Not that long ago, every device implementation using DMA directly
accessed guest memory using cpu_physical_memory_*(). This meant that
adding support for a guest visible IOMMU would require changing every
one of these devices to go through IOMMU translation.
Shortly before qemu 1.0, I made a start on fixing this by providing
helper functions for PCI DMA. These are currently just stubs which
call the direct access functions, but mean that an IOMMU can be
implemented in one place, rather than for every PCI device.
Clearly, this doesn't help for non PCI devices, which could also be
IOMMU translated on some platforms. It is also problematic for the
devices which have both PCI and non-PCI version (e.g. OHCI, AHCI) - we
cannot use the the pci_dma_*() functions, because they assume the
presence of a PCIDevice, but we don't want to have to check between
pci_dma_*() and cpu_physical_memory_*() every time we do a DMA in the
device code.
This patch makes the first step on addressing both these problems, by
introducing new (stub) dma helper functions which can be used for any
DMA capable device.
These dma functions take a DMAContext *, a new (currently empty)
variable describing the DMA address space in which the operation is to
take place. NULL indicates untranslated DMA directly into guest
physical address space. The intention is that in future non-NULL
values will given information about any necessary IOMMU translation.
DMA using devices must obtain a DMAContext (or, potentially, contexts)
from their bus or platform. For now this patch just converts the PCI
wrappers to be implemented in terms of the universal wrappers,
converting other drivers can take place over time.
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
Cc: Richard Henderson <rth@twiddle.net>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
A while back, we introduced the dma_addr_t type, which is supposed to
be used for bus visible memory addresses. At present, this is an
alias for target_phys_addr_t, but this will change when we eventually
add support for guest visible IOMMUs.
There are some instances of target_phys_addr_t in the code now which
should really be dma_addr_t, but can't be trivially converted due to
missing features which this patch corrects.
* We add DMA_ADDR_BITS analagous to TARGET_PHYS_ADDR_BITS. This is
important where we need to make a compile-time (#if) based on the
size of dma_addr_t.
* We add a new helper macro to create device properties which take a
dma_addr_t, currently an alias to DEFINE_PROP_TADDR().
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Commit ff71f2e8ca prevent the possible
crash during initialization of linux driver by checking the operating
mode.This seems too strict as:
- the real card could still work in mode other than normal
- some buggy driver who does not set correct opmode after eeprom
access
So, considering rx ring address were reset to zero (which could be
safely trated as an address not intened to DMA to), in order to
both letting old guest work and preventing the unexpected DMA to
guest, we can forbid packet receiving when rx ring address is zero.
Tested-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
QEMU now has a fundamental requirement for pthreads, so there
is no compelling reason to retain support for the non-threaded
VNC server. Remove the --{enable,disable}-vnc-thread configure
arguments, and all CONFIG_VNC_THREAD conditionals
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Commit ec5b06d (configure: ensure directory exists when creating symlinks)
moved the creation of directories into the symlink() function but forgot
the case where no symlink is created.
This leads to build errors on arm Linux due to -I../linux-headers.
Unbreak the build on arm Linux by reverting part of that commit.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Now we create object files in a hierarchy under hw/, so the
'clean' target must also be updated to delete those object files.
Rather than using a manual list of subdirectories which will
easily drift out of date, we just delete all .o and .d files
in the target directory hierarchy.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
From Markus:
Makes "make check" hang:
QTEST_QEMU_BINARY=x86_64-softmmu/qemu-system-x86_64 gtester -k --verbose -m=quick tests/crash-test tests/rtc-test
TEST: tests/crash-test... (pid=972)
qemu-system-x86_64: Device needs media, but drive is empty
[Nothing happens, wait a while, then hit ^C]
make: *** [check-qtest-x86_64] Interrupt
This was due to the fact that we weren't checked for errors when
reading from the QMP socket. This patch adds appropriate error
checking.
Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
From Markus:
Before:
$ qemu-system-x86_64 -display none -drive if=ide
qemu-system-x86_64: Device needs media, but drive is empty
qemu-system-x86_64: Initialization of device ide-hd failed
[Exit 1 ]
After:
$ qemu-system-x86_64 -display none -drive if=ide
qemu-system-x86_64: Device needs media, but drive is empty
Segmentation fault (core dumped)
[Exit 139 (SIGSEGV)]
This error always existed as qdev_init() frees the object. But QOM
goes a bit further and purposefully sets the class pointer to NULL to
help find use-after-free. It worked :-)
Cc: Andreas Faerber <afaerber@suse.de>
Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* stefanha/trivial-patches:
tci: Support INDEX_op_bswap64_i64
target-i386: Use QEMU instead of Qemu
Makefile.hw: avoid overly large 'make clean' rm command
configure: Fix typo
arm_gic: Send dbg msgs to stderr not stdout
checkpatch: Add QEMU specific rule
qemu-config: Use QEMU instead of Qemu
libqtest: Fix socket_accept() to pass address_len
Makefile.user: Define CONFIG_USER_ONLY for libuser/
Makefile: Remove macro qapi-dir
Makefile: Remove BUILD_DIR from qapi-dir
Install 'bepo' keymap already included in Qemu source
* kraxel/usb.54:
uhci: fix uhci_async_cancel_all
usb-host: live migration support
usb-host: attach only to running guest
ehci: tracing improvements
usb: restore USBDevice->attached on vmload
ehci: add live migration support
This fixes a compiler error when QEMU was configured with --enable-debug.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
If tci_out_label is called in the context of tcg_gen_code_search_pc, we
could be overwriting an already patched relocation with zero -- and not
repatch it because the set_label is past search_pc, causing a QEMU crash
when it tries to branch to a zero label.
Not writing anything to the relocation area seems to be in line with what
other backends do from the couple I looked at (x86, ppc).
Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Commit dcff25f2cd removed too many *.d
files. The directories fpu/ and tcg/ still don't use the recursive
subdir rules.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The new inline function qemu_log_vprintf should use this attribute.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* 'ppc-for-upstream' of git://repo.or.cz/qemu/agraf: (72 commits)
PPC: BookE206: Bump MAS2 to 64bit
PPC: BookE: Support 32 and 64 bit wide MAS2
PPC: Extract SPR dump generation into its own function
PPC: Add e5500 CPU target
PPC: BookE: Make ivpr selectable by CPU type
PPC: BookE: Implement EPR SPR
PPC: Add support for MSR_CM
PPC: Add some booke SPR defines
uImage: increase the gzip load size
PPC: e500: allow users to set the /compatible property via -machine
dt: make setprop argument static
PPC: e500: Refactor serial dt generation
dt: Add global option to set phandle start offset
PPC: e500: Extend address/size of / to 64bit
PPC: e500: Define addresses as always 64bit
PPC: e500: Use new SOC dt format
PPC: e500: Use new MPIC dt format
Revert "dt: temporarily disable subtree creation failure check"
PPC: e500: enable manual loading of dtb blob
PPC: e500: dt: use target_phys_addr_t for ramsize
...
* 's390-for-upstream' of git://repo.or.cz/qemu/agraf:
s390: stop target cpu on sigp initial reset
s390: make kvm_stat work on s390
kvm: Update kernel headers
s390x: fix s390 virtio aliases
* 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm:
arm_boot: Conditionalised DTB command line update
cadence_ttc: changed master clock frequency
cadence_gem: avoid stack-writing buffer-overrun
hw/a9mpcore: Fix compilation failure if physaddrs are 64 bit
hw/omap.h: Drop broken MEM_VERBOSE tracing
hw/armv7m_nvic: Make the NVIC a freestanding class
hw/arm_gic: Move CPU interface memory region setup into arm_gic_init
hw/arm_gic.c: Make NVIC interrupt numbering a runtime setting
hw/arm_gic: Make CPU target registers RAZ/WI on uniprocessor
hw/arm_gic: Add qdev property for GIC revision
hw/armv7m_nvic: Use MemoryRegions for NVIC specific registers
hw/arm_gic: Move NVIC specific reset to armv7m_nvic_reset
hw/arm_gic: Remove the special casing of NCPU for the NVIC
hw/arm_gic: Remove NVIC ifdefs from gic_state struct
arm_boot: Fix typos in comment
ARM: Exynos4210 IRQ: Introduce new IRQ gate functionality.
On 64bit capable systems, MAS2 can actually hold a 64bit virtual page
address. So increase the mask for its EPN.
Signed-off-by: Alexander Graf <agraf@suse.de>
The MAS registers on BookE are all 32 bit wide, except for MAS2, which
can hold up to 64 bit on 64 bit capable CPUs. Reflect this in the SPR
setting code, so that the guest can never write invalid values in them.
