Peter Maydell [Mon, 22 Jun 2015 10:50:07 +0000 (11:50 +0100)]
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
* i8254 security fix
* Avoid long 100% CPU wait after restarting guests that use the periodic timer
* Fixes for access clamping (WinXP, MIPS)
* wixl/.msi support for qemu-ga on Windows
# gpg: Signature made Fri Jun 19 11:30:53 2015 BST using RSA key ID
78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini/tags/for-upstream:
exec: clamp accesses against the MemoryRegionSection
exec: do not clamp accesses to MMIO regions
mc146818rtc: Reset the periodic timer on load
qemu-timer: Call clock reset notifiers on forward jumps
tests: virtio-scsi: Add test for unaligned WRITE SAME
tests: virtio-scsi: Move start/stop to individual test functions
libqos: Complete virtio device ID definition list
libqos: Allow calling guest_free on NULL pointer
tests: Link libqos virtio object to virtio-scsi-test
i8254: fix out-of-bounds memory access in pit_ioport_read()
qemu-ga: Building Windows MSI installation with configure/Makefile
qemu-ga: Introduce Windows MSI script
qemu-ga: debug printouts to help troubleshoot installation
qemu-ga: adding vss-[un]install options
qemu-log: Open file for logging when specified
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alistair Francis [Fri, 19 Jun 2015 04:16:52 +0000 (21:16 -0700)]
target-microblaze: Remove dead code
This code is already being run in the mb_cpu_realizefn()
function. As PVR registers are preserved on reset this
code is not required.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 19 Jun 2015 04:16:48 +0000 (21:16 -0700)]
s3adsp1800: Remove the hardcoded values from the reset
Remove the hardcoded values from the machine specific reset
function, as the same values are already set in the standard
MicroBlaze reset.
This also allows the entire reset function to be deleted, as
PVR registers are now preserved on reset.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 19 Jun 2015 04:16:45 +0000 (21:16 -0700)]
ml605_mmu: Move the hardcoded values to the init function
Move the hard coded register values to the init function.
This also allows the entire reset function to be deleted, as
PVR registers are now preserved on reset.
The hardcoded PVR0 values can be removed as they are setting
the endianness and stack protection, which is already done
or invalid.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 19 Jun 2015 04:16:42 +0000 (21:16 -0700)]
target-microblaze: Convert pvr-full to a CPU property
Originally the pvr-full PVR bits were manually set for each machine. This
is a hassle and difficult to read, instead set them based on the CPU
properties.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 19 Jun 2015 04:16:38 +0000 (21:16 -0700)]
target-microblaze: Convert version_mask to a CPU property
Originally the version_mask PVR bits were manually set for each
machine. This is a hassle and difficult to read, instead set them
based on the CPU properties.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 19 Jun 2015 04:16:35 +0000 (21:16 -0700)]
target-microblaze: Convert endi to a CPU property
Originally the endi PVR bits were manually set for each machine. This
is a hassle and difficult to read, instead set them based on the CPU
properties.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 19 Jun 2015 04:16:32 +0000 (21:16 -0700)]
target-microblaze: Convert dcache-writeback to a CPU property
Originally the dcache-writeback PVR bits were manually set for each machine.
This is a hassle and difficult to read, instead set them based on the CPU
properties.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 19 Jun 2015 04:16:29 +0000 (21:16 -0700)]
target-microblaze: Convert use-mmu to a CPU property
Originally the use-mmu PVR bits were manually set for each machine. This
is a hassle and difficult to read, instead set them based on the CPU
properties.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 19 Jun 2015 04:16:25 +0000 (21:16 -0700)]
target-microblaze: Rename the usefpu variable
Rename the usefpu variable to use_fpu.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 29 May 2015 06:32:35 +0000 (16:32 +1000)]
target-microblaze: Disable stack protection by default
Stack protection is not available when the MMU is enabled.
As the MMU is enabled by default, disable stack protection
by default.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 29 May 2015 06:31:58 +0000 (16:31 +1000)]
target-microblaze: Convert use-fpu to a CPU property
Originally the use-fpu PVR bits were manually set for each machine. This
is a hassle and difficult to read, instead set them based on the CPU
properties.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 29 May 2015 06:31:20 +0000 (16:31 +1000)]
target-microblaze: Tidy up the base-vectors property
Rename the "xlnx.base-vectors" string to "base-vectors" and
move the base_vectors variable into the cfg struct.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 29 May 2015 06:30:43 +0000 (16:30 +1000)]
target-microblaze: Allow the stack protection to be disabled
Microblaze stack protection is configurable and isn't always enabled.
This patch allows the stack protection to be disabled from the
CPU properties.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 29 May 2015 06:30:05 +0000 (16:30 +1000)]
target-microblaze: Preserve the pvr registers during reset
Move the Microblaze PVR registers to the end of the CPUMBState
and preserve them during reset. This is similar to what the
QEMU ARM model does with some of it's registers.
This allows the Microblaze PVR registers to only be set once
at realise instead of constantly at reset.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Alistair Francis [Fri, 29 May 2015 06:29:28 +0000 (16:29 +1000)]
target-microblaze: Fix up indentation
Fix up the incorrect indentation level in the helper_stackprot() function.
