Commit Graph

9824 Commits

Author SHA1 Message Date
Peter Maydell
291155cbc5 hw/arm_sysctl: Implement SYS_CFG_DVIMODE as a no-op
SYS_CFG_DVIMODE allows the guest to select whether the
output DVI signal is VGA, SVGA, XGA, SGA or UXGA. Since
this makes no difference to QEMU, implement writes as a
no-op so Linux doesn't complain.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-03-15 16:41:56 +00:00
Peter Maydell
8ff05c9842 hw/arm_sysctl: Implement SYS_CFG_MUXFPGA writes as a no-op
SYS_CFG_MUXFPGA allows the guest to select whether the
video output should come from the motherboard's LCD
controller or the daughterboard's one. Since QEMU doesn't
currently support selecting the video output like this,
implement as a no-op, so Linux doesn't complain about
the register not being implemented.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-03-15 16:41:56 +00:00
Peter Maydell
7153832335 hw/arm_sysctl: Handle SYS_CFGCTRL in a more structured way
The SYS_CFGCTRL register consists of separate fields
for DCC, function, site, position and device, as well
as a read/write bit. Refactor the code handling SYS_CFGCTRL
writes to make it easier to add support for functions
like SYS_CFG_OSC which support multiple device fields.
We also pull the handling out into its own function for
clarity, as there are potentially a lot of implementable
subfunctions.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-03-15 16:41:56 +00:00
Peter Maydell
cdef10bb93 hw/vexpress: Pass proc_id via VEDBoardInfo
Pass the daughterboard-specific proc_id property to the code that
creates the sysctl device via the VEDBoardInfo struct, rather than
by having the daughterboard init function write to a uint32_t*
argument. This is a cleaner way to pass the info around, and
is in line with the way we are going to handle voltage and
oscillator initialization.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-03-15 16:41:56 +00:00
Anthony Liguori
dc0b0616f7 Merge remote-tracking branch 'stefanha/block' into staging
# By Stefan Hajnoczi (14) and others
# Via Stefan Hajnoczi
* stefanha/block: (28 commits)
  blockdev: Fix up copyright and permission notice
  qemu-iotests: use -nographic in test case 007
  qemu-iotests: add tests for rebasing zero clusters
  dataplane: fix hang introduced by AioContext transition
  coroutine: use AioContext for CoQueue BH
  threadpool: drop global thread pool
  block: add bdrv_get_aio_context()
  aio: add a ThreadPool instance to AioContext
  threadpool: add thread_pool_new() and thread_pool_free()
  threadpool: move globals into struct ThreadPool
  main-loop: add qemu_get_aio_context()
  sheepdog: set io_flush handler in do_co_req
  sheepdog: use non-blocking fd in coroutine context
  qcow2: make is_allocated return true for zero clusters
  qcow2: drop unnecessary flush in qcow2_update_snapshot_refcount()
  qcow2: drop flush in update_cluster_refcount()
  qcow2: flush in qcow2_update_snapshot_refcount()
  qcow2: set L2 cache dependency in qcow2_alloc_bytes()
  qcow2: flush refcount cache correctly in qcow2_write_snapshots()
  qcow2: flush refcount cache correctly in alloc_refcount_block()
  ...
2013-03-15 10:47:21 -05:00
Anthony Liguori
d4d7682484 Merge remote-tracking branch 'cohuck/virtio-ccw-upstr' into staging
# By Christian Borntraeger (1) and Cornelia Huck (1)
# Via Cornelia Huck
* cohuck/virtio-ccw-upstr:
  virtio-ccw: Wire up virtio-rng.
  virtio-ccw: remove qdev_unparent in unplug routing
2013-03-15 10:47:00 -05:00
Paolo Bonzini
485e3ce88e dataplane: fix hang introduced by AioContext transition
The bug is that the EventNotifiers do have a NULL io_flush callback.
Because _none_ of the callbacks on the dataplane AioContext have such a
callback, aio_poll will simply do nothing.  Fixed by adding the callbacks:
the ioeventfd will always be polled (this can change in the future to
pause/resume the processing during live snapshots or similar operations);
the ioqueue will be polled if there are outstanding requests.

I must admit I have screwed up my testing somehow, because commit
2c20e71 does not work even if cherry-picked on top of 1.4.0, and this
patch fixes it there as well.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-03-15 16:07:51 +01:00
Kevin Wolf
de9c0cec6c block: Add options QDict to bdrv_open() prototype
It doesn't do anything yet except storing the options QDict in the
BlockDriverState.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-03-15 16:07:49 +01:00
Cornelia Huck
2362ecc5c6 virtio-ccw: Wire up virtio-rng.
Make virtio-rng devices available for s390-ccw-virtio machines.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2013-03-12 13:39:22 +01:00
Christian Borntraeger
b8a205f2ed virtio-ccw: remove qdev_unparent in unplug routing
This patch fixes unplugging a virtio-ccw device. We no
longer need to do that in virtio-ccw since common code does now
proper handling.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2013-03-12 13:39:22 +01:00
Andreas Färber
c3affe5670 cpu: Pass CPUState to cpu_interrupt()
Move it to qom/cpu.h to avoid issues with include order.

Change pc_acpi_smi_interrupt() opaque to X86CPU.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-03-12 10:35:55 +01:00
Andreas Färber
d8ed887bdc exec: Pass CPUState to cpu_reset_interrupt()
Move it to qom/cpu.c to avoid build failures depending on include order
of cpu-qom.h and exec/cpu-all.h.

Change opaques of various ..._irq_handler() functions to the
appropriate CPU type to facilitate using cpu_reset_interrupt().

Fix Coding Style issues while at it (missing braces, indentation).

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-03-12 10:35:55 +01:00
Andreas Färber
259186a7d2 cpu: Move halted and interrupt_request fields to CPUState
Both fields are used in VMState, thus need to be moved together.
Explicitly zero them on reset since they were located before
breakpoints.

Pass PowerPCCPU to kvmppc_handle_halt().

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-03-12 10:35:55 +01:00
Andreas Färber
b350ab7583 target-sh4: Move PVR/PRR/CVR into SuperHCPUClass
They are never changed once initialized, and moving them to the class
will allow to inspect them before instantiating.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-03-12 10:35:54 +01:00
Paolo Bonzini
bba18e23f7 arm: fix compilation with CONFIG_FDT
A conflict was resolved the wrong way when merging commit 320ba5f (build:
always link device_tree.o into emulators if libfdt available, 2013-02-05).
This causes a build failure for the arm-softmmu target due to multiply
defined symbol.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1362997886-9470-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-03-11 07:39:47 -05:00
Anthony Liguori
fa3889162f Merge remote-tracking branch 'origin/master' into staging
* origin/master: (75 commits)
  tcg: Don't make exitreq flag a local temporary
  Makefile: Add subdir dependency on config-devices-all.mak
  make_device_config.sh: Emit dependency file to directory where included
  Revert "make_device_config.sh: Fix target path in generated dependency file"
  s390/virtio-ccw: remove redundant call to blockdev_mark_auto_del
  s390/css: Fix subchannel detection
  Allow virtio-net features for legacy s390 virtio bus
  s390: virtio-ccw maintainer
  s390: simplify kvm cpu init
  pseries: Add compatible property to root of device tree
  target-ppc: Move CPU aliases out of translate_init.c
  target-ppc: Report CPU aliases for QMP
  target-ppc: List alias names alongside CPU models
  target-ppc: Make host CPU a subclass of the host's CPU model
  PPC: xnu kernel expects FLUSH to be cleared on STOP
  PPC: Fix dma interrupt
  target-ppc: Fix PPC_DUMP_SPR_ACCESS build
  target-ppc: Synchronize FPU state with KVM
  target-ppc: Add mechanism for synchronizing SPRs with KVM
  Save memory allocation in the elf loader
  ...
2013-03-10 20:39:17 -05:00
Anthony Liguori
6e72a00f90 Merge remote-tracking branch 'bonzini/hw-dirs' into staging
* bonzini/hw-dirs:
  sh: move files referencing CPU to hw/sh4/
  ppc: move more files to hw/ppc
  ppc: move files referencing CPU to hw/ppc/
  m68k: move files referencing CPU to hw/m68k/
  i386: move files referencing CPU to hw/i386/
  arm: move files referencing CPU to hw/arm/
  hw: move boards and other isolated files to hw/ARCH
  ppc: express FDT dependency of pSeries and e500 boards via default-configs/
  build: always link device_tree.o into emulators if libfdt available
  hw: include hw header files with full paths
  ppc: do not use ../ in include files
  vt82c686: vt82c686 is not a PCI host bridge
  virtio-9p: remove PCI dependencies from hw/9pfs/
  virtio-9p: use CONFIG_VIRTFS, not CONFIG_LINUX
  hw: move device-hotplug.o to toplevel, compile it once
  hw: move qdev-monitor.o to toplevel directory
  hw: move fifo.[ch] to libqemuutil
  hw: move char backends to backends/

Conflicts:
	backends/baum.c
	backends/msmouse.c
	hw/a15mpcore.c
	hw/arm/Makefile.objs
	hw/arm/pic_cpu.c
	hw/dataplane/event-poll.c
	hw/dataplane/virtio-blk.c
	include/char/baum.h
	include/char/msmouse.h
	qemu-char.c
	vl.c

Resolve conflicts caused by header movements.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-03-10 19:56:35 -05:00
Anthony Liguori
6a245c666d Merge remote-tracking branch 'stefanha/trivial-patches' into staging
# By Lei Li (2) and others
# Via Stefan Hajnoczi
* stefanha/trivial-patches:
  Fix the wrong description in qemu manual
  pci_host: Drop write-only address_space field
  rng-random: Use qemu_open / qemu_close
  configure: Require at least spice-protocol-0.12.3
  osdep: replace setsockopt by qemu_setsockopt
  lm32: remove unused function
  rtc-test: Fix test failures with recent glib
  configure: Create link to icon bitmap for out-of-tree builds
2013-03-10 19:33:03 -05:00
Anthony Liguori
6d06368d6b Merge remote-tracking branch 'bonzini/scsi-next' into staging
# By Paolo Bonzini (4) and Peter Lieven (2)
# Via Paolo Bonzini
* bonzini/scsi-next:
  scsi-disk: handle io_canceled uniformly and correctly
  scsi-disk: do not complete canceled UNMAP requests
  scsi: do not call scsi_read_data/scsi_write_data for a canceled request
  iscsi: look for pkg-config file too
  iscsi: add iscsi_truncate support
  iscsi: retry read, write, flush and unmap on unit attention check conditions
2013-03-10 19:30:45 -05:00
Blue Swirl
7830cf78ac baum: fix build
08744c9811 removed hw/baum.h
but did not adjust hw/baum.c, breaking build. Fix.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Message-id: c50406bda98f8b277e8b9004a0012fa5e5c124d0.1362822910.git.blauwirbel@gmail.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-03-10 19:26:22 -05:00
Blue Swirl
eb839909aa Merge branch 's390-for-upstream' of git://github.com/agraf/qemu
* 's390-for-upstream' of git://github.com/agraf/qemu:
  s390/virtio-ccw: remove redundant call to blockdev_mark_auto_del
  s390/css: Fix subchannel detection
  Allow virtio-net features for legacy s390 virtio bus
  s390: virtio-ccw maintainer
  s390: simplify kvm cpu init
2013-03-09 11:02:23 +00:00
Blue Swirl
62e1aeaee4 Merge branch 'ppc-for-upstream' of git://github.com/agraf/qemu
* 'ppc-for-upstream' of git://github.com/agraf/qemu: (66 commits)
  pseries: Add compatible property to root of device tree
  target-ppc: Move CPU aliases out of translate_init.c
  target-ppc: Report CPU aliases for QMP
  target-ppc: List alias names alongside CPU models
  target-ppc: Make host CPU a subclass of the host's CPU model
  PPC: xnu kernel expects FLUSH to be cleared on STOP
  PPC: Fix dma interrupt
  target-ppc: Fix PPC_DUMP_SPR_ACCESS build
  target-ppc: Synchronize FPU state with KVM
  target-ppc: Add mechanism for synchronizing SPRs with KVM
  Save memory allocation in the elf loader
  pseries: Implement h_read hcall
  target-ppc: Change "POWER7" CPU alias
  target-ppc: Fix remaining microcontroller typos among models
  target-ppc: Split model definitions out of translate_init.c
  target-ppc: Update Coding Style for CPU models
  target-ppc: Turn descriptive CPU model comments into device descriptions
  target-ppc: Turn descriptive CPU family comments into device descriptions
  target-ppc: Set remaining fields on CPU family classes
  target-ppc: Register all types for TARGET_PPCEMB
  ...
2013-03-09 11:02:07 +00:00
Christian Borntraeger
8a7df84f9f s390/virtio-ccw: remove redundant call to blockdev_mark_auto_del
blockdev_mark_auto_del is already called in virtio-blk-exit.
Remove the redundant call.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-08 21:17:46 +01:00
Christian Borntraeger
38dd7cc776 s390/css: Fix subchannel detection
We have to consider the m bit to find the real channel subsystem when
determining the last subchannel.

If we fail to take this into account, removal of a subchannel in
the middle of a big list of devices will stop device detection after
a reboot.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-08 21:17:46 +01:00
Christian Borntraeger
35569cea79 Allow virtio-net features for legacy s390 virtio bus
Enable all virtio-net features for the legacy s390 virtio bus. This also fixes
kernel BUG at /usr/src/packages/BUILD/kernel-default-3.0.58/linux-3.0/drivers/s390/kvm/kvm_virtio.c:121!

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-08 21:17:46 +01:00
David Gibson
d63919c93e pseries: Add compatible property to root of device tree
Currently, for the pseries machine the device tree supplied by qemu to SLOF
and from there to the guest does not include a 'compatible property' at the
root level.  Usually that works fine, since in this case the compatible
property doesn't really give any information not already found in the
'device_type' or 'model' properties.

However, the lack of 'compatible' confuses the bootloader install in the
SLES11 SP2 and SLES11 SP3 installers.  This patch therefore adds a token
'compatible' property to work around that.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Cc: qemu-stable@nongnu.org
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-08 21:04:53 +01:00
Amadeusz Sławiński
987422bc4a PPC: xnu kernel expects FLUSH to be cleared on STOP
otherwise it gets stuck in a loop
so clear it when unsetting run when flush is set

void
IODBDMAStop( volatile IODBDMAChannelRegisters *registers)
{

	IOSetDBDMAChannelControl( registers,
	IOClearDBDMAChannelControlBits( kdbdmaRun )
		| IOSetDBDMAChannelControlBits(  kdbdmaFlush ));

DBDMA: writel 0x0000000000000b00 <= 0xa0002000
DBDMA: channel 0x16 reg 0x0
DBDMA:     status 0x00002000

	while( IOGetDBDMAChannelStatus( registers) & (
			kdbdmaActive | kdbdmaFlush))
		eieio();

DBDMA: readl 0x0000000000000b04 => 0x00002000
DBDMA: channel 0x16 reg 0x1
DBDMA: readl 0x0000000000000b04 => 0x00002000
DBDMA: channel 0x16 reg 0x1
DBDMA: readl 0x0000000000000b04 => 0x00002000
DBDMA: channel 0x16 reg 0x1
DBDMA: readl 0x0000000000000b04 => 0x00002000
DBDMA: channel 0x16 reg 0x1
it continues to get printed

}

Signed-off-by: Amadeusz Sławiński <amade@asmblr.net>
[agraf: replace tabs with spaces]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-08 21:04:53 +01:00
Amadeusz Sławiński
e13da40448 PPC: Fix dma interrupt
In openbios (drivers/ide.c) they are set to

0000000d 00000000 00000002 00000000
0000000e 00000000 00000003 00000000
0000000f 00000000 00000004 00000000
(The last one seems to be not implemented in qemu)

It follows convention of how they are set on real machines,
both ide and dma ones are increased

Real machine one:
http://web.archive.org/web/20090107151044/http://penguinppc.org/historical/dev-trees-html/g4_agp_500_2.html
00000013 00000001 0000000b 00000000
00000014 00000001 0000000c 00000000
00000015 00000001 0000000d 00000000

Signed-off-by: Amadeusz Sławiński <amade@asmblr.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-08 21:04:53 +01:00
Fabien Chouteau
d60fa42e8b Save memory allocation in the elf loader
The current elf loader uses too much memory. For example, I have a
executable with a bss section of 400 MB and I set the ram size to 512
MB. Qemu uses about 780MB of RAM (which is fine), but there's a peak at
1.6 GB during initialization (this is not fine).

This patch fixes two things:
 1) do not allocate each elf program twice.
 2) do not allocate memory for areas that are only zeros.

For this we need a new field in Rom: "datasize" which is the size of the
allocated data. If datasize is less than romsize, it means that the area
from datasize to romsize is filled with zeros.

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-08 21:04:52 +01:00
Erlon Cruz
6bbd5dde9a pseries: Implement h_read hcall
This h_call is useful for DLPAR in future amongst other things. Given an index
it fetches the corresponding PTE stored in the htab.

Signed-off-by: Erlon Cruz <erlon.cruz@br.flextronics.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-08 21:04:52 +01:00
David Gibson
156dfaded8 pseries: Add cleanup hook for PAPR virtual LAN device
Currently the spapr-vlan device does not supply a cleanup call for its
NetClientInfo structure.  With current qemu versions, that leads to a SEGV
on exit, when net_cleanup() attempts to call the cleanup handlers on all
net clients.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-08 21:04:44 +01:00
Amit Shah
d6258c93a7 virtio-serial: make flow control explicit in virtio-console
virtio-console.c used to return a value less than the number of bytes
asked to be written out to a chardev backend in case the backend is not
writable.  virtio-serial-bus.c then implicitly enabled flow control for
that port.

Make this explicit instead.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Message-id: f5ec50b068c25422256e499cf4adc06d353bf394.1362505276.git.amit.shah@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-03-08 13:57:17 -06:00
Amit Shah
7df4d4578f virtio: console: add flow control
The virtio-serial-bus already has the logic to make flow control work
properly.  Hook into the char layer's new ability to signal a backend is
writable again.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Message-id: abffa02235d55ca6e2489068c58971c8897e976c.1362505276.git.amit.shah@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-03-08 13:57:17 -06:00
Anthony Liguori
fcfb4d6aae serial: add flow control to transmit
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Message-id: 2976f10d4e66ed4a34011f6f0d6937026d22be5f.1362505276.git.amit.shah@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-03-08 13:57:17 -06:00
Anthony Liguori
5ab8211b9e qemu-char: move msmouse registeration to msmouse.c
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Message-id: b47d1153b0d7669743c9a6bb98ce30f4cf7f876b.1362505276.git.amit.shah@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-03-08 13:57:16 -06:00
Anthony Liguori
08744c9811 qemu-char: move baum registration to baum.c
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Message-id: 1b24baa1ec3a174d5cad31e079d829904b53077b.1362505276.git.amit.shah@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-03-08 13:57:16 -06:00
Peter Maydell
d37e12a07c pci_host: Drop write-only address_space field
The address_space field of PCIHostState was only ever written, never used.
Drop it completely.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-03-08 13:15:27 +01:00
Paolo Bonzini
58427a0f42 lm32: remove unused function
The milkymist-minimac device in fact does not exist at all.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Michael Walle <michael@walle.cc>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-03-08 10:18:39 +01:00
Kuo-Jung Su
0bc472a9d6 hw/nand.c: correct the sense of the BUSY/READY status bit
The BIT6 of Status Register(SR):

SR[6] behaves the same as R/B# pin
    SR[6] = 0 indicates the device is busy;
    SR[6] = 1 means the device is ready

Some NAND flash controller (i.e. ftnandc021) relies on the SR[6]
to determine if the NAND flash erase/program is success or error timeout.

P.S:
The exmaple NAND flash datasheet could be found at following link:
http://www.mxic.com.tw/QuickPlace/hq/PageLibrary4825740B00298A3B.nsf/h_Index/8FEA549237D2F7674825795800104C26/$File/MX30LF1G08AA,%203V,%201Gb,%20v1.1.pdf

Signed-off-by: Kuo-Jung Su <dantesu@gmail.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-03-07 09:27:11 +01:00
Paolo Bonzini
0c92e0e6b6 scsi-disk: handle io_canceled uniformly and correctly
Always check it immediately after calling bdrv_acct_done, and
always do a "goto done" in case the "done" label has to free
some memory---as is the case for scsi_unmap_complete in the
previous patch.

This patch could fix problems that happen when a request is
split into multiple parts, and one of them is canceled.  Then
the next part is fired, but the HBA's cancellation callbacks have
fired already.  Whether this happens or not, depends on how the
block/ driver implements AIO cancellation.  It it does a simple
bdrv_drain_all() or similar, then it will not have a problem.
If it only cancels the given AIOCB, this scenario could happen.

Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-05 17:51:51 +01:00
Paolo Bonzini
d0242eadc5 scsi-disk: do not complete canceled UNMAP requests
Canceled requests should never be completed, and doing that could cause
accesses to a NULL hba_private field.

Cc: qemu-stable@nongnu.org
Reported-by: Stefan Priebe <s.priebe@profihost.ag>
Tested-by: Stefan Priebe <s.priebe@profihost.ag>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-05 17:51:51 +01:00
Paolo Bonzini
6f6710aa99 scsi: do not call scsi_read_data/scsi_write_data for a canceled request
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-05 17:51:51 +01:00
Peter Maydell
ed46676160 hw/kvm/arm_gic: Implement support for KVM in-kernel ARM GIC
Implement support for using the KVM in-kernel GIC for ARM.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
2013-03-05 00:45:28 +00:00
Peter Maydell
5311118094 hw/arm_gic: Convert ARM GIC classes to use init/realize
Convert the ARM GIC classes to use init/realize rather than
SysBusDevice::init. (We have to do them all in one patch to
avoid unconverted subclasses calling a nonexistent SysBusDevice
init function in the base class and crashing.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
2013-03-05 00:45:19 +00:00
Peter Maydell
9ecb992674 hw/arm_gic: Add presave/postload hooks
Add presave/postload hooks to the ARM GIC common base class.
These will be used by the KVM in-kernel GIC subclass to sync
state between kernel and userspace when migrating.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-05 00:45:15 +00:00
Christoffer Dall
494b00c76a ARM: KVM: Add support for KVM on ARM architecture
Add basic support for KVM on ARM architecture.

Signed-off-by: Christoffer Dall <cdall@cs.columbia.edu>
[PMM: Minor tweaks and code cleanup, switch to ONE_REG]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-05 00:45:06 +00:00
Anthony Liguori
71df81afc6 Merge remote-tracking branch 'stefanha/block' into staging
# By MORITA Kazutaka (5) and others
# Via Stefan Hajnoczi
* stefanha/block:
  block: for HMP commit() operations on 'all', skip non-COW drives
  sheepdog: add support for connecting to unix domain socket
  sheepdog: use inet_connect to simplify connect code
  sheepdog: accept URIs
  move socket_set_nodelay to osdep.c
  slirp/tcp_subr.c: fix coding style in tcp_connect
  dataplane: remove EventPoll in favor of AioContext
  virtio-blk: fix unplug + virsh reboot
  ide/macio: Fix macio DMA initialisation.
2013-03-04 08:22:48 -06:00
Anthony Liguori
a6900601ca virtio,vhost,pci,e1000
Mostly bugfixes, but also some ICH work by Laszlo.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.13 (GNU/Linux)
 
 iQEcBAABAgAGBQJRL1gUAAoJECgfDbjSjVRpIk4IAL17zSadWgd99ZrH6EtZ3/cw
 mhuxgm+vRfZPHl82lGC/NthLrTbJ5hpVe1Ff9vrMIkx3OZsh97iqoXS4iPjo9804
 Pb5zhDqHJQJDTQKCllb9seu6e5D9Fw3aPp+BcH5QfyEOc/X5l0c5IffRdo6xDT9G
 1dDEywntl/wwfCej/kVBu4H7G2/bF7wEMvda7kvBPzZsc6y0TsDSAewk5EX54+/p
 wRKw8IBa/T2/ldSoBcqPW1Zd2oeuvKhty4vrXlO1UVZi+uTWNmJxUm6Z1GqNInvE
 im0FGlSxwTJF7nX3JQv6tB46GRL8V/IC5+9I5UJc5nT8ScrX4rIxRbJTnsRkn4Y=
 =eUQN
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mst/tags/for_anthony' into staging

virtio,vhost,pci,e1000

Mostly bugfixes, but also some ICH work by Laszlo.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Thu 28 Feb 2013 07:13:56 AM CST using RSA key ID D28D5469
# gpg: Can't check signature: public key not found

# By Michael S. Tsirkin (2) and others
# Via Michael S. Tsirkin
* mst/tags/for_anthony:
  Set virtio-serial device to have a default of 2 MSI vectors.
  ICH9 LPC: Reset Control Register, basic implementation
  Fix guest OS hang when 64bit PCI bar present
  e1000: unbreak the guest network migration to 1.3
  vhost: memory sync fixes
2013-03-04 08:22:41 -06:00
Anthony Liguori
bf5363efcf Merge remote-tracking branch 'stefanha/net' into staging
# By Jason Wang (2) and others
# Via Stefan Hajnoczi
* stefanha/net:
  qmp: netdev_add is like -netdev, not -net, fix documentation
  doc: document -netdev hubport
  net: reduce the unnecessary memory allocation of multiqueue
  tap: set IFF_ONE_QUEUE per default
  tap: forbid creating multiqueue tap when hub is used
  net: fix unbounded NetQueue
  net: fix qemu_flush_queued_packets() in presence of a hub
2013-03-04 08:20:06 -06:00
Paolo Bonzini
2c20e711de dataplane: remove EventPoll in favor of AioContext
During the review of the dataplane code, the EventPoll API morphed itself
(not concidentially) into something very very similar to an AioContext.
Thus, it is trivial to convert virtio-blk-dataplane to use AioContext,
and a first baby step towards letting dataplane talk directly to the
QEMU block layer.

The only interesting note is the value-copy of EventNotifiers.  At least
in my opinion this is part of the EventNotifier API and is even portable
to Windows.  Of course, in this case you should not close the notifier's
underlying file descriptors or handle with event_notifier_cleanup.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-03-04 09:54:17 +01:00
Christian Borntraeger
69b302b204 virtio-blk: fix unplug + virsh reboot
virtio-blk registers a vmstate change handler. Unfortunately this
handler is not unregistered on unplug, leading to some random
crashes if the system is restarted, e.g. via virsh reboot.
Lets unregister the vmstate change handler if the device is removed.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-03-04 09:54:16 +01:00
Mark Cave-Ayland
02d583c723 ide/macio: Fix macio DMA initialisation.
Commit 07a7484e5d accidentally introduced a bug
in the initialisation of the second macio DMA device which could cause some
DMA operations to segfault QEMU.

CC: Andreas Färber <afaerber@suse.de>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Acked-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-03-04 09:54:16 +01:00
Paolo Bonzini
7a2771d154 sh: move files referencing CPU to hw/sh4/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 15:01:20 +01:00
Paolo Bonzini
9f64bd8aec ppc: move more files to hw/ppc
These sPAPR files do not implement devices, move them over.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 15:01:19 +01:00
Paolo Bonzini
c68c4a56e9 ppc: move files referencing CPU to hw/ppc/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 15:01:19 +01:00
Paolo Bonzini
9743b581a8 m68k: move files referencing CPU to hw/m68k/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 15:01:19 +01:00
Paolo Bonzini
8786b05e7b i386: move files referencing CPU to hw/i386/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 15:01:19 +01:00
Paolo Bonzini
dd285b0649 arm: move files referencing CPU to hw/arm/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 15:01:19 +01:00
Paolo Bonzini
530182169e hw: move boards and other isolated files to hw/ARCH
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 15:01:19 +01:00
Paolo Bonzini
e4c8b28cde ppc: express FDT dependency of pSeries and e500 boards via default-configs/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 15:01:19 +01:00
Paolo Bonzini
320ba5fe49 build: always link device_tree.o into emulators if libfdt available
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 15:01:19 +01:00
Paolo Bonzini
83c9f4ca79 hw: include hw header files with full paths
Done with this script:

cd hw
for i in `find . -name '*.h' | sed 's/^..//'`; do
  echo '\,^#.*include.*["<]'$i'[">], s,'$i',hw/&,'
done | sed -i -f - `find . -type f`

This is so that paths remain valid as files are moved.

Instead, files in hw/dataplane are referenced with the relative path.
We know they are not going to move to include/, and they are the only
include files that are in subdirectories _and_ move.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 15:01:17 +01:00
Paolo Bonzini
7948b4b009 ppc: do not use ../ in include files
This simplifies the scripted execution of the next patch.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 13:57:33 +01:00
Paolo Bonzini
eac7ec7f6a vt82c686: vt82c686 is not a PCI host bridge
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 13:57:33 +01:00
Paolo Bonzini
60653b28f5 virtio-9p: remove PCI dependencies from hw/9pfs/
Also move the 9p.h file to 9pfs/virtio-9p-device.h, for consistency
with the corresponding .c file.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 13:57:33 +01:00
Paolo Bonzini
7e6b14dfb5 virtio-9p: use CONFIG_VIRTFS, not CONFIG_LINUX
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 13:57:33 +01:00
Paolo Bonzini
1559e0d4b5 hw: move device-hotplug.o to toplevel, compile it once
The situation with device-hotplug.c is similar to qdev-monitor.c.
Add a stub for pci_drive_hot_add, so that it can be compiled once,
and move it out of hw/.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 13:57:13 +01:00
Paolo Bonzini
b4a42f8138 hw: move qdev-monitor.o to toplevel directory
qdev-monitor.c is the only "core qdev" file that is not used in
user-mode emulation, and it does not define anything that is used
by hardware models.  Remove it from the hw/ directory and
remove hw/qdev-monitor.h from hw/qdev.h too; this requires
some files to have some new explicitly includes.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 13:54:10 +01:00
Paolo Bonzini
fd7f0d6617 hw: move fifo.[ch] to libqemuutil
fifo.c is generic code that can be easily unit tested.  So it
belongs in libqemuutil.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 13:53:10 +01:00
Paolo Bonzini
159b6e9f14 hw: move char backends to backends/
Braille and msmouse support is in hw/, but it is not hardware.
Move it to the backends/ directory.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-01 13:18:23 +01:00
Peter Crosthwaite
288f1e3f87 cadence_gem: Add debug msgs for rx desc movement
Add some helpful messages that show the rx descriptor pointer moving as packets
are rxed.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1ef2eb34dade64d589a69a2bcfd5aaddb7d50164.1360901435.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:49:24 +00:00
Peter Crosthwaite
5025388b50 cadence_gem: Don't reset rx desc pointer on rx_en
This doesn't happen in the real hardware. The Zynq TRM explicitly states that
this bit has no effect on the rx descriptor pointer ("The receive queue
pointer register is unaffected").

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 06fdf92b78ee62d8965779bafd29c8df1a5d2718.1360901435.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:49:24 +00:00
Peter Crosthwaite
ae80a3546f cadence_gem: fix interrupt events
Bits in the ISR were continually mirroring their corresponding TX/RX SR bits.
This is incorrect. The ISR bits are only ever set at the time their
corresponding event occurs.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: cedfb6d108318846480b416a6041023ea5a353d6.1360901435.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:49:24 +00:00
Peter Crosthwaite
1c5d07909a cadence_gem: factor out can_rx() logic replication
The gem_receive() function replicates the logic for whether or not the device
can rx. Just call the actual gem_can_receive() function in place.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: bf7f93969f3e01fbc76d68d2955307fdbad11bb1.1360901435.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:49:24 +00:00
Peter Crosthwaite
e3f9d31c98 cadence_gem: Flush queued packets
The device needs to check for queued RX packets when the RX path is re-enabled.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1fa8c88a3b7c654886d0a7484c2463cd4c2a2781.1360901435.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:49:24 +00:00
Peter Crosthwaite
a7fd6915d8 m25p80.c: Use QOM classes for part differentiation
Currently, M25P80 uses an object property to differentiate between flash parts.
Changed this over to use QOM sub-classes - the actual names of the different parts
are used to create a set of dynamic classes which passes the part info as class
data. The object no longer needs to search the known_devices table for itself,
instead it just gets its info from its own class.

Kept the intermediate class definition private to m25p80.c for the moment, as
the expectation is parts will only be added as new entries in the table. We can
factor out the TYPE_M25P80 abstraction into a header on a demand basis.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: e24e156d-ff96-4901-997a-e31178b08bee@VA3EHSMHS021.ehs.local
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:49:24 +00:00
Peter Crosthwaite
b972b4e253 xilinx_zynq: Added SD controllers
The Xilinx Zynq device has two SDHCI controllers. Added to the machine model.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:49:19 +00:00
Igor Mitsyanko
d7dfca0807 hw/sdhci: introduce standard SD host controller
Device model for standard SD Host Controller Interface (SDHCI) compliant with
version 2.00 of SD association specification.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:23:14 +00:00
Peter Crosthwaite
353575f095 arm: a9mpcore: Coreify the SCU
Split the SCU in a9mpcore out into its own object definition. mpcore is now
just a container for the mpcore components.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:23:14 +00:00
Peter Crosthwaite
9595978292 arm: a9mpcore: remove old_timer_status field
This field was write only and thus unused. Removed.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:23:13 +00:00
Peter Crosthwaite
cde4577f11 arm: mptimer: Remove WDT distinction
In QEMU emulation, there is no functional difference between the ARM mpcore
private timers and watchdogs. Removed all the distinction between the two from
arm_mptimer.c and converted it to be just the mptimer. a9mpcore and arm11mpcore
just instantiate the same mptimer object twice to get both timer and WDT.

If in the future we want to make the WDT functionally different then we can use
either QOM hierarchy to derive WDT from from mptimer, or we can add a property
"is-wdt" or some such.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:23:13 +00:00
Peter Crosthwaite
845769fc63 arm: arm11mpcore, a9mpcore: CamelCased type names
To conform with QEMU coding style.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:23:13 +00:00
Peter Crosthwaite
c6205ddf6c arm: mptimer: CamelCased type names
Trivial find replace on type names "timerblock" and "arm_mptimer_state" to
conform with QEMU coding style.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:23:13 +00:00
Peter Maydell
1be97bf224 hw/pflash_cfi01: Treat read in unknown command state as read
The code for handling the default "unknown command state" case in
pflash_read in pflash_cfi01.c comments "reset state & treat it as
a read". However the code doesn't actually do this. Moving the
default case to the top of the switch so it can fall through into
the read case brings this file into line with pflash_cfi02 and
makes the code behave as the comments suggest.

The pflash_cfi01 code has always had this bug -- it was presumably
introduced when the original author copied the cfi02 code and
rearranged the order of the switch statement without noticing
that the default case relied on the fall-through.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Tested-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1358777318-7579-3-git-send-email-peter.maydell@linaro.org
2013-02-28 18:23:12 +00:00
Peter Maydell
6e392787c8 hw/pflash_cfi01: Make read after byte-write or erase return status
The Intel flash command set requires that a read operation after
doing a 'single byte write' command returns the status register;
add this case to pflash_read() so we return the correct information.
Similarly, the case for the 0x28 flavour of block erase was missing.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Tested-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1358777318-7579-2-git-send-email-peter.maydell@linaro.org
2013-02-28 18:23:12 +00:00
Antoine Mathys
5c78d6a84b hw/ds1338: Fix conversion between 12 hours and 24 hours modes.
The proper mapping between 24 hours and 12 hours modes is:
0       12 AM
1-11    1-11 AM
12      12 PM
13-23   1-11 PM
Fix code accordingly.

Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-28 18:23:12 +00:00
Gal Hammer
554f1997f0 Set virtio-serial device to have a default of 2 MSI vectors.
The virtio-serial device is expected to use 2 MSI vectors, one for
control queue and a second shared for all queues.

