I'm not familiar with this device, but I'm fairly certain the writel handler is
not supposed to recurse.
Signed-off-by: Hollis Blanchard <hollisb@us.ibm.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5995 c046a42c-6fe2-441c-8c8c-71466251a162
Use the defines added by the previous patch in the virtio drivers.
Also remove the pointless vendor and device args from the
virtio_blk_init() function.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5987 c046a42c-6fe2-441c-8c8c-71466251a162
This sets a default PCI subsystem ID for all emulated PCI devices. PCI
specs require this, so do it.
In many cases it is enougth to know the PCI ID to handle a device
correctly. Sometimes a device driver must identify the exact piece of
hardware (via PCI Subsystem ID) though.
What does this patch to qemu devices:
Right now the emulated PCI devices have no PCI subsystem ID, only the
PCI ID. The discussed patch sets a default PCI subsystem ID for all
emulated devices. Which will make the qemu devices look pretty much
like in the laptop case: all PCI subsystem IDs will point to qemu by
default.
If a driver emulates a very specific piece of hardware where it has to
emulate more than just the PCI chip, it can overwrite the PCI subsystem
ID without problems. The es1370 driver does that for example.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5986 c046a42c-6fe2-441c-8c8c-71466251a162
Fix compiler warning on OSX, reported by Andreas Faerber.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5982 c046a42c-6fe2-441c-8c8c-71466251a162
fw_cfg_add_callback() checks if key has FW_CFG_WRITE_CHANNEL bit set
after masking the key with FW_CFG_ENTRY_MASK.
But as FW_CFG_ENTRY_MASK is ~(FW_CFG_WRITE_CHANNEL | FW_CFG_ARCH_LOCAL),
the bit is never set and function exits.
This patch corrects this by checking the bit before masking the value.
Signed-by-off: Laurent Vivier <Laurent.Vivier@bull.net>
Acked-by: Gleb Natapov <gleb@redhat.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5978 c046a42c-6fe2-441c-8c8c-71466251a162
This patch adds support for 64-bit Block Move instructions. There are multiple
modes for 64-bit Block moves, direct, indirect, and table indirect. This patch
implements Direct and Table indirect moves which are needed by 64-bit windows
and SYM_CONF_DMA_ADDRESSING_MODE=2 for the Linux sym53c8xx_2 driver respectively.
Two helper functions are included to check which mode the guest is using. For
64-bit direct moves, we fetch a 3rd DWORD and store the value in the DBMS
register. For Table Indirect moves, we look into the table for which register
contains the upper 32-bits of the 64-bit address. This selector value indicates
which register to pull the value from and into dnad64 register.
Finally, lsi_do_dma is updated to use the approriate register to build a 64-bit
DMA address if required.
With this patch, Windows XP x64, 2003 SP2 x64, can now install to scsi devices.
Linux SYM_CONF_DMA_ADDRESSING_MODE=2 need a quirk fixup in Patch 4 to function
properly.
Signed-off-by: Ryan Harper <ryanh@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5969 c046a42c-6fe2-441c-8c8c-71466251a162
Current implementation of memory-mapped i8042 controller is atm
implemented with an interface shift (it_shift) parameter, like most all
memory-mapped devices in Qemu.
However, this isn't suitable for MIPS Magnum, where i8042 controller is at
0x80005000 up to 0x80005fff.
Thomas Bogendoerfer (from #mipslinux) tested the behaviour of a real
machine, and found that odd addresses are for status/command register, and
even addresses for data register.
Attached patch implements this behaviour by replacing the it_shift
parameter by a mask one.
Incidentally, keyboard now works on OpenBSD 2.3, which accesses i8042
controller at 0x80005060 and 0x80005061.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5962 c046a42c-6fe2-441c-8c8c-71466251a162
MMIO exits are more expensive in KVM or Xen than in QEMU because they
involve, at least, privilege transitions. However, MMIO write
operations can be effectively batched if those writes do not have side
effects.
Good examples of this include VGA pixel operations when in a planar
mode. As it turns out, we can get a nice boost in other areas too.
Laurent mentioned a 9.7% performance boost in iperf with the coalesced
MMIO changes for the e1000 when he originally posted this work for KVM.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5961 c046a42c-6fe2-441c-8c8c-71466251a162
Attached patch adds a reset handler to parallel port, so it gets correct
register values after a reset.
(Hervé Poussineau)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5942 c046a42c-6fe2-441c-8c8c-71466251a162
This patch simply implement one register of SH4's SCI := Serial Communication Interface.
R2D evaluation board uses SCI for SPI connection. So, Linux kernel for R2D with
default configuration causes a QEMU assertion failure when it initializes SPI driver.
This patch avoids it and reduces the kernel config modification work for QEMU.
Completing SCI implementation task is left. Other board support is desirable to confirm
this task, which uses SCI for a serial terminal.
(Shin-ichiro KAWASAKI)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5939 c046a42c-6fe2-441c-8c8c-71466251a162
Main purpose of this is to delete
*physical = address & 0x1fffffff;
at target-sh4/helper.c:449, using new mmio rule introduced by #5849
This masking is a nice trick to realize P4/A7 duality of SH registers.
But, IMHO, it is logically wrong.
Most of SH4 cpu control registers in P4 area(0xfc000000...0xffffffff) have
one more address called A7 which is usually P4 address with upper 3bits masked.
This is an address only appears in TLB's physical address part.
Current code use trick writing drivers as if they are really in A7
(that's why you see many *_A7 in hw/sh*.c), and using translation P4 to A7.
Signed-off-by: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5935 c046a42c-6fe2-441c-8c8c-71466251a162
Fixes to be needed for commit #5849 "Change MMIO callbacks..."
hw/sh7750.c:
- Divide region of CPU control registers to avoid overlapping
to peripheral modules.
- Delete unused var "icr", which had moved to hw/sh_intc.c.
hw/sm501.c:
- Merge non page aligned palette registers into the region of
control registers.
Signed-off-by: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5934 c046a42c-6fe2-441c-8c8c-71466251a162
This patch adds pci support to sh/r2d board.
This is the first user of PCIC support I formerly sent.
PCIC actually is inside of chip with CPU core on SH7751.
