Xiao Guangrong [Fri, 4 Mar 2016 16:00:32 +0000 (00:00 +0800)]
nvdimm acpi: initialize the resource used by NVDIMM ACPI
32 bits IO port starting from 0x0a18 in guest is reserved for NVDIMM
ACPI emulation. The table, NVDIMM_DSM_MEM_FILE, will be patched into
NVDIMM ACPI binary code
OSPM uses this port to tell QEMU the final address of the DSM memory
and notify QEMU to emulate the DSM method
Cao jin [Mon, 7 Mar 2016 12:38:58 +0000 (20:38 +0800)]
ich9lpc: fix typo
change some "rbca" to "rcrb"(root complex register block) while
the other to "rcba"(root complex base address).
Bonus: add more comments and fix some indentation.
Gerd Hoffmann [Thu, 28 Jan 2016 15:08:07 +0000 (16:08 +0100)]
virtio-pci: call pci reset variant when guest requests reset.
Actually fixes linux not finding virtio 1.0 device virtqueues after
reboot. Which is new I think, any chance linux kernel virtio code
became more strict in 4.3?
Roman Kagan [Wed, 17 Feb 2016 18:25:33 +0000 (21:25 +0300)]
i386: populate floppy drive information in DSDT
On x86-based systems Linux determines the presence and the type of
floppy drives via a query of a CMOS field. So does SeaBIOS when
populating the return data for int 0x13 function 0x08.
However Windows doesn't do it. Instead, it requests this information
from BIOS via int 0x13/0x08 or through ACPI objects _FDE (Floppy Drive
Enumerate) and _FDI (Floppy Drive Information) of the floppy controller
object. On UEFI systems only ACPI-based detection is supported.
QEMU doesn't provide those objects in its ACPI tables and as a result
floppy drives are invisible to Windows on UEFI/OVMF.
This patch adds those objects to the floppy controller in DSDT,
populating them with the information from respective QEMU objects.
Roman Kagan [Wed, 17 Feb 2016 18:25:32 +0000 (21:25 +0300)]
fdc: add function to determine drive chs limits
When populating ACPI objects for floppy drives one needs to provide the
maximum values for cylinder, sector, and head number the drive supports.
This patch adds a function that iterates through the array of predefined
floppy drive formats and returns the maximum values of c, h, s, out of
those matching the given floppy drive type.
Roman Kagan [Wed, 17 Feb 2016 18:25:30 +0000 (21:25 +0300)]
i386/acpi: make floppy controller object dynamic
Instead of statically declaring the floppy controller in DSDT, with its
_STA method depending on some obscure bit in the parent ISA bridge, add
the object dynamically to DSDT via AML API only when the controller is
present.
The _STA method is no longer necessary and is therefore dropped. So are
the declarations of the fields indicating whether the contoller is
enabled.
Igor Mammedov [Tue, 1 Mar 2016 09:40:48 +0000 (10:40 +0100)]
pc-dimm: fix error handling in pc_dimm_check_memdev_is_busy()
If host_memory_backend_get_memory() were to return error and
NULL MemoryRegion, pc_dimm_check_memdev_is_busy() would crash
dereferencing NULL pointer in memory_region_is_mapped().
But if error is set and non NULL MemoryRegion is returned
then error_setg() will fail with "error already set" assertion
in error_setv()
To avoid above issues use typical error handling pattern
for property setters:
Ladi Prosek [Tue, 1 Mar 2016 11:14:03 +0000 (12:14 +0100)]
balloon: fix segfault and harden the stats queue
The segfault here is triggered by the driver notifying the stats queue
twice after adding a buffer to it. This effectively resets stats_vq_elem
back to NULL and QEMU crashes on the next stats timer tick in
balloon_stats_poll_cb.
This is a regression introduced in 51b19ebe4320f3dc, although admittedly
the device assumed too much about the stats queue protocol even before
that commit. This commit adds a few more checks and ensures that the one
stats buffer gets deallocated on device reset.
acpi: add build_append_named_dword, returning an offset in buffer
This is a very limited form of support for runtime patching -
similar in functionality to what we can do with ACPI_EXTRACT
macros in python, but implemented in C.
