aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2017-06-05numa: make hmp 'info numa' fetch numa nodes from qmp_query_cpus() resultIgor Mammedov1-4/+7
HMP command 'info numa' is the last external user that access CPUState::numa_node field directly. In order to move it to CPU classes that actually use it, eliminate direct access and use an alternative approach by using result of qmp_query_cpus(), which provides topology properties CPU threads are associated with (including node-id). Signed-off-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <1496161442-96665-5-git-send-email-imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-06-05numa: make sure that all cpus have has_node_id set if numa is enabledIgor Mammedov5-25/+18
It fixes/add missing _PXM object for non mapped CPU (x86) and missing fdt node (virt-arm). It ensures that possible_cpus contains complete mapping if numa is enabled by the time machine_init() is executed. As result non completely mapped CPUs: 1) appear in ACPI/fdt blobs 2) QMP query-hotpluggable-cpus command shows bound nodes for such CPUs 3) allows to drop checks for has_node_id in numa only code, reducing number of invariants incomplete mapping could produce 4) moves fixup/implicit node init from runtime numa_cpu_pre_plug() (when CPU object is created) to machine_numa_finish_init() which helps to fix [1, 2] and make possible_cpus complete source of numa mapping available even before CPUs are created. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <1496161442-96665-4-git-send-email-imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-06-05numa: move default mapping init to machineIgor Mammedov2-36/+23
there is no need use cpu_index_to_instance_props() for setting default cpu -> node mapping. Generic machine code can do it without cpu_index by just enabling already preset defaults in possible_cpus. PS: as bonus it makes one less user of cpu_index_to_instance_props() Signed-off-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <1496161442-96665-3-git-send-email-imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-06-05numa: consolidate cpu_preplug fixups/checks for pc/arm/spaprIgor Mammedov5-46/+28
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Message-Id: <1496161442-96665-2-git-send-email-imammedo@redhat.com> [ehabkost: Fix indentation] Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-06-05pc: Use "min-[x]level" on compat_propsEduardo Habkost2-21/+59
Since the automatic cpuid-level code was introduced in commit c39c0edf9bb3b968ba95484465a50c7b19f4aa3a ("target-i386: Automatically set level/xlevel/xlevel2 when needed"), the CPU model tables just define the default CPUID level code (set using "min-level"). Setting "[x]level" forces CPUID level to a specific value and disable the automatic-level logic. But the PC compat code was not updated and the existing "[x]level" compat properties broke compatibility for people using features that triggered the auto-level code. To keep previous behavior, we should set "min-[x]level" instead of "[x]level" on compat_props. This was not a problem for most cases, because old machine-types don't have full-cpuid-auto-level enabled. The only common use case it broke was the CPUID[7] auto-level code, that was already enabled since the first CPUID[7] feature was introduced (in QEMU 1.4.0). This causes the regression reported at: https://bugzilla.redhat.com/show_bug.cgi?id=1454641 Change the PC compat code to use "min-[x]level" instead of "[x]level" on compat_props, and add new test cases to ensure we don't break this again. Reported-by: "Guo, Zhiyi" <zhguo@redhat.com> Fixes: c39c0edf9bb ("target-i386: Automatically set level/xlevel/xlevel2 when needed") Cc: qemu-stable@nongnu.org Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-06-05Merge remote-tracking branch 'remotes/elmarco/tags/chrfe-pull-request' into ↵Peter Maydell120-1158/+1126
staging # gpg: Signature made Fri 02 Jun 2017 20:12:48 BST # gpg: using RSA key 0xDAE8E10975969CE5 # gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>" # gpg: aka "Marc-André Lureau <marcandre.lureau@gmail.com>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 87A9 BD93 3F87 C606 D276 F62D DAE8 E109 7596 9CE5 * remotes/elmarco/tags/chrfe-pull-request: char: move char devices to chardev/ char: make chr_fe_deinit() optionaly delete backend char: rename functions that are not part of fe char: move CharBackend handling in char-fe unit char: generalize qemu_chr_write_all() be-hci: use backend functions chardev: serial & parallel declaration to own headers chardev: move headers to include/chardev Remove/replace sysemu/char.h inclusion char-win: close file handle except with console char-win: rename hcom->file char-win: rename win_chr_init/poll win_chr_serial_init/poll char-win: remove WinChardev.len char-win: simplify win_chr_read() char: cast ARRAY_SIZE() as signed to silent warning on empty array Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell10-81/+412
