aboutsummaryrefslogtreecommitdiff
path: root/target-ppc
AgeCommit message (Collapse)AuthorFilesLines
2011-04-01Implement PAPR VPA functions for pSeries shared processor partitionsDavid Gibson1-0/+7
Shared-processor partitions are those where a CPU is time-sliced between partitions, rather than being permanently dedicated to a single partition. qemu emulated partitions, since they are just scheduled with the qemu user process, behave mostly like shared processor partitions. In order to better support shared processor partitions (splpar), PAPR defines the "VPA" (Virtual Processor Area), a shared memory communication channel between the hypervisor and partitions. There are also two additional shared memory communication areas for specialized purposes associated with the VPA. A VPA is not essential for operating an splpar, though it can be necessary for obtaining accurate performance measurements in the presence of runtime partition switching. Most importantly, however, the VPA is a prerequisite for PAPR's H_CEDE, hypercall, which allows a partition OS to give up it's shared processor timeslices to other partitions when idle. This patch implements the VPA and H_CEDE hypercalls in qemu. We don't implement any of the more advanced statistics which can be communicated through the VPA. However, this is enough to make normal pSeries kernels do an effective power-save idle on an emulated pSeries, significantly reducing the host load of a qemu emulated pSeries running an idle guest OS. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Implement PAPR CRQ hypercallsBen Herrenschmidt1-0/+11
This patch implements the infrastructure and hypercalls necessary for the PAPR specified CRQ (Command Request Queue) mechanism. This general request queueing system is used by many of the PAPR virtual IO devices, including the virtual scsi adapter. Signed-off-by: Ben Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Virtual hash page table handling on pSeries machineDavid Gibson2-8/+30
On pSeries logical partitions, excepting the old POWER4-style full system partitions, the guest does not have direct access to the hardware page table. Instead, the pagetable exists in hypervisor memory, and the guest must manipulate it with hypercalls. However, our current pSeries emulation more closely resembles the old style where the guest must set up and handle the pagetables itself. This patch converts it to act like a modern partition. This involves two things: first, the hash translation path is modified to permit the has table to be stored externally to the emulated machine's RAM. The pSeries machine init code configures the CPUs to use this mode. Secondly, we emulate the PAPR hypercalls for manipulating the external hashed page table. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Add POWER7 support for ppcDavid Gibson3-0/+129
This adds emulation support for the recent POWER7 cpu to qemu. It's far from perfect - it's missing a number of POWER7 features so far, including any support for VSX or decimal floating point instructions. However, it's close enough to boot a kernel with the POWER7 PVR. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Support 1T segments on ppcDavid Gibson2-12/+45
Traditionally, the "segments" used for the two-stage translation used on powerpc MMUs were 256MB in size. This was the only option on all hash page table based 32-bit powerpc cpus, and on the earlier 64-bit hash page table based cpus. However, newer 64-bit cpus also permit 1TB segments This patch adds support for 1TB segment translation to the qemu code. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Better factor the ppc hash translation pathDavid Gibson2-48/+20
Currently the path handling hash page table translation in get_segment() has a mix of common and 32 or 64 bit specific code. However the division is not done terribly well which results in a lot of messy code flipping between common and divided paths. This patch improves the organization, consolidating several divided paths into one. This in turn allows simplification of some code in get_segment(), removing a number of ugly interim variables. This new factorization will also make it easier to add support for the 1T segments added in newer CPUs. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Use "hash" more consistently in ppc mmu codeDavid Gibson2-50/+50
Currently, get_segment() has a variable called hash. However it doesn't (quite) get the hash value for the ppc hashed page table. Instead it gets the hash shifted - effectively the offset of the hash bucket within the hash page table. As well, as being different to the normal use of plain "hash" in the architecture documentation, this usage necessitates some awkward 32/64 dependent masks and shifts which clutter up the path in get_segment(). This patch alters the code to use raw hash values through get_segment() including storing raw hashes instead of pte group offsets in the ctx structure. This cleans up the path noticeably. This does necessitate 32/64 dependent shifts when the hash values are taken out of the ctx structure and used, but those paths already have 32/64 bit variants so this is less awkward than it was in get_segment(). Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Parse SDR1 on mtspr instead of at translate timeDavid Gibson6-46/+62
