aboutsummaryrefslogtreecommitdiff
path: root/hw
AgeCommit message (Collapse)Author
2016-03-22Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20160321-1' into ↵Peter Maydell
staging usb: bugfix collection. # gpg: Signature made Mon 21 Mar 2016 11:07:39 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-usb-20160321-1: usb: ehci: add capability mmio write function hw/usb/dev-mtp: Guard inotify usage with CONFIG_INOTIFY1 usb: fix unbound stack warning for inotify_watchfn usb: fix unbound stack usage for usb_mtp_add_str usb: fix unbounded stack warning for xhci_dma_write_u32s usb: Fix compilation for Windows Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-18usb: ehci: add capability mmio write functionPrasad J Pandit
USB Ehci emulation supports host controller capability registers. But its mmio '.write' function was missing, which lead to a null pointer dereference issue. Add a do nothing 'ehci_caps_write' definition to avoid it; Do nothing because capability registers are Read Only(RO). Reported-by: Zuozhi Fzz <zuozhi.fzz@alibaba-inc.com> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Message-id: 1454072434-16045-1-git-send-email-ppandit@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-18hw/usb/dev-mtp: Guard inotify usage with CONFIG_INOTIFY1Matthew Fortune
inotify_init1 usage was guarded by a check for linux but does not exist on older distributions like CentOS 5 resulting in build failures. Signed-off-by: Matthew Fortune <matthew.fortune@imgtec.com> Message-id: 6D39441BF12EF246A7ABCE6654B023536BB85D4A@hhmail02.hh.imgtec.org Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-18usb: fix unbound stack warning for inotify_watchfnPeter Xu
Signed-off-by: Peter Xu <peterx@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1457503640-31473-1-git-send-email-peterx@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-18usb: fix unbound stack usage for usb_mtp_add_strPeter Xu
Use heap instead of stack. Signed-off-by: Peter Xu <peterx@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-18usb: fix unbounded stack warning for xhci_dma_write_u32sPeter Xu
All the callers for xhci_dma_write_u32s() are using mostly 5 * uint32_t in len. To avoid unbound stack warning for the function, make it statically allocated, and assert when it's not big enough in the future. Signed-off-by: Peter Xu <peterx@redhat.com> Message-id: 1457661106-9569-1-git-send-email-peterx@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-18usb: Fix compilation for WindowsStefan Weil
Mingw-w64 does not provide sys/ioctl.h and Linux builds don't need it, so remove that include statement. ERROR is defined by wingdi.h (included via windows.h). Undefine it before it is redefined to avoid a compiler warning / error. Signed-off-by: Stefan Weil <sw@weilnetz.de> Message-id: 1458159439-32322-1-git-send-email-sw@weilnetz.de Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-18qapi: Don't special-case simple union wrappersEric Blake
Simple unions were carrying a special case that hid their 'data' QMP member from the resulting C struct, via the hack method QAPISchemaObjectTypeVariant.simple_union_type(). But by using the work we started by unboxing flat union and alternate branches, coupled with the ability to visit the members of an implicit type, we can now expose the simple union's implicit type in qapi-types.h: | struct q_obj_ImageInfoSpecificQCow2_wrapper { | ImageInfoSpecificQCow2 *data; | }; | | struct q_obj_ImageInfoSpecificVmdk_wrapper { | ImageInfoSpecificVmdk *data; | }; ... | struct ImageInfoSpecific { | ImageInfoSpecificKind type; | union { /* union tag is @type */ | void *data; |- ImageInfoSpecificQCow2 *qcow2; |- ImageInfoSpecificVmdk *vmdk; |+ q_obj_ImageInfoSpecificQCow2_wrapper qcow2; |+ q_obj_ImageInfoSpecificVmdk_wrapper vmdk; | } u; | }; Doing this removes asymmetry between QAPI's QMP side and its C side (both sides now expose 'data'), and means that the treatment of a simple union as sugar for a flat union is now equivalent in both languages (previously the two approaches used a different layer of dereferencing, where the simple union could be converted to a flat union with equivalent C layout but different {} on the wire, or to an equivalent QMP wire form but with different