Commit Graph

6014 Commits

Author SHA1 Message Date
Gerd Hoffmann
e04da7c3d1 usb-storage: move status debug message to usb_msd_send_status.
usb_msd_send_status can be called from different code paths, move the
debug message into the function to make sure it is printed
unconditionally.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-11-21 14:07:56 +01:00
Markus Armbruster
725e14e91f loader: Fix read_targphys() to behave when read() fails
Happily passes (size_t)-1 to rom_add_blob_fixed(), which promptly dies
attempting to malloc that much.  Spotted by Coverity.

Bonus fix for ROMs larger than INT_MAX bytes: return ssize_t instead
of int.  Bug can't bite, because the only user load_aout() limits ROM
size to an int value.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-11-19 11:23:42 +00:00
Blue Swirl
25cc4a768d Merge branch 's390-1.0' of git://repo.or.cz/qemu/agraf
* 's390-1.0' of git://repo.or.cz/qemu/agraf:
  s390x: initialize virtio dev region
  tcg: Use TCGReg for standard tcg-target entry points.
  tcg: Standardize on TCGReg as the enum for hard registers
  s390x: Add shutdown for TCG s390-virtio machine
  s390: Fix cpu shutdown for KVM
  s390: fix short kernel command lines
  s390: fix reset hypercall to reset the status
  s390x: implement SIGP restart and shutdown
  s390x: implement rrbe instruction properly
  s390x: update R and C bits in storage key
  s390x: make ipte 31-bit aware
  s390x: add ldeb instruction
2011-11-19 11:17:58 +00:00
Blue Swirl
05a86f23e5 Merge branch 'ppc-1.0' of git://repo.or.cz/qemu/agraf
* 'ppc-1.0' of git://repo.or.cz/qemu/agraf:
  pseries: Fix qdev.id handling in the VIO bus code
  pseries: Allow kernel's early debug output to work
  pseries: Default reg for vty should be SPAPR_VTY_BASE_ADDRESS
  pseries: Check we have a chardev in spapr_vty_init()
  pseries: Fix buggy spapr_vio_find_by_reg()
  pseries: Correct RAM size check for SLOF
  PPC: Fix for the gdb single step problem on an rfi instruction
  tcg-ppc64: Fix compile errors for userspace only builds with gcc 4.6
  pseries: Fix initialization of sPAPREnvironment structure
2011-11-19 11:17:11 +00:00
Michael Ellerman
1e34d859d0 pseries: Fix qdev.id handling in the VIO bus code
When the user creates a device on the command line with -device, they
can specify the id, using id=foo. Currently the VIO bus code overwrites
this id with it's own value. We should only set qdev.id if it is not
already set by the user.

The device tree code uses qdev.id for the device tree node name, however
we can't rely on the user specifiying the id using proper device tree
syntax, ie. device@reg. So separate the device tree node name from the
qdev.id, but use the same syntax, so they will match by default.

Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2011-11-18 14:26:30 +01:00
David Gibson
3feef8ad17 pseries: Allow kernel's early debug output to work
The PAPR specification defines a virtual TTY/console interface for guest
OSes to use via the H_PUT_TERM_CHAR and H_GET_TERM_CHAR hypercalls.  There
can be multiple virtual ttys, so these take a "termno" parameter.  This
encodes which vty to use as the 'reg' property on the device tree node
associated with that vty.

However, with the early debug options enabled, the Linux kernel will
attempt debugging output through the vty very early, before it has read
the device tree.  In this case it always uses a termno of 0.  This works
on the existing PowerVM hypervisor, so we assume there must be a hack /
feature in there which interprets termno==0 to mean the default primary
console.

To help with debugging kernels, including existing distribution kernels,
this patch implements a similar feature / hack in qemu.  If termno==0
is supplied to H_{GET,PUT}_TERM_CHAR, they use the first available vty
device instead.

We need to be careful in the case that the user has manually created
an spapr-vty at address 0. So first we search for the specified reg and
only if that doesn't match do we fall back.

Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2011-11-18 14:22:46 +01:00
Michael Ellerman
5afdec404e pseries: Default reg for vty should be SPAPR_VTY_BASE_ADDRESS
In commit b4a7852735 ("Place pseries vty
devices at addresses more similar to existing machines"), we changed the
default reg for the vty to 0x30000000, however we didn't update the default
value for a user specified vty device. Fix that.

Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2011-11-18 14:22:46 +01:00
Michael Ellerman
57285302af pseries: Check we have a chardev in spapr_vty_init()
If qemu is run like:

 qemu-system-ppc64 -nodefaults -device spapr-vty

We end up in spapr_vty_init() with dev->chardev == NULL. Currently
that leads to a segfault because we unconditionally call
qemu_chr_add_handlers().

Although we could make that call conditional, I think a spapr-vty
without a chardev is basically useless so fail the init. This is
similar to what the serial code does for example.

Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2011-11-18 14:22:46 +01:00
David Gibson
5435352ce6 pseries: Fix buggy spapr_vio_find_by_reg()
The spapr_vio_find_by_reg() function in hw/spapr_vio.c is supposed to find
the device structure for a PAPR virtual IO device with the given reg value,
and return NULL if none exists.

It does the first ok, but if no device with that reg exists, it just
returns the last device traversed in the list.  This patch fixes it.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2011-11-18 14:22:45 +01:00
David Gibson
92c93a816a pseries: Correct RAM size check for SLOF
The SLOF firmware used on the pseries machine needs a reasonable amount of
(guest) RAM in order to run, so we have a check in the machine init
function to check that this is available.  However, SLOF runs in real mode
(MMU off) which means it can only actually access the RMA (Real Mode Area),
not all of RAM.  In many cases the RMA is the same as all RAM, but when
running with Book3S HV KVM on PowerPC 970, the RMA must be especially
allocated to be (host) physically contiguous.  In this case, the RMA size
is determined by what the host admin allocated at boot time, and will
usually be less than the whole guest RAM size.

This patch corrects the test to see if SLOF has enough memory for this
case.

In addition, more recent versions of SLOF that were committed earlier don't
need quite as much memory as earlier versions.  Therefore, this patch also
reduces the amount of RAM we require to run SLOF.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2011-11-18 14:22:45 +01:00
Alon Levy
3827cdb1c3 pc_piix: set qxl revision to 2 for pc-0.14
The default is still 3, and I didn't change older machine types.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-14 11:26:32 -06:00
Peter Maydell
e1556ad5b8 hw/omap_gpio: Fix infinite recursion when doing 8/16 bit reads
Fix a long-standing bug which meant that any attempt to do an
8 or 16 bit read from the OMAP GPIO module would cause qemu to
crash due to an infinite recursion.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-14 11:26:32 -06:00
Andrzej Zaborowski
371572dff4 Revert bugfix e7852674d5 until tested or until after the release.
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-11-14 18:17:59 +01:00
Alexander Graf
326384d5b6 s390x: initialize virtio dev region
When running the s390x virtio machine we can potentially use uninitialized
memory for the virtio device backing ram. That can lead to weird breakge.

So let's better initialize it to 0 properly.

Reported-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>

---

v1 -> v2:

  - use target_phys_addr_t
2011-11-14 17:47:27 +01:00
Christian Borntraeger
854e42f3e8 s390: Fix cpu shutdown for KVM
On s390 a shutdown is the state of all CPUs being either stopped
or disabled (for interrupts) waiting. We have to track the overall
number of running CPUs to call the shutdown sequence accordingly.
This patch implements the counting and shutdown handling for the
kvm path in qemu.
Lets also wrap changes to env->halted and env->exception_index.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2011-11-14 17:47:26 +01:00
Christian Borntraeger
13449a6e0e s390: fix short kernel command lines
The default kernel command line for s390 is
"root=/dev/ram0 ro"

