At the moment if configure finds an unknown CPU it will set
ARCH to 'unknown', and then later either bail out or set it
to 'tci' (depending on whether the user passed configure the
--enable-tcg-interpreter switch). This is unnecessarily
confusing, because we could be using TCI in two cases:
 * a known host architecture (in which case ARCH is set to
   the actual host architecture, like 'i386')
 * an unknown host architecture (in which case ARCH is
   set to 'tci')
so nothing can rely on ARCH=tci to mean "using TCI".
Remove the line setting ARCH, so we leave it as "unknown",
which is what the actual situation is.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NLaurent Vivier <laurent@vivier.eu>
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

The kernel and libc have different ideas about what a sigset_t
is -- for the kernel it is only _NSIG / 8 bytes in size (usually
8 bytes), but for libc it is much larger, 128 bytes. In most
situations the difference doesn't matter, because if you pass a
pointer to a libc sigset_t to the kernel it just acts on the first
8 bytes of it, but for the ucontext_t* argument to a signal handler
it trips us up. The kernel allocates this ucontext_t on the stack
according to its idea of the sigset_t type, but the type of the
ucontext_t defined by the libc headers uses the libc type, and
so do the manipulator functions like sigfillset(). This means that
 (1) sizeof(uc->uc_sigmask) is much larger than the actual
     space used on the stack
 (2) sigfillset(&uc->uc_sigmask) will write garbage 0xff bytes
     off the end of the structure, which can trash data that
     was on the stack before the signal handler was invoked,
     and may result in a crash after the handler returns

To avoid this, we use a memset() of the correct size to fill
the signal mask rather than using the libc function.

This fixes a problem where we would crash at least some of the
time on an i386 host when a signal was taken.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NLaurent Vivier <laurent@vivier.eu>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

Use the safe_syscall wrapper for fcntl. This is straightforward now
that we always use 'struct fcntl64' on the host, as we don't need
to select whether to call the host's fcntl64 or fcntl syscall
(a detail that the libc previously hid for us).
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NLaurent Vivier <laurent@vivier.eu>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

Use the __get_user() and __put_user() to handle reading and writing the
guest structures in do_ioctl(). This has two benefits:
 * avoids possible errors due to misaligned guest pointers
 * correctly sign extends signed fields (like l_start in struct flock)
   which might be different sizes between guest and host

To do this we abstract out into copy_from/to_user functions. We
also standardize on always using host flock64 and the F_GETLK64
etc flock commands, as this means we always have 64 bit offsets
whether the host is 64-bit or 32-bit and we don't need to support
conversion to both host struct flock and struct flock64.

In passing we fix errors in converting l_type from the host to
the target (where we were doing a byteswap of the host value
before trying to do the convert-bitmasks operation rather than
otherwise, and inexplicably shifting left by 1); these were
accidentally left over when the original simple "just shift by 1"
arm<->x86 conversion of commit 43f238d7 was changed to the more
general scheme of using target_to_host_bitmask() functions in 2ba7f730.

[RV: fixed ifdef guard for eabi functions]
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NLaurent Vivier <laurent@vivier.eu>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

host_to_target_siginfo() is implemented by a combination of
host_to_target_siginfo_noswap() followed by tswap_siginfo().
The first of these two functions assumes that the target_siginfo_t
it is writing to is correctly aligned, but the pointer passed
into host_to_target_siginfo() is directly from the guest and
might be misaligned. Use a local variable to avoid this problem.
(tswap_siginfo() does now correctly handle a misaligned destination.)

We have to add a memset() to host_to_target_siginfo_noswap()
to avoid some false positive "may be used uninitialized" warnings
from gcc about subfields of the _sifields union if it chooses to
inline both tswap_siginfo() and host_to_target_siginfo_noswap()
into host_to_target_siginfo().
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NLaurent Vivier <laurent@vivier.eu>
Signed-off-by: NPeter Maydell <riku.voipio@linaro.org>

ppc patch queue for 2016-06-23

Currently outstanding patches for spapr, target-ppc and related
devices.  This batch has:
    * Significant new progress towards full support for hypervisor
      mode
    * Assorted bugfixes
    * Some preliminary patches towards dynamic DMA window support

The last involves a change to memory.c, which Paolo has said I can
take through this tree.

