[Qemu-devel] [PATCH] target-mips: Fix ALIGN instruction when bp=0

[Miodrag Dinic]

Hello to everyone,

We have uncovered a use-case with ALIGN instruction which is
not handled correctly by QEMU. It impacts both, user and system mode emulation.

Using ALIGN instruction with bp=0 as the last argument, should behave
as a register to register move with sign extension if running on a mips64 
system.
The problem is that the sign extension is not preformed.

Taken from the official documentation :

Operation

ALIGN:
tmp_rt_hi = unsigned_word(GPR[rt]) << (8*bp)
tmp_rs_lo =unsigned_word(GPR[rs]) >> (8*(4-bp))
tmp = tmp_rt_hi || tmp_rt_lo
GPR[rd] = sign_extend.32(tmp)

DALIGN
tmp_rt_hi = unsigned_doubleword(GPR[rt]) << (8*bp)
tmp_rs_lo =unsigned_doubleword(GPR[rs]) >> (8*(8-bp))
tmp = tmp_rt_hi || tmp_rt_lo
GPR[rd] = tmp


Here is a simple test for reproducing the problem :

#include 
#include 
#include 


int main(int argc, char * argv[]) {

  int64_t param1, param2, result, resultd;
  int64_t *param1_ptr = , *param2_ptr = , *result_ptr = , 
*resultd_ptr = 

  uint64_t param1_arr[] = { 0xfedcba98, 0x01234567, 0xaabbccdd, 0x004488bb };
  uint64_t param2_arr[] = { 0x01234567, 0xaabbccdd, 0xfedcba98, 0x004488bb };
  uint64_t result_arr[] = { 0xfedcba98, 0x1234567, 0xaabbccdd, 
0x4488bb };
  uint64_t resultd_arr[] = { 0xfedcba98, 0x1234567, 0xaabbccdd, 0x4488bb };

  printf("\n\n");

  for (int i = 0; i < 4; i++) {
param1 = param1_arr[i];
param2 = param2_arr[i];
  __asm__ volatile(
  "move  $t0, %0\n\t"
  "move  $t1, %1\n\t"
  "move  $t2, %2\n\t"
  "move  $t3, %3\n\t"

  "ld$a0, 0($t0)\n\t"
  "ld$a1, 0($t0)\n\t"
  "align $a2, $a1, $a0, 0\n\t"
  "dalign$a3, $a1, $a0, 0\n\t"
  "sd$a2, 0($t2)\n\t"
  "sd$a3, 0($t3)\n\t"
  :
  : "r" (param1_ptr), "r" (param2_ptr), "r" (result_ptr), "r"(resultd_ptr)
  : "a0", "a1", "a2", "a3", "t0", "t1", "t2", "t3", "cc", "memory");
  printf("ALIGN %s: ", result == result_arr[i] ? "PASS" : "FAIL");
  printf("Expected = %lx, actual = %lx\n", result_arr[i], result);
  printf("DALIGN %s: ", resultd == resultd_arr[i] ? "PASS" : "FAIL");
  printf("Expected = %lx, actual = %lx\n", resultd_arr[i], resultd);
  }
}

Compile it with any available R6 enabled toolchain :

mips-img-linux-gnu-gcc -static -mips64r6 -mabi=64 align-instr.cc -o 
align-instr-test

Running the test :

/mips64el-linux-user/qemu-mips64el -cpu MIPS64R6-generic 
./align-instr-test

ALIGN FAIL: Expected = fedcba98, actual = fedcba98
DALIGN PASS: Expected = fedcba98, actual = fedcba98
ALIGN PASS: Expected = 1234567, actual = 1234567
DALIGN PASS: Expected = 1234567, actual = 1234567
ALIGN FAIL: Expected = aabbccdd, actual = aabbccdd
DALIGN PASS: Expected = aabbccdd, actual = aabbccdd
ALIGN PASS: Expected = 4488bb, actual = 4488bb
DALIGN PASS: Expected = 4488bb, actual = 4488bb


Test includes dalign instruction checking for verification
there is no regression after retesting with a patch applied.

A fix for this issue is to add sign extension for the bp=0
case when running within a 64-bit target.

After applying a patch, the test output is :
/mips64el-linux-user/qemu-mips64el -cpu MIPS64R6-generic 
./align-instr-test

ALIGN PASS: Expected = fedcba98, actual = fedcba98
DALIGN PASS: Expected = fedcba98, actual = fedcba98
ALIGN PASS: Expected = 1234567, actual = 1234567
DALIGN PASS: Expected = 1234567, actual = 1234567
ALIGN PASS: Expected = aabbccdd, actual = aabbccdd
DALIGN PASS: Expected = aabbccdd, actual = aabbccdd
ALIGN PASS: Expected = 4488bb, actual = 4488bb
DALIGN PASS: Expected = 4488bb, actual = 4488bb


Patch is in the attachment.

Regards,
Miodrag

From e01539a11061c447bece8dccde1715da9534024d Mon Sep 17 00:00:00 2001
From: Miodrag Dinic 
Date: Thu, 3 Dec 2015 16:48:57 +0100
Subject: [PATCH] target-mips: Fix ALIGN instruction when bp=0

If executing ALIGN with shift count bp=0 within mips64 emulation,
the result of the operation should be sign extended.

Taken from the official documentation (pseudo code) :

ALIGN:
	tmp_rt_hi = unsigned_word(GPR[rt]) << (8*bp)
	tmp_rs_lo = unsigned_word(GPR[rs]) >> (8*(4-bp))
	tmp = tmp_rt_hi || tmp_rt_lo
	GPR[rd] = sign_extend.32(tmp)

Signed-off-by: Miodrag Dinic 
---
 target-mips/translate.c | 10 +-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/target-mips/translate.c b/target-mips/translate.c
index 5626647..f20678c 100644
--- a/target-mips/translate.c
+++ b/target-mips/translate.c
@@ -4630,7 +4630,15 @@ static void gen_align(DisasContext *ctx, int opc, int rd, int rs, int rt,
 t0 = tcg_temp_new();
 gen_load_gpr(t0, rt);
 if (bp == 0) {
-tcg_gen_mov_tl(cpu_gpr[rd], t0);
+switch (opc) {
+case OPC_ALIGN:
+#if defined(TARGET_MIPS64)
+tcg_gen_ext32s_i64(cpu_gpr[rd], t0);
+

Re: [Qemu-devel] [PATCH v2] net: rocker: fix an incorrect array bounds check

[Jason Wang]

On 12/28/2015 06:54 PM, P J P wrote:
> From: Prasad J Pandit 
>
> While processing transmit(tx) descriptors in 'tx_consume' routine
> the switch emulator suffers from an off-by-one error, if a
> descriptor was to have more than allowed(ROCKER_TX_FRAGS_MAX=16)
> fragments. Fix an incorrect bounds check to avoid it.
>
> Reported-by: Qinghao Tang 
> Signed-off-by: Prasad J Pandit 
> ---
>  hw/net/rocker/rocker.c | 8 
>  1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/hw/net/rocker/rocker.c b/hw/net/rocker/rocker.c
> index c57f1a6..2e77e50 100644
> --- a/hw/net/rocker/rocker.c
> +++ b/hw/net/rocker/rocker.c
> @@ -232,6 +232,9 @@ static int tx_consume(Rocker *r, DescInfo *info)
>  frag_addr = rocker_tlv_get_le64(tlvs[ROCKER_TLV_TX_FRAG_ATTR_ADDR]);
>  frag_len = rocker_tlv_get_le16(tlvs[ROCKER_TLV_TX_FRAG_ATTR_LEN]);
>  
> +if (iovcnt >= ROCKER_TX_FRAGS_MAX) {
> +goto err_too_many_frags;
> +}
>  iov[iovcnt].iov_len = frag_len;
>  iov[iovcnt].iov_base = g_malloc(frag_len);
>  if (!iov[iovcnt].iov_base) {
> @@ -244,10 +247,7 @@ static int tx_consume(Rocker *r, DescInfo *info)
>  err = -ROCKER_ENXIO;
>  goto err_bad_io;
>  }
> -
> -if (++iovcnt > ROCKER_TX_FRAGS_MAX) {
> -goto err_too_many_frags;
> -}
> +iovcnt++;
>  }
>  
>  if (iovcnt) {

Applied in my -net.

Thanks

[Qemu-devel] [PATCH v2] net: rocker: fix an incorrect array bounds check

[P J P]

From: Prasad J Pandit 

While processing transmit(tx) descriptors in 'tx_consume' routine
the switch emulator suffers from an off-by-one error, if a
descriptor was to have more than allowed(ROCKER_TX_FRAGS_MAX=16)
fragments. Fix an incorrect bounds check to avoid it.

Reported-by: Qinghao Tang 
Signed-off-by: Prasad J Pandit 
---
 hw/net/rocker/rocker.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/hw/net/rocker/rocker.c b/hw/net/rocker/rocker.c
index c57f1a6..2e77e50 100644
--- a/hw/net/rocker/rocker.c
+++ b/hw/net/rocker/rocker.c
@@ -232,6 +232,9 @@ static int tx_consume(Rocker *r, DescInfo *info)
 frag_addr = rocker_tlv_get_le64(tlvs[ROCKER_TLV_TX_FRAG_ATTR_ADDR]);
 frag_len = rocker_tlv_get_le16(tlvs[ROCKER_TLV_TX_FRAG_ATTR_LEN]);
 
+if (iovcnt >= ROCKER_TX_FRAGS_MAX) {
+goto err_too_many_frags;
+}
 iov[iovcnt].iov_len = frag_len;
 iov[iovcnt].iov_base = g_malloc(frag_len);
 if (!iov[iovcnt].iov_base) {
@@ -244,10 +247,7 @@ static int tx_consume(Rocker *r, DescInfo *info)
 err = -ROCKER_ENXIO;
 goto err_bad_io;
 }
-
-if (++iovcnt > ROCKER_TX_FRAGS_MAX) {
-goto err_too_many_frags;
-}
+iovcnt++;
 }
 
 if (iovcnt) {
-- 
2.4.3

Re: [Qemu-devel] live migration vs device assignment (motivation)

[Pavel Fedin]

 Hello!

> A dedicated IRQ per device for something that is a system wide event
> sounds like a waste.  I don't understand why a spec change is strictly
> required, we only need to support this with the specific virtual bridge
> used by QEMU, so I think that a vendor specific capability will do.
> Once this works well in the field, a PCI spec ECN might make sense
> to standardise the capability.

 Keeping track of your discussion for some time, decided to jump in...
 So far, we want to have some kind of mailbox to notify the quest about 
migration. So what about some dedicated "pci device" for
this purpose? Some kind of "migration controller". This is:
a) perhaps easier to implement than capability, we don't need to push anything 
to PCI spec.
b) could easily make friendship with Windows, because this means that no bus 
code has to be touched at all. It would rely only on
drivers' ability to communicate with each other (i guess it should be possible 
in Windows, isn't it?)
c) does not need to steal resources (BARs, IRQs, etc) from the actual devices.

Kind regards,
Pavel Fedin
Expert Engineer
Samsung Electronics Research center Russia

Re: [Qemu-devel] live migration vs device assignment (motivation)

[Michael S. Tsirkin]

On Sun, Dec 27, 2015 at 01:45:15PM -0800, Alexander Duyck wrote:
> On Sun, Dec 27, 2015 at 1:21 AM, Michael S. Tsirkin  wrote:
> > On Fri, Dec 25, 2015 at 02:31:14PM -0800, Alexander Duyck wrote:
> >> The PCI hot-plug specification calls out that the OS can optionally
> >> implement a "pause" mechanism which is meant to be used for high
> >> availability type environments.  What I am proposing is basically
> >> extending the standard SHPC capable PCI bridge so that we can support
> >> the DMA page dirtying for everything hosted on it, add a vendor
> >> specific block to the config space so that the guest can notify the
> >> host that it will do page dirtying, and add a mechanism to indicate
> >> that all hot-plug events during the warm-up phase of the migration are
> >> pause events instead of full removals.
> >
> > Two comments:
> >
> > 1. A vendor specific capability will always be problematic.
> > Better to register a capability id with pci sig.
> >
> > 2. There are actually several capabilities:
> >
> > A. support for memory dirtying
> > if not supported, we must stop device before migration
> >
> > This is supported by core guest OS code,
> > using patches similar to posted by you.
> >
> >
> > B. support for device replacement
> > This is a faster form of hotplug, where device is removed and
> > later another device using same driver is inserted in the same slot.
> >
> > This is a possible optimization, but I am convinced
> > (A) should be implemented independently of (B).
> >
> 
> My thought on this was that we don't need much to really implement
> either feature.  Really only a bit or two for either one.  I had
> thought about extending the PCI Advanced Features, but for now it
> might make more sense to just implement it as a vendor capability for
> the QEMU based bridges instead of trying to make this a true PCI
> capability since I am not sure if this in any way would apply to
> physical hardware.  The fact is the PCI Advanced Features capability
> is essentially just a vendor specific capability with a different ID

Interesting. I see it more as a backport of pci express
features to pci.

> so if we were to use 2 bits that are currently reserved in the
> capability we could later merge the functionality without much
> overhead.

Don't do this. You must not touch reserved bits.

> I fully agree that the two implementations should be separate but
> nothing says we have to implement them completely different.  If we
> are just using 3 bits for capability, status, and control of each
> feature there is no reason for them to need to be stored in separate
> locations.

True.

> >> I've been poking around in the kernel and QEMU code and the part I
> >> have been trying to sort out is how to get QEMU based pci-bridge to
> >> use the SHPC driver because from what I can tell the driver never
> >> actually gets loaded on the device as it is left in the control of
> >> ACPI hot-plug.
> >
> > There are ways, but you can just use pci express, it's easier.
> 
> That's true.  I should probably just give up on trying to do an
> implementation that works with the i440fx implementation.  I could
> probably move over to the q35 and once that is done then we could look
> at something like the PCI Advanced Features solution for something
> like the PCI-bridge drivers.
> 
> - Alex

Once we have a decent idea of what's required, I can write
an ECN for pci code and id assignment specification.
That's cleaner than vendor specific stuff that's tied to
a specific device/vendor ID.

-- 
MST

Re: [Qemu-devel] [PATCH v2] net: rocker: fix an incorrect array bounds check

[P J P]

  Hello Jason, all

+-- On Mon, 28 Dec 2015, Jason Wang wrote --+
| On 12/23/2015 01:14 PM, P J P wrote:
| > +-- On Tue, 22 Dec 2015, Peter Maydell wrote --+
| > | Could you submit patches in the usual git send-email format,
| > | please?
| >
| >   Yes, surely will do. I did read about it here[*], just haven't gotten 
around 
| > to trying git send-email yet.
| 
| Hi, patch looks good. Just wonder do you want to re-submit the patch
| with 'git send-email'? (since git am does not work for this mail without
| manual editing).

Please see:
  -> https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg04629.html

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

Re: [Qemu-devel] live migration vs device assignment (motivation)

[Michael S. Tsirkin]

On Mon, Dec 28, 2015 at 03:20:10AM +, Dong, Eddie wrote:
> > >
> > > Even if the device driver doesn't support migration, you still want to
> > > migrate VM? That maybe risk and we should add the "bad path" for the
> > > driver at least.
> > 
> > At a minimum we should have support for hot-plug if we are expecting to
> > support migration.  You would simply have to hot-plug the device before you
> > start migration and then return it after.  That is how the current bonding
> > approach for this works if I am not mistaken.
> 
> Hotplug is good to eliminate the device spefic state clone, but
> bonding approach is very network specific, it doesn’t work for other
> devices such as FPGA device, QaT devices & GPU devices, which we plan
> to support gradually :)

Alexander didn't say do bonding. He just said bonding uses hot-unplug.

Gradual and generic is the correct approach. So focus on splitting the
work into manageable pieces which are also useful by themselves, and
generally reusable by different devices.

So live the pausing alone for a moment.

Start from Alexander's patchset for tracking dirty memory, add a way to
control and detect it from userspace (and maybe from host), and a way to
start migration while device is attached, removing it at the last
possible moment.

That will be a nice first step.


> > 
> > The advantage we are looking to gain is to avoid removing/disabling the
> > device for as long as possible.  Ideally we want to keep the device active
> > through the warm-up period, but if the guest doesn't do that we should still
> > be able to fall back on the older approaches if needed.
> > 

Re: [Qemu-devel] [PATCH] bugfix: passing reference instead of value

[Michael S. Tsirkin]

On Mon, Dec 28, 2015 at 10:54:23AM +0800, Cao jin wrote:
> Fix the bug introduced by 595a4f07. Function host_pci_config_read() should be
> passed by a reference, not a value, for the later pci_default_write_config().

What's the effect of the bug? Does it break igd assignment?
How come it worked for people?
If the function is never called, mayber we can get rid
of it completely?

Stefano?

> 
> Signed-off-by: Cao jin 
> ---
> Separated from previous "igd-passthru convert to realize" patch. Since these
> two don`t have dependency, can send it solely.
> 
> Not test since it is easy to find out if reading carefully, just compiled.
> 
>  hw/pci-host/piix.c | 8 +---
>  1 file changed, 5 insertions(+), 3 deletions(-)
> 
> diff --git a/hw/pci-host/piix.c b/hw/pci-host/piix.c
> index 715208b..924f0fa 100644
> --- a/hw/pci-host/piix.c
> +++ b/hw/pci-host/piix.c
> @@ -761,7 +761,7 @@ static const IGDHostInfo igd_host_bridge_infos[] = {
>  {0xa8, 4},  /* SNB: base of GTT stolen memory */
>  };
>  
> -static int host_pci_config_read(int pos, int len, uint32_t val)
> +static int host_pci_config_read(int pos, int len, uint32_t *val)
>  {
>  char path[PATH_MAX];
>  int config_fd;
> @@ -784,12 +784,14 @@ static int host_pci_config_read(int pos, int len, 
> uint32_t val)
>  ret = -errno;
>  goto out;
>  }
> +
>  do {
> -rc = read(config_fd, (uint8_t *), len);
> +rc = read(config_fd, (uint8_t *)val, len);
>  } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
>  if (rc != len) {
>  ret = -errno;
>  }
> +
>  out:
>  close(config_fd);
>  return ret;
> @@ -805,7 +807,7 @@ static int igd_pt_i440fx_initfn(struct PCIDevice *pci_dev)
>  for (i = 0; i < num; i++) {
>  pos = igd_host_bridge_infos[i].offset;
>  len = igd_host_bridge_infos[i].len;
> -rc = host_pci_config_read(pos, len, val);
> +rc = host_pci_config_read(pos, len, );
>  if (rc) {
>  return -ENODEV;
>  }
> -- 
> 2.1.0
> 
> 

Re: [Qemu-devel] live migration vs device assignment (motivation)

[Michael S. Tsirkin]

On Mon, Dec 28, 2015 at 11:52:43AM +0300, Pavel Fedin wrote:
>  Hello!
> 
> > A dedicated IRQ per device for something that is a system wide event
> > sounds like a waste.  I don't understand why a spec change is strictly
> > required, we only need to support this with the specific virtual bridge
> > used by QEMU, so I think that a vendor specific capability will do.
> > Once this works well in the field, a PCI spec ECN might make sense
> > to standardise the capability.
> 
>  Keeping track of your discussion for some time, decided to jump in...
>  So far, we want to have some kind of mailbox to notify the quest about 
> migration. So what about some dedicated "pci device" for
> this purpose? Some kind of "migration controller". This is:
> a) perhaps easier to implement than capability, we don't need to push 
> anything to PCI spec.
> b) could easily make friendship with Windows, because this means that no bus 
> code has to be touched at all. It would rely only on
> drivers' ability to communicate with each other (i guess it should be 
> possible in Windows, isn't it?)
> c) does not need to steal resources (BARs, IRQs, etc) from the actual devices.
> 
> Kind regards,
> Pavel Fedin
> Expert Engineer
> Samsung Electronics Research center Russia
> 

Sure, or we can use an ACPI device.  It doesn't really matter what we do
for the mailbox. Whoever writes this first will get to select a
mechanism.

-- 
MST

[Qemu-devel] [PATCH v2 1/7] kvm/x86: Hyper-V timers fix incorrect logical operation

[Andrey Smetanin]

Signed-off-by: Andrey Smetanin 
Reviewed-by: Roman Kagan 
CC: Gleb Natapov 
CC: Paolo Bonzini 
CC: Roman Kagan 
CC: Denis V. Lunev 
CC: qemu-devel@nongnu.org

---
 arch/x86/kvm/hyperv.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c
index f34f666..e4ef13a 100644
--- a/arch/x86/kvm/hyperv.c
+++ b/arch/x86/kvm/hyperv.c
@@ -583,7 +583,7 @@ static void stimer_expiration(struct kvm_vcpu_hv_stimer 
*stimer)
 {
stimer_send_msg(stimer);
if (!(stimer->config & HV_STIMER_PERIODIC))
-   stimer->config |= ~HV_STIMER_ENABLE;
+   stimer->config &= ~HV_STIMER_ENABLE;
else
stimer_restart(stimer);
 }
-- 
2.4.3

[Qemu-devel] [PATCH v2 6/7] kvm/x86: Skip SynIC vector check for QEMU side

[Andrey Smetanin]

QEMU zero-inits Hyper-V SynIC vectors. We should allow that,
and don't reject zero values if set by the host.

Signed-off-by: Andrey Smetanin 
Reviewed-by: Roman Kagan 
CC: Gleb Natapov 
CC: Paolo Bonzini 
CC: Roman Kagan 
CC: Denis V. Lunev 
CC: qemu-devel@nongnu.org
---
 arch/x86/kvm/hyperv.c | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c
index abfb920..ddae13e 100644
--- a/arch/x86/kvm/hyperv.c
+++ b/arch/x86/kvm/hyperv.c
@@ -72,12 +72,13 @@ static bool synic_has_vector_auto_eoi(struct 
kvm_vcpu_hv_synic *synic,
return false;
 }
 
-static int synic_set_sint(struct kvm_vcpu_hv_synic *synic, int sint, u64 data)
+static int synic_set_sint(struct kvm_vcpu_hv_synic *synic, int sint,
+ u64 data, bool host)
 {
int vector;
 
vector = data & HV_SYNIC_SINT_VECTOR_MASK;
-   if (vector < 16)
+   if (vector < 16 && !host)
return 1;
/*
 * Guest may configure multiple SINTs to use the same vector, so
@@ -247,7 +248,7 @@ static int synic_set_msr(struct kvm_vcpu_hv_synic *synic,
break;
}
case HV_X64_MSR_SINT0 ... HV_X64_MSR_SINT15:
-   ret = synic_set_sint(synic, msr - HV_X64_MSR_SINT0, data);
+   ret = synic_set_sint(synic, msr - HV_X64_MSR_SINT0, data, host);
break;
default:
ret = 1;
-- 
2.4.3

Re: [Qemu-devel] How to reserve guest physical region for ACPI

[Michael S. Tsirkin]

On Mon, Dec 28, 2015 at 10:39:04AM +0800, Xiao Guangrong wrote:
> 
> Hi Michael, Paolo,
> 
> Now it is the time to return to the challenge that how to reserve guest
> physical region internally used by ACPI.
> 
> Igor suggested that:
> | An alternative place to allocate reserve from could be high memory.
> | For pc we have "reserved-memory-end" which currently makes sure
> | that hotpluggable memory range isn't used by firmware
> (https://lists.nongnu.org/archive/html/qemu-devel/2015-11/msg00926.html)

I don't want to tie things to reserved-memory-end because this
does not scale: next time we need to reserve memory,
we'll need to find yet another way to figure out what is where.

I would like ./hw/acpi/bios-linker-loader.c interface to be extended to
support 64 bit RAM instead (and maybe a way to allocate and
zero-initialize buffer without loading it through fwcfg), this way bios
does the allocation, and addresses can be patched into acpi.

See patch at the bottom that might be handy.

> he also innovated a way to use 64-bit address in DSDT/SSDT.rev = 1:
> | when writing ASL one shall make sure that only XP supported
> | features are in global scope, which is evaluated when tables
> | are loaded and features of rev2 and higher are inside methods.
> | That way XP doesn't crash as far as it doesn't evaluate unsupported
> | opcode and one can guard those opcodes checking _REV object if neccesary.
> (https://lists.nongnu.org/archive/html/qemu-devel/2015-11/msg01010.html)

Yes, this technique works.

An alternative is to add an XSDT, XP ignores that.
XSDT at the moment breaks OVMF (because it loads both
the RSDT and the XSDT, which is wrong), but I think
Laszlo was working on a fix for that.

> Michael, Paolo, what do you think about these ideas?
> 
> Thanks!



So using a patch below, we can add Name(PQRS, 0x0) at the top of the
SSDT (or bottom, or add a separate SSDT just for that).  It returns the
current offset so we can add that to the linker.

Won't work if you append the Name to the Aml structure (these can be
nested to arbitrary depth using aml_append), so using plain GArray for
this API makes sense to me.

--->

acpi: add build_append_named_dword, returning an offset in buffer

This is a very limited form of support for runtime patching -
similar in functionality to what we can do with ACPI_EXTRACT
macros in python, but implemented in C.

This is to allow ACPI code direct access to data tables -
which is exactly what DataTableRegion is there for, except
no known windows release so far implements DataTableRegion.

Signed-off-by: Michael S. Tsirkin 

---

diff --git a/include/hw/acpi/aml-build.h b/include/hw/acpi/aml-build.h
index 1b632dc..f8998ea 100644
--- a/include/hw/acpi/aml-build.h
+++ b/include/hw/acpi/aml-build.h
@@ -286,4 +286,7 @@ void acpi_build_tables_cleanup(AcpiBuildTables *tables, 
bool mfre);
 void
 build_rsdt(GArray *table_data, GArray *linker, GArray *table_offsets);
 
+int
+build_append_named_dword(GArray *array, const char *name_format, ...);
+
 #endif
diff --git a/hw/acpi/aml-build.c b/hw/acpi/aml-build.c
index 0d4b324..7f9fa65 100644
--- a/hw/acpi/aml-build.c
+++ b/hw/acpi/aml-build.c
@@ -262,6 +262,32 @@ static void build_append_int(GArray *table, uint64_t value)
 }
 }
 
+/* Build NAME(, 0x0) where 0x0 is encoded as a qword,
+ * and return the offset to 0x0 for runtime patching.
+ *
+ * Warning: runtime patching is best avoided. Only use this as
+ * a replacement for DataTableRegion (for guests that don't
+ * support it).
+ */
+int
+build_append_named_qword(GArray *array, const char *name_format, ...)
+{
+int offset;
+va_list ap;
+
+va_start(ap, name_format);
+build_append_namestringv(array, name_format, ap);
+va_end(ap);
+
+build_append_byte(array, 0x0E); /* QWordPrefix */
+
+offset = array->len;
+build_append_int_noprefix(array, 0x0, 8);
+assert(array->len == offset + 8);
+
+return offset;
+}
+
 static GPtrArray *alloc_list;
 
 static Aml *aml_alloc(void)

[Qemu-devel] [PATCH v2 2/7] kvm/x86: Drop stimer_stop() function

[Andrey Smetanin]

The function stimer_stop() is called in one place
so remove the function and replace it's call by function
content.

Signed-off-by: Andrey Smetanin 
Reviewed-by: Roman Kagan 
CC: Gleb Natapov 
CC: Paolo Bonzini 
CC: Roman Kagan 
CC: Denis V. Lunev 
CC: qemu-devel@nongnu.org
---
 arch/x86/kvm/hyperv.c | 7 +--
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c
index e4ef13a..6b2ed93 100644
--- a/arch/x86/kvm/hyperv.c
+++ b/arch/x86/kvm/hyperv.c
@@ -400,16 +400,11 @@ static void stimer_mark_expired(struct kvm_vcpu_hv_stimer 
*stimer,
kvm_vcpu_kick(vcpu);
 }
 
-static void stimer_stop(struct kvm_vcpu_hv_stimer *stimer)
-{
-   hrtimer_cancel(>timer);
-}
-
 static void stimer_cleanup(struct kvm_vcpu_hv_stimer *stimer)
 {
struct kvm_vcpu *vcpu = stimer_to_vcpu(stimer);
 
-   stimer_stop(stimer);
+   hrtimer_cancel(>timer);
clear_bit(stimer->index,
  vcpu_to_hv_vcpu(vcpu)->stimer_pending_bitmap);
stimer->msg_pending = false;
-- 
2.4.3

[Qemu-devel] [PATCH v2 7/7] kvm/x86: Update SynIC timers on guest entry only

[Andrey Smetanin]

Consolidate updating the Hyper-V SynIC timers in a
single place: on guest entry in processing KVM_REQ_HV_STIMER
request.  This simplifies the overall logic, and makes sure
the most current state of msrs and guest clock is used for
arming the timers (to achieve that, KVM_REQ_HV_STIMER
has to be processed after KVM_REQ_CLOCK_UPDATE).

Signed-off-by: Andrey Smetanin 
Reviewed-by: Roman Kagan 
CC: Gleb Natapov 
CC: Paolo Bonzini 
CC: Roman Kagan 
CC: Denis V. Lunev 
CC: qemu-devel@nongnu.org
---
 arch/x86/kvm/hyperv.c | 38 +++---
 arch/x86/kvm/x86.c|  6 ++
 2 files changed, 25 insertions(+), 19 deletions(-)

diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c
index ddae13e..101c2e4 100644
--- a/arch/x86/kvm/hyperv.c
+++ b/arch/x86/kvm/hyperv.c
@@ -389,7 +389,7 @@ static u64 get_time_ref_counter(struct kvm *kvm)
return div_u64(get_kernel_ns() + kvm->arch.kvmclock_offset, 100);
 }
 
-static void stimer_mark_expired(struct kvm_vcpu_hv_stimer *stimer,
+static void stimer_mark_pending(struct kvm_vcpu_hv_stimer *stimer,
bool vcpu_kick)
 {
struct kvm_vcpu *vcpu = stimer_to_vcpu(stimer);
@@ -417,7 +417,7 @@ static enum hrtimer_restart stimer_timer_callback(struct 
hrtimer *timer)
struct kvm_vcpu_hv_stimer *stimer;
 
stimer = container_of(timer, struct kvm_vcpu_hv_stimer, timer);
-   stimer_mark_expired(stimer, true);
+   stimer_mark_pending(stimer, true);
 
return HRTIMER_NORESTART;
 }
@@ -462,7 +462,7 @@ static int stimer_start(struct kvm_vcpu_hv_stimer *stimer)
 * "If a one shot is enabled and the specified count is in
 * the past, it will expire immediately."
 */
-   stimer_mark_expired(stimer, false);
+   stimer_mark_pending(stimer, false);
return 0;
}
 
@@ -475,30 +475,24 @@ static int stimer_start(struct kvm_vcpu_hv_stimer *stimer)
 static int stimer_set_config(struct kvm_vcpu_hv_stimer *stimer, u64 config,
 bool host)
 {
+   stimer_cleanup(stimer);
if ((stimer->config & HV_STIMER_ENABLE) && HV_STIMER_SINT(config) == 0)
config &= ~HV_STIMER_ENABLE;
stimer->config = config;
-   stimer_cleanup(stimer);
-   if (stimer->config & HV_STIMER_ENABLE)
-   if (stimer_start(stimer))
-   return 1;
+   stimer_mark_pending(stimer, false);
return 0;
 }
 
 static int stimer_set_count(struct kvm_vcpu_hv_stimer *stimer, u64 count,
bool host)
 {
-   stimer->count = count;
-
stimer_cleanup(stimer);
+   stimer->count = count;
if (stimer->count == 0)
stimer->config &= ~HV_STIMER_ENABLE;
-   else if (stimer->config & HV_STIMER_AUTOENABLE) {
+   else if (stimer->config & HV_STIMER_AUTOENABLE)
stimer->config |= HV_STIMER_ENABLE;
-   if (stimer_start(stimer))
-   return 1;
-   }
-
+   stimer_mark_pending(stimer, false);
return 0;
 }
 
@@ -582,18 +576,24 @@ void kvm_hv_process_stimers(struct kvm_vcpu *vcpu)
 {
struct kvm_vcpu_hv *hv_vcpu = vcpu_to_hv_vcpu(vcpu);
struct kvm_vcpu_hv_stimer *stimer;
-   u64 time_now;
+   u64 time_now, exp_time;
int i;
 
for (i = 0; i < ARRAY_SIZE(hv_vcpu->stimer); i++)
if (test_and_clear_bit(i, hv_vcpu->stimer_pending_bitmap)) {
stimer = _vcpu->stimer[i];
if (stimer->config & HV_STIMER_ENABLE) {
-   time_now = get_time_ref_counter(vcpu->kvm);
-   if (time_now >= stimer->exp_time)
-   stimer_expiration(stimer);
+   exp_time = stimer->exp_time;
+
+   if (exp_time) {
+   time_now =
+   get_time_ref_counter(vcpu->kvm);
+   if (time_now >= exp_time)
+   stimer_expiration(stimer);
+   }
 
-   if (stimer->config & HV_STIMER_ENABLE)
+   if ((stimer->config & HV_STIMER_ENABLE) &&
+   stimer->count)
stimer_start(stimer);
else
stimer_cleanup(stimer);
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index e23137d..9610516 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -6491,6 +6491,12 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu)
r = 0;

[Qemu-devel] [PATCH v2 5/7] kvm/x86: Hyper-V fix SynIC timer disabling condition

[Andrey Smetanin]

Hypervisor Function Specification(HFS) doesn't require
to disable SynIC timer at timer config write if timer->count = 0.

So drop this check, this allow to load timers MSR's
during migration restore, because config are set before count
in QEMU side.

Also fix condition according to HFS doc(15.3.1):
"It is not permitted to set the SINTx field to zero for an
enabled timer. If attempted, the timer will be
marked disabled (that is, bit 0 cleared) immediately."

Signed-off-by: Andrey Smetanin 
Reviewed-by: Roman Kagan 
CC: Gleb Natapov 
CC: Paolo Bonzini 
CC: Roman Kagan 
CC: Denis V. Lunev 
CC: qemu-devel@nongnu.org
---
 arch/x86/kvm/hyperv.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c
index 5f85c12..abfb920 100644
--- a/arch/x86/kvm/hyperv.c
+++ b/arch/x86/kvm/hyperv.c
@@ -474,7 +474,7 @@ static int stimer_start(struct kvm_vcpu_hv_stimer *stimer)
 static int stimer_set_config(struct kvm_vcpu_hv_stimer *stimer, u64 config,
 bool host)
 {
-   if (stimer->count == 0 || HV_STIMER_SINT(config) == 0)
+   if ((stimer->config & HV_STIMER_ENABLE) && HV_STIMER_SINT(config) == 0)
config &= ~HV_STIMER_ENABLE;
stimer->config = config;
stimer_cleanup(stimer);
-- 
2.4.3

[Qemu-devel] [PATCH v2 3/7] kvm/x86: Hyper-V unify stimer_start() and stimer_restart()

[Andrey Smetanin]

This will be used in future to start Hyper-V SynIC timer
in several places by one logic in one function.

Changes v2:
* drop stimer->count == 0 check inside stimer_start()
* comment stimer_start() assumptions

Signed-off-by: Andrey Smetanin 
Reviewed-by: Roman Kagan 
CC: Gleb Natapov 
CC: Paolo Bonzini 
CC: Roman Kagan 
CC: Denis V. Lunev 
CC: qemu-devel@nongnu.org
---
 arch/x86/kvm/hyperv.c | 43 ---
 1 file changed, 20 insertions(+), 23 deletions(-)

diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c
index 6b2ed93..0dd7d17 100644
--- a/arch/x86/kvm/hyperv.c
+++ b/arch/x86/kvm/hyperv.c
@@ -408,6 +408,7 @@ static void stimer_cleanup(struct kvm_vcpu_hv_stimer 
*stimer)
clear_bit(stimer->index,
  vcpu_to_hv_vcpu(vcpu)->stimer_pending_bitmap);
stimer->msg_pending = false;
+   stimer->exp_time = 0;
 }
 
 static enum hrtimer_restart stimer_timer_callback(struct hrtimer *timer)
@@ -420,24 +421,11 @@ static enum hrtimer_restart stimer_timer_callback(struct 
hrtimer *timer)
return HRTIMER_NORESTART;
 }
 
-static void stimer_restart(struct kvm_vcpu_hv_stimer *stimer)
-{
-   u64 time_now;
-   ktime_t ktime_now;
-   u64 remainder;
-
-   time_now = get_time_ref_counter(stimer_to_vcpu(stimer)->kvm);
-   ktime_now = ktime_get();
-
-   div64_u64_rem(time_now - stimer->exp_time, stimer->count, );
-   stimer->exp_time = time_now + (stimer->count - remainder);
-
-   hrtimer_start(>timer,
- ktime_add_ns(ktime_now,
-  100 * (stimer->exp_time - time_now)),
- HRTIMER_MODE_ABS);
-}
-
+/*
+ * stimer_start() assumptions:
+ * a) stimer->count is not equal to 0
+ * b) stimer->config has HV_STIMER_ENABLE flag
+ */
 static int stimer_start(struct kvm_vcpu_hv_stimer *stimer)
 {
u64 time_now;
@@ -447,12 +435,21 @@ static int stimer_start(struct kvm_vcpu_hv_stimer *stimer)
ktime_now = ktime_get();
 
if (stimer->config & HV_STIMER_PERIODIC) {
-   if (stimer->count == 0)
-   return -EINVAL;
+   if (stimer->exp_time) {
+   if (time_now >= stimer->exp_time) {
+   u64 remainder;
+
+   div64_u64_rem(time_now - stimer->exp_time,
+ stimer->count, );
+   stimer->exp_time =
+   time_now + (stimer->count - remainder);
+   }
+   } else
+   stimer->exp_time = time_now + stimer->count;
 
-   stimer->exp_time = time_now + stimer->count;
hrtimer_start(>timer,
- ktime_add_ns(ktime_now, 100 * stimer->count),
+ ktime_add_ns(ktime_now,
+  100 * (stimer->exp_time - time_now)),
  HRTIMER_MODE_ABS);
return 0;
}
@@ -580,7 +577,7 @@ static void stimer_expiration(struct kvm_vcpu_hv_stimer 
*stimer)
if (!(stimer->config & HV_STIMER_PERIODIC))
stimer->config &= ~HV_STIMER_ENABLE;
else
-   stimer_restart(stimer);
+   stimer_start(stimer);
 }
 
 void kvm_hv_process_stimers(struct kvm_vcpu *vcpu)
-- 
2.4.3

Re: [Qemu-devel] [PATCH] bugfix: passing reference instead of value

[Cao jin]

BTW, I send the v2 version of this patch, the changelog of v2 is:

ensure the value writen into register of pci config space is always 
little endian, using cpu_to_le32().


So, the actual change by v2 is following:

-pci_default_write_config(pci_dev, pos, val, len);
+pci_default_write_config(pci_dev, pos, cpu_to_le32(val), len);

Maybe we can discuss in v2 thread.

On 12/28/2015 07:50 PM, Michael S. Tsirkin wrote:

On Mon, Dec 28, 2015 at 10:54:23AM +0800, Cao jin wrote:

Fix the bug introduced by 595a4f07. Function host_pci_config_read() should be
passed by a reference, not a value, for the later pci_default_write_config().


What's the effect of the bug? Does it break igd assignment?
How come it worked for people?
If the function is never called, mayber we can get rid
of it completely?

Stefano?



Signed-off-by: Cao jin 
---
Separated from previous "igd-passthru convert to realize" patch. Since these
two don`t have dependency, can send it solely.

Not test since it is easy to find out if reading carefully, just compiled.

  hw/pci-host/piix.c | 8 +---
  1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/hw/pci-host/piix.c b/hw/pci-host/piix.c
index 715208b..924f0fa 100644
--- a/hw/pci-host/piix.c
+++ b/hw/pci-host/piix.c
@@ -761,7 +761,7 @@ static const IGDHostInfo igd_host_bridge_infos[] = {
  {0xa8, 4},  /* SNB: base of GTT stolen memory */
  };

-static int host_pci_config_read(int pos, int len, uint32_t val)
+static int host_pci_config_read(int pos, int len, uint32_t *val)
  {
  char path[PATH_MAX];
  int config_fd;
@@ -784,12 +784,14 @@ static int host_pci_config_read(int pos, int len, 
uint32_t val)
  ret = -errno;
  goto out;
  }
+
  do {
-rc = read(config_fd, (uint8_t *), len);
+rc = read(config_fd, (uint8_t *)val, len);
  } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
  if (rc != len) {
  ret = -errno;
  }
+
  out:
  close(config_fd);
  return ret;
@@ -805,7 +807,7 @@ static int igd_pt_i440fx_initfn(struct PCIDevice *pci_dev)
  for (i = 0; i < num; i++) {
  pos = igd_host_bridge_infos[i].offset;
  len = igd_host_bridge_infos[i].len;
-rc = host_pci_config_read(pos, len, val);
+rc = host_pci_config_read(pos, len, );
  if (rc) {
  return -ENODEV;
  }
--
2.1.0





.



--
Yours Sincerely,

Cao Jin

[Qemu-devel] [PATCH v2 0/7] KVM: Hyper-V SynIC timers migration fixes

[Andrey Smetanin]

During testing of Windows 2012R2 guest migration with
Hyper-V SynIC timers enabled we found several bugs
which lead to restoring guest in a hung state.

This patch series provides several fixes to make the
migration of guest with Hyper-V SynIC timers enabled
succeed.

The series applies on top of
'kvm/x86: Remove Hyper-V SynIC timer stopping'
previously sent.

Changes v2:
* fix incorrect logical operation for one-shot timers
* drop stimer->count == 0 inside stimer_start()
* comment stimer_start() assumtions

Signed-off-by: Andrey Smetanin 
Reviewed-by: Roman Kagan 
CC: Gleb Natapov 
CC: Paolo Bonzini 
CC: Roman Kagan 
CC: Denis V. Lunev 
CC: qemu-devel@nongnu.org

Andrey Smetanin (7):
  kvm/x86: Hyper-V timers fix incorrect logical operation
  kvm/x86: Drop stimer_stop() function
  kvm/x86: Hyper-V unify stimer_start() and stimer_restart()
  kvm/x86: Reorg stimer_expiration() to better control timer restart
  kvm/x86: Hyper-V fix SynIC timer disabling condition
  kvm/x86: Skip SynIC vector check for QEMU side
  kvm/x86: Update SynIC timers on guest entry only

 arch/x86/kvm/hyperv.c | 119 --
 arch/x86/kvm/x86.c|   6 +++
 2 files changed, 63 insertions(+), 62 deletions(-)

-- 
2.4.3

Re: [Qemu-devel] [PATCH] bugfix: passing reference instead of value

[Cao jin]

On 12/28/2015 07:50 PM, Michael S. Tsirkin wrote:

On Mon, Dec 28, 2015 at 10:54:23AM +0800, Cao jin wrote:

Fix the bug introduced by 595a4f07. Function host_pci_config_read() should be
passed by a reference, not a value, for the later pci_default_write_config().


