Alexander Graf [Wed, 10 Aug 2011 12:21:41 +0000 (14:21 +0200)]
PPC: Add new target config for pseries
We only support -M pseries when certain prerequisites are met, such
as a PPC64 guest and libfdt. To only gather these requirements in
a single place, this patch introduces a new CONFIG_PSERIES variable
that gets set when all prerequisites are met.
Alexander Graf [Sat, 23 Jul 2011 08:56:40 +0000 (10:56 +0200)]
MPC8544DS: Generate CPU nodes on init
With this patch, we generate CPU nodes in the machine initialization, giving
us the freedom to generate as many nodes as we want and as the machine supports,
but only those.
This is a first step towards a much cleaner device tree generation
infrastructure, where we would not require precompiled dtb blobs anymore.
Alexander Graf [Sat, 23 Jul 2011 08:54:11 +0000 (10:54 +0200)]
device tree: give dt more size
We currently load a device tree blob and then just take its size x2 to
account for modifications we do inside. While this is nice and great,
it fails when we have a small device tree as blob and lots of nodes added
in machine init code.
So for now, just make it 20k bigger than it was before. We maybe want to
be more clever about this later.
Alexander Graf [Sat, 23 Jul 2011 08:52:00 +0000 (10:52 +0200)]
device tree: dont fail operations
When we screw up and issue an FDT command that doesn't work, we really need to
know immediately and usually can't continue to create the machine. To make sure
we don't need to add error checking in all device tree modification code users,
we can just add the fail checks to the qemu abstract functions.
Alexander Graf [Fri, 22 Jul 2011 11:32:29 +0000 (13:32 +0200)]
PPC: E500: Add PV spinning code
CPUs that are not the boot CPU need to run in spinning code to check if they
should run off to execute and if so where to jump to. This usually happens
by leaving secondary CPUs looping and checking if some variable in memory
changed.
In an environment like Qemu however we can be more clever. We can just export
the spin table the primary CPU modifies as MMIO region that would event based
wake up the respective secondary CPUs. That saves us quite some cycles while
the secondary CPUs are not up yet.
So this patch adds a PV device that simply exports the spinning table into the
guest and thus allows the primary CPU to wake up secondary ones.
Alexander Graf [Thu, 21 Jul 2011 01:02:31 +0000 (03:02 +0200)]
PPC: E500: Remove unneeded CPU nodes
We should only keep CPU nodes in the device tree around that we really have
virtual CPUs for. So remove all superfluous entries that we just keep there
in case someone wants to create a lot of vCPUs.
Alexander Graf [Thu, 21 Jul 2011 00:54:51 +0000 (02:54 +0200)]
PPC: KVM: Add stubs for kvm helper functions
We have a bunch of helper functions that don't have any stubs for them in case
we don't have CONFIG_KVM enabled. That didn't bite us so far, because gcc can
optimize them out pretty well, but we should really provide them.
Alexander Graf [Wed, 20 Jul 2011 23:52:57 +0000 (01:52 +0200)]
device tree: add nop_node
We have a qemu internal abstraction layer on FDT. While I'm not fully convinced
we need it at all, it's missing the nop_node functionality that we now need
on e500. So let's add it and think about the general future of that API later.
Alexander Graf [Wed, 20 Jul 2011 23:42:58 +0000 (01:42 +0200)]
PPC: E500: Generate IRQ lines for many CPUs
Now that we can generate multiple envs for all our virtual CPUs, we
also need to tell the MPIC that we have multiple CPUs connected and
connect them all to the respective virtual interrupt lines.
Alexander Graf [Wed, 20 Jul 2011 23:41:16 +0000 (01:41 +0200)]
PPC: E500: create multiple envs
When creating a VM, we should go through smp_cpus and create a virtual CPU for
every CPU the user requested. This patch adds support for that and moves some
code around to make that more convenient.