virtio, vhost: fixes, features IOTLB support in vhost-user. A bunch of fixes all over the place. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Fri 02 Jun 2017 17:33:25 BST # gpg: using RSA key 0x281F0DB8D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67 # Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469 * remotes/mst/tags/for_upstream: spec/vhost-user spec: Add IOMMU support vhost-user: add slave-req-fd support vhost-user: add vhost_user to hold the chr vhost: rework IOTLB messaging vhost: propagate errors in vhost_device_iotlb_miss() virtio-serial: fix segfault on disconnect virtio: add virtqueue_alloc_element tracepoint virtio-serial-bus: Unset hotplug handler when unrealize Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02spec/vhost-user spec: Add IOMMU supportMaxime Coquelin3-3/+130
This patch specifies and implements the master/slave communication to support device IOTLB in slave. The vhost_iotlb_msg structure introduced for kernel backends is re-used, making the design close between the two backends. An exception is the use of the secondary channel to enable the slave to send IOTLB miss requests to the master. Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-06-02vhost-user: add slave-req-fd supportMarc-André Lureau2-2/+157
Learn to give a socket to the slave to let him make requests to the master. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-06-02vhost-user: add vhost_user to hold the chrMarc-André Lureau1-3/+16
Next patches will add more fields to the structure Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-06-02vhost: rework IOTLB messagingMaxime Coquelin3-69/+92
This patch reworks IOTLB messaging to prepare for vhost-user device IOTLB support. IOTLB messages handling is extracted from vhost-kernel backend, so that only the messages transport remains backend specifics. Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-06-02vhost: propagate errors in vhost_device_iotlb_miss()Maxime Coquelin2-6/+11
Some backends might want to know when things went wrong. Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-06-02virtio-serial: fix segfault on disconnectStefan Hajnoczi1-0/+3
Since commit d4c19cdeeb2f1e474bc426a6da261f1d7346eb5b ("virtio-serial: add missing virtio_detach_element() call") the following commands may cause QEMU to segfault: $ qemu -M accel=kvm -cpu host -m 1G \ -drive if=virtio,file=test.img,format=raw \ -device virtio-serial-pci,id=virtio-serial0 \ -chardev socket,id=channel1,path=/tmp/chardev.sock,server,nowait \ -device virtserialport,chardev=channel1,bus=virtio-serial0.0,id=port1 $ nc -U /tmp/chardev.sock ^C (guest)$ cat /dev/zero >/dev/vport0p1 The segfault is non-deterministic: if the event loop notices the socket has been closed then there is no crash. The disconnect has to happen right before QEMU attempts to write data to the socket. The backtrace is as follows: Thread 1 "qemu-system-x86" received signal SIGSEGV, Segmentation fault. 0x00005555557e0698 in do_flush_queued_data (port=0x5555582cedf0, vq=0x7fffcc854290, vdev=0x55555807b1d0) at hw/char/virtio-serial-bus.c:180 180 for (i = port->iov_idx; i < port->elem->out_num; i++) { #1 0x000055555580d363 in virtio_queue_notify_vq (vq=0x7fffcc854290) at hw/virtio/virtio.c:1524 #2 0x000055555580d363 in virtio_queue_host_notifier_read (n=0x7fffcc8542f8) at hw/virtio/virtio.c:2430 #3 0x0000555555b3482c in aio_dispatch_handlers (ctx=ctx@entry=0x5555566b8c80) at util/aio-posix.c:399 #4 0x0000555555b350d8 in aio_dispatch (ctx=0x5555566b8c80) at util/aio-posix.c:430 #5 0x0000555555b3212e in aio_ctx_dispatch (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>) at util/async.c:261 #6 0x00007fffde71de52 in g_main_context_dispatch () at /lib64/libglib-2.0.so.0 #7 0x0000555555b34353 in glib_pollfds_poll () at util/main-loop.c:213 #8 0x0000555555b34353 in os_host_main_loop_wait (timeout=<optimized out>) at util/main-loop.c:261 #9 0x0000555555b34353 in main_loop_wait (nonblocking=<optimized out>) at util/main-loop.c:517 #10 0x0000555555773207 in main_loop () at vl.c:1917 #11 0x0000555555773207 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4751 The do_flush_queued_data() function does not anticipate chardev close events during vsc->have_data(). It expects port->elem to remain non-NULL for the duration its for loop. The fix is simply to return from do_flush_queued_data() if the port closes because the close event already frees port->elem and drains the virtqueue - there is nothing left for do_flush_queued_data() to do. Reported-by: Sitong Liu <siliu@redhat.com> Reported-by: Min Deng <mdeng@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-06-02virtio: add virtqueue_alloc_element tracepointPaolo Bonzini2-0/+2