What's the effect of the bug? Does it break igd assignment?
How come it worked for people?
If the function is never called, mayber we can get rid
of it completely?



sorry if I didn`t explain it clearly to you. let me try the explanation 
again: This function is called only when using 
TYPE_IGD_PASSTHROUGH_I440FX_PCI_DEVICE(when realize it)


the effect of the bug:
pci_default_write_config(pci_dev, pos, val, len);
^ *its value is always 0*

I think it won`t break igd assignment, but just give a wrong register 
value(forever 0) in PCI config space(wrong register value may results in 
abnormal working state?). the register should get its value by 
host_pci_config_read()


Because my bad English description, Let me do a analogy, here is the 
imitation of original code:


void swap(unsigned int val)  //this is host_pci_config_read()
{
unsigned int org = 2;
memcpy(, , sizeof(unsigned int));
}

int main()
{
unsigned int val = 0;

swap(val);

printf("val = %d\n", val);
return 0;
}

author want to get: val = 2. but it will always: val = 0; This is 
exactly the bug I find.



Stefano?



Signed-off-by: Cao jin 
---
Separated from previous "igd-passthru convert to realize" patch. Since these
two don`t have dependency, can send it solely.

Not test since it is easy to find out if reading carefully, just compiled.

  hw/pci-host/piix.c | 8 +---
  1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/hw/pci-host/piix.c b/hw/pci-host/piix.c
index 715208b..924f0fa 100644
--- a/hw/pci-host/piix.c
+++ b/hw/pci-host/piix.c
@@ -761,7 +761,7 @@ static const IGDHostInfo igd_host_bridge_infos[] = {
  {0xa8, 4},  /* SNB: base of GTT stolen memory */
  };

-static int host_pci_config_read(int pos, int len, uint32_t val)
+static int host_pci_config_read(int pos, int len, uint32_t *val)
  {
  char path[PATH_MAX];
  int config_fd;
@@ -784,12 +784,14 @@ static int host_pci_config_read(int pos, int len, 
uint32_t val)
  ret = -errno;
  goto out;
  }
+
  do {
-rc = read(config_fd, (uint8_t *), len);
+rc = read(config_fd, (uint8_t *)val, len);
  } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
  if (rc != len) {
  ret = -errno;
  }
+
  out:
  close(config_fd);
  return ret;
@@ -805,7 +807,7 @@ static int igd_pt_i440fx_initfn(struct PCIDevice *pci_dev)
  for (i = 0; i < num; i++) {
  pos = igd_host_bridge_infos[i].offset;
  len = igd_host_bridge_infos[i].len;
-rc = host_pci_config_read(pos, len, val);
+rc = host_pci_config_read(pos, len, );
  if (rc) {
  return -ENODEV;
  }
--
2.1.0





.



--
Yours Sincerely,

Cao Jin

[Qemu-devel] [PATCH v2 4/7] kvm/x86: Reorg stimer_expiration() to better control timer restart

[Andrey Smetanin]

Split stimer_expiration() into two parts - timer expiration message
sending and timer restart/cleanup based on timer state(config).

This also fixes a bug where a one-shot timer message whose delivery
failed once would get lost for good.

Signed-off-by: Andrey Smetanin 
Reviewed-by: Roman Kagan 
CC: Gleb Natapov 
CC: Paolo Bonzini 
CC: Roman Kagan 
CC: Denis V. Lunev 
CC: qemu-devel@nongnu.org
---
 arch/x86/kvm/hyperv.c | 26 ++
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c
index 0dd7d17..5f85c12 100644
--- a/arch/x86/kvm/hyperv.c
+++ b/arch/x86/kvm/hyperv.c
@@ -554,30 +554,27 @@ static int synic_deliver_msg(struct kvm_vcpu_hv_synic 
*synic, u32 sint,
return r;
 }
 
-static void stimer_send_msg(struct kvm_vcpu_hv_stimer *stimer)
+static int stimer_send_msg(struct kvm_vcpu_hv_stimer *stimer)
 {
struct kvm_vcpu *vcpu = stimer_to_vcpu(stimer);
struct hv_message *msg = >msg;
struct hv_timer_message_payload *payload =
(struct hv_timer_message_payload *)>u.payload;
-   int r;
 
-   stimer->msg_pending = true;
payload->expiration_time = stimer->exp_time;
payload->delivery_time = get_time_ref_counter(vcpu->kvm);
-   r = synic_deliver_msg(vcpu_to_synic(vcpu),
- HV_STIMER_SINT(stimer->config), msg);
-   if (!r)
-   stimer->msg_pending = false;
+   return synic_deliver_msg(vcpu_to_synic(vcpu),
+HV_STIMER_SINT(stimer->config), msg);
 }
 
 static void stimer_expiration(struct kvm_vcpu_hv_stimer *stimer)
 {
-   stimer_send_msg(stimer);
-   if (!(stimer->config & HV_STIMER_PERIODIC))
-   stimer->config &= ~HV_STIMER_ENABLE;
-   else
-   stimer_start(stimer);
+   stimer->msg_pending = true;
+   if (!stimer_send_msg(stimer)) {
+   stimer->msg_pending = false;
+   if (!(stimer->config & HV_STIMER_PERIODIC))
+   stimer->config &= ~HV_STIMER_ENABLE;
+   }
 }
 
 void kvm_hv_process_stimers(struct kvm_vcpu *vcpu)
@@ -594,6 +591,11 @@ void kvm_hv_process_stimers(struct kvm_vcpu *vcpu)
time_now = get_time_ref_counter(vcpu->kvm);
if (time_now >= stimer->exp_time)
stimer_expiration(stimer);
+
+   if (stimer->config & HV_STIMER_ENABLE)
+   stimer_start(stimer);
+   else
+   stimer_cleanup(stimer);
}
}
 }
-- 
2.4.3

[Qemu-devel] [PATCH v2 04/51] pc: acpi: memhp: move MHPD.MLCK mutex into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/acpi/memory_hotplug_acpi_table.c | 2 ++
 hw/i386/acpi-dsdt-mem-hotplug.dsl   | 3 +--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/hw/acpi/memory_hotplug_acpi_table.c 
b/hw/acpi/memory_hotplug_acpi_table.c
index a21ef6f..c2bd928 100644
--- a/hw/acpi/memory_hotplug_acpi_table.c
+++ b/hw/acpi/memory_hotplug_acpi_table.c
@@ -38,6 +38,8 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 /* present, functioning, decoding, not shown in UI */
 aml_append(method, aml_return(aml_int(0xB)));
 aml_append(mem_ctrl_dev, method);
+
+aml_append(mem_ctrl_dev, aml_mutex(stringify(MEMORY_SLOT_LOCK), 0));
 }
 aml_append(pci_scope, mem_ctrl_dev);
 aml_append(ctx, pci_scope);
diff --git a/hw/i386/acpi-dsdt-mem-hotplug.dsl 
b/hw/i386/acpi-dsdt-mem-hotplug.dsl
index b4eacc9..a1e519b 100644
--- a/hw/i386/acpi-dsdt-mem-hotplug.dsl
+++ b/hw/i386/acpi-dsdt-mem-hotplug.dsl
@@ -34,8 +34,7 @@
 External(MEMORY_SLOT_SLECTOR, FieldUnitObj) // DIMM selector, 
write only
 External(MEMORY_SLOT_OST_EVENT, FieldUnitObj) // _OST event code, 
write only
 External(MEMORY_SLOT_OST_STATUS, FieldUnitObj) // _OST status 
code, write only
-
-Mutex (MEMORY_SLOT_LOCK, 0)
+External(MEMORY_SLOT_LOCK, MutexObj)
 
 Method(MEMORY_SLOT_SCAN_METHOD, 0) {
 If (LEqual(MEMORY_SLOTS_NUMBER, Zero)) {
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 09/51] pc: acpi: memhp: move MHPD.MEJ0 method into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/acpi/memory_hotplug_acpi_table.c | 13 +
 hw/i386/acpi-dsdt-mem-hotplug.dsl   |  8 
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/hw/acpi/memory_hotplug_acpi_table.c 
b/hw/acpi/memory_hotplug_acpi_table.c
index 4edf680..c2bfcd6 100644
--- a/hw/acpi/memory_hotplug_acpi_table.c
+++ b/hw/acpi/memory_hotplug_acpi_table.c
@@ -152,6 +152,19 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 aml_append(method, aml_release(ctrl_lock));
 }
 aml_append(mem_ctrl_dev, method);
+
+method = aml_method(stringify(MEMORY_SLOT_EJECT_METHOD), 2,
+AML_NOTSERIALIZED);
+{
+Aml *eject = aml_name(stringify(MEMORY_SLOT_EJECT));
+
+aml_append(method, aml_acquire(ctrl_lock, 0x));
+aml_append(method, aml_store(aml_to_integer(slot_arg0),
+ slot_selector));
+aml_append(method, aml_store(one, eject));
+aml_append(method, aml_release(ctrl_lock));
+}
+aml_append(mem_ctrl_dev, method);
 }
 aml_append(pci_scope, mem_ctrl_dev);
 aml_append(ctx, pci_scope);
diff --git a/hw/i386/acpi-dsdt-mem-hotplug.dsl 
b/hw/i386/acpi-dsdt-mem-hotplug.dsl
index 8889eca..87d8d66 100644
--- a/hw/i386/acpi-dsdt-mem-hotplug.dsl
+++ b/hw/i386/acpi-dsdt-mem-hotplug.dsl
@@ -25,7 +25,6 @@
 External(MEMORY_SLOT_ADDR_HIGH, FieldUnitObj) // read only
 External(MEMORY_SLOT_SIZE_LOW, FieldUnitObj) // read only
 External(MEMORY_SLOT_SIZE_HIGH, FieldUnitObj) // read only
-External(MEMORY_SLOT_EJECT, FieldUnitObj) // initiates device 
eject, write only
 External(MEMORY_SLOT_SLECTOR, FieldUnitObj) // DIMM selector, 
write only
 External(MEMORY_SLOT_LOCK, MutexObj)
 
@@ -92,12 +91,5 @@
 Release(MEMORY_SLOT_LOCK)
 Return(MR64)
 }
-
-Method(MEMORY_SLOT_EJECT_METHOD, 2) {
-Acquire(MEMORY_SLOT_LOCK, 0x)
-Store(ToInteger(Arg0), MEMORY_SLOT_SLECTOR) // select DIMM
-Store(1, MEMORY_SLOT_EJECT)
-Release(MEMORY_SLOT_LOCK)
-}
 } // Device()
 } // Scope()
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 05/51] pc: acpi: memhp: move MHPD.MSCN method into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/acpi/memory_hotplug_acpi_table.c | 60 +
 hw/i386/acpi-dsdt-mem-hotplug.dsl   | 27 +
 2 files changed, 61 insertions(+), 26 deletions(-)

diff --git a/hw/acpi/memory_hotplug_acpi_table.c 
b/hw/acpi/memory_hotplug_acpi_table.c
index c2bd928..86b8233 100644
--- a/hw/acpi/memory_hotplug_acpi_table.c
+++ b/hw/acpi/memory_hotplug_acpi_table.c
@@ -26,8 +26,11 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 pci_scope = aml_scope("_SB.PCI0");
 mem_ctrl_dev = aml_scope(stringify(MEMORY_HOTPLUG_DEVICE));
 {
+Aml *one = aml_int(1);
 Aml *zero = aml_int(0);
 Aml *slots_nr = aml_name(stringify(MEMORY_SLOTS_NUMBER));
+Aml *ctrl_lock = aml_name(stringify(MEMORY_SLOT_LOCK));
+Aml *slot_selector = aml_name(stringify(MEMORY_SLOT_SLECTOR));
 
 method = aml_method("_STA", 0, AML_NOTSERIALIZED);
 ifctx = aml_if(aml_equal(slots_nr, zero));
@@ -40,6 +43,63 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 aml_append(mem_ctrl_dev, method);
 
 aml_append(mem_ctrl_dev, aml_mutex(stringify(MEMORY_SLOT_LOCK), 0));
+
+method = aml_method(stringify(MEMORY_SLOT_SCAN_METHOD), 0,
+AML_NOTSERIALIZED);
+{
+Aml *else_ctx;
+Aml *while_ctx;
+Aml *idx = aml_local(0);
+Aml *eject_req = aml_int(3);
+Aml *dev_chk = aml_int(1);
+
+ifctx = aml_if(aml_equal(slots_nr, zero));
+{
+aml_append(ifctx, aml_return(zero));
+}
+aml_append(method, ifctx);
+
+aml_append(method, aml_store(zero, idx));
+aml_append(method, aml_acquire(ctrl_lock, 0x));
+/* build AML that:
+ * loops over all slots and Notifies DIMMs with
+ * Device Check or Eject Request notifications if
+ * slot has corresponding status bit set and clears
+ * slot status.
+ */
+while_ctx = aml_while(aml_lless(idx, slots_nr));
+{
+Aml *ins_evt = aml_name(stringify(MEMORY_SLOT_INSERT_EVENT));
+Aml *rm_evt = aml_name(stringify(MEMORY_SLOT_REMOVE_EVENT));
+
+aml_append(while_ctx, aml_store(idx, slot_selector));
+ifctx = aml_if(aml_equal(ins_evt, one));
+{
+aml_append(ifctx,
+   aml_call2(stringify(MEMORY_SLOT_NOTIFY_METHOD),
+ idx, dev_chk));
+aml_append(ifctx, aml_store(one, ins_evt));
+}
+aml_append(while_ctx, ifctx);
+
+else_ctx = aml_else();
+ifctx = aml_if(aml_equal(rm_evt, one));
+{
+aml_append(ifctx,
+aml_call2(stringify(MEMORY_SLOT_NOTIFY_METHOD),
+  idx, eject_req));
+aml_append(ifctx, aml_store(one, rm_evt));
+}
+aml_append(else_ctx, ifctx);
+aml_append(while_ctx, else_ctx);
+
+aml_append(while_ctx, aml_add(idx, one, idx));
+}
+aml_append(method, while_ctx);
+aml_append(method, aml_release(ctrl_lock));
+aml_append(method, aml_return(one));
+}
+aml_append(mem_ctrl_dev, method);
 }
 aml_append(pci_scope, mem_ctrl_dev);
 aml_append(ctx, pci_scope);
diff --git a/hw/i386/acpi-dsdt-mem-hotplug.dsl 
b/hw/i386/acpi-dsdt-mem-hotplug.dsl
index a1e519b..92baf87 100644
--- a/hw/i386/acpi-dsdt-mem-hotplug.dsl
+++ b/hw/i386/acpi-dsdt-mem-hotplug.dsl
@@ -13,13 +13,12 @@
  * with this program; if not, see .
  */
 
-External(MEMORY_SLOT_NOTIFY_METHOD, MethodObj)
+External(\_SB.PCI0.MEMORY_HOTPLUG_DEVICE.MEMORY_SLOT_SCAN_METHOD, 
MethodObj)
 
 Scope(\_SB.PCI0) {
 Device(MEMORY_HOTPLUG_DEVICE) {
 Name(_HID, "PNP0A06")
 Name(_UID, "Memory hotplug resources")
-External(MEMORY_SLOTS_NUMBER, IntObj)
 
 /* Memory hotplug IO registers */
 External(MEMORY_SLOT_ADDR_LOW, FieldUnitObj) // read only
@@ -28,36 +27,12 @@
 External(MEMORY_SLOT_SIZE_HIGH, FieldUnitObj) // read only
 External(MEMORY_SLOT_PROXIMITY, FieldUnitObj) // read only
 External(MEMORY_SLOT_ENABLED, FieldUnitObj) // 1 if enabled, read 
only
-External(MEMORY_SLOT_INSERT_EVENT, FieldUnitObj) // (read) 1 if 
has a insert event. (write) 1 to clear event
-External(MEMORY_SLOT_REMOVE_EVENT, FieldUnitObj) // (read) 1 if 
has a remove event. (write) 1 to clear event
 External(MEMORY_SLOT_EJECT, FieldUnitObj) // initiates device 
eject, write only
 

[Qemu-devel] [PATCH v2 16/51] pc: acpi: cpuhp: move CPEJ() method to SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/acpi/Makefile.objs |  2 +-
 hw/acpi/cpu_hotplug_acpi_table.c  | 28 
 hw/i386/acpi-build.c  |  3 ++-
 hw/i386/acpi-dsdt-cpu-hotplug.dsl |  4 
 include/hw/acpi/cpu_hotplug.h |  5 +
 5 files changed, 36 insertions(+), 6 deletions(-)
 create mode 100644 hw/acpi/cpu_hotplug_acpi_table.c

diff --git a/hw/acpi/Makefile.objs b/hw/acpi/Makefile.objs
index 052be62..f3ade9a 100644
--- a/hw/acpi/Makefile.objs
+++ b/hw/acpi/Makefile.objs
@@ -1,6 +1,6 @@
 common-obj-$(CONFIG_ACPI_X86) += core.o piix4.o pcihp.o
 common-obj-$(CONFIG_ACPI_X86_ICH) += ich9.o tco.o
-common-obj-$(CONFIG_ACPI_CPU_HOTPLUG) += cpu_hotplug.o
+common-obj-$(CONFIG_ACPI_CPU_HOTPLUG) += cpu_hotplug.o cpu_hotplug_acpi_table.o
 common-obj-$(CONFIG_ACPI_MEMORY_HOTPLUG) += memory_hotplug.o 
memory_hotplug_acpi_table.o
 common-obj-$(CONFIG_ACPI_NVDIMM) += nvdimm.o
 common-obj-$(CONFIG_ACPI) += acpi_interface.o
diff --git a/hw/acpi/cpu_hotplug_acpi_table.c b/hw/acpi/cpu_hotplug_acpi_table.c
new file mode 100644
index 000..422e57b
--- /dev/null
+++ b/hw/acpi/cpu_hotplug_acpi_table.c
@@ -0,0 +1,28 @@
+/*
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+
+#include "hw/acpi/cpu_hotplug.h"
+
+void build_cpu_hotplug_aml(Aml *ctx)
+{
+Aml *method;
+Aml *sb_scope = aml_scope("_SB");
+
+method = aml_method(CPU_EJECT_METHOD, 2, AML_NOTSERIALIZED);
+aml_append(method, aml_sleep(200));
+aml_append(sb_scope, method);
+
+aml_append(ctx, sb_scope);
+}
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 7e71540..a4343de 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1078,6 +1078,7 @@ build_ssdt(GArray *table_data, GArray *linker,
 /* Reserve space for header */
 acpi_data_push(ssdt->buf, sizeof(AcpiTableHeader));
 
+build_cpu_hotplug_aml(ssdt);
 build_memory_hotplug_aml(ssdt, nr_mem, pm->mem_hp_io_base,
  pm->mem_hp_io_len);
 
@@ -1324,7 +1325,7 @@ build_ssdt(GArray *table_data, GArray *linker,
 
 method = aml_method("_EJ0", 1, AML_NOTSERIALIZED);
 aml_append(method,
-aml_return(aml_call2("CPEJ", aml_int(i), aml_arg(0)))
+aml_return(aml_call2(CPU_EJECT_METHOD, aml_int(i), aml_arg(0)))
 );
 aml_append(dev, method);
 
diff --git a/hw/i386/acpi-dsdt-cpu-hotplug.dsl 
b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
index 53e1389..18331be 100644
--- a/hw/i386/acpi-dsdt-cpu-hotplug.dsl
+++ b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
@@ -48,10 +48,6 @@ Scope(\_SB) {
 Return (0x0)
 }
 }
-Method(CPEJ, 2, NotSerialized) {
-// _EJ0 method - eject callback
-Sleep(200)
-}
 
 Method(PRSC, 0) {
 // Local5 = active cpu bitmap
diff --git a/include/hw/acpi/cpu_hotplug.h b/include/hw/acpi/cpu_hotplug.h
index f6d358d..87504be 100644
--- a/include/hw/acpi/cpu_hotplug.h
+++ b/include/hw/acpi/cpu_hotplug.h
@@ -14,6 +14,7 @@
 
 #include "hw/acpi/acpi.h"
 #include "hw/acpi/pc-hotplug.h"
+#include "hw/acpi/aml-build.h"
 
 typedef struct AcpiCpuHotplug {
 MemoryRegion io;
@@ -25,4 +26,8 @@ void acpi_cpu_plug_cb(ACPIREGS *ar, qemu_irq irq,
 
 void acpi_cpu_hotplug_init(MemoryRegion *parent, Object *owner,
AcpiCpuHotplug *gpe_cpu, uint16_t base);
+
+#define CPU_EJECT_METHOD "CPEJ"
+
+void build_cpu_hotplug_aml(Aml *ctx);
 #endif
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 32/51] pc: acpi: pci: move link devices into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 77 +++
 hw/i386/acpi-dsdt.dsl | 49 
 2 files changed, 82 insertions(+), 44 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index a28963f..891a29c 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1427,9 +1427,49 @@ static void build_dbg_aml(Aml *table)
 aml_append(table, scope);
 }
 
+static Aml *build_link_dev(const char *name, uint8_t uid, Aml *reg)
+{
+Aml *dev;
+Aml *crs;
+Aml *method;
+uint32_t irqs[] = {5, 10, 11};
+
+dev = aml_device("%s", name);
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0C0F")));
+aml_append(dev, aml_name_decl("_UID", aml_int(uid)));
+
+crs = aml_resource_template();
+aml_append(crs, aml_interrupt(AML_CONSUMER, AML_LEVEL, AML_ACTIVE_HIGH,
+  AML_SHARED, irqs, ARRAY_SIZE(irqs)));
+aml_append(dev, aml_name_decl("_PRS", crs));
+
+method = aml_method("_STA", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_return(aml_call1("IQST", reg)));
+aml_append(dev, method);
+
+method = aml_method("_DIS", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_or(reg, aml_int(0x80), reg));
+aml_append(dev, method);
+
+method = aml_method("_CRS", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_return(aml_call1("IQCR", reg)));
+aml_append(dev, method);
+
+method = aml_method("_SRS", 1, AML_NOTSERIALIZED);
+aml_append(method, aml_create_dword_field(aml_arg(0), aml_int(5), "PRRI"));
+aml_append(method, aml_store(aml_name("PRRI"), reg));
+aml_append(dev, method);
+
+return dev;
+ }
+
 static void build_piix4_pci0_int(Aml *table)
 {
+Aml *dev;
+Aml *crs;
 Aml *field;
+Aml *method;
+uint32_t irqs;
 Aml *sb_scope = aml_scope("_SB");
 
 field = aml_field("PCI0.ISA.P40C", AML_BYTE_ACC, AML_NOLOCK, AML_PRESERVE);
@@ -1439,6 +1479,43 @@ static void build_piix4_pci0_int(Aml *table)
 aml_append(field, aml_named_field("PRQ3", 8));
 aml_append(sb_scope, field);
 
+aml_append(sb_scope, build_link_dev("LNKA", 0, aml_name("PRQ0")));
+aml_append(sb_scope, build_link_dev("LNKB", 1, aml_name("PRQ1")));
+aml_append(sb_scope, build_link_dev("LNKC", 2, aml_name("PRQ2")));
+aml_append(sb_scope, build_link_dev("LNKD", 3, aml_name("PRQ3")));
+
+dev = aml_device("LNKS");
+{
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0C0F")));
+aml_append(dev, aml_name_decl("_UID", aml_int(4)));
+
+crs = aml_resource_template();
+irqs = 9;
+aml_append(crs, aml_interrupt(AML_CONSUMER, AML_LEVEL,
+  AML_ACTIVE_HIGH, AML_SHARED,
+  , 1));
+aml_append(dev, aml_name_decl("_PRS", crs));
+
+/* The SCI cannot be disabled and is always attached to GSI 9,
+ * so these are no-ops.  We only need this link to override the
+ * polarity to active high and match the content of the MADT.
+ */
+method = aml_method("_STA", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_return(aml_int(0x0b)));
+aml_append(dev, method);
+
+method = aml_method("_DIS", 0, AML_NOTSERIALIZED);
+aml_append(dev, method);
+
+method = aml_method("_CRS", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_return(aml_name("_PRS")));
+aml_append(dev, method);
+
+method = aml_method("_SRS", 1, AML_NOTSERIALIZED);
+aml_append(dev, method);
+}
+aml_append(sb_scope, dev);
+
 aml_append(table, sb_scope);
 }
 
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index c9b2725..b74cffd 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -152,49 +152,10 @@ DefinitionBlock (
 Return (PRR0)
 }
 
-#define define_link(link, uid, reg) \
-Device(link) {  \
-Name(_HID, EISAID("PNP0C0F"))   \
-Name(_UID, uid) \
-Name(_PRS, ResourceTemplate() { \
-Interrupt(, Level, ActiveHigh, Shared) {\
-5, 10, 11   \
-}   \
-})  \
-Method(_STA, 0, NotSerialized) {\
-Return (IQST(reg))  \
-}   \
-Method(_DIS, 0, NotSerialized) {\
-Or(reg, 0x80, reg)  \
-}   \
-Method(_CRS, 0, NotSerialized) {

[Qemu-devel] [PATCH v2 21/51] pc: acpi: factor out cpu hotplug code from build_ssdt() into separate function

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c | 174 ---
 1 file changed, 94 insertions(+), 80 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 1cbc305..26655db 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -929,6 +929,98 @@ static Aml *build_crs(PCIHostState *host,
 return crs;
 }
 
+static void build_processor_devices(Aml *sb_scope, unsigned acpi_cpus,
+AcpiCpuInfo *cpu, AcpiPmInfo *pm)
+{
+int i;
+Aml *dev;
+Aml *crs;
+Aml *pkg;
+Aml *field;
+Aml *ifctx;
+Aml *method;
+
+/* The current AML generator can cover the APIC ID range [0..255],
+ * inclusive, for VCPU hotplug. */
+QEMU_BUILD_BUG_ON(ACPI_CPU_HOTPLUG_ID_LIMIT > 256);
+g_assert(acpi_cpus <= ACPI_CPU_HOTPLUG_ID_LIMIT);
+
+/* create PCI0.PRES device and its _CRS to reserve CPU hotplug MMIO */
+dev = aml_device("PCI0." stringify(CPU_HOTPLUG_RESOURCE_DEVICE));
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0A06")));
+aml_append(dev,
+aml_name_decl("_UID", aml_string("CPU Hotplug resources"))
+);
+/* device present, functioning, decoding, not shown in UI */
+aml_append(dev, aml_name_decl("_STA", aml_int(0xB)));
+crs = aml_resource_template();
+aml_append(crs,
+aml_io(AML_DECODE16, pm->cpu_hp_io_base, pm->cpu_hp_io_base, 1,
+   pm->cpu_hp_io_len)
+);
+aml_append(dev, aml_name_decl("_CRS", crs));
+aml_append(sb_scope, dev);
+/* declare CPU hotplug MMIO region and PRS field to access it */
+aml_append(sb_scope, aml_operation_region(
+"PRST", AML_SYSTEM_IO, pm->cpu_hp_io_base, pm->cpu_hp_io_len));
+field = aml_field("PRST", AML_BYTE_ACC, AML_NOLOCK, AML_PRESERVE);
+aml_append(field, aml_named_field("PRS", 256));
+aml_append(sb_scope, field);
+
+/* build Processor object for each processor */
+for (i = 0; i < acpi_cpus; i++) {
+dev = aml_processor(i, 0, 0, "CP%.02X", i);
+
+method = aml_method("_MAT", 0, AML_NOTSERIALIZED);
+aml_append(method,
+aml_return(aml_call1(CPU_MAT_METHOD, aml_int(i;
+aml_append(dev, method);
+
+method = aml_method("_STA", 0, AML_NOTSERIALIZED);
+aml_append(method,
+aml_return(aml_call1(CPU_STATUS_METHOD, aml_int(i;
+aml_append(dev, method);
+
+method = aml_method("_EJ0", 1, AML_NOTSERIALIZED);
+aml_append(method,
+aml_return(aml_call2(CPU_EJECT_METHOD, aml_int(i), aml_arg(0)))
+);
+aml_append(dev, method);
+
+aml_append(sb_scope, dev);
+}
+
+/* build this code:
+ *   Method(NTFY, 2) {If (LEqual(Arg0, 0x00)) {Notify(CP00, Arg1)} ...}
+ */
+/* Arg0 = Processor ID = APIC ID */
+method = aml_method(AML_NOTIFY_METHOD, 2, AML_NOTSERIALIZED);
+for (i = 0; i < acpi_cpus; i++) {
+ifctx = aml_if(aml_equal(aml_arg(0), aml_int(i)));
+aml_append(ifctx,
+aml_notify(aml_name("CP%.02X", i), aml_arg(1))
+);
+aml_append(method, ifctx);
+}
+aml_append(sb_scope, method);
+
+/* build "Name(CPON, Package() { One, One, ..., Zero, Zero, ... })"
+ *
+ * Note: The ability to create variable-sized packages was first
+ * introduced in ACPI 2.0. ACPI 1.0 only allowed fixed-size packages
+ * ith up to 255 elements. Windows guests up to win2k8 fail when
+ * VarPackageOp is used.
+ */
+pkg = acpi_cpus <= 255 ? aml_package(acpi_cpus) :
+ aml_varpackage(acpi_cpus);
+
+for (i = 0; i < acpi_cpus; i++) {
+uint8_t b = test_bit(i, cpu->found_cpus) ? 0x01 : 0x00;
+aml_append(pkg, aml_int(b));
+}
+aml_append(sb_scope, aml_name_decl(CPU_ON_BITMAP, pkg));
+}
+
 static void build_memory_devices(Aml *sb_scope, int nr_mem,
  uint16_t io_base, uint16_t io_len)
 {
@@ -1060,8 +1152,7 @@ build_ssdt(GArray *table_data, GArray *linker,
 {
 MachineState *machine = MACHINE(qdev_get_machine());
 uint32_t nr_mem = machine->ram_slots;
-unsigned acpi_cpus = guest_info->apic_id_limit;
-Aml *ssdt, *sb_scope, *scope, *pkg, *dev, *method, *crs, *field, *ifctx;
+Aml *ssdt, *sb_scope, *scope, *pkg, *dev, *method, *crs, *field;
 PCIBus *bus = NULL;
 GPtrArray *io_ranges = g_ptr_array_new_with_free_func(crs_range_free);
 GPtrArray *mem_ranges = g_ptr_array_new_with_free_func(crs_range_free);
@@ -1070,10 +1161,6 @@ build_ssdt(GArray *table_data, GArray *linker,
 int i;
 
 ssdt = init_aml_allocator();
-/* The current AML generator can cover the APIC ID range [0..255],
- * inclusive, for VCPU hotplug. */
-QEMU_BUILD_BUG_ON(ACPI_CPU_HOTPLUG_ID_LIMIT > 256);
-g_assert(acpi_cpus <= ACPI_CPU_HOTPLUG_ID_LIMIT);
 
 /* Reserve space for header */
 acpi_data_push(ssdt->buf, 

[Qemu-devel] [PATCH v2 40/51] pc: acpi: q35: move IQCR() into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 51 ++-
 hw/i386/q35-acpi-dsdt.dsl |  9 -
 2 files changed, 33 insertions(+), 27 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 9736da3..94f18ea 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1523,6 +1523,36 @@ static Aml *build_gsi_link_dev(const char *name, uint8_t 
uid, uint8_t gsi)
 return dev;
 }
 
+/* _CRS method - get current settings */
+static Aml *build_iqcr_method(bool is_piix4)
+{
+Aml *if_ctx;
+uint32_t irqs;
+Aml *method = aml_method("IQCR", 1, AML_SERIALIZED);
+Aml *crs = aml_resource_template();
+
+irqs = 0;
+aml_append(crs, aml_interrupt(AML_CONSUMER, AML_LEVEL,
+  AML_ACTIVE_HIGH, AML_SHARED, , 1));
+aml_append(method, aml_name_decl("PRR0", crs));
+
+aml_append(method,
+aml_create_dword_field(aml_name("PRR0"), aml_int(5), "PRRI"));
+
+if (is_piix4) {
+if_ctx = aml_if(aml_lless(aml_arg(0), aml_int(0x80)));
+aml_append(if_ctx, aml_store(aml_arg(0), aml_name("PRRI")));
+aml_append(method, if_ctx);
+} else {
+aml_append(method,
+aml_store(aml_and(aml_arg(0), aml_int(0xF), NULL),
+  aml_name("PRRI")));
+}
+
+aml_append(method, aml_return(aml_name("PRR0")));
+return method;
+}
+
 static void build_piix4_pci0_int(Aml *table)
 {
 Aml *dev;
@@ -1554,24 +1584,7 @@ static void build_piix4_pci0_int(Aml *table)
 }
 aml_append(sb_scope, method);
 
-/* _CRS method - get current settings */
-method = aml_method("IQCR", 1, AML_SERIALIZED);
-{
-crs = aml_resource_template();
-irqs = 0;
-aml_append(crs, aml_interrupt(AML_CONSUMER, AML_LEVEL,
-  AML_ACTIVE_HIGH, AML_SHARED, , 1));
-aml_append(method, aml_name_decl("PRR0", crs));
-
-aml_append(method,
-aml_create_dword_field(aml_name("PRR0"), aml_int(5), "PRRI"));
-
-if_ctx = aml_if(aml_lless(aml_arg(0), aml_int(0x80)));
-aml_append(if_ctx, aml_store(aml_arg(0), aml_name("PRRI")));
-aml_append(method, if_ctx);
-aml_append(method, aml_return(aml_name("PRR0")));
-}
-aml_append(sb_scope, method);
+aml_append(sb_scope, build_iqcr_method(true));
 
 aml_append(sb_scope, build_link_dev("LNKA", 0, aml_name("PRQ0")));
 aml_append(sb_scope, build_link_dev("LNKB", 1, aml_name("PRQ1")));
@@ -1617,6 +1630,8 @@ static void build_q35_pci0_int(Aml *table)
 {
 Aml *sb_scope = aml_scope("_SB");
 
+aml_append(sb_scope, build_iqcr_method(false));
+
 aml_append(sb_scope, build_link_dev("LNKA", 0, aml_name("PRQA")));
 aml_append(sb_scope, build_link_dev("LNKB", 1, aml_name("PRQB")));
 aml_append(sb_scope, build_link_dev("LNKC", 2, aml_name("PRQC")));
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index 2da3515..85b0a2c 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -305,15 +305,6 @@ DefinitionBlock (
 }
 Return (0x0B)
 }
-Method(IQCR, 1, Serialized) {
-// _CRS method - get current settings
-Name(PRR0, ResourceTemplate() {
-Interrupt(, Level, ActiveHigh, Shared) { 0 }
-})
-CreateDWordField(PRR0, 0x05, PRRI)
-Store(And(Arg0, 0x0F), PRRI)
-Return (PRR0)
-}
 
 External(LNKA, DeviceObj)
 External(LNKB, DeviceObj)
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 38/51] pc: acpi: q35: move GSI links to SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 47 +++
 hw/i386/q35-acpi-dsdt.dsl | 34 --
 2 files changed, 55 insertions(+), 26 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index df5e835..4edd989 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1498,6 +1498,31 @@ static Aml *build_link_dev(const char *name, uint8_t 
uid, Aml *reg)
 return dev;
  }
 
+static Aml *build_gsi_link_dev(const char *name, uint8_t uid, uint8_t gsi)
+{
+Aml *dev;
+Aml *crs;
+Aml *method;
+uint32_t irqs;
+
+dev = aml_device("%s", name);
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0C0F")));
+aml_append(dev, aml_name_decl("_UID", aml_int(uid)));
+
+crs = aml_resource_template();
+irqs = gsi;
+aml_append(crs, aml_interrupt(AML_CONSUMER, AML_LEVEL, AML_ACTIVE_HIGH,
+  AML_SHARED, , 1));
+aml_append(dev, aml_name_decl("_PRS", crs));
+
+aml_append(dev, aml_name_decl("_CRS", crs));
+
+method = aml_method("_SRS", 1, AML_NOTSERIALIZED);
+aml_append(dev, method);
+
+return dev;
+}
+
 static void build_piix4_pci0_int(Aml *table)
 {
 Aml *dev;
@@ -1588,6 +1613,26 @@ static void build_piix4_pci0_int(Aml *table)
 aml_append(table, sb_scope);
 }
 
+static void build_q35_pci0_int(Aml *table)
+{
+Aml *sb_scope = aml_scope("_SB");
+
+/*
+ * TODO: UID probably shouldn't be the same for GSIx devices
+ * but that's how it was in original ASL so keep it for now
+ */
+aml_append(sb_scope, build_gsi_link_dev("GSIA", 0, 0x10));
+aml_append(sb_scope, build_gsi_link_dev("GSIB", 0, 0x11));
+aml_append(sb_scope, build_gsi_link_dev("GSIC", 0, 0x12));
+aml_append(sb_scope, build_gsi_link_dev("GSID", 0, 0x13));
+aml_append(sb_scope, build_gsi_link_dev("GSIE", 0, 0x14));
+aml_append(sb_scope, build_gsi_link_dev("GSIF", 0, 0x15));
+aml_append(sb_scope, build_gsi_link_dev("GSIG", 0, 0x16));
+aml_append(sb_scope, build_gsi_link_dev("GSIH", 0, 0x17));
+
+aml_append(table, sb_scope);
+}
+
 static void build_piix4_pm(Aml *table)
 {
 Aml *dev;
@@ -1716,7 +1761,9 @@ build_ssdt(GArray *table_data, GArray *linker,
 } else {
 build_hpet_aml(ssdt);
 build_isa_devices_aml(ssdt);
+build_q35_pci0_int(ssdt);
 }
+
 build_cpu_hotplug_aml(ssdt);
 build_memory_hotplug_aml(ssdt, nr_mem, pm->mem_hp_io_base,
  pm->mem_hp_io_len);
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index e157615..f2c154a 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -348,31 +348,13 @@ DefinitionBlock (
 define_link(LNKG, 6, PRQG)
 define_link(LNKH, 7, PRQH)
 
-#define define_gsi_link(link, uid, gsi) \
-Device(link) {  \
-Name(_HID, EISAID("PNP0C0F"))   \
-Name(_UID, uid) \
-Name(_PRS, ResourceTemplate() { \
-Interrupt(, Level, ActiveHigh, Shared) {\
-gsi \
-}   \
-})  \
-Name(_CRS, ResourceTemplate() { \
-Interrupt(, Level, ActiveHigh, Shared) {\
-gsi \
-}   \
-})  \
-Method(_SRS, 1, NotSerialized) {\
-}   \
-}
-
-define_gsi_link(GSIA, 0, 0x10)
-define_gsi_link(GSIB, 0, 0x11)
-define_gsi_link(GSIC, 0, 0x12)
-define_gsi_link(GSID, 0, 0x13)
-define_gsi_link(GSIE, 0, 0x14)
-define_gsi_link(GSIF, 0, 0x15)
-define_gsi_link(GSIG, 0, 0x16)
-define_gsi_link(GSIH, 0, 0x17)
+External(GSIA, DeviceObj)
+External(GSIB, DeviceObj)
+External(GSIC, DeviceObj)
+External(GSID, DeviceObj)
+External(GSIE, DeviceObj)
+External(GSIF, DeviceObj)
+External(GSIG, DeviceObj)
+External(GSIH, DeviceObj)
 }
 }
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 34/51] pc: acpi: piix4: move IQST() into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 10 ++
 hw/i386/acpi-dsdt.dsl |  9 -
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 45bc6b1..8b23363 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1480,6 +1480,16 @@ static void build_piix4_pci0_int(Aml *table)
 aml_append(field, aml_named_field("PRQ3", 8));
 aml_append(sb_scope, field);
 
+/* _STA method - get status */
+method = aml_method("IQST", 1, AML_NOTSERIALIZED);
+{
+if_ctx = aml_if(aml_and(aml_int(0x80), aml_arg(0), NULL));
+aml_append(if_ctx, aml_return(aml_int(0x09)));
+aml_append(method, if_ctx);
+aml_append(method, aml_return(aml_int(0x0B)));
+}
+aml_append(sb_scope, method);
+
 /* _CRS method - get current settings */
 method = aml_method("IQCR", 1, AML_SERIALIZED);
 {
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index 1f58ec4..bc6bd45 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -132,15 +132,6 @@ DefinitionBlock (
 External(PRQ1, FieldUnitObj)
 External(PRQ2, FieldUnitObj)
 External(PRQ3, FieldUnitObj)
-
-Method(IQST, 1, NotSerialized) {
-// _STA method - get status
-If (And(0x80, Arg0)) {
-Return (0x09)
-}
-Return (0x0B)
-}
-
 External(LNKA, DeviceObj)
 External(LNKB, DeviceObj)
 External(LNKC, DeviceObj)
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 49/51] pc: acpi: q35: PCST, PCSB opregions and PCIB field into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 10 ++
 hw/i386/q35-acpi-dsdt.dsl |  5 -
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index d9925cd..ebeab17 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1981,6 +1981,16 @@ build_ssdt(GArray *table_data, GArray *linker,
 build_piix4_pci0_int(ssdt);
 } else {
 sb_scope = aml_scope("_SB");
+aml_append(sb_scope,
+aml_operation_region("PCST", AML_SYSTEM_IO, 0xae00, 0x0c));
+aml_append(sb_scope,
+aml_operation_region("PCSB", AML_SYSTEM_IO, 0xae0c, 0x01));
+field = aml_field("PCSB", AML_ANY_ACC, AML_NOLOCK, AML_WRITE_AS_ZEROS);
+aml_append(field, aml_named_field("PCIB", 8));
+aml_append(sb_scope, field);
+aml_append(ssdt, sb_scope);
+
+sb_scope = aml_scope("_SB");
 dev = aml_device("PCI0");
 aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0A08")));
 aml_append(dev, aml_name_decl("_CID", aml_eisaid("PNP0A03")));
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index f234f5c..3ecdb50 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -36,10 +36,5 @@ DefinitionBlock (
 {
 
 Scope(\_SB) {
-OperationRegion(PCST, SystemIO, 0xae00, 0x0c)
-OperationRegion(PCSB, SystemIO, 0xae0c, 0x01)
-Field(PCSB, AnyAcc, NoLock, WriteAsZeros) {
-PCIB, 8,
-}
 }
 }
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 14/51] pc: acpi: memhp: drop not needed stringify(MEMORY_foo) usage

[Igor Mammedov]

most of MEMORY_foo defines are not shared
with ASL anymore and are used only inside of
memory_hotplug_acpi_table.c, so move them
there and make them strings. As result we
can replace stringify(MEMORY_foo) with just
MEMORY_foo, which makes code a bit cleaner.

