aboutsummaryrefslogtreecommitdiff
path: root/hw
AgeCommit message (Collapse)Author
2020-02-06aspeed/i2c: Prevent uninitialized warningMiroslav Rezanina
Compiler reports uninitialized warning for cmd_flags variable. Adding NULL initialization to prevent this warning. Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-Id: <07957dcab31f65de3dd30efa91e6b9152ac79879.1579598240.git.mrezanin@redhat.com> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2020-02-06hw/i386/vmmouse: Fix crash when using the vmmouse on a machine without vmportThomas Huth
QEMU currently crashes when the user tries to use the "vmmouse" on a machine without vmport, e.g.: $ x86_64-softmmu/qemu-system-x86_64 -machine microvm -device vmmouse Segmentation fault (core dumped) or: $ x86_64-softmmu/qemu-system-x86_64 -device vmmouse -M pc,vmport=off Segmentation fault (core dumped) Let's avoid the crash by checking for the vmport device first. Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Darren Kenny <darren.kenny@oracle.com> Message-Id: <20200129112954.4282-1-thuth@redhat.com> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2020-02-06hw/bt: Remove empty Kconfig fileThomas Huth
While removing the bluetooth code some weeks ago, I had to leave the hw/bt/Kconfig file around. Otherwise some of the builds would have been broken since the generated dependency files tried to include it before they were rebuilt. Meanwhile, all those dependency files should have been updated, so we can remove the empty Kconfig file now, too. Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20200123064525.6935-1-thuth@redhat.com> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2020-02-06hw/timer/m48t59: Convert debug printf()s to trace eventsPhilippe Mathieu-Daudé
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Hervé Poussineau <hpoussin@reactos.org> Message-Id: <20200117165809.31067-3-philmd@redhat.com> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2020-02-06hw/smbios/smbios: Remove unused includePhilippe Mathieu-Daudé
Nothing from "sysemu/cpus.h" is used by smbios.c, remove the include. Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-Id: <20200109112504.32622-1-philmd@redhat.com> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2020-02-04hw/hppa/Kconfig: LASI chipset requires PARALLEL portPhilippe Mathieu-Daudé
The PARISC Lasi chipset emulation requires some of the common parallel support and fails to build on a --without-default-devices: LINK hppa-softmmu/qemu-system-hppa /usr/bin/ld: hw/hppa/lasi.o: in function `lasi_init': hw/hppa/lasi.c:324: undefined reference to `parallel_mm_init' collect2: error: ld returned 1 exit status make[1]: *** [Makefile:206: qemu-system-hppa] Error 1 Fixes: 376b851909d Reported-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200129192350.27143-1-philmd@redhat.com> Acked-by: Helge Deller <deller@gmx.de> Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-02-04hw/input: Do not enable CONFIG_PCKBD by defaultThomas Huth
The i8042 PS/2 Controller should not be enabled by default. It has to be selected by machines or chipsets (e.g. SuperIO chipsets). Message-Id: <20200115113748.24757-1-thuth@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-02-04hw/*/Makefile.objs: Move many .o files to common-objsThomas Huth
We have many files that apparently do not depend on the target CPU configuration, i.e. which can be put into common-obj-y instead of obj-y. This way, the code can be shared for example between qemu-system-arm and qemu-system-aarch64, or the various big and little endian variants like qemu-system-sh4 and qemu-system-sh4eb, so that we do not have to compile the code multiple times anymore. Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20200130133841.10779-1-thuth@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-02-04trivial: Remove xenfb_enabled from sysemu.hThomas Huth
The define is only used in one other place. Move the code there instead of keeping this xen-specific define in sysemu.h. Message-Id: <20200121161747.10569-1-thuth@redhat.com> Acked-by: Paul Durrant <paul@xen.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-02-03ppc: spapr: Activate the FWNMI functionalityAravinda Prasad
This patch sets the default value of SPAPR_CAP_FWNMI_MCE to SPAPR_CAP_ON for machine type 5.0. Signed-off-by: Aravinda Prasad <arawinda.p@gmail.com> Signed-off-by: Ganesh Goudar <ganeshgr@linux.ibm.com> Message-Id: <20200130184423.20519-8-ganeshgr@linux.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-03migration: Include migration support for machine check handlingAravinda Prasad
