
Jan Kiszka
4357930b8a kvmvapic: Clear also physical ROM address when entering INACTIVE state
To avoid misinterpreting INACTIVE after migration as old qemu-kvm's
STANDBY, also clear rom_state_paddr when going back to this state.

CC: qemu-stable@nongnu.org
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-20 12:37:52 +02:00
Jan Kiszka
c056bc3f34 kvmvapic: Enter inactive state on hardware reset
ROM layout may change after reset of devices are hotplugged, so we have
to pick up the physical address again when the ROM is initialized. This
is best achieved by resetting the state to INACTIVE.

CC: qemu-stable@nongnu.org
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-20 12:37:52 +02:00
Jan Kiszka
18e5eec4db kvmvapic: Catch invalid ROM size
If not caught early, a zero-length ROM will cause a NULL-pointer access
later on in patch_hypercalls when allocating a zero-length ROM copy and
trying to read from it.

CC: qemu-stable@nongnu.org
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-20 12:37:52 +02:00
Hans de Goede
0ca6db4f3b usb: Fix iovec memleak on combined-packet free
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-19 11:28:40 +02:00
Hans de Goede
9adbaad318 usb: Also reset max_packet_size on ep_reset
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-19 11:28:40 +02:00
Hans de Goede
b21da4e504 xhci: Fix memory leak on xhci_disable_ep
The USBPacket-s in the transfers need to be cleaned up so that the memory
allocated by the iovec in there gets freed.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-19 11:28:40 +02:00
Hans de Goede
518ad5f2a0 xhci: Add xhci_epid_to_usbep helper function
And use it instead of prying the USBEndpoint out of the packet struct
in various places.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-19 11:28:40 +02:00
Hans de Goede
4c5d82ecf1 xhci: Init a transfers xhci, slotid and epid member on epctx alloc
Transfers are part of an epctx, which is part of a slot, which is part of
a xhci. Transfers cannot dynamically be moved from one epctx to another,
so once created their xhci, slotid and epid are constant, so lets set these
up at creation time, rather then re-initializing them with the same
value each time a transfer gets submitted.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-19 11:28:40 +02:00
Hans de Goede
d063c3112c xhci: Fix number of streams allocated when using streams
According to the xhci spec the total number of streams is
2 ^ (MaxPStreams + 1), and this is also how the Linux xhci driver
uses this field.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-19 11:28:40 +02:00
Gerd Hoffmann
b5613fdcb0 usb: remove old usb-host code
The usb-host code has been rewritten for qemu 1.5 to use libusb,
the old code has been left in as temporary fallback.  Now we are
two releases further out, targeting the 1.7 release.  No major
issues with the new code poped up until now.  Time to remove it
from tre tree.  Should we ever need it again for some reason --
git has a copy for us in the history.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-19 11:28:40 +02:00
Gerd Hoffmann
521e759cf1 qxl: compile only once
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-18 11:13:29 +02:00
Gerd Hoffmann
b0297b4a82 qxl: simplify page dirtying
No need to do target page size calculations here,
memory_region_set_dirty will care for us.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-18 11:13:29 +02:00
Gerd Hoffmann
60b3b2a55f qxl: simplify qxl_rom_size
Nowdays rom size is fixed at 8192 for live migration compat reasons.
So we can ditch the pointless math trying to calculate the size needed.
Also make the size sanity check fail at compile time not runtime.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-18 11:13:29 +02:00
Gerd Hoffmann
9efc2d8d81 qxl: define qxl operating on 4k pages
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-18 11:13:29 +02:00
Anthony Liguori
5dc11192b2 Merge remote-tracking branch 'kwolf/for-anthony' into staging
# By Max Reitz (16) and others
# Via Kevin Wolf
* kwolf/for-anthony: (33 commits)
  qemu-iotests: Fix test 038
  block: Assert validity of BdrvActionOps
  qemu-iotests: Cleanup test image in test number 007
  qemu-img: fix invalid JSON
  coroutine: add ./configure --disable-coroutine-pool
  qemu-iotests: Adjustments due to error propagation
  qcow2: Use Error parameter
  qemu-img create: Emit filename on error
  block: Error parameter for create functions
  block: Error parameter for open functions
  bdrv: Use "Error" for creating images
  bdrv: Use "Error" for opening images
  qemu-iotests: add 057 internal snapshot for block device test case
  hmp: add interface hmp_snapshot_delete_blkdev_internal
  hmp: add interface hmp_snapshot_blkdev_internal
  qmp: add interface blockdev-snapshot-delete-internal-sync
  qmp: add interface blockdev-snapshot-internal-sync
  qmp: add internal snapshot support in qmp_transaction
  snapshot: distinguish id and name in snapshot delete
  snapshot: new function bdrv_snapshot_find_by_id_and_name()
  ...

Message-id: 1379073063-14963-1-git-send-email-kwolf@redhat.com
2013-09-17 09:51:40 -05:00
Anthony Liguori
7d41364e71 Merge remote-tracking branch 'bonzini/scsi-next' into staging
# By Peter Lieven (3) and others
# Via Paolo Bonzini
* bonzini/scsi-next:
  spapr-vscsi: Report error on unsupported MAD requests
  spapr-vscsi: Adding VSCSI capabilities
  iscsi: split discard requests in multiple parts
  iscsi: add .bdrv_get_block_status
  iscsi: add logical block provisioning information to iscsilun
  hw/scsi/lsi53c895a: Use deposit32 rather than handcoded shift/mask
  hw/scsi/lsi53c895a: Use sextract32 for sign-extension
  scsi: Fix scsi_bus_legacy_add_drive() scsi-generic with serial
  virtio-scsi: Make type virtio-scsi-common abstract
  spapr-vscsi: add task management
  scsi: prefer UUID to VM name for the initiator name

Message-id: 1378984634-765-1-git-send-email-pbonzini@redhat.com
2013-09-17 09:50:23 -05:00
Hervé Poussineau
ceae18bd74 lsi: add 53C810 variant
Currently, treat it exactly as a 53C895A.
53C895A is a 53C810 with more capabilities, so this should work.

However, this lets us test different code paths on Linux, which
don't use lastest features if it detect a 810, or on some OSes
which only support 810 and not 895A (like very old Windows NT
versions).

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-16 12:42:40 +02:00
Hervé Poussineau
689f5ff437 lsi: remove todo
LSI emulation has been tested with Linux on PPC platform.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-16 12:42:35 +02:00
Hervé Poussineau
0903c35dde lsi: ignore write accesses to CTEST0 registers
53C895A datasheet says that this register is read/write, and that the value
returned on read access is dependant of DMA FIFO state. However, nothing is
said for written value.

53C810A datasheet gives more insight about this register:
"This was a general purpose read/write register in previous SYM53C8XX
family chips. Although it is still a read/write register, Symbios reserves
the right to use these bits for future 53C8XX family enhancements."

This prevents going to the default case, which prints an error message.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-16 12:42:25 +02:00
Hervé Poussineau
c7ac9f403a lsi: check ssid versus sdid only if ssid is valid
This prevents some (invalid) error messages on console.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-16 12:42:18 +02:00
Hervé Poussineau
16b8ed1d09 lsi: use constant name instead of its value
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-16 12:41:35 +02:00
Hervé Poussineau
9f1a029abf pci: remove explicit check to 64K ioport size
This check is useless, as bigger addresses will be ignored when
added to 'io' MemoryRegion, which has a size of 64K.

However, some architectures don't use the 'io' MemoryRegion, like
the alpha and versatile platforms. They create a PCI I/O region
bigger than 64K, so let them handle PCI I/O BARs in the higher range.

MST: reinstated work-around for BAR sizing.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-15 11:49:51 +03:00
Michael S. Tsirkin
c046e8c4a2 piix4: disable io on reset
io base register at 0x40 is cleared on reset,
but io is not disabled until some other event
happens to call pm_io_space_update.

Invoke pm_io_space_update directly to make this
consistent.