No AML change introduced by this patch.

Signed-off-by: Igor Mammedov 
---
 hw/acpi/memory_hotplug_acpi_table.c | 53 +
 hw/i386/acpi-build.c| 52 ++--
 include/hw/acpi/memory_hotplug.h|  6 ++---
 include/hw/acpi/pc-hotplug.h| 42 ++---
 4 files changed, 74 insertions(+), 79 deletions(-)

diff --git a/hw/acpi/memory_hotplug_acpi_table.c 
b/hw/acpi/memory_hotplug_acpi_table.c
index 83e739c..20728ac 100644
--- a/hw/acpi/memory_hotplug_acpi_table.c
+++ b/hw/acpi/memory_hotplug_acpi_table.c
@@ -24,15 +24,15 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 
 /* scope for memory hotplug controller device node */
 pci_scope = aml_scope("_SB.PCI0");
-mem_ctrl_dev = aml_device(stringify(MEMORY_HOTPLUG_DEVICE));
+mem_ctrl_dev = aml_device(MEMORY_HOTPLUG_DEVICE);
 {
 Aml *one = aml_int(1);
 Aml *zero = aml_int(0);
 Aml *ret_val = aml_local(0);
 Aml *slot_arg0 = aml_arg(0);
-Aml *slots_nr = aml_name(stringify(MEMORY_SLOTS_NUMBER));
-Aml *ctrl_lock = aml_name(stringify(MEMORY_SLOT_LOCK));
-Aml *slot_selector = aml_name(stringify(MEMORY_SLOT_SLECTOR));
+Aml *slots_nr = aml_name(MEMORY_SLOTS_NUMBER);
+Aml *ctrl_lock = aml_name(MEMORY_SLOT_LOCK);
+Aml *slot_selector = aml_name(MEMORY_SLOT_SLECTOR);
 
 aml_append(mem_ctrl_dev, aml_name_decl("_HID", aml_string("PNP0A06")));
 aml_append(mem_ctrl_dev,
@@ -48,10 +48,9 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 aml_append(method, aml_return(aml_int(0xB)));
 aml_append(mem_ctrl_dev, method);
 
-aml_append(mem_ctrl_dev, aml_mutex(stringify(MEMORY_SLOT_LOCK), 0));
+aml_append(mem_ctrl_dev, aml_mutex(MEMORY_SLOT_LOCK, 0));
 
-method = aml_method(stringify(MEMORY_SLOT_SCAN_METHOD), 0,
-AML_NOTSERIALIZED);
+method = aml_method(MEMORY_SLOT_SCAN_METHOD, 0, AML_NOTSERIALIZED);
 {
 Aml *else_ctx;
 Aml *while_ctx;
@@ -75,14 +74,14 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
  */
 while_ctx = aml_while(aml_lless(idx, slots_nr));
 {
-Aml *ins_evt = aml_name(stringify(MEMORY_SLOT_INSERT_EVENT));
-Aml *rm_evt = aml_name(stringify(MEMORY_SLOT_REMOVE_EVENT));
+Aml *ins_evt = aml_name(MEMORY_SLOT_INSERT_EVENT);
+Aml *rm_evt = aml_name(MEMORY_SLOT_REMOVE_EVENT);
 
 aml_append(while_ctx, aml_store(idx, slot_selector));
 ifctx = aml_if(aml_equal(ins_evt, one));
 {
 aml_append(ifctx,
-   aml_call2(stringify(MEMORY_SLOT_NOTIFY_METHOD),
+   aml_call2(MEMORY_SLOT_NOTIFY_METHOD,
  idx, dev_chk));
 aml_append(ifctx, aml_store(one, ins_evt));
 }
@@ -92,7 +91,7 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 ifctx = aml_if(aml_equal(rm_evt, one));
 {
 aml_append(ifctx,
-aml_call2(stringify(MEMORY_SLOT_NOTIFY_METHOD),
+aml_call2(MEMORY_SLOT_NOTIFY_METHOD,
   idx, eject_req));
 aml_append(ifctx, aml_store(one, rm_evt));
 }
@@ -107,10 +106,9 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 }
 aml_append(mem_ctrl_dev, method);
 
-method = aml_method(stringify(MEMORY_SLOT_STATUS_METHOD), 1,
-AML_NOTSERIALIZED);
+method = aml_method(MEMORY_SLOT_STATUS_METHOD, 1, AML_NOTSERIALIZED);
 {
-Aml *slot_enabled = aml_name(stringify(MEMORY_SLOT_ENABLED));
+Aml *slot_enabled = aml_name(MEMORY_SLOT_ENABLED);
 
 aml_append(method, aml_store(zero, ret_val));
 aml_append(method, aml_acquire(ctrl_lock, 0x));
@@ -128,8 +126,7 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 }
 aml_append(mem_ctrl_dev, method);
 
-method = aml_method(stringify(MEMORY_SLOT_CRS_METHOD), 1,
-AML_SERIALIZED);
+method = aml_method(MEMORY_SLOT_CRS_METHOD, 1, AML_SERIALIZED);
 {
 Aml *mr64 = aml_name("MR64");
 Aml *mr32 = aml_name("MR32");
@@ -165,13 +162,13 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 aml_create_dword_field(mr64, aml_int(26), "MAXH"));
 
   

[Qemu-devel] [PATCH v2 08/51] pc: acpi: memhp: move MHPD.MOST method into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/acpi/memory_hotplug_acpi_table.c | 15 +++
 hw/i386/acpi-dsdt-mem-hotplug.dsl   | 10 --
 2 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/hw/acpi/memory_hotplug_acpi_table.c 
b/hw/acpi/memory_hotplug_acpi_table.c
index 5289014..4edf680 100644
--- a/hw/acpi/memory_hotplug_acpi_table.c
+++ b/hw/acpi/memory_hotplug_acpi_table.c
@@ -137,6 +137,21 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 aml_append(method, aml_return(ret_val));
 }
 aml_append(mem_ctrl_dev, method);
+
+method = aml_method(stringify(MEMORY_SLOT_OST_METHOD), 4,
+AML_NOTSERIALIZED);
+{
+Aml *ost_evt = aml_name(stringify(MEMORY_SLOT_OST_EVENT));
+Aml *ost_status = aml_name(stringify(MEMORY_SLOT_OST_STATUS));
+
+aml_append(method, aml_acquire(ctrl_lock, 0x));
+aml_append(method, aml_store(aml_to_integer(slot_arg0),
+ slot_selector));
+aml_append(method, aml_store(aml_arg(1), ost_evt));
+aml_append(method, aml_store(aml_arg(2), ost_status));
+aml_append(method, aml_release(ctrl_lock));
+}
+aml_append(mem_ctrl_dev, method);
 }
 aml_append(pci_scope, mem_ctrl_dev);
 aml_append(ctx, pci_scope);
diff --git a/hw/i386/acpi-dsdt-mem-hotplug.dsl 
b/hw/i386/acpi-dsdt-mem-hotplug.dsl
index 02fecf2..8889eca 100644
--- a/hw/i386/acpi-dsdt-mem-hotplug.dsl
+++ b/hw/i386/acpi-dsdt-mem-hotplug.dsl
@@ -27,8 +27,6 @@
 External(MEMORY_SLOT_SIZE_HIGH, FieldUnitObj) // read only
 External(MEMORY_SLOT_EJECT, FieldUnitObj) // initiates device 
eject, write only
 External(MEMORY_SLOT_SLECTOR, FieldUnitObj) // DIMM selector, 
write only
-External(MEMORY_SLOT_OST_EVENT, FieldUnitObj) // _OST event code, 
write only
-External(MEMORY_SLOT_OST_STATUS, FieldUnitObj) // _OST status 
code, write only
 External(MEMORY_SLOT_LOCK, MutexObj)
 
 Method(MEMORY_SLOT_CRS_METHOD, 1, Serialized) {
@@ -95,14 +93,6 @@
 Return(MR64)
 }
 
-Method(MEMORY_SLOT_OST_METHOD, 4) {
-Acquire(MEMORY_SLOT_LOCK, 0x)
-Store(ToInteger(Arg0), MEMORY_SLOT_SLECTOR) // select DIMM
-Store(Arg1, MEMORY_SLOT_OST_EVENT)
-Store(Arg2, MEMORY_SLOT_OST_STATUS)
-Release(MEMORY_SLOT_LOCK)
-}
-
 Method(MEMORY_SLOT_EJECT_METHOD, 2) {
 Acquire(MEMORY_SLOT_LOCK, 0x)
 Store(ToInteger(Arg0), MEMORY_SLOT_SLECTOR) // select DIMM
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 17/51] pc: acpi: cpuhp: move CPMA() method into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/acpi/cpu_hotplug_acpi_table.c  | 23 +++
 hw/i386/acpi-build.c  |  5 +++--
 hw/i386/acpi-dsdt-cpu-hotplug.dsl | 13 -
 include/hw/acpi/cpu_hotplug.h |  2 ++
 4 files changed, 28 insertions(+), 15 deletions(-)

diff --git a/hw/acpi/cpu_hotplug_acpi_table.c b/hw/acpi/cpu_hotplug_acpi_table.c
index 422e57b..69c37fa 100644
--- a/hw/acpi/cpu_hotplug_acpi_table.c
+++ b/hw/acpi/cpu_hotplug_acpi_table.c
@@ -19,6 +19,29 @@ void build_cpu_hotplug_aml(Aml *ctx)
 {
 Aml *method;
 Aml *sb_scope = aml_scope("_SB");
+uint8_t madt_tmpl[8] = {0x00, 0x08, 0x00, 0x00, 0x00, 0, 0, 0};
+Aml *cpu_id = aml_arg(0);
+Aml *cpu_on = aml_local(0);
+Aml *madt = aml_local(1);
+Aml *cpus_map = aml_name(CPU_ON_BITMAP);
+
+/*
+ * _MAT method - creates an madt apic buffer
+ * cpu_id = Arg0 = Processor ID = Local APIC ID
+ * cpu_on = Local0 = CPON flag for this cpu
+ * madt = Local1 = Buffer (in madt apic form) to return
+ */
+method = aml_method(CPU_MAT_METHOD, 1, AML_NOTSERIALIZED);
+aml_append(method,
+aml_store(aml_derefof(aml_index(cpus_map, cpu_id)), cpu_on));
+aml_append(method,
+aml_store(aml_buffer(sizeof(madt_tmpl), madt_tmpl), madt));
+/* Update the processor id, lapic id, and enable/disable status */
+aml_append(method, aml_store(cpu_id, aml_index(madt, aml_int(2;
+aml_append(method, aml_store(cpu_id, aml_index(madt, aml_int(3;
+aml_append(method, aml_store(cpu_on, aml_index(madt, aml_int(4;
+aml_append(method, aml_return(madt));
+aml_append(sb_scope, method);
 
 method = aml_method(CPU_EJECT_METHOD, 2, AML_NOTSERIALIZED);
 aml_append(method, aml_sleep(200));
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index a4343de..683687a 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1316,7 +1316,8 @@ build_ssdt(GArray *table_data, GArray *linker,
 dev = aml_processor(i, 0, 0, "CP%.02X", i);
 
 method = aml_method("_MAT", 0, AML_NOTSERIALIZED);
-aml_append(method, aml_return(aml_call1("CPMA", aml_int(i;
+aml_append(method,
+aml_return(aml_call1(CPU_MAT_METHOD, aml_int(i;
 aml_append(dev, method);
 
 method = aml_method("_STA", 0, AML_NOTSERIALIZED);
@@ -1360,7 +1361,7 @@ build_ssdt(GArray *table_data, GArray *linker,
 uint8_t b = test_bit(i, cpu->found_cpus) ? 0x01 : 0x00;
 aml_append(pkg, aml_int(b));
 }
-aml_append(sb_scope, aml_name_decl("CPON", pkg));
+aml_append(sb_scope, aml_name_decl(CPU_ON_BITMAP, pkg));
 
 build_memory_devices(sb_scope, nr_mem, pm->mem_hp_io_base,
  pm->mem_hp_io_len);
diff --git a/hw/i386/acpi-dsdt-cpu-hotplug.dsl 
b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
index 18331be..9739191 100644
--- a/hw/i386/acpi-dsdt-cpu-hotplug.dsl
+++ b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
@@ -24,19 +24,6 @@ Scope(\_SB) {
 External(PRS, FieldUnitObj)
 
 /* Methods called by run-time generated SSDT Processor objects */
-Method(CPMA, 1, NotSerialized) {
-// _MAT method - create an madt apic buffer
-// Arg0 = Processor ID = Local APIC ID
-// Local0 = CPON flag for this cpu
-Store(DerefOf(Index(CPON, Arg0)), Local0)
-// Local1 = Buffer (in madt apic form) to return
-Store(Buffer(8) {0x00, 0x08, 0x00, 0x00, 0x00, 0, 0, 0}, Local1)
-// Update the processor id, lapic id, and enable/disable status
-Store(Arg0, Index(Local1, 2))
-Store(Arg0, Index(Local1, 3))
-Store(Local0, Index(Local1, 4))
-Return (Local1)
-}
 Method(CPST, 1, NotSerialized) {
 // _STA method - return ON status of cpu
 // Arg0 = Processor ID = Local APIC ID
diff --git a/include/hw/acpi/cpu_hotplug.h b/include/hw/acpi/cpu_hotplug.h
index 87504be..40b9316 100644
--- a/include/hw/acpi/cpu_hotplug.h
+++ b/include/hw/acpi/cpu_hotplug.h
@@ -28,6 +28,8 @@ void acpi_cpu_hotplug_init(MemoryRegion *parent, Object 
*owner,
AcpiCpuHotplug *gpe_cpu, uint16_t base);
 
 #define CPU_EJECT_METHOD "CPEJ"
+#define CPU_MAT_METHOD "CPMA"
+#define CPU_ON_BITMAP "CPON"
 
 void build_cpu_hotplug_aml(Aml *ctx);
 #endif
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 37/51] pc: acpi: piix4: acpi move PCI0 device to SSDT

[Igor Mammedov]

leave Scope(\_SB) definition in DSDT so that iasl
would be able to compile DSDT since we are still
need definition block for table.
After Q35 ASL is converted, DSDT templates will
be completly replaced by AML API generated tables.

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 8 
 hw/i386/acpi-dsdt.dsl | 8 
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index ec6ceda..df5e835 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1699,6 +1699,14 @@ build_ssdt(GArray *table_data, GArray *linker,
 
 build_dbg_aml(ssdt);
 if (misc->is_piix4) {
+sb_scope = aml_scope("_SB");
+dev = aml_device("PCI0");
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0A03")));
+aml_append(dev, aml_name_decl("_ADR", aml_int(0)));
+aml_append(dev, aml_name_decl("_UID", aml_int(1)));
+aml_append(sb_scope, dev);
+aml_append(ssdt, sb_scope);
+
 build_hpet_aml(ssdt);
 build_piix4_pm(ssdt);
 build_piix4_isa_bridge(ssdt);
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index a7769fc..82e4470 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -28,14 +28,6 @@ DefinitionBlock (
 0x1 // OEM Revision
 )
 {
-
 Scope(\_SB) {
-Device(PCI0) {
-Name(_HID, EisaId("PNP0A03"))
-Name(_ADR, 0x00)
-Name(_UID, 1)
-//#define PX13 S0B_
-//External(PX13, DeviceObj)
-}
 }
 }
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 24/51] pc: acpi: move RTC device from DSDT to SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 26 ++
 hw/i386/acpi-dsdt-isa.dsl |  9 -
 2 files changed, 26 insertions(+), 9 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index c5b9ca2..aa40132 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1197,6 +1197,31 @@ static void build_hpet_aml(Aml *table)
 aml_append(table, scope);
 }
 
+static Aml *build_rtc_device_aml(void)
+{
+Aml *dev;
+Aml *crs;
+
+dev = aml_device("RTC");
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0B00")));
+crs = aml_resource_template();
+aml_append(crs, aml_io(AML_DECODE16, 0x0070, 0x0070, 0x10, 0x02));
+aml_append(crs, aml_irq_no_flags(8));
+aml_append(crs, aml_io(AML_DECODE16, 0x0072, 0x0072, 0x02, 0x06));
+aml_append(dev, aml_name_decl("_CRS", crs));
+
+return dev;
+}
+
+static void build_isa_devices_aml(Aml *table)
+{
+Aml *scope = aml_scope("_SB.PCI0.ISA");
+
+aml_append(scope, build_rtc_device_aml());
+
+aml_append(table, scope);
+}
+
 static void build_dbg_aml(Aml *table)
 {
 Aml *field;
@@ -1254,6 +1279,7 @@ build_ssdt(GArray *table_data, GArray *linker,
 
 build_dbg_aml(ssdt);
 build_hpet_aml(ssdt);
+build_isa_devices_aml(ssdt);
 build_cpu_hotplug_aml(ssdt);
 build_memory_hotplug_aml(ssdt, nr_mem, pm->mem_hp_io_base,
  pm->mem_hp_io_len);
diff --git a/hw/i386/acpi-dsdt-isa.dsl b/hw/i386/acpi-dsdt-isa.dsl
index 89caa16..f2cbbea 100644
--- a/hw/i386/acpi-dsdt-isa.dsl
+++ b/hw/i386/acpi-dsdt-isa.dsl
@@ -16,15 +16,6 @@
 /* Common legacy ISA style devices. */
 Scope(\_SB.PCI0.ISA) {
 
-Device(RTC) {
-Name(_HID, EisaId("PNP0B00"))
-Name(_CRS, ResourceTemplate() {
-IO(Decode16, 0x0070, 0x0070, 0x10, 0x02)
-IRQNoFlags() { 8 }
-IO(Decode16, 0x0072, 0x0072, 0x02, 0x06)
-})
-}
-
 Device(KBD) {
 Name(_HID, EisaId("PNP0303"))
 Method(_STA, 0, NotSerialized) {
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 19/51] pc: acpi: cpuhp: move PRSC() method into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/acpi/cpu_hotplug_acpi_table.c  | 64 ++-
 hw/i386/acpi-build.c  |  2 +-
 hw/i386/acpi-dsdt-cpu-hotplug.dsl | 39 +---
 hw/i386/acpi-dsdt.dsl |  2 +-
 hw/i386/q35-acpi-dsdt.dsl |  2 +-
 include/hw/acpi/aml-build.h   |  2 ++
 include/hw/acpi/cpu_hotplug.h |  1 +
 include/hw/acpi/pc-hotplug.h  |  1 +
 8 files changed, 71 insertions(+), 42 deletions(-)

diff --git a/hw/acpi/cpu_hotplug_acpi_table.c b/hw/acpi/cpu_hotplug_acpi_table.c
index 90c4043..8dda4f4 100644
--- a/hw/acpi/cpu_hotplug_acpi_table.c
+++ b/hw/acpi/cpu_hotplug_acpi_table.c
@@ -26,6 +26,8 @@ void build_cpu_hotplug_aml(Aml *ctx)
 Aml *cpu_on = aml_local(0);
 Aml *madt = aml_local(1);
 Aml *cpus_map = aml_name(CPU_ON_BITMAP);
+Aml *zero = aml_int(0);
+Aml *one = aml_int(1);
 
 /*
  * _MAT method - creates an madt apic buffer
@@ -60,7 +62,7 @@ void build_cpu_hotplug_aml(Aml *ctx)
 aml_append(method, if_ctx);
 else_ctx = aml_else();
 {
-aml_append(else_ctx, aml_return(aml_int(0x0)));
+aml_append(else_ctx, aml_return(zero));
 }
 aml_append(method, else_ctx);
 aml_append(sb_scope, method);
@@ -69,5 +71,65 @@ void build_cpu_hotplug_aml(Aml *ctx)
 aml_append(method, aml_sleep(200));
 aml_append(sb_scope, method);
 
+method = aml_method(stringify(CPU_SCAN_METHOD), 0, AML_NOTSERIALIZED);
+{
+Aml *while_ctx, *if_ctx2, *else_ctx2;
+Aml *bus_check_evt = aml_int(1);
+Aml *remove_evt = aml_int(3);
+Aml *status_map = aml_local(5); /* Local5 = active cpu bitmap */
+Aml *byte = aml_local(2); /* Local2 = last read byte from bitmap */
+Aml *idx = aml_local(0); /* Processor ID / APIC ID iterator */
+Aml *is_cpu_on = aml_local(1); /* Local1 = CPON flag for cpu */
+Aml *status = aml_local(3); /* Local3 = active state for cpu */
+
+aml_append(method, aml_store(aml_name(CPU_STATUS_MAP), status_map));
+aml_append(method, aml_store(zero, byte));
+aml_append(method, aml_store(zero, idx));
+
+/* While (idx < SizeOf(CPON)) */
+while_ctx = aml_while(aml_lless(idx, aml_sizeof(cpus_map)));
+aml_append(while_ctx,
+aml_store(aml_derefof(aml_index(cpus_map, idx)), is_cpu_on));
+
+if_ctx = aml_if(aml_and(idx, aml_int(0x07), NULL));
+{
+/* Shift down previously read bitmap byte */
+aml_append(if_ctx, aml_shiftright(byte, one, byte));
+}
+aml_append(while_ctx, if_ctx);
+
+else_ctx = aml_else();
+{
+/* Read next byte from cpu bitmap */
+aml_append(else_ctx, aml_store(aml_derefof(aml_index(status_map,
+   aml_shiftright(idx, aml_int(3), NULL))), byte));
+}
+aml_append(while_ctx, else_ctx);
+
+aml_append(while_ctx, aml_store(aml_and(byte, one, NULL), status));
+if_ctx = aml_if(aml_lnot(aml_equal(is_cpu_on, status)));
+{
+/* State change - update CPON with new state */
+aml_append(if_ctx, aml_store(status, aml_index(cpus_map, idx)));
+if_ctx2 = aml_if(aml_equal(status, one));
+{
+aml_append(if_ctx2,
+aml_call2(AML_NOTIFY_METHOD, idx, bus_check_evt));
+}
+aml_append(if_ctx, if_ctx2);
+else_ctx2 = aml_else();
+{
+aml_append(else_ctx2,
+aml_call2(AML_NOTIFY_METHOD, idx, remove_evt));
+}
+}
+aml_append(if_ctx, else_ctx2);
+aml_append(while_ctx, if_ctx);
+
+aml_append(while_ctx, aml_increment(idx)); /* go to next cpu */
+aml_append(method, while_ctx);
+}
+aml_append(sb_scope, method);
+
 aml_append(ctx, sb_scope);
 }
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index a1b4e98..1e0b7ed 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1338,7 +1338,7 @@ build_ssdt(GArray *table_data, GArray *linker,
  *   Method(NTFY, 2) {If (LEqual(Arg0, 0x00)) {Notify(CP00, Arg1)} ...}
  */
 /* Arg0 = Processor ID = APIC ID */
-method = aml_method("NTFY", 2, AML_NOTSERIALIZED);
+method = aml_method(AML_NOTIFY_METHOD, 2, AML_NOTSERIALIZED);
 for (i = 0; i < acpi_cpus; i++) {
 ifctx = aml_if(aml_equal(aml_arg(0), aml_int(i)));
 aml_append(ifctx,
diff --git a/hw/i386/acpi-dsdt-cpu-hotplug.dsl 
b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
index fb75eda..88c472b 100644
--- a/hw/i386/acpi-dsdt-cpu-hotplug.dsl
+++ b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
@@ -19,42 +19,5 @@
 
 Scope(\_SB) {
 /* Objects filled in by run-time generated SSDT */
-External(NTFY, MethodObj)
-External(CPON, PkgObj)
-External(PRS, FieldUnitObj)
-
-/* Methods called by run-time generated SSDT 

[Qemu-devel] [PATCH v2 30/51] pc: acpi: move PIIX4 isa-bridge and pm devices into SSDT

[Igor Mammedov]

and also move PRQx fields declaration as it can't be
split out into separate patch since fields use
PCI0.ISA.P40C operation region and OperationRegion
must be declared in the same table as a Field that
uses it. If this condition is not statisfied Windows
will BSOD ans IASL (make check) will error out as well.

For the same reason pm is moved together with isa-bridge
as the later refernces P13C OperationRegion from pm device.

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c| 77 +++--
 hw/i386/acpi-dsdt.dsl   | 52 +++---
 include/hw/acpi/aml-build.h |  1 +
 3 files changed, 81 insertions(+), 49 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 44eb068..88deea5 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -108,6 +108,7 @@ typedef struct AcpiPmInfo {
 } AcpiPmInfo;
 
 typedef struct AcpiMiscInfo {
+bool is_piix4;
 bool has_hpet;
 TPMVersion tpm_version;
 const unsigned char *dsdt_code;
@@ -130,10 +131,12 @@ static void acpi_get_dsdt(AcpiMiscInfo *info)
 assert(!!piix != !!lpc);
 
 if (piix) {
+info->is_piix4 = true;
 info->dsdt_code = AcpiDsdtAmlCode;
 info->dsdt_size = sizeof AcpiDsdtAmlCode;
 }
 if (lpc) {
+info->is_piix4 = false;
 info->dsdt_code = Q35AcpiDsdtAmlCode;
 info->dsdt_size = sizeof Q35AcpiDsdtAmlCode;
 }
@@ -1424,6 +1427,68 @@ static void build_dbg_aml(Aml *table)
 aml_append(table, scope);
 }
 
+static void build_piix4_pci0_int(Aml *table)
+{
+Aml *field;
+Aml *sb_scope = aml_scope("_SB");
+
+field = aml_field("PCI0.ISA.P40C", AML_BYTE_ACC, AML_NOLOCK, AML_PRESERVE);
+aml_append(field, aml_named_field("PRQ0", 8));
+aml_append(field, aml_named_field("PRQ1", 8));
+aml_append(field, aml_named_field("PRQ2", 8));
+aml_append(field, aml_named_field("PRQ3", 8));
+aml_append(sb_scope, field);
+
+aml_append(table, sb_scope);
+}
+
+static void build_piix4_pm(Aml *table)
+{
+Aml *dev;
+Aml *scope;
+
+scope =  aml_scope("_SB.PCI0");
+dev = aml_device("PX13");
+aml_append(dev, aml_name_decl("_ADR", aml_int(0x00010003)));
+
+aml_append(dev, aml_operation_region("P13C", AML_PCI_CONFIG,
+ 0x00, 0xff));
+aml_append(scope, dev);
+aml_append(table, scope);
+}
+
+static void build_piix4_isa_bridge(Aml *table)
+{
+Aml *dev;
+Aml *scope;
+Aml *field;
+
+scope =  aml_scope("_SB.PCI0");
+dev = aml_device("ISA");
+aml_append(dev, aml_name_decl("_ADR", aml_int(0x0001)));
+
+/* PIIX PCI to ISA irq remapping */
+aml_append(dev, aml_operation_region("P40C", AML_PCI_CONFIG,
+ 0x60, 0x04));
+/* enable bits */
+field = aml_field("^PX13.P13C", AML_ANY_ACC, AML_NOLOCK, AML_PRESERVE);
+/* Offset(0x5f),, 7, */
+aml_append(field, aml_reserved_field(0x2f8));
+aml_append(field, aml_reserved_field(7));
+aml_append(field, aml_named_field("LPEN", 1));
+/* Offset(0x67),, 3, */
+aml_append(field, aml_reserved_field(0x38));
+aml_append(field, aml_reserved_field(3));
+aml_append(field, aml_named_field("CAEN", 1));
+aml_append(field, aml_reserved_field(3));
+aml_append(field, aml_named_field("CBEN", 1));
+aml_append(dev, field);
+aml_append(dev, aml_name_decl("FDEN", aml_int(1)));
+
+aml_append(scope, dev);
+aml_append(table, scope);
+}
+
 static void
 build_ssdt(GArray *table_data, GArray *linker,
AcpiCpuInfo *cpu, AcpiPmInfo *pm, AcpiMiscInfo *misc,
@@ -1445,8 +1510,16 @@ build_ssdt(GArray *table_data, GArray *linker,
 acpi_data_push(ssdt->buf, sizeof(AcpiTableHeader));
 
 build_dbg_aml(ssdt);
-build_hpet_aml(ssdt);
-build_isa_devices_aml(ssdt);
+if (misc->is_piix4) {
+build_hpet_aml(ssdt);
+build_piix4_pm(ssdt);
+build_piix4_isa_bridge(ssdt);
+build_isa_devices_aml(ssdt);
+build_piix4_pci0_int(ssdt);
+} else {
+build_hpet_aml(ssdt);
+build_isa_devices_aml(ssdt);
+}
 build_cpu_hotplug_aml(ssdt);
 build_memory_hotplug_aml(ssdt, nr_mem, pm->mem_hp_io_base,
  pm->mem_hp_io_len);
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index 6048cc7..11e2e61 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -40,47 +40,6 @@ DefinitionBlock (
 }
 
 /
- * PIIX4 PM
- /
-
-Scope(\_SB.PCI0) {
-Device(PX13) {
-Name(_ADR, 0x00010003)
-OperationRegion(P13C, PCI_Config, 0x00, 0xff)
-}
-}
-
-
-/
- * PIIX3 ISA bridge
- /
-
-   

[Qemu-devel] [PATCH v2 41/51] pc: acpi: q35: move IQST() into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 26 +++---
 hw/i386/q35-acpi-dsdt.dsl |  8 
 2 files changed, 15 insertions(+), 19 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 94f18ea..4b36364 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1553,12 +1553,24 @@ static Aml *build_iqcr_method(bool is_piix4)
 return method;
 }
 
+/* _STA method - get status */
+static Aml *build_irq_status_method(void)
+{
+Aml *if_ctx;
+Aml *method = aml_method("IQST", 1, AML_NOTSERIALIZED);
+
+if_ctx = aml_if(aml_and(aml_int(0x80), aml_arg(0), NULL));
+aml_append(if_ctx, aml_return(aml_int(0x09)));
+aml_append(method, if_ctx);
+aml_append(method, aml_return(aml_int(0x0B)));
+return method;
+}
+
 static void build_piix4_pci0_int(Aml *table)
 {
 Aml *dev;
 Aml *crs;
 Aml *field;
-Aml *if_ctx;
 Aml *method;
 uint32_t irqs;
 Aml *sb_scope = aml_scope("_SB");
@@ -1574,16 +1586,7 @@ static void build_piix4_pci0_int(Aml *table)
 aml_append(field, aml_named_field("PRQ3", 8));
 aml_append(sb_scope, field);
 
-/* _STA method - get status */
-method = aml_method("IQST", 1, AML_NOTSERIALIZED);
-{
-if_ctx = aml_if(aml_and(aml_int(0x80), aml_arg(0), NULL));
-aml_append(if_ctx, aml_return(aml_int(0x09)));
-aml_append(method, if_ctx);
-aml_append(method, aml_return(aml_int(0x0B)));
-}
-aml_append(sb_scope, method);
-
+aml_append(sb_scope, build_irq_status_method());
 aml_append(sb_scope, build_iqcr_method(true));
 
 aml_append(sb_scope, build_link_dev("LNKA", 0, aml_name("PRQ0")));
@@ -1630,6 +1633,7 @@ static void build_q35_pci0_int(Aml *table)
 {
 Aml *sb_scope = aml_scope("_SB");
 
+aml_append(sb_scope, build_irq_status_method());
 aml_append(sb_scope, build_iqcr_method(false));
 
 aml_append(sb_scope, build_link_dev("LNKA", 0, aml_name("PRQA")));
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index 85b0a2c..ec8a48c 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -298,14 +298,6 @@ DefinitionBlock (
 PRQH,   8
 }
 
-Method(IQST, 1, NotSerialized) {
-// _STA method - get status
-If (And(0x80, Arg0)) {
-Return (0x09)
-}
-Return (0x0B)
-}
-
 External(LNKA, DeviceObj)
 External(LNKB, DeviceObj)
 External(LNKC, DeviceObj)
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 29/51] pc: acpi: move COM devices from DSDT to SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 48 +++
 hw/i386/acpi-dsdt-isa.dsl | 52 ---
 hw/i386/acpi-dsdt.dsl |  3 ---
 hw/i386/q35-acpi-dsdt.dsl |  3 ---
 4 files changed, 48 insertions(+), 58 deletions(-)
 delete mode 100644 hw/i386/acpi-dsdt-isa.dsl

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 3585849..44eb068 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1328,6 +1328,52 @@ static Aml *build_lpt_device_aml(void)
 return dev;
 }
 
+static Aml *build_com_device_aml(uint8_t uid)
+{
+Aml *dev;
+Aml *crs;
+Aml *method;
+Aml *if_ctx;
+Aml *else_ctx;
+Aml *zero = aml_int(0);
+Aml *is_present = aml_local(0);
+const char *enabled_field = "CAEN";
+uint8_t irq = 4;
+uint16_t io_port = 0x03F8;
+
+assert(uid == 1 || uid == 2);
+if (uid == 2) {
+enabled_field = "CBEN";
+irq = 3;
+io_port = 0x02F8;
+}
+
+dev = aml_device("COM%d", uid);
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0501")));
+aml_append(dev, aml_name_decl("_UID", aml_int(uid)));
+
+method = aml_method("_STA", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_store(aml_name("%s", enabled_field), is_present));
+if_ctx = aml_if(aml_equal(is_present, zero));
+{
+aml_append(if_ctx, aml_return(aml_int(0x00)));
+}
+aml_append(method, if_ctx);
+else_ctx = aml_else();
+{
+aml_append(else_ctx, aml_return(aml_int(0x0f)));
+}
+aml_append(method, else_ctx);
+aml_append(dev, method);
+
+crs = aml_resource_template();
+aml_append(crs, aml_io(AML_DECODE16, io_port, io_port, 0x00, 0x08));
+aml_append(crs, aml_irq_no_flags(irq));
+aml_append(dev, aml_name_decl("_CRS", crs));
+
+return dev;
+}
+
 static void build_isa_devices_aml(Aml *table)
 {
 Aml *scope = aml_scope("_SB.PCI0.ISA");
@@ -1337,6 +1383,8 @@ static void build_isa_devices_aml(Aml *table)
 aml_append(scope, build_mouse_device_aml());
 aml_append(scope, build_fdc_device_aml());
 aml_append(scope, build_lpt_device_aml());
+aml_append(scope, build_com_device_aml(1));
+aml_append(scope, build_com_device_aml(2));
 
 aml_append(table, scope);
 }
diff --git a/hw/i386/acpi-dsdt-isa.dsl b/hw/i386/acpi-dsdt-isa.dsl
deleted file mode 100644
index cc5e8f9..000
--- a/hw/i386/acpi-dsdt-isa.dsl
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, see .
- */
-
-/* Common legacy ISA style devices. */
-Scope(\_SB.PCI0.ISA) {
-
-Device(COM1) {
-Name(_HID, EisaId("PNP0501"))
-Name(_UID, 0x01)
-Method(_STA, 0, NotSerialized) {
-Store(CAEN, Local0)
-If (LEqual(Local0, 0)) {
-Return (0x00)
-} Else {
-Return (0x0F)
-}
-}
-Name(_CRS, ResourceTemplate() {
-IO(Decode16, 0x03F8, 0x03F8, 0x00, 0x08)
-IRQNoFlags() { 4 }
-})
-}
-
-Device(COM2) {
-Name(_HID, EisaId("PNP0501"))
-Name(_UID, 0x02)
-Method(_STA, 0, NotSerialized) {
-Store(CBEN, Local0)
-If (LEqual(Local0, 0)) {
-Return (0x00)
-} Else {
-Return (0x0F)
-}
-}
-Name(_CRS, ResourceTemplate() {
-IO(Decode16, 0x02F8, 0x02F8, 0x00, 0x08)
-IRQNoFlags() { 3 }
-})
-}
-}
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index 55c2220..6048cc7 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -80,9 +80,6 @@ DefinitionBlock (
 }
 }
 
-#include "acpi-dsdt-isa.dsl"
-
-
 /
  * PCI hotplug
  /
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index bf3f974..4862ded 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -146,9 +146,6 @@ DefinitionBlock (
 }
 }
 
-#include "acpi-dsdt-isa.dsl"
-
-
 /
  * PCI IRQs
  /
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 27/51] pc: acpi: move FDC0 device from DSDT to SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 40 
 hw/i386/acpi-dsdt-isa.dsl | 18 --
 2 files changed, 40 insertions(+), 18 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 207dfb9..9ca428a 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1197,6 +1197,44 @@ static void build_hpet_aml(Aml *table)
 aml_append(table, scope);
 }
 
+static Aml *build_fdc_device_aml(void)
+{
+Aml *dev;
+Aml *crs;
+Aml *method;
+Aml *if_ctx;
+Aml *else_ctx;
+Aml *zero = aml_int(0);
+Aml *is_present = aml_local(0);
+
+dev = aml_device("FDC0");
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0700")));
+
+method = aml_method("_STA", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_store(aml_name("FDEN"), is_present));
+if_ctx = aml_if(aml_equal(is_present, zero));
+{
+aml_append(if_ctx, aml_return(aml_int(0x00)));
+}
+aml_append(method, if_ctx);
+else_ctx = aml_else();
+{
+aml_append(else_ctx, aml_return(aml_int(0x0f)));
+}
+aml_append(method, else_ctx);
+aml_append(dev, method);
+
+crs = aml_resource_template();
+aml_append(crs, aml_io(AML_DECODE16, 0x03F2, 0x03F2, 0x00, 0x04));
+aml_append(crs, aml_io(AML_DECODE16, 0x03F7, 0x03F7, 0x00, 0x01));
+aml_append(crs, aml_irq_no_flags(6));
+aml_append(crs,
+aml_dma(AML_COMPATIBILITY, AML_NOTBUSMASTER, AML_TRANSFER8, 2));
+aml_append(dev, aml_name_decl("_CRS", crs));
+
+return dev;
+}
+
 static Aml *build_rtc_device_aml(void)
 {
 Aml *dev;
@@ -1208,6 +1246,7 @@ static Aml *build_rtc_device_aml(void)
 aml_append(crs, aml_io(AML_DECODE16, 0x0070, 0x0070, 0x10, 0x02));
 aml_append(crs, aml_irq_no_flags(8));
 aml_append(crs, aml_io(AML_DECODE16, 0x0072, 0x0072, 0x02, 0x06));
+aml_append(dev, aml_name_decl("_CRS", crs));
 
 return dev;
 }
@@ -1261,6 +1300,7 @@ static void build_isa_devices_aml(Aml *table)
 aml_append(scope, build_rtc_device_aml());
 aml_append(scope, build_kbd_device_aml());
 aml_append(scope, build_mouse_device_aml());
+aml_append(scope, build_fdc_device_aml());
 
 aml_append(table, scope);
 }
diff --git a/hw/i386/acpi-dsdt-isa.dsl b/hw/i386/acpi-dsdt-isa.dsl
index 8936271..64dd4ac 100644
--- a/hw/i386/acpi-dsdt-isa.dsl
+++ b/hw/i386/acpi-dsdt-isa.dsl
@@ -16,24 +16,6 @@
 /* Common legacy ISA style devices. */
 Scope(\_SB.PCI0.ISA) {
 
-Device(FDC0) {
-Name(_HID, EisaId("PNP0700"))
-Method(_STA, 0, NotSerialized) {
-Store(FDEN, Local0)
-If (LEqual(Local0, 0)) {
-Return (0x00)
-} Else {
-Return (0x0F)
-}
-}
-Name(_CRS, ResourceTemplate() {
-IO(Decode16, 0x03F2, 0x03F2, 0x00, 0x04)
-IO(Decode16, 0x03F7, 0x03F7, 0x00, 0x01)
-IRQNoFlags() { 6 }
-DMA(Compatibility, NotBusMaster, Transfer8) { 2 }
-})
-}
-
 Device(LPT) {
 Name(_HID, EisaId("PNP0400"))
 Method(_STA, 0, NotSerialized) {
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 15/51] pc: acpi: drop unused CPU_STATUS_LEN from DSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-dsdt-cpu-hotplug.dsl | 1 -
 1 file changed, 1 deletion(-)

diff --git a/hw/i386/acpi-dsdt-cpu-hotplug.dsl 
b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
index 1aff746..53e1389 100644
--- a/hw/i386/acpi-dsdt-cpu-hotplug.dsl
+++ b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
@@ -53,7 +53,6 @@ Scope(\_SB) {
 Sleep(200)
 }
 
-#define CPU_STATUS_LEN ACPI_GPE_PROC_LEN
 Method(PRSC, 0) {
 // Local5 = active cpu bitmap
 Store(PRS, Local5)
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 43/51] pc: acpi: q35: move _PRT() into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 21 +
 hw/i386/q35-acpi-dsdt.dsl | 12 
 2 files changed, 21 insertions(+), 12 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 4fdab96..0174e80 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1632,7 +1632,28 @@ static void build_piix4_pci0_int(Aml *table)
 static void build_q35_pci0_int(Aml *table)
 {
 Aml *field;
+Aml *method;
 Aml *sb_scope = aml_scope("_SB");
+Aml *pci0_scope = aml_scope("PCI0");
+
+method = aml_method("_PRT", 0, AML_NOTSERIALIZED);
+{
+Aml *if_ctx;
+Aml *else_ctx;
+
+/* PCI IRQ routing table, example from ACPI 2.0a specification,
+   section 6.2.8.1 */
+/* Note: we provide the same info as the PCI routing
+   table of the Bochs BIOS */
+if_ctx = aml_if(aml_equal(aml_name("PICF"), aml_int(0)));
+aml_append(if_ctx, aml_return(aml_name("PRTP")));
+aml_append(method, if_ctx);
+else_ctx = aml_else();
+aml_append(else_ctx, aml_return(aml_name("PRTA")));
+aml_append(method, else_ctx);
+}
+aml_append(pci0_scope, method);
+aml_append(sb_scope, pci0_scope);
 
 field = aml_field("PCI0.ISA.PIRQ", AML_BYTE_ACC, AML_NOLOCK, AML_PRESERVE);
 aml_append(field, aml_named_field("PRQA", 8));
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index b01d4de..f265583 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -238,18 +238,6 @@ DefinitionBlock (
 
 prt_slot_gsiA(0x001f)
 })
-
-Method(_PRT, 0, NotSerialized) {
-/* PCI IRQ routing table, example from ACPI 2.0a specification,
-   section 6.2.8.1 */
-/* Note: we provide the same info as the PCI routing
-   table of the Bochs BIOS */
-If (LEqual(\PICF, Zero)) {
-Return (PRTP)
-} Else {
-Return (PRTA)
-}
-}
 }
 
