Paulo Alcantara [Sun, 28 Jun 2015 17:58:56 +0000 (14:58 -0300)]
ich9: add TCO interface emulation
This interface provides some registers within a 32-byte range and can be
acessed through PCI-to-LPC bridge interface (PMBASE + 0x60).
It's commonly used as a watchdog timer to detect system lockups through
SMIs that are generated -- if TCO_EN bit is set -- on every timeout. If
NO_REBOOT bit is not set in GCS (General Control and Status register),
the system will be resetted upon second timeout if TCO_RLD register
wasn't previously written to prevent timeout.
This patch adds support to TCO watchdog logic and few other features
like mapping NMIs to SMIs (NMI2SMI_EN bit), system intruder detection,
etc. are not implemented yet.
Peter Maydell [Mon, 6 Jul 2015 22:37:53 +0000 (23:37 +0100)]
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream-smm' into staging
This series implements KVM support for SMM, and lets you enable/disable
it through the "smm" property of x86 machine types.
# gpg: Signature made Mon Jul 6 17:41:05 2015 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <[email protected]>"
# gpg: aka "Paolo Bonzini <[email protected]>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini/tags/for-upstream-smm:
pc: add SMM property
ich9: add smm_enabled field and arguments
pc_piix: rename kvm_enabled to smm_enabled
target-i386: register a separate KVM address space including SMRAM regions
kvm-all: kvm_irqchip_create is not expected to fail
kvm-all: add support for multiple address spaces
kvm-all: make KVM's memory listener more generic
kvm-all: move internal types to kvm_int.h
kvm-all: remove useless typedef
kvm-all: put kvm_mem_flags to more work
target-i386: add support for SMBASE MSR and SMIs
piix4/ich9: do not raise SMI on ACPI enable/disable commands
linux-headers: Update to 4.2-rc1
Paolo Bonzini [Thu, 18 Jun 2015 16:30:52 +0000 (18:30 +0200)]
pc: add SMM property
The property can take values on, off or auto. The default is "off"
for KVM and pre-2.4 machines, otherwise "auto" (which makes it
available on TCG or on new-enough kernels).
Paolo Bonzini [Thu, 18 Jun 2015 16:30:51 +0000 (18:30 +0200)]
ich9: add smm_enabled field and arguments
Q35's ACPI device is hard-coding SMM availability to KVM. Place the
logic where the board is created instead, so that it will be possible
to override it.
Paolo Bonzini [Thu, 18 Jun 2015 16:30:15 +0000 (18:30 +0200)]
kvm-all: kvm_irqchip_create is not expected to fail
KVM_CREATE_IRQCHIP should never fail, and so should its userspace
wrapper kvm_irqchip_create. The function does not do anything
if the irqchip capability is not available, as is the case for PPC.
With this patch, kvm_arch_init can allocate memory and it will not
be leaked.
Paolo Bonzini [Thu, 18 Jun 2015 16:30:13 +0000 (18:30 +0200)]
kvm-all: make KVM's memory listener more generic
No semantic change, but s->slots moves into a new struct
KVMMemoryListener. KVM's memory listener becomes a member of struct
KVMState, and becomes of type KVMMemoryListener.
Andrew Jones [Thu, 18 Jun 2015 16:28:43 +0000 (18:28 +0200)]
kvm-all: put kvm_mem_flags to more work
Currently kvm_mem_flags just translates bools to bits, let's
make it also determine the bools first. This avoids its parameter
list growing each time we add a flag.
Paolo Bonzini [Thu, 18 Jun 2015 16:28:42 +0000 (18:28 +0200)]
target-i386: add support for SMBASE MSR and SMIs
Apart from the MSR, the smi field of struct kvm_vcpu_events has to be
translated into the corresponding CPUX86State fields. Also,
memory transaction flags depend on SMM state, so pull it from struct
kvm_run on every exit from KVM to userspace.
Paolo Bonzini [Thu, 18 Jun 2015 16:28:41 +0000 (18:28 +0200)]
piix4/ich9: do not raise SMI on ACPI enable/disable commands
These commands are handled entirely by QEMU. Do not raise an SMI
when they happen, because Windows (at least 2008r2) expects these
commands to work and (depending on the value of APMC_EN at
startup) the firmware might not have installed an SMI handler.
When this happens (e.g. the kernel supports SMIs, or you are using
TCG, but you have used "-machine smm=off") RIP is moved to 0x38000
where there is no code to execute.
