We were not allocating TCG_STATIC_CALL_ARGS_SIZE, so this meant that
any helper with more than 4 arguments would clobber the saved regs.
Realizing that we're supposed to have this memory pre-allocated means
we can clean up the tcg_out_arg functions, which were trying to do
more stack allocation.
Allocate stack memory for the TCG temporaries while we're at it.
On 32-bit TCG targets, when emulating deposit_i64 with a mov_i32 +
deposit_i32, care should be taken to not overwrite the low part of
the second argument before the deposit when it is the same the
destination.
This fixes the shld instruction in qemu-system-x86_64, which in turns
fixes booting "system rescue CD version 2.8.0" on this target.
Merge branch 'ppc-for-upstream' of git://github.com/agraf/qemu
* 'ppc-for-upstream' of git://github.com/agraf/qemu: (30 commits)
target-ppc: add support for extended mtfsf/mtfsfi forms
target-ppc: emulate store doubleword pair instructions
target-ppc: emulate load doubleword pair instructions
target-ppc: emulate lfiwax instruction
target-ppc: emulate fcpsgn instruction
target-ppc: emulate prtyw and prtyd instructions
target-ppc: emulate cmpb instruction
target-ppc: add instruction flags for Book I 2.05
disas: Disassemble all ppc insns for the guest
target-ppc: optimize fabs, fnabs, fneg
PPC: Fix dcbz for linux-user on 970
powerpc: correctly handle fpu exceptions.
pseries: Generate device paths for VIO devices
pseries: Convert VIO code to QOM style type safe(ish) casts
target-ppc: Synchronize VPA state with KVM
pseries: Fix some small errors in XICS logic
target-ppc: Add more stubs for POWER7 PMU registers
pseries: Fixes and enhancements to L1 cache properties
pseries: Fix incorrect calculation of RMA size in certain configurations
PPC: Fix compile with profiling enabled
...
target-ppc: add support for extended mtfsf/mtfsfi forms
Power ISA 2.05 adds support for extended mtfsf/mtfsfi form, with a new
W field to select the upper part of the FPCSR register.
For that the helper is changed to handle 64-bit input values and mask with
up to 16 bits. The mtfsf/mtfsfi instructions do not have the W bit
marked as invalid anymore. Instead this is checked in the helper, which
therefore needs to access to the insns/insns_flags2. They are added in
the DisasContext struct. Finally change all accesses to the opcode fields
through extract helpers, prefixed with FP for consistency.
Alexander Graf [Fri, 26 Apr 2013 07:18:58 +0000 (09:18 +0200)]
PPC: Fix dcbz for linux-user on 970
The default with linux-user for dcbz on 970 is to emulate 32 byte clears.
However, redoing the dcbzl support we added a check to not honor the bit
in HID5 that sets this.
Remove the #ifdef check on linux user, so that we get 32 byte clears again.
David Gibson [Sun, 7 Apr 2013 19:08:17 +0000 (19:08 +0000)]
pseries: Generate device paths for VIO devices
This patch implements a get_dev_path qdev hook for the pseries paravirtual
VIO bus. With upcoming savevm support, this will become very important for
scsi disks hanging of VIO virtual SCSI adapters. scsibus_get_dev_path
uses the get_dev_path of the parent adapter if available, but otherwise
just uses a local channel/target/lun number to identify the device. So if
two disks are present in the system having the same target and lun on
seperate VIO scsi adapters, savevm cannot distinguish them. Since the
conventional way of using VSCSI adapters is to have just one disk per
adapter, such a conflict is very likely.
David Gibson [Sun, 7 Apr 2013 19:08:16 +0000 (19:08 +0000)]
pseries: Convert VIO code to QOM style type safe(ish) casts
Curerntly the pseries VIO device code contains quite a few explicit
uses of DO_UPCAST and plain C casts. This is (obviously) type unsafe,
and not the conventional way of doing things in the QOM model. This
patch converts the code to use the QOM convention of per-type macros
to do verified casts with OBJECT_CHECK().
