sdk/emulator/qemu.git
13 years agotarget-alpha: Implement HALT IPR.
Richard Henderson [Wed, 27 Apr 2011 16:22:52 +0000 (09:22 -0700)]
target-alpha: Implement HALT IPR.

Signed-off-by: Richard Henderson <rth@twiddle.net>
13 years agotarget-alpha: Implement WAIT IPR.
Richard Henderson [Fri, 22 Apr 2011 01:58:09 +0000 (18:58 -0700)]
target-alpha: Implement WAIT IPR.

Signed-off-by: Richard Henderson <rth@twiddle.net>
13 years agotarget-alpha: Add CLIPPER emulation.
Richard Henderson [Thu, 25 Aug 2011 21:38:59 +0000 (11:38 -1000)]
target-alpha: Add CLIPPER emulation.

This is a DP264 variant, SMP capable, no unusual hardware present.

The emulation does not currently include any PCI IOMMU code.
Hopefully the generic support for that can be merged to HEAD soon.

Signed-off-by: Richard Henderson <rth@twiddle.net>
13 years agotarget-alpha: Add custom PALcode image for CLIPPER emulation.
Richard Henderson [Fri, 24 Jun 2011 18:58:37 +0000 (11:58 -0700)]
target-alpha: Add custom PALcode image for CLIPPER emulation.

Signed-off-by: Richard Henderson <rth@twiddle.net>
13 years agotarget-alpha: Honor icount for RPCC instruction.
Richard Henderson [Thu, 22 Sep 2011 15:11:18 +0000 (08:11 -0700)]
target-alpha: Honor icount for RPCC instruction.

Signed-off-by: Richard Henderson <rth@twiddle.net>
13 years agoMerge branch 'ppc-next' of git://repo.or.cz/qemu/agraf
Blue Swirl [Sat, 8 Oct 2011 10:01:46 +0000 (10:01 +0000)]
Merge branch 'ppc-next' of git://repo.or.cz/qemu/agraf

* 'ppc-next' of git://repo.or.cz/qemu/agraf: (64 commits)
  ppc64: Fix linker script
  pseries: Implement set-time-of-day RTAS function
  pseries: Refactor spapr irq allocation
  PPC: Clean up BookE timer code
  PPC: booke timers
  KVM: PPC: Use HIOR setting for -M pseries with PR KVM
  KVM: Update kernel headers
  KVM: Update kernel headers
  PPC: Fix heathrow PIC to use little endian MMIO
  PPC: Fix via-cuda memory registration
  ppc: move ADB stuff from ppc_mac.h to adb.h
  openpic: Unfold write_IRQreg
  openpic: Unfold read_IRQreg
  ppc405: use RAM_ADDR_FMT instead of %08lx
  Gdbstub: handle read of fpscr
  vscsi: send the CHECK_CONDITION status down together with autosense data
  pseries: Implement hcall-bulk hypervisor interface
  Implement POWER7's CFAR in TCG
  ppc: booke206: use MAV=2.0 TSIZE definition, fix 4G pages
  ppc: booke206: add "info tlb" support
  ...

13 years agoARM: fix segfault
Blue Swirl [Sat, 8 Oct 2011 10:00:02 +0000 (10:00 +0000)]
ARM: fix segfault

Fix a bug in bccd9ec5f098668576342c83d90d6d6833d61d33,
target-arm/op_helper.c missed a change unlike all other targets.
This lead to a NULL pointer dereferences.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agoppc64: Fix linker script
Andreas Färber [Tue, 4 Oct 2011 05:14:52 +0000 (05:14 +0000)]
ppc64: Fix linker script

Since commit 8733f609 (Fix linker scripts) linking on Linux/ppc64 fails:

  LINK  ppc64-linux-user/qemu-ppc64
/usr/lib64/gcc/powerpc64-suse-linux/4.3/../../../../powerpc64-suse-linux/bin/ld:/home/afaerber/qemu/ppc64.ld:84: syntax error
collect2: ld gab 1 als Ende-Status zurück
make[1]: *** [qemu-ppc64] Fehler 1
make: *** [subdir-ppc64-linux-user] Fehler 2

Fix by removing a leftover line in the ppc64 linker script.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agopseries: Implement set-time-of-day RTAS function
Breno Leitao [Wed, 28 Sep 2011 16:53:16 +0000 (16:53 +0000)]
pseries: Implement set-time-of-day RTAS function

Currently there is no implementation for set-time-of-day rtas function,
which causes the following warning "setting the clock failed (-1)" on
the guest.

This patch just creates this function, get the timedate diff and store in
the papr environment, so that the correct value will be returned by
get-time-of-day.

In order to try it, just adjust the hardware time, run hwclock --systohc,
so that, on when the system runs hwclock --hctosys, the value is correctly
adjusted, i.e. the host time plus the timediff.

Signed-off-by: Breno Leitao <brenohl@br.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agopseries: Refactor spapr irq allocation
David Gibson [Thu, 15 Sep 2011 20:49:49 +0000 (20:49 +0000)]
pseries: Refactor spapr irq allocation

Paulo Bonzini changed the original spapr code, which manually assigned irq
numbers for each virtual device, to allocate them automatically from the
device initialization. That allowed spapr virtual devices to be constructed
with -device, which is a good start.  However, the way that patch worked
doesn't extend nicely for the future when we want to support devices other
than sPAPR VIO devices (e.g. virtio and PCI).