This patch includes migration support for machine check handling. Especially this patch blocks VM migration requests until the machine check error handling is complete as these errors are specific to the source hardware and is irrelevant on the target hardware. Signed-off-by: Aravinda Prasad <arawinda.p@gmail.com> [Do not set FWNMI cap in post_load, now its done in .apply hook] Signed-off-by: Ganesh Goudar <ganeshgr@linux.ibm.com> Message-Id: <20200130184423.20519-7-ganeshgr@linux.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-03ppc: spapr: Handle "ibm,nmi-register" and "ibm,nmi-interlock" RTAS callsAravinda Prasad
This patch adds support in QEMU to handle "ibm,nmi-register" and "ibm,nmi-interlock" RTAS calls. The machine check notification address is saved when the OS issues "ibm,nmi-register" RTAS call. This patch also handles the case when multiple processors experience machine check at or about the same time by handling "ibm,nmi-interlock" call. In such cases, as per PAPR, subsequent processors serialize waiting for the first processor to issue the "ibm,nmi-interlock" call. The second processor that also received a machine check error waits till the first processor is done reading the error log. The first processor issues "ibm,nmi-interlock" call when the error log is consumed. Signed-off-by: Aravinda Prasad <arawinda.p@gmail.com> [Register fwnmi RTAS calls in core_rtas_register_types() where other RTAS calls are registered] Signed-off-by: Ganesh Goudar <ganeshgr@linux.ibm.com> Message-Id: <20200130184423.20519-6-ganeshgr@linux.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-03target/ppc: Build rtas error log upon an MCEAravinda Prasad
Upon a machine check exception (MCE) in a guest address space, KVM causes a guest exit to enable QEMU to build and pass the error to the guest in the PAPR defined rtas error log format. This patch builds the rtas error log, copies it to the rtas_addr and then invokes the guest registered machine check handler. The handler in the guest takes suitable action(s) depending on the type and criticality of the error. For example, if an error is unrecoverable memory corruption in an application inside the guest, then the guest kernel sends a SIGBUS to the application. For recoverable errors, the guest performs recovery actions and logs the error. Signed-off-by: Aravinda Prasad <arawinda.p@gmail.com> [Assume SLOF has allocated enough room for rtas error log] Signed-off-by: Ganesh Goudar <ganeshgr@linux.ibm.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Message-Id: <20200130184423.20519-5-ganeshgr@linux.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-03target/ppc: Handle NMI guest exitAravinda Prasad
Memory error such as bit flips that cannot be corrected by hardware are passed on to the kernel for handling. If the memory address in error belongs to guest then the guest kernel is responsible for taking suitable action. Patch [1] enhances KVM to exit guest with exit reason set to KVM_EXIT_NMI in such cases. This patch handles KVM_EXIT_NMI exit. [1] https://www.spinics.net/lists/kvm-ppc/msg12637.html (e20bbd3d and related commits) Signed-off-by: Aravinda Prasad <arawinda.p@gmail.com> Signed-off-by: Ganesh Goudar <ganeshgr@linux.ibm.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Greg Kurz <groug@kaod.org> Message-Id: <20200130184423.20519-4-ganeshgr@linux.ibm.com> [dwg: #ifdefs to fix compile for 32-bit target] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-03ppc: spapr: Introduce FWNMI capabilityAravinda Prasad
Introduce fwnmi an spapr capability and add a helper function which tries to enable it, which would be used by following patch of the series. This patch by itself does not change the existing behavior. Signed-off-by: Aravinda Prasad <arawinda.p@gmail.com> [eliminate cap_ppc_fwnmi, add fwnmi cap to migration state and reprhase the commit message] Signed-off-by: Ganesh Goudar <ganeshgr@linux.ibm.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Message-Id: <20200130184423.20519-3-ganeshgr@linux.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-03spapr: Enable DD2.3 accelerated count cache flush in pseries-5.0 machineDavid Gibson
