Gerd Hoffmann [Thu, 4 Jun 2015 10:34:39 +0000 (12:34 +0200)]
virtio-pci: fill VirtIOPCIRegions early.
Initialize the modern bar and the VirtIOPCIRegion fields early, in
realize. Also add a size field to VirtIOPCIRegion and variables for
pci bars to VirtIOPCIProxy.
This allows virtio-pci subclasses to change things before the
device_plugged callback applies them. virtio-vga will use that to
arrange regions in a way that virtio-vga is compatible to both stdvga
(in vga mode) and virtio-gpu-pci (in pci mode).
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Cornelia Huck [Thu, 4 Jun 2015 10:34:32 +0000 (12:34 +0200)]
virtio-balloon: switch to virtio_add_feature
This was missed during the conversion of feature bit manipulation.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Jason Wang [Thu, 4 Jun 2015 10:34:30 +0000 (12:34 +0200)]
virtio-pci: correctly set host notifiers for modern bar
Currently, during host notifier set. We only add eventfd for legacy
bar, this is not correct since:
- Non-transitional device does not have legacy bar, so qemu will crash
since proxy->bar was not initialized.
- Modern device uses modern bar and notify cap to notify the device,
we should add eventfd for proxy->notify.
So this patch fixes the above two issues by adding eventfd based on
whether legacy or modern device were supported.
Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Gerd Hoffmann [Thu, 4 Jun 2015 10:34:29 +0000 (12:34 +0200)]
virtio-pci: make modern bar 64bit + prefetchable
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Gerd Hoffmann [Thu, 4 Jun 2015 10:34:28 +0000 (12:34 +0200)]
virtio-pci: change & document virtio pci bar layout.
This patch adds variables for the pci bars (to get rid of the magic
numbers in the code) and moves the modern virtio bar to region 4 so
regions 2+3 are kept free. virtio-vga wants use them.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Gerd Hoffmann [Thu, 4 Jun 2015 10:34:27 +0000 (12:34 +0200)]
virtio-pci: make QEMU_VIRTIO_PCI_QUEUE_MEM_MULT smaller
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Gerd Hoffmann [Thu, 4 Jun 2015 10:34:26 +0000 (12:34 +0200)]
virtio-pci: add flags to enable/disable legacy/modern
Add VIRTIO_PCI_FLAG_DISABLE_LEGACY and VIRTIO_PCI_FLAG_DISABLE_MODERN
for VirtIOPCIProxy->flags. Also add properties for them. They can be
used to disable modern (virtio 1.0) or legacy (virtio 0.9) modes.
By default only legacy is advertized, modern will be turned on by
default once all remaining spec compilance issues are addressed.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
virtio 1.0 defines config space as LE,
as opposed to pre-1.0 which was native endian.
Add API for transports to execute word/dword accesses in
little endian format - will be useful for mmio
and pci (byte access is also wrapped, for completeness).
For simplicity, we still keep config in host native
endian format, byteswap to LE on guest access.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Cornelia Huck [Thu, 4 Jun 2015 10:34:20 +0000 (12:34 +0200)]
vhost: 64 bit features
Make sure that all vhost interfaces use 64 bit features, as the virtio
core does, and make sure to use ULL everywhere possible to be on the
safe side.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Cornelia Huck [Thu, 4 Jun 2015 10:34:18 +0000 (12:34 +0200)]
virtio-net: enable virtio 1.0
virtio-net (non-vhost) now should have everything in place to support
virtio 1.0: let's enable the feature bit for it.
