review.tizen.org Git - sdk/emulator/qemu.git/log

pc: don't access fw cfg if NULL

commit f8c457b88d72a48989f190bc3d7b79f4f3b7d11c
"pc: pass PCI hole ranges to Guests"
broke Xen as it has no fw_cfg.
Check for this configuration and boil out.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Tested-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>

virtio-net: add feature bit for any header s/g

Old qemu versions required that 1st s/g entry is the header.

Since QEMU 1.5, patchset titled "virtio-net: iovec handling cleanup"
removed this limitation but a feature bit is needed so guests know it's
safe to lay out header differently.

This patch applies on top and adds such a feature bit to QEMU.
It is set by default for virtio-net.
virtio net header inline with the data is beneficial
for latency and small packet bandwidth - guest driver
code utilizing this feature has been acked but missed 3.11
by a narrow margin, it's pending for 3.12.

This feature bit is cleared by default when compatibility with old
machine types is requested.

Other performance-sensitive devices (blk and scsi)
don't yet support arbitrary s/g layouts, so
we only set this bit for virtio-net for now.
There are plans to allow arbitrary layouts there, but
no code has been posted yet.

Cc: Rusty Russell <rusty@rustcorp.com.au>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

net: add support of mac-programming over macvtap in QEMU side

Currently macvtap based macvlan device is working in promiscuous
mode, we want to implement mac-programming over macvtap through
Libvirt for better performance.

Design:
QEMU notifies Libvirt when rx-filter config is changed in guest,
then Libvirt query the rx-filter information by a monitor command,
and sync the change to macvtap device. Related rx-filter config
of the nic contains main mac, rx-mode items and vlan table.

This patch adds a QMP event to notify management of rx-filter change,
and adds a monitor command for management to query rx-filter
information.

Test:
If we repeatedly add/remove vlan, and change macaddr of vlan
interfaces in guest by a loop script.

Result:
The events will flood the QMP client(management), management takes
too much resource to process the events.

Event_throttle API (set rate to 1 ms) can avoid the events to flood
QMP client, but it could cause an unexpected delay (~1ms), guests
guests normally expect rx-filter updates immediately.

So we use a flag for each nic to avoid events flooding, the event
is emitted once until the query command is executed. The flag
implementation could not introduce unexpected delay.

There maybe exist an uncontrollable delay if we let Libvirt do the
real change, guests normally expect rx-filter updates immediately.
But it's another separate issue, we can investigate it when the
work in Libvirt side is done.

Michael S. Tsirkin: tweaked to enable events on start
Michael S. Tsirkin: fixed not to crash when no id
Michael S. Tsirkin: fold in patch:
"additional fixes for mac-programming feature"
Amos Kong: always notify QMP client if mactable is changed
Amos Kong: return NULL list if no net client supports rx-filter query

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pci: fix BRDIGE typo

Fix typo in macro name: PCI_CLASS_BRDIGE_PCI_INF_SUB.

Signed-off-by: Don Koch <dkoch@verizon.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pci-bridge: update mappings for migration/restore

Fix for LP#1187529: Devices on PCI bridge stop working when
live-migrated. Update bridge mappings for all PCI bridge
devices in get_pci_config_device().

Signed-off-by: Don Koch <dkoch@verizon.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pci: Fold host_buses list into PCIHostState functionality

The host_buses list is an odd structure - a list of pointers to PCI root
buses existing in parallel to the normal qdev tree structure. This patch
removes it, instead putting the link pointers into the PCIHostState
structure, which have a 1:1 relationship to PCIHostBus structures anyway.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pci: Remove domain from PCIHostBus

There are now no users of the domain field of PCIHostBus, so remove it
from the structure, and as a parameter from the pci_host_bus_register()
function which sets it.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pci: Simpler implementation of primary PCI bus

Currently pci_find_primary_bus() searches the list of root buses for one
with domain 0.  But since host buses are always registered with domain 0,
this just amounts to finding the only PCI host bus.  The only remaining
users of pci_find_primary_bus() are in pci-hotplug-old.c, which implements
the old style pci_add/pci_del commands.

