Peter Maydell [Thu, 2 Jun 2016 16:10:20 +0000 (17:10 +0100)]
thunk: Rename args and fields in host-target bitmask conversion code
The target_to_host_bitmask() and host_to_target_bitmask() functions
and the associated struct bitmask_transtbl are completely generic,
but for historical reasons the target related fields and parameters
are named 'x86' and the host related fields are named 'alpha'.
Rename them to 'target' and 'host'.
Peter Maydell [Thu, 2 Jun 2016 15:28:16 +0000 (16:28 +0100)]
thunk: Drop unused NO_THUNK_TYPE_SIZE guards
The thunk_type_size_array() and thunk_type_align_array() functions
are only provided if NO_THUNK_TYPE_SIZE is not defined. However
nothing in the codebase defines that, and so in fact these functions
are always present. Drop the unnecessary #ifdefs.
(Over a decade ago thunk.h used to be included by some softmmu
files, which defined NO_THUNK_TYPE_SIZE, but these includes are
long gone; see for instance commit f193c7979c2f7.)
Peter Maydell [Thu, 2 Jun 2016 14:05:55 +0000 (15:05 +0100)]
qemu-common.h: Drop WORDS_ALIGNED define
The WORDS_ALIGNED #define is not used anywhere, and hasn't been since
2013 when commit 612d590ebc6cef rewrote the various ld<type>_<endian>_p
functions to not use it. Remove the #define and the comment describing it.
Also remove the line in the comment about TARGET_WORDS_ALIGNED, since
it has never actually existed.
Peter Maydell [Tue, 24 May 2016 15:24:36 +0000 (16:24 +0100)]
clean-includes: Add glib.h to list of unneeded includes
osdep.h pulls in glib.h via glib-compat.h, so add it to the list of
includes that we remove. (This then means we must avoid running
clean-includes on glib-compat.h or it will delete the glib.h include.)
Steven Luo [Fri, 27 May 2016 04:53:13 +0000 (21:53 -0700)]
Fix configure test for PBKDF2 in nettle
On my Debian jessie system, including nettle/pbkdf2.h does not cause
NULL to be defined, which causes the test to fail to compile. Include
stddef.h to bring in a definition of NULL.
Cao jin [Sun, 17 Apr 2016 07:45:54 +0000 (15:45 +0800)]
qdev: Clean up around properties
include:
1. remove unnecessary declaration of static function
2. fix inconsistency between comment and function name, and typo OOM->QOM
2. update comments of functions, use uniform format(GTK-Doc style)
James Clarke [Mon, 6 Jun 2016 11:02:50 +0000 (12:02 +0100)]
Fix linking relocatable objects on Sparc
On Sparc, gcc implicitly passes --relax to the linker, but -r is
incompatible with this. Therefore, if --no-relax is supported, it should
be passed to the linker.
Laurent Vivier [Mon, 9 May 2016 13:24:59 +0000 (15:24 +0200)]
ppc: Remove a potential overflow in muldiv64()
The coccinelle script:
scripts/coccinelle/overflow_muldiv64.cocci
gives us a list of potential overflows in muldiv64()
(the two first parameters are 64bit values).
This patch fixes one, as the fix seems obvious:
replace muldiv64(a, b, c) by muldiv64(b, a, c)
as "a" and "b" are 64bit values but a <= NANOSECONDS_PER_SECOND.
(10^9 -> 30bit value).
Peter Wu [Wed, 4 May 2016 09:32:17 +0000 (11:32 +0200)]
gdbstub: set listen backlog to 1
Avoid possible connection drops on Linux (when tcp_syncookies is
disabled) or fallbacks to SYN cookies with the following kernel warning:
TCP: request_sock_TCP: Possible SYN flooding on port 1234. Sending cookies. Check SNMP counters.
Since Linux 4.4 (ef547f2ac16b "tcp: remove max_qlen_log"), a backlog of
zero is really treated as the "queue length for completely established
sockets waiting to be accepted" (listen(2)). This is apparently a valid
interpretation of an "implementation-defined minimum value" for a
backlog value of 0 (listen(3p)). Previous kernels would use 8 as
minimum value, but that is no longer the case.