# gpg: Signature made Thu 23 Jun 2016 06:47:53 BST
# gpg:                using RSA key 0x6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>"
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>"
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-2.7-20160623:
  ppc: Disable huge page support if it is not available for main RAM
  ppc: Add P7/P8 Power Management instructions
  ppc: Move exception generation code out of line
  ppc: Turn a bunch of booleans from int to bool
  ppc: Add real mode CI load/store instructions for P7 and P8
  ppc: Rework generation of priv and inval interrupts
  ppc: Fix generation if ISI/DSI vs. HV mode
  ppc: Fix POWER7 and POWER8 exception definitions
  ppc: fix exception model for HV mode
  ppc: define a default LPCR value
  ppc: Fix rfi/rfid/hrfi/... emulation
  memory: Add reporting of supported page sizes
  ppc: Improve emulation of THRM registers
  target-ppc: Fix rlwimi, rlwinm, rlwnm again
  ppc64: disable gen_pause() for linux-user mode
  tests: Use '+=' to add additional tests, not '='
  powerpc/mm: Update the WIMG check during H_ENTER
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

usb: add hotplug support for usb-bot and usb-uas.

# gpg: Signature made Wed 22 Jun 2016 12:45:46 BST
# gpg:                using RSA key 0x4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/pull-usb-20160622-2:
  usb-uas: hotplug support
  usb-bot: hotplug support
  usb: Add QOM property "attached".
  usb: make USBDevice->attached bool
  usb-storage: qcow2 encryption support is finally gone, zap dead code
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

xen-20160622

# gpg: Signature made Wed 22 Jun 2016 12:45:56 BST
# gpg:                using RSA key 0x894F8F4870E1AE90
# gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>"
# Primary key fingerprint: D04E 33AB A51F 67BA 07D3  0AEA 894F 8F48 70E1 AE90

* remotes/sstabellini/tags/xen-20160622-tag:
  xen: move xen_sysdev to xen_backend.c
  xen: fix qdisk BLKIF_OP_DISCARD for 32/64 word size mix
  xen: fix style of hw/block/xen_blkif.h
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

On powerpc, we must only signal huge page support to the guest if
all memory areas are capable of supporting huge pages. The commit
2d103aae ("fix hugepage support when using memory-backend-file")
already fixed the case when the user specified the mem-path property
for NUMA memory nodes instead of using the global "-mem-path" option.
However, there is one more case where it currently can go wrong.
When specifying additional memory DIMMs without using NUMA, e.g.

 qemu-system-ppc64 -enable-kvm ... -m 1G,slots=2,maxmem=2G \
    -device pc-dimm,id=dimm-mem1,memdev=mem1 -object \
    memory-backend-file,policy=default,mem-path=/...,size=1G,id=mem1

the code in getrampagesize() currently assumes that huge pages
are possible since they are enabled for the mem1 object. But
since the main RAM is not backed by a huge page filesystem,
the guest Linux kernel then crashes very quickly after being
started. So in case the we've got "normal" memory without NUMA
and without the global "-mem-path" option, we must not announce
huge pages to the guest. Since this is likely a mis-configuration
by the user, also spill out a message in this case.
Signed-off-by: NThomas Huth <thuth@redhat.com>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

This adds the ISA 2.06 and later power management instructions
(doze, nap, sleep and rvwinkle) and associated wakeup cause testing
in LPCR
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
[clg: fixed checkpatch.pl errors ]
Signed-off-by: NCédric Le Goater <clg@kaod.org>
Reviewed-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

There's no point inlining this, if you hit the exception case you exit
anyway, and not inlining saves about 100K of code size (and cache
footprint).
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
[clg: removed '__attribute__((noinline))' from original patch ]
Signed-off-by: NCédric Le Goater <clg@kaod.org>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NCédric Le Goater <clg@kaod.org>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

Those instructions are only available in hypervisor real mode and
allow cache inhibited garded access to devices in that mode.
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
[clg: fixed checkpatch.pl errors ]
Signed-off-by: NCédric Le Goater <clg@kaod.org>
Reviewed-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

Recent server processors use the Hypervisor Emulation Assistance
interrupt for illegal instructions and *some* type of SPR accesses.

Also the code was always generating inval instructions even for priv
violations due to setting the wrong flags

Finally, the checking for PR/HV was open coded everywhere.

This reworks it all, using little helper macros for checking, and
adding the HV interrupt (which gets converted back to program check
in the slow path of excp_helper.c on CPUs that don't want it).
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
[clg: fixed checkpatch.pl errors ]
Signed-off-by: NCédric Le Goater <clg@kaod.org>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

Under some circumstances, we need to direct ISI and DSI interrupts
at the hypervisor, turning them into HISI/HDSI, and using different
SPRs (HDSISR and HDAR) depending on the combination of MSR_DR and
the corresponding VPM bits in LPCR.

