aboutsummaryrefslogtreecommitdiff
path: root/hw
AgeCommit message (Collapse)Author
2016-03-07scsi-bus: Remove tape command from scsi_req_xferAlex Pyrgiotis
Remove the RECOVER_BUFFERED_DATA command from the list of commands that are handled by scsi_req_xfer(). Given that this command is tape-specific, it should be handled only by scsi_stream_req_xfer(). Signed-off-by: Alex Pyrgiotis <apyrgio@arrikto.com> Message-Id: <1457365822-22435-1-git-send-email-apyrgio@arrikto.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-07memory: Drop MemoryRegion.ram_addrFam Zheng
All references to mr->ram_addr are replaced by memory_region_get_ram_addr(mr) (except for a few assertions that are replaced with mr->ram_block). Reviewed-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Fam Zheng <famz@redhat.com> Message-Id: <1456813104-25902-5-git-send-email-famz@redhat.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-07i8257: fix Terminal Count statusHervé Poussineau
When a DMA transfer is done (ie all bytes have been transfered), the corresponding Terminal Count bit must be set in the status register. This bit is already cleared in i8257_read_cont and i8257_write_cont when required. This fixes (at least) floppy transfer in IBM 40p firmware, which checks in DMA controller if everything went fine. Signed-off-by: Hervé Poussineau <hpoussin@reactos.org> Message-Id: <1456404332-31556-1-git-send-email-hpoussin@reactos.org> Reviewed-by: John Snow <jsnow@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-05ui: Shorten references into InputEventEric Blake
An upcoming patch will alter how simple unions, like InputEvent, are laid out, which will impact all lines of the form 'evt->u.XXX' (expanding it to the longer 'evt->u.XXX.data'). For better legibility in that patch, and less need for line wrapping, it's better to use a temporary variable to reduce the effect of a layout change to just the variable initializations, rather than every reference within an InputEvent. There was one instance in hid.c:hid_pointer_event() where the code was referring to evt->u.rel inside the case label where evt->u.abs is the correct name; thankfully, both members of the union have the same type, so it happened to work, but it is now cleaner. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1457021813-10704-8-git-send-email-eblake@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-03-04qapi-dealloc: Reduce use outside of generated codeEric Blake
No need to roll our own use of the dealloc visitors when we can just directly use the qapi_free_FOO() functions that do what we want in one line. In net.c, inline net_visit() into its remaining lone caller. After this patch, test-visitor-serialization.c is the only non-generated file that needs to use a dealloc visitor, because it is testing low level aspects of the visitor interface. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1456262075-3311-2-git-send-email-eblake@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-03-04hw/intc/arm_gic.c: Implement GICv2 GICC_DIRPeter Maydell
The GICv2 introduces a new CPU interface register GICC_DIR, which allows an OS to split the "priority drop" and "deactivate interrupt" parts of interrupt completion. Implement this register. (Note that the register is at offset 0x1000 in the CPU interface, which means it is on a different 4K page from all the other registers.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com> Message-id: 1456854176-7813-1-git-send-email-peter.maydell@linaro.org
2016-03-04arm: boot: Support big-endian elfsPeter Crosthwaite
Support ARM big-endian ELF files in system-mode emulation. When loading an elf, determine the endianness mode expected by the elf, and set the relevant CPU state accordingly. With this, big-endian modes are now fully supported via system-mode LE, so there is no need to restrict the elf loading to the TARGET endianness so the ifdeffery on TARGET_WORDS_BIGENDIAN goes away. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> [PMM: fix typo in comments] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-04loader: Add data swap option to load-elfPeter Crosthwaite
Some CPUs are of an opposite data-endianness to other components in the system. Sometimes elfs have the data sections layed out with this CPU data-endianness accounting for when loaded via the CPU, so byte swaps (relative to other system components) will occur. The leading example, is ARM's BE32 mode, which is is basically LE with address manipulation on half-word and byte accesses to access the hw/byte reversed address. This means that word data is invariant across LE and BE32. This also means that instructions are still LE. The expectation is that the elf will be loaded via the CPU in this endianness scheme, which means the data in the elf is reversed at compile time. As QEMU loads via the system memory directly, rather than the CPU, we need a mechanism to reverse elf data endianness to implement this possibility. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-04loader: add API to load elf headerPeter Crosthwaite