But, this code is written as if SH7750 and PCIC are on board.
I care little about physical device boundary, but fitting with qemu's
design.
This patch also adds some BSC (Bus State Controller) registers,
because PCI device driver software have to accesses them.
Signed-off-by: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5932 c046a42c-6fe2-441c-8c8c-71466251a162
This adds IRQ controller in FPGA on r2d, and use it for CF.
Signed-off-by: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5926 c046a42c-6fe2-441c-8c8c-71466251a162
This patch adds IRL(4bit encoded 15 level interrupt input) support
to SH using qemu_irq as a multi level (!=on/off) signal.
Signed-off-by: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5925 c046a42c-6fe2-441c-8c8c-71466251a162
This patch adds emulation for a CompactFlash on sh4/r2d board.
The device is CF, but wired to be worked as True-IDE mode, and connected
directly to SH bus. So, this code is to support generally mmio based
IDEs which are supported by "pata_platform" driver in linux kernel.
Signed-off-by: Takashi YOSHII <takasi-y@ops.dti.ne.jp>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5924 c046a42c-6fe2-441c-8c8c-71466251a162
Openserver 5.0.5 sends an Inquiry command to the emulated SCSI disk
expecting a response length of 40 bytes. Currently the response to an
Inquiry command is hardcoded to 36 bytes. When receiving a response of
length 36 instead of 40 Openserver panics.
Modifications to original patch based on feedback from Ryan Harper and Paul
Brook. Thanks guys.
Signed-off-by: Justin Chevrier <address@hidden>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5903 c046a42c-6fe2-441c-8c8c-71466251a162
Basically after each DMA transfer the Openserver driver would issue an
empty (0) SCRIPTS opcode. As the opcode is essentially a NOP it has no
second DWORD and therefore the DSP should only be incremented by 4 bytes
instead of the 8 bytes we currently do.
Here's a snippet of the log:
lsi_scsi: Data ready tag=0x100d9 len=16384
...
lsi_scsi: SCRIPTS dsp=068c5e50 opcode 01000400 arg 07a09000
lsi_scsi: DMA addr=0x07a09000 len=1024
lsi_scsi: SCRIPTS dsp=068c5e58 opcode 00000000 arg 01000400
lsi_scsi: Wrong phase got 1 expected 0
Note the 2nd DWORD after the empty opcode; the next opcode in the DMA
transfer sequence. As can be expected the address after that has the next
DMA address to use.
After the attached patch the DMA transfer is able to complete successfully:
lsi_scsi: SCRIPTS dsp=068c5e50 opcode 01000400 arg 07a0d000
lsi_scsi: DMA addr=0x07a0d000 len=1024
lsi_scsi: SCRIPTS dsp=068c5e5c opcode 01000400 arg 07a0d400
lsi_scsi: DMA addr=0x07a0d400 len=1024
...
Tested againsted Openserver 5.0.5 and Debian ARM.
Signed-off-by: Justin Chevrier <address@hidden>
Acked-by: Ryan Harper <ryanh@us.ibm.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5902 c046a42c-6fe2-441c-8c8c-71466251a162
This way the registers will only be visible at the given offset instead of
every 0x100 bytes.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5899 c046a42c-6fe2-441c-8c8c-71466251a162
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5898 c046a42c-6fe2-441c-8c8c-71466251a162
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5897 c046a42c-6fe2-441c-8c8c-71466251a162
Vectored IO APIs will require some sort of vector argument. It makes sense to
use struct iovec and just define it globally for Windows.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5889 c046a42c-6fe2-441c-8c8c-71466251a162
For backward operations, dstpitch and srcpitch can
be negative. This leads BLTUNSAFE macro into an
overflow, and as a result, it avoids performing
operations that are perfectly valid.
The visible effect that led to that patch was the gnome-panel
bar in Fedora10. Before this patch, you could see garbage
clobbering a big portion of the bar.
After this patch, this garbage is gone.
Signed-off-by: Glauber Costa <glommer@redhat.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5880 c046a42c-6fe2-441c-8c8c-71466251a162
qemu_get_clock() returns a structure containing the time the user wants
to be set (either UTC time, a local time, or a given date). Use mktimegm()
instead of mktime() to convert it into POSIX time without taking the host
timezone into account.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5878 c046a42c-6fe2-441c-8c8c-71466251a162
Windows does not have sys/uio.h and does not have err.h.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5877 c046a42c-6fe2-441c-8c8c-71466251a162
...and fix a bug, the implementation in hw/apic.c was wrong.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5876 c046a42c-6fe2-441c-8c8c-71466251a162
This adds a VirtIO based balloon driver. It uses madvise() to actually balloon
the memory when possible.
Until 2.6.27, KVM forced memory pinning so we must disable ballooning unless the
kernel actually supports it when using KVM. It's always safe when using TCG.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5874 c046a42c-6fe2-441c-8c8c-71466251a162
TARGET_PAGE_SIZE should only be used internal to qemu, not in guest/host
interfaces. The virtio frontend code in Linux uses two constants (PFN shift
and vring alignment) for the interface, so update qemu to match.
I've tested this with PowerPC KVM and confirmed that it fixes virtio problems
when using non-TARGET_PAGE_SIZE pages in the guest.
Signed-off-by: Hollis Blanchard <hollisb@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5871 c046a42c-6fe2-441c-8c8c-71466251a162
Virtio-blk is a paravirtual block device based on VirtIO. It can be used by
specifying the if=virtio parameter to the -drive parameter.
When using -enable-kvm, it can achieve very good performance compared to IDE or
SCSI.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5870 c046a42c-6fe2-441c-8c8c-71466251a162
This patch adds core support for VirtIO. VirtIO is a paravirtualization
framework that has been in Linux since 2.6.21. A PCI transport has been
available since 2.6.25. Network drivers are also available for Windows.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5869 c046a42c-6fe2-441c-8c8c-71466251a162
This PCI controller can be found on a number of 4xx SoCs, including the 440EP.
