Re: [Qemu-devel] [PATCH] main-loop: Add missing include file
On 10/24/2011 10:34 PM, Stefan Weil wrote: Am 24.10.2011 21:43, schrieb Anthony Liguori: On 10/24/2011 02:39 PM, Stefan Weil wrote: stdint.h defines the POSIX data types and is needed for MinGW-w64 (and maybe other hosts). Signed-off-by: Stefan Weil --- main-loop.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/main-loop.c b/main-loop.c index bfecdb7..d9585f8 100644 --- a/main-loop.c +++ b/main-loop.c @@ -22,6 +22,7 @@ * THE SOFTWARE. */ #include "config-host.h" +#include /* uint8_t, ... */ Any reason not to use qemu-common? I don't know any reason and forward your question to Paolo. Either is fine. Paolo
[Qemu-devel] [PATCH] target-sparc: Fix use of g_new0 / g_free
g_malloc0 needs g_free instead of free.
While fixing this, I also replaced g_malloc0 by g_new0
as was suggested by Stuart Brady.
Cc: Blue Swirl
Signed-off-by: Stefan Weil
---
target-sparc/cpu_init.c |8
1 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/target-sparc/cpu_init.c b/target-sparc/cpu_init.c
index 08b72a9..6954800 100644
--- a/target-sparc/cpu_init.c
+++ b/target-sparc/cpu_init.c
@@ -74,7 +74,7 @@ static int cpu_sparc_register(CPUSPARCState *env, const char
*cpu_model)
return -1;
}
-env->def = g_malloc0(sizeof(*def));
+env->def = g_new0(sparc_def_t, 1);
memcpy(env->def, def, sizeof(*def));
#if defined(CONFIG_USER_ONLY)
if ((env->def->features & CPU_FEATURE_FLOAT)) {
@@ -100,15 +100,15 @@ static int cpu_sparc_register(CPUSPARCState *env, const
char *cpu_model)
static void cpu_sparc_close(CPUSPARCState *env)
{
-free(env->def);
-free(env);
+g_free(env->def);
+g_free(env);
}
CPUSPARCState *cpu_sparc_init(const char *cpu_model)
{
CPUSPARCState *env;
-env = g_malloc0(sizeof(CPUSPARCState));
+env = g_new0(CPUSPARCState, 1);
cpu_exec_init(env);
gen_intermediate_code_init(env);
--
1.7.2.5
[Qemu-devel] [PATCH] ppc: Alter CPU state to mask out TCG unimplemented instructions as appropriate
The CPU state contains two bitmaps, initialized from the CPU spec
which describes which instructions are implemented on the CPU. A
couple of bits are defined which cover instructions (VSX and DFP)
which are not currently implemented in TCG. So far, these are only
used to handle the case of -cpu host because a KVM guest can use
the instructions when the host CPU supports them.
However, it's a mild layering violation to simply not include those
bits in the CPU descriptions for those CPUs that do support them,
just because we can't handle them in TCG. This patch corrects the
situation, so that the instruction bits _are_ shown correctly in the
cpu spec table, but are masked out from the cpu state in the non-KVM
case.
Signed-off-by: David Gibson
---
target-ppc/cpu.h| 26 ++
target-ppc/translate_init.c | 20 +---
2 files changed, 43 insertions(+), 3 deletions(-)
diff --git a/target-ppc/cpu.h b/target-ppc/cpu.h
index 3ef4eba..e84108c 100644
--- a/target-ppc/cpu.h
+++ b/target-ppc/cpu.h
@@ -1856,6 +1856,30 @@ enum {
/* popcntw and popcntd instructions */
PPC_POPCNTWD = 0x8000ULL,
+#define PPC_TCG_INSNS (PPC_INSNS_BASE | PPC_POWER | PPC_POWER2 \
+| PPC_POWER_RTC | PPC_POWER_BR | PPC_64B \
+| PPC_64BX | PPC_64H | PPC_WAIT | PPC_MFTB \
+| PPC_602_SPEC | PPC_ISEL | PPC_POPCNTB \
+| PPC_STRING | PPC_FLOAT | PPC_FLOAT_EXT \
+| PPC_FLOAT_FSQRT | PPC_FLOAT_FRES \
+| PPC_FLOAT_FRSQRTE | PPC_FLOAT_FRSQRTES \
+| PPC_FLOAT_FSEL | PPC_FLOAT_STFIWX \
+| PPC_ALTIVEC | PPC_SPE | PPC_SPE_SINGLE \
+| PPC_SPE_DOUBLE | PPC_MEM_TLBIA \
+| PPC_MEM_TLBIE | PPC_MEM_TLBSYNC \
+| PPC_MEM_SYNC | PPC_MEM_EIEIO \
+| PPC_CACHE | PPC_CACHE_ICBI \
+| PPC_CACHE_DCBZ | PPC_CACHE_DCBZT \
+| PPC_CACHE_DCBA | PPC_CACHE_LOCK \
+| PPC_EXTERN | PPC_SEGMENT | PPC_6xx_TLB \
+| PPC_74xx_TLB | PPC_40x_TLB | PPC_SEGMENT_64B \
+| PPC_SLBI | PPC_WRTEE | PPC_40x_EXCP \
+| PPC_405_MAC | PPC_440_SPEC | PPC_BOOKE \
+| PPC_MFAPIDI | PPC_TLBIVA | PPC_TLBIVAX \
+| PPC_4xx_COMMON | PPC_40x_ICBT | PPC_RFMCI \
+| PPC_RFDI | PPC_DCR | PPC_DCRX | PPC_DCRUX \
+| PPC_POPCNTWD)
+
/* extended type values */
/* BookE 2.06 PowerPC specification */
@@ -1864,6 +1888,8 @@ enum {
PPC2_VSX = 0x0002ULL,
/* Decimal Floating Point (DFP) */
PPC2_DFP = 0x0004ULL,
+
+#define PPC_TCG_INSNS2 (PPC2_BOOKE206)
};
/*/
diff --git a/target-ppc/translate_init.c b/target-ppc/translate_init.c
index 4dfd7f3..854bc65 100644
--- a/target-ppc/translate_init.c
+++ b/target-ppc/translate_init.c
@@ -6519,9 +6519,7 @@ static void init_proc_970MP (CPUPPCState *env)
PPC_64B | PPC_ALTIVEC | \
PPC_SEGMENT_64B | PPC_SLBI |\
PPC_POPCNTB | PPC_POPCNTWD)
-/* FIXME: Should also have PPC2_VSX and PPC2_DFP, but we don't
- * implement those in TCG yet */
-#define POWERPC_INSNS2_POWER7 (PPC_NONE)
+#define POWERPC_INSNS2_POWER7 (PPC2_VSX | PPC2_DFP)
#define POWERPC_MSRM_POWER7 (0x8204FF36ULL)
#define POWERPC_MMU_POWER7(POWERPC_MMU_2_06)
#define POWERPC_EXCP_POWER7 (POWERPC_EXCP_POWER7)
@@ -9848,6 +9846,22 @@ int cpu_ppc_register_internal (CPUPPCState *env, const
ppc_def_t *def)
env->bus_model = def->bus_model;
env->insns_flags = def->insns_flags;
env->insns_flags2 = def->insns_flags2;
+if (!kvm_enabled()) {
+/* TCG doesn't (yet) emulate some groups of instructions that
+ * are implemented on some otherwise supported CPUs (e.g. VSX
+ * and decimal floating point instructions on POWER7). We
+ * remove unsupported instruction groups from the cpu state's
+ * instruction masks and hope the guest can cope. For at
+ * least the pseries machine, the unavailability of these
+ * instructions can be advertise to the guest via the device
+ * tree.
+ *
+ * FIXME: we should have a similar masking for CPU features
+ * not accessible under KVM, but so far, there aren't any of
+ * those. */
+env->insns_flags &= PPC_TCG_INSNS;
+env->insns_flags2 &= PPC_TCG_INSNS2;
+}
env->
Re: [Qemu-devel] [Qemu-ppc] [PATCH] ppc: Alter CPU state to mask out TCG unimplemented instructions as appropriate
On Tue, Oct 25, 2011 at 01:33:49PM +1100, David Gibson wrote: > The CPU state contains two bitmaps, initialized from the CPU spec > which describes which instructions are implemented on the CPU. A > couple of bits are defined which cover instructions (VSX and DFP) > which are not currently implemented in TCG. So far, these are only > used to handle the case of -cpu host because a KVM guest can use > the instructions when the host CPU supports them. > > However, it's a mild layering violation to simply not include those > bits in the CPU descriptions for those CPUs that do support them, > just because we can't handle them in TCG. This patch corrects the > situation, so that the instruction bits _are_ shown correctly in the > cpu spec table, but are masked out from the cpu state in the non-KVM > case. > > Signed-off-by: David Gibson Sorry, disregard, there's a bug in it. Working on it now. -- David Gibson| I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson
Re: [Qemu-devel] [RFC v2 PATCH 5/4 PATCH] virtio-net: send gratuitous packet when needed
On 10/24/2011 01:25 PM, Michael S. Tsirkin wrote: > On Mon, Oct 24, 2011 at 02:54:59PM +1030, Rusty Russell wrote: >> On Sat, 22 Oct 2011 13:43:11 +0800, Jason Wang wrote: >>> This make let virtio-net driver can send gratituous packet by a new >>> config bit - VIRTIO_NET_S_ANNOUNCE in each config update >>> interrupt. When this bit is set by backend, the driver would schedule >>> a workqueue to send gratituous packet through NETDEV_NOTIFY_PEERS. >>> >>> This feature is negotiated through bit VIRTIO_NET_F_GUEST_ANNOUNCE. >>> >>> Signed-off-by: Jason Wang >> >> This seems like a huge layering violation. Imagine this in real >> hardware, for example. > > commits 06c4648d46d1b757d6b9591a86810be79818b60c > and 99606477a5888b0ead0284fecb13417b1da8e3af > document the need for this: > > NETDEV_NOTIFY_PEERS notifier indicates that a device moved to a > different physical link. > and > In real hardware such notifications are only > generated when the device comes up or the address changes. > > So hypervisor could get the same behaviour by sending link up/down > events, this is just an optimization so guest won't do > unecessary stuff like try to reconfigure an IP address. > > > Maybe LOCATION_CHANGE would be a better name? > ANNOUNCE_SELF? > >> There may be a good reason why virtual devices might want this kind of >> reconfiguration cheat, which is unnecessary for normal machines, > > I think yes, the difference with real hardware is guest can change > location without link getting dropped. > FWIW, Xen seems to use this capability too. So does ms netvsc. > >> but >> it'd have to be spelled out clearly in the spec to justify it... >> >> Cheers, >> Rusty. > > Agree, and I'd like to see the spec too. The interface seems > to involve the guest clearing the status bit when it detects > an event? I would describe this in spec. The interface need guest to clear the status bit, this would let the back-end know it has finished the work as we may need to send the gratuitous packets many times. > > Also - how does it interact with the link up event? > We probably don't want to schedule this when we detect > a link status change or during initialization, as > this patch seems to do? What if link goes down > while the work is running? Is that OK? > Looks like there's are duplications if guest enable arp_notify vm is started, but we need to handle the situation that resuming a stopped virtual machine. For the link down race, I don't see any real issue, either dropping or queued.
[Qemu-devel] buildbot failure in qemu on qmp_x86_64_debian_6_0
The Buildbot has detected a new failure on builder qmp_x86_64_debian_6_0 while building qemu. Full details are available at: http://buildbot.b1-systems.de/qemu/builders/qmp_x86_64_debian_6_0/builds/71 Buildbot URL: http://buildbot.b1-systems.de/qemu/ Buildslave for this Build: yuzuki Build Reason: The Nightly scheduler named 'nightly_qmp' triggered this build Build Source Stamp: [branch queue/qmp] HEAD Blamelist: BUILD FAILED: failed git sincerely, -The Buildbot
[Qemu-devel] buildbot failure in qemu on qmp_i386_debian_6_0
The Buildbot has detected a new failure on builder qmp_i386_debian_6_0 while building qemu. Full details are available at: http://buildbot.b1-systems.de/qemu/builders/qmp_i386_debian_6_0/builds/71 Buildbot URL: http://buildbot.b1-systems.de/qemu/ Buildslave for this Build: yuzuki Build Reason: The Nightly scheduler named 'nightly_qmp' triggered this build Build Source Stamp: [branch queue/qmp] HEAD Blamelist: BUILD FAILED: failed git sincerely, -The Buildbot
[Qemu-devel] [PATCH] ppc: Alter CPU state to mask out TCG unimplemented instructions as appropriate
The CPU state contains two bitmaps, initialized from the CPU spec
which describes which instructions are implemented on the CPU. A
couple of bits are defined which cover instructions (VSX and DFP)
which are not currently implemented in TCG. So far, these are only
used to handle the case of -cpu host because a KVM guest can use
the instructions when the host CPU supports them.
However, it's a mild layering violation to simply not include those
bits in the CPU descriptions for those CPUs that do support them,
just because we can't handle them in TCG. This patch corrects the
situation, so that the instruction bits _are_ shown correctly in the
cpu spec table, but are masked out from the cpu state in the non-KVM
case.
Signed-off-by: David Gibson
---
target-ppc/cpu.h| 26 ++
target-ppc/translate_init.c | 20 +---
2 files changed, 43 insertions(+), 3 deletions(-)
diff --git a/target-ppc/cpu.h b/target-ppc/cpu.h
index 3ef4eba..0b183d7 100644
--- a/target-ppc/cpu.h
+++ b/target-ppc/cpu.h
@@ -1856,6 +1856,30 @@ enum {
/* popcntw and popcntd instructions */
PPC_POPCNTWD = 0x8000ULL,
+#define PPC_TCG_INSNS (PPC_INSNS_BASE | PPC_POWER | PPC_POWER2 \
+| PPC_POWER_RTC | PPC_POWER_BR | PPC_64B \
+| PPC_64BX | PPC_64H | PPC_WAIT | PPC_MFTB \
+| PPC_602_SPEC | PPC_ISEL | PPC_POPCNTB \
+| PPC_STRING | PPC_FLOAT | PPC_FLOAT_EXT \
+| PPC_FLOAT_FSQRT | PPC_FLOAT_FRES \
+| PPC_FLOAT_FRSQRTE | PPC_FLOAT_FRSQRTES \
+| PPC_FLOAT_FSEL | PPC_FLOAT_STFIWX \
+| PPC_ALTIVEC | PPC_SPE | PPC_SPE_SINGLE \
+| PPC_SPE_DOUBLE | PPC_MEM_TLBIA \
+| PPC_MEM_TLBIE | PPC_MEM_TLBSYNC \
+| PPC_MEM_SYNC | PPC_MEM_EIEIO \
+| PPC_CACHE | PPC_CACHE_ICBI \
+| PPC_CACHE_DCBZ | PPC_CACHE_DCBZT \
+| PPC_CACHE_DCBA | PPC_CACHE_LOCK \
+| PPC_EXTERN | PPC_SEGMENT | PPC_6xx_TLB \
+| PPC_74xx_TLB | PPC_40x_TLB | PPC_SEGMENT_64B \
+| PPC_SLBI | PPC_WRTEE | PPC_40x_EXCP \
+| PPC_405_MAC | PPC_440_SPEC | PPC_BOOKE \
+| PPC_MFAPIDI | PPC_TLBIVA | PPC_TLBIVAX \
+| PPC_4xx_COMMON | PPC_40x_ICBT | PPC_RFMCI \
+| PPC_RFDI | PPC_DCR | PPC_DCRX | PPC_DCRUX \
+| PPC_POPCNTWD)
+
/* extended type values */
/* BookE 2.06 PowerPC specification */
@@ -1864,6 +1888,8 @@ enum {
PPC2_VSX = 0x0002ULL,
/* Decimal Floating Point (DFP) */
PPC2_DFP = 0x0004ULL,
+
+#define PPC_TCG_INSNS2 (PPC2_BOOKE206 | PPC2_VSX | PPC2_DFP)
};
/*/
diff --git a/target-ppc/translate_init.c b/target-ppc/translate_init.c
index 4dfd7f3..854bc65 100644
--- a/target-ppc/translate_init.c
+++ b/target-ppc/translate_init.c
@@ -6519,9 +6519,7 @@ static void init_proc_970MP (CPUPPCState *env)
PPC_64B | PPC_ALTIVEC | \
PPC_SEGMENT_64B | PPC_SLBI |\
PPC_POPCNTB | PPC_POPCNTWD)
-/* FIXME: Should also have PPC2_VSX and PPC2_DFP, but we don't
- * implement those in TCG yet */
-#define POWERPC_INSNS2_POWER7 (PPC_NONE)
+#define POWERPC_INSNS2_POWER7 (PPC2_VSX | PPC2_DFP)
#define POWERPC_MSRM_POWER7 (0x8204FF36ULL)
#define POWERPC_MMU_POWER7(POWERPC_MMU_2_06)
#define POWERPC_EXCP_POWER7 (POWERPC_EXCP_POWER7)
@@ -9848,6 +9846,22 @@ int cpu_ppc_register_internal (CPUPPCState *env, const
ppc_def_t *def)
env->bus_model = def->bus_model;
env->insns_flags = def->insns_flags;
env->insns_flags2 = def->insns_flags2;
+if (!kvm_enabled()) {
+/* TCG doesn't (yet) emulate some groups of instructions that
+ * are implemented on some otherwise supported CPUs (e.g. VSX
+ * and decimal floating point instructions on POWER7). We
+ * remove unsupported instruction groups from the cpu state's
+ * instruction masks and hope the guest can cope. For at
+ * least the pseries machine, the unavailability of these
+ * instructions can be advertise to the guest via the device
+ * tree.
+ *
+ * FIXME: we should have a similar masking for CPU features
+ * not accessible under KVM, but so far, there aren't any of
+ * those. */
+env->insns_flags &= PPC_TCG_INSNS;
+env->insns_flags2 &= PPC_TCG_INSN
Re: [Qemu-devel] [PATCH] Add Qemu A15 minimal support for ARM KVM
On 2011年10月24日 22:09, Peter Maydell wrote: On 29 September 2011 08:30, wrote: From: Bill Carson This patch add some A15 codes which enables ARM KVM could run Guest OS build with Versatile Express Cortex-A15x4 tile. Thanks for sending this; I have somewhat belatedly written up some comments on it. I see the a15mpcore.c code is based on a version of mpcore.c which predates the MemoryRegion API changes -- we'll need to update it to use MemoryRegions. OK, I will make it updated. There are some relics of 11MPCore peripherals lurking in there which need to be taken out. (I think we should probably clean up mpcore.c to separate out A9 from 11MPCore, incidentally.) The vexpress A9 and A15 init functions can probably share code although I haven't looked too closely there. Neither did I :) Anyway I will dig the code harder. For QEMU TCG we're going to want to model at least some of the cp15 registers (although probably mostly dummy implementations). I'm not focusing on this by now, if this a MUST, I will try to do it. The A15 generic timer is accessed via cp15 registers rather than being memory mapped -- we need to decide which side of the KVM/QEMU boundary the model of that should live. (I'm guessing the right answer is "qemu side" which means we'll need an ABI between KVM and QEMU to pass (some) cp15 accesses through.) right! Current arch timer implementation will first check whether arch timer is implemented *AND* whether arch timer frequency is set by security firmware. If no arch timer available, SP804 will be used as clock source/event, that's what I am using so far. If generic timer need to be supported, this will fall into QEMU side, with the help of KVM trapping any cp15 timer access. Anther issue is virtual timer support, I haven't make a clear picture how virtual timer hardware fit into KVM smoothly, so let's focus on what you proposed. Anyway thanks for your suggestions, I will move on to next version to review :) thanks again -- PMM -- I am a slow learner but I will keep trying to fight for my dreams! --bill
Re: [Qemu-devel] [Question] dump memory when host pci device is used by guest
At 10/24/2011 11:58 PM, Dave Anderson Write: > > > - Original Message - > No, an ELF image of the guest's physical memory. >>> >>> Well then that should be pretty straight forward to support. Depending upon >>> how similar it would be to the "standard" kdump ELF format, the only other >>> issue is how to determine the physical base address at which the kernel is >>> loaded, in order to be able to translate the mapped kernel-text/static-data >>> virtual region of the x86_64 arch (the __START_KERNEL_map region). >>> >> >> I guess an elf note would work for that? > > Right -- here is an example of a RHEL6 ELF kdump header: Hi, Jan Is gdb standard core file like the following format? Does gdb support this format? If yes, I think the dump command can output the guest physical memory in the following format, and we can use both gdb and crash to analyze it. > > $ readelf -a vmcore > ELF Header: > Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 > Class: ELF64 > Data: 2's complement, little endian > Version: 1 (current) > OS/ABI:UNIX - System V > ABI Version: 0 > Type: CORE (Core file) > Machine: Advanced Micro Devices X86-64 > Version: 0x1 > Entry point address: 0x0 > Start of program headers: 64 (bytes into file) > Start of section headers: 0 (bytes into file) > Flags: 0x0 > Size of this header: 64 (bytes) > Size of program headers: 56 (bytes) > Number of program headers: 6 > Size of section headers: 0 (bytes) > Number of section headers: 0 > Section header string table index: 0 > > There are no sections in this file. > > There are no sections in this file. > > Program Headers: > Type Offset VirtAddr PhysAddr > FileSizMemSiz Flags Align > NOTE 0x0190 0x 0x > 0x083c 0x083c 0 > LOAD 0x09cc 0x8100 0x0100 > 0x00ba3000 0x00ba3000 RWE0 > LOAD 0x00ba39cc 0x8100 0x > 0x000a 0x000a RWE0 > LOAD 0x00c439cc 0x8110 0x0010 > 0x01f0 0x01f0 RWE0 > LOAD 0x02b439cc 0x81000a00 0x0a00 > 0xc5fc2840 0xc5fc2840 RWE0 > LOAD 0xc8b0620c 0x8101 0x0001 > 0x3000 0x3000 RWE0 > > There is no dynamic section in this file. > > There are no relocations in this file. > > There are no unwind sections in this file. > > No version information found in this file. > > Notes at offset 0x0190 with length 0x083c: > Owner Data size Description > CORE 0x0150 NT_PRSTATUS (prstatus structure) > CORE 0x0150 NT_PRSTATUS (prstatus structure) > VMCOREINFO0x055b Unknown note type: (0x) > $ > > In this example, the phys_base (of zero) can be determined by looking > at the first PT_LOAD segment, and comparing the PhysAddr and the VirtAddr > values -- given that __START_KERNEL_map region is based at 8. > The remaining physical memory chunks are described by the subsequent > unity-mapped segments. > > The NT_PRSTATUS notes are register dumps of each cpu, where this vmcore > was from a 2-cpu system. But the crash utility is capable of surviving > without them. It can also get by without the VMCOREINFO note, which is > primarily there for use by the "makedumpfile" utility, which is used to > compress ELF kdumps and filter out unwanted pages, and then make a different > dumpfile format entirely. > > This may be another stupid question -- but does the guest failure mode > render it incapable of using kdump? Guest failure mode? I do not what does it mean. But 'virsh dump' can be used when kdump fails or kdump service is not started. Thanks Wen Congyang > > Dave > >
Re: [Qemu-devel] [Qemu-ppc] [PATCH] pseries: Correct vmx/dfp handling in both KVM and TCG cases
On 24.10.2011, at 17:09, David Gibson wrote: > On Mon, Oct 24, 2011 at 04:43:18PM -0700, Alexander Graf wrote: >> >> On 24.10.2011, at 16:08, David Gibson wrote: >> >>> [snip] >> Reading through the patch again I think I see your point now :). Yes, >> the kvmppc_host_cpu_def function only tries to fetch the host CPU >> capabilities. >> >> So yes, there is basically only the masking part with what we can >> actually virtualize missing. But for now we can just assume that every >> feature the host CPU supports is available. >> >> I'll apply your patch for now, as it certainly is better than what we >> had before. > > This breaks on 970mp (PowerStation). kvmppc_get_vmx returns -1 because > ibm,vmx doesn't exist in the host dt, but the CPU still supports Altivec. > > Any alternative way to enumerate VMX availability? Thinking about it a bit more ... Why do we need to check the host's capability to do VMX/VSX/DFP? Shouldn't the PVR already tell us everything we need to know? >>> >>> Well.. not necessarily. First there's the possibility of a CPU that's >>> theoretically capable of VSX or DFP, but where the administrator has >>> disabled it in firmware. >> >> Oh you can disable it in firmware? Then we should take it from the >> dt if available, yes. > > I think so. I'm not 100% sure on the details. But I believe there's > a thing designed for partition migration which essentially goes "don't > use this processor feature, because I want to be able to migrate you > to an earlier processor sometime". Good ;). If that one was to simply omit the vmx property, Linux would take the vmx availability from pvr today as well, so we're aligned with what the host OS does now. Alex > >>> Second, if we add approximate PVR matching >>> (which I'd like to do), then we should trust the host information over >>> the table, because we could actually be dealing with a diffferent >>> revision to the one we got from the table. >> >> Yeah, for fuzzy matching we want it. I agree. >> We're still missing some way for KVM to tell us what it can virtualize to the guest, but for now we assume that anything we throw at it works anyways. >>> >>> Right. I think we'll hneed to do that on a feature by feature basis >>> as we discover things that can't be KVM virtualized. I will send a >>> patch that deals with the masking for features that TCG can't emulate. >> >> Thanks :). >> >> >> Alex >> >> > > -- > David Gibson| I'll have my music baroque, and my code > david AT gibson.dropbear.id.au| minimalist, thank you. NOT _the_ _other_ >| _way_ _around_! > http://www.ozlabs.org/~dgibson
Re: [Qemu-devel] [PATCH 1/5] monitor: screen_dump async
On Mon, 24 Oct 2011 19:29:37 +0200 Alon Levy wrote: > On Mon, Oct 24, 2011 at 01:45:16PM -0200, Luiz Capitulino wrote: > > On Mon, 24 Oct 2011 17:13:14 +0200 > > Gerd Hoffmann wrote: > > > > > On 10/24/11 14:02, Alon Levy wrote: > > > > Make screen_dump monitor command an async command to allow next for qxl > > > > to implement it as a initiating call to red_worker and completion on > > > > callback, to fix a deadlock when issueing a screendump command via > > > > libvirt while connected with a libvirt controlled spice-gtk client. > > > > > > Approach looks reasonable to me. Patch breaks the build though, you've > > > missed a bunch of screen_dump functions in non-x86 targets. > > > > There are two problems actually. > > > > The first one is that changing an existing command from synchronous > > to asynchronous is an incompatible change because asynchronous commands > > semantics is different. For an example of possible problems please > > check: https://bugzilla.redhat.com/show_bug.cgi?id=623903. > > > > The second problem is that the existing asynchronous interface in the > > monitor is incomplete and has never been used for real. Our plan is to > > use QAPI's async support, but that has not landed in master yet and iirc > > there wasn't consensus about it. I also think it's a bit late for its > > inclusion in 1.0 (and certainly not a candidate for stable). > > > > If all you need here is to delay sending the response, then maybe the > > current interface could work (although I honestly don't trust it and > > regret not having dropped it). Otherwise our only choice would be to > > work on getting the QAPI async support merged. > > My problem is that the io thread keeps the global mutex during the wait, > that's why the async monitor is perfect for what I want - this is > exactly what it does. Let's not mix internal implementation details with what we want as an external interface. Can't you just make a vga_hw_screen_dump() specific callback? > I haven't looked at QAPI async support, but I > understand it's a bit in the future. Yes, it's not for the immediate term.
Re: [Qemu-devel] [Qemu-ppc] [PATCH] pseries: Correct vmx/dfp handling in both KVM and TCG cases
On Mon, Oct 24, 2011 at 04:43:18PM -0700, Alexander Graf wrote: > > On 24.10.2011, at 16:08, David Gibson wrote: > > > [snip] > Reading through the patch again I think I see your point now :). Yes, > the kvmppc_host_cpu_def function only tries to fetch the host CPU > capabilities. > > So yes, there is basically only the masking part with what we can > actually virtualize missing. But for now we can just assume that every > feature the host CPU supports is available. > > I'll apply your patch for now, as it certainly is better than what we > had before. > >>> > >>> This breaks on 970mp (PowerStation). kvmppc_get_vmx returns -1 because > >>> ibm,vmx doesn't exist in the host dt, but the CPU still supports Altivec. > >>> > >>> Any alternative way to enumerate VMX availability? > >> > >> Thinking about it a bit more ... Why do we need to check the host's > >> capability to do VMX/VSX/DFP? Shouldn't the PVR already tell us > >> everything we need to know? > > > > Well.. not necessarily. First there's the possibility of a CPU that's > > theoretically capable of VSX or DFP, but where the administrator has > > disabled it in firmware. > > Oh you can disable it in firmware? Then we should take it from the > dt if available, yes. I think so. I'm not 100% sure on the details. But I believe there's a thing designed for partition migration which essentially goes "don't use this processor feature, because I want to be able to migrate you to an earlier processor sometime". > > Second, if we add approximate PVR matching > > (which I'd like to do), then we should trust the host information over > > the table, because we could actually be dealing with a diffferent > > revision to the one we got from the table. > > Yeah, for fuzzy matching we want it. I agree. > > >> We're still missing some way for KVM to tell us what it can > >> virtualize to the guest, but for now we assume that anything we > >> throw at it works anyways. > > > > Right. I think we'll hneed to do that on a feature by feature basis > > as we discover things that can't be KVM virtualized. I will send a > > patch that deals with the masking for features that TCG can't emulate. > > Thanks :). > > > Alex > > -- David Gibson| I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson
Re: [Qemu-devel] [RFC 3/8] qapi: add QemuFileInputVisitor
On 09/19/2011 09:41 AM, Michael Roth wrote:
Visitor interfaces to read values from a QEMUFile
Signed-off-by: Michael Roth
---
Makefile.objs |1 +
qapi/qemu-file-input-visitor.c | 350
qapi/qemu-file-input-visitor.h | 26 +++
3 files changed, 377 insertions(+), 0 deletions(-)
create mode 100644 qapi/qemu-file-input-visitor.c
create mode 100644 qapi/qemu-file-input-visitor.h
diff --git a/Makefile.objs b/Makefile.objs
index 48fe0c4..6bc8555 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -82,6 +82,7 @@ fsdev-obj-$(CONFIG_VIRTFS) += $(addprefix fsdev/,
$(fsdev-nested-y))
common-obj-y = $(block-obj-y) blockdev.o
common-obj-y += $(qapi-obj-y)
common-obj-y += qapi/qemu-file-output-visitor.o
+common-obj-y += qapi/qemu-file-input-visitor.o
common-obj-y += $(net-obj-y)
common-obj-y += $(qobject-obj-y)
common-obj-$(CONFIG_LINUX) += $(fsdev-obj-$(CONFIG_LINUX))
diff --git a/qapi/qemu-file-input-visitor.c b/qapi/qemu-file-input-visitor.c
new file mode 100644
index 000..7217125
--- /dev/null
+++ b/qapi/qemu-file-input-visitor.c
@@ -0,0 +1,350 @@
+/*
+ * QEMUFile Output Visitor
+ *
+ * Copyright IBM, Corp. 2011
+ *
+ * Authors:
+ * Michael Roth
+ *
+ * This work is licensed under the terms of the GNU LGPL, version 2.1 or later.