Peter Maydell [Tue, 7 Jun 2016 14:30:25 +0000 (15:30 +0100)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pc, pci, virtio: new features, cleanups, fixes
This includes some infrastructure for ipmi smbios tables.
Beginning of acpi hotplug rework by Igor for supporting >255 CPUs.
Misc cleanups and fixes.
Signed-off-by: Michael S. Tsirkin <[email protected]>
# gpg: Signature made Tue 07 Jun 2016 13:55:22 BST
# gpg: using RSA key 0x281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <[email protected]>"
# gpg: aka "Michael S. Tsirkin <[email protected]>"
* remotes/mst/tags/for_upstream: (25 commits)
virtio: move bi-endian target support to a single location
pc-dimm: introduce realize callback
pc-dimm: get memory region from ->get_memory_region()
acpi: make bios_linker_loader_add_checksum() API offset based
acpi: make bios_linker_loader_add_pointer() API offset based
tpm: apci: cleanup TCPA table initialization
acpi: cleanup bios_linker_loader_cleanup()
acpi: simplify bios_linker API by removing redundant 'table' argument
acpi: convert linker from GArray to BIOSLinker structure
pc: use AcpiDeviceIfClass.send_event to issue GPE events
acpi: extend ACPI interface to provide send_event hook
pc: Postpone SMBIOS table installation to post machine init
ipmi: rework the fwinfo to be fetched from the interface
tests: acpi: update tables with consolidated legacy cpu-hotplug AML
pc: acpi: cpuhp-legacy: switch ProcessorID to possible_cpus idx
pc: acpi: simplify build_legacy_cpu_hotplug_aml() signature
pc: acpi: consolidate legacy CPU hotplug in one file
pc: acpi: mark current CPU hotplug functions as legacy
pc: acpi: cpu-hotplug: make AML CPU_foo defines local to cpu_hotplug_acpi_table.c
pc: acpi: consolidate \GPE._E02 with the rest of CPU hotplug AML
...
Eduardo Habkost [Mon, 6 Jun 2016 15:53:54 +0000 (12:53 -0300)]
docker: Don't use eval trick on Makefile
The eval trick for defining DOCKER_SRC_COPY doesn't do anything
useful, as DOCKER_SRC_COPY is immediately expanded just after it
is defined, and CUR_TIME is already defined using ":=". Simply
define it using ":=" so it is evaluated only once.
The eval trick was also triggering an weird error on Travis builds:
qemu/tests/docker/Makefile.include:34: *** unterminated variable reference. Stop.
The issue is not easily reproducible (maybe it's a bug in some
versions of Make), but it is avoided if removing the eval trick.
Greg Kurz [Tue, 31 May 2016 08:09:54 +0000 (10:09 +0200)]
virtio: move bi-endian target support to a single location
Paolo's recent cpu.h cleanups broke legacy virtio for ppc64 LE guests (and
arm BE guests as well, even if I have not verified that). Especially, commit
"33c11879fd42 qemu-common: push cpu.h inclusion out of qemu-common.h" has
the side-effect of silently hiding the TARGET_IS_BIENDIAN macro from the
virtio memory accessors, and thus fully disabling support of endian changing
targets.
To be sure this cannot happen again, let's gather all the bi-endian bits
where they belong in include/hw/virtio/virtio-access.h.
The changes in hw/virtio/vhost.c are safe because vhost_needs_vring_endian()
is not called on a hot path and non bi-endian targets will return false
anyway.
While here, also rename TARGET_IS_BIENDIAN to be more precise: it is only for
legacy virtio and bi-endian guests.
Xiao Guangrong [Fri, 20 May 2016 08:19:59 +0000 (16:19 +0800)]
pc-dimm: introduce realize callback
nvdimm needs to check if the backend memory is large enough to contain
label data and init its memory region when the device is realized, so
introduce realize callback which is called after common dimm has been
realize
Xiao Guangrong [Fri, 20 May 2016 08:19:58 +0000 (16:19 +0800)]
pc-dimm: get memory region from ->get_memory_region()
Curretly, the memory region of backed memory is all directly
mapped to guest's address space, however, it will be not true
for nvdimm device if we introduce nvdimm label which only can
be indirectly accessed by ACPI DSM method
Also it improves the comments a bit to reflect this fact
Igor Mammedov [Thu, 19 May 2016 13:19:30 +0000 (15:19 +0200)]
acpi: make bios_linker_loader_add_checksum() API offset based
It should help to make clear that bios_linker works in terms
of offsets within a file. Also it should prevent mistakes
where user passes as arguments pointers to unrelated to file blobs.
