sdk/emulator/qemu.git
9 years agomachine: query kernel-irqchip property
Marcel Apfelbaum [Tue, 10 Mar 2015 16:59:54 +0000 (18:59 +0200)]
machine: query kernel-irqchip property

Running
    x86_64-softmmu/qemu-system-x86_64 -machine pc,kernel_irqchip=on -enable-kvm
leads to crash:
    qemu-system-x86_64: qemu/util/qemu-option.c:387: qemu_opt_get_bool_helper:
    Assertion `opt->desc && opt->desc->type == QEMU_OPT_BOOL' failed.  Aborted
    (core dumped)

This happens because the commit e79d5a6 ("machine: remove qemu_machine_opts
global list") removed the global option descriptions and moved them to
MachineState's QOM properties.

Fix this by querying machine properties through designated wrappers.

Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agomachine: allowed/required kernel-irqchip support
Marcel Apfelbaum [Wed, 4 Feb 2015 15:43:49 +0000 (17:43 +0200)]
machine: allowed/required kernel-irqchip support

The code using kernel-irqchip property requires 'allowed/required'
functionality. Replace machine's kernel_irqchip field with two fields
representing the new functionality and expose them through wrappers.

Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
9 years agomachine: replace qemu opts with iommu property
Marcel Apfelbaum [Wed, 4 Feb 2015 15:43:48 +0000 (17:43 +0200)]
machine: replace qemu opts with iommu property

Fixes a QEMU crash when passing iommu parameter in command line.
Running
    x86_64-softmmu/qemu-system-x86_64 -machine pc,iommu=on -enable-kvm
leads to crash:
    qemu-system-x86_64: qemu/util/qemu-option.c:387: qemu_opt_get_bool_helper:
    Assertion `opt->desc && opt->desc->type == QEMU_OPT_BOOL' failed.
    Aborted (core dumped)

This happens because commit e79d5a6 ("machine: remove qemu_machine_opts global
list") removed the global option descriptions and moved them to MachineState's
QOM properties.

Fix this by querying machine properties through designated wrappers.

Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
9 years agopci/shpc: fix signed integer overflow
Michael S. Tsirkin [Mon, 9 Mar 2015 14:59:46 +0000 (15:59 +0100)]
pci/shpc: fix signed integer overflow

clang undefined behaviour sanitizer reports:
> hw/pci/shpc.c:162:27: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'

Caused by the usual lack of a 'U' qualifier on a constant 1 being
shifted left. Fix it up.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agoacpi-test: update expected files
Michael S. Tsirkin [Wed, 11 Mar 2015 14:07:13 +0000 (15:07 +0100)]
acpi-test: update expected files

commit ecdc7bab095a2cf29d9e9d4a7e1494f586a8b270
    "acpi: fix aml_equal term implementation"
dropped a useless Zero in generated code,
update expected files appropriately.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agoacpi: fix aml_equal term implementation
Marcel Apfelbaum [Sun, 8 Mar 2015 11:16:03 +0000 (13:16 +0200)]
acpi: fix aml_equal term implementation

The DefLEqual op does not have a target operand. Remove it.

Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
9 years agoaml-build: append opcodes using build_append_byte
Michael S. Tsirkin [Sun, 8 Mar 2015 15:19:15 +0000 (16:19 +0100)]
aml-build: append opcodes using build_append_byte

Opcodes are raw bytes, they shouldn't be added
using build_append_int. This only happens to work
with 0 and 1 opcodes.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
9 years agoaml-build: don't modify child
Michael S. Tsirkin [Sat, 7 Mar 2015 19:47:51 +0000 (20:47 +0100)]
aml-build: don't modify child

this code:
    aml_append(foo, bar);

might, non-intuitively, modify bar, which means that e.g. the following
might not DTRT:

    c = ....;
    aml_append(a, c);
    aml_append(b, c);

to fix, simply allocate an intermediate array,
and always modify that.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-03-04' into...
Peter Maydell [Tue, 10 Mar 2015 11:44:59 +0000 (11:44 +0000)]
Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-03-04' into staging

trivial patches for 2015-03-04

# gpg: Signature made Tue Mar 10 05:16:59 2015 GMT using RSA key ID A4C3D7DB
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg:                 aka "Michael Tokarev <mjt@corpit.ru>"
# gpg:                 aka "Michael Tokarev <mjt@debian.org>"

* remotes/mjt/tags/pull-trivial-patches-2015-03-04: (44 commits)
  9pfs: remove useless return
  gdbstub: avoid possible NULL pointer dereference
  milkymist-pfpu: fix GCC 5.0.0 aggressive-loop-optimizations warning
  fix GCC 5.0.0 logical-not-parentheses warnings
  migration: Fix coding style (whitespace issues)
  oslib-posix: Fix compiler warning (-Wclobbered) and simplify the code
  disas/microblaze: Fix warnings caused by missing 'static' attribute
  disas/arm: Fix warnings caused by missing 'static' attribute
  vhost_net: Add missing 'static' attribute
  e500: fix memory leak
  gitignore: Ignore new tests
  gitignore: Track common.env in iotests gitignore
  sysbus: fix memory leak
  milkymist.c: fix memory leak
  macio: fix possible memory leak
  sparc/leon3.c: fix memory leak
  nbd: fix resource leak
  qemu-char: add cyrillic key 'numerosign' to Russian keymap
  qemu-char: add cyrillic characters 'numerosign' to VNC keysyms
  qapi-schema: Fix SpiceChannel docs
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years ago9pfs: remove useless return
Michael Tokarev [Wed, 4 Mar 2015 17:03:41 +0000 (20:03 +0300)]
9pfs: remove useless return

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agogdbstub: avoid possible NULL pointer dereference
Paolo Bonzini [Mon, 2 Mar 2015 12:26:58 +0000 (13:26 +0100)]
gdbstub: avoid possible NULL pointer dereference

Coverity reports that s->chr is checked after put_packet dereferences it.
Move the check earlier, consistent with the code used for user-mode
emulation.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agomilkymist-pfpu: fix GCC 5.0.0 aggressive-loop-optimizations warning
Radim Krčmář [Fri, 20 Feb 2015 16:06:16 +0000 (17:06 +0100)]
milkymist-pfpu: fix GCC 5.0.0 aggressive-loop-optimizations warning

man gcc:
  Warn if in a loop with constant number of iterations the compiler
  detects undefined behavior in some statement during one or more of
  the iterations.