+ * See the COPYING.LIB file in the top-level directory.
+ *
+ */
+
+#include "qemu-file-input-visitor.h"
+#include "qemu-queue.h"
+#include "qemu-common.h"
+#include "qemu-objects.h"
+#include "hw/hw.h"
+#include "qerror.h"
+
+typedef struct {
+size_t elem_count;
+size_t elem_size;
+size_t pos;
+} ArrayInfo;
+
+typedef struct StackEntry
+{
+enum {
+QFIV_ARRAY,
+QFIV_LIST,
+QFIV_STRUCT,
+} type;
+ArrayInfo array_info;
+QTAILQ_ENTRY(StackEntry) node;
+} StackEntry;
+
+struct QemuFileInputVisitor
+{
+Visitor visitor;
+QTAILQ_HEAD(, StackEntry) stack;
+QEMUFile *file;
+};
+
+static QemuFileInputVisitor *to_iv(Visitor *v)
+{
+return container_of(v, QemuFileInputVisitor, visitor);
+}
+
+static void qemu_file_input_push(QemuFileInputVisitor *iv, StackEntry *e)
+{
+QTAILQ_INSERT_HEAD(&iv->stack, e, node);
+}
+
+static void qemu_file_input_push_array(QemuFileInputVisitor *iv, ArrayInfo ai)
+{
+StackEntry *e = g_malloc0(sizeof(*e));
+e->type = QFIV_ARRAY;
+e->array_info = ai;
+qemu_file_input_push(iv, e);
+}
+
+static void qemu_file_input_push_list(QemuFileInputVisitor *iv)
+{
+StackEntry *e = g_malloc0(sizeof(*e));
+e->type = QFIV_LIST;
+qemu_file_input_push(iv, e);
+}
+
+static void qemu_file_input_push_struct(QemuFileInputVisitor *iv)
+{
+StackEntry *e = g_malloc0(sizeof(*e));
+e->type = QFIV_STRUCT;
+qemu_file_input_push(iv, e);
+}
+
+static void *qemu_file_input_pop(QemuFileInputVisitor *iv)
+{
+StackEntry *e = QTAILQ_FIRST(&iv->stack);
+QTAILQ_REMOVE(&iv->stack, e, node);
+return e;
+}
+
+static bool qemu_file_input_is_array(QemuFileInputVisitor *iv)
+{
+StackEntry *e = QTAILQ_FIRST(&iv->stack);
+return e->type == QFIV_ARRAY;
+}
+
+static bool qemu_file_input_is_list(QemuFileInputVisitor *ov)
+{
+StackEntry *e = QTAILQ_FIRST(&ov->stack);
+return e&& e->type == QFIV_LIST;
+}
+
+static void qemu_file_input_start_struct(Visitor *v, void **obj,
+ const char *kind,
+ const char *name, size_t size,
+ Error **errp)
+{
+QemuFileInputVisitor *iv = to_iv(v);
+
+if (obj&& *obj == NULL) {
+*obj = g_malloc0(size);
+}
+qemu_file_input_push_struct(iv);
+}
+
+static void qemu_file_input_end_struct(Visitor *v, Error **errp)
+{
+QemuFileInputVisitor *iv = to_iv(v);
+StackEntry *e = qemu_file_input_pop(iv);
+
+if (!e || e->type != QFIV_STRUCT) {
+error_set(errp, QERR_UNDEFINED_ERROR);
+return;
+}
+g_free(e);
Hello Michael,
I was looking at the code again to see what (private) comment I had made
the first time I read the code, and now I see additional issues.
The error test above and below will leak the e pointer when the type is
wrong.
+}
+
+static void qemu_file_input_start_list(Visitor *v, const char *name,
+ Error **errp)
+{
+QemuFileInputVisitor *iv = to_iv(v);
+qemu_file_input_push_list(iv);
+}
+
+static GenericList *qemu_file_input_next_list(Visitor *v, GenericList **list,
+ Error **errp)
+{
+QemuFileInputVisitor *iv = to_iv(v);
+GenericList *entry;
+
+if (!qemu_file_input_is_list(iv)) {
+error_set(errp, QERR_UNDEFINED_ERROR);
+}
+
+entry = g_malloc0(sizeof(*entry));
+if (*list) {
+(*list)->next = entry;
+}
+
+*list = entry;
+return entry;
+}
+
+static void qemu_file_input_end_list(Visitor *v, Error **errp)
+{
+QemuFileInputVisitor *iv = to_iv(v);
+
Re: [Qemu-devel] [Qemu-ppc] [PATCH] pseries: Correct vmx/dfp handling in both KVM and TCG cases
On 24.10.2011, at 16:08, David Gibson wrote: > [snip] Reading through the patch again I think I see your point now :). Yes, the kvmppc_host_cpu_def function only tries to fetch the host CPU capabilities. So yes, there is basically only the masking part with what we can actually virtualize missing. But for now we can just assume that every feature the host CPU supports is available. I'll apply your patch for now, as it certainly is better than what we had before. >>> >>> This breaks on 970mp (PowerStation). kvmppc_get_vmx returns -1 because >>> ibm,vmx doesn't exist in the host dt, but the CPU still supports Altivec. >>> >>> Any alternative way to enumerate VMX availability? >> >> Thinking about it a bit more ... Why do we need to check the host's >> capability to do VMX/VSX/DFP? Shouldn't the PVR already tell us >> everything we need to know? > > Well.. not necessarily. First there's the possibility of a CPU that's > theoretically capable of VSX or DFP, but where the administrator has > disabled it in firmware. Oh you can disable it in firmware? Then we should take it from the dt if available, yes. > Second, if we add approximate PVR matching > (which I'd like to do), then we should trust the host information over > the table, because we could actually be dealing with a diffferent > revision to the one we got from the table. Yeah, for fuzzy matching we want it. I agree. > >> We're still missing some way for KVM to tell us what it can >> virtualize to the guest, but for now we assume that anything we >> throw at it works anyways. > > Right. I think we'll hneed to do that on a feature by feature basis > as we discover things that can't be KVM virtualized. I will send a > patch that deals with the masking for features that TCG can't emulate. Thanks :). Alex
Re: [Qemu-devel] [Qemu-ppc] [PATCH] pseries: Correct vmx/dfp handling in both KVM and TCG cases
On Mon, Oct 24, 2011 at 10:25:26AM -0700, Alexander Graf wrote: > On 23.10.2011, at 22:29, David Gibson wrote: > > On Thu, Oct 20, 2011 at 11:49:40PM -0700, Alexander Graf wrote: [snip] > >>> This gets further complicated in the case of the w-i-p patch I have to > >>> properly advertise page sizes, where it's not just presence or absence > >>> of a feature, but the specific SLB and HPTE encodings must be > >>> advertised to the guest. > >> > >> Yup, so we'd read out the host dt to find the host possible > >> encodings (probably a bad idea, but that's a different story) > > > > Um, a different story perhaps, but one I kind of need an answer to in > > the near future... I can query the host cpu's page sizes easily > > enough, but I'm really not sure where this should be stashed before > > filtering as suggested below. > > Page sizes are usually powers of 2, so we should be ok with just > having a bitmap there with each bit meaning 1 << (n + 12). Not sufficient. Again, it's not just the presence/absence of page sizes I need, but the SLB and HPTE bit encodings. And even if it weren't for that, we need which base page size versus actual page sizes combinations are supported, not just whether a given page size is supported somehow. I did have a draft patch adding more generalized multiple page size support to TCG, which would have provided a solution except that a) I don't really want to finish tha off - still a fair bit of work - just in order to pass through host page sizes and b) I lost the draft in an unfortunate encfs+git corruption incident :(. -- David Gibson| I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson
Re: [Qemu-devel] [Qemu-ppc] [PATCH] KVM: PPC: Override host vmx/vsx/dfp only when information known
On Mon, Oct 24, 2011 at 08:53:54PM +0200, Alexander Graf wrote:
> The -cpu host feature tries to find out the host capabilities based
> on device tree information. However, we don't always have that available
> because it's an optional property in dt.
>
> So instead of force unsetting values depending on an unreliable source
> of information, let's just try to be clever about it and not override
> capabilities when we don't know the device tree pieces.
>
> This fixes altivec with -cpu host on YDL PowerStations.
Yeah, this is probably the best we can do. I forgot that we can only
really rely on the ibm,vmx property on systems with IBM firmware. On
those it does indicate that there is no VMX if the property is
missing, but other firmwares just don't provide it at all.
>
> Signed-off-by: Alexander Graf
> ---
> target-ppc/kvm.c | 12 +---
> 1 files changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c
> index a090d79..f3d0861 100644
> --- a/target-ppc/kvm.c
> +++ b/target-ppc/kvm.c
> @@ -912,9 +912,15 @@ const ppc_def_t *kvmppc_host_cpu_def(void)
>
> /* Now fix up the spec with information we can query from the host */
>
> -alter_insns(&spec->insns_flags, PPC_ALTIVEC, vmx > 0);
> -alter_insns(&spec->insns_flags2, PPC2_VSX, vmx > 1);
> -alter_insns(&spec->insns_flags2, PPC2_DFP, dfp);
> +if (vmx != -1) {
> +/* Only override when we know what the host supports */
> +alter_insns(&spec->insns_flags, PPC_ALTIVEC, vmx > 0);
> +alter_insns(&spec->insns_flags2, PPC2_VSX, vmx > 1);
> +}
> +if (dfp != -1) {
> +/* Only override when we know what the host supports */
> +alter_insns(&spec->insns_flags2, PPC2_DFP, dfp);
> +}
>
> return spec;
> }
--
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson
Re: [Qemu-devel] [Qemu-ppc] [PATCH] pseries: Correct vmx/dfp handling in both KVM and TCG cases
[snip] > >> Reading through the patch again I think I see your point now :). Yes, the > >> kvmppc_host_cpu_def function only tries to fetch the host CPU capabilities. > >> > >> So yes, there is basically only the masking part with what we can actually > >> virtualize missing. But for now we can just assume that every feature the > >> host CPU supports is available. > >> > >> I'll apply your patch for now, as it certainly is better than what we had > >> before. > > > > This breaks on 970mp (PowerStation). kvmppc_get_vmx returns -1 because > > ibm,vmx doesn't exist in the host dt, but the CPU still supports Altivec. > > > > Any alternative way to enumerate VMX availability? > > Thinking about it a bit more ... Why do we need to check the host's > capability to do VMX/VSX/DFP? Shouldn't the PVR already tell us > everything we need to know? Well.. not necessarily. First there's the possibility of a CPU that's theoretically capable of VSX or DFP, but where the administrator has disabled it in firmware. Second, if we add approximate PVR matching (which I'd like to do), then we should trust the host information over the table, because we could actually be dealing with a diffferent revision to the one we got from the table. > We're still missing some way for KVM to tell us what it can > virtualize to the guest, but for now we assume that anything we > throw at it works anyways. Right. I think we'll hneed to do that on a feature by feature basis as we discover things that can't be KVM virtualized. I will send a patch that deals with the masking for features that TCG can't emulate. -- David Gibson| I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson
Re: [Qemu-devel] Executing from a rom device - Re: [PATCH 2/4] pc: Support system flash memory with pflash
On 24.10.2011, at 16:00, Jordan Justen wrote: > Avi, > > Alex pointed out that my patch below should not work for kvm, because > kvm currently does not support executing from a rom region. This > surprised me, because I thought I had been testing with kvm enabled. > But, it turns out I wasn't, and in fact this patch does not work with > kvm enabled. (Sorry all for this big mistake in my testing.) > > Alex also suggested that you might be able to answer whether it would > be possible to execute from a flash device (ie, qemu 'rom_device' > device). Is this something that would be possible with kvm? > > If so, would it require changes to kvm on the kernel side? Or, the > qemu side? Perhaps just within the pflash_cfi01 device? > > Would implementing it require the flash based execution to be very > slow under kvm? To be more precise, we need a memory region which is backed by RAM on reads and does MMIO on writes. I remember Avi talking about that a while back, but don't know if he pursued it any further. Alex
[Qemu-devel] Executing from a rom device - Re: [PATCH 2/4] pc: Support system flash memory with pflash
Avi,
Alex pointed out that my patch below should not work for kvm, because
kvm currently does not support executing from a rom region. This
surprised me, because I thought I had been testing with kvm enabled.
But, it turns out I wasn't, and in fact this patch does not work with
kvm enabled. (Sorry all for this big mistake in my testing.)
Alex also suggested that you might be able to answer whether it would
be possible to execute from a flash device (ie, qemu 'rom_device'
device). Is this something that would be possible with kvm?
If so, would it require changes to kvm on the kernel side? Or, the
qemu side? Perhaps just within the pflash_cfi01 device?
Would implementing it require the flash based execution to be very
slow under kvm?
Thanks for your time,
-Jordan
On Mon, Oct 17, 2011 at 12:27, Jordan Justen wrote:
> On Mon, Oct 17, 2011 at 12:16, Jordan Justen
> wrote:
>> If a pflash image is found, then it is used for the system
>> firmware image.
>>
>> If a pflash image is not initially found, then a read-only
>> pflash device is created using the -bios filename.
>>
>> Signed-off-by: Jordan Justen
>> Cc: Anthony Liguori
>> ---
>> Makefile.target | 1 +
>> default-configs/i386-softmmu.mak | 1 +
>> default-configs/x86_64-softmmu.mak | 1 +
>> hw/boards.h | 1 +
>> hw/pc.c | 55 +
>> hw/pc.h | 3 +
>> hw/pcflash.c | 145
>>
>> vl.c | 2 +-
>> 8 files changed, 158 insertions(+), 51 deletions(-)
>> create mode 100644 hw/pcflash.c
>>
>> diff --git a/Makefile.target b/Makefile.target
>> index 417f23e..37a5b56 100644
>> --- a/Makefile.target
>> +++ b/Makefile.target
>> @@ -225,6 +225,7 @@ obj-i386-y += vmport.o
>> obj-i386-y += device-hotplug.o pci-hotplug.o smbios.o wdt_ib700.o
>> obj-i386-y += debugcon.o multiboot.o
>> obj-i386-y += pc_piix.o
>> +obj-i386-y += pcflash.o
>> obj-i386-$(CONFIG_KVM) += kvmclock.o
>> obj-i386-$(CONFIG_SPICE) += qxl.o qxl-logger.o qxl-render.o
>>
>> diff --git a/default-configs/i386-softmmu.mak
>> b/default-configs/i386-softmmu.mak
>> index e67ebb3..cd407a9 100644
>> --- a/default-configs/i386-softmmu.mak
>> +++ b/default-configs/i386-softmmu.mak
>> @@ -22,3 +22,4 @@ CONFIG_SOUND=y
>> CONFIG_HPET=y
>> CONFIG_APPLESMC=y
>> CONFIG_I8259=y
>> +CONFIG_PFLASH_CFI01=y
>> diff --git a/default-configs/x86_64-softmmu.mak
>> b/default-configs/x86_64-softmmu.mak
>> index b75757e..47734ea 100644
>> --- a/default-configs/x86_64-softmmu.mak
>> +++ b/default-configs/x86_64-softmmu.mak
>> @@ -22,3 +22,4 @@ CONFIG_SOUND=y
>> CONFIG_HPET=y
>> CONFIG_APPLESMC=y
>> CONFIG_I8259=y
>> +CONFIG_PFLASH_CFI01=y
>> diff --git a/hw/boards.h b/hw/boards.h
>> index 716fd7b..45a31a1 100644
>> --- a/hw/boards.h
>> +++ b/hw/boards.h
>> @@ -33,6 +33,7 @@ typedef struct QEMUMachine {
>> } QEMUMachine;
>>
>> int qemu_register_machine(QEMUMachine *m);
>> +QEMUMachine *find_default_machine(void);
>>
>> extern QEMUMachine *current_machine;
>>
>> diff --git a/hw/pc.c b/hw/pc.c
>> index f0802b7..0c9b7ba 100644
>> --- a/hw/pc.c
>> +++ b/hw/pc.c
>> @@ -57,10 +57,6 @@
>> #define DPRINTF(fmt, ...)
>> #endif
>>
>> -#define BIOS_FILENAME "bios.bin"
>> -
>> -#define PC_MAX_BIOS_SIZE (4 * 1024 * 1024)
>> -
>> /* Leave a chunk of memory at the top of RAM for the BIOS ACPI tables. */
>> #define ACPI_DATA_SIZE 0x1
>> #define BIOS_CFG_IOPORT 0x510
>> @@ -974,11 +970,9 @@ void pc_memory_init(MemoryRegion *system_memory,
>> MemoryRegion *rom_memory,
>> MemoryRegion **ram_memory)
>> {
>> - char *filename;
>> - int ret, linux_boot, i;
>> - MemoryRegion *ram, *bios, *isa_bios, *option_rom_mr;
>> + int linux_boot, i;
>> + MemoryRegion *ram, *option_rom_mr;
>> MemoryRegion *ram_below_4g, *ram_above_4g;
>> - int bios_size, isa_bios_size;
>> void *fw_cfg;
>>
>> linux_boot = (kernel_filename != NULL);
>> @@ -1003,43 +997,9 @@ void pc_memory_init(MemoryRegion *system_memory,
>> ram_above_4g);
>> }
>>
>> - /* BIOS load */
>> - if (bios_name == NULL)
>> - bios_name = BIOS_FILENAME;
>> - filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
>> - if (filename) {
>> - bios_size = get_image_size(filename);
>> - } else {
>> - bios_size = -1;
>> - }
>> - if (bios_size <= 0 ||
>> - (bios_size % 65536) != 0) {
>> - goto bios_error;
>> - }
>> - bios = g_malloc(sizeof(*bios));
>> - memory_region_init_ram(bios, NULL, "pc.bios", bios_size);
>> - memory_region_set_readonly(bios, true);
>> - ret = rom_add_file_fixed(bios_name, (uint32_t)(-bios_size), -1);
>> - if (ret != 0) {
>> - bios_error:
>> - fprintf(stderr, "qemu: could not load PC BIOS '%s'\n", bios_name);
>> - exit(1);
>> - }
>> -
[Qemu-devel] [PATCH 09/14] syborg_virtio: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_virtio.c | 26 ++
1 files changed, 10 insertions(+), 16 deletions(-)
diff --git a/hw/syborg_virtio.c b/hw/syborg_virtio.c
index 00c7be8..af0c370 100644
--- a/hw/syborg_virtio.c
+++ b/hw/syborg_virtio.c
@@ -62,6 +62,7 @@ enum {
typedef struct {
SysBusDevice busdev;
VirtIODevice *vdev;
+MemoryRegion iomem;
qemu_irq irq;
uint32_t int_enable;
uint32_t id;
@@ -223,16 +224,12 @@ static void syborg_virtio_writeb(void *opaque,
target_phys_addr_t offset,
BADF("Bad byte write offset 0x%x\n", (int)offset);
}
-static CPUReadMemoryFunc * const syborg_virtio_readfn[] = {
- syborg_virtio_readb,
- syborg_virtio_readw,
- syborg_virtio_readl
-};
-
-static CPUWriteMemoryFunc * const syborg_virtio_writefn[] = {
- syborg_virtio_writeb,
- syborg_virtio_writew,
- syborg_virtio_writel
+static const MemoryRegionOps syborg_virtio_ops = {
+.old_mmio = {
+.read = { syborg_virtio_readb, syborg_virtio_readw,
syborg_virtio_readl },
+.write = { syborg_virtio_writeb, syborg_virtio_writew,
syborg_virtio_writel },
+},
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static void syborg_virtio_update_irq(void *opaque, uint16_t vector)
@@ -258,17 +255,14 @@ static VirtIOBindings syborg_virtio_bindings = {
static int syborg_virtio_init(SyborgVirtIOProxy *proxy, VirtIODevice *vdev)
{
-int iomemtype;
-
proxy->vdev = vdev;
/* Don't support multiple vectors */
proxy->vdev->nvectors = 0;
sysbus_init_irq(&proxy->busdev, &proxy->irq);
-iomemtype = cpu_register_io_memory(syborg_virtio_readfn,
- syborg_virtio_writefn, proxy,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(&proxy->busdev, 0x1000, iomemtype);
+memory_region_init_io(&proxy->iomem, &syborg_virtio_ops, proxy,
+ "virtio", 0x1000);
+sysbus_init_mmio_region(&proxy->busdev, &proxy->iomem);
proxy->id = ((uint32_t)0x1af4 << 16) | vdev->device_id;
--
1.7.4.1
[Qemu-devel] [PATCH 03/15] syborg_fb: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_fb.c | 28 +++-
1 files changed, 11 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_fb.c b/hw/syborg_fb.c
index ae3e0eb..3b71c72 100644
--- a/hw/syborg_fb.c
+++ b/hw/syborg_fb.c
@@ -65,6 +65,7 @@ enum {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
DisplayState *ds;
/*QEMUConsole *console;*/
uint32_t need_update : 1;
@@ -294,7 +295,8 @@ static void syborg_fb_invalidate_display(void * opaque)
s->need_update = 1;
}
-static uint32_t syborg_fb_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_fb_read(void *opaque, target_phys_addr_t offset,
+ unsigned size)
{
SyborgFBState *s = opaque;
@@ -366,7 +368,7 @@ static uint32_t syborg_fb_read(void *opaque,
target_phys_addr_t offset)
}
static void syborg_fb_write(void *opaque, target_phys_addr_t offset,
-uint32_t val)
+uint64_t val, unsigned size)
{
SyborgFBState *s = opaque;
@@ -454,16 +456,10 @@ static void syborg_fb_write(void *opaque,
target_phys_addr_t offset,
}
}
-static CPUReadMemoryFunc * const syborg_fb_readfn[] = {
-syborg_fb_read,
-syborg_fb_read,
-syborg_fb_read
-};
-
-static CPUWriteMemoryFunc * const syborg_fb_writefn[] = {
-syborg_fb_write,
-syborg_fb_write,
-syborg_fb_write
+static const MemoryRegionOps syborg_fb_ops = {
+.read = syborg_fb_read,
+.write = syborg_fb_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static void syborg_fb_save(QEMUFile *f, void *opaque)
@@ -515,13 +511,11 @@ static int syborg_fb_load(QEMUFile *f, void *opaque, int
version_id)
static int syborg_fb_init(SysBusDevice *dev)
{
SyborgFBState *s = FROM_SYSBUS(SyborgFBState, dev);
-int iomemtype;
sysbus_init_irq(dev, &s->irq);
-iomemtype = cpu_register_io_memory(syborg_fb_readfn,
- syborg_fb_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_fb_ops, s,
+ "framebuffer", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
s->ds = graphic_console_init(syborg_fb_update_display,
syborg_fb_invalidate_display,
--
1.7.4.1
[Qemu-devel] [PATCH 09/11] isa: always use provided ISA bus when creating an isa device
Signed-off-by: Hervé Poussineau
---
hw/isa-bus.c | 10 --
1 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/hw/isa-bus.c b/hw/isa-bus.c
index 7c94f0b..3207680 100644
--- a/hw/isa-bus.c
+++ b/hw/isa-bus.c
@@ -130,12 +130,11 @@ ISADevice *isa_create(ISABus *bus, const char *name)
{
DeviceState *dev;
-assert(!bus || bus == isabus);
-if (!isabus) {
+if (!bus) {
hw_error("Tried to create isa device %s with no isa bus present.",
name);
}
-dev = qdev_create(&isabus->qbus, name);
+dev = qdev_create(&bus->qbus, name);
return DO_UPCAST(ISADevice, qdev, dev);
}
@@ -143,12 +142,11 @@ ISADevice *isa_try_create(ISABus *bus, const char *name)
{
DeviceState *dev;
-assert(!bus || bus == isabus);
-if (!isabus) {
+if (!bus) {
hw_error("Tried to create isa device %s with no isa bus present.",
name);
}
-dev = qdev_try_create(&isabus->qbus, name);
+dev = qdev_try_create(&bus->qbus, name);
return DO_UPCAST(ISADevice, qdev, dev);
}
--
1.7.6.3
[Qemu-devel] [PATCH 08/11] malta: give ISA bus to ISA methods
Signed-off-by: Hervé Poussineau
---
hw/mips_malta.c |3 +--
hw/pc.h |2 +-
hw/piix4.c |3 ++-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/hw/mips_malta.c b/hw/mips_malta.c
index 98177f3..78d99e7 100644
--- a/hw/mips_malta.c
+++ b/hw/mips_malta.c
@@ -941,8 +941,7 @@ void mips_malta_init (ram_addr_t ram_size,
/* Southbridge */
ide_drive_get(hd, MAX_IDE_BUS);
-piix4_devfn = piix4_init(pci_bus, 80);
-isa_bus = NULL;
+piix4_devfn = piix4_init(pci_bus, &isa_bus, 80);
/* Interrupt controller */
/* The 8259 is attached to the MIPS CPU INT0 pin, ie interrupt 2 */
diff --git a/hw/pc.h b/hw/pc.h
index 127940c..bc67b2b 100644
--- a/hw/pc.h
+++ b/hw/pc.h
@@ -194,7 +194,7 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int
*piix_devfn,
/* piix4.c */
extern PCIDevice *piix4_dev;
-int piix4_init(PCIBus *bus, int devfn);
+int piix4_init(PCIBus *bus, ISABus **isa_bus, int devfn);
/* vga.c */
enum vga_retrace_method {
diff --git a/hw/piix4.c b/hw/piix4.c
index 2fd1171..51af459 100644
--- a/hw/piix4.c
+++ b/hw/piix4.c
@@ -93,11 +93,12 @@ static int piix4_initfn(PCIDevice *dev)
return 0;
}
-int piix4_init(PCIBus *bus, int devfn)
+int piix4_init(PCIBus *bus, ISABus **isa_bus, int devfn)
{
PCIDevice *d;
d = pci_create_simple_multifunction(bus, devfn, true, "PIIX4");
+*isa_bus = DO_UPCAST(ISABus, qbus, qdev_get_child_bus(&d->qdev, "isa.0"));
return d->devfn;
}
--
1.7.6.3
[Qemu-devel] [PATCH 06/15] syborg_pointer: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_pointer.c | 28 +++-
1 files changed, 11 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_pointer.c b/hw/syborg_pointer.c
index b91214d..a0f8b32 100644
--- a/hw/syborg_pointer.c
+++ b/hw/syborg_pointer.c
@@ -44,6 +44,7 @@ typedef struct {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
int int_enabled;
uint32_t fifo_size;
event_data *event_fifo;
@@ -57,7 +58,8 @@ static void syborg_pointer_update(SyborgPointerState *s)
qemu_set_irq(s->irq, s->read_count && s->int_enabled);
}
-static uint32_t syborg_pointer_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_pointer_read(void *opaque, target_phys_addr_t offset,
+unsigned size)
{
SyborgPointerState *s = (SyborgPointerState *)opaque;
@@ -87,7 +89,7 @@ static uint32_t syborg_pointer_read(void *opaque,
target_phys_addr_t offset)
}
static void syborg_pointer_write(void *opaque, target_phys_addr_t offset,
- uint32_t value)
+ uint64_t value, unsigned size)
{
SyborgPointerState *s = (SyborgPointerState *)opaque;
@@ -110,16 +112,10 @@ static void syborg_pointer_write(void *opaque,
target_phys_addr_t offset,
syborg_pointer_update(s);
}
-static CPUReadMemoryFunc * const syborg_pointer_readfn[] = {
- syborg_pointer_read,
- syborg_pointer_read,
- syborg_pointer_read
-};
-
-static CPUWriteMemoryFunc * const syborg_pointer_writefn[] = {
- syborg_pointer_write,
- syborg_pointer_write,
- syborg_pointer_write
+static const MemoryRegionOps syborg_pointer_ops = {
+.read = syborg_pointer_read,
+.write = syborg_pointer_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static void syborg_pointer_event(void *opaque, int dx, int dy, int dz,
@@ -186,13 +182,11 @@ static const VMStateDescription vmstate_syborg_pointer = {
static int syborg_pointer_init(SysBusDevice *dev)
{
SyborgPointerState *s = FROM_SYSBUS(SyborgPointerState, dev);
-int iomemtype;
sysbus_init_irq(dev, &s->irq);
-iomemtype = cpu_register_io_memory(syborg_pointer_readfn,
- syborg_pointer_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_pointer_ops, s,
+ "pointer", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
if (s->fifo_size <= 0) {
fprintf(stderr, "syborg_pointer: fifo too small\n");
--
1.7.4.1
[Qemu-devel] [PATCH 12/14] realview: convert realview i2c to VMState
Signed-off-by: Benoit Canet
---
hw/realview.c | 21 +++--
1 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/hw/realview.c b/hw/realview.c
index 14281b0..4eb320e 100644
--- a/hw/realview.c
+++ b/hw/realview.c
@@ -26,10 +26,26 @@ typedef struct {
SysBusDevice busdev;
MemoryRegion iomem;
bitbang_i2c_interface *bitbang;
-int out;
-int in;
+int32_t out;
+int32_t in;
} RealViewI2CState;
+extern VMStateDescription vmstate_bitbang_i2c;
+
+const VMStateDescription vmstate_realview_i2c = {
+.name = "realview_i2c",
+.version_id = 1,
+.minimum_version_id = 1,
+.minimum_version_id_old = 1,
+.fields = (VMStateField []) {
+VMSTATE_STRUCT_POINTER(bitbang, RealViewI2CState, vmstate_bitbang_i2c,
+ bitbang_i2c_interface *),
+VMSTATE_INT32(out, RealViewI2CState),
+VMSTATE_INT32(in, RealViewI2CState),
+VMSTATE_END_OF_LIST()
+}
+};
+
static uint64_t realview_i2c_read(void *opaque, target_phys_addr_t offset,
unsigned size)
{
@@ -85,6 +101,7 @@ static SysBusDeviceInfo realview_i2c_info = {
.init = realview_i2c_init,
.qdev.name = "realview_i2c",
.qdev.size = sizeof(RealViewI2CState),
+.qdev.vmsd = &vmstate_realview_i2c,
};
static void realview_register_devices(void)
--
1.7.4.1
[Qemu-devel] [PATCH 10/14] pl181: add vmstate
Signed-off-by: Benoit Canet
---
hw/pl181.c | 40
1 files changed, 36 insertions(+), 4 deletions(-)
diff --git a/hw/pl181.c b/hw/pl181.c
index e13ea8e..cef2530 100644
--- a/hw/pl181.c
+++ b/hw/pl181.c
@@ -38,20 +38,45 @@ typedef struct {
uint32_t datacnt;
uint32_t status;
uint32_t mask[2];
-int fifo_pos;
-int fifo_len;
+int32_t fifo_pos;
+int32_t fifo_len;
/* The linux 2.6.21 driver is buggy, and misbehaves if new data arrives
while it is reading the FIFO. We hack around this be defering
subsequent transfers until after the driver polls the status word.
