1. 06 3月, 2017 1 次提交
  2. 05 3月, 2017 1 次提交
    • P
      Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.9-20170303' into staging · 17783ac8
      Peter Maydell 提交于
      ppc patch queuye for 2017-03-03
      
      This will probably be my last pull request before the hard freeze.  It
      has some new work, but that has all been posted in draft before the
      soft freeze, so I think it's reasonable to include in qemu-2.9.
      
      This batch has:
          * A substantial amount of POWER9 work
              * Implements the legacy (hash) MMU for POWER9
      	* Some more preliminaries for implementing the POWER9 radix
                MMU
      	* POWER9 has_work
      	* Basic POWER9 compatibility mode handling
      	* Removal of some premature tests
          * Some cleanups and fixes to the existing MMU code to make the
            POWER9 work simpler
          * A bugfix for TCG multiply adds on power
          * Allow pseries guests to access PCIe extended config space
      
      This also includes a code-motion not strictly in ppc code - moving
      getrampagesize() from ppc code to exec.c.  This will make some future
      VFIO improvements easier, Paolo said it was ok to merge via my tree.
      
      # gpg: Signature made Fri 03 Mar 2017 03:20:36 GMT
      # gpg:                using RSA key 0x6C38CACA20D9B392
      # gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
      # gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
      # gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
      # gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
      # Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392
      
      * remotes/dgibson/tags/ppc-for-2.9-20170303:
        target/ppc: rewrite f[n]m[add,sub] using float64_muladd
        spapr: Small cleanup of PPC MMU enums
        spapr_pci: Advertise access to PCIe extended config space
        target/ppc: Rework hash mmu page fault code and add defines for clarity
        target/ppc: Move no-execute and guarded page checking into new function
        target/ppc: Add execute permission checking to access authority check
        target/ppc: Add Instruction Authority Mask Register Check
        hw/ppc/spapr: Add POWER9 to pseries cpu models
        target/ppc/POWER9: Add cpu_has_work function for POWER9
        target/ppc/POWER9: Add POWER9 pa-features definition
        target/ppc/POWER9: Add POWER9 mmu fault handler
        target/ppc: Don't gen an SDR1 on POWER9 and rework register creation
        target/ppc: Add patb_entry to sPAPRMachineState
        target/ppc/POWER9: Add POWERPC_MMU_V3 bit
        powernv: Don't test POWER9 CPU yet
        exec, kvm, target-ppc: Move getrampagesize() to common code
        target/ppc: Add POWER9/ISAv3.00 to compat_table
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      17783ac8
  3. 04 3月, 2017 4 次提交
    • P
      ppc: avoid typedef redefinitions · eeb61d4f
      Paolo Bonzini 提交于
      These cause compilation failures on CentOS 6 or other operating
      systems with older GCCs.
      
      Cc: David Gibson <dgibson@redhat.com>
      Cc: qemu-ppc@nongnu.org
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      Message-id: 1488558530-21016-3-git-send-email-pbonzini@redhat.com
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      eeb61d4f
    • P
      nios2: avoid anonymous unions in designated initializers. · 4ae4b609
      Paolo Bonzini 提交于
      These cause compilation failures on CentOS 6 or other operating
      systems with older GCCs.
      
      Cc: Richard Henderson <rth@twiddle.net>
      Cc: Peter Maydell <peter.maydell@linaro.org>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      4ae4b609
    • P
      hppa: avoid anonymous unions in designated initializers. · eff235eb
      Paolo Bonzini 提交于
      These cause compilation failures on CentOS 6 or other operating
      systems with older GCCs.
      
      Cc: Richard Henderson <rth@twiddle.net>
      Cc: Peter Maydell <peter.maydell@linaro.org>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      Reviewed-by: NRichard Henderson <rth@twiddle.net>
      Message-id: 1488558530-21016-1-git-send-email-pbonzini@redhat.com
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      eff235eb
    • P
      Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging · 5febe767
      Peter Maydell 提交于
      * kernel header update (requested by David and Vijay)
      * GuestPanicInformation fixups (Anton)
      * record/replay icount fixes (Pavel)
      * cpu-exec cleanup, unification of icount_decr with tcg_exit_req (me)
      * KVM_CAP_IMMEDIATE_EXIT support (me)
      * vmxcap update (me)
      * iscsi locking fix (me)
      * VFIO ram device fix (Yongji)
      * scsi-hd vs. default CD-ROM (Hervé)
      * SMI migration fix (Dave)
      * spice-char segfault (Li Qiang)
      * improved "info mtree -f" (me)
      
