Re: [Qemu-devel] VFIO use of HOST_PAGE_ALIGN
On 06/04/2015 03:53 AM, Peter Crosthwaite wrote: On Wed, Jun 3, 2015 at 4:16 AM, Alexey Kardashevskiy wrote: On 06/01/2015 04:27 AM, Peter Crosthwaite wrote: On Sun, May 31, 2015 at 6:34 AM, Alexey Kardashevskiy wrote: On 05/27/2015 01:22 AM, Alex Williamson wrote: [cc +alexey] On Mon, 2015-05-25 at 00:48 -0700, Peter Crosthwaite wrote: Hi Alex and all, I am working on a patch series to enable multiple CPU architectures to run at once. It's a long story, but I have hit a snag in hw/vfio/pci.c which AFAICS is the only in-tree system-mode use of HOST_PAGE_ALIGN (all usermode code is a non-issue as not looking to support user-mode multi-arch yet). The problem I face, is that this macro depends on translate-all.c's qemu_host_page_size which in turn, depends on TARGET_PAGE_SIZE. I'm hoping that one day, TARGET_PAGE_SIZE will be a variable and the users of it will know to get the correct value depending on their CPU specific code location. vfio is the only one I can't handle. My knowledge on vfio is near-0, but my thinking is, since this is not arch specific code can we instead use the raw host page alignment rather that the CPU arch specific one? What is "raw host page" here? I thought qemu_host_page_size is the one, where does it depend on TARGET_PAGE_SIZE? In translate-all.c: void page_size_init(void) { /* NOTE: we can always suppose that qemu_host_page_size >= TARGET_PAGE_SIZE */ qemu_real_host_page_size = getpagesize(); if (qemu_host_page_size == 0) { qemu_host_page_size = qemu_real_host_page_size; } if (qemu_host_page_size < TARGET_PAGE_SIZE) { qemu_host_page_size = TARGET_PAGE_SIZE; } qemu_host_page_mask = ~(qemu_host_page_size - 1); } It is clamped to be at least as big as a the TARGET_PAGE_SIZE. Ah, just this one. TARGET_PAGE_SIZE is 4K for PPC64 and the actual page size can be 4K and 64K so that branch never works for PPC64. I think we could replace our use of HOST_PAGE_ALIGN with something based only on the host's getpagesize(). I don't see that we really care about the target page size for this usage. Alexey, I think you're the only arch where host and target page sizes can actually be different, do you agree? Thanks, Strongly agree. Where it really matters (MSIX), it is already qemu_host_page_size and HOST_PAGE_ALIGN and I am a bit scared by that "raw host page alignment" :) So the change would be an alternate macro based on qemu_real_host_page_size which is what I am calling "raw host page alignment". Good, I like it. Cannot it be just a qemu_host_page_size? It is a bit confusing to have both qemu_host_page_size and qemu_real_host_page_size when even the first name suggests it is something non-static and sort of real :) Yes based on this, HOST_PAGE_ALIGN is badly named. It is really aligning to both host and target. Some rename options: QEMU_PAGE_ALIGN HOST_TARGET_PAGE_ALIGN QEMU_HOST_PAGE_ALIGN or just unqualified PAGE_ALIGN? Sorry, I have bad taste so I am not the one to ask :) I'd stick to HOST_PAGE_ALIGN. -- Alexey
[Qemu-devel] [PATCH v4 12/13] event-notifier: Always return 0 for posix implementation
qemu_set_fd_handler cannot fail, let's always return 0. Signed-off-by: Fam Zheng --- util/event_notifier-posix.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/util/event_notifier-posix.c b/util/event_notifier-posix.c index 8442c6e..ed4ca2b 100644 --- a/util/event_notifier-posix.c +++ b/util/event_notifier-posix.c @@ -85,7 +85,8 @@ int event_notifier_get_fd(EventNotifier *e) int event_notifier_set_handler(EventNotifier *e, EventNotifierHandler *handler) { -return qemu_set_fd_handler(e->rfd, (IOHandler *)handler, NULL, e); +qemu_set_fd_handler(e->rfd, (IOHandler *)handler, NULL, e); +return 0; } int event_notifier_set(EventNotifier *e) -- 2.4.2
[Qemu-devel] [PATCH v4 10/13] oss: Remove unused error handling of qemu_set_fd_handler
The function cannot fail, so the check is superfluous. Signed-off-by: Fam Zheng --- audio/ossaudio.c | 14 -- 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/audio/ossaudio.c b/audio/ossaudio.c index 4db2ca6..b9c6b30 100644 --- a/audio/ossaudio.c +++ b/audio/ossaudio.c @@ -138,18 +138,18 @@ static void oss_helper_poll_in (void *opaque) audio_run ("oss_poll_in"); } -static int oss_poll_out (HWVoiceOut *hw) +static void oss_poll_out (HWVoiceOut *hw) { OSSVoiceOut *oss = (OSSVoiceOut *) hw; -return qemu_set_fd_handler (oss->fd, NULL, oss_helper_poll_out, NULL); +qemu_set_fd_handler (oss->fd, NULL, oss_helper_poll_out, NULL); } -static int oss_poll_in (HWVoiceIn *hw) +static void oss_poll_in (HWVoiceIn *hw) { OSSVoiceIn *oss = (OSSVoiceIn *) hw; -return qemu_set_fd_handler (oss->fd, oss_helper_poll_in, NULL, NULL); +qemu_set_fd_handler (oss->fd, oss_helper_poll_in, NULL, NULL); } static int oss_write (SWVoiceOut *sw, void *buf, int len) @@ -634,7 +634,8 @@ static int oss_ctl_out (HWVoiceOut *hw, int cmd, ...) va_end (ap); ldebug ("enabling voice\n"); -if (poll_mode && oss_poll_out (hw)) { +if (poll_mode) { +oss_poll_out (hw); poll_mode = 0; } hw->poll_mode = poll_mode; @@ -828,7 +829,8 @@ static int oss_ctl_in (HWVoiceIn *hw, int cmd, ...) poll_mode = va_arg (ap, int); va_end (ap); -if (poll_mode && oss_poll_in (hw)) { +if (poll_mode) { +oss_poll_in (hw); poll_mode = 0; } hw->poll_mode = poll_mode; -- 2.4.2
[Qemu-devel] [PATCH v4 13/13] iohandler: Change return type of qemu_set_fd_handler to "void"
Signed-off-by: Fam Zheng --- include/qemu/main-loop.h | 8 iohandler.c | 9 - stubs/set-fd-handler.c | 8 3 files changed, 12 insertions(+), 13 deletions(-) diff --git a/include/qemu/main-loop.h b/include/qemu/main-loop.h index 7da1d63..0f4a0fd 100644 --- a/include/qemu/main-loop.h +++ b/include/qemu/main-loop.h @@ -198,10 +198,10 @@ typedef int IOCanReadHandler(void *opaque); * * @opaque: A pointer-sized value that is passed to @fd_read and @fd_write. */ -int qemu_set_fd_handler(int fd, -IOHandler *fd_read, -IOHandler *fd_write, -void *opaque); +void qemu_set_fd_handler(int fd, + IOHandler *fd_read, + IOHandler *fd_write, + void *opaque); #ifdef CONFIG_POSIX /** diff --git a/iohandler.c b/iohandler.c index d361cf2..826f713 100644 --- a/iohandler.c +++ b/iohandler.c @@ -45,10 +45,10 @@ typedef struct IOHandlerRecord { static QLIST_HEAD(, IOHandlerRecord) io_handlers = QLIST_HEAD_INITIALIZER(io_handlers); -int qemu_set_fd_handler(int fd, -IOHandler *fd_read, -IOHandler *fd_write, -void *opaque) +void qemu_set_fd_handler(int fd, + IOHandler *fd_read, + IOHandler *fd_write, + void *opaque) { IOHandlerRecord *ioh; @@ -77,7 +77,6 @@ int qemu_set_fd_handler(int fd, ioh->deleted = 0; qemu_notify_event(); } -return 0; } void qemu_iohandler_fill(GArray *pollfds) diff --git a/stubs/set-fd-handler.c b/stubs/set-fd-handler.c index a895e62..a8481bc 100644 --- a/stubs/set-fd-handler.c +++ b/stubs/set-fd-handler.c @@ -1,10 +1,10 @@ #include "qemu-common.h" #include "qemu/main-loop.h" -int qemu_set_fd_handler(int fd, -IOHandler *fd_read, -IOHandler *fd_write, -void *opaque) +void qemu_set_fd_handler(int fd, + IOHandler *fd_read, + IOHandler *fd_write, + void *opaque) { abort(); } -- 2.4.2
[Qemu-devel] [PATCH v4 06/13] tap: Drop tap_can_send
This callback is called by main loop before polling s->fd, if it returns false, the fd will not be polled in this iteration. This is redundant with checks inside read callback. After this patch, the data will be sent to peer when it arrives. If the device can't receive, it will be queued to incoming_queue, and when the device status changes, this queue will be flushed. Signed-off-by: Fam Zheng --- net/tap.c | 13 ++--- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/net/tap.c b/net/tap.c index d1ca314..0d184cf 100644 --- a/net/tap.c +++ b/net/tap.c @@ -62,14 +62,12 @@ typedef struct TAPState { static void launch_script(const char *setup_script, const char *ifname, int fd, Error **errp); -static int tap_can_send(void *opaque); static void tap_send(void *opaque); static void tap_writable(void *opaque); static void tap_update_fd_handler(TAPState *s) { -qemu_set_fd_handler2(s->fd, - s->read_poll && s->enabled ? tap_can_send : NULL, +qemu_set_fd_handler2(s->fd, NULL, s->read_poll && s->enabled ? tap_send : NULL, s->write_poll && s->enabled ? tap_writable : NULL, s); @@ -166,13 +164,6 @@ static ssize_t tap_receive(NetClientState *nc, const uint8_t *buf, size_t size) return tap_write_packet(s, iov, 1); } -static int tap_can_send(void *opaque) -{ -TAPState *s = opaque; - -return qemu_can_send_packet(&s->nc); -} - #ifndef __sun__ ssize_t tap_read_packet(int tapfd, uint8_t *buf, int maxlen) { @@ -192,7 +183,7 @@ static void tap_send(void *opaque) int size; int packets = 0; -while (qemu_can_send_packet(&s->nc)) { +while (true) { uint8_t *buf = s->buf; size = tap_read_packet(s->fd, s->buf, sizeof(s->buf)); -- 2.4.2
[Qemu-devel] [PATCH v4 09/13] alsaaudio: Remove unused error handling of qemu_set_fd_handler
The function cannot fail, so the check is superfluous. Signed-off-by: Fam Zheng --- audio/alsaaudio.c | 16 ++-- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/audio/alsaaudio.c b/audio/alsaaudio.c index 74ead97..ed7655d 100644 --- a/audio/alsaaudio.c +++ b/audio/alsaaudio.c @@ -266,31 +266,19 @@ static int alsa_poll_helper (snd_pcm_t *handle, struct pollhlp *hlp, int mask) for (i = 0; i < count; ++i) { if (pfds[i].events & POLLIN) { -err = qemu_set_fd_handler (pfds[i].fd, alsa_poll_handler, - NULL, hlp); +qemu_set_fd_handler (pfds[i].fd, alsa_poll_handler, NULL, hlp); } if (pfds[i].events & POLLOUT) { if (conf.verbose) { dolog ("POLLOUT %d %d\n", i, pfds[i].fd); } -err = qemu_set_fd_handler (pfds[i].fd, NULL, - alsa_poll_handler, hlp); +qemu_set_fd_handler (pfds[i].fd, NULL, alsa_poll_handler, hlp); } if (conf.verbose) { dolog ("Set handler events=%#x index=%d fd=%d err=%d\n", pfds[i].events, i, pfds[i].fd, err); } -if (err) { -dolog ("Failed to set handler events=%#x index=%d fd=%d err=%d\n", - pfds[i].events, i, pfds[i].fd, err); - -while (i--) { -qemu_set_fd_handler (pfds[i].fd, NULL, NULL, NULL); -} -g_free (pfds); -return -1; -} } hlp->pfds = pfds; hlp->count = count; -- 2.4.2
[Qemu-devel] [PATCH v4 08/13] main-loop: Drop qemu_set_fd_handler2
All users are converted to qemu_set_fd_handler now, drop qemu_set_fd_handler2 and IOHandlerRecord.fd_read_poll. Signed-off-by: Fam Zheng --- include/block/aio.h | 2 +- include/qemu/main-loop.h | 49 +--- iohandler.c | 26 + stubs/set-fd-handler.c | 9 - 4 files changed, 7 insertions(+), 79 deletions(-) diff --git a/include/block/aio.h b/include/block/aio.h index d2bb423..b46103e 100644 --- a/include/block/aio.h +++ b/include/block/aio.h @@ -241,7 +241,7 @@ bool aio_dispatch(AioContext *ctx); bool aio_poll(AioContext *ctx, bool blocking); /* Register a file descriptor and associated callbacks. Behaves very similarly - * to qemu_set_fd_handler2. Unlike qemu_set_fd_handler2, these callbacks will + * to qemu_set_fd_handler. Unlike qemu_set_fd_handler, these callbacks will * be invoked when using aio_poll(). * * Code that invokes AIO completion functions should rely on this function diff --git a/include/qemu/main-loop.h b/include/qemu/main-loop.h index 62c68c0..7da1d63 100644 --- a/include/qemu/main-loop.h +++ b/include/qemu/main-loop.h @@ -96,8 +96,7 @@ AioContext *qemu_get_aio_context(void); * that the main loop waits for. * * Calling qemu_notify_event is rarely necessary, because main loop - * services (bottom halves and timers) call it themselves. One notable - * exception occurs when using qemu_set_fd_handler2 (see below). + * services (bottom halves and timers) call it themselves. */ void qemu_notify_event(void); @@ -172,52 +171,6 @@ typedef void IOReadHandler(void *opaque, const uint8_t *buf, int size); typedef int IOCanReadHandler(void *opaque); /** - * qemu_set_fd_handler2: Register a file descriptor with the main loop - * - * This function tells the main loop to wake up whenever one of the - * following conditions is true: - * - * 1) if @fd_write is not %NULL, when the file descriptor is writable; - * - * 2) if @fd_read is not %NULL, when the file descriptor is readable. - * - * @fd_read_poll can be used to disable the @fd_read callback temporarily. - * This is useful to avoid calling qemu_set_fd_handler2 every time the - * client becomes interested in reading (or dually, stops being interested). - * A typical example is when @fd is a listening socket and you want to bound - * the number of active clients. Remember to call qemu_notify_event whenever - * the condition may change from %false to %true. - * - * The callbacks that are set up by qemu_set_fd_handler2 are level-triggered. - * If @fd_read does not read from @fd, or @fd_write does not write to @fd - * until its buffers are full, they will be called again on the next - * iteration. - * - * @fd: The file descriptor to be observed. Under Windows it must be - * a #SOCKET. - * - * @fd_read_poll: A function that returns 1 if the @fd_read callback - * should be fired. If the function returns 0, the main loop will not - * end its iteration even if @fd becomes readable. - * - * @fd_read: A level-triggered callback that is fired if @fd is readable - * at the beginning of a main loop iteration, or if it becomes readable - * during one. - * - * @fd_write: A level-triggered callback that is fired when @fd is writable - * at the beginning of a main loop iteration, or if it becomes writable - * during one. - * - * @opaque: A pointer-sized value that is passed to @fd_read_poll, - * @fd_read and @fd_write. - */ -int qemu_set_fd_handler2(int fd, - IOCanReadHandler *fd_read_poll, - IOHandler *fd_read, - IOHandler *fd_write, - void *opaque); - -/** * qemu_set_fd_handler: Register a file descriptor with the main loop * * This function tells the main loop to wake up whenever one of the diff --git a/iohandler.c b/iohandler.c index cca614f..d361cf2 100644 --- a/iohandler.c +++ b/iohandler.c @@ -33,7 +33,6 @@ #endif typedef struct IOHandlerRecord { -IOCanReadHandler *fd_read_poll; IOHandler *fd_read; IOHandler *fd_write; void *opaque; @@ -46,14 +45,10 @@ typedef struct IOHandlerRecord { static QLIST_HEAD(, IOHandlerRecord) io_handlers = QLIST_HEAD_INITIALIZER(io_handlers); - -/* XXX: fd_read_poll should be suppressed, but an API change is - necessary in the character devices to suppress fd_can_read(). */ -int qemu_set_fd_handler2(int fd, - IOCanReadHandler *fd_read_poll, - IOHandler *fd_read, - IOHandler *fd_write, - void *opaque) +int qemu_set_fd_handler(int fd, +IOHandler *fd_read, +IOHandler *fd_write, +void *opaque) { IOHandlerRecord *ioh; @@ -75,7 +70,6 @@ int qemu_set_fd_handler2(int fd, QLIST_INSERT_HEAD(&io_handlers, ioh, next); found: ioh->fd = fd; -ioh->fd_read_poll = fd_read_poll;
[Qemu-devel] [PATCH v4 04/13] netmap: Drop netmap_can_send
This callback is called by main loop before polling s->fd, if it returns false, the fd will not be polled in this iteration. This is redundant with checks inside read callback. After this patch, the data will be copied from s->fd to s->iov when it arrives. If the device can't receive, it will be queued to incoming_queue, and when the device status changes, this queue will be flushed. Also remove the qemu_can_send_packet() check in netmap_send. If it's true, we are good; if it's false, the qemu_sendv_packet_async would return 0 and read poll will be disabled until netmap_send_completed is called. Signed-off-by: Fam Zheng --- net/netmap.c | 14 ++ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/net/netmap.c b/net/netmap.c index 69300eb..19d0542 100644 --- a/net/netmap.c +++ b/net/netmap.c @@ -132,23 +132,13 @@ error: return -1; } -/* Tell the event-loop if the netmap backend can send packets - to the frontend. */ -static int netmap_can_send(void *opaque) -{ -NetmapState *s = opaque; - -return qemu_can_send_packet(&s->nc); -} - static void netmap_send(void *opaque); static void netmap_writable(void *opaque); /* Set the event-loop handlers for the netmap backend. */ static void netmap_update_fd_handler(NetmapState *s) { -qemu_set_fd_handler2(s->me.fd, - s->read_poll ? netmap_can_send : NULL, +qemu_set_fd_handler2(s->me.fd, NULL, s->read_poll ? netmap_send : NULL, s->write_poll ? netmap_writable : NULL, s); @@ -317,7 +307,7 @@ static void netmap_send(void *opaque) /* Keep sending while there are available packets into the netmap RX ring and the forwarding path towards the peer is open. */ -while (!nm_ring_empty(ring) && qemu_can_send_packet(&s->nc)) { +while (!nm_ring_empty(ring)) { uint32_t i; uint32_t idx; bool morefrag; -- 2.4.2
[Qemu-devel] [PATCH v4 05/13] net/socket: Drop net_socket_can_send
This callback is called by main loop before polling s->fd, if it returns false, the fd will not be polled in this iteration. This is redundant with checks inside read callback. After this patch, the data will be sent to peer when it arrives. If the device can't receive, it will be queued to incoming_queue, and when the device status changes, this queue will be flushed. If the peer is not ready, disable the read poll until send completes. Signed-off-by: Fam Zheng --- net/socket.c | 31 +++ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/net/socket.c b/net/socket.c index 5a19aa1..7055d1e 100644 --- a/net/socket.c +++ b/net/socket.c @@ -51,18 +51,9 @@ typedef struct NetSocketState { static void net_socket_accept(void *opaque); static void net_socket_writable(void *opaque); -/* Only read packets from socket when peer can receive them */ -static int net_socket_can_send(void *opaque) -{ -NetSocketState *s = opaque; - -return qemu_can_send_packet(&s->nc); -} - static void net_socket_update_fd_handler(NetSocketState *s) { -qemu_set_fd_handler2(s->fd, - s->read_poll ? net_socket_can_send : NULL, +qemu_set_fd_handler2(s->fd, NULL, s->read_poll ? s->send_fn : NULL, s->write_poll ? net_socket_writable : NULL, s); @@ -142,6 +133,15 @@ static ssize_t net_socket_receive_dgram(NetClientState *nc, const uint8_t *buf, return ret; } +static void net_socket_send_completed(NetClientState *nc, ssize_t len) +{ +NetSocketState *s = DO_UPCAST(NetSocketState, nc, nc); + +if (!s->read_poll) { +net_socket_read_poll(s, true); +} +} + static void net_socket_send(void *opaque) { NetSocketState *s = opaque; @@ -211,9 +211,13 @@ static void net_socket_send(void *opaque) buf += l; size -= l; if (s->index >= s->packet_len) { -qemu_send_packet(&s->nc, s->buf, s->packet_len); s->index = 0; s->state = 0; +if (qemu_send_packet_async(&s->nc, s->buf, size, + net_socket_send_completed) == 0) { +net_socket_read_poll(s, false); +break; +} } break; } @@ -234,7 +238,10 @@ static void net_socket_send_dgram(void *opaque) net_socket_write_poll(s, false); return; } -qemu_send_packet(&s->nc, s->buf, size); +if (qemu_send_packet_async(&s->nc, s->buf, size, + net_socket_send_completed) == 0) { +net_socket_read_poll(s, false); +} } static int net_socket_mcast_create(struct sockaddr_in *mcastaddr, struct in_addr *localaddr) -- 2.4.2
[Qemu-devel] [PATCH v4 11/13] xen_backend: Remove unused error handling of qemu_set_fd_handler
The function cannot fail, so the check is superfluous. Signed-off-by: Fam Zheng --- hw/xen/xen_backend.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/hw/xen/xen_backend.c b/hw/xen/xen_backend.c index b2cb22b..2510e2e 100644 --- a/hw/xen/xen_backend.c +++ b/hw/xen/xen_backend.c @@ -714,9 +714,7 @@ int xen_be_init(void) return -1; } -if (qemu_set_fd_handler(xs_fileno(xenstore), xenstore_update, NULL, NULL) < 0) { -goto err; -} +qemu_set_fd_handler(xs_fileno(xenstore), xenstore_update, NULL, NULL); if (xen_xc == XC_HANDLER_INITIAL_VALUE) { /* Check if xen_init() have been called */ -- 2.4.2
[Qemu-devel] [PATCH v4 03/13] l2tpv3: Drop l2tpv3_can_send
This callback is called by main loop before polling s->fd, if it returns false, the fd will not be polled in this iteration. This is redundant with checks inside read callback. After this patch, the data will be copied from s->fd to s->msgvec when it arrives. If the device can't receive, it will be queued to incoming_queue, and when the device status changes, this queue will be flushed. Signed-off-by: Fam Zheng --- net/l2tpv3.c | 11 +-- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/net/l2tpv3.c b/net/l2tpv3.c index ed395dc..99d80b6 100644 --- a/net/l2tpv3.c +++ b/net/l2tpv3.c @@ -133,14 +133,12 @@ typedef struct NetL2TPV3State { } NetL2TPV3State; -static int l2tpv3_can_send(void *opaque); static void net_l2tpv3_send(void *opaque); static void l2tpv3_writable(void *opaque); static void l2tpv3_update_fd_handler(NetL2TPV3State *s) { -qemu_set_fd_handler2(s->fd, - s->read_poll ? l2tpv3_can_send : NULL, +qemu_set_fd_handler2(s->fd, NULL, s->read_poll ? net_l2tpv3_send : NULL, s->write_poll ? l2tpv3_writable : NULL, s); @@ -169,13 +167,6 @@ static void l2tpv3_writable(void *opaque) qemu_flush_queued_packets(&s->nc); } -static int l2tpv3_can_send(void *opaque) -{ -NetL2TPV3State *s = opaque; - -return qemu_can_send_packet(&s->nc); -} - static void l2tpv3_send_completed(NetClientState *nc, ssize_t len) { NetL2TPV3State *s = DO_UPCAST(NetL2TPV3State, nc, nc); -- 2.4.2
[Qemu-devel] [PATCH v4 02/13] qemu-nbd: Switch to qemu_set_fd_handler
Achieved by: - Remembering the server fd with a global variable, in order to access it from nbd_client_closed. - Checking nbd_can_accept() and updating server_fd handler whenever client connects or disconnects. Signed-off-by: Fam Zheng Reviewed-by: Paolo Bonzini --- qemu-nbd.c | 21 + 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/qemu-nbd.c b/qemu-nbd.c index 7e690ff..5af6d11 100644 --- a/qemu-nbd.c +++ b/qemu-nbd.c @@ -53,6 +53,7 @@ static int persistent = 0; static enum { RUNNING, TERMINATE, TERMINATING, TERMINATED } state; static int shared = 1; static int nb_fds; +static int server_fd; static void usage(const char *name) { @@ -340,7 +341,7 @@ out: return (void *) EXIT_FAILURE; } -static int nbd_can_accept(void *opaque) +static int nbd_can_accept(void) { return nb_fds < shared; } @@ -351,19 +352,21 @@ static void nbd_export_closed(NBDExport *exp) state = TERMINATED; } +static void nbd_update_server_fd_handler(int fd); + static void nbd_client_closed(NBDClient *client) { nb_fds--; if (nb_fds == 0 && !persistent && state == RUNNING) { state = TERMINATE; } +nbd_update_server_fd_handler(server_fd); qemu_notify_event(); nbd_client_put(client); } static void nbd_accept(void *opaque) { -int server_fd = (uintptr_t) opaque; struct sockaddr_in addr; socklen_t addr_len = sizeof(addr); @@ -380,12 +383,22 @@ static void nbd_accept(void *opaque) if (nbd_client_new(exp, fd, nbd_client_closed)) { nb_fds++; +nbd_update_server_fd_handler(server_fd); } else { shutdown(fd, 2); close(fd); } } +static void nbd_update_server_fd_handler(int fd) +{ +if (nbd_can_accept()) { +qemu_set_fd_handler(fd, nbd_accept, NULL, (void *)(uintptr_t)fd); +} else { +qemu_set_fd_handler(fd, NULL, NULL, NULL); +} +} + int main(int argc, char **argv) { BlockBackend *blk; @@ -761,8 +774,8 @@ int main(int argc, char **argv) memset(&client_thread, 0, sizeof(client_thread)); } -qemu_set_fd_handler2(fd, nbd_can_accept, nbd_accept, NULL, - (void *)(uintptr_t)fd); +server_fd = fd; +nbd_update_server_fd_handler(fd); /* now when the initialization is (almost) complete, chdir("/") * to free any busy filesystems */ -- 2.4.2
[Qemu-devel] [PATCH v4 07/13] Change qemu_set_fd_handler2(..., NULL, ...) to qemu_set_fd_handler
Done with following Coccinelle semantic patch, plus manual cosmetic changes in net/*.c. @@ expression E1, E2, E3, E4; @@ - qemu_set_fd_handler2(E1, NULL, E2, E3, E4); + qemu_set_fd_handler(E1, E2, E3, E4); Signed-off-by: Fam Zheng --- blockdev-nbd.c | 4 ++-- main-loop.c| 3 +-- migration/exec.c | 6 +++--- migration/fd.c | 4 ++-- migration/rdma.c | 7 +++ migration/tcp.c| 6 +++--- migration/unix.c | 6 +++--- net/l2tpv3.c | 8 net/netmap.c | 8 net/socket.c | 8 net/tap.c | 8 ui/vnc-auth-sasl.c | 2 +- ui/vnc-auth-vencrypt.c | 2 +- ui/vnc-ws.c| 6 +++--- ui/vnc.c | 27 --- util/qemu-sockets.c| 8 +++- 16 files changed, 53 insertions(+), 60 deletions(-) diff --git a/blockdev-nbd.c b/blockdev-nbd.c index 85cda4c..0d9df47 100644 --- a/blockdev-nbd.c +++ b/blockdev-nbd.c @@ -43,7 +43,7 @@ void qmp_nbd_server_start(SocketAddress *addr, Error **errp) server_fd = socket_listen(addr, errp); if (server_fd != -1) { -qemu_set_fd_handler2(server_fd, NULL, nbd_accept, NULL, NULL); +qemu_set_fd_handler(server_fd, nbd_accept, NULL, NULL); } } @@ -129,7 +129,7 @@ void qmp_nbd_server_stop(Error **errp) } if (server_fd != -1) { -qemu_set_fd_handler2(server_fd, NULL, NULL, NULL, NULL); +qemu_set_fd_handler(server_fd, NULL, NULL, NULL); close(server_fd); server_fd = -1; } diff --git a/main-loop.c b/main-loop.c index 981bcb5..82875a4 100644 --- a/main-loop.c +++ b/main-loop.c @@ -100,8 +100,7 @@ static int qemu_signal_init(void) fcntl_setfl(sigfd, O_NONBLOCK); -qemu_set_fd_handler2(sigfd, NULL, sigfd_handler, NULL, - (void *)(intptr_t)sigfd); +qemu_set_fd_handler(sigfd, sigfd_handler, NULL, (void *)(intptr_t)sigfd); return 0; } diff --git a/migration/exec.c b/migration/exec.c index 4790247..8406d2b 100644 --- a/migration/exec.c +++ b/migration/exec.c @@ -49,7 +49,7 @@ static void exec_accept_incoming_migration(void *opaque) { QEMUFile *f = opaque; -qemu_set_fd_handler2(qemu_get_fd(f), NULL, NULL, NULL, NULL); +qemu_set_fd_handler(qemu_get_fd(f), NULL, NULL, NULL); process_incoming_migration(f); } @@ -64,6 +64,6 @@ void exec_start_incoming_migration(const char *command, Error **errp) return; } -qemu_set_fd_handler2(qemu_get_fd(f), NULL, -exec_accept_incoming_migration, NULL, f); +qemu_set_fd_handler(qemu_get_fd(f), exec_accept_incoming_migration, NULL, +f); } diff --git a/migration/fd.c b/migration/fd.c index 129da99..3e4bed0 100644 --- a/migration/fd.c +++ b/migration/fd.c @@ -62,7 +62,7 @@ static void fd_accept_incoming_migration(void *opaque) { QEMUFile *f = opaque; -qemu_set_fd_handler2(qemu_get_fd(f), NULL, NULL, NULL, NULL); +qemu_set_fd_handler(qemu_get_fd(f), NULL, NULL, NULL); process_incoming_migration(f); } @@ -84,5 +84,5 @@ void fd_start_incoming_migration(const char *infd, Error **errp) return; } -qemu_set_fd_handler2(fd, NULL, fd_accept_incoming_migration, NULL, f); +qemu_set_fd_handler(fd, fd_accept_incoming_migration, NULL, f); } diff --git a/migration/rdma.c b/migration/rdma.c index 77e3444..171c23f 100644 --- a/migration/rdma.c +++ b/migration/rdma.c @@ -2834,7 +2834,7 @@ static int qemu_rdma_accept(RDMAContext *rdma) } } -qemu_set_fd_handler2(rdma->channel->fd, NULL, NULL, NULL, NULL); +qemu_set_fd_handler(rdma->channel->fd, NULL, NULL, NULL); ret = rdma_accept(rdma->cm_id, &conn_param); if (ret) { @@ -3331,9 +3331,8 @@ void rdma_start_incoming_migration(const char *host_port, Error **errp) trace_rdma_start_incoming_migration_after_rdma_listen(); -qemu_set_fd_handler2(rdma->channel->fd, NULL, - rdma_accept_incoming_migration, NULL, -(void *)(intptr_t) rdma); +qemu_set_fd_handler(rdma->channel->fd, rdma_accept_incoming_migration, +NULL, (void *)(intptr_t)rdma); return; err: error_propagate(errp, local_err); diff --git a/migration/tcp.c b/migration/tcp.c index 91c9cf3..ae89172 100644 --- a/migration/tcp.c +++ b/migration/tcp.c @@ -65,7 +65,7 @@ static void tcp_accept_incoming_migration(void *opaque) c = qemu_accept(s, (struct sockaddr *)&addr, &addrlen); err = socket_error(); } while (c < 0 && err == EINTR); -qemu_set_fd_handler2(s, NULL, NULL, NULL, NULL); +qemu_set_fd_handler(s, NULL, NULL, NULL); closesocket(s); DPRINTF("accepted migration\n"); @@ -98,6 +98,6 @@ void tcp_start_incoming_migration(const char *host_port, Error **errp) return; } -qemu_set_fd_handler2(s, NULL, tcp_accept_in
