qemu.git
7 years agoqapi: add new schema file qapi-event.json
Wenchao Xia [Wed, 18 Jun 2014 06:43:32 +0000 (08:43 +0200)] 
qapi: add new schema file qapi-event.json

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agomonitor: add an implemention of qapi event emit method
Wenchao Xia [Wed, 18 Jun 2014 06:43:31 +0000 (08:43 +0200)] 
monitor: add an implemention of qapi event emit method

The monitor is now hooked on the new event mechanism, so that later
patches can convert event callers one by one. Most code are copied from
old monitor_protocol_* functions with some modification.

Note that two build time warnings will be raised after this patch. One is
caused by no caller of monitor_qapi_event_throttle(), the other one is
caused by QAPI_EVENT_MAX = 0. They will be fixed automatically after
full event conversion later.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agoqapi: adjust existing defines
Wenchao Xia [Wed, 18 Jun 2014 06:43:30 +0000 (08:43 +0200)] 
qapi: adjust existing defines

In order to let event defines use existing types later, instead of
redefine new ones, some old type defines for spice and vnc are changed,
and BlockErrorAction is moved from block.h to qapi schema. Note that
BlockErrorAction is not merged with BlockdevOnError.

At this point, VncInfo is not made a child of VncBasicInfo, because
VncBasicInfo has mandatory fields where VncInfo makes them optional.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agotest: add test cases for qapi event
Wenchao Xia [Wed, 18 Jun 2014 06:43:29 +0000 (08:43 +0200)] 
test: add test cases for qapi event

These cases will verify whether the expected qdict is built.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agoqapi script: add event support
Wenchao Xia [Wed, 18 Jun 2014 06:43:28 +0000 (08:43 +0200)] 
qapi script: add event support

qapi-event.py will parse the schema and generate qapi-event.c, then
the API in qapi-event.c can be used to handle events in qemu code.
All API have prefix "qapi_event".

The script mainly includes two parts: generate API for each event
define, generate an enum type for all defined events.

Since in some cases the real emit behavior may change, for example,
qemu-img would not send a event, a callback layer is used to
control the behavior. As a result, the stubs at compile time
can be saved, the binding of block layer code and monitor code
will become looser.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agoqapi: add event helper functions
Wenchao Xia [Wed, 18 Jun 2014 06:43:27 +0000 (08:43 +0200)] 
qapi: add event helper functions

This file holds some functions that do not need to be generated.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agoqapi: Add includes from qapi/ as dependencies
Max Reitz [Wed, 18 Jun 2014 06:43:26 +0000 (08:43 +0200)] 
qapi: Add includes from qapi/ as dependencies

qapi-schema.json has been split into three smaller JSON files in qapi/.
Add them as dependencies for the code generation in the Makefile, so
changes to them will result in a rebuilt of all QAPI-dependent code.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agoos-posix: include sys/time.h
Wenchao Xia [Wed, 18 Jun 2014 06:43:25 +0000 (08:43 +0200)] 
os-posix: include sys/time.h

Since gettimeofday() is used in this header file as a macro define,
include the function's define header file, to avoid compile warning
when other file include os-posix.h.

Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agojson-lexer: fix escaped backslash in single-quoted string
Paolo Bonzini [Fri, 13 Jun 2014 08:13:02 +0000 (10:13 +0200)] 
json-lexer: fix escaped backslash in single-quoted string

This made the lexer wait for a closing *double* quote.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Amos Kong <akong@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agoqapi: Suppress unwanted space between type and identifier
Amos Kong [Tue, 10 Jun 2014 11:25:53 +0000 (19:25 +0800)] 
qapi: Suppress unwanted space between type and identifier

We always generate a space between type and identifier in parameter
and variable declarations, even when idiomatic C style doesn't have
a space there.  Suppress it.

Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agoqapi: add const prefix to 'char *' insider c_type()
Amos Kong [Tue, 10 Jun 2014 11:25:52 +0000 (19:25 +0800)] 
qapi: add const prefix to 'char *' insider c_type()

It's ugly to add const prefix for parameter type by an if statement
outside c_type(). This patch adds a parameter to do it.

Signed-off-by: Amos Kong <akong@redhat.com>
Suggested-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agoqapi: fix coding style in parameters list
Amos Kong [Tue, 10 Jun 2014 11:25:51 +0000 (19:25 +0800)] 
qapi: fix coding style in parameters list

A space after * when declaring a pointer type is redundant.

Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agoaudio: fmopl: drop INLINE macro
Luiz Capitulino [Thu, 19 Jun 2014 14:19:32 +0000 (10:19 -0400)] 
audio: fmopl: drop INLINE macro

This commit expands all uses of the INLINE macro and drop it.

The reason for this is to avoid clashes with external libraries with
bad name conventions and also because renaming keywords is not a good
practice.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agofpu: softfloat: drop INLINE macro
Luiz Capitulino [Thu, 19 Jun 2014 14:13:43 +0000 (10:13 -0400)] 
fpu: softfloat: drop INLINE macro

This commit expands all uses of the INLINE macro and drop it.

The reason for this is to avoid clashes with external libraries with
bad name conventions and also because renaming keywords is not a good
practice.

PS: I'm fine with this change to be licensed under softfloat-2a or
softfloat-2b.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
7 years agoxen-hvm: Fix xen_hvm_init() to adjust pc memory layout
Don Slutz [Fri, 20 Jun 2014 01:40:24 +0000 (21:40 -0400)] 
xen-hvm: Fix xen_hvm_init() to adjust pc memory layout

This is just below_4g_mem_size and above_4g_mem_size which is used later in QEMU.

Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Don Slutz <dslutz@verizon.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agopcie: coding style tweak
Michael S. Tsirkin [Mon, 23 Jun 2014 14:36:55 +0000 (17:36 +0300)] 
pcie: coding style tweak

- whitespace fix
- unnecessary != 0 in a condition

Cc: Marcel Apfelbaum <marcel.a@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agohw/pcie: better hotplug/hotunplug support
Marcel Apfelbaum [Mon, 23 Jun 2014 14:32:49 +0000 (17:32 +0300)] 
hw/pcie: better hotplug/hotunplug support

The current code is broken: it does surprise removal which crashes guests.