Signed-off-by: Hollis Blanchard <hollisb@us.ibm.com>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5862 c046a42c-6fe2-441c-8c8c-71466251a162
When command is not DMA, TCMID and TCLO registers are not filled. Use command buffer len instead
Signed-off-by: Herve Poussineau <hpoussin@reactos.org>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5813 c046a42c-6fe2-441c-8c8c-71466251a162
According to http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR53C9X.txt,
"Any bit pattern written to this register may be read back and should be identical"
Signed-off-by: Herve Poussineau <hpoussin@reactos.org>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5812 c046a42c-6fe2-441c-8c8c-71466251a162
- Fix internal fifo size (16 bytes), according to http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR53C9X.txt
- Fix values of STAT_MI and STAT_MO
- Give a scsi ID to adapter, and prevent this ID to be used by devices
- Prevent fifo overrun in esp_mem_writeb
- Add a ESP_ERROR macro, and use it where appropriate
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5811 c046a42c-6fe2-441c-8c8c-71466251a162
Virtio will want to use the geometry detection code. It doesn't belong
in ide.c anyway.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5797 c046a42c-6fe2-441c-8c8c-71466251a162
Hypervisors like KVM perform badly while doing mmio on
a loop, because it'll generate an exit on each access.
This is the case with VGA, which results in very bad
performance.
In this patch, we map the linear frame buffer as RAM,
make sure it has dirty region tracking enabled, and then
just let the region to be written.
Cleanups suggestions by:
Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5793 c046a42c-6fe2-441c-8c8c-71466251a162
It'll be reused later by the vga optimization.
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5791 c046a42c-6fe2-441c-8c8c-71466251a162
unsigned long is too bad of a type. Use ram_addr_t instead.
aligurori: fixed a compile warning in this patch
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5790 c046a42c-6fe2-441c-8c8c-71466251a162
This patches makes SH serial emulation use qemu_irq in its interface.
* hw/sh.h (sh_serial_init): Take qemu_irq, not intc_source.
* hw/sh7750.c (sh7750_init): Adjust.
* hw/sh_intc.c (sh_intc_set_irq): Don't assert or deassert
irq more than once.
* hw/sh_serial.c (sh_serial_state): Use qemu_irq, not intc_source.
(sh_serial_clear_fifo, sh_serial_ioport_write)
(sh_serial_receive_byte): Adjust.
(sh_serial_init): Take qemu_irq, not intc_source.
(Vladimir Prus)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5769 c046a42c-6fe2-441c-8c8c-71466251a162
We're currently ignoring the e1000 VLAN tagging, stripping and filtering
features in the e1000 emulation. This patch adds backing for the
relevant registers and provides a software implementation of the
acceleration, such that a guest can make use of VLANs.
This is mostly (only?) useful for a guest on a bridge (not user mode
networking). The only caveat beyond that is that you need to make sure
the host NIC isn't doing it's own tagging, stripping, or filtering.
This generally means the host NIC on the bridge should not be part of a
VLAN.
Signed-off-by: Alex Williamson <alex.williamson@hp.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5766 c046a42c-6fe2-441c-8c8c-71466251a162
u-boot is a firmware. uImage is an executable file format.
Signed-off-by: Hollis Blanchard <hollisb@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5764 c046a42c-6fe2-441c-8c8c-71466251a162
Return the base address at which the image was loaded so that callers may keep
track of currently occupied guest memory.
This will be required by the PPC 440 embedded code to avoid hard coding a
device model/initrd location. Other users of this function could make use of
this parameter to avoid hard coding these locations in the future too.
Signed-off-by: Hollis Blanchard <hollisb@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5763 c046a42c-6fe2-441c-8c8c-71466251a162
TARGET_FMT_plx includes a % for you. This fixes the following warning when
compiling with LSI_DEBUG enabled.
Signed-off-by: Ryan Harper <ryanh@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5760 c046a42c-6fe2-441c-8c8c-71466251a162
This patch tweaks the ATAPI CDROM emulation to fix an annoyance seen
when running a variety of Linux guests: the desktop GUI shows a CDROM
device as present, but is unable to automount the media and display its
contents.
The patch adds the PLAY_AUDIO capability bit to the data returned by
MODE_SENSE commands. That convinces the guest kernel to determine what
kind of media is present.
Arguably Linux could be smarter about this, but it's my guess there are
few (if any) hardware CDROM drives that don't set the bit, and there are
a large number of Linux distros that exhibit this problem.
Signed-off-by: Gary Grebus <ggrebus@virtualiron.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5752 c046a42c-6fe2-441c-8c8c-71466251a162
This patch fixes Linux machines configured with > 4G of ram and using a
SCSI device.
Signed-off-by: Ryan Harper <ryanh@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5750 c046a42c-6fe2-441c-8c8c-71466251a162
Avoid scheduling DMA processing when all channels are stopped or at
end-of-list.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5720 c046a42c-6fe2-441c-8c8c-71466251a162
drive_get_index() returns -1 if a drive isn't found; don't
use -1 to index drives_table.
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5719 c046a42c-6fe2-441c-8c8c-71466251a162
malc found AIX headers leak "hz" and so it can't be used there. Change
the occurences in hw/.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5709 c046a42c-6fe2-441c-8c8c-71466251a162
After going through the debug log and scratching my head for quite some
time. I found the following:
The problem was with this block move:
lsi_scsi: SCRIPTS dsp=0fae8e50 opcode 01000028 arg 00f63c40
lsi_scsi: DMA addr=0x00f63c40 len=36
The number of bytes to be transferred (len) should be 40 which corresponds
to the block transfer of length 0x28 (from opcode 01000028). Instead we
have a length of 36 (0x24). The code responsible for this is (in
'lsi_do_dma'):
if (count > s->current_dma_len)
count = s->current_dma_len;
Basically we're overwriting the length 40 with the value 36 which I
think we just left over in that variable from an earlier transfer. In my
patch below I initialize s->current_dma_len to s->dbc before we begin
the DMA transfer during Data In phase.
The attached patch gets Openserver 5.0.5 past the hardware detection
(and it lists the hard drive to boot, woohoo). It appears to stop a
little while later (doesn't seem SCSI related), but it's been so long since
I've booted Openserver I'm not sure what's supposted to happen after the HW
detection using the boot/root disks.
