sdk/emulator/qemu.git
8 years agoopencores_eth: indicate autonegotiation completion
Max Filippov [Mon, 4 Apr 2016 03:54:27 +0000 (06:54 +0300)]
opencores_eth: indicate autonegotiation completion

Indicate that autonegotiation is complete in the MII BMSR. This fixes
networking on xtfpga platform in linux v4.5.

Cc: qemu-stable@nongnu.org
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20160309-1' into staging
Peter Maydell [Thu, 10 Mar 2016 02:51:14 +0000 (02:51 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20160309-1' into staging

add linux evdev support, vnc and console fixes.

# gpg: Signature made Wed 09 Mar 2016 09:02:47 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-ui-20160309-1:
  ui/console: add escape sequence \e[5, 6n
  input-linux: add switch to enable auto-repeat events
  input-linux: add option to toggle grab on all devices
  input: linux evdev support
  vnc: send cursor when a new client is connecting

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoui/console: add escape sequence \e[5, 6n
Ren Kimura [Tue, 8 Mar 2016 19:51:21 +0000 (04:51 +0900)]
ui/console: add escape sequence \e[5, 6n

Add support of escape sequence "\e[5n" and "\e[6n" to console.
"\e[5n" reports status of console and it always succeed
in virtual console.
"\e[6n" reports now cursor position in console.

Signed-off-by: Ren Kimura <rkx1209dev@gmail.com>
Message-id: 1457466681-7714-2-git-send-email-rkx1209dev@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoMerge remote-tracking branch 'remotes/thibault/tags/samuel-thibault' into staging
Peter Maydell [Wed, 9 Mar 2016 05:14:55 +0000 (05:14 +0000)]
Merge remote-tracking branch 'remotes/thibault/tags/samuel-thibault' into staging

Add Samuel Thibault as slirp maintainer

# gpg: Signature made Tue 08 Mar 2016 20:43:01 GMT using RSA key ID FB6B2F1D
# gpg: Good signature from "Samuel Thibault <samuel.thibault@gnu.org>"
# gpg:                 aka "Samuel Thibault <sthibault@debian.org>"
# gpg:                 aka "Samuel Thibault <samuel.thibault@inria.fr>"
# gpg:                 aka "Samuel Thibault <samuel.thibault@labri.fr>"
# gpg:                 aka "Samuel Thibault <samuel.thibault@ens-lyon.org>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 900C B024 B679 31D4 0F82  304B D017 8C76 7D06 9EE6
#      Subkey fingerprint: F632 74CD C630 0873 CB3D  29D9 E3E5 1CE8 FB6B 2F1D

* remotes/thibault/tags/samuel-thibault:
  MAINTAINERS: Add Samuel Thibault as slirp maintainer

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/amit-migration/tags/migration-for-2.6-6' into...
Peter Maydell [Wed, 9 Mar 2016 01:07:16 +0000 (01:07 +0000)]
Merge remote-tracking branch 'remotes/amit-migration/tags/migration-for-2.6-6' into staging

migration:
* add avx2 instruction optimization, speeds up zero-page checking on
  compatible architectures and compilers (gcc 4.9+)
* add additional postcopy stats to 'info migrate' output

# gpg: Signature made Tue 08 Mar 2016 11:29:48 GMT using RSA key ID 854083B6
# gpg: Good signature from "Amit Shah <amit@amitshah.net>"
# gpg:                 aka "Amit Shah <amit@kernel.org>"
# gpg:                 aka "Amit Shah <amitshah@gmx.net>"

* remotes/amit-migration/tags/migration-for-2.6-6:
  cutils: add avx2 instruction optimization
  configure: detect ifunc and avx2 attribute
  Postcopy: Fix sync count in info migrate

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-fw-cfg-20160308-1' into staging
Peter Maydell [Wed, 9 Mar 2016 00:44:43 +0000 (00:44 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-fw-cfg-20160308-1' into staging

acpi: add fw_cfg device node to dsdt

# gpg: Signature made Tue 08 Mar 2016 11:15:42 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-fw-cfg-20160308-1:
  tests: update acpi test data
  fw_cfg: document ACPI device node information
  acpi: arm: add fw_cfg device node to dsdt
  acpi: pc: add fw_cfg device node to dsdt
  pc: fw_cfg: move ioport base constant to pc.h
  fw_cfg: expose control register size in fw_cfg.h

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/amit-virtio-rng/tags/rng-for-2.6-2' into staging
Peter Maydell [Wed, 9 Mar 2016 00:21:17 +0000 (00:21 +0000)]
Merge remote-tracking branch 'remotes/amit-virtio-rng/tags/rng-for-2.6-2' into staging

rng: use simpleq instead of gslist

# gpg: Signature made Tue 08 Mar 2016 10:51:23 GMT using RSA key ID 854083B6
# gpg: Good signature from "Amit Shah <amit@amitshah.net>"
# gpg:                 aka "Amit Shah <amit@kernel.org>"
# gpg:                 aka "Amit Shah <amitshah@gmx.net>"

* remotes/amit-virtio-rng/tags/rng-for-2.6-2:
  rng: switch request queue to QSIMPLEQ

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMAINTAINERS: Add Samuel Thibault as slirp maintainer
Samuel Thibault [Thu, 6 Aug 2015 11:10:14 +0000 (13:10 +0200)]
MAINTAINERS: Add Samuel Thibault as slirp maintainer

Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Acked-by: Jan Kiszka <jan.kiszka@siemens.com>
8 years agocutils: add avx2 instruction optimization
Liang Li [Tue, 8 Mar 2016 05:53:17 +0000 (13:53 +0800)]
cutils: add avx2 instruction optimization

buffer_find_nonzero_offset() is a hot function during live migration.
Now it use SSE2 instructions for optimization. For platform supports
AVX2 instructions, use AVX2 instructions for optimization can help
to improve the performance of buffer_find_nonzero_offset() about 30%
comparing to SSE2.

Live migration can be faster with this optimization, the test result
shows that for an 8GiB RAM idle guest just boots, this patch can help
to shorten the total live migration time about 6%.

This patch use the ifunc mechanism to select the proper function when
running, for platform supports AVX2, execute the AVX2 instructions,
else, execute the original instructions.

Signed-off-by: Liang Li <liang.z.li@intel.com>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Suggested-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1457416397-26671-3-git-send-email-liang.z.li@intel.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agoconfigure: detect ifunc and avx2 attribute
Liang Li [Tue, 8 Mar 2016 05:53:16 +0000 (13:53 +0800)]
configure: detect ifunc and avx2 attribute

Detect if the compiler can support the ifun and avx2, if so, set
CONFIG_AVX2_OPT which will be used to turn on the avx2 instruction
optimization.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Liang Li <liang.z.li@intel.com>
Message-Id: <1457416397-26671-2-git-send-email-liang.z.li@intel.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agoPostcopy: Fix sync count in info migrate
Dr. David Alan Gilbert [Thu, 25 Feb 2016 10:03:51 +0000 (10:03 +0000)]
Postcopy: Fix sync count in info migrate

I'd missed the sync count off in the postcopy case.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Message-id: 1456394631-18010-1-git-send-email-dgilbert@redhat.com
Message-Id: <1456394631-18010-1-git-send-email-dgilbert@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agoinput-linux: add switch to enable auto-repeat events
Gerd Hoffmann [Fri, 4 Mar 2016 10:25:16 +0000 (11:25 +0100)]
input-linux: add switch to enable auto-repeat events

Enable with "-input-linux /dev/input/${device},repeat=on".

