aboutsummaryrefslogtreecommitdiff
path: root/hw/ppc
AgeCommit message (Collapse)Author
2017-05-11ppc/pnv: restrict BMC object to the BMC simulatorCédric Le Goater
Today, when a PowerNV guest runs, it uses the sensor definitions of the BMC simulator to populate the device tree. But an external IPMI BMC could also be used and, in that case, it is not (yet) possible to retrieve the sensor list. Generating the OEM SEL event for shutdown or reboot also does not make sense as it should be generated on the BMC side. This change allows a guest to use an 'ipmi-bmc-extern' backend to the 'isa-ipmi-bt' device and a 'chardev' for transport such as : -chardev socket,id=ipmi0,host=localhost,port=9002,reconnect=10 \ -device ipmi-bmc-extern,id=bmc0,chardev=ipmi0 \ -device isa-ipmi-bt,bmc=bmc0,irq=10 and connect to a BMC simulator, the OpenIPMI ipmi_sim simulator for instance. Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26spapr-cpu-core: Release ICPState object during CPU unrealizationBharata B Rao
Recent commits that re-organized ICPState object missed to destroy the object when CPU is unrealized. Fix this so that CPU unplug doesn't abort QEMU. Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: generate an OEM SEL event on shutdownCédric Le Goater
OpenPOWER systems expect to be notified with such an event before a shutdown or a reboot. An OEM SEL message is sent with specific identifiers and a user data containing the request : OFF or REBOOT. Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: add initial IPMI sensors for the BMC simulatorCédric Le Goater
Skiboot, the firmware for the PowerNV platform, expects the BMC to provide some specific IPMI sensors. These sensors are exposed in the device tree and their values are updated by the firmware at boot time. Sensors of interest are : "FW Boot Progress" "Boot Count" As such a device is defined on the command line, we can only detect its presence at reset time. Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: populate device tree for IPMI BT devicesCédric Le Goater
When an ipmi-bt device [1] is defined on the ISA bus, we need to populate the device tree with the object properties. Such devices are created with the command line options : -device ipmi-bmc-sim,id=bmc0 -device isa-ipmi-bt,bmc=bmc0,irq=10 [1] https://lists.gnu.org/archive/html/qemu-devel/2015-11/msg03168.html Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: populate device tree for serial devicesCédric Le Goater
Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: populate device tree for RTC devicesCédric Le Goater
The code could be common to any ISA device but we are missing the IO length. Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: scan ISA bus to populate device treeCédric Le Goater
This is an empty shell that we will use to include nodes in the device tree for ISA devices. We expect RTC, UART and IPMI BT devices. Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: enable only one LPC busCédric Le Goater
The default LPC bus of a multichip system is on chip 0. It's recognized by the firmware (skiboot) using a "primary" property in the device tree. We introduce a pnv_chip_lpc_offset() routine to locate the LPC node of a chip and set the property directly from the machine level. Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: Add support for POWER8+ LPC ControllerBenjamin Herrenschmidt
It adds the Naples chip which supports proper LPC interrupts via the LPC controller rather than via an external CPLD. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> [clg: - updated for qemu-2.9 - ported on latest PowerNV patchset - moved the IRQ handler in pnv_lpc.c - introduced pnv_lpc_isa_irq_create() to create the ISA IRQs ] Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26spapr: remove the 'nr_servers' field from the machineCédric Le Goater
xics_system_init() does not need 'nr_servers' anymore as it is only used to define the 'interrupt-controller' node in the device tree. So let's just compute the value when calling spapr_dt_xics(). This also gives us an opportunity to simplify the xics_system_init() routine and introduce a specific spapr_ics_create() helper to create the sPAPR ICS object. Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: Add OCC model stub with interrupt supportBenjamin Herrenschmidt