Signed-off-by: Gal Hammer <ghammer@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-02-27 17:24:40 +02:00
Laszlo Ersek
0e98b436ec ICH9 LPC: Reset Control Register, basic implementation
This commit does the same for the ICH9 LPC as commit 1ec4ba74 for the
PIIX3. For the present we're ignoring the Full Reset (FULL_RST) and System
Reset (SYS_RST) bits; the guest can read them back but that's it.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-02-27 17:23:22 +02:00
Alexey Korolev
7feb640cf3 Fix guest OS hang when 64bit PCI bar present
This patch addresses the issue fully described here:
http://lists.nongnu.org/archive/html/qemu-devel/2013-02/msg01804.html

Linux kernels prior to 2.6.36 do not disable the PCI device during
enumeration process. Since lower and higher parts of a 64bit BAR
are programmed separately this leads to qemu receiving a request to occupy
a completely wrong address region for a short period of time.
We have found that the boot process screws up completely if kvm-apic range
is overlapped even for a short period of time (it is fine for other
regions though).

This patch raises the priority of the kvm-apic memory region, so it is
never pushed out by PCI devices. The patch is quite safe as it does not
touch memory manager.

Signed-off-by: Alexey Korolev <akorolex@gmail.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-02-27 17:23:22 +02:00
Michael S. Tsirkin
2af234e61d e1000: unbreak the guest network migration to 1.3
QEMU 1.3 does not emulate the link auto negotiation, so if migrate to a
1.3 machine during link auto negotiation, the guest link will be set to down.
Fix this by just disabling auto negotiation for 1.3 and older.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-02-27 17:23:18 +02:00
Jason Wang
f6b26cf257 net: reduce the unnecessary memory allocation of multiqueue
Edivaldo reports a problem that the array of NetClientState in NICState is too
large - MAX_QUEUE_NUM(1024) which will wastes memory even if multiqueue is not
used.

Instead of static arrays, solving this issue by allocating the queues on demand
for both the NetClientState array in NICState and VirtIONetQueue array in
VirtIONet.

Tested by myself, with single virtio-net-pci device. The memory allocation is
almost the same as when multiqueue is not merged.

Cc: Edivaldo de Araujo Pereira <edivaldoapereira@yahoo.com.br>
Cc: qemu-stable@nongnu.org
Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-27 16:10:47 +01:00
Michael S. Tsirkin
6b37a23df9 vhost: memory sync fixes
This fixes two bugs related to memory sync during
migration:
    - ram address calculation was missing the chunk
      address, so the wrong page was dirtied
    - one after last was used instead of the
      end address of a region, which might overflow to 0
      and cause us to skip the region when the region ends at
      ~0x0ull.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Tested-by: Jason Wang <jasowang@redhat.com>
2013-02-26 23:59:15 +02:00
Anthony Liguori
864a556e9a Merge remote-tracking branch 'kwolf/for-anthony' into staging
# By Paolo Bonzini (7) and others
# Via Kevin Wolf
* kwolf/for-anthony: (22 commits)
  pc: add compatibility machine types for 1.4
  blockdev: enable discard by default
  qemu-nbd: add --discard option
  blockdev: add discard suboption to -drive
  block: implement BDRV_O_UNMAP
  block: complete all IOs before .bdrv_truncate
  coroutine: trim down nesting level in perf_nesting test
  coroutine: move pooling to common code
  qemu-iotests: Test qcow2 image creation options
  qemu-iotests: Add qemu-img compare test
  qemu-img: Add compare subcommand
  qemu-img: Add "Quiet mode" option
  block: Add synchronous wrapper for bdrv_co_is_allocated_above
  block: refuse negative iops and bps values
  block: use Error in do_check_io_limits()
  qcow2: support compressed clusters in BlockFragInfo
  qemu-img: add compressed clusters to BlockFragInfo
  qemu-img: fix missing space in qemu-img check output
  qcow2: record fragmentation statistics during check
  qcow2: introduce check_refcounts_l1/l2() flags
  ...
2013-02-26 07:44:39 -06:00
Ronald Hecht
99e448006d grlib-apbuart: Add support of various flags
- enable/disable Rx and Tx
 - Rx and Tx interrupt
 - Tx FIFO empty and Tx SHIFT empty

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-02-23 10:00:36 +00:00
Fabien Chouteau
8eda222831 Typo: replace gptimer by apbuart
Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-02-23 10:00:35 +00:00
Hervé Poussineau
685cbd2f63 xhci: fix bad print specifier
This fixes the following compilation error:
hw/usb/hcd-xhci.c:1156:17: error: format ‘%llx’ expects argument of type
‘long long unsigned int’, but argument 4 has type ‘unsigned int’

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-02-23 09:39:41 +00:00
Paolo Bonzini
bf3caa3dc1 pc: add compatibility machine types for 1.4
Adds both pc-i440fx-1.4 and pc-q35-1.4.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-02-22 21:29:45 +01:00
Paolo Bonzini
215e47b9ea blockdev: enable discard by default
Because discard is now a host parameter, we can always fake it as enabled
in the guest.  This is an extension of the current choice to ignore
"not supported" errors from the host when discard_granularity is set
to nonzero.

The default granularity is set to the logical block size or 4k, whichever
is largest, because cluster sizes below 4k are rarely used and 4K is a
typical block size for files.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-02-22 21:29:44 +01:00
Gerd Hoffmann
82fb0c8908 unbreak hw/usb/redirect.c build
Commit 8550a02d12 added a streams
parameter to usb_wakeup and didn't update redirect.c.  Fix it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-22 09:53:56 -06:00
Gerd Hoffmann
b1424e0381 vga: fix byteswapping.
In case host and guest endianness differ the vga code first creates
a shared surface (using qemu_create_displaysurface_from), then goes
patch the surface format to indicate that the bytes must be swapped.

The switch to pixman broke that hack as the format patching isn't
propagated into the pixman image, so ui code using the pixman image
directly (such as vnc) uses the wrong format.

Fix that by adding a byteswap parameter to
qemu_create_displaysurface_from, so we'll use the correct format
when creating the surface (and the pixman image) and don't have
to patch the format afterwards.

[ v2: unbreak xen build ]

Cc: qemu-stable@nongnu.org
Cc: mark.cave-ayland@ilande.co.uk
Cc: agraf@suse.de
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1361349432-23884-1-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-21 16:34:00 -06:00
Anthony Liguori
70aa41b56c Merge remote-tracking branch 'kraxel/usb.78' into staging
# By Gerd Hoffmann
# Via Gerd Hoffmann
* kraxel/usb.78:
  uas-uas: usb3 streams
  usb-xhci: usb3 streams
  usb-core: usb3 streams
  usb: fix endpoint descriptor ordering
  usb-redir: simplify packet copy
  usb: make usb_packet_copy operate on combined packets
  usb: add usb_ep_set_halted
  usb-host: remove usb_host_device_close
  usb-host: move legacy cmd line bits
  usb-storage: use scsi_req_enqueue return value
  allow disabling usb smartcard support
  make usb devices configurable
  fix scripts/make_device_config.sh
  usb: Makefile cleanup
2013-02-21 09:39:17 -06:00
Alin Tomescu
11e5d738a4 ppc: fix bamboo >256MB RAM initialization in hw/ppc4xx_devs.c
I was trying to launch a PowerPC "bamboo" machine with more than 256MB of RAM
with qemu-system-ppc -M bamboo -kernel $kernel -initrd $ramdisk -m 512, but QEMU
would just hang. However, when I used -m 256, the machine would boot.

I looked through the code in hw/ and it seems there is an error when the
RAM memory is setup (if my understanding is correct).

After patching it, the machine launched and booted successfully with 512MB of
RAM.

Signed-off-by: Alin Tomescu <tomescu.alin@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-21 10:34:19 +01:00
Peter Crosthwaite
b15aaca430 xilinx_axienet.c: Assert no error when making link
This gives an awful silent failure when it doesn't work. Assert against link
creation failure.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-21 10:33:39 +01:00
Gerd Hoffmann
89a453d4a5 uas-uas: usb3 streams
Add usb3 streams support to the uas (usb attached scsi) emulation.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19 13:18:00 +01:00
Gerd Hoffmann
024426acc0 usb-xhci: usb3 streams
Add streams support to the xhci emulation.  No secondary streams yet,
only linear stream arays are supported for now.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19 13:17:48 +01:00
Gerd Hoffmann
8550a02d12 usb-core: usb3 streams
This patch adds support for usb3 streams to the usb subsystem core.
This is just adding a streams field / parameter in a number of places.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19 12:30:05 +01:00
Gerd Hoffmann
2e5df36df8 usb: fix endpoint descriptor ordering
Fix the ordering of the endpoint descriptors for superspeed endpoints:
The superspeed companion must come first, possible additional
descriptors for the endpoint after that.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19 12:30:05 +01:00
Gerd Hoffmann
6ef3ccd18f usb-redir: simplify packet copy
usb_packet_copy can handle combined packets now,
so it isn't needed to special-case them any more.

Also use the new usb_packet_size() function.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19 12:30:05 +01:00
Gerd Hoffmann
6a98d1c0f9 usb: make usb_packet_copy operate on combined packets
Likewise usb_packet_skip.
Also usb_packet_size.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19 12:30:05 +01:00
Gerd Hoffmann
e382d966d0 usb: add usb_ep_set_halted
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19 12:30:05 +01:00
Gerd Hoffmann
1a3973b33d usb-host: remove usb_host_device_close
Nobody implements that anyway.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19 12:30:05 +01:00
Gerd Hoffmann
4075975d83 usb-host: move legacy cmd line bits
The code handling the "-usbdevice host:..." legacy command line
syntax is moved to the new hw/usb/host-legacy.c file.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19 12:30:05 +01:00
Gerd Hoffmann
9db7c41419 usb-storage: use scsi_req_enqueue return value
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19 12:30:04 +01:00
Gerd Hoffmann
07d17e7720 allow disabling usb smartcard support
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19 12:30:04 +01:00
Gerd Hoffmann
6c83f81542 make usb devices configurable
Leave the core usb devices (usb hub, tablet, mouse, keyboard)
enabled unconditionally.  Make the other ones configurable.

Exceptions:
  - bluetooth: not qdevified yet, has a vl.c dependency because
    of that, thus disabling isn't as easy as not linking the
    object file.
  - smardcard: ccid-card-emulated depends on that one *and*
    CONFIG_SMARTCARD_NSS.  So it isn't a one-liner and comes
    as separate patch because of that.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19 12:28:48 +01:00
Gerd Hoffmann
62162fff59 usb: Makefile cleanup
Group files, sprinkle in some comments.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19 09:51:52 +01:00
Andreas Färber
c538ca66ff isa: Split off instance_init for ISADevice
Prepares for assigning IRQs before QOM realize.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Message-id: 1361010446-1427-1-git-send-email-afaerber@suse.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-18 08:39:27 -06:00
Andreas Färber
2d64255bd7 target-i386: Split command line parsing out of cpu_x86_register()
In order to instantiate a CPU subtype we will need to know which type,
so move the cpu_model splitting into cpu_x86_init().

Parameters need to be set on the X86CPU instance, so move
cpu_x86_parse_featurestr() into cpu_x86_init() as well.

This leaves cpu_x86_register() operating on the model name only.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-02-16 14:51:01 +01:00
Andreas Färber
5353d03dd7 spapr_hcall: Replace open-coded CPU loop with qemu_get_cpu()
The helper functions all access ppc-specific fields only so don't bother
to change arguments to PowerPCCPU and use env_ptr instead.

No functional change.

Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-02-16 14:51:00 +01:00
Andreas Färber
912ebe10ef ppce500_spin: Replace open-coded CPU loop with qemu_get_cpu()
Potentially env could be NULL whereas cpu would still be valid and
correspond to a previous env.

Wrapping this in qemu_get_cpu(), env is no longer needed, so simplify
code that existed before 55e5c28502.

Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-02-16 14:51:00 +01:00
Andreas Färber
440c8152bd e500: Replace open-coded loop with qemu_get_cpu()
Since we still need env for ppc-specific fields, obtain it via the new
env_ptr fields to avoid "cpu" name conflicts between CPUState and
PowerPCCPU for now.

This fixes a potential issue with env being NULL at the end of the loop
but cpu still being a valid pointer corresponding to a previous env.

Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-02-16 14:51:00 +01:00
Andreas Färber
d77953b94f cpu: Move current_tb field to CPUState
Explictly NULL it on CPU reset since it was located before breakpoints.

Change vapic_report_tpr_access() argument to CPUState. This also
resolves the use of void* for cpu.h independence.
Change vAPIC patch_instruction() argument to X86CPU.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-02-16 14:51:00 +01:00
Andreas Färber
fcd7d0034b cpu: Move exit_request field to CPUState
Since it was located before breakpoints field, it needs to be reset.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-02-16 14:51:00 +01:00
Andreas Färber
cb3fb38e91 target-m68k: Pass M68kCPU to m68k_set_irq_level()
Simplifies use of cpu_reset_interrupt() et al.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-02-16 14:50:59 +01:00
Andreas Färber
9a6ee9fd35 mcf_intc: Pass M68kCPU to mcf_intc_init()
Store it in mcf_intc_state.
Prepares for passing it to m68k_set_irq_level().

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-02-16 14:50:59 +01:00
Andreas Färber
4025cfd5d7 mcf5206: Pass M68kCPU to mcf5206_init()
Store it in m5206_mbar_state. Prepares for passing M68kCPU to
m68k_set_irq_level().

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-02-16 14:50:59 +01:00
Andreas Färber
f3273ba643 ppc405_uc: Pass PowerPCCPU to ppc40x_{core,chip,system}_reset()
Prepares for changing cpu_interrupt() argument to CPUState.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Alexander Graf <agraf@suse.de>
2013-02-16 14:50:59 +01:00
Peter Maydell
24537a0191 qemu-log: Rename the public-facing cpu_set_log function to qemu_set_log
Rename the public-facing function cpu_set_log to qemu_set_log. This
requires us to rename the internal-only qemu_set_log() to
do_qemu_set_log().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-02-16 10:44:44 +00:00
Peter Crosthwaite
9893c80d81 cadance_uart: Accept input after rx FIFO pop
The device returns false from the can receive function when the FIFO is
full. This means the device should check for buffered input whenever a byte is
popped from the FIFO.

Reported-by: Jason Wu <huanyu@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1360632571-25638-1-git-send-email-peter.crosthwaite@xilinx.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-13 11:57:58 -06:00
Cornelia Huck
91b0a8f334 s390: Fix handling of iscs.
There are two ways to express an interruption subclass:
- As a bitmask, as used in cr6.
- As a number, as used in the I/O interruption word.

Unfortunately, we have treated to I/O interruption word as if it
contained the bitmask as well, which went unnoticed so far as
- (queued-for-next) kvm made the same mistake, and
- Linux guest kernels don't check the isc value in the I/O interruption
  word for subchannel interrupts.

Make sure that we treat the I/O interruption word correctly.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-02-13 11:56:02 -06:00
Christian Borntraeger
760794f784 s390/sclpconsole: prevent char layer callback during initialization
Starting a qemu with an sclp console and pressing a key very early
can result in
"qemu-system-s390x: hw/s390x/sclpconsole.c:60: receive_from_chr_layer:
Assertion `scon->iov' failed."

Lets make sure that the init process is finished, since the iov is
allocated after CHR_EVENT_OPENED by also checking for scon->iov.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-02-13 11:56:02 -06:00
Peter Crosthwaite
7ce4106c21 xilinx.h: s/xilinx_axiethernetdma()/xilinx_axidma()
This function has nothing to do with ethernet. Its reusable for all DMA clients.
Dropped the "ethernet" in the name accordingly.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-02-13 13:01:24 +01:00
Peter Crosthwaite
dada5c7e92 xilinx.h: Dont qdev_create from ethernet_create()
Pulled the qdev_create functionality out of xilinx_axiethernet_create() and
pushed it up to the petalogix_ml605_mmu machine model. This makes the ethernet
create+init process consistent with the AXI DMA. Renamed function to
xilinx_axiethernet_init accordingly.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-02-13 13:01:24 +01:00
Kuo-Jung Su
03ec2f8308 hw/m25p80.c: add WRSR(0x01) support
Atmel, SST and Intel/Numonyx serial flash tend to power up
with the software protection bits set.
And thus the new m25p80.c in linux kernel would always tries
to use WREN(0x06) + WRSR(0x01) to turn-off the protection.

The WEL(0x02) of status register is supposed to be cleared after
WRSR(0x01). There are also some drivers (i.e mine for RTOSes)
would check the WEL(0x02) in status register to make sure the
protection is correctly turned off.

Signed-off-by: Kuo-Jung Su <dantesu@faraday-tech.com>
Cc: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-02-12 10:03:27 +01:00
Markus Armbruster
312fd5f290 error: Strip trailing '\n' from error string arguments (again)
Commit 6daf194d and be62a2eb got rid of a bunch, but they keep coming
back.  Tracked down with this Coccinelle semantic patch:

    @r@
	expression err, eno, cls, fmt;
	position p;
    @@
    (
	error_report(fmt, ...)@p
    |
	error_set(err, cls, fmt, ...)@p
    |
	error_set_errno(err, eno, cls, fmt, ...)@p
    |
	error_setg(err, fmt, ...)@p
    |
	error_setg_errno(err, eno, fmt, ...)@p
    )
    @script:python@
	fmt << r.fmt;
	p << r.p;
    @@
    if "\\n" in str(fmt):
	print "%s:%s:%s:%s" % (p[0].file, p[0].line, p[0].column, fmt)

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1360354939-10994-4-git-send-email-armbru@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11 08:13:19 -06:00
Markus Armbruster
1a9522cc6e error: Clean up abuse of error_report() for help
Use error_printf() instead, so the help gets presented more nicely.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1360354939-10994-3-git-send-email-armbru@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11 08:13:18 -06:00
Markus Armbruster
474c21349f error: Clean up error strings with embedded newlines
The arguments of error_report() should yield a short error string
without newlines.

A few places try to print additional help after the error message by
embedding newlines in the error string.  That's nice, but let's do it
the right way.

Since I'm touching these lines anyway, drop a stray preposition and
some tabs.  We don't use tabs for similar messages elsewhere.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1360354939-10994-2-git-send-email-armbru@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-11 08:13:18 -06:00
Liming Wang
70ef6a5b71 xilinx_zynq: Fix wrong IRQ number of the second EHCI controller
The IRQ number of the second EHCI controller should be 76, not 75.

Signed-off-by: Liming Wang <walimisdev@gmail.com>
Tested-by: Peter Crosthwaite <peter.crosthwaite@petalogix.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-08 11:14:20 -06:00
Jesse Larrew
32ab06bcf1 hw/virtio-net: disable multiqueue by default
The new multiqueue feature adds fields to the virtio device config, which
breaks Windows guests. Disable the feature by default until the Windows
drivers are fixed.

Signed-off-by: Jesse Larrew <jlarrew@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-08 11:14:19 -06:00
Jesse Larrew
14f9b664b3 hw/virtio-net.c: set config size using host features
Currently, the config size for virtio devices is hard coded. When a new
feature is added that changes the config size, drivers that assume a static
config size will break. For purposes of backward compatibility, there needs
to be a way to inform drivers of the config size needed to accommodate the
set of features enabled.

aliguori: merged in
 - hw/virtio-net: use existing macros to implement endof
 - hw/virtio-net: fix config_size data type

Signed-off-by: Jesse Larrew <jlarrew@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-08 11:13:44 -06:00
Anthony Liguori
1e89ad5b00 virtio-net: pass host features to virtio_net_init
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-08 07:37:24 -06:00
Peter Maydell
f565235b71 hw/pxa2xx: Fix transposed crn/crm values for pxa2xx cp14 perf regs
When the pxa2xx performance counter related cp14 registers were converted
from a switch-statement implementation to the new table driven cpregs
format in commit dc2a9045c, the crn and crm values for all these
registers were accidentally transposed. Fix this mistake, which was
causing OpenBSD for Zaurus to fail to boot.

Reported-by: Jonathan Gray <jsg@jsg.id.au>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 16:37:24 -06:00
Aneesh Kumar K.V
a911a182a6 qemu/9p: Don't ignore error in fid clunk
We use the clunk request to do the actual xattr operation. So don't
ignore the error value for fid clunk.

Security model "none" don't support posix acl. Without this patch
guest won't get EOPNOTSUPP error on setxattr("system.posix_acl_access")

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 08:29:50 -06:00
Michael S. Tsirkin
ddcb73b778 e1000: fix link down handling with auto negotiation
Fixes a couple of regression bugs introduced by
b9d03e352c and related to
auto-negotiation:
-   Auto-negotiation currently sets link up even if it was
    forced down from the monitor.
-   If Auto-negotiation was in progress during migration,
    link will never come up.

As a fix, don't touch NC link_down field at all,
instead add code on receive path to check
guest link status.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-06 08:29:25 -06:00
Michael Roth
ded67782e6 acpi_piix4: fix segfault migrating from 1.2
b0b873a078 bumped the vmstate version and
introduced an old-style load function to handle migration from prior
(<= 1.2) versions.

The load function passes the top-level PIIX4PMState pointer to
vmstate_load_state() to handle nested structs for APMState and
pci_status, which leads to corruption of the top-level PIIX4PMState,
since pointers to the nested structs are expected.

A segfault can be fairly reliably triggered by migrating from 1.2 and
issuing a reset, which will trigger a number of QOM operations which
rely on the now corrupted ObjectClass/Object members.

Fix this by passing in the expected pointers for vmstate_load_state().

Cc: qemu-stable@nongnu.org
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-04 14:39:07 -06:00
Paolo Bonzini
b09995aef1 qdev: drop extra references at creation time
qdev_free and qbus_free have to do unparent+unref, because nobody else
drops the initial reference (the one included by object_initialize)
before them.

For device_init_func and do_device_add, this is trivially correct,
since the DeviceState goes out of scope.

For qdev_create, qdev_try_create and qbus_init, it is a bit more tricky.
What we are doing here is just assuming that the caller knows what it's
doing, and won't call qdev_free/qbus_free while the device is still there.
This is a pretty reasonable assumption and (behind the scenes) is also
what GObject/GTK does.  GTK actually has a "floating reference" that
goes away as soon as the caller does gtk_container_add or something
like that, but in the end qbus_init and qdev_try_create are already
adding the new object to its qdev parent!  So in the end the two solutions
are the same.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:11 -06:00
Paolo Bonzini
dc7389b79a qdev: inline object_delete into qbus_free/qdev_free
We want object_delete to disappear, and we will do this one class at a
time.  Inline it for the qdev case, which we will tackle first.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:10 -06:00
Paolo Bonzini
62d7ba669d qdev: add reference for the bus while it is referred to by the DeviceState
Now that the unparent callbacks are complete, we can correctly account
more missing references.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:10 -06:00
Paolo Bonzini
06f7f2bb56 qdev: move unrealization of devices from finalize to unparent
Similarly, a bus holds a reference back to the device, and this will
prevent the device from going away as soon as this reference is counted
properly.  To avoid this, move the unrealization of devices to the
unparent callback.  This includes recursively unparenting all the buses
and (after the previous patch) the devices on those buses, which ensures
that the web of references completely disappears for all devices that
reside (in the qdev tree) below the one being unplugged.

After this patch, the qdev tree and the bus<->child relationship is
defined as "A is above B, iff unplugging A will automatically unplug B".

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:10 -06:00
Paolo Bonzini
6853d27a12 qdev: move deletion of children from finalize to unparent
A device will never be finalized as long as it has a reference from
other devices that sit on its buses.  To ensure that the references
go away, deassociate a bus from its children in the unparent callback
for the bus.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:10 -06:00
Paolo Bonzini
9d127820eb qdev: add reference count to a device for the BusChild
Each device has a reference through the BusChild.  This reference
was not accounted for, add it now.

Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:10 -06:00
Paolo Bonzini
4fec640446 pci: use qbus_create in pci_bus_new
Remove knowledge of QOM innards.  The common part of pci_bus_new and
pci_bus_new_inplace is moved to a new function pci_bus_init.

Acked-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:09 -06:00
Paolo Bonzini
39355c3826 qdev: change first argument of qbus_create_inplace to void *
Make it clear that no BUS() macro is needed in the callers (in fact it
wouldn't work because the object has not been initialized yet with the
right class).

Suggested-by: Andreas Faerber <afaerber@suse.de>
Acked-by: Andreas F=E4rber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:09 -06:00
Paolo Bonzini
013e118247 qdev: remove duplication between qbus_create and qbus_create_inplace
Move the common part to qbus_realize.

Acked-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:53:09 -06:00
liguang
d5286af5ef accel: change {xen, kvm, tcg, qtest}_allowed from int to bool
Signed-off-by: liguang <lig.fnst@cn.fujitsu.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 15:08:02 -06:00
Anthony Liguori
3e3648b29f xen: fix build problem introduced from per-queue peers
Reported-by Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 13:00:33 -06:00
Jason Wang
a9c87c586b virtio-net: compat multiqueue support
Disable multiqueue support for pre 1.4.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 11:03:03 -06:00
Jason Wang
5f80080183 virtio-net: migration support for multiqueue
This patch add migration support for multiqueue virtio-net. Instead of bumping
the version, we conditionally send the info of multiqueue only when the device
support more than one queue to maintain the backward compatibility.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 11:03:03 -06:00
Jason Wang
fed699f9ca virtio-net: multiqueue support
This patch implements both userspace and vhost support for multiple queue
virtio-net (VIRTIO_NET_F_MQ). This is done by introducing an array of
VirtIONetQueue to VirtIONet.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 11:03:03 -06:00
Jason Wang
0c87e93e31 virtio-net: separate virtqueue from VirtIONet
To support multiqueue virtio-net, the first step is to separate the virtqueue
related fields from VirtIONet to a new structure VirtIONetQueue. The following
patches will add an array of VirtIONetQueue to VirtIONet based on this patch.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 11:03:03 -06:00
Jason Wang
e78a2b4285 virtio: add a queue_index to VirtQueue
Add a queue_index to VirtQueue and a helper to fetch it, this could be used by
multiqueue supported device.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 11:03:03 -06:00
Jason Wang
f23fd811ac virtio: introduce virtio_del_queue()
Some device (such as virtio-net) needs the ability to destroy or re-order the
virtqueues, this patch adds a helper to do this.

Signed-off-by: Jason Wang <jasowang>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 11:03:02 -06:00
Jason Wang
a9f98bb5eb vhost: multiqueue support
This patch lets vhost support multiqueue. The idea is simple, just launching
multiple threads of vhost and let each of vhost thread processing a subset of
the virtqueues of the device. After this change each emulated device can have
multiple vhost threads as its backend.

To do this, a virtqueue index were introduced to record to first virtqueue that
will be handled by this vhost_net device. Based on this and nvqs, vhost could
calculate its relative index to setup vhost_net device.

Since we may have many vhost/net devices for a virtio-net device. The setting of
guest notifiers were moved out of the starting/stopping of a specific vhost
thread. The vhost_net_{start|stop}() were renamed to
vhost_net_{start|stop}_one(), and a new vhost_net_{start|stop}() were introduced
to configure the guest notifiers and start/stop all vhost/vhost_net devices.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 11:03:02 -06:00
Jason Wang
1ceef9f273 net: multiqueue support
This patch adds basic multiqueue support for qemu. The idea is simple, an array
of NetClientStates were introduced in NICState, parse_netdev() were extended to
find and match all NetClientStates belongs to the backend and place their
pointers in NICConf. Then qemu_new_nic can setup a N:N mapping between NICStates
that belongs to a nic and NICStates belongs to the netdev. And a queue_index
were introduced in NetClientState to track its index. After this, each peers of
a NICState were abstracted as a queue.

After this change, all NetClientState that belongs to the same backend/nic has
the same id. When use want to change the link status, all NetClientStates that
belongs to the same backend/nic will be also changed. When user want to delete
a device or netdev, all NetClientStates that belongs to the same backend/nic
will be deleted also. Changing or deleting an specific queue is not allowed.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 11:03:01 -06:00
Jason Wang
948ecf219c net: intorduce qemu_del_nic()
To support multiqueue nic, this patch separate the nic destructor from
qemu_del_net_client() to a new helper qemu_del_nic() since the mapping bettween
NiCState and NetClientState were not 1:1 in multiqueue. The following patches
would refactor this function to support multiqueue nic.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 11:03:01 -06:00
Jason Wang
cc1f0f4542 net: introduce qemu_get_nic()
To support multiqueue, this patch introduces a helper qemu_get_nic() to get
NICState from a NetClientState. The following patches would refactor this helper
to support multiqueue.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 11:03:00 -06:00
Jason Wang
b356f76de3 net: introduce qemu_get_queue()
To support multiqueue, the patch introduce a helper qemu_get_queue()
which is used to get the NetClientState of a device. The following patches would
refactor this helper to support multiqueue.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 11:02:55 -06:00
Jason Wang
ec45f08313 net: tap: using bool instead of bitfield
Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 10:50:59 -06:00
Andreas Färber
3e7b8f4e6f isa: QOM'ify isa_bus_from_device()
DeviceState::parent_bus is document as private and should be accessed
through qdev_get_parent_bus(). Use a DEVICE() cast instead of accessing
ISADevice's qdev field directly. Use ISA_BUS() in place of DO_UPCAST().

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 10:43:28 -06:00
Andreas Färber
8aae84a1f2 i2c: Drop I2C_SLAVE_FROM_QDEV() macro
It is not being used in hot paths and is obsoleted by I2C_SLAVE()
QOM cast macro. Clean it up using a scripted conversion, so that it
doesn't get used in new code.

Some of its callers were combining it with FROM_I2C_SLAVE() macro, which
is equally obsolete but needs to be replaced in a type-specific way.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Kuo-Jung Su <dantesu@faraday-tech.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 10:43:24 -06:00
Michael Roth
70ddd9f66d Revert "e1000: no need auto-negotiation if link was down"
This reverts commit 84dd212024.

I'm not sure what issue the original commit was meant to fix, or if
the logic is actually wrong, but it causes e1000 to stop working
after a guest issues a reset.

>From what I can tell a guest with an e1000 nic has no way of changing
the link status, as far as it's NetClient peer is concerned, except
in the auto-negotiation path, so with this patch in place there's no
recovery after a reset, since the link goes down and stays that way.

Revert this patch now to fix the bigger problem, and handle any
lingering issues with a follow-up.

Reproduced/tested with qemu-jeos and Ubuntu 12.10.

Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-01 10:43:13 -06:00
Anthony Liguori
e205842bd9 Merge remote-tracking branch 'agraf/s390-for-upstream' into staging
# By Andreas Färber
# Via Alexander Graf
* agraf/s390-for-upstream:
  target-s390x: Pass S390CPU to s390_{add, del}_running_cpu()
  target-s390x: Clean up cpu_inject_*() signatures
  target-s390x: Fix debug output
  target-s390x: Fix debug output (continued)
2013-02-01 09:06:23 -06:00
Anthony Liguori
8a55ebf015 Merge remote-tracking branch 'afaerber/qom-cpu' into staging
# By Andreas Färber
# Via Andreas Färber
* afaerber/qom-cpu:
  linux-user: bsd-user: Don't reset X86CPU twice
  target-i386: Pass X86CPU to cpu_x86_set_a20()
  target-unicore32: Rename CPU subtypes
  target-openrisc: Rename CPU subtypes
  target-openrisc: TYPE_OPENRISC_CPU should be abstract
  target-m68k: Rename CPU subtypes
  target-m68k: Mark as unmigratable
  target-s390x: Mark as unmigratable
  target-sh4: Mark as unmigratable
  target-xtensa: Mark as unmigratable
  target-microblaze: Mark as unmigratable
  target-unicore32: Mark as unmigratable
  ide/mmio: QOM'ify MMIO IDE for R2D
2013-01-31 19:37:33 -06:00
Anthony Liguori
c628d74738 virtio,make,pci,e1000,vfio,piix
This includes my timestamp generation cleanup,
 Amos's and my work on virtio net commands,
 pci,e1000,vfio and piix fixes.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.13 (GNU/Linux)
 
 iQEcBAABAgAGBQJRCmGLAAoJECgfDbjSjVRp6PUH/1YsrRgrPUEhrhHwM4OPAMB5
 D/kcTwrS4R7XNk6HRElfVnPbDYl2iIqi7a6RrY/x2jQvMBaghT5v6w07kg9gCooF
 qNpHUr0y2YHy9yIFpG36SntqDmXXqvd4ngAMn7EviDH6OvwI8dSqbIVRUFc8yw5c
 g+EyEQpyZieBVEGnWPEl6qDo4KFw9nU3p0A93fsQnKikXet00d+V01hQ4TALbBxk
 EkeM1tYTjVlHOZAPsq6I2/CvRCO7YbIaboJJ9ZQ83GCX7TEsYELaMOc1qxVOAv0k
 rKVijwqyHvhncxumPM/NIUuSnQTQxxeJmV4mWLARPGSh7FYorqMesnY4p1aX4RQ=
 =k7PQ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mst/tags/for_anthony' into staging

virtio,make,pci,e1000,vfio,piix

This includes my timestamp generation cleanup,
Amos's and my work on virtio net commands,
pci,e1000,vfio and piix fixes.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Thu 31 Jan 2013 06:20:27 AM CST using RSA key ID D28D5469
# gpg: Can't check signature: public key not found

# By Michael S. Tsirkin (6) and others
# Via Michael S. Tsirkin
* mst/tags/for_anthony:
  vfio-pci: Enable PCIe extended config space
  PIIX3: reset the VM when the Reset Control Register's RCPU bit gets set
  ich9: add support for pci assignment
  virtio-net: rename ctrl rx commands
  virtio-net: introduce a new macaddr control
  virtio-net: remove layout assumptions for ctrl vq
  virtio-net: revert mac on reset
  rules/mak: make clean should blow away timestamp files
  Makefile: clean timestamp generation rule
  rules.mak: cleanup config generation rules
  e1000: document ICS read behaviour
2013-01-31 19:35:24 -06:00
Andreas Färber
49e158785f target-s390x: Pass S390CPU to s390_{add, del}_running_cpu()
This prepares for moving the halted field to CPUState.
Most call sites can already supply S390CPU, for some env becomes unused.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-02-01 02:02:20 +01:00
Andreas Färber
f94667336e target-s390x: Clean up cpu_inject_*() signatures
Despite cautioning that S390CPU is needed for upcoming CPUState
refactorings, commit 5d69c547d9 (s390:
I/O interrupt and machine check injection.) added functions
cpu_inject_io() and cpu_inject_crw_mchk() with CPUS390XState argument,
claiming consistency with cpu_inject_ext().

This complicates making cpu_interrupt() take a CPUState even more and it
required to pass &cpu->env from some S390CPU-aware call sites already,
creating inconsistency elsewhere. Address that.

This also eliminates the need for CPUS390XState in s390_virtio_irq().

Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-02-01 02:02:20 +01:00
Andreas Färber
cc36a7a2c7 target-i386: Pass X86CPU to cpu_x86_set_a20()
Prepares for cpu_interrupt() changing argument to CPUState.

While touching it, rename to x86_cpu_...() now that it takes an X86CPU.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
2013-02-01 01:35:43 +01:00
Andreas Färber
6b2578d678 ide/mmio: QOM'ify MMIO IDE for R2D
It was not qdev'ified before, so turn it into a SysBusDevice.
Keep mmio_ide_init_drives() around to attach the hard drive.