This patch rearranges the irq allocation to be global across the sPAPR
environment, so it can be used by other bus types as well.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: Clean up BookE timer code
Alexander Graf [Mon, 19 Sep 2011 13:17:47 +0000 (15:17 +0200)]
PPC: Clean up BookE timer code

The BookE timer code had some written-but-not-read variables. Get rid
of them.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: booke timers
Fabien Chouteau [Tue, 13 Sep 2011 04:00:32 +0000 (04:00 +0000)]
PPC: booke timers

While working on the emulation of the freescale p2010 (e500v2) I realized that
there's no implementation of booke's timers features. Currently mpc8544 uses
ppc_emb (ppc_emb_timers_init) which is close but not exactly like booke (for
example booke uses different SPR).

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoKVM: PPC: Use HIOR setting for -M pseries with PR KVM
Alexander Graf [Wed, 14 Sep 2011 19:38:45 +0000 (21:38 +0200)]
KVM: PPC: Use HIOR setting for -M pseries with PR KVM

When running with PR KVM, we need to set HIOR directly. Thankfully there
is now a new interface to set registers individually so we can just use that
and poke HIOR into the guest vcpu's HIOR register.

While at it, this also sets SDR1 because -M pseries requires it to run.

With this patch, -M pseries works properly with PR KVM.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoKVM: Update kernel headers
Alexander Graf [Wed, 14 Sep 2011 08:51:29 +0000 (10:51 +0200)]
KVM: Update kernel headers

Update HIOR and generic register get/set.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoKVM: Update kernel headers
Alexander Graf [Wed, 14 Sep 2011 08:26:26 +0000 (10:26 +0200)]
KVM: Update kernel headers

Removes ABI-breaking HIOR parts - KVM patch to follow.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: Fix heathrow PIC to use little endian MMIO
Alexander Graf [Tue, 13 Sep 2011 08:41:23 +0000 (10:41 +0200)]
PPC: Fix heathrow PIC to use little endian MMIO

During the memory API conversion, the indication on little endianness of
MMIO for the heathrow PIC got dropped. This patch adds it back again.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: Fix via-cuda memory registration
Alexander Graf [Thu, 8 Sep 2011 16:51:17 +0000 (18:51 +0200)]
PPC: Fix via-cuda memory registration

Commit 23c5e4ca (convert to memory API) broke the VIA Cuda emulation layer
by not registering the IO structs.

This patch registers them properly and thus makes -M g3beige and -M mac99
work again.

Tested-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoppc: move ADB stuff from ppc_mac.h to adb.h
Laurent Vivier [Sun, 4 Sep 2011 08:41:15 +0000 (08:41 +0000)]
ppc: move ADB stuff from ppc_mac.h to adb.h

Allow to use ADB in non-ppc macintosh

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoopenpic: Unfold write_IRQreg
Alexander Graf [Wed, 7 Sep 2011 11:47:22 +0000 (13:47 +0200)]
openpic: Unfold write_IRQreg

The helper function write_IRQreg was always called with a specific argument on
the type of register to access. Inside the function we were simply doing a
switch on that constant argument again. It's a lot easier to just unfold this
into two separate functions and call each individually.

Reported-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoopenpic: Unfold read_IRQreg
Alexander Graf [Wed, 7 Sep 2011 11:41:54 +0000 (13:41 +0200)]
openpic: Unfold read_IRQreg

The helper function read_IRQreg was always called with a specific argument on
the type of register to access. Inside the function we were simply doing a
switch on that constant argument again. It's a lot easier to just unfold this
into two separate functions and call each individually.

Reported-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoppc405: use RAM_ADDR_FMT instead of %08lx
Stefan Hajnoczi [Mon, 5 Sep 2011 03:02:29 +0000 (03:02 +0000)]
ppc405: use RAM_ADDR_FMT instead of %08lx

The RAM_ADDR_FMT macro hides the type of ram_addr_t so that format
strings can be safely used.  Make sure to use RAM_ADDR_FMT so that the
build works on 32-bit hosts with Xen enabled.  Whether Xen should affect
ppc TCG targets is questionable but a separate issue.

Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoGdbstub: handle read of fpscr
Fabien Chouteau [Thu, 1 Sep 2011 04:56:00 +0000 (04:56 +0000)]
Gdbstub: handle read of fpscr

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agovscsi: send the CHECK_CONDITION status down together with autosense data
Paolo Bonzini [Wed, 24 Aug 2011 05:28:52 +0000 (05:28 +0000)]
vscsi: send the CHECK_CONDITION status down together with autosense data

I introduced this bug in commit 05751d3 (vscsi: always use get_sense,
2011-08-03) because at the time there was no way to expose a sense
condition to SLOF and Linux manages to work around the bug.  However,
the bug becomes evident now that SCSI devices also report unit
attention on reset.

SLOF also has problems dealing with unit attention conditions, so
it still will not boot even with this fix (just like OpenBIOS).
IBM folks are aware of their part of the bug. :-)

Reported-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agopseries: Implement hcall-bulk hypervisor interface
David Gibson [Wed, 31 Aug 2011 15:50:50 +0000 (15:50 +0000)]
pseries: Implement hcall-bulk hypervisor interface

This patch adds support for the H_REMOVE_BULK hypercall on the pseries
machine.  Strictly speaking this isn't necessarym since the kernel will
only attempt to use this if hcall-bulk is advertised in the device tree,
which previously it was not.