Note that VIRTIO_F_VERSION_1 is technically a transport feature; once
every device is ready for virtio 1.0, we can move setting this
feature bit out of the individual devices.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Cornelia Huck [Thu, 4 Jun 2015 10:34:17 +0000 (12:34 +0200)]
virtio-net: support longer header
virtio-1 devices always use num_buffers in the header, even if
mergeable rx buffers have not been negotiated.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Cornelia Huck [Thu, 4 Jun 2015 10:34:16 +0000 (12:34 +0200)]
virtio-net: no writeable mac for virtio-1
Devices operating as virtio 1.0 may not allow writes to the mac
address in config space.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Cornelia Huck [Thu, 4 Jun 2015 10:34:15 +0000 (12:34 +0200)]
virtio: allow to fail setting status
virtio-1 allow setting of the FEATURES_OK status bit to fail if
the negotiated feature bits are inconsistent: let's fail
virtio_set_status() in that case and update virtio-ccw to post an
error to the guest.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Cornelia Huck [Thu, 4 Jun 2015 10:34:14 +0000 (12:34 +0200)]
virtio: disallow late feature changes for virtio-1
For virtio-1 devices, the driver must not attempt to set feature bits
after it set FEATURES_OK in the device status. Simply reject it in
that case.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Cornelia Huck [Thu, 4 Jun 2015 10:34:13 +0000 (12:34 +0200)]
dataplane: allow virtio-1 devices
Handle endianness conversion for virtio-1 virtqueues correctly.
Note that dataplane now needs to be built per-target.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Cornelia Huck [Thu, 4 Jun 2015 10:34:12 +0000 (12:34 +0200)]
virtio: allow virtio-1 queue layout
For virtio-1 devices, we allow a more complex queue layout that doesn't
require descriptor table and rings on a physically-contigous memory area:
add virtio_queue_set_rings() to allow transports to set this up.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Cornelia Huck [Thu, 4 Jun 2015 10:34:11 +0000 (12:34 +0200)]
virtio: endianness checks for virtio 1.0 devices
Add code that checks for the VERSION_1 feature bit in order to make
decisions about the device's endianness. This allows us to support
transitional devices.
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Peter Maydell [Wed, 10 Jun 2015 14:10:14 +0000 (15:10 +0100)]
Merge remote-tracking branch 'remotes/stefanha/tags/CVE-2015-3209-pcnet-tx-buffer-fix-pull-request' into staging
# gpg: Signature made Wed Jun 10 15:04:11 2015 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
* remotes/stefanha/tags/CVE-2015-3209-pcnet-tx-buffer-fix-pull-request:
pcnet: force the buffer access to be in bounds during tx
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Petr Matousek [Sun, 24 May 2015 08:53:44 +0000 (10:53 +0200)]
pcnet: force the buffer access to be in bounds during tx
4096 is the maximum length per TMD and it is also currently the size of
the relay buffer pcnet driver uses for sending the packet data to QEMU
for further processing. With packet spanning multiple TMDs it can
happen that the overall packet size will be bigger than sizeof(buffer),
which results in memory corruption.
Fix this by only allowing to queue maximum sizeof(buffer) bytes.
This is CVE-2015-3209.
[Fixed 3-space indentation to QEMU's 4-space coding standard.
--Stefan]
Signed-off-by: Petr Matousek <pmatouse@redhat.com> Reported-by: Matt Tait <matttait@google.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
It has been reported that sometimes the .rodata section of SeaBIOS,
containing the constant string against which the SMBIOS signature
ends up being compared, also falls within the guest f-segment. In
that case, the test obviously fails, unless we continue searching
for the *real* SMBIOS entry point.
Rather than stopping at the first match for the SMBIOS signature
("_SM_") in the f-segment (0xF0000-0xFFFFF), continue scanning
until either a valid entry point table is found, or the f-segment
has been exhausted.
Reported-by: Bruce Rogers <brogers@suse.com> Signed-off-by: Gabriel Somlo <somlo@cmu.edu> Tested-by: Bruce Rogers <brogers@suse.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Gabriel L. Somlo [Wed, 29 Apr 2015 15:21:53 +0000 (11:21 -0400)]
fw_cfg: insert fw_cfg file blobs via qemu cmdline
Allow user supplied files to be inserted into the fw_cfg
device before starting the guest. Since fw_cfg_add_file()
already disallows duplicate fw_cfg file names, qemu will
exit with an error message if the user supplies multiple
blobs with the same fw_cfg file name, or if a blob name
collides with a fw_cfg name programmatically added from
within the QEMU source code. A warning message will be
printed if the fw_cfg item name does not begin with the
prefix "opt/", which is recommended for external, user
provided blobs.
Gabriel L. Somlo [Wed, 29 Apr 2015 15:21:52 +0000 (11:21 -0400)]
fw_cfg: prohibit insertion of duplicate fw_cfg file names
Exit with an error (instead of simply logging a trace event)
whenever the same fw_cfg file name is added multiple times via
one of the fw_cfg_add_file[_callback]() host-side API calls.
