aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-01-07target-ppc: Introduce tbeginTom Musta
Provide a degenerate implementation of the tbegin instruction. This implementation always fails the transaction, recording the failure per Book II Section 5.3.2 of the Power ISA V2.07. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Introduce TEXASRU Bit FieldsTom Musta
Define mnemonics for the various bit fields in the Transaction EXception And Summary Register (TEXASR). Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Power8 Supports Transactional MemoryTom Musta
The Power8 processor implements the Transactional Memory Facility as defined in Power ISA 2.07. Update the initialization code to indicate this. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Introduce tm_enabled Bit to CPU StateTom Musta
Add a bit (tm_enabled) to CPU state that mirrors the MSR[TM] bit. This is analogous to the other "available" bits in the MSR (FP, VSX, etc.). NOTE: Since MSR[TM] occupies big-endian bit 31, the code is wrapped with a PPC64 bit check. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Introduce Feature Flag for Transactional MemoryTom Musta
Add a flag (POWERPC_FLAG_TM) for the Transactional Memory Facility introduced in Power ISA 2.07. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Introduce Instruction Type for Transactional MemoryTom Musta
Add a category (PPC2_TM) for the Transactional Memory instructions introduced in Power ISA 2.07. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07pseries: Update SLOF firmware image to 20141202Alexey Kardashevskiy
The changelog is: > version: update to 20141202 > ipv4: Fix send packet across a subnet > pci: scan only type 0 and type 1 > usb-xhci: support xhci extended capabilities > Fix term-io-key to also work when stdin has not been set yet > net-snk: llfw startup is using the wrong offset to handler > net-snk: Make call_client_interface() a bit more ABI compliant > net-snk: Remove custom printf version > net-snk: Sanitize our .lds file > net-snk: Avoid type clash for stdin & stdout > net-snk: use socket descriptor in the network stack > net-snk: Remove printk() in favor of printf() > net-snk: Remove redundant prototypes > net-snk: Remove unused timer functions > net-snk: Remove some unused PCI functions > net-snk: Remove module system > net-snk: Remove insmod/rmmod > net-snk: Remove snk_kernel_interface and related definitions > net-snk: Remove pci/vio_config gunk > js2x: Fix build > net-snk: Remoe some now unused "kernel" functions > rtas: Improve error handling in instantiate-rtas > version: update to 20140827 > Add private HCALL to inform updated RTAS base and entry > xhci: fix port assignment Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07PPC: Fix crash on spapr_tce_table_finalize()David Gibson
spapr_tce_table_finalize() can SEGV if the object was not previously realized. In particular this can be triggered by running qemu-system-ppc -device spapr-tce-table,? The basic problem is that we have mismatched initialization versus finalization: spapr_tce_table_finalize() is attempting to undo things that are done in spapr_tce_table_realize(), not an instance_init function. Therefore, replace spapr_tce_table_finalize() with spapr_tce_table_unrealize(). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Cc: qemu-stable@nongnu.org Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07ppc: do not use get_clock_realtime()Paolo Bonzini
Use the external qemu-timer API instead. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07device-tree: fix memory leakSergey Fedorov
Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07spapr: Fix stale HTAB during live migration (TCG)Samuel Mendoza-Jonas
If a TCG guest reboots during a running migration HTAB entries are not marked dirty, and the destination boots with an invalid HTAB. When a reboot occurs, explicitly mark the current HTAB dirty after clearing it. Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com> Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07spapr: Fix integer overflow during migration (TCG)Samuel Mendoza-Jonas
The n_valid and n_invalid fields are unsigned short integers but it is possible to have more than 65535 entries in a contiguous hunk, overflowing the field. This results in an incorrect HTAB being sent to the destination during migration. Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com> Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07spapr: Fix stale HTAB during live migration (KVM)Samuel Mendoza-Jonas
If a guest reboots during a running migration, changes to the hash page table are not necessarily updated on the destination. Opening a new file descriptor to the HTAB forces the migration handler to resend the entire table. Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com> Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: explicitly save page table headers in big endianCédric Le Goater