Adding this support may give a marginal performance increase, but more
importantly it reduces the differences between the emulated machine and
an existing PowerVM or kvm system, both of which already implement
hcall-bulk.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoImplement POWER7's CFAR in TCG
David Gibson [Wed, 31 Aug 2011 15:45:10 +0000 (15:45 +0000)]
Implement POWER7's CFAR in TCG

This patch implements support for the CFAR SPR on POWER7 (Come From
Address Register), which snapshots the PC value at the time of a branch or
an rfid.  The latest powerpc-next kernel also catches it and can show it in
xmon or in the signal frames.

This works well enough to let recent kernels boot (which otherwise oops
on the CFAR access).  It hasn't been tested enough to be confident that the
CFAR values are actually accurate, but one thing at a time.

Signed-off-by: Ben Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoppc: booke206: use MAV=2.0 TSIZE definition, fix 4G pages
Scott Wood [Thu, 18 Aug 2011 10:38:40 +0000 (10:38 +0000)]
ppc: booke206: use MAV=2.0 TSIZE definition, fix 4G pages

This definition is backward compatible with MAV=1.0 as long as
the guest does not set reserved bits in MAS1/MAS4.

Also, fix the shift in booke206_tlb_to_page_size -- it's the base
that should be able to hold a 4G page size, not the shift count.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoppc: booke206: add "info tlb" support
Scott Wood [Thu, 18 Aug 2011 10:38:42 +0000 (10:38 +0000)]
ppc: booke206: add "info tlb" support

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agokvm: ppc: booke206: use MMU API
Scott Wood [Wed, 31 Aug 2011 11:26:56 +0000 (11:26 +0000)]
kvm: ppc: booke206: use MMU API

Share the TLB array with KVM.  This allows us to set the initial TLB
both on initial boot and reset, is useful for debugging, and could
eventually be used to support migration.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoKVM: Update kernel headers
Alexander Graf [Wed, 31 Aug 2011 13:13:41 +0000 (15:13 +0200)]
KVM: Update kernel headers

Another round of KVM features, another round of kernel header updates :)

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agopseries: use macro for firmware filename
Nishanth Aravamudan [Wed, 10 Aug 2011 16:36:27 +0000 (16:36 +0000)]
pseries: use macro for firmware filename

For some time we've had a nicely defined macro with the filename for our
firmware image.  However we didn't actually use it in the place we're
supposed to.  This patch fixes it.

Signed-off-by: Nishanth Aravamudan <nacc@us.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agopseries: Add real mode debugging hcalls
David Gibson [Wed, 10 Aug 2011 14:44:20 +0000 (14:44 +0000)]
pseries: Add real mode debugging hcalls

PAPR systems support several hypercalls intended for use in real mode
debugging tools.  These implement reads and writes to arbitrary guest
physical addresses.  This is useful for real mode software because it
allows access to IO addresses and memory outside the RMA without going
through the somewhat involved process of setting up the hash page table
and enabling translation.

We want these so that when we add real IO devices, the SLOF firmware can
boot from them without having to enter virtual mode.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <dwg@au1.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: Fix sync instructions problem in SMP
Elie Richa [Fri, 22 Jul 2011 05:58:39 +0000 (05:58 +0000)]
PPC: Fix sync instructions problem in SMP

In the current emulation of the load-and-reserve (lwarx) and
store-conditional (stwcx.) instructions, the internal reservation
mechanism is taken into account, however each CPU has its own
reservation information and this information is not synchronized between
CPUs to perform proper synchronization.
The following test case with 2 CPUs shows that the semantics of the
"lwarx" and "stwcx." instructions are not preserved by the emulation.
The test case does the following :
- CPU0: reserve a memory location
- CPU1: reserve the same memory location
- CPU0: perform stwcx. on the location
The last store-conditional operation succeeds while it is supposed to
fail since the reservation was supposed to be lost at the second reserve
operation.

This (one line) patch fixes this problem in a very simple manner by
removing the reservation of a CPU every time it is scheduled (in
cpu_exec()). While this is a harsh workaround, it does not affect the
guest code much because reservations are usually held for a very short
time, that is an lwarx is almost always followed by an stwcx. a few
instructions below. Therefore, in most cases, the reservation will be
taken and consumed before a CPU switch occurs. However in the rare case
where a CPU switch does occur between the lwarx and its corresponding
stwcx.  this patch solves a potential erroneous behavior of the
synchronization instructions.

Signed-off-by: Elie Richa <richa@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agopseries: More complete WIMG validation in H_ENTER code
David Gibson [Wed, 3 Aug 2011 21:02:19 +0000 (21:02 +0000)]
pseries: More complete WIMG validation in H_ENTER code

Currently our implementation of the H_ENTER hypercall, which inserts a
mapping in the hash page table assumes that only ordinary memory is ever
mapped, and only permits mapping attribute bits accordingly (WIMG==0010).

However, we intend to start adding emulated IO to the pseries platform
(and real IO with PCI passthrough on kvm) which means this simple test
will no longer suffice.

This patch extends the h_enter validation code to check if the given
address is a RAM address.  If it is it enforces WIMG==0010, otherwise
it assumes that it is an IO mapping and instead enforces WIMG=010x.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agopseries: interrupt controller should not have a 'reg' property
David Gibson [Wed, 3 Aug 2011 21:02:18 +0000 (21:02 +0000)]
pseries: interrupt controller should not have a 'reg' property

The interrupt controller presented in the device tree for the pseries
machine is manipulated by the guest only through hypervisor calls.  It
has no real or emulated registers for the guest to access.