C representation). Using the implicit type also lets us get rid of the simple_union_type() hack. Of course, now all clients of simple unions have to adjust from using su->u.member to using su->u.member.data; while this touches a number of files in the tree, some earlier cleanup patches helped minimize the change to the initialization of a temporary variable rather than every single member access. The generated qapi-visit.c code is also affected by the layout change: |@@ -7393,10 +7393,10 @@ void visit_type_ImageInfoSpecific_member | } | switch (obj->type) { | case IMAGE_INFO_SPECIFIC_KIND_QCOW2: |- visit_type_ImageInfoSpecificQCow2(v, "data", &obj->u.qcow2, &err); |+ visit_type_q_obj_ImageInfoSpecificQCow2_wrapper_members(v, &obj->u.qcow2, &err); | break; | case IMAGE_INFO_SPECIFIC_KIND_VMDK: |- visit_type_ImageInfoSpecificVmdk(v, "data", &obj->u.vmdk, &err); |+ visit_type_q_obj_ImageInfoSpecificVmdk_wrapper_members(v, &obj->u.vmdk, &err); | break; | default: | abort(); Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1458254921-17042-13-git-send-email-eblake@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-03-17blockdev: Split monitor reference from BB creationMax Reitz
Before this patch, blk_new() automatically assigned a name to the new BlockBackend and considered it referenced by the monitor. This patch removes the implicit monitor_add_blk() call from blk_new() (and consequently the monitor_remove_blk() call from blk_delete(), too) and thus blk_new() (and related functions) no longer take a BB name argument. In fact, there is only a single point where blk_new()/blk_new_open() is called and the new BB is monitor-owned, and that is in blockdev_init(). Besides thus relieving us from having to invent names for all of the BBs we use in qemu-img, this fixes a bug where qemu cannot create a new image if there already is a monitor-owned BB named "image". If a BB and its BDS tree are created in a single operation, as of this patch the BDS tree will be created before the BB is given a name (whereas it was the other way around before). This results in minor change to the output of iotest 087, whose reference output is amended accordingly. Signed-off-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-03-16module: Rename machine_init() to opts_init()Eduardo Habkost
The only remaining users of machine_init() only call qemu_add_opts(). Rename machine_init() to opts_init() and move it closer to the qemu_add_opts() calls on vl.c. Cc: "Michael S. Tsirkin" <mst@redhat.com> Cc: Igor Mammedov <imammedo@redhat.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-03-16machine: Use type_init() to register machine classesEduardo Habkost
Change all machine_init() users that simply call type_register*() to use type_init(). Cc: Evgeny Voevodin <e.voevodin@samsung.com> Cc: Maksim Kozlov <m.kozlov@samsung.com> Cc: Igor Mitsyanko <i.mitsyanko@gmail.com> Cc: Dmitry Solodkiy <d.solodkiy@samsung.com> Cc: Peter Maydell <peter.maydell@linaro.org> Cc: Rob Herring <robh@kernel.org> Cc: Andrzej Zaborowski <balrogg@gmail.com> Cc: Michael Walle <michael@walle.cc> Cc: "Hervé Poussineau" <hpoussin@reactos.org> Cc: Aurelien Jarno <aurelien@aurel32.net> Cc: Leon Alrae <leon.alrae@imgtec.com> Cc: Alexander Graf <agraf@suse.de> Cc: David Gibson <david@gibson.dropbear.id.au> Cc: Blue Swirl <blauwirbel@gmail.com> Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Cc: Max Filippov <jcmvbkbc@gmail.com> Cc: "Michael S. Tsirkin" <mst@redhat.com> Acked-by: Marcel Apfelbaum <marcel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-03-16sd: Fix "info qtree" on boards with SD cardsPeter Maydell
The SD card object is not a SysBusDevice, so don't create it with qdev_create() if we're not assigning it to a specific bus; use object_new() instead. This was causing 'info qtree' to segfault on boards with SD cards, because qdev_create(NULL, TYPE_FOO) puts the created object on the system bus, and then we may try to run functions like sysbus_dev_print() on it, which fail when casting the object to SysBusDevice. (This is the same mistake that we made with the NAND device and fixed in commit 6749695eaaf346c1.) Reported-by: xiaoqiang.zhao <zxq_yx_007@163.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: xiaoqiang.zhao <zxq_yx_007@163.com> Message-id: 1458061009-7733-1-git-send-email-peter.maydell@linaro.org