On ppc machines with hash table MMUs, the special purpose register SDR1 contains both the base address of the encoded size (hashed) page tables. At present, we interpret the SDR1 value within the address translation path. But because the encodings of the size for 32-bit and 64-bit are different this makes for a confusing branch on the MMU type with a bunch of curly shifts and masks in the middle of the translate path. This patch cleans things up by moving the interpretation on SDR1 into the helper function handling the write to the register. This leaves a simple pre-sanitized base address and mask for the hash table in the CPUState structure which is easier to work with in the translation path. This makes the translation path more readable. It addresses the FIXME comment currently in the mtsdr1 helper, by validating the SDR1 value during interpretation. Finally it opens the way for emulating a pSeries-style partition where the hash table used for translation is not mapped into the guests's RAM. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Clean up slb_lookup() functionDavid Gibson1-27/+18
The slb_lookup() function, used in the ppc translation path returns a number of slb entry fields in reference parameters. However, only one of the two callers of slb_lookup() actually wants this information. This patch, therefore, makes slb_lookup() return a simple pointer to the located SLB entry (or NULL), and the caller which needs the fields can extract them itself. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Correct ppc popcntb logic, implement popcntw and popcntdDavid Gibson4-11/+69
qemu already includes support for the popcntb instruction introduced in POWER5 (although it doesn't actually allow you to choose POWER5). However, the logic is slightly incorrect: it will generate results truncated to 32-bits when the CPU is in 32-bit mode. This is not normal for powerpc - generally arithmetic instructions on a 64-bit powerpc cpu will generate full 64 bit results, it's just that only the low 32 bits will be significant for condition codes. This patch corrects this nit, which actually simplifies the code slightly. In addition, this patch implements the popcntw and popcntd instructions added in POWER7, in preparation for allowing POWER7 as an emulated CPU. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Implement missing parts of the logic for the POWER PURRDavid Gibson3-0/+16
The PURR (Processor Utilization Resource Register) is a register found on recent POWER CPUs. The guts of implementing it at least enough to get by are already present in qemu, however some of the helper functions needed to actually wire it up are missing. This patch adds the necessary glue, so that the PURR can be wired up when we implement newer POWER CPU targets which include it. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Implement PowerPC slbmfee and slbmfev instructionsDavid Gibson5-1/+80
For a 64-bit PowerPC target, qemu correctly implements translation through the segment lookaside buffer. Likewise it supports the slbmte instruction which is used to load entries into the SLB. However, it does not emulate the slbmfee and slbmfev instructions which read SLB entries back into registers. Because these are only occasionally used in guests (mostly for debugging) we get away with it. However, given the recent SLB cleanups, it becomes quite easy to implement these, and thereby allow, amongst other things, a guest Linux to use xmon's command to dump the SLB. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Add a hook to allow hypercalls to be emulated on PowerPCDavid Gibson2-0/+10
PowerPC and POWER chips since the POWER4 and 970 have a special hypervisor mode, and a corresponding form of the system call instruction which traps to the hypervisor. qemu currently has stub implementations of hypervisor mode. That is, the outline is there to allow qemu to run a PowerPC hypervisor under emulation. There are a number of details missing so this won't actually work at present, but the idea is there. What there is no provision at all, is for qemu to instead emulate the hypervisor itself. That is to have hypercalls trap into qemu and their result be emulated from qemu, rather than running hypervisor code within the emulated system. Hypervisor hardware aware KVM implementations are in the works and it would be useful for debugging and development to also allow full emulation of the same para-virtualized guests as such a KVM. Therefore, this patch adds a hook which will allow a machine to set up emulation of hypervisor calls. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Clean up PowerPC SLB handling codeDavid Gibson4-136/+79
Currently the SLB information when emulating a PowerPC 970 is storeed in a structure with the unhelpfully named fields 'tmp' and 'tmp64'. While the layout in these fields does match the description of the SLB in the architecture document, it is not convenient either for looking up the SLB, or for emulating the slbmte instruction. This patch, therefore, reorganizes the SLB entry structure to be divided in the the "ESID related" and "VSID related" fields as they are divided in instructions accessing the SLB. In addition to making the code smaller and more readable, this will make it easier to implement for the 1TB segments used in more recent PowerPC chips. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01target-ppc: ext32u instead of andi with constantAurelien Jarno1-4/+4
