1. 07 7月, 2015 11 次提交
  2. 06 7月, 2015 16 次提交
    • P
      Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging · 7edd8e46
      Peter Maydell 提交于
      * more of Peter Crosthwaite's multiarch preparation patches
      * unlocked MMIO support in KVM
      * support for compilation with ICC
      
      # gpg: Signature made Mon Jul  6 13:59:20 2015 BST using RSA key ID 78C7AE83
      # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
      # gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
      # gpg: WARNING: This key is not certified with sufficiently trusted signatures!
      # gpg:          It is not certain that the signature belongs to the owner.
      # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
      #      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83
      
      * remotes/bonzini/tags/for-upstream:
        exec: skip MMIO regions correctly in cpu_physical_memory_write_rom_internal
        Stop including qemu-common.h in memory.h
        kvm: Switch to unlocked MMIO
        acpi: mark PMTIMER as unlocked
        kvm: Switch to unlocked PIO
        kvm: First step to push iothread lock out of inner run loop
        memory: let address_space_rw/ld*/st* run outside the BQL
        exec: pull qemu_flush_coalesced_mmio_buffer() into address_space_rw/ld*/st*
        memory: Add global-locking property to memory regions
        main-loop: introduce qemu_mutex_iothread_locked
        main-loop: use qemu_mutex_lock_iothread consistently
        Fix irq route entries exceeding KVM_MAX_IRQ_ROUTES
        cpu-defs: Move out TB_JMP defines
        include/exec: Move tb hash functions out
        include/exec: Move standard exceptions to cpu-all.h
        cpu-defs: Move CPU_TEMP_BUF_NLONGS to tcg
        memory_mapping: Rework cpu related includes
        cutils: allow compilation with icc
        qemu-common: add VEC_OR macro
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      7edd8e46
    • P
      exec: skip MMIO regions correctly in cpu_physical_memory_write_rom_internal · b242e0e0
      Paolo Bonzini 提交于
      Loading the BIOS in the mac99 machine is interesting, because there is a
      PROM in the middle of the BIOS region (from 16K to 32K).  Before memory
      region accesses were clamped, when QEMU was asked to load a BIOS from
      0xfff00000 to 0xffffffff it would put even those 16K from the BIOS file
      into the region.  This is weird because those 16K were not actually
      visible between 0xfff04000 and 0xfff07fff.  However, it worked.
      
      After clamping was added, this also worked.  In this case, the
      cpu_physical_memory_write_rom_internal function split the write in
      three parts: the first 16K were copied, the PROM area (second 16K) were
      ignored, then the rest was copied.
      
      Problems then started with commit 965eb2fc (exec: do not clamp accesses
      to MMIO regions, 2015-06-17).  Clamping accesses is not done for MMIO
      regions because they can overlap wildly, and MMIO registers can be
      expected to perform full-width accesses based only on their address
      (with no respect for adjacent registers that could decode to completely
      different MemoryRegions).  However, this lack of clamping also applied
      to the PROM area!  cpu_physical_memory_write_rom_internal thus failed
      to copy the third range above, i.e. only copied the first 16K of the BIOS.
      
      In effect, address_space_translate is expecting _something else_ to do
      the clamping for MMIO regions if the incoming length is large.  This
      "something else" is memory_access_size in the case of address_space_rw,
      so use the same logic in cpu_physical_memory_write_rom_internal.
      Reported-by: NAlexander Graf <agraf@redhat.com>
      Reviewed-by: NLaurent Vivier <lvivier@redhat.com>
      Tested-by: NLaurent Vivier <lvivier@redhat.com>
      Fixes: 965eb2fcSigned-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      b242e0e0
    • P
      Stop including qemu-common.h in memory.h · fba0a593
      Peter Maydell 提交于
      Including qemu-common.h from other header files is generally a bad
      idea, because it means it's very easy to end up with a circular
      dependency. For instance, if we wanted to include memory.h from
      qom/cpu.h we'd end up with this loop:
       memory.h -> qemu-common.h -> cpu.h -> cpu-qom.h -> qom/cpu.h -> memory.h
      
      Remove the include from memory.h. This requires us to fix up a few
      other files which were inadvertently getting declarations indirectly
      through memory.h.
      