This tracepoint can help diagnosing failures due to memory fragmentation in the guest. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2017-06-02virtio-serial-bus: Unset hotplug handler when unrealizeLadi Prosek1-0/+3
Virtio serial device controls the lifetime of virtio-serial-bus and virtio-serial-bus links back to the device via its hotplug-handler property. This extra ref-count prevents the device from getting finalized, leaving the VirtIODevice memory listener registered and leading to use-after-free later on. This patch addresses the same issue as Fam Zheng's "virtio-scsi: Unset hotplug handler when unrealize" only for a different virtio device. Cc: qemu-stable@nongnu.org Signed-off-by: Ladi Prosek <lprosek@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com>
2017-06-02Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into stagingPeter Maydell2-36/+46
# gpg: Signature made Fri 02 Jun 2017 16:32:39 BST # gpg: using RSA key 0xBDBE7B27C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>" # gpg: aka "Jeffrey Cody <jeff@codyprime.org>" # gpg: aka "Jeffrey Cody <codyprime@gmail.com>" # Primary key fingerprint: 9957 4B4D 3474 90E7 9D98 D624 BDBE 7B27 C0DE 3057 * remotes/cody/tags/block-pull-request: gluster: add support for PREALLOC_MODE_FALLOC Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02gluster: add support for PREALLOC_MODE_FALLOCNiels de Vos2-36/+46
Add missing support for "preallocation=falloc" to the Gluster block driver. This change bases its logic on that of block/file-posix.c and removed the gluster_supports_zerofill() and qemu_gluster_zerofill() functions in favour of #ifdef checks in an easy to read switch-statement. Both glfs_zerofill() and glfs_fallocate() have been introduced with GlusterFS 3.5.0 (pkg-config glusterfs-api = 6). A #define for the availability of glfs_fallocate() has been added to ./configure. Reported-by: Satheesaran Sundaramoorthi <sasundar@redhat.com> Signed-off-by: Niels de Vos <ndevos@redhat.com> Message-id: 20170528063114.28691-1-ndevos@redhat.com URL: https://bugzilla.redhat.com/1450759 Signed-off-by: Niels de Vos <ndevos@redhat.com> Signed-off-by: Jeff Cody <jcody@redhat.com>
2017-06-02Merge remote-tracking branch 'remotes/mcayland/tags/qemu-sparc-signed' into ↵Peter Maydell8-124/+105
staging qemu-sparc update # gpg: Signature made Fri 02 Jun 2017 06:09:17 BST # gpg: using RSA key 0x5BC2C56FAE0F321F # gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>" # Primary key fingerprint: CC62 1AB9 8E82 200D 915C C9C4 5BC2 C56F AE0F 321F * remotes/mcayland/tags/qemu-sparc-signed: hw/sparc64: QOM'ify sun4u.c hw/sparc: QOM'ify sun4m.c hw/timer: QOM'ify slavio_timer hw/timer: QOM'ify m48txx_sysbus hw/misc: QOM'ify slavio_misc.c hw/dma: QOM'ify sun4m_iommu.c hw/dma: QOM'ify sparc32_dma.c hw/misc: QOM'ify eccmemctl.c Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20170601' ↵Peter Maydell49-319/+510
into staging migration/next for 20170601 # gpg: Signature made Thu 01 Jun 2017 17:51:04 BST # gpg: using RSA key 0xF487EF185872D723 # gpg: Good signature from "Juan Quintela <quintela@redhat.com>" # gpg: aka "Juan Quintela <quintela@trasno.org>" # Primary key fingerprint: 1899 FF8E DEBF 58CC EE03 4B82 F487 EF18 5872 D723 * remotes/juanquintela/tags/migration/20170601: migration: Move include/migration/block.h into migration/ migration: Export ram.c functions in its own file migration: Create include for migration snapshots migration: Export rdma.c functions in its own file migration: Export tls.c functions in its own file migration: Export socket.c functions in its own file migration: Export fd.c functions in its own file migration: Export exec.c functions in its own file migration: Split qemu-file.h migration: Remove unneeded includes of migration/vmstate.h migration: shut src return path unconditionally migration: fix leak of src file on dst migration: Remove section_id parameter from vmstate_load migration: loadvm handlers are not used migration: Use savevm_handlers instead of loadvm copy Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02Merge remote-tracking branch ↵Peter Maydell16-157/+648