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Peter Crosthwaite [Mon, 25 May 2015 03:31:40 +0000 (20:31 -0700)]
microblaze: s3adsp: Instantiate CPU using QOM
Instantiate and realise the CPU directly, rather than using
cpu_mb_init. Microblazes cpu_model argument is a dummy so remove the
default cpu_model set logic.
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Peter Maydell [Fri, 19 Jun 2015 16:05:15 +0000 (17:05 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-
20150619' into staging
target-arm queue:
* support --semihosting-config,arg=value
* Cortex-R5 support (including implementing them on the Zynq board)
* Cortex-M4 support (without FPU)
* enable vfio-calxeda-xgmac
* don't reset ALIAS sysregs
# gpg: Signature made Fri Jun 19 14:41:54 2015 BST using RSA key ID
14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-
20150619:
semihosting: add --semihosting-config arg sub-argument
semihosting: create SemihostingConfig structure and semihost.h
arm: xlnx-zynqmp: Add 2xCortexR5 CPUs
arm: xlnx-zynqmp: Add boot-cpu property
arm: xlnx-zynqmp: Preface CPU variables with "apu"
target-arm: Add support for Cortex-R5
target-arm: Implement PMSAv7 MPU
target-arm: Add registers for PMSAv7
target-arm/helper.c: define MPUIR register
target-arm: Do not reset sysregs marked as ALIAS
hw/arm/sysbus-fdt: enable vfio-calxeda-xgmac dynamic instantiation
target-arm: Add the Cortex-M4 CPU
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Leon Alrae [Fri, 19 Jun 2015 13:17:45 +0000 (14:17 +0100)]
semihosting: add --semihosting-config arg sub-argument
Add new "arg" sub-argument to the --semihosting-config allowing the user
to pass multiple input arguments separately. It is required for example
by UHI semihosting to construct argc and argv.
Also, update ARM semihosting to support new option (at the moment it is
the only target which cares about arguments).
If the semihosting is enabled and no semihosting args have been specified,
then fall back to -kernel/-append. The -append string is split on whitespace
before initializing semihosting.argv[1..n]; this is different from what
QEMU MIPS machines' pseudo-bootloaders do (i.e. argv[1] contains the whole
-append), but is more intuitive from UHI user's point of view and Linux
kernel just does not care as it concatenates argv[1..n] into single cmdline
string anyway.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Message-id:
1434643256-16858-3-git-send-email-leon.alrae@imgtec.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Leon Alrae [Fri, 19 Jun 2015 13:17:45 +0000 (14:17 +0100)]
semihosting: create SemihostingConfig structure and semihost.h
Remove semihosting_enabled and semihosting_target and replace them with
SemihostingConfig structure containing equivalent fields. The structure
is defined in vl.c where it is actually set.
Also introduce separate header file include/exec/semihost.h allowing to
access semihosting config related stuff from target specific semihosting
code.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1434643256-16858-2-git-send-email-leon.alrae@imgtec.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Crosthwaite [Fri, 19 Jun 2015 13:17:45 +0000 (14:17 +0100)]
arm: xlnx-zynqmp: Add 2xCortexR5 CPUs
Add the 2xCortexR5 CPUs to zynqmp board. They are powered off on reset
(this is true of real hardware) by default or selectable as the boot
processor.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id:
da34128c73ca13fc4f8c3293e1a33d1e1e345655.
1434501320.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Crosthwaite [Fri, 19 Jun 2015 13:17:45 +0000 (14:17 +0100)]
arm: xlnx-zynqmp: Add boot-cpu property
Add a string property that specifies the primary boot cpu. All CPUs
except the one selected will start-powered-off. This allows for elf
boots on any CPU, which prepares support for booting R5 elfs directly
on the R5 processors.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id:
53331c00d80c7ce9c6a83712348773f1b38fae2b.
1434501320.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Crosthwaite [Fri, 19 Jun 2015 13:17:45 +0000 (14:17 +0100)]
arm: xlnx-zynqmp: Preface CPU variables with "apu"
The CPUs currently supported by zynqmp are the APU (application
processing unit) CPUs. There are other CPUs in Zynqmp so unqualified
"cpus" in ambiguous. Preface the variables with "APU" accordingly, to
prepare support adding the RPU (realtime processing unit) processors.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id:
ce32287fc365aea898465e981da3546a227e0811.
1434501320.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Crosthwaite [Fri, 19 Jun 2015 13:17:45 +0000 (14:17 +0100)]
target-arm: Add support for Cortex-R5
Introduce a CPU model for the Cortex R5 processor. ARMv7 with MPU,
and both thumb and ARM div instructions.
Also implement dummy ATCM and BTCM. These CPs are defined for R5 but
don't have a lot of meaning in QEMU yet. Raz them so the guest can
proceed if they are read. The TCM registers will return a size of 0,
indicating no TCM.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id:
efe213163e6800578494aba864ac30329de4d396.
1434501320.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Crosthwaite [Fri, 19 Jun 2015 13:17:45 +0000 (14:17 +0100)]
target-arm: Implement PMSAv7 MPU
Unified MPU only. Uses ARM architecture major revision to switch
between PMSAv5 and v7 when ARM_FEATURE_MPU is set. PMSA v6 remains
unsupported and is asserted against.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id:
dcb03cda6dd754c5cc6a962fa11f25089811e954.
1434501320.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Crosthwaite [Fri, 19 Jun 2015 13:17:44 +0000 (14:17 +0100)]
target-arm: Add registers for PMSAv7
Define the arm CP registers for PMSAv7 and their accessor functions.