Milkymist pfpu has no jump instructions, so checking for MICROCODE_WORDS
instructions should have kept us in bounds of s->microcode, but i++
allowed one loop too many,

  hw/misc/milkymist-pfpu.c: In function ‘pfpu_write’:
  hw/misc/milkymist-pfpu.c:365:20: error: loop exit may only be reached after undefined behavior [-Werror=aggressive-loop-optimizations]
                   if (i++ >= MICROCODE_WORDS) {
                      ^
  hw/misc/milkymist-pfpu.c:167:14: note: possible undefined statement is here
       uint32_t insn = s->microcode[pc];
                ^

The code can still access out of bounds, because it presumes that PC register
always begins at 0, and we allow writing to it.

Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Acked-by: Michael Walle <michael@walle.cc>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agofix GCC 5.0.0 logical-not-parentheses warnings
Radim Krčmář [Fri, 20 Feb 2015 16:06:15 +0000 (17:06 +0100)]
fix GCC 5.0.0 logical-not-parentheses warnings

man gcc:
  Warn about logical not used on the left hand side operand of a
  comparison.  This option does not warn if the RHS operand is of a
  boolean type.

By preferring bool over int where sensible, but without modifying any
depending code, make GCC happy in cases like this,
  qemu-img.c: In function ‘compare_sectors’:
  qemu-img.c:992:39: error: logical not is only applied to the left hand
  side of comparison [-Werror=logical-not-parentheses]
           if (!!memcmp(buf1, buf2, 512) != res) {

hw/ide/core.c:1836 doesn't throw an error,
  assert(!!s->error == !!(s->status & ERR_STAT));
even thought the second operand is int (and first hunk of this patch has
a very similar case), maybe GCC developers still have a little faith in
C programmers.

Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agomigration: Fix coding style (whitespace issues)
Stefan Weil [Sat, 28 Feb 2015 18:09:41 +0000 (19:09 +0100)]
migration: Fix coding style (whitespace issues)

* Remove trailing whitespace (fixes 9 errors from checkpatch.pl).
  One comment line was longer than 80 characters, so wrap it
  and fix a typo, too.
* Replace tabs by blanks (fixes 1 error).

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agooslib-posix: Fix compiler warning (-Wclobbered) and simplify the code
Stefan Weil [Sun, 1 Mar 2015 12:52:06 +0000 (13:52 +0100)]
oslib-posix: Fix compiler warning (-Wclobbered) and simplify the code

gcc reports this warning with -Wclobbered:

util/oslib-posix.c: In function ‘os_mem_prealloc’:
util/oslib-posix.c:374:49: error: argument ‘memory’ might be clobbered by
 ‘longjmp’ or ‘vfork’ [-Werror=clobbered]

Fix this and simplify the code by using an existing macro.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agodisas/microblaze: Fix warnings caused by missing 'static' attribute
Stefan Weil [Sun, 1 Mar 2015 13:18:35 +0000 (14:18 +0100)]
disas/microblaze: Fix warnings caused by missing 'static' attribute

Warnings from the Sparse static analysis tool:

disas/microblaze.c:289:3: warning:
 symbol 'opcodes' was not declared. Should it be static?
disas/microblaze.c:570:6: warning:
 symbol 'register_prefix' was not declared. Should it be static?
disas/microblaze.c:571:6: warning:
 symbol 'special_register_prefix' was not declared. Should it be static?
disas/microblaze.c:572:6: warning:
 symbol 'fsl_register_prefix' was not declared. Should it be static?
disas/microblaze.c:573:6: warning:
 symbol 'pvr_register_prefix' was not declared. Should it be static?

Remove the unused variable special_register_prefix.
The variable pvr_register_prefix was unused, too, but can be used.
Add also 'const' where possible.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agodisas/arm: Fix warnings caused by missing 'static' attribute
Stefan Weil [Sun, 1 Mar 2015 13:05:51 +0000 (14:05 +0100)]
disas/arm: Fix warnings caused by missing 'static' attribute

Warnings from the Sparse static analysis tool:

disas/arm.c:1552:15: warning:
 symbol 'last_type' was not declared. Should it be static?
disas/arm.c:1553:5: warning:
 symbol 'last_mapping_sym' was not declared. Should it be static?
disas/arm.c:1554:9: warning:
 symbol 'last_mapping_addr' was not declared. Should it be static?

Instead of adding 'static', the unused variables and the unused code which
refers to those variables (which was deactivated a long time ago in
commit 4b0f1a8b) are removed.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agovhost_net: Add missing 'static' attribute
Stefan Weil [Sat, 28 Feb 2015 18:19:17 +0000 (19:19 +0100)]
vhost_net: Add missing 'static' attribute

This fixes a warning from smatch.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoe500: fix memory leak
Michael Tokarev [Sat, 28 Feb 2015 17:27:43 +0000 (20:27 +0300)]
e500: fix memory leak

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
9 years agogitignore: Ignore new tests
Cole Robinson [Fri, 27 Feb 2015 15:21:22 +0000 (10:21 -0500)]
gitignore: Ignore new tests

Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agogitignore: Track common.env in iotests gitignore
Cole Robinson [Fri, 27 Feb 2015 15:21:21 +0000 (10:21 -0500)]
gitignore: Track common.env in iotests gitignore

Rather than track it in the toplevel gitignore

Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agosysbus: fix memory leak
Gonglei [Fri, 27 Feb 2015 07:50:18 +0000 (15:50 +0800)]
sysbus: fix memory leak

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agomilkymist.c: fix memory leak
Gonglei [Fri, 27 Feb 2015 07:50:17 +0000 (15:50 +0800)]
milkymist.c: fix memory leak

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agomacio: fix possible memory leak
Gonglei [Fri, 27 Feb 2015 07:50:14 +0000 (15:50 +0800)]
macio: fix possible memory leak

If ret = macio_initfn_ide() is less than 0, the timer_memory
will leak the memory it points to.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agosparc/leon3.c: fix memory leak
Gonglei [Fri, 27 Feb 2015 07:50:13 +0000 (15:50 +0800)]
sparc/leon3.c: fix memory leak

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agonbd: fix resource leak
Gonglei [Fri, 27 Feb 2015 07:50:11 +0000 (15:50 +0800)]
nbd: fix resource leak

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoqemu-char: add cyrillic key 'numerosign' to Russian keymap
Wang Xin [Sat, 28 Feb 2015 08:33:23 +0000 (16:33 +0800)]
qemu-char: add cyrillic key 'numerosign' to Russian keymap

numero sign is the number sign key of Russian keyboard layout, we
get this key with 'shift + 3'. It's missing in current Russian keymap file,
this patch fixes it.
As number sign does not exsit in Russian keyboard layout[1][2], this
patch also removes the 'numbersign' from Russian keymap.