Reimplemented the steps:
 - Hotplug triggers both 'present detect change' and
   'attention button pressed'.

 - Hotunplug starts by triggering 'attention button pressed',
   then waits for the OS to power off the device and only
   then detaches it.

Fixes CVE-2014-3471.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agohw/pcie: implement power controller functionality
Marcel Apfelbaum [Mon, 23 Jun 2014 14:32:48 +0000 (17:32 +0300)] 
hw/pcie: implement power controller functionality

It is needed by hot-unplug in order to get an indication
from the OS when the device can be physically detached.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agohw/pcie: correct debug message
Marcel Apfelbaum [Mon, 23 Jun 2014 14:32:47 +0000 (17:32 +0300)] 
hw/pcie: correct debug message

Trivial issue, discovered while debugging.

Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agoq35: Use PC_Q35_COMPAT_1_4 on pc-q35-1.4 compat_props
Eduardo Habkost [Fri, 13 Jun 2014 03:28:32 +0000 (00:28 -0300)] 
q35: Use PC_Q35_COMPAT_1_4 on pc-q35-1.4 compat_props

pc-q35-1.4 was incorrectly using PC_COMPAT_1_4 instead of
PC_Q35_COMPAT_1_4.

The only side-effect was that the hpet compat property (inherited from
PC_Q35_COMPAT_1_7) was missing.

Without this patch, pc-q35-1.4 inicorrectly initializes hpet-intcap to
0xff0104 (behavior introduced in QEMU 2.0, by commit
7a10ef51c2397ac4323bc786af02c58b413b5cd2).

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
7 years agovirtio-pci: Report an error when msix vectors init fails
Fam Zheng [Mon, 23 Jun 2014 09:06:25 +0000 (17:06 +0800)] 
virtio-pci: Report an error when msix vectors init fails

Currently vectors silently cleared to 0 if the initialization is failed,
but user should at least have one way to notice this.

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agoqemu-char: avoid leaking unused fds in tcp_get_msgfds()
Stefan Hajnoczi [Sun, 22 Jun 2014 02:38:37 +0000 (10:38 +0800)] 
qemu-char: avoid leaking unused fds in tcp_get_msgfds()

Commit c76bf6bb8fbbb233a7d3641e09229d23747d5ee3 ("Add chardev API
qemu_chr_fe_get_msgfds") extended the get_msgfds API from one to
multiple file descriptors.  It forgot to close unused file descriptors
before freeing the file descriptor array.

This patch prevents a file descriptor leak if the tcp_get_msgfds()
callers requests fewer file descriptors than are available.

Cc: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agoqemu-char: fix qemu_chr_fe_get_msgfd()
Stefan Hajnoczi [Sun, 22 Jun 2014 02:38:36 +0000 (10:38 +0800)] 
qemu-char: fix qemu_chr_fe_get_msgfd()

Commit c76bf6bb8fbbb233a7d3641e09229d23747d5ee3 ("Add chardev API
qemu_chr_fe_get_msgfds") broke qemu_chr_fe_get_msgfd() because it
changed the return value.

Callers expect -1 if no fd is available.  The commit changed the return
value to 0 (which is a valid file descriptor number) so callers always
detected a file descriptor even if none was available.

This patch fixes qemu-iotests 045:

  $ cd tests/qemu-iotests && ./check 045
  [...]
  +FAIL: test_add_fd_invalid_fd (__main__.TestFdSets)
  +----------------------------------------------------------------------
  +Traceback (most recent call last):
  +  File "./045", line 123, in test_add_fd_invalid_fd
  +    self.assert_qmp(result, 'error/class', 'GenericError')
  +  File "/home/stefanha/qemu/tests/qemu-iotests/iotests.py", line 232, in assert_qmp
  +    result = self.dictpath(d, path)
  +  File "/home/stefanha/qemu/tests/qemu-iotests/iotests.py", line 211, in dictpath
  +    self.fail('failed path traversal for "%s" in "%s"' % (path, str(d)))
  +AssertionError: failed path traversal for "error/class" in "{u'return': {u'fdset-id': 2, u'fd': 0}}"

Cc: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agoqapi/string-output-visitor: fix human output
Hu Tao [Fri, 20 Jun 2014 05:55:42 +0000 (13:55 +0800)] 
qapi/string-output-visitor: fix human output

"0x1-0x10" looks better than "0x1-10"

Signed-off-by: Hu Tao <hutao@cn.fujitsu.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
7 years agoe1000: factor out checking for auto-negotiation availability
Gabriel L. Somlo [Thu, 19 Jun 2014 19:40:51 +0000 (15:40 -0400)] 
e1000: factor out checking for auto-negotiation availability

Also fix minor indentation issues in the surrounding code.

Suggested-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agoe1000: move e1000_autoneg_timer() to after set_ics()
Gabriel L. Somlo [Thu, 19 Jun 2014 15:55:35 +0000 (11:55 -0400)] 
e1000: move e1000_autoneg_timer() to after set_ics()

Enable calling set_ics() from within e1000_autoneg_timer() without
the need for a forward declaration.

This patch contains no functional changes.

Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agoe1000: signal guest on successful link auto-negotiation
Gabriel L. Somlo [Thu, 19 Jun 2014 15:55:36 +0000 (11:55 -0400)] 
e1000: signal guest on successful link auto-negotiation

Generate a link status change interrupt once link auto-netotiation
is successfully completed. This does not affect Linux and Windows
(XP and 7 tested) in any way, but is needed by the stock OS X driver
(AppleIntel8254XEthernet.kext), which would otherwise fail to notice
the link status change event.

Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agoe1000: improve auto-negotiation reporting via mii-tool
Gabriel L. Somlo [Thu, 19 Jun 2014 15:55:34 +0000 (11:55 -0400)] 
e1000: improve auto-negotiation reporting via mii-tool

Using mii-tool (on F20-live), the following output is produced:

  SIOCGMIIREG on ens3 failed: Input/output error
  ens3: no autonegotiation, 1000baseT-FD flow-control, link ok

The first line (SIOCGMIIREG error) is due to mii-tool's inability
to read the PHY auto-negotiation expansion register.
On the second line, "no autonegotiation" is wrong, and caused by
the absence of a flag in the link partner ability register which
would indicate that our link partner has acked us. This flag is
listed as "reserved" in the Intel e1000 manual, but mii-tool uses
it as LPA_LPACK from /usr/include/linux/mii.h.