Alexander Graf [Wed, 20 Jul 2011 23:39:46 +0000 (01:39 +0200)]
PPC: Bump MPIC up to 32 supported CPUs
The MPIC emulation is now capable of handling up to 32 CPUs. Reflect that in
the code exporting the numbers out and fix an integer overflow while at it.
Alexander Graf [Sat, 23 Jul 2011 09:27:53 +0000 (11:27 +0200)]
PPC: MPIC: Fix CI bit definitions
The bit definitions for critical interrupt routing are in PowerPC order
(most significant bit is 0), while we end up shifting it with normal bit
order. Turn the numbers around so we actually end up fetching the
right ones.
Alexander Graf [Sat, 23 Jul 2011 09:09:23 +0000 (11:09 +0200)]
PPC: MPIC: Remove read functionality for WO registers
The IPI dispatch registers are write only according to every MPIC
spec I have found. So instead of pretending you could read back something
from them, better not handle them at all.
Alexander Graf [Sat, 23 Jul 2011 09:05:35 +0000 (11:05 +0200)]
PPC: Set MPIC IDE for IPI to 0
We use the IDE register with IPIs as a mask to keep track which processors
have already acknowledged the respective interrupt. So we need to initialize
it to 0 to make sure that it doesn't accidently fire an IPI on CPU0 when the
first IPI is triggered.
Alexander Graf [Wed, 20 Jul 2011 23:36:44 +0000 (01:36 +0200)]
PPC: Fix IPI support in MPIC
The current IPI support in the MPIC code is incomplete and doesn't work. This
code adds proper support for IPIs in MPIC by using the IDE register to remember
which CPUs IPIs are still outstanding to. New triggers through the IPI trigger
register only add to the list of CPUs we want to IPI.
Alexander Graf [Wed, 20 Jul 2011 23:35:15 +0000 (01:35 +0200)]
PPC: Extend MPIC MMIO range
The MPIC exports a page for each CPU that it controls. To support more than
one CPU, we need to also reserve the MMIO space according to the amount of
CPUs we want to support.
Alexander Graf [Wed, 20 Jul 2011 23:33:29 +0000 (01:33 +0200)]
PPC: Add CPU local MMIO regions to MPIC
The MPIC exports a register set for each CPU connected to it. They can all
be accessed through specific registers or using a shadow page that is mapped
differently depending on which CPU accesses it.
This patch implements the shadow map, making it possible for guests to access
the CPU local registers using the same address on each CPU.
Paolo Bonzini [Thu, 26 May 2011 09:52:44 +0000 (11:52 +0200)]
spapr: proper qdevification
Right now the spapr devices cannot be instantiated with -device,
because the IRQs need to be passed to the spapr_*_create functions.
Do this instead in the bus's init wrapper.
This is particularly important with the conversion from scsi-disk
to scsi-{cd,hd} that Markus made. After his patches, if you
specify a scsi-cd device attached to an if=none drive, the default
VSCSI controller will not be created and, without qdevification,
you will not be able to add yours.
Stefan Hajnoczi [Fri, 30 Sep 2011 10:39:11 +0000 (11:39 +0100)]
qed: fix use-after-free during l2 cache commit
QED's metadata caching strategy allows two parallel requests to race for
metadata lookup. The first one to complete will populate the metadata
cache and the second one will drop the data it just read in favor of the
cached data.
There is a use-after-free in qed_read_l2_table_cb() and
qed_commit_l2_update() where l2_table->offset was used after the
l2_table may have been freed due to a metadata lookup race. Fix this by
keeping the l2_offset in a local variable and not reaching into the
possibly freed l2_table.
Blue Swirl [Wed, 21 Sep 2011 18:13:16 +0000 (18:13 +0000)]
Move GETPC from dyngen-exec.h to exec-all.h
GETPC() can be used even from outside of helper code. Move the macro to
a more accessible location. Avoid a compile warning from redefining it in exec.c.
