Commit Graph

14781 Commits

Author SHA1 Message Date
David Hildenbrand
09c7f58ca9 s390x: unify device reset during subsystem_reset()
We have to manually reset several devices that are not on a bus: Let's
collect them in an array.

Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2015-10-21 12:21:29 +02:00
Peter Maydell
426c0df9e3 Merge io-channels-3 partial branch
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJWJl9qAAoJEL6G67QVEE/fn+gQAI4Y+0CLmds9bb0q3yWUmhwx
 QUjnae8Ji11av6i9chSh3Qg1ZLdYl/SbpS/yi+YOfGHo3k8cAU6JqWvCfZW5wSck
 541X89b6s6kF2HsknRm1tJchQHsp8kxe4nlNgzJN8lraOcamBNzWH4GngXV6km6t
 V15JIOKCW1zW9w13O+Td8buN0MTDFxioe1sbZsdhyNWGoKSGXSlOcWNzr18zE/Ji
 SryhHt45hanV7Aiq/jW+rDHgddOjpspA7vSW/f2SCimAtbrVx6+2ZTEvIVnylfj0
 VgE4XiH385RZN0wHMT8Gs4wEaB8BM4coRJBDVoRqk0fy6FtEvgK3Z/48KHYiAhkr
 rWLQiat/o20cbgRCVRWju5/DPoFwQEM0GStEI+NVMBMUW8sxnQ2ob16Ks60u/FaU
 PT8WKApQz1258FxWURjJzs6dObp62CJdNqUjvwJ6kQkSrdxDsqDz07BcMqbQ3D/H
 VNP/L5b24eLZQKo9KSAxtfIgUeQuvceN0csZ++Sb1ABnu+tTp8S2P8Y//lugghsq
 PvgmZNt2oCySVLMCEenu5a2y+NlavzzPVl64CJRDXdv65uoPUDo7YJjt6z3iwmEu
 UUJTr178r3lKZH4bzlwq6bLz/XbM4RMk7KI1HzFP/MPL1AMggdB8zPZZ2J0N7t7X
 Xl4kofpluFBmBILt4PKl
 =XIOA
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/io-channel-3-for-upstream' into staging

Merge io-channels-3 partial branch

# gpg: Signature made Tue 20 Oct 2015 16:36:10 BST using RSA key ID 15104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"

* remotes/berrange/tags/io-channel-3-for-upstream:
  util: pull Buffer code out of VNC module
  coroutine: move into libqemuutil.a library
  osdep: add qemu_fork() wrapper for safely handling signals
  ui: convert VNC startup code to use SocketAddress
  sockets: allow port to be NULL when listening on IP address
  sockets: move qapi_copy_SocketAddress into qemu-sockets.c
  sockets: add helpers for creating SocketAddress from a socket

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-20 16:51:43 +01:00
Cornelia Huck
085b0b055b s390x/virtio-ccw: fix 2.4 virtio compat
Commit 542571d5 ("virtio-ccw: enable virtio-1") missed some virtio
devices for the 2.4 compat handling. Add them.

Fixes: 542571d5 ("virtio-ccw: enable virtio-1")
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
2015-10-20 16:21:00 +02:00
Daniel P. Berrange
10817bf09d coroutine: move into libqemuutil.a library
The coroutine files are currently referenced by the block-obj-y
variable. The coroutine functionality though is already used by
more than just the block code. eg migration code uses coroutine
yield. In the future the I/O channel code will also use the
coroutine yield functionality. Since the coroutine code is nicely
self-contained it can be easily built as part of the libqemuutil.a
library, making it widely available.

The headers are also moved into include/qemu, instead of the
include/block directory, since they are now part of the util
codebase, and the impl was never in the block/ directory
either.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-10-20 14:59:04 +01:00
Peter Maydell
ee9dfed242 virtio-input: ignore events until the guest driver is ready
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJWJejIAAoJEEy22O7T6HE4UjoP/1QhO8VSSpbLMdvz3omMXFuU
 xZFPOfqGxrC8YX7o84FYUXwIfwDFuJljPab8raoXXz6EfpEBixvuCmYZBo+wEdRA
 Do9JVi18NyiFMpRve1NNi+m30SZHv367xAMUXV7iEOWSUrwEnfNZpY08KhS2Cb3N
 pJSYiAKx0llFZwSmSKFjkY7iAYMgsHOFWUbYgSaC3U1++i40AQnXavikKbKSXCpC
 9GRBqOJ+V3dHORQQ/nqQzYp7EfYmWhJKmu2zcUDFGbhq4EGQOIkWpxFJEM/4ofGB
 8wLB3AImGEdODyB7ohMQw5rVFHwftSP52eiWWo6Vp6CCuDRpzsI+GDXJufN8+a4i
 sNsbdXb0LgLOdIHNkTZhE+doCWBx+cDUeOWoJul7g1pBO+T5A4okStSWYu2Oav9c
 knK9EPAyyXpX/LBCHdrSIUtuqiIy0nUUkqd4W+o0JVE1E6ae/rEhmtBnXX/ARprN
 9FMmCOkt/5BjxGnhrPrfO1RE6MXMOSmOAIBRKOiyf5ADOWUuOshyCNldjDfBNP+5
 N195+KRf3+JbMDKSscFImlVyTBLC0Rxmoy7f6NX/fJsRnZLFGZjjpz4zx7qmnDER
 LBeHMDYCUcdmnHs7dTAfOSQiAz5WN0Mwot9rsT72GM0dh2rT6AuEj4shZamBzPqQ
 xvcPgVu161EB9LtDLU0m
 =k5qd
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20151020-1' into staging

virtio-input: ignore events until the guest driver is ready

# gpg: Signature made Tue 20 Oct 2015 08:10:00 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-input-20151020-1:
  virtio-input: ignore events until the guest driver is ready

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-20 12:56:45 +01:00
Peter Maydell
b38c0494c1 vga: enable virtio-vga for pseries, vmsvga cursor checks.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJWJezwAAoJEEy22O7T6HE4X+QP/2viVPklWuE1ZlGyq/2vGUp3
 yzxRDO0eK/xse9gRVA8oQq1K9ChTw8iIiLinAoBKP7ABS5aYf424aunyf12pI/o9
 nE47pZ84YiORdIWa6lPdTY1j2cVt832gs3aSWt7eh0YcBapM4NZi2xOXjhnReZCB
 t5QAkhqFbg9mf80Nxb2YS2fycA9gZILg27j6T4kmtfZ7xQEsFNjWywXEnZGEhGJ4
 byYOSDFzgImUzTDnaBkKsAnQaR+9THIezPG/6wJ+xb4gJc4n4NwnYzG3VP9+LHNo
 38d3MT3HhzTu/uqHKYM52736ZkWYSyqb/+hXpwI6rcfZN7iEDSgQ9Fxgb+E0shHd
 PpAOXyUJAe2ZgjwOSQ4MJ0H0a8i2BxFswHjcPpkMD5cFVA05yFHZarv5gLOPyHtF
 JZ1gH9BkCS+8HPVkyyr0+m5H5Tbt0jejGV8Px4OH5axt0h8Rs+83FlnattR9NyUR
 6+zkT9CF0HM/Gyv1ukup98jhYOqjGPfSk3/yQstX+ASBMaLyKn8Qw/6pIbrfuJK9
 OICyfehZxGGuBuFgPTmA4EFLE7apXgS/FEHyTZP6rywOWWDdcKdV0F1BOehn6EgT
 E97Tzoc7RSR1EwnC9qv4SWipMyThCBU20iU+T9nV/cgtyVCoLHTQNcrbOpcFvefI
 HNESXWadPr/Ko8UBHmTB
 =VSOU
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20151020-1' into staging

vga: enable virtio-vga for pseries, vmsvga cursor checks.

# gpg: Signature made Tue 20 Oct 2015 08:27:44 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-vga-20151020-1:
  vmsvga: more cursor checks
  ppc/spapr: Allow VIRTIO_VGA

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-20 12:17:53 +01:00
Peter Maydell
df81978368 fw_cfg: add dma interface, add strings via cmdline.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJWJdomAAoJEEy22O7T6HE4wPoQALST6AWh/3Ki1SVwMyP5KUru
 bqfII25LDhRNgoyeCA4/LrKhJJC296uO7+/eUOByHIEEb8mWjfHucPCd7ZTsYwHI
 9zQCL6MgnVzjiM5bDBP//1b69mLDQgDCV15QNZHiuYbKhhy/nv8MGqvb9RrpKf9U
 gDy9aYEFugicWxb5t1rZjxRKCsJkOxOZXEw+CuIEDL1jxQNOsFaMNIkvuoCSRSxK
 783Lr9oZDpbPcTOl3dlu6iOJsXkDxgLuntEH/TcczmgZWxnNTPRjcgMXjznGYUed
 JPIbUb/AkUrN9dJNF6zaA99N8S6f57WVLalaViT7oBX1p1OcbK36nS2Jt54D9Tqy
 LTeu2D/jcp5bGciA2uVKVgHTm2IvN5Igl3mndK4RRIXJ6kJ3nrFRz8mahlkVNHFP
 YsmOapccsuSbS3u6rcjtLsSAQXJbLWPve579Eo/i6mbyYEzqF12eET2vMbYHOEil
 8s4BtdWnQKpCRQSc0i8MyEy4Uylrx9UhXMhnWSsbJvyI/PkOxD9Zfo1RB8ClTsKS
 WV3vhhOJkEciN4ebMs60Vgm8cDYkgMG/Tt6boczl4ATihUtsD4EX4db9ZebwVCJT
 9Or+mBDSZzYFkWZPmIZmh5bXbjyYIe6azTJjIvjz4UTmPuZONPl5WgwDbazH+v0Q
 Lsb4wkHwXsg7bwihlJdL
 =deAj
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-fw_cfg-20151020-1' into staging

fw_cfg: add dma interface, add strings via cmdline.

# gpg: Signature made Tue 20 Oct 2015 07:07:34 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-fw_cfg-20151020-1:
  fw_cfg: Define a static signature to be returned on DMA port reads
  Enable fw_cfg DMA interface for x86
  Enable fw_cfg DMA interface for ARM
  Implement fw_cfg DMA interface
  fw_cfg DMA interface documentation
  fw_cfg: document fw_cfg_modify_iXX() update functions
  fw_cfg: insert string blobs via qemu cmdline

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-20 11:45:23 +01:00
Gerd Hoffmann
5829b09720 vmsvga: more cursor checks
Check the cursor size more carefully.  Also switch to unsigned while
being at it, so they can't be negative.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-20 09:26:36 +02:00
Benjamin Herrenschmidt
b798c19057 ppc/spapr: Allow VIRTIO_VGA
It works fine with the Linux driver out of the box

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-20 09:26:36 +02:00
Gerd Hoffmann
37bc43f7fb usb-audio: increate default buffer size
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-20 09:15:23 +02:00
Gerd Hoffmann
974826f0ab usb: print device id in "info usb" monitor command
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-20 09:15:23 +02:00
Gerd Hoffmann
e206ddfb57 usb-host: add wakeup call for iso xfers
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-20 09:15:23 +02:00
Gerd Hoffmann
d9460a7557 virtio-input: ignore events until the guest driver is ready
Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-20 08:53:40 +02:00
Kevin O'Connor
2cc06a8843 fw_cfg: Define a static signature to be returned on DMA port reads
Return a static signature ("QEMU CFG") if the guest does a read to the
DMA address io register.

Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-19 15:26:54 +02:00
Marc Marí
c886fc4c20 Enable fw_cfg DMA interface for x86
Enable the fw_cfg DMA interface for all the x86 platforms.

Based on Gerd Hoffman's initial implementation.

Signed-off-by: Marc Marí <markmb@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-19 15:26:53 +02:00
Marc Marí
0b341a85ca Enable fw_cfg DMA interface for ARM
Enable the fw_cfg DMA interface for the ARM virt machine.

Based on Gerd Hoffman's initial implementation.

Signed-off-by: Marc Marí <markmb@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-19 15:26:53 +02:00
Marc Marí
a4c0d1deb7 Implement fw_cfg DMA interface
Based on the specifications on docs/specs/fw_cfg.txt

This interface is an addon. The old interface can still be used as usual.

Based on Gerd Hoffman's initial implementation.

Signed-off-by: Marc Marí <markmb@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-19 15:26:53 +02:00
Peter Maydell
26c7be8426 Xen 2015-10-19
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQIcBAABAgAGBQJWJMTFAAoJEIlPj0hw4a6QnPgQANqbKBtEUA5Hib4zhwW3ldM0
 zApXm/3V3E/Pmr8Z8TpCRJtSCHPVNDPXzyrb+oXtlYdxihsKZar+uA4aXFO1sS3o
 ZsRzQI+jb94jvlAxvX7N1DdKD06lRDzHvllyykt/01Hrz36mleN16PoGCFQISwdZ
 JbphVW0ekqA0DI+oBoz89Yvwz4ax/wpUHhNXvahRff7YidxoVTev5X8bzrKbtesa
 TEtgGznYmcxzR5SEsoz3rLPAno8rmov1XQ3+oWwVRWJcNISxypp9ComEjJq3vfvH
 j71LnDULmc5NxhAJ+7D1S1di47AKOTTyYTuNrBzMY1VsBG6iR57h6p2tsdOAnNo3
 JBN8f81jYSAW9H6LMr9br/KaXl+2Ft7iKTjacQJT/N9Jvm/K8uV2HW+Ktja+dsRe
 e/YusNpGGGuZUDIrcQm64sxv98IDq3kgK+Jhxaqo5fTp9l1baWwLM3B44AbylVN7
 zBsjgTJsUGyGCdnB7vfjMQ1uLpHE2d48GM3AjFGHvns9yyZOScPkWYXL03QhzllM
 KjRRb3MlwDVzX72SaDx2hKLe/7MNIfQmwb3AJtx+rGcuWMPcBuYMNwtF0JE1EOz2
 pb+Cw1FCWupcTaGWeL1miz63eoJKKt4TNMfFtXrJZLHmuYKgZIesJIHss6/BHMQk
 oiTih0U3O639+5snK5Be
 =EoYf
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/sstabellini/tags/2015-10-19-tag' into staging

Xen 2015-10-19

# gpg: Signature made Mon 19 Oct 2015 11:24:05 BST using RSA key ID 70E1AE90
# gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>"

* remotes/sstabellini/tags/2015-10-19-tag:
  xen-platform: Ensure xen is enabled when initializing
  pc: Require xen when initializing xenfv machine

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-19 12:13:27 +01:00
Eduardo Habkost
dbb7405d8c xen-platform: Ensure xen is enabled when initializing
The xen-platform code crashes on reset if the xen backend is not
initialized, because it calls xc_hvm_set_mem_type(). Ensure xen-platform
won't be created without initializing the xen backend.

The assert can't be triggered by the user because the device is not
hotpluggable, and the only code creating it (at pc_xen_hvm_init())
already checks xen_enabled().

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2015-10-19 10:16:01 +00:00
Eduardo Habkost
a88ae0d44b pc: Require xen when initializing xenfv machine
Without this check, the xen-platform device will crash on reset
if using the accel option with anything other than xen (e.g.
"-machine xenfv,accel=kvm").

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2015-10-19 10:16:01 +00:00
Peter Maydell
526d5809a0 * KVM page size fix for PPC
* Support for Linux 4.4's new Hyper-V features
 * Eliminate g_slice from areas I maintain
 * checkpatch fix
 * Peter's cpu_reload_memory_map() cleanups
 * More changes to MAINTAINERS
 * Require Python 2.6
 * chardev creation fixes
 * PCI requester id for ARM KVM
 * cleanups and doc fixes
 * Allow customization of the Hyper-V vendor id
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQEcBAABCAAGBQJWJKYWAAoJEL/70l94x66D2yYH/Rw06gj9FFVEhfNODmJozCsK
 zRqRREo+VMo/lIGUSwzI+OCX+yUoivxnsJXchqunK0udPuQ5vZ+mVGyKedg8/SU+
 uqXzXMK7QgJK/w7qNA1n0OacNYSosZz9MpOwPgzSLPRda8FbtVKqPBOugSEs+Ymg
 APtiumz3DGWXUmt+vqRdgdiAvoGkefPODjjPjfSQFukg205KR88tf/b9oN8Z+kDW
 LtGqG9dUNS/60ulLNQdFInn3x5WpuGky5kk57f47QHpInNcN4/CH0BiguvYNkA9A
 aFFEWj5RsK7xkhcwSw6JIaSoWoTdrQVd4mB6+WTZN4tfGIIaoDeI6fp2MFmVpZU=
 =9Tf9
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* KVM page size fix for PPC
* Support for Linux 4.4's new Hyper-V features
* Eliminate g_slice from areas I maintain
* checkpatch fix
* Peter's cpu_reload_memory_map() cleanups
* More changes to MAINTAINERS
* Require Python 2.6
* chardev creation fixes
* PCI requester id for ARM KVM
* cleanups and doc fixes
* Allow customization of the Hyper-V vendor id

# gpg: Signature made Mon 19 Oct 2015 09:13:10 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"

* remotes/bonzini/tags/for-upstream: (49 commits)
  kvm: Allow the Hyper-V vendor ID to be specified
  kvm: Move x86-specific functions into target-i386/kvm.c
  kvm: Pass PCI device pointer to MSI routing functions
  hw/pci: Introduce pci_requester_id()
  kvm: Make KVM_CAP_SIGNAL_MSI globally available
  doc/rcu: fix g_free_rcu() usage example
  qemu-char: cleanup after completed conversion to cd->create
  qemu-char: convert ringbuf backend to data-driven creation
  qemu-char: convert vc backend to data-driven creation
  qemu-char: convert spice backend to data-driven creation
  qemu-char: convert console backend to data-driven creation
  qemu-char: convert stdio backend to data-driven creation
  qemu-char: convert testdev backend to data-driven creation
  qemu-char: convert braille backend to data-driven creation
  qemu-char: convert msmouse backend to data-driven creation
  qemu-char: convert mux backend to data-driven creation
  qemu-char: convert null backend to data-driven creation
  qemu-char: convert pty backend to data-driven creation
  qemu-char: convert UDP backend to data-driven creation
  qemu-char: convert socket backend to data-driven creation
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-19 10:52:39 +01:00
Pavel Fedin
dc9f06ca81 kvm: Pass PCI device pointer to MSI routing functions
In-kernel ITS emulation on ARM64 will require to supply requester IDs.
These IDs can now be retrieved from the device pointer using new
pci_requester_id() function.

This patch adds pci_dev pointer to KVM GSI routing functions and makes
callers passing it.

x86 architecture does not use requester IDs, but hw/i386/kvm/pci-assign.c
also made passing PCI device pointer instead of NULL for consistency with
the rest of the code.

Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Message-Id: <ce081423ba2394a4efc30f30708fca07656bc500.1444916432.git.p.fedin@samsung.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-19 10:13:07 +02:00
Pavel Fedin
a05f686ff3 hw/pci: Introduce pci_requester_id()
For GICv3 ITS implementation we are going to use requester IDs in KVM IRQ
routing code. This patch introduces reusable convenient way to obtain this
ID from the device pointer. The new function is now used in some places,
where the same calculation was used.

MemTxAttrs.stream_id also renamed to requester_id in order to better
reflect semantics of the field.

Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <5814bcb03a297f198e796b13ed9c35059c52f89b.1444916432.git.p.fedin@samsung.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-19 10:13:07 +02:00
Nutan Shinde
8307c294a3 Remove macros IO_READ_PROTO and IO_WRITE_PROTO
Signed-off-by: Nutan Shinde <nutanshinde1992@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-19 09:03:53 +02:00
Peter Maydell
40fe17bea4 hw/ide/ahci.c: Fix shift left into sign bit
Avoid undefined behaviour from shifting left into the sign bit:

hw/ide/ahci.c:551:36: runtime error: left shift of 255 by 24 places cannot be represented in type 'int'

(Unfortunately C's promotion rules mean that in the expression
"some_uint8_t_variable << 24" the LHS gets promoted to signed
int before shifting.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: John Snow <jsnow@redhat.com>
2015-10-18 11:00:40 +01:00
Knut Omang
7df953bd45 intel_iommu: Add support for translation for devices behind bridges
- Use a hash table indexed on bus pointers to store information about buses
  instead of using the bus numbers.
  Bus pointers are stored in a new VTDBus struct together with the vector
  of device address space pointers indexed by devfn.
- The bus number is still used for lookup for selective SID based invalidate,
  in which case the bus number is lazily resolved from the bus hash table and
  cached in a separate index.

Signed-off-by: Knut Omang <knut.omang@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-18 10:05:43 +03:00
Alexander Gordeev
74de8c3568 hw/arm/virt: Allow zero address for PCI IO space
Currently PCI IO address 0 is not allowed even though
the IO space starts from 0. This update makes  PCI IO
address 0 usable.

