sdk/emulator/qemu.git
11 years agomigration: Remove duplicate bandwidth_limit set
Lei Li [Mon, 27 May 2013 10:33:02 +0000 (18:33 +0800)]
migration: Remove duplicate bandwidth_limit set

bandwidth_limit is double set in migrate_init(), remove one.

Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
11 years agodocs: Fix typo and update file in migration
Lei Li [Mon, 27 May 2013 10:33:01 +0000 (18:33 +0800)]
docs: Fix typo and update file in migration

This patch fix some typo and update the file that already
moved.

Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
11 years agoconfigure: try pkg-config ncurses first
Ed Maste [Fri, 24 May 2013 20:07:00 +0000 (16:07 -0400)]
configure: try pkg-config ncurses first

When probing for ncurses, try pkg-config first rather than after
explicit -lncurses and -lcurses.  This fixes static linking in the case
that ncurses has additional dependencies, such as -ltinfo (as on FreeBSD).

Signed-off-by: Ed Maste <emaste@freebsd.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
11 years agortc: remove rtc_set_date
Hu Tao [Wed, 22 May 2013 05:33:12 +0000 (13:33 +0800)]
rtc: remove rtc_set_date

Since it's not defined and used anywhere.

Cc: qemu-trivial@nongnu.org
Signed-off-by: Hu Tao <hutao@cn.fujitsu.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
11 years agolinux-user: Fix typo in comment
Lei Li [Mon, 20 May 2013 09:20:50 +0000 (17:20 +0800)]
linux-user: Fix typo in comment

Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
11 years agoconfigure: remove confusing file manipulation
Ed Maste [Wed, 22 May 2013 13:21:39 +0000 (09:21 -0400)]
configure: remove confusing file manipulation

The configure script had some code to manipulate config-host.ld~ (i.e.,
a common backup filename), comparing it with the newly-generated file.
I believe the sense of the comparison was backwards.

Since it seemed to serve little purpose anyway, remove it to avoid any
confusion.

Signed-off-by: Ed Maste <emaste@freebsd.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
11 years agodebugcon: fix compiler warning when open DEBUG_DEBUGCON
liguang [Fri, 24 May 2013 02:47:33 +0000 (10:47 +0800)]
debugcon: fix compiler warning when open DEBUG_DEBUGCON

compiler warnings:
  CC    hw/char/debugcon.o
hw/char/debugcon.c: In function ‘debugcon_ioport_write’:
hw/char/debugcon.c:58: warning: format ‘%02x’ expects type ‘unsigned int’, but argument 3 has type ‘uint64_t’
hw/char/debugcon.c: In function ‘debugcon_ioport_read’:
hw/char/debugcon.c:70: warning: format ‘%04x’ expects type ‘unsigned int’, but argument 2 has type ‘hwaddr’

Signed-off-by: liguang <lig.fnst@cn.fujitsu.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
11 years agodebugcon: make debug message more readable
liguang [Fri, 24 May 2013 02:47:32 +0000 (10:47 +0800)]
debugcon: make debug message more readable

before change:
Bdebugcon: write addr=0x0000 val=0x6f
odebugcon: write addr=0x0000 val=0x6f
odebugcon: write addr=0x0000 val=0x74
tdebugcon: write addr=0x0000 val=0x69
idebugcon: write addr=0x0000 val=0x6e
ndebugcon: write addr=0x0000 val=0x67
gdebugcon: write addr=0x0000 val=0x20
 debugcon: write addr=0x0000 val=0x66

after change:
B [debugcon: write addr=0x0000 val=0x6f]
o [debugcon: write addr=0x0000 val=0x6f]
o [debugcon: write addr=0x0000 val=0x74]
t [debugcon: write addr=0x0000 val=0x69]
i [debugcon: write addr=0x0000 val=0x6e]
n [debugcon: write addr=0x0000 val=0x67]
g [debugcon: write addr=0x0000 val=0x20]
  [debugcon: write addr=0x0000 val=0x66]

Signed-off-by: liguang <lig.fnst@cn.fujitsu.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
11 years agodebugcon: fix always print "addr=0x0, val=0x0" bug when use DEBUG_DEBUGCON
liguang [Fri, 24 May 2013 02:47:31 +0000 (10:47 +0800)]
debugcon: fix always print "addr=0x0, val=0x0" bug when use DEBUG_DEBUGCON

when use DEBUG_DEBUGCON, screen spits:
debugcon: write addr=0x0000 val=0x00
Rdebugcon: write addr=0x0000 val=0x00
udebugcon: write addr=0x0000 val=0x00
ndebugcon: write addr=0x0000 val=0x00
ndebugcon: write addr=0x0000 val=0x00
idebugcon: write addr=0x0000 val=0x00
ndebugcon: write addr=0x0000 val=0x00
gdebugcon: write addr=0x0000 val=0x00
 debugcon: write addr=0x0000 val=0x00
odebugcon: write addr=0x0000 val=0x00
pdebugcon: write addr=0x0000 val=0x00
tdebugcon: write addr=0x0000 val=0x00
idebugcon: write addr=0x0000 val=0x00
odebugcon: write addr=0x0000 val=0x00
ndebugcon: write addr=0x0000 val=0x00
 debugcon: write addr=0x0000 val=0x00
rdebugcon: write addr=0x0000 val=0x00
odebugcon: write addr=0x0000 val=0x00
mdebugcon: write addr=0x0000 val=0x00
 debugcon: write addr=0x0000 val=0x00
adebugcon: write addr=0x0000 val=0x00
tdebugcon: write addr=0x0000 val=0x00
 debugcon: write addr=0x0000 val=0x00

Oh, that's wrong, val is not always be 0.
this bug caused by lack of length modifier
for specifier 'x'.

