aboutsummaryrefslogtreecommitdiff
path: root/target-ppc
AgeCommit message (Collapse)AuthorFilesLines
2016-06-07Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell1-2/+0
pc, pci, virtio: new features, cleanups, fixes This includes some infrastructure for ipmi smbios tables. Beginning of acpi hotplug rework by Igor for supporting >255 CPUs. Misc cleanups and fixes. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Tue 07 Jun 2016 13:55:22 BST # gpg: using RSA key 0x281F0DB8D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" * remotes/mst/tags/for_upstream: (25 commits) virtio: move bi-endian target support to a single location pc-dimm: introduce realize callback pc-dimm: get memory region from ->get_memory_region() acpi: make bios_linker_loader_add_checksum() API offset based acpi: make bios_linker_loader_add_pointer() API offset based tpm: apci: cleanup TCPA table initialization acpi: cleanup bios_linker_loader_cleanup() acpi: simplify bios_linker API by removing redundant 'table' argument acpi: convert linker from GArray to BIOSLinker structure pc: use AcpiDeviceIfClass.send_event to issue GPE events acpi: extend ACPI interface to provide send_event hook pc: Postpone SMBIOS table installation to post machine init ipmi: rework the fwinfo to be fetched from the interface tests: acpi: update tables with consolidated legacy cpu-hotplug AML pc: acpi: cpuhp-legacy: switch ProcessorID to possible_cpus idx pc: acpi: simplify build_legacy_cpu_hotplug_aml() signature pc: acpi: consolidate legacy CPU hotplug in one file pc: acpi: mark current CPU hotplug functions as legacy pc: acpi: cpu-hotplug: make AML CPU_foo defines local to cpu_hotplug_acpi_table.c pc: acpi: consolidate \GPE._E02 with the rest of CPU hotplug AML ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-06-07virtio: move bi-endian target support to a single locationGreg Kurz1-2/+0
Paolo's recent cpu.h cleanups broke legacy virtio for ppc64 LE guests (and arm BE guests as well, even if I have not verified that). Especially, commit "33c11879fd42 qemu-common: push cpu.h inclusion out of qemu-common.h" has the side-effect of silently hiding the TARGET_IS_BIENDIAN macro from the virtio memory accessors, and thus fully disabling support of endian changing targets. To be sure this cannot happen again, let's gather all the bi-endian bits where they belong in include/hw/virtio/virtio-access.h. The changes in hw/virtio/vhost.c are safe because vhost_needs_vring_endian() is not called on a hot path and non bi-endian targets will return false anyway. While here, also rename TARGET_IS_BIENDIAN to be more precise: it is only for legacy virtio and bi-endian guests. Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-07ppc: Do not take exceptions on unknown SPRs in privileged modeBenjamin Herrenschmidt1-2/+9
The architecture specifies that mtspr/mfspr on an unknown SPR number should act as a nop in privileged mode. I haven't removed the warning however as it can be useful for diagnosing. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-07ppc: Add missing slbfee. instruction on ppc64 BookS processorsBenjamin Herrenschmidt3-0/+57
Used to lookup SLB entries by address, for some reason it was missing. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-07ppc: Fix slbia decodeBenjamin Herrenschmidt1-1/+1
Since at least the 2.05 architecture, the slbia instruction takes an IH field in the opcode to provide some control on the effect of the slbia on the ERATs (level-1 TLB). We can safely ignore it as we always flush the whole qemu TLB but we should allow the bits in the decode. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-07ppc: Fix mtmsr decodingBenjamin Herrenschmidt1-1/+1
We had code to handle the L bit in the opcode but we didn't allow it in the decode mask. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-07ppc: POWER7 has lq/stq instructions and stq need to check ISABenjamin Herrenschmidt2-2/+5
The PPC_64BX instruction flag is used for a couple of newer instructions currently on POWER8 but our implementation for them works for POWER7 too (and already does the proper checking of what is permitted) with one exception: stq needs to check the ISA version. This fixes the latter and add the instructions to POWER7 Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-07ppc: POWER7 had ACOP and PID registersBenjamin Herrenschmidt1-0/+18