[Qemu-devel] [PATCH v4 01/13] stubs: Add qemu_set_fd_handler
Some qemu_set_fd_handler2 stub callers will be converted to call qemu_set_fd_handler, add this stub for them before making the change. Signed-off-by: Fam Zheng --- stubs/set-fd-handler.c | 8 1 file changed, 8 insertions(+) diff --git a/stubs/set-fd-handler.c b/stubs/set-fd-handler.c index fc874d3..25cca8c 100644 --- a/stubs/set-fd-handler.c +++ b/stubs/set-fd-handler.c @@ -1,6 +1,14 @@ #include "qemu-common.h" #include "qemu/main-loop.h" +int qemu_set_fd_handler(int fd, +IOHandler *fd_read, +IOHandler *fd_write, +void *opaque) +{ +abort(); +} + int qemu_set_fd_handler2(int fd, IOCanReadHandler *fd_read_poll, IOHandler *fd_read, -- 2.4.2
[Qemu-devel] [PATCH v4 00/13] main-loop: Get rid of fd_read_poll and qemu_set_fd_handler2
v4: Remove unnecessary variable "can_send" in 06. [Stefan, Jason] This carries out the mandate in the comment of qemu_set_fd_handler2 and removes fd_read_poll from the code base, because it will make the work easier to convert ppoll to epoll in main loop, as well as convert iohandler to GSource. Also, the aio interface doesn't have a read poll callback, which means this conversion woule be necessary if we want to move things from main loop to AioContext. There are five users of the read poll callback now: qemu-nbd, l2tpv3, netmap, socket and tap. Patch 1 adds a stub for qemu_set_fd_handler which will be referenced in coming patches. Patch 2 converts qemu-nbd which compares two global numbers in the fd_read_poll callback. Patches 2~5 converts the four net devices, all of which checks qemu_can_send_packet() in the callback. Patch 6 and 7 finally removes the function. The rest of the series is cleaning up of dead code. Please review! Fam Zheng (13): stubs: Add qemu_set_fd_handler qemu-nbd: Switch to qemu_set_fd_handler l2tpv3: Drop l2tpv3_can_send netmap: Drop netmap_can_send net/socket: Drop net_socket_can_send tap: Drop tap_can_send Change qemu_set_fd_handler2(..., NULL, ...) to qemu_set_fd_handler main-loop: Drop qemu_set_fd_handler2 alsaaudio: Remove unused error handling of qemu_set_fd_handler oss: Remove unused error handling of qemu_set_fd_handler xen_backend: Remove unused error handling of qemu_set_fd_handler event-notifier: Always return 0 for posix implementation iohandler: Change return type of qemu_set_fd_handler to "void" audio/alsaaudio.c | 16 ++--- audio/ossaudio.c| 14 ++- blockdev-nbd.c | 4 ++-- hw/xen/xen_backend.c| 4 +--- include/block/aio.h | 2 +- include/qemu/main-loop.h| 57 - iohandler.c | 21 ++--- main-loop.c | 3 +-- migration/exec.c| 6 ++--- migration/fd.c | 4 ++-- migration/rdma.c| 7 +++--- migration/tcp.c | 6 ++--- migration/unix.c| 6 ++--- net/l2tpv3.c| 17 -- net/netmap.c| 20 net/socket.c| 37 + net/tap.c | 19 --- qemu-nbd.c | 21 + stubs/set-fd-handler.c | 3 +-- ui/vnc-auth-sasl.c | 2 +- ui/vnc-auth-vencrypt.c | 2 +- ui/vnc-ws.c | 6 ++--- ui/vnc.c| 27 ++--- util/event_notifier-posix.c | 3 ++- util/qemu-sockets.c | 8 +++ 25 files changed, 112 insertions(+), 203 deletions(-) -- 2.4.2
Re: [Qemu-devel] [PATCH v2 12/23] vl: run "late" notifiers immediately
On Wed, Jun 3, 2015 at 10:08 AM, Paolo Bonzini wrote: > If a machine_init_done notifier is added late, as part of a hot-plugged > device, run it immediately. Blank line? > Signed-off-by: Paolo Bonzini Reviewed-by: Peter Crosthwaite > --- > vl.c | 6 ++ > 1 file changed, 6 insertions(+) > > diff --git a/vl.c b/vl.c > index 0707cfa..00def69 100644 > --- a/vl.c > +++ b/vl.c > @@ -2498,14 +2498,20 @@ static void qemu_run_exit_notifiers(void) > notifier_list_notify(&exit_notifiers, NULL); > } > > +static bool machine_init_done; > + > void qemu_add_machine_init_done_notifier(Notifier *notify) > { > notifier_list_add(&machine_init_done_notifiers, notify); > +if (machine_init_done) { > +notify->notify(notify, NULL); > +} > } > > static void qemu_run_machine_init_done_notifiers(void) > { > notifier_list_notify(&machine_init_done_notifiers, NULL); > +machine_init_done = true; > } > > static const QEMUOption *lookup_opt(int argc, char **argv, > -- > 2.4.1 > > >
Re: [Qemu-devel] [PATCH v2 11/23] qom: add object_property_add_const_link
On Wed, Jun 3, 2015 at 10:08 AM, Paolo Bonzini wrote: > Suggested-by: Eduardo Habkost > Acked-by: Andreas Faerber > Signed-off-by: Paolo Bonzini Reviewed-by: Peter Crosthwaite > --- > include/qom/object.h | 18 ++ > qom/object.c | 16 > 2 files changed, 34 insertions(+) > > diff --git a/include/qom/object.h b/include/qom/object.h > index d2d7748..0505f20 100644 > --- a/include/qom/object.h > +++ b/include/qom/object.h > @@ -1290,6 +1290,24 @@ void object_property_add_alias(Object *obj, const char > *name, > Error **errp); > > /** > + * object_property_add_const_link: > + * @obj: the object to add a property to > + * @name: the name of the property > + * @target: the object to be referred by the link > + * @errp: if an error occurs, a pointer to an area to store the error > + * > + * Add an unmodifiable link for a property on an object. This function will > + * add a property of type link where TYPE is the type of @target. > + * > + * The caller must ensure that @target stays alive as long as > + * this property exists. In the case @target is a child of @obj, > + * this will be the case. Otherwise, the caller is responsible for > + * taking a reference. > + */ > +void object_property_add_const_link(Object *obj, const char *name, > +Object *target, Error **errp); > + > +/** > * object_property_set_description: > * @obj: the object owning the property > * @name: the name of the property > diff --git a/qom/object.c b/qom/object.c > index b8dff43..96abd34 100644 > --- a/qom/object.c > +++ b/qom/object.c > @@ -1266,6 +1266,22 @@ out: > g_free(full_type); > } > > +void object_property_add_const_link(Object *obj, const char *name, > +Object *target, Error **errp) > +{ > +char *link_type; > +ObjectProperty *op; > + > +link_type = g_strdup_printf("link<%s>", object_get_typename(target)); > +op = object_property_add(obj, name, link_type, > + object_get_child_property, NULL, > + NULL, target, errp); > +if (op != NULL) { > +op->resolve = object_resolve_child_property; > +} > +g_free(link_type); > +} > + > gchar *object_get_canonical_path_component(Object *obj) > { > ObjectProperty *prop = NULL; > -- > 2.4.1 > > >
Re: [Qemu-devel] [PATCH v2 08/23] pflash_cfi01: change to new-style MMIO accessors
On Wed, Jun 3, 2015 at 10:08 AM, Paolo Bonzini wrote: > This is a required step to implement read_with_attrs and write_with_attrs. > > Signed-off-by: Paolo Bonzini > --- > hw/block/pflash_cfi01.c | 96 > ++--- Nice stats. > 1 file changed, 10 insertions(+), 86 deletions(-) > > diff --git a/hw/block/pflash_cfi01.c b/hw/block/pflash_cfi01.c > index 7507a15..0b3667a 100644 > --- a/hw/block/pflash_cfi01.c > +++ b/hw/block/pflash_cfi01.c > @@ -650,101 +650,25 @@ static void pflash_write(pflash_t *pfl, hwaddr offset, > } > > > -static uint32_t pflash_readb_be(void *opaque, hwaddr addr) > -{ > -return pflash_read(opaque, addr, 1, 1); > -} > - > -static uint32_t pflash_readb_le(void *opaque, hwaddr addr) > -{ > -return pflash_read(opaque, addr, 1, 0); > -} > - > -static uint32_t pflash_readw_be(void *opaque, hwaddr addr) > +static uint64_t pflash_mem_read(void *opaque, hwaddr addr, unsigned len) > { > pflash_t *pfl = opaque; > +bool be = !!(pfl->features & (1 << PFLASH_BE)); !!() not needed. Otherwise Reviewed-by: Peter Crosthwaite > > -return pflash_read(pfl, addr, 2, 1); > +return pflash_read(pfl, addr, len, be); > } > > -static uint32_t pflash_readw_le(void *opaque, hwaddr addr) > +static void pflash_mem_write(void *opaque, hwaddr addr, uint64_t value, > unsigned len) > { > pflash_t *pfl = opaque; > +bool be = !!(pfl->features & (1 << PFLASH_BE)); > > -return pflash_read(pfl, addr, 2, 0); > +pflash_write(pfl, addr, value, len, be); > } > > -static uint32_t pflash_readl_be(void *opaque, hwaddr addr) > -{ > -pflash_t *pfl = opaque; > - > -return pflash_read(pfl, addr, 4, 1); > -} > - > -static uint32_t pflash_readl_le(void *opaque, hwaddr addr) > -{ > -pflash_t *pfl = opaque; > - > -return pflash_read(pfl, addr, 4, 0); > -} > - > -static void pflash_writeb_be(void *opaque, hwaddr addr, > - uint32_t value) > -{ > -pflash_write(opaque, addr, value, 1, 1); > -} > - > -static void pflash_writeb_le(void *opaque, hwaddr addr, > - uint32_t value) > -{ > -pflash_write(opaque, addr, value, 1, 0); > -} > - > -static void pflash_writew_be(void *opaque, hwaddr addr, > - uint32_t value) > -{ > -pflash_t *pfl = opaque; > - > -pflash_write(pfl, addr, value, 2, 1); > -} > - > -static void pflash_writew_le(void *opaque, hwaddr addr, > - uint32_t value) > -{ > -pflash_t *pfl = opaque; > - > -pflash_write(pfl, addr, value, 2, 0); > -} > - > -static void pflash_writel_be(void *opaque, hwaddr addr, > - uint32_t value) > -{ > -pflash_t *pfl = opaque; > - > -pflash_write(pfl, addr, value, 4, 1); > -} > - > -static void pflash_writel_le(void *opaque, hwaddr addr, > - uint32_t value) > -{ > -pflash_t *pfl = opaque; > - > -pflash_write(pfl, addr, value, 4, 0); > -} > - > -static const MemoryRegionOps pflash_cfi01_ops_be = { > -.old_mmio = { > -.read = { pflash_readb_be, pflash_readw_be, pflash_readl_be, }, > -.write = { pflash_writeb_be, pflash_writew_be, pflash_writel_be, }, > -}, > -.endianness = DEVICE_NATIVE_ENDIAN, > -}; > - > -static const MemoryRegionOps pflash_cfi01_ops_le = { > -.old_mmio = { > -.read = { pflash_readb_le, pflash_readw_le, pflash_readl_le, }, > -.write = { pflash_writeb_le, pflash_writew_le, pflash_writel_le, }, > -}, > +static const MemoryRegionOps pflash_cfi01_ops = { > +.read = pflash_mem_read, > +.write = pflash_mem_write, > .endianness = DEVICE_NATIVE_ENDIAN, > }; > > @@ -775,7 +699,7 @@ static void pflash_cfi01_realize(DeviceState *dev, Error > **errp) > > memory_region_init_rom_device( > &pfl->mem, OBJECT(dev), > -pfl->features & (1 << PFLASH_BE) ? &pflash_cfi01_ops_be : > &pflash_cfi01_ops_le, > +&pflash_cfi01_ops, > pfl, > pfl->name, total_len, &local_err); > if (local_err) { > -- > 2.4.1 > > >
[Qemu-devel] [PATCH 2/2] vmdk: Use vmdk_find_index_in_cluster everywhere
Signed-off-by: Fam Zheng --- block/vmdk.c | 10 ++ 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/block/vmdk.c b/block/vmdk.c index 3e4d84b..56626b0 100644 --- a/block/vmdk.c +++ b/block/vmdk.c @@ -1424,7 +1424,6 @@ static int vmdk_read(BlockDriverState *bs, int64_t sector_num, BDRVVmdkState *s = bs->opaque; int ret; uint64_t n, index_in_cluster; -uint64_t extent_begin_sector, extent_relative_sector_num; VmdkExtent *extent = NULL; uint64_t cluster_offset; @@ -1436,9 +1435,7 @@ static int vmdk_read(BlockDriverState *bs, int64_t sector_num, ret = get_cluster_offset(bs, extent, NULL, sector_num << 9, false, &cluster_offset, 0, 0); -extent_begin_sector = extent->end_sector - extent->sectors; -extent_relative_sector_num = sector_num - extent_begin_sector; -index_in_cluster = extent_relative_sector_num % extent->cluster_sectors; +index_in_cluster = vmdk_find_index_in_cluster(extent, sector_num); n = extent->cluster_sectors - index_in_cluster; if (n > nb_sectors) { n = nb_sectors; @@ -1500,7 +1497,6 @@ static int vmdk_write(BlockDriverState *bs, int64_t sector_num, VmdkExtent *extent = NULL; int ret; int64_t index_in_cluster, n; -uint64_t extent_begin_sector, extent_relative_sector_num; uint64_t cluster_offset; VmdkMetaData m_data; @@ -1516,9 +1512,7 @@ static int vmdk_write(BlockDriverState *bs, int64_t sector_num, if (!extent) { return -EIO; } -extent_begin_sector = extent->end_sector - extent->sectors; -extent_relative_sector_num = sector_num - extent_begin_sector; -index_in_cluster = extent_relative_sector_num % extent->cluster_sectors; +index_in_cluster = vmdk_find_index_in_cluster(extent, sector_num); n = extent->cluster_sectors - index_in_cluster; if (n > nb_sectors) { n = nb_sectors; -- 2.4.2
[Qemu-devel] [PATCH 1/2] vmdk: Fix index_in_cluster calculation in vmdk_co_get_block_status
It has the similar issue with b1649fae49a8. Since the calculation is repeated for a few times already, introduce a function so it can be reused. Signed-off-by: Fam Zheng --- block/vmdk.c | 13 - 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/block/vmdk.c b/block/vmdk.c index b66745d..3e4d84b 100644 --- a/block/vmdk.c +++ b/block/vmdk.c @@ -1248,6 +1248,17 @@ static VmdkExtent *find_extent(BDRVVmdkState *s, return NULL; } +static inline uint64_t vmdk_find_index_in_cluster(VmdkExtent *extent, + int64_t sector_num) +{ +uint64_t index_in_cluster, extent_begin_sector, extent_relative_sector_num; + +extent_begin_sector = extent->end_sector - extent->sectors; +extent_relative_sector_num = sector_num - extent_begin_sector; +index_in_cluster = extent_relative_sector_num % extent->cluster_sectors; +return index_in_cluster; +} + static int64_t coroutine_fn vmdk_co_get_block_status(BlockDriverState *bs, int64_t sector_num, int nb_sectors, int *pnum) { @@ -1285,7 +1296,7 @@ static int64_t coroutine_fn vmdk_co_get_block_status(BlockDriverState *bs, break; } -index_in_cluster = sector_num % extent->cluster_sectors; +index_in_cluster = vmdk_find_index_in_cluster(extent, sector_num); n = extent->cluster_sectors - index_in_cluster; if (n > nb_sectors) { n = nb_sectors; -- 2.4.2
[Qemu-devel] [PATCH 0/2] vmdk: Fix vmdk_co_get_block_status
The buggy index_in_cluster was missed in b1649fae49a8. Fix that and dedup the calculation. Fam Zheng (2): vmdk: Fix index_in_cluster calculation in vmdk_co_get_block_status vmdk: Use vmdk_find_index_in_cluster everywhere block/vmdk.c | 23 ++- 1 file changed, 14 insertions(+), 9 deletions(-) -- 2.4.2
Re: [Qemu-devel] [PATCH v3 0/3] Bitmap based CPU enumeration
On Wed, Jun 3, 2015 at 8:08 PM, Bharata B Rao wrote: > On Thu, May 28, 2015 at 09:59:38PM -0700, Peter Crosthwaite wrote: >> On Thu, May 28, 2015 at 7:27 PM, Bharata B Rao >> wrote: >> > All the comments have been addressed and the series has been reviewed >> > by David, Eduardo and Igor. Can this series be taken in now ? >> > >> >> Andreas' comment on P3 looks unaddressed. I think it can be handled by >> just putting that one sentance explanation you gave in commit message, >> or if its far enough out of scope just drop the change. >> >> I think Igor's comment was an out of scope suggestion in the end so >> nothing needed there? >> >> Regards, >> Peter >> >> P.S. I am not the maintainer but I need to rebase on you for one of my >> patch sets so I'd like to help see this though! > > Should I be rebasing against latest master or anyone else's tree to make > it easier for inclusion ? > I don't know about anyone elses tree, but there is an edit to last patch so a fresh complete v4 rebased is probably going to make life easy for whoever. I have CCd Paolo who owns exec.c according to MAINTAINERS. Regards, Peter > Regards, > Bharata. > >
Re: [Qemu-devel] [PATCH v3 6/8] target-sh4: split out Q and M from of SR and optimize div1
On 05/24/2015 04:37 PM, Aurelien Jarno wrote: Splitting Q and M out of SR, it's possible to optimize div1 by using TCG code instead of an helper. Signed-off-by: Aurelien Jarno --- target-sh4/cpu.h | 12 +++-- target-sh4/helper.h| 1 - target-sh4/op_helper.c | 118 - target-sh4/translate.c | 70 - 4 files changed, 69 insertions(+), 132 deletions(-) Reviewed-by: Richard Henderson r~
Re: [Qemu-devel] [PATCH COLO-Block v5 00/15] Block replication for continuous checkpoints
On 05/28/2015 12:59 PM, Wen Congyang wrote: > Ping... Does anybody have time to review it. Thanks Wen Congyang > > On 05/21/2015 12:52 PM, Wen Congyang wrote: >> Block replication is a very important feature which is used for >> continuous checkpoints(for example: COLO). >> >> Usage: >> Please refer to docs/block-replication.txt >> >> You can get the patch here: >> https://github.com/wencongyang/qemu-colo/commits/block-replication-v5 >> >> The other newest COLO patchse will be sent soon. >> >> TODO: >> 1. Continuous block replication. It will be started after basic functions >>are accepted. >> >> Changs Log: >> V5: >> 1. Address the comments from Gong Lei >> 2. Speed the failover up. The secondary vm can take over very quickly even >>if there are too many I/O requests. >> V4: >> 1. Introduce a new driver replication to avoid touch nbd and qcow2. >> V3: >> 1: use error_setg() instead of error_set() >> 2. Add a new block job API >> 3. Active disk, hidden disk and nbd target uses the same AioContext >> 4. Add a testcase to test new hbitmap API >> V2: >> 1. Redesign the secondary qemu(use image-fleecing) >> 2. Use Error objects to return error message >> 3. Address the comments from Max Reitz and Eric Blake >> Wen Congyang (15): >> docs: block replication's description >> allow writing to the backing file >> Allow creating backup jobs when opening BDS >> block: Parse "backing_reference" option to reference existing BDS >> Backup: clear all bitmap when doing block checkpoint >> Don't allow a disk use backing reference target >> Add new block driver interface to connect/disconnect the remote target >> NBD client: implement block driver interfaces to connect/disconnect >> NBD server >> Introduce a new -drive option to control whether to connect to remote >> target >> NBD client: connect to nbd server later >> Add new block driver interfaces to control block replication >> skip nbd_target when starting block replication >> quorum: implement block driver interfaces for block replication >> quorum: allow ignoring child errors >> Implement new driver for block replication >> >> block.c| 272 +++- >> block/Makefile.objs| 3 +- >> block/backup.c | 13 ++ >> block/nbd.c| 69 +-- >> block/quorum.c | 142 ++- >> block/replication.c| 441 >> + >> blockdev.c | 8 + >> blockjob.c | 10 + >> docs/block-replication.txt | 179 ++ >> include/block/block.h | 10 + >> include/block/block_int.h | 18 ++ >> include/block/blockjob.h | 12 ++ >> qapi/block.json| 16 ++ >> qemu-options.hx| 4 + >> tests/qemu-iotests/051 | 13 ++ >> tests/qemu-iotests/051.out | 13 ++ >> 16 files changed, 1193 insertions(+), 30 deletions(-) >> create mode 100644 block/replication.c >> create mode 100644 docs/block-replication.txt >> > > > . >
Re: [Qemu-devel] [PATCH v6 5/6] spapr_pci: populate ibm,loc-code
Thomas Huth writes: > On Wed, 3 Jun 2015 16:55:56 +0530 > Nikunj A Dadhania wrote: > >> Each hardware instance has a platform unique location code. The OF >> device tree that describes a part of a hardware entity must include >> the “ibm,loc-code” property with a value that represents the location >> code for that hardware entity. >> >> Populate ibm,loc-code. >> >> 1) PCI passthru devices need to identify with its own ibm,loc-code >>available on the host. In failure cases use: >>vfio_:::. >> >> 2) Emulated devices encode as following: >>qemu_:::. >> >> Signed-off-by: Nikunj A Dadhania >> --- >> hw/ppc/spapr_pci.c | 78 >> +++--- >> 1 file changed, 68 insertions(+), 10 deletions(-) >> >> diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c >> index 4226468..986bb21 100644 >> --- a/hw/ppc/spapr_pci.c >> +++ b/hw/ppc/spapr_pci.c >> @@ -746,6 +746,60 @@ static AddressSpace *spapr_pci_dma_iommu(PCIBus *bus, >> void *opaque, int devfn) >> return &phb->iommu_as; >> } >> >> +static char *spapr_phb_vfio_get_loc_code(sPAPRPHBState *sphb, PCIDevice >> *pdev) >> +{ >> +char *path = NULL, *buf = NULL, *host = NULL; >> + >> +/* Get the PCI VFIO host id */ >> +host = object_property_get_str(OBJECT(pdev), "host", NULL); >> +if (!host) { >> +goto err_out; >> +} >> + >> +/* Construct the path of the file that will give us the DT location */ >> +path = g_strdup_printf("/sys/bus/pci/devices/%s/devspec", host); >> +g_free(host); >> +if (!path || !g_file_get_contents(path, &buf, NULL, NULL)) { >> +goto err_out; >> +} >> +g_free(path); >> + >> +/* Construct and read from host device tree the loc-code */ >> +path = g_strdup_printf("/proc/device-tree%s/ibm,loc-code", buf); >> +g_free(buf); >> +if (!path || !g_file_get_contents(path, &buf, NULL, NULL)) { >> +goto err_out; >> +} >> +return buf; > > I'd maybe change the above 4 lines into: > > if (path && g_file_get_contents(path, &buf, NULL, NULL)) { > return buf; > } > > so that you can get rid of one goto here. Wouldnt make much of a difference though ! >> +err_out: >> +g_free(path); >> +return NULL; >> +} >> + >> +static char *spapr_phb_get_loc_code(sPAPRPHBState *sphb, PCIDevice *pdev) >> +{ >> +char *buf; >> +const char *devtype = "qemu"; >> +uint32_t busnr = >> pci_bus_num(PCI_BUS(qdev_get_parent_bus(DEVICE(pdev; >> + >> +if (object_dynamic_cast(OBJECT(pdev), "vfio-pci")) { >> +buf = spapr_phb_vfio_get_loc_code(sphb, pdev); >> +if (buf) { >> +return buf; >> +} >> +devtype = "vfio"; >> +} >> +/* >> + * For emulated devices and VFIO-failure case, make up >> + * the loc-code. >> + */ >> +buf = g_strdup_printf("%s_%s:%04x:%02x:%02x.%x", >> + devtype, pdev->name, sphb->index, busnr, >> + PCI_SLOT(pdev->devfn), PCI_FUNC(pdev->devfn)); >> +return buf; >> +} >> + >> /* Macros to operate with address in OF binding to PCI */ >> #define b_x(x, p, l)(((x) & ((1<<(l))-1)) << (p)) >> #define b_n(x) b_x((x), 31, 1) /* 0 if relocatable */ >> @@ -884,11 +938,12 @@ static void populate_resource_props(PCIDevice *d, >> ResourceProps *rp) >> >> static int spapr_populate_pci_child_dt(PCIDevice *dev, void *fdt, int >> offset, >> int phb_index, int drc_index, >> - const char *drc_name) >> + sPAPRPHBState *sphb) >> { >> ResourceProps rp; >> bool is_bridge = false; >> int pci_status; >> +char *buf = NULL; > > Is the "= NULL" required here? If not, please remove, newer version > of gcc tend to complain otherwise. > >> if (pci_default_read_config(dev, PCI_HEADER_TYPE, 1) == >> PCI_HEADER_TYPE_BRIDGE) { >> @@ -949,10 +1004,15 @@ static int spapr_populate_pci_child_dt(PCIDevice >> *dev, void *fdt, int offset, >> * processed by OF beforehand >> */ >> _FDT(fdt_setprop_string(fdt, offset, "name", "pci")); >> -if (drc_name) { >> -_FDT(fdt_setprop(fdt, offset, "ibm,loc-code", drc_name, >> - strlen(drc_name))); >> +buf = spapr_phb_get_loc_code(sphb, dev); >> +if (!buf) { >> +error_report("Failed setting the ibm,loc-code"); >> +return -1; >> } >> + >> +_FDT(fdt_setprop_string(fdt, offset, "ibm,loc-code", buf)); > > I wonder whether this will cause some Coverity warnings later ... Not sure about that. > the _FDT macro can return immediately (ugh, return in a macro ... IMHO > a bad idea...). buf is not freed in that case, and that might trigger a > warning... You are right buf may not get freed in case of FDT error. In this case let me open code this macro here with proper error handling: err = fdt_setprop_string(f
Re: [Qemu-devel] [PATCH] target-s390x: Only access allocated storage keys
On 2015-06-04 00:52, Alexander Graf wrote: > We allocate ram_size / PAGE_SIZE storage keys, so we need to make sure that > we only access that many. Unfortunately the code can overrun this array by > one, potentially overwriting unrelated memory. > > Fix it by limiting storage keys to their scope. > > Signed-off-by: Alexander Graf > --- > target-s390x/mmu_helper.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/target-s390x/mmu_helper.c b/target-s390x/mmu_helper.c > index e8dcd0c..815ff42 100644 > --- a/target-s390x/mmu_helper.c > +++ b/target-s390x/mmu_helper.c > @@ -358,7 +358,7 @@ int mmu_translate(CPUS390XState *env, target_ulong vaddr, > int rw, uint64_t asc, > /* Convert real address -> absolute address */ > *raddr = mmu_real2abs(env, *raddr); > > -if (*raddr <= ram_size) { > +if (*raddr < ram_size) { > sk = &env->storage_keys[*raddr / TARGET_PAGE_SIZE]; > if (*flags & PAGE_READ) { > *sk |= SK_R; Reviewed-by: Aurelien Jarno -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net http://www.aurel32.net
Re: [Qemu-devel] [PATCH v3 5/8] target-sh4: optimize negc using add2 and sub2
On 05/24/2015 04:37 PM, Aurelien Jarno wrote: Signed-off-by: Aurelien Jarno --- target-sh4/translate.c | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) Reviewed-by: Richard Henderson r~
Re: [Qemu-devel] [PATCH v3 4/8] target-sh4: optimize subc using sub2
On 05/24/2015 04:37 PM, Aurelien Jarno wrote: +tcg_gen_sub2_i32(t1, t2, REG(B11_8), t0, REG(B7_4), t0); +tcg_gen_sub2_i32(REG(B11_8), cpu_sr_t, t1, t2, cpu_sr_t, t0); Similarly. r~
Re: [Qemu-devel] [PATCH v3 3/8] target-sh4: optimize addc using add2
On 05/24/2015 04:37 PM, Aurelien Jarno wrote: -TCGv t0, t1; -t0 = tcg_temp_new(); +TCGv t0, t1, t2; +t0 = tcg_const_tl(0); t1 = tcg_temp_new(); -tcg_gen_add_i32(t0, REG(B7_4), REG(B11_8)); -tcg_gen_add_i32(t1, cpu_sr_t, t0); -tcg_gen_setcond_i32(TCG_COND_GTU, cpu_sr_t, REG(B11_8), t0); -tcg_gen_setcond_i32(TCG_COND_GTU, t0, t0, t1); -tcg_gen_or_i32(cpu_sr_t, cpu_sr_t, t0); +t2 = tcg_temp_new(); +tcg_gen_add2_i32(t1, t2, REG(B11_8), t0, REG(B7_4), t0); +tcg_gen_add2_i32(REG(B11_8), cpu_sr_t, t1, t2, cpu_sr_t, t0); Swap these two adds and you don't need t2. You can consume sr_t immediately and start producing it in the same go. r~
Re: [Qemu-devel] [PATCH v3 2/8] target-sh4: Split out T from SR
On 05/24/2015 04:37 PM, Aurelien Jarno wrote: @@ -174,6 +176,16 @@ void superh_cpu_dump_state(CPUState *cs, FILE *f, env->delayed_pc); } } +static void gen_read_sr(TCGv dst) +{ +tcg_gen_or_i32(dst, cpu_sr, cpu_sr_t); +} Watch the spacing. /* MOVCO.L @@ -1558,8 +1523,7 @@ static void _decode_opc(DisasContext * ctx) */ if (ctx->features & SH_FEATURE_SH4A) { TCGLabel *label = gen_new_label(); -tcg_gen_andi_i32(cpu_sr, cpu_sr, ~(1u << SR_T)); - tcg_gen_or_i32(cpu_sr, cpu_sr, cpu_ldst); +tcg_gen_mov_i32(cpu_sr, cpu_ldst); Move to cpu_sr_t. r~
[Qemu-devel] Steal time MSR not set properly during live migration?