This patch adds read access to PHY_AUTONEG_EXP and defines the
link partner ack flag, allowing mii-tool to generate output as
normally expected:

  ens3: negotiated 1000baseT-FD flow-control, link ok

Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agoe1000: emulate auto-negotiation during external link status change
Gabriel L. Somlo [Thu, 19 Jun 2014 15:55:33 +0000 (11:55 -0400)] 
e1000: emulate auto-negotiation during external link status change

This patch emulates auto-negotiation when the network link status
is modified externally (i.e. via "set_link <id> off/on").

Also, a couple of cleanup items:
  - unset PHY status reg. AUTONEG_COMPLETE during link_down()
  - set PHY status reg. AUTONEG_COMPLETE during autoneg_timer() only
    if we actually brought the link up.
  - group all checks for "can we, and should we autonegotiate?"
    together for more clarity.

Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agoqtest: fix vhost-user-test unbalanced mutex locks
Nikolay Nikolaev [Thu, 19 Jun 2014 15:08:18 +0000 (18:08 +0300)] 
qtest: fix vhost-user-test unbalanced mutex locks

Signed-off-by: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agoqtest: fix qtest for vhost-user
Nikolay Nikolaev [Thu, 19 Jun 2014 15:07:59 +0000 (18:07 +0300)] 
qtest: fix qtest for vhost-user

Fix compile for older glib, provide conditionally compiled versions of the
used glib APIs.

Signed-off-by: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agolibqemustub: add more stubs for qemu-char
Nikolay Nikolaev [Thu, 19 Jun 2014 15:07:40 +0000 (18:07 +0300)] 
libqemustub: add more stubs for qemu-char

Additional stubs:
 - chr_baum_init
 - qemu_chr_open_spice_vmc
 - qemu_chr_open_spice_port

Signed-off-by: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agoqapi/hmp: use 'backend' instead of 'device' with memory backend
Igor Mammedov [Thu, 19 Jun 2014 14:14:43 +0000 (16:14 +0200)] 
qapi/hmp: use 'backend' instead of 'device' with memory backend

fixup documentation comments and HMP message/help text

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agovhost: fix resource leak in error handling
Michael S. Tsirkin [Wed, 18 Jun 2014 15:55:22 +0000 (18:55 +0300)] 
vhost: fix resource leak in error handling

vhost_verify_ring_mappings leaks mappings on error.
Fix this up.

Cc: qemu-stable@nongnu.org
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agovhost: block migration if backend does not log memory
Michael S. Tsirkin [Wed, 18 Jun 2014 14:20:42 +0000 (17:20 +0300)] 
vhost: block migration if backend does not log memory

vhost user does not support LOG_ALL feature bit.
Generally, we should not try to set this bit without
checking that backend can support it first.

Detect and block migration.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
7 years agotcg-ppc: Use the return address as a base pointer
Richard Henderson [Fri, 28 Mar 2014 13:53:53 +0000 (06:53 -0700)] 
tcg-ppc: Use the return address as a base pointer

This can significantly reduce code size for generation of (some)
64-bit constants.  With the side effect that we know for a fact
that exit_tb can use the register to good effect.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc: Merge cache-utils into the backend
Richard Henderson [Wed, 30 Apr 2014 20:56:50 +0000 (13:56 -0700)] 
tcg-ppc: Merge cache-utils into the backend

As a "utility", it only supported ppc, and in a way that other
tcg backends provided directly in tcg-target.h.  Removing this
disparity is easier now that the two ppc backends are merged.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agoqemu/osdep: Remove the need for qemu_init_auxval
Richard Henderson [Wed, 30 Apr 2014 20:49:11 +0000 (13:49 -0700)] 
qemu/osdep: Remove the need for qemu_init_auxval

Instead of getting backup auxv data from the env pointer given to main,
read it from /proc/self/auxv.  We can do this at any time, so we're not
tied to any ordering wrt a call to qemu_init_auxval from main.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc: Rename the tcg/ppc64 backend
Richard Henderson [Wed, 30 Apr 2014 21:07:47 +0000 (14:07 -0700)] 
tcg-ppc: Rename the tcg/ppc64 backend

The other tcg backends that support 32- and 64-bit modes
use the 32-bit name for the port.  Follow suit.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc: Remove the backend
Richard Henderson [Wed, 30 Apr 2014 21:05:39 +0000 (14:05 -0700)] 
tcg-ppc: Remove the backend

Vectoring the 32-bit build to the ppc64 directory.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Merge ppc32 shifts
Richard Henderson [Thu, 27 Mar 2014 01:10:43 +0000 (18:10 -0700)] 
tcg-ppc64: Merge ppc32 shifts

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Support mulsh_i32
Richard Henderson [Wed, 26 Mar 2014 18:37:06 +0000 (11:37 -0700)] 
tcg-ppc64: Support mulsh_i32

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Merge ppc32 register usage
Richard Henderson [Wed, 30 Apr 2014 19:12:16 +0000 (12:12 -0700)] 
tcg-ppc64: Merge ppc32 register usage

Good enough to run some instructions before things go awry.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Merge ppc32 qemu_ld/st
Richard Henderson [Tue, 25 Mar 2014 19:11:48 +0000 (12:11 -0700)] 
tcg-ppc64: Merge ppc32 qemu_ld/st

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Merge ppc32 brcond2, setcond2, muluh
Richard Henderson [Wed, 30 Apr 2014 18:55:34 +0000 (11:55 -0700)] 
tcg-ppc64: Merge ppc32 brcond2, setcond2, muluh

Now passes tcg_add_target_add_op_defs assertions, but
not complete enough to function.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Begin merging ppc32 with ppc64
Richard Henderson [Wed, 30 Apr 2014 18:39:20 +0000 (11:39 -0700)] 
tcg-ppc64: Begin merging ppc32 with ppc64