      The biggest change is splitting the fprintf_function typedef out
      into its own header so other headers can get at it without having
      to include qemu-common.h.
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Message-Id: <1435933104-15216-1-git-send-email-peter.maydell@linaro.org>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      fba0a593
    • P
      Merge remote-tracking branch 'remotes/xtensa/tags/20150706-xtensa' into staging · 3fa18bc9
      Peter Maydell 提交于
      Xtensa fixes:
      
      - add 64-bit floating point registers;
      - fix gdb register map construction.
      
      # gpg: Signature made Mon Jul  6 11:27:45 2015 BST using RSA key ID F83FA044
      # gpg: Good signature from "Max Filippov <max.filippov@cogentembedded.com>"
      # gpg:                 aka "Max Filippov <jcmvbkbc@gmail.com>"
      
      * remotes/xtensa/tags/20150706-xtensa:
        target-xtensa: fix gdb register map construction
        target-xtensa: add 64-bit floating point registers
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      3fa18bc9
    • M
      target-xtensa: fix gdb register map construction · 1479073b
      Max Filippov 提交于
      Due to different gdb overlay organization between windowed/call0
      configurations core import script doesn't always work correctly.
      Simplify the script: always copy complete gdb register map from overlay,
      count registers at core registerstion time. Update existing cores.
      Signed-off-by: NMax Filippov <jcmvbkbc@gmail.com>
      1479073b
    • M
      target-xtensa: add 64-bit floating point registers · ddd44279
      Max Filippov 提交于
      Xtensa ISA got specification for 64-bit floating point registers and
      opcodes, see ISA, 4.3.11 "Floating point coprocessor option".
      
      Add 64-bit FP registers.
      
      Although 64-bit floating point is currently not supported by xtensa
      translator, these registers need to be reported to gdb with proper size,
      otherwise it wouldn't find other registers.
      Signed-off-by: NMax Filippov <jcmvbkbc@gmail.com>
      ddd44279
    • P
      Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150706' into staging · 261ccf42
      Peter Maydell 提交于
      target-arm queue:
       * TLBI ALLEI1IS should operate on all CPUs, not just this one
       * Fix interval interrupt of cadence ttc in decrement mode
       * Implement YIELD insn to yield in ARM and Thumb translators
       * ARM GIC: reset all registers
       * arm_mptimer: fix timer shutdown and mode change
       * arm_mptimer: respect IT bit state
      
      # gpg: Signature made Mon Jul  6 10:58:27 2015 BST using RSA key ID 14360CDE
      # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
      
      * remotes/pmaydell/tags/pull-target-arm-20150706:
        arm_mptimer: Respect IT bit state
        arm_mptimer: Fix timer shutdown and mode change
        hw/intc/arm_gic_common.c: Reset all registers
        target-arm: Implement YIELD insn to yield in ARM and Thumb translators
        target-arm: Split DISAS_YIELD from DISAS_WFE
        Fix interval interrupt of cadence ttc when timer is in decrement mode
        target-arm: fix write helper for TLBI ALLE1IS
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      261ccf42
    • D
      arm_mptimer: Respect IT bit state · 257621a9
      Dmitry Osipenko 提交于
      The timer should fire the interrupt only if the IT (interrupt enable) bit
      state of the control register is enabled.
      Signed-off-by: NDmitry Osipenko <digetx@gmail.com>
      Reviewed-by: NPeter Crosthwaite <peter.crosthwaite@xilinx.com>
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      257621a9
    • D
      arm_mptimer: Fix timer shutdown and mode change · 8a52340c
      Dmitry Osipenko 提交于
      The running timer can't be stopped because timer control code just
      doesn't handle disabling the timer. Fix it by deleting the timer if
      the enable bit is cleared.
      