While at it, considering that it's a ACPI checksum and
it's initial value must be 0, move checksum field zeroing
into bios_linker_loader_add_checksum() instead of doing it
at every call site manually before bios_linker_loader_add_checksum()
is called.
Igor Mammedov [Thu, 19 May 2016 13:19:29 +0000 (15:19 +0200)]
acpi: make bios_linker_loader_add_pointer() API offset based
cleanup bios_linker_loader_add_pointer() API by switching
arguments to taking offsets relative to corresponding files
instead of doing pointer arithmetic on behalf of user which
were confusing.
Also make offset inside of source file explicit in API
so that user won't have to manually set it in
destination file blob and while at it add additional
boundary checks.
Igor Mammedov [Thu, 19 May 2016 13:19:28 +0000 (15:19 +0200)]
tpm: apci: cleanup TCPA table initialization
At the time build_tpm_tcpa() is called the tcpalog size is
always 0, so log_area_start_address which is actually offset
from the start of ACPI_BUILD_TPMLOG_FILE is always 0.
Also as 'TCPA' is allocated 0 filled, there is no point
in calculating always 0 log_area_start_address and set
tcpa->log_area_start_address to it since the field should
always point to start of ACPI_BUILD_TPMLOG_FILE.
Make code easier to read dropping not needed offset
calculations.
While at that move tcpalog allocation closer to the code
that defines its size.
Igor Mammedov [Thu, 19 May 2016 13:19:27 +0000 (15:19 +0200)]
acpi: cleanup bios_linker_loader_cleanup()
bios_linker_loader_cleanup() is called only from one place
and returned value is immediately freed wich makes returning
pointer from bios_linker_loader_cleanup() useless.
Cleanup bios_linker_loader_cleanup() by freeing
data there so that caller won't have to free it.
Igor Mammedov [Thu, 19 May 2016 13:19:26 +0000 (15:19 +0200)]
acpi: simplify bios_linker API by removing redundant 'table' argument
'table' argument in bios_linker_add_foo() commands is
a data blob of one of files also passed to the same API.
So instead of passing blob in every API call, add and keep
file name association with related blob at bios_linker_loader_alloc()
time.
And find blob by name looking up allocated file entries
inside of bios_linker_add_foo() commands.
It will:
- make API less confusing,
- enforce calling bios_linker_loader_alloc() before
calling any bios_linker_add_foo()
- make sure that blob is the correct one, i.e.
associated with the right file name
Igor Mammedov [Tue, 31 May 2016 10:01:17 +0000 (12:01 +0200)]
pc: use AcpiDeviceIfClass.send_event to issue GPE events
it reduces number of args passed in handlers by 1 and
a number of used proxy wrappers saving ~20LOC.
Also it allows to make cpu/mem hotplug code more
universal as it would allow ARM to reuse it without
rewrite by providing its own send_event callback
to trigger events usiong GPIO instead of GPE
as fixed hadrware ACPI model doen't have GPE at all.
Igor Mammedov [Tue, 31 May 2016 09:57:57 +0000 (11:57 +0200)]
acpi: extend ACPI interface to provide send_event hook
send_event() hook will allow to send ACPI event in
a target specific way (GPE or GPIO based impl.)
it will also simplify proxy wrappers in piix4pm/ich9
that access ACPI regs and SCI which are part of
piix4pm/lcp_ich9 devices and call acpi_foo() API directly.
Corey Minyard [Tue, 24 May 2016 17:37:17 +0000 (12:37 -0500)]
ipmi: rework the fwinfo to be fetched from the interface
Instead of scanning IPMI devices from a fwinfo list, allow
the fwinfo to be fetched from the IPMI interface class.