      # gpg: Signature made Fri 03 Mar 2017 15:43:04 GMT
      # gpg:                using RSA key 0xBFFBD25F78C7AE83
      # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
      # gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
      # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
      #      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83
      
      * remotes/bonzini/tags/for-upstream: (21 commits)
        iscsi: fix missing unlock
        memory: show region offset and ROM/RAM type in "info mtree -f"
        x86: Work around SMI migration breakages
        spice-char: fix segfault in char_spice_finalize
        vl: disable default cdrom when using explicitely scsi-hd
        memory: Introduce DEVICE_HOST_ENDIAN for ram device
        qmp-events: fix GUEST_PANICKED description formatting
        qapi: flatten GuestPanicInformation union
        vmxcap: update for September 2016 SDM
        vmxcap: port to Python 3
        KVM: use KVM_CAP_IMMEDIATE_EXIT
        kvm: use atomic_read/atomic_set to access cpu->exit_request
        KVM: move SIG_IPI handling to kvm-all.c
        KVM: do not use sigtimedwait to catch SIGBUS
        KVM: remove kvm_arch_on_sigbus
        cpus: reorganize signal handling code
        KVM: x86: cleanup SIGBUS handlers
        cpus: remove ugly cast on sigbus_handler
        cpu-exec: remove unnecessary check of cpu->exit_request
        replay: check icount in cpu exec loop
        ...
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      5febe767
  4. 03 3月, 2017 34 次提交
    • P
      iscsi: fix missing unlock · f6eb0b31
      Paolo Bonzini 提交于
      Reported by Coverity.
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      f6eb0b31
    • P
      memory: show region offset and ROM/RAM type in "info mtree -f" · 377a07aa
      Paolo Bonzini 提交于
      "info mtree -f" output is currently hard to use for large RAM regions, because
      there is no hint as to what part of the region is being mapped.  Add the offset
      if it is nonzero.
      
      Secondly, FlatView has a readonly field, that can override the MemoryRegion
      in the presence of aliases.  Take it into account.
      
      Together, with this patch this:
      
      address-space (flat view): KVM-SMRAM
        0000000000000000-00000000000bffff (prio 0, ram): pc.ram
        00000000000c0000-00000000000c9fff (prio 0, ram): pc.ram
        00000000000ca000-00000000000ccfff (prio 0, ram): pc.ram
        00000000000cd000-00000000000ebfff (prio 0, ram): pc.ram
        00000000000ec000-00000000000effff (prio 0, ram): pc.ram
        00000000000f0000-00000000000fffff (prio 0, ram): pc.ram
        0000000000100000-00000000bfffffff (prio 0, ram): pc.ram
        00000000fd000000-00000000fdffffff (prio 1, ram): vga.vram
        00000000febc0000-00000000febdffff (prio 1, i/o): e1000-mmio
        00000000febf0400-00000000febf041f (prio 0, i/o): vga ioports remapped
        00000000febf0500-00000000febf0515 (prio 0, i/o): bochs dispi interface
        00000000febf0600-00000000febf0607 (prio 0, i/o): qemu extended regs
        00000000fec00000-00000000fec00fff (prio 0, i/o): kvm-ioapic
        00000000fed00000-00000000fed003ff (prio 0, i/o): hpet
        00000000fee00000-00000000feefffff (prio 4096, i/o): kvm-apic-msi
        00000000fffc0000-00000000ffffffff (prio 0, rom): pc.bios
        0000000100000000-000000013fffffff (prio 0, ram): pc.ram
      
      becomes this:
      