      The timer won't start periodic ticking if a ONE-SHOT -> PERIODIC mode
      change happens after a one-shot tick was completed. Fix it by
      re-starting ticking if the timer isn't ticking right now.
      
      To avoid code churning, these two fixes are squashed in one commit.
      Signed-off-by: NDmitry Osipenko <digetx@gmail.com>
      Reviewed-by: NPeter Crosthwaite <peter.crosthwaite@xilinx.com>
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      8a52340c
    • P
      hw/intc/arm_gic_common.c: Reset all registers · 12dc273e
      Peter Maydell 提交于
      The arm_gic_common reset function was missing reset code for
      several of the GIC's state fields:
       * bpr[]
       * abpr[]
       * priority1[]
       * priority2[]
       * sgi_pending[]
       * irq_target[] (SMP configurations only)
      
      These probably went unnoticed because most guests will either
      never touch them, or will write to them in the process of
      configuring the GIC before enabling interrupts.
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Message-id: 1435602345-32210-1-git-send-email-peter.maydell@linaro.org
      Reviewed-by: NEdgar E. Iglesias <edgar.iglesias@xilinx.com>
      12dc273e
    • P
      target-arm: Implement YIELD insn to yield in ARM and Thumb translators · c87e5a61
      Peter Maydell 提交于
      Implement the YIELD instruction in the ARM and Thumb translators to
      actually yield control back to the top level loop rather than being
      a simple no-op. (We already do this for A64.)
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Reviewed-by: NPeter Crosthwaite <peter.crosthwaite@xilinx.com>
      Message-id: 1435672316-3311-3-git-send-email-peter.maydell@linaro.org
      c87e5a61
    • P
      target-arm: Split DISAS_YIELD from DISAS_WFE · 049e24a1
      Peter Maydell 提交于
      Currently we use DISAS_WFE for both WFE and YIELD instructions.
      This is functionally correct because at the moment both of them
      are implemented as "yield this CPU back to the top level loop so
      another CPU has a chance to run". However it's rather confusing
      that YIELD ends up calling HELPER(wfe), and if we ever want to
      implement real behaviour for WFE and SEV it's likely to trip us up.
      
      Split out the yield codepath to use DISAS_YIELD and a new
      HELPER(yield) function, and have HELPER(wfe) call HELPER(yield).
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Message-id: 1435672316-3311-2-git-send-email-peter.maydell@linaro.org
      Reviewed-by: NPeter Crosthwaite <peter.crosthwaite@xilinx.com>
      049e24a1
    • J
      Fix interval interrupt of cadence ttc when timer is in decrement mode · a7ffaf5c
      Johannes Schlatow 提交于
      The interval interrupt is not set if the timer is in decrement mode.
      This is because x >=0 and x < interval after leaving the while-loop.
      Signed-off-by: NJohannes Schlatow <schlatow@ida.ing.tu-bs.de>
      Message-id: 20150630135821.51f3b4fd@johanness-latitude
      Reviewed-by: NPeter Crosthwaite <peter.crosthwaite@xilinx.com>
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      a7ffaf5c
    • S
      target-arm: fix write helper for TLBI ALLE1IS · 2a6332d9
      Sergey Fedorov 提交于
      TLBI ALLE1IS is an operation that does invalidate TLB entries on all PEs
      in the same Inner Sharable domain, not just on the current CPU. So we
      must use tlbiall_is_write() here.
      Signed-off-by: NSergey Fedorov <serge.fdrv@gmail.com>
      Message-id: 1435676538-31345-1-git-send-email-serge.fdrv@gmail.com
      Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      2a6332d9
    • P
      Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging · f50a1640
      Peter Maydell 提交于
      # gpg: Signature made Sat Jul  4 07:06:08 2015 BST using RSA key ID AAFC390E
      # gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>"
      # gpg: WARNING: This key is not certified with sufficiently trusted signatures!
      # gpg:          It is not certain that the signature belongs to the owner.
      # Primary key fingerprint: FAEB 9711 A12C F475 812F  18F2 88A9 064D 1835 61EB
      #      Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76  CBD0 7DEF 8106 AAFC 390E
      