2016-03-16bcm2835_dma: add emulation of Raspberry Pi DMA controllerGrégory ESTRADE
At present, all DMA transfers complete inline (so a looping descriptor queue will lock up the device). We also do not model pause/abort, arbitrarion/priority, or debug features. Signed-off-by: Grégory ESTRADE <gregory.estrade@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Message-id: 1457467526-8840-6-git-send-email-Andrew.Baumann@microsoft.com [AB: implement 2D mode, cleanup/refactoring for upstream submission] Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16bcm2835_property: implement framebuffer control/configuration propertiesGrégory ESTRADE
The property channel driver now interfaces with the framebuffer device to query and set framebuffer parameters. As a result of this, the "get ARM RAM size" query now correctly returns the video RAM base address (not total RAM size), and the ram-size property is no longer relevant here. Signed-off-by: Grégory ESTRADE <gregory.estrade@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Message-id: 1457467526-8840-5-git-send-email-Andrew.Baumann@microsoft.com [AB: cleanup/refactoring for upstream submission] Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16bcm2835_fb: add framebuffer device for Raspberry PiGrégory ESTRADE
The framebuffer occupies the upper portion of memory (64MiB by default), but it can only be controlled/configured via a system mailbox or property channel (to be added by a subsequent patch). Signed-off-by: Grégory ESTRADE <gregory.estrade@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Message-id: 1457467526-8840-4-git-send-email-Andrew.Baumann@microsoft.com [AB: added Windows (BGR) support and cleanup/refactoring for upstream submission] Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16bcm2835_aux: add emulation of BCM2835 AUX (aka UART1) blockAndrew Baumann
At present only the core UART functions (data path for tx/rx) are implemented, which is enough for UEFI to boot. The following features/registers are unimplemented: * Line/modem control * Scratch register * Extra control * Baudrate * SPI interfaces Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1457467526-8840-3-git-send-email-Andrew.Baumann@microsoft.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16bcm2835_peripherals: enable sdhci pending-insert quirk for raspberry piAndrew Baumann
Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1457467526-8840-2-git-send-email-Andrew.Baumann@microsoft.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16hw/arm: Add palmetto-bmc machineAndrew Jeffery
The new machine is a thin layer over the AST2400 ARM926-based SoC[1]. Between the minimal machine and the current SoC implementation there is enough functionality to boot an aspeed_defconfig Linux kernel to userspace. Nothing yet is specific to the Palmetto's BMC (other than using an AST2400 SoC), but creating specific machine types is preferable to a generic machine that doesn't match any particular hardware. [1] http://www.aspeedtech.com/products.php?fPath=20&rId=376 Signed-off-by: Andrew Jeffery <andrew@aj.id.au> Message-id: 1458096317-25223-5-git-send-email-andrew@aj.id.au Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16hw/arm: Add ASPEED AST2400 SoC modelAndrew Jeffery
While the ASPEED AST2400 SoC[1] has a broad range of capabilities this implementation is minimal, comprising an ARM926 processor, ASPEED VIC and timer devices, and a 8250 UART. [1] http://www.aspeedtech.com/products.php?fPath=20&rId=376 Signed-off-by: Andrew Jeffery <andrew@aj.id.au> Message-id: 1458096317-25223-4-git-send-email-andrew@aj.id.au Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16hw/intc: Add (new) ASPEED VIC device modelAndrew Jeffery
Implement a basic ASPEED VIC device model for the AST2400 SoC[1], with enough functionality to boot an aspeed_defconfig Linux kernel. The model implements the 'new' (revised) register set: While the hardware exposes both the new and legacy register sets, accesses to the model's legacy register set will not be serviced (however the access will be logged). [1] http://www.aspeedtech.com/products.php?fPath=20&rId=376 Signed-off-by: Andrew Jeffery <andrew@aj.id.au> Message-id: 1458096317-25223-3-git-send-email-andrew@aj.id.au Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16hw/timer: Add ASPEED timer device modelAndrew Jeffery
