linux-aio: properly bubble up errors from initialization
laio_init() can fail for a couple of reasons, which will lead to a NULL
pointer dereference in laio_attach_aio_context().
To solve this, add a aio_setup_linux_aio() function which is called
early in raw_open_common. If this fails, propagate the error up. The
signature of aio_get_linux_aio() was not modified, because it seems
preferable to return the actual errno from the possible failing
initialization calls.
Additionally, when the AioContext changes, we need to associate a
LinuxAioState with the new AioContext. Use the bdrv_attach_aio_context
callback and call the new aio_setup_linux_aio(), which will allocate a
new AioContext if needed, and return errors on failures. If it fails for
any reason, fallback to threaded AIO with an error message, as the
device is already in-use by the guest.
Add an assert that aio_get_linux_aio() cannot return NULL.
Peter Maydell [Tue, 26 Jun 2018 17:23:49 +0000 (18:23 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180626' into staging
target-arm queue:
* aspeed: set APB clocks correctly (fixes slowdown on palmetto)
* smmuv3: cache config data and TLB entries
* v7m/v8m: support read/write from MPU regions smaller than 1K
* various: clean up logging/debug messages
* xilinx_spips: Make dma transactions as per dma_burst_size
* remotes/pmaydell/tags/pull-target-arm-20180626: (32 commits)
aspeed/timer: use the APB frequency from the SCU
aspeed: initialize the SCU controller first
aspeed/scu: introduce clock frequencies
hw/arm/smmuv3: Add notifications on invalidation
hw/arm/smmuv3: IOTLB emulation
hw/arm/smmuv3: Cache/invalidate config data
hw/arm/smmuv3: Fix translate error handling
target/arm: Handle small regions in get_phys_addr_pmsav8()
target/arm: Set page (region) size in get_phys_addr_pmsav7()
tcg: Support MMU protection regions smaller than TARGET_PAGE_SIZE
hw/arm/stellaris: Use HWADDR_PRIx to display register address
hw/arm/stellaris: Fix gptm_write() error message
hw/net/smc91c111: Use qemu_log_mask(UNIMP) instead of fprintf
hw/net/smc91c111: Use qemu_log_mask(GUEST_ERROR) instead of hw_error
hw/net/stellaris_enet: Use qemu_log_mask(GUEST_ERROR) instead of hw_error
hw/net/stellaris_enet: Fix a typo
hw/arm/stellaris: Use qemu_log_mask(UNIMP) instead of fprintf
hw/arm/omap: Use qemu_log_mask(GUEST_ERROR) instead of fprintf
hw/arm/omap1: Use qemu_log_mask(GUEST_ERROR) instead of fprintf
hw/i2c/omap_i2c: Use qemu_log_mask(UNIMP) instead of fprintf
...
Cédric Le Goater [Tue, 26 Jun 2018 16:50:42 +0000 (17:50 +0100)]
aspeed/timer: use the APB frequency from the SCU
The timer controller can be driven by either an external 1MHz clock or
by the APB clock. Today, the model makes the assumption that the APB
frequency is always set to 24MHz but this is incorrect.
The AST2400 SoC on the palmetto machines uses a 48MHz input clock
source and the APB can be set to 48MHz. The consequence is a general
system slowdown. The QEMU machines using the AST2500 SoC do not seem
impacted today because the APB frequency is still set to 24MHz.
We fix the timer frequency for all SoCs by linking the Timer model to
the SCU model. The APB frequency driving the timers is now the one
configured for the SoC.
Cédric Le Goater [Tue, 26 Jun 2018 16:50:42 +0000 (17:50 +0100)]
aspeed/scu: introduce clock frequencies
All Aspeed SoC clocks are driven by an input source clock which can
have different frequencies : 24MHz or 25MHz, and also, on the Aspeed
AST2400 SoC, 48MHz. The H-PLL (CPU) clock is defined from a
calculation using parameters in the H-PLL Parameter register or from a
predefined set of frequencies if the setting is strapped by hardware
(Aspeed AST2400 SoC). The other clocks of the SoC are then defined
from the H-PLL using dividers.
We introduce first the APB clock because it should be used to drive
the Aspeed timer model.