      * remotes/jnsnow/tags/ide-pull-request: (35 commits)
        ahci: fix sdb fis semantics
        qtest/ahci: halted ncq migration test
        ahci: Do not map cmd_fis to generate response
        ahci: ncq migration
        ahci: add get_cmd_header helper
        ahci: add cmd header to ncq transfer state
        qtest/ahci: halted NCQ test
        ahci: correct ncq sector count
        ahci: correct types in NCQTransferState
        ahci: add rwerror=stop support for ncq
        ahci: factor ncq_finish out of ncq_cb
        ahci: refactor process_ncq_command
        ahci: assert is_ncq for process_ncq
        ahci: stash ncq command
        ide: add limit to .prepare_buf()
        qtest/ahci: ncq migration test
        qtest/ahci: simple ncq data test
        libqos/ahci: Force all NCQ commands to be LBA48
        libqos/ahci: set the NCQ tag on command_commit
        libqos/ahci: adjust expected NCQ interrupts
        ...
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      f50a1640
    • P
      Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging · 63a9294d
      Peter Maydell 提交于
      NUMA queue, 2015-07-03
      
      # gpg: Signature made Fri Jul  3 21:49:58 2015 BST using RSA key ID 984DC5A6
      # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
      # gpg: WARNING: This key is not certified with sufficiently trusted signatures!
      # gpg:          It is not certain that the signature belongs to the owner.
      # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6
      
      * remotes/ehabkost/tags/numa-pull-request:
        numa: API to lookup NUMA node by address
        numa: Store boot memory address range in node_info
        numa,pc-dimm: Store pc-dimm memory information in numa_info
        pc: Abort if HotplugHandlerClass::plug() fails
        pc,pc-dimm: Factor out reusable parts in pc_dimm_plug to a separate routine
        pc,pc-dimm: Extract hotplug related fields in PCMachineState to a structure
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      63a9294d
  3. 04 7月, 2015 13 次提交
    • J
      ahci: fix sdb fis semantics · 7c649ac5
      John Snow 提交于
      There are two things to fix here:
      
      The first one is subtle: the PxSACT register in the AHCI HBA has different
      semantics from the field it is shadowing, the ACT field in the
      Set Device Bits FIS.
      
      In the HBA register, PxSACT acts as a bitfield indicating outstanding
      NCQ commands where a set bit indicates a pending NCQ operation. The FIS
      field however operates as an RWC register update to PxSACT, where a set
      bit indicates a *successfully* completed command.
      
      Correct the FIS semantics. At the same time, move the "clear finished"
      action to the SDB FIS generation instead of the register read to mimick
      how the other shadow registers work, which always just report the last
      reported value from a FIS, and not the most current values which may
      not have been reported by a FIS yet.
      
      Lastly and more simply, SATA 3.2 section 13.6.4.2 (and later sections)
      all specify that the Interrupt bit for the SDB FIS should always be set
      to one for NCQ commands. That's currently the only time we generate this
      FIS, so set it on all the time.
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Message-id: 1435767578-32743-16-git-send-email-jsnow@redhat.com
      7c649ac5
    • J
      qtest/ahci: halted ncq migration test · 8146d7dc
      John Snow 提交于
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Message-id: 1435767578-32743-15-git-send-email-jsnow@redhat.com
      8146d7dc
    • J
      ahci: Do not map cmd_fis to generate response · dd628221
      John Snow 提交于
      The Register D2H FIS should copy the current values of
      the registers instead of just parroting back the same
      values the guest sent back to it.
      
      In this case, the SECTOR COUNT variables are actually
      not generally meaningful in terms of standard commands
      (See ATA8-AC3 Section 9.2 Normal Outputs), so it actually
      probably doesn't matter what we put in here.
      