This is to allow ACPI code direct access to data tables -
which is exactly what DataTableRegion is there for, except
no known windows release so far implements DataTableRegion.
Peter Maydell [Thu, 10 Mar 2016 02:51:14 +0000 (02:51 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20160309-1' into staging
add linux evdev support, vnc and console fixes.
# gpg: Signature made Wed 09 Mar 2016 09:02:47 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <[email protected]>"
# gpg: aka "Gerd Hoffmann <[email protected]>"
# gpg: aka "Gerd Hoffmann (private) <[email protected]>"
* remotes/kraxel/tags/pull-ui-20160309-1:
ui/console: add escape sequence \e[5, 6n
input-linux: add switch to enable auto-repeat events
input-linux: add option to toggle grab on all devices
input: linux evdev support
vnc: send cursor when a new client is connecting
Ren Kimura [Tue, 8 Mar 2016 19:51:21 +0000 (04:51 +0900)]
ui/console: add escape sequence \e[5, 6n
Add support of escape sequence "\e[5n" and "\e[6n" to console.
"\e[5n" reports status of console and it always succeed
in virtual console.
"\e[6n" reports now cursor position in console.
Peter Maydell [Wed, 9 Mar 2016 00:44:43 +0000 (00:44 +0000)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-fw-cfg-20160308-1' into staging
acpi: add fw_cfg device node to dsdt
# gpg: Signature made Tue 08 Mar 2016 11:15:42 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <[email protected]>"
# gpg: aka "Gerd Hoffmann <[email protected]>"
# gpg: aka "Gerd Hoffmann (private) <[email protected]>"
* remotes/kraxel/tags/pull-fw-cfg-20160308-1:
tests: update acpi test data
fw_cfg: document ACPI device node information
acpi: arm: add fw_cfg device node to dsdt
acpi: pc: add fw_cfg device node to dsdt
pc: fw_cfg: move ioport base constant to pc.h
fw_cfg: expose control register size in fw_cfg.h
Liang Li [Tue, 8 Mar 2016 05:53:17 +0000 (13:53 +0800)]
cutils: add avx2 instruction optimization
buffer_find_nonzero_offset() is a hot function during live migration.
Now it use SSE2 instructions for optimization. For platform supports
AVX2 instructions, use AVX2 instructions for optimization can help
to improve the performance of buffer_find_nonzero_offset() about 30%
comparing to SSE2.
Live migration can be faster with this optimization, the test result
shows that for an 8GiB RAM idle guest just boots, this patch can help
to shorten the total live migration time about 6%.
This patch use the ifunc mechanism to select the proper function when
running, for platform supports AVX2, execute the AVX2 instructions,
else, execute the original instructions.
Gerd Hoffmann [Fri, 4 Mar 2016 10:25:15 +0000 (11:25 +0100)]
input-linux: add option to toggle grab on all devices
Maintain a list of all input devices. Add an option to make grab
work across all devices (so toggling grab on the keybard can switch
over the mouse too).
Gerd Hoffmann [Fri, 4 Mar 2016 10:25:14 +0000 (11:25 +0100)]
input: linux evdev support
This patch adds support for reading input events directly from linux
evdev devices and forward them to the guest. Unlike virtio-input-host
which simply passes on all events to the guest without looking at them
this will interpret the events and feed them into the qemu input
subsystem.
Therefore this is limited to what the qemu input subsystem and the
emulated input devices are able to handle. Also there is no support for
absolute coordinates (tablet/touchscreen). So we are talking here about
basic mouse and keyboard support.
The advantage is that it'll work without virtio-input drivers in the
guest, the events are delivered to the usual ps/2 or usb input devices
(depending on what the machine happens to have). And for keyboards
qemu is able to switch the keyboard between guest and host on hotkey.
The hotkey is hard-coded for now (both control keys), initialy the
guest owns the keyboard.
Probably most useful when assigning vga devices with vfio and using a
physical monitor instead of vnc/spice/gtk as guest display.
Usage: Add '-input-linux /dev/input/event<nr>' to the qemu command
line. Note that udev has rules which populate /dev/input/by-{id,path}
with static names, which might be more convinient to use.