Signed-off-by: Andreas Färberr <afaerber@suse.de>
Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2013-02-01 00:13:41 +01:00
Anthony Liguori
321f211707 Merge remote-tracking branch 'pmaydell/arm-devs.next' into staging
# By Christoffer Dall (1) and Peter Maydell (1)
# Via Peter Maydell
* pmaydell/arm-devs.next:
  hw/vexpress: Use correct HBI (board model number) for vexpress-a15
  hw/arm_sysctl: Clear sysctl cfgctrl start bit
2013-01-30 10:51:47 -06:00
Anthony Liguori
b0df98f3a2 Merge remote-tracking branch 'stefanha/trivial-patches' into staging
# By Markus Armbruster (12) and others
# Via Stefan Hajnoczi
* stefanha/trivial-patches:
  qmp-commands.hx: s/tray-open/tray_open/ to match qapi schema
  tests: Fix {rtc, m48t59}-test build on illumos
  qemu-pixman.h: Avoid mutual inclusion loop with console.h
  qemu-ga: Fix unchecked strdup() by converting to g_strdup()
  qapi: Fix unchecked strdup() by converting to g_strdup()
  libcacard: Fix unchecked strdup() by converting to g_strdup()
  qemu-log: Plug trivial memory leak in cpu_set_log_filename()
  qemu-log: Fix unchecked strdup() by converting to g_strdup()
  virtfs-proxy-helper: Fix unchecked strdup() by conv. to g_strdup()
  spice: Fix unchecked strdup() by converting to g_strdup()
  readline: Fix unchecked strdup() by converting to g_strdup()
  hw/9pfs: Fix unchecked strdup() by converting to g_strdup()
  g_strdup(NULL) returns NULL; simplify
  g_malloc(0) and g_malloc0(0) return NULL; simplify
  xilinx_axidma: Fix debug mode compile messages
  cadence_gem: Debug mode compile fixes
  cadence_ttc: Debug mode compile fixes
  vnc: Clean up vncws_send_handshake_response()
2013-01-30 10:51:18 -06:00
Anthony Liguori
7cc2a8b14a Merge remote-tracking branch 'afaerber-or/prep-up' into staging
# By Andreas Färber
# Via Andreas Färber
* afaerber-or/prep-up:
  prep: Move PReP machine to hw/ppc/
  prep_pci: Convert to QOM realizefn
  prep_pci: Create PCIBus and PCIDevice in-place
2013-01-30 10:48:23 -06:00
Peter Maydell
f61850bffb hw/vexpress: Use correct HBI (board model number) for vexpress-a15
The vexpress-a15 QEMU model is supposed to be a V2P-CA15; the HBI
(a kind of board model number) for this coretile is 237, not 217.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-01-30 15:39:02 +00:00
Christoffer Dall
706872a566 hw/arm_sysctl: Clear sysctl cfgctrl start bit
The start bit should only be set to indicate that a function call is
underway, right now.  When done with function, clear it.

Signed-off-by: Christoffer Dall <c.dall@virtualopensystems.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-01-30 15:39:01 +00:00
Markus Armbruster
d3f8e138c2 hw/9pfs: Fix unchecked strdup() by converting to g_strdup()
Note: the allocation in virtio_9p_init() is still leaked.  To be fixed
in a followup commit.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-30 11:14:46 +01:00
Markus Armbruster
c64f50d1e2 g_strdup(NULL) returns NULL; simplify
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-30 11:14:46 +01:00
Markus Armbruster
6528499fa4 g_malloc(0) and g_malloc0(0) return NULL; simplify
Once upon a time, it was decided that qemu_malloc(0) should abort.
Switching to glib retired that bright idea.  Some code that was added
to cope with it (e.g. in commits 702ef63, b76b6e9) is still around.
Bury it.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-30 11:14:46 +01:00
Andreas Färber
7561015556 prep: Move PReP machine to hw/ppc/
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2013-01-30 10:42:29 +01:00
Peter Crosthwaite
74cef80c47 xilinx_axidma: Fix debug mode compile messages
Missing cast one one of the conditionally compiled printfs.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-30 10:31:27 +01:00
Peter Crosthwaite
080251a464 cadence_gem: Debug mode compile fixes
Some printfs are throwing warnings when debug mode is enabled. Fixed.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-30 10:31:27 +01:00
Peter Crosthwaite
c69544130f cadence_ttc: Debug mode compile fixes
Some printfs are throwing warnings when debug mode is enabled. Fixed.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-30 10:31:27 +01:00
Alex Williamson
6a659bbff9 vfio-pci: Enable PCIe extended config space
We don't know pre-init time whether the device we're exposing is PCIe
or legacy PCI.  We could ask for it to be specified via a device
option, but that seems like too much to ask of the user.  Instead we
can assume everything will be PCIe, which makes PCI-core allocate
enough config space.  Removing the flag during init leaves the space
allocated, but allows legacy PCI devices to report the real device
config space size to rest of Qemu.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-30 01:31:09 +02:00
Laszlo Ersek
1ec4ba7416 PIIX3: reset the VM when the Reset Control Register's RCPU bit gets set
Traditional PCI config space access is achieved by writing a 32 bit
  value to io port 0xcf8 to identify the bus, device, function and config
  register. Port 0xcfc then contains the register in question. But if you
  write the appropriate pair of magic values to 0xcf9, the machine will
  reboot. Spectacular! And not standardised in any way (certainly not part
  of the PCI spec), so different chipsets may have different requirements.
  Booo.

In the PIIX3 spec, IO port 0xcf9 is specified as the Reset Control
Register. Bit 1 (System Reset, SRST) would normally differentiate between
soft reset and hard reset, but we ignore the difference beyond allowing
the guest to read it back.

RHBZ reference: 890459

This patch introduces the following overlap between the preexistent
"pci-conf-idx" region and the "piix3-reset-control" region just being
added. Partial output from "info mtree":

  I/O
  0000000000000000-000000000000ffff (prio 0, RW): io
    0000000000000cf8-0000000000000cfb (prio 0, RW): pci-conf-idx
    0000000000000cf9-0000000000000cf9 (prio 1, RW): piix3-reset-control

I sanity-checked the patch by booting a RHEL-6.3 guest and found no
problems. I summoned gdb and set a breakpoint on rcr_write() in order to
gather a bit more confidence. Relevant frames of the stack:

  kvm_handle_io (port=3321, data=0x7f3f5f3de000, direction=1, size=1,
                 count=1)                                 [kvm-all.c:1422]
    cpu_outb (addr=3321, val=6 '\006')                      [ioport.c:289]
      ioport_write (index=0, address=3321, data=6)           [ioport.c:83]
        ioport_writeb_thunk (opaque=0x7f3f622c4680, addr=3321, data=6)
                                                            [ioport.c:212]
          memory_region_iorange_write (iorange=0x7f3f622c4680, offset=0,
                                       width=1, data=6)     [memory.c:439]
            access_with_adjusted_size (addr=0, value=0x7f3f531fbac0,
                                       size=1, access_size_min=1,
                                       access_size_max=4,
                                       access=0x7f3f5f6e0f90
                                           <memory_region_write_accessor>,
                                       opaque=0x7f3f6227b668)
                                                            [memory.c:364]
              memory_region_write_accessor (opaque=0x7f3f6227b668, addr=0,
                                            value=0x7f3f531fbac0, size=1,
                                            shift=0, mask=255)
                                                            [memory.c:334]
                rcr_write (opaque=0x7f3f6227afb0, addr=0, val=6, len=1)
                                                       [hw/piix_pci.c:498]

The dispatch happens in ioport_write(); "index=0" means byte-wide access:

    static void ioport_write(int index, uint32_t address, uint32_t data)
    {
        static IOPortWriteFunc * const default_func[3] = {
            default_ioport_writeb,
            default_ioport_writew,
            default_ioport_writel
        };
        IOPortWriteFunc *func = ioport_write_table[index][address];
        if (!func)
            func = default_func[index];
        func(ioport_opaque[address], address, data);
    }

The "ioport_write_table" and "ioport_opaque" arrays describe the flattened
IO port space. The first array is less interesting (it selects a thunk
function). The "ioport_opaque" array is interesting because it decides how
writing to the port is implemented ultimately.

4-byte wide access to 0xcf8 (pci-conf-idx):

  (gdb) print ioport_write_table[2][0xcf8]
  $1 = (IOPortWriteFunc *) 0x7f3f5f6d99ba <ioport_writel_thunk>

  (gdb) print \
        ((struct MemoryRegionIORange*)ioport_opaque[0xcf8])->mr->ops.write
  $2 = (void (*)(void *, hwaddr, uint64_t, unsigned int))
       0x7f3f5f5575cb <pci_host_config_write>

1-byte wide access to 0xcf9 (piix3-reset-control):

  (gdb) print ioport_write_table[0][0xcf9]
  $3 = (IOPortWriteFunc *) 0x7f3f5f6d98d0 <ioport_writeb_thunk>

  (gdb) print \
        ((struct MemoryRegionIORange*)ioport_opaque[0xcf9])->mr->ops.write
  $4 = (void (*)(void *, hwaddr, uint64_t, unsigned int))
       0x7f3f5f6b42f1 <rcr_write>

The higher priority of "piix3-reset-control" ensures that the 0xcf9
entries in ioport_write_table / ioport_opaque will always belong to it,
independently of its relative registration order versus "pci-conf-idx".

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-30 01:31:09 +02:00
Jason Baron
91c3f2f008 ich9: add support for pci assignment
Fills out support for the pci assignment API.  Added:

PCIINTxRoute ich9_route_intx_pin_to_irq(void *opaque, int pirq_pin)

Add calls to pci_bus_fire_intx_routing_notifier() when routing changes
are made.

Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-30 01:31:09 +02:00
Amos Kong
dd23454ba2 virtio-net: rename ctrl rx commands
This patch makes rx commands consistent with specification.

Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-30 01:31:09 +02:00
Amos Kong
c1943a3f37 virtio-net: introduce a new macaddr control
In virtio-net guest driver, currently we write MAC address to
pci config space byte by byte, this means that we have an
intermediate step where mac is wrong. This patch introduced
a new control command to set MAC address, it's atomic.

VIRTIO_NET_F_CTRL_MAC_ADDR is a new feature bit for compatibility.

"mac" field will be set to read-only when VIRTIO_NET_F_CTRL_MAC_ADDR
is acked.

Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-30 01:31:09 +02:00
Michael S. Tsirkin
921ac5d0f3 virtio-net: remove layout assumptions for ctrl vq
Virtio-net code makes assumption about virtqueue descriptor layout
(e.g. sg[0] is the header, sg[1] is the data buffer).

This patch makes code not rely on the layout of descriptors.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-30 01:31:09 +02:00
Michael S. Tsirkin
41dc8a67c7 virtio-net: revert mac on reset
Once guest overrides virtio net primary mac,
it retains the value set until qemu exit.
This is inconsistent with standard nic behaviour.
To fix, revert the mac to the original value on reset.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-30 01:31:08 +02:00
Michael S. Tsirkin
a52a884103 e1000: document ICS read behaviour
Add code comment to clarify the reason we set ICS with ICR:
the reason was previously undocumented and git
log confused rather than clarified the comments.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-30 01:31:08 +02:00
Cornelia Huck
19380b1bf5 s390: Drop set_bit usage in virtio_ccw.
set_bit on indicators doesn't go well on 32 bit targets:

note: expected 'long unsigned int *' but argument is of type 'uint64_t *'

Switch to bit shifts instead.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
[agraf: use 1ULL instead]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-29 21:50:05 +01:00
Cornelia Huck
8d034a6fad s390: css error codes.
Changed error codes in the channel subsystem / virtio-ccw code
(-EOPNOTSUPP -> -ENOSYS, -ERESTART -> -EINPROGRESS).

This should hopefully fix building on mingw32.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-29 21:50:05 +01:00
Cornelia Huck
50c8d9bfc6 s390: Use s390_cpu_physical_memory_map for tpi.
Map the I/O interruption code before calling into css.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-29 21:50:05 +01:00
Cornelia Huck
a5c95808ba s390: Add s390-ccw-virtio machine.
Add a new machine type, s390-ccw-virtio, making use of the
virtio-ccw transport to present virtio devices as channel
devices.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-29 21:50:05 +01:00
Andreas Färber
ab290630fa s390-virtio: Check for NULL device in reset hypercall
s390_virtio_bus_find_mem() may return a NULL VirtIOS390Device.
If called with, e.g., args[0] == 0, this leads to a segfault.
Fix this by adding error handling as done for other hypercalls.

Present since baf0b55a9e (Implement
virtio reset).

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-29 21:50:04 +01:00
Alexander Graf
b73d353110 s390: Move hw files to hw/s390x
This moves all files only used by s390 system emulation to hw/s390x.

Signed-off-by: Alexander Graf <agraf@suse.de>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
2013-01-29 21:50:04 +01:00
Paolo Bonzini
93726cb319 virtio-s390: add a reset function to virtio-s390 devices
virtio-s390 devices are not being reset when their bus is.  To fix
this, add a reset method that forwards to virtio_reset.  This is
only needed because of the "strange" modeling of virtio devices;
the ->vdev link is being handled manually rather than through qdev.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-29 21:50:04 +01:00
Alexander Graf
49973ebc03 s390: Make typeinfo const
All TypeInfo definitions should be const.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-29 21:50:04 +01:00
Cornelia Huck
a5cf2bb4e3 s390: Add new channel I/O based virtio transport.
Add a new virtio transport that uses channel commands to perform
virtio operations.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-29 21:50:04 +01:00
Cornelia Huck
fad37673f5 s390-virtio: Factor out some initialization code.
Some of the machine initialization for s390-virtio will be reused
by virtio-ccw.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-29 21:50:04 +01:00
Cornelia Huck
df1fe5bb49 s390: Virtual channel subsystem support.
Provide a mechanism for qemu to provide fully virtual subchannels to
the guest.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-29 21:50:04 +01:00
Alexander Graf
3ef669e194 s390: Add default support for SCLP console
The current s390 machine uses the virtio console as default console,
but this doesn't mean that we always want to keep it that way for new
machines.

This patch introduces a way for a machine type to specify that it wants
the default console to be an SCLP console, which is a lot closer to what
real hardware does.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
2013-01-29 21:50:04 +01:00
Anthony Liguori
ec9466ff2e Merge remote-tracking branch 'afaerber/qom-cpu' into staging
* afaerber/qom-cpu: (37 commits)
  kvm: Pass CPUState to kvm_on_sigbus_vcpu()
  cpu: Unconditionalize CPUState fields
  target-m68k: Use type_register() instead of type_register_static()
  target-unicore32: Use type_register() instead of type_register_static()
  target-openrisc: Use type_register() instead of type_register_static()
  target-unicore32: Catch attempt to instantiate abstract type in cpu_init()
  target-openrisc: Catch attempt to instantiate abstract type in cpu_init()
  target-m68k: Catch attempt to instantiate abstract type in cpu_init()
  target-arm: Catch attempt to instantiate abstract type in cpu_init()
  target-alpha: Catch attempt to instantiate abstract type in cpu_init()
  qom: Introduce object_class_is_abstract()
  target-unicore32: Detect attempt to instantiate non-CPU type in cpu_init()
  target-openrisc: Detect attempt to instantiate non-CPU type in cpu_init()
  target-m68k: Detect attempt to instantiate non-CPU type in cpu_init()
  target-alpha: Detect attempt to instantiate non-CPU type in cpu_init()
  target-arm: Detect attempt to instantiate non-CPU type in cpu_init()
  cpu: Add model resolution support to CPUClass
  target-i386: Remove setting tsc-frequency from x86_def_t
  target-i386: Set custom features/properties without intermediate x86_def_t
  target-i386: Remove vendor_override field from CPUX86State
  ...

Conflicts:
	tests/Makefile

Resolved simple conflict caused by lack of context in Makefile

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-28 14:48:03 -06:00
Anthony Liguori
503cb22e05 Merge remote-tracking branch 'kwolf/for-anthony' into staging
# By Paolo Bonzini (14) and others
# Via Kevin Wolf
* kwolf/for-anthony: (24 commits)
  ide: Add fall through annotations
  block: Create proper size file for disk mirror
  ahci: Add migration support
  ahci: Change data types in preparation for migration
  ahci: Remove unused AHCIDevice fields
  hbitmap: add assertion on hbitmap_iter_init
  mirror: do nothing on zero-sized disk
  block/vdi: Check for bad signature
  block/vdi: Improved return values from vdi_open
  block/vdi: Improve debug output for signature
  block: Use error code EMEDIUMTYPE for wrong format in some block drivers
  block: Add special error code for wrong format
  mirror: support arbitrarily-sized iterations
  mirror: support more than one in-flight AIO operation
  mirror: add buf-size argument to drive-mirror
  mirror: switch mirror_iteration to AIO
  mirror: allow customizing the granularity
  block: allow customizing the granularity of the dirty bitmap
  block: return count of dirty sectors, not chunks
  mirror: perform COW if the cluster size is bigger than the granularity
  ...
2013-01-28 14:46:45 -06:00
Anthony Liguori
6cebf7afac Merge remote-tracking branch 'luiz/queue/qmp' into staging
# By Lei Li (3) and others
# Via Luiz Capitulino
* luiz/queue/qmp:
  QAPI: Introduce memchar-read QMP command
  QAPI: Introduce memchar-write QMP command
  qemu-char: Add new char backend CirMemCharDriver
  docs: document virtio-balloon stats
  balloon: re-enable balloon stats
  balloon: drop old stats code & API
  block: Monitor command commit neglects to report some errors
2013-01-28 14:41:25 -06:00
Andreas Färber
8d5ce2e564 prep_pci: Convert to QOM realizefn
SysBusDeviceClass' initfn merely calls SysBusDeviceClass::init, so we
can already hook up our own realizefn overwriting this behavior.

A symmetric unrealizefn is not necessary, knowing that the child's
unrealizefn is still no-op, too. Avoids ripping it out again when
recursive realization at DeviceState-level is implemented.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2013-01-27 23:04:26 +01:00
Andreas Färber
98aca3c8e8 prep_pci: Create PCIBus and PCIDevice in-place
Prepares for QOM realizefn by removing object creation from qdev initfn.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2013-01-27 23:04:26 +01:00
Eduardo Habkost
8932cfdf7b pc: Generate APIC IDs according to CPU topology
This keeps compatibility on machine-types pc-1.2 and older, and prints a
warning in case the requested configuration won't get the correct
topology.

I couldn't think of a better way to warn about broken topology when in
compat mode other than using error_report(). The warning message will
probably be buried in a log file somewhere, but it's better than
nothing.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27 14:34:27 +01:00
Eduardo Habkost
1d934e8979 pc: Set fw_cfg data based on APIC ID calculation
This changes FW_CFG_MAX_CPUS and FW_CFG_NUMA to use apic_id_for_cpu(),
so the NUMA table can be based on the APIC IDs, instead of CPU index
(SeaBIOS knows nothing about CPU indexes, just APIC IDs).

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27 14:34:27 +01:00
Eduardo Habkost
70db922278 fw_cfg: Remove FW_CFG_MAX_CPUS from fw_cfg_init()
PC will not use max_cpus for that field, so move it outside the common
code so it can use a different value on PC.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27 14:34:27 +01:00
Eduardo Habkost
2969475869 pc: Reverse pc_init_pci() compatibility logic
Currently, the pc-1.4 machine init function enables PV EOI and then
calls the pc-1.2 machine init function. The problem with this approach
is that now we can't enable any additional compatibility code inside the
pc-1.2 init function because it would end up enabling the compatibility
behavior on pc-1.3 and pc-1.4 as well.

This reverses the logic so that the pc-1.2 machine init function will
disable PV EOI, and then call the pc-1.4 machine init function.

This way we can change older machine-types to enable compatibility
behavior, and the newer machine-types (pc-1.3, pc-q35-1.4 and
pc-i440fx-1.4) would just use the default behavior.

(This means that one nice side-effect of this change is that pc-q35-1.4
will get PV EOI enabled by default, too)

It would be interesting to eventually change pc_init_pci_no_kvmclock()
and pc_init_isa() to reuse pc_init_pci_1_2() as well (so we don't need
to duplicate compatibility code on those two functions). But this will
be probably much easier to do after we create a PCInitArgs struct for
the PC initialization arguments, and/or after we use global-properties
to implement the compatibility modes present in pc_init_pci_1_2().

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27 14:34:26 +01:00
Edgar E. Iglesias
6034fe7bdb xilinx_ethlite: Avoid build warnings in debug code
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-01-27 01:05:00 +01:00
Peter Crosthwaite
a56d305a6d m25p80.c: Return state to IDLE after COLLECTING
Default to moving back to the IDLE state after the COLLECTING_DATA
state. For a well behaved guest this patch has no consequence, but
A bad guest could crash QEMU by using one of the erase commands
followed by a longer than 5 byte argument (undefined behaviour).

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-01-27 01:00:19 +01:00
Peter Crosthwaite
2f991adb8e xilinx_ethlite: Flush queued packets on SW service
Software services a received packet by clearing the CTRL_S bit in the RX_CTRLn
register. If this bit is cleared, flush any packets queued for the device.

Reported-by: John Williams <john.williams@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-01-27 00:48:40 +01:00
Peter Crosthwaite
808fb9f277 xilinx_ethlite: fix eth_can_rx() for ping-pong
The eth_can_rx() function only checks the first buffers status ("ping"). The
controller should be able to receive into "pong" when ping-pong is enabled.
Checks the active buffer (either "ping" or "pong") when determining can_rx()
rather than just testing "ping".

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-01-27 00:48:39 +01:00
Blue Swirl
13144781d4 Merge branch 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf
* 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf:
  PPC: e500: Select MPIC v4.2 on ppce500 platform
  PPC: e500: fix mpic_iack address
  openpic: add basic support for MPIC v4.2
  openpic: fix timer address decoding
  openpic: fix remaining issues from idr-to-destmask conversion
  pseries: Adjust default VIO address allocations to play better with libvirt
  pseries: Improve handling of multiple PCI host bridges
  target-ppc: Give a meaningful error if too many threads are specified
  cuda: Move ADB bus into CUDA state
  adb: QOM'ify ADB devices
  adb: QOM'ify Apple Desktop Bus
  cuda: QOM'ify CUDA
  ide/macio: QOM'ify MacIO IDE
  mac_nvram: QOM'ify MacIO NVRAM
  mac_nvram: Mark as Big Endian
  mac_nvram: Clean up public API
  macio: Split MacIO in two
  macio: Delay qdev init until all fields are initialized
  macio: QOM'ify some more
  ppc: Move Mac machines to hw/ppc/
2013-01-26 14:18:28 +00:00
Michael Tokarev
8cb6bfb54e vmware_vga: fix out of bounds and invalid rects updating
This is a follow up for several attempts to fix this issue.

Previous incarnations:

1. http://thread.gmane.org/gmane.linux.ubuntu.bugs.general/3156089
https://bugs.launchpad.net/bugs/918791
"qemu-kvm dies when using vmvga driver and unity in the guest" bug.
Fix by Serge Hallyn:
 https://launchpadlibrarian.net/94916786/qemu-vmware.debdiff
This fix is incomplete, since it does not check width and height
for being negative.  Serge weren't sure if that's the right place
to fix it, maybe the fix should be up the stack somewhere.

2. http://thread.gmane.org/gmane.comp.emulators.qemu/166064
by Marek Vasut: "vmware_vga: Redraw only visible area"

This one adds the (incomplete) check to vmsvga_update_rect_delayed(),
the routine just queues the rect updating but does no interesting
stuff.  It is also incomplete in the same way as patch by Serge,
but also does not touch width&height at all after adjusting x&y,
which is wrong.

As far as I can see, when processing guest requests, the device
places them into a queue (vmsvga_update_rect_delayed()) and
processes this queue in different place/time, namely, in
vmsvga_update_rect().  Sometimes, vmsvga_update_rect() is
called directly, without placing the request to the gueue.
This is the place this patch changes, which is the last
(deepest) in the stack.  I'm not sure if this is the right
place still, since it is possible we have some queue optimization
(or may have in the future) which will be upset by negative/wrong
values here, so maybe we should check for validity of input
right when receiving request from the guest (and maybe even
use unsigned types there).  But I don't know the protocol
and implementation enough to have a definitive answer.

But since vmsvga_update_rect() has other sanity checks already,
I'm adding the missing ones there as well.

Cc'ing BALATON Zoltan and Andrzej Zaborowski who shows in `git blame'
output and may know something in this area.

If this patch is accepted, it should be applied to all active
stable branches (at least since 1.1, maybe even before), with
minor context change (ds_get_*(s->vga.ds) => s->*).  I'm not
Cc'ing -stable yet, will do it explicitly once the patch is
accepted.

BTW, these checks use fprintf(stderr) -- it should be converted
to something more appropriate, since stderr will most likely
disappear somewhere.

Cc: Marek Vasut <marex@denx.de>
CC: Serge Hallyn <serge.hallyn@ubuntu.com>
Cc: BALATON Zoltan <balaton@eik.bme.hu>
Cc: Andrzej Zaborowski <balrogg@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Marek Vasut <marex@denx.de>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26 13:33:02 +00:00
Peter Maydell
98ed805c38 hw/arm_boot: Align device tree to 4KB boundary, not page
Align the device tree blob to a 4KB boundary, not to QEMU's
idea of a page boundary -- the latter is the smallest possible
page size for the architecture, which on ARM is 1KB.
The documentation for Linux does not impose separation
or alignment requirements on the device tree blob, but
in practice some kernels will happily trash the entire
page the initrd ends in after they have finished uncompressing
the initrd. So 4KB-align the DTB to ensure it does not get
trampled by these kernels.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26 13:28:16 +00:00
Markus Armbruster
9f8863ebd7 fw_cfg: Drop a few superfluous initializers
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26 13:23:42 +00:00
Markus Armbruster
d09acb9b5e fw_cfg: Splash image loader can overrun a stack variable, fix
read_splashfile() passes the address of an int variable as size_t *
parameter to g_file_get_contents(), with a cast to gag the compiler.

No problem on machines where sizeof(size_t) == sizeof(int).

Happens to work on my x86_64 box (64 bit little endian): the least
significant 32 bits of the file size end up in the right place
(caller's variable file_size), and the most significant 32 bits
clobber a place that gets assigned to before its next use (caller's
variable file_type).

I'd expect it to break on a 64 bit big-endian box.

Fix up the variable types and drop the problematic cast.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26 13:23:33 +00:00
Peter Maydell
de16017dc8 hw/pxa2xx_timer: Explicitly mark fallthroughs
Explicitly mark the fallthroughs as intentional in the code
pattern where we gradually increment an index before falling
into the code to read/write that array entry:
    case THINGY_3: idx++;
    case THINGY_2: idx++;
    case THINGY_1: idx++;
    case THINGY_0: return s->thingy[idx];

This makes static analysers happy.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26 13:20:44 +00:00
Peter Maydell
89556d1725 hw/smc91c111: Add explicit 'return' rather than relying on fallthrough
Add an explicit 'return' statement to a case in smc91c111_readb
rather than relying on fallthrough to the following case's
return statement, for code clarity and to placate static analysers.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26 13:20:44 +00:00
Peter Maydell
3095485029 hw/pflash_cfi02.c: Mark deliberate fallthrough
Mark the deliberate fallthrough where we treat the case of
an attempt to read flash when it is an unknown command
state as if it were a normal read.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26 13:20:44 +00:00
Peter Maydell
be688dfb8d hw/omap_dma, hw/omap_spi: Explicitly mark fallthroughs
Explicitly mark the fallthroughs as intentional in the code
pattern where we gradually increment an index before falling
into the code to read/write that array entry:
  case THINGY_3: idx++;
  case THINGY_2: idx++;
  case THINGY_1: idx++;
  case THINGY_0: return s->thingy[idx];

This makes static analysers happy.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26 13:20:44 +00:00
Peter Maydell
139bd956ea hw/omap1.c: Add fallthrough markers and breaks
Explicitly mark cases where we are deliberately falling
through to the following code. In one case we insert a
'break' instead of falling through to a 'break', as this
seems slightly clearer.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26 13:20:44 +00:00
Peter Maydell
bf4229d3cb hw/arm_sysctl.c: Add missing 'break' statements
Add some break statements that were accidentally omitted
from some cases of arm_sysctl_write(). The omission was
harmless because in both cases the following case did
an immediate break, but adding the breaks explicitly
placates static analysers and avoids weird behaviour if
the following register is ever implemented as something
other than a no-op.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26 13:20:43 +00:00
Paolo Bonzini
82cb6b041c build: remove extra-obj-y
extra-obj-y is somewhat complicated to understand.  Replace it with a
special CONFIG_ALL symbol that is defined only at toplevel.
This limits the case of directories defining more than one
*-obj-y target.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26 13:15:37 +00:00
Paolo Bonzini
000823449c build: remove universal-obj-y
All of universal-obj-y, user-obj-y (right now unused) and common-obj-y can
be unified into common-obj-y if we take care of defining CONFIG_SOFTMMU
and CONFIG_USER_ONLY in the toplevel makefile.  This is similar to how
we define symbols for hardware components.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26 13:15:35 +00:00
Scott Wood
f5fba9d27f PPC: e500: Select MPIC v4.2 on ppce500 platform
The compatible string is changed to fsl,mpic on all e500 platforms, to
advertise the existence of BRR1.  This matches what the device tree will
have on real hardware.

With MPIC v4.2 max_cpu can be increased from 15 to 32.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:56 +01:00
Scott Wood
bd25922e73 PPC: e500: fix mpic_iack address
MPIC+0xa0 is IACK for the current CPU.  MPIC+0x200a0 is IACK for CPU 0.
This fix allows EPR to work with an SMP target.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:56 +01:00
Scott Wood
e0dfe5b189 openpic: add basic support for MPIC v4.2
Besides the new value in the version register, this provides:
- ILR support, which includes:
  - IDR becoming a pure CPU bitmap, allowing 32 CPUs
  - machine check output support (though other parts of QEMU need to
    be fixed for it to do something other than immediately reboot the
    guest)
- dummy error interrupt support (EISR0/EIMR0 read as zero)
  - actually all FSL MPICs get all summary registers returning zero for now,
    which includes EISR0/EIMR0

Various refactoring is done to support these changes and to ease
new functionality (e.g. a more flexible way of declaring regions).

Just as the code was already not a full implementation of MPIC v2.0,
this is not a full implementation of MPIC v4.2 -- e.g. it still has only
one bank of MSIs.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:56 +01:00
Scott Wood
03274d44f6 openpic: fix timer address decoding
The timer memory range begins at 0x10f0, so that address 0x1120 shows
up as 0x30, 0x1130 shows up as 0x40, etc.  However, the address
decoding (other than TFRR) is not adjusted for this, causing the
wrong registers to be accessed.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:56 +01:00
Scott Wood
f40c360c0d openpic: fix remaining issues from idr-to-destmask conversion
openpic_update_irq() was checking idr rather than destmask, treating
it as if it were a simple bitmap of cpus.  Changed to use destmask.

IPI delivery was removing bits directly from .idr, without calling
write_IRQreg_idr so that the change could be conveyed to destmask.
Changed to use destmask directly.

Save/restore destmask when serializing, as due to the IPI change it
cannot be reproduced from idr.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:56 +01:00
David Gibson
1ea1ce8ac3 pseries: Adjust default VIO address allocations to play better with libvirt
Currently, if VIO devices for pseries don't have addresses explicitly
allocated, they get automatically numbered from 0x1000.  This is in the
same general range that libvirt will typically assign VIO device addresses.

That means that if there is a device libvirt doesn't know about, and it
gets an address assigned before the libvirt assigned devices are processed,
we can end up with an address conflict (qemu will abort with an error).

While the real solution is to teach libvirt about the other devices, so it
can correctly manage the whole allocation, this patch reduces the interim
inconvenience by moving qemu allocations to a range that libvirt is less
likely to conflict with.

Because the guest gets the device addresses through the device tree, these
addresses are truly arbitrary and can be changed without breaking guests.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:55 +01:00
David Gibson
caae58cba0 pseries: Improve handling of multiple PCI host bridges
Multiple - even many - PCI host bridges (i.e. PCI domains) are very
common on real PAPR compliant hardware.  For reasons related to the
PAPR specified IOMMU interfaces, PCI device assignment with VFIO will
generally require at least two (virtual) PHBs and possibly more
depending on which devices are assigned.

At the moment the qemu PAPR PCI code will not deal with this well,
leaving several crucial parameters of PHBs other than the default one
uninitialized.  This patch reworks the code to allow this.

Every PHB needs a unique BUID (Bus Unit Identifier, the id used for
the PAPR PCI related interfaces) and a unique LIOBN (Logical IO Bus
Number, the id used for the PAPR IOMMU related interfaces).  In
addition they need windows in CPU real address space to access PCI
memory space, PCI IO space and MSIs.  Properties are added to the PCI
host bridge qdevice to allow configuration of all these.

To simplify configuration of multiple PHBs for common cases, a
convenience "index" property is also added.  This can be set instead
of the low-level properties, and will generate suitable values for the
other parameters, different for each index value.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:55 +01:00
Andreas Färber
293c867d8c cuda: Move ADB bus into CUDA state
Replace the global adb_bus with a CUDA-internal one, accessed using
regular qdev child bus accessor.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:55 +01:00
Andreas Färber
2e4a7c9c5d adb: QOM'ify ADB devices
They were not qdev'ified before. Derive ADBDevice from DeviceState and
convert reset callbacks to DeviceClass::reset, ADBDevice::opaque pointer
to ADBDevice subtypes for mouse and keyboard and adb_{kbd,mouse}_init()
to regular qdev functions.

Fixing Coding Style issues and splitting keyboard and mouse off into
their own files is left for a later point in time.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:55 +01:00
Andreas Färber
84ede32908 adb: QOM'ify Apple Desktop Bus
It was not a qbus before, turn it into a first-class bus and initialize
it properly from CUDA. Leave it a global variable as long as devices are
not QOM'ified yet.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:55 +01:00
Andreas Färber
45fa67fb68 cuda: QOM'ify CUDA
It was not qdev'ified before. Turn it into a SysBusDevice and embed it
in MacIO.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:54 +01:00
Andreas Färber
07a7484e5d ide/macio: QOM'ify MacIO IDE
It was not qdev'ified before. Turn it into a SysBusDevice.
Embed them into the MacIO devices.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:54 +01:00
Andreas Färber
95ed3b7cf1 mac_nvram: QOM'ify MacIO NVRAM
It was not qdev'ified before. Turn it into a SysBusDevice and
initialize it via static properties.

Prepare Old World specific MacIO state and embed the NVRAM state there.

Drop macio_nvram_setup_bar() in favor of sysbus_mmio_map() or
direct use of Memory API.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:54 +01:00
Andreas Färber
d8c6d07fdf mac_nvram: Mark as Big Endian
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:54 +01:00
Andreas Färber
3743cca7d5 mac_nvram: Clean up public API
The state data field is accessed in uint8_t quantities, so switch from
uint32_t argument and return value to uint8_t.

Fix debug format specifiers while at it.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:54 +01:00
Andreas Färber
d037834a9d macio: Split MacIO in two
Let the machines create two different types. This prepares to move
knowledge about sub-devices from the machines into the devices.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:54 +01:00
Andreas Färber
7b925079e3 macio: Delay qdev init until all fields are initialized
This turns macio_bar_setup() into an implementation detail of the qdev
initfn, to be removed step by step.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:54 +01:00
Andreas Färber
fcf1bbabf4 macio: QOM'ify some more
Move bar MemoryRegion initialization to an instance_init.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:54 +01:00
Andreas Färber
baec19105b ppc: Move Mac machines to hw/ppc/
Signed-off-by: Andreas Färber <afaerber@suse.de>
[agraf: squash in MAINTAINERS fix]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-25 22:02:53 +01:00
Kevin Wolf
67bec53d9f ide: Add fall through annotations
Add comments to help static analysers detect that these cases are
intentional, and clean up some whitespace in the environment of these
comments.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2013-01-25 18:27:10 +01:00
Jason Baron
a26230218d ahci: Add migration support
Jason tested these patches by migrating Windows 7 and Fedora 17 guests
(while under I/O) on both piix with ahci attached and on q35 (which has
a built-in AHCI controller).

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-01-25 18:18:36 +01:00
Kevin Wolf
4ac557c89b ahci: Change data types in preparation for migration
The size of an int depends on the host, so in order to be able to
migrate these fields, make them either int32_t or bool, depending on the
use.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-01-25 18:18:36 +01:00
Jason Baron
1147bb15a7 ahci: Remove unused AHCIDevice fields
'dma_status' and 'dma_cb' are written to, but never read.
Remove these fields in preparation for AHCI migration bits.

