When adding the length to the pseudo header, we're not properly
accounting for overflow.
From: Mark Wu <dwu@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
When adding the length to the pseudo header, we're not properly
accounting for overflow.
From: Mark Wu <dwu@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
The OpenIndiana (Solaris) e1000g driver drops frames that are too long
or too short. It expects to receive frames of at least the Ethernet
minimum size. ARP requests in particular are small and will be dropped
if they are not padded appropriately, preventing a Solaris VM from
becoming visible on the network.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Patch b0b900070c made
TOR valuer incorrect: the spec says it should always
include the CRC field.
No one seems to use this field, but better to stick to spec.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
This change fixes initialization of e1000's microwire EEPROM internal
state values so that qemu's e1000 emulation works on NetBSD,
which doesn't use Intel's em driver but has its own wm driver
for the Intel i8254x Gigabit Ethernet.
Previously set_eecd() function in e1000.c clears EEPROM internal state
values on SK rising edge during CS==L, but according to FM93C06 EEPROM
(which is MicroWire compatible) data sheet, EEPROM internal status
should be cleared on CS rise edge regardless of SK input:
"... a rising edge on this (CS) signal is required to reset the internal
state-machine to accept a new cycle .."
and nothing should be changed during CS (chip select) is inactive.
Intel's em driver seems to explicitly raise SK output after CS is negated
in em_standby_eeprom() so many other OSes that use Intel's driver
don't have this problem even on the previous e1000.c implementation,
but I can't find any articles that say the MICROWIRE or EEPROM spec
requires such sequence, and actually hardware works fine without it
(i.e. real i82540EM has been working on NetBSD).
This fix also changes initialization to clear each state value in
struct eecd_state individually rather than using memset() against
the whole structre. The old_eecd member stores the last SK and CS
signal levels and it should be preserved even after reset of internal
EEPROM state to detect next signal edges for proper EEPROM emulation.
Signed-off-by: Izumi Tsutsui <tsutsui@ceres.dti.ne.jp>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
We do range check for size, and get size as buffer,
but copy size + 4 bytes (4 is for FCS).
Let's copy size bytes but put size + 4 in length.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Change #define DEBUG to #define E1000_DEBUG in hw/e1000.c to make
it possible to build QEMU with -DDEBUG
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
There was a pointer cast warning on Ubuntu since _FORTIFY_SOURCE has been reenabled.
_FORTIFY_SOURCE had been disabled by 4a24470497
and reenabled by 849583050d.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Link to data sheet at intel.com so people can find it.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
No functional changes. I verified that the generated
object binary does not change.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Juan Quintela <quintela@redhat.com>
Acked-by: Glauber Costa <glommer@gmail.com>
Otherwise, the driver does not work in Linux after the INT_DISABLE changes in
PCI.
Michael Tsirkin had a patch to do this, I'm not sure what happened to it.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch adds a romfile property to the pci bus. It allows to specify
a romfile to load into the rom bar of the pci device. The default value
comes from a new field in PCIDeviceInfo. The property allows to change
the file and also to disable the rom loading using an empty string.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Currently, we preload option roms into the option rom space in memory. This
prevents DDIM from functioning correctly which severely limits the number
of roms we can support.
This patch introduces a pci_add_option_rom() which registers the
PCI_ROM_ADDRESS bar which points to our option rom. It also converts over
the cirrus vga adapter, the rtl8139, virtio, and the e1000 to use this
new mechanism.
The result is that PXE boot functions even with three unique types of cards.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
A code review run by Steve Grubb complained about code in e1000.c:
In hw/e1000.c at line 89, vlan is declared to be 4 bytes.
At line 382 is an attempt to do a memmove over it with a size of 12.
This was fixed by splitting the memmove in two calls and
adding a comment to the declaration of vlan and data.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
While writing working on an e1000 driver for my university's OS I
noticed that some registers aren't readable in QEMU, but they should
be readable as stated in Intels Driver Developer Manual (and also
verified on real hardware).
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch is preliminary for 64bit BAR.
Later pcibus_t will be changed from uint32_t to uint64_t.
Introduce FMT_PCIBUS for printf format for pcibus_t.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch is preliminary for 64 bit BAR support.
Introduce dedicated type, pcibus_t, to represent pci bus address/size
instead of uint32_t.
Later this type will be changed to uint64_t.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
make constants for pci base address match pci_regs.h by
renaming PCI_ADDRESS_SPACE_xxx to PCI_BASE_ADDRESS_SPACE_xxx.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
There is absolutely no need to call reset functions when initializing
devices. Since we are already registering them, calling qemu_system_reset()
should suffice. Actually, it is what happens when we reboot the machine,
and using the same process instead of a special case semantics will even
allow us to find bugs easier.
Furthermore, the fact that we initialize things like the cpu quite early,
leads to the need to introduce synchronization stuff like qemu_system_cond.
This patch removes it entirely. All we need to do is call qemu_system_reset()
only when we're already sure the system is up and running
I tested it with qemu (with and without io-thread) and qemu-kvm, and it
seems to be doing okay - although qemu-kvm uses a slightly different patch.