Then the code looking for IPMI fwinfo can scan devices on a
bus and look for ones that implement the IPMI class.
This will let the ACPI scope be defined by the calling
code so the IPMI code doesn't have to know the scope.
Igor Mammedov [Tue, 17 May 2016 14:43:03 +0000 (16:43 +0200)]
pc: acpi: cpuhp-legacy: switch ProcessorID to possible_cpus idx
In legacy cpu-hotplug ProcessorID == APIC ID is used
in MADT and cpu-hotplug AML. It was fine as both
are 8bit and unique. Spec depricated Processor()
with corresponding ProcessorID and advises to use
Device() and UID instead of it.
However UID is just 32bit and it can't fit ARM's
arch_id(MPIDR) which is 64bit. Also in case of
sparse arch_id() distribution, managment/lookup
of maps by arch_id(APIC ID/MPIDR) becomes complex
and expensive.
In preparation to common CPU hotplug with ARM
and to simplify lookup in possible_cpus[] map
switch ProcessorID to possible_cpus index in
MADT.
Legacy cpu-hotplug considerations:
HW interface of it is APIC ID based bitmask so
it's impossible to change, also CPON package in
AML also APIC ID based as well all the methods.
To avoid massive rewrite of AML keep is so and
just break assumption that ProcessorID == APIC ID,
ammending CPU_MAT_METHOD to accept APIC ID and
possible_cpus index, it needs them both to patch
MADT entry template. Also switch to possible_cpus
index Processor(ProcessorID) AML.
That way changes to MADT/AML are minimal and kept
inside AML/MADT not affecting external interfaces.
since IO block used by CPU hotplug is fixed size and
initialized it the same file as build_legacy_cpu_hotplug_aml()
just use ACPI_GPE_PROC_LEN directly instead of passing
it around in several files.
Igor Mammedov [Tue, 17 May 2016 14:43:01 +0000 (16:43 +0200)]
pc: acpi: consolidate legacy CPU hotplug in one file
Since AML part of CPU hotplug is tightly coupled with
its hardware part (IO port layout/protocol), move
build_legacy_cpu_hotplug_aml() to cpu_hotplug.c
and remove empty cpu_hotplug_acpi_table.c
Igor Mammedov [Thu, 26 May 2016 09:46:45 +0000 (11:46 +0200)]
tests: acpi: report names of expected files in verbose mode
print expected file name if it doesn't exists if
verbose mode is enabled*. It helps to avoid running
bios-tables-test under debugger to figure out missing
file name.
*)
verbose mode is enabled if "V" env. variable is set
Peter Maydell [Tue, 7 Jun 2016 11:54:25 +0000 (12:54 +0100)]
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.7-20160607' into staging
ppc patch queue for 2016-05-31
Latest patch queue for ppc. Several significant things in here:
* A bunch of patches from BenH fixing things in TCG
- This should fix several regressions introduced by recent
patches for better HV mode support
- It also fixes some other bugs discovered along the way
* Some fixes and cleanups for Mac machine types from Marc
Cave-Ayland
* Preliminary patches towards dynamic DMA window support from Alexey
Kardashevskiy
- This includes a patch to migration code code
* Increase number of hotpluggable memory slots
- Includes a change to KVM generic code, ACKed by Paolo
* Another TCG fix for an SPE instruction
# gpg: Signature made Tue 07 Jun 2016 11:46:57 BST
# gpg: using RSA key 0x6C38CACA20D9B392
# gpg: Good signature from "David Gibson <[email protected]>"
# gpg: aka "David Gibson (Red Hat) <[email protected]>"
# gpg: aka "David Gibson (ozlabs.org) <[email protected]>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392
* remotes/dgibson/tags/ppc-for-2.7-20160607: (26 commits)
ppc: Do not take exceptions on unknown SPRs in privileged mode
ppc: Add missing slbfee. instruction on ppc64 BookS processors
ppc: Fix slbia decode
ppc: Fix mtmsr decoding
ppc: POWER7 has lq/stq instructions and stq need to check ISA
ppc: POWER7 had ACOP and PID registers
ppc: Batch TLB flushes on 32-bit 6xx/7xx/7xxx in hash mode
ppc: Fix tlb invalidations on 6xx/7xx/7xxx 32-bit processors
ppc: Properly tag the translation cache based on MMU mode
dbdma: use DMA memory interface for memory accesses
macio: use DMA memory interface for non-block ATAPI transfers
target-ppc: fixup bitrot in mmu_helper.c debug statements
spapr_pci: Drop cannot_instantiate_with_device_add_yet=false
ppc: fix hrfid, tlbia and slbia privilege
ppc: Fix hreg_store_msr() so that non-HV mode cannot alter MSR:HV
ppc: Better figure out if processor has HV mode
spapr: Introduce pseries-2.7 machine type
spapr: Increase hotpluggable memory slots to 256
spapr_pci: Add and export DMA resetting helper
spapr_pci: Reset DMA config on PHB reset
...