 External(LNKA, DeviceObj)
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 23/51] pc: acpi: move DBUG() from DSDT to SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c   | 36 
 hw/i386/acpi-dsdt-dbug.dsl | 41 -
 hw/i386/acpi-dsdt.dsl  |  2 --
 hw/i386/q35-acpi-dsdt.dsl  |  2 --
 4 files changed, 36 insertions(+), 45 deletions(-)
 delete mode 100644 hw/i386/acpi-dsdt-dbug.dsl

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index a099244..c5b9ca2 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1197,6 +1197,41 @@ static void build_hpet_aml(Aml *table)
 aml_append(table, scope);
 }
 
+static void build_dbg_aml(Aml *table)
+{
+Aml *field;
+Aml *method;
+Aml *while_ctx;
+Aml *scope = aml_scope("\\");
+Aml *buf = aml_local(0);
+Aml *len = aml_local(1);
+Aml *idx = aml_local(2);
+
+aml_append(scope,
+   aml_operation_region("DBG", AML_SYSTEM_IO, 0x0402, 0x01));
+field = aml_field("DBG", AML_BYTE_ACC, AML_NOLOCK, AML_PRESERVE);
+aml_append(field, aml_named_field("DBGB", 8));
+aml_append(scope, field);
+
+method = aml_method("DBUG", 1, AML_NOTSERIALIZED);
+
+aml_append(method, aml_to_hexstring(aml_arg(0), buf));
+aml_append(method, aml_to_buffer(buf, buf));
+aml_append(method, aml_subtract(aml_sizeof(buf), aml_int(1), len));
+aml_append(method, aml_store(aml_int(0), idx));
+
+while_ctx = aml_while(aml_lless(idx, len));
+aml_append(while_ctx,
+aml_store(aml_derefof(aml_index(buf, idx)), aml_name("DBGB")));
+aml_append(while_ctx, aml_increment(idx));
+aml_append(method, while_ctx);
+
+aml_append(method, aml_store(aml_int(0x0A), aml_name("DBGB")));
+aml_append(scope, method);
+
+aml_append(table, scope);
+}
+
 static void
 build_ssdt(GArray *table_data, GArray *linker,
AcpiCpuInfo *cpu, AcpiPmInfo *pm, AcpiMiscInfo *misc,
@@ -1217,6 +1252,7 @@ build_ssdt(GArray *table_data, GArray *linker,
 /* Reserve space for header */
 acpi_data_push(ssdt->buf, sizeof(AcpiTableHeader));
 
+build_dbg_aml(ssdt);
 build_hpet_aml(ssdt);
 build_cpu_hotplug_aml(ssdt);
 build_memory_hotplug_aml(ssdt, nr_mem, pm->mem_hp_io_base,
diff --git a/hw/i386/acpi-dsdt-dbug.dsl b/hw/i386/acpi-dsdt-dbug.dsl
deleted file mode 100644
index 86230f7..000
--- a/hw/i386/acpi-dsdt-dbug.dsl
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, see .
- */
-
-/
- * Debugging
- /
-
-Scope(\) {
-/* Debug Output */
-OperationRegion(DBG, SystemIO, 0x0402, 0x01)
-Field(DBG, ByteAcc, NoLock, Preserve) {
-DBGB,   8,
-}
-
-/* Debug method - use this method to send output to the QEMU
- * BIOS debug port.  This method handles strings, integers,
- * and buffers.  For example: DBUG("abc") DBUG(0x123) */
-Method(DBUG, 1) {
-ToHexString(Arg0, Local0)
-ToBuffer(Local0, Local0)
-Subtract(SizeOf(Local0), 1, Local1)
-Store(Zero, Local2)
-While (LLess(Local2, Local1)) {
-Store(DerefOf(Index(Local0, Local2)), DBGB)
-Increment(Local2)
-}
-Store(0x0A, DBGB)
-}
-}
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index aa7f549..55c2220 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -29,8 +29,6 @@ DefinitionBlock (
 )
 {
 
-#include "acpi-dsdt-dbug.dsl"
-
 Scope(\_SB) {
 Device(PCI0) {
 Name(_HID, EisaId("PNP0A03"))
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index e57adb8..bf3f974 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -35,8 +35,6 @@ DefinitionBlock (
 )
 {
 
-#include "acpi-dsdt-dbug.dsl"
-
 Scope(\_SB) {
 OperationRegion(PCST, SystemIO, 0xae00, 0x0c)
 OperationRegion(PCSB, SystemIO, 0xae0c, 0x01)
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 39/51] pc: acpi: q35: move link devices to SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  |  9 +
 hw/i386/q35-acpi-dsdt.dsl | 40 
 2 files changed, 17 insertions(+), 32 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 4edd989..9736da3 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1617,6 +1617,15 @@ static void build_q35_pci0_int(Aml *table)
 {
 Aml *sb_scope = aml_scope("_SB");
 
+aml_append(sb_scope, build_link_dev("LNKA", 0, aml_name("PRQA")));
+aml_append(sb_scope, build_link_dev("LNKB", 1, aml_name("PRQB")));
+aml_append(sb_scope, build_link_dev("LNKC", 2, aml_name("PRQC")));
+aml_append(sb_scope, build_link_dev("LNKD", 3, aml_name("PRQD")));
+aml_append(sb_scope, build_link_dev("LNKE", 4, aml_name("PRQE")));
+aml_append(sb_scope, build_link_dev("LNKF", 5, aml_name("PRQF")));
+aml_append(sb_scope, build_link_dev("LNKG", 6, aml_name("PRQG")));
+aml_append(sb_scope, build_link_dev("LNKH", 7, aml_name("PRQH")));
+
 /*
  * TODO: UID probably shouldn't be the same for GSIx devices
  * but that's how it was in original ASL so keep it for now
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index f2c154a..2da3515 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -315,38 +315,14 @@ DefinitionBlock (
 Return (PRR0)
 }
 
-#define define_link(link, uid, reg) \
-Device(link) {  \
-Name(_HID, EISAID("PNP0C0F"))   \
-Name(_UID, uid) \
-Name(_PRS, ResourceTemplate() { \
-Interrupt(, Level, ActiveHigh, Shared) {\
-5, 10, 11   \
-}   \
-})  \
-Method(_STA, 0, NotSerialized) {\
-Return (IQST(reg))  \
-}   \
-Method(_DIS, 0, NotSerialized) {\
-Or(reg, 0x80, reg)  \
-}   \
-Method(_CRS, 0, NotSerialized) {\
-Return (IQCR(reg))  \
-}   \
-Method(_SRS, 1, NotSerialized) {\
-CreateDWordField(Arg0, 0x05, PRRI)  \
-Store(PRRI, reg)\
-}   \
-}
-
-define_link(LNKA, 0, PRQA)
-define_link(LNKB, 1, PRQB)
-define_link(LNKC, 2, PRQC)
-define_link(LNKD, 3, PRQD)
-define_link(LNKE, 4, PRQE)
-define_link(LNKF, 5, PRQF)
-define_link(LNKG, 6, PRQG)
-define_link(LNKH, 7, PRQH)
+External(LNKA, DeviceObj)
+External(LNKB, DeviceObj)
+External(LNKC, DeviceObj)
+External(LNKD, DeviceObj)
+External(LNKE, DeviceObj)
+External(LNKF, DeviceObj)
+External(LNKG, DeviceObj)
+External(LNKH, DeviceObj)
 
 External(GSIA, DeviceObj)
 External(GSIB, DeviceObj)
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 44/51] pc: acpi: q35: move PRTA routing table into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 61 +++
 hw/i386/q35-acpi-dsdt.dsl | 57 ---
 2 files changed, 61 insertions(+), 57 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 0174e80..1e12696 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1629,6 +1629,64 @@ static void build_piix4_pci0_int(Aml *table)
 aml_append(table, sb_scope);
 }
 
+static void append_q35_prt_entry(Aml *ctx, uint32_t nr, const char *name)
+{
+int i;
+int head;
+Aml *pkg;
+char base = name[3] < 'E' ? 'A' : 'E';
+char *s = g_strdup(name);
+Aml *a_nr = aml_int((nr << 16) | 0x);
+
+assert(strlen(s) == 4);
+
+head = name[3] - base;
+for (i = 0; i < 4; i++) {
+if (head + i > 3) {
+head = i * -1;
+}
+s[3] = base + head + i;
+pkg = aml_package(4);
+aml_append(pkg, a_nr);
+aml_append(pkg, aml_int(i));
+aml_append(pkg, aml_name("%s", s));
+aml_append(pkg, aml_int(0));
+aml_append(ctx, pkg);
+}
+g_free(s);
+}
+
+static Aml *build_q35_routing_table(const char *str)
+{
+int i;
+Aml *pkg;
+char *name = g_strdup_printf("%s ", str);
+
+pkg = aml_package(128);
+for (i = 0; i < 0x18; i++) {
+name[3] = 'E' + (i & 0x3);
+append_q35_prt_entry(pkg, i, name);
+}
+
+name[3] = 'E';
+append_q35_prt_entry(pkg, 0x18, name);
+
+/* INTA -> PIRQA for slot 25 - 31, see the default value of DIR */
+for (i = 0x0019; i < 0x1e; i++) {
+name[3] = 'A';
+append_q35_prt_entry(pkg, i, name);
+}
+
+/* PCIe->PCI bridge. use PIRQ[E-H] */
+name[3] = 'E';
+append_q35_prt_entry(pkg, 0x1e, name);
+name[3] = 'A';
+append_q35_prt_entry(pkg, 0x1f, name);
+
+g_free(name);
+return pkg;
+}
+
 static void build_q35_pci0_int(Aml *table)
 {
 Aml *field;
@@ -1636,6 +1694,9 @@ static void build_q35_pci0_int(Aml *table)
 Aml *sb_scope = aml_scope("_SB");
 Aml *pci0_scope = aml_scope("PCI0");
 
+aml_append(pci0_scope,
+aml_name_decl("PRTA", build_q35_routing_table("GSI")));
+
 method = aml_method("_PRT", 0, AML_NOTSERIALIZED);
 {
 Aml *if_ctx;
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index f265583..a3073ad 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -181,63 +181,6 @@ DefinitionBlock (
 
 prt_slot_lnkA(0x001f)
 })
-
-#define prt_slot_gsi(nr, gsi0, gsi1, gsi2, gsi3)  \
-Package() { nr##, 0, gsi0, 0 },   \
-Package() { nr##, 1, gsi1, 0 },   \
-Package() { nr##, 2, gsi2, 0 },   \
-Package() { nr##, 3, gsi3, 0 }
-
-#define prt_slot_gsiA(nr) prt_slot_gsi(nr, GSIA, GSIB, GSIC, GSID)
-#define prt_slot_gsiB(nr) prt_slot_gsi(nr, GSIB, GSIC, GSID, GSIA)
-#define prt_slot_gsiC(nr) prt_slot_gsi(nr, GSIC, GSID, GSIA, GSIB)
-#define prt_slot_gsiD(nr) prt_slot_gsi(nr, GSID, GSIA, GSIB, GSIC)
-
-#define prt_slot_gsiE(nr) prt_slot_gsi(nr, GSIE, GSIF, GSIG, GSIH)
-#define prt_slot_gsiF(nr) prt_slot_gsi(nr, GSIF, GSIG, GSIH, GSIE)
-#define prt_slot_gsiG(nr) prt_slot_gsi(nr, GSIG, GSIH, GSIE, GSIF)
-#define prt_slot_gsiH(nr) prt_slot_gsi(nr, GSIH, GSIE, GSIF, GSIG)
-
-Name(PRTA, package() {
-prt_slot_gsiE(0x),
-prt_slot_gsiF(0x0001),
-prt_slot_gsiG(0x0002),
-prt_slot_gsiH(0x0003),
-prt_slot_gsiE(0x0004),
-prt_slot_gsiF(0x0005),
-prt_slot_gsiG(0x0006),
-prt_slot_gsiH(0x0007),
-prt_slot_gsiE(0x0008),
-prt_slot_gsiF(0x0009),
-prt_slot_gsiG(0x000a),
-prt_slot_gsiH(0x000b),
-prt_slot_gsiE(0x000c),
-prt_slot_gsiF(0x000d),
-prt_slot_gsiG(0x000e),
-prt_slot_gsiH(0x000f),
-prt_slot_gsiE(0x0010),
-prt_slot_gsiF(0x0011),
-prt_slot_gsiG(0x0012),
-prt_slot_gsiH(0x0013),
-prt_slot_gsiE(0x0014),
-prt_slot_gsiF(0x0015),
-prt_slot_gsiG(0x0016),
-prt_slot_gsiH(0x0017),
-prt_slot_gsiE(0x0018),
-
-/* INTA -> PIRQA for slot 25 - 31, but 30
-   see the default value of DIR */
-prt_slot_gsiA(0x0019),
-prt_slot_gsiA(0x001a),
-prt_slot_gsiA(0x001b),
-prt_slot_gsiA(0x001c),
-prt_slot_gsiA(0x001d),
-
-/* PCIe->PCI bridge. use PIRQ[E-H] */
-prt_slot_gsiE(0x001e),
-
-prt_slot_gsiA(0x001f)
-})
 }
 
 External(LNKA, DeviceObj)
-- 
1.8.3.1

[Qemu-devel] [Bug 1399191] Re: Large VHDX image size

[Jan]

We have encountered the same problem.
We have a 1.4 GB size vmdk image  and after converting it to vhdx, its size is 
62GB. But qemu-img info show the size is 2.9 G.
===
$ qemu-img info dd_test.vmdk
image: dd_test.vmdk
file format: vmdk
virtual size: 250G (268435456000 bytes)
disk size: 1.4G
$ qemu-img convert -p -f vmdk dd_test.vmdk  -O vhdx t.vhdx
(98.02/100%)

$ qemu-img info t.vhdx
image: t.vhdx
file format: vhdx
virtual size: 250G (268435456000 bytes)
disk size: 2.9G
$ ls -ltrh t.vhdx
-rw-r--r-- 1 wangj85 wangj85 62G Dec 28  2015 t.vhdx

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1399191

Title:
  Large VHDX image size

Status in QEMU:
  New

Bug description:
  We are trying to convert a VMDK image to VHDX image for deploy to HyperV 
Server ( SCVMM 2012 SP1) using qemu-img.
  We tried converting the image using both 'fixed' as well as 'dynamic' format. 
We found that both the disks occupy the same size of 50GB. When the same is 
done with VHD image, we found that the dynamic disks are much lesser in size (5 
GB) than the fixed disk (50GB). 

  Why is that the VHDX generates large sized images for both the
  formats?

  The following commands were used to convert the vmdk image to VHDX
  format

  1. qemu-img convert -p -o subformat=fixed  -f vmdk -O vhdx Test.vmdk
  Test-fixed.vhdx

  qemu-img info Test-fixed.vhdx
  image: Test-fixed.vhdx
  file format: vhdx
  virtual size: 50G (53687091200 bytes)
  disk size: 50G
  cluster_size: 16777216


  
  2. qemu-img convert -p -o subformat=dynamic  -f vmdk -O vhdx Test.vmdk 
Test-dynamic.vhdx

  qemu-img info Test-dynamic.vhdx
  image: Test-dynamic.vhdx
  file format: vhdx
  virtual size: 50G (53687091200 bytes)
  disk size: 50G
  cluster_size: 16777216

  
  We tried this with the following version of qemu
  1. qemu-2.0.0
  2. qemu-2.1.2
  3. qemu-2.2.0-rc4

  
  Please let us know how to create compact VHDX images using qemu-img.
  Thank you

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1399191/+subscriptions

[Qemu-devel] [Bug 1399191] Re: Large VHDX image size

[Jan]

qemu-img version is 1.5.3. I also use newer version to do the
conversion, it has the same result.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1399191

Title:
  Large VHDX image size

Status in QEMU:
  New

Bug description:
  We are trying to convert a VMDK image to VHDX image for deploy to HyperV 
Server ( SCVMM 2012 SP1) using qemu-img.
  We tried converting the image using both 'fixed' as well as 'dynamic' format. 
We found that both the disks occupy the same size of 50GB. When the same is 
done with VHD image, we found that the dynamic disks are much lesser in size (5 
GB) than the fixed disk (50GB). 

  Why is that the VHDX generates large sized images for both the
  formats?

  The following commands were used to convert the vmdk image to VHDX
  format

  1. qemu-img convert -p -o subformat=fixed  -f vmdk -O vhdx Test.vmdk
  Test-fixed.vhdx

  qemu-img info Test-fixed.vhdx
  image: Test-fixed.vhdx
  file format: vhdx
  virtual size: 50G (53687091200 bytes)
  disk size: 50G
  cluster_size: 16777216


  
  2. qemu-img convert -p -o subformat=dynamic  -f vmdk -O vhdx Test.vmdk 
Test-dynamic.vhdx

  qemu-img info Test-dynamic.vhdx
  image: Test-dynamic.vhdx
  file format: vhdx
  virtual size: 50G (53687091200 bytes)
  disk size: 50G
  cluster_size: 16777216

  
  We tried this with the following version of qemu
  1. qemu-2.0.0
  2. qemu-2.1.2
  3. qemu-2.2.0-rc4

  
  Please let us know how to create compact VHDX images using qemu-img.
  Thank you

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1399191/+subscriptions

[Qemu-devel] [PATCH v2 22/51] pc: acpi: move HPET from DSDT to SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c   | 53 ++
 hw/i386/acpi-dsdt-hpet.dsl | 48 -
 hw/i386/acpi-dsdt.dsl  |  2 --
 hw/i386/q35-acpi-dsdt.dsl  |  3 ---
 hw/timer/hpet.c|  2 +-
 include/hw/timer/hpet.h|  1 +
 6 files changed, 55 insertions(+), 54 deletions(-)
 delete mode 100644 hw/i386/acpi-dsdt-hpet.dsl

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 26655db..a099244 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -51,6 +51,7 @@
 #include "hw/pci/pci_bus.h"
 #include "hw/pci-host/q35.h"
 #include "hw/i386/intel_iommu.h"
+#include "hw/timer/hpet.h"
 
 #include "hw/i386/q35-acpi-dsdt.hex"
 #include "hw/i386/acpi-dsdt.hex"
@@ -1145,6 +1146,57 @@ static void build_memory_devices(Aml *sb_scope, int 
nr_mem,
 aml_append(sb_scope, method);
 }
 
+static void build_hpet_aml(Aml *table)
+{
+Aml *crs;
+Aml *field;
+Aml *method;
+Aml *if_ctx;
+Aml *scope = aml_scope("_SB");
+Aml *dev = aml_device("HPET");
+Aml *zero = aml_int(0);
+Aml *id = aml_local(0);
+Aml *period = aml_local(1);
+
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0103")));
+aml_append(dev, aml_name_decl("_UID", zero));
+
+aml_append(dev,
+aml_operation_region("HPTM", AML_SYSTEM_MEMORY, HPET_BASE, HPET_LEN));
+field = aml_field("HPTM", AML_DWORD_ACC, AML_LOCK, AML_PRESERVE);
+aml_append(field, aml_named_field("VEND", 32));
+aml_append(field, aml_named_field("PRD", 32));
+aml_append(dev, field);
+
+method = aml_method("_STA", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_store(aml_name("VEND"), id));
+aml_append(method, aml_store(aml_name("PRD"), period));
+aml_append(method, aml_shiftright(id, aml_int(16), id));
+if_ctx = aml_if(aml_lor(aml_equal(id, zero),
+aml_equal(id, aml_int(0x;
+{
+aml_append(if_ctx, aml_return(zero));
+}
+aml_append(method, if_ctx);
+
+if_ctx = aml_if(aml_lor(aml_equal(period, zero),
+aml_lgreater(period, aml_int(1;
+{
+aml_append(if_ctx, aml_return(zero));
+}
+aml_append(method, if_ctx);
+
+aml_append(method, aml_return(aml_int(0x0F)));
+aml_append(dev, method);
+
+crs = aml_resource_template();
+aml_append(crs, aml_memory32_fixed(HPET_BASE, HPET_LEN, AML_READ_ONLY));
+aml_append(dev, aml_name_decl("_CRS", crs));
+
+aml_append(scope, dev);
+aml_append(table, scope);
+}
+
 static void
 build_ssdt(GArray *table_data, GArray *linker,
AcpiCpuInfo *cpu, AcpiPmInfo *pm, AcpiMiscInfo *misc,
@@ -1165,6 +1217,7 @@ build_ssdt(GArray *table_data, GArray *linker,
 /* Reserve space for header */
 acpi_data_push(ssdt->buf, sizeof(AcpiTableHeader));
 
+build_hpet_aml(ssdt);
 build_cpu_hotplug_aml(ssdt);
 build_memory_hotplug_aml(ssdt, nr_mem, pm->mem_hp_io_base,
  pm->mem_hp_io_len);
diff --git a/hw/i386/acpi-dsdt-hpet.dsl b/hw/i386/acpi-dsdt-hpet.dsl
deleted file mode 100644
index 44961b8..000
--- a/hw/i386/acpi-dsdt-hpet.dsl
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, see .
- */
-
-/
- * HPET
- /
-
-Scope(\_SB) {
-Device(HPET) {
-Name(_HID, EISAID("PNP0103"))
-Name(_UID, 0)
-OperationRegion(HPTM, SystemMemory, 0xFED0, 0x400)
-Field(HPTM, DWordAcc, Lock, Preserve) {
-VEND, 32,
-PRD, 32,
-}
-Method(_STA, 0, NotSerialized) {
-Store(VEND, Local0)
-Store(PRD, Local1)
-ShiftRight(Local0, 16, Local0)
-If (LOr(LEqual(Local0, 0), LEqual(Local0, 0x))) {
-Return (0x0)
-}
-If (LOr(LEqual(Local1, 0), LGreater(Local1, 1))) {
-Return (0x0)
-}
-Return (0x0F)
-}
-Name(_CRS, ResourceTemplate() {
-Memory32Fixed(ReadOnly,
-0xFED0, // Address Base
-0x0400, // Address Length
-)
-})
-}
-}
diff 

[Qemu-devel] [PATCH v2 18/51] pc: acpi: cpuhp: move CPST() method into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/acpi/cpu_hotplug_acpi_table.c  | 22 ++
 hw/i386/acpi-build.c  |  3 ++-
 hw/i386/acpi-dsdt-cpu-hotplug.dsl | 12 
 include/hw/acpi/cpu_hotplug.h |  1 +
 4 files changed, 25 insertions(+), 13 deletions(-)

diff --git a/hw/acpi/cpu_hotplug_acpi_table.c b/hw/acpi/cpu_hotplug_acpi_table.c
index 69c37fa..90c4043 100644
--- a/hw/acpi/cpu_hotplug_acpi_table.c
+++ b/hw/acpi/cpu_hotplug_acpi_table.c
@@ -18,6 +18,8 @@
 void build_cpu_hotplug_aml(Aml *ctx)
 {
 Aml *method;
+Aml *if_ctx;
+Aml *else_ctx;
 Aml *sb_scope = aml_scope("_SB");
 uint8_t madt_tmpl[8] = {0x00, 0x08, 0x00, 0x00, 0x00, 0, 0, 0};
 Aml *cpu_id = aml_arg(0);
@@ -43,6 +45,26 @@ void build_cpu_hotplug_aml(Aml *ctx)
 aml_append(method, aml_return(madt));
 aml_append(sb_scope, method);
 
+/*
+ * _STA method - return ON status of cpu
+ * cpu_id = Arg0 = Processor ID = Local APIC ID
+ * cpu_on = Local0 = CPON flag for this cpu
+ */
+method = aml_method(CPU_STATUS_METHOD, 1, AML_NOTSERIALIZED);
+aml_append(method,
+aml_store(aml_derefof(aml_index(cpus_map, cpu_id)), cpu_on));
+if_ctx = aml_if(cpu_on);
+{
+aml_append(if_ctx, aml_return(aml_int(0xF)));
+}
+aml_append(method, if_ctx);
+else_ctx = aml_else();
+{
+aml_append(else_ctx, aml_return(aml_int(0x0)));
+}
+aml_append(method, else_ctx);
+aml_append(sb_scope, method);
+
 method = aml_method(CPU_EJECT_METHOD, 2, AML_NOTSERIALIZED);
 aml_append(method, aml_sleep(200));
 aml_append(sb_scope, method);
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 683687a..a1b4e98 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1321,7 +1321,8 @@ build_ssdt(GArray *table_data, GArray *linker,
 aml_append(dev, method);
 
 method = aml_method("_STA", 0, AML_NOTSERIALIZED);
-aml_append(method, aml_return(aml_call1("CPST", aml_int(i;
+aml_append(method,
+aml_return(aml_call1(CPU_STATUS_METHOD, aml_int(i;
 aml_append(dev, method);
 
 method = aml_method("_EJ0", 1, AML_NOTSERIALIZED);
diff --git a/hw/i386/acpi-dsdt-cpu-hotplug.dsl 
b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
index 9739191..fb75eda 100644
--- a/hw/i386/acpi-dsdt-cpu-hotplug.dsl
+++ b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
@@ -24,18 +24,6 @@ Scope(\_SB) {
 External(PRS, FieldUnitObj)
 
 /* Methods called by run-time generated SSDT Processor objects */
-Method(CPST, 1, NotSerialized) {
-// _STA method - return ON status of cpu
-// Arg0 = Processor ID = Local APIC ID
-// Local0 = CPON flag for this cpu
-Store(DerefOf(Index(CPON, Arg0)), Local0)
-If (Local0) {
-Return (0xF)
-} Else {
-Return (0x0)
-}
-}
-
 Method(PRSC, 0) {
 // Local5 = active cpu bitmap
 Store(PRS, Local5)
diff --git a/include/hw/acpi/cpu_hotplug.h b/include/hw/acpi/cpu_hotplug.h
index 40b9316..0755dd3 100644
--- a/include/hw/acpi/cpu_hotplug.h
+++ b/include/hw/acpi/cpu_hotplug.h
@@ -30,6 +30,7 @@ void acpi_cpu_hotplug_init(MemoryRegion *parent, Object 
*owner,
 #define CPU_EJECT_METHOD "CPEJ"
 #define CPU_MAT_METHOD "CPMA"
 #define CPU_ON_BITMAP "CPON"
+#define CPU_STATUS_METHOD "CPST"
 
 void build_cpu_hotplug_aml(Aml *ctx);
 #endif
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 11/51] pc: acpi: memhp: move MHPD Device into SSDT

[Igor Mammedov]

move remnants of MHPD device from DSDT into SSDT.
 i.e. Device(MHPD), _UID, _HID

Signed-off-by: Igor Mammedov 
---
 hw/acpi/memory_hotplug_acpi_table.c | 6 +-
 hw/i386/acpi-dsdt-mem-hotplug.dsl   | 7 ---
 2 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/hw/acpi/memory_hotplug_acpi_table.c 
b/hw/acpi/memory_hotplug_acpi_table.c
index 2428e84..83e739c 100644
--- a/hw/acpi/memory_hotplug_acpi_table.c
+++ b/hw/acpi/memory_hotplug_acpi_table.c
@@ -24,7 +24,7 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 
 /* scope for memory hotplug controller device node */
 pci_scope = aml_scope("_SB.PCI0");
-mem_ctrl_dev = aml_scope(stringify(MEMORY_HOTPLUG_DEVICE));
+mem_ctrl_dev = aml_device(stringify(MEMORY_HOTPLUG_DEVICE));
 {
 Aml *one = aml_int(1);
 Aml *zero = aml_int(0);
@@ -34,6 +34,10 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 Aml *ctrl_lock = aml_name(stringify(MEMORY_SLOT_LOCK));
 Aml *slot_selector = aml_name(stringify(MEMORY_SLOT_SLECTOR));
 
+aml_append(mem_ctrl_dev, aml_name_decl("_HID", aml_string("PNP0A06")));
+aml_append(mem_ctrl_dev,
+aml_name_decl("_UID", aml_string("Memory hotplug resources")));
+
 method = aml_method("_STA", 0, AML_NOTSERIALIZED);
 ifctx = aml_if(aml_equal(slots_nr, zero));
 {
diff --git a/hw/i386/acpi-dsdt-mem-hotplug.dsl 
b/hw/i386/acpi-dsdt-mem-hotplug.dsl
index 50b7541..20c5ec1 100644
--- a/hw/i386/acpi-dsdt-mem-hotplug.dsl
+++ b/hw/i386/acpi-dsdt-mem-hotplug.dsl
@@ -14,10 +14,3 @@
  */
 
 External(\_SB.PCI0.MEMORY_HOTPLUG_DEVICE.MEMORY_SLOT_SCAN_METHOD, 
MethodObj)
-
-Scope(\_SB.PCI0) {
-Device(MEMORY_HOTPLUG_DEVICE) {
-Name(_HID, "PNP0A06")
-Name(_UID, "Memory hotplug resources")
-} // Device()
-} // Scope()
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 06/51] pc: acpi: memhp: move MHPD.MRST method into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/acpi/memory_hotplug_acpi_table.c | 23 +++
 hw/i386/acpi-dsdt-mem-hotplug.dsl   | 15 ---
 2 files changed, 23 insertions(+), 15 deletions(-)

diff --git a/hw/acpi/memory_hotplug_acpi_table.c 
b/hw/acpi/memory_hotplug_acpi_table.c
index 86b8233..07d78f0 100644
--- a/hw/acpi/memory_hotplug_acpi_table.c
+++ b/hw/acpi/memory_hotplug_acpi_table.c
@@ -28,6 +28,8 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 {
 Aml *one = aml_int(1);
 Aml *zero = aml_int(0);
+Aml *ret_val = aml_local(0);
+Aml *slot_arg0 = aml_arg(0);
 Aml *slots_nr = aml_name(stringify(MEMORY_SLOTS_NUMBER));
 Aml *ctrl_lock = aml_name(stringify(MEMORY_SLOT_LOCK));
 Aml *slot_selector = aml_name(stringify(MEMORY_SLOT_SLECTOR));
@@ -100,6 +102,27 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 aml_append(method, aml_return(one));
 }
 aml_append(mem_ctrl_dev, method);
+
+method = aml_method(stringify(MEMORY_SLOT_STATUS_METHOD), 1,
+AML_NOTSERIALIZED);
+{
+Aml *slot_enabled = aml_name(stringify(MEMORY_SLOT_ENABLED));
+
+aml_append(method, aml_store(zero, ret_val));
+aml_append(method, aml_acquire(ctrl_lock, 0x));
+aml_append(method,
+aml_store(aml_to_integer(slot_arg0), slot_selector));
+
+ifctx = aml_if(aml_equal(slot_enabled, one));
+{
+aml_append(ifctx, aml_store(aml_int(0xF), ret_val));
+}
+aml_append(method, ifctx);
+
+aml_append(method, aml_release(ctrl_lock));
+aml_append(method, aml_return(ret_val));
+}
+aml_append(mem_ctrl_dev, method);
 }
 aml_append(pci_scope, mem_ctrl_dev);
 aml_append(ctx, pci_scope);
diff --git a/hw/i386/acpi-dsdt-mem-hotplug.dsl 
b/hw/i386/acpi-dsdt-mem-hotplug.dsl
index 92baf87..13e93dc 100644
--- a/hw/i386/acpi-dsdt-mem-hotplug.dsl
+++ b/hw/i386/acpi-dsdt-mem-hotplug.dsl
@@ -26,27 +26,12 @@
 External(MEMORY_SLOT_SIZE_LOW, FieldUnitObj) // read only
 External(MEMORY_SLOT_SIZE_HIGH, FieldUnitObj) // read only
 External(MEMORY_SLOT_PROXIMITY, FieldUnitObj) // read only
-External(MEMORY_SLOT_ENABLED, FieldUnitObj) // 1 if enabled, read 
only
 External(MEMORY_SLOT_EJECT, FieldUnitObj) // initiates device 
eject, write only
 External(MEMORY_SLOT_SLECTOR, FieldUnitObj) // DIMM selector, 
write only
 External(MEMORY_SLOT_OST_EVENT, FieldUnitObj) // _OST event code, 
write only
 External(MEMORY_SLOT_OST_STATUS, FieldUnitObj) // _OST status 
code, write only
 External(MEMORY_SLOT_LOCK, MutexObj)
 
-Method(MEMORY_SLOT_STATUS_METHOD, 1) {
-Store(Zero, Local0)
-
-Acquire(MEMORY_SLOT_LOCK, 0x)
-Store(ToInteger(Arg0), MEMORY_SLOT_SLECTOR) // select DIMM
-
-If (LEqual(MEMORY_SLOT_ENABLED, One)) {
-Store(0xF, Local0)
-}
-
-Release(MEMORY_SLOT_LOCK)
-Return(Local0)
-}
-
 Method(MEMORY_SLOT_CRS_METHOD, 1, Serialized) {
 Acquire(MEMORY_SLOT_LOCK, 0x)
 Store(ToInteger(Arg0), MEMORY_SLOT_SLECTOR) // select DIMM
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 42/51] pc: acpi: q35: move ISA bridge into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 54 +++
 hw/i386/q35-acpi-dsdt.dsl | 46 
 2 files changed, 54 insertions(+), 46 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 4b36364..4fdab96 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1631,8 +1631,21 @@ static void build_piix4_pci0_int(Aml *table)
 
 static void build_q35_pci0_int(Aml *table)
 {
+Aml *field;
 Aml *sb_scope = aml_scope("_SB");
 
+field = aml_field("PCI0.ISA.PIRQ", AML_BYTE_ACC, AML_NOLOCK, AML_PRESERVE);
+aml_append(field, aml_named_field("PRQA", 8));
+aml_append(field, aml_named_field("PRQB", 8));
+aml_append(field, aml_named_field("PRQC", 8));
+aml_append(field, aml_named_field("PRQD", 8));
+aml_append(field, aml_reserved_field(0x20));
+aml_append(field, aml_named_field("PRQE", 8));
+aml_append(field, aml_named_field("PRQF", 8));
+aml_append(field, aml_named_field("PRQG", 8));
+aml_append(field, aml_named_field("PRQH", 8));
+aml_append(sb_scope, field);
+
 aml_append(sb_scope, build_irq_status_method());
 aml_append(sb_scope, build_iqcr_method(false));
 
@@ -1661,6 +1674,46 @@ static void build_q35_pci0_int(Aml *table)
 aml_append(table, sb_scope);
 }
 
+static void build_q35_isa_bridge(Aml *table)
+{
+Aml *dev;
+Aml *scope;
+Aml *field;
+
+scope =  aml_scope("_SB.PCI0");
+dev = aml_device("ISA");
+aml_append(dev, aml_name_decl("_ADR", aml_int(0x001F)));
+
+/* ICH9 PCI to ISA irq remapping */
+aml_append(dev, aml_operation_region("PIRQ", AML_PCI_CONFIG,
+ 0x60, 0x0C));
+
+aml_append(dev, aml_operation_region("LPCD", AML_PCI_CONFIG,
+ 0x80, 0x02));
+field = aml_field("LPCD", AML_ANY_ACC, AML_NOLOCK, AML_PRESERVE);
+aml_append(field, aml_named_field("COMA", 3));
+aml_append(field, aml_reserved_field(1));
+aml_append(field, aml_named_field("COMB", 3));
+aml_append(field, aml_reserved_field(1));
+aml_append(field, aml_named_field("LPTD", 2));
+aml_append(field, aml_reserved_field(2));
+aml_append(field, aml_named_field("FDCD", 2));
+aml_append(dev, field);
+
+aml_append(dev, aml_operation_region("LPCE", AML_PCI_CONFIG,
+ 0x82, 0x02));
+/* enable bits */
+field = aml_field("LPCE", AML_ANY_ACC, AML_NOLOCK, AML_PRESERVE);
+aml_append(field, aml_named_field("CAEN", 1));
+aml_append(field, aml_named_field("CBEN", 1));
+aml_append(field, aml_named_field("LPEN", 1));
+aml_append(field, aml_named_field("FDEN", 1));
+aml_append(dev, field);
+
+aml_append(scope, dev);
+aml_append(table, scope);
+}
+
 static void build_piix4_pm(Aml *table)
 {
 Aml *dev;
@@ -1788,6 +1841,7 @@ build_ssdt(GArray *table_data, GArray *linker,
 build_piix4_pci0_int(ssdt);
 } else {
 build_hpet_aml(ssdt);
+build_q35_isa_bridge(ssdt);
 build_isa_devices_aml(ssdt);
 build_q35_pci0_int(ssdt);
 }
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index ec8a48c..b01d4de 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -114,39 +114,6 @@ DefinitionBlock (
 }
 
 /
- * LPC ISA bridge
- /
-
-Scope(\_SB.PCI0) {
-/* PCI D31:f0 LPC ISA bridge */
-Device(ISA) {
-Name (_ADR, 0x001F)  // _ADR: Address
-
-/* ICH9 PCI to ISA irq remapping */
-OperationRegion(PIRQ, PCI_Config, 0x60, 0x0C)
-
-OperationRegion(LPCD, PCI_Config, 0x80, 0x2)
-Field(LPCD, AnyAcc, NoLock, Preserve) {
-COMA,   3,
-,   1,
-COMB,   3,
-
-Offset(0x01),
-LPTD,   2,
-,   2,
-FDCD,   2
-}
-OperationRegion(LPCE, PCI_Config, 0x82, 0x2)
-Field(LPCE, AnyAcc, NoLock, Preserve) {
-CAEN,   1,
-CBEN,   1,
-LPEN,   1,
-FDEN,   1
-}
-}
-}
-
-/
  * PCI IRQs
  /
 
@@ -285,19 +252,6 @@ DefinitionBlock (
 }
 }
 
-Field(PCI0.ISA.PIRQ, ByteAcc, NoLock, Preserve) {
-PRQA,   8,
-PRQB,   8,
-PRQC,   8,
-PRQD,   8,
-
-Offset(0x08),
-PRQE,   8,
-PRQF,   8,
-PRQG,   8,
-PRQH,   8
-}
-
 External(LNKA, DeviceObj)
 External(LNKB, DeviceObj)
 External(LNKC, 

[Qemu-devel] [PATCH v2 20/51] pc: acpi: cpuhp: move \_GPE._E02() into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/acpi/cpu_hotplug_acpi_table.c  |  2 +-
 hw/i386/acpi-build.c  | 12 +---
 hw/i386/acpi-dsdt-cpu-hotplug.dsl | 23 ---
 hw/i386/acpi-dsdt.dsl |  9 -
 hw/i386/q35-acpi-dsdt.dsl |  9 -
 include/hw/acpi/cpu_hotplug.h |  1 +
 include/hw/acpi/pc-hotplug.h  |  1 -
 7 files changed, 11 insertions(+), 46 deletions(-)
 delete mode 100644 hw/i386/acpi-dsdt-cpu-hotplug.dsl

diff --git a/hw/acpi/cpu_hotplug_acpi_table.c b/hw/acpi/cpu_hotplug_acpi_table.c
index 8dda4f4..13b210e 100644
--- a/hw/acpi/cpu_hotplug_acpi_table.c
+++ b/hw/acpi/cpu_hotplug_acpi_table.c
@@ -71,7 +71,7 @@ void build_cpu_hotplug_aml(Aml *ctx)
 aml_append(method, aml_sleep(200));
 aml_append(sb_scope, method);
 
-method = aml_method(stringify(CPU_SCAN_METHOD), 0, AML_NOTSERIALIZED);
+method = aml_method(CPU_SCAN_METHOD, 0, AML_NOTSERIALIZED);
 {
 Aml *while_ctx, *if_ctx2, *else_ctx2;
 Aml *bus_check_evt = aml_int(1);
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 1e0b7ed..1cbc305 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1083,9 +1083,15 @@ build_ssdt(GArray *table_data, GArray *linker,
  pm->mem_hp_io_len);
 
 scope =  aml_scope("\\_GPE");
-method = aml_method("_E03", 0, AML_NOTSERIALIZED);
-aml_append(method, aml_call0(MEMORY_HOTPLUG_HANDLER_PATH));
-aml_append(scope, method);
+{
+method = aml_method("_E02", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_call0("\\_SB." CPU_SCAN_METHOD));
+aml_append(scope, method);
+
+method = aml_method("_E03", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_call0(MEMORY_HOTPLUG_HANDLER_PATH));
+aml_append(scope, method);
+}
 aml_append(ssdt, scope);
 
 bus = PC_MACHINE(machine)->bus;
diff --git a/hw/i386/acpi-dsdt-cpu-hotplug.dsl 
b/hw/i386/acpi-dsdt-cpu-hotplug.dsl
deleted file mode 100644
index 88c472b..000
--- a/hw/i386/acpi-dsdt-cpu-hotplug.dsl
+++ /dev/null
@@ -1,23 +0,0 @@
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, see .
- */
-
-/
- * CPU hotplug
- /
-
-Scope(\_SB) {
-/* Objects filled in by run-time generated SSDT */
-External(CPU_SCAN_METHOD, MethodObj)
-}
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index 6a0c656..007d3c9 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -247,11 +247,6 @@ DefinitionBlock (
 }
 }
 
-#include "hw/acpi/pc-hotplug.h"
-#define CPU_STATUS_BASE PIIX4_CPU_HOTPLUG_IO_BASE
-#include "acpi-dsdt-cpu-hotplug.dsl"
-
-
 /
  * General purpose events
  /
@@ -266,10 +261,6 @@ DefinitionBlock (
 \_SB.PCI0.PCNT()
 Release(\_SB.PCI0.BLCK)
 }
-Method(_E02) {
-// CPU hotplug event
-\_SB.CPU_SCAN_METHOD()
-}
 Method(_L04) {
 }
 Method(_L05) {
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index 7211665..0511e26 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -384,11 +384,6 @@ DefinitionBlock (
 define_gsi_link(GSIH, 0, 0x17)
 }
 
-#include "hw/acpi/pc-hotplug.h"
-#define CPU_STATUS_BASE ICH9_CPU_HOTPLUG_IO_BASE
-#include "acpi-dsdt-cpu-hotplug.dsl"
-
-
 /
  * General purpose events
  /
@@ -399,10 +394,6 @@ DefinitionBlock (
 }
 Method(_L01) {
 }
-Method(_E02) {
-// CPU hotplug event
-\_SB.CPU_SCAN_METHOD()
-}
 Method(_L04) {
 }
 Method(_L05) {
diff --git a/include/hw/acpi/cpu_hotplug.h b/include/hw/acpi/cpu_hotplug.h
index 255e70c..f22640e 100644
--- a/include/hw/acpi/cpu_hotplug.h
+++ b/include/hw/acpi/cpu_hotplug.h
@@ -32,6 +32,7 @@ void acpi_cpu_hotplug_init(MemoryRegion *parent, Object 
*owner,
 #define CPU_ON_BITMAP "CPON"
 #define CPU_STATUS_METHOD "CPST"
 #define CPU_STATUS_MAP "PRS"
+#define 

