Andreas Färber [Tue, 2 Jul 2013 18:03:00 +0000 (20:03 +0200)]
target-microblaze: gen_intermediate_code_internal() should be inlined
Cc: qemu-stable@nongnu.org
Reported-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Tue, 2 Jul 2013 17:35:02 +0000 (19:35 +0200)]
target-lm32: gen_intermediate_code_internal() should be inlined
Cc: qemu-stable@nongnu.org
Reported-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Acked-by: Michael Walle <michael@walle.cc>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Tue, 2 Jul 2013 17:30:14 +0000 (19:30 +0200)]
target-cris: gen_intermediate_code_internal() should be inlined
Cc: qemu-stable@nongnu.org
Reported-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Wed, 26 Jun 2013 15:51:27 +0000 (17:51 +0200)]
target-i386: Don't overuse CPUArchState
Use CPUX86State instead in dump support code.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Fri, 21 Jun 2013 15:17:00 +0000 (17:17 +0200)]
target-s390x: Change handle_{hypercall,diag}() argument to S390CPU
This allows to get rid of the last remaining ENV_GET_CPU() in
target-s390x/ by using CPU() cast directly on the argument.
Cc: Jason J. Herne <jjherne@us.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Fri, 21 Jun 2013 15:04:45 +0000 (17:04 +0200)]
target-s390x: Don't overuse ENV_GET_CPU()
Commit
3474b679486caa8f6448bae974e131370f360c13 (Utilize selective
runtime reg sync for hot code paths) introduced two uses of
ENV_GET_CPU() inside target-s390x/ KVM code. In one case we can use a
direct CPU() cast instead.
Cc: Jason J. Herne <jjherne@us.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Fri, 21 Jun 2013 15:00:04 +0000 (17:00 +0200)]
target-ppc: Don't overuse ENV_GET_CPU()
Commit
b632a148b677b773ff155f9de840b37a653567b9 (target-ppc: QOM method
dispatch for MMU fault handling) introduced a use of ENV_GET_CPU()
inside target-ppc/ code. Use ppc_env_get_cpu() instead.
Purely cosmetic, non-functional change to aid in locating and removing
ENV_GET_CPU() usages.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Sun, 16 Jun 2013 15:10:28 +0000 (17:10 +0200)]
timer/arm_mptimer: Build arm_mptimer only once
Since current_cpu is CPUState it no longer depends on CPUARMState.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Sun, 16 Jun 2013 15:04:21 +0000 (17:04 +0200)]
intc/openpic: Build openpic only once
Since current_cpu is CPUState it no longer depends on CPUPPCState.
Move ppce500_set_mpic_proxy() to a new hw/ppc/ppc_e500.h because
hw/ppc/ppc.h is too heavily using CPUPPCState and PowerPCCPU.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Sun, 16 Jun 2013 14:42:03 +0000 (16:42 +0200)]
intc/arm_gic: Build arm_gic only once
Since current_cpu is CPUState it no longer needs CPUArchState.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Sun, 9 Jun 2013 17:51:23 +0000 (19:51 +0200)]
bsd-user: Change thread_env to CPUState
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Sun, 9 Jun 2013 17:47:04 +0000 (19:47 +0200)]
linux-user: Change thread_env to CPUState
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Wed, 29 May 2013 20:29:20 +0000 (22:29 +0200)]
cpu: Make first_cpu and next_cpu CPUState
Move next_cpu from CPU_COMMON to CPUState.
Move first_cpu variable to qom/cpu.h.
gdbstub needs to use CPUState::env_ptr for now.
cpu_copy() no longer needs to save and restore cpu_next.
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
[AF: Rebased, simplified cpu_copy()]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Mon, 24 Jun 2013 21:53:10 +0000 (23:53 +0200)]
linux-user: Clean up do_syscall() Coding Style for TARGET_NR_exit
In particular fix 6-/10-char indentation.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Mon, 27 May 2013 12:40:48 +0000 (14:40 +0200)]
kvm: Change kvm_remove_all_breakpoints() argument to CPUState
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Mon, 27 May 2013 03:17:50 +0000 (05:17 +0200)]
cpu: Replace cpu_single_env with CPUState current_cpu
Move it to qom/cpu.h.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Wed, 19 Jun 2013 15:37:31 +0000 (17:37 +0200)]
kvm: Free current_cpu identifier
Since CPU loops are done as last step in kvm_{insert,remove}_breakpoint()
and kvm_remove_all_breakpoints(), we do not need to distinguish between
invoking CPU and iterated CPUs and can thereby free the identifier for
use as a global variable.