Signed-off-by: Jason Baron <jbaron@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-01-25 18:18:36 +01:00
Luiz Capitulino
7e6ccd9c15 balloon: re-enable balloon stats
The statistics are now available through device properties via a
polling mechanism. First a client has to enable polling, then it
can query available stats.

Polling is enabled by setting an update interval (in seconds)
to a property named guest-stats-polling-interval, like this:

{ "execute": "qom-set",
  "arguments": { "path": "/machine/peripheral-anon/device[1]",
                 "property": "guest-stats-polling-interval", "value": 4 } }

Then the available stats can be retrieved by querying the
guest-stats property. The returned object is a dict containing
all available stats. Example:

{ "execute": "qom-get",
  "arguments": { "path": "/machine/peripheral-anon/device[1]",
  "property": "guest-stats" } }

{
    "return": {
        "stats": {
            "stat-swap-out": 0,
            "stat-free-memory": 844943360,
            "stat-minor-faults": 219028,
            "stat-major-faults": 235,
            "stat-total-memory": 1044406272,
            "stat-swap-in": 0
        },
        "last-update": 1358529861
    }
}

Please, check the next commit for full documentation.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2013-01-25 10:47:48 -02:00
Luiz Capitulino
01ceb97e7b balloon: drop old stats code & API
Next commit will re-enable balloon stats with a different interface, but
this old code conflicts with it. Let's drop it.

It's important to note that the QMP and HMP interfaces are also dropped
by this commit. That shouldn't be a problem though, because:

 1. All QMP fields are optional
 2. This feature has always been disabled

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2013-01-25 10:36:54 -02:00
Michael Tokarev
b37a2e4576 Revert "serial: fix retry logic"
This reverts commit 67c5322d70:

    I'm not sure if the retry logic has ever worked when not using FIFO mode.  I
    found this while writing a test case although code inspection confirms it is
    definitely broken.

    The TSR retry logic will never actually happen because it is guarded by an
    'if (s->tsr_rety > 0)' but this is the only place that can ever make the
    variable greater than zero.  That effectively makes the retry logic an 'if (0)

    I believe this is a typo and the intention was >= 0.  Once this is fixed thoug
    I see double transmits with my test case.  This is because in the non FIFO
    case, serial_xmit may get invoked while LSR.THRE is still high because the
    character was processed but the retransmit timer was still active.

    We can handle this by simply checking for LSR.THRE and returning early.  It's
    possible that the FIFO paths also need some attention.

    Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
    Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Even if the previous logic was never worked, new logic breaks stuff -
namely,

 qemu -enable-kvm -nographic -kernel /boot/vmlinuz-$(uname -r) -append console=ttyS0 -serial pty

the above command will cause the virtual machine to stuck at startup
using 100% CPU till one connects to the pty and sends any char to it.

Note this is rather typical invocation for various headless virtual
machines by libvirt.

So revert this change for now, till a better solution will be found.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-24 09:45:03 -06:00
Grant Likely
9fc7577af5 trivial: etraxfs_eth: Eliminate checkpatch errors
This is a trivial patch to harmonize the coding style on
hw/etraxfs_eth.c. This is in preparation to split off the bitbang mdio
code into a separate file.

Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Paul Brook <paul@codesourcery.com>
Cc: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Cc: Andreas Färber <afaerber@suse.de>
Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2013-01-24 09:15:59 +01:00
Anthony Liguori
177f7fc688 Merge remote-tracking branch 'bonzini/scsi-next' into staging
# By Peter Lieven (3) and others
# Via Paolo Bonzini
* bonzini/scsi-next:
  scsi: Drop useless null test in scsi_unit_attention()
  lsi: use qbus_reset_all to reset SCSI bus
  scsi: fix segfault with 0-byte disk
  iscsi: add support for iSCSI NOPs [v2]
  iscsi: partly avoid iovec linearization in iscsi_aio_writev
  iscsi: add iscsi_create support
2013-01-23 09:08:54 -06:00
Anthony Liguori
36ba58044e Merge remote-tracking branch 'kraxel/usb.77' into staging
# By Gerd Hoffmann
# Via Gerd Hoffmann
* kraxel/usb.77:
  usb: add usb-bot device (scsi bulk-only transport).
  ohci: add missing break
  Revert "usb-storage: Drop useless null test in usb_msd_handle_data()"
2013-01-23 09:08:33 -06:00
Markus Armbruster
0bf8264e2d scsi: Drop useless null test in scsi_unit_attention()
req was created by scsi_req_alloc(), which initializes req->dev to a
value it dereferences.  req->dev isn't changed anywhere else.
Therefore, req->dev can't be null.

Drop the useless null test; it spooks Coverity.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
2013-01-22 15:07:03 +01:00
Paolo Bonzini
032f0101aa lsi: use qbus_reset_all to reset SCSI bus
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-01-22 15:07:03 +01:00
Paolo Bonzini
0369f06f74 scsi: fix segfault with 0-byte disk
When a 0-sized disk is found, READ CAPACITY will return a
LUN NOT READY error.  However, because it returns -1 instead
of zero, the HBA will call scsi_req_continue.  This will
typically cause a segmentation fault or an assertion failure.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-01-22 15:07:03 +01:00
Gerd Hoffmann
347073336d usb: add usb-bot device (scsi bulk-only transport).
Basically the same as usb-storage, but without automatic scsi
device setup.  Also features support for up to 16 LUNs.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-22 11:09:54 +01:00
Gerd Hoffmann
7fa96d7389 ohci: add missing break
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-22 11:09:54 +01:00
Alon Levy
038c1879a0 qxl: change rom size to 8192
This is a simpler solution to 869981, where migration breaks since qxl's
rom bar size has changed. Instead of ignoring fields in QXLRom, which is what has
actually changed, we remove some of the modes, a mechanism already
accounted for by the guest. The modes left allow for portrait and
landscape only modes, corresponding to orientations 0 and 1.
Orientations 2 and 3 are dropped.

Added assert so that rom size will fit the future QXLRom increases via
spice-protocol changes.

This patch has been tested with 6.1.0.10015. With the newer 6.1.0.10016
there are problems with both "(flipped)" modes prior to the patch, and
the patch loses the ability to set "Portrait" modes. But this is a
separate bug to be fixed in the driver, and besides the patch doesn't
affect the new arbitrary mode setting functionality.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-22 11:01:07 +01:00
Gerd Hoffmann
f4c0e5011b Revert "usb-storage: Drop useless null test in usb_msd_handle_data()"
This reverts commit a1cbfd554e.

Test isn't useless.  scsi_req_enqueue() may finish the request (will
actually happen for requests which don't trigger any I/O such as
INQUIRY), then call usb_msd_command_complete() which in turn will
set s->req to NULL after unref'ing it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-22 11:01:07 +01:00
Alon Levy
e0ac6097b6 qxl: stop using non revision 4 rom fields for revision < 4
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-22 11:01:06 +01:00
Andreas Färber
1356b98d3e sysbus: Drop sysbus_from_qdev() cast macro
Replace by SYS_BUS_DEVICE() QOM cast macro using a scripted conversion.
Avoids the old macro creeping into new code.

Resolve a Coding Style warning in openpic code.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Anthony Liguori <anthony@codemonkey.ws>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-21 13:52:24 -06:00
KONRAD Frederic
11e9235b1a virtio-s390-device: create a virtio-s390-bus during init.
A virtio-s390-bus is created during the init. So one VirtIODevice can be
connected on the virtio-s390-device through this bus.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-21 13:23:14 -06:00
KONRAD Frederic
ea35d4f1e9 virtio-s390-bus: add virtio-s390-bus.
This add the virtio-s390-bus which extends virtio-bus. So one VirtIODevice can
be connected on this bus.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-21 13:23:13 -06:00
KONRAD Frederic
085bccb72c virtio-pci: refactor virtio-pci device.
Create the virtio-pci device which is abstract. This transport device will
create a virtio-pci-bus, so one VirtIODevice can be connected.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-21 13:23:13 -06:00
KONRAD Frederic
0a2acf5eb3 virtio-pci-bus: introduce virtio-pci-bus.
Introduce virtio-pci-bus, which extends virtio-bus. It is used with virtio-pci
transport device.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-21 13:23:12 -06:00
KONRAD Frederic
8e05db9234 virtio-device: refactor virtio-device.
Create the virtio-device which is abstract. All the virtio-device can extend
this class. It also add some functions to virtio-bus.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-21 13:23:12 -06:00
KONRAD Frederic
ff8eca5536 virtio-bus: introduce virtio-bus
Introduce virtio-bus. Refactored transport device will create a bus which
extends virtio-bus.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-21 13:23:12 -06:00
KONRAD Frederic
1395af6f76 qdev: add a maximum device allowed field for the bus.
Add a max_dev field to BusClass to specify the maximum amount of devices allowed
on the bus (has no effect if max_dev=0)

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-21 13:23:12 -06:00
Stefan Weil
09a021fb7c hw/tpci200: Fix compiler warning (redefined symbol with MinGW)
STATUS_TIMEOUT is defined in winnt.h:

  CC    hw/tpci200.o
hw/tpci200.c:34:0:
 warning: "STATUS_TIMEOUT" redefined [enabled by default]
/usr/lib/gcc/x86_64-w64-mingw32/4.6/../../../../x86_64-w64-mingw32/include/winnt.h:1036:0:
 note: this is the location of the previous definition

Use STATUS_TIME instead of STATUS_TIMEOUT as suggested by Alberto Garcia.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-21 11:39:15 +01:00
Michael Tokarev
5facfb4934 acpitable: open the data file in binary mode
-acpitable {file|data}=file reads the content of file, but it is
in binary form, so the file should be opened usin O_BINARY flag.
On *nix it is a no-op, but on windows and other weird platform
it is really needed.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-21 11:08:05 +01:00
Stefan Weil
d0f54533eb hw: Spelling fix in log message
defineition -> definition

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Andreas F=E4rber <afaerber@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-21 11:08:05 +01:00
Anthony Liguori
8b17ed4caa Merge remote-tracking branch 'stefanha/block' into staging
# By Kevin Wolf (4) and others
# Via Stefan Hajnoczi
* stefanha/block:
  dataplane: support viostor virtio-pci status bit setting
  dataplane: avoid reentrancy during virtio_blk_data_plane_stop()
  win32-aio: use iov utility functions instead of open-coding them
  win32-aio: Fix memory leak
  win32-aio: Fix vectored reads
  aio: Fix return value of aio_poll()
  ide: Remove wrong assertion
  block: fix null-pointer bug on error case in block commit
2013-01-20 11:01:10 -06:00
Stefan Weil
c1db29199e usb: Fix compilation for MinGW (regression)
84f2d0ea added an argument to function usb_host_info.
The stub function must match the declaration in usb.h.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-19 10:30:02 +00:00
Markus Armbruster
0e7a759293 vl: Use size_t for sizes in get_boot_devices_list()
Code mixes uint32_t, int and size_t.  Very unlikely to go wrong in
practice, but clean it up anyway.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-19 10:22:48 +00:00
Markus Armbruster
089da572b9 fw_cfg: Use void *, size_t instead of uint8_t *, uint32_t for blobs
Many callers pass size_t, which gets silently truncated to uint32_t.
Harmless, because all practical sizes are well below 4GiB.  Clean it
up anyway.  Size overflow now fails assertions.

Bonus: saves a whole bunch of silly casts.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-19 10:22:44 +00:00
Markus Armbruster
b3dd15529d pc: Clean up bochs_bios_init()'s (non-)use of sizeof
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-19 10:22:43 +00:00
Markus Armbruster
0e0d2d6295 sun4: Fix unchecked strdup() by switching to fw_cfg_add_string()
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-19 10:22:42 +00:00
Markus Armbruster
96f8058629 pc: Fix unchecked strdup() by switching to fw_cfg_add_string()
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-19 10:22:41 +00:00
Markus Armbruster
44687f7543 fw_cfg: New fw_cfg_add_string()
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-19 10:22:41 +00:00
Markus Armbruster
4cad3867b6 fw_cfg: Dumb down fw_cfg_add_*() not to return success / failure
No caller is checking the value, so all errors get ignored, usually
silently.  assert() instead.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-19 10:22:40 +00:00
Markus Armbruster
f6e3534327 fw_cfg: Replace debug prints by tracepoints
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-19 10:22:39 +00:00
Blue Swirl
75f0585f17 Merge branch 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf
* 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf:
  PPC: KVM: Add support for EPR with KVM
  openpic: export e500 epr enable into a ppc.c function
  Update Linux kernel headers
  PPC: e500: Change in-memory order of load blobs
  PPC: Provide zero SVR for -cpu e500mc and e5500
  PPC: E500: Calculate loading blob offsets properly
  openpic: set mixed mode as supported
  openpic: unify gcr mode mask updates
  openpic: move gcr write into a function
2013-01-19 09:56:41 +00:00
Cornelia Huck
28e942f86d s390: Add a hypercall registration interface.
Allow virtio machines to register for different diag500 function
codes and convert s390-virtio to use it.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-18 19:07:47 +01:00
Viktor Mihajlovski
904e5fd5c2 S390: Enable -cpu help and QMP query-cpu-definitions
This enables qemu -cpu help to return a list of supported CPU models
on s390 and also to query for cpu definitions in the monitor.
Initially only cpu model = host is returned. This needs to be reworked
into a full-fledged CPU model handling later on.
This change is needed to allow libvirt exploiters (like OpenStack)
to specify a CPU model.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
[agraf: fix s390x-linux-user, adjust header locations]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-18 19:07:47 +01:00
Christian Borntraeger
e674a49aae s390: Move IPL code into a separate device
Lets move the code to setup IPL for external kernel
or via the zipl rom into a separate file. This allows to

- define a reboot handler, setting up the PSW appropriately
- enhance the boot code to IPL disks that contain a bootmap that
  was created with zipl under LPAR or z/VM (future patch)
- reuse that code for several machines (e.g. virtio-ccw and virtio-s390)
- allow different machines to provide different defaults

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
[agraf: symbolify initial psw, adjust header file location, fix for QOM]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-18 19:07:47 +01:00
Alexander Graf
5b95b8b9c1 PPC: KVM: Add support for EPR with KVM
This patch links KVM EPR support to the existing TCG support we have now.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-18 19:06:57 +01:00
Alexander Graf
e49798b1bd openpic: export e500 epr enable into a ppc.c function
Enabling and disabling the EPR capability (mpic_proxy) is a system
wide operation. As such, it belongs into the ppc.c file, since that's
where PPC specific machine wide logic happens.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-18 19:06:57 +01:00
Alexander Graf
b8dec1443e PPC: e500: Change in-memory order of load blobs
Today, we load

  <kernel> <initrd> <dtb>

into memory in that order. However, Linux has a bug where it can only
handle the dtb if it's within the first 64MB of where <kernel> starts.

So instead, let's change the order to

  <kernel> <dtb> <initrd>

making Linux happy.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-18 19:06:57 +01:00
Alexander Graf
528e536ea2 PPC: E500: Calculate loading blob offsets properly
We have 3 blobs we need to load when booting the system:

  - kernel
  - initrd
  - dtb

We place them in physical memory in that order. At least we should.
This patch fixes the location calculation up to take any module into
account, fixing the dtb offset along the way.

Reported-by: Stuart Yoder <stuart.yoder@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-18 19:06:57 +01:00
Alexander Graf
86e56a885a openpic: set mixed mode as supported
The Raven MPIC implementation supports the "Mixed" mode to work with
an i8259. While we don't implement mixed mode, we should mark it as
a supported mode in the mode bitmap.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-18 19:06:56 +01:00
Alexander Graf
1ac3d71302 openpic: unify gcr mode mask updates
The mode mask already masks out bits we don't care about, so the
actual handling code can stay intact regardless.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-18 19:06:56 +01:00
Alexander Graf
7f11573b9f openpic: move gcr write into a function
The GCR register contains too much functionality to be covered inside
of the register switch statement. Move it out into a separate function.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-18 19:06:56 +01:00
Stefan Hajnoczi
cf139388ad dataplane: support viostor virtio-pci status bit setting
The viostor virtio-blk driver for Windows does not use the
VIRTIO_CONFIG_S_DRIVER bit.  It only sets the VIRTIO_CONFIG_S_DRIVER_OK
bit.

The viostor driver refreshes the virtio-pci status byte sometimes while
the guest is running.  We misinterpret 0x4 (VIRTIO_CONFIG_S_DRIVER_OK)
as an indication that virtio-blk-data-plane should be stopped since 0x2
(VIRTIO_CONFIG_S_DRIVER) is missing.  The result is that the device
becomes unresponsive.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-18 16:59:20 +01:00
Stefan Hajnoczi
cd7fdfe59f dataplane: avoid reentrancy during virtio_blk_data_plane_stop()
When dataplane is stopping, the s->vdev->binding->set_host_notifier(...,
false) call can invoke the virtqueue handler if an ioeventfd
notification is pending.  This causes hw/virtio-blk.c to invoke
virtio_blk_data_plane_start() before virtio_blk_data_plane_stop()
returns!

The result is that we try to restart dataplane while trying to stop it
and the following assertion is raised:

  msix_set_mask_notifier: Assertion `!dev->msix_mask_notifier' failed.

Although the code was intended to prevent this scenario, the s->started
boolean isn't enough.  Add s->stopping so that we can postpone clearing
s->started until we've completely stopped dataplane.

This way, virtqueue handler calls during virtio_blk_data_plane_stop()
are ignored.  When dataplane is legitimately started again later we
already self-kick ourselves to resume processing.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-18 16:57:59 +01:00
Anthony Liguori
ddc01bf16e Merge remote-tracking branch 'luiz/queue/qmp' into staging
# By Wenchao Xia
# Via Luiz Capitulino
* luiz/queue/qmp:
  HMP: add sub command table to info
  HMP: move define of mon_cmds
  HMP: add infrastructure for sub command
  HMP: delete info handler
  HMP: add QDict to info callback handler
2013-01-17 13:09:57 -06:00
Michael S. Tsirkin
e387f99ebc virtio-pci: fix irqfd cleanup argument order
Order of arguments of kvm_virtio_pci_irqfd_release
got mixed up in all calls.
As a result users see assertions during cleanup.

Reported-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Tested-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-17 09:45:52 -06:00
Andreas Färber
782beb5239 qom: Extend documentation on QOM method concepts
Add a documentation section "Methods" and discuss among others how to
handle overriding virtual methods.

Clarify DeviceClass::realize documentation and refer to the above.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-17 07:33:16 -06:00
Wenchao Xia
84f2d0ea0f HMP: add QDict to info callback handler
This patch change all info call back function to take
additional QDict * parameter, which allow those command
take parameter. Now it is set to NULL at default case.

Signed-off-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2013-01-17 10:24:52 -02:00
Kevin Wolf
6bf3ee07ff ide: Remove wrong assertion
The Bus Master IDE Active bit (BM_STATUS_DMAING) is not only set when
the request is still in flight, but also when it has completed and the
size of the physical memory regions in the PRDT was larger than the
transfer size.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-17 10:51:11 +01:00
Andreas Färber
eb60d1c552 tmp105: Add temperature QOM property
This obsoletes tmp105_set() and allows for better error handling.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-16 12:14:20 -06:00
Andreas Färber
2aad80eeb7 tmp105: QOM'ify
Introduce TYPE_ constant and cast macro.
Move the state struct to the new header to allow for future embedding.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-16 12:14:20 -06:00
Andreas Färber
cb5ef3fa18 tmp105: Fix I2C protocol bug
An early length postincrement in the TMP105's I2C TX path led to
transfers of more than one byte to place the second byte in the third
byte's place within the buffer and the third byte to get discarded.

Fix this by explictly incrementing the length after the checks but
before the callback is called, which again checks the length.

Adjust the Coding Style while at it.

Signed-off-by: Alex Horn <alex.horn@cs.ox.ac.uk>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-16 12:14:20 -06:00
Andreas Färber
6d0b430176 tmp105: Split out I2C message constants from header
Allows value sharing with qtest.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-16 12:14:20 -06:00
Markus Armbruster
a1cbfd554e usb-storage: Drop useless null test in usb_msd_handle_data()
scsi_req_new() never returns null, and scsi_req_enqueue() dereferences
the pointer, so checking for null is useless.

Spotted by Coverity.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-16 12:03:15 -06:00
Stefan Weil
4ecf8aa5a0 pseries: Replace non-portable asprintf by g_strdup_printf
g_strdup_printf already handles OOM errors, so some error handling in
QEMU code can be removed.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-16 12:02:30 -06:00
Knut Omang
b8e76b35d4 Add new DEFAULT_MACHINE_OPTIONS to q35 and ppc405
Without this default q35/ppc405 based machines would no longer boot
after commit e4ada29e90

Signed-off-by: Knut Omang <knut.omang@oracle.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-16 11:49:05 -06:00
Andreas Färber
249d41720b qdev: Prepare "realized" property
Introduce the QOM realizefn suggested by Anthony.
Detailed documentation is supplied in the qdev header.

For now this implements a default DeviceClass::realize callback that
just wraps DeviceClass::init, which it deprecates.
Once all devices have been converted to DeviceClass::realize,
DeviceClass::init is to be removed.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Anthony Liguori <anthony@codemonkey.ws>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-15 18:27:00 -06:00
Andreas Färber
7983c8a335 qdev: Fold state enum into bool realized
Whether the device was initialized or not is QOM-level information and
currently unused. Drop it from device. This leaves the boolean state of
whether or not DeviceClass::init was called or not, a.k.a. "realized".

Suggested-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-15 18:26:30 -06:00
Avik Sil
2c9ee0291f pseries: set no default boot order
This patch removes the default boot order for pseries machine. This allows
the machine to handle a NULL boot order in case no -boot option is provided.
Thus it helps SLOF firmware to verify if boot order is specified in command
line or not. If no boot order is provided SLOF tries to boot from the
device set in the nvram.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Avik Sil <aviksil@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-15 18:26:18 -06:00
Avik Sil
e4ada29e90 Make default boot order machine specific
This patch makes default boot order machine specific instead of
set globally. The default boot order can be set per machine in
QEMUMachine boot_order. This also allows a machine to receive a
NULL boot order when -boot isn't used and take an appropriate action
accordingly. This helps machine boots from the devices as set in
guest's non-volatile memory location in case no boot order is
provided by the user.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avik Sil <aviksil@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-15 18:26:18 -06:00
Anthony Liguori
8ec12ec734 Merge remote-tracking branch 'afaerber/memory-ioport' into staging
* afaerber/memory-ioport:
  acpi_piix4: Do not use old_portio-style callbacks
  xen_platform: Do not use old_portio-style callbacks
  hw/dma.c: Fix conversion of ioport_register* to MemoryRegion

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-15 16:54:41 -06:00
Anthony Liguori
b9f84ac0fa Merge remote-tracking branch 'stefanha/block' into staging
* stefanha/block:
  block: Fix how mirror_run() frees its buffer
  win32-aio: Fix how win32_aio_process_completion() frees buffer
  scsi-disk: qemu_vfree(NULL) is fine, simplify
  w32: Make qemu_vfree() accept NULL like the POSIX implementation
  sheepdog: clean up sd_aio_setup()
  sheepdog: multiplex the rw FD to flush cache
  block: clear dirty bitmap when discarding
  ide: issue discard asynchronously but serialize the pieces
  ide: fix TRIM with empty range entry
  block: make discard asynchronous
  raw: support discard on block devices
  raw-posix: remember whether discard failed
  raw-posix: support discard on more filesystems
  block: fix initialization in bdrv_io_limits_enable()
  qcow2: Fix segfault on zero-length write

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-15 16:52:56 -06:00
Anthony Liguori
c94bf1c107 Merge remote-tracking branch 'afaerber/qom-cpu' into staging
* afaerber/qom-cpu:
  target-i386: Use switch in check_hw_breakpoints()
  target-i386: Avoid goto in hw_breakpoint_insert()
  target-i386: Introduce hw_{local,global}_breakpoint_enabled()
  target-i386: Define DR7 bit field constants
  target-i386: Move kvm_check_features_against_host() check to realize time
  target-i386: cpu_x86_register() consolidate freeing resources
  target-i386: Move setting defaults out of cpu_x86_parse_featurestr()
  target-i386: check/enforce: Check all feature words
  target-i386/cpu.c: Add feature name array for ext4_features
  target-i386: kvm_check_features_against_host(): Use feature_word_info
  target-i386/cpu: Introduce FeatureWord typedefs
  target-i386: Disable kvm_mmu by default
  kvm: Add fake KVM constants to avoid #ifdefs on KVM-specific code
  exec: Return CPUState from qemu_get_cpu()
  xen: Simplify halting of first CPU
  kvm: Pass CPUState to kvm_init_vcpu()
  cpu: Move cpu_index field to CPUState
  cpu: Move numa_node field to CPUState
  target-mips: Clean up mips_cpu_map_tc() documentation
  cpu: Move nr_{cores,threads} fields to CPUState

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-15 16:52:39 -06:00
Anthony Liguori
bdb8872cc1 Merge remote-tracking branch 'afaerber-or/prep-up' into staging
* afaerber-or/prep-up:
  pc87312: Avoid define conflict on mingw32
  pc87312: Replace register_ioport_*() with MemoryRegion

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-15 16:52:10 -06:00
Anthony Liguori
5e72179b8f Merge remote-tracking branch 'sstabellini/xen-2013-01-14' into staging
* sstabellini/xen-2013-01-14:
  xen_disk: implement BLKIF_OP_FLUSH_DISKCACHE, remove BLKIF_OP_WRITE_BARRIER
  xen_disk: add persistent grant support to xen_disk backend
  xen_disk: fix memory leak

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-15 16:49:18 -06:00
Hervé Poussineau
c3a29809e4 acpi_piix4: Do not use old_portio-style callbacks
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
[AF: Used HWADDR_PRIx for hwaddr PIIX4_DPRINTF()]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-15 19:45:45 +01:00
Hervé Poussineau
7a652efa1b xen_platform: Do not use old_portio-style callbacks
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-15 19:45:45 +01:00
Julien Grall
ecd584b836 hw/dma.c: Fix conversion of ioport_register* to MemoryRegion
The commit 5822993368 introduced a 1-shift for
some offset in DMA emulation.

Before the previous commit, which converted ioport_register_* to
MemoryRegion, the DMA controller registered 8 ioports with the following
formula:
base + ((8 + i) << d->shift) where 0 <= i < 8
When an IO occured within a Memory Region, DMA callback receives an
offset relative to the start address. Here the start address is:
base + (8 << d->shift).
The offset should be: (i << d->shift). After the shift is reverted, the
offsets are 0..7 not 1..8.

Fixes LP#1089996.

Reported-by: Andreas Gustafsson <gson@gson.org>
Signed-off-by: Julien Grall <julien.grall@citrix.com>
Tested-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-15 19:45:25 +01:00
Markus Armbruster
db4c34c3df scsi-disk: qemu_vfree(NULL) is fine, simplify
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-15 16:47:28 +01:00
Paolo Bonzini
501378c3af ide: issue discard asynchronously but serialize the pieces
Now that discard can take a long time, make it asynchronous.
Each LBA range entry is processed separately because discard
can be an expensive operation.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-15 10:03:48 +01:00
Paolo Bonzini
80bc2e8d80 ide: fix TRIM with empty range entry
ATA-ACS-3 says "If the two byte range length is zero, then the LBA
Range Entry shall be discarded as padding."  iovecs are used as if
they are linearized, so it is incorrect to discard the rest of
this iovec.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-15 10:03:48 +01:00
Andreas Färber
38d8f5c84e exec: Return CPUState from qemu_get_cpu()
Move the declaration to qemu/cpu.h and add documentation.
The implementation still depends on CPUArchState for CPU iteration.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-15 04:09:14 +01:00
Andreas Färber
55e5c28502 cpu: Move cpu_index field to CPUState
Note that target-alpha accesses this field from TCG, now using a
negative offset. Therefore the field is placed last in CPUState.

Pass PowerPCCPU to [kvm]ppc_fixup_cpu() to facilitate this change.

Move common parts of mips cpu_state_reset() to mips_cpu_reset().

Acked-by: Richard Henderson <rth@twiddle.net> (for alpha)
[AF: Rebased onto ppc CPU subclasses and openpic changes]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-15 04:09:13 +01:00
Andreas Färber
1b1ed8dc40 cpu: Move numa_node field to CPUState
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-15 04:09:13 +01:00
Andreas Färber
ce3960ebe5 cpu: Move nr_{cores,threads} fields to CPUState
To facilitate the field movements, pass MIPSCPU to malta_mips_config();
avoid that for mips_cpu_map_tc() since callers only access MIPS Thread
Contexts, inside TCG helpers.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-15 04:09:13 +01:00
Blue Swirl
08bb4a7c9b pc87312: Avoid define conflict on mingw32
Mingw32 headers define FAR, causing this warning:
/src/qemu/hw/pc87312.c:38:0: warning: "FAR" redefined [enabled by default]
In file included from /usr/local/lib/gcc/i686-mingw32msvc/4.7.0/../../../../i686-mingw32msvc/include/windows.h:48:0,
                 from /src/qemu/include/sysemu/os-win32.h:29,
                 from /src/qemu/include/qemu-common.h:46,
                 from /src/qemu/include/exec/ioport.h:27,
                 from /src/qemu/hw/isa.h:6,
                 from /src/qemu/hw/pc87312.h:28,
                 from /src/qemu/hw/pc87312.c:26:
/usr/local/lib/gcc/i686-mingw32msvc/4.7.0/../../../../i686-mingw32msvc/include/windef.h:34:0: note: this is the location of the previous definition

Avoid the warning by expanding the macros.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Acked-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2013-01-15 03:32:37 +01:00
Andreas Färber
328c24a97b pc87312: Replace register_ioport_*() with MemoryRegion
Prepare an instance_init function for the MemoryRegion init.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Tested-by: Hervé Poussineau <hpoussin@reactos.org>
2013-01-15 03:32:37 +01:00
KONRAD Frederic
cf7c3f0cb5 virtio-9p: fix compilation error.
Fix the compilation error introduced by msg new field.

CC    hw/9pfs/virtio-9p.o
In file included from /home/konradf/Documents/safe/greensocs/virtio-project/x86-qemu/qemu/hw/9pfs/virtio-9p.c:17:0:
/home/konradf/Documents/safe/greensocs/virtio-project/x86-qemu/qemu/hw/virtio-pci.h:30:16: erreur: field ‘msg’ has incomplete type
make: *** [hw/9pfs/virtio-9p.o] Erreur 1

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
2013-01-14 18:52:39 -06:00
Michael Roth
b8bec49ccc dataplane: fix build breakage on set_guest_notifiers()
virtio_pci_set_guest_notifiers() now takes an additional argument to
specify the number of virtqueues to assign a guest notifier for. This
causes a build breakage for CONFIG_VIRTIO_BLK_DATA_PLANE builds:

/home/mdroth/w/qemu2.git/hw/dataplane/virtio-blk.c: In function
‘virtio_blk_data_plane_start’:
/home/mdroth/w/qemu2.git/hw/dataplane/virtio-blk.c:451:47: error: too
few arguments to function ‘s->vdev->binding->set_guest_notifiers’
/home/mdroth/w/qemu2.git/hw/dataplane/virtio-blk.c: In function
‘virtio_blk_data_plane_stop’:
/home/mdroth/w/qemu2.git/hw/dataplane/virtio-blk.c:511:5: error: too few
arguments to function ‘s->vdev->binding->set_guest_notifiers’
make[1]: *** [hw/dataplane/virtio-blk.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make: *** [subdir-x86_64-softmmu] Error 2

Fix this by passing 1 as the number of virtqueues to assign notifiers
for.

Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-14 13:36:12 -06:00
Michael Roth
53510bfc12 virtio-pci: build for uninitialized return value in vq_vector_unmask
Fixes the following:

/home/mdroth/w/qemu2.git/hw/virtio-pci.c: In function
‘kvm_virtio_pci_vector_unmask’:
/home/mdroth/w/qemu2.git/hw/virtio-pci.c:673:12: error: ‘ret’ may be
used uninitialized in this function [-Werror=uninitialized]
cc1: all warnings being treated as errors
make: *** [hw/virtio-pci.o] Error 1
make: *** Waiting for unfinished jobs....

Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-14 13:36:12 -06:00
Alberto Garcia
be657dea4b Add GE IP-Octal 232 IndustryPack emulation
The GE IP-Octal 232 is an IndustryPack module that implements eight
RS-232 serial ports, each one of which can be redirected to a
character device in the host.

Signed-off-by: Alberto Garcia <agarcia@igalia.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-14 13:26:12 -06:00
Alberto Garcia
9c16fa79bf Add TEWS TPCI200 IndustryPack emulation
The TPCI200 is a PCI board that supports up to 4 IndustryPack modules.

A new bus type called 'IndustryPack' has been created so any
compatible module can be attached to this board.

Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alberto Garcia <agarcia@igalia.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-14 13:26:12 -06:00
Stefano Stabellini
7e7b7cba16 xen_disk: implement BLKIF_OP_FLUSH_DISKCACHE, remove BLKIF_OP_WRITE_BARRIER
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2013-01-14 18:30:30 +00:00
Roger Pau Monne
9e496d7458 xen_disk: add persistent grant support to xen_disk backend
This protocol extension reuses the same set of grant pages for all
transactions between the front/back drivers, avoiding expensive tlb
flushes, grant table lock contention and switches between userspace
and kernel space. The full description of the protocol can be found in
the public blkif.h header.

http://xenbits.xen.org/gitweb/?p=xen.git;a=blob_plain;f=xen/include/public/io/blkif.h

Speed improvement with 15 guests performing I/O is ~450%.

Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2013-01-14 18:28:19 +00:00
Roger Pau Monne
282c6a2f29 xen_disk: fix memory leak
On ioreq_release the full ioreq was memset to 0, loosing all the data
and memory allocations inside the QEMUIOVector, which leads to a
memory leak. Create a new function to specifically reset ioreq.

