Commit Graph

33618 Commits

Author SHA1 Message Date
Alexey Kardashevskiy
45ed0be146 target-ppc: Enable FSCR facility check for TAR
This makes user-privileged read/write fail if TAR facility is not enabled
in FSCR.

Since this is the very first check for enabled in FSCR facility,
this also adds gen_fscr_facility_check() for using in spr_write_tar()/
spr_read_tar().

This enables TAR in FSCR for user mode unconditionally.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:44 +02:00
Alexey Kardashevskiy
7019cb3d88 target-ppc: Add POWER8's FSCR SPR
This adds an FSCR (Facility Status and Control Register) SPR. This defines
names for FSCR bits.

This defines new exception type - POWERPC_EXCP_FU - "facility unavailable" (FU).
This registers an interrupt vector for it at 0xF60 as PowerISA defines.

This adds a TCG helper_fscr_facility_check() helper to raise an exception
if the facility is not enabled. It updates the interrupt cause field
in FSCR. This adds a TCG translation block generation code. The helper
may be used for HFSCR too as it has the same format.

The helper raising FU exceptions is not used by this patch but will be
in the next ones.

This adds gen_update_current_nip() to update NIP in DisasContext.
This helper is not used now and will be called before checking for
a condition for throwing an FU exception.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:44 +02:00
Alexey Kardashevskiy
d1a721ab81 target-ppc: Add POWER8's TIR SPR
This adds TIR (Thread Identification Register) SPR first defined for server
CPUs in PowerISA 2.07.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:44 +02:00
Alexey Kardashevskiy
a242881405 target-ppc: Refactor class init for POWER7/8
This extends init_proc_book3s_64 to support POWER7 and POWER8.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:44 +02:00
Alexey Kardashevskiy
5881c296b9 target-ppc: Switch POWER7/8 classes to use correct PMU SPRs
This replaces gen_spr_7xx() call (which registers 32bit SPRs) with
gen_spr_book3s_pmu() call.

This removes SPR_7XX_PMC5/6 as they are for 32bit and gen_spr_book3s_pmu()
already registers correct PMC5/6 SPRs.

This removes explicit MMCRA registration as gen_spr_book3s_pmu() does it
anyway.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:44 +02:00
Alexey Kardashevskiy
7fc2db18ce target-ppc: Make use of gen_spr_power5p_lpar() for POWER7/8
This makes use of generic gen_spr_power5p_lpar() which registers LPCR SPR.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:44 +02:00
Alexey Kardashevskiy
6a1eed3f49 target-ppc: Make use of gen_spr_book3s_altivec() for POWER7/8
This replaces VRSAVE registration and vscr_init() call with
gen_spr_book3s_altivec() which is generic and does the same thing if
insns_flags has PPC_ALTIVEC bit set (which POWER7/8 have set).

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:44 +02:00
Alexey Kardashevskiy
5db7d4faa3 target-ppc: Move POWER7/8 CFAR/DSCR/CTRL/PPR/PCR SPR registration to helpers
This moves SCFAR/DSCR/CTRL/PPR/PCR PRs to helpers. Later these helpers
will be called from generalized init_proc_book3s_64().

This switches init_proc_POWER7() to use generalized gen_spr_book3s_common()
which registers CRTL SPR under slightly different names. No change in
behaviour or non-debug output is expected.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:43 +02:00
Alexey Kardashevskiy
768167abb9 target-ppc: Move POWER8 TCE Address control (TAR) to a helper
This moves TAR SPR to a helper. Later this helper will be
called from generalized init_proc_book3s_64().

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:43 +02:00
Alexey Kardashevskiy
e61716aa9a target-ppc: Move POWER7/8 PIR/PURR/SPURR SPR registration to helpers
This moves PIR/PURR/SPURR SPRs to helpers. Later these helpers will be
called from generalized init_proc_book3s_64().

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:43 +02:00
Alexey Kardashevskiy
83cc6f8c2f target-ppc: Enable PMU SPRs migration
This enabled PMU SPRs migration by hooking hypv privileged versions with
"KVM one reg" IDs.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:43 +02:00
Alexey Kardashevskiy
90618f4f4d target-ppc: Remove check_pow_970FX
After merging 970s into one class, check_pow_970() is used for all of them.
Since POWER5+ is no different in the matter of supported power modes,
let's use the same check_pow() callback for POWER5+ too,

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:43 +02:00
Alexey Kardashevskiy
7488d481ce target-ppc: Introduce and reuse generalized init_proc_book3s_64()
At the moment every POWER CPU family has its own init_proc_POWERX function.
E500 already has common init function so we try to do the same thing.

