[Qemu-devel] [PATCH RFC v4 0/5] QEMU ATAPI-SCSI bridge GSoC project
This is my QEMU Google Summer of Code project. Here I introduce new device - ATAPI-SCSI bridge. Its purpose is to unify IDE ATAPI CD-ROM emulation with SCSI CD-ROM emulation to reduce code duplication and squash bugs. It's purpose is simple - it just forwards ATAPI commands to SCSI side for parsing and execution. Example of using: qemu-system-x86_64 \ -drive if=none,file=filename,id=cdrom \ -drive if=none,id=fake \ -device ide-bridge,id=bridge,drive=fake \ -device scsi-cd,drive=cdrom,bus=bridge.0 \ -hda diskimage \ -m 1024 Alexander Bezzubikov (5): ide: ATAPI-SCSI bridge TypeInfo and init function created scsi: SCSIDiskReq declaration moved to header ide: necessary checks corrected to treat ATAPI-SCSI bridge as CDROM ATAPI-SCSI bridge functions created an can be used by bridge ide: ATAPI-SCSI bridge transfer is treated as PIO hw/ide/Makefile.objs | 2 +- hw/ide/atapi.c | 20 - hw/ide/bridge.c| 114 + hw/ide/bridge.h| 10 + hw/ide/core.c | 28 +++- hw/ide/internal.h | 6 ++- hw/ide/qdev.c | 43 ++- hw/scsi/scsi-disk.c| 55 ++-- include/hw/scsi/scsi.h | 16 +++ 9 files changed, 267 insertions(+), 27 deletions(-) create mode 100644 hw/ide/bridge.c create mode 100644 hw/ide/bridge.h -- 2.1.4
Re: [Qemu-devel] [PATCH v14 0/8] i.MX: Add i.MX25 support through the PDK evaluation board
OK, take your time. JC Le 19/08/2015 14:25, Peter Maydell a écrit : On 19 August 2015 at 07:43, Jean-Christophe DUBOIS j...@tribudubois.net wrote: Hi Peter, Do you expect more work on this series? It's in my to-review queue, but I'm at a conference this week so may not be able to get to it before next week. thanks -- PMM
Re: [Qemu-devel] [PATCH v14 0/8] i.MX: Add i.MX25 support through the PDK evaluation board
On 19 August 2015 at 07:43, Jean-Christophe DUBOIS j...@tribudubois.net wrote: Hi Peter, Do you expect more work on this series? It's in my to-review queue, but I'm at a conference this week so may not be able to get to it before next week. thanks -- PMM
[Qemu-devel] [PATCH 1/2] cpu_arm: Rename 'nvic' to 'irqchip'
This name seems to be more appropriate because ARMv8 also needs a link
with GICv3 for its CPU interface.
Signed-off-by: Pavel Fedin p.fe...@samsung.com
---
hw/arm/armv7m.c | 2 +-
target-arm/cpu.h| 5 -
target-arm/helper.c | 12 ++--
3 files changed, 11 insertions(+), 8 deletions(-)
diff --git a/hw/arm/armv7m.c b/hw/arm/armv7m.c
index c6eab6d..19742b7 100644
--- a/hw/arm/armv7m.c
+++ b/hw/arm/armv7m.c
@@ -194,7 +194,7 @@ qemu_irq *armv7m_init(MemoryRegion *system_memory, int
mem_size, int num_irq,
nvic = qdev_create(NULL, armv7m_nvic);
qdev_prop_set_uint32(nvic, num-irq, num_irq);
-env-nvic = nvic;
+env-irqchip = nvic;
qdev_init_nofail(nvic);
sysbus_connect_irq(SYS_BUS_DEVICE(nvic), 0,
qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ));
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 2e680da..7021b87 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -496,7 +496,10 @@ typedef struct CPUARMState {
uint32_t *dracr;
} pmsav7;
-void *nvic;
+/* Some CPUs have an internal link to their interrupt controller.
+ * Examples are ARMv7m (NVIC) and ARMv8 (GICv3 CPU interface)
+ */
+DeviceState *irqchip;
const struct arm_boot_info *boot_info;
} CPUARMState;
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 1568aa6..104ac4b 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -4785,7 +4785,7 @@ static void do_v7m_exception_exit(CPUARMState *env)
type = env-regs[15];
if (env-v7m.exception != 0)
-armv7m_nvic_complete_irq(env-nvic, env-v7m.exception);
+armv7m_nvic_complete_irq(env-irqchip, env-v7m.exception);
/* Switch to the target stack. */
switch_v7m_sp(env, (type 4) != 0);
@@ -4841,18 +4841,18 @@ void arm_v7m_cpu_do_interrupt(CPUState *cs)
one we're raising. */
switch (cs-exception_index) {
case EXCP_UDEF:
-armv7m_nvic_set_pending(env-nvic, ARMV7M_EXCP_USAGE);
+armv7m_nvic_set_pending(env-irqchip, ARMV7M_EXCP_USAGE);
return;
case EXCP_SWI:
/* The PC already points to the next instruction. */
-armv7m_nvic_set_pending(env-nvic, ARMV7M_EXCP_SVC);
+armv7m_nvic_set_pending(env-irqchip, ARMV7M_EXCP_SVC);
return;
case EXCP_PREFETCH_ABORT:
case EXCP_DATA_ABORT:
/* TODO: if we implemented the MPU registers, this is where we
* should set the MMFAR, etc from exception.fsr and exception.vaddress.
*/
-armv7m_nvic_set_pending(env-nvic, ARMV7M_EXCP_MEM);
+armv7m_nvic_set_pending(env-irqchip, ARMV7M_EXCP_MEM);
return;
case EXCP_BKPT:
if (semihosting_enabled()) {
@@ -4865,10 +4865,10 @@ void arm_v7m_cpu_do_interrupt(CPUState *cs)
return;
}
}
-armv7m_nvic_set_pending(env-nvic, ARMV7M_EXCP_DEBUG);
+armv7m_nvic_set_pending(env-irqchip, ARMV7M_EXCP_DEBUG);
return;
case EXCP_IRQ:
-env-v7m.exception = armv7m_nvic_acknowledge_irq(env-nvic);
+env-v7m.exception = armv7m_nvic_acknowledge_irq(env-irqchip);
break;
case EXCP_EXCEPTION_EXIT:
do_v7m_exception_exit(env);
--
1.9.5.msysgit.0
[Qemu-devel] [PATCH RFC v4 5/5] ide: ATAPI-SCSI bridge transfer is treated as PIO
This patch is necessary because ATAPI-SCSI bridge transfer uses
ide_transfer_start/stop and ide_data_read function check if
PIO transfer is running, so bridge function should be added
to this check
Signed-off-by: Alexander Bezzubikov abezzubi...@ispras.ru
---
hw/ide/core.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/hw/ide/core.c b/hw/ide/core.c
index 96824ab..4988db6 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -34,6 +34,7 @@
#include sysemu/block-backend.h
#include hw/ide/internal.h
+#include hw/ide/bridge.h
/* These values were based on a Seagate ST3500418AS but have been modified
to make more sense in QEMU */
@@ -2002,7 +2003,8 @@ static bool ide_is_pio_out(IDEState *s)
} else if (s-end_transfer_func == ide_sector_read ||
s-end_transfer_func == ide_transfer_stop ||
s-end_transfer_func == ide_atapi_cmd_reply_end ||
- s-end_transfer_func == ide_dummy_transfer_stop) {
+ s-end_transfer_func == ide_dummy_transfer_stop ||
+ s-end_transfer_func == ide_bridge_do_transfer) {
return true;
}
--
2.1.4
Re: [Qemu-devel] [PATCH] virtio-mmio: Kill code duplication
On 19 August 2015 at 12:23, Pavel Fedin p.fe...@samsung.com wrote: Extract common code for virtio-mmio creation and FDT node addition and put it into reusable functions. Use new functions in vexpress and virt machines. Signed-off-by: Pavel Fedin p.fe...@samsung.com --- hw/arm/sysbus-fdt.c | 51 +++ hw/arm/vexpress.c | 55 - hw/arm/virt-acpi-build.c| 13 hw/arm/virt.c | 68 + hw/virtio/virtio-mmio.c | 41 - include/hw/arm/sysbus-fdt.h | 16 ++ include/hw/virtio/virtio-mmio.h | 38 +++ 7 files changed, 165 insertions(+), 117 deletions(-) Why bother? This is adding more code than it deletes, and is implicitly tying together details of how the these two boards are laid out -- there's no inherent reason that they have to be the same. -- PMM
[Qemu-devel] [PATCH RFC v4 4/5] ATAPI-SCSI bridge functions created an can be used by bridge
ide: bridge functions created
ide: Makefile corrected due to bridge creation
scsi: added function to enable bridge send SCSI requests
ide: bridge can now forward requests to SCSI
ide: bridge functions assigned to SCSIBusInfo
Signed-off-by: Alexander Bezzubikov abezzubi...@ispras.ru
---
hw/ide/Makefile.objs | 2 +-
hw/ide/atapi.c | 16 +++
hw/ide/bridge.c| 114 +
hw/ide/bridge.h| 1 +
hw/ide/internal.h | 2 +
hw/ide/qdev.c | 4 +-
hw/scsi/scsi-disk.c| 43 +++
include/hw/scsi/scsi.h | 3 ++
8 files changed, 182 insertions(+), 3 deletions(-)
create mode 100644 hw/ide/bridge.c
diff --git a/hw/ide/Makefile.objs b/hw/ide/Makefile.objs
index 729e9bd..f54f275 100644
--- a/hw/ide/Makefile.objs
+++ b/hw/ide/Makefile.objs
@@ -1,4 +1,4 @@
-common-obj-$(CONFIG_IDE_CORE) += core.o atapi.o
+common-obj-$(CONFIG_IDE_CORE) += core.o atapi.o bridge.o
common-obj-$(CONFIG_IDE_QDEV) += qdev.o
common-obj-$(CONFIG_IDE_PCI) += pci.o
common-obj-$(CONFIG_IDE_ISA) += isa.o
diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
index f6135e1..1233fbe 100644
--- a/hw/ide/atapi.c
+++ b/hw/ide/atapi.c
@@ -1253,6 +1253,22 @@ void ide_atapi_cmd(IDEState *s)
return;
}
+if (s-drive_kind == IDE_BRIDGE) {
+IDEDevice *dev = s-bus-master;
+SCSIDevice *scsi_dev = scsi_device_find(dev-scsi_bus, 0, 0, 0);
+s-scsi_req = scsi_new_request_from_bridge(scsi_dev, 0, 0, buf, NULL);
+
+/* Necessary to prevent ide from reading while data isn't ready */
+if (buf[0] == READ_10) {
+s-status |= BUSY_STAT;
+}
+
+if (scsi_req_enqueue(s-scsi_req)) {
+scsi_req_continue(s-scsi_req);
+}
+return;
+}
+
/* Execute the command */
if (atapi_cmd_table[s-io_buffer[0]].handler) {
atapi_cmd_table[s-io_buffer[0]].handler(s, buf);
diff --git a/hw/ide/bridge.c b/hw/ide/bridge.c
new file mode 100644
index 000..324e02e
--- /dev/null
+++ b/hw/ide/bridge.c
@@ -0,0 +1,114 @@
+#include hw/ide/bridge.h
+
+void ide_bridge_do_transfer(IDEState *s)
+{
+SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, s-scsi_req);
+
+if (r-buflen 0) {
+int size = r-buflen;
+
+int byte_count_limit = s-lcyl | (s-hcyl 8);
+if (byte_count_limit == 0x) {
+byte_count_limit--;
+}
+if (size byte_count_limit) {
+/* byte count limit must be even if this case */
+if (byte_count_limit 1) {
+byte_count_limit--;
+}
+size = byte_count_limit;
+}
+s-lcyl = size;
+s-hcyl = size 8;
+s-nsector = (s-nsector ~7) | ATAPI_INT_REASON_IO;
+
+int offset = (r-buflen == r-qiov.size) ? 0 : r-qiov.size -
r-buflen;
+r-buflen -= size;
+
+ide_transfer_start(s, s-io_buffer + offset, size,
+ ide_bridge_do_transfer);
+ide_set_irq(s-bus);
+} else {
+scsi_req_complete(s-scsi_req, GOOD);
+}
+}
+
+static void ide_bridge_dma_complete(void *opaque, int ret)
+{
+IDEState *s = opaque;
+
+s-io_buffer_size = s-bus-dma-iov.iov_len;
+s-nsector = (s-nsector ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
+s-bus-dma-ops-rw_buf(s-bus-dma, 1);
+scsi_req_complete(s-scsi_req, GOOD);
+
+s-status = READY_STAT | SEEK_STAT;
+
+ide_set_irq(s-bus);
+ide_set_inactive(s, false);
+}
+
+void ide_bridge_start_transfer(SCSIRequest *req, uint32_t len)
+{
+IDEDevice *dev = IDE_DEVICE(req-bus-qbus.parent);
+IDEBus *bus = DO_UPCAST(IDEBus, qbus, dev-qdev.parent_bus);
+IDEState *s = bus-ifs;
+SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
+
+int cmd = req-cmd.buf[0];
+if (cmd == READ_10) {
+if (s-feature 1) {
+s-status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
+qemu_iovec_clone(s-bus-dma-qiov, r-qiov, NULL);
+qemu_iovec_to_buf(r-qiov, 0, s-io_buffer, r-qiov.size);
+} else {
+qemu_iovec_to_buf(r-qiov, 0, s-io_buffer, r-qiov.size);
+}
+} else {
+if (cmd == INQUIRY) {
+len = 36;
+}
+r-iov.iov_len = len;
+qemu_iovec_concat_iov(r-qiov, r-iov, len, 0, len);
+qemu_iovec_to_buf(r-qiov, 0, s-io_buffer, r-qiov.size);
+}
+
+s-io_buffer_index = 0;
+s-status = READY_STAT | SEEK_STAT;
+
+if (cmd != TEST_UNIT_READY cmd != ALLOW_MEDIUM_REMOVAL) {
+if (s-feature 1) {
+s-io_buffer_index = 0;
+s-bus-retry_unit = s-unit;
+s-bus-retry_sector_num = ide_get_sector(s);
+s-bus-retry_nsector = s-nsector;
+
+s-bus-dma-iov.iov_base = (void *)(s-io_buffer);
+s-bus-dma-iov.iov_len = r-qiov.size;
+
+if (cmd != READ_10) {
+s-status = READY_STAT | SEEK_STAT | DRQ_STAT;
+}
+
+
[Qemu-devel] [PATCH RFC v4 2/5] scsi: SCSIDiskReq declaration moved to header
Signed-off-by: Alexander Bezzubikov abezzubi...@ispras.ru
---
hw/scsi/scsi-disk.c| 12
include/hw/scsi/scsi.h | 13 +
2 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
index 64f0694..8626eba 100644
--- a/hw/scsi/scsi-disk.c
+++ b/hw/scsi/scsi-disk.c
@@ -53,18 +53,6 @@ do { printf(scsi-disk: fmt , ## __VA_ARGS__); } while (0)
typedef struct SCSIDiskState SCSIDiskState;
-typedef struct SCSIDiskReq {
-SCSIRequest req;
-/* Both sector and sector_count are in terms of qemu 512 byte blocks. */
-uint64_t sector;
-uint32_t sector_count;
-uint32_t buflen;
-bool started;
-struct iovec iov;
-QEMUIOVector qiov;
-BlockAcctCookie acct;
-} SCSIDiskReq;
-
#define SCSI_DISK_F_REMOVABLE 0
#define SCSI_DISK_F_DPOFUA1
#define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
diff --git a/include/hw/scsi/scsi.h b/include/hw/scsi/scsi.h
index cdaf0f8..e25fd70 100644
--- a/include/hw/scsi/scsi.h
+++ b/include/hw/scsi/scsi.h
@@ -6,6 +6,7 @@
#include hw/block/block.h
#include sysemu/sysemu.h
#include qemu/notify.h
+#include block/accounting.h
#define MAX_SCSI_DEVS 255
@@ -120,6 +121,18 @@ extern const VMStateDescription vmstate_scsi_device;
.offset = vmstate_offset_value(_state, _field, SCSIDevice), \
}
+typedef struct SCSIDiskReq {
+SCSIRequest req;
+/* Both sector and sector_count are in terms of qemu 512 byte blocks. */
+uint64_t sector;
+uint32_t sector_count;
+uint32_t buflen;
+bool started;
+struct iovec iov;
+QEMUIOVector qiov;
+BlockAcctCookie acct;
+} SCSIDiskReq;
+
/* cdrom.c */
int cdrom_read_toc(int nb_sectors, uint8_t *buf, int msf, int start_track);
int cdrom_read_toc_raw(int nb_sectors, uint8_t *buf, int msf, int session_num);
--
2.1.4
[Qemu-devel] [PATCH RFC v4 3/5] ide: necessary checks corrected to treat ATAPI-SCSI bridge as CDROM
hw/ide/qdev.c: corrected to treat bridge as CDROM
hw/ide/core.c: same corrections as in qdev.c
hw/ide/atapi.c: skip some CDROM checks because bridge has only fake drive
Signed-off-by: Alexander Bezzubikov abezzubi...@ispras.ru
---
hw/ide/atapi.c | 4 +++-
hw/ide/core.c | 24 ++--
hw/ide/qdev.c | 2 +-
3 files changed, 18 insertions(+), 12 deletions(-)
diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
index 79dd167..f6135e1 100644
--- a/hw/ide/atapi.c
+++ b/hw/ide/atapi.c
@@ -1230,6 +1230,7 @@ void ide_atapi_cmd(IDEState *s)
* states rely on this behavior.
*/
if (!(atapi_cmd_table[s-io_buffer[0]].flags ALLOW_UA)
+s-drive_kind != IDE_BRIDGE
!s-tray_open blk_is_inserted(s-blk) s-cdrom_changed) {
if (s-cdrom_changed == 1) {
@@ -1245,7 +1246,8 @@ void ide_atapi_cmd(IDEState *s)
/* Report a Not Ready condition if appropriate for the command */
if ((atapi_cmd_table[s-io_buffer[0]].flags CHECK_READY)
-(!media_present(s) || !blk_is_inserted(s-blk)))
+(s-drive_kind != IDE_BRIDGE
+(!media_present(s) || !blk_is_inserted(s-blk
{
ide_atapi_cmd_error(s, NOT_READY, ASC_MEDIUM_NOT_PRESENT);
return;
diff --git a/hw/ide/core.c b/hw/ide/core.c
index 50449ca..96824ab 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -348,7 +348,7 @@ static void ide_set_signature(IDEState *s)
/* put signature */
s-nsector = 1;
s-sector = 1;
-if (s-drive_kind == IDE_CD) {
+if (s-drive_kind == IDE_CD || s-drive_kind == IDE_BRIDGE) {
s-lcyl = 0x14;
s-hcyl = 0xeb;
} else if (s-blk) {
@@ -1144,7 +1144,7 @@ static bool cmd_data_set_management(IDEState *s, uint8_t
cmd)
static bool cmd_identify(IDEState *s, uint8_t cmd)
{
-if (s-blk s-drive_kind != IDE_CD) {
+if (s-blk s-drive_kind != IDE_CD s-drive_kind != IDE_BRIDGE) {
if (s-drive_kind != IDE_CFATA) {
ide_identify(s);
} else {
@@ -1155,7 +1155,7 @@ static bool cmd_identify(IDEState *s, uint8_t cmd)
ide_set_irq(s-bus);
return false;
} else {
-if (s-drive_kind == IDE_CD) {
+if (s-drive_kind == IDE_CD || s-drive_kind == IDE_BRIDGE) {
ide_set_signature(s);
}
ide_abort_command(s);
@@ -1232,7 +1232,7 @@ static bool cmd_read_pio(IDEState *s, uint8_t cmd)
{
bool lba48 = (cmd == WIN_READ_EXT);
-if (s-drive_kind == IDE_CD) {
+if (s-drive_kind == IDE_CD || s-drive_kind == IDE_BRIDGE) {
ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */
ide_abort_command(s);
return true;
@@ -1426,7 +1426,7 @@ static bool cmd_exec_dev_diagnostic(IDEState *s, uint8_t
cmd)
{
ide_set_signature(s);
-if (s-drive_kind == IDE_CD) {
+if (s-drive_kind == IDE_CD || s-drive_kind == IDE_BRIDGE) {
s-status = 0; /* ATAPI spec (v6) section 9.10 defines packet
* devices to return a clear status register
* with READY_STAT *not* set. */
@@ -1731,7 +1731,7 @@ abort_cmd:
}
#define HD_OK (1u IDE_HD)
-#define CD_OK (1u IDE_CD)
+#define CD_OK ((1u IDE_CD) | (1u IDE_BRIDGE))
#define CFA_OK (1u IDE_CFATA)
#define HD_CFA_OK (HD_OK | CFA_OK)
#define ALL_OK (HD_OK | CD_OK | CFA_OK)
@@ -1978,10 +1978,11 @@ void ide_cmd_write(void *opaque, uint32_t addr,
uint32_t val)
/* high to low */
for(i = 0;i 2; i++) {
s = bus-ifs[i];
-if (s-drive_kind == IDE_CD)
+if (s-drive_kind == IDE_CD || s-drive_kind == IDE_BRIDGE) {
s-status = 0x00; /* NOTE: READY is _not_ set */
-else
+} else {
s-status = READY_STAT | SEEK_STAT;
+}
ide_set_signature(s);
}
}
@@ -2234,7 +2235,7 @@ static void ide_resize_cb(void *opaque)
ide_cfata_identify_size(s);
} else {
/* IDE_CD uses a different set of callbacks entirely. */
-assert(s-drive_kind != IDE_CD);
+assert(s-drive_kind != IDE_CD s-drive_kind != IDE_BRIDGE);
ide_identify_size(s);
}
}
@@ -2274,7 +2275,7 @@ int ide_init_drive(IDEState *s, BlockBackend *blk,
IDEDriveKind kind,
s-smart_autosave = 1;
s-smart_errors = 0;
s-smart_selftest_count = 0;
-if (kind == IDE_CD) {
+if (kind == IDE_CD || kind == IDE_BRIDGE) {
blk_set_dev_ops(blk, ide_cd_block_ops, s);
blk_set_guest_block_size(blk, 2048);
} else {
@@ -2301,6 +2302,9 @@ int ide_init_drive(IDEState *s, BlockBackend *blk,
IDEDriveKind kind,
case IDE_CD:
strcpy(s-drive_model_str, QEMU DVD-ROM);
break;
+case IDE_BRIDGE:
+strcpy(s-drive_model_str, QEMU VIRTUAL ATAPI-SCSI BRIDGE);
+break;
case IDE_CFATA:
strcpy(s-drive_model_str, QEMU MICRODRIVE);
break;
diff --git a/hw/ide/qdev.c b/hw/ide/qdev.c
index
[Qemu-devel] [PATCH] virtio-mmio: Kill code duplication
Extract common code for virtio-mmio creation and FDT node addition and
put it into reusable functions. Use new functions in vexpress and virt
machines.
Signed-off-by: Pavel Fedin p.fe...@samsung.com
---
hw/arm/sysbus-fdt.c | 51 +++
hw/arm/vexpress.c | 55 -
hw/arm/virt-acpi-build.c| 13
hw/arm/virt.c | 68 +
hw/virtio/virtio-mmio.c | 41 -
include/hw/arm/sysbus-fdt.h | 16 ++
include/hw/virtio/virtio-mmio.h | 38 +++
7 files changed, 165 insertions(+), 117 deletions(-)
create mode 100644 include/hw/virtio/virtio-mmio.h
diff --git a/hw/arm/sysbus-fdt.c b/hw/arm/sysbus-fdt.c
index 9d28797..c35abdb 100644
--- a/hw/arm/sysbus-fdt.c
+++ b/hw/arm/sysbus-fdt.c
@@ -28,6 +28,7 @@
#include sysemu/sysemu.h
#include hw/vfio/vfio-platform.h
#include hw/vfio/vfio-calxeda-xgmac.h
+#include hw/virtio/virtio-mmio.h
#include hw/arm/fdt.h
/*
@@ -245,3 +246,53 @@ void
arm_register_platform_bus_fdt_creator(ARMPlatformBusFDTParams *fdt_params)
p-notifier.notify = platform_bus_fdt_notify;
qemu_add_machine_init_done_notifier(p-notifier);
}
+
+int add_virtio_mmio_fdt_nodes(hwaddr addr, int irq, unsigned int num,
+ void *fdt, int intc)
+{
+uint32_t acells = qemu_fdt_getprop_cell(fdt, /, #address-cells);
+uint32_t scells = qemu_fdt_getprop_cell(fdt, /, #size-cells);
+int i;
+
+/* We add dtb nodes in reverse order so that they appear in the finished
+ * device tree lowest address first.
+ *
+ * Note that this mapping is independent of the virtio_mmio_create(). That
+ * loop influences virtio device to virtio transport assignment, whereas
+ * this loop controls how virtio transports are laid out in the dtb.
+ */
+for (i = num - 1; i = 0; i--) {
+hwaddr base = addr + VIRTIO_MMIO_SIZE * i;
+char *nodename = g_strdup_printf(/virtio_mmio@% PRIx64, base);
+int rc;
+
+/* Add a virtio_mmio node to the device tree blob:
+ * virtio_mmio@ADDRESS {
+ * compatible = virtio,mmio;
+ * reg = ADDRESS, SIZE;
+ * interrupt-parent = intc;
+ * interrupts = 0, irq, 1;
+ * }
+ * (Note that the format of the interrupts property is dependent on the
+ * interrupt controller that interrupt-parent points to; these are for
+ * the ARM GIC and indicate an SPI interrupt, rising-edge-triggered.)