Therefore, this patch redefines pci_find_primary_bus() to find the only
PCI root bus, returning an error if there are multiple roots.  The callers
in pci-hotplug-old.c are updated correspondingly, to produce sensible
error messages.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pci: Add root bus parameter to pci_nic_init()

At present, pci_nic_init() and pci_nic_init_nofail() assume that they will
only create a NIC under the primary PCI root.  As we add support for
multiple PCI roots, that may no longer be the case.  This patch adds a root
bus parameter to pci_nic_init() (and updates callers accordingly) to allow
the machine init code using it to specify the right PCI root for NICs
created by old-style -net nic parameters.  NICs created new-style, with
-device can of course be put anywhere.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pci: Add root bus argument to pci_get_bus_devfn()

pci_get_bus_devfn() interprets a full PCI address string to give a PCIBus *
and device/function number within that bus.  Currently it assumes it is
working on an address under the primary PCI root bus.  This patch extends
it to allow the caller to specify a root bus.  This might seem a little odd
since the supplied address can (theoretically) include a PCI domain number.
However, attempting to use a non-zero domain number there is currently an
error, so that shouldn't really cause problems.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pci: Replace pci_find_domain() with more general pci_root_bus_path()

pci_find_domain() is used in a number of places where we want an id for a
whole PCI domain (i.e. the subtree under a PCI root bus).  The trouble is
that many platforms may support multiple independent host bridges with no
hardware supplied notion of domain number.

This patch, therefore, replaces calls to pci_find_domain() with calls to
a new pci_root_bus_path() returning a string.  The new call is implemented
in terms of a new callback in the host bridge class, so it can be defined
in some way that's well defined for the platform.  When no callback is
available we fall back on the qbus name.

Most current uses of pci_find_domain() are for error or informational
messages, so the change in identifiers should be harmless.  The exception
is pci_get_dev_path(), whose results form part of migration streams.  To
maintain compatibility with old migration streams, the PIIX PCI host is
altered to always supply "0000" for this path, which matches the old domain
number (since the code didn't actually support domains other than 0).

For the pseries (spapr) PCI bridge we use a different platform-unique
identifier (pseries machines can routinely have dozens of PCI host
bridges).  Theoretically that breaks migration streams, but given that we
don't yet have migration support for pseries, it doesn't matter.

Any other machines that have working migration support including PCI
devices will need to be updated to maintain migration stream compatibility.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pci: Use helper to find device's root bus in pci_find_domain()

Currently pci_find_domain() performs two functions - it locates the PCI
root bus above the given bus, then looks up that root bus's domain number.
This patch adds a helper function to perform the first task, finding the
root bus for a given PCI device. This is then used in pci_find_domain().
This changes pci_find_domain()'s signature slightly, taking a PCIDevice
instead of a PCIBus - since all callers passed something of the form
dev->bus, this simplifies things slightly.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pci: Abolish pci_find_root_bus()

pci_find_root_bus() takes a domain parameter. Currently PCI root buses
with domain other than 0 can't be created, so this is more or less a long
winded way of retrieving the main PCI root bus. Numbered domains don't
actually properly cover the (non x86) possibilities for multiple PCI root
buses, so this patch for now enforces the domain == 0 restriction in other
places to replace pci_find_root_bus() with an explicit
pci_find_primary_bus().

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pci: Move pci_read_devaddr to pci-hotplug-old.c

pci_read_devaddr() is only used by the legacy functions for the old PCI
hotplug interface in pci-hotplug-old.c. So we move the function there,
and make it static.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pci: Cleanup configuration for pci-hotplug.c

pci-hotplug.c and the CONFIG_PCI_HOTPLUG variable which controls its
compilation are misnamed.  They're not about PCI hotplug in general, but
rather about the pci_add/pci_del interface which are now deprecated in
favour of the more general device_add/device_del interface.  This patch
therefore renames them to pci-hotplug-old.c and CONFIG_PCI_HOTPLUG_OLD.

CONFIG_PCI_HOTPLUG=y was listed twice in {i386,x86_64}-softmmu.make for no
particular reason, so we clean that up too.  In addition it was included in
ppc64-softmmu.mak for which the old hotplug interface was never used and is
unsuitable, so we remove that too.

Most of pci-hotplug.c was additionaly protected by #ifdef TARGET_I386.  The
small piece which wasn't is only called from the pci_add and pci_del hooks
in hmp-commands.hx, which themselves were protected by #ifdef TARGET_I386.
This patch therefore also removes the #ifdef from pci-hotplug-old.c,
and changes the ifdefs in hmp-commands.hx to use CONFIG_PCI_HOTPLUG_OLD.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pvpanic: fix fwcfg for big endian hosts

Convert port number to little endian when
exposing it in fw cfg.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pvpanic: initialization cleanup

Avoid use of static variables: PC systems
initialize pvpanic device through pvpanic_init,
so we can simply create the fw_cfg file at that point.
This also makes it possible to skip device
creation completely if fw_cfg is not there, e.g. for xen -
so the ports it reserves are not discoverable by guests.

Also, make pvpanic_init void since callers ignore return
status anyway.

Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Paul Durrant <Paul.Durrant@citrix.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

MAINTAINERS: s/Marcelo/Paolo/

Marcelo doesn't maintain kvm anymore,
Paolo is taking over the job.
Update MAINTAINERS to stop flooding Marcelo with mail.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

e1000: cleanup process_tx_desc

Coverity complains about two overruns in process_tx_desc(). The
complaints are false positives, but we might as well eliminate
them. The problem is that "hdr" is defined as an unsigned int,
but then used to offset an array of size 65536, and another of
size 256 bytes. hdr will actually never be greater than 255
though, as it's assigned only once and to the value of
tp->hdr_len, which is an uint8_t. This patch simply gets rid of
hdr, replacing it with tp->hdr_len, which makes it consistent
with all other tp member use in the function.

v2:
- also cleanup coding style issues in the touched lines

Signed-off-by: Andrew Jones <drjones@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pc_piix: cleanup init compat handling

Make sure 1.4 calls 1.5, 1.3 calls 1.4 etc.
This way it's enough to add enough new compat hook
in a single place in piix.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pc: pass PCI hole ranges to Guests

Guest currently has to jump through lots of hoops to guess the PCI hole
ranges. It's fragile, and makes us change BIOS each time we add a new
chipset. Let's report the window in a ROM file, to make BIOS do exactly
what QEMU intends.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

pci: store PCI hole ranges in guestinfo structure

Will be used to pass hole ranges to guests.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

range: add Range structure

Sometimes we need to pass ranges around, add a
handy structure for this purpose.

Note: memory.c defines its own concept of AddrRange structure for
working with 128 addresses. It's necessary there for doing range math.
This is not needed for most users: struct Range is
much simpler, and is only used for passing the range around.

Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

Merge remote-tracking branch 'qemu-kvm/uq/master' into staging

# By Michael S. Tsirkin (2) and others
# Via Paolo Bonzini
* qemu-kvm/uq/master:
  kvmclock: clock should count only if vm is running
  pci-assign: remove the duplicate function name in debug message
  kvm: skip system call when msi route is unchanged
  kvm: zero-initialize KVM_SET_GSI_ROUTING input
  kvm: add detail error message when fail to add ioeventfd

Message-id: 1372841072-22265-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

kvmclock: clock should count only if vm is running

kvmclock should not count while vm is paused, because:

1) if the vm is paused for long periods, timekeeping
math can overflow while converting the (large) clocksource
delta to nanoseconds.

2) Users rely on CLOCK_MONOTONIC to count run time, that is,
time which OS has been in a runnable state (see CLOCK_BOOTTIME).

Change kvmclock driver so as to save clock value when vm transitions
from runnable to stopped state, and to restore clock value from stopped
to runnable transition.

Cc: qemu-stable@nongnu.org
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

pci-assign: remove the duplicate function name in debug message

While DEBUG() already includes the function name.

Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
Acked-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

kvm: skip system call when msi route is unchanged

Some guests do a large number of mask/unmask
calls which currently trigger expensive route update
system calls.
Detect that route in unchanged and skip the system call.

Reported-by: "Zhanghaoyu (A)" <haoyu.zhang@huawei.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>

kvm: zero-initialize KVM_SET_GSI_ROUTING input

kvm_add_routing_entry makes an attempt to
zero-initialize any new routing entry.
However, it fails to initialize padding
within the u field of the structure
kvm_irq_routing_entry.

Other functions like kvm_irqchip_update_msi_route
also fail to initialize the padding field in
kvm_irq_routing_entry.

It's better to just make sure all input is initialized.

Once it is, we can also drop complex field by field assignment and just
do the simple *a = *b to update a route entry.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>

kvm: add detail error message when fail to add ioeventfd

I try to hotplug 28 * 8 multiple-function devices to guest with
old host kernel, ioeventfds in host kernel will be exhausted, then
qemu fails to allocate ioeventfds for blk/nic devices.

It's better to add detail error here.

Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>

Merge remote-tracking branch 'agraf/ppc-for-upstream' into staging

# By Alexander Graf (12) and others
# Via Alexander Graf
* agraf/ppc-for-upstream: (32 commits)
  PPC: Ignore writes to L2CR
  mac-io: Add escc-legacy memory alias region
  PPC: Newworld: Add second uninorth control register set
  PPC: Newworld: Add uninorth token register
  PPC: Add clock-frequency export for Mac machines
  PPC: Introduce an alias cache for faster lookups
  PPC: Fix GDB read on code area for PPC6xx
  PPC: Add dump_mmu() for 6xx
  target-ppc: Introduce unrealizefn for PowerPCCPU
  booke_ppc: limit booke timer to max when timeout overflow
  Graphics: Switch to 800x600x32 as default mode
  pseries: Update MAINTAINERS information
  target-ppc kvm: save cr register
  pseries: Fix compiler warning (conversion of pointer to integral value)
  spapr-rtas: add CPU argument to RTAS calls
  target-ppc: Change default machine for 64-bit
  ppc: do not register IABR SPR twice for 603e
  target-ppc: Drop redundant flags assignments from CPU families
  mpc8544_guts: Turn qdev initfn into instance_init
  mpc8544_guts: QOM'ify
  ...