This introduces BOOK3S_CPU_TYPE enum with 2 values - 970 and POWER5+.

This introduces generalized init_proc_book3s_64() which accepts a CPU type
as a parameter.

This uses new init function for 970 and POWER5+ CPU classes.

970 and POWER5+ use the same CPU class initialization except 3 things:
1. logical partitioning is controlled by LPCR (POWER5+) and HID4 (970)
SPRs;
2. 970 does not have EAR (External Access Register) SPR and PowerISA 2.03
defines one so keep it only for POWER5+;
3. POWER5+ does not have ALTIVEC so insns_flags does not have PPC_ALTIVEC
flag set and gen_spr_book3s_altivec() won't init ALTIVEC for POWER5+.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:43 +02:00
Alexey Kardashevskiy
ba88100219 target-ppc: Add HID4 SPR for PPC970
Previously LPCR was registered for the 970 class which was wrong as
it does not have LPCR. Instead, HID4 is used which this patch registers.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:43 +02:00
Alexey Kardashevskiy
c36c97f880 target-ppc: Add PMC7/8 to 970 class
Compared to PowerISA-compliant CPUs, 970 family has most of them plus
PMC7/8 which are only present on 970 but not on POWER5 and later CPUs.

Since we are changing SPRs for Book3s/970 families, let's add them too.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:43 +02:00
Alexey Kardashevskiy
077850b037 target-ppc: Add PMC5/6, SDAR and MMCRA to 970 family
MMCR0, MMCR1, MMCRA, PMC1..6, SIAR, SDAR are defined for 970 and PowerISA
CPUs. Since we are building common infrastructure for SPRs intialization
to share it between 970 and POWER5+/7/..., let's add missing SPRs to
the 970 family. Later rework of CPU class initialization will use those
for all PowerISA CPUs.

This adds new SPRs and enables writing to Uxxxx SPRs from supermode.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:42 +02:00
Alexey Kardashevskiy
75b9c321f4 target-ppc: Add "POWER" prefix to MMCRA PMU registers
Since we started adding "POWER" prefix to 64bit PMU SPRs, let's finish
the transition and fix MMCRA and define a supermode version of it.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:42 +02:00
Alexey Kardashevskiy
fd51ff6328 target-ppc: Copy and split gen_spr_7xx() for 970
This stops using 7xx common SPRs init function and adds separate set
of helpers for 970.

This does not copy ICTC SPR as neither 970 manual nor PowerISA mention it.

This defines 970/book3s PMU SPRs constants as they differs from the ones
used for 7XX.

This creates 2 helpers for PMU SPRs, one for supermode privileged SPRs and
one for user privileged SPRs as "sup" versions can be shared across
the family while "user" versions will behave different starting POWER8
(which will be addressed later).

This allows writing to Uxxxx SPRs from supermode. spr_write_ureg() is
implemented for this as a copy of already existing spr_read_ureg().

This allows writing to supervisor's SIAR - it used to be disabled
when gen_spr_7xx() was used.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:42 +02:00
Alexey Kardashevskiy
eb16dd9cc9 target-ppc: Make UCTRL a mirror of CTRL
This changes UCTRL SPR to read from its supermode copy.

This enables reading from UCTRL in user mode.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:42 +02:00
Alexey Kardashevskiy
42382f6244 target-ppc: Refactor PPC970
This splits one init_proc_970() into a set of small helpers. Later
init_proc_970() will be generalized and will call different set of helpers
depending on the current CPU class.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:42 +02:00
Alexey Kardashevskiy
bbc01ca7f2 target-ppc: Merge 970FX and 970MP into a single 970 class
The differences between classes were:
1. SLB size, was 32 for 970 and 64 for others, should be 64 for all;
2. check_pow() callback, HID0 format is the same so should be the same
0x01C00000 which means "deep nap", "doze" and "nap" bits set;
3. LPCR - 970 does not have it but 970MP had one (by mistake).