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1457087116-4379-4-git-send-email-kraxel@redhat.com

8 years agoinput-linux: add option to toggle grab on all devices
Gerd Hoffmann [Fri, 4 Mar 2016 10:25:15 +0000 (11:25 +0100)]
input-linux: add option to toggle grab on all devices

Maintain a list of all input devices.  Add an option to make grab
work across all devices (so toggling grab on the keybard can switch
over the mouse too).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1457087116-4379-3-git-send-email-kraxel@redhat.com

8 years agoinput: linux evdev support
Gerd Hoffmann [Fri, 4 Mar 2016 10:25:14 +0000 (11:25 +0100)]
input: linux evdev support

This patch adds support for reading input events directly from linux
evdev devices and forward them to the guest.  Unlike virtio-input-host
which simply passes on all events to the guest without looking at them
this will interpret the events and feed them into the qemu input
subsystem.

Therefore this is limited to what the qemu input subsystem and the
emulated input devices are able to handle.  Also there is no support for
absolute coordinates (tablet/touchscreen).  So we are talking here about
basic mouse and keyboard support.

The advantage is that it'll work without virtio-input drivers in the
guest, the events are delivered to the usual ps/2 or usb input devices
(depending on what the machine happens to have).  And for keyboards
qemu is able to switch the keyboard between guest and host on hotkey.
The hotkey is hard-coded for now (both control keys), initialy the
guest owns the keyboard.

Probably most useful when assigning vga devices with vfio and using a
physical monitor instead of vnc/spice/gtk as guest display.

Usage:  Add '-input-linux /dev/input/event<nr>' to the qemu command
line.  Note that udev has rules which populate /dev/input/by-{id,path}
with static names, which might be more convinient to use.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1457087116-4379-2-git-send-email-kraxel@redhat.com

8 years agotests: update acpi test data
Gerd Hoffmann [Tue, 8 Mar 2016 10:04:36 +0000 (11:04 +0100)]
tests: update acpi test data

using tests/acpi-test-data/rebuild-expected-aml.sh

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agofw_cfg: document ACPI device node information
Gabriel L. Somlo [Fri, 19 Feb 2016 18:20:29 +0000 (13:20 -0500)]
fw_cfg: document ACPI device node information

Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Marc Marí <markmb@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 1455906029-25565-6-git-send-email-somlo@cmu.edu
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoacpi: arm: add fw_cfg device node to dsdt
Gabriel L. Somlo [Fri, 19 Feb 2016 18:20:28 +0000 (13:20 -0500)]
acpi: arm: add fw_cfg device node to dsdt

Add a fw_cfg device node to the ACPI DSDT. This is mostly
informational, as the authoritative fw_cfg MMIO region(s)
are listed in the Device Tree. However, since we are building
ACPI tables, we might as well be thorough while at it...

Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Marc Marí <markmb@redhat.com>
Reviewed-by: Shannon Zhao <shannon.zhao@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 1455906029-25565-5-git-send-email-somlo@cmu.edu
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoacpi: pc: add fw_cfg device node to dsdt
Gabriel L. Somlo [Fri, 19 Feb 2016 18:20:27 +0000 (13:20 -0500)]
acpi: pc: add fw_cfg device node to dsdt

Add a fw_cfg device node to the ACPI DSDT. While the guest-side
firmware can't utilize this information (since it has to access
the hard-coded fw_cfg device to extract ACPI tables to begin with),
having fw_cfg listed in ACPI will help the guest kernel keep a more
accurate inventory of in-use IO port regions.

Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Marc Marí <markmb@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 1455906029-25565-4-git-send-email-somlo@cmu.edu
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agopc: fw_cfg: move ioport base constant to pc.h
Gabriel L. Somlo [Fri, 19 Feb 2016 18:20:26 +0000 (13:20 -0500)]
pc: fw_cfg: move ioport base constant to pc.h

Move BIOS_CFG_IOPORT define from pc.c to pc.h, and rename
it to FW_CFG_IO_BASE.

Cc: Marc Marí <markmb@redhat.com>
Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Marc Marí <markmb@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 1455906029-25565-3-git-send-email-somlo@cmu.edu
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoMerge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
Peter Maydell [Tue, 8 Mar 2016 10:25:50 +0000 (10:25 +0000)]
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging

# gpg: Signature made Tue 08 Mar 2016 07:46:08 GMT using RSA key ID 398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* remotes/jasowang/tags/net-pull-request:
  net: check packet payload length
  filter-buffer: Add status_changed callback processing
  filter: Add 'status' property for filter object
  rocker: allow user to specify rocker world by property
  rocker: add name field into WorldOps ale let world specify its name
  rocker: return -ENOMEM in case of some world alloc fails
  rocker: forbid to change world type
  net: netmap: probe netmap interface for virtio-net header
  net: simplify net_init_tap_one logic
  MAINTAINERS: Add entries for include/net/ files
  net: filter: correctly remove filter from the list during finalization
  net: ne2000: check ring buffer control registers

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agofw_cfg: expose control register size in fw_cfg.h
Gabriel L. Somlo [Fri, 19 Feb 2016 18:20:25 +0000 (13:20 -0500)]
fw_cfg: expose control register size in fw_cfg.h

Expose the size of the control register (FW_CFG_CTL_SIZE) in fw_cfg.h.
Add comment to fw_cfg_io_realize() pointing out that since the
8-bit data register is always subsumed by the 16-bit control
register in the port I/O case, we use the control register width
as the *total* width of the (classic, non-DMA) port I/O region reserved
for the device.

Cc: Marc Marí <markmb@redhat.com>
Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Marc Marí <markmb@redhat.com>
Message-id: 1455906029-25565-2-git-send-email-somlo@cmu.edu
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agovnc: send cursor when a new client is connecting
Frediano Ziglio [Wed, 2 Mar 2016 14:32:22 +0000 (14:32 +0000)]
vnc: send cursor when a new client is connecting

If you have hardware cursor and you are reconnecting the VNC client
you need to send the cursor. Failing to do so make the cursor invisible
till is changed.

Signed-off-by: Frediano Ziglio <fziglio@redhat.com>
Message-id: 1456929142-14033-1-git-send-email-fziglio@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agonet: check packet payload length
Prasad J Pandit [Wed, 2 Mar 2016 11:59:58 +0000 (17:29 +0530)]
net: check packet payload length

While computing IP checksum, 'net_checksum_calculate' reads
payload length from the packet. It could exceed the given 'data'
buffer size. Add a check to avoid it.

Reported-by: Liu Ling <liuling-it@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agofilter-buffer: Add status_changed callback processing
zhanghailiang [Tue, 1 Mar 2016 05:37:03 +0000 (13:37 +0800)]
filter-buffer: Add status_changed callback processing

While the status of filter-buffer changing from 'on' to 'off',
it need to release all the buffered packets, and delete the related
timer, while switch from 'off' to 'on', it need to resume the release
packets timer.

Here, we extract the process of setup timer into a new helper,
which will be used in the new status_changed callback.

Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: Yang Hongyang <hongyang.yang@easystack.cn>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agofilter: Add 'status' property for filter object
zhanghailiang [Tue, 1 Mar 2016 05:37:02 +0000 (13:37 +0800)]
filter: Add 'status' property for filter object

With this property, users can control if this filter is 'on'
or 'off'. The default behavior for filter is 'on'.

For some types of filters, they may need to react to status changing,
So here, we introduced status changing callback/notifier for filter class.

We will skip the disabled ('off') filter when delivering packets in net layer.

Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Cc: Jason Wang <jasowang@redhat.com>
Cc: Yang Hongyang <hongyang.yang@easystack.cn>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agorocker: allow user to specify rocker world by property
Jiri Pirko [Thu, 25 Feb 2016 14:31:58 +0000 (15:31 +0100)]
rocker: allow user to specify rocker world by property

Add property to specify rocker world. All ports will be assigned to this
world.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agorocker: add name field into WorldOps ale let world specify its name
Jiri Pirko [Thu, 25 Feb 2016 14:31:57 +0000 (15:31 +0100)]
rocker: add name field into WorldOps ale let world specify its name

Also use this in world_name getter function.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agorocker: return -ENOMEM in case of some world alloc fails
Jiri Pirko [Thu, 25 Feb 2016 14:31:56 +0000 (15:31 +0100)]
rocker: return -ENOMEM in case of some world alloc fails

Until now, 0 is returned in this error case. Fix it ro return -ENOMEM.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agorocker: forbid to change world type
Jiri Pirko [Thu, 25 Feb 2016 14:31:55 +0000 (15:31 +0100)]
rocker: forbid to change world type

Port to world assignment should be permitted only by qemu user. Driver
should not be able to do it, so forbid that possibility.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agonet: netmap: probe netmap interface for virtio-net header
Vincenzo Maffione [Wed, 24 Feb 2016 10:30:41 +0000 (11:30 +0100)]
net: netmap: probe netmap interface for virtio-net header

Previous implementation of has_ufo, has_vnet_hdr, has_vnet_hdr_len, etc.
did not really probe for virtio-net header support for the netmap
interface attached to the backend. These callbacks were correct for
VALE ports, but incorrect for hardware NICs, pipes, monitors, etc.

This patch fixes the implementation to work properly with all kinds
of netmap ports.

Signed-off-by: Vincenzo Maffione <v.maffione@gmail.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agonet: simplify net_init_tap_one logic
Paolo Bonzini [Thu, 25 Feb 2016 23:05:57 +0000 (00:05 +0100)]
net: simplify net_init_tap_one logic

net_init_tap_one receives in vhostfdname a fd name from vhostfd= or
vhostfds=, or NULL if there is no vhostfd=/vhostfds=.  It is simpler
to just check vhostfdname, than it is to check for vhostfd= or
vhostfds=.  This also calms down Coverity, which otherwise thinks
that monitor_fd_param could dereference a NULL vhostfdname.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agoMAINTAINERS: Add entries for include/net/ files
Thomas Huth [Thu, 25 Feb 2016 11:56:24 +0000 (12:56 +0100)]
MAINTAINERS: Add entries for include/net/ files

The include/net/ files correspond to the files in the net/ directory,
thus there should be corresponding entries in the MAINTAINERS file.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agonet: filter: correctly remove filter from the list during finalization
Jason Wang [Mon, 15 Feb 2016 04:52:34 +0000 (12:52 +0800)]
net: filter: correctly remove filter from the list during finalization

Qemu may crash when we want to add two filters on the same netdev but
the initialization of second fails (e.g missing parameters):

./qemu-system-x86_64 -netdev user,id=un0 \
 -object filter-buffer,id=f0,netdev=un0,interval=10 \
 -object filter-buffer,id=f1,netdev=un0
Segmentation fault (core dumped)

This is because we don't check whether or not the filter was in the
list of netdev. This patch fixes this.

Cc: Yang Hongyang <hongyang.yang@easystack.cn>
Reviewed-by: Yang Hongyang <hongyang.yang@easystack.cn>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agonet: ne2000: check ring buffer control registers
Prasad J Pandit [Wed, 24 Feb 2016 06:11:33 +0000 (11:41 +0530)]
net: ne2000: check ring buffer control registers

Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
bytes to process network packets. Registers PSTART & PSTOP
define ring buffer size & location. Setting these registers
to invalid values could lead to infinite loop or OOB r/w
access issues. Add check to avoid it.

Reported-by: Yang Hongke <yanghongke@huawei.com>
Tested-by: Yang Hongke <yanghongke@huawei.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
8 years agorng: switch request queue to QSIMPLEQ
Ladi Prosek [Thu, 3 Mar 2016 13:16:11 +0000 (14:16 +0100)]
rng: switch request queue to QSIMPLEQ

QSIMPLEQ supports appending to tail in O(1) and is intrusive so
it doesn't require extra memory allocations for the bookkeeping
data.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Message-Id: <1457010971-24771-1-git-send-email-lprosek@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agoMerge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
Peter Maydell [Tue, 8 Mar 2016 04:53:36 +0000 (04:53 +0000)]
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* RAMBlock vs. MemoryRegion cleanups from Fam
* mru_section optimization from Fam
* memory.txt improvements from Peter and Xiaoqiang
* i8257 fix from Hervé
* -daemonize fix
* Cleanups and small fixes from Alex, Praneith, Wei

# gpg: Signature made Mon 07 Mar 2016 17:08:59 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"

* remotes/bonzini/tags/for-upstream:
  scsi-bus: Remove tape command from scsi_req_xfer
  kvm/irqchip: use bitmap utility for gsi tracking
  MAINTAINERS: Add entry for include/sysemu/kvm*.h
  doc/memory.txt: correct description of MemoryRegionOps fields
  doc/memory.txt: correct a logic error
  icount: possible options for sleep are on or off
  exec: Introduce AddressSpaceDispatch.mru_section
  exec: Factor out section_covers_addr
  exec: Pass RAMBlock pointer to qemu_ram_free
  memory: Drop MemoryRegion.ram_addr
  memory: Implement memory_region_get_ram_addr with mr->ram_block
  memory: Move assignment to ram_block to memory_region_init_*
  exec: Return RAMBlock pointer from allocating functions
  i8257: fix Terminal Count status
  log: do not log if QEMU is daemonized but without -D

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoscsi-bus: Remove tape command from scsi_req_xfer
Alex Pyrgiotis [Mon, 7 Mar 2016 15:50:22 +0000 (15:50 +0000)]
scsi-bus: Remove tape command from scsi_req_xfer

Remove the RECOVER_BUFFERED_DATA command from the list of commands that
are handled by scsi_req_xfer(). Given that this command is
tape-specific, it should be handled only by scsi_stream_req_xfer().

Signed-off-by: Alex Pyrgiotis <apyrgio@arrikto.com>
Message-Id: <1457365822-22435-1-git-send-email-apyrgio@arrikto.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agokvm/irqchip: use bitmap utility for gsi tracking
Wei Yang [Sun, 6 Mar 2016 01:57:25 +0000 (01:57 +0000)]
kvm/irqchip: use bitmap utility for gsi tracking

By using utilities in bitops and bitmap, this patch tries to make it more
friendly to audience. No functional change.

Signed-off-by: Wei Yang <richard.weiyang@gmail.com>
Message-Id: <1457229445-25954-1-git-send-email-richard.weiyang@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoMAINTAINERS: Add entry for include/sysemu/kvm*.h
Thomas Huth [Thu, 25 Feb 2016 12:33:25 +0000 (13:33 +0100)]
MAINTAINERS: Add entry for include/sysemu/kvm*.h

The include/sysemu/kvm*.h header files should be part of
the overall KVM section.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1456403605-26587-1-git-send-email-thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agodoc/memory.txt: correct description of MemoryRegionOps fields
Peter Maydell [Fri, 26 Feb 2016 08:40:51 +0000 (16:40 +0800)]
doc/memory.txt: correct description of MemoryRegionOps fields

Probably what happened was that when the API was being designed it
started off with an 'aligned' field, and then later the field name
and semantics were changed but the docs weren't updated to match.

Similarly, cpu_register_io_memory() does not exist anymore, so
clarify the documentation for .old_mmio.

Reported-by: Cao jin <caoj.fnst@cn.fujitsu.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agodoc/memory.txt: correct a logic error
xiaoqiang zhao [Fri, 26 Feb 2016 08:40:51 +0000 (16:40 +0800)]
doc/memory.txt: correct a logic error

In the regions overlap example, region B has a higher priority thus
should has a larger priority number than C.

