review.tizen.org Git - sdk/emulator/qemu.git/log

Update OpenBIOS images

Update OpenBIOS images to SVN r1340 built from submodule.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>

Merge remote-tracking branch 'remotes/agraf/tags/signed-s390-for-upstream' into staging

Patch queue for s390 - 2015-06-17

This is a special one. Two awesome features in one pull request:

  - CCW support for TCG
  - Watchpoint support for TCG

To celebrate this, we also switch the default machine model from s390-virtio
to s390-ccw and give users a fully working s390x model again!

# gpg: Signature made Wed Jun 17 11:42:26 2015 BST using RSA key ID 03FEDC60
# gpg: Good signature from "Alexander Graf <agraf@suse.de>"
# gpg:                 aka "Alexander Graf <alex@csgraf.de>"

* remotes/agraf/tags/signed-s390-for-upstream: (26 commits)
  s390x: Switch to s390-ccw machine as default
  target-s390x: PER: add Breaking-Event-Address register
  target-s390x: PER instruction-fetch nullification event support
  target-s390x: PER store-using-real-address event support
  target-s390x: PER storage-alteration event support
  translate-all: fix watchpoints if retranslation not possible
  target-s390x: PER instruction-fetch event support
  target-s390x: PER successful-branching event support
  target-s390x: basic PER event handling
  target-s390x: add get_per_in_range function
  target-s390x: add get_per_atmid function
  target-s390x: add PER related constants
  target-s390x: mvc_fast_memmove: access memory through softmmu
  target-s390x: mvc_fast_memset: access memory through softmmu
  target-s390x: function to adjust the length wrt page boundary
  softmmu: provide tlb_vaddr_to_host function for user mode
  target-s390x: wire up I/O instructions in TCG mode
  target-s390x: wire up DIAG REIPL in TCG mode
  target-s390x: wire up DIAG IPL in TCG mode
  target-s390x: fix s390_cpu_initial_reset
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

s390x: Switch to s390-ccw machine as default

We now finally have TCG support for the basic set of instructions necessary
to run the s390-ccw machine. That means in any aspect possible that machine
type is now superior to the legacy s390-virtio machine.

Switch over to the ccw machine as default. That way people don't get a halfway
broken machine with the s390x target.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>

target-s390x: PER: add Breaking-Event-Address register

This patch adds support for PER Breaking-Event-Address register. Like
real hardware, it save the current PSW address when the PSW address is
changed by an instruction. We have to take care of optimizations QEMU
does, a branch to the next instruction is still a branch.

This register is copied to low core memory when a program exception
happens.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: PER instruction-fetch nullification event support

For the instruction-fetch nullification event, we just reuse the
existing instruction-fetch code and trigger the exception immediately
in that case.

There is no need to save the CPU state in the TCG code as it has been
saved by the previous instruction before calling the per_check_exception
helper.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: PER store-using-real-address event support

This PER event happens each time the STURA or STURG instructions are
used. As they use helpers, we can just save the event in the PER code
there, if enabled.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: PER storage-alteration event support

For the PER storage-alteration event we can use the QEMU watchpoint
infrastructure. When PER is enabled or PER control register changed we
enable the corresponding watchpoints. When a watchpoint arises we can
save the event. Unfortunately the current code does not provide the
address space used to trigger the watchpoint. For now we assume it comes
from the default ASC.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

translate-all: fix watchpoints if retranslation not possible

The tb_check_watchpoint function currently assumes that all memory
access is done either directly through the TCG code or through an
helper which knows its return address. This is obviously wrong as the
helpers use cpu_ldxx/stxx_data functions to access the memory.

Instead of aborting in that case, don't try to retranslate the code, but
assume that the CPU state (and especially the program counter) has been
saved before calling the helper. Then invalidate the TB based on this
address.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: PER instruction-fetch event support

For the PER instruction-fetch, we can't use the QEMU breakpoint
infrastructure as it triggers for a single address and not a full
address range, and as it actually stop before the instruction and
not before.

We therefore call an helper with the just fetched instruction address,
which check if the address is within the PER address range. If it is
the case, an event is recorded and will be signaled through an
exception.

Note that we implement here the PER-3 behaviour, that is an invalid
opcode is not considered as an instruction fetch. Without PER-3 this
behavious is undefined.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: PER successful-branching event support

For the PER successful-branching event support, we can't rely on any
QEMU infrastucture. We therefore call an helper in all places where
a branch can be taken. We have to pay attention to the branch to next
case, as it's still a taken branch.

We don't need to care about the cases using goto_tb, as we have disabled
them in the previous patch.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: basic PER event handling

This patch add basic support to generate PER exceptions. It adds two
fields to the cpu structure to record for the PER address and PER
code & ATMID values. When an exception is triggered and a PER event is
pending, the two PER values are copied to the lowcore area.