Signed-off-by: liguang <lig.fnst@cn.fujitsu.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
11 years agoRemove unnecessary break statements
Stefan Weil [Fri, 24 May 2013 10:19:25 +0000 (12:19 +0200)]
Remove unnecessary break statements

Fix these warnings from cppcheck:

hw/display/cirrus_vga.c:2603:
hw/sd/sd.c:348:
hw/timer/exynos4210_mct.c:1033:
target-arm/translate.c:9886:
target-s390x/mem_helper.c:518:
target-unicore32/translate.c:1936:
 style: Consecutive return, break, continue, goto or throw statements are unnecessary.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
11 years agodon't run pkg-config for features explicitly disabled
Michael Tokarev [Sat, 25 May 2013 09:17:21 +0000 (13:17 +0400)]
don't run pkg-config for features explicitly disabled

We test pkg-config for curses and curl even if those are explicitly
disabled.  Move these tests inside `if "$feature" != "no"' sections.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
11 years agotarget-i386: Fix aflag logic for CODE64 and the 0x67 prefix
Richard Henderson [Wed, 29 May 2013 19:30:51 +0000 (12:30 -0700)]
target-i386: Fix aflag logic for CODE64 and the 0x67 prefix

The code reorganization in commit 4a6fd938 broke handling of PREFIX_ADR.
While fixing this, tidy and comment the code so that it's more obvious
what's going on in setting both aflag and dflag.

The TARGET_X86_64 ifdef can be eliminated because CODE64 expands to the
constant zero when TARGET_X86_64 is undefined.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1369855851-21400-1-git-send-email-rth@twiddle.net
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agos390/ipl: Fix spurious errors in virtio
Christian Borntraeger [Thu, 23 May 2013 11:51:41 +0000 (13:51 +0200)]
s390/ipl: Fix spurious errors in virtio

With the ccw ipl code sometimes an error message like
"virtio: trying to map MMIO memory" or
"Guest moved used index from %u to %u" appeared. Turns out
that the ccw bios did not zero out the vring, which might
cause stale values in avail->idx and friends, especially
on reboot.

Lets zero out the relevant fields. To activate the patch we
need to rebuild s390-ccw.img as well.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Message-id: 1369309901-418-1-git-send-email-borntraeger@de.ibm.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agoMerge remote-tracking branch 'mdroth/qga-pull-2013-05-30' into staging
Anthony Liguori [Fri, 31 May 2013 16:33:02 +0000 (11:33 -0500)]
Merge remote-tracking branch 'mdroth/qga-pull-2013-05-30' into staging

# By Laszlo Ersek
# Via Michael Roth
* mdroth/qga-pull-2013-05-30:
  Makefile: create ".../var/run" when installing the POSIX guest agent
  qga: save state directory in ga_install_service()
  qga: remove undefined behavior in ga_install_service()
  qga: create state directory on win32
  configure: don't save any fixed local_statedir for win32
  qga: determine default state dir and pidfile dynamically
  osdep: add qemu_get_local_state_pathname()

Message-id: 1369940341-9043-1-git-send-email-mdroth@linux.vnet.ibm.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agoMerge remote-tracking branch 'luiz/queue/qmp' into staging
Anthony Liguori [Fri, 31 May 2013 16:32:32 +0000 (11:32 -0500)]
Merge remote-tracking branch 'luiz/queue/qmp' into staging

# By Luiz Capitulino (1) and others
# Via Luiz Capitulino
* luiz/queue/qmp:
  target-i386: Fix mask of pte index in memory mapping
  target-i386: fix abort on bad PML4E/PDPTE/PDE/PTE addresses
  qapi: pad GenericList value fields to 64 bits

Message-id: 1370009905-4255-1-git-send-email-lcapitulino@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agoMerge remote-tracking branch 'bonzini/iommu-for-anthony' into staging
Anthony Liguori [Fri, 31 May 2013 16:32:25 +0000 (11:32 -0500)]
Merge remote-tracking branch 'bonzini/iommu-for-anthony' into staging

# By Paolo Bonzini
# Via Paolo Bonzini
* bonzini/iommu-for-anthony: (22 commits)
  memory: add return value to address_space_rw/read/write
  memory: propagate errors on I/O dispatch
  exec: just use io_mem_read/io_mem_write for 8-byte I/O accesses
  memory: correctly handle endian-swapped 64-bit accesses
  memory: split accesses even when the old MMIO callbacks are used
  memory: add big endian support to access_with_adjusted_size
  memory: accept mismatching sizes in memory_region_access_valid
  memory: add address_space_access_valid
  exec: implement .valid.accepts for subpages
  memory: export memory_region_access_valid to exec.c
  exec: introduce memory_access_size
  exec: introduce memory_access_is_direct
  exec: expect mr->ops to be initialized for ROM
  memory: assign MemoryRegionOps to all regions
  memory: move unassigned_mem_ops to memory.c
  memory: add address_space_translate
  memory: dispatch unassigned accesses based on .valid.accepts
  exec: do not use error_mem_read
  exec: make io_mem_unassigned private
  cputlb: simplify tlb_set_page
  ...

Message-id: 1369947836-2638-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agotarget-i386: Fix mask of pte index in memory mapping
Qiao Nuohan [Thu, 30 May 2013 15:07:54 +0000 (17:07 +0200)]
target-i386: Fix mask of pte index in memory mapping

Function walk_pte() needs pte index to calculate virtual address.
However, pte index of PAE paging or IA-32e paging is 9 bit, so the mask
should be 0x1ff.

Signed-off-by: Qiao Nuohan <qiaonuohan@cn.fujitsu.com>
Reviewed-by: Jesse Larrew <jlarrew@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
11 years agotarget-i386: fix abort on bad PML4E/PDPTE/PDE/PTE addresses
Luiz Capitulino [Tue, 28 May 2013 18:19:22 +0000 (14:19 -0400)]
target-i386: fix abort on bad PML4E/PDPTE/PDE/PTE addresses

The code used to walk IA-32e page-tables, and possibly PAE page-tables,
uses the bit mask ~0xfff to get the next PML4E/PDPTE/PDE/PTE address.

However, as we use a uint64_t to store the resulting address, that mask
gets expanded to 0xfffffffffffff000 which not only ends up selecting
reserved bits but also selects the XD bit (execute-disable) which
happens to be enabled by Windows 8, causing qemu_get_ram_ptr() to abort.

This commit fixes that problem by replacing ~0xfff by a correct mask
that only selects the address bit range (ie. bits 51:12).

