1. 02 4月, 2011 40 次提交
    • A
      qemu-thread.h: include inttypes.h · 65097429
      Alon Levy 提交于
      qemu-thread.h relies on uint64_t being defined, but doesn't include
      inttypes.h explicitly. This makes it easier to use it from vscclient (part
      of libcacard).
      65097429
    • A
      f20600f2
    • P
      net: Improve the warnings for dubious command line option combinations · f68b9d67
      Peter Maydell 提交于
      Improve the warnings we give if the user specified a combination of -net
      options which don't make much sense:
       * Don't warn about anything if the config is the implicit default
         "-net user -net nic" rather than one specified by the user (this will
         only kick in for boards with no NIC or if CONFIG_SLIRP is not set)
       * Diagnose the case where the user asked for NICs which the board
         didn't instantiate (for example where the user asked for two NICs
         but the board only supports one)
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
      f68b9d67
    • P
      hw/versatilepb, realview: Fix condition for instantiation of onboard NIC · e6b3c8ca
      Peter Maydell 提交于
      Correct the condition determining whether we instantiate the onboard
      NIC or a PCI card NIC on VersatilePB and Realview boards. This was broken
      in two ways:
       (1) if the user asked for two default NICs ("-net nic -net nic") we would
      crash trying to strcmp() a NULL pointer
       (2) if the user asked for two NICs explicitly of the same model as the
      onboard NIC (eg "-net nic,model=smc91c111 -net nic,model=smc91c111")
      we would try to instantiate two onboard NICs at the same address.
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
      e6b3c8ca
    • M
      pcnet: Fix sign extension: make ipxe work with >2G RAM · 366c9332
      Michael Brown 提交于
      The problem is with definitions in hw/pcnet.c such as:
      
        #define CSR_CRDA(S)      ((S)->csr[28] | ((S)->csr[29] << 16))
      
      "(S)->csr[29]" is a uint16_t, but "(S)->csr[29] << 16" gets promoted to
      int, so the overall CSR_CRDA(s) is a (signed) int rather than a uint32_t.
      
      This then gets assigned to a uint64_t using
      
        target_phys_addr_t crda = CSR_CRDA(s);
      
      so when (S)->csr[29] has the high bit set, we end up with
      crda=0xffffffffxxxxxxxx.
      
      From: Michael Brown <mcb30@ipxe.org>
      Signed-off-by: NAlex Williamson <alex.williamson@redhat.com>
      Reviewed-by: NStefan Hajnoczi <stefanha@linux.vnet.ibm.com>
      Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
      366c9332
    • P
      target-arm: Don't leak TCG temp for UNDEFs in Neon load/store space · e318a60b
      Peter Maydell 提交于
      Move the allocation and freeing of the TCG temp used for the address for
      Neon load/store instructions so that we don't allocate the temporary
      until we've done enough decoding to know that the instruction is not
      an UNDEF pattern; this avoids leaking the TCG temp in these cases.
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
      e318a60b
    • P
      target-arm: Fix VLD of single element to all lanes · 8e18cde3
      Peter Maydell 提交于
      Fix several bugs in VLD of single element to all lanes:
      
      The "single element to all lanes" form of VLD1 differs from those for
      VLD2, VLD3 and VLD4 in that bit 5 indicates whether the loaded element
      should be written to one or two Dregs (rather than being a register
      stride). Handle this by special-casing VLD1 rather than trying to
      have one loop which deals with both VLD1 and 2/3/4.
      
      Handle VLD4.32 with 16 byte alignment specified, rather than UNDEFfing.
      
      UNDEF for the invalid size and alignment combinations.
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
      8e18cde3
    • T
    • L
      vnc: added missing name->keysym pairs for Polish national characters · ee7495d3
      Leszek Grzegorek 提交于
      There are no { name, keysym } values in name2keysym[] array for Polish
      national characters so "-k pl" option has no effect.
      Signed-off-by: NLeszek Grzegorek <leszek.grzegorek@gmail.com>
      Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
      ee7495d3
    • M
      get rid of private bitmap functions in block/sheepdog.c, use generic ones · 8cffde73
      Michael Tokarev 提交于
      qemu now has generic bitmap functions,
      so don't redefine them in sheepdog.c,
      use common header instead.  A small cleanup.
      