+ */
+rc = qemu_fdt_add_subnode(fdt, nodename);
+rc |= qemu_fdt_setprop_string(fdt, nodename,
+ compatible, virtio,mmio);
+rc |= qemu_fdt_setprop_sized_cells(fdt, nodename, reg, acells, base,
+ scells, VIRTIO_MMIO_SIZE);
+if (intc) {
+qemu_fdt_setprop_cells(fdt, nodename, interrupt-parent, intc);
+}
+qemu_fdt_setprop_cells(fdt, nodename, interrupts,
+ GIC_FDT_IRQ_TYPE_SPI, irq + i,
+ GIC_FDT_IRQ_FLAGS_EDGE_LO_HI);
+g_free(nodename);
+if (rc) {
+return -1;
+}
+}
+
+return 0;
+}
diff --git a/hw/arm/vexpress.c b/hw/arm/vexpress.c
index da21788..79aa02e 100644
--- a/hw/arm/vexpress.c
+++ b/hw/arm/vexpress.c
@@ -24,7 +24,9 @@
#include hw/sysbus.h
#include hw/arm/arm.h
#include hw/arm/primecell.h
+#include hw/arm/sysbus-fdt.h
#include hw/devices.h
+#include hw/virtio/virtio-mmio.h
#include net/net.h
#include sysemu/sysemu.h
#include hw/boards.h
@@ -427,38 +429,6 @@ static VEDBoardInfo a15_daughterboard = {
.init = a15_daughterboard_init,
};
-static int add_virtio_mmio_node(void *fdt, uint32_t acells, uint32_t scells,
-hwaddr addr, hwaddr size, uint32_t intc,
-int irq)
-{
-/* Add a virtio_mmio node to the device tree blob:
- * virtio_mmio@ADDRESS {
- * compatible = virtio,mmio;
- * reg = ADDRESS, SIZE;
- * interrupt-parent = intc;
- * interrupts = 0, irq, 1;
- * }
- * (Note that the format of the interrupts property is dependent on the
- * interrupt controller that interrupt-parent points to; these are for
- * the ARM GIC and indicate an SPI interrupt, rising-edge-triggered.)
- */
-int rc;
-char *nodename = g_strdup_printf(/virtio_mmio@% PRIx64, addr);
-
-rc = qemu_fdt_add_subnode(fdt, nodename);
-rc |= qemu_fdt_setprop_string(fdt, nodename,
- compatible, virtio,mmio);
-rc |= qemu_fdt_setprop_sized_cells(fdt, nodename, reg,
- acells, addr, scells, size);
-qemu_fdt_setprop_cells(fdt, nodename, interrupt-parent, intc);
-
[Qemu-devel] [PATCH 2/2] cpu_arm: Use irqchip property instead of direct assignment
Implement property instead of direct assignment of cpu-env.irqchip
Signed-off-by: Pavel Fedin p.fe...@samsung.com
---
hw/arm/armv7m.c | 5 ++---
target-arm/cpu.c | 6 ++
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/hw/arm/armv7m.c b/hw/arm/armv7m.c
index 19742b7..782fd3e 100644
--- a/hw/arm/armv7m.c
+++ b/hw/arm/armv7m.c
@@ -170,7 +170,6 @@ qemu_irq *armv7m_init(MemoryRegion *system_memory, int
mem_size, int num_irq,
const char *kernel_filename, const char *cpu_model)
{
ARMCPU *cpu;
-CPUARMState *env;
DeviceState *nvic;
qemu_irq *pic = g_new(qemu_irq, num_irq);
int image_size;
@@ -188,13 +187,13 @@ qemu_irq *armv7m_init(MemoryRegion *system_memory, int
mem_size, int num_irq,
fprintf(stderr, Unable to find CPU definition\n);
exit(1);
}
-env = cpu-env;
armv7m_bitband_init();
nvic = qdev_create(NULL, armv7m_nvic);
qdev_prop_set_uint32(nvic, num-irq, num_irq);
-env-irqchip = nvic;
+object_property_set_link(OBJECT(cpu), OBJECT(nvic), irqchip,
+ error_abort);
qdev_init_nofail(nvic);
sysbus_connect_irq(SYS_BUS_DEVICE(nvic), 0,
qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ));
diff --git a/target-arm/cpu.c b/target-arm/cpu.c
index cc6c6f3..aed58bc 100644
--- a/target-arm/cpu.c
+++ b/target-arm/cpu.c
@@ -447,6 +447,12 @@ static void arm_cpu_initfn(Object *obj)
static bool inited;
uint32_t Aff1, Aff0;
+object_property_add_link(obj, irqchip,
+ arm_gic_common, (Object **)cpu-env.irqchip,
+ object_property_allow_set_link,
+ OBJ_PROP_LINK_UNREF_ON_RELEASE,
+ error_abort);
+
cs-env_ptr = cpu-env;
cpu_exec_init(cs, error_abort);
cpu-cp_regs = g_hash_table_new_full(g_int_hash, g_int_equal,
--
1.9.5.msysgit.0
[Qemu-devel] [PATCH RFC v4 1/5] ide: ATAPI-SCSI bridge TypeInfo and init function created
Signed-off-by: Alexander Bezzubikov abezzubi...@ispras.ru
---
hw/ide/bridge.h | 9 +
hw/ide/internal.h | 4 +++-
hw/ide/qdev.c | 41 +
3 files changed, 53 insertions(+), 1 deletion(-)
create mode 100644 hw/ide/bridge.h
diff --git a/hw/ide/bridge.h b/hw/ide/bridge.h
new file mode 100644
index 000..dca5d73
--- /dev/null
+++ b/hw/ide/bridge.h
@@ -0,0 +1,9 @@
+#ifndef HW_IDE_BRIDGE_H
+#define HW_IDE_BRIDGE_H
+
+#include hw/ide/internal.h
+
+void ide_bridge_start_transfer(SCSIRequest *req, uint32_t len);
+void ide_bridge_complete(SCSIRequest *req, uint32_t status, size_t resid);
+
+#endif
diff --git a/hw/ide/internal.h b/hw/ide/internal.h
index 30fdcbc..79c85be 100644
--- a/hw/ide/internal.h
+++ b/hw/ide/internal.h
@@ -12,6 +12,7 @@
#include sysemu/sysemu.h
#include hw/block/block.h
#include block/scsi.h
+#include hw/scsi/scsi.h
/* debug IDE devices */
//#define DEBUG_IDE
@@ -317,7 +318,7 @@ typedef struct IDEDMAOps IDEDMAOps;
#define SMART_DISABLE 0xd9
#define SMART_STATUS 0xda
-typedef enum { IDE_HD, IDE_CD, IDE_CFATA } IDEDriveKind;
+typedef enum { IDE_HD, IDE_CD, IDE_CFATA, IDE_BRIDGE } IDEDriveKind;
typedef void EndTransferFunc(IDEState *);
@@ -492,6 +493,7 @@ struct IDEDevice {
char *serial;
char *model;
uint64_t wwn;
+SCSIBus scsi_bus;
};
/* These are used for the error_status field of IDEBus */
diff --git a/hw/ide/qdev.c b/hw/ide/qdev.c
index 788b361..3bf3401 100644
--- a/hw/ide/qdev.c
+++ b/hw/ide/qdev.c
@@ -25,6 +25,7 @@
#include hw/block/block.h
#include sysemu/sysemu.h
#include qapi/visitor.h
+#include hw/ide/bridge.h
/* - */
@@ -143,6 +144,17 @@ int ide_get_bios_chs_trans(BusState *bus, int unit)
return DO_UPCAST(IDEBus, qbus, bus)-ifs[unit].chs_trans;
}
+/* BusInfo structure for ATAPI-SCSI bridge */
+static const struct SCSIBusInfo atapi_scsi_info = {
+.tcq = true,
+.max_target = 0,
+.max_lun = 0,
+
+.transfer_data = NULL,
+.complete = NULL,
+.cancel = NULL
+};
+
/* - */
typedef struct IDEDrive {
@@ -185,6 +197,12 @@ static int ide_dev_initfn(IDEDevice *dev, IDEDriveKind
kind)
return -1;
}
+if (kind == IDE_BRIDGE) {
+scsi_bus_new(dev-scsi_bus, sizeof(dev-scsi_bus), dev-qdev,
+ atapi_scsi_info, NULL);
+scsi_bus_legacy_handle_cmdline(dev-scsi_bus, NULL);
+}
+
if (!dev-version) {
dev-version = g_strdup(s-version);
}
@@ -253,6 +271,11 @@ static int ide_cd_initfn(IDEDevice *dev)
return ide_dev_initfn(dev, IDE_CD);
}
+static int ide_bridge_initfn(IDEDevice *dev)
+{
+return ide_dev_initfn(dev, IDE_BRIDGE);
+}
+
static int ide_drive_initfn(IDEDevice *dev)
{
DriveInfo *dinfo = blk_legacy_dinfo(dev-conf.blk);
@@ -314,6 +337,23 @@ static const TypeInfo ide_cd_info = {
.class_init= ide_cd_class_init,
};
+static void ide_bridge_class_init(ObjectClass *klass, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(klass);
+IDEDeviceClass *k = IDE_DEVICE_CLASS(klass);
+k-init = ide_bridge_initfn;
+dc-fw_name = drive;
+dc-desc = virtual ATAPI-SCSI bridge;
+dc-props = ide_cd_properties;
+}
+
+static const TypeInfo ide_bridge_info = {
+.name = ide-bridge,
+.parent= TYPE_IDE_DEVICE,
+.instance_size = sizeof(IDEDrive),
+.class_init= ide_bridge_class_init,
+};
+
static Property ide_drive_properties[] = {
DEFINE_IDE_DEV_PROPERTIES(),
DEFINE_PROP_END_OF_LIST(),
@@ -360,6 +400,7 @@ static void ide_register_types(void)
type_register_static(ide_bus_info);
type_register_static(ide_hd_info);
type_register_static(ide_cd_info);
+type_register_static(ide_bridge_info);
type_register_static(ide_drive_info);
type_register_static(ide_device_type_info);
}
--
2.1.4
Re: [Qemu-devel] [PULL 0/3] target-alpha PALcode improvments
On 18 August 2015 at 19:12, Richard Henderson r...@twiddle.net wrote: Posted and reviewed back in June, queued for 2.5 development. r~ The following changes since commit 074a9925e1cfd659d5376dcaccd1436d3840e611: Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging (2015-08-14 16:52:34 +0100) are available in the git repository at: git://github.com/rth7680/qemu.git tags/pull-axp-201508018 for you to fetch changes up to 6c05d3ded7b51154e67c35e270c48784b7046883: target-alpha: Inline hw_ret (2015-08-18 11:08:59 -0700) Alpha shadow register optimization Applied, thanks. -- PMM
Re: [Qemu-devel] [PATCH] virtio-mmio: Kill code duplication
Hello! Why bother? This is adding more code than it deletes I just don't like code duplication, wanted to do this long time ago. Additionally this enables to add support for virtio-mmio to more machines. Actually it could be used not only by ARM with little modifications. and is implicitly tying together details of how the these two boards are laid out What exactly do you mean? The only thing assumed by new functions is that virtio-mmio devices are laid out in a single addresses window, one after another. Base address and irq do not have to be the same everywhere. Kind regards, Pavel Fedin Expert Engineer Samsung Electronics Research center Russia
[Qemu-devel] where can i customize rbd object size?
Hello, qemu-img convert -f qcow2 Trove---mysql-5.6---2015-07-16.qcow2 -O raw rbd:openstack-00/8205d01a-874c-44c0-b114-1c03821fcc24:conf=/etc/ceph/ceph.conf How can i specify the object size that rbd uses? I found that the qemu-image can only use the default object size. It is defined in block/rbd.c #define OBJ_MAX_SIZE https://lxr.missinglinkelectronics.com/qemu+v2.1.0/+code=OBJ_MAX_SIZE (1UL OBJ_DEFAULT_OBJ_ORDER https://lxr.missinglinkelectronics.com/qemu+v2.1.0/+code=OBJ_DEFAULT_OBJ_ORDER ) If someone know how to specify the object size, please tell me. thanks a lot. By the way i do not find the define for OBJ_DEFAULT_OBJ_ORDER https://lxr.missinglinkelectronics.com/qemu+v2.1.0/+code=OBJ_DEFAULT_OBJ_ORDER, if someone knows , please tell me. Thanks a lot. -- 谦谦君子
Re: [Qemu-devel] [PATCH RFC v4 0/5] QEMU ATAPI-SCSI bridge GSoC project
On 08/19/2015 02:49 PM, Alexander Bezzubikov wrote: This is my QEMU Google Summer of Code project. Here I introduce new device - ATAPI-SCSI bridge. Its purpose is to unify IDE ATAPI CD-ROM emulation with SCSI CD-ROM emulation to reduce code duplication and squash bugs. It's purpose is simple - it just forwards ATAPI commands to SCSI side for parsing and execution. Example of using: qemu-system-x86_64 \ -drive if=none,file=filename,id=cdrom \ -drive if=none,id=fake \ -device ide-bridge,id=bridge,drive=fake \ -device scsi-cd,drive=cdrom,bus=bridge.0 \ -hda diskimage \ -m 1024 Alexander Bezzubikov (5): ide: ATAPI-SCSI bridge TypeInfo and init function created scsi: SCSIDiskReq declaration moved to header ide: necessary checks corrected to treat ATAPI-SCSI bridge as CDROM ATAPI-SCSI bridge functions created an can be used by bridge ide: ATAPI-SCSI bridge transfer is treated as PIO hw/ide/Makefile.objs | 2 +- hw/ide/atapi.c | 20 - hw/ide/bridge.c| 114 + hw/ide/bridge.h| 10 + hw/ide/core.c | 28 +++- hw/ide/internal.h | 6 ++- hw/ide/qdev.c | 43 ++- hw/scsi/scsi-disk.c| 55 ++-- include/hw/scsi/scsi.h | 16 +++ 9 files changed, 267 insertions(+), 27 deletions(-) create mode 100644 hw/ide/bridge.c create mode 100644 hw/ide/bridge.h Very nice patchset. Thanks a lot for doing that. For the entire series: Acked-by: Hannes Reinecke h...@suse.de Cheers, Hannes -- Dr. Hannes ReineckezSeries Storage h...@suse.de +49 911 74053 688 SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg GF: F. Imendörffer, J. Smithard, J. Guild, D. Upmanyu, G. Norton HRB 21284 (AG Nürnberg)
Re: [Qemu-devel] [PATCH 4/9] target-arm/arm-semi.c: Factor out repeated 'return env-regs[0]'
On Thu, Aug 13, 2015 at 9:35 AM, Peter Maydell peter.mayd...@linaro.org wrote: Factor out a repeated pattern in the semihosting code: gdb_do_syscall(arm_semi_cb, system,%s, arg0, (int)arg1+1); /* arm_semi_cb sets env-regs[0] to the syscall return value */ return env-regs[0]; For A64 the return value will go in a different register; pull the sequence out into its own function that passes the return value in a static variable rather than overloading regs[0] for the purpose, so the code will work on both A32/T32 and A64. Note that the lack-of-synchronization bug noted in the FIXME comment is not introduced by this commit, but was already present. Signed-off-by: Peter Maydell peter.mayd...@linaro.org Reviewed-by: Christopher Covington christopher.coving...@linaro.org
Re: [Qemu-devel] [PATCH] Block: don't do copy-on-read in before_write_notifier
On Wed, Aug 19, 2015 at 01:43:41PM +0800, Wen Congyang wrote: On 08/19/2015 01:41 PM, Paolo Bonzini wrote: On 18/08/2015 19:54, Wen Congyang wrote: We will copy data in before_write_notifier to do backup. It is a nested I/O request, so we cannot do copy-on-read. Can you explain why? What is the bug that this is fixing? (gdb) bt #0 0x7fd53a6cdb55 in raise () from /lib64/libc.so.6 #1 0x7fd53a6cf131 in abort () from /lib64/libc.so.6 #2 0x7fd53a6c6a10 in __assert_fail () from /lib64/libc.so.6 #3 0x7fd53dffe5ad in wait_serialising_requests (self=0x7fd50cdb6ae0) at block/io.c:452 #4 0x7fd53dfff351 in bdrv_aligned_preadv (bs=0x7fd53ea33130, req=0x7fd50cdb6ae0, offset=26347307008, bytes=65536, align=512, qiov=0x7fd50cdb6c90, flags= 1) at block/io.c:847 #5 0x7fd53dfff897 in bdrv_co_do_preadv (bs=0x7fd53ea33130, offset=26347307008, bytes=65536, qiov=0x7fd50cdb6c90, flags=BDRV_REQ_COPY_ON_READ) at block/io.c:970 #6 0x7fd53dfff962 in bdrv_co_do_readv (bs=0x7fd53ea33130, sector_num=51459584, nb_sectors=128, qiov=0x7fd50cdb6c90, flags=0) at block/io.c:992 #7 0x7fd53dfff9cf in bdrv_co_readv (bs=0x7fd53ea33130, sector_num=51459584, nb_sectors=128, qiov=0x7fd50cdb6c90) at block/io.c:1001 #8 0x7fd53ddb077a in backup_do_cow (bs=0x7fd53ea33130, sector_num=51459648, nb_sectors=16, error_is_read=0x0) at block/backup.c:132 #9 0x7fd53ddb0f07 in backup_before_write_notify (notifier=0x7fd5118c9f30, opaque=0x7fd50cdb6e40) at block/backup.c:193 #10 0x7fd53e063193 in notifier_with_return_list_notify (list=0x7fd53ea361b8, data=0x7fd50cdb6e40) at util/notify.c:65 #11 0x7fd53e79 in bdrv_aligned_pwritev (bs=0x7fd53ea33130, req=0x7fd50cdb6e40, offset=26347339776, bytes=8192, qiov=0x7fd54001c848, flags=0) at block/io.c:1116 #12 0x7fd53e000b4f in bdrv_co_do_pwritev (bs=0x7fd53ea33130, offset=26347339776, bytes=8192, qiov=0x7fd54001c848, flags=0) at block/io.c:1354 #13 0x7fd53e000c18 in bdrv_co_do_writev (bs=0x7fd53ea33130, sector_num=51459648, nb_sectors=16, qiov=0x7fd54001c848, flags=0) at block/io.c:1378 #14 0x7fd53e002dba in bdrv_co_do_rw (opaque=0x7fd53fb76830) at block/io.c:2113 #15 0x7fd53dfafde9 in coroutine_trampoline (i0=1073594560, i1=32725) at coroutine-ucontext.c:80 #16 0x7fd53a6debe0 in __correctly_grouped_prefixwc () from /lib64/libc.so.6 #17 0x in ?? () Can you give the steps used to reproduce this? I ask because I am wondering if it would be worth adding an iotest for this or similar scenarios. Thanks, Jeff
[Qemu-devel] [PATCH 0/2] cpu_arm: Implement irqchip property for ARM CPU
ARMv7m CPU needs a link to NVIC instance for processing interrupts. Similarly ARMv8 needs a link to GICv3 for its CPU interface. This series builds upon existing mechanism for linking irqchip and CPU, bringing the code up to date and making it reusable. Pavel Fedin (2): cpu_arm: Rename 'nvic' to 'irqchip' cpu_arm: Use irqchip property instead of direct assignment hw/arm/armv7m.c | 5 ++--- target-arm/cpu.c| 6 ++ target-arm/cpu.h| 5 - target-arm/helper.c | 12 ++-- 4 files changed, 18 insertions(+), 10 deletions(-) -- 1.9.5.msysgit.0
Re: [Qemu-devel] [PATCH] net/vmxnet3: Refine l2 header validation
ACK.
On Aug 18, 2015, at 02:45 AM, Shmulik Ladkani
shmulik.ladk...@ravellosystems.com wrote:
From: Dana Rubin dana.ru...@ravellosystems.com
Validation of l2 header length assumed minimal packet size as
eth_header + 2 * vlan_header regardless of the actual protocol.
This caused crash for valid non-IP packets shorter than 22 bytes, as
'tx_pkt-packet_type' hasn't been assigned for such packets, and
'vmxnet3_on_tx_done_update_stats()' expects it to be properly set.
Refine header length validation in 'vmxnet_tx_pkt_parse_headers'.
Check its return value during packet processing flow.
As a side effect, in case IPv4 and IPv6 header validation failure,
corrupt packets will be dropped.
Signed-off-by: Dana Rubin dana.ru...@ravellosystems.com
Signed-off-by: Shmulik Ladkani shmulik.ladk...@ravellosystems.com
---
hw/net/vmxnet3.c | 4 +---
hw/net/vmxnet_tx_pkt.c | 19 ---
2 files changed, 17 insertions(+), 6 deletions(-)
diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
index 59b06b8..f37297f 100644
--- a/hw/net/vmxnet3.c
+++ b/hw/net/vmxnet3.c
@@ -729,9 +729,7 @@ static void vmxnet3_process_tx_queue(VMXNET3State *s, int
qidx)
}
if (txd.eop) {
-if (!s-skip_current_tx_pkt) {
-vmxnet_tx_pkt_parse(s-tx_pkt);
-
+if (!s-skip_current_tx_pkt vmxnet_tx_pkt_parse(s-tx_pkt)) {
if (s-needs_vlan) {
vmxnet_tx_pkt_setup_vlan_header(s-tx_pkt, s-tci);
}
diff --git a/hw/net/vmxnet_tx_pkt.c b/hw/net/vmxnet_tx_pkt.c
index f7344c4..eb88ddf 100644
--- a/hw/net/vmxnet_tx_pkt.c
+++ b/hw/net/vmxnet_tx_pkt.c
@@ -142,11 +142,24 @@ static bool vmxnet_tx_pkt_parse_headers(struct
VmxnetTxPkt *pkt)
bytes_read = iov_to_buf(pkt-raw, pkt-raw_frags, 0, l2_hdr-iov_base,
ETH_MAX_L2_HDR_LEN);
-if (bytes_read ETH_MAX_L2_HDR_LEN) {
+if (bytes_read sizeof(struct eth_header)) {
+l2_hdr-iov_len = 0;
+return false;
+}
+
+l2_hdr-iov_len = sizeof(struct eth_header);
+switch (be16_to_cpu(PKT_GET_ETH_HDR(l2_hdr-iov_base)-h_proto)) {
+case ETH_P_VLAN:
+l2_hdr-iov_len += sizeof(struct vlan_header);
+break;
+case ETH_P_DVLAN:
+l2_hdr-iov_len += 2 * sizeof(struct vlan_header);
+break;
+}
+
+if (bytes_read l2_hdr-iov_len) {
l2_hdr-iov_len = 0;
return false;
-} else {
-l2_hdr-iov_len = eth_get_l2_hdr_length(l2_hdr-iov_base);
}
l3_proto = eth_get_l3_proto(l2_hdr-iov_base, l2_hdr-iov_len);
--
1.9.1
Re: [Qemu-devel] [PATCH] net/vmxnet3: Flush packets when device gets activated
ACK. On Aug 18, 2015, at 04:25 AM, Shmulik Ladkani shmulik.ladk...@ravellosystems.com wrote: As of a90a7425cf592a3afeff3eaf32f543b83050ee5c 'tap: Drop tap_can_send' vmxnet3 (with tap networking) can no longer receive once device is deactivated. Alas, as the device is initially inactive, this brakes vmxnet3 receive functionality. vmxnet3_can_receive() checks its internal 'device_active' flag (among other tests). However, as of a90a7425cf, if 'device_active' is false, packets will be queued by tap_send (at qemu_net_queue_send). However, vmxnet3 never flushes the queue, even if the device is later activated. Fix by calling 'qemu_flush_queued_packets()' when vmxnet3 device gets active. Signed-off-by: Shmulik Ladkani shmulik.ladk...@ravellosystems.com --- hw/net/vmxnet3.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c index 59b06b8..8387571 100644 --- a/hw/net/vmxnet3.c +++ b/hw/net/vmxnet3.c @@ -1561,6 +1561,7 @@ static void vmxnet3_activate_device(VMXNET3State *s) vmxnet3_reset_mac(s); s-device_active = true; +qemu_flush_queued_packets(qemu_get_queue(s-nic)); } static void vmxnet3_handle_command(VMXNET3State *s, uint64_t cmd) -- 1.9.1
Re: [Qemu-devel] [PATCH 00/12] qemu-common.h/osdep.h refactoring
On 13 August 2015 at 18:37, Peter Maydell peter.mayd...@linaro.org wrote: On 22 July 2015 at 17:43, Peter Maydell peter.mayd...@linaro.org wrote: This series makes a start at cleaning up some of our headers to avoid the common problem of header files including qemu-common.h (which then in turn can lead to awkward circular includes). The general consensus here seems to be that patches 1-9 are OK (and those have an R-by from Daniel), but that the last three would be better dealt with by having osdep.h be mandatory for .c files. My suggestion is thus that we commit 1-9 now, which will avoid them getting stale, and give us a sensible base for mandating osdep.h inclusion everywhere. I can just apply these directly to master, which seems the easiest way to do it, unless anybody objects or would particularly like to see them going through some other tree. Those first 9 patches now committed to master; thanks. I'll rework/reroll the rest at some point. -- PMM
Re: [Qemu-devel] [PATCH] Add another sanity check to smp_parse() function
On Wed, Jul 22, 2015 at 03:59:50PM +0200, Thomas Huth wrote:
The code in smp_parse already checks the topology information for
sockets * cores * threads cpus and bails out with an error in
that case. However, it is still possible to supply a bad configuration
the other way round, e.g. with:
qemu-system-xxx -smp 4,sockets=1,cores=4,threads=2
QEMU then still starts the guest, with topology configuration that
is rather incomprehensible and likely not what the user wanted.
So let's add another check to refuse such wrong configurations.
Signed-off-by: Thomas Huth th...@redhat.com
---
vl.c | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/vl.c b/vl.c
index 5856396..c8d24b1 100644
--- a/vl.c
+++ b/vl.c
@@ -1224,7 +1224,13 @@ static void smp_parse(QemuOpts *opts)
exit(1);
}
-max_cpus = qemu_opt_get_number(opts, maxcpus, 0);
+max_cpus = qemu_opt_get_number(opts, maxcpus, cpus);
+if (sockets * cores * threads max_cpus) {
+fprintf(stderr, cpu topology: error:
+sockets (%u) * cores (%u) * threads (%u) maxcpus
(%u)\n,
+sockets, cores, threads, max_cpus);
+exit(1);
+}
I am always afraid of breaking existing setups when we do that, because
there may be existing VMs running with these weird configurations, and
people won't be able to live-migrate them to a newer QEMU.