http://www.arm.linux.org.uk/developer/patches/viewpatch.php?id=4446/1
*/
-int linux_hack;
+int32_t linux_hack;
uint32_t fifo[PL181_FIFO_LEN];
qemu_irq irq[2];
/* GPIO outputs for 'card is readonly' and 'card inserted' */
qemu_irq cardstatus[2];
} pl181_state;
+static const VMStateDescription vmstate_pl181 = {
+.name = "pl181",
+.version_id = 1,
+.minimum_version_id = 1,
+.fields = (VMStateField[]) {
+VMSTATE_UINT32(clock, pl181_state),
+VMSTATE_UINT32(power, pl181_state),
+VMSTATE_UINT32(cmdarg, pl181_state),
+VMSTATE_UINT32(cmd, pl181_state),
+VMSTATE_UINT32(datatimer, pl181_state),
+VMSTATE_UINT32(datalength, pl181_state),
+VMSTATE_UINT32(respcmd, pl181_state),
+VMSTATE_UINT32_ARRAY(response, pl181_state, 4),
+VMSTATE_UINT32(datactrl, pl181_state),
+VMSTATE_UINT32(datacnt, pl181_state),
+VMSTATE_UINT32(status, pl181_state),
+VMSTATE_UINT32_ARRAY(mask, pl181_state, 2),
+VMSTATE_INT32(fifo_pos, pl181_state),
+VMSTATE_INT32(fifo_len, pl181_state),
+VMSTATE_INT32(linux_hack, pl181_state),
+VMSTATE_UINT32_ARRAY(fifo, pl181_state, PL181_FIFO_LEN),
+VMSTATE_END_OF_LIST()
+}
+};
+
#define PL181_CMD_INDEX 0x3f
#define PL181_CMD_RESPONSE (1 << 6)
#define PL181_CMD_LONGRESP (1 << 7)
@@ -465,9 +490,16 @@ static int pl181_init(SysBusDevice *dev)
return 0;
}
+static SysBusDeviceInfo pl181_info = {
+.init = pl181_init,
+.qdev.name = "pl181",
+.qdev.size = sizeof(pl181_state),
+.qdev.vmsd = &vmstate_pl181,
+};
+
static void pl181_register_devices(void)
{
-sysbus_register_dev("pl181", sizeof(pl181_state), pl181_init);
+sysbus_register_withprop(&pl181_info);
}
device_init(pl181_register_devices)
--
1.7.4.1
[Qemu-devel] [PATCH 02/14] syborg_fb: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_fb.c | 28 +++-
1 files changed, 11 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_fb.c b/hw/syborg_fb.c
index ae3e0eb..3b71c72 100644
--- a/hw/syborg_fb.c
+++ b/hw/syborg_fb.c
@@ -65,6 +65,7 @@ enum {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
DisplayState *ds;
/*QEMUConsole *console;*/
uint32_t need_update : 1;
@@ -294,7 +295,8 @@ static void syborg_fb_invalidate_display(void * opaque)
s->need_update = 1;
}
-static uint32_t syborg_fb_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_fb_read(void *opaque, target_phys_addr_t offset,
+ unsigned size)
{
SyborgFBState *s = opaque;
@@ -366,7 +368,7 @@ static uint32_t syborg_fb_read(void *opaque,
target_phys_addr_t offset)
}
static void syborg_fb_write(void *opaque, target_phys_addr_t offset,
-uint32_t val)
+uint64_t val, unsigned size)
{
SyborgFBState *s = opaque;
@@ -454,16 +456,10 @@ static void syborg_fb_write(void *opaque,
target_phys_addr_t offset,
}
}
-static CPUReadMemoryFunc * const syborg_fb_readfn[] = {
-syborg_fb_read,
-syborg_fb_read,
-syborg_fb_read
-};
-
-static CPUWriteMemoryFunc * const syborg_fb_writefn[] = {
-syborg_fb_write,
-syborg_fb_write,
-syborg_fb_write
+static const MemoryRegionOps syborg_fb_ops = {
+.read = syborg_fb_read,
+.write = syborg_fb_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static void syborg_fb_save(QEMUFile *f, void *opaque)
@@ -515,13 +511,11 @@ static int syborg_fb_load(QEMUFile *f, void *opaque, int
version_id)
static int syborg_fb_init(SysBusDevice *dev)
{
SyborgFBState *s = FROM_SYSBUS(SyborgFBState, dev);
-int iomemtype;
sysbus_init_irq(dev, &s->irq);
-iomemtype = cpu_register_io_memory(syborg_fb_readfn,
- syborg_fb_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_fb_ops, s,
+ "framebuffer", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
s->ds = graphic_console_init(syborg_fb_update_display,
syborg_fb_invalidate_display,
--
1.7.4.1
[Qemu-devel] [PATCH 04/14] syborg_keyboard: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_keyboard.c | 28 +++-
1 files changed, 11 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_keyboard.c b/hw/syborg_keyboard.c
index 82b9dc0..03d2183 100644
--- a/hw/syborg_keyboard.c
+++ b/hw/syborg_keyboard.c
@@ -51,6 +51,7 @@ enum {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
uint32_t int_enabled;
int extension_bit;
uint32_t fifo_size;
@@ -66,7 +67,8 @@ static void syborg_keyboard_update(SyborgKeyboardState *s)
qemu_set_irq(s->irq, level);
}
-static uint32_t syborg_keyboard_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_keyboard_read(void *opaque, target_phys_addr_t offset,
+unsigned size)
{
SyborgKeyboardState *s = (SyborgKeyboardState *)opaque;
int c;
@@ -104,7 +106,7 @@ static uint32_t syborg_keyboard_read(void *opaque,
target_phys_addr_t offset)
}
static void syborg_keyboard_write(void *opaque, target_phys_addr_t offset,
- uint32_t value)
+ uint64_t value, unsigned size)
{
SyborgKeyboardState *s = (SyborgKeyboardState *)opaque;
@@ -121,16 +123,10 @@ static void syborg_keyboard_write(void *opaque,
target_phys_addr_t offset,
}
}
-static CPUReadMemoryFunc * const syborg_keyboard_readfn[] = {
- syborg_keyboard_read,
- syborg_keyboard_read,
- syborg_keyboard_read
-};
-
-static CPUWriteMemoryFunc * const syborg_keyboard_writefn[] = {
- syborg_keyboard_write,
- syborg_keyboard_write,
- syborg_keyboard_write
+static const MemoryRegionOps syborg_keyboard_ops = {
+.read = syborg_keyboard_read,
+.write = syborg_keyboard_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static void syborg_keyboard_event(void *opaque, int keycode)
@@ -184,13 +180,11 @@ static const VMStateDescription vmstate_syborg_keyboard =
{
static int syborg_keyboard_init(SysBusDevice *dev)
{
SyborgKeyboardState *s = FROM_SYSBUS(SyborgKeyboardState, dev);
-int iomemtype;
sysbus_init_irq(dev, &s->irq);
-iomemtype = cpu_register_io_memory(syborg_keyboard_readfn,
- syborg_keyboard_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_keyboard_ops, s,
+ "keyboard", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
if (s->fifo_size <= 0) {
fprintf(stderr, "syborg_keyboard: fifo too small\n");
s->fifo_size = 16;
--
1.7.4.1
Re: [Qemu-devel] [PATCH 3/4] loader: Add rom_add_file_buf for adding roms from a buffer
On Sun, Oct 23, 2011 at 04:27, Blue Swirl wrote:
> On Tue, Oct 18, 2011 at 21:17, Jordan Justen wrote:
>> On Tue, Oct 18, 2011 at 11:05, Blue Swirl wrote:
>>> On Mon, Oct 17, 2011 at 7:16 PM, Jordan Justen
>>> wrote:
rom_add_file_buf is similar to rom_add_file, except the rom's
contents are provided in a buffer.
rom_add_file is modified to call rom_add_file_buf after
reading the rom's contents from the file.
Signed-off-by: Jordan Justen
---
hw/loader.c | 71
+++---
hw/loader.h | 5
2 files changed, 53 insertions(+), 23 deletions(-)
diff --git a/hw/loader.c b/hw/loader.c
index 5676c18..d1a4a98 100644
--- a/hw/loader.c
+++ b/hw/loader.c
@@ -557,11 +557,11 @@ static void rom_insert(Rom *rom)
QTAILQ_INSERT_TAIL(&roms, rom, next);
}
-int rom_add_file(const char *file, const char *fw_dir,
- target_phys_addr_t addr, int32_t bootindex)
+int rom_add_file_buf(const char *file, const void *data, size_t size,
+ const char *fw_dir,
+ target_phys_addr_t addr, int32_t bootindex)
{
Rom *rom;
- int rc, fd = -1;
char devpath[100];
rom = g_malloc0(sizeof(*rom));
@@ -571,28 +571,16 @@ int rom_add_file(const char *file, const char
*fw_dir,
rom->path = g_strdup(file);
}
- fd = open(rom->path, O_RDONLY | O_BINARY);
- if (fd == -1) {
- fprintf(stderr, "Could not open option rom '%s': %s\n",
- rom->path, strerror(errno));
- goto err;
- }
-
if (fw_dir) {
rom->fw_dir = g_strdup(fw_dir);
rom->fw_file = g_strdup(file);
}
rom->addr = addr;
- rom->romsize = lseek(fd, 0, SEEK_END);
+ rom->romsize = size;
rom->data = g_malloc0(rom->romsize);
- lseek(fd, 0, SEEK_SET);
- rc = read(fd, rom->data, rom->romsize);
- if (rc != rom->romsize) {
- fprintf(stderr, "rom: file %-20s: read error: rc=%d (expected
%zd)\n",
- rom->name, rc, rom->romsize);
- goto err;
- }
- close(fd);
+
+ memcpy(rom->data, data, rom->romsize);
>>>
>>> This is not optimal, instead the data should be used directly. That
>>> way also mmap()ed, deduplicated ROM files are possible.
>>
>> In my 4th patch I use a buffer from a memory region via
>> memory_region_get_ram_ptr. Comments for memory_region_get_ram_ptr say
>> 'Use with care'.
>>
>> So, would the best thing be for me to allocate a new buffer in my 4th
>> patch, do the memcpy there, and then use the pointer directly here?
>
> No, instead of memcpy just do
> rom->data = data;
>
> Then also the corresponding g_free(data) below should be removed.
>
> The line g_free(rom->data) in the error path would be a problem for
> the future mmap() case though. Should be solvable with with some
> refactoring then, we'd need to be able to munmap() anyway.
I was discussing this change with Alex, and his opinion was that I
should not need to add the rom_add_file_buf function because the
pflash device is being used. So, I plan to drop patches 3 & 4 from
this changeset.
Thanks for the suggestion though, and I'll keep it in mind for future changes.
-Jordan
>>>
+
rom_insert(rom);
if (rom->fw_file && fw_cfg) {
const char *basename;
@@ -614,14 +602,51 @@ int rom_add_file(const char *file, const char
*fw_dir,
add_boot_device_path(bootindex, NULL, devpath);
return 0;
+}
+
+int rom_add_file(const char *file, const char *fw_dir,
+ target_phys_addr_t addr, int32_t bootindex)
+{
+ char *filename;
+ void *data = NULL;
+ size_t size;
+ int rc, fd = -1;
+
+ filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, file);
+ if (filename == NULL) {
+ filename = g_strdup(file);
+ }
+
+ fd = open(filename, O_RDONLY | O_BINARY);
+ if (fd == -1) {
+ fprintf(stderr, "Could not open option rom '%s': %s\n",
+ filename, strerror(errno));
+ goto err;
+ }
+
+ size = lseek(fd, 0, SEEK_END);
+ data = g_malloc0(size);
+ lseek(fd, 0, SEEK_SET);
+ rc = read(fd, data, size);
>>>
>>> It should be easy to replace this with mmap(), maybe later.
>>>
+ if (rc != size) {
+ fprintf(stderr, "rom: file %-20s: read error: rc=%d (expected
%zd)\n",
+ filename, rc, size);
+ goto err;
+ }
+ close(fd);
+
+ rc = rom_add_file_buf(filename, data, size, fw_dir, addr, bootindex);
+ if (rc != 0) {
+ goto err;
>
[Qemu-devel] [PATCH 06/11] sun4u: give ISA bus to ISA methods
Signed-off-by: Hervé Poussineau
---
hw/sun4u.c |6 --
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/hw/sun4u.c b/hw/sun4u.c
index 1e45192..c67576a 100644
--- a/hw/sun4u.c
+++ b/hw/sun4u.c
@@ -530,10 +530,12 @@ static ISABus *
pci_ebus_init(PCIBus *bus, int devfn)
{
qemu_irq *isa_irq;
+PCIDevice *pci_dev;
ISABus *isa_bus;
-pci_create_simple(bus, devfn, "ebus");
-isa_bus = NULL;
+pci_dev = pci_create_simple(bus, devfn, "ebus");
+isa_bus = DO_UPCAST(ISABus, qbus,
+qdev_get_child_bus(&pci_dev->qdev, "isa.0"));
isa_irq = qemu_allocate_irqs(dummy_isa_irq_handler, NULL, 16);
isa_bus_irqs(isa_bus, isa_irq);
return isa_bus;
--
1.7.6.3
Re: [Qemu-devel] [PATCH v2 3/4] Add cap reduction support to enable use as SUID
On 10/24/2011 03:20 PM, Corey Bryant wrote: On 10/24/2011 03:21 PM, Anthony Liguori wrote: On 10/24/2011 02:13 PM, Corey Bryant wrote: Right, it's not desirable, but isn't that the best we can do without libcap or FS capabilities? I think the best we can do is not let it run in those cases. :) I'd like see if others in the community have an opinion on this though. IMHO, it should work as an setuid binary maintaining root privileges. As long as it's a small binary (which it is) and is easy to audit, it should be safe. Regards, Anthony Liguori Alright, I'll concede on this. I'll run a static analyzer on the code and let it run as root if libcap-ng is not configured. It would be nice to also cut an audit record, but I'm not seeing a precedence for doing that in QEMU. Any thoughts? I'd be happy with just a hand full of Reviewed-by's from regular contributors. Regards, Anthony Liguori
[Qemu-devel] [PATCH 13/15] realview: convert realview i2c to VMState
Signed-off-by: Benoit Canet
---
hw/realview.c | 21 +++--
1 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/hw/realview.c b/hw/realview.c
index 14281b0..bf95051 100644
--- a/hw/realview.c
+++ b/hw/realview.c
@@ -26,10 +26,26 @@ typedef struct {
SysBusDevice busdev;
MemoryRegion iomem;
bitbang_i2c_interface *bitbang;
-int out;
-int in;
+int32_t out;
+int32_t in;
} RealViewI2CState;
+extern VMStateDescription vmstate_bitbang_i2c;
+
+const VMStateDescription vmstate_realview_i2c = {
+.name = "realview_i2c",
+.version_id = 1,
+.minimum_version_id = 1,
+.minimum_version_id_old = 1,
+.fields = (VMStateField[]) {
+VMSTATE_STRUCT_POINTER(bitbang, RealViewI2CState, vmstate_bitbang_i2c,
+ bitbang_i2c_interface *),
+VMSTATE_INT32(out, RealViewI2CState),
+VMSTATE_INT32(in, RealViewI2CState),
+VMSTATE_END_OF_LIST()
+}
+};
+
static uint64_t realview_i2c_read(void *opaque, target_phys_addr_t offset,
unsigned size)
{
@@ -85,6 +101,7 @@ static SysBusDeviceInfo realview_i2c_info = {
.init = realview_i2c_init,
.qdev.name = "realview_i2c",
.qdev.size = sizeof(RealViewI2CState),
+.qdev.vmsd = &vmstate_realview_i2c,
};
static void realview_register_devices(void)
--
1.7.4.1
[Qemu-devel] [PATCH 01/11] isa: give ISABus/ISADevice to isa_create(), isa_bus_irqs() and isa_get_irq() functions
NULL is a valid bus/device, so there is no change in behaviour.
Signed-off-by: Hervé Poussineau
---
arch_init.c|8
arch_init.h|2 +-
hw/adlib.c |2 +-
hw/alpha_dp264.c | 10 ++
hw/alpha_typhoon.c |7 ---
hw/audiodev.h |8
hw/cs4231a.c |4 ++--
hw/fdc.h |4 ++--
hw/gus.c |4 ++--
hw/i8254.c |2 +-
hw/i8259.c |6 +++---
hw/ide.h |2 +-
hw/ide/isa.c |4 ++--
hw/ide/piix.c |2 +-
hw/ide/via.c |2 +-
hw/isa-bus.c | 18 +++---
hw/isa.h | 10 +-
hw/m48t59.c|5 +++--
hw/mc146818rtc.c |4 ++--
hw/mc146818rtc.h |2 +-
hw/mips_fulong2e.c | 16 +---
hw/mips_jazz.c | 13 +++--
hw/mips_malta.c| 26 ++
hw/mips_r4k.c | 21 +++--
hw/nvram.h |3 ++-
hw/pc.c| 30 +++---
hw/pc.h| 35 ++-
hw/pc_piix.c | 19 +++
hw/pcspk.c |2 +-
hw/ppc_prep.c | 20 +++-
hw/sb16.c |4 ++--
hw/sun4u.c | 20
qemu-common.h |1 +
33 files changed, 171 insertions(+), 145 deletions(-)
diff --git a/arch_init.c b/arch_init.c
index a411fdf..3bc2a41 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -473,7 +473,7 @@ struct soundhw {
int enabled;
int isa;
union {
-int (*init_isa) (qemu_irq *pic);
+int (*init_isa) (ISABus *bus, qemu_irq *pic);
int (*init_pci) (PCIBus *bus);
} init;
};
@@ -628,7 +628,7 @@ void select_soundhw(const char *optarg)
}
}
-void audio_init(qemu_irq *isa_pic, PCIBus *pci_bus)
+void audio_init(ISABus *isa_bus, qemu_irq *isa_pic, PCIBus *pci_bus)
{
struct soundhw *c;
@@ -636,7 +636,7 @@ void audio_init(qemu_irq *isa_pic, PCIBus *pci_bus)
if (c->enabled) {
if (c->isa) {
if (isa_pic) {
-c->init.init_isa(isa_pic);
+c->init.init_isa(isa_bus, isa_pic);
}
} else {
if (pci_bus) {
@@ -650,7 +650,7 @@ void audio_init(qemu_irq *isa_pic, PCIBus *pci_bus)
void select_soundhw(const char *optarg)
{
}
-void audio_init(qemu_irq *isa_pic, PCIBus *pci_bus)
+void audio_init(ISABus *isa_bus, qemu_irq *isa_pic, PCIBus *pci_bus)
{
}
#endif
diff --git a/arch_init.h b/arch_init.h
index a74187a..074f02a 100644
--- a/arch_init.h
+++ b/arch_init.h
@@ -27,7 +27,7 @@ void do_acpitable_option(const char *optarg);
void do_smbios_option(const char *optarg);
void cpudef_init(void);
int audio_available(void);
-void audio_init(qemu_irq *isa_pic, PCIBus *pci_bus);
+void audio_init(ISABus *isa_bus, qemu_irq *isa_pic, PCIBus *pci_bus);
int tcg_available(void);
int kvm_available(void);
int xen_available(void);
diff --git a/hw/adlib.c b/hw/adlib.c
index e4bfcc6..b5e1564 100644
--- a/hw/adlib.c
+++ b/hw/adlib.c
@@ -275,7 +275,7 @@ static void Adlib_fini (AdlibState *s)
AUD_remove_card (&s->card);
}
-int Adlib_init (qemu_irq *pic)
+int Adlib_init (ISABus *bus, qemu_irq *pic)
{
AdlibState *s = &glob_adlib;
struct audsettings as;
diff --git a/hw/alpha_dp264.c b/hw/alpha_dp264.c
index fcc20e9..a87d6ef 100644
--- a/hw/alpha_dp264.c
+++ b/hw/alpha_dp264.c
@@ -50,6 +50,7 @@ static void clipper_init(ram_addr_t ram_size,
{
CPUState *cpus[4];
PCIBus *pci_bus;
+ISABus *isa_bus;
qemu_irq rtc_irq;
long size, i;
const char *palcode_filename;
@@ -68,10 +69,11 @@ static void clipper_init(ram_addr_t ram_size,
/* Init the chipset. */
pci_bus = typhoon_init(ram_size, &rtc_irq, cpus, clipper_pci_map_irq);
+isa_bus = NULL;
-rtc_init(1980, rtc_irq);
-pit_init(0x40, 0);
-isa_create_simple("i8042");
+rtc_init(isa_bus, 1980, rtc_irq);
+pit_init(isa_bus, 0x40, 0);
+isa_create_simple(isa_bus, "i8042");
/* VGA setup. Don't bother loading the bios. */
alpha_pci_vga_setup(pci_bus);
@@ -79,7 +81,7 @@ static void clipper_init(ram_addr_t ram_size,
/* Serial code setup. */
for (i = 0; i < MAX_SERIAL_PORTS; ++i) {
if (serial_hds[i]) {
-serial_isa_init(i, serial_hds[i]);
+serial_isa_init(isa_bus, i, serial_hds[i]);
}
}
diff --git a/hw/alpha_typhoon.c b/hw/alpha_typhoon.c
index c7608bb..113837d 100644
--- a/hw/alpha_typhoon.c
+++ b/hw/alpha_typhoon.c
@@ -791,11 +791,12 @@ PCIBus *typhoon_init(ram_addr_t ram_size, qemu_irq
*p_rtc_irq,
/* ??? Technically there should be a cy82c693ub pci-isa bridge. */
{
qemu_irq isa_pci_irq, *isa_irqs;
+ISABus *isa_bus;
-isa_bus_new(NULL, addr_space_io);
+isa_bus = isa_bus_new(NULL, addr_space_io);
isa_pci_irq = *qemu_allocate_irqs(typh
[Qemu-devel] [PATCH 05/15] syborg_keyboard: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_keyboard.c | 28 +++-
1 files changed, 11 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_keyboard.c b/hw/syborg_keyboard.c
index 82b9dc0..03d2183 100644
--- a/hw/syborg_keyboard.c
+++ b/hw/syborg_keyboard.c
@@ -51,6 +51,7 @@ enum {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
uint32_t int_enabled;
int extension_bit;
uint32_t fifo_size;
@@ -66,7 +67,8 @@ static void syborg_keyboard_update(SyborgKeyboardState *s)
qemu_set_irq(s->irq, level);
}
-static uint32_t syborg_keyboard_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_keyboard_read(void *opaque, target_phys_addr_t offset,
+unsigned size)
{
SyborgKeyboardState *s = (SyborgKeyboardState *)opaque;
int c;
@@ -104,7 +106,7 @@ static uint32_t syborg_keyboard_read(void *opaque,
target_phys_addr_t offset)
}
static void syborg_keyboard_write(void *opaque, target_phys_addr_t offset,
- uint32_t value)
+ uint64_t value, unsigned size)
{
SyborgKeyboardState *s = (SyborgKeyboardState *)opaque;
@@ -121,16 +123,10 @@ static void syborg_keyboard_write(void *opaque,
target_phys_addr_t offset,
}
}
-static CPUReadMemoryFunc * const syborg_keyboard_readfn[] = {
- syborg_keyboard_read,
- syborg_keyboard_read,
- syborg_keyboard_read
-};
-
-static CPUWriteMemoryFunc * const syborg_keyboard_writefn[] = {
- syborg_keyboard_write,
- syborg_keyboard_write,
- syborg_keyboard_write
+static const MemoryRegionOps syborg_keyboard_ops = {
+.read = syborg_keyboard_read,
+.write = syborg_keyboard_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static void syborg_keyboard_event(void *opaque, int keycode)
@@ -184,13 +180,11 @@ static const VMStateDescription vmstate_syborg_keyboard =
{
static int syborg_keyboard_init(SysBusDevice *dev)
{
SyborgKeyboardState *s = FROM_SYSBUS(SyborgKeyboardState, dev);
-int iomemtype;
sysbus_init_irq(dev, &s->irq);
-iomemtype = cpu_register_io_memory(syborg_keyboard_readfn,
- syborg_keyboard_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_keyboard_ops, s,
+ "keyboard", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
if (s->fifo_size <= 0) {
fprintf(stderr, "syborg_keyboard: fifo too small\n");
s->fifo_size = 16;
--
1.7.4.1
[Qemu-devel] [PATCH 15/15] integratorcp: convert icp_pic to VMState
Signed-off-by: Benoit Canet
---
hw/integratorcp.c | 14 ++
1 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/hw/integratorcp.c b/hw/integratorcp.c
index 39322cb..0212ed6 100644
--- a/hw/integratorcp.c
+++ b/hw/integratorcp.c
@@ -310,6 +310,19 @@ typedef struct icp_pic_state
qemu_irq parent_fiq;
} icp_pic_state;
+static const VMStateDescription vmstate_icp_pic = {
+.name = "pic",
+.version_id = 1,
+.minimum_version_id = 1,
+.minimum_version_id_old = 1,
+.fields = (VMStateField[]) {
+VMSTATE_UINT32(level, icp_pic_state),
+VMSTATE_UINT32(irq_enabled, icp_pic_state),
+VMSTATE_UINT32(fiq_enabled, icp_pic_state),
+VMSTATE_END_OF_LIST()
+}
+};
+
static void icp_pic_update(icp_pic_state *s)
{
uint32_t flags;
@@ -411,6 +424,7 @@ static int icp_pic_init(SysBusDevice *dev)
sysbus_init_irq(dev, &s->parent_fiq);
memory_region_init_io(&s->iomem, &icp_pic_ops, s, "icp-pic", 0x0080);
sysbus_init_mmio_region(dev, &s->iomem);
+vmstate_register(&dev->qdev, -1, &vmstate_icp_pic, s);
return 0;
}
--
1.7.4.1
[Qemu-devel] [PATCH 05/11] alpha: give ISA bus to ISA methods
Signed-off-by: Hervé Poussineau
---
hw/alpha_dp264.c |4 ++--
hw/alpha_sys.h |3 ++-
hw/alpha_typhoon.c | 10 +-
3 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/hw/alpha_dp264.c b/hw/alpha_dp264.c
index a87d6ef..455f380 100644
--- a/hw/alpha_dp264.c
+++ b/hw/alpha_dp264.c
@@ -68,8 +68,8 @@ static void clipper_init(ram_addr_t ram_size,
cpus[0]->trap_arg2 = smp_cpus;
/* Init the chipset. */
-pci_bus = typhoon_init(ram_size, &rtc_irq, cpus, clipper_pci_map_irq);
-isa_bus = NULL;
+pci_bus = typhoon_init(ram_size, &isa_bus, &rtc_irq, cpus,
+ clipper_pci_map_irq);
rtc_init(isa_bus, 1980, rtc_irq);
pit_init(isa_bus, 0x40, 0);
diff --git a/hw/alpha_sys.h b/hw/alpha_sys.h
index 13f0177..d54b18f 100644
--- a/hw/alpha_sys.h
+++ b/hw/alpha_sys.h
@@ -12,7 +12,8 @@
#include "irq.h"
-PCIBus *typhoon_init(ram_addr_t, qemu_irq *, CPUState *[4], pci_map_irq_fn);
+PCIBus *typhoon_init(ram_addr_t, ISABus **, qemu_irq *, CPUState *[4],
+ pci_map_irq_fn);
/* alpha_pci.c. */
extern const MemoryRegionOps alpha_pci_bw_io_ops;
diff --git a/hw/alpha_typhoon.c b/hw/alpha_typhoon.c
index 113837d..adf7382 100644
--- a/hw/alpha_typhoon.c
+++ b/hw/alpha_typhoon.c
@@ -691,7 +691,8 @@ static void typhoon_alarm_timer(void *opaque)
cpu_interrupt(s->cchip.cpu[cpu], CPU_INTERRUPT_TIMER);
}
-PCIBus *typhoon_init(ram_addr_t ram_size, qemu_irq *p_rtc_irq,
+PCIBus *typhoon_init(ram_addr_t ram_size, ISABus **isa_bus,
+ qemu_irq *p_rtc_irq,
CPUState *cpus[4], pci_map_irq_fn sys_map_irq)
{
const uint64_t MB = 1024 * 1024;
@@ -791,12 +792,11 @@ PCIBus *typhoon_init(ram_addr_t ram_size, qemu_irq
*p_rtc_irq,
/* ??? Technically there should be a cy82c693ub pci-isa bridge. */
{
qemu_irq isa_pci_irq, *isa_irqs;
-ISABus *isa_bus;
-isa_bus = isa_bus_new(NULL, addr_space_io);
+*isa_bus = isa_bus_new(NULL, addr_space_io);
isa_pci_irq = *qemu_allocate_irqs(typhoon_set_isa_irq, s, 1);
-isa_irqs = i8259_init(isa_bus, isa_pci_irq);
-isa_bus_irqs(isa_bus, isa_irqs);
+isa_irqs = i8259_init(*isa_bus, isa_pci_irq);
+isa_bus_irqs(*isa_bus, isa_irqs);
}
return b;
--
1.7.6.3
[Qemu-devel] [PATCH 14/14] integratorcp: convert icp_pic to VMState
Signed-off-by: Benoit Canet
---
hw/integratorcp.c | 14 ++
1 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/hw/integratorcp.c b/hw/integratorcp.c
index 1ffe7d8..114907a 100644
--- a/hw/integratorcp.c
+++ b/hw/integratorcp.c
@@ -310,6 +310,19 @@ typedef struct icp_pic_state
qemu_irq parent_fiq;
} icp_pic_state;
+static const VMStateDescription vmstate_icp_pic = {
+.name = "pic",
+.version_id = 1,
+.minimum_version_id = 1,
+.minimum_version_id_old = 1,
+.fields = (VMStateField[]) {
+VMSTATE_UINT32(level, icp_pic_state),
+VMSTATE_UINT32(irq_enabled, icp_pic_state),
+VMSTATE_UINT32(fiq_enabled, icp_pic_state),
+VMSTATE_END_OF_LIST()
+}
+};
+
static void icp_pic_update(icp_pic_state *s)
{
uint32_t flags;
@@ -411,6 +424,7 @@ static int icp_pic_init(SysBusDevice *dev)
sysbus_init_irq(dev, &s->parent_fiq);
memory_region_init_io(&s->iomem, &icp_pic_ops, s, "icp-pic", 0x0080);
sysbus_init_mmio_region(dev, &s->iomem);
+vmstate_register(&dev->qdev, -1, &vmstate_icp_pic, s);
return 0;
}
--
1.7.4.1
[Qemu-devel] [PATCH 02/15] mst_fpga: convert to memory API
Signed-off-by: Benoit Canet
---
hw/mst_fpga.c | 29 -
1 files changed, 12 insertions(+), 17 deletions(-)
diff --git a/hw/mst_fpga.c b/hw/mst_fpga.c
index 7bcd5d7..cf9957b 100644
--- a/hw/mst_fpga.c
+++ b/hw/mst_fpga.c
@@ -34,6 +34,7 @@
typedef struct mst_irq_state{
SysBusDevice busdev;
+ MemoryRegion iomem;
qemu_irq parent;
@@ -86,8 +87,8 @@ mst_fpga_set_irq(void *opaque, int irq, int level)
}
-static uint32_t
-mst_fpga_readb(void *opaque, target_phys_addr_t addr)
+static uint64_t
+mst_fpga_readb(void *opaque, target_phys_addr_t addr, unsigned size)
{
mst_irq_state *s = (mst_irq_state *) opaque;
@@ -124,7 +125,8 @@ mst_fpga_readb(void *opaque, target_phys_addr_t addr)
}
static void
-mst_fpga_writeb(void *opaque, target_phys_addr_t addr, uint32_t value)
+mst_fpga_writeb(void *opaque, target_phys_addr_t addr, uint64_t value,
+ unsigned size)
{
mst_irq_state *s = (mst_irq_state *) opaque;
value &= 0x;
@@ -175,17 +177,11 @@ mst_fpga_writeb(void *opaque, target_phys_addr_t addr,
uint32_t value)
}
}
-static CPUReadMemoryFunc * const mst_fpga_readfn[] = {
- mst_fpga_readb,
- mst_fpga_readb,
- mst_fpga_readb,
+static const MemoryRegionOps mst_fpga_ops = {
+ .read = mst_fpga_readb,
+ .write = mst_fpga_writeb,
+ .endianness = DEVICE_NATIVE_ENDIAN,
};
-static CPUWriteMemoryFunc * const mst_fpga_writefn[] = {
- mst_fpga_writeb,
- mst_fpga_writeb,
- mst_fpga_writeb,
-};
-
static int mst_fpga_post_load(void *opaque, int version_id)
{
@@ -198,7 +194,6 @@ static int mst_fpga_post_load(void *opaque, int version_id)
static int mst_fpga_init(SysBusDevice *dev)
{
mst_irq_state *s;
- int iomemtype;
s = FROM_SYSBUS(mst_irq_state, dev);
@@ -210,9 +205,9 @@ static int mst_fpga_init(SysBusDevice *dev)
/* alloc the external 16 irqs */
qdev_init_gpio_in(&dev->qdev, mst_fpga_set_irq, MST_NUM_IRQS);
- iomemtype = cpu_register_io_memory(mst_fpga_readfn,
- mst_fpga_writefn, s, DEVICE_NATIVE_ENDIAN);
- sysbus_init_mmio(dev, 0x0010, iomemtype);
+ memory_region_init_io(&s->iomem, &mst_fpga_ops, s,
