Add a QOM property which allows the GIC Security Extensions to be
enabled. These are an optional part of the GICv1 and GICv2 architecture.
This commit just adds the property and some sanity checks that it
is only enabled on GIC revisions that support it.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1430502643-25909-3-git-send-email-peter.maydell@linaro.org
Message-id: 1429113742-8371-5-git-send-email-greg.bellows@linaro.org
[PMM: changed property name, added checks that it isn't set for
older GIC revisions or if using the KVM VGIC; reworded commit message]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Create the outbound FIQ lines from the GIC to the CPUs; these are
used if the GIC has security extensions or grouping support.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1430502643-25909-2-git-send-email-peter.maydell@linaro.org
Message-id: 1429113742-8371-2-git-send-email-greg.bellows@linaro.org
[PMM: added FIQ lines to kvm-arm-gic so its interface is the same;
tweaked commit message]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Consider the following pseudo code to configure SYSTICK (The
recommended programming sequence from "the definitive guide to the
arm cortex-m3"):
SYSTICK Reload Value Register = 0xffff
SYSTICK Current Value Register = 0
SYSTICK Control and Status Register = 0x7
The pseudo code "SYSTICK Current Value Register = 0" leads to invoking
systick_reload(). As a consequence, the systick.tick member is updated
and the systick timer starts to count down when the ENABLE bit of
SYSTICK Control and Status Register is cleared.
The worst case is that: during the system initialization, the reset
value of the SYSTICK Control and Status Register is 0x00000000.
When the code "SYSTICK Current Value Register = 0" is executed, the
systick.tick member is accumulated with "(s->systick.reload + 1) *
systick_scale(s)". The systick_scale() gets the external_ref_clock
scale because the CLKSOURCE bit of the SYSTICK Control and Status
Register is cleared. This is the incorrect behavior because of the
code "SYSTICK Control and Status Register = 0x7". Actually, we want
the processor clock instead of the external reference clock.
This incorrect behavior defers the generation of the first interrupt.
The patch fixes the above-mentioned issue by setting the systick.tick
member and modifying the systick timer only if the ENABLE bit of
the SYSTICK Control and Status Register is set.
In addition, the Cortex-M3 Devices Generic User Guide mentioned that
"When ENABLE is set to 1, the counter loads the RELOAD value from the
SYST RVR register and then counts down". This patch adheres to the
statement of the user guide.
Signed-off-by: Adrian Huang <adrianhuang0701@gmail.com>
Reviewed-by: Jim Huang <jserv.tw@gmail.com>
[PMM: minor tweak to comment text]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Replace call of cpu_is_bsp(s->cpu) which really returns
!!(s->apicbase & MSR_IA32_APICBASE_BSP)
with directly collected value. Due to this the tracepoint
trace_cpu_get_apic_base((uint64_t)s->apicbase);
will not be hit anymore in apic_reset_common.
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Andreas Färber <afaerber@suse.de>
CC: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1428414832-3104-1-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
- next part in the thread-safe address_space_* saga: atomic access
to the bounce buffer and the map_clients list, from Fam
- optional support for linking with tcmalloc, also from Fam
- reapplying Peter Crosthwaite's "Respect as_translate_internal
length clamp" after fixing the SPARC fallout.
- build system fix from Wei Liu
- small acpi-build and ioport cleanup by myself
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAABCAAGBQJVQJd4AAoJEL/70l94x66DYFYH/3ifhqWZsd4dfJri0CGAHI4i
SpPmNeouc8W+F/3lwf6Inrh5NnTgd5QzoUBMQaWVkQKwUiWls8g2mXkT3jo0iDqT
/B40YXnZjNm20MixNaZmk9AsOF6OqPM8EMufau874k5zTlx3tCGAW1QD+I1N7WK7
DfsFsIUD1svo2prn55fSoitMG1TIVPnpcklb4YGJRbAacQYUDhr5KAIhT1quDR2R
93BvToyQmPqRQ4YKqnJLp8HAkL4FaJumfFZVvyh2cZvyaYGN/RVdi2Dw985dJDPX
/z4enE4GCAs4RDw3lZ1RDbiZDqpT2ibFgASg/arX3SxzqHirOGvMdkOjO99r9j4=
=aLjh
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
- miscellaneous cleanups for TCG (Emilio) and NBD (Bogdan)
- next part in the thread-safe address_space_* saga: atomic access
to the bounce buffer and the map_clients list, from Fam
- optional support for linking with tcmalloc, also from Fam
- reapplying Peter Crosthwaite's "Respect as_translate_internal
length clamp" after fixing the SPARC fallout.
- build system fix from Wei Liu
- small acpi-build and ioport cleanup by myself
# gpg: Signature made Wed Apr 29 09:34:00 2015 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini/tags/for-upstream: (22 commits)
nbd/trivial: fix type cast for ioctl
translate-all: use bitmap helpers for PageDesc's bitmap
target-i386: disable LINT0 after reset
Makefile.target: prepend $libs_softmmu to $LIBS
milkymist: do not modify libs-softmmu
configure: Add support for tcmalloc
exec: Respect as_translate_internal length clamp
ioport: reserve the whole range of an I/O port in the AddressSpace
ioport: loosen assertions on emulation of 16-bit ports
ioport: remove wrong comment
ide: there is only one data port
gus: clean up MemoryRegionPortio
sb16: remove useless mixer_write_indexw
sun4m: fix slavio sysctrl and led register sizes
acpi-build: remove dependency from ram_addr.h
memory: add memory_region_ram_resize
dma-helpers: Fix race condition of continue_after_map_failure and dma_aio_cancel
exec: Notify cpu_register_map_client caller if the bounce buffer is available
exec: Protect map_client_list with mutex
linux-user, bsd-user: Remove two calls to cpu_exec_init_all
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Due to old Seabios bug, QEMU reenable LINT0 after reset. This bug is long gone
and therefore this hack is no longer needed. Since it violates the
specifications, it is removed.
Signed-off-by: Nadav Amit <namit@cs.technion.ac.il>
Message-Id: <1428881529-29459-2-git-send-email-namit@cs.technion.ac.il>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Rewrite the loop using level &= level - 1 to clear the least significant
bit after each iteration. This simplifies the loop and makes it easy to
replace ffs(3) with ctz32().
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1427124571-28598-8-git-send-email-stefanha@redhat.com
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
There are a number of ffs(3) callers that do roughly:
bit = ffs(val);
if (bit) {
do_something(bit - 1);
}
This pattern can be converted to ctz32() like this:
zeroes = ctz32(val);
if (zeroes != 32) {
do_something(zeroes);
}
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1427124571-28598-6-git-send-email-stefanha@redhat.com
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Since the BSP bit is writable on real hardware, during reset all the CPUs which
were not chosen to be the BSP should have their BSP bit cleared. This fix is
required for KVM to work correctly when it changes the BSP bit.
