Commit Graph

8231 Commits

Author SHA1 Message Date
David Gibson
1bfb37d1e0 target-ppc: Rework storage of VPA registration state
With PAPR guests, hypercalls allow registration of the Virtual Processor
Area (VPA), SLB shadow and dispatch trace log (DTL), each of which allow
for certain communication between the guest and hypervisor.  Currently, we
store the addresses of the three areas and the size of the dtl in
CPUPPCState.

The SLB shadow and DTL are variable sized, with the size being retrieved
from within the registered memory area at the hypercall time.  This size
can later be overwritten with other information, however, so we need to
save the size as of registration time.  We already do this for the DTL,
but not for the SLB shadow, so this patch fixes that.

In addition, we change the storage of the VPA information to use fixed
size integer types which will make life easier for syncing this data with
KVM, which we will need in future.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-10-29 11:45:54 +01:00
David Gibson
c89d52997c pseries: Don't allow duplicate registration of hcalls or RTAS calls
Currently the pseries machine code allows a callback to be registered
for a hypercall number twice, as long as it's the same callback the second
time.  We don't test for duplicate registrations of RTAS callbacks at all
so it will effectively be last registratiojn wins.

This was originally done because it was awkward to ensure that the
registration happened exactly once, but the code has since been
restructured so that's no longer the case.

Duplicate registration of a hypercall or RTAS call could well suggest
a duplicate initialization which could cause other problems, so this patch
makes duplicate registrations a bug, to prevent the old behaviour from
hiding other bugs.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-10-29 11:45:54 +01:00
zhlcindy@gmail.com
094b287f0b Add USB option in machine options
When -usb option is used, global varible usb_enabled is set.
And all the plaform will create one USB controller according
to this variable. In fact, global varibles make code hard
to read.

So this patch is to remove global variable usb_enabled and
add USB option in machine options. All the plaforms will get
USB option value from machine options.

USB option of machine options will be set either by:
  * -usb
  * -machine type=pseries,usb=on

Both these ways can work now. They both set USB option in
machine options. In the future, the first way will be removed.

Signed-off-by: Li Zhang <zhlcindy@linux.vnet.ibm.com>
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-10-29 11:45:54 +01:00
Bharat Bhushan
59de4f98d1 e500: Fix serial initialization
it was wrongly using serial_hds[0] instead of serial_hds[1]

Signed-off-by: Bharat Bhushan <bharat.bhushan@freescale.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-10-29 11:45:54 +01:00
Alexander Graf
5232fa59b1 PPC: Bamboo: Fix memory size DT property
Device tree properties need to be specified in big endian. Fix the
bamboo memory size property accordingly.

Signed-off-by: Alexander Graf <agraf@suse.de>
CC: qemu-stable@nongnu.org
2012-10-29 11:45:54 +01:00
Max Filippov
50cd721482 hw/xtensa_sim: get rid of intermediate xtensa_sim_init
Remove xtensa_sim_init that only explodes machine init args, rename
sim_init to xtensa_sim_init.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-27 15:04:00 +00:00
Max Filippov
d64ed08eec hw/xtensa_lx60: don't prematurely explode QEMUMachineInitArgs
Don't explode QEMUMachineInitArgs before passing it to lx_init.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-27 15:03:59 +00:00
Gerd Hoffmann
0ebfb144e8 xhci: fix usb name in caps
Used to be "UTB" not "USB".

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 14:38:12 +02:00
Gerd Hoffmann
91062ae00f xhci: make number of interrupters and slots configurable
Add properties to tweak the numbers of available interrupters and slots.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 14:37:34 +02:00
Gerd Hoffmann
e099ad4b7e xhci: allow disabling interrupters
For secondary interrupters this is explicitly allowed in the specs.
For the primary interrupter behavior is undefined, lets be friendly
and allow disabling too.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 14:35:55 +02:00
Gerd Hoffmann
3f973ee84e xhci: flush endpoint context unconditinally
Not updating the endpoint context in case the state didn't change is
wrong.  Other context fields might have changed, for example the
dequeue pointer in response to a CR_SET_TR_DEQUEUE command.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 14:35:47 +02:00
Gerd Hoffmann
79a8af3509 xhci: fix function name in error message
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 14:35:39 +02:00
Hans de Goede
6fe30910ab uhci: Use only one queue for ctrl endpoints
ctrl endpoints use different pids for different phases of a control
transfer, this patch makes us use only one queue for a ctrl ep, rather
then 3.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:12 +02:00
Hans de Goede
8928c9c43d uhci: Retry to fill the queue while waiting for td completion
If the guest is using multiple transfers to try and keep the usb bus busy /
used at maximum efficiency, currently we would see / do the following:

1) submit transfer 1 to the device
2) submit transfer 2 to the device
3) report transfer 1 completion to guest
4) report transfer 2 completion to guest
5) submit transfer 1 to the device
6) report transfer 1 completion to guest
7) submit transfer 2 to the device
8) report transfer 2 completion to guest
etc.