      address-space (flat view): KVM-SMRAM
        0000000000000000-00000000000bffff (prio 0, ram): pc.ram
        00000000000c0000-00000000000c9fff (prio 0, rom): pc.ram @00000000000c0000
        00000000000ca000-00000000000ccfff (prio 0, ram): pc.ram @00000000000ca000
        00000000000cd000-00000000000ebfff (prio 0, rom): pc.ram @00000000000cd000
        00000000000ec000-00000000000effff (prio 0, ram): pc.ram @00000000000ec000
        00000000000f0000-00000000000fffff (prio 0, rom): pc.ram @00000000000f0000
        0000000000100000-00000000bfffffff (prio 0, ram): pc.ram @0000000000100000
        00000000fd000000-00000000fdffffff (prio 1, ram): vga.vram
        00000000febc0000-00000000febdffff (prio 1, i/o): e1000-mmio
        00000000febf0400-00000000febf041f (prio 0, i/o): vga ioports remapped
        00000000febf0500-00000000febf0515 (prio 0, i/o): bochs dispi interface
        00000000febf0600-00000000febf0607 (prio 0, i/o): qemu extended regs
        00000000fec00000-00000000fec00fff (prio 0, i/o): kvm-ioapic
        00000000fed00000-00000000fed003ff (prio 0, i/o): hpet
        00000000fee00000-00000000feefffff (prio 4096, i/o): kvm-apic-msi
        00000000fffc0000-00000000ffffffff (prio 0, rom): pc.bios
        0000000100000000-000000013fffffff (prio 0, ram): pc.ram @00000000c0000000
      
      This should make it easier to understand what's going on.
      
      Cc: Peter Xu <peterx@redhat.com>
      Cc: "William Tambe" <tambewilliam@gmail.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      377a07aa
    • D
      x86: Work around SMI migration breakages · fc3a1fd7
      Dr. David Alan Gilbert 提交于
      Migration from a 2.3.0 qemu results in a reboot on the receiving QEMU
      due to a disagreement about SM (System management) interrupts.
      
      2.3.0 didn't have much SMI support, but it did set CPU_INTERRUPT_SMI
      and this gets into the migration stream, but on 2.3.0 it
      never got delivered.
      
      ~2.4.0 SMI interrupt support was added but was broken - so
      that when a 2.3.0 stream was received it cleared the CPU_INTERRUPT_SMI
      but never actually caused an interrupt.
      
      The SMI delivery was recently fixed by 68c6efe0, but the
      effect now is that an incoming 2.3.0 stream takes the interrupt it
      had flagged but it's bios can't actually handle it(I think
      partly due to the original interrupt not being taken during boot?).
      The consequence is a triple(?) fault and a reboot.
      
      Tested from:
        2.3.1 -M 2.3.0
        2.7.0 -M 2.3.0
        2.8.0 -M 2.3.0
        2.8.0 -M 2.8.0
      
      This corresponds to RH bugzilla entry 1420679.
      Signed-off-by: NDr. David Alan Gilbert <dgilbert@redhat.com>
      Message-Id: <20170223133441.16010-1-dgilbert@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      fc3a1fd7
    • L
      spice-char: fix segfault in char_spice_finalize · f20e6f8c
      Li Qiang 提交于
      In 'qemu_chr_open_spice_vmc' if the 'psubtype' is NULL, it will
      call 'char_spice_finalize'. But as the SpiceChardev is not inserted
      in the 'spice_chars' list, the 'QLIST_REMOVE' will cause a segfault.
      Add a detect to avoid it.
      Signed-off-by: NLi Qiang <liqiang6-s@360.cn>
      Message-Id: <1487665107-88004-1-git-send-email-liqiang6-s@360.cn>
      Reviewed-by: NMarc-André Lureau <marcandre.lureau@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      Signed-off-by: NLi Qiang <liq3ea@gmail.com>
      f20e6f8c
    • H
      vl: disable default cdrom when using explicitely scsi-hd · f6f99b48
      Hervé Poussineau 提交于
      In commit af6bf132 (May 2011),
      ide-hd, ide-cd and scsi-cd have been added to disable default cdrom,
      "or else you can't put one on secondary master without -nodefaults".
      
      Make it the same for scsi-hd, so you can put one on scsi-id 2 without
      using -nodefaults.
      scsi-hd has probably been forgotten, as it has been added in the
      preceding commit (b443ae67).
      
      Affected users are the ones using a machine with SCSI devices and start QEMU
      with -device scsi-hd but without -device scsi-cd or -cdrom
      In that case, the default cdrom device will disappear instead of being empty.
      Signed-off-by: NHervé Poussineau <hpoussin@reactos.org>
      Message-Id: <1487623279-29930-1-git-send-email-hpoussin@reactos.org>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      f6f99b48
    • Y
      memory: Introduce DEVICE_HOST_ENDIAN for ram device · c99a29e7
      Yongji Xie 提交于
      At the moment ram device's memory regions are DEVICE_NATIVE_ENDIAN. It's
      incorrect. This memory region is backed by a MMIO area in host, so the
      uint64_t data that MemoryRegionOps read from/write to this area should be
      host-endian rather than target-endian. Hence, current code does not work
      when target and host endianness are different which is the most common case
      on PPC64. To fix it, this introduces DEVICE_HOST_ENDIAN for the ram device.
      