Reported-by: Maik Wessler <maik.wessler@yahoo.com>
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2013-01-14 18:26:53 +00:00
Anthony Liguori
b55160c3d9 Merge remote-tracking branch 'kraxel/usb.76' into staging
* kraxel/usb.76:
  usb-host: Initialize dev->port the obviously safe way
  usb-host: Drop superfluous null test from usb_host_auto_scan()
  ehci: Assert state machine is sane w.r.t. EHCIQueue
  xhci: nuke transfe5rs on detach
  xhci: call xhci_detach_slot on root port detach too
  xhci: create xhci_detach_slot helper function

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-14 10:27:29 -06:00
Anthony Liguori
167eb811d0 Merge remote-tracking branch 'spice/spice.v67' into staging
* spice/spice.v67:
  qxl: Don't drop client capability bits
  qxl: Fix SPICE_RING_PROD_ITEM(), SPICE_RING_CONS_ITEM() sanity check

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-14 10:27:08 -06:00
Anthony Liguori
a69f221ef8 Merge remote-tracking branch 'kraxel/testdev.2' into staging
* kraxel/testdev.2:
  pc-testdev: use typedefs

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-14 10:26:57 -06:00
Anthony Liguori
da758bd7a3 Merge remote-tracking branch 'kwolf/for-anthony' into staging
* kwolf/for-anthony:
  dataplane: handle misaligned virtio-blk requests
  dataplane: extract virtio-blk read/write processing into do_rdwr_cmd()
  block: make qiov_is_aligned() public
  raw-posix: fix bdrv_aio_ioctl
  sheepdog: implement direct write semantics
  block: do not probe zero-sized disks

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-14 10:26:26 -06:00
Anthony Liguori
8e9a8681dd pci,virtio
This further optimizes MSIX handling in virtio-pci.
 Also included is pci cleanup by Paolo, and pci device
 assignment fix by Alex.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQEcBAABAgAGBQJQ7ZaiAAoJECgfDbjSjVRpFhcIAJkY4VQ3i7TLnLsnEDOR+FrP
 66YLEDwCSiKZ/UW7WERGN3p3tm0hAXLhPoHFqMGRPPV9pdcXI+Eb8v+u0IHVlt+7
 DsQ9TIemZkpSMuUJjQbu/RF8k9JV8+X7M6CKnWahq68p0UD/vDX+OgCiGKO/l/zY
 tENJhwD6M1MMzbxyzd4nCnkf3CPrHFvpPt2VAqQnkCw3wLAtR34SucBjr/dXcjuT
 arPiV8dNmXHTosdKvcodAWA+0YLLE7Bhz0nLK6eTt5L/UsfdbRN8q9Xdhd5nJjji
 DjKBJBfwdG5n3r96g7dlb/XdHuQjbFBq3uLmc8H2OdWOrk5PyqeoUA5fdBQxkb8=
 =vKSI
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mst/tags/for_anthony' into staging

pci,virtio

This further optimizes MSIX handling in virtio-pci.
Also included is pci cleanup by Paolo, and pci device
assignment fix by Alex.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

* mst/tags/for_anthony:
  pci-assign: Enable MSIX on device to match guest
  pci: use constants for devices under the 1B36 device ID, document them
  ivshmem: use symbolic constant for PCI ID, add to pci-ids.txt
  virtio-9p: use symbolic constant, add to pci-ids.txt
  reorganize pci-ids.txt
  docs: move pci-ids.txt to docs/specs/
  vhost: backend masking support
  vhost: set started flag while start is in progress
  virtio-net: set/clear vhost_started in reverse order
  virtio: backend virtqueue notifier masking
  virtio-pci: cache msix messages
  kvm: add stub for update msi route
  msix: add api to access msix message
  virtio: don't waste irqfds on control vqs
2013-01-14 10:23:50 -06:00
Markus Armbruster
0360784754 usb-host: Initialize dev->port the obviously safe way
Coverity worries the strcpy() could overrun the destination.  It
can't, because the source always points to usb_host_scan()'s auto
port[], which has the same size.  Use pstrcpy() anyway, to hush the
checker.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-14 12:47:11 +01:00
Markus Armbruster
4663530898 usb-host: Drop superfluous null test from usb_host_auto_scan()
Coverity points out that port is later passed to usb_host_open(),
which dereferences it.  It actually can't be null: it always points to
usb_host_scan()'s auto port[].  Drop the superfluous port == NULL
test.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-14 12:47:11 +01:00
Markus Armbruster
cc8d2b65c7 ehci: Assert state machine is sane w.r.t. EHCIQueue
Coverity worries the EHCIQueue pointer could be null when we pass it
to functions that reference it.  The state machine ensures it can't be
null then.  Assert that, to hush the checker.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-14 12:47:11 +01:00
Stefan Hajnoczi
de0161c0d5 dataplane: handle misaligned virtio-blk requests
O_DIRECT on Linux has alignment requirements on I/O buffers and
misaligned requests result in -EINVAL.  The Linux virtio_blk guest
driver usually submits aligned requests so I forgot to handle misaligned
requests.

It turns out that virtio-win guest drivers submit misaligned requests.
Handle them using a bounce buffer that meets alignment requirements.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-01-14 10:06:57 +01:00
Stefan Hajnoczi
b5ef1aab94 dataplane: extract virtio-blk read/write processing into do_rdwr_cmd()
Extract code for read/write command processing into do_rdwr_cmd().  This
brings together pieces that are spread across process_request().

The real motivation is to set the stage for handling misaligned
requests, which the next patch tackles.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-01-14 10:06:57 +01:00
Gerd Hoffmann
0cb41e2c5e xhci: nuke transfe5rs on detach
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-14 08:59:40 +01:00
Gerd Hoffmann
f3dcf6384c xhci: call xhci_detach_slot on root port detach too
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-14 08:59:40 +01:00
Gerd Hoffmann
8125184178 xhci: create xhci_detach_slot helper function
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-14 08:59:40 +01:00
Gerd Hoffmann
00e4d0dbad pc-testdev: use typedefs
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-14 08:59:39 +01:00
Markus Armbruster
08688af04d qxl: Don't drop client capability bits
interface_set_client_capabilities() copies only the first few bits,
because it falls into a Classic C trap: you can declare a parameter
uint8_t caps[58], but the resulting parameter type is uint8_t *, not
uint8_t[58].  In particular, sizeof(caps) is sizeof(uint8_t *), not
the intended sizeof(uint8_t[58]).

Harmless, because the bits aren't used, yet.  Broken in commit
c10018d6.  Spotted by Coverity.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-14 08:59:38 +01:00
Markus Armbruster
bc5f92e5db qxl: Fix SPICE_RING_PROD_ITEM(), SPICE_RING_CONS_ITEM() sanity check
The pointer arithmetic there is safe, but ugly.  Coverity grouses
about it.  However, the actual comparison is off by one: <= end
instead of < end.  Fix by rewriting the check in a cleaner way.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-14 08:59:38 +01:00
Paolo Bonzini
9444e9e640 build: consolidate multiple variables into universal-obj-y
The directory descent mechanism, and a less-flat tree both helped
in making some *-obj-y definitions very short.  Many of these
often end up in universal-obj-y, and used to be separate only
because of libuser (which is now part of history...).

Consolidate these variables in a single one.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-01-12 18:42:50 +01:00
Paolo Bonzini
afd347ab38 build: remove CONFIG_SMARTCARD
The passthru smartcard does not have the shared library dependency, build
it unconditionally.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-01-12 17:19:38 +01:00
Paolo Bonzini
4d4545743f qemu-option: move standard option definitions out of qemu-config.c
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-01-12 17:17:53 +01:00
Blue Swirl
02e079c79c Merge branch 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf
* 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf: (31 commits)
  PPC: linux-user: Calculate context pointer explicitly
  target-ppc: Error out for -cpu host on unknown PVR
  target-ppc: Slim conversion of model definitions to QOM subclasses
  PPC: Bring EPR support closer to reality
  PPC: KVM: set has-idle in guest device tree
  kvm: Update kernel headers
  openpic: fix CTPR and de-assertion of interrupts
  openpic: move IACK to its own function
  openpic: IRQ_check: search the queue a word at a time
  openpic: fix sense and priority bits
  openpic: add some bounds checking for IRQ numbers
  openpic: use standard bitmap operations
  Revert "openpic: Accelerate pending irq search"
  openpic: always call IRQ_check from IRQ_get_next
  openpic/fsl: critical interrupts ignore mask before v4.1
  openpic: make ctpr signed
  openpic: rework critical interrupt support
  openpic: make register names correspond better with hw docs
  ppc/booke: fix crit/mcheck/debug exceptions
  openpic: lower interrupt when reading the MSI register
  ...
2013-01-12 12:47:02 +00:00
Julien Grall
a6fc23e5dc hw/pc.c: add ULL suffix in ioport80_read and ioportF0_read return value
The commit c02e1eac88 broke the compilation
for i386. ULL need to be specify for uint64_t value.

Signed-off-by: Julien Grall <julien.grall@citrix.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-12 12:46:36 +00:00
Anthony Liguori
fedf2de310 Merge remote-tracking branch 'stefanha/trivial-patches' into staging
* stefanha/trivial-patches:
  hw/pc.c: Fix converting of ioport_register* to MemoryRegion
  Replace remaining gmtime, localtime by gmtime_r, localtime_r
  savevm: Remove MinGW specific code which is no longer needed
  qga/channel-posix.c: Explicitly include string.h
  configure: Fix comment (copy+paste bug)
  readline: avoid memcpy() of overlapping regions

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-11 08:43:18 -06:00
Anthony Liguori
e2848a78b0 Merge remote-tracking branch 'kraxel/q35.1' into staging
* kraxel/q35.1:
  Makefile: install the "acpi-dsdt.aml" and "q35-acpi-dsdt.aml" blobs too
  pc: rename machine types
  q35: document chipset devices
  q35: add ich9 intel hda controller

Conflicts:
	hw/intel-hda.c

aliguori: resolve conflict with static const change from Andreas.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-11 08:43:08 -06:00
Anthony Liguori
80ec243286 Merge remote-tracking branch 'afaerber-or/prep-up' into staging
* afaerber-or/prep-up:
  prep: Use pc87312 device instead of collection of random ISA devices
  prep: Add pc87312 Super I/O emulation
  prep: Include devices for ppc64 as well

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-11 08:23:16 -06:00
Julien Grall
c02e1eac88 hw/pc.c: Fix converting of ioport_register* to MemoryRegion
The commit 258711 introduced MemoryRegion to replace ioport_region*
for ioport 80h and F0h.
A MemoryRegion needs to have both read and write callback otherwise a segfault
will occur when an access is made.

The previous behaviour of this both ioport is to return 0xffffffffffffffff.
So keep this behaviour.

Reported-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Signed-off-by: Julien Grall <julien.grall@citrix.com>
Tested-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-11 09:49:44 +01:00
Stefan Weil
eb7ff6fb0b Replace remaining gmtime, localtime by gmtime_r, localtime_r
This allows removing of MinGW specific code and improves
reentrancy for POSIX hosts.

[Removed unused ret variable in qemu_get_timedate() to fix warning:
vl.c: In function ‘qemu_get_timedate’:
vl.c:451:16: error: variable ‘ret’ set but not used [-Werror=unused-but-set-variable]
-- Stefan Hajnoczi]

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-11 09:44:37 +01:00
Gerd Hoffmann
94dec5948a pc: rename machine types
Starting with release 1.4 we have a fully functional q35 machine type,
i.e. "qemu -M q35" JustWorks[tm].  Update machine type names to reflect
that:

  * pc-1.4 becomes pc-i440fx-1.4
  * q35-next becomes pc-q35-1.4

The pc-1.3 (+older) names are maintained for compatibility reasons.
For the same reason the "pc" and "q35" aliases are kept.  pc-piix-1.4
continues to be the default machine type, again for compatibility
reasons.

Also updated the description (shown by "qemu -M ?") with host bridge
name, south bridge name and chipset release year.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-11 08:30:24 +01:00
Gerd Hoffmann
8b07eaa110 q35: add ich9 intel hda controller
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-11 08:30:24 +01:00
Paolo Bonzini
47a150a4bb virtio-scsi: abort in-flight I/O when the device is reset
When the device is reset, the SCSI bus should also be reset so
that in-flight I/O is cancelled.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-10 15:22:42 -06:00
Paolo Bonzini
d0508c3664 qdev: add qbus_reset_all
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-10 15:22:42 -06:00
Andreas Färber
8c43a6f05d Make all static TypeInfos const
Since 39bffca203 (qdev: register all
types natively through QEMU Object Model), TypeInfo as used in
the common, non-iterative pattern is no longer amended with information
and should therefore be const.

Fix the documented QOM examples:

 sed -i 's/static TypeInfo/static const TypeInfo/g' include/qom/object.h

Since frequently the wrong examples are being copied by contributors of
new devices, fix all types in the tree:

 sed -i 's/^static TypeInfo/static const TypeInfo/g' */*.c
 sed -i 's/^static TypeInfo/static const TypeInfo/g' */*/*.c

This also avoids to piggy-back these changes onto real functional
changes or other refactorings.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-10 15:11:53 -06:00
Andreas Färber
63e3555e80 Merge branch 'master' of git://git.qemu.org/qemu into prep-up
Conflicts:
	hw/Makefile.objs
	hw/ppc_prep.c

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2013-01-10 21:52:28 +01:00
Anthony Liguori
8757c09f15 vfio-pci: Fixes for qemu 1.4 & stable
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQIcBAABAgAGBQJQ7cBkAAoJECObm247sIsi87cQAKYrlEhGRd6sIh0Yxq0Knhjf
 e2Kl2dzW6AH95Xzjm5P1ESXS/7rB7Gn6cN6YZqPa09S8+h5778/ZR1rznb6k4rI0
 Wh/zA5uR+b3vAuMLwV5POX5/K7sPwH2iDc8EhC4lTVtkQg1nQazoWTjgISrl1W21
 4fp7+H1nRmywnHseI0GXLWu1/8cXY/Bjc89vPDPhukRfaxldoBWOB/0jfk/MKfSh
 GwOQ71qV9hH/smHd1Ur/V9n7sxx8QNqw8y7gI5bLc9f7GRSdq1qVO9Ef9FpVeyx3
 YopLFlrVYHMHmxHoWT1WAuK4av0gfLsr8cmd7dDnETooCyWVpnw8TH2/Ob6aA7Zg
 bxSaIwlsQwyht68wxAXs25Ev78qaIVZc8u5lDeQH/xg+QGDx7tJzgWmX8KZ4CtIG
 SYXnvb0T7PsCcT0kiK60ZfmCLnqXk9Aesy28kynK++dF4LitKEgNQcSru6FaaLFh
 yBEJKddOCItmn20e+/tMTOHefqKR+XTQyi32dDuJMteZ2sdQY9Y0Xh8wZz6y07Xq
 65/3kVoAF7+c40n/zUgoZGpV31i4Y1YPzJO9Iln1ebXfvVC1+qZHkgnZFPxi0IIk
 kAR/9oPwffdsa3SMr84Gi552+LLoqJQNFuiBuWyZ3jAI+s8LZCgVhZQ/1e2ycXV4
 jwlkmZcVAqbXO65fNyo7
 =CHTk
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'awilliam/tags/qemu-1.4-vfio-20130109.0' into staging

vfio-pci: Fixes for qemu 1.4 & stable

* awilliam/tags/qemu-1.4-vfio-20130109.0:
  vfio-pci: Loosen sanity checks to allow future features
  vfio-pci: Make host MSI-X enable track guest

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-10 13:26:12 -06:00
Alex Williamson
feb9a2ab4b pci-assign: Enable MSIX on device to match guest
When a guest enables MSIX on a device we evaluate the MSIX vector
table, typically find no unmasked vectors and don't switch the device
to MSIX mode.  This generally works fine and the device will be
switched once the guest enables and therefore unmasks a vector.
Unfortunately some drivers enable MSIX, then use interfaces to send
commands between VF & PF or PF & firmware that act based on the host
state of the device.  These therefore may break when MSIX is managed
lazily.  This change re-enables the previous test used to enable MSIX
(see qemu-kvm a6b402c9), which basically guesses whether a vector
will be used based on the data field of the vector table.

Cc: qemu-stable@nongnu.org
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-09 12:11:16 +02:00
Paolo Bonzini
5c03a2542f pci: use constants for devices under the 1B36 device ID, document them
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-09 12:10:28 +02:00
Alex Williamson
8fc94e5a80 vfio-pci: Loosen sanity checks to allow future features
VFIO_PCI_NUM_REGIONS and VFIO_PCI_NUM_IRQS should never have been
used in this manner as it locks a specific kernel implementation.
Future features may introduce new regions or interrupt entries
(VGA may add legacy ranges, AER might add an IRQ for error
signalling).  Fix this before it gets us into trouble.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Cc: qemu-stable@nongnu.org
2013-01-08 14:10:03 -07:00
Alex Williamson
b0223e29af vfio-pci: Make host MSI-X enable track guest
Guests typically enable MSI-X with all of the vectors in the MSI-X
vector table masked.  Only when the vector is enabled does the vector
get unmasked, resulting in a vector_use callback.  These two points,
enable and unmask, correspond to pci_enable_msix() and request_irq()
for Linux guests.  Some drivers rely on VF/PF or PF/fw communication
channels that expect the physical state of the device to match the
guest visible state of the device.  They don't appreciate lazily
enabling MSI-X on the physical device.

To solve this, enable MSI-X with a single vector when the MSI-X
capability is enabled and immediate disable the vector.  This leaves
the physical device in exactly the same state between host and guest.
Furthermore, the brief gap where we enable vector 0, it fires into
userspace, not KVM, so the guest doesn't get spurious interrupts.
Ideally we could call VFIO_DEVICE_SET_IRQS with the right parameters
to enable MSI-X with zero vectors, but this will currently return an
error as the Linux MSI-X interfaces do not allow it.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Cc: qemu-stable@nongnu.org
2013-01-08 14:09:03 -07:00
Andreas Färber
5d5b24d042 qdev: Don't assume existence of parent bus on unparenting
Commit 667d22d1ae (qdev: move bus removal
to object_unparent) made the assumption that at unparenting time
parent_bus is not NULL. This assumption is unjustified since
object_unparent() may well be called directly after object_initialize(),
without any qdev_set_parent_bus().

This did not cause any issues yet because qdev_[try_]create() does call
qdev_set_parent_bus(), falling back to SysBus if unsupplied.

While at it, ensure that this new function uses the device_ prefix and
make the name more neutral in light of this semantic change.

Reported-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Tested-by: Igor Mammedov <imammedo@redhat.com>
2013-01-08 21:03:43 +01:00
Eduardo Habkost
507066f8a9 qdev: Include qdev code into *-user, too
The code depends on some functions from qemu-option.o, so add
qemu-option.o to universal-obj-y to make sure it's included.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-08 21:03:43 +01:00
Paolo Bonzini
b8ef62a9b7 ivshmem: use symbolic constant for PCI ID, add to pci-ids.txt
Due to disagreement on a name that is generic enough for hw/pci/pci.h,
the symbolic constants are placed in the .c files.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-08 20:24:34 +02:00
Paolo Bonzini
13744bd0a0 virtio-9p: use symbolic constant, add to pci-ids.txt
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-08 20:24:34 +02:00
Anthony Liguori
560c30b1db Merge remote-tracking branch 'kraxel/usb.75' into staging
* kraxel/usb.75: (32 commits)
  uhci: stop using portio lists
  usbredir: Add support for buffered bulk input (v2)
  exynos4210: Add EHCI support
  usb/ehci: Add SysBus EHCI device for Exynos4210
  usb/ehci: Move capsbase and opregbase into SysBus EHCI class
  usb/ehci: Clean up SysBus and PCI EHCI split
  xhci: call set-address with dummy usbpacket
  usb-redir: Add debugging to bufpq save / restore
  usbredir: Add usbredir_init_endpoints() helper
  usbredir: Verify we have 32 bits bulk length cap when redirecting to xhci
  usbredir: Add ep_stopped USBDevice method
  usbredir: Add USBEP2I and I2USBEP helper macros
  usbredir: Add an usbredir_stop_ep helper function
  usb: Add an usb_device_ep_stopped USBDevice method
  usb: Fix usb_ep_find_packet_by_id
  hid: Change idle handling to use a timer
  uhci: Maximize how many frames we catch up when behind
  uhci: Limit amount of frames processed in one go
  uhci: Add a QH_VALID define
  uhci: Fix pending interrupts getting lost on migration
  ...

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-08 10:36:20 -06:00
Gerd Hoffmann
89eb147c2c uhci: stop using portio lists
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-08 10:56:58 +01:00
Hans de Goede
b2d1fe67d0 usbredir: Add support for buffered bulk input (v2)
Buffered bulk mode is intended for bulk *input* endpoints, where the data is
of a streaming nature (not part of a command-response protocol). These
endpoints' input buffer may overflow if data is not read quickly enough.
So in buffered bulk mode the usb-host takes care of the submitting and
re-submitting of bulk transfers.

Buffered bulk mode is necessary for reliable operation with the bulk in
endpoints of usb to serial convertors. Unfortunatelty buffered bulk input
mode will only work with certain devices, therefor this patch also adds a
usb-id table to enable it for devices which need it, while leaving the
bulk ep handling for other devices unmodified.

Note that the bumping of the required usbredir from 0.5.3 to 0.6 does
not mean that we will now need a newer usbredir release then qemu-1.3,
.pc files reporting 0.5.3 have only ever existed in usbredir builds directly
from git, so qemu-1.3 needs the 0.6 release too.

Changes in v2:
-Split of quirk handling into quirks.c

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
2013-01-08 10:56:58 +01:00
Michael S. Tsirkin
f56a12475f vhost: backend masking support
Support backend guest notifier masking in vhost-net:
create eventfd at device init, when masked,
make vhost use that as eventfd instead of
sending an interrupt.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-07 19:42:23 +02:00
Michael S. Tsirkin
24f4fe345c vhost: set started flag while start is in progress
This makes it possible to use started flag for sanity checking
of callbacks that happen during start/stop.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-07 19:42:23 +02:00
Michael S. Tsirkin
1830b80ff2 virtio-net: set/clear vhost_started in reverse order
As vhost started is cleared last thing on stop,
set it first things on start. This makes it
possible to use vhost_started while start is in
progress which is used by follow-up patches.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-07 19:42:23 +02:00
Michael S. Tsirkin
f1d0f15a6d virtio: backend virtqueue notifier masking
some backends (notably vhost) can mask events
at their source in a way that is more efficient
than masking through kvm.
Specifically
- masking in kvm uses rcu write side so it has high latency
- in kvm on unmask we always send an interrupt
masking at source does not have these issues.

Add such support in virtio.h and use in virtio-pci.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-07 19:42:23 +02:00
Michael S. Tsirkin
774345f981 virtio-pci: cache msix messages
Some guests mask a vector then unmask without changing it.
Store vectors to avoid kvm system calls in this case.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-07 19:42:23 +02:00
Michael S. Tsirkin
4c93bfa9c9 msix: add api to access msix message
Will be used by virtio pci.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-07 19:42:22 +02:00
Michael S. Tsirkin
2d620f593d virtio: don't waste irqfds on control vqs
Pass nvqs to set_guest_notifiers. This makes it possible to
save on irqfds by not allocating one for the control vq
for virtio-net.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2013-01-07 19:42:22 +02:00
Alexander Graf
68c2dd7006 PPC: Bring EPR support closer to reality
We already used to support the external proxy facility of FSL MPICs,
but only implemented it halfway correctly.

This patch adds support for

  * dynamic enablement of the EPR facility
  * interrupt acknowledgement only when the interrupt is delivered

This way the implementation now is closer to real hardware.

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:11 +01:00
Stuart Yoder
1a61a9ae61 PPC: KVM: set has-idle in guest device tree
On e500mc, the platform doesn't provide a way for the CPU to go idle.

To still not uselessly burn CPU time, expose an idle hypercall to the guest
if kvm supports it.

Signed-off-by: Stuart Yoder <stuart.yoder@freescale.com>
[agraf: adjust for current code base, add patch description, fix non-kvm case]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:11 +01:00
Scott Wood
9f1d4b1d69 openpic: fix CTPR and de-assertion of interrupts
Properly implement level-triggered interrupts by withdrawing an
interrupt from the raised queue if the interrupt source de-asserts.
Also withdraw from the raised queue if the interrupt becomes masked.

When CTPR is written, check whether we need to raise or lower the
interrupt output.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:11 +01:00
Scott Wood
a898a8fc96 openpic: move IACK to its own function
Besides making the code cleaner, we will need a separate way to access
IACK in order to implement EPR (external proxy) interrupt delivery.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:11 +01:00
Scott Wood
4417c73305 openpic: IRQ_check: search the queue a word at a time
Search the queue more efficiently by first looking for a non-zero word,
and then using the common bit-searching function to find the bit within
the word.  It would be even nicer if bitops_ffsl() could be hooked up
to the compiler intrinsic so that bit-searching instructions could be
used, but that's another matter.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:11 +01:00
Scott Wood
6c5e84c25f openpic: fix sense and priority bits
Previously, the sense and priority bits were masked off when writing
to IVPR, and all interrupts were treated as edge-triggered (despite
the existence of code for handling level-triggered interrupts).

Polarity is implemented only as storage.  We don't simulate the
bad effects that you'd get on real hardware if you set this incorrectly,
but at least the guest sees the right thing when it reads back the register.

Sense now controls level/edge on FSL external interrupts (and all
interrupts on non-FSL MPIC).  FSL internal interrupts do not have a sense
bit (reads as zero), but are level.  FSL timers and IPIs do not have
sense or polarity bits (read as zero), and are edge-triggered.  To
accommodate FSL internal interrupts, QEMU's internal notion of whether an
interrupt is level-triggered is separated from the IVPR bit.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:10 +01:00
Scott Wood
65b9d0d565 openpic: add some bounds checking for IRQ numbers
The two checks with abort() guard against potential QEMU-internal
problems, but the EOI check stops the guest from causing updates to queue
position -1 and other havoc if it writes EOI with no interrupt in
service.

Signed-off-by: Scott Wood <scottwood@freescale.com>
[agraf: remove hunk in code that didn't get applied yet]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:10 +01:00
Scott Wood
e69a17f65e openpic: use standard bitmap operations
Besides the private implementation being redundant, namespace collisions
prevented the use of other things in bitops.h.

Serialization does get a bit more awkward, unfortunately, since the
standard bitmap operations are "unsigned long" rather than "uint32_t",
though in exchange we will get faster queue lookups on 64-bit hosts once
we search a word at a time.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:10 +01:00
Scott Wood
47f73749c6 Revert "openpic: Accelerate pending irq search"
This reverts commit a9bd83f4c65de0058659ede009fa1a241f379edd.

This counting approach is not robust against setting a bit that
was already set, or clearing a bit that was already clear.  Perhaps
that is considered a bug, but besides the lack of any documentation
for that restriction, it's a pretty unpleasant way for the problem
to manifest itself.

It could be made more robust by testing the current value of the
bit before changing the count, but a later patch speeds up IRQ_check
in all cases, not just when there's nothing pending.  Hopefully that
should be adequate to address performance concerns.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:10 +01:00
Scott Wood
3c94378e2c openpic: always call IRQ_check from IRQ_get_next
Previously the code relied on the queue's "next" field getting
set to -1 sometime between an update to the bitmap, and the next
call to IRQ_get_next.  Sometimes this happened after the update.
Sometimes it happened before the check.  Sometimes it didn't happen
at all.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:10 +01:00
Scott Wood
72c1da2ca7 openpic/fsl: critical interrupts ignore mask before v4.1
Signed-off-by: Scott Wood <scottwood@freescale.com>
[agraf: make bool :1]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:10 +01:00
Scott Wood
eb43842784 openpic: make ctpr signed
Other priorities are signed, so avoid comparisons between
signed and unsigned.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:10 +01:00
Scott Wood
5e22c276de openpic: rework critical interrupt support
Critical interrupts on FSL MPIC are not supposed to pay
attention to priority, IACK, EOI, etc.  On the currently modeled
version it's not supposed to pay attention to the mask bit either.

Also reorganize to make it easier to implement newer FSL MPIC models,
which encode interrupt level information differently and support
mcheck as well as crit, and to reduce problems for later patches
in this set.

Still missing is the ability to lower the CINT signal to the core,
as IACK/EOI is not used.  This will come with general IRQ-source-driven
lowering in the next patch.

New state is added which is not serialized, but instead is recomputed
in openpic_load() by calling the appropriate write_IRQreg function.
This should have the side effect of causing the IRQ outputs to be
raised appropriately on load, which was missing.

The serialization format is altered by swapping ivpr and idr (we'd like
IDR to be restored before we run the IVPR logic), and moving interrupts
to the end (so that other state has been restored by the time we run the
IDR/IVPR logic.  Serialization for this driver is not yet in a state
where backwards compatibility is reasonable (assuming it works at all),
and the current serialization format was not built for extensibility.

Signed-off-by: Scott Wood <scottwood@freescale.com>
[agraf: fix for current code state]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:10 +01:00
Scott Wood
be7c236fa2 openpic: make register names correspond better with hw docs
The base openpic specification doesn't provide abbreviated register
names, so it's somewhat understandable that the QEMU code made up
its own, except that most of the names that QEMU used didn't correspond
to the terminology used by any implementation I could find.

In some cases, like PCTP, the phrase "processor current task priority"
could be found in the openpic spec when describing the concept, but
the register itself was labelled "current task priority register"
and every implementation seems to use either CTPR or the full phrase.

In other cases, individual implementations disagree on what to call
the register.  The implementations I have documentation for are
Freescale, Raven (MCP750), and IBM.  The Raven docs tend to not use
abbreviations at all.  The IBM MPIC isn't implemented in QEMU.  Thus,
where there's disagreement I chose to use the Freescale abbreviations.

Signed-off-by: Scott Wood <scottwood@freescale.com>
[agraf: rebase on current state of the code]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:10 +01:00
Scott Wood
e99fd8af63 openpic: lower interrupt when reading the MSI register
This will stop things from breaking once it's properly treated as a
level-triggered interrupt.  Note that it's the MPIC's MSI cascade
interrupts that are level-triggered; the individual MSIs are
edge-triggered.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:09 +01:00
Scott Wood
4c4f0e4801 openpic: fix debug prints
Fix various format errors when debug prints are enabled.  Also
cause error checking to happen even when debug prints are not
enabled, and consistently use 0x for hex output.

Signed-off-by: Scott Wood <scottwood@freescale.com>
[agraf: adjust for more recent code base, prettify DPRINTF macro]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:09 +01:00
Bharat Bhushan
88a78d9093 PPC: Reset qemu timers when guest reset
This patch install the timer reset handler. This will be called when
the guest is reset.

Signed-off-by: Bharat Bhushan <bharat.bhushan@freescale.com>
[agraf: adjust for QOM'ification]
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:09 +01:00
Alexander Graf
af7e9e74c6 openpic: fix coding style issues
This patch fixes the following coding style violations:

  - structs have to be typedef and be CamelCase
  - if()s are always surrounded by curly braces

Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:09 +01:00
Scott Wood
c3203fa5b2 openpic: don't crash on a register access without a CPU context
If we access a register via the QEMU memory inspection commands (e.g.
"xp") rather than from guest code, we won't have a CPU context.
Gracefully fail to access the register in that case, rather than
crashing.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:09 +01:00
Scott Wood
a26a7b3833 openpic: s/opp->nb_irqs -1/opp->nb_cpus - 1/
"opp->nb_irqs-1" would have been a minor coding style error,
but putting in one space but not the other makes it look
confusingly like a numeric literal "-1".

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:09 +01:00
Scott Wood
0d4046833b openpic: BRR1 is not a CPU-specific register.
It's in the address range that normally contains a magic redirection
to the CPU-specific region of the curretn CPU, but it isn't actually
a per-CPU register.  On real hardware BRR1 shows up only at 0x40000,
not at 0x60000 or other non-magic per-CPU areas.  Plus, this makes
it possible to read the register on the QEMU command line with "xp".

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:08 +01:00
Scott Wood
0fe04622c1 openpic: support large vectors on FSL mpic
Previously only the spurious vector was sized appropriately
to the openpic model.

Also, instances of "IPVP_VECTOR(opp->spve)" were replace with
just "opp->spve", as opp->spve is already just a vector and not
an IVPR.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:08 +01:00
Scott Wood
c975330ec4 openpic: remove pcsr (CPU sensitivity register)
I could not find this register in any spec (FSL, IBM, or OpenPIC)
and the code doesn't do anything with it but initialize, save,
or restore it.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:08 +01:00
Scott Wood
71c6cacb24 openpic: symbolicize some magic numbers
Deefine symbolic names for some register bits, and use some that
have already been defined.

Also convert some register values from hex to decimal when it improves
readability.

IPVP_PRIORITY_MASK is corrected from (0x1F << 16) to (0xF << 16), in
conjunction with making wider use of the symbolic name.  I looked at
Freescale and IBM MPIC docs and at the base OpenPIC spec, and all three
had priority as 4 bits rather than 5.  Plus, the magic nubmer that is
being replaced with symbolic values treated the field as 4 bits wide.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2013-01-07 17:37:08 +01:00
Liming Wang
358d615b69 exynos4210: Add EHCI support
Add EHCI USB host controller to exynos4210.

Signed-off-by: Liming Wang <walimisdev@gmail.com>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Reviewed-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:25 +01:00
Andreas Färber
aee7499a59 usb/ehci: Add SysBus EHCI device for Exynos4210
It uses a different capsbase and opregbase than the Xilinx device.

Signed-off-by: Liming Wang <walimisdev@gmail.com>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Cc: Igor Mitsyanko <i.mitsyanko@samsung.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Andreas Färber
4a4343671e usb/ehci: Move capsbase and opregbase into SysBus EHCI class
This allows specific derived models to use different values.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Andreas Färber
5aa3ca9f53 usb/ehci: Clean up SysBus and PCI EHCI split
SysBus EHCI was introduced in a hurry before 1.3 Soft Freeze.
To use QOM casts in place of DO_UPCAST() / FROM_SYSBUS(), we need an
identifying type. Introduce generic abstract base types for PCI and
SysBus EHCI to allow multiple types to access the shared fields.

While at it, move the state structs being amended with macros to the
header file so that they can be embedded.

The VMSTATE_PCI_DEVICE() macro does not play nice with the QOM
parent_obj naming convention, so defer that cleanup.

Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Gerd Hoffmann
a820b57578 xhci: call set-address with dummy usbpacket
Due to the way devices are addressed with xhci (done by hardware, not
the guest os) there is no packet when invoking the set-address control
request.  Create a dummy packet in that case to avoid null pointer
dereferences.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
e97f0aca79 usb-redir: Add debugging to bufpq save / restore
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
bd019b735a usbredir: Add usbredir_init_endpoints() helper
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
d3aea641a4 usbredir: Verify we have 32 bits bulk length cap when redirecting to xhci
The xhci-hcd may submit bulk transfers > 65535 bytes even when not using
bulk-in pipeling, so usbredir can only be used in combination with an xhci
hcd if the client has the 32 bits bulk length capability.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
d8553dd047 usbredir: Add ep_stopped USBDevice method
To ensure that interrupt receiving is properly stopped when the guest is
no longer interested in an interrupt endpoint.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
7e9638d3eb usbredir: Add USBEP2I and I2USBEP helper macros
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
f8c126f329 usbredir: Add an usbredir_stop_ep helper function
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
f79738b03b usb: Add an usb_device_ep_stopped USBDevice method
Some usb devices (host or network redirection) can benefit from knowing when
the guest stops using an endpoint. Redirection may involve submitting packets
independently from the guest (in combination with a fifo buffer between the
redirection code and the guest), to ensure that buffers of the real usb device
are timely emptied. This is done for example for isoc traffic and for interrupt
input endpoints. But when the (re)submission of packets is done by the device
code, then how does it know when to stop this?

For isoc endpoints this is handled by detecting a set interface (change alt
setting) command, which works well for isoc endpoints. But for interrupt
endpoints currently the redirection code never stops receiving data from
the device, which is less then ideal.

However the controller emulation is aware when a guest looses interest, as
then the qh for the endpoint gets unlinked (ehci, ohci, uhci) or the endpoint
is explicitly stopped (xhci). This patch adds a new ep_stopped USBDevice
method and modifies the hcd code to call this on queue unlink / ep stop.

This makes it possible for the redirection code to properly stop receiving
interrupt input (*) data when the guest no longer has interest in it.

*) And in the future also buffered bulk input.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
6735d43372 usb: Fix usb_ep_find_packet_by_id
usb_ep_find_packet_by_id mistakenly only checks the first packet and if that
is not a match, keeps trying the first packet! This patch fixes this.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
027c03f732 hid: Change idle handling to use a timer
This leads to cleaner code in usb-hid, and removes up to a 1000 calls / sec to
qemu_get_clock_ns(vm_clock) if idle-time is set to its default value of 0.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
9fdf702727 uhci: Maximize how many frames we catch up when behind
If somehow we've gotten behind a lot, simply skip ahead, like the ehci code
does.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
f8f48b6957 uhci: Limit amount of frames processed in one go
Before this patch uhci would process an unlimited amount of frames when
behind on schedule, by setting the timer to a time already past, causing the
timer subsys to immediately recall the frame_timer function gain.

This would cause invalid cancellations of bulk queues when the catching up
processed more then 32 frames at a moment when the bulk qh was temporarily
unlinked (which the Linux uhci driver does).