This updates linux-headers against master 4.2-rc1 (commit d770e558e21961ad6cfdf0ff7df0eb5d7d4f0754). This is the result of
./scripts/update-linux-headers.sh work.
Peter Maydell [Mon, 6 Jul 2015 13:03:44 +0000 (14:03 +0100)]
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
* more of Peter Crosthwaite's multiarch preparation patches
* unlocked MMIO support in KVM
* support for compilation with ICC
# gpg: Signature made Mon Jul 6 13:59:20 2015 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <[email protected]>"
# gpg: aka "Paolo Bonzini <[email protected]>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini/tags/for-upstream:
exec: skip MMIO regions correctly in cpu_physical_memory_write_rom_internal
Stop including qemu-common.h in memory.h
kvm: Switch to unlocked MMIO
acpi: mark PMTIMER as unlocked
kvm: Switch to unlocked PIO
kvm: First step to push iothread lock out of inner run loop
memory: let address_space_rw/ld*/st* run outside the BQL
exec: pull qemu_flush_coalesced_mmio_buffer() into address_space_rw/ld*/st*
memory: Add global-locking property to memory regions
main-loop: introduce qemu_mutex_iothread_locked
main-loop: use qemu_mutex_lock_iothread consistently
Fix irq route entries exceeding KVM_MAX_IRQ_ROUTES
cpu-defs: Move out TB_JMP defines
include/exec: Move tb hash functions out
include/exec: Move standard exceptions to cpu-all.h
cpu-defs: Move CPU_TEMP_BUF_NLONGS to tcg
memory_mapping: Rework cpu related includes
cutils: allow compilation with icc
qemu-common: add VEC_OR macro
Paolo Bonzini [Fri, 3 Jul 2015 22:24:51 +0000 (00:24 +0200)]
exec: skip MMIO regions correctly in cpu_physical_memory_write_rom_internal
Loading the BIOS in the mac99 machine is interesting, because there is a
PROM in the middle of the BIOS region (from 16K to 32K). Before memory
region accesses were clamped, when QEMU was asked to load a BIOS from
0xfff00000 to 0xffffffff it would put even those 16K from the BIOS file
into the region. This is weird because those 16K were not actually
visible between 0xfff04000 and 0xfff07fff. However, it worked.
After clamping was added, this also worked. In this case, the
cpu_physical_memory_write_rom_internal function split the write in
three parts: the first 16K were copied, the PROM area (second 16K) were
ignored, then the rest was copied.
Problems then started with commit 965eb2f (exec: do not clamp accesses
to MMIO regions, 2015-06-17). Clamping accesses is not done for MMIO
regions because they can overlap wildly, and MMIO registers can be
expected to perform full-width accesses based only on their address
(with no respect for adjacent registers that could decode to completely
different MemoryRegions). However, this lack of clamping also applied
to the PROM area! cpu_physical_memory_write_rom_internal thus failed
to copy the third range above, i.e. only copied the first 16K of the BIOS.
In effect, address_space_translate is expecting _something else_ to do
the clamping for MMIO regions if the incoming length is large. This
"something else" is memory_access_size in the case of address_space_rw,
so use the same logic in cpu_physical_memory_write_rom_internal.
Peter Maydell [Fri, 3 Jul 2015 14:18:24 +0000 (15:18 +0100)]
Stop including qemu-common.h in memory.h
Including qemu-common.h from other header files is generally a bad
idea, because it means it's very easy to end up with a circular
dependency. For instance, if we wanted to include memory.h from
qom/cpu.h we'd end up with this loop:
memory.h -> qemu-common.h -> cpu.h -> cpu-qom.h -> qom/cpu.h -> memory.h
Remove the include from memory.h. This requires us to fix up a few
other files which were inadvertently getting declarations indirectly
through memory.h.
The biggest change is splitting the fprintf_function typedef out
into its own header so other headers can get at it without having
to include qemu-common.h.
Max Filippov [Wed, 1 Jul 2015 10:00:29 +0000 (13:00 +0300)]
target-xtensa: fix gdb register map construction
Due to different gdb overlay organization between windowed/call0
configurations core import script doesn't always work correctly.
Simplify the script: always copy complete gdb register map from overlay,
count registers at core registerstion time. Update existing cores.
