Tom Musta [Thu, 18 Dec 2014 16:34:34 +0000 (10:34 -0600)]
target-ppc: Introduce tbegin
Provide a degenerate implementation of the tbegin instruction. This
implementation always fails the transaction, recording the failure
per Book II Section 5.3.2 of the Power ISA V2.07.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Tom Musta [Thu, 18 Dec 2014 16:34:33 +0000 (10:34 -0600)]
target-ppc: Introduce TEXASRU Bit Fields
Define mnemonics for the various bit fields in the Transaction
EXception And Summary Register (TEXASR).
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Tom Musta [Thu, 18 Dec 2014 16:34:32 +0000 (10:34 -0600)]
target-ppc: Power8 Supports Transactional Memory
The Power8 processor implements the Transactional Memory Facility
as defined in Power ISA 2.07. Update the initialization code to
indicate this.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Tom Musta [Thu, 18 Dec 2014 16:34:31 +0000 (10:34 -0600)]
target-ppc: Introduce tm_enabled Bit to CPU State
Add a bit (tm_enabled) to CPU state that mirrors the MSR[TM] bit.
This is analogous to the other "available" bits in the MSR (FP,
VSX, etc.).
NOTE: Since MSR[TM] occupies big-endian bit 31, the code is wrapped
with a PPC64 bit check.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Tom Musta [Thu, 18 Dec 2014 16:34:30 +0000 (10:34 -0600)]
target-ppc: Introduce Feature Flag for Transactional Memory
Add a flag (POWERPC_FLAG_TM) for the Transactional Memory
Facility introduced in Power ISA 2.07.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Tom Musta [Thu, 18 Dec 2014 16:34:29 +0000 (10:34 -0600)]
target-ppc: Introduce Instruction Type for Transactional Memory
Add a category (PPC2_TM) for the Transactional Memory instructions
introduced in Power ISA 2.07.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Alexey Kardashevskiy [Tue, 2 Dec 2014 04:32:46 +0000 (15:32 +1100)]
pseries: Update SLOF firmware image to
20141202
The changelog is:
> version: update to
20141202
> ipv4: Fix send packet across a subnet
> pci: scan only type 0 and type 1
> usb-xhci: support xhci extended capabilities
> Fix term-io-key to also work when stdin has not been set yet
> net-snk: llfw startup is using the wrong offset to handler
> net-snk: Make call_client_interface() a bit more ABI compliant
> net-snk: Remove custom printf version
> net-snk: Sanitize our .lds file
> net-snk: Avoid type clash for stdin & stdout
> net-snk: use socket descriptor in the network stack
> net-snk: Remove printk() in favor of printf()
> net-snk: Remove redundant prototypes
> net-snk: Remove unused timer functions
> net-snk: Remove some unused PCI functions
> net-snk: Remove module system
> net-snk: Remove insmod/rmmod
> net-snk: Remove snk_kernel_interface and related definitions
> net-snk: Remove pci/vio_config gunk
> js2x: Fix build
> net-snk: Remoe some now unused "kernel" functions
> rtas: Improve error handling in instantiate-rtas
> version: update to
20140827
> Add private HCALL to inform updated RTAS base and entry
> xhci: fix port assignment
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
David Gibson [Mon, 8 Dec 2014 02:48:02 +0000 (13:48 +1100)]
PPC: Fix crash on spapr_tce_table_finalize()
spapr_tce_table_finalize() can SEGV if the object was not previously
realized. In particular this can be triggered by running
qemu-system-ppc -device spapr-tce-table,?
The basic problem is that we have mismatched initialization versus
finalization: spapr_tce_table_finalize() is attempting to undo things that
are done in spapr_tce_table_realize(), not an instance_init function.
Therefore, replace spapr_tce_table_finalize() with
spapr_tce_table_unrealize().
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Cc: qemu-stable@nongnu.org
Signed-off-by: Alexander Graf <agraf@suse.de>
Paolo Bonzini [Wed, 26 Nov 2014 14:01:01 +0000 (15:01 +0100)]
ppc: do not use get_clock_realtime()
Use the external qemu-timer API instead.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Sergey Fedorov [Thu, 11 Dec 2014 15:45:05 +0000 (18:45 +0300)]
device-tree: fix memory leak
Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Samuel Mendoza-Jonas [Mon, 17 Nov 2014 04:12:30 +0000 (15:12 +1100)]
spapr: Fix stale HTAB during live migration (TCG)
If a TCG guest reboots during a running migration HTAB entries are not
marked dirty, and the destination boots with an invalid HTAB.
When a reboot occurs, explicitly mark the current HTAB dirty after
clearing it.
Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Samuel Mendoza-Jonas [Mon, 17 Nov 2014 04:12:29 +0000 (15:12 +1100)]
spapr: Fix integer overflow during migration (TCG)
The n_valid and n_invalid fields are unsigned short integers but it is
possible to have more than 65535 entries in a contiguous hunk, overflowing
the field. This results in an incorrect HTAB being sent to the destination
during migration.
Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Samuel Mendoza-Jonas [Mon, 17 Nov 2014 04:12:28 +0000 (15:12 +1100)]
spapr: Fix stale HTAB during live migration (KVM)
If a guest reboots during a running migration, changes to the
hash page table are not necessarily updated on the destination.
Opening a new file descriptor to the HTAB forces the migration
handler to resend the entire table.
Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Cédric Le Goater [Mon, 3 Nov 2014 15:14:50 +0000 (16:14 +0100)]
target-ppc: explicitly save page table headers in big endian
Currently, when the page tables are saved, the kvm_get_htab_header structs
and the ptes are assumed being big endian and dumped as a indistinct blob
in the statefile. This is no longer true when the host is little endian
and this breaks restoration.
This patch unfolds the kvmppc_save_htab routine to write explicitly the
kvm_get_htab_header structs in big endian. The ptes are left untouched.
Signed-off-by: Cédric Le Goater <clg@fr.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Tom Musta [Wed, 12 Nov 2014 21:46:04 +0000 (15:46 -0600)]
target-ppc: Eliminate set_fprf Argument From helper_compute_fprf
The set_fprf argument to the helper_compute_fprf helper function
is no longer necessary -- the helper is only invoked when FPSCR[FPRF]
is going to be set.
