diff options
134 files changed, 5281 insertions, 1891 deletions
diff --git a/Makefile b/Makefile index 0838bc4474..9ce8768ce8 100644 --- a/Makefile +++ b/Makefile @@ -38,6 +38,7 @@ LIBS+=-lz $(LIBS_TOOLS) ifdef BUILD_DOCS DOCS=qemu-doc.html qemu-tech.html qemu.1 qemu-img.1 qemu-nbd.8 QMP/qmp-commands.txt +DOCS+=fsdev/virtfs-proxy-helper.1 else DOCS= endif @@ -155,6 +156,9 @@ qemu-img$(EXESUF): qemu-img.o $(tools-obj-y) $(block-obj-y) qemu-nbd$(EXESUF): qemu-nbd.o $(tools-obj-y) $(block-obj-y) qemu-io$(EXESUF): qemu-io.o cmd.o $(tools-obj-y) $(block-obj-y) +fsdev/virtfs-proxy-helper$(EXESUF): fsdev/virtfs-proxy-helper.o fsdev/virtio-9p-marshal.o oslib-posix.o $(trace-obj-y) +fsdev/virtfs-proxy-helper$(EXESUF): LIBS += -lcap + qemu-img-cmds.h: $(SRC_PATH)/qemu-img-cmds.hx $(call quiet-command,sh $(SRC_PATH)/scripts/hxtool -h < $< > $@," GEN $@") @@ -286,7 +290,10 @@ ifdef CONFIG_POSIX $(INSTALL_DIR) "$(DESTDIR)$(mandir)/man8" $(INSTALL_DATA) qemu-nbd.8 "$(DESTDIR)$(mandir)/man8" endif - +ifdef CONFIG_VIRTFS + $(INSTALL_DIR) "$(DESTDIR)$(mandir)/man1" + $(INSTALL_DATA) fsdev/virtfs-proxy-helper.1 "$(DESTDIR)$(mandir)/man1" +endif install-sysconfig: $(INSTALL_DIR) "$(DESTDIR)$(sysconfdir)/qemu" $(INSTALL_DATA) $(SRC_PATH)/sysconfigs/target/target-x86_64.conf "$(DESTDIR)$(sysconfdir)/qemu" @@ -370,6 +377,12 @@ qemu-img.1: qemu-img.texi qemu-img-cmds.texi pod2man --section=1 --center=" " --release=" " qemu-img.pod > $@, \ " GEN $@") +fsdev/virtfs-proxy-helper.1: fsdev/virtfs-proxy-helper.texi + $(call quiet-command, \ + perl -Ww -- $(SRC_PATH)/scripts/texi2pod.pl $< fsdev/virtfs-proxy-helper.pod && \ + pod2man --section=1 --center=" " --release=" " fsdev/virtfs-proxy-helper.pod > $@, \ + " GEN $@") + qemu-nbd.8: qemu-nbd.texi $(call quiet-command, \ perl -Ww -- $(SRC_PATH)/scripts/texi2pod.pl $< qemu-nbd.pod && \ diff --git a/Makefile.objs b/Makefile.objs index 8813673584..4f6d26c917 100644 --- a/Makefile.objs +++ b/Makefile.objs @@ -61,7 +61,7 @@ ifeq ($(CONFIG_VIRTIO)$(CONFIG_VIRTFS)$(CONFIG_PCI),yyy) # Lots of the fsdev/9pcode is pulled in by vl.c via qemu_fsdev_add. # only pull in the actual virtio-9p device if we also enabled virtio. CONFIG_REALLY_VIRTFS=y -fsdev-nested-y = qemu-fsdev.o +fsdev-nested-y = qemu-fsdev.o virtio-9p-marshal.o else fsdev-nested-y = qemu-fsdev-dummy.o endif @@ -109,7 +109,7 @@ common-obj-$(CONFIG_SD) += sd.o common-obj-y += bt.o bt-host.o bt-vhci.o bt-l2cap.o bt-sdp.o bt-hci.o bt-hid.o usb-bt.o common-obj-y += bt-hci-csr.o common-obj-y += buffered_file.o migration.o migration-tcp.o -common-obj-y += qemu-char.o savevm.o #aio.o +common-obj-y += qemu-char.o #aio.o common-obj-y += msmouse.o ps2.o common-obj-y += qdev.o qdev-properties.o common-obj-y += block-migration.o iohandler.o @@ -311,6 +311,7 @@ hw-obj-$(CONFIG_SOUND) += $(sound-obj-y) 9pfs-nested-$(CONFIG_VIRTFS) += virtio-9p-coth.o cofs.o codir.o cofile.o 9pfs-nested-$(CONFIG_VIRTFS) += coxattr.o virtio-9p-synth.o 9pfs-nested-$(CONFIG_OPEN_BY_HANDLE) += virtio-9p-handle.o +9pfs-nested-$(CONFIG_VIRTFS) += virtio-9p-proxy.o hw-obj-$(CONFIG_REALLY_VIRTFS) += $(addprefix 9pfs/, $(9pfs-nested-y)) $(addprefix 9pfs/, $(9pfs-nested-y)): QEMU_CFLAGS+=$(GLIB_CFLAGS) diff --git a/Makefile.target b/Makefile.target index d70d911f34..06d79b8028 100644 --- a/Makefile.target +++ b/Makefile.target @@ -196,7 +196,7 @@ obj-$(CONFIG_VHOST_NET) += vhost.o obj-$(CONFIG_REALLY_VIRTFS) += 9pfs/virtio-9p-device.o obj-$(CONFIG_KVM) += kvm.o kvm-all.o obj-$(CONFIG_NO_KVM) += kvm-stub.o -obj-y += memory.o +obj-y += memory.o savevm.o LIBS+=-lz QEMU_CFLAGS += $(VNC_TLS_CFLAGS) @@ -339,6 +339,7 @@ obj-arm-y = integratorcp.o versatilepb.o arm_pic.o arm_timer.o obj-arm-y += arm_boot.o pl011.o pl031.o pl050.o pl080.o pl110.o pl181.o pl190.o obj-arm-y += versatile_pci.o obj-arm-y += realview_gic.o realview.o arm_sysctl.o arm11mpcore.o a9mpcore.o +obj-arm-y += arm_l2x0.o obj-arm-y += arm_mptimer.o obj-arm-y += armv7m.o armv7m_nvic.o stellaris.o pl022.o stellaris_enet.o obj-arm-y += pl061.o diff --git a/arch_init.c b/arch_init.c index 847bf4edd6..66f7a3fe5f 100644 --- a/arch_init.c +++ b/arch_init.c @@ -117,24 +117,22 @@ static int ram_save_block(QEMUFile *f) { RAMBlock *block = last_block; ram_addr_t offset = last_offset; - ram_addr_t current_addr; int bytes_sent = 0; + MemoryRegion *mr; if (!block) block = QLIST_FIRST(&ram_list.blocks); - current_addr = block->offset + offset; - do { - if (cpu_physical_memory_get_dirty(current_addr, MIGRATION_DIRTY_FLAG)) { + mr = block->mr; + if (memory_region_get_dirty(mr, offset, DIRTY_MEMORY_MIGRATION)) { uint8_t *p; int cont = (block == last_block) ? RAM_SAVE_FLAG_CONTINUE : 0; - cpu_physical_memory_reset_dirty(current_addr, - current_addr + TARGET_PAGE_SIZE, - MIGRATION_DIRTY_FLAG); + memory_region_reset_dirty(mr, offset, TARGET_PAGE_SIZE, + DIRTY_MEMORY_MIGRATION); - p = block->host + offset; + p = memory_region_get_ram_ptr(mr) + offset; if (is_dup_page(p, *p)) { qemu_put_be64(f, offset | cont | RAM_SAVE_FLAG_COMPRESS); @@ -166,10 +164,7 @@ static int ram_save_block(QEMUFile *f) if (!block) block = QLIST_FIRST(&ram_list.blocks); } - - current_addr = block->offset + offset; - - } while (current_addr != last_block->offset + last_offset); + } while (block != last_block || offset != last_offset); last_block = block; last_offset = offset; @@ -186,9 +181,9 @@ static ram_addr_t ram_save_remaining(void) QLIST_FOREACH(block, &ram_list.blocks, next) { ram_addr_t addr; - for (addr = block->offset; addr < block->offset + block->length; - addr += TARGET_PAGE_SIZE) { - if (cpu_physical_memory_get_dirty(addr, MIGRATION_DIRTY_FLAG)) { + for (addr = 0; addr < block->length; addr += TARGET_PAGE_SIZE) { + if (memory_region_get_dirty(block->mr, addr, + DIRTY_MEMORY_MIGRATION)) { count++; } } @@ -222,12 +217,8 @@ static int block_compar(const void *a, const void *b) { RAMBlock * const *ablock = a; RAMBlock * const *bblock = b; - if ((*ablock)->offset < (*bblock)->offset) { - return -1; - } else if ((*ablock)->offset > (*bblock)->offset) { - return 1; - } - return 0; + + return strcmp((*ablock)->idstr, (*bblock)->idstr); } static void sort_ram_list(void) @@ -260,7 +251,7 @@ int ram_save_live(Monitor *mon, QEMUFile *f, int stage, void *opaque) int ret; if (stage < 0) { - cpu_physical_memory_set_dirty_tracking(0); + memory_global_dirty_log_stop(); return 0; } @@ -275,17 +266,15 @@ int ram_save_live(Monitor *mon, QEMUFile *f, int stage, void *opaque) /* Make sure all dirty bits are set */ QLIST_FOREACH(block, &ram_list.blocks, next) { - for (addr = block->offset; addr < block->offset + block->length; - addr += TARGET_PAGE_SIZE) { - if (!cpu_physical_memory_get_dirty(addr, - MIGRATION_DIRTY_FLAG)) { - cpu_physical_memory_set_dirty(addr); + for (addr = 0; addr < block->length; addr += TARGET_PAGE_SIZE) { + if (!memory_region_get_dirty(block->mr, addr, + DIRTY_MEMORY_MIGRATION)) { + memory_region_set_dirty(block->mr, addr); } } } - /* Enable dirty memory tracking */ - cpu_physical_memory_set_dirty_tracking(1); + memory_global_dirty_log_start(); qemu_put_be64(f, ram_bytes_total() | RAM_SAVE_FLAG_MEM_SIZE); @@ -330,7 +319,7 @@ int ram_save_live(Monitor *mon, QEMUFile *f, int stage, void *opaque) while ((bytes_sent = ram_save_block(f)) != 0) { bytes_transferred += bytes_sent; } - cpu_physical_memory_set_dirty_tracking(0); + memory_global_dirty_log_stop(); } qemu_put_be64(f, RAM_SAVE_FLAG_EOS); @@ -354,7 +343,7 @@ static inline void *host_from_stream_offset(QEMUFile *f, return NULL; } - return block->host + offset; + return memory_region_get_ram_ptr(block->mr) + offset; } len = qemu_get_byte(f); @@ -363,7 +352,7 @@ static inline void *host_from_stream_offset(QEMUFile *f, QLIST_FOREACH(block, &ram_list.blocks, next) { if (!strncmp(id, block->idstr, sizeof(id))) - return block->host + offset; + return memory_region_get_ram_ptr(block->mr) + offset; } fprintf(stderr, "Can't find block %s!\n", id); @@ -376,7 +365,7 @@ int ram_load(QEMUFile *f, void *opaque, int version_id) int flags; int error; - if (version_id < 3 || version_id > 4) { + if (version_id < 4 || version_id > 4) { return -EINVAL; } @@ -387,11 +376,7 @@ int ram_load(QEMUFile *f, void *opaque, int version_id) addr &= TARGET_PAGE_MASK; if (flags & RAM_SAVE_FLAG_MEM_SIZE) { - if (version_id == 3) { - if (addr != ram_bytes_total()) { - return -EINVAL; - } - } else { + if (version_id == 4) { /* Synchronize RAM block list */ char id[256]; ram_addr_t length; @@ -429,10 +414,7 @@ int ram_load(QEMUFile *f, void *opaque, int version_id) void *host; uint8_t ch; - if (version_id == 3) - host = qemu_get_ram_ptr(addr); - else - host = host_from_stream_offset(f, addr, flags); + host = host_from_stream_offset(f, addr, flags); if (!host) { return -EINVAL; } @@ -448,10 +430,7 @@ int ram_load(QEMUFile *f, void *opaque, int version_id) } else if (flags & RAM_SAVE_FLAG_PAGE) { void *host; - if (version_id == 3) - host = qemu_get_ram_ptr(addr); - else - host = host_from_stream_offset(f, addr, flags); + host = host_from_stream_offset(f, addr, flags); qemu_get_buffer(f, host, TARGET_PAGE_SIZE); } diff --git a/configure b/configure index 640e81536d..0309dad906 100755 --- a/configure +++ b/configure @@ -300,8 +300,11 @@ else cpu=`uname -m` fi +ARCH= +# Normalise host CPU name and set ARCH. +# Note that this case should only have supported host CPUs, not guests. case "$cpu" in - alpha|cris|ia64|lm32|m68k|microblaze|ppc|ppc64|sparc64|unicore32) + ia64|ppc|ppc64|s390|s390x|sparc64) cpu="$cpu" ;; i386|i486|i586|i686|i86pc|BePC) @@ -319,20 +322,17 @@ case "$cpu" in mips*) cpu="mips" ;; - s390) - cpu="s390" - ;; - s390x) - cpu="s390x" - ;; sparc|sun4[cdmuv]) cpu="sparc" ;; *) - echo "Unsupported CPU = $cpu" - exit 1 + # This will result in either an error or falling back to TCI later + ARCH=unknown ;; esac +if test -z "$ARCH"; then + ARCH="$cpu" +fi # OS specific if check_define __linux__ ; then @@ -1080,6 +1080,18 @@ echo "NOTE: The object files are built at the place where configure is launched" exit 1 fi +# Now we have handled --enable-tcg-interpreter and know we're not just +# printing the help message, bail out if the host CPU isn't supported. +if test "$ARCH" = "unknown"; then + if test "$tcg_interpreter" = "yes" ; then + echo "Unsupported CPU = $cpu, will use TCG with TCI (experimental)" + ARCH=tci + else + echo "Unsupported CPU = $cpu, try --enable-tcg-interpreter" + exit 1 + fi +fi + # check that the C compiler works. cat > $TMPC <<EOF int main(void) { return 0; } @@ -1185,13 +1197,9 @@ if test "$solaris" = "yes" ; then fi fi -if test "$guest_agent" != "no" ; then - if has $python; then - : - else - echo "Python not found. Use --python=/path/to/python" - exit 1 - fi +if ! has $python; then + echo "Python not found. Use --python=/path/to/python" + exit 1 fi if test -z "$target_list" ; then @@ -1967,6 +1975,22 @@ else fi ########################################## +# libcap probe + +if test "$cap" != "no" ; then + cat > $TMPC <<EOF +#include <stdio.h> +#include <sys/capability.h> +int main(void) { cap_t caps; caps = cap_init(); } +EOF + if compile_prog "" "-lcap" ; then + cap=yes + else + cap=no + fi +fi + +########################################## # pthread probe PTHREADLIBS_LIST="-pthread -lpthread -lpthreadGC2" @@ -2767,6 +2791,9 @@ confdir=$sysconfdir$confsuffix tools= if test "$softmmu" = yes ; then tools="qemu-img\$(EXESUF) qemu-io\$(EXESUF) $tools" + if [ "$cap" = "yes" -a "$linux" = "yes" ] ; then + tools="$tools fsdev/virtfs-proxy-helper\$(EXESUF)" + fi if [ "$linux" = "yes" -o "$bsd" = "yes" -o "$solaris" = "yes" ] ; then tools="qemu-nbd\$(EXESUF) $tools" if [ "$guest_agent" = "yes" ]; then @@ -2903,20 +2930,6 @@ echo "sysconfdir=$sysconfdir" >> $config_host_mak echo "docdir=$docdir" >> $config_host_mak echo "confdir=$confdir" >> $config_host_mak -case "$cpu" in - i386|x86_64|alpha|arm|cris|hppa|ia64|lm32|m68k|microblaze|mips|mips64|ppc|ppc64|s390|s390x|sparc|sparc64|unicore32) - ARCH=$cpu - ;; - *) - if test "$tcg_interpreter" = "yes" ; then - echo "Unsupported CPU = $cpu, will use TCG with TCI (experimental)" - ARCH=tci - else - echo "Unsupported CPU = $cpu, try --enable-tcg-interpreter" - exit 1 - fi - ;; -esac echo "ARCH=$ARCH" >> $config_host_mak if test "$debug_tcg" = "yes" ; then echo "CONFIG_DEBUG_TCG=y" >> $config_host_mak @@ -3395,7 +3408,6 @@ echo "# Automatically generated by configure - do not modify" > $config_target_m bflt="no" target_nptl="no" interp_prefix1=`echo "$interp_prefix" | sed "s/%M/$target_arch2/g"` -echo "CONFIG_QEMU_INTERP_PREFIX=\"$interp_prefix1\"" >> $config_target_mak gdb_xml_files="" target_short_alignment=2 target_int_alignment=4 @@ -3601,6 +3613,7 @@ if test "$target_softmmu" = "yes" ; then fi if test "$target_user_only" = "yes" ; then echo "CONFIG_USER_ONLY=y" >> $config_target_mak + echo "CONFIG_QEMU_INTERP_PREFIX=\"$interp_prefix1\"" >> $config_target_mak fi if test "$target_linux_user" = "yes" ; then echo "CONFIG_LINUX_USER=y" >> $config_target_mak diff --git a/console.c b/console.c index 223f8fd9a4..135394f6f6 100644 --- a/console.c +++ b/console.c @@ -186,7 +186,9 @@ void vga_hw_screen_dump(const char *filename) consoles[0]->hw_screen_dump(consoles[0]->hw, filename); } - console_select(previous_active_console->index); + if (previous_active_console) { + console_select(previous_active_console->index); + } } void vga_hw_text_update(console_ch_t *chardata) diff --git a/cpu-all.h b/cpu-all.h index 734833abda..e2c3c49283 100644 --- a/cpu-all.h +++ b/cpu-all.h @@ -476,6 +476,7 @@ extern ram_addr_t ram_size; #define RAM_PREALLOC_MASK (1 << 0) typedef struct RAMBlock { + struct MemoryRegion *mr; uint8_t *host; ram_addr_t offset; ram_addr_t length; @@ -502,7 +503,7 @@ extern int mem_prealloc; 3 flags. The ROMD code stores the page ram offset in iotlb entry, so only a limited number of ids are avaiable. */ -#define IO_MEM_NB_ENTRIES (1 << (TARGET_PAGE_BITS - IO_MEM_SHIFT)) +#define IO_MEM_NB_ENTRIES (1 << TARGET_PAGE_BITS) /* Flags stored in the low bits of the TLB virtual address. These are defined so that fast path ram access is all zeros. */ @@ -514,61 +515,8 @@ extern int mem_prealloc; /* Set if TLB entry is an IO callback. */ #define TLB_MMIO (1 << 5) -#define VGA_DIRTY_FLAG 0x01 -#define CODE_DIRTY_FLAG 0x02 -#define MIGRATION_DIRTY_FLAG 0x08 - -/* read dirty bit (return 0 or 1) */ -static inline int cpu_physical_memory_is_dirty(ram_addr_t addr) -{ - return ram_list.phys_dirty[addr >> TARGET_PAGE_BITS] == 0xff; -} - -static inline int cpu_physical_memory_get_dirty_flags(ram_addr_t addr) -{ - return ram_list.phys_dirty[addr >> TARGET_PAGE_BITS]; -} - -static inline int cpu_physical_memory_get_dirty(ram_addr_t addr, - int dirty_flags) -{ - return ram_list.phys_dirty[addr >> TARGET_PAGE_BITS] & dirty_flags; -} - -static inline void cpu_physical_memory_set_dirty(ram_addr_t addr) -{ - ram_list.phys_dirty[addr >> TARGET_PAGE_BITS] = 0xff; -} - -static inline int cpu_physical_memory_set_dirty_flags(ram_addr_t addr, - int dirty_flags) -{ - return ram_list.phys_dirty[addr >> TARGET_PAGE_BITS] |= dirty_flags; -} - -static inline void cpu_physical_memory_mask_dirty_range(ram_addr_t start, - int length, - int dirty_flags) -{ - int i, mask, len; - uint8_t *p; - - len = length >> TARGET_PAGE_BITS; - mask = ~dirty_flags; - p = ram_list.phys_dirty + (start >> TARGET_PAGE_BITS); - for (i = 0; i < len; i++) { - p[i] &= mask; - } -} - -void cpu_physical_memory_reset_dirty(ram_addr_t start, ram_addr_t end, - int dirty_flags); void cpu_tlb_update_dirty(CPUState *env); -int cpu_physical_memory_set_dirty_tracking(int enable); - -int cpu_physical_memory_get_dirty_tracking(void); - void dump_exec_info(FILE *f, fprintf_function cpu_fprintf); #endif /* !CONFIG_USER_ONLY */ diff --git a/cpu-common.h b/cpu-common.h index 3fe44d25d1..a40c57dc1f 100644 --- a/cpu-common.h +++ b/cpu-common.h @@ -49,6 +49,7 @@ void qemu_put_ram_ptr(void *addr); /* This should not be used by devices. */ int qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr); ram_addr_t qemu_ram_addr_from_host_nofail(void *ptr); +void qemu_ram_set_idstr(ram_addr_t addr, const char *name, DeviceState *dev); void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf, int len, int is_write); @@ -106,17 +107,10 @@ void stq_phys(target_phys_addr_t addr, uint64_t val); void cpu_physical_memory_write_rom(target_phys_addr_t addr, const uint8_t *buf, int len); -#define IO_MEM_SHIFT 3 - -#define IO_MEM_RAM (0 << IO_MEM_SHIFT) /* hardcoded offset */ -#define IO_MEM_ROM (1 << IO_MEM_SHIFT) /* hardcoded offset */ -#define IO_MEM_UNASSIGNED (2 << IO_MEM_SHIFT) -#define IO_MEM_NOTDIRTY (3 << IO_MEM_SHIFT) -#define IO_MEM_SUBPAGE_RAM (4 << IO_MEM_SHIFT) - -/* Acts like a ROM when read and like a device when written. */ -#define IO_MEM_ROMD (1) -#define IO_MEM_SUBPAGE (2) +extern struct MemoryRegion io_mem_ram; +extern struct MemoryRegion io_mem_rom; +extern struct MemoryRegion io_mem_unassigned; +extern struct MemoryRegion io_mem_notdirty; #endif diff --git a/cris-dis.c b/cris-dis.c index 5b8e90b2cd..1d174ba8cc 100644 --- a/cris-dis.c +++ b/cris-dis.c @@ -1396,34 +1396,12 @@ get_opcode_entry (unsigned int insn, /* Allocate and clear the opcode-table. */ if (opc_table == NULL) { - opc_table = g_malloc (65536 * sizeof (opc_table[0])); - - memset (opc_table, 0, 65536 * sizeof (const struct cris_opcode *)); - - dip_prefixes - = g_malloc (65536 * sizeof (const struct cris_opcode **)); - - memset (dip_prefixes, 0, 65536 * sizeof (dip_prefixes[0])); - - bdapq_m1_prefixes - = g_malloc (65536 * sizeof (const struct cris_opcode **)); - - memset (bdapq_m1_prefixes, 0, 65536 * sizeof (bdapq_m1_prefixes[0])); - - bdapq_m2_prefixes - = g_malloc (65536 * sizeof (const struct cris_opcode **)); - - memset (bdapq_m2_prefixes, 0, 65536 * sizeof (bdapq_m2_prefixes[0])); - - bdapq_m4_prefixes - = g_malloc (65536 * sizeof (const struct cris_opcode **)); - - memset (bdapq_m4_prefixes, 0, 65536 * sizeof (bdapq_m4_prefixes[0])); - - rest_prefixes - = g_malloc (65536 * sizeof (const struct cris_opcode **)); - - memset (rest_prefixes, 0, 65536 * sizeof (rest_prefixes[0])); + opc_table = g_new0(const struct cris_opcode *, 65536); + dip_prefixes = g_new0(const struct cris_opcode *, 65536); + bdapq_m1_prefixes = g_new0(const struct cris_opcode *, 65536); + bdapq_m2_prefixes = g_new0(const struct cris_opcode *, 65536); + bdapq_m4_prefixes = g_new0(const struct cris_opcode *, 65536); + rest_prefixes = g_new0(const struct cris_opcode *, 65536); } /* Get the right table if this is a prefix. diff --git a/dyngen-exec.h b/dyngen-exec.h index 3544372a65..09be9ea7b4 100644 --- a/dyngen-exec.h +++ b/dyngen-exec.h @@ -31,7 +31,7 @@ #elif defined(_ARCH_PPC) #define AREG0 "r27" #elif defined(__arm__) -#define AREG0 "r7" +#define AREG0 "r6" #elif defined(__hppa__) #define AREG0 "r17" #elif defined(__mips__) diff --git a/exec-all.h b/exec-all.h index c211242bab..51d01f260b 100644 --- a/exec-all.h +++ b/exec-all.h @@ -299,9 +299,10 @@ extern void *tci_tb_ptr; #if !defined(CONFIG_USER_ONLY) -extern CPUWriteMemoryFunc *io_mem_write[IO_MEM_NB_ENTRIES][4]; -extern CPUReadMemoryFunc *io_mem_read[IO_MEM_NB_ENTRIES][4]; -extern void *io_mem_opaque[IO_MEM_NB_ENTRIES]; +uint64_t io_mem_read(int index, target_phys_addr_t addr, unsigned size); +void io_mem_write(int index, target_phys_addr_t addr, uint64_t value, + unsigned size); +extern struct MemoryRegion *io_mem_region[IO_MEM_NB_ENTRIES]; void tlb_fill(CPUState *env1, target_ulong addr, int is_write, int mmu_idx, void *retaddr); @@ -336,31 +337,7 @@ static inline tb_page_addr_t get_page_addr_code(CPUState *env1, target_ulong add return addr; } #else -/* NOTE: this function can trigger an exception */ -/* NOTE2: the returned address is not exactly the physical address: it - is the offset relative to phys_ram_base */ -static inline tb_page_addr_t get_page_addr_code(CPUState *env1, target_ulong addr) -{ - int mmu_idx, page_index, pd; - void *p; - - page_index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1); - mmu_idx = cpu_mmu_index(env1); - if (unlikely(env1->tlb_table[mmu_idx][page_index].addr_code != - (addr & TARGET_PAGE_MASK))) { - ldub_code(addr); - } - pd = env1->tlb_table[mmu_idx][page_index].addr_code & ~TARGET_PAGE_MASK; - if (pd > IO_MEM_ROM && !(pd & IO_MEM_ROMD)) { -#if defined(TARGET_ALPHA) || defined(TARGET_MIPS) || defined(TARGET_SPARC) - cpu_unassigned_access(env1, addr, 0, 1, 0, 4); -#else - cpu_abort(env1, "Trying to execute code outside RAM or ROM at 0x" TARGET_FMT_lx "\n", addr); -#endif - } - p = (void *)((uintptr_t)addr + env1->tlb_table[mmu_idx][page_index].addend); - return qemu_ram_addr_from_host_nofail(p); -} +tb_page_addr_t get_page_addr_code(CPUState *env1, target_ulong addr); #endif typedef void (CPUDebugExcpHandler)(CPUState *env); diff --git a/exec-obsolete.h b/exec-obsolete.h index 34b9fc56bd..f8af27ed1a 100644 --- a/exec-obsolete.h +++ b/exec-obsolete.h @@ -25,44 +25,74 @@ #ifndef CONFIG_USER_ONLY -ram_addr_t qemu_ram_alloc_from_ptr(DeviceState *dev, const char *name, - ram_addr_t size, void *host, +ram_addr_t qemu_ram_alloc_from_ptr(ram_addr_t size, void *host, MemoryRegion *mr); -ram_addr_t qemu_ram_alloc(DeviceState *dev, const char *name, ram_addr_t size, - MemoryRegion *mr); +ram_addr_t qemu_ram_alloc(ram_addr_t size, MemoryRegion *mr); void qemu_ram_free(ram_addr_t addr); void qemu_ram_free_from_ptr(ram_addr_t addr); -int cpu_register_io_memory(CPUReadMemoryFunc * const *mem_read, - CPUWriteMemoryFunc * const *mem_write, - void *opaque, enum device_endian endian); +struct MemoryRegion; +int cpu_register_io_memory(MemoryRegion *mr); void cpu_unregister_io_memory(int table_address); -void cpu_register_physical_memory_log(target_phys_addr_t start_addr, - ram_addr_t size, - ram_addr_t phys_offset, - ram_addr_t region_offset, - bool log_dirty); +struct MemoryRegionSection; +void cpu_register_physical_memory_log(struct MemoryRegionSection *section, + bool readable, bool readonly); -static inline void cpu_register_physical_memory_offset(target_phys_addr_t start_addr, - ram_addr_t size, - ram_addr_t phys_offset, - ram_addr_t region_offset) +void qemu_register_coalesced_mmio(target_phys_addr_t addr, ram_addr_t size); +void qemu_unregister_coalesced_mmio(target_phys_addr_t addr, ram_addr_t size); + +int cpu_physical_memory_set_dirty_tracking(int enable); + +#define VGA_DIRTY_FLAG 0x01 +#define CODE_DIRTY_FLAG 0x02 +#define MIGRATION_DIRTY_FLAG 0x08 + +/* read dirty bit (return 0 or 1) */ +static inline int cpu_physical_memory_is_dirty(ram_addr_t addr) { - cpu_register_physical_memory_log(start_addr, size, phys_offset, - region_offset, false); + return ram_list.phys_dirty[addr >> TARGET_PAGE_BITS] == 0xff; } -static inline void cpu_register_physical_memory(target_phys_addr_t start_addr, - ram_addr_t size, - ram_addr_t phys_offset) +static inline int cpu_physical_memory_get_dirty_flags(ram_addr_t addr) { - cpu_register_physical_memory_offset(start_addr, size, phys_offset, 0); + return ram_list.phys_dirty[addr >> TARGET_PAGE_BITS]; } -void qemu_register_coalesced_mmio(target_phys_addr_t addr, ram_addr_t size); -void qemu_unregister_coalesced_mmio(target_phys_addr_t addr, ram_addr_t size); +static inline int cpu_physical_memory_get_dirty(ram_addr_t addr, + int dirty_flags) +{ + return ram_list.phys_dirty[addr >> TARGET_PAGE_BITS] & dirty_flags; +} + +static inline void cpu_physical_memory_set_dirty(ram_addr_t addr) +{ + ram_list.phys_dirty[addr >> TARGET_PAGE_BITS] = 0xff; +} + +static inline int cpu_physical_memory_set_dirty_flags(ram_addr_t addr, + int dirty_flags) +{ + return ram_list.phys_dirty[addr >> TARGET_PAGE_BITS] |= dirty_flags; +} + +static inline void cpu_physical_memory_mask_dirty_range(ram_addr_t start, + int length, + int dirty_flags) +{ + int i, mask, len; + uint8_t *p; + + len = length >> TARGET_PAGE_BITS; + mask = ~dirty_flags; + p = ram_list.phys_dirty + (start >> TARGET_PAGE_BITS); + for (i = 0; i < len; i++) { + p[i] &= mask; + } +} +void cpu_physical_memory_reset_dirty(ram_addr_t start, ram_addr_t end, + int dirty_flags); #endif #endif diff --git a/exec.c b/exec.c index b02199b271..b1d6602911 100644 --- a/exec.c +++ b/exec.c @@ -118,6 +118,9 @@ RAMList ram_list = { .blocks = QLIST_HEAD_INITIALIZER(ram_list.blocks) }; static MemoryRegion *system_memory; static MemoryRegion *system_io; +MemoryRegion io_mem_ram, io_mem_rom, io_mem_unassigned, io_mem_notdirty; +static MemoryRegion io_mem_subpage_ram; + #endif CPUState *first_cpu; @@ -205,11 +208,9 @@ static void io_mem_init(void); static void memory_map_init(void); /* io memory support */ -CPUWriteMemoryFunc *io_mem_write[IO_MEM_NB_ENTRIES][4]; -CPUReadMemoryFunc *io_mem_read[IO_MEM_NB_ENTRIES][4]; -void *io_mem_opaque[IO_MEM_NB_ENTRIES]; +MemoryRegion *io_mem_region[IO_MEM_NB_ENTRIES]; static char io_mem_used[IO_MEM_NB_ENTRIES]; -static int io_mem_watch; +static MemoryRegion io_mem_watch; #endif /* log support */ @@ -430,7 +431,7 @@ static PhysPageDesc *phys_page_find_alloc(target_phys_addr_t index, int alloc) *lp = pd = g_malloc(sizeof(PhysPageDesc) * L2_SIZE); for (i = 0; i < L2_SIZE; i++) { - pd[i].phys_offset = IO_MEM_UNASSIGNED; + pd[i].phys_offset = io_mem_unassigned.ram_addr; pd[i].region_offset = (first_index + i) << TARGET_PAGE_BITS; } } @@ -438,9 +439,18 @@ static PhysPageDesc *phys_page_find_alloc(target_phys_addr_t index, int alloc) return pd + (index & (L2_SIZE - 1)); } -static inline PhysPageDesc *phys_page_find(target_phys_addr_t index) +static inline PhysPageDesc phys_page_find(target_phys_addr_t index) { - return phys_page_find_alloc(index, 0); + PhysPageDesc *p = phys_page_find_alloc(index, 0); + + if (p) { + return *p; + } else { + return (PhysPageDesc) { + .phys_offset = io_mem_unassigned.ram_addr, + .region_offset = index << TARGET_PAGE_BITS, + }; + } } static void tlb_protect_code(ram_addr_t ram_addr); @@ -1402,15 +1412,11 @@ static void breakpoint_invalidate(CPUState *env, target_ulong pc) target_phys_addr_t addr; target_ulong pd; ram_addr_t ram_addr; - PhysPageDesc *p; + PhysPageDesc p; addr = cpu_get_phys_page_debug(env, pc); p = phys_page_find(addr >> TARGET_PAGE_BITS); - if (!p) { - pd = IO_MEM_UNASSIGNED; - } else { - pd = p->phys_offset; - } + pd = p.phys_offset; ram_addr = (pd & TARGET_PAGE_MASK) | (pc & ~TARGET_PAGE_MASK); tb_invalidate_phys_page_range(ram_addr, ram_addr + 1, 0); } @@ -1960,7 +1966,7 @@ static inline void tlb_reset_dirty_range(CPUTLBEntry *tlb_entry, unsigned long start, unsigned long length) { unsigned long addr; - if ((tlb_entry->addr_write & ~TARGET_PAGE_MASK) == IO_MEM_RAM) { + if ((tlb_entry->addr_write & ~TARGET_PAGE_MASK) == io_mem_ram.ram_addr) { addr = (tlb_entry->addr_write & TARGET_PAGE_MASK) + tlb_entry->addend; if ((addr - start) < length) { tlb_entry->addr_write = (tlb_entry->addr_write & TARGET_PAGE_MASK) | TLB_NOTDIRTY; @@ -2008,25 +2014,15 @@ int cpu_physical_memory_set_dirty_tracking(int enable) { int ret = 0; in_migration = enable; - if (enable) { - memory_global_dirty_log_start(); - } else { - memory_global_dirty_log_stop(); - } return ret; } -int cpu_physical_memory_get_dirty_tracking(void) -{ - return in_migration; -} - static inline void tlb_update_dirty(CPUTLBEntry *tlb_entry) { ram_addr_t ram_addr; void *p; - if ((tlb_entry->addr_write & ~TARGET_PAGE_MASK) == IO_MEM_RAM) { + if ((tlb_entry->addr_write & ~TARGET_PAGE_MASK) == io_mem_ram.ram_addr) { p = (void *)(unsigned long)((tlb_entry->addr_write & TARGET_PAGE_MASK) + tlb_entry->addend); ram_addr = qemu_ram_addr_from_host_nofail(p); @@ -2089,6 +2085,26 @@ static void tlb_add_large_page(CPUState *env, target_ulong vaddr, env->tlb_flush_mask = mask; } +static bool is_ram_rom(ram_addr_t pd) +{ + pd &= ~TARGET_PAGE_MASK; + return pd == io_mem_ram.ram_addr || pd == io_mem_rom.ram_addr; +} + +static bool is_romd(ram_addr_t pd) +{ + MemoryRegion *mr; + + pd &= ~TARGET_PAGE_MASK; + mr = io_mem_region[pd]; + return mr->rom_device && mr->readable; +} + +static bool is_ram_rom_romd(ram_addr_t pd) +{ + return is_ram_rom(pd) || is_romd(pd); +} + /* Add a new TLB entry. At most one entry for a given virtual address is permitted. Only a single TARGET_PAGE_SIZE region is mapped, the supplied size is only used by tlb_flush_page. */ @@ -2096,7 +2112,7 @@ void tlb_set_page(CPUState *env, target_ulong vaddr, target_phys_addr_t paddr, int prot, int mmu_idx, target_ulong size) { - PhysPageDesc *p; + PhysPageDesc p; unsigned long pd; unsigned int index; target_ulong address; @@ -2111,11 +2127,7 @@ void tlb_set_page(CPUState *env, target_ulong vaddr, tlb_add_large_page(env, vaddr, size); } p = phys_page_find(paddr >> TARGET_PAGE_BITS); - if (!p) { - pd = IO_MEM_UNASSIGNED; - } else { - pd = p->phys_offset; - } + pd = p.phys_offset; #if defined(DEBUG_TLB) printf("tlb_set_page: vaddr=" TARGET_FMT_lx " paddr=0x" TARGET_FMT_plx " prot=%x idx=%d pd=0x%08lx\n", @@ -2123,18 +2135,18 @@ void tlb_set_page(CPUState *env, target_ulong vaddr, #endif address = vaddr; - if ((pd & ~TARGET_PAGE_MASK) > IO_MEM_ROM && !(pd & IO_MEM_ROMD)) { + if (!is_ram_rom_romd(pd)) { /* IO memory case (romd handled later) */ address |= TLB_MMIO; } addend = (unsigned long)qemu_get_ram_ptr(pd & TARGET_PAGE_MASK); - if ((pd & ~TARGET_PAGE_MASK) <= IO_MEM_ROM) { + if (is_ram_rom(pd)) { /* Normal RAM. */ iotlb = pd & TARGET_PAGE_MASK; - if ((pd & ~TARGET_PAGE_MASK) == IO_MEM_RAM) - iotlb |= IO_MEM_NOTDIRTY; + if ((pd & ~TARGET_PAGE_MASK) == io_mem_ram.ram_addr) + iotlb |= io_mem_notdirty.ram_addr; else - iotlb |= IO_MEM_ROM; + iotlb |= io_mem_rom.ram_addr; } else { /* IO handlers are currently passed a physical address. It would be nice to pass an offset from the base address @@ -2143,11 +2155,7 @@ void tlb_set_page(CPUState *env, target_ulong vaddr, We can't use the high bits of pd for this because IO_MEM_ROMD uses these as a ram address. */ iotlb = (pd & ~TARGET_PAGE_MASK); - if (p) { - iotlb += p->region_offset; - } else { - iotlb += paddr; - } + iotlb += p.region_offset; } code_address = address; @@ -2157,7 +2165,7 @@ void tlb_set_page(CPUState *env, target_ulong vaddr, if (vaddr == (wp->vaddr & TARGET_PAGE_MASK)) { /* Avoid trapping reads of pages with a write breakpoint. */ if ((prot & PAGE_WRITE) || (wp->flags & BP_MEM_READ)) { - iotlb = io_mem_watch + paddr; + iotlb = io_mem_watch.ram_addr + paddr; address |= TLB_MMIO; break; } @@ -2180,11 +2188,10 @@ void tlb_set_page(CPUState *env, target_ulong vaddr, te->addr_code = -1; } if (prot & PAGE_WRITE) { - if ((pd & ~TARGET_PAGE_MASK) == IO_MEM_ROM || - (pd & IO_MEM_ROMD)) { + if ((pd & ~TARGET_PAGE_MASK) == io_mem_rom.ram_addr || is_romd(pd)) { /* Write access calls the I/O callback. */ te->addr_write = address | TLB_MMIO; - } else if ((pd & ~TARGET_PAGE_MASK) == IO_MEM_RAM && + } else if ((pd & ~TARGET_PAGE_MASK) == io_mem_ram.ram_addr && !cpu_physical_memory_is_dirty(pd)) { te->addr_write = address | TLB_NOTDIRTY; } else { @@ -2472,6 +2479,7 @@ static inline void tlb_set_dirty(CPUState *env, #define SUBPAGE_IDX(addr) ((addr) & ~TARGET_PAGE_MASK) typedef struct subpage_t { + MemoryRegion iomem; target_phys_addr_t base; ram_addr_t sub_io_index[TARGET_PAGE_SIZE]; ram_addr_t region_offset[TARGET_PAGE_SIZE]; @@ -2510,21 +2518,31 @@ static subpage_t *subpage_init (target_phys_addr_t base, ram_addr_t *phys, start_addr and region_offset are rounded down to a page boundary before calculating this offset. This should not be a problem unless the low bits of start_addr and region_offset differ. */ -void cpu_register_physical_memory_log(target_phys_addr_t start_addr, - ram_addr_t size, - ram_addr_t phys_offset, - ram_addr_t region_offset, - bool log_dirty) +void cpu_register_physical_memory_log(MemoryRegionSection *section, + bool readable, bool readonly) { + target_phys_addr_t start_addr = section->offset_within_address_space; + ram_addr_t size = section->size; + ram_addr_t phys_offset = section->mr->ram_addr; + ram_addr_t region_offset = section->offset_within_region; target_phys_addr_t addr, end_addr; PhysPageDesc *p; CPUState *env; ram_addr_t orig_size = size; subpage_t *subpage; + if (memory_region_is_ram(section->mr)) { + phys_offset += region_offset; + region_offset = 0; + } + + if (readonly) { + phys_offset |= io_mem_rom.ram_addr; + } + assert(size); - if (phys_offset == IO_MEM_UNASSIGNED) { + if (phys_offset == io_mem_unassigned.ram_addr) { region_offset = start_addr; } region_offset &= TARGET_PAGE_MASK; @@ -2533,38 +2551,37 @@ void cpu_register_physical_memory_log(target_phys_addr_t start_addr, addr = start_addr; do { - p = phys_page_find(addr >> TARGET_PAGE_BITS); - if (p && p->phys_offset != IO_MEM_UNASSIGNED) { + p = phys_page_find_alloc(addr >> TARGET_PAGE_BITS, 0); + if (p && p->phys_offset != io_mem_unassigned.ram_addr) { ram_addr_t orig_memory = p->phys_offset; target_phys_addr_t start_addr2, end_addr2; int need_subpage = 0; + MemoryRegion *mr = io_mem_region[orig_memory & ~TARGET_PAGE_MASK]; CHECK_SUBPAGE(addr, start_addr, start_addr2, end_addr, end_addr2, need_subpage); if (need_subpage) { - if (!(orig_memory & IO_MEM_SUBPAGE)) { + if (!(mr->subpage)) { subpage = subpage_init((addr & TARGET_PAGE_MASK), &p->phys_offset, orig_memory, p->region_offset); } else { - subpage = io_mem_opaque[(orig_memory & ~TARGET_PAGE_MASK) - >> IO_MEM_SHIFT]; + subpage = container_of(mr, subpage_t, iomem); } subpage_register(subpage, start_addr2, end_addr2, phys_offset, region_offset); p->region_offset = 0; } else { p->phys_offset = phys_offset; - if ((phys_offset & ~TARGET_PAGE_MASK) <= IO_MEM_ROM || - (phys_offset & IO_MEM_ROMD)) + p->region_offset = region_offset; + if (is_ram_rom_romd(phys_offset)) phys_offset += TARGET_PAGE_SIZE; } } else { p = phys_page_find_alloc(addr >> TARGET_PAGE_BITS, 1); p->phys_offset = phys_offset; p->region_offset = region_offset; - if ((phys_offset & ~TARGET_PAGE_MASK) <= IO_MEM_ROM || - (phys_offset & IO_MEM_ROMD)) { + if (is_ram_rom_romd(phys_offset)) { phys_offset += TARGET_PAGE_SIZE; } else { target_phys_addr_t start_addr2, end_addr2; @@ -2575,7 +2592,8 @@ void cpu_register_physical_memory_log(target_phys_addr_t start_addr, if (need_subpage) { subpage = subpage_init((addr & TARGET_PAGE_MASK), - &p->phys_offset, IO_MEM_UNASSIGNED, + &p->phys_offset, + io_mem_unassigned.ram_addr, addr & TARGET_PAGE_MASK); subpage_register(subpage, start_addr2, end_addr2, phys_offset, region_offset); @@ -2753,14 +2771,19 @@ static ram_addr_t last_ram_offset(void) return last; } -ram_addr_t qemu_ram_alloc_from_ptr(DeviceState *dev, const char *name, - ram_addr_t size, void *host, - MemoryRegion *mr) +void qemu_ram_set_idstr(ram_addr_t addr, const char *name, DeviceState *dev) { RAMBlock *new_block, *block; - size = TARGET_PAGE_ALIGN(size); - new_block = g_malloc0(sizeof(*new_block)); + new_block = NULL; + QLIST_FOREACH(block, &ram_list.blocks, next) { + if (block->offset == addr) { + new_block = block; + break; + } + } + assert(new_block); + assert(!new_block->idstr[0]); if (dev && dev->parent_bus && dev->parent_bus->info->get_dev_path) { char *id = dev->parent_bus->info->get_dev_path(dev); @@ -2772,13 +2795,23 @@ ram_addr_t qemu_ram_alloc_from_ptr(DeviceState *dev, const char *name, pstrcat(new_block->idstr, sizeof(new_block->idstr), name); QLIST_FOREACH(block, &ram_list.blocks, next) { - if (!strcmp(block->idstr, new_block->idstr)) { + if (block != new_block && !strcmp(block->idstr, new_block->idstr)) { fprintf(stderr, "RAMBlock \"%s\" already registered, abort!\n", new_block->idstr); abort(); } } +} + +ram_addr_t qemu_ram_alloc_from_ptr(ram_addr_t size, void *host, + MemoryRegion *mr) +{ + RAMBlock *new_block; + + size = TARGET_PAGE_ALIGN(size); + new_block = g_malloc0(sizeof(*new_block)); + new_block->mr = mr; new_block->offset = find_ram_offset(size); if (host) { new_block->host = host; @@ -2834,10 +2867,9 @@ ram_addr_t qemu_ram_alloc_from_ptr(DeviceState *dev, const char *name, return new_block->offset; } -ram_addr_t qemu_ram_alloc(DeviceState *dev, const char *name, ram_addr_t size, - MemoryRegion *mr) +ram_addr_t qemu_ram_alloc(ram_addr_t size, MemoryRegion *mr) { - return qemu_ram_alloc_from_ptr(dev, name, size, NULL, mr); + return qemu_ram_alloc_from_ptr(size, NULL, mr); } void qemu_ram_free_from_ptr(ram_addr_t addr) @@ -3091,133 +3123,83 @@ ram_addr_t qemu_ram_addr_from_host_nofail(void *ptr) return ram_addr; } -static uint32_t unassigned_mem_readb(void *opaque, target_phys_addr_t addr) +static uint64_t unassigned_mem_read(void *opaque, target_phys_addr_t addr, + unsigned size) { #ifdef DEBUG_UNASSIGNED printf("Unassigned mem read " TARGET_FMT_plx "\n", addr); #endif #if defined(TARGET_ALPHA) || defined(TARGET_SPARC) || defined(TARGET_MICROBLAZE) - cpu_unassigned_access(cpu_single_env, addr, 0, 0, 0, 1); + cpu_unassigned_access(cpu_single_env, addr, 0, 0, 0, size); #endif return 0; } -static uint32_t unassigned_mem_readw(void *opaque, target_phys_addr_t addr) +static void unassigned_mem_write(void *opaque, target_phys_addr_t addr, + uint64_t val, unsigned size) { #ifdef DEBUG_UNASSIGNED - printf("Unassigned mem read " TARGET_FMT_plx "\n", addr); + printf("Unassigned mem write " TARGET_FMT_plx " = 0x%"PRIx64"\n", addr, val); #endif #if defined(TARGET_ALPHA) || defined(TARGET_SPARC) || defined(TARGET_MICROBLAZE) - cpu_unassigned_access(cpu_single_env, addr, 0, 0, 0, 2); + cpu_unassigned_access(cpu_single_env, addr, 1, 0, 0, size); #endif - return 0; } -static uint32_t unassigned_mem_readl(void *opaque, target_phys_addr_t addr) -{ -#ifdef DEBUG_UNASSIGNED - printf("Unassigned mem read " TARGET_FMT_plx "\n", addr); -#endif -#if defined(TARGET_ALPHA) || defined(TARGET_SPARC) || defined(TARGET_MICROBLAZE) - cpu_unassigned_access(cpu_single_env, addr, 0, 0, 0, 4); -#endif - return 0; -} - -static void unassigned_mem_writeb(void *opaque, target_phys_addr_t addr, uint32_t val) -{ -#ifdef DEBUG_UNASSIGNED - printf("Unassigned mem write " TARGET_FMT_plx " = 0x%x\n", addr, val); -#endif -#if defined(TARGET_ALPHA) || defined(TARGET_SPARC) || defined(TARGET_MICROBLAZE) - cpu_unassigned_access(cpu_single_env, addr, 1, 0, 0, 1); -#endif -} +static const MemoryRegionOps unassigned_mem_ops = { + .read = unassigned_mem_read, + .write = unassigned_mem_write, + .endianness = DEVICE_NATIVE_ENDIAN, +}; -static void unassigned_mem_writew(void *opaque, target_phys_addr_t addr, uint32_t val) +static uint64_t error_mem_read(void *opaque, target_phys_addr_t addr, + unsigned size) { -#ifdef DEBUG_UNASSIGNED - printf("Unassigned mem write " TARGET_FMT_plx " = 0x%x\n", addr, val); -#endif -#if defined(TARGET_ALPHA) || defined(TARGET_SPARC) || defined(TARGET_MICROBLAZE) - cpu_unassigned_access(cpu_single_env, addr, 1, 0, 0, 2); -#endif + abort(); } -static void unassigned_mem_writel(void *opaque, target_phys_addr_t addr, uint32_t val) +static void error_mem_write(void *opaque, target_phys_addr_t addr, + uint64_t value, unsigned size) { -#ifdef DEBUG_UNASSIGNED - printf("Unassigned mem write " TARGET_FMT_plx " = 0x%x\n", addr, val); -#endif -#if defined(TARGET_ALPHA) || defined(TARGET_SPARC) || defined(TARGET_MICROBLAZE) - cpu_unassigned_access(cpu_single_env, addr, 1, 0, 0, 4); -#endif + abort(); } -static CPUReadMemoryFunc * const unassigned_mem_read[3] = { - unassigned_mem_readb, - unassigned_mem_readw, - unassigned_mem_readl, +static const MemoryRegionOps error_mem_ops = { + .read = error_mem_read, + .write = error_mem_write, + .endianness = DEVICE_NATIVE_ENDIAN, }; -static CPUWriteMemoryFunc * const unassigned_mem_write[3] = { - unassigned_mem_writeb, - unassigned_mem_writew, - unassigned_mem_writel, +static const MemoryRegionOps rom_mem_ops = { + .read = error_mem_read, + .write = unassigned_mem_write, + .endianness = DEVICE_NATIVE_ENDIAN, }; -static void notdirty_mem_writeb(void *opaque, target_phys_addr_t ram_addr, - uint32_t val) +static void notdirty_mem_write(void *opaque, target_phys_addr_t ram_addr, + uint64_t val, unsigned size) { int dirty_flags; dirty_flags = cpu_physical_memory_get_dirty_flags(ram_addr); if (!(dirty_flags & CODE_DIRTY_FLAG)) { #if !defined(CONFIG_USER_ONLY) - tb_invalidate_phys_page_fast(ram_addr, 1); + tb_invalidate_phys_page_fast(ram_addr, size); dirty_flags = cpu_physical_memory_get_dirty_flags(ram_addr); #endif } - stb_p(qemu_get_ram_ptr(ram_addr), val); - dirty_flags |= (0xff & ~CODE_DIRTY_FLAG); - cpu_physical_memory_set_dirty_flags(ram_addr, dirty_flags); - /* we remove the notdirty callback only if the code has been - flushed */ - if (dirty_flags == 0xff) - tlb_set_dirty(cpu_single_env, cpu_single_env->mem_io_vaddr); -} - -static void notdirty_mem_writew(void *opaque, target_phys_addr_t ram_addr, - uint32_t val) -{ - int dirty_flags; - dirty_flags = cpu_physical_memory_get_dirty_flags(ram_addr); - if (!(dirty_flags & CODE_DIRTY_FLAG)) { -#if !defined(CONFIG_USER_ONLY) - tb_invalidate_phys_page_fast(ram_addr, 2); - dirty_flags = cpu_physical_memory_get_dirty_flags(ram_addr); -#endif - } - stw_p(qemu_get_ram_ptr(ram_addr), val); - dirty_flags |= (0xff & ~CODE_DIRTY_FLAG); - cpu_physical_memory_set_dirty_flags(ram_addr, dirty_flags); - /* we remove the notdirty callback only if the code has been - flushed */ - if (dirty_flags == 0xff) - tlb_set_dirty(cpu_single_env, cpu_single_env->mem_io_vaddr); -} - -static void notdirty_mem_writel(void *opaque, target_phys_addr_t ram_addr, - uint32_t val) -{ - int dirty_flags; - dirty_flags = cpu_physical_memory_get_dirty_flags(ram_addr); - if (!