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
11 years agoseccomp: add the asynchronous I/O syscalls to the whitelist
Paul Moore [Wed, 29 May 2013 20:30:01 +0000 (16:30 -0400)]
seccomp: add the asynchronous I/O syscalls to the whitelist

In order to enable the asynchronous I/O functionality when using the
seccomp sandbox we need to add the associated syscalls to the
whitelist.

Signed-off-by: Paul Moore <pmoore@redhat.com>
Reviewed-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
Message-id: 20130529203001.20939.83322.stgit@localhost
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agogdbstub: do not restart crashed guest
Paolo Bonzini [Thu, 30 May 2013 11:20:40 +0000 (13:20 +0200)]
gdbstub: do not restart crashed guest

If a guest has crashed with an internal error or similar, detaching
gdb (or any other debugger action) should not restart it.

Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 1369912840-18577-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agoqdev: fix get_fw_dev_path to support to add nothing to fw_dev_path
Amos Kong [Wed, 29 May 2013 07:56:42 +0000 (15:56 +0800)]
qdev: fix get_fw_dev_path to support to add nothing to fw_dev_path

Recent virtio refactoring in QEMU made virtio-bus become the parent bus
of scsi-bus, and virtio-bus doesn't have get_fw_dev_path implementation,
typename will be added to fw_dev_path by default, the new fw_dev_path
could not be identified by seabios. It causes that bootindex parameter
of scsi device doesn't work.

This patch implements get_fw_dev_path() in BusClass, it will be called
if bus doesn't implement the method, tyename will be added to
fw_dev_path. If the implemented method returns NULL, nothing will be
added to fw_dev_path.

It also implements virtio_bus_get_fw_dev_path() to return NULL. Then
QEMU will still pass original style of fw_dev_path to seabios.

Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 1369814202-10346-1-git-send-email-akong@redhat.com
--
v2: only add nothing to fw_dev_path when get_fw_dev_path() is
    implemented and returns NULL. then it will not effect other devices
    don't have get_fw_dev_path() implementation.
v3: implement default get_fw_dev_path() in BusClass
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agoMakefile: create ".../var/run" when installing the POSIX guest agent
Laszlo Ersek [Sat, 18 May 2013 05:13:14 +0000 (07:13 +0200)]
Makefile: create ".../var/run" when installing the POSIX guest agent

Otherwise the default local state directory of POSIX qga won't exist after
installation with a non-standard ${prefix} or DESTDIR.

For now qga is the only user of ".../var" (= $qemu_localstatedir) too, so
don't create that directory either unless we're installing the agent.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
11 years agoqga: save state directory in ga_install_service()
Laszlo Ersek [Sat, 18 May 2013 04:31:53 +0000 (06:31 +0200)]
qga: save state directory in ga_install_service()

If the user selects a non-default state directory at service installation
time, we should remember it in the registered service.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
11 years agoqga: remove undefined behavior in ga_install_service()
Laszlo Ersek [Sat, 18 May 2013 04:31:52 +0000 (06:31 +0200)]
qga: remove undefined behavior in ga_install_service()

We shouldn't snprintf() from a buffer to the same buffer.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
11 years agoqga: create state directory on win32
Laszlo Ersek [Sat, 18 May 2013 04:31:51 +0000 (06:31 +0200)]
qga: create state directory on win32

On Win32 the local state directory is application specific and users might
expect qemu-ga to create it automatically.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
11 years agoconfigure: don't save any fixed local_statedir for win32
Laszlo Ersek [Sat, 18 May 2013 04:31:50 +0000 (06:31 +0200)]
configure: don't save any fixed local_statedir for win32

... because now we can get the dynamic value with
qemu_get_local_state_pathname().

The only user of the fixed value was the guest agent, which we've moved to
qemu_get_local_state_pathname() in the previous patch.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
11 years agoqga: determine default state dir and pidfile dynamically
Laszlo Ersek [Sat, 18 May 2013 04:31:49 +0000 (06:31 +0200)]
qga: determine default state dir and pidfile dynamically

No effective change on POSIX, but on Win32 the defaults come from the
environment / session.

Since commit 39097daf ("qemu-ga: use key-value store to avoid recycling fd
handles after restart") we've relied on the state directory for the fd
handles' key-value store. Even though we don't support the guest-file-*
commands on win32 yet, the key-value store is written, and it's the first
use of the state directory on win32. We should have a sensible default for
its location.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
11 years agoosdep: add qemu_get_local_state_pathname()
Laszlo Ersek [Sat, 18 May 2013 04:31:48 +0000 (06:31 +0200)]
osdep: add qemu_get_local_state_pathname()

This function returns ${prefix}/var/RELATIVE_PATHNAME on POSIX-y systems,
and <CSIDL_COMMON_APPDATA>/RELATIVE_PATHNAME on Win32.

http://msdn.microsoft.com/en-us/library/bb762494.aspx

  [...] This folder is used for application data that is not user
  specific. For example, an application can store a spell-check
  dictionary, a database of clip art, or a log file in the
  CSIDL_COMMON_APPDATA folder. [...]

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
11 years agoqapi: pad GenericList value fields to 64 bits
Michael Roth [Mon, 27 May 2013 03:20:58 +0000 (22:20 -0500)]
qapi: pad GenericList value fields to 64 bits

With the introduction of native list types, we now have types such as
int64List where the 'value' field is not a pointer, but the actual
64-bit value.

On 32-bit architectures, this can lead to situations where 'next' field
offset in GenericList does not correspond to the 'next' field in the
types that we cast to GenericList when using the visit_next_list()
interface, causing issues when we attempt to traverse linked list
structures of these types.

To fix this, pad the 'value' field of GenericList and other
schema-defined/native *List types out to 64-bits.

This is less memory-efficient for 32-bit architectures, but allows us to
continue to rely on list-handling interfaces that target GenericList to
simply visitor implementations.

In the future we can improve efficiency by defaulting to using native C
array backends to handle list of non-pointer types, which would be more
memory efficient in itself and allow us to roll back this change.

Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
11 years agomemory: add return value to address_space_rw/read/write
Paolo Bonzini [Tue, 21 May 2013 07:56:55 +0000 (09:56 +0200)]
memory: add return value to address_space_rw/read/write

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: propagate errors on I/O dispatch
Paolo Bonzini [Fri, 24 May 2013 14:10:39 +0000 (16:10 +0200)]
memory: propagate errors on I/O dispatch

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agoexec: just use io_mem_read/io_mem_write for 8-byte I/O accesses
Paolo Bonzini [Fri, 24 May 2013 10:40:43 +0000 (12:40 +0200)]
exec: just use io_mem_read/io_mem_write for 8-byte I/O accesses

The memory API is able to split it in two 4-byte accesses.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: correctly handle endian-swapped 64-bit accesses
Paolo Bonzini [Fri, 24 May 2013 15:58:37 +0000 (17:58 +0200)]
memory: correctly handle endian-swapped 64-bit accesses

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: split accesses even when the old MMIO callbacks are used
Paolo Bonzini [Fri, 24 May 2013 15:45:48 +0000 (17:45 +0200)]
memory: split accesses even when the old MMIO callbacks are used

This is useful for 64-bit memory accesses.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: add big endian support to access_with_adjusted_size
Paolo Bonzini [Fri, 24 May 2013 10:54:01 +0000 (12:54 +0200)]
memory: add big endian support to access_with_adjusted_size

This will be used to split 8-byte access down to two four-byte accesses.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: accept mismatching sizes in memory_region_access_valid
Paolo Bonzini [Fri, 24 May 2013 15:48:52 +0000 (17:48 +0200)]
memory: accept mismatching sizes in memory_region_access_valid

The memory API is able to use smaller/wider accesses than requested,
match that in memory_region_access_valid.  Of course, the accepts
callback is still free to reject those accesses.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: add address_space_access_valid
Paolo Bonzini [Thu, 11 Apr 2013 13:40:59 +0000 (15:40 +0200)]
memory: add address_space_access_valid

The old-style IOMMU lets you check whether an access is valid in a
given DMAContext.  There is no equivalent for AddressSpace in the
memory API, implement it with a lookup of the dispatch tree.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agoexec: implement .valid.accepts for subpages
Paolo Bonzini [Fri, 24 May 2013 12:02:39 +0000 (14:02 +0200)]
exec: implement .valid.accepts for subpages

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: export memory_region_access_valid to exec.c
Paolo Bonzini [Fri, 24 May 2013 09:55:06 +0000 (11:55 +0200)]
memory: export memory_region_access_valid to exec.c

We'll use it to implement address_space_access_valid.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agoexec: introduce memory_access_size
Paolo Bonzini [Fri, 24 May 2013 09:59:43 +0000 (11:59 +0200)]
exec: introduce memory_access_size

This will be used by address_space_access_valid too.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agoexec: introduce memory_access_is_direct
Paolo Bonzini [Fri, 24 May 2013 10:29:54 +0000 (12:29 +0200)]
exec: introduce memory_access_is_direct

After the previous patches, this is a common test for all read/write
functions.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agoexec: expect mr->ops to be initialized for ROM
Paolo Bonzini [Fri, 24 May 2013 11:21:01 +0000 (13:21 +0200)]
exec: expect mr->ops to be initialized for ROM

There is no need to use the special phys_section_rom section.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: assign MemoryRegionOps to all regions
Paolo Bonzini [Fri, 24 May 2013 11:55:52 +0000 (13:55 +0200)]
memory: assign MemoryRegionOps to all regions

This allows to remove the checks on section->readonly.  Simply,
write accesses to ROM will not be considered "direct" and will
go through mr->ops without any special intervention.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: move unassigned_mem_ops to memory.c
Paolo Bonzini [Fri, 24 May 2013 11:23:38 +0000 (13:23 +0200)]
memory: move unassigned_mem_ops to memory.c

reservation_ops is already doing the same thing.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: add address_space_translate
Paolo Bonzini [Fri, 24 May 2013 10:59:37 +0000 (12:59 +0200)]
memory: add address_space_translate

Using phys_page_find to translate an AddressSpace to a MemoryRegionSection
is unwieldy.  It requires to pass the page index rather than the address,
and later memory_region_section_addr has to be called.  Replace
memory_region_section_addr with a function that does all of it: call
phys_page_find, compute the offset within the region, and check how
big the current mapping is.  This way, a large flat region can be written
with a single lookup rather than a page at a time.

address_space_translate will also provide a single point where IOMMU
forwarding is implemented.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: dispatch unassigned accesses based on .valid.accepts
Paolo Bonzini [Fri, 24 May 2013 12:48:38 +0000 (14:48 +0200)]
memory: dispatch unassigned accesses based on .valid.accepts

This provides the basics for detecting accesses to unassigned memory
as soon as they happen, and also for a simple implementation of
address_space_access_valid.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agoexec: do not use error_mem_read
Paolo Bonzini [Fri, 24 May 2013 12:39:13 +0000 (14:39 +0200)]
exec: do not use error_mem_read

We will soon reach this case when doing (unaligned) accesses that
span partly past the end of memory.  We do not want to crash in
that case.

unassigned_mem_ops and rom_mem_ops are now the same.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agoexec: make io_mem_unassigned private
Paolo Bonzini [Fri, 24 May 2013 12:37:28 +0000 (14:37 +0200)]
exec: make io_mem_unassigned private

There is no reason to avoid a recompile before accessing unassigned
memory.  In the end it will be treated as MMIO anyway.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agocputlb: simplify tlb_set_page
Paolo Bonzini [Fri, 24 May 2013 14:45:30 +0000 (16:45 +0200)]
cputlb: simplify tlb_set_page

The same "if" condition is repeated twice.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agoexec: drop useless #if
Paolo Bonzini [Fri, 24 May 2013 15:14:05 +0000 (17:14 +0200)]
exec: drop useless #if

This code is only compiled for softmmu targets.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agoexec: eliminate io_mem_ram
Paolo Bonzini [Fri, 24 May 2013 12:34:08 +0000 (14:34 +0200)]
exec: eliminate io_mem_ram

It is never used, the IOTLB always goes through io_mem_notdirty.

