sdk/emulator/qemu.git
8 years agosdhci: Implement DeviceClass reset
Peter Maydell [Fri, 4 Mar 2016 11:30:17 +0000 (11:30 +0000)]
sdhci: Implement DeviceClass reset

The sdhci device was missing a DeviceClass reset method;
implement it. Poweron reset looks the same as reset commanded
by the guest via the device registers, apart from modelling of
the rpi 'pending insert interrupt on powerup' quirk.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Message-id: 1456493044-10025-3-git-send-email-peter.maydell@linaro.org

8 years agosd.c: Handle NULL block backend in sd_get_inserted()
Peter Maydell [Fri, 4 Mar 2016 11:30:17 +0000 (11:30 +0000)]
sd.c: Handle NULL block backend in sd_get_inserted()

The sd.c SD card emulation code can be in a state where the
SDState BlockBackend pointer is NULL; this is treated as
"card not present". Add a missing check to sd_get_inserted()
so that we don't segfault in this situation.

(This could be provoked by the guest writing to the SDHCI
register to do a reset on a xilinx-zynq-a9 board; it will
also happen at startup when sdhci implements its DeviceClass
reset method.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Message-id: 1456493044-10025-2-git-send-email-peter.maydell@linaro.org

8 years agovirt: Lift the maximum RAM limit from 30GB to 255GB
Peter Maydell [Fri, 4 Mar 2016 11:30:16 +0000 (11:30 +0000)]
virt: Lift the maximum RAM limit from 30GB to 255GB

The virt board restricts guests to only 30GB of RAM. This is a
hangover from the vexpress-a15 board, and there's no inherent reason
for it. 30GB is smaller than you might reasonably want to provision
a VM for on a beefy server machine. Raise the limit to 255GB.

We choose 255GB because the available space we currently have
below the 1TB boundary is up to the 512GB mark, but we don't
want to paint ourselves into a corner by assigning it all to
RAM. So we make half of it available for RAM, with the 256GB..512GB
range available for future non-RAM expansion purposes.

If we need to provide more RAM to VMs in the future then we need to:
 * allocate a second bank of RAM starting at 2TB and working up
 * fix the DT and ACPI table generation code in QEMU to correctly
   report two split lumps of RAM to the guest
 * fix KVM in the host kernel to allow guests with >40 bit address spaces

The last of these is obviously the trickiest, but it seems
reasonable to assume that anybody configuring a VM with a quarter
of a terabyte of RAM will be doing it on a host with more than a
terabyte of physical address space.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Tested-by: Wei Huang <wei@redhat.com>
Message-id: 1456402182-11651-1-git-send-email-peter.maydell@linaro.org

8 years agotarget-arm: Correct handling of writes to CPSR mode bits from gdb in usermode
Peter Maydell [Fri, 4 Mar 2016 11:30:16 +0000 (11:30 +0000)]
target-arm: Correct handling of writes to CPSR mode bits from gdb in usermode

In helper.c the expression
  (env->uncached_cpsr & CPSR_M) != CPSR_USER
is always true; the right hand side was supposed to be ARM_CPU_MODE_USR
(an error in commit cb01d391).

Since the incorrect expression was always true, this just meant that
commit cb01d391 had no effect.

However simply changing the RHS here would reveal a logic error: if
the mode is USR we wish to completely ignore the attempt to set the
mode bits, which means that we must clear the CPSR_M bits from mask
to avoid the uncached_cpsr bits being updated at the end of the
function.

Move the condition into the correct place in the code, fix its RHS
constant, and add a comment about the fact that we must be doing a
gdbstub write if we're in user mode.

Fixes: https://bugs.launchpad.net/qemu/+bug/1550503
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1456764438-30015-1-git-send-email-peter.maydell@linaro.org

8 years agoMerge remote-tracking branch 'remotes/amit-virtio-rng/tags/rng-for-2.6-1' into staging
Peter Maydell [Thu, 3 Mar 2016 13:13:35 +0000 (13:13 +0000)]
Merge remote-tracking branch 'remotes/amit-virtio-rng/tags/rng-for-2.6-1' into staging

rng:
- implement a request queue for rng-random so multiple guest requests
  don't result in vq buffers getting forgotten
- remove unused request cancellation code
- a VM with multiple vq buffers, when migrated, could get in a situation
  where not all buffers are handed back to the guest.  This is now
  fixed.

# gpg: Signature made Thu 03 Mar 2016 12:18:54 GMT using RSA key ID 854083B6
# gpg: Good signature from "Amit Shah <amit@amitshah.net>"
# gpg:                 aka "Amit Shah <amit@kernel.org>"
# gpg:                 aka "Amit Shah <amitshah@gmx.net>"

* remotes/amit-virtio-rng/tags/rng-for-2.6-1:
  virtio-rng: ask for more data if queue is not fully drained
  rng: add request queue support to rng-random
  rng: move request queue cleanup from RngEgd to RngBackend
  rng: move request queue from RngEgd to RngBackend
  rng: remove the unused request cancellation code
  MAINTAINERS: Add an entry for the include/sysemu/rng*.h files

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agovirtio-rng: ask for more data if queue is not fully drained
Ladi Prosek [Thu, 3 Mar 2016 09:48:34 +0000 (10:48 +0100)]
virtio-rng: ask for more data if queue is not fully drained

This commit effectively reverts:

  commit 4621c1768ef5d12171cca2aa1473595ecb9f1c9e
  Author: Amit Shah <amit.shah@redhat.com>
  Date:   Wed Nov 21 11:21:19 2012 +0530

  virtio-rng: remove extra request for entropy

but instead of calling virtio_rng_process unconditionally, it
first checks to see if the queue is empty as a little bit of
optimization.

Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Message-Id: <1456998514-19271-1-git-send-email-lprosek@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agorng: add request queue support to rng-random
Ladi Prosek [Thu, 3 Mar 2016 08:37:18 +0000 (09:37 +0100)]
rng: add request queue support to rng-random

Requests are now created in the RngBackend parent class and the
code path is shared by both rng-egd and rng-random.

This commit fixes the rng-random implementation which processed
only one request at a time and simply discarded all but the most
recent one. In the guest this manifested as delayed completion
of reads from virtio-rng, i.e. a read was completed only after
another read was issued.

By switching rng-random to use the same request queue as rng-egd,
the unsafe stack-based allocation of the entropy buffer is
eliminated and replaced with g_malloc.

Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Message-Id: <1456994238-9585-5-git-send-email-lprosek@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agorng: move request queue cleanup from RngEgd to RngBackend
Ladi Prosek [Thu, 3 Mar 2016 08:37:17 +0000 (09:37 +0100)]
rng: move request queue cleanup from RngEgd to RngBackend

RngBackend is now in charge of cleaning up the linked list on
instance finalization. It also exposes a function to finalize
individual RngRequest instances, called by its child classes.

Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Message-Id: <1456994238-9585-4-git-send-email-lprosek@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agorng: move request queue from RngEgd to RngBackend
Ladi Prosek [Thu, 3 Mar 2016 08:37:16 +0000 (09:37 +0100)]
rng: move request queue from RngEgd to RngBackend

The 'requests' field now lives in the RngBackend parent class.
There are no functional changes in this commit.

Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Message-Id: <1456994238-9585-3-git-send-email-lprosek@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agorng: remove the unused request cancellation code
Ladi Prosek [Thu, 3 Mar 2016 08:37:15 +0000 (09:37 +0100)]
rng: remove the unused request cancellation code

rng_backend_cancel_requests had no callers and none of the code
deleted in this commit ever ran.

Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Message-Id: <1456994238-9585-2-git-send-email-lprosek@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agoMAINTAINERS: Add an entry for the include/sysemu/rng*.h files
Thomas Huth [Thu, 25 Feb 2016 12:44:20 +0000 (13:44 +0100)]
MAINTAINERS: Add an entry for the include/sysemu/rng*.h files

These headers are used by the virtio-rng and rng backends code,
so they should be listed in the same section in MAINTAINERS, too.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
Message-Id: <1456404260-26928-1-git-send-email-thuth@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agoMerge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging
Peter Maydell [Tue, 1 Mar 2016 15:54:03 +0000 (15:54 +0000)]
Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging

# gpg: Signature made Tue 01 Mar 2016 15:48:04 GMT using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/tracing-pull-request:
  trace: Add a proper API to manage auto-generated events from the 'tcg' property
  trace: Add 'vcpu' event property to trace guest vCPU
  typedefs: Add CPUState
  trace: Add helper function to cast event arguments
  tcg: Move definition of type TCGv
  tcg: Add type for vCPU pointers
  trace: Remove unnecessary intermediate event copies
  trace: Extend API to manage event arguments
  vl: fix tracing initialization
  trace: use addresses instead of offsets in memory tracepoints
  trace: split subpage MMIOs into their own trace events.
  trace: docs: "simple" backend does support strings
  trace: drop trailing empty strings

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotrace: Add a proper API to manage auto-generated events from the 'tcg' property
Lluís Vilanova [Thu, 25 Feb 2016 13:06:30 +0000 (14:06 +0100)]
trace: Add a proper API to manage auto-generated events from the 'tcg' property

Formalizes the existence of the 'event_trans' and 'event_exec' event
attributes, which until now were monkey-patched only when necessary.

Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Message-id: 145640558759.20978.6374959404425591089.stgit@localhost
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agotrace: Add 'vcpu' event property to trace guest vCPU
Lluís Vilanova [Thu, 25 Feb 2016 16:43:38 +0000 (17:43 +0100)]
trace: Add 'vcpu' event property to trace guest vCPU

This property identifies events that trace vCPU-specific information.

It adds a "CPUState*" argument to events with the property, identifying
the vCPU raising the event. TCG translation events also have a
"TCGv_env" implicit argument that is later used as the "CPUState*"
argument at execution time.

Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Message-id: 145641861797.30295.6991314023181842105.stgit@localhost
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agotypedefs: Add CPUState
Lluís Vilanova [Thu, 25 Feb 2016 16:43:32 +0000 (17:43 +0100)]
typedefs: Add CPUState

Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Message-id: 145641861239.30295.8564457138934628740.stgit@localhost
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agotrace: Add helper function to cast event arguments
Lluís Vilanova [Thu, 25 Feb 2016 16:43:27 +0000 (17:43 +0100)]
trace: Add helper function to cast event arguments

Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Message-id: 145641860680.30295.1873612736245870753.stgit@localhost
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agotcg: Move definition of type TCGv
Lluís Vilanova [Thu, 25 Feb 2016 16:43:21 +0000 (17:43 +0100)]
tcg: Move definition of type TCGv

The target-dependant type TCGv must be defined in "tcg/tcg.h" before
including the tracing helper wrappers in "tcg/tcg-op.h".

It also makes more sense to define it here, where other TCG types are
defined too.

Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Message-id: 145641860129.30295.17554707227384022653.stgit@localhost
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agotcg: Add type for vCPU pointers
Lluís Vilanova [Thu, 25 Feb 2016 16:43:15 +0000 (17:43 +0100)]
tcg: Add type for vCPU pointers

Adds the 'TCGv_env' type for pointers to 'CPUArchState' objects. The
tracing infrastructure later needs to differentiate between regular
pointers and pointers to vCPUs.

Also changes all targets to use the new 'TCGv_env' type instead of the
generic 'TCGv_ptr'. As of now, the change is merely cosmetic ('TCGv_env'
translates into 'TCGv_ptr'), but that could change in the future to
enforce the difference.

Note that a 'TCGv_env' type (for 'CPUState') is not added, since all
helpers currently receive the architecture-specific
pointer ('CPUArchState').

Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Acked-by: Richard Henderson <rth@twiddle.net>
Message-id: 145641859552.30295.7821536833590725201.stgit@localhost
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agotrace: Remove unnecessary intermediate event copies
Lluís Vilanova [Thu, 25 Feb 2016 16:43:10 +0000 (17:43 +0100)]
trace: Remove unnecessary intermediate event copies

The current code forces the use of a chain of ".original" dereferences,
which looks odd.

Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Message-id: 145641858988.30295.7223459456488075843.stgit@localhost
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agotrace: Extend API to manage event arguments
Lluís Vilanova [Thu, 25 Feb 2016 16:43:04 +0000 (17:43 +0100)]
trace: Extend API to manage event arguments

Lets the user manage event arguments as a list, and simplifies argument
concatenation.

Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 145641858432.30295.3069911069472672646.stgit@localhost
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agovl: fix tracing initialization
Denis V. Lunev [Tue, 9 Feb 2016 16:49:05 +0000 (19:49 +0300)]
vl: fix tracing initialization

we should call trace_init_backends() before trace_init_file() for
CONFIG_TRACE_SIMPLE There is no difference for other cases.

This problem was introduced by the commit
    commit 41fc57e44ed64cd4ab5393d83624afd897dabd4f
    Author: Paolo Bonzini <pbonzini@redhat.com>
    Date:   Thu Jan 7 16:55:24 2016 +0300

    trace: split trace_init_file out of trace_init_backends

'make check' was failed as a result if configured with
  --enable-trace-backends=simple

Spotted by Alex Bennée.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Christian Borntraeger <borntraeger@de.ibm.com>
Message-id: 1455036545-14870-1-git-send-email-den@openvz.org
CC: Alex Bennée <alex.bennee@linaro.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agotrace: use addresses instead of offsets in memory tracepoints
Hollis Blanchard [Tue, 9 Feb 2016 00:03:05 +0000 (16:03 -0800)]
trace: use addresses instead of offsets in memory tracepoints

When memory_region_ops tracepoints are enabled, calculate and record the
absolute address being accessed. Otherwise, we only get offsets into the
memory region instead of addresses.

[Fixed "offset" -> "addr" in trace event format strings.
--Stefan]

Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
Message-id: 1454976185-30095-3-git-send-email-hollis_blanchard@mentor.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agotrace: split subpage MMIOs into their own trace events.
Hollis Blanchard [Tue, 9 Feb 2016 00:03:04 +0000 (16:03 -0800)]
trace: split subpage MMIOs into their own trace events.

Previously, a single MMIO could trigger the memory_region_ops tracepoint twice:
once on its way into subpage ops, then later on its way into the model's ops.

Also, the fields previously called "addr" are actually offsets into the memory
region. Rename them to "offset" while we're editing the tracepoint definitions.

Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
Message-id: 1454976185-30095-2-git-send-email-hollis_blanchard@mentor.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agotrace: docs: "simple" backend does support strings
Hollis Blanchard [Tue, 9 Feb 2016 00:03:03 +0000 (16:03 -0800)]
trace: docs: "simple" backend does support strings

The simple tracing backend has supported strings for more than three years
(62bab73213ba885426a781eb2741670b9f3cae36).

Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
Message-id: 1454976185-30095-1-git-send-email-hollis_blanchard@mentor.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agotrace: drop trailing empty strings
Greg Kurz [Mon, 11 Jan 2016 17:30:36 +0000 (18:30 +0100)]
trace: drop trailing empty strings

Also fix a typo in the virtio_balloon_handle_output() trace while here.

[The double-quoting was a limitation of the old tracetool.sh script.
The modern tracetool.py script does not require double-quotes at the end
of the line.  See commit cf85cf8e972f3ad79f203be4edb7968d6e052293
("trace: Format strings must begin/end with double quotes").
--Stefan]

Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 20160111173036.24764.59878.stgit@bahia.huguette.org
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
8 years agoMerge remote-tracking branch 'remotes/cohuck/tags/s390x-20160301' into staging
Peter Maydell [Tue, 1 Mar 2016 13:09:55 +0000 (13:09 +0000)]
Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20160301' into staging

Assorted fixes, cleanups and enhancements.