Gabriel L. Somlo [Wed, 29 Apr 2015 15:21:50 +0000 (11:21 -0400)]
fw_cfg: remove support for guest-side data writes
From this point forward, any guest-side writes to the fw_cfg
data register will be treated as no-ops. This patch also removes
the unused host-side API function fw_cfg_add_callback(), which
allowed the registration of a callback to be executed each time
the guest completed a full overwrite of a given fw_cfg data item.
fw_cfg: fix FW_CFG_BOOT_DEVICE update on ppc and sparc
On ppc, sparc, and sparc64, the value of the FW_CFG_BOOT_DEVICE 16bit
fw_cfg entry is repeatedly modified from a series of callbacks, which
currently results in the previous value's dynamically allocated memory
being leaked.
This patch switches updating to the new fw_cfg_modify_i16() call, which
does not cause memory leaks.
Signed-off-by: Gabriel Somlo <somlo@cmu.edu> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Peter Maydell [Tue, 9 Jun 2015 14:29:34 +0000 (15:29 +0100)]
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150609' into staging
Collected TCG patches
# gpg: Signature made Tue Jun 9 15:06:18 2015 BST using RSA key ID 4DD0279B
# gpg: Good signature from "Richard Henderson <rth7680@gmail.com>"
# gpg: aka "Richard Henderson <rth@redhat.com>"
# gpg: aka "Richard Henderson <rth@twiddle.net>"
* remotes/rth/tags/pull-tcg-20150609:
tcg/optimize: rename tcg_constant_folding
tcg/optimize: fold constant test in tcg_opt_gen_mov
tcg/optimize: fold temp copies test in tcg_opt_gen_mov
tcg/optimize: remove opc argument from tcg_opt_gen_mov
tcg/optimize: remove opc argument from tcg_opt_gen_movi
tcg: fix dead computation for repeated input arguments
tcg: fix register allocation with two aliased dead inputs
tcg: Handle MO_AMASK in tcg_dump_ops
tcg: Mask TCGMemOp appropriately for indexing
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Aurelien Jarno [Thu, 4 Jun 2015 19:53:27 +0000 (21:53 +0200)]
tcg/optimize: rename tcg_constant_folding
The tcg_constant_folding folding ends up doing all the optimizations
(which is a good thing to avoid looping on all ops multiple time), so
make it clear and just rename it tcg_optimize.
Cc: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Message-Id: <1433447607-31184-6-git-send-email-aurelien@aurel32.net> Signed-off-by: Richard Henderson <rth@twiddle.net>
Aurelien Jarno [Thu, 4 Jun 2015 19:53:25 +0000 (21:53 +0200)]
tcg/optimize: fold temp copies test in tcg_opt_gen_mov
Each call to tcg_opt_gen_mov is preceeded by a test to check if the
source and destination temps are copies. Fold that into the
tcg_opt_gen_mov function.
Cc: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Message-Id: <1433447607-31184-4-git-send-email-aurelien@aurel32.net> Signed-off-by: Richard Henderson <rth@twiddle.net>
Aurelien Jarno [Thu, 4 Jun 2015 19:47:08 +0000 (21:47 +0200)]
tcg: fix dead computation for repeated input arguments
When the same temp is used twice or more as an input argument to a TCG
instruction, the dead computation code doesn't recognize the second use
as a dead temp. This is because the temp is marked as live in the same
loop where dead inputs are checked.
The fix is to split the loop in two parts. This avoid emitting a move
and using a register for the movcond instruction when used as "move if
true" on x86-64. This might bring more improvements on RISC TCG targets
which don't have outputs aliased to inputs.
Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Message-Id: <1433447228-29425-3-git-send-email-aurelien@aurel32.net> Signed-off-by: Richard Henderson <rth@twiddle.net>
Aurelien Jarno [Thu, 4 Jun 2015 19:47:07 +0000 (21:47 +0200)]
tcg: fix register allocation with two aliased dead inputs
For TCG ops with two outputs registers (add2, sub2, div2, div2u), when
the same input temp is used for the two inputs aliased to the two
outputs, and when these inputs are both dead, the register allocation
code wrongly assigned the same register to the same output.
