Generate correct trap for external interrupts. Map PCI and ISA IRQs to
RIC/UltraSPARC-IIi interrupt vectors.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* 'arm-devs.for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm:
hw/pxa2xx.c: Fix handling of pxa2xx_i2c variable offset within region
hw/pxa2xx_lcd.c: drop target_phys_addr_t usage in device state
hw/pxa2xx_dma.c: drop target_phys_addr_t usage in device state
ARM: Remove unnecessary subpage workarounds
hw/omap_i2c: Convert to qdev
* 'malta' of git://qemu.weilnetz.de/qemu:
malta: Fix display for LED array
malta: Use symbolic hardware addresses
malta: Always allocate flash memory
malta: Clean allocation of bios region alias
The pxa2xx I2C controller can have its registers at an arbitrary offset
within the MemoryRegion it creates. We use this to create two controllers,
one which covers a region of size 0x10000 with registers starting at an
offset 0x1600 into that region, and a second one which covers a region
of size just 0x100 with the registers starting at the base of the region.
The implementation of this offsetting uses two qdev properties, "offset"
(which sets the offset which must be subtracted from the address to
get the offset into the actual register bank) and "size", which is the
size of the MemoryRegion. We were actually using "offset" for two
purposes: firstly the required one of handling the registers not being
at the base of the MemoryRegion, and secondly as a workaround for a
deficiency of QEMU. Until commit 5312bd8b3, if a MemoryRegion was mapped
at a non-page boundary, the address passed into the read and write
functions would be the offset from the start of the page, not the
offset from the start of the MemoryRegion. So when calculating the value
to set the "offset" qdev property we included a rounding to a page
boundary.
Following commit 5312bd8b3 MemoryRegion read/write functions are now
correctly passed the offset from the base of the region, and our
workaround now means we're subtracting too much from addresses, resulting
in warnings like "pxa2xx_i2c_read: Bad register 0xffffff90".
The fix for this is simply to remove the rounding to a page boundary;
this allows us to slightly simplify the expression since
base - (base & (~region_size)) == base & region_size
The qdev property "offset" itself must remain because it is still
performing its primary job of handling register banks not being at
the base of the MemoryRegion.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Pxa2xx LCD controller is intended to work with 32-bit bus and it has no knowledge
of system's physical address size, so it should not use target_phys_addr_t in it's
state. Convert three variables in DMAChannel state from target_phys_addr_t to uint32_t,
use VMSTATE_UINT32 instead of VMSTATE_UINTTL for these variables.
We can do this safely because:
1) pxa2xx has 32-bit physical address;
2) rest of the code in file never assumes converted variables to have any size
different from uint32_t;
3) we shouldn't have used VMSTATE_UINTTL in the first place because this macro
is for target_ulong type (which can be different from target_phys_addr_t).
Signed-off-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Pxa2xx DMA controller is a 32-bit device and it has no knowledge of system's
physical address size, so it should not use target_phys_addr_t in it's state.
Convert variables descr, src and dest from type target_phys_addr_t to uint32_t,
use VMSTATE_UINT32 instead of VMSTATE_UINTTL for these variables.
We can do this safely because:
1) pxa2xx actually has 32-bit physical address size;
2) rest of the code in file never assumes descr, src and dest variables to have
size different from uint32_t;
3) we shouldn't have used VMSTATE_UINTTL in the first place because this macro
is for target_ulong type (which can be different from target_phys_addr_t).
Signed-off-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
In the ARM per-CPU peripherals (GIC, private timers, SCU, etc),
remove workarounds for subpage memory region read/write functions
being passed offsets from the start of the page rather than the
start of the region. Following commit 5312bd8b3 the masking off
of high bits of the address offset is now harmless but unnecessary.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
The 8-LED array was already implemented in the first commit to Malta,
but this implementation was incomplete.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
The patch adds definitions of some hardware addresses and uses these
definitions.
It also replaces the type of all addresses from signed to unsigned values.