RGNR serves as a shared index that indexes into arrays storing the
DRBAR, DRSR and DRACR registers. DRBAR and friends have to be VMSDd
separately from the CP interface using a new PMSA specific VMSD
subsection.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id:
172cf135fbd8f5cea413c00e71cc1c3cac704744.
1434501320.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Crosthwaite [Fri, 19 Jun 2015 13:17:44 +0000 (14:17 +0100)]
target-arm/helper.c: define MPUIR register
Define the MPUIR register for MPU supporting ARMv6 and onwards.
Currently we only support unified MPU.
The size of the unified MPU is defined via the number of "dregions".
So just a single config is added to specify this size. (When split MPU
is implemented we will add an extra iregions config).
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id:
9f248950b803a08c8b3c978931663182f7e882e7.
1434501320.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Sergey Fedorov [Fri, 19 Jun 2015 13:17:44 +0000 (14:17 +0100)]
target-arm: Do not reset sysregs marked as ALIAS
cp_reg_reset() is called from g_hash_table_foreach() which does not
define a specific ordering of the hash table iteration. Thus doing reset
for registers marked as ALIAS would give an ambiguous result when
resetvalue is different for original and alias registers. Exit
cp_reg_reset() early when passed an alias register. Then clean up alias
register definitions from needless resetvalue and resetfn.
In particular, this fixes a bug in the handling of the PMCR register,
which had different resetvalues for its 32 and 64-bit views.
Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id:
1434554713-10220-1-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Eric Auger [Fri, 19 Jun 2015 13:17:44 +0000 (14:17 +0100)]
hw/arm/sysbus-fdt: enable vfio-calxeda-xgmac dynamic instantiation
This patch allows the instantiation of the vfio-calxeda-xgmac device
from the QEMU command line (-device vfio-calxeda-xgmac,host="<device>").
A specialized device tree node is created for the guest, containing
compat, dma-coherent, reg and interrupts properties.
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Acked-by: Peter Maydell <peter.maydell@linaro.org>
Message-id:
1434455898-17895-1-git-send-email-eric.auger@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Aurelio C. Remonda [Fri, 19 Jun 2015 13:17:44 +0000 (14:17 +0100)]
target-arm: Add the Cortex-M4 CPU
This patch adds the Cortex-M4 CPU. The M4 is basically the same as
the M3, the main differences being the DSP instructions and an
optional FPU. Only no-FPU cortex-M4 is implemented here, cortex-M4F
is not because the core target-arm code doesn't support the M-profile
FPU model yet.
Signed-off-by: Aurelio C. Remonda <aurelioremonda@gmail.com>
Message-id:
1434461850-4104-1-git-send-email-aurelioremonda@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Fri, 19 Jun 2015 11:54:08 +0000 (12:54 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-
20150619-1' into staging
cocoa queue:
* Add Machine menu, with entries for pause, resume, reset, power down, and
media change and eject for removable drives
# gpg: Signature made Fri Jun 19 11:24:11 2015 BST using RSA key ID
14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-cocoa-
20150619-1:
ui/cocoa.m: Add machine menu items to change and eject removable drive media
ui/cocoa.m: Add Reset and Power Down menu items to Machine menu
ui/cocoa.m: Add Machine menu with pause and resume menu items
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Fri, 19 Jun 2015 10:30:57 +0000 (11:30 +0100)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
virtio, pci fixes, enhancements
Most notably this includes virtio cross-endian patches.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Fri Jun 19 11:18:05 2015 BST using RSA key ID
D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
* remotes/mst/tags/for_upstream:
vhost: enable vhost without without MSI-X
pci: Don't register a specialized 'config_write' if default behavior is intended
hw/core: rebase sysbus_get_fw_dev_path() to g_strdup_printf()
vhost_net: re-enable when cross endian
vhost-net: tell tap backend about the vnet endianness
tap: fix non-linux build
tap: add VNET_LE/VNET_BE operations
vhost: set vring endianness for legacy virtio
virtio: introduce virtio_legacy_is_cross_endian()
linux-headers: sync vhost.h
vhost-user: part of virtio
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Paolo Bonzini [Wed, 17 Jun 2015 08:36:54 +0000 (10:36 +0200)]
exec: clamp accesses against the MemoryRegionSection
Because the clamping was done against the MemoryRegion,
address_space_rw was effectively broken if a write spanned
multiple sections that are not linear in underlying memory
(with the memory not being under an IOMMU).
This is visible with the MIPS rc4030 IOMMU, which is implemented
as a series of alias memory regions that point to the actual RAM.
Tested-by: Hervé Poussineau <hpoussin@reactos.org>
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 17 Jun 2015 08:40:27 +0000 (10:40 +0200)]
exec: do not clamp accesses to MMIO regions
It is common for MMIO registers to overlap, for example a 4 byte register
at 0xcf8 (totally random choice... :)) and a 1 byte register at 0xcf9.
If these registers are implemented via separate MemoryRegions, it is
wrong to clamp the accesses as the value written would be truncated.
Hence for these regions the effects of commit 23820db (exec: Respect
as_translate_internal length clamp, 2015-03-16, previously applied as
commit
c3c1bb99) must be skipped.