Eric Auger [Tue, 26 Jun 2018 16:50:42 +0000 (17:50 +0100)]
hw/arm/smmuv3: Add notifications on invalidation
On TLB invalidation commands, let's call registered
IOMMU notifiers. Those can only be UNMAP notifiers.
SMMUv3 does not support notification on MAP (VFIO).
This patch allows vhost use case where IOTLB API is notified
on each guest IOTLB invalidation.
Eric Auger [Tue, 26 Jun 2018 16:50:42 +0000 (17:50 +0100)]
hw/arm/smmuv3: IOTLB emulation
We emulate a TLB cache of size SMMU_IOTLB_MAX_SIZE=256.
It is implemented as a hash table whose key is a combination
of the 16b asid and 48b IOVA (Jenkins hash).
Entries are invalidated on TLB invalidation commands, either
globally, or per asid, or per asid/iova.
Eric Auger [Tue, 26 Jun 2018 16:50:42 +0000 (17:50 +0100)]
hw/arm/smmuv3: Cache/invalidate config data
Let's cache config data to avoid fetching and parsing STE/CD
structures on each translation. We invalidate them on data structure
invalidation commands.
We put in place a per-smmu mutex to protect the config cache. This
will be useful too to protect the IOTLB cache. The caches can be
accessed without BQL, ie. in IO dataplane. The same kind of mutex was
put in place in the intel viommu.
Jia He [Tue, 26 Jun 2018 16:50:42 +0000 (17:50 +0100)]
hw/arm/smmuv3: Fix translate error handling
In case the STE's config is "Bypass" we currently don't set the
IOMMUTLBEntry perm flags and the access does not succeed. Also
if the config is 0b0xx (Aborted/Reserved), decode_ste and
smmuv3_decode_config currently returns -EINVAL and we don't enter
the expected code path: we record an event whereas we should not.
This patch fixes those bugs and simplifies the error handling.
decode_ste and smmuv3_decode_config now return 0 if aborted or
bypassed config was found. Only bad config info produces negative
error values. In smmuv3_translate we more clearly differentiate
errors, bypass/smmu disabled, aborted and success cases. Also
trace points are differentiated.
Peter Maydell [Tue, 26 Jun 2018 16:50:42 +0000 (17:50 +0100)]
target/arm: Handle small regions in get_phys_addr_pmsav8()
Allow ARMv8M to handle small MPU and SAU region sizes, by making
get_phys_add_pmsav8() set the page size to the 1 if the MPU or
SAU region covers less than a TARGET_PAGE_SIZE.
We choose to use a size of 1 because it makes no difference to
the core code, and avoids having to track both the base and
limit for SAU and MPU and then convert into an artificially
restricted "page size" that the core code will then ignore.
Since the core TCG code can't handle execution from small
MPU regions, we strip the exec permission from them so that
any execution attempts will cause an MPU exception, rather
than allowing it to end up with a cpu_abort() in
get_page_addr_code().
(The previous code's intention was to make any small page be
treated as having no permissions, but unfortunately errors
in the implementation meant that it didn't behave that way.
It's possible that some binaries using small regions were
accidentally working with our old behaviour and won't now.)
We also retain an existing bug, where we ignored the possibility
that the SAU region might not cover the entire page, in the
case of executable regions. This is necessary because some
currently-working guest code images rely on being able to
execute from addresses which are covered by a page-sized
MPU region but a smaller SAU region. We can remove this
workaround if we ever support execution from small regions.
Peter Maydell [Tue, 26 Jun 2018 16:50:41 +0000 (17:50 +0100)]
target/arm: Set page (region) size in get_phys_addr_pmsav7()
We want to handle small MPU region sizes for ARMv7M. To do this,
make get_phys_addr_pmsav7() set the page size to the region
size if it is less that TARGET_PAGE_SIZE, rather than working
only in TARGET_PAGE_SIZE chunks.
Since the core TCG code con't handle execution from small
MPU regions, we strip the exec permission from them so that
any execution attempts will cause an MPU exception, rather
than allowing it to end up with a cpu_abort() in
get_page_addr_code().
(The previous code's intention was to make any small page be
treated as having no permissions, but unfortunately errors
in the implementation meant that it didn't behave that way.