Hi, I'm trying to debug an issue we're having with some debian.org machines running in QEMU 2.1.2 instances (see [1] for more background). In short, after a live migration guests running Debian Jessie (linux 3.16) stop accounting CPU time properly. /proc/stat in the guest shows no increase in user and system time anymore (regardless of workload) and what stands out are extremely large values for steal time: % cat /proc/stat cpu 2400 0 1842 650879168 2579640 0 25 136562317270 0 0 cpu0 1366 0 1028 161392988 1238598 0 11 383803090749 0 0 cpu1 294 0 240 162582008 639105 0 8 39686436048 0 0 cpu2 406 0 338 163331066 383867 0 4 333994238765 0 0 cpu3 332 0 235 163573105 318069 0 1 1223752959076 0 0 intr 355773871 33 10 0 0 0 0 3 0 1 0 0 36 144 0 0 1638612 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 5 5001741 41 0 8516993 0 3669582 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ctxt 837862829 btime 1431642967 processes 8529939 procs_running 1 procs_blocked 0 softirq 225193331 2 77532878 172 7250024 819289 0 54 33739135 176552 105675225 Reading the memory pointed to by the steal time MSRs pre- and post-migration, I can see that post-migration the high bytes are set to 0xff: (qemu) xp /8b 0x1fc0cfc0 1fc0cfc0: 0x94 0x57 0x77 0xf5 0xff 0xff 0xff 0xff The "jump" in steal time happens when the guest is resumed on the receiving side. I've also been able to consistently reproduce this on a Ganeti cluster at work, using QEMU 2.1.3 and kernels 3.16 and 4.0 in the guests. The issue goes away if I disable the steal time MSR using `-cpu qemu64,-kvm_steal_time`. So, it looks to me as if the steal time MSR is not set/copied properly during live migration, although AFAICT this should be the case after 917367aa968fd4fef29d340e0c7ec8c608dffaab. Any ideas? Regards, Apollon [1] https://bugs.debian.org/785557
Re: [Qemu-devel] [PATCH] net: fix insecure temporary file creation in SLiRP
> On Wednesday, 3 June 2015 4:33 PM, Markus Armbruster wrote: > Let's go with Michael's v2, because it also fixes the "cleanup > after mkdir() / mkdtemp() failed" scenario. -> https://lists.nongnu.org/archive/html/qemu-devel/2015-06/msg00982.html Ah yes, looks concise. Thank you. --- Regards -P J P http://feedmug.com
Re: [Qemu-devel] Strange problems with lseek in qemu-img map
Cc: ext4 maillist On 06/03/2015 10:06 PM, Stefan Hajnoczi wrote: > On Tue, Jun 02, 2015 at 02:54:17PM +0200, David Weber wrote: >> Testcase: >> # qemu-img create test 500G >> # time qemu-img map test >> >> Systems: >> O3-3: Kubuntu 15.04 Workstation with stock-kernel 3.19.0-18-generic and >> stock >> qemu 2.2.0 >> Dinah: Ubuntu Server 15.04 with stock-kernel 3.19.0-18-generic and stock >> qemu >> 2.2.0 > > These systems have the same kernel but for some reason O3-3 completes > quickly while Dinah takes a long time in lseek(fd, offset, SEEK_DATA). > It looks like the file is empty (the syscall keeps returning ENXIO > because there are no allocated blocks in the file where qemu-img > probes). > >> Result on O3-3: >> root@o3-3:~# qemu-img create test 500G >> Formatting 'test', fmt=raw size=536870912000 >> root@o3-3:~# time qemu-img map test >> Offset Length Mapped to File >> >> real0m0.049s >> user0m0.048s >> sys 0m0.000s >> >> Result on dinah: >> root@dinah:~# qemu-img create test 500G >> Formatting 'test', fmt=raw size=536870912000 >> root@dinah:~# time qemu-img map test >> Offset Length Mapped to File >> ^C >> >> real0m41.862s >> user0m0.004s >> sys 0m0.068s >> (Stopped with ^C) >> >> Strace on O3-3: >> https://gist.github.com/anonymous/f221035e9176f7c71c74 >> >> Strace on dinah: >> https://gist.github.com/anonymous/40b42888a65478c90b32 >> >> A git bisect between 1.7 and master revealed >> 7c15903789953ead14a417882657d52dc0c19a24 "block/raw-posix: use seek_hole >> ahead >> of fiemap" as bad but this is not the real problem. >> I also tried to switch from btrfs to ext4 but it didn't change anything. >> >> At this point, I was pretty sure that was just stupit and missing something >> trivial. >> I then startet a fedora 22 live system and I saw the same problem. It >> happens >> on both the ramdisk and a ext4 filesystem. > > "it" == qemu-img map hangs or takes a very long time? > > Can you post a shell script that reproduces this with a ramdisk? That > seems like the easiest way to get people debugging it. I think it is ext4's problem. I add some printk in ext4_seek_data(): [ 335.579506] ext4_seek_data(): isize: 7d, offset: 0, maxsize: 000 [ 335.579512] ext4_seek_data(): blkbits: 12, start: 0, end: 7d0 [ 340.672400] ext4_seek_data(): loop count: 131072001 [ 340.672402] ext4_seek_data() returns -ENXIO [ 340.672447] ext4_seek_data(): isize: 7d, offset: 4000, maxsize: 000 [ 340.672449] ext4_seek_data(): blkbits: 12, start: 4, end: 7d0 [ 345.701852] ext4_seek_data(): loop count: 130809857 [ 345.701853] ext4_seek_data() returns -ENXIO [ 345.701891] ext4_seek_data(): isize: 7d, offset: 8000, maxsize: 000 [ 345.701893] ext4_seek_data(): blkbits: 12, start: 8, end: 7d0 [ 350.718479] ext4_seek_data(): loop count: 130547713 [ 350.718480] ext4_seek_data() returns -ENXIO [ 350.718507] ext4_seek_data(): isize: 7d, offset: c000, maxsize: 000 [ 350.718508] ext4_seek_data(): blkbits: 12, start: c, end: 7d0 [ 355.729692] ext4_seek_data(): loop count: 130285569 [ 355.729693] ext4_seek_data() returns -ENXIO [ 355.729732] ext4_seek_data(): isize: 7d, offset: 1, maxsize: 000 [ 355.729734] ext4_seek_data(): blkbits: 12, start: 10, end: 7d0 [ 360.728206] ext4_seek_data(): loop count: 130023425 [ 360.728207] ext4_seek_data() returns -ENXIO The diff: diff --git a/fs/ext4/file.c b/fs/ext4/file.c index 0613c25..9b334cc 100644 --- a/fs/ext4/file.c +++ b/fs/ext4/file.c @@ -453,12 +453,16 @@ static loff_t ext4_seek_data(struct file *file, loff_t offset, loff_t maxsize) loff_t dataoff, isize; int blkbits; int ret = 0; + unsigned long count = 0; mutex_lock(&inode->i_mutex); isize = i_size_read(inode); + pr_info("%s(): isize: %llx, offset: %llx, maxsize: %llx\n", + __func__, isize, offset, maxsize); if (offset >= isize) { mutex_unlock(&inode->i_mutex); + pr_info("%s() returns -ENXIO(offset is too large)\n", __func__); return -ENXIO; } @@ -467,8 +471,11 @@ static loff_t ext4_seek_data(struct file *file, loff_t offset, loff_t maxsize) last = start; end = isize >> blkbits; dataoff = offset; + pr_info("%s(): blkbits: %d, start: %x, end: %x\n", + __func__, blkbits, start, end); do { + count++; map.m_lblk = last; map.m_len = end - last + 1; ret = ext4_map_blocks(NULL, inode, &map, 0); @@ -508,8 +515,12 @@ static loff_t ext4_seek_data(struct file *file, loff_t offset, loff_t maxsize) mutex_unlock(&inode->i_mutex); - if (dataoff > isize) + pr_info("%s(): loop count: %ld\n", __func__, count); + + if (dataoff > isize) { +
Re: [Qemu-devel] [PATCH v3 0/3] Bitmap based CPU enumeration
On Thu, May 28, 2015 at 09:59:38PM -0700, Peter Crosthwaite wrote: > On Thu, May 28, 2015 at 7:27 PM, Bharata B Rao > wrote: > > All the comments have been addressed and the series has been reviewed > > by David, Eduardo and Igor. Can this series be taken in now ? > > > > Andreas' comment on P3 looks unaddressed. I think it can be handled by > just putting that one sentance explanation you gave in commit message, > or if its far enough out of scope just drop the change. > > I think Igor's comment was an out of scope suggestion in the end so > nothing needed there? > > Regards, > Peter > > P.S. I am not the maintainer but I need to rebase on you for one of my > patch sets so I'd like to help see this though! Should I be rebasing against latest master or anyone else's tree to make it easier for inclusion ? Regards, Bharata.
Re: [Qemu-devel] [edk2] NVMe question
Got your point. Ok, I will roll back the change Thanks Feng -Original Message- From: Busch, Keith Sent: Wednesday, June 03, 2015 22:47 To: Tian, Feng; Laszlo Ersek Cc: edk2-de...@lists.sourceforge.net; Anbazhagan, Baraneedharan; qemu devel list Subject: RE: [edk2] NVMe question Section 3.1.5, for IOCQES and IOSQES: "The required and maximum values for this field are specified in the Identify Controller data structure in Figure 90 for each I/O Command Set. The value is in bytes and is specified as a power of two (2^n)." If you're not setting these values, I assume you're leaving it as 0, which is most definitely below the "required" value. > -Original Message- > From: Tian, Feng > Sent: Tuesday, June 02, 2015 6:21 PM > To: Busch, Keith; Laszlo Ersek > Cc: edk2-de...@lists.sourceforge.net; Anbazhagan, Baraneedharan; qemu devel > list; Tian, Feng > Subject: RE: [edk2] NVMe question > > Hi, Keith > > I agree your explanation does make sense. > > But could you let me know where speaks the host driver must initialize these > two fields of CC > register before any I/O operation in NVMe spec? > > Thanks > Feng > > -Original Message- > From: Busch, Keith > Sent: Wednesday, June 03, 2015 03:11 > To: Laszlo Ersek > Cc: edk2-de...@lists.sourceforge.net; Anbazhagan, Baraneedharan; Tian, Feng; > Busch, Keith; qemu > devel list > Subject: Re: [edk2] NVMe question > > Hi, > > On Tue, 2 Jun 2015, Laszlo Ersek wrote: > > removed the nonzero initialization of Cc.Iosqes (submission queue > > size?) and Cc.Iocqes (completion queue size?) in function > > NvmeEnableController(). And the removal of these field initializations > > seems to cause the early sanity check in QEMU's nvme_start_ctrl() to > > fail -- my guess at least. > > > > The question is now if QEMU is right (according to the NVMe spec) to > > require those fields, or if edk2 is right not to initialize them. > > The host driver definitely needs to initialize these for the device to > understand the queue's > entry sizes. Without proper values, it would have no idea how much memory a > queue occupies. If you > have a real device that ignores these, it's breaking spec.
Re: [Qemu-devel] [PATCH] Revert "iothread: release iothread around aio_poll"
On Wed, 06/03 10:30, Stefan Hajnoczi wrote: > This reverts commit a0710f7995f914e3044e5899bd8ff6c43c62f916. > > In qemu-devel email message <556dbf87.2020...@de.ibm.com>, Christian > Borntraeger writes: > > Having many guests all with a kernel/ramdisk (via -kernel) and > several null block devices will result in hangs. All hanging > guests are in partition detection code waiting for an I/O to return > so very early maybe even the first I/O. > > Reverting that commit "fixes" the hangs. > > Reverting this commit for the 2.4 release. More time is needed to > investigate and correct this patch. > > Reported-by: Christian Borntraeger > Suggested-by: Paolo Bonzini > Signed-off-by: Stefan Hajnoczi Reviewed-by: Fam Zheng
Re: [Qemu-devel] Strange problems with lseek in qemu-img map
On 06/02/2015 08:54 PM, David Weber wrote: > Hello, > > I'm currently evaluating to switch our virtualization servers to a newer OS. > This includes a switch from qemu 1.7 to 2.2 or 2.3. > Our system heavily relies on big sparse images and drive_mirror. While > testing, I experienced some problems with that combination. > The strange thing is, that everything works flawlessly on my workstation but > fails on my servers. > > Testcase: > # qemu-img create test 500G > # time qemu-img map test > > Systems: > O3-3: Kubuntu 15.04 Workstation with stock-kernel 3.19.0-18-generic and stock > qemu 2.2.0 > Dinah: Ubuntu Server 15.04 with stock-kernel 3.19.0-18-generic and stock qemu > 2.2.0 > > Result on O3-3: > root@o3-3:~# qemu-img create test 500G > Formatting 'test', fmt=raw size=536870912000 > root@o3-3:~# time qemu-img map test > Offset Length Mapped to File > > real0m0.049s > user0m0.048s > sys 0m0.000s > > Result on dinah: > root@dinah:~# qemu-img create test 500G > Formatting 'test', fmt=raw size=536870912000 > root@dinah:~# time qemu-img map test > Offset Length Mapped to File > ^C > > real0m41.862s > user0m0.004s > sys 0m0.068s > (Stopped with ^C) Do you use the same filesystem? Thanks Wen Congyang > > Strace on O3-3: > https://gist.github.com/anonymous/f221035e9176f7c71c74 > > Strace on dinah: > https://gist.github.com/anonymous/40b42888a65478c90b32 > > A git bisect between 1.7 and master revealed > 7c15903789953ead14a417882657d52dc0c19a24 "block/raw-posix: use seek_hole > ahead > of fiemap" as bad but this is not the real problem. > I also tried to switch from btrfs to ext4 but it didn't change anything. > > At this point, I was pretty sure that was just stupit and missing something > trivial. > I then startet a fedora 22 live system and I saw the same problem. It happens > on both the ramdisk and a ext4 filesystem. > > Any ideas on this? I'm pretty much stuck at this point. Please ask if you > need > more information. > > Cheers, > David > > >
Re: [Qemu-devel] [PATCH 0/4] More core code ENV_GET_CPU removals
Ping! Was there an outcome? Regards, Peter On Fri, May 29, 2015 at 11:34 AM, Eduardo Habkost wrote: > On Tue, May 26, 2015 at 01:49:56PM +0200, Paolo Bonzini wrote: >> On 26/05/2015 10:33, Alexander Graf wrote: >> > How about we have the KVM call today and calmly talk about maintainer >> > responsibility borders? >> >> I'd be happy to attend the call today, yes. > > Was there a call? Any conclusions? > > -- > Eduardo >
Re: [Qemu-devel] [RFC] edk2 support for a new QEMU device - PXB (PCI Expander Device)
On 06/03/15 22:34, Marcel Apfelbaum wrote: > On 06/03/2015 01:20 PM, Laszlo Ersek wrote: >> Maybe we can experiment some more; for example we could start by >> you explaining to me how exactly to probe for a root bus's presence >> (you mentioned device 0, but I'll need more than that). > Well, I lied. :) > I had a look now on seabios and it does the following: > - Receives using a fw_config file the number of extra root buses. > - It starts scanning from bus 0 to bus 0xff until it discovers all > the extra root buses. The 'discovery' is "go over all bus's slots > and probe for a non empty PCI header". If you find at least one > device you just discovered a new PCI root bus. I thought about checking the VendorId header field for dev=0 func=0 on each bus. (Sources on the net indicate that the VendorId field is usually queried for presence -- all bits one means "nope".) > I think that we can improve the fw_config file to pass the actually > bus numbers and not only the total. In this way should be relatively > easy for edk2 to handle the extra root buses. Yes. I had thought this would be the easiest. I wasn't sure though if you'd appreciate such an idea :) >> For the bus range allocation, here's an idea: >> - create a bitmap with 256 bits (32 bytes) with all bits zero >> - probe all root buses; whatever is found, flip its bit to 1 >> - assuming N root buses were found, divide the number of remaining >> zero bits with N. The quotient Q means how many subordinate buses >> each root bus would be able to accommodate >> - for each root bus: >>- create an ACPI bus range descriptor that includes only the root >> bus's number >>- pull out Q zero bits from the bitmap, from the left, flipping >> them to one as you proceed >>- for each zero bit pulled, try to append that bus number to the >> ACPI bus range descriptor (simply bumping the end). If there's a >> discontinuity, start a new ACPI bus range descriptor. >> >> This greedy algorithm would grant each root bus the same number of >> possible subordinate buses, could be implemented in linear time, and >> would keep the individual bus ranges "reasonably continuous" (ie. >> there should be a reasonably low number of ACPI bus range >> descriptors, per root bus). >> >> What do you think? This wouldn't be a very hard patch to write, and >> then we could experiment with various -device pxb,bus_nr=xxx >> parameters. > Well, it looks nice but I think that we can do something much simpler > :) > Let's continue the above idea that QEMU passes to edk2 the *extra* > root bus numbers in ascending order for simplicity. > For example 8,16,32. From here you can derive that the bus ranges are: > 0-7 host bridge 0 > 8-15 pxb root bridge 1 > 16-31 pxb root bridge 2 > 32-0xff pxb root bridge 3 Sounds good, at least if the bus numbers assigned to the pxb's partition the full range fairly uniformly. > BTW, this is the way, as far as I know, that the real hw divides the > ranges. > Limitation: > - How do you know you have enough bus numbers for a host bridge to > cover all PCI-2-PCI bridges behind it? Let's say bus 0 has 10 > bridges, 0-7 range is not enough. Exactly. > Reasoning: > - This is *hw vendor* issue, not firmware, in our case QEMU should > check the ranges are enough before starting edk2. If you're willing to do the work in QEMU, you certainly won't meet any resistance on my part! :) > In conclusion, this assumption does not break anything or gives as a > big limitation. > And Seabios already assumes that... and QEMU is not going to break it. Great! >> The MMIO and IO spaces I would just share between all of them; the >> allocations from those are delegated back to the host bridge / root >> bridge driver, and the current implementation seems sufficient -- it >> just assings blocks from the same big MMIO ( / IO) space downwards > Yes, this is how it should be done, I am happy that it already works > that way. Tonight I've started to work on this anyway. Before attacking the bitmap idea, I wanted to -- had to, really -- rewrap OVMF's fresh clone of "PcAtChipsetPkg/PciHostBridgeDxe" to 79 columns. I expect to delve into the driver more deeply this time than last time, and the consistently overlong (130-148 character) lines make the code simply unreadable. So, I just finished that. (It was surprisingly difficult; the rewrapping took 8 patches, the cumulative diffstat is 9 files changed, 2261 insertions(+), 1445 deletions(-).) I thought I'd check my email before embarking on the bitmap thing. Your email arrived at the best possible moment! Not just because I don't have to implement the bitmap, the search, the multiple ACPI bus ranges per root bridge, but also because the internals of the driver rely quite heavily on each root bridge having a single contiguous bus range. I think I could have rebased that to bitmap checks, but the approach you're suggesting makes it all unnecessary. (Plus, I don't have to worry
Re: [Qemu-devel] [PATCH v1 1/1] xilinx_axidma.c: Fix up the stream_running() function
On Wed, May 27, 2015 at 12:37 AM, Alistair Francis wrote: > Previously the stream_running() function didn't check > if the DMA was halted. This caused hangs in recent versions > of MicroBlaze u-boot. Correct stream_running() to check > DMASR_HALTED as well as DMACR_RUNSTOP. > So I'm stuggling with this one. Partly because I think HALTED might be misimplemented in existing code. I did some digging, and AFAICS, HALTED is conditional on !DAMCR_RUNSTOP. I think i might have got 210914e29975d17e635f9e8c1f7478c0ed7a208f wrong: @@ -276,7 +276,7 @@ static void stream_process_mem2s(struct Stream *s, stream_desc_load(s, s->regs[R_CURDESC]); if (s->desc.status & SDESC_STATUS_COMPLETE) { -s->regs[R_DMASR] |= DMASR_IDLE; +s->regs[R_DMASR] |= DMASR_HALTED; break; } Stepping back and ignoring the existing implementation of HALTED there are 4 states of RS:H (RUNSTOP and HALTED): !RS && H - this is the off state. doc refers to this as the "halted" state. RS && !H - This is the running state. !RS && !H - This is the transient state. Software has cleared RS but there s still something on AXI bus so cant assert halted yet. RS && H - This is an invalid state. Current code reaches the invalid state on the ring buffer full case due to the bug above. My thoery is 210914e29975d17e635f9e8c1f7478c0ed7a208f should have just been: if (s->desc.status & SDESC_STATUS_COMPLETE) { -s->regs[R_DMASR] |= DMASR_IDLE; break; } Now I think there is yet another bug in that clearing RS doesn't seem to be able to reliably set the HALTED bit (only in the unrelated case of a ring buffer fill). I'm starting to question whether the HALTED bit as far as QEMU is concerned should just be a straight negation of RS. Depending on what the conditions cause a transient and what doesn't, the transient as I describe above may evaporate as we can get away with this simple shortcut. This would make this patch obsolete without fixing your bug :). So running on the assumption that HALTED is misimplemented your patch is doing something with that behaviour. The misimplemented HALTED is currently holding the state of "we are blocked on a full buffer". If you can point me which of the 3 call sites of stream_running was giving you problems I might have more clues. FYI you patch may still be correct but I wondering whether is has uncovered a bug that should lead to a rework of this. Regards, Peter > Signed-off-by: Alistair Francis > Reviewed-by: Sai Pavan Boddu > --- > hw/dma/xilinx_axidma.c |3 ++- > 1 files changed, 2 insertions(+), 1 deletions(-) > > diff --git a/hw/dma/xilinx_axidma.c b/hw/dma/xilinx_axidma.c > index d06002d..27fba40 100644 > --- a/hw/dma/xilinx_axidma.c > +++ b/hw/dma/xilinx_axidma.c > @@ -154,7 +154,8 @@ static inline int stream_resetting(struct Stream *s) > > static inline int stream_running(struct Stream *s) > { > -return s->regs[R_DMACR] & DMACR_RUNSTOP; > +return s->regs[R_DMACR] & DMACR_RUNSTOP && > + !(s->regs[R_DMASR] & DMASR_HALTED); > } > > static inline int stream_idle(struct Stream *s) > -- > 1.7.1 > >
[Qemu-devel] [PATCH] target-s390x: Only access allocated storage keys
We allocate ram_size / PAGE_SIZE storage keys, so we need to make sure that we only access that many. Unfortunately the code can overrun this array by one, potentially overwriting unrelated memory. Fix it by limiting storage keys to their scope. Signed-off-by: Alexander Graf --- target-s390x/mmu_helper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target-s390x/mmu_helper.c b/target-s390x/mmu_helper.c index e8dcd0c..815ff42 100644 --- a/target-s390x/mmu_helper.c +++ b/target-s390x/mmu_helper.c @@ -358,7 +358,7 @@ int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc, /* Convert real address -> absolute address */ *raddr = mmu_real2abs(env, *raddr); -if (*raddr <= ram_size) { +if (*raddr < ram_size) { sk = &env->storage_keys[*raddr / TARGET_PAGE_SIZE]; if (*flags & PAGE_READ) { *sk |= SK_R; -- 2.2.1
[Qemu-devel] [PATCH v5 3/4] monitor: Point to "help" command on syntax error
When a command fails due to incorrect syntax or input, suggest using the "help" command to get more information about the command. This is only applicable for HMP. Signed-off-by: Bandan Das Reviewed-by: Markus Armbruster --- monitor.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/monitor.c b/monitor.c index 33d088e..640c05c 100644 --- a/monitor.c +++ b/monitor.c @@ -4127,6 +4127,8 @@ static void handle_user_command(Monitor *mon, const char *cmdline) qdict = monitor_parse_arguments(mon, &cmdline, cmd); if (!qdict) { +monitor_printf(mon, "Try \"help %s\" for more information\n", + cmd->name); return; } -- 2.1.0
[Qemu-devel] [PATCH v5 2/4] monitor: cleanup parsing of cmd name and cmd arguments
There's too much going on in monitor_parse_command(). Split up the arguments parsing bits into a separate function monitor_parse_arguments(). Let the original function check for command validity and sub-commands if any and return data (*cmd) that the newly introduced function can process and return a QDict. Also, pass a pointer to the cmdline to track current parser location. Suggested-by: Markus Armbruster Signed-off-by: Bandan Das --- monitor.c | 98 +-- 1 file changed, 57 insertions(+), 41 deletions(-) diff --git a/monitor.c b/monitor.c index cc4e7d1..33d088e 100644 --- a/monitor.c +++ b/monitor.c @@ -3680,39 +3680,32 @@ static const mon_cmd_t *qmp_find_cmd(const char *cmdname) } /* - * Parse @cmdline according to command table @table. - * If @cmdline is blank, return NULL. - * If it can't be parsed, report to @mon, and return NULL. - * Else, insert command arguments into @qdict, and return the command. - * If a sub-command table exists, and if @cmdline contains an additional string - * for a sub-command, this function will try to search the sub-command table. - * If no additional string for a sub-command is present, this function will - * return the command found in @table. - * Do not assume the returned command points into @table! It doesn't - * when the command is a sub-command. + * Parse command name from @cmdp according to command table @table. + * If blank, return NULL. + * Else, if no valid command can be found, report to @mon, and return + * NULL. + * Else, change @cmdp to point right behind the name, and return its + * command table entry. + * Do not assume the return value points into @table! It doesn't when + * the command is found in a sub-command table. */ static const mon_cmd_t *monitor_parse_command(Monitor *mon, - const char *cmdline, - int start, - mon_cmd_t *table, - QDict *qdict) + const char **cmdp, + mon_cmd_t *table) { -const char *p, *typestr; -int c; +const char *p; const mon_cmd_t *cmd; char cmdname[256]; -char buf[1024]; -char *key; /* extract the command name */ -p = get_command_name(cmdline + start, cmdname, sizeof(cmdname)); +p = get_command_name(*cmdp, cmdname, sizeof(cmdname)); if (!p) return NULL; cmd = search_dispatch_table(table, cmdname); if (!cmd) { monitor_printf(mon, "unknown command: '%.*s'\n", - (int)(p - cmdline), cmdline); + (int)(p - *cmdp), *cmdp); return NULL; } @@ -3720,16 +3713,34 @@ static const mon_cmd_t *monitor_parse_command(Monitor *mon, while (qemu_isspace(*p)) { p++; } + +*cmdp = p; /* search sub command */ -if (cmd->sub_table != NULL) { -/* check if user set additional command */ -if (*p == '\0') { -return cmd; -} -return monitor_parse_command(mon, cmdline, p - cmdline, - cmd->sub_table, qdict); +if (cmd->sub_table != NULL && *p != '\0') { +return monitor_parse_command(mon, cmdp, cmd->sub_table); } +return cmd; +} + +/* + * Parse arguments for @cmd. + * If it can't be parsed, report to @mon, and return NULL. + * Else, insert command arguments into a QDict, and return it. + * Note: On success, caller has to free the QDict structure. + */ + +static QDict *monitor_parse_arguments(Monitor *mon, + const char **endp, + const mon_cmd_t *cmd) +{ +const char *typestr; +char *key; +int c; +const char *p = *endp; +char buf[1024]; +QDict *qdict = qdict_new(); + /* parse the parameters */ typestr = cmd->args_type; for(;;) { @@ -3759,14 +3770,14 @@ static const mon_cmd_t *monitor_parse_command(Monitor *mon, switch(c) { case 'F': monitor_printf(mon, "%s: filename expected\n", - cmdname); + cmd->name); break; case 'B': monitor_printf(mon, "%s: block device name expected\n", - cmdname); + cmd->name); break; default: -monitor_printf(mon, "%s: string expected\n", cmdname); +monitor_printf(mon, "%s: string expected\n", cmd->name); break; } goto fail; @@ -3908,7 +3919,7 @@ static const mon_cmd_t *monitor_