CC: Peter Maydell <peter.maydell@linaro.org>
CC: Andrew Jones <drjones@redhat.com>
Signed-off-by: Alexander Gordeev <agordeev@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-16 13:34:02 +01:00
Peter Crosthwaite
c209b05372 misc: zynq_slcr: Fix MMIO writes
The /4 for offset calculation in MMIO writes was happening twice giving
wrong write offsets. Fix.

While touching the code, change the if-else to be a short returning if
and convert the debug message to a GUEST_ERROR, which is more accurate
for this condition.

Cc: qemu-stable@nongnu.org
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-16 13:13:47 +01:00
Peter Crosthwaite
b64d64de1a arm: imx25-pdk: Fix machine name
ARM uses dashes instead of underscores for machine names. Fix imx25_pdk
which has not seen a release yet (so there is no legacy yet).

Cc: Jean-Christophe Dubois <jcd@tribudubois.net>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: 1444445785-3648-1-git-send-email-crosthwaite.peter@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: Added change to tests/ds1338-test.c to use new machine name]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-16 11:14:53 +01:00
Ryo ONODERA
ad1e8db894 target-arm: Provide model numbers for Sharp PDAs
* For Collie, Akita, Spitz, Borzoi, Terrier and Tosa PDAs, provide
  model numbers and manufacturer (Sharp) information.

Signed-off-by: Ryo ONODERA <ryo_on@yk.rim.or.jp>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-16 11:14:53 +01:00
Andrew Jones
bab27ea2e3 hw/arm/virt: smbios: inform guest of kvm
ARM/AArch64 KVM guests don't have any way to identify
themselves as KVM guests (x86 guests use a CPUID leaf). Now, we
could discuss all sorts of reasons why guests shouldn't need to
know that, but then there's always some case where it'd be
nice... Anyway, now that we have SMBIOS tables in ARM guests,
it's easy for the guest to know that it's a QEMU instance. This
patch takes that one step further, also identifying KVM, when
appropriate. Again, we could debate why generally nothing
should care whether it's of type QEMU or QEMU/KVM, but again,
sometimes it's nice to know...

Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Wei Huang <wei@redhat.com>
Message-id: 1443017892-15567-1-git-send-email-drjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-16 11:14:53 +01:00
Paolo Bonzini
8ef2eb8d2c megasas: fix megasas_get_sata_addr
There are two bugs here.  First, the 16-bit id loses the high 8 bits
when shifted left by 24.  Second, the address must be combined with
an "or" or we just get zero.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12 18:29:25 +02:00
Paolo Bonzini
633dccb458 scsi: switch from g_slice allocator to malloc
Simplify memory allocation by sticking with a single API.  GSlice
is not that fast anyway (tcmalloc/jemalloc are better).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12 18:29:25 +02:00
Peter Maydell
5451316ed0 Pull request
v2:
  * Fix virtio 16lx -> HWADDR_PRIx format specifier [Peter]
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJWG4kaAAoJEJykq7OBq3PI+EoIALrMej8cpS8a1ByGcnxoXi0k
 SJlhpUC6M9F1YyY6Vx/juRcTibBuE4RNrWirdVXOkINwyHrOsGRd8p8yLWCdUO9G
 3Yznu9fpHcoPRojcKh5m6QhZzm1HUqjO6GoaZMOCpGdrwhUo8ThwBnXR0ffCF98v
 Is0kTkoUVSK5IVHBamzb/myVKSWb6uOOFO6Pc7Kvivlui7cNMUGom2pS6FJD4eEG
 K0+EUoKBGYYwKhZS6IBUDPGFN9takrqkzZODiheDrVegJTN64gUvzMJOgU5P/F7H
 jhRFio8LqxQC3uhbYDWyMS4PVWbm7RjfYu/ph9K3+/s3egwLs+VsNkv4lsf8x+Q=
 =i0do
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Pull request

v2:
 * Fix virtio 16lx -> HWADDR_PRIx format specifier [Peter]

# gpg: Signature made Mon 12 Oct 2015 11:19:06 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/block-pull-request:
  sdhci.c: Limit the maximum block size
  block: switch from g_slice allocator to malloc
  virtio dataplane: adapt dataplane for virtio Version 1
  virtio-blk: use blk_io_plug/unplug for Linux AIO batching
  sdhci: Pass drive parameter to sdhci-pci via qdev property

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-12 15:52:54 +01:00
Peter Maydell
0bf224d5da -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQEcBAABAgAGBQJWG2e/AAoJEO8Ells5jWIRcYcH/2D11W8cToCBjGDuw/u9K1ht
 S3oGyFasOEq3lm3+a3zQE+vDw0RDkjLEMhcTVwNskJQl6k6Ts5JleTZ6wffvUKPM
 UCozgPOCt1ZAdGskwdbByc+NhaVBHIiEsmlbDKqP22CENdDx6GWjcFW4brA4tQJQ
 AW36EH77j/M+7/KiSukcUfIexILUZJRfN+ICJVyNTpGsqUNJtFqiVPBMPyJhKCEq
 3pr3yJ2lf78SAEF5kBeBc9r/PDWUhtqExBsrK0L8Ey1FdrCy8ldqDPGecT4TsxNv
 W/KX5AqhKSsMI8DQKdbv/IKaUdjYWNjTRQ2Qjm8Vt0hcW0PhxR0NYi6bV4yjDNM=
 =f26Q
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging

# gpg: Signature made Mon 12 Oct 2015 08:56:47 BST using RSA key ID 398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* remotes/jasowang/tags/net-pull-request:
  tests: add test cases for netfilter object
  netfilter: add a netbuffer filter
  net/queue: export qemu_net_queue_append_iov
  netfilter: print filter info associate with the netdev
  netfilter: add an API to pass the packet to next filter
  net/queue: introduce NetQueueDeliverFunc
  net: merge qemu_deliver_packet and qemu_deliver_packet_iov
  netfilter: hook packets before net queue send
  init/cleanup of netfilter object
  vl.c: init delayed object after net_init_clients
  vmxnet3: Add support for VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command
  e1000: use alias for default model
  vmxnet3: Support reading IMR registers on bar0
  net/vmxnet3: Refine l2 header validation

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-12 14:29:29 +01:00
Alistair Francis
9201bb9a8c sdhci.c: Limit the maximum block size
It is possible for the guest to set an invalid block
size which is larger then the fifo_buffer[] array. This
could cause a buffer overflow.

To avoid this limit the maximum size of the blksize variable.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reported-by: Intel Security ATR <secure@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: abe4c51f513290bbb85d1ee271cb1a3d463d7561.1444067470.git.alistair.francis@xilinx.com
Suggested-by: Igor Mitsyanko <i.mitsyanko@gmail.com>
Reported-by: Intel Security ATR <secure@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-10-12 11:17:45 +01:00
Paolo Bonzini
c84b31926f block: switch from g_slice allocator to malloc
Simplify memory allocation by sticking with a single API.  GSlice
is not that fast anyway (tcmalloc/jemalloc are better).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-10-12 11:17:45 +01:00
Pierre Morel
a9718ef000 virtio dataplane: adapt dataplane for virtio Version 1
Let dataplane allocate different region for the desc/avail/used
ring regions.
Take VIRTIO_RING_F_EVENT_IDX into account to increase the used/avail
rings accordingly.

[Fix 32-bit builds by changing 16lx format specifier to HWADDR_PRIx.
--Stefan]

Signed-off-by: Pierre Morel <pmorel@linux.vnet.ibm.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Message-id: 1441625636-23773-1-git-send-email-pmorel@linux.vnet.ibm.com
(changed __virtio16 into uint16_t,
 map descriptor table and available ring read-only)
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-10-12 11:16:45 +01:00
Peter Maydell
7684922390 Fix device introspection regressions
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJWF8SNAAoJEDhwtADrkYZTSaUQAJdIB2CiO6COT0T36ZNU/yi8
 wkFdmBt6Ejks1v8OBhoz+NEwMomj55uyeG+ck4BfvNAZJqpYPSKeZdviu/U/UDHw
 BJmUBk5beMcTay66DhQ+0bASfn+3nldM6vXExZEsxi43dLAxyksOd6WZ7L3LieDI
 V7mXJ02y/E8tcwuQqiAutU4N/6JlF2PIJpPgDZaPEJIFbW/LBBUoFneYmK4Mv8sZ
 SMjgEulE4JZ/WDeZJYxwWHmNFzrUgTwikq2ydPxawBK6zkoC3JdlkjHdOKWhkQfV
 tMbnRjHmlN9uO3zoF/aIZgFVy4pbnb+f4bnWPqLG55U5z8WXmXao8LlThlzkRdjw
 xrqW8yvwMk1owRLlhjxVR4iyxTXPnp/S76QlEVJbokGFW/MhWhctQoIH0C2lfcgG
 t0A642Xy6NXy+vZqJLJxzigBGn8zT98BXfKptWLHr9aun2U5Vpou0ylf5nsiojL+
 5HR+bB4J/ZVbxIW1OIJqR/cnSKzZqSLCqBB3jnCP60dIgaD7/JeUSz91AFZDPRcb
 PmGsSCa1rjPC66R/QmxYwZ3YGuz0imKWDALqkudsNJnklBVMLxfC+Gp5Sg4D475K
 qzwgRAcXv9wsSPumwoxaQBZxHd4Xuj91e7QmMO+z1un6oOb07fh2Wt5Ib/UoqYM7
 +Ry+yGwO5sRkwZhxdaxM
 =QXLe
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-10-09' into staging

Fix device introspection regressions

# gpg: Signature made Fri 09 Oct 2015 14:43:41 BST using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"

* remotes/armbru/tags/pull-monitor-2015-10-09:
  Revert "qdev: Use qdev_get_device_class() for -device <type>,help"
  qdev: Protect device-list-properties against broken devices
  qmp: Fix device-list-properties not to crash for abstract device
  device-introspect-test: New, covering device introspection
  libqtest: New hmp() & friends
  libqtest: Clean up unused QTestState member sigact_old
  tests: Fix how qom-test is run
  macio: move DBDMA_init from instance_init to realize
  hw: do not pass NULL to memory_region_init from instance_init
  memory: allow destroying a non-empty MemoryRegion
  virtio-input: Fix device introspection on non-Linux hosts
  update-linux-headers: Rename SW_MAX to SW_MAX_

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-12 11:07:38 +01:00
Stefan Hajnoczi
fc73548e44 virtio-blk: use blk_io_plug/unplug for Linux AIO batching
The raw-posix block driver implements Linux AIO batching so multiple
requests can be submitted with a single io_submit(2) system call.
Batching is currently only used by virtio-scsi and
virtio-blk-data-plane.

Enable batching for regular virtio-blk so the number of io_submit(2)
system calls is reduced for workloads with queue depth > 1.

In 4KB random read performance tests with queue depth 32, the CPU
utilization on the host is reduced by 9.4%.  The fio job is as follows:

  [global]
  bs=4k
  ioengine=libaio
  iodepth=32
  direct=1
  sync=0
  time_based=1
  runtime=30
  clocksource=gettimeofday
  ramp_time=5

  [job1]
  rw=randread
  filename=/dev/vdb
  size=4096M
  write_bw_log=fio
  write_iops_log=fio
  write_lat_log=fio
  log_avg_msec=1000

This benchmark was run on an raw image on LVM.  The disk was an SSD
drive and -drive cache=none,aio=native was used.

Tested-by: Pradeep Surisetty <psuriset@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
2015-10-12 09:21:10 +01:00
Kevin O'Connor
5ec911c30f sdhci: Pass drive parameter to sdhci-pci via qdev property
Commit 19109131 disabled the sdhci-pci support because it used
drive_get_next().  This patch reenables sdhci-pci and changes it to
pass the drive via a qdev property - for example:
 -device sdhci-pci,drive=drive0 -drive id=drive0,if=sd,file=myimage

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-10-12 09:21:10 +01:00
Shmulik Ladkani
d62241eb6d vmxnet3: Add support for VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command
Some drivers (e.g. vmware-tools) issue the VMXNET3_CMD_GET_ADAPTIVE_RING_INFO
command.

Currently, due to lack of support, a bogus value (-1) is returned.

Support this command, returning the "adaptive-ring disabled" flag.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12 13:19:29 +08:00
Jason Wang
8304402033 e1000: use alias for default model
Instead of duplicating the "e1000-82540em" device model as "e1000",
make the latter an alias for the former.

Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2015-10-12 13:19:29 +08:00
Shmulik Ladkani
c6048f849c vmxnet3: Support reading IMR registers on bar0
Instead of asserting, return the actual IMR register value.
This is aligned with what's returned on ESXi.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Tested-by: Dana Rubin <dana.rubin@ravellosystems.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12 13:19:29 +08:00
Dana Rubin
a7278b36fc net/vmxnet3: Refine l2 header validation
Validation of l2 header length assumed minimal packet size as
eth_header + 2 * vlan_header regardless of the actual protocol.

This caused crash for valid non-IP packets shorter than 22 bytes, as
'tx_pkt->packet_type' hasn't been assigned for such packets, and
'vmxnet3_on_tx_done_update_stats()' expects it to be properly set.

Refine header length validation in 'vmxnet_tx_pkt_parse_headers'.
Check its return value during packet processing flow.

As a side effect, in case IPv4 and IPv6 header validation failure,
corrupt packets will be dropped.

Signed-off-by: Dana Rubin <dana.rubin@ravellosystems.com>
Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12 13:19:29 +08:00
Peter Maydell
c9003eb466 virtio-gpu: add 3d rendering support using virgl, misc fixes.
ui/gtk: add opengl context and scanout support (for virtio-gpu).
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJWFjjrAAoJEEy22O7T6HE4DcoP/39p/sB46aGiIZI/5DieJVuS
 HGVKrNkOBEXBJItxgrC9z+ihcPE0F7sqkbalBZf/aJpQIszqwJraPKfZl2c63Uag
 fuJ3YGYh7MG3l601SUmPL3SwvaarBEn4pcChzv7lthLRHWWh0fA5sTAUECgKoZ/N
 TnLeCe+78Kn9LNqq4Cwib51H/b9Vijc8i04rsdc9okxoLA9QoRxl11nXkBY1RLnt
 rIUKMFGPegLxedDFdNi3gF7c5+vSw7u1xZvJK4vsSotoQaZxlHAqUR35w8ZH8TaE
 B7kTMD5cbF2hnJuaC33L/MfWTIED2Ru7LoQru91roW74tXP13o367jlT4jwD5MPb
 soxnJW+39Ipi8u8daZ9JzbQLR4l7tWi8SLFIMF2Vz1npPOGjjybhHl6DrHdo0X5w
 0IEZSN418GOYg76mX8mR1NEVIsAbx2EYGEJeuE/7vNmGipYr/eq8l5WqcqWZ2Iov
 2ZhqA1w+aopUJDA/M/iHFucb5vAq+Od6HnpCe3kB/kd7+1YPn1FE5gRfDC3BbRIQ
 qftYT4sVTHErJsLyOomd1YXSIMfbWXG9/CIEB4VZdKjYU0MJAIQbYbnUbKxhKRUa
 4CsnJYvMxYGpk9wYvHaM0Y7wRQFdfy8enTbs4Mte29ewRyc6YGcTnjAO+yeitLTn
 +k+Yp4qiwztkwVIEOlPn
 =cpgf
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-virgl-20151008-1' into staging

virtio-gpu: add 3d rendering support using virgl, misc fixes.
ui/gtk: add opengl context and scanout support (for virtio-gpu).

# gpg: Signature made Thu 08 Oct 2015 10:35:39 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-virgl-20151008-1:
  gtk/opengl: add opengl context and scanout support (GtkGLArea)
  gtk/opengl: add opengl context and scanout support (egl)
  opengl: add egl-context.[ch] helpers
  virtio-gpu: add cursor update tracepoint
  virtio-gpu: add 3d mode and virgl rendering support.
  virtio-gpu: update headers for virgl/3d
  virtio-gpu: change licence from GPLv2 to GPLv2+
  virtio-gpu: move iov free to virtio_gpu_cleanup_mapping_iov
  ui/console: add opengl context and scanout support interfaces.
  sdl2: stop flickering
  shaders: initialize vertexes once

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-09 17:30:03 +01:00
Markus Armbruster
4c315c2766 qdev: Protect device-list-properties against broken devices
Several devices don't survive object_unref(object_new(T)): they crash
or hang during cleanup, or they leave dangling pointers behind.

This breaks at least device-list-properties, because
qmp_device_list_properties() needs to create a device to find its
properties.  Broken in commit f4eb32b "qmp: show QOM properties in
device-list-properties", v2.1.  Example reproducer:

    $ qemu-system-aarch64 -nodefaults -display none -machine none -S -qmp stdio
    {"QMP": {"version": {"qemu": {"micro": 50, "minor": 4, "major": 2}, "package": ""}, "capabilities": []}}
    { "execute": "qmp_capabilities" }
    {"return": {}}
    { "execute": "device-list-properties", "arguments": { "typename": "pxa2xx-pcmcia" } }
    qemu-system-aarch64: /home/armbru/work/qemu/memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed.
    Aborted (core dumped)
    [Exit 134 (SIGABRT)]

Unfortunately, I can't fix the problems in these devices right now.
Instead, add DeviceClass member cannot_destroy_with_object_finalize_yet
to mark them:

* Hang during cleanup (didn't debug, so I can't say why):
  "realview_pci", "versatile_pci".

* Dangling pointer in cpus: most CPUs, plus "allwinner-a10", "digic",
  "fsl,imx25", "fsl,imx31", "xlnx,zynqmp", because they create such
  CPUs

* Assert kvm_enabled(): "host-x86_64-cpu", host-i386-cpu",
  "host-powerpc64-cpu", "host-embedded-powerpc-cpu",
  "host-powerpc-cpu" (the powerpc ones can't currently reach the
  assertion, because the CPUs are only registered when KVM is enabled,
  but the assertion is arguably in the wrong place all the same)

Make qmp_device_list_properties() fail cleanly when the device is so
marked.  This improves device-list-properties from "crashes, hangs or
leaves dangling pointers behind" to "fails".  Not a complete fix, just
a better-than-nothing work-around.  In the above reproducer,
device-list-properties now fails with "Can't list properties of device
'pxa2xx-pcmcia'".

This also protects -device FOO,help, which uses the same machinery
since commit ef52358 "qdev-monitor: include QOM properties in -device
FOO, help output", v2.2.  Example reproducer:

    $ qemu-system-aarch64 -machine none -device pxa2xx-pcmcia,help

Before:

    qemu-system-aarch64: .../memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed.

After:

    Can't list properties of device 'pxa2xx-pcmcia'

Cc: "Andreas Färber" <afaerber@suse.de>
Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Anthony Green <green@moxielogic.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Cc: Blue Swirl <blauwirbel@gmail.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Jia Liu <proljc@gmail.com>
Cc: Leon Alrae <leon.alrae@imgtec.com>
Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Michael Walle <michael@walle.cc>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Richard Henderson <rth@twiddle.net>
Cc: qemu-ppc@nongnu.org
Cc: qemu-stable@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <1443689999-12182-10-git-send-email-armbru@redhat.com>
2015-10-09 15:25:57 +02:00
Paolo Bonzini
c710440235 macio: move DBDMA_init from instance_init to realize
DBDMA_init is not idempotent, and calling it from instance_init
breaks a simple object_new/object_unref pair.  Work around this,
pending qdev-ification of DBDMA, by moving the call to realize.

Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1443689999-12182-4-git-send-email-armbru@redhat.com>
2015-10-09 15:25:57 +02:00
Paolo Bonzini
81e0ab48dd hw: do not pass NULL to memory_region_init from instance_init
This causes the region to outlive the object, because it attaches the
region to /machine.  This is not nice for the "realize" method, but
much worse for "instance_init" because it can cause dangling pointers
after a simple object_new/object_unref pair.

Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1443689999-12182-3-git-send-email-armbru@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
2015-10-09 15:25:56 +02:00
Markus Armbruster
c6047e9621 virtio-input: Fix device introspection on non-Linux hosts
When CONFIG_LINUX is off, devices "virtio-keyboard-device",
"virtio-mouse-device", "virtio-tablet-device" and
"virtio-input-host-device" aren't compiled in, yet
"virtio-keyboard-pci", "virtio-mouse-pci", "virtio-tablet-pci" and
"virtio-input-host-pci" still are.  Attempts to introspect them crash,
e.g.

    $ qemu-system-x86_64 -device virtio-tablet-pci,help
    **
    ERROR:/work/armbru/qemu/qom/object.c:333:object_initialize_with_type: assertion failed: (type != NULL)

Broken in commit 710e2d9 and commit 006a5ed.

