| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add two flash devices to the virt board, so that it can be used for
running guests which want a bootrom image such as UEFI. We provide
two flash devices to make it more convenient to provide both a
read-only UEFI image and a read-write place to store guest-set
UEFI config variables. The '-bios' command line option is set up
to provide an image for the first of the two flash devices.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1409930126-28449-2-git-send-email-ard.biesheuvel@linaro.org
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the missing input interrupt logic to the pl061 GPIO device. To
keep the floating output pins to stay high, the old state variable had to be
split into two separate ones for input and output - which brings the vmstate
version to 3.
Edge level interrupts and I/O were tested under Linux 3.14. Level interrupt
handling hasn't been tested.
Signed-off-by: Colin Leitner <colin.leitner@googlemail.com>
Message-id: 54024FD2.9080204@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add a property "linux,stdout-path" to the /chosen DT node and make
it point to the emulated UART. This allows users such as the Linux
kernel to produce console output without the need to pass console=
or earlycon=pl011,0x... command line arguments.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Message-id: 1409317439-29349-1-git-send-email-ard.biesheuvel@linaro.org
Reviewed-by: Rob Herring <rob.herring@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
into staging
console: pixman switchover continued, add some infrastructure to make it
easier using pixman in display device emulation.
# gpg: Signature made Fri 05 Sep 2014 14:38:57 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-console-20140905-2:
console: Remove unused QEMU_BIG_ENDIAN_FLAG
console: add qemu_pixman_linebuf_copy
console: add dpy_gfx_update_dirty
console: add qemu_create_displaysurface_guestmem
console: stop using PixelFormat
console: reimplement qemu_default_pixelformat
console: add qemu_default_pixman_format
console: add qemu_pixelformat_from_pixman
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
With this patch the qemu console core stops using PixelFormat and pixman
format codes side-by-side, pixman format code is the primary way to
specify the DisplaySurface format:
* DisplaySurface stops carrying a PixelFormat field.
* qemu_create_displaysurface_from() expects a pixman format now.
Functions to convert PixelFormat to pixman_format_code_t (and back)
exist for those who still use PixelFormat. As PixelFormat allows
easy access to masks and shifts it will probably continue to exist.
[ xenfb added by Benjamin Herrenschmidt ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
staging
xhci PCIe endpoint migration compatibility fix
# gpg: Signature made Wed 10 Sep 2014 06:35:20 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-usb-20140910-1:
xhci PCIe endpoint migration compatibility fix
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add back the PCIe config capabilities on XHCI cards in non-PCIe slots,
but only for machine types before 2.1.
This fixes a migration incompatibility in the XHCI PCI devices
caused by:
058fdcf52cdbf57b67e7 - xhci: add endpoint cap on express bus only
Note that in fixing it for compatibility with older QEMUs, it breaks
compatibility with existing QEMU 2.1's on older machine types.
The status before this patch was (if it used an XHCI adapter):
machine type | source qemu
any pre-2.1 - FAIL
any 2.1... - PASS
With this patch:
machine type | source qemu
any pre-2.1 - PASS
pre-2.1 2.1... - FAIL
2.1 2.1... - PASS
A test to trigger it is to add '-device nec-usb-xhci,id=xhci,addr=0x12'
to the command line.
Cc: qemu-stable@nongnu.org
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Both OpenBSD and FreeBSD SPARC64 attempt to read the interrupt map from the
hardware and will fail if the correct ino isn't present.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
staging
Block pull request
# gpg: Signature made Mon 08 Sep 2014 11:49:31 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>"
* remotes/stefanha/tags/block-pull-request: (24 commits)
ide: Add resize callback to ide/core
IDE: Fill the IDENTIFY request consistently
vmdk: fix buf leak in vmdk_parse_extents()
vmdk: fix vmdk_parse_extents() extent_file leaks
ide: Add wwn support to IDE-ATAPI drive
qtest/ide: Uninitialize PC allocator
libqos: add a simple first-fit memory allocator
MAINTAINERS: update sheepdog maintainer
qemu-nbd: fix indentation and coding style
qemu-nbd: add option to set detect-zeroes mode
rename parse_enum_option to qapi_enum_parse and make it public
block/archipelago: Use QEMU atomic builtins
qemu-img: fix rebase src_cache option documentation
qemu-img: clarify src_cache option documentation
libqos: Added EVENT_IDX support
libqos: Added MSI-X support
libqos: Added test case for configuration changes in virtio-blk test
libqos: Added indirect descriptor support to virtio implementation
libqos: Added basic virtqueue support to virtio implementation
tests: Add virtio device initialization
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Currently, if the block device backing the IDE drive is resized,
the information about the device as cached inside of the IDEState
structure is not updated, thus when a guest OS re-queries the drive,
it is unable to see the expanded size.