Cc: qemu-stable@nongnu.org
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-15 11:49:50 +03:00
Michael S. Tsirkin
2028fdf379 piix: use 64 bit window programmed by guest
Detect the 64 bit window programmed by firmware
and configure properties accordingly.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-15 11:49:50 +03:00
Michael S. Tsirkin
8b42d730e3 q35: use 64 bit window programmed by guest
Detect the 64 bit window programmed by firmware
and configure properties accordingly.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-15 11:49:50 +03:00
Michael S. Tsirkin
4386406957 pci: add helper to retrieve the 64-bit range
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-15 11:49:50 +03:00
Michael S. Tsirkin
636228a887 q35: make pci window address/size match guest cfg
For Q35, MMCFG address and size are guest configurable.
Update w32 property to make it behave accordingly.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-15 09:36:57 +03:00
Markus Armbruster
7f87af39dc pc_sysfw: Fix ISA BIOS init for ridiculously big flash
pc_isa_bios_init() suffers integer overflow for flash larger than
INT_MAX.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Message-id: 1375276272-15988-9-git-send-email-armbru@redhat.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-09-12 11:45:32 -05:00
Alexey Kardashevskiy
f4ff3b7ba1 spapr-vscsi: Report error on unsupported MAD requests
The existing driver just dropped unsupported requests. This adds error
responses to those unhandled requests.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-12 13:15:54 +02:00
Nikunj A. Dadhania
26573a0c1f spapr-vscsi: Adding VSCSI capabilities
This implements capabilities exchange between vscsi host and client.  As
at the moment no capability is supported, put zero flags everywhere and
return.

Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Nikunj A. Dadhania <nikunj@linux.vnet.ibm.com>
2013-09-12 13:15:54 +02:00
Max Reitz
34b5d2c68e block: Error parameter for open functions
Add an Error ** parameter to bdrv_open, bdrv_file_open and associated
functions to allow more specific error messages.

Signed-off-by: Max Reitz <mreitz@redhat.com>
2013-09-12 10:12:48 +02:00
Peter Maydell
57ffcc4c83 hw/scsi/lsi53c895a: Use deposit32 rather than handcoded shift/mask
Use deposit32() rather than handcoded shifts/masks to update the
scratch registers. This is cleaner and incidentally avoids a clang
sanitizer complaint ("runtime error: left shift of 255 by 24 places
cannot be represented in type 'int'").

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-12 08:46:21 +02:00
Peter Maydell
927941059b hw/scsi/lsi53c895a: Use sextract32 for sign-extension
Use sextract32() for doing sign-extension rather than rolling
our own implementation.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-12 08:46:21 +02:00
Markus Armbruster
c24e7517ee scsi: Fix scsi_bus_legacy_add_drive() scsi-generic with serial
scsi_bus_legacy_add_drive() creates either a scsi-disk or a
scsi-generic device.  It sets property "serial" to argument serial
unless null.  Crashes with scsi-generic, because it doesn't have such
the property.

Only usb_msd_initfn_storage() passes non-null serial.  Reproducer:

    $ qemu-system-x86_64 -nodefaults -display none -S -usb \
    -drive if=none,file=/dev/sg1,id=usb-drv0 \
    -device usb-storage,id=usb-msd0,drive=usb-drv0,serial=123
    qemu-system-x86_64: -device usb-storage,id=usb-msd0,drive=usb-drv0,serial=123: Property '.serial' not found
    Aborted (core dumped)

Fix by handling exactly like "removable": set the property only when
it exists.

Cc: qemu-stable@nongnu.org
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-12 08:46:21 +02:00
Markus Armbruster
a27292b5d7 virtio-scsi: Make type virtio-scsi-common abstract
It's the abstract base of virtio-scsi-device and vhost-scsi.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-12 08:46:21 +02:00
Alexey Kardashevskiy
eb37f14658 spapr-vscsi: add task management
At the moment the guest kernel issues two types of task management
requests to the hypervisor - task about and lun reset. This adds
handling for these tasks. As spapr-vscsi starts calling scsi_req_cancel(),
free_request callback was implemented.

As virtio-vscsi, spapr-vscsi does not handle CLEAR_ACA either as CDB
control byte does not seem to be used at all so NACA bit is not
set to the guest so the guest has no good reason to call CLEAR_ACA task.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
[Fix choice of UCSOLCNT vs. SCSOLCNT. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-09-12 08:46:21 +02:00
Anthony Liguori
2d1fe1873a ARM queue:
* aarch64 preparation patchset (excluding the defconfigs, so this
    doesn't actually enable the new targets yet)
  * minor bugfixes and cleanups
  * disable "-cpu any" in system emulation mode
  * fix ARMv7M stack alignment on reset
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABCAAGBQJSL2jzAAoJEDwlJe0UNgzesqIP/0pn2qoSv6BXSjVHAlbGvOtC
 n4ZF6Aeoc+S9vvWbKk/2mCGNyf2ewokVCrekMSjWeD4i0WQwLPAIbwZ4RTmketCt
 KqJQQ2JrFQyu5xTlooc4NrAuO8XllEtFIdIl/Aob9HyZvlNQR+l81GP0LqipiTLz
 Dto1Cxack8BpOopy8hxBnR4xcE3yz9e+9b2P7iONJ4TYzs7vheu0j4qMOZtNyw/T
 mf7yKrv+YzvlbJJgM3tK9sgBShtGqyxgW6YO5OHrsM/D/9wc+ML6k3iMpf7Sr2RF
 1/P0xUZBkaXht3ZDBU/EOG5Gi+AqoPS2K/Quu/NFADn7dpV+qAeukiCHnhhCtPHc
 AbSl6oaHjpfEPC7JaORIdzu8+GAIhT6fWP4MNa0bkWtatGh3OXJvMboalu1jtARE
 DCpTvA4pRyjJ8WFO/CYASxeeFeZX7DYCy4RYklSk7cbQ5xH9n2Jq3g/92y+07KnQ
 bZYpP57Lor8p2bHenr8p9V/dIlIKTgQkcgqIumNSSrIBU4NCVb2G566kfTSKZy4S
 Alq/dmWs3oxmidviz8HT0aX6tVJgFU2rkIVE4nCZjCH/0fQYU7NVfMshFNLar8zQ
 lCe1K7Yiv+u6W/bgUIG3AM1GVbsb8X2YKNTEUXOls54Jzjep3lQrsoVCaaQLgaI5
 Cz+uCGX+4x4Pe9h6XWDk
 =oraU
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'pmaydell/tags/pull-target-arm-20130910' into staging

ARM queue:
 * aarch64 preparation patchset (excluding the defconfigs, so this
   doesn't actually enable the new targets yet)
 * minor bugfixes and cleanups
 * disable "-cpu any" in system emulation mode
 * fix ARMv7M stack alignment on reset

# gpg: Signature made Tue 10 Sep 2013 01:46:11 PM CDT using RSA key ID 14360CDE
# gpg: Can't check signature: public key not found

# By Alexander Graf (13) and others
# Via Peter Maydell
* pmaydell/tags/pull-target-arm-20130910: (28 commits)
  configure: Add handling code for AArch64 targets
  linux-user: Add AArch64 support
  linux-user: Allow targets to specify a minimum uname release
  linux-user: Add AArch64 termbits.h definitions
  linux-user: Implement cpu_set_tls() and cpu_clone_regs() for AArch64
  linux-user: Make sure NWFPE code is 32 bit ARM only
  linux-user: Add signal handling for AArch64
  linux-user: Fix up AArch64 syscall handlers
  linux-user: Add syscall number definitions for AArch64
  linux-user: Add cpu loop for AArch64
  linux-user: Don't treat AArch64 cpu names specially
  target-arm: Add AArch64 gdbstub support
  target-arm: Add AArch64 translation stub
  target-arm: Prepare translation for AArch64 code
  target-arm: Disable 32 bit CPUs in 64 bit linux-user builds
  target-arm: Add new AArch64CPUInfo base class and subclasses
  target-arm: Pass DisasContext* to gen_set_pc_im()
  target-arm: Fix target_ulong/uint32_t confusions
  target-arm: Export cpu_env
  target-arm: Extract the disas struct to a header file
  ...