[1] http://en.wikipedia.org/wiki/Keyboard_layout#Russian
[2] http://kbd-intl.narod.ru/english/layouts

Signed-off-by: Wang Xin <wangxinxin.wang@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoqemu-char: add cyrillic characters 'numerosign' to VNC keysyms
Wang Xin [Sat, 28 Feb 2015 08:33:22 +0000 (16:33 +0800)]
qemu-char: add cyrillic characters 'numerosign' to VNC keysyms

This patch adds missing cyrillic character 'numerosign' to the VNC
keysym table, it's needed by Russian keyboard. And I get the keysym from
'<X11/keysymdef.h>', the current keysym table in Qemu was generated from
it.

Signed-off-by: Wang xin <wangxinxin.wang@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoqapi-schema: Fix SpiceChannel docs
Cole Robinson [Thu, 26 Feb 2015 18:59:58 +0000 (13:59 -0500)]
qapi-schema: Fix SpiceChannel docs

The value is called channel-type, not connection-type

Signed-off-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoxen: Remove xen_cmos_set_s3_resume()
Thomas Huth [Thu, 26 Feb 2015 13:28:08 +0000 (14:28 +0100)]
xen: Remove xen_cmos_set_s3_resume()

The function is not used anymore, and thus can be deleted.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoui/vnc: Remove vnc_stop_worker_thread()
Thomas Huth [Thu, 26 Feb 2015 13:28:07 +0000 (14:28 +0100)]
ui/vnc: Remove vnc_stop_worker_thread()

This function is not used anymore, let's remove it.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoui: Removed unused functions
Thomas Huth [Thu, 26 Feb 2015 13:28:06 +0000 (14:28 +0100)]
ui: Removed unused functions

Remove qemu_console_displaystate(), qemu_remove_kbd_event_handler(),
qemu_different_endianness_pixelformat() and cpkey(), since they are
completely unused.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agovhost: Remove superfluous '\n' around error_report()
Gonglei [Wed, 25 Feb 2015 04:22:37 +0000 (12:22 +0800)]
vhost: Remove superfluous '\n' around error_report()

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoarm/digic_boards: Remove superfluous '\n' around error_report()
Gonglei [Wed, 25 Feb 2015 04:22:36 +0000 (12:22 +0800)]
arm/digic_boards: Remove superfluous '\n' around error_report()

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agotpm: Remove superfluous '\n' around error_report()
Gonglei [Wed, 25 Feb 2015 04:22:35 +0000 (12:22 +0800)]
tpm: Remove superfluous '\n' around error_report()

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoxtensa: Remove superfluous '\n' around error_report()
Gonglei [Wed, 25 Feb 2015 04:22:34 +0000 (12:22 +0800)]
xtensa: Remove superfluous '\n' around error_report()

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agovfio: Remove superfluous '\n' around error_report()
Gonglei [Wed, 25 Feb 2015 04:22:33 +0000 (12:22 +0800)]
vfio: Remove superfluous '\n' around error_report()

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agovhost-scsi: Remove superfluous '\n' around error_report()
Gonglei [Wed, 25 Feb 2015 04:22:32 +0000 (12:22 +0800)]
vhost-scsi: Remove superfluous '\n' around error_report()

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoRemove superfluous '\n' around error_report()
Gonglei [Wed, 25 Feb 2015 04:22:31 +0000 (12:22 +0800)]
Remove superfluous '\n' around error_report()

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agonuma: remove superfluous '\n' around error_setg
Gonglei [Wed, 25 Feb 2015 04:22:30 +0000 (12:22 +0800)]
numa: remove superfluous '\n' around error_setg

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agopl330.c: remove superfluous '\n' around error_setg
Gonglei [Wed, 25 Feb 2015 04:22:29 +0000 (12:22 +0800)]
pl330.c: remove superfluous '\n' around error_setg

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoa9gtimer: remove superfluous '\n' around error_setg
Gonglei [Wed, 25 Feb 2015 04:22:28 +0000 (12:22 +0800)]
a9gtimer: remove superfluous '\n' around error_setg

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoblock: remove superfluous '\n' around error_report/error_setg
Gonglei [Wed, 25 Feb 2015 04:22:27 +0000 (12:22 +0800)]
block: remove superfluous '\n' around error_report/error_setg

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoqmp-commands.hx: Fix several typos
Alberto Garcia [Thu, 26 Feb 2015 14:35:07 +0000 (16:35 +0200)]
qmp-commands.hx: Fix several typos

Signed-off-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoqerror.h: Swap definitions that were not in alphabetical order
Alberto Garcia [Fri, 20 Feb 2015 12:58:23 +0000 (14:58 +0200)]
qerror.h: Swap definitions that were not in alphabetical order

Signed-off-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoAdd copyright and author after file split
Stefan Berger [Mon, 23 Feb 2015 14:17:34 +0000 (09:17 -0500)]
Add copyright and author after file split

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agocutils: refine strtol error handling in parse_debug_env
Paolo Bonzini [Wed, 11 Feb 2015 11:30:43 +0000 (12:30 +0100)]
cutils: refine strtol error handling in parse_debug_env

Avoid truncation of a 64-bit long to a 32-bit int, and check for errno
(especially ERANGE).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoqemu-options: fix/document -incoming options
Michael Tokarev [Tue, 10 Feb 2015 19:40:47 +0000 (22:40 +0300)]
qemu-options: fix/document -incoming options