For POWER9 DD2.2 cpus, the best current Spectre v2 indirect branch mitigation is "count cache disabled", which is configured with: -machine cap-ibs=fixed-ccd However, this option isn't available on DD2.3 CPUs with KVM, because they don't have the count cache disabled. For POWER9 DD2.3 cpus, it is "count cache flush with assist", configured with: -machine cap-ibs=workaround,cap-ccf-assist=on However this option isn't available on DD2.2 CPUs with KVM, because they don't have the special CCF assist instruction this relies on. On current machine types, we default to "count cache flush w/o assist", that is: -machine cap-ibs=workaround,cap-ccf-assist=off This runs, with mitigation on both DD2.2 and DD2.3 host cpus, but has a fairly significant performance impact. It turns out we can do better. The special instruction that CCF assist uses to trigger a count cache flush is a no-op on earlier CPUs, rather than trapping or causing other badness. It doesn't, of itself, implement the mitigation, but *if* we have count-cache-disabled, then the count cache flush is unnecessary, and so using the count cache flush mitigation is harmless. Therefore for the new pseries-5.0 machine type, enable cap-ccf-assist by default. Along with that, suppress throwing an error if cap-ccf-assist is selected but KVM doesn't support it, as long as KVM *is* giving us count-cache-disabled. To allow TCG to work out of the box, even though it doesn't implement the ccf flush assist, downgrade the error in that case to a warning. This matches several Spectre mitigations where we allow TCG to operate for debugging, since we don't really make guarantees about TCG security properties anyway. While we're there, make the TCG warning for this case match that for other mitigations. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Tested-by: Michael Ellerman <mpe@ellerman.id.au>
2020-02-02ppc/pnv: change the PowerNV machine devices to be non user creatableCédric Le Goater
The PowerNV machine emulates an OpenPOWER system and the PowerNV chip devices are models of the internal logic of the POWER processor. They can not be instantiated by the user on the QEMU command line. The PHB3/PHB4 devices could be an exception in the future after some rework on how the device tree is built. For the moment, exclude them also. Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200129113720.7404-1-clg@kaod.org> Tested-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Greg Kurz <groug@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02ppc/pnv: Add models for POWER8 PHB3 PCIe Host bridgeCédric Le Goater
This is a model of the PCIe Host Bridge (PHB3) found on a POWER8 processor. It includes the PowerBus logic interface (PBCQ), IOMMU support, a single PCIe Gen.3 Root Complex, and support for MSI and LSI interrupt sources as found on a POWER8 system using the XICS interrupt controller. The POWER8 processor comes in different flavors: Venice, Murano, Naple, each having a different number of PHBs. To make things simpler, the models provides 3 PHB3 per chip. Some platforms, like the Firestone, can also couple PHBs on the first chip to provide more bandwidth but this is too specific to model in QEMU. XICS requires some adjustment to support the PHB3 MSI. The changes are provided here but they could be decoupled in prereq patches. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200127144506.11132-3-clg@kaod.org> [dwg: Use device_class_set_props()] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02ppc/pnv: Add models for POWER9 PHB4 PCIe Host bridgeBenjamin Herrenschmidt
These changes introduces models for the PCIe Host Bridge (PHB4) of the POWER9 processor. It includes the PowerBus logic interface (PBCQ), IOMMU support, a single PCIe Gen.4 Root Complex, and support for MSI and LSI interrupt sources as found on a POWER9 system using the XIVE interrupt controller. POWER9 processor comes with 3 PHB4 PEC (PCI Express Controller) and each PEC can have several PHBs. By default, * PEC0 provides 1 PHB (PHB0) * PEC1 provides 2 PHBs (PHB1 and PHB2) * PEC2 provides 3 PHBs (PHB3, PHB4 and PHB5) Each PEC has a set "global" registers and some "per-stack" (per-PHB) registers. Those are organized in two XSCOM ranges, the "Nest" range and the "PCI" range, each range contains both some "PEC" registers and some "per-stack" registers. No default device layout is provided and PCI devices can be added on any of the available PCIe Root Port (pcie.0 .. 2 of a Power9 chip) with address 0x0 as the firwware (skiboot) only accepts a single device per root port. To run a simple system with a network and a storage adapters, use a command line options such as : -device e1000e,netdev=net0,mac=C0:FF:EE:00:00:02,bus=pcie.0,addr=0x0 -netdev bridge,id=net0,helper=/usr/libexec/qemu-bridge-helper,br=virbr0,id=hostnet0 -device megasas,id=scsi0,bus=pcie.1,addr=0x0 -drive file=$disk,if=none,id=drive-scsi0-0-0-0,format=qcow2,cache=none -device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,bootindex=2 If more are needed, include a bridge. Multi chip is supported, each chip adding its set of PHB4 controllers and its PCI busses. The model doesn't emulate the EEH error handling. This model is not ready for hotplug yet. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> [ clg: - numerous cleanups - commit log - fix for broken LSI support - PHB pic printinfo - large QOM rework ] Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200127144506.11132-2-clg@kaod.org> [dwg: Use device_class_set_props()] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02hw/ppc/Kconfig: Enable TPM_SPAPR as part of PSERIES configStefan Berger
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Message-Id: <20200121152935.649898-6-stefanb@linux.ibm.com> [dwg: Use default in Kconfig rather than select to avoid breaking Windows host build] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02tpm_spapr: Support suspend and resumeStefan Berger
Extend the tpm_spapr frontend with VM suspend and resume support. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Message-Id: <20200121152935.649898-5-stefanb@linux.ibm.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02tpm_spapr: Support TPM for ppc64 using CRQ based interfaceStefan Berger
Implement support for TPM on ppc64 by implementing the vTPM CRQ interface as a frontend. It can use the tpm_emulator driver backend with the external swtpm. The Linux vTPM driver for ppc64 works with this emulation. This TPM emulator also handles the TPM 2 case. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Message-Id: <20200121152935.649898-4-stefanb@linux.ibm.com> [dwg: Use device_class_set_props(), tweak Kconfig] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02spapr: Implement get_dt_compatible() callbackStefan Berger
For devices that cannot be statically initialized, implement a get_dt_compatible() callback that allows us to ask the device for the 'compatible' value. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Message-Id: <20200121152935.649898-3-stefanb@linux.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02tpm: Move tpm_tis_show_buffer to tpm_util.cStefan Berger
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Message-Id: <20200121152935.649898-2-stefanb@linux.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02ppc/pnv: Add support for "hostboot" modeCédric Le Goater
When the "hb-mode" option is activated on the powernv machine, the firmware is mapped at 0x8000000 and the HRMOR of the HW threads are set to the same address. The PNOR mapping on the FW address space of the LPC bus is left enabled to let the firmware load any other images required to boot the host. Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200127144154.10170-4-clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02ppc/pnv: remove useless "core-pir" property alias.Cédric Le Goater
Commit 158e17a65e1a ("ppc/pnv: Link "chip" property to PnvCore::chip pointer") introduced some cleanups of the PnvCore realize handler. Let's continue by reworking a bit the interface of the PnvCore handlers for the CPU threads. These changes make the "core-pir" property alias unused. Remove it. Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200127144154.10170-3-clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02spapr: Don't allow multiple active vCPUs at CASGreg Kurz
According to the description of "ibm,client-architecture-support" that can found in LoPAPR "B.6.2.3 Root Node Methods": If multiple partition processors or threads are active at the time of the ibm,client-architecture-support method call, or an error is detected in the format of the ibm,architecture.vec structure, the err? boolean shall be TRUE; else FALSE. We certainly don't want to temper with the platform or with the PCR of the other vCPUs if they happen to be active. Ensure we have only one active vCPU and fail CAS otherwise. This is just for conformance and robustness, it doesn't fix any known bugs. Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <157969867170.571404.12117797348882189656.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02spapr: Fail CAS if option vector table cannot be parsedGreg Kurz