But I think we really have to start refusing to run obviously broken
configurations one day, or we will never fix this mess, so:
Reviewed-by: Eduardo Habkost ehabk...@redhat.com
I want to apply this through the x86 tree, but I would like to get some
Acked-by from other maintainers first.
--
Eduardo
Re: [Qemu-devel] [PATCH v5 3/4] sPAPR: Support RTAS call ibm, {open, close}-errinjct
On 18/08/15 18:15, David Gibson wrote:
On Wed, Aug 19, 2015 at 09:52:00AM +1000, Gavin Shan wrote:
On Tue, Aug 18, 2015 at 10:32:13AM -0700, Thomas Huth wrote:
On 17/08/15 18:47, Gavin Shan wrote:
The patch supports RTAS calls ibm,{open,close}-errinjct to
manupliate the token, which is passed to RTAS call ibm,errinjct
to indicate the valid context for error injection. Each VM is
permitted to have only one token at once and we simply have one
random number for that.
Looking at the code, you're using a sequence number now instead of a
random number?
Yes, it's what Alexey suggested.
Then please update the commit message accordingly.
diff --git a/hw/ppc/spapr_rtas.c b/hw/ppc/spapr_rtas.c
index e99e25f..8405056 100644
--- a/hw/ppc/spapr_rtas.c
+++ b/hw/ppc/spapr_rtas.c
@@ -604,6 +604,68 @@ out:
rtas_st(rets, 0, rc);
}
+static void rtas_ibm_open_errinjct(PowerPCCPU *cpu,
+ sPAPRMachineState *spapr,
+ uint32_t token, uint32_t nargs,
+ target_ulong args, uint32_t nret,
+ target_ulong rets)
+{
+int32_t ret;
+
+/* Sanity check on number of arguments */
+if ((nargs != 0) || (nret != 2)) {
Uh, did Alexey infect you with paranthesitis?
hehe~, nope. I'll drop those unnecessary paranthesitis :-)
I'd prefer you didn't. Unlike Thomas, I also don't remember C order
of ops that well and would prefer the clarity.
You can always look it up if you're unsure, e.g.:
http://en.cppreference.com/w/c/language/operator_precedence
And once you've learnt it, the additional paranthesis just look
cumbersome. So please remove them!
Thomas
signature.asc
Description: OpenPGP digital signature
[Qemu-devel] [PATCH] target-i386: Disable cache info passthrough by default
The host cache information may not make sense for the guest if the VM
CPU topology doesn't match the host CPU topology. To make sure we won't
expose broken cache information to the guest, disable cache info
passthrough by default, and add a new host-cache-info property that
can be used to enable the old behavior for users that really need it.
Cc: Benoît Canet ben...@irqsave.net
Signed-off-by: Eduardo Habkost ehabk...@redhat.com
---
target-i386/cpu.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/target-i386/cpu.c b/target-i386/cpu.c
index cfb8aa7..3a71f15 100644
--- a/target-i386/cpu.c
+++ b/target-i386/cpu.c
@@ -689,7 +689,6 @@ struct X86CPUDefinition {
int stepping;
FeatureWordArray features;
char model_id[48];
-bool cache_info_passthrough;
};
static X86CPUDefinition builtin_x86_defs[] = {
@@ -1416,6 +1415,7 @@ static X86CPUDefinition host_cpudef;
static Property host_x86_cpu_properties[] = {
DEFINE_PROP_BOOL(migratable, X86CPU, migratable, true),
+DEFINE_PROP_BOOL(host-cache-info, X86CPU, cache_info_passthrough, false),
DEFINE_PROP_END_OF_LIST()
};
@@ -1442,7 +1442,6 @@ static void host_x86_cpu_class_init(ObjectClass *oc, void
*data)
cpu_x86_fill_model_id(host_cpudef.model_id);
xcc-cpu_def = host_cpudef;
-host_cpudef.cache_info_passthrough = true;
/* level, xlevel, xlevel2, and the feature words are initialized on
* instance_init, because they require KVM to be initialized.
@@ -2076,7 +2075,6 @@ static void x86_cpu_load_def(X86CPU *cpu,
X86CPUDefinition *def, Error **errp)
object_property_set_int(OBJECT(cpu), def-stepping, stepping, errp);
object_property_set_int(OBJECT(cpu), def-xlevel, xlevel, errp);
object_property_set_int(OBJECT(cpu), def-xlevel2, xlevel2, errp);
-cpu-cache_info_passthrough = def-cache_info_passthrough;
object_property_set_str(OBJECT(cpu), def-model_id, model-id, errp);
for (w = 0; w FEATURE_WORDS; w++) {
env-features[w] = def-features[w];
--
2.1.0
Re: [Qemu-devel] [PATCH v10 5/5] hw/arm/virt: Add gic-version option to virt machine
Hi Pavel,
On 08/18/2015 03:33 PM, Pavel Fedin wrote:
Add gic_version to VirtMachineState, set it to value of the option
and pass it around where necessary. Instantiate devices and fdt
nodes according to the choice.
max_cpus for virt machine increased to 126 (calculated from redistributor
space available in the memory map).
GICv2 compatibility check happens
inside arm_gic_common_realize().
ITS regions are added to the memory map too, however currently they
are not used, just reserved.
Signed-off-by: Pavel Fedin p.fe...@samsung.com
---
hw/arm/virt.c | 111
+-
include/hw/arm/fdt.h | 2 +-
include/hw/arm/virt.h | 5 ++-
3 files changed, 96 insertions(+), 22 deletions(-)
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index d5a8417..e090640 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -50,6 +50,7 @@
#include hw/arm/fdt.h
#include hw/intc/arm_gic_common.h
#include kvm_arm.h
+#include qapi/visitor.h
/* Number of external interrupt lines to configure the GIC with */
#define NUM_IRQS 256
@@ -79,6 +80,7 @@ typedef struct {
typedef struct {
MachineState parent;
bool secure;
+int32_t gic_version;
} VirtMachineState;
#define TYPE_VIRT_MACHINE virt
@@ -109,6 +111,9 @@ static const MemMapEntry a15memmap[] = {
[VIRT_GIC_DIST] = { 0x0800, 0x0001 },
[VIRT_GIC_CPU] ={ 0x0801, 0x0001 },
[VIRT_GIC_V2M] ={ 0x0802, 0x1000 },
+[VIRT_ITS_CONTROL] ={ 0x0802, 0x0001 },
+[VIRT_ITS_TRANSLATION] ={ 0x0803, 0x0001 },
+[VIRT_GIC_REDIST] = { 0x0804, 0x00FC },
Although you put it in the commit msg, a comment saying it corresponds
to 2*64kB*126 CPUs may be worth I think
{ 0x0900, 0x1000 },
[VIRT_RTC] ={ 0x0901, 0x1000 },
[VIRT_FW_CFG] = { 0x0902, 0x000a },
@@ -258,10 +263,13 @@ static void fdt_add_timer_nodes(const VirtBoardInfo
*vbi)
* they are edge-triggered.
*/
ARMCPU *armcpu;
+uint32_t max;
uint32_t irqflags = GIC_FDT_IRQ_FLAGS_EDGE_LO_HI;
+/* Argument is 32 bit but 8 bits are reserved for flags */
it seems to exist a different semantic for his 3d cell depending on
GICv2/GICv3:
- in Documentation/devicetree/bindings/arm/gic.txt it is mentionned
bits[15:8] PPI interrupt cpu mask (so 8 bits only)
- in gic-v3.txt it is said the 3d cell is the flags, encoded as follows:
bits[3:0] trigger type and level flags.
1 = edge triggered
4 = level triggered
+max = (vbi-smp_cpus = 24) ? 24 : vbi-smp_cpus;
irqflags = deposit32(irqflags, GIC_FDT_IRQ_PPI_CPU_START,
- GIC_FDT_IRQ_PPI_CPU_WIDTH, (1 vbi-smp_cpus) -
1);
+ GIC_FDT_IRQ_PPI_CPU_WIDTH, (1 max) - 1);
qemu_fdt_add_subnode(vbi-fdt, /timer);
@@ -285,6 +293,18 @@ static void fdt_add_cpu_nodes(const VirtBoardInfo *vbi)
{
int cpu;
+/*
+ * From Documentation/devicetree/bindings/arm/cpus.txt
+ * On ARM v8 64-bit systems value should be set to 2,
+ * that corresponds to the MPIDR_EL1 register size.
+ * If MPIDR_EL1[63:32] value is equal to 0 on all CPUs
+ * in the system, #address-cells can be set to 1, since
+ * MPIDR_EL1[63:32] bits are not used for CPUs
+ * identification.
+ *
+ * Now GIC500 doesn't support affinities 2 3 so currently
+ * #address-cells can stay 1 until future GIC
+ */
qemu_fdt_add_subnode(vbi-fdt, /cpus);
qemu_fdt_setprop_cell(vbi-fdt, /cpus, #address-cells, 0x1);
qemu_fdt_setprop_cell(vbi-fdt, /cpus, #size-cells, 0x0);
@@ -321,25 +341,36 @@ static void fdt_add_v2m_gic_node(VirtBoardInfo *vbi)
qemu_fdt_setprop_cell(vbi-fdt, /intc/v2m, phandle,
vbi-v2m_phandle);
}
-static void fdt_add_gic_node(VirtBoardInfo *vbi)
+static void fdt_add_gic_node(VirtBoardInfo *vbi, int type)
{
vbi-gic_phandle = qemu_fdt_alloc_phandle(vbi-fdt);
qemu_fdt_setprop_cell(vbi-fdt, /, interrupt-parent,
vbi-gic_phandle);
qemu_fdt_add_subnode(vbi-fdt, /intc);
-/* 'cortex-a15-gic' means 'GIC v2' */
-qemu_fdt_setprop_string(vbi-fdt, /intc, compatible,
-arm,cortex-a15-gic);
qemu_fdt_setprop_cell(vbi-fdt, /intc, #interrupt-cells, 3);
qemu_fdt_setprop(vbi-fdt, /intc, interrupt-controller, NULL, 0);
-qemu_fdt_setprop_sized_cells(vbi-fdt, /intc, reg,
- 2, vbi-memmap[VIRT_GIC_DIST].base,
- 2, vbi-memmap[VIRT_GIC_DIST].size,
- 2, vbi-memmap[VIRT_GIC_CPU].base,
- 2, vbi-memmap[VIRT_GIC_CPU].size);
qemu_fdt_setprop_cell(vbi-fdt, /intc, #address-cells, 0x2);
Re: [Qemu-devel] [PULL v2] Queued TCG improvements
On 08/18/2015 04:23 PM, Peter Maydell wrote:
Hi. I'm afraid this fails 'make check' on 32-bit ARM for me:
Found it. The problem is in the temps tracking patch, where we weren't
ignoring TCG_CALL_DUMMY_ARG (-1). This isn't used on x86 of course, which is
why we didn't see this failure there.
The following fixes the problem. I chose to split the initialization so that
non-call opcodes don't need to check for dummy.
Can I get an RB for squashing this into the original patch?
r~
diff --git a/tcg/optimize.c b/tcg/optimize.c
index 2693168..10795ec 100644
--- a/tcg/optimize.c
+++ b/tcg/optimize.c
@@ -597,17 +597,24 @@ void tcg_optimize(TCGContext *s)
const TCGOpDef *def = tcg_op_defs[opc];
oi_next = op-next;
+
+/* Count the arguments, and initialize the temps that are
+ going to be used */
if (opc == INDEX_op_call) {
nb_oargs = op-callo;
nb_iargs = op-calli;
+for (i = 0; i nb_oargs + nb_iargs; i++) {
+tmp = args[i];
+if (tmp != TCG_CALL_DUMMY_ARG) {
+init_temp_info(tmp);
+}
+}
} else {
nb_oargs = def-nb_oargs;
nb_iargs = def-nb_iargs;
-}
-
-/* Initialize the temps that are going to be used */
-for (i = 0; i nb_oargs + nb_iargs; i++) {
-init_temp_info(args[i]);
+for (i = 0; i nb_oargs + nb_iargs; i++) {
+init_temp_info(args[i]);
+}
}
/* Do copy propagation */
Re: [Qemu-devel] [PATCH] q35: Remove old machine versions
On Wed, Aug 19, 2015 at 10:55:26AM +0100, Dr. David Alan Gilbert wrote: * Eduardo Habkost (ehabk...@redhat.com) wrote: Migration with q35 was not possible before commit 04329029a8c539eb5f75dcb6d8b016f0c53a031a, because q35 unconditionally creates an ich9-ahci device, that was marked as unmigratable. So all q35 machines before pc-q35-2.4 were unmigratable, and there's no point in keeping compatibility code for them. Remove all old pc-q35 machine classes and keep only pc-q35-2.4. But doesn't that mean that anyone who has a machine configured with one of those machine types will suddenly find it wont start? Yes, and they will have to update their configuration to use pc-q35-2.4 or newer. -- Eduardo
Re: [Qemu-devel] [PATCH 20/25] audio: remove mixeng specific code from backends
On Do, 2015-08-06 at 20:28 +0200, Kővágó, Zoltán wrote: Backends no longer have to deal with mixeng, they just receive a buffer in the correct sample format, all mixeng logic is now in the audio.c (and mixeng.c). Backends also do not have to deal with soft voices. Backends now have two way to read/write sound: * write and read functions: similar to old read/write functions, except that they actually read/write the data to the backend instead of placing it into the mixeng buffer. You no longer need run_in/run_out afterwards. * get_buffer_out/put_buffer_out: the first function returns a buffer that can hold some audio data. The caller fills this buffer (maybe partially) and calls put_buffer to actually write the data. This way we can save copying the buffer in some cases (for example mmaped audio). Similarly there's get_buffer_in/put_buffer_in for reading. Backends only have to support one access method, but they can support both if they have efficient implementation for both cases. Phew, this one became pretty big. Could this be splitted up? The s/int/size_t/ should be easy to separate. Also having individual patches for individual backends would be nice. Possibly you can first add the new interfaces, helper functions, then switch backends over one by one, hooking the generic audio_pcm_hw_run_out() function into run_out callback, finally remove the old interfaces and call audio_pcm_hw_run_out directly. cheers, Gerd
Re: [Qemu-devel] [PATCH v2 0/3] SysFS driver for QEMU fw_cfg device
On Wed, Aug 19, 2015 at 04:49:15PM -0400, Gabriel L. Somlo wrote: Hi Ard, On Wed, Aug 19, 2015 at 11:42:02AM +0200, Ard Biesheuvel wrote: (missed some cc's) On 19 August 2015 at 11:38, Ard Biesheuvel ard.biesheu...@linaro.org wrote: From: Gabriel L. Somlo so...@cmu.edu Several different architectures supported by QEMU are set up with a firmware configuration (fw_cfg) device, used to pass configuration blobs into the guest by the host running QEMU. Historically, these config blobs were mostly of interest to the guest BIOS, but since QEMU v2.4 it is possible to insert arbitrary blobs via the command line, which makes them potentially interesting to userspace (e.g. for passing early boot environment variables, etc.). Does 'potentially interesting' mean you have a use case? Could you elaborate? My personal one would be something like: cat guestinfo.txt EOT KEY1=val1 KEY2=val2 ... EOT qemu-system-x86_64 ... -fw-cfg name=opt/guestinfo,file=./guestinfo.txt ... Then, from inside the guest: . /sys/firmware/qemu_fw_cfg/by_name/opt/guestinfo/raw do_something_with $KEY1 $KEY2 ... But I'm thinking this is only one of the many positive things one could do with the ability to access random host-supplied blobs from guest userspace :) 1/3 - probes for the qemu fw_cfg device in locations known to work on the supported architectures, in decreasing order of likelihood. While it *may* be possible to detect the presence of fw_cfg via acpi or dtb (on x86 and arm, respectively), there's no way I know of attempting that on sun4 and ppc/mac, so I've stuck with simply probing (the fw_cfg_modes[] structure and fw_cfg_io_probe() function) in fw_cfg.c. I could use some advice on how else that could be done more elegantly, if needed. Sorry, but this is really out of the question, at least on ARM, but surely on other architectures as well. You can't just go around and probe random memory addresses. Perhaps QEMU tolerates it, but on anything that resembles a real system, this will immediately blow up. Also, what happens if the QEMU memory map changes? Add more probes addresses? It is not /that/ difficult to simply wire it up to the DT and ACPI infrastructures, there are plenty of examples in the kernel tree how to accomplish that. As a bonus, it removes all the arch specific knowledge from your code, which means that if QEMU grows support for another DT or ACPI based architecture, it will just work. I was *hoping* a successful call to request_[mem_]region() will be enough in the way of asking for permission before probing for the fw_cfg registers, but I realize that might still not be polite enough :) Either way, it would make sense to not probe in locations that couldn't possibly work on the current platform. The cleanest way would probably be a per-architecture probe function (or structure). But even then, it needs to only probe when it is safe to do so. DT on ARM is fine, and I'm certainly happy to learn how to do it (even though my main focus is, for now, x86). The unfortunate thing though is that on x86, fw_cfg is *not* AFAICT in ACPI, so I'd have to detour into first adding it in on the host side, before I can rewrite the guest side driver to look it up in there :) It is probaly the only non-hackish way to do it for arm*. I am not sure how relevant sun4 and ppc/mac are for what you are trying to accomplish, but perhaps it would be best to focus on x86 and ARM for now and do it correctly. If the probing is actually needed, you can always add it later. I guess that's the direction things seem to be headed, although it would make me a bit sad to leave out sun and ppc right from the very beginning :) PS. If you have one .c file in the kernel which does any of the DT-on-arm boilerplate I'm supposed to immitate, I'd appreciate the shortcut :) PS2. Do you happen to be in Seattle right now ? :) Unfortunately, neither Ard nor myself is there. But Mark Rutland should be around and someone useful to talk to about this. / Leif
Re: [Qemu-devel] [PATCH] linux-user: remove MAX_ARG_PAGES, allow dynamic growth of env/argv space
On 15 August 2015 at 19:26, Stefan Brüns stefan.bru...@rwth-aachen.de wrote:
qemu currently limits the space for the evironment and arguments to
32 * PAGE_SIZE. Linux limits the argument space to 1/4 of the stack size.
A program trying to detect this with a getrlimit(RLIMIT_STACK) syscall
will typically get a much larger limit than qemus current 128kB.
The current limit causes Argument list too long errors.
Signed-off-by: Stefan Brüns stefan.bru...@rwth-aachen.de
Thanks for this bug fix; it definitely seems like a good idea.
I have a few review comments below.
---
linux-user/elfload.c | 29 ++---
linux-user/linuxload.c | 7 ---
linux-user/qemu.h | 11 ++-
linux-user/syscall.c | 4
4 files changed, 28 insertions(+), 23 deletions(-)
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 1788368..be8f4d6 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -1365,11 +1365,13 @@ static bool elf_check_ehdr(struct elfhdr *ehdr)
* to be put directly into the top of new user memory.
*
*/
-static abi_ulong copy_elf_strings(int argc,char ** argv, void **page,
- abi_ulong p)
+static abi_ulong copy_elf_strings(int argc,char ** argv,
This should have a space after the 'argc,'.
(If you run scripts/checkpatch.pl you'll find it catches this
and other minor style errors.)
+ struct linux_binprm *bprm)
{
char *tmp, *tmp1, *pag = NULL;
int len, offset = 0;
+void **page = bprm-page;
+abi_ulong p = bprm-p;
if (!p) {
return 0; /* bullet-proofing */
@@ -1383,8 +1385,13 @@ static abi_ulong copy_elf_strings(int argc,char **
argv, void **page,
tmp1 = tmp;
while (*tmp++);
len = tmp - tmp1;
-if (p len) { /* this shouldn't happen - 128kB */
-return 0;
+if (p len) {
Since this looks almost but not quite like a standard reallocate-larger,
a comment here would be helpful I think:
/* Reallocate the page array to add extra zero entries at the start */
+bprm-page = (void**)calloc(bprm-n_arg_pages + 32,
sizeof(void*));
Prefer
bprm-page = g_new0(void *, bprm-n_arg_pages + 32);
+memcpy(bprm-page[32], page, sizeof(void*) * bprm-n_arg_pages);
+free(page);
g_free(page);
+page = bprm-page;
+bprm-n_arg_pages += 32;
+p += 32 * TARGET_PAGE_SIZE;
I think we have enough repetitions of '32' here to merit a #define.
But having said all that, I wonder if it would be better to
precalculate how big a page array we need and just do the
allocation once, rather than having this complicated code to
handle a reallocate-and-fix-up-everything. In particular this
is basically just adding string lengths for filename, argv
and envp together. load_flt_binary() already wants that information,
so it might be better to have loader_exec() calculate this
and fill in new bprm-argv_strlen and bprm-envp_strlen values
for the callees to use.
}
while (len) {
--p; --tmp; --len;
@@ -1423,8 +1430,8 @@ static abi_ulong setup_arg_pages(abi_ulong p, struct
linux_binprm *bprm,
/* Create enough stack to hold everything. If we don't use
it for args, we'll use it for something else. */
size = guest_stack_size;
-if (size MAX_ARG_PAGES*TARGET_PAGE_SIZE) {
-size = MAX_ARG_PAGES*TARGET_PAGE_SIZE;
+if (size bprm-n_arg_pages * TARGET_PAGE_SIZE) {
+size = bprm-n_arg_pages * TARGET_PAGE_SIZE;
}
guard = TARGET_PAGE_SIZE;
if (guard qemu_real_host_page_size) {
@@ -1442,10 +1449,10 @@ static abi_ulong setup_arg_pages(abi_ulong p, struct
linux_binprm *bprm,
target_mprotect(error, guard, PROT_NONE);
info-stack_limit = error + guard;
-stack_base = info-stack_limit + size - MAX_ARG_PAGES*TARGET_PAGE_SIZE;
+stack_base = info-stack_limit + size - bprm-n_arg_pages *
TARGET_PAGE_SIZE;
p += stack_base;
-for (i = 0 ; i MAX_ARG_PAGES ; i++) {
+for (i = 0; i bprm-n_arg_pages; i++) {
if (bprm-page[i]) {
info-rss++;
/* FIXME - check return value of memcpy_to_target() for failure
*/
@@ -2211,9 +2218,9 @@ int load_elf_binary(struct linux_binprm *bprm, struct
image_info *info)
when we load the interpreter. */
elf_ex = *(struct elfhdr *)bprm-buf;
-bprm-p = copy_elf_strings(1, bprm-filename, bprm-page, bprm-p);
-bprm-p = copy_elf_strings(bprm-envc,bprm-envp,bprm-page,bprm-p);
-bprm-p = copy_elf_strings(bprm-argc,bprm-argv,bprm-page,bprm-p);
+bprm-p = copy_elf_strings(1, bprm-filename, bprm);
+bprm-p = copy_elf_strings(bprm-envc, bprm-envp, bprm);
+bprm-p = copy_elf_strings(bprm-argc, bprm-argv, bprm);
if (!bprm-p) {
fprintf(stderr, %s: %s\n, bprm-filename, strerror(E2BIG));
Re: [Qemu-devel] [PATCH 7/9] target-arm/arm-semi.c: Implement A64 specific SyncCacheRange call
On Thu, Aug 13, 2015 at 9:35 AM, Peter Maydell peter.mayd...@linaro.org wrote: The A64 semihosting ABI defines a new call SyncCacheRange for doing a 'clean D-cache and invalidate I-cache' sequence. Since QEMU doesn't implement caches, we can implement this as a nop. Signed-off-by: Peter Maydell peter.mayd...@linaro.org Reviewed-by: Christopher Covington christopher.coving...@linaro.org
Re: [Qemu-devel] [PATCH v2] ne2000: Drop ne2000_can_receive
On Fri, 07/03 11:41, Stefan Hajnoczi wrote: On Fri, Jul 03, 2015 at 09:08:41AM +0800, Fam Zheng wrote: This moves the behavior of ne2000_can_receive to ne2000_receive. The logic is when the NIC is stopped we drop the packet, when the buffer is full we queue it and try flush later. ne2000_buffer_full is determined by s-curpag, s-boundary, s-start and s-stop. Add a flush in ne2000_ioport_write as they are all updated there, except the advancing of s-curpag in ne2000_receive where ne2000_buffer_full is already false. Signed-off-by: Fam Zheng f...@redhat.com --- hw/net/ne2000-isa.c | 1 - hw/net/ne2000.c | 27 --- 2 files changed, 16 insertions(+), 12 deletions(-) Thanks, applied to my net tree: https://github.com/stefanha/qemu/commits/net Hi Stefan, I just notice there is still no pull req for this? Fam
Re: [Qemu-devel] [PATCH 5/7] pc: Use DEFINE_MACHINE to implement DEFINE_PC_MACHINE
On Tue, Aug 18, 2015 at 12:08:52PM -0700, Eduardo Habkost wrote:
DEFINE_PC_MACHINE should be eventually replaced by DEFINE_MACHINE, we
just need to eliminate the pc_compat_*() functions first.