[Qemu-devel] [PATCH v2 31/51] pc: acpi: move remaining GPE handlers into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
  * unflod _L0X methods building loop and opencode it,
with intent to remove these (unused) handlers later
at refactoring time.
---
 hw/i386/acpi-build.c  | 30 +-
 hw/i386/acpi-dsdt.dsl | 40 
 hw/i386/q35-acpi-dsdt.dsl | 36 
 3 files changed, 29 insertions(+), 77 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 88deea5..a28963f 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1524,8 +1524,23 @@ build_ssdt(GArray *table_data, GArray *linker,
 build_memory_hotplug_aml(ssdt, nr_mem, pm->mem_hp_io_base,
  pm->mem_hp_io_len);
 
-scope =  aml_scope("\\_GPE");
+scope =  aml_scope("_GPE");
 {
+aml_append(scope, aml_name_decl("_HID", aml_string("ACPI0006")));
+
+aml_append(scope, aml_method("_L00", 0, AML_NOTSERIALIZED));
+
+if (misc->is_piix4) {
+method = aml_method("_E01", 0, AML_NOTSERIALIZED);
+aml_append(method,
+aml_acquire(aml_name("\\_SB.PCI0.BLCK"), 0x));
+aml_append(method, aml_call0("\\_SB.PCI0.PCNT"));
+aml_append(method, aml_release(aml_name("\\_SB.PCI0.BLCK")));
+aml_append(scope, method);
+} else {
+aml_append(scope, aml_method("_L01", 0, AML_NOTSERIALIZED));
+}
+
 method = aml_method("_E02", 0, AML_NOTSERIALIZED);
 aml_append(method, aml_call0("\\_SB." CPU_SCAN_METHOD));
 aml_append(scope, method);
@@ -1533,6 +1548,19 @@ build_ssdt(GArray *table_data, GArray *linker,
 method = aml_method("_E03", 0, AML_NOTSERIALIZED);
 aml_append(method, aml_call0(MEMORY_HOTPLUG_HANDLER_PATH));
 aml_append(scope, method);
+
+aml_append(scope, aml_method("_L04", 0, AML_NOTSERIALIZED));
+aml_append(scope, aml_method("_L05", 0, AML_NOTSERIALIZED));
+aml_append(scope, aml_method("_L06", 0, AML_NOTSERIALIZED));
+aml_append(scope, aml_method("_L07", 0, AML_NOTSERIALIZED));
+aml_append(scope, aml_method("_L08", 0, AML_NOTSERIALIZED));
+aml_append(scope, aml_method("_L09", 0, AML_NOTSERIALIZED));
+aml_append(scope, aml_method("_L0A", 0, AML_NOTSERIALIZED));
+aml_append(scope, aml_method("_L0B", 0, AML_NOTSERIALIZED));
+aml_append(scope, aml_method("_L0C", 0, AML_NOTSERIALIZED));
+aml_append(scope, aml_method("_L0D", 0, AML_NOTSERIALIZED));
+aml_append(scope, aml_method("_L0E", 0, AML_NOTSERIALIZED));
+aml_append(scope, aml_method("_L0F", 0, AML_NOTSERIALIZED));
 }
 aml_append(ssdt, scope);
 
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index 11e2e61..c9b2725 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -197,44 +197,4 @@ DefinitionBlock (
 Method(_SRS, 1, NotSerialized) { }
 }
 }
-
-/
- * General purpose events
- /
-Scope(\_GPE) {
-Name(_HID, "ACPI0006")
-
-Method(_L00) {
-}
-Method(_E01) {
-// PCI hotplug event
-Acquire(\_SB.PCI0.BLCK, 0x)
-\_SB.PCI0.PCNT()
-Release(\_SB.PCI0.BLCK)
-}
-Method(_L04) {
-}
-Method(_L05) {
-}
-Method(_L06) {
-}
-Method(_L07) {
-}
-Method(_L08) {
-}
-Method(_L09) {
-}
-Method(_L0A) {
-}
-Method(_L0B) {
-}
-Method(_L0C) {
-}
-Method(_L0D) {
-}
-Method(_L0E) {
-}
-Method(_L0F) {
-}
-}
 }
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index 4862ded..e157615 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -375,40 +375,4 @@ DefinitionBlock (
 define_gsi_link(GSIG, 0, 0x16)
 define_gsi_link(GSIH, 0, 0x17)
 }
-
-/
- * General purpose events
- /
-Scope(\_GPE) {
-Name(_HID, "ACPI0006")
-
-Method(_L00) {
-}
-Method(_L01) {
-}
-Method(_L04) {
-}
-Method(_L05) {
-}
-Method(_L06) {
-}
-Method(_L07) {
-}
-Method(_L08) {
-}
-Method(_L09) {
-}
-Method(_L0A) {
-}
-Method(_L0B) {
-}
-Method(_L0C) {
-}
-Method(_L0D) {
-}
-Method(_L0E) {
-}
-Method(_L0F) {
-}
-}
 }
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 48/51] pc: acpi: q35: move PCI0 device definition into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 14 +-
 hw/i386/q35-acpi-dsdt.dsl | 13 -
 2 files changed, 9 insertions(+), 18 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 4effa32..d9925cd 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1981,11 +1981,15 @@ build_ssdt(GArray *table_data, GArray *linker,
 build_piix4_pci0_int(ssdt);
 } else {
 sb_scope = aml_scope("_SB");
-scope = aml_scope("PCI0");
-aml_append(scope, aml_name_decl("SUPP", aml_int(0)));
-aml_append(scope, aml_name_decl("CTRL", aml_int(0)));
-aml_append(scope, build_q35_osc_method());
-aml_append(sb_scope, scope);
+dev = aml_device("PCI0");
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0A08")));
+aml_append(dev, aml_name_decl("_CID", aml_eisaid("PNP0A03")));
+aml_append(dev, aml_name_decl("_ADR", aml_int(0)));
+aml_append(dev, aml_name_decl("_UID", aml_int(1)));
+aml_append(dev, aml_name_decl("SUPP", aml_int(0)));
+aml_append(dev, aml_name_decl("CTRL", aml_int(0)));
+aml_append(dev, build_q35_osc_method());
+aml_append(sb_scope, dev);
 aml_append(ssdt, sb_scope);
 
 build_hpet_aml(ssdt);
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index b53663c..f234f5c 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -42,17 +42,4 @@ DefinitionBlock (
 PCIB, 8,
 }
 }
-
-
-/
- * PCI Bus definition
- /
-Scope(\_SB) {
-Device(PCI0) {
-Name(_HID, EisaId("PNP0A08"))
-Name(_CID, EisaId("PNP0A03"))
-Name(_ADR, 0x00)
-Name(_UID, 1)
-}
-}
 }
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 50/51] pc: acpi: switch to AML API composed DSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c | 235 +--
 1 file changed, 115 insertions(+), 120 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index ebeab17..ce27051 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -53,9 +53,6 @@
 #include "hw/i386/intel_iommu.h"
 #include "hw/timer/hpet.h"
 
-#include "hw/i386/q35-acpi-dsdt.hex"
-#include "hw/i386/acpi-dsdt.hex"
-
 #include "hw/acpi/aml-build.h"
 
 #include "qapi/qmp/qint.h"
@@ -124,24 +121,6 @@ typedef struct AcpiBuildPciBusHotplugState {
 bool pcihp_bridge_en;
 } AcpiBuildPciBusHotplugState;
 
-static void acpi_get_dsdt(AcpiMiscInfo *info)
-{
-Object *piix = piix4_pm_find();
-Object *lpc = ich9_lpc_find();
-assert(!!piix != !!lpc);
-
-if (piix) {
-info->is_piix4 = true;
-info->dsdt_code = AcpiDsdtAmlCode;
-info->dsdt_size = sizeof AcpiDsdtAmlCode;
-}
-if (lpc) {
-info->is_piix4 = false;
-info->dsdt_code = Q35AcpiDsdtAmlCode;
-info->dsdt_size = sizeof Q35AcpiDsdtAmlCode;
-}
-}
-
 static
 int acpi_add_cpu_info(Object *o, void *opaque)
 {
@@ -240,6 +219,17 @@ static void acpi_get_pm_info(AcpiPmInfo *pm)
 
 static void acpi_get_misc_info(AcpiMiscInfo *info)
 {
+Object *piix = piix4_pm_find();
+Object *lpc = ich9_lpc_find();
+assert(!!piix != !!lpc);
+
+if (piix) {
+info->is_piix4 = true;
+}
+if (lpc) {
+info->is_piix4 = false;
+}
+
 info->has_hpet = hpet_find();
 info->tpm_version = tpm_get_version();
 info->pvpanic_port = pvpanic_port();
@@ -1963,95 +1953,6 @@ build_ssdt(GArray *table_data, GArray *linker,
 /* Reserve space for header */
 acpi_data_push(ssdt->buf, sizeof(AcpiTableHeader));
 
-build_dbg_aml(ssdt);
-if (misc->is_piix4) {
-sb_scope = aml_scope("_SB");
-dev = aml_device("PCI0");
-aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0A03")));
-aml_append(dev, aml_name_decl("_ADR", aml_int(0)));
-aml_append(dev, aml_name_decl("_UID", aml_int(1)));
-aml_append(sb_scope, dev);
-aml_append(ssdt, sb_scope);
-
-build_hpet_aml(ssdt);
-build_piix4_pm(ssdt);
-build_piix4_isa_bridge(ssdt);
-build_isa_devices_aml(ssdt);
-build_piix4_pci_hotplug(ssdt);
-build_piix4_pci0_int(ssdt);
-} else {
-sb_scope = aml_scope("_SB");
-aml_append(sb_scope,
-aml_operation_region("PCST", AML_SYSTEM_IO, 0xae00, 0x0c));
-aml_append(sb_scope,
-aml_operation_region("PCSB", AML_SYSTEM_IO, 0xae0c, 0x01));
-field = aml_field("PCSB", AML_ANY_ACC, AML_NOLOCK, AML_WRITE_AS_ZEROS);
-aml_append(field, aml_named_field("PCIB", 8));
-aml_append(sb_scope, field);
-aml_append(ssdt, sb_scope);
-
-sb_scope = aml_scope("_SB");
-dev = aml_device("PCI0");
-aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0A08")));
-aml_append(dev, aml_name_decl("_CID", aml_eisaid("PNP0A03")));
-aml_append(dev, aml_name_decl("_ADR", aml_int(0)));
-aml_append(dev, aml_name_decl("_UID", aml_int(1)));
-aml_append(dev, aml_name_decl("SUPP", aml_int(0)));
-aml_append(dev, aml_name_decl("CTRL", aml_int(0)));
-aml_append(dev, build_q35_osc_method());
-aml_append(sb_scope, dev);
-aml_append(ssdt, sb_scope);
-
-build_hpet_aml(ssdt);
-build_q35_isa_bridge(ssdt);
-build_isa_devices_aml(ssdt);
-build_q35_pci0_int(ssdt);
-}
-
-build_cpu_hotplug_aml(ssdt);
-build_memory_hotplug_aml(ssdt, nr_mem, pm->mem_hp_io_base,
- pm->mem_hp_io_len);
-
-scope =  aml_scope("_GPE");
-{
-aml_append(scope, aml_name_decl("_HID", aml_string("ACPI0006")));
-
-aml_append(scope, aml_method("_L00", 0, AML_NOTSERIALIZED));
-
-if (misc->is_piix4) {
-method = aml_method("_E01", 0, AML_NOTSERIALIZED);
-aml_append(method,
-aml_acquire(aml_name("\\_SB.PCI0.BLCK"), 0x));
-aml_append(method, aml_call0("\\_SB.PCI0.PCNT"));
-aml_append(method, aml_release(aml_name("\\_SB.PCI0.BLCK")));
-aml_append(scope, method);
-} else {
-aml_append(scope, aml_method("_L01", 0, AML_NOTSERIALIZED));
-}
-
-method = aml_method("_E02", 0, AML_NOTSERIALIZED);
-aml_append(method, aml_call0("\\_SB." CPU_SCAN_METHOD));
-aml_append(scope, method);
-
-method = aml_method("_E03", 0, AML_NOTSERIALIZED);
-aml_append(method, aml_call0(MEMORY_HOTPLUG_HANDLER_PATH));
-aml_append(scope, method);
-
-aml_append(scope, aml_method("_L04", 0, AML_NOTSERIALIZED));
-aml_append(scope, aml_method("_L05", 0, AML_NOTSERIALIZED));
-aml_append(scope, aml_method("_L06", 0, 

[Qemu-devel] [PATCH v2 51/51] pc: acpi: remove unused ASL templates and related blobs/utils

[Igor Mammedov]

QEMU now uses internally composed DSDT so drop now
empty *.dsl templates and related *.generated
binary blobs.

Also since templates are not used anymore/obolete
remove utility scripts used for extracting/patching
AML blobs compiled by IASL and for updating them
in git tree.

Signed-off-by: Igor Mammedov 
---
 hw/i386/Makefile.objs   |   30 -
 hw/i386/acpi-dsdt.dsl   |   33 -
 hw/i386/acpi-dsdt.hex.generated | 2972 --
 hw/i386/q35-acpi-dsdt.dsl   |   40 -
 hw/i386/q35-acpi-dsdt.hex.generated | 7610 ---
 scripts/acpi_extract.py |  367 --
 scripts/acpi_extract_preprocess.py  |   51 -
 scripts/update-acpi.sh  |4 -
 8 files changed, 11107 deletions(-)
 delete mode 100644 hw/i386/acpi-dsdt.dsl
 delete mode 100644 hw/i386/acpi-dsdt.hex.generated
 delete mode 100644 hw/i386/q35-acpi-dsdt.dsl
 delete mode 100644 hw/i386/q35-acpi-dsdt.hex.generated
 delete mode 100755 scripts/acpi_extract.py
 delete mode 100755 scripts/acpi_extract_preprocess.py
 delete mode 100644 scripts/update-acpi.sh

diff --git a/hw/i386/Makefile.objs b/hw/i386/Makefile.objs
index c250deb..b52d5b8 100644
--- a/hw/i386/Makefile.objs
+++ b/hw/i386/Makefile.objs
@@ -8,33 +8,3 @@ obj-$(CONFIG_XEN) += ../xenpv/ xen/
 obj-y += kvmvapic.o
 obj-y += acpi-build.o
 obj-y += pci-assign-load-rom.o
-
-gen-hex-y += hw/i386/acpi-dsdt.hex
-gen-hex-y += hw/i386/q35-acpi-dsdt.hex
-
-hw/i386/acpi-build.o: hw/i386/acpi-build.c \
-   $(gen-hex-y)
-
--include $(gen-hex-y:.hex=.d)
-
-iasl-option=$(shell if test -z "`$(1) $(2) 2>&1 > /dev/null`" \
-; then echo "$(2)"; else echo "$(3)"; fi ;)
-
-ifdef IASL
-#IASL Present. Generate hex files from .dsl
-hw/i386/%.hex: $(SRC_PATH)/hw/i386/%.dsl 
$(SRC_PATH)/scripts/acpi_extract_preprocess.py 
$(SRC_PATH)/scripts/acpi_extract.py
-   $(call quiet-command, $(CPP) -x c -P $(QEMU_DGFLAGS) $(QEMU_INCLUDES) 
$< -o $*.dsl.i.orig, "  CPP $(TARGET_DIR)$*.dsl.i.orig")
-   $(call quiet-command, $(PYTHON) 
$(SRC_PATH)/scripts/acpi_extract_preprocess.py $*.dsl.i.orig > $*.dsl.i, "  
ACPI_PREPROCESS $(TARGET_DIR)$*.dsl.i")
-   $(call quiet-command, $(IASL) $(call iasl-option,$(IASL),-Pn,) -vs -l 
-tc -p $* $*.dsl.i $(if $(V), , > /dev/null) 2>&1 ,"  IASL 
$(TARGET_DIR)$*.dsl.i")
-   $(call quiet-command, $(PYTHON) $(SRC_PATH)/scripts/acpi_extract.py 
$*.lst > $*.off, "  ACPI_EXTRACT $(TARGET_DIR)$*.off")
-   $(call quiet-command, cat $*.off > $@, "  CAT $(TARGET_DIR)$@")
-else
-#IASL Not present. Restore pre-generated hex files.
-hw/i386/%.hex: $(SRC_PATH)/hw/i386/%.hex.generated
-   $(call quiet-command, cp -f $< $@, "  CP $(TARGET_DIR)$@")
-endif
-
-.PHONY: cleanhex
-cleanhex:
-   rm -f hw/i386/*hex
-clean: cleanhex
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
deleted file mode 100644
index 82e4470..000
--- a/hw/i386/acpi-dsdt.dsl
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
- * Bochs/QEMU ACPI DSDT ASL definition
- *
- * Copyright (c) 2006 Fabrice Bellard
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License version 2 as published by the Free Software Foundation.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
- */
-
-ACPI_EXTRACT_ALL_CODE AcpiDsdtAmlCode
-
-DefinitionBlock (
-"acpi-dsdt.aml",// Output Filename
-"DSDT", // Signature
-0x01,   // DSDT Compliance Revision
-"BXPC", // OEMID
-"BXDSDT",   // TABLE ID
-0x1 // OEM Revision
-)
-{
-Scope(\_SB) {
-}
-}
diff --git a/hw/i386/acpi-dsdt.hex.generated b/hw/i386/acpi-dsdt.hex.generated
deleted file mode 100644
index ecaa4a5..000
--- a/hw/i386/acpi-dsdt.hex.generated
+++ /dev/null
@@ -1,2972 +0,0 @@
-static unsigned char AcpiDsdtAmlCode[] = {
-0x44,
-0x53,
-0x44,
-0x54,
-0x9a,
-0xb,
-0x0,
-0x0,
-0x1,
-0xf8,
-0x42,
-0x58,
-0x50,
-0x43,
-0x0,
-0x0,
-0x42,
-0x58,
-0x44,
-0x53,
-0x44,
-0x54,
-0x0,
-0x0,
-0x1,
-0x0,
-0x0,
-0x0,
-0x49,
-0x4e,
-0x54,
-0x4c,
-0x7,
-0x11,
-0x14,
-0x20,
-0x10,
-0x49,
-0x4,
-0x5c,
-0x0,
-0x5b,
-0x80,
-0x44,
-0x42,
-0x47,
-0x5f,
-0x1,
-0xb,
-0x2,
-0x4,
-0x1,
-0x5b,
-0x81,
-0xb,
-0x44,
-0x42,
-0x47,
-0x5f,
-0x1,
-0x44,
-0x42,
-0x47,
-0x42,
-0x8,
-0x14,
-0x2c,
-0x44,
-0x42,
-0x55,
-0x47,
-0x1,
-0x98,
-0x68,
-0x60,
-0x96,
-0x60,
-0x60,
-0x74,
-0x87,
-0x60,
-0x1,
-0x61,
-0x70,
-0x0,
-0x62,
-0xa2,
-0x10,
-0x95,
-0x62,
-0x61,
-0x70,
-0x83,
-0x88,
-0x60,
-0x62,
-0x0,
-0x44,

[Qemu-devel] [PATCH v2 10/51] pc: acpi: memhp: move MHPD.MCRS method into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/acpi/memory_hotplug_acpi_table.c | 92 +
 hw/i386/acpi-dsdt-mem-hotplug.dsl   | 72 -
 2 files changed, 92 insertions(+), 72 deletions(-)

diff --git a/hw/acpi/memory_hotplug_acpi_table.c 
b/hw/acpi/memory_hotplug_acpi_table.c
index c2bfcd6..2428e84 100644
--- a/hw/acpi/memory_hotplug_acpi_table.c
+++ b/hw/acpi/memory_hotplug_acpi_table.c
@@ -124,6 +124,98 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 }
 aml_append(mem_ctrl_dev, method);
 
+method = aml_method(stringify(MEMORY_SLOT_CRS_METHOD), 1,
+AML_SERIALIZED);
+{
+Aml *mr64 = aml_name("MR64");
+Aml *mr32 = aml_name("MR32");
+Aml *crs_tmpl = aml_resource_template();
+Aml *minl = aml_name("MINL");
+Aml *minh = aml_name("MINH");
+Aml *maxl =  aml_name("MAXL");
+Aml *maxh =  aml_name("MAXH");
+Aml *lenl = aml_name("LENL");
+Aml *lenh = aml_name("LENH");
+
+aml_append(method, aml_acquire(ctrl_lock, 0x));
+aml_append(method, aml_store(aml_to_integer(slot_arg0),
+ slot_selector));
+
+aml_append(crs_tmpl,
+aml_qword_memory(AML_POS_DECODE, AML_MIN_FIXED, AML_MAX_FIXED,
+ AML_CACHEABLE, AML_READ_WRITE,
+ 0, 0x0, 0xFFFE, 0,
+ 0x));
+aml_append(method, aml_name_decl("MR64", crs_tmpl));
+aml_append(method,
+aml_create_dword_field(mr64, aml_int(14), "MINL"));
+aml_append(method,
+aml_create_dword_field(mr64, aml_int(18), "MINH"));
+aml_append(method,
+aml_create_dword_field(mr64, aml_int(38), "LENL"));
+aml_append(method,
+aml_create_dword_field(mr64, aml_int(42), "LENH"));
+aml_append(method,
+aml_create_dword_field(mr64, aml_int(22), "MAXL"));
+aml_append(method,
+aml_create_dword_field(mr64, aml_int(26), "MAXH"));
+
+aml_append(method,
+aml_store(aml_name(stringify(MEMORY_SLOT_ADDR_HIGH)), minh));
+aml_append(method,
+aml_store(aml_name(stringify(MEMORY_SLOT_ADDR_LOW)), minl));
+aml_append(method,
+aml_store(aml_name(stringify(MEMORY_SLOT_SIZE_HIGH)), lenh));
+aml_append(method,
+aml_store(aml_name(stringify(MEMORY_SLOT_SIZE_LOW)), lenl));
+
+/* 64-bit math: MAX = MIN + LEN - 1 */
+aml_append(method, aml_add(minl, lenl, maxl));
+aml_append(method, aml_add(minh, lenh, maxh));
+ifctx = aml_if(aml_lless(maxl, minl));
+{
+aml_append(ifctx, aml_add(maxh, one, maxh));
+}
+aml_append(method, ifctx);
+ifctx = aml_if(aml_lless(maxl, one));
+{
+aml_append(ifctx, aml_subtract(maxh, one, maxh));
+}
+aml_append(method, ifctx);
+aml_append(method, aml_subtract(maxl, one, maxl));
+
+/* return 32-bit _CRS if addr/size is in low mem */
+/* TODO: remove it since all hotplugged DIMMs are in high mem */
+ifctx = aml_if(aml_equal(maxh, zero));
+{
+crs_tmpl = aml_resource_template();
+aml_append(crs_tmpl,
+aml_dword_memory(AML_POS_DECODE, AML_MIN_FIXED,
+ AML_MAX_FIXED, AML_CACHEABLE,
+ AML_READ_WRITE,
+ 0, 0x0, 0xFFFE, 0,
+ 0x));
+aml_append(ifctx, aml_name_decl("MR32", crs_tmpl));
+aml_append(ifctx,
+aml_create_dword_field(mr32, aml_int(10), "MIN"));
+aml_append(ifctx,
+aml_create_dword_field(mr32, aml_int(14), "MAX"));
+aml_append(ifctx,
+aml_create_dword_field(mr32, aml_int(22), "LEN"));
+aml_append(ifctx, aml_store(minl, aml_name("MIN")));
+aml_append(ifctx, aml_store(maxl, aml_name("MAX")));
+aml_append(ifctx, aml_store(lenl, aml_name("LEN")));
+
+aml_append(ifctx, aml_release(ctrl_lock));
+aml_append(ifctx, aml_return(mr32));
+}
+aml_append(method, ifctx);
+
+aml_append(method, aml_release(ctrl_lock));
+aml_append(method, aml_return(mr64));
+}
+aml_append(mem_ctrl_dev, method);
+
 method = aml_method(stringify(MEMORY_SLOT_PROXIMITY_METHOD), 1,
 

[Qemu-devel] [PATCH v2 07/51] pc: acpi: memhp: move MHPD.MPXM method into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/acpi/memory_hotplug_acpi_table.c | 14 ++
 hw/i386/acpi-dsdt-mem-hotplug.dsl   |  9 -
 2 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/hw/acpi/memory_hotplug_acpi_table.c 
b/hw/acpi/memory_hotplug_acpi_table.c
index 07d78f0..5289014 100644
--- a/hw/acpi/memory_hotplug_acpi_table.c
+++ b/hw/acpi/memory_hotplug_acpi_table.c
@@ -123,6 +123,20 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 aml_append(method, aml_return(ret_val));
 }
 aml_append(mem_ctrl_dev, method);
+
+method = aml_method(stringify(MEMORY_SLOT_PROXIMITY_METHOD), 1,
+AML_NOTSERIALIZED);
+{
+Aml *proximity = aml_name(stringify(MEMORY_SLOT_PROXIMITY));
+
+aml_append(method, aml_acquire(ctrl_lock, 0x));
+aml_append(method, aml_store(aml_to_integer(slot_arg0),
+ slot_selector));
+aml_append(method, aml_store(proximity, ret_val));
+aml_append(method, aml_release(ctrl_lock));
+aml_append(method, aml_return(ret_val));
+}
+aml_append(mem_ctrl_dev, method);
 }
 aml_append(pci_scope, mem_ctrl_dev);
 aml_append(ctx, pci_scope);
diff --git a/hw/i386/acpi-dsdt-mem-hotplug.dsl 
b/hw/i386/acpi-dsdt-mem-hotplug.dsl
index 13e93dc..02fecf2 100644
--- a/hw/i386/acpi-dsdt-mem-hotplug.dsl
+++ b/hw/i386/acpi-dsdt-mem-hotplug.dsl
@@ -25,7 +25,6 @@
 External(MEMORY_SLOT_ADDR_HIGH, FieldUnitObj) // read only
 External(MEMORY_SLOT_SIZE_LOW, FieldUnitObj) // read only
 External(MEMORY_SLOT_SIZE_HIGH, FieldUnitObj) // read only
-External(MEMORY_SLOT_PROXIMITY, FieldUnitObj) // read only
 External(MEMORY_SLOT_EJECT, FieldUnitObj) // initiates device 
eject, write only
 External(MEMORY_SLOT_SLECTOR, FieldUnitObj) // DIMM selector, 
write only
 External(MEMORY_SLOT_OST_EVENT, FieldUnitObj) // _OST event code, 
write only
@@ -96,14 +95,6 @@
 Return(MR64)
 }
 
-Method(MEMORY_SLOT_PROXIMITY_METHOD, 1) {
-Acquire(MEMORY_SLOT_LOCK, 0x)
-Store(ToInteger(Arg0), MEMORY_SLOT_SLECTOR) // select DIMM
-Store(MEMORY_SLOT_PROXIMITY, Local0)
-Release(MEMORY_SLOT_LOCK)
-Return(Local0)
-}
-
 Method(MEMORY_SLOT_OST_METHOD, 4) {
 Acquire(MEMORY_SLOT_LOCK, 0x)
 Store(ToInteger(Arg0), MEMORY_SLOT_SLECTOR) // select DIMM
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 01/51] tests: acpi: print ASL diff in verbose mode

[Igor Mammedov]

print ASL difference if there is any when
executing 'make V=1 check'.
Use 'DIFF' environment variable to determine
which diff utility to use and if it's not set
notify user by printing warning that DIFF is
not set if run in verbose mode and there is
difference in ASL.

Signed-off-by: Igor Mammedov 
---
 tests/bios-tables-test.c | 16 
 1 file changed, 16 insertions(+)

diff --git a/tests/bios-tables-test.c b/tests/bios-tables-test.c
index 6d37332..75ec330 100644
--- a/tests/bios-tables-test.c
+++ b/tests/bios-tables-test.c
@@ -580,6 +580,22 @@ static void test_acpi_asl(test_data *data)
 (gchar *),
 sdt->asl_file, sdt->aml_file,
 exp_sdt->asl_file, exp_sdt->aml_file);
+if (getenv("V")) {
+const char *diff_cmd = getenv("DIFF");
+if (diff_cmd) {
+int ret G_GNUC_UNUSED;
+char *diff = g_strdup_printf("%s %s %s", diff_cmd,
+exp_sdt->asl_file, sdt->asl_file);
+ret = system(diff) ;
+g_free(diff);
+} else {
+fprintf(stderr, "acpi-test: Warning. not showing "
+"difference since no diff utility is specified. "
+"Set 'DIFF' environment variable to a preferred "
+"diff utility and run 'make V=1 check' again to "
+"see ASL difference.");
+}
+}
   }
 }
 g_string_free(asl, true);
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 03/51] pc: acpi: memhp: move MHPD._STA method into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
v3:
 - drop ASL comment
 - s/ctrl_dev/mem_ctrl_dev/
 - move locals 'zero', 'slots_nr' inside if block
v2:
 - add parentheses around ifctx block
   Suggested-by: Marcel Apfelbaum 
---
 hw/acpi/memory_hotplug_acpi_table.c | 14 ++
 hw/i386/acpi-dsdt-mem-hotplug.dsl   |  8 
 2 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/hw/acpi/memory_hotplug_acpi_table.c 
b/hw/acpi/memory_hotplug_acpi_table.c
index 35fefba..a21ef6f 100644
--- a/hw/acpi/memory_hotplug_acpi_table.c
+++ b/hw/acpi/memory_hotplug_acpi_table.c
@@ -17,6 +17,8 @@
 void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
   uint16_t io_base, uint16_t io_len)
 {
+Aml *ifctx;
+Aml *method;
 Aml *pci_scope;
 Aml *mem_ctrl_dev;
 
@@ -24,6 +26,18 @@ void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
 pci_scope = aml_scope("_SB.PCI0");
 mem_ctrl_dev = aml_scope(stringify(MEMORY_HOTPLUG_DEVICE));
 {
+Aml *zero = aml_int(0);
+Aml *slots_nr = aml_name(stringify(MEMORY_SLOTS_NUMBER));
+
+method = aml_method("_STA", 0, AML_NOTSERIALIZED);
+ifctx = aml_if(aml_equal(slots_nr, zero));
+{
+aml_append(ifctx, aml_return(zero));
+}
+aml_append(method, ifctx);
+/* present, functioning, decoding, not shown in UI */
+aml_append(method, aml_return(aml_int(0xB)));
+aml_append(mem_ctrl_dev, method);
 }
 aml_append(pci_scope, mem_ctrl_dev);
 aml_append(ctx, pci_scope);
diff --git a/hw/i386/acpi-dsdt-mem-hotplug.dsl 
b/hw/i386/acpi-dsdt-mem-hotplug.dsl
index c2bb6a1..b4eacc9 100644
--- a/hw/i386/acpi-dsdt-mem-hotplug.dsl
+++ b/hw/i386/acpi-dsdt-mem-hotplug.dsl
@@ -35,14 +35,6 @@
 External(MEMORY_SLOT_OST_EVENT, FieldUnitObj) // _OST event code, 
write only
 External(MEMORY_SLOT_OST_STATUS, FieldUnitObj) // _OST status 
code, write only
 
-Method(_STA, 0) {
-If (LEqual(MEMORY_SLOTS_NUMBER, Zero)) {
-Return(0x0)
-}
-/* present, functioning, decoding, not shown in UI */
-Return(0xB)
-}
-
 Mutex (MEMORY_SLOT_LOCK, 0)
 
 Method(MEMORY_SLOT_SCAN_METHOD, 0) {
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 12/51] pc: acpi: factor out memhp code from build_ssdt() into separate function

[Igor Mammedov]

before consolidating memhp code in memory_hotplug_acpi_table.c
and for simplifying review, first factor out memhp code into
new function build_memory_devices() in i386/acpi-build.c

Signed-off-by: Igor Mammedov 

PS:
   no functional change, only code movement.
---
 hw/i386/acpi-build.c | 239 +++
 1 file changed, 126 insertions(+), 113 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index e365047..a4a90b3 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -929,6 +929,130 @@ static Aml *build_crs(PCIHostState *host,
 return crs;
 }
 
+static void build_memory_devices(Aml *sb_scope, int nr_mem,
+ uint16_t io_base, uint16_t io_len)
+{
+int i;
+Aml *scope;
+Aml *crs;
+Aml *field;
+Aml *dev;
+Aml *method;
+Aml *ifctx;
+
+/* build memory devices */
+assert(nr_mem <= ACPI_MAX_RAM_SLOTS);
+scope = aml_scope("\\_SB.PCI0." stringify(MEMORY_HOTPLUG_DEVICE));
+aml_append(scope,
+aml_name_decl(stringify(MEMORY_SLOTS_NUMBER), aml_int(nr_mem))
+);
+
+crs = aml_resource_template();
+aml_append(crs,
+aml_io(AML_DECODE16, io_base, io_base, 0, io_len)
+);
+aml_append(scope, aml_name_decl("_CRS", crs));
+
+aml_append(scope, aml_operation_region(
+stringify(MEMORY_HOTPLUG_IO_REGION), AML_SYSTEM_IO,
+io_base, io_len)
+);
+
+field = aml_field(stringify(MEMORY_HOTPLUG_IO_REGION), AML_DWORD_ACC,
+  AML_NOLOCK, AML_PRESERVE);
+aml_append(field, /* read only */
+aml_named_field(stringify(MEMORY_SLOT_ADDR_LOW), 32));
+aml_append(field, /* read only */
+aml_named_field(stringify(MEMORY_SLOT_ADDR_HIGH), 32));
+aml_append(field, /* read only */
+aml_named_field(stringify(MEMORY_SLOT_SIZE_LOW), 32));
+aml_append(field, /* read only */
+aml_named_field(stringify(MEMORY_SLOT_SIZE_HIGH), 32));
+aml_append(field, /* read only */
+aml_named_field(stringify(MEMORY_SLOT_PROXIMITY), 32));
+aml_append(scope, field);
+
+field = aml_field(stringify(MEMORY_HOTPLUG_IO_REGION), AML_BYTE_ACC,
+  AML_NOLOCK, AML_WRITE_AS_ZEROS);
+aml_append(field, aml_reserved_field(160 /* bits, Offset(20) */));
+aml_append(field, /* 1 if enabled, read only */
+aml_named_field(stringify(MEMORY_SLOT_ENABLED), 1));
+aml_append(field,
+/*(read) 1 if has a insert event. (write) 1 to clear event */
+aml_named_field(stringify(MEMORY_SLOT_INSERT_EVENT), 1));
+aml_append(field,
+/* (read) 1 if has a remove event. (write) 1 to clear event */
+aml_named_field(stringify(MEMORY_SLOT_REMOVE_EVENT), 1));
+aml_append(field,
+/* initiates device eject, write only */
+aml_named_field(stringify(MEMORY_SLOT_EJECT), 1));
+aml_append(scope, field);
+
+field = aml_field(stringify(MEMORY_HOTPLUG_IO_REGION), AML_DWORD_ACC,
+  AML_NOLOCK, AML_PRESERVE);
+aml_append(field, /* DIMM selector, write only */
+aml_named_field(stringify(MEMORY_SLOT_SLECTOR), 32));
+aml_append(field, /* _OST event code, write only */
+aml_named_field(stringify(MEMORY_SLOT_OST_EVENT), 32));
+aml_append(field, /* _OST status code, write only */
+aml_named_field(stringify(MEMORY_SLOT_OST_STATUS), 32));
+aml_append(scope, field);
+aml_append(sb_scope, scope);
+
+for (i = 0; i < nr_mem; i++) {
+#define BASEPATH "\\_SB.PCI0." stringify(MEMORY_HOTPLUG_DEVICE) "."
+const char *s;
+
+dev = aml_device("MP%02X", i);
+aml_append(dev, aml_name_decl("_UID", aml_string("0x%02X", i)));
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0C80")));
+
+method = aml_method("_CRS", 0, AML_NOTSERIALIZED);
+s = BASEPATH stringify(MEMORY_SLOT_CRS_METHOD);
+aml_append(method, aml_return(aml_call1(s, aml_name("_UID";
+aml_append(dev, method);
+
+method = aml_method("_STA", 0, AML_NOTSERIALIZED);
+s = BASEPATH stringify(MEMORY_SLOT_STATUS_METHOD);
+aml_append(method, aml_return(aml_call1(s, aml_name("_UID";
+aml_append(dev, method);
+
+method = aml_method("_PXM", 0, AML_NOTSERIALIZED);
+s = BASEPATH stringify(MEMORY_SLOT_PROXIMITY_METHOD);
+aml_append(method, aml_return(aml_call1(s, aml_name("_UID";
+aml_append(dev, method);
+
+method = aml_method("_OST", 3, AML_NOTSERIALIZED);
+s = BASEPATH stringify(MEMORY_SLOT_OST_METHOD);
+aml_append(method, aml_return(aml_call4(
+s, aml_name("_UID"), aml_arg(0), aml_arg(1), aml_arg(2)
+)));
+aml_append(dev, method);
+
+method = aml_method("_EJ0", 1, AML_NOTSERIALIZED);
+s = BASEPATH stringify(MEMORY_SLOT_EJECT_METHOD);
+aml_append(method, aml_return(aml_call2(
+   

[Qemu-devel] [PATCH v2 25/51] pc: acpi: move KBD device from DSDT to SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 22 ++
 hw/i386/acpi-dsdt-isa.dsl | 12 
 2 files changed, 22 insertions(+), 12 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index aa40132..8c4c003 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1208,6 +1208,27 @@ static Aml *build_rtc_device_aml(void)
 aml_append(crs, aml_io(AML_DECODE16, 0x0070, 0x0070, 0x10, 0x02));
 aml_append(crs, aml_irq_no_flags(8));
 aml_append(crs, aml_io(AML_DECODE16, 0x0072, 0x0072, 0x02, 0x06));
+
+return dev;
+}
+
+static Aml *build_kbd_device_aml(void)
+{
+Aml *dev;
+Aml *crs;
+Aml *method;
+
+dev = aml_device("KBD");
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0303")));
+
+method = aml_method("_STA", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_return(aml_int(0x0f)));
+aml_append(dev, method);
+
+crs = aml_resource_template();
+aml_append(crs, aml_io(AML_DECODE16, 0x0060, 0x0060, 0x01, 0x01));
+aml_append(crs, aml_io(AML_DECODE16, 0x0064, 0x0064, 0x01, 0x01));
+aml_append(crs, aml_irq_no_flags(1));
 aml_append(dev, aml_name_decl("_CRS", crs));
 
 return dev;
@@ -1218,6 +1239,7 @@ static void build_isa_devices_aml(Aml *table)
 Aml *scope = aml_scope("_SB.PCI0.ISA");
 
 aml_append(scope, build_rtc_device_aml());
+aml_append(scope, build_kbd_device_aml());
 
 aml_append(table, scope);
 }
diff --git a/hw/i386/acpi-dsdt-isa.dsl b/hw/i386/acpi-dsdt-isa.dsl
index f2cbbea..f7a3c0a 100644
--- a/hw/i386/acpi-dsdt-isa.dsl
+++ b/hw/i386/acpi-dsdt-isa.dsl
@@ -16,18 +16,6 @@
 /* Common legacy ISA style devices. */
 Scope(\_SB.PCI0.ISA) {
 
-Device(KBD) {
-Name(_HID, EisaId("PNP0303"))
-Method(_STA, 0, NotSerialized) {
-Return (0x0f)
-}
-Name(_CRS, ResourceTemplate() {
-IO(Decode16, 0x0060, 0x0060, 0x01, 0x01)
-IO(Decode16, 0x0064, 0x0064, 0x01, 0x01)
-IRQNoFlags() { 1 }
-})
-}
-
 Device(MOU) {
 Name(_HID, EisaId("PNP0F13"))
 Method(_STA, 0, NotSerialized) {
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 13/51] pc: acpi: memhp: move \_GPE._E03 into SSDT

[Igor Mammedov]

in addition remove no longer needed acpi-dsdt-mem-hotplug.dsl.