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agosmbios: document cmdline options for smbios type 2-4, 17 structures
Gabriel L. Somlo [Thu, 5 Feb 2015 16:45:30 +0000 (11:45 -0500)]
smbios: document cmdline options for smbios type 2-4, 17 structures

Signed-off-by: Gabriel Somlo <somlo@cmu.edu>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agomemsave: Improve and disambiguate error message
Borislav Petkov [Sun, 8 Feb 2015 12:14:38 +0000 (13:14 +0100)]
memsave: Improve and disambiguate error message

When requesting a size which cannot be read, the error message shows
a different address which is misleading to the user and it looks like
something's wrong with the address parsing. This is because the input
@addr variable is incremented in the memory dumping loop:

(qemu) memsave 0xffffffff8418069c 0xb00000 mem
Invalid addr 0xffffffff849ffe9c specified

Fix that by saving the original address and size and use them in the
error message:

(qemu) memsave 0xffffffff8418069c 0xb00000 mem
Invalid addr 0xffffffff8418069c/size 11534336 specified

Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoxilinx_ethlite: Clean up after commit 2f991ad
Markus Armbruster [Wed, 21 Jan 2015 13:18:37 +0000 (14:18 +0100)]
xilinx_ethlite: Clean up after commit 2f991ad

The "fall through" added by the commit is clearly intentional.  Mark
it so.  Hushes up Coverity.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoxen-pt: fix Out-of-bounds read
Gonglei [Tue, 10 Feb 2015 07:51:23 +0000 (15:51 +0800)]
xen-pt: fix Out-of-bounds read

The array length of s->real_device.io_regions[] is
"PCI_NUM_REGIONS - 1".

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoxen-pt: fix Negative array index read
Gonglei [Tue, 10 Feb 2015 07:51:22 +0000 (15:51 +0800)]
xen-pt: fix Negative array index read

Coverity spot:
Function xen_pt_bar_offset_to_index() may return a negative
value (-1) which is used as an index to d->io_regions[] down
the line.

Let's pass index directly as an argument to
xen_pt_bar_reg_parse().

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
9 years agoMerge remote-tracking branch 'remotes/agraf/tags/signed-ppc-for-upstream' into staging
Peter Maydell [Mon, 9 Mar 2015 14:04:14 +0000 (14:04 +0000)]
Merge remote-tracking branch 'remotes/agraf/tags/signed-ppc-for-upstream' into staging

Patch queue for ppc - 2015-03-09

This is my current patch queue for 2.3. Highlights include:

  * pseries: 2.3 machine
  * pseries: Export RTC via QOM
  * pseries: EEH support
  * mac: save/restore support
  * fix POWER5 hosts
  * random bug fixes

# gpg: Signature made Mon Mar  9 14:00:53 2015 GMT using RSA key ID 03FEDC60
# gpg: Good signature from "Alexander Graf <agraf@suse.de>"
# gpg:                 aka "Alexander Graf <alex@csgraf.de>"

* remotes/agraf/tags/signed-ppc-for-upstream: (38 commits)
  target-ppc: Fix warnings from Sparse
  sPAPR: Implement sPAPRPHBClass EEH callbacks
  sPAPR: Implement EEH RTAS calls
  target-ppc: Add versions to server CPU descriptions
  PPC: Introduce the Virtual Time Base (VTB) SPR register
  PPC: Remove duplicate OPENPIC defines in default-configs
  ppc64-softmmu: Remove duplicated OPENPIC from config
  Revert "default-configs/ppc64: add all components of i82378 SuperIO chip used by prep"
  spapr_vio: Convert to realize()
  openpic: convert to vmstate
  openpic: switch IRQQueue queue from inline to bitmap
  openpic: fix up loadvm under -M mac99
  openpic: fix segfault on -M mac99 savevm
  target-ppc: force update of msr bits in cpu_post_load
  target-ppc: move sdr1 value change detection logic to helper_store_sdr1()
  cuda.c: include adb_poll_timer in VMStateDescription
  adb.c: include ADBDevice parent state in KBDState and MouseState
  macio.c: include parent PCIDevice state in VMStateDescription
  display cpu id dump state
  Openpic: check that cpu id is within the number of cpus
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-ppc: Fix warnings from Sparse
Stefan Weil [Sat, 7 Mar 2015 22:16:38 +0000 (23:16 +0100)]
target-ppc: Fix warnings from Sparse

Sparse report:

target-ppc/mmu-hash64.c:353:9: warning: returning void-valued expression
target-ppc/mmu-hash64.c:620:9: warning: returning void-valued expression

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agosPAPR: Implement sPAPRPHBClass EEH callbacks
Gavin Shan [Fri, 20 Feb 2015 04:58:53 +0000 (15:58 +1100)]
sPAPR: Implement sPAPRPHBClass EEH callbacks

The patch implements sPAPRPHBClass EEH callbacks so that the EEH
RTAS requests can be routed to VFIO for further handling.

Signed-off-by: Gavin Shan <gwshan@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agosPAPR: Implement EEH RTAS calls
Gavin Shan [Fri, 20 Feb 2015 04:58:52 +0000 (15:58 +1100)]
sPAPR: Implement EEH RTAS calls

The emulation for EEH RTAS requests from guest isn't covered
by QEMU yet and the patch implements them.

The patch defines constants used by EEH RTAS calls and adds
callbacks sPAPRPHBClass::{eeh_set_option, eeh_get_state, eeh_reset,
eeh_configure}, which are going to be used as follows:

  * RTAS calls are received in spapr_pci.c, sanity check is done
    there.
  * RTAS handlers handle what they can. If there is something it
    cannot handle and the corresponding sPAPRPHBClass callback is
    defined, it is called.
  * Those callbacks are only implemented for VFIO now. They do ioctl()
    to the IOMMU container fd to complete the calls. Error codes from
    that ioctl() are transferred back to the guest.

[aik: defined RTAS tokens for EEH RTAS calls]
Signed-off-by: Gavin Shan <gwshan@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agotarget-ppc: Add versions to server CPU descriptions
Alexey Kardashevskiy [Wed, 4 Mar 2015 01:31:26 +0000 (12:31 +1100)]
target-ppc: Add versions to server CPU descriptions

5b79b1c "target-ppc: Create versionless CPU class per family if KVM" added
a dynamic CPU class registration with the name of the CPU family which
QEMU is running on. For example, this allowed specifying "-cpu POWER7"
on every version of POWER7 machine, not just the one which POWER7 was
an alias of. I.e. before 5b79b1c, "-cpu POWER7" would not work on real
POWER7 2.1 and would work on POWER7 2.3 only. The same story for POWER8.