'remotes/pmaydell/tags/pull-target-arm-20170602' into staging target-arm queue: * virt: numa: provide ACPI distance info when needed * aspeed: fix i2c controller bugs * M profile: support MPU * gicv3: fix mishandling of BPR1, VBPR1 * load_uboot_image: don't assume a full header read * libvixl: Correct build failures on NetBSD # gpg: Signature made Fri 02 Jun 2017 12:00:42 BST # gpg: using RSA key 0x3C2525ED14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" # gpg: aka "Peter Maydell <pmaydell@gmail.com>" # gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" # Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE * remotes/pmaydell/tags/pull-target-arm-20170602: (25 commits) hw/arm/virt: fdt: generate distance-map when needed hw/arm/virt-acpi-build: build SLIT when needed aspeed: add some I2C devices to the Aspeed machines aspeed/i2c: introduce a state machine aspeed/i2c: handle LAST command under the RX command aspeed/i2c: improve command handling arm: Implement HFNMIENA support for M profile MPU arm: add MPU support to M profile CPUs armv7m: Classify faults as MemManage or BusFault arm: All M profile cores are PMSA armv7m: Implement M profile default memory map armv7m: Improve "-d mmu" tracing for PMSAv7 MPU arm: Remove unnecessary check on cpu->pmsav7_dregion arm: Don't let no-MPU PMSA cores write to SCTLR.M arm: Don't clear ARM_FEATURE_PMSA for no-mpu configs arm: Clean up handling of no-MPU PMSA CPUs arm: Use different ARMMMUIdx values for M profile arm: Add support for M profile CPUs having different MMU index semantics arm: Use the mmu_idx we're passed in arm_cpu_do_unaligned_access() target/arm: clear PMUVER field of AA64DFR0 when vPMU=off ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02hw/arm/virt: fdt: generate distance-map when neededAndrew Jones1-0/+21
This is based on patch Shannon Zhao originally posted. Cc: Shannon Zhao <zhaoshenglong@huawei.com> Signed-off-by: Andrew Jones <drjones@redhat.com> Reviewed-by: Shannon Zhao <shannon.zhao@linaro.org> Message-id: 20170529173751.3443-3-drjones@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02hw/arm/virt-acpi-build: build SLIT when neededAndrew Jones1-0/+4
Cc: Shannon Zhao <zhaoshenglong@huawei.com> Signed-off-by: Andrew Jones <drjones@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Shannon Zhao <shannon.zhao@linaro.org> Message-id: 20170529173751.3443-2-drjones@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02aspeed: add some I2C devices to the Aspeed machinesCédric Le Goater1-0/+27
Let's add an RTC to the palmetto BMC and a LM75 temperature sensor to the AST2500 EVB to start with. Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-id: 1494827476-1487-5-git-send-email-clg@kaod.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02aspeed/i2c: introduce a state machineCédric Le Goater1-3/+33
The Aspeed I2C controller maintains a state machine in the command register, which is mostly used for debug. Let's start adding a few states to handle abnormal STOP commands. Today, the model uses the busy status of the bus as a condition to do so but it is not precise enough. Also remove the ABNORMAL bit for failing TX commands. This is incorrect with respect to the specs. Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-id: 1494827476-1487-4-git-send-email-clg@kaod.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02aspeed/i2c: handle LAST command under the RX commandCédric Le Goater1-3/+6
Today, the LAST command is handled with the STOP command but this is incorrect. Also nack the I2C bus when a LAST is issued. Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-id: 1494827476-1487-3-git-send-email-clg@kaod.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02aspeed/i2c: improve command handlingCédric Le Goater1-6/+18
Multiple I2C commands can be fired simultaneously and the controller execute the commands following these priorities: (1) Master Start Command (2) Master Transmit Command (3) Slave Transmit Command or Master Receive Command (4) Master Stop Command The current code is incorrect with respect to the above sequence and needs to be reworked to handle each individual command. Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-id: 1494827476-1487-2-git-send-email-clg@kaod.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02arm: Implement HFNMIENA support for M profile MPUPeter Maydell3-2/+41