An additional fix is required for QEMU tcg to allow software to change the BSP
bit.
Signed-off-by: Nadav Amit <namit@cs.technion.ac.il>
Message-Id: <1427932716-11800-1-git-send-email-namit@cs.technion.ac.il>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
As there is logic to deal with the difference between edge and level
triggered interrupts in the kernel we must ensure it knows the
configuration of the IRQs before we restore the pending state.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* fix handling of execute-never bits in page table walks
* tell kernel to initialize KVM GIC in realize function
* fix handling of STM (user) with r15 in register list
* ignore low bit of PC in M-profile exception return
* fix linux-user get/set_tls syscalls on CPUs with TZ
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABCAAGBQJVBs7oAAoJEDwlJe0UNgzeyFMP/Re3884RXnk5Mc9+57mwJOCh
NjVOiNskvFWwSxmOBWK0Zestr1MWp9zsnr27dj6wu9EqIlSTLbknl8ttnHnHdSrj
C21mD3H/1DXmQyIysHa3g61BQAuOU9UGgG8PSgK6z8IFM7x0+ntcyEzR8BL2qjHU
9YyvENrmbbVaY8/YfvAdqs0d4mp6RVwzPrb/t35CkX0nI2rgGX+wNTsqH/UCIpNb
eD1YeSaUJnaxODhZlZUcTR/D7wAzUmPtp7Le5qwMSH4jm6LTPSAQ2B5WFAfLodGO
Tpb8sXUAAJymnLOjPchYACEH/tS+yLTN40aTYXgq/sc7b6uCwRvEfZzVjJ3cn6Cf
ZEtP2ZwevzS2Uy17tfYs6fxgAdh07dB/lUif5lCg5tvlYa531HhH1uq0QplSxhDR
/uXvl8Q/tAVXLnWDh0uydZ7NuqEv7P+25feL7sAT5I/VUWgYCs3RhwE1lU1JMwih
yMKipD93bg+z7PqtOW/GHjIKyai7yTKhaVNS+BGZaqOIfqWSTFJ0NPFK0SK67kou
+38OMHtORaAnKGFbkBnJQGVjHTgzWPol9r1KuVgsa5zZvhDtNGNhk0A0xLil/Qkh
jwj1O5y+xtYI+JXIDucbcEySwL/RpzEOSKbd7OTsmTVNqhKqoomKUy5e0w/zG1v6
RFuUdUzabLTzT3uqwL+I
=uK1h
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150316' into staging
target-arm queue:
* fix handling of execute-never bits in page table walks
* tell kernel to initialize KVM GIC in realize function
* fix handling of STM (user) with r15 in register list
* ignore low bit of PC in M-profile exception return
* fix linux-user get/set_tls syscalls on CPUs with TZ
# gpg: Signature made Mon Mar 16 12:39:04 2015 GMT using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-20150316:
linux-user: Access correct register for get/set_tls syscalls on ARM TZ CPUs
target-arm: Ignore low bit of PC in M-profile exception return
target-arm: Fix handling of STM (user) with r15 in register list
hw/intc/arm_gic: Initialize the vgic in the realize function
target-arm: get_phys_addr_lpae: more xn control
target-arm: fix get_phys_addr_v6/SCTLR_AFE access check
target-arm: convert check_ap to ap_to_rw_prot
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This patch forces vgic initialization in the vgic realize function.
It uses a new group/attribute that allows such operation:
KVM_DEV_ARM_VGIC_GRP_CTRL/KVM_DEV_ARM_VGIC_CTRL_INIT
This earlier initialization allows, for example, to setup VFIO
signaling and irqfd after vgic initialization, on a reset notifier.
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Message-id: 1426094226-8515-1-git-send-email-eric.auger@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
s390_flic_init() is a helper to create and realize either
"s390-flic-kvm" or "s390-flic-qemu". When qdev_init() fails, it
complains to stderr and succeeds.
Except it can't actually fail, because the "s390-flic-qemu" is a dummy
without a realize method, and "s390-flic-kvm"'s realize can't fail,
even when the kernel device is really unavailable. Odd.
Replace qdev_init() by qdev_init_nofail() to make "can't fail" locally
obvious, and get rid of the unreachable error reporting.
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Cc: Alexander Graf <agraf@suse.de>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Message-Id: <1423128889-18260-4-git-send-email-armbru@redhat.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This is in preparation for using VMSTATE_BITMAP in a followup vmstate
migration patch.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alexander Graf <agraf@suse.de>
Issuing loadvm under -M mac99 would fail for two reasons: firstly an incorrect
version number for openpic would cause openpic_load() to abort, and secondly
a cut/paste error when restoring the IVPR and IDR registers caused subsequent
vmstate sections to become misaligned and abort early.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alexander Graf <agraf@suse.de>
A simple copy/paste error causes savevm on -M mac99 to segfault.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Alexander Graf <agraf@suse.de>
Some are called do_info_SUBCOMMAND() (old ones, usually), some
hmp_info_SUBCOMMAND(), some SUBCOMMAND_info(), sometimes SUBCOMMAND
pointlessly differs in spelling.
Normalize to hmp_info_SUBCOMMAND(), where SUBCOMMAND is exactly the
subcommand name with '-' replaced by '_'.
Exceptions:
* sun4m_irq_info(), sun4m_pic_info() renamed to sun4m_hmp_info_irq(),
sun4m_hmp_info_pic().
* lm32_irq_info(), lm32_pic_info() renamed to lm32_hmp_info_irq(),
lm32_hmp_info_pic().
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Right now you only get to apic_init_reset if you have an APIC
(do_cpu_init is reached only if CPU_INTERRUPT_INIT is set and
that only happens in hw/intc/apic.c). However, this is wrong
because for example a port 92 or keyboard controller reset is
really an INIT, and that can happen also with no APIC. So
keep the check and fix the error that Coverity reported.