Since at least the 2.05 architecture, the slbia instruction takes an
IH field in the opcode to provide some control on the effect of the
slbia on the ERATs (level-1 TLB).
We can safely ignore it as we always flush the whole qemu TLB but
we should allow the bits in the decode.
ppc: POWER7 has lq/stq instructions and stq need to check ISA
The PPC_64BX instruction flag is used for a couple of newer
instructions currently on POWER8 but our implementation for
them works for POWER7 too (and already does the proper checking
of what is permitted) with one exception: stq needs to check
the ISA version.
This fixes the latter and add the instructions to POWER7
ppc: Batch TLB flushes on 32-bit 6xx/7xx/7xxx in hash mode
This ports the existing 64-bit mechanism to 32-bit, thus series
of 64 tlbie's followed by a sync like some versions of Darwin
(ab)use will result in a single flush.
We apply a pending flush on any sync instruction though, as Darwin
doesn't use tlbsync on non-SMP systems.
ppc: Fix tlb invalidations on 6xx/7xx/7xxx 32-bit processors
The processor only uses some bits of the address and invalidates an
entire congruence class. Some OSes such as Darwin and HelenOS take
advantage of this and occasionally invalidate the entire TLB by just
doing a series of 64 consecutive tlbie for example.
Our code tries to be too smart here only invalidating a segment
congruence class (ie, allowing more address bits to be relevant
in the invalidation), this fails miserably on those OSes.
Instead don't bother, do like ppc64 and blow the whole tlb when tlbie
is executed.
ppc: Properly tag the translation cache based on MMU mode
We used to always flush the TLB when changing relocation mode in
MSR:IR and MSR:DR (ie. MMU on/off for Instructions and Data).
We don't anymore since we have split mmu_idx for instruction and data.
However, since we hard code the mmu_idx in the translated code, we
now need to also make sure MSR:IR and MSR:DR are part of the hflags
used to tag translated code, so that we use different translated
code for different MMU settings.
commit 74693da98894 ('ppc: tlbie, tlbia and tlbisync are HV only')
introduced some extra checks on the instruction privilege. slbia was
changed wrongly and hrfid, tlbia were forgotten.
ppc: Fix hreg_store_msr() so that non-HV mode cannot alter MSR:HV
This helper is only used by the various instructions that can alter
MSR and not interrupts. Add a comment to that effect to the interrupt
code as well in case somebody wants to change this
We use an env. flag which is set to the initial value of MSR_HVB in
the msr_mask. We also adjust the POWER8 mask to set SHV.
Also use this to adjust ctx.hv so that it is *set* when the processor
doesn't have an HV mode (970 with Apple mode for example), thus enabling
hypervisor instructions/SPRs.
Signed-off-by: Benjamin Herrenschmidt <[email protected]> Reviewed-by: David Gibson <[email protected]>
[clg: ctx.hv used to be defined only for the hypervisor kernel
(HV=1|PR=0). It is now defined also when PR=1 and conditions are
fixed accordingly.
stripped unwanted tabs.] Signed-off-by: Cédric Le Goater <[email protected]> Signed-off-by: David Gibson <[email protected]>
We are going to have multiple DMA windows at different offsets on
a PCI bus. For the sake of migration, we will have as many TCE table
objects pre-created as many windows supported.