Message-id: 1372556709-23868-1-git-send-email-agraf@suse.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Merge remote-tracking branch 'cohuck/virtio-ccw-upstr' into staging

# By Cornelia Huck
# Via Cornelia Huck
* cohuck/virtio-ccw-upstr:
virtio-ccw: fix build breakage on windows

Message-id: 1372669523-4039-1-git-send-email-cornelia.huck@de.ibm.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

Merge remote-tracking branch 'luiz/queue/qmp' into staging

# By Kevin Wolf
# Via Luiz Capitulino
* luiz/queue/qmp:
hmp: Make "info block" output more readable

Message-id: 1372452199-23237-1-git-send-email-lcapitulino@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

virtio-ccw: fix build breakage on windows

event_notifier_get_fd() is not available on windows hosts. Fix this by
moving the calls to event_notifier_get_fd() to the kvm code.

Reported-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>

PPC: Ignore writes to L2CR

The L2CR register contains a number of bits that either impose configuration
which we can't deal with or mean "something is in progress until the bit is
0 again".

Since we don't model the former and we do want to accomodate guests using the
latter semantics, let's just ignore writes to L2CR. That way guests always read
back 0 and are usually happy with that.

Signed-off-by: Alexander Graf <agraf@suse.de>

mac-io: Add escc-legacy memory alias region

Mac OS X's debugging serial driver accesses the ESCC through a different
register layout, called "escc-legacy". This layout differs from the normal
escc register layout purely by the location of the respective registers.

This patch adds a memory alias region that takes normal escc registers and
maps them into the escc-legacy register space.

With this patch applied, a Mac OS X guest successfully emits debug output
on the serial port when run with debug parameters set, for example by running:

$ qemu-system-ppc -prom-env -'boot-args=-v debug=0x8 io=0xff serial=0x3' \
-cdrom 10.4.iso -boot d

Signed-off-by: Alexander Graf <agraf@suse.de>

PPC: Newworld: Add second uninorth control register set

Mac OS X requires a second uninorth register set to be mapped a few
bytes above the first one. Let's just expose it to make it happy.

Signed-off-by: Alexander Graf <agraf@suse.de>

PPC: Newworld: Add uninorth token register

Mac OS X expects the uninorth control register set to contain one
register that always reads back what it writes in. Expose that.

This is just a temporary hack. Eventually, we want to expose the
uninorth (/uni-n in device tree) as a separate QOM device.

Signed-off-by: Alexander Graf <agraf@suse.de>

PPC: Add clock-frequency export for Mac machines

Support in fwcfg has been around for exposure of the clock-frequency
CPU property. OpenBIOS reads it, we just never exposed it.

Since Mac OS X is very picky about its clock frequency values, let's
just take a known good value and always expose that.

Reported-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alexander Graf <agraf@suse.de>

PPC: Introduce an alias cache for faster lookups

When running QEMU with "-cpu ?" we walk through every alias for every
target CPU we know about. This takes several seconds on my very fast
host system.

Let's introduce a class object cache in the alias table. Using that we
don't have to go through the tedious work of finding our target class.
Instead, we can just go directly from the alias name to the target class
pointer.

This patch brings -cpu "?" to reasonable times again.

Before:
real 0m4.716s

After:
real 0m0.025s

Signed-off-by: Alexander Graf <agraf@suse.de>

PPC: Fix GDB read on code area for PPC6xx

On PPC 6xx, data and code have separated TLBs. Until now QEMU was only
looking at data TLBs, which is not good when GDB wants to read code.

This patch adds a second call to get_physical_address() with an
ACCESS_CODE type of access when the first call with ACCESS_INT fails.

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

PPC: Add dump_mmu() for 6xx

"(qemu) info tlb" is a very useful tool for debugging, so I implemented
the missing 6xx version.

Signed-off-by: Fabien Chouteau <chouteau@adacore.com>
[agraf: fix printfs on hwaddr to PRI]
Signed-off-by: Alexander Graf <agraf@suse.de>

target-ppc: Introduce unrealizefn for PowerPCCPU

Use it to clean up the opcode table, resolving a former TODO from Jocelyn.
Also switch from malloc() to g_malloc().

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>

booke_ppc: limit booke timer to max when timeout overflow

Limit watchdog and fit timer to maximum timeout value which
qemu timer can support (INT64_MAX). This maximum timeout will be
hundreds of years, so limiting to max timeout is pretty safe.

Signed-off-by: Bharat Bhushan <bharat.bhushan@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

Graphics: Switch to 800x600x32 as default mode

We have stayed at 800x600x15 as default graphics mode for the last 9 years.
If there ever was a reason to be there, surely nobody remembers it.

However, recently non-Linux PPC guests started to show bad effects on 15 bit
color mode. They do work just fine with 32 bits however.