Eliminate the unnecessary argument from the function signature and
its corresponding implementation. Change the return value of the
helper to "void". Update the name of the local variable "ret" to
"fprf", which now makes more sense.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Tom Musta [Wed, 12 Nov 2014 21:46:03 +0000 (15:46 -0600)]
target-ppc: Eliminate set_fprf Argument From gen_compute_fprf
The set_fprf argument to the gen_compute_fprf() utility is no longer
needed -- gen_compute_fprf() is now called only when FPRF is actually
computed and set. Eliminate the obsolete argument.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Tom Musta [Wed, 12 Nov 2014 21:46:02 +0000 (15:46 -0600)]
target-ppc: Fully Migrate to gen_set_cr1_from_fpscr
Eliminate the set_rc argument from the gen_compute_fprf utility and
the corresponding (and incorrect) implementation. Replace it with
calls to the gen_set_cr1_from_fpscr() utility.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Tom Musta [Wed, 12 Nov 2014 21:46:01 +0000 (15:46 -0600)]
target-ppc: mffs. Should Set CR1 from FPSCR Bits
Update the Move From FPSCR (mffs.) instruction to correctly
set CR[1] from FPSCR[FX,FEX,VX,OX].
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Tom Musta [Wed, 12 Nov 2014 21:46:00 +0000 (15:46 -0600)]
target-ppc: Fix Floating Point Move Instructions That Set CR1
The Floating Point Move instructions (fmr., fabs., fnabs., fneg.,
and fcpsgn.) incorrectly copy FPSCR[FPCC] instead of [FX,FEX,VX,OX].
Furthermore, the current code does this via a call to gen_compute_fprf,
which is awkward since these instructions do not actually set FPRF.
Change the code to use the gen_set_cr1_from_fpscr utility.
Signed-off-by: Tom Musta <tommusta@gmail.com>
[agraf: whitespace fixes]
Signed-off-by: Alexander Graf <agraf@suse.de>
Tom Musta [Wed, 12 Nov 2014 21:45:59 +0000 (15:45 -0600)]
target-ppc: VXSQRT Should Not Be Set for NaNs
The Power ISA square root instructions (fsqrt[s], frsqrte[s]) must
set the FPSCR[VXSQRT] flag when operating on a negative value.
However, NaNs have no sign and therefore this flag should not
be set when operating on one.
Change the order of the checks in the helper code. Move the
SNaN-to-QNaN macro to the top of the file so that it can be
re-used.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Tom Musta [Mon, 17 Nov 2014 20:58:31 +0000 (14:58 -0600)]
target-ppc: Load/Store Vector Element Storage Alignment
The Load Vector Element Indexed and Store Vector Element Indexed
instructions compute an effective address in the usual manner.
However, they truncate that address to the natural boundary.
For example, the lvewx instruction will ignore the least significant
two bits of the address and thus load the aligned word of storage.
Fix the generators for these instruction to properly perform this
truncation.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Alexander Graf [Wed, 12 Nov 2014 21:44:52 +0000 (22:44 +0100)]
PPC: e500 pci host: Add support for ATMUs
The e500 PCI controller has configurable windows that allow a guest OS
to selectively map parts of the PCI bus space to CPU address space and
to selectively map parts of the CPU address space for DMA requests into
PCI visible address ranges.
So far, we've simply assumed that this mapping is 1:1 and ignored it.
However, the PCICSRBAR (CCSR mapped in PCI bus space) always has to live
inside the first 32bits of address space. This means if we always treat
all mappings as 1:1, this map will collide with our RAM map from the CPU's
point of view.
So this patch adds proper ATMU support which allows us to keep the PCICSRBAR
below 32bits local to the PCI bus and have another, different window to PCI
BARs at the upper end of address space. We leverage this on e500plat though,
mpc8544ds stays virtually 1:1 like it was before, but now also goes via ATMU.
With this patch, I can run guests with lots of RAM and not coincidently access
MSI-X mappings while I really want to access RAM.
Signed-off-by: Alexander Graf <agraf@suse.de>
Alexander Graf [Wed, 12 Nov 2014 21:35:33 +0000 (22:35 +0100)]
PPC: mpc8554ds: Tell user about exceeding RAM limits
The mpc8544ds board only supports up to 3GB of RAM due to its limited
address space.
When the user requests more, abort and tell him that he should use less.
Signed-off-by: Alexander Graf <agraf@suse.de>
Alexander Graf [Fri, 7 Nov 2014 16:07:03 +0000 (17:07 +0100)]
PPC: e500: Move CCSR and MMIO space to upper end of address space
On e500 we're basically guaranteed to have 36bits of physical address space
available for our enjoyment. Older chips (like the mpc8544) only had 32bits,
but everything from e500v2 onwards bumped it up.
It's reasonably safe to assume that if you're using the PV machine, your guest
kernel is configured to support 36bit physical address space. So in order to
support more guest RAM, we can move CCSR and other MMIO windows right below the
end of our 36bit address space, just like later SoC versions of e500 do.
With this patch, I'm able to successfully spawn an e500 VM with -m 48G.
Signed-off-by: Alexander Graf <agraf@suse.de>
Alexander Graf [Fri, 7 Nov 2014 15:50:44 +0000 (16:50 +0100)]
PPC: e500: Move CCSR definition to params
We want to have different MMIO region offsets for the mpc8544ds machine
and our e500 PV machine, so move the definitions of those into the machine
specific params struct.
Signed-off-by: Alexander Graf <agraf@suse.de>
Peter Maydell [Tue, 23 Dec 2014 15:05:22 +0000 (15:05 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-
20141223' into staging
target-arm queue:
* enable 32-bit EL3 (TrustZone) for vexpress and virt boards
* add fw_cfg device to virt board for UEFI firmware config
* support passing commandline kernel/initrd to firmware
# gpg: Signature made Tue 23 Dec 2014 13:50:33 GMT using RSA key ID
14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-
20141223: (31 commits)
hw/arm/virt: enable passing of EFI-stubbed kernel to guest UEFI firmware
hw/arm: pass pristine kernel image to guest firmware over fw_cfg
hw/loader: split out load_image_gzipped_buffer()
arm: add fw_cfg to "virt" board
fw_cfg_mem: expose the "data_width" property with fw_cfg_init_mem_wide()
fw_cfg_mem: introduce the "data_width" property
exec: allows 8-byte accesses in subpage_ops
fw_cfg_mem: flip ctl_mem_ops and data_mem_ops to DEVICE_BIG_ENDIAN
fw_cfg_mem: max access size and region size are the same for data register
fw_cfg: move boards to fw_cfg_init_io() / fw_cfg_init_mem()
fw_cfg: hard separation between the MMIO and I/O port mappings
target-arm: add cpu feature EL3 to CPUs with Security Extensions
target-arm: Disable EL3 on unsupported machines
target-arm: Breakout integratorcp and versatilepb cpu init
target-arm: Set CPU has_el3 prop during virt init
target-arm: Enable CPU has_el3 prop during VE init
target-arm: Add arm_boot_info secure_boot control
target-arm: Add ARMCPU secure property
target-arm: Add feature unset function
target-arm: Add virt machine secure property
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 23 Dec 2014 14:01:13 +0000 (14:01 +0000)]
Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-
20141222.0' into staging
VFIO updates:
- Conversion to tracepoints (Eric Auger)
- Fix memory listener address space (Frank Blaschka)
- Move to hw/vfio/ and split common vs pci (Eric Auger & Kim Phillips)
- Trivial error_report() fixes (Alex Williamson)
In addition to enabling S390 with the address space fix and updating
to use tracepoints rather than compile time debug, this set of patches
moves hw/misc/vfio.c to hw/vfio/ and paves the way for vfio-platform
support by splitting common functionality from PCI specific code.