This patch adds a resize callback that updates the IDENTIFY data
buffer in order to correct this.
Lastly, a Linux guest as-is cannot resize a libata drive while in-use,
but it can see the expanded size as part of a bus rescan event.
This patch also allows guests such as Linux to see the new drive size
after a soft reboot event, without having to exit the QEMU process.
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
IDE-HD, IDE-ATAPI and IDE-CFATA all fill the
identify buffer in slightly different ways,
this is a relatively minor patch to make them
uniform, to emphasize that:
(1) We build the s->identify_data cache first, then
(2) We copy it to s->io_buffer to fulfill the request.
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Although it is possible to specify the wwn
property for cdrom devices on the command line,
the underlying driver fails to relay this information
to the guest operating system via IDENTIFY.
This is a simple patch to correct that.
See ATA8-ACS, Table 22 parts 5, 6, and 9.
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
A drive that backs a pflash device is special:
- it is very small,
- its entire contents are kept in a RAMBlock at all times, covering the
guest-phys address range that provides the guest's view of the emulated
flash chip.
The pflash device model keeps the drive (the host-side file) and the
guest-visible flash contents in sync. When migrating the guest, the
guest-visible flash contents (the RAMBlock) is migrated by default, but on
the target host, the drive (the host-side file) remains in full sync with
the RAMBlock only if:
- the source and target hosts share the storage underlying the pflash
drive,
- or the migration requests full or incremental block migration too, which
then covers all drives.
Due to the special nature of pflash drives, the following scenario makes
sense as well:
- no full nor incremental block migration, covering all drives, alongside
the base migration (justified eg. by shared storage for "normal" (big)
drives),
- non-shared storage for pflash drives.
In this case, currently only those portions of the flash drive are updated
on the target disk that the guest reprograms while running on the target
host.
In order to restore accord, dump the entire flash contents to the bdrv in
a post_load() callback.
- The read-only check follows the other call-sites of pflash_update();
- both "pfl->ro" and pflash_update() reflect / consider the case when
"pfl->bs" is NULL;
- the total size of the flash device is calculated as in
pflash_cfi01_realize().
When using shared storage, or requesting full or incremental block
migration along with the normal migration, the patch should incur a
harmless rewrite from the target side.
It is assumed that, on the target host, RAM is loaded ahead of the call to
pflash_post_load().
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
| | |/ /
| | |
| | |
| | |
| | | |
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
| |\ \ \
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
into staging
Patch queue for ppc - 2014-09-08
Alexander Graf (11):
PPC: KVM: Fix g3beige and mac99 when HV is loaded
PPC: mac99: Move NVRAM to page boundary when necessary
KVM: Add helper to run KVM_CHECK_EXTENSION on vm fd
PPC: KVM: Use vm check_extension for pv hcall
PPC: mac99: Fix core99 timer frequency
PPC: mac_nvram: Remove unused functions
PPC: mac_nvram: Allow 2 and 4 byte accesses
PPC: mac_nvram: Split NVRAM into OF and OSX parts
PPC: Mac: Move tbfreq into local variable
PPC: Cuda: Use cuda timer to expose tbfreq to guest
PPC: Fix default config ordering and add eTSEC for ppc64
Alexey Kardashevskiy (7):
spapr: Move DT memory node rendering to a helper
spapr: Use DT memory node rendering helper for other nodes
spapr: Refactor spapr_populate_memory() to allow memoryless nodes
spapr: Split memory nodes to power-of-two blocks
spapr: Add a helper for node0_size calculation
spapr: Fix ibm, associativity for memory nodes
spapr_pci: Fix config space corruption
Anton Blanchard (2):
spapr-vlan: Don't touch last entry in buffer list