Fix by compiling the "virtio-FOO-pci" exactly when compiling the
"virtio-FOO-device": compile "virtio-keyboard-device",
"virtio-mouse-device", "virtio-tablet-device" regardless of
CONFIG_LINUX, and compile "virtio-input-host-pci" only for
CONFIG_LINUX.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <1444320700-26260-3-git-send-email-armbru@redhat.com>
2015-10-09 15:25:56 +02:00
Peter Maydell
8be6e623a2 trivial patches for 2015-10-08
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJWFp75AAoJEL7lnXSkw9fbImgIALGEo20bKy2X624iPgTePuPb
 e34TjoRoB7s3rZ2SrVCIZCAsSKPtt+qQcGmJxt1YUtW0yD32aDJWQ3mm7EQTtjc+
 6dNZF5eI0322YPMePzAb1SvEc+T4b1otUS/wxENnA4D8s0lBVn1L47Ajt2E8/SP7
 rv0XTUnzwc5s4qjNNUqidvrSvmYqj5DhMh3veSb+FDm3DSKlB3Z1eq3yx0+g2ghR
 zsa2cUnX/6y26paeMqCMiFOAWSqQa80TBjgDyRiul2jrPeaM/As2Cr657MKugvi9
 4vMg9CqmLiwerTkicv5kOsUFAetdLCuvnqNqol3DFRxJ+4bbOp3VQccrBXWtZY0=
 =QRsk
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-10-08' into staging

trivial patches for 2015-10-08

# gpg: Signature made Thu 08 Oct 2015 17:51:05 BST using RSA key ID A4C3D7DB
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg:                 aka "Michael Tokarev <mjt@corpit.ru>"
# gpg:                 aka "Michael Tokarev <mjt@debian.org>"

* remotes/mjt/tags/pull-trivial-patches-2015-10-08:
  tests: Unique test path for /string-visitor/output
  linux-user: Remove type casts to union type
  linux-user: Use g_new() & friends where that makes obvious sense
  rocker: Use g_new() & friends where that makes obvious sense
  .travis.yml: Run make check for all targets, not just some
  hw: char: Remove unnecessary variable
  hw: timer: Remove unnecessary variable
  qapi: add missing @
  MAINTAINERS: Add NSIS file for W32, W64 hosts
  target-ppc: Remove unnecessary variable
  target-microblaze: Remove unnecessary variable
  s/cpu_get_real_ticks/cpu_get_host_ticks/
  pc: check for underflow in load_linux
  pci-assign: do not include sys/io.h
  block/ssh: remove dead code
  imx_serial: Generate interrupt on tx empty if enabled
  sdhci: Change debug prints to compile unconditionally
  sdhci: use PRIx64 for uint64_t type
  Add .dir-locals.el file to configure emacs coding style

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-09 10:45:09 +01:00
Markus Armbruster
778358d0a8 rocker: Use g_new() & friends where that makes obvious sense
g_new(T, n) is neater than g_malloc(sizeof(T) * n).  It's also safer,
for two reasons.  One, it catches multiplication overflowing size_t.
Two, it returns T * rather than void *, which lets the compiler catch
more type errors.

This commit only touches allocations with size arguments of the form
sizeof(T).  Same Coccinelle semantic patchas in commit b45c03f.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Jiri Pirko <jiri@resnulli.us>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-10-08 19:46:47 +03:00
Shraddha Barke
65cb2a14ca hw: char: Remove unnecessary variable
Compress lines and remove the variable.

Signed-off-by: Shraddha Barke <shraddha.6596@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-10-08 19:46:47 +03:00
Shraddha Barke
bf5f78efed hw: timer: Remove unnecessary variable
Compress lines and remove the variable.

Signed-off-by: Shraddha Barke <shraddha.6596@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-10-08 19:46:47 +03:00
Christopher Covington
4a7428c5a7 s/cpu_get_real_ticks/cpu_get_host_ticks/
This should help clarify the purpose of the function that returns
the host system's CPU cycle count.

Signed-off-by: Christopher Covington <cov@codeaurora.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
ppc portion
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-10-08 19:46:01 +03:00
Paolo Bonzini
ec5fd40264 pc: check for underflow in load_linux
If (setup_size+1)*512 is small enough, kernel_size -= setup_size can allocate
a huge amount of memory.  Avoid that.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-10-08 19:46:01 +03:00
Paolo Bonzini
16033ba577 pci-assign: do not include sys/io.h
This file does not exist on bionic libc and the functions it defines
are in fact not used by pci-assign.c.  Remove it.

Reported-by: Houcheng Lin <houcheng@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-10-08 19:46:01 +03:00
Guenter Roeck
dc1442204a imx_serial: Generate interrupt on tx empty if enabled
Generate an interrupt if the tx buffer is empty and the tx empty interrupt
is enabled. This fixes a problem seen when running a Linux image since
Linux commit 55c3cb1358e ("serial: imx: remove unneeded imx_transmit_buffer()
from imx_start_tx()"). Linux now waits for the tx empty interrupt before
starting to send data, causing transmit stalls until there is an interrupt
for another reason.

Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-10-08 19:46:01 +03:00
Sai Pavan Boddu
7af0fc994e sdhci: Change debug prints to compile unconditionally
Conditional compilation hides few type mismatch warnings, fix it to
compile unconditionally.

Signed-off-by: Sai Pavan Boddu <saipava@xilinx.com>
Suggested-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-10-08 19:46:01 +03:00
Sai Pavan Boddu
be9c5ddeab sdhci: use PRIx64 for uint64_t type
Fix compile time warnings, because of type mismatch for unsigned long
long type.

Signed-off-by: Sai Pavan Boddu <saipava@xilinx.com>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-10-08 19:46:01 +03:00
Peter Maydell
1d27b91723 VFIO updates 2015-10-07
- Change platform device IRQ setup sequence for compatibility
    with upcoming IRQ forwarding (Eric Auger)
  - Extensions to support vfio-pci devices on spapr-pci-host-bridge
    (David Gibson) [clang problem patch dropped]
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJWFTqsAAoJECObm247sIsiXo8P/1hLkZGQ7pqHXj6M+UmkM9ur
 Px6t+ZnFbhyf3tiU8Z0KoB7u+du73Z8E7swKqqcaal68j/zFhNtYC6ACSSGhOsDo
 ROR+/fg6HIJUeKkwVNKTBN5l8s6W6QLxPc/JLWYPI4YwIJj0GEGJNjoebUrcsjtU
 pCkezdMo0Wy2rDJzg5KWeSoZqoXIiWHo5MccgRsWQLf2dVAc6P8T5iNQFqSqy2N/
 1lVLNSoneCWcD+Erw7HjgwP83jwnZWKjPScJvckzXznuHa02k1wSN/ipNf2ENcrz
 C/jXcPczmEsUDpKu6ujtPj2/+X2F+Pz+C+rJsWfgUKo+iiwNqfziuZX0GEd+BqWD
 g8VxvS6+eZ6V6NN2Mhyofdp3hlWI4bcee5ORxAFv4CQjKV3etVSlkFhMARDwmw5V
 h38vvrEDNRxd6DyMR29mgUZ4wIf8u9wicpuQc4CevebPGUzXmMk3KH2hfvD1BJlt
 /SmmZMEkQTBbYQaEChX/op0H0ype+RkoVEs2TYxlGBL0LPkY2FOCCvEbPYCweuVf
 UNFjx4kj1NK4/CvwsXrFfzORp5T21XFWOakbWL+vGM06fBMo6oRmKoMRmZJxmCvT
 k5dBFazeSV5m9t2XS6GQeJoenMzVo9o3s2hS+WhjQqjVgLcC7HbPF+gjcQekRlB1
 wsc5badWI35H+Uio6kqF
 =MzWe
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20151007.0' into staging

VFIO updates 2015-10-07

 - Change platform device IRQ setup sequence for compatibility
   with upcoming IRQ forwarding (Eric Auger)
 - Extensions to support vfio-pci devices on spapr-pci-host-bridge
   (David Gibson) [clang problem patch dropped]

# gpg: Signature made Wed 07 Oct 2015 16:30:52 BST using RSA key ID 3BB08B22
# gpg: Good signature from "Alex Williamson <alex.williamson@redhat.com>"
# gpg:                 aka "Alex Williamson <alex@shazbot.org>"
# gpg:                 aka "Alex Williamson <alwillia@redhat.com>"
# gpg:                 aka "Alex Williamson <alex.l.williamson@gmail.com>"

* remotes/awilliam/tags/vfio-update-20151007.0:
  vfio: Allow hotplug of containers onto existing guest IOMMU mappings
  memory: Allow replay of IOMMU mapping notifications
  vfio: Record host IOMMU's available IO page sizes
  vfio: Check guest IOVA ranges against host IOMMU capabilities
  vfio: Generalize vfio_listener_region_add failure path
  vfio: Remove unneeded union from VFIOContainer
  hw/vfio/platform: do not set resamplefd for edge-sensitive IRQS
  hw/vfio/platform: change interrupt/unmask fields into pointer
  hw/vfio/platform: irqfd setup sequence update

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-08 16:50:34 +01:00
Peter Maydell
fb6345f452 NUMA queue, 2015-10-06
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJWFCbGAAoJECgHk2+YTcWmBzMP/2/W7UF14KQsuCxz8bYrzkQ5
 AFR7hmlHB0286lkORb+SutG3kf+cUXzuGYjpLkfGWUQhkViHYv1GNSxLsKU4ZnsE
 XiScuq5A158a0avxlucq2RQiNwhGhjZ+NTgGppbI6x9SYbnSVrA9FdLeC11h+9ER
 dm/fsw8fU8L6m4D4BmkNdUJo1vXJbpiZ9BYGVHrkrSPf+DvM1pr8SpgOsrc5Zi6m
 M2dLcfcd0jDUo8B9tzW0BeeMEN2GhW9BwNEQT110yXoyosRljvckzqMZUY+wv3yn
 IFk8xdjma2PO2EO0KN4sDuOeXfc99ysBKhQgE81yK7E02sNFio2XVgfASZQYyHRy
 YKyBqlNRNgZIy2tj41NLjPs2H0svEAa4eYnxbqHhgvwe2erx65iBjPCSt3kTGm4P
 lIywoo2LJI64c/iMti5Dxf4Y5BXTHgwPXwe/2p3YZX0/UboBrQ9+yOaOBq1gx4ey
 g1fxv3Wjj9X13la0GvbecRrrerwoHjY4AEwYTUSD7Cqtx/NF9eeR1Jh/NuvD6CG7
 dwx/9WxM1clxD6AE2aYo+V+hiG7j0YVsfxgSq/+zD6ZATZfZN62iA0/u1Z7H+VYp
 jX5vy51xQHcNlh5w7cYpOsmvoZLSEgZqjntimZYaE3yXob6vN3NfN3Ncx2Hpr76y
 Rpu9o4YRXfW3I9oJNP0w
 =EPRT
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging

NUMA queue, 2015-10-06

# gpg: Signature made Tue 06 Oct 2015 20:53:42 BST using RSA key ID 984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"

* remotes/ehabkost/tags/numa-pull-request:
  pc-dimm: Fail realization for invalid nodes in non-NUMA config

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-08 11:28:17 +01:00
Gerd Hoffmann
e9c1b459f2 virtio-gpu: add cursor update tracepoint
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-10-08 10:33:21 +02:00
Gerd Hoffmann
9d9e152136 virtio-gpu: add 3d mode and virgl rendering support.
Add virglrenderer library detection.  Add 3d mode to virtio-gpu,
wire up virglrenderer library.  When in 3d mode render using the
new context management and texture scanout callbacks.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2015-10-08 10:31:35 +02:00
Gerd Hoffmann
2e2521452e virtio-gpu: change licence from GPLv2 to GPLv2+
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-08 10:31:35 +02:00
Gerd Hoffmann
7f3be0f20f virtio-gpu: move iov free to virtio_gpu_cleanup_mapping_iov
For symmetry reasons: virtio_gpu_create_mapping_iov() allocates it so
virtio_gpu_cleanup_mapping_iov() should free it, otherwise it's easy to
miss a free() needed and leak memory.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2015-10-08 10:31:35 +02:00
Bharata B Rao
32532f215c pc-dimm: Fail realization for invalid nodes in non-NUMA config
pc_dimm_realize() validates the NUMA node to which memory hotplug is
being performed only in case of NUMA configuration. Include a check to
fail for invalid nodes in case of non-NUMA configuration too.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-06 16:51:08 -03:00
Peter Maydell
eed2df6785 s390: fixes
Some fixes all over the place:
 - ccw bios and gcc 5.1 (avoid floating point ops)
 - properly print vector registers
 - sclp and sclp-event-facility no longer hang on object_unref(object_new(T))
 - better name for io_subsystem_reset
 
 One feature
 - the gdb server now exposes several virtualization specific register
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.14 (GNU/Linux)
 
 iQIcBAABAgAGBQJWE6BoAAoJEBF7vIC1phx89zUP/RohjexrA9GZ93mKlP8SdmUO
 FP4MmsaInv7PTIfZeUnG1sa0n9CbodwiPypnzlvOedbibQagnZwI+pnpa/W/SxJQ
 M6Wh+vamUFEfXcNC4/6zOJJvKUQUBYMDVgbUuDxTgCne4V9yCgVzs8NPWBIfFCVC
 3bzUxinzG+mTD6eQLNNrpTa7KSuKhNS1g0hsIId92XAr7iQ3H2SSDCr9w+HOR3eN
 Gqr3JdCOVOwqNcrsyfpJK3NYaooqcSbAlIpfNoGaxrc3DldEjBTfr20LLHKoPhcM
 ibEAOUi1dtdBlZofo8/OBvHeeR0MPHmCjV9CTxymmgABPWhpIIxEG16vgy8ijZ5R
 QcA6D4QlALvE+kDwXGtHfEOZ0rHMHmzD9RUtzLL5ALG4UWM06qrwqtMeHUuAxInU
 lRPaEV9J+1fXzQzH708DjRAncOOdTCVUv0SfoYa3VR4wo0ZMx6W/K/FXc/h4q4Jm
 6CztpK03HSly+gCkd6gcdZ908Se3OcaB0DTScVvUdVKCUdvM53Uo7L5jI9wk399a
 xj/+W4XO9lkLEFnZKAKopS4ea7cgV8oIqUuMpCuZnCiOQCCKpZgrUgJAxvaLomnv
 4he7fbiScmMEhUGVI0AvMmbMYCbGd4gVoHm5/kMvslV5w5o898uIVlTrvNf3Z6Fv
 9jZSLDLVoHeU+ESOjJy+
 =STtO
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/borntraeger/tags/s390x-20151006' into staging

s390: fixes

Some fixes all over the place:
- ccw bios and gcc 5.1 (avoid floating point ops)
- properly print vector registers
- sclp and sclp-event-facility no longer hang on object_unref(object_new(T))
- better name for io_subsystem_reset

One feature
- the gdb server now exposes several virtualization specific register

# gpg: Signature made Tue 06 Oct 2015 11:20:24 BST using RSA key ID B5A61C7C
# gpg: Good signature from "Christian Borntraeger (IBM) <borntraeger@de.ibm.com>"

* remotes/borntraeger/tags/s390x-20151006:
  s390x: rename io_subsystem_reset -> subsystem_reset
  s390x/info registers: print vector registers properly
  s390x: set missing parent for hotplug and quiesce events
  s390x/gdb: expose virtualization specific registers
  pc-bios/s390-ccw: avoid floating point operations

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-06 16:32:16 +01:00
David Gibson
508ce5eb00 vfio: Allow hotplug of containers onto existing guest IOMMU mappings
At present the memory listener used by vfio to keep host IOMMU mappings
in sync with the guest memory image assumes that if a guest IOMMU
appears, then it has no existing mappings.

This may not be true if a VFIO device is hotplugged onto a guest bus
which didn't previously include a VFIO device, and which has existing
guest IOMMU mappings.

Therefore, use the memory_region_register_iommu_notifier_replay()
function in order to fix this case, replaying existing guest IOMMU
mappings, bringing the host IOMMU into sync with the guest IOMMU.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-10-05 12:39:47 -06:00
David Gibson
7a140a57c6 vfio: Record host IOMMU's available IO page sizes
Depending on the host IOMMU type we determine and record the available page
sizes for IOMMU translation.  We'll need this for other validation in
future patches.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-10-05 12:38:41 -06:00
David Gibson
3898aad323 vfio: Check guest IOVA ranges against host IOMMU capabilities
The current vfio core code assumes that the host IOMMU is capable of
mapping any IOVA the guest wants to use to where we need.  However, real
IOMMUs generally only support translating a certain range of IOVAs (the
"DMA window") not a full 64-bit address space.

The common x86 IOMMUs support a wide enough range that guests are very
unlikely to go beyond it in practice, however the IOMMU used on IBM Power
machines - in the default configuration - supports only a much more limited
IOVA range, usually 0..2GiB.

If the guest attempts to set up an IOVA range that the host IOMMU can't
map, qemu won't report an error until it actually attempts to map a bad
IOVA.  If guest RAM is being mapped directly into the IOMMU (i.e. no guest
visible IOMMU) then this will show up very quickly.  If there is a guest
visible IOMMU, however, the problem might not show up until much later when
the guest actually attempt to DMA with an IOVA the host can't handle.

This patch adds a test so that we will detect earlier if the guest is
attempting to use IOVA ranges that the host IOMMU won't be able to deal
with.

For now, we assume that "Type1" (x86) IOMMUs can support any IOVA, this is
incorrect, but no worse than what we have already.  We can't do better for
now because the Type1 kernel interface doesn't tell us what IOVA range the
IOMMU actually supports.

For the Power "sPAPR TCE" IOMMU, however, we can retrieve the supported
IOVA range and validate guest IOVA ranges against it, and this patch does
so.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-10-05 12:38:13 -06:00
David Gibson
ac6dc3894f vfio: Generalize vfio_listener_region_add failure path
If a DMA mapping operation fails in vfio_listener_region_add() it
checks to see if we've already completed initial setup of the
container.  If so it reports an error so the setup code can fail
gracefully, otherwise throws a hw_error().

There are other potential failure cases in vfio_listener_region_add()
which could benefit from the same logic, so move it to its own
fail: block.  Later patches can use this to extend other failure cases
to fail as gracefully as possible under the circumstances.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-10-05 12:37:02 -06:00
David Gibson
ee0bf0e59b vfio: Remove unneeded union from VFIOContainer
Currently the VFIOContainer iommu_data field contains a union with
different information for different host iommu types.  However:
   * It only actually contains information for the x86-like "Type1" iommu
   * Because we have a common listener the Type1 fields are actually used
on all IOMMU types, including the SPAPR TCE type as well

In fact we now have a general structure for the listener which is unlikely
to ever need per-iommu-type information, so this patch removes the union.

In a similar way we can unify the setup of the vfio memory listener in
vfio_connect_container() that is currently split across a switch on iommu
type, but is effectively the same in both cases.

The iommu_data.release pointer was only needed as a cleanup function
which would handle potentially different data in the union.  With the
union gone, it too can be removed.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-10-05 12:36:08 -06:00
Eric Auger
a5b39cd3f6 hw/vfio/platform: do not set resamplefd for edge-sensitive IRQS
In irqfd mode, current code attempts to set a resamplefd whatever
the type of the IRQ. For an edge-sensitive IRQ this attempt fails
and as a consequence, the whole irqfd setup fails and we fall back
to the slow mode. This patch bypasses the resamplefd setting for
non level-sentive IRQs.

Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-10-05 12:30:12 -06:00
Eric Auger
a22313deca hw/vfio/platform: change interrupt/unmask fields into pointer
unmask EventNotifier might not be initialized in case of edge
sensitive irq. Using EventNotifier pointers make life simpler to
handle the edge-sensitive irqfd setup.

Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-10-05 12:30:12 -06:00
Eric Auger
58892b447f hw/vfio/platform: irqfd setup sequence update
With current implementation, eventfd VFIO signaling is first set up and
then irqfd is setup, if supported and allowed.

This start sequence causes several issues with IRQ forwarding setup
which, if supported, is transparently attempted on irqfd setup:
IRQ forwarding setup is likely to fail if the IRQ is detected as under
injection into the guest (active at irqchip level or VFIO masked).

This currently always happens because the current sequence explicitly
VFIO-masks the IRQ before setting irqfd.

Even if that masking were removed, we couldn't prevent the case where
the IRQ is under injection into the guest.

So the simpler solution is to remove this 2-step startup and directly
attempt irqfd setup. This is what this patch does.

Also in case the eventfd setup fails, there is no reason to go farther:
let's abort.

Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-10-05 12:30:12 -06:00
Zhu Guihua
dfeb8679db icc_bus: drop the unused files
ICC bus impl has been droped, so all icc related files are not useful
any more; delete them.

Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02 16:22:02 -03:00
Chen Fan
46232aaacb cpu/apic: drop icc bus/bridge
After CPU hotplug has been converted to BUS-less hot-plug infrastructure,
the only function ICC bus performs is to propagate reset to LAPICs. However
LAPIC could be reset by registering its reset handler after all device are
initialized.
Do so and drop ~30LOC of not needed anymore ICCBus related code.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02 16:22:02 -03:00
Zhu Guihua
ae50c55a09 x86: use new method to correct reset sequence
During reset some devices (such as hpet, rtc) might send IRQ to APIC
which changes APIC's state from default one it's supposed to have
at machine startup time.
Fix this by resetting APIC after devices have been reset to cancel
any changes that qemu_devices_reset() might have done to its state.

Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02 16:22:02 -03:00
Chen Fan
8d42d2d32b apic: move APIC's MMIO region mapping into APIC
When ICC bus/bridge is removed, APIC MMIO will be left
unmapped since it was mapped into system's address space
indirectly by ICC bridge.
Fix it by moving mapping into APIC code, so it would be
possible to remove ICC bus/bridge code later.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02 16:22:02 -03:00
Eduardo Habkost
5114e84222 target-i386: Convert kvm_default_*features to property/value pairs
Convert the kvm_default_features and kvm_default_unset_features arrays
into a simple list of property/value pairs that will be applied to
X86CPU objects when using KVM.

Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02 16:22:01 -03:00
Chen Fan
ed256144cd cpu: Introduce X86CPUTopoInfo structure for argument simplification
In order to simplify arguments of function, introduce a new struct
named X86CPUTopoInfo.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Signed-off-by: Zhu Guihua <zhugh.fnst@cn.fujitsu.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-02 16:22:01 -03:00
Igor Mammedov
aa8580cddf pc: memhp: force gaps between DIMM's GPA
mapping DIMMs non contiguously allows to workaround
virtio bug reported earlier:
http://lists.nongnu.org/archive/html/qemu-devel/2015-08/msg00522.html
in this case guest kernel doesn't allocate buffers
that can cross DIMM boundary keeping each buffer
local to a DIMM.

Suggested-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-02 17:04:32 +03:00
Igor Mammedov
df0acded19 memhp: extend address auto assignment to support gaps
setting gap to TRUE will make sparse DIMM
address auto allocation, leaving gaps between
a new DIMM address and preceeding existing DIMM.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-02 17:04:32 +03:00
David Hildenbrand
d9f090ec77 s390x: rename io_subsystem_reset -> subsystem_reset
According to the Pop:
"Subsystem reset operates only on those elements in the configuration
which are not CPUs".

As this is what we actually do, let's simply rename the function.

Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Message-Id: <1443689387-34473-6-git-send-email-jfrei@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2015-10-02 13:31:52 +02:00
David Hildenbrand
7059384c7e s390x: set missing parent for hotplug and quiesce events
Existing code missed to set a parent for the quiesce and hotplug event.
While this didn't matter in practise, new introspection APIs basically now
do an object_unref(object_new(T)), which loops forever.

When trying to remove the event facility bus, the code tries to
unparent all childs on the bus, so they are properly deleted and therefore removed.
As object_unparent() on these child devices doesn't work, as there is no parent,
we loop forever.

Let's fix this by adding the event facility as a parent. Also switch from
object_initialize to object_new, so the only valid reference is in fact the
parent property. This makes it more obvious when the device (state) is actually
gone (and how the reference counting works).

Signed-off-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Message-Id: <1443689387-34473-4-git-send-email-jfrei@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
2015-10-02 13:31:52 +02:00
Richard Henderson
0d583647a7 virtio: Notice when the system doesn't support MSIx at all
And do not issue an error_report in that case.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-01 16:16:52 +03:00
Eduardo Habkost
798595075b pc: Add a comment explaining why pc_compat_2_4() doesn't exist
pc_compat_2_4() doesn't exist, and we shouldn't create one. Add a
comment explaining why the function doesn't exist and why pc_compat_*()
functions are deprecated.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-01 16:16:52 +03:00
Jason Wang
0cf33fb6b4 virtio-net: correctly drop truncated packets
When packet is truncated during receiving, we drop the packets but
neither discard the descriptor nor add and signal used
descriptor. This will lead several issues:

- sg mappings are leaked
- rx will be stalled if a lots of packets were truncated

In order to be consistent with vhost, fix by discarding the descriptor
in this case.

Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-01 16:16:52 +03:00
Jason Wang
29b9f5efd7 virtio: introduce virtqueue_discard()
This patch introduces virtqueue_discard() to discard a descriptor and
unmap the sgs. This will be used by the patch that will discard
descriptor when packet is truncated.

Cc: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-01 16:16:52 +03:00
Jason Wang
ce31746157 virtio: introduce virtqueue_unmap_sg()
Factor out sg unmapping logic. This will be reused by the patch that
can discard descriptor.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Andrew James <andrew.james@hpe.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-10-01 16:16:52 +03:00
Peter Maydell
9e071429e6 * First batch of MAINTAINERS updates
* IOAPIC fixes (to pass kvm-unit-tests with -machine kernel_irqchip=off)
 * NBD API upgrades from Daniel
 * strtosz fixes from Marc-André
 * improved support for readonly=on on scsi-generic devices
 * new "info ioapic" and "info lapic" monitor commands
 * Peter Crosthwaite's ELF_MACHINE cleanups
 * docs patches from Thomas and Daniel
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQEcBAABCAAGBQJWBSAEAAoJEL/70l94x66DeL4H/21YR4GWCqo30f+W5kx24ZNo
 by8H2kdZmWKRr/La1JlAReki9GCP1U8Q0cYC8V885gHLKcahWS/75UKwNbw0OSyg
 2jj4uREc645TTFAvV5kQ+uAw9F/dchvkXylrVgOoUPipfmYibXY8JLu9AcVnZi6H
 X5Rvpqo4Uhp2cbRG7rYWrwgpNL+VZmKc8LDdqdlXrkjjanhuAYO2E9NBKaE+xJQQ
 FHcpkV92iSZFEZ0CB535BTIdNdDM/ae6bw1As27EF10YBTfneCQNazSeh13pLO2n
 lHit2GZr2VeTSBrPkPsItToY/Gw38duVZK4QM5/wSkHBzyeUJY0ltQrf53veYfk=
 =uc+I
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* First batch of MAINTAINERS updates
* IOAPIC fixes (to pass kvm-unit-tests with -machine kernel_irqchip=off)
* NBD API upgrades from Daniel
* strtosz fixes from Marc-André
* improved support for readonly=on on scsi-generic devices
* new "info ioapic" and "info lapic" monitor commands
* Peter Crosthwaite's ELF_MACHINE cleanups
* docs patches from Thomas and Daniel

# gpg: Signature made Fri 25 Sep 2015 11:20:52 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"

* remotes/bonzini/tags/for-upstream: (52 commits)
  doc: Refresh URLs in the qemu-tech documentation
  docs: describe the QEMU build system structure / design
  typedef: add typedef for QemuOpts
  i386: interrupt poll processing
  i386: partial revert of interrupt poll fix
  ppc: Rename ELF_MACHINE to be PPC specific
  i386: Rename ELF_MACHINE to be x86 specific
  alpha: Remove ELF_MACHINE from cpu.h
  mips: Remove ELF_MACHINE from cpu.h
  sparc: Remove ELF_MACHINE from cpu.h
  s390: Remove ELF_MACHINE from cpu.h
  sh4: Remove ELF_MACHINE from cpu.h
  xtensa: Remove ELF_MACHINE from cpu.h
  tricore: Remove ELF_MACHINE from cpu.h
  or32: Remove ELF_MACHINE from cpu.h
  lm32: Remove ELF_MACHINE from cpu.h
  unicore: Remove ELF_MACHINE from cpu.h
  moxie: Remove ELF_MACHINE from cpu.h
  cris: Remove ELF_MACHINE from cpu.h
  m68k: Remove ELF_MACHINE from cpu.h
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-25 21:52:30 +01:00
Peter Maydell
8bfbbb4bcb VFIO updates 2015-09-25
- Remove use of g_malloc0_n for glib2.22 compat
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJWBX0cAAoJECObm247sIsidV0P/1A1hgFW+iFl2sA5kesfV3DG
 FSiPTEI0xF+lDJM498i31QatvVAAMYgk6qK7CWyRCodfWhCntAUxAPoUkeKsEP+k
 cVo7qOeO+PUCFwVdykuxWRTsVVkuhjcOZZ0UylWs9A5G2biIncTzum8mAycTshqz
 AWqk52pQMTAgkV5bD/ZAH1IMp9NX1Ipc2mngtXubhYDZPCVq2ERHbr2TqTj27Qzj
 9f1tdeD0VOy6JvQqu2nFqDMrDaVtjMAUldg473UfNTNNaNUdvbr4+o88+oSrNdke
 U7tdLwV/ani7FLUI1dadezbvGlx64EOO8Pa7FO5ZrjmS+IHVMBTVlPLxNd5ljHdJ
 e9Ei+lsgH6nGnAWuL7b1HI6VUS1dExahqZtA6NGG2DxmYqcKQDH49bDUNmSuFcFj
 ViQAeU11+ZpEm3IgvvQl3ZYuSTuQwzfH7xc73v5nWp9m7YNPVyqPerxqOgHxxzeG
 +v9wSi+9Tt4SoEMzyABr4s8WwRUY7YWXPtF077/E4Jk24xNpJaDoP/A1bQ0JORee
 gVlKOYJA+Smy5sQmLss5h5iQ9zun97Ad+WwTA2QdCLeKA7p6x+NCtUUk+7aH4lVv
 doood1Xx2Seic9LDOy9G8h2TN8gMG870gcbPUfEgxfEnLwSHLOnW7w+X5xLSoFjr
 u/8eIeLuPQLMeNf11ocj
 =BLF9
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150925.0' into staging

VFIO updates 2015-09-25

 - Remove use of g_malloc0_n for glib2.22 compat

# gpg: Signature made Fri 25 Sep 2015 17:58:04 BST using RSA key ID 3BB08B22
# gpg: Good signature from "Alex Williamson <alex.williamson@redhat.com>"
# gpg:                 aka "Alex Williamson <alex@shazbot.org>"
# gpg:                 aka "Alex Williamson <alwillia@redhat.com>"
# gpg:                 aka "Alex Williamson <alex.l.williamson@gmail.com>"

* remotes/awilliam/tags/vfio-update-20150925.0:
  vfio/pci: Remove use of g_malloc0_n() from quirks

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-25 21:11:12 +01:00
Peter Maydell
690b286fef Remove muldiv64() by using period instead of frequency
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJWBVIdAAoJEPMMOL0/L748BXUP/2j+TRnsaU/gMHoL2IGP78BK
 LLLOL7yyV8ZrsrOFvyv8IW0DtpldoYsvObty/bNAr0iq+QwqwGWn9Gw4im5DtIkN
 s7e1WcxLgFHHcT1QLa70MUjjVtRrflTmcW9TVIW79PQ+HsCqnb7EmFZ96HxzH3zN
 YM93eBT6cJV3axsLwJsE82igCXsLo3raKGNb0jt8b6/XwMoR3iUb1Kgs2dJXZUJw
 TYPtHv7sJpQiLQY8Y8o4EjyyjdFuWPVeIfokgPahoOdVA1PSCx6Qh8o+FV1GZ+nF
 vmAr7Jolri6tdbMgRWtIgQQs2YSvPNIUEOYTXVu/4p287JGZPNU5790V2aIczERc
 gEPTqjI6w1AYy8/yMlO3WpfFxXWZH6ZsNBmxCmhH/mczA2dx3DzDlyI7SofQsCHW
 +81U6GSc/Ryy47C+b6m/YZNQDx3yG8rUFtY4PqCcjJwPZdSEhLEM7crC2XWJwy+0
 rg3SnVvXuE2vC/k7UHEYbnFOyVbvezUYJnigbppMilO8nfXIsyuvc7G4AT96jxbt
 4HQJT6ESGEsIToslWObJ53z3jzoAA17xp4gzkZjx7RwSofkFFIaT7jjaA/D2cxFn
 UOXZgAfde6mfg4Ak0czcBYYvm+peEjXBC+DfsBjfAcQ1dz6WSGyd3QZY0J7i9/7y
 iSNiuCE9J6Ha7XVVYzd2
 =krOI
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier-misc/tags/pull-muldiv64-20150925' into staging

Remove muldiv64() by using period instead of frequency

# gpg: Signature made Fri 25 Sep 2015 14:54:37 BST using RSA key ID 3F2FBE3C
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>"
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>"
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier-misc/tags/pull-muldiv64-20150925:
  net: remove muldiv64()
  bt: remove muldiv64()
  hpet: remove muldiv64()
  arm: clarify the use of muldiv64()
  openrisc: remove muldiv64()
  mips: remove muldiv64()
  pcnet: remove muldiv64()
  rtl8139: remove muldiv64()
  i6300esb: remove muldiv64()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-25 18:03:19 +01:00
Peter Maydell
cdf9818242 virtio,pc features, fixes
New features:
     vhost-user multiqueue support
     virtio-ccw virtio 1 support
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJWBOxjAAoJECgfDbjSjVRpao8H/1hV55WvPXyEHB9ian+JPVEb
 pYFUcKGRO/bWMbXkqWnIBzNPrViPNQHot3zrOcoXtgnBGcuniiteGcAtqj4WEkgb
 WSa22AI1QrEPfHIkhR3sYdJAsqte/RppnFKLSDDi9TwKOGUho47OnkzJWfB+vuup
 7YM/r8YDCkckdvsvfsCwW4Fbjxv7oKSokFkkdV/NwNDocNvRSBS9iAXsQYFdS7tm
 8DIkWK63HQDY9in+fYkk8zoaXK7oZMyi3vHd2g4W0t0mGznxj9dxomrJrMo/4GWZ
 ZrnlB9R1QxpOCtoDtozelxkCnLJhEVjd8xYkGPg+xzYjrxl9aHIWjSNGhf5Q9QY=
 =5IBX
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio,pc features, fixes

New features:
    vhost-user multiqueue support
    virtio-ccw virtio 1 support

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Fri 25 Sep 2015 07:40:35 BST using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"

* remotes/mst/tags/for_upstream:
  MAINTAINERS: add more devices to the PCI section
  MAINTAINERS: add more devices to the PC section
  vhost-user: add a new message to disable/enable a specific virt queue.
  vhost-user: add multiple queue support
  vhost: introduce vhost_backend_get_vq_index method
  vhost-user: add VHOST_USER_GET_QUEUE_NUM message
  vhost: rename VHOST_RESET_OWNER to VHOST_RESET_DEVICE
  vhost-user: add protocol feature negotiation
  vhost-user: use VHOST_USER_XXX macro for switch statement
  virtio-ccw: enable virtio-1
  virtio-ccw: feature bits > 31 handling
  virtio-ccw: support ring size changes
  virtio: ring sizes vs. reset
  pc: Introduce pc-*-2.5 machine classes
  q35: Move options common to all classes to pc_i440fx_machine_options()
  q35: Move options common to all classes to pc_q35_machine_options()
  virtio-net: unbreak self announcement and guest offloads after migration
  virtio: right size for virtio_queue_get_avail_size

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-25 16:40:05 +01:00
Laurent Vivier
fdfea124f9 bt: remove muldiv64()
Originally, timers were ticks based, and it made sense to
add ticks to current time to know when to trigger an alarm.

But since commit:

7447545 change all other clock references to use nanosecond resolution accessors

All timers use nanoseconds and we need to convert ticks to nanoseconds.

As get_ticks_per_sec() is 10^9,

    a = muldiv64(b, get_ticks_per_sec(), 100);
    y = muldiv64(x, get_ticks_per_sec(), 1000000);

can be converted to

    a = b * 10000000;
    y = x * 1000;

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 14:56:22 +02:00
Laurent Vivier
0a4f9240f5 hpet: remove muldiv64()
hpet defines a clock period in femtoseconds but
then converts it to nanoseconds to use the internal
timers.

We can define the period in nanoseconds and use it
directly, this allows to remove muldiv64().

We only need to convert the period to femtoseconds
to put it in internal hpet capability register.

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 14:56:05 +02:00
Laurent Vivier
ccaf174923 openrisc: remove muldiv64()
Originally, timers were ticks based, and it made sense to
add ticks to current time to know when to trigger an alarm.

But since commit:

7447545 change all other clock references to use nanosecond resolution accessors

All timers use nanoseconds and we need to convert ticks to nanoseconds, by
doing something like:

    y = muldiv64(x, get_ticks_per_sec(), TIMER_FREQ)

where x is the number of device ticks and y the number of system ticks.

y is used as nanoseconds in timer functions,
it works because 1 tick is 1 nanosecond.
(get_ticks_per_sec() is 10^9)

But as openrisc timer frequency is 20 MHz, we can also do:

    y = x * 50; /* 20 MHz period is 50 ns */

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
2015-09-25 14:54:22 +02:00
Laurent Vivier
683dca6bd5 mips: remove muldiv64()
Originally, timers were ticks based, and it made sense to
add ticks to current time to know when to trigger an alarm.

But since commit:

7447545 change all other clock references to use nanosecond resolution accessors

All timers use nanoseconds and we need to convert ticks to nanoseconds, by
doing something like:

    y = muldiv64(x, get_ticks_per_sec(), TIMER_FREQ)

where x is the number of device ticks and y the number of system ticks.

y is used as nanoseconds in timer functions,
it works because 1 tick is 1 nanosecond.
(get_ticks_per_sec() is 10^9)

But as MIPS timer frequency is 100 MHz, we can also do:

    y = x * 10; /* 100 MHz period is 10 ns */

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
2015-09-25 14:54:04 +02:00
Laurent Vivier
c6acbe861f pcnet: remove muldiv64()
Originally, timers were ticks based, and it made sense to
add ticks to current time to know when to trigger an alarm.

But since commit:

7447545 change all other clock references to use nanosecond resolution accessors

All timers use nanoseconds and we need to convert ticks to nanoseconds, by
doing something like:

    y = muldiv64(x, get_ticks_per_sec(), PCI_FREQUENCY)

where x is the number of device ticks and y the number of system ticks.

y is used as nanoseconds in timer functions,
it works because 1 tick is 1 nanosecond.
(get_ticks_per_sec() is 10^9)

But as PCI frequency is 33 MHz, we can also do:

    y = x * 30; /* 33 MHz PCI period is 30 ns */

Which is much more simple.

This implies a 33.333333 MHz PCI frequency,
but this is correct.

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-09-25 14:53:50 +02:00
Laurent Vivier
37b9ab92f7 rtl8139: remove muldiv64()
Originally, timers were ticks based, and it made sense to
add ticks to current time to know when to trigger an alarm.

But since commit:

7447545 change all other clock references to use nanosecond resolution accessors

All timers use nanoseconds and we need to convert ticks to nanoseconds, by
doing something like:

    y = muldiv64(x, get_ticks_per_sec(), PCI_FREQUENCY)

where x is the number of device ticks and y the number of system ticks.

y is used as nanoseconds in timer functions,
it works because 1 tick is 1 nanosecond.
(get_ticks_per_sec() is 10^9)

But as PCI frequency is 33 MHz, we can also do:

    y = x * 30; /* 33 MHz PCI period is 30 ns */

Which is much more simple.

This implies a 33.333333 MHz PCI frequency,
but this is correct.

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-09-25 14:53:29 +02:00
Laurent Vivier
9491e9bc01 i6300esb: remove muldiv64()
Originally, timers were ticks based, and it made sense to
add ticks to current time to know when to trigger an alarm.

But since commit:

7447545 change all other clock references to use nanosecond resolution accessors

All timers use nanoseconds and we need to convert ticks to nanoseconds, by
doing something like:

    y = muldiv64(x, get_ticks_per_sec(), PCI_FREQUENCY)

where x is the number of device ticks and y the number of system ticks.

y is used as nanoseconds in timer functions,
it works because 1 tick is 1 nanosecond.
(get_ticks_per_sec() is 10^9)

But as PCI frequency is 33 MHz, we can also do:

    y = x * 30; /* 33 MHz PCI period is 30 ns */

Which is much more simple.

This implies a 33.333333 MHz PCI frequency,
but this is correct.

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
2015-09-25 14:52:17 +02:00
Peter Crosthwaite
4ecd4d16a0 ppc: Rename ELF_MACHINE to be PPC specific
Rename ELF_MACHINE to be PPC specific. This is used as-is by the
various PPC bootloaders and is locally defined to ELF_MACHINE in linux
user in PPC specific ifdeffery.

This removes another architecture specific definition from the global
namespace (as desired by multi-arch).

Cc: Alexander Graf <agraf@suse.de>
Cc: qemu-ppc@nongnu.org
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:44 +02:00
Peter Crosthwaite
a5e8788f89 i386: Rename ELF_MACHINE to be x86 specific
Rename ELF_MACHINE to be I386 specific. This is used as-is by the
multiboot loader.

Linux-user previously used this definition but will not anymore,
falling back to the default bahaviour of using ELF_ARCH as ELF_MACHINE.