Just enough to compile, assuming you edit config-host.mak manually.
It will still abort at runtime, due to missing brcond2, setcond2, mulu2.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Fix sub2 implementation
Richard Henderson [Thu, 27 Mar 2014 01:56:31 +0000 (18:56 -0700)] 
tcg-ppc64: Fix sub2 implementation

All sorts of confusion on argument ordering.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Merge 32-bit ABIs into the prologue / frame code
Richard Henderson [Tue, 25 Mar 2014 16:13:38 +0000 (09:13 -0700)] 
tcg-ppc64: Merge 32-bit ABIs into the prologue / frame code

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Adjust tcg_out_call for ELFv2
Ulrich Weigand [Wed, 30 Apr 2014 21:33:05 +0000 (14:33 -0700)] 
tcg-ppc64: Adjust tcg_out_call for ELFv2

The new ELFv2 ABI, used by default on powerpc64le-linux hosts,
introduced some changes that are incompatible with code currently
generated by the ppc64 TGC target.  In particular, we no longer
use function descriptors.

This patch adds support for the ELFv2 ABI in the ppc64 TGC
function call and function prologue sequences.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Ulrich Weigand <ulrich.weigand@de.ibm.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Support the ppc64 elfv2 ABI
Richard Henderson [Tue, 25 Mar 2014 15:57:23 +0000 (08:57 -0700)] 
tcg-ppc64: Support the ppc64 elfv2 ABI

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Use the correct test in tcg_out_call
Richard Henderson [Wed, 30 Apr 2014 18:57:11 +0000 (11:57 -0700)] 
tcg-ppc64: Use the correct test in tcg_out_call

The correct test uses the _CALL_AIX macro, not a host-specific macro.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Better parameterize the stack frame
Richard Henderson [Tue, 25 Mar 2014 15:55:12 +0000 (08:55 -0700)] 
tcg-ppc64: Better parameterize the stack frame

In preparation for supporting other ABIs.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Fix TCG_TARGET_CALL_STACK_OFFSET
Richard Henderson [Tue, 25 Mar 2014 15:32:04 +0000 (08:32 -0700)] 
tcg-ppc64: Fix TCG_TARGET_CALL_STACK_OFFSET

The calling convention reserves space for the 8 register parameters on
the stack, so using only 6*8=48 as the offset was wrong.  We never saw
this bug because we don't have any helpers with more than 5 parameters.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Move call macros out of tcg-target.h
Richard Henderson [Tue, 25 Mar 2014 15:11:53 +0000 (08:11 -0700)] 
tcg-ppc64: Move call macros out of tcg-target.h

These values are private to tcg.c; we don't need to expose
this nonsense to the translators.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Make TCG_AREG0 and TCG_REG_CALL_STACK enum constants
Richard Henderson [Tue, 25 Mar 2014 15:06:43 +0000 (08:06 -0700)] 
tcg-ppc64: Make TCG_AREG0 and TCG_REG_CALL_STACK enum constants

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Use tcg_out_{ld,st,cmp} internally
Richard Henderson [Mon, 24 Mar 2014 23:03:59 +0000 (16:03 -0700)] 
tcg-ppc64: Use tcg_out_{ld,st,cmp} internally

Rather than using tcg_out32 and opcodes directly.  This allows us
to remove LD_ADDR and CMP_L macros.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Relax register restrictions in tcg_out_mem_long
Richard Henderson [Tue, 25 Mar 2014 19:22:18 +0000 (12:22 -0700)] 
tcg-ppc64: Relax register restrictions in tcg_out_mem_long

In order to be able to use tcg_out_ld/st sensibly with scratch
registers, assert only when we'd incorrectly clobber a scratch.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Move functions around
Richard Henderson [Mon, 24 Mar 2014 22:44:09 +0000 (15:44 -0700)] 
tcg-ppc64: Move functions around

Code movement only.  This will allow us to make use of the
other tcg_out_* functions in tidying their implementations.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc64: Avoid some hard-codings of TCG_TYPE_I64
Richard Henderson [Mon, 24 Mar 2014 22:22:35 +0000 (15:22 -0700)] 
tcg-ppc64: Avoid some hard-codings of TCG_TYPE_I64

Using more appropriate _PTR or _REG where possible.

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agotcg-ppc: Use uintptr_t in ppc_tb_set_jmp_target
Richard Henderson [Wed, 30 Apr 2014 18:40:58 +0000 (11:40 -0700)] 
tcg-ppc: Use uintptr_t in ppc_tb_set_jmp_target

Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
7 years agopc-bios/s390-ccw: update s390-ccw.img binary
Jens Freimann [Wed, 18 Jun 2014 12:16:47 +0000 (14:16 +0200)] 
pc-bios/s390-ccw: update s390-ccw.img binary

Update s390-ccw.img to match with latest fixes

Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
7 years agopc-bios/s390-ccw: fix for fragmented SCSI bootmap
Eugene (jno) Dvurechenski [Wed, 18 Jun 2014 12:16:46 +0000 (14:16 +0200)] 
pc-bios/s390-ccw: fix for fragmented SCSI bootmap

We need to interpret the last entry of the bootmap with zero
block count as "continuation pointer".
The "last entry" is being detected by pre-filling of the scratch
space with known values and respective look-ahead.

Signed-off-by: Eugene (jno) Dvurechenski <jno@linux.vnet.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
7 years agopc-bios/s390-ccw: do a subsystem reset before running the guest
Christian Borntraeger [Wed, 18 Jun 2014 12:16:45 +0000 (14:16 +0200)] 
pc-bios/s390-ccw: do a subsystem reset before running the guest

The loader BIOS has already activated several devices. Let's do a
subsystem reset before jumping into the guest. As there is no direct
way of doing so, we use diagnose 308 to bring the system in a
defined state. This is similar to what kdump on s390 uses. We have
to define a small trampoline function that restores the low bytes
to whatever the bootmap has written there.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
7 years agopc-bios/s390-ccw: virtio_load_direct() can't load max number of sectors
David Hildenbrand [Wed, 18 Jun 2014 12:16:44 +0000 (14:16 +0200)] 
pc-bios/s390-ccw: virtio_load_direct() can't load max number of sectors

The number of sectors to read is given by the last 16 bit of rec_list2.
1 is added in order to get to the real number of sectors to read (0x0000
-> read 1 block). For now, the maximum number (0xffff) led to 0 sectors
being read.