# gpg: Signature made Mon 22 Dec 2014 20:19:43 GMT using RSA key ID
3BB08B22
# gpg: Good signature from "Alex Williamson <alex.williamson@redhat.com>"
# gpg: aka "Alex Williamson <alex@shazbot.org>"
# gpg: aka "Alex Williamson <alwillia@redhat.com>"
# gpg: aka "Alex Williamson <alex.l.williamson@gmail.com>"
* remotes/awilliam/tags/vfio-update-
20141222.0:
vfio: Cleanup error_report()s
hw/vfio: create common module
hw/vfio/pci: use name field in format strings
hw/vfio/pci: rename group_list into vfio_group_list
hw/vfio/pci: split vfio_get_device
hw/vfio/pci: Introduce VFIORegion
hw/vfio/pci: handle reset at VFIODevice
hw/vfio/pci: add type, name and group fields in VFIODevice
hw/vfio/pci: introduce minimalist VFIODevice with fd
hw/vfio/pci: generalize mask/unmask to any IRQ index
hw/vfio/pci: Rename VFIODevice into VFIOPCIDevice
vfio: move hw/misc/vfio.c to hw/vfio/pci.c Move vfio.h into include/hw/vfio
vfio: fix adding memory listener to the right address space
vfio: migration to trace points
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Laszlo Ersek [Mon, 22 Dec 2014 12:11:45 +0000 (13:11 +0100)]
hw/arm/virt: enable passing of EFI-stubbed kernel to guest UEFI firmware
The virt board already ensures mutual exclusion between -bios and -pflash
unit#0; we only need to set "bootinfo.firmware_loaded", introduced in the
previous patch, if either of those options was used to load the guest
firmware.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
1419250305-31062-12-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Laszlo Ersek [Mon, 22 Dec 2014 12:11:44 +0000 (13:11 +0100)]
hw/arm: pass pristine kernel image to guest firmware over fw_cfg
Introduce the new boolean field "arm_boot_info.firmware_loaded". When this
field is set, it means that the portion of guest DRAM that the VCPU
normally starts to execute, or the pflash chip that the VCPU normally
starts to execute, has been populated by board-specific code with
full-fledged guest firmware code, before the board calls
arm_load_kernel().
Simultaneously, "arm_boot_info.firmware_loaded" guarantees that the board
code has set up the global firmware config instance, for arm_load_kernel()
to find with fw_cfg_find().
Guest kernel (-kernel) and guest firmware (-bios, -pflash) has always been
possible to specify independently on the command line. The following cases
should be considered:
nr -bios -pflash -kernel description
unit#0
-- ------- ------- ------- -------------------------------------------
1 present present absent Board code rejects this case, -bios and
present present present -pflash unit#0 are exclusive. Left intact
by this patch.
2 absent absent present Traditional kernel loading, with qemu's
minimal board firmware. Left intact by this
patch.
3 absent present absent Preexistent case for booting guest firmware
present absent absent loaded with -bios or -pflash. Left intact
by this patch.
4 absent absent absent Preexistent case for not loading any
firmware or kernel up-front. Left intact by
this patch.
5 present absent present New case introduced by this patch: kernel
absent present present image is passed to externally loaded
firmware in unmodified form, using fw_cfg.
An easy way to see that this patch doesn't interfere with existing cases
is to realize that "info->firmware_loaded" is constant zero at this point.
Which makes the "outer" condition unchanged, and the "inner" condition
(with the fw_cfg-related code) dead.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
1419250305-31062-11-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Laszlo Ersek [Mon, 22 Dec 2014 12:11:43 +0000 (13:11 +0100)]
hw/loader: split out load_image_gzipped_buffer()
In the next patch we'd like to reuse the image decompression facility
without installing the output as a ROM at a specific guest-phys address.
In addition, expose LOAD_IMAGE_MAX_GUNZIP_BYTES, because that's a
straightforward "max_sz" argument for the new load_image_gzipped_buffer().
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
1419250305-31062-10-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Laszlo Ersek [Mon, 22 Dec 2014 12:11:42 +0000 (13:11 +0100)]
arm: add fw_cfg to "virt" board
fw_cfg already supports exposure over MMIO (used in ppc/mac_newworld.c,
ppc/mac_oldworld.c, sparc/sun4m.c); we can easily add it to the "virt"
board.
Because MMIO access is slow on ARM KVM, we enable the guest, with
fw_cfg_init_mem_wide(), to transfer up to 8 bytes with a single access.
This has been measured to speed up transfers up to 7.5-fold, relative to
single byte data access, on both ARM KVM and x86_64 TCG.
The MMIO register block of fw_cfg is advertized in the device tree. As
base address we pick 0x09020000, which conforms to the comment preceding
"a15memmap": it falls in the miscellaneous device I/O range 128MB..256MB,
and it is aligned at 64KB. The DTB properties follow the documentation in
the Linux source file "Documentation/devicetree/bindings/arm/fw-cfg.txt".
fw_cfg automatically exports a number of files to the guest; for example,
"bootorder" (see fw_cfg_machine_reset()).
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
1419250305-31062-9-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Laszlo Ersek [Mon, 22 Dec 2014 12:11:41 +0000 (13:11 +0100)]
fw_cfg_mem: expose the "data_width" property with fw_cfg_init_mem_wide()
We rebase fw_cfg_init_mem() to the new function for compatibility with
current callers.
The behavior of the (big endian) multi-byte data reads is best shown
with a qtest session. Here, we are reading the first six bytes of
the UUID
$ arm-softmmu/qemu-system-arm -M virt -machine accel=qtest \
-qtest stdio -uuid
4600cb32-38ec-4b2f-8acb-
81c6ea54f2d8
>>> writew 0x9020008 0x0200
<<< OK
>>> readl 0x9020000
<<< OK 0x000000004600cb32
Remember this is big endian. On big endian machines, it is stored
directly as 0x46 0x00 0xcb 0x32.