David Gibson [Sun, 7 Apr 2013 19:08:22 +0000 (19:08 +0000)]
target-ppc: Synchronize VPA state with KVM
For PAPR guests, KVM tracks the various areas registered with the
H_REGISTER_VPA hypercall. For full emulation, of course, these are tracked
within qemu. At present these values are not synchronized. This is a
problem for reset (qemu's reset of the VPA address is not pushed to KVM)
and will also be a problem for savevm / migration.
The kernel now supports accessing the VPA state via the ONE_REG interface,
this patch adds code to qemu to use that interface to keep the qemu and
KVM ideas of the VPA state synchronized.
David Gibson [Sun, 7 Apr 2013 19:08:21 +0000 (19:08 +0000)]
pseries: Fix some small errors in XICS logic
Under certain circumstances the emulation for the pseries "XICS" interrupt
controller was clearing a pending interrupt from the XISR register, without
also clearing the corresponding priority variable. This will cause
problems later when can trigger sanity checks in the under-development
in-kernel XICS implementation.
David Gibson [Sun, 7 Apr 2013 19:08:20 +0000 (19:08 +0000)]
target-ppc: Add more stubs for POWER7 PMU registers
In addition to the performance monitor registers found on nearly all
6xx chips, the POWER7 has two additional counters (PMC5 & PMC6) and an
extra control register (MMCRA). This patch adds stub support for them to
qemu - the registers won't do anything, but with this change won't cause
illegal instruction traps accessing them. They're also registered with
their ONE_REG ids, so their value will be kept in sync with KVM where
appropriate.
David Gibson [Sun, 7 Apr 2013 19:08:19 +0000 (19:08 +0000)]
pseries: Fixes and enhancements to L1 cache properties
PAPR requires that the device tree's CPU nodes have several properties
with information about the L1 cache. We already create two of these
properties, but with incorrect names - "[id]cache-block-size" instead
of "[id]-cache-block-size" (note the extra hyphen).
We were also missing some of the required cache properties. This
patch adds the [id]-cache-line-size properties (which have the same
values as the block size properties in all current cases). We also
add the [id]-cache-size properties.
Adding the cache sizes requires some extra infrastructure in the
general target-ppc code to (optionally) set the cache sizes for
various CPUs. The CPU family descriptions in translate_init.c can set
these sizes - this patch adds correct information for POWER7, I'm
leaving other CPU types to people who have a physical example to
verify against. In addition, for -cpu host we take the values
advertised by the host (if available) and use those to override the
information based on PVR.
David Gibson [Sun, 7 Apr 2013 19:08:18 +0000 (19:08 +0000)]
pseries: Fix incorrect calculation of RMA size in certain configurations
For the pseries machine, we need to advertise to the guest the size of its
RMA - that is the amount of memory it can access with the MMU off. For HV
KVM, this is constrained by the hardware limitations on the virtual RMA of
one hash PTE per PTE group in the hash page table. We already had code to
calculate this, but it was assuming the VRMA page size was the same as the
(host) backing page size for guest RAM.
In the case of a host kernel configured for 64k base page size, but running
on hardware (or firmware) which only allows 4k pages, the hose will do all
its allocations with a 64k page size, but still use 4k hardware pages for
actual mappings. Usually that's transparent to things running under the
host, but in the case of the maximum VRMA size it's not.
This patch refines the RMA size calculation to instead use the largest
available hardware page size (as reported by the SMMU_INFO call) which is
less than or equal to the backing page size. This now gives the correct
RMA size in all cases I've tested.
Alexander Graf [Fri, 19 Apr 2013 00:35:08 +0000 (02:35 +0200)]
PPC: Fix compile with profiling enabled
When using profiling, we rely on profile_getclock() being available
at our disposal. Somehow that function got moved from an indirect
include we used to have in translate-init.c, so that we were now
left not properly compiling anymore.
Add an explicit include to timer.h which defines profile_getclock,
so that we can compile again.
Alexander Graf [Thu, 4 Apr 2013 16:45:07 +0000 (18:45 +0200)]
PPC: mac newworld: fix cpu NIP reset value
On -M mac99, we can run 970 CPUs. However, these CPUs define the initial
instruction pointer they start execution at as part of their bootup protocol,
so effectively it's up to the board to decide where they start.