So let's switch to 32 bit color as the default graphic mode.

Reported-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alexander Graf <agraf@suse.de>

pseries: Update MAINTAINERS information

I'm no longer at IBM, and therefore no long actively working on the pseries
(aka sPAPR) qemu machine type. This patch removes my information in the
MAINTAINERS file.

While we're at it, I've added some extra file patterns for pseries specific
files that weren't included in the existing pattern.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
[agraf: Remove new maintainer addition]
Signed-off-by: Alexander Graf <agraf@suse.de>

target-ppc kvm: save cr register

This adds a missing code to save CR (condition register) via
kvm_arch_put_registers(). kvm_arch_get_registers() already has it.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>

pseries: Fix compiler warning (conversion of pointer to integral value)

This kind of type cast must use uintptr_t or target_ulong to be portable
for hosts with sizeof(void *) != sizeof(long).

Here the value is assigned to a variable of type target_ulong.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
[agraf: fix compilation on 32bit hosts]
Signed-off-by: Alexander Graf <agraf@suse.de>

spapr-rtas: add CPU argument to RTAS calls

RTAS is a hypervisor provided binary blob that a guest loads and
calls into to execute certain functions. It's similar to the
vsyscall page in Linux or the short lived VMCI paravirt interface
from VMware.

The QEMU implementation of the RTAS blob is simply a passthrough
that proxies all RTAS calls to the hypervisor via an hypercall.

While we pass a CPU argument for hypercall handling in QEMU, we
don't pass it for RTAS calls. Since some RTAs calls require
making hypercalls (normally RTAS is implemented as guest code) we
have nasty hacks to allow that.

Add a CPU argument to RTAS call handling so we can more easily
invoke hypercalls just as guest code would.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-ppc: Change default machine for 64-bit

Currently, for qemu-system-ppc64, the default machine type is 'mac99'.
The mac99 machine is not being actively maintained, and represents a
bizarre hybrid of components that never actually existed as a real system.
This patch changes the default machine to 'pseries', which is actively
maintained and works well with most modern ppc64 Linux distributions as a
guest.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
[agraf: adjust commit message]
Signed-off-by: Alexander Graf <agraf@suse.de>

ppc: do not register IABR SPR twice for 603e

IABR SPR is already registered in gen_spr_603(), called from init_proc_603E().

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>

target-ppc: Drop redundant flags assignments from CPU families

Previous code has #define POWERPC_INSNS2_<family> PPC_NONE in some
places for macrofied assignment to insns_flags2 field.

PPC_NONE is defined as zero though and QOM classes are zero-initialized,
so drop any pcc->insns_flags2 = PPC_NONE; assignments.

PPC_NONE itself is still in use in translate.c.

Suggested-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>

mpc8544_guts: Turn qdev initfn into instance_init

SysBus can deal with NULL SysBusDeviceClass::init since 4ce5dae.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>

mpc8544_guts: QOM'ify

Introduce type constant, cast macro and rename parent field.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>

mpc8544_guts: Fix MemoryRegion name

6544 -> 8544

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>

intc/openpic_kvm: Fix QOM and build issues

Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>

intc/openpic: Convert to QOM realize

Split qdev initfn into instance_init and realize functions.
Change one occurrence of "klass" while at it.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

intc/openpic: QOM'ify

Introduce type constant and cast macro.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

kvm/openpic: in-kernel mpic support

Enables support for the in-kernel MPIC that thas been merged into the
KVM next branch.  This includes irqfd/KVM_IRQ_LINE support from Alex
Graf (along with some other improvements).

Note from Alex regarding kvm_irqchip_create():

  On x86, one would call kvm_irqchip_create() to initialize an
  in-kernel interrupt controller.  That function then goes ahead and
  initializes global capability variables as well as the default irq
  routing table.

  On ppc, we can't call kvm_irqchip_create() because we can have
  different types of interrupt controllers.  So we want to do all the
  things that function would do for us in the in-kernel device init
  handler.

Signed-off-by: Scott Wood <scottwood@freescale.com>
[agraf: squash in kvm_irqchip_commit_routes patch, fix non-kvm build,
        fix ppcemb]
Signed-off-by: Alexander Graf <agraf@suse.de>

PPC: Add non-kvm stub file

There are cases where a kvm provided function is called from generic
hw code that doesn't know whether kvm is available or not. Provide
a stub file which can provide simple replacement functions for those
cases.

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>

KVM: PIC: Only commit irq routing when necessary

The current logic updates KVM's view of our interrupt map every time we
change it. While this is nice and bullet proof, it slows things down
badly for me. QEMU spends about 3 seconds on every start telling KVM what
news it has on its routing maps.

Instead, let's just synchronize the whole irq routing map as a whole when
we're done constructing it. For things that change during runtime, we can
still update the routing table on demand.