This is only a cosmetic change because addresses are unsigned values,
the functions called also expect unsigned values,
and we need no sign extension here.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
There is no reason why there should not be a flash memory when the
Malta emulation is started with a Linux kernel. When flash memory
is always available, the code is simpler, and it can be better tested.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Convert the omap_i2c device to qdev.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
[Riku Voipio: Fixes and restructuring patchset]
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
[Peter Maydell: More fixes and cleanups for upstream submission]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
After commit 5312bd8b31 we got memory region relative offsets into our mmio
callbacks instead of page boundary based offsets.
This broke the OpenPIC emulation which expected offsets to be on page boundary
and substracted its region offset manually.
This patch gets rid of that manual substraction and lets the memory api do its
magic instead.
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently, the function spapr_create_phb() uses its parameters to
initialize the correct memory windows for the new PCI Host Bridge
(PHB). This is not the way things are supposed to be done with qdevs,
and means you can't create extra PHBs easily using -device.
Since pSeries machines can and do have many PHBs with various
configurations, this is a real limitation, not just a theoretical.
This patch, therefore, alters the PHB initialization code to use qdev
properties to set these parameters of the new bridge, moving most of
the code from spapr_create_phb() to spapr_phb_init().
While we're at it, we change the naming of each PCI bus and its
associated memory regions to be less arbitrary and make it easier to
relate the guest and qemu views of memory to each other.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The pseries "xics" interrupt controller, like most interrupt
controllers can support both message (i.e. edge sensitive) interrupts
and level sensitive interrupts, but it needs to know which are which.
When I implemented the xics emulation for qemu, the only devices we
supported were the PAPR virtual IO devices. These devices only use
message interrupts, so they were the only ones I implemented in xics.
Since then, however, we have added support for PCI devices, which use
level sensitive interrupts. It turns out the message interrupt logic
still actually works most of the time for these, but there are
circumstances where we can lost interrupts due to the incorrect
interrupt logic.
This patch, therefore, implements the correct xics level-sensitive
interrupt logic. The type of the interrupt is set when a device
allocates a new xics interrupt.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
The sPAPR PCI code defines a PCI device "spapr-pci-host-bridge-pci" which
is never used. This came over from the earlier bridge driver we used as
a template. Some other bridges appear on their own PCI bus as a device,
but that is not true of pSeries bridges, which are pure host to PCI with
no visible presence on the PCI side.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
The 'bars' constant array was used in experimental device allocation code
which is no longer necessary now that we always run the SLOF firmware.
This patch removes the now redundant variable.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
spin_rw_ops is only used in hw/ppce500_spin.c.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Acked-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When trying to run a ppc405 guest, it segfaults quite quickly, trying to
access timers that weren't initialized. Initialize them properly instead.
Reported-by: Andreas Faerber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Scripted conversion:
for file in hw/xtensa_*.[hc]; do
sed -i "s/CPUState/CPUXtensaState/g" $file
done
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
for file in hw/sun4m.c hw/sun4u.c hw/grlib.h hw/leon3.c; do
sed -i "s/CPUState/CPUSPARCState/g" $file
done
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
for file in hw/sh.h hw/shix.c hw/r2d.c; do
sed -i "s/CPUState/CPUSH4State/g" $file
done
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
for file in hw/s390-*.[hc]; do
sed -i "s/CPUState/CPUS390XState/g" $file
done
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
for file in hw/ppc*.[hc] hw/mpc8544_guts.c hw/spapr*.[hc] hw/virtex_ml507.c hw/xics.c; do
sed -i "s/CPUState/CPUPPCState/g" $file
done
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
for file in hw/mips_*.[hc]; do
sed -i "s/CPUState/CPUMIPSState/g" $file
done
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
for file in hw/microblaze_*.[hc] hw/petalogix_ml605_mmu.c hw/petalogix_s3adsp1800_mmu.c; do
sed -i "s/CPUState/CPUMBState/g" $file
done
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
for file in hw/an5206.c hw/dummy_m68k.c hw/mcf.h hw/mcf5206.c hw/mcf5208.c hw/mcf_intc.c; do
sed -i "s/CPUState/CPUM68KState/g" $file
done
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
for file in hw/lm32_boards.c hw/milkymist.c; do
sed -i "s/CPUState/CPULM32State/g" $file
done
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
for file in hw/apic.h hw/kvm/apic.c hw/kvmvapic.c hw/pc.c hw/vmport.c hw/xen_machine_pv.c; do
sed -i "s/CPUState/CPUX86State/g" $file
done
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
for file in hw/cris-boot.[hc] hw/cris_pic_cpu.c hw/axis_dev88.c hw/etraxfs.h hw/etraxfs_ser.c; do
sed -i "s/CPUState/CPUCRISState/g" $file
done
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
for file in hw/alpha_*.[hc]; do
sed -i "s/CPUState/CPUAlphaState/g" $file
done
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
pc.h and apic.h are not needed; apic.h would drag in x86 CPUState and
is now included directly for TARGET_I386.