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Fri, 10 May 2013 14:34:06 +0000 (16:34 +0200)]
cpu: Drop unnecessary dynamic casts in *_env_get_cpu()
A transition from CPUFooState to FooCPU can be considered safe,
just like FooCPU::env access in the opposite direction.
The only benefit of the FOO_CPU() casts would be protection against
bogus CPUFooState pointers, but then surrounding code would likely
break, too.
This should slightly improve interrupt etc. performance when going from
CPUFooState to FooCPU.
For any additional CPU() casts see
3556c233d931ad5ffa46a35cb25cfc057732ebb8
(qom: allow turning cast debugging off).
Reported-by: Anthony Liguori <aliguori@us.ibm.com>
Acked-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Peter Maydell [Fri, 28 Jun 2013 13:22:32 +0000 (14:22 +0100)]
linux-user: Move cpu_clone_regs() and cpu_set_tls() into linux-user
The functions cpu_clone_regs() and cpu_set_tls() are not purely CPU
related -- they are specific to the TLS ABI for a a particular OS.
Move them into the linux-user/ tree where they belong.
target-lm32 had entirely unused implementations, since it has no
linux-user target; just drop them.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber [Tue, 9 Jul 2013 18:50:52 +0000 (20:50 +0200)]
Revert "gdbstub: Simplify find_cpu()"
This reverts commit
c52a6b67c1d7c6fc9fb2e3ba988d7b978e1487d3, which
replaced cpu_index() with cpu_index field, leading to deviation from
thread ID for NTPL and off-by-one otherwise.
Reported-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Dongxue Zhang [Tue, 2 Jul 2013 09:11:55 +0000 (17:11 +0800)]
target-openrisc: Fix typename in openrisc_cpu_class_by_name()
Commit
478032a93d908e59085c1ac56f10979942e7dc4f (target-openrisc:
Rename CPU subtypes) suffixed CPU sub-types with "-or32-cpu" but forgot
to update openrisc_cpu_class_by_name(), so that it was still looking for
the types without suffix.
Make target-openrisc running OK by adding the suffix to the model name.
This means it is no longer possible to use -cpu or1200-or32-cpu or
-cpu any-or32-cpu though.
Cc: qemu-stable@nongnu.org
Signed-off-by: Dongxue Zhang <elta.era@gmail.com>
Tested-by: Jia Liu <proljc@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Anthony Liguori [Mon, 8 Jul 2013 13:00:23 +0000 (08:00 -0500)]
Merge remote-tracking branch 'mst/tags/for_anthony' into staging
pci,misc enhancements
This includes some pci enhancements:
Better support for systems with multiple PCI root buses
FW cfg interface for more robust pci programming in BIOS
Minor fixes/cleanups for fw cfg and cross-version migration -
because of dependencies with other patches
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Sun 07 Jul 2013 03:11:18 PM CDT using RSA key ID
D28D5469
# gpg: Can't check signature: public key not found
# By David Gibson (10) and others
# Via Michael S. Tsirkin
* mst/tags/for_anthony:
pci: Fold host_buses list into PCIHostState functionality
pci: Remove domain from PCIHostBus
pci: Simpler implementation of primary PCI bus
pci: Add root bus parameter to pci_nic_init()
pci: Add root bus argument to pci_get_bus_devfn()
pci: Replace pci_find_domain() with more general pci_root_bus_path()
pci: Use helper to find device's root bus in pci_find_domain()
pci: Abolish pci_find_root_bus()
pci: Move pci_read_devaddr to pci-hotplug-old.c
pci: Cleanup configuration for pci-hotplug.c
pvpanic: fix fwcfg for big endian hosts
pvpanic: initialization cleanup
MAINTAINERS: s/Marcelo/Paolo/
e1000: cleanup process_tx_desc
pc_piix: cleanup init compat handling
pc: pass PCI hole ranges to Guests
pci: store PCI hole ranges in guestinfo structure
range: add Range structure
Message-id:
1373228271-31223-1-git-send-email-mst@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
David Gibson [Thu, 6 Jun 2013 08:48:54 +0000 (18:48 +1000)]
pci: Fold host_buses list into PCIHostState functionality
The host_buses list is an odd structure - a list of pointers to PCI root
buses existing in parallel to the normal qdev tree structure. This patch
removes it, instead putting the link pointers into the PCIHostState
structure, which have a 1:1 relationship to PCIHostBus structures anyway.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