Add an API to load an elf header header from a file. Populates a buffer with the header contents, as well as a boolean for whether the elf is 64b or not. Both arguments are optional. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> [PMM: Fix typo in comment] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-04bcm2835_mbox/property: replace ldl_phys/stl_phys with endian-specific accessesAndrew Baumann
PMM pointed out that ldl_phys and stl_phys are dependent on the CPU's endianness, whereas device model code should be independent of it. This changes the relevant Raspberry Pi devices to explicitly call the little-endian variants. Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Message-id: 1456880233-22568-1-git-send-email-Andrew.Baumann@microsoft.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-04hw/arm/virt: Assume EL3 boot rom will handle PSCI if one is providedPeter Maydell
If the user passes us an EL3 boot rom, then it is going to want to implement the PSCI interface itself. In this case, disable QEMU's internal PSCI implementation so it does not get in the way, and instead start all CPUs in an SMP configuration at once (the boot rom will catch them all and pen up the secondaries until needed). The boot rom code is also responsible for editing the device tree to include any necessary information about its own PSCI implementation before eventually passing it to a NonSecure guest. (This "start all CPUs at once" approach is what both ARM Trusted Firmware and UEFI expect, since it is what the ARM Foundation Model does; the other approach would be to provide some emulated hardware for "start the secondaries" but this is simplest.) This is a compatibility break, but I don't believe that anybody was using a secure boot ROM with an SMP configuration. Such a setup would be somewhat broken since there was nothing preventing nonsecure guest code from calling the QEMU PSCI function to start up a secondary core in a way that completely bypassed the secure world. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Message-id: 1456853976-7592-1-git-send-email-peter.maydell@linaro.org
2016-03-04hw/arm/virt: Make first flash device Secure-only if booting securePeter Maydell
If the virt board is started with the 'secure' property set to request a Secure setup, then make the first flash device be visible only to the Secure world. This is a breaking change, but I don't expect it to be noticed by anybody, because running TZ-aware guests isn't common and those guests are generally going to be booting from the flash and implicitly expecting their Non-secure guests to not touch it. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1455288361-30117-5-git-send-email-peter.maydell@linaro.org
2016-03-04hw/arm/virt: Load bios image to MemoryRegion, not physaddrPeter Maydell
If we're loading a BIOS image into the first flash device, load it into the flash's memory region specifically, not into the physical address where the flash resides. This will make a difference when the flash might be in the Secure address space rather than the Nonsecure one. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1455288361-30117-4-git-send-email-peter.maydell@linaro.org
2016-03-04loader: Add load_image_mr() to load ROM image to a MemoryRegionPeter Maydell
Add a new function load_image_mr(), which behaves like load_image_targphys() except that it loads the ROM image to a specified MemoryRegion rather than to a specified physical address. This is useful when a ROM blob needs to be loaded to a particular flash or ROM device but the address of that device in the machine's address space is not known. (For instance, ROMs in devices, or ROMs which might exist in a different address space to the system address space.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1455288361-30117-3-git-send-email-peter.maydell@linaro.org Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
2016-03-04hw/arm/virt: Provide a secure-only RAM if booting in Secure modePeter Maydell
If we're booting in Secure mode, provide a secure-only RAM (just 16MB) so that secure firmware has somewhere to run from that won't be accessible to the Non-secure guest. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1455288361-30117-2-git-send-email-peter.maydell@linaro.org
2016-03-04sdhci: Implement DeviceClass resetPeter Maydell
The sdhci device was missing a DeviceClass reset method; implement it. Poweron reset looks the same as reset commanded by the guest via the device registers, apart from modelling of the rpi 'pending insert interrupt on powerup' quirk. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Message-id: 1456493044-10025-3-git-send-email-peter.maydell@linaro.org
2016-03-04sd.c: Handle NULL block backend in sd_get_inserted()Peter Maydell