+ "fpga", 0x0010);
+ sysbus_init_mmio_region(dev, &s->iomem);
return 0;
}
--
1.7.4.1
[Qemu-devel] [PATCH 08/15] syborg_serial: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_serial.c | 28 +++-
1 files changed, 11 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_serial.c b/hw/syborg_serial.c
index c83f82c..b73a009 100644
--- a/hw/syborg_serial.c
+++ b/hw/syborg_serial.c
@@ -58,6 +58,7 @@ enum {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
uint32_t int_enable;
uint32_t fifo_size;
uint32_t *read_fifo;
@@ -152,7 +153,8 @@ static void dma_rx_start(SyborgSerialState *s, uint32_t len)
syborg_serial_update(s);
}
-static uint32_t syborg_serial_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_serial_read(void *opaque, target_phys_addr_t offset,
+ unsigned size)
{
SyborgSerialState *s = (SyborgSerialState *)opaque;
uint32_t c;
@@ -192,7 +194,7 @@ static uint32_t syborg_serial_read(void *opaque,
target_phys_addr_t offset)
}
static void syborg_serial_write(void *opaque, target_phys_addr_t offset,
-uint32_t value)
+uint64_t value, unsigned size)
{
SyborgSerialState *s = (SyborgSerialState *)opaque;
unsigned char ch;
@@ -261,16 +263,10 @@ static void syborg_serial_event(void *opaque, int event)
/* TODO: Report BREAK events? */
}
-static CPUReadMemoryFunc * const syborg_serial_readfn[] = {
- syborg_serial_read,
- syborg_serial_read,
- syborg_serial_read
-};
-
-static CPUWriteMemoryFunc * const syborg_serial_writefn[] = {
- syborg_serial_write,
- syborg_serial_write,
- syborg_serial_write
+static const MemoryRegionOps syborg_serial_ops = {
+.read = syborg_serial_read,
+.write = syborg_serial_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static const VMStateDescription vmstate_syborg_serial = {
@@ -295,13 +291,11 @@ static const VMStateDescription vmstate_syborg_serial = {
static int syborg_serial_init(SysBusDevice *dev)
{
SyborgSerialState *s = FROM_SYSBUS(SyborgSerialState, dev);
-int iomemtype;
sysbus_init_irq(dev, &s->irq);
-iomemtype = cpu_register_io_memory(syborg_serial_readfn,
- syborg_serial_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_serial_ops, s,
+ "serial", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
s->chr = qdev_init_chardev(&dev->qdev);
if (s->chr) {
qemu_chr_add_handlers(s->chr, syborg_serial_can_receive,
--
1.7.4.1
[Qemu-devel] [PATCH 04/15] syborg_interrupt: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_interrupt.c | 29 -
1 files changed, 12 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_interrupt.c b/hw/syborg_interrupt.c
index 1b0f3bb..512910a 100644
--- a/hw/syborg_interrupt.c
+++ b/hw/syborg_interrupt.c
@@ -55,6 +55,7 @@ typedef struct {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
int pending_count;
uint32_t num_irqs;
syborg_int_flags *flags;
@@ -84,7 +85,8 @@ static void syborg_int_set_irq(void *opaque, int irq, int
level)
}
}
-static uint32_t syborg_int_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_int_read(void *opaque, target_phys_addr_t offset,
+unsigned size)
{
SyborgIntState *s = (SyborgIntState *)opaque;
int i;
@@ -114,7 +116,8 @@ static uint32_t syborg_int_read(void *opaque,
target_phys_addr_t offset)
}
}
-static void syborg_int_write(void *opaque, target_phys_addr_t offset, uint32_t
value)
+static void syborg_int_write(void *opaque, target_phys_addr_t offset,
+ uint64_t value, unsigned size)
{
SyborgIntState *s = (SyborgIntState *)opaque;
int i;
@@ -156,16 +159,10 @@ static void syborg_int_write(void *opaque,
target_phys_addr_t offset, uint32_t v
syborg_int_update(s);
}
-static CPUReadMemoryFunc * const syborg_int_readfn[] = {
-syborg_int_read,
-syborg_int_read,
-syborg_int_read
-};
-
-static CPUWriteMemoryFunc * const syborg_int_writefn[] = {
-syborg_int_write,
-syborg_int_write,
-syborg_int_write
+static const MemoryRegionOps syborg_int_ops = {
+.read = syborg_int_read,
+.write = syborg_int_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static void syborg_int_save(QEMUFile *f, void *opaque)
@@ -205,14 +202,12 @@ static int syborg_int_load(QEMUFile *f, void *opaque, int
version_id)
static int syborg_int_init(SysBusDevice *dev)
{
SyborgIntState *s = FROM_SYSBUS(SyborgIntState, dev);
-int iomemtype;
sysbus_init_irq(dev, &s->parent_irq);
qdev_init_gpio_in(&dev->qdev, syborg_int_set_irq, s->num_irqs);
-iomemtype = cpu_register_io_memory(syborg_int_readfn,
- syborg_int_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_int_ops, s,
+ "interrupt", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
s->flags = g_malloc0(s->num_irqs * sizeof(syborg_int_flags));
register_savevm(&dev->qdev, "syborg_int", -1, 1, syborg_int_save,
--
1.7.4.1
[Qemu-devel] [PATCH V2 00/15] V2 arm: more memory API and VMState conversion
This version fix coding style issues. These patches apply against akivity memory/master. They convert syborg to memory API and various arm related component to VMState. Omap boards where not modified because Linaro is currently refactoring them. Xscale was left apart too. Benoît Canet (15): marvell_88x8618_audio: convert to memory API mst_fpga: convert to memory API syborg_fb: convert to memory API syborg_interrupt: convert to memory API syborg_keyboard: convert to memory API syborg_pointer: convert to memory API syborg_rtc: convert to memory API syborg_serial: convert to memory API syborg_timer: convert to memory API syborg_virtio: convert to memory API pl181: add vmstate bitbang_i2c: convert to VMState realview: convert realview i2c to VMState integratorcp: convert integratorcm to VMState integratorcp: convert icp_pic to VMState hw/bitbang_i2c.c | 92 +--- hw/integratorcp.c | 38 ++ hw/marvell_88w8618_audio.c | 28 + hw/mst_fpga.c | 29 ++ hw/pl181.c | 40 +-- hw/realview.c | 21 +- hw/syborg_fb.c | 28 + hw/syborg_interrupt.c | 29 ++ hw/syborg_keyboard.c | 28 + hw/syborg_pointer.c| 28 + hw/syborg_rtc.c| 28 + hw/syborg_serial.c | 28 + hw/syborg_timer.c | 27 + hw/syborg_virtio.c | 30 +++ 14 files changed, 268 insertions(+), 206 deletions(-) -- 1.7.4.1
[Qemu-devel] [PATCH 01/15] marvell_88x8618_audio: convert to memory API
Signed-off-by: Benoit Canet
---
hw/marvell_88w8618_audio.c | 28 +++-
1 files changed, 11 insertions(+), 17 deletions(-)
diff --git a/hw/marvell_88w8618_audio.c b/hw/marvell_88w8618_audio.c
index f8c5242..67bb70b 100644
--- a/hw/marvell_88w8618_audio.c
+++ b/hw/marvell_88w8618_audio.c
@@ -36,6 +36,7 @@
typedef struct mv88w8618_audio_state {
SysBusDevice busdev;
+MemoryRegion iomem;
qemu_irq irq;
uint32_t playback_mode;
uint32_t status;
@@ -134,7 +135,8 @@ static void
mv88w8618_audio_clock_update(mv88w8618_audio_state *s)
wm8750_set_bclk_in(s->wm, rate);
}
-static uint32_t mv88w8618_audio_read(void *opaque, target_phys_addr_t offset)
+static uint64_t mv88w8618_audio_read(void *opaque, target_phys_addr_t offset,
+ unsigned size)
{
mv88w8618_audio_state *s = opaque;
@@ -160,7 +162,7 @@ static uint32_t mv88w8618_audio_read(void *opaque,
target_phys_addr_t offset)
}
static void mv88w8618_audio_write(void *opaque, target_phys_addr_t offset,
- uint32_t value)
+ uint64_t value, unsigned size)
{
mv88w8618_audio_state *s = opaque;
@@ -227,31 +229,23 @@ static void mv88w8618_audio_reset(DeviceState *d)
s->phys_buf = 0;
}
-static CPUReadMemoryFunc * const mv88w8618_audio_readfn[] = {
-mv88w8618_audio_read,
-mv88w8618_audio_read,
-mv88w8618_audio_read
-};
-
-static CPUWriteMemoryFunc * const mv88w8618_audio_writefn[] = {
-mv88w8618_audio_write,
-mv88w8618_audio_write,
-mv88w8618_audio_write
+static const MemoryRegionOps mv88w8618_audio_ops = {
+.read = mv88w8618_audio_read,
+.write = mv88w8618_audio_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static int mv88w8618_audio_init(SysBusDevice *dev)
{
mv88w8618_audio_state *s = FROM_SYSBUS(mv88w8618_audio_state, dev);
-int iomemtype;
sysbus_init_irq(dev, &s->irq);
wm8750_data_req_set(s->wm, mv88w8618_audio_callback, s);
-iomemtype = cpu_register_io_memory(mv88w8618_audio_readfn,
- mv88w8618_audio_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, MP_AUDIO_SIZE, iomemtype);
+memory_region_init_io(&s->iomem, &mv88w8618_audio_ops, s,
+ "audio", MP_AUDIO_SIZE);
+sysbus_init_mmio_region(dev, &s->iomem);
return 0;
}
--
1.7.4.1
[Qemu-devel] [PATCH 12/15] bitbang_i2c: convert to VMState
Signed-off-by: Benoit Canet
---
hw/bitbang_i2c.c | 92 +++--
1 files changed, 61 insertions(+), 31 deletions(-)
diff --git a/hw/bitbang_i2c.c b/hw/bitbang_i2c.c
index 431359d..b711144 100644
--- a/hw/bitbang_i2c.c
+++ b/hw/bitbang_i2c.c
@@ -19,37 +19,53 @@ do { printf("bitbang_i2c: " fmt , ## __VA_ARGS__); } while
(0)
#define DPRINTF(fmt, ...) do {} while(0)
#endif
-typedef enum bitbang_i2c_state {
+enum {
STOPPED = 0,
-SENDING_BIT7,
-SENDING_BIT6,
-SENDING_BIT5,
-SENDING_BIT4,
-SENDING_BIT3,
-SENDING_BIT2,
-SENDING_BIT1,
-SENDING_BIT0,
-WAITING_FOR_ACK,
-RECEIVING_BIT7,
-RECEIVING_BIT6,
-RECEIVING_BIT5,
-RECEIVING_BIT4,
-RECEIVING_BIT3,
-RECEIVING_BIT2,
-RECEIVING_BIT1,
-RECEIVING_BIT0,
-SENDING_ACK,
-SENT_NACK
-} bitbang_i2c_state;
+SENDING_BIT7 = 1,
+SENDING_BIT6 = 2,
+SENDING_BIT5 = 3,
+SENDING_BIT4 = 4,
+SENDING_BIT3 = 5,
+SENDING_BIT2 = 6,
+SENDING_BIT1 = 7,
+SENDING_BIT0 = 8,
+WAITING_FOR_ACK = 9,
+RECEIVING_BIT7 = 10,
+RECEIVING_BIT6 = 11,
+RECEIVING_BIT5 = 12,
+RECEIVING_BIT4 = 13,
+RECEIVING_BIT3 = 14,
+RECEIVING_BIT2 = 15,
+RECEIVING_BIT1 = 16,
+RECEIVING_BIT0 = 17,
+SENDING_ACK = 18,
+SENT_NACK = 19
+};
struct bitbang_i2c_interface {
i2c_bus *bus;
-bitbang_i2c_state state;
-int last_data;
-int last_clock;
-int device_out;
+uint8_t state;
+int32_t last_data;
+int32_t last_clock;
+int32_t device_out;
uint8_t buffer;
-int current_addr;
+int32_t current_addr;
+};
+
+const VMStateDescription vmstate_bitbang_i2c = {
+.name = "bitbang_i2c",
+.version_id = 1,
+.minimum_version_id = 1,
+.minimum_version_id_old = 1,
+.fields = (VMStateField[]) {
+VMSTATE_UINT8(state, bitbang_i2c_interface),
+VMSTATE_INT32(last_data, bitbang_i2c_interface),
+VMSTATE_INT32(last_clock, bitbang_i2c_interface),
+VMSTATE_INT32(device_out, bitbang_i2c_interface),
+VMSTATE_UINT8(buffer, bitbang_i2c_interface),
+VMSTATE_INT32(current_addr, bitbang_i2c_interface),
+VMSTATE_END_OF_LIST()
+}
};
static void bitbang_i2c_enter_stop(bitbang_i2c_interface *i2c)
@@ -62,7 +78,7 @@ static void bitbang_i2c_enter_stop(bitbang_i2c_interface *i2c)
}
/* Set device data pin. */
-static int bitbang_i2c_ret(bitbang_i2c_interface *i2c, int level)
+static int32_t bitbang_i2c_ret(bitbang_i2c_interface *i2c, int32_t level)
{
i2c->device_out = level;
//DPRINTF("%d %d %d\n", i2c->last_clock, i2c->last_data, i2c->device_out);
@@ -70,13 +86,13 @@ static int bitbang_i2c_ret(bitbang_i2c_interface *i2c, int
level)
}
/* Leave device data pin unodified. */
-static int bitbang_i2c_nop(bitbang_i2c_interface *i2c)
+static int32_t bitbang_i2c_nop(bitbang_i2c_interface *i2c)
{
return bitbang_i2c_ret(i2c, i2c->device_out);
}
/* Returns data line level. */
-int bitbang_i2c_set(bitbang_i2c_interface *i2c, int line, int level)
+int32_t bitbang_i2c_set(bitbang_i2c_interface *i2c, int line, int32_t level)
{
int data;
@@ -185,11 +201,24 @@ bitbang_i2c_interface *bitbang_i2c_init(i2c_bus *bus)
typedef struct {
SysBusDevice busdev;
bitbang_i2c_interface *bitbang;
-int last_level;
+int32_t last_level;
qemu_irq out;
} GPIOI2CState;
-static void bitbang_i2c_gpio_set(void *opaque, int irq, int level)
+const VMStateDescription vmstate_gpio_i2c = {
+.name = "gpio_i2c",
+.version_id = 1,
+.minimum_version_id = 1,
+.minimum_version_id_old = 1,
+.fields = (VMStateField[]) {
+VMSTATE_STRUCT_POINTER(bitbang, GPIOI2CState, vmstate_bitbang_i2c,
+ bitbang_i2c_interface *),
+VMSTATE_INT32(last_level, GPIOI2CState),
+VMSTATE_END_OF_LIST()
+}
+};
+
+static void bitbang_i2c_gpio_set(void *opaque, int irq, int32_t level)
{
GPIOI2CState *s = opaque;
@@ -221,6 +250,7 @@ static SysBusDeviceInfo gpio_i2c_info = {
.qdev.name = "gpio_i2c",
.qdev.desc = "Virtual GPIO to I2C bridge",
.qdev.size = sizeof(GPIOI2CState),
+.qdev.vmsd = &vmstate_gpio_i2c,
};
static void bitbang_i2c_register(void)
--
1.7.4.1
[Qemu-devel] [PATCH 14/15] integratorcp: convert integratorcm to VMState
Signed-off-by: Benoit Canet
---
hw/integratorcp.c | 24
1 files changed, 24 insertions(+), 0 deletions(-)
diff --git a/hw/integratorcp.c b/hw/integratorcp.c
index 7ad68b7..39322cb 100644
--- a/hw/integratorcp.c
+++ b/hw/integratorcp.c
@@ -35,6 +35,29 @@ typedef struct {
uint32_t fiq_enabled;
} integratorcm_state;
+static const VMStateDescription vmstate_integratorcm = {
+.name = "integratorcm",
+.version_id = 1,
+.minimum_version_id = 1,
+.minimum_version_id_old = 1,
+.fields = (VMStateField[]) {
+VMSTATE_UINT32(memsz, integratorcm_state),
+VMSTATE_BOOL(flash_mapped, integratorcm_state),
+VMSTATE_UINT32(cm_osc, integratorcm_state),
+VMSTATE_UINT32(cm_ctrl, integratorcm_state),
+VMSTATE_UINT32(cm_lock, integratorcm_state),
+VMSTATE_UINT32(cm_auxosc, integratorcm_state),
+VMSTATE_UINT32(cm_sdram, integratorcm_state),
+VMSTATE_UINT32(cm_init, integratorcm_state),
+VMSTATE_UINT32(cm_flags, integratorcm_state),
+VMSTATE_UINT32(cm_nvflags, integratorcm_state),
+VMSTATE_UINT32(int_level, integratorcm_state),
+VMSTATE_UINT32(irq_enabled, integratorcm_state),
+VMSTATE_UINT32(fiq_enabled, integratorcm_state),
+VMSTATE_END_OF_LIST()
+}
+};
+
static uint8_t integrator_spd[128] = {
128, 8, 4, 11, 9, 1, 64, 0, 2, 0xa0, 0xa0, 0, 0, 8, 0, 1,
0xe, 4, 0x1c, 1, 2, 0x20, 0xc0, 0, 0, 0, 0, 0x30, 0x28, 0x30, 0x28, 0x40
@@ -536,6 +559,7 @@ static SysBusDeviceInfo core_info = {
.init = integratorcm_init,
.qdev.name = "integrator_core",
.qdev.size = sizeof(integratorcm_state),
+.qdev.vmsd = &vmstate_integratorcm,
.qdev.props = (Property[]) {
DEFINE_PROP_UINT32("memsz", integratorcm_state, memsz, 0),
DEFINE_PROP_END_OF_LIST(),
--
1.7.4.1
[Qemu-devel] [PATCH 10/11] isa: always use provided ISA bus in isa_bus_irqs()
Signed-off-by: Hervé Poussineau
---
hw/isa-bus.c |6 --
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/hw/isa-bus.c b/hw/isa-bus.c
index 3207680..5af790b 100644
--- a/hw/isa-bus.c
+++ b/hw/isa-bus.c
@@ -53,8 +53,10 @@ ISABus *isa_bus_new(DeviceState *dev, MemoryRegion
*address_space_io)
void isa_bus_irqs(ISABus *bus, qemu_irq *irqs)
{
-assert(!bus || bus == isabus);
-isabus->irqs = irqs;
+if (!bus) {
+hw_error("Can't set isa irqs with no isa bus present.");
+}
+bus->irqs = irqs;
}
/*
--
1.7.6.3
[Qemu-devel] [PATCH 03/14] syborg_interrupt: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_interrupt.c | 29 -
1 files changed, 12 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_interrupt.c b/hw/syborg_interrupt.c
index 1b0f3bb..512910a 100644
--- a/hw/syborg_interrupt.c
+++ b/hw/syborg_interrupt.c
@@ -55,6 +55,7 @@ typedef struct {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
int pending_count;
uint32_t num_irqs;
syborg_int_flags *flags;
@@ -84,7 +85,8 @@ static void syborg_int_set_irq(void *opaque, int irq, int
level)
}
}
-static uint32_t syborg_int_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_int_read(void *opaque, target_phys_addr_t offset,
+unsigned size)
{
SyborgIntState *s = (SyborgIntState *)opaque;
int i;
@@ -114,7 +116,8 @@ static uint32_t syborg_int_read(void *opaque,
target_phys_addr_t offset)
}
}
-static void syborg_int_write(void *opaque, target_phys_addr_t offset, uint32_t
value)
+static void syborg_int_write(void *opaque, target_phys_addr_t offset,
+ uint64_t value, unsigned size)
{
SyborgIntState *s = (SyborgIntState *)opaque;
int i;
@@ -156,16 +159,10 @@ static void syborg_int_write(void *opaque,
target_phys_addr_t offset, uint32_t v
syborg_int_update(s);
}
-static CPUReadMemoryFunc * const syborg_int_readfn[] = {
-syborg_int_read,
-syborg_int_read,
-syborg_int_read
-};
-
-static CPUWriteMemoryFunc * const syborg_int_writefn[] = {
-syborg_int_write,
-syborg_int_write,
-syborg_int_write
+static const MemoryRegionOps syborg_int_ops = {
+.read = syborg_int_read,
+.write = syborg_int_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static void syborg_int_save(QEMUFile *f, void *opaque)
@@ -205,14 +202,12 @@ static int syborg_int_load(QEMUFile *f, void *opaque, int
version_id)
static int syborg_int_init(SysBusDevice *dev)
{
SyborgIntState *s = FROM_SYSBUS(SyborgIntState, dev);
-int iomemtype;
sysbus_init_irq(dev, &s->parent_irq);
qdev_init_gpio_in(&dev->qdev, syborg_int_set_irq, s->num_irqs);
-iomemtype = cpu_register_io_memory(syborg_int_readfn,
- syborg_int_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_int_ops, s,
+ "interrupt", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
s->flags = g_malloc0(s->num_irqs * sizeof(syborg_int_flags));
register_savevm(&dev->qdev, "syborg_int", -1, 1, syborg_int_save,
--
1.7.4.1
[Qemu-devel] [PATCH 10/15] syborg_virtio: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_virtio.c | 30 ++
1 files changed, 14 insertions(+), 16 deletions(-)
diff --git a/hw/syborg_virtio.c b/hw/syborg_virtio.c
index 00c7be8..c2dbf36 100644
--- a/hw/syborg_virtio.c
+++ b/hw/syborg_virtio.c
@@ -62,6 +62,7 @@ enum {
typedef struct {
SysBusDevice busdev;
VirtIODevice *vdev;
+MemoryRegion iomem;
qemu_irq irq;
uint32_t int_enable;
uint32_t id;
@@ -223,16 +224,16 @@ static void syborg_virtio_writeb(void *opaque,
target_phys_addr_t offset,
BADF("Bad byte write offset 0x%x\n", (int)offset);
}
-static CPUReadMemoryFunc * const syborg_virtio_readfn[] = {
- syborg_virtio_readb,
- syborg_virtio_readw,
- syborg_virtio_readl
-};
-
-static CPUWriteMemoryFunc * const syborg_virtio_writefn[] = {
- syborg_virtio_writeb,
- syborg_virtio_writew,
- syborg_virtio_writel
+static const MemoryRegionOps syborg_virtio_ops = {
+.old_mmio = {
+.read = { syborg_virtio_readb,
+ syborg_virtio_readw,
+ syborg_virtio_readl },
+.write = { syborg_virtio_writeb,
+ syborg_virtio_writew,
+ syborg_virtio_writel },
+},
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static void syborg_virtio_update_irq(void *opaque, uint16_t vector)
@@ -258,17 +259,14 @@ static VirtIOBindings syborg_virtio_bindings = {
static int syborg_virtio_init(SyborgVirtIOProxy *proxy, VirtIODevice *vdev)
{
-int iomemtype;
-
proxy->vdev = vdev;
/* Don't support multiple vectors */
proxy->vdev->nvectors = 0;
sysbus_init_irq(&proxy->busdev, &proxy->irq);
-iomemtype = cpu_register_io_memory(syborg_virtio_readfn,
- syborg_virtio_writefn, proxy,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(&proxy->busdev, 0x1000, iomemtype);
+memory_region_init_io(&proxy->iomem, &syborg_virtio_ops, proxy,
+ "virtio", 0x1000);
+sysbus_init_mmio_region(&proxy->busdev, &proxy->iomem);
proxy->id = ((uint32_t)0x1af4 << 16) | vdev->device_id;
--
1.7.4.1
[Qemu-devel] [PATCH 04/11] pc: give ISA bus to ISA methods
Signed-off-by: Hervé Poussineau
---
hw/pc.h |2 +-
hw/pc_piix.c |3 +--
hw/piix_pci.c |8 +---
3 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/hw/pc.h b/hw/pc.h
index c43fa73..127940c 100644
--- a/hw/pc.h
+++ b/hw/pc.h
@@ -181,7 +181,7 @@ struct PCII440FXState;
typedef struct PCII440FXState PCII440FXState;
PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix_devfn,
-qemu_irq *pic,
+ISABus **isa_bus, qemu_irq *pic,
MemoryRegion *address_space_mem,
MemoryRegion *address_space_io,
ram_addr_t ram_size,
diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index 6bc1f60..be91d3b 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -135,7 +135,7 @@ static void pc_init1(MemoryRegion *system_memory,
gsi = qemu_allocate_irqs(gsi_handler, gsi_state, GSI_NUM_PINS);
if (pci_enabled) {
-pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, gsi,
+pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, &isa_bus, gsi,
system_memory, system_io, ram_size,
below_4g_mem_size,
0x1ULL - below_4g_mem_size,
@@ -144,7 +144,6 @@ static void pc_init1(MemoryRegion *system_memory,
? 0
: ((uint64_t)1 << 62)),
pci_memory, ram_memory);
-isa_bus = NULL;
} else {
pci_bus = NULL;
i440fx_state = NULL;
diff --git a/hw/piix_pci.c b/hw/piix_pci.c
index d183443..aef2d7f 100644
--- a/hw/piix_pci.c
+++ b/hw/piix_pci.c
@@ -263,7 +263,7 @@ static int i440fx_initfn(PCIDevice *dev)
static PCIBus *i440fx_common_init(const char *device_name,
PCII440FXState **pi440fx_state,
int *piix3_devfn,
- qemu_irq *pic,
+ ISABus **isa_bus, qemu_irq *pic,
MemoryRegion *address_space_mem,
MemoryRegion *address_space_io,
ram_addr_t ram_size,
@@ -325,6 +325,8 @@ static PCIBus *i440fx_common_init(const char *device_name,
PIIX_NUM_PIRQS);
}
piix3->pic = pic;
+*isa_bus = DO_UPCAST(ISABus, qbus,
+ qdev_get_child_bus(&piix3->dev.qdev, "isa.0"));
(*pi440fx_state)->piix3 = piix3;
@@ -341,7 +343,7 @@ static PCIBus *i440fx_common_init(const char *device_name,
}
PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn,
-qemu_irq *pic,
+ISABus **isa_bus, qemu_irq *pic,
MemoryRegion *address_space_mem,
MemoryRegion *address_space_io,
ram_addr_t ram_size,
@@ -354,7 +356,7 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int
*piix3_devfn,
{
PCIBus *b;
-b = i440fx_common_init("i440FX", pi440fx_state, piix3_devfn, pic,
+b = i440fx_common_init("i440FX", pi440fx_state, piix3_devfn, isa_bus, pic,
address_space_mem, address_space_io, ram_size,
pci_hole_start, pci_hole_size,
pci_hole64_size, pci_hole64_size,
--
1.7.6.3
[Qemu-devel] [PATCH 11/14] bitbang_i2c: convert to VMState
Signed-off-by: Benoit Canet
---
hw/bitbang_i2c.c | 92 +++--
1 files changed, 61 insertions(+), 31 deletions(-)
diff --git a/hw/bitbang_i2c.c b/hw/bitbang_i2c.c
index 431359d..453f1da 100644
--- a/hw/bitbang_i2c.c
+++ b/hw/bitbang_i2c.c
@@ -19,37 +19,53 @@ do { printf("bitbang_i2c: " fmt , ## __VA_ARGS__); } while
(0)
#define DPRINTF(fmt, ...) do {} while(0)
#endif
-typedef enum bitbang_i2c_state {
+enum {
STOPPED = 0,
-SENDING_BIT7,
-SENDING_BIT6,
-SENDING_BIT5,
-SENDING_BIT4,
-SENDING_BIT3,
-SENDING_BIT2,
-SENDING_BIT1,
-SENDING_BIT0,
-WAITING_FOR_ACK,
-RECEIVING_BIT7,
-RECEIVING_BIT6,
-RECEIVING_BIT5,
-RECEIVING_BIT4,
-RECEIVING_BIT3,
-RECEIVING_BIT2,
-RECEIVING_BIT1,
-RECEIVING_BIT0,
-SENDING_ACK,
-SENT_NACK
-} bitbang_i2c_state;
+SENDING_BIT7 = 1,
+SENDING_BIT6 = 2,
+SENDING_BIT5 = 3,
+SENDING_BIT4 = 4,
+SENDING_BIT3 = 5,
+SENDING_BIT2 = 6,
+SENDING_BIT1 = 7,
+SENDING_BIT0 = 8,
+WAITING_FOR_ACK = 9,
+RECEIVING_BIT7 = 10,
+RECEIVING_BIT6 = 11,
+RECEIVING_BIT5 = 12,
+RECEIVING_BIT4 = 13,
+RECEIVING_BIT3 = 14,
+RECEIVING_BIT2 = 15,
+RECEIVING_BIT1 = 16,
+RECEIVING_BIT0 = 17,
+SENDING_ACK = 18,
+SENT_NACK = 19
+};
struct bitbang_i2c_interface {
i2c_bus *bus;
-bitbang_i2c_state state;
-int last_data;
-int last_clock;
-int device_out;
+uint8_t state;
+int32_t last_data;
+int32_t last_clock;
+int32_t device_out;
uint8_t buffer;
-int current_addr;
+int32_t current_addr;
+};
+
+const VMStateDescription vmstate_bitbang_i2c = {
+.name = "bitbang_i2c",
+.version_id = 1,
+.minimum_version_id = 1,
+.minimum_version_id_old = 1,
+.fields = (VMStateField []) {
+VMSTATE_UINT8(state, bitbang_i2c_interface),
+VMSTATE_INT32(last_data, bitbang_i2c_interface),
+VMSTATE_INT32(last_clock, bitbang_i2c_interface),
+VMSTATE_INT32(device_out, bitbang_i2c_interface),
+VMSTATE_UINT8(buffer, bitbang_i2c_interface),
+VMSTATE_INT32(current_addr, bitbang_i2c_interface),
+VMSTATE_END_OF_LIST()
+}
};
static void bitbang_i2c_enter_stop(bitbang_i2c_interface *i2c)
@@ -62,7 +78,7 @@ static void bitbang_i2c_enter_stop(bitbang_i2c_interface *i2c)
}
/* Set device data pin. */
-static int bitbang_i2c_ret(bitbang_i2c_interface *i2c, int level)
+static int32_t bitbang_i2c_ret(bitbang_i2c_interface *i2c, int32_t level)
{
i2c->device_out = level;
//DPRINTF("%d %d %d\n", i2c->last_clock, i2c->last_data, i2c->device_out);
@@ -70,13 +86,13 @@ static int bitbang_i2c_ret(bitbang_i2c_interface *i2c, int
level)
}
/* Leave device data pin unodified. */
-static int bitbang_i2c_nop(bitbang_i2c_interface *i2c)
+static int32_t bitbang_i2c_nop(bitbang_i2c_interface *i2c)
{
return bitbang_i2c_ret(i2c, i2c->device_out);
}
/* Returns data line level. */
-int bitbang_i2c_set(bitbang_i2c_interface *i2c, int line, int level)
+int32_t bitbang_i2c_set(bitbang_i2c_interface *i2c, int line, int32_t level)
{
int data;
@@ -185,11 +201,24 @@ bitbang_i2c_interface *bitbang_i2c_init(i2c_bus *bus)
typedef struct {
SysBusDevice busdev;
bitbang_i2c_interface *bitbang;
-int last_level;
+int32_t last_level;
qemu_irq out;
} GPIOI2CState;
-static void bitbang_i2c_gpio_set(void *opaque, int irq, int level)
+const VMStateDescription vmstate_gpio_i2c = {
+.name = "gpio_i2c",
+.version_id = 1,
+.minimum_version_id = 1,
+.minimum_version_id_old = 1,
+.fields = (VMStateField []) {
+VMSTATE_STRUCT_POINTER(bitbang, GPIOI2CState, vmstate_bitbang_i2c,
+ bitbang_i2c_interface *),
+VMSTATE_INT32(last_level, GPIOI2CState),
+VMSTATE_END_OF_LIST()
+}
+};
+
+static void bitbang_i2c_gpio_set(void *opaque, int irq, int32_t level)
{
GPIOI2CState *s = opaque;
@@ -221,6 +250,7 @@ static SysBusDeviceInfo gpio_i2c_info = {
.qdev.name = "gpio_i2c",
.qdev.desc = "Virtual GPIO to I2C bridge",
.qdev.size = sizeof(GPIOI2CState),
+.qdev.vmsd = &vmstate_gpio_i2c,
};
static void bitbang_i2c_register(void)
--
1.7.4.1
[Qemu-devel] [PATCH 11/15] pl181: add vmstate
Signed-off-by: Benoit Canet
---
hw/pl181.c | 40
1 files changed, 36 insertions(+), 4 deletions(-)
diff --git a/hw/pl181.c b/hw/pl181.c
index e13ea8e..cef2530 100644
--- a/hw/pl181.c
+++ b/hw/pl181.c
@@ -38,20 +38,45 @@ typedef struct {
uint32_t datacnt;
uint32_t status;
uint32_t mask[2];
-int fifo_pos;
-int fifo_len;
+int32_t fifo_pos;
+int32_t fifo_len;
/* The linux 2.6.21 driver is buggy, and misbehaves if new data arrives
while it is reading the FIFO. We hack around this be defering
subsequent transfers until after the driver polls the status word.