Tested-by: Hervé Poussineau <hpoussin@reactos.org>
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paul Donohue [Fri, 12 Jun 2015 14:10:14 +0000 (10:10 -0400)]
mc146818rtc: Reset the periodic timer on load
When loading a VM from a snapshot or migration, clock changes can cause
the periodic timer to stall or loop rapidly.
qemu-timer has a reset notifier mechanism that is used to avoid timer
stalls or loops if the host clock changes while the VM is running when
using QEMU_CLOCK_HOST. However, when loading a snapshot or migration,
qemu-timer is initialized and fires the reset notifier before
mc146818rtc is initialized and has registered its reset handler. In
addition, this mechanism isn't used when using QEMU_CLOCK_REALTIME,
which might also change when loading a snapshot or migration.
To correct that problem, this commit resets the periodic timer after
loading from a snapshot or migration if the clock has either jumped
backward or has jumped forward by more than the clock jump limit that
is used by the reset notifier code in qemu-timer.
Signed-off-by: Paul Donohue <qemu-git@PaulSD.com>
Message-Id: <
20150612141013.GE2749@TopQuark.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paul Donohue [Fri, 12 Jun 2015 14:08:45 +0000 (10:08 -0400)]
qemu-timer: Call clock reset notifiers on forward jumps
Commit
691a0c9c introduced a mechanism by which QEMU_CLOCK_HOST can
notify other parts of the emulator when the host clock has jumped
backward. This is used to avoid stalling timers that were scheduled
based on the host clock.
However, if the host clock jumps forward, then timers that were
scheduled based on the host clock may fire rapidly and cause other
problems. For example, the mc146818rtc periodic timer will block
execution of the VM and consume host CPU while firing every interrupt
for the time period that was skipped by the host clock.
To correct that problem, this commit fires the reset notification if the
host clock jumps forward by more than a hard-coded limit. The limit is
currently set to a value of 60 seconds, which should be small enough to
prevent excessive timer loops, but large enough to avoid frequent resets
in idle VMs.
Signed-off-by: Paul Donohue <qemu-git@PaulSD.com>
Message-Id: <
20150612140845.GD2749@TopQuark.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Fam Zheng [Fri, 24 Apr 2015 11:35:20 +0000 (19:35 +0800)]
tests: virtio-scsi: Add test for unaligned WRITE SAME
This is an exercise for virtio-scsi tests using the libqos virtio
library. A few common routines are added to facilitate future extensions
of the test set.
The added test case is a regression test for the bug in
d7f4b1999e.
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
John Arbuckle [Fri, 19 Jun 2015 09:53:27 +0000 (10:53 +0100)]
ui/cocoa.m: Add machine menu items to change and eject removable drive media
Adds all removable devices to the Machine menu as a Change and Eject menu
item pair. ide-cd0 would have a "Change ide-cd0..." and "Eject ide-cd0"
menu items.
Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
John Arbuckle [Fri, 19 Jun 2015 09:53:27 +0000 (10:53 +0100)]
ui/cocoa.m: Add Reset and Power Down menu items to Machine menu
Add "Reset" and "Power Down" menu items to Machine menu.
Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Pankaj Gupta [Tue, 16 Jun 2015 08:18:59 +0000 (13:48 +0530)]
vhost: enable vhost without without MSI-X
We use vhostforce to enable vhost even if Guests don't have MSI-X
support and we fall back to QEMU virtio-net.
This gives a very small performance gain, but the disadvantage
is that guest now controls which virtio code is running
(qemu or vhost) so our attack surface is doubled.
This patch will enable vhost unconditionally whenever it's requested.
For compatibility, enable vhost when vhostforce is set, as well.
Signed-off-by: Pankaj Gupta <pagupta@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Jason Wang <jasowang@redhat.com>
Shmulik Ladkani [Tue, 16 Jun 2015 08:24:39 +0000 (11:24 +0300)]
pci: Don't register a specialized 'config_write' if default behavior is intended
Few devices have their specialized 'config_write' methods which simply
call 'pci_default_write_config' followed by a 'msix_write_config' or
'msi_write_config' calls, using exact same arguments.
This is unnecessary as 'pci_default_write_config' already invokes
'msi_write_config' and 'msix_write_config'.
Also, since 'pci_default_write_config' is the default 'config_write'
handler, we can simply avoid the registration of these specialized
versions.
Cc: Leonid Shatz <leonid.shatz@ravellosystems.com>
Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Laszlo Ersek [Wed, 17 Jun 2015 12:45:03 +0000 (14:45 +0200)]
hw/core: rebase sysbus_get_fw_dev_path() to g_strdup_printf()
This is done mainly for improving readability, and in preparation for the
next patch, but Markus pointed out another bonus for the string being
returned:
"No arbitrary length limit. Before the patch, it's 39 characters, and the
code breaks catastrophically when qdev_fw_name() is longer: the second
snprintf() is called with its first argument pointing beyond path[], and
its second argument underflowing to a huge size."
Cc: qemu-stable@nongnu.org
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Cédric Le Goater [Wed, 17 Jun 2015 13:23:54 +0000 (15:23 +0200)]
vhost_net: re-enable when cross endian
Cross-endianness is now checked by the core vhost code.
revert
371df9f5e0f1 "vhost-net: disable when cross-endian"
Signed-off-by: Cédric Le Goater <clg@fr.ibm.com>
[ added commit message, Greg Kurz <gkurz@linux.vnet.ibm.com> ]
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Greg Kurz [Wed, 17 Jun 2015 13:23:49 +0000 (15:23 +0200)]
vhost-net: tell tap backend about the vnet endianness
The default behaviour for TAP/MACVTAP is to consider vnet as native endian.