The sd.c SD card emulation code can be in a state where the SDState BlockBackend pointer is NULL; this is treated as "card not present". Add a missing check to sd_get_inserted() so that we don't segfault in this situation. (This could be provoked by the guest writing to the SDHCI register to do a reset on a xilinx-zynq-a9 board; it will also happen at startup when sdhci implements its DeviceClass reset method.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@xilinx.com> Message-id: 1456493044-10025-2-git-send-email-peter.maydell@linaro.org
2016-03-04virt: Lift the maximum RAM limit from 30GB to 255GBPeter Maydell
The virt board restricts guests to only 30GB of RAM. This is a hangover from the vexpress-a15 board, and there's no inherent reason for it. 30GB is smaller than you might reasonably want to provision a VM for on a beefy server machine. Raise the limit to 255GB. We choose 255GB because the available space we currently have below the 1TB boundary is up to the 512GB mark, but we don't want to paint ourselves into a corner by assigning it all to RAM. So we make half of it available for RAM, with the 256GB..512GB range available for future non-RAM expansion purposes. If we need to provide more RAM to VMs in the future then we need to: * allocate a second bank of RAM starting at 2TB and working up * fix the DT and ACPI table generation code in QEMU to correctly report two split lumps of RAM to the guest * fix KVM in the host kernel to allow guests with >40 bit address spaces The last of these is obviously the trickiest, but it seems reasonable to assume that anybody configuring a VM with a quarter of a terabyte of RAM will be doing it on a host with more than a terabyte of physical address space. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Tested-by: Wei Huang <wei@redhat.com> Message-id: 1456402182-11651-1-git-send-email-peter.maydell@linaro.org
2016-03-03virtio-rng: ask for more data if queue is not fully drainedLadi Prosek
This commit effectively reverts: commit 4621c1768ef5d12171cca2aa1473595ecb9f1c9e Author: Amit Shah <amit.shah@redhat.com> Date: Wed Nov 21 11:21:19 2012 +0530 virtio-rng: remove extra request for entropy but instead of calling virtio_rng_process unconditionally, it first checks to see if the queue is empty as a little bit of optimization. Signed-off-by: Ladi Prosek <lprosek@redhat.com> Reviewed-by: Amit Shah <amit.shah@redhat.com> Message-Id: <1456998514-19271-1-git-send-email-lprosek@redhat.com> Signed-off-by: Amit Shah <amit.shah@redhat.com>
2016-03-01Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20160301' into stagingPeter Maydell
Assorted fixes, cleanups and enhancements. # gpg: Signature made Tue 01 Mar 2016 11:45:12 GMT using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@linux.vnet.ibm.com>" # gpg: aka "Cornelia Huck <cornelia.huck@de.ibm.com>" * remotes/cohuck/tags/s390x-20160301: s390x/css: only suspend when enabled by orb MAINTAINERS: Remove entry for hw/s390x/s390-virtio-bus.[ch] MAINTAINERS: Remove the old s390-virtio machine s390x/pci: use PCI_MSIX_FLAGS on retrieving the MSIX entries s390x/css: Use static initialization for channel_subsys fields s390x/css: Allocate channel_subsys statically s390x/pci: fix reg/dereg irq functions s390x/css: introduce indicator refcounting interfaces s390x/virtio: old machine leftovers watchdog/diag288: avoid race condition on expired watchdog s390x: remove {kvm_}s390_virtio_irq() s390x: fix debug statement in trigger_page_fault() s390x/kvm: sync fprs via kvm_run linux-headers: update against kvm/next Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-01s390x/css: only suspend when enabled by orbCornelia Huck
We must not allow a channel program to suspend if the suspend control bit in the orb had not been specified. Reviewed-by: Halil Pasic <pasic@linux.vnet.ibm.com> Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2016-03-01s390x/pci: use PCI_MSIX_FLAGS on retrieving the MSIX entriesWei Yang
Even PCI_CAP_FLAGS has the same value as PCI_MSIX_FLAGS, the later one is the more proper on retrieving MSIX entries. This patch uses PCI_MSIX_FLAGS to retrieve the MSIX entries. Signed-off-by: Wei Yang <richard.weiyang@gmail.com> CC: Cornelia Huck <cornelia.huck@de.ibm.com> CC: Christian Borntraeger <borntraeger@de.ibm.com> Message-Id: <1455895091-7589-3-git-send-email-richard.weiyang@gmail.com> Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2016-03-01s390x/css: Use static initialization for channel_subsys fieldsEduardo Habkost
machine_init() will be gone, but we don't need it if we just initialize the channel_subsys fields statically. Cc: Cornelia Huck <cornelia.huck@de.ibm.com> Cc: Christian Borntraeger <borntraeger@de.ibm.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Alexander Graf <agraf@suse.de> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <1455656347-29033-4-git-send-email-ehabkost@redhat.com> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> [adapted on top of indicator changes] Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2016-03-01s390x/css: Allocate channel_subsys staticallyEduardo Habkost