Currently, when the page tables are saved, the kvm_get_htab_header structs and the ptes are assumed being big endian and dumped as a indistinct blob in the statefile. This is no longer true when the host is little endian and this breaks restoration. This patch unfolds the kvmppc_save_htab routine to write explicitly the kvm_get_htab_header structs in big endian. The ptes are left untouched. Signed-off-by: Cédric Le Goater <clg@fr.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Eliminate set_fprf Argument From helper_compute_fprfTom Musta
The set_fprf argument to the helper_compute_fprf helper function is no longer necessary -- the helper is only invoked when FPSCR[FPRF] is going to be set. Eliminate the unnecessary argument from the function signature and its corresponding implementation. Change the return value of the helper to "void". Update the name of the local variable "ret" to "fprf", which now makes more sense. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Eliminate set_fprf Argument From gen_compute_fprfTom Musta
The set_fprf argument to the gen_compute_fprf() utility is no longer needed -- gen_compute_fprf() is now called only when FPRF is actually computed and set. Eliminate the obsolete argument. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Fully Migrate to gen_set_cr1_from_fpscrTom Musta
Eliminate the set_rc argument from the gen_compute_fprf utility and the corresponding (and incorrect) implementation. Replace it with calls to the gen_set_cr1_from_fpscr() utility. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: mffs. Should Set CR1 from FPSCR BitsTom Musta
Update the Move From FPSCR (mffs.) instruction to correctly set CR[1] from FPSCR[FX,FEX,VX,OX]. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Fix Floating Point Move Instructions That Set CR1Tom Musta
The Floating Point Move instructions (fmr., fabs., fnabs., fneg., and fcpsgn.) incorrectly copy FPSCR[FPCC] instead of [FX,FEX,VX,OX]. Furthermore, the current code does this via a call to gen_compute_fprf, which is awkward since these instructions do not actually set FPRF. Change the code to use the gen_set_cr1_from_fpscr utility. Signed-off-by: Tom Musta <tommusta@gmail.com> [agraf: whitespace fixes] Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: VXSQRT Should Not Be Set for NaNsTom Musta
The Power ISA square root instructions (fsqrt[s], frsqrte[s]) must set the FPSCR[VXSQRT] flag when operating on a negative value. However, NaNs have no sign and therefore this flag should not be set when operating on one. Change the order of the checks in the helper code. Move the SNaN-to-QNaN macro to the top of the file so that it can be re-used. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Load/Store Vector Element Storage AlignmentTom Musta
The Load Vector Element Indexed and Store Vector Element Indexed instructions compute an effective address in the usual manner. However, they truncate that address to the natural boundary. For example, the lvewx instruction will ignore the least significant two bits of the address and thus load the aligned word of storage. Fix the generators for these instruction to properly perform this truncation. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07PPC: e500 pci host: Add support for ATMUsAlexander Graf
The e500 PCI controller has configurable windows that allow a guest OS to selectively map parts of the PCI bus space to CPU address space and to selectively map parts of the CPU address space for DMA requests into PCI visible address ranges. So far, we've simply assumed that this mapping is 1:1 and ignored it. However, the PCICSRBAR (CCSR mapped in PCI bus space) always has to live inside the first 32bits of address space. This means if we always treat all mappings as 1:1, this map will collide with our RAM map from the CPU's point of view. So this patch adds proper ATMU support which allows us to keep the PCICSRBAR below 32bits local to the PCI bus and have another, different window to PCI BARs at the upper end of address space. We leverage this on e500plat though, mpc8544ds stays virtually 1:1 like it was before, but now also goes via ATMU. With this patch, I can run guests with lots of RAM and not coincidently access MSI-X mappings while I really want to access RAM. Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07PPC: mpc8554ds: Tell user about exceeding RAM limitsAlexander Graf
The mpc8544ds board only supports up to 3GB of RAM due to its limited address space. When the user requests more, abort and tell him that he should use less. Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07PPC: e500: Move CCSR and MMIO space to upper end of address spaceAlexander Graf