Implement HFNMIENA support for the M profile MPU. This bit controls whether the MPU is treated as enabled when executing at execution priorities of less than zero (in NMI, HardFault or with the FAULTMASK bit set). Doing this requires us to use a different MMU index for "running at execution priority < 0", because we will have different access permissions for that case versus the normal case. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1493122030-32191-14-git-send-email-peter.maydell@linaro.org
2017-06-02arm: add MPU support to M profile CPUsMichael Davidsaver4-3/+137
The M series MPU is almost the same as the already implemented R profile MPU (v7 PMSA). So all we need to implement here is the MPU register interface in the system register space. This implementation has the same restriction as the R profile MPU that it doesn't permit regions to be sized down smaller than 1K. We also do not yet implement support for MPU_CTRL.HFNMIENA; this bit should if zero disable use of the MPU when running HardFault, NMI or with FAULTMASK set to 1 (ie at an execution priority of less than zero) -- if the MPU is enabled we don't treat these cases any differently. Signed-off-by: Michael Davidsaver <mdavidsaver@gmail.com> Message-id: 1493122030-32191-13-git-send-email-peter.maydell@linaro.org [PMM: Keep all the bits in mpu_ctrl field, rather than using SCTLR bits for them; drop broken HFNMIENA support; various cleanup] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02armv7m: Classify faults as MemManage or BusFaultMichael Davidsaver1-3/+42
General logic is that operations stopped by the MPU are MemManage, and those which go through the MPU and are caught by the unassigned handle are BusFault. Distinguish these by looking at the exception.fsr values, and set the CFSR bits and (if appropriate) fill in the BFAR or MMFAR with the exception address. Signed-off-by: Michael Davidsaver <mdavidsaver@gmail.com> Message-id: 1493122030-32191-12-git-send-email-peter.maydell@linaro.org [PMM: i-side faults do not set BFAR/MMFAR, only d-side; added some CPU_LOG_INT logging] Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2017-06-02arm: All M profile cores are PMSAPeter Maydell1-0/+8
All M profile CPUs are PMSA, so set the feature bit. (We haven't actually implemented the M profile MPU register interface yet, but setting this feature bit gives us closer to correct behaviour for the MPU-disabled case.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1493122030-32191-11-git-send-email-peter.maydell@linaro.org
2017-06-02armv7m: Implement M profile default memory mapMichael Davidsaver1-9/+32
Add support for the M profile default memory map which is used if the MPU is not present or disabled. The main differences in behaviour from implementing this correctly are that we set the PAGE_EXEC attribute on the right regions of memory, such that device regions are not executable. Signed-off-by: Michael Davidsaver <mdavidsaver@gmail.com> Message-id: 1493122030-32191-10-git-send-email-peter.maydell@linaro.org [PMM: rephrased comment and commit message; don't mark the flash memory region as not-writable; list all the cases in the default map explicitly rather than using a 'default' case for the non-executable regions] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02armv7m: Improve "-d mmu" tracing for PMSAv7 MPUMichael Davidsaver1-12/+27
Improve the "-d mmu" tracing for the PMSAv7 MPU translation process as an aid in debugging guest MPU configurations: * fix a missing newline for a guest-error log * report the region number with guest-error or unimp logs of bad region register values * add a log message for the overall result of the lookup * print "0x" prefix for hex values Signed-off-by: Michael Davidsaver <mdavidsaver@gmail.com> Reviewed-by: Alistair Francis <alistair.francis@xilinx.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1493122030-32191-9-git-send-email-peter.maydell@linaro.org [PMM: a little tidyup, report region number in all messages rather than just one] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02arm: Remove unnecessary check on cpu->pmsav7_dregionPeter Maydell1-2/+1
Now that we enforce both: * pmsav7_dregion == 0 implies has_mpu == false * PMSA with has_mpu == false means SCTLR.M cannot be set we can remove a check on pmsav7_dregion from get_phys_addr_pmsav7(), because we can only reach this code path if the MPU is enabled (and so region_translation_disabled() returned false). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1493122030-32191-8-git-send-email-peter.maydell@linaro.org
2017-06-02arm: Don't let no-MPU PMSA cores write to SCTLR.MPeter Maydell1-0/+5