There's no need to use g_malloc0() to allocate the channel_subsys struct, just use a static variable. Cc: Cornelia Huck <cornelia.huck@de.ibm.com> Cc: Christian Borntraeger <borntraeger@de.ibm.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Alexander Graf <agraf@suse.de> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <1455656347-29033-3-git-send-email-ehabkost@redhat.com> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> [adapted on top of indicator changes] Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2016-03-01s390x/pci: fix reg/dereg irq functionsYi Min Zhao
Indicator refcounting interfaces are introduced. This patch fixes introducing unneeded indicator mappings and failure to release AISB mappings on deregistration. Signed-off-by: Yi Min Zhao <zyimin@linux.vnet.ibm.com> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2016-03-01s390x/css: introduce indicator refcounting interfacesYi Min Zhao
Currently, virtio-ccw uses its own interfaces to keep indicators mapped just once even if the same address has been registered multiple times. These interfaces fit the PCI use case as well. Therefore, move them to css and make them generic interfaces. Signed-off-by: Yi Min Zhao <zyimin@linux.vnet.ibm.com> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2016-03-01s390x/virtio: old machine leftoversCornelia Huck
Remove some now unused #defines. Reviewed-By: Sascha Silbe <silbe@linux.vnet.ibm.com> Reviewed-by: Halil Pasic <pasic@linux.vnet.ibm.com> Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2016-03-01watchdog/diag288: avoid race condition on expired watchdogSascha Silbe
When configured to inject an NMI, watchdog_perform_action() may cause the BQL to be temporarily relinquished (inject_nmi() → ... → s390_nmi() → s390_cpu_restart() → run_on_cpu()). When the guest issues diag 288 again in response to the NMI, the diag 288 operation will race against wdt_diag288_reset(). Depending on scheduler behaviour, wdt_diag288_reset() may be run after the guest issued a diag 288 Init. As a result, we will cancel the timer the guest just set up. The effect observed by the guest is that a second expiry does not trigger the watchdog action and diag 288 Change operations fail. Fix this by resetting the timer _before_ invoking the action. Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com> Acked-by: David Hildenbrand <dahi@linux.vnet.ibm.com> Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
2016-03-01Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20160301-1' ↵Peter Maydell
into staging qapi: fix input-send-event and promote to stable # gpg: Signature made Tue 01 Mar 2016 08:19:52 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-input-20160301-1: qapi: promote input-send-event to stable qapi: rename InputAxis values. qapi: rename input buttons qapi: switch x-input-send-event from console to device+head console: add & use qemu_console_lookup_by_device_name Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-01qapi: rename input buttonsGerd Hoffmann
All lowercase, use-dash instead of CamelCase. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2016-03-01qxl: lock current_async update in qxl_soft_resetGerd Hoffmann
This should fix a defect report from Coverity. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-01cirrus_vga: fix off-by-one in blit_region_is_unsafePaolo Bonzini
The "max" value is being compared with >=, but addr + width points to the first byte that will _not_ be copied. Laszlo suggested using a "greater than" comparison, instead of subtracting one like it is already done above for the height, so that max remains always positive. The mistake is "safe"---it will reject some blits, but will never cause out-of-bounds writes. Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Message-id: 1455121059-18280-1-git-send-email-pbonzini@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-02-29Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20160229-1' into ↵Peter Maydell
staging usb: redirect bugfix, MAINTAINERS update. # gpg: Signature made Mon 29 Feb 2016 11:09:54 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-usb-20160229-1: usb-redirect: Avoid double free of data MAINTAINERS: Add some missing entries for USB related files Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-02-29Merge remote-tracking branch 'remotes/kraxel/tags/pull-fw-cfg-20160226-1' ↵Peter Maydell
into staging fw_cfg: unbreak migration compatibility for 2.4 and earlier machines # gpg: Signature made Fri 26 Feb 2016 09:45:50 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-fw-cfg-20160226-1: fw_cfg: unbreak migration compatibility for 2.4 and earlier machines Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-02-29usb-redirect: Avoid double free of dataFam Zheng
If dropping packets, data is freed, the caller's loop should not continue. Reported by ccc-analyzer. Signed-off-by: Fam Zheng <famz@redhat.com> Message-id: 1456301288-1592-1-git-send-email-famz@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-02-28xics: report errors with the QEMU Error APIGreg Kurz