Signed-off-by: Eduardo Habkost ehabk...@redhat.com
---
include/hw/i386/pc.h | 15 ++-
1 file changed, 2 insertions(+), 13 deletions(-)
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index d0cad87..dc22608 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -694,23 +694,12 @@ bool e820_get_entry(int, uint32_t, uint64_t *, uint64_t
*);
},
#define DEFINE_PC_MACHINE(suffix, namestr, initfn, optsfn) \
-static void pc_machine_##suffix##_class_init(ObjectClass *oc, void
*data) \
+static void pc_machine_##suffix##_class_init(MachineClass *mc) \
{ \
-MachineClass *mc = MACHINE_CLASS(oc); \
optsfn(mc); \
-mc-name = namestr; \
mc-init = initfn; \
} \
-static const TypeInfo pc_machine_type_##suffix = { \
-.name = namestr TYPE_MACHINE_SUFFIX, \
-.parent = TYPE_PC_MACHINE, \
-.class_init = pc_machine_##suffix##_class_init, \
-}; \
-static void pc_machine_init_##suffix(void) \
-{ \
-type_register(pc_machine_type_##suffix); \
-} \
-machine_init(pc_machine_init_##suffix)
+DEFINE_MACHINE(namestr, pc_machine_##suffix##_class_init)
Please drop this patch, it is broken:
$ ./x86_64-softmmu/qemu-system-x86_64 -machine '?'
qemu/hw/i386/pc_piix.c:502:pc_i440fx_1_6_machine_options: Object
0x63d0adb0 is not an instance of type generic-pc-machine
Aborted (core dumped)
The parent class is being incorrectly changed from TYPE_PC_MACHINE to
TYPE_MACHINE.
--
Eduardo
[Qemu-devel] [PATCH RFC v3 5/5] ide: ATAPI-SCSI bridge transfer is treated as PIO
This patch is necessary because ATAPI-SCSI bridge transfer uses
ide_transfer_start/stop and ide_data_read function check if
PIO transfer is running, so bridge function should be added
to this check
Signed-off-by: Alexander Bezzubikov abezzubi...@ispras.ru
---
hw/ide/core.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/hw/ide/core.c b/hw/ide/core.c
index 96824ab..4988db6 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -34,6 +34,7 @@
#include sysemu/block-backend.h
#include hw/ide/internal.h
+#include hw/ide/bridge.h
/* These values were based on a Seagate ST3500418AS but have been modified
to make more sense in QEMU */
@@ -2002,7 +2003,8 @@ static bool ide_is_pio_out(IDEState *s)
} else if (s-end_transfer_func == ide_sector_read ||
s-end_transfer_func == ide_transfer_stop ||
s-end_transfer_func == ide_atapi_cmd_reply_end ||
- s-end_transfer_func == ide_dummy_transfer_stop) {
+ s-end_transfer_func == ide_dummy_transfer_stop ||
+ s-end_transfer_func == ide_bridge_do_transfer) {
return true;
}
--
2.1.4
[Qemu-devel] [PATCH RFC v3 2/5] scsi: SCSIDiskReq declaration moved to header
Signed-off-by: Alexander Bezzubikov abezzubi...@ispras.ru
---
hw/scsi/scsi-disk.c| 12
include/hw/scsi/scsi.h | 13 +
2 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
index 64f0694..8626eba 100644
--- a/hw/scsi/scsi-disk.c
+++ b/hw/scsi/scsi-disk.c
@@ -53,18 +53,6 @@ do { printf(scsi-disk: fmt , ## __VA_ARGS__); } while (0)
typedef struct SCSIDiskState SCSIDiskState;
-typedef struct SCSIDiskReq {
-SCSIRequest req;
-/* Both sector and sector_count are in terms of qemu 512 byte blocks. */
-uint64_t sector;
-uint32_t sector_count;
-uint32_t buflen;
-bool started;
-struct iovec iov;
-QEMUIOVector qiov;
-BlockAcctCookie acct;
-} SCSIDiskReq;
-
#define SCSI_DISK_F_REMOVABLE 0
#define SCSI_DISK_F_DPOFUA1
#define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
diff --git a/include/hw/scsi/scsi.h b/include/hw/scsi/scsi.h
index cdaf0f8..e25fd70 100644
--- a/include/hw/scsi/scsi.h
+++ b/include/hw/scsi/scsi.h
@@ -6,6 +6,7 @@
#include hw/block/block.h
#include sysemu/sysemu.h
#include qemu/notify.h
+#include block/accounting.h
#define MAX_SCSI_DEVS 255
@@ -120,6 +121,18 @@ extern const VMStateDescription vmstate_scsi_device;
.offset = vmstate_offset_value(_state, _field, SCSIDevice), \
}
+typedef struct SCSIDiskReq {
+SCSIRequest req;
+/* Both sector and sector_count are in terms of qemu 512 byte blocks. */
+uint64_t sector;
+uint32_t sector_count;
+uint32_t buflen;
+bool started;
+struct iovec iov;
+QEMUIOVector qiov;
+BlockAcctCookie acct;
+} SCSIDiskReq;
+
/* cdrom.c */
int cdrom_read_toc(int nb_sectors, uint8_t *buf, int msf, int start_track);
int cdrom_read_toc_raw(int nb_sectors, uint8_t *buf, int msf, int session_num);
--
2.1.4
[Qemu-devel] [PATCH RFC v3 0/5] QEMU ATAPI-SCSI bridge GSoC project
This is my QEMU Google Summer of Code project. Here I introduce new device - ATAPI-SCSI bridge. Its purpose is to unify IDE ATAPI CD-ROM emulation with SCSI CD-ROM emulation to reduce code duplication and squash bugs. It's purpose is simple - it just forwards ATAPI commands to SCSI side for parsing and execution. Example of using: qemu-system-x86_64 \ -drive if=none,file=filename,id=cdrom \ -drive if=none,id=fake \ -device ide-bridge,id=bridge,drive=fake \ -device scsi-cd,drive=cdrom,bus=bridge.0 \ -hda diskimage \ -m 1024 Alexander Bezzubikov (5): ide: ATAPI-SCSI bridge TypeInfo and init function created scsi: SCSIDiskReq declaration moved to header ide: necessary checks corrected to treat ATAPI-SCSI bridge as CDROM ATAPI-SCSI bridge functions created an can be used by bridge ide: ATAPI-SCSI bridge transfer is treated as PIO hw/ide/Makefile.objs | 2 +- hw/ide/atapi.c | 20 - hw/ide/bridge.c| 114 + hw/ide/bridge.h| 10 + hw/ide/core.c | 28 +++- hw/ide/internal.h | 6 ++- hw/ide/qdev.c | 43 ++- hw/scsi/scsi-disk.c| 55 ++-- include/hw/scsi/scsi.h | 16 +++ 9 files changed, 267 insertions(+), 27 deletions(-) create mode 100644 hw/ide/bridge.c create mode 100644 hw/ide/bridge.h -- 2.1.4
[Qemu-devel] [PATCH RFC v3 3/5] ide: necessary checks corrected to treat ATAPI-SCSI bridge as CDROM
hw/ide/qdev.c: corrected to treat bridge as CDROM
hw/ide/core.c: same corrections as in qdev.c
hw/ide/atapi.c: skip some CDROM checks because bridge has only fake drive
Signed-off-by: Alexander Bezzubikov abezzubi...@ispras.ru
---
hw/ide/atapi.c | 4 +++-
hw/ide/core.c | 24 ++--
hw/ide/qdev.c | 2 +-
3 files changed, 18 insertions(+), 12 deletions(-)
diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
index 79dd167..f6135e1 100644
--- a/hw/ide/atapi.c
+++ b/hw/ide/atapi.c
@@ -1230,6 +1230,7 @@ void ide_atapi_cmd(IDEState *s)
* states rely on this behavior.
*/
if (!(atapi_cmd_table[s-io_buffer[0]].flags ALLOW_UA)
+s-drive_kind != IDE_BRIDGE
!s-tray_open blk_is_inserted(s-blk) s-cdrom_changed) {
if (s-cdrom_changed == 1) {
@@ -1245,7 +1246,8 @@ void ide_atapi_cmd(IDEState *s)
/* Report a Not Ready condition if appropriate for the command */
if ((atapi_cmd_table[s-io_buffer[0]].flags CHECK_READY)
-(!media_present(s) || !blk_is_inserted(s-blk)))
+(s-drive_kind != IDE_BRIDGE
+(!media_present(s) || !blk_is_inserted(s-blk
{
ide_atapi_cmd_error(s, NOT_READY, ASC_MEDIUM_NOT_PRESENT);
return;
diff --git a/hw/ide/core.c b/hw/ide/core.c
index 50449ca..96824ab 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -348,7 +348,7 @@ static void ide_set_signature(IDEState *s)
/* put signature */
s-nsector = 1;
s-sector = 1;
-if (s-drive_kind == IDE_CD) {
+if (s-drive_kind == IDE_CD || s-drive_kind == IDE_BRIDGE) {
s-lcyl = 0x14;
s-hcyl = 0xeb;
} else if (s-blk) {
@@ -1144,7 +1144,7 @@ static bool cmd_data_set_management(IDEState *s, uint8_t
cmd)
static bool cmd_identify(IDEState *s, uint8_t cmd)
{
-if (s-blk s-drive_kind != IDE_CD) {
+if (s-blk s-drive_kind != IDE_CD s-drive_kind != IDE_BRIDGE) {
if (s-drive_kind != IDE_CFATA) {
ide_identify(s);
} else {
@@ -1155,7 +1155,7 @@ static bool cmd_identify(IDEState *s, uint8_t cmd)
ide_set_irq(s-bus);
return false;
} else {
-if (s-drive_kind == IDE_CD) {
+if (s-drive_kind == IDE_CD || s-drive_kind == IDE_BRIDGE) {
ide_set_signature(s);
}
ide_abort_command(s);
@@ -1232,7 +1232,7 @@ static bool cmd_read_pio(IDEState *s, uint8_t cmd)
{
bool lba48 = (cmd == WIN_READ_EXT);
-if (s-drive_kind == IDE_CD) {
+if (s-drive_kind == IDE_CD || s-drive_kind == IDE_BRIDGE) {
ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */
ide_abort_command(s);
return true;
@@ -1426,7 +1426,7 @@ static bool cmd_exec_dev_diagnostic(IDEState *s, uint8_t
cmd)
{
ide_set_signature(s);
-if (s-drive_kind == IDE_CD) {
+if (s-drive_kind == IDE_CD || s-drive_kind == IDE_BRIDGE) {
s-status = 0; /* ATAPI spec (v6) section 9.10 defines packet
* devices to return a clear status register
* with READY_STAT *not* set. */
@@ -1731,7 +1731,7 @@ abort_cmd:
}
#define HD_OK (1u IDE_HD)
-#define CD_OK (1u IDE_CD)
+#define CD_OK ((1u IDE_CD) | (1u IDE_BRIDGE))
#define CFA_OK (1u IDE_CFATA)
#define HD_CFA_OK (HD_OK | CFA_OK)
#define ALL_OK (HD_OK | CD_OK | CFA_OK)
@@ -1978,10 +1978,11 @@ void ide_cmd_write(void *opaque, uint32_t addr,
uint32_t val)
/* high to low */
for(i = 0;i 2; i++) {
s = bus-ifs[i];
-if (s-drive_kind == IDE_CD)
+if (s-drive_kind == IDE_CD || s-drive_kind == IDE_BRIDGE) {
s-status = 0x00; /* NOTE: READY is _not_ set */
-else
+} else {
s-status = READY_STAT | SEEK_STAT;
+}
ide_set_signature(s);
}
}
@@ -2234,7 +2235,7 @@ static void ide_resize_cb(void *opaque)
ide_cfata_identify_size(s);
} else {
/* IDE_CD uses a different set of callbacks entirely. */
-assert(s-drive_kind != IDE_CD);
+assert(s-drive_kind != IDE_CD s-drive_kind != IDE_BRIDGE);
ide_identify_size(s);
}
}
@@ -2274,7 +2275,7 @@ int ide_init_drive(IDEState *s, BlockBackend *blk,
IDEDriveKind kind,
s-smart_autosave = 1;
s-smart_errors = 0;
s-smart_selftest_count = 0;
-if (kind == IDE_CD) {
+if (kind == IDE_CD || kind == IDE_BRIDGE) {
blk_set_dev_ops(blk, ide_cd_block_ops, s);
blk_set_guest_block_size(blk, 2048);
} else {
@@ -2301,6 +2302,9 @@ int ide_init_drive(IDEState *s, BlockBackend *blk,
IDEDriveKind kind,
case IDE_CD:
strcpy(s-drive_model_str, QEMU DVD-ROM);
break;
+case IDE_BRIDGE:
+strcpy(s-drive_model_str, QEMU VIRTUAL ATAPI-SCSI BRIDGE);
+break;
case IDE_CFATA:
strcpy(s-drive_model_str, QEMU MICRODRIVE);
break;
diff --git a/hw/ide/qdev.c b/hw/ide/qdev.c
index
Re: [Qemu-devel] Debian 7.8.0 SPARC64 on qemu - anything i can do to speedup the emulation?
On 2015-08-19 12:41, Artyom Tarasenko wrote: Hi Richard, On Tue, Aug 18, 2015 at 7:55 PM, Richard Henderson r...@twiddle.net wrote: On 08/18/2015 02:24 AM, Artyom Tarasenko wrote: The unoptimized case is a sequence of multiple cmp and branch operations (likely created by a case statement in the original source code), especially where cmp is in a delay slot of a branch instruction. Interesting. I wonder whether we always have to finish a TB on a conditional jump. Maybe it would make sense to translate further if a destination of a jump is not too far from dc-pc? The definition of not too far is indeed tricky. We can only handle two chained exits from a TB. If we continue past a conditional branch, we may well encounter a second conditional branch, which would leave us with three different exits from the TB. Something that may be interesting to play with, however, is to change the TB with which the insn in a delay slot is connected. For instance, we currently spend some amount of effort computing and saving the branch condition, so that we can then execute the delay slot, and afterwards use the saved branch condition to perform the branch. Another way of doing this is to immediately branch, exiting the TB. But we set up PC+NPC for the next TB such that the delay slot is the first insn that is executed within the next TB. In that way, the compare in the delay slot that you mention *is* in the same TB as the branch that uses it, allowing the case to be optimized. This could wind up creating more TBs than the current solution, so it's not clear that it would be a win. One can mitigate that somewhat by noticing the case where the delay slot is a nop. I do think it's worth an experiment. So it is possible to make a TB with non sequential instructions? The instruction in the delay slot would be located most likely elsewhere than the following instructions. But I think I've been chasing a red herring. I see those helpers in perf top when running sysbench, but not when running g++ (and at the end g++ is much more relevant benchmark for me): Samples: 83K of event 'cpu-clock', Event count (approx.): 15333243164, Thread: qemu-system-spa(2743) 27.10% [kernel] [k] retint_signal 12.66% qemu-system-sparc64 [.] tcg_optimize 9.18% [vdso] [.] 0x0998 8.39% [kernel] [k] _raw_spin_unlock_irqrestore 4.76% qemu-system-sparc64 [.] tcg_liveness_analysis 3.89% qemu-system-sparc64 [.] tcg_reg_alloc_op 2.80% qemu-system-sparc64 [.] tcg_out_opc 2.45% qemu-system-sparc64 [.] get_physical_address_data 1.86% [kernel] [k] native_read_tsc 1.62% qemu-system-sparc64 [.] tlb_flush_page 1.55% qemu-system-sparc64 [.] tcg_out_modrm_sib_offset.constprop.42 1.45% [unknown][.] 0x451c5cae 1.43% qemu-system-sparc64 [.] gen_intermediate_code_pc 1.39% qemu-system-sparc64 [.] tcg_temp_new_internal_i64 1.24% qemu-system-sparc64 [.] tb_flush_jmp_cache 1.11% qemu-system-sparc64 [.] disas_sparc_insn 1.08% qemu-system-sparc64 [.] tcg_out_modrm 0.97% qemu-system-sparc64 [.] tcg_reg_alloc_start 0.77% qemu-system-sparc64 [.] cpu_sparc_exec 0.73% qemu-system-sparc64 [.] replace_tlb_1bit_lru.isra.3 0.72% qemu-system-sparc64 [.] tcg_gen_code_search_pc 0.72% qemu-system-sparc64 [.] tcg_opt_gen_mov 0.70% qemu-system-sparc64 [.] reset_temp I'm not sure why I still see kernel functions when I zoom into qemu thread. Is this qemu signal handling? And then it would be interesting to know where in this listing is the generated code. Is it [vdso], [unknown] or is it hidden behind retint_signal? Ironically a good optimization target seems to be the tcg_optimize function. If I zoom I see it spends most of the time in reset_all_temps. Any suggestions how to improve it? Try this patch: http://lists.nongnu.org/archive/html/qemu-devel/2015-08/msg02042.html Aurelien -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net http://www.aurel32.net
[Qemu-devel] [PATCH RFC v3 1/5] ide: ATAPI-SCSI bridge TypeInfo and init function created
Signed-off-by: Alexander Bezzubikov abezzubi...@ispras.ru
---
hw/ide/bridge.h | 9 +
hw/ide/internal.h | 4 +++-
hw/ide/qdev.c | 41 +
3 files changed, 53 insertions(+), 1 deletion(-)
create mode 100644 hw/ide/bridge.h
diff --git a/hw/ide/bridge.h b/hw/ide/bridge.h
new file mode 100644
index 000..dca5d73
--- /dev/null
+++ b/hw/ide/bridge.h
@@ -0,0 +1,9 @@
+#ifndef HW_IDE_BRIDGE_H
+#define HW_IDE_BRIDGE_H
+
+#include hw/ide/internal.h
+
+void ide_bridge_start_transfer(SCSIRequest *req, uint32_t len);
+void ide_bridge_complete(SCSIRequest *req, uint32_t status, size_t resid);
+
+#endif
diff --git a/hw/ide/internal.h b/hw/ide/internal.h
index 30fdcbc..79c85be 100644
--- a/hw/ide/internal.h
+++ b/hw/ide/internal.h
@@ -12,6 +12,7 @@
#include sysemu/sysemu.h
#include hw/block/block.h
#include block/scsi.h
+#include hw/scsi/scsi.h
/* debug IDE devices */
//#define DEBUG_IDE
@@ -317,7 +318,7 @@ typedef struct IDEDMAOps IDEDMAOps;
#define SMART_DISABLE 0xd9
#define SMART_STATUS 0xda
-typedef enum { IDE_HD, IDE_CD, IDE_CFATA } IDEDriveKind;
+typedef enum { IDE_HD, IDE_CD, IDE_CFATA, IDE_BRIDGE } IDEDriveKind;
typedef void EndTransferFunc(IDEState *);
@@ -492,6 +493,7 @@ struct IDEDevice {
char *serial;
char *model;
uint64_t wwn;
+SCSIBus scsi_bus;
};
/* These are used for the error_status field of IDEBus */
diff --git a/hw/ide/qdev.c b/hw/ide/qdev.c
index 788b361..3bf3401 100644
--- a/hw/ide/qdev.c
+++ b/hw/ide/qdev.c
@@ -25,6 +25,7 @@
#include hw/block/block.h
#include sysemu/sysemu.h
#include qapi/visitor.h
+#include hw/ide/bridge.h
/* - */
@@ -143,6 +144,17 @@ int ide_get_bios_chs_trans(BusState *bus, int unit)
return DO_UPCAST(IDEBus, qbus, bus)-ifs[unit].chs_trans;
}
+/* BusInfo structure for ATAPI-SCSI bridge */
+static const struct SCSIBusInfo atapi_scsi_info = {
+.tcq = true,
+.max_target = 0,
+.max_lun = 0,
+
+.transfer_data = NULL,
+.complete = NULL,
+.cancel = NULL
+};
+
/* - */
typedef struct IDEDrive {
@@ -185,6 +197,12 @@ static int ide_dev_initfn(IDEDevice *dev, IDEDriveKind
kind)
return -1;
}
+if (kind == IDE_BRIDGE) {
+scsi_bus_new(dev-scsi_bus, sizeof(dev-scsi_bus), dev-qdev,
+ atapi_scsi_info, NULL);
+scsi_bus_legacy_handle_cmdline(dev-scsi_bus, NULL);
+}
+
if (!dev-version) {
dev-version = g_strdup(s-version);
}
@@ -253,6 +271,11 @@ static int ide_cd_initfn(IDEDevice *dev)
return ide_dev_initfn(dev, IDE_CD);
}
+static int ide_bridge_initfn(IDEDevice *dev)
+{
+return ide_dev_initfn(dev, IDE_BRIDGE);
+}
+
static int ide_drive_initfn(IDEDevice *dev)
{
DriveInfo *dinfo = blk_legacy_dinfo(dev-conf.blk);
@@ -314,6 +337,23 @@ static const TypeInfo ide_cd_info = {
.class_init= ide_cd_class_init,
};
+static void ide_bridge_class_init(ObjectClass *klass, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(klass);
+IDEDeviceClass *k = IDE_DEVICE_CLASS(klass);
+k-init = ide_bridge_initfn;
+dc-fw_name = drive;
+dc-desc = virtual ATAPI-SCSI bridge;
+dc-props = ide_cd_properties;
+}
+
+static const TypeInfo ide_bridge_info = {
+.name = ide-bridge,
+.parent= TYPE_IDE_DEVICE,
+.instance_size = sizeof(IDEDrive),
+.class_init= ide_bridge_class_init,
+};
+
static Property ide_drive_properties[] = {
DEFINE_IDE_DEV_PROPERTIES(),
DEFINE_PROP_END_OF_LIST(),
@@ -360,6 +400,7 @@ static void ide_register_types(void)
type_register_static(ide_bus_info);
type_register_static(ide_hd_info);
type_register_static(ide_cd_info);
+type_register_static(ide_bridge_info);
type_register_static(ide_drive_info);
type_register_static(ide_device_type_info);
}
--
2.1.4
Re: [Qemu-devel] Debian 7.8.0 SPARC64 on qemu - anything i can do to speedup the emulation?