(dirty_flags & CODE_DIRTY_FLAG)) { -#if !defined(CONFIG_USER_ONLY) - tb_invalidate_phys_page_fast(ram_addr, 4); - dirty_flags = cpu_physical_memory_get_dirty_flags(ram_addr); -#endif + switch (size) { + case 1: + stb_p(qemu_get_ram_ptr(ram_addr), val); + break; + case 2: + stw_p(qemu_get_ram_ptr(ram_addr), val); + break; + case 4: + stl_p(qemu_get_ram_ptr(ram_addr), val); + break; + default: + abort(); } - stl_p(qemu_get_ram_ptr(ram_addr), val); dirty_flags |= (0xff & ~CODE_DIRTY_FLAG); cpu_physical_memory_set_dirty_flags(ram_addr, dirty_flags); /* we remove the notdirty callback only if the code has been @@ -3226,16 +3208,10 @@ static void notdirty_mem_writel(void *opaque, target_phys_addr_t ram_addr, tlb_set_dirty(cpu_single_env, cpu_single_env->mem_io_vaddr); } -static CPUReadMemoryFunc * const error_mem_read[3] = { - NULL, /* never used */ - NULL, /* never used */ - NULL, /* never used */ -}; - -static CPUWriteMemoryFunc * const notdirty_mem_write[3] = { - notdirty_mem_writeb, - notdirty_mem_writew, - notdirty_mem_writel, +static const MemoryRegionOps notdirty_mem_ops = { + .read = error_mem_read, + .write = notdirty_mem_write, + .endianness = DEVICE_NATIVE_ENDIAN, }; /* Generate a debug exception if a watchpoint has been hit. */ @@ -3286,61 +3262,40 @@ static void check_watchpoint(int offset, int len_mask, int flags) /* Watchpoint access routines. Watchpoints are inserted using TLB tricks, so these check for a hit then pass through to the normal out-of-line phys routines. */ -static uint32_t watch_mem_readb(void *opaque, target_phys_addr_t addr) -{ - check_watchpoint(addr & ~TARGET_PAGE_MASK, ~0x0, BP_MEM_READ); - return ldub_phys(addr); -} - -static uint32_t watch_mem_readw(void *opaque, target_phys_addr_t addr) +static uint64_t watch_mem_read(void *opaque, target_phys_addr_t addr, + unsigned size) { - check_watchpoint(addr & ~TARGET_PAGE_MASK, ~0x1, BP_MEM_READ); - return lduw_phys(addr); -} - -static uint32_t watch_mem_readl(void *opaque, target_phys_addr_t addr) -{ - check_watchpoint(addr & ~TARGET_PAGE_MASK, ~0x3, BP_MEM_READ); - return ldl_phys(addr); -} - -static void watch_mem_writeb(void *opaque, target_phys_addr_t addr, - uint32_t val) -{ - check_watchpoint(addr & ~TARGET_PAGE_MASK, ~0x0, BP_MEM_WRITE); - stb_phys(addr, val); -} - -static void watch_mem_writew(void *opaque, target_phys_addr_t addr, - uint32_t val) -{ - check_watchpoint(addr & ~TARGET_PAGE_MASK, ~0x1, BP_MEM_WRITE); - stw_phys(addr, val); + check_watchpoint(addr & ~TARGET_PAGE_MASK, ~(size - 1), BP_MEM_READ); + switch (size) { + case 1: return ldub_phys(addr); + case 2: return lduw_phys(addr); + case 4: return ldl_phys(addr); + default: abort(); + } } -static void watch_mem_writel(void *opaque, target_phys_addr_t addr, - uint32_t val) +static void watch_mem_write(void *opaque, target_phys_addr_t addr, + uint64_t val, unsigned size) { - check_watchpoint(addr & ~TARGET_PAGE_MASK, ~0x3, BP_MEM_WRITE); - stl_phys(addr, val); + check_watchpoint(addr & ~TARGET_PAGE_MASK, ~(size - 1), BP_MEM_WRITE); + switch (size) { + case 1: stb_phys(addr, val); + case 2: stw_phys(addr, val); + case 4: stl_phys(addr, val); + default: abort(); + } } -static CPUReadMemoryFunc * const watch_mem_read[3] = { - watch_mem_readb, - watch_mem_readw, - watch_mem_readl, -}; - -static CPUWriteMemoryFunc * const watch_mem_write[3] = { - watch_mem_writeb, - watch_mem_writew, - watch_mem_writel, +static const MemoryRegionOps watch_mem_ops = { + .read = watch_mem_read, + .write = watch_mem_write, + .endianness = DEVICE_NATIVE_ENDIAN, }; -static inline uint32_t subpage_readlen (subpage_t *mmio, - target_phys_addr_t addr, - unsigned int len) +static uint64_t subpage_read(void *opaque, target_phys_addr_t addr, + unsigned len) { + subpage_t *mmio = opaque; unsigned int idx = SUBPAGE_IDX(addr); #if defined(DEBUG_SUBPAGE) printf("%s: subpage %p len %d addr " TARGET_FMT_plx " idx %d\n", __func__, @@ -3349,123 +3304,61 @@ static inline uint32_t subpage_readlen (subpage_t *mmio, addr += mmio->region_offset[idx]; idx = mmio->sub_io_index[idx]; - return io_mem_read[idx][len](io_mem_opaque[idx], addr); + return io_mem_read(idx, addr, len); } -static inline void subpage_writelen (subpage_t *mmio, target_phys_addr_t addr, - uint32_t value, unsigned int len) +static void subpage_write(void *opaque, target_phys_addr_t addr, + uint64_t value, unsigned len) { + subpage_t *mmio = opaque; unsigned int idx = SUBPAGE_IDX(addr); #if defined(DEBUG_SUBPAGE) - printf("%s: subpage %p len %d addr " TARGET_FMT_plx " idx %d value %08x\n", + printf("%s: subpage %p len %d addr " TARGET_FMT_plx + " idx %d value %"PRIx64"\n", __func__, mmio, len, addr, idx, value); #endif addr += mmio->region_offset[idx]; idx = mmio->sub_io_index[idx]; - io_mem_write[idx][len](io_mem_opaque[idx], addr, value); -} - -static uint32_t subpage_readb (void *opaque, target_phys_addr_t addr) -{ - return subpage_readlen(opaque, addr, 0); -} - -static void subpage_writeb (void *opaque, target_phys_addr_t addr, - uint32_t value) -{ - subpage_writelen(opaque, addr, value, 0); -} - -static uint32_t subpage_readw (void *opaque, target_phys_addr_t addr) -{ - return subpage_readlen(opaque, addr, 1); -} - -static void subpage_writew (void *opaque, target_phys_addr_t addr, - uint32_t value) -{ - subpage_writelen(opaque, addr, value, 1); + io_mem_write(idx, addr, value, len); } -static uint32_t subpage_readl (void *opaque, target_phys_addr_t addr) -{ - return subpage_readlen(opaque, addr, 2); -} - -static void subpage_writel (void *opaque, target_phys_addr_t addr, - uint32_t value) -{ - subpage_writelen(opaque, addr, value, 2); -} - -static CPUReadMemoryFunc * const subpage_read[] = { - &subpage_readb, - &subpage_readw, - &subpage_readl, -}; - -static CPUWriteMemoryFunc * const subpage_write[] = { - &subpage_writeb, - &subpage_writew, - &subpage_writel, +static const MemoryRegionOps subpage_ops = { + .read = subpage_read, + .write = subpage_write, + .endianness = DEVICE_NATIVE_ENDIAN, }; -static uint32_t subpage_ram_readb(void *opaque, target_phys_addr_t addr) -{ - ram_addr_t raddr = addr; - void *ptr = qemu_get_ram_ptr(raddr); - return ldub_p(ptr); -} - -static void subpage_ram_writeb(void *opaque, target_phys_addr_t addr, - uint32_t value) -{ - ram_addr_t raddr = addr; - void *ptr = qemu_get_ram_ptr(raddr); - stb_p(ptr, value); -} - -static uint32_t subpage_ram_readw(void *opaque, target_phys_addr_t addr) +static uint64_t subpage_ram_read(void *opaque, target_phys_addr_t addr, + unsigned size) { ram_addr_t raddr = addr; void *ptr = qemu_get_ram_ptr(raddr); - return lduw_p(ptr); -} - -static void subpage_ram_writew(void *opaque, target_phys_addr_t addr, - uint32_t value) -{ - ram_addr_t raddr = addr; - void *ptr = qemu_get_ram_ptr(raddr); - stw_p(ptr, value); -} - -static uint32_t subpage_ram_readl(void *opaque, target_phys_addr_t addr) -{ - ram_addr_t raddr = addr; - void *ptr = qemu_get_ram_ptr(raddr); - return ldl_p(ptr); + switch (size) { + case 1: return ldub_p(ptr); + case 2: return lduw_p(ptr); + case 4: return ldl_p(ptr); + default: abort(); + } } -static void subpage_ram_writel(void *opaque, target_phys_addr_t addr, - uint32_t value) +static void subpage_ram_write(void *opaque, target_phys_addr_t addr, + uint64_t value, unsigned size) { ram_addr_t raddr = addr; void *ptr = qemu_get_ram_ptr(raddr); - stl_p(ptr, value); + switch (size) { + case 1: return stb_p(ptr, value); + case 2: return stw_p(ptr, value); + case 4: return stl_p(ptr, value); + default: abort(); + } } -static CPUReadMemoryFunc * const subpage_ram_read[] = { - &subpage_ram_readb, - &subpage_ram_readw, - &subpage_ram_readl, -}; - -static CPUWriteMemoryFunc * const subpage_ram_write[] = { - &subpage_ram_writeb, - &subpage_ram_writew, - &subpage_ram_writel, +static const MemoryRegionOps subpage_ram_ops = { + .read = subpage_ram_read, + .write = subpage_ram_write, + .endianness = DEVICE_NATIVE_ENDIAN, }; static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end, @@ -3481,10 +3374,10 @@ static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end, printf("%s: %p start %08x end %08x idx %08x eidx %08x mem %ld\n", __func__, mmio, start, end, idx, eidx, memory); #endif - if ((memory & ~TARGET_PAGE_MASK) == IO_MEM_RAM) { - memory = IO_MEM_SUBPAGE_RAM; + if ((memory & ~TARGET_PAGE_MASK) == io_mem_ram.ram_addr) { + memory = io_mem_subpage_ram.ram_addr; } - memory = (memory >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); + memory &= IO_MEM_NB_ENTRIES - 1; for (; idx <= eidx; idx++) { mmio->sub_io_index[idx] = memory; mmio->region_offset[idx] = region_offset; @@ -3503,13 +3396,15 @@ static subpage_t *subpage_init (target_phys_addr_t base, ram_addr_t *phys, mmio = g_malloc0(sizeof(subpage_t)); mmio->base = base; - subpage_memory = cpu_register_io_memory(subpage_read, subpage_write, mmio, - DEVICE_NATIVE_ENDIAN); + memory_region_init_io(&mmio->iomem, &subpage_ops, mmio, + "subpage", TARGET_PAGE_SIZE); + mmio->iomem.subpage = true; + subpage_memory = mmio->iomem.ram_addr; #if defined(DEBUG_SUBPAGE) printf("%s: %p base " TARGET_FMT_plx " len %08x %d\n", __func__, mmio, base, TARGET_PAGE_SIZE, subpage_memory); #endif - *phys = subpage_memory | IO_MEM_SUBPAGE; + *phys = subpage_memory; subpage_register(mmio, 0, TARGET_PAGE_SIZE-1, orig_memory, region_offset); return mmio; @@ -3528,106 +3423,6 @@ static int get_free_io_mem_idx(void) return -1; } -/* - * Usually, devices operate in little endian mode. There are devices out - * there that operate in big endian too. Each device gets byte swapped - * mmio if plugged onto a CPU that does the other endianness. - * - * CPU Device swap? - * - * little little no - * little big yes - * big little yes - * big big no - */ - -typedef struct SwapEndianContainer { - CPUReadMemoryFunc *read[3]; - CPUWriteMemoryFunc *write[3]; - void *opaque; -} SwapEndianContainer; - -static uint32_t swapendian_mem_readb (void *opaque, target_phys_addr_t addr) -{ - uint32_t val; - SwapEndianContainer *c = opaque; - val = c->read[0](c->opaque, addr); - return val; -} - -static uint32_t swapendian_mem_readw(void *opaque, target_phys_addr_t addr) -{ - uint32_t val; - SwapEndianContainer *c = opaque; - val = bswap16(c->read[1](c->opaque, addr)); - return val; -} - -static uint32_t swapendian_mem_readl(void *opaque, target_phys_addr_t addr) -{ - uint32_t val; - SwapEndianContainer *c = opaque; - val = bswap32(c->read[2](c->opaque, addr)); - return val; -} - -static CPUReadMemoryFunc * const swapendian_readfn[3]={ - swapendian_mem_readb, - swapendian_mem_readw, - swapendian_mem_readl -}; - -static void swapendian_mem_writeb(void *opaque, target_phys_addr_t addr, - uint32_t val) -{ - SwapEndianContainer *c = opaque; - c->write[0](c->opaque, addr, val); -} - -static void swapendian_mem_writew(void *opaque, target_phys_addr_t addr, - uint32_t val) -{ - SwapEndianContainer *c = opaque; - c->write[1](c->opaque, addr, bswap16(val)); -} - -static void swapendian_mem_writel(void *opaque, target_phys_addr_t addr, - uint32_t val) -{ - SwapEndianContainer *c = opaque; - c->write[2](c->opaque, addr, bswap32(val)); -} - -static CPUWriteMemoryFunc * const swapendian_writefn[3]={ - swapendian_mem_writeb, - swapendian_mem_writew, - swapendian_mem_writel -}; - -static void swapendian_init(int io_index) -{ - SwapEndianContainer *c = g_malloc(sizeof(SwapEndianContainer)); - int i; - - /* Swap mmio for big endian targets */ - c->opaque = io_mem_opaque[io_index]; - for (i = 0; i < 3; i++) { - c->read[i] = io_mem_read[io_index][i]; - c->write[i] = io_mem_write[io_index][i]; - - io_mem_read[io_index][i] = swapendian_readfn[i]; - io_mem_write[io_index][i] = swapendian_writefn[i]; - } - io_mem_opaque[io_index] = c; -} - -static void swapendian_del(int io_index) -{ - if (io_mem_read[io_index][0] == swapendian_readfn[0]) { - g_free(io_mem_opaque[io_index]); - } -} - /* mem_read and mem_write are arrays of functions containing the function to access byte (index 0), word (index 1) and dword (index 2). Functions can be omitted with a NULL function pointer. @@ -3635,71 +3430,30 @@ static void swapendian_del(int io_index) modified. If it is zero, a new io zone is allocated. The return value can be used with cpu_register_physical_memory(). (-1) is returned if error. */ -static int cpu_register_io_memory_fixed(int io_index, - CPUReadMemoryFunc * const *mem_read, - CPUWriteMemoryFunc * const *mem_write, - void *opaque, enum device_endian endian) +static int cpu_register_io_memory_fixed(int io_index, MemoryRegion *mr) { - int i; - if (io_index <= 0) { io_index = get_free_io_mem_idx(); if (io_index == -1) return io_index; } else { - io_index >>= IO_MEM_SHIFT; if (io_index >= IO_MEM_NB_ENTRIES) return -1; } - for (i = 0; i < 3; ++i) { - io_mem_read[io_index][i] - = (mem_read[i] ? mem_read[i] : unassigned_mem_read[i]); - } - for (i = 0; i < 3; ++i) { - io_mem_write[io_index][i] - = (mem_write[i] ? mem_write[i] : unassigned_mem_write[i]); - } - io_mem_opaque[io_index] = opaque; + io_mem_region[io_index] = mr; - switch (endian) { - case DEVICE_BIG_ENDIAN: -#ifndef TARGET_WORDS_BIGENDIAN - swapendian_init(io_index); -#endif - break; - case DEVICE_LITTLE_ENDIAN: -#ifdef TARGET_WORDS_BIGENDIAN - swapendian_init(io_index); -#endif - break; - case DEVICE_NATIVE_ENDIAN: - default: - break; - } - - return (io_index << IO_MEM_SHIFT); + return io_index; } -int cpu_register_io_memory(CPUReadMemoryFunc * const *mem_read, - CPUWriteMemoryFunc * const *mem_write, - void *opaque, enum device_endian endian) +int cpu_register_io_memory(MemoryRegion *mr) { - return cpu_register_io_memory_fixed(0, mem_read, mem_write, opaque, endian); + return cpu_register_io_memory_fixed(0, mr); } -void cpu_unregister_io_memory(int io_table_address) +void cpu_unregister_io_memory(int io_index) { - int i; - int io_index = io_table_address >> IO_MEM_SHIFT; - - swapendian_del(io_index); - - for (i=0;i < 3; i++) { - io_mem_read[io_index][i] = unassigned_mem_read[i]; - io_mem_write[io_index][i] = unassigned_mem_write[i]; - } - io_mem_opaque[io_index] = NULL; + io_mem_region[io_index] = NULL; io_mem_used[io_index] = 0; } @@ -3707,24 +3461,21 @@ static void io_mem_init(void) { int i; - cpu_register_io_memory_fixed(IO_MEM_ROM, error_mem_read, - unassigned_mem_write, NULL, - DEVICE_NATIVE_ENDIAN); - cpu_register_io_memory_fixed(IO_MEM_UNASSIGNED, unassigned_mem_read, - unassigned_mem_write, NULL, - DEVICE_NATIVE_ENDIAN); - cpu_register_io_memory_fixed(IO_MEM_NOTDIRTY, error_mem_read, - notdirty_mem_write, NULL, - DEVICE_NATIVE_ENDIAN); - cpu_register_io_memory_fixed(IO_MEM_SUBPAGE_RAM, subpage_ram_read, - subpage_ram_write, NULL, - DEVICE_NATIVE_ENDIAN); + /* Must be first: */ + memory_region_init_io(&io_mem_ram, &error_mem_ops, NULL, "ram", UINT64_MAX); + assert(io_mem_ram.ram_addr == 0); + memory_region_init_io(&io_mem_rom, &rom_mem_ops, NULL, "rom", UINT64_MAX); + memory_region_init_io(&io_mem_unassigned, &unassigned_mem_ops, NULL, + "unassigned", UINT64_MAX); + memory_region_init_io(&io_mem_notdirty, ¬dirty_mem_ops, NULL, + "notdirty", UINT64_MAX); + memory_region_init_io(&io_mem_subpage_ram, &subpage_ram_ops, NULL, + "subpage-ram", UINT64_MAX); for (i=0; i<5; i++) io_mem_used[i] = 1; - io_mem_watch = cpu_register_io_memory(watch_mem_read, - watch_mem_write, NULL, - DEVICE_NATIVE_ENDIAN); + memory_region_init_io(&io_mem_watch, &watch_mem_ops, NULL, + "watch", UINT64_MAX); } static void memory_map_init(void) @@ -3800,7 +3551,7 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf, uint32_t val; target_phys_addr_t page; ram_addr_t pd; - PhysPageDesc *p; + PhysPageDesc p; while (len > 0) { page = addr & TARGET_PAGE_MASK; @@ -3808,34 +3559,29 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf, if (l > len) l = len; p = phys_page_find(page >> TARGET_PAGE_BITS); - if (!p) { - pd = IO_MEM_UNASSIGNED; - } else { - pd = p->phys_offset; - } + pd = p.phys_offset; if (is_write) { - if ((pd & ~TARGET_PAGE_MASK) != IO_MEM_RAM) { - target_phys_addr_t addr1 = addr; - io_index = (pd >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); - if (p) - addr1 = (addr & ~TARGET_PAGE_MASK) + p->region_offset; + if ((pd & ~TARGET_PAGE_MASK) != io_mem_ram.ram_addr) { + target_phys_addr_t addr1; + io_index = pd & (IO_MEM_NB_ENTRIES - 1); + addr1 = (addr & ~TARGET_PAGE_MASK) + p.region_offset; /* XXX: could force cpu_single_env to NULL to avoid potential bugs */ if (l >= 4 && ((addr1 & 3) == 0)) { /* 32 bit write access */ val = ldl_p(buf); - io_mem_write[io_index][2](io_mem_opaque[io_index], addr1, val); + io_mem_write(io_index, addr1, val, 4); l = 4; } else if (l >= 2 && ((addr1 & 1) == 0)) { /* 16 bit write access */ val = lduw_p(buf); - io_mem_write[io_index][1](io_mem_opaque[io_index], addr1, val); + io_mem_write(io_index, addr1, val, 2); l = 2; } else { /* 8 bit write access */ val = ldub_p(buf); - io_mem_write[io_index][0](io_mem_opaque[io_index], addr1, val); + io_mem_write(io_index, addr1, val, 1); l = 1; } } else { @@ -3854,26 +3600,24 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf, qemu_put_ram_ptr(ptr); } } else { - if ((pd & ~TARGET_PAGE_MASK) > IO_MEM_ROM && - !(pd & IO_MEM_ROMD)) { - target_phys_addr_t addr1 = addr; + if (!is_ram_rom_romd(pd)) { + target_phys_addr_t addr1; /* I/O case */ - io_index = (pd >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); - if (p) - addr1 = (addr & ~TARGET_PAGE_MASK) + p->region_offset; + io_index = pd & (IO_MEM_NB_ENTRIES - 1); + addr1 = (addr & ~TARGET_PAGE_MASK) + p.region_offset; if (l >= 4 && ((addr1 & 3) == 0)) { /* 32 bit read access */ - val = io_mem_read[io_index][2](io_mem_opaque[io_index], addr1); + val = io_mem_read(io_index, addr1, 4); stl_p(buf, val); l = 4; } else if (l >= 2 && ((addr1 & 1) == 0)) { /* 16 bit read access */ - val = io_mem_read[io_index][1](io_mem_opaque[io_index], addr1); + val = io_mem_read(io_index, addr1, 2); stw_p(buf, val); l = 2; } else { /* 8 bit read access */ - val = io_mem_read[io_index][0](io_mem_opaque[io_index], addr1); + val = io_mem_read(io_index, addr1, 1); stb_p(buf, val); l = 1; } @@ -3898,7 +3642,7 @@ void cpu_physical_memory_write_rom(target_phys_addr_t addr, uint8_t *ptr; target_phys_addr_t page; unsigned long pd; - PhysPageDesc *p; + PhysPageDesc p; while (len > 0) { page = addr & TARGET_PAGE_MASK; @@ -3906,15 +3650,9 @@ void cpu_physical_memory_write_rom(target_phys_addr_t addr, if (l > len) l = len; p = phys_page_find(page >> TARGET_PAGE_BITS); - if (!p) { - pd = IO_MEM_UNASSIGNED; - } else { - pd = p->phys_offset; - } + pd = p.phys_offset; - if ((pd & ~TARGET_PAGE_MASK) != IO_MEM_RAM && - (pd & ~TARGET_PAGE_MASK) != IO_MEM_ROM && - !(pd & IO_MEM_ROMD)) { + if (!is_ram_rom_romd(pd)) { /* do nothing */ } else { unsigned long addr1; @@ -3992,7 +3730,7 @@ void *cpu_physical_memory_map(target_phys_addr_t addr, int l; target_phys_addr_t page; unsigned long pd; - PhysPageDesc *p; + PhysPageDesc p; ram_addr_t raddr = RAM_ADDR_MAX; ram_addr_t rlen; void *ret; @@ -4003,13 +3741,9 @@ void *cpu_physical_memory_map(target_phys_addr_t addr, if (l > len) l = len; p = phys_page_find(page >> TARGET_PAGE_BITS); - if (!p) { - pd = IO_MEM_UNASSIGNED; - } else { - pd = p->phys_offset; - } + pd = p.phys_offset; - if ((pd & ~TARGET_PAGE_MASK) != IO_MEM_RAM) { + if ((pd & ~TARGET_PAGE_MASK) != io_mem_ram.ram_addr) { if (todo || bounce.buffer) { break; } @@ -4084,22 +3818,16 @@ static inline uint32_t ldl_phys_internal(target_phys_addr_t addr, uint8_t *ptr; uint32_t val; unsigned long pd; - PhysPageDesc *p; + PhysPageDesc p; p = phys_page_find(addr >> TARGET_PAGE_BITS); - if (!p) { - pd = IO_MEM_UNASSIGNED; - } else { - pd = p->phys_offset; - } + pd = p.phys_offset; - if ((pd & ~TARGET_PAGE_MASK) > IO_MEM_ROM && - !(pd & IO_MEM_ROMD)) { + if (!is_ram_rom_romd(pd)) { /* I/O case */ - io_index = (pd >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); - if (p) - addr = (addr & ~TARGET_PAGE_MASK) + p->region_offset; - val = io_mem_read[io_index][2](io_mem_opaque[io_index], addr); + io_index = pd & (IO_MEM_NB_ENTRIES - 1); + addr = (addr & ~TARGET_PAGE_MASK) + p.region_offset; + val = io_mem_read(io_index, addr, 4); #if defined(TARGET_WORDS_BIGENDIAN) if (endian == DEVICE_LITTLE_ENDIAN) { val = bswap32(val); @@ -4151,30 +3879,24 @@ static inline uint64_t ldq_phys_internal(target_phys_addr_t addr, uint8_t *ptr; uint64_t val; unsigned long pd; - PhysPageDesc *p; + PhysPageDesc p; p = phys_page_find(addr >> TARGET_PAGE_BITS); - if (!p) { - pd = IO_MEM_UNASSIGNED; - } else { - pd = p->phys_offset; - } + pd = p.phys_offset; - if ((pd & ~TARGET_PAGE_MASK) > IO_MEM_ROM && - !(pd & IO_MEM_ROMD)) { + if (!is_ram_rom_romd(pd)) { /* I/O case */ - io_index = (pd >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); - if (p) - addr = (addr & ~TARGET_PAGE_MASK) + p->region_offset; + io_index = pd & (IO_MEM_NB_ENTRIES - 1); + addr = (addr & ~TARGET_PAGE_MASK) + p.region_offset; /* XXX This is broken when device endian != cpu endian. Fix and add "endian" variable check */ #ifdef TARGET_WORDS_BIGENDIAN - val = (uint64_t)io_mem_read[io_index][2](io_mem_opaque[io_index], addr) << 32; - val |= io_mem_read[io_index][2](io_mem_opaque[io_index], addr + 4); + val = io_mem_read(io_index, addr, 4) << 32; + val |= io_mem_read(io_index, addr + 4, 4); #else - val = io_mem_read[io_index][2](io_mem_opaque[io_index], addr); - val |= (uint64_t)io_mem_read[io_index][2](io_mem_opaque[io_index], addr + 4) << 32; + val = io_mem_read(io_index, addr, 4); + val |= io_mem_read(io_index, addr + 4, 4) << 32; #endif } else { /* RAM case */ @@ -4226,22 +3948,16 @@ static inline uint32_t lduw_phys_internal(target_phys_addr_t addr, uint8_t *ptr; uint64_t val; unsigned long pd; - PhysPageDesc *p; + PhysPageDesc p; p = phys_page_find(addr >> TARGET_PAGE_BITS); - if (!p) { - pd = IO_MEM_UNASSIGNED; - } else { - pd = p->phys_offset; - } + pd = p.phys_offset; - if ((pd & ~TARGET_PAGE_MASK) > IO_MEM_ROM && - !(pd & IO_MEM_ROMD)) { + if (!is_ram_rom_romd(pd)) { /* I/O case */ - io_index = (pd >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); - if (p) - addr = (addr & ~TARGET_PAGE_MASK) + p->region_offset; - val = io_mem_read[io_index][1](io_mem_opaque[io_index], addr); + io_index = pd & (IO_MEM_NB_ENTRIES - 1); + addr = (addr & ~TARGET_PAGE_MASK) + p.region_offset; + val = io_mem_read(io_index, addr, 2); #if defined(TARGET_WORDS_BIGENDIAN) if (endian == DEVICE_LITTLE_ENDIAN) { val = bswap16(val); @@ -4293,20 +4009,15 @@ void stl_phys_notdirty(target_phys_addr_t addr, uint32_t val) int io_index; uint8_t *ptr; unsigned long pd; - PhysPageDesc *p; + PhysPageDesc p; p = phys_page_find(addr >> TARGET_PAGE_BITS); - if (!p) { - pd = IO_MEM_UNASSIGNED; - } else { - pd = p->phys_offset; - } + pd = p.phys_offset; - if ((pd & ~TARGET_PAGE_MASK) != IO_MEM_RAM) { - io_index = (pd >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); - if (p) - addr = (addr & ~TARGET_PAGE_MASK) + p->region_offset; - io_mem_write[io_index][2](io_mem_opaque[io_index], addr, val); + if ((pd & ~TARGET_PAGE_MASK) != io_mem_ram.ram_addr) { + io_index = pd & (IO_MEM_NB_ENTRIES - 1); + addr = (addr & ~TARGET_PAGE_MASK) + p.region_offset; + io_mem_write(io_index, addr, val, 4); } else { unsigned long addr1 = (pd & TARGET_PAGE_MASK) + (addr & ~TARGET_PAGE_MASK); ptr = qemu_get_ram_ptr(addr1); @@ -4329,25 +4040,20 @@ void stq_phys_notdirty(target_phys_addr_t addr, uint64_t val) int io_index; uint8_t *ptr; unsigned long pd; - PhysPageDesc *p; + PhysPageDesc p; p = phys_page_find(addr >> TARGET_PAGE_BITS); - if (!p) { - pd = IO_MEM_UNASSIGNED; - } else { - pd = p->phys_offset; - } + pd = p.phys_offset; - if ((pd & ~TARGET_PAGE_MASK) != IO_MEM_RAM) { - io_index = (pd >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); - if (p) - addr = (addr & ~TARGET_PAGE_MASK) + p->region_offset; + if ((pd & ~TARGET_PAGE_MASK) != io_mem_ram.ram_addr) { + io_index = pd & (IO_MEM_NB_ENTRIES - 1); + addr = (addr & ~TARGET_PAGE_MASK) + p.region_offset; #ifdef TARGET_WORDS_BIGENDIAN - io_mem_write[io_index][2](io_mem_opaque[io_index], addr, val >> 32); - io_mem_write[io_index][2](io_mem_opaque[io_index], addr + 4, val); + io_mem_write(io_index, addr, val >> 32, 4); + io_mem_write(io_index, addr + 4, (uint32_t)val, 4); #else - io_mem_write[io_index][2](io_mem_opaque[io_index], addr, val); - io_mem_write[io_index][2](io_mem_opaque[io_index], addr + 4, val >> 32); + io_mem_write(io_index, addr, (uint32_t)val, 4); + io_mem_write(io_index, addr + 4, val >> 32, 4); #endif } else { ptr = qemu_get_ram_ptr(pd & TARGET_PAGE_MASK) + @@ -4363,19 +4069,14 @@ static inline void stl_phys_internal(target_phys_addr_t addr, uint32_t val, int io_index; uint8_t *ptr; unsigned long pd; - PhysPageDesc *p; + PhysPageDesc p; p = phys_page_find(addr >> TARGET_PAGE_BITS); - if (!p) { - pd = IO_MEM_UNASSIGNED; - } else { - pd = p->phys_offset; - } + pd = p.phys_offset; - if ((pd & ~TARGET_PAGE_MASK) != IO_MEM_RAM) { - io_index = (pd >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); - if (p) - addr = (addr & ~TARGET_PAGE_MASK) + p->region_offset; + if ((pd & ~TARGET_PAGE_MASK) != io_mem_ram.ram_addr) { + io_index = pd & (IO_MEM_NB_ENTRIES - 1); + addr = (addr & ~TARGET_PAGE_MASK) + p.region_offset; #if defined(TARGET_WORDS_BIGENDIAN) if (endian == DEVICE_LITTLE_ENDIAN) { val = bswap32(val); @@ -4385,7 +4086,7 @@ static inline void stl_phys_internal(target_phys_addr_t addr, uint32_t val, val = bswap32(val); } #endif - io_mem_write[io_index][2](io_mem_opaque[io_index], addr, val); + io_mem_write(io_index, addr, val, 4); } else { unsigned long addr1; addr1 = (pd & TARGET_PAGE_MASK) + (addr & ~TARGET_PAGE_MASK); @@ -4441,19 +4142,14 @@ static inline void stw_phys_internal(target_phys_addr_t addr, uint32_t val, int io_index; uint8_t *ptr; unsigned long pd; - PhysPageDesc *p; + PhysPageDesc p; p = phys_page_find(addr >> TARGET_PAGE_BITS); - if (!p) { - pd = IO_MEM_UNASSIGNED; - } else { - pd = p->phys_offset; - } + pd = p.phys_offset; - if ((pd & ~TARGET_PAGE_MASK) != IO_MEM_RAM) { - io_index = (pd >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); - if (p) - addr = (addr & ~TARGET_PAGE_MASK) + p->region_offset; + if ((pd & ~TARGET_PAGE_MASK) != io_mem_ram.ram_addr) { + io_index = pd & (IO_MEM_NB_ENTRIES - 1); + addr = (addr & ~TARGET_PAGE_MASK) + p.region_offset; #if defined(TARGET_WORDS_BIGENDIAN) if (endian == DEVICE_LITTLE_ENDIAN) { val = bswap16(val); @@ -4463,7 +4159,7 @@ static inline void stw_phys_internal(target_phys_addr_t addr, uint32_t val, val = bswap16(val); } #endif - io_mem_write[io_index][1](io_mem_opaque[io_index], addr, val); + io_mem_write(io_index, addr, val, 2); } else { unsigned long addr1; addr1 = (pd & TARGET_PAGE_MASK) + (addr & ~TARGET_PAGE_MASK); @@ -4667,6 +4363,33 @@ void dump_exec_info(FILE *f, fprintf_function cpu_fprintf) tcg_dump_info(f, cpu_fprintf); } +/* NOTE: this function can trigger an exception */ +/* NOTE2: the returned address is not exactly the physical address: it + is the offset relative to phys_ram_base */ +tb_page_addr_t get_page_addr_code(CPUState *env1, target_ulong addr) +{ + int mmu_idx, page_index, pd; + void *p; + + page_index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1); + mmu_idx = cpu_mmu_index(env1); + if (unlikely(env1->tlb_table[mmu_idx][page_index].addr_code != + (addr & TARGET_PAGE_MASK))) { + ldub_code(addr); + } + pd = env1->tlb_table[mmu_idx][page_index].addr_code & ~TARGET_PAGE_MASK; + if (pd != io_mem_ram.ram_addr && pd != io_mem_rom.ram_addr + && !is_romd(pd)) { +#if defined(TARGET_ALPHA) || defined(TARGET_MIPS) || defined(TARGET_SPARC) + cpu_unassigned_access(env1, addr, 0, 1, 0, 4); +#else + cpu_abort(env1, "Trying to execute code outside RAM or ROM at 0x" TARGET_FMT_lx "\n", addr); +#endif + } + p = (void *)((uintptr_t)addr + env1->tlb_table[mmu_idx][page_index].addend); + return qemu_ram_addr_from_host_nofail(p); +} + #define MMUSUFFIX _cmmu #undef GETPC #define GETPC() NULL diff --git a/fsdev/file-op-9p.h b/fsdev/file-op-9p.h index c823fe0aee..1e96c8bed9 100644 --- a/fsdev/file-op-9p.h +++ b/fsdev/file-op-9p.h @@ -57,10 +57,22 @@ typedef struct extended_ops { */ #define V9FS_SM_NONE 0x00000010 #define V9FS_RDONLY 0x00000020 +#define V9FS_PROXY_SOCK_FD 0x00000040 +#define V9FS_PROXY_SOCK_NAME 0x00000080 #define V9FS_SEC_MASK 0x0000001C +typedef struct FileOperations FileOperations; +/* + * Structure to store the various fsdev's passed through command line. + */ +typedef struct FsDriverEntry { + char *fsdev_id; + char *path; + int export_flags; + FileOperations *ops; +} FsDriverEntry; typedef struct FsContext { @@ -82,8 +94,9 @@ typedef union V9fsFidOpenState V9fsFidOpenState; void cred_init(FsCred *); -typedef struct FileOperations +struct FileOperations { + int (*parse_opts)(QemuOpts *, struct FsDriverEntry *); int (*init)(struct FsContext *); int (*lstat)(FsContext *, V9fsPath *, struct stat *); ssize_t (*readlink)(FsContext *, V9fsPath *, char *, size_t); @@ -128,6 +141,6 @@ typedef struct FileOperations V9fsPath *newdir, const char *new_name); int (*unlinkat)(FsContext *ctx, V9fsPath *dir, const char *name, int flags); void *opaque; -} FileOperations; +}; #endif diff --git a/fsdev/qemu-fsdev.c b/fsdev/qemu-fsdev.c index 6684f7ea90..e20202a4bf 100644 --- a/fsdev/qemu-fsdev.c +++ b/fsdev/qemu-fsdev.c @@ -27,16 +27,15 @@ static FsDriverTable FsDrivers[] = { { .name = "handle", .ops = &handle_ops}, #endif { .name = "synth", .ops = &synth_ops}, + { .name = "proxy", .ops = &proxy_ops}, }; int qemu_fsdev_add(QemuOpts *opts) { - struct FsDriverListEntry *fsle; int i; + struct FsDriverListEntry *fsle; const char *fsdev_id = qemu_opts_id(opts); const char *fsdriver = qemu_opt_get(opts, "fsdriver"); - const char *path = qemu_opt_get(opts, "path"); - const char *sec_model = qemu_opt_get(opts, "security_model"); const char *writeout = qemu_opt_get(opts, "writeout"); bool ro = qemu_opt_get_bool(opts, "readonly", 0); @@ -61,29 +60,9 @@ int qemu_fsdev_add(QemuOpts *opts) return -1; } - if (!strcmp(fsdriver, "local") && !sec_model) { - fprintf(stderr, "security model not specified, " - "local fs needs security model\nvalid options are:" - "\tsecurity_model=[passthrough|mapped|none]\n"); - return -1; - } - - if (strcmp(fsdriver, "local") && sec_model) { - fprintf(stderr, "only local fs driver needs security model\n"); - return -1; - } - - if (!path) { - fprintf(stderr, "fsdev: No path specified.\n"); - return -1; - } - - fsle = g_malloc(sizeof(*fsle)); - + fsle = g_malloc0(sizeof(*fsle)); fsle->fse.fsdev_id = g_strdup(fsdev_id); - fsle->fse.path = g_strdup(path); fsle->fse.ops = FsDrivers[i].ops; - fsle->fse.export_flags = 0; if (writeout) { if (!strcmp(writeout, "immediate")) { fsle->fse.export_flags |= V9FS_IMMEDIATE_WRITEOUT; @@ -95,22 +74,12 @@ int qemu_fsdev_add(QemuOpts *opts) fsle->fse.export_flags &= ~V9FS_RDONLY; } - if (strcmp(fsdriver, "local")) { - goto done; + if (fsle->fse.ops->parse_opts) { + if (fsle->fse.ops->parse_opts(opts, &fsle->fse)) { + return -1; + } } - if (!strcmp(sec_model, "passthrough")) { - fsle->fse.export_flags |= V9FS_SM_PASSTHROUGH; - } else if (!strcmp(sec_model, "mapped")) { - fsle->fse.export_flags |= V9FS_SM_MAPPED; - } else if (!strcmp(sec_model, "none")) { - fsle->fse.export_flags |= V9FS_SM_NONE; - } else { - fprintf(stderr, "Invalid security model %s specified, valid options are" - "\n\t [passthrough|mapped|none]\n", sec_model); - return -1; - } -done: QTAILQ_INSERT_TAIL(&fsdriver_entries, fsle, next); return 0; } diff --git a/fsdev/qemu-fsdev.h b/fsdev/qemu-fsdev.h index 8ef847374a..1af1f545d8 100644 --- a/fsdev/qemu-fsdev.h +++ b/fsdev/qemu-fsdev.h @@ -34,16 +34,6 @@ typedef struct FsDriverTable { FileOperations *ops; } FsDriverTable; -/* - * Structure to store the various fsdev's passed through command line. - */ -typedef struct FsDriverEntry { - char *fsdev_id; - char *path; - int export_flags; - FileOperations *ops; -} FsDriverEntry; - typedef struct FsDriverListEntry { FsDriverEntry fse; QTAILQ_ENTRY(FsDriverListEntry) next; @@ -54,4 +44,5 @@ FsDriverEntry *get_fsdev_fsentry(char *id); extern FileOperations local_ops; extern FileOperations handle_ops; extern FileOperations synth_ops; +extern FileOperations proxy_ops; #endif diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c new file mode 100644 index 0000000000..7f8def5b5d --- /dev/null +++ b/fsdev/virtfs-proxy-helper.c @@ -0,0 +1,1120 @@ +/* + * Helper for QEMU Proxy FS Driver + * Copyright IBM, Corp. 2011 + * + * Authors: + * M. Mohan Kumar <mohan@in.ibm.com> + * + * This work is licensed under the terms of the GNU GPL, version 2. See + * the COPYING file in the top-level directory. + */ +#include <stdio.h> +#include <sys/socket.h> +#include <string.h> +#include <sys/un.h> +#include <limits.h> +#include <signal.h> +#include <errno.h> +#include <stdlib.h> +#include <sys/resource.h> +#include <sys/stat.h> +#include <getopt.h> +#include <unistd.h> +#include <syslog.h> +#include <sys/capability.h> +#include <sys/fsuid.h> +#include <stdarg.h> +#include <stdbool.h> +#include <sys/vfs.h> +#include <sys/stat.h> +#include <attr/xattr.h> +#include <sys/ioctl.h> +#include <linux/fs.h> +#ifdef CONFIG_LINUX_MAGIC_H +#include <linux/magic.h> +#endif +#include "qemu-common.h" +#include "virtio-9p-marshal.h" +#include "hw/9pfs/virtio-9p-proxy.h" +#include "fsdev/virtio-9p-marshal.h" + +#define PROGNAME "virtfs-proxy-helper" + +#ifndef XFS_SUPER_MAGIC +#define XFS_SUPER_MAGIC 0x58465342 +#endif +#ifndef EXT2_SUPER_MAGIC +#define EXT2_SUPER_MAGIC 0xEF53 +#endif +#ifndef REISERFS_SUPER_MAGIC +#define REISERFS_SUPER_MAGIC 0x52654973 +#endif +#ifndef BTRFS_SUPER_MAGIC +#define BTRFS_SUPER_MAGIC 0x9123683E +#endif + +static struct option helper_opts[] = { + {"fd", required_argument, NULL, 'f'}, + {"path", required_argument, NULL, 'p'}, + {"nodaemon", no_argument, NULL, 'n'}, + {"socket", required_argument, NULL, 's'}, + {"uid", required_argument, NULL, 'u'}, + {"gid", required_argument, NULL, 'g'}, +}; + +static bool is_daemon; +static bool get_version; /* IOC getversion IOCTL supported */ + +static void do_log(int loglevel, const char *format, ...) +{ + va_list ap; + + va_start(ap, format); + if (is_daemon) { + vsyslog(LOG_CRIT, format, ap); + } else { + vfprintf(stderr, format, ap); + } + va_end(ap); +} + +static void do_perror(const char *string) +{ + if (is_daemon) { + syslog(LOG_CRIT, "%s:%s", string, strerror(errno)); + } else { + fprintf(stderr, "%s:%s\n", string, strerror(errno)); + } +} + +static int do_cap_set(cap_value_t *cap_value, int size, int reset) +{ + cap_t caps; + if (reset) { + /* + * Start with an empty set and set permitted and effective + */ + caps = cap_init(); + if (caps == NULL) { + do_perror("cap_init"); + return -1; + } + if (cap_set_flag(caps, CAP_PERMITTED, size, cap_value, CAP_SET) < 0) { + do_perror("cap_set_flag"); + goto error; + } + } else { + caps = cap_get_proc(); + if (!caps) { + do_perror("cap_get_proc"); + return -1; + } + } + if (cap_set_flag(caps, CAP_EFFECTIVE, size, cap_value, CAP_SET) < 0) { + do_perror("cap_set_flag"); + goto error; + } + if (cap_set_proc(caps) < 0) { + do_perror("cap_set_proc"); + goto error; + } + cap_free(caps); + return 0; + +error: + cap_free(caps); + return -1; +} + +static int init_capabilities(void) +{ + /* helper needs following capbabilities only */ + cap_value_t cap_list[] = { + CAP_CHOWN, + CAP_DAC_OVERRIDE, + CAP_FOWNER, + CAP_FSETID, + CAP_SETGID, + CAP_MKNOD, + CAP_SETUID, + }; + return do_cap_set(cap_list, ARRAY_SIZE(cap_list), 1); +} + +static int socket_read(int sockfd, void *buff, ssize_t size) +{ + ssize_t retval, total = 0; + + while (size) { + retval = read(sockfd, buff, size); + if (retval == 0) { + return -EIO; + } + if (retval < 0) { + if (errno == EINTR) { + continue; + } + return -errno; + } + size -= retval; + buff += retval; + total += retval; + } + return total; +} + +static int socket_write(int sockfd, void *buff, ssize_t size) +{ + ssize_t retval, total = 0; + + while (size) { + retval = write(sockfd, buff, size); + if (retval < 0) { + if (errno == EINTR) { + continue; + } + return -errno; + } + size -= retval; + buff += retval; + total += retval; + } + return total; +} + +static int read_request(int sockfd, struct iovec *iovec, ProxyHeader *header) +{ + int retval; + + /* + * read the request header. + */ + iovec->iov_len = 0; + retval = socket_read(sockfd, iovec->iov_base, PROXY_HDR_SZ); + if (retval < 0) { + return retval; + } + iovec->iov_len = PROXY_HDR_SZ; + retval = proxy_unmarshal(iovec, 0, "dd", &header->type, &header->size); + if (retval < 0) { + return retval; + } + /* + * We can't process message.size > PROXY_MAX_IO_SZ. + * Treat it as fatal error + */ + if (header->size > PROXY_MAX_IO_SZ) { + return -ENOBUFS; + } + retval = socket_read(sockfd, iovec->iov_base + PROXY_HDR_SZ, header->size); + if (retval < 0) { + return retval; + } + iovec->iov_len += header->size; + return 0; +} + +static int send_fd(int sockfd, int fd) +{ + struct msghdr msg; + struct iovec iov; + int retval, data; + struct cmsghdr *cmsg; + union MsgControl msg_control; + + iov.iov_base = &data; + iov.iov_len = sizeof(data); + + memset(&msg, 0, sizeof(msg)); + msg.msg_iov = &iov; + msg.msg_iovlen = 1; + /* No ancillary data on error */ + if (fd < 0) { + /* fd is really negative errno if the request failed */ + data = fd; + } else { + data = V9FS_FD_VALID; + msg.msg_control = &msg_control; + msg.msg_controllen = sizeof(msg_control); + + cmsg = &msg_control.cmsg; + cmsg->cmsg_len = CMSG_LEN(sizeof(fd)); + cmsg->cmsg_level = SOL_SOCKET; + cmsg->cmsg_type = SCM_RIGHTS; + memcpy(CMSG_DATA(cmsg), &fd, sizeof(fd)); + } + + do { + retval = sendmsg(sockfd, &msg, 0); + } while (retval < 0 && errno == EINTR); + if (fd >= 0) { + close(fd); + } + if (retval < 0) { + return retval; + } + return 0; +} + +static int send_status(int sockfd, struct iovec *iovec, int status) +{ + ProxyHeader header; + int retval, msg_size;; + + if (status < 0) { + header.type = T_ERROR; + } else { + header.type = T_SUCCESS; + } + header.size = sizeof(status); + /* + * marshal the return status. We don't check error. + * because we are sure we have enough space for the status + */ + msg_size = proxy_marshal(iovec, 0, "ddd", header.type, + header.size, status); + retval = socket_write(sockfd, iovec->iov_base, msg_size); + if (retval < 0) { + return retval; + } + return 0; +} + +/* + * from man 7 capabilities, section + * Effect of User ID Changes on Capabilities: + * 4. If the file system user ID is changed from 0 to nonzero (see setfsuid(2)) + * then the following capabilities are cleared from the effective set: + * CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_DAC_READ_SEARCH, CAP_FOWNER, CAP_FSETID, + * CAP_LINUX_IMMUTABLE (since Linux 2.2.30), CAP_MAC_OVERRIDE, and CAP_MKNOD + * (since Linux 2.2.30). If the file system UID is changed from nonzero to 0, + * then any of these capabilities that are enabled in the permitted set + * are enabled in the effective set. + */ +static int setfsugid(int uid, int gid) +{ + /* + * We still need DAC_OVERRIDE because we don't change + * supplementary group ids, and hence may be subjected DAC rules + */ + cap_value_t cap_list[] = { + CAP_DAC_OVERRIDE, + }; + + setfsgid(gid); + setfsuid(uid); + + if (uid != 0 || gid != 0) { + return do_cap_set(cap_list, ARRAY_SIZE(cap_list), 0); + } + return 0; +} + +/* + * send response in two parts + * 1) ProxyHeader + * 2) Response or error status + * This function should be called with marshaled response + * send_response constructs header part and error part only. + * send response sends {ProxyHeader,Response} if the request was success + * otherwise sends {ProxyHeader,error status} + */ +static int send_response(int sock, struct iovec *iovec, int size) +{ + int retval; + ProxyHeader header; + + /* + * If response size exceeds available iovec->iov_len, + * we return ENOBUFS + */ + if (size > PROXY_MAX_IO_SZ) { + size = -ENOBUFS; + } + + if (size < 0) { + /* + * In case of error we would not have got the error encoded + * already so encode the error here. + */ + header.type = T_ERROR; + header.size = sizeof(size); + proxy_marshal(iovec, PROXY_HDR_SZ, "d", size); + } else { + header.type = T_SUCCESS; + header.size = size; + } + proxy_marshal(iovec, 0, "dd", header.type, header.size); + retval = socket_write(sock, iovec->iov_base, header.size + PROXY_HDR_SZ); + if (retval < 0) { + return retval;; + } + return 0; +} + +/* + * gets generation number + * returns -errno on failure and sizeof(generation number) on success + */ +static int do_getversion(struct iovec *iovec, struct iovec *out_iovec) +{ + uint64_t version; + int retval = -ENOTTY; +#ifdef FS_IOC_GETVERSION + int fd; + V9fsString path; +#endif + + + /* no need to issue ioctl */ + if (!get_version) { + version = 0; + retval = proxy_marshal(out_iovec, PROXY_HDR_SZ, "q", version); + return retval; + } +#ifdef FS_IOC_GETVERSION + retval = proxy_unmarshal(iovec, PROXY_HDR_SZ, "s", &path); + if (retval < 0) { + return retval; + } + + fd = open(path.data, O_RDONLY); + if (fd < 0) { + retval = -errno; + goto err_out; + } + if (ioctl(fd, FS_IOC_GETVERSION, &version) < 0) { + retval = -errno; + } else { + retval = proxy_marshal(out_iovec, PROXY_HDR_SZ, "q", version); + } + close(fd); +err_out: + v9fs_string_free(&path); +#endif + return retval; +} + +static int do_getxattr(int type, struct iovec *iovec, struct iovec *out_iovec) +{ + int size = 0, offset, retval; + V9fsString path, name, xattr; + + v9fs_string_init(&xattr); + v9fs_string_init(&path); + retval = proxy_unmarshal(iovec, PROXY_HDR_SZ, "ds", &size, &path); + if (retval < 0) { + return retval; + } + offset = PROXY_HDR_SZ + retval; + + if (size) { + xattr.data = g_malloc(size); + xattr.size = size; + } + switch (type) { + case T_LGETXATTR: + v9fs_string_init(&name); + retval = proxy_unmarshal(iovec, offset, "s", &name); + if (retval > 0) { + retval = lgetxattr(path.data, name.data, xattr.data, size); + if (retval < 0) { + retval = -errno; + } else { + xattr.size = retval; + } + } + v9fs_string_free(&name); + break; + case T_LLISTXATTR: + retval = llistxattr(path.data, xattr.data, size); + if (retval < 0) { + retval = -errno; + } else { + xattr.size = retval; + } + break; + } + if (retval < 0) { + goto err_out; + } + + if (!size) { + proxy_marshal(out_iovec, PROXY_HDR_SZ, "d", retval); + retval = sizeof(retval); + } else { + retval = proxy_marshal(out_iovec, PROXY_HDR_SZ, "s", &xattr); + } +err_out: + v9fs_string_free(&xattr); + v9fs_string_free(&path); + return retval; +} + +static void stat_to_prstat(ProxyStat *pr_stat, struct stat *stat) +{ + memset(pr_stat, 0, sizeof(*pr_stat)); + pr_stat->st_dev = stat->st_dev; + pr_stat->st_ino = stat->st_ino; + pr_stat->st_nlink = stat->st_nlink; + pr_stat->st_mode = stat->st_mode; + pr_stat->st_uid = stat->st_uid; + pr_stat->st_gid = stat->st_gid; + pr_stat->st_rdev = stat->st_rdev; + pr_stat->st_size = stat->st_size; + pr_stat->st_blksize = stat->st_blksize; + pr_stat->st_blocks = stat->st_blocks; + pr_stat->st_atim_sec = stat->st_atim.tv_sec; + pr_stat->st_atim_nsec = stat->st_atim.tv_nsec; + pr_stat->st_mtim_sec = stat->st_mtim.tv_sec; + pr_stat->st_mtim_nsec = stat->st_mtim.tv_nsec; + pr_stat->st_ctim_sec = stat->st_ctim.tv_sec; + pr_stat->st_ctim_nsec = stat->st_ctim.tv_nsec; +} + +static void statfs_to_prstatfs(ProxyStatFS *pr_stfs, struct statfs *stfs) +{ + memset(pr_stfs, 0, sizeof(*pr_stfs)); + pr_stfs->f_type = stfs->f_type; + pr_stfs->f_bsize = stfs->f_bsize; + pr_stfs->f_blocks = stfs->f_blocks; + pr_stfs->f_bfree = stfs->f_bfree; + pr_stfs->f_bavail = stfs->f_bavail; + pr_stfs->f_files = stfs->f_files; + pr_stfs->f_ffree = stfs->f_ffree; + pr_stfs->f_fsid[0] = stfs->f_fsid.