In fact in softmmu_template.h, if it were, QEMU would crash just
below the tests, as soon as io_mem_read/write dispatches to
error_mem_read/write.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agovirtio-pci: drop unused wmb macro
Michael S. Tsirkin [Tue, 28 May 2013 10:20:23 +0000 (13:20 +0300)]
virtio-pci: drop unused wmb macro

The implementation is wrong for kvm, and it's unused anyway.
Drop it.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 20130528102023.GA30055@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agotests: set MALLOC_PERTURB_ to expose memory bugs
Stefan Hajnoczi [Mon, 27 May 2013 13:28:51 +0000 (15:28 +0200)]
tests: set MALLOC_PERTURB_ to expose memory bugs

glibc wipes malloc(3) memory when the MALLOC_PERTURB_ environment
variable is set.  The value of the environment variable determines the
bit pattern used to wipe memory.  For more information, see
http://udrepper.livejournal.com/11429.html.

Set MALLOC_PERTURB_ for gtester and qemu-iotests.  Note we pick a random
value from 1 to 255 to expose more bugs.  If you need to reproduce a
crash use 'show environment' in gdb to extract the MALLOC_PERTURB_
value from a core dump.

Both make check and qemu-iotests pass with MALLOC_PERTURB_ enabled.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 1369661331-28041-1-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agopc_sysfw: allow flash (-pflash) memory to be used with KVM
Jordan Justen [Wed, 29 May 2013 08:27:27 +0000 (01:27 -0700)]
pc_sysfw: allow flash (-pflash) memory to be used with KVM

When pc-sysfw.rom_only == 0, flash memory will be
usable with kvm. In order to enable flash memory mode,
a pflash device must be created. (For example, by
using the -pflash command line parameter.)

Usage of a flash memory device with kvm requires
KVM_CAP_READONLY_MEM, and kvm will abort if
a flash device is used with an older kvm which does
not support this capability.

If a flash device is not used, then qemu/kvm will
operate in the original rom-mode.

Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1369816047-16384-5-git-send-email-jordan.l.justen@intel.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agokvm: support using KVM_MEM_READONLY flag for regions
Jordan Justen [Wed, 29 May 2013 08:27:26 +0000 (01:27 -0700)]
kvm: support using KVM_MEM_READONLY flag for regions

For readonly memory regions and rom devices in romd_mode,
we make use of the KVM_MEM_READONLY. A slot that uses
KVM_MEM_READONLY can be read from and code can execute from the
region, but writes will exit to qemu.

For rom devices with !romd_mode, we force the slot to be
removed so reads or writes to the region will exit to qemu.
(Note that a memory region in this state is not executable
within kvm.)

v7:
 * Update for readable => romd_mode rename (5f9a5ea1)

Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com> (v4)
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> (v5)
Message-id: 1369816047-16384-4-git-send-email-jordan.l.justen@intel.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agokvm: add kvm_readonly_mem_enabled
Jordan Justen [Wed, 29 May 2013 08:27:25 +0000 (01:27 -0700)]
kvm: add kvm_readonly_mem_enabled

Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1369816047-16384-3-git-send-email-jordan.l.justen@intel.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agoisapc: Fix non-KVM qemu boot (read/write memory for isapc BIOS)
Jordan Justen [Wed, 29 May 2013 08:27:24 +0000 (01:27 -0700)]
isapc: Fix non-KVM qemu boot (read/write memory for isapc BIOS)

The isapc machine with seabios currently requires the BIOS region
to be read/write memory rather than read-only memory.

KVM currently cannot support the BIOS as a ROM region, but qemu
in non-KVM mode can. Based on this, isapc machine currently only
works with KVM.

To work-around this isapc issue, this change avoids marking the
BIOS as readonly for isapc.

This change also will allow KVM to start supporting ROM mode
via KVM_CAP_READONLY_MEM.

Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1369816047-16384-2-git-send-email-jordan.l.justen@intel.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agoMerge remote-tracking branch 'aneesh/for-upstream' into staging
Anthony Liguori [Wed, 29 May 2013 13:13:20 +0000 (08:13 -0500)]
Merge remote-tracking branch 'aneesh/for-upstream' into staging

# By Aneesh Kumar K.V (3) and Gabriel de Perthuis (1)
# Via Aneesh Kumar K.V
* aneesh/for-upstream:
  hw/9pfs: Be robust against paths without FS_IOC_GETVERSION
  hw/9pfs: Use O_NOFOLLOW when opening files on server
  hw/9pfs: use O_NOFOLLOW for mapped readlink operation
  hw/9pfs: Fix segfault with 9p2000.u

Message-id: 87zjvevx4s.fsf@linux.vnet.ibm.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agoMerge remote-tracking branch 'afaerber-or/cocoa-for-upstream' into staging
Anthony Liguori [Wed, 29 May 2013 13:13:09 +0000 (08:13 -0500)]
Merge remote-tracking branch 'afaerber-or/cocoa-for-upstream' into staging

# By Peter Maydell
# Via Andreas Färber
* afaerber-or/cocoa-for-upstream:
  cocoa: Avoid deprecated NSOpenPanel beginSheetForDirectory
  cocoa: Avoid deprecated NSOpenPanel filename method
  cocoa: Avoid deprecated CPS* functions
  cocoa: Fix leaks of NSScreen and NSConcreteMapTable

11 years agoMerge remote-tracking branch 'kraxel/chardev.6' into staging
Anthony Liguori [Wed, 29 May 2013 13:12:53 +0000 (08:12 -0500)]
Merge remote-tracking branch 'kraxel/chardev.6' into staging

# By Gerd Hoffmann
# Via Gerd Hoffmann
* kraxel/chardev.6:
  chardev: fix "info chardev" output
  Revert "chardev: Get filename for new qapi backend"

Message-id: 1369722844-24345-1-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agoMerge remote-tracking branch 'kraxel/seabios-1.7.2.2' into staging
Anthony Liguori [Wed, 29 May 2013 13:12:25 +0000 (08:12 -0500)]
Merge remote-tracking branch 'kraxel/seabios-1.7.2.2' into staging

# By Gerd Hoffmann
# Via Gerd Hoffmann
* kraxel/seabios-1.7.2.2:
  update seabios to release 1.7.2.2
  Revert "roms: switch oldnoconfig to olddefconfig"

Message-id: 1369736932-16627-1-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agococoa: Avoid deprecated NSOpenPanel beginSheetForDirectory
Peter Maydell [Mon, 22 Apr 2013 10:29:49 +0000 (10:29 +0000)]
cocoa: Avoid deprecated NSOpenPanel beginSheetForDirectory