It's possible that some binaries using small regions were
accidentally working with our old behaviour and won't now.)
Peter Maydell [Tue, 26 Jun 2018 16:50:41 +0000 (17:50 +0100)]
tcg: Support MMU protection regions smaller than TARGET_PAGE_SIZE
Add support for MMU protection regions that are smaller than
TARGET_PAGE_SIZE. We do this by marking the TLB entry for those
pages with a flag TLB_RECHECK. This flag causes us to always
take the slow-path for accesses. In the slow path we can then
special case them to always call tlb_fill() again, so we have
the correct information for the exact address being accessed.
This change allows us to handle reading and writing from small
regions; we cannot deal with execution from the small region.
MAINTAINERS: Adopt the Gumstix computers-on-module machines
These COMs are hard to find, and the companie dropped the support
few years ago.
Per the "Gumstix Product Changes, Known Issues, and EOL" pdf:
- Phasing out: PXA270-based Verdex product line
September 2012
- Phasing out: PXA255-based Basix & Connex
September 2009
However there are still booting SD card image availables, very
convenient to stress test the QEMU SD card implementation.
Therefore I volunteer to keep an eye on this file, while it
is useful for testing.
Cédric Le Goater [Tue, 26 Jun 2018 16:50:39 +0000 (17:50 +0100)]
aspeed/smc: fix dummy cycles count when in dual IO mode
When configured in dual I/O mode, address and data are sent in dual
mode, including the dummy byte cycles in between. Adapt the count to
the IO setting.
* remotes/kraxel/tags/vga-20180626-pull-request:
virtio-gpu-3d: Drop workaround for VIRTIO_GPU_CAPSET_VIRGL2 define
ramfb: fix overflow
vga: set owner for mmio regions
* remotes/kraxel/tags/ui-20180626-pull-request:
sdl2: add checking for NULL
sdl2: fix copypaste issues
Add gles support to egl-helpers, wire up in egl-headless and gtk.
Peter Maydell [Fri, 22 Jun 2018 17:32:49 +0000 (18:32 +0100)]
virtio-gpu-3d: Drop workaround for VIRTIO_GPU_CAPSET_VIRGL2 define
In commit a8bff79e9f27df we added a definition to hw/virtio/virtio-gpu.h
for VIRTIO_GPU_CAPSET_VIRGL2, as a workaround for it not yet being
in the Linux kernel headers. In commit 77d361b13c19 we updated our
kernel headers to a version which does define the macro, so we can
now remove our workaround.
Gerd Hoffmann [Tue, 26 Jun 2018 08:31:19 +0000 (10:31 +0200)]
ramfb: fix overflow
> CID 1393621: (OVERFLOW_BEFORE_WIDEN)
> Potentially overflowing expression "stride * s->height" with type "unsigned
> int" (32 bits, unsigned) is evaluated using +32-bit arithmetic, and then used
> in a context that expects an expression of type "hwaddr" (64 bits, unsigned).
Peter Maydell [Tue, 26 Jun 2018 11:49:24 +0000 (12:49 +0100)]
Merge remote-tracking branch 'remotes/ehabkost/tags/machine-next-pull-request' into staging
Machine queue, 2018-06-25
* Don't support --daemonize and --preconfig together
* Deprecate machine types pc-0.10 and pc-0.11
# gpg: Signature made Mon 25 Jun 2018 23:37:59 BST
# gpg: using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <[email protected]>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6
* remotes/ehabkost/tags/machine-next-pull-request:
hw/i386: Deprecate the machine types pc-0.10 and pc-0.11
vl.c: do not allow --daemonize in combination with --preconfig CLI option
Pavel Dovgalyuk [Tue, 26 Jun 2018 06:47:29 +0000 (09:47 +0300)]
sdl2: add checking for NULL
Sometimes SDL2 console can't be retrieved on events and scon variable
becomes NULL. This patch prevents processing of the events when the console
is not available.
Pavel Dovgalyuk [Tue, 26 Jun 2018 06:40:17 +0000 (09:40 +0300)]
sdl2: fix copypaste issues
This patch fixes text and mouse event processing. These functions used
'key' field of the event instead of appropriate 'text', 'motion', 'button',
or 'wheel'.