Max Filippov [Mon, 29 Jun 2015 07:50:03 +0000 (10:50 +0300)]
target-xtensa: add 64-bit floating point registers
Xtensa ISA got specification for 64-bit floating point registers and
opcodes, see ISA, 4.3.11 "Floating point coprocessor option".
Add 64-bit FP registers.
Although 64-bit floating point is currently not supported by xtensa
translator, these registers need to be reported to gdb with proper size,
otherwise it wouldn't find other registers.
Peter Maydell [Mon, 6 Jul 2015 10:04:54 +0000 (11:04 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150706' into staging
target-arm queue:
* TLBI ALLEI1IS should operate on all CPUs, not just this one
* Fix interval interrupt of cadence ttc in decrement mode
* Implement YIELD insn to yield in ARM and Thumb translators
* ARM GIC: reset all registers
* arm_mptimer: fix timer shutdown and mode change
* arm_mptimer: respect IT bit state
# gpg: Signature made Mon Jul 6 10:58:27 2015 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <[email protected]>"
* remotes/pmaydell/tags/pull-target-arm-20150706:
arm_mptimer: Respect IT bit state
arm_mptimer: Fix timer shutdown and mode change
hw/intc/arm_gic_common.c: Reset all registers
target-arm: Implement YIELD insn to yield in ARM and Thumb translators
target-arm: Split DISAS_YIELD from DISAS_WFE
Fix interval interrupt of cadence ttc when timer is in decrement mode
target-arm: fix write helper for TLBI ALLE1IS
The running timer can't be stopped because timer control code just
doesn't handle disabling the timer. Fix it by deleting the timer if
the enable bit is cleared.
The timer won't start periodic ticking if a ONE-SHOT -> PERIODIC mode
change happens after a one-shot tick was completed. Fix it by
re-starting ticking if the timer isn't ticking right now.
To avoid code churning, these two fixes are squashed in one commit.
Peter Maydell [Mon, 29 Jun 2015 18:25:45 +0000 (19:25 +0100)]
hw/intc/arm_gic_common.c: Reset all registers
The arm_gic_common reset function was missing reset code for
several of the GIC's state fields:
* bpr[]
* abpr[]
* priority1[]
* priority2[]
* sgi_pending[]
* irq_target[] (SMP configurations only)
These probably went unnoticed because most guests will either
never touch them, or will write to them in the process of
configuring the GIC before enabling interrupts.
Peter Maydell [Mon, 6 Jul 2015 09:05:44 +0000 (10:05 +0100)]
target-arm: Implement YIELD insn to yield in ARM and Thumb translators
Implement the YIELD instruction in the ARM and Thumb translators to
actually yield control back to the top level loop rather than being
a simple no-op. (We already do this for A64.)
Peter Maydell [Mon, 6 Jul 2015 09:05:44 +0000 (10:05 +0100)]
target-arm: Split DISAS_YIELD from DISAS_WFE
Currently we use DISAS_WFE for both WFE and YIELD instructions.
This is functionally correct because at the moment both of them
are implemented as "yield this CPU back to the top level loop so
another CPU has a chance to run". However it's rather confusing
that YIELD ends up calling HELPER(wfe), and if we ever want to
implement real behaviour for WFE and SEV it's likely to trip us up.
Split out the yield codepath to use DISAS_YIELD and a new
HELPER(yield) function, and have HELPER(wfe) call HELPER(yield).
TLBI ALLE1IS is an operation that does invalidate TLB entries on all PEs
in the same Inner Sharable domain, not just on the current CPU. So we
must use tlbiall_is_write() here.
Peter Maydell [Sun, 5 Jul 2015 19:35:47 +0000 (20:35 +0100)]
Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging
# gpg: Signature made Sat Jul 4 07:06:08 2015 BST using RSA key ID AAFC390E
# gpg: Good signature from "John Snow (John Huston) <[email protected]>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB
# Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E
* remotes/jnsnow/tags/ide-pull-request: (35 commits)
ahci: fix sdb fis semantics
qtest/ahci: halted ncq migration test
ahci: Do not map cmd_fis to generate response
ahci: ncq migration
ahci: add get_cmd_header helper
ahci: add cmd header to ncq transfer state
qtest/ahci: halted NCQ test
ahci: correct ncq sector count
ahci: correct types in NCQTransferState
ahci: add rwerror=stop support for ncq
ahci: factor ncq_finish out of ncq_cb
ahci: refactor process_ncq_command
ahci: assert is_ncq for process_ncq
ahci: stash ncq command
ide: add limit to .prepare_buf()
qtest/ahci: ncq migration test
qtest/ahci: simple ncq data test
libqos/ahci: Force all NCQ commands to be LBA48
libqos/ahci: set the NCQ tag on command_commit
libqos/ahci: adjust expected NCQ interrupts
...