Gabriel L. Somlo [Fri, 19 Feb 2016 18:20:28 +0000 (13:20 -0500)]
acpi: arm: add fw_cfg device node to dsdt
Add a fw_cfg device node to the ACPI DSDT. This is mostly
informational, as the authoritative fw_cfg MMIO region(s)
are listed in the Device Tree. However, since we are building
ACPI tables, we might as well be thorough while at it...
Gabriel L. Somlo [Fri, 19 Feb 2016 18:20:27 +0000 (13:20 -0500)]
acpi: pc: add fw_cfg device node to dsdt
Add a fw_cfg device node to the ACPI DSDT. While the guest-side
firmware can't utilize this information (since it has to access
the hard-coded fw_cfg device to extract ACPI tables to begin with),
having fw_cfg listed in ACPI will help the guest kernel keep a more
accurate inventory of in-use IO port regions.
Peter Maydell [Tue, 8 Mar 2016 10:25:50 +0000 (10:25 +0000)]
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
# gpg: Signature made Tue 08 Mar 2016 07:46:08 GMT using RSA key ID 398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <[email protected]>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211
* remotes/jasowang/tags/net-pull-request:
net: check packet payload length
filter-buffer: Add status_changed callback processing
filter: Add 'status' property for filter object
rocker: allow user to specify rocker world by property
rocker: add name field into WorldOps ale let world specify its name
rocker: return -ENOMEM in case of some world alloc fails
rocker: forbid to change world type
net: netmap: probe netmap interface for virtio-net header
net: simplify net_init_tap_one logic
MAINTAINERS: Add entries for include/net/ files
net: filter: correctly remove filter from the list during finalization
net: ne2000: check ring buffer control registers
Gabriel L. Somlo [Fri, 19 Feb 2016 18:20:25 +0000 (13:20 -0500)]
fw_cfg: expose control register size in fw_cfg.h
Expose the size of the control register (FW_CFG_CTL_SIZE) in fw_cfg.h.
Add comment to fw_cfg_io_realize() pointing out that since the
8-bit data register is always subsumed by the 16-bit control
register in the port I/O case, we use the control register width
as the *total* width of the (classic, non-DMA) port I/O region reserved
for the device.
Frediano Ziglio [Wed, 2 Mar 2016 14:32:22 +0000 (14:32 +0000)]
vnc: send cursor when a new client is connecting
If you have hardware cursor and you are reconnecting the VNC client
you need to send the cursor. Failing to do so make the cursor invisible
till is changed.
While computing IP checksum, 'net_checksum_calculate' reads
payload length from the packet. It could exceed the given 'data'
buffer size. Add a check to avoid it.
While the status of filter-buffer changing from 'on' to 'off',
it need to release all the buffered packets, and delete the related
timer, while switch from 'off' to 'on', it need to resume the release
packets timer.
Here, we extract the process of setup timer into a new helper,
which will be used in the new status_changed callback.
net: netmap: probe netmap interface for virtio-net header
Previous implementation of has_ufo, has_vnet_hdr, has_vnet_hdr_len, etc.
did not really probe for virtio-net header support for the netmap
interface attached to the backend. These callbacks were correct for
VALE ports, but incorrect for hardware NICs, pipes, monitors, etc.
This patch fixes the implementation to work properly with all kinds
of netmap ports.
Paolo Bonzini [Thu, 25 Feb 2016 23:05:57 +0000 (00:05 +0100)]
net: simplify net_init_tap_one logic
net_init_tap_one receives in vhostfdname a fd name from vhostfd= or
vhostfds=, or NULL if there is no vhostfd=/vhostfds=. It is simpler
to just check vhostfdname, than it is to check for vhostfd= or
vhostfds=. This also calms down Coverity, which otherwise thinks
that monitor_fd_param could dereference a NULL vhostfdname.
Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
bytes to process network packets. Registers PSTART & PSTOP
define ring buffer size & location. Setting these registers
to invalid values could lead to infinite loop or OOB r/w
access issues. Add check to avoid it.