On a little endian machine, we have to first swap it, so that it becomes
0x32cb0046. When written to memory, it becomes 0x46 0x00 0xcb 0x32
again.
Reading byte-by-byte works too, of course:
>>> readb 0x9020000
<<< OK 0x0000000000000038
>>> readb 0x9020000
<<< OK 0x00000000000000ec
Here only a single byte is read at a time, so they are read in order
similar to the 1-byte data port that is already in PPC and SPARC
machines.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
1419250305-31062-8-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Laszlo Ersek [Mon, 22 Dec 2014 12:11:40 +0000 (13:11 +0100)]
fw_cfg_mem: introduce the "data_width" property
The "data_width" property is capable of changing the maximum valid access
size to the MMIO data register, and resizes the memory region similarly,
at device realization time.
The default value of "data_memwidth" is set so that we don't yet diverge
from "fw_cfg_data_mem_ops".
Most of the fw_cfg_mem users will stick with the default, and for them we
should continue using the statically allocated "fw_cfg_data_mem_ops". This
is beneficial for debugging because gdb can resolve pointers referencing
static objects to the names of those objects.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
1419250305-31062-7-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Paolo Bonzini [Mon, 22 Dec 2014 12:11:39 +0000 (13:11 +0100)]
exec: allows 8-byte accesses in subpage_ops
Otherwise fw_cfg accesses are split into 4-byte ones before they reach the
fw_cfg ops / handlers.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
1419250305-31062-6-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Laszlo Ersek [Mon, 22 Dec 2014 12:11:38 +0000 (13:11 +0100)]
fw_cfg_mem: flip ctl_mem_ops and data_mem_ops to DEVICE_BIG_ENDIAN
The standalone selector port (fw_cfg_ctl_mem_ops) is only used by big
endian guests to date (*), hence this change doesn't regress them. Paolo
and Alex have suggested / requested an explicit DEVICE_BIG_ENDIAN setting
here, for clarity.
(*) git grep -l fw_cfg_init_mem
hw/nvram/fw_cfg.c
hw/ppc/mac_newworld.c
hw/ppc/mac_oldworld.c
hw/sparc/sun4m.c
include/hw/nvram/fw_cfg.h
The standalone data port (fw_cfg_data_mem_ops) has max_access_size 1 (for
now), hence changing its endianness doesn't change behavior for existing
guest code.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
1419250305-31062-5-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Laszlo Ersek [Mon, 22 Dec 2014 12:11:37 +0000 (13:11 +0100)]
fw_cfg_mem: max access size and region size are the same for data register
Make it clear that the maximum access size to the MMIO data register
determines the full size of the memory region.
Currently the max access size is 1.
This patch doesn't change behavior.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
1419250305-31062-4-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Laszlo Ersek [Mon, 22 Dec 2014 12:11:36 +0000 (13:11 +0100)]
fw_cfg: move boards to fw_cfg_init_io() / fw_cfg_init_mem()
This allows us to drop the fw_cfg_init() shim and to enforce the possible
mappings at compile time.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
1419250305-31062-3-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Laszlo Ersek [Mon, 22 Dec 2014 12:11:35 +0000 (13:11 +0100)]
fw_cfg: hard separation between the MMIO and I/O port mappings
We are going to introduce a wide data register for fw_cfg, but only for
the MMIO mapped device. The wide data register will also require the
tightening of endiannesses.
However we don't want to touch the I/O port mapped fw_cfg device at all.
Currently QEMU provides a single fw_cfg device type that can handle both
I/O port and MMIO mapping. This flexibility is not actually exploited by
any board in the tree, but it renders restricting the above changes to
MMIO very hard.
Therefore, let's derive two classes from TYPE_FW_CFG: TYPE_FW_CFG_IO and
TYPE_FW_CFG_MEM.
TYPE_FW_CFG_IO incorporates the base I/O port and the related combined
MemoryRegion. (NB: all boards in the tree that use the I/O port mapped
flavor opt for the combined mapping; that is, when the data port overlays
the high address byte of the selector port. Therefore we can drop the
capability to map those I/O ports separately.)
TYPE_FW_CFG_MEM incorporates the base addresses for the MMIO selector and
data registers, and their respective MemoryRegions.
The "realize" and "props" class members are specific to each new derived
class, and become unused for the base class. The base class retains the
"reset" member and the "vmsd" member, because the reset functionality and
the set of migrated data are not specific to the mapping.
The new functions fw_cfg_init_io() and fw_cfg_init_mem() expose the
possible mappings in separation. For now fw_cfg_init() is retained as a
compatibility shim that enforces the above assumptions.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
1419250305-31062-2-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fabian Aggeler [Mon, 15 Dec 2014 23:09:52 +0000 (17:09 -0600)]
target-arm: add cpu feature EL3 to CPUs with Security Extensions
Set ARM_FEATURE_EL3 feature for CPUs that implement Security Extensions.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418684992-8996-16-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:51 +0000 (17:09 -0600)]
target-arm: Disable EL3 on unsupported machines
Disables the CPU ARM_FEATURE_EL3 featuere on machine models that can be
configured to use Cortex-A9, Cortex-A15, and ARM1176 but don't officially
support EL3. This preserves backwards compatibility.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418684992-8996-15-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:50 +0000 (17:09 -0600)]
target-arm: Breakout integratorcp and versatilepb cpu init
This commit changes the integratorcp and versatilepb CPU initialization from
using the generic ARM cpu_arm_init function to doing it inline. This is
necessary in order to allow CPU configuration changes to occur between CPU
instance initialization and realization. Specifically, this change is in
preparation for disabling CPU EL3 support.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418684992-8996-14-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:49 +0000 (17:09 -0600)]
target-arm: Set CPU has_el3 prop during virt init
Adds setting of the CPU has_el3 property based on the virt machine
secure state property during initialization. This enables/disables EL3
state during start-up. Changes include adding an additional secure state
boolean during virt CPU initialization. Also disables the ARM secure boot
by default.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Message-id:
1418684992-8996-13-git-send-email-greg.bellows@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:48 +0000 (17:09 -0600)]
target-arm: Enable CPU has_el3 prop during VE init
Adds setting of the CPU has_el3 property based on the vexpress machine
secure state property during initialization. This enables/disables EL3
state during start-up. Changes include adding an additional secure state
boolean during vexpress CPU initialization. Also enables the ARM secure boot
by default.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Message-id:
1418684992-8996-12-git-send-email-greg.bellows@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:47 +0000 (17:09 -0600)]
target-arm: Add arm_boot_info secure_boot control
Adds the secure_boot boolean field to the arm_boot_info descriptor. This
fields is used to indicate whether Linux should boot into secure or non-secure
state if the ARM EL3 feature is enabled. The default is to leave the CPU in an
unaltered reset state. On EL3 enabled systems, the reset state is secure and
can be overridden by setting the added field to false.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418684992-8996-11-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:46 +0000 (17:09 -0600)]
target-arm: Add ARMCPU secure property
Added a "has_el3" state property to the ARMCPU descriptor. This property
indicates whether the ARMCPU has security extensions enabled (EL3) or not.