Message-id: 1378839142-7726-1-git-send-email-peter.maydell@linaro.org
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-09-11 14:46:52 -05:00
Anthony Liguori
d985bd4d55 Merge remote-tracking branch 'spice/spice.v73' into staging
# By Gerd Hoffmann (2) and Christophe Fergeau (1)
# Via Gerd Hoffmann
* spice/spice.v73:
  qxl: fix local renderer
  qxl: trace io port name
  spice-core: Use g_strdup_printf instead of snprintf

Message-id: 1378807572-27902-1-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-09-11 14:46:26 -05:00
Anthony Liguori
a640f07c0d Merge remote-tracking branch 'kraxel/usb.89' into staging
# By Gerd Hoffmann (2) and Miroslav Rezanina (2)
# Via Gerd Hoffmann
* kraxel/usb.89:
  ehci: save device pointer in EHCIState
  Remove dev-bluetooth.c dependency from vl.c
  Preparation for usb-bt-dongle conditional build
  usb: sanity check setup_index+setup_len in post_load

Message-id: 1378806073-25197-1-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-09-11 14:46:21 -05:00
Anthony Liguori
f69f0bcac9 Merge remote-tracking branch 'mdroth/qga-pull-2013-9-9' into staging
# By Tomoki Sekiyama (10) and Paul Burton (1)
# Via Michael Roth
* mdroth/qga-pull-2013-9-9:
  QMP/qemu-ga-client: Make timeout longer for guest-fsfreeze-freeze command
  qemu-ga: Install Windows VSS provider on `qemu-ga -s install'
  qemu-ga: Call Windows VSS requester in fsfreeze command handler
  qemu-ga: Add Windows VSS provider and requester as DLL
  error: Add error_set_win32 and error_setg_win32
  qemu-ga: Add configure options to specify path to Windows/VSS SDK
  Add a script to extract VSS SDK headers on POSIX system
  checkpatch.pl: Check .cpp files
  Add c++ keywords to QAPI helper script
  configure: Support configuring C++ compiler
  mips_malta: support up to 2GiB RAM

Message-id: 1378755701-2051-1-git-send-email-mdroth@linux.vnet.ibm.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-09-11 14:46:08 -05:00
Anthony Liguori
97fdb9410b Merge remote-tracking branch 'sstabellini/xen-2013-09-09' into staging
# By Anthony PERARD
# Via Stefano Stabellini
* sstabellini/xen-2013-09-09:
  pc_q35: Initialize Xen.
  pc: Initializing ram_memory under Xen.

Message-id: alpine.DEB.2.02.1309091718030.6397@kaball.uk.xensource.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-09-11 14:45:57 -05:00
Anthony Liguori
964737ea19 Merge remote-tracking branch 'stefanha/block' into staging
# By Paolo Bonzini (21) and others
# Via Stefan Hajnoczi
* stefanha/block: (42 commits)
  qemu-iotests: Fixed test case 026
  qemu-iotests: Whitespace cleanup
  dataplane: Fix startup race.
  block: look for zero blocks in bs->file
  block: add default get_block_status implementation for protocols
  raw-posix: report unwritten extents as zero
  raw-posix: return get_block_status data and flags
  docs, qapi: document qemu-img map
  qemu-img: add a "map" subcommand
  block: return BDRV_BLOCK_ZERO past end of backing file
  block: use bdrv_has_zero_init to return BDRV_BLOCK_ZERO
  block: return get_block_status data and flags for formats
  block: define get_block_status return value
  block: introduce bdrv_get_block_status API
  block: make bdrv_has_zero_init return false for copy-on-write-images
  qemu-img: always probe the input image for allocated sectors
  block: expect errors from bdrv_co_is_allocated
  block: remove bdrv_is_allocated_above/bdrv_co_is_allocated_above distinction
  block: do not use ->total_sectors in bdrv_co_is_allocated
  block: make bdrv_co_is_allocated static
  ...

Message-id: 1378481953-23099-1-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-09-11 14:45:37 -05:00
Peter Maydell
031c44e4de pl110: Clarify comment about PL110 ID on VersatilePB
Clarify a comment about the ID register value presented by
the PL110 variant present on the VersatilePB board (based
on testing what the actual hardware does), to indicate that
this is not an error in our emulation, and to remove an #if-0.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-09-10 19:09:33 +01:00
Gerd Hoffmann
adbecc8973 ehci: save device pointer in EHCIState
We'll need a pointer to the actual pci/sysbus device,
stick a pointer to it into the EHCIState struct.

https://bugzilla.redhat.com/show_bug.cgi?id=1005495

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-10 11:14:42 +02:00
Miroslav Rezanina
615fe4de4b Remove dev-bluetooth.c dependency from vl.c
Use usb_legacy_register handling to create bt-dongle device and remove code
dependency from vl.c so CONFIG_USB_BLUETOOTH can be disabled.

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-10 11:14:42 +02:00
Miroslav Rezanina
644e1a8a34 Preparation for usb-bt-dongle conditional build
To allow disable usb-bt-dongle device using CONFIG_BLUETOOTH option, some of
functions in vl.c file has to be made accessible in dev-bluetooth.c. This is
pure code moving.

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-10 11:14:41 +02:00
Gerd Hoffmann
c60174e847 usb: sanity check setup_index+setup_len in post_load
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-10 11:14:41 +02:00
Gerd Hoffmann
c58c7b959b qxl: fix local renderer
The local spice renderer assumes the primary surface is located at the
start of the "ram" bar.  This used to be a requirement in qxl hardware
revision 1.  In revision 2+ this is relaxed.  Nevertheless guest drivers
continued to use the traditional location, for historical and backward
compatibility reasons.  The qxl kms driver doesn't though as it depends
on qxl revision 4+ anyway.

Result is that local rendering is hosed for recent linux guests, you'll
get pixel garbage with non-spice ui (gtk, sdl, vnc) and when doing
screendumps.  Fix that by doing a proper mapping of the guest-specified
memory location.

https://bugzilla.redhat.com/show_bug.cgi?id=948717

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-10 11:14:08 +02:00
Gerd Hoffmann
18b203850a qxl: trace io port name
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-10 11:14:08 +02:00
Tomoki Sekiyama
6f88009ee5 Add c++ keywords to QAPI helper script
Add c++ keywords to avoid errors in compiling with c++ compiler.
This also renames class member of PciDeviceInfo to q_class.

Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama@hds.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2013-09-09 14:17:56 -05:00
Paul Burton
94c2b6aff4 mips_malta: support up to 2GiB RAM
A Malta board can support up to 2GiB of RAM. Since the unmapped kseg0/1
regions are only 512MiB large & the latter 256MiB of those are taken up
by the IO region, access to RAM beyond 256MiB must be done through a
mapped region. In the case of a Linux guest this means we need to use
highmem.

The mainline Linux kernel does not support highmem for Malta at this
time, however this can be tested using the linux-mti-3.8 kernel branch
available from:

  git://git.linux-mips.org/pub/scm/linux-mti.git

You should be able to boot a Linux kernel built from the linux-mti-3.8
branch, with CONFIG_HIGHMEM enabled, using 2GiB RAM by passing "-m 2G"
to QEMU and appending the following kernel parameters:

  mem=256m@0x0 mem=256m@0x90000000 mem=1536m@0x20000000

Note that the upper half of the physical address space of a Malta
mirrors the lower half (hence the 2GiB limit) except that the IO region
(0x10000000-0x1fffffff in the lower half) is not mirrored in the upper
half. That is, physical addresses 0x90000000-0x9fffffff access RAM
rather than the IO region, resulting in a physical address space
resembling the following:

  0x00000000 -> 0x0fffffff  RAM
  0x10000000 -> 0x1fffffff  I/O
  0x20000000 -> 0x7fffffff  RAM
  0x80000000 -> 0x8fffffff  RAM (mirror of 0x00000000 -> 0x0fffffff)
  0x90000000 -> 0x9fffffff  RAM
  0xa0000000 -> 0xffffffff  RAM (mirror of 0x20000000 -> 0x7fffffff)

The second mem parameter provided to the kernel above accesses the
second 256MiB of RAM through the upper half of the physical address
space, making use of the aliasing described above in order to avoid
the IO region and use the whole 2GiB RAM.

The memory setup may be seen as 'backwards' in this commit since the
'real' memory is mapped in the upper half of the physical address space
and the lower half contains the aliases. On real hardware it would be
typical to see the upper half of the physical address space as the alias
since the bus addresses generated match the lower half of the physical
address space. However since the memory accessible in the upper half of
the physical address space is uninterrupted by the IO region it is
easiest to map the RAM as a whole there, and functionally it makes no
difference to the target code.

Due to the requirements of accessing the second 256MiB of RAM through
a mapping to the upper half of the physical address space it is usual
for the bootloader to indicate a maximum of 256MiB memory to a kernel.
This allows kernels which do not support such access to boot on systems
with more than 256MiB of RAM. It is also the behaviour assumed by Linux.
QEMUs small generated bootloader is modified to provide this behaviour.

Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2013-09-09 18:42:22 +02:00
Anthony PERARD
254c12825f pc_q35: Initialize Xen.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-09 16:24:33 +00:00
Anthony PERARD
04d7bad8a4 pc: Initializing ram_memory under Xen.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
CC: qemu-stable@nongnu.org
2013-09-09 16:22:19 +00:00
Aurelien Jarno
45d883dcf2 ne2000: mark I/O as LITTLE_ENDIAN
Now that the memory subsystem is propagating the endianness correctly,
the ne2000 device should have its I/O ports marked as LITTLE_ENDIAN, as
PCI devices are little endian.

This makes the ne2000 NIC to work again on PowerPC.

Cc: qemu-stable@nongnu.org
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-09-06 17:27:40 +02:00
Brad Smith
3dbb9786e9 vmxnet3: Eliminate __packed redefined warning
This eliminates a warning about __packed being redefined as exposed by the
vmxnet3 code. __packed is not used anywhere in the vmxnet3 code.

  CC    hw/net/vmxnet3.o
In file included from hw/net/vmxnet3.c:29:
hw/net/vmxnet3.h:37:1: warning: "__packed" redefined
In file included from /usr/include/stdlib.h:38,
                 from /buildbot-qemu/default_openbsd_current/build/include/qemu-common.h:26,
                 from /buildbot-qemu/default_openbsd_current/build/include/hw/hw.h:5,
                 from hw/net/vmxnet3.c:18:
/usr/include/sys/cdefs.h:209:1: warning: this is the location of the previous definition

Signed-off-by: Brad Smith <brad@comstyle.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-09-06 17:25:55 +02:00
Vincenzo Maffione
e9845f0985 e1000: add interrupt mitigation support
This patch partially implements the e1000 interrupt mitigation mechanisms.
Using a single QEMUTimer, it emulates the ITR register (which is the newer
mitigation register, recommended by Intel) and approximately emulates
RADV and TADV registers. TIDV and RDTR register functionalities are not
emulated (RDTR is only used to validate RADV, according to the e1000 specs).

RADV, TADV, TIDV and RDTR registers make up the older e1000 mitigation
mechanism and would need a timer each to be completely emulated. However,
a single timer has been used in order to reach a good compromise between
emulation accuracy and simplicity/efficiency.

The implemented mechanism can be enabled/disabled specifying the command
line e1000-specific boolean parameter "mitigation", e.g.

    qemu-system-x86_64 -device e1000,mitigation=on,... ...

For more information, see the Software developer's manual at
http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf.

Interrupt mitigation boosts performance when the guest suffers from
an high interrupt rate (i.e. receiving short UDP packets at high packet
rate). For some numerical results see the following link
http://info.iet.unipi.it/~luigi/papers/20130520-rizzo-vm.pdf

Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com>
Reviewed-by: Andreas Färber <afaerber@suse.de> (for pc-* machines)
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-09-06 17:25:52 +02:00
Cornelia Huck
8caf907f07 dataplane: Fix startup race.
Avoid trying to setup dataplane again if dataplane setup is already in
progress. This may happen if an eventfd is triggered during setup.

I saw this occasionally with an experimental s390 irqfd implementation:

virtio_blk_handle_output
-> virtio_blk_data_plane_start
-> virtio_ccw_set_host_notifier
...
-> virtio_queue_set_host_notifier_fd_handler
-> virtio_queue_host_notifier_read
-> virtio_queue_notify_vq
-> virtio_blk_handle_output
-> virtio_blk_data_plane_start
-> vring_setup
-> hostmem_init
-> memory_listener_register
-> BOOM

As virtio-ccw tries to follow what virtio-pci does, it might be triggerable
for other platforms as well.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-09-06 15:25:09 +02:00
Fam Zheng
c0777fe18b xen_disk: simplify blk_disconnect with refcnt
We call bdrv_attach_dev when initializing whether or not bs is created
locally, so call bdrv_detach_dev and let the refcnt handle the
lifecycle.

Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-09-06 15:25:08 +02:00
Fam Zheng
4f6fd3491c block: make bdrv_delete() static
Manage BlockDriverState lifecycle with refcnt, so bdrv_delete() is no
longer public and should be called by bdrv_unref() if refcnt is
decreased to 0.

This is an identical change because effectively, there's no multiple
reference of BDS now: no caller of bdrv_ref() yet, only bdrv_new() sets
bs->refcnt to 1, so all bdrv_unref() now actually delete the BDS.

Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-09-06 15:25:08 +02:00
Anthony Liguori
aaa6a40194 QOM CPUState refactorings / X86CPU
* Conversion of global CPU list to QTAILQ - preparing for CPU hot-unplug
 * Document X86CPU magic numbers for CPUID cache info
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iQIcBAABAgAGBQJSJgdaAAoJEPou0S0+fgE/WqAQAJ6pcTymZO86NLKwcY4dD5Dr
 Es2aTs4XFs9V3+gpbH9vOA71n9HanFQp1s4ZUskQ2BVQU8cZeRUKlGhKJfqcEbPF
 H5wkxskqgV2Sw8+XWjQk80J/X/W6k10Fit64CUpQqxzd3HwXXzT/QHXzM8t6p79i
 KdEAsjaQYqR8/qa7+pd437lLcTiRb51FqB5u3ClbCbIKjnnjswr/ZypKr+CUc9WY
 1AzP9UKg0qSxz1yCkgzYHt3eWjfuGhsqn8KXVQfc+37xFRZp0uYQYkCahhwrPRUO
 jTg0eJKxoyH76t+2jIsnNHfd6r5zaTmVThGnun/SzJTGj8AFNrz81EfT1niJdp2/
 6RdykpWdqqeA3usKoSzBgTEAXGL50tCL0xiREk7hPwflxJqjbjFuVuttkazEcHZf
 Q2OS0tUFhYi3yUojms/YJYFUaNUhA033wJSjKGbFfSDdtJdjnxmB2r+LhsH4ByfS
 4SPU5zr4up1Yr1dnmIlNUA5W/KMgZseT3shasLhFmODR7wGvrQ7DuEHRs87UQbbM
 pedvN92VmWzByEvLNkICJGuaVer+mHznig9f1eOkxXlK4RdNBmAf5QYMU+oxbkUG
 fwXu0w7/aUJKpcYl6aYUmkhgn9dB3Oe/WTVLkvfg54MUFKpo4b72AR01+fWT91XO
 r8DQQYwP94htozAC6F9n
 =/bSY
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'afaerber/tags/qom-cpu-for-anthony' into staging

QOM CPUState refactorings / X86CPU

* Conversion of global CPU list to QTAILQ - preparing for CPU hot-unplug
* Document X86CPU magic numbers for CPUID cache info

# gpg: Signature made Tue 03 Sep 2013 10:59:22 AM CDT using RSA key ID 3E7E013F
# gpg: Can't check signature: public key not found

# By Andreas Färber (3) and Eduardo Habkost (1)
# Via Andreas Färber
* afaerber/tags/qom-cpu-for-anthony:
  target-i386: Use #defines instead of magic numbers for CPUID cache info
  cpu: Replace qemu_for_each_cpu()
  cpu: Use QTAILQ for CPU list
  a15mpcore: Use qemu_get_cpu() for generic timers
2013-09-03 12:33:32 -05:00
Anthony Liguori
5a93d5c2ab Merge remote-tracking branch 'mjt/trivial-patches' into staging
# By Stefan Weil (6) and others
# Via Michael Tokarev
* mjt/trivial-patches:
  aio / timers: use g_usleep() not sleep()
  adlib: sort offsets in portio registration
  qmp: fix integer usage in examples
  tci: Remove function tcg_out64 (fix broken build)
  target-arm: Report unimplemented opcodes (LOG_UNIMP)
  pflash_cfi02.c: fix debug macro
  configure: Remove unneeded redirections of stderr (pkg-config --exists)
  configure: Remove unneeded redirections of stderr (pkg-config --cflags, --libs)
  configure: Don't write .pyc files by default (python -B)
  curl: qemu_bh_new() can never return NULL
  slirp/arp_table.c: Avoid shifting into sign bit of signed integers
  configure: disable clang -Wstring-plus-int warning
  rdma: silly ipv6 bugfix
  misc: Fix some typos in names and comments
  slirp: Port redirection option behave differently on Linux and Windows