When overriding this line, we have to ensure to also copy the \0 to
avoid false lines, for example, -append "root=/dev/vda" will result in
"root=/dev/vda0 ro" with the current code.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2011-11-14 17:47:26 +01:00
Christian Borntraeger
e9d86b760c s390: fix reset hypercall to reset the status
This patch fixes the reset hypercall which is supposed to also
reset the device status in device memory.
This fixes the following bug:

[root@localhost driver]# echo virtio0 > unbind
[   35.056966] ------------[ cut here ]------------
[   35.057054] kernel BUG at drivers/virtio/virtio.c:157!
[   35.057113] illegal operation: 0001 [] SMP
[   35.057181] Modules linked in:
[   35.057243] CPU: 0 Not tainted 3.0.0-rc1-00180-g0792644-dirty 
[   35.057323] Process bash (pid: 497, task: 000000003e58c538, ksp: 000000003ef43978)
[   35.057409] Krnl PSW : 0704100180000000 00000000003d46f8 (virtio_check_driver_offered_feature+0x0/0x38)
[   35.057528]            R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:0 CC:1 PM:0 EA:3
[   35.057616] Krnl GPRS: 0000000000000000 0000000040000000 0000000000000007 0000000000000000
[   35.057716]            00000000003b3be4 0000000000000001 000000003ef4d380 000000003f1cff00
[   35.057805]            000000003ef43f18 00000000005ca620 0000000000000008 0000000000838e88
[   35.057919]            000000000083c860 000000003f7c2e00 00000000003d46b0 000000003ef43d10
[   35.058027] Krnl Code: 00000000003d46e8: f0b00004ebcf	srp	4(12,%r0),3023(%r14),0
[   35.058115]            00000000003d46ee: f0a0000407f4	srp	4(11,%r0),2036,0
[   35.058207]            00000000003d46f4: a7f40001		brc	15,3d46f6
[   35.058295]           >00000000003d46f8: e31020900004	lg	%r1,144(%r2)
[   35.058383]            00000000003d46fe: bf2f1080		icm	%r2,15,128(%r1)
[   35.058470]            00000000003d4702: a784000d		brc	8,3d471c
[   35.058557]            00000000003d4706: e32010780004	lg	%r2,120(%r1)
[   35.058645]            00000000003d470c: 59302000		c	%r3,0(%r2)
[   35.058748] Call Trace:
[   35.058777] ([<00000000003d469e>] virtio_dev_remove+0x36/0x90)
[   35.058852]  [<00000000003f3a40>] __device_release_driver+0x7c/0xec
[   35.058936]  [<00000000003f3ae8>] device_release_driver+0x38/0x48
[   35.059023]  [<00000000003f2a98>] driver_unbind+0xa4/0xc4
[   35.059111]  [<00000000002acb70>] sysfs_write_file+0xe8/0x19c
[   35.059226]  [<000000000022e7a4>] vfs_write+0xb0/0x18c
[   35.059317]  [<000000000022eb18>] SyS_write+0x58/0xb4
[   35.059398]  [<000000000057e674>] sysc_noemu+0x16/0x1c
[   35.059475]  [<000003fffd44b6c0>] 0x3fffd44b6c0
[   35.059531] Last Breaking-Event-Address:
[   35.059576]  [<00000000003d46f4>] virtio_dev_remove+0x8c/0x90
[   35.059646]
[   35.059661] ---[ end trace 9b1959188f21ee11 ]---

Signed-off-by: Christian Borntraeger<borntraeger@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2011-11-14 17:47:26 +01:00
Juha Riihimäki
a3efecb847 hw/onenand: reject read-only drives
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-11-14 03:22:30 +01:00
Juha Riihimäki
3fc3abf7ec hw/nand: reject read-only drives
also gracefully fail on nand_device_init() for unsupported block
size instead of aborting.

Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-11-14 03:19:18 +01:00
Jean-Christophe DUBOIS
b2887c43ee hw/arm_sysctl: Fix RESETCTL for realview-pb-a8 and -pbx-a9
Depending on the considered baseboard the bit used to
reset the platform is different.