By default it is disabled at this time.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418684992-8996-10-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:45 +0000 (17:09 -0600)]
target-arm: Add feature unset function
Add an unset_feature() function to compliment the set_feature() function. This
will be used to disable functions after they have been enabled during
initialization.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418684992-8996-9-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:44 +0000 (17:09 -0600)]
target-arm: Add virt machine secure property
Add "secure" virt machine specific property to allow override of the
default secure state configuration. By default, when using the QEMU
-kernel command line argument, virt machines boot into NS/SVC. When using
the QEMU -bios command line argument, virt machines boot into S/SVC.
The secure state can be changed from the default specifying the secure
state as a machine property. For example, the below command line would disable
security extensions on a -kernel Linux boot:
aarch64-softmmu/qemu-system-aarch64
-machine type=virt,secure=off
-kernel ...
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418684992-8996-8-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:43 +0000 (17:09 -0600)]
target-arm: Add virt class and machine types
Switch virt qemu machine support to use the newer object type, class, and
instance model. Added virt TypeInfo with static registration along with virt
specific class and machine structs. Also added virt class initialization
method.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418684992-8996-7-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:42 +0000 (17:09 -0600)]
target-arm: Change vexpress daughterboard init arg
Change the Vexpress daughterboard initialization method to take a vexpress
machine state pointer instead of the daughterboard struct pointer. The machine
state now contains the daughterboard pointer.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418684992-8996-6-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:41 +0000 (17:09 -0600)]
target-arm: Add vexpress machine secure property
Add "secure" Vexpress machine specific property to allow override of the
default secure state configuration. By default, when using the QEMU
-kernel command line argument, Vexpress machines boot into NS/SVC. When using
the QEMU -bios command line argument, Vexpress machines boot into S/SVC.
The secure state can be changed from the default specifying the secure
state as a machine property. For example, the below command line would disable
security extensions on a -kernel Linux boot:
aarch64-softmmu/qemu-system-aarch64
-machine type=vexpress-a15,secure=off
-kernel ...
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418684992-8996-5-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:40 +0000 (17:09 -0600)]
target-arm: Switch to common vexpress machine init
Switched the Vexpress machine initialization to use the common function with
the machine pointer to board info.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418684992-8996-4-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:39 +0000 (17:09 -0600)]
target-arm: Add vexpress a9 & a15 machine objects
Add Vexpress machine objects for the the Cortex A9 & A15 variants. The older
style QEMUMachine types were replaced with dedicated TypeInfo objects. The new
objects include dedicated class init functions that currently ustilze dedicated
machine init methods. The previous qemu_register_machine calls were replaced
with the newer type_register_status calls.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418684992-8996-3-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Mon, 15 Dec 2014 23:09:38 +0000 (17:09 -0600)]
target-arm: Add vexpress class and machine types
Adds base Vexpress class and machine objects and infrastructure. This is in
preparation for switching to the full QEMU object model. The base vexpress
infrastructure is intended to handle common vexpress details.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418684992-8996-2-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Marcel Apfelbaum [Tue, 16 Dec 2014 16:58:06 +0000 (16:58 +0000)]
vl.c: add HMP help to machine
The help is based on the actual machine properties
exposing only the relevant options.
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Greg Bellows <greg.bellows@linaro.org>
Message-id:
1418217570-15517-4-git-send-email-marcel.a@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Marcel Apfelbaum [Tue, 16 Dec 2014 16:58:05 +0000 (16:58 +0000)]
vl.c: simplified machine_set_property
Refactored the code to re-use object_property_parse.
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Greg Bellows <greg.bellows@linaro.org>
Message-id:
1418217570-15517-3-git-send-email-marcel.a@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Marcel Apfelbaum [Tue, 16 Dec 2014 16:58:05 +0000 (16:58 +0000)]
machine: remove qemu_machine_opts global list
QEMU has support for options per machine, keeping
a global list of options is no longer necessary.
Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Greg Bellows <greg.bellows@linaro.org>
Message-id:
1418217570-15517-2-git-send-email-marcel.a@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Greg Bellows [Tue, 16 Dec 2014 16:58:05 +0000 (16:58 +0000)]
target-arm: Merge EL3 CP15 register lists
Merge of the v8_el2_cp_reginfo and el3_cp_reginfo ARMCPRegInfo lists.
Previously, some EL3 registers were restricted to the ARMv8 list under the
impression that they were not needed on ARMv7. However, this is not the case
as the ARMv7/32-bit variants rely on the ARMv8/64-bit variants to handle
migration and reset. For this reason they must always exist.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Message-id:
1418406450-14961-1-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 16 Dec 2014 16:58:05 +0000 (16:58 +0000)]
audio: Don't free hw resources until after hw backend is stopped
When stopping an audio voice, call the audio backend's fini
method before calling audio_pcm_hw_free_resources_ rather than
afterwards. This allows backends which use helper threads (like
pulseaudio) to terminate those threads before the conv_buf or
mix_buf are freed and avoids race conditions where the helper
may access a NULL pointer or freed memory.
Cc: qemu-stable@nongnu.org
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1418406239-9838-1-git-send-email-peter.maydell@linaro.org
Alex Williamson [Mon, 22 Dec 2014 17:37:27 +0000 (10:37 -0700)]
vfio: Cleanup error_report()s
With the conversion to tracepoints, a couple previous DPRINTKs are
now quite a bit more visible and are really just informational.
Remove these and add a bit more description to another.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Eric Auger [Mon, 22 Dec 2014 16:54:51 +0000 (09:54 -0700)]
hw/vfio: create common module
A new common module is created. It implements all functions
that have no device specificity (PCI, Platform).
This patch only consists in move (no functional changes)
Signed-off-by: Kim Phillips <kim.phillips@linaro.org>
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Eric Auger [Mon, 22 Dec 2014 16:54:49 +0000 (09:54 -0700)]
hw/vfio/pci: use name field in format strings
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Eric Auger [Mon, 22 Dec 2014 16:54:46 +0000 (09:54 -0700)]
hw/vfio/pci: rename group_list into vfio_group_list
better fit in the rest of the namespace
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Eric Auger [Mon, 22 Dec 2014 16:54:38 +0000 (09:54 -0700)]
hw/vfio/pci: split vfio_get_device
vfio_get_device now takes a VFIODevice as argument. The function is split
into 2 parts: vfio_get_device which is generic and vfio_populate_device
which is bus specific.