# gpg: Signature made Tue 01 Mar 2016 11:45:12 GMT using RSA key ID C6F02FAF
# gpg: Good signature from "Cornelia Huck <huckc@linux.vnet.ibm.com>"
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>"

* remotes/cohuck/tags/s390x-20160301:
  s390x/css: only suspend when enabled by orb
  MAINTAINERS: Remove entry for hw/s390x/s390-virtio-bus.[ch]
  MAINTAINERS: Remove the old s390-virtio machine
  s390x/pci: use PCI_MSIX_FLAGS on retrieving the MSIX entries
  s390x/css: Use static initialization for channel_subsys fields
  s390x/css: Allocate channel_subsys statically
  s390x/pci: fix reg/dereg irq functions
  s390x/css: introduce indicator refcounting interfaces
  s390x/virtio: old machine leftovers
  watchdog/diag288: avoid race condition on expired watchdog
  s390x: remove {kvm_}s390_virtio_irq()
  s390x: fix debug statement in trigger_page_fault()
  s390x/kvm: sync fprs via kvm_run
  linux-headers: update against kvm/next

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-seabios-20160301-1' into staging
Peter Maydell [Tue, 1 Mar 2016 12:18:23 +0000 (12:18 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-seabios-20160301-1' into staging

seabios: update to 1.9.1 stable release

# gpg: Signature made Tue 01 Mar 2016 08:39:53 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-seabios-20160301-1:
  seabios: update to 1.9.1 stable release

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agos390x/css: only suspend when enabled by orb
Cornelia Huck [Mon, 22 Feb 2016 15:43:04 +0000 (16:43 +0100)]
s390x/css: only suspend when enabled by orb

We must not allow a channel program to suspend if the suspend
control bit in the orb had not been specified.

Reviewed-by: Halil Pasic <pasic@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agoMAINTAINERS: Remove entry for hw/s390x/s390-virtio-bus.[ch]
Thomas Huth [Thu, 25 Feb 2016 10:45:00 +0000 (11:45 +0100)]
MAINTAINERS: Remove entry for hw/s390x/s390-virtio-bus.[ch]

The files have been deleted recently, no need to keep these entries
anymore.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1456397100-22746-1-git-send-email-thuth@redhat.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agoMAINTAINERS: Remove the old s390-virtio machine
Thomas Huth [Thu, 25 Feb 2016 09:57:54 +0000 (10:57 +0100)]
MAINTAINERS: Remove the old s390-virtio machine

The old s390-virtio machine has been removed last year, so we don't
need the corresponding section in the MAINTAINERS file anymore.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1456394274-21082-1-git-send-email-thuth@redhat.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agos390x/pci: use PCI_MSIX_FLAGS on retrieving the MSIX entries
Wei Yang [Fri, 19 Feb 2016 15:18:11 +0000 (15:18 +0000)]
s390x/pci: use PCI_MSIX_FLAGS on retrieving the MSIX entries

Even PCI_CAP_FLAGS has the same value as PCI_MSIX_FLAGS, the later one is
the more proper on retrieving MSIX entries.

This patch uses PCI_MSIX_FLAGS to retrieve the MSIX entries.

Signed-off-by: Wei Yang <richard.weiyang@gmail.com>
CC: Cornelia Huck <cornelia.huck@de.ibm.com>
CC: Christian Borntraeger <borntraeger@de.ibm.com>
Message-Id: <1455895091-7589-3-git-send-email-richard.weiyang@gmail.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agos390x/css: Use static initialization for channel_subsys fields
Eduardo Habkost [Tue, 16 Feb 2016 20:59:06 +0000 (18:59 -0200)]
s390x/css: Use static initialization for channel_subsys fields

machine_init() will be gone, but we don't need it if we just
initialize the channel_subsys fields statically.

Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Alexander Graf <agraf@suse.de>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <1455656347-29033-4-git-send-email-ehabkost@redhat.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
[adapted on top of indicator changes]
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agos390x/css: Allocate channel_subsys statically
Eduardo Habkost [Tue, 16 Feb 2016 20:59:05 +0000 (18:59 -0200)]
s390x/css: Allocate channel_subsys statically

There's no need to use g_malloc0() to allocate the channel_subsys
struct, just use a static variable.

Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Alexander Graf <agraf@suse.de>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <1455656347-29033-3-git-send-email-ehabkost@redhat.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
[adapted on top of indicator changes]
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agos390x/pci: fix reg/dereg irq functions
Yi Min Zhao [Thu, 28 Jan 2016 05:26:43 +0000 (13:26 +0800)]
s390x/pci: fix reg/dereg irq functions

Indicator refcounting interfaces are introduced. This patch fixes
introducing unneeded indicator mappings and failure to release
AISB mappings on deregistration.

Signed-off-by: Yi Min Zhao <zyimin@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agos390x/css: introduce indicator refcounting interfaces
Yi Min Zhao [Wed, 27 Jan 2016 08:05:26 +0000 (16:05 +0800)]
s390x/css: introduce indicator refcounting interfaces

Currently, virtio-ccw uses its own interfaces to keep indicators mapped
just once even if the same address has been registered multiple times.
These interfaces fit the PCI use case as well. Therefore, move them to
css and make them generic interfaces.

Signed-off-by: Yi Min Zhao <zyimin@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agos390x/virtio: old machine leftovers
Cornelia Huck [Wed, 10 Feb 2016 12:22:32 +0000 (13:22 +0100)]
s390x/virtio: old machine leftovers

Remove some now unused #defines.

Reviewed-By: Sascha Silbe <silbe@linux.vnet.ibm.com>
Reviewed-by: Halil Pasic <pasic@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agowatchdog/diag288: avoid race condition on expired watchdog
Sascha Silbe [Fri, 29 Jan 2016 14:51:45 +0000 (15:51 +0100)]
watchdog/diag288: avoid race condition on expired watchdog

When configured to inject an NMI, watchdog_perform_action() may cause
the BQL to be temporarily relinquished (inject_nmi() → ... →
s390_nmi() → s390_cpu_restart() → run_on_cpu()). When the guest issues
diag 288 again in response to the NMI, the diag 288 operation will
race against wdt_diag288_reset(). Depending on scheduler behaviour,
wdt_diag288_reset() may be run after the guest issued a diag 288
Init. As a result, we will cancel the timer the guest just set up. The
effect observed by the guest is that a second expiry does not trigger
the watchdog action and diag 288 Change operations fail.

Fix this by resetting the timer _before_ invoking the action.

Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Acked-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agos390x: remove {kvm_}s390_virtio_irq()
Cornelia Huck [Wed, 27 Jan 2016 12:39:53 +0000 (13:39 +0100)]
s390x: remove {kvm_}s390_virtio_irq()

This interface was only used by the old virtio machine and therefore
is not needed anymore.

Reviewed-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Reviewed-by: Halil Pasic <pasic@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agos390x: fix debug statement in trigger_page_fault()
David Hildenbrand [Mon, 25 Jan 2016 08:03:57 +0000 (09:03 +0100)]
s390x: fix debug statement in trigger_page_fault()

When mmu_translate debugging output is enabled, code won't compile.
Let's just use the same statement as in trigger_prot_fault().

Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agos390x/kvm: sync fprs via kvm_run
David Hildenbrand [Tue, 2 Feb 2016 08:08:58 +0000 (09:08 +0100)]
s390x/kvm: sync fprs via kvm_run

We can now also sync the fprs via kvm_run, avoiding one ioctl.

Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agolinux-headers: update against kvm/next
Cornelia Huck [Mon, 22 Feb 2016 12:36:17 +0000 (13:36 +0100)]
linux-headers: update against kvm/next

Update against commit efef127c, but keep userfaultd.h.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-input-20160301-1' into staging
Peter Maydell [Tue, 1 Mar 2016 11:15:00 +0000 (11:15 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20160301-1' into staging

qapi: fix input-send-event and promote to stable

# gpg: Signature made Tue 01 Mar 2016 08:19:52 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-input-20160301-1:
  qapi: promote input-send-event to stable
  qapi: rename InputAxis values.
  qapi: rename input buttons
  qapi: switch x-input-send-event from console to device+head
  console: add & use qemu_console_lookup_by_device_name

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20160301-1' into staging
Peter Maydell [Tue, 1 Mar 2016 10:34:19 +0000 (10:34 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20160301-1' into staging

vga: minor cirrus/qxl bugfixes.

# gpg: Signature made Tue 01 Mar 2016 07:16:22 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-vga-20160301-1:
  qxl: lock current_async update in qxl_soft_reset
  cirrus_vga: fix off-by-one in blit_region_is_unsafe

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging
Peter Maydell [Tue, 1 Mar 2016 09:54:53 +0000 (09:54 +0000)]
Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging

# gpg: Signature made Mon 29 Feb 2016 20:08:16 GMT using RSA key ID C0DE3057
# gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>"
# gpg:                 aka "Jeffrey Cody <jeff@codyprime.org>"
# gpg:                 aka "Jeffrey Cody <codyprime@gmail.com>"

* remotes/cody/tags/block-pull-request:
  iotests/124: Add cluster_size mismatch test
  block/backup: avoid copying less than full target clusters
  block/backup: make backup cluster size configurable
  mirror: Add mirror_wait_for_io
  mirror: Rewrite mirror_iteration
  vhdx: Simplify vhdx_set_shift_bits()
  vhdx: DIV_ROUND_UP() in vhdx_calc_bat_entries()
  iscsi: add support for getting CHAP password via QCryptoSecret API
  curl: add support for HTTP authentication parameters
  rbd: add support for getting password from QCryptoSecret object
  sheepdog: allow to delete snapshot
  block/nfs: add support for setting debug level

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoseabios: update to 1.9.1 stable release
Gerd Hoffmann [Tue, 1 Mar 2016 08:36:14 +0000 (09:36 +0100)]
seabios: update to 1.9.1 stable release

git shortlog rel-1.9.0..rel-1.9.1
=================================

Cole Robinson (1):
      biostables: Support SMBIOS 2.6+ UUID format

Kevin O'Connor (7):
      xhci: Check for device disconnects during USB2 reset polling
      xhci: Wait for port enable even for USB3 devices
      sdcard: Only enable error_irq_enable for bits defined in SDHCI v1 spec
      sdcard: fix typo causing 32bit write to 16bit block_size field
      nmi: Don't try to switch onto extra stack in NMI handler
      scsi: Do not call printf() from scsi_is_ready()
      coreboot: Check for unaligned cbfs header

Marcel Apfelbaum (1):
      fw/pci: do not automatically allocate IO region for PCIe bridges

Roger Pau Monne (1):
      build: fix typo in buildversion.py

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoqapi: promote input-send-event to stable
Gerd Hoffmann [Tue, 12 Jan 2016 11:39:33 +0000 (12:39 +0100)]
qapi: promote input-send-event to stable

With all fixups being in place now, we can promote input-send-event
to stable abi by removing the x- prefix.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
8 years agoqapi: rename InputAxis values.
Gerd Hoffmann [Tue, 12 Jan 2016 11:34:20 +0000 (12:34 +0100)]
qapi: rename InputAxis values.

Lowercase them.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
8 years agoqapi: rename input buttons
Gerd Hoffmann [Tue, 12 Jan 2016 11:14:12 +0000 (12:14 +0100)]
qapi: rename input buttons

All lowercase, use-dash instead of CamelCase.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
8 years agoqapi: switch x-input-send-event from console to device+head
Gerd Hoffmann [Tue, 12 Jan 2016 11:11:14 +0000 (12:11 +0100)]
qapi: switch x-input-send-event from console to device+head

Use display device qdev id and head number instead of console index to
specify the QemuConsole.  This makes things consistent with input
devices (for input routing) and vnc server configuration, which both use
display and head too.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
8 years agoconsole: add & use qemu_console_lookup_by_device_name
Gerd Hoffmann [Tue, 12 Jan 2016 10:45:43 +0000 (11:45 +0100)]
console: add & use qemu_console_lookup_by_device_name

We have two places needing this, and a third one will come shortly.
So factor things out into a helper function to reduce code duplication.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
8 years agoqxl: lock current_async update in qxl_soft_reset
Gerd Hoffmann [Tue, 20 Oct 2015 07:57:30 +0000 (09:57 +0200)]
qxl: lock current_async update in qxl_soft_reset

This should fix a defect report from Coverity.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
8 years agocirrus_vga: fix off-by-one in blit_region_is_unsafe
Paolo Bonzini [Wed, 10 Feb 2016 16:17:39 +0000 (17:17 +0100)]
cirrus_vga: fix off-by-one in blit_region_is_unsafe

The "max" value is being compared with >=, but addr + width points to
the first byte that will _not_ be copied.  Laszlo suggested using a
"greater than" comparison, instead of subtracting one like it is
already done above for the height, so that max remains always positive.

The mistake is "safe"---it will reject some blits, but will never cause
out-of-bounds writes.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-id: 1455121059-18280-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoiotests/124: Add cluster_size mismatch test
John Snow [Thu, 25 Feb 2016 20:58:31 +0000 (15:58 -0500)]
iotests/124: Add cluster_size mismatch test

If a backing file isn't specified in the target image and the
cluster_size is larger than the bitmap granularity, we run the risk of
creating bitmaps with allocated clusters but empty/no data which will
prevent the proper reading of the backup in the future.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 1456433911-24718-4-git-send-email-jsnow@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
8 years agoblock/backup: avoid copying less than full target clusters
John Snow [Thu, 25 Feb 2016 20:58:30 +0000 (15:58 -0500)]
block/backup: avoid copying less than full target clusters

During incremental backups, if the target has a cluster size that is
larger than the backup cluster size and we are backing up to a target
that cannot (for whichever reason) pull clusters up from a backing image,
we may inadvertantly create unusable incremental backup images.

For example:

If the bitmap tracks changes at a 64KB granularity and we transmit 64KB
of data at a time but the target uses a 128KB cluster size, it is
possible that only half of a target cluster will be recognized as dirty
by the backup block job. When the cluster is allocated on the target
image but only half populated with data, we lose the ability to
distinguish between zero padding and uninitialized data.

This does not happen if the target image has a backing file that points
to the last known good backup.

Even if we have a backing file, though, it's likely going to be faster
to just buffer the redundant data ourselves from the live image than
fetching it from the backing file, so let's just always round up to the
target granularity.

The same logic applies to backup modes top, none, and full. Copying
fractional clusters without the guarantee of COW is dangerous, but even
if we can rely on COW, it's likely better to just re-copy the data.

Reported-by: Fam Zheng <famz@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 1456433911-24718-3-git-send-email-jsnow@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
8 years agoblock/backup: make backup cluster size configurable
John Snow [Thu, 25 Feb 2016 20:58:29 +0000 (15:58 -0500)]
block/backup: make backup cluster size configurable

64K might not always be appropriate, make this a runtime value.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 1456433911-24718-2-git-send-email-jsnow@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
8 years agomirror: Add mirror_wait_for_io
Fam Zheng [Fri, 5 Feb 2016 02:00:30 +0000 (10:00 +0800)]
mirror: Add mirror_wait_for_io

The three lines are duplicated a number of times now, refactor a
function.