http://www.arm.linux.org.uk/developer/patches/viewpatch.php?id=4446/1
*/
-int linux_hack;
+int32_t linux_hack;
uint32_t fifo[PL181_FIFO_LEN];
qemu_irq irq[2];
/* GPIO outputs for 'card is readonly' and 'card inserted' */
qemu_irq cardstatus[2];
} pl181_state;
+static const VMStateDescription vmstate_pl181 = {
+.name = "pl181",
+.version_id = 1,
+.minimum_version_id = 1,
+.fields = (VMStateField[]) {
+VMSTATE_UINT32(clock, pl181_state),
+VMSTATE_UINT32(power, pl181_state),
+VMSTATE_UINT32(cmdarg, pl181_state),
+VMSTATE_UINT32(cmd, pl181_state),
+VMSTATE_UINT32(datatimer, pl181_state),
+VMSTATE_UINT32(datalength, pl181_state),
+VMSTATE_UINT32(respcmd, pl181_state),
+VMSTATE_UINT32_ARRAY(response, pl181_state, 4),
+VMSTATE_UINT32(datactrl, pl181_state),
+VMSTATE_UINT32(datacnt, pl181_state),
+VMSTATE_UINT32(status, pl181_state),
+VMSTATE_UINT32_ARRAY(mask, pl181_state, 2),
+VMSTATE_INT32(fifo_pos, pl181_state),
+VMSTATE_INT32(fifo_len, pl181_state),
+VMSTATE_INT32(linux_hack, pl181_state),
+VMSTATE_UINT32_ARRAY(fifo, pl181_state, PL181_FIFO_LEN),
+VMSTATE_END_OF_LIST()
+}
+};
+
#define PL181_CMD_INDEX 0x3f
#define PL181_CMD_RESPONSE (1 << 6)
#define PL181_CMD_LONGRESP (1 << 7)
@@ -465,9 +490,16 @@ static int pl181_init(SysBusDevice *dev)
return 0;
}
+static SysBusDeviceInfo pl181_info = {
+.init = pl181_init,
+.qdev.name = "pl181",
+.qdev.size = sizeof(pl181_state),
+.qdev.vmsd = &vmstate_pl181,
+};
+
static void pl181_register_devices(void)
{
-sysbus_register_dev("pl181", sizeof(pl181_state), pl181_init);
+sysbus_register_withprop(&pl181_info);
}
device_init(pl181_register_devices)
--
1.7.4.1
[Qemu-devel] [PATCH 09/15] syborg_timer: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_timer.c | 27 ++-
1 files changed, 10 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_timer.c b/hw/syborg_timer.c
index 50c813e..dfee457 100644
--- a/hw/syborg_timer.c
+++ b/hw/syborg_timer.c
@@ -53,6 +53,7 @@ enum {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
ptimer_state *timer;
int running;
int oneshot;
@@ -83,7 +84,8 @@ static void syborg_timer_tick(void *opaque)
syborg_timer_update(s);
}
-static uint32_t syborg_timer_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_timer_read(void *opaque, target_phys_addr_t offset,
+ unsigned size)
{
SyborgTimerState *s = (SyborgTimerState *)opaque;
@@ -114,7 +116,7 @@ static uint32_t syborg_timer_read(void *opaque,
target_phys_addr_t offset)
}
static void syborg_timer_write(void *opaque, target_phys_addr_t offset,
- uint32_t value)
+ uint64_t value, unsigned size)
{
SyborgTimerState *s = (SyborgTimerState *)opaque;
@@ -162,16 +164,10 @@ static void syborg_timer_write(void *opaque,
target_phys_addr_t offset,
}
}
-static CPUReadMemoryFunc * const syborg_timer_readfn[] = {
-syborg_timer_read,
-syborg_timer_read,
-syborg_timer_read
-};
-
-static CPUWriteMemoryFunc * const syborg_timer_writefn[] = {
-syborg_timer_write,
-syborg_timer_write,
-syborg_timer_write
+static const MemoryRegionOps syborg_timer_ops = {
+.read = syborg_timer_read,
+.write = syborg_timer_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static const VMStateDescription vmstate_syborg_timer = {
@@ -194,17 +190,14 @@ static int syborg_timer_init(SysBusDevice *dev)
{
SyborgTimerState *s = FROM_SYSBUS(SyborgTimerState, dev);
QEMUBH *bh;
-int iomemtype;
if (s->freq == 0) {
fprintf(stderr, "syborg_timer: Zero/unset frequency\n");
exit(1);
}
sysbus_init_irq(dev, &s->irq);
-iomemtype = cpu_register_io_memory(syborg_timer_readfn,
- syborg_timer_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_timer_ops, s, "timer", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
bh = qemu_bh_new(syborg_timer_tick, s);
s->timer = ptimer_init(bh);
--
1.7.4.1
[Qemu-devel] [PATCH 07/15] syborg_rtc: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_rtc.c | 28 +++-
1 files changed, 11 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_rtc.c b/hw/syborg_rtc.c
index 69f6ccf..375664f 100644
--- a/hw/syborg_rtc.c
+++ b/hw/syborg_rtc.c
@@ -35,12 +35,14 @@ enum {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
int64_t offset;
int64_t data;
qemu_irq irq;
} SyborgRTCState;
-static uint32_t syborg_rtc_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_rtc_read(void *opaque, target_phys_addr_t offset,
+unsigned size)
{
SyborgRTCState *s = (SyborgRTCState *)opaque;
offset &= 0xfff;
@@ -58,7 +60,8 @@ static uint32_t syborg_rtc_read(void *opaque,
target_phys_addr_t offset)
}
}
-static void syborg_rtc_write(void *opaque, target_phys_addr_t offset, uint32_t
value)
+static void syborg_rtc_write(void *opaque, target_phys_addr_t offset,
+ uint64_t value, unsigned size)
{
SyborgRTCState *s = (SyborgRTCState *)opaque;
uint64_t now;
@@ -90,16 +93,10 @@ static void syborg_rtc_write(void *opaque,
target_phys_addr_t offset, uint32_t v
}
}
-static CPUReadMemoryFunc * const syborg_rtc_readfn[] = {
-syborg_rtc_read,
-syborg_rtc_read,
-syborg_rtc_read
-};
-
-static CPUWriteMemoryFunc * const syborg_rtc_writefn[] = {
-syborg_rtc_write,
-syborg_rtc_write,
-syborg_rtc_write
+static const MemoryRegionOps syborg_rtc_ops = {
+.read = syborg_rtc_read,
+.write = syborg_rtc_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static const VMStateDescription vmstate_syborg_rtc = {
@@ -118,12 +115,9 @@ static int syborg_rtc_init(SysBusDevice *dev)
{
SyborgRTCState *s = FROM_SYSBUS(SyborgRTCState, dev);
struct tm tm;
-int iomemtype;
-iomemtype = cpu_register_io_memory(syborg_rtc_readfn,
- syborg_rtc_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_rtc_ops, s, "rtc", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
qemu_get_timedate(&tm, 0);
s->offset = (uint64_t)mktime(&tm) * 10;
--
1.7.4.1
[Qemu-devel] [PATCH 13/14] integratorcp: convert integratorcm to VMState
Signed-off-by: Benoit Canet
---
hw/integratorcp.c | 24
1 files changed, 24 insertions(+), 0 deletions(-)
diff --git a/hw/integratorcp.c b/hw/integratorcp.c
index 7ad68b7..1ffe7d8 100644
--- a/hw/integratorcp.c
+++ b/hw/integratorcp.c
@@ -35,6 +35,29 @@ typedef struct {
uint32_t fiq_enabled;
} integratorcm_state;
+static const VMStateDescription vmstate_integratorcm = {
+.name = "integratorcm",
+.version_id = 1,
+.minimum_version_id = 1,
+.minimum_version_id_old = 1,
+.fields = (VMStateField[]) {
+VMSTATE_UINT32(memsz, integratorcm_state),
+VMSTATE_BOOL(flash_mapped, integratorcm_state),
+VMSTATE_UINT32(cm_osc, integratorcm_state),
+VMSTATE_UINT32(cm_ctrl, integratorcm_state),
+VMSTATE_UINT32(cm_lock, integratorcm_state),
+VMSTATE_UINT32(cm_auxosc, integratorcm_state),
+VMSTATE_UINT32(cm_sdram, integratorcm_state),
+VMSTATE_UINT32(cm_init, integratorcm_state),
+VMSTATE_UINT32(cm_flags, integratorcm_state),
+VMSTATE_UINT32(cm_nvflags, integratorcm_state),
+VMSTATE_UINT32(int_level, integratorcm_state),
+VMSTATE_UINT32(irq_enabled, integratorcm_state),
+VMSTATE_UINT32(fiq_enabled, integratorcm_state),
+VMSTATE_END_OF_LIST()
+}
+};
+
static uint8_t integrator_spd[128] = {
128, 8, 4, 11, 9, 1, 64, 0, 2, 0xa0, 0xa0, 0, 0, 8, 0, 1,
0xe, 4, 0x1c, 1, 2, 0x20, 0xc0, 0, 0, 0, 0, 0x30, 0x28, 0x30, 0x28, 0x40
@@ -536,6 +559,7 @@ static SysBusDeviceInfo core_info = {
.init = integratorcm_init,
.qdev.name = "integrator_core",
.qdev.size = sizeof(integratorcm_state),
+.qdev.vmsd = &vmstate_integratorcm,
.qdev.props = (Property[]) {
DEFINE_PROP_UINT32("memsz", integratorcm_state, memsz, 0),
DEFINE_PROP_END_OF_LIST(),
--
1.7.4.1
[Qemu-devel] (no subject)
These patches apply against akivity memory/master. They convert syborg to memory API and various arm related component to VMState. Omap boards where not modified because Linaro is currently refactoring them. Xscale was left apart too. This version fix coding style issues. >From Benoît Canet # This line is ignored. From: Benoît Canet Subject: In-Reply-To:
[Qemu-devel] [PATCH 07/14] syborg_serial: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_serial.c | 28 +++-
1 files changed, 11 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_serial.c b/hw/syborg_serial.c
index c83f82c..b73a009 100644
--- a/hw/syborg_serial.c
+++ b/hw/syborg_serial.c
@@ -58,6 +58,7 @@ enum {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
uint32_t int_enable;
uint32_t fifo_size;
uint32_t *read_fifo;
@@ -152,7 +153,8 @@ static void dma_rx_start(SyborgSerialState *s, uint32_t len)
syborg_serial_update(s);
}
-static uint32_t syborg_serial_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_serial_read(void *opaque, target_phys_addr_t offset,
+ unsigned size)
{
SyborgSerialState *s = (SyborgSerialState *)opaque;
uint32_t c;
@@ -192,7 +194,7 @@ static uint32_t syborg_serial_read(void *opaque,
target_phys_addr_t offset)
}
static void syborg_serial_write(void *opaque, target_phys_addr_t offset,
-uint32_t value)
+uint64_t value, unsigned size)
{
SyborgSerialState *s = (SyborgSerialState *)opaque;
unsigned char ch;
@@ -261,16 +263,10 @@ static void syborg_serial_event(void *opaque, int event)
/* TODO: Report BREAK events? */
}
-static CPUReadMemoryFunc * const syborg_serial_readfn[] = {
- syborg_serial_read,
- syborg_serial_read,
- syborg_serial_read
-};
-
-static CPUWriteMemoryFunc * const syborg_serial_writefn[] = {
- syborg_serial_write,
- syborg_serial_write,
- syborg_serial_write
+static const MemoryRegionOps syborg_serial_ops = {
+.read = syborg_serial_read,
+.write = syborg_serial_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static const VMStateDescription vmstate_syborg_serial = {
@@ -295,13 +291,11 @@ static const VMStateDescription vmstate_syborg_serial = {
static int syborg_serial_init(SysBusDevice *dev)
{
SyborgSerialState *s = FROM_SYSBUS(SyborgSerialState, dev);
-int iomemtype;
sysbus_init_irq(dev, &s->irq);
-iomemtype = cpu_register_io_memory(syborg_serial_readfn,
- syborg_serial_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_serial_ops, s,
+ "serial", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
s->chr = qdev_init_chardev(&dev->qdev);
if (s->chr) {
qemu_chr_add_handlers(s->chr, syborg_serial_can_receive,
--
1.7.4.1
[Qemu-devel] [PATCH 05/14] syborg_pointer: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_pointer.c | 28 +++-
1 files changed, 11 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_pointer.c b/hw/syborg_pointer.c
index b91214d..a0f8b32 100644
--- a/hw/syborg_pointer.c
+++ b/hw/syborg_pointer.c
@@ -44,6 +44,7 @@ typedef struct {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
int int_enabled;
uint32_t fifo_size;
event_data *event_fifo;
@@ -57,7 +58,8 @@ static void syborg_pointer_update(SyborgPointerState *s)
qemu_set_irq(s->irq, s->read_count && s->int_enabled);
}
-static uint32_t syborg_pointer_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_pointer_read(void *opaque, target_phys_addr_t offset,
+unsigned size)
{
SyborgPointerState *s = (SyborgPointerState *)opaque;
@@ -87,7 +89,7 @@ static uint32_t syborg_pointer_read(void *opaque,
target_phys_addr_t offset)
}
static void syborg_pointer_write(void *opaque, target_phys_addr_t offset,
- uint32_t value)
+ uint64_t value, unsigned size)
{
SyborgPointerState *s = (SyborgPointerState *)opaque;
@@ -110,16 +112,10 @@ static void syborg_pointer_write(void *opaque,
target_phys_addr_t offset,
syborg_pointer_update(s);
}
-static CPUReadMemoryFunc * const syborg_pointer_readfn[] = {
- syborg_pointer_read,
- syborg_pointer_read,
- syborg_pointer_read
-};
-
-static CPUWriteMemoryFunc * const syborg_pointer_writefn[] = {
- syborg_pointer_write,
- syborg_pointer_write,
- syborg_pointer_write
+static const MemoryRegionOps syborg_pointer_ops = {
+.read = syborg_pointer_read,
+.write = syborg_pointer_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static void syborg_pointer_event(void *opaque, int dx, int dy, int dz,
@@ -186,13 +182,11 @@ static const VMStateDescription vmstate_syborg_pointer = {
static int syborg_pointer_init(SysBusDevice *dev)
{
SyborgPointerState *s = FROM_SYSBUS(SyborgPointerState, dev);
-int iomemtype;
sysbus_init_irq(dev, &s->irq);
-iomemtype = cpu_register_io_memory(syborg_pointer_readfn,
- syborg_pointer_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_pointer_ops, s,
+ "pointer", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
if (s->fifo_size <= 0) {
fprintf(stderr, "syborg_pointer: fifo too small\n");
--
1.7.4.1
[Qemu-devel] [PATCH 07/11] fulong2e: give ISA bus to ISA methods
Signed-off-by: Hervé Poussineau
---
hw/mips_fulong2e.c |6 ++
hw/vt82c686.c |4 ++--
hw/vt82c686.h |2 +-
3 files changed, 5 insertions(+), 7 deletions(-)
diff --git a/hw/mips_fulong2e.c b/hw/mips_fulong2e.c
index e6e120c..5e87665 100644
--- a/hw/mips_fulong2e.c
+++ b/hw/mips_fulong2e.c
@@ -264,7 +264,6 @@ static void mips_fulong2e_init(ram_addr_t ram_size, const
char *boot_device,
int64_t kernel_entry;
qemu_irq *i8259;
qemu_irq *cpu_exit_irq;
-int via_devfn;
PCIBus *pci_bus;
ISABus *isa_bus;
i2c_bus *smbus;
@@ -338,12 +337,11 @@ static void mips_fulong2e_init(ram_addr_t ram_size, const
char *boot_device,
/* South bridge */
ide_drive_get(hd, MAX_IDE_BUS);
-via_devfn = vt82c686b_init(pci_bus, PCI_DEVFN(FULONG2E_VIA_SLOT, 0));
-if (via_devfn < 0) {
+isa_bus = vt82c686b_init(pci_bus, PCI_DEVFN(FULONG2E_VIA_SLOT, 0));
+if (!isa_bus) {
fprintf(stderr, "vt82c686b_init error\n");
exit(1);
}
-isa_bus = NULL;
/* Interrupt controller */
/* The 8259 -> IP5 */
diff --git a/hw/vt82c686.c b/hw/vt82c686.c
index 2845959..038128b 100644
--- a/hw/vt82c686.c
+++ b/hw/vt82c686.c
@@ -507,13 +507,13 @@ static int vt82c686b_initfn(PCIDevice *d)
return 0;
}
-int vt82c686b_init(PCIBus *bus, int devfn)
+ISABus *vt82c686b_init(PCIBus *bus, int devfn)
{
PCIDevice *d;
d = pci_create_simple_multifunction(bus, devfn, true, "VT82C686B");
-return d->devfn;
+return DO_UPCAST(ISABus, qbus, qdev_get_child_bus(&d->qdev, "isa.0"));
}
static PCIDeviceInfo via_info = {
diff --git a/hw/vt82c686.h b/hw/vt82c686.h
index e3270ca..6ef876d 100644
--- a/hw/vt82c686.h
+++ b/hw/vt82c686.h
@@ -2,7 +2,7 @@
#define HW_VT82C686_H
/* vt82c686.c */
-int vt82c686b_init(PCIBus * bus, int devfn);
+ISABus *vt82c686b_init(PCIBus * bus, int devfn);
void vt82c686b_ac97_init(PCIBus *bus, int devfn);
void vt82c686b_mc97_init(PCIBus *bus, int devfn);
i2c_bus *vt82c686b_pm_init(PCIBus *bus, int devfn, uint32_t smb_io_base,
--
1.7.6.3
[Qemu-devel] [PATCH 06/14] syborg_rtc: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_rtc.c | 28 +++-
1 files changed, 11 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_rtc.c b/hw/syborg_rtc.c
index 69f6ccf..375664f 100644
--- a/hw/syborg_rtc.c
+++ b/hw/syborg_rtc.c
@@ -35,12 +35,14 @@ enum {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
int64_t offset;
int64_t data;
qemu_irq irq;
} SyborgRTCState;
-static uint32_t syborg_rtc_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_rtc_read(void *opaque, target_phys_addr_t offset,
+unsigned size)
{
SyborgRTCState *s = (SyborgRTCState *)opaque;
offset &= 0xfff;
@@ -58,7 +60,8 @@ static uint32_t syborg_rtc_read(void *opaque,
target_phys_addr_t offset)
}
}
-static void syborg_rtc_write(void *opaque, target_phys_addr_t offset, uint32_t
value)
+static void syborg_rtc_write(void *opaque, target_phys_addr_t offset,
+ uint64_t value, unsigned size)
{
SyborgRTCState *s = (SyborgRTCState *)opaque;
uint64_t now;
@@ -90,16 +93,10 @@ static void syborg_rtc_write(void *opaque,
target_phys_addr_t offset, uint32_t v
}
}
-static CPUReadMemoryFunc * const syborg_rtc_readfn[] = {
-syborg_rtc_read,
-syborg_rtc_read,
-syborg_rtc_read
-};
-
-static CPUWriteMemoryFunc * const syborg_rtc_writefn[] = {
-syborg_rtc_write,
-syborg_rtc_write,
-syborg_rtc_write
+static const MemoryRegionOps syborg_rtc_ops = {
+.read = syborg_rtc_read,
+.write = syborg_rtc_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static const VMStateDescription vmstate_syborg_rtc = {
@@ -118,12 +115,9 @@ static int syborg_rtc_init(SysBusDevice *dev)
{
SyborgRTCState *s = FROM_SYSBUS(SyborgRTCState, dev);
struct tm tm;
-int iomemtype;
-iomemtype = cpu_register_io_memory(syborg_rtc_readfn,
- syborg_rtc_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_rtc_ops, s, "rtc", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
qemu_get_timedate(&tm, 0);
s->offset = (uint64_t)mktime(&tm) * 10;
--
1.7.4.1
[Qemu-devel] [PATCH 11/11] audio: remove unused parameter isa_pic
Signed-off-by: Hervé Poussineau
---
arch_init.c | 10 +-
arch_init.h |2 +-
hw/adlib.c |2 +-
hw/audiodev.h |8
hw/cs4231a.c|2 +-
hw/gus.c|2 +-
hw/mips_jazz.c |2 +-
hw/mips_malta.c |2 +-
hw/pc.h |2 +-
hw/pc_piix.c|2 +-
hw/pcspk.c |2 +-
hw/sb16.c |2 +-
12 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/arch_init.c b/arch_init.c
index 3bc2a41..d4c92b0 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -473,7 +473,7 @@ struct soundhw {
int enabled;
int isa;
union {
-int (*init_isa) (ISABus *bus, qemu_irq *pic);
+int (*init_isa) (ISABus *bus);
int (*init_pci) (PCIBus *bus);
} init;
};
@@ -628,15 +628,15 @@ void select_soundhw(const char *optarg)
}
}
-void audio_init(ISABus *isa_bus, qemu_irq *isa_pic, PCIBus *pci_bus)
+void audio_init(ISABus *isa_bus, PCIBus *pci_bus)
{
struct soundhw *c;
for (c = soundhw; c->name; ++c) {
if (c->enabled) {
if (c->isa) {
-if (isa_pic) {
-c->init.init_isa(isa_bus, isa_pic);
+if (isa_bus) {
+c->init.init_isa(isa_bus);
}
} else {
if (pci_bus) {
@@ -650,7 +650,7 @@ void audio_init(ISABus *isa_bus, qemu_irq *isa_pic, PCIBus
*pci_bus)
void select_soundhw(const char *optarg)
{
}
-void audio_init(ISABus *isa_bus, qemu_irq *isa_pic, PCIBus *pci_bus)
+void audio_init(ISABus *isa_bus, PCIBus *pci_bus)
{
}
#endif
diff --git a/arch_init.h b/arch_init.h
index 074f02a..828256c 100644
--- a/arch_init.h
+++ b/arch_init.h
@@ -27,7 +27,7 @@ void do_acpitable_option(const char *optarg);
void do_smbios_option(const char *optarg);
void cpudef_init(void);
int audio_available(void);
-void audio_init(ISABus *isa_bus, qemu_irq *isa_pic, PCIBus *pci_bus);
+void audio_init(ISABus *isa_bus, PCIBus *pci_bus);
int tcg_available(void);
int kvm_available(void);
int xen_available(void);
diff --git a/hw/adlib.c b/hw/adlib.c
index b5e1564..dd8b188 100644
--- a/hw/adlib.c
+++ b/hw/adlib.c
@@ -275,7 +275,7 @@ static void Adlib_fini (AdlibState *s)
AUD_remove_card (&s->card);
}
-int Adlib_init (ISABus *bus, qemu_irq *pic)
+int Adlib_init (ISABus *bus)
{
AdlibState *s = &glob_adlib;
struct audsettings as;
diff --git a/hw/audiodev.h b/hw/audiodev.h
index 9aac3bc..1d34a4b 100644
--- a/hw/audiodev.h
+++ b/hw/audiodev.h
@@ -2,19 +2,19 @@
int es1370_init(PCIBus *bus);
/* sb16.c */
-int SB16_init(ISABus *bus, qemu_irq *pic);
+int SB16_init(ISABus *bus);
/* adlib.c */
-int Adlib_init(ISABus *bus, qemu_irq *pic);
+int Adlib_init(ISABus *bus);
/* gus.c */
-int GUS_init(ISABus *bus, qemu_irq *pic);
+int GUS_init(ISABus *bus);
/* ac97.c */
int ac97_init(PCIBus *buf);
/* cs4231a.c */
-int cs4231a_init(ISABus *bus, qemu_irq *pic);
+int cs4231a_init(ISABus *bus);
/* intel-hda.c + hda-audio.c */
int intel_hda_and_codec_init(PCIBus *bus);
diff --git a/hw/cs4231a.c b/hw/cs4231a.c
index 0238829..dc77a3a 100644
--- a/hw/cs4231a.c
+++ b/hw/cs4231a.c
@@ -659,7 +659,7 @@ static int cs4231a_initfn (ISADevice *dev)
return 0;
}
-int cs4231a_init (ISABus *bus, qemu_irq *pic)
+int cs4231a_init (ISABus *bus)
{
isa_create_simple (bus, "cs4231a");
return 0;
diff --git a/hw/gus.c b/hw/gus.c
index 17cceee..ab872d8 100644
--- a/hw/gus.c
+++ b/hw/gus.c
@@ -293,7 +293,7 @@ static int gus_initfn (ISADevice *dev)
return 0;
}
-int GUS_init (ISABus *bus, qemu_irq *pic)
+int GUS_init (ISABus *bus)
{
isa_create_simple (bus, "gus");
return 0;
diff --git a/hw/mips_jazz.c b/hw/mips_jazz.c
index ef6c83f..9e5b01e 100644
--- a/hw/mips_jazz.c
+++ b/hw/mips_jazz.c
@@ -279,7 +279,7 @@ static void mips_jazz_init(MemoryRegion *address_space,
/* Sound card */
/* FIXME: missing Jazz sound at 0x8000c000, rc4030[2] */
-audio_init(isa_bus, i8259, NULL);
+audio_init(isa_bus, NULL);
/* NVRAM */
dev = qdev_create(NULL, "ds1225y");
diff --git a/hw/mips_malta.c b/hw/mips_malta.c
index 78d99e7..9bc790c 100644
--- a/hw/mips_malta.c
+++ b/hw/mips_malta.c
@@ -972,7 +972,7 @@ void mips_malta_init (ram_addr_t ram_size,
fdctrl_init_isa(isa_bus, fd);
/* Sound card */
-audio_init(isa_bus, NULL, pci_bus);
+audio_init(isa_bus, pci_bus);
/* Network card */
network_init();
diff --git a/hw/pc.h b/hw/pc.h
index bc67b2b..f96ec75 100644
--- a/hw/pc.h
+++ b/hw/pc.h
@@ -174,7 +174,7 @@ extern int no_hpet;
/* pcspk.c */
void pcspk_init(ISADevice *pit);
-int pcspk_audio_init(ISABus *bus, qemu_irq *pic);
+int pcspk_audio_init(ISABus *bus);
/* piix_pci.c */
struct PCII440FXState;
diff --git a/hw/pc_piix.c b/hw/pc_piix.c
index be91d3b..a41f87f 100644
--- a/hw/pc_piix.c
+++ b/hw/pc_piix.c
@@ -206,7 +206,7 @@ static void pc_init1(MemoryRegion *system_memory,
}
}
-audio_init(isa_bus, gsi,
[Qemu-devel] [PATCH 08/14] syborg_timer: convert to memory API
Signed-off-by: Benoit Canet
---
hw/syborg_timer.c | 27 ++-
1 files changed, 10 insertions(+), 17 deletions(-)
diff --git a/hw/syborg_timer.c b/hw/syborg_timer.c
index 50c813e..dfee457 100644
--- a/hw/syborg_timer.c
+++ b/hw/syborg_timer.c
@@ -53,6 +53,7 @@ enum {
typedef struct {
SysBusDevice busdev;
+MemoryRegion iomem;
ptimer_state *timer;
int running;
int oneshot;
@@ -83,7 +84,8 @@ static void syborg_timer_tick(void *opaque)
syborg_timer_update(s);
}
-static uint32_t syborg_timer_read(void *opaque, target_phys_addr_t offset)
+static uint64_t syborg_timer_read(void *opaque, target_phys_addr_t offset,
+ unsigned size)
{
SyborgTimerState *s = (SyborgTimerState *)opaque;
@@ -114,7 +116,7 @@ static uint32_t syborg_timer_read(void *opaque,
target_phys_addr_t offset)
}
static void syborg_timer_write(void *opaque, target_phys_addr_t offset,
- uint32_t value)
+ uint64_t value, unsigned size)
{
SyborgTimerState *s = (SyborgTimerState *)opaque;
@@ -162,16 +164,10 @@ static void syborg_timer_write(void *opaque,
target_phys_addr_t offset,
}
}
-static CPUReadMemoryFunc * const syborg_timer_readfn[] = {
-syborg_timer_read,
-syborg_timer_read,
-syborg_timer_read
-};
-
-static CPUWriteMemoryFunc * const syborg_timer_writefn[] = {
-syborg_timer_write,
-syborg_timer_write,
-syborg_timer_write
+static const MemoryRegionOps syborg_timer_ops = {
+.read = syborg_timer_read,
+.write = syborg_timer_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
};
static const VMStateDescription vmstate_syborg_timer = {
@@ -194,17 +190,14 @@ static int syborg_timer_init(SysBusDevice *dev)
{
SyborgTimerState *s = FROM_SYSBUS(SyborgTimerState, dev);
QEMUBH *bh;
-int iomemtype;
if (s->freq == 0) {
fprintf(stderr, "syborg_timer: Zero/unset frequency\n");
exit(1);
}
sysbus_init_irq(dev, &s->irq);
-iomemtype = cpu_register_io_memory(syborg_timer_readfn,
- syborg_timer_writefn, s,
- DEVICE_NATIVE_ENDIAN);
-sysbus_init_mmio(dev, 0x1000, iomemtype);
+memory_region_init_io(&s->iomem, &syborg_timer_ops, s, "timer", 0x1000);
+sysbus_init_mmio_region(dev, &s->iomem);
bh = qemu_bh_new(syborg_timer_tick, s);
s->timer = ptimer_init(bh);
--
1.7.4.1
[Qemu-devel] [PATCH] Fix compiler warning (always return a value)
For compilations with -DNDEBUG, the default case did not return
a value which caused a compiler warning.