David Gibson [Thu, 6 Jun 2013 08:48:53 +0000 (18:48 +1000)]
pci: Remove domain from PCIHostBus
There are now no users of the domain field of PCIHostBus, so remove it
from the structure, and as a parameter from the pci_host_bus_register()
function which sets it.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
David Gibson [Thu, 6 Jun 2013 08:48:52 +0000 (18:48 +1000)]
pci: Simpler implementation of primary PCI bus
Currently pci_find_primary_bus() searches the list of root buses for one
with domain 0. But since host buses are always registered with domain 0,
this just amounts to finding the only PCI host bus. The only remaining
users of pci_find_primary_bus() are in pci-hotplug-old.c, which implements
the old style pci_add/pci_del commands.
Therefore, this patch redefines pci_find_primary_bus() to find the only
PCI root bus, returning an error if there are multiple roots. The callers
in pci-hotplug-old.c are updated correspondingly, to produce sensible
error messages.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
David Gibson [Thu, 6 Jun 2013 08:48:51 +0000 (18:48 +1000)]
pci: Add root bus parameter to pci_nic_init()
At present, pci_nic_init() and pci_nic_init_nofail() assume that they will
only create a NIC under the primary PCI root. As we add support for
multiple PCI roots, that may no longer be the case. This patch adds a root
bus parameter to pci_nic_init() (and updates callers accordingly) to allow
the machine init code using it to specify the right PCI root for NICs
created by old-style -net nic parameters. NICs created new-style, with
-device can of course be put anywhere.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
David Gibson [Thu, 6 Jun 2013 08:48:50 +0000 (18:48 +1000)]
pci: Add root bus argument to pci_get_bus_devfn()
pci_get_bus_devfn() interprets a full PCI address string to give a PCIBus *
and device/function number within that bus. Currently it assumes it is
working on an address under the primary PCI root bus. This patch extends
it to allow the caller to specify a root bus. This might seem a little odd
since the supplied address can (theoretically) include a PCI domain number.
However, attempting to use a non-zero domain number there is currently an
error, so that shouldn't really cause problems.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
David Gibson [Thu, 6 Jun 2013 08:48:49 +0000 (18:48 +1000)]
pci: Replace pci_find_domain() with more general pci_root_bus_path()
pci_find_domain() is used in a number of places where we want an id for a
whole PCI domain (i.e. the subtree under a PCI root bus). The trouble is
that many platforms may support multiple independent host bridges with no
hardware supplied notion of domain number.
This patch, therefore, replaces calls to pci_find_domain() with calls to
a new pci_root_bus_path() returning a string. The new call is implemented
in terms of a new callback in the host bridge class, so it can be defined
in some way that's well defined for the platform. When no callback is
available we fall back on the qbus name.
Most current uses of pci_find_domain() are for error or informational
messages, so the change in identifiers should be harmless. The exception
is pci_get_dev_path(), whose results form part of migration streams. To
maintain compatibility with old migration streams, the PIIX PCI host is
altered to always supply "0000" for this path, which matches the old domain
number (since the code didn't actually support domains other than 0).
For the pseries (spapr) PCI bridge we use a different platform-unique
identifier (pseries machines can routinely have dozens of PCI host
bridges). Theoretically that breaks migration streams, but given that we
don't yet have migration support for pseries, it doesn't matter.
Any other machines that have working migration support including PCI
devices will need to be updated to maintain migration stream compatibility.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
David Gibson [Thu, 6 Jun 2013 08:48:48 +0000 (18:48 +1000)]
pci: Use helper to find device's root bus in pci_find_domain()
Currently pci_find_domain() performs two functions - it locates the PCI
root bus above the given bus, then looks up that root bus's domain number.