On e500 we're basically guaranteed to have 36bits of physical address space available for our enjoyment. Older chips (like the mpc8544) only had 32bits, but everything from e500v2 onwards bumped it up. It's reasonably safe to assume that if you're using the PV machine, your guest kernel is configured to support 36bit physical address space. So in order to support more guest RAM, we can move CCSR and other MMIO windows right below the end of our 36bit address space, just like later SoC versions of e500 do. With this patch, I'm able to successfully spawn an e500 VM with -m 48G. Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07PPC: e500: Move CCSR definition to paramsAlexander Graf
We want to have different MMIO region offsets for the mpc8544ds machine and our e500 PV machine, so move the definitions of those into the machine specific params struct. Signed-off-by: Alexander Graf <agraf@suse.de>
2014-12-23Merge remote-tracking branch ↵Peter Maydell
'remotes/pmaydell/tags/pull-target-arm-20141223' into staging target-arm queue: * enable 32-bit EL3 (TrustZone) for vexpress and virt boards * add fw_cfg device to virt board for UEFI firmware config * support passing commandline kernel/initrd to firmware # gpg: Signature made Tue 23 Dec 2014 13:50:33 GMT using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" * remotes/pmaydell/tags/pull-target-arm-20141223: (31 commits) hw/arm/virt: enable passing of EFI-stubbed kernel to guest UEFI firmware hw/arm: pass pristine kernel image to guest firmware over fw_cfg hw/loader: split out load_image_gzipped_buffer() arm: add fw_cfg to "virt" board fw_cfg_mem: expose the "data_width" property with fw_cfg_init_mem_wide() fw_cfg_mem: introduce the "data_width" property exec: allows 8-byte accesses in subpage_ops fw_cfg_mem: flip ctl_mem_ops and data_mem_ops to DEVICE_BIG_ENDIAN fw_cfg_mem: max access size and region size are the same for data register fw_cfg: move boards to fw_cfg_init_io() / fw_cfg_init_mem() fw_cfg: hard separation between the MMIO and I/O port mappings target-arm: add cpu feature EL3 to CPUs with Security Extensions target-arm: Disable EL3 on unsupported machines target-arm: Breakout integratorcp and versatilepb cpu init target-arm: Set CPU has_el3 prop during virt init target-arm: Enable CPU has_el3 prop during VE init target-arm: Add arm_boot_info secure_boot control target-arm: Add ARMCPU secure property target-arm: Add feature unset function target-arm: Add virt machine secure property ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-23Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20141222.0' ↵Peter Maydell
into staging VFIO updates: - Conversion to tracepoints (Eric Auger) - Fix memory listener address space (Frank Blaschka) - Move to hw/vfio/ and split common vs pci (Eric Auger & Kim Phillips) - Trivial error_report() fixes (Alex Williamson) In addition to enabling S390 with the address space fix and updating to use tracepoints rather than compile time debug, this set of patches moves hw/misc/vfio.c to hw/vfio/ and paves the way for vfio-platform support by splitting common functionality from PCI specific code. # gpg: Signature made Mon 22 Dec 2014 20:19:43 GMT using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@redhat.com>" # gpg: aka "Alex Williamson <alex@shazbot.org>" # gpg: aka "Alex Williamson <alwillia@redhat.com>" # gpg: aka "Alex Williamson <alex.l.williamson@gmail.com>" * remotes/awilliam/tags/vfio-update-20141222.0: vfio: Cleanup error_report()s hw/vfio: create common module hw/vfio/pci: use name field in format strings hw/vfio/pci: rename group_list into vfio_group_list hw/vfio/pci: split vfio_get_device hw/vfio/pci: Introduce VFIORegion hw/vfio/pci: handle reset at VFIODevice hw/vfio/pci: add type, name and group fields in VFIODevice hw/vfio/pci: introduce minimalist VFIODevice with fd hw/vfio/pci: generalize mask/unmask to any IRQ index hw/vfio/pci: Rename VFIODevice into VFIOPCIDevice vfio: move hw/misc/vfio.c to hw/vfio/pci.c Move vfio.h into include/hw/vfio vfio: fix adding memory listener to the right address space vfio: migration to trace points Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22hw/arm/virt: enable passing of EFI-stubbed kernel to guest UEFI firmwareLaszlo Ersek
The virt board already ensures mutual exclusion between -bios and -pflash unit#0; we only need to set "bootinfo.firmware_loaded", introduced in the previous patch, if either of those options was used to load the guest firmware. Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1419250305-31062-12-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22hw/arm: pass pristine kernel image to guest firmware over fw_cfgLaszlo Ersek