Cc: Alexander Graf <agraf@suse.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-03-22target-ppc: add support for 6 SPE instructionsFabien Chouteau1-4/+198
Add support for 6 SPE instructions: evmra, evmwsmi{a{a}}, evmwumi{a{a}} Signed-off-by: Fabien Chouteau <chouteau@adacore.com> Reviewed-by: Nathan Froyd <froydnj@codesourcery.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2011-03-21Merge remote branch 'qemu-kvm/uq/master' into stagingAnthony Liguori1-7/+7
2011-03-21change all other clock references to use nanosecond resolution accessorsPaolo Bonzini2-5/+5
This was done with: sed -i 's/qemu_get_clock\>/qemu_get_clock_ns/' \ $(git grep -l 'qemu_get_clock\>' ) sed -i 's/qemu_new_timer\>/qemu_new_timer_ns/' \ $(git grep -l 'qemu_new_timer\>' ) after checking that get_clock and new_timer never occur twice on the same line. There were no missed occurrences; however, even if there had been, they would have been caught by the compiler. There was exactly one false positive in qemu_run_timers: - current_time = qemu_get_clock (clock); + current_time = qemu_get_clock_ns (clock); which is of course not in this patch. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2011-03-16kvm: Align kvm_arch_handle_exit to kvm_cpu_exec changesJan Kiszka1-4/+4
Make the return code of kvm_arch_handle_exit directly usable for kvm_cpu_exec. This is straightforward for x86 and ppc, just s390 would require more work. Avoid this for now by pushing the return code translation logic into s390's kvm_arch_handle_exit. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> CC: Alexander Graf <agraf@suse.de> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2011-03-15kvm: Rename kvm_arch_process_irqchip_events to async_eventsJan Kiszka1-1/+1
We will broaden the scope of this function on x86 beyond irqchip events. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2011-03-15kvm: ppc: Fix breakage of kvm_arch_pre_run/process_irqchip_eventsJan Kiszka1-3/+3
Commit 7a39fe5882 failed to convert the right arch function. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2011-03-13inline cpu_halted into sole callerPaolo Bonzini1-11/+0
All implementations are now the same, and there is only one caller, so inline the function there. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-02-16Merge remote branch 'qemu-kvm/uq/master' into stagingAnthony Liguori1-4/+12
2011-02-16Handle icount for powerpc tbl/tbu/decr load and store.Tristan Gingold1-0/+42
Handle option '-icount X' on powerpc targets. Signed-off-by: Tristan Gingold <gingold@adacore.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@petalogix.com>
2011-02-14kvm: Drop return values from kvm_arch_pre/post_runJan Kiszka1-4/+2
We do not check them, and the only arch with non-empty implementations always returns 0 (this is also true for qemu-kvm). Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> CC: Alexander Graf <agraf@suse.de> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2011-02-14kvm: Provide sigbus services arch-independentlyJan Kiszka1-0/+10
Provide arch-independent kvm_on_sigbus* stubs to remove the #ifdef'ery from cpus.c. This patch also fixes --disable-kvm build by providing the missing kvm_on_sigbus_vcpu kvm-stub. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Acked-by: Alexander Graf <agraf@suse.de> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2011-02-01Merge remote branch 'qemu-kvm/uq/master' into stagingAnthony Liguori1-1/+9
aliguori: fix build with !defined(KVM_CAP_ASYNC_PF) Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-01-23kvm: Consolidate must-have capability checksJan Kiszka1-0/+4
Instead of splattering the code with #ifdefs and runtime checks for capabilities we cannot work without anyway, provide central test infrastructure for verifying their availability both at build and runtime. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2011-01-23kvm: Drop smp_cpus argument from init functionsJan Kiszka1-1/+1
No longer used. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2011-01-23kvm: Stop on all fatal exit reasonsJan Kiszka1-0/+4
Ensure that we stop the guest whenever we face a fatal or unknown exit reason. If we stop, we also have to enforce a cpu loop exit. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2011-01-21ppc: Correct BookE tlb readsEdgar E. Iglesias1-1/+1
Call the tlb read helper (and not the write helper) for tlb reads. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2011-01-20target-ppc: fix wrong NaN testsAurelien Jarno1-17/+28
Some tests in FPU emulation code were wrongly using float64_is_nan() before commit 185698715dfb18c82ad2a5dbc169908602d43e81, and wrongly using float64_is_quiet_nan() after. Fix them by using float64_is_any_nan() instead. Reviewed-by: Nathan Froyd <froydnj@codesourcery.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2011-01-20target-ppc: fix sNaN propagationAurelien Jarno1-69/+78
The current FPU code returns 0.0 if one of the operand is a signaling NaN and the VXSNAN exception is disabled. fload_invalid_op_excp() doesn't return a qNaN in case of a VXSNAN exception as the operand should be propagated instead of a new qNaN to be generated. Fix that by calling fload_invalid_op_excp() only for the exception generation (if enabled), and use the softfloat code to correctly compute the result. Reviewed-by: Nathan Froyd <froydnj@codesourcery.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2011-01-06target-ppc: use float32_is_any_nan()Aurelien Jarno1-3/+2