Implement basic ASPEED timer functionality for the AST2400 SoC[1]: Up to 8 timers can independently be configured, enabled, reset and disabled. Some hardware features are not implemented, namely clock value matching and pulse generation, but the implementation is enough to boot the Linux kernel configured with aspeed_defconfig. [1] http://www.aspeedtech.com/products.php?fPath=20&rId=376 Signed-off-by: Andrew Jeffery <andrew@aj.id.au> Message-id: 1458096317-25223-2-git-send-email-andrew@aj.id.au Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16i.MX: Add missing descriptions in devices.Jean-Christophe Dubois
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: f1f565eb9dffdeb582feb1b15ba9e8b0afcf5468.1456868959.git.jcd@tribudubois.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16i.MX: Add i.MX6 CCM and ANALOG device.Jean-Christophe Dubois
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 9fa80b4d8c5d0f50c94e77d74f952a7a665e168f.1456868959.git.jcd@tribudubois.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16i.MX: Add the CLK_IPG_HIGH clockJean-Christophe Dubois
EPIT, GPT and other i.MX timers are using "abstract" clocks among which a CLK_IPG_HIGH clock. On i.MX25 and i.MX31 CLK_IPG and CLK_IPG_HIGH are mapped to the same clock but on other SOC like i.MX6 they are mapped to distinct clocks. This patch add the CLK_IPG_HIGH to prepare for SOC where these 2 clocks are different. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 224bf650194760284cb40630e985867e1373276a.1456868959.git.jcd@tribudubois.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16i.MX: Remove CCM useless clock computation handling.Jean-Christophe Dubois
Most clocks supported by the CCM are useless to the qemu framework. Only clocks related to timers (EPIT, GPT, PWM, WATCHDOG, ...) are usefull to QEMU code. Therefore this patch removes clock computation handling for all clocks but: * CLK_NONE, * CLK_IPG, * CLK_32k Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 9e7222efb349801032e60c0f6b0fbad0e5dcf648.1456868959.git.jcd@tribudubois.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16i.MX: Rename CCM NOCLK to CLK_NONE for naming consistency.Jean-Christophe Dubois
This way all CCM clock defines/enums are named CLK_XXX Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 8537df765c1713625c7a8b9aca4c7ca60b42e0c0.1456868959.git.jcd@tribudubois.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16i.MX: Allow GPT timer to rollover.Jean-Christophe Dubois
GPT timer need to rollover when it reaches 0xffffffff. It also need to reset to 0 when in "restart mode" and crossing the compare 1 register. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 6e2b36117a249a78bf822dd59a390368f407136e.1456868959.git.jcd@tribudubois.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16arm: virt: Move machine class init code to the abstract machine typeWei Huang
This patch moves the common class initialization code from "virt-2.6" to the new abstract class. An empty property is added to "virt-2.6" machine. In the meanwhile, related funtions are renamed to "virt_2_6_*" for consistency. Signed-off-by: Wei Huang <wei@redhat.com> Message-id: 1457717778-17727-3-git-send-email-wei@redhat.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16arm: virt: Add an abstract ARM virt machine typeWei Huang
In preparation for future ARM virt machine types, this patch creates an abstract type for all ARM machines. The current machine type in QEMU (i.e. "virt") is renamed to "virt-2.6", whose naming scheme is similar to other architectures. For the purpose of backward compatibility, "virt" is converted to an alias, pointing to "virt-2.6". With this patch, "qemu -M ?" lists the following virtual machine types along with others: virt QEMU 2.6 ARM Virtual Machine (alias of virt-2.6) virt-2.6 QEMU 2.6 ARM Virtual Machine Signed-off-by: Wei Huang <wei@redhat.com> Message-id: 1457717778-17727-2-git-send-email-wei@redhat.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.6-20160316' ↵Peter Maydell