Hi Richard, On Tue, Aug 18, 2015 at 7:55 PM, Richard Henderson r...@twiddle.net wrote: On 08/18/2015 02:24 AM, Artyom Tarasenko wrote: The unoptimized case is a sequence of multiple cmp and branch operations (likely created by a case statement in the original source code), especially where cmp is in a delay slot of a branch instruction. Interesting. I wonder whether we always have to finish a TB on a conditional jump. Maybe it would make sense to translate further if a destination of a jump is not too far from dc-pc? The definition of not too far is indeed tricky. We can only handle two chained exits from a TB. If we continue past a conditional branch, we may well encounter a second conditional branch, which would leave us with three different exits from the TB. Something that may be interesting to play with, however, is to change the TB with which the insn in a delay slot is connected. For instance, we currently spend some amount of effort computing and saving the branch condition, so that we can then execute the delay slot, and afterwards use the saved branch condition to perform the branch. Another way of doing this is to immediately branch, exiting the TB. But we set up PC+NPC for the next TB such that the delay slot is the first insn that is executed within the next TB. In that way, the compare in the delay slot that you mention *is* in the same TB as the branch that uses it, allowing the case to be optimized. This could wind up creating more TBs than the current solution, so it's not clear that it would be a win. One can mitigate that somewhat by noticing the case where the delay slot is a nop. I do think it's worth an experiment. So it is possible to make a TB with non sequential instructions? The instruction in the delay slot would be located most likely elsewhere than the following instructions. But I think I've been chasing a red herring. I see those helpers in perf top when running sysbench, but not when running g++ (and at the end g++ is much more relevant benchmark for me): Samples: 83K of event 'cpu-clock', Event count (approx.): 15333243164, Thread: qemu-system-spa(2743) 27.10% [kernel] [k] retint_signal 12.66% qemu-system-sparc64 [.] tcg_optimize 9.18% [vdso] [.] 0x0998 8.39% [kernel] [k] _raw_spin_unlock_irqrestore 4.76% qemu-system-sparc64 [.] tcg_liveness_analysis 3.89% qemu-system-sparc64 [.] tcg_reg_alloc_op 2.80% qemu-system-sparc64 [.] tcg_out_opc 2.45% qemu-system-sparc64 [.] get_physical_address_data 1.86% [kernel] [k] native_read_tsc 1.62% qemu-system-sparc64 [.] tlb_flush_page 1.55% qemu-system-sparc64 [.] tcg_out_modrm_sib_offset.constprop.42 1.45% [unknown][.] 0x451c5cae 1.43% qemu-system-sparc64 [.] gen_intermediate_code_pc 1.39% qemu-system-sparc64 [.] tcg_temp_new_internal_i64 1.24% qemu-system-sparc64 [.] tb_flush_jmp_cache 1.11% qemu-system-sparc64 [.] disas_sparc_insn 1.08% qemu-system-sparc64 [.] tcg_out_modrm 0.97% qemu-system-sparc64 [.] tcg_reg_alloc_start 0.77% qemu-system-sparc64 [.] cpu_sparc_exec 0.73% qemu-system-sparc64 [.] replace_tlb_1bit_lru.isra.3 0.72% qemu-system-sparc64 [.] tcg_gen_code_search_pc 0.72% qemu-system-sparc64 [.] tcg_opt_gen_mov 0.70% qemu-system-sparc64 [.] reset_temp I'm not sure why I still see kernel functions when I zoom into qemu thread. Is this qemu signal handling? And then it would be interesting to know where in this listing is the generated code. Is it [vdso], [unknown] or is it hidden behind retint_signal? Ironically a good optimization target seems to be the tcg_optimize function. If I zoom I see it spends most of the time in reset_all_temps. Any suggestions how to improve it? Artyom -- Regards, Artyom Tarasenko SPARC and PPC PReP under qemu blog: http://tyom.blogspot.com/search/label/qemu
[Qemu-devel] [PATCH RFC v3 4/5] ATAPI-SCSI bridge functions created an can be used by bridge
ide: bridge functions created
ide: Makefile corrected due to bridge creation
scsi: added function to enable bridge send SCSI requests
ide: bridge can now forward requests to SCSI
ide: bridge functions assigned to SCSIBusInfo
Signed-off-by: Alexander Bezzubikov abezzubi...@ispras.ru
---
hw/ide/Makefile.objs | 2 +-
hw/ide/atapi.c | 16 +++
hw/ide/bridge.c| 114 +
hw/ide/bridge.h| 1 +
hw/ide/internal.h | 2 +
hw/ide/qdev.c | 4 +-
hw/scsi/scsi-disk.c| 43 +++
include/hw/scsi/scsi.h | 3 ++
8 files changed, 182 insertions(+), 3 deletions(-)
create mode 100644 hw/ide/bridge.c
diff --git a/hw/ide/Makefile.objs b/hw/ide/Makefile.objs
index 729e9bd..f54f275 100644
--- a/hw/ide/Makefile.objs
+++ b/hw/ide/Makefile.objs
@@ -1,4 +1,4 @@
-common-obj-$(CONFIG_IDE_CORE) += core.o atapi.o
+common-obj-$(CONFIG_IDE_CORE) += core.o atapi.o bridge.o
common-obj-$(CONFIG_IDE_QDEV) += qdev.o
common-obj-$(CONFIG_IDE_PCI) += pci.o
common-obj-$(CONFIG_IDE_ISA) += isa.o
diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
index f6135e1..3eb56e2 100644
--- a/hw/ide/atapi.c
+++ b/hw/ide/atapi.c
@@ -1253,6 +1253,22 @@ void ide_atapi_cmd(IDEState *s)
return;
}
+if (s-drive_kind == IDE_BRIDGE) {
+IDEDevice *dev = s-bus-master;
+SCSIDevice *scsi_dev = scsi_device_find(dev-scsi_bus, 0, 0, 0);
+s-cur_req = scsi_new_request_from_bridge(scsi_dev, 0, 0, buf, NULL);
+
+/* Necessary to prevent ide from reading while data isn't ready */
+if (buf[0] == READ_10) {
+s-status |= BUSY_STAT;
+}
+
+if (scsi_req_enqueue(s-cur_req)) {
+scsi_req_continue(s-cur_req);
+}
+return;
+}
+
/* Execute the command */
if (atapi_cmd_table[s-io_buffer[0]].handler) {
atapi_cmd_table[s-io_buffer[0]].handler(s, buf);
diff --git a/hw/ide/bridge.c b/hw/ide/bridge.c
new file mode 100644
index 000..2e93311
--- /dev/null
+++ b/hw/ide/bridge.c
@@ -0,0 +1,114 @@
+#include hw/ide/bridge.h
+
+void ide_bridge_do_transfer(IDEState *s)
+{
+SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, s-cur_req);
+
+if (r-buflen 0) {
+int size = r-buflen;
+
+int byte_count_limit = s-lcyl | (s-hcyl 8);
+if (byte_count_limit == 0x) {
+byte_count_limit--;
+}
+if (size byte_count_limit) {
+/* byte count limit must be even if this case */
+if (byte_count_limit 1) {
+byte_count_limit--;
+}
+size = byte_count_limit;
+}
+s-lcyl = size;
+s-hcyl = size 8;
+s-nsector = (s-nsector ~7) | ATAPI_INT_REASON_IO;
+
+int offset = (r-buflen == r-qiov.size) ? 0 : r-qiov.size -
r-buflen;
+r-buflen -= size;
+
+ide_transfer_start(s, s-io_buffer + offset, size,
+ ide_bridge_do_transfer);
+ide_set_irq(s-bus);
+} else {
+scsi_req_complete(s-cur_req, GOOD);
+}
+}
+
+static void ide_bridge_dma_complete(void *opaque, int ret)
+{
+IDEState *s = opaque;
+
+s-io_buffer_size = s-bus-dma-iov.iov_len;
+s-nsector = (s-nsector ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
+s-bus-dma-ops-rw_buf(s-bus-dma, 1);
+scsi_req_complete(s-cur_req, GOOD);
+
+s-status = READY_STAT | SEEK_STAT;
+
+ide_set_irq(s-bus);
+ide_set_inactive(s, false);
+}
+
+void ide_bridge_start_transfer(SCSIRequest *req, uint32_t len)
+{
+IDEDevice *dev = IDE_DEVICE(req-bus-qbus.parent);
+IDEBus *bus = DO_UPCAST(IDEBus, qbus, dev-qdev.parent_bus);
+IDEState *s = bus-ifs;
+SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
+
+int cmd = req-cmd.buf[0];
+if (cmd == READ_10) {
+if (s-feature 1) {
+s-status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
+qemu_iovec_clone(s-bus-dma-qiov, r-qiov, NULL);
+qemu_iovec_to_buf(r-qiov, 0, s-io_buffer, r-qiov.size);
+} else {
+qemu_iovec_to_buf(r-qiov, 0, s-io_buffer, r-qiov.size);
+}
+} else {
+if (cmd == INQUIRY) {
+len = 36;
+}
+r-iov.iov_len = len;
+qemu_iovec_concat_iov(r-qiov, r-iov, len, 0, len);
+qemu_iovec_to_buf(r-qiov, 0, s-io_buffer, r-qiov.size);
+}
+
+s-io_buffer_index = 0;
+s-status = READY_STAT | SEEK_STAT;
+
+if (cmd != TEST_UNIT_READY cmd != ALLOW_MEDIUM_REMOVAL) {
+if (s-feature 1) {
+s-io_buffer_index = 0;
+s-bus-retry_unit = s-unit;
+s-bus-retry_sector_num = ide_get_sector(s);
+s-bus-retry_nsector = s-nsector;
+
+s-bus-dma-iov.iov_base = (void *)(s-io_buffer);
+s-bus-dma-iov.iov_len = r-qiov.size;
+
+if (cmd != READ_10) {
+s-status = READY_STAT | SEEK_STAT | DRQ_STAT;
+}
+
+if
Re: [Qemu-devel] [PATCH RFC v3 0/5] QEMU ATAPI-SCSI bridge GSoC project
On 08/19/2015 12:57 PM, Alexander Bezzubikov wrote: This is my QEMU Google Summer of Code project. Here I introduce new device - ATAPI-SCSI bridge. Its purpose is to unify IDE ATAPI CD-ROM emulation with SCSI CD-ROM emulation to reduce code duplication and squash bugs. It's purpose is simple - it just forwards ATAPI commands to SCSI side for parsing and execution. Example of using: qemu-system-x86_64 \ -drive if=none,file=filename,id=cdrom \ -drive if=none,id=fake \ -device ide-bridge,id=bridge,drive=fake \ -device scsi-cd,drive=cdrom,bus=bridge.0 \ -hda diskimage \ -m 1024 Alexander Bezzubikov (5): ide: ATAPI-SCSI bridge TypeInfo and init function created scsi: SCSIDiskReq declaration moved to header ide: necessary checks corrected to treat ATAPI-SCSI bridge as CDROM ATAPI-SCSI bridge functions created an can be used by bridge ide: ATAPI-SCSI bridge transfer is treated as PIO hw/ide/Makefile.objs | 2 +- hw/ide/atapi.c | 20 - hw/ide/bridge.c| 114 + hw/ide/bridge.h| 10 + hw/ide/core.c | 28 +++- hw/ide/internal.h | 6 ++- hw/ide/qdev.c | 43 ++- hw/scsi/scsi-disk.c| 55 ++-- include/hw/scsi/scsi.h | 16 +++ 9 files changed, 267 insertions(+), 27 deletions(-) create mode 100644 hw/ide/bridge.c create mode 100644 hw/ide/bridge.h I've just got a minor issue on patch 4/5 (rename cur_req to scsi_req), other than that the patchset looks good. Cheers, Hannes -- Dr. Hannes ReineckezSeries Storage h...@suse.de +49 911 74053 688 SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg GF: F. Imendörffer, J. Smithard, J. Guild, D. Upmanyu, G. Norton HRB 21284 (AG Nürnberg)
Re: [Qemu-devel] [PATCH RFC v3 4/5] ATAPI-SCSI bridge functions created an can be used by bridge
On 08/19/2015 12:57 PM, Alexander Bezzubikov wrote:
ide: bridge functions created
ide: Makefile corrected due to bridge creation
scsi: added function to enable bridge send SCSI requests
ide: bridge can now forward requests to SCSI
ide: bridge functions assigned to SCSIBusInfo
Signed-off-by: Alexander Bezzubikov abezzubi...@ispras.ru
---
hw/ide/Makefile.objs | 2 +-
hw/ide/atapi.c | 16 +++
hw/ide/bridge.c| 114
+
hw/ide/bridge.h| 1 +
hw/ide/internal.h | 2 +
hw/ide/qdev.c | 4 +-
hw/scsi/scsi-disk.c| 43 +++
include/hw/scsi/scsi.h | 3 ++
8 files changed, 182 insertions(+), 3 deletions(-)
create mode 100644 hw/ide/bridge.c
diff --git a/hw/ide/Makefile.objs b/hw/ide/Makefile.objs
index 729e9bd..f54f275 100644
--- a/hw/ide/Makefile.objs
+++ b/hw/ide/Makefile.objs
@@ -1,4 +1,4 @@
-common-obj-$(CONFIG_IDE_CORE) += core.o atapi.o
+common-obj-$(CONFIG_IDE_CORE) += core.o atapi.o bridge.o
common-obj-$(CONFIG_IDE_QDEV) += qdev.o
common-obj-$(CONFIG_IDE_PCI) += pci.o
common-obj-$(CONFIG_IDE_ISA) += isa.o
diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c
index f6135e1..3eb56e2 100644
--- a/hw/ide/atapi.c
+++ b/hw/ide/atapi.c
@@ -1253,6 +1253,22 @@ void ide_atapi_cmd(IDEState *s)
return;
}
+if (s-drive_kind == IDE_BRIDGE) {
+IDEDevice *dev = s-bus-master;
+SCSIDevice *scsi_dev = scsi_device_find(dev-scsi_bus, 0, 0, 0);
+s-cur_req = scsi_new_request_from_bridge(scsi_dev, 0, 0, buf, NULL);
+
+/* Necessary to prevent ide from reading while data isn't ready */
+if (buf[0] == READ_10) {
+s-status |= BUSY_STAT;
+}
+
+if (scsi_req_enqueue(s-cur_req)) {
+scsi_req_continue(s-cur_req);
+}
+return;
+}
+
/* Execute the command */
if (atapi_cmd_table[s-io_buffer[0]].handler) {
atapi_cmd_table[s-io_buffer[0]].handler(s, buf);
diff --git a/hw/ide/bridge.c b/hw/ide/bridge.c
new file mode 100644
index 000..2e93311
--- /dev/null
+++ b/hw/ide/bridge.c
@@ -0,0 +1,114 @@
+#include hw/ide/bridge.h
+
+void ide_bridge_do_transfer(IDEState *s)
+{
+SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, s-cur_req);
+
+if (r-buflen 0) {
+int size = r-buflen;
+
+int byte_count_limit = s-lcyl | (s-hcyl 8);
+if (byte_count_limit == 0x) {
+byte_count_limit--;
+}
+if (size byte_count_limit) {
+/* byte count limit must be even if this case */
+if (byte_count_limit 1) {
+byte_count_limit--;
+}
+size = byte_count_limit;
+}
+s-lcyl = size;
+s-hcyl = size 8;
+s-nsector = (s-nsector ~7) | ATAPI_INT_REASON_IO;
+
+int offset = (r-buflen == r-qiov.size) ? 0 : r-qiov.size -
r-buflen;
+r-buflen -= size;
+
+ide_transfer_start(s, s-io_buffer + offset, size,
+ ide_bridge_do_transfer);
+ide_set_irq(s-bus);
+} else {
+scsi_req_complete(s-cur_req, GOOD);
+}
+}
+
+static void ide_bridge_dma_complete(void *opaque, int ret)
+{
+IDEState *s = opaque;
+
+s-io_buffer_size = s-bus-dma-iov.iov_len;
+s-nsector = (s-nsector ~7) | ATAPI_INT_REASON_IO |
ATAPI_INT_REASON_CD;
+s-bus-dma-ops-rw_buf(s-bus-dma, 1);
+scsi_req_complete(s-cur_req, GOOD);
+
+s-status = READY_STAT | SEEK_STAT;
+
+ide_set_irq(s-bus);
+ide_set_inactive(s, false);
+}
+
+void ide_bridge_start_transfer(SCSIRequest *req, uint32_t len)
+{
+IDEDevice *dev = IDE_DEVICE(req-bus-qbus.parent);
+IDEBus *bus = DO_UPCAST(IDEBus, qbus, dev-qdev.parent_bus);
+IDEState *s = bus-ifs;
+SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
+
+int cmd = req-cmd.buf[0];
+if (cmd == READ_10) {
+if (s-feature 1) {
+s-status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
+qemu_iovec_clone(s-bus-dma-qiov, r-qiov, NULL);
+qemu_iovec_to_buf(r-qiov, 0, s-io_buffer, r-qiov.size);
+} else {
+qemu_iovec_to_buf(r-qiov, 0, s-io_buffer, r-qiov.size);
+}
+} else {
+if (cmd == INQUIRY) {
+len = 36;
+}
+r-iov.iov_len = len;
+qemu_iovec_concat_iov(r-qiov, r-iov, len, 0, len);
+qemu_iovec_to_buf(r-qiov, 0, s-io_buffer, r-qiov.size);
+}
+
+s-io_buffer_index = 0;
+s-status = READY_STAT | SEEK_STAT;
+
+if (cmd != TEST_UNIT_READY cmd != ALLOW_MEDIUM_REMOVAL) {
+if (s-feature 1) {
+s-io_buffer_index = 0;
+s-bus-retry_unit = s-unit;
+s-bus-retry_sector_num = ide_get_sector(s);
+s-bus-retry_nsector = s-nsector;
+
+s-bus-dma-iov.iov_base = (void
Re: [Qemu-devel] [PULL v2] Queued TCG improvements
On 08/18/2015 04:23 PM, Peter Maydell wrote: Hi. I'm afraid this fails 'make check' on 32-bit ARM for me: ... (i386-softmmu doesn't segv, so probably it's a 64-bit-ops-on-32-bit thing.) Sadly, this doesn't fail on 32-bit x86 host. I've started a build on an arm host, but it may be a while before I get results. r~
[Qemu-devel] [RFC PATCH v0 2/3] spapr-rtas: Enable rtas_set_indicator() to return correct error
drck-set_isolation_state() can return error. For such a case ensure
correct error is returned by rtas_set_indicator() instead of always
returning success.
TODO: rtas_st(, , uint32 val) = the return value uint32, but
drck-set_[allocation/indicator/isolation]_state() is returning int.
Should we change this return value to uint32_t to match with rtas_st()
argument ?
Signed-off-by: Bharata B Rao bhar...@linux.vnet.ibm.com
---
hw/ppc/spapr_rtas.c | 9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/hw/ppc/spapr_rtas.c b/hw/ppc/spapr_rtas.c
index e99e25f..96729b4 100644
--- a/hw/ppc/spapr_rtas.c
+++ b/hw/ppc/spapr_rtas.c
@@ -374,6 +374,7 @@ static void rtas_set_indicator(PowerPCCPU *cpu,
sPAPRMachineState *spapr,
uint32_t sensor_state;
sPAPRDRConnector *drc;
sPAPRDRConnectorClass *drck;
+int ret;
if (nargs != 3 || nret != 1) {
rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
@@ -413,19 +414,19 @@ static void rtas_set_indicator(PowerPCCPU *cpu,
sPAPRMachineState *spapr,
spapr_ccs_remove(spapr, ccs);
}
}
-drck-set_isolation_state(drc, sensor_state);
+ret = drck-set_isolation_state(drc, sensor_state);
break;
case RTAS_SENSOR_TYPE_DR:
-drck-set_indicator_state(drc, sensor_state);
+ret = drck-set_indicator_state(drc, sensor_state);
break;
case RTAS_SENSOR_TYPE_ALLOCATION_STATE:
-drck-set_allocation_state(drc, sensor_state);
+ret = drck-set_allocation_state(drc, sensor_state);
break;
default:
goto out_unimplemented;
}
-rtas_st(rets, 0, RTAS_OUT_SUCCESS);
+rtas_st(rets, 0, ret);
return;
out_unimplemented:
--
2.1.0
[Qemu-devel] [PATCH v11 0/5] vGICv3 support
This series introduces support for GICv3 by KVM. Software emulation is currently not supported. v11 = v10 - Fixed minor issues with checkpatch and comments, reported by Eric Auger - Make reusable kvm_gic_supports_attr(), moved to kvm-all.c and renamed as kvm_device_check_attr(). Useful for future live migration. v9 = v10 - Renamed gicversion option to gic-version (was forgotten in v9) - Data pointer in kvm_gic_access() is now void * because in case of vGICv3 this function is expected to operate on 64-bit registers too (GICD_IROUTER for instance) v8 = v9 - Removed all limitations on CPU and IRQ number from the base class - Added back missing properties, interface is now the same as in GICv2 - Refactored reusable parts of vGICv2 code, decreased number of changes - Removed GIC type check from kvm_arch_irqchip_create(), no more need to specify GIC type early - Fixed up all commit messages / logs - Removed 'nvic' field assignment in virt machine (was forgotten in v8) - CPU number limitation for 'virt' machine now comes from memory map (how many redistributors can be placed). With current layout it appears to be 126. v7 = v8 - Removed all unused SW emulation code - Removed unnecessary attributes from common class - Set unmigratable flag for GICv3 device - Removed unnecessary conditions from kvm_arm_gicv3_realize() - Fixed GIC type setting in vexpress model, was done in wrong place - Fixed condition style in hw/intc/Makefile.objs - Cleaned up virt machine memory map v6 = v7 - Wrap own GIC type definitions on top of KVM ones. Fixed build on non-ARM-Linux hosts v5 = v6 - Fixed various checkpatch.pl style warnings - Removed TODO in gicv3_init_irqs_and_mmio(), relevant memory API patch included - gicv3_init_irqs_and_mmio() now takes 3 arguments instead of 4. It is more convenient to pass MMIO descriptors as array v4 = v5 - Do not reintroduce several constants shared with GICv2, reuse them instead. - Added gicv3_init_irqs_and_mmio() in base class, to be used by both software emulation and KVM code. Avoids code duplication. - Do not add NULL msi-parent phandle to PCI device in the FDT - Removed a couple of stale things from virt.c v3 = v4 - Fixed stupid build breakage in patch 0002 - Rebased on top of current master, patch 0003 adjusted according to kvm_irqchip_create() changes - Added assertion against uninitialized kernel_irqchip_type - Removed kernel_irqchip_type initialization from models which do not use KVM vGIC v2 = v3 - Removed some unrelated and unnecessary changes from virt machine, occasionally slipped in; some of them caused qemu to crash on ARM32. - Fixed build for ARM32; vGICv3 code requires definitions which are present only in ARM64 kernel v1 = v2 - Base class included, taken from the series by Shlomo Pongratz: http://lists.nongnu.org/archive/html/qemu-devel/2015-06/msg01512.html The code is refactored as little as possible in order to simplify further addition of software emulation: - Minor fixes in code style and comments, according to old reviews - Removed REV_V3 definition because it's currently not used, and it does not add any meaning to number 3. - Removed reserved regions for MBI and ITS (except for 'virt' machine memory map). These should go to separate classes when implemented. - Improved commit messages - vGIC patches restructured - Use 'gicversion' option instead of virt-v3 machine Pavel Fedin (4): intc/gic: Extract some reusable vGIC code arm_kvm: Do not assume particular GIC type in kvm_arch_irqchip_create() hw/intc: Initial implementation of vGICv3 hw/arm/virt: Add gic-version option to virt machine Shlomo Pongratz (1): hw/intc: Implement GIC-500 base class hw/arm/virt.c | 111 ++- hw/intc/Makefile.objs | 2 + hw/intc/arm_gic_kvm.c | 46 +--- hw/intc/arm_gicv3_common.c | 140 ++ hw/intc/arm_gicv3_kvm.c| 149 + hw/intc/vgic_common.h | 55 ++ include/hw/arm/fdt.h | 2 +- include/hw/arm/virt.h | 5 +- include/hw/intc/arm_gicv3_common.h | 68 + include/sysemu/kvm.h | 12 +++ kvm-all.c | 11 +++ target-arm/kvm.c | 10 +-- target-arm/kvm_arm.h | 10 +++ target-arm/machine.c | 18 + 14 files changed, 582 insertions(+), 57 deletions(-) create mode 100644 hw/intc/arm_gicv3_common.c create mode 100644 hw/intc/arm_gicv3_kvm.c create mode 100644 hw/intc/vgic_common.h create mode 100644 include/hw/intc/arm_gicv3_common.h -- 1.9.5.msysgit.0
[Qemu-devel] [PATCH v11 5/5] hw/arm/virt: Add gic-version option to virt machine
Add gic_version to VirtMachineState, set it to value of the option
and pass it around where necessary. Instantiate devices and fdt
nodes according to the choice.
max_cpus for virt machine increased to 126 (calculated from redistributor
space available in the memory map). GICv2 compatibility check happens
inside arm_gic_common_realize().
ITS regions are added to the memory map too, however currently they
are not used, just reserved.
Signed-off-by: Pavel Fedin p.fe...@samsung.com
---
hw/arm/virt.c | 111 +-
include/hw/arm/fdt.h | 2 +-
include/hw/arm/virt.h | 5 ++-
3 files changed, 96 insertions(+), 22 deletions(-)
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index d5a8417..e090640 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -50,6 +50,7 @@
#include hw/arm/fdt.h
#include hw/intc/arm_gic_common.h
#include kvm_arm.h
+#include qapi/visitor.h
/* Number of external interrupt lines to configure the GIC with */
#define NUM_IRQS 256
@@ -79,6 +80,7 @@ typedef struct {
typedef struct {
MachineState parent;
bool secure;
+int32_t gic_version;
} VirtMachineState;
#define TYPE_VIRT_MACHINE virt
@@ -109,6 +111,9 @@ static const MemMapEntry a15memmap[] = {
[VIRT_GIC_DIST] = { 0x0800, 0x0001 },
[VIRT_GIC_CPU] ={ 0x0801, 0x0001 },
[VIRT_GIC_V2M] ={ 0x0802, 0x1000 },
+[VIRT_ITS_CONTROL] ={ 0x0802, 0x0001 },
+[VIRT_ITS_TRANSLATION] ={ 0x0803, 0x0001 },
+[VIRT_GIC_REDIST] = { 0x0804, 0x00FC },
[VIRT_UART] = { 0x0900, 0x1000 },
[VIRT_RTC] ={ 0x0901, 0x1000 },
[VIRT_FW_CFG] = { 0x0902, 0x000a },
@@ -258,10 +263,13 @@ static void fdt_add_timer_nodes(const VirtBoardInfo *vbi)
* they are edge-triggered.
*/
ARMCPU *armcpu;
+uint32_t max;
uint32_t irqflags = GIC_FDT_IRQ_FLAGS_EDGE_LO_HI;
+/* Argument is 32 bit but 8 bits are reserved for flags */
+max = (vbi-smp_cpus = 24) ? 24 : vbi-smp_cpus;
irqflags = deposit32(irqflags, GIC_FDT_IRQ_PPI_CPU_START,
- GIC_FDT_IRQ_PPI_CPU_WIDTH, (1 vbi-smp_cpus) - 1);
+ GIC_FDT_IRQ_PPI_CPU_WIDTH, (1 max) - 1);
qemu_fdt_add_subnode(vbi-fdt, /timer);
@@ -285,6 +293,18 @@ static void fdt_add_cpu_nodes(const VirtBoardInfo *vbi)
{
int cpu;
+/*
+ * From Documentation/devicetree/bindings/arm/cpus.txt
+ * On ARM v8 64-bit systems value should be set to 2,
+ * that corresponds to the MPIDR_EL1 register size.
+ * If MPIDR_EL1[63:32] value is equal to 0 on all CPUs
+ * in the system, #address-cells can be set to 1, since
+ * MPIDR_EL1[63:32] bits are not used for CPUs
+ * identification.
+ *
+ * Now GIC500 doesn't support affinities 2 3 so currently
+ * #address-cells can stay 1 until future GIC
+ */
qemu_fdt_add_subnode(vbi-fdt, /cpus);
qemu_fdt_setprop_cell(vbi-fdt, /cpus, #address-cells, 0x1);
qemu_fdt_setprop_cell(vbi-fdt, /cpus, #size-cells, 0x0);
@@ -321,25 +341,36 @@ static void fdt_add_v2m_gic_node(VirtBoardInfo *vbi)
qemu_fdt_setprop_cell(vbi-fdt, /intc/v2m, phandle, vbi-v2m_phandle);
}
-static void fdt_add_gic_node(VirtBoardInfo *vbi)
+static void fdt_add_gic_node(VirtBoardInfo *vbi, int type)
{
vbi-gic_phandle = qemu_fdt_alloc_phandle(vbi-fdt);
qemu_fdt_setprop_cell(vbi-fdt, /, interrupt-parent, vbi-gic_phandle);
qemu_fdt_add_subnode(vbi-fdt, /intc);
-/* 'cortex-a15-gic' means 'GIC v2' */
-qemu_fdt_setprop_string(vbi-fdt, /intc, compatible,
-arm,cortex-a15-gic);
qemu_fdt_setprop_cell(vbi-fdt, /intc, #interrupt-cells, 3);
qemu_fdt_setprop(vbi-fdt, /intc, interrupt-controller, NULL, 0);
-qemu_fdt_setprop_sized_cells(vbi-fdt, /intc, reg,
- 2, vbi-memmap[VIRT_GIC_DIST].base,
- 2, vbi-memmap[VIRT_GIC_DIST].size,
- 2, vbi-memmap[VIRT_GIC_CPU].base,
- 2, vbi-memmap[VIRT_GIC_CPU].size);
qemu_fdt_setprop_cell(vbi-fdt, /intc, #address-cells, 0x2);
qemu_fdt_setprop_cell(vbi-fdt, /intc, #size-cells, 0x2);
qemu_fdt_setprop(vbi-fdt, /intc, ranges, NULL, 0);
+if (type == 3) {
+qemu_fdt_setprop_string(vbi-fdt, /intc, compatible,
+arm,gic-v3);
+qemu_fdt_setprop_sized_cells(vbi-fdt, /intc, reg,
+ 2, vbi-memmap[VIRT_GIC_DIST].base,
+ 2, vbi-memmap[VIRT_GIC_DIST].size,
+ 2, vbi-memmap[VIRT_GIC_REDIST].base,
+ 2, vbi-memmap[VIRT_GIC_REDIST].size);
+} else {
+/* 'cortex-a15-gic' means 'GIC v2' */
+
[Qemu-devel] [PATCH v11 1/5] hw/intc: Implement GIC-500 base class
From: Shlomo Pongratz shlomo.pongr...@huawei.com
This class is to be used by both software and KVM implementations of GICv3
Currently it is mostly a placeholder, but in future it is supposed to hold
qemu's representation of GICv3 state, which is necessary for migration.