This removes another architecture specific definition from the global
namespace.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:44 +02:00
Peter Crosthwaite
04ce380e9e mips: Remove ELF_MACHINE from cpu.h
The only generic code relying on this is linux-user, but linux users'
default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle
this.

The bootloaders can just pass EM_MIPS directly, as that is
architecture specific code.

This removes another architecture specific definition from the global
namespace.

Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:44 +02:00
Peter Crosthwaite
77452383e0 sparc: Remove ELF_MACHINE from cpu.h
The bootloaders can just pass EM_SPARC or EM_SPARCV9 directly, as
they are architecture specific code (to one or the other).

This removes another architecture specific definition from the global
namespace.

Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:44 +02:00
Peter Crosthwaite
99a4434ed7 s390: Remove ELF_MACHINE from cpu.h
The bootloader can just pass EM_S390 directly, as that
is architecture specific code.

This removes another architecture specific definition from the global
namespace.

Cc: Richard Henderson <rth@twiddle.net>
Cc: Alexander Graf <agraf@suse.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:44 +02:00
Peter Crosthwaite
943cd38722 xtensa: Remove ELF_MACHINE from cpu.h
The bootloaders can just pass EM_XTENSA directly, as that
is architecture specific code.

This removes another architecture specific definition from the global
namespace.

Cc: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:44 +02:00
Peter Crosthwaite
7183128bc9 tricore: Remove ELF_MACHINE from cpu.h
The bootloader can just pass EM_TRICORE directly, as that
is architecture specific code.

This removes another architecture specific definition from the global
namespace.

Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Acked-By: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:44 +02:00
Peter Crosthwaite
ed03ecf8f0 or32: Remove ELF_MACHINE from cpu.h
The only generic code relying on this is linux-user, but linux users'
default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle
this.

The bootloader can just pass EM_OPENRISC directly, as that is
architecture specific code.

This removes another architecture specific definition from the global
namespace.

Cc: Jia Liu <proljc@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:44 +02:00
Peter Crosthwaite
22d2fb4c59 lm32: Remove ELF_MACHINE from cpu.h
The bootloaders can just pass EM_LATTICEMICO32 directly, as that is
architecture specific code.

This removes another architecture specific definition from the global
namespace.

Cc: Michael Walle <michael@walle.cc>
Acked-By: Michael Walle <michael@walle.cc>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:43 +02:00
Peter Crosthwaite
b744d332f3 moxie: Remove ELF_MACHINE from cpu.h
The bootloader can just pass EM_MOXIE directly, as that is architecture
specific code.

This removes another architecture specific definition from the global
namespace.

Cc: Anthony Green <green@moxielogic.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:43 +02:00
Peter Crosthwaite
7233df4949 cris: Remove ELF_MACHINE from cpu.h
The only generic code relying on this is linux-user, but linux users'
default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle
this.

The bootloader can just pass EM_CRIS directly, as that is architecture
specific code.

This removes another architecture specific definition from the global
namespace.

Cc: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:43 +02:00
Peter Crosthwaite
45e6b8b61a m68k: Remove ELF_MACHINE from cpu.h
The only generic code relying on this is linux-user, but linux users'
default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle
this.

The machine model bootloaders can just pass EM_68K directly, as that
is architecture specific code.

This removes another architecture specific definition from the global
namespace.

Cc: Laurent Vivier <laurent@vivier.eu>
Cc: Greg Ungerer <gerg@uclinux.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Reviewed-by: Greg Ungerer <gerg@uclinux.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:43 +02:00
Peter Crosthwaite
f4fc2bbfa2 mb: Remove ELF_MACHINE from cpu.h
The only generic code relying on this is linux-user, but linux-users'
default behaviour or setting ELF_MACHINE to ELF_ARCH will handle this.

The microblaze bootloader can just pass EM_MICROBLAZE directly, as that
is architecture specific code.

This removes another architecture specific definition from the global
namespace.

Cc: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:43 +02:00
Peter Crosthwaite
b597c3f7da arm: Remove ELF_MACHINE from cpu.h
The only generic code relying on this is linux-user. Linux user
already has a lot of #ifdef TARGET_ customisation so instead, define
ELF_ARCH as either EM_ARM or EM_AARCH64 appropriately.

The armv7m bootloader can just pass EM_ARM directly, as that
is architecture specific code. Note that arm_boot already has its own
logic selecting an arm specific elf machine so this makes V7M more
consistent with arm_boot.

This removes another architecture specific definition from the global
namespace.

Cc: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-By: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:43 +02:00
Peter Crosthwaite
98dbe5aca8 elf: Update EM_MOXIE definition
EM_MOXIE now has a proper assigned elf code. Use it. Register the old
interim value as EM_MOXIE_OLD and accept either in elf loading.

Cc: Anthony Green <green@moxielogic.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:43 +02:00
Pavel Butsykin
6bde8fd69f hmp: implemented io apic dump state for TCG
Added support emulator for the hmp command "info ioapic"

Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Andreas Färber <afaerber@suse.de>
Message-Id: <1442927901-1084-10-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:42 +02:00
Pavel Butsykin
d665d696c5 hmp: added io apic dump state
Added the hmp command to query io apic state, may be usefull after guest
crashes to understand IRQ routing in guest.

Implementation is only for kvm here. The dump will look like
(qemu) info ioapic
ioapic id=0x00 sel=0x26 (redir[11])
pin 0  0x0000000000010000 dest=0 vec=0   active-hi edge  masked fixed  physical
pin 1  0x0000000000000031 dest=0 vec=49  active-hi edge         fixed  physical
...
pin 23 0x0000000000010000 dest=0 vec=0   active-hi edge  masked fixed  physical
IRR        (none)
Remote IRR (none)

Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Andreas Färber <afaerber@suse.de>
Message-Id: <1442927901-1084-9-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:42 +02:00
Pavel Butsykin
a22bf99c58 apic_internal.h: rename ESR_ILLEGAL_ADDRESS to APIC_ESR_ILLEGAL_ADDRESS
Added prefix APIC_ for determining the constant of a particular subsystem,
improve the overall readability and match other constant names.

Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Andreas Färber <afaerber@suse.de>
Message-Id: <1442927901-1084-3-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:42 +02:00
Pavel Butsykin
82a5e042fa apic_internal.h: make some apic_get_* functions externally visible
Move apic_get_bit(), apic_set_bit() to apic_internal.h, make the apic_get_ppr
symbol external. It's necessary to work with isr, tmr, irr and ppr outside
hw/intc/apic.c

Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Andreas Färber <afaerber@suse.de>
Message-Id: <1442927901-1084-2-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:42 +02:00
Paolo Bonzini
2f5a3b1252 ioapic: fix contents of arbitration register
The arbitration register should read to the same value as the
IOAPIC id register.  Fixes kvm-unit-tests ioapic.flat.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:42 +02:00
Paolo Bonzini
c5955a561c ioapic: coalesce level interrupts
If a level-triggered interrupt goes down and back up before the
corresponding EOI, it should be coalesced.  This fixes one testcase
in kvm-unit-tests' ioapic.flat.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:42 +02:00
Marc-André Lureau
500887768a vhost-scsi: include linux/vhost.h
Replace ad-hoc declarations with the linux header.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <1442585920-28373-1-git-send-email-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:41 +02:00
Paolo Bonzini
0eb2baeb44 scsi-generic: let guests recognize readonly=on on passthrough devices
Passed-through SCSI devices can be opened with the readonly=on option.
When this happens, Linux filters away write commands so that the guest
cannot overwrite the contents of the device.

However, the guest does not know that the device is read-only, and
accepts writes.  The writes only fail later when the page cache is
flushed.

This patch modifies scsi-generic to modify the MODE SENSE data and
set the read-only bit in the device-specific parameters, so that
the guest OS treats the disk as write protected.

Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-25 12:04:41 +02:00
Peter Maydell
9438fe9e56 Remove libcacard
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJWAxuHAAoJENro4Ql1lpzlXuAQALbdywlUC/C8Qmx12s7H3DtT
 bsasSDq2UkFERcAH0OWXJ/oAgIw95a0yq5ulP9mpT+jiT8rqT2sTuHArHzLICV+T
 37LAcMxZCdOQwRW2q2RnceSWiYOVMIuCXrWw9FjmM44CKZT4AX+5re4EiOcXYotf
 TQaGMhNr9CWOPp/aUUhPQt8ccaapWWyr2j4pNx2Apo6qvLuHMsIczlEAVRCEwL6J
 XdNGKCvhvmtK2e1RUfD7djeGRAYlcnotoq1FvrGnXxrZIV+fTjpL4I3+GNNisn5e
 29e3BrtHcWmksRP9rr12S++4yn9XegqojbTbKrUKrzNx+2rvSBc7lQenYrY36KUa
 426Uy3cQAagkrch7m9bcT5UqH9axKfeP+FgTnP+0xAQHg4tM+dYzlJOEwT8le+p+
 2iPswwTOJBO4R2DR6dt39cKAB7jz9ZpBD++biaNhd91dt4o9MY3ebiBiFTq6dmxi
 xUryff6MM/FnT0b69FgWsOblTdhLsdIEKU+JJFt5WMWl7vfOfRlP3G6rdFZypWPT
 E8U+7vLdAxeFONauYb1BHkwrZbFxv2tXB9VGaaf5FRSh83zCO1K0Jih22udYcLF0
 QYQUFNSjTZteLC4TbAJvKUs52Isc6IMAK7dqIty5yoFmQT7hGWCWqK2p8CjA3JYq
 EwWW0WgKlLTxR0O1DXZC
 =b/4L
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/elmarco/tags/rm-libcacard' into staging

Remove libcacard

# gpg: Signature made Wed 23 Sep 2015 22:37:11 BST using RSA key ID 75969CE5
# gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>"
# gpg:                 aka "Marc-André Lureau <marcandre.lureau@gmail.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 87A9 BD93 3F87 C606 D276  F62D DAE8 E109 7596 9CE5

* remotes/elmarco/tags/rm-libcacard:
  libcacard: use the standalone project

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-24 17:04:31 +01:00
Changchun Ouyang
7263a0ad78 vhost-user: add a new message to disable/enable a specific virt queue.
Add a new message, VHOST_USER_SET_VRING_ENABLE, to enable or disable
a specific virt queue, which is similar to attach/detach queue for
tap device.

virtio driver on guest doesn't have to use max virt queue pair, it
could enable any number of virt queue ranging from 1 to max virt
queue pair.

Signed-off-by: Changchun Ouyang <changchun.ouyang@intel.com>
Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Reviewed-by: Jason Wang <jasowang@redhat.com>
Tested-by: Marcel Apfelbaum <marcel@redhat.com>
2015-09-24 16:27:53 +03:00
Changchun Ouyang
b931bfbf04 vhost-user: add multiple queue support
This patch is initially based a patch from Nikolay Nikolaev.

This patch adds vhost-user multiple queue support, by creating a nc
and vhost_net pair for each queue.

Qemu exits if find that the backend can't support the number of requested
queues (by providing queues=# option). The max number is queried by a
new message, VHOST_USER_GET_QUEUE_NUM, and is sent only when protocol
feature VHOST_USER_PROTOCOL_F_MQ is present first.

The max queue check is done at vhost-user initiation stage. We initiate
one queue first, which, in the meantime, also gets the max_queues the
backend supports.

In older version, it was reported that some messages are sent more times
than necessary. Here we came an agreement with Michael that we could
categorize vhost user messages to 2 types: non-vring specific messages,
which should be sent only once, and vring specific messages, which should
be sent per queue.

Here I introduced a helper function vhost_user_one_time_request(), which
lists following messages as non-vring specific messages:

        VHOST_USER_SET_OWNER
        VHOST_USER_RESET_DEVICE
        VHOST_USER_SET_MEM_TABLE
        VHOST_USER_GET_QUEUE_NUM

For above messages, we simply ignore them when they are not sent the first
time.

Signed-off-by: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
Signed-off-by: Changchun Ouyang <changchun.ouyang@intel.com>
Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Reviewed-by: Jason Wang <jasowang@redhat.com>
Tested-by: Marcel Apfelbaum <marcel@redhat.com>
2015-09-24 16:27:53 +03:00
Yuanhan Liu
fc57fd9900 vhost: introduce vhost_backend_get_vq_index method
Minusing the idx with the base(dev->vq_index) for vhost-kernel, and
then adding it back for vhost-user doesn't seem right. Here introduces
a new method vhost_backend_get_vq_index() for getting the right vq
index for following vhost messages calls.

Suggested-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Reviewed-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Tested-by: Marcel Apfelbaum <marcel@redhat.com>
2015-09-24 16:27:53 +03:00
Yuanhan Liu
e2051e9e00 vhost-user: add VHOST_USER_GET_QUEUE_NUM message
This is for querying how many queues the backend supports if it has mq
support(when VHOST_USER_PROTOCOL_F_MQ flag is set from the quried
protocol features).

vhost_net_get_max_queues() is the interface to export that value, and
to tell if the backend supports # of queues user requested, which is
done in the following patch.

Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Tested-by: Marcel Apfelbaum <marcel@redhat.com>
2015-09-24 16:27:52 +03:00
Yuanhan Liu
d1f8b30ec8 vhost: rename VHOST_RESET_OWNER to VHOST_RESET_DEVICE
Quote from Michael:

    We really should rename VHOST_RESET_OWNER to VHOST_RESET_DEVICE.

Suggested-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Tested-by: Marcel Apfelbaum <marcel@redhat.com>
2015-09-24 16:27:52 +03:00
Michael S. Tsirkin
dcb10c000c vhost-user: add protocol feature negotiation
Support a separate bitmask for vhost-user protocol features,
and messages to get/set protocol features.

Invoke them at init.

No features are defined yet.

[ leverage vhost_user_call for request handling -- Yuanhan Liu ]

Signed-off-by: Michael S. Tsirkin <address@hidden>
Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Tested-by: Marcel Apfelbaum <marcel@redhat.com>
2015-09-24 16:27:52 +03:00
Yuanhan Liu
7305483a3d vhost-user: use VHOST_USER_XXX macro for switch statement
So that we could let vhost_user_call to handle extented requests,
such as VHOST_USER_GET/SET_PROTOCOL_FEATURES, instead of invoking
vhost_user_read/write and constructing the msg again by ourself.

Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Tested-by: Marcel Apfelbaum <marcel@redhat.com>
2015-09-24 16:27:52 +03:00
Cornelia Huck
542571d523 virtio-ccw: enable virtio-1
Let's enable revision 1 for virtio-ccw devices. We can always offer
VERSION_1 as drivers in legacy mode won't be able to see it anyway.

We have to introduce a way to set a lower maximum revision for a device
to accommodate the following cases:
- compat machines (to enforce legacy only)
- virtio-blk with scsi support (version 1 + scsi is fenced by common
  code, with a user-configured max revision of 0 we can allow scsi
  via not offering VERSION_1)

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-09-24 13:42:17 +03:00
Cornelia Huck
b4f8f9df15 virtio-ccw: feature bits > 31 handling
We currently switch off the VERSION_1 feature bit if the guest has
not negotiated at least revision 1. As no feature bits beyond 31 are
valid however unless VERSION_1 has been negotiated, make sure that
legacy guests never see a feature bit beyond 31.

Reviewed-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-09-24 13:42:17 +03:00
Cornelia Huck
79cd0c80f8 virtio-ccw: support ring size changes
Wire up changing the ring size for virtio-1 devices.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-09-24 13:42:17 +03:00
Cornelia Huck
46c5d0823d virtio: ring sizes vs. reset
We allow guests to change the size of the virtqueue rings by supplying
a number of buffers that is different from the number of buffers the
device was initialized with. Current code has some problems, however,
since reset does not reset the ringsizes to the default values (as this
is not saved anywhere).

Let's extend the core code to keep track of the default ringsizes and
migrate them once the guest changed them for any of the virtqueues
for a device.

Reviewed-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-09-24 13:42:17 +03:00
Eduardo Habkost
87e896abe6 pc: Introduce pc-*-2.5 machine classes
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-09-24 13:42:00 +03:00
Eduardo Habkost
254bdb1cbf q35: Move options common to all classes to pc_i440fx_machine_options()
The existing default_machine_opts and default_display settings will
still apply to future machine classes. So it makes sense to move them to
pc_i440fx_machine_options() instead of keeping them in a
version-specific machine_options function.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-09-24 13:39:47 +03:00
Eduardo Habkost
0b7783a79e q35: Move options common to all classes to pc_q35_machine_options()
The existing default_machine_opts, default_display, no_floppy, and
no_tco settings will still apply to future machine classes. So it makes
sense to move them to pc_q35_machine_options() instead of keeping them
in a version-specific machine_options function.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-09-24 13:39:47 +03:00
Jason Wang
1f8828ef57 virtio-net: unbreak self announcement and guest offloads after migration
After commit 019a3edbb2 ("virtio: make
features 64bit wide"). Device's guest_features was actually set after
vdc->load(). This breaks the assumption that device specific load()
function can check guest_features. For virtio-net, self announcement
and guest offloads won't work after migration.

Fixing this by defer them to virtio_net_load() where guest_features
were guaranteed to be set. Other virtio devices looks fine.

Fixes: 019a3edbb2
       ("virtio: make features 64bit wide")
Cc: qemu-stable@nongnu.org
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2015-09-24 13:39:46 +03:00
Pierre Morel
50764fc8a3 virtio: right size for virtio_queue_get_avail_size
Being working on dataplane I notice something strange:

virtio_queue_get_avail_size() used a 64bit size index
for the calculation of the available ring size.

It is quite strange but it did work with the old calculation
of the avail ring, at most with performance penalty,
and I wonder where I missed something.

This patch let use a 16bit size as defined in virtio_ring.h

Signed-off-by: Pierre Morel <pmorel@linux.vnet.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-09-24 13:39:46 +03:00
Alex Williamson
9d146b2e2f vfio/pci: Remove use of g_malloc0_n() from quirks
For compatibility with glib 2.22.

Reported-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 21:27:17 -06:00
Shannon Zhao
cd37aaf876 hw/arm/virt-acpi-build: Fix wrong size of flash in ACPI table
While virt machine creates two flash devices with total size 0x08000000,
the ACPI table generation code was wrongly using this total size as the
size of each flash device, so it would overlap other MMIO spaces.
Make each device entry in the table half the total; this brings the
ACPI table into line with the code which generates the device tree
and which creates the flash devices themselves.

Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Wei Huang <wei@redhat.com>
Tested-by: Graeme Gregory <graeme.gregory@linaro.org>
Message-id: 1442455041-6596-1-git-send-email-shannon.zhao@linaro.org
[PMM: edited commit message]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-24 01:29:37 +01:00
Pavel Fedin
b92ad3949b hw/arm/virt: Add gic-version option to virt machine
Add gic_version to VirtMachineState, set it to value of the option
and pass it around where necessary. Instantiate devices and fdt
nodes according to the choice.

max_cpus for virt machine increased to 123 (calculated from redistributor
space available in the memory map). GICv2 compatibility check happens
inside arm_gic_common_realize().

ITS region is added to the memory map too, however currently it not used,
just reserved.

Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Tested-by: Ashok kumar <ashoks@broadcom.com>
[PMM: Added missing cpu_to_le* calls, thanks to Shannon Zhao]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-24 01:29:37 +01:00
Pavel Fedin
a7bf30342e hw/intc: Initial implementation of vGICv3
This is the initial version of KVM-accelerated GICv3 support.
State load and save are not yet supported, live migration is
not possible.

In order to get correct class name in a simpler way, gicv3_class_name()
function is implemented, similar to gic_class_name().

Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Ashok kumar <ashoks@broadcom.com>
Message-id: 69d8f01d14994d7a1a140e96aef59fd332d02293.1441784344.git.p.fedin@samsung.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-24 01:29:37 +01:00
Pavel Fedin
4b3cfe72d9 intc/gic: Extract some reusable vGIC code
Some functions previously used only by vGICv2 are useful also for vGICv3
implementation. Untie them from GICState and make accessible from within
other modules:
- kvm_arm_gic_set_irq()
- kvm_gic_supports_attr() - moved to common code and renamed to
  kvm_device_check_attr()
- kvm_gic_access() - turned into GIC-independent kvm_device_access().
  Data pointer changed to void * because some GICv3 registers are
  64-bit wide

Some of these changes are not used right now, but they will be helpful for
implementing live migration.

Actually kvm_dist_get() and kvm_dist_put() could also be made reusable, but
they would require two extra parameters (s->dev_fd and s->num_cpu) as well as
lots of typecasts of 's' to DeviceState * and back to GICState *. This makes
the code very ugly so i decided to stop at this point. I tried also an
approach with making a base class for all possible GICs, but it would contain
only three variables (dev_fd, cpu_num and irq_num), and accessing them through
the rest of the code would be again tedious (either ugly casts or qemu-style
separate object pointer). So i disliked it too.

Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Tested-by: Ashok kumar <ashoks@broadcom.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 2ef56d1dd64ffb75ed02a10dcdaf605e5b8ff4f8.1441784344.git.p.fedin@samsung.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-24 01:29:36 +01:00
Shlomo Pongratz
ff8f06ee76 hw/intc: Implement GIC-500 base class
This class is to be used by both software and KVM implementations of GICv3

Currently it is mostly a placeholder, but in future it is supposed to hold
qemu's representation of GICv3 state, which is necessary for migration.

The interface of this class is fully compatible with GICv2 one. This is
done in order to simplify integration with existing code.

Signed-off-by: Shlomo Pongratz <shlomo.pongratz@huawei.com>
Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Reviewed-by: Eric Auger <eric.auger@linaro.org>
Tested-by: Ashok kumar <ashoks@broadcom.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: aff8baaee493cdcab0694b4a1d4dd5ff27c37ed2.1441784344.git.p.fedin@samsung.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-24 01:29:36 +01:00
Marc-André Lureau
7b02f5447c libcacard: use the standalone project
libcacard is now a standalone project hosted with the Spice project (see
the 2.5.0 release announcement), remove it from qemu tree.

Use the library if found during configure or if --enable-smartcard.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Tested-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-23 23:34:17 +02:00
Alex Williamson
89dcccc593 vfio/pci: Add emulated PCI IDs
Specifying an emulated PCI vendor/device ID can be useful for testing
various quirk paths, even though the behavior and functionality of
the device with bogus IDs is fully unsupportable.  We need to use a
uint32_t for the vendor/device IDs, even though the registers
themselves are only 16-bit in order to be able to determine whether
the value is valid and user set.

The same support is added for subsystem vendor/device ID, though these
have the possibility of being useful and supported for more than a
testing tool.  An emulated platform might want to impose their own
subsystem IDs or at least hide the physical subsystem ID.  Windows
guests will often reinstall drivers due to a change in subsystem IDs,
something that VM users may want to avoid.  Of course careful
attention would be required to ensure that guest drivers do not rely
on the subsystem ID as a basis for device driver quirks.

All of these options are added using the standard experimental option
prefix and should not be considered stable.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:49 -06:00
Alex Williamson
ff635e3775 vfio/pci: Cache vendor and device ID
Simplify access to commonly referenced PCI vendor and device ID by
caching it on the VFIOPCIDevice struct.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:49 -06:00
Alex Williamson
c9c5000991 vfio/pci: Move AMD device specific reset to quirks
This is just another quirk, for reset rather than affecting memory
regions.  Move it to our new quirks file.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:49 -06:00
Alex Williamson
958d553405 vfio/pci: Remove old config window and mirror quirks
These are now unused.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:48 -06:00
Alex Williamson
0d38fb1c5f vfio/pci: Config mirror quirk
Re-implement our mirror quirk using the new infrastructure.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:48 -06:00
Alex Williamson
0e54f24a5b vfio/pci: Config window quirks
Config windows make use of an address register and a data register.
In VGA cards, these are often used to provide real mode code in the
BIOS an easy way to access MMIO registers since the window often
resides in an I/O port register.  When the MMIO register has a mirror
of PCI config space, we need to trap those accesses and redirect them
to emulated config space.

The previous version of this functionality made use of a single
MemoryRegion and single match address.  This version uses separate
MemoryRegions for each of the address and data registers and allows
for multiple match addresses.  This is useful for Nvidia cards which
have two ranges which index into PCI config space.

The previous implementation is left for the follow-on patch for a more
reviewable diff.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:48 -06:00
Alex Williamson
954258a5f1 vfio/pci: Rework RTL8168 quirk
Another rework of this quirk, this time to update to the new quirk
structure.  We can handle the address and data registers with
separate MemoryRegions and a quirk specific data structure, making the
code much more understandable.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:47 -06:00
Alex Williamson
6029a424be vfio/pci: Cleanup Nvidia 0x3d0 quirk
The Nvidia 0x3d0 quirk makes use of a two separate registers and gives
us our first chance to make use of separate memory regions for each to
simplify the code a bit.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:47 -06:00
Alex Williamson
b946d28611 vfio/pci: Cleanup ATI 0x3c3 quirk
This is an easy quirk that really doesn't need a data structure if
its own.  We can pass vdev as the opaque data and access to the
MemoryRegion isn't required.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:47 -06:00
Alex Williamson
8c4f234853 vfio/pci: Foundation for new quirk structure
VFIOQuirk hosts a single memory region and a fixed set of data fields
that try to handle all the quirk cases, but end up making those that
don't exactly match really confusing.  This patch introduces a struct
intended to provide more flexibility and simpler code.  VFIOQuirk is
stripped to its basics, an opaque data pointer for quirk specific
data and a pointer to an array of MemoryRegions with a counter.  This
still allows us to have common teardown routines, but adds much
greater flexibility to support multiple memory regions and quirk
specific data structures that are easier to maintain.  The existing
VFIOQuirk is transformed into VFIOLegacyQuirk, which further patches
will eliminate entirely.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:46 -06:00
Alex Williamson
056dfcb695 vfio/pci: Cleanup ROM blacklist quirk
Create a vendor:device ID helper that we'll also use as we rework the
rest of the quirks.  Re-reading the config entries, even if we get
more blacklist entries, is trivial overhead and only incurred during
device setup.  There's no need to typedef the blacklist structure,
it's a static private data type used once.  The elements get bumped
up to uint32_t to avoid future maintenance issues if PCI_ANY_ID gets
used for a blacklist entry (avoiding an actual hardware match).  Our
test loop is also crying out to be simplified as a for loop.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:45 -06:00
Alex Williamson
c00d61d8fa vfio/pci: Split quirks to a separate file
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:45 -06:00
Alex Williamson
78f33d2bfd vfio/pci: Extract PCI structures to a separate header
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:44 -06:00
Alex Williamson
5e15d79b86 vfio: Change polarity of our no-mmap option
The default should be to allow mmap and new drivers shouldn't need to
expose an option or set it to other than the allocation default in
their initfn.  Take advantage of the experimental flag to change this
option to the correct polarity.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:44 -06:00
Alex Williamson
46746dbaa8 vfio/pci: Make interrupt bypass runtime configurable
Tracing is more effective when we can completely disable all KVM
bypass paths.  Make these runtime rather than build-time configurable.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:44 -06:00
Alex Williamson
0de70dc7ba vfio/pci: Rename MSI/X functions for easier tracing
This allows vfio_msi* tracing.  The MSI/X interrupt tracing is also
pulled out of #ifdef DEBUG_VFIO to avoid a recompile for tracing this
path.  A few cycles to read the message is hardly anything if we're
already in QEMU.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:43 -06:00
Alex Williamson
870cb6f104 vfio/pci: Rename INTx functions for easier tracing
Rename functions and tracing callbacks so that we can trace vfio_intx*
to see all the INTx related activities.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:43 -06:00
Alex Williamson
b5bd049fa9 vfio/pci: Cleanup vfio_early_setup_msix() error path
With the addition of the Chelsio quirk we have an error path out of
vfio_early_setup_msix() that doesn't free the allocated VFIOMSIXInfo
struct.  This doesn't introduce a leak as it still gets freed in the
vfio_put_device() path, but it's complicated and sloppy to rely on
that.  Restructure to free the allocated data on error and only link
it into the vdev on success.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Reported-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2015-09-23 13:04:43 -06:00
Alex Williamson
d451008e0f vfio/pci: Cleanup RTL8168 quirk and tracing
There's quite a bit of cleanup that can be done to the RTL8168 quirk,
as well as the tracing to prevent a spew of uninteresting accesses
for anything else the driver might choose to use the window registers
for besides the MSI-X table.  There should be no functional change,
but it's now possible to get compact and useful traces by enabling
vfio_rtl8168_quirk*, ex:

vfio_rtl8168_quirk_write 0000:04:00.0 [address]: 0x1f000
vfio_rtl8168_quirk_read 0000:04:00.0 [address]: 0x8001f000
vfio_rtl8168_quirk_read 0000:04:00.0 [data]: 0xfee0100c
vfio_rtl8168_quirk_write 0000:04:00.0 [address]: 0x1f004
vfio_rtl8168_quirk_read 0000:04:00.0 [address]: 0x8001f004
vfio_rtl8168_quirk_read 0000:04:00.0 [data]: 0x0
vfio_rtl8168_quirk_write 0000:04:00.0 [address]: 0x1f008
vfio_rtl8168_quirk_read 0000:04:00.0 [address]: 0x8001f008
vfio_rtl8168_quirk_read 0000:04:00.0 [data]: 0x49b1
vfio_rtl8168_quirk_write 0000:04:00.0 [address]: 0x1f00c
vfio_rtl8168_quirk_read 0000:04:00.0 [address]: 0x8001f00c
vfio_rtl8168_quirk_read 0000:04:00.0 [data]: 0x0

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2015-09-23 13:04:42 -06:00
Gavin Shan
d76548a98f sPAPR: Enable EEH on VFIO PCI device only
This checks if the PCI device retrieved from the PCI device address
is VFIO PCI device when enabling EEH functionality. If it's not
VFIO PCI device, the EEH functonality isn't enabled.

Signed-off-by: Gavin Shan <gwshan@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:11 +10:00
Gavin Shan
47445c80fb sPAPR: Revert don't enable EEH on emulated PCI devices
This reverts commit 7cb18007 ("sPAPR: Don't enable EEH on emulated
PCI devices") as rtas_ibm_set_eeh_option() isn't the right place
to check if there has the corresponding PCI device for the input
address, which can be PE address, not PCI device address.

Signed-off-by: Gavin Shan <gwshan@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:11 +10:00
Thomas Huth
4d9392be6c ppc/spapr: Implement H_RANDOM hypercall in QEMU
The PAPR interface defines a hypercall to pass high-quality
hardware generated random numbers to guests. Recent kernels can
already provide this hypercall to the guest if the right hardware
random number generator is available. But in case the user wants
to use another source like EGD, or QEMU is running with an older
kernel, we should also have this call in QEMU, so that guests that
do not support virtio-rng yet can get good random numbers, too.

This patch now adds a new pseudo-device to QEMU that either
directly provides this hypercall to the guest or is able to
enable the in-kernel hypercall if available. The in-kernel
hypercall can be enabled with the use-kvm property, e.g.:

 qemu-system-ppc64 -device spapr-rng,use-kvm=true

For handling the hypercall in QEMU instead, a "RngBackend" is
required since the hypercall should provide "good" random data
instead of pseudo-random (like from a "simple" library function
like rand() or g_random_int()). Since there are multiple RngBackends
available, the user must select an appropriate back-end via the
"rng" property of the device, e.g.:

 qemu-system-ppc64 -object rng-random,filename=/dev/hwrng,id=gid0 \
                   -device spapr-rng,rng=gid0 ...

See http://wiki.qemu-project.org/Features-Done/VirtIORNG for
other example of specifying RngBackends.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:11 +10:00
Thomas Huth
ef001f069e ppc/spapr: Fix buffer overflow in spapr_populate_drconf_memory()
The buffer that is allocated in spapr_populate_drconf_memory()
is used for setting both, the "ibm,dynamic-memory" and the
"ibm,associativity-lookup-arrays" property. However, only the
size of the first one is taken into account when allocating the
memory. So if the length of the second property is larger than
the length of the first one, we run into a buffer overflow here!
Fix it by taking the length of the second property into account,
too.

Fixes: "spapr: Support ibm,dynamic-reconfiguration-memory" patch
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:11 +10:00
David Gibson
20bb648dca spapr: Fix default NUMA node allocation for threads
At present, if guest numa nodes are requested, but the cpus in each node
are not specified, spapr just uses the default behaviour or assigning each
vcpu round-robin to nodes.

If smp_threads != 1, that will assign adjacent threads in a core to
different NUMA nodes.  As well as being just weird, that's a configuration
that can't be represented in the device tree we give to the guest, which
means the guest and qemu end up with different ideas of the NUMA topology.

This patch implements mc->cpu_index_to_socket_id in the spapr code to
make sure vcpus get assigned to nodes only at the socket granularity.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
2015-09-23 10:51:11 +10:00
Bharata B Rao
0a4178692c spapr: Move memory hotplug to RTAS_LOG_V6_HP_ID_DRC_COUNT type
Till now memory hotplug used RTAS_LOG_V6_HP_ID_DRC_INDEX hotplug type
which meant that we generated one hotplug type of EPOW event for every
256MB (SPAPR_MEMORY_BLOCK_SIZE). This quickly overruns the kernel
rtas log buffer thus resulting in loss of memory hotplug events. Switch
to RTAS_LOG_V6_HP_ID_DRC_COUNT hotplug type for memory so that we
generate only one event per hotplug request.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:11 +10:00
Bharata B Rao
7a36ae7a9f spapr: Support hotplug by specifying DRC count
Support hotplug identifier type RTAS_LOG_V6_HP_ID_DRC_COUNT that allows
hotplugging of DRCs by specifying the DRC count.

While we are here, rename

spapr_hotplug_req_add_event() to spapr_hotplug_req_add_by_index()
spapr_hotplug_req_remove_event() to spapr_hotplug_req_remove_by_index()

so that they match with spapr_hotplug_req_add_by_count().

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:11 +10:00
Bharata B Rao
e8f986fc57 spapr: Revert to memory@XXXX representation for non-hotplugged memory
Don't represent non-hotluggable memory under drconf node. With this
we don't have to create DRC objects for them.

The effect of this patch is that we revert back to memory@XXXX representation
for all the memory specified with -m option and represent the cold
plugged memory and hot-pluggable memory under
ibm,dynamic-reconfiguration-memory.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:11 +10:00
Bharata B Rao
6663864e95 spapr: Populate ibm,associativity-lookup-arrays correctly for non-NUMA
When NUMA isn't configured explicitly, assume node 0 is present for
the purpose of creating ibm,associativity-lookup-arrays property
under ibm,dynamic-reconfiguration-memory DT node. This ensures that
the associativity index property is correctly updated in ibm,dynamic-memory
for the LMB that is hotplugged.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:11 +10:00
Bharata B Rao
19a35c9e1b spapr: Provide better error message when slots exceed max allowed
Currently when user specifies more slots than allowed max of
SPAPR_MAX_RAM_SLOTS (32), we error out like this:

qemu-system-ppc64: unsupported amount of memory slots: 64

Let the user know about the max allowed slots like this:

qemu-system-ppc64: Specified number of memory slots 64 exceeds max supported 32

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:11 +10:00
Bharata B Rao
b556854bd8 spapr: Don't allow memory hotplug to memory less nodes
Currently PowerPC kernel doesn't allow hot-adding memory to memory-less
node, but instead will silently add the memory to the first node that has
some memory. This causes two unexpected behaviours for the user.

- Memory gets hotplugged to a different node than what the user specified.
- Since pc-dimm subsystem in QEMU still thinks that memory belongs to
  memory-less node, a reboot will set things accordingly and the previously
  hotplugged memory now ends in the right node. This appears as if some
  memory moved from one node to another.

So until kernel starts supporting memory hotplug to memory-less
nodes, just prevent such attempts upfront in QEMU.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:11 +10:00
Bharata B Rao
c20d332a85 spapr: Memory hotplug support
Make use of pc-dimm infrastructure to support memory hotplug
for PowerPC.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:10 +10:00
Bharata B Rao
ce881f774d spapr: Make hash table size a factor of maxram_size
The hash table size is dependent on ram_size, but since with hotplug
the memory can grow till maxram_size. Hence make hash table size dependent
on maxram_size.

This allows to hotplug huge amounts of memory to the guest.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:10 +10:00
Bharata B Rao
03d196b7c5 spapr: Support ibm,dynamic-reconfiguration-memory
Parse ibm,architecture.vec table obtained from the guest and enable
memory node configuration via ibm,dynamic-reconfiguration-memory if guest
supports it. This is in preparation to support memory hotplug for
sPAPR guests.

This changes the way memory node configuration is done. Currently all
memory nodes are built upfront. But after this patch, only memory@0 node
for RMA is built upfront. Guest kernel boots with just that and rest of
the memory nodes (via memory@XXX or ibm,dynamic-reconfiguration-memory)
are built when guest does ibm,client-architecture-support call.

Note: This patch needs a SLOF enhancement which is already part of
SLOF binary in QEMU.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:10 +10:00
David Gibson
224245bf52 spapr: Add LMB DR connectors
Enable memory hotplug for pseries 2.4 and add LMB DR connectors.
With memory hotplug, enforce RAM size, NUMA node memory size and maxmem
to be a multiple of SPAPR_MEMORY_BLOCK_SIZE (256M) since that's the
granularity in which LMBs are represented and hot-added.

LMB DR connectors will be used by the memory hotplug code.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
               [spapr_drc_reset implementation]
[since this missed the 2.4 cutoff, changing to only enable for 2.5]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:10 +10:00
Alexey Kardashevskiy
38b02bd846 spapr: Use QEMU limit for maximum CPUs number
sPAPR uses hard coded limit of maximum 255 supported CPUs which is
exactly the same as QEMU-wide limit which is MAX_CPUMASK_BITS and also
defined as 255.

This makes use of a global CPU number limit for the "pseries" machine.

In order to anticipate future increase of the MAX_CPUMASK_BITS
(or to help debugging large systems), this also bumps the FDT_MAX_SIZE
limit from 256K to 1M assuming that 1 CPU core needs roughly 512 bytes
in the device tree so the new limit can cover up to 2048 CPU cores.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:10 +10:00
David Gibson
94649d423e spapr: Don't use QOM [*] syntax for DR connectors.
The dynamic reconfiguration (hotplug) code for the pseries machine type
uses a "DR connector" QOM object for each resource it will be possible
to hotplug.  Each of these is added to its owner using
    object_property_add_child(owner, "dr-connector[*], ...);

That works ok, mostly, but it means that the property indices are
arbitrary, depending on the order in which the connectors are constructed.
That might line up to something useful, but it doesn't have to.

It will get worse once we add hotplug RAM support.  That will add a DR
connector object for every 256MB of potential memory.  So if maxmem=2T,
for example, there are 8192 objects under the same parent.

The QOM interfaces aren't really designed for this.  In particular
object_property_add() with [*] has O(n^2) time complexity (in the number of
existing children): first it has a linear search through array indices to
find a free slot, each of which is attempted to a recursive call to
object_property_add() with a specific [N].  Those calls are O(n) because
there's a linear search through all properties to check for duplicates.

By using a meaningful index value, which we already know is unique we can
avoid the [*] special behaviour.  That lets us reduce the total time for
creating the DR objects from O(n^3) to O(n^2).

O(n^2) is still kind of crappy, but it's enough to reduce the startup time
of qemu (with in-progress memory hotplug support) with maxmem=2T from ~20
minutes to ~4 seconds.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Cc: Bharata B Rao <bharata@linux.vnet.ibm.com>
Tested-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
2015-09-23 10:51:10 +10:00
Michael Roth
0cb688d22b spapr_drc: use RTAS return codes for methods called by RTAS
Certain methods in sPAPRDRConnector objects are only ever called by
RTAS and in many cases are responsible for the logic that determines
the RTAS return codes.

Rather than having a level of indirection requiring RTAS code to
re-interpret return values from such methods to determine the
appropriate return code, just pass them through directly.

This requires changing method return types to uint32_t to match the
type of values currently passed to RTAS helpers.

In the case of read accesses like drc->entity_sense() where we weren't
previously reporting any errors, just the read value, we modify the
function to return RTAS return code, and pass the read value back via
reference.

Suggested-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Suggested-by: David Gibson <david@gibson.dropbear.id.au>
Cc: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:10 +10:00
Bharata B Rao
4a1c9cf007 spapr: Initialize hotplug memory address space
Initialize a hotplug memory region under which all the hotplugged
memory is accommodated. Also enable memory hotplug by setting
CONFIG_MEM_HOTPLUG.

Modelled on i386 memory hotplug.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:10 +10:00
Michael Roth
9d1852ce11 spapr_drc: don't allow 'empty' DRCs to be unisolated or allocated
Logical resources start with allocation-state:UNUSABLE /
isolation-state:ISOLATED. During hotplug, guests will transition
them to allocation-state:USABLE, and then to
isolation-state:UNISOLATED.

For cases where we cannot transition to allocation-state:USABLE,
in this case due to no device/resource being association with
the logical DRC, we should return an error -3.

For physical DRCs, we default to allocation-state:USABLE and stay
there, so in this case we should report an error -3 when the guest
attempts to make the isolation-state:ISOLATED transition for a DRC
with no device associated.

These are as documented in PAPR 2.7, 13.5.3.4.

We also ensure allocation-state:USABLE when the guest attempts
transition to isolation-state:UNISOLATED to deal with misbehaving
guests attempting to bring online an unallocated logical resource.

This is as documented in PAPR 2.7, 13.7.

Currently we implement no such error logic. Fix this by handling
these error cases as PAPR defines.