Signed-off-by: Alexander Graf <agraf@suse.de>

PPC: e500: factor out mpic init code

KVM in-kernel MPIC support is going to expand this even more,
so let's keep it contained.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

openpic: factor out some common defines into openpic.h

...for use by the KVM in-kernel irqchip stub.

Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>

KVM: MSI: Swap payload to native endianness

The usual MSI injection mechanism writes msi.data into memory using an
le32 wrapper. So on big endian guests, this swaps msg.data into the
expected byte order.

For irqfd however, we don't swap the payload right now, rendering
in-kernel MPIC emulation broken on PowerPC.

Swap msg.data to the correct endianness whenever we touch it.

Signed-off-by: Alexander Graf <agraf@suse.de>

KVM: Export kvm_init_irq_routing

On PPC, we can have different types of interrupt controllers, so we really
only know that we are going to use one when we created it.

Export kvm_init_irq_routing() to common code, so that we don't have to call
kvm_irqchip_create().

Signed-off-by: Alexander Graf <agraf@suse.de>

KVM: Don't assume that mpstate exists with in-kernel PIC always

On PPC, we don't support MP state. So far it's not necessary and I'm
not convinced yet that we really need to support it ever.

However, the current idle logic in QEMU assumes that an in-kernel PIC
also means we support MP state. This assumption is not true anymore.

Let's split up the two cases into two different variables. That way
PPC can expose an in-kernel PIC, while not implementing MP state.

Signed-off-by: Alexander Graf <agraf@suse.de>
CC: Jan Kiszka <jan.kiszka@siemens.com>

Merge remote-tracking branch 'mjt/trivial-patches' into staging

# By Gerd Hoffmann (13) and Michael Tokarev (1)
# Via Michael Tokarev
* mjt/trivial-patches:
  doc: we use seabios, not bochs bios
  qemu-socket: don't leak opts on error
  qemu-char: report udp backend errors
  qemu-char: add -chardev mux support
  qemu-char: minor mux chardev fixes
  qemu-char: use ChardevBackendKind in CharDriver
  qemu-char: don't leak opts on error
  qemu-char: fix documentation for telnet+wait socket flags
  qemu-char: print notification to stderr
  qemu-char: use more specific error_setg_* variants
  qemu-char: check optional fields using has_*
  qemu-socket: catch monitor_get_fd failures
  qemu-socket: drop pointless allocation
  qemu-socket: zero-initialize SocketAddress

Message-id: 1372443465-22384-1-git-send-email-mjt@msgid.tls.msk.ru
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

hmp: Make "info block" output more readable

HMP is meant for humans and you should notice it.

This changes the output format to use a bit more space to display the
information more readable and leaves out irrelevant information (e.g.
mention only that an image is encrypted, but not when it's not; display
I/O limits only if throttling is in effect; ...)

Before:

    (qemu) info block
    ide0-hd0: removable=0 io-status=ok file=/tmp/overlay.qcow2
    backing_file=/tmp/backing.img backing_file_depth=1 ro=0 drv=qcow2
    encrypted=1 bps=0 bps_rd=0 bps_wr=0 iops=1024 iops_rd=0 iops_wr=0
    ide1-cd0: removable=1 locked=0 tray-open=0 io-status=ok
    file=/home/kwolf/images/iso/Fedora-18-x86_64-Live-Desktop.iso ro=1
    drv=raw encrypted=0 bps=0 bps_rd=0 bps_wr=0 iops=0 iops_rd=0 iops_wr=0
    floppy0: removable=1 locked=0 tray-open=0 [not inserted]
    sd0: removable=1 locked=0 tray-open=0 [not inserted]

After:

    (qemu) info block
    ide0-hd0: /tmp/overlay.qcow2 (qcow2, encrypted)
        Backing file:     /tmp/backing.img (chain depth: 1)
        I/O limits:       bps=0 bps_rd=0 bps_wr=0 iops=1024 iops_rd=0 iops_wr=0

    ide1-cd0: /home/kwolf/images/iso/Fedora-18-x86_64-Live-Desktop.iso (raw, read-only)
        Removable device: not locked, tray closed

    floppy0: [not inserted]
        Removable device: not locked, tray closed

    sd0: [not inserted]
        Removable device: not locked, tray closed

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>

qemu-char: Fix ID reuse after chardev-remove for qapi-based init

Commit 2c5f488 introduced qapi-based character device initialization
as a new code path in qemu_chr_new_from_opts().  Unfortunately, it
failed to store parameter opts in the new chardev.  Therefore,
qemu_chr_delete() doesn't delete it.  Even though the device is gone,
its options linger, and any attempt to create another one with the
same ID fails.