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  |  6 ++
 hw/i386/acpi-dsdt-mem-hotplug.dsl | 16 
 hw/i386/acpi-dsdt.dsl |  5 -
 hw/i386/q35-acpi-dsdt.dsl |  5 -
 include/hw/acpi/memory_hotplug.h  |  5 +
 include/hw/acpi/pc-hotplug.h  |  2 --
 6 files changed, 11 insertions(+), 28 deletions(-)
 delete mode 100644 hw/i386/acpi-dsdt-mem-hotplug.dsl

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index a4a90b3..8bdb673 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1081,6 +1081,12 @@ build_ssdt(GArray *table_data, GArray *linker,
 build_memory_hotplug_aml(ssdt, nr_mem, pm->mem_hp_io_base,
  pm->mem_hp_io_len);
 
+scope =  aml_scope("\\_GPE");
+method = aml_method("_E03", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_call0(MEMORY_HOTPLUG_HANDLER_PATH));
+aml_append(scope, method);
+aml_append(ssdt, scope);
+
 bus = PC_MACHINE(machine)->bus;
 if (bus) {
 QLIST_FOREACH(bus, >child, sibling) {
diff --git a/hw/i386/acpi-dsdt-mem-hotplug.dsl 
b/hw/i386/acpi-dsdt-mem-hotplug.dsl
deleted file mode 100644
index 20c5ec1..000
--- a/hw/i386/acpi-dsdt-mem-hotplug.dsl
+++ /dev/null
@@ -1,16 +0,0 @@
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, see .
- */
-
-External(\_SB.PCI0.MEMORY_HOTPLUG_DEVICE.MEMORY_SLOT_SCAN_METHOD, 
MethodObj)
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index 8dba096..9cf1b88 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -250,7 +250,6 @@ DefinitionBlock (
 #include "hw/acpi/pc-hotplug.h"
 #define CPU_STATUS_BASE PIIX4_CPU_HOTPLUG_IO_BASE
 #include "acpi-dsdt-cpu-hotplug.dsl"
-#include "acpi-dsdt-mem-hotplug.dsl"
 
 
 /
@@ -271,10 +270,6 @@ DefinitionBlock (
 // CPU hotplug event
 \_SB.PRSC()
 }
-Method(_E03) {
-// Memory hotplug event
-\_SB.PCI0.MEMORY_HOTPLUG_DEVICE.MEMORY_SLOT_SCAN_METHOD()
-}
 Method(_L04) {
 }
 Method(_L05) {
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index 7be7b37..f950f39 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -387,7 +387,6 @@ DefinitionBlock (
 #include "hw/acpi/pc-hotplug.h"
 #define CPU_STATUS_BASE ICH9_CPU_HOTPLUG_IO_BASE
 #include "acpi-dsdt-cpu-hotplug.dsl"
-#include "acpi-dsdt-mem-hotplug.dsl"
 
 
 /
@@ -404,10 +403,6 @@ DefinitionBlock (
 // CPU hotplug event
 \_SB.PRSC()
 }
-Method(_E03) {
-// Memory hotplug event
-\_SB.PCI0.MEMORY_HOTPLUG_DEVICE.MEMORY_SLOT_SCAN_METHOD()
-}
 Method(_L04) {
 }
 Method(_L05) {
diff --git a/include/hw/acpi/memory_hotplug.h b/include/hw/acpi/memory_hotplug.h
index b6e9f50..de164f2 100644
--- a/include/hw/acpi/memory_hotplug.h
+++ b/include/hw/acpi/memory_hotplug.h
@@ -47,6 +47,11 @@ extern const VMStateDescription vmstate_memory_hotplug;
 
 void acpi_memory_ospm_status(MemHotplugState *mem_st, ACPIOSTInfoList ***list);
 
+#define MEMORY_HOTPLUG_DEVICEMHPD
+#define MEMORY_SLOT_SCAN_METHOD  MSCN
+#define MEMORY_HOTPLUG_HANDLER_PATH "\\_SB.PCI0." \
+ stringify(MEMORY_HOTPLUG_DEVICE) "." stringify(MEMORY_SLOT_SCAN_METHOD)
+
 void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
   uint16_t io_base, uint16_t io_len);
 #endif
diff --git a/include/hw/acpi/pc-hotplug.h b/include/hw/acpi/pc-hotplug.h
index 77b1569..e5bb321 100644
--- a/include/hw/acpi/pc-hotplug.h
+++ b/include/hw/acpi/pc-hotplug.h
@@ -32,7 +32,6 @@
 #define ACPI_MEMORY_HOTPLUG_IO_LEN 24
 #define ACPI_MEMORY_HOTPLUG_BASE 0x0a00
 
-#define MEMORY_HOTPLUG_DEVICEMHPD
 #define MEMORY_SLOTS_NUMBER  MDNR
 #define MEMORY_HOTPLUG_IO_REGION HPMR
 #define MEMORY_SLOT_ADDR_LOW MRBL
@@ -54,6 +53,5 @@
 #define MEMORY_SLOT_PROXIMITY_METHOD MPXM
 #define MEMORY_SLOT_EJECT_METHOD MEJ0
 #define MEMORY_SLOT_NOTIFY_METHODMTFY
-#define MEMORY_SLOT_SCAN_METHOD  MSCN
 
 #endif
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 26/51] pc: acpi: move MOU device from DSDT to SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 21 +
 hw/i386/acpi-dsdt-isa.dsl | 10 --
 2 files changed, 21 insertions(+), 10 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 8c4c003..207dfb9 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1234,12 +1234,33 @@ static Aml *build_kbd_device_aml(void)
 return dev;
 }
 
+static Aml *build_mouse_device_aml(void)
+{
+Aml *dev;
+Aml *crs;
+Aml *method;
+
+dev = aml_device("MOU");
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0F13")));
+
+method = aml_method("_STA", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_return(aml_int(0x0f)));
+aml_append(dev, method);
+
+crs = aml_resource_template();
+aml_append(crs, aml_irq_no_flags(12));
+aml_append(dev, aml_name_decl("_CRS", crs));
+
+return dev;
+}
+
 static void build_isa_devices_aml(Aml *table)
 {
 Aml *scope = aml_scope("_SB.PCI0.ISA");
 
 aml_append(scope, build_rtc_device_aml());
 aml_append(scope, build_kbd_device_aml());
+aml_append(scope, build_mouse_device_aml());
 
 aml_append(table, scope);
 }
diff --git a/hw/i386/acpi-dsdt-isa.dsl b/hw/i386/acpi-dsdt-isa.dsl
index f7a3c0a..8936271 100644
--- a/hw/i386/acpi-dsdt-isa.dsl
+++ b/hw/i386/acpi-dsdt-isa.dsl
@@ -16,16 +16,6 @@
 /* Common legacy ISA style devices. */
 Scope(\_SB.PCI0.ISA) {
 
-Device(MOU) {
-Name(_HID, EisaId("PNP0F13"))
-Method(_STA, 0, NotSerialized) {
-Return (0x0f)
-}
-Name(_CRS, ResourceTemplate() {
-IRQNoFlags() { 12 }
-})
-}
-
 Device(FDC0) {
 Name(_HID, EisaId("PNP0700"))
 Method(_STA, 0, NotSerialized) {
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 46/51] pc: acpi: q35: move _PIC() method into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  |  8 
 hw/i386/q35-acpi-dsdt.dsl | 10 --
 2 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 5948366..4176f15 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1694,6 +1694,14 @@ static void build_q35_pci0_int(Aml *table)
 Aml *sb_scope = aml_scope("_SB");
 Aml *pci0_scope = aml_scope("PCI0");
 
+/* Zero => PIC mode, One => APIC Mode */
+aml_append(table, aml_name_decl("PICF", aml_int(0)));
+method = aml_method("_PIC", 1, AML_NOTSERIALIZED);
+{
+aml_append(method, aml_store(aml_arg(0), aml_name("PICF")));
+}
+aml_append(table, method);
+
 aml_append(pci0_scope,
 aml_name_decl("PRTP", build_q35_routing_table("LNK")));
 aml_append(pci0_scope,
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index 34485e7..7c7aef7 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -112,14 +112,4 @@ DefinitionBlock (
 }
 }
 }
-
-/
- * PCI IRQs
- /
-
-/* Zero => PIC mode, One => APIC Mode */
-Name(\PICF, Zero)
-Method(\_PIC, 1, NotSerialized) {
-Store(Arg0, \PICF)
-}
 }
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 47/51] pc: acpi: q35: move PCI0._OSC() method into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 56 ++
 hw/i386/q35-acpi-dsdt.dsl | 57 ---
 2 files changed, 56 insertions(+), 57 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 4176f15..4effa32 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1894,6 +1894,54 @@ static void build_piix4_pci_hotplug(Aml *table)
 aml_append(table, scope);
 }
 
+static Aml *build_q35_osc_method(void)
+{
+Aml *if_ctx;
+Aml *if_ctx2;
+Aml *else_ctx;
+Aml *method;
+Aml *a_cwd1 = aml_name("CDW1");
+Aml *a_ctrl = aml_name("CTRL");
+
+method = aml_method("_OSC", 4, AML_NOTSERIALIZED);
+aml_append(method, aml_create_dword_field(aml_arg(3), aml_int(0), "CDW1"));
+
+if_ctx = aml_if(aml_equal(
+aml_arg(0), aml_touuid("33DB4D5B-1FF7-401C-9657-7441C03DD766")));
+aml_append(if_ctx, aml_create_dword_field(aml_arg(3), aml_int(4), "CDW2"));
+aml_append(if_ctx, aml_create_dword_field(aml_arg(3), aml_int(8), "CDW3"));
+
+aml_append(if_ctx, aml_store(aml_name("CDW2"), aml_name("SUPP")));
+aml_append(if_ctx, aml_store(aml_name("CDW3"), a_ctrl));
+
+/*
+ * Always allow native PME, AER (no dependencies)
+ * Never allow SHPC (no SHPC controller in this system)
+ */
+aml_append(if_ctx, aml_and(a_ctrl, aml_int(0x1D), a_ctrl));
+
+if_ctx2 = aml_if(aml_lnot(aml_equal(aml_arg(1), aml_int(1;
+/* Unknown revision */
+aml_append(if_ctx2, aml_or(a_cwd1, aml_int(0x08), a_cwd1));
+aml_append(if_ctx, if_ctx2);
+
+if_ctx2 = aml_if(aml_lnot(aml_equal(aml_name("CDW3"), a_ctrl)));
+/* Capabilities bits were masked */
+aml_append(if_ctx2, aml_or(a_cwd1, aml_int(0x10), a_cwd1));
+aml_append(if_ctx, if_ctx2);
+
+/* Update DWORD3 in the buffer */
+aml_append(if_ctx, aml_store(a_ctrl, aml_name("CDW3")));
+aml_append(method, if_ctx);
+
+else_ctx = aml_else();
+/* Unrecognized UUID */
+aml_append(else_ctx, aml_or(a_cwd1, aml_int(4), a_cwd1));
+aml_append(method, else_ctx);
+
+aml_append(method, aml_return(aml_arg(3)));
+return method;
+}
 
 static void
 build_ssdt(GArray *table_data, GArray *linker,
@@ -1932,6 +1980,14 @@ build_ssdt(GArray *table_data, GArray *linker,
 build_piix4_pci_hotplug(ssdt);
 build_piix4_pci0_int(ssdt);
 } else {
+sb_scope = aml_scope("_SB");
+scope = aml_scope("PCI0");
+aml_append(scope, aml_name_decl("SUPP", aml_int(0)));
+aml_append(scope, aml_name_decl("CTRL", aml_int(0)));
+aml_append(scope, build_q35_osc_method());
+aml_append(sb_scope, scope);
+aml_append(ssdt, sb_scope);
+
 build_hpet_aml(ssdt);
 build_q35_isa_bridge(ssdt);
 build_isa_devices_aml(ssdt);
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index 7c7aef7..b53663c 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -53,63 +53,6 @@ DefinitionBlock (
 Name(_CID, EisaId("PNP0A03"))
 Name(_ADR, 0x00)
 Name(_UID, 1)
-
-External(ISA, DeviceObj)
-
-// _OSC: based on sample of ACPI3.0b spec
-Name(SUPP, 0) // PCI _OSC Support Field value
-Name(CTRL, 0) // PCI _OSC Control Field value
-Method(_OSC, 4) {
-// Create DWORD-addressable fields from the Capabilities Buffer
-CreateDWordField(Arg3, 0, CDW1)
-
-// Check for proper UUID
-If (LEqual(Arg0, 
ToUUID("33DB4D5B-1FF7-401C-9657-7441C03DD766"))) {
-// Create DWORD-addressable fields from the Capabilities 
Buffer
-CreateDWordField(Arg3, 4, CDW2)
-CreateDWordField(Arg3, 8, CDW3)
-
-// Save Capabilities DWORD2 & 3
-Store(CDW2, SUPP)
-Store(CDW3, CTRL)
-
-// Always allow native PME, AER (no dependencies)
-// Never allow SHPC (no SHPC controller in this system)
-And(CTRL, 0x1D, CTRL)
-
-#if 0 // For now, nothing to do
-If (Not(And(CDW1, 1))) { // Query flag clear?
-// Disable GPEs for features granted native control.
-If (And(CTRL, 0x01)) { // Hot plug control granted?
-Store(0, HPCE) // clear the hot plug SCI enable bit
-Store(1, HPCS) // clear the hot plug SCI status bit
-}
-If (And(CTRL, 0x04)) { // PME control granted?
-Store(0, PMCE) // clear the PME SCI enable bit
-Store(1, PMCS) // clear the PME SCI status bit
-}
-If (And(CTRL, 0x10)) { // OS restoring PCI Express cap 
structure?

[Qemu-devel] [PATCH v2 28/51] pc: acpi: move LPT device from DSDT to SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 36 
 hw/i386/acpi-dsdt-isa.dsl | 16 
 2 files changed, 36 insertions(+), 16 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 9ca428a..3585849 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1293,6 +1293,41 @@ static Aml *build_mouse_device_aml(void)
 return dev;
 }
 
+static Aml *build_lpt_device_aml(void)
+{
+Aml *dev;
+Aml *crs;
+Aml *method;
+Aml *if_ctx;
+Aml *else_ctx;
+Aml *zero = aml_int(0);
+Aml *is_present = aml_local(0);
+
+dev = aml_device("LPT");
+aml_append(dev, aml_name_decl("_HID", aml_eisaid("PNP0400")));
+
+method = aml_method("_STA", 0, AML_NOTSERIALIZED);
+aml_append(method, aml_store(aml_name("LPEN"), is_present));
+if_ctx = aml_if(aml_equal(is_present, zero));
+{
+aml_append(if_ctx, aml_return(aml_int(0x00)));
+}
+aml_append(method, if_ctx);
+else_ctx = aml_else();
+{
+aml_append(else_ctx, aml_return(aml_int(0x0f)));
+}
+aml_append(method, else_ctx);
+aml_append(dev, method);
+
+crs = aml_resource_template();
+aml_append(crs, aml_io(AML_DECODE16, 0x0378, 0x0378, 0x08, 0x08));
+aml_append(crs, aml_irq_no_flags(7));
+aml_append(dev, aml_name_decl("_CRS", crs));
+
+return dev;
+}
+
 static void build_isa_devices_aml(Aml *table)
 {
 Aml *scope = aml_scope("_SB.PCI0.ISA");
@@ -1301,6 +1336,7 @@ static void build_isa_devices_aml(Aml *table)
 aml_append(scope, build_kbd_device_aml());
 aml_append(scope, build_mouse_device_aml());
 aml_append(scope, build_fdc_device_aml());
+aml_append(scope, build_lpt_device_aml());
 
 aml_append(table, scope);
 }
diff --git a/hw/i386/acpi-dsdt-isa.dsl b/hw/i386/acpi-dsdt-isa.dsl
index 64dd4ac..cc5e8f9 100644
--- a/hw/i386/acpi-dsdt-isa.dsl
+++ b/hw/i386/acpi-dsdt-isa.dsl
@@ -16,22 +16,6 @@
 /* Common legacy ISA style devices. */
 Scope(\_SB.PCI0.ISA) {
 
-Device(LPT) {
-Name(_HID, EisaId("PNP0400"))
-Method(_STA, 0, NotSerialized) {
-Store(LPEN, Local0)
-If (LEqual(Local0, 0)) {
-Return (0x00)
-} Else {
-Return (0x0F)
-}
-}
-Name(_CRS, ResourceTemplate() {
-IO(Decode16, 0x0378, 0x0378, 0x08, 0x08)
-IRQNoFlags() { 7 }
-})
-}
-
 Device(COM1) {
 Name(_HID, EisaId("PNP0501"))
 Name(_UID, 0x01)
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 33/51] pc: acpi: piix4: move IQCR() into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 20 
 hw/i386/acpi-dsdt.dsl | 11 ---
 2 files changed, 20 insertions(+), 11 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 891a29c..45bc6b1 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1468,6 +1468,7 @@ static void build_piix4_pci0_int(Aml *table)
 Aml *dev;
 Aml *crs;
 Aml *field;
+Aml *if_ctx;
 Aml *method;
 uint32_t irqs;
 Aml *sb_scope = aml_scope("_SB");
@@ -1479,6 +1480,25 @@ static void build_piix4_pci0_int(Aml *table)
 aml_append(field, aml_named_field("PRQ3", 8));
 aml_append(sb_scope, field);
 
+/* _CRS method - get current settings */
+method = aml_method("IQCR", 1, AML_SERIALIZED);
+{
+crs = aml_resource_template();
+irqs = 0;
+aml_append(crs, aml_interrupt(AML_CONSUMER, AML_LEVEL,
+  AML_ACTIVE_HIGH, AML_SHARED, , 1));
+aml_append(method, aml_name_decl("PRR0", crs));
+
+aml_append(method,
+aml_create_dword_field(aml_name("PRR0"), aml_int(5), "PRRI"));
+
+if_ctx = aml_if(aml_lless(aml_arg(0), aml_int(0x80)));
+aml_append(if_ctx, aml_store(aml_arg(0), aml_name("PRRI")));
+aml_append(method, if_ctx);
+aml_append(method, aml_return(aml_name("PRR0")));
+}
+aml_append(sb_scope, method);
+
 aml_append(sb_scope, build_link_dev("LNKA", 0, aml_name("PRQ0")));
 aml_append(sb_scope, build_link_dev("LNKB", 1, aml_name("PRQ1")));
 aml_append(sb_scope, build_link_dev("LNKC", 2, aml_name("PRQ2")));
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index b74cffd..1f58ec4 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -140,17 +140,6 @@ DefinitionBlock (
 }
 Return (0x0B)
 }
-Method(IQCR, 1, Serialized) {
-// _CRS method - get current settings
-Name(PRR0, ResourceTemplate() {
-Interrupt(, Level, ActiveHigh, Shared) { 0 }
-})
-CreateDWordField(PRR0, 0x05, PRRI)
-If (LLess(Arg0, 0x80)) {
-Store(Arg0, PRRI)
-}
-Return (PRR0)
-}
 
 External(LNKA, DeviceObj)
 External(LNKB, DeviceObj)
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 45/51] pc: acpi: q35: move PRTP routing table into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  |  2 ++
 hw/i386/q35-acpi-dsdt.dsl | 79 ---
 2 files changed, 2 insertions(+), 79 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 1e12696..5948366 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1695,6 +1695,8 @@ static void build_q35_pci0_int(Aml *table)
 Aml *pci0_scope = aml_scope("PCI0");
 
 aml_append(pci0_scope,
+aml_name_decl("PRTP", build_q35_routing_table("LNK")));
+aml_append(pci0_scope,
 aml_name_decl("PRTA", build_q35_routing_table("GSI")));
 
 method = aml_method("_PRT", 0, AML_NOTSERIALIZED);
diff --git a/hw/i386/q35-acpi-dsdt.dsl b/hw/i386/q35-acpi-dsdt.dsl
index a3073ad..34485e7 100644
--- a/hw/i386/q35-acpi-dsdt.dsl
+++ b/hw/i386/q35-acpi-dsdt.dsl
@@ -122,83 +122,4 @@ DefinitionBlock (
 Method(\_PIC, 1, NotSerialized) {
 Store(Arg0, \PICF)
 }
-
-Scope(\_SB) {
-Scope(PCI0) {
-#define prt_slot_lnk(nr, lnk0, lnk1, lnk2, lnk3)  \
-Package() { nr##, 0, lnk0, 0 },   \
-Package() { nr##, 1, lnk1, 0 },   \
-Package() { nr##, 2, lnk2, 0 },   \
-Package() { nr##, 3, lnk3, 0 }
-
-#define prt_slot_lnkA(nr) prt_slot_lnk(nr, LNKA, LNKB, LNKC, LNKD)
-#define prt_slot_lnkB(nr) prt_slot_lnk(nr, LNKB, LNKC, LNKD, LNKA)
-#define prt_slot_lnkC(nr) prt_slot_lnk(nr, LNKC, LNKD, LNKA, LNKB)
-#define prt_slot_lnkD(nr) prt_slot_lnk(nr, LNKD, LNKA, LNKB, LNKC)
-
-#define prt_slot_lnkE(nr) prt_slot_lnk(nr, LNKE, LNKF, LNKG, LNKH)
-#define prt_slot_lnkF(nr) prt_slot_lnk(nr, LNKF, LNKG, LNKH, LNKE)
-#define prt_slot_lnkG(nr) prt_slot_lnk(nr, LNKG, LNKH, LNKE, LNKF)
-#define prt_slot_lnkH(nr) prt_slot_lnk(nr, LNKH, LNKE, LNKF, LNKG)
-
-Name(PRTP, package() {
-prt_slot_lnkE(0x),
-prt_slot_lnkF(0x0001),
-prt_slot_lnkG(0x0002),
-prt_slot_lnkH(0x0003),
-prt_slot_lnkE(0x0004),
-prt_slot_lnkF(0x0005),
-prt_slot_lnkG(0x0006),
-prt_slot_lnkH(0x0007),
-prt_slot_lnkE(0x0008),
-prt_slot_lnkF(0x0009),
-prt_slot_lnkG(0x000a),
-prt_slot_lnkH(0x000b),
-prt_slot_lnkE(0x000c),
-prt_slot_lnkF(0x000d),
-prt_slot_lnkG(0x000e),
-prt_slot_lnkH(0x000f),
-prt_slot_lnkE(0x0010),
-prt_slot_lnkF(0x0011),
-prt_slot_lnkG(0x0012),
-prt_slot_lnkH(0x0013),
-prt_slot_lnkE(0x0014),
-prt_slot_lnkF(0x0015),
-prt_slot_lnkG(0x0016),
-prt_slot_lnkH(0x0017),
-prt_slot_lnkE(0x0018),
-
-/* INTA -> PIRQA for slot 25 - 31
-   see the default value of DIR */
-prt_slot_lnkA(0x0019),
-prt_slot_lnkA(0x001a),
-prt_slot_lnkA(0x001b),
-prt_slot_lnkA(0x001c),
-prt_slot_lnkA(0x001d),
-
-/* PCIe->PCI bridge. use PIRQ[E-H] */
-prt_slot_lnkE(0x001e),
-
-prt_slot_lnkA(0x001f)
-})
-}
-
-External(LNKA, DeviceObj)
-External(LNKB, DeviceObj)
-External(LNKC, DeviceObj)
-External(LNKD, DeviceObj)
-External(LNKE, DeviceObj)
-External(LNKF, DeviceObj)
-External(LNKG, DeviceObj)
-External(LNKH, DeviceObj)
-
-External(GSIA, DeviceObj)
-External(GSIB, DeviceObj)
-External(GSIC, DeviceObj)
-External(GSID, DeviceObj)
-External(GSIE, DeviceObj)
-External(GSIF, DeviceObj)
-External(GSIG, DeviceObj)
-External(GSIH, DeviceObj)
-}
 }
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 00/51] pc: acpi: convert DSDT to AML API and drop ASL templates support

[Igor Mammedov]

Changelog:
  v1->v2:
- rebase on top of PCI tree skipping AML API patches
  as they are already applied there
- drop a_ prefix for AML variables
- use DIFF env. var. to specify diff utility to show ASL difference
- build ISA device with a function pre device type
  at expence of some code duplication it makes code a little bit
  more readable. Later refactoring will remove duplicated code
  folding all of it into one simple function for all ISA devices.
- unfold GPE stub handlers loop and opencode it, it adds ~10 extra LOC
  that will be removed at refactoring stage since stubs are not
  required by spec/guest leaving only GPE handlers that are
  actually doing something.
- minor cleanups to make code more readble/clear,
  based on Marcel's and Michael's review.


Due to huge size, CCing only cover letter instead of individual patches.

Series converts DSDT using existing and new AML API.

Series does exact byte by byte conversion and passes ACPI tables
'make check' tests.
The conversion first moves common for PIIX4/Q35 parts, getting
rid of *.dsl includes and then converts PIIX4 and Q35 parts of DSDT.

Diff-stat looks nice but actual code base is reduced by ~2000LOC
while the rest of 1 removals is dropping precompiled AML
templates from the tree.

There are some AML parts that could be optimized/simplified and shared
between PIIX4/Q35/ARM but doing it will break exact match with original
tests, hence it's left out for later refactoring.

git tree for testing:
https://github.com/imammedo/qemu/tree/drop_ASL_support_v2
or 
github.com:imammedo/qemu.git drop_ASL_support_v2

Igor Mammedov (51):
  tests: acpi: print ASL diff in verbose mode
  pc: acpi: memhp: prepare context in SSDT for moving memhp DSDT code
  pc: acpi: memhp: move MHPD._STA method into SSDT
  pc: acpi: memhp: move MHPD.MLCK mutex into SSDT
  pc: acpi: memhp: move MHPD.MSCN method into SSDT
  pc: acpi: memhp: move MHPD.MRST method into SSDT
  pc: acpi: memhp: move MHPD.MPXM method into SSDT
  pc: acpi: memhp: move MHPD.MOST method into SSDT
  pc: acpi: memhp: move MHPD.MEJ0 method into SSDT
  pc: acpi: memhp: move MHPD.MCRS method into SSDT
  pc: acpi: memhp: move MHPD Device into SSDT
  pc: acpi: factor out memhp code from build_ssdt() into separate
function
  pc: acpi: memhp: move \_GPE._E03 into SSDT
  pc: acpi: memhp: drop not needed stringify(MEMORY_foo) usage
  pc: acpi: drop unused CPU_STATUS_LEN from DSDT
  pc: acpi: cpuhp: move CPEJ() method to SSDT
  pc: acpi: cpuhp: move CPMA() method into SSDT
  pc: acpi: cpuhp: move CPST() method into SSDT
  pc: acpi: cpuhp: move PRSC() method into SSDT
  pc: acpi: cpuhp: move \_GPE._E02() into SSDT
  pc: acpi: factor out cpu hotplug code from build_ssdt() into separate
function
  pc: acpi: move HPET from DSDT to SSDT
  pc: acpi: move DBUG() from DSDT to SSDT
  pc: acpi: move RTC device from DSDT to SSDT
  pc: acpi: move KBD device from DSDT to SSDT
  pc: acpi: move MOU device from DSDT to SSDT
  pc: acpi: move FDC0 device from DSDT to SSDT
  pc: acpi: move LPT device from DSDT to SSDT
  pc: acpi: move COM devices from DSDT to SSDT
  pc: acpi: move PIIX4 isa-bridge and pm devices into SSDT
  pc: acpi: move remaining GPE handlers into SSDT
  pc: acpi: pci: move link devices into SSDT
  pc: acpi: piix4: move IQCR() into SSDT
  pc: acpi: piix4: move IQST() into SSDT
  pc: acpi: piix4: move PCI0._PRT() into SSDT
  pc: acpi: piix4: move remaining PCI hotplug bits into SSDT
  pc: acpi: piix4: acpi move PCI0 device to SSDT
  pc: acpi: q35: move GSI links to SSDT
  pc: acpi: q35: move link devices to SSDT
  pc: acpi: q35: move IQCR() into SSDT
  pc: acpi: q35: move IQST() into SSDT
  pc: acpi: q35: move ISA bridge into SSDT
  pc: acpi: q35: move _PRT() into SSDT
  pc: acpi: q35: move PRTA routing table into SSDT
  pc: acpi: q35: move PRTP routing table into SSDT
  pc: acpi: q35: move _PIC() method into SSDT
  pc: acpi: q35: move PCI0._OSC() method into SSDT
  pc: acpi: q35: move PCI0 device definition into SSDT
  pc: acpi: q35: PCST, PCSB opregions and PCIB field into SSDT
  pc: acpi: switch to AML API composed DSDT
  pc: acpi: remove unused ASL templates and related blobs/utils

 hw/acpi/Makefile.objs   |4 +-
 hw/acpi/cpu_hotplug_acpi_table.c|  135 +
 hw/acpi/memory_hotplug_acpi_table.c |  262 ++
 hw/i386/Makefile.objs   |   30 -
 hw/i386/acpi-build.c| 1367 +--
 hw/i386/acpi-dsdt-cpu-hotplug.dsl   |   90 -
 hw/i386/acpi-dsdt-dbug.dsl  |   41 -
 hw/i386/acpi-dsdt-hpet.dsl  |   48 -
 hw/i386/acpi-dsdt-isa.dsl   |  117 -
 hw/i386/acpi-dsdt-mem-hotplug.dsl   |  171 -
 hw/i386/acpi-dsdt.dsl   |  303 --
 hw/i386/acpi-dsdt.hex.generated | 2972 --
 hw/i386/q35-acpi-dsdt.dsl   |  436 --
 hw/i386/q35-acpi-dsdt.hex.generated | 7610 ---
 hw/timer/hpet.c |2 +-
 

[Qemu-devel] [PATCH v2 02/51] pc: acpi: memhp: prepare context in SSDT for moving memhp DSDT code

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/acpi/Makefile.objs   |  2 +-
 hw/acpi/memory_hotplug_acpi_table.c | 30 ++
 hw/i386/acpi-build.c|  3 +++
 include/hw/acpi/memory_hotplug.h|  4 
 4 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 hw/acpi/memory_hotplug_acpi_table.c

diff --git a/hw/acpi/Makefile.objs b/hw/acpi/Makefile.objs
index 095597f..052be62 100644
--- a/hw/acpi/Makefile.objs
+++ b/hw/acpi/Makefile.objs
@@ -1,7 +1,7 @@
 common-obj-$(CONFIG_ACPI_X86) += core.o piix4.o pcihp.o
 common-obj-$(CONFIG_ACPI_X86_ICH) += ich9.o tco.o
 common-obj-$(CONFIG_ACPI_CPU_HOTPLUG) += cpu_hotplug.o
-common-obj-$(CONFIG_ACPI_MEMORY_HOTPLUG) += memory_hotplug.o
+common-obj-$(CONFIG_ACPI_MEMORY_HOTPLUG) += memory_hotplug.o 
memory_hotplug_acpi_table.o
 common-obj-$(CONFIG_ACPI_NVDIMM) += nvdimm.o
 common-obj-$(CONFIG_ACPI) += acpi_interface.o
 common-obj-$(CONFIG_ACPI) += bios-linker-loader.o
diff --git a/hw/acpi/memory_hotplug_acpi_table.c 
b/hw/acpi/memory_hotplug_acpi_table.c
new file mode 100644
index 000..35fefba
--- /dev/null
+++ b/hw/acpi/memory_hotplug_acpi_table.c
@@ -0,0 +1,30 @@
+/*
+ * Memory hotplug AML code of DSDT ACPI table
+ *
+ * Copyright (C) 2015 Red Hat Inc
+ *
+ * Author: Igor Mammedov 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include 
+#include "hw/acpi/memory_hotplug.h"
+#include "include/hw/acpi/pc-hotplug.h"
+#include "hw/boards.h"
+
+void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
+  uint16_t io_base, uint16_t io_len)
+{
+Aml *pci_scope;
+Aml *mem_ctrl_dev;
+
+/* scope for memory hotplug controller device node */
+pci_scope = aml_scope("_SB.PCI0");
+mem_ctrl_dev = aml_scope(stringify(MEMORY_HOTPLUG_DEVICE));
+{
+}
+aml_append(pci_scope, mem_ctrl_dev);
+aml_append(ctx, pci_scope);
+}
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 4cc1440..e365047 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -954,6 +954,9 @@ build_ssdt(GArray *table_data, GArray *linker,
 /* Reserve space for header */
 acpi_data_push(ssdt->buf, sizeof(AcpiTableHeader));
 
+build_memory_hotplug_aml(ssdt, nr_mem, pm->mem_hp_io_base,
+ pm->mem_hp_io_len);
+
 bus = PC_MACHINE(machine)->bus;
 if (bus) {
 QLIST_FOREACH(bus, >child, sibling) {
diff --git a/include/hw/acpi/memory_hotplug.h b/include/hw/acpi/memory_hotplug.h
index 1342adb..b6e9f50 100644
--- a/include/hw/acpi/memory_hotplug.h
+++ b/include/hw/acpi/memory_hotplug.h
@@ -4,6 +4,7 @@
 #include "hw/qdev-core.h"
 #include "hw/acpi/acpi.h"
 #include "migration/vmstate.h"
+#include "hw/acpi/aml-build.h"
 
 /**
  * MemStatus:
@@ -45,4 +46,7 @@ extern const VMStateDescription vmstate_memory_hotplug;
vmstate_memory_hotplug, MemHotplugState)
 
 void acpi_memory_ospm_status(MemHotplugState *mem_st, ACPIOSTInfoList ***list);
+
+void build_memory_hotplug_aml(Aml *ctx, uint32_t nr_mem,
+  uint16_t io_base, uint16_t io_len);
 #endif
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 35/51] pc: acpi: piix4: move PCI0._PRT() into SSDT

[Igor Mammedov]

PCI routing table for expander buses is build with help
of build_prt() using AML API. And it's almost the same
as PRT for PCI0 bus except of power-management device.
So make existing build_prt() build PRT table for PCI0
bus as well.

Signed-off-by: Igor Mammedov 
Reviewed-by: Marcel Apfelbaum 
---
v3:
 - document build_prt_entry()
 - use {} scope for if/else AML constructs to make
   code more readble and clear what code belongs to what if ctx
 - rename if_ctx to if_device_1
 - rename if_ctx2/else_ctx2 to [if|else]_pin_4

v2:
 - adapt build_prt() for using for PCI0._PRT(), reduces code duplication,
   Suggested-by: Marcel Apfelbaum 
---
 hw/i386/acpi-build.c  | 55 +++---
 hw/i386/acpi-dsdt.dsl | 60 ---
 2 files changed, 47 insertions(+), 68 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 8b23363..fd81b40 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -621,6 +621,23 @@ static void build_append_pci_bus_devices(Aml 
*parent_scope, PCIBus *bus,
 qobject_decref(bsel);
 }
 
+/**
+ * build_prt_entry:
+ * @link_name: link name for PCI route entry
+ *
+ * build AML package containing a PCI route entry for @link_name
+ */
+static Aml *build_prt_entry(const char *link_name)
+{
+Aml *a_zero = aml_int(0);
+Aml *pkg = aml_package(4);
+aml_append(pkg, a_zero);
+aml_append(pkg, a_zero);
+aml_append(pkg, aml_name("%s", link_name));
+aml_append(pkg, a_zero);
+return pkg;
+}
+
 /*
  * initialize_route - Initialize the interrupt routing rule
  * through a specific LINK:
@@ -631,12 +648,8 @@ static Aml *initialize_route(Aml *route, const char 
*link_name,
  Aml *lnk_idx, int idx)
 {
 Aml *if_ctx = aml_if(aml_equal(lnk_idx, aml_int(idx)));
-Aml *pkg = aml_package(4);
+Aml *pkg = build_prt_entry(link_name);
 
-aml_append(pkg, aml_int(0));
-aml_append(pkg, aml_int(0));
-aml_append(pkg, aml_name("%s", link_name));
-aml_append(pkg, aml_int(0));
 aml_append(if_ctx, aml_store(pkg, route));
 
 return if_ctx;
@@ -652,7 +665,7 @@ static Aml *initialize_route(Aml *route, const char 
*link_name,
  * The hash function is  (slot + pin) & 3 -> "LNK[D|A|B|C]".
  *
  */
-static Aml *build_prt(void)
+static Aml *build_prt(bool is_pci0_prt)
 {
 Aml *method, *while_ctx, *pin, *res;
 
@@ -679,7 +692,29 @@ static Aml *build_prt(void)
 
 /* route[2] = "LNK[D|A|B|C]", selection based on pin % 3  */
 aml_append(while_ctx, initialize_route(route, "LNKD", lnk_idx, 0));
-aml_append(while_ctx, initialize_route(route, "LNKA", lnk_idx, 1));
+if (is_pci0_prt) {
+Aml *if_device_1, *if_pin_4, *else_pin_4;
+
+/* device 1 is the power-management device, needs SCI */
+if_device_1 = aml_if(aml_equal(lnk_idx, aml_int(1)));
+{
+if_pin_4 = aml_if(aml_equal(pin, aml_int(4)));
+{
+aml_append(if_pin_4,
+aml_store(build_prt_entry("LNKS"), route));
+}
+aml_append(if_device_1, if_pin_4);
+else_pin_4 = aml_else();
+{
+aml_append(else_pin_4,
+aml_store(build_prt_entry("LNKA"), route));
+}
+aml_append(if_device_1, else_pin_4);
+}
+aml_append(while_ctx, if_device_1);
+} else {
+aml_append(while_ctx, initialize_route(route, "LNKA", lnk_idx, 1));
+}
 aml_append(while_ctx, initialize_route(route, "LNKB", lnk_idx, 2));
 aml_append(while_ctx, initialize_route(route, "LNKC", lnk_idx, 3));
 
@@ -1472,6 +1507,10 @@ static void build_piix4_pci0_int(Aml *table)
 Aml *method;
 uint32_t irqs;
 Aml *sb_scope = aml_scope("_SB");
+Aml *pci0_scope = aml_scope("PCI0");
+
+aml_append(pci0_scope, build_prt(true));
+aml_append(sb_scope, pci0_scope);
 
 field = aml_field("PCI0.ISA.P40C", AML_BYTE_ACC, AML_NOLOCK, AML_PRESERVE);
 aml_append(field, aml_named_field("PRQ0", 8));
@@ -1696,7 +1735,7 @@ build_ssdt(GArray *table_data, GArray *linker,
 aml_append(dev, aml_name_decl("_PXM", aml_int(numa_node)));
 }
 
-aml_append(dev, build_prt());
+aml_append(dev, build_prt(false));
 crs = build_crs(PCI_HOST_BRIDGE(BUS(bus)->parent),
 io_ranges, mem_ranges);
 aml_append(dev, aml_name_decl("_CRS", crs));
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index bc6bd45..5d741dd 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -78,64 +78,4 @@ DefinitionBlock (
 /* Hotplug notification method supplied by SSDT */
 External(\_SB.PCI0.PCNT, MethodObj)
 }
-
-

[Qemu-devel] [PATCH v2 36/51] pc: acpi: piix4: move remaining PCI hotplug bits into SSDT

[Igor Mammedov]

Signed-off-by: Igor Mammedov 
---
 hw/i386/acpi-build.c  | 43 +++
 hw/i386/acpi-dsdt.dsl | 40 
 2 files changed, 43 insertions(+), 40 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index fd81b40..ec6ceda 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1635,6 +1635,48 @@ static void build_piix4_isa_bridge(Aml *table)
 aml_append(table, scope);
 }
 
+static void build_piix4_pci_hotplug(Aml *table)
+{
+Aml *scope;
+Aml *field;
+Aml *method;
+
+scope =  aml_scope("_SB.PCI0");
+
+aml_append(scope,
+aml_operation_region("PCST", AML_SYSTEM_IO, 0xae00, 0x08));
+field = aml_field("PCST", AML_DWORD_ACC, AML_NOLOCK, AML_WRITE_AS_ZEROS);
+aml_append(field, aml_named_field("PCIU", 32));
+aml_append(field, aml_named_field("PCID", 32));
+aml_append(scope, field);
+
+aml_append(scope,
+aml_operation_region("SEJ", AML_SYSTEM_IO, 0xae08, 0x04));
+field = aml_field("SEJ", AML_DWORD_ACC, AML_NOLOCK, AML_WRITE_AS_ZEROS);
+aml_append(field, aml_named_field("B0EJ", 32));
+aml_append(scope, field);
+
+aml_append(scope,
+aml_operation_region("BNMR", AML_SYSTEM_IO, 0xae10, 0x04));
+field = aml_field("BNMR", AML_DWORD_ACC, AML_NOLOCK, AML_WRITE_AS_ZEROS);
+aml_append(field, aml_named_field("BNUM", 32));
+aml_append(scope, field);
+
+aml_append(scope, aml_mutex("BLCK", 0));
+
+method = aml_method("PCEJ", 2, AML_NOTSERIALIZED);
+aml_append(method, aml_acquire(aml_name("BLCK"), 0x));
+aml_append(method, aml_store(aml_arg(0), aml_name("BNUM")));
+aml_append(method,
+aml_store(aml_shiftleft(aml_int(1), aml_arg(1)), aml_name("B0EJ")));
+aml_append(method, aml_release(aml_name("BLCK")));
+aml_append(method, aml_return(aml_int(0)));
+aml_append(scope, method);
+
+aml_append(table, scope);
+}
+
+
 static void
 build_ssdt(GArray *table_data, GArray *linker,
AcpiCpuInfo *cpu, AcpiPmInfo *pm, AcpiMiscInfo *misc,
@@ -1661,6 +1703,7 @@ build_ssdt(GArray *table_data, GArray *linker,
 build_piix4_pm(ssdt);
 build_piix4_isa_bridge(ssdt);
 build_isa_devices_aml(ssdt);
+build_piix4_pci_hotplug(ssdt);
 build_piix4_pci0_int(ssdt);
 } else {
 build_hpet_aml(ssdt);
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index 5d741dd..a7769fc 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -38,44 +38,4 @@ DefinitionBlock (
 //External(PX13, DeviceObj)
 }
 }
-
-/
- * PCI hotplug
- /
-
-Scope(\_SB.PCI0) {
-OperationRegion(PCST, SystemIO, 0xae00, 0x08)
-Field(PCST, DWordAcc, NoLock, WriteAsZeros) {
-PCIU, 32,
-PCID, 32,
-}
-
-OperationRegion(SEJ, SystemIO, 0xae08, 0x04)
-Field(SEJ, DWordAcc, NoLock, WriteAsZeros) {
-B0EJ, 32,
-}
-
-OperationRegion(BNMR, SystemIO, 0xae10, 0x04)
-Field(BNMR, DWordAcc, NoLock, WriteAsZeros) {
-BNUM, 32,
-}
-
-/* Lock to protect access to fields above. */
-Mutex(BLCK, 0)
-
-/* Methods called by bulk generated PCI devices below */
-
-/* Methods called by hotplug devices */
-Method(PCEJ, 2, NotSerialized) {
-// _EJ0 method - eject callback
-Acquire(BLCK, 0x)
-Store(Arg0, BNUM)
-Store(ShiftLeft(1, Arg1), B0EJ)
-Release(BLCK)
-Return (0x0)
-}
-
-/* Hotplug notification method supplied by SSDT */
-External(\_SB.PCI0.PCNT, MethodObj)
-}
 }
-- 
1.8.3.1

Re: [Qemu-devel] live migration vs device assignment (motivation)

[Lan, Tianyu]

On 12/25/2015 8:11 PM, Michael S. Tsirkin wrote:

As long as you keep up this vague talk about performance during
migration, without even bothering with any measurements, this patchset
will keep going nowhere.



I measured network service downtime for "keep device alive"(RFC patch V1 
presented) and "put down and up network interface"(RFC patch V2 
presented) during migration with some optimizations.


The former is around 140ms and the later is around 240ms.

My patchset relies on the maibox irq which doesn't work in the suspend 
state and so can't get downtime for suspend/resume cases. Will try to 
get the result later.






There's Alex's patch that tracks memory changes during migration.  It
needs some simple enhancements to be useful in production (e.g. add a
host/guest handshake to both enable tracking in guest and to detect the
support in host), then it can allow starting migration with an assigned
device, by invoking hot-unplug after most of memory have been migrated.

Please implement this in qemu and measure the speed.


Sure. Will do that.


I will not be surprised if destroying/creating netdev in linux
turns out to take too long, but before anyone bothered
checking, it does not make sense to discuss further enhancements.