3 new fields are introduced in VFIODevice to store dev_info.
vfio_put_base_device is created.
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Eric Auger [Mon, 22 Dec 2014 16:54:37 +0000 (09:54 -0700)]
hw/vfio/pci: Introduce VFIORegion
This structure is going to be shared by VFIOPCIDevice and
VFIOPlatformDevice. VFIOBAR includes it.
vfio_eoi becomes an ops of VFIODevice specialized by parent device.
This makes possible to transform vfio_bar_write/read into generic
vfio_region_write/read that will be used by VFIOPlatformDevice too.
vfio_mmap_bar becomes vfio_map_region
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Eric Auger [Mon, 22 Dec 2014 16:54:35 +0000 (09:54 -0700)]
hw/vfio/pci: handle reset at VFIODevice
Since we can potentially have both PCI and platform devices in
the same VFIO group, this latter now owns a list of VFIODevices.
A unified reset handler, vfio_reset_handler, is registered, looping
through this VFIODevice list. 2 specialized operations are introduced
(vfio_compute_needs_reset and vfio_hot_reset_multi): they allow to
implement type specific behavior. also reset_works and needs_reset
VFIOPCIDevice fields are moved into VFIODevice.
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Eric Auger [Mon, 22 Dec 2014 16:54:31 +0000 (09:54 -0700)]
hw/vfio/pci: add type, name and group fields in VFIODevice
Add 3 new fields in the VFIODevice struct. Type is set to
VFIO_DEVICE_TYPE_PCI. The type enum value will later be used
to discriminate between VFIO PCI and platform devices. The name is
set to domain:bus:slot:function. Currently used to test whether
the device already is attached to the group. Later on, the name
will be used to simplify all traces. The group is simply moved
from VFIOPCIDevice to VFIODevice.
Signed-off-by: Eric Auger <eric.auger@linaro.org>
[Fix g_strdup_printf() usage]
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Peter Maydell [Mon, 22 Dec 2014 14:52:52 +0000 (14:52 +0000)]
Merge remote-tracking branch 'remotes/gonglei/tags/bootdevice-next-
20141222' into staging
bootdevice: Refactor and improvement
# gpg: Signature made Mon 22 Dec 2014 06:44:08 GMT using RSA key ID
DDE30FBB
# gpg: Can't check signature: public key not found
* remotes/gonglei/tags/bootdevice-next-
20141222:
bootdevice: add Error **errp argument for QEMUBootSetHandler
bootdevice: add validate check for qemu_boot_set()
bootdevice: add Error **errp argument for qemu_boot_set()
bootdevice: add Error **errp argument for validate_bootdevices()
bootdevice: move code about bootorder from vl.c to bootdevice.c
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 22 Dec 2014 13:15:52 +0000 (13:15 +0000)]
Merge remote-tracking branch 'remotes/bkoppelmann/tags/pull-tricore-
20141221' into staging
TriCore RR, RR1 insn added and several bug fixes
# gpg: Signature made Sun 21 Dec 2014 18:39:11 GMT using RSA key ID
6B69CA14
# gpg: Good signature from "Bastian Koppelmann <kbastian@mail.uni-paderborn.de>"
* remotes/bkoppelmann/tags/pull-tricore-
20141221:
target-tricore: Add instructions of RR1 opcode format, that have 0xb3 as first opcode
target-tricore: Fix MFCR/MTCR insn and B format offset.
target-tricore: Add missing 1.6 insn of BOL opcode format
target-tricore: Add instructions of RR opcode format, that have 0x4b as the first opcode
target-tricore: Add instructions of RR opcode format, that have 0x1 as the first opcode
target-tricore: Add instructions of RR opcode format, that have 0xf as the first opcode
target-tricore: Add instructions of RR opcode format, that have 0xb as the first opcode
target-tricore: Change SSOV/SUOV makro name to SSOV32/SUOV32
target-tricore: Fix mask handling JNZ.T being 7 bit long
target-tricore: pretty-print register dump and show more status registers
target-tricore: add missing 64-bit MOV in RLC format
target-tricore: typo in BOL format
target-tricore: fix offset masking in BOL format
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Gonglei [Wed, 3 Dec 2014 19:04:02 +0000 (19:04 +0000)]
bootdevice: add Error **errp argument for QEMUBootSetHandler
It will be useful for checking when we change traditional
boot order dynamically and propagate error message
to the monitor.
For x86 architecture, we pass &local_err to set_boot_dev()
when vm startup in pc_coms_init().
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Blue Swirl <blauwirbel@gmail.com>
Cc: qemu-ppc@nongnu.org
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Gonglei [Wed, 3 Dec 2014 18:25:46 +0000 (18:25 +0000)]
bootdevice: add validate check for qemu_boot_set()
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Gonglei [Wed, 3 Dec 2014 18:20:58 +0000 (18:20 +0000)]
bootdevice: add Error **errp argument for qemu_boot_set()
It will be useful for checking when we change traditional
boot order dynamically and propagate error message
to the monitor.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Gonglei [Wed, 3 Dec 2014 17:11:39 +0000 (17:11 +0000)]
bootdevice: add Error **errp argument for validate_bootdevices()
It will be useful for checking when we change traditional
boot order dynamically and propagate error message
to the monitor.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Gonglei [Wed, 3 Dec 2014 16:49:46 +0000 (16:49 +0000)]
bootdevice: move code about bootorder from vl.c to bootdevice.c
First, we can downsize vl.c, make it simpler by
little and little. Second, I can maintain those code
and make some improvement.
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Peter Maydell [Sun, 21 Dec 2014 23:17:00 +0000 (23:17 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-sdl-
20141219-1' into staging
sdl2: fixes, cleanups and opengl preparation.
# gpg: Signature made Fri 19 Dec 2014 09:06:07 GMT using RSA key ID
D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-sdl-
20141219-1:
sdl2: Work around SDL2 SDL_ShowWindow() bug
sdl2: Use correct sdl2_console for window events
sdl2: move sdl2_2d_refresh to sdl2-2d.c
sdl2: factor out sdl2_poll_events
sdl2: add+use sdl2_2d_redraw function.
sdl2: move sdl_switch to sdl2-2d.c
sdl2: overhaul window size handling
sdl2: move sdl_update to new sdl2-2d.c
sdl2: turn on keyboard grabs
sdl2: move keyboard input code to new sdl2-input.c
sdl2: rename sdl2_state to sdl2_console, move to header file
sdl: move version logic from source code to makefile
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Bastian Koppelmann [Fri, 12 Dec 2014 16:55:34 +0000 (16:55 +0000)]
target-tricore: Add instructions of RR1 opcode format, that have 0xb3 as first opcode
Add instructions of RR1 opcode format, that have 0xb3 as first opcode.