Peter Maydell [Sun, 5 Jul 2015 18:33:51 +0000 (19:33 +0100)]
Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging
NUMA queue, 2015-07-03
# gpg: Signature made Fri Jul 3 21:49:58 2015 BST using RSA key ID 984DC5A6
# gpg: Good signature from "Eduardo Habkost <[email protected]>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6
* remotes/ehabkost/tags/numa-pull-request:
numa: API to lookup NUMA node by address
numa: Store boot memory address range in node_info
numa,pc-dimm: Store pc-dimm memory information in numa_info
pc: Abort if HotplugHandlerClass::plug() fails
pc,pc-dimm: Factor out reusable parts in pc_dimm_plug to a separate routine
pc,pc-dimm: Extract hotplug related fields in PCMachineState to a structure
John Snow [Sat, 4 Jul 2015 06:06:05 +0000 (02:06 -0400)]
ahci: fix sdb fis semantics
There are two things to fix here:
The first one is subtle: the PxSACT register in the AHCI HBA has different
semantics from the field it is shadowing, the ACT field in the
Set Device Bits FIS.
In the HBA register, PxSACT acts as a bitfield indicating outstanding
NCQ commands where a set bit indicates a pending NCQ operation. The FIS
field however operates as an RWC register update to PxSACT, where a set
bit indicates a *successfully* completed command.
Correct the FIS semantics. At the same time, move the "clear finished"
action to the SDB FIS generation instead of the register read to mimick
how the other shadow registers work, which always just report the last
reported value from a FIS, and not the most current values which may
not have been reported by a FIS yet.
Lastly and more simply, SATA 3.2 section 13.6.4.2 (and later sections)
all specify that the Interrupt bit for the SDB FIS should always be set
to one for NCQ commands. That's currently the only time we generate this
FIS, so set it on all the time.
John Snow [Sat, 4 Jul 2015 06:06:05 +0000 (02:06 -0400)]
ahci: Do not map cmd_fis to generate response
The Register D2H FIS should copy the current values of
the registers instead of just parroting back the same
values the guest sent back to it.
In this case, the SECTOR COUNT variables are actually
not generally meaningful in terms of standard commands
(See ATA8-AC3 Section 9.2 Normal Outputs), so it actually
probably doesn't matter what we put in here.
Meanwhile, we do need to use the Register update FIS from
the NCQ pathways (in error cases), so getting rid of
references to cur_cmd here is a win for AHCI concurrency.
John Snow [Sat, 4 Jul 2015 06:06:05 +0000 (02:06 -0400)]
ahci: ncq migration
Migrate the NCQ queue. This is solely for the benefit of halted commands,
since anything else should have completed and had any relevant status
flushed to the HBA registers already.
John Snow [Sat, 4 Jul 2015 06:06:05 +0000 (02:06 -0400)]
ahci: add get_cmd_header helper
cur_cmd is an internal bookmark that points to the
current AHCI Command Header being processed by the
AHCI state machine. With NCQ needing to occasionally
rely on some of the same AHCI helpers, we cannot use
cur_cmd and will need to grab explicit pointers instead.
In an attempt to begin relying on the cur_cmd pointer
less, add a helper to let us specifically get the pointer
to the command header of particular interest.
John Snow [Sat, 4 Jul 2015 06:06:05 +0000 (02:06 -0400)]
ahci: add cmd header to ncq transfer state
While the rest of the AHCI device can rely on a single bookmarked
pointer for the AHCI Command Header currently being processed, NCQ
is asynchronous and may have many commands in flight simultaneously.
Add a cmdh pointer to the ncq_tfs object and make the sglist prepare
function take an AHCICmdHeader pointer so we can be explicit about
where we'd like to build SGlists from.
John Snow [Sat, 4 Jul 2015 06:06:05 +0000 (02:06 -0400)]
ahci: correct ncq sector count
uint16_t isn't enough to hold the real sector count, since a value of
zero implies a full 64K sectors, so we need a uint32_t here.
We *could* cheat and pretend that this value is 0-based and fit it in
a uint16_t, but I'd rather waste 2 bytes instead of a future dev's
10 minutes when they forget to +1/-1 accordingly somewhere.