[Qemu-devel] [PATCH v5 0/4] monitor: suggest running "help" for command errors
v5: Move "monitor: remove debug prints" to first in the series Minor fixes to comments and commit messages v4: Better name for cmdline index pointer [1/4] Change comment for monitor_parse_command as suggested in review [1/4] Fix potential compilation failure in debug print [1/4] New - Fix failure path for argument type "S" [3/4] New - Remove debug prints [4/4] v3: Track the current location directly in the command line [1/2] Fix potential qdict leak [1/2] Document char **endp [1/2] Rebase on top of changes and add reviewed-by [2/2] v2: Split up the command name and arguments parsing into separate functions. [1/2] Skip checking for failures with commands that use the .cmd_new interface or the async interface since they are scheduled for removal [2/2] Bandan Das (4): monitor: remove debug prints monitor: cleanup parsing of cmd name and cmd arguments monitor: Point to "help" command on syntax error monitor: Fix failure path for "S" argument monitor.c | 122 +++--- 1 file changed, 61 insertions(+), 61 deletions(-) -- 2.1.0
[Qemu-devel] [PATCH v5 4/4] monitor: Fix failure path for "S" argument
Since the "S" argument type is only used with the "?" flag, the bug can't bite. Signed-off-by: Bandan Das Reviewed-by: Markus Armbruster --- monitor.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monitor.c b/monitor.c index 640c05c..5a18844 100644 --- a/monitor.c +++ b/monitor.c @@ -4062,7 +4062,7 @@ static QDict *monitor_parse_arguments(Monitor *mon, if (len <= 0) { monitor_printf(mon, "%s: string expected\n", cmd->name); -break; +goto fail; } qdict_put(qdict, key, qstring_from_str(p)); p += len; -- 2.1.0
[Qemu-devel] [PATCH v5 1/4] monitor: remove debug prints
The preferred solution is to use tracepoints and there is good chance of bitrot with the debug prints not being enabled at compile time. Remove them. Suggested-by: Markus Armbruster Signed-off-by: Bandan Das Reviewed-by: Markus Armbruster --- monitor.c | 20 +--- 1 file changed, 1 insertion(+), 19 deletions(-) diff --git a/monitor.c b/monitor.c index b2561e1..cc4e7d1 100644 --- a/monitor.c +++ b/monitor.c @@ -81,9 +81,6 @@ #endif #include "hw/lm32/lm32_pic.h" -//#define DEBUG -//#define DEBUG_COMPLETION - /* * Supported types: * @@ -3707,10 +3704,6 @@ static const mon_cmd_t *monitor_parse_command(Monitor *mon, char buf[1024]; char *key; -#ifdef DEBUG -monitor_printf(mon, "command='%s', start='%d'\n", cmdline, start); -#endif - /* extract the command name */ p = get_command_name(cmdline + start, cmdname, sizeof(cmdname)); if (!p) @@ -4189,10 +4182,7 @@ static void file_completion(Monitor *mon, const char *input) path[input_path_len] = '\0'; pstrcpy(file_prefix, sizeof(file_prefix), p + 1); } -#ifdef DEBUG_COMPLETION -monitor_printf(mon, "input='%s' path='%s' prefix='%s'\n", - input, path, file_prefix); -#endif + ffs = opendir(path); if (!ffs) return; @@ -4770,14 +4760,6 @@ static void monitor_find_completion(void *opaque, if (parse_cmdline(cmdline, &nb_args, args) < 0) { return; } -#ifdef DEBUG_COMPLETION -{ -int i; -for (i = 0; i < nb_args; i++) { -monitor_printf(mon, "arg%d = '%s'\n", i, args[i]); -} -} -#endif /* if the line ends with a space, it means we want to complete the next arg */ -- 2.1.0
Re: [Qemu-devel] [PATCH v2 00/16] fixes and improvements
On 03.06.15 23:09, Aurelien Jarno wrote: > The two first patches fixes bugs in the target-s390x TCG emulation. > > The 3 following patches fix some instruction definition. Given we don't > emulate a given CPU model and check the instruction availability, they > don't provide any functional change. > > The 7 following patches emulate some missing instructions, either > from the zArchitecture or from some additional facilities. > > The 2 following patches are new in this series, but have been posted as > RFC before. They prepare the work for the following patch (which hasn't > been posted before), providing a huge speed improvements when copying > data between the kernel and userland. > > The last patch fixes an issue with the MVC instruction when both memory > areas overlap. > > With all these patches applied, the GCC testsuite run in a guest fully > passes. Thanks, applied all to s390-next. Alex
Re: [Qemu-devel] [PATCH v2 06/16] target-s390x: implement LOAD FP INTEGER instructions
On 06/03/2015 02:09 PM, Aurelien Jarno wrote: This is needed to pass the gcc.c-torture/execute/ieee/20010114-2.c test in the gcc testsuite. Cc: Alexander Graf Cc: Richard Henderson Signed-off-by: Aurelien Jarno --- target-s390x/fpu_helper.c | 31 +++ target-s390x/helper.h | 3 +++ target-s390x/insn-data.def | 4 target-s390x/translate.c | 25 + 4 files changed, 63 insertions(+) Reviewed-by: Richard Henderson r~
Re: [Qemu-devel] [PATCH v8 08/10] qcow2: Invoke refcount order amendment function
On 06/03/2015 02:13 PM, Max Reitz wrote: > Make use of qcow2_change_refcount_order() to support changing the > refcount order with qemu-img amend. > > Signed-off-by: Max Reitz > --- > block/qcow2.c | 44 +++- > 1 file changed, 35 insertions(+), 9 deletions(-) > Reviewed-by: Eric Blake -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature
Re: [Qemu-devel] [PATCH v2 15/16] target-s390x: use softmmu functions for mvcp/mvcs
On 06/03/2015 02:09 PM, Aurelien Jarno wrote: mvcp and mvcs helper get access to the physical memory by a call to mmu_translate for the virtual to real conversion and then using ldb_phys and stb_phys to physically access the data. In practice this is quite slow because it bypasses the QEMU softmmu TLB and because stb_phys calls try to invalidate the corresponding memory for each access. Instead use cpu_ldb_{primary,secondary} for the loads and cpu_stb_{primary,secondary} for the stores. Ideally this should be further optimized by a call to memcpy, but that already improves the boot time of a guest by a factor 1.8. Cc: Alexander Graf Cc: Richard Henderson Signed-off-by: Aurelien Jarno --- target-s390x/mem_helper.c | 53 ++- 1 file changed, 20 insertions(+), 33 deletions(-) Reviewed-by: Richard Henderson r~
Re: [Qemu-devel] [PATCH v8 07/10] qcow2: Add function for refcount order amendment
On 06/03/2015 02:13 PM, Max Reitz wrote: > Add a function qcow2_change_refcount_order() which allows changing the > refcount order of a qcow2 image. > > Signed-off-by: Max Reitz > --- > block/qcow2-refcount.c | 447 > + > block/qcow2.h | 4 + > 2 files changed, 451 insertions(+) > Reviewed-by: Eric Blake -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature
Re: [Qemu-devel] [PATCH v3 38/38] iotests: Add test for change-related QMP commands
On 06/03/2015 01:44 PM, Max Reitz wrote: > Signed-off-by: Max Reitz > --- > tests/qemu-iotests/118 | 638 > + > tests/qemu-iotests/118.out | 5 + > tests/qemu-iotests/group | 1 + > 3 files changed, 644 insertions(+) > create mode 100755 tests/qemu-iotests/118 > create mode 100644 tests/qemu-iotests/118.out > > +def test_tray_open_change(self): > +result = self.vm.qmp('blockdev-open-tray', device='drive0', > force=True) > +self.assert_qmp(result, 'return', {}) > + > +self.wait_for_open() > + > +result = self.vm.qmp('query-block') > +self.assert_qmp(result, 'return[0]/tray_open', True) > +if self.was_empty == True: Stylistically, isn't 'if self.was_empty:' equivalent? But I'm no python guru, so I can live with the test as you have it. > +++ b/tests/qemu-iotests/group > @@ -121,6 +121,7 @@ > 114 rw auto quick > 115 rw auto > 116 rw auto quick > +118 rw auto > 121 rw auto Wow - we've got several placeholders pending review :) Reviewed-by: Eric Blake -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature
Re: [Qemu-devel] [PATCH v2 16/16] target-s390x: fix MVC instruction when areas overlap
On 06/03/2015 02:09 PM, Aurelien Jarno wrote: The MVC instruction and the memmove C funtion do not have the same semantic when memory areas overlap: MVC: When the operands overlap, the result is obtained as if the operands were processed one byte at a time and each result byte were stored immediately after fetching the necessary operand byte. memmove: Copying takes place as though the bytes in src are first copied into a temporary array that does not overlap src or dest, and the bytes are then copied from the temporary array to dest. The behaviour is therefore the same when the destination is at a lower address than the source, but not in the other case. This is actually a trick for propagating a value to an area. While the current code detects that and call memset in that case, it only does for 1-byte value. This trick can and is used for propagating two or more bytes to an area. In the softmmu case, the call to mvc_fast_memmove is correct as the above tests verify that source and destination are each within a page, and both in a different page. The part doing the move 8 bytes by 8 bytes is wrong and we need to check that if the source and destination overlap, they do with a distance of minimum 8 bytes before copying 8 bytes at a time. In the user code, we should check check that the destination is at a lower address than source or than the end of the source is at a lower address than the destination before calling memmove. In the opposite case we fallback to the same code as the softmmu one. Note that l represents (length - 1). Cc: Alexander Graf Cc: Richard Henderson Signed-off-by: Aurelien Jarno --- target-s390x/mem_helper.c | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) Reviewed-by: Richard Henderson r~
[Qemu-devel] [PULL 20/40] spapr_drc: initial implementation of sPAPRDRConnector device
From: Michael Roth This device emulates a firmware abstraction used by pSeries guests to manage hotplug/dynamic-reconfiguration of host-bridges, PCI devices, memory, and CPUs. It is conceptually similar to an SHPC device, complete with LED indicators to identify individual slots to physical physical users and indicate when it is safe to remove a device. In some cases it is also used to manage virtualized resources, such a memory, CPUs, and physical-host bridges, which in the case of pSeries guests are virtualized resources where the physical components are managed by the host. Guests communicate with these DR Connectors using RTAS calls, generally by addressing the unique DRC index associated with a particular connector for a particular resource. For introspection purposes we expose this state initially as QOM properties, and in subsequent patches will introduce the RTAS calls that make use of it. This constitutes to the 'guest' interface. On the QEMU side we provide an attach/detach interface to associate or cleanup a DeviceState with a particular sPAPRDRConnector in response to hotplug/unplug, respectively. This constitutes the 'physical' interface to the DR Connector. Signed-off-by: Michael Roth Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/Makefile.objs | 2 +- hw/ppc/spapr_drc.c | 588 + include/hw/ppc/spapr_drc.h | 199 +++ 3 files changed, 788 insertions(+), 1 deletion(-) create mode 100644 hw/ppc/spapr_drc.c create mode 100644 include/hw/ppc/spapr_drc.h diff --git a/hw/ppc/Makefile.objs b/hw/ppc/Makefile.objs index 437955d..c8ab06e 100644 --- a/hw/ppc/Makefile.objs +++ b/hw/ppc/Makefile.objs @@ -3,7 +3,7 @@ obj-y += ppc.o ppc_booke.o # IBM pSeries (sPAPR) obj-$(CONFIG_PSERIES) += spapr.o spapr_vio.o spapr_events.o obj-$(CONFIG_PSERIES) += spapr_hcall.o spapr_iommu.o spapr_rtas.o -obj-$(CONFIG_PSERIES) += spapr_pci.o spapr_rtc.o +obj-$(CONFIG_PSERIES) += spapr_pci.o spapr_rtc.o spapr_drc.o ifeq ($(CONFIG_PCI)$(CONFIG_PSERIES)$(CONFIG_LINUX), yyy) obj-y += spapr_pci_vfio.o endif diff --git a/hw/ppc/spapr_drc.c b/hw/ppc/spapr_drc.c new file mode 100644 index 000..047c6c7 --- /dev/null +++ b/hw/ppc/spapr_drc.c @@ -0,0 +1,588 @@ +/* + * QEMU SPAPR Dynamic Reconfiguration Connector Implementation + * + * Copyright IBM Corp. 2014 + * + * Authors: + * Michael Roth + * + * This work is licensed under the terms of the GNU GPL, version 2 or later. + * See the COPYING file in the top-level directory. + */ + +#include "hw/ppc/spapr_drc.h" +#include "qom/object.h" +#include "hw/qdev.h" +#include "qapi/visitor.h" +#include "qemu/error-report.h" + +/* #define DEBUG_SPAPR_DRC */ + +#ifdef DEBUG_SPAPR_DRC +#define DPRINTF(fmt, ...) \ +do { fprintf(stderr, fmt, ## __VA_ARGS__); } while (0) +#define DPRINTFN(fmt, ...) \ +do { DPRINTF(fmt, ## __VA_ARGS__); fprintf(stderr, "\n"); } while (0) +#else +#define DPRINTF(fmt, ...) \ +do { } while (0) +#define DPRINTFN(fmt, ...) \ +do { } while (0) +#endif + +#define DRC_CONTAINER_PATH "/dr-connector" +#define DRC_INDEX_TYPE_SHIFT 28 +#define DRC_INDEX_ID_MASK (~(~0 << DRC_INDEX_TYPE_SHIFT)) + +static sPAPRDRConnectorTypeShift get_type_shift(sPAPRDRConnectorType type) +{ +uint32_t shift = 0; + +/* make sure this isn't SPAPR_DR_CONNECTOR_TYPE_ANY, or some + * other wonky value. + */ +g_assert(is_power_of_2(type)); + +while (type != (1 << shift)) { +shift++; +} +return shift; +} + +static uint32_t get_index(sPAPRDRConnector *drc) +{ +/* no set format for a drc index: it only needs to be globally + * unique. this is how we encode the DRC type on bare-metal + * however, so might as well do that here + */ +return (get_type_shift(drc->type) << DRC_INDEX_TYPE_SHIFT) | +(drc->id & DRC_INDEX_ID_MASK); +} + +static int set_isolation_state(sPAPRDRConnector *drc, + sPAPRDRIsolationState state) +{ +sPAPRDRConnectorClass *drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc); + +DPRINTFN("drc: %x, set_isolation_state: %x", get_index(drc), state); + +drc->isolation_state = state; + +if (drc->isolation_state == SPAPR_DR_ISOLATION_STATE_ISOLATED) { +/* if we're awaiting release, but still in an unconfigured state, + * it's likely the guest is still in the process of configuring + * the device and is transitioning the devices to an ISOLATED + * state as a part of that process. so we only complete the + * removal when this transition happens for a device in a + * configured state, as suggested by the state diagram from + * PAPR+ 2.7, 13.4 + */ +if (drc->awaiting_release) { +if (drc->configured) { +DPRINTFN("finalizing device removal"); +drck->detach(drc, DEVICE(drc->dev), drc->detach_cb, +
Re: [Qemu-devel] [PULL 01/40] macio: Convert to realize()
On 3 June 2015 at 22:45, Alexander Graf wrote: > From: Markus Armbruster > > Alexander Graf writes: > >> On 09.03.15 19:30, Markus Armbruster wrote: >>> Alexander Graf writes: >>> On 27.02.15 13:43, Markus Armbruster wrote: > Convert device models "macio-oldworld" and "macio-newworld". > > Signed-off-by: Markus Armbruster > --- > Depends on my "[PATCH 00/10] pci: Partial conversion to realize", > which is in Michael's latest pull request. Can you please poke me again when it landed? >>> >>> Applies cleanly to master now (commit 277263e). >> >> Hrm, does not seem to apply cleanly now. How about we postpone this to >> 2.4? It's not really crucial for 2.3 and we're in hard freeze now. > > Sad (it's been on list for almost three weeks, most of the time waiting > for the PCI pull), but it's clearly your choice to make. > > git-am doesn't dare to apply the patch on list, but git-cherry-pick > applies the commit from which it was formatted without a peep. Result > appended, just in case you'd like to consider it. > > >From f366a9732b6790609cc89e0c9272899cfbbe4e02 Mon Sep 17 00:00:00 2001 > From: Markus Armbruster > Date: Tue, 20 Jan 2015 16:27:56 +0100 > Subject: [PATCH] macio: Convert to realize() > > Convert device models "macio-oldworld" and "macio-newworld". > > Signed-off-by: Markus Armbruster > Signed-off-by: Alexander Graf Pretty sure you don't want all this chatter in the git commit! Respin? -- PMM
[Qemu-devel] [PULL 32/40] spapr_pci: enable basic hotplug operations
From: Michael Roth This enables hotplug of PCI devices to a PHB. Upon hotplug we generate the OF-nodes required by PAPR specification and IEEE 1275-1994 "PCI Bus Binding to Open Firmware" for the device. We associate the corresponding FDT for these nodes with the DRC corresponding to the slot, which will be fetched via ibm,configure-connector RTAS calls by the guest as described by PAPR specification. Signed-off-by: Michael Roth Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_pci.c | 399 ++--- 1 file changed, 380 insertions(+), 19 deletions(-) diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c index c17e5f2..d2e4161 100644 --- a/hw/ppc/spapr_pci.c +++ b/hw/ppc/spapr_pci.c @@ -33,9 +33,11 @@ #include #include "trace.h" #include "qemu/error-report.h" +#include "qapi/qmp/qerror.h" #include "hw/pci/pci_bus.h" #include "hw/ppc/spapr_drc.h" +#include "sysemu/device_tree.h" /* Copied from the kernel arch/powerpc/platforms/pseries/msi.c */ #define RTAS_QUERY_FN 0 @@ -48,6 +50,14 @@ #define RTAS_TYPE_MSI 1 #define RTAS_TYPE_MSIX 2 +#define _FDT(exp) \ +do { \ +int ret = (exp); \ +if (ret < 0) { \ +return ret;\ +} \ +} while (0) + sPAPRPHBState *spapr_pci_find_phb(sPAPREnvironment *spapr, uint64_t buid) { sPAPRPHBState *sphb; @@ -732,6 +742,368 @@ static AddressSpace *spapr_pci_dma_iommu(PCIBus *bus, void *opaque, int devfn) return &phb->iommu_as; } +/* Macros to operate with address in OF binding to PCI */ +#define b_x(x, p, l)(((x) & ((1<<(l))-1)) << (p)) +#define b_n(x) b_x((x), 31, 1) /* 0 if relocatable */ +#define b_p(x) b_x((x), 30, 1) /* 1 if prefetchable */ +#define b_t(x) b_x((x), 29, 1) /* 1 if the address is aliased */ +#define b_ss(x) b_x((x), 24, 2) /* the space code */ +#define b_(x) b_x((x), 16, 8) /* bus number */ +#define b_d(x) b_x((x), 11, 5) /* device number */ +#define b_fff(x)b_x((x), 8, 3) /* function number */ +#define b_(x) b_x((x), 0, 8) /* register number */ + +/* for 'reg'/'assigned-addresses' OF properties */ +#define RESOURCE_CELLS_SIZE 2 +#define RESOURCE_CELLS_ADDRESS 3 + +typedef struct ResourceFields { +uint32_t phys_hi; +uint32_t phys_mid; +uint32_t phys_lo; +uint32_t size_hi; +uint32_t size_lo; +} QEMU_PACKED ResourceFields; + +typedef struct ResourceProps { +ResourceFields reg[8]; +ResourceFields assigned[7]; +uint32_t reg_len; +uint32_t assigned_len; +} ResourceProps; + +/* fill in the 'reg'/'assigned-resources' OF properties for + * a PCI device. 'reg' describes resource requirements for a + * device's IO/MEM regions, 'assigned-addresses' describes the + * actual resource assignments. + * + * the properties are arrays of ('phys-addr', 'size') pairs describing + * the addressable regions of the PCI device, where 'phys-addr' is a + * RESOURCE_CELLS_ADDRESS-tuple of 32-bit integers corresponding to + * (phys.hi, phys.mid, phys.lo), and 'size' is a + * RESOURCE_CELLS_SIZE-tuple corresponding to (size.hi, size.lo). + * + * phys.hi = 0xYYZZ, where: + * 0xYY = npt000ss + * ||| | + * ||| +-- space code: 1 if IO region, 2 if MEM region + * ||+-- for non-relocatable IO: 1 if aliased + * ||for relocatable IO: 1 if below 64KB + * ||for MEM: 1 if below 1MB + * |+--- 1 if region is prefetchable + * + 1 if region is non-relocatable + * 0x = dfff, encoding bus, slot, and function + *bits respectively + * 0xZZ = , the register number of the BAR corresponding + * to the region + * + * phys.mid and phys.lo correspond respectively to the hi/lo portions + * of the actual address of the region. + * + * how the phys-addr/size values are used differ slightly between + * 'reg' and 'assigned-addresses' properties. namely, 'reg' has + * an additional description for the config space region of the + * device, and in the case of QEMU has n=0 and phys.mid=phys.lo=0 + * to describe the region as relocatable, with an address-mapping + * that corresponds directly to the PHB's address space for the + * resource. 'assigned-addresses' always has n=1 set with an absolute + * address assigned for the resource. in general, 'assigned-addresses' + * won't be populated, since addresses for PCI devices are generally + * unmapped initially and left to the guest to assign. + * + * note also that addresses defined in these properties are, at least + * for PAPR guests, relative to the PHBs IO/MEM windows, and + * correspond directly to the addresses in the BARs
[Qemu-devel] [PULL 26/40] spapr_events: re-use EPOW event infrastructure for hotplug events
From: Nathan Fontenot This extends the data structures currently used to report EPOW events to guests via the check-exception RTAS interfaces to also include event types for hotplug/unplug events. This is currently undocumented and being finalized for inclusion in PAPR specification, but we implement this here as an extension for guest userspace tools to implement (existing guest kernels simply log these events via a sysfs interface that's read by rtas_errd, and current versions of rtas_errd/powerpc-utils already support the use of this mechanism for initiating hotplug operations). We also add support for queues of pending RTAS events, since in the case of hotplug there's chance for multiple events being in-flight at any point in time. Signed-off-by: Nathan Fontenot Signed-off-by: Michael Roth Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr.c | 3 +- hw/ppc/spapr_events.c | 287 - include/hw/ppc/spapr.h | 14 ++- 3 files changed, 252 insertions(+), 52 deletions(-) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 7323efd..15eebb4 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -1660,7 +1660,8 @@ static void ppc_spapr_init(MachineState *machine) /* Prepare the device tree */ spapr->fdt_skel = spapr_create_fdt_skel(initrd_base, initrd_size, kernel_size, kernel_le, -kernel_cmdline, spapr->epow_irq); +kernel_cmdline, +spapr->check_exception_irq); assert(spapr->fdt_skel != NULL); /* used by RTAS */ diff --git a/hw/ppc/spapr_events.c b/hw/ppc/spapr_events.c index 283e96b..c634a3b 100644 --- a/hw/ppc/spapr_events.c +++ b/hw/ppc/spapr_events.c @@ -32,6 +32,9 @@ #include "hw/ppc/spapr.h" #include "hw/ppc/spapr_vio.h" +#include "hw/pci/pci.h" +#include "hw/pci-host/spapr.h" +#include "hw/ppc/spapr_drc.h" #include @@ -77,6 +80,7 @@ struct rtas_error_log { #define RTAS_LOG_TYPE_ECC_UNCORR 0x0009 #define RTAS_LOG_TYPE_ECC_CORR0x000a #define RTAS_LOG_TYPE_EPOW0x0040 +#define RTAS_LOG_TYPE_HOTPLUG 0x00e5 uint32_t extended_length; } QEMU_PACKED; @@ -166,6 +170,38 @@ struct epow_log_full { struct rtas_event_log_v6_epow epow; } QEMU_PACKED; +struct rtas_event_log_v6_hp { +#define RTAS_LOG_V6_SECTION_ID_HOTPLUG 0x4850 /* HP */ +struct rtas_event_log_v6_section_header hdr; +uint8_t hotplug_type; +#define RTAS_LOG_V6_HP_TYPE_CPU 1 +#define RTAS_LOG_V6_HP_TYPE_MEMORY 2 +#define RTAS_LOG_V6_HP_TYPE_SLOT 3 +#define RTAS_LOG_V6_HP_TYPE_PHB 4 +#define RTAS_LOG_V6_HP_TYPE_PCI 5 +uint8_t hotplug_action; +#define RTAS_LOG_V6_HP_ACTION_ADD1 +#define RTAS_LOG_V6_HP_ACTION_REMOVE 2 +uint8_t hotplug_identifier; +#define RTAS_LOG_V6_HP_ID_DRC_NAME 1 +#define RTAS_LOG_V6_HP_ID_DRC_INDEX 2 +#define RTAS_LOG_V6_HP_ID_DRC_COUNT 3 +uint8_t reserved; +union { +uint32_t index; +uint32_t count; +char name[1]; +} drc; +} QEMU_PACKED; + +struct hp_log_full { +struct rtas_error_log hdr; +struct rtas_event_log_v6 v6hdr; +struct rtas_event_log_v6_maina maina; +struct rtas_event_log_v6_mainb mainb; +struct rtas_event_log_v6_hp hp; +} QEMU_PACKED; + #define EVENT_MASK_INTERNAL_ERRORS 0x8000 #define EVENT_MASK_EPOW 0x4000 #define EVENT_MASK_HOTPLUG 0x1000 @@ -181,67 +217,95 @@ struct epow_log_full { } \ } while (0) -void spapr_events_fdt_skel(void *fdt, uint32_t epow_irq) +void spapr_events_fdt_skel(void *fdt, uint32_t check_exception_irq) { -uint32_t epow_irq_ranges[] = {cpu_to_be32(epow_irq), cpu_to_be32(1)}; -uint32_t epow_interrupts[] = {cpu_to_be32(epow_irq), 0}; +uint32_t irq_ranges[] = {cpu_to_be32(check_exception_irq), cpu_to_be32(1)}; +uint32_t interrupts[] = {cpu_to_be32(check_exception_irq), 0}; _FDT((fdt_begin_node(fdt, "event-sources"))); _FDT((fdt_property(fdt, "interrupt-controller", NULL, 0))); _FDT((fdt_property_cell(fdt, "#interrupt-cells", 2))); _FDT((fdt_property(fdt, "interrupt-ranges", - epow_irq_ranges, sizeof(epow_irq_ranges; + irq_ranges, sizeof(irq_ranges; _FDT((fdt_begin_node(fdt, "epow-events"))); -_FDT((fdt_property(fdt, "interrupts", - epow_interrupts, sizeof(epow_interrupts; +_FDT((fdt_property(fdt, "interrupts",