Introduce the new boolean field "arm_boot_info.firmware_loaded". When this field is set, it means that the portion of guest DRAM that the VCPU normally starts to execute, or the pflash chip that the VCPU normally starts to execute, has been populated by board-specific code with full-fledged guest firmware code, before the board calls arm_load_kernel(). Simultaneously, "arm_boot_info.firmware_loaded" guarantees that the board code has set up the global firmware config instance, for arm_load_kernel() to find with fw_cfg_find(). Guest kernel (-kernel) and guest firmware (-bios, -pflash) has always been possible to specify independently on the command line. The following cases should be considered: nr -bios -pflash -kernel description unit#0 -- ------- ------- ------- ------------------------------------------- 1 present present absent Board code rejects this case, -bios and present present present -pflash unit#0 are exclusive. Left intact by this patch. 2 absent absent present Traditional kernel loading, with qemu's minimal board firmware. Left intact by this patch. 3 absent present absent Preexistent case for booting guest firmware present absent absent loaded with -bios or -pflash. Left intact by this patch. 4 absent absent absent Preexistent case for not loading any firmware or kernel up-front. Left intact by this patch. 5 present absent present New case introduced by this patch: kernel absent present present image is passed to externally loaded firmware in unmodified form, using fw_cfg. An easy way to see that this patch doesn't interfere with existing cases is to realize that "info->firmware_loaded" is constant zero at this point. Which makes the "outer" condition unchanged, and the "inner" condition (with the fw_cfg-related code) dead. Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1419250305-31062-11-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22hw/loader: split out load_image_gzipped_buffer()Laszlo Ersek
In the next patch we'd like to reuse the image decompression facility without installing the output as a ROM at a specific guest-phys address. In addition, expose LOAD_IMAGE_MAX_GUNZIP_BYTES, because that's a straightforward "max_sz" argument for the new load_image_gzipped_buffer(). Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1419250305-31062-10-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22arm: add fw_cfg to "virt" boardLaszlo Ersek
fw_cfg already supports exposure over MMIO (used in ppc/mac_newworld.c, ppc/mac_oldworld.c, sparc/sun4m.c); we can easily add it to the "virt" board. Because MMIO access is slow on ARM KVM, we enable the guest, with fw_cfg_init_mem_wide(), to transfer up to 8 bytes with a single access. This has been measured to speed up transfers up to 7.5-fold, relative to single byte data access, on both ARM KVM and x86_64 TCG. The MMIO register block of fw_cfg is advertized in the device tree. As base address we pick 0x09020000, which conforms to the comment preceding "a15memmap": it falls in the miscellaneous device I/O range 128MB..256MB, and it is aligned at 64KB. The DTB properties follow the documentation in the Linux source file "Documentation/devicetree/bindings/arm/fw-cfg.txt". fw_cfg automatically exports a number of files to the guest; for example, "bootorder" (see fw_cfg_machine_reset()). Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1419250305-31062-9-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22fw_cfg_mem: expose the "data_width" property with fw_cfg_init_mem_wide()Laszlo Ersek
We rebase fw_cfg_init_mem() to the new function for compatibility with current callers. The behavior of the (big endian) multi-byte data reads is best shown with a qtest session. Here, we are reading the first six bytes of the UUID $ arm-softmmu/qemu-system-arm -M virt -machine accel=qtest \ -qtest stdio -uuid 4600cb32-38ec-4b2f-8acb-81c6ea54f2d8 >>> writew 0x9020008 0x0200 <<< OK >>> readl 0x9020000 <<< OK 0x000000004600cb32 Remember this is big endian. On big endian machines, it is stored directly as 0x46 0x00 0xcb 0x32. On a little endian machine, we have to first swap it, so that it becomes 0x32cb0046. When written to memory, it becomes 0x46 0x00 0xcb 0x32 again. Reading byte-by-byte works too, of course: >>> readb 0x9020000 <<< OK 0x0000000000000038 >>> readb 0x9020000 <<< OK 0x00000000000000ec Here only a single byte is read at a time, so they are read in order similar to the 1-byte data port that is already in PPC and SPARC machines. Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1419250305-31062-8-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22fw_cfg_mem: introduce the "data_width" propertyLaszlo Ersek