This patch handles the cases when this is not true:
- virtio 1.0: always little-endian
- legacy cross-endian
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Michael S. Tsirkin [Thu, 18 Jun 2015 14:52:23 +0000 (16:52 +0200)]
tap: fix non-linux build
tap_fd_set_vnet_le/tap_fd_set_vnet_be was missing,
fix it up.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
John Arbuckle [Fri, 19 Jun 2015 09:53:27 +0000 (10:53 +0100)]
ui/cocoa.m: Add Machine menu with pause and resume menu items
Add Machine menu to the Macintosh interface with pause
and resume menu items. These items can either pause or
resume execution of the guest operating system.
Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Message-id:
6D7AE6AA-0595-4FAD-AACF-
9DFAB87248F0@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Eduardo Habkost [Thu, 18 Jun 2015 16:49:28 +0000 (13:49 -0300)]
q35: Re-enable FDC on pc-q35-2.3 and older
commit
ea96bc629cbd52be98b2967a4b4f72e91dfc3ee4 doesn't match the patch
submitted by Laszlo to qemu-devel. We reuse pc_q35_2_4_machine_options()
inside pc_q35_2_3_machine_options(), so we need to undo the no_floppy
change in pc_q35_2_3_machine_options().
(This discrepancy was due to a bad merge.)
This restores the previous behavior where all the 2.3 and older machines
had no_floppy=0.
Reported-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-id:
1434646168-3100-1-git-send-email-ehabkost@redhat.com
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
[PMM: mention that this was a merge issue, not a review issue]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 18 Jun 2015 12:32:39 +0000 (13:32 +0100)]
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-06-18' into staging
QAPI patches
# gpg: Signature made Thu Jun 18 13:20:00 2015 BST using RSA key ID
EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>"
* remotes/armbru/tags/pull-qapi-2015-06-18:
qapi-types: Bury code dead since commit 6b5abc7
qapi-types: Split generate_fwd_builtin() off generate_fwd_struct()
qapi-types: Drop unused members parameters
qapi-types: Don't filter out expressions with 'gen'
qapi: Catch and reject flat union branch of array type
tests/qapi-schema: New flat union array branch test case
qapi: Better separate the different kinds of helpers
qapi: Move exprs checking from parse_schema() to check_exprs()
qapi: Fix to reject stray 't', 'f' and 'n'
qapi: Simplify inclusion cycle detection
qapi: Fix file name in error messages for included files
qapi: Improve a couple of confusing variable names
qapi: Eliminate superfluous QAPISchema attribute input_dir
qapi: Drop bogus command from docs
MAINTAINERS: Fix up QAPI and QAPI schema file patterns
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Markus Armbruster [Fri, 12 Jun 2015 07:45:55 +0000 (09:45 +0200)]
qapi-types: Bury code dead since commit 6b5abc7
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Fri, 12 Jun 2015 07:22:32 +0000 (09:22 +0200)]
qapi-types: Split generate_fwd_builtin() off generate_fwd_struct()
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Fri, 12 Jun 2015 08:40:17 +0000 (10:40 +0200)]
qapi-types: Drop unused members parameters
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Fri, 12 Jun 2015 06:32:51 +0000 (08:32 +0200)]
qapi-types: Don't filter out expressions with 'gen'
Useless, because it can only occur in commands, and we're not dealing
with commands here.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Wed, 10 Jun 2015 11:07:43 +0000 (13:07 +0200)]
qapi: Catch and reject flat union branch of array type
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Wed, 10 Jun 2015 11:03:04 +0000 (13:03 +0200)]
tests/qapi-schema: New flat union array branch test case
The new test demonstrates another generator crash.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Wed, 10 Jun 2015 08:04:36 +0000 (10:04 +0200)]
qapi: Better separate the different kinds of helpers
Insert comments to separate sections dealing with parsing, semantic
analysis, code generation, and so forth.
Move helpers to their proper section.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Wed, 10 Jun 2015 06:55:21 +0000 (08:55 +0200)]
qapi: Move exprs checking from parse_schema() to check_exprs()
To have expression semantic analysis in one place rather than two.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Wed, 10 Jun 2015 06:24:58 +0000 (08:24 +0200)]
qapi: Fix to reject stray 't', 'f' and 'n'
Screwed up in commit e53188a.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Tue, 9 Jun 2015 14:54:09 +0000 (16:54 +0200)]
qapi: Simplify inclusion cycle detection
We maintain a stack of filenames in include_hist for convenient cycle
detection.
As error_path() demonstrates, the same information is readily
available in the expr_info, so just use that, and drop include_hist.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Tue, 9 Jun 2015 16:32:29 +0000 (18:32 +0200)]
qapi: Fix file name in error messages for included files
We print the name as it appears in the include expression. Tools
processing error messages want it relative to the working directory.