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 1454637630-10585-3-git-send-email-famz@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
8 years agomirror: Rewrite mirror_iteration
Fam Zheng [Fri, 5 Feb 2016 02:00:29 +0000 (10:00 +0800)]
mirror: Rewrite mirror_iteration

The "pnum < nb_sectors" condition in deciding whether to actually copy
data is unnecessarily strict, and the qiov initialization is
unnecessarily for bdrv_aio_write_zeroes and bdrv_aio_discard.

Rewrite mirror_iteration to fix both flaws.

The output of iotests 109 is updated because we now report the offset
and len slightly differently in mirroring progress.

Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 1454637630-10585-2-git-send-email-famz@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
8 years agovhdx: Simplify vhdx_set_shift_bits()
Max Reitz [Fri, 18 Dec 2015 15:04:26 +0000 (16:04 +0100)]
vhdx: Simplify vhdx_set_shift_bits()

For values which are powers of two (and we do assume all of these to
be), sizeof(x) * 8 - 1 - clz(x) == ctz(x). Therefore, use ctz().

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 1450451066-13335-3-git-send-email-mreitz@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
8 years agovhdx: DIV_ROUND_UP() in vhdx_calc_bat_entries()
Max Reitz [Fri, 18 Dec 2015 15:04:25 +0000 (16:04 +0100)]
vhdx: DIV_ROUND_UP() in vhdx_calc_bat_entries()

We have DIV_ROUND_UP(), so we can use it to produce more easily readable
code. It may be slower than the bit shifting currently performed
(because it actually performs a division), but since
vhdx_calc_bat_entries() is never used in a hot path, this is completely
fine.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 1450451066-13335-2-git-send-email-mreitz@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
8 years agoiscsi: add support for getting CHAP password via QCryptoSecret API
Daniel P. Berrange [Thu, 21 Jan 2016 14:19:21 +0000 (14:19 +0000)]
iscsi: add support for getting CHAP password via QCryptoSecret API

The iSCSI driver currently accepts the CHAP password in plain text
as a block driver property. This change adds a new "password-secret"
property that accepts the ID of a QCryptoSecret instance.

  $QEMU \
     -object secret,id=sec0,filename=/home/berrange/example.pw \
     -drive driver=iscsi,url=iscsi://example.com/target-foo/lun1,\
            user=dan,password-secret=sec0

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1453385961-10718-4-git-send-email-berrange@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
8 years agocurl: add support for HTTP authentication parameters
Daniel P. Berrange [Thu, 21 Jan 2016 14:19:20 +0000 (14:19 +0000)]
curl: add support for HTTP authentication parameters

If connecting to a web server which has authentication
turned on, QEMU gets a 401 as curl has not been configured
with any authentication credentials.

This adds 4 new parameters to the curl block driver
options 'username', 'password-secret', 'proxy-username'
and 'proxy-password-secret'. Passwords are provided using
the recently added 'secret' object type

 $QEMU \
     -object secret,id=sec0,filename=/home/berrange/example.pw \
     -object secret,id=sec1,filename=/home/berrange/proxy.pw \
     -drive driver=http,url=http://example.com/some.img,\
            username=dan,password-secret=sec0,\
            proxy-username=dan,proxy-password-secret=sec1

Of course it is possible to use the same secret for both the
proxy & server passwords if desired, or omit the proxy auth
details, or the server auth details as required.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1453385961-10718-3-git-send-email-berrange@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
8 years agorbd: add support for getting password from QCryptoSecret object
Daniel P. Berrange [Thu, 21 Jan 2016 14:19:19 +0000 (14:19 +0000)]
rbd: add support for getting password from QCryptoSecret object

Currently RBD passwords must be provided on the command line
via

  $QEMU -drive file=rbd:pool/image:id=myname:\
               key=QVFDVm41aE82SHpGQWhBQXEwTkN2OGp0SmNJY0UrSE9CbE1RMUE=:\
               auth_supported=cephx

This is insecure because the key is visible in the OS process
listing.

This adds support for an 'password-secret' parameter in the RBD
parameters that can be used with the QCryptoSecret object to
provide the password via a file:

  echo "QVFDVm41aE82SHpGQWhBQXEwTkN2OGp0SmNJY0UrSE9CbE1RMUE=" > poolkey.b64
  $QEMU -object secret,id=secret0,file=poolkey.b64,format=base64 \
        -drive driver=rbd,filename=rbd:pool/image:id=myname:\
               auth_supported=cephx,password-secret=secret0

Reviewed-by: Josh Durgin <jdurgin@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1453385961-10718-2-git-send-email-berrange@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
8 years agosheepdog: allow to delete snapshot
Vasiliy Tolstov [Wed, 23 Dec 2015 12:22:26 +0000 (21:22 +0900)]
sheepdog: allow to delete snapshot

This patch implements a blockdriver function bdrv_snapshot_delete() in
the sheepdog driver. With the new function, snapshots of sheepdog can
be deleted from libvirt.

Cc: Jeff Cody <jcody@redhat.com>
Signed-off-by: Hitoshi Mitake <mitake.hitoshi@lab.ntt.co.jp>
Signed-off-by: Vasiliy Tolstov <v.tolstov@selfip.ru>
Message-id: 1450873346-22334-1-git-send-email-mitake.hitoshi@lab.ntt.co.jp
Signed-off-by: Jeff Cody <jcody@redhat.com>
8 years agoblock/nfs: add support for setting debug level
Peter Lieven [Mon, 9 Nov 2015 07:09:33 +0000 (08:09 +0100)]
block/nfs: add support for setting debug level

recent libnfs versions support logging debug messages. Add
support for it in qemu through an URL parameter.

Example:
 qemu -cdrom nfs://127.0.0.1/iso/my.iso?debug=2

Signed-off-by: Peter Lieven <pl@kamp.de>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 1447052973-14513-1-git-send-email-pl@kamp.de
Signed-off-by: Jeff Cody <jcody@redhat.com>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20160229-1' into staging
Peter Maydell [Mon, 29 Feb 2016 12:24:26 +0000 (12:24 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20160229-1' into staging

usb: redirect bugfix, MAINTAINERS update.

# gpg: Signature made Mon 29 Feb 2016 11:09:54 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-usb-20160229-1:
  usb-redirect: Avoid double free of data
  MAINTAINERS: Add some missing entries for USB related files

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20160229-1' into staging
Peter Maydell [Mon, 29 Feb 2016 11:49:50 +0000 (11:49 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20160229-1' into staging

ui: spice dmabuf fix, MAINTAINERS updates.

# gpg: Signature made Mon 29 Feb 2016 10:41:15 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-ui-20160229-1:
  MAINTAINERS: Add an entry for the include/ui/ folder
  MAINTAINERS: Add spice-display.h to the SPICE section
  spice/gl: Enable dmabuf only for spice >= 0.13.1

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-fw-cfg-20160226-1' into staging
Peter Maydell [Mon, 29 Feb 2016 11:24:36 +0000 (11:24 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-fw-cfg-20160226-1' into staging

fw_cfg: unbreak migration compatibility for 2.4 and earlier machines

# gpg: Signature made Fri 26 Feb 2016 09:45:50 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-fw-cfg-20160226-1:
  fw_cfg: unbreak migration compatibility for 2.4 and earlier machines

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.6-20160229' into staging
Peter Maydell [Mon, 29 Feb 2016 10:51:11 +0000 (10:51 +0000)]
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.6-20160229' into staging

ppc patch queue for 2016-02-29

Some more accumulated patches for target-ppc, pseries machine type and
related devices to fit in before the qemu-2.6 soft freeze.
    * Mostly bugfixes and small cleanups for spapr and Mac platforms

# gpg: Signature made Mon 29 Feb 2016 06:56:34 GMT using RSA key ID 20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-2.6-20160229:
  xics: report errors with the QEMU Error API
  migration: allow machine to enforce configuration section migration
  spapr: skip configuration section during migration of older machines
  dbdma: warn when using unassigned channel
  spapr: disable vmdesc submission for old machines
  spapr_pci: fix irq leak in RTAS ibm,change-msi
  spapr_pci: kill useless variable in rtas_ibm_change_msi()
  spapr_rng: disable hotpluggability

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agousb-redirect: Avoid double free of data
Fam Zheng [Wed, 24 Feb 2016 08:08:08 +0000 (16:08 +0800)]
usb-redirect: Avoid double free of data

If dropping packets, data is freed, the caller's loop should not continue.