So after the initial submission we would effectively only have 1 transfer
in flight, rather then 2. This is caused by us not checking the queue for
addition of new transfers by the guest (ie the resubmission of a recently
finished transfer), while waiting for a pending transfer to complete.
This patch does add a check for this, changing the sequence to:

1) submit transfer 1 to the device
2) submit transfer 2 to the device
3) report transfer 1 completion to guest
4) submit transfer 1 to the device
5) report transfer 2 completion to guest
6) submit transfer 2 to the device
etc.

Thus keeping 2 transfers in flight (most of the time, and always 1),
as intended by the guest.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:12 +02:00
Hans de Goede
3905097ea8 uhci: Always mark a queue valid when we encounter it
Before this patch we would not mark a queue valid when its head was a
non-active td. This causes us to misbehave in the following scenario:

1) queue with multiple input transfers queued
2) We hit some latency issue, causing qemu to get behind processing frames
3) When qemu gets to run again, it notices the first transfer ends short,
   marking the head td non-active
4) It now processes 32+ frames in a row without giving the guest a chance
   to run since it is behind
5) valid is decreased to 0, causing the queue to get cancelled also cancelling
   already queued up further input transfers
6) guest gets to run, notices the inactive td, cleanups up further tds
   from the short transfer, and lets the queue continue at the first td of
   the next input transfer
7) we re-start the queue, issuing the second input transfer for the *second*
   time, and any data read by the first time we issued it has been lost

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:12 +02:00
Hans de Goede
420ca987d5 uhci: When the guest marks a pending td non-active, cancel the queue
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:12 +02:00
Hans de Goede
8c75a899f8 uhci: Detect guest td re-use
A td can be reused by the guest in a different queue, before we notice
the original queue has been unlinked. So search for tds by addr only, detect
guest td reuse, and cancel the original queue, this is necessary to keep our
packet ids unique.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
66a08cbe6a uhci: Verify queue has not been changed by guest
According to the spec a guest can unlink a qh, and then as soon as frindex
has changed by 1 since the unlink, assume it is idle and re-use it. However
for various reasons, we cannot simply consider a qh as unlinked if we've not
seen it for 1 frame. This means that it is possible for a guest to re-use /
restart the queue while we still see its old state. This patch adds a safety
check for this, and "early" retires queues when they were changed by the guest.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
5ad23e873c uhci: Immediately free queues on device disconnect
There is no need to just cancel any in-flight packets, and then wait
for validate-end to clean things up, we can simply clean things up
immediately on device removal.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
11d15e402b uhci: Store ep in UHCIQueue
This avoids the need to repeatedly lookup the device, and ep.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
a4f30cd766 uhci: Make uhci_fill_queue() actually operate on an UHCIQueue
And move its calling point to handle_td, this removes the ep_ret ugliness,
and prepates the way for further cleanups in the follow-up patches in this
patch-set.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
963a68b54f uhci: Add uhci_read_td() helper function
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
1f250cc772 uhci: Rename UHCIAsync->td to UHCIAsync->td_addr
We use the name td both to refer to a UHCI_TD read from guest memory as
well as to refer to the guest address where a td is stored, switch over
to always use td_addr in the second case for consistency.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
4050737726 uhci: Move emptying of the queue's asyncs' queue to uhci_queue_free
Cleanup: all callers of uhci_queue_free first unconditionally cancel
all remaining asyncs in the queue, so lets move this to uhci_queue_free().

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
3c87c76d1a uhci: Drop unnecessary forward declaration of some static functions
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:11 +02:00
Hans de Goede
a89e255b0c uhci: Don't retry on error
Since we are either dealing with emulated devices, where retrying is
not going to help, or with redirected devices where the host OS will
have already retried, don't bother retrying on failed transfers.

