summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-08-25x86: kvm: Add MTRR support for kvm_get|put_msrs()Alex Williamson
The MTRR state in KVM currently runs completely independent of the QEMU state in CPUX86State.mtrr_*. This means that on migration, the target loses MTRR state from the source. Generally that's ok though because KVM ignores it and maps everything as write-back anyway. The exception to this rule is when we have an assigned device and an IOMMU that doesn't promote NoSnoop transactions from that device to be cache coherent. In that case KVM trusts the guest mapping of memory as configured in the MTRR. This patch updates kvm_get|put_msrs() so that we retrieve the actual vCPU MTRR settings and therefore keep CPUX86State synchronized for migration. kvm_put_msrs() is also used on vCPU reset and therefore allows future modificaitons of MTRR state at reset to be realized. Note that the entries array used by both functions was already slightly undersized for holding every possible MSR, so this patch increases it beyond the 28 new entries necessary for MTRR state. Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-25x86: Use common variable range MTRR countsAlex Williamson
We currently define the number of variable range MTRR registers as 8 in the CPUX86State structure and vmstate, but use MSR_MTRRcap_VCNT (also 8) to report to guests the number available. Change this to use MSR_MTRRcap_VCNT consistently. Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-25target-i386: Don't forbid NX bit on PAE PDEs and PTEsWilliam Grant
Commit e8f6d00c30ed88910d0d985f4b2bf41654172ceb ("target-i386: raise page fault for reserved physical address bits") added a check that the NX bit is not set on PAE PDPEs, but it also added it to rsvd_mask for the rest of the function. This caused any PDEs or PTEs with NX set to be erroneously rejected, making PAE guests with NX support unusable. Signed-off-by: William Grant <wgrant@ubuntu.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-25spapr: Add support for new NMI interfaceAlexey Kardashevskiy
This implements an NMI interface POWERPC SPAPR machine. This enables an "nmi" HMP/QMP command supported on SPAPR. This calls POWERPC_EXCP_RESET (vector 0x100) in the guest to deliver NMI to every CPU. The expected result is XMON (in-kernel debugger) invocation. Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Reviewed-by: Alexander Graf <agraf@suse.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-25s390x: Migrate to new NMI interfaceAlexey Kardashevskiy
This implements an NMI interface for s390 and s390-ccw machines. This removes #ifdef s390 branch in qmp_inject_nmi so new s390's nmi_monitor_handler() callback is going to be used for NMI. Since nmi_monitor_handler()-calling code is platform independent, CPUState::cpu_index is used instead of S390CPU::env.cpu_num. There should not be any change in behaviour as both @cpu_index and @cpu_num are global CPU numbers. Note that s390_cpu_restart() already takes care of the specified cpu, so we don't need to schedule via async_run_on_cpu(). Since the only error s390_cpu_restart() can return is ENOSYS, convert it to QERR_UNSUPPORTED. Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Reviewed-by: Alexander Graf <agraf@suse.de> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-25s390x: Convert QEMUMachine to MachineClassAlexey Kardashevskiy
This converts s390-virtio and s390-ccw-virtio machines to QOM MachineClass. This brings ability to add interfaces to the machine classes. The first interface for addition will be NMI. The patch is mechanical so no change in behavior is expected. Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> Reviewed-by: Alexander Graf <agraf@suse.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-25cpus: Define callback for QEMU "nmi" commandAlexey Kardashevskiy
This introduces an NMI (Non Maskable Interrupt) interface with a single nmi_monitor_handler() method. A machine or a device can implement it. This searches for an QOM object with this interface and if it is implemented, calls it. The callback implements an action required to cause debug crash dump on in-kernel debugger invocation. The callback returns Error**. This adds a nmi_monitor_handle() helper which walks through all objects to find the interface. The interface method is called for all found instances. This adds support for it in qmp_inject_nmi(). Since no architecture supports it at the moment, there is no change in behaviour. This changes inject-nmi command description for HMP and QMP. Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Reviewed-by: Alexander Graf <agraf@suse.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-20kvm: run cpu state synchronization on target vcpu threadDavid Hildenbrand
As already done for kvm_cpu_synchronize_state(), let's trigger kvm_arch_put_registers() via run_on_cpu() for kvm_cpu_synchronize_post_reset() and kvm_cpu_synchronize_post_init(). This way, we make sure that the register synchronizing ioctls are called from the proper vcpu thread; this avoids calls to synchronize_rcu() in the kernel. Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: David Hildenbrand <dahi@linux.vnet.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-20Merge remote-tracking branch ↵Peter Maydell
