qemu.git
5 years agovnc: fix memory corruption (CVE-2015-5225)
Gerd Hoffmann [Mon, 17 Aug 2015 17:56:53 +0000 (19:56 +0200)] 
vnc: fix memory corruption (CVE-2015-5225)

The _cmp_bytes variable added by commit "bea60dd ui/vnc: fix potential
memory corruption issues" can become negative.  Result is (possibly
exploitable) memory corruption.  Reason for that is it uses the stride
instead of bytes per scanline to apply limits.

For the server surface is is actually fine.  vnc creates that itself,
there is never any padding and thus scanline length always equals stride.

For the guest surface scanline length and stride are typically identical
too, but it doesn't has to be that way.  So add and use a new variable
(guest_ll) for the guest scanline length.  Also rename min_stride to
line_bytes to make more clear what it actually is.  Finally sprinkle
in an assert() to make sure we never use a negative _cmp_bytes again.

Reported-by: 范祚至(库特) <zuozhi.fzz@alibaba-inc.com>
Reviewed-by: P J P <ppandit@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
5 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150825-1' into...
Peter Maydell [Tue, 25 Aug 2015 15:24:06 +0000 (16:24 +0100)] 
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150825-1' into staging

target-arm queue:
 * add missing EL2/EL3 TLBI operations
 * add missing EL2/EL3 ATS operations
 * add missing EL2/EL3 registers
 * update Xilinx MAINTAINERS info
 * Xilinx: connect the four OCM banks

# gpg: Signature made Tue 25 Aug 2015 16:22:43 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"

* remotes/pmaydell/tags/pull-target-arm-20150825-1:
  target-arm: Implement AArch64 TLBI operations on IPAs
  target-arm: Implement missing EL3 TLB invalidate operations
  target-arm: Implement missing EL2 TLBI operations
  target-arm: Restrict AArch64 TLB flushes to the MMU indexes they must touch
  target-arm: Move TLBI ALLE1/ALLE1IS definitions into numeric order
  cputlb: Add functions for flushing TLB for a single MMU index
  target-arm: Implement AArch32 ATS1H* operations
  target-arm: Enable the AArch32 ATS12NSO ops
  target-arm: Add CP_ACCESS_TRAP_UNCATEGORIZED_EL2, 3
  target-arm: Wire up AArch64 EL2 and EL3 address translation ops
  target-arm: there is no TTBR1 for 32-bit EL2 stage 1 translations
  target-arm: Implement missing ACTLR registers
  target-arm: Implement missing AFSR registers
  target-arm: Implement missing AMAIR registers
  target-arm: Add missing MAIR_EL3 and TPIDR_EL3 registers
  MAINTAINERS: Add ZynqMP to MAINTAINERS file
  MAINTAINERS: Update Xilinx Maintainership
  xlnx-zynqmp: Connect the four OCM banks

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agotarget-arm: Implement AArch64 TLBI operations on IPAs
Peter Maydell [Tue, 25 Aug 2015 14:45:10 +0000 (15:45 +0100)] 
target-arm: Implement AArch64 TLBI operations on IPAs

Implement the AArch64 TLBI operations which take an intermediate
physical address and invalidate stage 2 translations.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1439548879-1972-7-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Implement missing EL3 TLB invalidate operations
Peter Maydell [Tue, 25 Aug 2015 14:45:10 +0000 (15:45 +0100)] 
target-arm: Implement missing EL3 TLB invalidate operations

Implement the remaining stage 1 TLB invalidate operations
visible from EL3.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1439548879-1972-6-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Implement missing EL2 TLBI operations
Peter Maydell [Tue, 25 Aug 2015 14:45:09 +0000 (15:45 +0100)] 
target-arm: Implement missing EL2 TLBI operations

Implement the missing TLBI operations that exist only
if EL2 is implemented.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1439548879-1972-5-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Restrict AArch64 TLB flushes to the MMU indexes they must touch
Peter Maydell [Tue, 25 Aug 2015 14:45:09 +0000 (15:45 +0100)] 
target-arm: Restrict AArch64 TLB flushes to the MMU indexes they must touch

Now we have the ability to flush the TLB only for specific MMU indexes,
update the AArch64 TLB maintenance instruction implementations to only
flush the parts of the TLB they need to, rather than doing full flushes.

We take the opportunity to remove some duplicate functions (the per-asid
tlb ops work like the non-per-asid ones because we don't support
flushing a TLB only by ASID) and to bring the function names in line
with the architectural TLBI operation names.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1439548879-1972-4-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Move TLBI ALLE1/ALLE1IS definitions into numeric order
Peter Maydell [Tue, 25 Aug 2015 14:45:09 +0000 (15:45 +0100)] 
target-arm: Move TLBI ALLE1/ALLE1IS definitions into numeric order

Move the two regdefs for TLBI ALLE1 and TLBI ALLE1IS down so that the
whole set of AArch64 TLBI regdefs is arranged in numeric order.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1439548879-1972-3-git-send-email-peter.maydell@linaro.org

5 years agocputlb: Add functions for flushing TLB for a single MMU index
Peter Maydell [Tue, 25 Aug 2015 14:45:09 +0000 (15:45 +0100)] 
cputlb: Add functions for flushing TLB for a single MMU index

Guest CPU TLB maintenance operations may be sufficiently
specialized to only need to flush TLB entries corresponding
to a particular MMU index. Implement cputlb functions for
this, to avoid the inefficiency of flushing TLB entries
which we don't need to.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1439548879-1972-2-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Implement AArch32 ATS1H* operations
Peter Maydell [Tue, 25 Aug 2015 14:45:08 +0000 (15:45 +0100)] 
target-arm: Implement AArch32 ATS1H* operations

Implement the AArch32 ATS1H* operations which perform
Hyp mode stage 1 translations.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1437751263-21913-6-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Enable the AArch32 ATS12NSO ops
Peter Maydell [Tue, 25 Aug 2015 14:45:08 +0000 (15:45 +0100)] 
target-arm: Enable the AArch32 ATS12NSO ops

Apply the correct conditions in the ats_access() function for
the ATS12NSO* address translation operations:
 * succeed at EL2 or EL3
 * normal UNDEF trap from NS EL1
 * trap to EL3 from S EL1 (only possible if EL3 is AArch64)

(This change means they're now available in our EL3-supporting
CPUs when they would previously always UNDEF.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1437751263-21913-5-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Add CP_ACCESS_TRAP_UNCATEGORIZED_EL2, 3
Peter Maydell [Tue, 25 Aug 2015 14:45:08 +0000 (15:45 +0100)] 
target-arm: Add CP_ACCESS_TRAP_UNCATEGORIZED_EL2, 3

Some coprocessor register access functions need to be able
to report "trap to EL3 with an 'uncategorized' syndrome";
add the necessary CPAccessResult enum and handling for it.