This happens for example with sub2 t1, t2, t3, t3, t4, t5, when t3 is
not used anymore after the TCG op. In that case the same register is
used for t1, t2 and t3.
The fix is to look for already allocated aliased input when allocating
a dead aliased input and check that the register is not already
used.
Cc: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Message-Id: <1433447228-29425-2-git-send-email-aurelien@aurel32.net> Signed-off-by: Richard Henderson <rth@twiddle.net>
The addition of MO_AMASK means that places that used inverted masks
need to be changed to use positive masks, and places that failed to
mask the intended bits need updating.
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com> Tested-by: Yongbok Kim <yongbok.kim@imgtec.com> Signed-off-by: Richard Henderson <rth@twiddle.net>
Peter Maydell [Tue, 9 Jun 2015 10:07:41 +0000 (11:07 +0100)]
Merge remote-tracking branch 'remotes/borntraeger/tags/s390x-20150609' into staging
s390x/virtio-ccw: migration and virtio for 2.4
1. Migration fixups
2. virtio 9pfs
# gpg: Signature made Tue Jun 9 09:00:05 2015 BST using RSA key ID B5A61C7C
# gpg: Good signature from "Christian Borntraeger (IBM) <borntraeger@de.ibm.com>"
* remotes/borntraeger/tags/s390x-20150609:
s390x/migration: add comment about floating point migration
s390x/kvm: always ignore empty vcpu interrupt state
virtio-ccw/migration: Migrate config vector for virtio devices
virtio-ccw: add support for 9pfs
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 9 Jun 2015 09:05:29 +0000 (10:05 +0100)]
Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2015-06-09' into staging
Error reporting patches
# gpg: Signature made Tue Jun 9 06:42:15 2015 BST using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>"
* remotes/armbru/tags/pull-error-2015-06-09:
vhost-user: Improve -netdev/netdev_add/-net/... error reporting
QemuOpts: Convert qemu_opt_foreach() to Error
QemuOpts: Drop qemu_opt_foreach() parameter abort_on_failure
blkdebug: Simplify passing of Error through qemu_opts_foreach()
QemuOpts: Convert qemu_opts_foreach() to Error
QemuOpts: Drop qemu_opts_foreach() parameter abort_on_failure
vl: Fail right after first bad -object
vl: Print -device help at most once
vl: Report failure to sandbox at most once
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alberto Garcia [Mon, 8 Jun 2015 09:12:15 +0000 (11:12 +0200)]
sdl2: fix crash in handle_windowevent() when restoring the screen size
The Ctrl-Alt-u keyboard shortcut restores the screen to its original
size. In the SDL2 UI this is done by destroying the window and
creating a new one. The old window emits SDL_WINDOWEVENT_HIDDEN when
it's destroyed, but trying to call SDL_GetWindowFromID() from that
event's window ID returns a null pointer. handle_windowevent() assumes
that the pointer is never null so it results in a crash.
Cc: qemu-stable@nongnu.org Signed-off-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
s390x/migration: add comment about floating point migration
commit 46c804def4bd ("s390x: move fpu regs into a subsection
of the vmstate") moved the fprs into a subsection and bumped
the version number. This will allow to not transfer fprs in
the future if necessary. Add a comment to mark the return true
as intentional.
CC: Juan Quintela <quintela@redhat.com> CC: David Hildenbrand <dahi@linux.vnet.ibm.com> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Message-Id: <1433758884-2997-1-git-send-email-borntraeger@de.ibm.com> Reviewed-by: Juan Quintela <quintela@redhat.com>
When -netdev vhost-user fails, it first reports a specific error, then
one or more generic ones, like this:
$ qemu-system-x86_64 -netdev vhost-user,id=foo,chardev=xxx
qemu-system-x86_64: -netdev vhost-user,id=foo,chardev=xxx: chardev "xxx" not found
qemu-system-x86_64: -netdev vhost-user,id=foo,chardev=xxx: No suitable chardev found
qemu-system-x86_64: -netdev vhost-user,id=foo,chardev=xxx: Device 'vhost-user' could not be initialized
With the command line, the messages go to stderr. In HMP, they go to
the monitor. In QMP, the last one becomes the error reply, and the
others go to stderr.