      This has been tested on PPC64 BE/LE host/guest in all possible combinations
      including TCG.
      Suggested-by: NPaolo Bonzini <pbonzini@redhat.com>
      Signed-off-by: NYongji Xie <xyjxie@linux.vnet.ibm.com>
      Message-Id: <1488171164-28319-1-git-send-email-xyjxie@linux.vnet.ibm.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      c99a29e7
    • A
      qmp-events: fix GUEST_PANICKED description formatting · 11953be7
      Anton Nefedov 提交于
      Signed-off-by: NAnton Nefedov <anton.nefedov@virtuozzo.com>
      Signed-off-by: NDenis V. Lunev <den@openvz.org>
      CC: Paolo Bonzini <pbonzini@redhat.com>
      CC: Eric Blake <eblake@redhat.com>
      Message-Id: <1487614915-18710-4-git-send-email-den@openvz.org>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      11953be7
    • A
      qapi: flatten GuestPanicInformation union · e8ed97a6
      Anton Nefedov 提交于
      Signed-off-by: NAnton Nefedov <anton.nefedov@virtuozzo.com>
      Signed-off-by: NDenis V. Lunev <den@openvz.org>
      CC: Paolo Bonzini <pbonzini@redhat.com>
      CC: Eric Blake <eblake@redhat.com>
      Message-Id: <1487614915-18710-3-git-send-email-den@openvz.org>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      e8ed97a6
    • P
      vmxcap: update for September 2016 SDM · 025533f6
      Paolo Bonzini 提交于
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      025533f6
    • P
      vmxcap: port to Python 3 · c3e31eaa
      Paolo Bonzini 提交于
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      c3e31eaa
    • P
      KVM: use KVM_CAP_IMMEDIATE_EXIT · cf0f7cf9
      Paolo Bonzini 提交于
      The purpose of the KVM_SET_SIGNAL_MASK API is to let userspace "kick"
      a VCPU out of KVM_RUN through a POSIX signal.  A signal is attached
      to a dummy signal handler; by blocking the signal outside KVM_RUN and
      unblocking it inside, this possible race is closed:
      
                VCPU thread                     service thread
         --------------------------------------------------------------
              check flag
                                                set flag
                                                raise signal
              (signal handler does nothing)
              KVM_RUN
      
      However, one issue with KVM_SET_SIGNAL_MASK is that it has to take
      tsk->sighand->siglock on every KVM_RUN.  This lock is often on a
      remote NUMA node, because it is on the node of a thread's creator.
      Taking this lock can be very expensive if there are many userspace
      exits (as is the case for SMP Windows VMs without Hyper-V reference
      time counter).
      
      KVM_CAP_IMMEDIATE_EXIT provides an alternative, where the flag is
      placed directly in kvm_run so that KVM can see it:
      
                VCPU thread                     service thread
         --------------------------------------------------------------
                                                raise signal
              signal handler
                set run->immediate_exit
              KVM_RUN
                check run->immediate_exit
      
      The previous patches changed QEMU so that the only blocked signal is
      SIG_IPI, so we can now stop using KVM_SET_SIGNAL_MASK and sigtimedwait
      if KVM_CAP_IMMEDIATE_EXIT is available.
      