Reported-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
- valgrind/KVM support
- small i386 patches
- PCI SD host controller support
- malloc/free cleanups from Markus (x86/scsi)
- IvyBridge model
- XSAVES support for KVM
- initial patches from record/replay
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQEcBAABAgAGBQJUjw28AAoJEL/70l94x66D9kcH/RBoc4mNjrSt+MLy9Y+Fu1bu
HNhfd1n/yA0MKSHtSYwJPgkiuoxG3jHt0N69gbpZE0kdBcK+PPZZZUpTFIAU6vD/
D0O7l+2viOcl2z7SPuHIp9/O0CChsAYZkH+Zn2XbeStbe4d4f6bFzdy4vblMsirQ
BfMn/Y2Dw1uLknvrO3/QKgGhbK5Nxo/Te7lavRP+w7FgOhAdAUHOhBPfGrPWtG+0
0hVWmxoQyJtk+Ltt2oF4zUkql7czDsgyXkaO82l3TkecCvtqolCuby4lQIFJnq7E
vw0XUDwC/l/MWnXFq/rG97yopfIxkSAthT/xP/+TTJKM/oJEWDTh6I8ghQTdG90=
=ncys
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
- Migration and linuxboot fixes for 2.2 regressions
- valgrind/KVM support
- small i386 patches
- PCI SD host controller support
- malloc/free cleanups from Markus (x86/scsi)
- IvyBridge model
- XSAVES support for KVM
- initial patches from record/replay
# gpg: Signature made Mon 15 Dec 2014 16:35:08 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini/tags/for-upstream: (47 commits)
sdhci: Support SDHCI devices on PCI
sdhci: Define SDHCI PCI ids
sdhci: Add "sysbus" to sdhci QOM types and methods
sdhci: Remove class "virtual" methods
sdhci: Set a default frequency clock
serial: only resample THR interrupt on rising edge of IER.THRI
serial: update LSR on enabling/disabling FIFOs
serial: clean up THRE/TEMT handling
serial: reset thri_pending on IER writes with THRI=0
linuxboot: fix loading old kernels
kvm/apic: fix 2.2->2.1 migration
target-i386: add Ivy Bridge CPU model
target-i386: add f16c and rdrand to Haswell and Broadwell
target-i386: add VME to all CPUs
pc: add 2.3 machine types
i386: do not cross the pages boundaries in replay mode
cpus: make icount warp behave well with respect to stop/cont
timer: introduce new QEMU_CLOCK_VIRTUAL_RT clock
cpu-exec: invalidate nocache translation if they are interrupted
icount: introduce cpu_get_icount_raw
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The wait_for_sipi field is set back to 1 after an INIT, so it was not
effective to reset it in kvm_apic_realize. Introduce a reset callback
and reset wait_for_sipi there.
Reported-by: Igor Mammedov <imammedo@redhat.com>
Cc: qemu-stable@nongnu.org
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Compute kvm_irqfds_allowed by checking the KVM_CAP_IRQFD extension.
Remove direct settings in architecture specific files.
Add a new kvm_resamplefds_allowed variable, initialized by
checking the KVM_CAP_IRQFD_RESAMPLE extension. Add a corresponding
kvm_resamplefds_enabled() function.
A special notice for s390 where KVM_CAP_IRQFD was not immediatly
advirtised when irqfd capability was introduced in the kernel.
KVM_CAP_IRQ_ROUTING was advertised instead.
This was fixed in "KVM: s390: announce irqfd capability",
ebc3226202d5956a5963185222982d435378b899 whereas irqfd support
was brought in 84223598778ba08041f4297fda485df83414d57e,
"KVM: s390: irq routing for adapter interrupts". Both commits
first appear in 3.15 so there should not be any kernel
version impacted by this QEMU modification.
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Newer kernels support a device attribute on the GIC which allows us to
tell it how many IRQs this GIC instance is configured with; use it, if
it exists.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1417718679-1071-1-git-send-email-peter.maydell@linaro.org
This fixes another failure with ExtINT, demonstrated by QNX. The failure
mode is as follows:
- IPI sent to cpu 0 (bit set in APIC irr)
- IPI accepted by cpu 0 (bit cleared in irr, set in isr)
- IPI sent to cpu 0 (bit set in both irr and isr)
- PIC interrupt sent to cpu 0
The PIC interrupt causes CPU_INTERRUPT_HARD to be set, but
apic_irq_pending observes that the highest pending APIC interrupt priority
(the IPI) is the same as the processor priority (since the IPI is still
being handled), so apic_get_interrupt returns a spurious interrupt rather
than the pending PIC interrupt. The result is an endless sequence of
spurious interrupts, since nothing will clear CPU_INTERRUPT_HARD.
Instead, ExtINT interrupts should have ignored the processor priority.
Calling apic_check_pic early in apic_get_interrupt ensures that
apic_deliver_pic_intr is called instead of delivering the spurious
interrupt. apic_deliver_pic_intr then clears CPU_INTERRUPT_HARD if needed.
Reported-by: Richard Bilson <rbilson@qnx.com>
Tested-by: Richard Bilson <rbilson@qnx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This patch fixes an obscure failure of the QNX kernel on QEMU x86 SMP.
In QNX, all hardware interrupts come via the PIC, and are delivered by
the cpu 0 LAPIC in ExtINT mode, while IPIs are delivered by the LAPIC
in fixed mode.
This bug happens as follows:
- cpu 0 masks a particular PIC interrupt
- IPI sent to cpu 0 (CPU_INTERRUPT_HARD is set)
- before the IPI is accepted, the masked interrupt line is asserted by the
device
Since the interrupt is masked, apic_deliver_pic_intr will clear
CPU_INTERRUPT_HARD. The IPI will still be set in the APIC irr, but since
CPU_INTERRUPT_HARD is not set the cpu will not notice. Depending on the
scenario this can cause a system hang, i.e. if cpu 0 is expected to unmask
the interrupt.
In order to fix this, do a full check of the APIC before an EXTINT
is acknowledged. This can result in clearing CPU_INTERRUPT_HARD, but
can also result in delivering the lost IPI.
Reported-by: Richard Bilson <rbilson@qnx.com>
Tested-by: Richard Bilson <rbilson@qnx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
After the next patch, if a masked PIC interrupts causes CPU_INTERRUPT_POLL
to be set, the CPU will spuriously get out of halted state. While this
is technically valid, we should avoid that.
Make CPU_INTERRUPT_POLL run apic_update_irq in the right thread and then
look at CPU_INTERRUPT_HARD. If CPU_INTERRUPT_HARD does not get set,
do not report the CPU as having work.
Also move the handling of software-disabled APIC from apic_update_irq
to apic_irq_pending, and always trigger CPU_INTERRUPT_POLL. This will
be important once we will add a case that resets CPU_INTERRUPT_HARD
from apic_update_irq. We want to run it even if we go through
CPU_INTERRUPT_POLL, and even if the local APIC is software disabled.
Reported-by: Richard Bilson <rbilson@qnx.com>
Tested-by: Richard Bilson <rbilson@qnx.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This patch adds missed sipi_vector and wait_for_sipi fields to a new
subsection of the vmstate of the apic_common module. Saving and loading
of these fields makes migration of the apic state deterministic.
Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@ispras.ru>
[Initialize the field in pre_load and kvm_apic_realize. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The in-kernel OpenPIC emulation only supports a single map. However, we
map the OpenPIC at 2 locations: The CPU visible one and the PCI visible
one. For KVM acceleration, we only care about the first one.
To make sure that we only map that first mapping and not the PCI map that
happens dynamically later during bootup, ignore maps that happen when
we are already considering ourselves mapped.
Credits due are to Bogdan and Mihai for debugging this.
Reported-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Reported-by: Mihai Caraman <mihai.caraman@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This removes num_irq parameter from gic_init_irqs_and_distributor as it is not
used.
Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Message-id: 1412859651-15060-1-git-send-email-fred.konrad@greensocs.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Steps:
1.enable qemu debug print, using simply scprit as below:
grep "//#define DEBUG" * -rl | xargs sed -i "s/\/\/#define DEBUG/#define DEBUG/g"
2. make -j
3. get some warning:
hw/i2c/pm_smbus.c: In function 'smb_ioport_writeb':
hw/i2c/pm_smbus.c:142: warning: format '%04x' expects type 'unsigned int', but argument 2 has type 'hwaddr'
hw/i2c/pm_smbus.c:142: warning: format '%02x' expects type 'unsigned int', but argument 3 has type 'uint64_t'
hw/i2c/pm_smbus.c: In function 'smb_ioport_readb':
hw/i2c/pm_smbus.c:209: warning: format '%04x' expects type 'unsigned int', but argument 2 has type 'hwaddr'
hw/intc/i8259.c: In function 'pic_ioport_read':
hw/intc/i8259.c:373: warning: format '%02x' expects type 'unsigned int', but argument 2 has type 'hwaddr'
hw/input/pckbd.c: In function 'kbd_write_command':
hw/input/pckbd.c:232: warning: format '%02x' expects type 'unsigned int', but argument 2 has type 'uint64_t'
hw/input/pckbd.c: In function 'kbd_write_data':
hw/input/pckbd.c:333: warning: format '%02x' expects type 'unsigned int', but argument 2 has type 'uint64_t'
hw/isa/apm.c: In function 'apm_ioport_writeb':
hw/isa/apm.c:44: warning: format '%x' expects type 'unsigned int', but argument 2 has type 'hwaddr'
hw/isa/apm.c:44: warning: format '%02x' expects type 'unsigned int', but argument 3 has type 'uint64_t'
hw/isa/apm.c: In function 'apm_ioport_readb':
hw/isa/apm.c:67: warning: format '%x' expects type 'unsigned int', but argument 2 has type 'hwaddr'
hw/timer/mc146818rtc.c: In function 'cmos_ioport_write':
hw/timer/mc146818rtc.c:394: warning: format '%02x' expects type 'unsigned int', but argument 3 has type 'uint64_t'
hw/i386/pc.c: In function 'port92_write':
hw/i386/pc.c:479: warning: format '%02x' expects type 'unsigned int', but argument 2 has type 'uint64_t'
Fix them.
Cc: qemu-trivial@nongnu.org
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Take IRQ target mask into account when determining the highest priority
pending interrupt.
Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1407947471-26981-1-git-send-email-serge.fdrv@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Use constant rather than a plain number.
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Message-id: 1408372255-12358-5-git-send-email-adam@os.inf.tu-dresden.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Only SGIs must be WI, done by forcing them to their default
(edge-triggered).
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Message-id: 1408372255-12358-4-git-send-email-adam@os.inf.tu-dresden.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Setting the model is only available in pre-v1 GIC models.
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Message-id: 1408372255-12358-3-git-send-email-adam@os.inf.tu-dresden.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The GICD_ICFGR register covers 4 interrupts per byte.
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Message-id: 1408372255-12358-2-git-send-email-adam@os.inf.tu-dresden.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
To be more array friendly and to indicate the IRQs are initially
disconnected.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
To indicate the IRQs are initially disconnected.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
This implements interrupt release function so IRQs can be returned back
to the pool for reuse in cases such as PCI hot plug.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
The current allocator returns IRQ numbers from a pool and does not
support IRQs reuse in any form as it did not keep track of what it
previously returned, it only keeps the last returned IRQ. Some use
cases such as PCI hot(un)plug may require IRQ release and reallocation.
This moves an allocator from SPAPR to XICS.
This switches IRQ users to use new API.
This uses LSI/MSI flags to know if interrupt is allocated.
The interrupt release function will be posted as a separate patch.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Since islsi[] array has been merged into the ICSState struct,
we must not reset flags as they tell if the interrupt is in use.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
PAPR allows having multiple interrupt sources such as PHB.
This adds a source lookup function and makes use of it.
Since at the moment QEMU only supports a single source,
no change in behaviour is expected.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
The existing interrupt allocation scheme in SPAPR assumes that
interrupts are allocated at the start time, continously and the config
will not change. However, there are cases when this is not going to work
such as:
1. migration - we will have to have an ability to choose interrupt
numbers for devices in the command line and this will create gaps in
interrupt space.
2. PCI hotplug - interrupts from unplugged device need to be returned
back to interrupt pool, otherwise we will quickly run out of interrupts.
This replaces a separate lslsi[] array with a byte in the ICSIRQState
struct and defines "LSI" and "MSI" flags. Neither of these flags set
signals that the descriptor is not allocated and not in use.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
At the moment spapr_rtas_register() allocates a new token number for every
new RTAS callback so numbers are not fixed and depend on the number of
supported RTAS handlers and the exact order of spapr_rtas_register() calls.
These tokens are copied into the device tree and remain the same during
the guest lifetime.
When we start another guest to receive a migration, it calls
spapr_rtas_register() as well. If the number of RTAS handlers or their
order is different in QEMU on source and destination sides, the "/rtas"
node in the device tree will differ. Since migration overwrites the device
tree (as it overwrites the entire RAM), the actual RTAS config on
the destination side gets broken.
This defines global contant values for every RTAS token which QEMU
is using today.
This changes spapr_rtas_register() to accept a token number instead of
allocating one. This changes all users of spapr_rtas_register().
This changes XICS-KVM not to cache tokens registered with KVM as they
constant now.
This makes TOKEN_BASE global as RTAS_XXX use TOKEN_BASE as
a base. TOKEN_MAX is moved and renamed too and its value is changed
to the last token + 1. Boundary checks for token values are adjusted.
This reserves token numbers for "os-term" handlers and PCI hotplug
which we are working on.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
The returned reset value was wrong (off by one zero nibble), and
qemu didn't log unimplemented writes to the PRIGROUP field.