At the end of an instruction, an helper is checking for a possible
pending PER event and triggers an exception in that case. For that to
work with branches, we need to disable TB chaining when PER is
activated. Fortunately it's already in the TB flags.

Finally in case of a SERVICE CALL exception, we need to trigger the PER
exception immediately after.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: add get_per_in_range function

This function checks if an address is in between the PER starting
address and the PER ending address, taking care of a possible
address range loop.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: add get_per_atmid function

This function returns the ATMID field that is stored in the
per_perc_atmid lowcore entry.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: add PER related constants

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: mvc_fast_memmove: access memory through softmmu

mvc_fast_memmove is bypassing the softmmu functions, getting the
physical source and destination addresses using the mmu_translate
function and accessing the corresponding physical memory. This
prevents watchpoints to work correctly.

Instead use the tlb_vaddr_to_host function to get the host addresses
corresponding to the guest source and destination addresses through the
softmmu code and fallback to the byte level code in case the
corresponding address are not in the QEMU TLB or being examined through
a watchpoint. As a bonus it works even for area crossing pages by
splitting the are into chunks contained in a single page, bringing some
performances improvements. We can therefore remove the 8-byte
loads/stores method, as it is now quite unlikely to be used.

At the same time change the name of the function to fast_memmove as it's
not specific to mvc and use the same argument order as the C memmove
function.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: mvc_fast_memset: access memory through softmmu

mvc_fast_memset is bypassing the softmmu functions, getting the
physical address using the mmu_translate function and accessing the
corresponding physical memory. This prevents watchpoints to work
correctly.

Instead use the tlb_vaddr_to_host function to get the host address
corresponding to the guest address through the softmmu code and fallback
to the byte level code in case the corresponding address is not in the
QEMU TLB or being examined through a watchpoint. As a bonus it works
even for area crossing pages by splitting the are into chunks contained
in a single page, bringing some performances improvements.

At the same time change the name of the function to fast_memset as it's
not specific to mvc and use the same argument order as the C memset
function.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: function to adjust the length wrt page boundary

This patch adds a function to adjust the length of a transfer so that
it doesn't cross a page boundary in softmmu mode. It does nothing in
user mode.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

softmmu: provide tlb_vaddr_to_host function for user mode

To avoid to many #ifdef in target code, provide a tlb_vaddr_to_host for
both user and softmmu modes. In the first case the function always
succeed and just call the g2h function.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: wire up I/O instructions in TCG mode

The code handling the I/O instructions for KVM decodes the instruction
itself. In TCG mode also pass the full instruction word to the helpers.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: wire up DIAG REIPL in TCG mode

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: wire up DIAG IPL in TCG mode

DIAG IPL is already implemented for KVM, but not wired from TCG. For
that change the format of the instruction so that we can get R1 and R3
numbers in addition to the function code.

The diag function can change plenty of things, including CC, so we
should enter with a static CC. Also it doesn't set the value of general
register 2 to 0 as in the current code. We also need to exit the CPU
loop after a reset, which means a new PSW.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: fix s390_cpu_initial_reset

The s390_cpu_initial_reset function zeroes a big part of the CPU state
structure, including CPU_COMMON, and thus the QEMU TLB structure. As
they should not be initialized with zeroes only, we need to call the
tlb_flush to initialize it correctly.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: initialize I/O interrupt queue

env->io_index[] should be set to -1 during CPU reset to mark the
I/O interrupt queue as empty.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: correctly initialize ext interrupt queue

env->ext_index should be initialized to -1 to mark the external
interrupt queue as emtpy. This should not be done in s390_cpu_initfn
as all the interrupt fields are later reset to 0 by the memset in
s390_cpu_initial_reset or s390_cpu_full_reset. Move the initialization
there.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-s390x: fix setcc in TCG mode

In TCG mode we should store the CC value in env->cc_op. However do it
inconditionnaly because:
- the tcg_enabled function is not inlined
- it's probably faster to always store the value, especially given it
is likely in the same cache line than env->psw.mask.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

virtio-ccw: disable ioevent bit when ioeventfds are not enabled

This remove the corresponding error messages in TCG mode, and allow to
simplify the s390_assign_subch_ioeventfd() function.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390/ioinst: fix endianness in ioinst_schib_valid

The ioinst_schib_valid gets a SCHIB in guest endianness, we should
byteswap the fields we access.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>

s390/ioinst: fix IO_INT_WORD_ISC macro

The I/O-Interruption Subclass field corresponds to bits 2 to 5 (BE
notation) of the Interruption-Identification Word. The value should
be shift by 27 instead of 24.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