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch moves the debug #ifdef'ed SPR trace generation into its
own function, so we can call it from multiple places.
Signed-off-by: Alexander Graf <agraf@suse.de>
IVPR can either hold 32 or 64 bit addresses, depending on the CPU type. Let
the CPU initialization function pass in its mask itself, so we can easily
extend it.
Signed-off-by: Alexander Graf <agraf@suse.de>
On the e500 series, accessing SPR_EPR magically turns into an access at
that CPU's IACK register on the MPIC. Implement that logic to get kernels
that make use of that feature work.
Signed-off-by: Alexander Graf <agraf@suse.de>
The BookE variant of MSR_SF is MSR_CM. Implement everything it takes in TCG to
support running 64bit code with MSR_CM set.
Signed-off-by: Alexander Graf <agraf@suse.de>
The number of SPRs avaiable in different PowerPC chip is still increasing. Add
definitions for the MAS7_MAS3 SPR and all currently known bits in EPCR.
Signed-off-by: Alexander Graf <agraf@suse.de>
Recent u-boot has different defines for its gzip extract buffer, but the
common ground seems to be 64MB. So let's bump it up to that, enabling me
to load my test image again ;).
Signed-off-by: Alexander Graf <agraf@suse.de>
Device trees usually have a node /compatible, which indicate which machine
type we're looking at. For quick prototyping, it can be very useful to change
the contents of that node via the command line.
Thus, introduce a new option to -machine called dt_compatible, which when
set changes the /compatible contents to its value.
Signed-off-by: Alexander Graf <agraf@suse.de>
Whatever we pass in to qemu_devtree_setprop to put into the device tree
will not get modified by that function, so it can easily be declared const.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@petalogix.com>
When generating serial port device tree nodes, we duplicate quite a bit
of code, because there are 2 of them in the mpc8544ds board we emulate.
Shove the generating code into a function, so we duplicate less code.
Signed-off-by: Alexander Graf <agraf@suse.de>
If anyone outside of QEMU wants to mess with a QEMU generated device tree,
he needs to know which range phandles are valid in. So let's expose a
machine option that an external program can use to set the start allocate
id for phandles in QEMU.
Signed-off-by: Alexander Graf <agraf@suse.de>
We want to be able to support >= 4GB of RAM. To do so, we need to be able
to tell the guest OS how much RAM it has.
However, that information today is capped to 32bit. So let's extend the
offset and size fields to 64bit, so we can fit in big addresses and even
one day - if we wish to do so - map devices above 32bit.
Signed-off-by: Alexander Graf <agraf@suse.de>
Every time we use an address constant, it needs to potentially fit into
a 64bit physical address space. So let's define things accordingly.
Signed-off-by: Alexander Graf <agraf@suse.de>
Due to popular demand, let's clean up the soc node a bit and use
more recent dt notions.
Requested-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Due to popular demand, we're updating the way we generate the MPIC
node and interrupt lines based on what the current state of art is.
Requested-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This reverts commit "dt: temporarily disable subtree creation
failure check" which was meant as a temporary solution to keep
external and dynamic device tree construction intact.
Now that we switched to fully dynamic dt construction, it's no
longer necessary.
Signed-off-by: Alexander Graf <agraf@suse.de>
We want to be able to override the automatically created device tree
by using the -dtb option. Implement this for the mpc8544ds machine.
Signed-off-by: Alexander Graf <agraf@suse.de>
We're passing the ram size as uint32_t, capping it to 32 bits atm.
Change to target_phys_addr_t (uint64_t) to make sure we have all
the bits.
Signed-off-by: Alexander Graf <agraf@suse.de>
We have a nice 64bit helper to ease the device tree generation and
make the code more readable when creating 64bit 2-cell parameters.
Use it when generating the device tree.
Signed-off-by: Alexander Graf <agraf@suse.de>
Now that we are dynamically creating the dtb, it's really useful to
be able to dump the created blob for debugging.
This patch implements a -machine dumpdtb=<file> option for e500 that
dumps the dtb exactly in the form the guest would get it to disk. It
can then be analyzed by dtc to get information about the guest
configuration.
Signed-off-by: Alexander Graf <agraf@suse.de>
Now that all of the device tree bits are generated during runtime, we
can get rid of the device tree blob and instead start from scratch with
an empty device tree.
Signed-off-by: Alexander Graf <agraf@suse.de>