Most of the option vector helpers have assertions to check their arguments aren't null. The guest can provide an arbitrary address for the CAS structure that would result in such null arguments. Fail CAS with H_PARAMETER and print a warning instead of aborting QEMU. Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <157925255250.397143.10855183619366882459.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02hw/ppc/prep: Remove the deprecated "prep" machine and the OpenHackware BIOSThomas Huth
It's been deprecated since QEMU v3.1. The 40p machine should be used nowadays instead. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Acked-by: Hervé Poussineau <hpoussin@reactos.org> Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <20200114114617.28854-1-thuth@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02ppc:virtex_ml507: remove unused argumentsIgor Mammedov
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <1579100861-73692-71-git-send-email-imammedo@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02ppc/pnv: improve error logging when a PNOR update failsCédric Le Goater
Print out the offset at which the error occured. Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200108090348.21224-3-clg@kaod.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02ppc/pnv: use QEMU unit definition MiBCédric Le Goater
Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200108090348.21224-2-clg@kaod.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-01-30hw/display/qxl.c: Use trace_event_get_state_backends()Peter Maydell
The preferred way to test whether a trace event is enabled is to use trace_event_get_state_backends(), because this will give the correct answer (allowing expensive computations to be skipped) whether the trace event is compile-time or run-time disabled. Convert the old-style direct use of TRACE_FOO_ENABLED. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 20200120151142.18954-4-peter.maydell@linaro.org Message-Id: <20200120151142.18954-4-peter.maydell@linaro.org> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2020-01-30target/arm/cpu: Add the kvm-no-adjvtime CPU propertyAndrew Jones
kvm-no-adjvtime is a KVM specific CPU property and a first of its kind. To accommodate it we also add kvm_arm_add_vcpu_properties() and a KVM specific CPU properties description to the CPU features document. Signed-off-by: Andrew Jones <drjones@redhat.com> Message-id: 20200120101023.16030-7-drjones@redhat.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30hw/arm/virt: Add missing 5.0 options call to 4.2 optionsAndrew Jones
Signed-off-by: Andrew Jones <drjones@redhat.com> Message-id: 20200120101023.16030-3-drjones@redhat.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30hw/intc/arm_gicv3_kvm: Stop wrongly programming GICR_PENDBASER.PTZ bitZenghui Yu
If LPIs are disabled, KVM will just ignore the GICR_PENDBASER.PTZ bit when restoring GICR_CTLR. Setting PTZ here makes littlt sense in "reduce GIC initialization time". And what's worse, PTZ is generally programmed by guest to indicate to the Redistributor whether the LPI Pending table is zero when enabling LPIs. If migration is triggered when the PTZ has just been cleared by guest (and before enabling LPIs), we will see PTZ==1 on the destination side, which is not as expected. Let's just drop this hackish userspace behavior. Also take this chance to refine the comment a bit. Fixes: 367b9f527bec ("hw/intc/arm_gicv3_kvm: Implement get/put functions") Signed-off-by: Zenghui Yu <yuzenghui@huawei.com> Message-id: 20200119133051.642-1-yuzenghui@huawei.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30hw/s390x/ipl: replace deprecated qdev_reset_all registrationDamien Hedde
Replace deprecated qdev_reset_all by resettable_cold_reset_fn for the ipl registration in the main reset handlers. This does not impact the behavior for the following reasons: + at this point resettable just call the old reset methods of devices and buses in the same order than qdev/qbus. + resettable handlers registered with qemu_register_reset are serialized; there is no interleaving. + eventual explicit calls to legacy reset API (device_reset or qdev/qbus_reset) inside this reset handler will not be masked out by resettable mechanism; they do not go through resettable api. Signed-off-by: Damien Hedde <damien.hedde@greensocs.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Cornelia Huck <cohuck@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20200123132823.1117486-12-damien.hedde@greensocs.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30hw/core: deprecate old reset functions and introduce new onesDamien Hedde