Using the return value to report errors is error prone: - xics_alloc() returns -1 on error but spapr_vio_busdev_realize() errors on 0 - xics_alloc_block() returns the unclear value of ics->offset - 1 on error but both rtas_ibm_change_msi() and spapr_phb_realize() error on 0 This patch adds an errp argument to xics_alloc() and xics_alloc_block() to report errors. The return value of these functions is a valid IRQ number if errp is NULL. It is undefined otherwise. The corresponding error traces get promotted to error messages. Note that the "can't allocate IRQ" error message in spapr_vio_busdev_realize() also moves to xics_alloc(). Similar error message consolidation isn't really applicable to xics_alloc_block() because callers have extra context (device config address, MSI or MSIX). This fixes the issues mentioned above. Based on previous work from Brian W. Hart. Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-02-28migration: allow machine to enforce configuration section migrationGreg Kurz
Migration of pseries-2.3 doesn't have configuration section. Unfortunately, QEMU 2.4/2.4.1/2.5 are buggy and always stream and expect the configuration section, and break migration both ways. This patch introduces a property which allows to enforce a configuration section for machines who don't have one. It can be set at startup: -machine enforce-config-section=on or later from the QEMU monitor: qom-set /machine enforce-config-section on It is up to the tooling to set or unset this property according to the version of the QEMU at the other end of the pipe. Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-02-28spapr: skip configuration section during migration of older machinesGreg Kurz
Since QEMU 2.4, we have a configuration section in the migration stream. This must be skipped for older machines, like it is already done for x86. This patch fixes the migration of pseries-2.3 from/to QEMU 2.3, but it breaks migration of the same machine from/to QEMU 2.4/2.4.1/2.5. We do that anyway because QEMU 2.3 is likely to be more widely deployed than newer QEMU versions. Fixes: 61964c23e5ddd5a33f15699e45ce126f879e3e33 Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-02-28dbdma: warn when using unassigned channelHervé Poussineau
With this, it's easier to know if a guest uses an invalid and/or unimplemented DMA channel. Signed-off-by: Hervé Poussineau <hpoussin@reactos.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Acked-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-02-28spapr: disable vmdesc submission for old machinesGreg Kurz
Since QEMU 2.3, we have a vmdesc section in the migration stream. This section is not mandatory but when migrating a pseries-2.2 machine from QEMU 2.2, you get a warning at the destination: qemu-system-ppc64: Expected vmdescription section, but got 0 The warning goes away if we decide to skip vmdesc as well for older pseries, like it is already done for pc's. This can only be observed with -cpu POWER7 because POWER8 cannot migrate from QEMU 2.2 to 2.3 (insns_flags2 mismatch). Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-02-28spapr_pci: fix irq leak in RTAS ibm,change-msiGreg Kurz
This RTAS call is used to request new interrupts or to free all interrupts. If the driver has already allocated interrupts and asks again for a non-null number of irqs, then the rtas_ibm_change_msi() function will silently leak the previous interrupts. It happens because xics_free() is only called when the driver releases all interrupts (!req_num case). Note that the previously allocated spapr_pci_msi is not leaked because the GHashTable is created with destroy functions and g_hash_table_insert() hence frees the old value. This patch makes sure any previously allocated MSIs are released when a new allocation succeeds. Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-02-28spapr_pci: kill useless variable in rtas_ibm_change_msi()Greg Kurz
The num local variable is initialized to zero and has no writer. Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-02-28spapr_rng: disable hotpluggabilityGreg Kurz
It is currently possible to hotplug a spapr_rng device but QEMU crashes when we try to hot unplug: ERROR:hw/core/qdev.c:295:qdev_unplug: assertion failed: (hotplug_ctrl) Aborted This happens because spapr_rng isn't plugged to any bus and sPAPR does not provide hotplug support for it: qdev_get_hotplug_handler() hence return NULL and we hit the assertion. And anyway, it doesn't make much sense to unplug this device since hcalls cannot be unregistered. Even the idea of hotplugging a RNG device instead of declaring it on the QEMU command line looks weird. This patch simply disables hotpluggability for the spapr-rng class. Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-02-26sdhci: add quirk property for card insert interrupt status on Raspberry PiAndrew Baumann