# gpg: Signature made Mon 07 Mar 2016 17:08:59 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <[email protected]>"
# gpg: aka "Paolo Bonzini <[email protected]>"
* remotes/bonzini/tags/for-upstream:
scsi-bus: Remove tape command from scsi_req_xfer
kvm/irqchip: use bitmap utility for gsi tracking
MAINTAINERS: Add entry for include/sysemu/kvm*.h
doc/memory.txt: correct description of MemoryRegionOps fields
doc/memory.txt: correct a logic error
icount: possible options for sleep are on or off
exec: Introduce AddressSpaceDispatch.mru_section
exec: Factor out section_covers_addr
exec: Pass RAMBlock pointer to qemu_ram_free
memory: Drop MemoryRegion.ram_addr
memory: Implement memory_region_get_ram_addr with mr->ram_block
memory: Move assignment to ram_block to memory_region_init_*
exec: Return RAMBlock pointer from allocating functions
i8257: fix Terminal Count status
log: do not log if QEMU is daemonized but without -D
Alex Pyrgiotis [Mon, 7 Mar 2016 15:50:22 +0000 (15:50 +0000)]
scsi-bus: Remove tape command from scsi_req_xfer
Remove the RECOVER_BUFFERED_DATA command from the list of commands that
are handled by scsi_req_xfer(). Given that this command is
tape-specific, it should be handled only by scsi_stream_req_xfer().
Peter Maydell [Fri, 26 Feb 2016 08:40:51 +0000 (16:40 +0800)]
doc/memory.txt: correct description of MemoryRegionOps fields
Probably what happened was that when the API was being designed it
started off with an 'aligned' field, and then later the field name
and semantics were changed but the docs weren't updated to match.
Similarly, cpu_register_io_memory() does not exist anymore, so
clarify the documentation for .old_mmio.
Fam Zheng [Tue, 1 Mar 2016 06:18:24 +0000 (14:18 +0800)]
exec: Introduce AddressSpaceDispatch.mru_section
Under heavy workloads the lookup will likely end up with the same
MemoryRegionSection from last time. Using a pointer to cache the result,
like ram_list.mru_block, significantly reduces cost of
address_space_translate.
During address space topology update, as->dispatch will be reallocated
so the pointer is invalidated automatically.
Perf reports a visible drop on the cpu usage, because phys_page_find is
not called. Before:
Fam Zheng [Tue, 1 Mar 2016 06:18:19 +0000 (14:18 +0800)]
memory: Move assignment to ram_block to memory_region_init_*
We don't force "const" qualifiers with pointers in QEMU, but it's still
good to keep a clean function interface. Assigning to mr->ram_block is
in this sense ugly - one initializer mutating its owning object's state.
Move it to memory_region_init_*, where mr->ram_addr is assigned.
When a DMA transfer is done (ie all bytes have been transfered), the corresponding
Terminal Count bit must be set in the status register.
This bit is already cleared in i8257_read_cont and i8257_write_cont when required.
This fixes (at least) floppy transfer in IBM 40p firmware, which checks in DMA
controller if everything went fine.
Paolo Bonzini [Mon, 29 Feb 2016 11:18:40 +0000 (12:18 +0100)]
log: do not log if QEMU is daemonized but without -D
Commit 96c33a4 ("log: Redirect stderr to logfile if deamonized",
2016-02-22) wanted to move stderr of a daemonized QEMU to the file
specified with -D.
However, if -D was not passed, the patch had the side effect of not
redirecting stderr to /dev/null. This happened because qemu_logfile
was set to stderr rather than the expected value of NULL. The fix
is simply in the "if" condition of do_qemu_set_log; the "if" for
closing the file is also changed to match.