Add helper functions mulh, mulmh and mulrh, that compute multiplication,
with multiprecision (mulmh) or rounding (mulrh) of 4 halfwords, being either low or high parts
of two 32 bit regs.
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Bastian Koppelmann [Wed, 3 Dec 2014 17:40:21 +0000 (17:40 +0000)]
target-tricore: Fix MFCR/MTCR insn and B format offset.
Fix gen_mtcr using wrong register.
Fix gen_mtcr/mfcr using sign extended offsets.
Fix B format insn using not sign extendend offsets.
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Bastian Koppelmann [Fri, 5 Dec 2014 14:37:17 +0000 (14:37 +0000)]
target-tricore: Add missing 1.6 insn of BOL opcode format
Some of the 1.6 ISA instructions were still missing. So let's add them.
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Bastian Koppelmann [Tue, 2 Dec 2014 17:22:27 +0000 (17:22 +0000)]
target-tricore: Add instructions of RR opcode format, that have 0x4b as the first opcode
Add instructions of RR opcode format, that have 0x4b as the first opcode.
Add helper functions:
* parity: Calculates the parity bits for every byte of a 32 int.
* bmerge/bsplit: Merges two regs into one bitwise/Splits one reg into two bitwise.
* unpack: unpack a IEEE 754 single precision floating point number as exponent and mantissa.
* dvinit_b_13/131: (ISA v1.3/v1.31)Prepare operands for a divide operation,
where the quotient result is guaranteed to fit into 8 bit.
* dvinit_h_13/131: (ISA v1.3/v1.31)Prepare operands for a divide operation,
where the quotient result is guaranteed to fit into 16 bit.
OPCM_32_RR_FLOAT -> OPCM_32_RR_DIVIDE.
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Bastian Koppelmann [Tue, 2 Dec 2014 17:15:09 +0000 (17:15 +0000)]
target-tricore: Add instructions of RR opcode format, that have 0x1 as the first opcode
Add instructions of RR opcode format, that have 0x1 as the first opcode.
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Bastian Koppelmann [Fri, 28 Nov 2014 17:07:26 +0000 (17:07 +0000)]
target-tricore: Add instructions of RR opcode format, that have 0xf as the first opcode
Add instructions of RR opcode format, that have 0xf as the first opcode.
Add helper functions:
* clo/z/s: Counts leading ones/zeros/signs.
* clo/z/s_h: Count leading ones/zeros/signs in two haflwords.
* sh/_h: Shifts one/two word/hwords.
* sha/_h: Shifts one/two word/hwords arithmeticly.
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Bastian Koppelmann [Thu, 27 Nov 2014 14:30:33 +0000 (14:30 +0000)]
target-tricore: Add instructions of RR opcode format, that have 0xb as the first opcode
Add instructions of RR opcode format, that have 0xb as the first opcode.
Add helper functions, for hword and byte arithmetics:
* add_h_ssov/suov: Add two halfword and saturate on overflow.
* sub_h_ssov/suov: Sub two halfword and saturate on overflow.
* absdif_h_ssov: Compute absolute difference for halfwords and saturate on overflow.
* abs_h_ssov/suov: Compute absolute value for two halfwords and saturate on overflow.
* abs_b/h: Compute absolute value for four/two bytes/halfwords
* absdif_b/h: Compute absolute difference for four/two bytes/halfwords
* add_b/h: Add four/two bytes/halfwords.
* sub_b/h: Sub four/two bytes/halfwords.
* eq_b/h: Compare four/two bytes/halfwords with four/two bytes/halfwords on
equality and set all bits of to either one ore zero.
* eqany_b/h: Compare four/two bytes/halfwords with four/two bytes/halfwords on equality.
* lt_b/bu/h/hu: Compare four/two bytes/halfwords with four/two bytes/halfwords
on less than signed and unsigned.
* max_b/bu/h/hu: Calculate max for four/two bytes/halfwords signed and unsigned.
* min_b/bu/h/hu: Calculate min for four/two bytes/halfwords signed and unsigned.
Add helper function abs_ssov, that computes the absolute value for a 32 bit integer and saturates on overflow.
Add microcode generator functions:
* gen_sub_CC: Caluclates sub and sets the carry bit.
* gen_subc_CC: Caluclates sub and carry and sets the carry bit
* gen_abs: Compute absolute value for a 32 bit integer.
* gen_cond_w: Compares two 32 bit values on cond and sets result either zero or all bits one.
OPC2_32_RR_MIN switched with OPC2_32_RR_MIN_U.
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Bastian Koppelmann [Thu, 27 Nov 2014 13:45:09 +0000 (13:45 +0000)]
target-tricore: Change SSOV/SUOV makro name to SSOV32/SUOV32
Those makros are exclusively used for 32 bit arithmetics and won't work for
16 bit with two halfwords. So lets get rid of the len parameter and make them
always use 32 bit. Now no token pasting is needed anymore and they can be
regular functions.
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Bastian Koppelmann [Mon, 15 Dec 2014 21:36:31 +0000 (21:36 +0000)]
target-tricore: Fix mask handling JNZ.T being 7 bit long
The mask is actually 7 bit long, instead of 6, so the expression checking
for JNZ.T is always false. Let's make the mask 1 bit wider.
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Alex Zuepke [Fri, 19 Dec 2014 11:34:34 +0000 (12:34 +0100)]
target-tricore: pretty-print register dump and show more status registers
Now using psw_read() to retrieve the status bits correctly.