This went unnoticed, because they used to boot at the same location our flash
was mapped to, but due to the recent reset changes our 970 CPUs want to reset
to 0x100 now, which is always a 0 instruction.
Set the initial IP to something reasonable for -M mac99.
Bharat Bhushan [Sun, 24 Feb 2013 18:16:21 +0000 (18:16 +0000)]
Enable kvm emulated watchdog
Enable the KVM emulated watchdog if KVM supports (use the
capability enablement in watchdog handler). Also watchdog exit
(KVM_EXIT_WATCHDOG) handling is added.
Watchdog state machine is cleared whenever VM state changes to running.
This is to handle the cases like return from debug halt etc.
Signed-off-by: Bharat Bhushan <[email protected]>
[agraf: rebase to current code base, fix non-kvm cases] Signed-off-by: Alexander Graf <[email protected]>
Simplify the conditions at the top of the functions for when we need a
new temporary. Only plain addition is important enough to warrent avoiding
the temporary, and the extra tcg move op that would come with it.
Fabien Chouteau [Fri, 29 Mar 2013 02:06:28 +0000 (02:06 +0000)]
PPC: fix hreset_vector for 60x, 7x0, 7x5, G2, MPC8xx, MPC5xx, 7400 and 7450
According to the different user's manuals, the vector offset for system
reset (both /HRESET and /SRESET) is 0x00100.
This patch may break support of some executables, as the power-on start
address may change. For a specific board, if the power-on start address
is different than HRESET vector (i.e. 0x00000100 or 0xfff00100), this
should be fixed in board's initialization code.
Aurelien Jarno [Sun, 31 Mar 2013 14:33:16 +0000 (14:33 +0000)]
target-ppc: fix nego and subf*o instructions
The overflow computation of nego and subf*o instructions has been broken
in commit ffe30937. Contrary to other targets, the instruction is subtract
from an not subtract on PowerPC.
This patch fixes the issue by using the correct argument in the xor
computation. Thanks to Peter Maydell for the hint.
With this change the PPC emulation passes the Gwenole Beauchesne
testsuite again.
Fabien Chouteau [Fri, 29 Mar 2013 02:06:27 +0000 (02:06 +0000)]
PPC: Remove env->hreset_excp_prefix
This value is not needed if we use correctly the MSR[IP] bit.
excp_prefix is always 0x00000000, except when the MSR[IP] bit is
implemented and set to 1, in that case excp_prefix is 0xfff00000.
The handling of MSR[IP] was already implemented but not used at reset
because the value of env->msr was changed "manually".
The patch uses the function hreg_store_msr() to set env->msr, this
ensures a good handling of MSR[IP] at reset, and therefore a good value
for excp_prefix.
Stuart Yoder [Sat, 30 Mar 2013 06:40:49 +0000 (06:40 +0000)]
PPC: e500: advertise 4.2 MPIC only if KVM supports EPR
Older KVM versions don't support EPR which breaks guests when we announce
MPIC variants that support EPR.
Catch that case and expose only MPIC version 2.0 which tells the guest that
we don't support the EPR capability yet.
Signed-off-by: Stuart Yoder <[email protected]>
[agraf: Add comment, route cap check through kvm_ppc.c] Signed-off-by: Alexander Graf <[email protected]>
ISEL is a Power ISA 2.06 instruction and thus is available on POWER7.
Given this is trapped and emulated by the Linux kernel, I guess it went
unnoticed.
Jason J. Herne [Thu, 25 Apr 2013 04:25:51 +0000 (04:25 +0000)]
Utilize selective runtime reg sync for hot code paths
Make use of new kvm_s390_get_registers_partial() for kvm_handle_css_inst() and
handle_hypercall() since they only need registers from the partial set and they
are called quite frequently.