__val[0]; + pr_stfs->f_fsid[1] = stfs->f_fsid.__val[1]; + pr_stfs->f_namelen = stfs->f_namelen; + pr_stfs->f_frsize = stfs->f_frsize; +} + +/* + * Gets stat/statfs information and packs in out_iovec structure + * on success returns number of bytes packed in out_iovec struture + * otherwise returns -errno + */ +static int do_stat(int type, struct iovec *iovec, struct iovec *out_iovec) +{ + int retval; + V9fsString path; + ProxyStat pr_stat; + ProxyStatFS pr_stfs; + struct stat st_buf; + struct statfs stfs_buf; + + v9fs_string_init(&path); + retval = proxy_unmarshal(iovec, PROXY_HDR_SZ, "s", &path); + if (retval < 0) { + return retval; + } + + switch (type) { + case T_LSTAT: + retval = lstat(path.data, &st_buf); + if (retval < 0) { + retval = -errno; + } else { + stat_to_prstat(&pr_stat, &st_buf); + retval = proxy_marshal(out_iovec, PROXY_HDR_SZ, + "qqqdddqqqqqqqqqq", pr_stat.st_dev, + pr_stat.st_ino, pr_stat.st_nlink, + pr_stat.st_mode, pr_stat.st_uid, + pr_stat.st_gid, pr_stat.st_rdev, + pr_stat.st_size, pr_stat.st_blksize, + pr_stat.st_blocks, + pr_stat.st_atim_sec, pr_stat.st_atim_nsec, + pr_stat.st_mtim_sec, pr_stat.st_mtim_nsec, + pr_stat.st_ctim_sec, pr_stat.st_ctim_nsec); + } + break; + case T_STATFS: + retval = statfs(path.data, &stfs_buf); + if (retval < 0) { + retval = -errno; + } else { + statfs_to_prstatfs(&pr_stfs, &stfs_buf); + retval = proxy_marshal(out_iovec, PROXY_HDR_SZ, + "qqqqqqqqqqq", pr_stfs.f_type, + pr_stfs.f_bsize, pr_stfs.f_blocks, + pr_stfs.f_bfree, pr_stfs.f_bavail, + pr_stfs.f_files, pr_stfs.f_ffree, + pr_stfs.f_fsid[0], pr_stfs.f_fsid[1], + pr_stfs.f_namelen, pr_stfs.f_frsize); + } + break; + } + v9fs_string_free(&path); + return retval; +} + +static int do_readlink(struct iovec *iovec, struct iovec *out_iovec) +{ + char *buffer; + int size, retval; + V9fsString target, path; + + v9fs_string_init(&path); + retval = proxy_unmarshal(iovec, PROXY_HDR_SZ, "sd", &path, &size); + if (retval < 0) { + v9fs_string_free(&path); + return retval; + } + buffer = g_malloc(size); + v9fs_string_init(&target); + retval = readlink(path.data, buffer, size); + if (retval > 0) { + buffer[retval] = '\0'; + v9fs_string_sprintf(&target, "%s", buffer); + retval = proxy_marshal(out_iovec, PROXY_HDR_SZ, "s", &target); + } else { + retval = -errno; + } + g_free(buffer); + v9fs_string_free(&target); + v9fs_string_free(&path); + return retval; +} + +/* + * create other filesystem objects and send 0 on success + * return -errno on error + */ +static int do_create_others(int type, struct iovec *iovec) +{ + dev_t rdev; + int retval = 0; + int offset = PROXY_HDR_SZ; + V9fsString oldpath, path; + int mode, uid, gid, cur_uid, cur_gid; + + v9fs_string_init(&path); + v9fs_string_init(&oldpath); + cur_uid = geteuid(); + cur_gid = getegid(); + + retval = proxy_unmarshal(iovec, offset, "dd", &uid, &gid); + if (retval < 0) { + return retval; + } + offset += retval; + retval = setfsugid(uid, gid); + if (retval < 0) { + retval = -errno; + goto err_out; + } + switch (type) { + case T_MKNOD: + retval = proxy_unmarshal(iovec, offset, "sdq", &path, &mode, &rdev); + if (retval < 0) { + goto err_out; + } + retval = mknod(path.data, mode, rdev); + break; + case T_MKDIR: + retval = proxy_unmarshal(iovec, offset, "sd", &path, &mode); + if (retval < 0) { + goto err_out; + } + retval = mkdir(path.data, mode); + break; + case T_SYMLINK: + retval = proxy_unmarshal(iovec, offset, "ss", &oldpath, &path); + if (retval < 0) { + goto err_out; + } + retval = symlink(oldpath.data, path.data); + break; + } + if (retval < 0) { + retval = -errno; + } + +err_out: + v9fs_string_free(&path); + v9fs_string_free(&oldpath); + setfsugid(cur_uid, cur_gid); + return retval; +} + +/* + * create a file and send fd on success + * return -errno on error + */ +static int do_create(struct iovec *iovec) +{ + int ret; + V9fsString path; + int flags, mode, uid, gid, cur_uid, cur_gid; + + v9fs_string_init(&path); + ret = proxy_unmarshal(iovec, PROXY_HDR_SZ, "sdddd", + &path, &flags, &mode, &uid, &gid); + if (ret < 0) { + goto unmarshal_err_out; + } + cur_uid = geteuid(); + cur_gid = getegid(); + ret = setfsugid(uid, gid); + if (ret < 0) { + /* + * On failure reset back to the + * old uid/gid + */ + ret = -errno; + goto err_out; + } + ret = open(path.data, flags, mode); + if (ret < 0) { + ret = -errno; + } + +err_out: + setfsugid(cur_uid, cur_gid); +unmarshal_err_out: + v9fs_string_free(&path); + return ret; +} + +/* + * open a file and send fd on success + * return -errno on error + */ +static int do_open(struct iovec *iovec) +{ + int flags, ret; + V9fsString path; + + v9fs_string_init(&path); + ret = proxy_unmarshal(iovec, PROXY_HDR_SZ, "sd", &path, &flags); + if (ret < 0) { + goto err_out; + } + ret = open(path.data, flags); + if (ret < 0) { + ret = -errno; + } +err_out: + v9fs_string_free(&path); + return ret; +} + +/* create unix domain socket and return the descriptor */ +static int proxy_socket(const char *path, uid_t uid, gid_t gid) +{ + int sock, client; + struct sockaddr_un proxy, qemu; + socklen_t size; + + /* requested socket already exists, refuse to start */ + if (!access(path, F_OK)) { + do_log(LOG_CRIT, "socket already exists\n"); + return -1; + } + + sock = socket(AF_UNIX, SOCK_STREAM, 0); + if (sock < 0) { + do_perror("socket"); + return -1; + } + + /* mask other part of mode bits */ + umask(7); + + proxy.sun_family = AF_UNIX; + strcpy(proxy.sun_path, path); + if (bind(sock, (struct sockaddr *)&proxy, + sizeof(struct sockaddr_un)) < 0) { + do_perror("bind"); + return -1; + } + if (chown(proxy.sun_path, uid, gid) < 0) { + do_perror("chown"); + return -1; + } + if (listen(sock, 1) < 0) { + do_perror("listen"); + return -1; + } + + client = accept(sock, (struct sockaddr *)&qemu, &size); + if (client < 0) { + do_perror("accept"); + return -1; + } + return client; +} + +static void usage(char *prog) +{ + fprintf(stderr, "usage: %s\n" + " -p|--path <path> 9p path to export\n" + " {-f|--fd <socket-descriptor>} socket file descriptor to be used\n" + " {-s|--socket <socketname> socket file used for communication\n" + " \t-u|--uid <uid> -g|--gid <gid>} - uid:gid combination to give " + " access to this socket\n" + " \tNote: -s & -f can not be used together\n" + " [-n|--nodaemon] Run as a normal program\n", + basename(prog)); +} + +static int process_reply(int sock, int type, + struct iovec *out_iovec, int retval) +{ + switch (type) { + case T_OPEN: + case T_CREATE: + if (send_fd(sock, retval) < 0) { + return -1; + } + break; + case T_MKNOD: + case T_MKDIR: + case T_SYMLINK: + case T_LINK: + case T_CHMOD: + case T_CHOWN: + case T_TRUNCATE: + case T_UTIME: + case T_RENAME: + case T_REMOVE: + case T_LSETXATTR: + case T_LREMOVEXATTR: + if (send_status(sock, out_iovec, retval) < 0) { + return -1; + } + break; + case T_LSTAT: + case T_STATFS: + case T_READLINK: + case T_LGETXATTR: + case T_LLISTXATTR: + case T_GETVERSION: + if (send_response(sock, out_iovec, retval) < 0) { + return -1; + } + break; + default: + return -1; + break; + } + return 0; +} + +static int process_requests(int sock) +{ + int flags; + int size = 0; + int retval = 0; + uint64_t offset; + ProxyHeader header; + int mode, uid, gid; + V9fsString name, value; + struct timespec spec[2]; + V9fsString oldpath, path; + struct iovec in_iovec, out_iovec; + + in_iovec.iov_base = g_malloc(PROXY_MAX_IO_SZ + PROXY_HDR_SZ); + in_iovec.iov_len = PROXY_MAX_IO_SZ + PROXY_HDR_SZ; + out_iovec.iov_base = g_malloc(PROXY_MAX_IO_SZ + PROXY_HDR_SZ); + out_iovec.iov_len = PROXY_MAX_IO_SZ + PROXY_HDR_SZ; + + while (1) { + /* + * initialize the header type, so that we send + * response to proper request type. + */ + header.type = 0; + retval = read_request(sock, &in_iovec, &header); + if (retval < 0) { + goto err_out; + } + + switch (header.type) { + case T_OPEN: + retval = do_open(&in_iovec); + break; + case T_CREATE: + retval = do_create(&in_iovec); + break; + case T_MKNOD: + case T_MKDIR: + case T_SYMLINK: + retval = do_create_others(header.type, &in_iovec); + break; + case T_LINK: + v9fs_string_init(&path); + v9fs_string_init(&oldpath); + retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, + "ss", &oldpath, &path); + if (retval > 0) { + retval = link(oldpath.data, path.data); + if (retval < 0) { + retval = -errno; + } + } + v9fs_string_free(&oldpath); + v9fs_string_free(&path); + break; + case T_LSTAT: + case T_STATFS: + retval = do_stat(header.type, &in_iovec, &out_iovec); + break; + case T_READLINK: + retval = do_readlink(&in_iovec, &out_iovec); + break; + case T_CHMOD: + v9fs_string_init(&path); + retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, + "sd", &path, &mode); + if (retval > 0) { + retval = chmod(path.data, mode); + if (retval < 0) { + retval = -errno; + } + } + v9fs_string_free(&path); + break; + case T_CHOWN: + v9fs_string_init(&path); + retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "sdd", &path, + &uid, &gid); + if (retval > 0) { + retval = lchown(path.data, uid, gid); + if (retval < 0) { + retval = -errno; + } + } + v9fs_string_free(&path); + break; + case T_TRUNCATE: + v9fs_string_init(&path); + retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "sq", + &path, &offset); + if (retval > 0) { + retval = truncate(path.data, offset); + if (retval < 0) { + retval = -errno; + } + } + v9fs_string_free(&path); + break; + case T_UTIME: + v9fs_string_init(&path); + retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "sqqqq", &path, + &spec[0].tv_sec, &spec[0].tv_nsec, + &spec[1].tv_sec, &spec[1].tv_nsec); + if (retval > 0) { + retval = qemu_utimens(path.data, spec); + if (retval < 0) { + retval = -errno; + } + } + v9fs_string_free(&path); + break; + case T_RENAME: + v9fs_string_init(&path); + v9fs_string_init(&oldpath); + retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, + "ss", &oldpath, &path); + if (retval > 0) { + retval = rename(oldpath.data, path.data); + if (retval < 0) { + retval = -errno; + } + } + v9fs_string_free(&oldpath); + v9fs_string_free(&path); + break; + case T_REMOVE: + v9fs_string_init(&path); + retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "s", &path); + if (retval > 0) { + retval = remove(path.data); + if (retval < 0) { + retval = -errno; + } + } + v9fs_string_free(&path); + break; + case T_LGETXATTR: + case T_LLISTXATTR: + retval = do_getxattr(header.type, &in_iovec, &out_iovec); + break; + case T_LSETXATTR: + v9fs_string_init(&path); + v9fs_string_init(&name); + v9fs_string_init(&value); + retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "sssdd", &path, + &name, &value, &size, &flags); + if (retval > 0) { + retval = lsetxattr(path.data, + name.data, value.data, size, flags); + if (retval < 0) { + retval = -errno; + } + } + v9fs_string_free(&path); + v9fs_string_free(&name); + v9fs_string_free(&value); + break; + case T_LREMOVEXATTR: + v9fs_string_init(&path); + v9fs_string_init(&name); + retval = proxy_unmarshal(&in_iovec, + PROXY_HDR_SZ, "ss", &path, &name); + if (retval > 0) { + retval = lremovexattr(path.data, name.data); + if (retval < 0) { + retval = -errno; + } + } + v9fs_string_free(&path); + v9fs_string_free(&name); + break; + case T_GETVERSION: + retval = do_getversion(&in_iovec, &out_iovec); + break; + default: + goto err_out; + break; + } + + if (process_reply(sock, header.type, &out_iovec, retval) < 0) { + goto err_out; + } + } +err_out: + g_free(in_iovec.iov_base); + g_free(out_iovec.iov_base); + return -1; +} + +int main(int argc, char **argv) +{ + int sock; + uid_t own_u; + gid_t own_g; + char *rpath = NULL; + char *sock_name = NULL; + struct stat stbuf; + int c, option_index; +#ifdef FS_IOC_GETVERSION + int retval; + struct statfs st_fs; +#endif + + is_daemon = true; + sock = -1; + own_u = own_g = -1; + while (1) { + option_index = 0; + c = getopt_long(argc, argv, "p:nh?f:s:u:g:", helper_opts, + &option_index); + if (c == -1) { + break; + } + switch (c) { + case 'p': + rpath = strdup(optarg); + break; + case 'n': + is_daemon = false; + break; + case 'f': + sock = atoi(optarg); + break; + case 's': + sock_name = strdup(optarg); + break; + case 'u': + own_u = atoi(optarg); + break; + case 'g': + own_g = atoi(optarg); + break; + case '?': + case 'h': + default: + usage(argv[0]); + exit(EXIT_FAILURE); + } + } + + /* Parameter validation */ + if ((sock_name == NULL && sock == -1) || rpath == NULL) { + fprintf(stderr, "socket, socket descriptor or path not specified\n"); + usage(argv[0]); + return -1; + } + + if (*sock_name && (own_u == -1 || own_g == -1)) { + fprintf(stderr, "owner uid:gid not specified, "); + fprintf(stderr, + "owner uid:gid specifies who can access the socket file\n"); + usage(argv[0]); + exit(EXIT_FAILURE); + } + + if (lstat(rpath, &stbuf) < 0) { + fprintf(stderr, "invalid path \"%s\" specified, %s\n", + rpath, strerror(errno)); + exit(EXIT_FAILURE); + } + + if (!S_ISDIR(stbuf.st_mode)) { + fprintf(stderr, "specified path \"%s\" is not directory\n", rpath); + exit(EXIT_FAILURE); + } + + if (is_daemon) { + if (daemon(0, 0) < 0) { + fprintf(stderr, "daemon call failed\n"); + exit(EXIT_FAILURE); + } + openlog(PROGNAME, LOG_PID, LOG_DAEMON); + } + + do_log(LOG_INFO, "Started\n"); + if (*sock_name) { + sock = proxy_socket(sock_name, own_u, own_g); + if (sock < 0) { + goto error; + } + } + + get_version = false; +#ifdef FS_IOC_GETVERSION + /* check whether underlying FS support IOC_GETVERSION */ + retval = statfs(rpath, &st_fs); + if (!retval) { + switch (st_fs.f_type) { + case EXT2_SUPER_MAGIC: + case BTRFS_SUPER_MAGIC: + case REISERFS_SUPER_MAGIC: + case XFS_SUPER_MAGIC: + get_version = true; + break; + } + } +#endif + + if (chdir("/") < 0) { + do_perror("chdir"); + goto error; + } + if (chroot(rpath) < 0) { + do_perror("chroot"); + goto error; + } + umask(0); + + if (init_capabilities() < 0) { + goto error; + } + + process_requests(sock); +error: + do_log(LOG_INFO, "Done\n"); + closelog(); + return 0; +} diff --git a/fsdev/virtfs-proxy-helper.texi b/fsdev/virtfs-proxy-helper.texi new file mode 100644 index 0000000000..faa0434480 --- /dev/null +++ b/fsdev/virtfs-proxy-helper.texi @@ -0,0 +1,63 @@ +@example +@c man begin SYNOPSIS +usage: virtfs-proxy-helper options +@c man end +@end example + +@c man begin DESCRIPTION +@table @description +Pass-through security model in QEMU 9p server needs root privilege to do +few file operations (like chown, chmod to any mode/uid:gid). There are two +issues in pass-through security model + +1) TOCTTOU vulnerability: Following symbolic links in the server could +provide access to files beyond 9p export path. + +2) Running QEMU with root privilege could be a security issue. + +To overcome above issues, following approach is used: A new filesytem +type 'proxy' is introduced. Proxy FS uses chroot + socket combination +for securing the vulnerability known with following symbolic links. +Intention of adding a new filesystem type is to allow qemu to run +in non-root mode, but doing privileged operations using socket IO. + +Proxy helper(a stand alone binary part of qemu) is invoked with +root privileges. Proxy helper chroots into 9p export path and creates +a socket pair or a named socket based on the command line parameter. +Qemu and proxy helper communicate using this socket. QEMU proxy fs +driver sends filesystem request to proxy helper and receives the +response from it. + +Proxy helper is designed so that it can drop the root privilege with +retaining capbilities needed for doing filesystem operations only. + +@end table +@c man end + +@c man begin OPTIONS +The following options are supported: +@table @option +@item -h +@findex -h +Display help and exit +@item -p|--path path +Path to export for proxy filesystem driver +@item -f|--fd socket-id +Use given file descriptor as socket descriptor for communicating with +qemu proxy fs drier. Usually a helper like libvirt will create +socketpair and pass one of the fds as parameter to -f|--fd +@item -s|--socket socket-file +Creates named socket file for communicating with qemu proxy fs driver +@item -u|--uid uid -g|--gid gid +uid:gid combination to give access to named socket file +@item -n|--nodaemon +Run as a normal program. By default program will run in daemon mode +@end table +@c man end + +@setfilename virtfs-proxy-helper +@settitle QEMU 9p virtfs proxy filesystem helper + +@c man begin AUTHOR +M. Mohan Kumar +@c man end diff --git a/fsdev/virtio-9p-marshal.c b/fsdev/virtio-9p-marshal.c new file mode 100644 index 0000000000..bf980bfa38 --- /dev/null +++ b/fsdev/virtio-9p-marshal.c @@ -0,0 +1,323 @@ +/* + * Virtio 9p backend + * + * Copyright IBM, Corp. 2010 + * + * Authors: + * Anthony Liguori <aliguori@us.ibm.com> + * + * This work is licensed under the terms of the GNU GPL, version 2. See + * the COPYING file in the top-level directory. + * + */ + +#include <glib.h> +#include <glib/gprintf.h> +#include <sys/types.h> +#include <dirent.h> +#include <sys/time.h> +#include <utime.h> +#include <sys/uio.h> +#include <string.h> +#include <stdint.h> +#include <errno.h> + +#include "compiler.h" +#include "virtio-9p-marshal.h" +#include "bswap.h" + +void v9fs_string_free(V9fsString *str) +{ + g_free(str->data); + str->data = NULL; + str->size = 0; +} + +void v9fs_string_null(V9fsString *str) +{ + v9fs_string_free(str); +} + +void GCC_FMT_ATTR(2, 3) +v9fs_string_sprintf(V9fsString *str, const char *fmt, ...) +{ + va_list ap; + + v9fs_string_free(str); + + va_start(ap, fmt); + str->size = g_vasprintf(&str->data, fmt, ap); + va_end(ap); +} + +void v9fs_string_copy(V9fsString *lhs, V9fsString *rhs) +{ + v9fs_string_free(lhs); + v9fs_string_sprintf(lhs, "%s", rhs->data); +} + + +static ssize_t v9fs_packunpack(void *addr, struct iovec *sg, int sg_count, + size_t offset, size_t size, int pack) +{ + int i = 0; + size_t copied = 0; + size_t req_size = size; + + + for (i = 0; size && i < sg_count; i++) { + size_t len; + if (offset >= sg[i].iov_len) { + /* skip this sg */ + offset -= sg[i].iov_len; + continue; + } else { + len = MIN(sg[i].iov_len - offset, size); + if (pack) { + memcpy(sg[i].iov_base + offset, addr, len); + } else { + memcpy(addr, sg[i].iov_base + offset, len); + } + size -= len; + copied += len; + addr += len; + if (size) { + offset = 0; + continue; + } + } + } + if (copied < req_size) { + /* + * We copied less that requested size. error out + */ + return -ENOBUFS; + } + return copied; +} + +static ssize_t v9fs_unpack(void *dst, struct iovec *out_sg, int out_num, + size_t offset, size_t size) +{ + return v9fs_packunpack(dst, out_sg, out_num, offset, size, 0); +} + +ssize_t v9fs_pack(struct iovec *in_sg, int in_num, size_t offset, + const void *src, size_t size) +{ + return v9fs_packunpack((void *)src, in_sg, in_num, offset, size, 1); +} + +ssize_t v9fs_unmarshal(struct iovec *out_sg, int out_num, size_t offset, + int bswap, const char *fmt, ...) +{ + int i; + va_list ap; + ssize_t copied = 0; + size_t old_offset = offset; + + va_start(ap, fmt); + for (i = 0; fmt[i]; i++) { + switch (fmt[i]) { + case 'b': { + uint8_t *valp = va_arg(ap, uint8_t *); + copied = v9fs_unpack(valp, out_sg, out_num, offset, sizeof(*valp)); + break; + } + case 'w': { + uint16_t val, *valp; + valp = va_arg(ap, uint16_t *); + copied = v9fs_unpack(&val, out_sg, out_num, offset, sizeof(val)); + if (bswap) { + *valp = le16_to_cpu(val); + } else { + *valp = val; + } + break; + } + case 'd': { + uint32_t val, *valp; + valp = va_arg(ap, uint32_t *); + copied = v9fs_unpack(&val, out_sg, out_num, offset, sizeof(val)); + if (bswap) { + *valp = le32_to_cpu(val); + } else { + *valp = val; + } + break; + } + case 'q': { + uint64_t val, *valp; + valp = va_arg(ap, uint64_t *); + copied = v9fs_unpack(&val, out_sg, out_num, offset, sizeof(val)); + if (bswap) { + *valp = le64_to_cpu(val); + } else { + *valp = val; + } + break; + } + case 's': { + V9fsString *str = va_arg(ap, V9fsString *); + copied = v9fs_unmarshal(out_sg, out_num, offset, bswap, + "w", &str->size); + if (copied > 0) { + offset += copied; + str->data = g_malloc(str->size + 1); + copied = v9fs_unpack(str->data, out_sg, out_num, offset, + str->size); + if (copied > 0) { + str->data[str->size] = 0; + } else { + v9fs_string_free(str); + } + } + break; + } + case 'Q': { + V9fsQID *qidp = va_arg(ap, V9fsQID *); + copied = v9fs_unmarshal(out_sg, out_num, offset, bswap, "bdq", + &qidp->type, &qidp->version, &qidp->path); + break; + } + case 'S': { + V9fsStat *statp = va_arg(ap, V9fsStat *); + copied = v9fs_unmarshal(out_sg, out_num, offset, bswap, + "wwdQdddqsssssddd", + &statp->size, &statp->type, &statp->dev, + &statp->qid, &statp->mode, &statp->atime, + &statp->mtime, &statp->length, + &statp->name, &statp->uid, &statp->gid, + &statp->muid, &statp->extension, + &statp->n_uid, &statp->n_gid, + &statp->n_muid); + break; + } + case 'I': { + V9fsIattr *iattr = va_arg(ap, V9fsIattr *); + copied = v9fs_unmarshal(out_sg, out_num, offset, bswap, + "ddddqqqqq", + &iattr->valid, &iattr->mode, + &iattr->uid, &iattr->gid, &iattr->size, + &iattr->atime_sec, &iattr->atime_nsec, + &iattr->mtime_sec, &iattr->mtime_nsec); + break; + } + default: + break; + } + if (copied < 0) { + va_end(ap); + return copied; + } + offset += copied; + } + va_end(ap); + + return offset - old_offset; +} + +ssize_t v9fs_marshal(struct iovec *in_sg, int in_num, size_t offset, + int bswap, const char *fmt, ...) +{ + int i; + va_list ap; + ssize_t copied = 0; + size_t old_offset = offset; + + va_start(ap, fmt); + for (i = 0; fmt[i]; i++) { + switch (fmt[i]) { + case 'b': { + uint8_t val = va_arg(ap, int); + copied = v9fs_pack(in_sg, in_num, offset, &val, sizeof(val)); + break; + } + case 'w': { + uint16_t val; + if (bswap) { + cpu_to_le16w(&val, va_arg(ap, int)); + } else { + val = va_arg(ap, int); + } + copied = v9fs_pack(in_sg, in_num, offset, &val, sizeof(val)); + break; + } + case 'd': { + uint32_t val; + if (bswap) { + cpu_to_le32w(&val, va_arg(ap, uint32_t)); + } else { + val = va_arg(ap, uint32_t); + } + copied = v9fs_pack(in_sg, in_num, offset, &val, sizeof(val)); + break; + } + case 'q': { + uint64_t val; + if (bswap) { + cpu_to_le64w(&val, va_arg(ap, uint64_t)); + } else { + val = va_arg(ap, uint64_t); + } + copied = v9fs_pack(in_sg, in_num, offset, &val, sizeof(val)); + break; + } + case 's': { + V9fsString *str = va_arg(ap, V9fsString *); + copied = v9fs_marshal(in_sg, in_num, offset, bswap, + "w", str->size); + if (copied > 0) { + offset += copied; + copied = v9fs_pack(in_sg, in_num, offset, str->data, str->size); + } + break; + } + case 'Q': { + V9fsQID *qidp = va_arg(ap, V9fsQID *); + copied = v9fs_marshal(in_sg, in_num, offset, bswap, "bdq", + qidp->type, qidp->version, qidp->path); + break; + } + case 'S': { + V9fsStat *statp = va_arg(ap, V9fsStat *); + copied = v9fs_marshal(in_sg, in_num, offset, bswap, + "wwdQdddqsssssddd", + statp->size, statp->type, statp->dev, + &statp->qid, statp->mode, statp->atime, + statp->mtime, statp->length, &statp->name, + &statp->uid, &statp->gid, &statp->muid, + &statp->extension, statp->n_uid, + statp->n_gid, statp->n_muid); + break; + } + case 'A': { + V9fsStatDotl *statp = va_arg(ap, V9fsStatDotl *); + copied = v9fs_marshal(in_sg, in_num, offset, bswap, + "qQdddqqqqqqqqqqqqqqq", + statp->st_result_mask, + &statp->qid, statp->st_mode, + statp->st_uid, statp->st_gid, + statp->st_nlink, statp->st_rdev, + statp->st_size, statp->st_blksize, + statp->st_blocks, statp->st_atime_sec, + statp->st_atime_nsec, statp->st_mtime_sec, + statp->st_mtime_nsec, statp->st_ctime_sec, + statp->st_ctime_nsec, statp->st_btime_sec, + statp->st_btime_nsec, statp->st_gen, + statp->st_data_version); + break; + } + default: + break; + } + if (copied < 0) { + va_end(ap); + return copied; + } + offset += copied; + } + va_end(ap); + + return offset - old_offset; +} diff --git a/fsdev/virtio-9p-marshal.h b/fsdev/virtio-9p-marshal.h new file mode 100644 index 0000000000..5df65a8357 --- /dev/null +++ b/fsdev/virtio-9p-marshal.h @@ -0,0 +1,90 @@ +#ifndef _QEMU_VIRTIO_9P_MARSHAL_H +#define _QEMU_VIRTIO_9P_MARSHAL_H + +typedef struct V9fsString +{ + uint16_t size; + char *data; +} V9fsString; + +typedef struct V9fsQID +{ + int8_t type; + int32_t version; + int64_t path; +} V9fsQID; + +typedef struct V9fsStat +{ + int16_t size; + int16_t type; + int32_t dev; + V9fsQID qid; + int32_t mode; + int32_t atime; + int32_t mtime; + int64_t length; + V9fsString name; + V9fsString uid; + V9fsString gid; + V9fsString muid; + /* 9p2000.u */ + V9fsString extension; + int32_t n_uid; + int32_t n_gid; + int32_t n_muid; +} V9fsStat; + +typedef struct V9fsIattr +{ + int32_t valid; + int32_t mode; + int32_t uid; + int32_t gid; + int64_t size; + int64_t atime_sec; + int64_t atime_nsec; + int64_t mtime_sec; + int64_t mtime_nsec; +} V9fsIattr; + +typedef struct V9fsStatDotl { + uint64_t st_result_mask; + V9fsQID qid; + uint32_t st_mode; + uint32_t st_uid; + uint32_t st_gid; + uint64_t st_nlink; + uint64_t st_rdev; + uint64_t st_size; + uint64_t st_blksize; + uint64_t st_blocks; + uint64_t st_atime_sec; + uint64_t st_atime_nsec; + uint64_t st_mtime_sec; + uint64_t st_mtime_nsec; + uint64_t st_ctime_sec; + uint64_t st_ctime_nsec; + uint64_t st_btime_sec; + uint64_t st_btime_nsec; + uint64_t st_gen; + uint64_t st_data_version; +} V9fsStatDotl; + +static inline void v9fs_string_init(V9fsString *str) +{ + str->data = NULL; + str->size = 0; +} +extern void v9fs_string_free(V9fsString *str); +extern void v9fs_string_null(V9fsString *str); +extern void v9fs_string_sprintf(V9fsString *str, const char *fmt, ...); +extern void v9fs_string_copy(V9fsString *lhs, V9fsString *rhs); + +ssize_t v9fs_pack(struct iovec *in_sg, int in_num, size_t offset, + const void *src, size_t size); +ssize_t v9fs_unmarshal(struct iovec *out_sg, int out_num, size_t offset, + int bswap, const char *fmt, ...); +ssize_t v9fs_marshal(struct iovec *in_sg, int in_num, size_t offset, + int bswap, const char *fmt, ...); +#endif diff --git a/gdbstub.c b/gdbstub.c index a5806ef6c4..7d470b608e 100644 --- a/gdbstub.c +++ b/gdbstub.c @@ -2762,11 +2762,13 @@ static int gdbserver_open(int port) ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); if (ret < 0) { perror("bind"); + close(fd); return -1; } ret = listen(fd, 0); if (ret < 0) { perror("listen"); + close(fd); return -1; } return fd; diff --git a/hw/9pfs/virtio-9p-device.c b/hw/9pfs/virtio-9p-device.c index cd343e1d81..642d5e2c46 100644 --- a/hw/9pfs/virtio-9p-device.c +++ b/hw/9pfs/virtio-9p-device.c @@ -77,16 +77,19 @@ VirtIODevice *virtio_9p_init(DeviceState *dev, V9fsConf *conf) exit(1); } - if (!fse->path || !conf->tag) { - /* we haven't specified a mount_tag or the path */ - fprintf(stderr, "fsdev with id %s needs path " - "and Virtio-9p device needs mount_tag arguments\n", + if (!conf->tag) { + /* we haven't specified a mount_tag */ + fprintf(stderr, "fsdev with id %s needs mount_tag arguments\n", conf->fsdev_id); exit(1); } s->ctx.export_flags = fse->export_flags; - s->ctx.fs_root = g_strdup(fse->path); + if (fse->path) { + s->ctx.fs_root = g_strdup(fse->path); + } else { + s->ctx.fs_root = NULL; + } s->ctx.exops.get_st_gen = NULL; if (fse->export_flags & V9FS_SM_PASSTHROUGH) { diff --git a/hw/9pfs/virtio-9p-handle.c b/hw/9pfs/virtio-9p-handle.c index b556e39702..cb012c0510 100644 --- a/hw/9pfs/virtio-9p-handle.c +++ b/hw/9pfs/virtio-9p-handle.c @@ -641,7 +641,27 @@ out: return ret; } +static int handle_parse_opts(QemuOpts *opts, struct FsDriverEntry *fse) +{ + const char *sec_model = qemu_opt_get(opts, "security_model"); + const char *path = qemu_opt_get(opts, "path"); + + if (sec_model) { + fprintf(stderr, "Invalid argument security_model specified with handle fsdriver\n"); + return -1; + } + + if (!path) { + fprintf(stderr, "fsdev: No path specified.\n"); + return -1; + } + fse->path = g_strdup(path); + return 0; + +} + FileOperations handle_ops = { + .parse_opts = handle_parse_opts, .init = handle_init, .lstat = handle_lstat, .readlink = handle_readlink, diff --git a/hw/9pfs/virtio-9p-local.c b/hw/9pfs/virtio-9p-local.c index 371a94dfff..3ae6ef2e39 100644 --- a/hw/9pfs/virtio-9p-local.c +++ b/hw/9pfs/virtio-9p-local.c @@ -756,7 +756,41 @@ static int local_init(FsContext *ctx) return err; } +static int local_parse_opts(QemuOpts *opts, struct FsDriverEntry *fse) +{ + const char *sec_model = qemu_opt_get(opts, "security_model"); + const char *path = qemu_opt_get(opts, "path"); + + if (!sec_model) { + fprintf(stderr, "security model not specified, " + "local fs needs security model\nvalid options are:" + "\tsecurity_model=[passthrough|mapped|none]\n"); + return -1; + } + + if (!strcmp(sec_model, "passthrough")) { + fse->export_flags |= V9FS_SM_PASSTHROUGH; + } else if (!strcmp(sec_model, "mapped")) { + fse->export_flags |= V9FS_SM_MAPPED; + } else if (!strcmp(sec_model, "none")) { + fse->export_flags |= V9FS_SM_NONE; + } else { + fprintf(stderr, "Invalid security model %s specified, valid options are" + "\n\t [passthrough|mapped|none]\n", sec_model); + return -1; + } + + if (!path) { + fprintf(stderr, "fsdev: No path specified.\n"); + return -1; + } + fse->path = g_strdup(path); + + return 0; +} + FileOperations local_ops = { + .parse_opts = local_parse_opts, .init = local_init, .lstat = local_lstat, .readlink = local_readlink, diff --git a/hw/9pfs/virtio-9p-proxy.c b/hw/9pfs/virtio-9p-proxy.c new file mode 100644 index 0000000000..d5ad208d00 --- /dev/null +++ b/hw/9pfs/virtio-9p-proxy.c @@ -0,0 +1,1210 @@ +/* + * Virtio 9p Proxy callback + * + * Copyright IBM, Corp. 2011 + * + * Authors: + * M. Mohan Kumar <mohan@in.ibm.com> + * + * This work is licensed under the terms of the GNU GPL, version 2. See + * the COPYING file in the top-level directory. + */ +#include <sys/socket.h> +#include <sys/un.h> +#include "hw/virtio.h" +#include "virtio-9p.h" +#include "fsdev/qemu-fsdev.h" +#include "virtio-9p-proxy.h" + +typedef struct V9fsProxy { + int sockfd; + QemuMutex mutex; + struct iovec in_iovec; + struct iovec out_iovec; +} V9fsProxy; + +/* + * Return received file descriptor on success in *status. + * errno is also returned on *status (which will be < 0) + * return < 0 on transport error. + */ +static int v9fs_receivefd(int sockfd, int *status) +{ + struct iovec iov; + struct msghdr msg; + struct cmsghdr *cmsg; + int retval, data, fd; + union MsgControl msg_control; + + iov.iov_base = &data; + iov.iov_len = sizeof(data); + + memset(&msg, 0, sizeof(msg)); + msg.msg_iov = &iov; + msg.msg_iovlen = 1; + msg.msg_control = &msg_control; + msg.msg_controllen = sizeof(msg_control); + + do { + retval = recvmsg(sockfd, &msg, 0); + } while (retval < 0 && errno == EINTR); + if (retval <= 0) { + return retval; + } + /* + * data is set to V9FS_FD_VALID, if ancillary data is sent. If this + * request doesn't need ancillary data (fd) or an error occurred, + * data is set to negative errno value. + */ + if (data != V9FS_FD_VALID) { + *status = data; + return 0; + } + /* + * File descriptor (fd) is sent in the ancillary data. Check if we + * indeed received it. One of the reasons to fail to receive it is if + * we exceeded the maximum number of file descriptors! + */ + for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) { + if (cmsg->cmsg_len != CMSG_LEN(sizeof(int)) || + cmsg->cmsg_level != SOL_SOCKET || + cmsg->cmsg_type != SCM_RIGHTS) { + continue; + } + fd = *((int *)CMSG_DATA(cmsg)); + *status = fd; + return 0; + } + *status = -ENFILE; /* Ancillary data sent but not received */ + return 0; +} + +static ssize_t socket_read(int sockfd, void *buff, size_t size) +{ + ssize_t retval, total = 0; + + while (size) { + retval = read(sockfd, buff, size); + if (retval == 0) { + return -EIO; + } + if (retval < 0) { + if (errno == EINTR) { + continue; + } + return -errno; + } + size -= retval; + buff += retval; + total += retval; + } + return total; +} + +/* Converts proxy_statfs to VFS statfs structure */ +static void prstatfs_to_statfs(struct statfs *stfs, ProxyStatFS *prstfs) +{ + memset(stfs, 0, sizeof(*stfs)); + stfs->f_type = prstfs->f_type; + stfs->f_bsize = prstfs->f_bsize; + stfs->f_blocks = prstfs->f_blocks; + stfs->f_bfree = prstfs->f_bfree; + stfs->f_bavail = prstfs->f_bavail; + stfs->f_files = prstfs->f_files; + stfs->f_ffree = prstfs->f_ffree; + stfs->f_fsid.__val[0] = prstfs->f_fsid[0] & 0xFFFFFFFFU; + stfs->f_fsid.