This moves part of the code into helpers that are fixed to select
the right exception type and registers. On pre-P7 processors, LPCR
is 0 which provides the old behaviour of directing the interrupts
at the supervisor.

Thanks to Andrei Warkentin for finding a bug when HV=1
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: NDavid Gibson <david@gibson.dropbear.id.au>
[clg: Merged a fix on POWERPC_EXCP_HDSI fixing the condition on
      msr_hv, from Andrei Warkentin <andrey.warkentin@gmail.com> ]
Signed-off-by: NCédric Le Goater <clg@kaod.org>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

We were initializing unused ones and missing some
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: NDavid Gibson <david@gibson.dropbear.id.au>
[clg: fixed checkpatch.pl errors ]
Signed-off-by: NCédric Le Goater <clg@kaod.org>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

This properly implements LPES0 handling for HV vs. !HV mode and
removes the unsupported LPES1. This has been removed from the specs
since ISA v2.07.
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
[clg: AIL implementation was fixed in commit 5c94b2a5. This patch
      only contains the bits of the original patch related to LPES0
      handling, adapted commit log.
      fixed checkpatch.pl errors. ]
Signed-off-by: NCédric Le Goater <clg@kaod.org>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

This allows us to set the appropriate LPCR bits which will be used
when fixing the exception model for the HV mode.
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: NDavid Gibson <david@gibson.dropbear.id.au>
[clg: previous commit 26a7f129 did not include the LPCR setting as
      it was not needed at the time, adapted commit log ]
Signed-off-by: NCédric Le Goater <clg@kaod.org>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

This reworks emulation of the various "rfi" variants. I removed
some masking bits that I couldn't make sense of, the only bit that
I am aware we should mask here is POW, the CPU's MSR mask should
take care of the rest.

This also fixes some problems when running 32-bit userspace under
a 64-bit kernel.

This patch broke 32bit OpenBIOS when run under a 970 cpu. A fix was
proposed here :

    https://www.coreboot.org/pipermail/openbios/2016-June/009452.htmlSigned-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: NDavid Gibson <david@gibson.dropbear.id.au>
[clg: updated the commit log with the reference of the openbios fix ]
Signed-off-by: NCédric Le Goater <clg@kaod.org>
[dwg: Remove hunk which disabled rfi on 64-bit CPUS.  The change was
 correct, but we need to fix OpenBIOS before applying it]
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

Make attached property settable and turns off auto-attach in case the
device was hotplugged.  Hotplugging works simliar to usb-bot now.
Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
Reviewed-by: NMarkus Armbruster <armbru@redhat.com>
Message-id: 1465984019-28963-6-git-send-email-kraxel@redhat.com

This patch marks usb-bot as hot-pluggable device, makes attached
property settable and turns off auto-attach in case the device
was hotplugged.

Hot-plugging a usb-bot device with one or more scsi devices can be
done this way now:

  (1) device-add usb-bot,id=foo
  (2) device-add scsi-{hd,cd},bus=foo.0,lun=0
  (2b) optionally add more devices (luns 0 ... 15).
  (3) qom-set foo.attached = true
Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
Reviewed-by: NMarkus Armbruster <armbru@redhat.com>
Message-id: 1465984019-28963-5-git-send-email-kraxel@redhat.com

USB devices in attached state are visible to the guest.  This patch adds
a QOM property for this.  Write access is opt-in per device.  Some
devices manage attached state automatically (usb-host, usb-serial,
usb-redir), so we can't enable write access universally but have to do
it on a case by case base.  So far, no device opts in.
Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
Reviewed-by: NMarkus Armbruster <armbru@redhat.com>
Message-id: 1465984019-28963-4-git-send-email-kraxel@redhat.com

[ minor codestyle fix ]
Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>

Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
Reviewed-by: NMarkus Armbruster <armbru@redhat.com>
Message-id: 1465984019-28963-3-git-send-email-kraxel@redhat.com

Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
Message-id: 1465984019-28963-2-git-send-email-kraxel@redhat.com

Commit 9432e53a added xen_sysdev as a
system device to serve as an anchor for removable virtual buses. This
introduced a build failure for non-x86 builds with CONFIG_XEN_BACKEND
set, as xen_sysdev was defined in a x86 specific file while being
consumed in an architecture independent source.

Move the xen_sysdev definition and initialization to xen_backend.c to
avoid the build failure.
Signed-off-by: NJuergen Gross <jgross@suse.com>
Reviewed-by: NAnthony PERARD <anthony.perard@citrix.com>
Acked-by: NStefano Stabellini <sstabellini@kernel.org>
Signed-off-by: NStefano Stabellini <sstabellini@kernel.org>

In case the word size of the domU and qemu running the qdisk backend
differ BLKIF_OP_DISCARD will not work reliably, as the request
structure in the ring have different layouts for different word size.