      Here's only one function which is actually
      used in sheepdog and gets replaced with
      a generic one (simplified):
      
      - static inline int test_bit(int nr, const volatile unsigned long *addr)
      + static inline int test_bit(int nr, const unsigned long *addr)
       {
      -  return ((1UL << (nr % BITS_PER_LONG))
                  & ((unsigned long*)addr)[nr / BITS_PER_LONG])) != 0;
      +  return 1UL & (addr[nr / BITS_PER_LONG] >> (nr & (BITS_PER_LONG-1)));
       }
      
      The body is equivalent, but the argument is not: there's
      "volatile" in there.  Why it is used for - I'm not sure.
      Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>
      Acked-by: NMORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp>
      Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
      8cffde73
    • B
      lsi53c895a: add support for ABORT messages · 508240c0
      Bernhard Kohl 提交于
      If these messages are not handled correctly the guest driver may hang.
      
      Always mandatory:
      - ABORT
      - BUS DEVICE RESET
      
      Mandatory if tagged queuing is implemented (which disks usually do):
      - ABORT TAG
      - CLEAR QUEUE
      Signed-off-by: NBernhard Kohl <bernhard.kohl@nsn.com>
      Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
      508240c0
    • W
      fix build errors when we enable acpi_piix4 debug · 59df4c11
      Wen Congyang 提交于
      I enable acpi_piix4 debug, and got the following build errors:
      # make
        CC    libhw64/acpi_piix4.o
      cc1: warnings being treated as errors
      /home/wency/source/qemu/hw/acpi_piix4.c: In function ‘pm_ioport_write’:
      /home/wency/source/qemu/hw/acpi_piix4.c:193: error: format ‘%04x’ expects type ‘unsigned int’, but argument 2 has type ‘uint64_t’
      /home/wency/source/qemu/hw/acpi_piix4.c:193: error: format ‘%04x’ expects type ‘unsigned int’, but argument 3 has type ‘uint64_t’
      /home/wency/source/qemu/hw/acpi_piix4.c: In function ‘pm_ioport_read’:
      /home/wency/source/qemu/hw/acpi_piix4.c:219: error: format ‘%04x’ expects type ‘unsigned int’, but argument 2 has type ‘uint64_t’
      make[1]: *** [acpi_piix4.o] Error 1
      make: *** [subdir-libhw64] Error 2
      Signed-off-by: NWen Congyang <wency@cn.fujitsu.com>
      Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
      59df4c11
    • S
      ui/sdl: Load optional QEMU icon · 09cec717
      Stefan Weil 提交于
      Load an optional QEMU icon file. If there is no icon file named
      qemu.bmp in QEMU's default search path, QEMU will run with
      the usual system default icon.
      
      A matching icon file  will be loaded and used by X Windows managers
      or MS Windows while a QEMU instance is running.
      
      SDL requires icon files in 32x32x4 bmp format.
      
      Cc: Anthony Liguori <aliguori@us.ibm.com>
      Signed-off-by: NStefan Weil <weil@mail.berlios.de>
      Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>
      09cec717
    • A
      d818bfc5
    • D
      Add SLOF-based partition firmware for pSeries machine, allowing more boot options · a9f8ad8f
      David Gibson 提交于
      Currently, the emulated pSeries machine requires the use of the
      -kernel parameter in order to explicitly load a guest kernel.  This
      means booting from the virtual disk, cdrom or network is not possible.
      
      This patch addresses this limitation by inserting a within-partition
      firmware image (derived from the "SLOF" free Open Firmware project).
      If -kernel is not specified, qemu will now load the SLOF image, which
      has access to the qemu boot device list through the device tree, and
      can boot from any of the usual virtual devices.
      
      In order to support the new firmware, an extension to the emulated
      machine/hypervisor is necessary.  Unlike Linux, which expects
      multi-CPU entry to be handled kexec() style, the SLOF firmware expects
      only one CPU to be active at entry, and to use a hypervisor RTAS
      method to enable the other CPUs one by one.
      
      This patch also implements this 'start-cpu' method, so that SLOF can
      start the secondary CPUs and marshal them into the kexec() holding
      pattern ready for entry into the guest OS.  Linux should, and in the
      future might directly use the start-cpu method to enable initially
      disabled CPUs, but for now it does require kexec() entry.
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      Signed-off-by: NPaul Mackerras <paulus@samba.org>
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      a9f8ad8f
    • D
      Implement PAPR VPA functions for pSeries shared processor partitions · ed120055
      David Gibson 提交于
      Shared-processor partitions are those where a CPU is time-sliced between
      partitions, rather than being permanently dedicated to a single
      partition.  qemu emulated partitions, since they are just scheduled with
      the qemu user process, behave mostly like shared processor partitions.
      