Here is the list of considered Realview/Versatile platforms:

Realview/Versatile AB for ARM926EJ-S: BOARD_ID = 0x100 = BOARD_ID_PB9
http://infocenter.arm.com/help/topic/com.arm.doc.dui0225d/CACCIFGI.html

RealView Emulation Baseboard: BOARD_ID = 0x140 = BOARD_ID_EB
No reset register

RealView PB for Cortex-A8: BOARD_ID = 0x178 = BOARD_ID_PBA8
http://infocenter.arm.com/help/topic/com.arm.doc.dui0417d/BBACIGAD.html

RealView PB for Cortex-A9: BOARD_ID = 0x182 = BOARD_ID_PBX
http://infocenter.arm.com/help/topic/com.arm.doc.dui0440b/CACCHBFB.html

Motherboard Express =C2=B5ATX: BOARD_ID = 0x190 = BOARD_ID_VEXPRESS
No reset register

Signed-off-by: Jean-Christophe DUBOIS <jcd@tribudubois.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-11-14 03:09:20 +01:00
Peter Maydell
7c64d297f9 hw/pxa2xx.c: Fix handling of RW bits in PMCR
Fix an error in commit afd4a6522 which meant that writing a zero
to the RW bits in the PMCR wouldn't actually clear them. (Error
spotted by Andrzej Zaborowski.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-11-14 02:26:20 +01:00
Peter Maydell
e7852674d5 hw/usb-net.c: Fix precedence bug when checking rndis_state
"!X == 2" is always false (spotted by Coverity), so the checks
for whether rndis is in the correct state would never fire.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
2011-11-14 02:19:24 +01:00
Anthony Liguori
74d33d5ce4 Merge remote-tracking branch 'kwolf/block-stable' into staging 2011-11-11 17:26:37 -06:00
Peter Maydell
ee71c98434 hw/arm_timer.c: Fix bounds check for Integrator timer accesses
There are only three counter/timers on the integrator board:
correct the bounds check to avoid an array overrun. (Spotted
by Coverity, see bug 887883).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-11 12:49:53 -06:00
Peter Maydell
afd4a65225 hw/pxa2xx.c: Fix handling of R/WC bits in PMCR
Fix a bug in handling the write-one-to-clear bits in the PMCR
which meant that we would always clear the bit even if the
value written was a zero. Spotted by Coverity (see bug 887883).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-11 12:49:53 -06:00
Peter Maydell
b78c2b3aad hw/pl061: Remove pointless comparison of array to null
Remove a pointless comparison of an array to null. (There is
no need to check whether s->out[i] is non-null as qemu_set_irq
will do that for us.) Spotted by Coverity (see bug 887883).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-11 12:49:53 -06:00
Peter Maydell
35914dc724 hw/tc58128.c: Remove unnecessary check for g_malloc failure
Remove a check for g_malloc failing: this never happens.
Also use g_malloc rather than g_malloc0 as we immediately
memset the entire region and so zero-initialising it is pointless.
Spotted by Coverity (see bug 887883).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-11 12:49:53 -06:00
Peter Maydell
096685fc2a hw/omap_intc.c: Avoid crash on access to nonexistent banked registers
Avoid a crash due to null pointer dereference if a guest attempts
to access banked registers for a nonexistent bank. Spotted by
Coverity (see bug 887883).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-11 12:49:52 -06:00
David Gibson
d43b45e220 pseries: Fix initialization of sPAPREnvironment structure
Since we added PCI support to the pseries machine, we include a qlist of
PCI host bridges in the sPAPREnvironment structure.  However this list
was never properly initialized it.  Somehow we got away with this until
some other recent change broke it, and we now segfault immediately on
startup.