Deprecate device_legacy_reset(), qdev_reset_all() and qbus_reset_all() to be replaced by new functions device_cold_reset() and bus_cold_reset() which uses resettable API. Also introduce resettable_cold_reset_fn() which may be used as a replacement for qdev_reset_all_fn and qbus_reset_all_fn(). Following patches will be needed to look at legacy reset call sites and switch to resettable api. The legacy functions will be removed when unused. Signed-off-by: Damien Hedde <damien.hedde@greensocs.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20200123132823.1117486-9-damien.hedde@greensocs.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30hw/core/qdev: update hotplug reset regarding resettableDamien Hedde
This commit make use of the resettable API to reset the device being hotplugged when it is realized. Also it ensures it is put in a reset state coherent with the parent it is plugged into. Note that there is a difference in the reset. Instead of resetting only the hotplugged device, we reset also its subtree (switch to resettable API). This is not expected to be a problem because sub-buses are just realized too. If a hotplugged device has any sub-buses it is logical to reset them too at this point. The recently added should_be_hidden and PCI's partially_hotplugged mechanisms do not interfere with realize operation: + In the should_be_hidden use case, device creation is delayed. + The partially_hotplugged mechanism prevents a device to be unplugged and unrealized from qdev POV and unrealized. Signed-off-by: Damien Hedde <damien.hedde@greensocs.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20200123132823.1117486-8-damien.hedde@greensocs.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30hw/core/qdev: handle parent bus change regarding resettableDamien Hedde
In qdev_set_parent_bus(), when changing the parent bus of a realized device, if the source and destination buses are not in the same reset state, some adaptations are required. This patch adds needed call to resettable_change_parent() to make sure a device reset state stays coherent with its parent bus. The addition is a no-op if: 1. the device being parented is not realized. 2. the device is realized, but both buses are not under reset. Case 2 means that as long as qdev_set_parent_bus() is called during the machine realization procedure (which is before the machine reset so nothing is in reset), it is a no op. There are 52 call sites of qdev_set_parent_bus(). All but one fall into the no-op case: + 29 trivial calls related to virtio (in hw/{s390x,display,virtio}/ {vhost,virtio}-xxx.c) to set a vdev(or vgpu) composing device parent bus just before realizing the same vdev(vgpu). + hw/core/qdev.c: when creating a device in qdev_try_create() + hw/core/sysbus.c: when initializing a device in the sysbus + hw/i386/amd_iommu.c: before realizing AMDVIState/pci + hw/isa/piix4.c: before realizing PIIX4State/rtc + hw/misc/auxbus.c: when creating an AUXBus + hw/misc/auxbus.c: when creating an AUXBus child + hw/misc/macio/macio.c: when initializing a MACIOState child + hw/misc/macio/macio.c: before realizing NewWorldMacIOState/pmu + hw/misc/macio/macio.c: before realizing NewWorldMacIOState/cuda + hw/net/virtio-net.c: Used for migration when using the failover mechanism to migration a vfio-pci/net. It is a no-op because at this point the device is already on the bus. + hw/pci-host/designware.c: before realizing DesignwarePCIEHost/root + hw/pci-host/gpex.c: before realizing GPEXHost/root + hw/pci-host/prep.c: when initialiazing PREPPCIState/pci_dev + hw/pci-host/q35.c: before realizing Q35PCIHost/mch + hw/pci-host/versatile.c: when initializing PCIVPBState/pci_dev + hw/pci-host/xilinx-pcie.c: before realizing XilinxPCIEHost/root + hw/s390x/event-facility.c: when creating SCLPEventFacility/ TYPE_SCLP_QUIESCE + hw/s390x/event-facility.c: ditto with SCLPEventFacility/ TYPE_SCLP_CPU_HOTPLUG + hw/s390x/sclp.c: Not trivial because it is called on a SLCPDevice just after realizing it. Ok because at this point the destination bus (sysbus) is not in reset; the realize step is before the machine reset. + hw/sd/core.c: Not OK. Used in sdbus_reparent_card(). See below. + hw/ssi/ssi.c: Used to put spi slave on spi bus and connect the cs line in ssi_auto_connect_slave(). Ok because this function is only used in realize step in hw/ssi/aspeed_smc.ci, hw/ssi/imx_spi.c, hw/ssi/mss-spi.c, hw/ssi/xilinx_spi.c and hw/ssi/xilinx_spips.c. + hw/xen/xen-legacy-backend.c: when creating a XenLegacyDevice device + qdev-monitor.c: in device hotplug creation procedure before realize Note that this commit alone will have no effect, right now there is no use of resettable API to reset anything. So a bus will never be tagged as in-reset by this same API. The one place where side-effect will occurs is in hw/sd/core.c in sdbus_reparent_card(). This function is only used in the raspi machines, including during the sysbus reset procedure. This case will be carrefully handled when doing the multiple phase reset transition. Signed-off-by: Damien Hedde <damien.hedde@greensocs.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20200123132823.1117486-7-damien.hedde@greensocs.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30hw/core/resettable: add support for changing parentDamien Hedde