Cc: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:10 +10:00
Michael Roth
a8ad731a00 spapr_pci: fix device tree props for MSI/MSI-X
PAPR requires ibm,req#msi and ibm,req#msi-x to be present in the
device node to define the number of msi/msi-x interrupts the device
supports, respectively.

Currently we have ibm,req#msi-x hardcoded to a non-sensical constant
that happens to be 2, and are missing ibm,req#msi entirely. The result
of that is that msi-x capable devices get limited to 2 msi-x
interrupts (which can impact performance), and msi-only devices likely
wouldn't work at all. Additionally, if devices expect a minimum that
exceeds 2, the guest driver may fail to load entirely.

SLOF still owns the generation of these properties at boot-time
(although other device properties have since been offloaded to QEMU),
but for hotplugged devices we rely on the values generated by QEMU
and thus hit the limitations above.

Fix this by generating these properties in QEMU as expected by guests.

In the future it may make sense to modify SLOF to pass through these
values directly as we do with other props since we're duplicating SLOF
code.

Cc: qemu-ppc@nongnu.org
Cc: qemu-stable@nongnu.org
Cc: David Gibson <david@gibson.dropbear.id.au>
Cc: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:10 +10:00
Alexey Kardashevskiy
ef9971dd69 spapr: Enable in-kernel H_SET_MODE handling
For setting debug watchpoints, sPAPR guests use H_SET_MODE hypercall.
The existing QEMU H_SET_MODE handler does not support this but
the KVM handler in HV KVM does. However it is not enabled.

This enables the in-kernel H_SET_MODE handler which handles:
- Completed Instruction Address Breakpoint Register
- Watch point 0 registers.

The rest is still handled in QEMU.

Reported-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:10 +10:00
David Gibson
22419c2a90 pseries: Fix incorrect calculation of threads per socket for chip-id
The device tree presented to pseries machine type guests includes an
ibm,chip-id property which gives essentially the socket number of each
vcpu core (individual vcpu threads don't get a node in the device
tree).

To calculate this, it uses a vcpus_per_socket variable computed as
(smp_cpus / #sockets).  This is correct for the usual case where
smp_cpus == smp_threads * smp_cores * #sockets.

However, you can start QEMU with the number of cores and threads
mismatching the total number of vcpus (whether that _should_ be
permitted is a topic for another day).  It's a bit hard to say what
the "real" number of vcpus per socket here is, but for most purposes
(smp_threads * smp_cores) will more meaningfully match how QEMU
behaves with respect to socket boundaries.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
2015-09-23 10:51:10 +10:00
Laurent Vivier
785652dc4d pseries: define coldplugged devices as "configured"
When a device is hotplugged, attach() sets "configured" to
false, waiting an action from the OS to configure it and then
to call ibm,configure-connector. On ibm,configure-connector,
the hypervisor sets "configured" to true.

In case of coldplugged device, attach() sets "configured" to
false, but firmware and OS never call the ibm,configure-connector
in this case, so it remains set to false.

It could be harmless, but when we unplug a device, hypervisor
waits the device becomes configured because for it, a not configured
device is a device being configured, so it waits the end of configuration
to unplug it... and it never happens, so it is never unplugged.

This patch set by default coldplugged device to "configured=true",
hotplugged device to "configured=false".

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:09 +10:00
Gavin Shan
a14aa92b20 sPAPR: Introduce rtas_ldq()
This introduces rtas_ldq() to load 64-bits parameter from continuous
two 4-bytes memory chunk of RTAS parameter buffer, to simplify the
code.

Signed-off-by: Gavin Shan <gwshan@linux.vnet.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:09 +10:00
Bharata B Rao
e6fc9568c8 spapr_rtas: Prevent QEMU crash during hotplug without a prior device_add
If drmgr is used in the guest to hotplug a device before a device_add
has been issued via the QEMU monitor, QEMU segfaults in configure_connector
call. This occurs due to accessing of NULL FDT which otherwise would have
been created and associated with the DRC during device_add command.

Check for NULL FDT and return failure from configure_connector call.
As per PAPR+, an error value of -9003 seems appropriate for this failure.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Cc: Michael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:09 +10:00
Thomas Huth
aaf87c6616 ppc/spapr: Use qemu_log_mask() for hcall_dprintf()
To see the output of the hcall_dprintf statements, you currently have
to enable the DEBUG_SPAPR_HCALLS macro in include/hw/ppc/spapr.h.
This is ugly because a) not every user who wants to debug guest
problems can or wants to recompile QEMU to be able to see such issues,
and b) since this macro is disabled by default, the code in the
hcall_dprintf() brackets tends to bitrot until somebody temporarily
enables that macro again.
Since the hcall_dprintf statements except one indicate guest
problems, let's always use qemu_log_mask(LOG_GUEST_ERROR, ...) for
this macro instead. One spot indicated an unimplemented host feature,
so this is changed into qemu_log_mask(LOG_UNIMP, ...) instead. Now
it's possible to see all those messages by simply adding the CLI
parameter "-d guest_errors,unimp", without the need to re-compile
the binary.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:09 +10:00
David Gibson
627c2ef789 spapr_drc: Fix potential undefined behaviour
The DRC_INDEX_ID_MASK macro does a left shift on ~0, which is a signed
quantity, and therefore undefined behaviour according to the C spec.  In
particular this causes warnings from the clang sanitizer.

This fixes it by calculating the same mask without using ~0 (I think the
new method is a more common idiom for generating masks anyway).  For good
measure I also use 1ULL to force the expression's type to unsigned long
long, which should be good for assigning to anything we're going to want
to.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
2015-09-23 10:51:09 +10:00
Andrew Jones
ad440b4ae0 spapr: add dumpdtb support
dumpdtb (-machine dumpdtb=<file>) allows one to inspect the generated
device tree of machine types that generate device trees. This is
useful for a) seeing what's there b) debugging/testing device tree
generator patches. It can be used as follows

$QEMU_CMDLINE -machine dumpdtb=dtb
dtc -I dtb -O dts dtb

Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:09 +10:00
Sam Bobroff
e39432282e spapr: SPLPAR Characteristics
Improve the SPLPAR Characteristics information:

    Add MaxPlatProcs: set to max_cpus, the maximum CPUs that could be
    addded to the system.
    Add DesMem: set to the initial memory of the system.
    Add DesProcs: set to smp_cpus, the inital number of CPUs in the
    system.

These tokens and values are specified by PAPR.

Signed-off-by: Sam Bobroff <sam.bobroff@au1.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:09 +10:00
Sam Bobroff
b359bd6a42 spapr: Make ibm, change-msi respect 3 return values
Currently, rtas_ibm_change_msi() always returns four values even if
less are specified.

Correct this by only returning the fourth parameter if it was
requested.

This is specified by PAPR.

Signed-off-by: Sam Bobroff <sam.bobroff@au1.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:09 +10:00
Sam Bobroff
a95f99224c spapr: Add /rtas/ibm,change-msix-capable
QEMU is MSI-X capable and makes it available via ibm,change-msi, so
we should indicate this by adding /rtas/ibm,change-msix-capable to the
device tree.

This is specificed by PAPR.

Signed-off-by: Sam Bobroff <sam.bobroff@au1.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:09 +10:00
Sam Bobroff
2c1aaa819a spapr: Add /ibm,partition-name
QEMU has a notion of the guest name, so if it's present we might as
well put that into the device tree as /ibm,partition-name.

This is specificed by PAPR.

Signed-off-by: Sam Bobroff <sam.bobroff@au1.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:51:09 +10:00
David Gibson
fb0fc8f62c spapr: Create pseries-2.5 machine
Add pseries-2.5 machine version.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
[Altered to merge before memory hotplug -- dwg]
[Altered to work with b9f072d01 -- dwg]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:50:24 +10:00
Bharata B Rao
613e7a7645 spapr: Provide an error message when migration fails due to htab_shift mismatch
Include an error message when migration fails due to mismatch in
htab_shift values at source and target. This should provide a bit more
verbose message in addition to the current migration failure message
that reads like:

qemu-system-ppc64: error while loading state for instance 0x0 of device 'spapr/htab'

After this patch, the failure message will look like this:

qemu-system-ppc64: htab_shift mismatch: source 29 target 24
qemu-system-ppc64: error while loading state for instance 0x0 of device 'spapr/htab'

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2015-09-23 10:43:23 +10:00
Rudolf Marek
e7f08320f0 PPC: e500 pci host: Fix ATMUs register reads
There is a bug in the register mask when reading
the ATMUs registers. As the result some registers
cannot be read, and read is aliased to the other
registers. Fix it.

Signed-off-by: Rudolf Marek <rudolf.marek@sysgo.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2015-09-20 22:48:39 +02:00
Mark Cave-Ayland
1cde732d88 mac_dbdma: always clear FLUSH bit once DBDMA channel flush is complete
The code to flush the DBDMA channel was effectively duplicated in
dbdma_control_write(), except for the fact that the copy executed outside of a
RUN bit transition was broken by not clearing the FLUSH bit once the flush was
complete.

Newer PPC Linux kernels would timeout waiting for the FLUSH bit to clear again
after submitting a FLUSH command. Fix this by always clearing the FLUSH bit
once the channel flush is complete and removing the repeated code.

Reported-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
2015-09-20 22:48:38 +02:00
Paolo Bonzini
116dc18db6 kvm_ppc: remove kvmppc_timer_hack
QEMU does have an I/O thread now, that can be interrupted at any time
because the VCPU thread runs outside the iothread mutex.

Therefore, the kvmppc_timer_hack is obsolete.  Remove it.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2015-09-20 22:48:38 +02:00
Andreas Färber
8a661aea0e Revert use of DEFINE_MACHINE() for registrations of multiple machines
The script used for converting from QEMUMachine had used one
DEFINE_MACHINE() per machine registered. In cases where multiple
machines are registered from one source file, avoid the excessive
generation of module init functions by reverting this unrolling.

Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:40:27 +02:00
Eduardo Habkost
e264d29de2 Use DEFINE_MACHINE() to register all machines
Convert all machines to use DEFINE_MACHINE() instead of QEMUMachine
automatically using a script.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
[AF: Style cleanups, convert imx25_pdk machine]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:40:15 +02:00
Eduardo Habkost
f309ae852c mac_world: Break long line
Coding style change only.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:40:09 +02:00
Eduardo Habkost
97c6671cf1 exynos4: Declare each QEMUMachine as a separate variable
This will make the code follow the same pattern used for other machines,
and will make it easier to automatically convert the code to be
QOM-based.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:39:55 +02:00
Eduardo Habkost
ca17776088 exynos4: Use MachineClass instead of exynos4_machines array
We don't need a QEMUMachine array to query max_cpus, if we can get the
corresponding MachineClass.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:39:44 +02:00
Eduardo Habkost
6aadcc7135 exynos4: Use EXYNOS4210_NCPUS instead of max_cpus on error message
The code is checking smp_cpus against EXYNOS4210_NCPUS, not against
max_cpus, so use EXYNOS4210_NCPUS in the error message for consistency.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:39:37 +02:00
Eduardo Habkost
98cec76a70 machine: Set MachineClass::name automatically
Now all TYPE_MACHINE subclasses use MACHINE_TYPE_NAME to generate the
class name. So instead of requiring each subclass to set
MachineClass::name manually, we can now set it automatically at the
TYPE_MACHINE class_base_init() function.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
[AF/ehabkost: Updated for s390-ccw machines]
[AF: Cleanup of intermediate virt and vexpress name handling]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:39:28 +02:00
Eduardo Habkost
dcb3d60111 machine: Ensure all TYPE_MACHINE subclasses have the right suffix
Now that all non-abstract TYPE_MACHINE subclasses have the -machine
suffix, add an assert to ensure this will be always true.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:39:19 +02:00
Eduardo Habkost
c0f365186b mac99: Use MACHINE_TYPE_NAME to encode class name
It will result in exactly the same class name, but it will make the code
consistent with the other classes.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:39:13 +02:00
Eduardo Habkost
af62e639fc s390: Rename s390-ccw-virtio-2.4 class name to use MACHINE_TYPE_NAME
Machine class names should use the "-machine" suffix to allow
class-name-based machine class lookup to work. Rename the
s390-ccw-virtio-2.4 machine class using the MACHINE_TYPE_NAME macro.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
[AF/ehabkost: Updated for 2.5 machine]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:39:05 +02:00
Eduardo Habkost
4c264d4b3d s390-virtio: Rename machine class name to use MACHINE_TYPE_NAME
Machine class names should use the "-machine" suffix to allow
class-name-based machine class lookup to work. Rename the s390-virtio
machine class using the MACHINE_TYPE_NAME macro.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:38:57 +02:00
Eduardo Habkost
b9f072d01f pseries: Rename machine class names to use MACHINE_TYPE_NAME
Machine class names should use the "-machine" suffix to allow
class-name-based machine class lookup to work. Rename the the pseries
machine classes using the MACHINE_TYPE_NAME macro.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:38:53 +02:00
Eduardo Habkost
64d3459c85 arm: Rename virt machine class to use MACHINE_TYPE_NAME
Machine class names should use the "-machine" suffix to allow
class-name-based machine class lookup to work. Rename the arm virt
machine class using the MACHINE_TYPE_NAME macro.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:38:49 +02:00
Eduardo Habkost
fc603d29e9 vexpress: Rename machine classes to use MACHINE_TYPE_NAME
Machine class names should use the "-machine" suffix to allow
class-name-based machine class lookup to work. Rename the vexpress
machine classes using the MACHINE_TYPE_NAME macro.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
[AF: Introduce VEXPRESS_*_MACHINE_NAME]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:38:44 +02:00
Eduardo Habkost
54477b07fb vexpress: Don't set name on abstract class
The MachineClass::name field won't be ever be used on TYPE_VEXPRESS, as
it is an abstract class and the machine class lookup code explicitly
skips abstract classes. We can remove it to make the code simpler.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 16:38:37 +02:00
Pavel Fedin
6c76b37742 qdev: Do not use slow [*] expansion for GPIO creation
Expansion of [*] suffix is very slow because index expansion is done using
trial and error strategy, starting every time from zero and retrying with
the next index until insertion succeeds. With large number of already added
properties this process takes huge amount of time (O(n^2) complexity).

Some architectures (like ARM) use very large amount of IRQ pins in interrupt
controller models. This flaw makes machine startup extremely slow
(~20 seconds for ARM64 with 32 CPUs). This patch decreases this time down to
~10 seconds.

Also in qdev_init_gpio_out_named() memset() is now called only once for the
whole array instead of per-cell cleaning

Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-09-19 08:10:12 +02:00
Peter Maydell
a53efe9c47 -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQIcBAABAgAGBQJV/Ca2AAoJEH3vgQaq/DkOcjoP/0lTqs2rD3xjP/anxJFhLLU2
 EcJiKh7hamVM18Yufdw2FkZK5KlCLSiosGn+6nViKnNho9C0xdCBfmEDDgS+bz5P
 eIcGjPecB+7fvYAtJt4Bm60l/UZWJ8mm5BaWByVwgR2YhJByN5QT/RSqmdamT9BU
 GfiwzknI1f6ovQPkTJVnbXTRcrgiBRJQR9eSpyJKhTTbAXvMTdBSoMrSvaoLRrKs
 ih85iPvxQvqWSR4RG1IS1voHTAbq3R7BBm+rSoLgJpvTtwg7COZ73FCT88knvP1j
 0ab9zcXElk0oLHg08n6zlWTgSpJMs9UMLsrPF24R4bdxqN7JkYXnXhym3uBs2E82
 AvRYuBD4Jix9pMrWTzpwiWLxXBmq56odRNP7zW/6b88JoC+iWCZ+MA/5RTRAJQSa
 thSvZiW3V4BbktW+2AtfhJuL8rmvM5+9IHV10Ic0Ik2I97h73BeeduanAn2OpbMi
 y9o3cs4FZ3nqWPsJaiTb0Sh63+QKgGZ1get9vWoCEwXxpSReAycAwk4g9gcYwo3Y
 hiM+kE42/mBl7QcmS9aFW4DvmpTVdUQOSjguQZHSX334Bv/GYPd4XYjb+hWLJDYc
 IXibCTl8x2B5WVFzNfpY1+++QsqKAojxMXJ3ICIe0HA1CFCCNGWAEHHhdzgJdFX9
 mlPs8xueKnd3+VfBMp/e
 =y9MO
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging

# gpg: Signature made Fri 18 Sep 2015 15:59:02 BST using RSA key ID AAFC390E
# gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>"

* remotes/jnsnow/tags/ide-pull-request:
  ahci: clean up initial d2h semantics
  ahci: remove cmd_fis argument from write_fis_d2h
  ahci: fix signature generation
  ahci: remove dead reset code
  atapi: abort transfers with 0 byte limits
  ide: fix ATAPI command permissions
  ide-test: add cdrom dma test
  ide-test: add cdrom pio test
  qtest/ahci: export generate_pattern
  qtest/ahci: use generate_pattern everywhere
  ide: unify io_buffer_offset increments

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-18 16:57:59 +01:00
John Snow
e47f9eb148 ahci: clean up initial d2h semantics
with write_fis_d2h and signature generation tidied up,
let's adjust the initial d2h semantics to make more sense.

The initial d2h is considered delivered if there is guest
memory to save it to.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1441140641-17631-5-git-send-email-jsnow@redhat.com
2015-09-18 10:58:56 -04:00
John Snow
28ee82557c ahci: remove cmd_fis argument from write_fis_d2h
It's no longer used. We used to generate a D2H FIS based
upon the command FIS that prompted the update, but in reality,
the D2H FIS is generated purely from register state.

cmd_fis is vestigial, so get rid of it.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1441140641-17631-4-git-send-email-jsnow@redhat.com
2015-09-18 10:58:56 -04:00
John Snow
33a983cb28 ahci: fix signature generation
The initial register device-to-host FIS no longer needs to specially
set certain fields, as these can be handled generically by setting those
fields explicitly with the signatures we want at port reset time.

(1) Signatures are decomposed into their four component registers and
    set upon (AHCI) port reset.
(2) the signature cache register is no longer set manually per-each
    device type, but instead just once during ahci_init_d2h.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1441140641-17631-3-git-send-email-jsnow@redhat.com
2015-09-18 10:58:56 -04:00
John Snow
f91a0aa374 ahci: remove dead reset code
This check is dead due to an earlier conditional.
AHCI does not currently support hotplugging, so
checks to see if devices are present or not are useless.

Remove it.

Reported-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1441140641-17631-2-git-send-email-jsnow@redhat.com
2015-09-18 10:58:56 -04:00
John Snow
9ef2e93f9b atapi: abort transfers with 0 byte limits
We're supposed to abort on transfers like this, unless we fill
Word 125 of our IDENTIFY data with a default transfer size, which
we don't currently do.

This is an ATA error, not a SCSI/ATAPI one.
See ATA8-ACS3 sections 7.17.6.49 or 7.21.5.

If we don't do this, QEMU will loop forever trying to transfer
zero bytes, which isn't particularly useful.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1442253685-23349-2-git-send-email-jsnow@redhat.com
2015-09-18 10:58:56 -04:00
John Snow
d9033e1d3a ide: fix ATAPI command permissions
We're a little too lenient with what we'll let an ATAPI drive handle.
Clamp down on the IDE command execution table to remove CD_OK permissions
from commands that are not and have never been ATAPI commands.

For ATAPI command validity, please see:
- ATA4 Section 6.5 ("PACKET Command feature set")
- ATA8/ACS Section 4.3 ("The PACKET feature set")
- ACS3 Section 4.3 ("The PACKET feature set")

ACS3 has a historical command validity table in Table B.4
("Historical Command Assignments") that can be referenced to find when
a command was introduced, deprecated, obsoleted, etc.

The only reference for ATAPI command validity is by checking that
version's PACKET feature set section.

ATAPI was introduced by T13 into ATA4, all commands retired prior to ATA4
therefore are assumed to have never been ATAPI commands.

Mandatory commands, as listed in ATA8-ACS3, are:

- DEVICE RESET
- EXECUTE DEVICE DIAGNOSTIC
- IDENTIFY DEVICE
- IDENTIFY PACKET DEVICE
- NOP
- PACKET
- READ SECTOR(S)
- SET FEATURES

Optional commands as listed in ATA8-ACS3, are:

- FLUSH CACHE
- READ LOG DMA EXT
- READ LOG EXT
- WRITE LOG DMA EXT
- WRITE LOG EXT

All other commands are illegal to send to an ATAPI device and should
be rejected by the device.