[Qemu-devel] [PULL 19/40] docs: add sPAPR hotplug/dynamic-reconfiguration documentation
From: Michael Roth This adds a general overview of hotplug/dynamic-reconfiguration for sPAPR/pSeries guest. As specified in PAPR+ v2.7. Signed-off-by: Michael Roth Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- docs/specs/ppc-spapr-hotplug.txt | 287 +++ 1 file changed, 287 insertions(+) create mode 100644 docs/specs/ppc-spapr-hotplug.txt diff --git a/docs/specs/ppc-spapr-hotplug.txt b/docs/specs/ppc-spapr-hotplug.txt new file mode 100644 index 000..d35771c --- /dev/null +++ b/docs/specs/ppc-spapr-hotplug.txt @@ -0,0 +1,287 @@ += sPAPR Dynamic Reconfiguration = + +sPAPR/"pseries" guests make use of a facility called dynamic-reconfiguration +to handle hotplugging of dynamic "physical" resources like PCI cards, or +"logical"/paravirtual resources like memory, CPUs, and "physical" +host-bridges, which are generally managed by the host/hypervisor and provided +to guests as virtualized resources. The specifics of dynamic-reconfiguration +are documented extensively in PAPR+ v2.7, Section 13.1. This document +provides a summary of that information as it applies to the implementation +within QEMU. + +== Dynamic-reconfiguration Connectors == + +To manage hotplug/unplug of these resources, a firmware abstraction known as +a Dynamic Resource Connector (DRC) is used to assign a particular dynamic +resource to the guest, and provide an interface for the guest to manage +configuration/removal of the resource associated with it. + +== Device-tree description of DRCs == + +A set of 4 Open Firmware device tree array properties are used to describe +the name/index/power-domain/type of each DRC allocated to a guest at +boot-time. There may be multiple sets of these arrays, rooted at different +paths in the device tree depending on the type of resource the DRCs manage. + +In some cases, the DRCs themselves may be provided by a dynamic resource, +such as the DRCs managing PCI slots on a hotplugged PHB. In this case the +arrays would be fetched as part of the device tree retrieval interfaces +for hotplugged resources described under "Guest->Host interface". + +The array properties are described below. Each entry/element in an array +describes the DRC identified by the element in the corresponding position +of ibm,drc-indexes: + +ibm,drc-names: + first 4-bytes: BE-encoded integer denoting the number of entries + each entry: a NULL-terminated string encoded as a byte array + + values for logical/virtual resources are defined in PAPR+ v2.7, + Section 13.5.2.4, and basically consist of the type of the resource + followed by a space and a numerical value that's unique across resources + of that type. + + values for "physical" resources such as PCI or VIO devices are + defined as being "location codes", which are the "location labels" of + each encapsulating device, starting from the chassis down to the + individual slot for the device, concatenated by a hyphen. This provides + a mapping of resources to a physical location in a chassis for debugging + purposes. For QEMU, this mapping is less important, so we assign a + location code that conforms to naming specifications, but is simply a + location label for the slot by itself to simplify the implementation. + The naming convention for location labels is documented in detail in + PAPR+ v2.7, Section 12.3.1.5, and in our case amounts to using "C" + for PCI/VIO device slots, where is unique across all PCI/VIO + device slots. + +ibm,drc-indexes: + first 4-bytes: BE-encoded integer denoting the number of entries + each 4-byte entry: BE-encoded integer that is unique across all DRCs +in the machine + + is arbitrary, but in the case of QEMU we try to maintain the + convention used to assign them to pSeries guests on pHyp: + +bit[31:28]: integer encoding of , where is: + 1 for CPU resource + 2 for PHB resource + 3 for VIO resource + 4 for PCI resource + 8 for Memory resource +bit[27:0]: integer encoding of , where is unique across + all resources of specified type + +ibm,drc-power-domains: + first 4-bytes: BE-encoded integer denoting the number of entries + each 4-byte entry: 32-bit, BE-encoded integer that specifies the +power domain the resource will be assigned to. In the case of QEMU +we associated all resources with a "live insertion" domain, where the +power is assumed to be managed automatically. The integer value for +this domain is a special value of -1. + + +ibm,drc-types: + first 4-bytes: BE-encoded integer denoting the number of entries + each entry: a NULL-terminated string encoded as a byte array + + is assigned as follows: +"CPU" for a CPU +"PHB" for a physical host-bridge +"SLOT" for a VIO slot +"28" for a PCI slot +"MEM" for memory resource + +== Guest->Host interface to manage dynamic resources == +
[Qemu-devel] [PULL 40/40] softmmu: support up to 12 MMU modes
From: Paolo Bonzini At 8k per TLB (for 64-bit host or target), 8 or more modes make the TLBs bigger than 64k, and some RISC TCG backends do not like that. On the affected hosts, cut the TLB size in half---there is still a measurable speedup on PPC with the next patch. Signed-off-by: Paolo Bonzini Message-Id: <1424436345-37924-3-git-send-email-pbonz...@redhat.com> Reviewed-by: Richard Henderson Signed-off-by: Alexander Graf --- include/exec/cpu-defs.h | 35 +++- include/exec/cpu_ldst.h | 104 +--- 2 files changed, 131 insertions(+), 8 deletions(-) diff --git a/include/exec/cpu-defs.h b/include/exec/cpu-defs.h index 3f56546..d5aecaf 100644 --- a/include/exec/cpu-defs.h +++ b/include/exec/cpu-defs.h @@ -27,6 +27,7 @@ #include #include "qemu/osdep.h" #include "qemu/queue.h" +#include "tcg-target.h" #ifndef CONFIG_USER_ONLY #include "exec/hwaddr.h" #endif @@ -70,8 +71,6 @@ typedef uint64_t target_ulong; #define TB_JMP_PAGE_MASK (TB_JMP_CACHE_SIZE - TB_JMP_PAGE_SIZE) #if !defined(CONFIG_USER_ONLY) -#define CPU_TLB_BITS 8 -#define CPU_TLB_SIZE (1 << CPU_TLB_BITS) /* use a fully associative victim tlb of 8 entries */ #define CPU_VTLB_SIZE 8 @@ -81,6 +80,38 @@ typedef uint64_t target_ulong; #define CPU_TLB_ENTRY_BITS 5 #endif +/* TCG_TARGET_TLB_DISPLACEMENT_BITS is used in CPU_TLB_BITS to ensure that + * the TLB is not unnecessarily small, but still small enough for the + * TLB lookup instruction sequence used by the TCG target. + * + * TCG will have to generate an operand as large as the distance between + * env and the tlb_table[NB_MMU_MODES - 1][0].addend. For simplicity, + * the TCG targets just round everything up to the next power of two, and + * count bits. This works because: 1) the size of each TLB is a largish + * power of two, 2) and because the limit of the displacement is really close + * to a power of two, 3) the offset of tlb_table[0][0] inside env is smaller + * than the size of a TLB. + * + * For example, the maximum displacement 0xFFF0 on PPC and MIPS, but TCG + * just says "the displacement is 16 bits". TCG_TARGET_TLB_DISPLACEMENT_BITS + * then ensures that tlb_table at least 0x8000 bytes large ("not unnecessarily + * small": 2^15). The operand then will come up smaller than 0xFFF0 without + * any particular care, because the TLB for a single MMU mode is larger than + * 0x1-0xFFF0=16 bytes. In the end, the maximum value of the operand + * could be something like 0xC000 (the offset of the last TLB table) plus + * 0x18 (the offset of the addend field in each TLB entry) plus the offset + * of tlb_table inside env (which is non-trivial but not huge). + */ +#define CPU_TLB_BITS \ +MIN(8, \ +TCG_TARGET_TLB_DISPLACEMENT_BITS - CPU_TLB_ENTRY_BITS - \ +(NB_MMU_MODES <= 1 ? 0 : \ + NB_MMU_MODES <= 2 ? 1 : \ + NB_MMU_MODES <= 4 ? 2 : \ + NB_MMU_MODES <= 8 ? 3 : 4)) + +#define CPU_TLB_SIZE (1 << CPU_TLB_BITS) + typedef struct CPUTLBEntry { /* bit TARGET_LONG_BITS to TARGET_PAGE_BITS : virtual address bit TARGET_PAGE_BITS-1..4 : Nonzero for accesses that should not diff --git a/include/exec/cpu_ldst.h b/include/exec/cpu_ldst.h index 1673287..0ec398c 100644 --- a/include/exec/cpu_ldst.h +++ b/include/exec/cpu_ldst.h @@ -263,12 +263,104 @@ uint64_t helper_ldq_cmmu(CPUArchState *env, target_ulong addr, int mmu_idx); #undef MEMSUFFIX #endif /* (NB_MMU_MODES >= 7) */ -#if (NB_MMU_MODES > 7) -/* Note that supporting NB_MMU_MODES == 9 would require - * changes to at least the ARM TCG backend. - */ -#error "NB_MMU_MODES > 7 is not supported for now" -#endif /* (NB_MMU_MODES > 7) */ +#if (NB_MMU_MODES >= 8) && defined(MMU_MODE7_SUFFIX) + +#define CPU_MMU_INDEX 7 +#define MEMSUFFIX MMU_MODE7_SUFFIX +#define DATA_SIZE 1 +#include "exec/cpu_ldst_template.h" + +#define DATA_SIZE 2 +#include "exec/cpu_ldst_template.h" + +#define DATA_SIZE 4 +#include "exec/cpu_ldst_template.h" + +#define DATA_SIZE 8 +#include "exec/cpu_ldst_template.h" +#undef CPU_MMU_INDEX +#undef MEMSUFFIX +#endif /* (NB_MMU_MODES >= 8) */ + +#if (NB_MMU_MODES >= 9) && defined(MMU_MODE8_SUFFIX) + +#define CPU_MMU_INDEX 8 +#define MEMSUFFIX MMU_MODE8_SUFFIX +#define DATA_SIZE 1 +#include "exec/cpu_ldst_template.h" + +#define DATA_SIZE 2 +#include "exec/cpu_ldst_template.h" + +#define DATA_SIZE 4 +#include "exec/cpu_ldst_template.h" + +#define DATA_SIZE 8 +#include "exec/cpu_ldst_template.h" +#undef CPU_MMU_INDEX +#undef MEMSUFFIX +#endif /* (NB_MMU_MODES >= 9) */ + +#if (NB_MMU_MODES >= 10) && defined(MMU_MODE9_SUFFIX) + +#define CPU_MMU_INDEX 9 +#define MEMSUFFIX MMU_MODE9_SUFFIX +#define DATA_SIZE 1 +#include "exec/cpu_ldst_template.h" + +#define DATA_SIZE 2 +#include "exec/cpu_ldst_template.h" + +#define D
[Qemu-devel] [PULL 39/40] tcg: add TCG_TARGET_TLB_DISPLACEMENT_BITS
From: Paolo Bonzini This will be used to size the TLB when more than 8 MMU modes are used by the target. Limitations come from the limited size of the immediate fields (which sometimes, as in the case of Aarch64, extend to instructions that shift the immediate). Signed-off-by: Paolo Bonzini Message-Id: <1424436345-37924-2-git-send-email-pbonz...@redhat.com> Reviewed-by: Richard Henderson Signed-off-by: Alexander Graf --- tcg/aarch64/tcg-target.h | 1 + tcg/arm/tcg-target.h | 1 + tcg/i386/tcg-target.h| 1 + tcg/ia64/tcg-target.h| 2 ++ tcg/mips/tcg-target.h| 1 + tcg/ppc/tcg-target.h | 1 + tcg/s390/tcg-target.h| 1 + tcg/sparc/tcg-target.h | 1 + tcg/tci/tcg-target.h | 1 + 9 files changed, 10 insertions(+) diff --git a/tcg/aarch64/tcg-target.h b/tcg/aarch64/tcg-target.h index 60c7493..8aec04d 100644 --- a/tcg/aarch64/tcg-target.h +++ b/tcg/aarch64/tcg-target.h @@ -14,6 +14,7 @@ #define TCG_TARGET_AARCH64 1 #define TCG_TARGET_INSN_UNIT_SIZE 4 +#define TCG_TARGET_TLB_DISPLACEMENT_BITS 24 #undef TCG_TARGET_STACK_GROWSUP typedef enum { diff --git a/tcg/arm/tcg-target.h b/tcg/arm/tcg-target.h index 1c719e2..6559f80 100644 --- a/tcg/arm/tcg-target.h +++ b/tcg/arm/tcg-target.h @@ -27,6 +27,7 @@ #undef TCG_TARGET_STACK_GROWSUP #define TCG_TARGET_INSN_UNIT_SIZE 4 +#define TCG_TARGET_TLB_DISPLACEMENT_BITS 16 typedef enum { TCG_REG_R0 = 0, diff --git a/tcg/i386/tcg-target.h b/tcg/i386/tcg-target.h index 7a9980e..25b5133 100644 --- a/tcg/i386/tcg-target.h +++ b/tcg/i386/tcg-target.h @@ -25,6 +25,7 @@ #define TCG_TARGET_I386 1 #define TCG_TARGET_INSN_UNIT_SIZE 1 +#define TCG_TARGET_TLB_DISPLACEMENT_BITS 31 #ifdef __x86_64__ # define TCG_TARGET_REG_BITS 64 diff --git a/tcg/ia64/tcg-target.h b/tcg/ia64/tcg-target.h index d675589..a04ed81 100644 --- a/tcg/ia64/tcg-target.h +++ b/tcg/ia64/tcg-target.h @@ -26,6 +26,8 @@ #define TCG_TARGET_IA64 1 #define TCG_TARGET_INSN_UNIT_SIZE 16 +#define TCG_TARGET_TLB_DISPLACEMENT_BITS 21 + typedef struct { uint64_t lo __attribute__((aligned(16))); uint64_t hi; diff --git a/tcg/mips/tcg-target.h b/tcg/mips/tcg-target.h index c88a1c9..f5ba52c 100644 --- a/tcg/mips/tcg-target.h +++ b/tcg/mips/tcg-target.h @@ -27,6 +27,7 @@ #define TCG_TARGET_MIPS 1 #define TCG_TARGET_INSN_UNIT_SIZE 4 +#define TCG_TARGET_TLB_DISPLACEMENT_BITS 16 #define TCG_TARGET_NB_REGS 32 typedef enum { diff --git a/tcg/ppc/tcg-target.h b/tcg/ppc/tcg-target.h index 32ac442..7ce7048 100644 --- a/tcg/ppc/tcg-target.h +++ b/tcg/ppc/tcg-target.h @@ -32,6 +32,7 @@ #define TCG_TARGET_NB_REGS 32 #define TCG_TARGET_INSN_UNIT_SIZE 4 +#define TCG_TARGET_TLB_DISPLACEMENT_BITS 16 typedef enum { TCG_REG_R0, TCG_REG_R1, TCG_REG_R2, TCG_REG_R3, diff --git a/tcg/s390/tcg-target.h b/tcg/s390/tcg-target.h index 5acc28c..91576d5 100644 --- a/tcg/s390/tcg-target.h +++ b/tcg/s390/tcg-target.h @@ -25,6 +25,7 @@ #define TCG_TARGET_S390 1 #define TCG_TARGET_INSN_UNIT_SIZE 2 +#define TCG_TARGET_TLB_DISPLACEMENT_BITS 19 typedef enum TCGReg { TCG_REG_R0 = 0, diff --git a/tcg/sparc/tcg-target.h b/tcg/sparc/tcg-target.h index 0c4c8af..f584de4 100644 --- a/tcg/sparc/tcg-target.h +++ b/tcg/sparc/tcg-target.h @@ -27,6 +27,7 @@ #define TCG_TARGET_REG_BITS 64 #define TCG_TARGET_INSN_UNIT_SIZE 4 +#define TCG_TARGET_TLB_DISPLACEMENT_BITS 32 #define TCG_TARGET_NB_REGS 32 typedef enum { diff --git a/tcg/tci/tcg-target.h b/tcg/tci/tcg-target.h index 662d45c..cbf3f9b 100644 --- a/tcg/tci/tcg-target.h +++ b/tcg/tci/tcg-target.h @@ -44,6 +44,7 @@ #define TCG_TARGET_INTERPRETER 1 #define TCG_TARGET_INSN_UNIT_SIZE 1 +#define TCG_TARGET_TLB_DISPLACEMENT_BITS 32 #if UINTPTR_MAX == UINT32_MAX # define TCG_TARGET_REG_BITS 32 -- 1.8.1.4
Re: [Qemu-devel] [PULL 01/40] macio: Convert to realize()
On 03.06.15 23:53, Peter Maydell wrote: > On 3 June 2015 at 22:45, Alexander Graf wrote: >> From: Markus Armbruster >> >> Alexander Graf writes: >> >>> On 09.03.15 19:30, Markus Armbruster wrote: Alexander Graf writes: > On 27.02.15 13:43, Markus Armbruster wrote: >> Convert device models "macio-oldworld" and "macio-newworld". >> >> Signed-off-by: Markus Armbruster >> --- >> Depends on my "[PATCH 00/10] pci: Partial conversion to realize", >> which is in Michael's latest pull request. > > Can you please poke me again when it landed? Applies cleanly to master now (commit 277263e). >>> >>> Hrm, does not seem to apply cleanly now. How about we postpone this to >>> 2.4? It's not really crucial for 2.3 and we're in hard freeze now. >> >> Sad (it's been on list for almost three weeks, most of the time waiting >> for the PCI pull), but it's clearly your choice to make. >> >> git-am doesn't dare to apply the patch on list, but git-cherry-pick >> applies the commit from which it was formatted without a peep. Result >> appended, just in case you'd like to consider it. >> >> >From f366a9732b6790609cc89e0c9272899cfbbe4e02 Mon Sep 17 00:00:00 2001 >> From: Markus Armbruster >> Date: Tue, 20 Jan 2015 16:27:56 +0100 >> Subject: [PATCH] macio: Convert to realize() >> >> Convert device models "macio-oldworld" and "macio-newworld". >> >> Signed-off-by: Markus Armbruster >> Signed-off-by: Alexander Graf > > > Pretty sure you don't want all this chatter in the git commit! > Respin? Bleks. Please just refetch the same tag. I've removed the superfluous bits from the commit log. The following changes since commit 3fc827d591679f3e262b9d1f8b34528eabfca8c0: target-arm: Correct check for non-EL3 (2015-06-02 13:22:29 +0100) are available in the git repository at: git://github.com/agraf/qemu.git tags/signed-ppc-for-upstream for you to fetch changes up to 1de29aef17a7d70dbc04a7fe51e18942e3ebe313: softmmu: support up to 12 MMU modes (2015-06-03 23:56:56 +0200) Alex
[Qemu-devel] [PULL 27/40] spapr_events: event-scan RTAS interface
From: Tyrel Datwyler We don't actually rely on this interface to surface hotplug events, and instead rely on the similar-but-interrupt-driven check-exception RTAS interface used for EPOW events. However, the existence of this interface is needed to ensure guest kernels initialize the event-reporting interfaces which will in turn be used by userspace tools to handle these events, so we implement this interface here. Since events surfaced by this call are mutually exclusive to those surfaced via check-exception, we also update the RTAS event queue code to accept a boolean to mark/filter for events accordingly. Events of this sort are not currently generated by QEMU, but the interface has been tested by surfacing hotplug events via event-scan in place of check-exception. Signed-off-by: Tyrel Datwyler Signed-off-by: Michael Roth Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr.c | 2 ++ hw/ppc/spapr_events.c | 65 -- include/hw/ppc/spapr.h | 3 +++ 3 files changed, 63 insertions(+), 7 deletions(-) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 15eebb4..b0b9f81 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -533,6 +533,8 @@ static void *spapr_create_fdt_skel(hwaddr initrd_base, refpoints, sizeof(refpoints; _FDT((fdt_property_cell(fdt, "rtas-error-log-max", RTAS_ERROR_LOG_MAX))); +_FDT((fdt_property_cell(fdt, "rtas-event-scan-rate", +RTAS_EVENT_SCAN_RATE))); /* * According to PAPR, rtas ibm,os-term does not guarantee a return diff --git a/hw/ppc/spapr_events.c b/hw/ppc/spapr_events.c index c634a3b..fda9e35 100644 --- a/hw/ppc/spapr_events.c +++ b/hw/ppc/spapr_events.c @@ -236,17 +236,19 @@ void spapr_events_fdt_skel(void *fdt, uint32_t check_exception_irq) _FDT((fdt_end_node(fdt))); } -static void rtas_event_log_queue(int log_type, void *data) +static void rtas_event_log_queue(int log_type, void *data, bool exception) { sPAPREventLogEntry *entry = g_new(sPAPREventLogEntry, 1); g_assert(data); entry->log_type = log_type; +entry->exception = exception; entry->data = data; QTAILQ_INSERT_TAIL(&spapr->pending_events, entry, next); } -static sPAPREventLogEntry *rtas_event_log_dequeue(uint32_t event_mask) +static sPAPREventLogEntry *rtas_event_log_dequeue(uint32_t event_mask, + bool exception) { sPAPREventLogEntry *entry = NULL; @@ -256,6 +258,10 @@ static sPAPREventLogEntry *rtas_event_log_dequeue(uint32_t event_mask) } QTAILQ_FOREACH(entry, &spapr->pending_events, next) { +if (entry->exception != exception) { +continue; +} + /* EPOW and hotplug events are surfaced in the same manner */ if (entry->log_type == RTAS_LOG_TYPE_EPOW || entry->log_type == RTAS_LOG_TYPE_HOTPLUG) { @@ -270,7 +276,7 @@ static sPAPREventLogEntry *rtas_event_log_dequeue(uint32_t event_mask) return entry; } -static bool rtas_event_log_contains(uint32_t event_mask) +static bool rtas_event_log_contains(uint32_t event_mask, bool exception) { sPAPREventLogEntry *entry = NULL; @@ -280,6 +286,10 @@ static bool rtas_event_log_contains(uint32_t event_mask) } QTAILQ_FOREACH(entry, &spapr->pending_events, next) { +if (entry->exception != exception) { +continue; +} + /* EPOW and hotplug events are surfaced in the same manner */ if (entry->log_type == RTAS_LOG_TYPE_EPOW || entry->log_type == RTAS_LOG_TYPE_HOTPLUG) { @@ -367,7 +377,7 @@ static void spapr_powerdown_req(Notifier *n, void *opaque) epow->event_modifier = RTAS_LOG_V6_EPOW_MODIFIER_NORMAL; epow->extended_modifier = RTAS_LOG_V6_EPOW_XMODIFIER_PARTITION_SPECIFIC; -rtas_event_log_queue(RTAS_LOG_TYPE_EPOW, new_epow); +rtas_event_log_queue(RTAS_LOG_TYPE_EPOW, new_epow, true); qemu_irq_pulse(xics_get_qirq(spapr->icp, spapr->check_exception_irq)); } @@ -428,7 +438,7 @@ static void spapr_hotplug_req_event(sPAPRDRConnector *drc, uint8_t hp_action) return; } -rtas_event_log_queue(RTAS_LOG_TYPE_HOTPLUG, new_hp); +rtas_event_log_queue(RTAS_LOG_TYPE_HOTPLUG, new_hp, true); qemu_irq_pulse(xics_get_qirq(spapr->icp, spapr->check_exception_irq)); } @@ -466,7 +476,7 @@ static void check_exception(PowerPCCPU *cpu, sPAPREnvironment *spapr, xinfo |= (uint64_t)rtas_ld(args, 6) << 32; } -event = rtas_event_log_dequeue(mask); +event = rtas_event_log_dequeue(mask, true); if (!event) { goto out_no_events; } @@ -488,7 +498,7 @@ static void check_exception(PowerPCCPU *cpu, sPAPREnvironment *spapr, * do the latter here, since our code relies on edge-triggered * interrupts. */ -if (rtas_event_log_contains(mask)) { +if (rtas_event_log_contains(mask,
[Qemu-devel] [PULL 21/40] spapr_rtas: add get/set-power-level RTAS interfaces
From: Nathan Fontenot These interfaces manage the power domains that guest devices are assigned to and are used to power on/off devices. Currently we only utilize 1 power domain, the 'live-insertion' domain, which automates power management of plugged/unplugged devices, essentially making these calls no-ops, but the RTAS interfaces are still required by guest hotplug code and PAPR+. See docs/specs/ppc-spapr-hotplug.txt for a complete description of these interfaces. Signed-off-by: Nathan Fontenot Signed-off-by: Michael Roth Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_rtas.c | 54 + 1 file changed, 54 insertions(+) diff --git a/hw/ppc/spapr_rtas.c b/hw/ppc/spapr_rtas.c index 0f1ae55..d7694cd 100644 --- a/hw/ppc/spapr_rtas.c +++ b/hw/ppc/spapr_rtas.c @@ -245,6 +245,56 @@ static void rtas_ibm_os_term(PowerPCCPU *cpu, rtas_st(rets, 0, ret); } +static void rtas_set_power_level(PowerPCCPU *cpu, sPAPREnvironment *spapr, + uint32_t token, uint32_t nargs, + target_ulong args, uint32_t nret, + target_ulong rets) +{ +int32_t power_domain; + +if (nargs != 2 || nret != 2) { +rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); +return; +} + +/* we currently only use a single, "live insert" powerdomain for + * hotplugged/dlpar'd resources, so the power is always live/full (100) + */ +power_domain = rtas_ld(args, 0); +if (power_domain != -1) { +rtas_st(rets, 0, RTAS_OUT_NOT_SUPPORTED); +return; +} + +rtas_st(rets, 0, RTAS_OUT_SUCCESS); +rtas_st(rets, 1, 100); +} + +static void rtas_get_power_level(PowerPCCPU *cpu, sPAPREnvironment *spapr, + uint32_t token, uint32_t nargs, + target_ulong args, uint32_t nret, + target_ulong rets) +{ +int32_t power_domain; + +if (nargs != 1 || nret != 2) { +rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); +return; +} + +/* we currently only use a single, "live insert" powerdomain for + * hotplugged/dlpar'd resources, so the power is always live/full (100) + */ +power_domain = rtas_ld(args, 0); +if (power_domain != -1) { +rtas_st(rets, 0, RTAS_OUT_NOT_SUPPORTED); +return; +} + +rtas_st(rets, 0, RTAS_OUT_SUCCESS); +rtas_st(rets, 1, 100); +} + static struct rtas_call { const char *name; spapr_rtas_fn fn; @@ -370,6 +420,10 @@ static void core_rtas_register_types(void) rtas_ibm_set_system_parameter); spapr_rtas_register(RTAS_IBM_OS_TERM, "ibm,os-term", rtas_ibm_os_term); +spapr_rtas_register(RTAS_SET_POWER_LEVEL, "set-power-level", +rtas_set_power_level); +spapr_rtas_register(RTAS_GET_POWER_LEVEL, "get-power-level", +rtas_get_power_level); } type_init(core_rtas_register_types) -- 1.8.1.4
[Qemu-devel] [PULL 29/40] spapr_pci: add dynamic-reconfiguration option for spapr-pci-host-bridge
From: Michael Roth This option enables/disables PCI hotplug for a particular PHB. Also add machine compatibility code to disable it by default for machine types prior to pseries-2.4. Signed-off-by: Michael Roth Reviewed-by: David Gibson Signed-off-by: David Gibson [agraf: move commas for compat fields] Signed-off-by: Alexander Graf --- hw/ppc/spapr.c | 9 +++-- hw/ppc/spapr_pci.c | 2 ++ include/hw/pci-host/spapr.h | 1 + 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index b0b9f81..8a21f1d 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -1823,7 +1823,12 @@ static const TypeInfo spapr_machine_info = { }; #define SPAPR_COMPAT_2_3 \ -HW_COMPAT_2_3 +HW_COMPAT_2_3 \ +{\ +.driver = "spapr-pci-host-bridge",\ +.property = "dynamic-reconfiguration",\ +.value= "off",\ +}, #define SPAPR_COMPAT_2_2 \ SPAPR_COMPAT_2_3 \ @@ -1913,7 +1918,7 @@ static const TypeInfo spapr_machine_2_2_info = { static void spapr_machine_2_3_class_init(ObjectClass *oc, void *data) { static GlobalProperty compat_props[] = { -/* SPAPR_COMPAT_2_3, */ +SPAPR_COMPAT_2_3 { /* end of list */ } }; MachineClass *mc = MACHINE_CLASS(oc); diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c index 52c5c73..a2dcc6a 100644 --- a/hw/ppc/spapr_pci.c +++ b/hw/ppc/spapr_pci.c @@ -936,6 +936,8 @@ static Property spapr_phb_properties[] = { DEFINE_PROP_UINT64("io_win_addr", sPAPRPHBState, io_win_addr, -1), DEFINE_PROP_UINT64("io_win_size", sPAPRPHBState, io_win_size, SPAPR_PCI_IO_WIN_SIZE), +DEFINE_PROP_BOOL("dynamic-reconfiguration", sPAPRPHBState, dr_enabled, + true), DEFINE_PROP_END_OF_LIST(), }; diff --git a/include/hw/pci-host/spapr.h b/include/hw/pci-host/spapr.h index 5b497ce..9dca388 100644 --- a/include/hw/pci-host/spapr.h +++ b/include/hw/pci-host/spapr.h @@ -71,6 +71,7 @@ struct sPAPRPHBState { uint32_t index; uint64_t buid; char *dtbusname; +bool dr_enabled; MemoryRegion memspace, iospace; hwaddr mem_win_addr, mem_win_size, io_win_addr, io_win_size; -- 1.8.1.4