Jan Kiszka [Thu, 29 Sep 2011 16:52:11 +0000 (18:52 +0200)]
tcg-i386: Introduce limited deposit support
x86 cannot provide an optimized generic deposit implementation. But at
least for a few special cases, namely for writing bits 0..7, 8..15, and
0..15, versions using only a single instruction are feasible.
Introducing such limited support improves emulating 16-bit x86 code on
x86, but also rarer cases where 32-bit or 64-bit code accesses bytes or
words.
Peter Maydell [Mon, 26 Sep 2011 15:56:55 +0000 (16:56 +0100)]
softfloat: Reinstate accidentally disabled target-specific NaN handling
Include config.h in softfloat.c, so that the target specific ifdefs in
softfloat-specialize.h are evaluated correctly. This was accidentally
broken in commit 789ec7ce2 when config-target.h was removed from
softfloat.h, and means that most targets will have been returning the
wrong results for calculations involving NaNs.
Thomas Huth [Tue, 27 Sep 2011 09:20:38 +0000 (11:20 +0200)]
slirp: Fix packet expiration
The two new variables "arp_requested" and "expiration_date" in the mbuf
structure have been added after the variable-sized "m_dat_" array. The
variables have to be added before the m_dat_ array instead.
Without this patch, the expiration_date gets clobbered by code that
accesses the m_dat_ array.
I experienced this problem with the code in slirp/tftp.c: The
tftp_send_data() function created a new packet with the m_get()
function (which fills-in a default expiration_date value). Then the
TFTP code cleared the data section of the packet, which accidentially
also cleared the expiration_date. This zeroed expiration_date then
finally causes the packet to be discarded during if_start(), so that
TFTP packets were not transmitted anymore.
The only non-obvious part is pic_poll_read which used
"addr1 >> 7" to detect whether one referred to either
the master or slave PIC. Instead, test this directly.
Avi Kivity [Mon, 12 Sep 2011 10:00:05 +0000 (13:00 +0300)]
mips_malta: move i8259 initialization after piix4 initialization
i8259 is an ISA device (or at least, depends on the ISA infrastructure to
register its ioport); and the ISA bus is supplied by piix4. Later patches
make this dependency explicit.
Use qemu_irq_proxy() to stop the cycle by adding an extra layer of
indirection.
Peter Maydell [Tue, 20 Sep 2011 15:18:46 +0000 (16:18 +0100)]
MAINTAINERS: update maintainer for target-arm and ARM devboards
Add myself as co-maintainer alongside Paul Brook for the TCG ARM
guest implementation (target-arm) and the ARM dev boards (integratorcp,
realview, stellaris, versatilepb).
Peter Maydell [Fri, 16 Sep 2011 14:40:16 +0000 (15:40 +0100)]
Makefile: Remove 'tarbin' target
Remove the 'tarbin' target -- it isn't used as part of the official
QEMU release process, and it's out of date (various new bios files
were never added to its list of files). It's better not to provide
it at all than to have a broken makefile target we never use or test.
(Creating a tarball by just pulling in binaries that have been installed
directly to the system you're running the build on is a bad idea anyway:
the better way to create a binary tarball would be just to install to
a temporary DESTDIR and then tar up that.)
Now that qemu_set_fd_handler and qemu_set_fd_handler2 have different
implementations, one using qemu iohandlers and the other glib, it is not
safe to mix the two when inserting/deleting handlers.
Avi Kivity [Sun, 18 Sep 2011 12:58:26 +0000 (15:58 +0300)]
irq: introduce qemu_irq_proxy()
In some cases we have a circular dependency involving irqs - the irq
controller depends on a bus, which in turn depends on the irq controller.
Add qemu_irq_proxy() which acts as a passthrough, except that the target
irq may be set later on.
David Gibson [Tue, 20 Sep 2011 02:05:21 +0000 (12:05 +1000)]
Barriers in qemu-barrier.h should not be x86 specific
qemu-barrier.h contains a few macros implementing memory barrier
primitives used in several places throughout qemu. However, apart
from the compiler-only barrier, the defined wmb() is correct only for
x86, or platforms which are similarly strongly ordered.