Convert net_init_vhost_user() and its helpers to Error. This
suppresses the unwanted unspecific error messages, and makes the
specific error the QMP error reply.
Cc: Stefan Hajnoczi <stefanha@redhat.com> Cc: Jason Wang <jasowang@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
blkdebug: Simplify passing of Error through qemu_opts_foreach()
Cc: Kevin Wolf <kwolf@redhat.com> Cc: qemu-block@nongnu.org Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Acked-by: Kevin Wolf <kwolf@redhat.com>
Failure to create an object with -object is a fatal error. However,
we delay the actual exit until all -object are processed. On the one
hand, this permits detection of genuine additional errors. On the
other hand, it can muddy the waters with uninteresting additional
errors, e.g. when a later -object tries to reference a prior one that
failed.
We generally stop right on the first bad option, so do that for
-object as well.
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
Peter Maydell [Mon, 8 Jun 2015 14:57:41 +0000 (15:57 +0100)]
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
* KVM error improvement from Laurent
* CONFIG_PARALLEL fix from Mirek
* Atomic/optimized dirty bitmap access from myself and Stefan
* BUILD_DIR convenience/bugfix from Peter C
* Memory leak fix from Shannon
* SMM improvements (though still TCG only) from myself and Gerd, acked by mst
# gpg: Signature made Fri Jun 5 18:45:20 2015 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini/tags/for-upstream: (62 commits)
update Linux headers from kvm/next
atomics: add explicit compiler fence in __atomic memory barriers
ich9: implement SMI_LOCK
q35: implement TSEG
q35: add test for SMRAM.D_LCK
q35: implement SMRAM.D_LCK
q35: add config space wmask for SMRAM and ESMRAMC
q35: fix ESMRAMC default
q35: implement high SMRAM
hw/i386: remove smram_update
target-i386: use memory API to implement SMRAM
hw/i386: add a separate region that tracks the SMRAME bit
target-i386: create a separate AddressSpace for each CPU
vl: run "late" notifiers immediately
qom: add object_property_add_const_link
vl: allow full-blown QemuOpts syntax for -global
pflash_cfi01: add secure property
pflash_cfi01: change to new-style MMIO accessors
pflash_cfi01: change big-endian property to BIT type
target-i386: wake up processors that receive an SMI
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 8 Jun 2015 13:07:32 +0000 (14:07 +0100)]
Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging
# gpg: Signature made Fri Jun 5 20:59:07 2015 BST using RSA key ID AAFC390E
# gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB
# Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E
* remotes/jnsnow/tags/ide-pull-request:
macio: remove remainder_len DBDMA_io property
macio: update comment/constants to reflect the new code
macio: switch pmac_dma_write() over to new offset/len implementation
macio: switch pmac_dma_read() over to new offset/len implementation
fdc-test: Test state for existing cases more thoroughly
fdc: Fix MSR.RQM flag
fdc: Disentangle phases in fdctrl_read_data()
fdc: Code cleanup in fdctrl_write_data()
fdc: Use phase in fdctrl_write_data()
fdc: Introduce fdctrl->phase
fdc: Rename fdctrl_set_fifo() to fdctrl_to_result_phase()
fdc: Rename fdctrl_reset_fifo() to fdctrl_to_command_phase()
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alexander Graf [Fri, 5 Jun 2015 09:05:03 +0000 (11:05 +0200)]
machine: Drop use of DEFAULT_RAM_SIZE in help text
As of commit 076b35b5a (machine: add default_ram_size to machine
class) we no longer have a global default ram size, but instead
machine specific defaults. When invoking qemu --help we don't know
which machine you selected, so we can't tell the user the default RAM
size in the help text anymore now.
Thus I don't see an easy way to expose the default ram size to the
user in the help text. The easiest option IMHO is to just drop this
piece of information.
Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de> Acked-by: Laurent Desnogues <laurent.desnogues@gmail.com> Acked-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Message-id: 1433495103-62084-1-git-send-email-agraf@suse.de
[PMM: rewrapped long commit message lines] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Paolo Bonzini [Wed, 3 Jun 2015 12:21:20 +0000 (14:21 +0200)]
atomics: add explicit compiler fence in __atomic memory barriers
__atomic_thread_fence does not include a compiler barrier; in the
C++11 memory model, fences take effect in combination with other
atomic operations. GCC implements this by making __atomic_load and
__atomic_store access memory as if the pointer was volatile, and
leaves no trace whatsoever of acquire and release fences in the
compiler's intermediate representation.