Also move some common/indentical code out of all the error cases
into the generic error path.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
2f2ee2689f uhci: cleanup: Add an unlink call to uhci_async_cancel()
All callers of uhci_async_cancel() call uhci_async_unlink() first, so
lets move the unlink call to uhci_async_cancel()

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
5b352ed537 uhci: No need to handle async completion of isoc packets
No devices ever return async for isoc endpoints and the core
already enforces this.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
aaac74343d usb: Enforce iso endpoints never returing USB_RET_ASYNC
ehci was already testing for this, and we depend in various places
on no devices doing this, so lets move the check for this to the
usb core.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
a6fb2ddb14 usb: Add an int_req flag to USBPacket
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
6ba43f1f6b usb: Move short-not-ok handling to the core
After a short-not-ok packet ending short, we should not advance the queue.
Move enforcing this to the core, rather then handling it in the hcd code.

This may result in the queue now actually containing multiple input packets
(which would not happen before), and this requires special handling in
combination with pipelining, so disable pipleining for input endpoints
(for now).

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
0cae7b1a00 usb: Move clearing of queue on halt to the core
hcds which queue up more then one packet at once (uhci, ehci and xhci),
must clear the queue after an error which has caused the queue to halt.

Currently this is handled as a special case inside the hcd code, this
patch instead adds an USB_RET_REMOVE_FROM_QUEUE packet result code, teaches
the 3 hcds about this and moves the clearing of the queue on a halt into
the USB core.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:10 +02:00
Hans de Goede
36dfe324fd usb: Add USB_RET_ADD_TO_QUEUE packet result code
This can be used by usb-device code which wishes to process an entire endpoint
queue at once, to do this the usb-device code returns USB_RET_ADD_TO_QUEUE
from its handle_data class method and defines a flush_ep_queue class method
to call when the hcd is done queuing up packets.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
d0ff81b871 usb: Rename __usb_packet_complete to usb_packet_complete_one
And make it available for use outside of core.c

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
3151f2096d xhci: Add a xhci_ep_nuke_one_xfer helper function
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
b4ea866499 ehci: Retry to fill the queue while waiting for td completion
If the guest is using multiple transfers to try and keep the usb bus busy /
used at maximum efficiency, currently we would see / do the following:

1) submit transfer 1 to the device
2) submit transfer 2 to the device
3) report transfer 1 completion to guest
4) report transfer 2 completion to guest
5) submit transfer 1 to the device
6) report transfer 1 completion to guest
7) submit transfer 2 to the device
8) report transfer 2 completion to guest
etc.

So after the initial submission we would effectively only have 1 transfer
in flight, rather then 2. This is caused by us not checking the queue for
addition of new transfers by the guest (ie the resubmission of a recently
finished transfer), while waiting for a pending transfer to complete.
This patch does add a check for this, changing the sequence to:

1) submit transfer 1 to the device
2) submit transfer 2 to the device
3) report transfer 1 completion to guest
4) submit transfer 1 to the device
5) report transfer 2 completion to guest
6) submit transfer 2 to the device
etc.

Thus keeping 2 transfers in flight (most of the time, and always 1),
as intended by the guest.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
e3a36bce1d ehci: Detect going in circles when filling the queue
For ctrl endpoints Windows (atleast Win7) creates circular td lists, so far
these were not a problem because we would stop filling the queue if altnext
was set. Since further patches in this patchset remove the altnext check this
does become a problem and we need detection for going in circles.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
44272b0f88 ehci: Speed up the timer of raising int from the async schedule
Often the guest will queue up new packets in response to a packet, in the
async schedule with its IOC flag set, completing. By speeding up the
frame-timer, we notice these new packets earlier. This increases the
speed (MB/s) of a Linux guest reading from a USB mass storage device by a
factor of 1.15 on top of the "Improve latency of interrupt delivery"
speed-ups, both with and without input pipelining enabled.

I've not tested the speed-up of this patch without the
"Improve latency of interrupt delivery" patch.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
0262f65aaa ehci: Improve latency of interrupt delivery and async schedule scanning
While doing various performance tests of reading from USB mass storage devices
I noticed the following::
1) When an async handled packet completes, we don't immediately report an
   interrupt to the guest, instead we wait for the frame-timer to run and
   report it from there
2) If 1) has been fixed and an async handled packet takes a while to complete,
   then async_stepdown will become a high value, which means that there
   will be a large latency before any new packets queued by the guest in
   response to the interrupt get seen

1) was done deliberately as part of commit f0ad01f92:
http://www.kraxel.org/cgit/qemu/commit/?h=usb.57&id=f0ad01f92ca02eee7cadbfd225c5de753ebd5fce
Since setting the interrupt immediately on async packet completion was causing
issues with Linux guests, I believe this recently fixed Linux bug explains
why this is happening:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commitdiff;h=361aabf395e4a23cf554cf4ec0c0c6963b8beb01

Note that we can *not* count on this fix being present in all Linux guests!