I don't currently know of any registers that need to trap
to EL2 with the 'uncategorized' syndrome, but adding the
_EL2 enum as well is trivial and fills in what would
otherwise be an odd gap in the handling.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1437751263-21913-4-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Wire up AArch64 EL2 and EL3 address translation ops
Peter Maydell [Tue, 25 Aug 2015 14:45:08 +0000 (15:45 +0100)] 
target-arm: Wire up AArch64 EL2 and EL3 address translation ops

Wire up the AArch64 EL2 and EL3 address translation operations
(AT S12E1*, AT S12E0*, AT S1E2*, AT S1E3*), and correct some
errors in the ats_write64() function in previously unused code
that would have done the wrong kind of lookup for accesses from
EL3 when SCR.NS==0.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1437751263-21913-3-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: there is no TTBR1 for 32-bit EL2 stage 1 translations
Peter Maydell [Tue, 25 Aug 2015 14:45:08 +0000 (15:45 +0100)] 
target-arm: there is no TTBR1 for 32-bit EL2 stage 1 translations

For EL2 stage 1 translations, there is no TTBR1. We were already
handling this for 64-bit EL2; add the code to take the 'no TTBR1'
code path for 64-bit EL2 as well.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1437751263-21913-2-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Implement missing ACTLR registers
Peter Maydell [Tue, 25 Aug 2015 14:45:07 +0000 (15:45 +0100)] 
target-arm: Implement missing ACTLR registers

We already implemented ACTLR_EL1; add the missing ACTLR_EL2 and
ACTLR_EL3, for consistency.

Since we don't currently have any CPUs that need the EL2/EL3
versions to reset to non-zero values, implement as RAZ/WI.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1438281398-18746-5-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Implement missing AFSR registers
Peter Maydell [Tue, 25 Aug 2015 14:45:07 +0000 (15:45 +0100)] 
target-arm: Implement missing AFSR registers

The AFSR registers are implementation dependent auxiliary fault
status registers. We already implemented a RAZ/WI AFSR0_EL1 and
AFSR_EL1; add the missing AFSR{0,1}_EL{2,3} for consistency.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1438281398-18746-4-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Implement missing AMAIR registers
Peter Maydell [Tue, 25 Aug 2015 14:45:07 +0000 (15:45 +0100)] 
target-arm: Implement missing AMAIR registers

The AMAIR registers are for providing auxiliary implementation
defined memory attributes. We already implemented a RAZ/WI
AMAIR_EL1; add the EL2 and EL3 versions for consistency.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1438281398-18746-3-git-send-email-peter.maydell@linaro.org

5 years agotarget-arm: Add missing MAIR_EL3 and TPIDR_EL3 registers
Peter Maydell [Tue, 25 Aug 2015 14:45:07 +0000 (15:45 +0100)] 
target-arm: Add missing MAIR_EL3 and TPIDR_EL3 registers

Add the AArch64 registers MAIR_EL3 and TPIDR_EL3, which are the only
two which we had implemented the 32-bit Secure equivalents of but
not the 64-bit Secure versions.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1438281398-18746-2-git-send-email-peter.maydell@linaro.org

5 years agoMAINTAINERS: Add ZynqMP to MAINTAINERS file
Alistair Francis [Tue, 25 Aug 2015 14:45:07 +0000 (15:45 +0100)] 
MAINTAINERS: Add ZynqMP to MAINTAINERS file

Add the Xilinx ZynqMP SoC and EP108 machine to the maintainers
file.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: fed078103a0b02cfb3adadbe8e80e4420d554505.1436486024.git.alistair.francis@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoMAINTAINERS: Update Xilinx Maintainership
Alistair Francis [Tue, 25 Aug 2015 14:45:06 +0000 (15:45 +0100)] 
MAINTAINERS: Update Xilinx Maintainership

Peter C is leaving Xilinx, so update the maintainer list
to point to Alistair and Edgar from Xilinx and Peter's
personal email address.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 54b4c070452bac05aa3a9c1d75899bc097fef831.1436486024.git.alistair.francis@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoxlnx-zynqmp: Connect the four OCM banks
Alistair Francis [Tue, 25 Aug 2015 14:45:06 +0000 (15:45 +0100)] 
xlnx-zynqmp: Connect the four OCM banks

The Xilinx EP108 has four separate OCM banks which are located
adjacent to each other. This patch adds the four banks to
the ZynqMP SoC.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: afa6ba31163a5d541a0bef4b0dc11f2597e0c495.1436813543.git.alistair.francis@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoMerge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150824' into staging
Peter Maydell [Tue, 25 Aug 2015 12:34:57 +0000 (13:34 +0100)] 
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150824' into staging

queued tcg patches

# gpg: Signature made Mon 24 Aug 2015 19:37:15 BST using RSA key ID 4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg:                 aka "Richard Henderson <rth@redhat.com>"
# gpg:                 aka "Richard Henderson <rth@twiddle.net>"

* remotes/rth/tags/pull-tcg-20150824:
  linux-user: remove useless macros GUEST_BASE and RESERVED_VA
  linux-user: remove --enable-guest-base/--disable-guest-base
  tcg/aarch64: Use softmmu fast path for unaligned accesses
  tcg/s390: Use softmmu fast path for unaligned accesses
  tcg/ppc: Improve unaligned load/store handling on 64-bit backend
  tcg/i386: use softmmu fast path for unaligned accesses
  tcg: Remove tcg_gen_trunc_i64_i32
  tcg: Split trunc_shr_i32 opcode into extr[lh]_i64_i32
  tcg: update README about size changing ops
  tcg/optimize: add optimizations for ext_i32_i64 and extu_i32_i64 ops
  tcg: implement real ext_i32_i64 and extu_i32_i64 ops
  tcg: don't abuse TCG type in tcg_gen_trunc_shr_i64_i32
  tcg: rename trunc_shr_i32 into trunc_shr_i64_i32
  tcg/optimize: allow constant to have copies
  tcg/optimize: track const/copy status separately
  tcg/optimize: add temp_is_const and temp_is_copy functions
  tcg/optimize: optimize temps tracking
  tcg/optimize: fix constant signedness

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agolinux-user: remove useless macros GUEST_BASE and RESERVED_VA
Laurent Vivier [Mon, 24 Aug 2015 12:53:54 +0000 (14:53 +0200)] 
linux-user: remove useless macros GUEST_BASE and RESERVED_VA

As we have removed CONFIG_USE_GUEST_BASE, we always use a guest base
and the macros GUEST_BASE and RESERVED_VA become useless: replace
them by their values.

Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <1440420834-8388-1-git-send-email-laurent@vivier.eu>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agolinux-user: remove --enable-guest-base/--disable-guest-base
Laurent Vivier [Sun, 23 Aug 2015 23:42:07 +0000 (01:42 +0200)] 
linux-user: remove --enable-guest-base/--disable-guest-base

All tcg host architectures now support the guest base and as
there is no real performance lost, it can be always enabled.

Anyway, guest base use can be disabled lively by setting guest
base to 0.

CONFIG_USE_GUEST_BASE is defined as (USE_GUEST_BASE && USER_ONLY),
it should have to be replaced by CONFIG_USER_ONLY in non CONFIG_USER_ONLY
parts, but as some other parts are using !CONFIG_SOFTMMU I have chosen to
use !CONFIG_SOFTMMU instead.

Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <1440373328-9788-2-git-send-email-laurent@vivier.eu>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg/aarch64: Use softmmu fast path for unaligned accesses
Richard Henderson [Mon, 17 Aug 2015 19:18:05 +0000 (12:18 -0700)] 
tcg/aarch64: Use softmmu fast path for unaligned accesses

Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg/s390: Use softmmu fast path for unaligned accesses
Richard Henderson [Thu, 23 Jul 2015 20:32:35 +0000 (13:32 -0700)] 
tcg/s390: Use softmmu fast path for unaligned accesses

Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg/ppc: Improve unaligned load/store handling on 64-bit backend
Benjamin Herrenschmidt [Tue, 21 Jul 2015 05:19:38 +0000 (15:19 +1000)] 
tcg/ppc: Improve unaligned load/store handling on 64-bit backend

Currently, we get to the slow path for any unaligned access in the
backend, because we effectively preserve the bottom address bits
below the alignment requirement when comparing with the TLB entry,
so any non-0 bit there will cause the compare to fail.