isa.h is already #included from mc146818rtc.h.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Frees the identifier cpu_reset for QOM CPUs (manual rename).
Don't hide the parameter type behind explicit casts, use static
functions with strongly typed argument to indirect.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
On ppc405ep there is a register that allows for software to reset the
core, but not the whole system. Implement this reset using a reset
interrupt.
This gets rid of a bunch of #if 0'ed code.
Reported-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
The kvmvapic code remaps a section of ROM as RAM to allow the guest to
maintain state there. It is careful to align the section size to a page
boundary, to avoid creating subpages, but neglects to do the same for
the start address. These leads to an assert later on when the memory
core tries to create a page which is half RAM and half ROM.
Fix by aligning the start address to a page boundary.
This can be triggered by running qemu-system-x86_64 -enable-kvm -vga none.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* kraxel/usb.44:
Endian fix an assertion in usb-msd
uhci: alloc can't fail, drop check.
uhci: new uhci_handle_td return code for tds still in flight
uhci: renumber uhci_handle_td return codes
uhci: use enum for uhci_handle_td return codes
uhci: tracing support
uhci: cancel on schedule stop.
uhci: fix uhci_async_cancel_all
uhci: pass addr to uhci_async_alloc
usb: improve packet state sanity checks
usb-ohci: DMA writeback bug fixes
usb-ehci: drop unused isoch_pause variable
usb: zap hw/ush-{ohic,uhci}.h + init wrappers
usb: the big rename
Currently, the "kvmclock" type is only registered when kvm_enabled().
This breaks when moving type registration to before command line
parsing (so that QOM types can be used for CPU and machine).
Since the QOM classes are lazy-initialized anyway and kvmclock_create()
has another kvm_enabled() check, simply drop the KVM check in
kvmclock_register_types().
kvm-i8259, kvm-apic and kvm-ioapic do not suffer from such a check.
Reviewed-by: please.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This fixes a broken endian assumption in an assertion in usb-msd.
Cc: Gerd Hoffman <kraxel@redhat.com>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Step #2 (separate for better bisectability): renumber so the silly '-1'
goes away. Pick a range which doesn't overlap the old values.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add a new function to check whenever the packet state is as expected,
log more informations in case it isn't.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch fixes two bugs in the OHCI device where the device writes
back data to system memory that should be exclusively under the
control of the guest side driver.
In OHCI specification Section 5.2.7, it mentioned "In all cases, Host
Controller Driver is responsible for the insertion and removal of all
Endpoint Descriptors in the various Host Controller Endpoint
Descriptor lists". In the ohci_frame_boundary(), ohci_put_hcca()
writes the entire hcca back including the interrupt ED lists which
should be under driver control. This violates the specification and
can race with a host driver updating that list at the same time.
In the OHCI Spec Section 4.6, Transfer Descriptor Queue Processing, it
mentioned "Since the TD pointed to by TailP is not accessed by the HC,
the Host Controller Driver can initialize that TD and link at least
one other to it without creating a coherency or synchronization
problem". While the function ohci_put_ed() writes the entire endpoint
descriptor back including the TailP which should under driver
control. This violate the specification and can race with a host
driver updating the TD list at the same time.
In each case the solution is to make sure we don't write data which is
under driver control.
Cc: Gerd Hoffman <kraxel@redhat.com>
Signed-off-by: Wei Yang <weiyang@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