      In order to better support shared processor partitions (splpar), PAPR
      defines the "VPA" (Virtual Processor Area), a shared memory communication
      channel between the hypervisor and partitions.  There are also two
      additional shared memory communication areas for specialized purposes
      associated with the VPA.
      
      A VPA is not essential for operating an splpar, though it can be necessary
      for obtaining accurate performance measurements in the presence of
      runtime partition switching.
      
      Most importantly, however, the VPA is a prerequisite for PAPR's H_CEDE,
      hypercall, which allows a partition OS to give up it's shared processor
      timeslices to other partitions when idle.
      
      This patch implements the VPA and H_CEDE hypercalls in qemu.  We don't
      implement any of the more advanced statistics which can be communicated
      through the VPA.  However, this is enough to make normal pSeries kernels
      do an effective power-save idle on an emulated pSeries, significantly
      reducing the host load of a qemu emulated pSeries running an idle guest OS.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      ed120055
    • B
      Add a PAPR TCE-bypass mechanism for the pSeries machine · 08942ac1
      Ben Herrenschmidt 提交于
      Usually, PAPR virtual IO devices use a virtual IOMMU mechanism, TCEs,
      to mediate all DMA transfers.  While this is necessary for some sorts of
      operation, it can be complex to program and slow for others.
      
      This patch implements a mechanism for bypassing TCE translation, treating
      "IO" addresses as plain (guest) physical memory addresses.  This has two
      main uses:
       * Simple, but 64-bit aware programs like firmwares can use the VIO devices
      without the complexity of TCE setup.
       * The guest OS can optionally use the TCE bypass to improve performance in
      suitable situations.
      
      The mechanism used is a per-device flag which disables TCE translation.
      The flag is toggled with some (hypervisor-implemented) RTAS methods.
      Signed-off-by: NBen Herrenschmidt <benh@kernel.crashing.org>
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      08942ac1
    • B
      Implement PAPR virtual SCSI interface (ibmvscsi) · 6e270446
      Ben Herrenschmidt 提交于
      This patch implements the infrastructure and hypercalls necessary for
      the PAPR specified Virtual SCSI interface.  This is the normal method
      for providing (virtual) disks to PAPR partitions.
      Signed-off-by: NBen Herrenschmidt <benh@kernel.crashing.org>
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      6e270446
    • B
      Implement PAPR CRQ hypercalls · b45d63b6
      Ben Herrenschmidt 提交于
      This patch implements the infrastructure and hypercalls necessary for the
      PAPR specified CRQ (Command Request Queue) mechanism.  This general
      request queueing system is used by many of the PAPR virtual IO devices,
      including the virtual scsi adapter.
      Signed-off-by: NBen Herrenschmidt <benh@kernel.crashing.org>
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      b45d63b6
    • D
      Implement sPAPR Virtual LAN (ibmveth) · 8d90ad90
      David Gibson 提交于
      This patch implements the PAPR specified Inter Virtual Machine Logical
      LAN; that is the virtual hardware used by the Linux ibmveth driver.
      Signed-off-by: NPaul Mackerras <paulus@samba.org>
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      8d90ad90
    • D
      Implement TCE translation for sPAPR VIO · ee86dfee
      David Gibson 提交于
      This patch implements the necessary infrastructure and hypercalls for
      sPAPR's TCE (Translation Control Entry) IOMMU mechanism.  This is necessary
      for all virtual IO devices which do DMA (i.e. nearly all of them).
      Signed-off-by: NBen Herrenschmidt <benh@kernel.crashing.org>
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      ee86dfee
    • D
      Add (virtual) interrupt to PAPR virtual tty device · 0201e2da
      David Gibson 提交于
      Now that we have implemented the PAPR "xics" virtualized interrupt
      controller, we can add interrupts in PAPR VIO devices.  This patch adds
      interrupt support to the PAPR virtual tty/console device.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      0201e2da
    • D
      Add PAPR H_VIO_SIGNAL hypercall and infrastructure for VIO interrupts · 00dc738d
      David Gibson 提交于
      This patch adds infrastructure to support interrupts from PAPR virtual IO
      devices.  This includes correctly advertising those interrupts in the
      device tree, and implementing the H_VIO_SIGNAL hypercall, used to
      enable and disable individual device interrupts.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      00dc738d
    • D
      Implement the PAPR (pSeries) virtualized interrupt controller (xics) · b5cec4c5
      David Gibson 提交于
      PAPR defines an interrupt control architecture which is logically divided
      into ICS (Interrupt Control Presentation, each unit is responsible for
      presenting interrupts to a particular "interrupt server", i.e. CPU) and
      ICS (Interrupt Control Source, each unit responsible for one or more
      hardware interrupts as numbered globally across the system).  All PAPR
      virtual IO devices expect to deliver interrupts via this mechanism.  In
      Linux, this interrupt controller system is handled by the "xics" driver.
      