This fixes wrong differences and makes one 970 class.

This fixes wrong registration of LPCR which is not present on 970.

This defines HID0 bits and uses them in check_pow_970().

This does not copy MSR_SHV (Hypervisor State, HV) bit from 970FX to
970 class as we do not emulate hypervisor in QEMU anyway.

This does not remove check_pow_970FX now as it is still used by POWER5+
class, this will be addressed later.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:42 +02:00
Alexey Kardashevskiy
cb8b8bf840 target-ppc: Rename 7XX/60x/74XX/e600 PMU SPRs
As defined in Linux kernel, PMC*, SIAR, MMCR0/1 have different numbers
for 32 and 64 bit POWERPC. We are going to support 64bit versions too so
let's rename 32bit ones to avoid confusion.

This is a mechanical patch so it does not fix obvious mistake with these
registers in POWER7 yet, this will be fixed later.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:42 +02:00
Tom Musta
a9e8f4e7df target-ppc: Fix Temporary Variable Leak in bctar
Fix a temporary variable leak detected in the bctar instruction:

   Opcode 13 10 11 (4d910460) leaked temporaries

Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:42 +02:00
Alexander Graf
13b6a45565 PPC: e500: Merge 32 and 64 bit SPE emulation
Today we have a lot of conditional code in the SPE emulation depending on
whether we have 64bit GPRs or not.

Unfortunately the assumption that we can just recycle the 64bit GPR
implementation is wrong. Normal SPE implementations maintain the upper 32 bits
on all non-SPE instructions which then only modify the low 32 bits. However
all instructions we model that adhere to the normal SF based switching don't
care whether they operate on 32 or 64 bit registers and just always use the full
64 bits.

So let's remove that dubious SPE optimization and revert everything to the same
code path the 32bit target code was taking. That way we get rid of differences
between the two implementations, but will get a slight performance hit when
emulating SPE instructions.

This fixes SPE emulation with qemu-system-ppc64 for me.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:41 +02:00
Alexander Graf
f7d6914654 PPC: spapr: Expose /hypervisor node in device tree
PR KVM supports an ePAPR compliant hypercall interface in parallel to the
normal sPAPR one. Expose the ePAPR /hypervisor node and properties to the
guest so it can use it.

This enables magic page sharing on PR KVM with -M pseries.

However we had a few nasty bugs in the magic page implementation on vcpus
newer than 970 (p7, p8) that KVM now has workarounds for. It indicates that
it does have these workarounds through the PPC_FIXUP_HCALL capability.

To not expose broken guest kernels to issues on host kernels that don't
have the fixups in place, we don't expose working hypercall instructions
when the fixups are not available so that the guest can never active the
magic page.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:41 +02:00
Alexander Graf
87a91de61a KVM: PPC: Expose fixup hcall capability
New kvm versions expose a PPC_FIXUP_HCALL capability. Make it visible to
machine code so we can take decisions based on it.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:41 +02:00
Alexander Graf
b061808d39 linux-headers: update linux headers to kvm/next
This updates the kvm headers to commit 820b3fcd in kvm/next.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:41 +02:00
Alexander Graf
2872e1929b linux-headers: include psci.h
The kvm headers now have a dependency on psci.h, sync it into our linux
header copy as well.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:41 +02:00
Alexander Graf
ada82b537e PPC: SPE: Fix high-bits bitmask
The SPE emulation code wants to access the highest 32bits of a 64bit register
and uses the andi TCG instruction for that. Unfortunately it masked with the
wrong mask. Fix the mask to actually cover the upper 32 bits.

This fixes simple multiplication tests with SPE guests for me.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:41 +02:00
Alexander Graf
deb6ed13eb PPC: e500: Fix TLB lookup for 32bit CPUs
When we run 32bit guest CPUs (or 32bit guest code on 64bit CPUs) on
qemu-system-ppc64 the TLB lookup will use the full effective address
as pointer.

However, only the first 32bits are valid when MSR.CM = 0. Check for
that condition.

This makes QEMU boot an e500v2 guest with more than 1G of RAM for me.

Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:41 +02:00
Peter Maydell
f2e2bc9ca0 hw/pci-host/ppce500: Fix typo in vmstate definition
Fix a typo in the ppce500_pci vmstate definition which meant that
we were migrating the struct pci_inbound using the vmstate for
pci_outbound. Fortunately the two structures have exactly the same
format at the moment (four uint32_ts) so this was harmless, and
we can correcting the typo without a migration compatibility
break because the vmstate name doesn't go out on the wire.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:41 +02:00
Tom Musta
4b1daa72d3 target-ppc: Store Quadword Conditional Drops Size Bit
The size and register information are encoded into the reserve_info field
of CPU state in the store conditional translation code.  Specifically, the
size is shifted left by 5 bits (see target-ppc/translate.c gen_conditional_store).

The user-mode store conditional code erroneously extracts the size by ANDing
with a 4 bit mask; this breaks if size >= 16.

Eliminate the mask to make the extraction of size mirror its encoding.

Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:40 +02:00
Tom Musta
f46e9a0b99 target-ppc: Confirm That .bss Pages Are Valid
The existing code does a check to ensure that a .bss region is properly
mmap'd.  When additional mmap is required, the (guest) pages are also
validated.  However, this code has a bug: when host page size is larger
than target page size, it is possible for the .bss pages to already be
(host) mapped but the guest .bss pages may not be valid.

The check to mmap additional space is separated from the flagging of the
target (guest) pages, thus ensuring that both aspects are done properly.

Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:40 +02:00
Tom Musta
5b274ed74d target-ppc: Support VSX in PPC User Mode
Some modern tool chains use VSX instructions.  Therefore attempt to enable the VSX MSR
bit by default, just like similar bits (FP, VEC, SPE, etc.).

Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:40 +02:00
Doug Kwan
9c35126c56 target-ppc: Add a new user mode target for little-endian PPC64.
Signed-off-by: Doug Kwan <dougkwan@google.com>
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:40 +02:00
Doug Kwan
e22c357b3e target-ppc: Allow little-endian user mode.
This allows running PPC64 little-endian in user mode if target is configured
that way.  In PPC64 LE user mode we set MSR.LE during initialization.

Signed-off-by: Doug Kwan <dougkwan@google.com>
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:40 +02:00
Doug Kwan
d90b94cd78 target-ppc: Support little-endian PPC64 in user mode.
Look at ELF header to determine ABI version on PPC64.  This is required
for executing the first instruction correctly.  Also print correct machine
name in uname() system call.

Signed-off-by: Doug Kwan <dougkwan@google.com>
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:40 +02:00
Alex Zuepke
a721d390b3 PPC: e500: Fix MMUCSR0 emulation
A  "mtspr SPRMMUCSR0, reg"  always flushed TLB0,
because it passed the SPR number 0x3f4 to the flush routine.
But we want to flush either TLB0 or TBL1 depending on the GPR value.

Signed-off-by: Alex Zuepke <alexander.zuepke@hs-rm.de>
[agraf: change subject line, fix TCGv size mismatch]
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:40 +02:00
Alexey Kardashevskiy
1b8eceee28 spapr_iommu: Introduce bus_offset in sPAPRTCETable
This adds @bus_offset into sPAPRTCETable to tell where TCE table starts
from. It is set to 0 for emulated devices. Dynamic DMA windows will use
other offset.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:39 +02:00
Alexey Kardashevskiy
650f33adbd spapr_iommu: Introduce page_shift in sPAPRTCETable
At the moment only 4K pages are supported by sPAPRTCETable. Since sPAPR
spec allows other page sizes and we are going to implement them, we need
page size to be configrable.

This adds @page_shift into sPAPRTCETable and replaces SPAPR_TCE_PAGE_SHIFT
with it where it is possible.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:39 +02:00
Alexey Kardashevskiy
523e7b8ab8 spapr_iommu: Get rid of window_size in sPAPRTCETable
This removes window_size as it is basically a copy of nb_table
shifted by SPAPR_TCE_PAGE_SHIFT. As new dynamic DMA windows are
going to support windows as big as the entire RAM and this number
will be bigger that 32 capacity, we will have to do something
about @window_size anyway and removal seems to be the right way to go.