Merge remote-tracking branch 'remotes/kraxel/tags/pull-seabios-1.8.2-20150617-1' into staging

update seabios to release 1.8.2
add vgabios for virtio-vga

# gpg: Signature made Wed Jun 17 08:34:22 2015 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-seabios-1.8.2-20150617-1:
  update seabios and vgabios binaries
  tag our seabios builds
  update seabios submodule to release 1.8.2

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/kvaneesh/tags/for-upstream-signed' into staging

VirtFS update:

* Fix for virtfs-proxy-helper crash
* Gracefully handle the error condition on input validation in virtfs-proxy-helper

# gpg: Signature made Tue Jun 16 16:21:28 2015 BST using RSA key ID 04C4E23A
# gpg: Good signature from "Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 4846 9DE7 1860 360F A6E9  968C DE41 A4FE 04C4 E23A

* remotes/kvaneesh/tags/for-upstream-signed:
  virtfs-proxy-helper: fail gracefully if socket path is too long
  virtfs-proxy-helper: add missing long option terminator

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

update seabios and vgabios binaries

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

tag our seabios builds

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

update seabios submodule to release 1.8.2

git shortlog rel-1.8.1..rel-1.8.2
=================================

Gerd Hoffmann (1):
      vga: rework virtio-vga support

Kevin O'Connor (5):
      vgabios: Add config option for assembler fixups
      vgabios: Emulate "leal" instruction
      build: Support "make VERSION=xyz" to override the default build version
      build: CONFIG_VGA_FIXUP_ASM should depend on CONFIG_BUILD_VGABIOS
      vgabios: On bda_save_restore() the saved vbe_mode also has flags in it

Paolo Bonzini (1):
      smm: ignore bits 16,18-31 of SMM revision ID

Vladimir Serbinenko (1):
      ahci: Ignore max_ports.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

virtfs-proxy-helper: fail gracefully if socket path is too long

Replace the assertion check with graceful failure when the socket path
is too long. Programs should not crash on invalid input. Print an
error message and exit properly.

Cc: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>

virtfs-proxy-helper: add missing long option terminator

The getopt_long(3) long options array must have a zeroed terminator.

This patch solves a segmentation fault when an unknown command-line
option is encountered:

$ fsdev/virtfs-proxy-helper --help
Segmentation fault (core dumped)

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>

Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20150615-1' into staging

virtio-gpu: pci support bits and virtio-vga.

# gpg: Signature made Mon Jun 15 13:55:19 2015 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-vga-20150615-1:
  virtio-vga: add vgabios configuration
  virtio-vga: add '-vga virtio' support
  virtio-vga: add virtio gpu device with vga compatibility
  virtio-gpu-pci: add virtio pci support
  virtio-gpu: fix error message

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/riku/tags/pull-linux-user-20150616' into staging

linux-user patches for 2.4 softfreeze
second spin with ioctl patch refreshed

# gpg: Signature made Tue Jun 16 08:03:14 2015 BST using RSA key ID DE3C9BC0
# gpg: Good signature from "Riku Voipio <riku.voipio@iki.fi>"
# gpg:                 aka "Riku Voipio <riku.voipio@linaro.org>"

* remotes/riku/tags/pull-linux-user-20150616:
  linux-user: ioctl() command type is int
  linux-user: fix the breakpoint inheritance in spawned threads
  linux-user: use __get_user and __put_user in cmsg conversions
  linux-user: Fix length handling in host_to_target_cmsg
  linux-user: Use abi_ulong for TARGET_ELF_PAGESTART
  linux-user: Allocate thunk size dynamically

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

linux-user: ioctl() command type is int

When executing a 64bit target chroot on 64bit host,
the ioctl() command can mismatch.

It seems the previous commit doesn't solve the problem in
my case:

    9c6bf9c7 linux-user: Fix ioctl cmd type mismatch on 64-bit targets

For example, a ppc64 chroot on an x86_64 host:

bash-4.3# ls
Unsupported ioctl: cmd=0x80087467
Unsupported ioctl: cmd=0x802c7415

The origin of the problem is in syscall.c:do_ioctl().

    static abi_long do_ioctl(int fd, abi_long cmd, abi_long arg)

In this case (ppc64) abi_long is long (on the x86_64), and

    cmd = 0x0000000080087467

then
    if (ie->target_cmd == cmd)

target_cmd is int, so target_cmd = 0x80087467
and to compare an int with a long, the sign is extended to 64bit,
so the comparison is:

    if (0xffffffff80087467 == 0x0000000080087467)

which doesn't match whereas it should.

This patch uses int in the case of the target command type
instead of abi_long.

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: fix the breakpoint inheritance in spawned threads

When a thread is spawned, cpu_copy re-initializes
the bp & wp lists of current thread, instead of the ones
of the new thread.
The effect is that breakpoints are no longer hit.

Signed-off-by: Thierry Bultel <thierry.bultel@basystemes.fr>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: use __get_user and __put_user in cmsg conversions

The target payloads in cmsg conversions may not have the alignment
required by the host. Using the get_user and put_user functions is
the easiest way to handle this and also do the byte-swapping we
require.