      On pSeries systems, access to the interrupt controller is virtualized via
      hypercalls and RTAS methods.  However, the virtualized interface is very
      similar to the underlying interrupt controller hardware, and similar PICs
      exist un-virtualized in some other systems.
      
      This patch implements both the ICP and ICS sides of the PAPR interrupt
      controller.  For now, only the hypercall virtualized interface is provided,
      however it would be relatively straightforward to graft an emulated
      register interface onto the underlying interrupt logic if we want to add
      a machine with a hardware ICS/ICP system in the future.
      
      There are some limitations in this implementation: it is assumed for now
      that only one instance of the ICS exists, although a full xics system can
      have several, each responsible for a different group of hardware irqs.
      ICP/ICS can handle both level-sensitve (LSI) and message signalled (MSI)
      interrupt inputs.  For now, this implementation supports only MSI
      interrupts, since that is used by PAPR virtual IO devices.
      Signed-off-by: NPaul Mackerras <paulus@samba.org>
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      b5cec4c5
    • D
      Implement assorted pSeries hcalls and RTAS methods · 821303f5
      David Gibson 提交于
      This patch adds several small utility hypercalls and RTAS methods to
      the pSeries platform emulation.  Specifically:
      
      * 'display-character' rtas call
      
      This just prints a character to the console, it's occasionally used
      for early debug of the OS.  The support includes a hack to make this
      RTAS call respond on the normal token value present on real hardware,
      since some early debugging tools just assume this value without
      checking the device tree.
      
      * 'get-time-of-day' rtas call
      
      This one just takes the host real time, converts to the PAPR described
      format and returns it to the guest.
      
      * 'power-off' rtas call
      
      This one shuts down the emulated system.
      
      * H_DABR hypercall
      
      On pSeries, the DABR debug register is usually a hypervisor resource
      and virtualized through this hypercall.  If the hypercall is not
      present, Linux will under some circumstances attempt to manipulate the
      DABR directly which will fail on this emulated machine.
      
      This stub implementation is enough to stop that behaviour, although it
      doesn't actually implement the requested DABR operations as yet.
      Signed-off-by: NPaul Mackerras <paulus@samba.org>
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      821303f5
    • D
      Implement hcall based RTAS for pSeries machines · 39ac8455
      David Gibson 提交于
      On pSeries machines, operating systems can instantiate "RTAS" (Run-Time
      Abstraction Services), a runtime component of the firmware which implements
      a number of low-level, infrequently used operations.  On logical partitions
      under a hypervisor, many of the RTAS functions require hypervisor
      privilege.  For simplicity, therefore, hypervisor systems typically
      implement the in-partition RTAS as just a tiny wrapper around a hypercall
      which actually implements the various RTAS functions.
      
      This patch implements such a hypercall based RTAS for our emulated pSeries
      machine.  A tiny in-partition "firmware" calls a new hypercall, which
      looks up available RTAS services in a table.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      39ac8455
    • D
      Virtual hash page table handling on pSeries machine · f43e3525
      David Gibson 提交于
      On pSeries logical partitions, excepting the old POWER4-style full system
      partitions, the guest does not have direct access to the hardware page
      table.  Instead, the pagetable exists in hypervisor memory, and the guest
      must manipulate it with hypercalls.
      
      However, our current pSeries emulation more closely resembles the old
      style where the guest must set up and handle the pagetables itself.  This
      patch converts it to act like a modern partition.
      