Signed-off-by: xiaoqiang zhao <zxq_yx_007@163.com>
Message-Id: <1456476051-15121-1-git-send-email-zxq_yx_007@163.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoicount: possible options for sleep are on or off
Pranith Kumar [Fri, 26 Feb 2016 15:16:51 +0000 (10:16 -0500)]
icount: possible options for sleep are on or off

icount sleep takes on or off as options. A few places mention sleep=no
which is not accepted. This patch corrects them.

Signed-off-by: Pranith Kumar <bobby.prani@gmail.com>
Message-Id: <1456499811-16819-1-git-send-email-bobby.prani@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoexec: Introduce AddressSpaceDispatch.mru_section
Fam Zheng [Tue, 1 Mar 2016 06:18:24 +0000 (14:18 +0800)]
exec: Introduce AddressSpaceDispatch.mru_section

Under heavy workloads the lookup will likely end up with the same
MemoryRegionSection from last time. Using a pointer to cache the result,
like ram_list.mru_block, significantly reduces cost of
address_space_translate.

During address space topology update, as->dispatch will be reallocated
so the pointer is invalidated automatically.

Perf reports a visible drop on the cpu usage, because phys_page_find is
not called.  Before:

   2.35%  qemu-system-x86_64       [.] phys_page_find
   0.97%  qemu-system-x86_64       [.] address_space_translate_internal
   0.95%  qemu-system-x86_64       [.] address_space_translate
   0.55%  qemu-system-x86_64       [.] address_space_lookup_region

After:

   0.97%  qemu-system-x86_64       [.] address_space_translate_internal
   0.97%  qemu-system-x86_64       [.] address_space_lookup_region
   0.84%  qemu-system-x86_64       [.] address_space_translate

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <1456813104-25902-8-git-send-email-famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoexec: Factor out section_covers_addr
Fam Zheng [Tue, 1 Mar 2016 06:18:23 +0000 (14:18 +0800)]
exec: Factor out section_covers_addr

This will be shared by the next patch.

Also add a comment explaining the unobvious condition on "size.hi".

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <1456813104-25902-7-git-send-email-famz@redhat.com>
[Small change to the comment. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoexec: Pass RAMBlock pointer to qemu_ram_free
Fam Zheng [Tue, 1 Mar 2016 06:18:22 +0000 (14:18 +0800)]
exec: Pass RAMBlock pointer to qemu_ram_free

The only caller now knows exactly which RAMBlock to free, so it's not
necessary to do the lookup.

Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <1456813104-25902-6-git-send-email-famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agomemory: Drop MemoryRegion.ram_addr
Fam Zheng [Tue, 1 Mar 2016 06:18:21 +0000 (14:18 +0800)]
memory: Drop MemoryRegion.ram_addr

All references to mr->ram_addr are replaced by
memory_region_get_ram_addr(mr) (except for a few assertions that are
replaced with mr->ram_block).

Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <1456813104-25902-5-git-send-email-famz@redhat.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agomemory: Implement memory_region_get_ram_addr with mr->ram_block
Fam Zheng [Tue, 1 Mar 2016 06:18:20 +0000 (14:18 +0800)]
memory: Implement memory_region_get_ram_addr with mr->ram_block

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <1456813104-25902-4-git-send-email-famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agomemory: Move assignment to ram_block to memory_region_init_*
Fam Zheng [Tue, 1 Mar 2016 06:18:19 +0000 (14:18 +0800)]
memory: Move assignment to ram_block to memory_region_init_*

We don't force "const" qualifiers with pointers in QEMU, but it's still
good to keep a clean function interface. Assigning to mr->ram_block is
in this sense ugly - one initializer mutating its owning object's state.

Move it to memory_region_init_*, where mr->ram_addr is assigned.

Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <1456813104-25902-3-git-send-email-famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoexec: Return RAMBlock pointer from allocating functions
Fam Zheng [Tue, 1 Mar 2016 06:18:18 +0000 (14:18 +0800)]
exec: Return RAMBlock pointer from allocating functions

Previously we return RAMBlock.offset; now return the pointer to the
whole structure.

ram_block_add returns void now, error is completely passed with errp.

Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <1456813104-25902-2-git-send-email-famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoi8257: fix Terminal Count status
Hervé Poussineau [Thu, 25 Feb 2016 12:45:32 +0000 (13:45 +0100)]
i8257: fix Terminal Count status

When a DMA transfer is done (ie all bytes have been transfered), the corresponding
Terminal Count bit must be set in the status register.
This bit is already cleared in i8257_read_cont and i8257_write_cont when required.

This fixes (at least) floppy transfer in IBM 40p firmware, which checks in DMA
controller if everything went fine.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Message-Id: <1456404332-31556-1-git-send-email-hpoussin@reactos.org>
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agolog: do not log if QEMU is daemonized but without -D
Paolo Bonzini [Mon, 29 Feb 2016 11:18:40 +0000 (12:18 +0100)]
log: do not log if QEMU is daemonized but without -D

Commit 96c33a4 ("log: Redirect stderr to logfile if deamonized",
2016-02-22) wanted to move stderr of a daemonized QEMU to the file
specified with -D.

However, if -D was not passed, the patch had the side effect of not
redirecting stderr to /dev/null.  This happened because qemu_logfile
was set to stderr rather than the expected value of NULL.  The fix
is simply in the "if" condition of do_qemu_set_log; the "if" for
closing the file is also changed to match.

Reported-by: Jan Tomko <jtomko@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agoMerge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2016-03-04' into staging
Peter Maydell [Sun, 6 Mar 2016 11:53:27 +0000 (11:53 +0000)]
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2016-03-04' into staging

QAPI patches for 2016-03-04

# gpg: Signature made Sat 05 Mar 2016 09:47:19 GMT using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"

* remotes/armbru/tags/pull-qapi-2016-03-04:
  qapi: Drop useless 'data' member of unions
  chardev: Drop useless ChardevDummy type
  qapi: Avoid use of 'data' member of QAPI unions
  ui: Shorten references into InputEvent
  util: Shorten references into SocketAddress
  chardev: Shorten references into ChardevBackend
  qapi: Update docs to match recent generator changes
  qapi-visit: Expose visit_type_FOO_members()
  qapi: Rename 'fields' to 'members' in generated C code
  qapi: Rename 'fields' to 'members' in generator
  qapi-dealloc: Reduce use outside of generated code
  qmp-shell: fix pretty printing of JSON responses

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoqapi: Drop useless 'data' member of unions
Eric Blake [Thu, 3 Mar 2016 16:16:52 +0000 (09:16 -0700)]
qapi: Drop useless 'data' member of unions

We started moving away from the use of the 'void *data' member
in the C union corresponding to a QAPI union back in commit
544a373; recent commits have gotten rid of other uses.  Now
that it is completely unused, we can remove the member itself
as well as the FIXME comment.  Update the testsuite to drop the
negative test union-clash-data.

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1457021813-10704-11-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agochardev: Drop useless ChardevDummy type
Eric Blake [Fri, 4 Mar 2016 15:42:40 +0000 (08:42 -0700)]
chardev: Drop useless ChardevDummy type

Commit d0d7708b made ChardevDummy be an empty wrapper type around
ChardevCommon.  But there is no technical reason for this indirection,
so simplify the code by directly using the base type.

Also change the fallback assignment to assign u.null rather than
u.data, since a future patch will remove the data member of the C
struct generated for QAPI unions.

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1457106160-23614-1-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Avoid use of 'data' member of QAPI unions
Eric Blake [Thu, 3 Mar 2016 16:16:50 +0000 (09:16 -0700)]
qapi: Avoid use of 'data' member of QAPI unions

QAPI code generators currently create a 'void *data' member as
part of the anonymous union embedded in the C struct corresponding
to a QAPI union.  However, directly assigning to this member of
the union feels a bit fishy, when we can assign to another member
of the struct instead.