Add a function resettable_change_parent() to do the required plumbing when changing the parent a of Resettable object. We need to make sure that the reset state of the object remains coherent with the reset state of the new parent. We make the 2 following hypothesis: + when an object is put in a parent under reset, the object goes in reset. + when an object is removed from a parent under reset, the object leaves reset. The added function avoids any glitch if both old and new parent are already in reset. Signed-off-by: Damien Hedde <damien.hedde@greensocs.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20200123132823.1117486-6-damien.hedde@greensocs.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30hw/core: add Resettable support to BusClass and DeviceClassDamien Hedde
This commit adds support of Resettable interface to buses and devices: + ResettableState structure is added in the Bus/Device state + Resettable methods are implemented. + device/bus_is_in_reset function defined This commit allows to transition the objects to the new multi-phase interface without changing the reset behavior at all. Object single reset method can be split into the 3 different phases but the 3 phases are still executed in a row for a given object. From the qdev/qbus reset api point of view, nothing is changed. qdev_reset_all() and qbus_reset_all() are not modified as well as device_legacy_reset(). Transition of an object must be done from parent class to child class. Care has been taken to allow the transition of a parent class without requiring the child classes to be transitioned at the same time. Note that SysBus and SysBusDevice class do not need any transition because they do not override the legacy reset method. Signed-off-by: Damien Hedde <damien.hedde@greensocs.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20200123132823.1117486-5-damien.hedde@greensocs.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30hw/core: create Resettable QOM interfaceDamien Hedde
This commit defines an interface allowing multi-phase reset. This aims to solve a problem of the actual single-phase reset (built in DeviceClass and BusClass): reset behavior is dependent on the order in which reset handlers are called. In particular doing external side-effect (like setting an qemu_irq) is problematic because receiving object may not be reset yet. The Resettable interface divides the reset in 3 well defined phases. To reset an object tree, all 1st phases are executed then all 2nd then all 3rd. See the comments in include/hw/resettable.h for a more complete description. The interface defines 3 phases to let the future possibility of holding an object into reset for some time. The qdev/qbus reset in DeviceClass and BusClass will be modified in following commits to use this interface. A mechanism is provided to allow executing a transitional reset handler in place of the 2nd phase which is executed in children-then-parent order inside a tree. This will allow to transition devices and buses smoothly while keeping the exact current qdev/qbus reset behavior for now. Documentation will be added in a following commit. Signed-off-by: Damien Hedde <damien.hedde@greensocs.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20200123132823.1117486-4-damien.hedde@greensocs.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30hw/core/qdev: add trace events to help with resettable transitionDamien Hedde
Adds trace events to reset procedure and when updating the parent bus of a device. Signed-off-by: Damien Hedde <damien.hedde@greensocs.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Cornelia Huck <cohuck@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20200123132823.1117486-3-damien.hedde@greensocs.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30add device_legacy_reset function to prepare for reset api changeDamien Hedde