Reported by ccc-analyzer.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1456301288-1592-1-git-send-email-famz@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoMAINTAINERS: Add some missing entries for USB related files
Thomas Huth [Thu, 25 Feb 2016 09:36:05 +0000 (10:36 +0100)]
MAINTAINERS: Add some missing entries for USB related files

USB-related docs and include files should go into the USB
section of the MAINTAINERS file.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-id: 1456392967-20274-2-git-send-email-thuth@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoMAINTAINERS: Add an entry for the include/ui/ folder
Thomas Huth [Thu, 25 Feb 2016 09:36:07 +0000 (10:36 +0100)]
MAINTAINERS: Add an entry for the include/ui/ folder

The ui/ folder is listed in the "Graphics" section, so I think
the "include/ui/" folder should be listed there, too.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-id: 1456392967-20274-4-git-send-email-thuth@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoMAINTAINERS: Add spice-display.h to the SPICE section
Thomas Huth [Thu, 25 Feb 2016 09:36:06 +0000 (10:36 +0100)]
MAINTAINERS: Add spice-display.h to the SPICE section

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-id: 1456392967-20274-3-git-send-email-thuth@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agospice/gl: Enable dmabuf only for spice >= 0.13.1
Michal Privoznik [Wed, 24 Feb 2016 12:42:18 +0000 (13:42 +0100)]
spice/gl: Enable dmabuf only for spice >= 0.13.1

After 474114b7 the dmabuf feature is enabled whenever spice
greater than or equal to spice 0.13.0 is found. This is because
two new functions are required: spice_qxl_gl_scanout and
spice_qxl_gl_draw_async. These were, however, introduce in 0.13.1
release. Well, technically they haven't been released yet, but
for sure they are not going to be part of 0.13.0 release (for the
ABI stability sake).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Message-id: 1a724e97cb587624d6f6009c15395496bccfa32b.1456317738.git.mprivozn@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
8 years agoxics: report errors with the QEMU Error API
Greg Kurz [Fri, 26 Feb 2016 09:44:07 +0000 (10:44 +0100)]
xics: report errors with the QEMU Error API

Using the return value to report errors is error prone:
- xics_alloc() returns -1 on error but spapr_vio_busdev_realize() errors
  on 0
- xics_alloc_block() returns the unclear value of ics->offset - 1 on error
  but both rtas_ibm_change_msi() and spapr_phb_realize() error on 0

This patch adds an errp argument to xics_alloc() and xics_alloc_block() to
report errors. The return value of these functions is a valid IRQ number
if errp is NULL. It is undefined otherwise.

The corresponding error traces get promotted to error messages. Note that
the "can't allocate IRQ" error message in spapr_vio_busdev_realize() also
moves to xics_alloc(). Similar error message consolidation isn't really
applicable to xics_alloc_block() because callers have extra context (device
config address, MSI or MSIX).

This fixes the issues mentioned above.

Based on previous work from Brian W. Hart.

Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
8 years agomigration: allow machine to enforce configuration section migration
Greg Kurz [Thu, 18 Feb 2016 11:32:25 +0000 (12:32 +0100)]
migration: allow machine to enforce configuration section migration

Migration of pseries-2.3 doesn't have configuration section. Unfortunately,
QEMU 2.4/2.4.1/2.5 are buggy and always stream and expect the configuration
section, and break migration both ways.

This patch introduces a property which allows to enforce a configuration
section for machines who don't have one.

It can be set at startup:

-machine enforce-config-section=on

or later from the QEMU monitor:

qom-set /machine enforce-config-section on

It is up to the tooling to set or unset this property according to the
version of the QEMU at the other end of the pipe.

Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
8 years agospapr: skip configuration section during migration of older machines
Greg Kurz [Thu, 18 Feb 2016 11:32:18 +0000 (12:32 +0100)]
spapr: skip configuration section during migration of older machines

Since QEMU 2.4, we have a configuration section in the migration stream.
This must be skipped for older machines, like it is already done for x86.

This patch fixes the migration of pseries-2.3 from/to QEMU 2.3, but it
breaks migration of the same machine from/to QEMU 2.4/2.4.1/2.5. We do
that anyway because QEMU 2.3 is likely to be more widely deployed than
newer QEMU versions.

Fixes: 61964c23e5ddd5a33f15699e45ce126f879e3e33
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
8 years agodbdma: warn when using unassigned channel
Hervé Poussineau [Thu, 25 Feb 2016 12:02:11 +0000 (13:02 +0100)]
dbdma: warn when using unassigned channel

With this, it's easier to know if a guest uses an invalid and/or unimplemented
DMA channel.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Acked-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
8 years agospapr: disable vmdesc submission for old machines
Greg Kurz [Tue, 23 Feb 2016 16:47:59 +0000 (17:47 +0100)]
spapr: disable vmdesc submission for old machines

Since QEMU 2.3, we have a vmdesc section in the migration stream.
This section is not mandatory but when migrating a pseries-2.2
machine from QEMU 2.2, you get a warning at the destination:

qemu-system-ppc64: Expected vmdescription section, but got 0

The warning goes away if we decide to skip vmdesc as well for
older pseries, like it is already done for pc's.

This can only be observed with -cpu POWER7 because POWER8
cannot migrate from QEMU 2.2 to 2.3 (insns_flags2 mismatch).

Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
8 years agospapr_pci: fix irq leak in RTAS ibm,change-msi
Greg Kurz [Thu, 25 Feb 2016 18:02:18 +0000 (19:02 +0100)]
spapr_pci: fix irq leak in RTAS ibm,change-msi

This RTAS call is used to request new interrupts or to free all interrupts.

If the driver has already allocated interrupts and asks again for a non-null
number of irqs, then the rtas_ibm_change_msi() function will silently leak
the previous interrupts.

It happens because xics_free() is only called when the driver releases all
interrupts (!req_num case). Note that the previously allocated spapr_pci_msi
is not leaked because the GHashTable is created with destroy functions and
g_hash_table_insert() hence frees the old value.

This patch makes sure any previously allocated MSIs are released when a
new allocation succeeds.

Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
8 years agospapr_pci: kill useless variable in rtas_ibm_change_msi()
Greg Kurz [Thu, 25 Feb 2016 18:02:12 +0000 (19:02 +0100)]
spapr_pci: kill useless variable in rtas_ibm_change_msi()

The num local variable is initialized to zero and has no writer.

Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
8 years agospapr_rng: disable hotpluggability
Greg Kurz [Thu, 25 Feb 2016 11:08:00 +0000 (12:08 +0100)]
spapr_rng: disable hotpluggability

It is currently possible to hotplug a spapr_rng device but QEMU crashes
when we try to hot unplug:

ERROR:hw/core/qdev.c:295:qdev_unplug: assertion failed: (hotplug_ctrl)
Aborted

This happens because spapr_rng isn't plugged to any bus and sPAPR does
not provide hotplug support for it: qdev_get_hotplug_handler() hence
return NULL and we hit the assertion.

And anyway, it doesn't make much sense to unplug this device since hcalls
cannot be unregistered. Even the idea of hotplugging a RNG device instead
of declaring it on the QEMU command line looks weird.