Make it so.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Tue, 9 Jun 2015 14:22:45 +0000 (16:22 +0200)]
qapi: Improve a couple of confusing variable names
old name new name
----------------------------
input_file fname
input_relname fname
input_fname abs_fname
include_path incl_abs_fname
parent_info incl_info
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Tue, 9 Jun 2015 14:49:13 +0000 (16:49 +0200)]
qapi: Eliminate superfluous QAPISchema attribute input_dir
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Tue, 9 Jun 2015 12:38:58 +0000 (14:38 +0200)]
qapi: Drop bogus command from docs
Commit
87a560c4 added it in the wrong place. Commit
59a2c4ce added it
in the right place, but didn't remove it from the wrong place. Do
that now.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Markus Armbruster [Fri, 12 Jun 2015 13:15:54 +0000 (15:15 +0200)]
MAINTAINERS: Fix up QAPI and QAPI schema file patterns
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Peter Maydell [Thu, 18 Jun 2015 10:36:42 +0000 (11:36 +0100)]
Merge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-signed' into staging
Update OpenBIOS images
# gpg: Signature made Wed Jun 17 20:06:06 2015 BST using RSA key ID
AE0F321F
# gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>"
* remotes/mcayland/tags/qemu-openbios-signed:
Update OpenBIOS images
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Leon Alrae [Wed, 17 Jun 2015 12:35:00 +0000 (13:35 +0100)]
vfio: fix build error on CentOS 5.7
Include linux/vfio.h after sys/ioctl.h, just like in hw/vfio/common.c.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Acked-by: Alex Williamson <alex.williamson@redhat.com>
Message-id:
1434544500-22405-1-git-send-email-leon.alrae@imgtec.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Mark Cave-Ayland [Wed, 17 Jun 2015 19:02:15 +0000 (20:02 +0100)]
Update OpenBIOS images
Update OpenBIOS images to SVN r1340 built from submodule.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Greg Kurz [Wed, 17 Jun 2015 13:23:44 +0000 (15:23 +0200)]
tap: add VNET_LE/VNET_BE operations
The linux tap and macvtap backends can be told to parse vnet headers
according to little or big endian. This is done through the TUNSETVNETLE
and TUNSETVNETBE ioctls.
This patch brings all the plumbing for QEMU to use these APIs.
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Greg Kurz [Wed, 17 Jun 2015 13:23:39 +0000 (15:23 +0200)]
vhost: set vring endianness for legacy virtio
Legacy virtio is native endian: if the guest and host endianness differ,
we have to tell vhost so it can swap bytes where appropriate. This is
done through a vhost ring ioctl.
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Greg Kurz [Wed, 17 Jun 2015 13:23:34 +0000 (15:23 +0200)]
virtio: introduce virtio_legacy_is_cross_endian()
This helper will be used by vhost and tap to detect cross-endianness in
the legacy virtio case.
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Greg Kurz [Wed, 17 Jun 2015 13:23:29 +0000 (15:23 +0200)]
linux-headers: sync vhost.h
This patch brings the cross-endian vhost API to QEMU.
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Fam Zheng [Fri, 24 Apr 2015 11:35:19 +0000 (19:35 +0800)]
tests: virtio-scsi: Move start/stop to individual test functions
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Fam Zheng [Fri, 24 Apr 2015 11:35:18 +0000 (19:35 +0800)]
libqos: Complete virtio device ID definition list
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Fam Zheng [Fri, 24 Apr 2015 11:35:17 +0000 (19:35 +0800)]
libqos: Allow calling guest_free on NULL pointer
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Fam Zheng [Fri, 24 Apr 2015 11:35:16 +0000 (19:35 +0800)]
tests: Link libqos virtio object to virtio-scsi-test
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Petr Matousek [Wed, 17 Jun 2015 10:46:11 +0000 (12:46 +0200)]
i8254: fix out-of-bounds memory access in pit_ioport_read()
Due converting PIO to the new memory read/write api we no longer provide
separate I/O region lenghts for read and write operations. As a result,
reading from PIT Mode/Command register will end with accessing
pit->channels with invalid index.
Fix this by ignoring read from the Mode/Command register.
This is CVE-2015-3214.
Reported-by: Matt Tait <matttait@google.com>
Fixes:
0505bcdec8228d8de39ab1a02644e71999e7c052
Cc: qemu-stable@nongnu.org
Signed-off-by: Petr Matousek <pmatouse@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Yossi Hindin [Wed, 6 May 2015 11:57:40 +0000 (14:57 +0300)]
qemu-ga: Building Windows MSI installation with configure/Makefile
New options were added to enable Windows MSI installation package
creation:
Option --enable-guest-agent-msi, like the name suggests, enables building
Windows MSI package for QEMU guest agent; option --disable-guest-agent-msi
disables MSI package creation; by default, no MSI package is created
Signed-off-by: Yossi Hindin <yhindin@redhat.com>
Message-Id: <
1430913460-13174-5-git-send-email-yhindin@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Yossi Hindin [Wed, 6 May 2015 11:57:39 +0000 (14:57 +0300)]
qemu-ga: Introduce Windows MSI script
The script enables building Windows MSI installation package on Linux with wixl tool.
Signed-off-by: Yossi Hindin <yhindin@redhat.com>
Message-Id: <
1430913460-13174-4-git-send-email-yhindin@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Yossi Hindin [Wed, 6 May 2015 11:57:38 +0000 (14:57 +0300)]
qemu-ga: debug printouts to help troubleshoot installation
Debug printouts extended, helps installation troubleshooting
Signed-off-by: Yossi Hindin <yhindin@redhat.com>
Message-Id: <
1430913460-13174-3-git-send-email-yhindin@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Yossi Hindin [Wed, 6 May 2015 11:57:37 +0000 (14:57 +0300)]
qemu-ga: adding vss-[un]install options
Existing command line options include '-s install' and '-s uninstall'.