Props go to Craig Ringer for the initial post and the code that he posted
some of which is in this patch.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5706 c046a42c-6fe2-441c-8c8c-71466251a162
Windows only flushes its cache of a CDROM if it gets a
SENSE_UNIT_ATTENTION CHECK_CONDITION response to a REQUEST_SENSE
command.
Make sure it does so after we change the CD.
Tab damage fixed by Anthony Liguori
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Steven Smith <steven.smith@citrix.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5698 c046a42c-6fe2-441c-8c8c-71466251a162
KVM's live migration support included support for exec: URLs, allowing system
state to be written or received via an arbitrary popen()ed subprocess. This
provides a convenient way to pipe state through a compression algorithm or an
arbitrary network transport on its way to its destination, and a convenient way
to write state to disk; libvirt's qemu driver currently uses migration to exec:
targets for this latter purpose.
This version of the patch refactors now-common code from migrate-tcp.c into
migrate.c.
Signed-off-by: Charles Duffy <Charles_Duffy@messageone.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5694 c046a42c-6fe2-441c-8c8c-71466251a162
Also optimise qemu_strdup by using memcpy - using pstrcpy is usually
suboptimal.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5653 c046a42c-6fe2-441c-8c8c-71466251a162
The use of strncat and strndup was correct, pstrcpy and pstrdup wasn't.
I'll try to restore building on non-gnu OSes in a later commit.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5651 c046a42c-6fe2-441c-8c8c-71466251a162
Generate an option rom instead of using a hijacked boot sector for kernel
booting. This just requires adding a small option ROM header and a few more
instructions to the boot sector to take over the int19 vector and run our
boot code.
A disk is no longer needed when using -kernel on x86.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5650 c046a42c-6fe2-441c-8c8c-71466251a162
This patch adds minimum emulation of SM501 multifunction device,
whose main feature is 2D graphics. It is one of the peripheral
of R2D, the SH4 evaluation board. We can see TUX printed on the
QEMU console.
Signed-off-by: Shin-ichiro KAWASAKI <kawasaki@juno.dti.ne.jp>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5632 c046a42c-6fe2-441c-8c8c-71466251a162
This patch adds very basic KVM support. KVM is a kernel module for Linux that
allows userspace programs to make use of hardware virtualization support. It
current supports x86 hardware virtualization using Intel VT-x or AMD-V. It
also supports IA64 VT-i, PPC 440, and S390.
This patch only implements the bare minimum support to get a guest booting. It
has very little impact the rest of QEMU and attempts to integrate nicely with
the rest of QEMU.
Even though this implementation is basic, it is significantly faster than TCG.
Booting and shutting down a Linux guest:
w/TCG: 1:32.36 elapsed 84% CPU
w/KVM: 0:31.14 elapsed 59% CPU
Right now, KVM is disabled by default and must be explicitly enabled with
-enable-kvm. We can enable it by default later when we have had better
testing.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5627 c046a42c-6fe2-441c-8c8c-71466251a162
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5624 c046a42c-6fe2-441c-8c8c-71466251a162
This patch fixes the misinterpretaion of the transparency bit for
RGBT 5:5:5 mode on pxa2xx LCDC.
Signed-off-by: Lars Munch <lars@segv.dk>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5605 c046a42c-6fe2-441c-8c8c-71466251a162
The code in hw/cirrus_vga.c has changed a lot between CVE-2007-1320 has
been announced and the patch has been applied. As a consequence it has
wrongly applied and QEMU is still vulnerable to this bug if using VNC.
(noticed by Jan Niehusmann)
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5587 c046a42c-6fe2-441c-8c8c-71466251a162
This patch makes qemu keep track of the character devices in use and
implements a "info chardev" monitor command to print a list.
qemu_chr_open() sticks the devices into a linked list now. It got a new
argument (label), so there is a name for each device. It also assigns a
filename to each character device. By default it just copyes the
filename passed in. Individual drivers can fill in something else
though. qemu_chr_open_pty() sets the filename to name of the pseudo tty
allocated.
Output looks like this:
(qemu) info chardev
monitor: filename=unix:/tmp/run.sh-26827/monitor,server,nowait
serial0: filename=unix:/tmp/run.sh-26827/console,server
serial1: filename=pty:/dev/pts/5
parallel0: filename=vc:640x480
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5575 c046a42c-6fe2-441c-8c8c-71466251a162
The current DMA routines are driven by a call in main_loop_wait() after every
select.
This patch converts the DMA code to be driven by a constantly rescheduled
bottom half. The advantage of using a scheduled bottom half is that we can
stop scheduling the bottom half when there no DMA channels are runnable. This
means we can potentially detect this case and sleep longer in the main loop.
The only two architectures implementing DMA_run() are cris and i386. For cris,
I converted it to a simple repeating bottom half. I've only compile tested
this as cris does not seem to work on a 64-bit host. It should be functionally
identical to the previous implementation so I expect it to work.
For x86, I've made sure to only fire the DMA bottom half if there is a DMA
channel that is runnable. The effect of this is that unless you're using sb16
or a floppy disk, the DMA bottom half never fires.
You probably should test this malc. My own benchmarks actually show slight
improvement by it's possible the change in timing could affect your demos.
Since v1, I've changed the code to use a BH instead of a timer. cris at least
seems to depend on faster than 10ms polling.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5573 c046a42c-6fe2-441c-8c8c-71466251a162
For outgoing DMA channels, keep processing descriptors until hitting end
of list.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5553 c046a42c-6fe2-441c-8c8c-71466251a162
This patch fixes migration so that it works on Win32. This requires using
socket specific calls since sockets cannot be treated like file descriptors
on win32.
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5525 c046a42c-6fe2-441c-8c8c-71466251a162
Since revision 5228, we don't register the memory hole (0xa00000 to
0xfffff) anymore. As a consequence, we don't need to register it again
as unassigned.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5522 c046a42c-6fe2-441c-8c8c-71466251a162
* Drop DMA poll mode. Instead immediately push rx frames straight into the DMA
without waiting for DMA_run to poll them of the fifo.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5520 c046a42c-6fe2-441c-8c8c-71466251a162
this patch allows to fully use a tape device connected to qemu through
the scsi-generic interface.
