aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-07-05target-arm: Add support for long format translation table walks64-bit-physaddrsPeter Maydell
Implement the actual table walk code for LPAE's long format translation tables. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-07-05target-arm: Implement TTBCR changes for LPAEPeter Maydell
Implement the changes to the TTBCR register required for LPAE: * many fewer bits should be RAZ/WI * since TTBCR changes can result in a change of ASID, we must flush the TLB on writes to it Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-07-05target-arm: Implement long-descriptor PAR formatPeter Maydell
Implement the different format of the PAR when long descriptor translation tables are in use. Note that we assume that get_phys_addr() returns a long-descriptor format DFSR value on failure if long descriptors are in use; this added subtlety tips the balance and makes it worth adding a comment documenting the API to get_phys_addr(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-07-05target-arm: Use target_phys_addr_t in get_phys_addr()Peter Maydell
In the implementation of get_phys_addr(), consistently use target_phys_addr_t to hold the physical address rather than uint32_t. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-07-05target-arm: Add 64 bit PAR, TTBR0, TTBR1 for LPAEPeter Maydell
Under LPAE, the cp15 registers PAR, TTBR0 and TTBR1 are extended to 64 bits, with a 64 bit (MRRC/MCRR) access path to read the full width of the register. Add the state fields for the top half and the 64 bit access path. Actual use of the top half of the register will come with the addition of the long-descriptor translation table format support. For the PAR we also need to correct the masking applied for 32 bit writes (there are no bits reserved if LPAE is implemented) and clear the high half when doing a 32 bit result VA-to-PA lookup. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-07-05target-arm: Add 64 bit variants of DBGDRAR and DBGDSAR for LPAEPeter Maydell
LPAE extends the DBGDRAR and DBGDSAR debug registers to 64 bits; we only implement these as dummy RAZ versions; provide dummies for the 64 bit accesses as well. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-07-05target-arm: Add AMAIR0, AMAIR1 LPAE cp15 registersPeter Maydell
Add implementations of the AMAIR0 and AMAIR1 LPAE Auxiliary Memory Attribute Indirection Registers. These are implementation defined and we choose to implement them as RAZ/WI, matching the Cortex-A7 and Cortex-A15. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-07-05target-arm: Extend feature flags to 64 bitsPeter Maydell
Extend feature flags to 64 bits, as we've just run out of space in the 32 bit integer we were using for them. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-07-05target-arm: Implement privileged-execute-never (PXN)Peter Maydell
Implement the privileged-execute-never (PXN) translation table bit. It is implementation-defined whether this is implemented, so we give it its own ARM_FEATURE_ flag. LPAE requires PXN, so add also an LPAE feature flag and the implication logic, as a placeholder for actually implementing LPAE at a later date. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-07-05target-arm: Fix TCG temp handling in 64 bit cp writesPeter Maydell
Fix errors in the TCG temp handling in the 64 bit coprocessor write path: we were reusing a 32 bit temp after it had been freed by store_reg(), and failing to free a 64 bit temp. This bug has no visible effect at this point because there aren't any non-NOP 64 bit registers yet; it needs to be fixed as a prerequisite for the 64 bit registers in LPAE support. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-07-03ARM: Make target_phys_addr_t 64 bits and physaddrs 40 bitsPeter Maydell
Make target_phys_addr_t 64 bits for ARM targets, and set TARGET_PHYS_ADDR_SPACE_BITS to 40. This should have no effect for ARM boards where physical addresses really are 32 bits (except perhaps a slight performance hit on 32 bit hosts for system emulation) but allows us to implement the Large Physical Address Extensions for Cortex-A15, which mean 40 bit physical addresses. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-07-03bitops.h: Add functions to extract and deposit bitfieldsPeter Maydell
Add functions deposit32(), deposit64(), extract32() and extract64() to extract and deposit bitfields in 32 and 64 bit words. Based on ideas by Jia Liu and Avi Kivity. Suggested-by: Jia Liu <proljc@gmail.com> Suggested-by: Avi Kivity <avi@redhat.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Eric Blake <eblake@redhat.com>
2012-07-03target-arm: Fix typo that meant TTBR1 accesses went to TTBR0Peter Maydell
Fix a copy-and-paste error in the register description for TTBR1 that meant it was a duplicate of TTBR0 rather than affecting the correct bit of CPU state. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2012-07-03hw/cadence_gem: Make rx_desc_addr and tx_desc_addr uint32_tPeter Maydell