However that patch broke POWER5+ support as POWER5+ CPU uses the same
name as the CPU class so dynamic registering of the POWER5+ class failed.

This redefines POWER5+ server CPUs by adding a version to them and adding
an alias for TCG case. KVM will use dynamically registered CPUs.

While we are here, do the same for 970 CPU.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoPPC: Introduce the Virtual Time Base (VTB) SPR register
Cyril Bur [Mon, 2 Mar 2015 06:55:38 +0000 (17:55 +1100)]
PPC: Introduce the Virtual Time Base (VTB) SPR register

This patch adds basic support for the VTB.

PowerISA:
The Virtual Time Base (VTB) is a 64-bit incrementing counter.
Virtual Time Base increments at the same rate as the Time Base until its value
becomes 0xFFFF_FFFF_FFFF_FFFF (2 64 - 1); at the next increment its value
becomes 0x0000_0000_0000_0000. There is no interrupt or other indication when
this occurs.

The operation of the Virtual Time Base has the following additional
properties.
1. Loading a GPR from the Virtual Time Base has no effect on the accuracy of
the Virtual Time Base.
2. Copying the contents of a GPR to the Virtual Time Base replaces the
contents of the Virtual Time Base with the contents of the GPR.

Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoPPC: Remove duplicate OPENPIC defines in default-configs
Alexander Graf [Mon, 2 Mar 2015 13:31:58 +0000 (14:31 +0100)]
PPC: Remove duplicate OPENPIC defines in default-configs

The CONFIG_OPENPIC variable was declared multiple times. We only need it once.

Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoppc64-softmmu: Remove duplicated OPENPIC from config
Alexey Kardashevskiy [Mon, 2 Mar 2015 06:46:27 +0000 (17:46 +1100)]
ppc64-softmmu: Remove duplicated OPENPIC from config

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoRevert "default-configs/ppc64: add all components of i82378 SuperIO chip used by...
Alexey Kardashevskiy [Mon, 2 Mar 2015 06:46:25 +0000 (17:46 +1100)]
Revert "default-configs/ppc64: add all components of i82378 SuperIO chip used by prep"

This reverts commit 9c9984242ce46ccf8636f5c19e81d794e84aa0c7 as even when
it was applied, all supposedly new config options were already enabled.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agospapr_vio: Convert to realize()
Markus Armbruster [Fri, 27 Feb 2015 10:52:17 +0000 (11:52 +0100)]
spapr_vio: Convert to realize()

Bonus fix: always set an error on failure.  Some failures were silent
before, except for the generic error set by device_realize().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoopenpic: convert to vmstate
Mark Cave-Ayland [Mon, 9 Feb 2015 22:40:52 +0000 (22:40 +0000)]
openpic: convert to vmstate

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoopenpic: switch IRQQueue queue from inline to bitmap
Mark Cave-Ayland [Mon, 9 Feb 2015 22:40:51 +0000 (22:40 +0000)]
openpic: switch IRQQueue queue from inline to bitmap

This is in preparation for using VMSTATE_BITMAP in a followup vmstate
migration patch.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoopenpic: fix up loadvm under -M mac99
Mark Cave-Ayland [Mon, 9 Feb 2015 22:40:50 +0000 (22:40 +0000)]
openpic: fix up loadvm under -M mac99

Issuing loadvm under -M mac99 would fail for two reasons: firstly an incorrect
version number for openpic would cause openpic_load() to abort, and secondly
a cut/paste error when restoring the IVPR and IDR registers caused subsequent
vmstate sections to become misaligned and abort early.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoopenpic: fix segfault on -M mac99 savevm
Mark Cave-Ayland [Mon, 9 Feb 2015 22:40:49 +0000 (22:40 +0000)]
openpic: fix segfault on -M mac99 savevm

A simple copy/paste error causes savevm on -M mac99 to segfault.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agotarget-ppc: force update of msr bits in cpu_post_load
Mark Cave-Ayland [Mon, 9 Feb 2015 22:40:48 +0000 (22:40 +0000)]
target-ppc: force update of msr bits in cpu_post_load

Since env->msr has already been restored by the time cpu_post_load is called,
make sure that ppc_store_msr() is explicitly called with all msr bits except
MSR_TGPR marked as invalid.

This solves the issue where MSR flags aren't set correctly when restoring a VM
snapshot, in particular the internal env->excp_prefix value when MSR_EP has
been altered by a guest.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agotarget-ppc: move sdr1 value change detection logic to helper_store_sdr1()
Mark Cave-Ayland [Mon, 9 Feb 2015 22:40:47 +0000 (22:40 +0000)]
target-ppc: move sdr1 value change detection logic to helper_store_sdr1()

Otherwise when cpu_post_load calls ppc_store_sdr1() when restoring a VM
snapshot the value is deemed unchanged and so the internal env->htab*
variables aren't set correctly.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agocuda.c: include adb_poll_timer in VMStateDescription
Mark Cave-Ayland [Mon, 9 Feb 2015 22:40:46 +0000 (22:40 +0000)]
cuda.c: include adb_poll_timer in VMStateDescription

Make sure that we include the adb_poll_timer when saving the VM state for
client OSs that use it, e.g. Darwin.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoadb.c: include ADBDevice parent state in KBDState and MouseState
Mark Cave-Ayland [Mon, 9 Feb 2015 22:40:45 +0000 (22:40 +0000)]
adb.c: include ADBDevice parent state in KBDState and MouseState

The parent ADBDevice contains the device id on the ADB bus. Make sure that
this state is included in both its subclasses since some clients (such as
OpenBIOS) reprogram each device id after enumeration.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agomacio.c: include parent PCIDevice state in VMStateDescription
Mark Cave-Ayland [Mon, 9 Feb 2015 22:40:44 +0000 (22:40 +0000)]
macio.c: include parent PCIDevice state in VMStateDescription