The interface of this class is fully compatible with GICv2 one. This is
done in order to simplify integration with existing code.
Signed-off-by: Shlomo Pongratz shlomo.pongr...@huawei.com
Signed-off-by: Pavel Fedin p.fe...@samsung.com
Reviewed-by: Eric Auger eric.au...@linaro.org
---
hw/intc/Makefile.objs | 1 +
hw/intc/arm_gicv3_common.c | 140 +
include/hw/intc/arm_gicv3_common.h | 68 ++
3 files changed, 209 insertions(+)
create mode 100644 hw/intc/arm_gicv3_common.c
create mode 100644 include/hw/intc/arm_gicv3_common.h
diff --git a/hw/intc/Makefile.objs b/hw/intc/Makefile.objs
index 092d8a8..1317e5a 100644
--- a/hw/intc/Makefile.objs
+++ b/hw/intc/Makefile.objs
@@ -12,6 +12,7 @@ common-obj-$(CONFIG_IOAPIC) += ioapic_common.o
common-obj-$(CONFIG_ARM_GIC) += arm_gic_common.o
common-obj-$(CONFIG_ARM_GIC) += arm_gic.o
common-obj-$(CONFIG_ARM_GIC) += arm_gicv2m.o
+common-obj-$(CONFIG_ARM_GIC) += arm_gicv3_common.o
common-obj-$(CONFIG_OPENPIC) += openpic.o
obj-$(CONFIG_APIC) += apic.o apic_common.o
diff --git a/hw/intc/arm_gicv3_common.c b/hw/intc/arm_gicv3_common.c
new file mode 100644
index 000..032ece2
--- /dev/null
+++ b/hw/intc/arm_gicv3_common.c
@@ -0,0 +1,140 @@
+/*
+ * ARM GICv3 support - common bits of emulated and KVM kernel model
+ *
+ * Copyright (c) 2012 Linaro Limited
+ * Copyright (c) 2015 Huawei.
+ * Written by Peter Maydell
+ * Extended to 64 cores by Shlomo Pongratz
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see http://www.gnu.org/licenses/.
+ */
+
+#include hw/intc/arm_gicv3_common.h
+
+static void gicv3_pre_save(void *opaque)
+{
+GICv3State *s = (GICv3State *)opaque;
+ARMGICv3CommonClass *c = ARM_GICV3_COMMON_GET_CLASS(s);
+
+if (c-pre_save) {
+c-pre_save(s);
+}
+}
+
+static int gicv3_post_load(void *opaque, int version_id)
+{
+GICv3State *s = (GICv3State *)opaque;
+ARMGICv3CommonClass *c = ARM_GICV3_COMMON_GET_CLASS(s);
+
+if (c-post_load) {
+c-post_load(s);
+}
+return 0;
+}
+
+static const VMStateDescription vmstate_gicv3 = {
+.name = arm_gicv3,
+.unmigratable = 1,
+.pre_save = gicv3_pre_save,
+.post_load = gicv3_post_load,
+};
+
+void gicv3_init_irqs_and_mmio(GICv3State *s, qemu_irq_handler handler,
+ const MemoryRegionOps *ops)
+{
+SysBusDevice *sbd = SYS_BUS_DEVICE(s);
+int i;
+
+/* For the GIC, also expose incoming GPIO lines for PPIs for each CPU.
+ * GPIO array layout is thus:
+ * [0..N-1] spi
+ * [N..N+31] PPIs for CPU 0
+ * [N+32..N+63] PPIs for CPU 1
+ * ...
+ */
+i = s-num_irq - GIC_INTERNAL + GIC_INTERNAL * s-num_cpu;
+qdev_init_gpio_in(DEVICE(s), handler, i);
+
+s-parent_irq = g_malloc(s-num_cpu * sizeof(qemu_irq));
+s-parent_fiq = g_malloc(s-num_cpu * sizeof(qemu_irq));
+
+for (i = 0; i s-num_cpu; i++) {
+sysbus_init_irq(sbd, s-parent_irq[i]);
+}
+for (i = 0; i s-num_cpu; i++) {
+sysbus_init_irq(sbd, s-parent_fiq[i]);
+}
+
+memory_region_init_io(s-iomem_dist, OBJECT(s), ops, s,
+ gicv3_dist, 0x1);
+memory_region_init_io(s-iomem_redist, OBJECT(s), ops ? ops[1] : NULL, s,
+ gicv3_redist, 0x2 * s-num_cpu);
+
+sysbus_init_mmio(sbd, s-iomem_dist);
+sysbus_init_mmio(sbd, s-iomem_redist);
+}
+
+static void arm_gicv3_common_realize(DeviceState *dev, Error **errp)
+{
+GICv3State *s = ARM_GICV3_COMMON(dev);
+
+/* revision property is actually reserved and currently used only in order
+ * to keep the interface compatible with GICv2 code, avoiding extra
+ * conditions. However, in future it could be used, for example, if we
+ * implement GICv4.
+ */
+if (s-revision != 3) {
+error_setg(errp, unsupported GIC revision %d, s-revision);
+return;
+}
+}
+
+static void arm_gicv3_common_reset(DeviceState *dev)
+{
+/* TODO */
+}
+
+static Property arm_gicv3_common_properties[] = {
+DEFINE_PROP_UINT32(num-cpu, GICv3State, num_cpu, 1),
+
[Qemu-devel] [PATCH v11 2/5] intc/gic: Extract some reusable vGIC code
Some functions previously used only by vGICv2 are useful also for vGICv3
implementation. Untie them from GICState and make accessible from within
other modules:
- kvm_arm_gic_set_irq()
- kvm_gic_access() - data pointer changed to void * because some GICv3
registers are 64-bit wide
- kvm_gicd_access()
- kvm_gicc_access() - actually GICv2-specific, but changed to keep the
code style unified with kvm_gicd_access()
- kvm_gic_supports_attr() - moved to common code and renamed to
kvm_device_check_attr()
Some of these changes are not used right now, but they will be helpful for
implementing live migration
Actually kvm_dist_get() and kvm_dist_put() could also be made reusable, but
they would require two extra parameters (s-dev_fd and s-num_cpu) as well as
lots of typecasts of 's' to DeviceState * and back to GICState *. This makes
the code very ugly so i decided to stop at this point. I tried also an
approach with making a base class for all possible GICs, but it would contain
only three variables (dev_fd, cpu_num and irq_num), and accessing them through
the rest of the code would be again tedious (either ugly casts or qemu-style
separate object pointer). So i disliked it too.
Signed-off-by: Pavel Fedin p.fe...@samsung.com
---
hw/intc/arm_gic_kvm.c | 46 +++---
hw/intc/vgic_common.h | 55 +++
include/sysemu/kvm.h | 12 +++
kvm-all.c | 11 +++
4 files changed, 98 insertions(+), 26 deletions(-)
create mode 100644 hw/intc/vgic_common.h
diff --git a/hw/intc/arm_gic_kvm.c b/hw/intc/arm_gic_kvm.c
index e5d0f67..288248b 100644
--- a/hw/intc/arm_gic_kvm.c
+++ b/hw/intc/arm_gic_kvm.c
@@ -23,6 +23,7 @@
#include sysemu/kvm.h
#include kvm_arm.h
#include gic_internal.h
+#include vgic_common.h
//#define DEBUG_GIC_KVM
@@ -52,7 +53,7 @@ typedef struct KVMARMGICClass {
void (*parent_reset)(DeviceState *dev);
} KVMARMGICClass;
-static void kvm_arm_gic_set_irq(void *opaque, int irq, int level)
+void kvm_arm_gic_set_irq(uint32_t num_irq, int irq, int level)
{
/* Meaning of the 'irq' parameter:
* [0..N-1] : external interrupts
@@ -63,10 +64,9 @@ static void kvm_arm_gic_set_irq(void *opaque, int irq, int
level)
* has separate fields in the irq number for type,
* CPU number and interrupt number.
*/
-GICState *s = (GICState *)opaque;
int kvm_irq, irqtype, cpu;
-if (irq (s-num_irq - GIC_INTERNAL)) {
+if (irq (num_irq - GIC_INTERNAL)) {
/* External interrupt. The kernel numbers these like the GIC
* hardware, with external interrupt IDs starting after the
* internal ones.
@@ -77,7 +77,7 @@ static void kvm_arm_gic_set_irq(void *opaque, int irq, int
level)
} else {
/* Internal interrupt: decode into (cpu, interrupt id) */
irqtype = KVM_ARM_IRQ_TYPE_PPI;
-irq -= (s-num_irq - GIC_INTERNAL);
+irq -= (num_irq - GIC_INTERNAL);
cpu = irq / GIC_INTERNAL;
irq %= GIC_INTERNAL;
}
@@ -87,6 +87,13 @@ static void kvm_arm_gic_set_irq(void *opaque, int irq, int
level)
kvm_set_irq(kvm_state, kvm_irq, !!level);
}
+static void kvm_arm_gicv2_set_irq(void *opaque, int irq, int level)
+{
+GICState *s = (GICState *)opaque;
+
+kvm_arm_gic_set_irq(s-num_irq, irq, level);
+}
+
static bool kvm_arm_gic_can_save_restore(GICState *s)
{
return s-dev_fd = 0;
@@ -107,8 +114,8 @@ static bool kvm_gic_supports_attr(GICState *s, int group,
int attrnum)
return kvm_device_ioctl(s-dev_fd, KVM_HAS_DEVICE_ATTR, attr) == 0;
}
-static void kvm_gic_access(GICState *s, int group, int offset,
- int cpu, uint32_t *val, bool write)
+void kvm_gic_access(int dev_fd, int group, int offset,
+int cpu, void *val, bool write)
{
struct kvm_device_attr attr;
int type;
@@ -130,7 +137,7 @@ static void kvm_gic_access(GICState *s, int group, int
offset,
type = KVM_GET_DEVICE_ATTR;
}
-err = kvm_device_ioctl(s-dev_fd, type, attr);
+err = kvm_device_ioctl(dev_fd, type, attr);
if (err 0) {
fprintf(stderr, KVM_{SET/GET}_DEVICE_ATTR failed: %s\n,
strerror(-err));
@@ -138,20 +145,6 @@ static void kvm_gic_access(GICState *s, int group, int
offset,
}
}
-static void kvm_gicd_access(GICState *s, int offset, int cpu,
-uint32_t *val, bool write)
-{
-kvm_gic_access(s, KVM_DEV_ARM_VGIC_GRP_DIST_REGS,
- offset, cpu, val, write);
-}
-
-static void kvm_gicc_access(GICState *s, int offset, int cpu,
-uint32_t *val, bool write)
-{
-kvm_gic_access(s, KVM_DEV_ARM_VGIC_GRP_CPU_REGS,
- offset, cpu, val, write);
-}
-
#define for_each_irq_reg(_ctr, _max_irq, _field_width) \
for (_ctr = 0; _ctr ((_max_irq) / (32 / (_field_width))); _ctr++)
@@ -559,7 +552,7 @@ static void
[Qemu-devel] [PATCH v11 3/5] arm_kvm: Do not assume particular GIC type in kvm_arch_irqchip_create()
This allows to use different GIC types from v2. There are no kernels which
could advertise KVM_CAP_DEVICE_CTRL without the actual ability to create
GIC with it.
Signed-off-by: Pavel Fedin p.fe...@samsung.com
Reviewed-by: Eric Auger eric.au...@linaro.org
---
target-arm/kvm.c | 10 +-
1 file changed, 1 insertion(+), 9 deletions(-)
diff --git a/target-arm/kvm.c b/target-arm/kvm.c
index b278542..22383c5 100644
--- a/target-arm/kvm.c
+++ b/target-arm/kvm.c
@@ -585,18 +585,10 @@ void kvm_arch_init_irq_routing(KVMState *s)
int kvm_arch_irqchip_create(KVMState *s)
{
-int ret;
-
/* If we can create the VGIC using the newer device control API, we
* let the device do this when it initializes itself, otherwise we
* fall back to the old API */
-
-ret = kvm_create_device(s, KVM_DEV_TYPE_ARM_VGIC_V2, true);
-if (ret == 0) {
-return 1;
-}
-
-return 0;
+return kvm_check_extension(s, KVM_CAP_DEVICE_CTRL);
}
int kvm_arch_fixup_msi_route(struct kvm_irq_routing_entry *route,
--
1.9.5.msysgit.0
Re: [Qemu-devel] [PATCH v10 2/5] intc/gic: Extract some reusable vGIC code
Hello! I think it would be worth justifying the changes in signature: removal of GICState* due to the introduction of GICV3State and also justify replacement of uint32_t *val into void*. I described it in the cover letter. Right now you don't see usage for it, but here i started prototyping live migration, and in some cases 'val' is going to be uint64_t. This is because GICD_IROUTER registers are 64 bits wide. kvm_gic_access() by itself does not dereference the pointer, just passes it to the kernel, therefore i decided to make it type-agnostic. what is the point of moving kvm_gicd_access and kvm_gicc_access here? If I am not mistaken, they only are used in arm_gic_kvm.c? I think they can stay static in arm_gic_kvm.c? They will be used in future for live migration, at least kvm_gicd_access. kvm_gicc_access just accompanies it to keep a single style for both. Kind regards, Pavel Fedin Expert Engineer Samsung Electronics Research center Russia
Re: [Qemu-devel] [PATCH v14 0/8] i.MX: Add i.MX25 support through the PDK evaluation board
Hi Peter, Do you expect more work on this series? JC Le 11/08/2015 00:02, Jean-Christophe Dubois a écrit : This series of patches is generated against Peter Maydell GIT tree: https://git.linaro.org/people/peter.maydell/qemu-arm.git branch target-arm-post-2.4 This series of patches add the support for the i.MX25 processor through the Freescale PDK evaluation board. For now a limited set of devices is supported. * GPT timers (from i.MX31) * EPIT timers (from i.MX31) * Serial ports (from i.MX31) * Ethernet FEC port * I2C controller In the process the KZM platform was split into an i.MX31 SOC and a plateform part. Also, I2C devices was added to the i.MX31 SOC. This was tested by: * booting a minimal linux system on the i.MX25 PDK platform * booting the Xvisor hypervisor on the i.MX25 PDK platform * booting a minimal linux system on the KZM platform Jean-Christophe Dubois (8): i.MX: Add SOC support for i.MX31 i.MX: KZM now uses the standalone i.MX31 SOC support i.MX: Add I2C controller emulator i.MX: Add FEC Ethernet Emulator i.MX: Add SOC support for i.MX25 i.MX: Add the i.MX25 PDK plateform i.MX: Add qtest support for I2C device emulator. i.MX: Add i2C devices to i.MX31 SOC default-configs/arm-softmmu.mak | 6 + hw/arm/Makefile.objs| 4 +- hw/arm/fsl-imx25.c | 273 hw/arm/fsl-imx31.c | 246 ++ hw/arm/imx25_pdk.c | 165 ++ hw/arm/kzm.c| 209 ++-- hw/char/imx_serial.c| 35 -- hw/i2c/Makefile.objs| 1 + hw/i2c/imx_i2c.c| 339 +++ hw/net/Makefile.objs| 1 + hw/net/imx_fec.c| 709 hw/timer/imx_epit.c | 11 - hw/timer/imx_gpt.c | 11 - include/hw/arm/fsl-imx25.h | 234 + include/hw/arm/fsl-imx31.h | 110 +++ include/hw/arm/imx.h| 26 -- include/hw/i2c/imx_i2c.h| 85 + include/hw/net/imx_fec.h| 113 +++ tests/Makefile | 3 + tests/ds1338-test.c | 78 + tests/libqos/i2c-imx.c | 209 tests/libqos/i2c.h | 3 + 22 files changed, 2684 insertions(+), 187 deletions(-) create mode 100644 hw/arm/fsl-imx25.c create mode 100644 hw/arm/fsl-imx31.c create mode 100644 hw/arm/imx25_pdk.c create mode 100644 hw/i2c/imx_i2c.c create mode 100644 hw/net/imx_fec.c create mode 100644 include/hw/arm/fsl-imx25.h create mode 100644 include/hw/arm/fsl-imx31.h delete mode 100644 include/hw/arm/imx.h create mode 100644 include/hw/i2c/imx_i2c.h create mode 100644 include/hw/net/imx_fec.h create mode 100644 tests/ds1338-test.c create mode 100644 tests/libqos/i2c-imx.c
[Qemu-devel] [PATCH v11 4/5] hw/intc: Initial implementation of vGICv3
This is the initial version of KVM-accelerated GICv3 support.
State load and save are not yet supported, live migration is
not possible.
In order to get correct class name in a simpler way, gicv3_class_name()
function is implemented, similar to gic_class_name().
Signed-off-by: Pavel Fedin p.fe...@samsung.com
Reviewed-by: Peter Maydell peter.mayd...@linaro.org
---
hw/intc/Makefile.objs | 1 +
hw/intc/arm_gicv3_kvm.c | 149
target-arm/kvm_arm.h| 10
target-arm/machine.c| 18 ++
4 files changed, 178 insertions(+)
create mode 100644 hw/intc/arm_gicv3_kvm.c
diff --git a/hw/intc/Makefile.objs b/hw/intc/Makefile.objs
index 1317e5a..004b0c2 100644
--- a/hw/intc/Makefile.objs
+++ b/hw/intc/Makefile.objs
@@ -17,6 +17,7 @@ common-obj-$(CONFIG_OPENPIC) += openpic.o
obj-$(CONFIG_APIC) += apic.o apic_common.o
obj-$(CONFIG_ARM_GIC_KVM) += arm_gic_kvm.o
+obj-$(call land,$(CONFIG_ARM_GIC_KVM),$(TARGET_AARCH64)) += arm_gicv3_kvm.o
obj-$(CONFIG_STELLARIS) += armv7m_nvic.o
obj-$(CONFIG_EXYNOS4) += exynos4210_gic.o exynos4210_combiner.o
obj-$(CONFIG_GRLIB) += grlib_irqmp.o
diff --git a/hw/intc/arm_gicv3_kvm.c b/hw/intc/arm_gicv3_kvm.c
new file mode 100644
index 000..8070a2a
--- /dev/null
+++ b/hw/intc/arm_gicv3_kvm.c
@@ -0,0 +1,149 @@
+/*
+ * ARM Generic Interrupt Controller using KVM in-kernel support
+ *
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ * Written by Pavel Fedin
+ * Based on vGICv2 code by Peter Maydell
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see http://www.gnu.org/licenses/.
+ */
+
+#include hw/intc/arm_gicv3_common.h
+#include hw/sysbus.h
+#include sysemu/kvm.h
+#include kvm_arm.h
+#include vgic_common.h
+
+#ifdef DEBUG_GICV3_KVM
+#define DPRINTF(fmt, ...) \
+do { fprintf(stderr, kvm_gicv3: fmt, ## __VA_ARGS__); } while (0)
+#else
+#define DPRINTF(fmt, ...) \
+do { } while (0)
+#endif
+
+#define TYPE_KVM_ARM_GICV3 kvm-arm-gicv3
+#define KVM_ARM_GICV3(obj) \
+ OBJECT_CHECK(GICv3State, (obj), TYPE_KVM_ARM_GICV3)
+#define KVM_ARM_GICV3_CLASS(klass) \
+ OBJECT_CLASS_CHECK(KVMARMGICv3Class, (klass), TYPE_KVM_ARM_GICV3)
+#define KVM_ARM_GICV3_GET_CLASS(obj) \
+ OBJECT_GET_CLASS(KVMARMGICv3Class, (obj), TYPE_KVM_ARM_GICV3)
+
+typedef struct KVMARMGICv3Class {
+ARMGICv3CommonClass parent_class;
+DeviceRealize parent_realize;
+void (*parent_reset)(DeviceState *dev);
+} KVMARMGICv3Class;
+
+static void kvm_arm_gicv3_set_irq(void *opaque, int irq, int level)
+{
+GICv3State *s = (GICv3State *)opaque;
+
+kvm_arm_gic_set_irq(s-num_irq, irq, level);
+}
+
+static void kvm_arm_gicv3_put(GICv3State *s)
+{
+/* TODO */
+DPRINTF(Cannot put kernel gic state, no kernel interface\n);
+}
+
+static void kvm_arm_gicv3_get(GICv3State *s)
+{
+/* TODO */
+DPRINTF(Cannot get kernel gic state, no kernel interface\n);
+}
+
+static void kvm_arm_gicv3_reset(DeviceState *dev)
+{
+GICv3State *s = ARM_GICV3_COMMON(dev);
+KVMARMGICv3Class *kgc = KVM_ARM_GICV3_GET_CLASS(s);
+
+DPRINTF(Reset\n);
+
+kgc-parent_reset(dev);
+kvm_arm_gicv3_put(s);
+}
+
+static void kvm_arm_gicv3_realize(DeviceState *dev, Error **errp)
+{
+GICv3State *s = KVM_ARM_GICV3(dev);
+KVMARMGICv3Class *kgc = KVM_ARM_GICV3_GET_CLASS(s);
+Error *local_err = NULL;
+
+DPRINTF(kvm_arm_gicv3_realize\n);
+
+kgc-parent_realize(dev, local_err);
+if (local_err) {
+error_propagate(errp, local_err);
+return;
+}
+
+if (s-security_extn) {
+error_setg(errp, the in-kernel VGICv3 does not implement the
+ security extensions);
+return;
+}
+
+gicv3_init_irqs_and_mmio(s, kvm_arm_gicv3_set_irq, NULL);
+
+/* Try to create the device via the device control API */
+s-dev_fd = kvm_create_device(kvm_state, KVM_DEV_TYPE_ARM_VGIC_V3, false);
+if (s-dev_fd 0) {
+error_setg_errno(errp, -s-dev_fd, error creating in-kernel VGIC);
+return;
+}
+
+kvm_gic_access(s-dev_fd, KVM_DEV_ARM_VGIC_GRP_NR_IRQS,
+ 0, 0, s-num_irq, 1);
+
+/* Tell the kernel to complete VGIC initialization now */
+kvm_gic_access(s-dev_fd, KVM_DEV_ARM_VGIC_GRP_CTRL,
+ KVM_DEV_ARM_VGIC_CTRL_INIT, 0, 0, 1);
+
+kvm_arm_register_device(s-iomem_dist, -1, KVM_DEV_ARM_VGIC_GRP_ADDR,
+
Re: [Qemu-devel] [PATCH v10 4/5] hw/intc: Initial implementation of vGICv3
Hello! Signed-off-by: Pavel Fedin p.fe...@samsung.com in v8 you got Peter's R-b. Did you omit it willingly or did you make any changes since that. A changelog would ease the review in any case. Oops, i just forgot it. Thanks. Will fixup your notes and add it in v11. Kind regards, Pavel Fedin Expert Engineer Samsung Electronics Research center Russia
[Qemu-devel] [RFC PATCH v0 3/3] spapr: Memory hot-unplug support
Add support to hot remove pc-dimm memory devices.
Signed-off-by: Bharata B Rao bhar...@linux.vnet.ibm.com
---
hw/ppc/spapr.c | 114 -
hw/ppc/spapr_drc.c | 21 +
include/hw/ppc/spapr.h | 2 +
3 files changed, 136 insertions(+), 1 deletion(-)
diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index 06d000d..441012d 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -2110,6 +2110,109 @@ out:
error_propagate(errp, local_err);
}
+typedef struct sPAPRDIMMState {
+uint32_t nr_lmbs;
+} sPAPRDIMMState;
+
+/*
+ * Called from spapr_drc.c: set_isolation_state().
+ *
+ * If the drc is being marked as ISOLATED, ensure that the corresponding
+ * LMB is part of the DIMM device which is being deleted.
+ */
+int spapr_lmb_in_removable_dimm(sPAPRDRConnector *drc,
+sPAPRDRIsolationState state)
+{
+DeviceState *dev = drc-dev;
+PCDIMMDevice *dimm = PC_DIMM(dev);
+
+if (state != SPAPR_DR_ISOLATION_STATE_ISOLATED) {
+return 0;
+}
+
+if (!dimm-delete_pending) {
+return -1;
+}
+
+return 0;
+}
+
+static void spapr_lmb_release(DeviceState *dev, void *opaque)
+{
+sPAPRDIMMState *ds = (sPAPRDIMMState *)opaque;
+HotplugHandler *hotplug_ctrl = NULL;
+Error *local_err = NULL;
+
+if (--ds-nr_lmbs) {
+return;
+}
+
+g_free(ds);
+
+/*
+ * Now that all the LMBs have been removed by the guest, call the
+ * pc-dimm unplug handler to cleanup up the pc-dimm device.