Cc: qemu-stable@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1372339512-28149-1-git-send-email-armbru@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

console: Hook QemuConsoles into qom tree

Put them named "console[$index]" below "/backend", so you can
list & inspect them via QMP.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1372150171-8707-1-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

gtk: add support for surface conversion

Also use CAIRO_FORMAT_RGB24 unconditionally.  DisplaySurfaces will never
ever see 8bpp surfaces.  And using CAIRO_FORMAT_RGB16_565 for the 16bpp
case doesn't seem to be a good idea too.

<quote src="/usr/include/cairo/cairo.h">
* @CAIRO_FORMAT_RGB16_565: This format value is deprecated. It has
*   never been properly implemented in cairo and should not be used
*   by applications. (since 1.2)
</quote>

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1372150134-8590-1-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

vl: convert -smp to qemu_opts_parse()

This also introduces a new suboption, "cpus=",
which is the default.  So after this patch,

-smp n,sockets=y

is the same as

  -smp cpus=n,sockets=y

(with "cpu" being some generic thing, referring to
either cores, or threads, or sockets, as before).

We still don't validate relations between different
numbers, for example it is still possible to say

  -smp 1,sockets=10

and it will be accepted to mean sockets=1.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Message-id: 1372072012-30305-1-git-send-email-mjt@msgid.tls.msk.ru
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

multiboot: Updated ROM binary

Signed-off-by: Kevin Wolf <mail@kevin-wolf.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1372018066-21822-4-git-send-email-mail@kevin-wolf.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

multiboot: Calculate upper_mem in the ROM

The upper_mem field of the Multiboot information struct doesn't really
contain the RAM size - 1 MB like we used to calculate it, but only the
memory from 1 MB up to the first (upper) memory hole.

In order to correctly retrieve this information, the multiboot ROM now
looks at the mmap it creates anyway and tries to find the size of
contiguous usable memory from 1 MB.

Drop the multiboot.c definition of lower_mem and upper_mem because both
are queried at runtime now.

Signed-off-by: Kevin Wolf <mail@kevin-wolf.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1372018066-21822-3-git-send-email-mail@kevin-wolf.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

multiboot: Don't forget last mmap entry

When the BIOS returns ebx = 0, the current entry is still valid and
needs to be included in the Multiboot memory map.

Fixing this meant that using bx as the entry index doesn't work any
more because it's 0 on the last entry (and it was SeaBIOS-specific
anyway), so the whole loop had to change a bit and should be more
generic as a result (ebx can be an arbitrary continuation number now,
and the entry size returned by the BIOS is used instead of hard-coding
20 bytes).

Signed-off-by: Kevin Wolf <mail@kevin-wolf.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1372018066-21822-2-git-send-email-mail@kevin-wolf.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

arch_init: Fix format string by using RAM_ADDR_FMT

length is a ram_addr_t, so RAM_ADDR_FMT must be used instead of %ld.
This fixes a recently introduced regression for w64 builds.

Using RAM_ADDR_FMT also changes decimal output to sedecimal.
This is good here because length and block->length should both
use the same base in the error message.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-id: 1372359606-2759-1-git-send-email-sw@weilnetz.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

doc: we use seabios, not bochs bios

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

qemu-socket: don't leak opts on error

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

qemu-char: report udp backend errors

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

qemu-char: add -chardev mux support

Allow to explicitly create mux chardevs on the command line,
like you can using QMP.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

qemu-char: minor mux chardev fixes

mux failure path has a memory leak. creating a mux chardev can't
fail though, so just assert() that instead of fixing an error path
which never ever runs anyway ...

Also fix bid being leaked while being at it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