However, it currently has a bogus 'reg' property advertising a register
window.  Moreover, this property has an invalid format, being a 32-bit
zero, when the #address-cells property on the root bus indicates that it
needs a 64-bit address.  Since the guest never attempts to manipulate
the node directly, it works, but it is ugly and can cause warnings when
manipulating the device tree in other tools (such as future firmware
versions).

This patch, therefore, corrects the problem by entirely removing the
interrupt-controller node's 'reg' property.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agopseries: Add a phandle to the xicp interrupt controller device tree node
David Gibson [Wed, 3 Aug 2011 21:02:17 +0000 (21:02 +0000)]
pseries: Add a phandle to the xicp interrupt controller device tree node

Future devices we will be adding to the pseries machine (e.g. PCI) will
need nodes in the device tree which explicitly reference the top-level
interrupt controller via interrupt-parent or interrupt-map properties.

In order to do this, the interrupt controller node needs an assigned
phandle.  This patch adds the appropriate property, in preparation.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agopseries: Bugfixes for interrupt numbering in XICS code
David Gibson [Wed, 3 Aug 2011 21:02:14 +0000 (21:02 +0000)]
pseries: Bugfixes for interrupt numbering in XICS code

The implementation of the XICS interrupt controller contains several
(difficult to trigger) bugs due to the fact that we were not 100%
consistent with which irq numbering we used.  In most places, global
numbers were used as handled by the presentation layer, however a few
functions took "local" numberings, that is the source number within
the interrupt source controller which is offset from the global
number.  In most cases the function and its caller agreed on this, but
in a few cases it didn't.

This patch cleans this up by always using global numbering.
Translation to the local number is now always and only done when we
look up the individual interrupt source state structure.  This should
remove the existing bugs and with luck reduce the chances of
re-introducing such bugs.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: SPAPR: Use KVM function for time info
Alexander Graf [Tue, 9 Aug 2011 16:07:13 +0000 (18:07 +0200)]
PPC: SPAPR: Use KVM function for time info

One of the things we can't fake on PPC is the timer speed. So
we need to extract the frequency information from the host and
put it back into the guest device tree.

Luckily, we already have functions for that from the non-pseries
targets, so all we need to do is to connect the dots and the guest
suddenly gets to know its real timer speeds.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: Enable to use PAPR with PR style KVM
Alexander Graf [Tue, 9 Aug 2011 15:57:37 +0000 (17:57 +0200)]
PPC: Enable to use PAPR with PR style KVM

When running PR style KVM, we need to tell the kernel that we want
to run in PAPR mode now. This means that we need to pass some more
register information down and enable papr mode. We also need to align
the HTAB to htab_size boundary.

Using this patch, -M pseries works with kvm even on non-hv kvm
implementations, as long as the preceding kernel patches are in.

Signed-off-by: Alexander Graf <agraf@suse.de>
---

v1 -> v2:

  - match on CONFIG_PSERIES

v2 -> v3:

  - remove HIOR pieces from PAPR patch (ABI breakage)

13 years agoKVM: update kernel headers
Alexander Graf [Tue, 9 Aug 2011 12:02:19 +0000 (14:02 +0200)]
KVM: update kernel headers

This patch updates the kvm kernel headers to the latest version.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: Add new target config for pseries
Alexander Graf [Wed, 10 Aug 2011 12:21:41 +0000 (14:21 +0200)]
PPC: Add new target config for pseries

We only support -M pseries when certain prerequisites are met, such
as a PPC64 guest and libfdt. To only gather these requirements in
a single place, this patch introduces a new CONFIG_PSERIES variable
that gets set when all prerequisites are met.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: E500: Bump CPU count to 15
Alexander Graf [Wed, 20 Jul 2011 23:45:37 +0000 (01:45 +0200)]
PPC: E500: Bump CPU count to 15

Now that we have everything in place, make the machine description
aware of the fact that we can now handle 15 virtual CPUs!

Signed-off-by: Alexander Graf <agraf@suse.de>
---

v1 -> v2:

  - Max cpus is 15 because of MPIC

13 years agoMPC8544DS: Generate CPU nodes on init
Alexander Graf [Sat, 23 Jul 2011 08:56:40 +0000 (10:56 +0200)]
MPC8544DS: Generate CPU nodes on init

With this patch, we generate CPU nodes in the machine initialization, giving
us the freedom to generate as many nodes as we want and as the machine supports,
but only those.

This is a first step towards a much cleaner device tree generation
infrastructure, where we would not require precompiled dtb blobs anymore.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoMPC8544DS: Remove CPU nodes
Alexander Graf [Sat, 23 Jul 2011 08:55:50 +0000 (10:55 +0200)]
MPC8544DS: Remove CPU nodes

We want to generate the CPU nodes in machine init code, so remove them from
the device tree definition that we precompile.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agodevice tree: give dt more size
Alexander Graf [Sat, 23 Jul 2011 08:54:11 +0000 (10:54 +0200)]
device tree: give dt more size

We currently load a device tree blob and then just take its size x2 to
account for modifications we do inside. While this is nice and great,
it fails when we have a small device tree as blob and lots of nodes added
in machine init code.