This patch simply disables hotpluggability for the spapr-rng class.

Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
8 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160226' into...
Peter Maydell [Fri, 26 Feb 2016 16:02:00 +0000 (16:02 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160226' into staging

target-arm queue:
 * Clean up handling of bad mode switches writing to CPSR, and implement
   the ARMv8 requirement that they set PSTATE.IL
 * Implement MDCR_EL3.TPM and MDCR_EL2.TPM traps on perf monitor
   register accesses
 * Don't implement stellaris-pl061-only registers on generic-pl061
 * Fix SD card handling for raspi
 * Add missing include files to MAINTAINERS
 * Mark CNTHP_TVAL_EL2 as ARM_CP_NO_RAW
 * Make reserved ranges in ID_AA64* spaces RAZ, not UNDEF

# gpg: Signature made Fri 26 Feb 2016 15:19:07 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"

* remotes/pmaydell/tags/pull-target-arm-20160226:
  target-arm: Make reserved ranges in ID_AA64* spaces RAZ, not UNDEF
  target-arm: Mark CNTHP_TVAL_EL2 as ARM_CP_NO_RAW
  sdhci: add quirk property for card insert interrupt status on Raspberry Pi
  sdhci: Revert "add optional quirk property to disable card insertion/removal interrupts"
  MAINTAINERS: Add some missing ARM related header files
  raspi: fix SD card with recent sdhci changes
  ARM: PL061: Checking register r/w accesses to reserved area
  target-arm: Implement MDCR_EL3.TPM and MDCR_EL2.TPM traps
  target-arm: Fix handling of SDCR for 32-bit code
  target-arm: Make Monitor->NS PL1 mode changes illegal if HCR.TGE is 1
  target-arm: Make mode switches from Hyp via CPS and MRS illegal
  target-arm: In v8, make illegal AArch32 mode changes set PSTATE.IL
  target-arm: Forbid mode switch to Mon from Secure EL1
  target-arm: Add Hyp mode checks to bad_mode_switch()
  target-arm: Add comment about not implementing NSACR.RFR
  target-arm: In cpsr_write() ignore mode switches from User mode
  linux-user: Use restrictive mask when calling cpsr_write()
  target-arm: Raw CPSR writes should skip checks and bank switching
  target-arm: Add write_type argument to cpsr_write()
  target-arm: Give CPSR setting on 32-bit exception return its own helper

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMerge remote-tracking branch 'remotes/amit-migration/tags/migration-for-2.6-5' into...
Peter Maydell [Fri, 26 Feb 2016 15:21:26 +0000 (15:21 +0000)]
Merge remote-tracking branch 'remotes/amit-migration/tags/migration-for-2.6-5' into staging

migration pull
 - fix a qcow2 assert
 - fix for older distros (CentOS 5)
 - documentation for vmstate flags
 - minor code rearrangement

# gpg: Signature made Fri 26 Feb 2016 15:15:15 GMT using RSA key ID 854083B6
# gpg: Good signature from "Amit Shah <amit@amitshah.net>"
# gpg:                 aka "Amit Shah <amit@kernel.org>"
# gpg:                 aka "Amit Shah <amitshah@gmx.net>"

* remotes/amit-migration/tags/migration-for-2.6-5:
  migration (postcopy): move bdrv_invalidate_cache_all of of coroutine context
  migration (ordinary): move bdrv_invalidate_cache_all of of coroutine context
  migration/vmstate: document VMStateFlags
  MAINTAINERS: Add docs/migration.txt to the "Migration" section
  migration/postcopy-ram: Guard use of sys/eventfd.h with CONFIG_EVENTFD
  migration: reorder code to make it symmetric

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agomigration (postcopy): move bdrv_invalidate_cache_all of of coroutine context
Denis V. Lunev [Wed, 24 Feb 2016 08:53:39 +0000 (11:53 +0300)]
migration (postcopy): move bdrv_invalidate_cache_all of of coroutine context

There is a possibility to hit an assert in qcow2_get_specific_info that
s->qcow_version is undefined. This happens when VM in starting from
suspended state, i.e. it processes incoming migration, and in the same
time 'info block' is called.

The problem is that qcow2_invalidate_cache() closes the image and
memset()s BDRVQcowState in the middle.

The patch moves processing of bdrv_invalidate_cache_all out of
coroutine context for postcopy migration to avoid that. This function
is called with the following stack:
  process_incoming_migration_co
  qemu_loadvm_state
  qemu_loadvm_state_main
  loadvm_process_command
  loadvm_postcopy_handle_run

Signed-off-by: Denis V. Lunev <den@openvz.org>
Tested-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Juan Quintela <quintela@redhat.com>
CC: Amit Shah <amit.shah@redhat.com>
Message-Id: <1456304019-10507-3-git-send-email-den@openvz.org>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agomigration (ordinary): move bdrv_invalidate_cache_all of of coroutine context
Denis V. Lunev [Wed, 24 Feb 2016 08:53:38 +0000 (11:53 +0300)]
migration (ordinary): move bdrv_invalidate_cache_all of of coroutine context

There is a possibility to hit an assert in qcow2_get_specific_info that
s->qcow_version is undefined. This happens when VM in starting from
suspended state, i.e. it processes incoming migration, and in the same
time 'info block' is called.

The problem is that qcow2_invalidate_cache() closes the image and
memset()s BDRVQcowState in the middle.

The patch moves processing of bdrv_invalidate_cache_all out of
coroutine context for standard migration to avoid that.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Fam Zheng <famz@redhat.com>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Juan Quintela <quintela@redhat.com>
CC: Amit Shah <amit.shah@redhat.com>
Message-Id: <1456304019-10507-2-git-send-email-den@openvz.org>

[Amit: Fix a use-after-free bug]

Signed-off-by: Amit Shah <amit.shah@redhat.com>
8 years agotarget-arm: Make reserved ranges in ID_AA64* spaces RAZ, not UNDEF
Peter Maydell [Fri, 19 Feb 2016 14:07:43 +0000 (14:07 +0000)]
target-arm: Make reserved ranges in ID_AA64* spaces RAZ, not UNDEF

The v8 ARM ARM defines that unused spaces in the ID_AA64* system
register ranges are Reserved and must RAZ, rather than being UNDEF.
Implement this.

In particular, ARM v8.2 adds a new feature register ID_AA64MMFR2,
and newer versions of the Linux kernel will attempt to read this,
which causes them not to boot up on versions of QEMU missing this fix.

Since the encoding .opc0 = 3, .opc1 = 0, .crn = 0, .crm = 2, .opc2 = 6
is actually defined in ARMv8 (as ID_MMFR4), we give it an entry in
the ARMCPU struct so CPUs can override it, though since none do
this too will just RAZ.

Cc: qemu-stable@nongnu.org
Reported-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1455890863-11203-1-git-send-email-peter.maydell@linaro.org
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
8 years agotarget-arm: Mark CNTHP_TVAL_EL2 as ARM_CP_NO_RAW
Edgar E. Iglesias [Fri, 26 Feb 2016 12:45:39 +0000 (13:45 +0100)]
target-arm: Mark CNTHP_TVAL_EL2 as ARM_CP_NO_RAW

Mark CNTHP_TVAL_EL2 as ARM_CP_NO_RAW due to the register not
having any underlying state. This fixes an issue with booting
KVM enabled kernels when EL2 is on.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1456490739-19343-1-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agosdhci: add quirk property for card insert interrupt status on Raspberry Pi
Andrew Baumann [Thu, 25 Feb 2016 21:35:30 +0000 (13:35 -0800)]
sdhci: add quirk property for card insert interrupt status on Raspberry Pi

This quirk is a workaround for the following hardware behaviour, on
which UEFI (specifically, the bootloader for Windows on Pi2) depends:

1. at boot with an SD card present, the interrupt status/enable
   registers are initially zero
2. upon enabling it in the interrupt enable register, the card insert
   bit in the interrupt status register is immediately set
3. after a subsequent controller reset, the card insert interrupt does
   not fire, even if enabled in the interrupt enable register

Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Message-id: 1456436130-7048-3-git-send-email-Andrew.Baumann@microsoft.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agosdhci: Revert "add optional quirk property to disable card insertion/removal interrupts"
Andrew Baumann [Thu, 25 Feb 2016 21:35:29 +0000 (13:35 -0800)]
sdhci: Revert "add optional quirk property to disable card insertion/removal interrupts"

This reverts commit 723697551a7e926abe7d3c7f2966012b8075143d.