Signed-off-by: Oran Avraham <oranav@gmail.com>
Message-id: 1403010447-4627-1-git-send-email-oranav@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
When we trigger a system reset, the in-kernel openpic controller should also
get reset. This happens through a write to the GCR.RESET register which is
the same mechanism a guest would use to manually reset the device.
Signed-off-by: Alexander Graf <agraf@suse.de>
The openpic emulation code maintains an allowable-CPU's bitmap
("destmask") for each IRQ source which is calculated from the IDR
register value whenever the guest OS writes to it. However, if the
guest OS relies on the system to set the IDR register to a default
value at reset, and does not write IDR, then destmask does not get
updated, and interrupts do not get propagated to the guest.
Additionally, if an IRQ source is marked as critical, the source's
internal "output" and "nomask" fields are not correctly reset when the
PIC is reset.
Fix both these issues by calling write_IRQreg_idr from within
openpic_reset, instead of simply setting the IDR register to the
specified idr_reset value.
Signed-off-by: Paul Janzen <pcj@pauljanzen.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch moves the definition of openpic_reset after the various
register read/write functions. No functional change. It is in
preparation for using the register read/write functions in
openpic_reset.
Signed-off-by: Paul Janzen <pcj@pauljanzen.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
After previous Peter patch, they are redundant. This way we don't
assign them except when needed. Once there, there were lots of case
where the ".fields" indentation was wrong:
.fields = (VMStateField []) {
and
.fields = (VMStateField []) {
Change all the combinations to:
.fields = (VMStateField[]){
The biggest problem (appart from aesthetics) was that checkpatch complained
when we copy&pasted the code from one place to another.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Acked-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
After previous Peter patch, they are redundant. This way we don't
assign them except when needed. Once there, there were lots of case
where the ".fields" indentation was wrong:
.fields = (VMStateField []) {
and
.fields = (VMStateField []) {
Change all the combinations to:
.fields = (VMStateField[]){
The biggest problem (appart from aesthetics) was that checkpatch complained
when we copy&pasted the code from one place to another.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Acked-by: Alexey Kardashevskiy <aik@ozlabs.ru>
The IRQ_testbit() function is never used; remove it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Try to inject floating interrupts via the flic if it is available.
This allows us to inject the full range of floating interrupts.
Reviewed-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
If we run with an old kernel that does not support KVM_CAP_IRQ_ROUTING,
we don't have to do anything in the ->register_io_adapter and
->io_adapter_map callbacks and therefore should return 0 instead of
-ENOSYS (just as the non-kvm flic does).
This fixes using adapter interrupts when running under an older kernel,
which broke with "s390x: add I/O adapter registration".
Reported-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
SysBusDevice::init is depracated. Convert to Object::init
as prescribed by QOM conventions.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Make use of the new s390 adapter irq routing support to enable real
in-kernel irqfds for virtio-ccw with adapter interrupts.
Note that s390 doesn't provide the common KVM_CAP_IRQCHIP capability, but
rather needs KVM_CAP_S390_IRQCHIP to be enabled. This is to ensure backward
compatibility.
Reviewed-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Register an I/O adapter interrupt source for when virtio-ccw devices start
using adapter interrupts.
Reviewed-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Introduce a common parent class for both cases, where kvm and non-kvm
can hook up callbacks. This will be used by follow-on patches for
adapter registration and mapping.
We now always have a flic, regardless of whether we use kvm; the
non-kvm implementation just doesn't do anything.
Reviewed-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABCAAGBQJTdBkpAAoJEPSH7xhYctcj5jAQAJKiJ/43TBk0S0wlpoPjw1yA
WSC/oJ2yvf+i6EndJPdnxIA/3K3s7suRFBJVYwLVnGJTUZ6gwGcI7cc/EX/iK0vf
1Ffv/RAuh3nkohFw1ZMLQGqACFskSer0K1wZgQg+YjiJRPzzpVOpaAVm3+c04LRN
AjO9LTqudi2pFaDHfGQMFES3j/5+h2srdad7YLMu4h/17SLtcowO7Yf7GT+GHRyD
c3OHcL6vNoCKkIJQULC8X5czh6zapQZG3SRZ/nLt58yjEyVuq4L2cNRA/614K+5b
1YLz4dX6slj8y17tg8On60emU0Sdu4mOws9HtYSytfmEu045iuF+Wr4kNjO74UGd
NnnjD1pdnuF7356pz87PiVBf7qer5yrv+Bog1KRUwn3ETFqpSOMiKJo0JAGBMKdN
w6Mbkg9C7IR62OfmM5157Mj2Xd681GImNiYzerBMfuFAWk5XsMxuz9Xh03I7WpzS
ASow6SCBIr7bsiKENV7twuz1mIQclsYWXaVt8ldH8bMsTCqiefVeDs4o6A3Na+WC
LztUHzlhVLZU92uJDiIsyQnwmsw032RjhKY9sV/NMa5HLAhF/zZLcn1OfXshrv8t
mVnWngGbY185kml0GmLu9TSnSCBSD8lcwZlRA9JVyxfusxElJUOrQzKzvu69Rn6U
XBWPBwppnDQ0MjOgSZD+
=gg8m
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20140515' into staging
migration/next for 20140515
# gpg: Signature made Thu 15 May 2014 02:32:25 BST using RSA key ID 5872D723
# gpg: Can't check signature: public key not found
* remotes/juanquintela/tags/migration/20140515:
usb: fix up post load checks
migration: show average throughput when migration finishes
savevm: Remove all the unneeded version_minimum_id_old (rest)
savevm: Remove all the unneeded version_minimum_id_old (usb)
Split ram_save_block
arch_init: Simplify code for load_xbzrle()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
After previous Peter patch, they are redundant. This way we don't
assign them except when needed. Once there, there were lots of case
where the ".fields" indentation was wrong:
.fields = (VMStateField []) {
and
.fields = (VMStateField []) {
Change all the combinations to:
.fields = (VMStateField[]){
The biggest problem (appart from aesthetics) was that checkpatch complained
when we copy&pasted the code from one place to another.
Signed-off-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Add missing 'break' after handling of AW_A10_PIC_BASE_ADDR write.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
After commit 767adce2d, they are redundant. This way we don't assign them
except when needed. Once there, there were lots of cases where the ".fields"
indentation was wrong:
.fields = (VMStateField []) {
and
.fields = (VMStateField []) {
Change all the combinations to:
.fields = (VMStateField[]){
The biggest problem (apart from aesthetics) was that checkpatch complained
when we copy&pasted the code from one place to another.
Signed-off-by: Juan Quintela <quintela@redhat.com>
[PMM: fixed minor conflict, corrected commit message typos]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
SIPI interrupts are ignored on the bootstrap. Never accept one.