hypervisor property clashes with hypervisor node
Benjamin Herrenschmidt (2):
loader: Add load_image_size() to replace load_image()
spapr: Locate RTAS and device-tree based on real RMA
Bharat Bhushan (4):
ppc: debug stub: Get trap instruction opcode from KVM
ppc: synchronize excp_vectors for injecting exception
ppc: Add software breakpoint support
ppc: Add hw breakpoint watchpoint support
Gonglei (1):
spapr: fix possible memory leak
Greg Kurz (1):
spapr_pci: map the MSI window in each PHB
Nikunj A Dadhania (3):
ppc: spapr-rtas - implement os-term rtas call
spapr: add uuid/host details to device tree
ppc/spapr: Fix MAX_CPUS to 255
Peter Maydell (1):
hw/ppc/spapr_hcall.c: Fix typo in function names
Tom Musta (20):
linux-user: Fix Stack Pointer Bug in PPC setup_rt_frame
linux-user: Split PPC Trampoline Encoding from Register Save
linux-user: Enable Signal Handlers on PPC64
linux-user: Properly Dereference PPC64 ELFv1 Signal Handler Pointer
linux-user: Implement do_setcontext for PPC64
linux-user: Handle PPC64 ELFv2 Function Pointers
target-ppc: Bug Fix: rlwinm
target-ppc: Bug Fix: rlwnm
target-ppc: Bug Fix: rlwimi
target-ppc: Bug Fix: mullwo
target-ppc: Bug Fix: mullw
target-ppc: Bug Fix: mulldo OV Detection
target-ppc: Bug Fix: srawi
target-ppc: Bug Fix: srad
target-ppc: Special Case of rlwimi Should Use Deposit
target-ppc: Optimize rlwinm MB=0 ME=31
target-ppc: Optimize rlwnm MB=0 ME=31
target-ppc: Clean Up mullw
target-ppc: Clean up mullwo
target-ppc: Implement mulldo with TCG
# gpg: Signature made Mon 08 Sep 2014 11:51:15 BST using RSA key ID 03FEDC60
# gpg: Can't check signature: public key not found
* remotes/agraf/tags/signed-ppc-for-upstream: (52 commits)
hypervisor property clashes with hypervisor node
PPC: Fix default config ordering and add eTSEC for ppc64
spapr_pci: map the MSI window in each PHB
target-ppc: Implement mulldo with TCG
target-ppc: Clean up mullwo
target-ppc: Clean Up mullw
target-ppc: Optimize rlwnm MB=0 ME=31
target-ppc: Optimize rlwinm MB=0 ME=31
target-ppc: Special Case of rlwimi Should Use Deposit
spapr-vlan: Don't touch last entry in buffer list
spapr_pci: Fix config space corruption
PPC: Cuda: Use cuda timer to expose tbfreq to guest
PPC: Mac: Move tbfreq into local variable
PPC: mac_nvram: Split NVRAM into OF and OSX parts
PPC: mac_nvram: Allow 2 and 4 byte accesses
PPC: mac_nvram: Remove unused functions
PPC: mac99: Fix core99 timer frequency
PPC: KVM: Use vm check_extension for pv hcall
KVM: Add helper to run KVM_CHECK_EXTENSION on vm fd
target-ppc: Bug Fix: srad
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
dtc fails on a recent QEMU snapshot:
ERROR (name_properties): "name" property in /hypervisor#1 is incorrect ("hypervisor" instead of base node name)
Looking at the device tree we have a hypervisor property:
# lsprop hypervisor
hypervisor "kvm"
But we also have a hypervisor node, with a name that doesn't match:
# lsprop hypervisor#1/
name "hypervisor"
compatible "linux,kvm"
linux,phandle 7e5eb5d8 (2120136152)
Commit c08ce91d309c (spapr: add uuid/host details to device tree)
looks to have collided with an earlier patch. Remove the hypervisor
property.
Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
On sPAPR, virtio devices are connected to the PCI bus and use MSI-X.
Commit cc943c36faa192cd4b32af8fe5edb31894017d35 has modified MSI-X
so that writes are made using the bus master address space and follow
the IOMMU path.
Unfortunately, the IOMMU address space address space does not have an
MSI window: the notification is silently dropped in unassigned_mem_write
instead of reaching the guest... The most visible effect is that all
virtio devices are non-functional on sPAPR since then. :(
This patch does the following:
1) map the MSI window into the IOMMU address space for each PHB
- since each PHB instantiates its own IOMMU address space, we
can safely map the window at a fixed address (SPAPR_PCI_MSI_WINDOW)
- no real need to keep the MSI window setup in a separate function,
the spapr_pci_msi_init() code moves to spapr_phb_realize().