Jason J. Herne [Thu, 25 Apr 2013 04:25:50 +0000 (04:25 +0000)]
Allow selective runtime register synchronization
We want to avoid expensive register synchronization IOCTL's on the hot path so
a new kvm_s390_get_registers_partial() is introduced as a compliment to
kvm_arch_get_registers(). The new function is called on the hot path, and
kvm_arch_get_registers() is called when we need the complete runtime register
state.
kvm_arch_put_registers() is updated to only sync the partial runtime set when
we've only dirtied the partial runtime set. This is to avoid sending bad data
back to KVM if we've only partially synced the runtime register set.
Alexander Graf [Mon, 22 Apr 2013 19:10:50 +0000 (21:10 +0200)]
S390: ccw firmware: Add compiled blob
Now that we have all the source code ready, add a compiled blob into
the QEMU source tree, so that people without access to an s390 compiler
can run the s390-ccw firmware.
Alexander Graf [Mon, 22 Apr 2013 19:03:39 +0000 (21:03 +0200)]
S390: ccw firmware: Add Makefile
This patch adds a makefile, so we can build our ccw firmware. Also
add the resulting binaries to .gitignore, so that nobody is annoyed
they might be in the tree.
Alexander Graf [Mon, 22 Apr 2013 19:02:49 +0000 (21:02 +0200)]
S390: ccw firmware: Add bootmap interpreter
On s390, there is an architected boot map format that we can read to
boot a certain entry off the disk. Implement a simple reader for this
that always boots the first (default) entry.
Alexander Graf [Mon, 22 Apr 2013 18:59:25 +0000 (20:59 +0200)]
S390: ccw firmware: Add sclp output
In order to communicate with the user, we need an I/O mechanism that he
can read. Implement SCLP ASCII support, which happens to be the default
in the s390 ccw machine.
This file is missing read support for now. It can only print messages.
Alexander Graf [Mon, 22 Apr 2013 18:57:58 +0000 (20:57 +0200)]
S390: ccw firmware: Add main program
This C file is the main driving piece of the s390 ccw firmware. It
provides a search for a workable block device, sets it as the default
to boot off of and boots from it.
Alexander Graf [Mon, 22 Apr 2013 14:52:53 +0000 (16:52 +0200)]
S390: IPL: Use different firmware for different machines
We have a virtio-s390 and a virtio-ccw machine in QEMU. Both use vastly
different ways to do I/O. Having the same firmware blob for both doesn't
really make any sense.
Instead, let's parametrize the firmware file name, so that we can have
different blobs for different machines.
Anthony Liguori [Fri, 26 Apr 2013 13:32:17 +0000 (08:32 -0500)]
Merge remote-tracking branch 'stefanha/block' into staging
# By Liu Yuan (4) and others
# Via Stefan Hajnoczi
* stefanha/block:
sheepdog: fix loadvm operation
sheepdog: resend write requests when SD_RES_READONLY is received
sheepdog: add helper function to reload inode
sheepdog: add SD_RES_READONLY result code
sheepdog: cleanup find_vdi_name
rbd: Fix use after free in rbd_open()
block: Disable driver-specific options for 1.5
sheepdog: implement .bdrv_co_is_allocated()
sheepdog: use BDRV_SECTOR_SIZE
sheepdog: add discard/trim support for sheepdog
block/ssh: Require libssh2 >= 1.2.8.
Anthony Liguori [Fri, 26 Apr 2013 13:32:13 +0000 (08:32 -0500)]
Merge remote-tracking branch 'stefanha/trivial-patches' into staging
# By Ed Maste (2) and others
# Via Stefan Hajnoczi
* stefanha/trivial-patches:
bsd-user: Track change in FreeBSD SYSCTL(9) types
virtio: Fix compilation without CONFIG_VHOST_SCSI
qemu-doc: Option -ignore-environment removed.
s390x: use CONFIG_INT128 to detect __uint128_t
linux-user: fix compile error due to stray colon at end of #ifdef line
Liu Yuan [Thu, 25 Apr 2013 12:49:39 +0000 (20:49 +0800)]
sheepdog: fix loadvm operation
Currently the 'loadvm' opertaion works as following:
1. switch to the snapshot
2. mark current working VDI as a snapshot
3. rely on sd_create_branch to create a new working VDI based on the snapshot
This works not the same as other format as QCOW2. For e.g,
qemu > savevm # get a live snapshot snap1
qemu > savevm # snap2
qemu > loadvm 1 # This will steally create snap3 of the working VDI
Which will result in following snapshot chain:
base <-- snap1 <-- snap2 <-- snap3
^
|
working VDI
snap3 was unnecessarily created and might be annoying users.