The "data_width" property is capable of changing the maximum valid access size to the MMIO data register, and resizes the memory region similarly, at device realization time. The default value of "data_memwidth" is set so that we don't yet diverge from "fw_cfg_data_mem_ops". Most of the fw_cfg_mem users will stick with the default, and for them we should continue using the statically allocated "fw_cfg_data_mem_ops". This is beneficial for debugging because gdb can resolve pointers referencing static objects to the names of those objects. Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1419250305-31062-7-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22exec: allows 8-byte accesses in subpage_opsPaolo Bonzini
Otherwise fw_cfg accesses are split into 4-byte ones before they reach the fw_cfg ops / handlers. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1419250305-31062-6-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22fw_cfg_mem: flip ctl_mem_ops and data_mem_ops to DEVICE_BIG_ENDIANLaszlo Ersek
The standalone selector port (fw_cfg_ctl_mem_ops) is only used by big endian guests to date (*), hence this change doesn't regress them. Paolo and Alex have suggested / requested an explicit DEVICE_BIG_ENDIAN setting here, for clarity. (*) git grep -l fw_cfg_init_mem hw/nvram/fw_cfg.c hw/ppc/mac_newworld.c hw/ppc/mac_oldworld.c hw/sparc/sun4m.c include/hw/nvram/fw_cfg.h The standalone data port (fw_cfg_data_mem_ops) has max_access_size 1 (for now), hence changing its endianness doesn't change behavior for existing guest code. Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1419250305-31062-5-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22fw_cfg_mem: max access size and region size are the same for data registerLaszlo Ersek
Make it clear that the maximum access size to the MMIO data register determines the full size of the memory region. Currently the max access size is 1. This patch doesn't change behavior. Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1419250305-31062-4-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22fw_cfg: move boards to fw_cfg_init_io() / fw_cfg_init_mem()Laszlo Ersek
This allows us to drop the fw_cfg_init() shim and to enforce the possible mappings at compile time. Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1419250305-31062-3-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22fw_cfg: hard separation between the MMIO and I/O port mappingsLaszlo Ersek
We are going to introduce a wide data register for fw_cfg, but only for the MMIO mapped device. The wide data register will also require the tightening of endiannesses. However we don't want to touch the I/O port mapped fw_cfg device at all. Currently QEMU provides a single fw_cfg device type that can handle both I/O port and MMIO mapping. This flexibility is not actually exploited by any board in the tree, but it renders restricting the above changes to MMIO very hard. Therefore, let's derive two classes from TYPE_FW_CFG: TYPE_FW_CFG_IO and TYPE_FW_CFG_MEM. TYPE_FW_CFG_IO incorporates the base I/O port and the related combined MemoryRegion. (NB: all boards in the tree that use the I/O port mapped flavor opt for the combined mapping; that is, when the data port overlays the high address byte of the selector port. Therefore we can drop the capability to map those I/O ports separately.) TYPE_FW_CFG_MEM incorporates the base addresses for the MMIO selector and data registers, and their respective MemoryRegions. The "realize" and "props" class members are specific to each new derived class, and become unused for the base class. The base class retains the "reset" member and the "vmsd" member, because the reset functionality and the set of migrated data are not specific to the mapping. The new functions fw_cfg_init_io() and fw_cfg_init_mem() expose the possible mappings in separation. For now fw_cfg_init() is retained as a compatibility shim that enforces the above assumptions. Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1419250305-31062-2-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22target-arm: add cpu feature EL3 to CPUs with Security ExtensionsFabian Aggeler
Set ARM_FEATURE_EL3 feature for CPUs that implement Security Extensions. Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch> Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1418684992-8996-16-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22target-arm: Disable EL3 on unsupported machinesGreg Bellows
Disables the CPU ARM_FEATURE_EL3 featuere on machine models that can be configured to use Cortex-A9, Cortex-A15, and ARM1176 but don't officially support EL3. This preserves backwards compatibility. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1418684992-8996-15-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22target-arm: Breakout integratorcp and versatilepb cpu initGreg Bellows
