| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
staging
# gpg: Signature made Fri 20 Jan 2017 02:58:57 GMT
# gpg: using RSA key 0xEF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211
* remotes/jasowang/tags/net-pull-request:
tap: fix memory leak on failure in net_init_tap()
hw/pci: use-after-free in pci_nic_init_nofail when nic device fails to initialize
hw/net/dp8393x: Avoid unintentional sign extensions on addresses
m68k: QOMify the MCF Fast Ethernet Controller device
net: optimize checksum computation
docs: Fix description of the sentence
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
virtio, vhost, pc: fixes, features
writeable fw cfg blobs which will be used for guest to host
communication
fixes and cleanups all over the place
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Thu 19 Jan 2017 21:08:04 GMT
# gpg: using RSA key 0x281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* remotes/mst/tags/for_upstream:
virtio: force VIRTIO_F_IOMMU_PLATFORM
virtio: fix up max size checks
vhost: drop VHOST_F_DEVICE_IOTLB
update-linux-headers.sh: support __bitwise
virtio_crypto: header update
pci_regs: update to latest linux
virtio-mmio: switch to linux headers
virtio_mmio: add standard header file
virtio: drop an obsolete comment
fw-cfg: bump "x-file-slots" to 0x20 for 2.9+ machine types
pc: Add 2.9 machine-types
fw-cfg: turn FW_CFG_FILE_SLOTS into a device property
fw-cfg: support writeable blobs
vhost_net: device IOTLB support
virtio: disable notifications again after poll succeeded
Revert "virtio: turn vq->notification into a nested counter"
virtio-net: enable ioeventfd even if vhost=off
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
into staging
Error reporting patches for 2017-01-19
# gpg: Signature made Thu 19 Jan 2017 14:51:17 GMT
# gpg: using RSA key 0x3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653
* remotes/armbru/tags/pull-error-2017-01-19:
error: Report certain hints on stderr when no monitor
error: error_setg_errno(): errno gets preserved
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
'remotes/pmaydell/tags/pull-target-arm-20170120' into staging
target-arm queue:
* support virtualization in GICv3
* enable EL2 in AArch64 CPU models
* allow EL2 to be enabled on 'virt' board via -machine virtualization=on
* aspeed: SMC improvements
* m25p80: support die erase command
* m25p80: Add Quad Page Program 4byte
* m25p80: Improve 1GiB Micron flash definition
* arm: Uniquely name imx25 I2C buses
# gpg: Signature made Fri 20 Jan 2017 11:31:53 GMT
# gpg: using RSA key 0x3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg: aka "Peter Maydell <pmaydell@gmail.com>"
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* remotes/pmaydell/tags/pull-target-arm-20170120: (36 commits)
hw/arm/virt: Add board property to enable EL2
target-arm: Enable EL2 feature bit on A53 and A57
target/arm/psci.c: If EL2 implemented, start CPUs in EL2
hw/arm/virt-acpi-build: use SMC if booting in EL2
hw/arm/virt: Support using SMC for PSCI
hw/intc/arm_gicv3: Implement EL2 traps for CPU i/f regs
hw/intc/arm_gicv3: Implement gicv3_cpuif_virt_update()
hw/intc/arm_gicv3: Implement ICV_ registers EOIR and IAR
hw/intc/arm_gicv3: Implement ICV_ HPPIR, DIR and RPR registers
hw/intc/arm_gicv3: Implement ICV_ registers which are just accessors
hw/intc/arm_gicv3: Add accessors for ICH_ system registers
hw/intc/gicv3: Add data fields for virtualization support
hw/intc/gicv3: Add defines for ICH system register fields
target-arm: Add ARMCPU fields for GIC CPU i/f config
hw/arm/virt: Wire VIRQ, VFIQ, maintenance irq lines from GIC to CPU
target-arm: Expose output GPIO line for VCPU maintenance interrupt
hw/intc/arm_gic: Add external IRQ lines for VIRQ and VFIQ
hw/intc/arm_gicv3: Add external IRQ lines for VIRQ and VFIQ
hw/arm/virt-acpi - reserve ECAM space as PNP0C02 device
arm: virt: Fix segmentation fault when specifying an unsupported CPU
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Add a board level property to the virt board which will
enable EL2 on the CPU if the user asks for it. The
default is not to provide EL2. If EL2 is enabled then
we will use SMC as our PSCI conduit, and report the
virtualization support in the GICv3 device tree node
and the ACPI tables.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1483977924-14522-19-git-send-email-peter.maydell@linaro.org
|
|
Enable the ARM_FEATURE_EL2 bit on Cortex-A52 and
Cortex-A57, since this is all now sufficiently implemented
to work with the GICv3. We provide the usual CPU property
to disable it for backwards compatibility with the older
virt boards.