(Note that prior to this commit target_to_host_cmsg was incorrectly
using __put_user() rather than __get_user() for the SCM_CREDENTIALS
conversion, which meant it wasn't getting the benefit of the
misalignment handling.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: Fix length handling in host_to_target_cmsg

The previous code for handling payload length when converting
cmsg structures from host to target had a number of problems:
* we required the msg->msg_controllen to declare the buffer
   to have enough space for final trailing padding (we were
   checking against CMSG_SPACE), whereas the kernel does not
   require this, and common userspace code assumes this. (In
   particular, glibc's "try to talk to nscd" code that it will
   run on startup will receive a cmsg with a 4 byte payload and
   only allocate 4 bytes for it, which was causing us to do
   the wrong thing on architectures that need 8-alignment.)
* we weren't correctly handling the fact that the SO_TIMESTAMP
   payload may be larger for the target than the host
* we weren't marking the messages with MSG_CTRUNC when we did
   need to truncate a message that wasn't truncated by the host,
   but were instead logging a QEMU message; since truncation is
   always the result of a guest giving us an insufficiently
   sized buffer, we should report it to the guest as the kernel
   does and don't log anything

Rewrite the parts of the function that deal with length to
fix these issues, and add a comment in target_to_host_cmsg
to explain why the overflow logging it does is a QEMU bug,
not a guest issue.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150615' into staging

target-arm queue:
* Handle "extended small page" descriptors correctly
* Use extended address bits from supersection short descriptors
* Update interrupt status for all cores in gic_update
* Fix off-by-one in exynos4210_fimd bit-swap code
* Remove stray unused 'pending_exception' field
* Add Cortex-A53 KVM support
* Fix reset value of REVIDR
* Add AArch32 MIDR aliases for ARMv8 cores
* MAINTAINERS update for ARM ACPI code
* Trust the kernel's value of MPIDR if we're using KVM
* Various pxa2xx device updates to avoid old APIs
* Mark pxa2xx copro registers as ARM_CP_IO so -icount works
* Correctly UNDEF Thumb2 DSP insns on Cortex-M3
* Initial work towards implementing PMSAv7
* Fix a reset order bug introduced recently
* Correct "preferred return address" for cpreg access exceptions
* Add ACPI SPCR table for the virt board

# gpg: Signature made Mon Jun 15 18:19:34 2015 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"

* remotes/pmaydell/tags/pull-target-arm-20150615: (28 commits)
  hw/arm/virt-acpi-build: Add SPCR table
  ACPI: Add definitions for the SPCR table
  target-arm: Correct "preferred return address" for cpreg access exceptions
  hw/arm/boot: fix rom_reset notifier registration order
  arm: helper: rename get_phys_addr_mpu
  arm: Add has-mpu property
  arm: Implement uniprocessor with MP config
  arm: Refactor get_phys_addr FSR return mechanism
  arm: helper: Factor out CP regs common to [pv]msa
  arm: Don't add v7mp registers in MPU systems
  arm: Do not define TLBTR in PMSA systems
  target-arm: Add the THUMB_DSP feature
  hw/sd/pxa2xx_mmci: Stop using old_mmio in MemoryRegionOps
  hw/arm/pxa2xx: Convert pxa2xx-ssp to VMState
  hw/arm/pxa2xx: Add reset method for pxa2xx_ssp
  hw/arm/pxa2xx: Convert pxa2xx-fir to QOM and VMState
  hw/arm/pxa2xx: Mark coprocessor registers as ARM_CP_IO
  target-arm: Use the kernel's idea of MPIDR if we're using KVM
  MAINTAINERS: Add myself as ARM ACPI Subsystem maintainer
  target-arm: add AArch32 MIDR aliases in ARMv8
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/arm/virt-acpi-build: Add SPCR table

Signed-off-by: Andrew Jones <drjones@redhat.com>
Tested-by: Shannon Zhao <shannon.zhao@linaro.org>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 1433929959-29530-3-git-send-email-drjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

ACPI: Add definitions for the SPCR table

SPCR is the Serial Port Console Redirection Table. See the document
linked from http://uefi.org/acpi. For serial port types, "Interface
Type", see the documentation for the Debug Port Table 2 (DBG2).

Signed-off-by: Andrew Jones <drjones@redhat.com>
Tested-by: Shannon Zhao <shannon.zhao@linaro.org>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-id: 1433929959-29530-2-git-send-email-drjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-arm: Correct "preferred return address" for cpreg access exceptions

The architecture defines that when taking an exception trying to
access a coprocessor register, the "preferred return address" for
the exception is the address of the instruction that caused the
exception. Correct an off-by-4 error which meant we were returning
the address after the instruction for traps which happened because
of a failure of a runtime access-check function on an AArch32
register. (Traps caused by translate-time checkable permissions
failures had the correct address, as did traps on AArch64 registers.)