This change was poorly tested on my part. It squelched card insertion
interrupts on reset, but that was not necessary because sdhci_reset()
clears all the registers (via the call to memset), so the subsequent
sdhci_insert_eject_cb() call never sees the card insert interrupt
enabled. However, not calling the insert_eject_cb results in prnsts
remaining 0, when it actually needs to be updated to indicate card
presence and R/O status.

Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Message-id: 1456436130-7048-2-git-send-email-Andrew.Baumann@microsoft.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoMAINTAINERS: Add some missing ARM related header files
Thomas Huth [Thu, 25 Feb 2016 11:22:04 +0000 (12:22 +0100)]
MAINTAINERS: Add some missing ARM related header files

Some header files in the include/hw/arm/ directory can be assigned
to entries in the MAINTAINERS file.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-id: 1456399324-24259-1-git-send-email-thuth@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoraspi: fix SD card with recent sdhci changes
Andrew Baumann [Wed, 24 Feb 2016 21:58:48 +0000 (13:58 -0800)]
raspi: fix SD card with recent sdhci changes

Recent changes to sdhci broke SD on raspi. This change mirrors
the logic to create the SD card device at the board level.

Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
Message-id: 1456351128-5560-1-git-send-email-Andrew.Baumann@microsoft.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agoARM: PL061: Checking register r/w accesses to reserved area
Wei Huang [Thu, 18 Feb 2016 16:56:20 +0000 (11:56 -0500)]
ARM: PL061: Checking register r/w accesses to reserved area

pl061.c emulates two GPIO devices, ARM PL061 and TI Stellaris, which
share the same read/write functions (pl061_read and pl061_write).
However PL061 and Stellaris have different GPIO register definitions
and pl061_read()/pl061_write() doesn't check it. This patch enforces
checking on offset, preventing R/W into the reserved memory area.

Signed-off-by: Wei Huang <wei@redhat.com>
Message-id: 1455814580-17699-1-git-send-email-wei@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8 years agotarget-arm: Implement MDCR_EL3.TPM and MDCR_EL2.TPM traps
Peter Maydell [Fri, 19 Feb 2016 14:39:44 +0000 (14:39 +0000)]
target-arm: Implement MDCR_EL3.TPM and MDCR_EL2.TPM traps

Implement the performance monitor register traps controlled
by MDCR_EL3.TPM and MDCR_EL2.TPM. Most of the performance
registers already have an access function to deal with the
user-enable bit, and the TPM checks can be added there. We
also need a new access function which only implements the
TPM checks for use by the few not-EL0-accessible registers
and by PMUSERENR_EL0 (which is always EL0-readable).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1455892784-11328-3-git-send-email-peter.maydell@linaro.org
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Acked-by: Alistair Francis <alistair.francis@xilinx.com>
8 years agotarget-arm: Fix handling of SDCR for 32-bit code
Peter Maydell [Fri, 19 Feb 2016 14:39:43 +0000 (14:39 +0000)]
target-arm: Fix handling of SDCR for 32-bit code

Fix two issues with our implementation of the SDCR:
 * it is only present from ARMv8 onwards
 * it does not contain several of the trap bits present in its 64-bit
   counterpart the MDCR_EL3

Put the register description in the right place so that it does not
get enabled for ARMv7 and earlier, and give it a write function so that
we can mask out the bits which should not be allowed to have an effect
if EL3 is 32-bit.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1455892784-11328-2-git-send-email-peter.maydell@linaro.org
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Acked-by: Alistair Francis <alistair.francis@xilinx.com>
8 years agotarget-arm: Make Monitor->NS PL1 mode changes illegal if HCR.TGE is 1
Peter Maydell [Tue, 23 Feb 2016 15:36:44 +0000 (15:36 +0000)]
target-arm: Make Monitor->NS PL1 mode changes illegal if HCR.TGE is 1

If HCR.TGE is 1 then mode changes via CPS and MSR from Monitor to
NonSecure PL1 modes are illegal mode changes. Implement this check
in bad_mode_switch().

(We don't currently implement HCR.TGE, but this is the only missing
check from the v8 ARM ARM G1.9.3 and so it's worth adding now; the
rest of the HCR.TGE checks can be added later as necessary.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1455556977-3644-12-git-send-email-peter.maydell@linaro.org

8 years agotarget-arm: Make mode switches from Hyp via CPS and MRS illegal
Peter Maydell [Tue, 23 Feb 2016 15:36:44 +0000 (15:36 +0000)]
target-arm: Make mode switches from Hyp via CPS and MRS illegal

Mode switches from Hyp to any other mode via the CPS and MRS
instructions are illegal mode switches (though obviously switching
via exception return is valid).  Add this check to bad_mode_switch().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1455556977-3644-11-git-send-email-peter.maydell@linaro.org

8 years agotarget-arm: In v8, make illegal AArch32 mode changes set PSTATE.IL
Peter Maydell [Tue, 23 Feb 2016 15:36:44 +0000 (15:36 +0000)]
target-arm: In v8, make illegal AArch32 mode changes set PSTATE.IL

In v8, the illegal mode changes which are UNPREDICTABLE in v7 are
given architected behaviour:
 * the mode field is unchanged
 * PSTATE.IL is set (so any subsequent instructions will UNDEF)
 * any other CPSR fields are written to as normal

This is pretty much the same behaviour we picked for our
UNPREDICTABLE handling, with the exception that for v8 we
need to set the IL bit.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1455556977-3644-10-git-send-email-peter.maydell@linaro.org

8 years agotarget-arm: Forbid mode switch to Mon from Secure EL1
Peter Maydell [Tue, 23 Feb 2016 15:36:44 +0000 (15:36 +0000)]
target-arm: Forbid mode switch to Mon from Secure EL1

In v8 trying to switch mode to Mon from Secure EL1 is an
illegal mode switch. (In v7 this is impossible as all secure
modes except User are at EL3.) We can handle this case by
making a switch to Mon valid only if the current EL is 3,
which then gives the correct answer whether EL3 is AArch32
or AArch64.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1455556977-3644-9-git-send-email-peter.maydell@linaro.org

8 years agotarget-arm: Add Hyp mode checks to bad_mode_switch()
Peter Maydell [Tue, 23 Feb 2016 15:36:44 +0000 (15:36 +0000)]
target-arm: Add Hyp mode checks to bad_mode_switch()

We don't actually support Hyp mode yet, but add the correct
checks for it to the bad_mode_switch() function for completeness.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1455556977-3644-8-git-send-email-peter.maydell@linaro.org

8 years agotarget-arm: Add comment about not implementing NSACR.RFR
Peter Maydell [Tue, 23 Feb 2016 15:36:44 +0000 (15:36 +0000)]
target-arm: Add comment about not implementing NSACR.RFR

QEMU doesn't implement the NSACR.RFR bit, which is a permitted
IMPDEF in choice in ARMv7 and the only permitted choice in ARMv8.
Add a comment to bad_mode_switch() to note that this is why
FIQ is always a valid mode regardless of the CPU's Secure state.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1455556977-3644-7-git-send-email-peter.maydell@linaro.org