In this commit, we disable the EL2 feature on the
virt and ZynpMP boards, so there is no overall effect.
Another commit will expose a board-level property to
allow the user to enable EL2.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Message-id: 1483977924-14522-18-git-send-email-peter.maydell@linaro.org
|
|
The PSCI spec states that a CPU_ON call should cause the new
CPU to be started in the highest implemented Non-secure
exception level. We were incorrectly starting it at the
exception level of the caller, which happens to be correct
if EL2 is not implemented. Implement the correct logic
as described in the PSCI 1.0 spec section 6.4:
* if EL2 exists and SCR_EL3.HCE is set: start in EL2
* otherwise start in EL1
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Tested-by: Andrew Jones <drjones@redhat.com>
Message-id: 1483977924-14522-17-git-send-email-peter.maydell@linaro.org
|
|
Signed-off-by: Andrew Jones <drjones@redhat.com>
Acked-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1483977924-14522-16-git-send-email-peter.maydell@linaro.org
[PMM: look at vms->psci_conduit rather than vms->virt
to decide whether to use HVC or SMC, and report no
PSCI support at all for the 'PSCI disabled' case]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
If we are giving the guest a CPU with EL2, it is likely to
want to use the HVC instruction itself, for instance for
providing PSCI to inner guest VMs. This makes using HVC
as the PSCI conduit for the outer QEMU a bad idea. We will
want to use SMC instead is this case: this makes sense
because QEMU's PSCI implementation is effectively an
emulation of functionality provided by EL3 firmware.
Add code to support selecting the PSCI conduit to use,
rather than hardcoding use of HVC.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Message-id: 1483977924-14522-15-git-send-email-peter.maydell@linaro.org
|
|
Implement the architecturally required traps from NS EL1
to EL2 for the CPU interface registers. These fall into
several different groups:
* group-0-only registers all trap if ICH_HRC_EL2.TALL0 is set
(exactly the registers covered by gicv3_fiq_access())
* group-1-only registers all trap if ICH_HRC_EL2.TALL1 is set
(exactly the registers covered by gicv3_irq_access())
* DIR traps if ICH_HCR_EL2.TC or ICH_HCR_EL2.TDIR are set
* PMR, RPR, CTLR trap if ICH_HCR_EL2.TC is set
* SGI0R, SGI1R, ASGI1R trap if ICH_HCR_EL2.TC is set or
if HCR_EL2.IMO or HCR_EL2.FMO are set
We split DIR and the SGI registers out into their own access
functions, leaving the existing gicv3_irqfiq_access() just
handling PMR, RPR and CTLR.
This commit doesn't implement support for trapping on
HSTR_EL2.T12 for the 32-bit registers, as we don't implement
any of those per-coprocessor trap bits currently and
probably will want to do those in some more centralized way.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1483977924-14522-14-git-send-email-peter.maydell@linaro.org
|
|
Implement the function which signals virtual interrupts to the
CPU as appropriate following CPU interface state changes.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1483977924-14522-13-git-send-email-peter.maydell@linaro.org
|
|
Implement the two remaining ICV_ registers: EOIR and IAR.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1483977924-14522-12-git-send-email-peter.maydell@linaro.org
|
|
Implement the the ICV_ registers HPPIR, DIR and RPR.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1483977924-14522-11-git-send-email-peter.maydell@linaro.org
|
|
If the HCR_EL2.IMO or FMO bits are set, accesses to ICC_
system registers are redirected to be accesses to ICV_
registers (the guest-visible interface to the virtual
interrupt controller). Implement this behaviour for the
ICV_ registers which are simple accessors to the underlying
register state.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1483977924-14522-10-git-send-email-peter.maydell@linaro.org
|
|
The GICv3 virtualization interface includes system registers
accessible only to the hypervisor which form the control
interface for interrupt virtualization. Implement these
registers.
The function gicv3_cpuif_virt_update() which determines
whether it needs to signal vIRQ, vFIQ or a maintenance
interrupt is introduced here as a stub function -- its
implementation will be added in a subsequent commit.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1483977924-14522-9-git-send-email-peter.maydell@linaro.org
|
|
As the first step in adding support for the virtualization
extensions to the GICv3 emulation:
* add the necessary data fields to the state structures
* add the fields to the migration state, as a subsection
which is only present if virtualization is enabled
The use of a subsection means we retain migration
compatibility as EL2 is not enabled on any CPUs currently.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Alistair Francis <alistair.francis@xilinx.com>
Message-id: 1483977924-14522-8-git-send-email-peter.maydell@linaro.org
|
|
Add defines to gicv3_internal.h for fields in the ICH_*
system registers which form the GIC virtualization control
interface.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1483977924-14522-7-git-send-email-peter.maydell@linaro.org
|
|
Add fields to the ARMCPU structure to allow CPU classes to
specify the configurable aspects of their GIC CPU interface.