This quirk is a workaround for the following hardware behaviour, on which UEFI (specifically, the bootloader for Windows on Pi2) depends: 1. at boot with an SD card present, the interrupt status/enable registers are initially zero 2. upon enabling it in the interrupt enable register, the card insert bit in the interrupt status register is immediately set 3. after a subsequent controller reset, the card insert interrupt does not fire, even if enabled in the interrupt enable register Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Message-id: 1456436130-7048-3-git-send-email-Andrew.Baumann@microsoft.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-02-26sdhci: Revert "add optional quirk property to disable card insertion/removal ↵Andrew Baumann
interrupts" This reverts commit 723697551a7e926abe7d3c7f2966012b8075143d. This change was poorly tested on my part. It squelched card insertion interrupts on reset, but that was not necessary because sdhci_reset() clears all the registers (via the call to memset), so the subsequent sdhci_insert_eject_cb() call never sees the card insert interrupt enabled. However, not calling the insert_eject_cb results in prnsts remaining 0, when it actually needs to be updated to indicate card presence and R/O status. Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Message-id: 1456436130-7048-2-git-send-email-Andrew.Baumann@microsoft.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-02-26raspi: fix SD card with recent sdhci changesAndrew Baumann
Recent changes to sdhci broke SD on raspi. This change mirrors the logic to create the SD card device at the board level. Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Message-id: 1456351128-5560-1-git-send-email-Andrew.Baumann@microsoft.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-02-26ARM: PL061: Checking register r/w accesses to reserved areaWei Huang
pl061.c emulates two GPIO devices, ARM PL061 and TI Stellaris, which share the same read/write functions (pl061_read and pl061_write). However PL061 and Stellaris have different GPIO register definitions and pl061_read()/pl061_write() doesn't check it. This patch enforces checking on offset, preventing R/W into the reserved memory area. Signed-off-by: Wei Huang <wei@redhat.com> Message-id: 1455814580-17699-1-git-send-email-wei@redhat.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-02-26fw_cfg: unbreak migration compatibility for 2.4 and earlier machinesLaszlo Ersek
When I reviewed Marc's fw_cfg DMA patches, I completely missed that the way we set dma_enabled would break migration. Gerd explained the right way (see reference below): dma_enabled should be set to true by default, and only true->false transitions should be possible: - when the user requests that with -global fw_cfg_mem.dma_enabled=off or -global fw_cfg_io.dma_enabled=off as appropriate for the platform, - when HW_COMPAT_2_4 dictates it, - when board code initializes fw_cfg without requesting DMA support. Cc: Marc Marí <markmb@redhat.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Alexandre DERUMIER <aderumier@odiso.com> Cc: qemu-stable@nongnu.org Ref: http://thread.gmane.org/gmane.comp.emulators.qemu/390272/focus=391042 Ref: https://bugs.launchpad.net/qemu/+bug/1536487 Suggested-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Laszlo Ersek <lersek@redhat.com> Message-id: 1455823860-22268-1-git-send-email-lersek@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-02-25Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell
vhost, virtio, pci, pc Fixes all over the place. virtio dataplane migration support. Old q35 machine types removed. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Thu 25 Feb 2016 11:16:46 GMT using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" * remotes/mst/tags/for_upstream: (21 commits) q35: No need to check gigabyte_align q35: Remove unused q35-acpi-dsdt.aml file ich9: Remove enable_tco arguments from init functions machine: Remove no_tco field q35: Remove old machine versions tests/vhost-user-bridge: fix build on 32 bit systems vring: remove virtio-scsi: do not use vring in dataplane virtio-blk: do not use vring in dataplane virtio-blk: fix "disabled data plane" mode virtio: export vring_notify as virtio_should_notify virtio: add AioContext-specific function for host notifiers vring: make vring_enable_notification return void block-migration: acquire AioContext as necessary pci core: function pci_bus_init() cleanup pci core: function pci_host_bus_register() cleanup balloon: Use only 'pc-dimm' type dimm for ballooning virtio-balloon: rewrite get_current_ram_size() move get_current_ram_size to virtio-balloon.c vhost-user: don't merge regions with different fds ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-02-25q35: No need to check gigabyte_alignEduardo Habkost
gigabyte_align is always true on q35, so we don't need the !gigabyte_align compat code anymore. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com>