This removes dma_window_start/dma_window_size from sPAPRPHBState as
they are no longer used.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:39 +02:00
Alexey Kardashevskiy
e4c35b78bc spapr_iommu: Convert old qdev_init_nofail() to object_property_set_bool
qdev_init_nofail() was replaced by object_property_set_bool("realized")
all over the QEMU so do we.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:39 +02:00
Alexey Kardashevskiy
e28c16f61f spapr_pci: Allow multiple TCE tables per PHB
At the moment sPAPRPHBState contains a @tcet pointer to the only
TCE table. However sPAPR spec allows having more than one DMA window.

Since the TCE object is already a child of SPAPR PHB object, there is
no need to keep an additional pointer to it in sPAPRPHBState so remove it.

This changes the way sPAPRPHBState::reset performs reset of sPAPRTCETable
objects.

This changes the default DMA window properties calculation.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:39 +02:00
Alexey Kardashevskiy
cca7fad576 spapr_pci: spapr_iommu: Make DMA window a subregion
Currently the default DMA window is represented by a single MemoryRegion.
However there can be more than just one window so we need
a "root" memory region to be separated from the actual DMA window(s).

This introduces a "root" IOMMU memory region and adds a subregion for
the default DMA 32bit window. Following patches will add other
subregion(s).

This initializes a default DMA window subregion size to the guest RAM
size as this window can be switched into "bypass" mode which implements
direct DMA mapping.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:39 +02:00
Alexey Kardashevskiy
da6ccee418 spapr_pci: Introduce a finish_realize() callback
The spapr-pci PHB initializes IOMMU for emulated devices only.
The upcoming VFIO support will do it different. However both emulated
and VFIO PHB types share most of the initialization code.
For the type specific things a new finish_realize() callback is
introduced.

This introduces sPAPRPHBClass derived from PCIHostBridgeClass and
adds the callback pointer.

This implements finish_realize() for emulated devices.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
[agraf: Fix compilation]
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:39 +02:00
Alexey Kardashevskiy
da95324ebe spapr_iommu: Enable multiple TCE requests
Currently only single TCE entry per request is supported (H_PUT_TCE).
However PAPR+ specification allows multiple entry requests such as
H_PUT_TCE_INDIRECT and H_STUFF_TCE. Having less transitions to the host
kernel via ioctls, support of these calls can accelerate IOMMU operations.

This implements H_STUFF_TCE and H_PUT_TCE_INDIRECT.

This advertises "multi-tce" capability to the guest if the host kernel
supports it (KVM_CAP_SPAPR_MULTITCE) or guest is running in TCG mode.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:39 +02:00
Alexey Kardashevskiy
a1d59c0ffa spapr: Enable dynamic change of the supported hypercalls list
At the moment the "ibm,hypertas-functions" list is fixed. However some
calls should be listed there if they are supported by QEMU or the host
kernel.

This enables hyperrtas_prop to grow on stack by adding
a SPAPR_HYPERRTAS_ADD macro. "qemu,hypertas-functions" is converted as well.

The first user of this is going to be a "multi-tce" property.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:38 +02:00
Alexander Graf
9397a7c831 macio: Fix timer endianness
The timer registers on our KeyLargo macio emulation are read as byte reversed
from the big endian guest, so we better expose them endian reversed as well.

This fixes initial hickups of booting Mac OS X with -M mac99 for me.

Signed-off-by: Alexander Graf <agraf@suse.de>
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
2014-06-16 13:24:38 +02:00
Alexander Graf
3e300fa6ad macio ide: Do remainder access asynchronously
The macio IDE controller has some pretty nasty magic in its implementation to
allow for unaligned sector accesses. We used to handle these accesses
synchronously inside the IO callback handler.

However, the block infrastructure changed below our feet and now it's impossible
to call a synchronous block read/write from the aio callback handler of a
previous block access.

Work around that limitation by making the unaligned handling bits also go
through our asynchronous handler.

This fixes booting Mac OS X for me.

Reported-by: John Arbuckle <programmingkidx@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:38 +02:00
Tom Musta
6ab39b1bd3 target-ppc: Fix popcntb Opcode Bug
The popcntb instruction is erroneously encoded with opcode extension (opc1,opc2) = (0x03,0x03).
Bits 21-30 of popcntb are 122 = 0b00011-0b11010 and therefore this should be encoded
as (opc1,opc2) = (0x1A, 0x03).

Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16 13:24:38 +02:00