Previous patch introduced tape SCSI commands management, this one
improve error case management:
- the SCSI controller command completion must be called with the status
value, not the sense value. In the case of scsi-generic, the SCSI status
is given by the field status of sg_io_hdr_t (the value is left shifted
by one regarding status codes defined in /usr/include/scsi/scsi.h)
- when a read is aborted due to a mark/EOF/EOD/EOM, the len reported to
controller can be 0. LSI controller emulation doesn't know how to manage
this. A workaround found is to call the completion routine with
SCSI_REASON_DONE just after calling it with SCSI_REASON_DATA with len=0.
This patch also manages correctly the block size of the tape device.
This patch has been tested with a real tape device "HP C5683A", linux
guest (debian etch) and tools like "mt", "tar" and "btape".
Windows guest is not better supported than before...
Signed-off-by: Laurent Vivier <Laurent.Vivier@bull.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5497 c046a42c-6fe2-441c-8c8c-71466251a162
This patch allows QEMUFile's read and write operations to return
negative error codes. This is necessary to detect things like closed
streams during live migration.
It also removes unused code for QEMUFileFD write path. Finally, it
makes sure to avoid attempting to flush an output buffer if the file
is only being used for input. This was spotted by Uri Lublin.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5474 c046a42c-6fe2-441c-8c8c-71466251a162
The current flash emulation code advertises a write buffer size of 16
bytes (1 << 4, according to offset 0x2A of the CFI table). This is
very small compared to normal write buffer sizes, and makes the
process of writing to the flash very slow (at least from U-Boot).
This patch increases this size to 2048 bytes. Except the modification
of the CFI table, the only other required modification is to use
"value" instead of "cmd" to set pfl->counter, because cmd is truncated
to the 8 lower bits of value, while the number of bytes for a write
can now be greater than 255 bytes.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5454 c046a42c-6fe2-441c-8c8c-71466251a162
The DIAGNOSE command in the qemu IDE implementation has an error when
use dfor packet devices.
The status register value is dependant on the drive being a packet
device or not, this patch corrects the returned status.
From the ATA/PI specification (V6 draft):
"If the device implements the PACKET command feature set, the device
SHALL clear bits 6,5,4,3,2 and 0 in the Status register to zero."
A selection of physical devices have been checked and do conform to
the specifications behaviour.
Signed-off-by: Vincent Sanders <vince@simtec.co.uk>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5452 c046a42c-6fe2-441c-8c8c-71466251a162
Introduce a max_cpus per-machine variable, allowing individual boards
to limit it's number of CPUs. Check requested number of CPUs in setup
code and exit if it exceeds the supported number for the machine.
This also renders the static MAX_CPUS check obsolete, so remove this
from vl.c.
Signed-off-by: Jes Sorensen <jes@sgi.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5443 c046a42c-6fe2-441c-8c8c-71466251a162
Modify all the machine struct declarations to use C99 initializers.
This patch has no functional changes.
Signed-off-by: Jes Sorensen <jes@sgi.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5442 c046a42c-6fe2-441c-8c8c-71466251a162
The current savevm/loadvm protocol has some draw backs. It does not support
the ability to do progressive saving which means it cannot be used for live
checkpointing or migration. The sections sizes are 32-bit integers which
means that it will not function when using more than 4GB of memory for a guest.
It attempts to seek within the output file which means it cannot be streamed.
The current protocol also is pretty lax about how it supports forward
compatibility. If a saved section version is greater than what the restore
code support, the restore code generally treats the saved data as being in
whatever version it supports. This means that restoring a saved VM on an older
version of QEMU will likely result in silent guest failure.
This patch introduces a new version of the savevm protocol. It has the
following features:
* Support for progressive save of sections (for live checkpoint/migration)
* An asynchronous API for doing save
* Support for interleaving multiple progressive save sections
(for future support of memory hot-add/storage migration)
* Fully streaming format
* Strong section version checking
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5434 c046a42c-6fe2-441c-8c8c-71466251a162
This patches slightly improves the debugging messages in pflash_read()
and pflash_write().
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5410 c046a42c-6fe2-441c-8c8c-71466251a162
pfl->wcycle was set to 1 when the erase confirm command was set, which
lead to the next command being misinterpreted by Qemu:
pflash_write: Unimplemented flash cmd sequence (offset 00000000,
wcycle 0x1 cmd 0x20 value 0x70)
This patch fixes this issue by resetting pfl->wcycle to 0 on erase
confirm so that the next command is considered as a new one.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5409 c046a42c-6fe2-441c-8c8c-71466251a162
INIT IPI should reset CPU. Also non boot CPU should be halted. It will
be un-halted by SIPI.
Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5390 c046a42c-6fe2-441c-8c8c-71466251a162
taken from Xen 17267:f4a92f0db20f, original patch by Samuel Thibault.
Signed-off-by: Avi Kivity <avi@qumranet.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5385 c046a42c-6fe2-441c-8c8c-71466251a162
If it does not, abort the command immediately rather than dropping
it on the floor.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5369 c046a42c-6fe2-441c-8c8c-71466251a162
This patch makes the ide emulation actually take notice of
error returns from bdrv_write and bdrv_aio_{read,write}.
(Cherry picked from qemu-xen e0e7a0afe0e324a1f7d64c240f567b15dbe454cf,
first posted to qemu-devel Wed, 20 Feb 2008 15:26:41 +0000)
Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5368 c046a42c-6fe2-441c-8c8c-71466251a162
To support live migration, we override QEMUFile so that instead of writing to
disk, the save/restore state happens over a network connection.
This patch makes QEMUFile read/write operations function pointers so that we
can override them for live migration.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5352 c046a42c-6fe2-441c-8c8c-71466251a162
This does the reverse of bt-host.c, proxying from guest to host.
Appears to be more reliable.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5348 c046a42c-6fe2-441c-8c8c-71466251a162
Note that the L2CAP flow-controlled mode is not fully supported.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5346 c046a42c-6fe2-441c-8c8c-71466251a162
This implements most of the logic of a real HCI (at least the pieces
marked as mandatory). It doesn't support keys, authentication etc.