I was hoping that the recently added support for Interrupt Threshold Control
would fix the issues with Linux guests, but adding a simple ehci_commit_irq()
call to ehci_async_bh() still caused problems with Linux guests.

The problem is, that when doing ehci_commit_irq() from ehci_async_bh(),
the "old" frindex value is used to calculate usbsts_frindex, and when
the frame-timer then runs possibly very shortly after ehci_async_bh(),
it increases the frame-timer, and thus any interrupts raised from that
frame-timer run, will also get reported to the guest immediately, rather
then being delayed to the next frame-timer run.

Luckily the solution for this is simple, this means that we need to
increase frindex before calling ehci_commit_irq() from ehci_async_bh(),
which in the end boils down to simple calling ehci_frame_timer() instead
of ehci_async_bh() from the bh.

This may seem like it causes a lot of extra work to be done, but this
is not true. Any work done from the frame-timer processing the periodic
schedule is work which then does not need to be done the next time the
frame timer runs, also the frame-timer will re-arm itself at (possibly)
a later time then it was armed for saving a vmexit at that time.

As an additional advantage moving to simply calling the frame-timer also
fixes 2) as the packet completion will set async_stepdown to 0, and the
re-arming of the timer with an async_stepdown of 0 ensures that any
newly queued up packets get seen in a reasonable amount of time.

This improves the speed (MB/s) of a Linux guest reading from a USB mass
storage device by a factor of 1.5 - 1.7 with input pipelining disabled,
and by a factor of 1.8 with input pipelining enabled.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
cf08a8a1f6 ehci: Set int flag on a short input packet
According to 4.15.1.2 an interrupt must be raised when a short packet
is received. If we don't do this it may take a significant time for
the guest to notice a short trasnfer has completed, since only the last td
will have its IOC flag set, and a short transfer may complete in an earlier
packet.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
549a3c3d96 ehci: Get rid of packet tbytes field
This field is used in some places to track the tbytes field of the token, but
in other places the field is used directly, use it directly everywhere for
consistency.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:09 +02:00
Hans de Goede
7c2eaca4ef uhci: Move checks to continue queuing to uhci_fill_queue()
Rather then having a special check to start queuing after the first packet,
and then another check for the other packets in uhci_fill_queue(), simply
check the previous packet beforehand in uhci_fill_queue()

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:08 +02:00
Hans de Goede
00a0770de3 uhci: Properly unmap packets on cancel / invalid pid
Packets with an invalid pid, or which were cancelled have
usb_packet_map() called on them on init, but not usb_packet_unmap()
before being freed.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-25 09:08:08 +02:00
Avi Kivity
a8170e5e97 Rename target_phys_addr_t to hwaddr
target_phys_addr_t is unwieldly, violates the C standard (_t suffixes are
reserved) and its purpose doesn't match the name (most target_phys_addr_t
addresses are not target specific).  Replace it with a finger-friendly,
standards conformant hwaddr.

Outstanding patchsets can be fixed up with the command

  git rebase -i --exec 'find -name "*.[ch]"
                        | xargs s/target_phys_addr_t/hwaddr/g' origin

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-10-23 08:58:25 -05:00
Anthony Liguori
50d2b4d93f Merge remote-tracking branch 'qemu-kvm/memory/urgent' into staging
* qemu-kvm/memory/urgent:
  memory: abort if a memory region is destroyed during a transaction
  i440fx: avoid destroying memory regions within a transaction
  memory: Make eventfd adhere to device endianness
2012-10-22 14:49:18 -05:00
Anthony Liguori
248bbe7493 Merge remote-tracking branch 'awilliam/tags/vfio-pci-for-qemu-20121017.0' into staging
* awilliam/tags/vfio-pci-for-qemu-20121017.0:
  vfio-pci: Mark non-migratable
  vfio-pci: Fix debug build
2012-10-22 14:48:23 -05:00
Gerd Hoffmann
da124e62de usb-serial: only expose device in guest when the chardev is open
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-10-22 13:26:42 -05:00
Gerd Hoffmann
70330fb3da usb-serial: don't magically zap chardev on umplug
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-10-22 13:26:42 -05:00
Gerd Hoffmann
90734e02bd serial: add pci-serial documentation
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-10-22 13:26:42 -05:00
Gerd Hoffmann
d66bbea4e0 serial: add 2x + 4x pci variant
Add multiport serial card implementation, with two variants, one
featuring two and one featuring four ports.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-10-22 13:26:42 -05:00
Gerd Hoffmann
419ad67208 serial: add pci variant
So we get a hot-pluggable 16550 uart.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-10-22 13:26:42 -05:00
Gerd Hoffmann
488cb996cd serial: split serial.c
Split serial.c into serial.c, serial.h and serial-isa.c.  While being at
creating a serial.h header file move the serial prototypes from pc.h to
the new serial.h.  The latter leads to s/pc.h/serial.h/ in tons of
boards which just want the serial bits from pc.h