Message-id: 1378119695-14568-1-git-send-email-mjt@msgid.tls.msk.ru
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-09-03 12:31:44 -05:00
Anthony Liguori
9ea0f58fc7 Merge remote-tracking branch 'kraxel/usb.88' into staging
# By Gerd Hoffmann (10) and Marcel Apfelbaum (1)
# Via Gerd Hoffmann
* kraxel/usb.88:
  usb/dev-hid: Modified usb-tablet category from Misc to Input
  Revert "usb-hub: report status changes only once"
  usb-hub: add tracepoint for status reports
  usb: parallelize usb3 streams
  uas: add property for request logging
  xhci: reset port when disabling slot
  xhci: emulate intr endpoint intervals correctly
  xhci: fix endpoint interval calculation
  xhci: add port to slot_address tracepoint
  xhci: add tracepoint for endpoint state changes
  xhci: remove leftover debug printf

Message-id: 1378117055-29620-1-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-09-03 12:31:30 -05:00
Anthony Liguori
9889e04ac1 pc,pci,virtio fixes and cleanups
This includes pc and pci cleanups and enhancements,
 and a virtio bugfix for level interrupts.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.14 (GNU/Linux)
 
 iQEcBAABAgAGBQJSIveoAAoJECgfDbjSjVRp2C8IAL7DE0oM0jfEB5DAd8jlULHx
 hA8RP21rFzyU8PwtHB+72+C1ImldBge4hvhI+qbsm6PoW3RCeV/lbESIRTiv8dCO
 pGUOFmv8MfJAH+WWFsle5mRisoTksYQWWBMHCOqvmaY4JL9pBQOhCLHVhV1XfjtL
 hO7uGrWmlijeILv5CxYyPMYuOEdVvRSZKzE+Fp2YKfNstiQrS5fJIlqmwCHrlneW
 l2atnt2d9ZV1K8QYiGg4GRVbSAMJvA1wum+0F4gnXIz9yAeOt+Ht1s8cNKQDMouJ
 r2OyVgPM9aS/XaO6ejct1Sjo7Vgh/Ublrpw3lFqV/qHix6rEHwy2I3JHFEJPjvk=
 =SytJ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mst/tags/for_anthony' into staging

pc,pci,virtio fixes and cleanups

This includes pc and pci cleanups and enhancements,
and a virtio bugfix for level interrupts.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Sun 01 Sep 2013 03:15:36 AM CDT using RSA key ID D28D5469
# gpg: Can't check signature: public key not found

# By Michael S. Tsirkin (3) and others
# Via Michael S. Tsirkin
* mst/tags/for_anthony:
  virtio_pci: fix level interrupts with irqfd
  pc: reduce duplication, fix PIIX descriptions
  hw: Clean up bogus default boot order
  pci: add config space access traces
  pc: fix regression for 64 bit PCI memory
  pci: Introduce helper to retrieve a PCI device's DMA address space

Message-id: 1378023590-11109-1-git-send-email-mst@redhat.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-09-03 12:31:07 -05:00
Anthony Liguori
5cff81f098 QOM device refactorings
* Fix QOM and ISA documentation errors
 * Extend object_initialize() et al. to check the instance size
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iQIcBAABAgAGBQJSIPBUAAoJEPou0S0+fgE/Wo0QAISAHVdHBvG7YzrgnpX89hCC
 MCqk5ny0FDZtlJXI5mqitgtBC0aqdhwgRxxfxjZ0/g7e8NysPUkWU9Zn7b/6WWKu
 A4ckRqxAVR6ZR0TNX9XvcoMoaebN0v5cfXDGjjqizs8HXdfs1bbAK5husMTka5df
 qDgRoFPEd1NmA/qpTu7EK74dIRkiB0o5c7Iyc8tNdkFK6it3fn8FW4fL0mk/61dc
 5VwZaIb1UMg8RAh/LMbdnIanWHYM8Yg7DMljdA4frZ53x5R82HxedfGB36L7YRwF
 GlgjxUn+/M1ZFdnzlX+cc330q82K0Tg3C94su1tR/3FuY+Da/9f97/e5WAYIN3v1
 peneh6szGemqRJD1TxBxvoq2GDHVIgx7xcsHjyOWfy08XDcO0UUF7WU1dNddhEl8
 9DX1tihSZJNugKoB2QNBZWcn1FPVAnxpbUfsAt/m1kdbxGPnOM2McEIOwabcQhNl
 odht/aEKB5A8TeRxFKBwozMXxFjh7AX2m8/YsQlApBWKefIV3411/WmO2tEg5kts
 1vO5ZyBM8lOoO5QK/Uvqne0hi/8hALyoO3v9e2IIAd3yE9hYUhk/sQ5our/bfW+M
 auiaoTcVvpFac1nBTsvY4Be1e+B2xqMMxLpsvsmENHcEUCOcAsbCXG/t1NkJR66+
 ZQLaX5ioxgd37zKIY8dT
 =LiUs
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'afaerber/tags/qom-devices-for-anthony' into staging

QOM device refactorings

* Fix QOM and ISA documentation errors
* Extend object_initialize() et al. to check the instance size

# gpg: Signature made Fri 30 Aug 2013 02:19:48 PM CDT using RSA key ID 3E7E013F
# gpg: Can't check signature: public key not found

# By Andreas Färber (14) and others
# Via Andreas Färber
* afaerber/tags/qom-devices-for-anthony:
  isa: Fix documentation of isa_register_portio_list()
  qom: Assert instance size in object_initialize_with_type()
  qom: Pass available size to object_initialize()
  qdev: Pass size to qbus_create_inplace()
  virtio-mmio: Pass size to virtio_mmio_bus_new()
  virtio-ccw: Pass size to virtio_ccw_bus_new()
  s390-virtio-bus: Pass size to virtio_s390_bus_new()
  virtio-pci: Pass size to virtio_pci_bus_new()
  usb: Pass size to usb_bus_new()
  scsi: Pass size to scsi_bus_new()
  pci: Pass size to pci_bus_new_inplace()
  ide: Pass size to ide_bus_new()
  ipack: Pass size to ipack_bus_new_inplace()
  intel-hda: Pass size to hda_codec_bus_init()
  qom: Fix object_initialize_with_type() argument name in documentation
  virtio: Remove unnecessary OBJECT() casts
  object: Fix typo in qom/object.h
2013-09-03 12:30:51 -05:00
Andreas Färber
38fcbd3f08 cpu: Replace qemu_for_each_cpu()
It was introduced to loop over CPUs from target-independent code, but
since commit 182735efaf target-independent
CPUState is used.

A loop can be considered more efficient than function calls in a loop,
and CPU_FOREACH() hides implementation details just as well, so use that
instead.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-09-03 12:25:55 +02:00
Andreas Färber
bdc44640cb cpu: Use QTAILQ for CPU list
Introduce CPU_FOREACH(), CPU_FOREACH_SAFE() and CPU_NEXT() shorthand
macros.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-09-03 12:25:55 +02:00
Andreas Färber
27013bf20d a15mpcore: Use qemu_get_cpu() for generic timers
This simplifies the loop and aids with refactoring of CPU list.

Requested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-09-03 11:30:04 +02:00
Marcel Apfelbaum
31efd2e883 usb/dev-hid: Modified usb-tablet category from Misc to Input
usb-tablet device was wrongly assigned to Misc category

Reported-by: Markus Armbruster <armbru@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-02 11:06:20 +02:00
Gerd Hoffmann
bdebd6ee81 Revert "usb-hub: report status changes only once"
This reverts commit a309ee6e0a.

This isn't in line with the usb specification and adds regressions,
win7 fails to drive the usb hub for example.

Was added because it "solved" the issue of hubs interacting badly
with the xhci host controller.  Now with the root cause being fixed
in xhci (commit <FIXME>) we can revert this one.

Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-02 11:06:20 +02:00
Gerd Hoffmann
b8cbc1374a usb-hub: add tracepoint for status reports
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-02 11:06:20 +02:00
Gerd Hoffmann
c96c41ed0d usb: parallelize usb3 streams
usb3 bulk endpoints with streams are implicitly pipelined now,
so the requests will actually be processed in parallel.  Also
allow them to complete out-of-order.