This fixes a bug where a large initrd (62MB) could not be ipled anymore.

Signed-off-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
7 years agoMerge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging
Peter Maydell [Mon, 23 Jun 2014 11:55:22 +0000 (12:55 +0100)] 
Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Block pull request

# gpg: Signature made Mon 23 Jun 2014 09:53:49 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/block-pull-request:
  block: asynchronously stop the VM on I/O errors
  vl: allow other threads to do qemu_system_vmstop_request
  sheepdog: fix NULL dereference in sd_create
  QemuOpts: check NULL opts in qemu_opt_get functions
  block: m25p80: Support read only bdrvs.
  block: m25p80: sync_page(): Deindent function body.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/mcayland/qemu-sparc' into staging
Peter Maydell [Mon, 23 Jun 2014 11:40:39 +0000 (12:40 +0100)] 
Merge remote-tracking branch 'remotes/mcayland/qemu-sparc' into staging

* remotes/mcayland/qemu-sparc:
  apb: Fix out-of-bounds array write access

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/mcayland/qemu-openbios' into staging
Peter Maydell [Mon, 23 Jun 2014 10:35:27 +0000 (11:35 +0100)] 
Merge remote-tracking branch 'remotes/mcayland/qemu-openbios' into staging

* remotes/mcayland/qemu-openbios:
  Update OpenBIOS images

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoconsole: move chardev declarations to sysemu/char.h
Michael S. Tsirkin [Mon, 23 Jun 2014 07:29:07 +0000 (10:29 +0300)] 
console: move chardev declarations to sysemu/char.h

move generic chardev APIs to sysemu/char.h, to make them available to
callers which can not depend on the whole of ui/console.h.
This fixes a build error on systems without pixman-devel:

./configure --disable-tools --disable-docs --target-list=arm-linux-user
...
pixman            none
...
make
...
In file included from
/data/home/nchip/linaro/qemu/include/ui/console.h:4:0,
                 from /data/home/nchip/linaro/qemu/stubs/vc-init.c:2:
/data/home/nchip/linaro/qemu/include/ui/qemu-pixman.h:14:20: fatal
error: pixman.h: No such file or directory
 #include <pixman.h>
                    ^
compilation terminated.

Reported-by: Riku Voipio <riku.voipio@iki.fi>
Tested-by: Riku Voipio <riku.voipio@iki.fi>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 1403508500-32691-1-git-send-email-mst@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoblock: asynchronously stop the VM on I/O errors
Paolo Bonzini [Thu, 5 Jun 2014 12:53:59 +0000 (14:53 +0200)] 
block: asynchronously stop the VM on I/O errors

With virtio-blk dataplane, I/O errors might occur while QEMU is
not in the main I/O thread.  However, it's invalid to call vm_stop
when we're neither in a VCPU thread nor in the main I/O thread,
even if we were to take the iothread mutex around it.

To avoid this problem, we can raise a request to the main I/O thread,
similar to what QEMU does when vm_stop is called from a CPU thread.
We know that bdrv_error_action is called from an AIO callback, and
the moment at which the callback will fire is not well-defined; it
depends on the moment at which the disk or OS finishes the operation,
which can happen at any time.  Note that QEMU is certainly not in a CPU
thread and we do not need to call cpu_stop_current() like vm_stop() does.

However, we need to ensure that any action taken by management will
result in correct detection of the error _and_ a running VM.  In particular:

- the event must be raised after the iostatus has been set, so that
"info block" will return an iostatus that matches the event.

- the VM must be stopped after the iostatus has been set, so that
"info block" will return an iostatus that matches the runstate.

The ordering between the STOP and BLOCK_IO_ERROR events is preserved;
BLOCK_IO_ERROR is documented to come first.

This makes bdrv_error_action() thread safe (assuming QMP events are,
which is attacked by a separate series).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
7 years agovl: allow other threads to do qemu_system_vmstop_request
Paolo Bonzini [Thu, 5 Jun 2014 12:53:58 +0000 (14:53 +0200)] 
vl: allow other threads to do qemu_system_vmstop_request

There patch protects vmstop_requested with a lock and introduces
qemu_system_vmstop_request_prepare.

Together with the new call to qemu_vmstop_requested in vm_start,
qemu_system_vmstop_request_prepare avoids a race where the VM could remain
stopped even though the iostatus of a block device has already been set
(for example).

qemu_system_vmstop_request_prepare however also lets the caller thread
delay observation of the state change until it has itself communicated
that change to the user.  This delay avoids any possibility of a wrong
reordering of the BLOCK_IO_ERROR event and the subsequent STOP event.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
7 years agosheepdog: fix NULL dereference in sd_create
Liu Yuan [Tue, 17 Jun 2014 05:45:35 +0000 (13:45 +0800)] 
sheepdog: fix NULL dereference in sd_create

Following command

qemu-img create -f qcow2 sheepdog:test 20g

will cause core dump because aio_context is NULL in sd_create. We should
initialize it by qemu_get_aio_context() to avoid NULL dereference.

Cc: qemu-devel@nongnu.org
Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Liu Yuan <namei.unix@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
7 years agoQemuOpts: check NULL opts in qemu_opt_get functions
Chunyan Liu [Wed, 18 Jun 2014 02:47:26 +0000 (10:47 +0800)] 
QemuOpts: check NULL opts in qemu_opt_get functions

Some places will call bdrv_create_file(filename, NULL, &local_err), where
opts is NULL. Check NULL in qemu_opt_get and qemu_opt_get_*_del functions,
to avoid extra effort of checking opts before calling them every time.

Signed-off-by: Chunyan Liu <cyliu@suse.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
7 years agoblock: m25p80: Support read only bdrvs.
Peter Crosthwaite [Thu, 19 Jun 2014 01:36:37 +0000 (18:36 -0700)] 
block: m25p80: Support read only bdrvs.