Signed-off-by: Alex Zuepke <alexander.zuepke@hs-rm.de>
Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Alex Zuepke [Fri, 12 Dec 2014 14:10:29 +0000 (15:10 +0100)]
target-tricore: add missing 64-bit MOV in RLC format
Signed-off-by: Alex Zuepke <alexander.zuepke@hs-rm.de>
Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Alex Zuepke [Fri, 12 Dec 2014 14:10:28 +0000 (15:10 +0100)]
target-tricore: typo in BOL format
Signed-off-by: Alex Zuepke <alexander.zuepke@hs-rm.de>
Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Alex Zuepke [Fri, 12 Dec 2014 14:10:27 +0000 (15:10 +0100)]
target-tricore: fix offset masking in BOL format
Signed-off-by: Alex Zuepke <alexander.zuepke@hs-rm.de>
Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Peter Maydell [Sat, 20 Dec 2014 22:04:13 +0000 (22:04 +0000)]
Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging
# gpg: Signature made Fri 19 Dec 2014 13:18:18 GMT using RSA key ID
81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
* remotes/stefanha/tags/net-pull-request:
e1000: defer packets until BM enabled
net: Use g_new() & friends where that makes obvious sense
net: Fuse g_malloc(); memset() into g_new0()
net: don't use set/get_pointer() in set/get_netdev()
tap: fix vcpu long time io blocking on tap
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Sat, 20 Dec 2014 21:28:53 +0000 (21:28 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-roms-
20141217-1' into staging
update ipxe from 69313ed to 35c5379
# gpg: Signature made Wed 17 Dec 2014 14:45:04 GMT using RSA key ID
D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-roms-
20141217-1:
update ipxe from 69313ed to 35c5379
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Paolo Bonzini [Fri, 19 Dec 2014 11:53:14 +0000 (12:53 +0100)]
exec: change default exception_index value for migration to -1
In QEMU 2.2 the exception_index value was added to the migration stream
through a subsection. The default was set to 0, which is wrong and
should have been -1.
However, 2.2 does not have commit e511b4d (cpu-exec: reset exception_index
correctly, 2014-11-26), hence in 2.2 the exception_index is never used
and is set to -1 on the next call to cpu_exec. So we can change the
migration stream to make the default -1. The effects are:
- 2.2.1 -> 2.2.0: cpu->exception_index set incorrectly to 0 if it
were -1 on the source; then reset to -1 in cpu_exec. This is TCG
only; KVM does not use exception_index.
- 2.2.0 -> 2.2.1: cpu->exception_index set incorrectly to -1 if it
were 0 on the source; but it would be reset to -1 in cpu_exec anyway.
This is TCG only; KVM does not use exception_index.
- 2.2.1 -> 2.1: two bugs fixed: 1) can migrate backwards if
cpu->exception_index is set to -1; 2) should not migrate backwards
(but 2.2.0 allows it) if cpu->exception_index is set to 0
- 2.2.0 -> 2.3.0: 2.2.0 will send the subsection unnecessarily if
exception_index is -1, but that is not a problem. 2.3.0 will set
cpu->exception_index to -1 if it is 0 on the source, but this would
be anyway a problem for 2.2.0 -> 2.2.x migration (due to lack of
commit e511b4d in 2.2.x) so we can ignore it
- 2.2.1 -> 2.3.0: everything works.
In addition, play it safe and never send the subsection unless TCG
is in use. KVM does not use exception_index (PPC KVM stores values
in it for use in the subsequent call to ppc_cpu_do_interrupt, but
does not need it as soon as kvm_handle_debug returns). Xen and
qtest do not run any code for the CPU at all.
Reported-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Tested-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
1418989994-17244-3-git-send-email-pbonzini@redhat.com
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Paolo Bonzini [Fri, 19 Dec 2014 11:53:13 +0000 (12:53 +0100)]
cpu: initialize cpu->exception_index on reset
This unbreaks linux-user (broken by e511b4d, cpu-exec: reset exception_index
correctly, 2014-11-26).
Reported-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Tested-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Tested-by: Eduardo Habkost <ehabkost@redhat.com>
Message-id:
1418989994-17244-2-git-send-email-pbonzini@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Eric Auger [Fri, 19 Dec 2014 22:24:31 +0000 (15:24 -0700)]
hw/vfio/pci: introduce minimalist VFIODevice with fd
Introduce a new base VFIODevice strcut that will be used by both PCI
and Platform VFIO device. Move VFIOPCIDevice fd field there. Obviously
other fields from VFIOPCIDevice will be moved there but this patch
file is introduced to ease the review.
Also vfio_mask_single_irqindex, vfio_unmask_single_irqindex,
vfio_disable_irqindex now take a VFIODevice handle as argument.
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Eric Auger [Fri, 19 Dec 2014 22:24:24 +0000 (15:24 -0700)]
hw/vfio/pci: generalize mask/unmask to any IRQ index
To prepare for platform device introduction, rename vfio_mask_intx
and vfio_unmask_intx into vfio_mask_single_irqindex and respectively
unmask_single_irqindex. Also use a nex index parameter.
With that name and prototype the function will be usable for other
indexes than VFIO_PCI_INTX_IRQ_INDEX.
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Eric Auger [Fri, 19 Dec 2014 22:24:15 +0000 (15:24 -0700)]
hw/vfio/pci: Rename VFIODevice into VFIOPCIDevice
This prepares for the introduction of VFIOPlatformDevice
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Kim Phillips [Fri, 19 Dec 2014 22:24:06 +0000 (15:24 -0700)]
vfio: move hw/misc/vfio.c to hw/vfio/pci.c Move vfio.h into include/hw/vfio
This is done in preparation for the addition of VFIO platform
device support.
Signed-off-by: Kim Phillips <kim.phillips@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Frank Blaschka [Fri, 19 Dec 2014 21:40:06 +0000 (14:40 -0700)]
vfio: fix adding memory listener to the right address space
Depending on the device, container->space->as contains the valid AddressSpace.
Using address_space_memory breaks devices sitting behind an iommu (and using
a separate address space).
Signed-off-by: Frank Blaschka <blaschka@linux.vnet.ibm.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Eric Auger [Fri, 19 Dec 2014 21:40:06 +0000 (14:40 -0700)]
vfio: migration to trace points
This patch removes all DPRINTF and replace them by trace points.
A few DPRINTF used in error cases were transformed into error_report.
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Michael S. Tsirkin [Mon, 1 Dec 2014 18:06:52 +0000 (20:06 +0200)]
e1000: defer packets until BM enabled
Some guests seem to set BM for e1000 after
enabling RX.
If packets arrive in the window, device is wedged.
Probably works by luck on real hardware, work around
this by making can_receive depend on BM.
Tested-by: Gabriel Somlo <somlo@cmu.edu>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Markus Armbruster [Thu, 4 Dec 2014 13:28:17 +0000 (14:28 +0100)]
net: Use g_new() & friends where that makes obvious sense
g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer,
for two reasons. One, it catches multiplication overflowing size_t.
Two, it returns T * rather than void *, which lets the compiler catch
more type errors.
This commit only touches allocations with size arguments of the form
sizeof(T).
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Markus Armbruster [Thu, 4 Dec 2014 13:28:16 +0000 (14:28 +0100)]
net: Fuse g_malloc(); memset() into g_new0()
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
projects / sdk / emulator / qemu.git / log