Fixes stalls in the uas driver.

Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-02 11:06:20 +02:00
Gerd Hoffmann
1556a8fc38 uas: add property for request logging
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-02 11:06:19 +02:00
Gerd Hoffmann
5c67dd7b48 xhci: reset port when disabling slot
Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-02 11:06:19 +02:00
Gerd Hoffmann
4d7a81c06f xhci: emulate intr endpoint intervals correctly
Respect the interval for interrupt endpoints, so we don't finish
transfers as fast as possible but at the rate configured by the guest.

Fixes guest deadlocks triggered by interrupt storms.

Cc:
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-02 11:06:19 +02:00
Gerd Hoffmann
ca7162782a xhci: fix endpoint interval calculation
Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-02 11:06:19 +02:00
Gerd Hoffmann
65d81ed402 xhci: add port to slot_address tracepoint
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-02 11:06:19 +02:00
Gerd Hoffmann
1c82392a15 xhci: add tracepoint for endpoint state changes
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-02 11:06:19 +02:00
Gerd Hoffmann
5219042274 xhci: remove leftover debug printf
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-02 11:06:19 +02:00
Alexey Kardashevskiy
7e472264e9 PPC: spapr: iommu: rework traces
This converts old style fprintf to traces.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
[agraf: change patch subject]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-09-02 10:06:43 +02:00
Alexey Kardashevskiy
59760f2dba spapr: add "stop-self" RTAS call required to support hot CPU unplug
PAPR+ requires two RTAS calls to be supported by the hypervisor in
order to allow hotplugging VCPUs from the guest. The "start-cpu" RTAS
call was already there but "stop-self" was not.

This adds the "stop-self" RTAS call.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-09-02 10:06:42 +02:00
Anton Blanchard
42561bf2e4 pseries: Add H_SET_MODE hcall to change guest exception endianness
H_SET_MODE is used for controlling various partition settings. One
of these settings is the endianness a guest takes its exceptions in.

Signed-off-by: Anton Blanchard <anton@samba.org>
[agraf: fix whitespace]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-09-02 10:06:42 +02:00
Alexey Kardashevskiy
33a0e5d8c5 xics: move registration of global state to realize()
Registration of global state belongs into realize so move it there.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-09-02 10:06:42 +02:00
Alexey Kardashevskiy
f1c2dc7c86 spapr-pci: rework MSI/MSIX
On the sPAPR platform a guest allocates MSI/MSIX vectors via RTAS
hypercalls which return global IRQ numbers to a guest so it only
operates with those and never touches MSIMessage.

Therefore MSIMessage handling is completely hidden in QEMU.

Previously every sPAPR PCI host bridge implemented its own MSI window
to catch msi_notify()/msix_notify() calls from QEMU devices (virtio-pci
or vfio) and route them to the guest via qemu_pulse_irq().
MSIMessage used to be encoded as:
	.addr - address within the PHB MSI window;
	.data - the device index on PHB plus vector number.
The MSI MR write function translated this MSIMessage to a global IRQ
number and called qemu_pulse_irq().

However the total number of IRQs is not really big (at the moment it is
1024 IRQs starting from 4096) and even 16bit data field of MSIMessage
seems to be enough to store an IRQ number there.

This simplifies MSI handling in sPAPR PHB. Specifically, this does:
1. remove a MSI window from a PHB;
2. add a single memory region for all MSIs to sPAPREnvironment
and spapr_pci_msi_init() to initialize it;
3. encode MSIMessage as:
    * .addr - a fixed address of SPAPR_PCI_MSI_WINDOW==0x40000000000ULL;
    * .data as an IRQ number.
4. change IRQ allocator to align first IRQ number in a block for MSI.
MSI uses lower bits to specify the vector number so the first IRQ has to
be aligned. MSIX does not need any special allocator though.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-09-02 10:06:42 +02:00
Alexey Kardashevskiy
5dac82ce0d spapr-pci: fix config space access to support bridges
spapr-pci config space accessors use find_dev() to find a PCI device.
However find_dev() only searched on a primary bus and did not do
recursive search through secondary buses so config space access was not
possible for devices other that on a primary bus.

This fixed find_dev() by using the PCI API pci_find_device() function.
This effectively enabled pci bridges on spapr.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-09-02 10:06:42 +02:00
Andreas Färber
ad9990acc5 ppc405_boards: Don't enforce presence of firmware for qtest
Adopt error_report() while at it.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-09-02 10:06:41 +02:00
Andreas Färber
0d84382ed9 ppc405_uc: Disable debug output
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-09-02 10:06:41 +02:00
Andreas Färber
bf2ed917d7 ppc405_boards: Disable debug output
Also move one stray debug output into an #ifdef.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-09-02 10:06:41 +02:00
Efimov Vasily
daf285b606 ppc: virtex_ml507: QEMU_OPTION_dtb support for this machine.
QEMU has 'dtb' option for specifing the device tree file for the kernel.
The patch adds support for this option to the 'virtex_ml507' machine
implementation.

Signed-off-by: Efimov Vasily <real@ispras.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-09-02 10:06:41 +02:00
Anton Blanchard
7770b6f78a pseries: Fix stalls on hypervisor virtual console
A number of users are reporting stalls when using the pseries
hypervisor virtual console.

A simple test case is to paste 15 or 17 characters at a time
into the console. Pasting 15 characters at a time works fine
but pasting 17 characters hangs for a random amount of time.
Other activity (network, qemu monitor etc) unblocks it.

If qemu-char tries to send more than 16 characters at once,
vty_can_receive returns false. At this point we have to
wait for the guest to consume that output. Everything is good
so far.

The problem occurs when the the guest does consume the output.
We need to signal back to the qemu-char layer that we are
ready for more input. Without this we block until something
else kicks us (eg network activity).

Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-09-02 10:06:41 +02:00
Alexander Graf
28290f37e2 PPC: E500: Generate device tree on reset
Today we generate the device tree once on machine initialization and then
store the finalized blob in memory to reload it on reset.

This is bad for 2 reasons. First we potentially waste a bunch of RAM for no
good reason, as we have all information required to regenerate the device
tree available anyways.

The second reason is even more important. On machine init when we generate
the device tree for the first time, we don't have all of the devices fully
initialized yet. But the device tree needs to potentially walk devices to
put information about them into the device tree.

Move the generation into a reset function. That way we just generate it new
every time we reset, solving both of the above issues.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-09-02 10:06:40 +02:00
Hervé Poussineau
2b21fb57af adlib: sort offsets in portio registration
This fixes the following assert when -device adlib is used:
ioport.c:240: portio_list_add: Assertion `pio->offset >= off_last' failed.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-09-01 19:59:30 +04:00
Antony Pavlov
56f99ea19b pflash_cfi02.c: fix debug macro
If PFLASH_DEBUG is enabled then we have some build errors:

hw/block/pflash_cfi02.c: In function ‘pflash_timer’:
hw/block/pflash_cfi02.c:128:5: error: expected ‘)’ before string constant
hw/block/pflash_cfi02.c:128:5: error: too few arguments to function ‘fprintf’

This patch fixes the problem.

Signed-off-by: Antony Pavlov <antonynpavlov@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-09-01 19:32:42 +04:00
Stefan Weil
4c293dc6e4 misc: Fix some typos in names and comments
Most typos were found using a modified version of codespell:

accross -> across
issueing -> issuing
TICNT_THRESHHOLD -> TICNT_THRESHOLD
bandwith -> bandwidth
VCARD_7816_PROPIETARY -> VCARD_7816_PROPRIETARY
occured -> occurred
gaurantee -> guarantee
sofware -> software

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-09-01 18:59:24 +04:00
Michael S. Tsirkin
23fe2b3f9e virtio_pci: fix level interrupts with irqfd
commit 62c96360ae
    virtio-pci: fix level interrupts
only helps systems without irqfd: on systems with irqfd support we
passed in flag requesting irqfd even when msix is disabled.

As a result, for level interrupts we didn't install an fd handler so
unmasking an fd had no effect.

Fix this up.

Cc: qemu-stable@nongnu.org
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-01 11:15:03 +03:00
Michael S. Tsirkin
a0dba644c1 pc: reduce duplication, fix PIIX descriptions
We have a lot of code duplication between machine types,
this increases with each new machine type
and each new field.