CD_OK removal justifications:

0x06 WIN_DSM              Defined in ACS2. Not valid for ATAPI.
0x21 WIN_READ_ONCE        Retired in ATA5. Not ATAPI in ATA4.
0x94 WIN_STANDBYNOW2      Retired in ATA4. Did not coexist with ATAPI.
0x95 WIN_IDLEIMMEDIATE2   Retired in ATA4. Did not coexist with ATAPI.
0x96 WIN_STANDBY2         Retired in ATA4. Did not coexist with ATAPI.
0x97 WIN_SETIDLE2         Retired in ATA4. Did not coexist with ATAPI.
0x98 WIN_CHECKPOWERMODE2  Retired in ATA4. Did not coexist with ATAPI.
0x99 WIN_SLEEPNOW2        Retired in ATA4. Did not coexist with ATAPI.
0xE0 WIN_STANDBYNOW1      Not part of ATAPI in ATA4, ACS or ACS3.
0xE1 WIN_IDLEIMMDIATE     Not part of ATAPI in ATA4, ACS or ACS3.
0xE2 WIN_STANDBY          Not part of ATAPI in ATA4, ACS or ACS3.
0xE3 WIN_SETIDLE1         Not part of ATAPI in ATA4, ACS or ACS3.
0xE4 WIN_CHECKPOWERMODE1  Not part of ATAPI in ATA4, ACS or ACS3.
0xE5 WIN_SLEEPNOW1        Not part of ATAPI in ATA4, ACS or ACS3.
0xF8 WIN_READ_NATIVE_MAX  Obsoleted in ACS3. Not ATAPI in ATA4 or ACS.

This patch fixes a divide by zero fault that can be caused by sending
the WIN_READ_NATIVE_MAX command to an ATAPI drive, which causes it to
attempt to use zeroed CHS values to perform sector arithmetic.

Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1441816082-21031-1-git-send-email-jsnow@redhat.com
CC: qemu-stable@nongnu.org
2015-09-18 10:58:56 -04:00
Peter Maydell
ffa4822c01 Error reporting patches
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJV/AbJAAoJEDhwtADrkYZTh0gQAKahvV67+cg6/8R/MesRQKu+
 NNQWPT0xXBZAVkZ8Dl/a5FuWM9qqMTFNaPgL+Vk4SMUEoi3PmTanVP1OMWq9lKtv
 mWuZTOdJeOc0M8TDuI3OKFVhwqHwugBvsf+e56ai3ofdbwT0ANMbhN/m8jpJuJ1r
 4c/sGsInBkSrh0aJwJ/LAknYkeRNwmJYh21KnDUulydhhHFRGGi5D5J9mZVk2KVJ
 icXieBhgwWU/kCecAwK/CsrZHqL4Cy2smO9ENQqdATH3or3lOl9jk3qmvK7IO47F
 bjJSIirVf8hNaBqYFA4asXfpwHNcrit91MGH20GgCZNZZj2egcerTS5er8p4dDO4
 Tmp7CFSXU68d+NOt1gSygr8lOw87RmXHMvi4p6OgA7VOy3bwYhmiGWmQ3M8zE49X
 RblTs5niWX5hDSvwr0aqDsD5c1GxIhxz+/zeW7PqrfXC3lzNzJGeWUt8TEOuWYok
 7AU4BV7/tMqmpJaB0R0JCMNRHxvF9u5j8aX7i1/nerRMAnXr8KAbTo+p/npUsOVz
 nB2Qn6W+BtOa9zCesKdu1C6x7UxVauOuyB+0u1fzEaFskNOuvfZM4IUxSQh4XsNQ
 YgmIKvtpRuGNxPmbpu/MukRQ8bjb9hF8rwKX0KbupM+KMkbfHxjByr+BtTpwMA8a
 FmzT7AP8gTLSZmaeV9Ke
 =QmVV
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2015-09-18' into staging

Error reporting patches

# gpg: Signature made Fri 18 Sep 2015 13:42:49 BST using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"

* remotes/armbru/tags/pull-error-2015-09-18:
  memory: Fix bad error handling in memory_region_init_ram_ptr()
  loader: Fix memory_region_init_resizeable_ram() error handling
  Fix bad error handling after memory_region_init_ram()
  error: New error_fatal
  MAINTAINERS: Add "Error reporting" entry
  error: Copy location information in error_copy()
  hmp: Allow for error message hints on HMP
  error: only prepend timestamp on stderr

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-18 14:41:53 +01:00
Markus Armbruster
df8abec8cb loader: Fix memory_region_init_resizeable_ram() error handling
Commit ef701d7 screwed up handling of out-of-memory conditions.
Before the commit, we report the error and exit(1), in one place.  The
commit lifts the error handling up the call chain some, to three
places.  Fine.  Except it uses &error_abort in these places, changing
the behavior from exit(1) to abort(), and thus undoing the work of
commit 3922825 "exec: Don't abort when we can't allocate guest
memory".

The previous commit fixed up uses of memory_region_init_ram().  One of
them was replaced by memory_region_init_resizeable_ram() [sic!] in
commit a166614, so Coccinelle missed it.  Fix it up.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1441983105-26376-4-git-send-email-armbru@redhat.com>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
2015-09-18 14:39:35 +02:00
Markus Armbruster
f8ed85ac99 Fix bad error handling after memory_region_init_ram()
Symptom:

    $ qemu-system-x86_64 -m 10000000
    Unexpected error in ram_block_add() at /work/armbru/qemu/exec.c:1456:
    upstream-qemu: cannot set up guest memory 'pc.ram': Cannot allocate memory
    Aborted (core dumped)

Root cause: commit ef701d7 screwed up handling of out-of-memory
conditions.  Before the commit, we report the error and exit(1), in
one place, ram_block_add().  The commit lifts the error handling up
the call chain some, to three places.  Fine.  Except it uses
&error_abort in these places, changing the behavior from exit(1) to
abort(), and thus undoing the work of commit 3922825 "exec: Don't
abort when we can't allocate guest memory".

The three places are:

* memory_region_init_ram()

  Commit 4994653 (right after commit ef701d7) lifted the error
  handling further, through memory_region_init_ram(), multiplying the
  incorrect use of &error_abort.  Later on, imitation of existing
  (bad) code may have created more.

* memory_region_init_ram_ptr()

  The &error_abort is still there.

* memory_region_init_rom_device()

  Doesn't need fixing, because commit 33e0eb5 (soon after commit
  ef701d7) lifted the error handling further, and in the process
  changed it from &error_abort to passing it up the call chain.
  Correct, because the callers are realize() methods.

Fix the error handling after memory_region_init_ram() with a
Coccinelle semantic patch:

    @r@
    expression mr, owner, name, size, err;
    position p;
    @@
            memory_region_init_ram(mr, owner, name, size,
    (
    -                              &error_abort
    +                              &error_fatal
    |
                                   err@p
    )
                                  );
    @script:python@
        p << r.p;
    @@
    print "%s:%s:%s" % (p[0].file, p[0].line, p[0].column)

When the last argument is &error_abort, it gets replaced by
&error_fatal.  This is the fix.

If the last argument is anything else, its position is reported.  This
lets us check the fix is complete.  Four positions get reported:

* ram_backend_memory_alloc()

  Error is passed up the call chain, ultimately through
  user_creatable_complete().  As far as I can tell, it's callers all
  handle the error sanely.

* fsl_imx25_realize(), fsl_imx31_realize(), dp8393x_realize()

  DeviceClass.realize() methods, errors handled sanely further up the
  call chain.

We're good.  Test case again behaves:

    $ qemu-system-x86_64 -m 10000000
    qemu-system-x86_64: cannot set up guest memory 'pc.ram': Cannot allocate memory
    [Exit 1 ]

The next commits will repair the rest of commit ef701d7's damage.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1441983105-26376-3-git-send-email-armbru@redhat.com>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
2015-09-18 14:39:29 +02:00
Leon Alrae
3adafef2f3 target-mips: fix corner case in TLBWR causing QEMU to hang
cpu_mips_get_random() function is used to generate a random index from
CP0.Wired to TLBSize-1 range. Current implementation avoids generating
the same as before value, hence the while loop. If the guest sets
CP0.Wired to TLBSize-1 (which actually does not sound to be very
practical) QEMU will get stuck in the loop infinitely as we always
generate the same index.

Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
2015-09-18 09:20:48 +01:00
Serge Vakulenko
ceb0ee147d pic32: use LCG algorithm for generated random index of TLBWR instruction
The LFSR algorithm, used for generating random TLB indexes for TLBWR
instruction, was inclined to produce a degenerate sequence in some cases.
For example, for 16-entry TLB size and Wired=1, it gives: 15, 6, 7, 2,
7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2...
When replaced with LCG algorithm from ISO/IEC 9899 standard, the sequence
looks much better, with about the same computational effort needed.

Signed-off-by: Serge Vakulenko <serge.vakulenko@gmail.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-09-18 09:20:48 +01:00
John Snow
aaeda4a3c9 ide: unify io_buffer_offset increments
IDEState's io_buffer_offset was originally added to keep track of offsets
in AHCI rather exclusively, but it was added to IDEState instead of an
AHCI-specific structure.

AHCI fakes all PIO transfers using DMA and a scatter-gather list. When
the core or atapi layers invoke HBA-specific mechanisms for transfers,
they do not always know that it is being backed by DMA or a sglist, so
this offset is not always updated by the HBA code everywhere.

If we modify it in dma_buf_commit, however, any HBA that needs to use
this offset to manage operating on only part of a sglist will have
access to it.

This will fix ATAPI PIO transfers performed through the AHCI HBA,
which were previously not modifying this value appropriately.

This will fix ATAPI PIO transfers larger than one sector.

Reported-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 1440546331-29087-2-git-send-email-jsnow@redhat.com
CC: qemu-stable@nongnu.org
2015-09-17 14:17:04 -04:00
Peter Maydell
cc450bfdc0 -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
 
 iQEcBAABAgAGBQJV+qd8AAoJEJykq7OBq3PI6wUIAKzR4WteJjo9qRApJvGtlxXW
 Rpt1RxmM9TaMrYCYxtSbnd3reSJfBR23ByQdwRi/iIko9CyylNJ+tIGrj5iOoRAq
 r7Fs/VK+C7AcaqEkyIgHeCbR4FpynJYPjPt1arv3MwFGh6xIEDXGj9IMC2T49WQR
 1DzW2OQa0q+lJtXVOfuTwQctw8QC/DLIGkCIbAiqfmucQpmMmbQUvuuk21R3KEnU
 HzhtJ87QMTq7cFL15ZQ/Ag8zATO6c827L23zO4GX1WMp0A/rvMybiLVbpT0U5MAO
 dObk7WzAWUy3/0edpOUUlMZpedfogpMTuCoO+H+slz+L1GqD1AuYqqjDI663SXw=
 =rCDA
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging

# gpg: Signature made Thu 17 Sep 2015 12:43:56 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/net-pull-request:
  net: smc91c111: flush packets on RCR register changes
  net: smc91c111: gate can_receive() on rx FIFO having a slot
  net: smc91c111: guard flush_queued_packets() on can_rx()
  MAINTAINERS: Stefan will not maintain net subsystem

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-17 13:07:50 +01:00
Peter Crosthwaite
271a234a23 net: smc91c111: flush packets on RCR register changes
The SOFT_RST or RXEN in the control register can be used as a condition
to unblock the net layer via can_receive(). So check for possible
flushes on RCR changes. This will drop all pending packets on soft
reset or disable which is the functional intent of the can_receive()
logic.

Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Tested-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Message-id: b114d4c96f4afbdaa15f1361d9c07e3021755915.1441873621.git.crosthwaite.peter@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-09-17 12:36:03 +01:00
Peter Crosthwaite
e62cb54cd5 net: smc91c111: gate can_receive() on rx FIFO having a slot
Return false from can_receive() when the FIFO doesn't have a free RX
slot. This fixes a bug in the current code where the allocated buffer
is freed before the fifo pop, triggering a premature flush of queued RX
packets. It also will handle a corner case, where the guest manually
frees the allocated buffer before popping the rx FIFO (hence it is not
enough to just delay the flush_queued_packets()).

Reported-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Tested-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Message-id: 97bfdfc5cbce0bd5e0cbbbff35ce7a1bf6f8603d.1441873621.git.crosthwaite.peter@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-09-17 12:36:03 +01:00
Peter Crosthwaite
8d06b14927 net: smc91c111: guard flush_queued_packets() on can_rx()
Check that the core can once again receive packets before asking the
net layer to do a flush. This will make it more convenient to flush
packets when adding new conditions to can_receive.

Add missing if braces while moving the can_receive() core code.

Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Tested-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Message-id: 92e15e12a6964274f4bc0eb71b61a7d94326f6c6.1441873621.git.crosthwaite.peter@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-09-17 12:36:03 +01:00
Peter Maydell
1c9f03b81c * Linux header update and cleanup
* Support for HyperV crash report
 * Cleanup of target-specific HMP commands
 * Multiarch batch
 * Checkpatch fix for Perl 5.22
 * NBD fix
 * Revert incorrect commit 5243722376
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQEcBAABCAAGBQJV+Y0VAAoJEL/70l94x66DppAH/393irRPGYJiZqClXDmPZymd
 Ilv+mKQIA+QSGiMaVoq0POWqvSa6oPOIOAK8BexhHDWPnxDSeAU9JzjrkwQILjD3
 A5kFsR1mhw/oV8aZCsE926SUoY90VH7QP2r0iGdur1VV9DG7CUE8q95umJuU1FCo
 hvGI2HjlAPvxSrO+Y5vu4ZNOa5XBiUoLodT0j+jNZfoNMx3irAqkJLPqTUuPT8np
 jBeu1MtMe3wNjDBm3WMVZwkNEZ3YtuhRkBeggXqDIl1Jm9lq4Eitk7rtETXm6yHz
 Vjp9uAF4en/72gXbELRXp+aWvESEABcouLZrdPV/yjOmQD2oTFC7sZrm1c5rZPw=
 =MkK8
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* Linux header update and cleanup
* Support for HyperV crash report
* Cleanup of target-specific HMP commands
* Multiarch batch
* Checkpatch fix for Perl 5.22
* NBD fix
* Revert incorrect commit 5243722376

# gpg: Signature made Wed 16 Sep 2015 16:39:01 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"

* remotes/bonzini/tags/for-upstream: (24 commits)
  nbd: release exp->blk after all clients are closed
  checkpatch: Escape left braces in regex
  monitor: uninclude cpu_ldst
  include/exec: Move cputlb exec.c defs out
  cputlb: Change tlb_set_dirty() arg to cpu
  cputlb: move CPU_LOOP() for tlb_reset() to exec.c
  translate: move real_host_page setting to -common
  tcg: Move tci_tb_ptr to -common
  tcg: split tcg_op_defs to -common
  translate-all: Move tcg_handle_interrupt() to -common
  cpu-exec: Migrate some generic fns to cpu-exec-common
  qemu-char: Use g_new() & friends where that makes obvious sense
  monitor: added generation of documentation for hmp-commands-info.hx
  hmp-commands.hx: fix end of table info
  monitor: remove target-specific code from monitor.c
  hmp-commands-info: move info_cmds content out of monitor.c
  i386/kvm: Hyper-v crash msrs set/get'ers and migration
  kvm: Add kvm system event crash handler
  cpu: Add crash_occurred flag into CPUState
  target-i386: move asm-x86/hyperv.h to standard-headers
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-16 18:06:54 +01:00
Paolo Bonzini
84090bbce9 pci: remove Link Training error from AER error list
The spec says:

    Undefined – The value read from this bit is
    undefined. In previous versions of this
    specification, this bit was used to indicate a Link
    Training Error. System software must ignore the
    value read from this bit. System software is
    permitted to write any value to this bit.

Do not allow injecting it.

Suggested-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-16 17:33:32 +02:00
P J P
737d2b3c41 net: avoid infinite loop when receiving packets(CVE-2015-5278)
Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
bytes to process network packets. While receiving packets
via ne2000_receive() routine, a local 'index' variable
could exceed the ring buffer size, leading to an infinite
loop situation.

Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: P J P <pjp@fedoraproject.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-09-15 12:51:14 +01:00
P J P
9bbdbc66e5 net: add checks to validate ring buffer pointers(CVE-2015-5279)
Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
bytes to process network packets. While receiving packets
via ne2000_receive() routine, a local 'index' variable
could exceed the ring buffer size, which could lead to a
memory buffer overflow. Added other checks at initialisation.

Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: P J P <pjp@fedoraproject.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-09-15 12:51:14 +01:00
P J P
b947ac2bf2 e1000: Avoid infinite loop in processing transmit descriptor (CVE-2015-6815)
While processing transmit descriptors, it could lead to an infinite
loop if 'bytes' was to become zero; Add a check to avoid it.

[The guest can force 'bytes' to 0 by setting the hdr_len and mss
descriptor fields to 0.
--Stefan]

Signed-off-by: P J P <pjp@fedoraproject.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 1441383666-6590-1-git-send-email-stefanha@redhat.com
2015-09-15 12:51:02 +01:00
Peter Maydell
a2aa09e181 * Support for jemalloc
* qemu_mutex_lock_iothread "No such process" fix
 * cutils: qemu_strto* wrappers
 * iohandler.c simplification
 * Many other fixes and misc patches.
 
 And some MTTCG work (with Emilio's fixes squashed):
 * Signal-free TCG kick
 * Removing spinlock in favor of QemuMutex
 * User-mode emulation multi-threading fixes/docs
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQEcBAABCAAGBQJV8Tk7AAoJEL/70l94x66Ds3QH/3bi0RRR2NtKIXAQrGo5tfuD
 NPMu1K5Hy+/26AC6mEVNRh4kh7dPH5E4NnDGbxet1+osvmpjxAjc2JrxEybhHD0j
 fkpzqynuBN6cA2Gu5GUNoKzxxTmi2RrEYigWDZqCftRXBeO2Hsr1etxJh9UoZw5H
 dgpU3j/n0Q8s08jUJ1o789knZI/ckwL4oXK4u2KhSC7ZTCWhJT7Qr7c0JmiKReaF
 JEYAsKkQhICVKRVmC8NxML8U58O8maBjQ62UN6nQpVaQd0Yo/6cstFTZsRrHMHL3
 7A2Tyg862cMvp+1DOX3Bk02yXA+nxnzLF8kUe0rYo6llqDBDStzqyn1j9R0qeqA=
 =nB06
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* Support for jemalloc
* qemu_mutex_lock_iothread "No such process" fix
* cutils: qemu_strto* wrappers
* iohandler.c simplification
* Many other fixes and misc patches.

And some MTTCG work (with Emilio's fixes squashed):
* Signal-free TCG kick
* Removing spinlock in favor of QemuMutex
* User-mode emulation multi-threading fixes/docs

# gpg: Signature made Thu 10 Sep 2015 09:03:07 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"

* remotes/bonzini/tags/for-upstream: (44 commits)
  cutils: work around platform differences in strto{l,ul,ll,ull}
  cpu-exec: fix lock hierarchy for user-mode emulation
  exec: make mmap_lock/mmap_unlock globally available
  tcg: comment on which functions have to be called with mmap_lock held
  tcg: add memory barriers in page_find_alloc accesses
  remove unused spinlock.
  replace spinlock by QemuMutex.
  cpus: remove tcg_halt_cond and tcg_cpu_thread globals
  cpus: protect work list with work_mutex
  scripts/dump-guest-memory.py: fix after RAMBlock change
  configure: Add support for jemalloc
  add macro file for coccinelle
  configure: factor out adding disas configure
  vhost-scsi: fix wrong vhost-scsi firmware path
  checkpatch: remove tests that are not relevant outside the kernel
  checkpatch: adapt some tests to QEMU
  CODING_STYLE: update mixed declaration rules
  qmp: Add example usage of strto*l() qemu wrapper
  cutils: Add qemu_strtoull() wrapper
  cutils: Add qemu_strtoll() wrapper
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-14 16:13:16 +01:00
Edgar E. Iglesias
6533a1fcc2 hw/cpu/{a15mpcore, a9mpcore}: Handle missing has_el3 CPU props gracefully
Handle missing CPU support for EL3 gracefully.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1442135278-25281-2-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-14 14:39:49 +01:00
Jean-Christophe Dubois
6abc7158cb i.MX: Add GPIO devices to i.MX25 SOC
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: 2eb129ba8713aedfe877eaa3d8de80061d880fbb.1441828793.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-14 14:39:49 +01:00
Jean-Christophe Dubois
dde0c4ca6b i.MX: Add GPIO devices to i.MX31 SOC
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: 60b67c9a8b948159f4b4163ead86fbf701c011c6.1441828793.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-14 14:39:49 +01:00
Jean-Christophe Dubois
f442728097 i.MX: Add GPIO device
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: 5ea3b0021e47cf7f7d883a7edbabee44980f3df7.1441828793.git.jcd@tribudubois.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-14 14:39:49 +01:00
Alistair Francis
24cfc8dc58 xlnx-zynqmp: Remove unnecessary brackets around error messages
The errp and err variable have unnecessary brackets around them,
so remove the brackets.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: 9900393572b63f2ec3d68785ca98193d81e0ac71.1441758563.git.alistair.francis@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-14 14:39:47 +01:00