'remotes/pmaydell/tags/pull-target-arm-20140819' into staging target-arm: * fix preferred return address for A64 BRK insn * implement AArch64 single-stepping * support loading gzip compressed AArch64 kernels * use correct PSCI function IDs in the DT when KVM uses PSCI 0.2 * minor cleanups # gpg: Signature made Tue 19 Aug 2014 19:04:09 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" * remotes/pmaydell/tags/pull-target-arm-20140819: arm: stellaris: Remove misleading address_space_mem var arm: armv7m: Rename address_space_mem -> system_memory aarch64: Allow -kernel option to take a gzip-compressed kernel. loader: Add load_image_gzipped function. arm: cortex-a9: Fix cache-line size and associativity arm/virt: Use PSCI v0.2 function IDs in the DT when KVM uses PSCI v0.2 target-arm: Rename QEMU PSCI v0.1 definitions target-arm: Implement MDSCR_EL1 as having state target-arm: Implement ARMv8 single-stepping for AArch32 code target-arm: Implement ARMv8 single-step handling for A64 code target-arm: A64: Avoid duplicate exit_tb(0) in non-linked goto_tb target-arm: Set PSTATE.SS correctly on exception return from AArch64 target-arm: Correctly handle PSTATE.SS when taking exception to AArch32 target-arm: Don't allow AArch32 to access RES0 CPSR bits target-arm: Adjust debug ID registers per-CPU target-arm: Provide both 32 and 64 bit versions of debug registers target-arm: Allow STATE_BOTH reginfo descriptions for more than cp14 target-arm: Collect up the debug cp register definitions target-arm: Fix return address for A64 BRK instructions Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19Revert "memory: Use canonical path component as the name"Peter Maydell
This reverts commit b0225c2c0d89200a29dc3d0b59d2e87a79cbaeb8 (which breaks building with Xen enabled and also leaks memory). Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19arm: stellaris: Remove misleading address_space_mem varPeter Crosthwaite
It's a MemoryRegion and not an AddressSpace. But since it's single use, just inline the get_system_memory() call to the only usage to remove it. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Message-id: d6914047e10b956514cfaa5f391ef56c7d851b34.1408347860.git.peter.crosthwaite@xilinx.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19arm: armv7m: Rename address_space_mem -> system_memoryPeter Crosthwaite
This argument is a MemoryRegion and not an AddressSpace. "Address space" means something quite different to "memory region" in QEMU parlance so rename the variable to reduce confusion. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Message-id: f666cf7f2318d9b461b1e320a45bf0d82da9b7dd.1408347860.git.peter.crosthwaite@xilinx.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19aarch64: Allow -kernel option to take a gzip-compressed kernel.Richard W.M. Jones
On aarch64 it is the bootloader's job to uncompress the kernel. UEFI and u-boot bootloaders do this automatically when the kernel is gzip-compressed. However the qemu -kernel option does not do this. The following command does not work: qemu-system-aarch64 [...] -kernel /boot/vmlinuz because it tries to execute the gzip-compressed data. This commit lets gzip-compressed kernels be uncompressed transparently. Currently this is only done when emulating aarch64. Signed-off-by: Richard W.M. Jones <rjones@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1407831259-2115-3-git-send-email-rjones@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19loader: Add load_image_gzipped function.Richard W.M. Jones
As the name suggests this lets you load a ROM/disk image that is gzipped. It is uncompressed before storing it in guest memory. Signed-off-by: Richard W.M. Jones <rjones@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1407831259-2115-2-git-send-email-rjones@redhat.com [PMM: removed stray space before ')'] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19arm: cortex-a9: Fix cache-line size and associativityPeter Crosthwaite
For A9, The cache associativity is 4 and the lines size is 32B. Self identify in CCSIDR accordingly. Cache size remains at 16k. QEMU doesn't emulate caches, but we should still report the correct cache-line size to the guest. Some guests (like u-boot) complain if the cache-line size mismatches a requested flush or invalidate operation. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Message-id: 1de6bd40155a1d2f2e93e24b1b1d1d677a432641.1408346233.git.peter.crosthwaite@xilinx.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19arm/virt: Use PSCI v0.2 function IDs in the DT when KVM uses PSCI v0.2Christoffer Dall