This commit changes the integratorcp and versatilepb CPU initialization from using the generic ARM cpu_arm_init function to doing it inline. This is necessary in order to allow CPU configuration changes to occur between CPU instance initialization and realization. Specifically, this change is in preparation for disabling CPU EL3 support. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1418684992-8996-14-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22target-arm: Set CPU has_el3 prop during virt initGreg Bellows
Adds setting of the CPU has_el3 property based on the virt machine secure state property during initialization. This enables/disables EL3 state during start-up. Changes include adding an additional secure state boolean during virt CPU initialization. Also disables the ARM secure boot by default. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Message-id: 1418684992-8996-13-git-send-email-greg.bellows@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22target-arm: Enable CPU has_el3 prop during VE initGreg Bellows
Adds setting of the CPU has_el3 property based on the vexpress machine secure state property during initialization. This enables/disables EL3 state during start-up. Changes include adding an additional secure state boolean during vexpress CPU initialization. Also enables the ARM secure boot by default. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Message-id: 1418684992-8996-12-git-send-email-greg.bellows@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22target-arm: Add arm_boot_info secure_boot controlGreg Bellows
Adds the secure_boot boolean field to the arm_boot_info descriptor. This fields is used to indicate whether Linux should boot into secure or non-secure state if the ARM EL3 feature is enabled. The default is to leave the CPU in an unaltered reset state. On EL3 enabled systems, the reset state is secure and can be overridden by setting the added field to false. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1418684992-8996-11-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22target-arm: Add ARMCPU secure propertyGreg Bellows
Added a "has_el3" state property to the ARMCPU descriptor. This property indicates whether the ARMCPU has security extensions enabled (EL3) or not. By default it is disabled at this time. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1418684992-8996-10-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22target-arm: Add feature unset functionGreg Bellows
Add an unset_feature() function to compliment the set_feature() function. This will be used to disable functions after they have been enabled during initialization. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1418684992-8996-9-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22target-arm: Add virt machine secure propertyGreg Bellows
Add "secure" virt machine specific property to allow override of the default secure state configuration. By default, when using the QEMU -kernel command line argument, virt machines boot into NS/SVC. When using the QEMU -bios command line argument, virt machines boot into S/SVC. The secure state can be changed from the default specifying the secure state as a machine property. For example, the below command line would disable security extensions on a -kernel Linux boot: aarch64-softmmu/qemu-system-aarch64 -machine type=virt,secure=off -kernel ... Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1418684992-8996-8-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22target-arm: Add virt class and machine typesGreg Bellows
Switch virt qemu machine support to use the newer object type, class, and instance model. Added virt TypeInfo with static registration along with virt specific class and machine structs. Also added virt class initialization method. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1418684992-8996-7-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22target-arm: Change vexpress daughterboard init argGreg Bellows
Change the Vexpress daughterboard initialization method to take a vexpress machine state pointer instead of the daughterboard struct pointer. The machine state now contains the daughterboard pointer. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1418684992-8996-6-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-22target-arm: Add vexpress machine secure propertyGreg Bellows
Add "secure" Vexpress machine specific property to allow override of the default secure state configuration. By default, when using the QEMU -kernel command line argument, Vexpress machines boot into NS/SVC. When using the QEMU -bios command line argument, Vexpress machines boot into S/SVC. The secure state can be changed from the default specifying the secure state as a machine property. For example, the below command line would disable security extensions on a -kernel Linux boot: aarch64-softmmu/qemu-system-aarch64 -machine type=vexpress-a15,secure=off -kernel ... Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1418684992-8996-5-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>