Re: [Qemu-devel] [PATCH v2 02/26] armv7m: Undo armv7m.hack

[Peter Maydell]

On 28 December 2015 at 01:55, Michael Davidsaver  wrote:
> On 12/17/2015 10:38 AM, Peter Maydell wrote:
>> We could use a comment here (a) explaining what we're doing and (b)
>> mentioning that this isn't architecturally correct -- ideally we should
>> catch these exception exits on execution of the jump insn, not by
>> letting the jump execute and then trapping when we actually try to
>> execute at the magic addresses.
>
> I had an instructive little digression to investigate doing things the
> "right way" (in tcg).  I can see how it would be done by adding a
> conditional every time the PC could be updated.  To me the unassigned
> handler trick/hack seems simpler (less likely to add a bug) and avoids
> emitting more code for every ldm/pop instruction.

Yes, it's faster, which is why we do it this way. It is however
not what the hardware does (in a way which is visible to guest code
which is specifically looking for the difference), which is why it's
worth commenting on.

thanks
-- PMM

Re: [Qemu-devel] [PATCH v2 03/26] armv7m: Explicit error for bad vector table

[Peter Maydell]

On 27 December 2015 at 20:43, Michael Davidsaver  wrote:
> On 12/17/2015 08:25 AM, Peter Maydell wrote:
>> On 3 December 2015 at 00:18, Michael Davidsaver  
>> wrote:
>>> ...
>>> +static
>>> +uint32_t arm_v7m_load_vector(ARMCPU *cpu)
>>> +
>>> +{
>>> +CPUState *cs = >parent_obj;
>> This isn't the right way to cast to the base class of a QOM object.
>> You want:
>>CPUState *cs = CPU(cpu);
>
> from cpu.h
>
>> /* Since this macro is used a lot in hot code paths and in conjunction
>> with
>>  * FooCPU *foo_env_get_cpu(), we deviate from usual QOM practice by using
>>  * an unchecked cast.
>>  */
>> #define CPU(obj) ((CPUState *)(obj))
>
> Given the present definition of CPU() this change seems like a step
> backwards in terms of safety as mis-use won't be caught at compile or
> runtime.  I'll change it anyway.

The idea is that all code should use the QOM cast macros.
At the moment we have a special case for CPU() because it's
a hot path; in future we might be able to improve the speed of
the cast checking to the point where we can reinstate it.

thanks
-- PMM

Re: [Qemu-devel] [Qemu-arm] command line args for qemu-test image

[Peter Maydell]

On 27 December 2015 at 23:48, John Davis  wrote:
> Hello
>
> I am trying to test my build from source to see if I have a working
> qemu-system-arm build.  I pulled the test image from this page:
> http://wiki.qemu.org/Testing
>
> It has a readme in the archive which says to use this syntax
> ./qemu-system-arm -kernel zImage.integrator -initrd arm_root.img
> but when I run it I do not get a console.  The version of qemu I am using
> requires a -M option and I have  tried some of the available options
> but none work.

You want -M integratorcp.

thanks
-- PMM

Re: [Qemu-devel] [Qemu-arm] [PATCH v2 06/26] armv7m: fix I and F flag handling

[Peter Maydell]

On 28 December 2015 at 01:59, Michael Davidsaver  wrote:
> On 12/17/2015 10:18 AM, Peter Maydell wrote:
>> because the function you're calling here is in armv7m_nvic.c,
>> which isn't compiled into the linux-user binary.
>
> Is there any reason to include the armv7m code in linux-user at all?

It's not a useful cpu for actual linux binaries, but
I believe there is some use of the linux-user target with
armv7m to test unprivileged bare-metal code, for instance
the gcc test suite. (This uses semihosting for test case
output I think.)

thanks
-- PMM

Re: [Qemu-devel] [PATCH v2 02/26] armv7m: Undo armv7m.hack

[Peter Maydell]

On 27 December 2015 at 20:22, Michael Davidsaver  wrote:
> On 12/17/2015 10:38 AM, Peter Maydell wrote:
>> On 3 December 2015 at 00:18, Michael Davidsaver  
>> wrote:
>>> Add CPU unassigned access handler in place of special
>>> MemoryRegion to catch exception returns.
>>>
>>> The unassigned handler will signal other faults as either
>>> prefetch or data exceptions, with the FSR code 0x8 to
>>> distinguish them from memory translation faults (0xd).
>>> Future code will make use of this distinction when
>>> deciding to raise BusFault or MemManage exceptions.
>> This patch breaks my Stellaris test image -- instead of starting
>> it just sits there with a black screen.
>>
>> I've put a copy of that test image up at
>>   http://people.linaro.org/~peter.maydell/stellaris.tgz
>> You can run it with path/to/stellaris/runme path/to/qemu-system-arm .
>
> There were several issues.  Two bugs (wrong IRQ enabled and systick not
> enabled) and a "feature" (access to unimplemented registers for a PWM
> controller is now a BusFault).
>
> As a workaround for the "feature" I add a low priority MemoryRegion from
> 0x4000 -> 0x40ff which completes all reads with zero and logs.
> Please advise on how this should be handled.

We should probably at least identify what particular devices are
supposed to be here and put in dummy versions, rather than just
having a single memory region which does RAZ/WI.

> With these changes both test programs appear to run correctly, although
> the http server example has painfully slow load times and seems to hit
> an out of memory condition if I look at it wrong.  Is this expected?
> (and the blub on the buttons page about "xml technology" is priceless)

I don't run the HTTP example often. The basic requirement is
"should not get any worse as a result of the patchset". Problems
that were already there before need not be addressed.

>>> @@ -294,19 +313,9 @@ static bool arm_v7m_cpu_exec_interrupt(CPUState *cs, 
>>> int interrupt_request)
>>>  cc->do_interrupt(cs);
>>>  ret = true;
>>>  }
>>> -/* ARMv7-M interrupt return works by loading a magic value
>>> - * into the PC.  On real hardware the load causes the
>>> - * return to occur.  The qemu implementation performs the
>>> - * jump normally, then does the exception return when the
>>> - * CPU tries to execute code at the magic address.
>>> - * This will cause the magic PC value to be pushed to
>>> - * the stack if an interrupt occurred at the wrong time.
>>> - * We avoid this by disabling interrupts when
>>> - * pc contains a magic address.
>>> - */
>>>  if (interrupt_request & CPU_INTERRUPT_HARD
>>>  && !(env->daif & PSTATE_I)
>>> -&& (env->regs[15] < 0xfff0)) {
>>> +) {
>> Can we really drop this change? The thing it's guarding against
>> (interrupt comes in while the PC is this not-really-an-address
>> value) can still happen whether we catch the attempt to execute
>> in translate.c or via the unassigned-access hook.
>
> I don't think the M-profile case in gen_intermediate_code() in
> translate.c can ever be reached without first hitting the unassigned
> memory handler.  Before the code can be translated, the page containing
> it must be loaded.  Such loads no longer succeed.

Yes, but the code you've deleted here may be called after
we have set the PC to a magic value but before we have tried
to do the address load for it:
 1 translation block A (with the pop or ldm) sets PC to
   0xfffx, and execution leaves this TB and returns to
   the top level loop
 2 normally, we would then try to execute at the magic address,
   which would result in our trying to translate a TB for that
   address, which immediately causes us to run the code in the
   unassigned-access hook. That will cause the PC to be set
   to the appropriate value for having returned from the
   interrupt handler
 3 however, it is possible that an interrupt has been raised
   which means that between steps 1 and 2 we will say "actually,
   need to take an interrupt now". Since between steps 1 and 2
   the value in env->regs[15] is the magic 0xfffx value,
   we will end up stacking the magic value as part of the
   interrupt entry process. This is wrong, and the reason for
   the condition above is to avoid this problem.

Changing the handling of "PC == magic value" from translate.c
to the unassigned-access hook does not close the window where
env->regs[15] is a value the guest should not see as an
interrupted PC.

thanks
-- PMM

Re: [Qemu-devel] [PATCH v2 05/26] armv7m: add armv7m_excp_running_prio()

[Peter Maydell]

On 27 December 2015 at 20:56, Michael Davidsaver  wrote:
> On 12/17/2015 09:36 AM, Peter Maydell wrote:
>> On 3 December 2015 at 00:18, Michael Davidsaver  
>> wrote:
>>> Implements v7m exception priority algorithm
>>> using FAULTMASK, PRIMASK, BASEPRI, and the highest
>>> priority active exception.
>>>
>>> The number returned is the current execution priority
>>> which may be in the range [-2,0x7f] when an exception is active
>>> or 0x100 when no exception is active.
>>> ---
>>>  hw/intc/armv7m_nvic.c | 25 +
>>>  target-arm/cpu.h  |  1 +
>>>  2 files changed, 26 insertions(+)
>>>
>>> diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
>>> index 6fc167e..0145ca7 100644
>>> --- a/hw/intc/armv7m_nvic.c
>>> +++ b/hw/intc/armv7m_nvic.c
>>> @@ -18,6 +18,8 @@
>>>
>>>  typedef struct {
>>>  GICState gic;
>>> +uint8_t prigroup;
>>> +
>>>  struct {
>>>  uint32_t control;
>>>  uint32_t reload;
>>> @@ -116,6 +118,29 @@ static void systick_reset(nvic_state *s)
>>>  timer_del(s->systick.timer);
>>>  }
>>>
>>> +/* @returns the active (running) exception priority.
>>> + *only a higher (numerically lower) priority can preempt.
>>> + */
>>> +int armv7m_excp_running_prio(ARMCPU *cpu)
>>> +{
>>> +CPUARMState *env = >env;
>>> +nvic_state *s = env->nvic;
>>> +int running;
>>> +
>>> +if (env->daif & PSTATE_F) { /* FAULTMASK */
>>> +running = -1;
>>> +} else if (env->daif & PSTATE_I) { /* PRIMASK */
>>> +running = 0;
>>> +} else if (env->v7m.basepri > 0) {
>>> +/* BASEPRI==1 -> masks [1,255] (not same as PRIMASK==1) */
>>> +running = env->v7m.basepri >> (s->prigroup+1);
>> This isn't right -- the effect of PRIGROUP is that we mask
>> out the lower (subgroup) bits, but the upper group bits stay
>> where they are rather than shifting down.
>>
>> So you want env->v7m.basepri & ~((1 << (s->prigroup + 1)) - 1);
>>
>> (the same mask you need to get the group priority for
>> an interrupt).
>
> I don't know about "right", but it is consistent with how the
> .prio_group field is now handled in the nvic.  So I think the final
> behavior is as specified.

The v7M ARM ARM is the authoritative source for "what is the
right behaviour", and the pseudocode is I think fairly clear
about how BASEPRI affects the running priority. If the current
NVIC code is handling BASEPRI wrongly that's a bug in the NVIC
code.

> There is no functional reason that I do this.  I just think it makes the
> DPRINTF messages easier to interpret.  If you feel strongly I can change
> this.

You need to get the right value here because otherwise we won't
be implementing the spec correctly.

thanks
-- PMM

Re: [Qemu-devel] [Qemu-arm] v7m reset vs rom loading ordering

[Peter Maydell]

(You forgot to cc qemu-devel, which meant this message got hung
up in the "people who haven't posted to qemu-arm yet end up in
the semi-automatic moderation" machinery, and nobody saw it because
there was no qemu-devel cc.)

On 26 December 2015 at 19:07, Dr. David Alan Gilbert  wrote:
> Hi,
>   I'm having problems with the v7m reset code happening before the loading
> of the ROM code, and hence getting the wrong starting location.
> I'm using the stm32f205 model (modified to take an m4 and change the
> sizes of ram/flash for the 401), with a board that's the same as the
> netduino. It has the stm's internal flash and an alias for that flash at
> address 0.

> I seem to be ending up on the bottom half of this (because of the alias?)
> and it ends up loading both 0, even though I can see load_elf has already
> been called.

This does AFAICT work for the stellaris boards, though it's all an
ugly hack for the fact we don't have a nice way to say "this happens
when the CPU comes out of reset" (and also no nice way for that to
interact with an attached debugger). I don't think that rom_ptr()
cares about whether the memory it's going to put the ROM into is an
alias or not, so that is probably a red herring.

> The reset gets called after the realize triggered in the netduino board's
> init function; but all that happens before the rom_check_and_register_reset
> is called and gets the ROM data in the right place.
>
> In Michael's world he has the extra comment (from 'remove extra cpu_reset'):
> +/* Realizing cpu calls cpu_reset(), which must have rom image
> + * already mapped to find the correct entry point.
> + */
>
> so it sounds like the same problem, even in his world.
> (I've hit this both on head and head with Michael's patches from the
> start of December applied).

You shouldn't need to care about intermediate resets that happen at
realize time, because vl.c will do a system reset which should
include resetting the CPU and this should happen after the ROMs are
all properly present.

> I've bodged around this by adding a call to arm_load_kernel to armv7m_realize
> so that the arm reset handler is called and then doing a system_reset
> after I get to the hmp; but obviously that's not the fix.

Why does the system_reset from hmp work but the one done by vl.c
after machine creation not?

thanks
-- PMM

[Qemu-devel] [PATCH] send readcapacity10 when readcapacity16 failed

[Zhu Lingshan]

When play with Dell MD3000 target, for sure it
is a TYPE_DISK, but readcapacity16 would fail.
Then we find that readcapacity10 succeeded. It
looks like the target just support readcapacity10
even through it is a TYPE_DISK or have some
TYPE_ROM characteristics.

This patch can give a chance to send
readcapacity16 when readcapacity10 failed.
This patch is not harmful to original pathes

Signed-off-by: Zhu Lingshan 
---
 block/iscsi.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/block/iscsi.c b/block/iscsi.c
index bd1f1bf..c8d167f 100644
--- a/block/iscsi.c
+++ b/block/iscsi.c
@@ -1243,8 +1243,9 @@ static void iscsi_readcapacity_sync(IscsiLun *iscsilun, 
Error **errp)
 iscsilun->lbprz = !!rc16->lbprz;
 iscsilun->use_16_for_rw = (rc16->returned_lba > 
0x);
 }
+break;
 }
-break;
+//fall through to try readcapacity10 instead
 case TYPE_ROM:
 task = iscsi_readcapacity10_sync(iscsilun->iscsi, iscsilun->lun, 
0, 0);
 if (task != NULL && task->status == SCSI_STATUS_GOOD) {
-- 
2.6.2

[Qemu-devel] [Bug 1529764] [NEW] No video output with the official Windows XP VMWare VGA driver

[T-artem]

Public bug reported:

Steps to reproduce:

1) Set -vga to vmware
2) Install Windows XP SP3
3) Install VGA drivers from 
http://packages.vmware.com/tools/releases/latest/windows/x86/VMware-tools-windows-10.0.5-3227872.iso

Result: completely black screen (even after F8 -> use VGA mode).

** Affects: qemu
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1529764

Title:
  No video output with the official Windows XP VMWare VGA driver

Status in QEMU:
  New

Bug description:
  Steps to reproduce:

  1) Set -vga to vmware
  2) Install Windows XP SP3
  3) Install VGA drivers from 
http://packages.vmware.com/tools/releases/latest/windows/x86/VMware-tools-windows-10.0.5-3227872.iso

  Result: completely black screen (even after F8 -> use VGA mode).

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1529764/+subscriptions

[Qemu-devel] [Bug 1255303] Re: ALSA underruns occurr when using QEMU

[T-artem]

Qemu: 2.5

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1255303

Title:
  ALSA underruns occurr when using QEMU

Status in QEMU:
  New

Bug description:
  I'm running QEMU 1.6.1 on a 64-bit Gentoo Linux system. The guest
  operating system is Windows 7 32-bit. I get multiple identical warning
  messages when using the ac97 or hda sound cards:

  > ALSA lib /var/tmp/portage/media-libs/alsa-lib-1.0.27.2/work/alsa-
  lib-1.0.27.2/src/pcm/pcm.c:7843:(snd_pcm_recover) underrun occurred

  The difference between ac97 and hda is that the former works well,
  while the latter causes the sound to be garbled.

  /var/tmp/portage is the directory where Portage, the Gentoo package
  manager, builds programs. I don't know why it is mentioned in the
  error message.

  I also don't know if this is an ALSA problem or a QEMU problem.

  The command I use is:

  > qemu-system-i386 -cpu host -m 1G -k it -drive
  file=~/QEMU/Windows_7_Privato.qcow2,media=disk,index=0 -vga std -net
  nic -net user -enable-kvm -display sdl -soundhw ac97 -device usb-
  ehci,id=ehci -usb -rtc base=localtime -usbdevice tablet

  My real sound card is an Intel HD Audio:

  > lspci | grep "Audio device"

  > 00:1b.0 Audio device: Intel Corporation 82801I (ICH9 Family) HD
  Audio Controller (rev 02)

  Please tell me if you need other informations.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1255303/+subscriptions

[Qemu-devel] [Bug 1255303] Re: ALSA underruns occurr when using QEMU

[T-artem]

More info:

Host: Linux 4.3.3 vanilla/CentOS 6.7 i686
ALSA: alsa-lib-1.0.22-3.el6.i686

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1255303

Title:
  ALSA underruns occurr when using QEMU

Status in QEMU:
  New

Bug description:
  I'm running QEMU 1.6.1 on a 64-bit Gentoo Linux system. The guest
  operating system is Windows 7 32-bit. I get multiple identical warning
  messages when using the ac97 or hda sound cards:

  > ALSA lib /var/tmp/portage/media-libs/alsa-lib-1.0.27.2/work/alsa-
  lib-1.0.27.2/src/pcm/pcm.c:7843:(snd_pcm_recover) underrun occurred

  The difference between ac97 and hda is that the former works well,
  while the latter causes the sound to be garbled.

  /var/tmp/portage is the directory where Portage, the Gentoo package
  manager, builds programs. I don't know why it is mentioned in the
  error message.

  I also don't know if this is an ALSA problem or a QEMU problem.

  The command I use is:

  > qemu-system-i386 -cpu host -m 1G -k it -drive
  file=~/QEMU/Windows_7_Privato.qcow2,media=disk,index=0 -vga std -net
  nic -net user -enable-kvm -display sdl -soundhw ac97 -device usb-
  ehci,id=ehci -usb -rtc base=localtime -usbdevice tablet

  My real sound card is an Intel HD Audio:

  > lspci | grep "Audio device"

  > 00:1b.0 Audio device: Intel Corporation 82801I (ICH9 Family) HD
  Audio Controller (rev 02)

  Please tell me if you need other informations.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1255303/+subscriptions

[Qemu-devel] ping Re: [PATCH v12] block/raw-posix.c: Make physical devices usable in QEMU under Mac OS X host

[Programmingkid]

I do realize you are busy Kevin, but I would
appreciate knowing my patch is in line 
for review.

https://patchwork.ozlabs.org/patch/555945/

On Dec 11, 2015, at 10:27 PM, Programmingkid wrote:

> Mac OS X can be picky when it comes to allowing the user
> to use physical devices in QEMU. Most mounted volumes
> appear to be off limits to QEMU. If an issue is detected,
> a message is displayed showing the user how to unmount a
> volume. Now QEMU uses both CD and DVD media.
> 
> Signed-off-by: John Arbuckle 
> 
> ---
> Removed mediaType parameter from FindEjectableOpticalMedia().
> Added goto statements to hdev_open.
> Replaced snprintf() with g_strdup() in FindEjectableOpticalMedia().
> Put back return statement in hdev_open for Linux compatibility.
> 
> block/raw-posix.c |  163 -
> 1 files changed, 124 insertions(+), 39 deletions(-)
> 
> diff --git a/block/raw-posix.c b/block/raw-posix.c
> index d9162fd..82e8e62 100644
> --- a/block/raw-posix.c
> +++ b/block/raw-posix.c
> @@ -43,6 +43,7 @@
> #include 
> #include 
> //#include 
> +#include 
> #include 
> #endif
> 
> @@ -1975,33 +1976,46 @@ BlockDriver bdrv_file = {
> /* host device */
> 
> #if defined(__APPLE__) && defined(__MACH__)
> -static kern_return_t FindEjectableCDMedia( io_iterator_t *mediaIterator );
> static kern_return_t GetBSDPath(io_iterator_t mediaIterator, char *bsdPath,
>CFIndex maxPathSize, int flags);
> -kern_return_t FindEjectableCDMedia( io_iterator_t *mediaIterator )
> +static char *FindEjectableOpticalMedia(io_iterator_t *mediaIterator)
> {
> -kern_return_t   kernResult;
> +kern_return_t kernResult = KERN_FAILURE;
>mach_port_t masterPort;
>CFMutableDictionaryRef  classesToMatch;
> +const char *matching_array[] = {kIODVDMediaClass, kIOCDMediaClass};
> +char *mediaType = NULL;
> 
>kernResult = IOMasterPort( MACH_PORT_NULL,  );
>if ( KERN_SUCCESS != kernResult ) {
>printf( "IOMasterPort returned %d\n", kernResult );
>}
> 
> -classesToMatch = IOServiceMatching( kIOCDMediaClass );
> -if ( classesToMatch == NULL ) {
> -printf( "IOServiceMatching returned a NULL dictionary.\n" );
> -} else {
> -CFDictionarySetValue( classesToMatch, CFSTR( kIOMediaEjectableKey ), 
> kCFBooleanTrue );
> -}
> -kernResult = IOServiceGetMatchingServices( masterPort, classesToMatch, 
> mediaIterator );
> -if ( KERN_SUCCESS != kernResult )
> -{
> -printf( "IOServiceGetMatchingServices returned %d\n", kernResult );
> -}
> +int index;
> +for (index = 0; index < ARRAY_SIZE(matching_array); index++) {
> +classesToMatch = IOServiceMatching(matching_array[index]);
> +if (classesToMatch == NULL) {
> +error_report("IOServiceMatching returned NULL for %s",
> + matching_array[index]);
> +continue;
> +}
> +CFDictionarySetValue(classesToMatch, CFSTR(kIOMediaEjectableKey),
> + kCFBooleanTrue);
> +kernResult = IOServiceGetMatchingServices(masterPort, classesToMatch,
> +  mediaIterator);
> +if (kernResult != KERN_SUCCESS) {
> +error_report("Note: IOServiceGetMatchingServices returned %d",
> + kernResult);
> +}
> 
> -return kernResult;
> +/* If a match was found, leave the loop */
> +if (*mediaIterator != 0) {
> +DPRINTF("Matching using %s\n", matching_array[index]);
> +mediaType = g_strdup(matching_array[index]);
> +break;
> +}
> +}
> +return mediaType;
> }
> 
> kern_return_t GetBSDPath(io_iterator_t mediaIterator, char *bsdPath,
> @@ -2033,7 +2047,35 @@ kern_return_t GetBSDPath(io_iterator_t mediaIterator, 
> char *bsdPath,
>return kernResult;
> }
> 
> -#endif
> +/* Sets up a real cdrom for use in QEMU */
> +static bool setup_cdrom(char *bsd_path, Error **errp)
> +{
> +int index, num_of_test_partitions = 2, fd;
> +char test_partition[MAXPATHLEN];
> +bool partition_found = false;
> +
> +/* look for a working partition */
> +for (index = 0; index < num_of_test_partitions; index++) {
> +snprintf(test_partition, sizeof(test_partition), "%ss%d", bsd_path,
> + index);
> +fd = qemu_open(test_partition, O_RDONLY | O_BINARY | O_LARGEFILE);
> +if (fd >= 0) {
> +partition_found = true;
> +qemu_close(fd);
> +break;
> +}
> +}
> +
> +/* if a working partition on the device was not found */
> +if (partition_found == false) {
> +error_setg(errp, "Failed to find a working partition on disc");
> +} else {
> +DPRINTF("Using %s as optical disc\n", test_partition);
> +pstrcpy(bsd_path, MAXPATHLEN, test_partition);
> +}
> +return partition_found;

Re: [Qemu-devel] [RFC PATCH v2 00/10] Add colo-proxy based on netfilter

[Zhang Chen]

Hi~
Just a small ping...
No news for a week.
Colo proxy is a part of COLO project, we need review and comments.


Thanks
zhangchen


On 12/22/2015 06:42 PM, Zhang Chen wrote:

From: zhangchen 

Hi,all

This patch add an colo-proxy object, COLO-Proxy is a part of COLO,
based on qemu netfilter and it's a plugin for qemu netfilter. the function
keep Secondary VM connect normal to Primary VM and compare packets
sent by PVM to sent by SVM.if the packet difference,notify COLO do
checkpoint and send all primary packet has queued.

You can also get the series from:

https://github.com/zhangckid/qemu/tree/colo-v2.2-periodic-mode-with-colo-proxyV2

Usage:

primary:
-netdev tap,id=bn0 -device e1000,netdev=bn0
-object colo-proxy,id=f0,netdev=bn0,queue=all,mode=primary,addr=host:port

secondary:
-netdev tap,id=bn0 -device e1000,netdev=bn0
-object colo-proxy,id=f0,netdev=bn0,queue=all,mode=secondary,addr=host:port

NOTE:
queue must set "all". See enum NetFilterDirection for detail.
colo-proxy need queue all packets
colo-proxy V2 just can compare ip packet


## Background

COLO FT/HA (COarse-grain LOck-stepping Virtual Machines for Non-stop Service)
project is a high availability solution. Both Primary VM (PVM) and Secondary VM
(SVM) run in parallel. They receive the same request from client, and generate
responses in parallel too. If the response packets from PVM and SVM are
identical, they are released immediately. Otherwise, a VM checkpoint (on
demand)is conducted.

Paper:
http://www.socc2013.org/home/program/a3-dong.pdf?attredirects=0

COLO on Xen:
http://wiki.xen.org/wiki/COLO_-_Coarse_Grain_Lock_Stepping

COLO on Qemu/KVM:
http://wiki.qemu.org/Features/COLO

By the needs of capturing response packets from PVM and SVM and finding out
whether they are identical, we introduce a new module to qemu networking
called colo-proxy.

V2:
   rebase colo-proxy with qemu-colo-v2.2-periodic-mode
   fix dave's comments
   fix wency's comments
   fix zhanghailiang's comments

v1:
   initial patch.



zhangchen (10):
   Init colo-proxy object based on netfilter
   Jhash: add linux kernel jhashtable in qemu
   Colo-proxy: add colo-proxy framework
   Colo-proxy: add data structure and jhash func
   net/colo-proxy: Add colo interface to use proxy
   net/colo-proxy: add socket used by forward func
   net/colo-proxy: Add packet enqueue & handle func
   net/colo-proxy: Handle packet and connection
   net/colo-proxy: Compare pri pkt to sec pkt
   net/colo-proxy: Colo-proxy do checkpoint and clear

  include/qemu/jhash.h |  61 
  net/Makefile.objs|   1 +
  net/colo-proxy.c | 939 +++
  net/colo-proxy.h |  24 ++
  qemu-options.hx  |   6 +
  trace-events |   8 +
  vl.c |   3 +-
  7 files changed, 1041 insertions(+), 1 deletion(-)
  create mode 100644 include/qemu/jhash.h
  create mode 100644 net/colo-proxy.c
  create mode 100644 net/colo-proxy.h



--
Thanks
zhangchen

Re: [Qemu-devel] [RFC PATCH v2 00/10] Add colo-proxy based on netfilter

[Zhang Chen]

On 12/29/2015 02:58 PM, Jason Wang wrote:


On 12/29/2015 02:31 PM, Zhang Chen wrote:

Hi~
Just a small ping...
No news for a week.
Colo proxy is a part of COLO project, we need review and comments.


Thanks
zhangchen

Hi, will find sometime to review this this week.

Thanks


Thanks very much for your help~~



On 12/22/2015 06:42 PM, Zhang Chen wrote:

From: zhangchen 

Hi,all

This patch add an colo-proxy object, COLO-Proxy is a part of COLO,
based on qemu netfilter and it's a plugin for qemu netfilter. the
function
keep Secondary VM connect normal to Primary VM and compare packets
sent by PVM to sent by SVM.if the packet difference,notify COLO do
checkpoint and send all primary packet has queued.

You can also get the series from:

https://github.com/zhangckid/qemu/tree/colo-v2.2-periodic-mode-with-colo-proxyV2


Usage:

primary:
-netdev tap,id=bn0 -device e1000,netdev=bn0
-object
colo-proxy,id=f0,netdev=bn0,queue=all,mode=primary,addr=host:port

secondary:
-netdev tap,id=bn0 -device e1000,netdev=bn0
-object
colo-proxy,id=f0,netdev=bn0,queue=all,mode=secondary,addr=host:port

NOTE:
queue must set "all". See enum NetFilterDirection for detail.
colo-proxy need queue all packets
colo-proxy V2 just can compare ip packet


## Background

COLO FT/HA (COarse-grain LOck-stepping Virtual Machines for Non-stop
Service)
project is a high availability solution. Both Primary VM (PVM) and
Secondary VM
(SVM) run in parallel. They receive the same request from client, and
generate
responses in parallel too. If the response packets from PVM and SVM are
identical, they are released immediately. Otherwise, a VM checkpoint (on
demand)is conducted.

Paper:
http://www.socc2013.org/home/program/a3-dong.pdf?attredirects=0

COLO on Xen:
http://wiki.xen.org/wiki/COLO_-_Coarse_Grain_Lock_Stepping

COLO on Qemu/KVM:
http://wiki.qemu.org/Features/COLO

By the needs of capturing response packets from PVM and SVM and
finding out
whether they are identical, we introduce a new module to qemu networking
called colo-proxy.

V2:
rebase colo-proxy with qemu-colo-v2.2-periodic-mode
fix dave's comments
fix wency's comments
fix zhanghailiang's comments

v1:
initial patch.



zhangchen (10):
Init colo-proxy object based on netfilter
Jhash: add linux kernel jhashtable in qemu
Colo-proxy: add colo-proxy framework
Colo-proxy: add data structure and jhash func
net/colo-proxy: Add colo interface to use proxy
net/colo-proxy: add socket used by forward func
net/colo-proxy: Add packet enqueue & handle func
net/colo-proxy: Handle packet and connection
net/colo-proxy: Compare pri pkt to sec pkt
net/colo-proxy: Colo-proxy do checkpoint and clear

   include/qemu/jhash.h |  61 
   net/Makefile.objs|   1 +
   net/colo-proxy.c | 939
+++
   net/colo-proxy.h |  24 ++
   qemu-options.hx  |   6 +
   trace-events |   8 +
   vl.c |   3 +-
   7 files changed, 1041 insertions(+), 1 deletion(-)
   create mode 100644 include/qemu/jhash.h
   create mode 100644 net/colo-proxy.c
   create mode 100644 net/colo-proxy.h




.



--
Thanks
zhangchen

[Qemu-devel] [PATCH COLO-Frame v13 19/39] COLO: Add checkpoint-delay parameter for migrate-set-parameters

[zhanghailiang]

Add checkpoint-delay parameter for migrate-set-parameters, so that
we can control the checkpoint frequency when COLO is in periodic mode.

Cc: Luiz Capitulino 
Cc: Eric Blake 
Cc: Markus Armbruster 
Signed-off-by: zhanghailiang 
Signed-off-by: Li Zhijian 
Reviewed-by: Dr. David Alan Gilbert 
---
v12:
- Change checkpoint-delay to x-checkpoint-delay (Dave's suggestion)
- Add Reviewed-by tag
v11:
- Move this patch ahead of the patch where uses 'checkpoint_delay'
 (Dave's suggestion)
v10:
- Fix related qmp command
---
 hmp.c |  7 +++
 migration/migration.c | 24 +++-
 qapi-schema.json  | 19 ---
 qmp-commands.hx   |  4 ++--
 4 files changed, 48 insertions(+), 6 deletions(-)

diff --git a/hmp.c b/hmp.c
index c2b2c16..96ae722 100644
--- a/hmp.c
+++ b/hmp.c
@@ -284,6 +284,9 @@ void hmp_info_migrate_parameters(Monitor *mon, const QDict 
*qdict)
 monitor_printf(mon, " %s: %" PRId64,
 
MigrationParameter_lookup[MIGRATION_PARAMETER_X_CPU_THROTTLE_INCREMENT],
 params->x_cpu_throttle_increment);
+monitor_printf(mon, " %s: %" PRId64,
+MigrationParameter_lookup[MIGRATION_PARAMETER_X_CHECKPOINT_DELAY],
+params->x_checkpoint_delay);
 monitor_printf(mon, "\n");
 }
 
@@ -1245,6 +1248,7 @@ void hmp_migrate_set_parameter(Monitor *mon, const QDict 
*qdict)
 bool has_decompress_threads = false;
 bool has_x_cpu_throttle_initial = false;
 bool has_x_cpu_throttle_increment = false;
+bool has_x_checkpoint_delay = false;
 int i;
 
 for (i = 0; i < MIGRATION_PARAMETER__MAX; i++) {
@@ -1264,6 +1268,8 @@ void hmp_migrate_set_parameter(Monitor *mon, const QDict 
*qdict)
 break;
 case MIGRATION_PARAMETER_X_CPU_THROTTLE_INCREMENT:
 has_x_cpu_throttle_increment = true;
+case MIGRATION_PARAMETER_X_CHECKPOINT_DELAY:
+has_x_checkpoint_delay = true;
 break;
 }
 qmp_migrate_set_parameters(has_compress_level, value,
@@ -1271,6 +1277,7 @@ void hmp_migrate_set_parameter(Monitor *mon, const QDict 
*qdict)
has_decompress_threads, value,
has_x_cpu_throttle_initial, value,
has_x_cpu_throttle_increment, value,
+   has_x_checkpoint_delay, value,
);
 break;
 }
diff --git a/migration/migration.c b/migration/migration.c
index b2c07c6..ab70f08 100644
--- a/migration/migration.c
+++ b/migration/migration.c
@@ -56,6 +56,11 @@
 /* Migration XBZRLE default cache size */
 #define DEFAULT_MIGRATE_CACHE_SIZE (64 * 1024 * 1024)
 
+/* The delay time (in ms) between two COLO checkpoints
+ * Note: Please change this default value to 1 when we support hybrid mode.
+ */
+#define DEFAULT_MIGRATE_X_CHECKPOINT_DELAY 200
+
 static NotifierList migration_state_notifiers =
 NOTIFIER_LIST_INITIALIZER(migration_state_notifiers);
 
@@ -91,6 +96,8 @@ MigrationState *migrate_get_current(void)
 DEFAULT_MIGRATE_X_CPU_THROTTLE_INITIAL,
 .parameters[MIGRATION_PARAMETER_X_CPU_THROTTLE_INCREMENT] =
 DEFAULT_MIGRATE_X_CPU_THROTTLE_INCREMENT,
+.parameters[MIGRATION_PARAMETER_X_CHECKPOINT_DELAY] =
+DEFAULT_MIGRATE_X_CHECKPOINT_DELAY,
 };
 
 if (!once) {
@@ -530,6 +537,8 @@ MigrationParameters *qmp_query_migrate_parameters(Error 
**errp)
 s->parameters[MIGRATION_PARAMETER_X_CPU_THROTTLE_INITIAL];
 params->x_cpu_throttle_increment =
 s->parameters[MIGRATION_PARAMETER_X_CPU_THROTTLE_INCREMENT];
+params->x_checkpoint_delay =
+s->parameters[MIGRATION_PARAMETER_X_CHECKPOINT_DELAY];
 
 return params;
 }
@@ -736,7 +745,10 @@ void qmp_migrate_set_parameters(bool has_compress_level,
 bool has_x_cpu_throttle_initial,
 int64_t x_cpu_throttle_initial,
 bool has_x_cpu_throttle_increment,
-int64_t x_cpu_throttle_increment, Error **errp)
+int64_t x_cpu_throttle_increment,
+bool has_x_checkpoint_delay,
+int64_t x_checkpoint_delay,
+Error **errp)
 {
 MigrationState *s = migrate_get_current();
 
@@ -771,6 +783,11 @@ void qmp_migrate_set_parameters(bool has_compress_level,
"x_cpu_throttle_increment",
"an integer in the range of 1 to 99");
 }
+if (has_x_checkpoint_delay && (x_checkpoint_delay < 0)) {
+error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
+

[Qemu-devel] [PATCH COLO-Frame v13 00/39] COarse-grain LOck-stepping(COLO) Virtual Machines for Non-stop Service (FT)

[zhanghailiang]

This is the 13th version of COLO (Still only support periodic checkpoint).

Here is only COLO frame part, you can get the whole codes from github:
https://github.com/coloft/qemu/commits/colo-v2.4-periodic-mode

Please ignore patch 4 ~ 5 which have been picked by Dave into another series.

Test procedure:
1. Startup qemu
Primary side:
#x86_64-softmmu/qemu-system-x86_64 -enable-kvm -boot c -m 2048 -smp 2 -qmp 
stdio -vnc :7 -name primary -cpu qemu64,+kvmclock -device piix3-usb-uhci 
-device usb-tablet -netdev tap,id=hn0,vhost=off -device 
virtio-net-pci,id=net-pci0,netdev=hn0 -drive 
if=virtio,id=colo-disk0,driver=quorum,read-pattern=fifo,vote-threshold=1,children.0.file.filename=/mnt/sdd/pure_IMG/linux/redhat/rhel_6.5_64_2U_ide,children.0.driver=raw
Secondary side:
#x86_64-softmmu/qemu-system-x86_64 -boot c -m 2048 -smp 2 -qmp stdio -vnc :7 
-name secondary -enable-kvm -cpu qemu64,+kvmclock -device piix3-usb-uhci 
-device usb-tablet -netdev tap,id=hn0,vhost=off -device 
virtio-net-pci,id=net-pci0,netdev=hn0 -drive 
if=none,id=colo-disk0,file.filename=/mnt/sdd/pure_IMG/linux/redhat/rhel_6.5_64_2U_ide,driver=raw,node-name=node0
 -drive 
if=virtio,id=active-disk0,throttling.bps-total=7000,driver=replication,mode=secondary,file.driver=qcow2,file.file.filename=/mnt/ramfs/active_disk.img,file.backing.driver=qcow2,file.backing.file.filename=/mnt/ramfs/hidden_disk.img,file.backing.backing=colo-disk0
 -incoming tcp:0:
2. On Secondary VM's QEMU monitor, issue command
{'execute':'qmp_capabilities'}
{'execute': 'nbd-server-start', 'arguments': {'addr': {'type': 'inet', 'data': 
{'host': '192.168.2.88', 'port': '8889'} } } }
{'execute': 'nbd-server-add', 'arguments': {'device': 'colo-disk0', 'writable': 
true } }
{'execute': 'trace-event-set-state', 'arguments': {'name': 'colo*', 'enable': 
true} }

3. On Primary VM's QEMU monitor, issue command:
{'execute':'qmp_capabilities'}
{'execute': 'human-monitor-command', 'arguments': {'command-line': 'drive_add 
buddy 
driver=replication,mode=primary,file.driver=nbd,file.host=9.61.1.7,file.port=8889,file.export=colo-disk0,node-name=node0,if=none'}}
{'execute':'x-blockdev-change', 'arguments':{'parent': 'colo-disk0', 'node': 
'node0' } }
{'execute': 'migrate-set-capabilities', 'arguments': {'capabilities': [ 
{'capability': 'x-colo', 'state': true } ] } }
{'execute': 'migrate', 'arguments': {'uri': 'tcp:192.168.2.88:' } }

4. After the above steps, you will see, whenever you make changes to PVM, SVM 
will be synced.
You can by issue command '{ "execute": "migrate-set-parameters" , "arguments":{ 
"x-checkpoint-delay": 2000 } }'
to change the checkpoint period time.

5. Failover test
You can kill Primary VM and run 'x_colo_lost_heartbeat' in Secondary VM's
monitor at the same time, then SVM will failover and client will not feel this 
change.

Before issuing '{ "execute": "x-colo-lost-heartbeat" }' command, we have to
issue block related command to stop block replication.
Primary:
  Remove the nbd child from the quorum:
  { 'execute': 'x-blockdev-change', 'arguments': {'parent': 'colo-disk0', 
'child': 'children.1'}}
  Note: there is no qmp command to remove the blockdev now

Secondary:
  The primary host is down, so we should do the following thing:
  { 'execute': 'nbd-server-stop' }

Please review, thanks.

TODO:
1. Checkpoint based on proxy in qemu
2. The capability of continuous FT
3. Optimize the VM's downtime during checkpoint

v13:
 - Refactor colo_*_cmd helper functions to use 'Error **errp' parameter
  instead of return value to indicate success or failure. (patch 10)
 - Remove the optional error message for COLO_EXIT event. (patch 25)
 - Use semaphore to notify colo/colo incoming loop that failover work is
   finished. (patch 26)
 - Move COLO shutdown related codes to colo.c file. (patch 28)
 - Fix memory leak bug for colo incoming loop. (new patch 31)
 - Re-use some existed helper functions to realize the process of
   saving/loading ram and device. (patch 32)
 - Fix some other comments from Dave and Markus.

v12:
 - Fix the bug that default buffer filter broken vhost-net.
 - Add an flag in struct NetFilterState to help skipping default
  filter for packets travelling through filter layer.
 - Remove the default failover treatment which may cause split-brain.
 - Rename checkpoint-delay to x-checkpoint-delay.
 - Check if all netdev supports default filter before going into COLO.
 - Reconstruct send/receive helper functions in patch 10.
 - Address serveral other comments from Dave 

v11:
 - Re-implement buffer/release packets based on filter-buffer according
   to Jason Wang's suggestion. (patch 34, patch 36 ~ patch 38)
 - Rebase master to re-use some stuff introduced by post-copy.
 - Address several comments from Eric and Dave, the fixing record can
   be found in each patch.

v10:
 - Rename 'colo_lost_heartbeat' command to experimental 'x_colo_lost_heartbeat'
 - Rename migration capability 'colo' to 'x-colo' (Eric's suggestion)
 - Simplify the process of 

[Qemu-devel] [PATCH COLO-Frame v13 01/39] configure: Add parameter for configure to enable/disable COLO support

[zhanghailiang]

configure --enable-colo/--disable-colo to switch COLO
support on/off.
COLO support is On by default.