If the CPU is a PMSA config with no MPU implemented, then the SCTLR.M bit should be RAZ/WI, so that the guest can never turn on the non-existent MPU. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@xilinx.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1493122030-32191-7-git-send-email-peter.maydell@linaro.org
2017-06-02arm: Don't clear ARM_FEATURE_PMSA for no-mpu configsPeter Maydell1-1/+7
Fix the handling of QOM properties for PMSA CPUs with no MPU: Allow no-MPU to be specified by either: * has-mpu = false * pmsav7_dregion = 0 and make setting one imply the other. Don't clear the PMSA feature bit in this situation. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@xilinx.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1493122030-32191-6-git-send-email-peter.maydell@linaro.org
2017-06-02arm: Clean up handling of no-MPU PMSA CPUsPeter Maydell4-14/+14
ARM CPUs come in two flavours: * proper MMU ("VMSA") * only an MPU ("PMSA") For PMSA, the MPU may be implemented, or not (in which case there is default "always acts the same" behaviour, but it isn't guest programmable). QEMU is a bit confused about how we indicate this: we have an ARM_FEATURE_MPU, but it's not clear whether this indicates "PMSA, not VMSA" or "PMSA and MPU present" , and sometimes we use it for one purpose and sometimes the other. Currently trying to implement a PMSA-without-MPU core won't work correctly because we turn off the ARM_FEATURE_MPU bit and then a lot of things which should still exist get turned off too. As the first step in cleaning this up, rename the feature bit to ARM_FEATURE_PMSA, which indicates a PMSA CPU (with or without MPU). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@xilinx.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1493122030-32191-5-git-send-email-peter.maydell@linaro.org
2017-06-02arm: Use different ARMMMUIdx values for M profilePeter Maydell3-2/+27
Make M profile use completely separate ARMMMUIdx values from those that A profile CPUs use. This is a prelude to adding support for the MPU and for v8M, which together will require 6 MMU indexes which don't map cleanly onto the A profile uses: non secure User non secure Privileged non secure Privileged, execution priority < 0 secure User secure Privileged secure Privileged, execution priority < 0 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1493122030-32191-4-git-send-email-peter.maydell@linaro.org
2017-06-02arm: Add support for M profile CPUs having different MMU index semanticsPeter Maydell6-99/+156
The M profile CPU's MPU has an awkward corner case which we would like to implement with a different MMU index. We can avoid having to bump the number of MMU modes ARM uses, because some of our existing MMU indexes are only used by non-M-profile CPUs, so we can borrow one. To avoid that getting too confusing, clean up the code to try to keep the two meanings of the index separate. Instead of ARMMMUIdx enum values being identical to core QEMU MMU index values, they are now the core index values with some high bits set. Any particular CPU always uses the same high bits (so eventually A profile cores and M profile cores will use different bits). New functions arm_to_core_mmu_idx() and core_to_arm_mmu_idx() convert between the two. In general core index values are stored in 'int' types, and ARM values are stored in ARMMMUIdx types. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1493122030-32191-3-git-send-email-peter.maydell@linaro.org
2017-06-02arm: Use the mmu_idx we're passed in arm_cpu_do_unaligned_access()Peter Maydell1-1/+1
When identifying the DFSR format for an alignment fault, use the mmu index that we are passed, rather than calling cpu_mmu_index() to get the mmu index for the current CPU state. This doesn't actually make any difference since the only cases where the current MMU index differs from the index used for the load are the "unprivileged load/store" instructions, and in that case the mmu index may differ but the translation regime is the same (apart from the "use from Hyp mode" case which is UNPREDICTABLE). However it's the more logical thing to do. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@xilinx.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1493122030-32191-2-git-send-email-peter.maydell@linaro.org
2017-06-02target/arm: clear PMUVER field of AA64DFR0 when vPMU=offWei Huang1-1/+1
The PMUv3 driver of linux kernel (in arch/arm64/kernel/perf_event.c) relies on the PMUVER field of id_aa64dfr0_el1 to decide if PMU support is present or not. This patch clears the PMUVER field under TCG mode when vPMU=off. Without it, PMUv3 will init insider guest VMs even with vPMU=off. This patch also removes a redundant line inside the if-statement. Signed-off-by: Wei Huang <wei@redhat.com> Message-id: 1495123889-32301-1-git-send-email-wei@redhat.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02hw/intc/arm_gicv3_cpuif: Fix priority masking for NS BPR1Peter Maydell1-4/+38
When we calculate the mask to use to get the group priority from an interrupt priority, the way that NS BPR1 is handled differs from how BPR0 and S BPR1 work -- a BPR1 value of 1 means the group priority is in bits [7:1], whereas for BPR0 and S BPR1 this is indicated by a 0 BPR value. Subtract 1 from the BPR value before creating the mask if we're using the NS BPR value, for both hardware and virtual interrupts, as the GICv3 pseudocode does, and fix the comments accordingly. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1493226792-3237-4-git-send-email-peter.maydell@linaro.org
2017-06-02hw/intc/arm_gicv3_cpuif: Don't let BPR be set below its minimumPeter Maydell1-0/+6
icc_bpr_write() was not enforcing that writing a value below the minimum for the BPR should behave as if the BPR was set to the minimum value. This doesn't make a difference for the secure BPRs (since we define the minimum for the QEMU implementation as zero) but did mean we were allowing the NS BPR1 to be set to 0 when 1 should be the lowest value. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1493226792-3237-3-git-send-email-peter.maydell@linaro.org
2017-06-02hw/intc/arm_gicv3_cpuif: Fix reset value for VMCR_EL2.VBPR1Peter Maydell1-1/+1
We were setting the VBPR1 field of VMCR_EL2 to icv_min_vbpr() on reset, but this is not correct. The field should reset to the minimum value of ICV_BPR0_EL1 plus one. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1493226792-3237-2-git-send-email-peter.maydell@linaro.org
2017-06-02load_uboot_image: don't assume a full header readAndrew Jones1-1/+2
Don't allow load_uboot_image() to proceed when less bytes than header-size was read. Signed-off-by: Andrew Jones <drjones@redhat.com> Message-id: 20170524091315.20284-1-drjones@redhat.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02libvixl: Correct build failures on NetBSDKamil Rytarowski1-0/+3
Ensure that C99 macros are defined regardless of the inclusion order of headers in vixl. This is required at least on NetBSD. The vixl/globals.h headers defines __STDC_CONSTANT_MACROS and must be included before other system headers. This file defines unconditionally the following macros, without altering the original sources: - __STDC_CONSTANT_MACROS - __STDC_LIMIT_MACROS - __STDC_FORMAT_MACROS Signed-off-by: Kamil Rytarowski <n54@gmx.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 20170514051820.15985-1-n54@gmx.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-06-02char: move char devices to chardev/Marc-André Lureau12-27/+28
Suggested by Paolo Bonzini during series review. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2017-06-02char: make chr_fe_deinit() optionaly delete backendMarc-André Lureau16-58/+34
This simplifies removing a backend for a frontend user (no need to retrieve the associated driver and separate delete call etc). NB: many frontends have questionable handling of ending a chardev. They should probably delete the backend to prevent broken reusage. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2017-06-02char: rename functions that are not part of feMarc-André Lureau1-8/+7
There is no clear reason to have those functions associated with frontend. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2017-06-02char: move CharBackend handling in char-fe unitMarc-André Lureau56-623/+664
Move all the frontend struct and methods to a seperate unit. This avoids accidentally mixing backend and frontend calls, and helps with readabilty. Make qemu_chr_replay() a macro shared by both char and char-fe. Export qemu_chr_write(), and use a macro for qemu_chr_write_all() (nb: yes, CharBackend is for char frontend :) Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2017-06-02char: generalize qemu_chr_write_all()Marc-André Lureau1-42/+28
qemu_chr_fe_write() is similar to qemu_chr_write_all(): the later write all with a chardev backend. Make qemu_chr_write() and qemu_chr_fe_write_buffer() take an 'all' argument. If false, handle 'partial' write the way qemu_chr_fe_write() use to, and call qemu_chr_write() from qemu_chr_fe_write(). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>