This has already introduced a minor bug: description
for pc-1.3 says "Standard PC" while description for
pc-1.4 is "Standard PC (i440FX + PIIX, 1996)"
which makes you think 1.3 is somehow more standard,
or newer, while in fact it's a revision of the same PC.

This patch addresses this issue by using macros, along
the lines used by PC_COMPAT_X_X - only for
non-property options.

The approach can extend to non-PC machine types.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-09-01 10:43:25 +03:00
Andreas Färber
213f0c4f61 qom: Pass available size to object_initialize()
To be passed on to object_initialize_with_type().

Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com> (virtio-ccw)
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 21:15:44 +02:00
Andreas Färber
fb17dfe057 qdev: Pass size to qbus_create_inplace()
To be passed to object_initialize().

Since commit 39355c3826 the argument is
void*, so drop some superfluous (BusState *) casts or direct parent
field usages.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 21:15:35 +02:00
Andreas Färber
e5f720391e virtio-mmio: Pass size to virtio_mmio_bus_new()
To be passed to qbus_create_initialize().

Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 20:14:40 +02:00
Andreas Färber
1bf4d7aad6 virtio-ccw: Pass size to virtio_ccw_bus_new()
To be passed to qbus_create_inplace().

Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 20:14:39 +02:00
Andreas Färber
5d6c0c4913 s390-virtio-bus: Pass size to virtio_s390_bus_new()
To be passed to qbus_create_inplace().

Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 20:14:39 +02:00
Andreas Färber
ac7af1120f virtio-pci: Pass size to virtio_pci_bus_new()
To be passed to qbus_create_inplace().

Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 20:14:39 +02:00
Andreas Färber
c889b3a55d usb: Pass size to usb_bus_new()
To be passed to qbus_create_inplace().

Use DEVICE() cast to avoid a direct parent field access.

Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 20:14:39 +02:00
Andreas Färber
b1187b51ff scsi: Pass size to scsi_bus_new()
To be passed to qbus_create_inplace().

Use DEVICE() casts instead of direct parent field access.

Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 20:14:39 +02:00
Andreas Färber
dd301ca607 pci: Pass size to pci_bus_new_inplace()
To be passed to qbus_create_inplace().

Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 20:14:39 +02:00
Andreas Färber
c6baf942e0 ide: Pass size to ide_bus_new()
To be passed to qbus_create_inplace().

Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 20:14:39 +02:00
Andreas Färber
77cbb28a5b ipack: Pass size to ipack_bus_new_inplace()
To be passed to qbus_create_inplace().

Simplify DEVICE() cast to avoid parent field access.

Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 20:14:38 +02:00
Andreas Färber
ab809e84a7 intel-hda: Pass size to hda_codec_bus_init()
To be passed to qbus_create_inplace().

Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 20:14:38 +02:00
Peter Maydell
e65177a87f virtio: Remove unnecessary OBJECT() casts
There's no need to cast the first argument of object_initialize()
to Object. Remove these unnecessary casts.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-30 20:14:38 +02:00
Christian Borntraeger
4e872a3fb0 s390: provide I/O subsystem reset
Provide a function that resets the I/O subsystem.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Alexander Graf <agraf@suse.de>
2013-08-30 12:49:30 +02:00
Anthony Liguori
b5d54bd421 Merge remote-tracking branch 'qemu-kvm/uq/master' into stable-1.5
* qemu-kvm/uq/master:
  kvm-stub: fix compilation
  kvm: shorten the parameter list for get_real_device()
  kvm: i386: fix LAPIC TSC deadline timer save/restore
  kvm-all.c: max_cpus should not exceed KVM vcpu limit
  kvm: Simplify kvm_handle_io
  kvm: x86: fix setting IA32_FEATURE_CONTROL with nested VMX disabled
  kvm: add KVM_IRQFD_FLAG_RESAMPLE support
  kvm: migrate vPMU state
  target-i386: remove tabs from target-i386/cpu.h
  Initialize IA32_FEATURE_CONTROL MSR in reset and migration

Conflicts:
	target-i386/cpu.h
	target-i386/kvm.c

aliguori: fixup trivial conflicts due to whitespace and added cpu
          argument

Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-08-29 17:21:51 -05:00
Anthony Liguori
3e998a7788 pc,pci,virtio fixes and cleanups
This includes pc and pci cleanups, future-proofing of ROM files,
 and a virtio bugfix correcting splice on virtio console.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.14 (GNU/Linux)
 
 iQEcBAABAgAGBQJSGvbsAAoJECgfDbjSjVRp0qsH/2N/b/5bNhL6gx5Kjigzv7Lt
 bmCUsSsUm/Rnhke2SpDPVdIOU9W5WIX2zte8qiXuBJi3j/RS9procbgUZrCetpUI
 GHQOn+n8e2TX/P9CIcHaN/bA1b+Kx+bvaVbDL/6P2PJvodbDGwDLp/9y+Tisv5Ye
 kLow8Y4ZJcaTlmPf/Mh1AnhNa3gel231A3qwugVUNDSyITM6pG/0M07xk8YBj+JJ
 6DYrlK0bKMNDxPu5St+YP94D1ODv2zM1aio/TdMUaNfqTZM1iqGTj3zKkBS2PjT0
 RhuU2x4N91lY/uCdudtWSj5dYtfRT/xw7qwNAz9IHNz6RlGeX0n++ClMC8z9Y8A=
 =Pc09
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mst/tags/for_anthony' into stable-1.5

pc,pci,virtio fixes and cleanups

This includes pc and pci cleanups, future-proofing of ROM files,
and a virtio bugfix correcting splice on virtio console.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Mon 26 Aug 2013 01:34:20 AM CDT using RSA key ID D28D5469
# gpg: Can't check signature: public key not found

# By Markus Armbruster (5) and others
# Via Michael S. Tsirkin
* mst/tags/for_anthony:
  virtio: virtqueue_get_avail_bytes: fix desc_pa when loop over the indirect descriptor table
  pc_piix: Kill pc_init1() memory region args
  pc: pc_compat_1_4() now can call pc_compat_1_5()
  pc: Create pc_compat_*() functions
  pc: Kill pc_init_pci_1_0()
  pc: Don't explode QEMUMachineInitArgs into local variables needlessly
  pc: Don't prematurely explode QEMUMachineInitArgs
  ppc: Don't duplicate QEMUMachineInitArgs in PPCE500Params
  ppc: Don't explode QEMUMachineInitArgs into local variables needlessly
  sun4: Don't prematurely explode QEMUMachineInitArgs
  q35: Add PCIe switch to example q35 configuration
  loader: store FW CFG ROM files in RAM
  arch_init: align MR size to target page size
  pc: cleanup 1.4 compat support

Message-id: 1377535318-30491-1-git-send-email-mst@redhat.com
2013-08-29 17:19:19 -05:00
Markus Armbruster
c165473269 hw: Clean up bogus default boot order
We set default boot order "cad" in every single machine definition
except "pseries" and "moxiesim", even though very few boards actually
care for boot order, and "cad" makes sense for even fewer.

Machines that care:

* pc and its variants

  Accept up to three letters 'a', 'b' (undocumented alias for 'a'),
  'c', 'd' and 'n'.  Reject all others (fatal with -boot).

* nseries (n800, n810)

  Check whether order starts with 'n'.  Silently ignored otherwise.

* prep, g3beige, mac99

  Extract the first character the machine understands (subset of
  'a'..'f').  Silently ignored otherwise.

* spapr

  Accept an arbitrary string (vl.c restricts it to contain only
  'a'..'p', no duplicates).

* sun4[mdc]

  Use the first character.  Silently ignored otherwise.

Strip characters these machines ignore from their default boot order.

For all other machines, remove the unused default boot order
alltogether.

Note that my rename of QEMUMachine member boot_order to
default_boot_order and QEMUMachineInitArgs member boot_device to
boot_order has a welcome side effect: it makes every use of boot
orders visible in this patch, for easy review.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-08-28 10:16:47 +03:00
Alexey Kardashevskiy
3bf4dfdd11 pci: add config space access traces
This adds pci_cfg_read and pci_cfg_write traces for config spaces
accesses.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-08-28 10:11:23 +03:00
Michael S. Tsirkin
1466cef32d pc: fix regression for 64 bit PCI memory
commit 3984890181
    pc: limit 64 bit hole to 2G by default
introduced a way for management to control
the window allocated to the 64 bit PCI hole.