This patch fixes this by processing maximum 16 frames in one go, and always
setting the timer one ms later, making the code behave more like the ehci
code.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
475443cf14 uhci: Add a QH_VALID define
Rather then using the magic 32 value in various places.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
ecfdc15f43 uhci: Fix pending interrupts getting lost on migration
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
719c130dca uhci: Fix 1 ms delay in interrupt reporting to the guest
Re-arrange how we process frames / increase frnum / report pending interrupts,
to avoid a 1 ms delay in interrupt reporting to the guest. This increases
the packet throughput for cases where the guest submits a single packet,
then waits for its completion then re-submits from 500 pkts / sec to
1000 pkts / sec. This impacts for example the use of redirected / virtual
usb to serial convertors.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:24 +01:00
Hans de Goede
4a9ef2c042 ehci: Don't call commit_irq after raising PCD
ehci_raise_irq(s, USBSTS_PCD), gets applied immediately so there is no need
to call commit_irq after it.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
52c15e5986 ehci: Further speedup rescanning if async schedule after raising an interrupt
I tried lowering the time between raising an interrupt and rescanning the
async schedule to see if the guest has queued a new transfer before, but
that did not have any positive effect. I now believe the cause for this is
that lowering this time made it more likely to hit the 1 ms interrupt
threshold penalty for the next packet, as described in my
"ehci: Use uframe precision for interrupt threshold checking" commit.

Now that we do interrupt threshold handling with uframe precision, futher
lowering this time from .5 to .25 ms gives an extra 15% improvement in speed
(MB/s) reading from a simple USB-2.0 thumb-drive.

While at it also properly set the int_req_by_async flag for short packet
completions.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
9359a58b12 ehci: Use uframe precision for interrupt threshold checking (v2)
Before this patch, the following could happen:
1) Transfer completes, raises interrupt
2) .5 ms later we check if the guest has queued up any new transfers
3) We find and execute a new transfer
4) .2 ms later the new transfer completes
5) We re-run our frame_timer to write back the completion, but less then
   1 ms has passed since our last run, so frindex is not changed, so the
   interrupt threshold code delays the interrupt
6) 1 ms from the re-run our frame-timer runs again and finally delivers
   the interrupt

This leads to unnecessary large delays of interrupts, this code fixes this
by changing frindex to uframe precision and using that for interrupt threshold
control, making the interrupt fire at step 5 for guest which have low interrupt
threshold settings (like Linux).

Note that the guest still sees the frindex move in steps of 8 for migration
compatibility.

This boosts Linux read speed of a simple cheap USB thumb drive by 6 %.

Changes in v2:
-Make the guest see frindex move in steps of 8 by modifying ehci_opreg_read,
 rather then using a shadow variable

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
bbbc39ccac ehci: Verify a queue's ep direction does not change
ehci_fill_queue assumes that there is a one on one relationship between an ep
and a qh, this patch adds a check to ensure this.

Note I don't expect this to ever trigger, this is just something I noticed
the guest might do while working on other stuff. The only way this check can
trigger is if a guest mixes in and out qtd-s in a single qh for a non
control ep.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
51e0c5d029 ehci: Add an ehci_get_pid helper function
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
e3fdfd488c ehci: Verify qtd for async completed packets
Remove the short-circuiting of fetchqtd in fetchqh, so that the
qtd gets properly verified before completing the transaction.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
2b3de6ada5 ehci: writeback_async_complete_packet: verify qh and qtd
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
190d849249 ehci: Move get / put_dwords upwards
No other changes.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
d066c57b1c ehci: Verify guest does not change the token of inflight qtd-s
This is not allowed, except for clearing active on cancellation, so don't
warn when the new token does not have its active bit set.

This unifies the cancellation path for modified qtd-s, and prepares
ehci_verify_qtd to be used ad an extra check inside
ehci_writeback_async_complete_packet().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
c643263409 ehci: Add ehci_verify_qh and ehci_verify_qtd helper functions
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Hans de Goede
f881c8d36b ehci: Add a ehci_writeback_async_complete_packet helper function
Also drop the warning printf, which was there mainly because this was an
untested code path (as the previous bug fixes to it show), but that no
longer is the case now :)

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07 12:57:23 +01:00
Amos Kong
83f58e570f rtl8139: preserve link state across device reset
A device reset does not affect the link state, only set_link does.

Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-07 10:43:21 +01:00
Amos Kong
84dd212024 e1000: no need auto-negotiation if link was down
Commit b9d03e352c added link
auto-negotiation emulation, it would always set link up by
callback function. Problem exists if original link status
was down, link status should not be changed in auto-negotiation.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-07 10:43:21 +01:00
Michael Contreras
2c0331f4f7 e1000: Discard oversized packets based on SBP|LPE
Discard packets longer than 16384 when !SBP to match the hardware behavior.

Signed-off-by: Michael Contreras <michael@inetric.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-07 10:43:21 +01:00
Blue Swirl
8e4a424b30 Revert "virtio-pci: replace byte swap hack"
This reverts commit 9807caccd6.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-06 18:30:17 +00:00
Blue Swirl
9807caccd6 virtio-pci: replace byte swap hack
Remove byte swaps by declaring the config space
as native endian.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-06 08:24:26 +00:00
Stefan Weil
549db5c32b hw/i386: Fix broken build for non POSIX hosts
pc-testdev.c cannot be compiled with MinGW (and other non POSIX hosts):

  CC    i386-softmmu/hw/i386/../pc-testdev.o
qemu/hw/i386/../pc-testdev.c:38:22: warning: sys/mman.h: file not found
qemu/hw/i386/../pc-testdev.c: In function ‘test_flush_page’:
qemu/hw/i386/../pc-testdev.c:103: warning: implicit declaration of function ‘mprotect’
...

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-05 10:14:05 +00:00
Anthony Liguori
a4c7ecd8ca Merge remote-tracking branch 'stefanha/trivial-patches' into staging
* stefanha/trivial-patches:
  spice: drop incorrect vm_change_state_handler() opaque
  linux-user/syscall.c: remove forward declarations
  hw/mcf5206: Reduce size of lookup table
  Remove --sparc_cpu option from the configure list
  pseries: Remove unneeded include statement (fixes MinGW builds)
  pc_sysfw: Check for qemu_find_file() failure

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-04 13:25:20 -06:00
Anthony Liguori
346c1f8b52 Merge remote-tracking branch 'kraxel/testdev.1' into staging
* kraxel/testdev.1:
  pc: remove bochs bios debug ports
  hw: Add test device for unittests execution
  add isa-debug-exit device.
  switch debugcon to memory api

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-04 13:25:07 -06:00
Stefan Weil
715857cbba hw/mcf5206: Reduce size of lookup table
This typically reduces the size from 512 bytes to 128 bytes.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-04 14:38:05 +01:00
Stefan Weil
e2af7a4dc8 pseries: Remove unneeded include statement (fixes MinGW builds)
sys/mman.h is not needed (tested on Linux) and unavailable for MinGW,
so remove it.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-04 14:38:04 +01:00
Markus Armbruster
e7b1d0ea95 pc_sysfw: Check for qemu_find_file() failure
pc_fw_add_pflash_drv() ignores qemu_find_file() failure, and happily
creates a drive without a medium.

When pc_system_flash_init() asks for its size, bdrv_getlength() fails
with -ENOMEDIUM, which isn't checked either.  It fails relatively
cleanly only because -ENOMEDIUM isn't a multiple of 4096:

    $ qemu-system-x86_64 -S -vnc :0 -bios nonexistant
    qemu: PC system firmware (pflash) must be a multiple of 0x1000
    [Exit 1 ]

Fix by handling the qemu_find_file() failure.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-04 14:38:04 +01:00
Gerd Hoffmann
9ee59f341f pc: remove bochs bios debug ports
Prehistoric leftover, zap it.  We poweroff via acpi these days.

And having a port (0x501,0x502) where any random guest write will make
qemu exit -- with no way to turn it off -- is a bad joke anyway.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-04 09:11:36 +01:00
Lucas Meneghel Rodrigues
ee0cc5415e hw: Add test device for unittests execution
Add a test device which supports the kvmctl ioports,
so one can run the KVM unittest suite.

Intended Usage:

qemu-system-x86_64 -nographic \
    -device pc-testdev \
    -device isa-debug-exit,iobase=0xf4,iosize=0x04 \
    -kernel /path/to/kvm/unittests/msr.flat

Where msr.flat is one of the KVM unittests, present on a
separate repo,

git://git.kernel.org/pub/scm/virt/kvm/kvm-unit-tests.git

[ kraxel: more memory api + qom fixes ]

CC: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Lucas Meneghel Rodrigues <lmr@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-04 09:11:30 +01:00
Gerd Hoffmann
bb355b1859 add isa-debug-exit device.
When present it makes qemu exit on any write.
Mapped to port 0x501 by default.

Without this patch Anthony doesn't allow me to
remove the bochs bios debug ports because his
test suite uses this.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-04 08:51:57 +01:00
Gerd Hoffmann
e8ba1ce92d switch debugcon to memory api
Also some QOM glue while being at it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-04 08:51:57 +01:00
Gerd Hoffmann
503b19fc5d apci: assign memory regions to ich9 lpc device
Get rid of get_system_io() usage.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-04 08:51:56 +01:00
Gerd Hoffmann
56e5b2a1a6 apci: assign memory regions to piix4 acpi device
Get rid of get_system_io() usage.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-04 08:51:56 +01:00
Gerd Hoffmann
f7e4dd6c18 acpi: autoload dsdt
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-04 08:51:56 +01:00
Stefan Hajnoczi
ef4929fb3c dataplane: use linux-headers/ for virtio includes
The hw/dataplane/vring.c code includes linux/virtio_ring.h.  Ensure that
we use linux-headers/ instead of the system-wide headers, which may be
out-of-date on older distros.

This resolves the following build error on Debian 6:

  CC    hw/dataplane/vring.o
cc1: warnings being treated as errors
hw/dataplane/vring.c: In function 'vring_enable_notification':
hw/dataplane/vring.c:71: error: implicit declaration of function 'vring_avail_event'
hw/dataplane/vring.c:71: error: nested extern declaration of 'vring_avail_event'
hw/dataplane/vring.c:71: error: lvalue required as left operand of assignment

Note that we now build dataplane/ for each target instead of only once.
There is no way around this since linux-headers/ is only available for
per-target objects - and it's how virtio, vfio, kvm, and friends are
built.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-03 07:13:25 -06:00
Anthony Liguori
217da7fdeb Merge remote-tracking branch 'stefanha/block' into staging
* stefanha/block:
  sheepdog: pass oid directly to send_pending_req()
  sheepdog: don't update inode when create_and_write fails
  block/raw-win32: Fix compiler warnings (wrong format specifiers)
  qemu-img: report size overflow error message
  cutils: change strtosz_suffix_unit function
  virtio-blk: Return UNSUPP for unknown request types
  virtio-blk: add x-data-plane=on|off performance feature
  dataplane: add virtio-blk data plane code
  virtio-blk: restore VirtIOBlkConf->config_wce flag
  iov: add qemu_iovec_concat_iov()
  test-iov: add iov_discard_front/back() testcases
  iov: add iov_discard_front/back() to remove data
  dataplane: add Linux AIO request queue
  dataplane: add event loop
  dataplane: add virtqueue vring code
  dataplane: add host memory mapping code
  configure: add CONFIG_VIRTIO_BLK_DATA_PLANE
  raw-posix: add raw_get_aio_fd() for virtio-blk-data-plane

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-02 12:19:27 -06:00
Alexey Zaytsev
9e72c45033 virtio-blk: Return UNSUPP for unknown request types
Currently, all unknown requests are treated as VIRTIO_BLK_T_IN

Signed-off-by: Alexey Zaytsev <alexey.zaytsev@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-02 16:08:53 +01:00
Stefan Hajnoczi
392808b49b virtio-blk: add x-data-plane=on|off performance feature
The virtio-blk-data-plane feature is easy to integrate into
hw/virtio-blk.c.  The data plane can be started and stopped similar to
vhost-net.

Users can take advantage of the virtio-blk-data-plane feature using the
new -device virtio-blk-pci,x-data-plane=on property.

The x-data-plane name was chosen because at this stage the feature is
experimental and likely to see changes in the future.

If the VM configuration does not support virtio-blk-data-plane an error
message is printed.  Although we could fall back to regular virtio-blk,
I prefer the explicit approach since it prompts the user to fix their
configuration if they want the performance benefit of
virtio-blk-data-plane.

Limitations:
 * Only format=raw is supported
 * Live migration is not supported
 * Block jobs, hot unplug, and other operations fail with -EBUSY
 * I/O throttling limits are ignored
 * Only Linux hosts are supported due to Linux AIO usage

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-02 16:08:51 +01:00
Stefan Hajnoczi
e72f66a0a2 dataplane: add virtio-blk data plane code
virtio-blk-data-plane is a subset implementation of virtio-blk.  It only
handles read, write, and flush requests.  It does this using a dedicated
thread that executes an epoll(2)-based event loop and processes I/O
using Linux AIO.

This approach performs very well but can be used for raw image files
only.  The number of IOPS achieved has been reported to be several times
higher than the existing virtio-blk implementation.

Eventually it should be possible to unify virtio-blk-data-plane with the
main body of QEMU code once the block layer and hardware emulation is
able to run outside the global mutex.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-02 16:08:47 +01:00
Stefan Hajnoczi
8a873ba780 virtio-blk: restore VirtIOBlkConf->config_wce flag
Two slightly different versions of a patch to conditionally set
VIRTIO_BLK_F_CONFIG_WCE through the "config-wce" qdev property have been
applied (ea776abca and eec7f96c2).  David Gibson
<david@gibson.dropbear.id.au> noticed that the "config-wce"
property is broken as a result and fixed it recently.

The fix sets the host_features VIRTIO_BLK_F_CONFIG_WCE bit from a qdev
property.  Unfortunately, the virtio device then has no chance to test
for the presence of the feature bit during virtio_blk_init().

Therefore, reinstate the VirtIOBlkConf->config_wce flag.  Drop the
duplicate qdev property to set the host_features bit.  The
VirtIOBlkConf->config_wce flag will be used by virtio-blk-data-plane in
a later patch.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-02 15:59:20 +01:00
Stefan Hajnoczi
3e9ec52171 dataplane: add Linux AIO request queue
The IOQueue has a pool of iocb structs and a function to add new
read/write requests.  Multiple requests can be added before calling the
submit function to actually tell the host kernel to begin I/O.  This
allows callers to batch requests and submit them in one go.

The actual I/O is performed using Linux AIO.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-02 15:58:03 +01:00
Stefan Hajnoczi
71973b0461 dataplane: add event loop
Outside the safety of the global mutex we need to poll on file
descriptors.  I found epoll(2) is a convenient way to do that, although
other options could replace this module in the future (such as an
AioContext-based loop or glib's GMainLoop).

One important feature of this small event loop implementation is that
the loop can be terminated in a thread-safe way.  This allows QEMU to
stop the data plane thread cleanly.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-02 15:56:21 +01:00
Stefan Hajnoczi
88807f89d9 dataplane: add virtqueue vring code
The virtio-blk-data-plane cannot access memory using the usual QEMU
functions since it executes outside the global mutex and the memory APIs
are this time are not thread-safe.

This patch introduces a virtqueue module based on the kernel's vhost
vring code.  The trick is that we map guest memory ahead of time and
access it cheaply outside the global mutex.

Once the hardware emulation code can execute outside the global mutex it
will be possible to drop this code.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-02 15:55:47 +01:00
Stefan Hajnoczi
185ecf40e3 dataplane: add host memory mapping code
The data plane thread needs to map guest physical addresses to host
pointers.  Normally this is done with cpu_physical_memory_map() but the
function assumes the global mutex is held.  The data plane thread does
not touch the global mutex and therefore needs a thread-safe memory
mapping mechanism.

Hostmem registers a MemoryListener similar to how vhost collects and
pushes memory region information into the kernel.  There is a
fine-grained lock on the regions list which is held during lookup and
when installing a new regions list.

When the physical memory map changes the MemoryListener callbacks are
invoked.  They build up a new list of memory regions which is finally
installed when the list has been completed.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-02 15:50:32 +01:00
Anthony Liguori
34daffa048 Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
* qemu-kvm/uq/master:
  qemu-kvm/pci-assign: 64 bits bar emulation
  target-i386: Enabling IA32_TSC_ADJUST for QEMU KVM guest VMs

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-02 08:01:54 -06:00
Anthony Liguori
079944e695 pci,virtio
This optimizes MSIX handling in virtio-pci.
 Also included is pci express capability bugfix.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQEcBAABAgAGBQJQ2tD2AAoJECgfDbjSjVRpUNcIAKN2c+3iiutUWFBBII2TWppc
 QAQ4Q5HK7gCtAnwNrlQMAIXcUzHBd5s6BW74BaFBZYymf/tqe4CsvmIH15qQyvm0
 McdJAba3FLk0+TELG/Fmf4+faM/kr3gl5Cve3YJC69NHpcq3gi8V4696sP8cGfUt
 atA+NR8AITBJDmQlcq6Vwfp+t+B1MY9D9SROT/BmfO+/kY3krkhlPL2pdcoinBa2
 zKJLz+jE0tjz7kZ99bmbb2uzKImvtFwxCVZjhD0UINjDOWd9k6ao2pWQIEftv56z
 zwz/L8TKCFdM2350XXPg99f4WbrvBqmg3Slb4vrsIYEuAWvArI8sUSYG3rC4fS4=
 =8Jun
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mst/tags/for_anthony' into staging

pci,virtio

This optimizes MSIX handling in virtio-pci.
Also included is pci express capability bugfix.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

* mst/tags/for_anthony:
  virtio-pci: don't poll masked vectors
  msix: expose access to masked/pending state
  msi: add API to get notified about pending bit poll
  pcie: Fix bug in pcie_ext_cap_set_next
  virtio: make bindings typesafe
2013-01-02 08:01:36 -06:00
Stefan Weil
5928023cef pflash_cfi01: Suppress warning when Linux probes for AMD flash
There are several ARM and MIPS boards which are manufactured with
either Intel (pflash_cfi01.c) or AMD (pflash_cfi02.c) flash memory.

The Linux kernel supports both and first probes for AMD flash which
resulted in one or two warnings from the Intel flash emulation:

pflash_write: Unimplemented flash cmd sequence (offset 0000000000000000, wcycle 0x0 cmd 0x0 value 0xf000f0)
pflash_write: Unimplemented flash cmd sequence (offset 0000000000000000, wcycle 0x0 cmd 0x0 value 0xf0)

These warnings confuse users, so suppress them.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2013-01-01 13:05:57 +01:00
Alon Levy
62054c06d4 usb/redirect.c: unbreak compilation due to include/char/char.h
Broken since:

commit 927d4878b0
Author: Paolo Bonzini <pbonzini@redhat.com>
Date:   Mon Dec 17 18:20:05 2012 +0100

    softmmu: move remaining include files to include/ subdirectories

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-12-28 16:09:33 +00:00
Blue Swirl
4de63460ca Merge branch 'qom-cpu' of git://repo.or.cz/qemu/afaerber
* 'qom-cpu' of git://repo.or.cz/qemu/afaerber:
  MAINTAINERS: Include X86CPU in CPU maintenance area
  cpu: Move kvm_run into CPUState
  cpu: Move kvm_state field into CPUState
  ppc_booke: Pass PowerPCCPU to ppc_booke_timers_init()
  ppc4xx_devs: Return PowerPCCPU from ppc4xx_init()
  ppc_booke: Pass PowerPCCPU to {decr,fit,wdt} timer callbacks
  ppc: Pass PowerPCCPU to [h]decr timer callbacks
  ppc: Pass PowerPCCPU to [h]decr callbacks
  ppc: Pass PowerPCCPU to ppc_set_irq()
  kvm: Pass CPUState to kvm_vcpu_ioctl()
  kvm: Pass CPUState to kvm_arch_*
  cpu: Move kvm_fd into CPUState
  qdev-properties.c: Separate core from the code used only by qemu-system-*
  qdev: Coding style fixes
  cpu: Introduce CPUListState struct
  target-alpha: Add support for -cpu ?
  target-alpha: Turn CPU definitions into subclasses
  target-alpha: Avoid leaking the alarm timer over reset
  alpha: Pass AlphaCPU array to Typhoon
  target-alpha: Let cpu_alpha_init() return AlphaCPU
2012-12-28 16:08:23 +00:00
Michael S. Tsirkin
89d62be9f4 virtio-pci: don't poll masked vectors
At the moment, when irqfd is in use but a vector is masked,
qemu will poll it and handle vector masks in userspace.
Since almost no one ever looks at the pending bits,
it is better to defer this until pending bits
are actually read.
Implement this optimization using the new poll notifier.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-26 11:49:29 +02:00
Michael S. Tsirkin
70f8ee395a msix: expose access to masked/pending state
For use by poll handler.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-26 11:49:29 +02:00
Michael S. Tsirkin
bbef882cc1 msi: add API to get notified about pending bit poll
Update all users.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-26 11:49:28 +02:00
Knut Omang
812d2594d5 pcie: Fix bug in pcie_ext_cap_set_next
Upper 16 bits of the PCIe Extended Capability Header was truncated during update,
also breaking pcie_add_capability.

Signed-off-by: Knut Omang <knut.omang@oracle.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-26 11:49:28 +02:00
Xudong Hao
0a2a59d35c qemu-kvm/pci-assign: 64 bits bar emulation
Enable 64 bits bar emulation.

Test pass with the current seabios which already support 64bit pci bars.

Signed-off-by: Xudong Hao <xudong.hao@intel.com>
Reviewed-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>
2012-12-25 14:37:52 +02:00
Alex Horn
2915efbfa8 tmp105: Create API for TMP105 temperature sensor.
* Define enum for TMP105 registers
* Move tmp105_set() from I2C to TMP105 header
* Document units and range of temperature as preconditions

Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alex Horn <alex.horn@cs.ox.ac.uk>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-23 14:37:51 -06:00
Andreas Färber
501a7ce727 Merge branch 'master' of git://git.qemu.org/qemu into qom-cpu
Adapt header include paths.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-23 00:40:49 +01:00
Michael S. Tsirkin
d2a0ccc613 virtio: make bindings typesafe
Move bindings from opaque to DeviceState.
This gives us better type safety with no performance cost.
Add macros to make future QOM work easier.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-20 09:20:01 +02:00
Anthony Liguori
27dd773058 Merge remote-tracking branch 'bonzini/header-dirs' into staging
* bonzini/header-dirs: (45 commits)
  janitor: move remaining public headers to include/
  hw: move executable format header files to hw/
  fpu: move public header file to include/fpu
  softmmu: move remaining include files to include/ subdirectories
  softmmu: move include files to include/sysemu/
  misc: move include files to include/qemu/
  qom: move include files to include/qom/
  migration: move include files to include/migration/
  monitor: move include files to include/monitor/
  exec: move include files to include/exec/
  block: move include files to include/block/
  qapi: move include files to include/qobject/
  janitor: add guards to headers
  qapi: make struct Visitor opaque
  qapi: remove qapi/qapi-types-core.h
  qapi: move inclusions of qemu-common.h from headers to .c files
  ui: move files to ui/ and include/ui/
  qemu-ga: move qemu-ga files to qga/
  net: reorganize headers
  net: move net.c to net/
  ...

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-19 17:15:39 -06:00
Andreas Färber
a34a92b9ec ppc_booke: Pass PowerPCCPU to ppc_booke_timers_init()
Cleans up after passing PowerPCCPU to timer callbacks.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-19 14:09:32 +01:00
Andreas Färber
2f9859fb49 ppc4xx_devs: Return PowerPCCPU from ppc4xx_init()
Prepares for passing PowerPCCPU to ppc_booke_timers_init().

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-19 14:09:32 +01:00
Andreas Färber
ee0c98e650 ppc_booke: Pass PowerPCCPU to {decr,fit,wdt} timer callbacks
Cleans up after passing PowerPCCPU to booke_update_irq().

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-19 14:09:32 +01:00
Andreas Färber
50c680f06c ppc: Pass PowerPCCPU to [h]decr timer callbacks
Cleans up after passing PowerPCCPU to [h]decr exception callbacks.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-19 14:09:31 +01:00
Andreas Färber
7e0a924734 ppc: Pass PowerPCCPU to [h]decr callbacks
Cleans up after passing PowerPCCPU to ppc_set_irq().

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-19 14:09:31 +01:00
Andreas Färber
7058581a26 ppc: Pass PowerPCCPU to ppc_set_irq()
Adapt static caller functions.

This cleans up after passing PowerPCCPU to kvmppc_set_interrupt().

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-19 14:09:31 +01:00
Andreas Färber
1bc22652d6 kvm: Pass CPUState to kvm_vcpu_ioctl()
Adapt helper functions to pass X86CPU / PowerPCCPU / S390CPU.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-19 14:09:31 +01:00
Eduardo Habkost
a404b61244 qdev-properties.c: Separate core from the code used only by qemu-system-*
This separates the qdev properties code in two parts:
 - qdev-properties.c, that contains most of the qdev properties code;
 - qdev-properties-system.c for code specific for qemu-system-*,
   containing:
   - Property types: drive, chr, netdev, vlan, that depend on code that
     won't be included on *-user
   - qemu_add_globals(), that depends on qemu-config.o.

This change should help on two things:
 - Allowing DeviceState to be used by *-user without pulling
   dependencies that are specific for qemu-system-*;
 - Writing qdev unit tests without pulling too many dependencies.

The copyright/license of qdev-properties.c isn't explicitly stated at
the file, so add a simple copyright/license header pointing to the
commit ID of the original file.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-19 14:09:31 +01:00
Eduardo Habkost
04a2d61e49 qdev: Coding style fixes
Add missing braces and break lines larger than 80 chars.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-19 14:09:31 +01:00
Paolo Bonzini
42dc882ff8 hw: move executable format header files to hw/
Or delete a.out.h which is unused.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:32:46 +01:00
Paolo Bonzini
927d4878b0 softmmu: move remaining include files to include/ subdirectories
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:32:46 +01:00
Paolo Bonzini
9c17d615a6 softmmu: move include files to include/sysemu/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:32:45 +01:00
Paolo Bonzini
1de7afc984 misc: move include files to include/qemu/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:32:39 +01:00
Paolo Bonzini
14cccb6185 qom: move include files to include/qom/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:32 +01:00
Paolo Bonzini
caf71f86a3 migration: move include files to include/migration/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:32 +01:00
Paolo Bonzini
83c9089e73 monitor: move include files to include/monitor/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:32 +01:00
Paolo Bonzini
022c62cbbc exec: move include files to include/exec/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:31 +01:00
Paolo Bonzini
737e150e89 block: move include files to include/block/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:31 +01:00
Paolo Bonzini
7b1b5d1913 qapi: move include files to include/qobject/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:31 +01:00
Paolo Bonzini
cb9c377f54 janitor: add guards to headers
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:31 +01:00
Paolo Bonzini
28ecbaeecb ui: move files to ui/ and include/ui/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:30 +01:00
Paolo Bonzini
1422e32db5 net: reorganize headers
Move public headers to include/net, and leave private headers in net/.
Put the virtio headers in include/net/tap.h, removing the multiple copies
that existed.  Leave include/net/tap.h as the interface for NICs, and
net/tap_int.h as the interface for OS-specific parts of the tap backend.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:31:29 +01:00
Paolo Bonzini
7fa22f2bf7 net: do not include net.h everywhere
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:29:59 +01:00
Paolo Bonzini
090f7ac5ba net: move Bluetooth stuff out of net.h
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:29:59 +01:00
Paolo Bonzini
f8fe796407 janitor: do not include qemu-char everywhere
Touching char/char.h basically causes the whole of QEMU to
be rebuilt.  Avoid this, it is usually unnecessary.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:29:59 +01:00
Paolo Bonzini
077805fa92 janitor: do not rely on indirect inclusions of or from qemu-char.h
Various header files rely on qemu-char.h including qemu-config.h or
main-loop.h, but they really do not need qemu-char.h at all (particularly
interesting is the case of the block layer!).  Clean this up, and also
add missing inclusions of qemu-char.h itself.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:29:52 +01:00
Paolo Bonzini
76cad71136 build: kill libdis, move disassemblers to disas/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:29:06 +01:00
Paolo Bonzini
525877c999 build: move rules from Makefile to */Makefile.objs
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:29:06 +01:00
Andreas Färber
c92458538f target-alpha: Avoid leaking the alarm timer over reset
Move the timer from CPUAlphaState to AlphaCPU to avoid the pointer being
zero'ed once we implement reset. Would cause a segfault in
sys_helper.c:helper_set_alarm().

This also simplifies timer initialization in Typhoon.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Richard Henderson <rth@twiddle.net>
2012-12-19 01:01:36 +01:00
Andreas Färber
ad6011775a alpha: Pass AlphaCPU array to Typhoon
Also store it in TyphoonCchip.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Richard Henderson <rth@twiddle.net>
2012-12-19 01:01:36 +01:00
Anthony Liguori
914606d26e Merge remote-tracking branch 'stefanha/trivial-patches' into staging
* stefanha/trivial-patches:
  configure: Earlier pkg-config probe
  vmmouse_reset(): remove minimal code duplication
  linux-user/syscall.c: remove wrong forward decl of setgroups()
  fix build error on ARM due to wrong glibc check
  gitignore: Add virtfs-proxy-helper
  arm_gic: Add cpu nr to Raised IRQ message
  zynq_slcr: Compile time warning fixes.
  pflash_cfi0x: Send debug messages to stderr
  pflash_cfi01: qemu_log_mask "unimplemented" msg
  net, hub: fix the indent in the comments

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-18 15:41:43 -06:00
Anthony Liguori
5455a474d9 Merge remote-tracking branch 'amit/master' into staging
* amit/master:
  virtio-serial-bus: assert port is non-null in remove_port()
  virtio-serial-bus: send_control_msg() should not deal with cpkts
  virtio-serial: delete timer if active during exit
  virtio-serial: allocate post_load only at load-time
  virtio-serial: move active ports loading to separate function
  virtio-serial: use uint32_t to count ports

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-18 15:41:32 -06:00
Anthony Liguori
510981a097 Merge remote-tracking branch 'spice/spice.v66' into staging
* spice/spice.v66:
  docs: add spice-port-fqdn.txt
  spice-qemu-char: register spicevmc ports during qemu_spice_init()
  spice-qemu-char: keep a list of spice chardev
  spice-qemu-char: add spiceport chardev
  spice-qemu-char: factor out CharDriverState creation
  spice-qemu-char: write to chardev whatever amount it can read
  qxl+vnc: register a vm state change handler for dummy spice_server
  qxl: save qemu_create_displaysurface_from result

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-18 15:41:21 -06:00
Laszlo Ersek
5a6c7644b2 vmmouse_reset(): remove minimal code duplication
Commit 069ab0eb added a vmmouse_disable() call to vmmouse_reset().
vmmouse_disable() resets the status already.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-18 17:38:44 +01:00
Peter Crosthwaite
8c815fb30e arm_gic: Add cpu nr to Raised IRQ message
Add the relevant CPU nr to this debug message to make IRQ debugging more
informative.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-18 16:50:15 +01:00
Peter Crosthwaite
8f60380096 zynq_slcr: Compile time warning fixes.
Few warnings when compiled with debug printfs enabled. Fixed all.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-18 16:49:51 +01:00
Peter Crosthwaite
ec9ea4890c pflash_cfi0x: Send debug messages to stderr
These debug info messages should go to stderr rather than stdout.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-18 16:49:51 +01:00
Peter Crosthwaite
d96fc51cc6 pflash_cfi01: qemu_log_mask "unimplemented" msg
This printf is informing the user of unimplemented functionality. It should be
re-directed to qemu_log(LOG_UNIMP, ...) accordingly.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-18 16:49:51 +01:00
Amit Shah
91bdd1cf08 virtio-serial-bus: assert port is non-null in remove_port()
remove_port() is called from qdev's unplug callback, and we're certain
the port will be found in our list of ports.  Adding an assert()
documents this.

This was flagged by Coverity, fix suggested by Markus.

CC: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
2012-12-18 14:28:50 +05:30
Amit Shah
4e28976e56 virtio-serial-bus: send_control_msg() should not deal with cpkts
Stuff the cpkt before calling send_control_msg().  This function should
not be concerned about contents of the buffer it receives.

A few code refactorings recently have made making this change easier
than earlier.

Coverity and clang have flagged this code several times in the past
(cpkt->id not set before send_control_event() passed it on to
send_control_msg()).  This will finally eliminate the false-positive.

CC: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
2012-12-18 13:04:42 +05:30
Paolo Bonzini
6f991980a5 Merge commit '1dd3a74d2ee2d873cde0b390b536e45420b3fe05' into HEAD
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-17 18:56:22 +01:00
Gerd Hoffmann
2f464b5a32 qxl: save qemu_create_displaysurface_from result
Spotted by Coverity.

https://bugzilla.redhat.com/show_bug.cgi?id=885644

Cc: qemu-stable@nongnu.org
Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-17 14:01:03 +01:00
Sander Eikelenboom
f1b8caf1d9 Fix compile errors when enabling Xen debug logging.
Signed-off-by: Sander Eikelenboom <linux@eikelenboom.it>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2012-12-17 11:37:43 +00:00
Stefano Stabellini
044b99c655 xen: fix trivial PCI passthrough MSI-X bug
We are currently passing entry->data as address parameter. Pass
entry->addr instead.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Tested-by: Sander Eikelenboom <linux@eikelenboom.it>
Xen-devel: http://marc.info/?l=xen-devel&m=135515462613715
2012-12-17 11:36:58 +00:00
Stefano Stabellini
2c1d4d15f0 xen: implement support for secondary consoles in the console backend
This patch corresponds to commit
840184a106bc24e745beda5c77e392f6cecd2bc9 from
git://xenbits.xensource.com/qemu-xen-unstable.git.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2012-12-17 11:36:09 +00:00
Michael S. Tsirkin
2059946358 pci_bus.h: tweak include guards
Now that header has been renamed, tweak include guards
to match.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-17 13:02:28 +02:00
Michael S. Tsirkin
952deab6cf pci_bus: update comment
Don't ask everyone to desist from including this header,
simply recommend using accessors.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-17 13:02:28 +02:00
Michael S. Tsirkin
06aac7bd50 pci: rename pci_internals.h pci_bus.h
There are lots of external users of pci_internals.h,
apparently making it an internal interface only didn't
work out. Let's stop pretending it's an internal header.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-17 13:02:27 +02:00
Michael S. Tsirkin
d9fb580548 Revert "pci: prepare makefiles for pci code reorganization"
This reverts commit 475d67c3bcd6ba9fef917b6e59d96ae69eb1a9b4.

Now that all users have been updated, we don't need the
makefile hack or the softlink anymore.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-17 13:02:27 +02:00
Michael S. Tsirkin
c759b24fae pci: fix path for local includes
Include dependencies from pci core using the correct path.
This is required now that it's in the separate directory.
Need to check whether they can be minimized, for now,
keep the code as is.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-17 13:02:27 +02:00
Michael S. Tsirkin
a2cb15b0dd pci: update all users to look in pci/
update all users so we can remove the makefile hack.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-17 13:02:26 +02:00
Michael S. Tsirkin
315a1350c4 pci: move pci core code to hw/pci
Move files and modify makefiles to pick them at the
new location.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-17 13:02:17 +02:00
Blue Swirl
a8a826a3c3 exec: refactor cpu_restore_state
Refactor common code around calls to cpu_restore_state().

tb_find_pc() has now no external users, make it static.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-12-16 08:35:24 +00:00
Blue Swirl
6d4e18925a Merge branch 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf
* 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf: (40 commits)
  pseries: Increase default NVRAM size
  target-ppc: Don't use hwaddr to represent hardware state
  PPC: e500: pci: Export slot2irq calculation
  PPC: E500plat: Make a lot of PCI slots available
  PPC: E500: Move PCI slot information into params
  PPC: E500: Generate dt pci irq map dynamically
  PPC: E500: PCI: Make IRQ calculation more generic
  PPC: E500: PCI: Make first slot qdev settable
  openpic: Accelerate pending irq search
  openpic: fix minor coding style issues
  MSI-X: Fix endianness
  PPC: e500: Declare pci bridge as bridge
  PPC: e500: Add MSI support
  openpic: add Shared MSI support
  openpic: make brr1 model specific
  openpic: convert to qdev
  openpic: remove irq_out
  openpic: rename openpic_t to OpenPICState
  openpic: convert simple reg operations to builtin bitops
  openpic: remove unused type variable
  ...
2012-12-15 09:05:26 +00:00
Gerd Hoffmann
bc210eb163 pixman: fix vnc tight png/jpeg support
This patch adds an x argument to qemu_pixman_linebuf_fill so it can
also be used to convert a partial scanline.  Then fix tight + png/jpeg
encoding by passing in the x+y offset, so the data is read from the
correct screen location instead of the upper left corner.