[ v2: user mode still needs cpu_reset, so put it in ifdef. ]
[ v3: leave qemu_system_cond for now. ]
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
In the very least, a change like this requires discussion on the list.
The naming convention is goofy and it causes a massive merge problem. Something
like this _must_ be presented on the list first so people can provide input
and cope with it.
This reverts commit 99a0949b72.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Remove un needed casts from void *.
Use DO_UPCAST() instead of blind casts
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Sorry folks, but it has to be. One more of these invasive qdev patches.
We have a serious design bug in the qdev interface: device init
callbacks can't signal failure because the init() callback has no
return value. This patch fixes it.
We have already one case in-tree where this is needed:
Try -device virtio-blk-pci (without drive= specified) and watch qemu
segfault. This patch fixes it.
With usb+scsi being converted to qdev we'll get more devices where the
init callback can fail for various reasons.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Once again, the emulation of the EERD and ICS registers in e1000.c is
incorrect. Nobody has noticed this before because none of the Intel-written
e1000 drivers use these registers, and all of the independently written open
source drivers copy Intel's example, so they don't use them either.
Regardless, these registers are documented in the programmer's manuals, and
their emulated behavior doesn't match the verified behavior of real hardware,
so any software that does use them doesn't function correctly.
-Bill
Signed-off-by: Bill Paul <wpaul@windriver.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The sequence of reading from eeprom is "offset by one" moved because of a false
detection of a clock cycle after an eeprom reset. Keeping the last clock value
after a reset keeps it in sync.
Signed-off-by: Naphtali Sprei <nsprei@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Makes pci_qdev_register take a PCIDeviceInfo struct instead of a bunch
of parameters. Also adds config_read and config_write callbacks to
PCIDeviceInfo, so drivers needing these can be converted to the qdev
device API too.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This reverts commit 8217606e6e (and
updates later added users of qemu_register_reset), we solved the
problem it originally addressed less invasively.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This reverts commit 3dcd219f09.
It is incorrect to call qemu_irq functions (or any other functions that
access other device state) during savevm/loadvm.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This function is used to manage a PCI BAR, so make the more generic
pci_register_io_region() available to other uses.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The parameter is always zero except when registering the three internal
io regions (ROM, unassigned, notdirty). Remove the parameter to reduce
the API's power, thus facilitating future change.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* net-queue: (28 commits)
virtio-net: Increase filter and control limits
virtio-net: Add new RX filter controls
virtio-net: MAC filter optimization
virtio-net: Fix MAC filter overflow handling
virtio-net: reorganize receive_filter()
virtio-net: Use a byte to store RX mode flags
virtio-net: Add version_id 7 placeholder for vnet header support
virtio-net: implement rx packet queueing
net: make use of async packet sending API in tap client
net: add qemu_send_packet_async()
net: split out packet queueing and flushing into separate functions
net: return status from qemu_deliver_packet()
net: add return value to packet receive handler
net: pass VLANClientState* as first arg to receive handlers
net: re-name vc->fd_read() to vc->receive()
net: add fd_readv() handler to qemu_new_vlan_client() args
net: only read from tapfd when we can send
net: vlan clients with no fd_can_read() can always receive
net: move the tap buffer into TAPState
net: factor tap_read_packet() out of tap_send()
...
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
VLANClientState's fd_read() handler doesn't read from file
descriptors, it adds a buffer to the client's receive queue.
Re-name the handlers to make things a little less confusing.
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
This, apparently, is the style we prefer - all VLANClientState
should be an argument to qemu_new_vlan_client().
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
When a reset is requested, the current e1000 emulation never clears the
reset bit which may cause a driver to hang. This patch masks the reset
bit out when setting the control registert, so the reset is immediately
completed.
Signed-off-by: Kevin Wolf <mail@kevin-wolf.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
pci_register_device already mallocs the pci config space buffer filled
with zeroes.
Doing this again breaks some default config space writes like
setting the subsystem vendor id and subsystem device id.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The pci_register_device() call in PCI nic initialization routines can
fail. Handle this failure and propagate a meaningful error message to
the user instead of generating a SEGV.
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Avi Kivity <avi@qumranet.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
We're currently leaking memory and file descriptors on device
hot-unplug.
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@7150 c046a42c-6fe2-441c-8c8c-71466251a162
NICInfo isn't used after initialization, so remove it from the driver
state structures.
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@7147 c046a42c-6fe2-441c-8c8c-71466251a162
The RXDMT0 interrupt is supposed to fire when the number of free
RX descriptors drops to some fraction of the total descriptors.
However in practice, it seems like we're adding this interrupt
cause on every RX. Fix the logic to treat (tail - head) as the
number of free entries rather than the number of used entries.
Signed-off-by: Alex Williamson <alex.williamson@hp.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6864 c046a42c-6fe2-441c-8c8c-71466251a162
Change the PCI network drivers init functions to return the PCIDev, to
inform which slot has been hot-plugged.