So we need a way to map windows dynamically onto a PCI bus
when migration of a table is completed but at this stage a TCE table
object does not have access to a PHB to ask it to map a DMA window
backed by just migrated TCE table.
This adds a "root" memory region (UINT64_MAX long) to the TCE object.
This new region is mapped on a PCI bus with enabled overlapping as
there will be one root MR per TCE table, each of them mapped at 0.
The actual IOMMU memory region is a subregion of the root region and
a TCE table enables/disables this subregion and maps it at
the specific offset inside the root MR which is 1:1 mapping of
a PCI address space.
The source guest could have reallocated the default TCE table and
migrate bigger/smaller table. This adds reallocation in post_load()
if the default table size is different on source and destination.
This adds @bus_offset, @page_shift to the migration stream as
a subsection so when DDW is added, migration to older machines will
still be possible. As @bus_offset and @page_shift are not used yet,
this makes no change in behavior.
spapr_iommu: Introduce "enabled" state for TCE table
Currently TCE tables are created once at start and their sizes never
change. We are going to change that by introducing a Dynamic DMA windows
support where DMA configuration may change during the guest execution.
This changes spapr_tce_new_table() to create an empty zero-size IOMMU
memory region (IOMMU MR). Only LIOBN is assigned by the time of creation.
It still will be called once at the owner object (VIO or PHB) creation.
This introduces an "enabled" state for TCE table objects, some
helper functions are added:
- spapr_tce_table_enable() receives TCE table parameters, stores in
sPAPRTCETable and allocates a guest view of the TCE table
(in the user space or KVM) and sets the correct size on the IOMMU MR;
- spapr_tce_table_disable() disposes the table and resets the IOMMU MR
size; it is made public as the following DDW code will be using it.
This changes the PHB reset handler to do the default DMA initialization
instead of spapr_phb_realize(). This does not make differenct now but
later with more than just one DMA window, we will have to remove them all
and create the default one on a system reset.
No visible change in behaviour is expected except the actual table
will be reallocated every reset. We might optimize this later.
The other way to implement this would be dynamically create/remove
the TCE table QOM objects but this would make migration impossible
as the migration code expects all QOM objects to exist at the receiver
so we have to have TCE table objects created when migration begins.
This allows dynamic allocation for migrating arrays.
Already existing VMSTATE_VARRAY_UINT32 requires an array to be
pre-allocated, however there are cases when the size is not known in
advance and there is no real need to enforce it.
This defines another variant of VMSTATE_VARRAY_UINT32 with WMS_ALLOC
flag which tells the receiving side to allocate memory for the array
before receiving the data.
The first user of it is a dynamic DMA window which existence and size
are totally dynamic.
With specification at hand from the reference manual from Freescale
http://cache.nxp.com/files/32bit/doc/ref_manual/SPEPEM.pdf , I have found a fix
to efscmp* instructions handling in QEMU.
efscmp* instructions in QEMU set crD (Condition Register nibble) values as
(0b0100 << 2) = 0b10000 (consider the HELPER_SINGLE_SPE_CMP macro which left
shifts the value returned by efscmp* handler by 2 bits). A value of 0b10000 is
not correct according the to the reference manual.
The reference manual expects efscmp* instructions to return a value of 0bx1xx.
Please find attached a patch which disables left shifting in
HELPER_SINGLE_SPE_CMP macro. This macro is used by efscmp* and efstst*
instructions only. efstst* instruction handlers, in turn, call efscmp* handlers
too.
*Explanation:*
Traditionally, each crD (condition register nibble) consist of 4 bits, which is
set by comparisons as follows:
crD = W X Y Z
where
W = Less than
X = Greater than
Y = Equal to
However, efscmp* instructions being a special case return a binary result.
(efscmpeq will set the crD = 0bx1xx iff when op1 == op2 and 0bx0xx otherwise;
i.e. there is no notion of different crD values based on Less than, Greater
than and Equal to).