Gerd Hoffmann [Mon, 18 Jun 2018 11:21:41 +0000 (13:21 +0200)]
Add gles support to egl-helpers, wire up in egl-headless and gtk.
Add support for OpenGL ES to egl-helpers. Wire up the new option for
egl-headless and gtk UIs. egl-headless actually works fine. gtk hits a
not-yet implemented code path in libEGL when trying to use gles mode:
libEGL warning: FIXME: egl/x11 doesn't support front buffer rendering.
Peter Maydell [Tue, 26 Jun 2018 10:10:49 +0000 (11:10 +0100)]
Merge remote-tracking branch 'remotes/ehabkost/tags/x86-next-pull-request' into staging
x86 queue, 2018-06-25
* Add TOPOEXT feature to EPYC CPU model
* AMD's amd-ssbd and amd-no-ssbd CPUID features
* Removed unused CPUID flag names: ospke, osxsave
* Better formatting of '-cpu help'
# gpg: Signature made Mon 25 Jun 2018 23:18:51 BST
# gpg: using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <[email protected]>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6
* remotes/ehabkost/tags/x86-next-pull-request:
i386: Remove generic SMT thread check
i386: Enable TOPOEXT feature on AMD EPYC CPU
i386: Fix up the Node id for CPUID_8000_001E
i386: Allow TOPOEXT to be enabled on older kernels
i386: Define AMD's no SSB mitigation needed.
i386: define the AMD 'amd-ssbd' CPUID feature bit
i386: Remove ospke CPUID flag name
i386: Remove osxsave CPUID flag name
i386: display known CPUID features linewrapped, in alphabetical order
i386: improve sorting of CPU model names
i386: improve alignment of CPU model listing
i386: Add support for CPUID_8000_001E for AMD
Paolo Bonzini [Mon, 25 Jun 2018 20:50:48 +0000 (16:50 -0400)]
ahci: fix FIS I bit and PIO Setup FIS interrupt
The "I" bit in PIO Setup and D2H FISes is exclusively a device concept
and the irqstatus register in the controller does not matter. The SATA
spec says when it should be one; for D2H FISes in practice it is always
set, while the PIO Setup FIS has several subcases that are documented in
the patch.
Also, the PIO Setup FIS interrupt is actually generated _after_ data
has been received.
Someone should probably spend some time reading the SATA specification and
figuring out the more obscure fields in the PIO Setup FIS, but this is enough
to fix SeaBIOS booting from ATAPI CD-ROMs over an AHCI controller.
Thomas Huth [Mon, 25 Jun 2018 09:05:12 +0000 (11:05 +0200)]
hw/i386: Deprecate the machine types pc-0.10 and pc-0.11
The oldest machine type which is still used in a still maintained distro
is a pc-0.12 based machine type in RHEL6, so everything that is older
than pc-0.12 should not be used anymore. Thus let's deprecate pc-0.10
and pc-0.11 so that we can finally remove them in a future release.
Igor Mammedov [Wed, 20 Jun 2018 13:24:19 +0000 (15:24 +0200)]
vl.c: do not allow --daemonize in combination with --preconfig CLI option
some users when using --daemonize expect that QEMU will parse CLI options,
initialize VM and only then complete daemonzation by signalling lead
process to exit and start listening on monitor socket. So users treat
parent process exit as sync point to connect to QEMU's monitor.
That however doesn't work when --preconfig options is used, since it
provides monitor before completing daemonization and expects user to
issue exit-preconfig command when additional configuration via monitor
is finished. We also can't move completing daemonization before
preconfig monitor becomes available, since that would imply:
* partially loosing ability to configure QEMU instance in --preconfig
mode since QEMU might drop privileges, chroot and do other things
when daemonization is completed
* lead to loss of error messages in case they would happen after
daemonization
Be proactive now and make options mutually exclusive, so users would
get clear error message instead of waiting for lead process exit
indefinitely before connecting to monitor.
PS:
In case someone would come up with usecase where both options should
be enabled at the same time we could drop this restriction as far
as daemonization point is left where it is now (os_setup_post).