This patch adds a helper function to perform the first task, finding the
root bus for a given PCI device. This is then used in pci_find_domain().
This changes pci_find_domain()'s signature slightly, taking a PCIDevice
instead of a PCIBus - since all callers passed something of the form
dev->bus, this simplifies things slightly.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
David Gibson [Thu, 6 Jun 2013 08:48:47 +0000 (18:48 +1000)]
pci: Abolish pci_find_root_bus()
pci_find_root_bus() takes a domain parameter. Currently PCI root buses
with domain other than 0 can't be created, so this is more or less a long
winded way of retrieving the main PCI root bus. Numbered domains don't
actually properly cover the (non x86) possibilities for multiple PCI root
buses, so this patch for now enforces the domain == 0 restriction in other
places to replace pci_find_root_bus() with an explicit
pci_find_primary_bus().
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Jia Liu [Tue, 2 Jul 2013 12:55:17 +0000 (20:55 +0800)]
MAINTAINERS: Add myself into MAINTAINERS file
Add myself into MAINTAINERS file, I'll looking at target-openrisc
and hw/openrisc.
Signed-off-by: Jia Liu <proljc@gmail.com>
Message-id:
1372769717-852-1-git-send-email-proljc@gmail.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Peter Maydell [Mon, 24 Jun 2013 10:49:32 +0000 (11:49 +0100)]
MAINTAINERS: fix bad F: patterns
This patch fixes a number of incorrect F: patterns which didn't
match any files in the source tree. This was caused by a mix
of minor typos (- for _ and the like) and a few entries which
hadn't been correctly updated following the rearrangement of hw/.
Offending entries were located with the following shell rune:
for pattern in $(sed -ne 's/^F: //p' MAINTAINERS); do
if ! stat --printf='' $pattern 2>/dev/null; then
echo bad pattern: $pattern
fi
done
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Message-id:
1372070972-30776-1-git-send-email-peter.maydell@linaro.org
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Sun, 7 Jul 2013 16:28:01 +0000 (11:28 -0500)]
Merge remote-tracking branch 'stefanha/block' into staging
# By Fam Zheng (2) and Stefan Hajnoczi (1)
# Via Stefan Hajnoczi
* stefanha/block:
block: fix bdrv_flush() ordering in bdrv_close()
curl: refuse to open URL from HTTP server without range support
vmdk: Implement .bdrv_has_zero_init
Message-id:
1373023972-3587-1-git-send-email-stefanha@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Anthony Liguori [Sun, 7 Jul 2013 16:19:27 +0000 (11:19 -0500)]
Merge remote-tracking branch 'bonzini/iommu-for-anthony' into staging
# By Paolo Bonzini (50) and others
# Via Paolo Bonzini
* bonzini/iommu-for-anthony: (66 commits)
exec: change some APIs to take AddressSpaceDispatch
exec: remove cur_map
exec: put memory map in AddressSpaceDispatch
exec: separate current radix tree from the one being built
exec: move listener from AddressSpaceDispatch to AddressSpace
memory: move MemoryListener declaration earlier
exec: separate current memory map from the one being built
exec: change well-known physical sections to macros
qom: Use atomics for object refcounting
memory: add reference counting to FlatView
memory: use a new FlatView pointer on every topology update
memory: access FlatView from a local variable
add a header file for atomic operations
hw/[u-x]*: pass owner to memory_region_init* functions
hw/t*: pass owner to memory_region_init* functions
hw/s*: pass owner to memory_region_init* functions
hw/p*: pass owner to memory_region_init* functions
hw/n*: pass owner to memory_region_init* functions
hw/m*: pass owner to memory_region_init* functions
hw/i*: pass owner to memory_region_init* functions
...
Message-id:
1372950842-32422-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Stefan Hajnoczi [Tue, 2 Jul 2013 13:36:25 +0000 (15:36 +0200)]
block: fix bdrv_flush() ordering in bdrv_close()
Since
80ccf93b we flush the block device during close. The
bdrv_drain_all() call should come before bdrv_flush() to ensure guest
write requests have completed. Otherwise we may miss pending writes
when flushing.