By just never doing write-backs. This is completely invisible to the
guest, as the entire storage area is implemented as device state (at
realize time the entire drive is read in).

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
7 years agoblock: m25p80: sync_page(): Deindent function body.
Peter Crosthwaite [Thu, 19 Jun 2014 01:36:03 +0000 (18:36 -0700)] 
block: m25p80: sync_page(): Deindent function body.

sync_page() was conditionalizing it's whole fn body on the bdrv being
non-null. Just return for the function immediately on NULL brdv and
get rid of the big if.

Makes implementation consistent with flash_zynq_area().

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
7 years agoUpdate OpenBIOS images
Mark Cave-Ayland [Fri, 20 Jun 2014 22:59:19 +0000 (23:59 +0100)] 
Update OpenBIOS images

Update OpenBIOS images to SVN r1306 built from submodule.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
7 years agoapb: Fix out-of-bounds array write access
Stefan Weil [Mon, 9 Jun 2014 14:19:29 +0000 (16:19 +0200)] 
apb: Fix out-of-bounds array write access

The array regs is declared with IOMMU_NREGS (3) elements and accessed
using IOMMU_CTRL (0) and IOMMU_BASE (8). In most cases, those values
are right shifted before being used as an index which results in indices
0 and 1. In one case, this right shift was missing for IOMMU_BASE which
results in an out-of-bounds write access with index 8.

The patch adds the missing shift operation also for IOMMU_CTRL where
it is needed only for cosmetic reasons.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
7 years agogt64xxx_pci: Add VMStateDescription
Sanjay Lal [Fri, 20 Jun 2014 13:59:58 +0000 (14:59 +0100)] 
gt64xxx_pci: Add VMStateDescription

Add VMStateDescription for GT64120 PCI emulation used by the Malta
platform, to allow it to work with savevm/loadvm and live migration.

The entire register array is saved/restored using VMSTATE_UINT32_ARRAY
(fixed length GT_REGS = 1024).

Signed-off-by: Sanjay Lal <sanjayl@kymasys.com>
[james.hogan@imgtec.com: Convert to VMState]
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Cc: Andreas Färber <afaerber@suse.de>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
7 years agotarget-mips: copy CP0_Config1 into DisasContext
Aurelien Jarno [Thu, 29 May 2014 13:50:17 +0000 (15:50 +0200)] 
target-mips: copy CP0_Config1 into DisasContext

In order to avoid access to the CPUMIPSState structure in the
translator, keep a copy of CP0_Config1 into DisasContext. The whole
register is read-only so it can be copied as a single value.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
7 years agoMerge remote-tracking branch 'remotes/kvm/uq/master' into staging
Peter Maydell [Fri, 20 Jun 2014 18:25:17 +0000 (19:25 +0100)] 
Merge remote-tracking branch 'remotes/kvm/uq/master' into staging

* remotes/kvm/uq/master:
  hw/mips: malta: Don't boot from flash with KVM T&E
  MAINTAINERS: Add entry for MIPS KVM
  target-mips: Enable KVM support in build system
  hw/mips: malta: Add KVM support
  hw/mips: In KVM mode, inject IRQ2 (I/O) interrupts via ioctls
  target-mips: Call kvm_mips_reset_vcpu() from mips_cpu_reset()
  target-mips: kvm: Add main KVM support for MIPS
  kvm: Allow arch to set sigmask length
  target-mips: get_physical_address: Add KVM awareness
  target-mips: get_physical_address: Add defines for segment bases
  hw/mips: Add API to convert KVM guest KSEG0 <-> GPA
  hw/mips/cputimer: Don't start periodic timer in KVM mode
  target-mips: Reset CPU timer consistently
  KVM: Fix GSI number space limit

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
Peter Maydell [Fri, 20 Jun 2014 17:01:24 +0000 (18:01 +0100)] 
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

pc,pci,virtio,hotplug fixes, enhancements

numa work by Hu Tao and others
memory hotplug by Igor
vhost-user by Nikolay, Antonios and others
guest virtio announcements by Jason
qtest fixes by Sergey
qdev hotplug fixes by Paolo
misc other fixes mostly by myself

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
* remotes/mst/tags/for_upstream: (109 commits)
  numa: use RAM_ADDR_FMT with ram_addr_t
  qapi/string-output-visitor: fix bugs
  tests: simplify code
  qapi: fix input visitor bugs
  acpi: rephrase comment
  qmp: add ACPI_DEVICE_OST event handling
  qmp: add query-acpi-ospm-status command
  acpi: implement ospm_status() method for PIIX4/ICH9_LPC devices
  acpi: introduce TYPE_ACPI_DEVICE_IF interface
  qmp: add query-memory-devices command
  numa: handle mmaped memory allocation failure correctly
  pc: acpi: do not hardcode preprocessor
  qmp: clean out whitespace
  qdev: recursively unrealize devices when unrealizing bus
  qdev: reorganize error reporting in bus_set_realized
  qapi: fix build on glib < 2.28
  qapi: make string output visitor parse int list
  qapi: make string input visitor parse int list
  tests: fix memory leak in test of string input visitor
  hmp: add info memdev
  ...

Conflicts:
include/hw/i386/pc.h
[PMM: fixed minor conflict in pc.h]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140619' into...
Peter Maydell [Fri, 20 Jun 2014 16:41:09 +0000 (17:41 +0100)] 
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140619' into staging

target-arm:
 * Support PSCI 0.2 when using KVM
 * fix AIRCR reset value for v7M CPUs
 * report correct size information for pflash_cfi01
 * minor coverity fixes
 * avoid warnings on Windows builds due to #define clash
 * implement TTBCR PD0/PD1 bits