In particular, the virtualization support allows different
values for number of list registers, priority bits and
preemption bits.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Alistair Francis <alistair.francis@xilinx.com>
Message-id: 1483977924-14522-6-git-send-email-peter.maydell@linaro.org
|
|
Wire the new VIRQ, VFIQ and maintenance interrupt lines from the
GIC to each CPU.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1483977924-14522-5-git-send-email-peter.maydell@linaro.org
|
|
The GICv3 support for virtualization includes an outbound
maintenance interrupt signal which is asserted when the
CPU interface wants to signal to the hypervisor that it
needs attention. Expose this as an outbound GPIO line from
the CPU object which can be wired up as a physical interrupt
line by the board code (as we do already for the CPU timers).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Message-id: 1483977924-14522-4-git-send-email-peter.maydell@linaro.org
|
|
Augment the GIC's QOM device interface by adding two
new sets of sysbus IRQ lines, to signal VIRQ and VFIQ to
each CPU.
We never use these, but it's helpful to keep the v2-and-earlier
GIC's external interface in line with that of the GICv3 to
avoid board code having to add extra code conditional on which
version of the GIC is in use.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1483977924-14522-3-git-send-email-peter.maydell@linaro.org
|
|
Augment the GICv3's QOM device interface by adding two
new sets of sysbus IRQ lines, to signal VIRQ and VFIQ to
each CPU.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Message-id: 1483977924-14522-2-git-send-email-peter.maydell@linaro.org
|
|
Linux for arm64 v4.10 and later will complain if the ECAM config space is
not reserved in the ACPI namespace:
acpi PNP0A08:00: [Firmware Bug]: ECAM area [mem 0x3f000000-0x3fffffff] not reserved in ACPI namespace
The rationale is that OSes that don't consume the MCFG table should still
be able to infer that the PCI config space MMIO region is occupied.
So update the ACPI table generation routine to add this reservation.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Message-id: 1484328738-21149-1-git-send-email-ard.biesheuvel@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Using -cpu cortex-a9 (or any other unsupported CPU) with the virt
board will cause QEMU to segmentation fault. This bug was introduced
in commit 9ac4ef77, which incorrectly added a NULL terminator when
converting the VirtBoardInfo array into a simple array of strings
defining the valid CPUs. The cpuname_valid() loop already has
a termination condition based on ARRAY_SIZE, so the NULL is
spurious and causes the strcmp() to segfault if we reach it.
Delete the NULL.
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Message-id: 1484619334-10488-1-git-send-email-zhaoshenglong@huawei.com
[PMM: expanded commit message]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Create a ROM region, using the default size of the mapping window for
the CE0 FMC flash module, and fill it with the flash content.
This is a little hacky but until we can boot from a MMIO region, it
seems difficult to do anything else.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Andrew Jeffery <andrew@aj.id.au>
Message-id: 1483979087-32663-11-git-send-email-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The Aspeed SMC controllers have a mode (Command mode) in which
accesses to the flash content are no different than doing MMIOs. The
controller generates all the necessary commands to load (or store)
data in memory.
So add a couple of tests doing direct reads and writes on the AHB bus.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Andrew Jeffery <andrew@aj.id.au>
Message-id: 1483979087-32663-10-git-send-email-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Let's make sure when each test is run that the flash object is in an
initial state and did not keep configuration from the previous tests.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Message-id: 1483979087-32663-9-git-send-email-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The Aspeed SMC controllers have a mode (Command mode) in which
accesses to the flash content are no different than doing MMIOs. The
controller generates all the necessary commands to load (or store)
data in memory.
However, accesses are restricted to the segment window assigned the
the flash module by the controller. This window is defined by the
Segment Address Register.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Andrew Jeffery <andrew@aj.id.au>
Message-id: 1483979087-32663-8-git-send-email-clg@kaod.org
[PMM: Deleted now-unused aspeed_smc_is_usermode() function]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The SPI controller of the AST2400 SoC has less registers. So we can
adjust the size of the memory region holding the registers depending
on the controller type. We can also remove the guest_error logging
which is useless as the range of the region is strict enough.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Message-id: 1483979087-32663-7-git-send-email-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
This is getting difficult to read. Also add a 'has_dma' field for each
controller type.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Andrew Jeffery <andrew@aj.id.au>
Message-id: 1483979087-32663-6-git-send-email-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
On the AST2500 SoC, the FMC controller flash type is fixed to SPI for
CE0 and CE1 and 4BYTE mode is autodetected for CE0.