Make the state fields rx_desc_addr and tx_desc_addr uint32_t; this matches the VMStateDescription, and also conforms to how hardware works: the registers don't magically become larger if the device is attached to a CPU with a larger physical address size. It also fixes a compile failure if the target_phys_addr_t type is changed to 64 bits. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
2012-06-28bsd-user: fix buildBlue Swirl
Link in oslib objects also for BSD user, but avoid using the version of qemu_vmalloc() defined in oslib-posix.c. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: rename op_helper.c to seg_helper.cBlue Swirl
Rename what is remaining of op_helper.c to seg_helper.c. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: split off memory access helpersBlue Swirl
Move memory access helpers to mem_helper.c. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: split off misc helpersBlue Swirl
Move various functions to misc_helper.c. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: split off SMM helpersBlue Swirl
Move SMM helpers to smm_helper.c. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: split off SVM helpersBlue Swirl
Move SVM helpers to svm_helper.c. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: split off integer helpersBlue Swirl
Move integer and bit field helpers to int_helper.c. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: split off condition code helpersBlue Swirl
Move condition code helpers to cc_helper.c. Move the shared inline functions lshift(), cpu_load_eflags() and cpu_cc_compute_all() to cpu.h. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: prepare eflags helpers for general useBlue Swirl
Adjust function names and add an explicit CPUX86State parameter instead of relying on AREG0. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: split condition code and shift templatesBlue Swirl
Move shift templates from helper_template.h to shift_helper_template.h and the condition code helpers to cc_helper_template.h. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: fix coding style in helper_template.hBlue Swirl
Fix coding style in helper_template.h before next commit. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: improve SSE table type safetyBlue Swirl
SSE function tables could easily be corrupted because of use of void pointers. Introduce function pointer types and helper variables in order to improve type safety. Split sse_op_table3 according to types used. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: split off FPU helpersBlue Swirl
Move FPU and MMX/SSE helpers to fpu_helpers.c. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: fix coding style in ops_sse.hBlue Swirl
Fix coding style in ops_sse.h before next commit. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: avoid an extern declarationBlue Swirl
After the previous patch, we can use the proper declaration in a common header file. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: split off exception handlersBlue Swirl
Move exception handlers from op_helper.c to excp_helper.c. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: avoid AREG0 for exceptionsBlue Swirl
Add an explicit CPUX86State parameter instead of relying on AREG0. Merge raise_exception_env() to raise_exception(), likewise with raise_exception_err_env() and raise_exception_err(). Introduce cpu_svm_check_intercept_param() and cpu_vmexit() as wrappers. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-28x86: prepare op_helper.c for splittingBlue Swirl
Fix coding style and a few typos. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-06-27Add a memory barrier to DMA functionsBenjamin Herrenschmidt
The emulated devices can run simultaneously with the guest, so we need to be careful with ordering of load and stores done by them to the guest system memory, which need to be observed in the right order by the guest operating system. This adds a barrier call to the basic DMA read/write ops which is currently implemented as a smp_mb(), but could be later improved for more fine grained control of barriers. Additionally, a _relaxed() variant of the accessors is provided to easily convert devices who would be performance sensitive and negatively impacted by the change. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27pseries: Implement IOMMU and DMA for PAPR PCI devicesDavid Gibson
Currently the pseries machine emulation does not support DMA for emulated PCI devices, because the PAPR spec always requires a (guest visible, paravirtualized) IOMMU which was not implemented. Now that we have infrastructure for IOMMU emulation, we can correct this and allow PCI DMA for pseries. With the existing PAPR IOMMU code used for VIO devices, this is almost trivial. We use a single DMAContext for each (virtual) PCI host bridge, which is the usual configuration on real PAPR machines (which often have _many_ PCI host bridges). Cc: Alex Graf <agraf@suse.de> Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27iommu: Allow PCI to use IOMMU infrastructureDavid Gibson
This patch adds some hooks to let PCI devices and busses use the new IOMMU infrastructure. When IOMMU support is enabled, each PCI device now contains a DMAContext * which is used by the pci_dma_*() wrapper functions. By default, the contexts are initialized to NULL, assuming no IOMMU. However the platform or host bridge code which sets up the PCI bus can use pci_setup_iommu() to set a function which will determine the correct DMAContext for a given PCI device. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27pseries: Convert sPAPR TCEs to use generic IOMMU infrastructureDavid Gibson