* remotes/kraxel/tags/audio-20180625-pull-request:
audio: Convert use of atoi to qemu_strtoi
audio/hda: enable new timer code by default.
audio/hda: detect output buffer overruns
audio/hda: tweak timer adjust logic
audio/hda: turn some dprintfs into trace points
audio/hda: create millisecond timers that handle IO
Gerd Hoffmann [Fri, 22 Jun 2018 11:11:59 +0000 (13:11 +0200)]
audio/hda: detect output buffer overruns
If some event caused some larger playback hickup the fine-grained timer
adjust isn't able to recover. Use a buffer overruns as indicator for
that. Reset timer adjust logic in case we detected one.
Gerd Hoffmann [Fri, 22 Jun 2018 11:11:58 +0000 (13:11 +0200)]
audio/hda: tweak timer adjust logic
We have some jitter in the audio timer call frequency and buffer sizes.
So it is rather pointless trying to be very exact, effect is a constant
up+down adjustment. So adjust only in case we are off too much.
Gerd Hoffmann [Fri, 22 Jun 2018 11:11:56 +0000 (13:11 +0200)]
audio/hda: create millisecond timers that handle IO
Currently, the HDA device tries to sync itself with the QEMU audio
backend by waiting for the guest driver to handle buffer completion
interrupts. This causes the backend to often read too much data from the
device, as well as running out of data whenever the guest takes too long
to handle the interrupt.
According to the HDA specification, the guest is also not required to
use interrupts, but can also sync itself by polling the LPIB registers.
This patch will introduce high frequency (1000Hz) timers that interface
with the device and allow for much smoother emulation of the LPIB
registers. Since the timing is now provided by these timers, the need
to wait for buffer completion interrupts also ceases.
[ kraxel: keep old code for compatibility with older qemu versions,
add property to switch code paths at runtime ]
[ kraxel: new code is disabled by default, use-timer=on enables it ]
Babu Moger [Tue, 19 Jun 2018 21:31:57 +0000 (17:31 -0400)]
i386: Fix up the Node id for CPUID_8000_001E
This is part of topoext support. To keep the compatibility, it is better
we support all the combination of nr_cores and nr_threads currently
supported. By allowing more nr_cores and nr_threads, we might end up with
more nodes than we can actually support with the real hardware. We need to
fix up the node id to make this work. We can achieve this by shifting the
socket_id bits left to address more nodes.
AMD future CPUs expose _two_ ways to utilize the Intel equivalant
of the Speculative Store Bypass Disable. The first is via
the virtualized VIRT_SPEC CTRL MSR (0xC001_011f) and the second
is via the SPEC_CTRL MSR (0x48). The document titled:
124441_AMD64_SpeculativeStoreBypassDisable_Whitepaper_final.pdf
gives priority of SPEC CTRL MSR over the VIRT SPEC CTRL MSR.
A copy of this document is available at
https://bugzilla.kernel.org/show_bug.cgi?id=199889
Anyhow, this means that on future AMD CPUs there will be _two_ ways to
deal with SSBD.
Eduardo Habkost [Mon, 11 Jun 2018 20:37:12 +0000 (17:37 -0300)]
i386: Remove ospke CPUID flag name
OSPKE is not a static feature flag: it changes dynamically at
runtime depending on CR4, and it was never configurable: KVM
never returned OSPKE on GET_SUPPORTED_CPUID, and on TCG enables
it automatically if CR4_PKE_MASK is set.
Remove OSPKE from the feature name array so users don't try to
configure it manually.
Eduardo Habkost [Mon, 11 Jun 2018 20:38:55 +0000 (17:38 -0300)]
i386: Remove osxsave CPUID flag name
OSXAVE is not a static feature flag: it changes dynamically at
runtime depending on CR4, and it was never configurable: KVM
never returned OSXSAVE on GET_SUPPORTED_CPUID, and it is not
included in TCG_EXT_FEATURES.
Remove OSXSAVE from the feature name array so users don't try to
configure it manually.
i386: display known CPUID features linewrapped, in alphabetical order
When using '-cpu help' the list of CPUID features is grouped according
to the internal low level CPUID grouping. The data printed results in
very long lines too.
This combines to make it hard for users to read the output and identify
if QEMU knows about the feature they wish to use.