Cc: Andreas Faerber <afaerber@suse.de>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The MER register only has two valid bits. This is now used by
the linux kernel to auto-detect endianness, and causes Linux 3.15-rc1
and later to hang when run under qemu-microblaze. Mask valid bits before
writing the register to solve the problem.
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
[Edgar: Untabified]
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
MAINTAINERS updated with link to the security process documentation
apic version modified to make more guests happy
On top of that, bugfixes all over the place
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJTalwhAAoJECgfDbjSjVRpyqcIAKniYsCcKiUjIpTjo4hSHkNN
zBfMlnqyFNMB8e6rQ7yqt8WCp/fzzsiqjYF07Ycmcmfnbfh907C90Ei37CWQpObv
GlY41Qx4qUJxYbrqXJCcmOoR+UmAhrIzlr4TLs4DuasLglXGaPla0PcQgzYCNxsk
m6f2FvyazAkr4FpT+y67YceHM6xlBoPOI2wLPcSPXWN775xZdfA/w/oFcTRdKlny
V9Eo2WTKtQXrz5rPg9U+jLJhKn1e67DHt2CoQqvQtMg2BUSX7YmLdzF3N5I4eiwt
DYPf4YO/LIJnkKpKVWFLrYWwccXDacSvqIDQOuCU0nydlHnXviGRcUIWh15x0a8=
=vbBe
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pc,net,MAINTAINERS,build updates
MAINTAINERS updated with link to the security process documentation
apic version modified to make more guests happy
On top of that, bugfixes all over the place
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Wed 07 May 2014 17:15:29 BST using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
* remotes/mst/tags/for_upstream:
configure: make source tree build more robust
MAINTAINERS: addresses for responsible disclosure
pm_smbus: correctly report unclaimed cycles
smbus: return -1 if nothing found at the given address
smbus: allow returning an error from reads
apic: use emulated lapic version 0x14 on pc machines >= 2.1
pc: add compat_props placeholder for 2.0 machine type
i8259: don't abort when trying to use level sensitive irqs
acpi: fix tables for no-hpet configuration
acpi-build: properly decrement objects' reference counters
acpi/pcihp.c: Rewrite acpi_pcihp_get_bsel using object_property_get_int
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add "version" property to local apic, and have it default to
0x14 for pc machines starting at 2.1. For compatibility with
previous releases, pc machines up to 2.0 will have their local
apic version set to 0x11.
Signed-off-by: Gabriel L. Somlo <somlo@cmu.edu>
Acked-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
This is a guest-triggerable error, as seen when using Xenix 2.3.4.
Replace hw_error by LOG_UNIMPL, so that guests can continue.
With this patch, I can install and use Xenix 2.3.4a without any problem.
I can also start installation of Xenix 2.3.4q, but it fails due to not
finding an hard disk.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABCAAGBQJTZ/QsAAoJEPSH7xhYctcjJ4wP/31lNMpPLxdRpxpUoTPK39L0
zEoBTUH5dzG2FG34p8/znNH0Lbmc3GALqP9UzyM0sL3QU0EDwqAP0idLJ/8zHrYN
ZNJnNH6wexlpEypAsyQiayAFYAq6bc3hYtnEurN56dQgPVgb6jCicuOAt26JafLg
xuGIuencgaEFZaIb8iobxloqDX9raoq0+JfnoV8r02+ES+PG+HHfZsAlbDiWpj/Z
o06WBq9Xvf8X/zvuGHb9PCLGK36+kxPJ2G2531TJGZ6BjjewDExF2xlQH+PQ8pQB
d2OKCP0In66JfyLu6JBz21APrks7DJxsuenvoqPhxhtlIcBSm+grZElNLbccDMLQ
3fteWOCcri5WSwKNAkZ138D5SzIArZFBlqD9qW0GQsiaj3tCxfy162JAmzRPa94i
R5OJCTDclwjCH6JvRsOs8NrQyYcXHcEl2rfeymfr68YOH5XBMeRPhcR91tVr03ow
ZVgvwC/TJHntKnW+qtGIOa9Wfq4KghjddD37ayPAqKM/GQ0TV2sAPEr2htDaBZ0l
5O/YGsAZPKax72OnMR2ObqoIMokympeanQLxG3Q8VKQSU2c+aU3rGVQrG1juiVYw
NiC/nzarFzFWU8UYToXIu2QBDTde2vuRLX/myzL7L4OLavOcv8EXZBp60DP/bktE
Pd+jdeLMh9kWu1tFrE8F
=VoYL
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20140505' into staging
migration/next for 20140505
# gpg: Signature made Mon 05 May 2014 21:27:24 BST using RSA key ID 5872D723
# gpg: Can't check signature: public key not found
* remotes/juanquintela/tags/migration/20140505: (36 commits)
migration: expose xbzrle cache miss rate
migration: expose the bitmap_sync_count to the end
migration: Add counts of updating the dirty bitmap
XBZRLE: Fix one XBZRLE corruption issues
migration: remove duplicate code
Coverity: Fix failure path for qemu_accept in migration
Init the XBZRLE.lock in ram_mig_init
Provide init function for ram migration
Count used RAMBlock pages for migration_dirty_pages
Make qemu_peek_buffer loop until it gets it's data
Disallow outward migration while awaiting incoming migration
virtio: validate config_len on load
virtio-net: out-of-bounds buffer write on load
openpic: avoid buffer overrun on incoming migration
ssi-sd: fix buffer overrun on invalid state load
savevm: Ignore minimum_version_id_old if there is no load_state_old
usb: sanity check setup_index+setup_len in post_load
vmstate: s/VMSTATE_INT32_LE/VMSTATE_INT32_POSITIVE_LE/
virtio-scsi: fix buffer overrun on invalid state load
zaurus: fix buffer overrun on invalid state load
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
CVE-2013-4534
opp->nb_cpus is read from the wire and used to determine how many
IRQDest elements to read into opp->dst[]. If the value exceeds the
length of opp->dst[], MAX_CPU, opp->dst[] can be overrun with arbitrary
data from the wire.
Fix this by failing migration if the value read from the wire exceeds
MAX_CPU.
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Using error_is_set(ERRP) to find out whether a function failed is
either wrong, fragile, or unnecessarily opaque. It's wrong when ERRP
may be null, because errors go undetected when it is. It's fragile
when proving ERRP non-null involves a non-local argument. Else, it's
unnecessarily opaque (see commit 84d18f0).
I guess the error_is_set(errp) in the DeviceClass realize() methods
are merely fragile right now, because I can't find a call chain that
passes a null errp argument.
