aboutsummaryrefslogtreecommitdiff
path: root/hw/block/pflash_cfi01.c
AgeCommit message (Collapse)Author
2018-06-29hw/block/pflash_cfi: Convert from DPRINTF() macro to trace eventsPhilippe Mathieu-Daudé
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> [Fixed lx -> PRIx64 as suggested by Philippe. --Stefan] Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2018-06-01hw: Do not include "exec/address-spaces.h" if it is not necessaryPhilippe Mathieu-Daudé
Code change produced with: $ git grep '#include "exec/address-spaces.h"' hw include/hw | \ cut -d: -f-1 | \ xargs egrep -L "(get_system_|address_space_)" | \ xargs sed -i.bak '/#include "exec\/address-spaces.h"/d' Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20180528232719.4721-12-f4bug@amsat.org> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-04-10hw/block/pflash_cfi: fix off-by-one errorPhilippe Mathieu-Daudé
ASAN reported: hw/block/pflash_cfi02.c:245:33: runtime error: index 82 out of bounds for type 'uint8_t [82]' Since the 'cfi_len' member is not used, remove it to keep the code safer. Cc: qemu-stable@nongnu.org Reported-by: AddressSanitizer Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2017-07-14hw/block/pflash_cfi01, pflash_cfi02: Use memory_region_init_rom_device()Peter Maydell
Since we pass the same DeviceState object to memory_region_init_rom_device_nomigrate() and vmstate_register_ram(), we can switch to using memory_region_init_rom_device() instead. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1499438577-7674-9-git-send-email-peter.maydell@linaro.org
2017-07-14memory: Rename memory_region_init_rom() and _rom_device() to _nomigrate()Peter Maydell
Rename memory_region_init_rom() to memory_region_init_rom_nomigrate() and memory_region_init_rom_device() to memory_region_init_rom_device_nomigrate(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1499438577-7674-5-git-send-email-peter.maydell@linaro.org
2017-02-28hw/block: Request permissionsKevin Wolf
This makes all device emulations with a qdev drive property request permissions on their BlockBackend. The only thing we block at this point is resizing images for some devices that can't support it. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Acked-by: Fam Zheng <famz@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com>
2017-01-27pflash_cfi01: fix per-device sector length in CFI tablePeter Maydell
For configurations of the pflash_cfi01 device which set it up with a device-width not equal to the width (ie where we are emulating multiple narrow flash devices wired up in parallel), we were giving incorrect values in the CFI data table: (1) the sector length entry should specify the sector length for a single device, not the length for the overall collection of devices (2) the number of blocks per device must not be divided by the number of devices because the resulting device size would not match the overall size (3) this then means that the overall write block size must be modified depending on the number of devices because the entry is per device and when the guest writes into the flash it calculates the write size by using the CFI entry (write size per device) multiplied by the number of chips. (It would alternatively be possible to modify the write block size in the CFI table (currently hardcoded at 2048) and leave the overall write block size alone.) This commit corrects these bugs, and adds a hw-compat property to retain the old behaviour on 2.8 and earlier versions. (The only board we have which uses this sort of flash config and has machine versioning is the "virt" board -- the PC uses a single flash device and so behaviour is unaffected whether using old-multiple-chip-handling or not.) Here is a configuration example from the vexpress board: VEXPRESS_FLASH_SIZE = 64M VEXPRESS_FLASH_SECT_SIZE 256K num-blocks = VEXPRESS_FLASH_SIZE / VEXPRESS_FLASH_SECT_SIZE = 256 sector-length = 256K width = 4 device-width = 2 The code will fill the CFI entry with the following entries: num-blocks = 256 sector-length = 128K writeblock_size = 2048 This results in two chips, each with 256 * 128K = 32M device size and a write block size of 2048. A sector erase will be sent to both chips, thus 256K must be erased. When the guest sends a block write command, it will write 4096 bytes data at once (2048 per device). Signed-off-by: David Engraf <david.engraf@sysgo.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> [PMM: cleaned up and expanded commit message] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-12-22hw/block/pflash_cfi*.c: fix confusing assert fail messageZiyue Yang