__val[1] = prstfs->f_fsid[1] >> 32 & 0xFFFFFFFFU; + stfs->f_namelen = prstfs->f_namelen; + stfs->f_frsize = prstfs->f_frsize; +} + +/* Converts proxy_stat structure to VFS stat structure */ +static void prstat_to_stat(struct stat *stbuf, ProxyStat *prstat) +{ + memset(stbuf, 0, sizeof(*stbuf)); + stbuf->st_dev = prstat->st_dev; + stbuf->st_ino = prstat->st_ino; + stbuf->st_nlink = prstat->st_nlink; + stbuf->st_mode = prstat->st_mode; + stbuf->st_uid = prstat->st_uid; + stbuf->st_gid = prstat->st_gid; + stbuf->st_rdev = prstat->st_rdev; + stbuf->st_size = prstat->st_size; + stbuf->st_blksize = prstat->st_blksize; + stbuf->st_blocks = prstat->st_blocks; + stbuf->st_atim.tv_sec = prstat->st_atim_sec; + stbuf->st_atim.tv_nsec = prstat->st_atim_nsec; + stbuf->st_mtime = prstat->st_mtim_sec; + stbuf->st_mtim.tv_nsec = prstat->st_mtim_nsec; + stbuf->st_ctime = prstat->st_ctim_sec; + stbuf->st_ctim.tv_nsec = prstat->st_ctim_nsec; +} + +/* + * Response contains two parts + * {header, data} + * header.type == T_ERROR, data -> -errno + * header.type == T_SUCCESS, data -> response + * size of errno/response is given by header.size + * returns < 0, on transport error. response is + * valid only if status >= 0. + */ +static int v9fs_receive_response(V9fsProxy *proxy, int type, + int *status, void *response) +{ + int retval; + ProxyHeader header; + struct iovec *reply = &proxy->in_iovec; + + *status = 0; + reply->iov_len = 0; + retval = socket_read(proxy->sockfd, reply->iov_base, PROXY_HDR_SZ); + if (retval < 0) { + return retval; + } + reply->iov_len = PROXY_HDR_SZ; + proxy_unmarshal(reply, 0, "dd", &header.type, &header.size); + /* + * if response size > PROXY_MAX_IO_SZ, read the response but ignore it and + * return -ENOBUFS + */ + if (header.size > PROXY_MAX_IO_SZ) { + int count; + while (header.size > 0) { + count = MIN(PROXY_MAX_IO_SZ, header.size); + count = socket_read(proxy->sockfd, reply->iov_base, count); + if (count < 0) { + return count; + } + header.size -= count; + } + *status = -ENOBUFS; + return 0; + } + + retval = socket_read(proxy->sockfd, + reply->iov_base + PROXY_HDR_SZ, header.size); + if (retval < 0) { + return retval; + } + reply->iov_len += header.size; + /* there was an error during processing request */ + if (header.type == T_ERROR) { + int ret; + ret = proxy_unmarshal(reply, PROXY_HDR_SZ, "d", status); + if (ret < 0) { + *status = ret; + } + return 0; + } + + switch (type) { + case T_LSTAT: { + ProxyStat prstat; + retval = proxy_unmarshal(reply, PROXY_HDR_SZ, + "qqqdddqqqqqqqqqq", &prstat.st_dev, + &prstat.st_ino, &prstat.st_nlink, + &prstat.st_mode, &prstat.st_uid, + &prstat.st_gid, &prstat.st_rdev, + &prstat.st_size, &prstat.st_blksize, + &prstat.st_blocks, + &prstat.st_atim_sec, &prstat.st_atim_nsec, + &prstat.st_mtim_sec, &prstat.st_mtim_nsec, + &prstat.st_ctim_sec, &prstat.st_ctim_nsec); + prstat_to_stat(response, &prstat); + break; + } + case T_STATFS: { + ProxyStatFS prstfs; + retval = proxy_unmarshal(reply, PROXY_HDR_SZ, + "qqqqqqqqqqq", &prstfs.f_type, + &prstfs.f_bsize, &prstfs.f_blocks, + &prstfs.f_bfree, &prstfs.f_bavail, + &prstfs.f_files, &prstfs.f_ffree, + &prstfs.f_fsid[0], &prstfs.f_fsid[1], + &prstfs.f_namelen, &prstfs.f_frsize); + prstatfs_to_statfs(response, &prstfs); + break; + } + case T_READLINK: { + V9fsString target; + v9fs_string_init(&target); + retval = proxy_unmarshal(reply, PROXY_HDR_SZ, "s", &target); + strcpy(response, target.data); + v9fs_string_free(&target); + break; + } + case T_LGETXATTR: + case T_LLISTXATTR: { + V9fsString xattr; + v9fs_string_init(&xattr); + retval = proxy_unmarshal(reply, PROXY_HDR_SZ, "s", &xattr); + memcpy(response, xattr.data, xattr.size); + v9fs_string_free(&xattr); + break; + } + case T_GETVERSION: + proxy_unmarshal(reply, PROXY_HDR_SZ, "q", response); + break; + default: + return -1; + } + if (retval < 0) { + *status = retval; + } + return 0; +} + +/* + * return < 0 on transport error. + * *status is valid only if return >= 0 + */ +static int v9fs_receive_status(V9fsProxy *proxy, + struct iovec *reply, int *status) +{ + int retval; + ProxyHeader header; + + *status = 0; + reply->iov_len = 0; + retval = socket_read(proxy->sockfd, reply->iov_base, PROXY_HDR_SZ); + if (retval < 0) { + return retval; + } + reply->iov_len = PROXY_HDR_SZ; + proxy_unmarshal(reply, 0, "dd", &header.type, &header.size); + if (header.size != sizeof(int)) { + *status = -ENOBUFS; + return 0; + } + retval = socket_read(proxy->sockfd, + reply->iov_base + PROXY_HDR_SZ, header.size); + if (retval < 0) { + return retval; + } + reply->iov_len += header.size; + proxy_unmarshal(reply, PROXY_HDR_SZ, "d", status); + return 0; +} + +/* + * Proxy->header and proxy->request written to socket by QEMU process. + * This request read by proxy helper process + * returns 0 on success and -errno on error + */ +static int v9fs_request(V9fsProxy *proxy, int type, + void *response, const char *fmt, ...) +{ + dev_t rdev; + va_list ap; + int size = 0; + int retval = 0; + uint64_t offset; + ProxyHeader header = { 0, 0}; + struct timespec spec[2]; + int flags, mode, uid, gid; + V9fsString *name, *value; + V9fsString *path, *oldpath; + struct iovec *iovec = NULL, *reply = NULL; + + qemu_mutex_lock(&proxy->mutex); + + if (proxy->sockfd == -1) { + retval = -EIO; + goto err_out; + } + iovec = &proxy->out_iovec; + reply = &proxy->in_iovec; + va_start(ap, fmt); + switch (type) { + case T_OPEN: + path = va_arg(ap, V9fsString *); + flags = va_arg(ap, int); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "sd", path, flags); + if (retval > 0) { + header.size = retval; + header.type = T_OPEN; + } + break; + case T_CREATE: + path = va_arg(ap, V9fsString *); + flags = va_arg(ap, int); + mode = va_arg(ap, int); + uid = va_arg(ap, int); + gid = va_arg(ap, int); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "sdddd", path, + flags, mode, uid, gid); + if (retval > 0) { + header.size = retval; + header.type = T_CREATE; + } + break; + case T_MKNOD: + path = va_arg(ap, V9fsString *); + mode = va_arg(ap, int); + rdev = va_arg(ap, long int); + uid = va_arg(ap, int); + gid = va_arg(ap, int); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "ddsdq", + uid, gid, path, mode, rdev); + if (retval > 0) { + header.size = retval; + header.type = T_MKNOD; + } + break; + case T_MKDIR: + path = va_arg(ap, V9fsString *); + mode = va_arg(ap, int); + uid = va_arg(ap, int); + gid = va_arg(ap, int); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "ddsd", + uid, gid, path, mode); + if (retval > 0) { + header.size = retval; + header.type = T_MKDIR; + } + break; + case T_SYMLINK: + oldpath = va_arg(ap, V9fsString *); + path = va_arg(ap, V9fsString *); + uid = va_arg(ap, int); + gid = va_arg(ap, int); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "ddss", + uid, gid, oldpath, path); + if (retval > 0) { + header.size = retval; + header.type = T_SYMLINK; + } + break; + case T_LINK: + oldpath = va_arg(ap, V9fsString *); + path = va_arg(ap, V9fsString *); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "ss", + oldpath, path); + if (retval > 0) { + header.size = retval; + header.type = T_LINK; + } + break; + case T_LSTAT: + path = va_arg(ap, V9fsString *); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "s", path); + if (retval > 0) { + header.size = retval; + header.type = T_LSTAT; + } + break; + case T_READLINK: + path = va_arg(ap, V9fsString *); + size = va_arg(ap, int); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "sd", path, size); + if (retval > 0) { + header.size = retval; + header.type = T_READLINK; + } + break; + case T_STATFS: + path = va_arg(ap, V9fsString *); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "s", path); + if (retval > 0) { + header.size = retval; + header.type = T_STATFS; + } + break; + case T_CHMOD: + path = va_arg(ap, V9fsString *); + mode = va_arg(ap, int); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "sd", path, mode); + if (retval > 0) { + header.size = retval; + header.type = T_CHMOD; + } + break; + case T_CHOWN: + path = va_arg(ap, V9fsString *); + uid = va_arg(ap, int); + gid = va_arg(ap, int); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "sdd", path, uid, gid); + if (retval > 0) { + header.size = retval; + header.type = T_CHOWN; + } + break; + case T_TRUNCATE: + path = va_arg(ap, V9fsString *); + offset = va_arg(ap, uint64_t); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "sq", path, offset); + if (retval > 0) { + header.size = retval; + header.type = T_TRUNCATE; + } + break; + case T_UTIME: + path = va_arg(ap, V9fsString *); + spec[0].tv_sec = va_arg(ap, long); + spec[0].tv_nsec = va_arg(ap, long); + spec[1].tv_sec = va_arg(ap, long); + spec[1].tv_nsec = va_arg(ap, long); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "sqqqq", path, + spec[0].tv_sec, spec[1].tv_nsec, + spec[1].tv_sec, spec[1].tv_nsec); + if (retval > 0) { + header.size = retval; + header.type = T_UTIME; + } + break; + case T_RENAME: + oldpath = va_arg(ap, V9fsString *); + path = va_arg(ap, V9fsString *); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "ss", oldpath, path); + if (retval > 0) { + header.size = retval; + header.type = T_RENAME; + } + break; + case T_REMOVE: + path = va_arg(ap, V9fsString *); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "s", path); + if (retval > 0) { + header.size = retval; + header.type = T_REMOVE; + } + break; + case T_LGETXATTR: + size = va_arg(ap, int); + path = va_arg(ap, V9fsString *); + name = va_arg(ap, V9fsString *); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, + "dss", size, path, name); + if (retval > 0) { + header.size = retval; + header.type = T_LGETXATTR; + } + break; + case T_LLISTXATTR: + size = va_arg(ap, int); + path = va_arg(ap, V9fsString *); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "ds", size, path); + if (retval > 0) { + header.size = retval; + header.type = T_LLISTXATTR; + } + break; + case T_LSETXATTR: + path = va_arg(ap, V9fsString *); + name = va_arg(ap, V9fsString *); + value = va_arg(ap, V9fsString *); + size = va_arg(ap, int); + flags = va_arg(ap, int); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "sssdd", + path, name, value, size, flags); + if (retval > 0) { + header.size = retval; + header.type = T_LSETXATTR; + } + break; + case T_LREMOVEXATTR: + path = va_arg(ap, V9fsString *); + name = va_arg(ap, V9fsString *); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "ss", path, name); + if (retval > 0) { + header.size = retval; + header.type = T_LREMOVEXATTR; + } + break; + case T_GETVERSION: + path = va_arg(ap, V9fsString *); + retval = proxy_marshal(iovec, PROXY_HDR_SZ, "s", path); + if (retval > 0) { + header.size = retval; + header.type = T_GETVERSION; + } + break; + default: + error_report("Invalid type %d\n", type); + retval = -EINVAL; + break; + } + va_end(ap); + + if (retval < 0) { + goto err_out; + } + + /* marshal the header details */ + proxy_marshal(iovec, 0, "dd", header.type, header.size); + header.size += PROXY_HDR_SZ; + + retval = qemu_write_full(proxy->sockfd, iovec->iov_base, header.size); + if (retval != header.size) { + goto close_error; + } + + switch (type) { + case T_OPEN: + case T_CREATE: + /* + * A file descriptor is returned as response for + * T_OPEN,T_CREATE on success + */ + if (v9fs_receivefd(proxy->sockfd, &retval) < 0) { + goto close_error; + } + break; + case T_MKNOD: + case T_MKDIR: + case T_SYMLINK: + case T_LINK: + case T_CHMOD: + case T_CHOWN: + case T_RENAME: + case T_TRUNCATE: + case T_UTIME: + case T_REMOVE: + case T_LSETXATTR: + case T_LREMOVEXATTR: + if (v9fs_receive_status(proxy, reply, &retval) < 0) { + goto close_error; + } + break; + case T_LSTAT: + case T_READLINK: + case T_STATFS: + case T_GETVERSION: + if (v9fs_receive_response(proxy, type, &retval, response) < 0) { + goto close_error; + } + break; + case T_LGETXATTR: + case T_LLISTXATTR: + if (!size) { + if (v9fs_receive_status(proxy, reply, &retval) < 0) { + goto close_error; + } + } else { + if (v9fs_receive_response(proxy, type, &retval, response) < 0) { + goto close_error; + } + } + break; + } + +err_out: + qemu_mutex_unlock(&proxy->mutex); + return retval; + +close_error: + close(proxy->sockfd); + proxy->sockfd = -1; + qemu_mutex_unlock(&proxy->mutex); + return -EIO; +} + +static int proxy_lstat(FsContext *fs_ctx, V9fsPath *fs_path, struct stat *stbuf) +{ + int retval; + retval = v9fs_request(fs_ctx->private, T_LSTAT, stbuf, "s", fs_path); + if (retval < 0) { + errno = -retval; + return -1; + } + return retval; +} + +static ssize_t proxy_readlink(FsContext *fs_ctx, V9fsPath *fs_path, + char *buf, size_t bufsz) +{ + int retval; + retval = v9fs_request(fs_ctx->private, T_READLINK, buf, "sd", + fs_path, bufsz); + if (retval < 0) { + errno = -retval; + return -1; + } + return strlen(buf); +} + +static int proxy_close(FsContext *ctx, V9fsFidOpenState *fs) +{ + return close(fs->fd); +} + +static int proxy_closedir(FsContext *ctx, V9fsFidOpenState *fs) +{ + return closedir(fs->dir); +} + +static int proxy_open(FsContext *ctx, V9fsPath *fs_path, + int flags, V9fsFidOpenState *fs) +{ + fs->fd = v9fs_request(ctx->private, T_OPEN, NULL, "sd", fs_path, flags); + if (fs->fd < 0) { + errno = -fs->fd; + fs->fd = -1; + } + return fs->fd; +} + +static int proxy_opendir(FsContext *ctx, + V9fsPath *fs_path, V9fsFidOpenState *fs) +{ + int serrno, fd; + + fs->dir = NULL; + fd = v9fs_request(ctx->private, T_OPEN, NULL, "sd", fs_path, O_DIRECTORY); + if (fd < 0) { + errno = -fd; + return -1; + } + fs->dir = fdopendir(fd); + if (!fs->dir) { + serrno = errno; + close(fd); + errno = serrno; + return -1; + } + return 0; +} + +static void proxy_rewinddir(FsContext *ctx, V9fsFidOpenState *fs) +{ + return rewinddir(fs->dir); +} + +static off_t proxy_telldir(FsContext *ctx, V9fsFidOpenState *fs) +{ + return telldir(fs->dir); +} + +static int proxy_readdir_r(FsContext *ctx, V9fsFidOpenState *fs, + struct dirent *entry, + struct dirent **result) +{ + return readdir_r(fs->dir, entry, result); +} + +static void proxy_seekdir(FsContext *ctx, V9fsFidOpenState *fs, off_t off) +{ + return seekdir(fs->dir, off); +} + +static ssize_t proxy_preadv(FsContext *ctx, V9fsFidOpenState *fs, + const struct iovec *iov, + int iovcnt, off_t offset) +{ +#ifdef CONFIG_PREADV + return preadv(fs->fd, iov, iovcnt, offset); +#else + int err = lseek(fs->fd, offset, SEEK_SET); + if (err == -1) { + return err; + } else { + return readv(fs->fd, iov, iovcnt); + } +#endif +} + +static ssize_t proxy_pwritev(FsContext *ctx, V9fsFidOpenState *fs, + const struct iovec *iov, + int iovcnt, off_t offset) +{ + ssize_t ret; + +#ifdef CONFIG_PREADV + ret = pwritev(fs->fd, iov, iovcnt, offset); +#else + int err = lseek(fs->fd, offset, SEEK_SET); + if (err == -1) { + return err; + } else { + ret = writev(fs->fd, iov, iovcnt); + } +#endif +#ifdef CONFIG_SYNC_FILE_RANGE + if (ret > 0 && ctx->export_flags & V9FS_IMMEDIATE_WRITEOUT) { + /* + * Initiate a writeback. This is not a data integrity sync. + * We want to ensure that we don't leave dirty pages in the cache + * after write when writeout=immediate is sepcified. + */ + sync_file_range(fs->fd, offset, ret, + SYNC_FILE_RANGE_WAIT_BEFORE | SYNC_FILE_RANGE_WRITE); + } +#endif + return ret; +} + +static int proxy_chmod(FsContext *fs_ctx, V9fsPath *fs_path, FsCred *credp) +{ + int retval; + retval = v9fs_request(fs_ctx->private, T_CHMOD, NULL, "sd", + fs_path, credp->fc_mode); + if (retval < 0) { + errno = -retval; + } + return retval; +} + +static int proxy_mknod(FsContext *fs_ctx, V9fsPath *dir_path, + const char *name, FsCred *credp) +{ + int retval; + V9fsString fullname; + + v9fs_string_init(&fullname); + v9fs_string_sprintf(&fullname, "%s/%s", dir_path->data, name); + + retval = v9fs_request(fs_ctx->private, T_MKNOD, NULL, "sdqdd", + &fullname, credp->fc_mode, credp->fc_rdev, + credp->fc_uid, credp->fc_gid); + v9fs_string_free(&fullname); + if (retval < 0) { + errno = -retval; + retval = -1; + } + return retval; +} + +static int proxy_mkdir(FsContext *fs_ctx, V9fsPath *dir_path, + const char *name, FsCred *credp) +{ + int retval; + V9fsString fullname; + + v9fs_string_init(&fullname); + v9fs_string_sprintf(&fullname, "%s/%s", dir_path->data, name); + + retval = v9fs_request(fs_ctx->private, T_MKDIR, NULL, "sddd", &fullname, + credp->fc_mode, credp->fc_uid, credp->fc_gid); + v9fs_string_free(&fullname); + if (retval < 0) { + errno = -retval; + retval = -1; + } + v9fs_string_free(&fullname); + return retval; +} + +static int proxy_fstat(FsContext *fs_ctx, int fid_type, + V9fsFidOpenState *fs, struct stat *stbuf) +{ + int fd; + + if (fid_type == P9_FID_DIR) { + fd = dirfd(fs->dir); + } else { + fd = fs->fd; + } + return fstat(fd, stbuf); +} + +static int proxy_open2(FsContext *fs_ctx, V9fsPath *dir_path, const char *name, + int flags, FsCred *credp, V9fsFidOpenState *fs) +{ + V9fsString fullname; + + v9fs_string_init(&fullname); + v9fs_string_sprintf(&fullname, "%s/%s", dir_path->data, name); + + fs->fd = v9fs_request(fs_ctx->private, T_CREATE, NULL, "sdddd", + &fullname, flags, credp->fc_mode, + credp->fc_uid, credp->fc_gid); + v9fs_string_free(&fullname); + if (fs->fd < 0) { + errno = -fs->fd; + fs->fd = -1; + } + return fs->fd; +} + +static int proxy_symlink(FsContext *fs_ctx, const char *oldpath, + V9fsPath *dir_path, const char *name, FsCred *credp) +{ + int retval; + V9fsString fullname, target; + + v9fs_string_init(&fullname); + v9fs_string_init(&target); + + v9fs_string_sprintf(&fullname, "%s/%s", dir_path->data, name); + v9fs_string_sprintf(&target, "%s", oldpath); + + retval = v9fs_request(fs_ctx->private, T_SYMLINK, NULL, "ssdd", + &target, &fullname, credp->fc_uid, credp->fc_gid); + v9fs_string_free(&fullname); + v9fs_string_free(&target); + if (retval < 0) { + errno = -retval; + retval = -1; + } + return retval; +} + +static int proxy_link(FsContext *ctx, V9fsPath *oldpath, + V9fsPath *dirpath, const char *name) +{ + int retval; + V9fsString newpath; + + v9fs_string_init(&newpath); + v9fs_string_sprintf(&newpath, "%s/%s", dirpath->data, name); + + retval = v9fs_request(ctx->private, T_LINK, NULL, "ss", oldpath, &newpath); + v9fs_string_free(&newpath); + if (retval < 0) { + errno = -retval; + retval = -1; + } + return retval; +} + +static int proxy_truncate(FsContext *ctx, V9fsPath *fs_path, off_t size) +{ + int retval; + + retval = v9fs_request(ctx->private, T_TRUNCATE, NULL, "sq", fs_path, size); + if (retval < 0) { + errno = -retval; + return -1; + } + return 0; +} + +static int proxy_rename(FsContext *ctx, const char *oldpath, + const char *newpath) +{ + int retval; + V9fsString oldname, newname; + + v9fs_string_init(&oldname); + v9fs_string_init(&newname); + + v9fs_string_sprintf(&oldname, "%s", oldpath); + v9fs_string_sprintf(&newname, "%s", newpath); + retval = v9fs_request(ctx->private, T_RENAME, NULL, "ss", + &oldname, &newname); + v9fs_string_free(&oldname); + v9fs_string_free(&newname); + if (retval < 0) { + errno = -retval; + } + return retval; +} + +static int proxy_chown(FsContext *fs_ctx, V9fsPath *fs_path, FsCred *credp) +{ + int retval; + retval = v9fs_request(fs_ctx->private, T_CHOWN, NULL, "sdd", + fs_path, credp->fc_uid, credp->fc_gid); + if (retval < 0) { + errno = -retval; + } + return retval; +} + +static int proxy_utimensat(FsContext *s, V9fsPath *fs_path, + const struct timespec *buf) +{ + int retval; + retval = v9fs_request(s->private, T_UTIME, NULL, "sqqqq", + fs_path, + buf[0].tv_sec, buf[0].tv_nsec, + buf[1].tv_sec, buf[1].tv_nsec); + if (retval < 0) { + errno = -retval; + } + return retval; +} + +static int proxy_remove(FsContext *ctx, const char *path) +{ + int retval; + V9fsString name; + v9fs_string_init(&name); + v9fs_string_sprintf(&name, "%s", path); + retval = v9fs_request(ctx->private, T_REMOVE, NULL, "s", &name); + v9fs_string_free(&name); + if (retval < 0) { + errno = -retval; + } + return retval; +} + +static int proxy_fsync(FsContext *ctx, int fid_type, + V9fsFidOpenState *fs, int datasync) +{ + int fd; + + if (fid_type == P9_FID_DIR) { + fd = dirfd(fs->dir); + } else { + fd = fs->fd; + } + + if (datasync) { + return qemu_fdatasync(fd); + } else { + return fsync(fd); + } +} + +static int proxy_statfs(FsContext *s, V9fsPath *fs_path, struct statfs *stbuf) +{ + int retval; + retval = v9fs_request(s->private, T_STATFS, stbuf, "s", fs_path); + if (retval < 0) { + errno = -retval; + return -1; + } + return retval; +} + +static ssize_t proxy_lgetxattr(FsContext *ctx, V9fsPath *fs_path, + const char *name, void *value, size_t size) +{ + int retval; + V9fsString xname; + + v9fs_string_init(&xname); + v9fs_string_sprintf(&xname, "%s", name); + retval = v9fs_request(ctx->private, T_LGETXATTR, value, "dss", size, + fs_path, &xname); + v9fs_string_free(&xname); + if (retval < 0) { + errno = -retval; + } + return retval; +} + +static ssize_t proxy_llistxattr(FsContext *ctx, V9fsPath *fs_path, + void *value, size_t size) +{ + int retval; + retval = v9fs_request(ctx->private, T_LLISTXATTR, value, "ds", size, + fs_path); + if (retval < 0) { + errno = -retval; + } + return retval; +} + +static int proxy_lsetxattr(FsContext *ctx, V9fsPath *fs_path, const char *name, + void *value, size_t size, int flags) +{ + int retval; + V9fsString xname, xvalue; + + v9fs_string_init(&xname); + v9fs_string_sprintf(&xname, "%s", name); + + v9fs_string_init(&xvalue); + xvalue.size = size; + xvalue.data = g_malloc(size); + memcpy(xvalue.data, value, size); + + retval = v9fs_request(ctx->private, T_LSETXATTR, value, "sssdd", + fs_path, &xname, &xvalue, size, flags); + v9fs_string_free(&xname); + v9fs_string_free(&xvalue); + if (retval < 0) { + errno = -retval; + } + return retval; +} + +static int proxy_lremovexattr(FsContext *ctx, V9fsPath *fs_path, + const char *name) +{ + int retval; + V9fsString xname; + + v9fs_string_init(&xname); + v9fs_string_sprintf(&xname, "%s", name); + retval = v9fs_request(ctx->private, T_LREMOVEXATTR, NULL, "ss", + fs_path, &xname); + v9fs_string_free(&xname); + if (retval < 0) { + errno = -retval; + } + return retval; +} + +static int proxy_name_to_path(FsContext *ctx, V9fsPath *dir_path, + const char *name, V9fsPath *target) +{ + if (dir_path) { + v9fs_string_sprintf((V9fsString *)target, "%s/%s", + dir_path->data, name); + } else { + v9fs_string_sprintf((V9fsString *)target, "%s", name); + } + /* Bump the size for including terminating NULL */ + target->size++; + return 0; +} + +static int proxy_renameat(FsContext *ctx, V9fsPath *olddir, + const char *old_name, V9fsPath *newdir, + const char *new_name) +{ + int ret; + V9fsString old_full_name, new_full_name; + + v9fs_string_init(&old_full_name); + v9fs_string_init(&new_full_name); + + v9fs_string_sprintf(&old_full_name, "%s/%s", olddir->data, old_name); + v9fs_string_sprintf(&new_full_name, "%s/%s", newdir->data, new_name); + + ret = proxy_rename(ctx, old_full_name.data, new_full_name.data); + v9fs_string_free(&old_full_name); + v9fs_string_free(&new_full_name); + return ret; +} + +static int proxy_unlinkat(FsContext *ctx, V9fsPath *dir, + const char *name, int flags) +{ + int ret; + V9fsString fullname; + v9fs_string_init(&fullname); + + v9fs_string_sprintf(&fullname, "%s/%s", dir->data, name); + ret = proxy_remove(ctx, fullname.data); + v9fs_string_free(&fullname); + + return ret; +} + +static int proxy_ioc_getversion(FsContext *fs_ctx, V9fsPath *path, + mode_t st_mode, uint64_t *st_gen) +{ + int err; + + /* Do not try to open special files like device nodes, fifos etc + * we can get fd for regular files and directories only + */ + if (!S_ISREG(st_mode) && !S_ISDIR(st_mode)) { + return 0; + } + err = v9fs_request(fs_ctx->private, T_GETVERSION, st_gen, "s", path); + if (err < 0) { + errno = -err; + err = -1; + } + return err; +} + +static int connect_namedsocket(const char *path) +{ + int sockfd, size; + struct sockaddr_un helper; + + sockfd = socket(AF_UNIX, SOCK_STREAM, 0); + if (sockfd < 0) { + fprintf(stderr, "socket %s\n", strerror(errno)); + return -1; + } + strcpy(helper.sun_path, path); + helper.sun_family = AF_UNIX; + size = strlen(helper.sun_path) + sizeof(helper.sun_family); + if (connect(sockfd, (struct sockaddr *)&helper, size) < 0) { + fprintf(stderr, "socket error\n"); + return -1; + } + + /* remove the socket for security reasons */ + unlink(path); + return sockfd; +} + +static int proxy_parse_opts(QemuOpts *opts, struct FsDriverEntry *fs) +{ + const char *socket = qemu_opt_get(opts, "socket"); + const char *sock_fd = qemu_opt_get(opts, "sock_fd"); + + if (!socket && !sock_fd) { + fprintf(stderr, "socket and sock_fd none of the option specified\n"); + return -1; + } + if (socket && sock_fd) { + fprintf(stderr, "Both socket and sock_fd options specified\n"); + return -1; + } + if (socket) { + fs->path = g_strdup(socket); + fs->export_flags = V9FS_PROXY_SOCK_NAME; + } else { + fs->path = g_strdup(sock_fd); + fs->export_flags = V9FS_PROXY_SOCK_FD; + } + return 0; +} + +static int proxy_init(FsContext *ctx) +{ + V9fsProxy *proxy = g_malloc(sizeof(V9fsProxy)); + int sock_id; + + if (ctx->export_flags & V9FS_PROXY_SOCK_NAME) { + sock_id = connect_namedsocket(ctx->fs_root); + } else { + sock_id = atoi(ctx->fs_root); + if (sock_id < 0) { + fprintf(stderr, "socket descriptor not initialized\n"); + return -1; + } + } + g_free(ctx->fs_root); + + proxy->in_iovec.iov_base = g_malloc(PROXY_MAX_IO_SZ + PROXY_HDR_SZ); + proxy->in_iovec.iov_len = PROXY_MAX_IO_SZ + PROXY_HDR_SZ; + proxy->out_iovec.iov_base = g_malloc(PROXY_MAX_IO_SZ + PROXY_HDR_SZ); + proxy->out_iovec.iov_len = PROXY_MAX_IO_SZ + PROXY_HDR_SZ; + + ctx->private = proxy; + proxy->sockfd = sock_id; + qemu_mutex_init(&proxy->mutex); + + ctx->export_flags |= V9FS_PATHNAME_FSCONTEXT; + ctx->exops.get_st_gen = proxy_ioc_getversion; + return 0; +} + +FileOperations proxy_ops = { + .parse_opts = proxy_parse_opts, + .init = proxy_init, + .lstat = proxy_lstat, + .readlink = proxy_readlink, + .close = proxy_close, + .closedir = proxy_closedir, + .open = proxy_open, + .opendir = proxy_opendir, + .rewinddir = proxy_rewinddir, + .telldir = proxy_telldir, + .readdir_r = proxy_readdir_r, + .seekdir = proxy_seekdir, + .preadv = proxy_preadv, + .pwritev = proxy_pwritev, + .chmod = proxy_chmod, + .mknod = proxy_mknod, + .mkdir = proxy_mkdir, + .fstat = proxy_fstat, + .open2 = proxy_open2, + .symlink = proxy_symlink, + .link = proxy_link, + .truncate = proxy_truncate, + .rename = proxy_rename, + .chown = proxy_chown, + .utimensat = proxy_utimensat, + .remove = proxy_remove, + .fsync = proxy_fsync, + .statfs = proxy_statfs, + .lgetxattr = proxy_lgetxattr, + .llistxattr = proxy_llistxattr, + .lsetxattr = proxy_lsetxattr, + .lremovexattr = proxy_lremovexattr, + .name_to_path = proxy_name_to_path, + .renameat = proxy_renameat, + .unlinkat = proxy_unlinkat, +}; diff --git a/hw/9pfs/virtio-9p-proxy.h b/hw/9pfs/virtio-9p-proxy.h new file mode 100644 index 0000000000..005c1ad757 --- /dev/null +++ b/hw/9pfs/virtio-9p-proxy.h @@ -0,0 +1,95 @@ +/* + * Virtio 9p Proxy callback + * + * Copyright IBM, Corp. 2011 + * + * Authors: + * M. Mohan Kumar <mohan@in.ibm.com> + * + * This work is licensed under the terms of the GNU GPL, version 2. See + * the COPYING file in the top-level directory. + */ +#ifndef _QEMU_VIRTIO_9P_PROXY_H +#define _QEMU_VIRTIO_9P_PROXY_H + +#define PROXY_MAX_IO_SZ (64 * 1024) +#define V9FS_FD_VALID INT_MAX + +/* + * proxy iovec only support one element and + * marsha/unmarshal doesn't do little endian conversion. + */ +#define proxy_unmarshal(in_sg, offset, fmt, args...) \ + v9fs_unmarshal(in_sg, 1, offset, 0, fmt, ##args) +#define proxy_marshal(out_sg, offset, fmt, args...) \ + v9fs_marshal(out_sg, 1, offset, 0, fmt, ##args) + +union MsgControl { + struct cmsghdr cmsg; + char control[CMSG_SPACE(sizeof(int))]; +}; + +typedef struct { + uint32_t type; + uint32_t size; +} ProxyHeader; + +#define PROXY_HDR_SZ (sizeof(ProxyHeader)) + +enum { + T_SUCCESS = 0, + T_ERROR, + T_OPEN, + T_CREATE, + T_MKNOD, + T_MKDIR, + T_SYMLINK, + T_LINK, + T_LSTAT, + T_READLINK, + T_STATFS, + T_CHMOD, + T_CHOWN, + T_TRUNCATE, + T_UTIME, + T_RENAME, + T_REMOVE, + T_LGETXATTR, + T_LLISTXATTR, + T_LSETXATTR, + T_LREMOVEXATTR, + T_GETVERSION, +}; + +typedef struct { + uint64_t st_dev; + uint64_t st_ino; + uint64_t st_nlink; + uint32_t st_mode; + uint32_t st_uid; + uint32_t st_gid; + uint64_t st_rdev; + uint64_t st_size; + uint64_t st_blksize; + uint64_t st_blocks; + uint64_t st_atim_sec; + uint64_t st_atim_nsec; + uint64_t st_mtim_sec; + uint64_t st_mtim_nsec; + uint64_t st_ctim_sec; + uint64_t st_ctim_nsec; +} ProxyStat; + +typedef struct { + uint64_t f_type; + uint64_t f_bsize; + uint64_t f_blocks; + uint64_t f_bfree; + uint64_t f_bavail; + uint64_t f_files; + uint64_t f_ffree; + uint64_t f_fsid[2]; + uint64_t f_namelen; + uint64_t f_frsize; +} ProxyStatFS; +#endif diff --git a/hw/9pfs/virtio-9p.c b/hw/9pfs/virtio-9p.c index df0a8e731b..e6ba6ba30b 100644 --- a/hw/9pfs/virtio-9p.c +++ b/hw/9pfs/virtio-9p.c @@ -11,9 +11,6 @@ * */ -#include <glib.h> -#include <glib/gprintf.h> - #include "hw/virtio.h" #include "hw/pc.h" #include "qemu_socket.h" @@ -138,42 +135,6 @@ static int get_dotl_openflags(V9fsState *s, int oflags) return flags; } -void v9fs_string_init(V9fsString *str) -{ - str->data = NULL; - str->size = 0; -} - -void v9fs_string_free(V9fsString *str) -{ - g_free(str->data); - str->data = NULL; - str->size = 0; -} - -void v9fs_string_null(V9fsString *str) -{ - v9fs_string_free(str); -} - -void GCC_FMT_ATTR(2, 3) -v9fs_string_sprintf(V9fsString *str, const char *fmt, ...) -{ - va_list ap; - - v9fs_string_free(str); - - va_start(ap, fmt); - str->size = g_vasprintf(&str->data, fmt, ap); - va_end(ap); -} - -void v9fs_string_copy(V9fsString *lhs, V9fsString *rhs) -{ - v9fs_string_free(lhs); - v9fs_string_sprintf(lhs, "%s", rhs->data); -} - void v9fs_path_init(V9fsPath *path) { path->data = NULL; @@ -629,211 +590,11 @@ static void free_pdu(V9fsState *s, V9fsPDU *pdu) } } -size_t pdu_packunpack(void *addr, struct iovec *sg, int sg_count, - size_t offset, size_t size, int pack) -{ - int i = 0; - size_t copied = 0; - - for (i = 0; size && i < sg_count; i++) { - size_t len; - if (offset >= sg[i].iov_len) { - /* skip this sg */ - offset -= sg[i].iov_len; - continue; - } else { - len = MIN(sg[i].iov_len - offset, size); - if (pack) { - memcpy(sg[i].iov_base + offset, addr, len); - } else { - memcpy(addr, sg[i].iov_base + offset, len); - } - size -= len; - copied += len; - addr += len; - if (size) { - offset = 0; - continue; - } - } - } - - return copied; -} - -static size_t pdu_unpack(void *dst, V9fsPDU *pdu, size_t offset, size_t size) -{ - return pdu_packunpack(dst, pdu->elem.out_sg, pdu->elem.out_num, - offset, size, 0); -} - -static size_t pdu_pack(V9fsPDU *pdu, size_t offset, const void *src, - size_t size) -{ - return pdu_packunpack((void *)src, pdu->elem.in_sg, pdu->elem.in_num, - offset, size, 1); -} - -static size_t pdu_unmarshal(V9fsPDU *pdu, size_t offset, const char *fmt, ...) -{ - size_t old_offset = offset; - va_list ap; - int i; - - va_start(ap, fmt); - for (i = 0; fmt[i]; i++) { - switch (fmt[i]) { - case 'b': { - uint8_t *valp = va_arg(ap, uint8_t *); - offset += pdu_unpack(valp, pdu, offset, sizeof(*valp)); - break; - } - case 'w': { - uint16_t val, *valp; - valp = va_arg(ap, uint16_t *); - offset += pdu_unpack(&val, pdu, offset, sizeof(val)); - *valp = le16_to_cpu(val); - break; - } - case 'd': { - uint32_t val, *valp; - valp = va_arg(ap, uint32_t *); - offset += pdu_unpack(&val, pdu, offset, sizeof(val)); - *valp = le32_to_cpu(val); - break; - } - case 'q': { - uint64_t val, *valp; - valp = va_arg(ap, uint64_t *); - offset += pdu_unpack(&val, pdu, offset, sizeof(val)); - *valp = le64_to_cpu(val); - break; - } - case 's': { - V9fsString *str = va_arg(ap, V9fsString *); - offset += pdu_unmarshal(pdu, offset, "w", &str->size); - /* FIXME: sanity check str->size */ - str->data = g_malloc(str->size + 1); - offset += pdu_unpack(str->data, pdu, offset, str->size); - str->data[str->size] = 0; - break; - } - case 'Q': { - V9fsQID *qidp = va_arg(ap, V9fsQID *); - offset += pdu_unmarshal(pdu, offset, "bdq", - &qidp->type, &qidp->version, &qidp->path); - break; - } - case 'S': { - V9fsStat *statp = va_arg(ap, V9fsStat *); - offset += pdu_unmarshal(pdu, offset, "wwdQdddqsssssddd", - &statp->size, &statp->type, &statp->dev, - &statp->qid, &statp->mode, &statp->atime, - &statp->mtime, &statp->length, - &statp->name, &statp->uid, &statp->gid, - &statp->muid, &statp->extension, - &statp->n_uid, &statp->n_gid, - &statp->n_muid); - break; - } - case 'I': { - V9fsIattr *iattr = va_arg(ap, V9fsIattr *); - offset += pdu_unmarshal(pdu, offset, "ddddqqqqq", - &iattr->valid, &iattr->mode, - &iattr->uid, &iattr->gid, &iattr->size, - &iattr->atime_sec, &iattr->atime_nsec, - &iattr->mtime_sec, &iattr->mtime_nsec); - break; - } - default: - break; - } - } - - va_end(ap); - - return offset - old_offset; -} - -static size_t pdu_marshal(V9fsPDU *pdu, size_t offset, const char *fmt, ...) -{ - size_t old_offset = offset; - va_list ap; - int i; - - va_start(ap, fmt); - for (i = 0; fmt[i]; i++) { - switch (fmt[i]) { - case 'b': { - uint8_t val = va_arg(ap, int); - offset += pdu_pack(pdu, offset, &val, sizeof(val)); - break; - } - case 'w': { - uint16_t val; - cpu_to_le16w(&val, va_arg(ap, int)); - offset += pdu_pack(pdu, offset, &val, sizeof(val)); - break; - } - case 'd': { - uint32_t val; - cpu_to_le32w(&val, va_arg(ap, uint32_t)); - offset += pdu_pack(pdu, offset, &val, sizeof(val)); - break; - } - case 'q': { - uint64_t val; - cpu_to_le64w(&val, va_arg(ap, uint64_t)); - offset += pdu_pack(pdu, offset, &val, sizeof(val)); - break; - } - case 's': { - V9fsString *str = va_arg(ap, V9fsString *); - offset += pdu_marshal(pdu, offset, "w", str->size); - offset += pdu_pack(pdu, offset, str->data, str->size); - break; - } - case 'Q': { - V9fsQID *qidp = va_arg(ap, V9fsQID *); - offset += pdu_marshal(pdu, offset, "bdq", - qidp->type, qidp->version, qidp->path); - break; - } - case 'S': { - V9fsStat *statp = va_arg(ap, V9fsStat *); - offset += pdu_marshal(pdu, offset, "wwdQdddqsssssddd", - statp->size, statp->type, statp->dev, - &statp->qid, statp->mode, statp->atime, - statp->mtime, statp->length, &statp->name, - &statp->uid, &statp->gid, &statp->muid, - &statp->extension, statp->n_uid, - statp->n_gid, statp->n_muid); - break; - } - case 'A': { - V9fsStatDotl *statp = va_arg(ap, V9fsStatDotl *); - offset += pdu_marshal(pdu, offset, "qQdddqqqqqqqqqqqqqqq", - statp->st_result_mask, - &statp->qid, statp->st_mode, - statp->st_uid, statp->st_gid, - statp->st_nlink, statp->st_rdev, - statp->st_size, statp->st_blksize, statp->st_blocks, - statp->st_atime_sec, statp->st_atime_nsec, - statp->st_mtime_sec, statp->st_mtime_nsec, - statp->st_ctime_sec, statp->st_ctime_nsec, - statp->st_btime_sec, statp->st_btime_nsec, - statp->st_gen, statp->st_data_version); - break; - } - default: - break; - } - } - va_end(ap); - - return offset - old_offset; -} - +/* + * We don't do error checking for pdu_marshal/unmarshal here + * because we always expect to have enough space to encode + * error details + */ static void complete_pdu(V9fsState *s, V9fsPDU *pdu, ssize_t len) { int8_t id = pdu->id + 1; /* Response */ @@ -946,6 +707,15 @@ static int donttouch_stat(V9fsStat *stat) return 0; } +static void v9fs_stat_init(V9fsStat *stat) +{ + v9fs_string_init(&stat->name); + v9fs_string_init(&stat->uid); + v9fs_string_init(&stat->gid); + v9fs_string_init(&stat->muid); + v9fs_string_init(&stat->extension); +} + static void v9fs_stat_free(V9fsStat *stat) { v9fs_string_free(&stat->name); @@ -1130,12 +900,18 @@ static inline bool is_ro_export(FsContext *ctx) static void v9fs_version(void *opaque) { + ssize_t err; V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; V9fsString version; size_t offset = 7; - pdu_unmarshal(pdu, offset, "ds", &s->msize, &version); + v9fs_string_init(&version); + err = pdu_unmarshal(pdu, offset, "ds", &s->msize, &version); + if (err < 0) { + offset = err; + goto out; + } trace_v9fs_version(pdu->tag, pdu->id, s->msize, version.data); virtfs_reset(pdu); @@ -1148,11 +924,15 @@ static void v9fs_version(void *opaque) v9fs_string_sprintf(&version, "unknown"); } - offset += pdu_marshal(pdu, offset, "ds", s->msize, &version); + err = pdu_marshal(pdu, offset, "ds", s->msize, &version); + if (err < 0) { + offset = err; + goto out; + } + offset += err; trace_v9fs_version_return(pdu->tag, pdu->id, s->msize, version.data); - +out: complete_pdu(s, pdu, offset); - v9fs_string_free(&version); return; } @@ -1168,7 +948,13 @@ static void v9fs_attach(void *opaque) V9fsQID qid; ssize_t err; - pdu_unmarshal(pdu, offset, "ddssd", &fid, &afid, &uname, &aname, &n_uname); + v9fs_string_init(&uname); + v9fs_string_init(&aname); + err = pdu_unmarshal(pdu, offset, "ddssd", &fid, + &afid, &uname, &aname, &n_uname); + if (err < 0) { + goto out_nofid; + } trace_v9fs_attach(pdu->tag, pdu->id, fid, afid, uname.data, aname.data); fidp = alloc_fid(s, fid); @@ -1189,8 +975,12 @@ static void v9fs_attach(void *opaque) clunk_fid(s, fid); goto out; } - offset += pdu_marshal(pdu, offset, "Q", &qid); - err = offset; + err = pdu_marshal(pdu, offset, "Q", &qid); + if (err < 0) { + clunk_fid(s, fid); + goto out; + } + err += offset; trace_v9fs_attach_return(pdu->tag, pdu->id, qid.type, qid.version, qid.path); s->root_fid = fid; @@ -1217,7 +1007,10 @@ static void v9fs_stat(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "d", &fid); + err = pdu_unmarshal(pdu, offset, "d", &fid); + if (err < 0) { + goto out_nofid; + } trace_v9fs_stat(pdu->tag, pdu->id, fid); fidp = get_fid(pdu, fid); @@ -1233,10 +1026,14 @@ static void v9fs_stat(void *opaque) if (err < 0) { goto out; } - offset += pdu_marshal(pdu, offset, "wS", 0, &v9stat); - err = offset; + err = pdu_marshal(pdu, offset, "wS", 0, &v9stat); + if (err < 0) { + v9fs_stat_free(&v9stat); + goto out; + } trace_v9fs_stat_return(pdu->tag, pdu->id, v9stat.mode, v9stat.atime, v9stat.mtime, v9stat.length); + err += offset; v9fs_stat_free(&v9stat); out: put_fid(pdu, fidp); @@ -1256,7 +1053,10 @@ static void v9fs_getattr(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "dq", &fid, &request_mask); + retval = pdu_unmarshal(pdu, offset, "dq", &fid, &request_mask); + if (retval < 0) { + goto out_nofid; + } trace_v9fs_getattr(pdu->tag, pdu->id, fid, request_mask); fidp = get_fid(pdu, fid); @@ -1282,8 +1082,11 @@ static void v9fs_getattr(void *opaque) } v9stat_dotl.st_result_mask |= P9_STATS_GEN; } - retval = offset; - retval += pdu_marshal(pdu, offset, "A", &v9stat_dotl); + retval = pdu_marshal(pdu, offset, "A", &v9stat_dotl); + if (retval < 0) { + goto out; + } + retval += offset; trace_v9fs_getattr_return(pdu->tag, pdu->id, v9stat_dotl.st_result_mask, v9stat_dotl.st_mode, v9stat_dotl.st_uid, v9stat_dotl.st_gid); @@ -1316,7 +1119,10 @@ static void v9fs_setattr(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "dI", &fid, &v9iattr); + err = pdu_unmarshal(pdu, offset, "dI", &fid, &v9iattr); + if (err < 0) { + goto out_nofid; + } fidp = get_fid(pdu, fid); if (fidp == NULL) { @@ -1391,10 +1197,20 @@ out_nofid: static int v9fs_walk_marshal(V9fsPDU *pdu, uint16_t nwnames, V9fsQID *qids) { int i; + ssize_t err; size_t offset = 7; - offset += pdu_marshal(pdu, offset, "w", nwnames); + + err = pdu_marshal(pdu, offset, "w", nwnames); + if (err < 0) { + return err; + } + offset += err; for (i = 0; i < nwnames; i++) { - offset += pdu_marshal(pdu, offset, "Q", &qids[i]); + err = pdu_marshal(pdu, offset, "Q", &qids[i]); + if (err < 0) { + return err; + } + offset += err; } return offset; } @@ -1415,8 +1231,12 @@ static void v9fs_walk(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - offset += pdu_unmarshal(pdu, offset, "ddw", &fid, - &newfid, &nwnames); + err = pdu_unmarshal(pdu, offset, "ddw", &fid, &newfid, &nwnames); + if (err < 0) { + complete_pdu(s, pdu, err); + return ; + } + offset += err; trace_v9fs_walk(pdu->tag, pdu->id, fid, newfid, nwnames); @@ -1424,7 +1244,11 @@ static void v9fs_walk(void *opaque) wnames = g_malloc0(sizeof(wnames[0]) * nwnames); qids = g_malloc0(sizeof(qids[0]) * nwnames); for (i = 0; i < nwnames; i++) { - offset += pdu_unmarshal(pdu, offset, "s", &wnames[i]); + err = pdu_unmarshal(pdu, offset, "s", &wnames[i]); + if (err < 0) { + goto out_nofid; + } + offset += err; } } else if (nwnames > P9_MAXWELEM) { err = -EINVAL; @@ -1523,9 +1347,12 @@ static void v9fs_open(void *opaque) V9fsState *s = pdu->s; if (s->proto_version == V9FS_PROTO_2000L) { - pdu_unmarshal(pdu, offset, "dd", &fid, &mode); + err = pdu_unmarshal(pdu, offset, "dd", &fid, &mode); } else { - pdu_unmarshal(pdu, offset, "db", &fid, &mode); + err = pdu_unmarshal(pdu, offset, "db", &fid, &mode); + } + if (err < 0) { + goto out_nofid; } trace_v9fs_open(pdu->tag, pdu->id, fid, mode); @@ -1547,8 +1374,11 @@ static void v9fs_open(void *opaque) goto out; } fidp->fid_type = P9_FID_DIR; - offset += pdu_marshal(pdu, offset, "Qd", &qid, 0); - err = offset; + err = pdu_marshal(pdu, offset, "Qd", &qid, 0); + if (err < 0) { + goto out; + } + err += offset; } else { if (s->proto_version == V9FS_PROTO_2000L) { flags = get_dotl_openflags(s, mode); @@ -1577,8 +1407,11 @@ static void v9fs_open(void *opaque) fidp->flags |= FID_NON_RECLAIMABLE; } iounit = get_iounit(pdu, &fidp->path); - offset += pdu_marshal(pdu, offset, "Qd", &qid, iounit); - err = offset; + err = pdu_marshal(pdu, offset, "Qd", &qid, iounit); + if (err < 0) { + goto out; + } + err += offset; } trace_v9fs_open_return(pdu->tag, pdu->id, qid.type, qid.version, qid.path, iounit); @@ -1601,8 +1434,12 @@ static void v9fs_lcreate(void *opaque) int32_t iounit; V9fsPDU *pdu = opaque; - pdu_unmarshal(pdu, offset, "dsddd", &dfid, &name, &flags, - &mode, &gid); + v9fs_string_init(&name); + err = pdu_unmarshal(pdu, offset, "dsddd", &dfid, + &name, &flags, &mode, &gid); + if (err < 0) { + goto out_nofid; + } trace_v9fs_lcreate(pdu->tag, pdu->id, dfid, flags, mode, gid); fidp = get_fid(pdu, dfid); @@ -1628,8 +1465,11 @@ static void v9fs_lcreate(void *opaque) } iounit = get_iounit(pdu, &fidp->path); stat_to_qid(&stbuf, &qid); - offset += pdu_marshal(pdu, offset, "Qd", &qid, iounit); - err = offset; + err = pdu_marshal(pdu, offset, "Qd", &qid, iounit); + if (err < 0) { + goto out; + } + err += offset; trace_v9fs_lcreate_return(pdu->tag, pdu->id, qid.type, qid.version, qid.path, iounit); out: @@ -1649,7 +1489,10 @@ static void v9fs_fsync(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "dd", &fid, &datasync); + err = pdu_unmarshal(pdu, offset, "dd", &fid, &datasync); + if (err < 0) { + goto out_nofid; + } trace_v9fs_fsync(pdu->tag, pdu->id, fid, datasync); fidp = get_fid(pdu, fid); @@ -1675,7 +1518,10 @@ static void v9fs_clunk(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "d", &fid); + err = pdu_unmarshal(pdu, offset, "d", &fid); + if (err < 0) { + goto out_nofid; + } trace_v9fs_clunk(pdu->tag, pdu->id, fid); fidp = clunk_fid(s, fid); @@ -1698,6 +1544,7 @@ out_nofid: static int v9fs_xattr_read(V9fsState *s, V9fsPDU *pdu, V9fsFidState *fidp, uint64_t off, uint32_t max_count) { + ssize_t err; size_t offset = 7; int read_count; int64_t xattr_len; @@ -1712,10 +1559,18 @@ static int v9fs_xattr_read(V9fsState *s, V9fsPDU *pdu, V9fsFidState *fidp, */ read_count = 0; } - offset += pdu_marshal(pdu, offset, "d", read_count); - offset += pdu_pack(pdu, offset, - ((char *)fidp->fs.xattr.value) + off, - read_count); + err = pdu_marshal(pdu, offset, "d", read_count); + if (err < 0) { + return err; + } + offset += err; + err = v9fs_pack(pdu->elem.in_sg, pdu->elem.in_num, offset, + ((char *)fidp->fs.xattr.value) + off, + read_count); + if (err < 0) { + return err; + } + offset += err; return offset; } @@ -1824,7 +1679,10 @@ static void v9fs_read(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "dqd", &fid, &off, &max_count); + err = pdu_unmarshal(pdu, offset, "dqd", &fid, &off, &max_count); + if (err < 0) { + goto out_nofid; + } trace_v9fs_read(pdu->tag, pdu->id, fid, off, max_count); fidp = get_fid(pdu, fid); @@ -1842,9 +1700,11 @@ static void v9fs_read(void *opaque) err = count; goto out; } - err = offset; - err += pdu_marshal(pdu, offset, "d", count); - err += count; + err = pdu_marshal(pdu, offset, "d", count); + if (err < 0) { + goto out; + } + err += offset + count; } else if (fidp->fid_type == P9_FID_FILE) { QEMUIOVector qiov_full; QEMUIOVector qiov; @@ -1872,9 +1732,11 @@ static void v9fs_read(void *opaque) goto out; } } while (count < max_count && len > 0); - err = offset; - err += pdu_marshal(pdu, offset, "d", count); - err += count; + err = pdu_marshal(pdu, offset, "d", count); + if (err < 0) { + goto out; + } + err += offset + count; qemu_iovec_destroy(&qiov); qemu_iovec_destroy(&qiov_full); } else if (fidp->fid_type == P9_FID_XATTR) { @@ -1946,6 +1808,12 @@ static int v9fs_do_readdir(V9fsPDU *pdu, len = pdu_marshal(pdu, 11 + count, "Qqbs", &qid, dent->d_off, dent->d_type, &name); + if (len < 0) { + v9fs_co_seekdir(pdu, fidp, saved_dir_pos); + v9fs_string_free(&name); + g_free(dent); + return len; + } count += len; v9fs_string_free(&name); saved_dir_pos = dent->d_off; @@ -1969,8 +1837,11 @@ static void v9fs_readdir(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "dqd", &fid, &initial_offset, &max_count); - + retval = pdu_unmarshal(pdu, offset, "dqd", &fid, + &initial_offset, &max_count); + if (retval < 0) { + goto out_nofid; + } trace_v9fs_readdir(pdu->tag, pdu->id, fid, initial_offset, max_count); fidp = get_fid(pdu, fid); @@ -1992,9 +1863,11 @@ static void v9fs_readdir(void *opaque) retval = count; goto out; } - retval = offset; - retval += pdu_marshal(pdu, offset, "d", count); - retval += count; + retval = pdu_marshal(pdu, offset, "d", count); + if (retval < 0) { + goto out; + } + retval += count + offset; trace_v9fs_readdir_return(pdu->tag, pdu->id, count, retval); out: put_fid(pdu, fidp); @@ -2025,8 +1898,11 @@ static int v9fs_xattr_write(V9fsState *s, V9fsPDU *pdu, V9fsFidState *fidp, err = -ENOSPC; goto out; } - offset += pdu_marshal(pdu, offset, "d", write_count); - err = offset; + err = pdu_marshal(pdu, offset, "d", write_count); + if (err < 0) { + return err; + } + err += offset; fidp->fs.xattr.copied_len += write_count; /* * Now copy the content from sg list @@ -2061,7 +1937,11 @@ static void v9fs_write(void *opaque) QEMUIOVector qiov_full; QEMUIOVector qiov; - offset += pdu_unmarshal(pdu, offset, "dqd", &fid, &off, &count); + err = pdu_unmarshal(pdu, offset, "dqd", &fid, &off, &count); + if (err < 0) { + return complete_pdu(s, pdu, err); + } + offset += err; v9fs_init_qiov_from_pdu(&qiov_full, pdu, offset, count, true); trace_v9fs_write(pdu->tag, pdu->id, fid, off, count, qiov_full.niov); @@ -2109,8 +1989,11 @@ static void v9fs_write(void *opaque) } while (total < count && len > 0); offset = 7; - offset += pdu_marshal(pdu, offset, "d", total); - err = offset; + err = pdu_marshal(pdu, offset, "d", total); + if (err < 0) { + goto out; + } + err += offset; trace_v9fs_write_return(pdu->tag, pdu->id, total, err); out_qiov: qemu_iovec_destroy(&qiov); @@ -2138,10 +2021,13 @@ static void v9fs_create(void *opaque) V9fsPDU *pdu = opaque; v9fs_path_init(&path); - - pdu_unmarshal(pdu, offset, "dsdbs", &fid, &name, - &perm, &mode, &extension); - + v9fs_string_init(&name); + v9fs_string_init(&extension); + err = pdu_unmarshal(pdu, offset, "dsdbs", &fid, &name, + &perm, &mode, &extension); + if (err < 0) { + goto out_nofid; + } trace_v9fs_create(pdu->tag, pdu->id, fid, name.data, perm, mode); fidp = get_fid(pdu, fid); @@ -2272,8 +2158,11 @@ static void v9fs_create(void *opaque) } iounit = get_iounit(pdu, &fidp->path); stat_to_qid(&stbuf, &qid); - offset += pdu_marshal(pdu, offset, "Qd", &qid, iounit); - err = offset; + err = pdu_marshal(pdu, offset, "Qd", &qid, iounit); + if (err < 0) { + goto out; + } + err += offset; trace_v9fs_create_return(pdu->tag, pdu->id, qid.type, qid.version, qid.path, iounit); out: @@ -2298,7 +2187,12 @@ static void v9fs_symlink(void *opaque) gid_t gid; size_t offset = 7; - pdu_unmarshal(pdu, offset, "dssd", &dfid, &name, &symname, &gid); + v9fs_string_init(&name); + v9fs_string_init(&symname); + err = pdu_unmarshal(pdu, offset, "dssd", &dfid, &name, &symname, &gid); + if (err < 0) { + goto out_nofid; + } trace_v9fs_symlink(pdu->tag, pdu->id, dfid, name.data, symname.data, gid); dfidp = get_fid(pdu, dfid); @@ -2311,8 +2205,11 @@ static void v9fs_symlink(void *opaque) goto out; } stat_to_qid(&stbuf, &qid); - offset += pdu_marshal(pdu, offset, "Q", &qid); - err = offset; + err = pdu_marshal(pdu, offset, "Q", &qid); + if (err < 0) { + goto out; + } + err += offset; trace_v9fs_symlink_return(pdu->tag, pdu->id, qid.type, qid.version, qid.path); out: @@ -2325,13 +2222,18 @@ out_nofid: static void v9fs_flush(void *opaque) { + ssize_t err; int16_t tag; size_t offset = 7; V9fsPDU *cancel_pdu; V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "w", &tag); + err = pdu_unmarshal(pdu, offset, "w", &tag); + if (err < 0) { + complete_pdu(s, pdu, err); + return; + } trace_v9fs_flush(pdu->tag, pdu->id, tag); QLIST_FOREACH(cancel_pdu, &s->active_list, next) { @@ -2362,7 +2264,11 @@ static void v9fs_link(void *opaque) size_t offset = 7; int err = 0; - pdu_unmarshal(pdu, offset, "dds", &dfid, &oldfid, &name); + v9fs_string_init(&name); + err = pdu_unmarshal(pdu, offset, "dds", &dfid, &oldfid, &name); + if (err < 0) { + goto out_nofid; + } trace_v9fs_link(pdu->tag, pdu->id, dfid, oldfid, name.data); dfidp = get_fid(pdu, dfid); @@ -2396,7 +2302,10 @@ static void v9fs_remove(void *opaque) V9fsFidState *fidp; V9fsPDU *pdu = opaque; - pdu_unmarshal(pdu, offset, "d", &fid); + err = pdu_unmarshal(pdu, offset, "d", &fid); + if (err < 0) { + goto out_nofid; + } trace_v9fs_remove(pdu->tag, pdu->id, fid); fidp = get_fid(pdu, fid); @@ -2439,8 +2348,11 @@ static void v9fs_unlinkat(void *opaque) V9fsFidState *dfidp; V9fsPDU *pdu = opaque; - pdu_unmarshal(pdu, offset, "dsd", &dfid, &name, &flags); - + v9fs_string_init(&name); + err = pdu_unmarshal(pdu, offset, "dsd", &dfid, &name, &flags); + if (err < 0) { + goto out_nofid; + } dfidp = get_fid(pdu, dfid); if (dfidp == NULL) { err = -EINVAL; @@ -2542,8 +2454,11 @@ static void v9fs_rename(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "dds", &fid, &newdirfid, &name); - + v9fs_string_init(&name); + err = pdu_unmarshal(pdu, offset, "dds", &fid, &newdirfid, &name); + if (err < 0) { + goto out_nofid; + } fidp = get_fid(pdu, fid); if (fidp == NULL) { err = -ENOENT; @@ -2648,8 +2563,13 @@ static void v9fs_renameat(void *opaque) int32_t olddirfid, newdirfid; V9fsString old_name, new_name; - pdu_unmarshal(pdu, offset, "dsds", &olddirfid, - &old_name, &newdirfid, &new_name); + v9fs_string_init(&old_name); + v9fs_string_init(&new_name); + err = pdu_unmarshal(pdu, offset, "dsds", &olddirfid, + &old_name, &newdirfid, &new_name); + if (err < 0) { + goto out_err; + } v9fs_path_write_lock(s); err = v9fs_complete_renameat(pdu, olddirfid, @@ -2658,6 +2578,8 @@ static void v9fs_renameat(void *opaque) if (!err) { err = offset; } + +out_err: complete_pdu(s, pdu, err); v9fs_string_free(&old_name); v9fs_string_free(&new_name); @@ -2675,7 +2597,11 @@ static void v9fs_wstat(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "dwS", &fid, &unused, &v9stat); + v9fs_stat_init(&v9stat); + err = pdu_unmarshal(pdu, offset, "dwS", &fid, &unused, &v9stat); + if (err < 0) { + goto out_nofid; + } trace_v9fs_wstat(pdu->tag, pdu->id, fid, v9stat.mode, v9stat.atime, v9stat.mtime); @@ -2809,7 +2735,10 @@ static void v9fs_statfs(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "d", &fid); + retval = pdu_unmarshal(pdu, offset, "d", &fid); + if (retval < 0) { + goto out_nofid; + } fidp = get_fid(pdu, fid); if (fidp == NULL) { retval = -ENOENT; @@ -2819,8 +2748,11 @@ static void v9fs_statfs(void *opaque) if (retval < 0) { goto out; } - retval = offset; - retval += v9fs_fill_statfs(s, pdu, &stbuf); + retval = v9fs_fill_statfs(s, pdu, &stbuf); + if (retval < 0) { + goto out; + } + retval += offset; out: put_fid(pdu, fidp); out_nofid: @@ -2844,8 +2776,12 @@ static void v9fs_mknod(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "dsdddd", &fid, &name, &mode, - &major, &minor, &gid); + v9fs_string_init(&name); + err = pdu_unmarshal(pdu, offset, "dsdddd", &fid, &name, &mode, + &major, &minor, &gid); + if (err < 0) { + goto out_nofid; + } trace_v9fs_mknod(pdu->tag, pdu->id, fid, mode, major, minor); fidp = get_fid(pdu, fid); @@ -2859,8 +2795,11 @@ static void v9fs_mknod(void *opaque) goto out; } stat_to_qid(&stbuf, &qid); - err = offset; - err += pdu_marshal(pdu, offset, "Q", &qid); + err = pdu_marshal(pdu, offset, "Q", &qid); + if (err < 0) { + goto out; + } + err += offset; trace_v9fs_mknod_return(pdu->tag, pdu->id, qid.type, qid.version, qid.path); out: @@ -2881,7 +2820,7 @@ out_nofid: static void v9fs_lock(void *opaque) { int8_t status; - V9fsFlock *flock; + V9fsFlock flock; size_t offset = 7; struct stat stbuf; V9fsFidState *fidp; @@ -2889,18 +2828,20 @@ static void v9fs_lock(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - flock = g_malloc(sizeof(*flock)); - pdu_unmarshal(pdu, offset, "dbdqqds", &fid, &flock->type, - &flock->flags, &flock->start, &flock->length, - &flock->proc_id, &flock->client_id); - + status = P9_LOCK_ERROR; + v9fs_string_init(&flock.client_id); + err = pdu_unmarshal(pdu, offset, "dbdqqds", &fid, &flock.type, + &flock.flags, &flock.start, &flock.length, + &flock.proc_id, &flock.client_id); + if (err < 0) { + goto out_nofid; + } trace_v9fs_lock(pdu->tag, pdu->id, fid, - flock->type, flock->start, flock->length); + flock.type, flock.start, flock.length); - status = P9_LOCK_ERROR; /* We support only block flag now (that too ignored currently) */ - if (flock->flags & ~P9_LOCK_FLAGS_BLOCK) { + if (flock.flags & ~P9_LOCK_FLAGS_BLOCK) { err = -EINVAL; goto out_nofid; } @@ -2917,12 +2858,13 @@ static void v9fs_lock(void *opaque) out: put_fid(pdu, fidp); out_nofid: - err = offset; - err += pdu_marshal(pdu, offset, "b", status); + err = pdu_marshal(pdu, offset, "b", status); + if (err > 0) { + err += offset; + } trace_v9fs_lock_return(pdu->tag, pdu->id, status); complete_pdu(s, pdu, err); - v9fs_string_free(&flock->client_id); - g_free(flock); + v9fs_string_free(&flock.client_id); } /* @@ -2934,18 +2876,20 @@ static void v9fs_getlock(void *opaque) size_t offset = 7; struct stat stbuf; V9fsFidState *fidp; - V9fsGetlock *glock; + V9fsGetlock glock; int32_t fid, err = 0; V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - glock = g_malloc(sizeof(*glock)); - pdu_unmarshal(pdu, offset, "dbqqds", &fid, &glock->type, - &glock->start, &glock->length, &glock->proc_id, - &glock->client_id); - + v9fs_string_init(&glock.client_id); + err = pdu_unmarshal(pdu, offset, "dbqqds", &fid, &glock.type, + &glock.start, &glock.length, &glock.proc_id, + &glock.client_id); + if (err < 0) { + goto out_nofid; + } trace_v9fs_getlock(pdu->tag, pdu->id, fid, - glock->type, glock->start, glock->length); + glock.type, glock.start, glock.length); fidp = get_fid(pdu, fid); if (fidp == NULL) { @@ -2956,19 +2900,21 @@ static void v9fs_getlock(void *opaque) if (err < 0) { goto out; } - glock->type = P9_LOCK_TYPE_UNLCK; - offset += pdu_marshal(pdu, offset, "bqqds", glock->type, - glock->start, glock->length, glock->proc_id, - &glock->client_id); - err = offset; - trace_v9fs_getlock_return(pdu->tag, pdu->id, glock->type, glock->start, - glock->length, glock->proc_id); + glock.type = P9_LOCK_TYPE_UNLCK; + err = pdu_marshal(pdu, offset, "bqqds", glock.type, + glock.start, glock.length, glock.proc_id, + &glock.client_id); + if (err < 0) { + goto out; + } + err += offset; + trace_v9fs_getlock_return(pdu->tag, pdu->id, glock.type, glock.start, + glock.length, glock.proc_id); out: put_fid(pdu, fidp); out_nofid: complete_pdu(s, pdu, err); - v9fs_string_free(&glock->client_id); - g_free(glock); + v9fs_string_free(&glock.client_id); } static void v9fs_mkdir(void *opaque) @@ -2984,8 +2930,11 @@ static void v9fs_mkdir(void *opaque) int mode; int err = 0; - pdu_unmarshal(pdu, offset, "dsdd", &fid, &name, &mode, &gid); - + v9fs_string_init(&name); + err = pdu_unmarshal(pdu, offset, "dsdd", &fid, &name, &mode, &gid); + if (err < 0) { + goto out_nofid; + } trace_v9fs_mkdir(pdu->tag, pdu->id, fid, name.data, mode, gid); fidp = get_fid(pdu, fid); @@ -2998,8 +2947,11 @@ static void v9fs_mkdir(void *opaque) goto out; } stat_to_qid(&stbuf, &qid); - offset += pdu_marshal(pdu, offset, "Q", &qid); - err = offset; + err = pdu_marshal(pdu, offset, "Q", &qid); + if (err < 0) { + goto out; + } + err += offset; trace_v9fs_mkdir_return(pdu->tag, pdu->id, qid.type, qid.version, qid.path, err); out: @@ -3021,7 +2973,11 @@ static void v9fs_xattrwalk(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "dds", &fid, &newfid, &name); + v9fs_string_init(&name); + err = pdu_unmarshal(pdu, offset, "dds", &fid, &newfid, &name); + if (err < 0) { + goto out_nofid; + } trace_v9fs_xattrwalk(pdu->tag, pdu->id, fid, newfid, name.data); file_fidp = get_fid(pdu, fid); @@ -3035,7 +2991,7 @@ static void v9fs_xattrwalk(void *opaque) goto out; } v9fs_path_copy(&xattr_fidp->path, &file_fidp->path); - if (name.data[0] == 0) { + if (name.data == NULL) { /* * listxattr request. Get the size first */ @@ -3061,8 +3017,11 @@ static void v9fs_xattrwalk(void *opaque) goto out; } } - offset += pdu_marshal(pdu, offset, "q", size); - err = offset; + err = pdu_marshal(pdu, offset, "q", size); + if (err < 0) { + goto out; + } + err += offset; } else { /* * specific xattr fid. We check for xattr @@ -3091,8 +3050,11 @@ static void v9fs_xattrwalk(void *opaque) goto out; } } - offset += pdu_marshal(pdu, offset, "q", size); - err = offset; + err = pdu_marshal(pdu, offset, "q", size); + if (err < 0) { + goto out; + } + err += offset; } trace_v9fs_xattrwalk_return(pdu->tag, pdu->id, size); out: @@ -3118,8 +3080,11 @@ static void v9fs_xattrcreate(void *opaque) V9fsPDU *pdu = opaque; V9fsState *s = pdu->s; - pdu_unmarshal(pdu, offset, "dsqd", - &fid, &name, &size, &flags); + v9fs_string_init(&name); + err = pdu_unmarshal(pdu, offset, "dsqd", &fid, &name, &size, &flags); + if (err < 0) { + goto out_nofid; + } trace_v9fs_xattrcreate(pdu->tag, pdu->id, fid, name.data, size, flags); file_fidp = get_fid(pdu, fid); @@ -3156,7 +3121,10 @@ static void v9fs_readlink(void *opaque) int err = 0; V9fsFidState *fidp; - pdu_unmarshal(pdu, offset, "d", &fid); + err = pdu_unmarshal(pdu, offset, "d", &fid); + if (err < 0) { + goto out_nofid; + } trace_v9fs_readlink(pdu->tag, pdu->id, fid); fidp = get_fid(pdu, fid); if (fidp == NULL) { @@ -3169,8 +3137,12 @@ static void v9fs_readlink(void *opaque) if (err < 0) { goto out; } - offset += pdu_marshal(pdu, offset, "s", &target); - err = offset; + err = pdu_marshal(pdu, offset, "s", &target); + if (err < 0) { + v9fs_string_free(&target); + goto out; + } + err += offset; trace_v9fs_readlink_return(pdu->tag, pdu->id, target.data); v9fs_string_free(&target); out: diff --git a/hw/9pfs/virtio-9p.h b/hw/9pfs/virtio-9p.h index 19a797b727..579794404b 100644 --- a/hw/9pfs/virtio-9p.h +++ b/hw/9pfs/virtio-9p.h @@ -8,9 +8,11 @@ #include <sys/resource.h> #include "hw/virtio.h" #include "fsdev/file-op-9p.h" +#include "fsdev/virtio-9p-marshal.h" #include "qemu-thread.h" #include "qemu-coroutine.h" + /* The feature bitmap for virtio 9P */ /* The mount point is specified in a config variable */ #define VIRTIO_9P_MOUNT_TAG 0 @@ -154,40 +156,6 @@ struct V9fsPDU typedef struct V9fsFidState V9fsFidState; -typedef struct V9fsString -{ - uint16_t size; - char *data; -} V9fsString; - -typedef struct V9fsQID -{ - int8_t type; - int32_t version; - int64_t path; -} V9fsQID; - -typedef struct V9fsStat -{ - int16_t size; - int16_t type; - int32_t dev; - V9fsQID qid; - int32_t mode; - int32_t atime; - int32_t mtime; - int64_t length; - V9fsString name; - V9fsString uid; - V9fsString gid; - V9fsString muid; - /* 9p2000.u */ - V9fsString extension; - int32_t n_uid; - int32_t n_gid; - int32_t n_muid; -} V9fsStat; - enum { P9_FID_NONE = 0, P9_FID_FILE, @@ -267,29 +235,6 @@ typedef struct V9fsStatState { struct stat stbuf; } V9fsStatState; -typedef struct V9fsStatDotl { - uint64_t st_result_mask; - V9fsQID qid; - uint32_t st_mode; - uint32_t st_uid; - uint32_t st_gid; - uint64_t st_nlink; - uint64_t st_rdev; - uint64_t st_size; - uint64_t st_blksize; - uint64_t st_blocks; - uint64_t st_atime_sec; - uint64_t st_atime_nsec; - uint64_t st_mtime_sec; - uint64_t st_mtime_nsec; - uint64_t st_ctime_sec; - uint64_t st_ctime_nsec; - uint64_t st_btime_sec; - uint64_t st_btime_nsec; - uint64_t st_gen; - uint64_t st_data_version; -} V9fsStatDotl; - typedef struct V9fsOpenState { V9fsPDU *pdu; size_t offset; @@ -332,19 +277,6 @@ typedef struct V9fsWriteState { int cnt; } V9fsWriteState; -typedef struct V9fsIattr -{ - int32_t valid; - int32_t mode; - int32_t uid; - int32_t gid; - int64_t size; - int64_t atime_sec; - int64_t atime_nsec; - int64_t mtime_sec; - int64_t mtime_nsec; -} V9fsIattr; - struct virtio_9p_config { /* number of characters in tag */ @@ -459,14 +391,15 @@ static inline uint8_t v9fs_request_cancelled(V9fsPDU *pdu) extern void handle_9p_output(VirtIODevice *vdev, VirtQueue *vq); extern void virtio_9p_set_fd_limit(void); extern void v9fs_reclaim_fd(V9fsPDU *pdu); -extern void v9fs_string_init(V9fsString *str); -extern void v9fs_string_free(V9fsString *str); -extern void v9fs_string_null(V9fsString *str); -extern void v9fs_string_sprintf(V9fsString *str, const char *fmt, ...); -extern void v9fs_string_copy(V9fsString *lhs, V9fsString *rhs); extern void v9fs_path_init(V9fsPath *path); extern void v9fs_path_free(V9fsPath *path); extern void v9fs_path_copy(V9fsPath *lhs, V9fsPath *rhs); extern int v9fs_name_to_path(V9fsState *s, V9fsPath *dirpath, const char *name, V9fsPath *path); + +#define pdu_marshal(pdu, offset, fmt, args...) \ + v9fs_marshal(pdu->elem.in_sg, pdu->elem.in_num, offset, 1, fmt, ##args) +#define pdu_unmarshal(pdu, offset, fmt, args...) \ + v9fs_unmarshal(pdu->elem.out_sg, pdu->elem.out_num, offset, 1, fmt, ##args) + #endif diff --git a/hw/a9mpcore.c b/hw/a9mpcore.c index cd2985f421..3ef0e138c4 100644 --- a/hw/a9mpcore.c +++ b/hw/a9mpcore.c @@ -29,6 +29,7 @@ gic_get_current_cpu(void) typedef struct a9mp_priv_state { gic_state gic; uint32_t scu_control; + uint32_t scu_status; uint32_t old_timer_status[8]; uint32_t num_cpu; qemu_irq *timer_irq; @@ -48,7 +49,13 @@ static uint64_t a9_scu_read(void *opaque, target_phys_addr_t offset, case 0x04: /* Configuration */ return (((1 << s->num_cpu) - 1) << 4) | (s->num_cpu - 1); case 0x08: /* CPU Power Status */ - return 0; + return s->scu_status; + case 0x09: /* CPU status. */ + return s->scu_status >> 8; + case 0x0a: /* CPU status. */ + return s->scu_status >> 16; + case 0x0b: /* CPU status. */ + return s->scu_status >> 24; case 0x0c: /* Invalidate All Registers In Secure State */ return 0; case 0x40: /* Filtering Start Address Register */ @@ -67,12 +74,35 @@ static void a9_scu_write(void *opaque, target_phys_addr_t offset, uint64_t value, unsigned size) { a9mp_priv_state *s = (a9mp_priv_state *)opaque; + uint32_t mask; + uint32_t shift; + switch (size) { + case 1: + mask = 0xff; + break; + case 2: + mask = 0xffff; + break; + case 4: + mask = 0xffffffff; + break; + default: + fprintf(stderr, "Invalid size %u in write to a9 scu register %x\n", + size, offset); + return; + } + switch (offset) { case 0x00: /* Control */ s->scu_control = value & 1; break; case 0x4: /* Configuration: RO */ break; + case 0x08: case 0x09: case 0x0A: case 0x0B: /* Power Control */ + shift = (offset - 0x8) * 8; + s->scu_status &= ~(mask << shift); + s->scu_status |= ((value & mask) << shift); + break; case 0x0c: /* Invalidate All Registers In Secure State */ /* no-op as we do not implement caches */ break; @@ -80,7 +110,6 @@ static void a9_scu_write(void *opaque, target_phys_addr_t offset, case 0x44: /* Filtering End Address Register */ /* RAZ/WI, like an implementation with only one AXI master */ break; - case 0x8: /* CPU Power Status */ case 0x50: /* SCU Access Control Register */ case 0x54: /* SCU Non-secure Access Control Register */ /* unimplemented, fall through */ @@ -169,11 +198,12 @@ static int a9mp_priv_init(SysBusDevice *dev) static const VMStateDescription vmstate_a9mp_priv = { .name = "a9mpcore_priv", - .version_id = 1, + .version_id = 2, .minimum_version_id = 1, .fields = (VMStateField[]) { VMSTATE_UINT32(scu_control, a9mp_priv_state), VMSTATE_UINT32_ARRAY(old_timer_status, a9mp_priv_state, 8), + VMSTATE_UINT32_V(scu_status, a9mp_priv_state, 2), VMSTATE_END_OF_LIST() } }; diff --git a/hw/alpha_typhoon.c b/hw/alpha_typhoon.c index adf738272e..7d924a3f08 100644 --- a/hw/alpha_typhoon.c +++ b/hw/alpha_typhoon.c @@ -726,7 +726,8 @@ PCIBus *typhoon_init(ram_addr_t ram_size, ISABus **isa_bus, /* Main memory region, 0x00.0000.0000. Real hardware supports 32GB, but the address space hole reserved at this point is 8TB. */ - memory_region_init_ram(&s->ram_region, NULL, "ram", ram_size); + memory_region_init_ram(&s->ram_region, "ram", ram_size); + vmstate_register_ram_global(&s->ram_region); memory_region_add_subregion(addr_space, 0, &s->ram_region); /* TIGbus, 0x801.0000.0000, 1GB. */ diff --git a/hw/an5206.c b/hw/an5206.c index 319a40e1d2..d57306d3ad 100644 --- a/hw/an5206.c +++ b/hw/an5206.c @@ -46,11 +46,13 @@ static void an5206_init(ram_addr_t ram_size, env->rambar0 = AN5206_RAMBAR_ADDR | 1; /* DRAM at address zero */ - memory_region_init_ram(ram, NULL, "an5206.ram", ram_size); + memory_region_init_ram(ram, "an5206.ram", ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(address_space_mem, 0, ram); /* Internal SRAM. */ - memory_region_init_ram(sram, NULL, "an5206.sram", 512); + memory_region_init_ram(sram, "an5206.sram", 512); + vmstate_register_ram_global(sram); memory_region_add_subregion(address_space_mem, AN5206_RAMBAR_ADDR, sram); mcf5206_init(address_space_mem, AN5206_MBAR_ADDR, env); diff --git a/hw/arm_gic.c b/hw/arm_gic.c index 9b521195a5..0339cf59fb 100644 --- a/hw/arm_gic.c +++ b/hw/arm_gic.c @@ -282,6 +282,10 @@ static uint32_t gic_dist_readb(void *opaque, target_phys_addr_t offset) return ((GIC_NIRQ / 32) - 1) | ((NUM_CPU(s) - 1) << 5); if (offset < 0x08) return 0; + if (offset >= 0x80) { + /* Interrupt Security , RAZ/WI */ + return 0; + } #endif goto bad_reg; } else if (offset < 0x200) { @@ -413,6 +417,8 @@ static void gic_dist_writeb(void *opaque, target_phys_addr_t offset, DPRINTF("Distribution %sabled\n", s->enabled ? "En" : "Dis"); } else if (offset < 4) { /* ignored. */ + } else if (offset >= 0x80) { + /* Interrupt Security Registers, RAZ/WI */ } else { goto bad_reg; } diff --git a/hw/arm_l2x0.c b/hw/arm_l2x0.c new file mode 100644 index 0000000000..2faed39f0f --- /dev/null +++ b/hw/arm_l2x0.c @@ -0,0 +1,181 @@ +/* + * ARM dummy L210, L220, PL310 cache controller. + * + * Copyright (c) 2010-2012 Calxeda + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2 or any later version, as published by the Free Software + * Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +#include "sysbus.h" + +/* L2C-310 r3p2 */ +#define CACHE_ID 0x410000c8 + +typedef struct l2x0_state { + SysBusDevice busdev; + MemoryRegion iomem; + uint32_t cache_type; + uint32_t ctrl; + uint32_t aux_ctrl; + uint32_t data_ctrl; + uint32_t tag_ctrl; + uint32_t filter_start; + uint32_t filter_end; +} l2x0_state; + +static const VMStateDescription vmstate_l2x0 = { + .name = "l2x0", + .version_id = 1, + .minimum_version_id = 1, + .fields = (VMStateField[]) { + VMSTATE_UINT32(ctrl, l2x0_state), + VMSTATE_UINT32(aux_ctrl, l2x0_state), + VMSTATE_UINT32(data_ctrl, l2x0_state), + VMSTATE_UINT32(tag_ctrl, l2x0_state), + VMSTATE_UINT32(filter_start, l2x0_state), + VMSTATE_UINT32(filter_end, l2x0_state), + VMSTATE_END_OF_LIST() + } +}; + + +static uint64_t l2x0_priv_read(void *opaque, target_phys_addr_t offset, + unsigned size) +{ + uint32_t cache_data; + l2x0_state *s = (l2x0_state *)opaque; + offset &= 0xfff; + if (offset >= 0x730 && offset < 0x800) { + return 0; /* cache ops complete */ + } + switch (offset) { + case 0: + return CACHE_ID; + case 0x4: + /* aux_ctrl values affect cache_type values */ + cache_data = (s->aux_ctrl & (7 << 17)) >> 15; + cache_data |= (s->aux_ctrl & (1 << 16)) >> 16; + return s->cache_type |= (cache_data << 18) | (cache_data << 6); + case 0x100: + return s->ctrl; + case 0x104: + return s->aux_ctrl; + case 0x108: + return s->tag_ctrl; + case 0x10C: + return s->data_ctrl; + case 0xC00: + return s->filter_start; + case 0xC04: + return s->filter_end; + case 0xF40: + return 0; + case 0xF60: + return 0; + case 0xF80: + return 0; + default: + fprintf(stderr, "l2x0_priv_read: Bad offset %x\n", (int)offset); + break; + } + return 0; +} + +static void l2x0_priv_write(void *opaque, target_phys_addr_t offset, + uint64_t value, unsigned size) +{ + l2x0_state *s = (l2x0_state *)opaque; + offset &= 0xfff; + if (offset >= 0x730 && offset < 0x800) { + /* ignore */ + return; + } + switch (offset) { + case 0x100: + s->ctrl = value & 1; + break; + case 0x104: + s->aux_ctrl = value; + break; + case 0x108: + s->tag_ctrl = value; + break; + case 0x10C: + s->data_ctrl = value; + break; + case 0xC00: + s->filter_start = value; + break; + case 0xC04: + s->filter_end = value; + break; + case 0xF40: + return; + case 0xF60: + return; + case 0xF80: + return; + default: + fprintf(stderr, "l2x0_priv_write: Bad offset %x\n", (int)offset); + break; + } +} + +static void l2x0_priv_reset(DeviceState *dev) +{ + l2x0_state *s = DO_UPCAST(l2x0_state, busdev.qdev, dev); + + s->ctrl = 0; + s->aux_ctrl = 0x02020000; + s->tag_ctrl = 0; + s->data_ctrl = 0; + s->filter_start = 0; + s->filter_end = 0; +} + +static const MemoryRegionOps l2x0_mem_ops = { + .read = l2x0_priv_read, + .write = l2x0_priv_write, + .endianness = DEVICE_NATIVE_ENDIAN, + }; + +static int l2x0_priv_init(SysBusDevice *dev) +{ + l2x0_state *s = FROM_SYSBUS(l2x0_state, dev); + + memory_region_init_io(&s->iomem, &l2x0_mem_ops, s, "l2x0_cc", 0x1000); + sysbus_init_mmio(dev, &s->iomem); + return 0; +} + +static SysBusDeviceInfo l2x0_info = { + .init = l2x0_priv_init, + .qdev.name = "l2x0", + .qdev.size = sizeof(l2x0_state), + .qdev.vmsd = &vmstate_l2x0, + .qdev.no_user = 1, + .qdev.props = (Property[]) { + DEFINE_PROP_UINT32("type", l2x0_state, cache_type, 0x1c100100), + DEFINE_PROP_END_OF_LIST(), + }, + .qdev.reset = l2x0_priv_reset, +}; + +static void l2x0_register_device(void) +{ + sysbus_register_withprop(&l2x0_info); +} + +device_init(l2x0_register_device) diff --git a/hw/arm_timer.c b/hw/arm_timer.c index 0a5b9d2cd3..60e1c63ab6 100644 --- a/hw/arm_timer.c +++ b/hw/arm_timer.c @@ -9,6 +9,8 @@ #include "sysbus.h" #include "qemu-timer.h" +#include "qemu-common.h" +#include "qdev.h" /* Common timer implementation. */ @@ -178,6 +180,7 @@ typedef struct { SysBusDevice busdev; MemoryRegion iomem; arm_timer_state *timer[2]; + uint32_t freq0, freq1; int level[2]; qemu_irq irq; } sp804_state; @@ -269,10 +272,11 @@ static int sp804_init(SysBusDevice *dev) qi = qemu_allocate_irqs(sp804_set_irq, s, 2); sysbus_init_irq(dev, &s->irq); - /* ??? The timers are actually configurable between 32kHz and 1MHz, but - we don't implement that. */ - s->timer[0] = arm_timer_init(1000000); - s->timer[1] = arm_timer_init(1000000); + /* The timers are configurable between 32kHz and 1MHz + * defaulting to 1MHz but overrideable as individual properties */ + s->timer[0] = arm_timer_init(s->freq0); + s->timer[1] = arm_timer_init(s->freq1); + s->timer[0]->irq = qi[0]; s->timer[1]->irq = qi[1]; memory_region_init_io(&s->iomem, &sp804_ops, s, "sp804", 0x1000); @@ -281,6 +285,16 @@ static int sp804_init(SysBusDevice *dev) return 0; } +static SysBusDeviceInfo sp804_info = { + .init = sp804_init, + .qdev.name = "sp804", + .qdev.size = sizeof(sp804_state), + .qdev.props = (Property[]) { + DEFINE_PROP_UINT32("freq0", sp804_state, freq0, 1000000), + DEFINE_PROP_UINT32("freq1", sp804_state, freq1, 1000000), + DEFINE_PROP_END_OF_LIST(), + } +}; /* Integrator/CP timer module. */ @@ -349,7 +363,7 @@ static int icp_pit_init(SysBusDevice *dev) static void arm_timer_register_devices(void) { sysbus_register_dev("integrator_pit", sizeof(icp_pit_state), icp_pit_init); - sysbus_register_dev("sp804", sizeof(sp804_state), sp804_init); + sysbus_register_withprop(&sp804_info); } device_init(arm_timer_register_devices) diff --git a/hw/armv7m.c b/hw/armv7m.c index eb8c0d68d6..5c7a9502c6 100644 --- a/hw/armv7m.c +++ b/hw/armv7m.c @@ -198,10 +198,12 @@ qemu_irq *armv7m_init(MemoryRegion *address_space_mem, #endif /* Flash programming is done via the SCU, so pretend it is ROM. */ - memory_region_init_ram(flash, NULL, "armv7m.flash", flash_size); + memory_region_init_ram(flash, "armv7m.flash", flash_size); + vmstate_register_ram_global(flash); memory_region_set_readonly(flash, true); memory_region_add_subregion(address_space_mem, 0, flash); - memory_region_init_ram(sram, NULL, "armv7m.sram", sram_size); + memory_region_init_ram(sram, "armv7m.sram", sram_size); + vmstate_register_ram_global(sram); memory_region_add_subregion(address_space_mem, 0x20000000, sram); armv7m_bitband_init(); @@ -235,7 +237,8 @@ qemu_irq *armv7m_init(MemoryRegion *address_space_mem, /* Hack to map an additional page of ram at the top of the address space. This stops qemu complaining about executing code outside RAM when returning from an exception. */ - memory_region_init_ram(hack, NULL, "armv7m.hack", 0x1000); + memory_region_init_ram(hack, "armv7m.hack", 0x1000); + vmstate_register_ram_global(hack); memory_region_add_subregion(address_space_mem, 0xfffff000, hack); qemu_register_reset(armv7m_reset, env); diff --git a/hw/axis_dev88.c b/hw/axis_dev88.c index c5405ceb3d..c9301fda1d 100644 --- a/hw/axis_dev88.c +++ b/hw/axis_dev88.c @@ -266,12 +266,14 @@ void axisdev88_init (ram_addr_t ram_size, env = cpu_init(cpu_model); /* allocate RAM */ - memory_region_init_ram(phys_ram, NULL, "axisdev88.ram", ram_size); + memory_region_init_ram(phys_ram, "axisdev88.ram", ram_size); + vmstate_register_ram_global(phys_ram); memory_region_add_subregion(address_space_mem, 0x40000000, phys_ram); /* The ETRAX-FS has 128Kb on chip ram, the docs refer to it as the internal memory. */ - memory_region_init_ram(phys_intmem, NULL, "axisdev88.chipram", INTMEM_SIZE); + memory_region_init_ram(phys_intmem, "axisdev88.chipram", INTMEM_SIZE); + vmstate_register_ram_global(phys_intmem); memory_region_add_subregion(address_space_mem, 0x38000000, phys_intmem); /* Attach a NAND flash to CS1. */ diff --git a/hw/dummy_m68k.c b/hw/dummy_m68k.c index 30146b9c9d..e3c574008f 100644 --- a/hw/dummy_m68k.c +++ b/hw/dummy_m68k.c @@ -40,7 +40,8 @@ static void dummy_m68k_init(ram_addr_t ram_size, env->vbr = 0; /* RAM at address zero */ - memory_region_init_ram(ram, NULL, "dummy_m68k.ram", ram_size); + memory_region_init_ram(ram, "dummy_m68k.ram", ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(address_space_mem, 0, ram); /* Load kernel. */ diff --git a/hw/g364fb.c b/hw/g364fb.c index 34fb08c097..33ec149e0f 100644 --- a/hw/g364fb.c +++ b/hw/g364fb.c @@ -524,8 +524,9 @@ static void g364fb_init(DeviceState *dev, G364State *s) g364fb_screen_dump, NULL, s); memory_region_init_io(&s->mem_ctrl, &g364fb_ctrl_ops, s, "ctrl", 0x180000); - memory_region_init_ram_ptr(&s->mem_vram, dev, "vram", + memory_region_init_ram_ptr(&s->mem_vram, "vram", s->vram_size, s->vram); + vmstate_register_ram(&s->mem_vram, dev); memory_region_set_coalescing(&s->mem_vram); } diff --git a/hw/hw.h b/hw/hw.h index efa04d1340..932014af47 100644 --- a/hw/hw.h +++ b/hw/hw.h @@ -949,4 +949,9 @@ int vmstate_register_with_alias_id(DeviceState *dev, int instance_id, int required_for_version); void vmstate_unregister(DeviceState *dev, const VMStateDescription *vmsd, void *opaque); +struct MemoryRegion; +void vmstate_register_ram(struct MemoryRegion *memory, DeviceState *dev); +void vmstate_unregister_ram(struct MemoryRegion *memory, DeviceState *dev); +void vmstate_register_ram_global(struct MemoryRegion *memory); + #endif diff --git a/hw/integratorcp.c b/hw/integratorcp.c index 2551236d5c..c8f3955af8 100644 --- a/hw/integratorcp.c +++ b/hw/integratorcp.c @@ -261,7 +261,8 @@ static int integratorcm_init(SysBusDevice *dev) } memcpy(integrator_spd + 73, "QEMU-MEMORY", 11); s->cm_init = 0x00000112; - memory_region_init_ram(&s->flash, NULL, "integrator.flash", 0x100000); + memory_region_init_ram(&s->flash, "integrator.flash", 0x100000); + vmstate_register_ram_global(&s->flash); s->flash_mapped = false; memory_region_init_io(&s->iomem, &integratorcm_ops, s, @@ -471,7 +472,8 @@ static void integratorcp_init(ram_addr_t ram_size, fprintf(stderr, "Unable to find CPU definition\n"); exit(1); } - memory_region_init_ram(ram, NULL, "integrator.ram", ram_size); + memory_region_init_ram(ram, "integrator.ram", ram_size); + vmstate_register_ram_global(ram); /* ??? On a real system the first 1Mb is mapped as SSRAM or boot flash. */ /* ??? RAM should repeat to fill physical memory space. */ /* SDRAM at address zero*/ diff --git a/hw/ivshmem.c b/hw/ivshmem.c index 7b4dbf66a9..1aa9e3bfa1 100644 --- a/hw/ivshmem.c +++ b/hw/ivshmem.c @@ -335,8 +335,9 @@ static void create_shared_memory_BAR(IVShmemState *s, int fd) { ptr = mmap(0, s->ivshmem_size, PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0); - memory_region_init_ram_ptr(&s->ivshmem, &s->dev.qdev, "ivshmem.bar2", + memory_region_init_ram_ptr(&s->ivshmem, "ivshmem.bar2", s->ivshmem_size, ptr); + vmstate_register_ram(&s->ivshmem, &s->dev.qdev); memory_region_add_subregion(&s->bar, 0, &s->ivshmem); /* region for shared memory */ @@ -451,8 +452,9 @@ static void ivshmem_read(void *opaque, const uint8_t * buf, int flags) /* mmap the region and map into the BAR2 */ map_ptr = mmap(0, s->ivshmem_size, PROT_READ|PROT_WRITE, MAP_SHARED, incoming_fd, 0); - memory_region_init_ram_ptr(&s->ivshmem, &s->dev.qdev, + memory_region_init_ram_ptr(&s->ivshmem, "ivshmem.bar2", s->ivshmem_size, map_ptr); + vmstate_register_ram(&s->ivshmem, &s->dev.qdev); IVSHMEM_DPRINTF("guest h/w addr = %" PRIu64 ", size = %" PRIu64 "\n", s->ivshmem_offset, s->ivshmem_size); @@ -753,6 +755,7 @@ static int pci_ivshmem_uninit(PCIDevice *dev) memory_region_destroy(&s->ivshmem_mmio); memory_region_del_subregion(&s->bar, &s->ivshmem); + vmstate_unregister_ram(&s->ivshmem, &s->dev.qdev); memory_region_destroy(&s->ivshmem); memory_region_destroy(&s->bar); unregister_savevm(&dev->qdev, "ivshmem", s); diff --git a/hw/leon3.c b/hw/leon3.c index 607ec852fe..e25bb046a7 100644 --- a/hw/leon3.c +++ b/hw/leon3.c @@ -142,12 +142,14 @@ static void leon3_generic_hw_init(ram_addr_t ram_size, exit(1); } - memory_region_init_ram(ram, NULL, "leon3.ram", ram_size); + memory_region_init_ram(ram, "leon3.ram", ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(address_space_mem, 0x40000000, ram); /* Allocate BIOS */ prom_size = 8 * 1024 * 1024; /* 8Mb */ - memory_region_init_ram(prom, NULL, "Leon3.bios", prom_size); + memory_region_init_ram(prom, "Leon3.bios", prom_size); + vmstate_register_ram_global(prom); memory_region_set_readonly(prom, true); memory_region_add_subregion(address_space_mem, 0x00000000, prom); diff --git a/hw/lm32_boards.c b/hw/lm32_boards.c index 97e1c001b9..3cdf120a14 100644 --- a/hw/lm32_boards.c +++ b/hw/lm32_boards.c @@ -106,7 +106,8 @@ static void lm32_evr_init(ram_addr_t ram_size_not_used, reset_info->flash_base = flash_base; - memory_region_init_ram(phys_ram, NULL, "lm32_evr.sdram", ram_size); + memory_region_init_ram(phys_ram, "lm32_evr.sdram", ram_size); + vmstate_register_ram_global(phys_ram); memory_region_add_subregion(address_space_mem, ram_base, phys_ram); dinfo = drive_get(IF_PFLASH, 0, 0); @@ -200,7 +201,8 @@ static void lm32_uclinux_init(ram_addr_t ram_size_not_used, reset_info->flash_base = flash_base; - memory_region_init_ram(phys_ram, NULL, "lm32_uclinux.sdram", ram_size); + memory_region_init_ram(phys_ram, "lm32_uclinux.sdram", ram_size); + vmstate_register_ram_global(phys_ram); memory_region_add_subregion(address_space_mem, ram_base, phys_ram); dinfo = drive_get(IF_PFLASH, 0, 0); diff --git a/hw/mainstone.c b/hw/mainstone.c index 3ed6649204..c914a4ef7d 100644 --- a/hw/mainstone.c +++ b/hw/mainstone.c @@ -111,7 +111,8 @@ static void mainstone_common_init(MemoryRegion *address_space_mem, /* Setup CPU & memory */ cpu = pxa270_init(address_space_mem, mainstone_binfo.ram_size, cpu_model); - memory_region_init_ram(rom, NULL, "mainstone.rom", MAINSTONE_ROM); + memory_region_init_ram(rom, "mainstone.rom", MAINSTONE_ROM); + vmstate_register_ram_global(rom); memory_region_set_readonly(rom, true); memory_region_add_subregion(address_space_mem, 0, rom); diff --git a/hw/mcf5208.c b/hw/mcf5208.c index ec608a1a38..3b0636dc2f 100644 --- a/hw/mcf5208.c +++ b/hw/mcf5208.c @@ -213,11 +213,13 @@ static void mcf5208evb_init(ram_addr_t ram_size, /* TODO: Configure BARs. */ /* DRAM at 0x40000000 */ - memory_region_init_ram(ram, NULL, "mcf5208.ram", ram_size); + memory_region_init_ram(ram, "mcf5208.ram", ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(address_space_mem, 0x40000000, ram); /* Internal SRAM. */ - memory_region_init_ram(sram, NULL, "mcf5208.sram", 16384); + memory_region_init_ram(sram, "mcf5208.sram", 16384); + vmstate_register_ram_global(sram); memory_region_add_subregion(address_space_mem, 0x80000000, sram); /* Internal peripherals. */ diff --git a/hw/milkymist-minimac2.c b/hw/milkymist-minimac2.c index b5e0dac116..7006d29788 100644 --- a/hw/milkymist-minimac2.c +++ b/hw/milkymist-minimac2.c @@ -468,8 +468,9 @@ static int milkymist_minimac2_init(SysBusDevice *dev) sysbus_init_mmio(dev, &s->regs_region); /* register buffers memory */ - memory_region_init_ram(&s->buffers, NULL, "milkymist-minimac2.buffers", + memory_region_init_ram(&s->buffers, "milkymist-minimac2.buffers", buffers_size); + vmstate_register_ram_global(&s->buffers); s->rx0_buf = memory_region_get_ram_ptr(&s->buffers); s->rx1_buf = s->rx0_buf + MINIMAC2_BUFFER_SIZE; s->tx_buf = s->rx1_buf + MINIMAC2_BUFFER_SIZE; diff --git a/hw/milkymist-softusb.c b/hw/milkymist-softusb.c index 6dd953ce9f..83bd1c4c6b 100644 --- a/hw/milkymist-softusb.c +++ b/hw/milkymist-softusb.c @@ -267,11 +267,13 @@ static int milkymist_softusb_init(SysBusDevice *dev) sysbus_init_mmio(dev, &s->regs_region); /* register pmem and dmem */ - memory_region_init_ram(&s->pmem, NULL, "milkymist-softusb.pmem", + memory_region_init_ram(&s->pmem, "milkymist-softusb.pmem", s->pmem_size); + vmstate_register_ram_global(&s->pmem); sysbus_add_memory(dev, s->pmem_base, &s->pmem); - memory_region_init_ram(&s->dmem, NULL, "milkymist-softusb.dmem", + memory_region_init_ram(&s->dmem, "milkymist-softusb.dmem", s->dmem_size); + vmstate_register_ram_global(&s->dmem); sysbus_add_memory(dev, s->dmem_base, &s->dmem); hid_init(&s->hid_kbd, HID_KEYBOARD, softusb_kbd_hid_datain); diff --git a/hw/milkymist.c b/hw/milkymist.c index b7a8c1c256..eaef0c24c3 100644 --- a/hw/milkymist.c +++ b/hw/milkymist.c @@ -110,7 +110,8 @@ milkymist_init(ram_addr_t ram_size_not_used, cpu_lm32_set_phys_msb_ignore(env, 1); - memory_region_init_ram(phys_sdram, NULL, "milkymist.sdram", sdram_size); + memory_region_init_ram(phys_sdram, "milkymist.sdram", sdram_size); + vmstate_register_ram_global(phys_sdram); memory_region_add_subregion(address_space_mem, sdram_base, phys_sdram); dinfo = drive_get(IF_PFLASH, 0, 0); diff --git a/hw/mips_fulong2e.c b/hw/mips_fulong2e.c index 5e87665188..94ef1dfd37 100644 --- a/hw/mips_fulong2e.c +++ b/hw/mips_fulong2e.c @@ -291,8 +291,10 @@ static void mips_fulong2e_init(ram_addr_t ram_size, const char *boot_device, bios_size = 1024 * 1024; /* allocate RAM */ - memory_region_init_ram(ram, NULL, "fulong2e.ram", ram_size); - memory_region_init_ram(bios, NULL, "fulong2e.bios", bios_size); + memory_region_init_ram(ram, "fulong2e.ram", ram_size); + vmstate_register_ram_global(ram); + memory_region_init_ram(bios, "fulong2e.bios", bios_size); + vmstate_register_ram_global(bios); memory_region_set_readonly(bios, true); memory_region_add_subregion(address_space_mem, 0, ram); diff --git a/hw/mips_jazz.c b/hw/mips_jazz.c index da0498201a..63165b9a38 100644 --- a/hw/mips_jazz.c +++ b/hw/mips_jazz.c @@ -146,10 +146,12 @@ static void mips_jazz_init(MemoryRegion *address_space, qemu_register_reset(main_cpu_reset, env); /* allocate RAM */ - memory_region_init_ram(ram, NULL, "mips_jazz.ram", ram_size); + memory_region_init_ram(ram, "mips_jazz.ram", ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(address_space, 0, ram); - memory_region_init_ram(bios, NULL, "mips_jazz.bios", MAGNUM_BIOS_SIZE); + memory_region_init_ram(bios, "mips_jazz.bios", MAGNUM_BIOS_SIZE); + vmstate_register_ram_global(bios); memory_region_set_readonly(bios, true); memory_region_init_alias(bios2, "mips_jazz.bios", bios, 0, MAGNUM_BIOS_SIZE); @@ -208,7 +210,8 @@ static void mips_jazz_init(MemoryRegion *address_space, { /* Simple ROM, so user doesn't have to provide one */ MemoryRegion *rom_mr = g_new(MemoryRegion, 1); - memory_region_init_ram(rom_mr, NULL, "g364fb.rom", 0x80000); + memory_region_init_ram(rom_mr, "g364fb.rom", 0x80000); + vmstate_register_ram_global(rom_mr); memory_region_set_readonly(rom_mr, true); uint8_t *rom = memory_region_get_ram_ptr(rom_mr); memory_region_add_subregion(address_space, 0x60000000, rom_mr); diff --git a/hw/mips_malta.c b/hw/mips_malta.c index d94ad1d8c1..e625ec398f 100644 --- a/hw/mips_malta.c +++ b/hw/mips_malta.c @@ -47,6 +47,7 @@ #include "mc146818rtc.h" #include "blockdev.h" #include "exec-memory.h" +#include "sysbus.h" /* SysBusDevice */ //#define DEBUG_BOARD_INIT @@ -72,6 +73,11 @@ typedef struct { SerialState *uart; } MaltaFPGAState; +typedef struct { + SysBusDevice busdev; + qemu_irq *i8259; +} MaltaState; + static ISADevice *pit; static struct _loaderparams { @@ -776,7 +782,7 @@ void mips_malta_init (ram_addr_t ram_size, PCIBus *pci_bus; ISABus *isa_bus; CPUState *env; - qemu_irq *i8259 = NULL, *isa_irq; + qemu_irq *isa_irq; qemu_irq *cpu_exit_irq; int piix4_devfn; i2c_bus *smbus; @@ -788,6 +794,11 @@ void mips_malta_init (ram_addr_t ram_size, int fl_sectors = 0; int be; + DeviceState *dev = qdev_create(NULL, "mips-malta"); + MaltaState *s = DO_UPCAST(MaltaState, busdev.qdev, dev); + + qdev_init_nofail(dev); + /* Make sure the first 3 serial ports are associated with a device. */ for(i = 0; i < 3; i++) { if (!serial_hds[i]) { @@ -826,7 +837,8 @@ void mips_malta_init (ram_addr_t ram_size, ((unsigned int)ram_size / (1 << 20))); exit(1); } - memory_region_init_ram(ram, NULL, "mips_malta.ram", ram_size); + memory_region_init_ram(ram, "mips_malta.ram", ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(system_memory, 0, ram); #ifdef TARGET_WORDS_BIGENDIAN @@ -841,7 +853,8 @@ void mips_malta_init (ram_addr_t ram_size, if (kernel_filename) { /* Write a small bootloader to the flash location. */ bios = g_new(MemoryRegion, 1); - memory_region_init_ram(bios, NULL, "mips_malta.bios", BIOS_SIZE); + memory_region_init_ram(bios, "mips_malta.bios", BIOS_SIZE); + vmstate_register_ram_global(bios); memory_region_set_readonly(bios, true); memory_region_init_alias(bios_alias, "bios.1fc", bios, 0, BIOS_SIZE); /* Map the bios at two physical locations, as on the real board. */ @@ -878,7 +891,8 @@ void mips_malta_init (ram_addr_t ram_size, fl_idx++; } else { bios = g_new(MemoryRegion, 1); - memory_region_init_ram(bios, NULL, "mips_malta.bios", BIOS_SIZE); + memory_region_init_ram(bios, "mips_malta.bios", BIOS_SIZE); + vmstate_register_ram_global(bios); memory_region_set_readonly(bios, true); memory_region_init_alias(bios_alias, "bios.1fc", bios, 0, BIOS_SIZE); @@ -934,7 +948,7 @@ void mips_malta_init (ram_addr_t ram_size, * qemu_irq_proxy() adds an extra bit of indirection, allowing us * to resolve the isa_irq -> i8259 dependency after i8259 is initialized. */ - isa_irq = qemu_irq_proxy(&i8259, 16); + isa_irq = qemu_irq_proxy(&s->i8259, 