In MacOSX 10.6 and above the NSOpenPanel beginSheetForDirectory
method is deprecated. Use the preferred replacements instead.
We retain the original code for use on earlier MacOSX versions
because the replacement methods don't exist before 10.6.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
11 years agococoa: Avoid deprecated NSOpenPanel filename method
Peter Maydell [Mon, 22 Apr 2013 10:29:48 +0000 (10:29 +0000)]
cocoa: Avoid deprecated NSOpenPanel filename method

Avoid the NSOpenPanel filename method (deprecated in MacOSX 10.6)
in favour of using the URL method and extracting the path from the
resulting NSUrl object.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
11 years agococoa: Avoid deprecated CPS* functions
Peter Maydell [Mon, 22 Apr 2013 10:29:47 +0000 (10:29 +0000)]
cocoa: Avoid deprecated CPS* functions

The functions CPSGetCurrentProcess and CPSEnableForegroundOperation
are deprecated in newer versions of MacOSX and cause warning messages
to be logged to the system log. Instead, use the new preferred method
of promoting our console process up to a graphical app with menubar
and Dock icon, which is TransformProcessType. (This function came
in with MacOSX 10.3, so there's no need to retain the old method as
we don't support anything earlier than 10.3 anyway.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
11 years agococoa: Fix leaks of NSScreen and NSConcreteMapTable
Peter Maydell [Mon, 22 Apr 2013 10:29:46 +0000 (10:29 +0000)]
cocoa: Fix leaks of NSScreen and NSConcreteMapTable

On MacOSX 10.8 QEMU provokes system log messages:
11/03/2013 17:03:29.998 qemu-system-arm[42586]: objc[42586]: Object
0x7ffbf9c2f3b0 of class NSScreen autoreleased with no pool in place - just
leaking - break on objc_autoreleaseNoPool() to debug

11/03/2013 17:03:29.999 qemu-system-arm[42586]: objc[42586]: Object
0x7ffbf9c3a010 of class NSConcreteMapTable autoreleased with no pool in
place - just leaking - break on objc_autoreleaseNoPool() to debug

This is because we call back into Cocoa from threads other than
the UI thread (specifically from the CPU thread). Since we created
these threads via the POSIX API rather than NSThread, they don't have
automatically created autorelease pools. Guard all the functions where
QEMU can call back into the Cocoa UI code with autorelease pools
so that we don't leak any Cocoa objects.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
11 years agoupdate seabios to release 1.7.2.2
Gerd Hoffmann [Tue, 28 May 2013 10:17:50 +0000 (12:17 +0200)]
update seabios to release 1.7.2.2

git shortlog from 1.7.2.1

Asias He (2):
      virtio-scsi: Pack struct virtio_scsi_{req_cmd,resp_cmd}
      virtio-scsi: Set _DRIVER_OK flag before scsi target scanning

Kevin O'Connor (1):
      Cache boot-fail-wait to avoid romfile access after POST.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
11 years agoRevert "roms: switch oldnoconfig to olddefconfig"
Gerd Hoffmann [Tue, 28 May 2013 10:09:41 +0000 (12:09 +0200)]
Revert "roms: switch oldnoconfig to olddefconfig"

This reverts commit a5519b42cfd6c00e9f8b31c5aad7682e7a9f1181.

Breaks "make bios" in roms/ as the kconfig version in seabios doesn't
support olddefconfig.  Must have been be totally untested.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
11 years agohw/9pfs: Be robust against paths without FS_IOC_GETVERSION
Gabriel de Perthuis [Fri, 10 May 2013 17:53:28 +0000 (19:53 +0200)]
hw/9pfs: Be robust against paths without FS_IOC_GETVERSION

9P optionally uses the FS_IOC_GETVERSION ioctl to get information about
a file's version (sometimes called generation number).

The code checks for supported filesystems at mount time, but some paths
may come from other mounted filesystems.

Change it to treat unsupported paths the same as unsupported
filesystems, returning 0 in both cases.

Note: ENOTTY is the error code for an unsupported ioctl.

This fix allows booting a linux kernel with the same / filesystem as the
host; otherwise the boot fails when mounting devtmpfs.

Signed-off-by: Gabriel de Perthuis <g2p.code@gmail.com>
Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
11 years agohw/9pfs: Use O_NOFOLLOW when opening files on server
Aneesh Kumar K.V [Mon, 20 May 2013 14:13:15 +0000 (19:43 +0530)]
hw/9pfs: Use O_NOFOLLOW when opening files on server

9p server should never follow a symlink. So use O_NOFOLLOW with all open
syscall

Tested-by: "M. Mohan Kumar" <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
11 years agohw/9pfs: use O_NOFOLLOW for mapped readlink operation
Aneesh Kumar K.V [Mon, 20 May 2013 11:58:29 +0000 (17:28 +0530)]
hw/9pfs: use O_NOFOLLOW for mapped readlink operation

With mapped security models like mapped-xattr and mapped-file, we save the
symlink target as file contents. Now if we ever expose a normal directory
with mapped security model and find real symlinks in export path, never
follow them and return proper error.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
11 years agohw/9pfs: Fix segfault with 9p2000.u
Aneesh Kumar K.V [Mon, 20 May 2013 05:59:52 +0000 (11:29 +0530)]
hw/9pfs: Fix segfault with 9p2000.u

When guest tries to chmod a block or char device file over 9pfs,
the qemu process segfaults. With 9p2000.u protocol we use wstat to
change mode bits and client don't send extension information for
chmod. We need to check for size field to check whether extension
info is present or not.

Reported-by: Michael Tokarev <mjt@tls.msk.ru>
Acked-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
11 years agochardev: fix "info chardev" output
Gerd Hoffmann [Mon, 27 May 2013 10:41:24 +0000 (12:41 +0200)]
chardev: fix "info chardev" output

Fill unset CharDriverState->filename with the backend name, so
'info chardev' will return at least the chardev type.  Don't
touch it in case the chardev init function filled it already,
like the socket+pty chardevs do for example.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
11 years agoRevert "chardev: Get filename for new qapi backend"
Gerd Hoffmann [Mon, 27 May 2013 10:38:58 +0000 (12:38 +0200)]
Revert "chardev: Get filename for new qapi backend"

Does not handle chardevs created via chardev-add monitor command.