See SATA 3.2, section 13.6.4.1 "READ FPDMA QUEUED".
John Snow [Sat, 4 Jul 2015 06:06:04 +0000 (02:06 -0400)]
ahci: factor ncq_finish out of ncq_cb
When we add werror=stop or rerror=stop support to NCQ,
we'll want to take a codepath where we don't actually
complete the command, so factor that out into a new routine.
John Snow [Sat, 4 Jul 2015 06:06:04 +0000 (02:06 -0400)]
ide: add limit to .prepare_buf()
prepare_buf should not always grab as many descriptors
as it can, sometimes it should self-limit.
For example, an NCQ transfer of 1 sector with a PRDT that
describes 4GiB of data should not copy 4GiB of data, it
should just transfer that first 512 bytes.
PIO is not affected, because the dma_buf_rw dma helpers
already have a byte limit built-in to them, but DMA/NCQ
will exhaust the entire list regardless of requested size.
AHCI 1.3 specifies in section 6.1.6 Command List Underflow that
NCQ is not required to detect underflow conditions. Non-NCQ
pathways signal underflow by writing to the PRDBC field, which
will already occur by writing the actual transferred byte count
to the PRDBC, signaling the underflow.
Our NCQ pathways aren't required to detect underflow, but since our DMA
backend uses the size of the PRDT to determine the size of the transer,
if our PRDT is bigger than the transaction (the underflow condition) it
doesn't cost us anything to detect it and truncate the PRDT.
This is a recoverable error and is not signaled to the guest, in either
NCQ or normal DMA cases.
For BMDMA, the existing pathways should see no guest-visible difference,
but any bytes described in the overage will no longer be transferred
before indicating to the guest that there was an underflow.
John Snow [Sat, 4 Jul 2015 06:06:04 +0000 (02:06 -0400)]
libqos/ahci: set the NCQ tag on command_commit
NCQ commands have the concept of a "TAG" that they need to set,
but in the AHCI world, it is mandated that the TAG always match
the command slot that you executed the NCQ from.
John Snow [Sat, 4 Jul 2015 06:06:03 +0000 (02:06 -0400)]
ahci/qtest: Execute IDENTIFY prior to data commands
If you try to execute an NCQ command before trying to engage with the
device by issuing an IDENTIFY command, the error bits that are part of
the signature will fool the test suite into thinking there was a failure.
Issue IDENTIFY first on "boot", which will clear the signature out of
the registers for us.
John Snow [Sat, 4 Jul 2015 06:06:03 +0000 (02:06 -0400)]
ahci: Rename NCQFIS structure fields
Several fields of the NCQFIS structure are ambiguously named. This patch
clarifies the intended (if unsupported) usage of the NCQ fields to aid
in creating more meaningful debug messages through the NCQ codepaths.
John Snow [Sat, 4 Jul 2015 06:06:02 +0000 (02:06 -0400)]
qtest/ahci: add port_reset test
Test that we can survive a couple of cycles of running a basic identify
test, some IO, and resetting the HBA. Ensures that we can bring the HBA
back to compliant spec during the lifecycle of the VM.
John Snow [Sat, 4 Jul 2015 06:06:02 +0000 (02:06 -0400)]
libqos/ahci: fix memory management bugs
There's a handful of trivial bugs in the libqos/ahci functions,
squish them together.
- Zero cached pointers after freeing them
- The Command List Buffer is an array of 32x 32 byte structures, not
32x 8 byte pointers -- it's 1MiB, not 256 bytes. Zero it ALL.
- Free the correct command in ahci_pick_cmd.
John Snow [Sat, 4 Jul 2015 06:06:02 +0000 (02:06 -0400)]
ahci: Do not ignore memory access read size
The only guidance the AHCI specification gives on memory access is:
"Register accesses shall have a maximum size of 64-bits; 64-bit access
must not cross an 8-byte alignment boundary."
I interpret this to mean that aligned or unaligned 1, 2 and 4 byte
accesses should work, as well as aligned 8 byte accesses.
In practice, a real Q35/ICH9 responds to 1, 2, 4 and 8 byte reads
regardless of alignment. Windows 7 can be observed making 1 byte
reads to the middle of 32 bit registers to fetch error codes.
Introduce a wrapper to support unaligned accesses to AHCI.
This wrapper will support aligned 8 byte reads, but will make
no effort to support unaligned 8 byte reads, which although they
will work on real hardware, are not guaranteed to work and do
not appear to be used by either Windows or Linux.