Correct this by copying the request structure in case of different
word size element by element in the BLKIF_OP_DISCARD case, too.
Signed-off-by: NJuergen Gross <jgross@suse.com>
Acked-by: NStefano Stabellini <sstabellini@kernel.org>
Signed-off-by: NStefano Stabellini <sstabellini@kernel.org>

Fix hw/block/xen_blkif.h to match qemu coding style.
Signed-off-by: NJuergen Gross <jgross@suse.com>
Acked-by: NStefano Stabellini <sstabellini@kernel.org>
Signed-off-by: NStefano Stabellini <sstabellini@kernel.org>

Every IOMMU has some granularity which MemoryRegionIOMMUOps::translate
uses when translating, however this information is not available outside
the translate context for various checks.

This adds a get_min_page_size callback to MemoryRegionIOMMUOps and
a wrapper for it so IOMMU users (such as VFIO) can know the minimum
actual page size supported by an IOMMU.

As IOMMU MR represents a guest IOMMU, this uses TARGET_PAGE_SIZE
as fallback.

This removes vfio_container_granularity() and uses new helper in
memory_region_iommu_replay() when replaying IOMMU mappings on added
IOMMU memory region.
Signed-off-by: NAlexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: NDavid Gibson <david@gibson.dropbear.id.au>
Acked-by: NAlex Williamson <alex.williamson@redhat.com>
[dwg: Removed an unnecessary calculation]
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

The 75x and 74xx processors have some thermal monitoring SPRs that
some OSes such as MacOS do use. Our current "dumb" implementation
isn't good enough and will cause some versions of MacOS to hang during
boot.

This lifts an improved emulation from MacOnLinux and adapts it to
qemu, thus fixing the problem.
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
[dwg: Fixed typo in comment, a number of minor checkpatch warnings,
 and a compile failure with CONFIG_USER_ONLY]
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

In 63ae0915, I arranged to use a 32-bit rotate, without
considering the effect of a mask value that wraps around to
the high bits of the word.

[dwg: In 2e11b15d this was partially fixed, but an edge case was still
incorrect, which this fixes]
Signed-off-by: NRichard Henderson <rth@twiddle.net>
[dwg: Folded with a revert of 2e11b15d, an earlier buggy version of
 this patch which already went upstream]
Tested-by: NAnton Blanchard <anton@samba.org>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

While trying to install a fedora container with
"lxc-create -t fedora -- -I qemu-ppc64" the installation abort with
the following error:

qemu: fatal: Unknown exception 0x65537. Aborting

NIP 0000004000927924   LR 00000040009e325c CTR 0000004000927480 XER 0000000000000000 CPU#0
MSR 9000000102806000 HID0 0000000000000000  HF 9000000002806000 iidx 3 didx 3
TB 00248932 1069155773327487
GPR00 00000040009e325c 00000040007ff800 0000004000aba098 0000000000000000
GPR04 00000040007ff878 0000004000dcb588 0000004000dcb830 0000004000a7a098
GPR08 0000000000000000 0000000000000000 00000040007ff878 0000004000927960
GPR12 0000000022022448 0000004000e2aef0 0000000000000000 0000000000000000
GPR16 0000000000000000 0000000000000000 0000000000000002 0000000000000001
GPR20 0000000000000000 0000000000000000 0000000000000000 0000004000800699
GPR24 0000004000e13320 0000000000000000 0000004000ac9ad8 0000004000ac9ae0
GPR28 0000000000000001 00000000100210a0 0000000000000000 0000000000000038
CR 22022442  [ E  E  -  E  E  G  G  E  ]             RES ffffffffffffffff
FPR00 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR04 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR08 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR12 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR16 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR20 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR24 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR28 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPSCR 0000000000000000
/usr/share/lxc/templates/lxc-fedora: line 487: 26661 Aborted                 (core dumped) chroot . yum -y --nogpgcheck --installroot /run/install install python rpm yum

I've bisected until the commit:

    commit b68e60e6
    Author: Benjamin Herrenschmidt <benh@kernel.crashing.org>
    Date:   Tue May 3 18:03:33 2016 +0200

        ppc: Get out of emulation on SMT "OR" ops

        Otherwise tight loops at smt_low for example, which OPAL does,
        eat so much CPU that we can't boot a kernel anymore. With that,
        I can boot 8 CPUs just fine with powernv.
Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: NDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

We can fix that by preventing to send EXCP_HLT in the case of linux-user mode,
as the main loop doesn't know how to manage it.
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

The recent commit that added the prom-env-test accidentially
overwrote the check-qtest-ppc-y, check-qtest-ppc64-y and
check-qtest-sparc-y variables instead of extending them.