Call bdrv_drain_all() again for safety as the final step after
bdrv_flush(). This should not be necessary but we can be paranoid here
in case bdrv_flush() left I/O pending.
Cc: qemu-stable@nongnu.org
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Fam Zheng [Tue, 2 Jul 2013 07:19:21 +0000 (15:19 +0800)]
curl: refuse to open URL from HTTP server without range support
CURL driver requests partial data from server on guest IO req. For HTTP
and HTTPS, it uses "Range: ***" in requests, and this will not work if
server not accepting range. This patch does this check when open.
* Removed curl_size_cb, which is not used: On one hand it's registered to
libcurl as CURLOPT_WRITEFUNCTION, instead of CURLOPT_HEADERFUNCTION,
which will get called with *data*, not *header*. On the other hand the
s->len is assigned unconditionally later.
In this gone function, the sscanf for "Content-Length: %zd", on
(void *)ptr, which is not guaranteed to be zero-terminated, is
potentially a security bug. So this patch fixes it as a side-effect. The
bug is reported as: https://bugs.launchpad.net/qemu/+bug/
1188943
(Note the bug is marked "private" so you might not be able to see it)
* Introduced curl_header_cb, which is used to parse header and mark the
server as accepting range if "Accept-Ranges: bytes" line is seen from
response header. If protocol is HTTP or HTTPS, but server response has
no not this support, refuse to open this URL.
Note that python builtin module SimpleHTTPServer is an example of not
supporting range, if you need to test this driver, get a better server
or use internet URLs.
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Fam Zheng [Mon, 1 Jul 2013 03:33:17 +0000 (11:33 +0800)]
vmdk: Implement .bdrv_has_zero_init
Depending on the subformat, has_zero_init queries underlying storage for
flat extent. If it has a flat extent and its underlying storage doesn't
have zero init, return 0. Otherwise return 1.
Aligns the operator assignments.
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Paolo Bonzini [Sun, 2 Jun 2013 13:27:39 +0000 (15:27 +0200)]
exec: change some APIs to take AddressSpaceDispatch
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 29 May 2013 10:30:26 +0000 (12:30 +0200)]
exec: remove cur_map
cur_map is not used anymore; instead, each AddressSpaceDispatch
has its own nodes/sections pair. The priorities of the
MemoryListeners, and in the future RCU, guarantee that the
nodes/sections are not freed while they are still in use.
(In fact, next_map itself is not needed except to free the data on the
next update).
To avoid incorrect use, replace cur_map with a temporary copy that
is only valid while the topology is being updated. If you use it,
the name prev_map makes it clear that you're doing something weird.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 29 May 2013 10:28:21 +0000 (12:28 +0200)]
exec: put memory map in AddressSpaceDispatch
After this patch, AddressSpaceDispatch holds a constistent tuple of
(phys_map, nodes, sections). This will be important when updates
of the topology will run concurrently with reads.
cur_map is not used anymore except for freeing it at the end of the
topology update.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 29 May 2013 10:13:54 +0000 (12:13 +0200)]
exec: separate current radix tree from the one being built
This same treatment previously done to phys_node_map and phys_sections
is now applied to the dispatch field of AddressSpace. Topology updates
use as->next_dispatch while accesses use as->dispatch.
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Sun, 2 Jun 2013 08:39:07 +0000 (10:39 +0200)]
exec: move listener from AddressSpaceDispatch to AddressSpace
This will help having two copies of AddressSpaceDispatch during the
recreation of the radix tree (one being built, and one that is complete
and will be protected by RCU). We do not want to have to unregister and
re-register the listener.
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Sun, 2 Jun 2013 13:20:47 +0000 (15:20 +0200)]
memory: move MemoryListener declaration earlier
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 29 May 2013 10:09:47 +0000 (12:09 +0200)]
exec: separate current memory map from the one being built
Currently, phys_node_map and phys_sections are shared by all
of the AddressSpaceDispatch. When updating mem topology, all
AddressSpaceDispatch will rebuild dispatch tables sequentially
on them. In order to prepare for RCU access, leave the old
memory map alive while the next one is being accessed.
When rebuilding, the new dispatch tables will build and lookup
next_map; after all dispatch tables are rebuilt, we can switch
to next_* and free the previous table.