      This involves two things: first, the hash translation path is modified to
      permit the has table to be stored externally to the emulated machine's
      RAM.  The pSeries machine init code configures the CPUs to use this mode.
      
      Secondly, we emulate the PAPR hypercalls for manipulating the external
      hashed page table.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      f43e3525
    • D
      Implement the bus structure for PAPR virtual IO · 4040ab72
      David Gibson 提交于
      This extends the "pseries" (PAPR) machine to include a virtual IO bus
      supporting the PAPR defined hypercall based virtual IO mechanisms.
      
      So far only one VIO device is provided, the vty / vterm, providing
      a full console (polled only, for now).
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      4040ab72
    • D
      Start implementing pSeries logical partition machine · 9fdf0c29
      David Gibson 提交于
      This patch adds a "pseries" machine to qemu.  This aims to emulate a
      logical partition on an IBM pSeries machine, compliant to the
      "PowerPC Architecture Platform Requirements" (PAPR) document.
      
      This initial version is quite limited, it implements a basic machine
      and PAPR hypercall emulation.  So far only one hypercall is present -
      H_PUT_TERM_CHAR - so that a (write-only) console is available.
      
      Multiple CPUs are permitted, with SMP entry handled kexec() style.
      
      The machine so far more resembles an old POWER4 style "full system
      partition" rather than a modern LPAR, in that the guest manages the
      page tables directly, rather than via hypercalls.
      
      The machine requires qemu to be configured with --enable-fdt.  The
      machine can (so far) only be booted with -kernel - i.e. no partition
      firmware is provided.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      9fdf0c29
    • D
      Add POWER7 support for ppc · 9d52e907
      David Gibson 提交于
      This adds emulation support for the recent POWER7 cpu to qemu.  It's far
      from perfect - it's missing a number of POWER7 features so far, including
      any support for VSX or decimal floating point instructions.  However, it's
      close enough to boot a kernel with the POWER7 PVR.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      9d52e907
    • D
      Support 1T segments on ppc · cdaee006
      David Gibson 提交于
      Traditionally, the "segments" used for the two-stage translation used on
      powerpc MMUs were 256MB in size.  This was the only option on all hash
      page table based 32-bit powerpc cpus, and on the earlier 64-bit hash page
      table based cpus.  However, newer 64-bit cpus also permit 1TB segments
      
      This patch adds support for 1TB segment translation to the qemu code.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      cdaee006
    • D
      Better factor the ppc hash translation path · 256cebe5
      David Gibson 提交于
      Currently the path handling hash page table translation in get_segment()
      has a mix of common and 32 or 64 bit specific code.  However the
      division is not done terribly well which results in a lot of messy code
      flipping between common and divided paths.
      
      This patch improves the organization, consolidating several divided paths
      into one.  This in turn allows simplification of some code in
      get_segment(), removing a number of ugly interim variables.
      
      This new factorization will also make it easier to add support for the 1T
      segments added in newer CPUs.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      256cebe5
    • D
      Use "hash" more consistently in ppc mmu code · fda6a0ec
      David Gibson 提交于
      Currently, get_segment() has a variable called hash.  However it doesn't
      (quite) get the hash value for the ppc hashed page table.  Instead it
      gets the hash shifted - effectively the offset of the hash bucket within
      the hash page table.
      
      As well, as being different to the normal use of plain "hash" in the
      architecture documentation, this usage necessitates some awkward 32/64
      dependent masks and shifts which clutter up the path in get_segment().
      
      This patch alters the code to use raw hash values through get_segment()
      including storing raw hashes instead of pte group offsets in the ctx
      structure.  This cleans up the path noticeably.
      
      This does necessitate 32/64 dependent shifts when the hash values are
      taken out of the ctx structure and used, but those paths already have
      32/64 bit variants so this is less awkward than it was in get_segment().
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      fda6a0ec
    • D
      Parse SDR1 on mtspr instead of at translate time · bb593904
      David Gibson 提交于
      On ppc machines with hash table MMUs, the special purpose register SDR1
      contains both the base address of the encoded size (hashed) page tables.
      
      At present, we interpret the SDR1 value within the address translation
      path.  But because the encodings of the size for 32-bit and 64-bit are
      different this makes for a confusing branch on the MMU type with a bunch
      of curly shifts and masks in the middle of the translate path.
      