2) kill the global MSI window as it is not needed in the end
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The last 8 bytes of the buffer list is defined to contain the number
of dropped frames. At the moment we use it to store rx entries,
which trips up ethtool -S:
rx_no_buffer: 9223380832981355136
Fix this by skipping the last buffer list entry.
Signed-off-by: Anton Blanchard <anton@samba.org>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When disabling MSI/MSIX via "ibm,change-msi" RTAS call, no check was made
if MSI or MSIX is actually supported and the MSI message was reset
unconditionally. If this happened on a device which does not support MSI
(but does support MSIX, otherwise "ibm,change-msi" would not be called),
this device would have PCIDevice::msi_cap field (MSI capability offset)
set to zero and writing a vector would actually clear PCI status.
This clears MSI message only if MSI or MSIX is present on a device.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Mac OS X calibrates a number of frequencies on bootup based on reading
tb values on bootup and comparing them to via cuda timer values.
The only variable we can really steer well (thanks to KVM) is the cuda
frequency. So let's use that one to fake Mac OS X into believing the
bus frequency is tbfreq * 4. That way Mac OS X will automatically
calculate the correct timebase frequency.
With this patch and the patch set I posted earlier I can successfully
run Mac OS X 10.2, 10.3 and 10.4 guests with -M mac99 on TCG and KVM.
Suggested-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We already expose the real CPU's tb frequency to the guest via fw_cfg. Soon
we will need to also expose it to the MacIO, so let's move it to a variable
that we can leverage every time we need the frequency.
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Mac OS X (at least with -M mac99) searches for a valid NVRAM partition
of a special Apple type. If it can't find that partition in the first
half of NVRAM, it will look at the second half.
There are a few implications from this. The first is that we need to
split NVRAM into 2 halves - one for Open Firmware use, the other one for
Mac OS X. Without this split Mac OS X will just loop endlessly over the
second half trying to find a partition.
The other implication is that we should provide a specially crafted Mac
OS X compatible NVRAM partition on the second half that Mac OS X can
happily use as it sees fit.
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The NVRAM in our Core99 machine really supports 2byte and 4byte accesses
just as well as 1byte accesses. In fact, Mac OS X uses those.
Add support for higher register size granularities.
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
The macio_nvram_read and macio_nvram_write functions are never called,
just remove them.
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
There is a special timer in the mac99 machine that we recently started
to emulate. Unfortunately we emulated it in the wrong frequency.
This patch adapts the frequency Mac OS X uses to evaluate results from
this timer, making calculations it bases off of it work.
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
MAX_CPUS 256 is inconsistent with qemu supporting upto 255 cpus. This
MAX_CPUS number was percolated back to "virsh capabilities" with wrong
max_cpus.
Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We currently calculate the final RTAS and FDT location based on
the early estimate of the RMA size, cropped to 256M on KVM since
we only know the real RMA size at reset time which happens much
later in the boot process.
This means the FDT and RTAS end up right below 256M while they
could be much higher, using precious RMA space and limiting
what the OS bootloader can put there which has proved to be
a problem with some OSes (such as when using very large initrd's)
Fortunately, we do the actual copy of the device-tree into guest
memory much later, during reset, late enough to be able to do it
using the final RMA value, we just need to move the calculation
to the right place.
However, RTAS is still loaded too early, so we change the code to
load the tiny blob into qemu memory early on, and then copy it into
guest memory at reset time. It's small enough that the memory usage
doesn't matter.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
[aik: fixed errors from checkpatch.pl, defined RTAS_MAX_ADDR]
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
[agraf: fix compilation on 32bit hosts]
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A subsequent patch to ppc/spapr needs to load the RTAS blob into
qemu memory rather than target memory (so it can later be copied
into the right spot at machine reset time).
I would use load_image() but it is marked deprecated because it
doesn't take a buffer size as argument, so let's add load_image_size()
that does.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
[aik: fixed errors from checkpatch.pl]
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We want the associtivity lists of memory and CPU nodes to match but
memory nodes have incorrect domain#3 which is zero for CPU so they won't
match.
This clears domain#3 in the list to match CPUs associtivity lists.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In multiple places there is a node0_size variable calculation
which assumes that NUMA node #0 and memory node #0 are the same
things which they are not. Since we are going to change it and
do not want to change it in multiple places, let's make a helper.