Based on a patch from Liu Ping Fan.
Signed-off-by: Liu Ping Fan <qemulist@gmail.com>
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Liu Ping Fan [Wed, 29 May 2013 09:09:17 +0000 (11:09 +0200)]
exec: change well-known physical sections to macros
Sections like phys_section_unassigned always have fixed address
in phys_sections. Declared as macro, so we can use them
when having more than one phys_sections array.
Signed-off-by: Liu Ping Fan <pingfank@linux.vnet.ibm.com>
Signed-off-by: Liu Ping Fan <qemulist@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Tue, 2 Jul 2013 09:36:39 +0000 (11:36 +0200)]
qom: Use atomics for object refcounting
Object reference counts will soon be changed outside the BQL. So we need
to use atomics in object_ref/unref.
Based on a patch by Liu Ping Fan.
Signed-off-by: Liu Ping Fan <qemulist@gmail.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Mon, 6 May 2013 09:57:21 +0000 (11:57 +0200)]
memory: add reference counting to FlatView
With this change, a FlatView can be used even after a concurrent
update has replaced it. Because we do not yet have RCU, we use a
mutex to protect the small critical sections that read/write the
as->current_map pointer. Accesses to the FlatView can be done
outside the mutex.
If a MemoryRegion will be used after the FlatView is unref-ed (or after
a MemoryListener callback is returned), a reference has to be added to
that MemoryRegion. memory_region_find already does it for the region
that it returns. The same will be done for address_space_translate
as soon as the dispatch tree is also converted to RCU-style.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Mon, 6 May 2013 08:29:07 +0000 (10:29 +0200)]
memory: use a new FlatView pointer on every topology update
This is the first step towards converting as->current_map to
RCU-style updates, where the FlatView updates run concurrently
with uses of an old FlatView.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Mon, 6 May 2013 08:26:13 +0000 (10:26 +0200)]
memory: access FlatView from a local variable
We will soon require accesses to as->current_map to be placed under
a lock (with reference counting so as to keep the critical section
small). To simplify this change, always fetch as->current_map into
a local variable and access it through that variable.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Mon, 13 May 2013 11:29:47 +0000 (13:29 +0200)]
add a header file for atomic operations
We're already using them in several places, but __sync builtins are just
too ugly to type, and do not provide seqcst load/store operations.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:25:08 +0000 (21:25 -0400)]
hw/[u-x]*: pass owner to memory_region_init* functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:25:08 +0000 (21:25 -0400)]
hw/t*: pass owner to memory_region_init* functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:25:08 +0000 (21:25 -0400)]
hw/s*: pass owner to memory_region_init* functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:25:08 +0000 (21:25 -0400)]
hw/p*: pass owner to memory_region_init* functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:25:08 +0000 (21:25 -0400)]
hw/n*: pass owner to memory_region_init* functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:25:08 +0000 (21:25 -0400)]
hw/m*: pass owner to memory_region_init* functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:25:08 +0000 (21:25 -0400)]
hw/i*: pass owner to memory_region_init* functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:25:08 +0000 (21:25 -0400)]
hw/gpio: pass owner to memory_region_init* functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:25:08 +0000 (21:25 -0400)]
hw/d*: pass owner to memory_region_init* functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:25:08 +0000 (21:25 -0400)]
hw/c*: pass owner to memory_region_init* functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:25:08 +0000 (21:25 -0400)]
hw/block: pass owner to memory_region_init* functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:25:08 +0000 (21:25 -0400)]
hw/a*: pass owner to memory_region_init* functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:19:53 +0000 (21:19 -0400)]
piolist: add owner argument to initialization functions and pass devices
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 25 Jun 2013 10:33:01 +0000 (12:33 +0200)]
pam: pass device to init_pam and use it to set owner
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 25 Jun 2013 10:32:25 +0000 (12:32 +0200)]
spapr_iommu: pass device to spapr_tce_new_table and use it to set owner
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 25 Jun 2013 10:31:46 +0000 (12:31 +0200)]
vfio: pass device to vfio_mmap_bar and use it to set owner
Cc: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 25 Jun 2013 13:04:35 +0000 (15:04 +0200)]
ne2000: pass device to ne2000_setup_io, use it as owner
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:21:13 +0000 (21:21 -0400)]
vga: set owner in vga_update_memory_access
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:21:13 +0000 (21:21 -0400)]
vga: pass owner to vga_init_io
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:21:13 +0000 (21:21 -0400)]
vga: pass owner to vga_init_vbe
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:21:13 +0000 (21:21 -0400)]
vga: pass owner to cirrus_init_common
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:21:13 +0000 (21:21 -0400)]
vga: pass owner to vga_common_init
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 7 Jun 2013 01:21:13 +0000 (21:21 -0400)]
vga: pass owner to vga_init
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 25 Jun 2013 13:02:38 +0000 (15:02 +0200)]
escc: rename struct to ESCCState
We are using the same struct name for two devices. 8250 is widespread
enough that this causes some confusion, rename the other instance.