Cc: 1087974@bugs.launchpad.net
Cc: qemu-stable@nongnu.org
Reported-by: Tim Hardeneck <thardeck@suse.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-12-14 20:56:19 +00:00
David Gibson
a64ae610b9 pseries: Increase default NVRAM size
If no image file for NVRAM is specified, the pseries machine currently
creates a 16K non-persistent NVRAM by default.  This basically works, but
is not large enough for current firmware and guest kernels to create all
the NVRAM partitions they would like to.  Increasing the default size to
64K addresses this and stops the guest generating error messages.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:58 +01:00
Alexander Graf
9e2c12988b PPC: e500: pci: Export slot2irq calculation
We need the calculation method to get from a PCI slot ID to its respective
interrupt line twice. Once in the internal map function and once when
assembling the device tree.

So let's extract the calculation to a separate function that can be called
by both users.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:57 +01:00
Alexander Graf
3bb7e02a97 PPC: E500plat: Make a lot of PCI slots available
The ppce500 machine doesn't have to stick to hardware limitations,
as it's defined as being fully device tree based.

Thus we can change the initial PCI slot ID to 0x1 which gives us a
whopping 31 PCI devices we can support with this machine now!

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:57 +01:00
Alexander Graf
492ec48dc2 PPC: E500: Move PCI slot information into params
We have a params struct that allows us to expose differences between
e500 machine models. Include PCI slot information there, so we can have
different machines with different PCI slot topology.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:57 +01:00
Alexander Graf
347dd79dcc PPC: E500: Generate dt pci irq map dynamically
Today we're hardcoding the PCI interrupt map in the e500 machine file.
Instead, let's write it dynamically so that different machine types
can have different slot properties.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:57 +01:00
Alexander Graf
05f57d9de8 PPC: E500: PCI: Make IRQ calculation more generic
The IRQ line calculation is more or less hardcoded today. Instead, let's
write it as an algorithmic function that theoretically allows an arbitrary
number of PCI slots.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:57 +01:00
Alexander Graf
eafb325fb1 PPC: E500: PCI: Make first slot qdev settable
Today the first slot id in our e500 pci implementation is hardcoded to
0x11. Keep it there as default, but allow users to change the default to
a different id.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:57 +01:00
Alexander Graf
76aec1f8b6 openpic: Accelerate pending irq search
When we're done with one interrupt, we need to search for the next pending
interrupt in the queue. This search has grown quite big now that we have
more than 256 possible irq lines.

So let's memorize how many interrupts we have pending in our bitmaps, so
that we can always bail out in the usual case - the one where we're all done.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:57 +01:00
Alexander Graf
dbe30e13e8 openpic: fix minor coding style issues
This patch removes all remaining occurences of spaces before function
parameter indicating parenthesis.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:57 +01:00
Alexander Graf
68d1e1f52d MSI-X: Fix endianness
The MSI-X vector tables are usually stored in little endian in memory,
so let's mark the accessors as such.

This fixes MSI-X on e500 for me.

Signed-off-by: Alexander Graf <agraf@suse.de>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-14 13:12:57 +01:00
Alexander Graf
997505065d PPC: e500: Declare pci bridge as bridge
The new PCI host bridge device needs to identify itself as PCI host bridge.
Declare it as such.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:56 +01:00
Alexander Graf
a911b7a920 PPC: e500: Add MSI support
Now that our interrupt controller supports MSIs, let's expose that feature
to the guest through the device tree!

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:56 +01:00
Alexander Graf
732aa6ec26 openpic: add Shared MSI support
The OpenPIC allows MSI access through shared MSI registers. Implement
them for the MPC8544 MPIC, so we can support MSIs.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:56 +01:00
Alexander Graf
dbbbfd6058 openpic: make brr1 model specific
Now that we can properly distinguish between openpic model differences,
let's move brr1 out of the raven code path.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:56 +01:00
Alexander Graf
d0b7263134 openpic: convert to qdev
This patch converts the OpenPIC device to qdev. Along the way it
renames the "openpic" target to "raven" and the "mpic" target to
"fsl_mpic_20", to better reflect the actual models they implement.

This way we have a generic OpenPIC device now that can handle
different flavors of the OpenPIC specification.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:56 +01:00
Alexander Graf
5bac070111 openpic: remove irq_out
The current openpic emulation contains half-ready code for bypass mode.
Remove it, so that when someone wants to finish it they can start from a
clean state.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:56 +01:00
Alexander Graf
6d544ee8ac openpic: rename openpic_t to OpenPICState
Rename the openpic_t struct to OpenPICState, so it adheres better to
the current coding style rules.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:56 +01:00
Alexander Graf
1945dbc15f openpic: convert simple reg operations to builtin bitops
The openpic code has its own bitmap code to access bits inside of a
bitmap. However, that is overkill when we simply want to check for a
bit inside of a uint32_t.

So instead, let's use normal bit masks and C builtin shifts and ands.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:56 +01:00
Alexander Graf
e1d1085152 openpic: remove unused type variable
The openpic source irqs are carrying around a type indicator that
is never accessed by anything. Remove it.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:56 +01:00
Alexander Graf
35732cb41e openpic: unify memory api subregions
The only difference between the "openpic" and "mpic" memory api subregion
descriptors is the endianness. Unify them as openpic accessors with explicit
endianness markers in their names.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:56 +01:00
Alexander Graf
825463b384 openpic: combine openpic and mpic reset functions
The openpic and mpic reset handlers are almost identical. Combine
them and extract the differences into state variables.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:55 +01:00
Alexander Graf
c38c0b8ad0 openpic: merge mpic and openpic timer handling
The openpic and mpic timer handling code is basically the same.
Merge them.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:55 +01:00
Alexander Graf
5861a33898 openpic: combine mpic and openpic irq raise functions
The IRQ raise mechanisms of the OpenPIC and MPIC controllers is identical,
just that the MPIC one can also raise critical interrupts.

Combine those two and check for critical raise capability during runtime.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:55 +01:00
Alexander Graf
780d16b77f openpic: Convert subregions to memory api
The "openpic" controller is currently using one big region and does
subregion dispatching manually. Move this to the memory api.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:55 +01:00
Alexander Graf
a285f1ca70 openpic: combine mpic and openpic src handlers
The MPIC source irq handler suddenly became identical to the standard
OpenPIC source irq handler. Combine them into the same function.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:55 +01:00
Alexander Graf
b9b2aaa3c6 openpic: update to proper memory api
The openpic code was still using the old mmio memory api. Convert it to
be a generic memory api user and clean up some code that becomes redundant
that way.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:55 +01:00
Alexander Graf
cdbb912a6f mpic: Unify numbering scheme
MPIC interrupt numbers in Linux (device tree) and in QEMU are different,
because QEMU takes the sparseness of the IRQ number space into account.

Remove that cleverness and instead assume a flat number space. This makes
the code easier to understand, because we are actually aligned with Linux
on the view of our worlds.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:55 +01:00
Alexander Graf
38898d7ed8 openpic: Remove unused code
The openpic code had a few WIP bits left that nobody reanimated within
the last few years. Remove that code.

Signed-off-by: Alexander Graf <agraf@suse.de>
Acked-by: Hervé Poussineau <hpoussin@reactos.org>
2012-12-14 13:12:55 +01:00
David Gibson
8b1853e7d8 pseries: Don't allow TCE (iommu) tables to be registered with duplicate LIOBNs
The PAPR specification requires that every bus or device mediated by the
IOMMU have a unique Logical IO Bus Number (LIOBN).  This patch adds a check
to enforce this, which will help catch errors in configuration earlier.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:55 +01:00
Bharat Bhushan
3eddc1be1c Adding BAR0 for e500 PCI controller
PCI Root complex have TYPE-1 configuration header while PCI endpoint
have type-0 configuration header. The type-1 configuration header have
a BAR (BAR0). In Freescale PCI controller BAR0 is used for mapping pci
address space to CCSR address space. This can used for 2 purposes: 1)
for MSI interrupt generation 2) Allow CCSR registers access when configured
as PCI endpoint, which I am not sure is a use case with QEMU-KVM guest.

What I observed is that when guest read the size of BAR0 of host controller
configuration header (TYPE1 header) then it always reads it as 0. When
looking into the QEMU hw/ppce500_pci.c, I do not find the PCI controller
device registering BAR0. I do not find any other controller also doing so
may they do not use BAR0.

There are two issues when BAR0 is not there (which I can think of):
1) There should be BAR0 emulated for PCI Root complex (TYPE1 header) and
when reading the size of BAR0, it should give size as per real h/w.

2) Do we need this BAR0 inbound address translation?
        When BAR0 is of non-zero size then it will be configured for PCI
address space to local address(CCSR) space translation on inbound access.
The primary use case is for MSI interrupt generation. The device is
configured with an address offsets in PCI address space, which will be
translated to MSI interrupt generation MPIC registers. Currently I do
not understand the MSI interrupt generation mechanism in QEMU and also
IIRC we do not use QEMU MSI interrupt mechanism on e500 guest machines.
But this BAR0 will be used when using MSI on e500.

I can see one more issue, There are ATMUs emulated in hw/ppce500_pci.c,
but i do not see these being used for address translation.
So far that works because pci address space and local address space are 1:1
mapped. BAR0 inbound translation + ATMU translation will complete the address
translation of inbound traffic.

Signed-off-by: Bharat Bhushan <bharat.bhushan@freescale.com>
[agraf: fix double variable assignment w/o read]
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:54 +01:00
Bharat Bhushan
dffb1dc29f e500: Adding CCSR memory region
All devices are also placed under CCSR memory region.
The CCSR memory region is exported to pci device. The MSI interrupt
generation is the main reason to export the CCSR region to PCI device.
This put the requirement to move mpic under CCSR region, but logically
all devices should be under CCSR. So this patch places all emulated
devices under ccsr region.

Signed-off-by: Bharat Bhushan <bharat.bhushan@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:54 +01:00
David Gibson
639e8102ae pseries: Implement PAPR NVRAM
The PAPR specification requires a certain amount of NVRAM, accessed via
RTAS, which we don't currently implement in qemu.  This patch addresses
this deficiency, implementing the NVRAM as a VIO device, with some glue to
instantiate it automatically based on a machine option.

The machine option specifies a drive id, which is used to back the NVRAM,
making it persistent.  If nothing is specified, the driver instead simply
allocates space for the NVRAM, which will not be persistent

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:54 +01:00
David Gibson
22a2611c9c pseries: Split xics irq configuration from state information
Currently the XICS irq controller code has a per-irq state structure which
amongst other things includes whether the interrupt is level or message
triggered - this is configured by the platform code, and is not directly
visible to the guest.  This leads to a slightly awkward construct at reset
time where we need to reset everything in the state structure _except_ the
lsi/msi flag, which needs to retain the information given at platform init
time.

More importantly this flag will make matching the qemu state to the KVM
state for the upcoming in-kernel XICS implementation more awkward.  This
patch, therefore, removes this flag from the per-irq state structure,
instead adding a parallel array giving the lsi/msi configuration per irq.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:54 +01:00
David Gibson
500efa2319 pseries: Add tracepoints to the XICS interrupt controller
This patch adds tracing / debugging calls to the XICS interrupt controller
implementation used on the pseries machine.

Signed-off-by: Ben Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:54 +01:00
Ben Herrenschmidt
d36b66f7a4 pseries: Allow RTAS tokens without a qemu handler
Kernel-based RTAS calls will not have a qemu handler, but will
still be registered in qemu in order to be assigned a token
number and appear in the device-tree.

Let's test for the name being NULL rather than the handler
when deciding to skip an entry while building the device-tree

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:54 +01:00
Michael Ellerman
4aac82c346 pseries: Return the token when we register an RTAS call
The kernel will soon be able to service some RTAS calls. However the
choice of tokens will still be up to userspace. To support this have
spapr_rtas_register() return the token that is allocated for an
RTAS call, that allows the calling code to tell the kernel what the
token value is.

Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:54 +01:00
Ben Herrenschmidt
bf3bc4c4e9 pseries: Use #define for XICS base irq number
Currently the lowest "real" irq number for the XICS irq controller (as
opposed to numbers reserved for IPIs and other special purposes) is
hard coded as 16 in two places - in xics_system_init() and in spapr.c.

As well as being generally bad practice, we're going to need to change this
number soon to fit in with the in-kernel XICS implementation.  This patch
adds a #define for this number to avoid future breakage.

Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: Ben Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:53 +01:00
David Gibson
044f4c8b0e pseries: Fix incorrect initialization of interrupt controller
Currently in the reset code for the XICS interrupt controller, we
initialize the pending_priority field to 0 (most favored, by XICS
convention).  This is incorrect, since there is no pending interrupt, it
should be set to least favored - 0xff.  At the moment our XICS
implementation doesn't get hurt by this edge case, but it does confuse the
upcoming kernel XICS implementation.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-12-14 13:12:53 +01:00
Anthony Liguori
e376a788ae Merge remote-tracking branch 'kwolf/for-anthony' into staging
* kwolf/for-anthony: (43 commits)
  qcow2: Factor out handle_dependencies()
  qcow2: Execute run_dependent_requests() without lock
  qcow2: Enable dirty flag in qcow2_alloc_cluster_link_l2
  qcow2: Allocate l2meta only for cluster allocations
  qcow2: Drop l2meta.cluster_offset
  qcow2: Allocate l2meta dynamically
  qcow2: Introduce Qcow2COWRegion
  qcow2: Round QCowL2Meta.offset down to cluster boundary
  atapi: reset cdrom tray statuses on ide_reset
  qemu-iotests: Test concurrent cluster allocations
  qcow2: Move BLKDBG_EVENT out of the lock
  qemu-io: Add AIO debugging commands
  blkdebug: Implement suspend/resume of AIO requests
  blkdebug: Factor out remove_rule()
  blkdebug: Allow usage without config file
  create new function: qemu_opt_set_number
  use qemu_opts_create_nofail
  introduce qemu_opts_create_nofail function
  qemu-option: qemu_opt_set_bool(): fix code duplication
  qemu-option: qemu_opts_validate(): fix duplicated code
  ...

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-13 14:32:28 -06:00
Anthony Liguori
df9330070e Merge remote-tracking branch 'pmaydell/arm-devs.next' into staging
* pmaydell/arm-devs.next:
  hw/ds1338.c: Fix handling of DAY (wday) register.
  hw/ds1338.c: Implement support for the control register.
  hw/ds1338.c: Ensure state is properly initialized.
  hw/ds1338.c: Fix handling of HOURS register.
  hw/ds1338.c: Add definitions for various flags in the RTC registers.
  hw/ds1338.c: Correct bug in conversion to BCD.
  exynos4210/mct: Avoid infinite loop on non incremental timers
  hw/arm_gic: fix target CPUs affected by set enable/pending ops
  xilinx_zynq: Add one variable to avoid overwriting QSPI bus
  hw/arm_gic_common: Correct GICC_PMR reset value for newer GICs
  hw/arm_gic: Fix comparison with priority mask register
  hw/arm_boot, exynos4210, highbank: Fix secondary boot GIC init

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-13 11:41:57 -06:00
Antoine Mathys
871edc5fdb hw/ds1338.c: Fix handling of DAY (wday) register.
Per the datasheet, the DAY (wday) register is user defined. Implement this.

Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-13 14:05:28 +00:00
Antoine Mathys
996e91f04b hw/ds1338.c: Implement support for the control register.
Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-13 14:05:28 +00:00
Antoine Mathys
ed3d37d287 hw/ds1338.c: Ensure state is properly initialized.
Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-13 14:05:28 +00:00
Antoine Mathys
59dda8e05b hw/ds1338.c: Fix handling of HOURS register.
Per the datasheet, the mapping between 12 and 24 hours modes is:
      0      <->  12   PM
      1-12   <->  1-12 AM
      13-23  <->  1-11 PM

Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-13 14:05:27 +00:00
Antoine Mathys
95c9361598 hw/ds1338.c: Add definitions for various flags in the RTC registers.
Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-13 14:05:27 +00:00
Antoine Mathys
580f5c0008 hw/ds1338.c: Correct bug in conversion to BCD.
Signed-off-by: Antoine Mathys <barsamin@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-13 14:05:27 +00:00
Amit Shah
a75bf14650 virtio-serial: delete timer if active during exit
The post_load timer was being freed, but not deleted.  This could cause
problems when the timer is armed, but the device is hot-unplugged before
the callback is executed.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
2012-12-13 16:01:26 +05:30
Amit Shah
bdb917bf8a virtio-serial: allocate post_load only at load-time
This saves us a few bytes in the VirtIOSerial struct.  Not a big
savings, but since the entire structure is used only during a short
while after migration, it's helpful to keep the struct cleaner and
smaller.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
2012-12-13 16:01:26 +05:30
Amit Shah
2e575a86ab virtio-serial: move active ports loading to separate function
The virtio_serial_load() function became too big, split the code that
gets the port info from the source into a separate function.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
2012-12-13 16:01:26 +05:30
Amit Shah
c3587ca1a2 virtio-serial: use uint32_t to count ports
Signed-off-by: Amit Shah <amit.shah@redhat.com>
2012-12-13 15:56:19 +05:30
Pavel Hrdina
a7f3d65b65 atapi: reset cdrom tray statuses on ide_reset
Tray statuses should be also reseted. Some guests may lock the tray
and after reset before any kernel is loaded the tray should be unlocked.

Also if you reset the real computer the tray is closed. We should
do the same in qemu.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-12-13 11:17:35 +01:00
Michael S. Tsirkin
29002d9e10 pci: prepare makefiles for pci code reorganization
To make it easier to move code around without breaking
build at intermedite steps, tweak makefiles
to look in pci/ and hw/ for include files, automatically.
This will be reverted at the end of the reorganization.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-12-12 23:41:03 +02:00
Jason Baron
6f918e40e6 Fixup q35/ich9 Licenses
Cleanup the q35/ich9 license headers.

Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Isaku Yamahata <yamahata@valinux.co.jp>
2012-12-12 23:36:20 +02:00
Dong Xu Wang
e478b448d7 use qemu_opts_create_nofail
We will use qemu_opts_create_nofail function, it can make code
more readable.

Signed-off-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-12-11 16:35:47 +01:00
Jean-Christophe DUBOIS
97331270e5 exynos4210/mct: Avoid infinite loop on non incremental timers
Check for a 0 "distance" value to avoid infinite loop when the
expired FCR timer was not programed with auto-increment.

With this change the behavior is coherent with the same type
of code in the exynos4210_gfrc_restart() function in the same
file.

Linux seems to mostly use this timer with auto-increment
which explain why it is not a problem most of the time.

However other OS might have a problem with this if they
don't use the auto-increment feature.

Signed-off-by: Jean-Christophe DUBOIS <jcd@tribudubois.net>
Reviewed-by: Evgeny Voevodin <e.voevodin@samsung.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-11 12:54:47 +00:00
Daniel Sangorrin
f47b48fb67 hw/arm_gic: fix target CPUs affected by set enable/pending ops
Fix a bug on the ARM GIC model where interrupts are not
set pending on the correct target CPUs when they are
triggered by writes to the Interrupt Set Enable or
Set Pending registers.

Signed-off-by: Daniel Sangorrin <dsl@ertl.jp>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-11 11:30:38 +00:00
walimis
79f5d67e9d xilinx_zynq: Add one variable to avoid overwriting QSPI bus
commit 7b482bcf xilinx_zynq: added QSPI controller

Adds one QSPI controller, which has two spi buses, one is for
spi0, and another is for spi1. But when initializing the spi1
bus, "dev" has been overwrited by the ssi_create_slave_no_init() function,
so that qdev_get_child_bus() returns NULL and the last two m25p80 flashes
won't be attached to the spi1 bus, but to main-system-bus.

Here we add one variable to avoid overwriting.

Signed-off-by: Liming Wang <walimisdev@gmail.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-12-11 11:30:37 +00:00
Peter Maydell
ee3f095680 hw/arm_gic_common: Correct GICC_PMR reset value for newer GICs
The GIC architecture specification for v1 and v2 GICs (as found
on the Cortex-A9 and newer) states that the GICC_PMR reset value
is zero; this differs from the 0xf0 reset value used on 11MPCore.
The NVIC is different again in not having a CPU interface; since
we share the GIC code we must force the priority mask field to
allow through all interrupts.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
2012-12-11 11:30:37 +00:00
Peter Maydell
cad065f18e hw/arm_gic: Fix comparison with priority mask register
The GIC spec states that only interrupts with higher priority
than the value in the GICC_PMR priority mask register are
passed through to the processor. We were incorrectly allowing
through interrupts with a priority equal to the specified
value: correct the comparison operation to match the spec.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
2012-12-11 11:30:37 +00:00
Peter Maydell
bf471f7950 hw/arm_boot, exynos4210, highbank: Fix secondary boot GIC init
Fix the code in the secondary CPU boot stubs so that it correctly
initialises the GIC rather than relying on bugs or implementation
dependent aspects of the QEMU GIC implementation:
 * set the GIC_PMR.Priority field to all-ones, so that all
   interrupts are passed through. The default of all-zeroes
   means all interrupts are masked, and QEMU only booted because
   of a bug in the priority masking in our GIC implementation.
 * add a barrier after GIC setup and before WFI to ensure that
   GIC config is complete before we go into a possible low power
   state. This isn't needed with the software GIC model but could
   be required when using KVM and executing this code on the
   real hardware CPU.

Note that of the three secondary stub implementations, only
the common generic one needs to support both v6 and v7 DSB
encodings; highbank and exynos4210 will always be v7 CPUs.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
2012-12-11 11:30:37 +00:00
Christian Borntraeger
2d0d2837dc Support default block interfaces per QEMUMachine
There are QEMUMachines that have neither IF_IDE nor IF_SCSI as a
default/standard interface to their block devices / drives. Therefore,
this patch introduces a new field default_block_type per QEMUMachine
struct. The prior use_scsi field becomes thereby obsolete and is
replaced through .default_block_type = IF_SCSI.

This patch also changes the default for s390x to IF_VIRTIO and
removes an early hack that converts IF_IDE drives.
Other parties have already claimed interest (e.g. IF_SD for exynos)

To create a sane default, for machines that dont specify a
default_block_type, this patch makes IF_IDE = 0 and IF_NONE = 1.
I checked all users of IF_NONE (blockdev.c and ww/device-hotplug.c)
as well as IF_IDE and it seems that it is ok to change the defines -
in other words, I found no obvious (to me) assumption in the code
regarding IF_NONE==0. IF_NONE is only set if there is an
explicit if=none. Without if=* the interface becomes IF_DEFAULT.

I would suggest to have some additional care, e.g. by letting
this patch sit some days in the block tree.

Based on an initial patch from Einar Lueck <elelueck@de.ibm.com>

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
CC: Igor Mitsyanko <i.mitsyanko@samsung.com>
CC: Markus Armbruster <armbru@redhat.com>
CC: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Acked-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-11 11:05:10 +01:00
David Gibson
d567e62f98 virtio-blk: Remove duplicate property definition
For the virtio-blk device (via virtio-pci) the property "config-wce" is
defined in two places.  First, it's defined from the
DEFINE_VIRTIO_BLK_FEATURES macro, second it's defined directly in
virtio-pci, just two lines above the call to that macro.

The direct definition in virtio-pci.c is broken, since it operates on the
'config_wce' field of VirtIOBlkConf, which is never used anywhere else.
Therefore, this patch removes both the extra property definition and the
redundant field it works on.

Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Cc: Paul 'Rusty' Russell <rusty@rustcorp.com.au>

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-11 11:04:25 +01:00
Alex Williamson
d281084d3e vfio-pci: Don't use kvm_irqchip_in_kernel
kvm_irqchip_in_kernel() has an architecture specific meaning, so
we shouldn't be using it to determine whether to enabled KVM INTx
bypass.  kvm_irqfds_enabled() seems most appropriate.  Also use this
to protect our other call to kvm_check_extension() as that explodes
when KVM isn't enabled.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Cc: qemu-stable@nongnu.org
2012-12-10 11:30:03 -07:00
Anthony Liguori
1c97e303d4 Merge remote-tracking branch 'afaerber/qom-cpu' into staging
* afaerber/qom-cpu:
  target-i386: Postpone cpuid_level update to realize time
  target-i386: Use define for cpuid vendor string size
  target-i386: Separate feature string parsing from CPU model lookup
  target-i386/cpu.c: Coding style fixes
  qdev: qdev_create(): use error_report() instead of hw_error()
  sysemu.h: Include qemu-types.h instead of qemu-common.h
  Create qemu-types.h for struct typedefs
  qlist.h: Do not include qemu-common.h
  qga/channel-posix.c: Include headers it needs
  qapi/qmp-registry.c: Include headers it needs
  ui/vnc-palette.c: Include headers it needs
  user: Rename qemu-types.h to qemu-user-types.h
  user: Move *-user/qemu-types.h to main directory

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-10 08:35:15 -06:00
Anthony Liguori
7c12fd9b29 Merge remote-tracking branch 'stefanha/trivial-patches' into staging
* stefanha/trivial-patches:
  pc_sysfw: Plug memory leak on pc_fw_add_pflash_drv() error path
  qemu-options: Fix space at EOL
  Fix spelling in comments and documentation
  Clean up pci_drive_hot_add()'s use of BlockInterfaceType
  arm: a9mpcore: remove un-used ptimer_iomem field
  target-sparc: Remove t0, t1 from CPUSPARCState
  target-m68k: Remove t1 from CPUM68KState
  target-alpha: Remove t0, t1 from CPUAlphaState
  s390x: Spelling fixes (endianess -> endianness, occured -> occurred)
  Fix comments (adress -> address, layed -> laid, wierd -> weird)
  Fix spelling (prefered -> preferred)
  configure: Remove stray debug output
  sd: Send debug printfery to stderr not stdout

Conflicts:
	configure

Resolve spelling conflict in configure.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-10 08:34:29 -06:00
Anthony Liguori
8385b173a0 Merge remote-tracking branch 'kraxel/acpi.1' into staging
* kraxel/acpi.1:
  acpi: drop debug port
  q35: update lpc pci config space according to configured devices
  apci: switch piix4 pci hotplug to memory api
  acpi: remove acpi_gpe_blk
  apci: switch piix4 gpe to memory api
  acpi: fix piix4 smbus mapping
  acpi: switch smbus to memory api
  acpi: cleanup ich9 memory region
  apci: switch ich9 smi to memory api
  apci: switch ich9 gpe to memory api
  acpi: cleanup vt82c686 memory region
  acpi: cleanup piix4 memory region
  apci: switch evt to memory api
  apci: switch cnt to memory api
  apci: switch timer to memory api
  apci: switch vt82c686 to memory api
  apci: switch ich9 to memory api
  apci: switch piix4 to memory api

Conflicts:
	hw/lpc_ich9.c

Resolved merge conflict due to apm_init adding an argument.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-10 08:33:11 -06:00
Anthony Liguori
c62adbee15 Merge remote-tracking branch 'kraxel/usb.74' into staging
* kraxel/usb.74:
  usb-tablet: Allow connecting to ehci
  ehci: Lower timer freq when the periodic schedule is idle
  usb: Allow overriding of usb_desc at the device level
  usb: Don't allow USB_RET_ASYNC for interrupt packets
  usb: Call wakeup when data becomes available for all devices with int eps
  add pc-1.4

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-10 08:31:19 -06:00
Blue Swirl
536b558f58 Merge branch 'master' of git.qemu-project.org:/pub/git/qemu
* 'master' of git.qemu-project.org:/pub/git/qemu:
  target-mips: Fix incorrect shift for SHILO and SHILOV
  target-mips: Fix incorrect code and test for INSV
  xilinx_uartlite: Accept input after rx FIFO pop
  xilinx_uartlite: suppress "cannot receive message"
  xilinx_axienet: Implement R_IS behaviour
2012-12-08 17:50:57 +00:00
Markus Armbruster
654598c944 pc_sysfw: Plug memory leak on pc_fw_add_pflash_drv() error path
Harmless, because we the error inevitably leads to another, fatal one
in pc_system_flash_init(): PC system firmware (pflash) not available.
Fix it anyway.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-07 12:34:12 +01:00
Stefan Weil
993d46ce7e Fix spelling in comments and documentation
These spelling bugs were found by codespell:

supressing -> suppressing
transfered -> transferred

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-07 12:34:12 +01:00
Markus Armbruster
4dbd84e26f Clean up pci_drive_hot_add()'s use of BlockInterfaceType
pci_drive_hot_add() parameter type has the wrong type: int instead of
BlockInterfaceType.  It's actually redundant, so we can just drop it.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-07 12:34:12 +01:00
Peter Crosthwaite
036f0f8356 arm: a9mpcore: remove un-used ptimer_iomem field
I'm guessing this is a hangover from a previous coreification of the mptimer
sub-module. This field is completely unused - removed.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-07 12:34:12 +01:00
Stefan Weil
8367a14fd3 s390x: Spelling fixes (endianess -> endianness, occured -> occurred)
Replace also "write into" by "write to".

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-07 12:34:11 +01:00
Peter Crosthwaite
038d3d4459 sd: Send debug printfery to stderr not stdout
Some debug printfs for SD are coming up in stdout. Redirected them to stderr
instead.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-07 12:34:11 +01:00
Eduardo Habkost
23e3fbec33 qdev: qdev_create(): use error_report() instead of hw_error()
hw_error() is specific for fatal hardware emulation errors, not for
internal errors related to the qdev object/class abstraction or object
initialization.

Replace it with an error_report() call, followed by abort().

This will also help reduce dependencies of the qdev code (as hw_error()
is from cpus.o, and depends on the CPU list from exec.o).

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-06 09:17:05 +01:00
Eduardo Habkost
394e1bb795 Create qemu-types.h for struct typedefs
Instead of keeping all those struct typedefs in qemu-common.h, move it
to a header that can be safely included by other headers, containing
only the struct typedefs and not pulling in other dependencies.

Also, move some of the qdev-core.h typedefs to the new file, too, so
other headers don't need to include qdev-core.h only because of
DeviceState and other typedefs.

This will help us remove qemu-common.h dependencies from some headers
later.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-06 09:17:05 +01:00
Peter Crosthwaite
80625b97b5 xilinx_uartlite: Accept input after rx FIFO pop
The device return false from the can receive function when the FIFO is
full. This mean the device should check for buffered input whenever a byte is
popped from the FIFO.

Reported-by: Jason Wu <huanyu@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-12-05 09:20:36 +01:00
Peter Crosthwaite
859cc10d23 xilinx_uartlite: suppress "cannot receive message"
This message is not an error condition, its just informing the user that
the device is corking the uart traffic to not drop characters.

Reported-by: Jason Wu <huanyu@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-12-05 09:20:36 +01:00
Peter Crosthwaite
d4d230da08 xilinx_axienet: Implement R_IS behaviour
The interrupt status register R_IS is the standard clear-on-write behaviour.
This was unimplemented and defaulting to updating the register to the written
value. Implemented clear-on-write.

Reported-by: Jason Wu <huanyu@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2012-12-05 09:20:36 +01:00
Julien Grall
5822993368 hw/dma.c: Replace register_ioport_*
Replace all register_ioport_*() with the new Memory API functions.
This permits to use the new Memory stuff like listeners.

Signed-off-by: Julien Grall <julien.grall@citrix.com>
Acked-by: Avi Kivity <avi@redhat.com>
[AF: Rebased onto hwaddr]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-04 14:50:22 +01:00
Julien Grall
258711c644 hw/pc.c: Replace register_ioport_*
Replace all register_ioport_*() with portio_*() or a MemoryRegion.
This permits to use the new Memory stuff like listeners.

Signed-off-by: Julien Grall <julien.grall@citrix.com>
Acked-by: Avi Kivity <avi@redhat.com>
[AF: Rebased onto hwaddr]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-04 14:50:22 +01:00
Julien Grall
568fd159e4 serial: Replace register_ioport_*
Replace all register_ioport_*() with a MemoryRegion.
This permits to use the new Memory stuff like listeners.

For more flexibility, the IO address space is passed as an argument.

Signed-off-by: Julien Grall <julien.grall@citrix.com>
Acked-by: Avi Kivity <avi@redhat.com>
[AF: Rebased onto serial split]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-04 14:50:22 +01:00
Julien Grall
c75e6d8e35 hw/cirrus_vga.c: Replace register_ioport_*
Replace all register_ioport_*() with the new Memory API.
This permits to use the new Memory stuff like listeners.

Signed-off-by: Julien Grall <julien.grall@citrix.com>
Acked-by: Avi Kivity <avi@redhat.com>
[AF: Rebased onto hwaddr]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-04 14:50:21 +01:00
Julien Grall
42d8a3cf96 hw/apm.c: Replace register_ioport_*
Replace all register_ioport_*() with a MemoryRegion.
This permits to use the new Memory stuff like listeners.

Moreover, the PCI device is added as an argument for apm_init(),
so we can register IO inside the PCI IO address space.

Signed-off-by: Julien Grall <julien.grall@citrix.com>
Acked-by: Avi Kivity <avi@redhat.com>
[AF: Rebased onto hwaddr and q35]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-04 14:50:21 +01:00
Julien Grall
ac10027327 isa: Add isa_address_space_io()
This function permits to retrieve ISA IO address space.
It will be usefull when we need to pass IO address space as argument.

Signed-off-by: Julien Grall <julien.grall@citrix.com>
Acked-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-12-04 14:50:21 +01:00
Hans de Goede
427e3aa151 usb-tablet: Allow connecting to ehci
Our ehci code has is capable of significantly lowering the wakeup rate
for the hcd emulation while the device is idle. It is possible to add
similar code ot the uhci emulation, but that simply is not there atm,
and there is no reason why a (virtual) usb-tablet can not be a USB-2 device.

Making usb-hid devices connect to the emulated ehci controller instead
of the emulated uhci controller on vms which have both lowers the cpuload
for a fully idle vm from 20% to 2-3% (on my laptop).

An alternative implementation to using a property to select the tablet
type, would be simply making it a new device type, ie usb-tablet2, but the
downside of that is that this will require libvirt changes to be available
through libvirt at all, and then management tools changes to become the
default for new vms, where as using a property will automatically get
any pc-1.3 type vms the lower cpuload.

[ kraxel: adapt compat property for post-1.3 merge ]

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

tablet compat fixup

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:42:05 +01:00
Hans de Goede
8082624099 ehci: Lower timer freq when the periodic schedule is idle
Lower the timer freq if no iso schedule packets complete for 64 frames in
a row.

We can safely do this, without adding latency, because:
1) If there is isoc traffic this will never trigger
2) For async handled interrupt packets (only usb-host), the completion handler
   will immediately schedule the frame_timer from a bh
3) All devices using NAK to signal no data for interrupt endpoints now use
   wakeup, which will immediately schedule the frame_timer from a bh

The advantage of this is that when we only have interrupt packets in the
periodic schedule, async_stepdown can do its work and significantly lower
the frequency at which the frame_timer runs.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Hans de Goede
386ab487eb usb: Allow overriding of usb_desc at the device level
This allows devices to present a different set of descriptors based on
device properties.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Hans de Goede
be41efde3c usb: Don't allow USB_RET_ASYNC for interrupt packets
It is tempting to use USB_RET_ASYNC for interrupt packets, rather then the
current NAK + polling approach, but this causes issues for migration, as
an async completed packet will not getting written back to guest memory until
the next poll time, and if a migration happens in between it will get lost!