It works on top of the LMP layer, which is not fully emulated because
software never has direct access to it.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5345 c046a42c-6fe2-441c-8c8c-71466251a162
I left a TODO in the code because this still doesn't definitely
fix all issues.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5308 c046a42c-6fe2-441c-8c8c-71466251a162
This patch allows to use a "real" SCSI tape with qemu using
"-drive /dev/sgX,if=scsi".
It allows to decode correctly transfer length when the type of the
device is a tape.
Some issues remain when the application reading the tape tries to go
beyond the end of the stream (but they must be corrected at the SCSI
controller level).
Signed-off-by: Laurent Vivier <Laurent.Vivier@bull.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5305 c046a42c-6fe2-441c-8c8c-71466251a162
Raise UDC (Unexpected Disconnect) when a large enough number of
instructions has been executed by the SCRIPTS processor. This "solution"
is much simpler than temporarily interrupting execution.
This remedies the situation with Windows which downloads SCRIPTS code
that busy loops on guest main memory. Their drivers _do_ handle UDC
appropriately (at least XP and 2003).
It would be nicer to actually detect infinite loops, but until then,
this bandaid seems acceptable.
Since the situation seems to be rare enough, raise the number
of instructions to 10000 (previously 1000).
Three people other than myself had success with this patch.
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5293 c046a42c-6fe2-441c-8c8c-71466251a162
According to SCSI documentation, for 6 bytes commands (READ(6),
WRITE(6)), if transfer length is 0 it specifies 256 blocks.
Signed-off-by: Laurent Vivier <Laurent.Vivier@bull.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5292 c046a42c-6fe2-441c-8c8c-71466251a162
void *memset(void *s, int c, size_t n);
DESCRIPTION
The memset() function fills the first n bytes of the
memory area
pointed to by s with the constant byte c."
Reported by Dietmar Maurer.
Signed-off-by: Laurent Vivier <Laurent.Vivier@bull.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5291 c046a42c-6fe2-441c-8c8c-71466251a162
Also avoid two signedness warnings in hw/omap2.c.
The API to attach new devices to serials is fine, bu the implementation
is a hack.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5263 c046a42c-6fe2-441c-8c8c-71466251a162
According to linux kernel sources, register a3 is set in case of failure
(and cleared in case of success) while register v0 contains the result
(or -errno in case of error).
The convention was not followed which results in weird behaviour.
Signed-off-by: Tristan Gingold <gingold@adacore.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5243 c046a42c-6fe2-441c-8c8c-71466251a162
* Remove the unused send_buf variable and its constant.
* Fix a math error
The variables recv_ptr and recv_used are not large enough to hold
the constant 384, which causes data corruption when the pointer is
reset with: s->recv_ptr = (s->recv_ptr + len) % RECV_BUF;
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Acked-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5242 c046a42c-6fe2-441c-8c8c-71466251a162
The "Rx timeout" (aka. Character Timeout Indication) has no separate mask
bit in the IER register and according to the specs reading RHR is the only
way to reset the irq. However on the hardware (tested on OMAP2 UART which
is an extended 16550A) the RHR_IT bit in IER disables the irc, too. Linux
bluetooth serial dongle driver for N800 depends on this behavior.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5239 c046a42c-6fe2-441c-8c8c-71466251a162
Should prevent the ugly wrapping due to a typo in an earlier commit.
Fix by Gregor (gg@seh.de).
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5232 c046a42c-6fe2-441c-8c8c-71466251a162
handle different areas in different ways. This schema works with qemu
too, so it appears to be the common ground.
This patch proposes using this common ground for everyone, by spliting
raw qemu.
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5228 c046a42c-6fe2-441c-8c8c-71466251a162
Add receive character feature to SH4 SCIF.
SH4-SCI feature implementation work is left.
(Shin-ichiro KAWASAKI)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5221 c046a42c-6fe2-441c-8c8c-71466251a162
cpu_mips_irqctrl_init() function in hw/mips_timer.c is empty.
Attached patch removes it, and its callers.
(Hervé Poussineau)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5214 c046a42c-6fe2-441c-8c8c-71466251a162
This patch adds support for removing USB devices by host address.
Which is usefull for things like libvirtd because there is no easy way to
find guest USB address of the host device.
In other words you can now do:
usb_add host:3.5
...
usb_del host:3.5
Before the patch 'usb_del' did not support 'host:' notation.
----
Syntax for specifying auto connect filters has been improved.
Old syntax was
host:bus.dev
host:pid:vid
New syntax is
host:auto:bus.dev[:pid:vid]
In both the cases any attribute can be set to "*".
New syntax is more flexible and lets you do things like
host:3.*:5533:* /* grab any device on bus 3 with vendor id 5533 */
It's now possible to remove auto filters. For example:
usb_del host:auto:3.*:5533:*
Active filters are printed after all host devices in 'info usb' output.
Which now looks like this:
Device 1.1, speed 480 Mb/s
Hub: USB device 1d6b:0002, EHCI Host Controller
Device 1.4, speed 480 Mb/s
Class 00: USB device 1058:0704, External HDD
Auto filters:
Device 3.* ID *:*
Signed-off-by: Max Krasnyansky <maxk@kernel.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5205 c046a42c-6fe2-441c-8c8c-71466251a162
Transaction lifetime was originally set to 10 frames. That was an arbitrary
number I picked without much thinking :).
I'm changing that to 32 frames because things like interrupt transfers
and such are scheduled at that rate. It seems like 1/32 is accepted as
lowest supported rate. OHCI, for example, defines exactly 32 interrupt
heads.
While testing USB webcam under XP I noticed that interrupt transactions were
being canceled and then resubmitted on a regular basis, which works but is a
waste of CPU cycles. This change fixes that.
All other devices I have are not affected.
Signed-off-by: Max Krasnyansky <maxk@kernel.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5199 c046a42c-6fe2-441c-8c8c-71466251a162
* Correct numeric value for the RST state.
* Add emulation for reseting a DMA channel.
* Add a few sanity checks.
* Make it compile with debug enabled.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5147 c046a42c-6fe2-441c-8c8c-71466251a162
Use NULL to trigger unassigned memory error on 32-bit accesses instead
of assert(0) as suggested by Blue Swirl.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5141 c046a42c-6fe2-441c-8c8c-71466251a162
This patch enhances the pcnet NIC emulation with better loopback mode
support, including CRC generation for looped-back packets in "raw" mode.