Reviewed-by: Andreas Faerber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 28 Jun 2013 15:33:29 +0000 (17:33 +0200)]
memory: ref/unref memory across address_space_map/unmap
The iothread mutex might be released between map and unmap, so the
mapped region might disappear.
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 28 Jun 2013 15:29:27 +0000 (17:29 +0200)]
exec: reorganize address_space_map
First of all, rename "todo" to "done".
Second, clearly separate the case of done == 0 with the case of done != 0.
This will help handling reference counting in the next patch.
Third, this test:
if (memory_region_get_ram_addr(mr) + xlat != raddr + todo) {
does not guarantee that the memory region is the same across two iterations
of the while loop. For example, you could have two blocks:
A) size 640 K, mapped at physical address 0, ram_addr_t 0
B) size 64 K, mapped at physical address 0xa0000, ram_addr_t 0xa0000
then mapping 1 M starting at physical address zero will erroneously treat
B as the continuation of block A. qemu_ram_ptr_length ensures that no
invalid memory is accessed, but it is still a pointless complication of
the algorithm. The patch makes the logic clearer with an explicit test
that the memory region is the same.
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Mon, 6 May 2013 12:36:15 +0000 (14:36 +0200)]
memory: return MemoryRegion from qemu_ram_addr_from_host
It will be needed in the next patch.
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Mon, 3 Jun 2013 10:44:02 +0000 (12:44 +0200)]
exec: move qemu_ram_addr_from_host_nofail to cputlb.c
After the next patch it would not be used elsewhere anyway. Also,
the _nofail and the standard versions of this function return different
things, which is confusing. Removing the function from the public headers
limits the confusion.
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Mon, 6 May 2013 12:28:39 +0000 (14:28 +0200)]
exec: check MRU in qemu_ram_addr_from_host
This function is not used outside the iothread mutex, so it
can use ram_list.mru_block.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Mon, 6 May 2013 08:46:11 +0000 (10:46 +0200)]
memory: add ref/unref calls
Add ref/unref calls at the following places:
- places where memory regions are stashed by a listener and
used outside the BQL (including in Xen or KVM).
- memory_region_find callsites
- creation of aliases and containers (only the aliased/contained
region gets a reference to avoid loops)
- around calls to del_subregion/add_subregion, where the region
could disappear after the first call
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 2 Jul 2013 11:40:48 +0000 (13:40 +0200)]
memory: introduce memory_region_present
This new API will avoid having too many memory_region_ref/unref
in paths that currently use memory_region_find.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 7 May 2013 07:06:00 +0000 (09:06 +0200)]
memory: add ref/unref
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 7 May 2013 04:59:09 +0000 (06:59 +0200)]
memory: add getter for owner
Whenever memory regions are accessed outside the BQL, they need to be
preserved against hot-unplug. MemoryRegions actually do not have their
own reference count; they piggyback on a QOM object, their "owner".
The owner is set at creation time, and there is a function to retrieve
the owner.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 29 May 2013 10:07:03 +0000 (12:07 +0200)]
exec: simplify destruction of the phys map
Do not bother visiting the radix tree when an address space is destroyed.