This fixes https://bugs.launchpad.net/qemu/+bug/1463338

Reported-by: Robert Buhren <robert@robertbuhren.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1433861440-30133-1-git-send-email-peter.maydell@linaro.org

hw/arm/boot: fix rom_reset notifier registration order

commit ac9d32e39664e060cd1b538ff190980d57ad69e4 had the consequence to
register the do_cpu_reset after the rom_reset one. Hence they get
executed in the wrong order. This commit restores the registration of
do_cpu_reset in arm_load_kernel.

Signed-off-by: Eric Auger <eric.auger@linaro.org>
Reported-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Tested-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1434111582-9325-1-git-send-email-eric.auger@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

arm: helper: rename get_phys_addr_mpu

This get_phys_addr is really for pmsav5. Rename it accordingly.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: bf4b019aa87d682a45998105ef8e4d4e97a5e117.1434066412.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

arm: Add has-mpu property

For processors that support MPUs, add a property to de-feature it. This
is similar to the implementation of the EL3 feature.

The processor definition in init sets ARM_FEATURE_MPU if it can support
an MPU. post_init exposes the property, defaulting to true. If cleared
by the instantiator, ARM_FEATURE_MPU is then removed at realize time.

This is to support R profile processors that may or may-not have an MPU
configured.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 632918cc48786e868ea18aa6bd12f70597994cad.1434066412.git.peter.crosthwaite@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

arm: Implement uniprocessor with MP config

Add a boolean for indicating uniprocessors with MP extensions. This
drives the U bit in MPIDR. Prepares support for Cortex-R5.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: a70a80583df265e0174f01fa1fc92b33ea6d1db5.1434066412.git.peter.crosthwaite@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

arm: Refactor get_phys_addr FSR return mechanism

Currently, the return code for get_phys_addr is overloaded for both
success/fail and FSR value return. This doesn't handle the case where
there is an error with a 0 FSR. This case exists in PMSAv7.

So rework get_phys_addr and friends to return a success/failure boolean
return code and populate the FSR via a caller provided uint32_t
pointer.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: a209e3d8ae00cda55260c970891f520210e26bad.1434066412.git.peter.crosthwaite@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

arm: helper: Factor out CP regs common to [pv]msa

V6+ PMSA and VMSA share some common registers that are currently
in the VMSA definition block. Split them out into a new def that can
be shared to PMSA.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 284db78a43c63c9bfbb60de539672c361bcb6af8.1434066412.git.peter.crosthwaite@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

arm: Don't add v7mp registers in MPU systems

These registers are VMSA specific so they should be conditional on
VMSA (i.e. !MPU).

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 7bb8843e45f2635c6b7a583c5bb5da51ed4442a0.1434066412.git.peter.crosthwaite@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

arm: Do not define TLBTR in PMSA systems

If doing a PMSA (MPU) system do not define the VMSA specific TLBTR CP.
The def is done separately from VMSA registers group as it is affected
by both the OMAP/STRONGARM RW errata and the MIDR backgrounding.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: b03fea3840207edf633f5c9189400c3dd6a28d14.1434066412.git.peter.crosthwaite@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-arm: Add the THUMB_DSP feature

Create an ARM_FEATURE_THUMB_DSP controlling the Thumb encodings of
the 85 DSP instructions (these are all Thumb2). This is enabled for
all non-M-profile CPUs with Thumb2 support, as the instructions are
mandatory for R and A profiles. On M profile they are optional and
not present in the Cortex-M3 (though they are in the M4).

The effect of this commit is that we will now treat the DSP
encodings as illegal instructions on M3, when previously we
incorrectly implemented them.

Signed-off-by: Aurelio C. Remonda <aurelioremonda@gmail.com>
Message-id: 1434311355-26554-1-git-send-email-aurelioremonda@gmail.com
[PMM: added clz/crc32/crc32c and default case to the early-decode switch;
minor format/spacing fixups; reworded commit message a bit]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/sd/pxa2xx_mmci: Stop using old_mmio in MemoryRegionOps