This patch discard the unnecessary 'snap3' creation. and implement
rollback(loadvm) operation to the specified snapshot by
1. switch to the snapshot
2. delete working VDI
3. rely on sd_create_branch to create a new working VDI based on the snapshot
sheepdog: resend write requests when SD_RES_READONLY is received
When a snapshot is taken from out side of qemu (e.g. qemu-img
snapshot), write requests to the current vdi return SD_RES_READONLY.
In this case, the sheepdog block driver needs to update the current
inode to the latest one and resend the write requests.
Sheepdog returns SD_RES_READONLY when qemu sends write requests to the
snapshot vdi. This adds the result code and makes sd_strerror() print
its error reason.
Kevin Wolf [Thu, 25 Apr 2013 13:59:27 +0000 (15:59 +0200)]
rbd: Fix use after free in rbd_open()
Commit a9ccedc3 frees the QemuOpts for the driver-specific options
immediately, even though it still needs the filename string that is
contained there. This doesn't work. Move the deletion of the QemuOpts to
the end of the function where its content isn't needed any more.
Kevin Wolf [Wed, 24 Apr 2013 13:29:29 +0000 (15:29 +0200)]
block: Disable driver-specific options for 1.5
We don't want to commit to the API yet before everything is worked out.
Disable it for the 1.5 release. This commit is meant to be reverted
after the 1.5 release.
The disabling of the driver-specific options is achieved by applying the
old checks while parsing the command line.
libssh2 >= 1.2.8 is required to enable this block device (because
that version introduced the libssh2_session_handshake call).
Change the test to use pkg-config exclusively. If the user requests
--enable-libssh2 and the minimum version is not available, then the
following error is displayed:
$ ./configure --enable-libssh2
ERROR: libssh2 >= 1.2.8 required for --enable-libssh2
If --enable-libssh2 is not specified, then the feature is silently
disabled if sufficiently new libssh2 is not available.
Gabriel Kerneis [Tue, 23 Apr 2013 17:15:12 +0000 (18:15 +0100)]
s390x: use CONFIG_INT128 to detect __uint128_t
Target s390x uses ad-hoc macro magic to guess if the compiler
supports the GCC extension __uint128_t. This patch uses the
the dedicated macro CONFIG_INT128 defined by configure instead.
This fixes compilation with the CIL source code analyzer, which
uses GCC as a preprocessor but does not support __uint128_t.
Peter Maydell [Sun, 21 Apr 2013 12:30:03 +0000 (13:30 +0100)]
linux-user: fix compile error due to stray colon at end of #ifdef line
Remove a stray colon from the end of a #ifdef line. Some versions
of gcc complain about this:
linux-user/syscall.c: In function ‘do_syscall’:
linux-user/syscall.c:7606:28: error: extra tokens at end of #ifdef directive [-Werror]
Hans de Goede [Thu, 25 Apr 2013 11:53:02 +0000 (13:53 +0200)]
qemu-char: Set foo_tag = 0 when returning FALSE from callbacks
While reviewing some patches I found this problem where tcp_chr_accept
does not clear listen_tag when returning FALSE, leading to a double
g_source_remove of the underlying source. Not really a problem unless the id
gets re-used in between, but still something we should fix.
While at it I've also reviewed all the other code in qemu-char.c for
similar problems and found that pty_chr_timer has the same problem.
Ed Maste [Thu, 25 Apr 2013 16:17:11 +0000 (12:17 -0400)]
Remove unnecessary FreeBSD #include
sys/param.h was included to define __FreeBSD_version, but the conditional
using it was removed by commit d05ef160453e98546a4197496dc8a3cb2defac53
(Brad Smith, "Allow clock_gettime() monotonic clock to be utilized on more
OS's"), so the include is no longer needed here.