[Qemu-devel] [PULL 22/40] spapr_rtas: add set-indicator RTAS interface
From: Mike Day This interface allows a guest to control various platform/device sensors. Initially, we only implement support necessary to control sensors that are required for hotplug: DR connector indicators/LEDs, resource allocation state, and resource isolation state. See docs/specs/ppc-spapr-hotplug.txt for a complete description of this interface. Signed-off-by: Mike Day Signed-off-by: Michael Roth Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_rtas.c| 84 ++ include/hw/ppc/spapr.h | 11 +++ 2 files changed, 95 insertions(+) diff --git a/hw/ppc/spapr_rtas.c b/hw/ppc/spapr_rtas.c index d7694cd..6c741fa 100644 --- a/hw/ppc/spapr_rtas.c +++ b/hw/ppc/spapr_rtas.c @@ -35,6 +35,18 @@ #include "qapi-event.h" #include +#include "hw/ppc/spapr_drc.h" + +/* #define DEBUG_SPAPR */ + +#ifdef DEBUG_SPAPR +#define DPRINTF(fmt, ...) \ +do { fprintf(stderr, fmt, ## __VA_ARGS__); } while (0) +#else +#define DPRINTF(fmt, ...) \ +do { } while (0) +#endif + static void rtas_display_character(PowerPCCPU *cpu, sPAPREnvironment *spapr, uint32_t token, uint32_t nargs, @@ -295,6 +307,76 @@ static void rtas_get_power_level(PowerPCCPU *cpu, sPAPREnvironment *spapr, rtas_st(rets, 1, 100); } +static bool sensor_type_is_dr(uint32_t sensor_type) +{ +switch (sensor_type) { +case RTAS_SENSOR_TYPE_ISOLATION_STATE: +case RTAS_SENSOR_TYPE_DR: +case RTAS_SENSOR_TYPE_ALLOCATION_STATE: +return true; +} + +return false; +} + +static void rtas_set_indicator(PowerPCCPU *cpu, sPAPREnvironment *spapr, + uint32_t token, uint32_t nargs, + target_ulong args, uint32_t nret, + target_ulong rets) +{ +uint32_t sensor_type; +uint32_t sensor_index; +uint32_t sensor_state; +sPAPRDRConnector *drc; +sPAPRDRConnectorClass *drck; + +if (nargs != 3 || nret != 1) { +rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); +return; +} + +sensor_type = rtas_ld(args, 0); +sensor_index = rtas_ld(args, 1); +sensor_state = rtas_ld(args, 2); + +if (!sensor_type_is_dr(sensor_type)) { +goto out_unimplemented; +} + +/* if this is a DR sensor we can assume sensor_index == drc_index */ +drc = spapr_dr_connector_by_index(sensor_index); +if (!drc) { +DPRINTF("rtas_set_indicator: invalid sensor/DRC index: %xh\n", +sensor_index); +rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); +return; +} +drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc); + +switch (sensor_type) { +case RTAS_SENSOR_TYPE_ISOLATION_STATE: +drck->set_isolation_state(drc, sensor_state); +break; +case RTAS_SENSOR_TYPE_DR: +drck->set_indicator_state(drc, sensor_state); +break; +case RTAS_SENSOR_TYPE_ALLOCATION_STATE: +drck->set_allocation_state(drc, sensor_state); +break; +default: +goto out_unimplemented; +} + +rtas_st(rets, 0, RTAS_OUT_SUCCESS); +return; + +out_unimplemented: +/* currently only DR-related sensors are implemented */ +DPRINTF("rtas_set_indicator: sensor/indicator not implemented: %d\n", +sensor_type); +rtas_st(rets, 0, RTAS_OUT_NOT_SUPPORTED); +} + static struct rtas_call { const char *name; spapr_rtas_fn fn; @@ -424,6 +506,8 @@ static void core_rtas_register_types(void) rtas_set_power_level); spapr_rtas_register(RTAS_GET_POWER_LEVEL, "get-power-level", rtas_get_power_level); +spapr_rtas_register(RTAS_SET_INDICATOR, "set-indicator", +rtas_set_indicator); } type_init(core_rtas_register_types) diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h index 317feb6..8810911 100644 --- a/include/hw/ppc/spapr.h +++ b/include/hw/ppc/spapr.h @@ -430,6 +430,17 @@ int spapr_allocate_irq_block(int num, bool lsi, bool msi); #define RTAS_SYSPARM_DIAGNOSTICS_RUN_MODE42 #define RTAS_SYSPARM_UUID48 +/* RTAS indicator/sensor types + * + * as defined by PAPR+ 2.7 7.3.5.4, Table 41 + * + * NOTE: currently only DR-related sensors are implemented here + */ +#define RTAS_SENSOR_TYPE_ISOLATION_STATE9001 +#define RTAS_SENSOR_TYPE_DR 9002 +#define RTAS_SENSOR_TYPE_ALLOCATION_STATE 9003 +#define RTAS_SENSOR_TYPE_ENTITY_SENSE RTAS_SENSOR_TYPE_ALLOCATION_STATE + /* Possible values for the platform-processor-diagnostics-run-mode parameter * of the RTAS ibm,get-system-parameter call. */ -- 1.8.1.4
[Qemu-devel] [PULL 36/40] pseries: Enable in-kernel H_LOGICAL_CI_{LOAD, STORE} implementations
From: David Gibson qemu currently implements the hypercalls H_LOGICAL_CI_LOAD and H_LOGICAL_CI_STORE as PAPR extensions. These are used by the SLOF firmware for IO, because performing cache inhibited MMIO accesses with the MMU off (real mode) is very awkward on POWER. This approach breaks when SLOF needs to access IO devices implemented within KVM instead of in qemu. The simplest example would be virtio-blk using an iothread, because the iothread / dataplane mechanism relies on an in-kernel implementation of the virtio queue notification MMIO. To fix this, an in-kernel implementation of these hypercalls has been made, (kernel commit 99342cf "kvmppc: Implement H_LOGICAL_CI_{LOAD,STORE} in KVM" however, the hypercalls still need to be enabled from qemu. This performs the necessary calls to do so. It would be nice to provide some warning if we encounter a problematic device with a kernel which doesn't support the new calls. Unfortunately, I can't see a way to detect this case which won't either warn in far too many cases that will probably work, or which is horribly invasive. Signed-off-by: David Gibson Reviewed-by: Thomas Huth Signed-off-by: Alexander Graf --- hw/ppc/spapr.c | 5 + target-ppc/kvm.c | 17 + target-ppc/kvm_ppc.h | 5 + 3 files changed, 27 insertions(+) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 2e9ac87..f174e5a 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -1506,6 +1506,11 @@ static void ppc_spapr_init(MachineState *machine) qemu_register_reset(spapr_cpu_reset, cpu); } +if (kvm_enabled()) { +/* Enable H_LOGICAL_CI_* so SLOF can talk to in-kernel devices */ +kvmppc_enable_logical_ci_hcalls(); +} + /* allocate RAM */ spapr->ram_limit = ram_size; memory_region_allocate_system_memory(ram, NULL, "ppc_spapr.ram", diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c index 1da9ea8..97a50b1 100644 --- a/target-ppc/kvm.c +++ b/target-ppc/kvm.c @@ -1884,6 +1884,23 @@ int kvmppc_get_hypercall(CPUPPCState *env, uint8_t *buf, int buf_len) return 0; } +static inline int kvmppc_enable_hcall(KVMState *s, target_ulong hcall) +{ +return kvm_vm_enable_cap(s, KVM_CAP_PPC_ENABLE_HCALL, 0, hcall, 1); +} + +void kvmppc_enable_logical_ci_hcalls(void) +{ +/* + * FIXME: it would be nice if we could detect the cases where + * we're using a device which requires the in kernel + * implementation of these hcalls, but the kernel lacks them and + * produce a warning. + */ +kvmppc_enable_hcall(kvm_state, H_LOGICAL_CI_LOAD); +kvmppc_enable_hcall(kvm_state, H_LOGICAL_CI_STORE); +} + void kvmppc_set_papr(PowerPCCPU *cpu) { CPUState *cs = CPU(cpu); diff --git a/target-ppc/kvm_ppc.h b/target-ppc/kvm_ppc.h index 2e0224c..4d30e27 100644 --- a/target-ppc/kvm_ppc.h +++ b/target-ppc/kvm_ppc.h @@ -24,6 +24,7 @@ bool kvmppc_get_host_serial(char **buf); int kvmppc_get_hasidle(CPUPPCState *env); int kvmppc_get_hypercall(CPUPPCState *env, uint8_t *buf, int buf_len); int kvmppc_set_interrupt(PowerPCCPU *cpu, int irq, int level); +void kvmppc_enable_logical_ci_hcalls(void); void kvmppc_set_papr(PowerPCCPU *cpu); int kvmppc_set_compat(PowerPCCPU *cpu, uint32_t cpu_version); void kvmppc_set_mpic_proxy(PowerPCCPU *cpu, int mpic_proxy); @@ -107,6 +108,10 @@ static inline int kvmppc_set_interrupt(PowerPCCPU *cpu, int irq, int level) return -1; } +static inline void kvmppc_enable_logical_ci_hcalls(void) +{ +} + static inline void kvmppc_set_papr(PowerPCCPU *cpu) { } -- 1.8.1.4
[Qemu-devel] [PULL 37/40] Add David Gibson for sPAPR in MAINTAINERS file
From: David Gibson At Alex Graf's request I'm now acting as sub-maintainer for the sPAPR (-machine pseries) code. This updates MAINTAINERS accordingly. While we're at it, change the label to mention pseries since that's the actual name of the machine type, even if most of the C files use the sPAPR name. Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- MAINTAINERS | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/MAINTAINERS b/MAINTAINERS index 0463696..4ed8215 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -486,7 +486,8 @@ F: hw/ppc/prep.c F: hw/pci-host/prep.[hc] F: hw/isa/pc87312.[hc] -sPAPR +sPAPR (pseries) +M: David Gibson M: Alexander Graf L: qemu-...@nongnu.org S: Supported -- 1.8.1.4
[Qemu-devel] [PULL 16/40] pseries: Add pseries-2.4 machine type
From: David Gibson Now that 2.4 development has opened, create a new pseries machine type variant. For now it is identical to the pseries-2.3 machine type, but a number of new features are coming that will need to set backwards compatibility options. Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr.c | 5 + 1 file changed, 5 insertions(+) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index a15fa3c..971cb5f 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -1905,10 +1905,15 @@ static const TypeInfo spapr_machine_2_2_info = { static void spapr_machine_2_3_class_init(ObjectClass *oc, void *data) { +static GlobalProperty compat_props[] = { +/* SPAPR_COMPAT_2_3, */ +{ /* end of list */ } +}; MachineClass *mc = MACHINE_CLASS(oc); mc->name = "pseries-2.3"; mc->desc = "pSeries Logical Partition (PAPR compliant) v2.3"; +mc->compat_props = compat_props; } static const TypeInfo spapr_machine_2_3_info = { -- 1.8.1.4
[Qemu-devel] [PULL 13/40] spapr_pci: Rework device-tree rendering
From: Alexey Kardashevskiy This replaces object_child_foreach() and callback with existing SPAPR_PCI_LIOBN() and spapr_tce_find_by_liobn() to make the code easier to read. This is a mechanical patch so no behaviour change is expected. Signed-off-by: Alexey Kardashevskiy Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_pci.c | 30 +- 1 file changed, 5 insertions(+), 25 deletions(-) diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c index 79b6d3d..52c5c73 100644 --- a/hw/ppc/spapr_pci.c +++ b/hw/ppc/spapr_pci.c @@ -1090,29 +1090,6 @@ PCIHostState *spapr_create_phb(sPAPREnvironment *spapr, int index) #define b_fff(x)b_x((x), 8, 3) /* function number */ #define b_(x) b_x((x), 0, 8) /* register number */ -typedef struct sPAPRTCEDT { -void *fdt; -int node_off; -} sPAPRTCEDT; - -static int spapr_phb_children_dt(Object *child, void *opaque) -{ -sPAPRTCEDT *p = opaque; -sPAPRTCETable *tcet; - -tcet = (sPAPRTCETable *) object_dynamic_cast(child, TYPE_SPAPR_TCE_TABLE); -if (!tcet || SPAPR_PCI_DMA_WINDOW_NUM(tcet->liobn)) { -return 0; -} - -spapr_dma_dt(p->fdt, p->node_off, "ibm,dma-window", - tcet->liobn, tcet->bus_offset, - tcet->nb_table << tcet->page_shift); -/* Stop after the first window */ - -return 1; -} - int spapr_populate_pci_dt(sPAPRPHBState *phb, uint32_t xics_phandle, void *fdt) @@ -1151,6 +1128,7 @@ int spapr_populate_pci_dt(sPAPRPHBState *phb, uint32_t interrupt_map_mask[] = { cpu_to_be32(b_d(-1)|b_fff(0)), 0x0, 0x0, cpu_to_be32(-1)}; uint32_t interrupt_map[PCI_SLOT_MAX * PCI_NUM_PINS][7]; +sPAPRTCETable *tcet; /* Start populating the FDT */ sprintf(nodename, "pci@%" PRIx64, phb->buid); @@ -1203,8 +1181,10 @@ int spapr_populate_pci_dt(sPAPRPHBState *phb, _FDT(fdt_setprop(fdt, bus_off, "interrupt-map", &interrupt_map, sizeof(interrupt_map))); -object_child_foreach(OBJECT(phb), spapr_phb_children_dt, - &((sPAPRTCEDT){ .fdt = fdt, .node_off = bus_off })); +tcet = spapr_tce_find_by_liobn(SPAPR_PCI_LIOBN(phb->index, 0)); +spapr_dma_dt(fdt, bus_off, "ibm,dma-window", + tcet->liobn, tcet->bus_offset, + tcet->nb_table << tcet->page_shift); return 0; } -- 1.8.1.4
[Qemu-devel] [PULL 18/40] hw/ppc/spapr: Use error_report() instead of hw_error()
From: Thomas Huth hw_error() is designed for printing CPU-related error messages (e.g. it also prints a full CPU register dump). For error messages that are not directly related to CPU problems, a function like error_report() should be used instead. Signed-off-by: Thomas Huth Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr.c | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 9c05787..8cf1f2a 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -794,8 +794,8 @@ static void spapr_finalize_fdt(sPAPREnvironment *spapr, _FDT((fdt_pack(fdt))); if (fdt_totalsize(fdt) > FDT_MAX_SIZE) { -hw_error("FDT too big ! 0x%x bytes (max is 0x%x)\n", - fdt_totalsize(fdt), FDT_MAX_SIZE); +error_report("FDT too big ! 0x%x bytes (max is 0x%x)", + fdt_totalsize(fdt), FDT_MAX_SIZE); exit(1); } @@ -899,7 +899,7 @@ static int spapr_check_htab_fd(sPAPREnvironment *spapr) spapr->htab_fd = kvmppc_get_htab_fd(false); if (spapr->htab_fd < 0) { error_report("Unable to open fd for reading hash table from KVM: " -"%s", strerror(errno)); + "%s", strerror(errno)); rc = -1; } spapr->htab_fd_stale = false; @@ -1419,7 +1419,7 @@ static void ppc_spapr_init(MachineState *machine) rma_alloc_size = kvmppc_alloc_rma(&rma); if (rma_alloc_size == -1) { -hw_error("qemu: Unable to create RMA\n"); +error_report("Unable to create RMA"); exit(1); } @@ -1520,18 +1520,18 @@ static void ppc_spapr_init(MachineState *machine) filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, "spapr-rtas.bin"); if (!filename) { -hw_error("Could not find LPAR rtas '%s'\n", "spapr-rtas.bin"); +error_report("Could not find LPAR rtas '%s'", "spapr-rtas.bin"); exit(1); } spapr->rtas_size = get_image_size(filename); spapr->rtas_blob = g_malloc(spapr->rtas_size); if (load_image_size(filename, spapr->rtas_blob, spapr->rtas_size) < 0) { -hw_error("qemu: could not load LPAR rtas '%s'\n", filename); +error_report("Could not load LPAR rtas '%s'", filename); exit(1); } if (spapr->rtas_size > RTAS_MAX_SIZE) { -hw_error("RTAS too big ! 0x%zx bytes (max is 0x%x)\n", - (size_t)spapr->rtas_size, RTAS_MAX_SIZE); +error_report("RTAS too big ! 0x%zx bytes (max is 0x%x)", + (size_t)spapr->rtas_size, RTAS_MAX_SIZE); exit(1); } g_free(filename); -- 1.8.1.4
[Qemu-devel] [PULL 28/40] spapr_drc: add spapr_drc_populate_dt()
From: Michael Roth This function handles generation of ibm,drc-* array device tree properties to describe DRC topology to guests. This will by used by the guest to direct RTAS calls to manage any dynamic resources we associate with a particular DR Connector as part of hotplug/unplug. Since general management of boot-time device trees are handled outside of sPAPRDRConnector, we insert these values blindly given an FDT and offset. A mask of sPAPRDRConnector types is given to instruct us on what types of connectors entries should be generated for, since descriptions for different connectors may live in different parts of the device tree. Based on code originally written by Nathan Fontenot. Signed-off-by: Nathan Fontenot Signed-off-by: Michael Roth Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_drc.c | 156 + include/hw/ppc/spapr_drc.h | 2 + 2 files changed, 158 insertions(+) diff --git a/hw/ppc/spapr_drc.c b/hw/ppc/spapr_drc.c index 047c6c7..ef98538 100644 --- a/hw/ppc/spapr_drc.c +++ b/hw/ppc/spapr_drc.c @@ -586,3 +586,159 @@ sPAPRDRConnector *spapr_dr_connector_by_id(sPAPRDRConnectorType type, (get_type_shift(type) << DRC_INDEX_TYPE_SHIFT) | (id & DRC_INDEX_ID_MASK)); } + +/* generate a string the describes the DRC to encode into the + * device tree. + * + * as documented by PAPR+ v2.7, 13.5.2.6 and C.6.1 + */ +static const char *spapr_drc_get_type_str(sPAPRDRConnectorType type) +{ +switch (type) { +case SPAPR_DR_CONNECTOR_TYPE_CPU: +return "CPU"; +case SPAPR_DR_CONNECTOR_TYPE_PHB: +return "PHB"; +case SPAPR_DR_CONNECTOR_TYPE_VIO: +return "SLOT"; +case SPAPR_DR_CONNECTOR_TYPE_PCI: +return "28"; +case SPAPR_DR_CONNECTOR_TYPE_LMB: +return "MEM"; +default: +g_assert(false); +} + +return NULL; +} + +/** + * spapr_drc_populate_dt + * + * @fdt: libfdt device tree + * @path: path in the DT to generate properties + * @owner: parent Object/DeviceState for which to generate DRC + * descriptions for + * @drc_type_mask: mask of sPAPRDRConnectorType values corresponding + * to the types of DRCs to generate entries for + * + * generate OF properties to describe DRC topology/indices to guests + * + * as documented in PAPR+ v2.1, 13.5.2 + */ +int spapr_drc_populate_dt(void *fdt, int fdt_offset, Object *owner, + uint32_t drc_type_mask) +{ +Object *root_container; +ObjectProperty *prop; +uint32_t drc_count = 0; +GArray *drc_indexes, *drc_power_domains; +GString *drc_names, *drc_types; +int ret; + +/* the first entry of each properties is a 32-bit integer encoding + * the number of elements in the array. we won't know this until + * we complete the iteration through all the matching DRCs, but + * reserve the space now and set the offsets accordingly so we + * can fill them in later. + */ +drc_indexes = g_array_new(false, true, sizeof(uint32_t)); +drc_indexes = g_array_set_size(drc_indexes, 1); +drc_power_domains = g_array_new(false, true, sizeof(uint32_t)); +drc_power_domains = g_array_set_size(drc_power_domains, 1); +drc_names = g_string_set_size(g_string_new(NULL), sizeof(uint32_t)); +drc_types = g_string_set_size(g_string_new(NULL), sizeof(uint32_t)); + +/* aliases for all DRConnector objects will be rooted in QOM + * composition tree at DRC_CONTAINER_PATH + */ +root_container = container_get(object_get_root(), DRC_CONTAINER_PATH); + +QTAILQ_FOREACH(prop, &root_container->properties, node) { +Object *obj; +sPAPRDRConnector *drc; +sPAPRDRConnectorClass *drck; +uint32_t drc_index, drc_power_domain; + +if (!strstart(prop->type, "link<", NULL)) { +continue; +} + +obj = object_property_get_link(root_container, prop->name, NULL); +drc = SPAPR_DR_CONNECTOR(obj); +drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc); + +if (owner && (drc->owner != owner)) { +continue; +} + +if ((drc->type & drc_type_mask) == 0) { +continue; +} + +drc_count++; + +/* ibm,drc-indexes */ +drc_index = cpu_to_be32(drck->get_index(drc)); +g_array_append_val(drc_indexes, drc_index); + +/* ibm,drc-power-domains */ +drc_power_domain = cpu_to_be32(-1); +g_array_append_val(drc_power_domains, drc_power_domain); + +/* ibm,drc-names */ +drc_names = g_string_append(drc_names, drck->get_name(drc)); +drc_names = g_string_insert_len(drc_names, -1, "\0", 1); + +/* ibm,drc-types */ +drc_types = g_string_append(drc_types, +spapr_drc_get_type_str(drc->type)); +drc_types = g_string_insert_len(drc_types, -1, "\0", 1); +} + +/* now write the drc cou
[Qemu-devel] [PULL 25/40] spapr_rtas: add ibm, configure-connector RTAS interface
From: Michael Roth This interface is used to fetch an OF device-tree nodes that describes a newly-attached device to guest. It is called multiple times to walk the device-tree node and fetch individual properties into a 'workarea'/buffer provided by the guest. The device-tree is generated by QEMU and passed to an sPAPRDRConnector during the initial hotplug operation, and the state of these RTAS calls is tracked by the sPAPRDRConnector. When the last of these properties is successfully fetched, we report as special return value to the guest and transition the device to a 'configured' state on the QEMU/DRC side. See docs/specs/ppc-spapr-hotplug.txt for a complete description of this interface. Signed-off-by: Michael Roth Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr.c | 4 ++ hw/ppc/spapr_rtas.c| 180 + include/hw/ppc/spapr.h | 14 3 files changed, 198 insertions(+) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 8cf1f2a..7323efd 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -1663,6 +1663,10 @@ static void ppc_spapr_init(MachineState *machine) kernel_cmdline, spapr->epow_irq); assert(spapr->fdt_skel != NULL); +/* used by RTAS */ +QTAILQ_INIT(&spapr->ccs_list); +qemu_register_reset(spapr_ccs_reset_hook, spapr); + qemu_register_boot_set(spapr_boot_set, spapr); } diff --git a/hw/ppc/spapr_rtas.c b/hw/ppc/spapr_rtas.c index f80beb2..fa28d43 100644 --- a/hw/ppc/spapr_rtas.c +++ b/hw/ppc/spapr_rtas.c @@ -47,6 +47,43 @@ do { } while (0) #endif +static sPAPRConfigureConnectorState *spapr_ccs_find(sPAPREnvironment *spapr, +uint32_t drc_index) +{ +sPAPRConfigureConnectorState *ccs = NULL; + +QTAILQ_FOREACH(ccs, &spapr->ccs_list, next) { +if (ccs->drc_index == drc_index) { +break; +} +} + +return ccs; +} + +static void spapr_ccs_add(sPAPREnvironment *spapr, + sPAPRConfigureConnectorState *ccs) +{ +g_assert(!spapr_ccs_find(spapr, ccs->drc_index)); +QTAILQ_INSERT_HEAD(&spapr->ccs_list, ccs, next); +} + +static void spapr_ccs_remove(sPAPREnvironment *spapr, + sPAPRConfigureConnectorState *ccs) +{ +QTAILQ_REMOVE(&spapr->ccs_list, ccs, next); +g_free(ccs); +} + +void spapr_ccs_reset_hook(void *opaque) +{ +sPAPREnvironment *spapr = opaque; +sPAPRConfigureConnectorState *ccs, *ccs_tmp; + +QTAILQ_FOREACH_SAFE(ccs, &spapr->ccs_list, next, ccs_tmp) { +spapr_ccs_remove(spapr, ccs); +} +} static void rtas_display_character(PowerPCCPU *cpu, sPAPREnvironment *spapr, uint32_t token, uint32_t nargs, @@ -355,6 +392,19 @@ static void rtas_set_indicator(PowerPCCPU *cpu, sPAPREnvironment *spapr, switch (sensor_type) { case RTAS_SENSOR_TYPE_ISOLATION_STATE: +/* if the guest is configuring a device attached to this + * DRC, we should reset the configuration state at this + * point since it may no longer be reliable (guest released + * device and needs to start over, or unplug occurred so + * the FDT is no longer valid) + */ +if (sensor_state == SPAPR_DR_ISOLATION_STATE_ISOLATED) { +sPAPRConfigureConnectorState *ccs = spapr_ccs_find(spapr, + sensor_index); +if (ccs) { +spapr_ccs_remove(spapr, ccs); +} +} drck->set_isolation_state(drc, sensor_state); break; case RTAS_SENSOR_TYPE_DR: @@ -418,6 +468,134 @@ static void rtas_get_sensor_state(PowerPCCPU *cpu, sPAPREnvironment *spapr, rtas_st(rets, 1, entity_sense); } +/* configure-connector work area offsets, int32_t units for field + * indexes, bytes for field offset/len values. + * + * as documented by PAPR+ v2.7, 13.5.3.5 + */ +#define CC_IDX_NODE_NAME_OFFSET 2 +#define CC_IDX_PROP_NAME_OFFSET 2 +#define CC_IDX_PROP_LEN 3 +#define CC_IDX_PROP_DATA_OFFSET 4 +#define CC_VAL_DATA_OFFSET ((CC_IDX_PROP_DATA_OFFSET + 1) * 4) +#define CC_WA_LEN 4096 + +static void rtas_ibm_configure_connector(PowerPCCPU *cpu, + sPAPREnvironment *spapr, + uint32_t token, uint32_t nargs, + target_ulong args, uint32_t nret, + target_ulong rets) +{ +uint64_t wa_addr; +uint64_t wa_offset; +uint32_t drc_index; +sPAPRDRConnector *drc; +sPAPRDRConnectorClass *drck; +sPAPRConfigureConnectorState *ccs; +sPAPRDRCCResponse resp = SPAPR_DR_CC_RESPONSE_CONTINUE; +int rc; +const void *fdt; + +if (nargs != 2 || nret != 1) { +rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); +return; +} + +
[Qemu-devel] [PULL 17/40] hw/ppc/spapr: Fix error message when firmware could not be loaded
From: Thomas Huth When specifying a non-existing file with the "-bios" parameter, QEMU complained that it "could not find LPAR rtas". That's obviously a copy-n-paste bug from the code which loads the spapr-rtas.bin, it should complain about a missing firmware file instead. Additionally the error message was printed with hw_error() - which also dumps the whole CPU state. However, this does not make much sense here since the CPU is not running yet and thus the registers only contain zeroes. So let's use error_report() here instead. And while we're at it, let's also bail out if the firmware file had zero length. Signed-off-by: Thomas Huth Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 971cb5f..9c05787 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -1641,12 +1641,12 @@ static void ppc_spapr_init(MachineState *machine) } filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name); if (!filename) { -hw_error("Could not find LPAR rtas '%s'\n", bios_name); +error_report("Could not find LPAR firmware '%s'", bios_name); exit(1); } fw_size = load_image_targphys(filename, 0, FW_MAX_SIZE); -if (fw_size < 0) { -hw_error("qemu: could not load LPAR rtas '%s'\n", filename); +if (fw_size <= 0) { +error_report("Could not load LPAR firmware '%s'", filename); exit(1); } g_free(filename); -- 1.8.1.4
[Qemu-devel] [PULL 07/40] spapr_pci: Introduce a liobn number generating macros