Update the pxa2xx_mmci device to stop using the old_mmio read
and write callbacks in its MemoryRegionOps. This actually
simplifies the code because the separate byte/halfword/word
access functions were all calling into a single function to
do the work anyway.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1434117989-7367-6-git-send-email-peter.maydell@linaro.org

hw/arm/pxa2xx: Convert pxa2xx-ssp to VMState

The pxa2xx-ssp device is already a QOM device but is still
using the old-style register_savevm(); convert to VMState.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1434117989-7367-5-git-send-email-peter.maydell@linaro.org

hw/arm/pxa2xx: Add reset method for pxa2xx_ssp

The pxa2xx_ssp device was missing a reset method; add one.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter..crosthwaite@xilinx.com>
Message-id: 1434117989-7367-4-git-send-email-peter.maydell@linaro.org

hw/arm/pxa2xx: Convert pxa2xx-fir to QOM and VMState

Convert the pxa2xx-fir device to QOM, including using a
VMState for its migration info.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1434117989-7367-3-git-send-email-peter.maydell@linaro.org

hw/arm/pxa2xx: Mark coprocessor registers as ARM_CP_IO

The pxa2xx custom coprocessor registers in cp6 and cp14 do device
accesses, so mark the non-constant regs as ARM_CP_IO so that
icount works correctly and doesn't abort.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1434117989-7367-2-git-send-email-peter.maydell@linaro.org

target-arm: Use the kernel's idea of MPIDR if we're using KVM

When we're using KVM, the kernel's internal idea of the MPIDR
affinity fields must match the values we tell it for the guest
vcpu cluster configuration in the device tree. Since at the moment
the kernel doesn't support letting userspace tell it the correct
affinity fields to use, we must read the kernel's view and
reflect that back in the device tree.

Signed-off-by: Shlomo Pongratz <shlomo.pongratz@huawei.com>
Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Message-id: 02f601d0a1e6$90c7d630$b2578290$@samsung.com
[PMM: Use a local #define rather than a global variable for
the TCG ARM_CPUS_PER_CLUSTER setting. Tweak a comment. Update the
commit message.]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

MAINTAINERS: Add myself as ARM ACPI Subsystem maintainer

Add Shannon Zhao as the maintainer for the ARM ACPI Subsystem.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
Acked-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1433248318-6076-1-git-send-email-shannon.zhao@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-arm: add AArch32 MIDR aliases in ARMv8

According to ARMv8 ARM, there are additional aliases to MIDR system register in
AArch32 state. So add them to the list.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1433321048-23793-3-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-arm: Fix REVIDR reset value

According to ARM Cortex-A53/A57 TRM, REVIDR reset value should be zero. So let
REVIDR reset value be specified by CPU model and correct it for Cortex-A53/A57.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1433321048-23793-2-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/arm/virt: Add cortex-a53 cpu support in machine virt

Add cortex-a53 cpu support in machine virt, so it can be used for TCG
and KVM.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1433207452-4512-3-git-send-email-shannon.zhao@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-arm/kvm64: Add cortex-a53 cpu support

Since commit e353102(target-arm: cpu64: Add support for Cortex-A53) has
added Cortex-A53 cpu support for target-arm, this patch just enables it
for kvm-arm.

Here adding XGENE_POTENZA just makes the enum continuous.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Message-id: 1433207452-4512-2-git-send-email-shannon.zhao@linaro.org
[PMM: Don't add the CPU types to cpus_to_try[]; this array only
lists old CPUs which were supported in pre-PREFERRED_TARGET kernels]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-arm/cpu.h: remove pending_exception

This isn't used by any of the code. In fact it looks like it was never
used as it came in with ARMv7 support.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1434020015-8868-1-git-send-email-alex.bennee@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

hw/display/exynos4210_fimd: Fix bit-swapping code

fimd_swap_data() includes code to reverse the bits in a
64-bit integer, but an off-by-one error meant that it would
try to shift off the top of the integer. Correct the bug
(spotted by Coverity).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1432912615-23107-1-git-send-email-peter.maydell@linaro.org

arm_gic: gic_update should always update all cores

This patch fixes so that gic_update always updates all the cores with
new pending irq states. If the function returns early it is possible
to get interrupts that has already been acknowledged.

Signed-off-by: Johan Karlsson <johan.karlsson@enea.com>
[PMM: rebased to apply to current master]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-arm: use extended address bits from supersection short descriptor

Since ARMv7 with LPAE support, a supersection short translation table
descriptor has had extended base address fields which hold bits 39:32 of
translated address. These fields are IMPDEF in ARMv6 and ARMv7 without
LPAE support.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1433235718-30485-1-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target-arm: Handle "extended small page" descriptors correctly

The old ARMv5-style page table format includes a kind of second level
descriptor named the "extended small page" format, whose primary purpose
is to allow specification of the TEX memory attribute bits on a 4K page.
This exists on ARMv6 and also (as an implementation extension) on XScale
CPUs; it's UNPREDICTABLE on v5.

We were mishandling this in two ways:
(1) we weren't implementing it for v6 (probably never noticed because
Linux will use the new-style v6 page table format there)
(2) we were not correctly setting the page_size, which is 4K, not 1K

The latter bug went unnoticed for years because the only thing which
the page_size affects is which TLB entries get flushed when the guest
does a TLB invalidate on an address in the page, and prior to commit
2f0d8631b7 we were doing a full TLB flush very frequently due to Linux's
habit of writing the SCTLR pointlessly a lot.