The patch is to fix the confusing assert fail message caused by un-initialized device structure (from bite sized tasks). The bug can be reproduced by ./qemu-system-x86_64 -nographic -device cfi.pflash01 The CFI hardware is dynamically loaded by QOM realizing mechanism, however the realizing function in pflash_cfi01_realize function requires the device being initialized manually before calling, like ./qemu-system-x86_64 -nographic -device cfi.pflash01,num-blocks=1024,sector-length=4096,name=testcard Once the initializing parameters are left off in the command, it will leave the device structure not initialized, which makes pflash_cfi01_realize try to realize a zero-volume card, causing /mnt/EXT_volume/projects/qemu/qemu-dev/exec.c:1378: find_ram_offset: Assertion `size != 0\' failed. Through my test, at least the flash device's block-number, sector-length and its name is needed for pflash_cfi01_realize to behave correctly. So I think the new asserts are needed to hint the QEMU user to specify the device's parameters correctly. Signed-off-by: Ziyue Yang <skiver.cloud.yzy@gmail.com> Message-Id: <1481810693-13733-1-git-send-email-skiver.cloud.yzy@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Ziyue Yang <yzylivezh@hotmail.com>
2016-06-29pflash: make TYPE_CFI_PFLASH0{1,2} macros publicEfimov Vasily
qdev API can be used to create CFI pflash devices despite existance of helper functions. The type name is needed in course of such creation. Using the preprocessor alias instead of the string literal itself is preferable. The patch makes the aliases accessible through the header. Signed-off-by: Efimov Vasily <real@ispras.ru> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-19hw: explicitly include qemu/log.hPaolo Bonzini
Move the inclusion out of hw/hw.h, most files do not need it. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-12pflash: Switch to byte-based block accessEric Blake
Sector-based blk_write() should die; switch to byte-based blk_pwrite() instead. Likewise for blk_read(). Signed-off-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-04-15Fix pflash migrationDr. David Alan Gilbert
Pflash migration (e.g. q35 + EFI variable storage) fails with the assert: bdrv_co_do_pwritev: Assertion `!(bs->open_flags & 0x0800)' failed. This avoids the problem by delaying the pflash update until after the device loads complete. Tested by: Migrating Q35/EFI vm. Changing efi variable content (with efiboot in the guest) md5sum'ing the variable file before migration and after. This is a fix that Paolo posted in the message 570244B3.4070105@redhat.com Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-03-22include/qemu/osdep.h: Don't include qapi/error.hMarkus Armbruster
Commit 57cb38b included qapi/error.h into qemu/osdep.h to get the Error typedef. Since then, we've moved to include qemu/osdep.h everywhere. Its file comment explains: "To avoid getting into possible circular include dependencies, this file should not include any other QEMU headers, with the exceptions of config-host.h, compiler.h, os-posix.h and os-win32.h, all of which are doing a similar job to this file and are under similar constraints." qapi/error.h doesn't do a similar job, and it doesn't adhere to similar constraints: it includes qapi-types.h. That's in excess of 100KiB of crap most .c files don't actually need. Add the typedef to qemu/typedefs.h, and include that instead of qapi/error.h. Include qapi/error.h in .c files that need it and don't get it now. Include qapi-types.h in qom/object.h for uint16List. Update scripts/clean-includes accordingly. Update it further to match reality: replace config.h by config-target.h, add sysemu/os-posix.h, sysemu/os-win32.h. Update the list of includes in the qemu/osdep.h comment quoted above similarly. This reduces the number of objects depending on qapi/error.h from "all of them" to less than a third. Unfortunately, the number depending on qapi-types.h shrinks only a little. More work is needed for that one. Signed-off-by: Markus Armbruster <armbru@redhat.com> [Fix compilation without the spice devel packages. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-01-20block: Clean up includesPeter Maydell
Clean up includes so that osdep.h is included first and headers which it implies are not included manually. This commit was created with scripts/clean-includes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-06-05pflash_cfi01: add secure propertyPaolo Bonzini
When this property is set, MMIO accesses are only allowed with the MEMTXATTRS_SECURE attribute. This is used for secure access to UEFI variables stored in flash. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-06-05pflash_cfi01: change to new-style MMIO accessorsPaolo Bonzini