into staging ppc patch queue for 2016-03-16 Accumulated patches for target-ppc, pseries machine type and related devices. As we are now in soft freeze, these are mostly fixes. * Fix KVM migration for several SPRs that qemu didn't handle * Clean up handling of SDR1, which allows a fix to the gdbstub * Fix a race in spapr_rng * Fix a bug with multifunction hotplug The exception is the 7 patches to allow EEH on spapr-pci-host-bridge devices (rather than the special and poorly designed spapr-vfio-pci-host-bridge device). I believe these are low risk of breaking non-EEH cases, and EEH cases were little used in practice previously (since libvirt did not support the special device amongst other things). It did have a draft posted before the soft freeze, removes a very ugly VFIO interface, and removes device we'd like to deprecate sooner rather than later. So, I'm hoping we can squeeze these in during the soft freeze. This includes two patches to the VFIO code, which Alex Williamson has indicated he's ok with coming through my tree. # gpg: Signature made Wed 16 Mar 2016 05:04:52 GMT using RSA key ID 20D9B392 # gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" # gpg: aka "David Gibson (Red Hat) <dgibson@redhat.com>" # gpg: aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dgibson/tags/ppc-for-2.6-20160316: vfio: Eliminate vfio_container_ioctl() spapr_pci: Remove finish_realize hook spapr_pci: (Mostly) remove spapr-pci-vfio-host-bridge spapr_pci: Allow EEH on spapr-pci-host-bridge spapr_pci: Eliminate class callbacks spapr_pci: Switch to vfio_eeh_as_op() interface vfio: Start improving VFIO/EEH interface spapr_rng: fix race with main loop target-ppc: Eliminate kvmppc_kern_htab global target-ppc: Add helpers for updating a CPU's SDR1 and external HPT target-ppc: Split out SREGS get/put functions spapr_pci: fix multifunction hotplug target-ppc: Add PVR for POWER8NVL processor ppc: Add a few more P8 PMU SPRs ppc: Fix migration of the TAR SPR ppc: Define the PSPB register on POWER8 Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-16vfio: Eliminate vfio_container_ioctl()David Gibson
vfio_container_ioctl() was a bad interface that bypassed abstraction boundaries, had semantics that sat uneasily with its name, and was unsafe in many realistic circumstances. Now that spapr-pci-vfio-host-bridge has been folded into spapr-pci-host-bridge, there are no more users, so remove it. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru> Acked-by: Alex Williamson <alex.williamson@redhat.com>
2016-03-16spapr_pci: Remove finish_realize hookDavid Gibson
Now that spapr-pci-vfio-host-bridge is reduced to just a stub, there is only one implementation of the finish_realize hook in sPAPRPHBClass. So, we can fold that implementation into its (single) caller, and remove the hook. That's the last thing left in sPAPRPHBClass, so that can go away as well. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
2016-03-16spapr_pci: (Mostly) remove spapr-pci-vfio-host-bridgeDavid Gibson
Now that the regular spapr-pci-host-bridge can handle EEH, there are only two things that spapr-pci-vfio-host-bridge does differently: 1. automatically sizes its DMA window to match the host IOMMU 2. checks if the attached VFIO container is backed by the VFIO_SPAPR_TCE_IOMMU type on the host (1) is not particularly useful, since the default window used by the regular host bridge will work with the host IOMMU configuration on all current systems anyway. Plus, automatically changing guest visible configuration (such as the DMA window) based on host settings is generally a bad idea. It's not definitively broken, since spapr-pci-vfio-host-bridge is only supposed to support VFIO devices which can't be migrated anyway, but still. (2) is not really useful, because if a guest tries to configure EEH on a different host IOMMU, the first call will fail and that will be that. It's possible there are scripts or tools out there which expect spapr-pci-vfio-host-bridge, so we don't remove it entirely. This patch reduces it to just a stub for backwards compatibility. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
2016-03-16spapr_pci: Allow EEH on spapr-pci-host-bridgeDavid Gibson