# gpg: Signature made Thu 19 Jun 2014 18:35:06 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"

* remotes/pmaydell/tags/pull-target-arm-20140619:
  armv7m_nvic: fix AIRCR implementation
  Use PSCI v0.2 compatible string when KVM or TCG provides it
  target-arm: Introduce per-CPU field for PSCI version
  target-arm: Implement kvm_arch_reset_vcpu() for KVM ARM64
  target-arm: Enable KVM_ARM_VCPU_PSCI_0_2 feature when possible
  target-arm: Common kvm_arm_vcpu_init() for KVM ARM and KVM ARM64
  kvm: Handle exit reason KVM_EXIT_SYSTEM_EVENT
  hw/block/pflash_cfi01: Report correct size info for parallel configs
  hw/arm/vexpress: Forbid specifying flash contents in two ways at once
  target-arm/translate-a64.c: Fix dead ?: in handle_simd_shift_fpint_conv()
  target-arm/translate-a64.c: Remove dead ?: in disas_simd_3same_int()
  target-arm: Add ULL suffix to calculation of page size
  hw/arm/spitz: Avoid clash with Windows header symbol MOD_SHIFT
  target-arm: implement PD0/PD1 bits for TTBCR

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20140619-1' into staging
Peter Maydell [Fri, 20 Jun 2014 15:57:28 +0000 (16:57 +0100)] 
Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20140619-1' into staging

vnc: cleanups and fixes

# gpg: Signature made Thu 19 Jun 2014 12:02:09 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-vnc-20140619-1:
  vnc: fix screen updates
  vnc: Drop superfluous conditionals around g_strdup()
  vnc: Drop superfluous conditionals around g_free()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agospice: fix 32bit build
Gerd Hoffmann [Fri, 20 Jun 2014 06:12:44 +0000 (08:12 +0200)] 
spice: fix 32bit build

Tested-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1403244764-8622-1-git-send-email-kraxel@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoMerge remote-tracking branch 'remotes/rth/tcg-next' into staging
Peter Maydell [Fri, 20 Jun 2014 14:44:31 +0000 (15:44 +0100)] 
Merge remote-tracking branch 'remotes/rth/tcg-next' into staging

* remotes/rth/tcg-next:
  tcg/optimize: Don't special case TCG_OPF_CALL_CLOBBER

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agohw/mips: malta: Don't boot from flash with KVM T&E
James Hogan [Fri, 20 Jun 2014 11:47:59 +0000 (12:47 +0100)] 
hw/mips: malta: Don't boot from flash with KVM T&E

In KVM trap & emulate (T&E) mode the flash reset region at 0xbfc00000
isn't executable, which is why the minimal kernel bootloader is loaded
and executed from the last 1MB of DRAM instead.

Therefore if no kernel is provided on the command line and KVM is
enabled, exit with an error since booting from flash will fail.

Reported-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
7 years agoarmv7m_nvic: fix AIRCR implementation
Oran Avraham [Thu, 19 Jun 2014 17:06:27 +0000 (18:06 +0100)] 
armv7m_nvic: fix AIRCR implementation

The returned reset value was wrong (off by one zero nibble), and
qemu didn't log unimplemented writes to the PRIGROUP field.

Signed-off-by: Oran Avraham <oranav@gmail.com>
Message-id: 1403010447-4627-1-git-send-email-oranav@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agoUse PSCI v0.2 compatible string when KVM or TCG provides it
Pranavkumar Sawargaonkar [Thu, 19 Jun 2014 17:06:27 +0000 (18:06 +0100)] 
Use PSCI v0.2 compatible string when KVM or TCG provides it

If we have PSCI v0.2 emulation available for KVM ARM/ARM64 or TCG then
we need to provide PSCI v0.2 compatible string via generated DTB.

Signed-off-by: Pranavkumar Sawargaonkar <pranavkumar@linaro.org>
Signed-off-by: Anup Patel <anup.patel@linaro.org>
Reviewed-by: Rob Herring <rob.herring@linaro.org>
Message-id: 1402901605-24551-9-git-send-email-pranavkumar@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agotarget-arm: Introduce per-CPU field for PSCI version
Pranavkumar Sawargaonkar [Thu, 19 Jun 2014 17:06:26 +0000 (18:06 +0100)] 
target-arm: Introduce per-CPU field for PSCI version

We require to know the PSCI version available to given CPU at
potentially many places. Currently, we need to know PSCI version
when generating DTB for virt machine.

This patch introduce per-CPU 32bit field representing the PSCI
version available to the CPU. The encoding of this 32bit field
is same as described in PSCI v0.2 spec.

Signed-off-by: Pranavkumar Sawargaonkar <pranavkumar@linaro.org>
Signed-off-by: Anup Patel <anup.patel@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1402901605-24551-8-git-send-email-pranavkumar@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agotarget-arm: Implement kvm_arch_reset_vcpu() for KVM ARM64
Pranavkumar Sawargaonkar [Thu, 19 Jun 2014 17:06:26 +0000 (18:06 +0100)] 
target-arm: Implement kvm_arch_reset_vcpu() for KVM ARM64

To implement kvm_arch_reset_vcpu(), we simply re-init the VCPU
using kvm_arm_vcpu_init() so that all registers of VCPU are set
to their reset values by in-kernel KVM code.

Signed-off-by: Pranavkumar Sawargaonkar <pranavkumar@linaro.org>
Signed-off-by: Anup Patel <anup.patel@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1402901605-24551-7-git-send-email-pranavkumar@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agotarget-arm: Enable KVM_ARM_VCPU_PSCI_0_2 feature when possible
Pranavkumar Sawargaonkar [Thu, 19 Jun 2014 17:06:26 +0000 (18:06 +0100)] 
target-arm: Enable KVM_ARM_VCPU_PSCI_0_2 feature when possible

Latest linux kernel supports in-kernel emulation of PSCI v0.2 but
to enable it we need to select KVM_ARM_VCPU_PSCI_0_2 feature using
KVM_ARM_VCPU_INIT ioctl.

Also, we can use KVM_ARM_VCPU_PSCI_0_2 feature for VCPU only when
linux kernel has KVM_CAP_ARM_PSCI_0_2 capability.

This patch updates kvm_arch_init_vcpu() to enable KVM_ARM_VCPU_PSCI_0_2
feature for VCPU when KVM ARM/ARM64 has KVM_CAP_ARM_PSCI_0_2 capability.