Signed-off-by: Stefan Weil
---
hw/ppce500_spin.c | 11 ---
1 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/hw/ppce500_spin.c b/hw/ppce500_spin.c
index cccd940..5b5ffe0 100644
--- a/hw/ppce500_spin.c
+++ b/hw/ppce500_spin.c
@@ -168,17 +168,22 @@ static uint64_t spin_read(void *opaque,
target_phys_addr_t addr, unsigned len)
{
SpinState *s = opaque;
uint8_t *spin_p = &((uint8_t*)s->spin)[addr];
+uint64_t result = 0;
switch (len) {
case 1:
-return ldub_p(spin_p);
+result = ldub_p(spin_p);
+break;
case 2:
-return lduw_p(spin_p);
+result = lduw_p(spin_p);
+break;
case 4:
-return ldl_p(spin_p);
+result = ldl_p(spin_p);
+break;
default:
assert(0);
}
+return result;
}
const MemoryRegionOps spin_rw_ops = {
--
1.7.2.5
[Qemu-devel] [PATCH 01/14] mst_fpga: convert to memory API
Signed-off-by: Benoit Canet
---
hw/mst_fpga.c | 29 -
1 files changed, 12 insertions(+), 17 deletions(-)
diff --git a/hw/mst_fpga.c b/hw/mst_fpga.c
index 7bcd5d7..cf9957b 100644
--- a/hw/mst_fpga.c
+++ b/hw/mst_fpga.c
@@ -34,6 +34,7 @@
typedef struct mst_irq_state{
SysBusDevice busdev;
+ MemoryRegion iomem;
qemu_irq parent;
@@ -86,8 +87,8 @@ mst_fpga_set_irq(void *opaque, int irq, int level)
}
-static uint32_t
-mst_fpga_readb(void *opaque, target_phys_addr_t addr)
+static uint64_t
+mst_fpga_readb(void *opaque, target_phys_addr_t addr, unsigned size)
{
mst_irq_state *s = (mst_irq_state *) opaque;
@@ -124,7 +125,8 @@ mst_fpga_readb(void *opaque, target_phys_addr_t addr)
}
static void
-mst_fpga_writeb(void *opaque, target_phys_addr_t addr, uint32_t value)
+mst_fpga_writeb(void *opaque, target_phys_addr_t addr, uint64_t value,
+ unsigned size)
{
mst_irq_state *s = (mst_irq_state *) opaque;
value &= 0x;
@@ -175,17 +177,11 @@ mst_fpga_writeb(void *opaque, target_phys_addr_t addr,
uint32_t value)
}
}
-static CPUReadMemoryFunc * const mst_fpga_readfn[] = {
- mst_fpga_readb,
- mst_fpga_readb,
- mst_fpga_readb,
+static const MemoryRegionOps mst_fpga_ops = {
+ .read = mst_fpga_readb,
+ .write = mst_fpga_writeb,
+ .endianness = DEVICE_NATIVE_ENDIAN,
};
-static CPUWriteMemoryFunc * const mst_fpga_writefn[] = {
- mst_fpga_writeb,
- mst_fpga_writeb,
- mst_fpga_writeb,
-};
-
static int mst_fpga_post_load(void *opaque, int version_id)
{
@@ -198,7 +194,6 @@ static int mst_fpga_post_load(void *opaque, int version_id)
static int mst_fpga_init(SysBusDevice *dev)
{
mst_irq_state *s;
- int iomemtype;
s = FROM_SYSBUS(mst_irq_state, dev);
@@ -210,9 +205,9 @@ static int mst_fpga_init(SysBusDevice *dev)
/* alloc the external 16 irqs */
qdev_init_gpio_in(&dev->qdev, mst_fpga_set_irq, MST_NUM_IRQS);
- iomemtype = cpu_register_io_memory(mst_fpga_readfn,
- mst_fpga_writefn, s, DEVICE_NATIVE_ENDIAN);
- sysbus_init_mmio(dev, 0x0010, iomemtype);
+ memory_region_init_io(&s->iomem, &mst_fpga_ops, s,
+ "fpga", 0x0010);
+ sysbus_init_mmio_region(dev, &s->iomem);
return 0;
}
--
1.7.4.1
[Qemu-devel] [PATCH 00/14] arm: more memory API and VMState conversion
These patches apply against akivity memory/master. They convert syborg to memory API and various arm related component to VMState. Omap boards where not modified because Linaro is currently refactoring them. Xscale was left apart too. Benoît Canet (14): mst_fpga: convert to memory API syborg_fb: convert to memory API syborg_interrupt: convert to memory API syborg_keyboard: convert to memory API syborg_pointer: convert to memory API syborg_rtc: convert to memory API syborg_serial: convert to memory API syborg_timer: convert to memory API syborg_virtio: convert to memory API pl181: add vmstate bitbang_i2c: convert to VMState realview: convert realview i2c to VMState integratorcp: convert integratorcm to VMState integratorcp: convert icp_pic to VMState hw/bitbang_i2c.c | 92 hw/integratorcp.c | 38 hw/mst_fpga.c | 29 ++- hw/pl181.c| 40 +++-- hw/realview.c | 21 ++- hw/syborg_fb.c| 28 ++- hw/syborg_interrupt.c | 29 ++- hw/syborg_keyboard.c | 28 ++- hw/syborg_pointer.c | 28 ++- hw/syborg_rtc.c | 28 ++- hw/syborg_serial.c| 28 ++- hw/syborg_timer.c | 27 +- hw/syborg_virtio.c| 26 + 13 files changed, 253 insertions(+), 189 deletions(-) -- 1.7.4.1
Re: [Qemu-devel] [PATCH] main-loop: Add missing include file
Am 24.10.2011 21:43, schrieb Anthony Liguori: On 10/24/2011 02:39 PM, Stefan Weil wrote: stdint.h defines the POSIX data types and is needed for MinGW-w64 (and maybe other hosts). Signed-off-by: Stefan Weil --- main-loop.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/main-loop.c b/main-loop.c index bfecdb7..d9585f8 100644 --- a/main-loop.c +++ b/main-loop.c @@ -22,6 +22,7 @@ * THE SOFTWARE. */ #include "config-host.h" +#include /* uint8_t, ... */ Any reason not to use qemu-common? I don't know any reason and forward your question to Paolo. Kind regards, Stefan W.
[Qemu-devel] [PATCH] target-sparc: Fix order of function parameters
The MinGW-w64 gcc complains about wrong parameters for gen_helper_fpadd16_s and three other functions. gen_helper_fpadd16_s is declared like this (hidden in lots of macros): static inline void gen_helper_fpadd16s(TCGv_i32 retval, TCGv_ptr arg1, TCGv_i32 arg2, TCGv_i32 arg3); So it looks like cpu_env should be the 2nd parameter. Please review this patch as I have no environment to test it (maybe the 1st parameter should be cpu_dst?). Cc: Blue Swirl Signed-off-by: Stefan Weil --- target-sparc/translate.c |8 1 files changed, 4 insertions(+), 4 deletions(-) diff --git a/target-sparc/translate.c b/target-sparc/translate.c index ac27d64..bb5010f 100644 --- a/target-sparc/translate.c +++ b/target-sparc/translate.c @@ -4012,7 +4012,7 @@ static void disas_sparc_insn(DisasContext * dc) break; case 0x051: /* VIS I fpadd16s */ CHECK_FPU_FEATURE(dc, VIS1); -gen_helper_fpadd16s(cpu_env, cpu_fpr[rd], +gen_helper_fpadd16s(cpu_fpr[rd], cpu_env, cpu_fpr[rs1], cpu_fpr[rs2]); gen_update_fprs_dirty(rd); break; @@ -4026,7 +4026,7 @@ static void disas_sparc_insn(DisasContext * dc) break; case 0x053: /* VIS I fpadd32s */ CHECK_FPU_FEATURE(dc, VIS1); -gen_helper_fpadd32s(cpu_env, cpu_fpr[rd], +gen_helper_fpadd32s(cpu_fpr[rd], cpu_env, cpu_fpr[rs1], cpu_fpr[rs2]); gen_update_fprs_dirty(rd); break; @@ -4040,7 +4040,7 @@ static void disas_sparc_insn(DisasContext * dc) break; case 0x055: /* VIS I fpsub16s */ CHECK_FPU_FEATURE(dc, VIS1); -gen_helper_fpsub16s(cpu_env, cpu_fpr[rd], +gen_helper_fpsub16s(cpu_fpr[rd], cpu_env, cpu_fpr[rs1], cpu_fpr[rs2]); gen_update_fprs_dirty(rd); break; @@ -4054,7 +4054,7 @@ static void disas_sparc_insn(DisasContext * dc) break; case 0x057: /* VIS I fpsub32s */ CHECK_FPU_FEATURE(dc, VIS1); -gen_helper_fpsub32s(cpu_env, cpu_fpr[rd], +gen_helper_fpsub32s(cpu_fpr[rd], cpu_env, cpu_fpr[rs1], cpu_fpr[rs2]); gen_update_fprs_dirty(rd); break; -- 1.7.2.5
Re: [Qemu-devel] [PATCH v2 3/4] Add cap reduction support to enable use as SUID
On 10/24/2011 03:21 PM, Anthony Liguori wrote: On 10/24/2011 02:13 PM, Corey Bryant wrote: Right, it's not desirable, but isn't that the best we can do without libcap or FS capabilities? I think the best we can do is not let it run in those cases. :) I'd like see if others in the community have an opinion on this though. IMHO, it should work as an setuid binary maintaining root privileges. As long as it's a small binary (which it is) and is easy to audit, it should be safe. Regards, Anthony Liguori Alright, I'll concede on this. I'll run a static analyzer on the code and let it run as root if libcap-ng is not configured. It would be nice to also cut an audit record, but I'm not seeing a precedence for doing that in QEMU. Any thoughts? -- Regards, Corey
[Qemu-devel] [PATCH] target-xtensa: handle cache options in the overlay tool
Cache options must be enabled for the cores that have cache to avoid illegal instruction exceptions. Signed-off-by: Max Filippov --- target-xtensa/overlay_tool.h |6 ++ 1 files changed, 6 insertions(+), 0 deletions(-) diff --git a/target-xtensa/overlay_tool.h b/target-xtensa/overlay_tool.h index 060e8e5..9cef27d 100644 --- a/target-xtensa/overlay_tool.h +++ b/target-xtensa/overlay_tool.h @@ -71,6 +71,12 @@ XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT) | \ XCHAL_OPTION(XCHAL_HAVE_CCOUNT, XTENSA_OPTION_TIMER_INTERRUPT) | \ /* Local memory, TODO */ \ +XCHAL_OPTION(XCHAL_ICACHE_WAYS, XTENSA_OPTION_ICACHE) | \ +XCHAL_OPTION(XCHAL_ICACHE_LINE_LOCKABLE, \ +XTENSA_OPTION_ICACHE_INDEX_LOCK) | \ +XCHAL_OPTION(XCHAL_DCACHE_WAYS, XTENSA_OPTION_DCACHE) | \ +XCHAL_OPTION(XCHAL_DCACHE_LINE_LOCKABLE, \ +XTENSA_OPTION_DCACHE_INDEX_LOCK) | \ XCHAL_OPTION(XCHAL_UNALIGNED_LOAD_HW, XTENSA_OPTION_HW_ALIGNMENT) | \ /* Memory protection and translation */ \ XCHAL_OPTION(XCHAL_HAVE_MIMIC_CACHEATTR, \ -- 1.7.6.4
[Qemu-devel] [PATCH 03/11] i8259: give ISA device to isa_register_ioport()
Signed-off-by: Hervé Poussineau
---
hw/i8259.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/i8259.c b/hw/i8259.c
index 4446339..7331e0e 100644
--- a/hw/i8259.c
+++ b/hw/i8259.c
@@ -469,9 +469,9 @@ static int pic_initfn(ISADevice *dev)
memory_region_init_io(&s->base_io, &pic_base_ioport_ops, s, "pic", 2);
memory_region_init_io(&s->elcr_io, &pic_elcr_ioport_ops, s, "elcr", 1);
-isa_register_ioport(NULL, &s->base_io, s->iobase);
+isa_register_ioport(dev, &s->base_io, s->iobase);
if (s->elcr_addr != -1) {
-isa_register_ioport(NULL, &s->elcr_io, s->elcr_addr);
+isa_register_ioport(dev, &s->elcr_io, s->elcr_addr);
}
qdev_init_gpio_out(&dev->qdev, s->int_out, ARRAY_SIZE(s->int_out));
--
1.7.6.3
[Qemu-devel] [PATCH 02/11] isa: move ISABus structure definition to header file
Signed-off-by: Hervé Poussineau
---
hw/isa-bus.c |5 -
hw/isa.h |6 ++
2 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/hw/isa-bus.c b/hw/isa-bus.c
index dcbb134..7c94f0b 100644
--- a/hw/isa-bus.c
+++ b/hw/isa-bus.c
@@ -22,11 +22,6 @@
#include "isa.h"
#include "exec-memory.h"
-struct ISABus {
-BusState qbus;
-MemoryRegion *address_space_io;
-qemu_irq *irqs;
-};
static ISABus *isabus;
target_phys_addr_t isa_mem_base = 0;
diff --git a/hw/isa.h b/hw/isa.h
index 4b58e37..0462521 100644
--- a/hw/isa.h
+++ b/hw/isa.h
@@ -13,6 +13,12 @@ typedef struct ISABus ISABus;
typedef struct ISADevice ISADevice;
typedef struct ISADeviceInfo ISADeviceInfo;
+struct ISABus {
+BusState qbus;
+MemoryRegion *address_space_io;
+qemu_irq *irqs;
+};
+
struct ISADevice {
DeviceState qdev;
uint32_t isairq[2];
--
1.7.6.3
[Qemu-devel] [PATCH 00/11] isa: preliminary work for multiple buses
Current patches are a rework of my patches already available at [1]. They don't provide full support for multiple ISA buses (yet), but add a ISABus or ISADevice argument to all ISA functions. They are mostly mechanically touching every instanciation of ISA devices, so number of lines is quite high even if impact is quite low. Some patches don't pass checkpass check due to spaces around parentheses, but malc asked to do so on files he maintains. Some more patches will be provided after Qemu 1.0 to support multiple ISA buses, but will mostly touch ISA bridges and hw/isa-bus.c file. I think that this first step can be applied now (before release), so ISA interface may be considered stable for devices and machine emulations. Please consider applying this before Qemu 1.0. Thanks [1] http://lists.gnu.org/archive/html/qemu-devel/2011-10/msg00094.html Hervé Poussineau (11): isa: give ISABus/ISADevice to isa_create(), isa_bus_irqs() and isa_get_irq() functions isa: move ISABus structure definition to header file i8259: give ISA device to isa_register_ioport() pc: give ISA bus to ISA methods alpha: give ISA bus to ISA methods sun4u: give ISA bus to ISA methods fulong2e: give ISA bus to ISA methods malta: give ISA bus to ISA methods isa: always use provided ISA bus when creating an isa device isa: always use provided ISA bus in isa_bus_irqs() audio: remove unused parameter isa_pic arch_init.c| 10 +- arch_init.h|2 +- hw/adlib.c |2 +- hw/alpha_dp264.c | 12 +++- hw/alpha_sys.h |3 ++- hw/alpha_typhoon.c |9 + hw/audiodev.h |8 hw/cs4231a.c |4 ++-- hw/fdc.h |4 ++-- hw/gus.c |4 ++-- hw/i8254.c |2 +- hw/i8259.c | 10 +- hw/ide.h |2 +- hw/ide/isa.c |4 ++-- hw/ide/piix.c |2 +- hw/ide/via.c |2 +- hw/isa-bus.c | 33 - hw/isa.h | 16 +++- hw/m48t59.c|5 +++-- hw/mc146818rtc.c |4 ++-- hw/mc146818rtc.h |2 +- hw/mips_fulong2e.c | 20 ++-- hw/mips_jazz.c | 13 +++-- hw/mips_malta.c| 27 ++- hw/mips_r4k.c | 21 +++-- hw/nvram.h |3 ++- hw/pc.c| 30 +++--- hw/pc.h| 39 --- hw/pc_piix.c | 20 +++- hw/pcspk.c |2 +- hw/piix4.c |3 ++- hw/piix_pci.c |8 +--- hw/ppc_prep.c | 20 +++- hw/sb16.c |4 ++-- hw/sun4u.c | 24 +++- hw/vt82c686.c |4 ++-- hw/vt82c686.h |2 +- qemu-common.h |1 + 38 files changed, 205 insertions(+), 176 deletions(-) -- 1.7.6.3
[Qemu-devel] [PATCH 01/12] Fix typo: buf -> bus
Signed-off-by: Hervé Poussineau --- hw/audiodev.h |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/hw/audiodev.h b/hw/audiodev.h index 8e930b2..d60c349 100644 --- a/hw/audiodev.h +++ b/hw/audiodev.h @@ -11,7 +11,7 @@ int Adlib_init(qemu_irq *pic); int GUS_init(qemu_irq *pic); /* ac97.c */ -int ac97_init(PCIBus *buf); +int ac97_init(PCIBus *bus); /* cs4231a.c */ int cs4231a_init(qemu_irq *pic); -- 1.7.6.3
Re: [Qemu-devel] [PATCH] main-loop: Add missing include file
On 10/24/2011 02:39 PM, Stefan Weil wrote: stdint.h defines the POSIX data types and is needed for MinGW-w64 (and maybe other hosts). Signed-off-by: Stefan Weil --- main-loop.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/main-loop.c b/main-loop.c index bfecdb7..d9585f8 100644 --- a/main-loop.c +++ b/main-loop.c @@ -22,6 +22,7 @@ * THE SOFTWARE. */ #include "config-host.h" +#include /* uint8_t, ... */ Any reason not to use qemu-common? Regards, Anthony Liguori #include #include #include
[Qemu-devel] [PATCH] main-loop: Add missing include file
stdint.h defines the POSIX data types and is needed for MinGW-w64 (and maybe other hosts). Signed-off-by: Stefan Weil --- main-loop.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/main-loop.c b/main-loop.c index bfecdb7..d9585f8 100644 --- a/main-loop.c +++ b/main-loop.c @@ -22,6 +22,7 @@ * THE SOFTWARE. */ #include "config-host.h" +#include /* uint8_t, ... */ #include #include #include -- 1.7.2.5
Re: [Qemu-devel] [PATCH v2 3/4] Add cap reduction support to enable use as SUID
On 10/24/2011 02:13 PM, Corey Bryant wrote: Right, it's not desirable, but isn't that the best we can do without libcap or FS capabilities? I think the best we can do is not let it run in those cases. :) I'd like see if others in the community have an opinion on this though. IMHO, it should work as an setuid binary maintaining root privileges. As long as it's a small binary (which it is) and is easy to audit, it should be safe. Regards, Anthony Liguori
Re: [Qemu-devel] [PATCH v2 3/4] Add cap reduction support to enable use as SUID
On 10/24/2011 09:13 AM, Corey Bryant wrote:
On 10/23/2011 09:22 AM, Blue Swirl wrote:
On Fri, Oct 21, 2011 at 15:07, Corey Bryant wrote:
The ideal way to use qemu-bridge-helper is to give it an fscap of using:
setcap cap_net_admin=ep qemu-bridge-helper
Unfortunately, most distros still do not have a mechanism to package files
with fscaps applied. This means they'll have to SUID the qemu-bridge-helper
binary.
To improve security, use libcap to reduce our capability set to just
cap_net_admin, then reduce privileges down to the calling user. This is
hopefully close to equivalent to fscap support from a security perspective.
Signed-off-by: Anthony Liguori
Signed-off-by: Richa Marwaha
Signed-off-by: Corey Bryant
---
configure | 34 ++
qemu-bridge-helper.c | 39 +++
2 files changed, 73 insertions(+), 0 deletions(-)
diff --git a/configure b/configure
index 6c8b659..fed66b0 100755
--- a/configure
+++ b/configure
@@ -128,6 +128,7 @@ vnc_thread="no"
xen=""
xen_ctrl_version=""
linux_aio=""
+cap=""
attr=""
xfs=""
@@ -653,6 +654,10 @@ for opt do
;;
--enable-kvm) kvm="yes"
;;
+ --disable-cap) cap="no"
+ ;;
+ --enable-cap) cap="yes"
+ ;;
--disable-spice) spice="no"
;;
--enable-spice) spice="yes"
@@ -1032,6 +1037,8 @@ echo " --disable-vde disable support for vde network"
echo " --enable-vde enable support for vde network"
echo " --disable-linux-aio disable Linux AIO support"
echo " --enable-linux-aio enable Linux AIO support"
+echo " --disable-cap disable libcap-ng support"
+echo " --enable-cap enable libcap-ng support"
echo " --disable-attr disables attr and xattr support"
echo " --enable-attr enable attr and xattr support"
echo " --disable-blobs disable installing provided firmware blobs"
@@ -1638,6 +1645,29 @@ EOF
fi
##
+# libcap-ng library probe
+if test "$cap" != "no" ; then
+ cap_libs="-lcap-ng"
+ cat> $TMPC<< EOF
+#include
+int main(void)
+{
+ capng_capability_to_name(CAPNG_EFFECTIVE);
+ return 0;
+}
+EOF
+ if compile_prog "" "$cap_libs" ; then
+ cap=yes
+ libs_tools="$cap_libs $libs_tools"
+ else
+ if test "$cap" = "yes" ; then
+ feature_not_found "cap"
+ fi
+ cap=no
+ fi
+fi
+
+##
# Sound support libraries probe
audio_drv_probe()
@@ -2735,6 +2765,7 @@ echo "fdatasync $fdatasync"
echo "madvise $madvise"
echo "posix_madvise $posix_madvise"
echo "uuid support $uuid"
+echo "libcap-ng support $cap"
echo "vhost-net support $vhost_net"
echo "Trace backend $trace_backend"
echo "Trace output file $trace_file-"
@@ -2846,6 +2877,9 @@ fi
if test "$vde" = "yes" ; then
echo "CONFIG_VDE=y">> $config_host_mak
fi
+if test "$cap" = "yes" ; then
+ echo "CONFIG_LIBCAP=y">> $config_host_mak
+fi
for card in $audio_card_list; do
def=CONFIG_`echo $card | tr '[:lower:]' '[:upper:]'`
echo "$def=y">> $config_host_mak
diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
index db257d5..b1562eb 100644
--- a/qemu-bridge-helper.c
+++ b/qemu-bridge-helper.c
@@ -33,6 +33,10 @@
#include "net/tap-linux.h"
+#ifdef CONFIG_LIBCAP
+#include
+#endif
+
#define MAX_ACLS (128)
#define DEFAULT_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf"
@@ -185,6 +189,27 @@ static int send_fd(int c, int fd)
return sendmsg(c,&msg, 0);
}
+#ifdef CONFIG_LIBCAP
+static int drop_privileges(void)
+{
+ /* clear all capabilities */
+ capng_clear(CAPNG_SELECT_BOTH);
+
+ if (capng_update(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED,
+ CAP_NET_ADMIN)< 0) {
+ return -1;
+ }
+
+ /* change to calling user's real uid and gid, retaining supplemental
+ * groups and CAP_NET_ADMIN */
+ if (capng_change_id(getuid(), getgid(), CAPNG_CLEAR_BOUNDING)) {
+ return -1;
+ }
+
+ return 0;
+}
+#endif
+
int main(int argc, char **argv)
{
struct ifreq ifr;
@@ -198,6 +223,20 @@ int main(int argc, char **argv)
int acl_count = 0;
int i, access_allowed, access_denied;
+ /* if we're run from an suid binary, immediately drop privileges preserving
+ * cap_net_admin -- exit immediately if libcap not configured */
+ if (geteuid() == 0&& getuid() != geteuid()) {
+#ifdef CONFIG_LIBCAP
+ if (drop_privileges() == -1) {
+ fprintf(stderr, "failed to drop privileges\n");
+ return 1;
+ }
+#else
+ fprintf(stderr, "failed to drop privileges\n");
This makes the tool useless without CONFIG_LIBCAP. Wouldn't it be
possible to use setfsuid() instead for Linux?
Some fork+setuid helper could be used for other Unix and for the lame
OSes without any file system DAC capabilities, a different syntax that
does not rely on underlying FS may need to be introduced. Again, I
don't know if the tool is even interesting for non-Linux.
I just want to make sure that there is no chance that the helper is run as root
beyond this point.
But the whole pointer of the helper is to run as root. It's a small trusted
piece of code.
Obviously, it's better to drop unneeded privileges when that's possible but in
the event that is isn't, we shouldn't bail out completely.
Regar
Re: [Qemu-devel] [PATCH v2 3/4] Add cap reduction support to enable use as SUID
On 10/24/2011 02:58 PM, Blue Swirl wrote:
On Mon, Oct 24, 2011 at 18:38, Corey Bryant wrote:
On 10/24/2011 01:10 PM, Blue Swirl wrote:
On Mon, Oct 24, 2011 at 14:13, Corey Bryant
wrote:
On 10/23/2011 09:22 AM, Blue Swirl wrote:
On Fri, Oct 21, 2011 at 15:07, Corey Bryant
wrote:
The ideal way to use qemu-bridge-helper is to give it an fscap of
using:
setcap cap_net_admin=ep qemu-bridge-helper
Unfortunately, most distros still do not have a mechanism to package
files
with fscaps applied. This means they'll have to SUID the
qemu-bridge-helper
binary.
To improve security, use libcap to reduce our capability set to just
cap_net_admin, then reduce privileges down to the calling user. This
is
hopefully close to equivalent to fscap support from a security
perspective.
Signed-off-by: Anthony Liguori
Signed-off-by: Richa Marwaha
Signed-off-by: Corey Bryant
---
configure| 34 ++
qemu-bridge-helper.c | 39 +++
2 files changed, 73 insertions(+), 0 deletions(-)
diff --git a/configure b/configure
index 6c8b659..fed66b0 100755
--- a/configure
+++ b/configure
@@ -128,6 +128,7 @@ vnc_thread="no"
xen=""
xen_ctrl_version=""
linux_aio=""
+cap=""
attr=""
xfs=""
@@ -653,6 +654,10 @@ for opt do
;;
--enable-kvm) kvm="yes"
;;
+ --disable-cap) cap="no"
+ ;;
+ --enable-cap) cap="yes"
+ ;;
--disable-spice) spice="no"
;;
--enable-spice) spice="yes"
@@ -1032,6 +1037,8 @@ echo " --disable-vdedisable support
for vde network"
echo " --enable-vde enable support for vde network"
echo " --disable-linux-aio disable Linux AIO support"
echo " --enable-linux-aio enable Linux AIO support"
+echo " --disable-capdisable libcap-ng support"
+echo " --enable-cap enable libcap-ng support"
echo " --disable-attr disables attr and xattr support"
echo " --enable-attrenable attr and xattr support"
echo " --disable-blobs disable installing provided firmware
blobs"
@@ -1638,6 +1645,29 @@ EOF
fi
##
+# libcap-ng library probe
+if test "$cap" != "no" ; then
+ cap_libs="-lcap-ng"
+ cat> $TMPC<< EOF
+#include
+int main(void)
+{
+capng_capability_to_name(CAPNG_EFFECTIVE);
+return 0;
+}
+EOF
+ if compile_prog "" "$cap_libs" ; then
+cap=yes
+libs_tools="$cap_libs $libs_tools"
+ else
+if test "$cap" = "yes" ; then
+ feature_not_found "cap"
+fi
+cap=no
+ fi
+fi
+
+##
# Sound support libraries probe
audio_drv_probe()
@@ -2735,6 +2765,7 @@ echo "fdatasync $fdatasync"
echo "madvise $madvise"
echo "posix_madvise $posix_madvise"
echo "uuid support $uuid"
+echo "libcap-ng support $cap"
echo "vhost-net support $vhost_net"
echo "Trace backend $trace_backend"
echo "Trace output file $trace_file-"
@@ -2846,6 +2877,9 @@ fi
if test "$vde" = "yes" ; then
echo "CONFIG_VDE=y">> $config_host_mak
fi
+if test "$cap" = "yes" ; then
+ echo "CONFIG_LIBCAP=y">> $config_host_mak
+fi
for card in $audio_card_list; do
def=CONFIG_`echo $card | tr '[:lower:]' '[:upper:]'`
echo "$def=y">> $config_host_mak
diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
index db257d5..b1562eb 100644
--- a/qemu-bridge-helper.c
+++ b/qemu-bridge-helper.c
@@ -33,6 +33,10 @@
#include "net/tap-linux.h"
+#ifdef CONFIG_LIBCAP
+#include
+#endif
+
#define MAX_ACLS (128)
#define DEFAULT_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf"
@@ -185,6 +189,27 @@ static int send_fd(int c, int fd)
return sendmsg(c,&msg, 0);
}
+#ifdef CONFIG_LIBCAP
+static int drop_privileges(void)
+{
+/* clear all capabilities */
+capng_clear(CAPNG_SELECT_BOTH);
+
+if (capng_update(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED,
+ CAP_NET_ADMIN)< 0) {
+return -1;
+}
+
+/* change to calling user's real uid and gid, retaining
supplemental
+ * groups and CAP_NET_ADMIN */
+if (capng_change_id(getuid(), getgid(), CAPNG_CLEAR_BOUNDING)) {
+return -1;
+}
+
+return 0;
+}
+#endif
+
int main(int argc, char **argv)
{
struct ifreq ifr;
@@ -198,6 +223,20 @@ int main(int argc, char **argv)
int acl_count = 0;
int i, access_allowed, access_denied;
+/* if we're run from an suid binary, immediately drop privileges
preserving
+ * cap_net_admin -- exit immediately if libcap not configured */
+if (geteuid() == 0&& getuid() != geteuid()) {
+#ifdef CONFIG_LIBCAP
+if (drop_privileges() == -1) {
+fprintf(stderr, "failed to drop privileges\n");
+return 1;
+}
+#else
+fprintf(stderr, "failed to drop privileges\n");
This makes the tool useless without CONFIG_LIBCAP. Wouldn't it be
possible to use setfsuid() instead for Linux?