This change gets rid of the grouping of features and treats all flags as
single list. The list is sorted into alphabetical order and the printing
with line wrapping at the 77th column.
The current list of CPU model names output by "-cpu help" is sorted
alphabetically based on the internal QOM class name. The text that is
displayed, however, uses the CPU model name, which is equivalent to the
QOM class name, minus a suffix. Unfortunately that suffix has an effect
on the sort ordering, for example, causing the various Broadwell
variants to appear reversed:
x86 486
x86 Broadwell-IBRS Intel Core Processor (Broadwell, IBRS)
x86 Broadwell-noTSX-IBRS Intel Core Processor (Broadwell, no TSX, IBRS
x86 Broadwell-noTSX Intel Core Processor (Broadwell, no TSX)
x86 Broadwell Intel Core Processor (Broadwell)
x86 Conroe Intel Celeron_4x0 (Conroe/Merom Class Core 2)
By sorting on the actual CPU model name text that is displayed, the
result is
x86 486
x86 Broadwell Intel Core Processor (Broadwell)
x86 Broadwell-IBRS Intel Core Processor (Broadwell, IBRS)
x86 Broadwell-noTSX Intel Core Processor (Broadwell, no TSX)
x86 Broadwell-noTSX-IBRS Intel Core Processor (Broadwell, no TSX, IBRS)
x86 Conroe Intel Celeron_4x0 (Conroe/Merom Class Core 2)
This requires extra string allocations during sorting, but this is not a
concern given the usage scenario and the number of CPU models that exist.
Since the addition of the -IBRS CPU model variants, the descriptions
shown by '-cpu help' are not well aligned, as several model names
overflow the space allowed. Right aligning the CPU model names is also
not attractive, because it obscures the common name prefixes of many
models. The CPU model name field needs to be 4 characters larger, and
be left aligned instead.
Babu Moger [Fri, 8 Jun 2018 22:56:17 +0000 (18:56 -0400)]
i386: Add support for CPUID_8000_001E for AMD
Add support for cpuid leaf CPUID_8000_001E. Build the config that closely
match the underlying hardware. Please refer to the Processor Programming
Reference (PPR) for AMD Family 17h Model for more details.
Emilio G. Cota [Fri, 22 Jun 2018 17:45:31 +0000 (13:45 -0400)]
tcg: fix --disable-tcg build breakage
Fix the --disable-tcg breakage introduced by tb_lock's removal by
relying on the fact that tcg_enabled() is set to 0 at
compile-time under --disable-tcg.
While at it, add further asserts to fix builds that enable both
--disable-tcg and --enable-debug, which were broken even before
tb_lock's removal.
Tested to build x86_64-softmmu and i386-softmmu targets.
Peter Maydell [Fri, 22 Jun 2018 15:03:31 +0000 (16:03 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180622' into staging
target-arm queue:
* hw/intc/arm_gicv3: fix wrong values when reading IPRIORITYR
* target/arm: fix read of freed memory in kvm_arm_machine_init_done()
* virt: support up to 512 CPUs
* virt: support 256MB ECAM PCI region (for more PCI devices)
* xlnx-zynqmp: Use Cortex-R5F, not Cortex-R5
* mps2-tz: Implement and use the TrustZone Memory Protection Controller
* target/arm: enforce alignment checking for v6M cores
* xen: Don't use memory_region_init_ram_nomigrate() in pci_assign_dev_load_option_rom()
* vl.c: Don't zero-initialize statics for serial_hds
* remotes/pmaydell/tags/pull-target-arm-20180622: (28 commits)
xen: Don't use memory_region_init_ram_nomigrate() in pci_assign_dev_load_option_rom()
vl.c: Don't zero-initialize statics for serial_hds
target/arm: Strict alignment for ARMv6-M and ARMv8-M Baseline
target/arm: Introduce ARM_FEATURE_M_MAIN
hw/arm/mps2-tz.c: Instantiate MPCs
hw/arm/iotkit: Wire up MPC interrupt lines
hw/arm/iotkit: Instantiate MPC
hw/misc/iotkit-secctl.c: Implement SECMPCINTSTATUS
hw/misc/tz_mpc.c: Honour the BLK_LUT settings in translate
hw/misc/tz-mpc.c: Implement correct blocked-access behaviour
hw/misc/tz-mpc.c: Implement registers
hw/misc/tz-mpc.c: Implement the Arm TrustZone Memory Protection Controller
xlnx-zynqmp: Swap Cortex-R5 for Cortex-R5F
target-arm: Add the Cortex-R5F
hw/arm/virt: Increase max_cpus to 512
hw/arm/virt: Use 256MB ECAM region by default
hw/arm/virt: Add virt-3.0 machine type
hw/arm/virt: Add a new 256MB ECAM region
hw/arm/virt: Register two redistributor regions when necessary
hw/arm/virt-acpi-build: Advertise one or two GICR structures
...