So for now, just make it 20k bigger than it was before. We maybe want to
be more clever about this later.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agodevice tree: dont fail operations
Alexander Graf [Sat, 23 Jul 2011 08:52:00 +0000 (10:52 +0200)]
device tree: dont fail operations

When we screw up and issue an FDT command that doesn't work, we really need to
know immediately and usually can't continue to create the machine. To make sure
we don't need to add error checking in all device tree modification code users,
we can just add the fail checks to the qemu abstract functions.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agodevice tree: add add_subnode command
Alexander Graf [Fri, 22 Jul 2011 11:55:37 +0000 (13:55 +0200)]
device tree: add add_subnode command

We want to be able to create subnodes in our device tree, so export it through
the qemu device tree abstraction framework.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: E500: Update cpu-release-addr property in cpu nodes
Alexander Graf [Thu, 21 Jul 2011 01:06:12 +0000 (03:06 +0200)]
PPC: E500: Update cpu-release-addr property in cpu nodes

The guest OS wants to know where the guest spins, so let's tell him while
updating the CPU nodes with the frequencies anyways.

Signed-off-by: Alexander Graf <agraf@suse.de>
---

v1 -> v2:

  - use new spin table address

13 years agoPPC: E500: Add PV spinning code
Alexander Graf [Fri, 22 Jul 2011 11:32:29 +0000 (13:32 +0200)]
PPC: E500: Add PV spinning code

CPUs that are not the boot CPU need to run in spinning code to check if they
should run off to execute and if so where to jump to. This usually happens
by leaving secondary CPUs looping and checking if some variable in memory
changed.

In an environment like Qemu however we can be more clever. We can just export
the spin table the primary CPU modifies as MMIO region that would event based
wake up the respective secondary CPUs. That saves us quite some cycles while
the secondary CPUs are not up yet.

So this patch adds a PV device that simply exports the spinning table into the
guest and thus allows the primary CPU to wake up secondary ones.

Signed-off-by: Alexander Graf <agraf@suse.de>
---

v1 -> v2:

  - change into MMIO scheme
  - map the secondary NIP instead of 0 1:1
  - only map 64MB for TLB, same as u-boot
  - prepare code for 64-bit spinnings

v2 -> v3:

  - remove r6
  - set MAS2_M
  - map EA 0
  - use second TLB1 entry

v3 -> v4:

  - change to memoryops

v4 -> v5:

  - fix endianness bugs

v5 -> v6:

  - add header

13 years agoPPC: E500: Remove unneeded CPU nodes
Alexander Graf [Thu, 21 Jul 2011 01:02:31 +0000 (03:02 +0200)]
PPC: E500: Remove unneeded CPU nodes

We should only keep CPU nodes in the device tree around that we really have
virtual CPUs for. So remove all superfluous entries that we just keep there
in case someone wants to create a lot of vCPUs.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: E500: Update freqs for all CPUs
Alexander Graf [Thu, 21 Jul 2011 01:01:11 +0000 (03:01 +0200)]
PPC: E500: Update freqs for all CPUs

Now that we can so nicely find out the host's frequencies, we should also
make sure that we get them into all virtual CPUs' device tree nodes.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: KVM: Add stubs for kvm helper functions
Alexander Graf [Thu, 21 Jul 2011 00:54:51 +0000 (02:54 +0200)]
PPC: KVM: Add stubs for kvm helper functions

We have a bunch of helper functions that don't have any stubs for them in case
we don't have CONFIG_KVM enabled. That didn't bite us so far, because gcc can
optimize them out pretty well, but we should really provide them.

Signed-off-by: Alexander Graf <agraf@suse.de>
---

v1 -> v2:

   - use uint64_t for clockfreq

13 years agoPPC: KVM: Remove kvmppc_read_host_property
Alexander Graf [Thu, 21 Jul 2011 00:46:11 +0000 (02:46 +0200)]
PPC: KVM: Remove kvmppc_read_host_property

We just got rid of the last user of kvmppc_read_host_property, so we
can now safely remove it.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: bamboo: Use kvm api for freq and clock frequencies
Alexander Graf [Thu, 21 Jul 2011 00:44:53 +0000 (02:44 +0200)]
PPC: bamboo: Use kvm api for freq and clock frequencies

Now that we have nice and shiny APIs to read out the host's clock and timebase
frequencies, let's use them in the bamboo code as well!

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: E500: Remove mpc8544_copy_soc_cell
Alexander Graf [Thu, 21 Jul 2011 00:35:28 +0000 (02:35 +0200)]
PPC: E500: Remove mpc8544_copy_soc_cell

We don't need mpc8544_copy_soc_cell anymore, since we're explicitly reading
host values and writing guest values respectively.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: E500: Use generic kvm function for freq
Alexander Graf [Thu, 21 Jul 2011 00:34:11 +0000 (02:34 +0200)]
PPC: E500: Use generic kvm function for freq

Now that we have generic KVM functions to read out the host tb and clock
frequencies, let's use them in the e500 code!

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: KVM: Add generic function to read host clockfreq
Alexander Graf [Thu, 21 Jul 2011 00:29:15 +0000 (02:29 +0200)]
PPC: KVM: Add generic function to read host clockfreq

We need to find out the host's clock-frequency when running on KVM, so
let's export a respective function.