(We can assume that after commit 2f0d8631b7 the bug went unnoticed
for a year because nobody's actually using the Zaurus/XScale emulation...)

Report the correct page size for these descriptors, and permit them
on ARMv6 CPUs. This fixes a problem where a kernel image for Zaurus
can boot the kernel OK but gets random segfaults when it tries to
run userspace programs.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1432844085-16441-1-git-send-email-peter.maydell@linaro.org

Merge remote-tracking branch 'remotes/kraxel/tags/pull-audio-20150615-1' into staging

audio: remove obsolete backends (esd, fmod, winwave).
audio: stop using global variables, small fixes.
audio: remove some obsolte and unused code.

# gpg: Signature made Mon Jun 15 13:24:44 2015 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-audio-20150615-1:
  ossaudio: use trace events instead of debug config flag
  alsaaudio: use trace events instead of verbose
  dsoundaudio: remove primary buffer
  dsoundaudio: remove *_retries kludges
  audio: remove plive
  audio: remove LOG_TO_MONITOR along with default_mon
  MAINTAINERS: remove malc from audio
  sdlaudio: do not allow multiple instances
  coreaudio: do not use global variables where possible
  dsoundaudio: do not use global variables
  paaudio: fix possible resource leak
  wavaudio: do not use global variables
  ossaudio: do not use global variables
  alsaaudio: do not use global variables
  paaudio: do not use global variables
  audio: expose drv_opaque to init_out and init_in
  only enable dsound in case the header file is present
  audio: remove winwave audio driver
  audio: remove fmod backend
  audio: remove esd backend

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Merge remote-tracking branch 'remotes/borntraeger/tags/s390x-20150615' into staging

s390x/kvm/watchdog

1. Implement a diag288 based watchdog
2. Fix virtio-ccw BIOS for gcc >= 4.9

# gpg: Signature made Mon Jun 15 12:36:25 2015 BST using RSA key ID B5A61C7C
# gpg: Good signature from "Christian Borntraeger (IBM) <borntraeger@de.ibm.com>"

* remotes/borntraeger/tags/s390x-20150615:
  s390/bios: build with -fdelete-null-pointer-checks
  watchdog: Add new Virtual Watchdog action INJECT-NMI
  nmi: Implement inject_nmi() for non-monitor context use
  s390x/watchdog: diag288 migration support
  s390x/kvm: diag288 instruction interception and handling
  s390x/watchdog: introduce diag288 watchdog device
  watchdog: change option wording to allow for more watchdogs

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

s390/bios: build with -fdelete-null-pointer-checks

Starting with version 4.9, GCC assumes it can't safely dereference null
pointers, and uses this for some optimizations. On s390, the lowcore
memory is located at address 0, so this assumption is wrong and breaks
the s390-ccw firmware. Pass -fdelete-null-pointer-checks to avoid that.

Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Alexander Graf <agraf@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Message-Id: <1434363843-14576-1-git-send-email-aurelien@aurel32.net>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>

ossaudio: use trace events instead of debug config flag

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

alsaaudio: use trace events instead of verbose

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

dsoundaudio: remove primary buffer

Enabling this option just creates a playback buffer with the specified settings,
and then ignores it. It's probably some outdated hack to set audio formats on
windows. (The first created stream dictates all other streams settings, at least
on some Windows versions). Setting DAC_FIXED_SETTINGS should have the same
effect as setting (the now removed) primary buffer.

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

dsoundaudio: remove *_retries kludges

According to MSDN this may happen when the window is not in the foreground, but
the default is 1 since a long time (which means no retries), so it should be ok.
I've found no problems during testing it on Windows 7 and wine, so this was
probably only the case with some old Windows versions.

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

audio: remove plive

It was useless even 3 years ago, so it can probably safely go away:
https://lists.nongnu.org/archive/html/qemu-devel/2012-03/msg02427.html

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

audio: remove LOG_TO_MONITOR along with default_mon

Setting QEMU_AUDIO_LOG_TO_MONITOR=1 can crash qemu (if qemu tries to log
to the monitor before it's being initialized), and also nothing else in
qemu logs to the monitor.

This log to monitor feature was the last thing that used the default_mon
variable, so I removed it too (as using it can cause problems).

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

MAINTAINERS: remove malc from audio

email bounces, with a appearently permanent error:
"av1474@comtv.ru mail receiving disabled, rejecting"

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>

sdlaudio: do not allow multiple instances

Since SDL uses a lot of global data, we can't create independent
instances of sdl audio backend.

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

coreaudio: do not use global variables where possible

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

dsoundaudio: do not use global variables

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

paaudio: fix possible resource leak

qpa_audio_init did not clean up resources properly if the initialization
failed. This hopefully fixes it.