This patch addresses the FIXME about this by making the wmb() macro
arch dependent. On x86, it remains a compiler barrier only, but with
a comment explaining in more detail the conditions under which this is
correct. On weakly-ordered powerpc, an "eieio" instruction is used,
again with explanation of the conditions under which it is sufficient.
On other platforms, we use the __sync_synchronize() primitive,
available in sufficiently recent gcc (4.2 and after?). This should
implement a full barrier which will be sufficient on all platforms,
although it may be overkill in some cases. Other platforms can add
optimized versions in future if it's worth it for them.
Without proper memory barriers, it is easy to reproduce ordering
problems with virtio on powerpc; specifically, the QEMU puts new
element into the "used" ring and then updates the ring free-running
counter. Without a barrier between these under the right
circumstances, the guest linux driver can receive an interrupt, read
the counter change but find the ring element to be handled still has
an old value, leading to an "id %u is not a head!\n" error message.
Similar problems are likely to be possible with kvm on other weakly
ordered platforms.
David Gibson [Tue, 20 Sep 2011 02:05:20 +0000 (12:05 +1000)]
virtio: Use global memory barrier macros
The virtio code uses wmb() macros in several places, as required by the
SMP-aware virtio protocol. However the wmb() macro is locally defined
to be a compiler barrier only. This is probably sufficient on x86
due to its strong storage ordering model, but it certainly isn't on other
platforms, such as ppc.
In any case, qemu already has some globally defined memory barrier macros
in qemu-barrier.h. This patch, therefore converts virtio.c to use those
barrier macros. The macros in qemu-barrier.h are also wrong (or at least,
safe for x86 only) but this way at least there's only one place to fix
them.
Stefan Weil [Fri, 16 Sep 2011 20:03:08 +0000 (22:03 +0200)]
Fix and clean code which tests the gcc version
The code which tests whether gcc supports warn_unused_result was wrong.
Remove the wrong test from configure and replace it by code using
macro QEMU_GNUC_PREREQ in compiler.h.
Donald Dutile [Wed, 21 Sep 2011 19:25:11 +0000 (15:25 -0400)]
pci-devfn: check that device/slot number is within range
Need to check that guest slot/device number is not > 31 or walk off
the devfn table when checking if a devfn is available or not in a guest.
before this fix, passing in an addr=abc or addr=34,
can crash qemu, sometimes fail gracefully if data past end
of devfn table fails the availability test.
with this fix, get clean error:
Property 'pci-assign.addr' doesn't take value '34'
also tested when no addr= param passed for guest (pcicfg) address,
and that worked as well.
Michael Roth [Wed, 7 Sep 2011 23:40:52 +0000 (18:40 -0500)]
build: fix race with creating qapi-generated
Since qapi-generated/ is a global QEMU include path, we need to make
sure it is created before anything is compiled, so do this in the
configure phase rather than via the Makefile.
Jan Kiszka [Wed, 21 Sep 2011 18:49:29 +0000 (20:49 +0200)]
pc: Unbreak ROM mapping for ISA machine
This is based on the original fix by Hervé Poussineau: pc_memory_init
actually takes a memory region for mapping BIOS and extension ROMs. That
equals the PCI memory region if PCI is available, but must be system
memory in the ISA case.
dann frazier [Wed, 21 Sep 2011 20:06:25 +0000 (14:06 -0600)]
e1000: Don't set the Capabilities List bit
[Originally sent to qemu-kvm list, but I was redirected here]
The Capabilities Pointer is NULL, so this bit shouldn't be set. The state of
this bit doesn't appear to change any behavior on Linux/Windows versions we've
tested, but it does cause Windows' PCI/PCI Express Compliance Test to balk.
I happen to have a physical 82540EM controller, and it also sets the
Capabilities Bit, but it actually has items on the capabilities list to go
with it :)
projects / qemu.git / log