The patch has practically no impact on the normal RX and TX path.
Successfully tested against an ancient proprietary pcnet driver that
does a lot of hardware checks on boot-up and now works fine over qemu as
well.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5135 c046a42c-6fe2-441c-8c8c-71466251a162
This adds trivial support for the R2D-PLUS FPGA, mostly just for the
versioning information that the kernel uses for IRL mappings, in addition
to handling the heartbeat and poweroff writes.
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5134 c046a42c-6fe2-441c-8c8c-71466251a162
Trivial patch adding CPU listing and the ability to do per-subtype
CVR/PVR/PRR values. Presently SH7750R and SH7751R definitions are
provided, as these are the ones in present use in-tree.
The CVR value for SH7751R is intentionally restricted so the kernel
boots, though this will want to be switched to the proper CVR value
once system emulation has sufficiently stabilized.
This also makes it trivial to abstract subtype specific registers like
MMU_PTEA and to set up feature bits in line with the kernel probing for
things like conditionalizing FPU/DSP context.
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5133 c046a42c-6fe2-441c-8c8c-71466251a162
Trivial fix for a corner case: system_shutdown on isapc machines causes
qemu to segfaults due to accessing the uninitialized pm_state. Issue a
system shutdown instead.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5130 c046a42c-6fe2-441c-8c8c-71466251a162
Should be done according to spec.
Signed-off-by: Gleb Natapov <gleb@qumranet.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5128 c046a42c-6fe2-441c-8c8c-71466251a162
This patch fixes two spurious `may be used uninitialised' warnings
when compiling with some compilers.
Signed-off-by: Andre Przywara <andre.przywara@amd.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5127 c046a42c-6fe2-441c-8c8c-71466251a162
While trying to make VX-3000 camera work on XP under KVM I realized that
we do not necessarily have to find original TD address. All we care about
is the token which identifies the transfer rather well (direction, endpoint,
size, etc).
This is especially important for the isochronous transfers because otherwise
they are being canceled left and right and we do not make much progress.
With this patch all devices that used bulk transfers that I've tried so
far continue to work just as well. And now my USB web cammera (isoc transfers)
is working well tool. It's not as smooth as native Windows but it's pretty
darn smooth.
The cool thing is that new USB code (both usb-uhci and usb-linux) is totaly
generic and does not need any special logic for ISOC.
Signed-off-by: Max Krasnyansky <maxk@kernel.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5072 c046a42c-6fe2-441c-8c8c-71466251a162
Fixes regression reported agains Linux 2.6.18.
Looks like XP and newer Linux kernels are less sensitive
to length returned for control transfers.
Signed-off-by: Max Krasnyansky <maxk@kernel.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5070 c046a42c-6fe2-441c-8c8c-71466251a162
Some bugs on SH4 MMU are fixed.
- When a TLB entry is overwritten or invalidated, tlb_flush_page() should be
invoked to invalidate old entry.
- When a ASID is changed, tlb_flush() should be invoke to invalidate entries
which have old ASID.
- The check for shared bit in TLB entry causes multiple TLB hit exception.
As SH3's MMU, shared bit is ignored.
- ASID is used when MMUCR's SV bit or SR's MD bit is zero.
No need to check both bits are zero.
(Shin-ichiro KAWASAKI)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5068 c046a42c-6fe2-441c-8c8c-71466251a162
SH4 MMU's memory mapped TLB feature is implemented.
SH-Linux seems to write to memory mapped TLB to invalidate a TLB entry,
but does not to read it. So only memory write feature is implemented.
Work on memory read feature is left.
(Shin-ichiro KAWASAKI)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5067 c046a42c-6fe2-441c-8c8c-71466251a162
The direction bit in the control register should not be directly
set using PPWCONTROL. The kernel gives the following debug message.
parport0 (ppdev0): use data_reverse for this!
More over setting the data pins to forward mode does not work,
perhaps a bug in the Linux PP driver. The right way to do this is
to use PPDATADIR to set the direction. The patch checks if the
user is toggling the direction bit, and invokes PPDATADIR to
do the job.
Signed-off-by: Vijay Kumar B <vijaykumar@bravegnu.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5063 c046a42c-6fe2-441c-8c8c-71466251a162
Feature, Sector Count, LBA Low/Mid/High and Device registers should be
written only when both BSY and DRQ are cleared to zero.
Command register shall only be written when BSY and DRQ are set to zero
for all commands except DEVICE RESET.
Data Port register shall be accessed for host PIO data transfer only when
DRQ is set to one.
Signed-off-by: Gleb Natapov <gleb@qumranet.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5060 c046a42c-6fe2-441c-8c8c-71466251a162
For some reason we were not registering save/load-vm handler for piix3
flavor of UHCI and hence save/load was broken.
Async transactions need to be canceled when we save the VM because there
is no way we can save/restore all that state. Since we do not mess the
original TD/QH the driver will simply resubmit the transfers.
Tested with Windows XP-SP2 running under QEMU/KQEMU.
Signed-off-by: Max Krasnyansky <maxk@kernel.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5054 c046a42c-6fe2-441c-8c8c-71466251a162
This is esentially a re-write of the QEMU UHCI layer. My initial goal
was to support fully async operation with multiple outstanding async
transactions. Along the way I realized that I can greatly simplify
and cleanup the overall logic. There was a lot of duplicate and confusing
code in the UHCI data structure parsing and other places.
We were actually violating UHCI spec in handling async ISOC transaction
(host controller is not supposed to write into the frame pointer).
The reason I wanted to support fully async operation is because current
synchronous version is unusable with most devices exported from host
(via usb-linux.c). Transactions take a long time and the whole VM becomes
slow as hell.
Current async support is very rudimentory and for the most part
non-functional. Single transaction at a time is simply not enough. I have
a device for which XP driver submits both IN and OUT packets at the same
time. IN packet always times out unless OUT packet makes it to the device.
Hence we must be able to process both in order for that device to work.