Make the code more robust and more obviously correct: receive the
error in a local variable, then propagate it through the parameter.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
* implement XScale cache lockdown cp15 ops
* fix v7M CPUID base register
* implement WFE and YIELD as yields for A64
* fix A64 "BLR LR"
* support Cortex-A57 in virt machine model
* a few other minor AArch64 bugfixes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCAAGBQJTYl1JAAoJEDwlJe0UNgzeAZUP/1OP9OWKdNcBmfyc+rrpCzOn
49m6FSYOw2jtUf1YYItr38tDIq0rFCLB3DYPUD7hWtll8tFUyE4TD3XsTr0nJ7Jq
io12W8Gfuua6K57xmLMaLyrP8hu0gHtnZFEgi9vVz+ASXtqw6SUpFuOr7TFjfP2U
qZfELHoWFCek7OnqaR+wn5qKRr+zqEAYr7FlnR2dT3GKT72JEuDGQUZlk2m5oOBb
mChrc+SvQBJUXTk+HPNrXdA8i+FOmIfmNXN1lHaGatBjLQoGULb2TEBZU4Zvyg1z
74vermgX9EaqZ7lFI4+gQT4+4wclnX4xP2K/+2b2iBZziLUFhc7Odp0jHw1gh5lY
/zADi3+FuB7JJEQztjwD0Q30vZSqIu2PH6wvH3Axnl9va3tYHHGtj267X3MN+KIy
KJqQS+0KG/UNzOCkY3bgjXIsmDhWJAZAa0HhL5eze7kznH17iGkej0GT1xVHWf54
9GZydWgtaXaLk/ob9Js/3gLcQ7yEFZBtaVsRHBavrurSeTCV4MS00Xcn+YhTSpRS
h6i37hDWpH8GyeqjVmbUaHY+Zxgy01QGXgvP5KwX6g+ulhYGIO+taqTJ+6EWoCSS
aTNHsCwYQy1pMm3YtjQd1UC8WQJAKpfDFT8imxjXnU5QGSnqlgYDVSgUlyg4iSY2
s0KRAvT26KV0HJ4FqaZ0
=F2C9
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140501' into staging
target-arm queue:
* implement XScale cache lockdown cp15 ops
* fix v7M CPUID base register
* implement WFE and YIELD as yields for A64
* fix A64 "BLR LR"
* support Cortex-A57 in virt machine model
* a few other minor AArch64 bugfixes
# gpg: Signature made Thu 01 May 2014 15:42:17 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-20140501:
hw/arm/virt: Add support for Cortex-A57
hw/arm/virt: Put GIC register banks on 64K boundaries
hw/arm/virt: Create the GIC ourselves rather than (ab)using a15mpcore_priv
target-arm: Correct a comment refering to EL0
target-arm: A64: Fix a typo when declaring TLBI ops
target-arm: A64: Handle blr lr
target-arm: Make vbar_write 64bit friendly on 32bit hosts
target-arm: implement WFE/YIELD as a yield for AArch64
armv7m_nvic: fix CPUID Base Register
target-arm: Implement XScale cache lockdown operations as NOPs
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
cp15.c0_cpuid is never initialized for ARMv7-M; take the value directly
from cpu->midr instead.
Signed-off-by: Rabin Vincent <rabin@rab.in>
Message-id: 1398036308-32166-1-git-send-email-rabin@rab.in
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Convert existing users of KVM_ENABLE_CAP to new helper.
Reviewed-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
These functions don't need type casts (as does cpu_physical_memory_rw)
and also make the code better readable.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The pending register is read-only and the value returned upon a read
reflects the state of irq input pins (interrupts are level triggered).
This patch implements such behaviour.
Signed-off-by: Beniamino Galvani <b.galvani@gmail.com>
Reviewed-by: Li Guang <lig.fnst@cn.fujitsu.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1395771730-16882-3-git-send-email-b.galvani@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This patch implements proper updating of the vector register which
should hold, according to the A10 user manual, the vector address for
the interrupt currently active on the CPU IRQ input.
Interrupt priority is not implemented at the moment and thus the first
pending interrupt is returned.
Signed-off-by: Beniamino Galvani <b.galvani@gmail.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Li Guang <lig.fnst@cn.fujitsu.com>
Message-id: 1395771730-16882-2-git-send-email-b.galvani@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit 6f1834a2b exposed a bug in openpic_kvm where we don't filter
for memory events that only happen to the region we want to know
events about.
Add proper filtering, fixing the e500plat target with KVM.
Signed-off-by: Alexander Graf <agraf@suse.de>
Message-id: 1396431718-14908-1-git-send-email-agraf@suse.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
SystemTap sdt.h sometimes results in compiled probes without sufficient
information to extract arguments. This can be solved in a slightly
hacky way by encouraging the compiler to place arguments into registers.
This patch fixes the apic_reset_irq_delivered() trace event on Fedora 20
with gcc-4.8.2-7.fc20 and systemtap-sdt-devel-2.4-2.fc20 on x86_64.
Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Avoid undefined behaviour shifting left into the sign bit.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Add U suffix to avoid undefined behaviour. This is only strictly
necessary for the 1 << 31 cases; for consistency we extend it
to other constants in the same group.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Use unsigned arithmetic for operations on the mask word
in the foreach_apic() macro, to avoid relying on undefined
behaviour when shifting into the sign bit.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Codespell found and fixed these new typos:
* doesnt -> doesn't
* funtion -> function
* perfomance -> performance
* remaing -> remaining
A coding style issue (line too long) was fixed manually.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Currently interrupt priorities are set to 0 (highest) at the very
beginning of the guest execution which is not correct and makes the guest
produce random interrupt error messages such as:
"Interrupt 0x1001 (real) is invalid, disabling it".
This also prevents interrupt states from correct migration.
This initializes priority to 0xFF as the emulated XICS does.
Suggested-by: Paul Mackerras <paulus@samba.org>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Both QEMU and KVM have already accumulated a significant number of
optimizations based on the hard-coded assumption that ioapic polarity
will always use the ActiveHigh convention, where the logical and
physical states of level-triggered irq lines always match (i.e.,
active(asserted) == high == 1, inactive == low == 0). QEMU guests
are expected to follow directions given via ACPI and configure the
ioapic with polarity 0 (ActiveHigh). However, even when misbehaving
guests (e.g. OS X <= 10.9) set the ioapic polarity to 1 (ActiveLow),
QEMU will still use the ActiveHigh signaling convention when
interfacing with the emulated ioapic.
This patch modifies the emulated ioapic to completely ignore polarity
as set by the guest OS, enabling misbehaving guests to work alongside
those which comply with the ActiveHigh polarity specified by QEMU's
ACPI tables.