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

wavaudio: do not use global variables

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

ossaudio: do not use global variables

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

alsaaudio: do not use global variables

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

paaudio: do not use global variables

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

audio: expose drv_opaque to init_out and init_in

Currently the opaque pointer returned by audio_driver's init is only
exposed to the driver's fini, but not to audio_pcm_ops. This way if
someone wants to share a variable with the driver and the pcm, he must
use global variables. This patch fixes it by adding a third parameter to
audio_pcm_op's init_out and init_in.

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

only enable dsound in case the header file is present

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer core and image format patches

# gpg: Signature made Fri Jun 12 16:08:53 2015 BST using RSA key ID C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"

* remotes/kevin/tags/for-upstream: (25 commits)
  block: Fix reopen flag inheritance
  block: Add BlockDriverState.inherits_from
  block: Add list of children to BlockDriverState
  queue.h: Add QLIST_FIX_HEAD_PTR()
  block: Drain requests before swapping nodes in bdrv_swap()
  block: Move flag inheritance to bdrv_open_inherit()
  block: Use QemuOpts in bdrv_open_common()
  block: Use macro for cache option names
  vmdk: Use bdrv_open_image()
  quorum: Use bdrv_open_image()
  check-qdict: Test cases for new functions
  qdict: Add qdict_{set,copy}_default()
  qdict: Add qdict_array_entries()
  iotests: Add tests for overriding BDRV_O_PROTOCOL
  block: driver should override flags in bdrv_open()
  block: Change bitmap truncate conditional to assertion
  block: record new size in bdrv_dirty_bitmap_truncate
  raw-posix: Fix .bdrv_co_get_block_status() for unaligned image size
  vmdk: Use vmdk_find_index_in_cluster everywhere
  vmdk: Fix index_in_cluster calculation in vmdk_co_get_block_status
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

audio: remove winwave audio driver

DirectSound should be a superior choice on Windows.

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

audio: remove fmod backend

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

audio: remove esd backend

ESD is no longer developed and replaced by PulseAudio.

Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

linux-user: Use abi_ulong for TARGET_ELF_PAGESTART

TARGET_ELF_PAGESTART is required to use abi_ulong to correctly handle
addresses for different target bits width.
This patch fixes a problem when running a 64-bit user mode application
on 32-bit host machines.

Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

linux-user: Allocate thunk size dynamically

We store all struct types in an array of static size without ever
checking whether we overrun it. Of course some day someone (like me
in another, ancient ALSA enabling patch set) will run into the limit
without realizing it.

So let's make the allocation dynamic. We already know the number of
structs that we want to allocate, so we only need to pass the variable
into the respective piece of code.

Also, to ensure we don't accidently overwrite random memory, add some
asserts to sanity check whether a thunk is actually part of our array.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

# gpg: Signature made Fri Jun 12 15:57:47 2015 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/block-pull-request:
  qemu-iotests: expand test 093 to support group throttling
  throttle: Update throttle infrastructure copyright
  throttle: add the name of the ThrottleGroup to BlockDeviceInfo
  throttle: acquire the ThrottleGroup lock in bdrv_swap()
  throttle: Add throttle group support
  throttle: Add throttle group infrastructure tests
  throttle: Add throttle group infrastructure
  throttle: Extract timers from ThrottleState into a separate structure
  raw-posix: Fix .bdrv_co_get_block_status() for unaligned image size
  Revert "iothread: release iothread around aio_poll"

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

block: Fix reopen flag inheritance

When reopening an image, the block layer already takes care to reopen
bs->file as well with recalculated inherited flags. The same must happen
for any other child (most notably missing before this patch: backing
files).

If bs->file (or any other child) didn't originally inherit from bs, e.g.
because it was created separately and then only referenced, it must not
inherit flags on reopen either, so check the inherited_from field before
propagation the reopen down.

VMDK already reopened its extents manually; this code can now be
dropped.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>

block: Add BlockDriverState.inherits_from

Currently, the block layer assumes that any block node can have only one
parent, and if it has a parent, that it inherits some options/flags from
this parent.

This is not true any more: With references used in block device
creation, a single node can be used by multiple parents, or it can be
created separately and not inherit flags from any parent.

To handle reopens correctly, a node must know from which parent it
inherited options. This patch adds the information to BlockDriverState.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>

block: Add list of children to BlockDriverState

This allows iterating over all children of a given BDS, not only
including bs->file and bs->backing_hd, but also driver-specific
ones like VMDK extents or Quorum children.

For bdrv_swap(), the list of children of the swapped BDS stays at that
BDS (because that's where the pointers stay as well). The list head
moves and pointers to it must be fixed up therefore.

The list of children in the parent of the swapped BDS is not affected by
the swap. The contents of the BDS objects is swapped, so the existing
pointer in the parent automatically points to the newly swapped in BDS.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>