The OCC is an on-chip microcontroller based on a ppc405 core used for various power management tasks. It comes with a pile of additional hardware sitting on the PIB (aka XSCOM bus). At this point we don't emulate it (nor plan to do so). However there is one facility which is provided by the surrounding hardware that we do need, which is the interrupt generation facility. OPAL uses it to send itself interrupts under some circumstances and there are other uses around the corner. So this implement just enough to support this. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> [clg: - updated for qemu-2.9 - changed the XSCOM interface to fit new model - QOMified the model ] Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: Add cut down PSI bridge model and hookup external interruptCédric Le Goater
The Processor Service Interface (PSI) Controller is one of the engines of the "Bridge" unit which connects the different interfaces to the Power Processor. This adds just enough of the PSI bridge to handle various on-chip and the one external interrupt. The rest of PSI has to do with the link to the IBM FSP service processor which we don't plan to emulate (not used on OpenPower machines). The ics_get() and ics_resend() handlers of the XICSFabric interface of the PowerNV machine are now defined to handle the Interrupt Control Source of PSI. The InterruptStatsProvider interface is also modified to dump the new ICS. Originally from Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: add memory regions for the ICP registersCédric Le Goater
This provides to a PowerNV chip (POWER8) access to the Interrupt Management area, which contains the registers of the Interrupt Control Presenters of each thread. These are used to accept, return, forward interrupts in the system. This area is modeled with a per-chip container memory region holding all the ICP registers. Each thread of a chip is then associated with its ICP registers using a memory subregion indexed by its PIR number in the overall region. The device tree is populated accordingly. Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: create the ICP object under PnvCoreCédric Le Goater
Each thread of a core is linked to an ICP. This allocates a PnvICPState object before the PowerPCCPU object is realized and lets the XICSFabric do the store under the 'intc' backlink when xics_cpu_setup() is called. This modeling removes the need of maintaining an array of ICP objects under the PowerNV machine and also simplifies the XICSFabric icp_get() handler. Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: extend the machine with a InterruptStatsProvider interfaceCédric Le Goater
Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/pnv: extend the machine with a XICSFabric interfaceCédric Le Goater
A XICSFabric QOM interface is used by the XICS layer to manipulate the ICP and ICS objects. Let's define the associated handlers for the PowerNV machine. All handlers should be defined even if there is no ICS under the PowerNV machine yet. Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26spapr: allocate the ICPState object from under sPAPRCPUCoreCédric Le Goater
Today, all the ICPs are created before the CPUs, stored in an array under the sPAPR machine and linked to the CPU when the core threads are realized. This modeling brings some complexity when a lookup in the array is required and it can be simplified by allocating the ICPs when the CPUs are. This is the purpose of this proposal which introduces a new 'icp_type' field under the machine and creates the ICP objects of the right type (KVM or not) before the PowerPCCPU object are. This change allows more cleanups : the removal of the icps array under the sPAPR machine and the removal of the xics_get_cpu_index_by_dt_id() helper. Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26spapr: move the IRQ server number mapping under the machineCédric Le Goater
This is the second step to abstract the IRQ 'server' number of the XICS layer. Now that the prereq cleanups have been done in the previous patch, we can move down the 'cpu_dt_id' to 'cpu_index' mapping in the sPAPR machine handler. Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/xics: introduce an 'intc' backlink under PowerPCCPUCédric Le Goater
Today, the ICPState array of the sPAPR machine is indexed with 'cpu_index' of the CPUState. This numbering of CPUs is internal to QEMU and the guest only knows about what is exposed in the device tree, that is the 'cpu_dt_id'. This is why sPAPR uses the helper xics_get_cpu_index_by_dt_id() to do the mapping in a couple of places. To provide a more generic XICS layer, we need to abstract the IRQ 'server' number and remove any assumption made on its nature. It should not be used as a 'cpu_index' for lookups like xics_cpu_setup() and xics_cpu_destroy() do. To reach that goal, we choose to introduce a generic 'intc' backlink under PowerPCCPU, and let the machine core init routine do the ICPState lookup. The resulting object is passed on to xics_cpu_setup() which does the store under PowerPCCPU. The IRQ 'server' number in XICS is now generic. sPAPR uses 'cpu_dt_id' and PowerNV will use 'PIR' number. This also has the benefit of simplifying the sPAPR hcall routines which do not need to do any ICPState lookups anymore. Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26spapr_pci: Removed unused includeAlexey Kardashevskiy
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26spapr_pci: Warn when RAM page size is not enabled in IOMMU page maskAlexey Kardashevskiy
If a page size used by QEMU is not enabled in the PHB IOMMU page mask, in-kernel acceleration of TCE handling won't be enabled and performance might be slower than expected. This prints a warning if system page size is not enabled. This should print a warning if huge pages are enabled but sphb.pgsz still uses the default value of 4K|64K. Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26target-ppc/kvm: Enable in-kernel TCE acceleration for multi-tceAlexey Kardashevskiy
This enables in-kernel handling of H_PUT_TCE_INDIRECT and H_STUFF_TCE hypercalls. The host kernel support is there since v4.6, in particular d3695aa4f452 ("KVM: PPC: Add support for multiple-TCE hcalls"). H_PUT_TCE is already accelerated and does not need any special enablement. Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26spapr: Workaround for broken radix guestsSam Bobroff
For a little while around 4.9, Linux kernels that saw the radix bit in ibm,pa-features would attempt to set up the MMU as if they were a hypervisor, even if they were a guest, which would cause them to crash. Work around this by detecting pre-ISA 3.0 guests by their lack of that bit in option vector 1, and then removing the radix bit from ibm,pa-features. Note: This now requires regeneration of that node after CAS negotiation. Signed-off-by: Sam Bobroff <sam.bobroff@au1.ibm.com> [dwg: Fix style nits] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26spapr: Enable ISA 3.0 MMU mode selection via CASSam Bobroff
Add the new node, /chosen/ibm,arch-vec-5-platform-support to the device tree. This allows the guest to determine which modes are supported by the hypervisor. Update the option vector processing in h_client_architecture_support() to handle the new MMU bits. This allows guests to request hash or radix mode and QEMU to create the guest's HPT at this time if it is necessary but hasn't yet been done. QEMU will terminate the guest if it requests an unavailable mode, as required by the architecture. Extend the ibm,pa-features node with the new ISA 3.0 values and set the radix bit if KVM supports radix mode. This probably won't be used directly by guests to determine the availability of radix mode (that is indicated by the new node added above) but the architecture requires that it be set when the hardware supports it. If QEMU is using KVM, and KVM is capable of running in radix mode, guests can be run in real-mode without allocating a HPT (because KVM will use a minimal RPT). So in this case, we avoid creating the HPT at reset time and later (during CAS) create it if it is necessary. ISA 3.0 guests will now begin to call h_register_process_table(), which has been added previously. Signed-off-by: Sam Bobroff <sam.bobroff@au1.ibm.com> [dwg: Strip some unneeded prefix from error messages] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26spapr: move spapr_populate_pa_features()Sam Bobroff
In the next patch, spapr_fixup_cpu_dt() will need to call spapr_populate_pa_features() so move it's definition up without making any other changes. Signed-off-by: Sam Bobroff <sam.bobroff@au1.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26target/ppc: Implement H_REGISTER_PROCESS_TABLE H_CALLSuraj Jitindar Singh
The H_REGISTER_PROCESS_TABLE H_CALL is used by a guest to indicate to the hypervisor where in memory its process table is and how translation should be performed using this process table. Provide the implementation of this H_CALL for a guest. We first check for invalid flags, then parse the flags to determine the operation, and then check the other parameters for valid values based on the operation (register new table/deregister table/maintain registration). The process table is then stored in the appropriate location and registered with the hypervisor (if running under KVM), and the LPCR_[UPRT/GTSE] bits are updated as required. Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Signed-off-by: Sam Bobroff <sam.bobroff@au1.ibm.com> [dwg: Correct missing prototype and uninitialized variable] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26target/ppc: Add new H-CALL shells for in memory table translationSuraj Jitindar Singh
The use of the new in memory tables introduced in ISAv3.00 for translation, also referred to as process tables, requires the introduction of 3 new H-CALLs; H_REGISTER_PROCESS_TABLE, H_CLEAN_SLB, and H_INVALIDATE_PID. Add shells for each of these and register them as the hypercall handlers. Currently they all log an unimplemented hypercall and return H_FUNCTION. Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> [dwg: Fix style nits] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26spapr: Add ibm,processor-radix-AP-encodings to the device treeSam Bobroff
Use the new ioctl, KVM_PPC_GET_RMMU_INFO, to fetch radix MMU information from KVM and present the page encodings in the device tree under ibm,processor-radix-AP-encodings. This provides page size information to the guest which is necessary for it to use radix mode. Signed-off-by: Sam Bobroff <sam.bobroff@au1.ibm.com> [dwg: Compile fix for 32-bit targets, style nit fix] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26target-ppc: kvm: make use of KVM_CREATE_SPAPR_TCE_64Alexey Kardashevskiy
KVM_CAP_SPAPR_TCE capability allows creating TCE tables in KVM which allows having in-kernel acceleration for H_PUT_TCE_xxx hypercalls. However it only supports 32bit DMA windows at zero bus offset. There is a new KVM_CAP_SPAPR_TCE_64 capability which supports 64bit window size, variable page size and bus offset. This makes use of the new capability. The kernel headers are already updated as the kernel support went in to v4.6. Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26hw/ppc/pnv: Classify the "PowerNV Chip" devices as CPU devicesThomas Huth
The devices that are derived from TYPE_PNV_CHIP currently show up as "uncategorized" devices in the help text of "-device ?". Since they obviously are related to the CPU, let's put them into the CPU category instead. Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26ppc/spapr: QOM'ify sPAPRRTCStateCédric Le Goater
Also use an 'sPAPRRTCState' attribute under the sPAPR machine to hold the RTC object. Overall, these changes remove an unnecessary and implicit dependency on SysBus. Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-26pseries: Add pseries-2.10 machine typeDavid Gibson
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-04-03pseries: Enforce homogeneous threads-per-coreDavid Gibson
For reasons that may be useful in future, CPU core objects, as used on the pseries machine type have their own nr-threads property, potentially allowing cores with different numbers of threads in the same system. If the user/management uses the values specified in query-hotpluggable-cpus as they're expected to do, this will never matter in pratice. But that's not actually enforced - it's possible to manually specify a core with a different number of threads from that in -smp. That will confuse the platform - most immediately, this can be used to create a CPU thread with index above max_cpus which leads to an assertion failure in spapr_cpu_core_realize(). For now, enforce that all cores must have the same, standard, number of threads. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
2017-03-29spapr: fix memory hot-unpluggingLaurent Vivier