We only had them on POWER8, add them to POWER7 as well Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-07ppc: Batch TLB flushes on 32-bit 6xx/7xx/7xxx in hash modeBenjamin Herrenschmidt4-44/+31
This ports the existing 64-bit mechanism to 32-bit, thus series of 64 tlbie's followed by a sync like some versions of Darwin (ab)use will result in a single flush. We apply a pending flush on any sync instruction though, as Darwin doesn't use tlbsync on non-SMP systems. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-07ppc: Fix tlb invalidations on 6xx/7xx/7xxx 32-bit processorsBenjamin Herrenschmidt1-0/+8
The processor only uses some bits of the address and invalidates an entire congruence class. Some OSes such as Darwin and HelenOS take advantage of this and occasionally invalidate the entire TLB by just doing a series of 64 consecutive tlbie for example. Our code tries to be too smart here only invalidating a segment congruence class (ie, allowing more address bits to be relevant in the invalidation), this fails miserably on those OSes. Instead don't bother, do like ppc64 and blow the whole tlb when tlbie is executed. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-07ppc: Properly tag the translation cache based on MMU modeBenjamin Herrenschmidt1-1/+1
We used to always flush the TLB when changing relocation mode in MSR:IR and MSR:DR (ie. MMU on/off for Instructions and Data). We don't anymore since we have split mmu_idx for instruction and data. However, since we hard code the mmu_idx in the translated code, we now need to also make sure MSR:IR and MSR:DR are part of the hflags used to tag translated code, so that we use different translated code for different MMU settings. Darwin gets hurt by this problem. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-07target-ppc: fixup bitrot in mmu_helper.c debug statementsMark Cave-Ayland1-14/+24
This fixes compilation of mmu_helper.c when all of the debug #defines at the start of the file are enabled. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-07ppc: fix hrfid, tlbia and slbia privilegeCédric Le Goater1-3/+3
commit 74693da98894 ('ppc: tlbie, tlbia and tlbisync are HV only') introduced some extra checks on the instruction privilege. slbia was changed wrongly and hrfid, tlbia were forgotten. Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-07ppc: Fix hreg_store_msr() so that non-HV mode cannot alter MSR:HVBenjamin Herrenschmidt2-4/+8
This helper is only used by the various instructions that can alter MSR and not interrupts. Add a comment to that effect to the interrupt code as well in case somebody wants to change this Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-07ppc: Better figure out if processor has HV modeBenjamin Herrenschmidt3-5/+22
We use an env. flag which is set to the initial value of MSR_HVB in the msr_mask. We also adjust the POWER8 mask to set SHV. Also use this to adjust ctx.hv so that it is *set* when the processor doesn't have an HV mode (970 with Apple mode for example), thus enabling hypervisor instructions/SPRs. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> [clg: ctx.hv used to be defined only for the hypervisor kernel (HV=1|PR=0). It is now defined also when PR=1 and conditions are fixed accordingly. stripped unwanted tabs.] Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-07target-ppc/fpu_helper: Fix efscmp* instructions handlingTalha Imran1-1/+1
With specification at hand from the reference manual from Freescale http://cache.nxp.com/files/32bit/doc/ref_manual/SPEPEM.pdf , I have found a fix to efscmp* instructions handling in QEMU. efscmp* instructions in QEMU set crD (Condition Register nibble) values as (0b0100 << 2) = 0b10000 (consider the HELPER_SINGLE_SPE_CMP macro which left shifts the value returned by efscmp* handler by 2 bits). A value of 0b10000 is not correct according the to the reference manual. The reference manual expects efscmp* instructions to return a value of 0bx1xx. Please find attached a patch which disables left shifting in HELPER_SINGLE_SPE_CMP macro. This macro is