This is a required step to implement read_with_attrs and write_with_attrs. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-06-05pflash_cfi01: change big-endian property to BIT typePaolo Bonzini
Make this consistent with the secure property, added in the next patch. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-10hw: Propagate errors through qdev_prop_set_drive()Markus Armbruster
Three kinds of callers: 1. On failure, report the error and abort Passing &error_abort does the job. No functional change. 2. On failure, report the error and exit() This is qdev_prop_set_drive_nofail(). Error reporting moves from qdev_prop_set_drive() to its caller. Because hiding away the error in the monitor right before exit() isn't helpful, replace qerror_report_err() by error_report_err(). Shouldn't make a difference, because qdev_prop_set_drive_nofail() should never be used in QMP context. 3. On failure, report the error and recover This is usb_msd_init() and scsi_bus_legacy_add_drive(). Error reporting and freeing the error object moves from qdev_prop_set_drive() to its callers. Because usb_msd_init() can't run in QMP context, replace qerror_report_err() by error_report_err() there. No functional change. scsi_bus_legacy_add_drive() calling qerror_report_err() is of course inappropriate, but this commit merely makes it more obvious. The next one will clean it up. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Message-Id: <1425925048-15482-3-git-send-email-armbru@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-10-20hw: Convert from BlockDriverState to BlockBackend, mostlyMarkus Armbruster
Device models should access their block backends only through the block-backend.h API. Convert them, and drop direct includes of inappropriate headers. Just four uses of BlockDriverState are left: * The Xen paravirtual block device backend (xen_disk.c) opens images itself when set up via xenbus, bypassing blockdev.c. I figure it should go through qmp_blockdev_add() instead. * Device model "usb-storage" prompts for keys. No other device model does, and this one probably shouldn't do it, either. * ide_issue_trim_cb() uses bdrv_aio_discard() instead of blk_aio_discard() because it fishes its backend out of a BlockAIOCB, which has only the BlockDriverState. * PC87312State has an unused BlockDriverState[] member. The next two commits take care of the latter two. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-09-12Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
- Memory: improve error reporting and avoid crashes on hotplug - Build: fixing block/iscsi.so and ranlib warnings on Mac OS X - Migration fixes for x86 - The odd KVM patch. # gpg: Signature made Thu 11 Sep 2014 11:21:10 BST using RSA key ID 9B4D86F2 # gpg: Good signature from "Paolo Bonzini <pbonzini@redhat.com>" # gpg: aka "Paolo Bonzini <bonzini@gnu.org>" * remotes/bonzini/tags/for-upstream: (21 commits) gdbstub: init mon_chr through qemu_chr_alloc pckbd: adding new fields to vmstate mc146818rtc: add missed field to vmstate piix: do not set irq while loading vmstate serial: fixing vmstate for save/restore parallel: adding vmstate for save/restore fdc: adding vmstate for save/restore cpu: init vmstate for ticks and clock offset apic_common: vapic_paddr synchronization fix vl: use QLIST_FOREACH_SAFE to visit change state handlers exec: add parameter errp to gethugepagesize exec: report error when memory < hpagesize hostmem-ram: don't exit qemu if size of memory-backend-ram is way too big memory: add parameter errp to memory_region_init_rom_device memory: add parameter errp to memory_region_init_ram exec: add parameter errp to qemu_ram_alloc and qemu_ram_alloc_from_ptr rules.mak: Fix DSO build by pulling in archive symbols util: Don't link host-utils.o if it's empty util: Move general qemu_getauxval to util/getauxval.c trace: Only link generated-tracers.o with "simple" backend ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-09memory: add parameter errp to memory_region_init_rom_deviceHu Tao
Add parameter errp to memory_region_init_rom_device and update all call sites to propagate the error. Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Hu Tao <hutao@cn.fujitsu.com> [Propagate the error out of realize. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-09-08pflash_cfi01: write flash contents to bdrv on incoming migrationLaszlo Ersek
A drive that backs a pflash device is special: - it is very small, - its entire contents are kept in a RAMBlock at all times, covering the guest-phys address range that provides the guest's view of the emulated flash chip. The pflash device model keeps the drive (the host-side file) and the guest-visible flash contents in sync. When migrating the guest, the guest-visible flash contents (the RAMBlock) is migrated by default, but on the target host, the drive (the host-side file) remains in full sync with the RAMBlock only if: - the source and target hosts share the storage underlying the pflash drive, - or the migration requests full or incremental block migration too, which then covers all drives. Due to the special nature of pflash drives, the following scenario makes sense as well: - no full nor incremental block migration, covering all drives, alongside the base migration (justified eg. by shared storage for "normal" (big) drives), - non-shared storage for pflash drives. In this case, currently only those portions of the flash drive are updated on the target disk that the guest reprograms while running on the target host. In order to restore accord, dump the entire flash contents to the bdrv in a post_load() callback. - The read-only check follows the other call-sites of pflash_update(); - both "pfl->ro" and pflash_update() reflect / consider the case when "pfl->bs" is NULL; - the total size of the flash device is calculated as in pflash_cfi01_realize(). When using shared storage, or requesting full or incremental block migration along with the normal migration, the patch should incur a harmless rewrite from the target side. It is assumed that, on the target host, RAM is loaded ahead of the call to pflash_post_load(). Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-09-08pflash_cfi01: fixup stale DPRINTF() callsLaszlo Ersek
Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-08-18memory: remove memory_region_destroyPaolo Bonzini
The function is empty after the previous patch, so remove it. Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-06-19hw/block/pflash_cfi01: Report correct size info for parallel configsPeter Maydell
If the flash device is configured with a device-width which is not equal to the bank-width, indicating that it is actually several narrow flash devices in parallel, the CFI table should report the number of blocks and the size of a single device, not of the whole combined setup. This stops Linux from complaining: "NOR chip too large to fit in mapping. Attempting to cope..." As usual, we retain the old broken but backwards compatible behaviour when the device-width is not specified. Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1402409025-25694-1-git-send-email-peter.maydell@linaro.org
2013-12-17Fix NOR flash device ID readingRoy Franz
Fix NOR flash manufacturer and device ID reading. This now properly takes into account device widths and device max widths as required. The reading of these IDs uses the same max_width dependent addressing as CFI queries. The old code remains for chips that don't specify a device width, as the new code relies on a device width being set in order to properly operate. The existing code seems very broken. Only ident0 and ident1 are used in the new code, as other fields relate to the lock state of blocks in flash. The VExpress flash configuration has been updated to match the new code, as the existing definition was 'wrong' in order to return the expected results with the broken device ID code. Signed-off-by: Roy Franz <roy.franz@linaro.org> Message-id: 1386279359-32286-8-git-send-email-roy.franz@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-12-17Fix CFI query responses for NOR flashRoy Franz
This change fixes the CFI query responses to handle NOR device widths that are different from the bank width. Support is also added for multi-width devices in a x8 configuration. This is typically x8/x16 devices, but the CFI specification mentions x8/x32 devices so those should be supported as well if they exist. The query response data is now replicated per-device in the bank, and is adjusted for x16 or x32 parts configured in x8 mode. The existing code is left in place for boards that have not been updated to specify an explicit device_width. The VExpress board has been updated in an earlier patch in this series so this is the only board currently affected. Signed-off-by: Roy Franz <roy.franz@linaro.org> Message-id: 1386279359-32286-7-git-send-email-roy.franz@linaro.org [PMM: fixed a few formatting nits] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-12-17Add max device width parameter for NOR devicesRoy Franz
For handling CFI and device ID reads, we need to not only know the width that a NOR flash device is configured for, but also its maximum width. The maximum width addressing mode is used for multi-width parts no matter which width they are configured for. The most common case is x16 parts that also support x8 mode. When configured for x8 operation these devices respond to CFI and device ID requests differently than native x8 NOR parts. Signed-off-by: Roy Franz <roy.franz@linaro.org> Message-id: 1386279359-32286-6-git-send-email-roy.franz@linaro.org [PMM: Added comment explaining the semantics of width vs device-width vs max-device-width] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-12-17return status for each NOR flash deviceRoy Franz
Now that we know how wide each flash device that makes up the bank is, return status for each device in the bank. Leave existing code that treats 32 bit wide banks as composed of two 16 bit devices as otherwise we may break configurations that do not set the device_width propery. Signed-off-by: Roy Franz <roy.franz@linaro.org> Message-id: 1386279359-32286-4-git-send-email-roy.franz@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-12-17Add device-width property to pflash_cfi01Roy Franz
The width of the devices that make up the flash interface is required to mask certain commands, in particular the write length for buffered writes. This length will be presented to each device on the interface by the program writing the flash, and the flash emulation code needs to be able to determine the length of the write as recieved by each flash device. The device-width defaults to the bank width which should maintain existing behavior for platforms that don't need this change. This change is required to support buffered writes on the vexpress platform that has a 32 bit flash interface with 2 16 bit devices on it. Signed-off-by: Roy Franz <roy.franz@linaro.org> Message-id: 1386279359-32286-3-git-send-email-roy.franz@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-12-17rename pflash_t member width to bank_widthRoy Franz
Rename the 'width' member of the pflash_t structure in preparation for adding a bank_width member. Signed-off-by: Roy Franz <roy.franz@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1386279359-32286-2-git-send-email-roy.franz@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-08-22aio / timers: Switch entire codebase to the new timer APIAlex Bligh
This is an autogenerated patch using scripts/switch-timer-api. Switch the entire code base to using the new timer API. Note this patch may introduce some line length issues. Signed-off-by: Alex Bligh <alex@alex.org.uk> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-07-29devices: Associate devices to their logical categoryMarcel Apfelbaum
The category will be used to sort the devices displayed in the command line help. Signed-off-by: Marcel Apfelbaum <marcel.a@redhat.com> Message-id: 1375107465-25767-4-git-send-email-marcel.a@redhat.com Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-07-28pflash_cfi01: duplicate status byte from bits 23:16 for 32bit readsPaul Burton
The firmware commonly used with MIPS Malta boards (YAMON) reads the status of the pflash with a 32bit memory access. On real hardware this results in the status byte being mirrored in the upper 16 bits of the read value. For example if the status byte is represented by SS then the hardware reads 0x00SS00SS. The YAMON firmware compares the status against 32bit values expecting the mirrored value and fails without it. Signed-off-by: Paul Burton <paul.burton@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2013-07-23pflash_cfi01: Use QOM realize for pflash_cfi01Hu Tao
Signed-off-by: Hu Tao <hutao@cn.fujitsu.com> [AF: Renamed argument] Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-23pflash-cfi01: QOM'ify some moreHu Tao
Introduce type constant and replace FROM_SYSBUS(). Signed-off-by: Hu Tao <hutao@cn.fujitsu.com> [AF: Renamed parent field] Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-04hw/block: pass owner to memory_region_init* functionsPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-07-04memory: add owner argument to initialization functionsPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-05-24memory: Rename readable flag to romd_modeJan Kiszka
"Readable" is a very unfortunate name for this flag because even a rom_device region will always be readable from the guest POV. What differs is the mapping, just like the comments had to explain already. Also, readable could currently be understood as being a generic region flag, but it only applies to rom_device regions. So rename the flag and the function to modify it after the original term "ROMD" which could also be interpreted as "ROM direct", i.e. ROM mode with direct access. In any case, the scope of the flag is clearer now. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-08hw: move target-independent files to subdirectoriesPaolo Bonzini
This patch tackles all files that are compiled once, moving them to subdirectories of hw/. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>