16); /* Northbridge */ pci_bus = gt64120_register(isa_irq); @@ -946,9 +960,9 @@ void mips_malta_init (ram_addr_t ram_size, /* Interrupt controller */ /* The 8259 is attached to the MIPS CPU INT0 pin, ie interrupt 2 */ - i8259 = i8259_init(isa_bus, env->irq[2]); + s->i8259 = i8259_init(isa_bus, env->irq[2]); - isa_bus_irqs(isa_bus, i8259); + isa_bus_irqs(isa_bus, s->i8259); pci_piix4_ide_init(pci_bus, hd, piix4_devfn + 1); usb_uhci_piix4_init(pci_bus, piix4_devfn + 2); smbus = piix4_pm_init(pci_bus, piix4_devfn + 3, 0x1100, @@ -992,6 +1006,20 @@ void mips_malta_init (ram_addr_t ram_size, } } +static int mips_malta_sysbus_device_init(SysBusDevice *sysbusdev) +{ + return 0; +} + +static SysBusDeviceInfo mips_malta_device = { + .init = mips_malta_sysbus_device_init, + .qdev.name = "mips-malta", + .qdev.size = sizeof(MaltaState), + .qdev.props = (Property[]) { + DEFINE_PROP_END_OF_LIST(), + } +}; + static QEMUMachine mips_malta_machine = { .name = "malta", .desc = "MIPS Malta Core LV", @@ -1000,9 +1028,15 @@ static QEMUMachine mips_malta_machine = { .is_default = 1, }; +static void mips_malta_device_init(void) +{ + sysbus_register_withprop(&mips_malta_device); +} + static void mips_malta_machine_init(void) { qemu_register_machine(&mips_malta_machine); } +device_init(mips_malta_device_init); machine_init(mips_malta_machine_init); diff --git a/hw/mips_mipssim.c b/hw/mips_mipssim.c index b56cba619e..76c95b2ec0 100644 --- a/hw/mips_mipssim.c +++ b/hw/mips_mipssim.c @@ -163,8 +163,10 @@ mips_mipssim_init (ram_addr_t ram_size, qemu_register_reset(main_cpu_reset, reset_info); /* Allocate RAM. */ - memory_region_init_ram(ram, NULL, "mips_mipssim.ram", ram_size); - memory_region_init_ram(bios, NULL, "mips_mipssim.bios", BIOS_SIZE); + memory_region_init_ram(ram, "mips_mipssim.ram", ram_size); + vmstate_register_ram_global(ram); + memory_region_init_ram(bios, "mips_mipssim.bios", BIOS_SIZE); + vmstate_register_ram_global(bios); memory_region_set_readonly(bios, true); memory_region_add_subregion(address_space_mem, 0, ram); diff --git a/hw/mips_r4k.c b/hw/mips_r4k.c index c078078264..1c0615c1da 100644 --- a/hw/mips_r4k.c +++ b/hw/mips_r4k.c @@ -195,7 +195,8 @@ void mips_r4k_init (ram_addr_t ram_size, ((unsigned int)ram_size / (1 << 20))); exit(1); } - memory_region_init_ram(ram, NULL, "mips_r4k.ram", ram_size); + memory_region_init_ram(ram, "mips_r4k.ram", ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(address_space_mem, 0, ram); @@ -221,7 +222,8 @@ void mips_r4k_init (ram_addr_t ram_size, #endif if ((bios_size > 0) && (bios_size <= BIOS_SIZE)) { bios = g_new(MemoryRegion, 1); - memory_region_init_ram(bios, NULL, "mips_r4k.bios", BIOS_SIZE); + memory_region_init_ram(bios, "mips_r4k.bios", BIOS_SIZE); + vmstate_register_ram_global(bios); memory_region_set_readonly(bios, true); memory_region_add_subregion(get_system_memory(), 0x1fc00000, bios); diff --git a/hw/musicpal.c b/hw/musicpal.c index 3c6cefe908..a01e3d2d92 100644 --- a/hw/musicpal.c +++ b/hw/musicpal.c @@ -1472,10 +1472,12 @@ static void musicpal_init(ram_addr_t ram_size, cpu_pic = arm_pic_init_cpu(env); /* For now we use a fixed - the original - RAM size */ - memory_region_init_ram(ram, NULL, "musicpal.ram", MP_RAM_DEFAULT_SIZE); + memory_region_init_ram(ram, "musicpal.ram", MP_RAM_DEFAULT_SIZE); + vmstate_register_ram_global(ram); memory_region_add_subregion(address_space_mem, 0, ram); - memory_region_init_ram(sram, NULL, "musicpal.sram", MP_SRAM_SIZE); + memory_region_init_ram(sram, "musicpal.sram", MP_SRAM_SIZE); + vmstate_register_ram_global(sram); memory_region_add_subregion(address_space_mem, MP_SRAM_BASE, sram); dev = sysbus_create_simple("mv88w8618_pic", MP_PIC_BASE, diff --git a/hw/omap.h b/hw/omap.h index 42eb361b21..60fa34cef2 100644 --- a/hw/omap.h +++ b/hw/omap.h @@ -672,10 +672,6 @@ void omap_uart_reset(struct omap_uart_s *s); void omap_uart_attach(struct omap_uart_s *s, CharDriverState *chr); struct omap_mpuio_s; -struct omap_mpuio_s *omap_mpuio_init(MemoryRegion *system_memory, - target_phys_addr_t base, - qemu_irq kbd_int, qemu_irq gpio_int, qemu_irq wakeup, - omap_clk clk); qemu_irq *omap_mpuio_in_get(struct omap_mpuio_s *s); void omap_mpuio_out_set(struct omap_mpuio_s *s, int line, qemu_irq handler); void omap_mpuio_key(struct omap_mpuio_s *s, int row, int col, int down); @@ -833,8 +829,6 @@ struct omap_mpu_state_s { MemoryRegion tcmi_iomem; MemoryRegion clkm_iomem; MemoryRegion clkdsp_iomem; - MemoryRegion pwl_iomem; - MemoryRegion pwt_iomem; MemoryRegion mpui_io_iomem; MemoryRegion tap_iomem; MemoryRegion imif_ram; @@ -871,20 +865,8 @@ struct omap_mpu_state_s { struct omap_uwire_s *microwire; - struct { - uint8_t output; - uint8_t level; - uint8_t enable; - int clk; - } pwl; - - struct { - uint8_t frc; - uint8_t vrc; - uint8_t gcr; - omap_clk clk; - } pwt; - + struct omap_pwl_s *pwl; + struct omap_pwt_s *pwt; struct omap_i2c_s *i2c[2]; struct omap_rtc_s *rtc; @@ -922,11 +904,7 @@ struct omap_mpu_state_s { uint32_t tcmi_regs[17]; - struct dpll_ctl_s { - MemoryRegion iomem; - uint16_t mode; - omap_clk dpll; - } dpll[3]; + struct dpll_ctl_s *dpll[3]; omap_clk clks; struct { diff --git a/hw/omap1.c b/hw/omap1.c index 53cde76116..1aa5f2388b 100644 --- a/hw/omap1.c +++ b/hw/omap1.c @@ -20,11 +20,7 @@ #include "arm-misc.h" #include "omap.h" #include "sysemu.h" -#include "qemu-timer.h" -#include "qemu-char.h" #include "soc_dma.h" -/* We use pc-style serial ports. */ -#include "pc.h" #include "blockdev.h" #include "range.h" #include "sysbus.h" @@ -1344,6 +1340,12 @@ static void omap_tcmi_init(MemoryRegion *memory, target_phys_addr_t base, } /* Digital phase-locked loops control */ +struct dpll_ctl_s { + MemoryRegion iomem; + uint16_t mode; + omap_clk dpll; +}; + static uint64_t omap_dpll_read(void *opaque, target_phys_addr_t addr, unsigned size) { @@ -1409,15 +1411,17 @@ static void omap_dpll_reset(struct dpll_ctl_s *s) omap_clk_setrate(s->dpll, 1, 1); } -static void omap_dpll_init(MemoryRegion *memory, struct dpll_ctl_s *s, +static struct dpll_ctl_s *omap_dpll_init(MemoryRegion *memory, target_phys_addr_t base, omap_clk clk) { + struct dpll_ctl_s *s = g_malloc0(sizeof(*s)); memory_region_init_io(&s->iomem, &omap_dpll_ops, s, "omap-dpll", 0x100); s->dpll = clk; omap_dpll_reset(s); memory_region_add_subregion(memory, base, &s->iomem); + return s; } /* MPU Clock/Reset/Power Mode Control */ @@ -2066,7 +2070,7 @@ static void omap_mpuio_onoff(void *opaque, int line, int on) omap_mpuio_kbd_update(s); } -struct omap_mpuio_s *omap_mpuio_init(MemoryRegion *memory, +static struct omap_mpuio_s *omap_mpuio_init(MemoryRegion *memory, target_phys_addr_t base, qemu_irq kbd_int, qemu_irq gpio_int, qemu_irq wakeup, omap_clk clk) @@ -2289,12 +2293,20 @@ void omap_uwire_attach(struct omap_uwire_s *s, } /* Pseudonoise Pulse-Width Light Modulator */ -static void omap_pwl_update(struct omap_mpu_state_s *s) +struct omap_pwl_s { + MemoryRegion iomem; + uint8_t output; + uint8_t level; + uint8_t enable; + int clk; +}; + +static void omap_pwl_update(struct omap_pwl_s *s) { - int output = (s->pwl.clk && s->pwl.enable) ? s->pwl.level : 0; + int output = (s->clk && s->enable) ? s->level : 0; - if (output != s->pwl.output) { - s->pwl.output = output; + if (output != s->output) { + s->output = output; printf("%s: Backlight now at %i/256\n", __FUNCTION__, output); } } @@ -2302,7 +2314,7 @@ static void omap_pwl_update(struct omap_mpu_state_s *s) static uint64_t omap_pwl_read(void *opaque, target_phys_addr_t addr, unsigned size) { - struct omap_mpu_state_s *s = (struct omap_mpu_state_s *) opaque; + struct omap_pwl_s *s = (struct omap_pwl_s *) opaque; int offset = addr & OMAP_MPUI_REG_MASK; if (size != 1) { @@ -2311,9 +2323,9 @@ static uint64_t omap_pwl_read(void *opaque, target_phys_addr_t addr, switch (offset) { case 0x00: /* PWL_LEVEL */ - return s->pwl.level; + return s->level; case 0x04: /* PWL_CTRL */ - return s->pwl.enable; + return s->enable; } OMAP_BAD_REG(addr); return 0; @@ -2322,7 +2334,7 @@ static uint64_t omap_pwl_read(void *opaque, target_phys_addr_t addr, static void omap_pwl_write(void *opaque, target_phys_addr_t addr, uint64_t value, unsigned size) { - struct omap_mpu_state_s *s = (struct omap_mpu_state_s *) opaque; + struct omap_pwl_s *s = (struct omap_pwl_s *) opaque; int offset = addr & OMAP_MPUI_REG_MASK; if (size != 1) { @@ -2331,11 +2343,11 @@ static void omap_pwl_write(void *opaque, target_phys_addr_t addr, switch (offset) { case 0x00: /* PWL_LEVEL */ - s->pwl.level = value; + s->level = value; omap_pwl_update(s); break; case 0x04: /* PWL_CTRL */ - s->pwl.enable = value & 1; + s->enable = value & 1; omap_pwl_update(s); break; default: @@ -2350,41 +2362,52 @@ static const MemoryRegionOps omap_pwl_ops = { .endianness = DEVICE_NATIVE_ENDIAN, }; -static void omap_pwl_reset(struct omap_mpu_state_s *s) +static void omap_pwl_reset(struct omap_pwl_s *s) { - s->pwl.output = 0; - s->pwl.level = 0; - s->pwl.enable = 0; - s->pwl.clk = 1; + s->output = 0; + s->level = 0; + s->enable = 0; + s->clk = 1; omap_pwl_update(s); } static void omap_pwl_clk_update(void *opaque, int line, int on) { - struct omap_mpu_state_s *s = (struct omap_mpu_state_s *) opaque; + struct omap_pwl_s *s = (struct omap_pwl_s *) opaque; - s->pwl.clk = on; + s->clk = on; omap_pwl_update(s); } -static void omap_pwl_init(MemoryRegion *system_memory, - target_phys_addr_t base, struct omap_mpu_state_s *s, - omap_clk clk) +static struct omap_pwl_s *omap_pwl_init(MemoryRegion *system_memory, + target_phys_addr_t base, + omap_clk clk) { + struct omap_pwl_s *s = g_malloc0(sizeof(*s)); + omap_pwl_reset(s); - memory_region_init_io(&s->pwl_iomem, &omap_pwl_ops, s, + memory_region_init_io(&s->iomem, &omap_pwl_ops, s, "omap-pwl", 0x800); - memory_region_add_subregion(system_memory, base, &s->pwl_iomem); + memory_region_add_subregion(system_memory, base, &s->iomem); omap_clk_adduser(clk, qemu_allocate_irqs(omap_pwl_clk_update, s, 1)[0]); + return s; } /* Pulse-Width Tone module */ +struct omap_pwt_s { + MemoryRegion iomem; + uint8_t frc; + uint8_t vrc; + uint8_t gcr; + omap_clk clk; +}; + static uint64_t omap_pwt_read(void *opaque, target_phys_addr_t addr, unsigned size) { - struct omap_mpu_state_s *s = (struct omap_mpu_state_s *) opaque; + struct omap_pwt_s *s = (struct omap_pwt_s *) opaque; int offset = addr & OMAP_MPUI_REG_MASK; if (size != 1) { @@ -2393,11 +2416,11 @@ static uint64_t omap_pwt_read(void *opaque, target_phys_addr_t addr, switch (offset) { case 0x00: /* FRC */ - return s->pwt.frc; + return s->frc; case 0x04: /* VCR */ - return s->pwt.vrc; + return s->vrc; case 0x08: /* GCR */ - return s->pwt.gcr; + return s->gcr; } OMAP_BAD_REG(addr); return 0; @@ -2406,7 +2429,7 @@ static uint64_t omap_pwt_read(void *opaque, target_phys_addr_t addr, static void omap_pwt_write(void *opaque, target_phys_addr_t addr, uint64_t value, unsigned size) { - struct omap_mpu_state_s *s = (struct omap_mpu_state_s *) opaque; + struct omap_pwt_s *s = (struct omap_pwt_s *) opaque; int offset = addr & OMAP_MPUI_REG_MASK; if (size != 1) { @@ -2415,16 +2438,16 @@ static void omap_pwt_write(void *opaque, target_phys_addr_t addr, switch (offset) { case 0x00: /* FRC */ - s->pwt.frc = value & 0x3f; + s->frc = value & 0x3f; break; case 0x04: /* VRC */ - if ((value ^ s->pwt.vrc) & 1) { + if ((value ^ s->vrc) & 1) { if (value & 1) printf("%s: %iHz buzz on\n", __FUNCTION__, (int) /* 1.5 MHz from a 12-MHz or 13-MHz PWT_CLK */ - ((omap_clk_getrate(s->pwt.clk) >> 3) / + ((omap_clk_getrate(s->clk) >> 3) / /* Pre-multiplexer divider */ - ((s->pwt.gcr & 2) ? 1 : 154) / + ((s->gcr & 2) ? 1 : 154) / /* Octave multiplexer */ (2 << (value & 3)) * /* 101/107 divider */ @@ -2439,10 +2462,10 @@ static void omap_pwt_write(void *opaque, target_phys_addr_t addr, else printf("%s: silence!\n", __FUNCTION__); } - s->pwt.vrc = value & 0x7f; + s->vrc = value & 0x7f; break; case 0x08: /* GCR */ - s->pwt.gcr = value & 3; + s->gcr = value & 3; break; default: OMAP_BAD_REG(addr); @@ -2456,23 +2479,25 @@ static const MemoryRegionOps omap_pwt_ops = { .endianness = DEVICE_NATIVE_ENDIAN, }; -static void omap_pwt_reset(struct omap_mpu_state_s *s) +static void omap_pwt_reset(struct omap_pwt_s *s) { - s->pwt.frc = 0; - s->pwt.vrc = 0; - s->pwt.gcr = 0; + s->frc = 0; + s->vrc = 0; + s->gcr = 0; } -static void omap_pwt_init(MemoryRegion *system_memory, - target_phys_addr_t base, struct omap_mpu_state_s *s, - omap_clk clk) +static struct omap_pwt_s *omap_pwt_init(MemoryRegion *system_memory, + target_phys_addr_t base, + omap_clk clk) { - s->pwt.clk = clk; + struct omap_pwt_s *s = g_malloc0(sizeof(*s)); + s->clk = clk; omap_pwt_reset(s); - memory_region_init_io(&s->pwt_iomem, &omap_pwt_ops, s, + memory_region_init_io(&s->iomem, &omap_pwt_ops, s, "omap-pwt", 0x800); - memory_region_add_subregion(system_memory, base, &s->pwt_iomem); + memory_region_add_subregion(system_memory, base, &s->iomem); + return s; } /* Real-time Clock module */ @@ -3658,17 +3683,17 @@ static void omap1_mpu_reset(void *opaque) omap_mpui_reset(mpu); omap_tipb_bridge_reset(mpu->private_tipb); omap_tipb_bridge_reset(mpu->public_tipb); - omap_dpll_reset(&mpu->dpll[0]); - omap_dpll_reset(&mpu->dpll[1]); - omap_dpll_reset(&mpu->dpll[2]); + omap_dpll_reset(mpu->dpll[0]); + omap_dpll_reset(mpu->dpll[1]); + omap_dpll_reset(mpu->dpll[2]); omap_uart_reset(mpu->uart[0]); omap_uart_reset(mpu->uart[1]); omap_uart_reset(mpu->uart[2]); omap_mmc_reset(mpu->mmc); omap_mpuio_reset(mpu->mpuio); omap_uwire_reset(mpu->microwire); - omap_pwl_reset(mpu); - omap_pwt_reset(mpu); + omap_pwl_reset(mpu->pwl); + omap_pwt_reset(mpu->pwt); omap_i2c_reset(mpu->i2c[0]); omap_rtc_reset(mpu->rtc); omap_mcbsp_reset(mpu->mcbsp1); @@ -3819,9 +3844,11 @@ struct omap_mpu_state_s *omap310_mpu_init(MemoryRegion *system_memory, omap_clk_init(s); /* Memory-mapped stuff */ - memory_region_init_ram(&s->emiff_ram, NULL, "omap1.dram", s->sdram_size); + memory_region_init_ram(&s->emiff_ram, "omap1.dram", s->sdram_size); + vmstate_register_ram_global(&s->emiff_ram); memory_region_add_subregion(system_memory, OMAP_EMIFF_BASE, &s->emiff_ram); - memory_region_init_ram(&s->imif_ram, NULL, "omap1.sram", s->sram_size); + memory_region_init_ram(&s->imif_ram, "omap1.sram", s->sram_size); + vmstate_register_ram_global(&s->imif_ram); memory_region_add_subregion(system_memory, OMAP_IMIF_BASE, &s->imif_ram); omap_clkm_init(system_memory, 0xfffece00, 0xe1008000, s); @@ -3926,12 +3953,12 @@ struct omap_mpu_state_s *omap310_mpu_init(MemoryRegion *system_memory, "uart3", serial_hds[0] && serial_hds[1] ? serial_hds[2] : NULL); - omap_dpll_init(system_memory, - &s->dpll[0], 0xfffecf00, omap_findclk(s, "dpll1")); - omap_dpll_init(system_memory, - &s->dpll[1], 0xfffed000, omap_findclk(s, "dpll2")); - omap_dpll_init(system_memory, - &s->dpll[2], 0xfffed100, omap_findclk(s, "dpll3")); + s->dpll[0] = omap_dpll_init(system_memory, 0xfffecf00, + omap_findclk(s, "dpll1")); + s->dpll[1] = omap_dpll_init(system_memory, 0xfffed000, + omap_findclk(s, "dpll2")); + s->dpll[2] = omap_dpll_init(system_memory, 0xfffed100, + omap_findclk(s, "dpll3")); dinfo = drive_get(IF_SD, 0, 0); if (!dinfo) { @@ -3961,8 +3988,10 @@ struct omap_mpu_state_s *omap310_mpu_init(MemoryRegion *system_memory, qdev_get_gpio_in(s->ih[1], OMAP_INT_uWireRX), s->drq[OMAP_DMA_UWIRE_TX], omap_findclk(s, "mpuper_ck")); - omap_pwl_init(system_memory, 0xfffb5800, s, omap_findclk(s, "armxor_ck")); - omap_pwt_init(system_memory, 0xfffb6000, s, omap_findclk(s, "armxor_ck")); + s->pwl = omap_pwl_init(system_memory, 0xfffb5800, + omap_findclk(s, "armxor_ck")); + s->pwt = omap_pwt_init(system_memory, 0xfffb6000, + omap_findclk(s, "armxor_ck")); s->i2c[0] = omap_i2c_init(system_memory, 0xfffb3800, qdev_get_gpio_in(s->ih[1], OMAP_INT_I2C), diff --git a/hw/omap2.c b/hw/omap2.c index c09c04a50f..a6851b0fb0 100644 --- a/hw/omap2.c +++ b/hw/omap2.c @@ -2269,9 +2269,11 @@ struct omap_mpu_state_s *omap2420_mpu_init(MemoryRegion *sysmem, omap_clk_init(s); /* Memory-mapped stuff */ - memory_region_init_ram(&s->sdram, NULL, "omap2.dram", s->sdram_size); + memory_region_init_ram(&s->sdram, "omap2.dram", s->sdram_size); + vmstate_register_ram_global(&s->sdram); memory_region_add_subregion(sysmem, OMAP2_Q2_BASE, &s->sdram); - memory_region_init_ram(&s->sram, NULL, "omap2.sram", s->sram_size); + memory_region_init_ram(&s->sram, "omap2.sram", s->sram_size); + vmstate_register_ram_global(&s->sram); memory_region_add_subregion(sysmem, OMAP2_SRAM_BASE, &s->sram); s->l4 = omap_l4_init(sysmem, OMAP2_L4_BASE, 54); diff --git a/hw/omap_gpmc.c b/hw/omap_gpmc.c index 414f9f5c37..2fc4137203 100644 --- a/hw/omap_gpmc.c +++ b/hw/omap_gpmc.c @@ -443,6 +443,12 @@ void omap_gpmc_reset(struct omap_gpmc_s *s) s->irqst = 0; s->irqen = 0; omap_gpmc_int_update(s); + for (i = 0; i < 8; i++) { + /* This has to happen before we change any of the config + * used to determine which memory regions are mapped or unmapped. + */ + omap_gpmc_cs_unmap(s, i); + } s->timeout = 0; s->config = 0xa00; s->prefetch.config1 = 0x00004000; @@ -451,7 +457,6 @@ void omap_gpmc_reset(struct omap_gpmc_s *s) s->prefetch.fifopointer = 0; s->prefetch.count = 0; for (i = 0; i < 8; i ++) { - omap_gpmc_cs_unmap(s, i); s->cs_file[i].config[1] = 0x101001; s->cs_file[i].config[2] = 0x020201; s->cs_file[i].config[3] = 0x10031003; @@ -716,24 +721,31 @@ static void omap_gpmc_write(void *opaque, target_phys_addr_t addr, case 0x1e0: /* GPMC_PREFETCH_CONFIG1 */ if (!s->prefetch.startengine) { - uint32_t oldconfig1 = s->prefetch.config1; + uint32_t newconfig1 = value & 0x7f8f7fbf; uint32_t changed; - s->prefetch.config1 = value & 0x7f8f7fbf; - changed = oldconfig1 ^ s->prefetch.config1; + changed = newconfig1 ^ s->prefetch.config1; if (changed & (0x80 | 0x7000000)) { /* Turning the engine on or off, or mapping it somewhere else. * cs_map() and cs_unmap() check the prefetch config and * overall CSVALID bits, so it is sufficient to unmap-and-map - * both the old cs and the new one. + * both the old cs and the new one. Note that we adhere to + * the "unmap/change config/map" order (and not unmap twice + * if newcs == oldcs), otherwise we'll try to delete the wrong + * memory region. */ - int oldcs = prefetch_cs(oldconfig1); - int newcs = prefetch_cs(s->prefetch.config1); + int oldcs = prefetch_cs(s->prefetch.config1); + int newcs = prefetch_cs(newconfig1); omap_gpmc_cs_unmap(s, oldcs); - omap_gpmc_cs_map(s, oldcs); - if (newcs != oldcs) { + if (oldcs != newcs) { omap_gpmc_cs_unmap(s, newcs); + } + s->prefetch.config1 = newconfig1; + omap_gpmc_cs_map(s, oldcs); + if (oldcs != newcs) { omap_gpmc_cs_map(s, newcs); } + } else { + s->prefetch.config1 = newconfig1; } } break; diff --git a/hw/omap_sx1.c b/hw/omap_sx1.c index 8e58645dc0..4e8ec4a990 100644 --- a/hw/omap_sx1.c +++ b/hw/omap_sx1.c @@ -124,7 +124,8 @@ static void sx1_init(ram_addr_t ram_size, cpu = omap310_mpu_init(address_space, sx1_binfo.ram_size, cpu_model); /* External Flash (EMIFS) */ - memory_region_init_ram(flash, NULL, "omap_sx1.flash0-0", flash_size); + memory_region_init_ram(flash, "omap_sx1.flash0-0", flash_size); + vmstate_register_ram_global(flash); memory_region_set_readonly(flash, true); memory_region_add_subregion(address_space, OMAP_CS0_BASE, flash); @@ -165,7 +166,8 @@ static void sx1_init(ram_addr_t ram_size, if ((version == 1) && (dinfo = drive_get(IF_PFLASH, 0, fl_idx)) != NULL) { - memory_region_init_ram(flash_1, NULL, "omap_sx1.flash1-0", flash1_size); + memory_region_init_ram(flash_1, "omap_sx1.flash1-0", flash1_size); + vmstate_register_ram_global(flash_1); memory_region_set_readonly(flash_1, true); memory_region_add_subregion(address_space, OMAP_CS1_BASE, flash_1); diff --git a/hw/onenand.c b/hw/onenand.c index a9d8d677ee..33c9718629 100644 --- a/hw/onenand.c +++ b/hw/onenand.c @@ -781,7 +781,8 @@ static int onenand_initfn(SysBusDevice *dev) } s->otp = memset(g_malloc((64 + 2) << PAGE_SHIFT), 0xff, (64 + 2) << PAGE_SHIFT); - memory_region_init_ram(&s->ram, NULL, "onenand.ram", 0xc000 << s->shift); + memory_region_init_ram(&s->ram, "onenand.ram", 0xc000 << s->shift); + vmstate_register_ram_global(&s->ram); ram = memory_region_get_ram_ptr(&s->ram); s->boot[0] = ram + (0x0000 << s->shift); s->boot[1] = ram + (0x8000 << s->shift); diff --git a/hw/palm.c b/hw/palm.c index 094bfde369..b1252ab1e9 100644 --- a/hw/palm.c +++ b/hw/palm.c @@ -211,7 +211,8 @@ static void palmte_init(ram_addr_t ram_size, cpu = omap310_mpu_init(address_space_mem, sdram_size, cpu_model); /* External Flash (EMIFS) */ - memory_region_init_ram(flash, NULL, "palmte.flash", flash_size); + memory_region_init_ram(flash, "palmte.flash", flash_size); + vmstate_register_ram_global(flash); memory_region_set_readonly(flash, true); memory_region_add_subregion(address_space_mem, OMAP_CS0_BASE, flash); diff --git a/hw/pc.c b/hw/pc.c index f51afa87bd..85304cf115 100644 --- a/hw/pc.c +++ b/hw/pc.c @@ -987,8 +987,9 @@ void pc_memory_init(MemoryRegion *system_memory, * with older qemus that used qemu_ram_alloc(). */ ram = g_malloc(sizeof(*ram)); - memory_region_init_ram(ram, NULL, "pc.ram", + memory_region_init_ram(ram, "pc.ram", below_4g_mem_size + above_4g_mem_size); + vmstate_register_ram_global(ram); *ram_memory = ram; ram_below_4g = g_malloc(sizeof(*ram_below_4g)); memory_region_init_alias(ram_below_4g, "ram-below-4g", ram, @@ -1016,7 +1017,8 @@ void pc_memory_init(MemoryRegion *system_memory, goto bios_error; } bios = g_malloc(sizeof(*bios)); - memory_region_init_ram(bios, NULL, "pc.bios", bios_size); + memory_region_init_ram(bios, "pc.bios", bios_size); + vmstate_register_ram_global(bios); memory_region_set_readonly(bios, true); ret = rom_add_file_fixed(bios_name, (uint32_t)(-bios_size), -1); if (ret != 0) { @@ -1041,7 +1043,8 @@ void pc_memory_init(MemoryRegion *system_memory, memory_region_set_readonly(isa_bios, true); option_rom_mr = g_malloc(sizeof(*option_rom_mr)); - memory_region_init_ram(option_rom_mr, NULL, "pc.rom", PC_ROM_SIZE); + memory_region_init_ram(option_rom_mr, "pc.rom", PC_ROM_SIZE); + vmstate_register_ram_global(option_rom_mr); memory_region_add_subregion_overlap(rom_memory, PC_ROM_MIN_VGA, option_rom_mr, diff --git a/hw/pci.c b/hw/pci.c index 399227fc3d..c3082bc7c6 100644 --- a/hw/pci.c +++ b/hw/pci.c @@ -1765,7 +1765,8 @@ static int pci_add_option_rom(PCIDevice *pdev, bool is_default_rom) else snprintf(name, sizeof(name), "%s.rom", pdev->qdev.info->name); pdev->has_rom = true; - memory_region_init_ram(&pdev->rom, &pdev->qdev, name, size); + memory_region_init_ram(&pdev->rom, name, size); + vmstate_register_ram(&pdev->rom, &pdev->qdev); ptr = memory_region_get_ram_ptr(&pdev->rom); load_image(path, ptr); g_free(path); @@ -1787,6 +1788,7 @@ static void pci_del_option_rom(PCIDevice *pdev) if (!pdev->has_rom) return; + vmstate_unregister_ram(&pdev->rom, &pdev->qdev); memory_region_destroy(&pdev->rom); pdev->has_rom = false; } diff --git a/hw/petalogix_ml605_mmu.c b/hw/petalogix_ml605_mmu.c index fb4ba29bf8..98978f89b6 100644 --- a/hw/petalogix_ml605_mmu.c +++ b/hw/petalogix_ml605_mmu.c @@ -162,11 +162,13 @@ petalogix_ml605_init(ram_addr_t ram_size, qemu_register_reset(main_cpu_reset, env); /* Attach emulated BRAM through the LMB. */ - memory_region_init_ram(phys_lmb_bram, NULL, "petalogix_ml605.lmb_bram", + memory_region_init_ram(phys_lmb_bram, "petalogix_ml605.lmb_bram", LMB_BRAM_SIZE); + vmstate_register_ram_global(phys_lmb_bram); memory_region_add_subregion(address_space_mem, 0x00000000, phys_lmb_bram); - memory_region_init_ram(phys_ram, NULL, "petalogix_ml605.ram", ram_size); + memory_region_init_ram(phys_ram, "petalogix_ml605.ram", ram_size); + vmstate_register_ram_global(phys_ram); memory_region_add_subregion(address_space_mem, ddr_base, phys_ram); dinfo = drive_get(IF_PFLASH, 0, 0); diff --git a/hw/petalogix_s3adsp1800_mmu.c b/hw/petalogix_s3adsp1800_mmu.c index 17da2fd87c..d448a41f68 100644 --- a/hw/petalogix_s3adsp1800_mmu.c +++ b/hw/petalogix_s3adsp1800_mmu.c @@ -141,12 +141,13 @@ petalogix_s3adsp1800_init(ram_addr_t ram_size, qemu_register_reset(main_cpu_reset, env); /* Attach emulated BRAM through the LMB. */ - memory_region_init_ram(phys_lmb_bram, NULL, + memory_region_init_ram(phys_lmb_bram, "petalogix_s3adsp1800.lmb_bram", LMB_BRAM_SIZE); + vmstate_register_ram_global(phys_lmb_bram); memory_region_add_subregion(sysmem, 0x00000000, phys_lmb_bram); - memory_region_init_ram(phys_ram, NULL, "petalogix_s3adsp1800.ram", - ram_size); + memory_region_init_ram(phys_ram, "petalogix_s3adsp1800.ram", ram_size); + vmstate_register_ram_global(phys_ram); memory_region_add_subregion(sysmem, ddr_base, phys_ram); dinfo = drive_get(IF_PFLASH, 0, 0); diff --git a/hw/pflash_cfi01.c b/hw/pflash_cfi01.c index 69b8e3d539..ee0c3baab1 100644 --- a/hw/pflash_cfi01.c +++ b/hw/pflash_cfi01.c @@ -589,7 +589,8 @@ pflash_t *pflash_cfi01_register(target_phys_addr_t base, memory_region_init_rom_device( &pfl->mem, be ? &pflash_cfi01_ops_be : &pflash_cfi01_ops_le, pfl, - qdev, name, size); + name, size); + vmstate_register_ram(&pfl->mem, qdev); pfl->storage = memory_region_get_ram_ptr(&pfl->mem); memory_region_add_subregion(get_system_memory(), base, &pfl->mem); @@ -599,6 +600,7 @@ pflash_t *pflash_cfi01_register(target_phys_addr_t base, ret = bdrv_read(pfl->bs, 0, pfl->storage, total_len >> 9); if (ret < 0) { memory_region_del_subregion(get_system_memory(), &pfl->mem); + vmstate_unregister_ram(&pfl->mem, qdev); memory_region_destroy(&pfl->mem); g_free(pfl); return NULL; diff --git a/hw/pflash_cfi02.c b/hw/pflash_cfi02.c index e5a63da595..a9e88b9b3c 100644 --- a/hw/pflash_cfi02.c +++ b/hw/pflash_cfi02.c @@ -628,7 +628,8 @@ pflash_t *pflash_cfi02_register(target_phys_addr_t base, pfl = g_malloc0(sizeof(pflash_t)); memory_region_init_rom_device( &pfl->orig_mem, be ? &pflash_cfi02_ops_be : &pflash_cfi02_ops_le, pfl, - qdev, name, size); + name, size); + vmstate_register_ram(&pfl->orig_mem, qdev); pfl->storage = memory_region_get_ram_ptr(&pfl->orig_mem); pfl->base = base; pfl->chip_len = chip_len; diff --git a/hw/pl110.c b/hw/pl110.c index 303a9bcdbd..0e1f415aeb 100644 --- a/hw/pl110.c +++ b/hw/pl110.c @@ -60,10 +60,13 @@ typedef struct { qemu_irq irq; } pl110_state; +static int vmstate_pl110_post_load(void *opaque, int version_id); + static const VMStateDescription vmstate_pl110 = { .name = "pl110", .version_id = 2, .minimum_version_id = 1, + .post_load = vmstate_pl110_post_load, .fields = (VMStateField[]) { VMSTATE_INT32(version, pl110_state), VMSTATE_UINT32_ARRAY(timing, pl110_state, 4), @@ -430,6 +433,14 @@ static void pl110_mux_ctrl_set(void *opaque, int line, int level) s->mux_ctrl = level; } +static int vmstate_pl110_post_load(void *opaque, int version_id) +{ + pl110_state *s = opaque; + /* Make sure we redraw, and at the right size */ + pl110_invalidate_display(s); + return 0; +} + static int pl110_init(SysBusDevice *dev) { pl110_state *s = FROM_SYSBUS(pl110_state, dev); diff --git a/hw/pl181.c b/hw/pl181.c index d05bc191be..b79aa418fa 100644 --- a/hw/pl181.c +++ b/hw/pl181.c @@ -38,20 +38,45 @@ typedef struct { uint32_t datacnt; uint32_t status; uint32_t mask[2]; - int fifo_pos; - int fifo_len; + int32_t fifo_pos; + int32_t fifo_len; /* The linux 2.6.21 driver is buggy, and misbehaves if new data arrives while it is reading the FIFO. We hack around this be defering subsequent transfers until after the driver polls the status word. http://www.arm.linux.org.uk/developer/patches/viewpatch.php?id=4446/1 */ - int linux_hack; + int32_t linux_hack; uint32_t fifo[PL181_FIFO_LEN]; qemu_irq irq[2]; /* GPIO outputs for 'card is readonly' and 'card inserted' */ qemu_irq cardstatus[2]; } pl181_state; +static const VMStateDescription vmstate_pl181 = { + .name = "pl181", + .version_id = 1, + .minimum_version_id = 1, + .fields = (VMStateField[]) { + VMSTATE_UINT32(clock, pl181_state), + VMSTATE_UINT32(power, pl181_state), + VMSTATE_UINT32(cmdarg, pl181_state), + VMSTATE_UINT32(cmd, pl181_state), + VMSTATE_UINT32(datatimer, pl181_state), + VMSTATE_UINT32(datalength, pl181_state), + VMSTATE_UINT32(respcmd, pl181_state), + VMSTATE_UINT32_ARRAY(response, pl181_state, 4), + VMSTATE_UINT32(datactrl, pl181_state), + VMSTATE_UINT32(datacnt, pl181_state), + VMSTATE_UINT32(status, pl181_state), + VMSTATE_UINT32_ARRAY(mask, pl181_state, 2), + VMSTATE_INT32(fifo_pos, pl181_state), + VMSTATE_INT32(fifo_len, pl181_state), + VMSTATE_INT32(linux_hack, pl181_state), + VMSTATE_UINT32_ARRAY(fifo, pl181_state, PL181_FIFO_LEN), + VMSTATE_END_OF_LIST() + } +}; + #define PL181_CMD_INDEX 0x3f #define PL181_CMD_RESPONSE (1 << 6) #define PL181_CMD_LONGRESP (1 << 7) @@ -420,9 +445,9 @@ static const MemoryRegionOps pl181_ops = { .endianness = DEVICE_NATIVE_ENDIAN, }; -static void pl181_reset(void *opaque) +static void pl181_reset(DeviceState *d) { - pl181_state *s = (pl181_state *)opaque; + pl181_state *s = DO_UPCAST(pl181_state, busdev.qdev, d); s->power = 0; s->cmdarg = 0; @@ -459,15 +484,21 @@ static int pl181_init(SysBusDevice *dev) qdev_init_gpio_out(&s->busdev.qdev, s->cardstatus, 2); dinfo = drive_get_next(IF_SD); s->card = sd_init(dinfo ? dinfo->bdrv : NULL, 0); - qemu_register_reset(pl181_reset, s); - pl181_reset(s); - /* ??? Save/restore. */ return 0; } +static SysBusDeviceInfo pl181_info = { + .init = pl181_init, + .qdev.name = "pl181", + .qdev.size = sizeof(pl181_state), + .qdev.vmsd = &vmstate_pl181, + .qdev.reset = pl181_reset, + .qdev.no_user = 1, +}; + static void pl181_register_devices(void) { - sysbus_register_dev("pl181", sizeof(pl181_state), pl181_init); + sysbus_register_withprop(&pl181_info); } device_init(pl181_register_devices) diff --git a/hw/ppc405_boards.c b/hw/ppc405_boards.c index 672e9347ac..476775d05b 100644 --- a/hw/ppc405_boards.c +++ b/hw/ppc405_boards.c @@ -198,7 +198,8 @@ static void ref405ep_init (ram_addr_t ram_size, MemoryRegion *sysmem = get_system_memory(); /* XXX: fix this */ - memory_region_init_ram(&ram_memories[0], NULL, "ef405ep.ram", 0x08000000); + memory_region_init_ram(&ram_memories[0], "ef405ep.ram", 0x08000000); + vmstate_register_ram_global(&ram_memories[0]); ram_bases[0] = 0; ram_sizes[0] = 0x08000000; memory_region_init(&ram_memories[1], "ef405ep.ram1", 0); @@ -212,7 +213,8 @@ static void ref405ep_init (ram_addr_t ram_size, 33333333, &pic, kernel_filename == NULL ? 0 : 1); /* allocate SRAM */ sram_size = 512 * 1024; - memory_region_init_ram(sram, NULL, "ef405ep.sram", sram_size); + memory_region_init_ram(sram, "ef405ep.sram", sram_size); + vmstate_register_ram_global(sram); memory_region_add_subregion(sysmem, 0xFFF00000, sram); /* allocate and load BIOS */ #ifdef DEBUG_BOARD_INIT @@ -243,7 +245,8 @@ static void ref405ep_init (ram_addr_t ram_size, printf("Load BIOS from file\n"); #endif bios = g_new(MemoryRegion, 1); - memory_region_init_ram(bios, NULL, "ef405ep.bios", BIOS_SIZE); + memory_region_init_ram(bios, "ef405ep.bios", BIOS_SIZE); + vmstate_register_ram_global(bios); if (bios_name == NULL) bios_name = BIOS_FILENAME; filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name); @@ -513,12 +516,14 @@ static void taihu_405ep_init(ram_addr_t ram_size, DriveInfo *dinfo; /* RAM is soldered to the board so the size cannot be changed */ - memory_region_init_ram(&ram_memories[0], NULL, + memory_region_init_ram(&ram_memories[0], "taihu_405ep.ram-0", 0x04000000); + vmstate_register_ram_global(&ram_memories[0]); ram_bases[0] = 0; ram_sizes[0] = 0x04000000; - memory_region_init_ram(&ram_memories[1], NULL, + memory_region_init_ram(&ram_memories[1], "taihu_405ep.ram-1", 0x04000000); + vmstate_register_ram_global(&ram_memories[1]); ram_bases[1] = 0x04000000; ram_sizes[1] = 0x04000000; ram_size = 0x08000000; @@ -560,7 +565,8 @@ static void taihu_405ep_init(ram_addr_t ram_size, if (bios_name == NULL) bios_name = BIOS_FILENAME; bios = g_new(MemoryRegion, 1); - memory_region_init_ram(bios, NULL, "taihu_405ep.bios", BIOS_SIZE); + memory_region_init_ram(bios, "taihu_405ep.bios", BIOS_SIZE); + vmstate_register_ram_global(bios); filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name); if (filename) { bios_size = load_image(filename, memory_region_get_ram_ptr(bios)); diff --git a/hw/ppc405_uc.c b/hw/ppc405_uc.c index a6e7431882..98079fa23f 100644 --- a/hw/ppc405_uc.c +++ b/hw/ppc405_uc.c @@ -966,7 +966,8 @@ static void ppc405_ocm_init(CPUState *env) ocm = g_malloc0(sizeof(ppc405_ocm_t)); /* XXX: Size is 4096 or 0x04000000 */ - memory_region_init_ram(&ocm->isarc_ram, NULL, "ppc405.ocm", 4096); + memory_region_init_ram(&ocm->isarc_ram, "ppc405.ocm", 4096); + vmstate_register_ram_global(&ocm->isarc_ram); memory_region_init_alias(&ocm->dsarc_ram, "ppc405.dsarc", &ocm->isarc_ram, 0, 4096); qemu_register_reset(&ocm_reset, ocm); diff --git a/hw/ppc4xx_devs.c b/hw/ppc4xx_devs.c index d18caa4192..26040ac3ad 100644 --- a/hw/ppc4xx_devs.c +++ b/hw/ppc4xx_devs.c @@ -686,7 +686,8 @@ ram_addr_t ppc4xx_sdram_adjust(ram_addr_t ram_size, int nr_banks, if (bank_size <= size_left) { char name[32]; snprintf(name, sizeof(name), "ppc4xx.sdram%d", i); - memory_region_init_ram(&ram_memories[i], NULL, name, bank_size); + memory_region_init_ram(&ram_memories[i], name, bank_size); + vmstate_register_ram_global(&ram_memories[i]); ram_bases[i] = base; ram_sizes[i] = bank_size; base += ram_size; diff --git a/hw/ppc_newworld.c b/hw/ppc_newworld.c index 8c84f9e9a5..a746c9c3c6 100644 --- a/hw/ppc_newworld.c +++ b/hw/ppc_newworld.c @@ -171,11 +171,13 @@ static void ppc_core99_init (ram_addr_t ram_size, } /* allocate RAM */ - memory_region_init_ram(ram, NULL, "ppc_core99.ram", ram_size); + memory_region_init_ram(ram, "ppc_core99.ram", ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(get_system_memory(), 0, ram); /* allocate and load BIOS */ - memory_region_init_ram(bios, NULL, "ppc_core99.bios", BIOS_SIZE); + memory_region_init_ram(bios, "ppc_core99.bios", BIOS_SIZE); + vmstate_register_ram_global(bios); if (bios_name == NULL) bios_name = PROM_FILENAME; filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name); diff --git a/hw/ppc_oldworld.c b/hw/ppc_oldworld.c index aac3526f55..9295a34f59 100644 --- a/hw/ppc_oldworld.c +++ b/hw/ppc_oldworld.c @@ -116,11 +116,13 @@ static void ppc_heathrow_init (ram_addr_t ram_size, exit(1); } - memory_region_init_ram(ram, NULL, "ppc_heathrow.ram", ram_size); + memory_region_init_ram(ram, "ppc_heathrow.ram", ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(sysmem, 0, ram); /* allocate and load BIOS */ - memory_region_init_ram(bios, NULL, "ppc_heathrow.bios", BIOS_SIZE); + memory_region_init_ram(bios, "ppc_heathrow.bios", BIOS_SIZE); + vmstate_register_ram_global(bios); if (bios_name == NULL) bios_name = PROM_FILENAME; filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name); diff --git a/hw/ppc_prep.c b/hw/ppc_prep.c index a7d73bfcc7..47dab3f184 100644 --- a/hw/ppc_prep.c +++ b/hw/ppc_prep.c @@ -554,11 +554,13 @@ static void ppc_prep_init (ram_addr_t ram_size, } /* allocate RAM */ - memory_region_init_ram(ram, NULL, "ppc_prep.ram", ram_size); + memory_region_init_ram(ram, "ppc_prep.ram", ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(sysmem, 0, ram); /* allocate and load BIOS */ - memory_region_init_ram(bios, NULL, "ppc_prep.bios", BIOS_SIZE); + memory_region_init_ram(bios, "ppc_prep.bios", BIOS_SIZE); + vmstate_register_ram_global(bios); if (bios_name == NULL) bios_name = BIOS_FILENAME; filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name); diff --git a/hw/ppce500_mpc8544ds.c b/hw/ppce500_mpc8544ds.c index 51b6abddd3..d69f78cf33 100644 --- a/hw/ppce500_mpc8544ds.c +++ b/hw/ppce500_mpc8544ds.c @@ -292,7 +292,8 @@ static void mpc8544ds_init(ram_addr_t ram_size, ram_size &= ~(RAM_SIZES_ALIGN - 1); /* Register Memory */ - memory_region_init_ram(ram, NULL, "mpc8544ds.ram", ram_size); + memory_region_init_ram(ram, "mpc8544ds.ram", ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(address_space_mem, 0, ram); /* MPIC */ diff --git a/hw/ppce500_spin.c b/hw/ppce500_spin.c index df74953874..e7b1453855 100644 --- a/hw/ppce500_spin.c +++ b/hw/ppce500_spin.c @@ -112,6 +112,7 @@ static void spin_kick(void *data) env->halted = 0; env->exception_index = -1; + env->stopped = 0; qemu_cpu_kick(env); } diff --git a/hw/pxa2xx.c b/hw/pxa2xx.c index bd177b76d4..6ddd5005de 100644 --- a/hw/pxa2xx.c +++ b/hw/pxa2xx.c @@ -2046,9 +2046,11 @@ PXA2xxState *pxa270_init(MemoryRegion *address_space, s->reset = qemu_allocate_irqs(pxa2xx_reset, s, 1)[0]; /* SDRAM & Internal Memory Storage */ - memory_region_init_ram(&s->sdram, NULL, "pxa270.sdram", sdram_size); + memory_region_init_ram(&s->sdram, "pxa270.sdram", sdram_size); + vmstate_register_ram_global(&s->sdram); memory_region_add_subregion(address_space, PXA2XX_SDRAM_BASE, &s->sdram); - memory_region_init_ram(&s->internal, NULL, "pxa270.internal", 0x40000); + memory_region_init_ram(&s->internal, "pxa270.internal", 0x40000); + vmstate_register_ram_global(&s->internal); memory_region_add_subregion(address_space, PXA2XX_INTERNAL_BASE, &s->internal); @@ -2175,10 +2177,12 @@ PXA2xxState *pxa255_init(MemoryRegion *address_space, unsigned int sdram_size) s->reset = qemu_allocate_irqs(pxa2xx_reset, s, 1)[0]; /* SDRAM & Internal Memory Storage */ - memory_region_init_ram(&s->sdram, NULL, "pxa255.sdram", sdram_size); + memory_region_init_ram(&s->sdram, "pxa255.sdram", sdram_size); + vmstate_register_ram_global(&s->sdram); memory_region_add_subregion(address_space, PXA2XX_SDRAM_BASE, &s->sdram); - memory_region_init_ram(&s->internal, NULL, "pxa255.internal", + memory_region_init_ram(&s->internal, "pxa255.internal", PXA2XX_INTERNAL_SIZE); + vmstate_register_ram_global(&s->internal); memory_region_add_subregion(address_space, PXA2XX_INTERNAL_BASE, &s->internal); diff --git a/hw/qxl.c b/hw/qxl.c index 41500e9ea4..ac819271b2 100644 --- a/hw/qxl.c +++ b/hw/qxl.c @@ -1554,8 +1554,8 @@ static int qxl_init_common(PCIQXLDevice *qxl) pci_set_byte(&config[PCI_INTERRUPT_PIN], 1); qxl->rom_size = qxl_rom_size(); - memory_region_init_ram(&qxl->rom_bar, &qxl->pci.qdev, "qxl.vrom", - qxl->rom_size); + memory_region_init_ram(&qxl->rom_bar, "qxl.vrom", qxl->rom_size); + vmstate_register_ram(&qxl->rom_bar, &qxl->pci.qdev); init_qxl_rom(qxl); init_qxl_ram(qxl); @@ -1566,8 +1566,8 @@ static int qxl_init_common(PCIQXLDevice *qxl) qxl->vram_size = 4096; } qxl->vram_size = msb_mask(qxl->vram_size * 2 - 1); - memory_region_init_ram(&qxl->vram_bar, &qxl->pci.qdev, "qxl.vram", - qxl->vram_size); + memory_region_init_ram(&qxl->vram_bar, "qxl.vram", qxl->vram_size); + vmstate_register_ram(&qxl->vram_bar, &qxl->pci.qdev); io_size = msb_mask(QXL_IO_RANGE_SIZE * 2 - 1); if (qxl->revision == 1) { @@ -1643,8 +1643,8 @@ static int qxl_init_secondary(PCIDevice *dev) ram_size = 16 * 1024 * 1024; } qxl->vga.vram_size = ram_size; - memory_region_init_ram(&qxl->vga.vram, &qxl->pci.qdev, "qxl.vgavram", - qxl->vga.vram_size); + memory_region_init_ram(&qxl->vga.vram, "qxl.vgavram", qxl->vga.vram_size); + vmstate_register_ram(&qxl->vga.vram, &qxl->pci.qdev); qxl->vga.vram_ptr = memory_region_get_ram_ptr(&qxl->vga.vram); return qxl_init_common(qxl); diff --git a/hw/r2d.c b/hw/r2d.c index 6e1f71c176..c80f9e3a29 100644 --- a/hw/r2d.c +++ b/hw/r2d.c @@ -249,7 +249,8 @@ static void r2d_init(ram_addr_t ram_size, qemu_register_reset(main_cpu_reset, reset_info); /* Allocate memory space */ - memory_region_init_ram(sdram, NULL, "r2d.sdram", SDRAM_SIZE); + memory_region_init_ram(sdram, "r2d.sdram", SDRAM_SIZE); + vmstate_register_ram_global(sdram); memory_region_add_subregion(address_space_mem, SDRAM_BASE, sdram); /* Register peripherals */ s = sh7750_init(env, address_space_mem); diff --git a/hw/realview.c b/hw/realview.c index 750a279b76..d4191e91c8 100644 --- a/hw/realview.c +++ b/hw/realview.c @@ -183,11 +183,13 @@ static void realview_init(ram_addr_t ram_size, /* Core tile RAM. */ low_ram_size = ram_size - 0x20000000; ram_size = 0x20000000; - memory_region_init_ram(ram_lo, NULL, "realview.lowmem", low_ram_size); + memory_region_init_ram(ram_lo, "realview.lowmem", low_ram_size); + vmstate_register_ram_global(ram_lo); memory_region_add_subregion(sysmem, 0x20000000, ram_lo); } - memory_region_init_ram(ram_hi, NULL, "realview.highmem", ram_size); + memory_region_init_ram(ram_hi, "realview.highmem", ram_size); + vmstate_register_ram_global(ram_hi); low_ram_size = ram_size; if (low_ram_size > 0x10000000) low_ram_size = 0x10000000; @@ -377,7 +379,8 @@ static void realview_init(ram_addr_t ram_size, startup code. I guess this works on real hardware because the BootROM happens to be in ROM/flash or in memory that isn't clobbered until after Linux boots the secondary CPUs. */ - memory_region_init_ram(ram_hack, NULL, "realview.hack", 0x1000); + memory_region_init_ram(ram_hack, "realview.hack", 0x1000); + vmstate_register_ram_global(ram_hack); memory_region_add_subregion(sysmem, SMP_BOOT_ADDR, ram_hack); realview_binfo.ram_size = ram_size; diff --git a/hw/s390-virtio.c b/hw/s390-virtio.c index 61b67e8c3a..2210b8ac7e 100644 --- a/hw/s390-virtio.c +++ b/hw/s390-virtio.c @@ -184,7 +184,8 @@ static void s390_init(ram_addr_t my_ram_size, s390_bus = s390_virtio_bus_init(&my_ram_size); /* allocate RAM */ - memory_region_init_ram(ram, NULL, "s390.ram", my_ram_size); + memory_region_init_ram(ram, "s390.ram", my_ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(sysmem, 0, ram); /* clear virtio region */ diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c index 505accdde5..5d8bf53586 100644 --- a/hw/scsi-disk.c +++ b/hw/scsi-disk.c @@ -1515,7 +1515,7 @@ static int scsi_initfn(SCSIDevice *dev) DriveInfo *dinfo; if (!s->qdev.conf.bs) { - error_report("scsi-disk: drive property not set"); + error_report("drive property not set"); return -1; } @@ -1537,7 +1537,7 @@ static int scsi_initfn(SCSIDevice *dev) } if (bdrv_is_sg(s->qdev.conf.bs)) { - error_report("scsi-disk: unwanted /dev/sg*"); + error_report("unwanted /dev/sg*"); return -1; } diff --git a/hw/scsi-generic.c b/hw/scsi-generic.c index 6f7d3db775..0aebcddf6e 100644 --- a/hw/scsi-generic.c +++ b/hw/scsi-generic.c @@ -374,13 +374,13 @@ static int scsi_generic_initfn(SCSIDevice *s) struct sg_scsi_id scsiid; if (!s->conf.bs) { - error_report("scsi-generic: drive property not set"); + error_report("drive property not set"); return -1; } /* check we are really using a /dev/sg* file */ if (!bdrv_is_sg(s->conf.bs)) { - error_report("scsi-generic: not /dev/sg*"); + error_report("not /dev/sg*"); return -1; } @@ -396,13 +396,13 @@ static int scsi_generic_initfn(SCSIDevice *s) /* check we are using a driver managing SG_IO (version 3 and after */ if (bdrv_ioctl(s->conf.bs, SG_GET_VERSION_NUM, &sg_version) < 0 || sg_version < 30000) { - error_report("scsi-generic: scsi generic interface too old"); + error_report("scsi generic interface too old"); return -1; } /* get LUN of the /dev/sg? */ if (bdrv_ioctl(s->conf.bs, SG_GET_SCSI_ID, &scsiid)) { - error_report("scsi-generic: SG_GET_SCSI_ID ioctl failed"); + error_report("SG_GET_SCSI_ID ioctl failed"); return -1; } diff --git a/hw/shix.c b/hw/shix.c index e0c2200777..e259c17c52 100644 --- a/hw/shix.c +++ b/hw/shix.c @@ -57,14 +57,17 @@ static void shix_init(ram_addr_t ram_size, /* Allocate memory space */ printf("Allocating ROM\n"); - memory_region_init_ram(rom, NULL, "shix.rom", 0x4000); + memory_region_init_ram(rom, "shix.rom", 0x4000); + vmstate_register_ram_global(rom); memory_region_set_readonly(rom, true); memory_region_add_subregion(sysmem, 0x00000000, rom); printf("Allocating SDRAM 1\n"); - memory_region_init_ram(&sdram[0], NULL, "shix.sdram1", 0x01000000); + memory_region_init_ram(&sdram[0], "shix.sdram1", 0x01000000); + vmstate_register_ram_global(&sdram[0]); memory_region_add_subregion(sysmem, 0x08000000, &sdram[0]); printf("Allocating SDRAM 2\n"); - memory_region_init_ram(&sdram[1], NULL, "shix.sdram2", 0x01000000); + memory_region_init_ram(&sdram[1], "shix.sdram2", 0x01000000); + vmstate_register_ram_global(&sdram[1]); memory_region_add_subregion(sysmem, 0x0c000000, &sdram[1]); /* Load BIOS in 0 (and access it through P2, 0xA0000000) */ diff --git a/hw/sm501.c b/hw/sm501.c index 297bc9c318..09c5894cf9 100644 --- a/hw/sm501.c +++ b/hw/sm501.c @@ -593,7 +593,7 @@ static inline uint32_t get_hwc_x(SM501State *state, int crt) */ static inline uint16_t get_hwc_color(SM501State *state, int crt, int index) { - uint16_t color_reg = 0; + uint32_t color_reg = 0; uint16_t color_565 = 0; if (index == 0) { @@ -1405,8 +1405,9 @@ void sm501_init(MemoryRegion *address_space_mem, uint32_t base, s->dc_crt_control = 0x00010000; /* allocate local memory */ - memory_region_init_ram(&s->local_mem_region, NULL, "sm501.local", + memory_region_init_ram(&s->local_mem_region, "sm501.local", local_mem_bytes); + vmstate_register_ram_global(&s->local_mem_region); s->local_mem = memory_region_get_ram_ptr(&s->local_mem_region); memory_region_add_subregion(address_space_mem, base, &s->local_mem_region); diff --git a/hw/spapr.c b/hw/spapr.c index 2b901f105e..0e1f80dfdc 100644 --- a/hw/spapr.c +++ b/hw/spapr.c @@ -97,6 +97,44 @@ qemu_irq spapr_allocate_irq(uint32_t hint, uint32_t *irq_num) return qirq; } +static int spapr_set_associativity(void *fdt, sPAPREnvironment *spapr) +{ + int ret = 0, offset; + CPUState *env; + char cpu_model[32]; + int smt = kvmppc_smt_threads(); + + assert(spapr->cpu_model); + + for (env = first_cpu; env != NULL; env = env->next_cpu) { + uint32_t associativity[] = {cpu_to_be32(0x5), + cpu_to_be32(0x0), + cpu_to_be32(0x0), + cpu_to_be32(0x0), + cpu_to_be32(env->numa_node), + cpu_to_be32(env->cpu_index)}; + + if ((env->cpu_index % smt) != 0) { + continue; + } + + snprintf(cpu_model, 32, "/cpus/%s@%x", spapr->cpu_model, + env->cpu_index); + + offset = fdt_path_offset(fdt, cpu_model); + if (offset < 0) { + return offset; + } + + ret = fdt_setprop(fdt, offset, "ibm,associativity", associativity, + sizeof(associativity)); + if (ret < 0) { + return ret; + } + } + return ret; +} + static void *spapr_create_fdt_skel(const char *cpu_model, target_phys_addr_t rma_size, target_phys_addr_t initrd_base, @@ -107,9 +145,7 @@ static void *spapr_create_fdt_skel(const char *cpu_model, { void *fdt; CPUState *env; - uint64_t mem_reg_property_rma[] = { 0, cpu_to_be64(rma_size) }; - uint64_t mem_reg_property_nonrma[] = { cpu_to_be64(rma_size), - cpu_to_be64(ram_size - rma_size) }; + uint64_t mem_reg_property[2]; uint32_t start_prop = cpu_to_be32(initrd_base); uint32_t end_prop = cpu_to_be32(initrd_base + initrd_size); uint32_t pft_size_prop[] = {0, cpu_to_be32(hash_shift)}; @@ -119,6 +155,13 @@ static void *spapr_create_fdt_skel(const char *cpu_model, int i; char *modelname; int smt = kvmppc_smt_threads(); + unsigned char vec5[] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x80}; + uint32_t refpoints[] = {cpu_to_be32(0x4), cpu_to_be32(0x4)}; + uint32_t associativity[] = {cpu_to_be32(0x4), cpu_to_be32(0x0), + cpu_to_be32(0x0), cpu_to_be32(0x0), + cpu_to_be32(0x0)}; + char mem_name[32]; + target_phys_addr_t node0_size, mem_start; #define _FDT(exp) \ do { \ @@ -146,6 +189,9 @@ static void *spapr_create_fdt_skel(const char *cpu_model, /* /chosen */ _FDT((fdt_begin_node(fdt, "chosen"))); + /* Set Form1_affinity */ + _FDT((fdt_property(fdt, "ibm,architecture-vec-5", vec5, sizeof(vec5)))); + _FDT((fdt_property_string(fdt, "bootargs", kernel_cmdline))); _FDT((fdt_property(fdt, "linux,initrd-start", &start_prop, sizeof(start_prop)))); @@ -164,24 +210,54 @@ static void *spapr_create_fdt_skel(const char *cpu_model, _FDT((fdt_end_node(fdt))); /* memory node(s) */ - _FDT((fdt_begin_node(fdt, "memory@0"))); + node0_size = (nb_numa_nodes > 1) ? node_mem[0] : ram_size; + if (rma_size > node0_size) { + rma_size = node0_size; + } + /* RMA */ + mem_reg_property[0] = 0; + mem_reg_property[1] = cpu_to_be64(rma_size); + _FDT((fdt_begin_node(fdt, "memory@0"))); _FDT((fdt_property_string(fdt, "device_type", "memory"))); - _FDT((fdt_property(fdt, "reg", mem_reg_property_rma, - sizeof(mem_reg_property_rma)))); + _FDT((fdt_property(fdt, "reg", mem_reg_property, + sizeof(mem_reg_property)))); + _FDT((fdt_property(fdt, "ibm,associativity", associativity, + sizeof(associativity)))); _FDT((fdt_end_node(fdt))); - if (ram_size > rma_size) { - char mem_name[32]; + /* RAM: Node 0 */ + if (node0_size > rma_size) { + mem_reg_property[0] = cpu_to_be64(rma_size); + mem_reg_property[1] = cpu_to_be64(node0_size - rma_size); - sprintf(mem_name, "memory@%" PRIx64, (uint64_t)rma_size); + sprintf(mem_name, "memory@" TARGET_FMT_lx, rma_size); _FDT((fdt_begin_node(fdt, mem_name))); _FDT((fdt_property_string(fdt, "device_type", "memory"))); - _FDT((fdt_property(fdt, "reg", mem_reg_property_nonrma, - sizeof(mem_reg_property_nonrma)))); + _FDT((fdt_property(fdt, "reg", mem_reg_property, + sizeof(mem_reg_property)))); + _FDT((fdt_property(fdt, "ibm,associativity", associativity, + sizeof(associativity)))); _FDT((fdt_end_node(fdt))); } + /* RAM: Node 1 and beyond */ + mem_start = node0_size; + for (i = 1; i < nb_numa_nodes; i++) { + mem_reg_property[0] = cpu_to_be64(mem_start); + mem_reg_property[1] = cpu_to_be64(node_mem[i]); + associativity[3] = associativity[4] = cpu_to_be32(i); + sprintf(mem_name, "memory@" TARGET_FMT_lx, mem_start); + _FDT((fdt_begin_node(fdt, mem_name))); + _FDT((fdt_property_string(fdt, "device_type", "memory"))); + _FDT((fdt_property(fdt, "reg", mem_reg_property, + sizeof(mem_reg_property)))); + _FDT((fdt_property(fdt, "ibm,associativity", associativity, + sizeof(associativity)))); + _FDT((fdt_end_node(fdt))); + mem_start += node_mem[i]; + } + /* cpus */ _FDT((fdt_begin_node(fdt, "cpus"))); @@ -194,6 +270,9 @@ static void *spapr_create_fdt_skel(const char *cpu_model, modelname[i] = toupper(modelname[i]); } + /* This is needed during FDT finalization */ + spapr->cpu_model = g_strdup(modelname); + for (env = first_cpu; env != NULL; env = env->next_cpu) { int index = env->cpu_index; uint32_t servers_prop[smp_threads]; @@ -280,6 +359,9 @@ static void *spapr_create_fdt_skel(const char *cpu_model, _FDT((fdt_property(fdt, "ibm,hypertas-functions", hypertas_prop, sizeof(hypertas_prop)))); + _FDT((fdt_property(fdt, "ibm,associativity-reference-points", + refpoints, sizeof(refpoints)))); + _FDT((fdt_end_node(fdt))); /* interrupt controller */ @@ -351,6 +433,16 @@ static void spapr_finalize_fdt(sPAPREnvironment *spapr, fprintf(stderr, "Couldn't set up RTAS device tree properties\n"); } + /* Advertise NUMA via ibm,associativity */ + if (nb_numa_nodes > 1) { + ret = spapr_set_associativity(fdt, spapr); + if (ret < 0) { + fprintf(stderr, "Couldn't set up NUMA device tree properties\n"); + } + } + + spapr_populate_chosen_stdout(fdt, spapr->vio_bus); + _FDT((fdt_pack(fdt))); cpu_physical_memory_write(fdt_addr, fdt, fdt_totalsize(fdt)); @@ -457,7 +549,8 @@ static void ppc_spapr_init(ram_addr_t ram_size, ram_addr_t nonrma_base = rma_alloc_size; ram_addr_t nonrma_size = spapr->ram_limit - rma_alloc_size; - memory_region_init_ram(ram, NULL, "ppc_spapr.ram", nonrma_size); + memory_region_init_ram(ram, "ppc_spapr.ram", nonrma_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(sysmem, nonrma_base, ram); } diff --git a/hw/spapr.h b/hw/spapr.h index d624841362..e946a3433e 100644 --- a/hw/spapr.h +++ b/hw/spapr.h @@ -21,6 +21,7 @@ typedef struct sPAPREnvironment { target_ulong entry_point; int next_irq; int rtc_offset; + char *cpu_model; } sPAPREnvironment; #define H_SUCCESS 0 diff --git a/hw/spapr_llan.c b/hw/spapr_llan.c index abe12973e6..45674c4cb9 100644 --- a/hw/spapr_llan.c +++ b/hw/spapr_llan.c @@ -474,16 +474,6 @@ static target_ulong h_multicast_ctrl(CPUState *env, sPAPREnvironment *spapr, return H_SUCCESS; } -static void vlan_hcalls(VIOsPAPRBus *bus) -{ - spapr_register_hypercall(H_REGISTER_LOGICAL_LAN, h_register_logical_lan); - spapr_register_hypercall(H_FREE_LOGICAL_LAN, h_free_logical_lan); - spapr_register_hypercall(H_SEND_LOGICAL_LAN, h_send_logical_lan); - spapr_register_hypercall(H_ADD_LOGICAL_LAN_BUFFER, - h_add_logical_lan_buffer); - spapr_register_hypercall(H_MULTICAST_CTRL, h_multicast_ctrl); -} - static VIOsPAPRDeviceInfo spapr_vlan = { .init = spapr_vlan_init, .devnode = spapr_vlan_devnode, @@ -491,7 +481,6 @@ static VIOsPAPRDeviceInfo spapr_vlan = { .dt_type = "network", .dt_compatible = "IBM,l-lan", .signal_mask = 0x1, - .hcalls = vlan_hcalls, .qdev.name = "spapr-vlan", .qdev.size = sizeof(VIOsPAPRVLANDevice), .qdev.props = (Property[]) { @@ -504,5 +493,11 @@ static VIOsPAPRDeviceInfo spapr_vlan = { static void spapr_vlan_register(void) { spapr_vio_bus_register_withprop(&spapr_vlan); + spapr_register_hypercall(H_REGISTER_LOGICAL_LAN, h_register_logical_lan); + spapr_register_hypercall(H_FREE_LOGICAL_LAN, h_free_logical_lan); + spapr_register_hypercall(H_SEND_LOGICAL_LAN, h_send_logical_lan); + spapr_register_hypercall(H_ADD_LOGICAL_LAN_BUFFER, + h_add_logical_lan_buffer); + spapr_register_hypercall(H_MULTICAST_CTRL, h_multicast_ctrl); } device_init(spapr_vlan_register); diff --git a/hw/spapr_vio.c b/hw/spapr_vio.c index 2dcc0361ed..7a86dc8d2c 100644 --- a/hw/spapr_vio.c +++ b/hw/spapr_vio.c @@ -621,11 +621,43 @@ static void rtas_quiesce(sPAPREnvironment *spapr, uint32_t token, rtas_st(rets, 0, 0); } +static int spapr_vio_check_reg(VIOsPAPRDevice *sdev, VIOsPAPRDeviceInfo *info) +{ + VIOsPAPRDevice *other_sdev; + DeviceState *qdev; + VIOsPAPRBus *sbus; + + sbus = DO_UPCAST(VIOsPAPRBus, bus, sdev->qdev.parent_bus); + + /* + * Check two device aren't given clashing addresses by the user (or some + * other mechanism). We have to open code this because we have to check + * for matches with devices other than us. + */ + QTAILQ_FOREACH(qdev, &sbus->bus.children, sibling) { + other_sdev = DO_UPCAST(VIOsPAPRDevice, qdev, qdev); + + if (other_sdev != sdev && other_sdev->reg == sdev->reg) { + fprintf(stderr, "vio: %s and %s devices conflict at address %#x\n", + info->qdev.name, other_sdev->qdev.info->name, sdev->reg); + return -EEXIST; + } + } + + return 0; +} + static int spapr_vio_busdev_init(DeviceState *qdev, DeviceInfo *qinfo) { VIOsPAPRDeviceInfo *info = (VIOsPAPRDeviceInfo *)qinfo; VIOsPAPRDevice *dev = (VIOsPAPRDevice *)qdev; char *id; + int ret; + + ret = spapr_vio_check_reg(dev, info); + if (ret) { + return ret; + } /* Don't overwrite ids assigned on the command line */ if (!dev->qdev.id) { @@ -684,7 +716,6 @@ VIOsPAPRBus *spapr_vio_bus_init(void) VIOsPAPRBus *bus; BusState *qbus; DeviceState *dev; - DeviceInfo *qinfo; /* Create bridge device */ dev = qdev_create(NULL, "spapr-vio-bridge"); @@ -711,18 +742,6 @@ VIOsPAPRBus *spapr_vio_bus_init(void) spapr_rtas_register("ibm,set-tce-bypass", rtas_set_tce_bypass); spapr_rtas_register("quiesce", rtas_quiesce); - for (qinfo = device_info_list; qinfo; qinfo = qinfo->next) { - VIOsPAPRDeviceInfo *info = (VIOsPAPRDeviceInfo *)qinfo; - - if (qinfo->bus_info != &spapr_vio_bus_info) { - continue; - } - - if (info->hcalls) { - info->hcalls(bus); - } - } - return bus; } @@ -749,21 +768,95 @@ static void spapr_vio_register_devices(void) device_init(spapr_vio_register_devices) #ifdef CONFIG_FDT +static int compare_reg(const void *p1, const void *p2) +{ + VIOsPAPRDevice const *dev1, *dev2; + + dev1 = (VIOsPAPRDevice *)*(DeviceState **)p1; + dev2 = (VIOsPAPRDevice *)*(DeviceState **)p2; + + if (dev1->reg < dev2->reg) { + return -1; + } + if (dev1->reg == dev2->reg) { + return 0; + } + + /* dev1->reg > dev2->reg */ + return 1; +} + int spapr_populate_vdevice(VIOsPAPRBus *bus, void *fdt) { - DeviceState *qdev; - int ret = 0; + DeviceState *qdev, **qdevs; + int i, num, ret = 0; + /* Count qdevs on the bus list */ + num = 0; QTAILQ_FOREACH(qdev, &bus->bus.children, sibling) { - VIOsPAPRDevice *dev = (VIOsPAPRDevice *)qdev; + num++; + } + + /* Copy out into an array of pointers */ + qdevs = g_malloc(sizeof(qdev) * num); + num = 0; + QTAILQ_FOREACH(qdev, &bus->bus.children, sibling) { + qdevs[num++] = qdev; + } + + /* Sort the array */ + qsort(qdevs, num, sizeof(qdev), compare_reg); + + /* Hack alert. Give the devices to libfdt in reverse order, we happen + * to know that will mean they are in forward order in the tree. */ + for (i = num - 1; i >= 0; i--) { + VIOsPAPRDevice *dev = (VIOsPAPRDevice *)(qdevs[i]); ret = vio_make_devnode(dev, fdt); if (ret < 0) { - return ret; + goto out; } } - return 0; + ret = 0; +out: + free(qdevs); + + return ret; +} + +int spapr_populate_chosen_stdout(void *fdt, VIOsPAPRBus *bus) +{ + VIOsPAPRDevice *dev; + char *name, *path; + int ret, offset; + + dev = spapr_vty_get_default(bus); + if (!dev) + return 0; + + offset = fdt_path_offset(fdt, "/chosen"); + if (offset < 0) { + return offset; + } + + name = vio_format_dev_name(dev); + if (!name) { + return -ENOMEM; + } + + if (asprintf(&path, "/vdevice/%s", name) < 0) { + path = NULL; + ret = -ENOMEM; + goto out; + } + + ret = fdt_setprop_string(fdt, offset, "linux,stdout-path", path); +out: + free(name); + free(path); + + return ret; } #endif /* CONFIG_FDT */ diff --git a/hw/spapr_vio.h b/hw/spapr_vio.h index a325a5f4b3..0984d559db 100644 --- a/hw/spapr_vio.h +++ b/hw/spapr_vio.h @@ -75,7 +75,6 @@ typedef struct { const char *dt_name, *dt_type, *dt_compatible; target_ulong signal_mask; int (*init)(VIOsPAPRDevice *dev); - void (*hcalls)(VIOsPAPRBus *bus); int (*devnode)(VIOsPAPRDevice *dev, void *fdt, int node_off); } VIOsPAPRDeviceInfo; @@ -83,6 +82,7 @@ extern VIOsPAPRBus *spapr_vio_bus_init(void); extern VIOsPAPRDevice *spapr_vio_find_by_reg(VIOsPAPRBus *bus, uint32_t reg); extern void spapr_vio_bus_register_withprop(VIOsPAPRDeviceInfo *info); extern int spapr_populate_vdevice(VIOsPAPRBus *bus, void *fdt); +extern int spapr_populate_chosen_stdout(void *fdt, VIOsPAPRBus *bus); extern int spapr_vio_signal(VIOsPAPRDevice *dev, target_ulong mode); @@ -108,6 +108,8 @@ void spapr_vty_create(VIOsPAPRBus *bus, uint32_t reg, CharDriverState *chardev); void spapr_vlan_create(VIOsPAPRBus *bus, uint32_t reg, NICInfo *nd); void spapr_vscsi_create(VIOsPAPRBus *bus, uint32_t reg); +VIOsPAPRDevice *spapr_vty_get_default(VIOsPAPRBus *bus); + int spapr_tce_set_bypass(uint32_t unit, uint32_t enable); void spapr_vio_quiesce(void); diff --git a/hw/spapr_vty.c b/hw/spapr_vty.c index f23cc36231..c5fb0968ed 100644 --- a/hw/spapr_vty.c +++ b/hw/spapr_vty.c @@ -135,18 +135,11 @@ void spapr_vty_create(VIOsPAPRBus *bus, uint32_t reg, CharDriverState *chardev) qdev_init_nofail(dev); } -static void vty_hcalls(VIOsPAPRBus *bus) -{ - spapr_register_hypercall(H_PUT_TERM_CHAR, h_put_term_char); - spapr_register_hypercall(H_GET_TERM_CHAR, h_get_term_char); -} - static VIOsPAPRDeviceInfo spapr_vty = { .init = spapr_vty_init, .dt_name = "vty", .dt_type = "serial", .dt_compatible = "hvterm1", - .hcalls = vty_hcalls, .qdev.name = "spapr-vty", .qdev.size = sizeof(VIOsPAPRVTYDevice), .qdev.props = (Property[]) { @@ -156,24 +149,53 @@ static VIOsPAPRDeviceInfo spapr_vty = { }, }; +VIOsPAPRDevice *spapr_vty_get_default(VIOsPAPRBus *bus) +{ + VIOsPAPRDevice *sdev, *selected; + DeviceState *iter; + + /* + * To avoid the console bouncing around we want one VTY to be + * the "default". We haven't really got anything to go on, so + * arbitrarily choose the one with the lowest reg value. + */ + + selected = NULL; + QTAILQ_FOREACH(iter, &bus->bus.children, sibling) { + /* Only look at VTY devices */ + if (iter->info != &spapr_vty.qdev) { + continue; + } + + sdev = DO_UPCAST(VIOsPAPRDevice, qdev, iter); + + /* First VTY we've found, so it is selected for now */ + if (!selected) { + selected = sdev; + continue; + } + + /* Choose VTY with lowest reg value */ + if (sdev->reg < selected->reg) { + selected = sdev; + } + } + + return selected; +} + static VIOsPAPRDevice *vty_lookup(sPAPREnvironment *spapr, target_ulong reg) { VIOsPAPRDevice *sdev; sdev = spapr_vio_find_by_reg(spapr->vio_bus, reg); if (!sdev && reg == 0) { - DeviceState *qdev; - /* Hack for kernel early debug, which always specifies reg==0. - * We search all VIO devices, and grab the first available vty - * device. This attempts to mimic existing PowerVM behaviour + * We search all VIO devices, and grab the vty with the lowest + * reg. This attempts to mimic existing PowerVM behaviour * (early debug does work there, despite having no vty with * reg==0. */ - QTAILQ_FOREACH(qdev, &spapr->vio_bus->bus.children, sibling) { - if (qdev->info == &spapr_vty.qdev) { - return DO_UPCAST(VIOsPAPRDevice, qdev, qdev); - } - } + return spapr_vty_get_default(spapr->vio_bus); } return sdev; @@ -182,5 +204,7 @@ static VIOsPAPRDevice *vty_lookup(sPAPREnvironment *spapr, target_ulong reg) static void spapr_vty_register(void) { spapr_vio_bus_register_withprop(&spapr_vty); + spapr_register_hypercall(H_PUT_TERM_CHAR, h_put_term_char); + spapr_register_hypercall(H_GET_TERM_CHAR, h_get_term_char); } device_init(spapr_vty_register); diff --git a/hw/spitz.c b/hw/spitz.c index df0e1466a2..82a133dfa8 100644 --- a/hw/spitz.c +++ b/hw/spitz.c @@ -894,7 +894,8 @@ static void spitz_common_init(ram_addr_t ram_size, sl_flash_register(cpu, (model == spitz) ? FLASH_128M : FLASH_1024M); - memory_region_init_ram(rom, NULL, "spitz.rom", SPITZ_ROM); + memory_region_init_ram(rom, "spitz.rom", SPITZ_ROM); + vmstate_register_ram_global(rom); memory_region_set_readonly(rom, true); memory_region_add_subregion(address_space_mem, 0, rom); diff --git a/hw/strongarm.c b/hw/strongarm.c index 7c75bb912d..69c117906c 100644 --- a/hw/strongarm.c +++ b/hw/strongarm.c @@ -1511,7 +1511,8 @@ StrongARMState *sa1110_init(MemoryRegion *sysmem, exit(1); } - memory_region_init_ram(&s->sdram, NULL, "strongarm.sdram", sdram_size); + memory_region_init_ram(&s->sdram, "strongarm.sdram", sdram_size); + vmstate_register_ram_global(&s->sdram); memory_region_add_subregion(sysmem, SA_SDCS0, &s->sdram); pic = arm_pic_init_cpu(s->env); diff --git a/hw/sun4m.c b/hw/sun4m.c index 3f172ad062..941cc98b9b 100644 --- a/hw/sun4m.c +++ b/hw/sun4m.c @@ -602,7 +602,8 @@ static int idreg_init1(SysBusDevice *dev) { IDRegState *s = FROM_SYSBUS(IDRegState, dev); - memory_region_init_ram(&s->mem, NULL, "sun4m.idreg", sizeof(idreg_data)); + memory_region_init_ram(&s->mem, "sun4m.idreg", sizeof(idreg_data)); + vmstate_register_ram_global(&s->mem); memory_region_set_readonly(&s->mem, true); sysbus_init_mmio(dev, &s->mem); return 0; @@ -643,7 +644,8 @@ static int afx_init1(SysBusDevice *dev) { AFXState *s = FROM_SYSBUS(AFXState, dev); - memory_region_init_ram(&s->mem, NULL, "sun4m.afx", 4); + memory_region_init_ram(&s->mem, "sun4m.afx", 4); + vmstate_register_ram_global(&s->mem); sysbus_init_mmio(dev, &s->mem); return 0; } @@ -711,7 +713,8 @@ static int prom_init1(SysBusDevice *dev) { PROMState *s = FROM_SYSBUS(PROMState, dev); - memory_region_init_ram(&s->prom, NULL, "sun4m.prom", PROM_SIZE_MAX); + memory_region_init_ram(&s->prom, "sun4m.prom", PROM_SIZE_MAX); + vmstate_register_ram_global(&s->prom); memory_region_set_readonly(&s->prom, true); sysbus_init_mmio(dev, &s->prom); return 0; @@ -745,7 +748,8 @@ static int ram_init1(SysBusDevice *dev) { RamDevice *d = FROM_SYSBUS(RamDevice, dev); - memory_region_init_ram(&d->ram, NULL, "sun4m.ram", d->size); + memory_region_init_ram(&d->ram, "sun4m.ram", d->size); + vmstate_register_ram_global(&d->ram); sysbus_init_mmio(dev, &d->ram); return 0; } diff --git a/hw/sun4u.c b/hw/sun4u.c index e3e8ddebca..2dc3d0439f 100644 --- a/hw/sun4u.c +++ b/hw/sun4u.c @@ -629,7 +629,8 @@ static int prom_init1(SysBusDevice *dev) { PROMState *s = FROM_SYSBUS(PROMState, dev); - memory_region_init_ram(&s->prom, NULL, "sun4u.prom", PROM_SIZE_MAX); + memory_region_init_ram(&s->prom, "sun4u.prom", PROM_SIZE_MAX); + vmstate_register_ram_global(&s->prom); memory_region_set_readonly(&s->prom, true); sysbus_init_mmio(dev, &s->prom); return 0; @@ -664,7 +665,8 @@ static int ram_init1(SysBusDevice *dev) { RamDevice *d = FROM_SYSBUS(RamDevice, dev); - memory_region_init_ram(&d->ram, NULL, "sun4u.ram", d->size); + memory_region_init_ram(&d->ram, "sun4u.ram", d->size); + vmstate_register_ram_global(&d->ram); sysbus_init_mmio(dev, &d->ram); return 0; } diff --git a/hw/tc6393xb.c b/hw/tc6393xb.c index c144dcf5ff..b75fa603cf 100644 --- a/hw/tc6393xb.c +++ b/hw/tc6393xb.c @@ -568,7 +568,8 @@ TC6393xbState *tc6393xb_init(MemoryRegion *sysmem, uint32_t base, qemu_irq irq) memory_region_init_io(&s->iomem, &tc6393xb_ops, s, "tc6393xb", 0x10000); memory_region_add_subregion(sysmem, base, &s->iomem); - memory_region_init_ram(&s->vram, NULL, "tc6393xb.vram", 0x100000); + memory_region_init_ram(&s->vram, "tc6393xb.vram", 0x100000); + vmstate_register_ram_global(&s->vram); s->vram_ptr = memory_region_get_ram_ptr(&s->vram); memory_region_add_subregion(sysmem, base + 0x100000, &s->vram); s->scr_width = 480; diff --git a/hw/tcx.c b/hw/tcx.c index a9873571d3..75a28f2ee5 100644 --- a/hw/tcx.c +++ b/hw/tcx.c @@ -520,8 +520,9 @@ static int tcx_init1(SysBusDevice *dev) int size; uint8_t *vram_base; - memory_region_init_ram(&s->vram_mem, NULL, "tcx.vram", + memory_region_init_ram(&s->vram_mem, "tcx.vram", s->vram_size * (1 + 4 + 4)); + vmstate_register_ram_global(&s->vram_mem); vram_base = memory_region_get_ram_ptr(&s->vram_mem); /* 8-bit plane */ diff --git a/hw/tosa.c b/hw/tosa.c index 67a71fee6c..6bbc6dcb2d 100644 --- a/hw/tosa.c +++ b/hw/tosa.c @@ -218,7 +218,8 @@ static void tosa_init(ram_addr_t ram_size, cpu = pxa255_init(address_space_mem, tosa_binfo.ram_size); - memory_region_init_ram(rom, NULL, "tosa.rom", TOSA_ROM); + memory_region_init_ram(rom, "tosa.rom", TOSA_ROM); + vmstate_register_ram_global(rom); memory_region_set_readonly(rom, true); memory_region_add_subregion(address_space_mem, 0, rom); diff --git a/hw/usb-bus.c b/hw/usb-bus.c index 8203390929..bd4afa7e2b 100644 --- a/hw/usb-bus.c +++ b/hw/usb-bus.c @@ -137,7 +137,7 @@ USBDevice *usb_create(USBBus *bus, const char *name) bus = usb_bus_find(-1); if (!bus) return NULL; - error_report("%s: no bus specified, using \"%s\" for \"%s\"\n", + error_report("%s: no bus specified, using \"%s\" for \"%s\"", __FUNCTION__, bus->qbus.name, name); } #endif @@ -152,12 +152,12 @@ USBDevice *usb_create_simple(USBBus *bus, const char *name) int rc; if (!dev) { - error_report("Failed to create USB device '%s'\n", name); + error_report("Failed to create USB device '%s'", name); return NULL; } rc = qdev_init(&dev->qdev); if (rc < 0) { - error_report("Failed to initialize USB device '%s'\n", name); + error_report("Failed to initialize USB device '%s'", name); return NULL; } return dev; @@ -244,7 +244,7 @@ int usb_claim_port(USBDevice *dev) } } if (port == NULL) { - error_report("Error: usb port %s (bus %s) not found (in use?)\n", + error_report("Error: usb port %s (bus %s) not found (in use?)", dev->port_path, bus->qbus.name); return -1; } @@ -255,7 +255,7 @@ int usb_claim_port(USBDevice *dev) } if (bus->nfree == 0) { error_report("Error: tried to attach usb device %s to a bus " - "with no free ports\n", dev->product_desc); + "with no free ports", dev->product_desc); return -1; } port = QTAILQ_FIRST(&bus->free); @@ -302,7 +302,7 @@ int usb_device_attach(USBDevice *dev) if (!(port->speedmask & dev->speedmask)) { error_report("Warning: speed mismatch trying to attach " - "usb device %s to bus %s\n", + "usb device %s to bus %s", dev->product_desc, bus->qbus.name); return -1; } diff --git a/hw/usb-msd.c b/hw/usb-msd.c index 4c06950125..e42729699d 100644 --- a/hw/usb-msd.c +++ b/hw/usb-msd.c @@ -278,6 +278,18 @@ static void usb_msd_handle_reset(USBDevice *dev) MSDState *s = (MSDState *)dev; DPRINTF("Reset\n"); + if (s->req) { + scsi_req_cancel(s->req); + } + assert(s->req == NULL); + + if (s->packet) { + USBPacket *p = s->packet; + s->packet = NULL; + p->result = USB_RET_STALL; + usb_packet_complete(dev, p); + } + s->mode = USB_MSDM_CBW; } @@ -517,7 +529,7 @@ static int usb_msd_initfn(USBDevice *dev) DriveInfo *dinfo; if (!bs) { - error_report("usb-msd: drive property not set"); + error_report("drive property not set"); return -1; } diff --git a/hw/usb-ohci.c b/hw/usb-ohci.c index e68be70b15..81488c48e2 100644 --- a/hw/usb-ohci.c +++ b/hw/usb-ohci.c @@ -1025,10 +1025,10 @@ static int ohci_service_td(OHCIState *ohci, struct ohci_ed *ed) if (ret == len) { td.cbp = 0; } else { - td.cbp += ret; if ((td.cbp & 0xfff) + ret > 0xfff) { - td.cbp &= 0xfff; - td.cbp |= td.be & ~0xfff; + td.cbp = (td.be & ~0xfff) + ((td.cbp + ret) & 0xfff); + } else { + td.cbp += ret; } } td.flags |= OHCI_TD_T1; diff --git a/hw/versatilepb.c b/hw/versatilepb.c index a6315fce5d..0312b7564a 100644 --- a/hw/versatilepb.c +++ b/hw/versatilepb.c @@ -190,7 +190,8 @@ static void versatile_init(ram_addr_t ram_size, fprintf(stderr, "Unable to find CPU definition\n"); exit(1); } - memory_region_init_ram(ram, NULL, "versatile.ram", ram_size); + memory_region_init_ram(ram, "versatile.ram", ram_size); + vmstate_register_ram_global(ram); /* ??? RAM should repeat to fill physical memory space. */ /* SDRAM at address zero. */ memory_region_add_subregion(sysmem, 0, ram); diff --git a/hw/vexpress.c b/hw/vexpress.c index 08c93d5544..c9ca43c89b 100644 --- a/hw/vexpress.c +++ b/hw/vexpress.c @@ -77,7 +77,8 @@ static void vexpress_a9_init(ram_addr_t ram_size, exit(1); } - memory_region_init_ram(ram, NULL, "vexpress.highmem", ram_size); + memory_region_init_ram(ram, "vexpress.highmem", ram_size); + vmstate_register_ram_global(ram); low_ram_size = ram_size; if (low_ram_size > 0x4000000) { low_ram_size = 0x4000000; @@ -181,14 +182,16 @@ static void vexpress_a9_init(ram_addr_t ram_size, /* CS4: NOR1 flash : 0x44000000 .. 0x48000000 */ /* CS2: SRAM : 0x48000000 .. 0x4a000000 */ sram_size = 0x2000000; - memory_region_init_ram(sram, NULL, "vexpress.sram", sram_size); + memory_region_init_ram(sram, "vexpress.sram", sram_size); + vmstate_register_ram_global(sram); memory_region_add_subregion(sysmem, 0x48000000, sram); /* CS3: USB, ethernet, VRAM : 0x4c000000 .. 0x50000000 */ /* 0x4c000000 Video RAM */ vram_size = 0x800000; - memory_region_init_ram(vram, NULL, "vexpress.vram", vram_size); + memory_region_init_ram(vram, "vexpress.vram", vram_size); + vmstate_register_ram_global(vram); memory_region_add_subregion(sysmem, 0x4c000000, vram); /* 0x4e000000 LAN9118 Ethernet */ @@ -202,7 +205,8 @@ static void vexpress_a9_init(ram_addr_t ram_size, startup code. I guess this works on real hardware because the BootROM happens to be in ROM/flash or in memory that isn't clobbered until after Linux boots the secondary CPUs. */ - memory_region_init_ram(hackram, NULL, "vexpress.hack", 0x1000); + memory_region_init_ram(hackram, "vexpress.hack", 0x1000); + vmstate_register_ram_global(hackram); memory_region_add_subregion(sysmem, SMP_BOOT_ADDR, hackram); vexpress_binfo.ram_size = ram_size; diff --git a/hw/vga.c b/hw/vga.c index 7e1dd5ac80..4878fbcbb1 100644 --- a/hw/vga.c +++ b/hw/vga.c @@ -2222,7 +2222,8 @@ void vga_common_init(VGACommonState *s, int vga_ram_size) #else s->is_vbe_vmstate = 0; #endif - memory_region_init_ram(&s->vram, NULL, "vga.vram", vga_ram_size); + memory_region_init_ram(&s->vram, "vga.vram", vga_ram_size); + vmstate_register_ram_global(&s->vram); xen_register_framebuffer(&s->vram); s->vram_ptr = memory_region_get_ram_ptr(&s->vram); s->vram_size = vga_ram_size; diff --git a/hw/vhost.c b/hw/vhost.c index cd56e75d0a..19a7b5c820 100644 --- a/hw/vhost.c +++ b/hw/vhost.c @@ -15,6 +15,7 @@ #include "hw/hw.h" #include "range.h" #include <linux/vhost.h> +#include "exec-memory.h" static void vhost_dev_sync_region(struct vhost_dev *dev, MemoryRegionSection *section, @@ -365,10 +366,6 @@ static void vhost_set_memory(MemoryListener *listener, int r; void *ram; - if (!memory_region_is_ram(section->mr)) { - return; - } - dev->mem = g_realloc(dev->mem, s); if (log_dirty) { @@ -378,7 +375,7 @@ static void vhost_set_memory(MemoryListener *listener, assert(size); /* Optimize no-change case. At least cirrus_vga does this a lot at this time. */ - ram = memory_region_get_ram_ptr(section->mr); + ram = memory_region_get_ram_ptr(section->mr) + section->offset_within_region; if (add) { if (!vhost_dev_cmp_memory(dev, start_addr, size, (uintptr_t)ram)) { /* Region exists with same address. Nothing to do. */ @@ -430,12 +427,22 @@ static void vhost_set_memory(MemoryListener *listener, } } +static bool vhost_section(MemoryRegionSection *section) +{ + return section->address_space == get_system_memory() + && memory_region_is_ram(section->mr); +} + static void vhost_region_add(MemoryListener *listener, MemoryRegionSection *section) { struct vhost_dev *dev = container_of(listener, struct vhost_dev, memory_listener); + if (!vhost_section(section)) { + return; + } + ++dev->n_mem_sections; dev->mem_sections = g_renew(MemoryRegionSection, dev->mem_sections, dev->n_mem_sections); @@ -450,13 +457,17 @@ static void vhost_region_del(MemoryListener *listener, memory_listener); int i; + if (!vhost_section(section)) { + return; + } + vhost_set_memory(listener, section, false); for (i = 0; i < dev->n_mem_sections; ++i) { if (dev->mem_sections[i].offset_within_address_space == section->offset_within_address_space) { --dev->n_mem_sections; memmove(&dev->mem_sections[i], &dev->mem_sections[i+1], - dev->n_mem_sections - i); + (dev->n_mem_sections - i) * sizeof(*dev->mem_sections)); break; } } diff --git a/hw/virtex_ml507.c b/hw/virtex_ml507.c index 6ffb896b7b..bd16b97934 100644 --- a/hw/virtex_ml507.c +++ b/hw/virtex_ml507.c @@ -205,7 +205,8 @@ static void virtex_init(ram_addr_t ram_size, env = ppc440_init_xilinx(&ram_size, 1, cpu_model, 400000000); qemu_register_reset(main_cpu_reset, env); - memory_region_init_ram(phys_ram, NULL, "ram", ram_size); + memory_region_init_ram(phys_ram, "ram", ram_size); + vmstate_register_ram_global(phys_ram); memory_region_add_subregion(address_space_mem, ram_base, phys_ram); dinfo = drive_get(IF_PFLASH, 0, 0); diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c index ef27421d46..5e81f53e14 100644 --- a/hw/virtio-blk.c +++ b/hw/virtio-blk.c @@ -569,7 +569,7 @@ VirtIODevice *virtio_blk_init(DeviceState *dev, BlockConf *conf, DriveInfo *dinfo; if (!conf->bs) { - error_report("virtio-blk-pci: drive property not set"); + error_report("drive property not set"); return NULL; } if (!bdrv_is_inserted(conf->bs)) { diff --git a/hw/virtio-serial-bus.c b/hw/virtio-serial-bus.c index fe0233f6f1..3a9004a9b8 100644 --- a/hw/virtio-serial-bus.c +++ b/hw/virtio-serial-bus.c @@ -163,7 +163,19 @@ static void do_flush_queued_data(VirtIOSerialPort *port, VirtQueue *vq, abort(); } if (ret == -EAGAIN || (ret >= 0 && ret < buf_size)) { - virtio_serial_throttle_port(port, true); + /* + * this is a temporary check until chardevs can signal to + * frontends that they are writable again. This prevents + * the console from going into throttled mode (forever) + * if virtio-console is connected to a pty without a + * listener. Otherwise the guest spins forever. + * We can revert this if + * 1: chardevs can notify frondends + * 2: the guest driver does not spin in these cases + */ + if (!info->is_console) { + virtio_serial_throttle_port(port, true); + } port->iov_idx = i; if (ret > 0) { port->iov_offset += ret; diff --git a/hw/vmware_vga.c b/hw/vmware_vga.c index af70bdee09..b1885c3c19 100644 --- a/hw/vmware_vga.c +++ b/hw/vmware_vga.c @@ -1091,7 +1091,8 @@ static void vmsvga_init(struct vmsvga_state_s *s, int vga_ram_size, s->fifo_size = SVGA_FIFO_SIZE; - memory_region_init_ram(&s->fifo_ram, NULL, "vmsvga.fifo", s->fifo_size); + memory_region_init_ram(&s->fifo_ram, "vmsvga.fifo", s->fifo_size); + vmstate_register_ram_global(&s->fifo_ram); s->fifo_ptr = memory_region_get_ram_ptr(&s->fifo_ram); vga_common_init(&s->vga, vga_ram_size); diff --git a/hw/xtensa_lx60.c b/hw/xtensa_lx60.c index 8947157bfc..26112c3eb0 100644 --- a/hw/xtensa_lx60.c +++ b/hw/xtensa_lx60.c @@ -136,7 +136,8 @@ static void lx60_net_init(MemoryRegion *address_space, sysbus_mmio_get_region(s, 1)); ram = g_malloc(sizeof(*ram)); - memory_region_init_ram(ram, NULL, "open_eth.ram", 16384); + memory_region_init_ram(ram, "open_eth.ram", 16384); + vmstate_register_ram_global(ram); memory_region_add_subregion(address_space, buffers, ram); } @@ -186,7 +187,8 @@ static void lx_init(const LxBoardDesc *board, } ram = g_malloc(sizeof(*ram)); - memory_region_init_ram(ram, NULL, "lx60.dram", ram_size); + memory_region_init_ram(ram, "lx60.dram", ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(system_memory, 0, ram); system_io = g_malloc(sizeof(*system_io)); @@ -221,7 +223,8 @@ static void lx_init(const LxBoardDesc *board, /* Use presence of kernel file name as 'boot from SRAM' switch. */ if (kernel_filename) { rom = g_malloc(sizeof(*rom)); - memory_region_init_ram(rom, NULL, "lx60.sram", board->sram_size); + memory_region_init_ram(rom, "lx60.sram", board->sram_size); + vmstate_register_ram_global(rom); memory_region_add_subregion(system_memory, 0xfe000000, rom); /* Put kernel bootparameters to the end of that SRAM */ diff --git a/hw/xtensa_sim.c b/hw/xtensa_sim.c index a94e4e561e..104e5dc619 100644 --- a/hw/xtensa_sim.c +++ b/hw/xtensa_sim.c @@ -66,11 +66,13 @@ static void sim_init(ram_addr_t ram_size, } ram = g_malloc(sizeof(*ram)); - memory_region_init_ram(ram, NULL, "xtensa.sram", ram_size); + memory_region_init_ram(ram, "xtensa.sram", ram_size); + vmstate_register_ram_global(ram); memory_region_add_subregion(get_system_memory(), 0, ram); rom = g_malloc(sizeof(*rom)); - memory_region_init_ram(rom, NULL, "xtensa.rom", 0x1000); + memory_region_init_ram(rom, "xtensa.rom", 0x1000); + vmstate_register_ram_global(rom); memory_region_add_subregion(get_system_memory(), 0xfe000000, rom); if (kernel_filename) { diff --git a/memory.c b/memory.c index a90eefd8d1..5ab21129a0 100644 --- a/memory.c +++ b/memory.c @@ -303,44 +303,28 @@ static void access_with_adjusted_size(target_phys_addr_t addr, } } -static void memory_region_prepare_ram_addr(MemoryRegion *mr); - static void as_memory_range_add(AddressSpace *as, FlatRange *fr) { - ram_addr_t phys_offset, region_offset; - - memory_region_prepare_ram_addr(fr->mr); - - phys_offset = fr->mr->ram_addr; - region_offset = fr->offset_in_region; - /* cpu_register_physical_memory_log() wants region_offset for - * mmio, but prefers offseting phys_offset for RAM. Humour it. - */ - if ((phys_offset & ~TARGET_PAGE_MASK) <= IO_MEM_ROM) { - phys_offset += region_offset; - region_offset = 0; - } - - if (!fr->readable) { - phys_offset &= ~TARGET_PAGE_MASK & ~IO_MEM_ROMD; - } - - if (fr->readonly) { - phys_offset |= IO_MEM_ROM; - } + MemoryRegionSection section = { + .mr = fr->mr, + .offset_within_address_space = int128_get64(fr->addr.start), + .offset_within_region = fr->offset_in_region, + .size = int128_get64(fr->addr.size), + }; - cpu_register_physical_memory_log(int128_get64(fr->addr.start), - int128_get64(fr->addr.size), - phys_offset, - region_offset, - fr->dirty_log_mask); + cpu_register_physical_memory_log(§ion, fr->readable, fr->readonly); } static void as_memory_range_del(AddressSpace *as, FlatRange *fr) { - cpu_register_physical_memory(int128_get64(fr->addr.start), - int128_get64(fr->addr.size), - IO_MEM_UNASSIGNED); + MemoryRegionSection section = { + .mr = &io_mem_unassigned, + .offset_within_address_space = int128_get64(fr->addr.start), + .offset_within_region = int128_get64(fr->addr.start), + .size = int128_get64(fr->addr.size), + }; + + cpu_register_physical_memory_log(§ion, true, false); } static void as_memory_log_start(AddressSpace *as, FlatRange *fr) @@ -854,7 +838,16 @@ static void memory_region_destructor_iomem(MemoryRegion *mr) static void memory_region_destructor_rom_device(MemoryRegion *mr) { qemu_ram_free(mr->ram_addr & TARGET_PAGE_MASK); - cpu_unregister_io_memory(mr->ram_addr & ~(TARGET_PAGE_MASK | IO_MEM_ROMD)); + cpu_unregister_io_memory(mr->ram_addr & ~TARGET_PAGE_MASK); +} + +static bool memory_region_wrong_endianness(MemoryRegion *mr) +{ +#ifdef TARGET_WORDS_BIGENDIAN + return mr->ops->endianness == DEVICE_LITTLE_ENDIAN; +#else + return mr->ops->endianness == DEVICE_BIG_ENDIAN; +#endif } void memory_region_init(MemoryRegion *mr, @@ -869,11 +862,13 @@ void memory_region_init(MemoryRegion *mr, } mr->addr = 0; mr->offset = 0; + mr->subpage = false; mr->enabled = true; mr->terminates = false; mr->ram = false; mr->readable = true; mr->readonly = false; + mr->rom_device = false; mr->destructor = memory_region_destructor_none; mr->priority = 0; mr->may_overlap = false; @@ -913,11 +908,10 @@ static bool memory_region_access_valid(MemoryRegion *mr, return true; } -static uint32_t memory_region_read_thunk_n(void *_mr, - target_phys_addr_t addr, - unsigned size) +static uint64_t memory_region_dispatch_read1(MemoryRegion *mr, + target_phys_addr_t addr, + unsigned size) { - MemoryRegion *mr = _mr; uint64_t data = 0; if (!memory_region_access_valid(mr, addr, size, false)) { @@ -937,17 +931,46 @@ static uint32_t memory_region_read_thunk_n(void *_mr, return data; } -static void memory_region_write_thunk_n(void *_mr, - target_phys_addr_t addr, - unsigned size, - uint64_t data) +static void adjust_endianness(MemoryRegion *mr, uint64_t *data, unsigned size) +{ + if (memory_region_wrong_endianness(mr)) { + switch (size) { + case 1: + break; + case 2: + *data = bswap16(*data); + break; + case 4: + *data = bswap32(*data); + break; + default: + abort(); + } + } +} + +static uint64_t memory_region_dispatch_read(MemoryRegion *mr, + target_phys_addr_t addr, + unsigned size) { - MemoryRegion *mr = _mr; + uint64_t ret; + ret = memory_region_dispatch_read1(mr, addr, size); + adjust_endianness(mr, &ret, size); + return ret; +} + +static void memory_region_dispatch_write(MemoryRegion *mr, + target_phys_addr_t addr, + uint64_t data, + unsigned size) +{ if (!memory_region_access_valid(mr, addr, size, true)) { return; /* FIXME: better signalling */ } + adjust_endianness(mr, &data, size); + if (!mr->ops->write) { mr->ops->old_mmio.write[bitops_ffsl(size)](mr->opaque, addr, data); return; @@ -960,65 +983,6 @@ static void memory_region_write_thunk_n(void *_mr, memory_region_write_accessor, mr); } -static uint32_t memory_region_read_thunk_b(void *mr, target_phys_addr_t addr) -{ - return memory_region_read_thunk_n(mr, addr, 1); -} - -static uint32_t memory_region_read_thunk_w(void *mr, target_phys_addr_t addr) -{ - return