Signed-off-by: Alexander Graf <agraf@suse.de>
---

v1 -> v2:

  - enable 64bit values

13 years agoPPC: bamboo: Move host fdt copy to target
Alexander Graf [Thu, 21 Jul 2011 00:08:10 +0000 (02:08 +0200)]
PPC: bamboo: Move host fdt copy to target

We have some code in generic kvm_ppc.c that is only used by 440. Move to
the 440 specific device code.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agodevice tree: add nop_node
Alexander Graf [Wed, 20 Jul 2011 23:52:57 +0000 (01:52 +0200)]
device tree: add nop_node

We have a qemu internal abstraction layer on FDT. While I'm not fully convinced
we need it at all, it's missing the nop_node functionality that we now need
on e500. So let's add it and think about the general future of that API later.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: E500: Generate IRQ lines for many CPUs
Alexander Graf [Wed, 20 Jul 2011 23:42:58 +0000 (01:42 +0200)]
PPC: E500: Generate IRQ lines for many CPUs

Now that we can generate multiple envs for all our virtual CPUs, we
also need to tell the MPIC that we have multiple CPUs connected and
connect them all to the respective virtual interrupt lines.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: E500: create multiple envs
Alexander Graf [Wed, 20 Jul 2011 23:41:16 +0000 (01:41 +0200)]
PPC: E500: create multiple envs

When creating a VM, we should go through smp_cpus and create a virtual CPU for
every CPU the user requested. This patch adds support for that and moves some
code around to make that more convenient.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: Bump MPIC up to 32 supported CPUs
Alexander Graf [Wed, 20 Jul 2011 23:39:46 +0000 (01:39 +0200)]
PPC: Bump MPIC up to 32 supported CPUs

The MPIC emulation is now capable of handling up to 32 CPUs. Reflect that in
the code exporting the numbers out and fix an integer overflow while at it.

Signed-off-by: Alexander Graf <agraf@suse.de>
---

v1 -> v2:

  - Max cpus is 15 due to cINT routing
  - Report nb_cpus not MAX_CPUS in MPIC capabilities

13 years agoPPC: MPIC: Fix CI bit definitions
Alexander Graf [Sat, 23 Jul 2011 09:27:53 +0000 (11:27 +0200)]
PPC: MPIC: Fix CI bit definitions

The bit definitions for critical interrupt routing are in PowerPC order
(most significant bit is 0), while we end up shifting it with normal bit
order. Turn the numbers around so we actually end up fetching the
right ones.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: MPIC: Remove read functionality for WO registers
Alexander Graf [Sat, 23 Jul 2011 09:09:23 +0000 (11:09 +0200)]
PPC: MPIC: Remove read functionality for WO registers

The IPI dispatch registers are write only according to every MPIC
spec I have found. So instead of pretending you could read back something
from them, better not handle them at all.

Reported-by: Elie Richa <richa@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: Set MPIC IDE for IPI to 0
Alexander Graf [Sat, 23 Jul 2011 09:05:35 +0000 (11:05 +0200)]
PPC: Set MPIC IDE for IPI to 0

We use the IDE register with IPIs as a mask to keep track which processors
have already acknowledged the respective interrupt. So we need to initialize
it to 0 to make sure that it doesn't accidently fire an IPI on CPU0 when the
first IPI is triggered.

Reported-by: Elie Richa <richa@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
---

v2 -> v3:

  - fix IDE IPI reset

13 years agoPPC: Fix IPI support in MPIC
Alexander Graf [Wed, 20 Jul 2011 23:36:44 +0000 (01:36 +0200)]
PPC: Fix IPI support in MPIC

The current IPI support in the MPIC code is incomplete and doesn't work. This
code adds proper support for IPIs in MPIC by using the IDE register to remember
which CPUs IPIs are still outstanding to. New triggers through the IPI trigger
register only add to the list of CPUs we want to IPI.

Signed-off-by: Alexander Graf <agraf@suse.de>
---

v1 -> v2:

  - Use MAX_IPI instead of hardcoded 4

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: Extend MPIC MMIO range
Alexander Graf [Wed, 20 Jul 2011 23:35:15 +0000 (01:35 +0200)]
PPC: Extend MPIC MMIO range

The MPIC exports a page for each CPU that it controls. To support more than
one CPU, we need to also reserve the MMIO space according to the amount of
CPUs we want to support.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: Add CPU local MMIO regions to MPIC
Alexander Graf [Wed, 20 Jul 2011 23:33:29 +0000 (01:33 +0200)]
PPC: Add CPU local MMIO regions to MPIC

The MPIC exports a register set for each CPU connected to it. They can all
be accessed through specific registers or using a shadow page that is mapped
differently depending on which CPU accesses it.

This patch implements the shadow map, making it possible for guests to access
the CPU local registers using the same address on each CPU.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoPPC: Move openpic to target specific code compilation
Alexander Graf [Wed, 20 Jul 2011 22:49:45 +0000 (00:49 +0200)]
PPC: Move openpic to target specific code compilation

The MPIC has some funny feature where it maps different registers to an MMIO
region depending which CPU accesses them.

To be able to reflect that, we need to make OpenPIC be compiled in the target
code, so it can access cpu_single_env.

Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agospapr: make irq customizable via qdev
Paolo Bonzini [Thu, 26 May 2011 09:52:46 +0000 (11:52 +0200)]
spapr: make irq customizable via qdev

This also lets the user see the irq in "info qtree".