This is useful, but existing management tools do not know how to set
this property.  As a result, e.g. specifying a large ivshmem device with
size > 4G is broken by default.  For example this configuration no
longer works:

-device ivshmem,size=4294967296,chardev=cfoo
-chardev socket,path=/tmp/sock,id=cfoo,server,nowait

Fix this by detecting that hole size was not specified
and defaulting to the backwards-compatible value of 1 << 62.

Cc: qemu-stable@nongnu.org
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-08-27 10:13:41 +03:00
Alexey Kardashevskiy
9eda7d373e pci: Introduce helper to retrieve a PCI device's DMA address space
A PCI device's DMA address space (possibly an IOMMU) is returned by a
method on the PCIBus.  At the moment that only has one caller, so the
method is simply open coded.  We'll need another caller for VFIO, so
this patch introduces a helper/wrapper function.

If IOMMU is not set, the pci_device_iommu_address_space() function
returns the parent's IOMMU skipping the "bus master" address space as
otherwise proper emulation would require more effort for no benefit.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
[aik: added inheritance from parent if iommu is not set for the current bus]
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-08-27 08:30:48 +03:00
Anthony Liguori
f7ad538e1e Merge remote-tracking branch 'stefanha/block' into staging
# By Alex Bligh (32) and others
# Via Stefan Hajnoczi
* stefanha/block: (42 commits)
  win32-aio: drop win32_aio_flush_cb()
  aio-win32: replace incorrect AioHandler->opaque usage with ->e
  aio / timers: remove dummy_io_handler_flush from tests/test-aio.c
  aio / timers: Remove legacy interface
  aio / timers: Switch entire codebase to the new timer API
  aio / timers: Add scripts/switch-timer-api
  aio / timers: Add test harness for AioContext timers
  aio / timers: convert block_job_sleep_ns and co_sleep_ns to new API
  aio / timers: Convert rtc_clock to be a QEMUClockType
  aio / timers: Remove main_loop_timerlist
  aio / timers: Rearrange timer.h & make legacy functions call non-legacy
  aio / timers: Add qemu_clock_get_ms and qemu_clock_get_ms
  aio / timers: Remove legacy qemu_clock_deadline & qemu_timerlist_deadline
  aio / timers: Remove alarm timers
  aio / timers: Add documentation and new format calls
  aio / timers: Use all timerlists in icount warp calculations
  aio / timers: Introduce new API timer_new and friends
  aio / timers: On timer modification, qemu_notify or aio_notify
  aio / timers: Convert mainloop to use timeout
  aio / timers: Convert aio_poll to use AioContext timers' deadline
  ...

Message-id: 1377202298-22896-1-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-08-26 09:19:50 -05:00
yinyin
1ae2757c6c virtio: virtqueue_get_avail_bytes: fix desc_pa when loop over the indirect descriptor table
virtqueue_get_avail_bytes: when found a indirect desc, we need loop over it.
           /* loop over the indirect descriptor table */
           indirect = 1;
           max = vring_desc_len(desc_pa, i) / sizeof(VRingDesc);
           num_bufs = i = 0;
           desc_pa = vring_desc_addr(desc_pa, i);
But, It init i to 0, then use i to update desc_pa. so we will always get:
desc_pa = vring_desc_addr(desc_pa, 0);
the last two line should swap.

Cc: qemu-stable@nongnu.org
Signed-off-by: Yin Yin <yin.yin@cs2c.com.cn>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-08-25 12:52:33 +03:00
Wei Yang
867c47cbba kvm: shorten the parameter list for get_real_device()
get_real_device() has 5 parameters with the last 4 is contained in the first
structure.

This patch removes the last 4 parameters and directly use them from the first
parameter.

Acked-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Wei Yang <weiyang@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-08-23 11:37:35 +02:00
Alex Bligh
bc72ad6754 aio / timers: Switch entire codebase to the new timer API
This is an autogenerated patch using scripts/switch-timer-api.

Switch the entire code base to using the new timer API.

Note this patch may introduce some line length issues.

Signed-off-by: Alex Bligh <alex@alex.org.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-08-22 19:14:24 +02:00
Alex Bligh
884f17c235 aio / timers: Convert rtc_clock to be a QEMUClockType
Convert rtc_clock to be a QEMUClockType

Move rtc_clock users to use the new API

Signed-off-by: Alex Bligh <alex@alex.org.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-08-22 19:14:24 +02:00
Alex Bligh
40daca54cd aio / timers: Rearrange timer.h & make legacy functions call non-legacy
Rearrange timer.h so it is in order by function type.

Make legacy functions call non-legacy functions rather than vice-versa.

Convert cpus.c to use new API.

Signed-off-by: Alex Bligh <alex@alex.org.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-08-22 19:14:24 +02:00
Alex Bligh
6a1751b7aa aio / timers: Untangle include files
include/qemu/timer.h has no need to include main-loop.h and
doing so causes an issue for the next patch. Unfortunately
various files assume including timers.h will pull in main-loop.h.
Untangle this mess.

Signed-off-by: Alex Bligh <alex@alex.org.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-08-22 19:10:27 +02:00
Anthony Liguori
5211333bf7 Merge remote-tracking branch 'luiz/queue/qmp' into staging
# By Laszlo Ersek (8) and others
# Via Luiz Capitulino
* luiz/queue/qmp:
  scripts/qapi.py: Avoid syntax not supported by Python 2.4
  monitor: print the invalid char in error message
  OptsVisitor: introduce unit tests, with test cases for range flattening
  add "test-int128" and "test-bitops" to .gitignore
  OptsVisitor: don't try to flatten overlong integer ranges
  OptsVisitor: opts_type_uint64(): recognize intervals when LM_IN_PROGRESS
  OptsVisitor: rebase opts_type_uint64() to parse_uint_full()
  OptsVisitor: opts_type_int(): recognize intervals when LM_IN_PROGRESS
  OptsVisitor: introduce list modes for interval flattening
  OptsVisitor: introduce basic list modes
  Convert stderr message calling error_get_pretty() to error_report()

Message-id: 1377015041-6567-1-git-send-email-lcapitulino@redhat.com
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
2013-08-22 09:29:25 -05:00
Alex Bligh
e93379b039 aio / timers: Rename qemu_timer_* functions
Rename four functions in preparation for new API.

Rename qemu_timer_expired to timer_expired
Rename qemu_timer_expire_time_ns to timer_expire_time_ns
Rename qemu_timer_pending to timer_pending
Rename qemu_timer_expired_ns to timer_expired_ns

Signed-off-by: Alex Bligh <alex@alex.org.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-08-22 15:58:05 +02:00
Eduardo Habkost
1e09955619 pc_piix: Kill pc_init1() memory region args
All callers always use the same values (get_system_memory(),
get_system_io()), so the parameters are pointless.

If one day we decide to eliminate get_system_memory() and
get_system_io(), we will be able to do that more easily by adding the
values to struct QEMUMachineInitArgs.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-08-21 23:30:22 +03:00
Eduardo Habkost
396f79f45e pc: pc_compat_1_4() now can call pc_compat_1_5()
It just needs to set has_pvpanic=false after calling it. This way, it
won't be a special case anymore.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-08-21 23:30:22 +03:00
Eduardo Habkost
89b439f313 pc: Create pc_compat_*() functions
Making the older compat functions call the newer compat functions at the
beginning allows the older functions undo what's done by newer compat
functions. e.g.: pc_compat_1_4() will be able to call pc_compat_1_5()
and then set has_pvpanic=false.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-08-21 23:30:22 +03:00
Eduardo Habkost
43a52ce657 pc: Kill pc_init_pci_1_0()
The pc_init_pci_1_2()/pc_init_pci_1_0() split was made on commit
6fd028f64f, in preparation for commit
9953f8822c. The latter was reverted, so there's
no reason to keep two separate functions that do exactly the same, anymore.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-08-21 23:30:21 +03:00
Markus Armbruster
3b6fb9cab2 pc: Don't explode QEMUMachineInitArgs into local variables needlessly
Don't explode when the variable is used just a few times, and never
changed.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-08-21 23:30:21 +03:00
Markus Armbruster
5650f5f48b pc: Don't prematurely explode QEMUMachineInitArgs
Don't explode QEMUMachineInitArgs before passing it to pc_init1().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-08-21 23:30:21 +03:00