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1457021813-10704-9-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoui: Shorten references into InputEvent
Eric Blake [Thu, 3 Mar 2016 16:16:49 +0000 (09:16 -0700)]
ui: Shorten references into InputEvent

An upcoming patch will alter how simple unions, like InputEvent, are
laid out, which will impact all lines of the form 'evt->u.XXX'
(expanding it to the longer 'evt->u.XXX.data').  For better
legibility in that patch, and less need for line wrapping, it's better
to use a temporary variable to reduce the effect of a layout change to
just the variable initializations, rather than every reference within
an InputEvent.

There was one instance in hid.c:hid_pointer_event() where the code
was referring to evt->u.rel inside the case label where evt->u.abs
is the correct name; thankfully, both members of the union have the
same type, so it happened to work, but it is now cleaner.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1457021813-10704-8-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoutil: Shorten references into SocketAddress
Eric Blake [Thu, 3 Mar 2016 16:16:48 +0000 (09:16 -0700)]
util: Shorten references into SocketAddress

An upcoming patch will alter how simple unions, like SocketAddress,
are laid out, which will impact all lines of the form 'addr->u.XXX'
(expanding it to the longer 'addr->u.XXX.data').  For better
legibility in that patch, and less need for line wrapping, it's better
to use a temporary variable to reduce the effect of a layout change to
just the variable initializations, rather than every reference within
a SocketAddress.  Also, take advantage of some C99 initialization where
it makes sense (simplifying g_new0() to g_new()).

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1457021813-10704-7-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agochardev: Shorten references into ChardevBackend
Eric Blake [Thu, 3 Mar 2016 16:16:47 +0000 (09:16 -0700)]
chardev: Shorten references into ChardevBackend

An upcoming patch will alter how simple unions, like ChardevBackend,
are laid out, which will impact all lines of the form 'backend->u.XXX'
(expanding it to the longer 'backend->u.XXX.data').  For better
legibility in that patch, and less need for line wrapping, it's better
to use a temporary variable to reduce the effect of a layout change to
just the variable initializations, rather than every reference within
a ChardevBackend.  It doesn't hurt that this also makes the code more
consistent: some clients touched here already had a temporary variable
but weren't using it.

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-By: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1457021813-10704-6-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Update docs to match recent generator changes
Eric Blake [Thu, 3 Mar 2016 16:16:46 +0000 (09:16 -0700)]
qapi: Update docs to match recent generator changes

Several commits have been changing the generator, but not updating
the docs to match:
- The implicit tag member is named "type", not "kind".  Screwed up in
commit 39a1815.
- Commit 9f08c8ec made list types lazy, and thereby dropped
UserDefOneList if nothing explicitly uses the list type.
- Commit 51e72bc1 switched the parameter order with 'name' occurring
earlier.
- Commit e65d89bf changed the layout of UserDefOneList.
- Prefer the term 'member' over 'field'.
- We now expose visit_type_FOO_members() for objects.
- etc.

Rework the examples to show slightly more output (we don't want to
show too much; that's what the testsuite is for), and regenerate the
output to match all recent changes.  Also, rearrange output to show
.h files before .c (understanding the interface first often makes
the implementation easier to follow).

Reported-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1457021813-10704-5-git-send-email-eblake@redhat.com>

8 years agoqapi-visit: Expose visit_type_FOO_members()
Eric Blake [Thu, 3 Mar 2016 16:16:45 +0000 (09:16 -0700)]
qapi-visit: Expose visit_type_FOO_members()

Dan Berrange reported a case where he needs to work with a
QCryptoBlockOptions union type using the OptsVisitor, but only
visit one of the branches of that type (the discriminator is not
visited directly, but learned externally).  When things were
boxed, it was easy: just visit the variant directly, which took
care of both allocating the variant and visiting its members, then
store that pointer in the union type.  But now that things are
unboxed, we need a way to visit the members without allocation,
done by exposing visit_type_FOO_members() to the user.

Before the patch, we had quite a bit of code associated with
object_members_seen to make sure that a declaration of the helper
was in scope before any use of the function.  But now that the
helper is public and declared in the header, the .c file no
longer needs to worry about topological sorting (the helper is
always in scope), which leads to some nice cleanups.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1457021813-10704-4-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Rename 'fields' to 'members' in generated C code
Eric Blake [Thu, 3 Mar 2016 16:16:44 +0000 (09:16 -0700)]
qapi: Rename 'fields' to 'members' in generated C code

C types and JSON objects don't have fields, but members.  We
shouldn't gratuitously invent terminology.  This patch is a
strict renaming of static genarated functions, plus the naming
of the dummy filler member for empty structs, before the next
patch exposes some of that naming to the rest of the code base.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1457021813-10704-3-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi: Rename 'fields' to 'members' in generator
Eric Blake [Thu, 3 Mar 2016 16:16:43 +0000 (09:16 -0700)]
qapi: Rename 'fields' to 'members' in generator

C types and JSON objects don't have fields, but members.  We
shouldn't gratuitously invent terminology.  This patch is a
strict renaming of generator code internals (including testsuite
comments), before later patches rename C interfaces.

No change to generated code with this patch.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1457021813-10704-2-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqapi-dealloc: Reduce use outside of generated code
Eric Blake [Tue, 23 Feb 2016 21:14:33 +0000 (14:14 -0700)]
qapi-dealloc: Reduce use outside of generated code

No need to roll our own use of the dealloc visitors when we can
just directly use the qapi_free_FOO() functions that do what we
want in one line.

In net.c, inline net_visit() into its remaining lone caller.

After this patch, test-visitor-serialization.c is the only
non-generated file that needs to use a dealloc visitor, because
it is testing low level aspects of the visitor interface.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1456262075-3311-2-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoqmp-shell: fix pretty printing of JSON responses
Daniel P. Berrange [Tue, 23 Feb 2016 10:51:46 +0000 (10:51 +0000)]
qmp-shell: fix pretty printing of JSON responses

Pretty printing of JSON responses is important to be able to understand
large responses from query commands in particular. Unfortunately this
was broken during the addition of the verbose flag in

  commit 1ceca07e48ead0dd2e41576c81d40e6a91cafefd
  Author: John Snow <jsnow@redhat.com>
  Date:   Wed Apr 29 15:14:04 2015 -0400

    scripts: qmp-shell: Add verbose flag

This is because that change turned the python data structure into a
formatted JSON string before the pretty print was given it. So we're
just pretty printing a string, which is a no-op.

The original pretty printer would output python objects.

