PAPR systems support several hypercalls intended for use in real mode
debugging tools.  These implement reads and writes to arbitrary guest
physical addresses.  This is useful for real mode software because it
allows access to IO addresses and memory outside the RMA without going
through the somewhat involved process of setting up the hash page table
and enabling translation.

We want these so that when we add real IO devices, the SLOF firmware can
boot from them without having to enter virtual mode.
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Currently our implementation of the H_ENTER hypercall, which inserts a
mapping in the hash page table assumes that only ordinary memory is ever
mapped, and only permits mapping attribute bits accordingly (WIMG==0010).

However, we intend to start adding emulated IO to the pseries platform
(and real IO with PCI passthrough on kvm) which means this simple test
will no longer suffice.

This patch extends the h_enter validation code to check if the given
address is a RAM address.  If it is it enforces WIMG==0010, otherwise
it assumes that it is an IO mapping and instead enforces WIMG=010x.
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Move softmmu_exec.h include directives from target-*/exec.h to
target-*/op_helper.c. Move also various other stuff only used in
op_helper.c there.

Define global env in dyngen-exec.h.

For i386, move wrappers for segment and FPU helpers from user-exec.c
to op_helper.c. Implement raise_exception_err_env() to handle dynamic
CPUState. Move the function declarations to cpu.h since they can be
used outside of op_helper.c context.

LM32, s390x, UniCore32: remove unused cpu_halted(), regs_to_env() and
env_to_regs().

ARM: make raise_exception() static.

Convert
#include "exec.h"
to
#include "cpu.h"
#include "dyngen-exec.h"
and remove now unused target-*/exec.h.
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Signed-off-by: NAlexander Graf <agraf@suse.de>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Most exec-all.h include directives are now useless, remove them.
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

A few pieces of the pSeries emulation code have variables which are set
but never used, which causes warnings on gcc 4.6.  This patch removes
these instances.
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The pSeries machine uses two tables to look up guest hcalls for emulation.
One of these is exactly one entry too small to hold all the hcalls it needs
to, leading to memory corruption.

This patch fixes the bug, and while we're at it, make both tables 'static'
since they're never used from other modules.
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Shared-processor partitions are those where a CPU is time-sliced between
partitions, rather than being permanently dedicated to a single
partition.  qemu emulated partitions, since they are just scheduled with
the qemu user process, behave mostly like shared processor partitions.

In order to better support shared processor partitions (splpar), PAPR
defines the "VPA" (Virtual Processor Area), a shared memory communication
channel between the hypervisor and partitions.  There are also two
additional shared memory communication areas for specialized purposes
associated with the VPA.

A VPA is not essential for operating an splpar, though it can be necessary
for obtaining accurate performance measurements in the presence of
runtime partition switching.

Most importantly, however, the VPA is a prerequisite for PAPR's H_CEDE,
hypercall, which allows a partition OS to give up it's shared processor
timeslices to other partitions when idle.

This patch implements the VPA and H_CEDE hypercalls in qemu.  We don't
implement any of the more advanced statistics which can be communicated
through the VPA.  However, this is enough to make normal pSeries kernels
do an effective power-save idle on an emulated pSeries, significantly
reducing the host load of a qemu emulated pSeries running an idle guest OS.
Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This patch adds several small utility hypercalls and RTAS methods to
the pSeries platform emulation.  Specifically:

* 'display-character' rtas call

This just prints a character to the console, it's occasionally used
for early debug of the OS.  The support includes a hack to make this
RTAS call respond on the normal token value present on real hardware,
since some early debugging tools just assume this value without
checking the device tree.

* 'get-time-of-day' rtas call

This one just takes the host real time, converts to the PAPR described
format and returns it to the guest.

* 'power-off' rtas call

This one shuts down the emulated system.

* H_DABR hypercall

On pSeries, the DABR debug register is usually a hypervisor resource
and virtualized through this hypercall.  If the hypercall is not
present, Linux will under some circumstances attempt to manipulate the
DABR directly which will fail on this emulated machine.

This stub implementation is enough to stop that behaviour, although it
doesn't actually implement the requested DABR operations as yet.
Signed-off-by: NPaul Mackerras <paulus@samba.org>
Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

On pSeries machines, operating systems can instantiate "RTAS" (Run-Time
Abstraction Services), a runtime component of the firmware which implements
a number of low-level, infrequently used operations.  On logical partitions
under a hypervisor, many of the RTAS functions require hypervisor
privilege.  For simplicity, therefore, hypervisor systems typically
implement the in-partition RTAS as just a tiny wrapper around a hypercall
which actually implements the various RTAS functions.

This patch implements such a hypercall based RTAS for our emulated pSeries
machine.  A tiny in-partition "firmware" calls a new hypercall, which
looks up available RTAS services in a table.
Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

On pSeries logical partitions, excepting the old POWER4-style full system
partitions, the guest does not have direct access to the hardware page
table.  Instead, the pagetable exists in hypervisor memory, and the guest
must manipulate it with hypercalls.

However, our current pSeries emulation more closely resembles the old
style where the guest must set up and handle the pagetables itself.  This
patch converts it to act like a modern partition.

This involves two things: first, the hash translation path is modified to
permit the has table to be stored externally to the emulated machine's
RAM.  The pSeries machine init code configures the CPUs to use this mode.

Secondly, we emulate the PAPR hypercalls for manipulating the external
hashed page table.
Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

This patch adds a "pseries" machine to qemu.  This aims to emulate a
logical partition on an IBM pSeries machine, compliant to the
"PowerPC Architecture Platform Requirements" (PAPR) document.

This initial version is quite limited, it implements a basic machine
and PAPR hypercall emulation.  So far only one hypercall is present -
H_PUT_TERM_CHAR - so that a (write-only) console is available.

Multiple CPUs are permitted, with SMP entry handled kexec() style.

The machine so far more resembles an old POWER4 style "full system
partition" rather than a modern LPAR, in that the guest manages the
page tables directly, rather than via hypercalls.

The machine requires qemu to be configured with --enable-fdt.  The
machine can (so far) only be booted with -kernel - i.e. no partition
firmware is provided.
Signed-off-by: NDavid Gibson <dwg@au1.ibm.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>