This patch adds the required QLIST_INIT(), and while we're at it makes sure
we initialize the rest of the sPAPREnvironment structure to 0, to avoid
future nasty surprises.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2011-11-11 17:33:58 +01:00
Peter Maydell
980bda8ba2 hw/pc.c: Fix use-while-uninitialized of fd_type[]
Fix a use-while-uninitialized of the fd_type[] array (introduced
in commit 34d4260e1, noticed by Coverity). This is more theoretical
than practical, since it's quite hard to get here with floppy==NULL
(the qdev_try_create() of the isa-fdc device has to fail).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-11-11 14:02:59 +01:00
Paolo Bonzini
4480de19d9 scsi-disk: implement eject requests
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-11-11 14:02:57 +01:00
Paolo Bonzini
2df0a3a308 atapi: implement eject requests
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-11-11 14:02:57 +01:00
Peter Maydell
0e3b800e71 hw/lan9118.c: Add missing 'break' to fix buffer overrun
Add a missing 'break' statement to fix a buffer overrun when
executing the EEPROM write-all command. Spotted by Coverity
(see bug 887883).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-11-10 12:29:50 +00:00
Markus Armbruster
542379f426 qdev: Fix crash on -device '?=x'
Spotted by Coverity.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-11-10 12:29:50 +00:00
Max Filippov
4f61927a41 hpet: fix infinite loop in qemu_run_timers with -icount enabled
hpet_timer timer callback rearms itself based on difference between
current HPET tick counter and comparator value. Difference calculated by
the hpet_calculate_diff function is limited to non-negative values.

cur_tick is calculated via hpet_get_ticks that uses qemu_get_clock_ns(vm_clock).

With -icount enabled vm_clock doesn't advance during qemu_run_timers
loop thus once difference is zero, qemu_run_timers loops forever
handling hpet_timer.

Limit hpet_calculate_diff results to positive only values to avoid that
infinite loop.

This fixes the following qemu-system-x86_64 hang when it reaches
timer_irq_works() in the linux bootup:

[    0.000000] Fast TSC calibration using PIT
[    0.000000] Detected 1000.054 MHz processor.
[    0.000031] Calibrating delay loop (skipped), value calculated using timer frequency.. 2000.10 BogoMIPS (lpj=10000540)
[    0.000404] pid_max: default: 32768 minimum: 301
[    0.001138] Mount-cache hash table entries: 256
[    0.003883] Initializing cgroup subsys ns
[    0.004035] Initializing cgroup subsys cpuacct
[    0.004280] Initializing cgroup subsys freezer
[    0.004790] Performance Events: AMD PMU driver.
[    0.004985] ... version:                0
[    0.005134] ... bit width:              48
[    0.005285] ... generic registers:      4
[    0.005437] ... value mask:             0000ffffffffffff
[    0.005625] ... max period:             00007fffffffffff
[    0.005807] ... fixed-purpose events:   0
[    0.005957] ... event mask:             000000000000000f
[    0.006275] SMP alternatives: switching to UP code

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-09 12:06:20 -06:00
Peter Maydell
c0465d1a1d hw/omap_gpmc.c: Add missing 'break's to fix 8 bit NAND writes
Add missing 'break' statements which would have meant that writing
to an 8 bit NAND device was broken. Spotted by Coverity (see bug
887883).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-09 12:06:20 -06:00
Peter Maydell
95117be5a3 hw/omap_dss.c: Fix !-vs-~ bug in handling DISPC_CONTROL
Fix a bug revealed by a coverity scan (see bug 887883) which meant
that we would never print the warning about unpredictable behaviour
if a nonexistent overlay is enabled.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-09 12:06:20 -06:00
Avi Kivity
4f26f2b6f2 configure: fix detection for xattr.h on modern distributions
Modern distributions place xattr.h in /usr/include/sys, and fold
libattr.so into libc.  They also don't have an ENOATTR.