This ensures that the macio PCI device is correctly configured when restoring
from a VM snapshot.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agodisplay cpu id dump state
Tristan Gingold [Wed, 25 Feb 2015 09:39:25 +0000 (10:39 +0100)]
display cpu id dump state

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoOpenpic: check that cpu id is within the number of cpus
Fabien Chouteau [Wed, 25 Feb 2015 09:50:28 +0000 (10:50 +0100)]
Openpic: check that cpu id is within the number of cpus

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agopseries: Switch VGA endian on H_SET_MODE
David Gibson [Tue, 10 Feb 2015 04:36:16 +0000 (15:36 +1100)]
pseries: Switch VGA endian on H_SET_MODE

When the guest switches the interrupt endian mode, which essentially
means a global machine endian switch, we want to change the VGA
framebuffer endian mode as well in order to be backward compatible
with existing guests who don't know about the new endian control
register.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agovga: Expose framebuffer byteorder as a QOM property
David Gibson [Tue, 10 Feb 2015 04:36:15 +0000 (15:36 +1100)]
vga: Expose framebuffer byteorder as a QOM property

The VGA device model now supports having the framebuffer in either endian,
and can be switched between these by the guest via a register in the qext
region.

However, in some cases (e.g. LE OS on the pseries machine) we have
existing guest that don't know about the endian switch register, but other
parts of the qemu code have better information to set a default endianness
than the VGA code does of itself.

In order to allow them to set a correct default endianness in these cases,
without breaking abstraction walls, this patch exposes the VGA framebuffer
endianness via a writable QOM property.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
[agraf: use instance_init for property exposure]
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agospapr: Clean up misuse of qdev_init() in xics-kvm creation
Markus Armbruster [Thu, 5 Feb 2015 09:34:48 +0000 (10:34 +0100)]
spapr: Clean up misuse of qdev_init() in xics-kvm creation

We call try_create_xics() to create a "xics-kvm".  If it fails, we
call it again to fall back to plain "xics".

try_create_xics() uses qdev_init().  qdev_init()'s error handling has
an unwanted side effect: it calls qerror_report_err(), which prints to
stderr.  Looks like an error, but isn't.

In QMP context, it would stash the error in the monitor instead,
making the QMP command fail.  Fortunately, it's only called from board
initialization, never in QMP context.

Clean up by cutting out the qdev_init() middle-man: set property
"realized" directly.

While there, improve the error message when we can't satisfy an
explicit user request for "xics-kvm", and exit(1) instead of abort().
Simplify the abort when we can't create "xics".

Signed-off-by: Markus Armbruster <armbru@redhat.com>
[agraf: squash in fix for uninitialized variable from mdroth]
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoPPC: Clean up misuse of qdev_init() in kvm-openpic creation
Markus Armbruster [Thu, 5 Feb 2015 09:34:47 +0000 (10:34 +0100)]
PPC: Clean up misuse of qdev_init() in kvm-openpic creation

We call ppce500_init_mpic_kvm() to create a "kvm-openpic".  If it
fails, we call ppce500_init_mpic_qemu() to fall back to plain
"openpic".

ppce500_init_mpic_kvm() uses qdev_init().  qdev_init()'s error
handling has an unwanted side effect: it calls qerror_report_err(),
which prints to stderr.  Looks like an error, but isn't.

In QMP context, it would stash the error in the monitor instead,
making the QMP command fail.  Fortunately, it's only called from board
initialization, never in QMP context.

Clean up by cutting out the qdev_init() middle-man: set property
"realized" directly.

While there, improve the error message when we can't satisfy an
explicit user request for "kvm-openpic", and exit(1) instead of
abort().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agopseries: Export RTC time via QOM
David Gibson [Fri, 6 Feb 2015 03:55:53 +0000 (14:55 +1100)]
pseries: Export RTC time via QOM

On x86, the guest's RTC can be read with QMP, either from the RTC device's
"date" property or via the "rtc-time" property on the machine (which is an
alias to the former).  This is set up in the mc146818rtc driver, and
doesn't work on other targets.

This patch adds a similar "date" property to the pseries machine's RTAS RTC
and adds a compatible alias to the machine.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agopseries: Move rtc_offset into RTC device's state structure
David Gibson [Fri, 6 Feb 2015 03:55:52 +0000 (14:55 +1100)]
pseries: Move rtc_offset into RTC device's state structure

The initial creation of the PAPR RTC qdev class left a wart - the rtc's
offset was left in the sPAPREnvironment structure, accessed via a global.

This patch moves it into the RTC device's own state structure, were it
belongs.  This requires a small change to the migration stream format.  In
order to handle incoming streams from older versions, we also need to
retain the rtc_offset field in the sPAPREnvironment structure, so that it
can be loaded into via the vmsd, then pushed into the RTC device.

Since we're changing the migration format, this also takes the opportunity
to:

  * Change the rtc offset from a value in seconds to a value in
    nanoseconds, allowing nanosecond offsets between host and guest
    rtc time, if desired.

  * Remove both the already unused "next_irq" field and now unused
    "rtc_offset" field from the new version of the spapr migration
    stream

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agopseries: Make the PAPR RTC a qdev device
David Gibson [Fri, 6 Feb 2015 03:55:51 +0000 (14:55 +1100)]
pseries: Make the PAPR RTC a qdev device

At present the PAPR RTC isn't a "device" as such - it's accessed only via
firmware/hypervisor calls, and is handled in the sPAPR core code.  This
becomes inconvenient as we extend it in various ways.

This patch makes the PAPR RTC a separate device in the qemu device model.

For now, the only piece of device state - the rtc_offset - is still kept in
the global sPAPREnvironment structure.  That's clearly wrong, but leaving
it to be fixed in a following patch makes for a clearer separation between
the internal re-organization of the device, and the behavioural changes
(because the migration stream format needs to change slightly when the
offset is moved into the device's own state).

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agopseries: Make RTAS time of day functions respect -rtc options
David Gibson [Fri, 6 Feb 2015 03:55:50 +0000 (14:55 +1100)]
pseries: Make RTAS time of day functions respect -rtc options

In the 'pseries' machine the real time clock is provided by a
paravirtualized firmware interface rather than a device per se; the RTAS
get-time-of-day and set-time-of-day calls.