      This patch cleans things up by moving the interpretation on SDR1 into the
      helper function handling the write to the register.  This leaves a simple
      pre-sanitized base address and mask for the hash table in the CPUState
      structure which is easier to work with in the translation path.
      
      This makes the translation path more readable.  It addresses the FIXME
      comment currently in the mtsdr1 helper, by validating the SDR1 value during
      interpretation.  Finally it opens the way for emulating a pSeries-style
      partition where the hash table used for translation is not mapped into
      the guests's RAM.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      bb593904
    • D
      Clean up slb_lookup() function · 8500e3a9
      David Gibson 提交于
      The slb_lookup() function, used in the ppc translation path returns a
      number of slb entry fields in reference parameters.  However, only one
      of the two callers of slb_lookup() actually wants this information.
      
      This patch, therefore, makes slb_lookup() return a simple pointer to the
      located SLB entry (or NULL), and the caller which needs the fields can
      extract them itself.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      8500e3a9
    • D
      Correct ppc popcntb logic, implement popcntw and popcntd · eaabeef2
      David Gibson 提交于
      qemu already includes support for the popcntb instruction introduced
      in POWER5 (although it doesn't actually allow you to choose POWER5).
      
      However, the logic is slightly incorrect: it will generate results
      truncated to 32-bits when the CPU is in 32-bit mode.  This is not
      normal for powerpc - generally arithmetic instructions on a 64-bit
      powerpc cpu will generate full 64 bit results, it's just that only the
      low 32 bits will be significant for condition codes.
      
      This patch corrects this nit, which actually simplifies the code slightly.
      
      In addition, this patch implements the popcntw and popcntd
      instructions added in POWER7, in preparation for allowing POWER7 as an
      emulated CPU.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      eaabeef2
    • D
      Implement missing parts of the logic for the POWER PURR · 3a7f009a
      David Gibson 提交于
      The PURR (Processor Utilization Resource Register) is a register found
      on recent POWER CPUs.  The guts of implementing it at least enough to
      get by are already present in qemu, however some of the helper
      functions needed to actually wire it up are missing.
      
      This patch adds the necessary glue, so that the PURR can be wired up
      when we implement newer POWER CPU targets which include it.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      3a7f009a
    • D
      Implement PowerPC slbmfee and slbmfev instructions · efdef95f
      David Gibson 提交于
      For a 64-bit PowerPC target, qemu correctly implements translation
      through the segment lookaside buffer.  Likewise it supports the
      slbmte instruction which is used to load entries into the SLB.
      
      However, it does not emulate the slbmfee and slbmfev instructions
      which read SLB entries back into registers.  Because these are
      only occasionally used in guests (mostly for debugging) we get
      away with it.
      
      However, given the recent SLB cleanups, it becomes quite easy to
      implement these, and thereby allow, amongst other things, a guest
      Linux to use xmon's command to dump the SLB.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      efdef95f
    • D
      Add a hook to allow hypercalls to be emulated on PowerPC · d569956e
      David Gibson 提交于
      PowerPC and POWER chips since the POWER4 and 970 have a special
      hypervisor mode, and a corresponding form of the system call
      instruction which traps to the hypervisor.
      
      qemu currently has stub implementations of hypervisor mode.  That
      is, the outline is there to allow qemu to run a PowerPC hypervisor
      under emulation.  There are a number of details missing so this
      won't actually work at present, but the idea is there.
      
      What there is no provision at all, is for qemu to instead emulate
      the hypervisor itself.  That is to have hypercalls trap into qemu
      and their result be emulated from qemu, rather than running
      hypervisor code within the emulated system.
      
      Hypervisor hardware aware KVM implementations are in the works and
      it would  be useful for debugging and development to also allow
      full emulation of the same para-virtualized guests as such a KVM.
      
      Therefore, this patch adds a hook which will allow a machine to
      set up emulation of hypervisor calls.
      Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      d569956e
    • D
      Allow qemu_devtree_setprop() to take arbitrary values · c4897490
      David Gibson 提交于
      Currently qemu_devtree_setprop() expects the new property value to be
      given as a uint32_t *.  While property values consisting of u32s are
      common, in general they can have any bytestring value.
      
      Therefore, this patch alters the function to take a void * instead,
      allowing callers to easily give anything as the property value.
      Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
      Signed-off-by: NAlexander Graf <agraf@suse.de>
      c4897490