In QEMU, we want memory barriers to act on all memory, but at the same
time we would like to use __atomic_thread_fence for portability reasons.
Add compiler barriers manually around the __atomic_thread_fence.
Message-Id: <1433334080-14912-1-git-send-email-pbonzini@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Gerd Hoffmann [Wed, 6 May 2015 08:58:30 +0000 (10:58 +0200)]
ich9: implement SMI_LOCK
Add write mask for the smi enable register, so we can disable write
access to certain bits. Open all bits on reset. Disable write access
to GBL_SMI_EN when SMI_LOCK (in ich9 lpc pci config space) is set.
Write access to SMI_LOCK itself is disabled too.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
TSEG provides larger amounts of SMRAM than the 128 KB available with
legacy SMRAM and high SMRAM.
Route access to tseg into nowhere when enabled, for both cpus and
busmaster dma, and add tseg window to smram region, so cpus can access
it in smm mode.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com>
[Fix compilation of the newly introduced test. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Once the SMRAM.D_LCK bit has been set by the guest several bits in SMRAM
and ESMRAMC become readonly until the next machine reset. Implement
this by updating the wmask accordingly when the guest sets the lock bit.
As the lock it itself is locked down too we don't need to worry about
the guest clearing the lock bit.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 31 Mar 2015 15:13:01 +0000 (17:13 +0200)]
q35: implement high SMRAM
When H_SMRAME is 1, low memory at 0xa0000 is left alone by
SMM, and instead the chipset maps the 0xa0000-0xbffff window at
0xfeda0000-0xfedbffff. This affects both the "non-SMM" view controlled
by D_OPEN and the SMM view controlled by G_SMRAME, so add two new
MemoryRegions and toggle the enabled/disabled state of all four
in mch_update_smram.
Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 31 Mar 2015 12:12:25 +0000 (14:12 +0200)]
target-i386: use memory API to implement SMRAM
Remove cpu_smm_register and cpu_smm_update. Instead, each CPU
address space gets an extra region which is an alias of
/machine/smram. This extra region is enabled or disabled
as the CPU enters/exits SMM.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 31 Mar 2015 12:10:22 +0000 (14:10 +0200)]
hw/i386: add a separate region that tracks the SMRAME bit
This region is exported at /machine/smram. It is "empty" if
SMRAME=0 and points to SMRAM if SMRAME=1. The CPU will
enable/disable it as it enters or exits SMRAM.
While touching nearby code, the existing memory region setup was
slightly inconsistent. The smram_region is *disabled* in order to open
SMRAM (because the smram_region shows the low VRAM instead of the RAM
at 0xa0000). Because SMRAM is closed at startup, the smram_region must
be enabled when creating the i440fx or q35 devices.
Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Thu, 9 Apr 2015 12:16:19 +0000 (14:16 +0200)]
vl: allow full-blown QemuOpts syntax for -global
-global does not work for drivers that have a dot in their name, such as
cfi.pflash01. This is just a parsing limitation, because such globals
can be declared easily inside a -readconfig file.
To allow this usage, support the full QemuOpts key/value syntax for -global
too, for example "-global driver=cfi.pflash01,property=secure,value=on".
The two formats do not conflict, because the key/value syntax does not have
a period before the first equal sign.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Wed, 8 Apr 2015 12:09:43 +0000 (14:09 +0200)]
pflash_cfi01: add secure property
When this property is set, MMIO accesses are only allowed with the
MEMTXATTRS_SECURE attribute. This is used for secure access to UEFI
variables stored in flash.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 19 May 2015 11:46:47 +0000 (13:46 +0200)]
target-i386: wake up processors that receive an SMI
An SMI should definitely wake up a processor in halted state!
This lets OVMF boot with SMM on multiprocessor systems, although
it halts very soon after that with a "CpuIndex != BspIndex"
assertion failure.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
projects / mirror_qemu.git / log