Out current implementations of those work directly off host time (with
an offset), not respecting options such as clock=vm which can be
specified in the -rtc command line option.

This patch reworks the RTAS RTC code to respect those options, primarily
by basing them on the qemu_clock_get_ns(rtc_clock) function instead of
directly on qemu_get_timedate() (which essentially handles host time, not
virtual rtc time).

As a bonus, this means our get-time-of-day function now also returns
nanoseconds.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agopseries: Add spapr_rtc_read() helper function
David Gibson [Fri, 6 Feb 2015 03:55:49 +0000 (14:55 +1100)]
pseries: Add spapr_rtc_read() helper function

The virtual RTC time is used in two places in the pseries machine.  First
is in the RTAS get-time-of-day function which returns the RTC time to the
guest.  Second is in the spapr events code which is used to timestamp
event messages from the hypervisor to the guest.

Currently both call qemu_get_timedate() directly, but we want to change
that so we can properly handle the various -rtc options.  In preparation,
create a helper function to return the virtual RTC time.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agopseries: Add more parameter validation in RTAS time of day functions
David Gibson [Fri, 6 Feb 2015 03:55:48 +0000 (14:55 +1100)]
pseries: Add more parameter validation in RTAS time of day functions

Currently, the RTAS time of day functions only partially validate the
number of parameters they receive and return.  Because of how the
parameters are used, this is unlikely to lead to a crash, but it's messy.

This patch adds the missing checks.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agopseries: Move sPAPR RTC code into its own file
David Gibson [Fri, 6 Feb 2015 03:55:47 +0000 (14:55 +1100)]
pseries: Move sPAPR RTC code into its own file

At the moment the RTAS (firmware/hypervisor) time of day functions are
implemented in spapr_rtas.c along with a bunch of other things.  Since
we're going to be expanding these a bit, move the RTAS RTC related code
out into new file spapr_rtc.c.  Also add its own initialization function,
spapr_rtc_init() called from the main machine init routine.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoAdd more VMSTATE_*_TEST variants for integers
David Gibson [Fri, 6 Feb 2015 03:55:46 +0000 (14:55 +1100)]
Add more VMSTATE_*_TEST variants for integers

Currently, vmstate.h includes helper macro variants for 8, 16 and 32-bit
unsigned integers which include a "test" function which can selectively
enable or disable the field's presence in the migration stream.

There aren't similar helpers for 64-bit unsigned integers, or any size of
signed integers.  This patch remedies this.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoGeneralize QOM publishing of date and time from mc146818rtc.c
David Gibson [Fri, 6 Feb 2015 03:55:45 +0000 (14:55 +1100)]
Generalize QOM publishing of date and time from mc146818rtc.c

The mc146818rtc driver exposes the current RTC date and time via the "date"
property in QOM (which is also aliased to the machine's "rtc-time"
property).  Currently it uses a custom visitor function rtc_get_date to
do this.

This patch introduces new helpers to the QOM core to expose struct tm
valued properties via a getter function, so that this functionality can be
more easily duplicated in other RTC implementations.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agospapr-pci: Enable huge BARs
Alexey Kardashevskiy [Fri, 30 Jan 2015 01:53:19 +0000 (12:53 +1100)]
spapr-pci: Enable huge BARs

At the moment sPAPR only supports 512MB window for MMIO BARs. However
modern devices might want bigger 64bit BARs.

This extends MMIO window from 512MB to 62GB (aligned to
SPAPR_PCI_WINDOW_SPACING) and advertises it in 2 records in
the PHB "ranges" property. 32bit gets the space from
SPAPR_PCI_MEM_WIN_BUS_OFFSET till the end of 4GB, 64bit gets the rest
of the space. If no space is left, 64bit range is not advertised.

The MMIO space size is set to old value of 0x20000000 by default
for pseries machines older than 2.3.

The approach changes the device tree which is a guest visible change, however
it won't break migration as:
1. we do not support migration to older QEMU versions
2. migration to newer QEMU will migrate the device tree as well and since
the new layout only extends the old one and does not change address mappigns,
no breakage is expected here too.

SLOF change is required to utilize this extension.

Suggested-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agospapr: Add pseries-2.3 machine
Alexey Kardashevskiy [Fri, 30 Jan 2015 01:53:18 +0000 (12:53 +1100)]
spapr: Add pseries-2.3 machine

The next patch will make MMIO space bigger and keep the old value for
older pseries machines.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agopseries: Limit PCI host bridge "index" value
David Gibson [Wed, 14 Jan 2015 02:33:39 +0000 (13:33 +1100)]
pseries: Limit PCI host bridge "index" value

pseries guests can have large numbers of PCI host bridges.  To avoid the
user having to specify a number of different configuration values for every
one, the device supports an "index" property which is a shorthand setting
the various window and configuration addresses from a predefined sensible
set.

There are some problems with the details at present:
  * The "index" propery is signed, but negative values will create PCI
windows below where we expect, potentially colliding with other devices
  * No limit is imposed on the "index" property and large values can
translate to extremely large window addresses.  With PCI passthrough in
particular this can mean we exceed various mapping and physical address
limits causing the guest host bridge to not work in strange ways.

This patch addresses this, by making "index" unsigned, and imposing a
limit.  Currently the limit allows indices from 0..255 which is probably
enough host bridges for the time being.  It's fairly easy to extend if
we discover we need more.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agotarget-ppc: Use right page size with hash table lookup
Aneesh Kumar K.V [Mon, 26 Jan 2015 14:21:58 +0000 (19:51 +0530)]
target-ppc: Use right page size with hash table lookup

We look at two sizes specified in ISA (4K, 64K). If not found matching,
we consider it 16MB.

Without this patch we would fail to lookup address above 16MB range.
Below 16MB happened to work before because the kernel have a liner
mapping and we always looked up hash for 0xc000000000000000. The
actual real address was computed by using the 16MB offset
with the real address found with the above hash.