The current code supplies the PSCI v0.1 function IDs in the DT even when KVM uses PSCI v0.2. This will break guest kernels that only support PSCI v0.1 as they will use the IDs provided in the DT. Guest kernels with PSCI v0.2 support are not affected by this patch, because they ignore the function IDs in the device tree and rely on the architecture definition. Define QEMU versions of the constants and check that they correspond to the Linux defines on Linux build hosts. After this patch, both guest kernels with PSCI v0.1 support and guest kernels with PSCI v0.2 should work. Tested on TC2 for 32-bit and APM Mustang for 64-bit (aarch64 guest only). Both cases tested with 3.14 and linus/master and verified I could bring up 2 cpus with both guest kernels. Also tested 32-bit with a 3.14 host kernel with only PSCI v0.1 and both guests booted here as well. Cc: qemu-stable@nongnu.org Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19target-arm: Rename QEMU PSCI v0.1 definitionsChristoffer Dall
The function IDs for PSCI v0.1 are exported by KVM and defined as KVM_PSCI_FN_<something>. To build using these defines in non-KVM code, QEMU defines these IDs locally and check their correctness against the KVM headers when those are available. However, the naming scheme used for QEMU (almost) clashes with the PSCI v0.2 definitions from Linux so to avoid unfortunate naming when we introduce local PSCI v0.2 defines, rename the current local defines with QEMU_ prependend and clearly identify the PSCI version as v0.1 in the defines. Cc: qemu-stable@nongnu.org Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19target-arm: Implement MDSCR_EL1 as having statePeter Maydell
Now that all the new code to support single-stepping is in place, wire up the guest-visible MDSCR_EL1, so the guest can enable single-stepping. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2014-08-19target-arm: Implement ARMv8 single-stepping for AArch32 codePeter Maydell
ARMv8 single-stepping requires the exception level that controls the single-stepping to be in AArch64 execution state, but the code being stepped may be in AArch64 or AArch32. Implement the necessary support code for single-stepping AArch32 code. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2014-08-19target-arm: Implement ARMv8 single-step handling for A64 codePeter Maydell
Implement ARMv8 software single-step handling for A64 code: correctly update the single-step state machine and generate debug exceptions when stepping A64 code. This patch has no behavioural change since MDSCR_EL1.SS can't be set by the guest yet. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2014-08-19target-arm: A64: Avoid duplicate exit_tb(0) in non-linked goto_tbPeter Maydell
If gen_goto_tb() decides not to link the two TBs, then the fallback path generates unnecessary code: * if singlestep is enabled then we generate unreachable code after the gen_exception_internal(EXCP_DEBUG) * if singlestep is disabled then we will generate exit_tb(0) twice, once in gen_goto_tb() and once coming out of the main loop with is_jmp set to DISAS_JUMP Correct these deficiencies by only emitting exit_tb() in the non-singlestep case, in which case we can use DISAS_TB_JUMP to suppress the main-loop exit_tb(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2014-08-19target-arm: Set PSTATE.SS correctly on exception return from AArch64Peter Maydell
Set the PSTATE.SS bit correctly on exception returns from AArch64, as required by the debug single-step functionality. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2014-08-19target-arm: Correctly handle PSTATE.SS when taking exception to AArch32Peter Maydell
When an exception is taken to AArch32, we must clear the PSTATE.SS bit for the exception handler, and must also ensure that the SS bit is not set in the value saved to SPSR_<mode>. Achieve both of these aims by clearing the bit in uncached_cpsr before saving it to the SPSR. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2014-08-19target-arm: Don't allow AArch32 to access RES0 CPSR bitsPeter Maydell
The CPSR has a new-in-v8 execution state bit (IL), and also some state which has effects in AArch32 but appears only in the SPSR format (SS) but is RES0 in the CPSR. Add the IL bit to CPSR_EXEC, and enforce that guest direct reads and writes to CPSR can't read or write the RES0 bits, so the guest can't get at the SS bit which we store in uncached_cpsr. This includes not permitting exception returns to copy reserved bits from an SPSR into CPSR. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2014-08-19target-arm: Adjust debug ID registers per-CPUPeter Maydell
Allow each CPU type to specify the value for the debug ID registers, by putting them in the ARMCPU struct, and use the resulting information to only expose the correct number of watchpoint and breakpoint registers for the CPU. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2014-08-19target-arm: Provide both 32 and 64 bit versions of debug registersPeter Maydell
Bring the 32 bit and 64 bit views of the debug registers into line by providing the same set of registers in both cases. (This still isn't a complete set, but it is consistent.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2014-08-19target-arm: Allow STATE_BOTH reginfo descriptions for more than cp14Peter Maydell