MAINTAINERS: Update QAPI stanza for commit fb0bc835e56
Commit fb0bc835e56 moved code from scripts/qapi-*.py to
scripts/qapi/*.py. It neglected to update MAINTAINERS: scripts/qapi*
matches only the former, not the latter. Do that now.
qapi/introspect: Eliminate pointless variable in .visit_end()
Commit 1a9a507b2e3 "qapi-introspect: Hide type names" added local
variable @jsons to improve sorting, but also removed the sorting. It
was part of a big series that went to v8, and it made sense until v2
or so...
Commit 7d0f982bfbb replaced @jsons by @qlits, preserving the
uselessness.
This commit removes the PYTHON_UTF8 workaround. The problem with setting
LC_ALL= LANG=C LC_CTYPE=en_US.UTF-8
is that the en_US.UTF-8 locale might not be available. In this case
setting above locales results in build errors even though another UTF-8
locale was originally set [1]. The only stable way of fixing the
encoding problem is by specifying the encoding in Python, like the
previous commit does.
Python 2 happily reads UTF-8 files in text mode, but Python 3 requires
either UTF-8 locale or an explicit encoding passed to open(). Commit d4e5ec877ca fixed this by setting the en_US.UTF-8 locale. Falls apart
when the locale isn't be available.
Matthias Maier and Arfrever Frehtes Taifersar Arahesis proposed to use
binary mode instead, with manual conversion from bytes to str. Works,
but opening with an explicit encoding is simpler, so do that.
Since Python 2's open() doesn't support the encoding parameter, we
need to suppress it with a version check.
Anton Nefedov [Mon, 18 Jun 2018 08:40:05 +0000 (11:40 +0300)]
qapi: allow empty branches in flat unions
It often happens that just a few discriminator values imply extra data in
a flat union. Existing checks did not make possible to leave other values
uncovered. Such cases had to be worked around by either stating a dummy
(empty) type or introducing another (subset) discriminator enumeration.
Both options create redundant entities in qapi files for little profit.
With this patch it is not necessary anymore to add designated union
fields for every possible value of a discriminator enumeration.
Max Reitz [Mon, 11 Jun 2018 20:51:59 +0000 (22:51 +0200)]
qdict: Make qdict_flatten() shallow-clone-friendly
In its current form, qdict_flatten() removes all entries from nested
QDicts that are moved to the root QDict. It is completely sufficient to
remove all old entries from the root QDict, however. If the nested
dicts have a refcount of 1, this will automatically delete them, too.
And if they have a greater refcount, we probably do not want to modify
them in the first place.
The latter observation means that it was currently (in general)
impossible to qdict_flatten() a shallowly cloned dict because that would
empty nested QDicts in the original dict as well. This patch changes
this, so you can now use qdict_flatten(qdict_shallow_clone(dict)) to get
a flattened copy without disturbing the original.
The event generator produces an enum, and put it in the last visited
module. It fits better in the main module, since it's the set of all
visited events, from all modules.
Peter Maydell [Fri, 22 Jun 2018 14:14:08 +0000 (15:14 +0100)]
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-3.0-20180622' into staging
ppc patch queue 2018-06-22
Another assorted patch of patches for ppc and spapr.