Without Fix:
(gdb) x/16x 0xc000000001000000
0xc000000001000000 <list_entries+453208>:       Cannot access memory at address 0xc000000001000000
(gdb)

With Fix:
(gdb)  x/16x 0xc000000001000000
0xc000000001000000 <list_entries+453208>:       0x00000000      0x00000000      0x00000000      0x00000000
0xc000000001000010 <list_entries+453224>:       0x00000000      0x00000000      0x00000000      0x00000000
0xc000000001000020 <list_entries+453240>:       0x00000000      0x00000000      0x00000000      0x00000000
0xc000000001000030 <list_entries+453256>:       0x00000000      0x00000000      0x00000000      0x00000000

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agospapr_vio/spapr_iommu: Move VIO bypass where it belongs
Alexey Kardashevskiy [Thu, 29 Jan 2015 05:04:58 +0000 (16:04 +1100)]
spapr_vio/spapr_iommu: Move VIO bypass where it belongs

Instead of tweaking a TCE table device by adding there a bypass flag,
let's add an alias to RAM and IOMMU memory region, and enable/disable
those according to the selected bypass mode.
This way IOMMU memory region can have size of the actual window rather
than ram_size which is essential for upcoming DDW support.

This moves bypass logic to VIO layer and keeps @bypass flag in TCE table
for migration compatibility only. This replaces spapr_tce_set_bypass()
calls with explicit assignment to avoid confusion as the function could
do something more that just syncing the @bypass flag.

This adds a pointer to VIO device into the sPAPRTCETable struct to provide
the sPAPRTCETable device a way to update bypass mode for the VIO device.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
9 years agoMerge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
Peter Maydell [Mon, 9 Mar 2015 09:14:28 +0000 (09:14 +0000)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

pci, pc, virtio fixes and cleanups

A bunch of fixes all over the place.
All of ACPI refactoring has been merged.
Legacy pci commands have been dropped.
virtio header cleanup
initial patches from virtio-1.0 branch

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
* remotes/mst/tags/for_upstream: (130 commits)
  acpi: drop unused code
  aml-build: comment fix
  acpi-build: fix typo in comment
  acpi: update generated files
  vhost user:support vhost user nic for non msi guests
  aml-build: fix build for glib < 2.22
  acpi: update generated files
  Makefile.target: binary depends on config-devices
  acpi-test-data: update after pci rewrite
  acpi, mem-hotplug: use PC_DIMM_SLOT_PROP in acpi_memory_plug_cb().
  pci-hotplug-old: Has been dead for five major releases, bury
  pci: Give a few helpers internal linkage
  acpi: make build_*() routines static to aml-build.c
  pc: acpi: remove not used anymore ssdt-[misc|pcihp].hex.generated blobs
  pc: acpi-build: drop template patching and create PCI bus tree dynamically
  tests: ACPI: update pc/SSDT.bridge due to new alg of PCI tree creation
  pc: acpi-build: simplify PCI bus tree generation
  tests: add ACPI blobs for qemu with bridge cases
  tests: bios-tables-test: add support for testing bridges
  tests: ACPI test blobs update due to PCI0._CRS changes
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Conflicts:
hw/pci/pci-hotplug-old.c

9 years agoMerge remote-tracking branch 'remotes/xtensa/tags/20150307-xtensa' into staging
Peter Maydell [Sun, 8 Mar 2015 14:32:38 +0000 (14:32 +0000)]
Merge remote-tracking branch 'remotes/xtensa/tags/20150307-xtensa' into staging

Xtensa updates:

- implement do_unassigned_access callback;
- fix ML605 xtfpga FLASH size.

# gpg: Signature made Sat Mar  7 12:35:05 2015 GMT using RSA key ID F83FA044
# gpg: Good signature from "Max Filippov <max.filippov@cogentembedded.com>"
# gpg:                 aka "Max Filippov <jcmvbkbc@gmail.com>"

* remotes/xtensa/tags/20150307-xtensa:
  target-xtensa: xtfpga: fix ml605 flash size
  target-xtensa: implement do_unassigned_access callback
  hw/xtensa: allow reads/writes in the system I/O region

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoMerge remote-tracking branch 'remotes/qmp-unstable/queue/qmp' into staging
Peter Maydell [Sun, 8 Mar 2015 12:47:13 +0000 (12:47 +0000)]
Merge remote-tracking branch 'remotes/qmp-unstable/queue/qmp' into staging

* remotes/qmp-unstable/queue/qmp:
  docs: add memory-hotplug.txt
  qemu-options.hx: improve -m description
  virtio-balloon: Add some trace events
  virtio-balloon: Fix balloon not working correctly when hotplug memory
  pc-dimm: add a function to calculate VM's current RAM size

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoacpi: drop unused code
Michael S. Tsirkin [Sun, 8 Mar 2015 10:49:21 +0000 (11:49 +0100)]
acpi: drop unused code

Recent changes left acpi_get_hex unused,
and clag is unhappy about it:
    error: unused function 'acpi_get_hex'

Drop it, as well as some unused macros.

Signer-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agoaml-build: comment fix
Michael S. Tsirkin [Sun, 8 Mar 2015 09:36:52 +0000 (10:36 +0100)]
aml-build: comment fix

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agoacpi-build: fix typo in comment
Michael S. Tsirkin [Sun, 8 Mar 2015 09:24:42 +0000 (10:24 +0100)]
acpi-build: fix typo in comment

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/spice/tags/pull-spice-20150304-1' into staging
Peter Maydell [Sun, 8 Mar 2015 09:47:55 +0000 (09:47 +0000)]
Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150304-1' into staging

misc spice/qxl fixes.

# gpg: Signature made Wed Mar  4 13:57:42 2015 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/spice/tags/pull-spice-20150304-1:
  hmp: info spice: take out webdav
  hmp: info spice: Show string channel name
  qxl: drop update_displaychangelistener call for secondary qxl devices
  vga: refactor vram_size clamping and rounding
  qxl: refactor rounding up to a nearest power of 2
  spice: fix invalid memory access to vga.vram
  qxl: document minimal video memory for new modes

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20150303-1' into staging
Peter Maydell [Sun, 8 Mar 2015 07:33:45 +0000 (07:33 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20150303-1' into staging

xhci: generate a Transfer Event for each Transfer TRB with the IOC bit set

# gpg: Signature made Tue Mar  3 07:38:43 2015 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-usb-20150303-1:
  xhci: generate a Transfer Event for each Transfer TRB with the IOC bit set

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>