This reverts commit 2b220025993e76d4116781ca91a4fabc5ad9c722.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
11 years agoRemove Sun4c, Sun4d and a few CPUs
Blue Swirl [Sun, 14 Apr 2013 18:10:28 +0000 (18:10 +0000)]
Remove Sun4c, Sun4d and a few CPUs

Sun4c and Sun4d architectures and related CPUs are not fully implemented
(especially Sun4c MMU) and there has been no interest for them.

Likewise, a few CPUs (Cypress, Ross etc) are only half implemented.

Remove the machines and CPUs, they can be re-added if needed later.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
11 years agoRemove OSS support for OpenBSD
Brad Smith [Fri, 24 May 2013 23:01:07 +0000 (19:01 -0400)]
Remove OSS support for OpenBSD

Remove the OSS support for OpenBSD. The OSS API has not been usable
for quite some time.

Signed-off-by: Brad Smith <brad@comstyle.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
11 years agotarget-arm: Remove gen_{ld,st}* definitions
Peter Maydell [Thu, 23 May 2013 12:00:03 +0000 (13:00 +0100)]
target-arm: Remove gen_{ld,st}* definitions

All the uses of the gen_{ld,st}* functions are gone now, so remove
the functions themselves.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
11 years agotarget-arm: Remove gen_{ld,st}* from thumb2 decoder
Peter Maydell [Thu, 23 May 2013 12:00:02 +0000 (13:00 +0100)]
target-arm: Remove gen_{ld,st}* from thumb2 decoder

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
11 years agotarget-arm: Remove gen_{ld,st}* from Thumb insns
Peter Maydell [Thu, 23 May 2013 12:00:01 +0000 (13:00 +0100)]
target-arm: Remove gen_{ld,st}* from Thumb insns

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
11 years agotarget-arm: Remove gen_{ld,st}* from basic ARM insns
Peter Maydell [Thu, 23 May 2013 12:00:00 +0000 (13:00 +0100)]
target-arm: Remove gen_{ld,st}* from basic ARM insns

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
11 years agotarget-arm: Remove use of gen_{ld,st}* from ldrex/strex
Peter Maydell [Thu, 23 May 2013 11:59:59 +0000 (12:59 +0100)]
target-arm: Remove use of gen_{ld,st}* from ldrex/strex

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
11 years agotarget-arm: Remove uses of gen_{ld,st}* from Neon code
Peter Maydell [Thu, 23 May 2013 11:59:58 +0000 (12:59 +0100)]
target-arm: Remove uses of gen_{ld,st}* from Neon code

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
11 years agotarget-arm: Remove uses of gen_{ld,st}* from iWMMXt code
Peter Maydell [Thu, 23 May 2013 11:59:57 +0000 (12:59 +0100)]
target-arm: Remove uses of gen_{ld,st}* from iWMMXt code

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
11 years agotarget-arm: Remove gen_ld64() and gen_st64()
Peter Maydell [Thu, 23 May 2013 11:59:56 +0000 (12:59 +0100)]
target-arm: Remove gen_ld64() and gen_st64()

gen_ld64() and gen_st64() are used only in one place, so just
expand them out.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
11 years agotarget-arm: Don't use TCGv when we mean TCGv_i32
Peter Maydell [Thu, 23 May 2013 11:59:55 +0000 (12:59 +0100)]
target-arm: Don't use TCGv when we mean TCGv_i32

TCGv changes size depending on the compile time value of
TARGET_LONG_BITS.  This is useful for generating code for MIPS style
"instructions are the same but the register width changes" CPUs, and
also for the generic bits of QEMU which operate on "width of a
virtual address" values, but mostly in the ARM target code we were
using it purely as a shorthand for "any 32 bit value".

This needs to change in preparation for AArch64 support, since an
AArch64-capable v8 core will have 64 bit virtual addresses but still
use 32 bit values for the 32 bit instruction set.

This patch mechanically converts all the occurrences of TCGv,
tcg_temp_new(), tcg_temp_free(), tcg_temp_local_new() and
TCGV_UNUSED() to their explicitly 32 bit counterparts.  This is
correct for everything except the arguments to tcg_gen_qemu_{ld,st}*,
which really do need to be TCGv and so will require a 32-to-64
conversion when building the 32 bit code for AArch64.  Those changes
will be in a separate patch for easier review.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
11 years agoMerge remote-tracking branch 'bonzini/iommu-for-anthony' into staging
Anthony Liguori [Fri, 24 May 2013 18:47:42 +0000 (13:47 -0500)]
Merge remote-tracking branch 'bonzini/iommu-for-anthony' into staging

# By Paolo Bonzini (11) and others
# Via Paolo Bonzini
* bonzini/iommu-for-anthony:
  memory: clean up phys_page_find
  memory: populate FlatView for new address spaces
  memory: limit sections in the radix tree to the actual address space size
  s390x: reduce TARGET_PHYS_ADDR_SPACE_BITS to 62
  memory: fix address space initialization/destruction
  memory: make memory_global_sync_dirty_bitmap take an AddressSpace
  memory: do not duplicate memory_region_destructor_none
  memory: Rename readable flag to romd_mode
  memory: Replace open-coded memory_region_is_romd
  memory: allow memory_region_find() to run on non-root memory regions
  memory: assert that PhysPageEntry's ptr does not overflow
  exec: eliminate stq_phys_notdirty
  exec: make qemu_get_ram_ptr private
  exec: eliminate qemu_put_ram_ptr
  exec: remove obsolete comment

Message-id: 1369414987-8839-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agoMerge remote-tracking branch 'stefanha/net' into staging
Anthony Liguori [Fri, 24 May 2013 18:47:33 +0000 (13:47 -0500)]
Merge remote-tracking branch 'stefanha/net' into staging

# By Alasdair McLeay (1) and Stefan Hajnoczi (1)
# Via Stefan Hajnoczi
* stefanha/net:
  rtl8139: flush queued packets when RxBufPtr is written
  net: support for bridged networking on Mac OS X