On the AST2400 SoC, the FMC controller flash type and 4BYTE mode are
strapped with register SCU70. We use the default settings from the
palmetto-bmc machine for now.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Andrew Jeffery <andrew@aj.id.au>
Message-id: 1483979087-32663-5-git-send-email-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Change the routines prototype to use a 'AspeedSMCFlash *' instead of
'AspeedSMCState *'. The result will help in making future changes
clearer.
Also change aspeed_smc_update_cs() which uselessly loops on all slave
devices to update their status.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Andrew Jeffery <andrew@aj.id.au>
Message-id: 1483979087-32663-4-git-send-email-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Instead, we can simply set the irq level when unselecting the slave
devices. This change prepares ground for a subsequent cleanup of the
aspeed_smc_update_cs() routine which uselessly loops on all slaves to
update their status.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Message-id: 1483979087-32663-3-git-send-email-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
This is useless as reset will be called later on.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Acked-by: Marcin Krzemiński <mar.krzeminski@gmail.com>
Message-id: 1483979087-32663-2-git-send-email-clg@kaod.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The DBGVCR_EL2 system register is needed to run a 32-bit
EL1 guest under a Linux EL2 64-bit hypervisor. Its only
purpose is to provide AArch64 with access to the state of
the DBGVCR AArch32 register. Since we only have a dummy
DBGVCR, implement a corresponding dummy DBGVCR32_EL2.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
|
|
To run a VM in 32-bit EL1 our AArch32 interrupt handling code
needs to be able to cope with VIRQ and VFIQ exceptions.
These behave like IRQ and FIQ except that we don't need to try
to route them to Monitor mode.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
|
|
n25q00 and mt25q01 devices share the same JEDEC ID. The difference
between those two devices is number of dies and one bit in extended
JEDEC bytes. This commit adds proper entry for both devices by
introduction the number of dies and and new 25q00 entries.
Signed-off-by: Marcin Krzeminski <mar.krzeminski@gmail.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 20170108083854.5006-4-mar.krzeminski@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Modern big flash NOR devices consist of more than one die.
Some of them do not support chip erase and instead have a die
erase command that can erase one die only. This commit adds
support for defining the number of dies in the chip, and adds
support for die erase command.
The NOR flash model is not strict, so no option to
disable chip erase has been added.
Signed-off-by: Marcin Krzeminski <mar.krzeminski@gmail.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 20170108083854.5006-3-mar.krzeminski@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Some flash chips have additional page program opcode that
takes only 4 byte address. This commit adds support
for such command in Qemu.
Signed-off-by: Marcin Krzeminski <mar.krzeminski@gmail.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 20170108083854.5006-2-mar.krzeminski@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The imx25 chip provides 3 i2c buses, but they have all been named
"i2c", which makes it difficult to predict which bus a device will
be connected to when specified on the command line.
This patch addresses the issue by naming the buses uniquely:
i2c-bus.0 i2c-bus.1 i2c-bus.2
Signed-off-by: Alastair D'Silva <alastair@d-silva.org>
Message-id: 20170105043430.3176-2-alastair@au1.ibm.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Commit 091a6b2ac fixed most of the memory leaks in failure
paths in net_init_tap() reported by Coverity (CID 1356216),
but missed one. Fix it by deferring the allocation of
fds and vhost_fds until after the error check.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
initialize
object_property_set_bool(OBJECT(dev), true, "realized", &err) in
pci_nic_init_nofail may release the object if device fails to
initialize which leads to use-after-free in error handling block.
qdev_init_nofail does the same thing while holding the reference.
(gdb) run -net nic
qemu-system-x86_64: failed to find romfile "efi-e1000.rom"
Program received signal SIGSEGV, Segmentation fault.
object_unparent (obj=0x7fffe96a0010) at qom/object.c:440
440 in qom/object.c
(gdb) bt
<nd_table>, rootbus=0x5555567ed990, default_model=<optimized out>,
default_devaddr=<optimized out>) at hw/pci/pci.c:1812
pci_bus=0x5555567ed990) at hw/i386/pc.c:1634
pci_type=0x555555c1a523 "i440FX", host_type=0x555555ba564e
"i440FX-pcihost") at hw/i386/pc_piix.c:241
out>, envp=<optimized out>) at vl.c:4481
Signed-off-by: Alex Kompel <barbos@gmail.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
The dp8393x has several 32-bit values which are formed by concatenating
two 16 bit device register values. Attempting to do these inline
with ((s->reg[HI] << 16) | s->reg[LO]) can result in an unintended
sign extension because "x << 16" is of type 'int' even though s->reg
is unsigned, and so if the expression is used in a context where
it is cast to uint64_t the value is incorrectly sign-extended.