This adds a spapr_node0_size() helper and makes use of it.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Linux kernel expects nodes to have power-of-two size and
does WARN_ON if this is not the case:
[ 0.041456] WARNING: at drivers/base/memory.c:115
which is:
===
/* Validate blk_sz is a power of 2 and not less than section size */
if ((block_sz & (block_sz - 1)) || (block_sz < MIN_MEMORY_BLOCK_SIZE)) {
WARN_ON(1);
block_sz = MIN_MEMORY_BLOCK_SIZE;
}
===
This splits memory nodes into set of smaller blocks with
a size which is a power of two. This makes sure the start
address of every node is aligned to the node size.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
[agraf: squash windows compile fix in]
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Current QEMU does not support memoryless NUMA nodes, however
actual hardware may have them so it makes sense to have a way
to emulate them in QEMU. This prepares SPAPR for that.
This moves 2 calls of spapr_populate_memory_node() into
the existing loop over numa nodes so first several nodes may
have no memory and this still will work.
If there is no numa configuration, the code assumes there is just
a single node at 0 and it has all the guest memory.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This finishes refactoring by using the spapr_populate_memory_node helper
for all nodes and removing leftovers from spapr_populate_memory().
This is not a part of the previous patch because the patches look
nicer apart.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This moves recurring bits of code related to memory@xxx nodes
creation to a helper.
This makes use of the new helper for node@0.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
get_boot_devices_list() will malloc memory, spapr_finalize_fdt
doesn't free it.
Signed-off-by: Chenliang <chenliang88@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When running KVM we have to adhere to host page boundaries for memory slots.
Unfortunately the NVRAM on mac99 is a 4k RAM hole inside of an MMIO flash
area.
So if our host is configured with 64k page size, we can't use the mac99 target
with KVM. This is a real shame, as this limitation is not really an issue - we
can easily map NVRAM somewhere else and at least Linux and Mac OS X use it
at their new location.
So in that emergency case when it's about failing to run at all and moving NVRAM
to a place it shouldn't be at, choose the latter.
This patch enables -M mac99 with KVM on 64k page size hosts.
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Useful for identifying the guest/host uniquely within the
guest. Adding following properties to the guest root node.
vm,uuid - uuid of the guest
host-model - Host model number
host-serial - Host machine serial number
hypervisor type - Tells its "kvm"
Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fix a typo in the names of a couple of functions
(s/resouce/resource/).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
PAPR compliant guest calls this in absence of kdump. This finally
reaches the guest and can be handled according to the policies set by
higher level tools(like taking dump) for further analysis by tools like
crash.
Linux kernel calls ibm,os-term when extended property of os-term is set.
This makes sure that a return to the linux kernel is gauranteed.
Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
[agraf: reduce RTAS_TOKEN_MAX]
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
On PPC we have 2 different styles of KVM: PR and HV. HV can only virtualize
sPAPR guests while PR can virtualize everything that's reasonably close to
the host hardware platform.
As long as only one kernel module (PR or HV) is loaded, the "default" kvm type
is the module that's loaded. So if your hardware only supports PR mode you can
easily spawn a Mac VM.
However, if both HV and PR are loaded we default to HV mode. And in that case
the Mac machines have to explicitly ask for PR mode to get a working VM.
Fix this up by explicitly having the Mac machines ask for PR style KVM. This
fixes bootup of Mac VMs on systems where bot HV and PR kvm modules are loaded
for me.
Signed-off-by: Alexander Graf <agraf@suse.de>
|
| |\ \ \
| |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
'remotes/kraxel/tags/pull-cve-2014-3615-20140905-1' into staging
CVE-2014-3615: fix sanity checks in vbe (bochs dispi) and spice.
# gpg: Signature made Fri 05 Sep 2014 12:18:04 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>"
* remotes/kraxel/tags/pull-cve-2014-3615-20140905-1:
spice: make sure we don't overflow ssd->buf
vbe: rework sanity checks
vbe: make bochs dispi interface return the correct memory size with qxl
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Plug a bunch of holes in the bochs dispi interface parameter checking.
Add a function doing verification on all registers. Call that
unconditionally on every register write. That way we should catch
everything, even changing one register affecting the valid range of
another register.
