Many of these should be cleaned up with proper qdev-/QOM-ification.
Right now there are many catch-all headers in include/hw/ARCH depending
on cpu.h, and this makes it necessary to compile these files per-target.
However, fixing this does not belong in these patches.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* 'arm-devs.next' of git://git.linaro.org/people/pmaydell/qemu-arm:
hw/nand.c: Fix nand erase operation
cadence_uart: Flush queued characters on reset
pl330: Don't inhibit ES bits on INTEN
pflash_cfi01: Implement migration support
pflash_cfi01: Drop unused 'bypass' field
hw/arm_gic_common: Use vmstate struct rather than save/load functions
arm_gic: Fix sizes of state fields in preparation for vmstate support
vmstate: Add support for two dimensional arrays
hw/onenand.c: fix migration of dynamically allocated buffer "otp"
hw/sd.c: fix migration of dynamically allocated buffer "buf"
vmstate.h: introduce VMSTATE_BUFFER_POINTER_UNSAFE macro
hw/arm_mptimer: Save the timer state
pl050: Don't send always-constant is_mouse field
hw/arm/nseries: don't print to stdout or stderr
# By Peter Crosthwaite (2) and others
# Via Stefan Hajnoczi
* stefanha/trivial-patches:
xilinx_zynq: Cleanup ssi_create_slave
petalogix_ml605_mmu: Cleanup ssi_create_slave()
target-s390: Fix SRNMT
linux-user: Don't omit comma for strace of rt_sigaction()
test-visitor-serialization: Fix some memory leaks
# By Alex Bligh (2) and Felipe Franciosi (2)
# Via Stefano Stabellini
* sstabellini/xen-2013-04-05:
Allow xen guests to plug disks of 1 TiB or more
Introduce 64 bit integer write interface to xenstore
Xen PV backend: Disable use of O_DIRECT by default as it results in crashes.
Xen PV backend: Move call to bdrv_new from blk_init to blk_connect
usb-storage takes care to fetch the USB serial number from -drive
options, but it neglected to pass its own 'serial' property to the
scsi-disk it creates. With this patch, the 'serial' qdev property and
the 'serial' option in -drive behave the same and correctly apply the
serial number on both USB and SCSI level.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Usually, nand erase operation has only 2 or 3 address cycles.
We need to mask s->addr to zero unset stale high-order bytes in the nand address
before using it as the erase address.
This fixes the NAND erase operation in Linux.
[PC: Generalised to work for any number of address cycles rather than just 3]
Signed-off-by: Wendy Liang <jliang@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1364967188-26711-1-git-send-email-peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reset can be used to empty the rx-fifo. As the fifo full condition is
used to return false from can_receive, queued rx data should be flushed
on reset accordingly.
Cc: Wendy Liang <jliang@xilinx.com>
Cc: Jason Wu <huanyu@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reported-by: Jason Wu <huanyu@xilinx.com>
Message-id: 494c1e005e225c915d295ddfd75d992ad2dabc3c.1364964526.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This if-else logic inhibits setting of the event status (ES) bits
when interrupts are enabled. This is incorrect. ES should be set
regardless on INTEN state. INTEN only inhibits the signalling of
events to PL330 threads, not setting of the ES register.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The current xen backend driver implementation uses int64_t variables
to store the size of the corresponding backend disk/file. It also uses
an int64_t variable to store the block size of that image. When writing
the number of sectors (file_size/block_size) to xenstore, however, it
passes these values as 32 bit signed integers. This will cause an
overflow for any disk of 1 TiB or more.
This patch changes the xen backend driver to use a 64 bit integer write
xenstore function.
Signed-off-by: Felipe Franciosi <felipe@paradoxo.org>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
The current implementation of xen_backend only provides 32 bit integer
functions to write to xenstore. This patch adds two functions that
allow writing 64 bit integers (one generic function and another for
the backend only).
This patch also fixes the size of the char arrays used to represent
these integers as strings (originally 32 bytes, however no more than
12 bytes are needed for 32 bit integers and no more than 21 bytes are
needed for 64 bit integers).
Signed-off-by: Felipe Franciosi <felipe@paradoxo.org>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Due to what is almost certainly a kernel bug, writes with O_DIRECT may
continue to reference the page after the write has been marked as
completed, particularly in the case of TCP retransmit. In other
scenarios, this "merely" risks data corruption on the write, but with
Xen pages from domU are only transiently mapped into dom0's memory,
resulting in kernel panics when they are subsequently accessed.
This brings PV devices in line with emulated devices. Removing
O_DIRECT is safe as barrier operations are now correctly passed
through.
See:
http://lists.xen.org/archives/html/xen-devel/2012-12/msg01154.html
for more details.
Signed-off-by: Alex Bligh <alex@alex.org.uk>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
This commit delays the point at which bdrv_new (and hence blk_open
on the underlying device) is called from blk_init to blk_connect.