Currently the STATE_BOTH shorthand for allowing a single reginfo struct to define handling for both AArch32 and AArch64 views of a register only permits this where the AArch32 view is in cp15. It turns out that the debug registers in cp14 also have neatly lined up encodings; allow these also to share reginfo structs by permitting a STATE_BOTH reginfo to specify the .cp field (and continue to default to 15 if it is not specified). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2014-08-19target-arm: Collect up the debug cp register definitionsPeter Maydell
At the moment we have a mixed set of mostly dummy register definitions for various debug related registers which have been added piecemeal in order to get Linux kernels to boot. In preparation for actually implementing debug support, bring them all together into one place. This commit doesn't change behaviour: we still expose exactly the same registers and behaviour to the guest in all configurations. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2014-08-19target-arm: Fix return address for A64 BRK instructionsPeter Maydell
When we take an exception resulting from a BRK instruction, the architecture requires that the "preferred return address" reported to the exception handler is the address of the BRK itself, not the following instruction (like undefined insns, and in contrast with SVC, HVC and SMC). Follow this, rather than incorrectly reporting the address of the following insn. (We do get this correct for the A32/T32 BKPT insns.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Cc: qemu-stable@nongnu.org
2014-08-19Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
SCSI changes that enable sending vendor-specific commands via virtio-scsi. Memory changes for QOMification and automatic tracking of MR lifetime. # gpg: Signature made Mon 18 Aug 2014 13:03:09 BST using RSA key ID 9B4D86F2 # gpg: Good signature from "Paolo Bonzini <pbonzini@redhat.com>" # gpg: aka "Paolo Bonzini <bonzini@gnu.org>" * remotes/bonzini/tags/for-upstream: mtree: remove write-only field memory: Use canonical path component as the name memory: Use memory_region_name for name access memory: constify memory_region_name exec: Abstract away ref to memory region names loader: Abstract away ref to memory region names tpm_tis: remove instance_finalize callback memory: remove memory_region_destroy memory: convert memory_region_destroy to object_unparent ioport: split deletion and destruction nic: do not destroy memory regions in cleanup functions vga: do not dynamically allocate chain4_alias sysbus: remove unused function sysbus_del_io qom: object: move unparenting to the child property's release callback qom: object: delete properties before calling instance_finalize virtio-scsi: implement parse_cdb scsi-block, scsi-generic: implement parse_cdb scsi-block: extract scsi_block_is_passthrough scsi-bus: introduce parse_cdb in SCSIDeviceClass and SCSIBusInfo scsi-bus: prepare scsi_req_new for introduction of parse_cdb Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-19Merge remote-tracking branch 'remotes/qmp-unstable/queue/qmp' into stagingPeter Maydell
* remotes/qmp-unstable/queue/qmp: monitor: fix use after free dump.c: Fix memory leak issue in cleanup processing for dump_init() monitor: Remove hardcoded watchdog event names Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-18monitor: fix use after freeMichael S. Tsirkin
The function monitor_fdset_dup_fd_find_remove() references member of 'mon_fdset' which - when remove flag is set - may be freed in function monitor_fdset_cleanup(). remove is set by monitor_fdset_dup_fd_remove which in practice does not need the returned value, so make it void, and return -1 from monitor_fdset_dup_fd_find_remove. Reported-by: zhanghailiang <zhang.zhanghailiang@huawei.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2014-08-18dump.c: Fix memory leak issue in cleanup processing for dump_init()Chen Gang
In dump_init(), when failure occurs, need notice about 'fd' and memory mapping. So call dump_cleanup() for it (need let all initializations at front). Also simplify dump_cleanup(): remove redundant 'ret' and redundant 'fd' checking. Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2014-08-18monitor: Remove hardcoded watchdog event namesHani Benhabiles
Signed-off-by: Hani Benhabiles <hani@linux.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2014-08-18Merge remote-tracking branch 'remotes/amit/for-2.2' into stagingPeter Maydell
* remotes/amit/for-2.2: virtio-serial: search for duplicate port names before adding new ports virtio-serial: create a linked list of all active devices Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-18virtio-serial: search for duplicate port names before adding new portsAmit Shah
Before adding new ports to VirtIOSerial devices, check if there's a conflict in the 'name' parameter. This ensures two virtserialports with identical names are not initialized. Reported-by: <mazhang@redhat.com> Signed-off-by: Amit Shah <amit.shah@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com>
2014-08-18virtio-serial: create a linked list of all active devicesAmit Shah