used by efscmp* and efstst* instructions only. efstst* instruction handlers, in turn, call efscmp* handlers too. *Explanation:* Traditionally, each crD (condition register nibble) consist of 4 bits, which is set by comparisons as follows: crD = W X Y Z where W = Less than X = Greater than Y = Equal to However, efscmp* instructions being a special case return a binary result. (efscmpeq will set the crD = 0bx1xx iff when op1 == op2 and 0bx0xx otherwise; i.e. there is no notion of different crD values based on Less than, Greater than and Equal to). This effectively means that crD will store a "Greater than" comparison result iff efscmp* instruction comparison is TRUE. Compiler exploits this feature by checking for "Branch if Less than or Equal to" (ble instruction) OR "Branch if Greater than" (bgt instruction) for Branch if FALSE OR Branch if TRUE respectively after an efscmp* instruction. This can be seen in a assembly code snippet below: 27 if (__real__ x != 3.0f || __imag__ x != 4.0f) 10000498: lwz r10,8(r31) 1000049c: lis r9,16448 100004a0: efscmpeq cr7,r10,r9 100004a4: ble- cr7,0x100004b8 <bar+60> //jump to abort() call 100004a8: lwz r10,12(r31) 100004ac: lis r9,16512 100004b0: efscmpeq cr7,r10,r9 100004b4: bgt- cr7,0x100004bc <bar+64> //skip abort() call 28 abort (); 100004b8: bl 0x10000808 <abort> Signed-off-by: Talha Imran <talha_imran@mentor.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-06-05target-*: dfilter support for in_asmRichard Henderson1-1/+2
The arm target was handled by 06486077, but other targets were ignored. This handles all the rest which actually support disassembly (that is, skipping moxie and tilegx). Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2016-05-30ppc: Add PPC_64H instruction flag to POWER7 and POWER8Benjamin Herrenschmidt1-2/+2
This will enable decoding of hrfid Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-30ppc: Get out of emulation on SMT "OR" opsBenjamin Herrenschmidt1-3/+18
Otherwise tight loops at smt_low for example, which OPAL does, eat so much CPU that we can't boot a kernel anymore. With that, I can boot 8 CPUs just fine with powernv. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-30ppc: Fix sign extension issue in mtmsr(d) emulationMichael Neuling1-2/+2
Signed-off-by: Michael Neuling <mikey@neuling.org> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-30ppc: Change 'invalid' bit mask of tlbiel and tlbieBenjamin Herrenschmidt1-2/+4
Otherwise it will trip on the forms used in recent architecture. Ideally, we should have different handlers for different architecture levels but our current implementation of TLB flushing is dumb enough that this will do for now. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-30ppc: tlbie, tlbia and tlbisync are HV onlyBenjamin Herrenschmidt1-3/+3
Not that anything remotely recent supports tlbia but ... Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-30ppc: Do some batching of TCG tlb flushesBenjamin Herrenschmidt7-12/+71
On ppc64 especially, we flush the tlb on any slbie or tlbie instruction. However, those instructions often come in bursts of 3 or more (context switch will favor a series of slbie's for example to an slbia if the SLB has less than a certain number of entries in it, and tlbie's can happen in a series, with PAPR, H_BULK_REMOVE can remove up to 4 entries at a time. Doing a tlb_flush() each time is a waste of time. We end up doing a memset of the whole TLB, reloading it for the next instruction, memset'ing again, etc... Those instructions don't have to take effect immediately. For slbie, they can wait for the next context synchronizing event. For tlbie, the next tlbsync. This implements batching by keeping a flag that indicates that we have a TLB in need of flushing. We check it on interrupts, rfi's, isync's and tlbsync and flush the TLB if needed. This reduces the number of tlb_flush() on a boot to a ubuntu installer first dialog screen from roughly 360K down to 36K. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> [clg: added a 'CPUPPCState *' variable in h_remove() and h_bulk_remove() ] Signed-off-by: Cédric Le Goater <clg@kaod.org> [dwg: removed spurious whitespace change, use 0/1 not true/false consistently, since tlb_need_flush has int type] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-30ppc: Use split I/D mmu modes to avoid flushes on interruptsBenjamin Herrenschmidt5-25/+63