Signed-off-by: Gabriel L. Somlo <somlo@cmu.edu>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
This makes use of @cpu_dt_id and related API in:
1. emulated XICS hypercall handlers as they receive fixed CPU indexes;
2. XICS-KVM to enable in-kernel XICS on right CPU;
3. device-tree renderer.
This removes @cpu_index fixup as @cpu_dt_id is used instead so QEMU monitor
can accept command-line CPU indexes again.
This changes kvm_arch_vcpu_id() to use ppc_get_vcpu_dt_id() as at the moment
KVM CPU id and device tree ID are calculated using the same algorithm.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Acked-by: Mike Day <ncmike@ncultra.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
- sclp event facility: cleanup structure. This allows to use
realize/unrealize as well as migration support via vmsd
- reboot: Two fixes that make reboot much more reliable
- ipl: make elf loading more robust
- flic interrupt controller: This allows to migrate floating
interrupts, as well as clear them on reset etc.
- enable async_pf feature of KVM on s390
- several sclp fixes and cleanups
- several sigp fixes and cleanups
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABAgAGBQJTDwZVAAoJEBF7vIC1phx8lx4P/Rv+UVD9XDFFF8yHuye1am40
NpRGjdarQ/9QUkS4gqyKwYUvIjAClk5id7U2d5zrfdc8XC49AH0ZhVFMdRupaOon
AUqXjOXD5zAh9bfUcewg1EK1P1VuKcp0hyh0jFlIqk9Xmidw8N5guQ6iBoTqGJD5
UYTp0PuSqIjY1RCuF4fCTCurzRd1+J2oKcQBip7BSWlVuWZlg2/hPxoIraLezlz2
huwOU9tkSGXwSRv4C6fCcukEwlqnvkE6W0MCrHrcb2T8xYwAR2Jjs0TsscbKxb+t
lIjZRiCxBrFwOLUqGN8DMYtZPffR+cigZ5bYb4o3PPJ0DQL4vLQVd8SPMPrdJhbb
M7UOaeTclSTQuzmM/Uuc1pmrFc8PDq0dg50dT3weH2bW8aSgyqutYGpmUcm1Q6kq
JLFuyswOBr1vS9o0TlBunP4+TqJJrnGvtIQ4EbRZm7zP78mBaIIrUcAZlbgOI+XI
cSjtFXkBOCz0j28J9GSHrsWMC7RQ179TGdcH/FjDpu0dNDOxH7eH5gZPQoQDAqwC
SjstqJdIFnd0qxOB1EqcgMUxbSqQYq3hoGvJ644ZrMA3T5trBn0fSw3J9ZU/qAK7
EvOKRacMfcacIj4l0aEQgpwqVmktwIYnkfetX/QAKw/4AImJz/R9GRkmYgjCfOH8
/CUfXM71zWLEdv1o5uJ5
=toIt
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/borntraeger/tags/kvm-s390-20140227' into staging
Several features, fixes and cleanups for kvm/s390:
- sclp event facility: cleanup structure. This allows to use
realize/unrealize as well as migration support via vmsd
- reboot: Two fixes that make reboot much more reliable
- ipl: make elf loading more robust
- flic interrupt controller: This allows to migrate floating
interrupts, as well as clear them on reset etc.
- enable async_pf feature of KVM on s390
- several sclp fixes and cleanups
- several sigp fixes and cleanups
* remotes/borntraeger/tags/kvm-s390-20140227: (22 commits)
s390x/ipl: Fix crash of ELF images with arbitrary entry points
s390x/kvm: Rework priv instruction handlers
s390x/kvm: Add missing SIGP CPU RESET order
s390x/kvm: Rework SIGP INITIAL CPU RESET handler
s390x/cpu: Use ioctl to reset state in the kernel
s390-ccw.img: new binary rom to match latest fixes
s390-ccw.img: Fix sporadic errors with ccw boot image - initialize css
s390-ccw.img: Fix sporadic reboot hangs: Initialize next_idx
s390x/event-facility: exploit realize/unrealize
s390x/event-facility: add support for live migration
s390x/event-facility: code restructure
s390x/event-facility: some renaming
s390x/sclp: Fixed setting of condition code register
s390x/sclp: Add missing checks to SCLP handler
s390x/sclp: Fixed the size of sccb and code parameter
s390x/eventfacility: mask out commands
s390x/virtio-hcall: Specification exception for illegal subcodes
s390x/virtio-hcall: Add range check for hypervisor call
s390x/kvm: Fixed bad SIGP SET-ARCHITECTURE handler
s390x/async_pf: Check for apf extension and enable pfault
...
Conflicts:
linux-headers/linux/kvm.h
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
S390 can also use async page faults, to enhance guest scheduling.
In case of live migration we want to disable the feature and let
all pending request finish.
Signed-off-by: Dominik Dingel <dingel@linux.vnet.ibm.com>
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
This patch implements a floating-interrupt controller device (flic)
which interacts with the s390 flic kvm_device.
Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Save and restore the ARM KVM VGIC state from the kernel. We rely on
QEMU to marshal the GICState data structure and therefore simply
synchronize the kernel state with the QEMU emulated state in both
directions.
We take some care on the restore path to check the VGIC has been
configured with enough IRQs and CPU interfaces that we can properly
restore the state, and for separate set/clear registers we first fully
clear the registers and then set the required bits.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1392687921-26921-1-git-send-email-christoffer.dall@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Support creating the ARM vgic device through the device control API and
setting the base address for the distributor and cpu interfaces in KVM
VMs using this API.
Because the older KVM_CREATE_IRQCHIP interface needs the irq chip to be
created prior to creating the VCPUs, we first test if we can use the
device control API in kvm_arch_irqchip_create (using the test flag from
the device control API). If we cannot, it means we have to fall back to
KVM_CREATE_IRQCHIP and use the older ioctl at this point in time. If
however, we can use the device control API, we don't do anything and
wait until the arm_gic_kvm driver initializes and let that use the
device control API.
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1392687720-26806-5-git-send-email-christoffer.dall@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The GIC_SET_LEVEL macro unfortunately overwrote the entire level
bitmask instead of just or'ing on the necessary bits, causing active
level PPIs on a core to clear PPIs on other cores.
Cc: qemu-stable@nongnu.org
Reported-by: Rob Herring <rob.herring@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1393031030-8692-1-git-send-email-christoffer.dall@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The Exynos4210 combiner has IIC_NIRQ inputs and IIC_NGRP outputs;
use the correct constant in the loop initializing our output
sysbus IRQs so that we don't overrun the output_irq[] array.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1392659611-8439-1-git-send-email-peter.maydell@linaro.org
Reviewed-by: Andreas Färber <afaerber@suse.de>
Cc: qemu-stable@nongnu.org