Some
Re: [Qemu-devel] [PATCH v2 3/4] Add cap reduction support to enable use as SUID
On Mon, Oct 24, 2011 at 18:38, Corey Bryant wrote:
>
>
> On 10/24/2011 01:10 PM, Blue Swirl wrote:
>>
>> On Mon, Oct 24, 2011 at 14:13, Corey Bryant
>> wrote:
>>>
>>>
>>> On 10/23/2011 09:22 AM, Blue Swirl wrote:
On Fri, Oct 21, 2011 at 15:07, Corey Bryant
wrote:
>
> The ideal way to use qemu-bridge-helper is to give it an fscap of
> using:
>
> setcap cap_net_admin=ep qemu-bridge-helper
>
> Unfortunately, most distros still do not have a mechanism to package
> files
> with fscaps applied. This means they'll have to SUID the
> qemu-bridge-helper
> binary.
>
> To improve security, use libcap to reduce our capability set to just
> cap_net_admin, then reduce privileges down to the calling user. This
> is
> hopefully close to equivalent to fscap support from a security
> perspective.
>
> Signed-off-by: Anthony Liguori
> Signed-off-by: Richa Marwaha
> Signed-off-by: Corey Bryant
> ---
> configure | 34 ++
> qemu-bridge-helper.c | 39 +++
> 2 files changed, 73 insertions(+), 0 deletions(-)
>
> diff --git a/configure b/configure
> index 6c8b659..fed66b0 100755
> --- a/configure
> +++ b/configure
> @@ -128,6 +128,7 @@ vnc_thread="no"
> xen=""
> xen_ctrl_version=""
> linux_aio=""
> +cap=""
> attr=""
> xfs=""
>
> @@ -653,6 +654,10 @@ for opt do
> ;;
> --enable-kvm) kvm="yes"
> ;;
> + --disable-cap) cap="no"
> + ;;
> + --enable-cap) cap="yes"
> + ;;
> --disable-spice) spice="no"
> ;;
> --enable-spice) spice="yes"
> @@ -1032,6 +1037,8 @@ echo " --disable-vde disable support
> for vde network"
> echo " --enable-vde enable support for vde network"
> echo " --disable-linux-aio disable Linux AIO support"
> echo " --enable-linux-aio enable Linux AIO support"
> +echo " --disable-cap disable libcap-ng support"
> +echo " --enable-cap enable libcap-ng support"
> echo " --disable-attr disables attr and xattr support"
> echo " --enable-attr enable attr and xattr support"
> echo " --disable-blobs disable installing provided firmware
> blobs"
> @@ -1638,6 +1645,29 @@ EOF
> fi
>
> ##
> +# libcap-ng library probe
> +if test "$cap" != "no" ; then
> + cap_libs="-lcap-ng"
> + cat> $TMPC<< EOF
> +#include
> +int main(void)
> +{
> + capng_capability_to_name(CAPNG_EFFECTIVE);
> + return 0;
> +}
> +EOF
> + if compile_prog "" "$cap_libs" ; then
> + cap=yes
> + libs_tools="$cap_libs $libs_tools"
> + else
> + if test "$cap" = "yes" ; then
> + feature_not_found "cap"
> + fi
> + cap=no
> + fi
> +fi
> +
> +##
> # Sound support libraries probe
>
> audio_drv_probe()
> @@ -2735,6 +2765,7 @@ echo "fdatasync $fdatasync"
> echo "madvise $madvise"
> echo "posix_madvise $posix_madvise"
> echo "uuid support $uuid"
> +echo "libcap-ng support $cap"
> echo "vhost-net support $vhost_net"
> echo "Trace backend $trace_backend"
> echo "Trace output file $trace_file-"
> @@ -2846,6 +2877,9 @@ fi
> if test "$vde" = "yes" ; then
> echo "CONFIG_VDE=y">> $config_host_mak
> fi
> +if test "$cap" = "yes" ; then
> + echo "CONFIG_LIBCAP=y">> $config_host_mak
> +fi
> for card in $audio_card_list; do
> def=CONFIG_`echo $card | tr '[:lower:]' '[:upper:]'`
> echo "$def=y">> $config_host_mak
> diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
> index db257d5..b1562eb 100644
> --- a/qemu-bridge-helper.c
> +++ b/qemu-bridge-helper.c
> @@ -33,6 +33,10 @@
>
> #include "net/tap-linux.h"
>
> +#ifdef CONFIG_LIBCAP
> +#include
> +#endif
> +
> #define MAX_ACLS (128)
> #define DEFAULT_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf"
>
> @@ -185,6 +189,27 @@ static int send_fd(int c, int fd)
> return sendmsg(c,&msg, 0);
> }
>
> +#ifdef CONFIG_LIBCAP
> +static int drop_privileges(void)
> +{
> + /* clear all capabilities */
> + capng_clear(CAPNG_SELECT_BOTH);
> +
> + if (capng_update(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED,
> + CAP_NET_ADMIN)< 0) {
> + return -1;
> + }
> +
> + /* change to calling user's real uid and gid, retaining
> supplemental
> + * groups and CAP_NET_ADMIN */
> + if (capng_change_id(getuid(), getgid(), CAPNG_CLEAR_BOUNDING)) {
> + ret
Re: [Qemu-devel] [PATCH 0/4] add "make check"
On 10/24/2011 01:43 PM, Eduardo Habkost wrote: On Mon, Sep 05, 2011 at 09:55:20AM +0200, Markus Armbruster wrote: Gerd Hoffmann writes: Hi, This patch series intends to make unit testing easier. It adds a new "make check" target which can be used to run all unit tests which are currently in the tree. It also enables the unit tests by default, so you don't have to re-run configure with a special switch. Reviewed-by: Markus Armbruster One test fails, but Luiz has a fix in his tree. Reviewed-by: Eduardo Habkost Now all tests are passing. Why this was not applied yet? I was hoping for more, but maybe we just need to start here and grow organically, I'll queue it again. Regards, Anthony Liguori
[Qemu-devel] [PATCH] KVM: PPC: Override host vmx/vsx/dfp only when information known
The -cpu host feature tries to find out the host capabilities based
on device tree information. However, we don't always have that available
because it's an optional property in dt.
So instead of force unsetting values depending on an unreliable source
of information, let's just try to be clever about it and not override
capabilities when we don't know the device tree pieces.
This fixes altivec with -cpu host on YDL PowerStations.
Signed-off-by: Alexander Graf
---
target-ppc/kvm.c | 12 +---
1 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c
index a090d79..f3d0861 100644
--- a/target-ppc/kvm.c
+++ b/target-ppc/kvm.c
@@ -912,9 +912,15 @@ const ppc_def_t *kvmppc_host_cpu_def(void)
/* Now fix up the spec with information we can query from the host */
-alter_insns(&spec->insns_flags, PPC_ALTIVEC, vmx > 0);
-alter_insns(&spec->insns_flags2, PPC2_VSX, vmx > 1);
-alter_insns(&spec->insns_flags2, PPC2_DFP, dfp);
+if (vmx != -1) {
+/* Only override when we know what the host supports */
+alter_insns(&spec->insns_flags, PPC_ALTIVEC, vmx > 0);
+alter_insns(&spec->insns_flags2, PPC2_VSX, vmx > 1);
+}
+if (dfp != -1) {
+/* Only override when we know what the host supports */
+alter_insns(&spec->insns_flags2, PPC2_DFP, dfp);
+}
return spec;
}
--
1.6.0.2
Re: [Qemu-devel] [PATCH 0/4] add "make check"
On Mon, Sep 05, 2011 at 09:55:20AM +0200, Markus Armbruster wrote: > Gerd Hoffmann writes: > > > Hi, > > > > This patch series intends to make unit testing easier. It adds a new > > "make check" target which can be used to run all unit tests which are > > currently in the tree. It also enables the unit tests by default, so > > you don't have to re-run configure with a special switch. > > Reviewed-by: Markus Armbruster > > One test fails, but Luiz has a fix in his tree. Reviewed-by: Eduardo Habkost Now all tests are passing. Why this was not applied yet? -- Eduardo
Re: [Qemu-devel] [PATCH v2 3/4] Add cap reduction support to enable use as SUID
On 10/24/2011 01:10 PM, Blue Swirl wrote: On Mon, Oct 24, 2011 at 14:13, Corey Bryant wrote: On 10/23/2011 09:22 AM, Blue Swirl wrote: On Fri, Oct 21, 2011 at 15:07, Corey Bryant wrote: The ideal way to use qemu-bridge-helper is to give it an fscap of using: setcap cap_net_admin=ep qemu-bridge-helper Unfortunately, most distros still do not have a mechanism to package files with fscaps applied. This means they'll have to SUID the qemu-bridge-helper binary. To improve security, use libcap to reduce our capability set to just cap_net_admin, then reduce privileges down to the calling user. This is hopefully close to equivalent to fscap support from a security perspective. Signed-off-by: Anthony Liguori Signed-off-by: Richa Marwaha Signed-off-by: Corey Bryant --- configure| 34 ++ qemu-bridge-helper.c | 39 +++ 2 files changed, 73 insertions(+), 0 deletions(-) diff --git a/configure b/configure index 6c8b659..fed66b0 100755 --- a/configure +++ b/configure @@ -128,6 +128,7 @@ vnc_thread="no" xen="" xen_ctrl_version="" linux_aio="" +cap="" attr="" xfs="" @@ -653,6 +654,10 @@ for opt do ;; --enable-kvm) kvm="yes" ;; + --disable-cap) cap="no" + ;; + --enable-cap) cap="yes" + ;; --disable-spice) spice="no" ;; --enable-spice) spice="yes" @@ -1032,6 +1037,8 @@ echo " --disable-vdedisable support for vde network" echo " --enable-vde enable support for vde network" echo " --disable-linux-aio disable Linux AIO support" echo " --enable-linux-aio enable Linux AIO support" +echo " --disable-capdisable libcap-ng support" +echo " --enable-cap enable libcap-ng support" echo " --disable-attr disables attr and xattr support" echo " --enable-attrenable attr and xattr support" echo " --disable-blobs disable installing provided firmware blobs" @@ -1638,6 +1645,29 @@ EOF fi ## +# libcap-ng library probe +if test "$cap" != "no" ; then + cap_libs="-lcap-ng" + cat>$TMPC<>$config_host_mak fi +if test "$cap" = "yes" ; then + echo "CONFIG_LIBCAP=y">>$config_host_mak +fi for card in $audio_card_list; do def=CONFIG_`echo $card | tr '[:lower:]' '[:upper:]'` echo "$def=y">>$config_host_mak diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c index db257d5..b1562eb 100644 --- a/qemu-bridge-helper.c +++ b/qemu-bridge-helper.c @@ -33,6 +33,10 @@ #include "net/tap-linux.h" +#ifdef CONFIG_LIBCAP +#include +#endif + #define MAX_ACLS (128) #define DEFAULT_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf" @@ -185,6 +189,27 @@ static int send_fd(int c, int fd) return sendmsg(c,&msg, 0); } +#ifdef CONFIG_LIBCAP +static int drop_privileges(void) +{ +/* clear all capabilities */ +capng_clear(CAPNG_SELECT_BOTH); + +if (capng_update(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, + CAP_NET_ADMIN)<0) { +return -1; +} + +/* change to calling user's real uid and gid, retaining supplemental + * groups and CAP_NET_ADMIN */ +if (capng_change_id(getuid(), getgid(), CAPNG_CLEAR_BOUNDING)) { +return -1; +} + +return 0; +} +#endif + int main(int argc, char **argv) { struct ifreq ifr; @@ -198,6 +223,20 @@ int main(int argc, char **argv) int acl_count = 0; int i, access_allowed, access_denied; +/* if we're run from an suid binary, immediately drop privileges preserving + * cap_net_admin -- exit immediately if libcap not configured */ +if (geteuid() == 0&&getuid() != geteuid()) { +#ifdef CONFIG_LIBCAP +if (drop_privileges() == -1) { +fprintf(stderr, "failed to drop privileges\n"); +return 1; +} +#else +fprintf(stderr, "failed to drop privileges\n"); This makes the tool useless without CONFIG_LIBCAP. Wouldn't it be possible to use setfsuid() instead for Linux? Some fork+setuid helper could be used for other Unix and for the lame OSes without any file system DAC capabilities, a
[Qemu-devel] Windows 98 installer
Hello developers, there are plenty of reports in the internet that the Windows 98 installer crashes or hangs in qemu. I took the effort to track down what causes these problems, and I think I found out the core reason, which seems to be a bug in the Microsoft DOS Extender DOSX. The Windows 95/Windows 98 installers are Windows 3.1 applications, and the setup media contain the Windows 3.1 kernel for "standard mode", i.e. the 286 mode of Windows 3.1. The lowest layer of Windows 3.1 running in standard mode is the Microsoft DOS extender, which amongst other things provides a DPMI host implementation and does interrupt management. The crashes of the Windows 98 installer I could observe were caused by overflowing the number of interrupt stacks inside DOSX, which can happen if interrupts are generated faster than they are handled. The code path is like this: While DOSX is active and executing real-mode code with interrupts enabled, an interrupt occurs (e.g. the timer interrupt). All real mode interrupt handlers are hooked by dosx, so control is transferred to the corresponding interrupt handler in dosx. The handler for interrupts occurring in real mode reflects the interrupt to protected mode. The reflection to protected mode happens on one of the internal interrupts stacks inside DOSX. After setting up the interrupt stack and looking up the protected mode handler, an interrupt return frame for the protected mode handler is set up containing the flag register value that was active when the real-mode handler in DOSX was entered (i.e. the return flags from the DOSX handler are copied to the interrupt stack). The protected mode interrupt handler in SYSTEM.DRV then at some time decides to chain to the original protected mode interrupt handler inside DOSX, either by jumping to the handler re-using the return frame (and thus the return flags the DOSX handler will see are the same as the code that reflected the interrupt to protected mode had seen), or on another code path that has the same net effect [skipped as it does not matter for the issue here]. So now DOSX is entered again. The default protected mode interrupt handler then decides to reflect the interrupt to real mode - to all the code that hooked the interrupt before DOSX was called. Just as for the reflect-to-protected-mode code, also the reflect-to-real-mode code allocates an interrupt stack from the stacks inside DOSX, switches to that stack, and finally calls the original handler (this time in real mode), with the return frame having the same flags as the return frame of the reflection handler. Long story short: So the flags from when the hardware interrupt handler was entered were passed along into the return frame the reflecting handler builds for the protected mode handler. The flags from this return frame are then passed into the return frame of the second reflecting handler builds for the real mode handler. As interrupts were enabled at the start of that chain (otherwise, it would not have started), we know that the interrupt flag is set in the return frame of the real-mode handler. Also, note that two interrupt stacks got allocated during this process. (the total number of interrupt stacks is 12 by default, which is not overwritten in the system.ini provided with the Windows 98 installer) Now let's assume for some reason the real-mode handler of the timer interrupt takes more than 55ms to execute (or execution is scheduled from qemu to another process so that not 55ms of real CPU time is available between two timer ticks), then the next timer tick is pending as soon as the real-mode handler of the timer interrupt returns into the reflect-to-real-mode handler (which is going switch back to protected mode and return to either SYSTEM.DRV or the reflect-to-protected mode handler and freeing the interrupt stack used for reflection to real mode). BUT as we know, the interrupt flag is set in the interrupt return frame for the real-mode handler - which causes qemu to accept the next timer interrupt directly after the real mode handler returned, with two interrupt stacks still allocated. If the nesting level gets to six, all interrupt stack frames are used. DOSX still allocates further stack frames, resulting in the stack pointer pointing into the data segment of DOSX, damaging important data structures, which will crash the system some time later. If you know the 8086 architecture by heart, and also know the qemu code, you could get the idea that there might be an emulation bug causing the premature acceptance of the second interrupt (would it be accepted after cleaning up the stack frames, there would be no problem), namely that after an IRET or STI instruction, interrupts are only accepted after one further instruction - and only if they are still enabled. So *if* the real-mode handler returned to an CLI instruction, a real 8086 compatible CPU would not accept an interrupt between the IRET and CLI. Indeed, the DOSX code contains an CLI instruction
[Qemu-devel] Qemu on Windows rather ignores AltGr Key (de keyboard)
Hi, Qemu Manager 7.0 with QEMU 0.11.1 (last qemu with KQEMU accelerator) on German Windows XP, German Keyboard: I cannot type any characters which require the AltGr key. And "| @ \" are very important! No reaction at all, when I press AltGr and any of the sensitive keys, so no wrong characters, but just silence. The only exception: "AltGr + ß" = "\" (backslash) doesn't produce silence or a "\", but erases the last command on a Linux shell, and erases the last char in an editor like Nano. while the key produces correct charactars "ß" and "?"(+shift) without the altgr key. Tested with many different Linuxes (which are configured well to DE and DE keyboard otherwise). Tested on text terminal and in X/Gnome: no difference. Tested with -usb and usb keyboard as well: no difference. Tested with 3 types of Qemu Manager windows. tried reinstall of the Qemu Manager. I even added the extra "-k de" (which should not be necessary according to the docs): "C:\Programme\QemuManager\qemu\qemu.exe" -L "C:\Programme\QemuManager\qemu" -M "pc" -m 512 -cpu "qemu32" -vga cirrus -serial vc -parallel vc -name "DebianLinux" -drive "file=C:\boot\Debian.qcow2,index=0,media=disk" -drive "file=C:\boot\grubboot.raw,index=1,media=disk" -drive "file=C:\boot\Odin FreeDOS.qcow2,index=3,media=disk" -boot order=dc,menu=off -soundhw es1370 -enable-kqemu -net nic,vlan=0,macaddr=52-54-00-64-91-E8,model=rtl8139 -net user,vlan=0 -hwnd 919538 -monitor telnet:127.0.0.1:60002,server,nowait -k de -localtime what can I do? Robert PS: when using QEMU as VNC server (with de set as "VNC Keyboard Language" in the manager -> resulting in "-k de") and UltraVNC 1.0.8.2 as Client (which works ok between 2 MS Windows etc.), then DE keyboard doesn't work at all. It's a weired mix of english keyboard layout and some german characters (like äöüß) on very wrong keys. but thats another more komplex game at all ... or what could be the additional problem there? : "C:\Programme\QemuManager\qemu\qemu.exe" -L "C:\Programme\QemuManager\qemu" -M "pc" -m 512 -cpu "qemu32" -vga cirrus -serial vc -parallel vc -name "DebianLinux" -drive "file=C:\boot\Debian.qcow2,index=0,media=disk" -drive "file=C:\boot\grubboot.raw,index=1,media=disk" -drive "file=C:\boot\Odin FreeDOS.qcow2,index=3,media=disk" -boot order=dc,menu=off -soundhw es1370 -kernel-kqemu -net nic,vlan=0,macaddr=52-54-00-64-91-E8,model=rtl8139 -net user,vlan=0 -usb -usbdevice keyboard -usbdevice tablet -vnc :1 -k de -localtime -- PPS: the de keymap in C:\Programme\QemuManager\qemu\keymaps which look ok: --- # generated from XKB map de include common map 0x407 exclam 0x02 shift onesuperior 0x02 altgr exclamdown 0x02 shift altgr quotedbl 0x03 shift twosuperior 0x03 altgr oneeighth 0x03 shift altgr section 0x04 shift threesuperior 0x04 altgr sterling 0x04 shift altgr dollar 0x05 shift onequarter 0x05 altgr currency 0x05 shift altgr percent 0x06 shift onehalf 0x06 altgr threeeighths 0x06 shift altgr ampersand 0x07 shift threequarters 0x07 altgr fiveeighths 0x07 shift altgr slash 0x08 shift braceleft 0x08 altgr seveneighths 0x08 shift altgr parenleft 0x09 shift bracketleft 0x09 altgr trademark 0x09 shift altgr parenright 0x0a shift bracketright 0x0a altgr plusminus 0x0a shift altgr equal 0x0b shift braceright 0x0b altgr ssharp 0x0c question 0x0c shift backslash 0x0c altgr questiondown 0x0c shift altgr acute 0x0d dead_acute 0x0d grave 0x0d shift dead_grave 0x0d shift dead_cedilla 0x0d altgr dead_ogonek 0x0d shift altgr at 0x10 altgr Greek_OMEGA 0x10 shift altgr EuroSign 0x12 altgr paragraph 0x13 altgr registered 0x13 shift altgr tslash 0x14 altgr Tslash 0x14 shift altgr z 0x15 addupper leftarrow 0x15 altgr yen 0x15 shift altgr downarrow 0x16 altgr uparrow 0x16 shift altgr rightarrow 0x17 altgr idotless 0x17 shift altgr oslash 0x18 altgr Ooblique 0x18 shift altgr thorn 0x19 altgr THORN 0x19 shift altgr udiaeresis 0x1a Udiaeresis 0x1a shift dead_diaeresis 0x1a altgr dead_abovering 0x1a shift altgr plus 0x1b asterisk 0x1b shift asciitilde 0x1b altgr dead_tilde 0x1b altgr dead_macron 0x1b shift altgr ae 0x1e altgr AE 0x1e shift altgr eth 0x20 altgr ETH 0x20 shift altgr dstroke 0x21 altgr ordfeminine 0x21 shift altgr eng 0x22 altgr ENG 0x22 shift altgr hstroke 0x23 altgr Hstroke 0x23 shift altgr kra 0x25 altgr odiaeresis 0x27 Odiaeresis 0x27 shift dead_doubleacute 0x27 altgr adiaeresis 0x28 Adiaeresis 0x28 shift dead_caron 0x28 shift altgr asciicircum 0x29 dead_circumflex 0x29 degree 0x29 shift notsign 0x29 altgr numbersign 0x2b apostrophe 0x2b shift dead_breve 0x2b shift altgr y 0x2c addupper guillemotleft 0x2c altgr guillemotright 0x2d altgr cent 0x2e altgr copyright 0x2e shift altgr leftdoublequotemark 0x2f altgr rightdoublequotemark 0x30 altgr mu 0x32 altgr masculine 0x32 shift altgr comma 0x33 semicolon 0x33 shift horizconnector 0x33 altgr multiply 0x33 shift altgr period 0x34 colon 0x34 shift periodcentered 0x34 altgr division 0x34 shift altgr minus 0x35 u
Re: [Qemu-devel] [Qemu-ppc] [PATCH] pseries: Correct vmx/dfp handling in both KVM and TCG cases
On 24.10.2011, at 10:55, Alexander Graf wrote: > > On 24.10.2011, at 10:25, Alexander Graf wrote: > >> >> On 23.10.2011, at 22:29, David Gibson wrote: >> >>> On Thu, Oct 20, 2011 at 11:49:40PM -0700, Alexander Graf wrote: On 20.10.2011, at 22:06, David Gibson wrote: > On Thu, Oct 20, 2011 at 07:40:00PM -0700, Alexander Graf wrote: >> On 20.10.2011, at 17:41, David Gibson >> wrote: >>> On Thu, Oct 20, 2011 at 10:12:51AM -0700, Alexander Graf wrote: On 17.10.2011, at 21:15, David Gibson wrote: > [snip] >>> So, I really don't follow what the logic you want is. It sounds more >>> like what I have already, so I'm not sure how -cpu host comes into >>> this. >> >> Well, I want something very simple, layered: >> >> -cpu host only searches for pvr matches and selects a different CPU >> -type based on this > > Hrm, ok, well I can do this if you like, but note that this is quite > different from how -cpu host behaves on x86. There it builds the CPU > spec from scratch based on querying the host cpuid, rather than > selecting from an existing list of cpus. I selected from the existing > table based on host PVR because that was the easiest source for some > of the info in the cpu_spec, but my intention was that anything we > _can_ query directly from the host would override the table. > > It seems to be your approach is giving up on the possibility of > allowing -cpu host to work (and give you full access to the host > features) when qemu doesn't recognize the precise PVR of the host cpu. I disagree :). This is what x86 does: * -cpu host fetches CPUID info from host, puts it into vcpu * vcpu CPUID info gets ANDed with KVM capability CPUIDs I want basically the same thing. I want to have 2 different layers for 2 different semantics. One for what the host CPU would be able to do and one for what we can emulate, and two different steps to ensure control over them. The thing I think I'm apparently not bringing over yet is that I'm more than happy to get rid of the PVR searching step for -cpu host and instead use a full host capability inquiry mechanism. But that inquiry should indicate what the host CPU can do. It has nothing to do with KVM yet. The masking with KVM capabilities should be the next separate step. My goal is really to separate different layers into actual different layers :). >>> >>> Hrm. I think I see what you're getting at. Although nothing in that >>> patch is about kvm capabilities - it's all about working out what the >>> host's cpu can do. >> >> Reading through the patch again I think I see your point now :). Yes, the >> kvmppc_host_cpu_def function only tries to fetch the host CPU capabilities. >> >> So yes, there is basically only the masking part with what we can actually >> virtualize missing. But for now we can just assume that every feature the >> host CPU supports is available. >> >> I'll apply your patch for now, as it certainly is better than what we had >> before. > > This breaks on 970mp (PowerStation). kvmppc_get_vmx returns -1 because > ibm,vmx doesn't exist in the host dt, but the CPU still supports Altivec. > > Any alternative way to enumerate VMX availability? Thinking about it a bit more ... Why do we need to check the host's capability to do VMX/VSX/DFP? Shouldn't the PVR already tell us everything we need to know? We're still missing some way for KVM to tell us what it can virtualize to the guest, but for now we assume that anything we throw at it works anyways. Alex
Re: [Qemu-devel] [Qemu-ppc] [PATCH] pseries: Correct vmx/dfp handling in both KVM and TCG cases
On 24.10.2011, at 10:25, Alexander Graf wrote: > > On 23.10.2011, at 22:29, David Gibson wrote: > >> On Thu, Oct 20, 2011 at 11:49:40PM -0700, Alexander Graf wrote: >>> >>> On 20.10.2011, at 22:06, David Gibson wrote: >>> On Thu, Oct 20, 2011 at 07:40:00PM -0700, Alexander Graf wrote: > On 20.10.2011, at 17:41, David Gibson wrote: >> On Thu, Oct 20, 2011 at 10:12:51AM -0700, Alexander Graf wrote: >>> On 17.10.2011, at 21:15, David Gibson wrote: [snip] >> So, I really don't follow what the logic you want is. It sounds more >> like what I have already, so I'm not sure how -cpu host comes into >> this. > > Well, I want something very simple, layered: > > -cpu host only searches for pvr matches and selects a different CPU > -type based on this Hrm, ok, well I can do this if you like, but note that this is quite different from how -cpu host behaves on x86. There it builds the CPU spec from scratch based on querying the host cpuid, rather than selecting from an existing list of cpus. I selected from the existing table based on host PVR because that was the easiest source for some of the info in the cpu_spec, but my intention was that anything we _can_ query directly from the host would override the table. It seems to be your approach is giving up on the possibility of allowing -cpu host to work (and give you full access to the host features) when qemu doesn't recognize the precise PVR of the host cpu. >>> >>> I disagree :). This is what x86 does: >>> >>> * -cpu host fetches CPUID info from host, puts it into vcpu >>> * vcpu CPUID info gets ANDed with KVM capability CPUIDs >>> >>> I want basically the same thing. I want to have 2 different layers >>> for 2 different semantics. One for what the host CPU would be able >>> to do and one for what we can emulate, and two different steps to >>> ensure control over them. >>> >>> The thing I think I'm apparently not bringing over yet is that I'm >>> more than happy to get rid of the PVR searching step for -cpu host >>> and instead use a full host capability inquiry mechanism. But that >>> inquiry should indicate what the host CPU can do. It has nothing to >>> do with KVM yet. The masking with KVM capabilities should be the >>> next separate step. >>> >>> My goal is really to separate different layers into actual different >>> layers :). >> >> Hrm. I think I see what you're getting at. Although nothing in that >> patch is about kvm capabilities - it's all about working out what the >> host's cpu can do. > > Reading through the patch again I think I see your point now :). Yes, the > kvmppc_host_cpu_def function only tries to fetch the host CPU capabilities. > > So yes, there is basically only the masking part with what we can actually > virtualize missing. But for now we can just assume that every feature the > host CPU supports is available. > > I'll apply your patch for now, as it certainly is better than what we had > before. This breaks on 970mp (PowerStation). kvmppc_get_vmx returns -1 because ibm,vmx doesn't exist in the host dt, but the CPU still supports Altivec. Any alternative way to enumerate VMX availability? Alex
Re: [Qemu-devel] [PATCH 5/5] qxl: support async monitor screen dump
On Mon, Oct 24, 2011 at 05:29:47PM +0200, Gerd Hoffmann wrote: > On 10/24/11 14:02, Alon Levy wrote: > > Split qxl_spice_update_area_complete from qxl_render_update, use > > SPICE_INTERFACE_QXL_MINOR 2 introduced spice_qxl_update_area_dirty_async > > to retrive the dirty rectangles asyncronously (the previous > > spice_qxl_update_area_async did not accept a dirty rectangles array). > > > > Introduce SpiceAsyncMonitorScreenDump for a screen_dump. > > That one conflicts with the screendump/SDL fixes pushed to the spice.v44 > branch. Have you seen the mail? Had you time to look at the patches? Yes and no. I will. > > cheers, > Gerd >
Re: [Qemu-devel] [PATCH 1/5] monitor: screen_dump async
On Mon, Oct 24, 2011 at 01:45:16PM -0200, Luiz Capitulino wrote: > On Mon, 24 Oct 2011 17:13:14 +0200 > Gerd Hoffmann wrote: > > > On 10/24/11 14:02, Alon Levy wrote: > > > Make screen_dump monitor command an async command to allow next for qxl > > > to implement it as a initiating call to red_worker and completion on > > > callback, to fix a deadlock when issueing a screendump command via > > > libvirt while connected with a libvirt controlled spice-gtk client. > > > > Approach looks reasonable to me. Patch breaks the build though, you've > > missed a bunch of screen_dump functions in non-x86 targets. > > There are two problems actually. > > The first one is that changing an existing command from synchronous > to asynchronous is an incompatible change because asynchronous commands > semantics is different. For an example of possible problems please > check: https://bugzilla.redhat.com/show_bug.cgi?id=623903. > > The second problem is that the existing asynchronous interface in the > monitor is incomplete and has never been used for real. Our plan is to > use QAPI's async support, but that has not landed in master yet and iirc > there wasn't consensus about it. I also think it's a bit late for its > inclusion in 1.0 (and certainly not a candidate for stable). > > If all you need here is to delay sending the response, then maybe the > current interface could work (although I honestly don't trust it and > regret not having dropped it). Otherwise our only choice would be to > work on getting the QAPI async support merged. My problem is that the io thread keeps the global mutex during the wait, that's why the async monitor is perfect for what I want - this is exactly what it does. I haven't looked at QAPI async support, but I understand it's a bit in the future.