This ensures that in an inbound live migrate, the block device is
not opened until it has been closed at the other end. This is in
preparation for supporting devices with open/close consistency
without using O_DIRECT. This commit does NOT itself change O_DIRECT
semantics.
Signed-off-by: Alex Bligh <alex@alex.org.uk>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
For pflash_cfi01 the 'bypass' field is set to zero and never changes,
so remove it (it is a leftover from pflash_cfi02, where bypass is
implemented).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1363717469-30980-2-git-send-email-peter.maydell@linaro.org
Update the GIC save/restore to use vmstate rather than hand-rolled
save/load functions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mitsyanko <i.mitsyanko@gmail.com>
Message-id: 1363975375-3166-4-git-send-email-peter.maydell@linaro.org
In preparation for switching to vmstate for migration support, fix
the sizes of various GIC state fields. In particular, we replace all
the bitfields (which VMState can't deal with) with straightforward
uint8_t values which we do bit operations on. (The bitfields made
more sense when NCPU was set differently in different situations,
but we now always model at the architectural limit of 8.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mitsyanko <i.mitsyanko@gmail.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1363975375-3166-3-git-send-email-peter.maydell@linaro.org
VMSTATE_BUFFER_UNSAFE should be used for buffers inlined in device state, not
for buffers allocated dynamically. Change to VMSTATE_BUFFER_POINTER_UNSAFE macro,
which will do migration right.
Signed-off-by: Igor Mitsyanko <i.mitsyanko@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1362923278-4080-4-git-send-email-i.mitsyanko@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
VMSTATE_BUFFER_UNSAFE should be used for buffers inlined in device state, not
for buffers allocated dynamically. Change to VMSTATE_BUFFER_POINTER_UNSAFE macro,
which will do migration right.
Signed-off-by: Igor Mitsyanko <i.mitsyanko@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Michael Walle <michael@walle.cc>
Message-id: 1362923278-4080-3-git-send-email-i.mitsyanko@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add a missing VMSTATE_TIMER() entry to the arm_mptimer vmstate
description; this omission meant that we would probably hang on reload
when the timer failed to fire.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1363967348-3044-1-git-send-email-peter.maydell@linaro.org
The is_mouse field of the pl050 state structure is constant (it tracks
whether this is a 'pl050_keyboard' or 'pl050_mouse'), so there's
no need to include it in the VMState structure.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1363628480-29306-1-git-send-email-peter.maydell@linaro.org
Remove various bits of printing to stdout or stderr from the
nseries code, replacing it with a qemu log message where there's
an appropriate log category, and just dropping the output for
some of the more debug-like printing.
In particular, this will get rid of the 'mipid_reset' message
you currently get from 'make check'.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1363368565-24546-1-git-send-email-peter.maydell@linaro.org
With the recent m25p80 cleanup there is no need to use
ssi_create_slave_no_init() anymore. Just use ssi_create_slave().
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
With the recent m25p80 cleanup there is no need to use
ssi_create_slave_no_init() anymore. Just use ssi_create_slave().
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
A common dependency of the constant's current users:
- hw/apic_common.c
- hw/i386/kvmvapic.c
- target-i386/cpu.c
is "target-i386/cpu.h".
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1363821803-3380-9-git-send-email-lersek@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The new function acpi_table_install() installs any blob the caller passes
in. In the next patches this function will be promoted from helper role to
extern.
Reimplementing the logic should make it easier to understand. It also
removes a buffer overflow when
has_header &&
cumulative_file_size < ACPI_TABLE_HDR_SIZE - ACPI_TABLE_PFX_SIZE
(In that case the g_realloc() call in the read() loop used to shrink the
"acpi_tables" array, causing an out-of-bounds read access when copying the
header out of "acpi_tables".)
The new code isn't more daring alignment-wise than its predecessor:
"acpi_table_header" is packed, and the uint32_t fields are at offsets 6,
26, and 34.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1363821803-3380-7-git-send-email-lersek@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
As one consequence, strtok() -- which modifies its argument -- is replaced
with g_strsplit().
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1363821803-3380-6-git-send-email-lersek@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The upcoming changes will need a cleanup section at the end of the
function, plus OptsVisitor reports errors via Error. For now keep
channeling any Errors to stderr.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1363821803-3380-4-git-send-email-lersek@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The data is binary, not textual.
Also, acpi_table_add() abuses the "char *f" pointer -- which normally
points to file names to load -- to poke into the table. Introduce "char
unsigned *table_start" for that purpose.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1363821803-3380-3-git-send-email-lersek@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Alberto Garcia <agarcia@igalia.com>
Message-id: 1364412581-3672-4-git-send-email-hdegoede@redhat.com
Cc: Alberto Garcia <agarcia@igalia.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
chardev-frontends need to explictly check, increase and decrement the
avail_connections "property" of the chardev when they are not using a
qdev-chardev-property for the chardev.