memory_region_read_thunk_n(mr, addr, 2); -} - -static uint32_t memory_region_read_thunk_l(void *mr, target_phys_addr_t addr) -{ - return memory_region_read_thunk_n(mr, addr, 4); -} - -static void memory_region_write_thunk_b(void *mr, target_phys_addr_t addr, - uint32_t data) -{ - memory_region_write_thunk_n(mr, addr, 1, data); -} - -static void memory_region_write_thunk_w(void *mr, target_phys_addr_t addr, - uint32_t data) -{ - memory_region_write_thunk_n(mr, addr, 2, data); -} - -static void memory_region_write_thunk_l(void *mr, target_phys_addr_t addr, - uint32_t data) -{ - memory_region_write_thunk_n(mr, addr, 4, data); -} - -static CPUReadMemoryFunc * const memory_region_read_thunk[] = { - memory_region_read_thunk_b, - memory_region_read_thunk_w, - memory_region_read_thunk_l, -}; - -static CPUWriteMemoryFunc * const memory_region_write_thunk[] = { - memory_region_write_thunk_b, - memory_region_write_thunk_w, - memory_region_write_thunk_l, -}; - -static void memory_region_prepare_ram_addr(MemoryRegion *mr) -{ - if (mr->backend_registered) { - return; - } - - mr->destructor = memory_region_destructor_iomem; - mr->ram_addr = cpu_register_io_memory(memory_region_read_thunk, - memory_region_write_thunk, - mr, - mr->ops->endianness); - mr->backend_registered = true; -} - void memory_region_init_io(MemoryRegion *mr, const MemoryRegionOps *ops, void *opaque, @@ -1029,11 +993,11 @@ void memory_region_init_io(MemoryRegion *mr, mr->ops = ops; mr->opaque = opaque; mr->terminates = true; - mr->backend_registered = false; + mr->destructor = memory_region_destructor_iomem; + mr->ram_addr = cpu_register_io_memory(mr); } void memory_region_init_ram(MemoryRegion *mr, - DeviceState *dev, const char *name, uint64_t size) { @@ -1041,12 +1005,10 @@ void memory_region_init_ram(MemoryRegion *mr, mr->ram = true; mr->terminates = true; mr->destructor = memory_region_destructor_ram; - mr->ram_addr = qemu_ram_alloc(dev, name, size, mr); - mr->backend_registered = true; + mr->ram_addr = qemu_ram_alloc(size, mr); } void memory_region_init_ram_ptr(MemoryRegion *mr, - DeviceState *dev, const char *name, uint64_t size, void *ptr) @@ -1055,8 +1017,7 @@ void memory_region_init_ram_ptr(MemoryRegion *mr, mr->ram = true; mr->terminates = true; mr->destructor = memory_region_destructor_ram_from_ptr; - mr->ram_addr = qemu_ram_alloc_from_ptr(dev, name, size, ptr, mr); - mr->backend_registered = true; + mr->ram_addr = qemu_ram_alloc_from_ptr(size, ptr, mr); } void memory_region_init_alias(MemoryRegion *mr, @@ -1073,7 +1034,6 @@ void memory_region_init_alias(MemoryRegion *mr, void memory_region_init_rom_device(MemoryRegion *mr, const MemoryRegionOps *ops, void *opaque, - DeviceState *dev, const char *name, uint64_t size) { @@ -1081,14 +1041,10 @@ void memory_region_init_rom_device(MemoryRegion *mr, mr->ops = ops; mr->opaque = opaque; mr->terminates = true; + mr->rom_device = true; mr->destructor = memory_region_destructor_rom_device; - mr->ram_addr = qemu_ram_alloc(dev, name, size, mr); - mr->ram_addr |= cpu_register_io_memory(memory_region_read_thunk, - memory_region_write_thunk, - mr, - mr->ops->endianness); - mr->ram_addr |= IO_MEM_ROMD; - mr->backend_registered = true; + mr->ram_addr = qemu_ram_alloc(size, mr); + mr->ram_addr |= cpu_register_io_memory(mr); } void memory_region_destroy(MemoryRegion *mr) @@ -1108,6 +1064,11 @@ uint64_t memory_region_size(MemoryRegion *mr) return int128_get64(mr->size); } +const char *memory_region_name(MemoryRegion *mr) +{ + return mr->name; +} + bool memory_region_is_ram(MemoryRegion *mr) { return mr->ram; @@ -1426,7 +1387,6 @@ void memory_region_set_alias_offset(MemoryRegion *mr, target_phys_addr_t offset) ram_addr_t memory_region_get_ram_addr(MemoryRegion *mr) { - assert(mr->backend_registered); return mr->ram_addr; } @@ -1491,6 +1451,7 @@ void memory_global_dirty_log_start(void) { MemoryListener *listener; + cpu_physical_memory_set_dirty_tracking(1); global_dirty_log = true; QLIST_FOREACH(listener, &memory_listeners, link) { listener->log_global_start(listener); @@ -1505,6 +1466,7 @@ void memory_global_dirty_log_stop(void) QLIST_FOREACH(listener, &memory_listeners, link) { listener->log_global_stop(listener); } + cpu_physical_memory_set_dirty_tracking(0); } static void listener_add_address_space(MemoryListener *listener, @@ -1551,6 +1513,17 @@ void set_system_io_map(MemoryRegion *mr) memory_region_update_topology(NULL); } +uint64_t io_mem_read(int io_index, target_phys_addr_t addr, unsigned size) +{ + return memory_region_dispatch_read(io_mem_region[io_index], addr, size); +} + +void io_mem_write(int io_index, target_phys_addr_t addr, + uint64_t val, unsigned size) +{ + memory_region_dispatch_write(io_mem_region[io_index], addr, val, size); +} + typedef struct MemoryRegionList MemoryRegionList; struct MemoryRegionList { diff --git a/memory.h b/memory.h index a82226a752..70f57fbc12 100644 --- a/memory.h +++ b/memory.h @@ -116,15 +116,16 @@ struct MemoryRegion { Int128 size; target_phys_addr_t addr; target_phys_addr_t offset; - bool backend_registered; void (*destructor)(MemoryRegion *mr); ram_addr_t ram_addr; IORange iorange; + bool subpage; bool terminates; bool readable; bool ram; bool readonly; /* For RAM regions */ bool enabled; + bool rom_device; MemoryRegion *alias; target_phys_addr_t alias_offset; unsigned priority; @@ -224,14 +225,10 @@ void memory_region_init_io(MemoryRegion *mr, * region will modify memory directly. * * @mr: the #MemoryRegion to be initialized. - * @dev: a device associated with the region; may be %NULL. - * @name: the name of the region; the pair (@dev, @name) must be globally - * unique. The name is part of the save/restore ABI and so cannot be - * changed. + * @name: the name of the region. * @size: size of the region. */ void memory_region_init_ram(MemoryRegion *mr, - DeviceState *dev, /* FIXME: layering violation */ const char *name, uint64_t size); @@ -241,15 +238,11 @@ void memory_region_init_ram(MemoryRegion *mr, * memory directly. * * @mr: the #MemoryRegion to be initialized. - * @dev: a device associated with the region; may be %NULL. - * @name: the name of the region; the pair (@dev, @name) must be globally - * unique. The name is part of the save/restore ABI and so cannot be - * changed. + * @name: the name of the region. * @size: size of the region. * @ptr: memory to be mapped; must contain at least @size bytes. */ void memory_region_init_ram_ptr(MemoryRegion *mr, - DeviceState *dev, /* FIXME: layering violation */ const char *name, uint64_t size, void *ptr); @@ -277,16 +270,12 @@ void memory_region_init_alias(MemoryRegion *mr, * * @mr: the #MemoryRegion to be initialized. * @ops: callbacks for write access handling. - * @dev: a device associated with the region; may be %NULL. - * @name: the name of the region; the pair (@dev, @name) must be globally - * unique. The name is part of the save/restore ABI and so cannot be - * changed. + * @name: the name of the region. * @size: size of the region. */ void memory_region_init_rom_device(MemoryRegion *mr, const MemoryRegionOps *ops, void *opaque, - DeviceState *dev, /* FIXME: layering violation */ const char *name, uint64_t size); @@ -316,6 +305,15 @@ uint64_t memory_region_size(MemoryRegion *mr); bool memory_region_is_ram(MemoryRegion *mr); /** + * memory_region_name: get a memory region's name + * + * Returns the string that was used to initialize the memory region. + * + * @mr: the memory region being queried + */ +const char *memory_region_name(MemoryRegion *mr); + +/** * memory_region_is_logging: return whether a memory region is logging writes * * Returns %true if the memory region is logging writes diff --git a/net/socket.c b/net/socket.c index aaf9be48e2..c9d70d388e 100644 --- a/net/socket.c +++ b/net/socket.c @@ -427,12 +427,14 @@ static int net_socket_listen_init(VLANState *vlan, if (ret < 0) { perror("bind"); g_free(s); + closesocket(fd); return -1; } ret = listen(fd, 0); if (ret < 0) { perror("listen"); g_free(s); + closesocket(fd); return -1; } s->vlan = vlan; diff --git a/ppc.ld b/ppc.ld index 69aa3f228d..2a0dcad63d 100644 --- a/ppc.ld +++ b/ppc.ld @@ -49,8 +49,20 @@ SECTIONS .rela.sbss2 : { *(.rela.sbss2 .rela.sbss2.* .rela.gnu.linkonce.sb2.*) } .rel.bss : { *(.rel.bss .rel.bss.* .rel.gnu.linkonce.b.*) } .rela.bss : { *(.rela.bss .rela.bss.* .rela.gnu.linkonce.b.*) } - .rel.plt : { *(.rel.plt) } - .rela.plt : { *(.rela.plt) } + .rel.plt : + { + *(.rel.plt) + PROVIDE (__rel_iplt_start = .); + *(.rel.iplt) + PROVIDE (__rel_iplt_end = .); + } + .rela.plt : + { + *(.rela.plt) + PROVIDE (__rela_iplt_start = .); + *(.rela.iplt) + PROVIDE (__rela_iplt_end = .); + } .init : { KEEP (*(.init)) diff --git a/ppc64.ld b/ppc64.ld index 0a7c0dd0c8..e2dafa0b53 100644 --- a/ppc64.ld +++ b/ppc64.ld @@ -54,8 +54,20 @@ SECTIONS *(.rela.sbss2 .rela.sbss2.* .rela.gnu.linkonce.sb2.*) *(.rela.bss .rela.bss.* .rela.gnu.linkonce.b.*) } - .rel.plt : { *(.rel.plt) } - .rela.plt : { *(.rela.plt) } + .rel.plt : + { + *(.rel.plt) + PROVIDE (__rel_iplt_start = .); + *(.rel.iplt) + PROVIDE (__rel_iplt_end = .); + } + .rela.plt : + { + *(.rela.plt) + PROVIDE (__rela_iplt_start = .); + *(.rela.iplt) + PROVIDE (__rela_iplt_end = .); + } .rela.tocbss : { *(.rela.tocbss) } .init : { diff --git a/qemu-config.c b/qemu-config.c index 18f30204a1..ecc88e8d40 100644 --- a/qemu-config.c +++ b/qemu-config.c @@ -211,6 +211,13 @@ QemuOptsList qemu_fsdev_opts = { }, { .name = "readonly", .type = QEMU_OPT_BOOL, + + }, { + .name = "socket", + .type = QEMU_OPT_STRING, + }, { + .name = "sock_fd", + .type = QEMU_OPT_NUMBER, }, { /*End of list */ } @@ -240,6 +247,12 @@ QemuOptsList qemu_virtfs_opts = { }, { .name = "readonly", .type = QEMU_OPT_BOOL, + }, { + .name = "socket", + .type = QEMU_OPT_STRING, + }, { + .name = "sock_fd", + .type = QEMU_OPT_NUMBER, }, { /*End of list */ } diff --git a/qemu-nbd.c b/qemu-nbd.c index 155b05840b..eb61c33acd 100644 --- a/qemu-nbd.c +++ b/qemu-nbd.c @@ -202,12 +202,10 @@ static void *nbd_client_thread(void *arg) int ret; pthread_t show_parts_thread; - do { - sock = unix_socket_outgoing(sockpath); - if (sock == -1) { - goto out; - } - } while (sock == -1); + sock = unix_socket_outgoing(sockpath); + if (sock == -1) { + goto out; + } ret = nbd_receive_negotiate(sock, NULL, &nbdflags, &size, &blocksize); diff --git a/qemu-options.hx b/qemu-options.hx index a60191f6a4..7903e5c11b 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -551,19 +551,19 @@ DEFHEADING() DEFHEADING(File system options:) DEF("fsdev", HAS_ARG, QEMU_OPTION_fsdev, - "-fsdev fsdriver,id=id,path=path,[security_model={mapped|passthrough|none}]\n" - " [,writeout=immediate][,readonly]\n", + "-fsdev fsdriver,id=id[,path=path,][security_model={mapped|passthrough|none}]\n" + " [,writeout=immediate][,readonly][,socket=socket|sock_fd=sock_fd]\n", QEMU_ARCH_ALL) STEXI -@item -fsdev @var{fsdriver},id=@var{id},path=@var{path},[security_model=@var{security_model}][,writeout=@var{writeout}][,readonly] +@item -fsdev @var{fsdriver},id=@var{id},path=@var{path},[security_model=@var{security_model}][,writeout=@var{writeout}][,readonly][,socket=@var{socket}|sock_fd=@var{sock_fd}] @findex -fsdev Define a new file system device. Valid options are: @table @option @item @var{fsdriver} This option specifies the fs driver backend to use. -Currently "local" and "handle" file system drivers are supported. +Currently "local", "handle" and "proxy" file system drivers are supported. @item id=@var{id} Specifies identifier for this device @item path=@var{path} @@ -580,7 +580,7 @@ file attributes. Directories exported by this security model cannot interact with other unix tools. "none" security model is same as passthrough except the sever won't report failures if it fails to set file attributes like ownership. Security model is mandatory -only for local fsdriver. Other fsdrivers (like handle) don't take +only for local fsdriver. Other fsdrivers (like handle, proxy) don't take security model as a parameter. @item writeout=@var{writeout} This is an optional argument. The only supported value is "immediate". @@ -590,6 +590,13 @@ reported as written by the storage subsystem. @item readonly Enables exporting 9p share as a readonly mount for guests. By default read-write access is given. +@item socket=@var{socket} +Enables proxy filesystem driver to use passed socket file for communicating +with virtfs-proxy-helper +@item sock_fd=@var{sock_fd} +Enables proxy filesystem driver to use passed socket descriptor for +communicating with virtfs-proxy-helper. Usually a helper like libvirt +will create socketpair and pass one of the fds as sock_fd @end table -fsdev option is used along with -device driver "virtio-9p-pci". @@ -610,19 +617,19 @@ DEFHEADING(Virtual File system pass-through options:) DEF("virtfs", HAS_ARG, QEMU_OPTION_virtfs, "-virtfs local,path=path,mount_tag=tag,security_model=[mapped|passthrough|none]\n" - " [,writeout=immediate][,readonly]\n", + " [,writeout=immediate][,readonly][,socket=socket|sock_fd=sock_fd]\n", QEMU_ARCH_ALL) STEXI -@item -virtfs @var{fsdriver},path=@var{path},mount_tag=@var{mount_tag},security_model=@var{security_model}[,writeout=@var{writeout}][,readonly] +@item -virtfs @var{fsdriver}[,path=@var{path}],mount_tag=@var{mount_tag}[,security_model=@var{security_model}][,writeout=@var{writeout}][,readonly][,socket=@var{socket}|sock_fd=@var{sock_fd}] @findex -virtfs The general form of a Virtual File system pass-through options are: @table @option @item @var{fsdriver} This option specifies the fs driver backend to use. -Currently "local" and "handle" file system drivers are supported. +Currently "local", "handle" and "proxy" file system drivers are supported. @item id=@var{id} Specifies identifier for this device @item path=@var{path} @@ -639,7 +646,7 @@ file attributes. Directories exported by this security model cannot interact with other unix tools. "none" security model is same as passthrough except the sever won't report failures if it fails to set file attributes like ownership. Security model is mandatory only -for local fsdriver. Other fsdrivers (like handle) don't take security +for local fsdriver. Other fsdrivers (like handle, proxy) don't take security model as a parameter. @item writeout=@var{writeout} This is an optional argument. The only supported value is "immediate". @@ -649,6 +656,13 @@ reported as written by the storage subsystem. @item readonly Enables exporting 9p share as a readonly mount for guests. By default read-write access is given. +@item socket=@var{socket} +Enables proxy filesystem driver to use passed socket file for +communicating with virtfs-proxy-helper. Usually a helper like libvirt +will create socketpair and pass one of the fds as sock_fd +@item sock_fd +Enables proxy filesystem driver to use passed 'sock_fd' as the socket +descriptor for interfacing with virtfs-proxy-helper @end table ETEXI @@ -857,8 +871,8 @@ The x509 file names can also be configured individually. @item tls-ciphers=<list> Specify which ciphers to use. -@item tls-channel=[main|display|inputs|record|playback|tunnel] -@item plaintext-channel=[main|display|inputs|record|playback|tunnel] +@item tls-channel=[main|display|cursor|inputs|record|playback] +@item plaintext-channel=[main|display|cursor|inputs|record|playback] Force specific channel to be used with or without TLS encryption. The options can be specified multiple times to configure multiple channels. The special name "default" can be used to set the default diff --git a/savevm.c b/savevm.c index f153c25419..80be1ff063 100644 --- a/savevm.c +++ b/savevm.c @@ -83,6 +83,7 @@ #include "qemu-queue.h" #include "qemu-timer.h" #include "cpus.h" +#include "memory.h" #define SELF_ANNOUNCE_ROUNDS 5 @@ -2280,3 +2281,19 @@ void do_info_snapshots(Monitor *mon) g_free(available_snapshots); } + +void vmstate_register_ram(MemoryRegion *mr, DeviceState *dev) +{ + qemu_ram_set_idstr(memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK, + memory_region_name(mr), dev); +} + +void vmstate_unregister_ram(MemoryRegion *mr, DeviceState *dev) +{ + /* Nothing do to while the implementation is in RAMBlock */ +} + +void vmstate_register_ram_global(MemoryRegion *mr) +{ + vmstate_register_ram(mr, NULL); +} diff --git a/softmmu_template.h b/softmmu_template.h index 36eb2e8fc0..97020f8185 100644 --- a/softmmu_template.h +++ b/softmmu_template.h @@ -22,6 +22,7 @@ * License along with this library; if not, see <http://www.gnu.org/licenses/>. */ #include "qemu-timer.h" +#include "memory.h" #define DATA_SIZE (1 << SHIFT) @@ -62,24 +63,26 @@ static inline DATA_TYPE glue(io_read, SUFFIX)(target_phys_addr_t physaddr, { DATA_TYPE res; int index; - index = (physaddr >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); + index = physaddr & (IO_MEM_NB_ENTRIES - 1); physaddr = (physaddr & TARGET_PAGE_MASK) + addr; env->mem_io_pc = (unsigned long)retaddr; - if (index > (IO_MEM_NOTDIRTY >> IO_MEM_SHIFT) + if (index != io_mem_ram.ram_addr && index != io_mem_rom.ram_addr + && index != io_mem_unassigned.ram_addr + && index != io_mem_notdirty.ram_addr && !can_do_io(env)) { cpu_io_recompile(env, retaddr); } env->mem_io_vaddr = addr; #if SHIFT <= 2 - res = io_mem_read[index][SHIFT](io_mem_opaque[index], physaddr); + res = io_mem_read(index, physaddr, 1 << SHIFT); #else #ifdef TARGET_WORDS_BIGENDIAN - res = (uint64_t)io_mem_read[index][2](io_mem_opaque[index], physaddr) << 32; - res |= io_mem_read[index][2](io_mem_opaque[index], physaddr + 4); + res = io_mem_read(index, physaddr, 4) << 32; + res |= io_mem_read(index, physaddr + 4, 4); #else - res = io_mem_read[index][2](io_mem_opaque[index], physaddr); - res |= (uint64_t)io_mem_read[index][2](io_mem_opaque[index], physaddr + 4) << 32; + res = io_mem_read(index, physaddr, 4); + res |= io_mem_read(index, physaddr + 4, 4) << 32; #endif #endif /* SHIFT > 2 */ return res; @@ -205,9 +208,11 @@ static inline void glue(io_write, SUFFIX)(target_phys_addr_t physaddr, void *retaddr) { int index; - index = (physaddr >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); + index = physaddr & (IO_MEM_NB_ENTRIES - 1); physaddr = (physaddr & TARGET_PAGE_MASK) + addr; - if (index > (IO_MEM_NOTDIRTY >> IO_MEM_SHIFT) + if (index != io_mem_ram.ram_addr && index != io_mem_rom.ram_addr + && index != io_mem_unassigned.ram_addr + && index != io_mem_notdirty.ram_addr && !can_do_io(env)) { cpu_io_recompile(env, retaddr); } @@ -215,14 +220,14 @@ static inline void glue(io_write, SUFFIX)(target_phys_addr_t physaddr, env->mem_io_vaddr = addr; env->mem_io_pc = (unsigned long)retaddr; #if SHIFT <= 2 - io_mem_write[index][SHIFT](io_mem_opaque[index], physaddr, val); + io_mem_write(index, physaddr, val, 1 << SHIFT); #else #ifdef TARGET_WORDS_BIGENDIAN - io_mem_write[index][2](io_mem_opaque[index], physaddr, val >> 32); - io_mem_write[index][2](io_mem_opaque[index], physaddr + 4, val); + io_mem_write(index, physaddr, (val >> 32), 4); + io_mem_write(index, physaddr + 4, (uint32_t)val, 4); #else - io_mem_write[index][2](io_mem_opaque[index], physaddr, val); - io_mem_write[index][2](io_mem_opaque[index], physaddr + 4, val >> 32); + io_mem_write(index, physaddr, (uint32_t)val, 4); + io_mem_write(index, physaddr + 4, val >> 32, 4); #endif #endif /* SHIFT > 2 */ } diff --git a/target-arm/cpu.h b/target-arm/cpu.h index c4d742f084..26b4981fdd 100644 --- a/target-arm/cpu.h +++ b/target-arm/cpu.h @@ -149,6 +149,10 @@ typedef struct CPUARMState { uint32_t c15_i_max; /* Maximum D-cache dirty line index. */ uint32_t c15_i_min; /* Minimum D-cache dirty line index. */ uint32_t c15_threadid; /* TI debugger thread-ID. */ + uint32_t c15_config_base_address; /* SCU base address. */ + uint32_t c15_diagnostic; /* diagnostic register */ + uint32_t c15_power_diagnostic; + uint32_t c15_power_control; /* power control */ } cp15; struct { @@ -448,7 +452,7 @@ void cpu_arm_set_cp_io(CPUARMState *env, int cpnum, #define cpu_signal_handler cpu_arm_signal_handler #define cpu_list arm_cpu_list -#define CPU_SAVE_VERSION 4 +#define CPU_SAVE_VERSION 5 /* MMU modes definitions */ #define MMU_MODE0_SUFFIX _kernel diff --git a/target-arm/helper.c b/target-arm/helper.c index 65f4fbf98e..fa42c64d3a 100644 --- a/target-arm/helper.c +++ b/target-arm/helper.c @@ -463,6 +463,26 @@ void cpu_arm_close(CPUARMState *env) g_free(env); } +static int bad_mode_switch(CPUState *env, int mode) +{ + /* Return true if it is not valid for us to switch to + * this CPU mode (ie all the UNPREDICTABLE cases in + * the ARM ARM CPSRWriteByInstr pseudocode). + */ + switch (mode) { + case ARM_CPU_MODE_USR: + case ARM_CPU_MODE_SYS: + case ARM_CPU_MODE_SVC: + case ARM_CPU_MODE_ABT: + case ARM_CPU_MODE_UND: + case ARM_CPU_MODE_IRQ: + case ARM_CPU_MODE_FIQ: + return 0; + default: + return 1; + } +} + uint32_t cpsr_read(CPUARMState *env) { int ZF; @@ -499,7 +519,15 @@ void cpsr_write(CPUARMState *env, uint32_t val, uint32_t mask) } if ((env->uncached_cpsr ^ val) & mask & CPSR_M) { - switch_mode(env, val & CPSR_M); + if (bad_mode_switch(env, val & CPSR_M)) { + /* Attempt to switch to an invalid mode: this is UNPREDICTABLE. + * We choose to ignore the attempt and leave the CPSR M field + * untouched. + */ + mask &= ~CPSR_M; + } else { + switch_mode(env, val & CPSR_M); + } } mask &= ~CACHED_CPSR_BITS; env->uncached_cpsr = (env->uncached_cpsr & ~mask) | (val & mask); @@ -642,7 +670,7 @@ uint32_t HELPER(get_r13_banked)(CPUState *env, uint32_t mode) extern int semihosting_enabled; /* Map CPU modes onto saved register banks. */ -static inline int bank_number (int mode) +static inline int bank_number(CPUState *env, int mode) { switch (mode) { case ARM_CPU_MODE_USR: @@ -659,7 +687,7 @@ static inline int bank_number (int mode) case ARM_CPU_MODE_FIQ: return 5; } - cpu_abort(cpu_single_env, "Bad mode %x\n", mode); + cpu_abort(env, "Bad mode %x\n", mode); return -1; } @@ -680,12 +708,12 @@ void switch_mode(CPUState *env, int mode) memcpy (env->regs + 8, env->fiq_regs, 5 * sizeof(uint32_t)); } - i = bank_number(old_mode); + i = bank_number(env, old_mode); env->banked_r13[i] = env->regs[13]; env->banked_r14[i] = env->regs[14]; env->banked_spsr[i] = env->spsr; - i = bank_number(mode); + i = bank_number(env, mode); env->regs[13] = env->banked_r13[i]; env->regs[14] = env->banked_r14[i]; env->spsr = env->banked_spsr[i]; @@ -1768,6 +1796,20 @@ void HELPER(set_cp15)(CPUState *env, uint32_t insn, uint32_t val) goto bad_reg; } } + if (ARM_CPUID(env) == ARM_CPUID_CORTEXA9) { + switch (crm) { + case 0: + if ((op1 == 0) && (op2 == 0)) { + env->cp15.c15_power_control = val; + } else if ((op1 == 0) && (op2 == 1)) { + env->cp15.c15_diagnostic = val; + } else if ((op1 == 0) && (op2 == 2)) { + env->cp15.c15_power_diagnostic = val; + } + default: + break; + } + } break; } return; @@ -2111,6 +2153,40 @@ uint32_t HELPER(get_cp15)(CPUState *env, uint32_t insn) * 0x200 << ($rn & 0xfff), when MMU is off. */ goto bad_reg; } + if (ARM_CPUID(env) == ARM_CPUID_CORTEXA9) { + switch (crm) { + case 0: + if ((op1 == 4) && (op2 == 0)) { + /* The config_base_address should hold the value of + * the peripheral base. ARM should get this from a CPU + * object property, but that support isn't available in + * December 2011. Default to 0 for now and board models + * that care can set it by a private hook */ + return env->cp15.c15_config_base_address; + } else if ((op1 == 0) && (op2 == 0)) { + /* power_control should be set to maximum latency. Again, + default to 0 and set by private hook */ + return env->cp15.c15_power_control; + } else if ((op1 == 0) && (op2 == 1)) { + return env->cp15.c15_diagnostic; + } else if ((op1 == 0) && (op2 == 2)) { + return env->cp15.c15_power_diagnostic; + } + break; + case 1: /* NEON Busy */ + return 0; + case 5: /* tlb lockdown */ + case 6: + case 7: + if ((op1 == 5) && (op2 == 2)) { + return 0; + } + break; + default: + break; + } + goto bad_reg; + } return 0; } bad_reg: @@ -2125,7 +2201,7 @@ void HELPER(set_r13_banked)(CPUState *env, uint32_t mode, uint32_t val) if ((env->uncached_cpsr & CPSR_M) == mode) { env->regs[13] = val; } else { - env->banked_r13[bank_number(mode)] = val; + env->banked_r13[bank_number(env, mode)] = val; } } @@ -2134,7 +2210,7 @@ uint32_t HELPER(get_r13_banked)(CPUState *env, uint32_t mode) if ((env->uncached_cpsr & CPSR_M) == mode) { return env->regs[13]; } else { - return env->banked_r13[bank_number(mode)]; + return env->banked_r13[bank_number(env, mode)]; } } diff --git a/target-arm/machine.c b/target-arm/machine.c index aaee9b9c11..89847759b7 100644 --- a/target-arm/machine.c +++ b/target-arm/machine.c @@ -56,6 +56,9 @@ void cpu_save(QEMUFile *f, void *opaque) qemu_put_be32(f, env->cp15.c13_tls2); qemu_put_be32(f, env->cp15.c13_tls3); qemu_put_be32(f, env->cp15.c15_cpar); + qemu_put_be32(f, env->cp15.c15_power_control); + qemu_put_be32(f, env->cp15.c15_diagnostic); + qemu_put_be32(f, env->cp15.c15_power_diagnostic); qemu_put_be32(f, env->features); @@ -170,6 +173,9 @@ int cpu_load(QEMUFile *f, void *opaque, int version_id) env->cp15.c13_tls2 = qemu_get_be32(f); env->cp15.c13_tls3 = qemu_get_be32(f); env->cp15.c15_cpar = qemu_get_be32(f); + env->cp15.c15_power_control = qemu_get_be32(f); + env->cp15.c15_diagnostic = qemu_get_be32(f); + env->cp15.c15_power_diagnostic = qemu_get_be32(f); env->features = qemu_get_be32(f); diff --git a/target-ppc/helper.c b/target-ppc/helper.c index 137a494201..58474536c0 100644 --- a/target-ppc/helper.c +++ b/target-ppc/helper.c @@ -1545,12 +1545,40 @@ static void mmubooke206_dump_mmu(FILE *f, fprintf_function cpu_fprintf, } } +#if defined(TARGET_PPC64) +static void mmubooks_dump_mmu(FILE *f, fprintf_function cpu_fprintf, + CPUState *env) +{ + int i; + uint64_t slbe, slbv; + + cpu_synchronize_state(env); + + cpu_fprintf(f, "SLB\tESID\t\t\tVSID\n"); + for (i = 0; i < env->slb_nr; i++) { + slbe = env->slb[i].esid; + slbv = env->slb[i].vsid; + if (slbe == 0 && slbv == 0) { + continue; + } + cpu_fprintf(f, "%d\t0x%016" PRIx64 "\t0x%016" PRIx64 "\n", + i, slbe, slbv); + } +} +#endif + void dump_mmu(FILE *f, fprintf_function cpu_fprintf, CPUState *env) { switch (env->mmu_model) { case POWERPC_MMU_BOOKE206: mmubooke206_dump_mmu(f, cpu_fprintf, env); break; +#if defined(TARGET_PPC64) + case POWERPC_MMU_64B: + case POWERPC_MMU_2_06: + mmubooks_dump_mmu(f, cpu_fprintf, env); + break; +#endif default: cpu_fprintf(f, "%s: unimplemented\n", __func__); } diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c index 429349fb94..ce8ac5b4de 100644 --- a/target-ppc/kvm.c +++ b/target-ppc/kvm.c @@ -504,7 +504,7 @@ void kvm_arch_post_run(CPUState *env, struct kvm_run *run) int kvm_arch_process_async_events(CPUState *env) { - return 0; + return env->halted; } static int kvmppc_handle_halt(CPUState *env) @@ -822,7 +822,8 @@ off_t kvmppc_alloc_rma(const char *name, MemoryRegion *sysmem) }; rma_region = g_new(MemoryRegion, 1); - memory_region_init_ram_ptr(rma_region, NULL, name, size, rma); + memory_region_init_ram_ptr(rma_region, name, size, rma); + vmstate_register_ram_global(rma_region); memory_region_add_subregion(sysmem, 0, rma_region); return size; diff --git a/target-ppc/translate_init.c b/target-ppc/translate_init.c index 8a7233fc82..47d73a6bf9 100644 --- a/target-ppc/translate_init.c +++ b/target-ppc/translate_init.c @@ -2,6 +2,7 @@ * PowerPC CPU initialization for qemu. * * Copyright (c) 2003-2007 Jocelyn Mayer + * Copyright 2011 Freescale Semiconductor, Inc. * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -4399,6 +4400,33 @@ static void init_proc_e300 (CPUPPCState *env) #define check_pow_e500v2 check_pow_hid0 #define init_proc_e500v2 init_proc_e500v2 +/* e500mc core */ +#define POWERPC_INSNS_e500mc (PPC_INSNS_BASE | PPC_ISEL | \ + PPC_WRTEE | PPC_RFDI | PPC_RFMCI | \ + PPC_CACHE | PPC_CACHE_LOCK | PPC_CACHE_ICBI | \ + PPC_CACHE_DCBZ | PPC_CACHE_DCBA | \ + PPC_FLOAT | PPC_FLOAT_FRES | \ + PPC_FLOAT_FRSQRTE | PPC_FLOAT_FSEL | \ + PPC_FLOAT_STFIWX | PPC_WAIT | \ + PPC_MEM_TLBSYNC | PPC_TLBIVAX) +#define POWERPC_INSNS2_e500mc (PPC2_BOOKE206) +#define POWERPC_MSRM_e500mc (0x000000001402FB36ULL) +#define POWERPC_MMU_e500mc (POWERPC_MMU_BOOKE206) +#define POWERPC_EXCP_e500mc (POWERPC_EXCP_BOOKE) +#define POWERPC_INPUT_e500mc (PPC_FLAGS_INPUT_BookE) +/* Fixme: figure out the correct flag for e500mc */ +#define POWERPC_BFDM_e500mc (bfd_mach_ppc_e500) +#define POWERPC_FLAG_e500mc (POWERPC_FLAG_CE | POWERPC_FLAG_DE | \ + POWERPC_FLAG_PMM | POWERPC_FLAG_BUS_CLK) +#define check_pow_e500mc check_pow_none +#define init_proc_e500mc init_proc_e500mc + +enum fsl_e500_version { + fsl_e500v1, + fsl_e500v2, + fsl_e500mc, +}; + static void init_proc_e500 (CPUPPCState *env, int version) { uint32_t tlbncfg[2]; @@ -4430,15 +4458,26 @@ static void init_proc_e500 (CPUPPCState *env, int version) env->nb_ways = 2; env->id_tlbs = 0; switch (version) { - case 1: + case fsl_e500v1: /* e500v1 */ tlbncfg[0] = gen_tlbncfg(2, 1, 1, 0, 256); tlbncfg[1] = gen_tlbncfg(16, 1, 9, TLBnCFG_AVAIL | TLBnCFG_IPROT, 16); + env->dcache_line_size = 32; + env->icache_line_size = 32; break; - case 2: + case fsl_e500v2: /* e500v2 */ tlbncfg[0] = gen_tlbncfg(4, 1, 1, 0, 512); tlbncfg[1] = gen_tlbncfg(16, 1, 12, TLBnCFG_AVAIL | TLBnCFG_IPROT, 16); + env->dcache_line_size = 32; + env->icache_line_size = 32; + break; + case fsl_e500mc: + /* e500mc */ + tlbncfg[0] = gen_tlbncfg(4, 1, 1, 0, 512); + tlbncfg[1] = gen_tlbncfg(64, 1, 12, TLBnCFG_AVAIL | TLBnCFG_IPROT, 64); + env->dcache_line_size = 64; + env->icache_line_size = 64; break; default: cpu_abort(env, "Unknown CPU: " TARGET_FMT_lx "\n", env->spr[SPR_PVR]); @@ -4522,20 +4561,23 @@ static void init_proc_e500 (CPUPPCState *env, int version) #endif init_excp_e200(env); - env->dcache_line_size = 32; - env->icache_line_size = 32; /* Allocate hardware IRQ controller */ ppce500_irq_init(env); } static void init_proc_e500v1(CPUPPCState *env) { - init_proc_e500(env, 1); + init_proc_e500(env, fsl_e500v1); } static void init_proc_e500v2(CPUPPCState *env) { - init_proc_e500(env, 2); + init_proc_e500(env, fsl_e500v2); +} + +static void init_proc_e500mc(CPUPPCState *env) +{ + init_proc_e500(env, fsl_e500mc); } /* Non-embedded PowerPC */ @@ -7070,6 +7112,7 @@ enum { CPU_POWERPC_e500v2_v21 = 0x80210021, CPU_POWERPC_e500v2_v22 = 0x80210022, CPU_POWERPC_e500v2_v30 = 0x80210030, + CPU_POWERPC_e500mc = 0x80230020, /* MPC85xx microcontrollers */ #define CPU_POWERPC_MPC8533 CPU_POWERPC_MPC8533_v11 #define CPU_POWERPC_MPC8533_v10 CPU_POWERPC_e500v2_v21 @@ -8471,6 +8514,7 @@ static const ppc_def_t ppc_defs[] = { POWERPC_DEF("e500v2_v22", CPU_POWERPC_e500v2_v22, e500v2), /* PowerPC e500v2 v3.0 core */ POWERPC_DEF("e500v2_v30", CPU_POWERPC_e500v2_v30, e500v2), + POWERPC_DEF("e500mc", CPU_POWERPC_e500mc, e500mc), /* PowerPC e500 microcontrollers */ /* MPC8533 */ POWERPC_DEF_SVR("MPC8533", diff --git a/target-sh4/translate.c b/target-sh4/translate.c index bad3577726..aacf96d9a3 100644 --- a/target-sh4/translate.c +++ b/target-sh4/translate.c @@ -1652,18 +1652,10 @@ static void _decode_opc(DisasContext * ctx) } return; case 0x00a3: /* ocbp @Rn */ - { - TCGv dummy = tcg_temp_new(); - tcg_gen_qemu_ld32s(dummy, REG(B11_8), ctx->memidx); - tcg_temp_free(dummy); - } - return; case 0x00b3: /* ocbwb @Rn */ - { - TCGv dummy = tcg_temp_new(); - tcg_gen_qemu_ld32s(dummy, REG(B11_8), ctx->memidx); - tcg_temp_free(dummy); - } + /* These instructions are supposed to do nothing in case of + a cache miss. Given that we only partially emulate caches + it is safe to simply ignore them. */ return; case 0x0083: /* pref @Rn */ return; @@ -1864,8 +1856,8 @@ static void _decode_opc(DisasContext * ctx) CHECK_FPU_ENABLED if ((ctx->fpscr & FPSCR_PR) == 0) { TCGv m, n; - m = tcg_const_i32((ctx->opcode >> 16) & 3); - n = tcg_const_i32((ctx->opcode >> 18) & 3); + m = tcg_const_i32((ctx->opcode >> 8) & 3); + n = tcg_const_i32((ctx->opcode >> 10) & 3); gen_helper_fipr(m, n); tcg_temp_free(m); tcg_temp_free(n); @@ -1877,7 +1869,7 @@ static void _decode_opc(DisasContext * ctx) if ((ctx->opcode & 0x0300) == 0x0100 && (ctx->fpscr & FPSCR_PR) == 0) { TCGv n; - n = tcg_const_i32((ctx->opcode >> 18) & 3); + n = tcg_const_i32((ctx->opcode >> 10) & 3); gen_helper_ftrv(n); tcg_temp_free(n); return; diff --git a/tcg/arm/tcg-target.h b/tcg/arm/tcg-target.h index 48586c3e60..0035b471fe 100644 --- a/tcg/arm/tcg-target.h +++ b/tcg/arm/tcg-target.h @@ -78,7 +78,7 @@ typedef enum { enum { /* Note: must be synced with dyngen-exec.h */ - TCG_AREG0 = TCG_REG_R7, + TCG_AREG0 = TCG_REG_R6, }; static inline void flush_icache_range(unsigned long start, unsigned long stop) diff --git a/usb-linux.c b/usb-linux.c index ab4c6930ca..749ce71081 100644 --- a/usb-linux.c +++ b/usb-linux.c @@ -116,6 +116,7 @@ typedef struct USBHostDevice { USBDevice dev; int fd; int hub_fd; + int hub_port; uint8_t descr[8192]; int descr_len; @@ -434,7 +435,7 @@ static int usb_host_claim_port(USBHostDevice *s) { #ifdef USBDEVFS_CLAIM_PORT char *h, hub_name[64], line[1024]; - int hub_addr, portnr, ret; + int hub_addr, ret; snprintf(hub_name, sizeof(hub_name), "%d-%s", s->match.bus_num, s->match.port); @@ -442,13 +443,13 @@ static int usb_host_claim_port(USBHostDevice *s) /* try strip off last ".$portnr" to get hub */ h = strrchr(hub_name, '.'); if (h != NULL) { - portnr = atoi(h+1); + s->hub_port = atoi(h+1); *h = '\0'; } else { /* no dot in there -> it is the root hub */ snprintf(hub_name, sizeof(hub_name), "usb%d", s->match.bus_num); - portnr = atoi(s->match.port); + s->hub_port = atoi(s->match.port); } if (!usb_host_read_file(line, sizeof(line), "devnum", @@ -469,20 +470,32 @@ static int usb_host_claim_port(USBHostDevice *s) return -1; } - ret = ioctl(s->hub_fd, USBDEVFS_CLAIM_PORT, &portnr); + ret = ioctl(s->hub_fd, USBDEVFS_CLAIM_PORT, &s->hub_port); if (ret < 0) { close(s->hub_fd); s->hub_fd = -1; return -1; } - trace_usb_host_claim_port(s->match.bus_num, hub_addr, portnr); + trace_usb_host_claim_port(s->match.bus_num, hub_addr, s->hub_port); return 0; #else return -1; #endif } +static void usb_host_release_port(USBHostDevice *s) +{ + if (s->hub_fd == -1) { + return; + } +#ifdef USBDEVFS_RELEASE_PORT + ioctl(s->hub_fd, USBDEVFS_RELEASE_PORT, &s->hub_port); +#endif + close(s->hub_fd); + s->hub_fd = -1; +} + static int usb_host_disconnect_ifaces(USBHostDevice *dev, int nb_interfaces) { /* earlier Linux 2.4 do not support that */ @@ -635,10 +648,8 @@ static void usb_host_handle_destroy(USBDevice *dev) { USBHostDevice *s = (USBHostDevice *)dev; + usb_host_release_port(s); usb_host_close(s); - if (s->hub_fd != -1) { - close(s->hub_fd); - } QTAILQ_REMOVE(&hostdevs, s, next); qemu_remove_exit_notifier(&s->exit); } @@ -1141,15 +1152,18 @@ static int usb_linux_update_endp_table(USBHostDevice *s) length = s->descr_len - 18; i = 0; - if (descriptors[i + 1] != USB_DT_CONFIG || - descriptors[i + 5] != s->configuration) { - fprintf(stderr, "invalid descriptor data - configuration %d\n", - s->configuration); - return 1; - } - i += descriptors[i]; - while (i < length) { + if (descriptors[i + 1] != USB_DT_CONFIG) { + fprintf(stderr, "invalid descriptor data\n"); + return 1; + } else if (descriptors[i + 5] != s->configuration) { + DPRINTF("not requested configuration %d\n", s->configuration); + i += (descriptors[i + 3] << 8) + descriptors[i + 2]; + continue; + } + + i += descriptors[i]; + if (descriptors[i + 1] != USB_DT_INTERFACE || (descriptors[i + 1] == USB_DT_INTERFACE && descriptors[i + 4] == 0)) { @@ -1399,6 +1413,7 @@ static void usb_host_exit_notifier(struct Notifier *n, void *data) { USBHostDevice *s = container_of(n, USBHostDevice, exit); + usb_host_release_port(s); if (s->fd != -1) { usb_host_do_reset(s);; } diff --git a/usb-redir.c b/usb-redir.c index a36f2a7cda..2b53cf30cc 100644 --- a/usb-redir.c +++ b/usb-redir.c @@ -174,7 +174,7 @@ static void usbredir_log(void *priv, int level, const char *msg) return; } - error_report("%s\n", msg); + error_report("%s", msg); } static void usbredir_log_data(USBRedirDevice *dev, const char *desc, @@ -193,7 +193,7 @@ static void usbredir_log_data(USBRedirDevice *dev, const char *desc, for (j = 0; j < 8 && i + j < len; j++) { n += sprintf(buf + n, " %02X", data[i + j]); } - error_report("%s\n", buf); + error_report("%s", buf); } } diff --git a/vl.c b/vl.c index d9254243f8..ba55b356cf 100644 --- a/vl.c +++ b/vl.c @@ -2661,7 +2661,7 @@ int main(int argc, char **argv, char **envp) case QEMU_OPTION_virtfs: { QemuOpts *fsdev; QemuOpts *device; - const char *writeout; + const char *writeout, *sock_fd, *socket; olist = qemu_find_opts("virtfs"); if (!olist) { @@ -2675,11 +2675,8 @@ int main(int argc, char **argv, char **envp) } if (qemu_opt_get(opts, "fsdriver") == NULL || - qemu_opt_get(opts, "mount_tag") == NULL || - qemu_opt_get(opts, "path") == NULL) { - fprintf(stderr, "Usage: -virtfs fsdriver,path=/share_path/," - "[security_model={mapped|passthrough|none}]," - "mount_tag=tag.\n"); + qemu_opt_get(opts, "mount_tag") == NULL) { + fprintf(stderr, "Usage: -virtfs fsdriver,mount_tag=tag.\n"); exit(1); } fsdev = qemu_opts_create(qemu_find_opts("fsdev"), @@ -2704,6 +2701,14 @@ int main(int argc, char **argv, char **envp) qemu_opt_set(fsdev, "path", qemu_opt_get(opts, "path")); qemu_opt_set(fsdev, "security_model", qemu_opt_get(opts, "security_model")); + socket = qemu_opt_get(opts, "socket"); + if (socket) { + qemu_opt_set(fsdev, "socket", socket); + } + sock_fd = qemu_opt_get(opts, "sock_fd"); + if (sock_fd) { + qemu_opt_set(fsdev, "sock_fd", sock_fd); + } qemu_opt_set_bool(fsdev, "readonly", qemu_opt_get_bool(opts, "readonly", 0)); @@ -2725,7 +2730,6 @@ int main(int argc, char **argv, char **envp) exit(1); } qemu_opt_set(fsdev, "fsdriver", "synth"); - qemu_opt_set(fsdev, "path", "/"); /* ignored */ device = qemu_opts_create(qemu_find_opts("device"), NULL, 0); qemu_opt_set(device, "driver", "virtio-9p-pci"); diff --git a/xen-all.c b/xen-all.c index dc232651e7..c86ebf43cb 100644 --- a/xen-all.c +++ b/xen-all.c @@ -154,7 +154,8 @@ static void xen_ram_init(ram_addr_t ram_size) */ block_len += HVM_BELOW_4G_MMIO_LENGTH; } - memory_region_init_ram(&ram_memory, NULL, "xen.ram", block_len); + memory_region_init_ram(&ram_memory, "xen.ram", block_len); + vmstate_register_ram_global(&ram_memory); if (ram_size >= HVM_BELOW_4G_RAM_END) { above_4g_mem_size = ram_size - HVM_BELOW_4G_RAM_END; @@ -403,12 +404,11 @@ static void xen_region_del(MemoryListener *listener, xen_set_memory(listener, section, false); } -static int xen_sync_dirty_bitmap(XenIOState *state, - target_phys_addr_t start_addr, - ram_addr_t size) +static void xen_sync_dirty_bitmap(XenIOState *state, + target_phys_addr_t start_addr, + ram_addr_t size) { target_phys_addr_t npages = size >> TARGET_PAGE_BITS; - target_phys_addr_t vram_offset = 0; const int width = sizeof(unsigned long) * 8; unsigned long bitmap[(npages + width - 1) / width]; int rc, i, j; @@ -417,21 +417,26 @@ static int xen_sync_dirty_bitmap(XenIOState *state, physmap = get_physmapping(state, start_addr, size); if (physmap == NULL) { /* not handled */ - return -1; + return; } if (state->log_for_dirtybit == NULL) { state->log_for_dirtybit = physmap; } else if (state->log_for_dirtybit != physmap) { - return -1; + /* Only one range for dirty bitmap can be tracked. */ + return; } - vram_offset = physmap->phys_offset; rc = xc_hvm_track_dirty_vram(xen_xc, xen_domid, start_addr >> TARGET_PAGE_BITS, npages, bitmap); - if (rc) { - return rc; + if (rc < 0) { + if (rc != -ENODATA) { + fprintf(stderr, "xen: track_dirty_vram failed (0x" TARGET_FMT_plx + ", 0x" TARGET_FMT_plx "): %s\n", + start_addr, start_addr + size, strerror(-rc)); + } + return; } for (i = 0; i < ARRAY_SIZE(bitmap); i++) { @@ -439,43 +444,36 @@ static int xen_sync_dirty_bitmap(XenIOState *state, while (map != 0) { j = ffsl(map) - 1; map &= ~(1ul << j); - cpu_physical_memory_set_dirty(vram_offset + (i * width + j) * TARGET_PAGE_SIZE); + memory_region_set_dirty(framebuffer, + (i * width + j) * TARGET_PAGE_SIZE); }; } - - return 0; } static void xen_log_start(MemoryListener *listener, MemoryRegionSection *section) { XenIOState *state = container_of(listener, XenIOState, memory_listener); - int r; - r = xen_sync_dirty_bitmap(state, section->offset_within_address_space, - section->size); - assert(r >= 0); + xen_sync_dirty_bitmap(state, section->offset_within_address_space, + section->size); } static void xen_log_stop(MemoryListener *listener, MemoryRegionSection *section) { XenIOState *state = container_of(listener, XenIOState, memory_listener); - int r; state->log_for_dirtybit = NULL; /* Disable dirty bit tracking */ - r = xc_hvm_track_dirty_vram(xen_xc, xen_domid, 0, 0, NULL); - assert(r >= 0); + xc_hvm_track_dirty_vram(xen_xc, xen_domid, 0, 0, NULL); } static void xen_log_sync(MemoryListener *listener, MemoryRegionSection *section) { XenIOState *state = container_of(listener, XenIOState, memory_listener); - int r; - r = xen_sync_dirty_bitmap(state, section->offset_within_address_space, - section->size); - assert(r >= 0); + xen_sync_dirty_bitmap(state, section->offset_within_address_space, + section->size); } static void xen_log_global_start(MemoryListener *listener) |