Fix this by using accessor functions with a uint32_t return type;
this also makes the code a bit easier to read.
This should fix Coverity issues 1307765, 1307766, 1307767, 1307768.
(To avoid having a ctda read function only used in a DPRINTF,
we move the DPRINTF down slightly so it can use the ttda function.)
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
When running qemu-system-m68k with the "-net" parameter (for example
simply "-net nic -net user"), there is currently a confusing warning
message saying:
Warning: requested NIC (anonymous, model mcf_fec) was not created
(not supported by this machine?)
This seems to happen because the MCF NIC has never been adapted to
the currently expected QEMU device behavior. Thus let's QOMify the
NIC now to get rid of the warning message.
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
Very simple loop optimization with a significant performance impact.
Microbenchmark results, modern x86-64:
buffer size | speed up
------------+---------
1500 | 1.7x
64 | 1.5x
8 | 1.15x
Microbenchmark results, POWER7:
buffer size | speed up
------------+---------
1500 | 5x
64 | 3.3x
8 | 1.13x
There is a lot of room for further improvement at the expense of
code complexity - aligned multibyte reads, LE/BE considerations,
architecture-specific optimizations, etc. This patch still keeps
things simple and readable.
Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Reviewed-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
Say it in another way to make it easier to understand.
Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Jason Wang <jasowang@redhat.com>
|
|
We allow vhost to clear VIRITO_F_IOMMU_PLATFORM which is wrong since
VIRTIO_F_IOMMU_PLATFORM is mandatory for security. Fixing this by
enforce it after vdc->get_features().
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
|
|
Coverity reports that ARRAY_SIZE(elem->out_sg) (and all the others too)
is wrong because elem->out_sg is a pointer.
However, the check is not in the right place and the max_size argument
of virtqueue_map_iovec can be removed. The check on in_num/out_num
should be moved to qemu_get_virtqueue_element instead, before the call
to virtqueue_alloc_element.
Cc: qemu-stable@nongnu.org
Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Fixes: 3724650db07057333879484c8bc7d900b5c1bf8e ("virtio: introduce virtqueue_alloc_element")
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
|
|
staging
add OpenSPARC T1 emulation
# gpg: Signature made Wed 18 Jan 2017 22:25:47 GMT
# gpg: using RSA key 0x3360C3F7411A125F
# gpg: Good signature from "Artyom Tarasenko <atar4qemu@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 2AD8 6149 17F4 B2D7 05C0 BB12 3360 C3F7 411A 125F
* remotes/artyom/tags/pull-sun4v-20170118: (30 commits)
target-sparc: fix up niagara machine
target-sparc: move common cpu initialisation routines to sparc64.c
target-sparc: implement sun4v RTC
target-sparc: add ST_BLKINIT_ ASIs for UA2005+ CPUs
target-sparc: store the UA2005 entries in sun4u format
target-sparc: implement UA2005 ASI_MMU (0x21)
target-sparc: add more registers to dump_mmu
target-sparc: implement auto-demapping for UA2005 CPUs
target-sparc: allow 256M sized pages
target-sparc: simplify ultrasparc_tsb_pointer
target-sparc: implement UA2005 TSB Pointers
target-sparc: use SparcV9MMU type for sparc64 I/D-MMUs
target-sparc: replace the last tlb entry when no free entries left
target-sparc: ignore writes to UA2005 CPU mondo queue register
target-sparc: allow priveleged ASIs in hyperprivileged mode
target-sparc: use direct address translation in hyperprivileged mode
target-sparc: fix immediate UA2005 traps
target-sparc: implement UA2005 rdhpstate and wrhpstate instructions
target-sparc: implement UA2005 GL register
target-sparc: implement UA2005 hypervisor traps
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Hints printed with error_printf_unless_qmp() are suppressed outside
monitor context. Reproducer:
$ qemu-system-x86_64 -m 1Z
qemu-system-x86_64: -m 1Z: Parameter 'size' expects a size
Print to stderr instead. The reproducer now additionally prints:
You may use k, M, G or T suffixes for kilobytes, megabytes, gigabytes and terabytes.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20170105135957.12003-1-marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Commit message tweaked]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
|