Now that the EEH code is independent of the special spapr-vfio-pci-host-bridge device, we can allow it on all spapr PCI host bridges instead. We do this by changing spapr_phb_eeh_available() to be based on the vfio_eeh_as_ok() call instead of the host bridge class. Because the value of vfio_eeh_as_ok() can change with devices being hotplugged or unplugged, this can potentially lead to some strange edge cases where the guest starts using EEH, then it starts failing because of a change in status. However, it's not really any worse than the current situation. Cases that would have worked previously will still work (i.e. VFIO devices from at most one VFIO IOMMU group per vPHB), it's just that it's no longer necessary to use spapr-vfio-pci-host-bridge with the groupid pre-specified. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
2016-03-16spapr_pci: Eliminate class callbacksDavid Gibson
The EEH operations in the spapr-vfio-pci-host-bridge no longer rely on the special groupid field in sPAPRPHBVFIOState. So we can simplify, removing the class specific callbacks with direct calls based on a simple spapr_phb_eeh_enabled() helper. For now we implement that in terms of a boolean in the class, but we'll continue to clean that up later. On its own this is a rather strange way of doing things, but it's a useful intermediate step to further cleanups. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
2016-03-16spapr_pci: Switch to vfio_eeh_as_op() interfaceDavid Gibson
This switches all EEH on VFIO operations in spapr_pci_vfio.c from the broken vfio_container_ioctl() interface to the new vfio_as_eeh_op() interface. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
2016-03-16vfio: Start improving VFIO/EEH interfaceDavid Gibson
At present the code handling IBM's Enhanced Error Handling (EEH) interface on VFIO devices operates by bypassing the usual VFIO logic with vfio_container_ioctl(). That's a poorly designed interface with unclear semantics about exactly what can be operated on. In particular it operates on a single vfio container internally (hence the name), but takes an address space and group id, from which it deduces the container in a rather roundabout way. groupids are something that code outside vfio shouldn't even be aware of. This patch creates new interfaces for EEH operations. Internally we have vfio_eeh_container_op() which takes a VFIOContainer object directly. For external use we have vfio_eeh_as_ok() which determines if an AddressSpace is usable for EEH (at present this means it has a single container with exactly one group attached), and vfio_eeh_as_op() which will perform an operation on an AddressSpace in the unambiguous case, and otherwise returns an error. This interface still isn't great, but it's enough of an improvement to allow a number of cleanups in other places. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru> Acked-by: Alex Williamson <alex.williamson@redhat.com>
2016-03-16spapr_rng: fix race with main loopGreg Kurz
Since commit "60253ed1e6ec rng: add request queue support to rng-random", the use of a spapr_rng device may hang vCPU threads. The following path is taken without holding the lock to the main loop mutex: h_random() rng_backend_request_entropy() rng_random_request_entropy() qemu_set_fd_handler() The consequence is that entropy_available() may be called before the vCPU thread could even queue the request: depending on the scheduling, it may happen that entropy_available() does not call random_recv()->qemu_sem_post(). The vCPU thread will then sleep forever in h_random()->qemu_sem_wait(). This could not happen before 60253ed1e6ec because entropy_available() used to call random_recv() unconditionally. This patch ensures the lock is held to avoid the race. Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Reviewed-by: Cédric Le Goater <clg@fr.ibm.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-03-16target-ppc: Eliminate kvmppc_kern_htab globalDavid Gibson