      On a 14-VCPU guest, an "inl" operation goes down from 30k to 6k on
      an unlocked (no BQL) MemoryRegion, or from 30k to 15k if the BQL
      is involved.
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      cf0f7cf9
    • P
      c5c6679d
    • P
      KVM: move SIG_IPI handling to kvm-all.c · 18268b60
      Paolo Bonzini 提交于
      This lets us remove a bunch of CONFIG_LINUX defines.
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      18268b60
    • P
      KVM: do not use sigtimedwait to catch SIGBUS · 2ae41db2
      Paolo Bonzini 提交于
      Call kvm_on_sigbus_vcpu asynchronously from the VCPU thread.
      Information for the SIGBUS can be stored in thread-local variables
      and processed later in kvm_cpu_exec.
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      2ae41db2
    • P
      KVM: remove kvm_arch_on_sigbus · 4d39892c
      Paolo Bonzini 提交于
      Build it on kvm_arch_on_sigbus_vcpu instead.  They do the same
      for "action optional" SIGBUSes, and the main thread should never get
      "action required" SIGBUSes because it blocks the signal.
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      4d39892c
    • P
      cpus: reorganize signal handling code · a16fc07e
      Paolo Bonzini 提交于
      Move the KVM "eat signals" code under CONFIG_LINUX, in preparation
      for moving it to kvm-all.c; reraise non-MCE SIGBUS immediately,
      without passing it to KVM.
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      a16fc07e
    • P
      KVM: x86: cleanup SIGBUS handlers · 20e0ff59
      Paolo Bonzini 提交于
      This patch should have no semantic change.
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      20e0ff59
    • P
      cpus: remove ugly cast on sigbus_handler · d98d4072
      Paolo Bonzini 提交于
      The cast is there because sigbus_handler is invoked via sigfd_handler.
      But it feels just wrong to use struct qemu_signalfd_siginfo in the
      prototype of a function that is passed to sigaction.
      
      Instead, do a simple-minded conversion of qemu_signalfd_siginfo to
      siginfo_t.
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      d98d4072
    • P
      Merge branch 'icount-update' into HEAD · 30f3dda2
      Paolo Bonzini 提交于
      Merge the original development branch due to breakage caused by the
      MTTCG merge.
      
      Conflicts:
      	cpu-exec.c
      	translate-common.c
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      30f3dda2
    • P
      Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging · 5b10b94b
      Peter Maydell 提交于
      NUMA documentation update
      
      # gpg: Signature made Fri 03 Mar 2017 13:11:25 GMT
      # gpg:                using RSA key 0x2807936F984DC5A6
      # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
      # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6
      
      * remotes/ehabkost/tags/numa-pull-request:
        qemu-options: Rewrite -numa documentation
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      5b10b94b
    • P
      Merge remote-tracking branch 'remotes/dgibson/tags/submodule-update-20170303' into staging · 9a17d327
      Peter Maydell 提交于
      submodule updates (SLOF & dtc) 2017-03-03
      
      This set of patches updates the SLOF and dtc submodules for qemu-2.9.
      
      The SLOF update could have gone in my ppc pull request earlier today,
      but I forgot it.  It should be safe to apply in either order with that
      set though.
      
      The dtc (and libfdt) update brings us up to dtc 1.4.3 which includes
      some things that will be useful in future.
      
      # gpg: Signature made Fri 03 Mar 2017 06:29:31 GMT
      # gpg:                using RSA key 0x6C38CACA20D9B392
      # gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
      # gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
      # gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
      # gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>"
      # Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392
      
      * remotes/dgibson/tags/submodule-update-20170303:
        Update dtc submodule to v1.4.3
        pseries: Update SLOF firmware image
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      9a17d327
    • E
      qemu-options: Rewrite -numa documentation · 4b9a5dd7
      Eduardo Habkost 提交于
      Rewrite the -numa documentation to clarify what exactly it does.
      Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
      Message-Id: <20170123180632.28942-3-ehabkost@redhat.com>
      Reviewed-by: NIgor Mammedov <imammedo@redhat.com>
      Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
      4b9a5dd7
    • P
      Merge remote-tracking branch 'remotes/berrange/tags/pull-qio-2017-02-27-2' into staging · 1ec2dca6
      Peter Maydell 提交于
      Merge qio 2017/02/27 v2
      
      # gpg: Signature made Thu 02 Mar 2017 16:09:27 GMT
      # gpg:                using RSA key 0xBE86EBB415104FDF
      # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
      # gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"
      # Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF
      
      * remotes/berrange/tags/pull-qio-2017-02-27-2:
        io: fully parse & validate HTTP headers for websocket protocol handshake
        tests: fix leaks in test-io-channel-command
        io: fix decoding when multiple websockets frames arrive at once
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      1ec2dca6
    • P
      dtc: Revert unintentional submodule downgrade from commit 077dd742 · 508e038a
      Peter Maydell 提交于
      Commit 077dd742 inadvertently downgraded the 'dtc' submodule,
      undoing the increment added in commit 6e85fce0. Revert this,
      returning the submodule state to where we should be.
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      508e038a
    • P
      Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging · 9a81b792
      Peter Maydell 提交于
      virtio, pc: fixes, features
      
      virtio support for region caches broke a bunch of stuff - fixing most of
      it though it's not ideal.  Still pondering the right way to fix it.
      New: VM gen ID and hotplug for PXB.
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      
      # gpg: Signature made Thu 02 Mar 2017 06:19:17 GMT
      # gpg:                using RSA key 0x281F0DB8D28D5469
      # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
      # gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
      # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
      #      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469
      