Use the new function float32_is_any_nan() instead of float32_is_quiet_nan() || float32_is_signaling_nan(). Acked-by: Alexander Graf <agraf@suse.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2011-01-06target-ppc: fix default qNaNAurelien Jarno1-2/+2
On PPC the default qNaN doesn't have the sign bit set. Acked-by: Alexander Graf <agraf@suse.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2011-01-06target-ppc: remove PRECISE_EMULATION defineAurelien Jarno2-50/+11
The PRECISE_EMULATION is "hardcoded" to one in target-ppc/exec.h and not something easily tunable. Remove it and non-precise emulation code as it doesn't make a noticeable difference in speed. People wanting speed improvement should use softfloat-native instead. Acked-by: Alexander Graf <agraf@suse.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2011-01-02softfloat: Rename float*_is_nan() functions to float*_is_quiet_nan()Peter Maydell1-29/+29
The softfloat functions float*_is_nan() were badly misnamed, because they return true only for quiet NaNs, not for all NaNs. Rename them to float*_is_quiet_nan() to more accurately reflect what they do. This change was produced by: perl -p -i -e 's/_is_nan/_is_quiet_nan/g' $(git grep -l is_nan) (with the results manually checked.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Nathan Froyd <froydnj@codesourcery.com> Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-12-31Fix translation of unary PPC/SPE instructions (efdneg etc.).Mike Pall1-18/+21
Signed-off-by: Mike Pall <mike-lp10@luajit.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-12-08ppc: kvm: fix signedness warningAlexander Graf1-1/+1
I get a warning on a signed comparison with an unsigned variable, so let's make the variable signed and be happy. Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Edgar E. Iglesias <edgar@axis.com>
2010-10-30target-xxx: Use fprintf_function (format checking)Stefan Weil3-11/+9
fprintf_function uses format checking with GCC_FMT_ATTR. Format errors were fixed in * target-i386/helper.c * target-mips/translate.c * target-ppc/translate.c Cc: Blue Swirl <blauwirbel@gmail.com> Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-10-13ppc: avoid write only variablesBlue Swirl1-3/+3
Compiling with GCC 4.6.0 20100925 produced warnings: /src/qemu/target-ppc/op_helper.c: In function 'helper_icbi': /src/qemu/target-ppc/op_helper.c:351:14: error: variable 'tmp' set but not used [-Werror=unused-but-set-variable] /src/qemu/target-ppc/op_helper.c: In function 'do_6xx_tlb': /src/qemu/target-ppc/op_helper.c:3805:28: error: variable 'EPN' set but not used [-Werror=unused-but-set-variable] /src/qemu/target-ppc/op_helper.c: In function 'do_74xx_tlb': /src/qemu/target-ppc/op_helper.c:3838:28: error: variable 'EPN' set but not used [-Werror=unused-but-set-variable] Fix by adding a dummy cast so that the variable is not unused. Delete tmp. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-10-13ppc: remove video.xBlue Swirl2-14/+0
Only Mac-on-Linux stuff used video.x, OpenBIOS does not need it. Remove video.x MoL hacks. Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-10-05ppc: Minor 40x MMU fixesJohn Clark2-27/+49
* Fix swapped reading of tlblo/hi. * Fix tlb exec permissions Signed-off-by: John Clark <clarkjc@runbox.com> Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2010-09-30powerpc: Add a virtex5 ml507 refdesign boardEdgar E. Iglesias1-0/+4
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2010-09-30powerpc: Add a ppc-440x5 Xilinx modelEdgar E. Iglesias1-2/+4
Add a powerpc 440x5 with the model ID on the Xilinx virtex5. Connect the 440x5 to the 40x interrupt logic. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2010-09-24powerpc: Improve emulation of the BookE MMUEdgar E. Iglesias2-8/+33
Improve the emulation of the BookE MMU to be able to boot linux on virtex5 boards. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2010-09-18PPC: Suppress gcc warnings with -Wtype-limitsBlue Swirl1-25/+25
The hack added by c5b76b381081680633e2e0a91216507430409fb2 was not enough to avoid warnings with gcc flag -Wtype-limits. Add a new macro to fix both problems. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-09-15PPC: Redesign interrupt trigger pathAlexander Graf1-51/+29
According to the Book3S spec, the interrupt context starts with an MSR value that is rather simple. If we leave out the HV case, it's almost always 0. To reflect this, let's redesign the way that MSR value gets calculated. Using this, we also squash the bug where MSR_POW can slip through into the interrupt handler MSR. Reported-by: Thomas Monjalon <thomas.monjalon@openwide.fr> Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2010-09-15PPC: Enable hint bits for lwarx/ldarxAlexander Graf1-2/+2
The lwarx and ldarx instructions have a bit to give some hint to the CPU which is safe to ignore. We currently refuse to accept any instruction with that bit set, as it used to be declared MBZ. Let's remove the reserved bit and make the instruction work as expected. This fixes Linux boot for ppc64. Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Andreas Färber <andreas.faerber@web.de> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2010-09-11powerpc: Avoid TLB related log spammingEdgar E. Iglesias1-1/+0
Invalid TLB entries are normal and should not spam the log. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>