Signed-off-by: zhanghailiang 
Signed-off-by: Li Zhijian 
Signed-off-by: Gonglei 
Reviewed-by: Dr. David Alan Gilbert 
---
v11:
- Turn COLO on in default (Eric's suggestion)
---
 configure | 11 +++
 1 file changed, 11 insertions(+)

diff --git a/configure b/configure
index 83b40fc..f9e021a 100755
--- a/configure
+++ b/configure
@@ -260,6 +260,7 @@ xfs=""
 vhost_net="no"
 vhost_scsi="no"
 kvm="no"
+colo="yes"
 rdma=""
 gprof="no"
 debug_tcg="no"
@@ -939,6 +940,10 @@ for opt do
   ;;
   --enable-kvm) kvm="yes"
   ;;
+  --disable-colo) colo="no"
+  ;;
+  --enable-colo) colo="yes"
+  ;;
   --disable-tcg-interpreter) tcg_interpreter="no"
   ;;
   --enable-tcg-interpreter) tcg_interpreter="yes"
@@ -1362,6 +1367,7 @@ disabled with --disable-FEATURE, default is enabled if 
available:
   fdt fdt device tree
   bluez   bluez stack connectivity
   kvm KVM acceleration support
+  coloCOarse-grain LOck-stepping VM for Non-stop Service
   rdmaRDMA-based migration support
   uuiduuid support
   vde support for vde network
@@ -4804,6 +4810,7 @@ echo "Linux AIO support $linux_aio"
 echo "ATTR/XATTR support $attr"
 echo "Install blobs $blobs"
 echo "KVM support   $kvm"
+echo "COLO support  $colo"
 echo "RDMA support  $rdma"
 echo "TCG interpreter   $tcg_interpreter"
 echo "fdt support   $fdt"
@@ -5396,6 +5403,10 @@ if have_backend "ftrace"; then
 fi
 echo "CONFIG_TRACE_FILE=$trace_file" >> $config_host_mak
 
+if test "$colo" = "yes"; then
+  echo "CONFIG_COLO=y" >> $config_host_mak
+fi
+
 if test "$rdma" = "yes" ; then
   echo "CONFIG_RDMA=y" >> $config_host_mak
 fi
-- 
1.8.3.1

[Qemu-devel] [PATCH COLO-Frame v13 07/39] migration: Integrate COLO checkpoint process into loadvm

[zhanghailiang]

Switch from normal migration loadvm process into COLO checkpoint process if
COLO mode is enabled.
We add three new members to struct MigrationIncomingState, 
'have_colo_incoming_thread'
and 'colo_incoming_thread' record the colo related threads for secondary VM,
'migration_incoming_co' records the original migration incoming coroutine.

Signed-off-by: zhanghailiang 
Signed-off-by: Li Zhijian 
Reviewed-by: Dr. David Alan Gilbert 
---
v12:
- Add Reviewed-by tag
v11:
- We moved the place of bdrv_invalidate_cache_all(), but done the deleting work
  in other patch. Fix it.
- Add documentation for colo in 'MigrationStatus' (Eric's review comment)
v10:
- fix a bug about fd leak which is found by Dave.
---
 include/migration/colo.h  |  7 +++
 include/migration/migration.h |  7 +++
 migration/colo-comm.c | 10 ++
 migration/colo.c  | 22 ++
 migration/migration.c | 31 +--
 stubs/migration-colo.c| 10 ++
 6 files changed, 77 insertions(+), 10 deletions(-)

diff --git a/include/migration/colo.h b/include/migration/colo.h
index f462f06..2676c4a 100644
--- a/include/migration/colo.h
+++ b/include/migration/colo.h
@@ -15,6 +15,8 @@
 
 #include "qemu-common.h"
 #include "migration/migration.h"
+#include "qemu/coroutine_int.h"
+#include "qemu/thread.h"
 
 bool colo_supported(void);
 void colo_info_mig_init(void);
@@ -22,4 +24,9 @@ void colo_info_mig_init(void);
 void migrate_start_colo_process(MigrationState *s);
 bool migration_in_colo_state(void);
 
+/* loadvm */
+bool migration_incoming_enable_colo(void);
+void migration_incoming_exit_colo(void);
+void *colo_process_incoming_thread(void *opaque);
+bool migration_incoming_in_colo_state(void);
 #endif
diff --git a/include/migration/migration.h b/include/migration/migration.h
index 82dbb08..b5cda23 100644
--- a/include/migration/migration.h
+++ b/include/migration/migration.h
@@ -22,6 +22,7 @@
 #include "migration/vmstate.h"
 #include "qapi-types.h"
 #include "exec/cpu-common.h"
+#include "qemu/coroutine_int.h"
 
 #define QEMU_VM_FILE_MAGIC   0x5145564d
 #define QEMU_VM_FILE_VERSION_COMPAT  0x0002
@@ -106,6 +107,12 @@ struct MigrationIncomingState {
 void *postcopy_tmp_page;
 
 int state;
+
+bool have_colo_incoming_thread;
+QemuThread colo_incoming_thread;
+/* The coroutine we should enter (back) after failover */
+Coroutine *migration_incoming_co;
+
 /* See savevm.c */
 LoadStateEntry_Head loadvm_handlers;
 };
diff --git a/migration/colo-comm.c b/migration/colo-comm.c
index fb407e0..30df3d3 100644
--- a/migration/colo-comm.c
+++ b/migration/colo-comm.c
@@ -48,3 +48,13 @@ void colo_info_mig_init(void)
 {
 vmstate_register(NULL, 0, _state, _info);
 }
+
+bool migration_incoming_enable_colo(void)
+{
+return colo_info.colo_requested;
+}
+
+void migration_incoming_exit_colo(void)
+{
+colo_info.colo_requested = 0;
+}
diff --git a/migration/colo.c b/migration/colo.c
index cf0ccb8..6880aa0 100644
--- a/migration/colo.c
+++ b/migration/colo.c
@@ -13,6 +13,7 @@
 #include "sysemu/sysemu.h"
 #include "migration/colo.h"
 #include "trace.h"
+#include "qemu/error-report.h"
 
 bool colo_supported(void)
 {
@@ -26,6 +27,13 @@ bool migration_in_colo_state(void)
 return (s->state == MIGRATION_STATUS_COLO);
 }
 
+bool migration_incoming_in_colo_state(void)
+{
+MigrationIncomingState *mis = migration_incoming_get_current();
+
+return mis && (mis->state == MIGRATION_STATUS_COLO);
+}
+
 static void colo_process_checkpoint(MigrationState *s)
 {
 qemu_mutex_lock_iothread();
@@ -47,3 +55,17 @@ void migrate_start_colo_process(MigrationState *s)
 colo_process_checkpoint(s);
 qemu_mutex_lock_iothread();
 }
+
+void *colo_process_incoming_thread(void *opaque)
+{
+MigrationIncomingState *mis = opaque;
+
+migrate_set_state(>state, MIGRATION_STATUS_ACTIVE,
+  MIGRATION_STATUS_COLO);
+
+/* TODO: COLO checkpoint restore loop */
+
+migration_incoming_exit_colo();
+
+return NULL;
+}
diff --git a/migration/migration.c b/migration/migration.c
index 1a8d3f1..4027071 100644
--- a/migration/migration.c
+++ b/migration/migration.c
@@ -358,6 +358,27 @@ static void process_incoming_migration_co(void *opaque)
 /* Else if something went wrong then just fall out of the normal exit 
*/
 }
 
+if (!ret) {
+/* Make sure all file formats flush their mutable metadata */
+bdrv_invalidate_cache_all(_err);
+if (local_err) {
+error_report_err(local_err);
+migrate_decompress_threads_join();
+exit(EXIT_FAILURE);
+}
+}
+/* we get colo info, and know if we are in colo mode */
+if (!ret && migration_incoming_enable_colo()) {
+mis->migration_incoming_co = qemu_coroutine_self();
+qemu_thread_create(>colo_incoming_thread, 

[Qemu-devel] [PATCH COLO-Frame v13 04/39] migration: Export migrate_set_state()

[zhanghailiang]

Fix the first parameter of migrate_set_state(), and export it.
We will use it in later.

Signed-off-by: zhanghailiang 
Reviewed-by: Dr. David Alan Gilbert 
---
v12:
- Add Reviewed-by tag
v11:
- New patch which is split from patch
  'migration: Add state records for migration incoming' (Juan's suggestion)
---
 include/migration/migration.h |  2 ++
 migration/migration.c | 36 +---
 2 files changed, 23 insertions(+), 15 deletions(-)

diff --git a/include/migration/migration.h b/include/migration/migration.h
index f9e8151..e102fe4 100644
--- a/include/migration/migration.h
+++ b/include/migration/migration.h
@@ -169,6 +169,8 @@ struct MigrationState
 RAMBlock *last_req_rb;
 };
 
+void migrate_set_state(int *state, int old_state, int new_state);
+
 void process_incoming_migration(QEMUFile *f);
 
 void qemu_start_incoming_migration(const char *uri, Error **errp);
diff --git a/migration/migration.c b/migration/migration.c
index 1b9a9c9..388c62c 100644
--- a/migration/migration.c
+++ b/migration/migration.c
@@ -798,9 +798,9 @@ void qmp_migrate_start_postcopy(Error **errp)
 
 /* shared migration helpers */
 
-static void migrate_set_state(MigrationState *s, int old_state, int new_state)
+void migrate_set_state(int *state, int old_state, int new_state)
 {
-if (atomic_cmpxchg(>state, old_state, new_state) == old_state) {
+if (atomic_cmpxchg(state, old_state, new_state) == old_state) {
 trace_migrate_set_state(new_state);
 migrate_generate_event(new_state);
 }
@@ -833,7 +833,7 @@ static void migrate_fd_cleanup(void *opaque)
(s->state != MIGRATION_STATUS_POSTCOPY_ACTIVE));
 
 if (s->state == MIGRATION_STATUS_CANCELLING) {
-migrate_set_state(s, MIGRATION_STATUS_CANCELLING,
+migrate_set_state(>state, MIGRATION_STATUS_CANCELLING,
   MIGRATION_STATUS_CANCELLED);
 }
 
@@ -844,7 +844,8 @@ void migrate_fd_error(MigrationState *s)
 {
 trace_migrate_fd_error();
 assert(s->file == NULL);
-migrate_set_state(s, MIGRATION_STATUS_SETUP, MIGRATION_STATUS_FAILED);
+migrate_set_state(>state, MIGRATION_STATUS_SETUP,
+  MIGRATION_STATUS_FAILED);
 notifier_list_notify(_state_notifiers, s);
 }
 
@@ -864,7 +865,7 @@ static void migrate_fd_cancel(MigrationState *s)
 if (!migration_is_setup_or_active(old_state)) {
 break;
 }
-migrate_set_state(s, old_state, MIGRATION_STATUS_CANCELLING);
+migrate_set_state(>state, old_state, MIGRATION_STATUS_CANCELLING);
 } while (s->state != MIGRATION_STATUS_CANCELLING);
 
 /*
@@ -938,7 +939,7 @@ MigrationState *migrate_init(const MigrationParams *params)
 s->migration_thread_running = false;
 s->last_req_rb = NULL;
 
-migrate_set_state(s, MIGRATION_STATUS_NONE, MIGRATION_STATUS_SETUP);
+migrate_set_state(>state, MIGRATION_STATUS_NONE, 
MIGRATION_STATUS_SETUP);
 
 QSIMPLEQ_INIT(>src_page_requests);
 
@@ -1037,7 +1038,8 @@ void qmp_migrate(const char *uri, bool has_blk, bool blk,
 } else {
 error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "uri",
"a valid migration protocol");
-migrate_set_state(s, MIGRATION_STATUS_SETUP, MIGRATION_STATUS_FAILED);
+migrate_set_state(>state, MIGRATION_STATUS_SETUP,
+  MIGRATION_STATUS_FAILED);
 return;
 }
 
@@ -1416,7 +1418,7 @@ static int postcopy_start(MigrationState *ms, bool 
*old_vm_running)
 int ret;
 const QEMUSizedBuffer *qsb;
 int64_t time_at_stop = qemu_clock_get_ms(QEMU_CLOCK_REALTIME);
-migrate_set_state(ms, MIGRATION_STATUS_ACTIVE,
+migrate_set_state(>state, MIGRATION_STATUS_ACTIVE,
   MIGRATION_STATUS_POSTCOPY_ACTIVE);
 
 trace_postcopy_start();
@@ -1507,7 +1509,7 @@ static int postcopy_start(MigrationState *ms, bool 
*old_vm_running)
 ret = qemu_file_get_error(ms->file);
 if (ret) {
 error_report("postcopy_start: Migration stream errored");
-migrate_set_state(ms, MIGRATION_STATUS_POSTCOPY_ACTIVE,
+migrate_set_state(>state, MIGRATION_STATUS_POSTCOPY_ACTIVE,
   MIGRATION_STATUS_FAILED);
 }
 
@@ -1516,7 +1518,7 @@ static int postcopy_start(MigrationState *ms, bool 
*old_vm_running)
 fail_closefb:
 qemu_fclose(fb);
 fail:
-migrate_set_state(ms, MIGRATION_STATUS_POSTCOPY_ACTIVE,
+migrate_set_state(>state, MIGRATION_STATUS_POSTCOPY_ACTIVE,
   MIGRATION_STATUS_FAILED);
 qemu_mutex_unlock_iothread();
 return -1;
@@ -1585,11 +1587,13 @@ static void migration_completion(MigrationState *s, int 
current_active_state,
 goto fail;
 }
 
-migrate_set_state(s, current_active_state, MIGRATION_STATUS_COMPLETED);
+migrate_set_state(>state, current_active_state,
+  MIGRATION_STATUS_COMPLETED);
 return;
 
 fail:
-

[Qemu-devel] [PATCH COLO-Frame v13 03/39] COLO: migrate colo related info to secondary node

[zhanghailiang]

We can know if VM in destination should go into COLO mode by refer to
the info that been migrated from PVM.

We skip this section if colo is not enabled (i.e.
migrate_set_capability colo off), so that, It not break compatibility with 
migration
however the --enable-colo/disable-colo on the source/destination;

Signed-off-by: zhanghailiang 
Signed-off-by: Li Zhijian 
Signed-off-by: Gonglei 
Reviewed-by: Dr. David Alan Gilbert 
---
v11:
- Add Reviewed-by tag
v10:
- Use VMSTATE_BOOL instead of VMSTATE_UNIT32 for 'colo_requested' (Dave's 
suggestion).
---
 include/migration/colo.h |  2 ++
 migration/Makefile.objs  |  1 +
 migration/colo-comm.c| 50 
 vl.c |  3 ++-
 4 files changed, 55 insertions(+), 1 deletion(-)
 create mode 100644 migration/colo-comm.c

diff --git a/include/migration/colo.h b/include/migration/colo.h
index c60a590..9b6662d 100644
--- a/include/migration/colo.h
+++ b/include/migration/colo.h
@@ -14,7 +14,9 @@
 #define QEMU_COLO_H
 
 #include "qemu-common.h"
+#include "migration/migration.h"
 
 bool colo_supported(void);
+void colo_info_mig_init(void);
 
 #endif
diff --git a/migration/Makefile.objs b/migration/Makefile.objs
index 65ecc35..81b5713 100644
--- a/migration/Makefile.objs
+++ b/migration/Makefile.objs
@@ -1,5 +1,6 @@
 common-obj-y += migration.o tcp.o
 common-obj-$(CONFIG_COLO) += colo.o
+common-obj-y += colo-comm.o
 common-obj-y += vmstate.o
 common-obj-y += qemu-file.o qemu-file-buf.o qemu-file-unix.o qemu-file-stdio.o
 common-obj-y += xbzrle.o postcopy-ram.o
diff --git a/migration/colo-comm.c b/migration/colo-comm.c
new file mode 100644
index 000..fb407e0
--- /dev/null
+++ b/migration/colo-comm.c
@@ -0,0 +1,50 @@
+/*
+ * COarse-grain LOck-stepping Virtual Machines for Non-stop Service (COLO)
+ * (a.k.a. Fault Tolerance or Continuous Replication)
+ *
+ * Copyright (c) 2015 HUAWEI TECHNOLOGIES CO., LTD.
+ * Copyright (c) 2015 FUJITSU LIMITED
+ * Copyright (c) 2015 Intel Corporation
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * later. See the COPYING file in the top-level directory.
+ *
+ */
+
+#include 
+#include "trace.h"
+
+typedef struct {
+ bool colo_requested;
+} COLOInfo;
+
+static COLOInfo colo_info;
+
+static void colo_info_pre_save(void *opaque)
+{
+COLOInfo *s = opaque;
+
+s->colo_requested = migrate_colo_enabled();
+}
+
+static bool colo_info_need(void *opaque)
+{
+   return migrate_colo_enabled();
+}
+
+static const VMStateDescription colo_state = {
+ .name = "COLOState",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .pre_save = colo_info_pre_save,
+ .needed = colo_info_need,
+ .fields = (VMStateField[]) {
+ VMSTATE_BOOL(colo_requested, COLOInfo),
+ VMSTATE_END_OF_LIST()
+},
+};
+
+void colo_info_mig_init(void)
+{
+vmstate_register(NULL, 0, _state, _info);
+}
diff --git a/vl.c b/vl.c
index 5aaea77..5ac49ce 100644
--- a/vl.c
+++ b/vl.c
@@ -91,6 +91,7 @@ int main(int argc, char **argv)
 #include "sysemu/dma.h"
 #include "audio/audio.h"
 #include "migration/migration.h"
+#include "migration/colo.h"
 #include "sysemu/kvm.h"
 #include "qapi/qmp/qjson.h"
 #include "qemu/option.h"
@@ -4450,7 +4451,7 @@ int main(int argc, char **argv, char **envp)
 
 blk_mig_init();
 ram_mig_init();
-
+colo_info_mig_init();
 /* If the currently selected machine wishes to override the units-per-bus
  * property of its default HBA interface type, do so now. */
 if (machine_class->units_per_default_bus) {
-- 
1.8.3.1

[Qemu-devel] [PATCH COLO-Frame v13 08/39] migration: Rename the'file' member of MigrationState

[zhanghailiang]

Rename the 'file' member of MigrationState to 'to_dst_file'.

Signed-off-by: zhanghailiang 
Reviewed-by: Dr. David Alan Gilbert 
---
v12:
- Add Reviewed-by tag
- Add the missed modification for RDMA migration. (Found by Wen Congyang)
v11:
- Only rename 'file' member of MigrationState
---
 include/migration/migration.h |  2 +-
 migration/exec.c  |  4 +--
 migration/fd.c|  4 +--
 migration/migration.c | 72 ++-
 migration/postcopy-ram.c  |  6 ++--
 migration/rdma.c  |  2 +-
 migration/savevm.c|  2 +-
 migration/tcp.c   |  4 +--
 migration/unix.c  |  4 +--
 9 files changed, 52 insertions(+), 48 deletions(-)

diff --git a/include/migration/migration.h b/include/migration/migration.h
index b5cda23..e7a516c 100644
--- a/include/migration/migration.h
+++ b/include/migration/migration.h
@@ -140,7 +140,7 @@ struct MigrationState
 size_t xfer_limit;
 QemuThread thread;
 QEMUBH *cleanup_bh;
-QEMUFile *file;
+QEMUFile *to_dst_file;
 int parameters[MIGRATION_PARAMETER__MAX];
 
 int state;
diff --git a/migration/exec.c b/migration/exec.c
index 8406d2b..9037109 100644
--- a/migration/exec.c
+++ b/migration/exec.c
@@ -36,8 +36,8 @@
 
 void exec_start_outgoing_migration(MigrationState *s, const char *command, 
Error **errp)
 {
-s->file = qemu_popen_cmd(command, "w");
-if (s->file == NULL) {
+s->to_dst_file = qemu_popen_cmd(command, "w");
+if (s->to_dst_file == NULL) {
 error_setg_errno(errp, errno, "failed to popen the migration target");
 return;
 }
diff --git a/migration/fd.c b/migration/fd.c
index 3e4bed0..9a9d6c5 100644
--- a/migration/fd.c
+++ b/migration/fd.c
@@ -50,9 +50,9 @@ void fd_start_outgoing_migration(MigrationState *s, const 
char *fdname, Error **
 }
 
 if (fd_is_socket(fd)) {
-s->file = qemu_fopen_socket(fd, "wb");
+s->to_dst_file = qemu_fopen_socket(fd, "wb");
 } else {
-s->file = qemu_fdopen(fd, "wb");
+s->to_dst_file = qemu_fdopen(fd, "wb");
 }
 
 migrate_fd_connect(s);
diff --git a/migration/migration.c b/migration/migration.c
index 4027071..b2c07c6 100644
--- a/migration/migration.c
+++ b/migration/migration.c
@@ -834,7 +834,7 @@ static void migrate_fd_cleanup(void *opaque)
 
 flush_page_queue(s);
 
-if (s->file) {
+if (s->to_dst_file) {
 trace_migrate_fd_cleanup();
 qemu_mutex_unlock_iothread();
 if (s->migration_thread_running) {
@@ -844,8 +844,8 @@ static void migrate_fd_cleanup(void *opaque)
 qemu_mutex_lock_iothread();
 
 migrate_compress_threads_join();
-qemu_fclose(s->file);
-s->file = NULL;
+qemu_fclose(s->to_dst_file);
+s->to_dst_file = NULL;
 }
 
 assert((s->state != MIGRATION_STATUS_ACTIVE) &&
@@ -862,7 +862,7 @@ static void migrate_fd_cleanup(void *opaque)
 void migrate_fd_error(MigrationState *s)
 {
 trace_migrate_fd_error();
-assert(s->file == NULL);
+assert(s->to_dst_file == NULL);
 migrate_set_state(>state, MIGRATION_STATUS_SETUP,
   MIGRATION_STATUS_FAILED);
 notifier_list_notify(_state_notifiers, s);
@@ -871,7 +871,7 @@ void migrate_fd_error(MigrationState *s)
 static void migrate_fd_cancel(MigrationState *s)
 {
 int old_state ;
-QEMUFile *f = migrate_get_current()->file;
+QEMUFile *f = migrate_get_current()->to_dst_file;
 trace_migrate_fd_cancel();
 
 if (s->rp_state.from_dst_file) {
@@ -942,7 +942,7 @@ MigrationState *migrate_init(const MigrationParams *params)
 s->bytes_xfer = 0;
 s->xfer_limit = 0;
 s->cleanup_bh = 0;
-s->file = NULL;
+s->to_dst_file = NULL;
 s->state = MIGRATION_STATUS_NONE;
 s->params = *params;
 s->rp_state.from_dst_file = NULL;
@@ -1122,8 +1122,9 @@ void qmp_migrate_set_speed(int64_t value, Error **errp)
 
 s = migrate_get_current();
 s->bandwidth_limit = value;
-if (s->file) {
-qemu_file_set_rate_limit(s->file, s->bandwidth_limit / 
XFER_LIMIT_RATIO);
+if (s->to_dst_file) {
+qemu_file_set_rate_limit(s->to_dst_file,
+ s->bandwidth_limit / XFER_LIMIT_RATIO);
 }
 }
 
@@ -1393,7 +1394,7 @@ out:
 static int open_return_path_on_source(MigrationState *ms)
 {
 
-ms->rp_state.from_dst_file = qemu_file_get_return_path(ms->file);
+ms->rp_state.from_dst_file = qemu_file_get_return_path(ms->to_dst_file);
 if (!ms->rp_state.from_dst_file) {
 return -1;
 }
@@ -1415,7 +1416,7 @@ static int 
await_return_path_close_on_source(MigrationState *ms)
  * rp_thread will exit, however if there's an error we need to cause
  * it to exit.
  */
-if (qemu_file_get_error(ms->file) && ms->rp_state.from_dst_file) {
+if (qemu_file_get_error(ms->to_dst_file) && ms->rp_state.from_dst_file) {
 /*

[Qemu-devel] [PATCH COLO-Frame v13 21/39] COLO failover: Introduce a new command to trigger a failover

[zhanghailiang]

We leave users to choose whatever heartbeat solution they want, if the heartbeat
is lost, or other errors they detect, they can use experimental command
'x_colo_lost_heartbeat' to tell COLO to do failover, COLO will do operations
accordingly.

For example, if the command is sent to the PVM, the Primary side will
exit COLO mode and take over operation. If sent to the Secondary, the
secondary will run failover work, then take over server operation to
become the new Primary.

Cc: Luiz Capitulino 
Cc: Eric Blake 
Cc: Markus Armbruster 
Signed-off-by: zhanghailiang 
Signed-off-by: Li Zhijian 
Reviewed-by: Dr. David Alan Gilbert 
---
v13:
- Add Reviewed-by tag
v11:
- Add more comments for x-colo-lost-heartbeat command (Eric's suggestion)
- Return 'enum' instead of 'int' for get_colo_mode() (Eric's suggestion)
v10:
- Rename command colo_lost_hearbeat to experimental 'x_colo_lost_heartbeat'
---
 hmp-commands.hx  | 15 +++
 hmp.c|  8 
 hmp.h|  1 +
 include/migration/colo.h |  3 +++
 include/migration/failover.h | 20 
 migration/Makefile.objs  |  2 +-
 migration/colo-comm.c| 11 +++
 migration/colo-failover.c| 41 +
 migration/colo.c |  1 +
 qapi-schema.json | 29 +
 qmp-commands.hx  | 19 +++
 stubs/migration-colo.c   |  8 
 12 files changed, 157 insertions(+), 1 deletion(-)
 create mode 100644 include/migration/failover.h
 create mode 100644 migration/colo-failover.c

diff --git a/hmp-commands.hx b/hmp-commands.hx
index bb52e4d..a381b0b 100644
--- a/hmp-commands.hx
+++ b/hmp-commands.hx
@@ -1039,6 +1039,21 @@ migration (or once already in postcopy).
 ETEXI
 
 {
+.name   = "x_colo_lost_heartbeat",
+.args_type  = "",
+.params = "",
+.help   = "Tell COLO that heartbeat is lost,\n\t\t\t"
+  "a failover or takeover is needed.",
+.mhandler.cmd = hmp_x_colo_lost_heartbeat,
+},
+
+STEXI
+@item x_colo_lost_heartbeat
+@findex x_colo_lost_heartbeat
+Tell COLO that heartbeat is lost, a failover or takeover is needed.
+ETEXI
+
+{
 .name   = "client_migrate_info",
 .args_type  = 
"protocol:s,hostname:s,port:i?,tls-port:i?,cert-subject:s?",
 .params = "protocol hostname port tls-port cert-subject",
diff --git a/hmp.c b/hmp.c
index 96ae722..79bf2f5 100644
--- a/hmp.c
+++ b/hmp.c
@@ -1318,6 +1318,14 @@ void hmp_migrate_start_postcopy(Monitor *mon, const 
QDict *qdict)
 hmp_handle_error(mon, );
 }
 
+void hmp_x_colo_lost_heartbeat(Monitor *mon, const QDict *qdict)
+{
+Error *err = NULL;
+
+qmp_x_colo_lost_heartbeat();
+hmp_handle_error(mon, );
+}
+
 void hmp_set_password(Monitor *mon, const QDict *qdict)
 {
 const char *protocol  = qdict_get_str(qdict, "protocol");
diff --git a/hmp.h b/hmp.h
index a8c5b5a..864a300 100644
--- a/hmp.h
+++ b/hmp.h
@@ -70,6 +70,7 @@ void hmp_migrate_set_parameter(Monitor *mon, const QDict 
*qdict);
 void hmp_migrate_set_cache_size(Monitor *mon, const QDict *qdict);
 void hmp_client_migrate_info(Monitor *mon, const QDict *qdict);
 void hmp_migrate_start_postcopy(Monitor *mon, const QDict *qdict);
+void hmp_x_colo_lost_heartbeat(Monitor *mon, const QDict *qdict);
 void hmp_set_password(Monitor *mon, const QDict *qdict);
 void hmp_expire_password(Monitor *mon, const QDict *qdict);
 void hmp_eject(Monitor *mon, const QDict *qdict);
diff --git a/include/migration/colo.h b/include/migration/colo.h
index 2676c4a..ba27719 100644
--- a/include/migration/colo.h
+++ b/include/migration/colo.h
@@ -17,6 +17,7 @@
 #include "migration/migration.h"
 #include "qemu/coroutine_int.h"
 #include "qemu/thread.h"
+#include "qemu/main-loop.h"
 
 bool colo_supported(void);
 void colo_info_mig_init(void);
@@ -29,4 +30,6 @@ bool migration_incoming_enable_colo(void);
 void migration_incoming_exit_colo(void);
 void *colo_process_incoming_thread(void *opaque);
 bool migration_incoming_in_colo_state(void);
+
+COLOMode get_colo_mode(void);
 #endif
diff --git a/include/migration/failover.h b/include/migration/failover.h
new file mode 100644
index 000..1785b52
--- /dev/null
+++ b/include/migration/failover.h
@@ -0,0 +1,20 @@
+/*
+ *  COarse-grain LOck-stepping Virtual Machines for Non-stop Service (COLO)
+ *  (a.k.a. Fault Tolerance or Continuous Replication)
+ *
+ * Copyright (c) 2015 HUAWEI TECHNOLOGIES CO.,LTD.
+ * Copyright (c) 2015 FUJITSU LIMITED
+ * Copyright (c) 2015 Intel Corporation
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * later.  See the COPYING file in the top-level directory.
+ */
+
+#ifndef QEMU_FAILOVER_H
+#define QEMU_FAILOVER_H
+
+#include "qemu-common.h"

[Qemu-devel] [PATCH COLO-Frame v13 13/39] COLO: Save PVM state to secondary side when do checkpoint

[zhanghailiang]

The main process of checkpoint is to synchronize SVM with PVM.
VM's state includes ram and device state. So we will migrate PVM's
state to SVM when do checkpoint, just like migration does.

We will cache PVM's state in slave, we use QEMUSizedBuffer
to store the data, we need to know the size of VM state, so in master,
we use qsb to store VM state temporarily, get the data size by call 
qsb_get_length()
and then migrate the data to the qsb in the secondary side.

Signed-off-by: zhanghailiang 
Signed-off-by: Gonglei 
Signed-off-by: Li Zhijian 
Reviewed-by: Dr. David Alan Gilbert 
Cc: Dr. David Alan Gilbert 
---
v13:
- Refactor colo_put_cmd_value() to use 'Error **errp' to indicate success
  or failure.
v12:
- Replace the old colo_ctl_get() with the new helper function 
colo_put_cmd_value()
v11:
- Add Reviewed-by tag
---
 migration/colo.c | 92 +++-
 migration/ram.c  | 39 ++--
 2 files changed, 114 insertions(+), 17 deletions(-)

diff --git a/migration/colo.c b/migration/colo.c
index c76e1fa..304d27b 100644
--- a/migration/colo.c
+++ b/migration/colo.c
@@ -16,6 +16,9 @@
 #include "trace.h"
 #include "qemu/error-report.h"
 
+/* colo buffer */
+#define COLO_BUFFER_BASE_SIZE (4 * 1024 * 1024)
+
 bool colo_supported(void)
 {
 return true;
@@ -54,6 +57,27 @@ static void colo_put_cmd(QEMUFile *f, COLOCommand cmd,
 trace_colo_put_cmd(COLOCommand_lookup[cmd]);
 }
 
+static void colo_put_cmd_value(QEMUFile *f, COLOCommand cmd,
+   uint64_t value, Error **errp)
+{
+Error *local_err = NULL;
+int ret;
+
+colo_put_cmd(f, cmd, _err);
+if (local_err) {
+error_propagate(errp, local_err);
+return;
+}
+qemu_put_be64(f, value);
+qemu_fflush(f);
+
+ret = qemu_file_get_error(f);
+if (ret < 0) {
+error_setg_errno(errp, -ret, "Failed to send value for command:%s",
+ COLOCommand_lookup[cmd]);
+}
+}
+
 static COLOCommand colo_get_cmd(QEMUFile *f, Error **errp)
 {
 COLOCommand cmd;
@@ -90,9 +114,13 @@ static void colo_get_check_cmd(QEMUFile *f, COLOCommand 
expect_cmd,
 }
 }
 
-static int colo_do_checkpoint_transaction(MigrationState *s)
+static int colo_do_checkpoint_transaction(MigrationState *s,
+  QEMUSizedBuffer *buffer)
 {
+QEMUFile *trans = NULL;
+size_t size;
 Error *local_err = NULL;
+int ret = -1;
 
 colo_put_cmd(s->to_dst_file, COLO_COMMAND_CHECKPOINT_REQUEST,
  _err);
@@ -105,15 +133,48 @@ static int colo_do_checkpoint_transaction(MigrationState 
*s)
 if (local_err) {
 goto out;
 }
+/* Reset colo buffer and open it for write */
+qsb_set_length(buffer, 0);
+trans = qemu_bufopen("w", buffer);
+if (!trans) {
+error_report("Open colo buffer for write failed");
+goto out;
+}
 
-/* TODO: suspend and save vm state to colo buffer */
+qemu_mutex_lock_iothread();
+vm_stop_force_state(RUN_STATE_COLO);
+qemu_mutex_unlock_iothread();
+trace_colo_vm_state_change("run", "stop");
+
+/* Disable block migration */
+s->params.blk = 0;
+s->params.shared = 0;
+qemu_savevm_state_header(trans);
+qemu_savevm_state_begin(trans, >params);
+qemu_mutex_lock_iothread();
+qemu_savevm_state_complete_precopy(trans, false);
+qemu_mutex_unlock_iothread();
+
+qemu_fflush(trans);
 
 colo_put_cmd(s->to_dst_file, COLO_COMMAND_VMSTATE_SEND, _err);
 if (local_err) {
 goto out;
 }
+/* we send the total size of the vmstate first */
+size = qsb_get_length(buffer);
+colo_put_cmd_value(s->to_dst_file, COLO_COMMAND_VMSTATE_SIZE,
+   size, _err);
+if (local_err) {
+goto out;
+}
 
-/* TODO: send vmstate to Secondary */
+qsb_put_buffer(s->to_dst_file, buffer, size);
+qemu_fflush(s->to_dst_file);
+ret = qemu_file_get_error(s->to_dst_file);
+if (ret < 0) {
+goto out;
+}
 
 colo_get_check_cmd(s->rp_state.from_dst_file,
COLO_COMMAND_VMSTATE_RECEIVED, _err);
@@ -127,18 +188,26 @@ static int colo_do_checkpoint_transaction(MigrationState 
*s)
 goto out;
 }
 
-/* TODO: resume Primary */
+ret = 0;
+/* Resume primary guest */
+qemu_mutex_lock_iothread();
+vm_start();
+qemu_mutex_unlock_iothread();
+trace_colo_vm_state_change("stop", "run");
 
-return 0;
 out:
 if (local_err) {
 error_report_err(local_err);
 }
-return -EINVAL;
+if (trans) {
+qemu_fclose(trans);
+}
+return ret;
 }
 
 static void colo_process_checkpoint(MigrationState *s)
 {
+QEMUSizedBuffer *buffer = NULL;
 Error *local_err = NULL;
 int ret;
 
@@ -158,6 +227,12 @@ static void 

[Qemu-devel] [PATCH COLO-Frame v13 18/39] COLO: Flush PVM's cached RAM into SVM's memory

[zhanghailiang]

During the time of VM's running, PVM may dirty some pages, we will transfer
PVM's dirty pages to SVM and store them into SVM's RAM cache at next checkpoint
time. So, the content of SVM's RAM cache will always be same with PVM's memory
after checkpoint.

Instead of flushing all content of PVM's RAM cache into SVM's MEMORY,
we do this in a more efficient way:
Only flush any page that dirtied by PVM since last checkpoint.
In this way, we can ensure SVM's memory same with PVM's.

Besides, we must ensure flush RAM cache before load device state.

Signed-off-by: zhanghailiang 
Signed-off-by: Li Zhijian 
Signed-off-by: Gonglei 
Reviewed-by: Dr. David Alan Gilbert 
---
v12:
- Add a trace point in the end of colo_flush_ram_cache() (Dave's suggestion)
- Add Reviewed-by tag
v11:
- Move the place of 'need_flush' (Dave's suggestion)
- Remove unused 'DPRINTF("Flush ram_cache\n")'
v10:
- trace the number of dirty pages that be received.
---
 include/migration/migration.h |  1 +
 migration/colo.c  |  2 --
 migration/ram.c   | 38 ++
 trace-events  |  2 ++
 4 files changed, 41 insertions(+), 2 deletions(-)

diff --git a/include/migration/migration.h b/include/migration/migration.h
index 6907986..14b9f3d 100644
--- a/include/migration/migration.h
+++ b/include/migration/migration.h
@@ -336,4 +336,5 @@ PostcopyState postcopy_state_set(PostcopyState new_state);
 /* ram cache */
 int colo_init_ram_cache(void);
 void colo_release_ram_cache(void);
+void colo_flush_ram_cache(void);
 #endif
diff --git a/migration/colo.c b/migration/colo.c
index 8414feb..11d2b51 100644
--- a/migration/colo.c
+++ b/migration/colo.c
@@ -417,8 +417,6 @@ void *colo_process_incoming_thread(void *opaque)
 }
 qemu_mutex_unlock_iothread();
 
-/* TODO: flush vm state */
-
 colo_put_cmd(mis->to_src_file, COLO_COMMAND_VMSTATE_LOADED,
  _err);
 if (local_err) {
diff --git a/migration/ram.c b/migration/ram.c
index 3d5947b..8ff7f7c 100644
--- a/migration/ram.c
+++ b/migration/ram.c
@@ -2458,6 +2458,7 @@ static int ram_load(QEMUFile *f, void *opaque, int 
version_id)
  * be atomic
  */
 bool postcopy_running = postcopy_state_get() >= 
POSTCOPY_INCOMING_LISTENING;
+bool need_flush = false;
 
 seq_iter++;
 
@@ -2492,6 +2493,7 @@ static int ram_load(QEMUFile *f, void *opaque, int 
version_id)
 /* After going into COLO, we should load the Page into colo_cache 
*/
 if (ram_cache_enable) {
 host = colo_cache_from_block_offset(block, addr);
+need_flush = true;
 } else {
 host = host_from_ram_block_offset(block, addr);
 }
@@ -2585,6 +2587,10 @@ static int ram_load(QEMUFile *f, void *opaque, int 
version_id)
 }
 
 rcu_read_unlock();
+
+if (!ret  && ram_cache_enable && need_flush) {
+colo_flush_ram_cache();
+}
 DPRINTF("Completed load of VM with exit code %d seq iteration "
 "%" PRIu64 "\n", ret, seq_iter);
 return ret;
@@ -2657,6 +2663,38 @@ void colo_release_ram_cache(void)
 rcu_read_unlock();
 }
 
+/*
+ * Flush content of RAM cache into SVM's memory.
+ * Only flush the pages that be dirtied by PVM or SVM or both.
+ */
+void colo_flush_ram_cache(void)
+{
+RAMBlock *block = NULL;
+void *dst_host;
+void *src_host;
+ram_addr_t offset = 0;
+
+trace_colo_flush_ram_cache_begin(migration_dirty_pages);
+rcu_read_lock();
+block = QLIST_FIRST_RCU(_list.blocks);
+while (block) {
+ram_addr_t ram_addr_abs;
+offset = migration_bitmap_find_dirty(block, offset, _addr_abs);
+migration_bitmap_clear_dirty(ram_addr_abs);
+if (offset >= block->used_length) {
+offset = 0;
+block = QLIST_NEXT_RCU(block, next);
+} else {
+dst_host = block->host + offset;
+src_host = block->colo_cache + offset;
+memcpy(dst_host, src_host, TARGET_PAGE_SIZE);
+}
+}
+rcu_read_unlock();
+trace_colo_flush_ram_cache_end();
+assert(migration_dirty_pages == 0);
+}
+
 static SaveVMHandlers savevm_ram_handlers = {
 .save_live_setup = ram_save_setup,
 .save_live_iterate = ram_save_iterate,
diff --git a/trace-events b/trace-events
index 51b2305..578b775 100644
--- a/trace-events
+++ b/trace-events
@@ -1266,6 +1266,8 @@ migration_throttle(void) ""
 ram_load_postcopy_loop(uint64_t addr, int flags) "@%" PRIx64 " %x"
 ram_postcopy_send_discard_bitmap(void) ""
 ram_save_queue_pages(const char *rbname, size_t start, size_t len) "%s: start: 
%zx len: %zx"
+colo_flush_ram_cache_begin(uint64_t dirty_pages) "dirty_pages %" PRIu64
+colo_flush_ram_cache_end(void) ""
 
 # hw/display/qxl.c
 disable qxl_interface_set_mm_time(int qid, uint32_t mm_time) "%d %d"
-- 
1.8.3.1

[Qemu-devel] [PATCH COLO-Frame v13 09/39] COLO/migration: Create a new communication path from destination to source

[zhanghailiang]

This new communication path will be used for returning messages
from destination to source.

Signed-off-by: zhanghailiang 
Signed-off-by: Li Zhijian 
Reviewed-by: Dr. David Alan Gilbert 
---
v13:
- Remove useless error report
v12:
- Add Reviewed-by tag
v11:
- Rebase master to use qemu_file_get_return_path() for opening return path
v10:
- fix the the error log (Dave's suggestion).
---
 migration/colo.c | 26 ++
 1 file changed, 26 insertions(+)

diff --git a/migration/colo.c b/migration/colo.c
index 6880aa0..65ac0c9 100644
--- a/migration/colo.c
+++ b/migration/colo.c
@@ -36,6 +36,12 @@ bool migration_incoming_in_colo_state(void)
 
 static void colo_process_checkpoint(MigrationState *s)
 {
+s->rp_state.from_dst_file = qemu_file_get_return_path(s->to_dst_file);
+if (!s->rp_state.from_dst_file) {
+error_report("Open QEMUFile from_dst_file failed");
+goto out;
+}
+
 qemu_mutex_lock_iothread();
 vm_start();
 qemu_mutex_unlock_iothread();
@@ -43,8 +49,13 @@ static void colo_process_checkpoint(MigrationState *s)
 
 /*TODO: COLO checkpoint savevm loop*/
 
+out:
 migrate_set_state(>state, MIGRATION_STATUS_COLO,
   MIGRATION_STATUS_COMPLETED);
+
+if (s->rp_state.from_dst_file) {
+qemu_fclose(s->rp_state.from_dst_file);
+}
 }
 
 void migrate_start_colo_process(MigrationState *s)
@@ -63,8 +74,23 @@ void *colo_process_incoming_thread(void *opaque)
 migrate_set_state(>state, MIGRATION_STATUS_ACTIVE,
   MIGRATION_STATUS_COLO);
 
+mis->to_src_file = qemu_file_get_return_path(mis->from_src_file);
+if (!mis->to_src_file) {
+error_report("colo incoming thread: Open QEMUFile to_src_file failed");
+goto out;
+}
+/* Note: We set the fd to unblocked in migration incoming coroutine,
+*  But here we are in the colo incoming thread, so it is ok to set the
+*  fd back to blocked.
+*/
+qemu_file_set_blocking(mis->from_src_file, true);
+
 /* TODO: COLO checkpoint restore loop */
 
+out:
+if (mis->to_src_file) {
+qemu_fclose(mis->to_src_file);
+}
 migration_incoming_exit_colo();
 
 return NULL;
-- 
1.8.3.1