(QEMU) query-chardev
{   u'return': [   {   u'filename': u'vc',
                       u'frontend-open': False,
                       u'label': u'parallel0'},
                   {   u'filename': u'vc',
                       u'frontend-open': True,
                       u'label': u'serial0'},
                   {   u'filename': u'unix:/tmp/qemp,server',
                       u'frontend-open': True,
                       u'label': u'compat_monitor0'}]}

This fixes the problem by switching to outputting pretty formatted JSON
text instead. This has the added benefit that the pretty printed output
is now valid JSON text. Due to the way the verbose flag was handled, the
pretty printing now applies to the command sent, as well as its response:

(QEMU) query-chardev
{
    "execute": "query-chardev",
    "arguments": {}
}
{
    "return": [
        {
            "frontend-open": false,
            "label": "parallel0",
            "filename": "vc"
        },
        {
            "frontend-open": true,
            "label": "serial0",
            "filename": "vc"
        },
        {
            "frontend-open": true,
            "label": "compat_monitor0",
            "filename": "unix:/tmp/qmp,server"
        }
    ]
}

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1456224706-1591-1-git-send-email-berrange@redhat.com>
Tested-by: Kashyap Chamarthy <kchamart@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
[Bonus fix: multiple -p now work]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
8 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160304' into...
Peter Maydell [Fri, 4 Mar 2016 11:46:32 +0000 (11:46 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160304' into staging

target-arm queue:
 * Correct handling of writes to CPSR from gdbstub in user mode
 * virt: lift maximum RAM limit to 255GB
 * sdhci: implement reset
 * virt: if booting in Secure mode, provide secure-only RAM, make first
   flash device secure-only, and assume the EL3 boot rom will handle PSCI
 * bcm2835: use explicit endianness accessors rather than ldl/stl_phys
 * support big-endian in system mode for ARM
 * implement SETEND instruction
 * arm_gic: implement the GICv2 GICC_DIR register
 * fix SRS bug: only trap from S-EL1 to EL3 if specified mode is Mon

# gpg: Signature made Fri 04 Mar 2016 11:38:53 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"

* remotes/pmaydell/tags/pull-target-arm-20160304: (30 commits)
  target-arm: Only trap SRS from S-EL1 if specified mode is MON
  hw/intc/arm_gic.c: Implement GICv2 GICC_DIR
  arm: boot: Support big-endian elfs
  loader: Add data swap option to load-elf
  loader: load_elf(): Add doc comment
  loader: add API to load elf header
  target-arm: implement BE32 mode in system emulation
  target-arm: implement setend
  target-arm: introduce tbflag for endianness
  target-arm: a64: Add endianness support
  target-arm: introduce disas flag for endianness
  target-arm: pass DisasContext to gen_aa32_ld*/st*
  target-arm: implement SCTLR.EE
  linux-user: arm: handle CPSR.E correctly in strex emulation
  linux-user: arm: set CPSR.E/SCTLR.E0E correctly for BE mode
  arm: cpu: handle BE32 user-mode as BE
  target-arm: cpu: Move cpu_is_big_endian to header
  target-arm: implement SCTLR.B, drop bswap_code
  linux-user: arm: pass env to get_user_code_*
  linux-user: arm: fix coding style for some linux-user signal functions
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: Only trap SRS from S-EL1 if specified mode is MON
Ralf-Philipp Weinmann [Fri, 4 Mar 2016 11:30:22 +0000 (11:30 +0000)]
target-arm: Only trap SRS from S-EL1 if specified mode is MON

Commit cbc0326b6fb9 caused SRS instructions executed from Secure
EL1 to trap to EL3 even if the specified mode was not monitor mode.

According to the ARMv8 Architecture reference manual [F6.1.203], ALL
of the following conditions need to be met for SRS to trap to EL3:
* It is executed at Secure PL1.
* The specified mode is monitor mode.
* EL3 is using AArch64.

Correct the condition governing the trap to EL3 to check the
specified mode.

Signed-off-by: Ralf-Philipp Weinmann <ralf+devel@comsecuris.com>
Message-id: 20160222224251.GA11654@beta.comsecuris.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: tweaked comment text to read 'specified mode'; edited
 commit message]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agohw/intc/arm_gic.c: Implement GICv2 GICC_DIR
Peter Maydell [Fri, 4 Mar 2016 11:30:22 +0000 (11:30 +0000)]
hw/intc/arm_gic.c: Implement GICv2 GICC_DIR

The GICv2 introduces a new CPU interface register GICC_DIR, which
allows an OS to split the "priority drop" and "deactivate interrupt"
parts of interrupt completion. Implement this register.
(Note that the register is at offset 0x1000 in the CPU interface,
which means it is on a different 4K page from all the other registers.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1456854176-7813-1-git-send-email-peter.maydell@linaro.org

8 years agoarm: boot: Support big-endian elfs
Peter Crosthwaite [Fri, 4 Mar 2016 11:30:21 +0000 (11:30 +0000)]
arm: boot: Support big-endian elfs

Support ARM big-endian ELF files in system-mode emulation. When loading
an elf, determine the endianness mode expected by the elf, and set the
relevant CPU state accordingly.

With this, big-endian modes are now fully supported via system-mode LE,
so there is no need to restrict the elf loading to the TARGET
endianness so the ifdeffery on TARGET_WORDS_BIGENDIAN goes away.

Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: fix typo in comments]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoloader: Add data swap option to load-elf
Peter Crosthwaite [Fri, 4 Mar 2016 11:30:21 +0000 (11:30 +0000)]
loader: Add data swap option to load-elf

Some CPUs are of an opposite data-endianness to other components in the
system. Sometimes elfs have the data sections layed out with this CPU
data-endianness accounting for when loaded via the CPU, so byte swaps
(relative to other system components) will occur.

The leading example, is ARM's BE32 mode, which is is basically LE with
address manipulation on half-word and byte accesses to access the
hw/byte reversed address. This means that word data is invariant
across LE and BE32. This also means that instructions are still LE.
The expectation is that the elf will be loaded via the CPU in this
endianness scheme, which means the data in the elf is reversed at
compile time.

As QEMU loads via the system memory directly, rather than the CPU, we
need a mechanism to reverse elf data endianness to implement this
possibility.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoloader: load_elf(): Add doc comment
Peter Crosthwaite [Fri, 4 Mar 2016 11:30:21 +0000 (11:30 +0000)]
loader: load_elf(): Add doc comment

Document the usage of load_elf() for clarity on current features.

Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoloader: add API to load elf header
Peter Crosthwaite [Fri, 4 Mar 2016 11:30:21 +0000 (11:30 +0000)]
loader: add API to load elf header

Add an API to load an elf header header from a file. Populates a
buffer with the header contents, as well as a boolean for whether the
elf is 64b or not. Both arguments are optional.

Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: Fix typo in comment]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: implement BE32 mode in system emulation
Paolo Bonzini [Fri, 4 Mar 2016 11:30:21 +0000 (11:30 +0000)]
target-arm: implement BE32 mode in system emulation

System emulation only has a little-endian target; BE32 mode
is implemented by adjusting the low bits of the address
for every byte and halfword load and store.  64-bit accesses
flip the low and high words.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[PC changes:
  * rebased against master (Jan 2016)
]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: implement setend
Paolo Bonzini [Fri, 4 Mar 2016 11:30:21 +0000 (11:30 +0000)]
target-arm: implement setend

Since this is not a high-performance path, just use a helper to
flip the E bit and force a lookup in the hash table since the
flags have changed.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: introduce tbflag for endianness
Peter Crosthwaite [Fri, 4 Mar 2016 11:30:20 +0000 (11:30 +0000)]
target-arm: introduce tbflag for endianness

Introduce a tbflags for endianness, set based upon the CPUs current
endianness. This in turn propagates through to the disas endianness
flag.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: a64: Add endianness support
Peter Crosthwaite [Fri, 4 Mar 2016 11:30:20 +0000 (11:30 +0000)]
target-arm: a64: Add endianness support

Set the dc->mo_endianness flag for AA64 and use it in all ldst ops.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: introduce disas flag for endianness
Paolo Bonzini [Fri, 4 Mar 2016 11:30:20 +0000 (11:30 +0000)]
target-arm: introduce disas flag for endianness

Introduce a disas flag for setting the CPU data endianness. This allows
control of the endianness from the CPU state rather than hard-coding it
to TARGET_WORDS_BIGENDIAN.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[ PC changes:
  * Split off as new patch from original:
        "target-arm: introduce tbflag for CPSR.E"
  * Wrote commit message from scratch
]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: pass DisasContext to gen_aa32_ld*/st*
Paolo Bonzini [Fri, 4 Mar 2016 11:30:20 +0000 (11:30 +0000)]
target-arm: pass DisasContext to gen_aa32_ld*/st*

We'll need the DisasContext in the next patch to retrieve the
desired endianness, so pass it as a whole to gen_aa32_ld*/st*.