Peter Maydell [Sun, 6 Mar 2016 11:53:27 +0000 (11:53 +0000)]
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2016-03-04' into staging
QAPI patches for 2016-03-04
# gpg: Signature made Sat 05 Mar 2016 09:47:19 GMT using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <[email protected]>"
# gpg: aka "Markus Armbruster <[email protected]>"
* remotes/armbru/tags/pull-qapi-2016-03-04:
qapi: Drop useless 'data' member of unions
chardev: Drop useless ChardevDummy type
qapi: Avoid use of 'data' member of QAPI unions
ui: Shorten references into InputEvent
util: Shorten references into SocketAddress
chardev: Shorten references into ChardevBackend
qapi: Update docs to match recent generator changes
qapi-visit: Expose visit_type_FOO_members()
qapi: Rename 'fields' to 'members' in generated C code
qapi: Rename 'fields' to 'members' in generator
qapi-dealloc: Reduce use outside of generated code
qmp-shell: fix pretty printing of JSON responses
Eric Blake [Thu, 3 Mar 2016 16:16:52 +0000 (09:16 -0700)]
qapi: Drop useless 'data' member of unions
We started moving away from the use of the 'void *data' member
in the C union corresponding to a QAPI union back in commit 544a373; recent commits have gotten rid of other uses. Now
that it is completely unused, we can remove the member itself
as well as the FIXME comment. Update the testsuite to drop the
negative test union-clash-data.
Eric Blake [Fri, 4 Mar 2016 15:42:40 +0000 (08:42 -0700)]
chardev: Drop useless ChardevDummy type
Commit d0d7708b made ChardevDummy be an empty wrapper type around
ChardevCommon. But there is no technical reason for this indirection,
so simplify the code by directly using the base type.
Also change the fallback assignment to assign u.null rather than
u.data, since a future patch will remove the data member of the C
struct generated for QAPI unions.
Eric Blake [Thu, 3 Mar 2016 16:16:50 +0000 (09:16 -0700)]
qapi: Avoid use of 'data' member of QAPI unions
QAPI code generators currently create a 'void *data' member as
part of the anonymous union embedded in the C struct corresponding
to a QAPI union. However, directly assigning to this member of
the union feels a bit fishy, when we can assign to another member
of the struct instead.
Eric Blake [Thu, 3 Mar 2016 16:16:49 +0000 (09:16 -0700)]
ui: Shorten references into InputEvent
An upcoming patch will alter how simple unions, like InputEvent, are
laid out, which will impact all lines of the form 'evt->u.XXX'
(expanding it to the longer 'evt->u.XXX.data'). For better
legibility in that patch, and less need for line wrapping, it's better
to use a temporary variable to reduce the effect of a layout change to
just the variable initializations, rather than every reference within
an InputEvent.
There was one instance in hid.c:hid_pointer_event() where the code
was referring to evt->u.rel inside the case label where evt->u.abs
is the correct name; thankfully, both members of the union have the
same type, so it happened to work, but it is now cleaner.
Eric Blake [Thu, 3 Mar 2016 16:16:48 +0000 (09:16 -0700)]
util: Shorten references into SocketAddress
An upcoming patch will alter how simple unions, like SocketAddress,
are laid out, which will impact all lines of the form 'addr->u.XXX'
(expanding it to the longer 'addr->u.XXX.data'). For better
legibility in that patch, and less need for line wrapping, it's better
to use a temporary variable to reduce the effect of a layout change to
just the variable initializations, rather than every reference within
a SocketAddress. Also, take advantage of some C99 initialization where
it makes sense (simplifying g_new0() to g_new()).
Eric Blake [Thu, 3 Mar 2016 16:16:47 +0000 (09:16 -0700)]
chardev: Shorten references into ChardevBackend
An upcoming patch will alter how simple unions, like ChardevBackend,
are laid out, which will impact all lines of the form 'backend->u.XXX'
(expanding it to the longer 'backend->u.XXX.data'). For better
legibility in that patch, and less need for line wrapping, it's better
to use a temporary variable to reduce the effect of a layout change to
just the variable initializations, rather than every reference within
a ChardevBackend. It doesn't hurt that this also makes the code more
consistent: some clients touched here already had a temporary variable
but weren't using it.
Eric Blake [Thu, 3 Mar 2016 16:16:46 +0000 (09:16 -0700)]
qapi: Update docs to match recent generator changes
Several commits have been changing the generator, but not updating
the docs to match:
- The implicit tag member is named "type", not "kind". Screwed up in
commit 39a1815.
- Commit 9f08c8ec made list types lazy, and thereby dropped
UserDefOneList if nothing explicitly uses the list type.