Bharata B Rao [Mon, 29 Jun 2015 08:20:27 +0000 (13:50 +0530)]
numa: API to lookup NUMA node by address
Introduce an API numa_get_node(ram_addr_t addr, Error **errp) that
returns the NUMA node to which the given address belongs to. This
API works uniformly for both boot time as well as hotplugged memory.
This API is needed by sPAPR PowerPC to support
ibm,dynamic-reconfiguration-memory device tree node which is needed for
memory hotplug.
Bharata B Rao [Mon, 29 Jun 2015 08:20:25 +0000 (13:50 +0530)]
numa,pc-dimm: Store pc-dimm memory information in numa_info
Start storing the (start_addr, end_addr) of the pc-dimm memory
in corresponding numa_info[node] so that this information can be used
to lookup node by address.
Bharata B Rao [Mon, 29 Jun 2015 08:20:23 +0000 (13:50 +0530)]
pc,pc-dimm: Factor out reusable parts in pc_dimm_plug to a separate routine
pc_dimm_plug() has code that will be needed for memory plug handlers
in other archs too. Extract code from pc_dimm_plug() into a generic
routine pc_dimm_memory_plug() that resides in pc-dimm.c. Also
correspondingly refactor re-usable unplug code into pc_dimm_memory_unplug().
Bharata B Rao [Mon, 29 Jun 2015 08:20:22 +0000 (13:50 +0530)]
pc,pc-dimm: Extract hotplug related fields in PCMachineState to a structure
Move hotplug_memory_base and hotplug_memory fields of PCMachineState
into a separate structure so that the same can be made use of from
other architectures supporing memory hotplug.
Peter Maydell [Thu, 2 Jul 2015 14:20:55 +0000 (15:20 +0100)]
Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150702-v3' into staging
Several s390x patches including:
- missing virtio-1 related code for virtio-ccw
- bugfixes in ipl device, gdb, virtio-ccw
- bugfix in s390-ccw bios + rebuild
- introduce versioned machines for s390-ccw-virtio
# gpg: Signature made Thu Jul 2 15:05:34 2015 BST using RSA key ID C6F02FAF
# gpg: Good signature from "Cornelia Huck <[email protected]>"
# gpg: aka "Cornelia Huck <[email protected]>"
* remotes/cohuck/tags/s390x-20150702-v3:
s390x/migration: Introduce 2.4 machine
s390x/gdb: synchronize cpu state after modifying acrs
s390x/ipl: Fix boot if no bootindex was specified
virtio-ccw: migrate ->revision
s390x/virtio-ccw: support virtio-1 set_vq format
s390x/virtio-ccw: add virtio set-revision call
s390x/css: Add a callback for when subchannel gets disabled
s390-ccw.img: update
s390-ccw.img: Consume service interrupts
css: mss/mcss-e vs. migration
virtio-ccw: complete handling of guest-initiated resets
The section footer changes commit f68945d42bab ("Add a protective
section footer") and commit 37fb569c0198 ("Disable section footers
on older machine types") broke migration for any non-versioned
machines.
This pinpoints a problem of s390-ccw machines: it needs to
be versioned to be compatible with future changes in common
code data structures such as section footers.
Let's introduce a version scheme for s390-ccw-virtio machines.
We will use the old s390-ccw-virtio name as alias to the latest
version as all existing libvirt XML for the ccw type were expanded
by libvirt to that name.
The only downside of this patch is, that the old alias s390-ccw
will no longer be available as machines can have only one alias,
but it should not really matter.
s390x/gdb: synchronize cpu state after modifying acrs
Whenever we touch the access control registers, we have to make sure that
the values will make it into kvm. Otherwise the change will simply be lost.
When synchronizing qemu and kvm, a normal KVM_PUT_RUNTIME_STATE does not take
care of these registers. Let's simply trigger a KVM_PUT_FULL_STATE sync,
so the values will directly be written to kvm. The performance overhead can
be ignored and this is much cleaner than manually writing these registers to kvm
via our two supported ways.
commit fa92e218df1d ("s390x/ipl: avoid sign extension") introduced
a regression:
qemu-system-s390x -drive file=image.qcow,format=qcow2
does not boot, the bios states
"No virtio-blk device found!"
adding bootindex=1 does boot.
The reason is that the uint32_t as return value will not do the right
thing for the return -1 (default without bootindex).