Fixes: fcbf4a3cSigned-off-by: NThomas Huth <thuth@redhat.com>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

Support for 0 value for memeory coherence is optional and with ppc64
we can always enable memory coherence. Linux kernel did that during
the development of 4.7 kernel. But that resulted in failure in Qemu
in H_ENTER hcall due to below check. The mentioned change was reverted
in the kernel and kernel right now enable memory coherence only if
cache inhibited is not set. Nevertheless update qemu WIMG flag check
to cover the case where we enable memory coherence along with cache
inhibited flag.

In order to handle older and newer kernel version consider both Cache
inhibitted and (cache inhibitted | memory conference) as valid values
for wimg flags.
Signed-off-by: NAneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

This pull request contains:

  - disable sparse testing
  - add trusty build target
  - add libnfs-dev for NFS block driver

These are the same patches posted last week for any last minute review.

# gpg: Signature made Tue 21 Jun 2016 10:06:34 BST
# gpg:                using RSA key 0xFBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>"
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8  DF35 FBD0 DB09 5A9E 2A44

* remotes/stsquad/tags/pull-travis-20160621-1:
  .travis.yml: disable Sparse testing
  .travis.yml: add trusty GCE target
  .travis.yml: add libnfs-dev for NFS block driver
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
Acked-by: NMichael Walle <michael@walle.cc>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

qemu-sparc update

# gpg: Signature made Mon 20 Jun 2016 21:55:23 BST
# gpg:                using RSA key 0x5BC2C56FAE0F321F
# gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>"
# Primary key fingerprint: CC62 1AB9 8E82 200D 915C  C9C4 5BC2 C56F AE0F 321F

* remotes/mcayland/tags/qemu-sparc-signed:
  MAINTAINERS: remove Blue Swirl as SPARC maintainer
  MAINTAINERS: add Artyom Tarasenko as SPARC maintainer
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

# gpg: Signature made Mon 20 Jun 2016 21:29:27 BST
# gpg:                using RSA key 0x9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/tracing-pull-request: (42 commits)
  trace: split out trace events for linux-user/ directory
  trace: split out trace events for qom/ directory
  trace: split out trace events for target-ppc/ directory
  trace: split out trace events for target-s390x/ directory
  trace: split out trace events for target-sparc/ directory
  trace: split out trace events for net/ directory
  trace: split out trace events for audio/ directory
  trace: split out trace events for ui/ directory
  trace: split out trace events for hw/alpha/ directory
  trace: split out trace events for hw/arm/ directory
  trace: split out trace events for hw/acpi/ directory
  trace: split out trace events for hw/vfio/ directory
  trace: split out trace events for hw/s390x/ directory
  trace: split out trace events for hw/pci/ directory
  trace: split out trace events for hw/ppc/ directory
  trace: split out trace events for hw/9pfs/ directory
  trace: split out trace events for hw/i386/ directory
  trace: split out trace events for hw/isa/ directory
  trace: split out trace events for hw/sd/ directory
  trace: split out trace events for hw/sparc/ directory
  ...
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Blue is no longer active in the QEMU project, so remove him from the list of
SPARC maintainers.
Signed-off-by: NMark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
CC: Blue Swirl <blauwirbel@gmail.com>

Artyom has been working on QEMU's SPARC emulation for several years, providing
initial support for Solaris under qemu-system-sparc and more recently bugfixes
for qemu-system-sparc64 and TCG patch reviews. As work progresses on improving
emulation for sun4u machines and beyond, Artyom has agreed to take on
co-maintainership of SPARC with a focus on 64-bit architecture.
Signed-off-by: NMark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Acked-by: NArtyom Tarasenko <atar4qemu@gmail.com>

lm32/milkymist: some qomifying

# gpg: Signature made Mon 20 Jun 2016 17:27:53 BST
# gpg:                using RSA key 0xB458ABB0D8D378E3
# gpg: Good signature from "Michael Walle <michael@walle.cc>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 2190 3E48 4537 A7C2 90CE  3EB2 B458 ABB0 D8D3 78E3

* remotes/mwalle/tags/lm32-queue/20160620:
  milkymist: update specification URLs
  hw/intc: QOM'ify lm32_pic.c
  hw/display: QOM'ify milkymist-vgafb.c
  hw/display: QOM'ify milkymist-tmu2.c
  hw/timer: QOM'ify milkymist_sysctl
  hw/timer: QOM'ify lm32_timer
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>