We rework the way the MMU indices are calculated, providing separate indices for I and D side based on MSR:IR and MSR:DR respectively, and thus no longer need to flush the TLB on context changes. This also adds correct support for HV as a separate address space. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-30ppc: Remove MMU_MODEn_SUFFIX definitionsBenjamin Herrenschmidt1-3/+0
We don't use the resulting accessors and this gets in the way of the split I/D TLB work. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-27spapr_iommu: Finish renaming vfio_accel to need_vfioAlexey Kardashevskiy1-1/+1
6a81dd17 "spapr_iommu: Rename vfio_accel parameter" renamed vfio_accel flag everywhere but one spot was missed. Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-27PPC/KVM: early validation of vcpu idGreg Kurz1-0/+8
The KVM API restricts vcpu ids to be < KVM_CAP_MAX_VCPUS. On PowerPC targets, depending on the number of threads per core in the host and in the guest, some topologies do generate higher vcpu ids actually. When this happens, QEMU bails out with the following error: kvm_init_vcpu failed: Invalid argument The KVM_CREATE_VCPU ioctl has several EINVAL return paths, so it is not possible to fully disambiguate. This patch adds a check in the code that computes vcpu ids, so that we can detect the error earlier, and print a friendlier message instead of calling KVM_CREATE_VCPU with an obviously bogus vcpu id. Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-27target-ppc: Cleanups to rldinm, rldnm, rldimiRichard Henderson1-45/+46
Mirror the cleanups just done to rlwinm, rlwnm and rlwimi. This adds use of deposit to rldimi. Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-27target-ppc: Use 32-bit rotate instead of deposit + 64-bit rotateRichard Henderson1-102/+70
A 32-bit rotate insn is more common on hosts than a deposit insn, and if the host has neither the result is truely horrific. At the same time, tidy up the temporaries within these functions, drop the over-use of "likely", drop some checks for identity that will also be checked by tcg-op.c functions, and special case mask without rotate within rlwinm. Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-27target-ppc: Use movcond in iselRichard Henderson1-18/+11
Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-27target-ppc: Correct KVM synchronization for ppc_hash64_set_external_hpt()David Gibson1-2/+0
ppc_hash64_set_external_hpt() was added in e5c0d3c "target-ppc: Add helpers for updating a CPU's SDR1 and external HPT". This helper contains a cpu_synchronize_state() since it may need to push state back to KVM afterwards. This turns out to break things when it is used in the reset path, which is the only current user. It appears that kvm_vcpu_dirty is not being set early in the reset path, so the cpu_synchronize_state() is clobbering state set up by the early part of the cpu reset path with stale state from KVM. This may require some changes to the generic cpu reset path to fix properly, but as a short term fix we can just remove the cpu_synchronize_state() from ppc_hash64_set_external_hpt(), and require any non-reset path callers to do that manually. Reported-by: Laurent Vivier <lvivier@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-19cpu: move exec-all.h inclusion out of cpu.hPaolo Bonzini11-2/+12
exec-all.h contains TCG-specific definitions. It is not needed outside TCG-specific files such as translate.c, exec.c or *helper.c. One generic function had snuck into include/exec/exec-all.h; move it to include/qom/cpu.h. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-19qemu-common: push cpu.h inclusion out of qemu-common.hPaolo Bonzini4-1/+5
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-19hw: move CPU state serialization to migration/cpu.hPaolo Bonzini1-0/+1
Remove usage of NEED_CPU_H from hw/hw.h. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-19ppc: use PowerPCCPU instead of CPUPPCStatePaolo Bonzini1-54/+38