From: Alexey Kardashevskiy We are going to have multiple DMA windows per PHB and we want them to migrate so we need a predictable way of assigning LIOBNs. This introduces a macro which makes up a LIOBN from fixed prefix, PHB index (unique PHB id) and window number. This introduces a SPAPR_PCI_DMA_WINDOW_NUM() to know the window number from LIOBN. It is used to distinguish the default 32bit windows from dynamic windows and avoid picking default DMA window properties from a wrong TCE table. Signed-off-by: Alexey Kardashevskiy Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_pci.c | 4 ++-- include/hw/ppc/spapr.h | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c index 03f6d96..a69d908 100644 --- a/hw/ppc/spapr_pci.c +++ b/hw/ppc/spapr_pci.c @@ -760,7 +760,7 @@ static void spapr_phb_realize(DeviceState *dev, Error **errp) } sphb->buid = SPAPR_PCI_BASE_BUID + sphb->index; -sphb->dma_liobn = SPAPR_PCI_BASE_LIOBN + sphb->index; +sphb->dma_liobn = SPAPR_PCI_LIOBN(sphb->index, 0); windows_base = SPAPR_PCI_WINDOW_BASE + sphb->index * SPAPR_PCI_WINDOW_SPACING; @@ -1101,7 +1101,7 @@ static int spapr_phb_children_dt(Object *child, void *opaque) sPAPRTCETable *tcet; tcet = (sPAPRTCETable *) object_dynamic_cast(child, TYPE_SPAPR_TCE_TABLE); -if (!tcet) { +if (!tcet || SPAPR_PCI_DMA_WINDOW_NUM(tcet->liobn)) { return 0; } diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h index af71e8b..9a9bb90 100644 --- a/include/hw/ppc/spapr.h +++ b/include/hw/ppc/spapr.h @@ -482,7 +482,9 @@ int spapr_rtas_device_tree_setup(void *fdt, hwaddr rtas_addr, #define SPAPR_TCE_PAGE_MASK(SPAPR_TCE_PAGE_SIZE - 1) #define SPAPR_VIO_BASE_LIOBN0x -#define SPAPR_PCI_BASE_LIOBN0x8000 +#define SPAPR_PCI_LIOBN(phb_index, window_num) \ +(0x8000 | ((phb_index) << 8) | (window_num)) +#define SPAPR_PCI_DMA_WINDOW_NUM(liobn) ((liobn) & 0xff) #define RTAS_ERROR_LOG_MAX 2048 -- 1.8.1.4
[Qemu-devel] [PULL 14/40] spapr_iommu: Give unique QOM name to TCE table
From: Alexey Kardashevskiy Useful for debugging. Signed-off-by: Alexey Kardashevskiy Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_iommu.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hw/ppc/spapr_iommu.c b/hw/ppc/spapr_iommu.c index c17e831..a14cdc4 100644 --- a/hw/ppc/spapr_iommu.c +++ b/hw/ppc/spapr_iommu.c @@ -161,6 +161,7 @@ sPAPRTCETable *spapr_tce_new_table(DeviceState *owner, uint32_t liobn, bool vfio_accel) { sPAPRTCETable *tcet; +char tmp[64]; if (spapr_tce_find_by_liobn(liobn)) { fprintf(stderr, "Attempted to create TCE table with duplicate" @@ -179,7 +180,8 @@ sPAPRTCETable *spapr_tce_new_table(DeviceState *owner, uint32_t liobn, tcet->nb_table = nb_table; tcet->vfio_accel = vfio_accel; -object_property_add_child(OBJECT(owner), "tce-table", OBJECT(tcet), NULL); +snprintf(tmp, sizeof(tmp), "tce-table-%x", liobn); +object_property_add_child(OBJECT(owner), tmp, OBJECT(tcet), NULL); object_property_set_bool(OBJECT(tcet), true, "realized", NULL); -- 1.8.1.4
[Qemu-devel] [PULL 34/40] machine: add default_ram_size to machine class
From: Nikunj A Dadhania Machines types can have different requirement for default ram size. Introduce a member in the machine class and set the current default_ram_size to 128MB. For QEMUMachine types override the value during the registration of the machine and for MachineClass introduce the generic class init setting the default_ram_size. Add helpers [K,M,G,T,P,E]_BYTE for better readability and easy usage Signed-off-by: Nikunj A Dadhania Reviewed-by: Thomas Huth Reviewed-by: David Gibson Acked-by: Paolo Bonzini Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/core/machine.c | 9 + include/hw/boards.h | 1 + include/qemu-common.h | 6 ++ vl.c | 30 -- 4 files changed, 32 insertions(+), 14 deletions(-) diff --git a/hw/core/machine.c b/hw/core/machine.c index 25c45e6..ac4654e 100644 --- a/hw/core/machine.c +++ b/hw/core/machine.c @@ -294,6 +294,14 @@ static void machine_init_notify(Notifier *notifier, void *data) foreach_dynamic_sysbus_device(error_on_sysbus_device, NULL); } +static void machine_class_init(ObjectClass *oc, void *data) +{ +MachineClass *mc = MACHINE_CLASS(oc); + +/* Default 128 MB as guest ram size */ +mc->default_ram_size = 128 * M_BYTE; +} + static void machine_initfn(Object *obj) { MachineState *ms = MACHINE(obj); @@ -463,6 +471,7 @@ static const TypeInfo machine_info = { .parent = TYPE_OBJECT, .abstract = true, .class_size = sizeof(MachineClass), +.class_init= machine_class_init, .instance_size = sizeof(MachineState), .instance_init = machine_initfn, .instance_finalize = machine_finalize, diff --git a/include/hw/boards.h b/include/hw/boards.h index ff79797..6379901 100644 --- a/include/hw/boards.h +++ b/include/hw/boards.h @@ -106,6 +106,7 @@ struct MachineClass { const char *default_display; GlobalProperty *compat_props; const char *hw_version; +ram_addr_t default_ram_size; HotplugHandler *(*get_hotplug_handler)(MachineState *machine, DeviceState *dev); diff --git a/include/qemu-common.h b/include/qemu-common.h index 6b373ff..d52d09c 100644 --- a/include/qemu-common.h +++ b/include/qemu-common.h @@ -186,6 +186,12 @@ int64_t strtosz(const char *nptr, char **end); int64_t strtosz_suffix(const char *nptr, char **end, const char default_suffix); int64_t strtosz_suffix_unit(const char *nptr, char **end, const char default_suffix, int64_t unit); +#define K_BYTE (1ULL << 10) +#define M_BYTE (1ULL << 20) +#define G_BYTE (1ULL << 30) +#define T_BYTE (1ULL << 40) +#define P_BYTE (1ULL << 50) +#define E_BYTE (1ULL << 60) /* used to print char* safely */ #define STR_OR_NULL(str) ((str) ? (str) : "null") diff --git a/vl.c b/vl.c index 1d4c089..6c7e4e4 100644 --- a/vl.c +++ b/vl.c @@ -120,8 +120,6 @@ int main(int argc, char **argv) #include "qom/object_interfaces.h" #include "qapi-event.h" -#define DEFAULT_RAM_SIZE 128 - #define MAX_VIRTIO_CONSOLES 1 #define MAX_SCLP_CONSOLES 1 @@ -1310,7 +1308,11 @@ void hmp_usb_del(Monitor *mon, const QDict *qdict) MachineState *current_machine; -static void machine_class_init(ObjectClass *oc, void *data) +/* + * Transitional class registration/init used for converting from + * legacy QEMUMachine to MachineClass. + */ +static void qemu_machine_class_init(ObjectClass *oc, void *data) { MachineClass *mc = MACHINE_CLASS(oc); QEMUMachine *qm = data; @@ -1333,7 +1335,7 @@ int qemu_register_machine(QEMUMachine *m) TypeInfo ti = { .name = name, .parent = TYPE_MACHINE, -.class_init = machine_class_init, +.class_init = qemu_machine_class_init, .class_data = (void *)m, }; @@ -2647,13 +2649,13 @@ out: return 0; } -static void set_memory_options(uint64_t *ram_slots, ram_addr_t *maxram_size) +static void set_memory_options(uint64_t *ram_slots, ram_addr_t *maxram_size, + MachineClass *mc) { uint64_t sz; const char *mem_str; const char *maxmem_str, *slots_str; -const ram_addr_t default_ram_size = (ram_addr_t)DEFAULT_RAM_SIZE * -1024 * 1024; +const ram_addr_t default_ram_size = mc->default_ram_size; QemuOpts *opts = qemu_find_opts_singleton("memory"); sz = 0; @@ -3769,7 +3771,13 @@ int main(int argc, char **argv, char **envp) machine_class = machine_parse(optarg); } -set_memory_options(&ram_slots, &maxram_size); +if (machine_class == NULL) { +fprintf(stderr, "No machine specified, and there is no default.\n" +"Use -machine help to list supported machines!\n"); +exit(1); +} + +set_memory_options(&ram_slots, &maxram_size, machine_class); loc_set_none(); @@ -3798,12 +3806,6 @@ int main(int argc, char **argv, char **envp)
[Qemu-devel] [PULL 38/40] tci: do not use CPUArchState in tcg-target.h
From: Paolo Bonzini tcg-target.h does not use any QEMU-specific symbols, save for tci's usage of CPUArchState. Pull that up to tcg/tcg.h. This will make it possible to include tcg-target.h in cpu-defs.h. Signed-off-by: Paolo Bonzini Reviewed-by: Richard Henderson Signed-off-by: Alexander Graf --- tcg/tcg.h| 4 +++- tcg/tci/tcg-target.h | 3 +-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/tcg/tcg.h b/tcg/tcg.h index 8098f82..41e4869 100644 --- a/tcg/tcg.h +++ b/tcg/tcg.h @@ -927,7 +927,9 @@ static inline unsigned get_mmuidx(TCGMemOpIdx oi) #define TB_EXIT_ICOUNT_EXPIRED 2 #define TB_EXIT_REQUESTED 3 -#if !defined(tcg_qemu_tb_exec) +#ifdef HAVE_TCG_QEMU_TB_EXEC +uintptr_t tcg_qemu_tb_exec(CPUArchState *env, uint8_t *tb_ptr); +#else # define tcg_qemu_tb_exec(env, tb_ptr) \ ((uintptr_t (*)(void *, void *))tcg_ctx.code_gen_prologue)(env, tb_ptr) #endif diff --git a/tcg/tci/tcg-target.h b/tcg/tci/tcg-target.h index bd1e974..662d45c 100644 --- a/tcg/tci/tcg-target.h +++ b/tcg/tci/tcg-target.h @@ -175,8 +175,7 @@ typedef enum { void tci_disas(uint8_t opc); -uintptr_t tcg_qemu_tb_exec(CPUArchState *env, uint8_t *tb_ptr); -#define tcg_qemu_tb_exec tcg_qemu_tb_exec +#define HAVE_TCG_QEMU_TB_EXEC static inline void flush_icache_range(uintptr_t start, uintptr_t stop) { -- 1.8.1.4
[Qemu-devel] [PULL 11/40] spapr_pci: Make find_phb()/find_dev() public
From: Alexey Kardashevskiy This makes find_phb()/find_dev() public and changed its names to spapr_pci_find_phb()/spapr_pci_find_dev() as they are going to be used from other parts of QEMU such as VFIO DDW (dynamic DMA window) or VFIO PCI error injection or VFIO EEH handling - in all these cases there are RTAS calls which are addressed to BUID+config_addr in IEEE1275 format. Signed-off-by: Alexey Kardashevskiy Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_pci.c | 36 ++-- include/hw/pci-host/spapr.h | 4 2 files changed, 22 insertions(+), 18 deletions(-) diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c index 312f0d9..79b6d3d 100644 --- a/hw/ppc/spapr_pci.c +++ b/hw/ppc/spapr_pci.c @@ -47,7 +47,7 @@ #define RTAS_TYPE_MSI 1 #define RTAS_TYPE_MSIX 2 -static sPAPRPHBState *find_phb(sPAPREnvironment *spapr, uint64_t buid) +sPAPRPHBState *spapr_pci_find_phb(sPAPREnvironment *spapr, uint64_t buid) { sPAPRPHBState *sphb; @@ -61,10 +61,10 @@ static sPAPRPHBState *find_phb(sPAPREnvironment *spapr, uint64_t buid) return NULL; } -static PCIDevice *find_dev(sPAPREnvironment *spapr, uint64_t buid, - uint32_t config_addr) +PCIDevice *spapr_pci_find_dev(sPAPREnvironment *spapr, uint64_t buid, + uint32_t config_addr) { -sPAPRPHBState *sphb = find_phb(spapr, buid); +sPAPRPHBState *sphb = spapr_pci_find_phb(spapr, buid); PCIHostState *phb = PCI_HOST_BRIDGE(sphb); int bus_num = (config_addr >> 16) & 0xFF; int devfn = (config_addr >> 8) & 0xFF; @@ -95,7 +95,7 @@ static void finish_read_pci_config(sPAPREnvironment *spapr, uint64_t buid, return; } -pci_dev = find_dev(spapr, buid, addr); +pci_dev = spapr_pci_find_dev(spapr, buid, addr); addr = rtas_pci_cfgaddr(addr); if (!pci_dev || (addr % size) || (addr >= pci_config_size(pci_dev))) { @@ -162,7 +162,7 @@ static void finish_write_pci_config(sPAPREnvironment *spapr, uint64_t buid, return; } -pci_dev = find_dev(spapr, buid, addr); +pci_dev = spapr_pci_find_dev(spapr, buid, addr); addr = rtas_pci_cfgaddr(addr); if (!pci_dev || (addr % size) || (addr >= pci_config_size(pci_dev))) { @@ -280,9 +280,9 @@ static void rtas_ibm_change_msi(PowerPCCPU *cpu, sPAPREnvironment *spapr, } /* Fins sPAPRPHBState */ -phb = find_phb(spapr, buid); +phb = spapr_pci_find_phb(spapr, buid); if (phb) { -pdev = find_dev(spapr, buid, config_addr); +pdev = spapr_pci_find_dev(spapr, buid, config_addr); } if (!phb || !pdev) { rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); @@ -381,9 +381,9 @@ static void rtas_ibm_query_interrupt_source_number(PowerPCCPU *cpu, spapr_pci_msi *msi; /* Find sPAPRPHBState */ -phb = find_phb(spapr, buid); +phb = spapr_pci_find_phb(spapr, buid); if (phb) { -pdev = find_dev(spapr, buid, config_addr); +pdev = spapr_pci_find_dev(spapr, buid, config_addr); } if (!phb || !pdev) { rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); @@ -426,7 +426,7 @@ static void rtas_ibm_set_eeh_option(PowerPCCPU *cpu, addr = rtas_ld(args, 0); option = rtas_ld(args, 3); -sphb = find_phb(spapr, buid); +sphb = spapr_pci_find_phb(spapr, buid); if (!sphb) { goto param_error_exit; } @@ -461,7 +461,7 @@ static void rtas_ibm_get_config_addr_info2(PowerPCCPU *cpu, } buid = ((uint64_t)rtas_ld(args, 1) << 32) | rtas_ld(args, 2); -sphb = find_phb(spapr, buid); +sphb = spapr_pci_find_phb(spapr, buid); if (!sphb) { goto param_error_exit; } @@ -479,7 +479,7 @@ static void rtas_ibm_get_config_addr_info2(PowerPCCPU *cpu, switch (option) { case RTAS_GET_PE_ADDR: addr = rtas_ld(args, 0); -pdev = find_dev(spapr, buid, addr); +pdev = spapr_pci_find_dev(spapr, buid, addr); if (!pdev) { goto param_error_exit; } @@ -516,7 +516,7 @@ static void rtas_ibm_read_slot_reset_state2(PowerPCCPU *cpu, } buid = ((uint64_t)rtas_ld(args, 1) << 32) | rtas_ld(args, 2); -sphb = find_phb(spapr, buid); +sphb = spapr_pci_find_phb(spapr, buid); if (!sphb) { goto param_error_exit; } @@ -562,7 +562,7 @@ static void rtas_ibm_set_slot_reset(PowerPCCPU *cpu, buid = ((uint64_t)rtas_ld(args, 1) << 32) | rtas_ld(args, 2); option = rtas_ld(args, 3); -sphb = find_phb(spapr, buid); +sphb = spapr_pci_find_phb(spapr, buid); if (!sphb) { goto param_error_exit; } @@ -596,7 +596,7 @@ static void rtas_ibm_configure_pe(PowerPCCPU *cpu, } buid = ((uint64_t)rtas_ld(args, 1) << 32) | rtas_ld(args, 2); -sphb = find_phb(spapr, buid); +sphb = spapr_pci_find_phb(spapr, buid); if (!sphb) { goto param_error_exit; } @
[Qemu-devel] [PULL 08/40] spapr_vio: Introduce a liobn number generating macros
From: Alexey Kardashevskiy This introduces a macro which makes up a LIOBN from fixed prefix and VIO device address (@reg property). This is to keep LIOBN macros rendering consistent - the same macro for PCI has been added by the previous patch. Signed-off-by: Alexey Kardashevskiy Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_vio.c | 2 +- include/hw/ppc/spapr.h | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/hw/ppc/spapr_vio.c b/hw/ppc/spapr_vio.c index 1360b97..174033d 100644 --- a/hw/ppc/spapr_vio.c +++ b/hw/ppc/spapr_vio.c @@ -469,7 +469,7 @@ static void spapr_vio_busdev_realize(DeviceState *qdev, Error **errp) } if (pc->rtce_window_size) { -uint32_t liobn = SPAPR_VIO_BASE_LIOBN | dev->reg; +uint32_t liobn = SPAPR_VIO_LIOBN(dev->reg); memory_region_init(&dev->mrroot, OBJECT(dev), "iommu-spapr-root", ram_size); diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h index 9a9bb90..92ee72b 100644 --- a/include/hw/ppc/spapr.h +++ b/include/hw/ppc/spapr.h @@ -482,6 +482,7 @@ int spapr_rtas_device_tree_setup(void *fdt, hwaddr rtas_addr, #define SPAPR_TCE_PAGE_MASK(SPAPR_TCE_PAGE_SIZE - 1) #define SPAPR_VIO_BASE_LIOBN0x +#define SPAPR_VIO_LIOBN(reg)(0x | (reg)) #define SPAPR_PCI_LIOBN(phb_index, window_num) \ (0x8000 | ((phb_index) << 8) | (window_num)) #define SPAPR_PCI_DMA_WINDOW_NUM(liobn) ((liobn) & 0xff) -- 1.8.1.4
[Qemu-devel] [PULL 09/40] spapr_pci: Define default DMA window size as a macro
From: Alexey Kardashevskiy This gets rid of a magic constant describing the default DMA window size for an emulated PHB. Signed-off-by: Alexey Kardashevskiy Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_pci.c | 6 +++--- include/hw/pci-host/spapr.h | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c index a69d908..312f0d9 100644 --- a/hw/ppc/spapr_pci.c +++ b/hw/ppc/spapr_pci.c @@ -893,11 +893,11 @@ static void spapr_phb_realize(DeviceState *dev, Error **errp) static void spapr_phb_finish_realize(sPAPRPHBState *sphb, Error **errp) { sPAPRTCETable *tcet; +uint32_t nb_table; +nb_table = SPAPR_PCI_DMA32_SIZE >> SPAPR_TCE_PAGE_SHIFT; tcet = spapr_tce_new_table(DEVICE(sphb), sphb->dma_liobn, - 0, - SPAPR_TCE_PAGE_SHIFT, - 0x4000 >> SPAPR_TCE_PAGE_SHIFT, false); + 0, SPAPR_TCE_PAGE_SHIFT, nb_table, false); if (!tcet) { error_setg(errp, "Unable to create TCE table for %s", sphb->dtbusname); diff --git a/include/hw/pci-host/spapr.h b/include/hw/pci-host/spapr.h index 895d273..d7b521d 100644 --- a/include/hw/pci-host/spapr.h +++ b/include/hw/pci-host/spapr.h @@ -114,6 +114,8 @@ struct sPAPRPHBVFIOState { #define SPAPR_PCI_MSI_WINDOW 0x400ULL +#define SPAPR_PCI_DMA32_SIZE 0x4000 + static inline qemu_irq spapr_phb_lsi_qirq(struct sPAPRPHBState *phb, int pin) { return xics_get_qirq(spapr->icp, phb->lsi_table[pin].irq); -- 1.8.1.4
[Qemu-devel] [PULL 06/40] spapr_iommu: Make H_PUT_TCE_INDIRECT endian-safe
From: Alexey Kardashevskiy PAPR is defined as big endian so TCEs need an adjustment so does this patch. This changes code to have ldq_be_phys() in one place. Signed-off-by: Alexey Kardashevskiy Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_iommu.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/hw/ppc/spapr_iommu.c b/hw/ppc/spapr_iommu.c index e19bf89..65ca469 100644 --- a/hw/ppc/spapr_iommu.c +++ b/hw/ppc/spapr_iommu.c @@ -247,7 +247,7 @@ static target_ulong h_put_tce_indirect(PowerPCCPU *cpu, target_ulong ioba1 = ioba; target_ulong tce_list = args[2]; target_ulong npages = args[3]; -target_ulong ret = H_PARAMETER; +target_ulong ret = H_PARAMETER, tce = 0; sPAPRTCETable *tcet = spapr_tce_find_by_liobn(liobn); CPUState *cs = CPU(cpu); hwaddr page_mask, page_size; @@ -267,7 +267,7 @@ static target_ulong h_put_tce_indirect(PowerPCCPU *cpu, for (i = 0; i < npages; ++i, ioba += page_size) { target_ulong off = (tce_list & ~SPAPR_TCE_RW) + i * sizeof(target_ulong); -target_ulong tce = ldq_phys(cs->as, off); +tce = ldq_be_phys(cs->as, off); ret = put_tce_emu(tcet, ioba, tce); if (ret) { @@ -278,8 +278,7 @@ static target_ulong h_put_tce_indirect(PowerPCCPU *cpu, /* Trace last successful or the first problematic entry */ i = i ? (i - 1) : 0; trace_spapr_iommu_indirect(liobn, ioba1, tce_list, i, - ldq_phys(cs->as, - tce_list + i * sizeof(target_ulong)), + tce, ret); return ret; -- 1.8.1.4
[Qemu-devel] [PULL 35/40] spapr: override default ram size to 512MB
From: Nikunj A Dadhania Signed-off-by: Nikunj A Dadhania Reviewed-by: Igor Mammedov Reviewed-by: Thomas Huth Acked-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 8a21f1d..2e9ac87 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -1801,6 +1801,7 @@ static void spapr_machine_class_init(ObjectClass *oc, void *data) mc->max_cpus = MAX_CPUS; mc->no_parallel = 1; mc->default_boot_order = ""; +mc->default_ram_size = 512 * M_BYTE; mc->kvm_type = spapr_kvm_type; mc->has_dynamic_sysbus = true; -- 1.8.1.4
[Qemu-devel] [PULL 12/40] spapr_iommu: Make spapr_tce_find_by_liobn() public
From: Alexey Kardashevskiy At the moment spapr_tce_find_by_liobn() is used by H_PUT_TCE/... handlers to find an IOMMU by LIOBN. We are going to implement Dynamic DMA windows (DDW), new code will go to a new file and we will use spapr_tce_find_by_liobn() there too so let's make it public. Signed-off-by: Alexey Kardashevskiy Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_iommu.c | 2 +- include/hw/ppc/spapr.h | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/hw/ppc/spapr_iommu.c b/hw/ppc/spapr_iommu.c index 3a773f7..c17e831 100644 --- a/hw/ppc/spapr_iommu.c +++ b/hw/ppc/spapr_iommu.c @@ -41,7 +41,7 @@ enum sPAPRTCEAccess { static QLIST_HEAD(spapr_tce_tables, sPAPRTCETable) spapr_tce_tables; -static sPAPRTCETable *spapr_tce_find_by_liobn(uint32_t liobn) +sPAPRTCETable *spapr_tce_find_by_liobn(uint32_t liobn) { sPAPRTCETable *tcet; diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h index 1dab3e1..7d9ab9d 100644 --- a/include/hw/ppc/spapr.h +++ b/include/hw/ppc/spapr.h @@ -511,6 +511,7 @@ struct sPAPRTCETable { QLIST_ENTRY(sPAPRTCETable) list; }; +sPAPRTCETable *spapr_tce_find_by_liobn(uint32_t liobn); void spapr_events_init(sPAPREnvironment *spapr); void spapr_events_fdt_skel(void *fdt, uint32_t epow_irq); int spapr_h_cas_compose_response(target_ulong addr, target_ulong size); -- 1.8.1.4
[Qemu-devel] [PULL 33/40] spapr_pci: emit hotplug add/remove events during hotplug
From: Tyrel Datwyler This uses extension of existing EPOW interrupt/event mechanism to notify userspace tools like librtas/drmgr to handle in-guest configuration/cleanup operations in response to device_add/device_del. Userspace tools that don't implement this extension will need to be run manually in response/advance of device_add/device_del, respectively. Signed-off-by: Tyrel Datwyler Signed-off-by: Michael Roth Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_pci.c | 4 1 file changed, 4 insertions(+) diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c index d2e4161..4df3a33 100644 --- a/hw/ppc/spapr_pci.c +++ b/hw/ppc/spapr_pci.c @@ -1075,6 +1075,9 @@ static void spapr_phb_hot_plug_child(HotplugHandler *plug_handler, error_propagate(errp, local_err); return; } +if (plugged_dev->hotplugged) { +spapr_hotplug_req_add_event(drc); +} } static void spapr_phb_hot_unplug_child(HotplugHandler *plug_handler, @@ -1101,6 +1104,7 @@ static void spapr_phb_hot_unplug_child(HotplugHandler *plug_handler, error_propagate(errp, local_err); return; } +spapr_hotplug_req_remove_event(drc); } } -- 1.8.1.4
[Qemu-devel] [PULL 15/40] hw/ppc/spapr_iommu: Fix the check for invalid upper bits in liobn
From: Thomas Huth The check "liobn & 0xULL" in spapr_tce_find_by_liobn() is completely useless since liobn is only declared as an uint32_t parameter. Fix this by using target_ulong instead (this is what most of the callers of this function are using, too). Signed-off-by: Thomas Huth Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_iommu.c | 4 ++-- include/hw/ppc/spapr.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/hw/ppc/spapr_iommu.c b/hw/ppc/spapr_iommu.c index a14cdc4..8cd9dba 100644 --- a/hw/ppc/spapr_iommu.c +++ b/hw/ppc/spapr_iommu.c @@ -41,7 +41,7 @@ enum sPAPRTCEAccess { static QLIST_HEAD(spapr_tce_tables, sPAPRTCETable) spapr_tce_tables; -sPAPRTCETable *spapr_tce_find_by_liobn(uint32_t liobn) +sPAPRTCETable *spapr_tce_find_by_liobn(target_ulong liobn) { sPAPRTCETable *tcet; @@ -52,7 +52,7 @@ sPAPRTCETable *spapr_tce_find_by_liobn(uint32_t liobn) } QLIST_FOREACH(tcet, &spapr_tce_tables, list) { -if (tcet->liobn == liobn) { +if (tcet->liobn == (uint32_t)liobn) { return tcet; } } diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h index 7d9ab9d..317feb6 100644 --- a/include/hw/ppc/spapr.h +++ b/include/hw/ppc/spapr.h @@ -511,7 +511,7 @@ struct sPAPRTCETable { QLIST_ENTRY(sPAPRTCETable) list; }; -sPAPRTCETable *spapr_tce_find_by_liobn(uint32_t liobn); +sPAPRTCETable *spapr_tce_find_by_liobn(target_ulong liobn); void spapr_events_init(sPAPREnvironment *spapr); void spapr_events_fdt_skel(void *fdt, uint32_t epow_irq); int spapr_h_cas_compose_response(target_ulong addr, target_ulong size); -- 1.8.1.4
[Qemu-devel] [PULL 04/40] spapr_pci: Fix unsafe signed/unsigned comparisons
From: David Gibson spapr_pci.c contains a number of expressions of the form (uval == -1) or (uval != -1), where 'uval' is an unsigned value. This mostly works in practice, because as long as the width of uval is greater or equal than that of (int), the -1 will be promoted to the unsigned type, which is the expected outcome. However, at least for the cases where uval is uint32_t, this would break on platforms where sizeof(int) > 4 (and a few such do exist), because then the uint32_t value would be promoted to the larger int type, and never be equal to -1. This patch fixes these errors. The fixes for the (uint32_t) cases are necessary as described above. I've made similar fixes to (uint64_t) and (hwaddr) cases. Those are strictly theoretical, since I don't know of any platforms where sizeof(int) > 8, but hey, it's not that hard so we might as well be strictly C standard compliant. Reported-by: Markus Armbruster Signed-off-by: David Gibson Reviewed-by: Markus Armbruster Signed-off-by: Alexander Graf --- hw/ppc/spapr_pci.c | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c index 05f4fac..03f6d96 100644 --- a/hw/ppc/spapr_pci.c +++ b/hw/ppc/spapr_pci.c @@ -742,12 +742,12 @@ static void spapr_phb_realize(DeviceState *dev, Error **errp) PCIBus *bus; uint64_t msi_window_size = 4096; -if (sphb->index != -1) { +if (sphb->index != (uint32_t)-1) { hwaddr windows_base; -if ((sphb->buid != -1) || (sphb->dma_liobn != -1) -|| (sphb->mem_win_addr != -1) -|| (sphb->io_win_addr != -1)) { +if ((sphb->buid != (uint64_t)-1) || (sphb->dma_liobn != (uint32_t)-1) +|| (sphb->mem_win_addr != (hwaddr)-1) +|| (sphb->io_win_addr != (hwaddr)-1)) { error_setg(errp, "Either \"index\" or other parameters must" " be specified for PAPR PHB, not both"); return; @@ -768,22 +768,22 @@ static void spapr_phb_realize(DeviceState *dev, Error **errp) sphb->io_win_addr = windows_base + SPAPR_PCI_IO_WIN_OFF; } -if (sphb->buid == -1) { +if (sphb->buid == (uint64_t)-1) { error_setg(errp, "BUID not specified for PHB"); return; } -if (sphb->dma_liobn == -1) { +if (sphb->dma_liobn == (uint32_t)-1) { error_setg(errp, "LIOBN not specified for PHB"); return; } -if (sphb->mem_win_addr == -1) { +if (sphb->mem_win_addr == (hwaddr)-1) { error_setg(errp, "Memory window address not specified for PHB"); return; } -if (sphb->io_win_addr == -1) { +if (sphb->io_win_addr == (hwaddr)-1) { error_setg(errp, "IO window address not specified for PHB"); return; } -- 1.8.1.4
[Qemu-devel] [PULL 05/40] spapr_iommu: Disable in-kernel IOMMU tables for >4GB windows
From: Alexey Kardashevskiy The existing KVM_CREATE_SPAPR_TCE ioctl only support 4G windows max as the window size parameter to the kernel ioctl() is 32-bit so there's no way of expressing a TCE window > 4GB. We are going to add huge DMA windows support so this will create small window and unexpectedly fail later. This disables KVM_CREATE_SPAPR_TCE for windows bigger that 4GB. Signed-off-by: Alexey Kardashevskiy Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_iommu.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hw/ppc/spapr_iommu.c b/hw/ppc/spapr_iommu.c index f3990fd..e19bf89 100644 --- a/hw/ppc/spapr_iommu.c +++ b/hw/ppc/spapr_iommu.c @@ -126,11 +126,11 @@ static MemoryRegionIOMMUOps spapr_iommu_ops = { static int spapr_tce_table_realize(DeviceState *dev) { sPAPRTCETable *tcet = SPAPR_TCE_TABLE(dev); +uint64_t window_size = (uint64_t)tcet->nb_table << tcet->page_shift; -if (kvm_enabled()) { +if (kvm_enabled() && !(window_size >> 32)) { tcet->table = kvmppc_create_spapr_tce(tcet->liobn, - tcet->nb_table << - tcet->page_shift, + window_size, &tcet->fd, tcet->vfio_accel); } -- 1.8.1.4