These options install/uninstall both Windows QEMU GA service
and optional VSS COM server. The QEMU GA Windows service allows
always-on serving guest agent's QMP commands and VSS COM server
enables guest agent integration with Volume Shadow Service.
This commit introdices new options '-s vss-install' and '-s vss-uninstall',
affecting only GA VSS COM server registration. The new options are useful
for registering and unregistering the COM server during MSI installation,
upgrade and uninstallation.
Signed-off-by: Yossi Hindin <yhindin@redhat.com>
Message-Id: <
1430913460-13174-2-git-send-email-yhindin@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Pranith Kumar [Wed, 10 Jun 2015 14:20:24 +0000 (10:20 -0400)]
qemu-log: Open file for logging when specified
qemu-log defaults to stderr when there is no '-D' option mentioned on command
line. When '-D' option is specified, we also need to specify '-d' option for it
to use the specified logfile. When using monitor to enable logging this is
troublesome since there will be no '-d' option because of which monitor dumps
the logs to stderr.
Fix this by opening the log file when '-D' is specified on the command line.
Also fix an ancient comment which does not hold true since changing location and
log level has now been streamlined.
Signed-off-by: Pranith Kumar <bobby.prani@gmail.com>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Luiz Capitulino <lcapitulino@redhat.com>
CC: Markus Armbruster <armbru@redhat.com>
CC: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <
1433946024-18439-1-git-send-email-bobby.prani@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Maydell [Wed, 17 Jun 2015 11:43:26 +0000 (12:43 +0100)]
Merge remote-tracking branch 'remotes/agraf/tags/signed-s390-for-upstream' into staging
Patch queue for s390 - 2015-06-17
This is a special one. Two awesome features in one pull request:
- CCW support for TCG
- Watchpoint support for TCG
To celebrate this, we also switch the default machine model from s390-virtio
to s390-ccw and give users a fully working s390x model again!
# gpg: Signature made Wed Jun 17 11:42:26 2015 BST using RSA key ID
03FEDC60
# gpg: Good signature from "Alexander Graf <agraf@suse.de>"
# gpg: aka "Alexander Graf <alex@csgraf.de>"
* remotes/agraf/tags/signed-s390-for-upstream: (26 commits)
s390x: Switch to s390-ccw machine as default
target-s390x: PER: add Breaking-Event-Address register
target-s390x: PER instruction-fetch nullification event support
target-s390x: PER store-using-real-address event support
target-s390x: PER storage-alteration event support
translate-all: fix watchpoints if retranslation not possible
target-s390x: PER instruction-fetch event support
target-s390x: PER successful-branching event support
target-s390x: basic PER event handling
target-s390x: add get_per_in_range function
target-s390x: add get_per_atmid function
target-s390x: add PER related constants
target-s390x: mvc_fast_memmove: access memory through softmmu
target-s390x: mvc_fast_memset: access memory through softmmu
target-s390x: function to adjust the length wrt page boundary
softmmu: provide tlb_vaddr_to_host function for user mode
target-s390x: wire up I/O instructions in TCG mode
target-s390x: wire up DIAG REIPL in TCG mode
target-s390x: wire up DIAG IPL in TCG mode
target-s390x: fix s390_cpu_initial_reset
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alexander Graf [Tue, 16 Jun 2015 21:06:33 +0000 (23:06 +0200)]
s390x: Switch to s390-ccw machine as default
We now finally have TCG support for the basic set of instructions necessary
to run the s390-ccw machine. That means in any aspect possible that machine
type is now superior to the legacy s390-virtio machine.
Switch over to the ccw machine as default. That way people don't get a halfway
broken machine with the s390x target.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Aurelien Jarno [Fri, 12 Jun 2015 22:46:03 +0000 (00:46 +0200)]
target-s390x: PER: add Breaking-Event-Address register
This patch adds support for PER Breaking-Event-Address register. Like
real hardware, it save the current PSW address when the PSW address is
changed by an instruction. We have to take care of optimizations QEMU
does, a branch to the next instruction is still a branch.
This register is copied to low core memory when a program exception
happens.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:46:02 +0000 (00:46 +0200)]
target-s390x: PER instruction-fetch nullification event support
For the instruction-fetch nullification event, we just reuse the
existing instruction-fetch code and trigger the exception immediately
in that case.
There is no need to save the CPU state in the TCG code as it has been
saved by the previous instruction before calling the per_check_exception
helper.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:46:01 +0000 (00:46 +0200)]
target-s390x: PER store-using-real-address event support
This PER event happens each time the STURA or STURG instructions are
used. As they use helpers, we can just save the event in the PER code
there, if enabled.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:46:00 +0000 (00:46 +0200)]
target-s390x: PER storage-alteration event support
For the PER storage-alteration event we can use the QEMU watchpoint
infrastructure. When PER is enabled or PER control register changed we
enable the corresponding watchpoints. When a watchpoint arises we can
save the event. Unfortunately the current code does not provide the
address space used to trigger the watchpoint. For now we assume it comes
from the default ASC.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:45:59 +0000 (00:45 +0200)]
translate-all: fix watchpoints if retranslation not possible
The tb_check_watchpoint function currently assumes that all memory
access is done either directly through the TCG code or through an
helper which knows its return address. This is obviously wrong as the
helpers use cpu_ldxx/stxx_data functions to access the memory.