After the previous patch, this has become a pointless exercise. When
called from address_space_destroy_dispatch, all you're doing is zeroing
out a structure that will be freed as soon as you come back. When called
from mem_begin, when phys_page_set_level will call phys_map_node_alloc the
radix tree's array will be zeroed too.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 25 Jun 2013 07:30:48 +0000 (09:30 +0200)]
memory: destroy phys_sections one by one
phys_sections_clear is invoked after the dispatch tree has been
destroyed. This leaves a window where phys_sections_nb > 0 but the
subpages are not valid anymore, which is a recipe for use-after-free
bugs.
Move the destruction of subpages in phys_sections_clear. We will
still destroy the subpages when an address space is cleaned up,
because address_space_destroy will clear as->root and commit the
change before it calls address_space_destroy_dispatch.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Thu, 6 Jun 2013 09:41:28 +0000 (05:41 -0400)]
memory: add owner argument to initialization functions
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Sat, 22 Jun 2013 06:07:07 +0000 (08:07 +0200)]
ioport: Move portio types to ioport.h
This decouples memory.h from ioport.h, concentrating all portio related
types in a single header.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Sat, 22 Jun 2013 06:07:06 +0000 (08:07 +0200)]
vmport: Disentangle read handler type from portio
In case the latter may vanish one day, make sure the vmport read handler
type will remain unaffected. This is also conceptually cleaner.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Sat, 22 Jun 2013 06:07:05 +0000 (08:07 +0200)]
ioport: Remove unused old dispatching services
Remove unused ioport_register and isa_unassign_ioport along with
everything that only those services used.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Mon, 24 Jun 2013 08:45:09 +0000 (10:45 +0200)]
ioport: Switch dispatching to memory core layer
The current ioport dispatcher is a complex beast, mostly due to the
need to deal with old portio interface users. But we can overcome it
without converting all portio users by embedding the required base
address of a MemoryRegionPortio access into that data structure. That
removes the need to have the additional MemoryRegionIORange structure
in the loop on every access.
To handle old portio memory ops, we simply install dispatching handlers
for portio memory regions when registering them with the memory core.
This removes the need for the old_portio field.
We can drop the additional aliasing of ioport regions and also the
special address space listener. cpu_in and cpu_out now simply call
address_space_read/write. And we can concentrate portio handling in a
single source file.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Sat, 22 Jun 2013 06:07:03 +0000 (08:07 +0200)]
xen: Mark fixed platform I/O as unaligned
Before switching to the memory core dispatcher, we need to make sure
that this pv-device will continue to receive unaligned portio accesses.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Sat, 22 Jun 2013 06:07:02 +0000 (08:07 +0200)]
vmware-vga: Accept unaligned I/O accesses
Before switching to the memory core dispatcher, we need to make sure
that this pv-device will continue to receive unaligned portio accesses.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Sat, 22 Jun 2013 06:07:01 +0000 (08:07 +0200)]
isa: implement isa_is_ioport_assigned via memory_region_find
Open-code isa_is_ioport_assigned via a memory region lookup. As all IO
ports are now directly or indirectly registered via the memory API, this
becomes possible and will finally allow us to drop the ioport tables.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Sat, 22 Jun 2013 06:07:00 +0000 (08:07 +0200)]
Privatize register_ioport_read/write
No more users outside of ioport.c.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Sat, 22 Jun 2013 06:06:59 +0000 (08:06 +0200)]
vt82c686: replace register_ioport*
Convert over to memory regions to obsolete register_ioport*.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Sat, 22 Jun 2013 06:06:58 +0000 (08:06 +0200)]
prep: replace register_ioport*
Convert over to memory regions to obsolete register_ioport*.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Sat, 22 Jun 2013 06:06:57 +0000 (08:06 +0200)]
i82374: replace register_ioport*
Convert over to memory regions to obsolete register_ioport*.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Sat, 22 Jun 2013 06:06:56 +0000 (08:06 +0200)]
wdt_ib700: replace register_ioport*
Convert over to memory regions to obsolete register_ioport*.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Sat, 22 Jun 2013 06:06:55 +0000 (08:06 +0200)]
applesmc: replace register_ioport*
Convert over to memory regions to obsolete register_ioport*.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jan Kiszka [Sat, 22 Jun 2013 06:06:54 +0000 (08:06 +0200)]
adlib: replace register_ioport*
Convert over to memory regions to obsolete register_ioport*.
CC: malc <av1474@comtv.ru>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>