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agospapr: prepare for qdevification of irq
Paolo Bonzini [Thu, 26 May 2011 09:52:45 +0000 (11:52 +0200)]
spapr: prepare for qdevification of irq

Restructure common properties for sPAPR devices so that IRQ definitions
can be added in one place.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agospapr: proper qdevification
Paolo Bonzini [Thu, 26 May 2011 09:52:44 +0000 (11:52 +0200)]
spapr: proper qdevification

Right now the spapr devices cannot be instantiated with -device,
because the IRQs need to be passed to the spapr_*_create functions.
Do this instead in the bus's init wrapper.

This is particularly important with the conversion from scsi-disk
to scsi-{cd,hd} that Markus made.  After his patches, if you
specify a scsi-cd device attached to an if=none drive, the default
VSCSI controller will not be created and, without qdevification,
you will not be able to add yours.

NOTE from agraf: added small compile fix

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
13 years agoqed: fix use-after-free during l2 cache commit
Stefan Hajnoczi [Fri, 30 Sep 2011 10:39:11 +0000 (11:39 +0100)]
qed: fix use-after-free during l2 cache commit

QED's metadata caching strategy allows two parallel requests to race for
metadata lookup.  The first one to complete will populate the metadata
cache and the second one will drop the data it just read in favor of the
cached data.

There is a use-after-free in qed_read_l2_table_cb() and
qed_commit_l2_update() where l2_table->offset was used after the
l2_table may have been freed due to a metadata lookup race.  Fix this by
keeping the l2_offset in a local variable and not reaching into the
possibly freed l2_table.

Reported-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
13 years agoetrax-dma: Remove bogus if statement
Edgar E. Iglesias [Mon, 3 Oct 2011 08:20:13 +0000 (10:20 +0200)]
etrax-dma: Remove bogus if statement

Reported-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
13 years agomemory: Print regions in ascending order
Jan Kiszka [Tue, 27 Sep 2011 13:00:41 +0000 (15:00 +0200)]
memory: Print regions in ascending order

Makes reading the output more user friendly.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
13 years agomemory: Do not print empty PIO root
Jan Kiszka [Tue, 27 Sep 2011 13:00:38 +0000 (15:00 +0200)]
memory: Do not print empty PIO root

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
13 years agomemory: Print region priority
Jan Kiszka [Tue, 27 Sep 2011 13:00:31 +0000 (15:00 +0200)]
memory: Print region priority

Useful to discover eclipses.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
13 years agomemory: simple memory tree printer
Blue Swirl [Sun, 11 Sep 2011 20:22:05 +0000 (20:22 +0000)]
memory: simple memory tree printer

Add a monitor command 'info mtree' to show the memory hierarchy
much like /proc/iomem in Linux.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
13 years agoMove GETPC from dyngen-exec.h to exec-all.h
Blue Swirl [Wed, 21 Sep 2011 18:13:16 +0000 (18:13 +0000)]
Move GETPC from dyngen-exec.h to exec-all.h

GETPC() can be used even from outside of helper code. Move the macro to
a more accessible location. Avoid a compile warning from redefining it in exec.c.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agosoftmmu_header: pass CPUState to tlb_fill
Blue Swirl [Mon, 4 Jul 2011 20:57:05 +0000 (20:57 +0000)]
softmmu_header: pass CPUState to tlb_fill

Pass CPUState pointer to tlb_fill() instead of architecture local
cpu_single_env hacks.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agoDocument softmmu templates
Blue Swirl [Wed, 21 Sep 2011 20:00:18 +0000 (20:00 +0000)]
Document softmmu templates

Add some comments to describe each file.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agoESP: convert to trace framework
Blue Swirl [Sun, 11 Sep 2011 15:54:18 +0000 (15:54 +0000)]
ESP: convert to trace framework

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agoPPC: Drop initial ESCC mapping
Alexander Graf [Fri, 30 Sep 2011 13:29:12 +0000 (15:29 +0200)]
PPC: Drop initial ESCC mapping

We are mapping ESCC to a static (incorrect) address on machine init. This
overlaps with our vram, rendering the screen barely usable.

Since openBIOS is clever enough to map ESCC to where it needs to be, we can
just drop that invalid map and everyone's happy.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agotcg-i386: Introduce limited deposit support
Jan Kiszka [Thu, 29 Sep 2011 16:52:11 +0000 (18:52 +0200)]
tcg-i386: Introduce limited deposit support

x86 cannot provide an optimized generic deposit implementation. But at
least for a few special cases, namely for writing bits 0..7, 8..15, and
0..15, versions using only a single instruction are feasible.
Introducing such limited support improves emulating 16-bit x86 code on
x86, but also rarer cases where 32-bit or 64-bit code accesses bytes or
words.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agomips_fulong2e: Reorder ISA bus and i8259 creation
Jan Kiszka [Wed, 28 Sep 2011 09:19:02 +0000 (11:19 +0200)]
mips_fulong2e: Reorder ISA bus and i8259 creation

Missed during memory region conversion: The i8259 now depends on the ISA
bus being created first. Reorder the initialization.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agotarget-i386: Remove redundant word mask in port out instructions
Jan Kiszka [Mon, 26 Sep 2011 17:20:00 +0000 (19:20 +0200)]
target-i386: Remove redundant word mask in port out instructions