Signed-off-by: Pranavkumar Sawargaonkar <pranavkumar@linaro.org>
Signed-off-by: Anup Patel <anup.patel@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1402901605-24551-6-git-send-email-pranavkumar@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agotarget-arm: Common kvm_arm_vcpu_init() for KVM ARM and KVM ARM64
Pranavkumar Sawargaonkar [Thu, 19 Jun 2014 17:06:26 +0000 (18:06 +0100)] 
target-arm: Common kvm_arm_vcpu_init() for KVM ARM and KVM ARM64

Introduce a common kvm_arm_vcpu_init() for doing KVM_ARM_VCPU_INIT
ioctl in KVM ARM and KVM ARM64. This also helps us factor-out few
common code lines from kvm_arch_init_vcpu() for KVM ARM/ARM64.

Signed-off-by: Pranavkumar Sawargaonkar <pranavkumar@linaro.org>
Signed-off-by: Anup Patel <anup.patel@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1402901605-24551-5-git-send-email-pranavkumar@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agokvm: Handle exit reason KVM_EXIT_SYSTEM_EVENT
Pranavkumar Sawargaonkar [Thu, 19 Jun 2014 17:06:25 +0000 (18:06 +0100)] 
kvm: Handle exit reason KVM_EXIT_SYSTEM_EVENT

In-kernel PSCI v0.2 emulation of KVM ARM/ARM64 forwards SYSTEM_OFF
and SYSTEM_RESET function calls to QEMU using KVM_EXIT_SYSTEM_EVENT
exit reason.

This patch updates kvm_cpu_exec() to handle KVM_SYSTEM_EVENT_SHUTDOWN
and KVM_SYSTEM_EVENT_RESET system-level events from QEMU-side.

Signed-off-by: Pranavkumar Sawargaonkar <pranavkumar@linaro.org>
Signed-off-by: Anup Patel <anup.patel@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1402901605-24551-4-git-send-email-pranavkumar@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agohw/block/pflash_cfi01: Report correct size info for parallel configs
Peter Maydell [Thu, 19 Jun 2014 17:06:25 +0000 (18:06 +0100)] 
hw/block/pflash_cfi01: Report correct size info for parallel configs

If the flash device is configured with a device-width which is
not equal to the bank-width, indicating that it is actually several
narrow flash devices in parallel, the CFI table should report the
number of blocks and the size of a single device, not of the whole
combined setup. This stops Linux from complaining:
"NOR chip too large to fit in mapping. Attempting to cope..."

As usual, we retain the old broken but backwards compatible behaviour
when the device-width is not specified.

Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1402409025-25694-1-git-send-email-peter.maydell@linaro.org

7 years agohw/arm/vexpress: Forbid specifying flash contents in two ways at once
Peter Maydell [Thu, 19 Jun 2014 17:06:25 +0000 (18:06 +0100)] 
hw/arm/vexpress: Forbid specifying flash contents in two ways at once

Detect attempts by the user to specify the contents of the first flash
device via both -bios and -drive if=pflash... simultaneously and
print a helpful error message.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1402419834-25982-1-git-send-email-peter.maydell@linaro.org

7 years agotarget-arm/translate-a64.c: Fix dead ?: in handle_simd_shift_fpint_conv()
Peter Maydell [Thu, 19 Jun 2014 17:06:25 +0000 (18:06 +0100)] 
target-arm/translate-a64.c: Fix dead ?: in handle_simd_shift_fpint_conv()

In handle_simd_shift_fpint_conv(), the combination of is_double == true,
is_scalar == false and is_q == false is an unallocated encoding; the
'both parts false' case of the nested ?: expression for calculating
maxpass is therefore unreachable and can be removed.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1402171881-14343-4-git-send-email-peter.maydell@linaro.org

7 years agotarget-arm/translate-a64.c: Remove dead ?: in disas_simd_3same_int()
Peter Maydell [Thu, 19 Jun 2014 17:06:24 +0000 (18:06 +0100)] 
target-arm/translate-a64.c: Remove dead ?: in disas_simd_3same_int()

In disas_simd_3same_int(), none of the instructions permit is_q
to be false with size == 3 (this would be a vector operation with
a one-element vector, and the instruction set encodes those as
scalar operations). Replace the always-true ?: check with an
assert.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1402171881-14343-3-git-send-email-peter.maydell@linaro.org

7 years agotarget-arm: Add ULL suffix to calculation of page size
Peter Maydell [Thu, 19 Jun 2014 17:06:24 +0000 (18:06 +0100)] 
target-arm: Add ULL suffix to calculation of page size

The maximum block size for AArch64 address translation is 2GB. This means
that we need a ULL suffix on our shift to avoid shifting into the sign
bit of a signed 32 bit integer.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1402171881-14343-2-git-send-email-peter.maydell@linaro.org

7 years agohw/arm/spitz: Avoid clash with Windows header symbol MOD_SHIFT
Peter Maydell [Thu, 19 Jun 2014 17:06:24 +0000 (18:06 +0100)] 
hw/arm/spitz: Avoid clash with Windows header symbol MOD_SHIFT

The Windows headers provided by MinGW define MOD_SHIFT. Avoid
it by using SPITZ_MOD_* for our constants here.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agotarget-arm: implement PD0/PD1 bits for TTBCR
Fabian Aggeler [Thu, 19 Jun 2014 17:06:24 +0000 (18:06 +0100)] 
target-arm: implement PD0/PD1 bits for TTBCR

Corrected handling of writes to TTBCR for ARMv8 (previously UNK/SBZP
bits are not RES0) and ARMv7 (new bits PD0/PD1 for CPUs with Security
Extensions).

Bits PD0/PD1 are now respected in get_phys_addr_v6/v5() and
get_level1_table_address.

Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Message-id: 1402409556-18574-1-git-send-email-aggelerf@ethz.ch
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7 years agonuma: use RAM_ADDR_FMT with ram_addr_t
Michael S. Tsirkin [Thu, 19 Jun 2014 10:08:35 +0000 (13:08 +0300)] 
numa: use RAM_ADDR_FMT with ram_addr_t

commit 4407ab055be995e64633322a78e64dfa376dc534
    vl.c: extend -m option to support options for memory hotplug
prints ram_addr_t with u64 format, this is wrong for
some systems, in particular w32.

print ram_addr_t with RAM_ADDR_FMT to fix build on w32.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>