The new code is backwards compatible and was first tested agains original
synchronous usb-linux.c and builtin usb devices like tablet which is also
synchronous. Rewrite of the usb-linux.c is coming up next.
Async support was tested against various XP versions (ie XP, SP2, SP3) and
a bunch of different USB devices: serial port controllers, mice, keyboard,
JTAG dongles (from Xilinx and Altera).
ISOC support was only lighly tested and needs more work. It's not any worse
than current code though.
UHCI parser changes are probably somewhat hard to review without the
understanding of the UHCI spec.
The async design should be fairly easy to follow. Basically we have a list
of async objects for each pending transfer. Async objects are tagged with
the original TD (transfer descriptor) address and token. We now support
unlimited number of outstanding isoc and one outstanding bulk/intr/ctrl
transfer per QH (queue head). UHCI spec does not have a clear protocol for
the cancelation of the trasfer requests. Driver can yank out TDs on any
frame boundary. In oder to handle that I added somewhat fancy TD validation
logic logic to avoid unnecessary cancelations.
Signed-off-by: Max Krasnyansky <maxk@kernel.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5050 c046a42c-6fe2-441c-8c8c-71466251a162
A bit better documentation of the USB device API, namely
return codes.
Rewrite of usb_generic_handle_packet() to make it more
reable and easier to follow.
Signed-off-by: Max Krasnyansky <maxk@kernel.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5049 c046a42c-6fe2-441c-8c8c-71466251a162
QEMU can now automatically grab host USB devices that match the filter.
For now I just extended 'host:X.Y' and 'host:VID:PID' syntax to handle
wildcards. So for example if you do something like
usb_add host:5.*
QEMU will automatically grab any non-hub device with host address 5.*.
Same with the 'host:PID:*', we grab any device that matches PID.
Filtering itself is very generic so we can probably add more elaborate
syntax like 'host:BUS.ADDR:VID:PID'. So that we can do 'host:5.*:6000:*'.
Anyway, it's implemented using a periodic timer that scans host devices
and grabs those that match the filter. Timer is started when the first
filter is added.
We now keep the list of all host devices that we grabbed to make sure that
we do not grab the same device twice.
btw It's currently possible to grab the same host device more than once.
ie You can just do "usb_add host:1.1" more than once, which of course does
not work. So this patch fixes that issue too.
Along with auto disconnect patch that I send a minute ago the setup is very
seamless now. You can just allocate some usb ports to the VMs and plug/unplug
devices at any time.
Signed-off-by: Max Krasnyansky <maxk@kernel.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5048 c046a42c-6fe2-441c-8c8c-71466251a162
I got really annoyed by the fact that you have to manually do
usb_del in the monitor when host device is unplugged and decided
to fix it :)
Basically we now automatically remove guest USB device
when the actual host device is disconnected.
At first I've extended set_fd_handlerX() stuff to support checking
for exceptions on fds. But unfortunately usbfs code does not wake up
user-space process when device is removed, which means we need a
timer to periodically check if device is still there. So I removed
fd exception stuff and implemented it with the timer.
Signed-off-by: Max Krasnyansky <maxk@kernel.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5047 c046a42c-6fe2-441c-8c8c-71466251a162
[ Taking latest isapc changes into account. ]
Ensure that PIC-delivered IRQs are properly de-asserted in case the APIC
is in EXTINT or FIXED mode (with level-triggering selected) on LINT0.
Fixes EFI-BIOS boot issues.
This patch also cleans up a bit the interface between PIC and APIC,
making apic_local_deliver private again.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5041 c046a42c-6fe2-441c-8c8c-71466251a162
[ Taking latest isapc changes into account. ]
In case the PIC IRQ gets de-asserted on an isapc machine, we also have
to reset CPU_INTERRUPT_HARD. This is what older qemu (before the
routing-through-APIC changes) used to do as well.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5040 c046a42c-6fe2-441c-8c8c-71466251a162
According to ACPI spec table 4-13 suspend type field should be 3 bits
long.
(Gleb Natapov)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5027 c046a42c-6fe2-441c-8c8c-71466251a162
The APIC timer must not start when the initial count is (still) zero.
This caused occasional stalls when booting secondary CPUs of Linux SMP
guests.
Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5024 c046a42c-6fe2-441c-8c8c-71466251a162
Cancel AIO in IDE layer on device rest in order to be in deterministic state
during next boot.
Signed-off-by: Gleb Natapov <gleb@qumranet.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5011 c046a42c-6fe2-441c-8c8c-71466251a162
This fixes installation of Windows XP.
Signed-off-by: Samuel Thibault <samuel.thibault@eu.citrix.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4995 c046a42c-6fe2-441c-8c8c-71466251a162
Add SEEK_STAT in all non-error cases except sleep request, since our
seek times are virtually 0. Although this flag is deprecated by newer
ATA standards, Linux at least checks it for CD drives, and would timeout
in some case if we do not set it.
Signed-off-by: Samuel Thibault <samuel.thibault@eu.citrix.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4994 c046a42c-6fe2-441c-8c8c-71466251a162
This patch upgrades the emulated UART to 16550A, the code comes from
xen-unstable. The main improvement was introduced with the following patch and
subsequent email thread:
http://lists.xensource.com/archives/html/xen-devel/2007-12/msg00129.html
The changes compared to previous version are:
- change clock_gettime to qemu_get_clock
- no token bucket anymore;
- fixed a small bug handling IRQs; this was the problem that prevented
kgdb to work over the serial (thanks to Jason Wessel for the help
spotting and reproducing this bug).
- many many style fixes;
- savevm version number increased;
- not including termios.h and sys/ioctl.h anymore, declaring static
constants in qemu-char.h instead;
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4993 c046a42c-6fe2-441c-8c8c-71466251a162
e1000_receive() has code to raise a receive overflow interrupt when the receive
buffer head and tail match. However, with the present implementation of
e1000_can_receive(), this code is unreachable -- and etherboot breaks as a
result.
Signed-off-by: Charles Duffy <charles_duffy@messageone.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4987 c046a42c-6fe2-441c-8c8c-71466251a162
This makes it easier to reuse in other parts of QEMU.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4975 c046a42c-6fe2-441c-8c8c-71466251a162