Make configure detect this, and add a qemu-xattr.h file that
directs the #include to the right place.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-09 12:06:20 -06:00
Edgar E. Iglesias
9770b91252 virtex: Remove memset of clk_setup
clk_setup is now a function. Fixes a segfault.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2011-11-08 20:53:49 +01:00
Gerd Hoffmann
f67ab77a43 qxl: fix vga port initialization.
Commit 0a039dc700 broke vga modes for
qxl-vga by loosing vga_ioport_read windup.  qxl needs to hook into
vga port writes only and used to realize that by letting vga_init() do
the work for both reads and writes, then overwrite the write function.
That little detail was missed while doing the conversion ...

This patch fixes it.  It also switch qxl vga ioport registration to
portio lists while being at it.

Cc: Hans de Goede <hdegoede@redhat.com>
Acked-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-07 10:57:37 -06:00
Gerd Hoffmann
25a21c94c0 ac97: don't override the pci subsystem id
This patch removes the code lines which set the subsystem id for the
emulated ac97 card to 8086:0000.  Due to the device id being zero the
subsystem id isn't vaild anyway.  With the patch applied the sound card
gets the default qemu subsystem id (1af4:1100) instead.

[ v2: old & broken id is maintained for -M pc-$oldqemuversion ]

Cc: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-07 10:57:37 -06:00
Gerd Hoffmann
19857e625a pc: add 1.0 machine type
This patch adds a pc-1.0 machine type.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-07 10:57:36 -06:00
Paolo Bonzini
6023d83248 disable automatic loading of sgabios when -nographic
sgabios hasn't gotten a lot of coverage since it was not shipped.  For 1.0,
let's disable the automatic loading of the option ROM in -nographic
mode.  We can put it back for 1.1.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-11-07 10:57:36 -06:00
Anthony Liguori
2963e65a4e Merge remote-tracking branch 'kwolf/for-anthony' into staging 2011-11-07 10:57:27 -06:00
Anthony Liguori
ca062aaed0 Merge remote-tracking branch 'stefanha/trivial-patches' into staging 2011-11-07 10:56:38 -06:00
Anthony PERARD
e7b48c97fe xen-platform: Fix IO port read/write functions
Somehow, the read/write functions handle an offset that does not exist anymore.

Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-11-07 08:07:48 +00:00
Rabin Vincent
41bf234d8e arm_gic: handle banked enable bits for per-cpu interrupts
The first enable set/clear register (which controls the PPIs and SGIs)
is supposed to be banked for each processor.  Currently it is just
handled globally and this prevents recent SMP Linux kernels from
booting, because CPU0 stops receiving localtimer interrupts when CPU1
disables them locally.

To fix this, allow the enable bits to be enabled per-cpu.  For SPIs,
always enable/disable ALL_CPU_MASK.

Signed-off-by: Rabin Vincent <rabin@rab.in>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2011-11-06 16:01:08 +00:00
Kevin Wolf
acae6f1c4c dma: Avoid reentrancy in DMA transfer handlers
With the conversion of the block layer to coroutines, bdrv_read/write
have changed to run a nested event loop that calls qemu_bh_poll.
Consequently a scheduled BH can be called while a DMA transfer handler
runs and this means that DMA_run becomes reentrant.

Devices haven't been designed to cope with that, so instead of running a
nested transfer handler just wait for the next invocation of the BH from the
main loop.

This fixes some problems with the floppy device.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-11-04 14:23:58 +01:00
Blue Swirl
932eacc158 Merge branch 'xtensa' of git://jcmvbkbc.spb.ru/dumb/qemu-xtensa
* 'xtensa' of git://jcmvbkbc.spb.ru/dumb/qemu-xtensa:
  xtensa_lx60: fix build date code and change memory region names
  xtensa_lx60: pass kernel arguments from -append
  xtensa_lx60: add FLASH support
  target-xtensa: raise an exception for invalid and reserved opcodes
  target-xtensa: handle cache options in the overlay tool
  target-xtensa: mask out undefined bits of WINDOWSTART SR
2011-11-02 20:52:23 +00:00
Anthony Liguori
42dfb09510 Merge remote-tracking branch 'aneesh/for-upstream-8' into staging 2011-11-02 12:30:00 -05:00