Make an exception for host devices, because:
1) host-linux actually uses async completion for interrupt endpoints
2) host devices don't migrate anyways

Ideally we would convert host-linux.c to handle (input) interrupt endpoints in
a buffered manner like it does for isoc endpoints, keeping multiple urbs
submitted to ensure the devices timing requirements are met, as well as making
its interrupt ep handling the same as other usb-devices.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Hans de Goede
8beba93043 usb: Call wakeup when data becomes available for all devices with int eps
This is necessary for proper interaction with the xhci controller, and it
will allow other hcds to lower there frame timer while waiting for interrupt
data.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Gerd Hoffmann
f1ae2e3883 add pc-1.4
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 14:41:54 +01:00
Gerd Hoffmann
3e43749882 acpi: drop debug port
I'm pretty sure this isn't needed any more.  I think this predates the
switch to seabios, and the seabios DSDT table has a DBUG() aml macro
which writes stuff to the seabios debug port (0x402).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
3f5bc9e8af q35: update lpc pci config space according to configured devices
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
c177684c75 apci: switch piix4 pci hotplug to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
c84649ca66 acpi: remove acpi_gpe_blk
With gpe being switched to memory api this is no longer needed.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
b65b93f24c apci: switch piix4 gpe to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
24fe083de6 acpi: fix piix4 smbus mapping
Make write to the smbus base register and enable bit actually work.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
798512e552 acpi: switch smbus to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
4a522de090 acpi: cleanup ich9 memory region
Nothing left to do, everything handled by subregions,
we can zap the reaw/write handlers now.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
10cc69b0de apci: switch ich9 smi to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
76a7daf974 apci: switch ich9 gpe to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:43 +01:00
Gerd Hoffmann
a0f95659da acpi: cleanup vt82c686 memory region
Nothing left to do, everything handled by subregions,
we can zap the reaw/write handlers now.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
ca5d64b4b4 acpi: cleanup piix4 memory region
Nothing left to do, everything handled by subregions,
we can zap the reaw/write handlers now.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
b5a7c024d2 apci: switch evt to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
afafe4bbe0 apci: switch cnt to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
77d58b1e47 apci: switch timer to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
a29028214c apci: switch vt82c686 to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
cacaab8bdd apci: switch ich9 to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Gerd Hoffmann
af11110bb8 apci: switch piix4 to memory api
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-12-04 13:52:42 +01:00
Michael Contreras
b0d9ffcd02 e1000: Discard packets that are too long if !SBP and !LPE
The e1000_receive function for the e1000 needs to discard packets longer than
1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes
this behavior and allocates memory based on this assumption.

Signed-off-by: Michael Contreras <michael@inetric.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-03 08:14:10 -06:00
Anthony Liguori
90e07938aa Merge remote-tracking branch 'kwolf/for-anthony' into staging
* kwolf/for-anthony:
  coroutine-sigaltstack.c: Use stack_t, not struct sigaltstack
  stream: fix ratelimit_set_speed
  atapi: make change media detection for guests easier
  Documentation: Update image format information
  Documentation: Update block cache mode information

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-30 10:24:24 -06:00
Anthony Liguori
3235f92784 Merge remote-tracking branch 'spice/spice.v65' into staging
* spice/spice.v65:
  qxl: reload memslots after migration, when qxl is in UNDEFINED mode

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-30 10:20:36 -06:00
Anthony Liguori
923fd9897b Merge remote-tracking branch 'kraxel/usb.73' into staging
* kraxel/usb.73:
  ehci-sysbus: Attach DMA context.
  usb: fail usbdevice_create() when there is no USB bus
  usb: tag usb host adapters as not hotpluggable.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-30 10:20:21 -06:00
Pavel Hrdina
0c6f08b0b0 atapi: make change media detection for guests easier
If you have a guest with a media in the optical drive and you change
it, the windows guest cannot properly recognize this media change.

Windows needs to detect sense "NOT_READY with ASC_MEDIUM_NOT_PRESENT"
before we send sense "UNIT_ATTENTION with ASC_MEDIUM_MAY_HAVE_CHANGED".

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-30 11:33:24 +01:00
Michael S. Tsirkin
e1f7b4812e virtio: limit avail bytes lookahead
Commit 0d8d769085 introduced
a regression in virtio-net performance because it looks
into the ring aggressively while we really only care
about a single packet worth of buffers.
Reported as bugzilla 1066055 in launchpad.

To fix, add parameters limiting lookahead, and
use in virtqueue_avail_bytes.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reported-by: Edivaldo de Araujo Pereira <edivaldoapereira@yahoo.com.br>
Tested-by: Edivaldo de Araujo Pereira <edivaldoapereira@yahoo.com.br>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-29 17:25:02 -06:00
Anthony Liguori
e912c96f7d qdev: relax bus type check in qdev_device_add() (v2)
We are currently checking for an exact type match.  Use QOM dynamic_cast to
check for a compatible type instead.

Cc: Konrad Frederic <fred.konrad@greensocs.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
v1 -> v2:
 - also add cast to qbus_find_recursive (Peter)
 - simplify by doing object_dynamic_cast instead of messing with classes
2012-11-29 09:11:03 -06:00
Peter Crosthwaite
2b29f492c8 ehci-sysbus: Attach DMA context.
This was left as NULL on the initial merge due to debate on the mailing list on
how to handle DMA contexts for sysbus devices. Patch
9e11908f12 was later merged to fix OHCI. This is the,
equivalent fix for sysbus EHCI.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-29 08:04:13 +01:00
Stefan Hajnoczi
c128d6a6d7 usb: fail usbdevice_create() when there is no USB bus
Report an error instead of segfaulting when attaching a USB device to a
machine with no USB busses:

  $ qemu-system-arm -machine vexpress-a9 \
      -sd Fedora-17-armhfp-vexpress-mmcblk0.img \
      -kernel vmlinuz-3.4.2-3.fc17.armv7hl \
      -initrd initramfs-3.4.2-3.fc17.armv7hl.img \
      -usbdevice disk:format=raw:test.img

Note that the vexpress-a9 machine does not have a USB host controller.

Reported-by: David Abdurachmanov <David.Abdurachmanov@cern.ch>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-29 08:04:13 +01:00
Gerd Hoffmann
6c2d1c32d0 usb: tag usb host adapters as not hotpluggable.
Hotplugging them simply doesn't work, so tag them accordingly to
avoid users trying and then crashing qemu.

For xhci there is nothing fundamental which prevents hotplug from
working, we'll "only" need a exit() function which cleans up
everything properly.  That isn't for 1.3 though.

For ehci+uhci+ohci hotplug can't be supported until qemu gains the
capability to hotplug multifunction pci devices.

https://bugzilla.redhat.com/show_bug.cgi?id=879096

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-29 08:04:13 +01:00
Yonit Halperin
fa98efe932 qxl: reload memslots after migration, when qxl is in UNDEFINED mode
The devram memslot stays active when qxl enters UNDEFINED mode (i.e, no
primary surface). If migration has occurred while the device is in
UNDEFINED stae, the memslots have to be reloaded at the destination.

Fixes rhbz#874574

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-29 07:58:45 +01:00
Anthony Liguori
e6451fd372 Merge remote-tracking branch 'bonzini/scsi-next' into staging
* bonzini/scsi-next:
  virtio-scsi: Fix subtle (guest) endian bug
  virtio-scsi: Fix some endian bugs with virtio-scsi
  iscsi: do not assume device is zero initialized
  iscsi: fix deadlock during login
  iscsi: fix segfault in url parsing

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-28 13:19:24 -06:00
Anthony Liguori
0a6b2ac0cf Merge remote-tracking branch 'agraf/s390-for-upstream-1.3' into staging
* agraf/s390-for-upstream-1.3:
  sclp: Fix uninitialized var in handle_write_event_buf().
  s390: Fix ram_size updating in machine init

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-28 13:19:16 -06:00
Anthony Liguori
7e68494b0b Merge remote-tracking branch 'agraf/ppc-for-upstream-1.3' into staging
* agraf/ppc-for-upstream-1.3:
  fbdev: fix pixman compile on old pixman
  vl.c: Fix broken -usb option
  pseries: Fix bug in PCI MSI allocation
  kvm: fix incorrect length in a loop over kvm dirty pages map
  PPC: Fix missing TRACE exception
  hw/ide/macio: Fix segfault caused by NULL DMAContext*

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-28 13:19:06 -06:00
David Gibson
863d1050c9 virtio-scsi: Fix subtle (guest) endian bug
The virtio-scsi config space is, by specification, in guest endian (which
is ill-defined, but there you go).  In virtio_scsi_get_config() we set up
all the fields in there, using stl_raw().  Which is a problem for the
max_channel and max_target fields, which are 16-bit, not 32-bit.  For
little-endian targets we get away with it by accident, since the first
two bytes will still be correct, and the extra two bytes written (with
zeroes) will be overwritten correctly by the next store.

But for big-endian guests, this means the max_target field ends up as zero,
which means the guest will only recognize a single disk on the virtio-scsi
bus.  This patch fixes the problem.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Paul 'Rusty' Russell <rusty@rustcorp.com.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-28 12:52:00 +01:00
David Gibson
474ee55a18 virtio-scsi: Fix some endian bugs with virtio-scsi
The virtio-scsi specification does not specify the correct endianness for
fields in the request structure.  It's therefore best to assume that it is
"guest native" endian since that's the (stupid and poorly defined) norm in
virtio.

However, the qemu device for virtio-scsi has no byteswaps at all, and so
will break if the guest has different endianness from the host.  This patch
fixes it by adding tswap() calls for the sense_len and resid fields in
the request structure.  In theory status_qualifier needs swaps as well,
but that field is never actually touched.  The tag field is a uint64_t, but
since its value is completely arbitrary, it might as well be uint8_t[8]
and so it does not need swapping.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Paul 'Rusty' Russell <rusty@rustcorp.com.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-28 12:52:00 +01:00
Alex Horn
02c6ccc6dd rtc: Only call rtc_set_cmos when Register B SET flag is disabled.
This bug occurs when the SET flag of Register B is enabled. When an RTC
data register (i.e. any of the ten time/calender CMOS bytes) is set, the
data is (as expected) correctly stored in the cmos_data array. However,
since the SET flag is enabled, the function rtc_set_time is not invoked.
As a result, the field base_rtc in RTCState remains uninitialized. This
causes a problem on subsequent writes which can end up overwriting data.
To see this, consider writing data to Register A after having written
data to any of the RTC data registers; the following figure illustrates
the call stack for the Register A write operation:

 +- cmos_io_port_write
 +-- check_update_timer
 +---- get_next_alarm
 +------ rtc_update_time

In rtc_update_time, get_guest_rtc calculates the wrong time and
overwrites the previously written RTC data register values.

Signed-off-by: Alex Horn <alex.horn@cs.ox.ac.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-27 11:04:33 -06:00
Paolo Bonzini
03a36f17d7 virtio-rng: do not use g_assert_cmpint
g_assert_cmpint is not available on glib 2.12, which is the minimum
version required to build QEMU (we only require 2.16 to run tests,
since that is the first version including GTester).  Do not use it
in hardware models, use a normal assertion instead.

This fixes the buildbot failure for default_x86_64_rhel5.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-27 08:51:07 -06:00
Amit Shah
42015c9acb virtio-rng: fix typos, comments
Fix typos, whitespace and update comments to match current
implementation.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 14:26:37 -06:00
Amit Shah
8cc6774354 virtio-rng: disable timer on device removal
Disable the rate-limit timer on device remove (e.g. hot-unplug).

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 14:26:37 -06:00
Amit Shah
4621c1768e virtio-rng: remove extra request for entropy
If we got fewer bytes from the backend than requested, don't poke the
backend for more bytes; the guest will ask for more (or if the guest has
already asked for more, the backend knows about it via handle_input()).

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 14:26:37 -06:00
Amit Shah
1441703965 virtio-rng: use virtqueue_get_avail_bytes, fix migration
Popping an elem from the vq just to find out its length causes problems
with save/load later on.  Use the new virtqueue_get_avail_bytes()
function instead, saves us the complexity in the migration code, as well
as makes the migration endian-safe.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 14:26:37 -06:00
Andreas Färber
25d87288b1 i8259: Fix PIC_COMMON() macro
It used a wrong struct type name since its introduction in
8f04ee0882 (isa: pic: convert to QEMU
Object Model), apparently it is unused so far.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 14:25:42 -06:00
Paolo Bonzini
64b625f4b2 qdev: simplify (de)allocation of buses
All conditional deallocation can now be done with object_delete.
Remove the @qom_allocated and @glib_allocated fields; replace the latter
with a direct assignment of the @free function pointer.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 13:41:00 -06:00
Paolo Bonzini
667d22d1ae qdev: move bus removal to object_unparent
Add an ObjectClass method that is done at object_unparent time.  It
should remove any backlinks to the object in the composition tree,
so that object_delete will be able to drop the last reference and
free the object.

Use it for qdev buses.

Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 13:41:00 -06:00
Cornelia Huck
773de5c786 sclp: Fix uninitialized var in handle_write_event_buf().
Some gcc versions rightly complain about a possibly unitialized rc,
so let's move setting it before the QTAILQ_FOREACH().

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-11-26 20:16:26 +01:00
Heinz Graalfs
8c7c3c58e3 s390: Fix ram_size updating in machine init
The global variable 'ram_size' is hidden by the local variable
declaration in s390_init(). Since we want to update the global
ram size in certain cases we must not use a local ram_size
variable.
- This fixes booting with unusual ram sizes like -m 67001
- This changes behaviour back to the situation before commit
  5f072e1f30
  (create struct for machine initialization arguments)

Signed-off-by: Heinz Graalfs <graalfs@linux.vnet.ibm.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-11-26 20:16:26 +01:00
Alexey Kardashevskiy
70c68cf638 pseries: Fix bug in PCI MSI allocation
In one of the recent reworks to the XICS code, a bug was introduced where
we use the wrong sense and allocate level interrupts instead of message
interrupts for PCI MSIs.  This patch fixes it.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-11-26 19:53:26 +01:00
Peter Maydell
d688e5239a hw/ide/macio: Fix segfault caused by NULL DMAContext*
Pass qemu_sglist_init the global dma_context_memory rather than a NULL
pointer; this fixes a segfault in dma_memory_map() when the guest
starts using DMA.

Reported-by: Amadeusz Sławiński <amade@asmblr.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-11-26 19:53:26 +01:00
Paolo Bonzini
b5007bcc97 hmp: do not crash on invalid SCSI hotplug
Commit 0d93692 (qdev: Convert busses to QEMU Object Model, 2012-05-02)
removed a check on the type of the bus where a SCSI disk is hotplugged.
However, hot-plugging to the wrong kind of device now causes a crash
due to either a NULL pointer dereference (avoided by the previous patch)
or a failed QOM cast.

Instead, in this case we need to use object_dynamic_cast and check for
the result, similar to what was done before that commit.

Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:38:54 -06:00
Jan Kiszka
21022c92dc q35: Add kvmclock support
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:37 -06:00
Jan Kiszka
243b95111c q35: Fix non-PCI IRQ processing in ich9_lpc_update_apic
Avoid passing a non-PCI IRQ to ich9_gsi_to_pirq. It's wrong and triggers
an assertion.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:37 -06:00
Jan Kiszka
21bcfdd9a4 q35: Suppress SMM BIOS initialization under KVM
Same as for i44fx: KVM does not support SMM yet. Signal it initialized
to Seabios to avoid failures.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:37 -06:00
Jason Baron
a1c9304683 ich9: Add i82801b11 dmi-to-pci bridge
Add the dmi-to-pci i82801b11 bridge chip. This is the pci bridge chip
that q35 uses on its host bus for PCI bus arbitration.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:37 -06:00
Isaku Yamahata
df2d8b3ed4 q35: Introduce q35 pc based chipset emulator
pc q35 based chipset emulator to support pci express natively. Based on
Anthony Liguori's suggestion, the machine name is 'q35-next', with an alias
of 'q35'. At this point, there are no compatibility guarantees. When the
chipset stabilizes more, we will begin to version the machine names.

Major features which still need to be added:

-Migration support (mostly around ahci)
-ACPI hotplug support (pcie hotplug support is working)
-Passthrough support

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:36 -06:00
Jason Baron
678e7b94b1 ich9: Add smbus
Add support for the ich9 smbus chip.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:36 -06:00
Jason Baron
4d00636e97 ich9: Add the lpc chip
Add support for the ICH9 LPC chip.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:35 -06:00
Jason Baron
e516572fde ich9: Add acpi support and definitions
Lay the groundwork for subsequent ich9 support.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:35 -06:00
Isaku Yamahata
410edd922d pc/piix_pci: factor out smram/pam logic
Factor out smram/pam logic for use by other chipsets, namely q35
at this point.

Note: Should be factored out into a generic North Bridge Class.

[jbaron@redhat.com: changes for updated memory API]
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:35 -06:00
Jason Baron
d8ee03843f pc_piix: Move kvm irq routing functions out of pc_piix.c
Rename: kvm_piix3_gsi_handlei() -> kvm_pc_gsi_handler()
        kvm_piix3_setup_irq_routing() -> kvm_pc_setup_irq_routing()

This is in preparation for other users, namely q35 at this time.

Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:35 -06:00
Jason Baron
a39e356458 pc: Move ioapic_init() from pc_piix.c to pc.c
Move ioapic_init() from pc_piix.c to pc.c, to make it a common function.
Rename ioapic_init() -> ioapic_init_gsi().
Move to pc.h so q35 can use them as well.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:35 -06:00
Isaku Yamahata
9011a1a7bb pc, pc_piix: split out pc nic initialization
Factor out pc nic initialization.
This simplifies the pc initialization and will reduce the code
duplication of q35 pc initialization.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 09:35:35 -06:00
Anthony Liguori
95a6e48d77 Merge remote-tracking branch 'kraxel/usb.72' into staging
* kraxel/usb.72:
  usb-redir: Don't handle interrupt output packets async
  usb-redir: Split usb_handle_interrupt_data into separate in/out functions
  usb-smartcard-reader: Properly NAK interrupt eps when we've no events
  usb-bt: Return NAK instead of STALL when interrupt ep has no data
  uhci: Fix double unlink
  uhci: Don't allow the guest to set port-enabled when there is no dev connected
  uhci: Add a completions_only flag for async completions

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-26 08:19:20 -06:00
Hans de Goede
723aedd532 usb-redir: Don't handle interrupt output packets async
Instead report them as successfully completed directly on submission, this
has 2 advantages:

1) This matches the timing of interrupt output packets on real hardware,
with the previous async handling, if an ep has an interval of say 500 ms,
then there would be 500+ ms between the submission and the guest seeing the
completion, as we wont do the write back until the qh gets polled again. And
in the mean time the guest may very well have timed out, as the guest can
reasonable expect a much quicker completion.

2) This fixes interrupt output packets potentially getting send twice
surrounding a migration. As we delay the writeback to guest memory until
the qh gets polled again, there is a window between completion and writeback
where migration can happen, in this case the destination will not know
about the completion, and it will execute the packet *again*

But it does also come with a disadvantage:

1) If the actual interrupt out to the real usb device fails, there is no
way to report this back to the guest.

This patch assumes however that interrupt outs in practice never fail, as
they are only used by specialized drivers, which are unlikely to issue illegal
requests (unlike general class drivers which often issue requests which some
devices don't implement). And that thus the advantages outway the disadvantage.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
234e810cce usb-redir: Split usb_handle_interrupt_data into separate in/out functions
No functional changes.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
c4020746ff usb-smartcard-reader: Properly NAK interrupt eps when we've no events
When we've no data to return from the interrupt endpoint, return NAK rather
then a 0 length packet.

CC: Alon Levy <alevy@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
33c1a6856f usb-bt: Return NAK instead of STALL when interrupt ep has no data
I noticed this while making all devices with interrupt endpoints properly
do wakeup. While at it also add wakeup support.

Note that I've not tested this, but returning STALL for an interrupt ep
which has no data is cleary the wrong thing to do.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
71d2c9cf65 uhci: Fix double unlink
uhci_async_cancel() already does a uhci_async_unlink().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
1cbdde909f uhci: Don't allow the guest to set port-enabled when there is no dev connected
It is possible for device disconnect and the guest trying to reset the port
(because of USB xact errors prior to the disconnect getting signaled) to race,
when we hit this race, the guest will write the port-control register with its
pre-disconnect value + the reset bit set, after which we have a disconnected
device with its port-enabled bit set in its port-control register, which
is no good :)

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Hans de Goede
887938160e uhci: Add a completions_only flag for async completions
Add a completions_only flag, and set this when running process_frame for async
completion handling, this fixes 2 issues in a single patch:

1) It makes sure async completed packets get written to guest mem immediately,
even if all the bandwidth for the frame was consumed from the timer run
process_frame. This is necessary as delaying their writeback to the next frame
can cause the completion to get lost on migration.

2) The calling of process_frame from a bh on async completion causes iso
tds to get server more often they should, messing up usb sound class device
timing. By only processing completed packets, the iso tds get skipped fixing
this.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:55:54 +01:00
Kevin Wolf
72bcca73c7 ide: Fix status register after short PRDs
When failing a request because the length of the regions described by
the PRDT was too short for the requested number of sectors, the IDE
emulation forgot to update the status register, so that the device would
keep the BSY flag set indefinitely.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-11-21 09:47:34 +01:00
Kevin Wolf
038268e2e8 ide: Fix crash with too long PRD
Without this, s->nsector can become negative and badness happens (trying
to malloc huge amount of memory and glib calls abort())

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-11-21 09:47:34 +01:00
Anthony Liguori
ad1db3b341 Merge remote-tracking branch 'kwolf/for-anthony' into staging
* kwolf/for-anthony: (26 commits)
  qemu-io: Use bdrv_drain_all instead of qemu_aio_flush
  megasas: Use bdrv_drain_all instead of qemu_aio_flush
  vmdk: Fix data corruption bug in WRITE and READ handling
  fdc: remove last usage of FD_STATE_SEEK
  fdc: fix typo in zero constant
  fdc: remove double affectation of FD_MSR_CMDBUSY flag
  fdc-tests: add tests for VERIFY command
  fdc: implement VERIFY command
  fdc-test: Check READ ID
  fdc: fix false FD_SR0_SEEK
  fdc: fix FD_SR0_SEEK for initial seek on DMA transfers
  fdc: fix FD_SR0_SEEK for non-DMA transfers and multi sectors transfers
  fdc: use status0 field instead of a local variable
  fdc-test: add tests for non-DMA READ command
  fdc-test: insert media before fuzzing registers
  fdc-test: split test_media_change() test, so insert part can be reused
  fdc: Remove status0 parameter from fdctrl_set_fifo()
  aio: rename AIOPool to AIOCBInfo
  aio: use g_slice_alloc() for AIOCB pooling
  aio: switch aiocb_size type int -> size_t
  ...

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-19 09:27:00 -06:00
Anthony Liguori
5cc82c2d20 Merge remote-tracking branch 'kraxel/usb.71' into staging
* kraxel/usb.71:
  usb-host: fix splitted transfers
  usb-host: update tracing
  usb-redir: Set default debug level to warning
  usb-redir: Only add actually in flight packets to the in flight queue
  ehci: handle dma errors
  ehci: keep the frame timer running in case the guest asked for frame list rollover interrupts
  ehci: Don't verify the next pointer for periodic qh-s and qtd-s
  ehci: Better detection for qtd-s linked in circles
  ehci: Fixup q->qtdaddr after cancelling an already completed packet
  ehci: Don't access packet after freeing it
  usb: host-linux: Ignore parsing errors of the device descriptors
  usb-host: scan for usb devices when the vm starts
  usb: Fix (another) bug in usb_packet_map() for IOMMU handling
  fix live migration

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-19 09:26:48 -06:00
Anthony Liguori
698229eb28 Merge remote-tracking branch 'amit/loadvm-irq-inj-fix' into staging
* amit/loadvm-irq-inj-fix:
  virtio-serial-bus: post_load send_event when vm is running

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-19 08:31:48 -06:00
Anthony Liguori
f44d771a8c Merge remote-tracking branch 'afaerber/qom-cpu' into staging
* afaerber/qom-cpu:
  target-i386: Add Haswell CPU model
  target-i386/cpu: Add new Opteron CPU model
  target-i386/cpu: Name new CPUID bits
  qapi-types.h: Don't include qemu-common.h
  osdep: Move qemu_{open,close}() prototypes
  qemu-config.h: Include headers it needs
  vnc-palette.h: Include <stdbool.h>
  qemu-fsdev-dummy.c: Include module.h
  qdev: Split up header so it can be used in cpu.h
  Move qemu_irq typedef out of qemu-common.h
  qemu-common.h: Comment about usage rules

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-19 08:31:24 -06:00
Anthony Liguori
d167dac993 Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
* qemu-kvm/uq/master:
  kvm: Actually remove software breakpoints from list on cleanup
  acpi_piix4: fix migration of gpe fields

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-19 08:30:45 -06:00
Blue Swirl
ab4dd33dc3 Merge branch 'vga.1' of git://git.kraxel.org/qemu
* 'vga.1' of git://git.kraxel.org/qemu:
  vga: fix mmio vga register mapping
  vga: fix bochs alignment issue
2012-11-17 16:38:05 +00:00
Anthony Liguori
500054f161 virtio-rng-pci: create a default backend if none exists
This allows you to specify:

  $ qemu -device virtio-rng-pci

And things will Just Work with a reasonable default.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-16 08:36:14 -06:00
Anthony Liguori
904d6f5880 virtio-rng: add rate limiting support
This adds parameters to virtio-rng-pci to allow rate limiting the entropy a
guest receives.  An example command line:

$ qemu -device virtio-rng-pci,max-bytes=1024,period=1000

Would limit entropy collection to 1Kb/s.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-16 08:36:13 -06:00
Amit Shah
16c915ba42 virtio-rng: hardware random number generator device
The Linux kernel already has a virtio-rng driver, this is the device
implementation.

When the guest asks for entropy from the virtio hwrng, it puts a buffer
in the vq.  We then put entropy into that buffer, and push it back to
the guest.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
aliguori: converted to new RngBackend interface
aliguori: remove entropy needed event
aliguori: fix migration
2012-11-16 08:36:13 -06:00
Gerd Hoffmann
71e0aa3930 usb-host: fix splitted transfers
USBPacket->actual_length wasn't updated correctly for USBPackets
splitted into multiple urbs.  Fix it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Gerd Hoffmann
8c908fca58 usb-host: update tracing
Now that we have separate status and length fields in USBPacket
update the completion tracepoint to log both.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
618fbc951d usb-redir: Set default debug level to warning
The previous default of 0 means that even errors and warnings would not
get printed, which is really not a good default.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
2cb343b442 usb-redir: Only add actually in flight packets to the in flight queue
Packets which are queued up, but not yet handed over to the device, are
*not* in flight.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Gerd Hoffmann
55903f1d2d ehci: handle dma errors
Starting with commit 1c380f9460 dma
transfers can actually fail.  This patch makes ehci keep track
of the busmaster bit in pci config space, by setting/clearing the
dma_context pointer.  Attempts to dma without context will result
in raising HSE (Host System Error) interrupt and stopping the host
controller.

This patch fixes WinXP not booting with a usb stick attached to ehci.
Root cause is seabios activating ehci so you can boot from the stick,
and WinXP clearing the busmaster bit before resetting the host
controller, leading to ehci actually trying dma while it is disabled.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Gerd Hoffmann
40862309a9 ehci: keep the frame timer running in case the guest asked for frame list rollover interrupts
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
2c7b15c1de ehci: Don't verify the next pointer for periodic qh-s and qtd-s
While testing the move to async packet handling for interrupt endpoints I
noticed that Windows-XP likes to play tricks with the next pointer for
periodic qh-s, so we should not fail qh / qtd verification when it changes.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
601a234731 ehci: Better detection for qtd-s linked in circles
Windows links interrupt qtd-s in circles, which means that when interrupt
endpoints return USB_RET_ASYNC, combined with the recent
"ehci: Retry to fill the queue while waiting for td completion" patch,
we keep adding the tds to the queue over and over again, as we detect the
circle from fill_queue, but we call it over and over again ...

This patch fixes this by changing the circle detection to also detect
circling into tds already queued up previously.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
ff80ce599e ehci: Fixup q->qtdaddr after cancelling an already completed packet
This avoids the q->qtdaddr == p->qtdaddr asserts we have triggering, when
a queue contains multiple completed packages when we cancel the queue.

I triggered this with windows7 + async interrupt endpoint handling (*)
+ not detecting circles in ehci_fill_queue() properly, which makes the qtd
validation in ehci_fill_queue fail, causing cancellation of the queue on every
mouse event ...

*) Which is not going upstream as it will cause loss of interrupt events on
migration.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Hans de Goede
30d68cf6e1 ehci: Don't access packet after freeing it
ehci_state_writeback() will free the packet, so we should not access
the packet after calling ehci_state_writeback().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Jan Kiszka
537e8f1aa8 usb: host-linux: Ignore parsing errors of the device descriptors
The Linux is more tolerant here as well: Just stop parsing the device
descriptors when an error is detected but do not reset what was found
so far. This allows to run buggy devices with partially invalid
descriptors.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:32 +01:00
Gerd Hoffmann
c96c53b5f1 vga: fix mmio vga register mapping 2012-11-16 11:27:07 +01:00
Gerd Hoffmann
df9ffb726f vga: fix bochs alignment issue
The bochs dispi interface traditionally uses port 0x1ce as 16bit index
register and port 0x1cf as 16bit data register.  The later is unaligned,
and probably for that reason the the data register was moved to 0x1d0
for non-x86 archs.

This patch makes the data register available at 0x1d0 on x86 too.  The
old x86 location is kept for compatibility reasons, so both 0x1cf and
0x1d0 can be used as data register on x86.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:06 +01:00
Gerd Hoffmann
c06c68c928 usb-host: scan for usb devices when the vm starts
Commit a844ed842d leads to usb-host
detecting devices not right after qemu startup because the guest
isn't running yet.  Instead they are found on the first of the
regular usb device poll runs.  Which is too late for seabios to see
them, so booting from usb sticks fails.

Fix this by adding a vm state change handler which triggers a device
scan when the vm is started.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:05 +01:00
David Gibson
155de06f24 usb: Fix (another) bug in usb_packet_map() for IOMMU handling
Elements in qemu SGLists can cross IOMMU page boundaries.  So, in commit
39c138c842 "usb: Fix usb_packet_map() in the
presence of IOMMUs", I changed usb_packet_map() to split up each SGList
element on IOMMU page boundaries and each resulting piece of qemu's memory
space separately to the iovec the usb code uses internally.

That was correct in concept, but the patch has a bug.  The 'base' variable
correctly steps through the dma address of each piece, but then we call
the dma_memory_map() function on the base address of the whole SGList
element every time.

This patch fixes at least one problem using XHCI on the pseries guest
machine.  It didn't affect OHCI because that doesn't use usb_packet_map().
In theory it also affects EHCI, but we haven't observed that in practice.
I think the transfers were small enough on EHCI that they never crossed an
IOMMU page boundary in practice.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:05 +01:00
Gerd Hoffmann
4ea375bf37 fix live migration
Commit 1c380f9460 breaks live migration.
DMA stops working for ehci (and probably for any pci device) after
restoring the guest because the bus master region never gets enabled.
Add code doing that after loading the pci config space from vmstate.

Cc: Avi Kivity <avi@redhat.com>
Cc: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-16 11:27:05 +01:00
Alon Levy
80dcfb8532 virtio-serial-bus: post_load send_event when vm is running
Alexander Larsson found irq injection to Windows guests stopped after a
migration.  The symptom was the mouse stopped working.

Reproduction steps are:
1. On src, start qemu with a virtio-serial port without any backend
2. On dest, start qemu with a virtio-serial port with a backend
3. Migrate.

Upon migration, the older code detected the change in backend connection
status, and sent a notification to the guest.  However, it's not
guaranteed that the apic is ready to inject irqs into the guest, and the
irq line remained high, resulting in any future interrupts going
unnoticed by the guest as well.

Add a new timer based on vm_clock for 1 ns in the future from post_load
to do the event send in case host_connected differs between migration
source and target.

RHBZ: 867366

Signed-off-by: Alon Levy <alevy@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com> # verbose commit log
2012-11-16 14:10:37 +05:30
Aurelien Jarno
68d001928b mips/malta: fix CBUS UART interrupt pin
According to the MIPS Malta Developement Platform User's Manual, the
i8259 interrupt controller is supposed to be connected to the hardware
IRQ0, and the CBUS UART to the hardware interrupt 2.

In QEMU they are both connected to hardware interrupt 0, the CBUS UART
interrupt being wrong. This patch fixes that. It should be noted that
the irq array in QEMU includes the software interrupts, hence
env->irq[2] is the first hardware interrupt.

Cc: Ralf Baechle <ralf@linux-mips.org>
Reviewed-by: Eric Johnson <ericj@mips.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2012-11-15 14:37:55 +01:00
Anthony Liguori
074a86fccd qdev: Split up header so it can be used in cpu.h
Header file dependency is a frickin' nightmare right now.  cpu.h tends
to get included in our 'include everything' header files but qdev also
needs to include those headers mainly for qdev-properties since it knows
about CharDriverState and friends.

We can solve this for now by splitting out qdev.h along the same lines
that we previously split the C file.  Then cpu.h just needs to include
qdev-core.h.

hw/qdev.h is split into following new headers:
    hw/qdev-core.h
    hw/qdev-properties.h
    hw/qdev-monitor.h

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

[ehabkost: re-add DEFINE_PROP_PCI_HOST_DEVADDR, that was removed on the
 original patch (by mistake, I guess)]
[ehabkost: kill qdev_prop_set_vlan() declaration]
[ehabkost: moved get_fw_dev_path() comment to the original location
 (I don't know why it was moved)]
[ehabkost: removed qdev_exists() declaration]
[ehabkost: keep using 'QemuOpts' instead of 'struct QemuOpts', as
 qdev-core.h includes qemu-option.h]

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-11-15 02:18:55 +01:00
Igor Mammedov
5202ef942f Move qemu_irq typedef out of qemu-common.h
It's necessary for making CPU child of DEVICE without
causing circular header deps.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
[ehabkost: re-added the typedef to hw/irq.h after rebasing]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-11-15 01:57:02 +01:00
Marcelo Tosatti
b0b873a078 acpi_piix4: fix migration of gpe fields
Migrate 16 bytes for en/sts fields (which is the correct size),
increase version to 3, and document how to support incoming
migration from qemu-kvm 1.2.

Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2012-11-14 20:15:37 -02:00
Kevin Wolf
b618f4a1c1 megasas: Use bdrv_drain_all instead of qemu_aio_flush
Calling qemu_aio_flush() directly can hang when combined with I/O
throttling.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-14 18:20:06 +01:00
Hervé Poussineau
cd30b53d22 fdc: remove last usage of FD_STATE_SEEK
Replace it by directly setting FD_SR0_SEEK if required

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
c83f97b563 fdc: fix typo in zero constant
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
27c86e24e9 fdc: remove double affectation of FD_MSR_CMDBUSY flag
FD_MSR_CMDBUSY flag is already set in fdctrl_write_data(), just
before calling the command handler (fdctrl_start_transfer() here).

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
7ea004ed67 fdc: implement VERIFY command
VERIFY command is like a READ command, except that read data is not
transfered by DMA.
As DMA engine is not used, so we have to start data transfer ourselves.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
075f5532f1 fdc: fix false FD_SR0_SEEK
Do not always set FD_SR0_SEEK, as callers already set it if needed.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
d6ed4e2106 fdc: fix FD_SR0_SEEK for initial seek on DMA transfers
fdctrl_start_transfer() used to set FD_SR0_SEEK no matter if
there actually was a seek or not. This is obviously wrong.

fdctrl_start_transfer() has this information because it performs
the initial seek itself.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
c5139bd9a9 fdc: fix FD_SR0_SEEK for non-DMA transfers and multi sectors transfers
On non-DMA transfers, fdctrl_stop_transfer() used to set FD_SR0_SEEK
no matter if there actually was a seek or not. This is obviously wrong.

fdctrl_seek_to_next_sect() has this information because it performs
the seek itself.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00
Hervé Poussineau
d497d53497 fdc: use status0 field instead of a local variable
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-14 18:19:22 +01:00