The pseries platform already contains an IOMMU implementation, since it is essential for the platform's paravirtualized VIO devices. This IOMMU support is currently built into the implementation of the VIO "bus" and the various VIO devices. This patch converts this code to make use of the new common IOMMU infrastructure. We don't yet handle synchronization of map/unmap callbacks vs. invalidations, this will require some complex interaction with the kernel and is not a major concern at this stage. Cc: Alex Graf <agraf@suse.de> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27iommu: Introduce IOMMU emulation infrastructureDavid Gibson
This patch adds the basic infrastructure necessary to emulate an IOMMU visible to the guest. The DMAContext structure is extended with information and a callback describing the translation, and the various DMA functions used by devices will now perform IOMMU translation using this callback. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27usb: Convert usb_packet_{map, unmap} to universal DMA helpersDavid Gibson
The USB UHCI and EHCI drivers were converted some time ago to use the pci_dma_*() helper functions. However, this conversion was not complete because in some places both these drivers do DMA via the usb_packet_map() function in usb-libhw.c. That function directly used cpu_physical_memory_map(). Now that the sglist code uses DMA wrappers properly, we can convert the functions in usb-libhw.c, thus conpleting the conversion of UHCI and EHCI to use the DMA wrappers. Note that usb_packet_map() invokes dma_memory_map() with a NULL invalidate callback function. When IOMMU support is added, this will mean that usb_packet_map() and the corresponding usb_packet_unmap() must be called in close proximity without dropping the qemu device lock - otherwise the guest might invalidate IOMMU mappings while they are still in use by the device code. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27ide/ahci: Use universal DMA helper functionsDavid Gibson
The AHCI device can provide both PCI and SysBus AHCI device emulations. For this reason, it wasn't previously converted to use the pci_dma_*() helper functions. Now that we have universal DMA helper functions, this converts AHCI to use them. The DMAContext is obtained from pci_dma_context() in the PCI case and set to NULL in the SysBus case (i.e. we assume for now that a SysBus AHCI has no IOMMU translation). Cc: Kevin Wolf <kwolf@redhat.com> Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27iommu: Make sglists and dma_bdrv helpers use new universal DMA helpersDavid Gibson
dma-helpers.c contains a number of helper functions for doing scatter/gather DMA, and various block device related DMA. Currently, these directly access guest memory using cpu_physical_memory_*(), assuming no IOMMU translation. This patch updates this code to use the new universal DMA helper functions. qemu_sglist_init() now takes a DMAContext * to describe the DMA address space in which the scatter/gather will take place. We minimally update the callers qemu_sglist_init() to pass NULL (i.e. no translation, same as current behaviour). Some of those callers should pass something else in some cases to allow proper IOMMU translation in future, but that will be fixed in later patches. Cc: Kevin Wolf <kwolf@redhat.com> Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27usb-ohci: Use universal DMA helper functionsDavid Gibson
The OHCI device emulation can provide both PCI and SysBus OHCI implementations. Because of this, it was not previously converted to use the PCI DMA helper functions. This patch converts it to use the new universal DMA helper functions. In the PCI case, it obtains its DMAContext from pci_dma_context(), in the SysBus case, it uses NULL - i.e. assumes for now that there will be no IOMMU translation for a SysBus OHCI. Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27iommu: Add universal DMA helper functionsDavid Gibson
Not that long ago, every device implementation using DMA directly accessed guest memory using cpu_physical_memory_*(). This meant that adding support for a guest visible IOMMU would require changing every one of these devices to go through IOMMU translation. Shortly before qemu 1.0, I made a start on fixing this by providing helper functions for PCI DMA. These are currently just stubs which call the direct access functions, but mean that an IOMMU can be implemented in one place, rather than for every PCI device. Clearly, this doesn't help for non PCI devices, which could also be IOMMU translated on some platforms. It is also problematic for the devices which have both PCI and non-PCI version (e.g. OHCI, AHCI) - we cannot use the the pci_dma_*() functions, because they assume the presence of a PCIDevice, but we don't want to have to check between pci_dma_*() and cpu_physical_memory_*() every time we do a DMA in the device code. This patch makes the first step on addressing both these problems, by introducing new (stub) dma helper functions which can be used for any DMA capable device. These dma functions take a DMAContext *, a new (currently empty) variable describing the DMA address space in which the operation is to take place. NULL indicates untranslated DMA directly into guest physical address space. The intention is that in future non-NULL values will given information about any necessary IOMMU translation. DMA using devices must obtain a DMAContext (or, potentially, contexts) from their bus or platform. For now this patch just converts the PCI wrappers to be implemented in terms of the universal wrappers, converting other drivers can take place over time. Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro> Cc: Richard Henderson <rth@twiddle.net> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27Better support for dma_addr_t variablesDavid Gibson
A while back, we introduced the dma_addr_t type, which is supposed to be used for bus visible memory addresses. At present, this is an alias for target_phys_addr_t, but this will change when we eventually add support for guest visible IOMMUs. There are some instances of target_phys_addr_t in the code now which should really be dma_addr_t, but can't be trivially converted due to missing features which this patch corrects. * We add DMA_ADDR_BITS analagous to TARGET_PHYS_ADDR_BITS. This is important where we need to make a compile-time (#if) based on the size of dma_addr_t. * We add a new helper macro to create device properties which take a dma_addr_t, currently an alias to DEFINE_PROP_TADDR(). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27rtl8139: validate rx ring before receiving packetsJason Wang
Commit ff71f2e8cacefae99179993204172bc65e4303df prevent the possible crash during initialization of linux driver by checking the operating mode.This seems too strict as: - the real card could still work in mode other than normal - some buggy driver who does not set correct opmode after eeprom access So, considering rx ring address were reset to zero (which could be safely trated as an address not intened to DMA to), in order to both letting old guest work and preventing the unexpected DMA to guest, we can forbid packet receiving when rx ring address is zero. Tested-by: Avi Kivity <avi@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27Remove support for non-threaded VNC serverDaniel P. Berrange
QEMU now has a fundamental requirement for pthreads, so there is no compelling reason to retain support for the non-threaded VNC server. Remove the --{enable,disable}-vnc-thread configure arguments, and all CONFIG_VNC_THREAD conditionals Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27configure: Assure existence of linux-headers/ build directoryAndreas Färber
Commit ec5b06d (configure: ensure directory exists when creating symlinks) moved the creation of directories into the symlink() function but forgot the case where no symlink is created. This leads to build errors on arm Linux due to -I../linux-headers. Unbreak the build on arm Linux by reverting part of that commit. Signed-off-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27Makefile.target: Update clean command to clean hw/ directoryPeter Maydell
Now we create object files in a hierarchy under hw/, so the 'clean' target must also be updated to delete those object files. Rather than using a manual list of subdirectories which will easily drift out of date, we just delete all .o and .d files in the target directory hierarchy. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27qtest: fix infinite loop when QEMU aborts abruptlyAnthony Liguori
From Markus: Makes "make check" hang: QTEST_QEMU_BINARY=x86_64-softmmu/qemu-system-x86_64 gtester -k --verbose -m=quick tests/crash-test tests/rtc-test TEST: tests/crash-test... (pid=972) qemu-system-x86_64: Device needs media, but drive is empty [Nothing happens, wait a while, then hit ^C] make: *** [check-qtest-x86_64] Interrupt This was due to the fact that we weren't checked for errors when reading from the QMP socket. This patch adds appropriate error checking. Reported-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27qdev: fix use-after-free in the error path of qdev_init_nofailAnthony Liguori
From Markus: Before: $ qemu-system-x86_64 -display none -drive if=ide qemu-system-x86_64: Device needs media, but drive is empty qemu-system-x86_64: Initialization of device ide-hd failed [Exit 1 ] After: $ qemu-system-x86_64 -display none -drive if=ide qemu-system-x86_64: Device needs media, but drive is empty Segmentation fault (core dumped) [Exit 139 (SIGSEGV)] This error always existed as qdev_init() frees the object. But QOM goes a bit further and purposefully sets the class pointer to NULL to help find use-after-free. It worked :-) Cc: Andreas Faerber <afaerber@suse.de> Reported-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27MAINTAINERS: Added device treePeter A. G. Crosthwaite
Agreed between myself and Alex: http://lists.nongnu.org/archive/html/qemu-devel/2012-06/msg03561.html Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com> Acked-by: Alexander Graf <agraf@suse.de> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>