This effectively means that crD will store a "Greater than" comparison result
iff efscmp* instruction comparison is TRUE. Compiler exploits this feature by
checking for "Branch if Less than or Equal to" (ble instruction) OR "Branch if
Greater than" (bgt instruction) for Branch if FALSE OR Branch if TRUE
respectively after an efscmp* instruction. This can be seen in a assembly code
snippet below:
Peter Maydell [Mon, 6 Jun 2016 16:02:42 +0000 (17:02 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160606-1' into staging
target-arm queue:
* support instruction syndrome info for data aborts from A64 to EL2
* add HSTR_EL2 register
* fix incorrect ESR IL bits in various syndrome register cases
* virt: fix limit of 64-bit ACPI/ECAM PCI MMIO range
* gicv2: RAZ/WI non-sec access to sec interrupts
* i2c: add aspeed i2c controller
* virt: Reject gic-version=host for non-KVM (don't segv on aarch64 host)
* xlnx-zynqmp: Add a secure prop to en/disable ARM Security Extensions
* xlnx-zynqmp: Support KVM on AArch64 hosts
* ptimer: Various fixes for awkward corner cases
* char: QOMify various ARM UART models
* char: get rid of qemu_char_get_next_serial
* target-arm: Fix TTBR selecting logic on AArch32 Stage 2 translation
* zynqmp: Add the ZCU102 board
# gpg: Signature made Mon 06 Jun 2016 17:01:11 BST
# gpg: using RSA key 0x3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <[email protected]>"
# gpg: aka "Peter Maydell <[email protected]>"
# gpg: aka "Peter Maydell <[email protected]>"
* remotes/pmaydell/tags/pull-target-arm-20160606-1: (25 commits)
zynqmp: Add the ZCU102 board
target-arm: Fix TTBR selecting logic on AArch32 Stage 2 translation
char: get rid of qemu_char_get_next_serial
hw/char: QOM'ify xilinx_uartlite model
hw/char: QOM'ify stm32f2xx_usart model
hw/char: QOM'ify digic-uart model
hw/char: QOM'ify cadence_uart model
hw/char: QOM'ify pl011 model
hw/ptimer: Introduce ptimer_get_limit
hw/ptimer: Support "on the fly" timer mode switch
hw/ptimer: Update .delta on period/freq change
hw/ptimer: Perform counter wrap around if timer already expired
hw/ptimer: Fix issues caused by the adjusted timer limit value
xlnx-zynqmp: Use the in kernel GIC model for KVM runs
xlnx-zynqmp: Delay realization of GIC until post CPU realization
xlnx-zynqmp: Make the RPU subsystem optional
xlnx-zynqmp: Add a secure prop to en/disable ARM Security Extensions
hw/arm/virt: Reject gic-version=host for non-KVM
i2c: add aspeed i2c controller
hw/intc/gic: RAZ/WI non-sec access to sec interrupts
...
Most Zynq UltraScale+ users will be targetting and using the ZCU102
board instead of the development focused EP108. To make our QEMU machine
names clearer add a ZCU102 machine model.
Sergey Sorokin [Mon, 6 Jun 2016 15:59:32 +0000 (16:59 +0100)]
target-arm: Fix TTBR selecting logic on AArch32 Stage 2 translation
Address size is 40-bit for the AArch32 stage 2 translation,
and t0sz can be negative (from -8 to 7),
so we need to adjust it to use the existing TTBR selecting logic.
xiaoqiang zhao [Mon, 6 Jun 2016 15:59:32 +0000 (16:59 +0100)]
hw/char: QOM'ify xilinx_uartlite model
* drop qemu_char_get_next_serial and use chardev prop
* create xilinx_uartlite_create wrapper function to create
xilinx_uartlite device
* change affected board code to use the new way
xiaoqiang zhao [Mon, 6 Jun 2016 15:59:31 +0000 (16:59 +0100)]
hw/char: QOM'ify cadence_uart model
* drop qemu_char_get_next_serial and use chardev prop
* create cadence_uart_create wrapper function to create
cadence_uart_device
* change affected board code to use the new way
xiaoqiang zhao [Mon, 6 Jun 2016 15:59:31 +0000 (16:59 +0100)]
hw/char: QOM'ify pl011 model
* drop qemu_char_get_next_serial and use chardev prop
* add pl011_create wrapper function to create pl011 uart device
* change affected board code to use the new way
projects / qemu.git / log