fa48b43 "target-ppc: Remove hack for ppc_hash64_load_hpte*() with HV KVM" purports to remove a hack in the handling of hash page tables (HPTs) managed by KVM instead of qemu. However, it actually went in the wrong direction. That patch requires anything looking for an external HPT (that is one not managed by the guest itself) to check both env->external_htab (for a qemu managed HPT) and kvmppc_kern_htab (for a KVM managed HPT). That's a problem because kvmppc_kern_htab is local to mmu-hash64.c, but some places which need to check for an external HPT are outside that, such as kvm_arch_get_registers(). The latter was subtly broken by the earlier patch such that gdbstub can no longer access memory. Basically a KVM managed HPT is much more like a qemu managed HPT than it is like a guest managed HPT, so the original "hack" was actually on the right track. This partially reverts fa48b43, so we again mark a KVM managed external HPT by putting a special but non-NULL value in env->external_htab. It then goes further, using that marker to eliminate the kvmppc_kern_htab global entirely. The ppc_hash64_set_external_hpt() helper function is extended to set that marker if passed a NULL value (if you're setting an external HPT, but don't have an actual HPT to set, the assumption is that it must be a KVM managed HPT). This also has some flow-on changes to the HPT access helpers, required by the above changes. Reported-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2016-03-16target-ppc: Add helpers for updating a CPU's SDR1 and external HPTDavid Gibson
When a Power cpu with 64-bit hash MMU has it's hash page table (HPT) pointer updated by a write to the SDR1 register we need to update some derived variables. Likewise, when the cpu is configured for an external HPT (one not in the guest memory space) some derived variables need to be updated. Currently the logic for this is (partially) duplicated in ppc_store_sdr1() and in spapr_cpu_reset(). In future we're going to need it in some other places, so make some common helpers for this update. In addition the new ppc_hash64_set_external_hpt() helper also updates SDR1 in KVM - it's not updated by the normal runtime KVM <-> qemu CPU synchronization. In a sense this belongs logically in the ppc_hash64_set_sdr1() helper, but that is called from kvm_arch_get_registers() so can't itself call cpu_synchronize_state() without infinite recursion. In practice this doesn't matter because the only other caller is TCG specific. Currently there aren't situations where updating SDR1 at runtime in KVM matters, but there are going to be in future. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
2016-03-16spapr_pci: fix multifunction hotplugMichael Roth
Since 3f1e147, QEMU has adopted a convention of supporting function hotplug by deferring hotplug events until func 0 is hotplugged. This is likely how management tools like libvirt would expose such support going forward. Since sPAPR guests rely on per-func events rather than slot-based, our protocol has been to hotplug func 0 *first* to avoid cases where devices appear within guests without func 0 present to avoid undefined behavior. To remain compatible with new convention, defer hotplug in a similar manner, but then generate events in 0-first order as we did in the past. Once func 0 present, fail any attempts to plug additional functions (as we do with PCIe). For unplug, defer unplug operations in a similar manner, but generate unplug events such that function 0 is removed last in guest. Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-03-15kvm: x86: q35: Add support for -machine kernel_irqchip=split for q35Rita Sinha
The split IRQ chip mode via KVM_CAP_SPLIT_IRQCHIP was introduced with commit 15eafc2e60 but was broken for q35. This patch makes kernel_irqchip=split functional for q35. Signed-off-by: Rita Sinha <rita.sinha89@gmail.com> Message-Id: <1457378525-16455-1-git-send-email-rita.sinha89@gmail.com> Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-15Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell
vhost, virtio, pci, pc, acpi nvdimm work sparse cpu id rework ipmi enhancements fixes all over the place pxb option to tweak chassis number Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Tue 15 Mar 2016 14:33:10 GMT using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" * remotes/mst/tags/for_upstream: (51 commits) hw/acpi: fix GSI links UID ipmi: add some local variables in ipmi_sdr_init ipmi: remove the need of an ending record in the SDR table ipmi: use a function to initialize the SDR table ipmi: add a realize function to the device class ipmi: add rsp_buffer_set_error() helper ipmi: remove IPMI_CHECK_RESERVATION() macro ipmi: replace IPMI_ADD_RSP_DATA() macro with inline helpers ipmi: remove IPMI_CHECK_CMD_LEN() macro MAINTAINERS: machine core MAINTAINERS: Add an entry for virtio header files pc: acpi: clarify why possible LAPIC entries must be present in MADT pc: acpi: drop cpu->found_cpus bitmap pc: acpi: create Processor and Notify objects only for valid lapics pc: acpi: create MADT.lapic entries only for valid lapics pc: acpi: SRAT: create only valid processor lapic entries pc: acpi: cleanup qdev_get_machine() calls machine: introduce MachineClass.possible_cpu_arch_ids() hook pc: init pcms->apic_id_limit once and use it throughout pc.c pc: acpi: remove NOP assignment ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-15hw/acpi: fix GSI links UIDMarcel Apfelbaum
According to the ACPI spec, each UID must be unique. Use the irq number as UID for GSI links. Suggested-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Marcel Apfelbaum <marcel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2016-03-14Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20160311.0' ↵Peter Maydell
into staging VFIO updates 2016-03-11 - Allow devices to be specified via sysfs path (Alex Williamson) - vfio region helpers and generalization for future device specific regions (Alex Williamson) - Automatic ROM device ID and checksum fixup (Alex Williamson) - Split VGA setup to allow enabling VGA from quirks (Alex Williamson) - Remove fixed string limit for ROM MemoryRegion name (Neo Jia) - MAINTAINERS update (Thomas Huth) # gpg: Signature made Fri 11 Mar 2016 15:55:31 GMT using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@redhat.com>" # gpg: aka "Alex Williamson <alex@shazbot.org>" # gpg: aka "Alex Williamson <alwillia@redhat.com>" # gpg: aka "Alex Williamson <alex.l.williamson@gmail.com>" * remotes/awilliam/tags/vfio-update-20160311.0: MAINTAINERS: Add entry for the include/hw/vfio/ folder vfio/pci: replace fixed string limit by g_strdup_printf vfio/pci: Split out VGA setup vfio/pci: Fixup PCI option ROMs vfio/pci: Convert all MemoryRegion to dynamic alloc and consistent functions vfio: Generalize region support vfio: Wrap VFIO_DEVICE_GET_REGION_INFO vfio: Add sysfsdev property for pci & platform Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-03-11ipmi: add some local variables in ipmi_sdr_initCédric Le Goater
This patch adds a couple of variables to manipulate the raw sdr entries. The const attribute is also removed on init_sdrs. This will ease the introduction of a sdr loader using a file. Signed-off-by: Cédric Le Goater <clg@fr.ibm.com> Acked-by: Corey Minyard <cminyard@mvista.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2016-03-11ipmi: remove the need of an ending record in the SDR tableCédric Le Goater
Currently, the code initializing the sdr table relies on an ending record with a recid of 0xffff. This patch changes the loop to use the sdr size as a breaking condition. Signed-off-by: Cédric Le Goater <clg@fr.ibm.com> Acked-by: Corey Minyard <cminyard@mvista.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2016-03-11ipmi: use a function to initialize the SDR tableCédric Le Goater
This patch moves the code section initializing the sdrs in its own routine to prepare ground for changes in the subsequent patches. Signed-off-by: Cédric Le Goater <clg@fr.ibm.com> Acked-by: Corey Minyard <cminyard@mvista.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2016-03-11ipmi: add a realize function to the device classCédric Le Goater
This will be useful to define and use properties when the object is instantiated. Signed-off-by: Cédric Le Goater <clg@fr.ibm.com> Acked-by: Corey Minyard <cminyard@mvista.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2016-03-11ipmi: add rsp_buffer_set_error() helperCédric Le Goater
The third byte in the response buffer of an IPMI command holds the error code. In many IPMI command handlers, this byte is updated directly. This patch adds a helper routine to clarify why this byte is being used. Signed-off-by: Cédric Le Goater <clg@fr.ibm.com> Acked-by: Corey Minyard <cminyard@mvista.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>