Amos Kong [Thu, 25 Apr 2013 09:50:35 +0000 (17:50 +0800)]
monitor: introduce query-command-line-options
Libvirt has no way to probe if an option or property is supported,
This patch introduces a new qmp command to query command line
option information. hmp command isn't added because it's not needed.
If a guest neglected to register (secondary) indicators but still runs
with notifications enabled, we might end up writing to guest zero;
avoid this by checking for valid indicators and only writing to the
guest and generating an interrupt if indicators have been setup.
pc: Kill the "use flash device for BIOS unless KVM" misfeature
Use of a flash memory device for the BIOS was added in series "[PATCH
v10 0/8] PC system flash support", commit 4732dca..1b89faf, v1.1.
Flash vs. ROM is a guest-visible difference. Thus, flash use had to
be suppressed for machine types pc-1.0 and older. This was
accomplished by adding a dummy device "pc-sysfw" with property
"rom_only":
* Non-zero rom_only means "use ROM". Default for pc-1.0 and older.
* Zero rom_only means "maybe use flash". Default for newer machines.
Not only is the dummy device ugly, it was also retroactively added to
the older machine types! Fortunately, it's not guest-visible (thus no
immediate guest ABI breakage), and has no vmstate (thus no immediate
migration breakage). Breakage occurs only if the user unwisely
enables flash by setting rom_only to zero. Patch review FAIL #1.
Why "maybe use flash"? Flash didn't (and still doesn't) work with
KVM. Therefore, rom_only=0 really means "use flash, except when KVM
is enabled, use ROM". This is a Bad Idea, because it makes enabling/
disabling KVM guest-visible. Patch review FAIL #2.
Aside: it also precludes migrating between KVM on and off, but that's
not possible for other reasons anyway.
Fix as follows:
1. Change the meaning of rom_only=0 to mean "use flash, no ifs, buts,
or maybes" for pc-i440fx-1.5 and pc-q35-1.5. Don't change anything
for older machines (to remain bug-compatible).
2. Change the default value from 0 to 1 for these machines.
Necessary, because 0 doesn't work with KVM. Once it does, we can flip
the default back to 0.
3. Don't revert the retroactive addition of device "pc-sysfw" to older
machine types. Seems not worth the trouble.
4. Add a TODO comment asking for device "pc-sysfw" to be dropped once
flash works with KVM.
Net effect is that you get a BIOS ROM again even when KVM is disabled,
just like for machines predating the introduction of flash.
To get flash instead, use "--global pc-sysfw.rom_only=0".
Anthony Liguori [Wed, 24 Apr 2013 18:23:26 +0000 (13:23 -0500)]
Merge remote-tracking branch 'alon/libcacard_ccid.1' into staging
# By Alon Levy (15) and others
# Via Alon Levy
* alon/libcacard_ccid.1: (28 commits)
libcacard/cac: change big switch functions to single return point
dev-smartcard-reader: empty implementation for Mechanical (fail correctly)
libcacard: move atr setting from macro to function
libcacard/vreader: add debugging messages for apdu
dev-smartcard-reader: copy atr protocol to ccid parameters
dev-smartcard-reader: change default protocol to T=0
dev-smartcard-reader: define structs for CCID_Parameter internals
ccid-card-passthru, dev-smartcard-reader: add debug environment variables
ccid-card-passthru: add atr check
libcacard: change default ATR
dev-smartcard-reader: reuse usb.h definitions
dev-smartcard-reader: support windows guest
dev-smartcard-reader: remove aborts (never triggered, but just in case)
dev-smartcard-reader: nicer debug messages
dev-smartcard-reader: white space fixes
libcacard: remove default libcoolkey loading
libcacard: remove sql: prefix
libcacard: teach vscclient to use GMainLoop for portability
libcacard: vscclient to use QemuThread for portability
libcacard: split vscclient main() from socket reading
...
projects / qemu.git / log