[Qemu-devel] [PULL 24/40] spapr: add rtas_st_buffer_direct() helper
From: Michael Roth This is similar to the existing rtas_st_buffer(), but for cases where the guest is not expecting a length-encoded byte array. Namely, for calls where a "work area" buffer is used to pass around arbitrary fields/data. Signed-off-by: Michael Roth Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- include/hw/ppc/spapr.h | 10 -- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h index 8810911..65ef7dd 100644 --- a/include/hw/ppc/spapr.h +++ b/include/hw/ppc/spapr.h @@ -464,6 +464,13 @@ static inline void rtas_st(target_ulong phys, int n, uint32_t val) stl_be_phys(&address_space_memory, ppc64_phys_to_real(phys + 4*n), val); } +static inline void rtas_st_buffer_direct(target_ulong phys, + target_ulong phys_len, + uint8_t *buffer, uint16_t buffer_len) +{ +cpu_physical_memory_write(ppc64_phys_to_real(phys), buffer, + MIN(buffer_len, phys_len)); +} static inline void rtas_st_buffer(target_ulong phys, target_ulong phys_len, uint8_t *buffer, uint16_t buffer_len) @@ -473,8 +480,7 @@ static inline void rtas_st_buffer(target_ulong phys, target_ulong phys_len, } stw_be_phys(&address_space_memory, ppc64_phys_to_real(phys), buffer_len); -cpu_physical_memory_write(ppc64_phys_to_real(phys + 2), - buffer, MIN(buffer_len, phys_len - 2)); +rtas_st_buffer_direct(phys + 2, phys_len - 2, buffer, buffer_len); } typedef void (*spapr_rtas_fn)(PowerPCCPU *cpu, sPAPREnvironment *spapr, -- 1.8.1.4
[Qemu-devel] [PULL 23/40] spapr_rtas: add get-sensor-state RTAS interface
From: Mike Day This interface allows a guest to read various platform/device sensors. initially, we only implement support necessary to support hotplug: reading of the dr-entity-sense sensor, which communicates the state of a hotplugged resource/device to the guest (EMPTY/PRESENT/UNUSABLE). See docs/specs/ppc-spapr-hotplug.txt for a complete description of this interface. Signed-off-by: Mike Day Signed-off-by: Michael Roth Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_rtas.c | 43 +++ 1 file changed, 43 insertions(+) diff --git a/hw/ppc/spapr_rtas.c b/hw/ppc/spapr_rtas.c index 6c741fa..f80beb2 100644 --- a/hw/ppc/spapr_rtas.c +++ b/hw/ppc/spapr_rtas.c @@ -377,6 +377,47 @@ out_unimplemented: rtas_st(rets, 0, RTAS_OUT_NOT_SUPPORTED); } +static void rtas_get_sensor_state(PowerPCCPU *cpu, sPAPREnvironment *spapr, + uint32_t token, uint32_t nargs, + target_ulong args, uint32_t nret, + target_ulong rets) +{ +uint32_t sensor_type; +uint32_t sensor_index; +sPAPRDRConnector *drc; +sPAPRDRConnectorClass *drck; +uint32_t entity_sense; + +if (nargs != 2 || nret != 2) { +rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); +return; +} + +sensor_type = rtas_ld(args, 0); +sensor_index = rtas_ld(args, 1); + +if (sensor_type != RTAS_SENSOR_TYPE_ENTITY_SENSE) { +/* currently only DR-related sensors are implemented */ +DPRINTF("rtas_get_sensor_state: sensor/indicator not implemented: %d\n", +sensor_type); +rtas_st(rets, 0, RTAS_OUT_NOT_SUPPORTED); +return; +} + +drc = spapr_dr_connector_by_index(sensor_index); +if (!drc) { +DPRINTF("rtas_get_sensor_state: invalid sensor/DRC index: %xh\n", +sensor_index); +rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); +return; +} +drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc); +entity_sense = drck->entity_sense(drc); + +rtas_st(rets, 0, RTAS_OUT_SUCCESS); +rtas_st(rets, 1, entity_sense); +} + static struct rtas_call { const char *name; spapr_rtas_fn fn; @@ -508,6 +549,8 @@ static void core_rtas_register_types(void) rtas_get_power_level); spapr_rtas_register(RTAS_SET_INDICATOR, "set-indicator", rtas_set_indicator); +spapr_rtas_register(RTAS_GET_SENSOR_STATE, "get-sensor-state", +rtas_get_sensor_state); } type_init(core_rtas_register_types) -- 1.8.1.4
[Qemu-devel] [PULL 30/40] spapr_pci: create DRConnectors for each PCI slot during PHB realize
From: Michael Roth These will be used to support hotplug/unplug of PCI devices to the PCI bus associated with a particular PHB. We also set up device-tree properties in each PHBs initial FDT to describe the DRCs associated with them. This advertises to guests that each PHB is DR-capable device with physical hotpluggable slots, each managed by the corresponding DRC. This is necessary for allowing hotplugging of devices to it later via bus rescan or guest rpaphp hotplug module. Signed-off-by: Michael Roth Reviewed-by: David Gibson Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_pci.c | 18 +- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c index a2dcc6a..c17e5f2 100644 --- a/hw/ppc/spapr_pci.c +++ b/hw/ppc/spapr_pci.c @@ -35,6 +35,7 @@ #include "qemu/error-report.h" #include "hw/pci/pci_bus.h" +#include "hw/ppc/spapr_drc.h" /* Copied from the kernel arch/powerpc/platforms/pseries/msi.c */ #define RTAS_QUERY_FN 0 @@ -880,6 +881,15 @@ static void spapr_phb_realize(DeviceState *dev, Error **errp) sphb->lsi_table[i].irq = irq; } +/* allocate connectors for child PCI devices */ +if (sphb->dr_enabled) { +for (i = 0; i < PCI_SLOT_MAX * 8; i++) { +spapr_dr_connector_new(OBJECT(phb), + SPAPR_DR_CONNECTOR_TYPE_PCI, + (sphb->index << 16) | i); +} +} + if (!info->finish_realize) { error_setg(errp, "finish_realize not defined"); return; @@ -1096,7 +1106,7 @@ int spapr_populate_pci_dt(sPAPRPHBState *phb, uint32_t xics_phandle, void *fdt) { -int bus_off, i, j; +int bus_off, i, j, ret; char nodename[256]; uint32_t bus_range[] = { cpu_to_be32(0), cpu_to_be32(0xff) }; const uint64_t mmiosize = memory_region_size(&phb->memwindow); @@ -1188,6 +1198,12 @@ int spapr_populate_pci_dt(sPAPRPHBState *phb, tcet->liobn, tcet->bus_offset, tcet->nb_table << tcet->page_shift); +ret = spapr_drc_populate_dt(fdt, bus_off, OBJECT(phb), +SPAPR_DR_CONNECTOR_TYPE_PCI); +if (ret) { +return ret; +} + return 0; } -- 1.8.1.4
[Qemu-devel] [PULL 31/40] pci: make pci_bar useable outside pci.c
From: Michael Roth We need to work with PCI BARs to generate OF properties during PCI hotplug for sPAPR guests. Signed-off-by: Michael Roth Reviewed-by: David Gibson Acked-by: Michael S. Tsirkin Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/pci/pci.c | 2 +- include/hw/pci/pci.h | 6 ++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/hw/pci/pci.c b/hw/pci/pci.c index 48f19a3..3423c3a 100644 --- a/hw/pci/pci.c +++ b/hw/pci/pci.c @@ -123,7 +123,7 @@ static uint16_t pci_default_sub_device_id = PCI_SUBDEVICE_ID_QEMU; static QLIST_HEAD(, PCIHostState) pci_host_bridges; -static int pci_bar(PCIDevice *d, int reg) +int pci_bar(PCIDevice *d, int reg) { uint8_t type; diff --git a/include/hw/pci/pci.h b/include/hw/pci/pci.h index 5d050c8..6c2af0d 100644 --- a/include/hw/pci/pci.h +++ b/include/hw/pci/pci.h @@ -334,6 +334,12 @@ int pci_device_load(PCIDevice *s, QEMUFile *f); MemoryRegion *pci_address_space(PCIDevice *dev); MemoryRegion *pci_address_space_io(PCIDevice *dev); +/* + * Should not normally be used by devices. For use by sPAPR target + * where QEMU emulates firmware. + */ +int pci_bar(PCIDevice *d, int reg); + typedef void (*pci_set_irq_fn)(void *opaque, int irq_num, int level); typedef int (*pci_map_irq_fn)(PCIDevice *pci_dev, int irq_num); typedef PCIINTxRoute (*pci_route_irq_fn)(void *opaque, int pin); -- 1.8.1.4
[Qemu-devel] [PULL 00/40] ppc patch queue 2015-06-03
Hi Peter, This is my current patch queue for ppc. Please pull. Alex The following changes since commit 3fc827d591679f3e262b9d1f8b34528eabfca8c0: target-arm: Correct check for non-EL3 (2015-06-02 13:22:29 +0100) are available in the git repository at: git://github.com/agraf/qemu.git tags/signed-ppc-for-upstream for you to fetch changes up to e229d3cc64420204cdb40b983ce08eae657812f9: softmmu: support up to 12 MMU modes (2015-06-03 23:42:13 +0200) Patch queue for ppc - 2015-06-03 Highlights this time around: - sPAPR: endian fixes, speedups, bug fixes, hotplug basics - add default ram size capability for machines (sPAPR defaults to 512MB now) Alexey Kardashevskiy (10): spapr_iommu: Disable in-kernel IOMMU tables for >4GB windows spapr_iommu: Make H_PUT_TCE_INDIRECT endian-safe spapr_pci: Introduce a liobn number generating macros spapr_vio: Introduce a liobn number generating macros spapr_pci: Define default DMA window size as a macro spapr_iommu: Add separate trace points for PCI DMA operations spapr_pci: Make find_phb()/find_dev() public spapr_iommu: Make spapr_tce_find_by_liobn() public spapr_pci: Rework device-tree rendering spapr_iommu: Give unique QOM name to TCE table David Gibson (4): spapr_pci: Fix unsafe signed/unsigned comparisons pseries: Add pseries-2.4 machine type pseries: Enable in-kernel H_LOGICAL_CI_{LOAD, STORE} implementations Add David Gibson for sPAPR in MAINTAINERS file Markus Armbruster (1): macio: Convert to realize() Michael Roth (9): docs: add sPAPR hotplug/dynamic-reconfiguration documentation spapr_drc: initial implementation of sPAPRDRConnector device spapr: add rtas_st_buffer_direct() helper spapr_rtas: add ibm, configure-connector RTAS interface spapr_drc: add spapr_drc_populate_dt() spapr_pci: add dynamic-reconfiguration option for spapr-pci-host-bridge spapr_pci: create DRConnectors for each PCI slot during PHB realize pci: make pci_bar useable outside pci.c spapr_pci: enable basic hotplug operations Mike Day (2): spapr_rtas: add set-indicator RTAS interface spapr_rtas: add get-sensor-state RTAS interface Nathan Fontenot (2): spapr_rtas: add get/set-power-level RTAS interfaces spapr_events: re-use EPOW event infrastructure for hotplug events Nikunj A Dadhania (2): machine: add default_ram_size to machine class spapr: override default ram size to 512MB Paolo Bonzini (3): tci: do not use CPUArchState in tcg-target.h tcg: add TCG_TARGET_TLB_DISPLACEMENT_BITS softmmu: support up to 12 MMU modes Thomas Huth (5): dtc: Update dtc / libfdt submodule to version 1.4.0 configure: Check for libfdt version 1.4.0 hw/ppc/spapr_iommu: Fix the check for invalid upper bits in liobn hw/ppc/spapr: Fix error message when firmware could not be loaded hw/ppc/spapr: Use error_report() instead of hw_error() Tyrel Datwyler (2): spapr_events: event-scan RTAS interface spapr_pci: emit hotplug add/remove events during hotplug MAINTAINERS | 3 +- configure| 6 +- docs/specs/ppc-spapr-hotplug.txt | 287 +++ dtc | 2 +- hw/core/machine.c| 9 + hw/misc/macio/macio.c| 71 ++-- hw/pci/pci.c | 2 +- hw/ppc/Makefile.objs | 2 +- hw/ppc/spapr.c | 49 ++- hw/ppc/spapr_drc.c | 744 +++ hw/ppc/spapr_events.c| 338 +++--- hw/ppc/spapr_iommu.c | 46 ++- hw/ppc/spapr_pci.c | 513 +++ hw/ppc/spapr_rtas.c | 361 +++ hw/ppc/spapr_vio.c | 2 +- include/exec/cpu-defs.h | 35 +- include/exec/cpu_ldst.h | 104 +- include/hw/boards.h | 1 + include/hw/pci-host/spapr.h | 7 + include/hw/pci/pci.h | 6 + include/hw/ppc/spapr.h | 59 +++- include/hw/ppc/spapr_drc.h | 201 +++ include/qemu-common.h| 6 + target-ppc/kvm.c | 17 + target-ppc/kvm_ppc.h | 5 + tcg/aarch64/tcg-target.h | 1 + tcg/arm/tcg-target.h | 1 + tcg/i386/tcg-target.h| 1 + tcg/ia64/tcg-target.h| 2 + tcg/mips/tcg-target.h| 1 + tcg/ppc/tcg-target.h | 1 + tcg/s390/tcg-target.h| 1 + tcg/sparc/tcg-target.h | 1 + tcg/tcg.h| 4 +- tcg/tci/tcg-target.h | 4 +- trace-events | 4 + vl.c | 30 +- 37 files chan
[Qemu-devel] [PULL 03/40] configure: Check for libfdt version 1.4.0
From: Thomas Huth Some recent patches require a function from libfdt version 1.4.0, so we should check for this version during the configure step already. Unfortunately, there does not seem to be a proper #define for the version number in the libfdt headers. So alternatively, we check for the availability of the required function fdt_get_property_by_offset() instead instead. Signed-off-by: Thomas Huth Signed-off-by: Alexander Graf --- configure | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/configure b/configure index 4e2f78a..35111b2 100755 --- a/configure +++ b/configure @@ -3115,9 +3115,11 @@ fi if test "$fdt" != "no" ; then fdt_libs="-lfdt" # explicitly check for libfdt_env.h as it is missing in some stable installs + # and test for required functions to make sure we are on a version >= 1.4.0 cat > $TMPC << EOF +#include #include -int main(void) { return 0; } +int main(void) { fdt_get_property_by_offset(0, 0, 0); return 0; } EOF if compile_prog "" "$fdt_libs" ; then # system DTC is good - use it @@ -3135,7 +3137,7 @@ EOF fdt_libs="-L\$(BUILD_DIR)/dtc/libfdt $fdt_libs" elif test "$fdt" = "yes" ; then # have neither and want - prompt for system/submodule install -error_exit "DTC (libfdt) not present. Your options:" \ +error_exit "DTC (libfdt) version >= 1.4.0 not present. Your options:" \ " (1) Preferred: Install the DTC (libfdt) devel package" \ " (2) Fetch the DTC submodule, using:" \ " git submodule update --init dtc" -- 1.8.1.4
[Qemu-devel] [PULL 10/40] spapr_iommu: Add separate trace points for PCI DMA operations
From: Alexey Kardashevskiy This is to reduce VIO noise while debugging PCI DMA. Signed-off-by: Alexey Kardashevskiy Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/ppc/spapr_iommu.c | 27 --- include/hw/ppc/spapr.h | 1 + trace-events | 4 3 files changed, 25 insertions(+), 7 deletions(-) diff --git a/hw/ppc/spapr_iommu.c b/hw/ppc/spapr_iommu.c index 65ca469..3a773f7 100644 --- a/hw/ppc/spapr_iommu.c +++ b/hw/ppc/spapr_iommu.c @@ -277,10 +277,11 @@ static target_ulong h_put_tce_indirect(PowerPCCPU *cpu, /* Trace last successful or the first problematic entry */ i = i ? (i - 1) : 0; -trace_spapr_iommu_indirect(liobn, ioba1, tce_list, i, - tce, - ret); - +if (SPAPR_IS_PCI_LIOBN(liobn)) { +trace_spapr_iommu_pci_indirect(liobn, ioba1, tce_list, i, tce, ret); +} else { +trace_spapr_iommu_indirect(liobn, ioba1, tce_list, i, tce, ret); +} return ret; } @@ -314,7 +315,11 @@ static target_ulong h_stuff_tce(PowerPCCPU *cpu, sPAPREnvironment *spapr, break; } } -trace_spapr_iommu_stuff(liobn, ioba, tce_value, npages, ret); +if (SPAPR_IS_PCI_LIOBN(liobn)) { +trace_spapr_iommu_pci_stuff(liobn, ioba, tce_value, npages, ret); +} else { +trace_spapr_iommu_stuff(liobn, ioba, tce_value, npages, ret); +} return ret; } @@ -335,7 +340,11 @@ static target_ulong h_put_tce(PowerPCCPU *cpu, sPAPREnvironment *spapr, ret = put_tce_emu(tcet, ioba, tce); } -trace_spapr_iommu_put(liobn, ioba, tce, ret); +if (SPAPR_IS_PCI_LIOBN(liobn)) { +trace_spapr_iommu_pci_put(liobn, ioba, tce, ret); +} else { +trace_spapr_iommu_put(liobn, ioba, tce, ret); +} return ret; } @@ -375,7 +384,11 @@ static target_ulong h_get_tce(PowerPCCPU *cpu, sPAPREnvironment *spapr, args[0] = tce; } } -trace_spapr_iommu_get(liobn, ioba, ret, tce); +if (SPAPR_IS_PCI_LIOBN(liobn)) { +trace_spapr_iommu_pci_get(liobn, ioba, ret, tce); +} else { +trace_spapr_iommu_get(liobn, ioba, ret, tce); +} return ret; } diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h index 92ee72b..1dab3e1 100644 --- a/include/hw/ppc/spapr.h +++ b/include/hw/ppc/spapr.h @@ -485,6 +485,7 @@ int spapr_rtas_device_tree_setup(void *fdt, hwaddr rtas_addr, #define SPAPR_VIO_LIOBN(reg)(0x | (reg)) #define SPAPR_PCI_LIOBN(phb_index, window_num) \ (0x8000 | ((phb_index) << 8) | (window_num)) +#define SPAPR_IS_PCI_LIOBN(liobn) (!!((liobn) & 0x8000)) #define SPAPR_PCI_DMA_WINDOW_NUM(liobn) ((liobn) & 0xff) #define RTAS_ERROR_LOG_MAX 2048 diff --git a/trace-events b/trace-events index 3bb1f04..a589650 100644 --- a/trace-events +++ b/trace-events @@ -1338,6 +1338,10 @@ spapr_iommu_put(uint64_t liobn, uint64_t ioba, uint64_t tce, uint64_t ret) "liob spapr_iommu_get(uint64_t liobn, uint64_t ioba, uint64_t ret, uint64_t tce) "liobn=%"PRIx64" ioba=0x%"PRIx64" ret=%"PRId64" tce=0x%"PRIx64 spapr_iommu_indirect(uint64_t liobn, uint64_t ioba, uint64_t tce, uint64_t iobaN, uint64_t tceN, uint64_t ret) "liobn=%"PRIx64" ioba=0x%"PRIx64" tcelist=0x%"PRIx64" iobaN=0x%"PRIx64" tceN=0x%"PRIx64" ret=%"PRId64 spapr_iommu_stuff(uint64_t liobn, uint64_t ioba, uint64_t tce_value, uint64_t npages, uint64_t ret) "liobn=%"PRIx64" ioba=0x%"PRIx64" tcevalue=0x%"PRIx64" npages=%"PRId64" ret=%"PRId64 +spapr_iommu_pci_put(uint64_t liobn, uint64_t ioba, uint64_t tce, uint64_t ret) "liobn=%"PRIx64" ioba=0x%"PRIx64" tce=0x%"PRIx64" ret=%"PRId64 +spapr_iommu_pci_get(uint64_t liobn, uint64_t ioba, uint64_t ret, uint64_t tce) "liobn=%"PRIx64" ioba=0x%"PRIx64" ret=%"PRId64" tce=0x%"PRIx64 +spapr_iommu_pci_indirect(uint64_t liobn, uint64_t ioba, uint64_t tce, uint64_t iobaN, uint64_t tceN, uint64_t ret) "liobn=%"PRIx64" ioba=0x%"PRIx64" tcelist=0x%"PRIx64" iobaN=0x%"PRIx64" tceN=0x%"PRIx64" ret=%"PRId64 +spapr_iommu_pci_stuff(uint64_t liobn, uint64_t ioba, uint64_t tce_value, uint64_t npages, uint64_t ret) "liobn=%"PRIx64" ioba=0x%"PRIx64" tcevalue=0x%"PRIx64" npages=%"PRId64" ret=%"PRId64 spapr_iommu_xlate(uint64_t liobn, uint64_t ioba, uint64_t tce, unsigned perm, unsigned pgsize) "liobn=%"PRIx64" 0x%"PRIx64" -> 0x%"PRIx64" perm=%u mask=%x" spapr_iommu_new_table(uint64_t liobn, void *tcet, void *table, int fd) "liobn=%"PRIx64" tcet=%p table=%p fd=%d" -- 1.8.1.4
[Qemu-devel] [PULL 02/40] dtc: Update dtc / libfdt submodule to version 1.4.0
From: Thomas Huth Since some recent patches require libfdt version 1.4.0, let's update the dtc submodule to this version. Signed-off-by: Thomas Huth Signed-off-by: Alexander Graf --- dtc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dtc b/dtc index bc895d6..65cc4d2 16 --- a/dtc +++ b/dtc @@ -1 +1 @@ -Subproject commit bc895d6d09695d05ceb8b52486ffe861d6cfbdde +Subproject commit 65cc4d2748a2c2e6f27f1cf39e07a5dbabd80ebf -- 1.8.1.4
[Qemu-devel] [PULL 01/40] macio: Convert to realize()
From: Markus Armbruster Alexander Graf writes: > On 09.03.15 19:30, Markus Armbruster wrote: >> Alexander Graf writes: >> >>> On 27.02.15 13:43, Markus Armbruster wrote: Convert device models "macio-oldworld" and "macio-newworld". Signed-off-by: Markus Armbruster --- Depends on my "[PATCH 00/10] pci: Partial conversion to realize", which is in Michael's latest pull request. >>> >>> Can you please poke me again when it landed? >> >> Applies cleanly to master now (commit 277263e). > > Hrm, does not seem to apply cleanly now. How about we postpone this to > 2.4? It's not really crucial for 2.3 and we're in hard freeze now. Sad (it's been on list for almost three weeks, most of the time waiting for the PCI pull), but it's clearly your choice to make. git-am doesn't dare to apply the patch on list, but git-cherry-pick applies the commit from which it was formatted without a peep. Result appended, just in case you'd like to consider it. >From f366a9732b6790609cc89e0c9272899cfbbe4e02 Mon Sep 17 00:00:00 2001 From: Markus Armbruster Date: Tue, 20 Jan 2015 16:27:56 +0100 Subject: [PATCH] macio: Convert to realize() Convert device models "macio-oldworld" and "macio-newworld". Signed-off-by: Markus Armbruster Signed-off-by: Alexander Graf --- hw/misc/macio/macio.c | 71 +++ 1 file changed, 38 insertions(+), 33 deletions(-) diff --git a/hw/misc/macio/macio.c b/hw/misc/macio/macio.c index 063ad80..e9037b0 100644 --- a/hw/misc/macio/macio.c +++ b/hw/misc/macio/macio.c @@ -126,17 +126,18 @@ static void macio_bar_setup(MacIOState *macio_state) } } -static int macio_common_initfn(PCIDevice *d) +static void macio_common_realize(PCIDevice *d, Error **errp) { MacIOState *s = MACIO(d); SysBusDevice *sysbus_dev; -int ret; +Error *err = NULL; d->config[0x3d] = 0x01; // interrupt on pin 1 -ret = qdev_init(DEVICE(&s->cuda)); -if (ret < 0) { -return ret; +object_property_set_bool(OBJECT(&s->cuda), true, "realized", &err); +if (err) { +error_propagate(errp, err); +return; } sysbus_dev = SYS_BUS_DEVICE(&s->cuda); memory_region_add_subregion(&s->bar, 0x16000, @@ -144,12 +145,11 @@ static int macio_common_initfn(PCIDevice *d) macio_bar_setup(s); pci_register_bar(d, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->bar); - -return 0; } -static int macio_initfn_ide(MacIOState *s, MACIOIDEState *ide, qemu_irq irq0, -qemu_irq irq1, int dmaid) +static void macio_realize_ide(MacIOState *s, MACIOIDEState *ide, + qemu_irq irq0, qemu_irq irq1, int dmaid, + Error **errp) { SysBusDevice *sysbus_dev; @@ -157,27 +157,31 @@ static int macio_initfn_ide(MacIOState *s, MACIOIDEState *ide, qemu_irq irq0, sysbus_connect_irq(sysbus_dev, 0, irq0); sysbus_connect_irq(sysbus_dev, 1, irq1); macio_ide_register_dma(ide, s->dbdma, dmaid); -return qdev_init(DEVICE(ide)); +object_property_set_bool(OBJECT(ide), true, "realized", errp); } -static int macio_oldworld_initfn(PCIDevice *d) +static void macio_oldworld_realize(PCIDevice *d, Error **errp) { MacIOState *s = MACIO(d); OldWorldMacIOState *os = OLDWORLD_MACIO(d); +Error *err = NULL; SysBusDevice *sysbus_dev; int i; int cur_irq = 0; -int ret = macio_common_initfn(d); -if (ret < 0) { -return ret; + +macio_common_realize(d, &err); +if (err) { +error_propagate(errp, err); +return; } sysbus_dev = SYS_BUS_DEVICE(&s->cuda); sysbus_connect_irq(sysbus_dev, 0, os->irqs[cur_irq++]); -ret = qdev_init(DEVICE(&os->nvram)); -if (ret < 0) { -return ret; +object_property_set_bool(OBJECT(&os->nvram), true, "realized", &err); +if (err) { +error_propagate(errp, err); +return; } sysbus_dev = SYS_BUS_DEVICE(&os->nvram); memory_region_add_subregion(&s->bar, 0x6, @@ -194,13 +198,12 @@ static int macio_oldworld_initfn(PCIDevice *d) qemu_irq irq0 = os->irqs[cur_irq++]; qemu_irq irq1 = os->irqs[cur_irq++]; -ret = macio_initfn_ide(s, &os->ide[i], irq0, irq1, 0x16 + (i * 4)); -if (ret < 0) { -return ret; +macio_realize_ide(s, &os->ide[i], irq0, irq1, 0x16 + (i * 4), &err); +if (err) { +error_propagate(errp, err); +return; } } - -return 0; } static void macio_init_ide(MacIOState *s, MACIOIDEState *ide, size_t ide_size, @@ -268,17 +271,20 @@ static const MemoryRegionOps timer_ops = { .endianness = DEVICE_LITTLE_ENDIAN, }; -static int macio_newworld_initfn(PCIDevice *d) +static void macio_newworld_realize(PCIDevice *d, Error **errp) { MacIOState *s = MACIO(d); NewWorldMacIOState *ns = NEWWORLD_MACIO(d); +Error *err = NULL; SysBusDevice *sysbus_dev;
Re: [Qemu-devel] [PATCH v2 14/16] target-s390x: support non current ASC in s390_cpu_handle_mmu_fault
On 06/03/2015 02:09 PM, Aurelien Jarno wrote: s390_cpu_handle_mmu_fault currently looks at the current ASC mode defined in PSW mask instead of the MMU index. This prevent emulating easily instructions using a specific ASC mode. Fix that by using the MMU index converted back to ASC using the just added cpu_mmu_idx_to_asc function. Cc: Alexander Graf Cc: Richard Henderson Signed-off-by: Aurelien Jarno --- target-s390x/helper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Reviewed-by: Richard Henderson r~
Re: [Qemu-devel] [PATCH v2 13/16] target-s390x: add a cpu_mmu_idx_to_asc function
On 06/03/2015 02:09 PM, Aurelien Jarno wrote: Use constants to define the MMU indexes, and add a function to do the reverse conversion of cpu_mmu_index. Cc: Alexander Graf Cc: Richard Henderson Signed-off-by: Aurelien Jarno --- target-s390x/cpu.h | 25 ++--- 1 file changed, 22 insertions(+), 3 deletions(-) Reviewed-by: Richard Henderson r~
Re: [Qemu-devel] [PATCH v2 08/16] target-s390x: implement TRANSLATE EXTENDED instruction
On 06/03/2015 02:09 PM, Aurelien Jarno wrote: It is part of the basic zArchitecture instructions. Cc: Alexander Graf Cc: Richard Henderson Signed-off-by: Aurelien Jarno --- target-s390x/helper.h | 1 + target-s390x/insn-data.def | 2 ++ target-s390x/mem_helper.c | 39 +++ target-s390x/translate.c | 9 + 4 files changed, 51 in Reviewed-by: Richard Henderson r~
Re: [Qemu-devel] [PATCH v3 33/38] qmp: Introduce blockdev-change-medium
On 06/03/2015 01:44 PM, Max Reitz wrote: > Introduce a new QMP command 'blockdev-change-medium' which is intended > to replace the 'change' command for block devices. The existing function > qmp_change_blockdev() is accordingly renamed to > qmp_blockdev_change_medium(). > > Signed-off-by: Max Reitz > Reviewed-by: Eric Blake > --- > blockdev.c| 7 --- > include/sysemu/blockdev.h | 2 -- > qapi-schema.json | 6 -- > qapi/block-core.json | 23 +++ > qmp-commands.hx | 31 +++ > qmp.c | 2 +- > 6 files changed, 63 insertions(+), 8 deletions(-) > > +++ b/qapi/block-core.json > @@ -1909,6 +1909,29 @@ > > > ## > +# @blockdev-change-medium: > +# > +# Changes the medium inserted into a block device by ejecting the current > medium > +# and loading a new image file which is inserted as the new medium (this > command > +# combines blockdev-open-tray, blockdev-remove-medium, blockdev-insert-medium > +# and blockdev-close-tray). > +# > +# @device: block device name > +# > +# @filename:filename of the new image to be loaded > +# > +# @format: #optional, format to open the new image with (defaults to > +# the probed format) > +# > +# Since: 2.3 /me the temptation is strong to go back on my word in 26 - ...must resist... :) -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature