aboutsummaryrefslogtreecommitdiff
path: root/hw/usb/hcd-ehci.c
AgeCommit message (Collapse)Author
2016-10-08usb: ehci: fix memory leak in ehci_process_itdLi Qiang
While processing isochronous transfer descriptors(iTD), if the page select(PG) field value is out of bands it will return. In this situation the ehci's sg list is not freed thus leading to a memory leak issue. This patch avoid this. Signed-off-by: Li Qiang <liqiang6-s@360.cn> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-08-02ehci: faster frame index calculation for skipped framesEvgeny Yakovlev
ehci_update_frindex takes time linearly proportional to a number of uframes to calculate new frame index and raise FLR interrupts, which is a problem for large amounts of uframes. If we experience large delays between echi timer callbacks (i.e. because other periodic handlers have taken a lot of time to complete) we get a lot of skipped frames which then delay ehci timer callback more and this leads to deadlocking the system when ehci schedules next callback to be too soon. Observable behaviour is qemu consuming 100% host CPU time while guest is unresponsive. This misbehavior could happen for a while and QEMU does not get out from this state automatically without the patch. This change makes ehci_update_frindex execute in constant time. Signed-off-by: Evgeny Yakovlev <eyakovlev@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> Message-id: 1469638520-32706-1-git-send-email-den@openvz.org CC: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-04-19Revert "ehci: make idt processing more robust"Gerd Hoffmann
This reverts commit 156a2e4dbffa85997636a7a39ef12da6f1b40254. Breaks FreeBSD. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-04-19ehci: apply limit to iTD/sidt descriptorsGerd Hoffmann
Commit "156a2e4 ehci: make idt processing more robust" tries to avoid a DoS by the guest (create a circular iTD queue and let qemu ehci emulation run in circles forever). Unfortunately this has two problems: First it misses the case of siTDs, and second it reportedly breaks FreeBSD. So lets go for a different approach: just count the number of iTDs and siTDs we have seen per frame and apply a limit. That should really catch all cases now. Reported-by: 杜少博 <dushaobo@360.cn> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-24Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
* Log filtering from Alex and Peter * Chardev fix from Marc-André * config.status tweak from David * Header file tweaks from Markus, myself and Veronia (Outreachy candidate) * get_ticks_per_sec() removal from Rutuja (Outreachy candidate) * Coverity fix from myself * PKE implementation from myself, based on rth's XSAVE support # gpg: Signature made Thu 24 Mar 2016 20:15:11 GMT using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" * remotes/bonzini/tags/for-upstream: (28 commits) target-i386: implement PKE for TCG config.status: Pass extra parameters char: translate from QIOChannel error to errno exec: fix error handling in file_ram_alloc cputlb: modernise the debug support qemu-log: support simple pid substitution for logs target-arm: dfilter support for in_asm qemu-log: dfilter-ise exec, out_asm, op and opt_op qemu-log: new option -dfilter to limit output qemu-log: Improve the "exec" TB execution logging qemu-log: Avoid function call for disabled qemu_log_mask logging qemu-log: correct help text for -d cpu tcg: pass down TranslationBlock to tcg_code_gen util: move declarations out of qemu-common.h Replaced get_tick_per_sec() by NANOSECONDS_PER_SECOND hw: explicitly include qemu-common.h and cpu.h include/crypto: Include qapi-types.h or qemu/bswap.h instead of qemu-common.h isa: Move DMA_transfer_handler from qemu-common.h to hw/isa/isa.h Move ParallelIOArg from qemu-common.h to sysemu/char.h Move QEMU_ALIGN_*() from qemu-common.h to qemu/osdep.h ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Conflicts: scripts/clean-includes
2016-03-22Replaced get_tick_per_sec() by NANOSECONDS_PER_SECONDRutuja Shah
This patch replaces get_ticks_per_sec() calls with the macro NANOSECONDS_PER_SECOND. Also, as there are no callers, get_ticks_per_sec() is then removed. This replacement improves the readability and understandability of code. For example, timer_mod(fdctrl->result_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + (get_ticks_per_sec() / 50)); NANOSECONDS_PER_SECOND makes it obvious that qemu_clock_get_ns matches the unit of the expression on the right side of the plus. Signed-off-by: Rutuja Shah <rutu.shah.26@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-22include/qemu/osdep.h: Don't include qapi/error.hMarkus Armbruster
Commit 57cb38b included qapi/error.h into qemu/osdep.h to get the Error typedef. Since then, we've moved to include qemu/osdep.h everywhere. Its file comment explains: "To avoid getting into possible circular include dependencies, this file should not include any other QEMU headers, with the exceptions of config-host.h, compiler.h, os-posix.h and os-win32.h, all of which are doing a similar job to this file and are under similar constraints." qapi/error.h doesn't do a similar job, and it doesn't adhere to similar constraints: it includes qapi-types.h. That's in excess of 100KiB of crap most .c files don't actually need. Add the typedef to qemu/typedefs.h, and include that instead of qapi/error.h. Include qapi/error.h in .c files that need it and don't get it now. Include qapi-types.h in qom/object.h for uint16List. Update scripts/clean-includes accordingly. Update it further to match reality: replace config.h by config-target.h, add sysemu/os-posix.h, sysemu/os-win32.h. Update the list of includes in the qemu/osdep.h comment quoted above similarly. This reduces the number of objects depending on qapi/error.h from "all of them" to less than a third. Unfortunately, the number depending on qapi-types.h shrinks only a little. More work is needed for that one. Signed-off-by: Markus Armbruster <armbru@redhat.com> [Fix compilation without the spice devel packages. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-18usb: ehci: add capability mmio write functionPrasad J Pandit
USB Ehci emulation supports host controller capability registers. But its mmio '.write' function was missing, which lead to a null pointer dereference issue. Add a do nothing 'ehci_caps_write' definition to avoid it; Do nothing because capability registers are Read Only(RO). Reported-by: Zuozhi Fzz <zuozhi.fzz@alibaba-inc.com> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Message-id: 1454072434-16045-1-git-send-email-ppandit@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-02-02ehci: update irq on resetGerd Hoffmann
After clearing the status register we also have to update the irq line status. Otherwise a irq which happends to be pending at reset time causes a interrupt storm. And the guest can't stop as the status register doesn't indicate any pending interrupt. Both NetBSD and FreeBSD hang on shutdown because of that. Cc: qemu-stable@nongnu.org Reported-by: Andrey Korolyov <andrey@xdel.ru> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1453203884-4125-1-git-send-email-kraxel@redhat.com
2016-02-02usb: check page select value while processing iTDPrasad J Pandit
While processing isochronous transfer descriptors(iTD), the page select(PG) field value could lead to an OOB read access. Add check to avoid it. Reported-by: Qinghao Tang <luodalongde@gmail.com> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Message-id: 1453233406-12165-1-git-send-email-ppandit@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-01-29usb: Clean up includesPeter Maydell
Clean up includes so that osdep.h is included first and headers which it implies are not included manually. This commit was created with scripts/clean-includes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1453832250-766-20-git-send-email-peter.maydell@linaro.org
2015-12-15ehci: make idt processing more robustGerd Hoffmann
Make ehci_process_itd return an error in case we didn't do any actual iso transfer because we've found no active transaction. That'll avoid ehci happily run in circles forever if the guest builds a loop out of idts. This is CVE-2015-8558. Cc: qemu-stable@nongnu.org Reported-by: Qinghao Tang <luodalongde@gmail.com> Tested-by: P J P <ppandit@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-11-03ehci: clear suspend bit on detachGerd Hoffmann
When a device is detached, clear the suspend bit (PORTSC_SUSPEND) in the port status register. The specs are not *that* clear what is supposed to happen in case a suspended device is unplugged. But the enable bit (PORTSC_PED) is cleared, and the specs mention setting suspend with enable being unset is undefined behavior. So clearing them both looks reasonable, and it actually fixes the reported bug. https://bugzilla.redhat.com/show_bug.cgi?id=1268879 Cc: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Hans de Goede <hdegoede@redhat.com> Message-id: 1445413462-18004-1-git-send-email-kraxel@redhat.com
2015-07-20timer: rename NSEC_PER_SEC due to Mac OS X header clashStefan Hajnoczi
Commit e0cf11f31c24cfb17f44ed46c254d84c78e7f6e9 ("timer: Use a single definition of NSEC_PER_SEC for the whole codebase") renamed NANOSECONDS_PER_SECOND to NSEC_PER_SEC. On Mac OS X there is a <dispatch/time.h> system header which also defines NSEC_PER_SEC. This causes compiler warnings. Let's use the old name instead. It's longer but it doesn't clash. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-id: 1436364609-7929-1-git-send-email-stefanha@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-07-02timer: Use a single definition of NSEC_PER_SEC for the whole codebaseAlberto Garcia
Signed-off-by: Alberto Garcia <berto@igalia.com> Message-id: c6e55468856ba0b8f95913c4da111cc0ef266541.1434113783.git.berto@igalia.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-03-20ehci: fix segfault when hot-unplugging ehci controllerGonglei
When hot-unplugging the usb controllers (ehci/uhci), we have to clean all resouce of these devices, involved registered reset handler. Otherwise, it may cause NULL pointer access and/or segmentation fault if we reboot the guest os after hot-unplugging. Let's hook up reset via DeviceClass->reset() and drop the qemu_register_reset() call. Then Qemu will register and unregister the reset handler automatically. Cc: qemu-stable <qemu-stable@nongnu.org> Reported-by: Lidonglin <lidonglin@huawei.com> Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-17usb: Improve companion configuration error messagesMarkus Armbruster
The previous commit broke the additional messages explaining the error messages. Improve the error messages, so they don't need explaining so much. Helps QMP users as well, unlike additional explanations. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-17usb: Propagate errors through usb_register_companion()Markus Armbruster
This loses the messages explaining the error printed with error_printf_unless_qmp(). The next commit will make up for the loss. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-26vmstate: accept QEMUTimer in VMSTATE_TIMER*, add VMSTATE_TIMER_PTR*Paolo Bonzini
Old users of VMSTATE_TIMER* are mechanically changed to VMSTATE_TIMER_PTR variants. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-09-23usb: tag standalone ehci as hotpluggableGerd Hoffmann
Add a flag to EHCIPCIInfo saying whenever the controller supports companions or not. Make sure we only allow registering companions for ehci versions supporting that. Enable pci hotplug for the ehci variants not supporting companions. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29usb: add usb host adapters exit traceGonglei
Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29usb-ehci: add ehci unrealize funcitonGonglei
cleanup ehci controller resource, both pci and sysbus if they're necessary. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-29usb-ehci: add vmstate properity for EHCIStateGonglei
since hotunplug the ehci host adapter, we should delete vm_change_state_handler also, so the VMChangeStateEntry should be saved in EHCIState. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-08-15usb: don't use 'Yoda conditions'Gonglei
imitate nearby code about using '!value' or 'value == NULL' Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-06-02usb: move ehci register defines to header fileGerd Hoffmann
So we can easily use them in tests. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-05-14savevm: Remove all the unneeded version_minimum_id_old (usb)Juan Quintela
After previous Peter patch, they are redundant. This way we don't assign them except when needed. Once there, there were lots of case where the ".fields" indentation was wrong: .fields = (VMStateField []) { and .fields = (VMStateField []) { Change all the combinations to: .fields = (VMStateField[]){ The biggest problem (appart from aesthetics) was that checkpatch complained when we copy&pasted the code from one place to another. Signed-off-by: Juan Quintela <quintela@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
2013-12-06Merge remote-tracking branch 'kraxel/tags/pull-usb-1' into stagingAnthony Liguori
Improvements for usb3 bulk stream (usb core, xhci). Bugfixes for uas emulation. Add remote wakeup support for ehci. Add suspend support for xhci. Misc minor tweaks and fixes. # gpg: Signature made Thu 28 Nov 2013 11:44:49 PM PST using RSA key ID D3E87138 # gpg: Can't check signature: public key not found # By Hans de Goede (11) and others # Via Gerd Hoffmann * kraxel/tags/pull-usb-1: usb: move usb_{hi,lo} helpers to header file. usb: add vendor request defines trace-events: Clean up after removal of old usb-host code Revert "usb-tablet: Don't claim wakeup capability for USB-2 version" ehci: implement port wakeup xhci: Call usb_device_alloc/free_streams usb: Add usb_device_alloc/free_streams usb: Add max_streams attribute to endpoint info uas: s/ui/iu/ uas: Fix response iu struct definition uas: Bounds check tags when using streams uas: Streams are numbered 1-y, rather then 0-x uas: Fix / cleanup usb_uas_task error handling uas: Only use report iu-s for task_mgmt status reporting scsi: Add 2 new sense codes needed by uas xhci: add support for suspend/resume xhci: Add a few missing checks for disconnected devices Message-id: 1385712381-30918-1-git-send-email-kraxel@redhat.com Signed-off-by: Anthony Liguori <aliguori@amazon.com>
2013-12-02trace: Remove trace.h from hw/usb/hcd-ehci.h (less dependencies)Stefan Weil
This reduces the dependencies on trace.h. Only one source file which needs hcd-ehci.h also needs trace.h. Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-11-28ehci: implement port wakeupGerd Hoffmann
Update portsc register and raise irq in case a suspended port is woken up, so remote wakeup works on our ehci ports. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-09-10ehci: save device pointer in EHCIStateGerd Hoffmann
We'll need a pointer to the actual pci/sysbus device, stick a pointer to it into the EHCIState struct. https://bugzilla.redhat.com/show_bug.cgi?id=1005495 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-08-30usb: Pass size to usb_bus_new()Andreas Färber
To be passed to qbus_create_inplace(). Use DEVICE() cast to avoid a direct parent field access. Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-22aio / timers: Switch entire codebase to the new timer APIAlex Bligh
This is an autogenerated patch using scripts/switch-timer-api. Switch the entire code base to using the new timer API. Note this patch may introduce some line length issues. Signed-off-by: Alex Bligh <alex@alex.org.uk> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-07-27misc: Use g_assert_not_reached for code which is expected to be unreachableStefan Weil
The macro g_assert_not_reached is a better self documenting replacement for assert(0) or assert(false). Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-07-04hw/[u-x]*: pass owner to memory_region_init* functionsPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-07-04memory: add owner argument to initialization functionsPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-07-04dma: keep a device alive while it has SGListsPaolo Bonzini
Reviewed-by: Anthony Liguori <aliguori@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-06-24usb/hcd-ehci: Replace PORTSC macros with variablesKuo-Jung Su
Replace PORTSC macros with variables which could then be configured in ehci_xxxx_class_init(...) Signed-off-by: Kuo-Jung Su <dantesu@faraday-tech.com> Signed-off-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-06-24usb/hcd-ehci: Split off instance_init from realizeAndreas Färber
This makes the mem MemoryRegion available to derived instance_inits. Keep the bus in realize for now since naming breaks in instance_init. Signed-off-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-06-24usb/hcd-ehci-sysbus: Convert to QOM realizeAndreas Färber
The SysBus qdev initfn merely calls SysBusDeviceClass::init, so we can replace it with a realizefn already. This avoids getting into any initfn ambiguity with the upcoming Faraday EHCI implementation. Rename internal usb_ehci_initfn() to usb_ehci_realize() to allow to return Errors from common initialization code as well. Signed-off-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-06-20dma: eliminate DMAContextPaolo Bonzini
The DMAContext is a simple pointer to an AddressSpace that is now always already available. Make everyone hold the address space directly, and clean up the DMA API to use the AddressSpace directly. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-23ehci_free_packet: Discard finished packets when the queue is haltedHans de Goede
With pipelining it is possible to encounter a finished packet when cleaning the queue due to a halt. This happens when a non stall error happens while talking to a real device. In this case the queue on the usb-host side will continue processing packets, and we can have completed packets waiting in the queue after an error condition packet causing a halt. There are 2 reasons to discard the completed packets at this point, rather then trying to writing them back to the guest: 1) The guest expect to be able to cancel and/or change packets after the packet with the error without doing an unlink, so writing them back may confuse the guest. 2) Since the queue does not advance when halted, the writing back of these packets will fail anyways since p->qtdaddr != q->qtdaddr, so the ehci_verify_qtd call in ehci_writeback_async_complete_packet will fail. Note that 2) means that then only functional change this patch introduces is the printing of a warning when this scenario happens. Note that discarding these packets means that the guest driver and the device will get out of sync! This is unfortunate, but should not be a problem since with a non stall error (iow an io-error) the 2 are out of sync already anyways. Still this patch adds a warning to signal this happening. Note that sofar this has only been seen with a DVB-T receiver, which gives of a MPEG-2 stream, which allows for recovering from lost packets, see: https://bugzilla.redhat.com/show_bug.cgi?id=890320 Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-02-19usb-core: usb3 streamsGerd Hoffmann
This patch adds support for usb3 streams to the usb subsystem core. This is just adding a streams field / parameter in a number of places. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-14ehci: Assert state machine is sane w.r.t. EHCIQueueMarkus Armbruster
Coverity worries the EHCIQueue pointer could be null when we pass it to functions that reference it. The state machine ensures it can't be null then. Assert that, to hush the checker. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07usb: Add an usb_device_ep_stopped USBDevice methodHans de Goede
Some usb devices (host or network redirection) can benefit from knowing when the guest stops using an endpoint. Redirection may involve submitting packets independently from the guest (in combination with a fifo buffer between the redirection code and the guest), to ensure that buffers of the real usb device are timely emptied. This is done for example for isoc traffic and for interrupt input endpoints. But when the (re)submission of packets is done by the device code, then how does it know when to stop this? For isoc endpoints this is handled by detecting a set interface (change alt setting) command, which works well for isoc endpoints. But for interrupt endpoints currently the redirection code never stops receiving data from the device, which is less then ideal. However the controller emulation is aware when a guest looses interest, as then the qh for the endpoint gets unlinked (ehci, ohci, uhci) or the endpoint is explicitly stopped (xhci). This patch adds a new ep_stopped USBDevice method and modifies the hcd code to call this on queue unlink / ep stop. This makes it possible for the redirection code to properly stop receiving interrupt input (*) data when the guest no longer has interest in it. *) And in the future also buffered bulk input. Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07ehci: Don't call commit_irq after raising PCDHans de Goede
ehci_raise_irq(s, USBSTS_PCD), gets applied immediately so there is no need to call commit_irq after it. Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07ehci: Further speedup rescanning if async schedule after raising an interruptHans de Goede
I tried lowering the time between raising an interrupt and rescanning the async schedule to see if the guest has queued a new transfer before, but that did not have any positive effect. I now believe the cause for this is that lowering this time made it more likely to hit the 1 ms interrupt threshold penalty for the next packet, as described in my "ehci: Use uframe precision for interrupt threshold checking" commit. Now that we do interrupt threshold handling with uframe precision, futher lowering this time from .5 to .25 ms gives an extra 15% improvement in speed (MB/s) reading from a simple USB-2.0 thumb-drive. While at it also properly set the int_req_by_async flag for short packet completions. Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07ehci: Use uframe precision for interrupt threshold checking (v2)Hans de Goede
Before this patch, the following could happen: 1) Transfer completes, raises interrupt 2) .5 ms later we check if the guest has queued up any new transfers 3) We find and execute a new transfer 4) .2 ms later the new transfer completes 5) We re-run our frame_timer to write back the completion, but less then 1 ms has passed since our last run, so frindex is not changed, so the interrupt threshold code delays the interrupt 6) 1 ms from the re-run our frame-timer runs again and finally delivers the interrupt This leads to unnecessary large delays of interrupts, this code fixes this by changing frindex to uframe precision and using that for interrupt threshold control, making the interrupt fire at step 5 for guest which have low interrupt threshold settings (like Linux). Note that the guest still sees the frindex move in steps of 8 for migration compatibility. This boosts Linux read speed of a simple cheap USB thumb drive by 6 %. Changes in v2: -Make the guest see frindex move in steps of 8 by modifying ehci_opreg_read, rather then using a shadow variable Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07ehci: Verify a queue's ep direction does not changeHans de Goede
ehci_fill_queue assumes that there is a one on one relationship between an ep and a qh, this patch adds a check to ensure this. Note I don't expect this to ever trigger, this is just something I noticed the guest might do while working on other stuff. The only way this check can trigger is if a guest mixes in and out qtd-s in a single qh for a non control ep. Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07ehci: Add an ehci_get_pid helper functionHans de Goede
Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2013-01-07ehci: Verify qtd for async completed packetsHans de Goede
Remove the short-circuiting of fetchqtd in fetchqh, so that the qtd gets properly verified before completing the transaction. Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>