If, once the kernel has booted, we try to remove a memory hotplugged while the kernel was not started, QEMU crashes on an assert: qemu-system-ppc64: hw/virtio/vhost.c:651: vhost_commit: Assertion `r >= 0' failed. ... #4 in vhost_commit #5 in memory_region_transaction_commit #6 in pc_dimm_memory_unplug #7 in spapr_memory_unplug #8 spapr_machine_device_unplug #9 in hotplug_handler_unplug #10 in spapr_lmb_release #11 in detach #12 in set_allocation_state #13 in rtas_set_indicator ... If we take a closer look to the guest kernel log, we can see when we try to unplug the memory: pseries-hotplug-mem: Attempting to hot-add 4 LMB(s) What happens: 1- The kernel has ignored the memory hotplug event because it was not started when it was generated. 2- When we hot-unplug the memory, QEMU starts to remove the memory, generates an hot-unplug event, and signals the kernel of the incoming new event 3- as the kernel is started, on the QEMU signal, it reads the event list, decodes the hotplug event and tries to finish the hotplugging. 4- QEMU receive the the hotplug notification while it is trying to hot-unplug the memory. This moves the memory DRC to an invalid state This patch prevents this by not allowing to set the allocation state to USABLE while the DRC is awaiting release. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1432382 Signed-off-by: Laurent Vivier <lvivier@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-29spapr: fix buffer-overflowMarc-André Lureau
Running postcopy-test with ASAN produces the following error: QTEST_QEMU_BINARY=ppc64-softmmu/qemu-system-ppc64 tests/postcopy-test ... ================================================================= ==23641==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7f1556600000 at pc 0x55b8e9d28208 bp 0x7f1555f4d3c0 sp 0x7f1555f4d3b0 READ of size 8 at 0x7f1556600000 thread T6 #0 0x55b8e9d28207 in htab_save_first_pass /home/elmarco/src/qq/hw/ppc/spapr.c:1528 #1 0x55b8e9d2939c in htab_save_iterate /home/elmarco/src/qq/hw/ppc/spapr.c:1665 #2 0x55b8e9beae3a in qemu_savevm_state_iterate /home/elmarco/src/qq/migration/savevm.c:1044 #3 0x55b8ea677733 in migration_thread /home/elmarco/src/qq/migration/migration.c:1976 #4 0x7f15845f46c9 in start_thread (/lib64/libpthread.so.0+0x76c9) #5 0x7f157d9d0f7e in clone (/lib64/libc.so.6+0x107f7e) 0x7f1556600000 is located 0 bytes to the right of 2097152-byte region [0x7f1556400000,0x7f1556600000) allocated by thread T0 here: #0 0x7f159bb76980 in posix_memalign (/lib64/libasan.so.3+0xc7980) #1 0x55b8eab185b2 in qemu_try_memalign /home/elmarco/src/qq/util/oslib-posix.c:106 #2 0x55b8eab186c8 in qemu_memalign /home/elmarco/src/qq/util/oslib-posix.c:122 #3 0x55b8e9d268a8 in spapr_reallocate_hpt /home/elmarco/src/qq/hw/ppc/spapr.c:1214 #4 0x55b8e9d26e04 in ppc_spapr_reset /home/elmarco/src/qq/hw/ppc/spapr.c:1261 #5 0x55b8ea12e913 in qemu_system_reset /home/elmarco/src/qq/vl.c:1697 #6 0x55b8ea13fa40 in main /home/elmarco/src/qq/vl.c:4679 #7 0x7f157d8e9400 in __libc_start_main (/lib64/libc.so.6+0x20400) Thread T6 created by T0 here: #0 0x7f159bae0488 in __interceptor_pthread_create (/lib64/libasan.so.3+0x31488) #1 0x55b8eab1d9cb in qemu_thread_create /home/elmarco/src/qq/util/qemu-thread-posix.c:465 #2 0x55b8ea67874c in migrate_fd_connect /home/elmarco/src/qq/migration/migration.c:2096 #3 0x55b8ea66cbb0 in migration_channel_connect /home/elmarco/src/qq/migration/migration.c:500 #4 0x55b8ea678f38 in socket_outgoing_migration /home/elmarco/src/qq/migration/socket.c:87 #5 0x55b8eaa5a03a in qio_task_complete /home/elmarco/src/qq/io/task.c:142 #6 0x55b8eaa599cc in gio_task_thread_result /home/elmarco/src/qq/io/task.c:88 #7 0x7f15823e38e6 (/lib64/libglib-2.0.so.0+0x468e6) SUMMARY: AddressSanitizer: heap-buffer-overflow /home/elmarco/src/qq/hw/ppc/spapr.c:1528 in htab_save_first_pass index seems to be wrongly incremented, unless I miss something that would be worth a comment. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-22numa,spapr: align default numa node memory size to 256MBLaurent Vivier
Since commit 224245b ("spapr: Add LMB DR connectors"), NUMA node memory size must be aligned to 256MB (SPAPR_MEMORY_BLOCK_SIZE). But when "-numa" option is provided without "mem" parameter, the memory is equally divided between nodes, but 8MB aligned. This can be not valid for pseries. In that case we can have: $ ./ppc64-softmmu/qemu-system-ppc64 -m 4G -numa node -numa node -numa node qemu-system-ppc64: Node 0 memory size 0x55000000 is not aligned to 256 MiB With this patch, we have: (qemu) info numa 3 nodes node 0 cpus: 0 node 0 size: 1280 MB node 1 cpus: node 1 size: 1280 MB node 2 cpus: node 2 size: 1536 MB Signed-off-by: Laurent Vivier <lvivier@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-14qemu-timer: do not include sysemu/cpus.h from util/qemu-timer.hPaolo Bonzini
This dependency is the wrong way, and we will need util/qemu-timer.h from sysemu/cpus.h in the next patch. Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-14pseries: Don't expose PCIe extended config space on older machine typesDavid Gibson
bb9986452 "spapr_pci: Advertise access to PCIe extended config space" allowed guests to access the extended config space of PCI Express devices via the PAPR interfaces, even though the paravirtualized bus mostly acts like plain PCI. However, that patch enabled access unconditionally, including for existing machine types, which is an unwise change in behaviour. This patch limits the change to pseries-2.9 (and later) machine types. Suggested-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-06Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.9-20170306' ↵Peter Maydell
into staging ppc patch queue for 2017-03-06 Looks like my previous batch wasn't quite the last before hard freeze. This has a handful of bugfixes to go in. They're all genuine bugfixes, though not regressions in some cases. # gpg: Signature made Mon 06 Mar 2017 04:07:48 GMT # gpg: using RSA key 0x6C38CACA20D9B392 # gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" # gpg: aka "David Gibson (Red Hat) <dgibson@redhat.com>" # gpg: aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" # gpg: aka "David Gibson (kernel.org) <dwg@kernel.org>" # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dgibson/tags/ppc-for-2.9-20170306: target/ppc: use helper for excp handling target/ppc: fmadd: add macro for updating flags target/ppc: fmadd check for excp independently spapr: ensure that all threads within core are on the same NUMA node ppc/xics: register reset handlers for the ICP and ICS objects Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-03-06spapr: ensure that all threads within core are on the same NUMA nodeIgor Mammedov
Threads within a core shouldn't be on different NUMA nodes, so if user has misconfgured command line, fail QEMU at start up to force user fix it. For now use the first thread on the core as source of core's node-id. Later when cpu-numa refactoring lands it will be switched to core's node-id from possible_cpus[]. This prevents the same problems as commit 20bb648d "spapr: Fix default NUMA node allocation for threads", but for the case of manually configured NUMA node mappings, instead of just the default case. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-06ppc/xics: register reset handlers for the ICP and ICS objectsCédric Le Goater
The recent changes on the XICS layer removed the XICSState object to let the sPAPR machine handle the ICP and ICS directly. The reset of these objects was previously handled by XICSState, which was a SysBus device, and to keep the same behavior, the ICP and ICS were assigned to SysbBus. But that broke the 'info qtree' command in the monitor. 'qtree' performs a loop on the children of a bus to print their properties and SysBus devices are expected to be found under SysBus, which is not the case anymore. The fix for this problem is to register reset handlers for the ICP and ICS objects and stop using SysBus for such devices. Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Tested-by: Thomas Huth <thuth@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-05qapi: Make input visitors detect unvisited list tailsMarkus Armbruster
Fix the design flaw demonstrated in the previous commit: new method check_list() lets input visitors report that unvisited input remains for a list, exactly like check_struct() lets them report that unvisited input remains for a struct or union. Implement the method for the qobject input visitor (straightforward), and the string input visitor (less so, due to the magic list syntax there). The opts visitor's list magic is even more impenetrable, and all I can do there today is a stub with a FIXME comment. No worse than before. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1488544368-30622-26-git-send-email-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2017-03-03spapr: Small cleanup of PPC MMU enumsSam Bobroff
The PPC MMU types are sometimes treated as if they were a bit field and sometime as if they were an enum which causes maintenance problems: flipping bits in the MMU type (which is done on both the 1TB segment and 64K segment bits) currently produces new MMU type values that are not handled in every "switch" on it, sometimes causing an abort(). This patch provides some macros that can be used to filter out the "bit field-like" bits so that the remainder of the value can be switched on, like an enum. This allows removal of all of the "degraded" types from the list and should ease maintenance. Signed-off-by: Sam Bobroff <sam.bobroff@au1.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-03spapr_pci: Advertise access to PCIe extended config spaceDavid Gibson
The (paravirtual) PCI host bridge on the 'pseries' machine in most regards acts like a regular PCI bus, rather than a PCIe bus. Despite this, though, it does allow access to the PCIe extended config space. We already implemented the RTAS methods to allow this access.. but forgot to put the markers into the device tree so that guest's know it is there. This adds them in. With this, a pseries guest is able to view extended config space on (for example an e1000e device. This should be enough to allow guests to use at least some PCIe devices. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-03hw/ppc/spapr: Add POWER9 to pseries cpu modelsSuraj Jitindar Singh
Add POWER9 cpu to list of spapr core models which allows it to be specified as the cpu model for a pseries guest (e.g. -machine pseries -cpu POWER9). This now allows a POWER9 cpu to boot to userspace in tcg emulation for a pseries machine with a legacy kernel. Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Acked-by: Balbir Singh <bsingharora@gmail.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-03target/ppc/POWER9: Add POWER9 pa-features definitionSuraj Jitindar Singh
Add a pa-features definition which includes all of the new fields which have been added, note we don't claim support for any of these new features at this stage. Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Acked-by: Balbir Singh <bsingharora@gmail.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-03target/ppc: Add patb_entry to sPAPRMachineStateSuraj Jitindar Singh
ISA v3.00 adds the idea of a partition table which is used to store the address translation details for all partitions on the system. The partition table consists of double word entries indexed by partition id where the second double word contains the location of the process table in guest memory. The process table is registered by the guest via a h-call. We need somewhere to store the address of the process table so we add an entry to the sPAPRMachineState struct called patb_entry to represent the second doubleword of a single partition table entry corresponding to the current guest. We need to store this value so we know if the guest is using radix or hash translation and the location of the corresponding process table in guest memory. Since we only have a single guest per qemu instance, we only need one entry. Since the partition table is technically a hypervisor resource we require that access to it is abstracted by the virtual hypervisor through the get_patbe() call. Currently the value of the entry is never set (and thus defaults to 0 indicating hash), but it will be required to both implement POWER9 kvm support and tcg radix support. We also add this field to be migrated as part of the sPAPRMachineState as we will need it on the receiving side as the guest will never tell us this information again and we need it to perform translation. Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-01ppc/xics: move InterruptStatsProvider to the sPAPR machineCédric Le Goater
It provides a better monitor output of the ICP and ICS objects, else the objects are printed out of order. Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-03-01ppc/xics: move ics-simple post_load under the machineCédric Le Goater
The ICS object uses a post_load() handler which is implicitly relying on the fact that the internal state of the ICS and ICP objects has been restored but this is not guaranteed. So, let's move the code under the post_load() handler of the machine where we know the objects have been fully restored. The icp_resend() handler of the XICSFabric QOM interface is also removed as it is now obsolete. Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>