For the same number of instructions, we can instead add the access
size - 1 to the address and stick to clearing all the bottom bits.

That means that normal unaligned accesses will not fallback (the HW
will handle them fine). Only when crossing a page boundary well we
end up having a mismatch because we'll end up pointing to the next
page which cannot possibly be in that same TLB entry.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Message-Id: <1437455978.5809.2.camel@kernel.crashing.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg/i386: use softmmu fast path for unaligned accesses
Aurelien Jarno [Thu, 9 Jul 2015 18:39:57 +0000 (20:39 +0200)] 
tcg/i386: use softmmu fast path for unaligned accesses

Softmmu unaligned load/stores currently goes through through the slow
path for two reasons:
  - to support unaligned access on host with strict alignement
  - to correctly handle accesses crossing pages

x86 is only concerned by the second reason. Unaligned accesses are
avoided by compilers, but are not uncommon. We therefore would like
to see them going through the fast path, if they don't cross pages.

For that we can use the fact that two adjacent TLB entries can't contain
the same page. Therefore accessing the TLB entry corresponding to the
first byte, but comparing its content to page address of the last byte
ensures that we don't cross pages. We can do this check without adding
more instructions in the TLB code (but increasing its length by one
byte) by using the LEA instruction to combine the existing move with the
size addition.

On an x86-64 host, this gives a 3% boot time improvement for a powerpc
guest and 4% for an x86-64 guest.

[rth: Tidied calculation of the offset mask]

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Message-Id: <1436467197-2183-1-git-send-email-aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg: Remove tcg_gen_trunc_i64_i32
Richard Henderson [Fri, 24 Jul 2015 18:49:53 +0000 (11:49 -0700)] 
tcg: Remove tcg_gen_trunc_i64_i32

Replacing it with tcg_gen_extrl_i64_i32.

Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg: Split trunc_shr_i32 opcode into extr[lh]_i64_i32
Richard Henderson [Fri, 24 Jul 2015 14:16:00 +0000 (07:16 -0700)] 
tcg: Split trunc_shr_i32 opcode into extr[lh]_i64_i32

Rather than allow arbitrary shift+trunc, only concern ourselves
with low and high parts.  This is all that was being used anyway.

Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg: update README about size changing ops
Aurelien Jarno [Mon, 27 Jul 2015 10:41:45 +0000 (12:41 +0200)] 
tcg: update README about size changing ops

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg/optimize: add optimizations for ext_i32_i64 and extu_i32_i64 ops
Aurelien Jarno [Mon, 27 Jul 2015 10:41:45 +0000 (12:41 +0200)] 
tcg/optimize: add optimizations for ext_i32_i64 and extu_i32_i64 ops

They behave the same as ext32s_i64 and ext32u_i64 from the constant
folding and zero propagation point of view, except that they can't
be replaced by a mov, so we don't compute the affected value.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg: implement real ext_i32_i64 and extu_i32_i64 ops
Aurelien Jarno [Mon, 27 Jul 2015 10:41:45 +0000 (12:41 +0200)] 
tcg: implement real ext_i32_i64 and extu_i32_i64 ops

Implement real ext_i32_i64 and extu_i32_i64 ops. They ensure that a
32-bit value is always converted to a 64-bit value and not propagated
through the register allocator or the optimizer.

Cc: Andrzej Zaborowski <balrogg@gmail.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Blue Swirl <blauwirbel@gmail.com>
Cc: Stefan Weil <sw@weilnetz.de>
Acked-by: Claudio Fontana <claudio.fontana@huawei.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg: don't abuse TCG type in tcg_gen_trunc_shr_i64_i32
Aurelien Jarno [Mon, 27 Jul 2015 10:41:45 +0000 (12:41 +0200)] 
tcg: don't abuse TCG type in tcg_gen_trunc_shr_i64_i32

The tcg_gen_trunc_shr_i64_i32 function takes a 64-bit argument and
returns a 32-bit value. Directly call tcg_gen_op3 with the correct
types instead of calling tcg_gen_op3i_i32 and abusing the TCG types.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg: rename trunc_shr_i32 into trunc_shr_i64_i32
Aurelien Jarno [Mon, 27 Jul 2015 10:41:45 +0000 (12:41 +0200)] 
tcg: rename trunc_shr_i32 into trunc_shr_i64_i32

The op is sometimes named trunc_shr_i32 and sometimes trunc_shr_i64_i32,
and the name in the README doesn't match the name offered to the
frontends.

Always use the long name to make it clear it is a size changing op.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg/optimize: allow constant to have copies
Aurelien Jarno [Mon, 27 Jul 2015 10:41:44 +0000 (12:41 +0200)] 
tcg/optimize: allow constant to have copies

Now that copies and constants are tracked separately, we can allow
constant to have copies, deferring the choice to use a register or a
constant to the register allocation pass. This prevent this kind of
regular constant reloading:

-OUT: [size=338]
+OUT: [size=298]
   mov    -0x4(%r14),%ebp
   test   %ebp,%ebp
   jne    0x7ffbe9cb0ed6
   mov    $0x40002219f8,%rbp
   mov    %rbp,(%r14)
-  mov    $0x40002219f8,%rbp
   mov    $0x4000221a20,%rbx
   mov    %rbp,(%rbx)
   mov    $0x4000000000,%rbp
   mov    %rbp,(%r14)
-  mov    $0x4000000000,%rbp
   mov    $0x4000221d38,%rbx
   mov    %rbp,(%rbx)
   mov    $0x40002221a8,%rbp
   mov    %rbp,(%r14)
-  mov    $0x40002221a8,%rbp
   mov    $0x4000221d40,%rbx
   mov    %rbp,(%rbx)
   mov    $0x4000019170,%rbp
   mov    %rbp,(%r14)
-  mov    $0x4000019170,%rbp
   mov    $0x4000221d48,%rbx
   mov    %rbp,(%rbx)
   mov    $0x40000049ee,%rbp
   mov    %rbp,0x80(%r14)
   mov    %r14,%rdi
   callq  0x7ffbe99924d0
   mov    $0x4000001680,%rbp
   mov    %rbp,0x30(%r14)
   mov    0x10(%r14),%rbp
   mov    $0x4000001680,%rbp
   mov    %rbp,0x30(%r14)
   mov    0x10(%r14),%rbp
   shl    $0x20,%rbp
   mov    (%r14),%rbx
   mov    %ebx,%ebx
   mov    %rbx,(%r14)
   or     %rbx,%rbp
   mov    %rbp,0x10(%r14)
   mov    %rbp,0x90(%r14)
   mov    0x60(%r14),%rbx
   mov    %rbx,0x38(%r14)
   mov    0x28(%r14),%rbx
   mov    $0x4000220e60,%r12
   mov    %rbx,(%r12)
   mov    $0x40002219c8,%rbx
   mov    %rbp,(%rbx)
   mov    0x20(%r14),%rbp
   sub    $0x8,%rbp
   mov    $0x4000004a16,%rbx
   mov    %rbx,0x0(%rbp)
   mov    %rbp,0x20(%r14)
   mov    $0x19,%ebp
   mov    %ebp,0xa8(%r14)
   mov    $0x4000015110,%rbp
   mov    %rbp,0x80(%r14)
   xor    %eax,%eax
   jmpq   0x7ffbebcae426
   lea    -0x5f6d72a(%rip),%rax        # 0x7ffbe3d437b3
   jmpq   0x7ffbebcae426

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg/optimize: track const/copy status separately
Aurelien Jarno [Mon, 27 Jul 2015 10:41:44 +0000 (12:41 +0200)] 
tcg/optimize: track const/copy status separately

Instead of using an enum which could be either a copy or a const, track
them separately. This will be used in the next patch.

Constants are tracked through a bool. Copies are tracked by initializing
temp's next_copy and prev_copy to itself, allowing to simplify the code
a bit.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg/optimize: add temp_is_const and temp_is_copy functions
Aurelien Jarno [Mon, 27 Jul 2015 10:41:44 +0000 (12:41 +0200)] 
tcg/optimize: add temp_is_const and temp_is_copy functions

Add two accessor functions temp_is_const and temp_is_copy, to make the
code more readable and make code change easier.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg/optimize: optimize temps tracking
Aurelien Jarno [Mon, 27 Jul 2015 10:41:44 +0000 (12:41 +0200)] 
tcg/optimize: optimize temps tracking

The tcg_temp_info structure uses 24 bytes per temp. Now that we emulate
vector registers on most guests, it's not uncommon to have more than 100
used temps. This means we have initialize more than 2kB at least twice
per TB, often more when there is a few goto_tb.

Instead used a TCGTempSet bit array to track which temps are in used in
the current basic block. This means there are only around 16 bytes to
initialize.

This improves the boot time of a MIPS guest on an x86-64 host by around
7% and moves out tcg_optimize from the the top of the profiler list.

[rth: Handle TCG_CALL_DUMMY_ARG]

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotcg/optimize: fix constant signedness
Aurelien Jarno [Fri, 10 Jul 2015 16:03:31 +0000 (18:03 +0200)] 
tcg/optimize: fix constant signedness

By convention, on a 64-bit host TCG internally stores 32-bit constants
as sign-extended. This is not the case in the optimizer when a 32-bit
constant is folded.

This doesn't seem to have more consequences than suboptimal code
generation. For instance the x86 backend assumes sign-extended constants,
and in some rare cases uses a 32-bit unsigned immediate 0xffffffff
instead of a 8-bit signed immediate 0xff for the constant -1. This is
with a ppc guest:

before
------

 ---- 0x9f29cc
 movi_i32 tmp1,$0xffffffff
 movi_i32 tmp2,$0x0
 add2_i32 tmp0,CA,CA,tmp2,r6,tmp2
 add2_i32 tmp0,CA,tmp0,CA,tmp1,tmp2
 mov_i32 r10,tmp0

0x7fd8c7dfe90c:  xor    %ebp,%ebp
0x7fd8c7dfe90e:  mov    %ebp,%r11d
0x7fd8c7dfe911:  mov    0x18(%r14),%r9d
0x7fd8c7dfe915:  add    %r9d,%r10d
0x7fd8c7dfe918:  adc    %ebp,%r11d
0x7fd8c7dfe91b:  add    $0xffffffff,%r10d
0x7fd8c7dfe922:  adc    %ebp,%r11d
0x7fd8c7dfe925:  mov    %r11d,0x134(%r14)
0x7fd8c7dfe92c:  mov    %r10d,0x28(%r14)

after
-----

 ---- 0x9f29cc
 movi_i32 tmp1,$0xffffffffffffffff
 movi_i32 tmp2,$0x0
 add2_i32 tmp0,CA,CA,tmp2,r6,tmp2
 add2_i32 tmp0,CA,tmp0,CA,tmp1,tmp2
 mov_i32 r10,tmp0

0x7f37010d490c:  xor    %ebp,%ebp
0x7f37010d490e:  mov    %ebp,%r11d
0x7f37010d4911:  mov    0x18(%r14),%r9d
0x7f37010d4915:  add    %r9d,%r10d
0x7f37010d4918:  adc    %ebp,%r11d
0x7f37010d491b:  add    $0xffffffffffffffff,%r10d
0x7f37010d491f:  adc    %ebp,%r11d
0x7f37010d4922:  mov    %r11d,0x134(%r14)
0x7f37010d4929:  mov    %r10d,0x28(%r14)

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Message-Id: <1436544211-2769-2-git-send-email-aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agoconfigure: Don't permit SDL or GTK on OSX
Peter Maydell [Fri, 14 Aug 2015 15:10:52 +0000 (16:10 +0100)] 
configure: Don't permit SDL or GTK on OSX

The cocoa GUI frontend assumes it is the only GUI (it redefines
main() so it always gets control before the rest of QEMU), so
it does not play well with other UIs like SDL or GTK. (Mostly
people building QEMU on OSX don't have the necessary dependencies
available for configure to build those other front ends, so
mostly this problem goes unnoticed.)

Make configure automatically disable the SDL and GTK front ends
if the cocoa front end is enabled. (We were sort of attempting
to do this for SDL before, but not in a way that worked very well.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: John Arbuckle <programmingkidx@gmail.com>
Message-id: 1439565052-3457-1-git-send-email-peter.maydell@linaro.org

5 years agoapic_internal.h: Include cpu.h directly
Peter Maydell [Wed, 19 Aug 2015 15:20:20 +0000 (16:20 +0100)] 
apic_internal.h: Include cpu.h directly

apic_internal.h relies on cpu.h having been included (for the
X86CPU type); include it directly rather than relying on it
being pulled in via one of the other includes like timer.h.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
5 years agoqemu-common.h: Move muldiv64() to host-utils.h
Peter Maydell [Wed, 19 Aug 2015 15:20:20 +0000 (16:20 +0100)] 
qemu-common.h: Move muldiv64() to host-utils.h

Move the muldiv64() function from qemu-common.h to host-utils.h.
This puts it together with all the other arithmetic functions
where we provide a version with __int128_t and a fallback
without, and allows headers which need muldiv64() to avoid
including qemu-common.h.

We don't include host-utils from qemu-common.h, to avoid dragging
more things into qemu-common.h than it already has; in practice
everywhere that needs muldiv64() can get it via qemu/timer.h.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
5 years agoosdep.h: Add header comment
Peter Maydell [Wed, 19 Aug 2015 15:20:20 +0000 (16:20 +0100)] 
osdep.h: Add header comment

Add a header comment to osdep.h, explaining what the header is for
and some rules to avoid circular-include difficulties.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
5 years agoosdep.h: Move some OS header includes and fixups from qemu-common.h
Peter Maydell [Wed, 19 Aug 2015 15:20:19 +0000 (16:20 +0100)] 
osdep.h: Move some OS header includes and fixups from qemu-common.h

qemu-common.h has some system header includes and fixups for
things that might be missing. This is really an OS dependency
and belongs in osdep.h, so move it across.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
5 years agoqemu-common.h: Move Win32 fixups into os-win32.h
Peter Maydell [Wed, 19 Aug 2015 15:20:19 +0000 (16:20 +0100)] 
qemu-common.h: Move Win32 fixups into os-win32.h

qemu-common.h includes some fixups for things the Win32
headers don't define or define weirdly. These really
belong in os-win32.h, so move them there.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
5 years agocompiler.h: Use glue() in QEMU_BUILD_BUG_ON define
Peter Maydell [Wed, 19 Aug 2015 15:20:19 +0000 (16:20 +0100)] 
compiler.h: Use glue() in QEMU_BUILD_BUG_ON define

Rather than rolling custom concatenate-strings macros for the
QEMU_BUILD_BUG_ON macro to use, use the glue() macro we already
have (since it's now available to us in this header).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
5 years agoosdep.h: Move some compiler-specific things to compiler.h
Peter Maydell [Wed, 19 Aug 2015 15:20:19 +0000 (16:20 +0100)] 
osdep.h: Move some compiler-specific things to compiler.h

osdep.h has a few things which are really compiler specific;
move them to compiler.h, and include compiler.h from osdep.h.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
5 years agoosdep.h: Remove qemu_printf
Peter Maydell [Wed, 19 Aug 2015 15:20:19 +0000 (16:20 +0100)] 
osdep.h: Remove qemu_printf

qemu_printf is an ancient remnant which has been a simple #define to
printf for over a decade, and is used in only a few places. Expand
it out in those places and remove the #define.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
5 years agoqapi/qmp-event.c: Don't manually include os-win32.h/os-posix.h
Peter Maydell [Wed, 19 Aug 2015 15:20:19 +0000 (16:20 +0100)] 
qapi/qmp-event.c: Don't manually include os-win32.h/os-posix.h

qmp-event.c already includes qemu-common.h, so manually including
os-win32.h/os-posix.h is unnecessary (and potentially fragile,
since it's duplicating the #ifdef logic that chooses which of the
two we need). Remove the unnecessary include logic.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
5 years agoMerge remote-tracking branch 'remotes/rth/tags/pull-axp-201508018' into staging
Peter Maydell [Tue, 18 Aug 2015 23:25:52 +0000 (00:25 +0100)] 
Merge remote-tracking branch 'remotes/rth/tags/pull-axp-201508018' into staging

Alpha shadow register optimization

# gpg: Signature made Tue 18 Aug 2015 19:09:41 BST using RSA key ID 4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg:                 aka "Richard Henderson <rth@redhat.com>"
# gpg:                 aka "Richard Henderson <rth@twiddle.net>"

* remotes/rth/tags/pull-axp-201508018:
  target-alpha: Inline hw_ret
  target-alpha: Inline call_pal
  target-alpha: Use separate TCGv temporaries for the shadow registers

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agotarget-alpha: Inline hw_ret
Richard Henderson [Tue, 16 Sep 2014 19:55:12 +0000 (12:55 -0700)] 
target-alpha: Inline hw_ret

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotarget-alpha: Inline call_pal
Richard Henderson [Tue, 16 Sep 2014 19:35:59 +0000 (12:35 -0700)] 
target-alpha: Inline call_pal

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agotarget-alpha: Use separate TCGv temporaries for the shadow registers
Richard Henderson [Tue, 16 Sep 2014 19:16:38 +0000 (12:16 -0700)] 
target-alpha: Use separate TCGv temporaries for the shadow registers

This avoids having to manually swap them around when swapping to and
from PALmode.  We simply encode the shadow registers into the translation.

The VMStateDescription version changes, because the meaning of "shadow"
changes in the save file when in PALmode.  It would be possible to fix
this, but I don't think it's worth the effort.

Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Richard Henderson <rth@twiddle.net>
5 years agoMerge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
Peter Maydell [Tue, 18 Aug 2015 16:06:41 +0000 (17:06 +0100)] 
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* SCSI fixes from Stefan and Fam
* vhost-scsi fix from Igor and Lu Lina
* a build system fix from Daniel
* two more multi-arch-related patches from Peter C.
* TCG patches from myself and Sergey Fedorov
* RCU improvement from Wen Congyang
* a few more simple cleanups

# gpg: Signature made Fri 14 Aug 2015 22:41:52 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream:
  disas: Defeature print_target_address
  hw: fix mask for ColdFire UART command register
  scsi-generic: identify AIO callbacks more clearly
  scsi-disk: identify AIO callbacks more clearly
  scsi: create restart bottom half in the right AioContext
  configure: only add CONFIG_RDMA to config-host.h once
  qemu-nbd: remove unnecessary qemu_notify_event()
  vhost-scsi: Clarify vhost_virtqueue_mask argument
  exec: use macro ROUND_UP for alignment
  rcu: Allow calling rcu_(un)register_thread() during synchronize_rcu()
  exec: drop cpu_can_do_io, just read cpu->can_do_io
  cpu_defs: Simplify CPUTLB padding logic
  cpu-exec: Do not invalidate original TB in cpu_exec_nocache()
  vhost/scsi: call vhost_dev_cleanup() at unrealize() time
  virtio-scsi-test: Add test case for tail unaligned WRITE SAME
  scsi-disk: Fix assertion failure on WRITE SAME
  tests: virtio-scsi: clear unit attention after reset
  scsi-disk: fix cmd.mode field typo
  virtio-scsi: use virtqueue_map_sg() when loading requests

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agodisas: Defeature print_target_address
Peter Crosthwaite [Sun, 5 Jul 2015 20:50:32 +0000 (13:50 -0700)] 
disas: Defeature print_target_address

It does not work in multi-arch as it requires the CPU specific
TARGET_VIRT_ADDR_SPACE_BITS global define. Just use the generic
version that does no masking. Targets should be responsible for
passing in a sane virtual address.

Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-Id: <1436129432-16617-1-git-send-email-crosthwaite.peter@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agohw: fix mask for ColdFire UART command register
Paolo Bonzini [Wed, 24 Jun 2015 11:55:51 +0000 (13:55 +0200)] 
hw: fix mask for ColdFire UART command register

The "miscellaneous commands" part of the register is 3 bits wide.
Spotted by Coverity and confirmed in the datasheet, downloadable from
http://cache.freescale.com/files/32bit/doc/ref_manual/MCF5307BUM.pdf
(figure 14-6).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoscsi-generic: identify AIO callbacks more clearly
Paolo Bonzini [Sun, 19 Jul 2015 17:15:26 +0000 (19:15 +0200)] 
scsi-generic: identify AIO callbacks more clearly

Functions that are not callbacks should assert that aiocb is NULL and
have a SCSIGenericReq argument.

AIO callbacks should assert that aiocb is not NULL.  They also have an
opaque argument.

Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoscsi-disk: identify AIO callbacks more clearly
Paolo Bonzini [Sun, 19 Jul 2015 17:15:26 +0000 (19:15 +0200)] 
scsi-disk: identify AIO callbacks more clearly

Functions that are not callbacks should assert that aiocb is NULL and
have a non-opaque argument (usually a pointer to SCSIDiskReq).

AIO callbacks should assert that aiocb is not NULL and take care of
calling block_acct done.  They also have an opaque argument.

Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoscsi: create restart bottom half in the right AioContext
Paolo Bonzini [Wed, 22 Jul 2015 14:38:17 +0000 (16:38 +0200)] 
scsi: create restart bottom half in the right AioContext

This matches commit 4407c1c (virtio-blk: Schedule BH in the right context,
2014-06-17), which did the same thing for virtio-blk.

Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoconfigure: only add CONFIG_RDMA to config-host.h once
Daniel P. Berrange [Fri, 31 Jul 2015 12:23:23 +0000 (13:23 +0100)] 
configure: only add CONFIG_RDMA to config-host.h once

For unknown reasons (probably a git rebase merge mistake)

  commit 2da776db4846eadcb808598a5d3484d149773c05
  Author: Michael R. Hines <mrhines@us.ibm.com>
  Date:   Mon Jul 22 10:01:54 2013 -0400

    rdma: core logic

Adds CONFIG_RDMA to config-host.h twice, as can be seen
in the generated file:

 $ grep CONFIG_RDMA config-host.h
 #define CONFIG_RDMA 1
 #define CONFIG_RDMA 1

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1438345403-32467-1-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoqemu-nbd: remove unnecessary qemu_notify_event()
Paolo Bonzini [Mon, 27 Jul 2015 11:52:55 +0000 (13:52 +0200)] 
qemu-nbd: remove unnecessary qemu_notify_event()

This was needed when qemu-nbd was using qemu_set_fd_handler2.  It is
not needed anymore now that nbd_update_server_fd_handler is called
whenever nbd_can_accept() can change from false to true.
nbd_update_server_fd_handler will call qemu_set_fd_handler(),
which will call qemu_notify_event().

Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agovhost-scsi: Clarify vhost_virtqueue_mask argument
Lu Lina [Mon, 27 Jul 2015 06:25:59 +0000 (14:25 +0800)] 
vhost-scsi: Clarify vhost_virtqueue_mask argument

vhost_virtqueue_mask takes an "absolute" virtqueue index, while the
code looks like it's passing an index that is relative to
s->dev.vq_index.  In reality, s->dev.vq_index is always zero, so
this patch does not make any difference, but the code is clearer.

Signed-off-by: Lu Lina <lina.lulina@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Message-Id: <1437978359-17960-1-git-send-email-arei.gonglei@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoexec: use macro ROUND_UP for alignment
Chen Hanxiao [Fri, 24 Jul 2015 03:12:03 +0000 (11:12 +0800)] 
exec: use macro ROUND_UP for alignment

Use ROUND_UP instead.

Signed-off-by: Chen Hanxiao <chenhanxiao@cn.fujitsu.com>
Message-Id: <1437707523-4910-1-git-send-email-chenhanxiao@cn.fujitsu.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agorcu: Allow calling rcu_(un)register_thread() during synchronize_rcu()
Wen Congyang [Mon, 27 Jul 2015 02:24:18 +0000 (10:24 +0800)] 
rcu: Allow calling rcu_(un)register_thread() during synchronize_rcu()

If rcu_(un)register_thread() is called together with synchronize_rcu(),
it will wait for the synchronize_rcu() to finish. But when synchronize_rcu()
waits for some events, we can modify the list registry.
We also use the lock rcu_gp_lock to assume that synchronize_rcu() isn't
executed in more than one thread at the same time. Add a new mutex lock
rcu_sync_lock to assume it and rename rcu_gp_lock to rcu_registry_lock.
Release rcu_registry_lock when synchronize_rcu() waits for some events.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Message-Id: <55B59652.4090503@cn.fujitsu.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoexec: drop cpu_can_do_io, just read cpu->can_do_io
Paolo Bonzini [Wed, 24 Jun 2015 12:16:26 +0000 (14:16 +0200)] 
exec: drop cpu_can_do_io, just read cpu->can_do_io

After commit 626cf8f (icount: set can_do_io outside TB execution,
2014-12-08), can_do_io is set to 1 if not executing code.  It is
no longer necessary to make this assumption in cpu_can_do_io.

It is also possible to remove the use_icount test, simply by
never setting cpu->can_do_io to 0 unless use_icount is true.

With these changes cpu_can_do_io boils down to a read of
cpu->can_do_io.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
5 years agoMerge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging
Peter Maydell [Fri, 14 Aug 2015 17:06:44 +0000 (18:06 +0100)] 
Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging

# gpg: Signature made Fri 14 Aug 2015 16:01:19 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/net-pull-request:
  tests: test rx recovery from cont
  tests: introduce basic pci test for virtio-net
  net/vmxnet3: Fix incorrect debug message

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoMerge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging
Peter Maydell [Fri, 14 Aug 2015 15:52:34 +0000 (16:52 +0100)] 
Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging

# gpg: Signature made Fri 14 Aug 2015 14:54:27 BST using RSA key ID C0DE3057
# gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>"
# gpg:                 aka "Jeffrey Cody <jeff@codyprime.org>"
# gpg:                 aka "Jeffrey Cody <codyprime@gmail.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 9957 4B4D 3474 90E7 9D98  D624 BDBE 7B27 C0DE 3057

* remotes/cody/tags/block-pull-request:
  mirror: Fix coroutine reentrance
  block/mirror: limit qiov to IOV_MAX elements

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoMerge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging
Peter Maydell [Fri, 14 Aug 2015 14:51:24 +0000 (15:51 +0100)] 
Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

# gpg: Signature made Fri 14 Aug 2015 15:41:14 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/block-pull-request:
  throttle: add throttle_max_is_missing_limit() test
  throttle: refuse bps_max/iops_max without bps/iops

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agomirror: Fix coroutine reentrance
Kevin Wolf [Thu, 13 Aug 2015 08:41:50 +0000 (10:41 +0200)] 
mirror: Fix coroutine reentrance

This fixes a regression introduced by commit dcfb3beb ("mirror: Do zero
write on target if sectors not allocated"), which was reported to cause
aborts with the message "Co-routine re-entered recursively".

The cause for this bug is the following code in mirror_iteration_done():

    if (s->common.busy) {
        qemu_coroutine_enter(s->common.co, NULL);
    }

This has always been ugly because - unlike most places that reenter - it
doesn't have a specific yield that it pairs with, but is more
uncontrolled.  What we really mean here is "reenter the coroutine if
it's in one of the four explicit yields in mirror.c".

This used to be equivalent with s->common.busy because neither
mirror_run() nor mirror_iteration() call any function that could yield.
However since commit dcfb3beb this doesn't hold true any more:
bdrv_get_block_status_above() can yield.

So what happens is that bdrv_get_block_status_above() wants to take a
lock that is already held, so it adds itself to the queue of waiting
coroutines and yields. Instead of being woken up by the unlock function,
however, it gets woken up by mirror_iteration_done(), which is obviously
wrong.

In most cases the code actually happens to cope fairly well with such
cases, but in this specific case, the unlock must already have scheduled
the coroutine for wakeup when mirror_iteration_done() reentered it. And
then the coroutine happened to process the scheduled restarts and tried
to reenter itself recursively.

This patch fixes the problem by pairing the reenter in
mirror_iteration_done() with specific yields instead of abusing
s->common.busy.

Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 1439455310-11263-1-git-send-email-kwolf@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
5 years agoMerge branch 'block-next' into HEAD
Jeff Cody [Fri, 14 Aug 2015 13:41:30 +0000 (09:41 -0400)] 
Merge branch 'block-next' into HEAD

5 years agoMerge remote-tracking branch 'remotes/lalrae/tags/mips-20150813' into staging
Peter Maydell [Thu, 13 Aug 2015 16:47:44 +0000 (17:47 +0100)] 
Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150813' into staging

MIPS patches 2015-08-13

Changes:
* mips32r5-generic CPU updated and renamed to P5600
* improvements in LWL/LDL, logging and fulong2e

# gpg: Signature made Thu 13 Aug 2015 17:10:59 BST using RSA key ID 0B29DA6B
# gpg: Good signature from "Leon Alrae <leon.alrae@imgtec.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4  4FC0 5211 8E3C 0B29 DA6B

* remotes/lalrae/tags/mips-20150813:
  target-mips: Use CPU_LOG_INT for logging related to interrupts
  hw/pci-host/bonito: Avoid buffer overrun for bad LDMA/COP accesses
  target-mips: simplify LWL/LDL mask generation
  target-mips: update mips32r5-generic into P5600

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agotarget-mips: Use CPU_LOG_INT for logging related to interrupts
Richard Henderson [Mon, 3 Aug 2015 18:49:12 +0000 (11:49 -0700)] 
target-mips: Use CPU_LOG_INT for logging related to interrupts

There are now no unconditional uses of qemu_log in the subdirectory.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
5 years agohw/pci-host/bonito: Avoid buffer overrun for bad LDMA/COP accesses
Peter Maydell [Thu, 30 Jul 2015 15:33:42 +0000 (16:33 +0100)] 
hw/pci-host/bonito: Avoid buffer overrun for bad LDMA/COP accesses

The LDMA and COP memory regions represent four 32 bit registers
each, but the memory regions themselves are 0x100 bytes large.
Add guards to the read and write accessors so that bogus accesses
beyond the four defined registers don't just run off the end of
the bonldma and boncop structs and into whatever lies beyond.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
5 years agotarget-mips: simplify LWL/LDL mask generation
Aurelien Jarno [Wed, 15 Jul 2015 15:05:09 +0000 (17:05 +0200)] 
target-mips: simplify LWL/LDL mask generation

The LWL/LDL instructions mask the GPR with a mask depending on the
address alignement. It is currently computed by doing:

    mask = 0x7fffffffffffffffull >> (t1 ^ 63)

It's simpler to generate it by doing:

    mask = ~(-1 << t1)

It uses one TCG instruction less, and it avoids a 32/64-bit constant
loading which can take a few instructions on RISC hosts.

Cc: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
5 years agotarget-mips: update mips32r5-generic into P5600
Yongbok Kim [Fri, 10 Jul 2015 11:10:52 +0000 (12:10 +0100)] 
target-mips: update mips32r5-generic into P5600

As full specification of P5600 is available, mips32r5-generic should
be renamed to P5600 and corrected as its intention.
Correct PRid and detail of configuration.
Features which are not currently supported are described as FIXME.

Fix Config.MM bit location

Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
[leon.alrae@imgtec.com: correct cache line sizes and LLAddr shift]
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
5 years agoMerge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
Peter Maydell [Thu, 13 Aug 2015 14:07:34 +0000 (15:07 +0100)] 
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio,pc,acpi fixes, cleanups

Mostly cleanups, notably Eduardo's compat code rework,
and smbios rearrangement for use by ARM.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Thu 13 Aug 2015 12:59:16 BST using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"

* remotes/mst/tags/for_upstream: (24 commits)
  MAINTAINERS: list smbios maintainers
  smbios: move smbios code into a common folder
  smbios: remove dependency on x86 e820 tables
  smbios: extract x86 smbios building code into a function
  acpi: avoid potential uninitialized access to cpu_hp_io_base
  virtio-net: remove useless codes
  pci: allow 0 address for PCI IO/MEM regions
  pc: Remove redundant arguments from pc_memory_init()
  pc: Remove redundant arguments from pc_cmos_init()
  pc: Remove redundant arguments from *load_linux()
  pc: Use PCMachineState as pc_guest_info_init() argument
  pc: Move {above,below}_4g_mem_size variables to PCMachineState
  pc: Use PCMachineState for pc_memory_init() argument
  pc: Use PCMachineState for pc_cmos_init() argument
  pc: Eliminate pc_default_machine_options()
  pc: Eliminate pc_common_machine_options()
  pc: Move PCMachineClass, PCMachineState to qemu/typedefs.h
  pc: Rename pc_machine variables to pcms
  pc: Use error_abort when registering properties
  target-i386: Remove x86_cpu_compat_set_features()
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5 years agoMAINTAINERS: list smbios maintainers
Michael S. Tsirkin [Wed, 12 Aug 2015 09:17:36 +0000 (12:17 +0300)] 
MAINTAINERS: list smbios maintainers

Now that smbios has its own directory, list its
maintainers. Same people as ACPI so just reuse that
entry.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agosmbios: move smbios code into a common folder
Wei Huang [Wed, 12 Aug 2015 02:08:20 +0000 (22:08 -0400)] 
smbios: move smbios code into a common folder

To share smbios among different architectures, this patch moves SMBIOS
code (smbios.c and smbios.h) from x86 specific folders into new
hw/smbios directories. As a result, CONFIG_SMBIOS=y is defined in
x86 default config files.

Acked-by: Gabriel Somlo <somlo@cmu.edu>
Tested-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Leif Lindholm <leif.lindholm@linaro.org>
Signed-off-by: Wei Huang <wei@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agosmbios: remove dependency on x86 e820 tables
Wei Huang [Wed, 12 Aug 2015 02:08:19 +0000 (22:08 -0400)] 
smbios: remove dependency on x86 e820 tables

Current smbios builds type 19 table from e820, which is x86 specific.
This patch removes smbios' dependency on e820 by passing an array
of memory area to smbios_get_tables().

Acked-by: Gabriel Somlo <somlo@cmu.edu>
Tested-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Leif Lindholm <leif.lindholm@linaro.org>
Signed-off-by: Wei Huang <wei@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agosmbios: extract x86 smbios building code into a function
Wei Huang [Wed, 12 Aug 2015 02:08:18 +0000 (22:08 -0400)] 
smbios: extract x86 smbios building code into a function

This patch extracts out the procedure of buidling x86 SMBIOS tables
into a dedicated function.

Acked-by: Gabriel Somlo <somlo@cmu.edu>
Tested-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Leif Lindholm <leif.lindholm@linaro.org>
Signed-off-by: Wei Huang <wei@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agoacpi: avoid potential uninitialized access to cpu_hp_io_base
Daniel P. Berrange [Fri, 31 Jul 2015 10:14:35 +0000 (11:14 +0100)] 
acpi: avoid potential uninitialized access to cpu_hp_io_base

When building QEMU with Mingw64 toolchain I see a warning

 CC    x86_64-softmmu/hw/i386/acpi-build.o
  hw/i386/acpi-build.c: In function 'acpi_build':
  hw/i386/acpi-build.c:1138:9: warning: 'pm.cpu_hp_io_base' may be used uninitialized in this function [-Wmaybe-uninitialized]
           aml_append(crs,
           ^
  hw/i386/acpi-build.c:1666:16: note: 'pm.cpu_hp_io_base' was declared here
       AcpiPmInfo pm;
                  ^

In acpi_get_pm_info() some of the fields are pre-initialized
to 0, but this one was missed.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
5 years agovirtio-net: remove useless codes
Jason Wang [Mon, 3 Aug 2015 05:20:38 +0000 (13:20 +0800)] 
virtio-net: remove useless codes

After commit 40bad8f3deba15e2074ff34cfe923c12916b1cc5("virtio-net: fix
used len for tx"), async_tx.len was no longer used afterwards. So
remove useless codes with it.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopci: allow 0 address for PCI IO/MEM regions
Laurent Vivier [Fri, 24 Jul 2015 08:35:13 +0000 (10:35 +0200)] 
pci: allow 0 address for PCI IO/MEM regions

Some kernels program a 0 address for io regions. PCI 3.0 spec
section 6.2.5.1 doesn't seem to disallow this.

based on patch by Michael Roth <mdroth@linux.vnet.ibm.com>

Add pci_allow_0_addr in MachineClass to conditionally
allow addr 0 for pseries, as this can break other architectures.

This patch allows to hotplug PCI card in pseries machine, as the first
added card BAR0 is always set to 0 address.

This as a temporary hack, waiting to fix PCI memory priorities for more
machine types...

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopc: Remove redundant arguments from pc_memory_init()
Eduardo Habkost [Fri, 7 Aug 2015 19:55:55 +0000 (16:55 -0300)] 
pc: Remove redundant arguments from pc_memory_init()

Remove arguments that can be found in PCMachineState.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopc: Remove redundant arguments from pc_cmos_init()
Eduardo Habkost [Fri, 7 Aug 2015 19:55:54 +0000 (16:55 -0300)] 
pc: Remove redundant arguments from pc_cmos_init()

Remove arguments that can be found in PCMachineState.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopc: Remove redundant arguments from *load_linux()
Eduardo Habkost [Fri, 7 Aug 2015 19:55:53 +0000 (16:55 -0300)] 
pc: Remove redundant arguments from *load_linux()

Remove arguments that can be found in PCMachineState.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopc: Use PCMachineState as pc_guest_info_init() argument
Eduardo Habkost [Fri, 7 Aug 2015 19:55:52 +0000 (16:55 -0300)] 
pc: Use PCMachineState as pc_guest_info_init() argument

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopc: Move {above,below}_4g_mem_size variables to PCMachineState
Eduardo Habkost [Fri, 7 Aug 2015 19:55:51 +0000 (16:55 -0300)] 
pc: Move {above,below}_4g_mem_size variables to PCMachineState

This will make the info readily available for the other initialization
functions, and will allow us to simplify their argument list.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopc: Use PCMachineState for pc_memory_init() argument
Eduardo Habkost [Fri, 7 Aug 2015 19:55:50 +0000 (16:55 -0300)] 
pc: Use PCMachineState for pc_memory_init() argument

pc_memory_init() already expects a PCMachineState object, there's no
point in upcasting it to MachineState before calling the function.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopc: Use PCMachineState for pc_cmos_init() argument
Eduardo Habkost [Fri, 7 Aug 2015 19:55:49 +0000 (16:55 -0300)] 
pc: Use PCMachineState for pc_cmos_init() argument

pc_cmos_init() already expects a PCMachineState object, there's no point
in upcasting it to MachineState before calling the function.

While doing it, reorder the arguments so PCMachineState is the first
function argument.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopc: Eliminate pc_default_machine_options()
Eduardo Habkost [Fri, 7 Aug 2015 19:55:48 +0000 (16:55 -0300)] 
pc: Eliminate pc_default_machine_options()

The only PC machines that didn't call pc_default_machine_options() were
isaps and xenfv. Both were already overwriting max_cpus, and only isapc
was not overwriting hot_add_cpu.

After making isapc set hot_add_cpu to NULL, we can move the
pc_default_machine_options() code the PC common class_init.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopc: Eliminate pc_common_machine_options()
Eduardo Habkost [Fri, 7 Aug 2015 19:55:47 +0000 (16:55 -0300)] 
pc: Eliminate pc_common_machine_options()

All TYPE_PC_MACHINE subclasses call pc_common_machine_options().
TYPE_PC_MACHINE can simply initialize the common options on class_init
directly.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopc: Move PCMachineClass, PCMachineState to qemu/typedefs.h
Eduardo Habkost [Fri, 7 Aug 2015 19:55:46 +0000 (16:55 -0300)] 
pc: Move PCMachineClass, PCMachineState to qemu/typedefs.h

They will be used inside hw/xen/xen.h, which doesn't include
hw/i386/pc.h.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopc: Rename pc_machine variables to pcms
Eduardo Habkost [Fri, 7 Aug 2015 19:55:45 +0000 (16:55 -0300)] 
pc: Rename pc_machine variables to pcms

Make the code use the same variable name everywhere. "pcms" is already
being used in existing code and it's shorter.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopc: Use error_abort when registering properties
Eduardo Habkost [Fri, 7 Aug 2015 19:55:44 +0000 (16:55 -0300)] 
pc: Use error_abort when registering properties

No errors should happen when registering the properties, but we
shouldn't silently ignore them if they happen.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agotarget-i386: Remove x86_cpu_compat_set_features()
Eduardo Habkost [Fri, 7 Aug 2015 19:55:43 +0000 (16:55 -0300)] 
target-i386: Remove x86_cpu_compat_set_features()

The function is not used by PC code anymore and can be removed.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopc: Use PC_COMPAT_* for CPUID feature compatibility
Eduardo Habkost [Fri, 7 Aug 2015 19:55:42 +0000 (16:55 -0300)] 
pc: Use PC_COMPAT_* for CPUID feature compatibility

Now we can use compat_props to keep CPUID feature compatibility, using
the boolean QOM properties for CPUID feature flags.

This simplifies the compatibility code, and reduces duplication between
pc_piix.c and pc_q35.c.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agopiix: Document coreboot-specific RAM size config register
Eduardo Habkost [Fri, 7 Aug 2015 19:15:31 +0000 (16:15 -0300)] 
piix: Document coreboot-specific RAM size config register

The existing i440fx initialization code sets a PCI config register that
isn't documented anywhere in the Intel 440FX datasheet. Register 0x57 is
DRAMC (DRAM Control) and has nothing to do with the RAM size.

This was implemented in commit ec5f92ce6ac8ec09056be77e03c941be188648fa
because old coreboot code tried to read registers 0x5a-0x5f,0x56,0x57 to
get the RAM size from QEMU, but I couldn't find out why coreboot did
that. I assume it was a mistake, and the original code was supposed to
be reading the DRB[0-7] registers (offsets 0x60-0x67).

Document that coreboot-specific register offset in a macro and a
comment, for future reference.

Cc: Ed Swierk <eswierk@skyportsystems.com>
Cc: Richard Smith <smithbone@gmail.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agomake: load only required dependency files.
Victor Kaplansky [Sun, 9 Aug 2015 09:39:59 +0000 (12:39 +0300)] 
make: load only required dependency files.

The old rules.mak loads dependency .d files using include directive
with file glob pattern "*.d". This breaks the build when build tree has
left-over *.d files from another build.

This patch fixes this by
  - loading precise list of .d files made from *.o and *.mo.
  - specifying explicit list of required dependency info files for
     *.hex autogenerated sources.

Note that Makefile still includes some .d in root directory by including
"*.d".

Signed-off-by: Victor Kaplansky <victork@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
5 years agomake: fix where dependency *.d are stored.
Victor Kaplansky [Sun, 9 Aug 2015 09:39:53 +0000 (12:39 +0300)] 
make: fix where dependency *.d are stored.

In rules like "bar/%.o: %.c" there is a difference between $(*D) and
$(@D). $(*D) expands to '.', while $(@D) expands to 'bar'.  It is
cleaner to generate *.d in the same directory where appropriate *.o
resides. This allows precise including of dependency info from .d files.

As a hack, we also touch two sources for generated *.hex files.  Without
this hack, anyone doing "git pull; make" will not get *.hex rebuilt
correctly since the dependency file would be missing.

Signed-off-by: Victor Kaplansky <victork@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>