      * remotes/mst/tags/for_upstream:
        hw/pxb-pcie: fix PCI Express hotplug support
        tests/acpi: update DSDT after last patch
        acpi: simplify _OSC
        virtio: unbreak virtio-pci with IOMMU after caching ring translations
        virtio: add missing region cache init in virtio_load()
        virtio: invalidate memory in vring_set_avail_event()
        virtio: guard vring access when setting notification
        virtio: check for vring setup in virtio_queue_empty
        MAINTAINERS: Add VM Generation ID entries
        tests: Move reusable ACPI code into a utility file
        qmp/hmp: add query-vm-generation-id and 'info vm-generation-id' commands
        ACPI: Add Virtual Machine Generation ID support
        ACPI: Add vmgenid blob storage to the build tables
        docs: VM Generation ID device description
        linker-loader: Add new 'write pointer' command
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      9a81b792
    • D
      Update dtc submodule to v1.4.3 · 125a9cb8
      David Gibson 提交于
      Since the last submodule update (which was v1.4.2) dtc and libfdt have
      gained some features which would be useful in qemu.  There's now a v1.4.3
      upstream release, so update our submodule to point to it.
      Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
      125a9cb8
    • A
      pseries: Update SLOF firmware image · a438fa12
      Alexey Kardashevskiy 提交于
      Various fixes in this update, the full list is:
      
        > qemu-bootlist: Take the "-boot strict=off" setting properly into account
        > virtio-scsi: initialize vring avail queue buffers
        > virtio: Remove global variables in block and 9p driver
        > Remove superfluous checkpoints in tree.fs
        > Provide "write" function in the disk-label package
        > virtio: Implement block write support
        > scsi: Add SCSI block write support
        > deblocker: Add a 'write' function
        > virtio-scsi: Fix descriptor order for SCSI WRITE commands
        > board-qemu: Add a possibility to use hvterm input instead of USB keyboard
        > Do not try to use virtio-gpu in VGA mode
        > virtio: Fix stack comment of virtio-blk-read
        > envvar: Do not read default values for /options from the NVRAM anymore
        > envvar: Set properties in /options during "(set-defaults)"
      Signed-off-by: NAlexey Kardashevskiy <aik@ozlabs.ru>
      Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
      a438fa12
    • N
      target/ppc: rewrite f[n]m[add,sub] using float64_muladd · 992d7e97
      Nikunj A Dadhania 提交于
      Use the softfloat api for fused multiply-add.
      Introduce routine to set the FPSCR flags VXNAN, VXIMZ nad VMISI.
      Signed-off-by: NNikunj A Dadhania <nikunj@linux.vnet.ibm.com>
      Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
      992d7e97
    • S
      spapr: Small cleanup of PPC MMU enums · ec975e83
      Sam Bobroff 提交于
      The PPC MMU types are sometimes treated as if they were a bit field
      and sometime as if they were an enum which causes maintenance
      problems: flipping bits in the MMU type (which is done on both the 1TB
      segment and 64K segment bits) currently produces new MMU type
      values that are not handled in every "switch" on it, sometimes causing
      an abort().
      
      This patch provides some macros that can be used to filter out the
      "bit field-like" bits so that the remainder of the value can be
      switched on, like an enum. This allows removal of all of the
      "degraded" types from the list and should ease maintenance.
      Signed-off-by: NSam Bobroff <sam.bobroff@au1.ibm.com>
      Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
      ec975e83
    • D
      spapr_pci: Advertise access to PCIe extended config space · bb998645
      David Gibson 提交于
      The (paravirtual) PCI host bridge on the 'pseries' machine in most
      regards acts like a regular PCI bus, rather than a PCIe bus.  Despite
      this, though, it does allow access to the PCIe extended config space.
      
      We already implemented the RTAS methods to allow this access.. but
      forgot to put the markers into the device tree so that guest's know it
      is there.  This adds them in.
      