+ */
+hotplug_ctrl = qdev_get_hotplug_handler(dev);
+hotplug_handler_unplug(hotplug_ctrl, dev, local_err);
+}
+
+static void spapr_del_lmbs(DeviceState *dev, uint64_t addr, uint64_t size,
+ Error **errp)
+{
+sPAPRDRConnector *drc;
+sPAPRDRConnectorClass *drck;
+uint32_t nr_lmbs = size/SPAPR_MEMORY_BLOCK_SIZE;
+Error *local_err = NULL;
+int i;
+sPAPRDIMMState *ds = g_malloc0(sizeof(sPAPRDIMMState));
+
+ds-nr_lmbs = nr_lmbs;
+for (i = 0; i nr_lmbs; i++) {
+drc = spapr_dr_connector_by_id(SPAPR_DR_CONNECTOR_TYPE_LMB,
+addr/SPAPR_MEMORY_BLOCK_SIZE);
+g_assert(drc);
+
+drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc);
+drck-detach(drc, dev, spapr_lmb_release, ds, local_err);
+addr += SPAPR_MEMORY_BLOCK_SIZE;
+}
+spapr_hotplug_req_remove_by_count(SPAPR_DR_CONNECTOR_TYPE_LMB, nr_lmbs);
+}
+
+static void spapr_memory_unplug(HotplugHandler *hotplug_dev, DeviceState *dev,
+Error **errp)
+{
+sPAPRMachineState *ms = SPAPR_MACHINE(hotplug_dev);
+PCDIMMDevice *dimm = PC_DIMM(dev);
+PCDIMMDeviceClass *ddc = PC_DIMM_GET_CLASS(dimm);
+MemoryRegion *mr = ddc-get_memory_region(dimm);
+
+pc_dimm_memory_unplug(dev, ms-hotplug_memory, mr);
+object_unparent(OBJECT(dev));
+}
+
+static void spapr_memory_unplug_request(HotplugHandler *hotplug_dev,
+DeviceState *dev, Error **errp)
+{
+Error *local_err = NULL;
+PCDIMMDevice *dimm = PC_DIMM(dev);
+PCDIMMDeviceClass *ddc = PC_DIMM_GET_CLASS(dimm);
+MemoryRegion *mr = ddc-get_memory_region(dimm);
+uint64_t size = memory_region_size(mr);
+uint64_t addr;
+
+addr = object_property_get_int(OBJECT(dimm), PC_DIMM_ADDR_PROP,
local_err);
+if (local_err) {
+goto out;
+}
+
+dimm-delete_pending = true;
+spapr_del_lmbs(dev, addr, size, local_err);
+out:
+error_propagate(errp, local_err);
+}
+
static void spapr_machine_device_plug(HotplugHandler *hotplug_dev,
DeviceState *dev, Error **errp)
{
@@ -2157,7 +2260,15 @@ static void spapr_machine_device_unplug(HotplugHandler
*hotplug_dev,
DeviceState *dev, Error **errp)
{
if (object_dynamic_cast(OBJECT(dev), TYPE_PC_DIMM)) {
-error_setg(errp, Memory hot unplug not supported by sPAPR);
+spapr_memory_unplug(hotplug_dev, dev, errp);
+}
+}
+
+static void spapr_machine_device_unplug_request(HotplugHandler *hotplug_dev,
+DeviceState *dev, Error **errp)
+{
+if (object_dynamic_cast(OBJECT(dev), TYPE_PC_DIMM)) {
+spapr_memory_unplug_request(hotplug_dev, dev, errp);
}
}
@@ -2191,6 +2302,7 @@ static void spapr_machine_class_init(ObjectClass *oc,
void *data)
mc-get_hotplug_handler = spapr_get_hotpug_handler;
hc-plug = spapr_machine_device_plug;
hc-unplug = spapr_machine_device_unplug;
+hc-unplug_request = spapr_machine_device_unplug_request;
smc-dr_lmb_enabled = false;
fwc-get_dev_path = spapr_get_fw_dev_path;
diff --git a/hw/ppc/spapr_drc.c b/hw/ppc/spapr_drc.c
index 8cbcf4d..b9d7c71 100644
--- a/hw/ppc/spapr_drc.c
+++ b/hw/ppc/spapr_drc.c
@@ -11,6 +11,7 @@
*/
#include hw/ppc/spapr_drc.h
+#include hw/ppc/spapr.h
#include qom/object.h
#include hw/qdev.h
#include
[Qemu-devel] [RFC PATCH v0 1/3] pc-dimm: Add a field to PCDIMMDevice to mark device deletion state
Add a field to PCDIMMDevice to note that the device has been marked
for removal. This will be used by PowerPC memory hotplug code to
honour the LMB removal requests of only those LMBs that belong to
PCDIMMDevice that has been marked for removal. This will be set from
-unplug() handler.
Signed-off-by: Bharata B Rao bhar...@linux.vnet.ibm.com
---
include/hw/mem/pc-dimm.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/hw/mem/pc-dimm.h b/include/hw/mem/pc-dimm.h
index d83bf30..4ca9316 100644
--- a/include/hw/mem/pc-dimm.h
+++ b/include/hw/mem/pc-dimm.h
@@ -56,6 +56,7 @@ typedef struct PCDIMMDevice {
uint32_t node;
int32_t slot;
HostMemoryBackend *hostmem;
+bool delete_pending;
} PCDIMMDevice;
/**
--
2.1.0
[Qemu-devel] [RFC PATCH v0 0/3] sPAPR: Memory hot removal support
This patchset enables memory hot unplug for PowerPC sPAPR guests. This applies against spapr-next branch of David Gibson's tree that currently contains the memory hotplug code for sPAPR. Currently with drmgr, it is not possible to attempt just the removal of those LMBs that form the DIMM device when the DIMM device is removed. drmgr just walks through all the available 'removable' LMBs and tries to off-line the specified number of LMBs. Because of this, I have introduced some additional checks in QEMU to fail the removal request of an LMB that doesn't belong to the DIMM device which is being unplugged. This causes some churn in the guest when the LMB that didn't belong to the DIMM device was offlined and later brought online again by drmgr when QEMU fails the release of the corresponding DRC object. Bharata B Rao (3): pc-dimm: Add a field to PCDIMMDevice to mark device deletion state spapr-rtas: Enable rtas_set_indicator() to return correct error spapr: Memory hot-unplug support hw/ppc/spapr.c | 114 ++- hw/ppc/spapr_drc.c | 21 + hw/ppc/spapr_rtas.c | 9 ++-- include/hw/mem/pc-dimm.h | 1 + include/hw/ppc/spapr.h | 2 + 5 files changed, 142 insertions(+), 5 deletions(-) -- 2.1.0
Re: [Qemu-devel] [PATCH v10 2/5] intc/gic: Extract some reusable vGIC code
Hi Pavel, On 08/19/2015 08:36 AM, Pavel Fedin wrote: Hello! I think it would be worth justifying the changes in signature: removal of GICState* due to the introduction of GICV3State and also justify replacement of uint32_t *val into void*. I described it in the cover letter. OK thanks for the explanations. I think they are useful to understand the content of the patch and I would advise you to put them in the commit message since the cover letter then is discarded when committing the series. Right now you don't see usage for it, but here i started prototyping live migration, and in some cases 'val' is going to be uint64_t. This is because GICD_IROUTER registers are 64 bits wide. kvm_gic_access() by itself does not dereference the pointer, just passes it to the kernel, therefore i decided to make it type-agnostic. what is the point of moving kvm_gicd_access and kvm_gicc_access here? If I am not mistaken, they only are used in arm_gic_kvm.c? I think they can stay static in arm_gic_kvm.c? They will be used in future for live migration, at least kvm_gicd_access. kvm_gicc_access just accompanies it to keep a single style for both. OK. Then either explain it in the commit msg or move them later when live migration gets implemented. Best Regards Eric Kind regards, Pavel Fedin Expert Engineer Samsung Electronics Research center Russia
Re: [Qemu-devel] [PATCH v6] hw/arm/virt: Add high MMIO PCI region, 512G in size
PING
Kind regards,
Pavel Fedin
Expert Engineer
Samsung Electronics Research center Russia
-Original Message-
From: qemu-devel-bounces+p.fedin=samsung@nongnu.org [mailto:qemu-devel-
bounces+p.fedin=samsung@nongnu.org] On Behalf Of Pavel Fedin
Sent: Wednesday, August 12, 2015 3:12 PM
To: qemu-devel@nongnu.org
Cc: 'Peter Maydell'; 'Alexander Graf'; 'Igor Mammedov'
Subject: [Qemu-devel] [PATCH v6] hw/arm/virt: Add high MMIO PCI region, 512G
in size
This large region is necessary for some devices like ivshmem and video cards
32-bit kernels can be built without LPAE support. In this case such a kernel
will not be able to use PCI controller which has windows in high addresses.
In order to work around the problem, highmem option is introduced. It
defaults to on on, but can be manually set to off in order to be able to run
those old 32-bit guests.
Signed-off-by: Pavel Fedin p.fe...@samsung.com
---
v5 = v6:
- Specify correct FDT_PCI_RANGE_MMIO_64BIT type for the region, the bug
was discovered by running UEFI
v4 = v5:
- Removed machine-dependent highmem default, now always ON
v3 = v4:
- Added highmem option which controls presence of this region. Default
value is on for 64-bit CPUs and off for 32-bit CPUs.
- Supply correct min and max address to aml_qword_memory()
v2 = v3:
- Region size increased to 512G
- Added ACPI description
v1 = v2:
- Region address changed to 512G, leaving more space for RAM
---
hw/arm/virt-acpi-build.c | 17 +--
hw/arm/virt.c| 63
+++-
include/hw/arm/virt-acpi-build.h | 1 +
include/hw/arm/virt.h| 1 +
4 files changed, 73 insertions(+), 9 deletions(-)
diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
index f365140..9088248 100644
--- a/hw/arm/virt-acpi-build.c
+++ b/hw/arm/virt-acpi-build.c
@@ -159,7 +159,8 @@ static void acpi_dsdt_add_virtio(Aml *scope,
}
}
-static void acpi_dsdt_add_pci(Aml *scope, const MemMapEntry *memmap, int irq)
+static void acpi_dsdt_add_pci(Aml *scope, const MemMapEntry *memmap, int irq,
+ bool use_highmem)
{
Aml *method, *crs, *ifctx, *UUID, *ifctx1, *elsectx, *buf;
int i, bus_no;
@@ -234,6 +235,17 @@ static void acpi_dsdt_add_pci(Aml *scope, const
MemMapEntry *memmap,
int irq)
AML_ENTIRE_RANGE, 0x, 0x, size_pio - 1,
base_pio,
size_pio));
+if (use_highmem) {
+hwaddr base_mmio_high = memmap[VIRT_PCIE_MMIO_HIGH].base;
+hwaddr size_mmio_high = memmap[VIRT_PCIE_MMIO_HIGH].size;
+
+aml_append(rbuf,
+aml_qword_memory(AML_POS_DECODE, AML_MIN_FIXED, AML_MAX_FIXED,
+ AML_NON_CACHEABLE, AML_READ_WRITE, 0x,
+ base_mmio_high, base_mmio_high, 0x,
+ size_mmio_high));
+}
+
aml_append(method, aml_name_decl(RBUF, rbuf));
aml_append(method, aml_return(rbuf));
aml_append(dev, method);
@@ -510,7 +522,8 @@ build_dsdt(GArray *table_data, GArray *linker,
VirtGuestInfo *guest_info)
acpi_dsdt_add_flash(scope, memmap[VIRT_FLASH]);
acpi_dsdt_add_virtio(scope, memmap[VIRT_MMIO],
(irqmap[VIRT_MMIO] + ARM_SPI_BASE),
NUM_VIRTIO_TRANSPORTS);
-acpi_dsdt_add_pci(scope, memmap, (irqmap[VIRT_PCIE] + ARM_SPI_BASE));
+acpi_dsdt_add_pci(scope, memmap, (irqmap[VIRT_PCIE] + ARM_SPI_BASE),
+ guest_info-use_highmem);
aml_append(dsdt, scope);
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index 4846892..44dcd0c 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -77,6 +77,7 @@ typedef struct {
typedef struct {
MachineState parent;
bool secure;
+bool highmem;
} VirtMachineState;
#define TYPE_VIRT_MACHINE virt
@@ -117,6 +118,7 @@ static const MemMapEntry a15memmap[] = {
[VIRT_PCIE_PIO] = { 0x3eff, 0x0001 },
[VIRT_PCIE_ECAM] = { 0x3f00, 0x0100 },
[VIRT_MEM] ={ 0x4000, 30ULL * 1024 * 1024 * 1024 },
+[VIRT_PCIE_MMIO_HIGH] = { 0x80, 0x80 },
};
static const int a15irqmap[] = {
@@ -658,7 +660,8 @@ static void create_pcie_irq_map(const VirtBoardInfo *vbi,
uint32_t
gic_phandle,
0x7 /* PCI irq */);
}
-static void create_pcie(const VirtBoardInfo *vbi, qemu_irq *pic)
+static void create_pcie(const VirtBoardInfo *vbi, qemu_irq *pic,
+bool use_highmem)
{
hwaddr base_mmio = vbi-memmap[VIRT_PCIE_MMIO].base;
hwaddr size_mmio = vbi-memmap[VIRT_PCIE_MMIO].size;
@@ -719,11 +722,33 @@ static void create_pcie(const VirtBoardInfo *vbi,
qemu_irq *pic)
qemu_fdt_setprop_sized_cells(vbi-fdt, nodename, reg,
2, base_ecam, 2, size_ecam);
-
[Qemu-devel] [RESEND PATCH v9 0/4] remove icc bus/bridge
ICC Bus was used for providing a hotpluggable bus for APIC and CPU, but now we use HotplugHandler to make hotplug. So ICC Bus is unnecessary. This code has passed the new pc-cpu-test. And I have tested with kvm along with kernel_irqchip=on/off, it works fine. This patch series is based on the latest master. v9: -use a callback to correct reset sequence for x86 -update apic mmio mapping v8: -add a wrapper to specify reset order v7: -update to register reset handler for main_system_bus when created -register reset handler for apic after all devices are initialized Chen Fan (2): apic: map APIC's MMIO region at each CPU's address space cpu/apic: drop icc bus/bridge Zhu Guihua (2): x86: use new method to correct reset sequence icc_bus: drop the unused files default-configs/i386-softmmu.mak | 1 - default-configs/x86_64-softmmu.mak | 1 - hw/cpu/Makefile.objs | 1 - hw/cpu/icc_bus.c | 118 - hw/i386/pc.c | 43 +++--- hw/i386/pc_piix.c | 9 +-- hw/i386/pc_q35.c | 9 +-- hw/intc/apic_common.c | 11 +--- include/hw/cpu/icc_bus.h | 82 -- include/hw/i386/apic_internal.h| 7 ++- include/hw/i386/pc.h | 2 +- target-i386/cpu.c | 30 +++--- 12 files changed, 52 insertions(+), 262 deletions(-) delete mode 100644 hw/cpu/icc_bus.c delete mode 100644 include/hw/cpu/icc_bus.h -- 1.9.3
[Qemu-devel] [RESEND PATCH v9 4/4] icc_bus: drop the unused files
ICC bus impl has been droped, so all icc related files are not useful
any more; delete them.
Signed-off-by: Zhu Guihua zhugh.f...@cn.fujitsu.com
---
default-configs/i386-softmmu.mak | 1 -
default-configs/x86_64-softmmu.mak | 1 -
hw/cpu/Makefile.objs | 1 -
hw/cpu/icc_bus.c | 118 -
include/hw/cpu/icc_bus.h | 82 --
5 files changed, 203 deletions(-)
delete mode 100644 hw/cpu/icc_bus.c
delete mode 100644 include/hw/cpu/icc_bus.h
diff --git a/default-configs/i386-softmmu.mak b/default-configs/i386-softmmu.mak
index 5eaafa1..70391ed 100644
--- a/default-configs/i386-softmmu.mak
+++ b/default-configs/i386-softmmu.mak
@@ -43,7 +43,6 @@ CONFIG_LPC_ICH9=y
CONFIG_PCI_Q35=y
CONFIG_APIC=y
CONFIG_IOAPIC=y
-CONFIG_ICC_BUS=y
CONFIG_PVPANIC=y
CONFIG_MEM_HOTPLUG=y
CONFIG_XIO3130=y
diff --git a/default-configs/x86_64-softmmu.mak
b/default-configs/x86_64-softmmu.mak
index 28e2099..dfb8095 100644
--- a/default-configs/x86_64-softmmu.mak
+++ b/default-configs/x86_64-softmmu.mak
@@ -44,7 +44,6 @@ CONFIG_LPC_ICH9=y
CONFIG_PCI_Q35=y
CONFIG_APIC=y
CONFIG_IOAPIC=y
-CONFIG_ICC_BUS=y
CONFIG_PVPANIC=y
CONFIG_MEM_HOTPLUG=y
CONFIG_XIO3130=y
diff --git a/hw/cpu/Makefile.objs b/hw/cpu/Makefile.objs
index 6381238..0954a18 100644
--- a/hw/cpu/Makefile.objs
+++ b/hw/cpu/Makefile.objs
@@ -2,5 +2,4 @@ obj-$(CONFIG_ARM11MPCORE) += arm11mpcore.o
obj-$(CONFIG_REALVIEW) += realview_mpcore.o
obj-$(CONFIG_A9MPCORE) += a9mpcore.o
obj-$(CONFIG_A15MPCORE) += a15mpcore.o
-obj-$(CONFIG_ICC_BUS) += icc_bus.o
diff --git a/hw/cpu/icc_bus.c b/hw/cpu/icc_bus.c
deleted file mode 100644
index 6646ea2..000
--- a/hw/cpu/icc_bus.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* icc_bus.c
- * emulate x86 ICC (Interrupt Controller Communications) bus
- *
- * Copyright (c) 2013 Red Hat, Inc
- *
- * Authors:
- * Igor Mammedov imamm...@redhat.com
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, see http://www.gnu.org/licenses/
- */
-#include hw/cpu/icc_bus.h
-#include hw/sysbus.h
-
-/* icc-bridge implementation */
-
-static const TypeInfo icc_bus_info = {
-.name = TYPE_ICC_BUS,
-.parent = TYPE_BUS,
-.instance_size = sizeof(ICCBus),
-};
-
-
-/* icc-device implementation */
-
-static void icc_device_realize(DeviceState *dev, Error **errp)
-{
-ICCDeviceClass *idc = ICC_DEVICE_GET_CLASS(dev);
-
-/* convert to QOM */
-if (idc-realize) {
-idc-realize(dev, errp);
-}
-
-}
-
-static void icc_device_class_init(ObjectClass *oc, void *data)
-{
-DeviceClass *dc = DEVICE_CLASS(oc);
-
-dc-realize = icc_device_realize;
-dc-bus_type = TYPE_ICC_BUS;
-}
-
-static const TypeInfo icc_device_info = {
-.name = TYPE_ICC_DEVICE,
-.parent = TYPE_DEVICE,
-.abstract = true,
-.instance_size = sizeof(ICCDevice),
-.class_size = sizeof(ICCDeviceClass),
-.class_init = icc_device_class_init,
-};
-
-
-/* icc-bridge implementation */
-
-typedef struct ICCBridgeState {
-/* private */
-SysBusDevice parent_obj;
-/* public */
-
-ICCBus icc_bus;
-MemoryRegion apic_container;
-} ICCBridgeState;
-
-#define ICC_BRIDGE(obj) OBJECT_CHECK(ICCBridgeState, (obj), TYPE_ICC_BRIDGE)
-
-static void icc_bridge_init(Object *obj)
-{
-ICCBridgeState *s = ICC_BRIDGE(obj);
-SysBusDevice *sb = SYS_BUS_DEVICE(obj);
-
-qbus_create_inplace(s-icc_bus, sizeof(s-icc_bus), TYPE_ICC_BUS,
-DEVICE(s), icc);
-
-/* Do not change order of registering regions,
- * APIC must be first registered region, board maps it by 0 index
- */
-memory_region_init(s-apic_container, obj, icc-apic-container,
- APIC_SPACE_SIZE);
-sysbus_init_mmio(sb, s-apic_container);
-s-icc_bus.apic_address_space = s-apic_container;
-}
-
-static void icc_bridge_class_init(ObjectClass *oc, void *data)
-{
-DeviceClass *dc = DEVICE_CLASS(oc);
-
-set_bit(DEVICE_CATEGORY_BRIDGE, dc-categories);
-}
-
-static const TypeInfo icc_bridge_info = {
-.name = TYPE_ICC_BRIDGE,
-.parent = TYPE_SYS_BUS_DEVICE,
-.instance_init = icc_bridge_init,
-.instance_size = sizeof(ICCBridgeState),
-.class_init = icc_bridge_class_init,
-};
-
-
-static void icc_bus_register_types(void)
-{
-type_register_static(icc_bus_info);
-type_register_static(icc_device_info);
-
[Qemu-devel] [RESEND PATCH v9 2/4] x86: use new method to correct reset sequence
Something must be occur during reset of the X86 platform in a specific
order. For example, the apic reset should be after some devices (such
as hpet, rtc) reset, so that the apic register could be set to default
values.
This patch uses the new QEMUMachine reset method to solve the above
problem, ensuring the various reset happen in the correct order.
Signed-off-by: Zhu Guihua zhugh.f...@cn.fujitsu.com
---
hw/i386/pc.c | 17 +
1 file changed, 17 insertions(+)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 8b7dbe5..0e83dc9 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1929,6 +1929,22 @@ static void pc_machine_initfn(Object *obj)
NULL, error_abort);
}
+static void pc_machine_reset(void)
+{
+CPUState *cs;
+X86CPU *cpu;
+
+qemu_devices_reset();
+
+CPU_FOREACH(cs) {
+cpu = X86_CPU(cs);
+
+if (cpu-apic_state) {
+device_reset(cpu-apic_state);
+}
+}
+}
+
static unsigned pc_cpu_index_to_socket_id(unsigned cpu_index)
{
unsigned pkg_id, core_id, smt_id;
@@ -1949,6 +1965,7 @@ static void pc_machine_class_init(ObjectClass *oc, void
*data)
mc-default_boot_order = cad;
mc-hot_add_cpu = pc_hot_add_cpu;
mc-max_cpus = 255;
+mc-reset = pc_machine_reset;
hc-plug = pc_machine_device_plug_cb;
hc-unplug_request = pc_machine_device_unplug_request_cb;
hc-unplug = pc_machine_device_unplug_cb;
--
1.9.3
[Qemu-devel] [RESEND PATCH v9 3/4] cpu/apic: drop icc bus/bridge
From: Chen Fan chen.fan.f...@cn.fujitsu.com
After CPU hotplug has been converted to BUS-less hot-plug infrastructure,
the only function ICC bus performs is to propagate reset to LAPICs. However
LAPIC could be reset by registering its reset handler after all device are
initialized.
Do so and drop ~200LOC of not needed anymore ICCBus related code.
Signed-off-by: Chen Fan chen.fan.f...@cn.fujitsu.com
Signed-off-by: Zhu Guihua zhugh.f...@cn.fujitsu.com
---
hw/i386/pc.c| 19 ---
hw/i386/pc_piix.c | 9 +
hw/i386/pc_q35.c| 9 +
hw/intc/apic_common.c | 5 ++---
include/hw/i386/apic_internal.h | 7 ---
include/hw/i386/pc.h| 2 +-
target-i386/cpu.c | 9 +
7 files changed, 14 insertions(+), 46 deletions(-)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 0e83dc9..7291037 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -59,7 +59,6 @@
#include qemu/error-report.h
#include hw/acpi/acpi.h
#include hw/acpi/cpu_hotplug.h
-#include hw/cpu/icc_bus.h
#include hw/boards.h
#include hw/pci/pci_host.h
#include acpi-build.h
@@ -1052,23 +1051,16 @@ void pc_acpi_smi_interrupt(void *opaque, int irq, int
level)
}
static X86CPU *pc_new_cpu(const char *cpu_model, int64_t apic_id,
- DeviceState *icc_bridge, Error **errp)
+ Error **errp)
{
X86CPU *cpu = NULL;
Error *local_err = NULL;
-if (icc_bridge == NULL) {
-error_setg(local_err, Invalid icc-bridge value);
-goto out;
-}
-
cpu = cpu_x86_create(cpu_model, local_err);
if (local_err != NULL) {
goto out;
}
-qdev_set_parent_bus(DEVICE(cpu), qdev_get_child_bus(icc_bridge, icc));
-
object_property_set_int(OBJECT(cpu), apic_id, apic-id, local_err);
object_property_set_bool(OBJECT(cpu), true, realized, local_err);
@@ -1085,7 +1077,6 @@ static const char *current_cpu_model;
void pc_hot_add_cpu(const int64_t id, Error **errp)
{
-DeviceState *icc_bridge;
X86CPU *cpu;
int64_t apic_id = x86_cpu_apic_id_from_index(id);
Error *local_err = NULL;
@@ -1114,9 +1105,7 @@ void pc_hot_add_cpu(const int64_t id, Error **errp)
return;
}
-icc_bridge = DEVICE(object_resolve_path_type(icc-bridge,
- TYPE_ICC_BRIDGE, NULL));
-cpu = pc_new_cpu(current_cpu_model, apic_id, icc_bridge, local_err);
+cpu = pc_new_cpu(current_cpu_model, apic_id, local_err);
if (local_err) {
error_propagate(errp, local_err);
return;
@@ -1124,7 +1113,7 @@ void pc_hot_add_cpu(const int64_t id, Error **errp)
object_unref(OBJECT(cpu));
}
-void pc_cpus_init(const char *cpu_model, DeviceState *icc_bridge)
+void pc_cpus_init(const char *cpu_model)
{
int i;
X86CPU *cpu = NULL;
@@ -1150,7 +1139,7 @@ void pc_cpus_init(const char *cpu_model, DeviceState
*icc_bridge)
for (i = 0; i smp_cpus; i++) {
cpu = pc_new_cpu(cpu_model, x86_cpu_apic_id_from_index(i),
- icc_bridge, error);
+ error);
if (error) {
error_report_err(error);
exit(1);
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 9558467..b6d68aa 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -39,7 +39,6 @@
#include hw/kvm/clock.h
#include sysemu/sysemu.h
#include hw/sysbus.h
-#include hw/cpu/icc_bus.h
#include sysemu/arch_init.h
#include sysemu/block-backend.h
#include hw/i2c/smbus.h
@@ -96,7 +95,6 @@ static void pc_init1(MachineState *machine)
MemoryRegion *ram_memory;
MemoryRegion *pci_memory;
MemoryRegion *rom_memory;
-DeviceState *icc_bridge;
PcGuestInfo *guest_info;
ram_addr_t lowmem;
@@ -141,11 +139,7 @@ static void pc_init1(MachineState *machine)
exit(1);
}
-icc_bridge = qdev_create(NULL, TYPE_ICC_BRIDGE);
-object_property_add_child(qdev_get_machine(), icc-bridge,
- OBJECT(icc_bridge), NULL);
-
-pc_cpus_init(machine-cpu_model, icc_bridge);
+pc_cpus_init(machine-cpu_model);
if (kvm_enabled() kvmclock_enabled) {
kvmclock_create();
@@ -223,7 +217,6 @@ static void pc_init1(MachineState *machine)
if (pci_enabled) {
ioapic_init_gsi(gsi_state, i440fx);
}
-qdev_init_nofail(icc_bridge);
pc_register_ferr_irq(gsi[13]);
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index c07d65b..ef3c490 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -43,7 +43,6 @@
#include hw/ide/pci.h
#include hw/ide/ahci.h
#include hw/usb.h
-#include hw/cpu/icc_bus.h
#include qemu/error-report.h
#include migration/migration.h
@@ -83,7 +82,6 @@ static void pc_q35_init(MachineState *machine)
int i;
ICH9LPCState *ich9_lpc;
PCIDevice *ahci;
-DeviceState *icc_bridge;
PcGuestInfo *guest_info;
ram_addr_t lowmem;
[Qemu-devel] [RESEND PATCH v9 1/4] apic: map APIC's MMIO region at each CPU's address space
From: Chen Fan chen.fan.f...@cn.fujitsu.com
Replace mapping APIC at global system address space with
mapping it at per-CPU address spaces.