The bios itself, will interpret a 64bit -1 as autodetect (but it will
interpret 32bit -1 as ccw device address ff.ff.ffff)
Thomas Huth [Thu, 11 Dec 2014 13:25:12 +0000 (14:25 +0100)]
s390x/virtio-ccw: add virtio set-revision call
Handle the virtio-ccw revision according to what the guest sets.
When revision 1 is selected, we have a virtio-1 standard device
with byteswapping for the virtio rings.
When a channel gets disabled, we have to revert to the legacy behavior
in case the next user of the device does not negotiate the revision 1
anymore (e.g. the boot firmware uses revision 1, but the operating
system only uses the legacy mode).
Peter Maydell [Thu, 2 Jul 2015 09:44:34 +0000 (10:44 +0100)]
Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging
# gpg: Signature made Thu Jul 2 10:10:39 2015 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <[email protected]>"
# gpg: aka "Stefan Hajnoczi <[email protected]>"
* remotes/stefanha/tags/block-pull-request:
block: remove redundant check before g_slist_find()
block/nfs: limit maximum readahead size to 1MB
block/iscsi: restore compatiblity with libiscsi 1.9.0
iotests: Use event_wait in wait_ready
qemu-iotests: Add test case for mirror with unmap
qemu-iotests: Make block job methods common
block: Remove bdrv_reset_dirty
block: Fix dirty bitmap in bdrv_co_discard
mirror: Do zero write on target if sectors not allocated
qmp: Add optional bool "unmap" to drive-mirror
block: Add bdrv_get_block_status_above
timer: Use a single definition of NSEC_PER_SEC for the whole codebase
timer: Move NANOSECONDS_PER_SECONDS to timer.h
blockdev: no need to drain+flush in hmp_drive_del
qapi: Rename 'dirty-bitmap' mode to 'incremental'
qcow2: Handle EAGAIN returned from update_refcount
block/iscsi: add support for request timeouts
Alberto Garcia [Mon, 29 Jun 2015 13:12:13 +0000 (16:12 +0300)]
block: remove redundant check before g_slist_find()
An empty GSList is represented by a NULL pointer, therefore it's a
perfectly valid argument for g_slist_find() and there's no need to
make any additional check.
Peter Lieven [Fri, 26 Jun 2015 11:14:01 +0000 (13:14 +0200)]
block/nfs: limit maximum readahead size to 1MB
a malicious caller could otherwise specify a very
large value via the URI and force libnfs to allocate
a large amount of memory for the readahead buffer.
Fam Zheng [Mon, 8 Jun 2015 05:56:11 +0000 (13:56 +0800)]
block: Remove bdrv_reset_dirty
Using this function would always be wrong because a dirty bitmap must
have a specific owner that consumes the dirty bits and calls
bdrv_reset_dirty_bitmap().
Remove the unused function to avoid future misuse.
Fam Zheng [Mon, 8 Jun 2015 05:56:10 +0000 (13:56 +0800)]
block: Fix dirty bitmap in bdrv_co_discard
Unsetting dirty globally with discard is not very correct. The discard may zero
out sectors (depending on can_write_zeroes_with_unmap), we should replicate
this change to destination side to make sure that the guest sees the same data.
Calling bdrv_reset_dirty also troubles mirror job because the hbitmap iterator
doesn't expect unsetting of bits after current position.
So let's do it the opposite way which fixes both problems: set the dirty bits
if we are to discard it.
Fam Zheng [Mon, 8 Jun 2015 05:56:09 +0000 (13:56 +0800)]
mirror: Do zero write on target if sectors not allocated
If guest discards a source cluster, mirroring with bdrv_aio_readv is overkill.
Some protocols do zero upon discard, where it's best to use
bdrv_aio_write_zeroes, otherwise, bdrv_aio_discard will be enough.
Fam Zheng [Mon, 8 Jun 2015 05:56:07 +0000 (13:56 +0800)]
block: Add bdrv_get_block_status_above
Like bdrv_is_allocated_above, this function follows the backing chain until seeing
BDRV_BLOCK_ALLOCATED. Base is not included.
Reimplement bdrv_is_allocated on top.
[Initialized bdrv_co_get_block_status_above() ret to 0 to silence
mingw64 compiler warning about the unitialized variable. assert(bs !=
base) prevents that case but I suppose the program could be compiled
with -DNDEBUG.
--Stefan]
projects / qemu.git / log