This changes a cpu.h dependency for hw/ppc/ppc.h into a cpu-qom.h dependency. For it to compile we also need to clean up a few unused definitions. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-19target-ppc: make cpu-qom.h not target specificPaolo Bonzini2-163/+161
Make PowerPCCPU an opaque type within cpu-qom.h, and move all definitions of private methods, as well as all type definitions that require knowledge of the layout to cpu.h. Conversely, move all definitions needed to define a class to cpu-qom.h. This helps making files independent of NEED_CPU_H if they only need to pass around CPU pointers. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-19target-ppc: do not make PowerPCCPUClass depend on target-specific symbolsPaolo Bonzini1-4/+0
Just leave some members in even if they are unused on e.g. 32-bit PPC or user-mode emulation. This avoids complications when using PowerPCCPUClass in code that is compiled just once (because it applies to both 32-bit and 64-bit PPC for example) but still needs to peek at PPC-specific members. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-19target-ppc: do not use target_ulong in cpu-qom.hPaolo Bonzini5-6/+5
Bring the PowerPCCPUClass handle_mmu_fault method type into line with the one in CPUClass. Using vaddr also makes the cpu-qom.h file target independent. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-19cpu: make cpu-qom.h only include-able from cpu.hPaolo Bonzini1-1/+0
Make cpu-qom.h so that it is only included from cpu.h. Then there is no need for it to include cpu.h again. Later we will make cpu-qom.h target independent and we will _want_ to include it from elsewhere, but for now reduce the number of cases to handle. Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-12tcg: Allow goto_tb to any target PC in user modeSergey Fedorov1-5/+15
In user mode, there's only a static address translation, TBs are always invalidated properly and direct jumps are reset when mapping change. Thus the destination address is always valid for direct jumps and there's no need to restrict it to the pages the TB resides in. Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Signed-off-by: Sergey Fedorov <sergey.fedorov@linaro.org> Cc: Riku Voipio <riku.voipio@iki.fi> Cc: Blue Swirl <blauwirbel@gmail.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2016-05-12tb: consistently use uint32_t for tb->flagsEmilio G. Cota1-1/+1
We are inconsistent with the type of tb->flags: usage varies loosely between int and uint64_t. Settle to uint32_t everywhere, which is superior to both: at least one target (aarch64) uses the most significant bit in the u32, and uint64_t is wasteful. Compile-tested for all targets. Suggested-by: Laurent Desnogues <laurent.desnogues@gmail.com> Suggested-by: Richard Henderson <rth@twiddle.net> Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Emilio G. Cota <cota@braap.org> Signed-off-by: Richard Henderson <rth@twiddle.net> Message-Id: <1460049562-23517-1-git-send-email-cota@braap.org>
2016-04-18ppc: Fix migration of the XER registerThomas Huth1-1/+1
env->xer only holds the lower bits of the XER register nowadays, the SO, OV and CA bits are stored in separate variables (see the function cpu_write_xer() for details). Since the migration code currently only reads the "xer" variable, the upper bits are lost during migration. Fix it by using cpu_read_xer() instead. Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-04-18ppc: Fix the bad exception NIP value and the range check in LSWXThomas Huth1-2/+3
The range checks in the LSWX instruction are completely insufficient: They do not take the wrap-around case into account, and the check "reg < rx" should be "reg <= rx" instead. Fix it by using the new lsw_reg_in_range() helper function that is already used for LSWI, too. Then there is a second problem: In case the INVAL exception is generated, the NIP value is wrong, it currently points to the instruction before the LSWX instruction. This is because gen_lswx() already decreases the NIP value by 4 (to be prepared for page fault exceptions), and powerpc_excp() later decreases it again by 4 while handling the program exception. So to get this right, we've got to undo the "- 4" from gen_lswx() here before calling helper_raise_exception_err(). Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-04-18ppc: Fix the range check in the LSWI instructionThomas Huth2-4/+12