Unfortunately we cannot let those functions call get_mem_index,
because of user-mode load/store instructions.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[ PC changes:
 * Fix long lines
]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: implement SCTLR.EE
Peter Crosthwaite [Fri, 4 Mar 2016 11:30:20 +0000 (11:30 +0000)]
target-arm: implement SCTLR.EE

Implement SCTLR.EE bit which controls data endianess for exceptions
and page table translations. SCTLR.EE is mirrored to the CPSR.E bit
on exception entry.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agolinux-user: arm: handle CPSR.E correctly in strex emulation
Paolo Bonzini [Fri, 4 Mar 2016 11:30:19 +0000 (11:30 +0000)]
linux-user: arm: handle CPSR.E correctly in strex emulation

Now that CPSR.E is set correctly, prepare for when setend will be able
to change it; bswap data in and out of strex manually by comparing
SCTLR.B, CPSR.E and TARGET_WORDS_BIGENDIAN (we do not have the luxury
of using TCGMemOps).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[ PC changes:
  * Moved SCTLR/CPSR logic to arm_cpu_data_is_big_endian
]
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agolinux-user: arm: set CPSR.E/SCTLR.E0E correctly for BE mode
Peter Crosthwaite [Fri, 4 Mar 2016 11:30:19 +0000 (11:30 +0000)]
linux-user: arm: set CPSR.E/SCTLR.E0E correctly for BE mode

If doing big-endian linux-user mode, set both the CPSR.E and SCTLR.E0E
bits. This sets big-endian mode for data accesses.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoarm: cpu: handle BE32 user-mode as BE
Peter Crosthwaite [Fri, 4 Mar 2016 11:30:19 +0000 (11:30 +0000)]
arm: cpu: handle BE32 user-mode as BE

endian with address manipulations on subword accesses (to give the
illusion of BE). But user-mode cannot tell the difference and is
already implemented as straight BE. So handle the difference in the
endianess query, where USER mode is BE and system is not.

Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: cpu: Move cpu_is_big_endian to header
Peter Crosthwaite [Fri, 4 Mar 2016 11:30:19 +0000 (11:30 +0000)]
target-arm: cpu: Move cpu_is_big_endian to header

There is a CPU data endianness test that is used to drive the
virtio_big_endian test.

Move this up to the header so it can be more generally used for endian
tests. The KVM specific cpu_syncronize_state call is left behind in the
virtio specific function.

Rename it arm_cpu-data_is_big_endian() to more accurately capture that
this is for data accesses only.

Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: implement SCTLR.B, drop bswap_code
Paolo Bonzini [Fri, 4 Mar 2016 11:30:19 +0000 (11:30 +0000)]
target-arm: implement SCTLR.B, drop bswap_code

bswap_code is a CPU property of sorts ("is the iside endianness the
opposite way round to TARGET_WORDS_BIGENDIAN?") but it is not the
actual CPU state involved here which is SCTLR.B (set for BE32
binaries, clear for BE8).

Replace bswap_code with SCTLR.B, and pass that to arm_ld*_code.
The next patches will make data fetches honor both SCTLR.B and
CPSR.E appropriately.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[PC changes:
 * rebased on master (Jan 2016)
 * s/TARGET_USER_ONLY/CONFIG_USER_ONLY
 * Use bswap_code() for disas_set_info() instead of raw sctlr_b
]
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agolinux-user: arm: pass env to get_user_code_*
Paolo Bonzini [Fri, 4 Mar 2016 11:30:18 +0000 (11:30 +0000)]
linux-user: arm: pass env to get_user_code_*

This matches the idiom used by get_user_data_* later in the series,
and will help when bswap_code will be replaced by SCTLR.B.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agolinux-user: arm: fix coding style for some linux-user signal functions
Paolo Bonzini [Fri, 4 Mar 2016 11:30:18 +0000 (11:30 +0000)]
linux-user: arm: fix coding style for some linux-user signal functions

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agobcm2835_mbox/property: replace ldl_phys/stl_phys with endian-specific accesses
Andrew Baumann [Fri, 4 Mar 2016 11:30:18 +0000 (11:30 +0000)]
bcm2835_mbox/property: replace ldl_phys/stl_phys with endian-specific accesses

PMM pointed out that ldl_phys and stl_phys are dependent on the CPU's
endianness, whereas device model code should be independent of
it. This changes the relevant Raspberry Pi devices to explicitly call
the little-endian variants.

Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Message-id: 1456880233-22568-1-git-send-email-Andrew.Baumann@microsoft.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agohw/arm/virt: Assume EL3 boot rom will handle PSCI if one is provided
Peter Maydell [Fri, 4 Mar 2016 11:30:18 +0000 (11:30 +0000)]
hw/arm/virt: Assume EL3 boot rom will handle PSCI if one is provided

If the user passes us an EL3 boot rom, then it is going to want to
implement the PSCI interface itself. In this case, disable QEMU's
internal PSCI implementation so it does not get in the way, and
instead start all CPUs in an SMP configuration at once (the boot
rom will catch them all and pen up the secondaries until needed).
The boot rom code is also responsible for editing the device tree
to include any necessary information about its own PSCI implementation
before eventually passing it to a NonSecure guest.

(This "start all CPUs at once" approach is what both ARM Trusted
Firmware and UEFI expect, since it is what the ARM Foundation Model
does; the other approach would be to provide some emulated hardware
for "start the secondaries" but this is simplest.)

This is a compatibility break, but I don't believe that anybody
was using a secure boot ROM with an SMP configuration. Such a setup
would be somewhat broken since there was nothing preventing nonsecure
guest code from calling the QEMU PSCI function to start up a secondary
core in a way that completely bypassed the secure world.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 1456853976-7592-1-git-send-email-peter.maydell@linaro.org

8 years agohw/arm/virt: Make first flash device Secure-only if booting secure
Peter Maydell [Fri, 4 Mar 2016 11:30:18 +0000 (11:30 +0000)]
hw/arm/virt: Make first flash device Secure-only if booting secure

If the virt board is started with the 'secure' property set to
request a Secure setup, then make the first flash device be
visible only to the Secure world.

This is a breaking change, but I don't expect it to be noticed
by anybody, because running TZ-aware guests isn't common and
those guests are generally going to be booting from the flash
and implicitly expecting their Non-secure guests to not touch it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1455288361-30117-5-git-send-email-peter.maydell@linaro.org

8 years agohw/arm/virt: Load bios image to MemoryRegion, not physaddr
Peter Maydell [Fri, 4 Mar 2016 11:30:17 +0000 (11:30 +0000)]
hw/arm/virt: Load bios image to MemoryRegion, not physaddr

If we're loading a BIOS image into the first flash device,
load it into the flash's memory region specifically, not
into the physical address where the flash resides. This will
make a difference when the flash might be in the Secure
address space rather than the Nonsecure one.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1455288361-30117-4-git-send-email-peter.maydell@linaro.org

8 years agoloader: Add load_image_mr() to load ROM image to a MemoryRegion
Peter Maydell [Fri, 4 Mar 2016 11:30:17 +0000 (11:30 +0000)]
loader: Add load_image_mr() to load ROM image to a MemoryRegion

Add a new function load_image_mr(), which behaves like
load_image_targphys() except that it loads the ROM image to
a specified MemoryRegion rather than to a specified physical
address. This is useful when a ROM blob needs to be loaded
to a particular flash or ROM device but the address of that
device in the machine's address space is not known. (For
instance, ROMs in devices, or ROMs which might exist in
a different address space to the system address space.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1455288361-30117-3-git-send-email-peter.maydell@linaro.org
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
8 years agohw/arm/virt: Provide a secure-only RAM if booting in Secure mode
Peter Maydell [Fri, 4 Mar 2016 11:30:17 +0000 (11:30 +0000)]
hw/arm/virt: Provide a secure-only RAM if booting in Secure mode