Provide a temporary device_legacy_reset function doing what device_reset does to prepare for the transition with Resettable API. All occurrence of device_reset in the code tree are also replaced by device_legacy_reset. The new resettable API has different prototype and semantics (resetting child buses as well as the specified device). Subsequent commits will make the changeover for each call site individually; once that is complete device_legacy_reset() will be removed. Signed-off-by: Damien Hedde <damien.hedde@greensocs.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Acked-by: David Gibson <david@gibson.dropbear.id.au> Acked-by: Cornelia Huck <cohuck@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20200123132823.1117486-2-damien.hedde@greensocs.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30hw/arm/raspi: Remove obsolete use of -smp to set the soc 'enabled-cpus'Philippe Mathieu-Daudé
Since we enabled parallel TCG code generation for softmmu (see commit 3468b59 "tcg: enable multiple TCG contexts in softmmu") and its subsequent fix (commit 72649619 "add .min_cpus and .default_cpus fields to machine_class"), the raspi machines are restricted to always use their 4 cores: See in hw/arm/raspi2 (with BCM283X_NCPUS set to 4): 222 static void raspi2_machine_init(MachineClass *mc) 223 { 224 mc->desc = "Raspberry Pi 2"; 230 mc->max_cpus = BCM283X_NCPUS; 231 mc->min_cpus = BCM283X_NCPUS; 232 mc->default_cpus = BCM283X_NCPUS; 235 }; 236 DEFINE_MACHINE("raspi2", raspi2_machine_init) We can no longer use the -smp option, as we get: $ qemu-system-arm -M raspi2 -smp 1 qemu-system-arm: Invalid SMP CPUs 1. The min CPUs supported by machine 'raspi2' is 4 Since we can not set the TYPE_BCM283x SOC "enabled-cpus" with -smp, remove the unuseful code. We can achieve the same by using the '-global bcm2836.enabled-cpus=1' option. Reported-by: Laurent Bonnans <laurent.bonnans@here.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-id: 20200120235159.18510-2-f4bug@amsat.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30misc/pca9552: Add qom set and getJoel Stanley
Following the pattern of the work recently done with the ASPEED GPIO model, this adds support for inspecting and modifying the PCA9552 LEDs from the monitor. (qemu) qom-set /machine/unattached/device[17] led0 on (qemu) qom-set /machine/unattached/device[17] led0 off (qemu) qom-set /machine/unattached/device[17] led0 pwm0 (qemu) qom-set /machine/unattached/device[17] led0 pwm1 Signed-off-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-id: 20200114103433.30534-6-clg@kaod.org [clg: - removed the "qom-get" examples from the commit log - merged memory leak fixes from Joel ] Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30hw/arm/aspeed: add a 'execute-in-place' property to boot directly from CE0Cédric Le Goater
The overhead for the OpenBMC firmware images using the a custom U-Boot is around 2 seconds, which is fine, but with a U-Boot from mainline, it takes an extra 50 seconds or so to reach Linux. A quick survey on the number of reads performed on the flash memory region gives the following figures : OpenBMC U-Boot 922478 (~ 3.5 MBytes) Mainline U-Boot 20569977 (~ 80 MBytes) QEMU must be trashing the TCG TBs and reloading text very often. Some addresses are read more than 250.000 times. Until we find a solution to improve boot time, execution from MMIO is not activated by default. Setting this option also breaks migration compatibility. Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20200114103433.30534-5-clg@kaod.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30ftgmac100: check RX and TX buffer alignmentCédric Le Goater
These buffers should be aligned on 16 bytes. Ignore invalid RX and TX buffer addresses and log an error. All incoming and outgoing traffic will be dropped because no valid RX or TX descriptors will be available. Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-id: 20200114103433.30534-4-clg@kaod.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-01-30hw/arm: ast2600: Wire up the eMMC controllerAndrew Jeffery
Initialise another SDHCI model instance for the AST2600's eMMC controller and use the SDHCI's num_slots value introduced previously to determine whether we should create an SD card instance for the new slot. Signed-off-by: Andrew Jeffery <andrew@aj.id.au> Reviewed-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-id: 20200114103433.30534-3-clg@kaod.org [ clg : - removed ternary operator from sdhci_attach_drive() - renamed SDHCI objects with a '-controller' prefix ] Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>