* Rework of guest pagesize handling for ppc, which avoids guest
visibly different behaviour between accelerators
* A number of Pnv cleanups, working towards more complete POWER9
support
* Migration of VPA data, a significant bugfix
* remotes/dgibson/tags/ppc-for-3.0-20180622: (23 commits)
spapr: Don't rewrite mmu capabilities in KVM mode
spapr: Limit available pagesizes to provide a consistent guest environment
target/ppc: Add ppc_hash64_filter_pagesizes()
spapr: Use maximum page size capability to simplify memory backend checking
spapr: Maximum (HPT) pagesize property
pseries: Update SLOF firmware image to qemu-slof-20180621
target/ppc: Add missing opcode for icbt on PPC440
ppc4xx_i2c: Implement directcntl register
ppc4xx_i2c: Remove unimplemented sdata and intr registers
sm501: Fix hardware cursor color conversion
fpu_helper.c: fix helper_fpscr_clrbit() function
spapr: remove unused spapr_irq routines
spapr: split the IRQ allocation sequence
target/ppc: Add kvmppc_hpt_needs_host_contiguous_pages() helper
spapr: Add cpu_apply hook to capabilities
spapr: Compute effective capability values earlier
target/ppc: Allow cpu compatiblity checks based on type, not instance
ppc/pnv: consolidate the creation of the ISA bus device tree
ppc/pnv: introduce Pnv8Chip and Pnv9Chip models
spapr_cpu_core: migrate VPA related state
...
Eric Blake [Fri, 22 Jun 2018 12:58:14 +0000 (07:58 -0500)]
nbd/server: Silence gcc false positive
The code has a while() loop that always initialized 'end', and
the loop always executes at least once (as evidenced by the assert()
just prior to the loop). But some versions of gcc still complain
that 'end' is used uninitialized, so silence them.
Peter Maydell [Fri, 22 Jun 2018 12:28:42 +0000 (13:28 +0100)]
xen: Don't use memory_region_init_ram_nomigrate() in pci_assign_dev_load_option_rom()
The xen pci_assign_dev_load_option_rom() currently creates a RAM
memory region with memory_region_init_ram_nomigrate(), and then
manually registers it with vmstate_register_ram(). In fact for
its only callsite, the 'owner' pointer we use for the init call
and the '&dev->qdev' pointer we use for the vmstate_register_ram()
call refer to the same object. Simplify the function to only
take a pointer to the device once instead of twice, and use
memory_region_init_ram() which automatically does the vmstate
register for us.
Julia Suvorova [Fri, 22 Jun 2018 12:28:41 +0000 (13:28 +0100)]
target/arm: Introduce ARM_FEATURE_M_MAIN
This feature is intended to distinguish ARMv8-M variants: Baseline and
Mainline. ARMv7-M compatibility requires the Main Extension. ARMv6-M
compatibility is provided by all ARMv8-M implementations.
Peter Maydell [Fri, 22 Jun 2018 12:28:40 +0000 (13:28 +0100)]
hw/arm/iotkit: Wire up MPC interrupt lines
The interrupt outputs from the MPC in the IoTKit and the expansion
MPCs in the board must be wired up to the security controller, and
also all ORed together to produce a single line to the NVIC.
Implement the SECMPCINTSTATUS register. This is the only register
in the security controller that deals with Memory Protection
Controllers, and it simply provides a read-only view of the
interrupt lines from the various MPCs in the system.
Peter Maydell [Fri, 22 Jun 2018 12:28:40 +0000 (13:28 +0100)]
hw/misc/tz_mpc.c: Honour the BLK_LUT settings in translate
The final part of the Memory Protection Controller we need to
implement is actually using the BLK_LUT data programmed by the
guest to determine whether to block the transaction or not.
Since this means we now change transaction mappings when
the guest writes to BLK_LUT, we must also call the IOMMU
notifiers at that point.
Peter Maydell [Fri, 22 Jun 2018 12:28:39 +0000 (13:28 +0100)]
hw/misc/tz-mpc.c: Implement the Arm TrustZone Memory Protection Controller
Implement the Arm TrustZone Memory Protection Controller, which sits
in front of RAM and allows secure software to configure it to either
pass through or reject transactions.
We implement the MPC as a QEMU IOMMU, which will direct transactions
either through to the devices and memory behind it or to a special
"never works" AddressSpace if they are blocked.
This initial commit implements the skeleton of the device:
* it always permits accesses
* it doesn't implement most of the registers
* it doesn't implement the interrupt or other behaviour
for blocked transactions
projects / qemu.git / log