There are two issues: First, the number of registers that are used has to be calculated with "(nb + 3) / 4" (i.e. round always up, not down). Second, the "start <= ra && (start + nr - 32) > ra" condition for the wrap-around case is wrong: It has to be tested with "||" instead of "&&". Since we can reuse this check later for the LSWX instruction, let's place the fixed code into a helper function, too. Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-04-05ppc: Rework POWER7 & POWER8 exception modelCédric Le Goater3-3/+58
From: Benjamin Herrenschmidt <benh@kernel.crashing.org> This patch fixes the current AIL implementation for POWER8. The interrupt vector address can be calculated directly from LPCR when the exception is handled. The excp_prefix update becomes useless and we can cleanup the H_SET_MODE hcall. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> [clg: Removed LPES0/1 handling for HV vs. !HV Fixed LPCR_ILE case for POWERPC_EXCP_POWER8 ] Signed-off-by: Cédric Le Goater <clg@fr.ibm.com> [dwg: This was written as a cleanup, but it also fixes a real bug where setting an alternative interrupt location would not be correctly migrated] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-03-24Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell3-2/+5
* Log filtering from Alex and Peter * Chardev fix from Marc-André * config.status tweak from David * Header file tweaks from Markus, myself and Veronia (Outreachy candidate) * get_ticks_per_sec() removal from Rutuja (Outreachy candidate) * Coverity fix from myself * PKE implementation from myself, based on rth's XSAVE support # gpg: Signature made Thu 24 Mar 2016 20:15:11 GMT using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" * remotes/bonzini/tags/for-upstream: (28 commits) target-i386: implement PKE for TCG config.status: Pass extra parameters char: translate from QIOChannel error to errno exec: fix error handling in file_ram_alloc cputlb: modernise the debug support qemu-log: support simple pid substitution for logs target-arm: dfilter support for in_asm qemu-log: dfilter-ise exec, out_asm, op and opt_op qemu-log: new option -dfilter to limit output qemu-log: Improve the "exec" TB execution logging qemu-log: Avoid function call for disabled qemu_log_mask logging qemu-log: correct help text for -d cpu tcg: pass down TranslationBlock to tcg_code_gen util: move declarations out of qemu-common.h Replaced get_tick_per_sec() by NANOSECONDS_PER_SECOND hw: explicitly include qemu-common.h and cpu.h include/crypto: Include qapi-types.h or qemu/bswap.h instead of qemu-common.h isa: Move DMA_transfer_handler from qemu-common.h to hw/isa/isa.h Move ParallelIOArg from qemu-common.h to sysemu/char.h Move QEMU_ALIGN_*() from qemu-common.h to qemu/osdep.h ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Conflicts: scripts/clean-includes
2016-03-24ppc: move POWER8 Book4 regs in their own routineCédric Le Goater1-0/+8
commit fce55481360d "ppc: A couple more dummy POWER8 Book4 regs" squashed in to rapidly a set of POWER8 Book4 regs in the wrong routine. This patch introduces the missing gen_spr_power8_book4() routine to fix their location. Signed-off-by: Cédric Le Goater <clg@fr.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-03-24ppc: A couple more dummy POWER8 Book4 regsBenjamin Herrenschmidt2-0/+15
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> [clg: squashed in patch 'ppc: Add dummy ACOP SPR' ] Signed-off-by: Cédric Le Goater <clg@fr.ibm.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-03-24ppc: Add dummy CIABR SPRBenjamin Herrenschmidt2-0/+6
We should implement HW breakpoint/watchpoint, qemu supports them... Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-03-24ppc: Add POWER8 IAMR registerBenjamin Herrenschmidt2-2/+40
With appropriate AMR-like masks. Not actually used by the translation logic at that point Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> [clg: changed spr_register_hv(SPR_IAMR) to spr_register_kvm_hv(SPR_IAMR) changed gen_spr_amr() prototype ] Signed-off-by: Cédric Le Goater <clg@fr.ibm.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>