qemu-char: use ChardevBackendKind in CharDriver

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

qemu-char: don't leak opts on error

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

qemu-char: fix documentation for telnet+wait socket flags

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

qemu-char: print notification to stderr

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

qemu-char: use more specific error_setg_* variants

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

qemu-char: check optional fields using has_*

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

qemu-socket: catch monitor_get_fd failures

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

qemu-socket: drop pointless allocation

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

qemu-socket: zero-initialize SocketAddress

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

Merge remote-tracking branch 'afaerber/qom-cpu' into staging

# By Andreas Färber
# Via Andreas Färber
* afaerber/qom-cpu: (24 commits)
  cpu: Turn cpu_unassigned_access() into a CPUState hook
  hwaddr: Make hwaddr type usable beyond softmmu
  cpu: Change qemu_init_vcpu() argument to CPUState
  cpus: Change qemu_dummy_start_vcpu() argument to CPUState
  cpus: Change qemu_kvm_start_vcpu() argument to CPUState
  cpus: Change cpu_handle_guest_debug() argument to CPUState
  gdbstub: Set gdb_set_stop_cpu() argument to CPUState
  kvm: Change kvm_cpu_exec() argument to CPUState
  kvm: Change kvm_handle_internal_error() argument to CPUState
  cpu: Turn cpu_dump_{state,statistics}() into CPUState hooks
  cpus: Change qemu_kvm_init_cpu_signals() argument to CPUState
  kvm: Change kvm_set_signal_mask() argument to CPUState
  cpus: Change qemu_kvm_wait_io_event() argument to CPUState
  cpus: Change cpu_thread_is_idle() argument to CPUState
  cpu: Change cpu_exit() argument to CPUState
  kvm: Change cpu_synchronize_state() argument to CPUState
  kvm: Change kvm_cpu_synchronize_state() argument to CPUState
  gdbstub: Simplify find_cpu()
  cpu: Guard cpu_{save,load}() definitions
  target-openrisc: Register VMStateDescription for OpenRISCCPU
  ...

Merge remote-tracking branch 'kwolf/for-anthony' into staging

# By Stefan Hajnoczi (11) and others
# Via Kevin Wolf
* kwolf/for-anthony:
  cmd646: fix build when DEBUG_IDE is enabled.
  block: change default of .has_zero_init to 0
  vpc: Implement .bdrv_has_zero_init
  vmdk: remove wrong calculation of relative path
  gluster: Return bdrv_has_zero_init = 0
  block/ssh: Set bdrv_has_zero_init according to the file type.
  block: Make BlockJobTypes const
  qemu-iotests: add 055 drive-backup test case
  qemu-iotests: extract wait_until_completed() into iotests.py
  blockdev: add Abort transaction
  blockdev: add DriveBackup transaction
  blockdev: allow BdrvActionOps->commit() to be NULL
  blockdev: rename BlkTransactionStates to singular
  block: add drive-backup QMP command
  blockdev: use bdrv_getlength() in qmp_drive_mirror()
  blockdev: drop redundant proto_drv check
  block: add basic backup support to block driver
  block: add bdrv_add_before_write_notifier()
  notify: add NotiferWithReturn so notifier list can abort
  raw-posix: Fix /dev/cdrom magic on OS X

Message-id: 1372429509-29642-1-git-send-email-kwolf@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

cmd646: fix build when DEBUG_IDE is enabled.

Make sure we use the correct TARGET/PRI macros in the debug statements.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
CC: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block: change default of .has_zero_init to 0

.has_zero_init defaults to 1 for all formats and protocols.

this is a dangerous default since this means that all
new added drivers need to manually overwrite it to 0 if
they do not ensure that a device is zero initialized
after bdrv_create().

if a driver needs to explicitly set this value to
1 its easier to verify the correctness in the review process.

during review of the existing drivers it turned out
that ssh and gluster had a wrong default of 1.
both protocols support host_devices as backend
which are not by default zero initialized. this
wrong assumption will lead to possible corruption
if qemu-img convert is used to write to such a backend.

vpc and vmdk also defaulted to 1 altough they support
fixed respectively flat extends. this has to be addresses
in separate patches. both formats as well as the mentioned
ssh and gluster are turned to the default of 0 with this
patch for safety.

a similar problem with the wrong default existed for
iscsi most likely because the driver developer did
oversee the default value of 1.

Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

cpu: Turn cpu_unassigned_access() into a CPUState hook

Use it for all targets, but be careful not to pass invalid CPUState.
cpu_single_env can be NULL, e.g. on Xen.

Signed-off-by: Andreas Färber <afaerber@suse.de>

hwaddr: Make hwaddr type usable beyond softmmu

While not normally needed for *-user, it can safely be used there since
always based on uint64_t, to avoid ifdeffery.

To avoid accidental uses, move the guards from exec/hwaddr.h to its
inclusion sites. No need for them in include/hw/.

Prepares for hwaddr use in qom/cpu.h.

Signed-off-by: Andreas Färber <afaerber@suse.de>

cpu: Change qemu_init_vcpu() argument to CPUState

This allows to move the call into CPUState's realizefn.
Therefore move the stub into libqemustub.a.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>

cpus: Change qemu_dummy_start_vcpu() argument to CPUState

Pass it to qemu_dummy_cpu_thread_fn().
Use CPUState::env_ptr for cpu_single_env.

Prepares for changing qemu_init_vcpu() argument to CPUState.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>

cpus: Change qemu_kvm_start_vcpu() argument to CPUState

Pass it on to qemu_kvm_cpu_thread_fn().

Prepares for changing qemu_init_vcpu() argument to CPUState.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>

cpus: Change cpu_handle_guest_debug() argument to CPUState

CPUArchState is no longer needed.

Prepares for changing qemu_kvm_cpu_thread_fn() opaque to CPUState.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>

gdbstub: Set gdb_set_stop_cpu() argument to CPUState

Use CPUState::env_ptr for now.

Prepares for changing cpu_handle_guest_debug() argument to CPUState.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>