Instead of aborting in that case, don't try to retranslate the code, but
assume that the CPU state (and especially the program counter) has been
saved before calling the helper. Then invalidate the TB based on this
address.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:45:58 +0000 (00:45 +0200)]
target-s390x: PER instruction-fetch event support
For the PER instruction-fetch, we can't use the QEMU breakpoint
infrastructure as it triggers for a single address and not a full
address range, and as it actually stop before the instruction and
not before.
We therefore call an helper with the just fetched instruction address,
which check if the address is within the PER address range. If it is
the case, an event is recorded and will be signaled through an
exception.
Note that we implement here the PER-3 behaviour, that is an invalid
opcode is not considered as an instruction fetch. Without PER-3 this
behavious is undefined.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:45:57 +0000 (00:45 +0200)]
target-s390x: PER successful-branching event support
For the PER successful-branching event support, we can't rely on any
QEMU infrastucture. We therefore call an helper in all places where
a branch can be taken. We have to pay attention to the branch to next
case, as it's still a taken branch.
We don't need to care about the cases using goto_tb, as we have disabled
them in the previous patch.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:45:56 +0000 (00:45 +0200)]
target-s390x: basic PER event handling
This patch add basic support to generate PER exceptions. It adds two
fields to the cpu structure to record for the PER address and PER
code & ATMID values. When an exception is triggered and a PER event is
pending, the two PER values are copied to the lowcore area.
At the end of an instruction, an helper is checking for a possible
pending PER event and triggers an exception in that case. For that to
work with branches, we need to disable TB chaining when PER is
activated. Fortunately it's already in the TB flags.
Finally in case of a SERVICE CALL exception, we need to trigger the PER
exception immediately after.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:45:55 +0000 (00:45 +0200)]
target-s390x: add get_per_in_range function
This function checks if an address is in between the PER starting
address and the PER ending address, taking care of a possible
address range loop.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:45:54 +0000 (00:45 +0200)]
target-s390x: add get_per_atmid function
This function returns the ATMID field that is stored in the
per_perc_atmid lowcore entry.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:45:53 +0000 (00:45 +0200)]
target-s390x: add PER related constants
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:45:52 +0000 (00:45 +0200)]
target-s390x: mvc_fast_memmove: access memory through softmmu
mvc_fast_memmove is bypassing the softmmu functions, getting the
physical source and destination addresses using the mmu_translate
function and accessing the corresponding physical memory. This
prevents watchpoints to work correctly.
Instead use the tlb_vaddr_to_host function to get the host addresses
corresponding to the guest source and destination addresses through the
softmmu code and fallback to the byte level code in case the
corresponding address are not in the QEMU TLB or being examined through
a watchpoint. As a bonus it works even for area crossing pages by
splitting the are into chunks contained in a single page, bringing some
performances improvements. We can therefore remove the 8-byte
loads/stores method, as it is now quite unlikely to be used.
At the same time change the name of the function to fast_memmove as it's
not specific to mvc and use the same argument order as the C memmove
function.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:45:51 +0000 (00:45 +0200)]
target-s390x: mvc_fast_memset: access memory through softmmu
mvc_fast_memset is bypassing the softmmu functions, getting the
physical address using the mmu_translate function and accessing the
corresponding physical memory. This prevents watchpoints to work
correctly.
Instead use the tlb_vaddr_to_host function to get the host address
corresponding to the guest address through the softmmu code and fallback
to the byte level code in case the corresponding address is not in the
QEMU TLB or being examined through a watchpoint. As a bonus it works
even for area crossing pages by splitting the are into chunks contained
in a single page, bringing some performances improvements.
At the same time change the name of the function to fast_memset as it's
not specific to mvc and use the same argument order as the C memset
function.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:45:50 +0000 (00:45 +0200)]
target-s390x: function to adjust the length wrt page boundary
This patch adds a function to adjust the length of a transfer so that
it doesn't cross a page boundary in softmmu mode. It does nothing in
user mode.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Fri, 12 Jun 2015 22:45:49 +0000 (00:45 +0200)]
softmmu: provide tlb_vaddr_to_host function for user mode
To avoid to many #ifdef in target code, provide a tlb_vaddr_to_host for
both user and softmmu modes. In the first case the function always
succeed and just call the g2h function.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Alexander Graf [Mon, 15 Jun 2015 15:57:09 +0000 (17:57 +0200)]
target-s390x: wire up I/O instructions in TCG mode
The code handling the I/O instructions for KVM decodes the instruction
itself. In TCG mode also pass the full instruction word to the helpers.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Mon, 15 Jun 2015 15:57:08 +0000 (17:57 +0200)]
target-s390x: wire up DIAG REIPL in TCG mode
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
Aurelien Jarno [Mon, 15 Jun 2015 15:57:07 +0000 (17:57 +0200)]
target-s390x: wire up DIAG IPL in TCG mode
DIAG IPL is already implemented for KVM, but not wired from TCG. For
that change the format of the instruction so that we can get R1 and R3
numbers in addition to the function code.
The diag function can change plenty of things, including CC, so we
should enter with a static CC. Also it doesn't set the value of general
register 2 to 0 as in the current code. We also need to exit the CPU
loop after a reset, which means a new PSW.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
projects / sdk / emulator / qemu.git / log