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-10-22 13:26:42 -05:00
Anthony Liguori
f526f3c315 Merge remote-tracking branch 'quintela/migration-next-20121017' into staging
* quintela/migration-next-20121017: (41 commits)
  cpus: create qemu_in_vcpu_thread()
  savevm: make qemu_file_put_notify() return errors
  savevm: un-export qemu_file_set_error()
  block-migration: handle errors with the return codes correctly
  block-migration:  Switch meaning of return value
  block-migration: make flush_blks() return errors
  buffered_file: buffered_put_buffer() don't need to set last_error
  savevm: Only qemu_fflush() can generate errors
  savevm: make qemu_fill_buffer() be consistent
  savevm: unexport qemu_ftell()
  savevm: unfold qemu_fclose_internal()
  savevm: make qemu_fflush() return an error code
  savevm: Remove qemu_fseek()
  virtio-net: use qemu_get_buffer() in a temp buffer
  savevm: unexport qemu_fflush
  migration: make migrate_fd_wait_for_unfreeze() return errors
  buffered_file: make buffered_flush return the error code
  buffered_file: callers of buffered_flush() already check for errors
  buffered_file: We can access directly to bandwidth_limit
  buffered_file: unfold migrate_fd_close
  ...
2012-10-22 13:26:23 -05:00
Anthony Liguori
d3e2efc5b5 Merge remote-tracking branch 'qemu-kvm/memory/dma' into staging
* qemu-kvm/memory/dma: (23 commits)
  pci: honor PCI_COMMAND_MASTER
  pci: give each device its own address space
  memory: add address_space_destroy()
  dma: make dma access its own address space
  memory: per-AddressSpace dispatch
  s390: avoid reaching into memory core internals
  memory: use AddressSpace for MemoryListener filtering
  memory: move tcg flush into a tcg memory listener
  memory: move address_space_memory and address_space_io out of memory core
  memory: manage coalesced mmio via a MemoryListener
  xen: drop no-op MemoryListener callbacks
  kvm: drop no-op MemoryListener callbacks
  xen_pt: drop no-op MemoryListener callbacks
  vfio: drop no-op MemoryListener callbacks
  memory: drop no-op MemoryListener callbacks
  memory: provide defaults for MemoryListener operations
  memory: maintain a list of address spaces
  memory: export AddressSpace
  memory: prepare AddressSpace for exporting
  xen_pt: use separate MemoryListeners for memory and I/O
  ...
2012-10-22 13:26:07 -05:00
Avi Kivity
1c380f9460 pci: honor PCI_COMMAND_MASTER
Currently we ignore PCI_COMMAND_MASTER completely: DMA succeeds even when
the bit is clear.

Honor PCI_COMMAND_MASTER by inserting a memory region into the device's
bus master address space, and tying its enable status to PCI_COMMAND_MASTER.

Tested using

  setpci -s 03 COMMAND=3

while a ping was running on a NIC in slot 3.  The kernel (Linux) detected
the stall and recovered after the command

  setpci -s 03 COMMAND=7

was issued.

Signed-off-by: Avi Kivity <avi@redhat.com>
2012-10-22 14:50:08 +02:00
Avi Kivity
817dcc5368 pci: give each device its own address space
Accesses from different devices can resolve differently
(depending on bridge settings, iommus, and PCI_COMMAND_MASTER), so
set up an address space for each device.

Currently iommus are expressed outside the memory API, so this doesn't
work if an iommu is present.

Signed-off-by: Avi Kivity <avi@redhat.com>
2012-10-22 14:50:08 +02:00
Avi Kivity
b90600eed3 dma: make dma access its own address space
Instead of accessing the cpu address space, use an address space
configured by the caller.

Eventually all dma functionality will be folded into AddressSpace,
but we have to start from something.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2012-10-22 14:50:08 +02:00
Avi Kivity
f6790af6bc memory: use AddressSpace for MemoryListener filtering
Using the AddressSpace type reduces confusion, as you can't accidentally
supply the MemoryRegion you're interested in.

Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2012-10-22 14:50:07 +02:00
Peter Maydell
a5089c0501 hw/pl031: Use LOG_GUEST_ERROR
Use LOG_GUEST_ERROR rather than hw_error or direct fprintf.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-20 07:56:22 +00:00
Peter Maydell
af83c32bd4 hw/pl022: Use LOG_UNIMP and LOG_GUEST_ERROR
Use LOG_UNIMP and LOG_GUEST_ERROR where appropriate rather
than hw_error().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-20 07:56:22 +00:00
Peter Maydell
6d5433e00a hw/pl011: Use LOG_UNIMP and LOG_GUEST_ERROR
Use the new LOG_UNIMP and LOG_GUEST_ERROR logging types rather
than hw_error().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-20 07:56:22 +00:00
Peter Maydell
fd271e81aa hw/pl190: Use LOG_GUEST_ERROR
If the guest attempts an offset to a nonexistent register, just
log this via LOG_GUEST_ERROR rather than killing QEMU with a hw_error.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-20 07:56:22 +00:00
Peter Maydell
b1d9df9021 hw/pl041: Use LOG_UNIMP
Use the new LOG_UNIMP tracing to report unimplemented
features.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-20 07:56:22 +00:00
Peter Maydell
9351d70829 hw/pl181: Use LOG_UNIMP and LOG_GUEST_ERROR
Rather than a mix of direct printing to stderr and aborting
via hw_error(), use LOG_UNIMP and LOG_GUEST_ERROR.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-20 07:56:22 +00:00
Peter Maydell
051c02b6c9 hw/hw.h: Add include of qemu-log.h
Add an include of qemu-log.h to hw.h, so that device model
code has access to these logging functions without the need
to directly include qemu-log.h.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-20 07:56:22 +00:00
Eduardo Habkost
5f072e1f30 create struct for machine initialization arguments
This should help us to:
- More easily add or remove machine initialization arguments without
  having to change every single machine init function;
- More easily make mechanical changes involving the machine init
  functions in the future;
- Let machine initialization forward the init arguments to other
  functions more easily.

This change was half-mechanical process: first the struct was added with
the local ram_size, boot_device, kernel_*, initrd_*, and cpu_model local
variable initialization to all functions. Then the compiler helped me
locate the local variables that are unused, so they could be removed.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-20 07:53:28 +00:00
Gerd Hoffmann
a96d8bea8e vga: remove CONFIG_BOCHS_VBE
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-20 07:52:54 +00:00
Gerd Hoffmann
cc22824860 vga: add specs for standard vga
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-20 07:52:54 +00:00
Gerd Hoffmann
803ff052b6 vga: add mmio bar to standard vga
This patch adds a mmio bar to the qemu standard vga which allows to
access the standard vga registers and bochs dispi interface registers
via mmio.

Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-20 07:52:54 +00:00
Gerd Hoffmann
0d0302e203 vga: fix indention
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-20 07:52:54 +00:00
Alex Williamson
d9f0e63898 vfio-pci: Mark non-migratable
We haven't magically fixed this yet.  Toss in a description too.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2012-10-17 11:20:14 -06:00
Alex Williamson
a011b10e0c vfio-pci: Fix debug build
Stray variable from before MSI-X rework

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2012-10-17 11:20:11 -06:00
Juan Quintela
e398d61b47 virtio-net: use qemu_get_buffer() in a temp buffer
qemu_fseek() is known to be wrong.  Would be removed on the next
commit.  This code should never been used (value has been
MAC_TABLE_ENTRIES since 2009).

Signed-off-by: Juan Quintela <quintela@redhat.com>

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2012-10-17 18:34:59 +02:00
Avi Kivity
2725aec701 i440fx: avoid destroying memory regions within a transaction
Calling memory_region_destroy() within a transaction is illegal, since
the memory API is allowed to continue to dispatch to a region until the
transaction commits.  440fx does that however when managing PAM registers.

This bug is benign, since the regions are all aliases (which the memory
core tends to throw anyway), and since we don't do concurrent dispatch yet,
but instead of relying on that, tighten ship ahead of the coming concurrency
storm.

Fix by having a predefined set of regions, of which one will be enabled at
any time.

Signed-off-by: Avi Kivity <avi@redhat.com>
2012-10-17 17:10:04 +02:00
Avi Kivity
6381fc188c xen_pt: drop no-op MemoryListener callbacks
Removes quite a bit of useless code.

Signed-off-by: Avi Kivity <avi@redhat.com>
2012-10-15 11:43:07 +02:00
Avi Kivity
e71e602cb5 vfio: drop no-op MemoryListener callbacks
Removes quite a bit of useless code.