      Meanwhile, we do need to use the Register update FIS from
      the NCQ pathways (in error cases), so getting rid of
      references to cur_cmd here is a win for AHCI concurrency.
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Message-id: 1435767578-32743-14-git-send-email-jsnow@redhat.com
      dd628221
    • J
      ahci: ncq migration · 684d5013
      John Snow 提交于
      Migrate the NCQ queue. This is solely for the benefit of halted commands,
      since anything else should have completed and had any relevant status
      flushed to the HBA registers already.
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Message-id: 1435767578-32743-13-git-send-email-jsnow@redhat.com
      684d5013
    • J
      ahci: add get_cmd_header helper · ee364416
      John Snow 提交于
      cur_cmd is an internal bookmark that points to the
      current AHCI Command Header being processed by the
      AHCI state machine. With NCQ needing to occasionally
      rely on some of the same AHCI helpers, we cannot use
      cur_cmd and will need to grab explicit pointers instead.
      
      In an attempt to begin relying on the cur_cmd pointer
      less, add a helper to let us specifically get the pointer
      to the command header of particular interest.
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Message-id: 1435767578-32743-12-git-send-email-jsnow@redhat.com
      ee364416
    • J
      ahci: add cmd header to ncq transfer state · c82bd3c8
      John Snow 提交于
      While the rest of the AHCI device can rely on a single bookmarked
      pointer for the AHCI Command Header currently being processed, NCQ
      is asynchronous and may have many commands in flight simultaneously.
      
      Add a cmdh pointer to the ncq_tfs object and make the sglist prepare
      function take an AHCICmdHeader pointer so we can be explicit about
      where we'd like to build SGlists from.
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Message-id: 1435767578-32743-11-git-send-email-jsnow@redhat.com
      c82bd3c8
    • J
      qtest/ahci: halted NCQ test · 7f6cf5ee
      John Snow 提交于
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Message-id: 1435767578-32743-10-git-send-email-jsnow@redhat.com
      7f6cf5ee
    • J
      ahci: correct ncq sector count · e08a9835
      John Snow 提交于
      uint16_t isn't enough to hold the real sector count, since a value of
      zero implies a full 64K sectors, so we need a uint32_t here.
      
      We *could* cheat and pretend that this value is 0-based and fit it in
      a uint16_t, but I'd rather waste 2 bytes instead of a future dev's
      10 minutes when they forget to +1/-1 accordingly somewhere.
      
      See SATA 3.2, section 13.6.4.1 "READ FPDMA QUEUED".
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Message-id: 1435767578-32743-9-git-send-email-jsnow@redhat.com
      e08a9835
    • J
      ahci: correct types in NCQTransferState · 9364384d
      John Snow 提交于
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Message-id: 1435767578-32743-8-git-send-email-jsnow@redhat.com
      9364384d
    • J
      ahci: add rwerror=stop support for ncq · 7c03a691
      John Snow 提交于
      Handle NCQ failures for cases where we want to halt the VM on IO errors.
      Upon a VM state change, retry the halted NCQ commands.
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Message-id: 1435767578-32743-7-git-send-email-jsnow@redhat.com
      7c03a691
    • J
      ahci: factor ncq_finish out of ncq_cb · 54f32237
      John Snow 提交于
      When we add werror=stop or rerror=stop support to NCQ,
      we'll want to take a codepath where we don't actually
      complete the command, so factor that out into a new routine.
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Message-id: 1435767578-32743-6-git-send-email-jsnow@redhat.com
      54f32237
    • J
      ahci: refactor process_ncq_command · 631ddc22
      John Snow 提交于
      Split off execute_ncq_command so that we can call
      it separately later if we desire.
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Message-id: 1435767578-32743-5-git-send-email-jsnow@redhat.com
      631ddc22
    • J
      ahci: assert is_ncq for process_ncq · 922f893e
      John Snow 提交于
      We already checked this in the handle_cmd phase, so just
      change this to an assertion and simplify the error logic.
      
      (Also, fix the switch indent, because checkpatch.pl yelled.)
      ((Sorry for churn.))
      Signed-off-by: NJohn Snow <jsnow@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
      Message-id: 1435767578-32743-4-git-send-email-jsnow@redhat.com
      922f893e