Message-id: 1369406295-20411-1-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agoMerge remote-tracking branch 'stefanha/block' into staging
Anthony Liguori [Fri, 24 May 2013 18:47:25 +0000 (13:47 -0500)]
Merge remote-tracking branch 'stefanha/block' into staging

# By Wenchao Xia (5) and others
# Via Stefan Hajnoczi
* stefanha/block:
  coroutine: stop using AioContext in CoQueue
  coroutine: protect global pool with a mutex
  qemu-iotests: Try creating huge qcow2 image
  qcow2.py: Subcommand for changing header fields
  qemu-io: Fix 'map' output
  blockdev: Rename BlockdevAction -> TransactionAction
  block: make all steps in qmp_transaction() as callback
  block: package rollback code in qmp_transaction()
  block: package committing code in qmp_transaction()
  block: move input parsing code in qmp_transaction()
  block: package preparation code in qmp_transaction()

Message-id: 1369405947-14818-1-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
11 years agomemory: clean up phys_page_find
Paolo Bonzini [Mon, 20 May 2013 10:21:07 +0000 (12:21 +0200)]
memory: clean up phys_page_find

Remove the goto.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: populate FlatView for new address spaces
Paolo Bonzini [Tue, 16 Apr 2013 13:39:51 +0000 (15:39 +0200)]
memory: populate FlatView for new address spaces

Even a new address space might have a non-empty FlatView.  In order
to initialize it properly, address_space_init should (a) call
memory_region_transaction_commit after the address space is inserted
into the list; (b) force memory_region_transaction_commit to do something.

This bug was latent so far because all address spaces started empty, including
the PCI address space where the bus master region is initially disabled.
However, the target address space of an IOMMU is usually rooted at
get_system_memory(), which might not be empty at the time the IOMMU is created.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: limit sections in the radix tree to the actual address space size
Avi Kivity [Tue, 30 Oct 2012 11:47:45 +0000 (13:47 +0200)]
memory: limit sections in the radix tree to the actual address space size

The radix tree is statically sized to fit TARGET_PHYS_ADDR_SPACE_BITS.
If a larger memory region is registered, it will overflow.

Fix by limiting any section in the radix tree to the supported size.

This problem was not observed earlier since artificial regions (containers
and aliases) are eliminated by the memory core, leaving only device regions
which have reasonable sizes.  An IOMMU however cannot be eliminated by the
memory core, and may have an artificial size.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Avi Kivity <avi.kivity@gmail.com>
[ Fail the build if TARGET_PHYS_ADDR_SPACE_BITS is too large - Paolo ]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agos390x: reduce TARGET_PHYS_ADDR_SPACE_BITS to 62
Paolo Bonzini [Mon, 13 May 2013 13:54:44 +0000 (15:54 +0200)]
s390x: reduce TARGET_PHYS_ADDR_SPACE_BITS to 62

With the next patch, the memory API will complain if the
TARGET_PHYS_ADDR_SPACE_BITS gets dangerously close to an
overflow.  s390x can handle up to 64 bit of physical address
space from its page tables, but we never use that much.  Just
decrease the value.

Cc: Alexander Graf <agraf@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: fix address space initialization/destruction
Avi Kivity [Tue, 30 Oct 2012 11:47:44 +0000 (13:47 +0200)]
memory: fix address space initialization/destruction

A couple of fields were left uninitialized.  This was not observed earlier
because all address spaces were statically allocated.  Also free allocation
for those fields.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Avi Kivity <avi.kivity@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: make memory_global_sync_dirty_bitmap take an AddressSpace
Paolo Bonzini [Wed, 24 Apr 2013 08:46:55 +0000 (10:46 +0200)]
memory: make memory_global_sync_dirty_bitmap take an AddressSpace

Since this is a MemoryListener operation, it only makes sense
on an AddressSpace granularity.

Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: do not duplicate memory_region_destructor_none
Paolo Bonzini [Fri, 3 May 2013 15:18:36 +0000 (17:18 +0200)]
memory: do not duplicate memory_region_destructor_none

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: Rename readable flag to romd_mode
Jan Kiszka [Tue, 7 May 2013 17:04:25 +0000 (19:04 +0200)]
memory: Rename readable flag to romd_mode

"Readable" is a very unfortunate name for this flag because even a
rom_device region will always be readable from the guest POV. What
differs is the mapping, just like the comments had to explain already.
Also, readable could currently be understood as being a generic region
flag, but it only applies to rom_device regions.

So rename the flag and the function to modify it after the original term
"ROMD" which could also be interpreted as "ROM direct", i.e. ROM mode
with direct access. In any case, the scope of the flag is clearer now.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: Replace open-coded memory_region_is_romd
Jan Kiszka [Mon, 6 May 2013 16:07:05 +0000 (18:07 +0200)]
memory: Replace open-coded memory_region_is_romd

Improves readability.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
11 years agomemory: allow memory_region_find() to run on non-root memory regions
Paolo Bonzini [Tue, 7 May 2013 13:48:28 +0000 (15:48 +0200)]
memory: allow memory_region_find() to run on non-root memory regions

memory_region_find() is similar to registering a MemoryListener and
checking for the MemoryRegionSections that come from a particular
region.  There is no reason for this to be limited to a root memory
region.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agomemory: assert that PhysPageEntry's ptr does not overflow
Paolo Bonzini [Tue, 7 May 2013 09:30:23 +0000 (11:30 +0200)]
memory: assert that PhysPageEntry's ptr does not overflow

While sized to 15 bits in PhysPageEntry, the ptr field is ORed into the
iotlb entries together with a page-aligned pointer.  The ptr field must
not overflow into this page-aligned value, assert that it is smaller than
the page size.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agoexec: eliminate stq_phys_notdirty
Paolo Bonzini [Mon, 20 May 2013 10:40:58 +0000 (12:40 +0200)]
exec: eliminate stq_phys_notdirty

It is not used anywhere.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
11 years agoexec: make qemu_get_ram_ptr private
Paolo Bonzini [Tue, 14 May 2013 09:47:56 +0000 (11:47 +0200)]
exec: make qemu_get_ram_ptr private

It is a private interface between exec.c and memory.c.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>