If we're booting in Secure mode, provide a secure-only RAM
(just 16MB) so that secure firmware has somewhere to run
from that won't be accessible to the Non-secure guest.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1455288361-30117-2-git-send-email-peter.maydell@linaro.org

8 years agosdhci: Implement DeviceClass reset
Peter Maydell [Fri, 4 Mar 2016 11:30:17 +0000 (11:30 +0000)]
sdhci: Implement DeviceClass reset

The sdhci device was missing a DeviceClass reset method;
implement it. Poweron reset looks the same as reset commanded
by the guest via the device registers, apart from modelling of
the rpi 'pending insert interrupt on powerup' quirk.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Message-id: 1456493044-10025-3-git-send-email-peter.maydell@linaro.org

8 years agosd.c: Handle NULL block backend in sd_get_inserted()
Peter Maydell [Fri, 4 Mar 2016 11:30:17 +0000 (11:30 +0000)]
sd.c: Handle NULL block backend in sd_get_inserted()

The sd.c SD card emulation code can be in a state where the
SDState BlockBackend pointer is NULL; this is treated as
"card not present". Add a missing check to sd_get_inserted()
so that we don't segfault in this situation.

(This could be provoked by the guest writing to the SDHCI
register to do a reset on a xilinx-zynq-a9 board; it will
also happen at startup when sdhci implements its DeviceClass
reset method.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Message-id: 1456493044-10025-2-git-send-email-peter.maydell@linaro.org

8 years agovirt: Lift the maximum RAM limit from 30GB to 255GB
Peter Maydell [Fri, 4 Mar 2016 11:30:16 +0000 (11:30 +0000)]
virt: Lift the maximum RAM limit from 30GB to 255GB

The virt board restricts guests to only 30GB of RAM. This is a
hangover from the vexpress-a15 board, and there's no inherent reason
for it. 30GB is smaller than you might reasonably want to provision
a VM for on a beefy server machine. Raise the limit to 255GB.

We choose 255GB because the available space we currently have
below the 1TB boundary is up to the 512GB mark, but we don't
want to paint ourselves into a corner by assigning it all to
RAM. So we make half of it available for RAM, with the 256GB..512GB
range available for future non-RAM expansion purposes.

If we need to provide more RAM to VMs in the future then we need to:
 * allocate a second bank of RAM starting at 2TB and working up
 * fix the DT and ACPI table generation code in QEMU to correctly
   report two split lumps of RAM to the guest
 * fix KVM in the host kernel to allow guests with >40 bit address spaces

The last of these is obviously the trickiest, but it seems
reasonable to assume that anybody configuring a VM with a quarter
of a terabyte of RAM will be doing it on a host with more than a
terabyte of physical address space.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Tested-by: Wei Huang <wei@redhat.com>
Message-id: 1456402182-11651-1-git-send-email-peter.maydell@linaro.org

8 years agotarget-arm: Correct handling of writes to CPSR mode bits from gdb in usermode
Peter Maydell [Fri, 4 Mar 2016 11:30:16 +0000 (11:30 +0000)]
target-arm: Correct handling of writes to CPSR mode bits from gdb in usermode

In helper.c the expression
  (env->uncached_cpsr & CPSR_M) != CPSR_USER
is always true; the right hand side was supposed to be ARM_CPU_MODE_USR
(an error in commit cb01d391).

Since the incorrect expression was always true, this just meant that
commit cb01d391 had no effect.

However simply changing the RHS here would reveal a logic error: if
the mode is USR we wish to completely ignore the attempt to set the
mode bits, which means that we must clear the CPSR_M bits from mask
to avoid the uncached_cpsr bits being updated at the end of the
function.

Move the condition into the correct place in the code, fix its RHS
constant, and add a comment about the fact that we must be doing a
gdbstub write if we're in user mode.

Fixes: https://bugs.launchpad.net/qemu/+bug/1550503
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1456764438-30015-1-git-send-email-peter.maydell@linaro.org

8 years agoMerge remote-tracking branch 'remotes/amit-virtio-rng/tags/rng-for-2.6-1' into staging
Peter Maydell [Thu, 3 Mar 2016 13:13:35 +0000 (13:13 +0000)]
Merge remote-tracking branch 'remotes/amit-virtio-rng/tags/rng-for-2.6-1' into staging

rng:
- implement a request queue for rng-random so multiple guest requests
  don't result in vq buffers getting forgotten
- remove unused request cancellation code
- a VM with multiple vq buffers, when migrated, could get in a situation
  where not all buffers are handed back to the guest.  This is now
  fixed.

# gpg: Signature made Thu 03 Mar 2016 12:18:54 GMT using RSA key ID 854083B6
# gpg: Good signature from "Amit Shah <amit@amitshah.net>"
# gpg:                 aka "Amit Shah <amit@kernel.org>"
# gpg:                 aka "Amit Shah <amitshah@gmx.net>"

* remotes/amit-virtio-rng/tags/rng-for-2.6-1:
  virtio-rng: ask for more data if queue is not fully drained
  rng: add request queue support to rng-random
  rng: move request queue cleanup from RngEgd to RngBackend
  rng: move request queue from RngEgd to RngBackend
  rng: remove the unused request cancellation code
  MAINTAINERS: Add an entry for the include/sysemu/rng*.h files

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agovirtio-rng: ask for more data if queue is not fully drained
Ladi Prosek [Thu, 3 Mar 2016 09:48:34 +0000 (10:48 +0100)]
virtio-rng: ask for more data if queue is not fully drained

This commit effectively reverts:

  commit 4621c1768ef5d12171cca2aa1473595ecb9f1c9e
  Author: Amit Shah <amit.shah@redhat.com>
  Date:   Wed Nov 21 11:21:19 2012 +0530

  virtio-rng: remove extra request for entropy

but instead of calling virtio_rng_process unconditionally, it
first checks to see if the queue is empty as a little bit of
optimization.

Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Message-Id: <1456998514-19271-1-git-send-email-lprosek@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agorng: add request queue support to rng-random
Ladi Prosek [Thu, 3 Mar 2016 08:37:18 +0000 (09:37 +0100)]
rng: add request queue support to rng-random

Requests are now created in the RngBackend parent class and the
code path is shared by both rng-egd and rng-random.

This commit fixes the rng-random implementation which processed
only one request at a time and simply discarded all but the most
recent one. In the guest this manifested as delayed completion
of reads from virtio-rng, i.e. a read was completed only after
another read was issued.

By switching rng-random to use the same request queue as rng-egd,
the unsafe stack-based allocation of the entropy buffer is
eliminated and replaced with g_malloc.

Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Message-Id: <1456994238-9585-5-git-send-email-lprosek@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agorng: move request queue cleanup from RngEgd to RngBackend
Ladi Prosek [Thu, 3 Mar 2016 08:37:17 +0000 (09:37 +0100)]
rng: move request queue cleanup from RngEgd to RngBackend

RngBackend is now in charge of cleaning up the linked list on
instance finalization. It also exposes a function to finalize
individual RngRequest instances, called by its child classes.

Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Message-Id: <1456994238-9585-4-git-send-email-lprosek@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agorng: move request queue from RngEgd to RngBackend
Ladi Prosek [Thu, 3 Mar 2016 08:37:16 +0000 (09:37 +0100)]
rng: move request queue from RngEgd to RngBackend

The 'requests' field now lives in the RngBackend parent class.
There are no functional changes in this commit.

Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Message-Id: <1456994238-9585-3-git-send-email-lprosek@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>