Signed-off-by: Avi Kivity <avi@redhat.com>
2012-10-15 11:43:07 +02:00
Avi Kivity
12b40e471f xen_pt: use separate MemoryListeners for memory and I/O
Using an unfiltered memory listener will cause regions to be reported
fails multiple times if we have more than two address spaces.  Use a separate
listener for memory and I/O, and utilize MemoryListener's address space
filtering to fix this.

Signed-off-by: Avi Kivity <avi@redhat.com>
2012-10-15 11:43:06 +02:00
Avi Kivity
0fada67420 vhost: use MemoryListener filtering to only monitor RAM address space
Instead of checking manually, let the listener filter for us.  This prepares
us for DMA address spaces.

Signed-off-by: Avi Kivity <avi@redhat.com>
2012-10-15 11:43:06 +02:00
Andreas Färber
b64ba4b232 sun4u: Pass SPARCCPU to cpu_set_ivec_irq()
Needed for moving halted field to CPUState.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-13 10:44:13 +00:00
Andreas Färber
ce18c558f0 sun4u: Pass SPARCCPU to cpu_kick_irq()
Needed for changing qemu_cpu_kick() argument type to CPUState.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-13 10:44:13 +00:00
Andreas Färber
6b678e1f9b sun4u: Pass SPARCCPU to {,s,hs}tick_irq() and cpu_timer_create()
Needed for changing cpu_kick_irq() argument type to SPARCCPU.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-13 10:44:13 +00:00
Andreas Färber
38c66cf281 sun4m: Pass SPARCCPU to cpu_kick_irq()
Needed for changing qemu_cpu_kick() argument type to CPUState.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-13 10:44:13 +00:00
Andreas Färber
e0bbf9b573 sun4m: Pass SPARCCPU to cpu_set_irq()
Needed for changing cpu_kick_irq() argument type to SPARCCPU.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-10-13 10:44:13 +00:00
Anthony Liguori
ae72f3f539 Merge remote-tracking branch 'pmaydell/arm-devs.for-upstream' into staging
* pmaydell/arm-devs.for-upstream:
  arm_gic: Rename gic_state to GICState
  zynq_slcr: Fixed ResetValues enum
  versatilepb: add gpio pl061 support
  hw/ds1338: Implement state save/restore
  hw/ds1338: Remove 'now' field from state struct
  hw/ds1338: Recapture current time when register pointer wraps around
  hw/ds1338: Fix mishandling of register pointer
  hw/arm_gic.c: Fix improper DPRINTF output.
  cadence_ttc: Fix 'clear on read' behavior
2012-10-12 11:20:14 -05:00
Anthony Liguori
628cc97df7 Merge remote-tracking branch 'kraxel/usb.67' into staging
* kraxel/usb.67:
  uhci: Raise interrupt when requested even for non active tds
  usb-redir: Don't make migration fail in none seamless case
  usb-redir: Change usbredir_open_chardev into usbredir_create_parser
2012-10-12 09:14:32 -05:00
Anthony Liguori
557e01a3f9 Merge remote-tracking branch 'awilliam/tags/vfio-pci-for-qemu-20121008.0' into staging
* awilliam/tags/vfio-pci-for-qemu-20121008.0:
  vfio-pci: Fix BAR->VFIODevice translation in
  vfio-pci: Clang cleanup
  vfio-pci: Cleanup on INTx setup failure
  vfio-pci: Extend reset
  vfio-pci: Remove setting of MSI qsize
  vfio-pci: Use uintptr_t for void* cast
  vfio-pci: Don't peak at msi_supported
  vfio-pci: Roll the header into the .c file
  vfio-pci: No spurious MSIs
  vfio-pci: Rework MSIX setup/teardown
  vfio-pci: Unmap and retry DMA mapping
  vfio-pci: Re-order map/unmap
  vfio-pci: Update slow path INTx algorithm
2012-10-12 09:14:14 -05:00
Anthony Liguori
4336ef7a55 Merge remote-tracking branch 'stefanha/net' into staging
* stefanha/net:
  net: consolidate NetClientState header files into one
  virtio-net: update nc.link_down in virtio_net_load()
  e1000: update nc.link_down in e1000_post_load()
  rtl8139: implement 8139cp link status
2012-10-12 09:14:04 -05:00
Anthony Liguori
3f42ac89ba Merge remote-tracking branch 'spice/spice.v61' into staging
* spice/spice.v61:
  qxl: set default revision to 4
  spice: raise requirement to 0.12
  hw/qxl: qxl_dirty_surfaces: use uintptr_t
  hw/qxl: fix condition for exiting guest_bug
  hw/qxl: exit on failure to register qxl interface
  qxl: fix range check for rev3 io commands.
  qxl/update_area_io: cleanup invalid parameters handling
  qxl: always update displaysurface on resize
2012-10-12 09:13:58 -05:00
Peter Maydell
fae1528675 arm_gic: Rename gic_state to GICState
Rename the gic_state struct to match QEMU's coding style conventions
for structure names, since the impending KVM-for-ARM patches will
create another subclass of it. This patch was created using:
  sed -i 's/gic_state/GICState/g' hw/arm_gic.c hw/arm_gic_common.c \
    hw/arm_gic_internal.h hw/armv7m_nvic.c