To ensure two virtserialports don't get added to the system with the same 'name' parameter, we need to access all the ports on all the devices added, and compare the names. We currently don't have a list of all VirtIOSerial devices added to the system. This commit adds a simple linked list in which devices are put when they're initialized, and removed when they go away. Signed-off-by: Amit Shah <amit.shah@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com>
2014-08-18Merge remote-tracking branch 'remotes/mcayland/qemu-sparc' into stagingPeter Maydell
* remotes/mcayland/qemu-sparc: target-sparc64: implement Short Floating-Point Store Instructions apb: add IOMMU flush register implementation sun4u: switch second PCI-ebus bridge BAR over to PCI IO space Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-18Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into ↵Peter Maydell
staging Block pull request # gpg: Signature made Fri 15 Aug 2014 18:04:23 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" # gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" * remotes/stefanha/tags/block-pull-request: (55 commits) qcow2: fix new_blocks double-free in alloc_refcount_block() image-fuzzer: Reduce number of generator functions in __init__ image-fuzzer: Add generators of L1/L2 tables image-fuzzer: Add fuzzing functions for L1/L2 table entries docs: Expand the list of supported image elements with L1/L2 tables image-fuzzer: Public API for image-fuzzer/runner/runner.py image-fuzzer: Generator of fuzzed qcow2 images image-fuzzer: Fuzzing functions for qcow2 images image-fuzzer: Tool for fuzz tests execution docs: Specification for the image fuzzer ide: only constrain read/write requests to drive size, not other types virtio-blk: Correct bug in support for flexible descriptor layout libqos: Change free function called in malloc libqos: Correct mask to align size to PAGE_SIZE in malloc-pc libqtest: add QTEST_LOG for debugging qtest testcases ide: Fix segfault when flushing a device that doesn't exist qemu-options: add missing -drive discard option to cmdline help parallels: 2TB+ parallels images support parallels: split check for parallels format in parallels_open parallels: replace tabs with spaces in block/parallels.c ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-08-18mtree: remove write-only fieldPaolo Bonzini
ml->printed is never set to true. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18memory: Use canonical path component as the namePeter Crosthwaite
Rather than having the name as separate state. This prepares support for creating a MemoryRegion dynamically (i.e. without memory_region_init() and friends) and the MemoryRegion still getting a usable name. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18memory: Use memory_region_name for name accessPeter Crosthwaite
Despite being local to memory.c, use the helper function. This prepares support for fully QOMifiying the name field of MR (which will remove this state from MR completely). Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18memory: constify memory_region_namePeter Crosthwaite
It doesn't change the MR and some prospective call sites will have const MRs at hand. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18exec: Abstract away ref to memory region namesPeter Crosthwaite
Use the function provided rather than spying on the struct. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18loader: Abstract away ref to memory region namesPeter Crosthwaite
Use the function provided rather than spying on the struct. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18tpm_tis: remove instance_finalize callbackPaolo Bonzini
It is never used, since ISA device are not hot-unpluggable. Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18memory: remove memory_region_destroyPaolo Bonzini
The function is empty after the previous patch, so remove it. Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-18memory: convert memory_region_destroy to object_unparentPaolo Bonzini
Explicitly call object_unparent in the few places where we will re-create the memory region. If the memory region is simply being destroyed as part of device teardown, let QOM handle it. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-17ioport: split deletion and destructionPaolo Bonzini
Of the two functions portio_list_del and portio_list_destroy, the latter is just freeing a memory area. However, portio_list_del is the logical equivalent of memory_region_del_subregion so destruction of memory regions does not belong there. Actually, neither of these APIs are in use; portio is mostly used by ISA devices or VGAs, and neither of these is currently hot-unpluggable. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-08-17nic: do not destroy memory regions in cleanup functionsPaolo Bonzini
The memory regions should be destroyed in the unrealize function; since these NICs are not even qdev-ified, they cannot be unplugged and they do not have to do anything to destroy their memory regions. Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>