Signed-off-by: Chen Fan chen.fan.f...@cn.fujitsu.com
Signed-off-by: Zhu Guihua zhugh.f...@cn.fujitsu.com
---
hw/i386/pc.c | 7 ---
hw/intc/apic_common.c | 6 --
target-i386/cpu.c | 21 +
3 files changed, 21 insertions(+), 13 deletions(-)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 9f2924e..8b7dbe5 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1158,13 +1158,6 @@ void pc_cpus_init(const char *cpu_model, DeviceState
*icc_bridge)
object_unref(OBJECT(cpu));
}
-/* map APIC MMIO area if CPU has APIC */
-if (cpu cpu-apic_state) {
-/* XXX: what if the base changes? */
-sysbus_mmio_map_overlap(SYS_BUS_DEVICE(icc_bridge), 0,
-APIC_DEFAULT_ADDRESS, 0x1000);
-}
-
/* tell smbios about cpuid version and features */
smbios_set_cpuid(cpu-env.cpuid_version, cpu-env.features[FEAT_1_EDX]);
}
diff --git a/hw/intc/apic_common.c b/hw/intc/apic_common.c
index 0032b97..c0b32eb 100644
--- a/hw/intc/apic_common.c
+++ b/hw/intc/apic_common.c
@@ -296,7 +296,6 @@ static void apic_common_realize(DeviceState *dev, Error
**errp)
APICCommonClass *info;
static DeviceState *vapic;
static int apic_no;
-static bool mmio_registered;
if (apic_no = MAX_APICS) {
error_setg(errp, %s initialization failed.,
@@ -307,11 +306,6 @@ static void apic_common_realize(DeviceState *dev, Error
**errp)
info = APIC_COMMON_GET_CLASS(s);
info-realize(dev, errp);
-if (!mmio_registered) {
-ICCBus *b = ICC_BUS(qdev_get_parent_bus(dev));
-memory_region_add_subregion(b-apic_address_space, 0, s-io_memory);
-mmio_registered = true;
-}
/* Note: We need at least 1M to map the VAPIC option ROM */
if (!vapic s-vapic_control VAPIC_ENABLE_MASK
diff --git a/target-i386/cpu.c b/target-i386/cpu.c
index cfb8aa7..8eed88c 100644
--- a/target-i386/cpu.c
+++ b/target-i386/cpu.c
@@ -2745,6 +2745,7 @@ static void x86_cpu_apic_create(X86CPU *cpu, Error **errp)
/* TODO: convert to link */
apic = APIC_COMMON(cpu-apic_state);
apic-cpu = cpu;
+apic-apicbase = APIC_DEFAULT_ADDRESS | MSR_IA32_APICBASE_ENABLE;
}
static void x86_cpu_apic_realize(X86CPU *cpu, Error **errp)
@@ -2789,8 +2790,10 @@ static void x86_cpu_realizefn(DeviceState *dev, Error
**errp)
X86CPU *cpu = X86_CPU(dev);
X86CPUClass *xcc = X86_CPU_GET_CLASS(dev);
CPUX86State *env = cpu-env;
+APICCommonState *apic;
Error *local_err = NULL;
static bool ht_warned;
+static bool apic_mmio_map_once;
if (cpu-apic_id 0) {
error_setg(errp, apic-id property was not initialized properly);
@@ -2877,6 +2880,24 @@ static void x86_cpu_realizefn(DeviceState *dev, Error
**errp)
if (local_err != NULL) {
goto out;
}
+
+/* map APIC MMIO area */
+apic = APIC_COMMON(cpu-apic_state);
+if (tcg_enabled()) {
+memory_region_add_subregion_overlap(cpu-cpu_as_root,
+apic-apicbase
+MSR_IA32_APICBASE_BASE,
+apic-io_memory,
+0x1000);
+} else if (!apic_mmio_map_once) {
+memory_region_add_subregion_overlap(get_system_memory(),
+apic-apicbase
+MSR_IA32_APICBASE_BASE,
+apic-io_memory,
+0x1000);
+apic_mmio_map_once = true;
+}
+
cpu_reset(cs);
xcc-parent_realize(dev, local_err);
--
1.9.3
Re: [Qemu-devel] [PATCH v2 0/3] SysFS driver for QEMU fw_cfg device
(missed some cc's) On 19 August 2015 at 11:38, Ard Biesheuvel ard.biesheu...@linaro.org wrote: From: Gabriel L. Somlo so...@cmu.edu Hi Gabriel, Several different architectures supported by QEMU are set up with a firmware configuration (fw_cfg) device, used to pass configuration blobs into the guest by the host running QEMU. Historically, these config blobs were mostly of interest to the guest BIOS, but since QEMU v2.4 it is possible to insert arbitrary blobs via the command line, which makes them potentially interesting to userspace (e.g. for passing early boot environment variables, etc.). Does 'potentially interesting' mean you have a use case? Could you elaborate? In addition to cc-ing the people and lists indicated by get-maintainer.pl, I've added a few extra lists suggested by Matt Fleming on the qemu-devel list, as well as the qemu-devel list itself. Also cc-ing kernelnewbies, as this is my very first kenel contribution, so please go easy on me for whatever silly n00b mistakes I might have still missed, in spite of trying hard to do all my homework properly... :) The series consists of three patches: 1/3 - probes for the qemu fw_cfg device in locations known to work on the supported architectures, in decreasing order of likelihood. While it *may* be possible to detect the presence of fw_cfg via acpi or dtb (on x86 and arm, respectively), there's no way I know of attempting that on sun4 and ppc/mac, so I've stuck with simply probing (the fw_cfg_modes[] structure and fw_cfg_io_probe() function) in fw_cfg.c. I could use some advice on how else that could be done more elegantly, if needed. Sorry, but this is really out of the question, at least on ARM, but surely on other architectures as well. You can't just go around and probe random memory addresses. Perhaps QEMU tolerates it, but on anything that resembles a real system, this will immediately blow up. Also, what happens if the QEMU memory map changes? Add more probes addresses? It is not /that/ difficult to simply wire it up to the DT and ACPI infrastructures, there are plenty of examples in the kernel tree how to accomplish that. As a bonus, it removes all the arch specific knowledge from your code, which means that if QEMU grows support for another DT or ACPI based architecture, it will just work. I am not sure how relevant sun4 and ppc/mac are for what you are trying to accomplish, but perhaps it would be best to focus on x86 and ARM for now and do it correctly. If the probing is actually needed, you can always add it later. -- Ard.
Re: [Qemu-devel] [PATCH] q35: Remove old machine versions
* Eduardo Habkost (ehabk...@redhat.com) wrote:
Migration with q35 was not possible before commit
04329029a8c539eb5f75dcb6d8b016f0c53a031a, because q35 unconditionally creates
an ich9-ahci device, that was marked as unmigratable. So all q35 machines
before pc-q35-2.4 were unmigratable, and there's no point in keeping
compatibility code for them.
Remove all old pc-q35 machine classes and keep only pc-q35-2.4.
But doesn't that mean that anyone who has a machine configured with one
of those machine types will suddenly find it wont start?
Dave
Signed-off-by: Eduardo Habkost ehabk...@redhat.com
---
hw/i386/pc_q35.c | 153
---
1 file changed, 153 deletions(-)
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 4ee653e..e482f2f 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -272,60 +272,6 @@ static void pc_q35_init(MachineState *machine)
}
}
-static void pc_compat_2_3(MachineState *machine)
-{
-PCMachineState *pcms = PC_MACHINE(machine);
-savevm_skip_section_footers();
-if (kvm_enabled()) {
-pcms-smm = ON_OFF_AUTO_OFF;
-}
-global_state_set_optional();
-savevm_skip_configuration();
-}
-
-static void pc_compat_2_2(MachineState *machine)
-{
-pc_compat_2_3(machine);
-machine-suppress_vmdesc = true;
-}
-
-static void pc_compat_2_1(MachineState *machine)
-{
-PCMachineState *pcms = PC_MACHINE(machine);
-
-pc_compat_2_2(machine);
-pcms-enforce_aligned_dimm = false;
-x86_cpu_compat_kvm_no_autodisable(FEAT_8000_0001_ECX, CPUID_EXT3_SVM);
-}
-
-static void pc_compat_2_0(MachineState *machine)
-{
-pc_compat_2_1(machine);
-}
-
-static void pc_compat_1_7(MachineState *machine)
-{
-pc_compat_2_0(machine);
-option_rom_has_mr = true;
-x86_cpu_compat_kvm_no_autoenable(FEAT_1_ECX, CPUID_EXT_X2APIC);
-}
-
-static void pc_compat_1_6(MachineState *machine)
-{
-pc_compat_1_7(machine);
-rom_file_has_mr = false;
-}
-
-static void pc_compat_1_5(MachineState *machine)
-{
-pc_compat_1_6(machine);
-}
-
-static void pc_compat_1_4(MachineState *machine)
-{
-pc_compat_1_5(machine);
-}
-
#define DEFINE_Q35_MACHINE(suffix, name, compatfn, optionfn) \
static void pc_init_##suffix(MachineState *machine) \
{ \
@@ -358,102 +304,3 @@ static void pc_q35_2_4_machine_options(MachineClass *m)
DEFINE_Q35_MACHINE(v2_4, pc-q35-2.4, NULL,
pc_q35_2_4_machine_options);
-
-
-static void pc_q35_2_3_machine_options(MachineClass *m)
-{
-pc_q35_2_4_machine_options(m);
-m-no_floppy = 0;
-m-no_tco = 1;
-m-alias = NULL;
-SET_MACHINE_COMPAT(m, PC_COMPAT_2_3);
-}
-
-DEFINE_Q35_MACHINE(v2_3, pc-q35-2.3, pc_compat_2_3,
- pc_q35_2_3_machine_options);
-
-
-static void pc_q35_2_2_machine_options(MachineClass *m)
-{
-PCMachineClass *pcmc = PC_MACHINE_CLASS(m);
-pc_q35_2_3_machine_options(m);
-SET_MACHINE_COMPAT(m, PC_COMPAT_2_2);
-pcmc-rsdp_in_ram = false;
-}
-
-DEFINE_Q35_MACHINE(v2_2, pc-q35-2.2, pc_compat_2_2,
- pc_q35_2_2_machine_options);
-
-
-static void pc_q35_2_1_machine_options(MachineClass *m)
-{
-PCMachineClass *pcmc = PC_MACHINE_CLASS(m);
-pc_q35_2_2_machine_options(m);
-m-default_display = NULL;
-SET_MACHINE_COMPAT(m, PC_COMPAT_2_1);
-pcmc-smbios_uuid_encoded = false;
-}
-
-DEFINE_Q35_MACHINE(v2_1, pc-q35-2.1, pc_compat_2_1,
- pc_q35_2_1_machine_options);
-
-
-static void pc_q35_2_0_machine_options(MachineClass *m)
-{
-PCMachineClass *pcmc = PC_MACHINE_CLASS(m);
-pc_q35_2_1_machine_options(m);
-SET_MACHINE_COMPAT(m, PC_COMPAT_2_0);
-pcmc-has_reserved_memory = false;
-pcmc-smbios_legacy_mode = true;
-pcmc-acpi_data_size = 0x1;
-}
-
-DEFINE_Q35_MACHINE(v2_0, pc-q35-2.0, pc_compat_2_0,
- pc_q35_2_0_machine_options);
-
-
-static void pc_q35_1_7_machine_options(MachineClass *m)
-{
-PCMachineClass *pcmc = PC_MACHINE_CLASS(m);
-pc_q35_2_0_machine_options(m);
-m-default_machine_opts = NULL;
-SET_MACHINE_COMPAT(m, PC_COMPAT_1_7);
-pcmc-smbios_defaults = false;
-pcmc-gigabyte_align = false;
-}
-
-DEFINE_Q35_MACHINE(v1_7, pc-q35-1.7, pc_compat_1_7,
- pc_q35_1_7_machine_options);
-
-
-static void pc_q35_1_6_machine_options(MachineClass *m)
-{
-PCMachineClass *pcmc = PC_MACHINE_CLASS(m);
-pc_q35_machine_options(m);
-SET_MACHINE_COMPAT(m, PC_COMPAT_1_6);
-pcmc-has_acpi_build = false;
-}
-
-DEFINE_Q35_MACHINE(v1_6, pc-q35-1.6, pc_compat_1_6,
- pc_q35_1_6_machine_options);
-
-
-static void pc_q35_1_5_machine_options(MachineClass *m)
-{
-pc_q35_1_6_machine_options(m);
-SET_MACHINE_COMPAT(m, PC_COMPAT_1_5);
-}
-
-DEFINE_Q35_MACHINE(v1_5, pc-q35-1.5, pc_compat_1_5,
-
Re: [Qemu-devel] [PATCH RFC, Ping 0/3] Checkpoint-assisted migration proposal
One more ping. Clearly, this patch set now requires porting to the latest QEMU, but before doing that, I would like to know if there is any interest at all in merging this feature. The patches are: http://patchwork.ozlabs.org/patch/462043/ http://patchwork.ozlabs.org/patch/462040/ http://patchwork.ozlabs.org/patch/462045/ Description: https://lists.gnu.org/archive/html/qemu-devel/2015-04/msg01555.html https://lists.gnu.org/archive/html/qemu-devel/2015-04/msg02014.html -- With best regards, Bohdan Trach On 06/09/2015 12:00 PM, Bohdan Trach wrote: Ping. The patches are: http://patchwork.ozlabs.org/patch/462043/ http://patchwork.ozlabs.org/patch/462040/ http://patchwork.ozlabs.org/patch/462045/ Description: https://lists.gnu.org/archive/html/qemu-devel/2015-04/msg01555.html https://lists.gnu.org/archive/html/qemu-devel/2015-04/msg02014.html Also, this code is being extended to also optionally use deduplication and dirty page tracking to save even more bandwidth.
Re: [Qemu-devel] Plan for using softmmu with linux-user
On 2015年08月15日 04:45, Chen Gang wrote: On 8/14/15 22:44, Richard Henderson wrote: On 08/14/2015 02:37 AM, gchen gchen wrote: - If I implement SW64 tcg backend, I guess, I cann't get help from qemu upstream: I don't think SW64 is valuable enough for upstream (either I am not sure that I can implment Alpha tcg backend in working time). It'll need some updating to apply to master, but I started an alpha backend a couple of years ago. It looks like it was last rebased in May 2014. git://github.com/rth7680/qemu.git tcg-alpha-2 After get sw_64 pc, it is much slower than I guess (it is much slower than my intel x86_64 laptop which was made in 2007-2008). So I have to use tcg backend instead of tci. Will qemu upstream accept alpha tcg backend to master tree? If possible I can do it in my working time (after simply trying, I am sure, alpha tcg backend can not work if only simply merge and let it pass building). By the way, for me, I have to process alpha/sw_64 tcg backend firstly, then process softmmu + linux-user. Welcome any ideas, suggestions, and completions. Thanks. Thank you very much, I shall clone it. I guess, it will save my much time resources. If possible, it will be better to merge the alpha tcg backend to qemu master main branch (at least for me, it is useful). :-) -- Chen Gang Open, share, and attitude like air, water, and life which God blessed
Re: [Qemu-devel] [PATCH v2 6/7] [RFC] Use DEFINE_MACHINE to register all machines
Am 2015-08-18 23:43, schrieb Eduardo Habkost:
I am sending a single patch for all machines to get some feedback, but
in the final patch series I will separate them by architecture.
Signed-off-by: Eduardo Habkost ehabk...@redhat.com
---
(Sending v2 of just patch 6/7 to avoid resending the whole series)
Changes v1 - v2:
* Fix trailing spaces and newlines
* Don't touch // comments on lines that we are not changing
* Break long lines manually
---
diff --git a/hw/lm32/lm32_boards.c b/hw/lm32/lm32_boards.c
index 70f48d3..385c25d 100644
--- a/hw/lm32/lm32_boards.c
+++ b/hw/lm32/lm32_boards.c
@@ -292,24 +292,21 @@ static void lm32_uclinux_init(MachineState
*machine)
qemu_register_reset(main_cpu_reset, reset_info);
}
-static QEMUMachine lm32_evr_machine = {
-.name = lm32-evr,
-.desc = LatticeMico32 EVR32 eval system,
-.init = lm32_evr_init,
-.is_default = 1,
-};
-
-static QEMUMachine lm32_uclinux_machine = {
-.name = lm32-uclinux,
-.desc = lm32 platform for uClinux and u-boot by Theobroma
Systems,
-.init = lm32_uclinux_init,
-.is_default = 0,
-};
-
-static void lm32_machine_init(void)
+static void lm32_evr_machine_machine_init(MachineClass *mc)
{
-qemu_register_machine(lm32_uclinux_machine);
-qemu_register_machine(lm32_evr_machine);
+mc-desc = LatticeMico32 EVR32 eval system;
+mc-init = lm32_evr_init;
+mc-is_default = 1;
}
-machine_init(lm32_machine_init);
+DEFINE_MACHINE(lm32-evr, lm32_evr_machine_machine_init);
lm32_evr_machine_machine_init, should be lm32_evr_machine_init. Maybe
you can enable your script to detect machine_machine and just use one
machine then. Same below.
+
+static void lm32_uclinux_machine_machine_init(MachineClass *mc)
+{
+mc-desc = lm32 platform for uClinux and u-boot by Theobroma
Systems;
+mc-init = lm32_uclinux_init;
+mc-is_default = 0;
+}
+
+DEFINE_MACHINE(lm32-uclinux, lm32_uclinux_machine_machine_init);
+
diff --git a/hw/lm32/milkymist.c b/hw/lm32/milkymist.c
index e755f5b..a891fb5 100644
--- a/hw/lm32/milkymist.c
+++ b/hw/lm32/milkymist.c
@@ -209,16 +209,12 @@ milkymist_init(MachineState *machine)
qemu_register_reset(main_cpu_reset, reset_info);
}
-static QEMUMachine milkymist_machine = {
-.name = milkymist,
-.desc = Milkymist One,
-.init = milkymist_init,
-.is_default = 0,
-};
-
-static void milkymist_machine_init(void)
+static void milkymist_machine_machine_init(MachineClass *mc)
{
-qemu_register_machine(milkymist_machine);
+mc-desc = Milkymist One;
+mc-init = milkymist_init;
+mc-is_default = 0;
}
-machine_init(milkymist_machine_init);
+DEFINE_MACHINE(milkymist, milkymist_machine_machine_init);
+
[Qemu-devel] [Bug 1422307] Re: qemu-nbd corrupts files
Please find attach a proposed debdiff for fixing the issue in Ubuntu Trusty by backporting the fix which is now in Wily. ** Description changed: + [Impact] + A race condition in the VDI block driver of Qemu leads to image (and thus file system) corruption under certain circumstances. + This makes Qemu tools usage for VDI formatted images particularly dangerous (qemu-img, qemu-nbd). + The bug fix introduces locks to prevent such race condition. + + + [Test Case] + A simple test case was provided in comment #5 (https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1422307/comments/5): + + $ ./qemu-img create -f vdi test.vdi 2G + Formatting 'test.vdi', fmt=vdi size=2147483648 static=off + $ ./qemu-img create -f raw test.raw 2G + Formatting 'test.raw', fmt=raw size=2147483648 + $ x86_64-softmmu/qemu-system-x86_64 -enable-kvm -drive if=virtio,file=blkverify:test.raw:test.vdi,format=raw -drive if=virtio,file=data.img,format=raw,format=raw -cdrom ~/tmp/arch.iso -m 512 -boot d + blkverify: read sector_num=810976 nb_sectors=256 contents mismatch in sector 811008 + + Operations in the guest: + $ dd if=/dev/vdb of=/dev/vda + $ dd if=/dev/vda of=/dev/null + + [Regression Potential] + In case of bugs affecting the way locks are used, deadlocks could be a regression, but they would only affect VDI images. + + + Original bug report: Dear all, On Trusty, in certain situations, try to copy files over a qemu-nbd mounted file system leads to write errors (and thus, file corruption). Here is the last example I tried: - virtual disk is a VDI disk - It has only one partition, in FAT Here is my mount process: # modprobe nbd max_part=63 # qemu-nbd -c /dev/nbd0 virtual_disk.vdi # partprobe /dev/nbd0 # mount /dev/nbd0p1 /tmp/mnt/ Partition is properly mounted at that point: /dev/nbd0p1 on /tmp/mnt type vfat (rw) Now, when I copy a file (rather big, ~28MB): # cp file_to_copy /tmp/mnt/ ; sync # md5sum /tmp/mnt/file_to_copy 2efc9f32e4267782b11d63d2f128a363 /tmp/mnt/file_to_copy - # umount /tmp/mnt + # umount /tmp/mnt # mount /dev/nbd0p1 /tmp/mnt/ # md5sum /tmp/mnt/file_to_copy 42b0a3bf73f704d03ce301716d7654de /tmp/mnt/file_to_copy The first hash was obviously the right one. On a previous attempt I did, I spotted thanks to vbindiff that parts of the file were just filed with 0s instead of actual data. It will randomly work after several attempts to write. Version information: # qemu-nbd --version qemu-nbd version 0.0.1 Written by Anthony Liguori. Cheers, ** Patch added: qemu_2.0.0+dfsg-2ubuntu1.17.diff https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1422307/+attachment/4448189/+files/qemu_2.0.0%2Bdfsg-2ubuntu1.17.diff -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1422307 Title: qemu-nbd corrupts files Status in QEMU: Fix Released Status in qemu package in Ubuntu: Fix Released Status in qemu source package in Trusty: Triaged Bug description: [Impact] A race condition in the VDI block driver of Qemu leads to image (and thus file system) corruption under certain circumstances. This makes Qemu tools usage for VDI formatted images particularly dangerous (qemu-img, qemu-nbd). The bug fix introduces locks to prevent such race condition. [Test Case] A simple test case was provided in comment #5 (https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1422307/comments/5): $ ./qemu-img create -f vdi test.vdi 2G Formatting 'test.vdi', fmt=vdi size=2147483648 static=off $ ./qemu-img create -f raw test.raw 2G Formatting 'test.raw', fmt=raw size=2147483648 $ x86_64-softmmu/qemu-system-x86_64 -enable-kvm -drive if=virtio,file=blkverify:test.raw:test.vdi,format=raw -drive if=virtio,file=data.img,format=raw,format=raw -cdrom ~/tmp/arch.iso -m 512 -boot d blkverify: read sector_num=810976 nb_sectors=256 contents mismatch in sector 811008 Operations in the guest: $ dd if=/dev/vdb of=/dev/vda $ dd if=/dev/vda of=/dev/null [Regression Potential] In case of bugs affecting the way locks are used, deadlocks could be a regression, but they would only affect VDI images. Original bug report: Dear all, On Trusty, in certain situations, try to copy files over a qemu-nbd mounted file system leads to write errors (and thus, file corruption). Here is the last example I tried: - virtual disk is a VDI disk - It has only one partition, in FAT Here is my mount process: # modprobe nbd max_part=63 # qemu-nbd -c /dev/nbd0 virtual_disk.vdi # partprobe /dev/nbd0 # mount /dev/nbd0p1 /tmp/mnt/ Partition is properly mounted at that point: /dev/nbd0p1 on /tmp/mnt type vfat (rw) Now, when I copy a file (rather big, ~28MB): # cp file_to_copy /tmp/mnt/ ; sync # md5sum /tmp/mnt/file_to_copy 2efc9f32e4267782b11d63d2f128a363 /tmp/mnt/file_to_copy # umount /tmp/mnt # mount
Re: [Qemu-devel] [PATCH 17/25] audio: remove gcc specific audio_MIN, audio_MAX
On Do, 2015-08-06 at 20:28 +0200, Kővágó, Zoltán wrote: Currently the gcc specific version only evaluates the arguments once, while the generic version evaluates one argument twice, which can cause debugging headaches when an argument has a side effect. The answer to that is don't do that. Do we have macro calls with side effects in the tree? This patch at least provides consistent behavior between compilers. Makes sense. -#else #define audio_MIN(a, b) ((a)(b)?(b):(a)) #define audio_MAX(a, b) ((a)(b)?(b):(a)) -#endif include/qemu/osdep.h already provides MIN/MAX macros. I think we should either define audio_MIN (and audio_MAX) to those, or simply do s/audio_MIN/MIN/ in audio/*.c cheers, Gerd