Some of the holes have been added by commit
e9c6149f6ae6873f14a12eea554925b6aa4c4dec. Before that commit the
maximum possible framebuffer (VBE_DISPI_MAX_XRES * VBE_DISPI_MAX_YRES *
32 bpp) has been smaller than the qemu vga memory (8MB) and the checking
for VBE_DISPI_MAX_XRES + VBE_DISPI_MAX_YRES + VBE_DISPI_MAX_BPP was ok.
Some of the holes have been there forever, such as
VBE_DISPI_INDEX_X_OFFSET and VBE_DISPI_INDEX_Y_OFFSET register writes
lacking any verification.
Security impact:
(1) Guest can make the ui (gtk/vnc/...) use memory rages outside the vga
frame buffer as source -> host memory leak. Memory isn't leaked to
the guest but to the vnc client though.
(2) Qemu will segfault in case the memory range happens to include
unmapped areas -> Guest can DoS itself.
The guest can not modify host memory, so I don't think this can be used
by the guest to escape.
CVE-2014-3615
Cc: qemu-stable@nongnu.org
Cc: secalert@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
VgaState->vram_size is the size of the pci bar. In case of qxl not the
whole pci bar can be used as vga framebuffer. Add a new variable
vbe_size to handle that case. By default (if unset) it equals
vram_size, but qxl can set vbe_size to something else.
This makes sure VBE_DISPI_INDEX_VIDEO_MEMORY_64K returns correct results
and sanity checks are done with the correct size too.
Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
into staging
QOM infrastructure fixes and device conversions
* Cleanups for recursive device unrealization
# gpg: Signature made Thu 04 Sep 2014 18:17:35 BST using RSA key ID 3E7E013F
# gpg: Good signature from "Andreas Färber <afaerber@suse.de>"
# gpg: aka "Andreas Färber <afaerber@suse.com>"
* remotes/afaerber/tags/qom-devices-for-peter:
qdev: Add cleanup logic in device_set_realized() to avoid resource leak
qdev: Use NULL instead of local_err for qbus_child unrealize
qdev: Use error_abort instead of using local_err
memory: Remove object_property_add_child_array()
qom: Add automatic arrayification to object_property_add()
machine: Clean up -machine handling
qom: Make object_child_foreach() safe for objects removal
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
At present, this function doesn't have partial cleanup implemented,
which will cause resource leaks in some scenarios.
Example:
1. Assume that "dc->realize(dev, &local_err)" executes successful
and local_err == NULL;
2. device hotplug in hotplug_handler_plug() executes but fails
(it is prone to occur). Then local_err != NULL;
3. error_propagate(errp, local_err) and return. But the resources
which have been allocated in dc->realize() will be leaked.
Simple backtrace:
dc->realize()
|->device_realize
|->pci_qdev_init()
|->do_pci_register_device()
|->etc.
Add fuller cleanup logic which assures that function can
goto appropriate error label as local_err population is
detected at each relevant point.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Forcefully unrealize all children regardless of errors in earlier
iterations (if any). We should keep going with cleanup operation
rather than report an error immediately. Therefore store the first
child unrealization failure and propagate it at the end. We also
forcefully unregister vmsd and unrealize actual object, too.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This error can not happen normally. If it happens, it indicates
something very wrong, we should abort QEMU. Moreover, the
user can only refer to /machine/peripheral or /objects, not
/machine/unattached.
While at it, remove superfluous check about local_err.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* remotes/kvaneesh/for-upstream:
hw/9pfs: Don't return type from host in readdir on local 9p filesystem
hw/9pfs: Use little-endian format for xattr values
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When using mapped mode in 9pfs, readdir implementation
should not return file type in d_type from the host
readdir, instead, it should use the type stored in
the extended attributes. Since d_type is optional
and reading ext attrs for every readdir is expensive,
it should be sufficient to just set d_type to DT_UNKNOWN,
so guest will know to look it up separately.
This is a -stable material.
Signed-off-by: Bastian Blank <waldi@debian.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
With security_model=mapped-xattr, we encode the uid,gid and other file
attributes as extended attributes of the file. We save them under
user.virtfs.* namespace.
Use little-endian encoding for on-disk values. This enables us to export
the same directory from both little-endian and big-endian hosts.
NOTE: This will break big-endian host that have virtFS exports
using security model mapped-xattr. They will have to use external tools
to convert the xattr to little-endian format.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
|