Also record PCIDevice structure on NICInfo to locate for release on
hot-removal.
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6593 c046a42c-6fe2-441c-8c8c-71466251a162
This patch adds and uses #defines for PCI device classes and subclases,
using a new pci_config_set_class() function, similar to the recently
added pci_config_set_vendor_id() and pci_config_set_device_id().
Change since v1: fixed compilation of hw/sun4u.c
Signed-off-by: Stuart Brady <stuart.brady@gmail.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6491 c046a42c-6fe2-441c-8c8c-71466251a162
This patch defines PCI vendor and device IDs in pci.h (matching those
from Linux's pci_ids.h), and uses those definitions where appropriate.
Change from v1:
Introduces pci_config_set_vendor_id() / pci_config_set_device_id()
accessors as suggested by Anthony Liguori.
Signed-off-by: Stuart Brady <stuart.brady@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6442 c046a42c-6fe2-441c-8c8c-71466251a162
On link up or down we set the E1000_STATUS_LU ("link up") bit
in the status register and set the E1000_ICR_LSC ("link
status changed") bit in the interrupt cause register before
interrupting the guest.
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6249 c046a42c-6fe2-441c-8c8c-71466251a162
Allow the user to supply a vlan client name on the command line.
This is probably only useful for management tools so that they can
use their own names rather than parsing the output of 'info network'.
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6220 c046a42c-6fe2-441c-8c8c-71466251a162
Factor out a simple little function for formatting a NIC's
info_str and make all NICs use it.
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6218 c046a42c-6fe2-441c-8c8c-71466251a162
Don't lose track of what type/model a vlan client is so that we can
e.g. assign a global per-model id to clients.
The entire patch is basically a tedious excercise in making sure the
type/model string gets propagated down to qemu_new_vlan_client().
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6216 c046a42c-6fe2-441c-8c8c-71466251a162
The attached patch updates the FSF address in the GPL/LGPL boilerplate
in most GPL/LGPLed files, and also in COPYING.LIB.
Signed-off-by: Stuart Brady <stuart.brady@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6162 c046a42c-6fe2-441c-8c8c-71466251a162
Change from v1:
Avoid changing the existing coding style in certain files.
Signed-off-by: Stuart Brady <stuart.brady@gmail.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6120 c046a42c-6fe2-441c-8c8c-71466251a162
MMIO exits are more expensive in KVM or Xen than in QEMU because they
involve, at least, privilege transitions. However, MMIO write
operations can be effectively batched if those writes do not have side
effects.
Good examples of this include VGA pixel operations when in a planar
mode. As it turns out, we can get a nice boost in other areas too.
Laurent mentioned a 9.7% performance boost in iperf with the coalesced
MMIO changes for the e1000 when he originally posted this work for KVM.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5961 c046a42c-6fe2-441c-8c8c-71466251a162
We're currently ignoring the e1000 VLAN tagging, stripping and filtering
features in the e1000 emulation. This patch adds backing for the
relevant registers and provides a software implementation of the
acceleration, such that a guest can make use of VLANs.
This is mostly (only?) useful for a guest on a bridge (not user mode
networking). The only caveat beyond that is that you need to make sure
the host NIC isn't doing it's own tagging, stripping, or filtering.
This generally means the host NIC on the bridge should not be part of a
VLAN.
Signed-off-by: Alex Williamson <alex.williamson@hp.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5766 c046a42c-6fe2-441c-8c8c-71466251a162
e1000_receive() has code to raise a receive overflow interrupt when the receive
buffer head and tail match. However, with the present implementation of
e1000_can_receive(), this code is unreachable -- and etherboot breaks as a
result.
Signed-off-by: Charles Duffy <charles_duffy@messageone.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4987 c046a42c-6fe2-441c-8c8c-71466251a162
Previously, all data descriptors used TSE context descriptor by default,
It's not correct, per spec, data descriptor uses TSE bit to indicate
whether use TSE,
Legacy data descripter never use TSE.
This patch fixed this bug.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4878 c046a42c-6fe2-441c-8c8c-71466251a162
This patch fixes endianness issues in the e1000 nic emulation, which
currently only works on little endian hosts with little endian targets.
Byte swapping does not depend on host endianness, so this patch remove
the use of cpu_to_le32 and le32_to_cpu functions. It depends on the path
from the CPU to the device, which is currently and *wrongly* implemented
in Qemu as a byteswap on big endian targets. This patch does the same
as in other devices emulation as all the currently implemented targets
work with this implementation.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4046 c046a42c-6fe2-441c-8c8c-71466251a162
According to the Intel 82540EM manual, the mmio space is
128k size.
Copied from Xen list and noted by tina..yang@oracle.com
Signed-off-by: Dor Laor <dor.laor@qumranet.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4032 c046a42c-6fe2-441c-8c8c-71466251a162
Applied %s/^\([^I ]*\)^I/\1 /g on e1000.c and added e1000 to help message.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3949 c046a42c-6fe2-441c-8c8c-71466251a162