Acked-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-12 11:54:39 +01:00
Peter A. G. Crosthwaite
fa2ddcb4f5 zynq_slcr: Fixed ResetValues enum
There is a gap in the reset region of the address space at offset 0x208. This
throws out all these enum values by one when translating them to address offsets.
Fixed by putting the corresponding gap in the enum as well.

Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-12 11:54:39 +01:00
Jean-Christophe PLAGNIOL-VILLARD
853e65e0b4 versatilepb: add gpio pl061 support
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-12 11:54:39 +01:00
Peter Maydell
f4741402ab hw/ds1338: Implement state save/restore
Implement state save/restore for the DS1338. This requires
the usual minor adjustment of types in the state struct to
get fixed-width ones with vmstate macros.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-12 11:54:38 +01:00
Peter Maydell
7f7fd0f2e4 hw/ds1338: Remove 'now' field from state struct
The 'struct tm now' field in the state structure is in fact only
ever used as a temporary (the actual RTC state is held in 'offset').
Remove it from the state structure in favour of using local variables
to avoid confusion about whether it needs to be saved on migration.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-12 11:54:38 +01:00
Peter Maydell
35b87a8613 hw/ds1338: Recapture current time when register pointer wraps around
The DS1338 datasheet documents that the current time is captured into
the secondary registers when the register pointer wraps round to zero
as well as at a START condition. Implement this.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-12 11:54:38 +01:00
Peter Maydell
ba4906a9b6 hw/ds1338: Fix mishandling of register pointer
Correct several deficiencies in the handling of the register pointer:
 * it should wrap around after 0x3f, not 0xff
 * guard against the caller handing us an out of range pointer
   (on h/w this can never happen, because only a 7 bit value is
   transferred over the I2C bus)
 * there was confusion over whether nvram[] holds only the 56 bytes
   of guest-accessible NVRAM, or also the secondary registers
   which hold the value of the clock captured at the start of a
   multibyte read. Correct to consistently be the latter, by fixing
   the array size and the offset used for NVRAM writes.
 * ds1338_send was attempting to use 'data' as both the data and
   the register offset simultaneously, which meant that writes to
   any register were broken; fix to use the register pointer.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-12 11:54:38 +01:00
Evgeny Voevodin
9ab1b6053f hw/arm_gic.c: Fix improper DPRINTF output.
s->cpu_enabled is an array, so s->cpu_enabled ? "En" : "Dis" returns
"En" always. We should use s->cpu_enabled[cpu] here.

Signed-off-by: Evgeny Voevodin <e.voevodin@samsung.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-12 11:54:37 +01:00
Soren Brinkmann
884285bf64 cadence_ttc: Fix 'clear on read' behavior
A missing call to qemu_set_irq() when reading the IRQ register
required SW to write to the IRQ register to acknowledge an
interrupt. With this patch the behavior is fixed:
 - Reading the interrupt register clears it and updates the timers
   interrupt status
 - Writes to the interrupt register are ignored

Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-10-12 11:54:37 +01:00
Hans de Goede
883bca776d uhci: Raise interrupt when requested even for non active tds
According to the spec we must raise an interrupt when one is requested
even for non active tds.

Linux depends on this, for bulk transfers it runs an inactivity timer
to work around a bug in early uhci revisions, when we take longer then
200 ms to process a packet, this timer goes of, and as part of the
handling Linux then unlinks the qh, and relinks it after the frindex
has increased by atleast 1, the problem is Linux only checks for the
frindex increases on an interrupt, and we don't send that, causing
the qh to go inactive for more then 32 frames, at which point we
consider the packet cancelled.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-11 09:33:33 +02:00
Hans de Goede
5c16f76781 usb-redir: Don't make migration fail in none seamless case
Instead simple disconnect the device like host redirection does on
migration.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-11 09:32:10 +02:00
Hans de Goede
dbbf01958e usb-redir: Change usbredir_open_chardev into usbredir_create_parser
As we need to create the parser at more places.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-11 09:32:10 +02:00