- Commit 51e72bc1 switched the parameter order with 'name' occurring
earlier.
- Commit e65d89bf changed the layout of UserDefOneList.
- Prefer the term 'member' over 'field'.
- We now expose visit_type_FOO_members() for objects.
- etc.
Rework the examples to show slightly more output (we don't want to
show too much; that's what the testsuite is for), and regenerate the
output to match all recent changes. Also, rearrange output to show
.h files before .c (understanding the interface first often makes
the implementation easier to follow).
Eric Blake [Thu, 3 Mar 2016 16:16:45 +0000 (09:16 -0700)]
qapi-visit: Expose visit_type_FOO_members()
Dan Berrange reported a case where he needs to work with a
QCryptoBlockOptions union type using the OptsVisitor, but only
visit one of the branches of that type (the discriminator is not
visited directly, but learned externally). When things were
boxed, it was easy: just visit the variant directly, which took
care of both allocating the variant and visiting its members, then
store that pointer in the union type. But now that things are
unboxed, we need a way to visit the members without allocation,
done by exposing visit_type_FOO_members() to the user.
Before the patch, we had quite a bit of code associated with
object_members_seen to make sure that a declaration of the helper
was in scope before any use of the function. But now that the
helper is public and declared in the header, the .c file no
longer needs to worry about topological sorting (the helper is
always in scope), which leads to some nice cleanups.
Eric Blake [Thu, 3 Mar 2016 16:16:44 +0000 (09:16 -0700)]
qapi: Rename 'fields' to 'members' in generated C code
C types and JSON objects don't have fields, but members. We
shouldn't gratuitously invent terminology. This patch is a
strict renaming of static genarated functions, plus the naming
of the dummy filler member for empty structs, before the next
patch exposes some of that naming to the rest of the code base.
Eric Blake [Thu, 3 Mar 2016 16:16:43 +0000 (09:16 -0700)]
qapi: Rename 'fields' to 'members' in generator
C types and JSON objects don't have fields, but members. We
shouldn't gratuitously invent terminology. This patch is a
strict renaming of generator code internals (including testsuite
comments), before later patches rename C interfaces.
Eric Blake [Tue, 23 Feb 2016 21:14:33 +0000 (14:14 -0700)]
qapi-dealloc: Reduce use outside of generated code
No need to roll our own use of the dealloc visitors when we can
just directly use the qapi_free_FOO() functions that do what we
want in one line.
In net.c, inline net_visit() into its remaining lone caller.
After this patch, test-visitor-serialization.c is the only
non-generated file that needs to use a dealloc visitor, because
it is testing low level aspects of the visitor interface.
Pretty printing of JSON responses is important to be able to understand
large responses from query commands in particular. Unfortunately this
was broken during the addition of the verbose flag in
This is because that change turned the python data structure into a
formatted JSON string before the pretty print was given it. So we're
just pretty printing a string, which is a no-op.
The original pretty printer would output python objects.
This fixes the problem by switching to outputting pretty formatted JSON
text instead. This has the added benefit that the pretty printed output
is now valid JSON text. Due to the way the verbose flag was handled, the
pretty printing now applies to the command sent, as well as its response:
Peter Maydell [Fri, 4 Mar 2016 11:46:32 +0000 (11:46 +0000)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160304' into staging
target-arm queue:
* Correct handling of writes to CPSR from gdbstub in user mode
* virt: lift maximum RAM limit to 255GB
* sdhci: implement reset
* virt: if booting in Secure mode, provide secure-only RAM, make first
flash device secure-only, and assume the EL3 boot rom will handle PSCI
* bcm2835: use explicit endianness accessors rather than ldl/stl_phys
* support big-endian in system mode for ARM
* implement SETEND instruction
* arm_gic: implement the GICv2 GICC_DIR register
* fix SRS bug: only trap from S-EL1 to EL3 if specified mode is Mon
* remotes/pmaydell/tags/pull-target-arm-20160304: (30 commits)
target-arm: Only trap SRS from S-EL1 if specified mode is MON
hw/intc/arm_gic.c: Implement GICv2 GICC_DIR
arm: boot: Support big-endian elfs
loader: Add data swap option to load-elf
loader: load_elf(): Add doc comment
loader: add API to load elf header
target-arm: implement BE32 mode in system emulation
target-arm: implement setend
target-arm: introduce tbflag for endianness
target-arm: a64: Add endianness support
target-arm: introduce disas flag for endianness
target-arm: pass DisasContext to gen_aa32_ld*/st*
target-arm: implement SCTLR.EE
linux-user: arm: handle CPSR.E correctly in strex emulation
linux-user: arm: set CPSR.E/SCTLR.E0E correctly for BE mode
arm: cpu: handle BE32 user-mode as BE
target-arm: cpu: Move cpu_is_big_endian to header
target-arm: implement SCTLR.B, drop bswap_code
linux-user: arm: pass env to get_user_code_*
linux-user: arm: fix coding style for some linux-user signal functions
...