This fixes things like:
qemu-kvm -chardev stdio,id=foo -device isa-serial,chardev=foo \
-mon chardev=foo
Working, where they should fail. Most of the changes here are due to
old hardware emulation code which is using serial_hds directly rather then
a qdev-chardev-property.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Message-id: 1364412581-3672-3-git-send-email-hdegoede@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Add qemu_chr_fe_claim / _release helper functions for properly dealing with
avail_connections.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Message-id: 1364412581-3672-2-git-send-email-hdegoede@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When the conditions blocking receiving are cleared, check for buffered rx
packets.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
While investigating why a 32 bit Windows 2003 guest wasn't able to
successfully perform a shutdown /h, it was discovered that commit
afafe4bbe0 inadvertently dropped the
initialization of the s4_val used to handle s4 shutdown.
Initialize the value as before.
Signed-off-by: Bruce Rogers <brogers@suse.com>
Message-id: 1364928100-487-1-git-send-email-brogers@suse.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Gcc report "hw/vmxnet3.c:972: error: ‘rx_ridx’ may be used
uninitialized in this function", so fix it.
Signed-off-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Message-id: 1364264646-27542-1-git-send-email-xiawenc@linux.vnet.ibm.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Guests may leave devices in a low power state at reboot, but we expect
devices to be woken up for the next boot. Make this happen.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Often when debugging it's useful to be able to disable bypass paths
so no interactions with the device are missed. Add some extra debug
options to do this. Also add device info on read/write BAR accesses,
which is useful when debugging more than one assigned device. A
couple DPRINTFs also had redundant "vfio:" prefixes.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Graphics cards have a number of different backdoors. Some of these
are alternative ways to get PCI BAR addresses, some of them are
complete mirrors of PCI config space available through MMIO and
I/O port access. These quirks cover a number of ATI Radeon and
Nvidia devices. On the ATI/AMD side, this should enable HD5450
and HD7850 and hopefully a host of devices around those generations.
For Nvidia, my card selection is much more dated. A 8400gs works
well with both the Window shipped driver and the Nvidia downloaded
driver. A 7300le works as well, with the caveat that generating
the Window experience index with the Nvidia driver causes the card
to reset several times before generating a BSOD. An NVS 290 card
seems to run well with the shipped Windows driver, but generates
a BSOD with the Nvidia driver. All of the Nvidia devices work with
the Linux Nvidia proprietary driver and nouveau, the HD5450 works
with either radeon or fglrx, HD7850 works with vesa and fglrx (not
supported by radeon). Extremely limited 3D testing.
Device reset is also an issue with graphics. It's unfortunately
very common that the devices offer no means to reset the card or
doesn't seem effective. Nvidia devices are pretty good about being
able to get the device to a working state through the VGA BIOS init,
Radeon devices less so, and often require a host reboot. Work
remains to be done here.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Most VGA cards need some kind of quirk to fully operate since they
hide backdoors to get to other registers outside of PCI config space
within the registers, but this provides the base infrastructure. If
we could identity map PCI resources for assigned devices we would need
a lot fewer quirks.
To enable this, use a kernel side vfio-pci driver that incorporates
VGA support (v3.9), and use the -vga none option and add the x-vga=on
option for the vfio-pci device. The "x-" denotes this as an
experimental feature. You may also need to use a cached copy of the
VGA BIOS for your device, passing it to vfio-pci using the romfile=
option.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Windows seems to pay particular interest to the PCIe header type of
devices and will fail to load drivers if we attach Endpoint devices or
Legacy Endpoint devices to the Root Complex. We can use
pci_bus_is_express and pci_bus_is_root to determine the bus type and
mangle the type appropriately:
* Legacy PCI
* No change, capability is unmodified for compatibility.
* PCI Express
* Integrated Root Complex Endpoint -> Endpoint
* PCI Express Root Complex
* Endpoint -> Integrated Root Complex Endpoint
* Legacy Endpoint -> none, capability hidden
We also take this opportunity to explicitly limit supported devices
to Endpoints, Legacy Endpoints, and Root Complex Integrated Endpoints.
We don't currently have support for other types and users often cause
themselves problems by assigning them.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Kernel-side vfio virtualizes all of config space, but some parts are
unique to Qemu. For instance we may or may not expose the ROM BAR,
Qemu manages MSI/MSIX, and Qemu manages the multi-function bit so that
single function devices can appear as multi-function and vica versa.
Generalize this into a bitmap of Qemu emulated bits.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
# By Dunrong Huang (1) and others
# Via Stefan Hajnoczi
* stefanha/trivial-patches:
hw/tcx: Remove unused 'addr' field and the property that sets it
hw/i386/pc: format load_linux function
configure: show debug-info option in --help output