Re: [Qemu-devel] [Qemu-ppc] [PATCH] pseries: Correct vmx/dfp handling in both KVM and TCG cases
On 23.10.2011, at 22:29, David Gibson wrote: > On Thu, Oct 20, 2011 at 11:49:40PM -0700, Alexander Graf wrote: >> >> On 20.10.2011, at 22:06, David Gibson wrote: >> >>> On Thu, Oct 20, 2011 at 07:40:00PM -0700, Alexander Graf wrote: On 20.10.2011, at 17:41, David Gibson wrote: > On Thu, Oct 20, 2011 at 10:12:51AM -0700, Alexander Graf wrote: >> On 17.10.2011, at 21:15, David Gibson wrote: >>> [snip] > So, I really don't follow what the logic you want is. It sounds more > like what I have already, so I'm not sure how -cpu host comes into > this. Well, I want something very simple, layered: -cpu host only searches for pvr matches and selects a different CPU -type based on this >>> >>> Hrm, ok, well I can do this if you like, but note that this is quite >>> different from how -cpu host behaves on x86. There it builds the CPU >>> spec from scratch based on querying the host cpuid, rather than >>> selecting from an existing list of cpus. I selected from the existing >>> table based on host PVR because that was the easiest source for some >>> of the info in the cpu_spec, but my intention was that anything we >>> _can_ query directly from the host would override the table. >>> >>> It seems to be your approach is giving up on the possibility of >>> allowing -cpu host to work (and give you full access to the host >>> features) when qemu doesn't recognize the precise PVR of the host cpu. >> >> I disagree :). This is what x86 does: >> >> * -cpu host fetches CPUID info from host, puts it into vcpu >> * vcpu CPUID info gets ANDed with KVM capability CPUIDs >> >> I want basically the same thing. I want to have 2 different layers >> for 2 different semantics. One for what the host CPU would be able >> to do and one for what we can emulate, and two different steps to >> ensure control over them. >> >> The thing I think I'm apparently not bringing over yet is that I'm >> more than happy to get rid of the PVR searching step for -cpu host >> and instead use a full host capability inquiry mechanism. But that >> inquiry should indicate what the host CPU can do. It has nothing to >> do with KVM yet. The masking with KVM capabilities should be the >> next separate step. >> >> My goal is really to separate different layers into actual different >> layers :). > > Hrm. I think I see what you're getting at. Although nothing in that > patch is about kvm capabilities - it's all about working out what the > host's cpu can do. Reading through the patch again I think I see your point now :). Yes, the kvmppc_host_cpu_def function only tries to fetch the host CPU capabilities. So yes, there is basically only the masking part with what we can actually virtualize missing. But for now we can just assume that every feature the host CPU supports is available. I'll apply your patch for now, as it certainly is better than what we had before. > >>> This gets further complicated in the case of the w-i-p patch I have to >>> properly advertise page sizes, where it's not just presence or absence >>> of a feature, but the specific SLB and HPTE encodings must be >>> advertised to the guest. >> >> Yup, so we'd read out the host dt to find the host possible >> encodings (probably a bad idea, but that's a different story) > > Um, a different story perhaps, but one I kind of need an answer to in > the near future... I can query the host cpu's page sizes easily > enough, but I'm really not sure where this should be stashed before > filtering as suggested below. Page sizes are usually powers of 2, so we should be ok with just having a bitmap there with each bit meaning 1 << (n + 12). Alex
Re: [Qemu-devel] [PATCH v2 3/4] Add cap reduction support to enable use as SUID
On Mon, Oct 24, 2011 at 14:13, Corey Bryant wrote:
>
>
> On 10/23/2011 09:22 AM, Blue Swirl wrote:
>>
>> On Fri, Oct 21, 2011 at 15:07, Corey Bryant
>> wrote:
>>>
>>> The ideal way to use qemu-bridge-helper is to give it an fscap of using:
>>>
>>> setcap cap_net_admin=ep qemu-bridge-helper
>>>
>>> Unfortunately, most distros still do not have a mechanism to package
>>> files
>>> with fscaps applied. This means they'll have to SUID the
>>> qemu-bridge-helper
>>> binary.
>>>
>>> To improve security, use libcap to reduce our capability set to just
>>> cap_net_admin, then reduce privileges down to the calling user. This is
>>> hopefully close to equivalent to fscap support from a security
>>> perspective.
>>>
>>> Signed-off-by: Anthony Liguori
>>> Signed-off-by: Richa Marwaha
>>> Signed-off-by: Corey Bryant
>>> ---
>>> configure | 34 ++
>>> qemu-bridge-helper.c | 39 +++
>>> 2 files changed, 73 insertions(+), 0 deletions(-)
>>>
>>> diff --git a/configure b/configure
>>> index 6c8b659..fed66b0 100755
>>> --- a/configure
>>> +++ b/configure
>>> @@ -128,6 +128,7 @@ vnc_thread="no"
>>> xen=""
>>> xen_ctrl_version=""
>>> linux_aio=""
>>> +cap=""
>>> attr=""
>>> xfs=""
>>>
>>> @@ -653,6 +654,10 @@ for opt do
>>> ;;
>>> --enable-kvm) kvm="yes"
>>> ;;
>>> + --disable-cap) cap="no"
>>> + ;;
>>> + --enable-cap) cap="yes"
>>> + ;;
>>> --disable-spice) spice="no"
>>> ;;
>>> --enable-spice) spice="yes"
>>> @@ -1032,6 +1037,8 @@ echo " --disable-vde disable support
>>> for vde network"
>>> echo " --enable-vde enable support for vde network"
>>> echo " --disable-linux-aio disable Linux AIO support"
>>> echo " --enable-linux-aio enable Linux AIO support"
>>> +echo " --disable-cap disable libcap-ng support"
>>> +echo " --enable-cap enable libcap-ng support"
>>> echo " --disable-attr disables attr and xattr support"
>>> echo " --enable-attr enable attr and xattr support"
>>> echo " --disable-blobs disable installing provided firmware
>>> blobs"
>>> @@ -1638,6 +1645,29 @@ EOF
>>> fi
>>>
>>> ##
>>> +# libcap-ng library probe
>>> +if test "$cap" != "no" ; then
>>> + cap_libs="-lcap-ng"
>>> + cat> $TMPC<< EOF
>>> +#include
>>> +int main(void)
>>> +{
>>> + capng_capability_to_name(CAPNG_EFFECTIVE);
>>> + return 0;
>>> +}
>>> +EOF
>>> + if compile_prog "" "$cap_libs" ; then
>>> + cap=yes
>>> + libs_tools="$cap_libs $libs_tools"
>>> + else
>>> + if test "$cap" = "yes" ; then
>>> + feature_not_found "cap"
>>> + fi
>>> + cap=no
>>> + fi
>>> +fi
>>> +
>>> +##
>>> # Sound support libraries probe
>>>
>>> audio_drv_probe()
>>> @@ -2735,6 +2765,7 @@ echo "fdatasync $fdatasync"
>>> echo "madvise $madvise"
>>> echo "posix_madvise $posix_madvise"
>>> echo "uuid support $uuid"
>>> +echo "libcap-ng support $cap"
>>> echo "vhost-net support $vhost_net"
>>> echo "Trace backend $trace_backend"
>>> echo "Trace output file $trace_file-"
>>> @@ -2846,6 +2877,9 @@ fi
>>> if test "$vde" = "yes" ; then
>>> echo "CONFIG_VDE=y">> $config_host_mak
>>> fi
>>> +if test "$cap" = "yes" ; then
>>> + echo "CONFIG_LIBCAP=y">> $config_host_mak
>>> +fi
>>> for card in $audio_card_list; do
>>> def=CONFIG_`echo $card | tr '[:lower:]' '[:upper:]'`
>>> echo "$def=y">> $config_host_mak
>>> diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
>>> index db257d5..b1562eb 100644
>>> --- a/qemu-bridge-helper.c
>>> +++ b/qemu-bridge-helper.c
>>> @@ -33,6 +33,10 @@
>>>
>>> #include "net/tap-linux.h"
>>>
>>> +#ifdef CONFIG_LIBCAP
>>> +#include
>>> +#endif
>>> +
>>> #define MAX_ACLS (128)
>>> #define DEFAULT_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf"
>>>
>>> @@ -185,6 +189,27 @@ static int send_fd(int c, int fd)
>>> return sendmsg(c,&msg, 0);
>>> }
>>>
>>> +#ifdef CONFIG_LIBCAP
>>> +static int drop_privileges(void)
>>> +{
>>> + /* clear all capabilities */
>>> + capng_clear(CAPNG_SELECT_BOTH);
>>> +
>>> + if (capng_update(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED,
>>> + CAP_NET_ADMIN)< 0) {
>>> + return -1;
>>> + }
>>> +
>>> + /* change to calling user's real uid and gid, retaining supplemental
>>> + * groups and CAP_NET_ADMIN */
>>> + if (capng_change_id(getuid(), getgid(), CAPNG_CLEAR_BOUNDING)) {
>>> + return -1;
>>> + }
>>> +
>>> + return 0;
>>> +}
>>> +#endif
>>> +
>>> int main(int argc, char **argv)
>>> {
>>> struct ifreq ifr;
>>> @@ -198,6 +223,20 @@ int main(int argc, char **argv)
>>> int acl_count = 0;
>>> int i, access_allowed, access_denied;
>>>
>>> + /* if we're run from an suid binary, immediately drop privileges
>>> preserving
>>> + * cap_net_admin -- exit immediately if libcap not configure
Re: [Qemu-devel] [PATCH v2 2/4] Add access control support to qemu bridge helper
On Mon, Oct 24, 2011 at 13:44, Corey Bryant wrote:
>
>
> On 10/23/2011 09:10 AM, Blue Swirl wrote:
>>
>> On Fri, Oct 21, 2011 at 15:07, Corey Bryant
>> wrote:
>>>
>>> > We go to great lengths to restrict ourselves to just cap_net_admin as
>>> > an OS
>>> > enforced security mechanism. However, we further restrict what we
>>> > allow users
>>> > to do to simply adding a tap device to a bridge interface by virtue of
>>> > the fact
>>> > that this is the only functionality we expose.
>>> >
>>> > This is not good enough though. An administrator is likely to want to
>>> > restrict
>>> > the bridges that an unprivileged user can access, in particular, to
>>> > restrict
>>> > an unprivileged user from putting a guest on what should be isolated
>>> > networks.
>>> >
>>> > This patch implements an ACL mechanism that is enforced by
>>> > qemu-bridge-helper.
>>> > The ACLs are fairly simple whitelist/blacklist mechanisms with a
>>> > wildcard of
>>> > 'all'. All users are blacklisted by default, and deny takes
>>> > precedence over
>>> > allow.
>>> >
>>> > An interesting feature of this ACL mechanism is that you can include
>>> > external
>>> > ACL files. The main reason to support this is so that you can set
>>> > different
>>> > file system permissions on those external ACL files. This allows an
>>> > administrator to implement rather sophisicated ACL policies based on
>>> > user/group
>>
>> sophisticated
>>
>
> Yep, thanks.
>
>>> > policies via the file system.
>>> >
>>> > As an example:
>>> >
>>> > /etc/qemu/bridge.conf root:qemu 0640
>>> >
>>> > allow br0
>>> > include /etc/qemu/alice.conf
>>> > include /etc/qemu/bob.conf
>>> > include /etc/qemu/charlie.conf
>>> >
>>> > /etc/qemu/alice.conf root:alice 0640
>>> > allow br1
>>> >
>>> > /etc/qemu/bob.conf root:bob 0640
>>> > allow br2
>>> >
>>> > /etc/qemu/charlie.conf root:charlie 0640
>>> > deny all
>>
>> I think syntax 'include/etc/qemu/user.d/*.conf' or 'includedir
>> /etc/qemu/user.d' could be also useful.
>>
>
> That could be useful, though I'm not sure it's necessary right now.
It can be added later.
>>> > This ACL pattern allows any user in the qemu group to get a tap device
>>> > connected to br0 (which is bridged to the physical network).
>>> >
>>> > Users in the alice group can additionally get a tap device connected
>>> > to br1.
>>> > This allows br1 to act as a private bridge for the alice group.
>>> >
>>> > Users in the bob group can additionally get a tap device connected to
>>> > br2.
>>> > This allows br2 to act as a private bridge for the bob group.
>>> >
>>> > Users in the charlie group cannot get a tap device connected to any
>>> > bridge.
>>> >
>>> > Under no circumstance can the bob group get access to br1 or can the
>>> > alice
>>> > group get access to br2. And under no cicumstance can the charlie
>>> > group
>>> > get access to any bridge.
>>> >
>>> > Signed-off-by: Anthony Liguori
>>> > Signed-off-by: Richa Marwaha
>>> > Signed-off-by: Corey Bryant
>>> > ---
>>> > qemu-bridge-helper.c | 141
>>> > ++
>>> > 1 files changed, 141 insertions(+), 0 deletions(-)
>>> >
>>> > diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
>>> > index 2ce82fb..db257d5 100644
>>> > --- a/qemu-bridge-helper.c
>>> > +++ b/qemu-bridge-helper.c
>>> > @@ -33,6 +33,105 @@
>>> >
>>> > #include "net/tap-linux.h"
>>> >
>>> > +#define MAX_ACLS (128)
>>
>> If all users (or groups) in the system have an ACL, this number could
>> be way too low. Please use a list instead.
>>
>
> I agree, we shouldn't be hard-coding the limit here. I'll update this.
>
>>> > +#define DEFAULT_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf"
>>> > +
>>> > +enum {
>>> > + ACL_ALLOW = 0,
>>> > + ACL_ALLOW_ALL,
>>> > + ACL_DENY,
>>> > + ACL_DENY_ALL,
>>> > +};
>>> > +
>>> > +typedef struct ACLRule {
>>> > + int type;
>>> > + char iface[IFNAMSIZ];
>>> > +} ACLRule;
>>> > +
>>> > +static int parse_acl_file(const char *filename, ACLRule *acls, int
>>> > *pacl_count)
>>> > +{
>>> > + int acl_count = *pacl_count;
>>> > + FILE *f;
>>> > + char line[4096];
>>> > +
>>> > + f = fopen(filename, "r");
>>> > + if (f == NULL) {
>>> > + return -1;
>>> > + }
>>> > +
>>> > + while (acl_count != MAX_ACLS&&
>>> > + fgets(line, sizeof(line), f) != NULL) {
>>> > + char *ptr = line;
>>> > + char *cmd, *arg, *argend;
>>> > +
>>> > + while (isspace(*ptr)) {
>>> > + ptr++;
>>> > + }
>>> > +
>>> > + /* skip comments and empty lines */
>>> > + if (*ptr == '#' || *ptr == 0) {
>>> > + continue;
>>> > + }
>>> > +
>>> > + cmd = ptr;
>>> > + arg = strchr(cmd, ' ');
>>> > + if (arg == NULL) {
>>> > + arg = strchr(cmd, '\t');
>>> > + }
>>> > +
>>> > + if (arg == NULL) {
>>> > +
Re: [Qemu-devel] [PULL 00/19] Block patches
On 10/21/2011 12:18 PM, Kevin Wolf wrote: The following changes since commit c2e2343e1faae7bbc77574c12a25881b1b696808: hw/arm_gic.c: Fix save/load of irq_target array (2011-10-21 17:19:56 +0200) are available in the git repository at: git://repo.or.cz/qemu/kevin.git for-anthony Pulled. Thanks. Regards, Anthony Liguori Alex Jia (1): fix memory leak in aio_write_f Kevin Wolf (5): xen_disk: Always set feature-barrier = 1 fdc: Fix floppy port I/O qemu-img: Don't allow preallocation and compression at the same time qcow2: Fix bdrv_write_compressed error handling pc: Fix floppy drives with if=none Paolo Bonzini (12): sheepdog: add coroutine_fn markers add socket_set_block block: rename bdrv_co_rw_bh block: unify flush implementations block: add bdrv_co_discard and bdrv_aio_discard support vmdk: fix return values of vmdk_parent_open vmdk: clean up open block: add a CoMutex to synchronous read drivers block: take lock around bdrv_read implementations block: take lock around bdrv_write implementations block: change flush to co_flush block: change discard to co_discard Stefan Hajnoczi (1): block: drop redundant bdrv_flush implementation block.c | 258 ++--- block.h |5 + block/blkdebug.c |6 - block/blkverify.c |9 -- block/bochs.c | 15 +++- block/cloop.c | 15 +++- block/cow.c | 34 ++- block/dmg.c | 15 +++- block/nbd.c | 28 +- block/parallels.c | 15 +++- block/qcow.c | 17 +--- block/qcow2-cluster.c |6 +- block/qcow2.c | 72 ++ block/qed.c |6 - block/raw-posix.c | 23 + block/raw-win32.c |4 +- block/raw.c | 23 ++--- block/rbd.c |4 +- block/sheepdog.c | 14 ++-- block/vdi.c |6 +- block/vmdk.c | 82 ++-- block/vpc.c | 34 ++- block/vvfat.c | 28 +- block_int.h |9 +- hw/fdc.c | 14 +++ hw/fdc.h |9 ++- hw/pc.c | 25 +++-- hw/pc.h |3 +- hw/pc_piix.c |5 +- hw/xen_disk.c |5 +- oslib-posix.c |7 ++ oslib-win32.c |6 + qemu-img.c| 11 ++ qemu-io.c |1 + qemu_socket.h |1 + trace-events |1 + 36 files changed, 524 insertions(+), 292 deletions(-)
Re: [Qemu-devel] [PULL v3 00/13] allow tools to use the QEMU main loop
On 10/21/2011 11:26 AM, Paolo Bonzini wrote: The following changes since commit c76eaf13975130768070ecd2d4f3107eb69ab757: hw/9pfs: Fix broken compilation caused by wrong trace events (2011-10-20 15:30:59 -0500) are available in the git repository at: git://github.com/bonzini/qemu.git split-main-loop-for-anthony Pulled. Thanks. Regards, Anthony Liguori This patch series makes the QEMU main loop usable out of the executable, and especially in tools and possibly unit tests. This is cleaner because it avoids introducing partial transitions to GIOChannel. Interfacing with the glib main loop is still possible. The main loop code is currently split in cpus.c and vl.c. Moving it to a new file is easy; the problem is that the main loop depends on the timer infrastructure in qemu-timer.c, and that file currently contains the implementation of icount and the vm_clock. This is bad for the perspective of linking qemu-timer.c into the tools. Luckily, it is relatively easy to untie them and move them out of the way. This is what the largest part of the series does (patches 1-9). Patches 10-13 complete the refactoring and cleanup some surrounding code. v2->v3 Rebased, added documentation v1->v2 Rebased Paolo Bonzini (13): remove unused function qemu-timer: remove active_timers array qemu-timer: move common code to qemu_rearm_alarm_timer qemu-timer: more clock functions qemu-timer: move icount to cpus.c qemu-timer: do not refer to runstate_is_running() qemu-timer: use atexit for quit_timers qemu-timer: move more stuff out of qemu-timer.c qemu-timer: do not use RunState change handlers main-loop: create main-loop.h main-loop: create main-loop.c Revert to a hand-made select loop simplify main loop functions Makefile.objs |2 +- async.c |1 + cpus.c| 497 - cpus.h|3 +- exec-all.h| 14 ++ exec.c|3 - hw/mac_dbdma.c|5 - hw/mac_dbdma.h|1 - iohandler.c | 55 +-- main-loop.c | 495 main-loop.h | 351 ++ os-win32.c| 123 qemu-char.h | 12 +- qemu-common.h | 37 + qemu-coroutine-lock.c |1 + qemu-os-posix.h |4 - qemu-os-win32.h | 17 +-- qemu-timer.c | 489 +--- qemu-timer.h | 31 +--- savevm.c | 25 +++ slirp/libslirp.h | 11 - sysemu.h |3 +- vl.c | 189 --- 23 files changed, 1309 insertions(+), 1060 deletions(-) create mode 100644 main-loop.c create mode 100644 main-loop.h
Re: [Qemu-devel] gcc auto-omit-frame-pointer vs msvc longjmp
2011/10/24 Bob Breuer : > Kai Tietz wrote: >> Hi, >> >> For trunk-version I have a tentative patch for this issue. On 4.6.x >> and older branches this doesn't work, as here we can't differenciate >> that easy between ms- and sysv-abi. >> >> But could somebody give this patch a try? >> >> Regards, >> Kai >> >> ChangeLog >> >> * config/i386/i386.c (ix86_frame_pointer_required): Enforce use of >> frame-pointer for 32-bit ms-abi, if setjmp is used. >> >> Index: i386.c >> === >> --- i386.c (revision 180099) >> +++ i386.c (working copy) >> @@ -8391,6 +8391,10 @@ >> if (SUBTARGET_FRAME_POINTER_REQUIRED) >> return true; >> >> + /* For older 32-bit runtimes setjmp requires valid frame-pointer. */ >> + if (TARGET_32BIT_MS_ABI && cfun->calls_setjmp) >> + return true; >> + >> /* In ix86_option_override_internal, TARGET_OMIT_LEAF_FRAME_POINTER >> turns off the frame pointer by default. Turn it back on now if >> we've not got a leaf function. */ >> > > For a gcc 4.7 snapshot, this does fix the longjmp problem that I > encountered. So aside from specifying -fno-omit-frame-pointer for > affected files, what can be done for 4.6? > > Bob Well, for 4.6.x (or older) we just can use the mingw32.h header in gcc/config/i386/ and define here a subtarget-macro to indicate that. The only incompatible point here might be for Wine using the linux-compiler to build Windows related code. A possible patch for 4.6 gcc versions I attached to this mail. Regards, Kai Index: mingw32.h === --- mingw32.h (revision 180393) +++ mingw32.h (working copy) @@ -239,3 +239,8 @@ /* We should find a way to not have to update this manually. */ #define LIBGCJ_SONAME "libgcj" /*LIBGCC_EH_EXTN*/ "-12.dll" +/* For 32-bit Windows we need valid frame-pointer for function using + setjmp. */ +#define SUBTARGET_SETJMP_NEED_FRAME_POINTER \ + (!TARGET_64BIT && cfun->calls_setjmp) + Index: i386.c === --- i386.c (revision 180393) +++ i386.c (working copy) @@ -8741,6 +8741,12 @@ if (SUBTARGET_FRAME_POINTER_REQUIRED) return true; +#ifdef SUBTARGET_SETJMP_NEED_FRAME_POINTER + /* For older 32-bit runtimes setjmp requires valid frame-pointer. */ + if (SUBTARGET_SETJMP_NEED_FRAME_POINTER) +return true; +#endif + /* In ix86_option_override_internal, TARGET_OMIT_LEAF_FRAME_POINTER turns off the frame pointer by default. Turn it back on now if we've not got a leaf function. */
Re: [Qemu-devel] [Question] dump memory when host pci device is used by guest
- Original Message - > > > No, an ELF image of the guest's physical memory. > > > > Well then that should be pretty straight forward to support. Depending upon > > how similar it would be to the "standard" kdump ELF format, the only other > > issue is how to determine the physical base address at which the kernel is > > loaded, in order to be able to translate the mapped kernel-text/static-data > > virtual region of the x86_64 arch (the __START_KERNEL_map region). > > > > I guess an elf note would work for that? Right -- here is an example of a RHEL6 ELF kdump header: $ readelf -a vmcore ELF Header: Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 Class: ELF64 Data: 2's complement, little endian Version: 1 (current) OS/ABI:UNIX - System V ABI Version: 0 Type: CORE (Core file) Machine: Advanced Micro Devices X86-64 Version: 0x1 Entry point address: 0x0 Start of program headers: 64 (bytes into file) Start of section headers: 0 (bytes into file) Flags: 0x0 Size of this header: 64 (bytes) Size of program headers: 56 (bytes) Number of program headers: 6 Size of section headers: 0 (bytes) Number of section headers: 0 Section header string table index: 0 There are no sections in this file. There are no sections in this file. Program Headers: Type Offset VirtAddr PhysAddr FileSizMemSiz Flags Align NOTE 0x0190 0x 0x 0x083c 0x083c 0 LOAD 0x09cc 0x8100 0x0100 0x00ba3000 0x00ba3000 RWE0 LOAD 0x00ba39cc 0x8100 0x 0x000a 0x000a RWE0 LOAD 0x00c439cc 0x8110 0x0010 0x01f0 0x01f0 RWE0 LOAD 0x02b439cc 0x81000a00 0x0a00 0xc5fc2840 0xc5fc2840 RWE0 LOAD 0xc8b0620c 0x8101 0x0001 0x3000 0x3000 RWE0 There is no dynamic section in this file. There are no relocations in this file. There are no unwind sections in this file. No version information found in this file. Notes at offset 0x0190 with length 0x083c: Owner Data size Description CORE 0x0150 NT_PRSTATUS (prstatus structure) CORE 0x0150 NT_PRSTATUS (prstatus structure) VMCOREINFO0x055b Unknown note type: (0x) $ In this example, the phys_base (of zero) can be determined by looking at the first PT_LOAD segment, and comparing the PhysAddr and the VirtAddr values -- given that __START_KERNEL_map region is based at 8. The remaining physical memory chunks are described by the subsequent unity-mapped segments. The NT_PRSTATUS notes are register dumps of each cpu, where this vmcore was from a 2-cpu system. But the crash utility is capable of surviving without them. It can also get by without the VMCOREINFO note, which is primarily there for use by the "makedumpfile" utility, which is used to compress ELF kdumps and filter out unwanted pages, and then make a different dumpfile format entirely. This may be another stupid question -- but does the guest failure mode render it incapable of using kdump? Dave
Re: [Qemu-devel] [PATCH 1/5] monitor: screen_dump async
On Mon, 24 Oct 2011 17:13:14 +0200 Gerd Hoffmann wrote: > On 10/24/11 14:02, Alon Levy wrote: > > Make screen_dump monitor command an async command to allow next for qxl > > to implement it as a initiating call to red_worker and completion on > > callback, to fix a deadlock when issueing a screendump command via > > libvirt while connected with a libvirt controlled spice-gtk client. > > Approach looks reasonable to me. Patch breaks the build though, you've > missed a bunch of screen_dump functions in non-x86 targets. There are two problems actually. The first one is that changing an existing command from synchronous to asynchronous is an incompatible change because asynchronous commands semantics is different. For an example of possible problems please check: https://bugzilla.redhat.com/show_bug.cgi?id=623903. The second problem is that the existing asynchronous interface in the monitor is incomplete and has never been used for real. Our plan is to use QAPI's async support, but that has not landed in master yet and iirc there wasn't consensus about it. I also think it's a bit late for its inclusion in 1.0 (and certainly not a candidate for stable). If all you need here is to delay sending the response, then maybe the current interface could work (although I honestly don't trust it and regret not having dropped it). Otherwise our only choice would be to work on getting the QAPI async support merged.
Re: [Qemu-devel] [PATCH 29/35] scsi-disk: remove cluster_size
On 10/24/2011 05:10 PM, Kevin Wolf wrote:
> -bdrv_get_geometry(s->qdev.conf.bs,&nb_sectors);
> -nb_sectors /= s->cluster_size;
> -if (nb_sectors) {
> -nb_sectors--;
> +if (s->qdev.blocksize) {
When would it be 0? And wouldn't we crash with a zero blocksize anyway?
blocksize can be zero when passing through a removable medium and no
medium has ever been inserted in the disk since the guest was started.
In practice it won't crash because the guest will always send READ
CAPACITY first, will see a unit attention condition, and will not
attempt a read.
A more complete solution involves asking raw-posix for the logical block
size (right now logical_block_size acts as both the emulated and host
block size). This would also be useful to make cache=none work with
4k-sector disks without manually specifying logical_block_size.
However, it's not 1.0 material.
Paolo
Re: [Qemu-devel] [PATCH 35/35] scsi-disk: add scsi-block for device passthrough
Am 24.10.2011 17:28, schrieb Paolo Bonzini: > On 10/24/2011 05:28 PM, Kevin Wolf wrote: >>> scsi-block is a new device that supports device passthrough of Linux block devices (i.e. /dev/sda, not /dev/sg0). It uses SG_IO for commands other than I/O commands, and regular AIO read/writes for I/O commands. Besides being simpler to configure (no mapping required to scsi-generic device names), this removes the need for a large bounce buffer and, in the future, will get scatter/gather support for free from scsi-disk. Signed-off-by: Paolo Bonzini >> >> This doesn't seem to use much of scsi-disk, so what about exporting >> &scsi_disk_reqops and adding a separate file scsi-block.c? Would make >> things a bit more symmetrical between scsi-disk and scsi-generic. >> >> Or will future patches add code that depends on internal interfaces of >> scsi-disk? > > It already uses some internal interfaces: scsi_initfn, scsi_disk_reset, > scsi_destroy, sizeof(SCSIDiskState). Right... I don't like it much in scsi-disk.c, but what can you do. Exporting everything wouldn't be nicer. Kevin
Re: [Qemu-devel] KVM call agenda for October 25
On Mon, 24 Oct 2011 13:02:05 +0100 Peter Maydell wrote: > On 24 October 2011 12:35, Paolo Bonzini wrote: > > On 10/24/2011 01:04 PM, Juan Quintela wrote: > >> Please send in any agenda items you are interested in covering. > > > > - What's left to merge for 1.0. > > Things on my list, FWIW: > * current target-arm pullreq > * PL041 support (needs another patch round to fix a minor bug >Andrzej spotted) > * cpu_single_env must be thread-local I submitted today the second round of QAPI conversions, which converts all existing QMP query commands to the QAPI (plus some fixes). I expect that to make 1.0.
Re: [Qemu-devel] [Question] dump memory when host pci device is used by guest
On 10/24/2011 05:25 PM, Dave Anderson wrote: > > - Original Message - > > On 10/24/2011 04:25 PM, Dave Anderson wrote: > > > > The question is that: 'virsh dump' can not be used when host pci device > > > > is used by guest. We are discussing how to fix the problem. We have > > > > determined > > > > that introduce a new monitor command dump. Jan suggested that the core > > > > file's > > > > format is gdb standard core format. Does crash support such format? If > > > > no, > > > > is it possible to support such format? > > > > > > If you are talking about an ELF core dump of the user-space qemu-kvm > > > process > > > running on the host, then it's certainly not supported. > > > > No, an ELF image of the guest's physical memory. > > Well then that should be pretty straight forward to support. Depending upon > how similar it would be to the "standard" kdump ELF format, the only other > issue is how to determine the physical base address at which the kernel is > loaded, in order to be able to translate the mapped kernel-text/static-data > virtual region of the x86_64 arch (the __START_KERNEL_map region). > I guess an elf note would work for that? -- I have a truly marvellous patch that fixes the bug which this signature is too narrow to contain.