T0 was already masked to 16 bits when loading it.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agosoftfloat: Reinstate accidentally disabled target-specific NaN handling
Peter Maydell [Mon, 26 Sep 2011 15:56:55 +0000 (16:56 +0100)]
softfloat: Reinstate accidentally disabled target-specific NaN handling

Include config.h in softfloat.c, so that the target specific ifdefs in
softfloat-specialize.h are evaluated correctly. This was accidentally
broken in commit 789ec7ce2 when config-target.h was removed from
softfloat.h, and means that most targets will have been returning the
wrong results for calculations involving NaNs.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agotcg/arm: Remove unused tcg_out_addi()
Peter Maydell [Mon, 12 Sep 2011 10:03:45 +0000 (11:03 +0100)]
tcg/arm: Remove unused tcg_out_addi()

Remove the unused function tcg_out_addi() from the ARM TCG backend;
this fixes a compilation failure on ARM hosts with newer gcc.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agoconfigure: Detect predefined compiler symbols for ARM and HPPA
Brad [Thu, 8 Sep 2011 01:24:56 +0000 (21:24 -0400)]
configure: Detect predefined compiler symbols for ARM and HPPA

To be able to detect some ARM / HPPA based architectures such as with
OpenBSD/(armish / zaurus) or OpenBSD/hppa.

Signed-off-by: Brad Smith <brad@comstyle.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agotcg: Add some assertions
Stefan Weil [Sat, 17 Sep 2011 20:00:30 +0000 (22:00 +0200)]
tcg: Add some assertions

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agotcg: Add forward declarations for local functions
Stefan Weil [Sat, 17 Sep 2011 20:00:29 +0000 (22:00 +0200)]
tcg: Add forward declarations for local functions

These functions are defined in the tcg target specific file
tcg-target.c.

The forward declarations assert that every tcg target uses
the same function prototype.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agotcg: Don't declare TCG_TARGET_REG_BITS in tcg-target.h
Stefan Weil [Sat, 17 Sep 2011 20:00:28 +0000 (22:00 +0200)]
tcg: Don't declare TCG_TARGET_REG_BITS in tcg-target.h

It is now declared for all tcg targets in tcg.h,
so the tcg target specific declarations are redundant.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agotcg: Declare TCG_TARGET_REG_BITS in tcg.h
Stefan Weil [Sat, 17 Sep 2011 20:00:27 +0000 (22:00 +0200)]
tcg: Declare TCG_TARGET_REG_BITS in tcg.h

TCG_TARGET_REG_BITS can be determined by the compiler,
so there is no need to declare it for each individual tcg target.

This is especially important for new tcg targets
which will be supported by the tcg interpreter.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agoMerge remote-tracking branch 'kiszka/queues/slirp' into staging
Anthony Liguori [Thu, 29 Sep 2011 18:33:47 +0000 (13:33 -0500)]
Merge remote-tracking branch 'kiszka/queues/slirp' into staging

13 years agoMerge remote-tracking branch 'aneesh/for-upstream-5' into staging
Anthony Liguori [Thu, 29 Sep 2011 18:32:05 +0000 (13:32 -0500)]
Merge remote-tracking branch 'aneesh/for-upstream-5' into staging

13 years agoAdd OpenBIOS as a submodule
Blue Swirl [Mon, 29 Aug 2011 21:13:29 +0000 (21:13 +0000)]
Add OpenBIOS as a submodule

Update OpenBIOS images to r1047 built from submodule.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agoslirp: Fix packet expiration
Thomas Huth [Tue, 27 Sep 2011 09:20:38 +0000 (11:20 +0200)]
slirp: Fix packet expiration

The two new variables "arp_requested" and "expiration_date" in the mbuf
structure have been added after the variable-sized "m_dat_" array. The
variables have to be added before the m_dat_ array instead.
Without this patch, the expiration_date gets clobbered by code that
accesses the m_dat_ array.
I experienced this problem with the code in slirp/tftp.c: The
tftp_send_data() function created a new packet with the m_get()
function (which fills-in a default expiration_date value). Then the
TFTP code cleared the data section of the packet, which accidentially
also cleared the expiration_date. This zeroed expiration_date then
finally causes the packet to be discarded during if_start(), so that
TFTP packets were not transmitted anymore.

[Jan: added comment as suggested by Fabien ]

CC: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
13 years agoslirp: Fix use after release on tcp_input
Jan Kiszka [Mon, 26 Sep 2011 19:29:56 +0000 (21:29 +0200)]
slirp: Fix use after release on tcp_input

ti points into the m buffer. But the latter may already be released
right after the dodata: label. Move the test before the potential
release.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
13 years agoPPC: use memory API to construct the PCI hole
Blue Swirl [Sat, 17 Sep 2011 20:30:50 +0000 (20:30 +0000)]
PPC: use memory API to construct the PCI hole

Avoid vga.chain4 mapping by constructing a PCI hole for upper
2G of the PCI space.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
13 years agoMerge remote-tracking branch 'qemu-kvm-tmp/memory/urgent' into staging
Anthony Liguori [Mon, 26 Sep 2011 13:00:47 +0000 (08:00 -0500)]
Merge remote-tracking branch 'qemu-kvm-tmp/memory/urgent' into staging

13 years agoMerge remote-tracking branch 'qemu-kvm-tmp/memory/batch' into staging
Anthony Liguori [Mon, 26 Sep 2011 13:00:40 +0000 (08:00 -0500)]
Merge remote-tracking branch 'qemu-kvm-tmp/memory/batch' into staging