      With this, a pseries guest is able to view extended config space on
      (for example an e1000e device.  This should be enough to allow guests
      to use at least some PCIe devices.
      Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
      bb998645
    • S
      target/ppc: Rework hash mmu page fault code and add defines for clarity · da82c73a
      Suraj Jitindar Singh 提交于
      The hash mmu page fault handling code is responsible for generating ISIs
      and DSIs when access permissions cause an access to fail. Part of this
      involves setting the srr1 or dsisr registers to indicate what causes the
      access to fail. Add defines for the bit fields of these registers and
      rework the code to use these new defines in order to improve readability
      and code clarity.
      
      While we're here, update what is logged when an access fails to include
      information as to what caused to access to fail for debug purposes.
      Signed-off-by: NSuraj Jitindar Singh <sjitindarsingh@gmail.com>
      [dwg: Moved constants to cpu.h since they're not MMUv3 specific]
      Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
      da82c73a
    • S
      target/ppc: Move no-execute and guarded page checking into new function · 07a68f99
      Suraj Jitindar Singh 提交于
      A pte entry has bit fields which can be used to make a page no-execute or
      guarded, if either of these bits are set then an instruction access to this
      page will fail. Currently these bits are checked with the pp_prot function
      however the ISA specifies that the access authority controlled by the
      key-pp value pair should only be checked on an instruction access after
      the no-execute and guard bits have already been verified to permit the
      access.
      
      Move the no-execute and guard bit checking into a new separate function.
      Note that we can remove the check for the no-execute bit in the slb entry
      since this check was already performed above when we obtained the slb
      entry.
      
      In the event that the no-execute or guard bits are set, an ISI should be
      generated with the SRR1_NOEXEC_GUARD (0x10000000) bit set in srr1. Add a
      define for this for clarity.
      Signed-off-by: NSuraj Jitindar Singh <sjitindarsingh@gmail.com>
      [dwg: Move constants to cpu.h since they're not MMUv3 specific]
      Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
      07a68f99
    • S
      target/ppc: Add execute permission checking to access authority check · 347a5c73
      Suraj Jitindar Singh 提交于
      Basic storage protection defines various access authority permissions
      based on a slb storage key and pte pp value pair. This access authority
      defines read, write and execute permissions however currently we only
      use this to control read and write permissions and ignore the execute
      control.
      
      Fix the code to allow execute permissions based on the key-pp value pair.
      Execute is allowed under the same conditions which enable reads.
      (i.e. read permission -> execute permission)
      Signed-off-by: NSuraj Jitindar Singh <sjitindarsingh@gmail.com>
      Acked-by: NDavid Gibson <david@gibson.dropbear.id.au>
      Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
      347a5c73
    • S
      target/ppc: Add Instruction Authority Mask Register Check · a6152b52
      Suraj Jitindar Singh 提交于
      The instruction authority mask register (IAMR) can be used to restrict
      permissions for instruction fetch accesses on a per key basis for each
      of 32 different key values. Access permissions are derived based on the
      specific key value stored in the relevant page table entry.
      
      The IAMR was introduced in, and is present in processors since, POWER8
      (ISA v2.07). Thus introduce a function to check access permissions based
      on the pte key value and the contents of the IAMR when handling a page
      fault to ensure sufficient access permissions for an instruction fetch.
      
      A hash pte contains a key value in bits 2:3|52:54 of the second double word
      of the pte, this key value gives an index into the IAMR which contains 32
      2-bit access masks. If the least significant bit of the 2-bit access mask
      corresponding to the given key value is set (IAMR[key] & 0x1 == 0x1) then
      the instruction fetch is not permitted and an ISI is generated accordingly.
      While we're here, add defines for the srr1 bits to be set for the ISI for
      clarity.
      
      e.g.
      
      pte:
      dw0 [XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX]
      dw1 [XX01XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX010XXXXXXXXX]
             ^^                                                ^^^
      key = 01010 (0x0a)
      
      IAMR: [XXXXXXXXXXXXXXXXXXXX01XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX]
                                 ^^
      Access mask = 0b01
      
      Test access mask: 0b01 & 0x1 == 0x1
      
      Least significant bit of the access mask is set, thus the instruction fetch
      is not permitted. We should generate an instruction storage interrupt (ISI)
      with bit 42 of SRR1 set to indicate access precluded by virtual page class
      key protection.
      Signed-off-by: NSuraj Jitindar Singh <sjitindarsingh@gmail.com>
      [dwg: Move new constants to cpu.h, since they're not MMUv3 specific]
      Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
      a6152b52