target-arm: Only trap SRS from S-EL1 if specified mode is MON
Commit cbc0326b6fb9 caused SRS instructions executed from Secure
EL1 to trap to EL3 even if the specified mode was not monitor mode.
According to the ARMv8 Architecture reference manual [F6.1.203], ALL
of the following conditions need to be met for SRS to trap to EL3:
* It is executed at Secure PL1.
* The specified mode is monitor mode.
* EL3 is using AArch64.
Correct the condition governing the trap to EL3 to check the
specified mode.
Peter Maydell [Fri, 4 Mar 2016 11:30:22 +0000 (11:30 +0000)]
hw/intc/arm_gic.c: Implement GICv2 GICC_DIR
The GICv2 introduces a new CPU interface register GICC_DIR, which
allows an OS to split the "priority drop" and "deactivate interrupt"
parts of interrupt completion. Implement this register.
(Note that the register is at offset 0x1000 in the CPU interface,
which means it is on a different 4K page from all the other registers.)
Support ARM big-endian ELF files in system-mode emulation. When loading
an elf, determine the endianness mode expected by the elf, and set the
relevant CPU state accordingly.
With this, big-endian modes are now fully supported via system-mode LE,
so there is no need to restrict the elf loading to the TARGET
endianness so the ifdeffery on TARGET_WORDS_BIGENDIAN goes away.
Some CPUs are of an opposite data-endianness to other components in the
system. Sometimes elfs have the data sections layed out with this CPU
data-endianness accounting for when loaded via the CPU, so byte swaps
(relative to other system components) will occur.
The leading example, is ARM's BE32 mode, which is is basically LE with
address manipulation on half-word and byte accesses to access the
hw/byte reversed address. This means that word data is invariant
across LE and BE32. This also means that instructions are still LE.
The expectation is that the elf will be loaded via the CPU in this
endianness scheme, which means the data in the elf is reversed at
compile time.
As QEMU loads via the system memory directly, rather than the CPU, we
need a mechanism to reverse elf data endianness to implement this
possibility.
Add an API to load an elf header header from a file. Populates a
buffer with the header contents, as well as a boolean for whether the
elf is 64b or not. Both arguments are optional.
Paolo Bonzini [Fri, 4 Mar 2016 11:30:21 +0000 (11:30 +0000)]
target-arm: implement BE32 mode in system emulation
System emulation only has a little-endian target; BE32 mode
is implemented by adjusting the low bits of the address
for every byte and halfword load and store. 64-bit accesses
flip the low and high words.
Paolo Bonzini [Fri, 4 Mar 2016 11:30:20 +0000 (11:30 +0000)]
target-arm: introduce disas flag for endianness
Introduce a disas flag for setting the CPU data endianness. This allows
control of the endianness from the CPU state rather than hard-coding it
to TARGET_WORDS_BIGENDIAN.
Signed-off-by: Paolo Bonzini <[email protected]>
[ PC changes:
* Split off as new patch from original:
"target-arm: introduce tbflag for CPSR.E"
* Wrote commit message from scratch
] Reviewed-by: Peter Maydell <[email protected]> Signed-off-by: Peter Crosthwaite <[email protected]> Signed-off-by: Peter Maydell <[email protected]>
projects / qemu.git / log