diff options
Diffstat (limited to 'hw')
| -rw-r--r-- | hw/9pfs/9p.c | 78 | ||||
| -rw-r--r-- | hw/9pfs/9p.h | 26 | ||||
| -rw-r--r-- | hw/9pfs/virtio-9p-device.c | 46 | ||||
| -rw-r--r-- | hw/9pfs/virtio-9p.h | 10 | ||||
| -rw-r--r-- | hw/arm/aspeed.c | 70 | ||||
| -rw-r--r-- | hw/arm/aspeed_soc.c | 95 | ||||
| -rw-r--r-- | hw/arm/pxa2xx.c | 9 | ||||
| -rw-r--r-- | hw/arm/tosa.c | 7 | ||||
| -rw-r--r-- | hw/arm/virt.c | 19 | ||||
| -rw-r--r-- | hw/arm/z2.c | 7 | ||||
| -rw-r--r-- | hw/block/m25p80.c | 1 | ||||
| -rw-r--r-- | hw/block/virtio-blk.c | 18 | ||||
| -rw-r--r-- | hw/char/cadence_uart.c | 14 | ||||
| -rw-r--r-- | hw/display/virtio-gpu-3d.c | 13 | ||||
| -rw-r--r-- | hw/display/virtio-gpu.c | 24 | ||||
| -rw-r--r-- | hw/i2c/core.c | 6 | ||||
| -rw-r--r-- | hw/intc/arm_gicv3.c | 5 | ||||
| -rw-r--r-- | hw/intc/arm_gicv3_common.c | 3 | ||||
| -rw-r--r-- | hw/intc/arm_gicv3_cpuif.c | 13 | ||||
| -rw-r--r-- | hw/misc/aspeed_scu.c | 4 | ||||
| -rw-r--r-- | hw/misc/aspeed_sdmc.c | 3 | ||||
| -rw-r--r-- | hw/net/fsl_etsec/rings.c | 19 | ||||
| -rw-r--r-- | hw/net/rtl8139.c | 34 | ||||
| -rw-r--r-- | hw/scsi/virtio-scsi.c | 36 | ||||
| -rw-r--r-- | hw/ssi/aspeed_smc.c | 17 | ||||
| -rw-r--r-- | hw/timer/ds1338.c | 6 | ||||
| -rw-r--r-- | hw/virtio/virtio.c | 54 |
27 files changed, 437 insertions, 200 deletions
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c index faebd91f5f..fa58877570 100644 --- a/hw/9pfs/9p.c +++ b/hw/9pfs/9p.c @@ -47,7 +47,7 @@ ssize_t pdu_marshal(V9fsPDU *pdu, size_t offset, const char *fmt, ...) va_list ap; va_start(ap, fmt); - ret = virtio_pdu_vmarshal(pdu, offset, fmt, ap); + ret = pdu->s->transport->pdu_vmarshal(pdu, offset, fmt, ap); va_end(ap); return ret; @@ -59,7 +59,7 @@ ssize_t pdu_unmarshal(V9fsPDU *pdu, size_t offset, const char *fmt, ...) va_list ap; va_start(ap, fmt); - ret = virtio_pdu_vunmarshal(pdu, offset, fmt, ap); + ret = pdu->s->transport->pdu_vunmarshal(pdu, offset, fmt, ap); va_end(ap); return ret; @@ -67,7 +67,7 @@ ssize_t pdu_unmarshal(V9fsPDU *pdu, size_t offset, const char *fmt, ...) static void pdu_push_and_notify(V9fsPDU *pdu) { - virtio_9p_push_and_notify(pdu); + pdu->s->transport->push_and_notify(pdu); } static int omode_to_uflags(int8_t mode) @@ -1633,14 +1633,43 @@ out_nofid: pdu_complete(pdu, err); } +/* + * Create a QEMUIOVector for a sub-region of PDU iovecs + * + * @qiov: uninitialized QEMUIOVector + * @skip: number of bytes to skip from beginning of PDU + * @size: number of bytes to include + * @is_write: true - write, false - read + * + * The resulting QEMUIOVector has heap-allocated iovecs and must be cleaned up + * with qemu_iovec_destroy(). + */ +static void v9fs_init_qiov_from_pdu(QEMUIOVector *qiov, V9fsPDU *pdu, + size_t skip, size_t size, + bool is_write) +{ + QEMUIOVector elem; + struct iovec *iov; + unsigned int niov; + + if (is_write) { + pdu->s->transport->init_out_iov_from_pdu(pdu, &iov, &niov); + } else { + pdu->s->transport->init_in_iov_from_pdu(pdu, &iov, &niov, size); + } + + qemu_iovec_init_external(&elem, iov, niov); + qemu_iovec_init(qiov, niov); + qemu_iovec_concat(qiov, &elem, skip, size); +} + static int v9fs_xattr_read(V9fsState *s, V9fsPDU *pdu, V9fsFidState *fidp, uint64_t off, uint32_t max_count) { ssize_t err; size_t offset = 7; uint64_t read_count; - V9fsVirtioState *v = container_of(s, V9fsVirtioState, state); - VirtQueueElement *elem = v->elems[pdu->idx]; + QEMUIOVector qiov_full; if (fidp->fs.xattr.len < off) { read_count = 0; @@ -1656,9 +1685,11 @@ static int v9fs_xattr_read(V9fsState *s, V9fsPDU *pdu, V9fsFidState *fidp, } offset += err; - err = v9fs_pack(elem->in_sg, elem->in_num, offset, + v9fs_init_qiov_from_pdu(&qiov_full, pdu, 0, read_count, false); + err = v9fs_pack(qiov_full.iov, qiov_full.niov, offset, ((char *)fidp->fs.xattr.value) + off, read_count); + qemu_iovec_destroy(&qiov_full); if (err < 0) { return err; } @@ -1732,32 +1763,6 @@ static int coroutine_fn v9fs_do_readdir_with_stat(V9fsPDU *pdu, return count; } -/* - * Create a QEMUIOVector for a sub-region of PDU iovecs - * - * @qiov: uninitialized QEMUIOVector - * @skip: number of bytes to skip from beginning of PDU - * @size: number of bytes to include - * @is_write: true - write, false - read - * - * The resulting QEMUIOVector has heap-allocated iovecs and must be cleaned up - * with qemu_iovec_destroy(). - */ -static void v9fs_init_qiov_from_pdu(QEMUIOVector *qiov, V9fsPDU *pdu, - size_t skip, size_t size, - bool is_write) -{ - QEMUIOVector elem; - struct iovec *iov; - unsigned int niov; - - virtio_init_iov_from_pdu(pdu, &iov, &niov, is_write); - - qemu_iovec_init_external(&elem, iov, niov); - qemu_iovec_init(qiov, niov); - qemu_iovec_concat(qiov, &elem, skip, size); -} - static void coroutine_fn v9fs_read(void *opaque) { int32_t fid; @@ -3440,7 +3445,6 @@ void pdu_submit(V9fsPDU *pdu) /* Returns 0 on success, 1 on failure. */ int v9fs_device_realize_common(V9fsState *s, Error **errp) { - V9fsVirtioState *v = container_of(s, V9fsVirtioState, state); int i, len; struct stat stat; FsDriverEntry *fse; @@ -3451,9 +3455,9 @@ int v9fs_device_realize_common(V9fsState *s, Error **errp) QLIST_INIT(&s->free_list); QLIST_INIT(&s->active_list); for (i = 0; i < (MAX_REQ - 1); i++) { - QLIST_INSERT_HEAD(&s->free_list, &v->pdus[i], next); - v->pdus[i].s = s; - v->pdus[i].idx = i; + QLIST_INSERT_HEAD(&s->free_list, &s->pdus[i], next); + s->pdus[i].s = s; + s->pdus[i].idx = i; } v9fs_path_init(&path); @@ -3521,7 +3525,7 @@ int v9fs_device_realize_common(V9fsState *s, Error **errp) rc = 0; out: if (rc) { - if (s->ops->cleanup && s->ctx.private) { + if (s->ops && s->ops->cleanup && s->ctx.private) { s->ops->cleanup(&s->ctx); } g_free(s->tag); diff --git a/hw/9pfs/9p.h b/hw/9pfs/9p.h index 3976b7fe3d..b7e836251e 100644 --- a/hw/9pfs/9p.h +++ b/hw/9pfs/9p.h @@ -99,8 +99,8 @@ enum p9_proto_version { V9FS_PROTO_2000L = 0x02, }; -#define P9_NOTAG (u16)(~0) -#define P9_NOFID (u32)(~0) +#define P9_NOTAG UINT16_MAX +#define P9_NOFID UINT32_MAX #define P9_MAXWELEM 16 #define FID_REFERENCED 0x1 @@ -229,6 +229,8 @@ typedef struct V9fsState char *tag; enum p9_proto_version proto_version; int32_t msize; + V9fsPDU pdus[MAX_REQ]; + const struct V9fsTransport *transport; /* * lock ensuring atomic path update * on rename. @@ -342,4 +344,24 @@ void pdu_free(V9fsPDU *pdu); void pdu_submit(V9fsPDU *pdu); void v9fs_reset(V9fsState *s); +struct V9fsTransport { + ssize_t (*pdu_vmarshal)(V9fsPDU *pdu, size_t offset, const char *fmt, + va_list ap); + ssize_t (*pdu_vunmarshal)(V9fsPDU *pdu, size_t offset, const char *fmt, + va_list ap); + void (*init_in_iov_from_pdu)(V9fsPDU *pdu, struct iovec **piov, + unsigned int *pniov, size_t size); + void (*init_out_iov_from_pdu)(V9fsPDU *pdu, struct iovec **piov, + unsigned int *pniov); + void (*push_and_notify)(V9fsPDU *pdu); +}; + +static inline int v9fs_register_transport(V9fsState *s, + const struct V9fsTransport *t) +{ + assert(!s->transport); + s->transport = t; + return 0; +} + #endif diff --git a/hw/9pfs/virtio-9p-device.c b/hw/9pfs/virtio-9p-device.c index 1782e4a227..27a4a32f5c 100644 --- a/hw/9pfs/virtio-9p-device.c +++ b/hw/9pfs/virtio-9p-device.c @@ -20,7 +20,9 @@ #include "hw/virtio/virtio-access.h" #include "qemu/iov.h" -void virtio_9p_push_and_notify(V9fsPDU *pdu) +static const struct V9fsTransport virtio_9p_transport; + +static void virtio_9p_push_and_notify(V9fsPDU *pdu) { V9fsState *s = pdu->s; V9fsVirtioState *v = container_of(s, V9fsVirtioState, state); @@ -126,6 +128,7 @@ static void virtio_9p_device_realize(DeviceState *dev, Error **errp) v->config_size = sizeof(struct virtio_9p_config) + strlen(s->fsconf.tag); virtio_init(vdev, "virtio-9p", VIRTIO_ID_9P, v->config_size); v->vq = virtio_add_queue(vdev, MAX_REQ, handle_9p_output); + v9fs_register_transport(s, &virtio_9p_transport); out: return; @@ -148,8 +151,8 @@ static void virtio_9p_reset(VirtIODevice *vdev) v9fs_reset(&v->state); } -ssize_t virtio_pdu_vmarshal(V9fsPDU *pdu, size_t offset, - const char *fmt, va_list ap) +static ssize_t virtio_pdu_vmarshal(V9fsPDU *pdu, size_t offset, + const char *fmt, va_list ap) { V9fsState *s = pdu->s; V9fsVirtioState *v = container_of(s, V9fsVirtioState, state); @@ -158,8 +161,8 @@ ssize_t virtio_pdu_vmarshal(V9fsPDU *pdu, size_t offset, return v9fs_iov_vmarshal(elem->in_sg, elem->in_num, offset, 1, fmt, ap); } -ssize_t virtio_pdu_vunmarshal(V9fsPDU *pdu, size_t offset, - const char *fmt, va_list ap) +static ssize_t virtio_pdu_vunmarshal(V9fsPDU *pdu, size_t offset, + const char *fmt, va_list ap) { V9fsState *s = pdu->s; V9fsVirtioState *v = container_of(s, V9fsVirtioState, state); @@ -168,22 +171,37 @@ ssize_t virtio_pdu_vunmarshal(V9fsPDU *pdu, size_t offset, return v9fs_iov_vunmarshal(elem->out_sg, elem->out_num, offset, 1, fmt, ap); } -void virtio_init_iov_from_pdu(V9fsPDU *pdu, struct iovec **piov, - unsigned int *pniov, bool is_write) +/* The size parameter is used by other transports. Do not drop it. */ +static void virtio_init_in_iov_from_pdu(V9fsPDU *pdu, struct iovec **piov, + unsigned int *pniov, size_t size) { V9fsState *s = pdu->s; V9fsVirtioState *v = container_of(s, V9fsVirtioState, state); VirtQueueElement *elem = v->elems[pdu->idx]; - if (is_write) { - *piov = elem->out_sg; - *pniov = elem->out_num; - } else { - *piov = elem->in_sg; - *pniov = elem->in_num; - } + *piov = elem->in_sg; + *pniov = elem->in_num; } +static void virtio_init_out_iov_from_pdu(V9fsPDU *pdu, struct iovec **piov, + unsigned int *pniov) +{ + V9fsState *s = pdu->s; + V9fsVirtioState *v = container_of(s, V9fsVirtioState, state); + VirtQueueElement *elem = v->elems[pdu->idx]; + + *piov = elem->out_sg; + *pniov = elem->out_num; +} + +static const struct V9fsTransport virtio_9p_transport = { + .pdu_vmarshal = virtio_pdu_vmarshal, + .pdu_vunmarshal = virtio_pdu_vunmarshal, + .init_in_iov_from_pdu = virtio_init_in_iov_from_pdu, + .init_out_iov_from_pdu = virtio_init_out_iov_from_pdu, + .push_and_notify = virtio_9p_push_and_notify, +}; + /* virtio-9p device */ static const VMStateDescription vmstate_virtio_9p = { diff --git a/hw/9pfs/virtio-9p.h b/hw/9pfs/virtio-9p.h index 25c47c7cb6..e763da2c02 100644 --- a/hw/9pfs/virtio-9p.h +++ b/hw/9pfs/virtio-9p.h @@ -10,20 +10,10 @@ typedef struct V9fsVirtioState VirtIODevice parent_obj; VirtQueue *vq; size_t config_size; - V9fsPDU pdus[MAX_REQ]; VirtQueueElement *elems[MAX_REQ]; V9fsState state; } V9fsVirtioState; -void virtio_9p_push_and_notify(V9fsPDU *pdu); - -ssize_t virtio_pdu_vmarshal(V9fsPDU *pdu, size_t offset, - const char *fmt, va_list ap); -ssize_t virtio_pdu_vunmarshal(V9fsPDU *pdu, size_t offset, - const char *fmt, va_list ap); -void virtio_init_iov_from_pdu(V9fsPDU *pdu, struct iovec **piov, - unsigned int *pniov, bool is_write); - #define TYPE_VIRTIO_9P "virtio-9p-device" #define VIRTIO_9P(obj) \ OBJECT_CHECK(V9fsVirtioState, (obj), TYPE_VIRTIO_9P) diff --git a/hw/arm/aspeed.c b/hw/arm/aspeed.c index c7206fda6d..40c13838fb 100644 --- a/hw/arm/aspeed.c +++ b/hw/arm/aspeed.c @@ -34,13 +34,18 @@ typedef struct AspeedBoardState { typedef struct AspeedBoardConfig { const char *soc_name; uint32_t hw_strap1; + const char *fmc_model; + const char *spi_model; + uint32_t num_cs; } AspeedBoardConfig; enum { PALMETTO_BMC, AST2500_EVB, + ROMULUS_BMC, }; +/* Palmetto hardware value: 0x120CE416 */ #define PALMETTO_BMC_HW_STRAP1 ( \ SCU_AST2400_HW_STRAP_DRAM_SIZE(DRAM_SIZE_256MB) | \ SCU_AST2400_HW_STRAP_DRAM_CONFIG(2 /* DDR3 with CL=6, CWL=5 */) | \ @@ -54,6 +59,7 @@ enum { SCU_HW_STRAP_VGA_SIZE_SET(VGA_16M_DRAM) | \ SCU_AST2400_HW_STRAP_BOOT_MODE(AST2400_SPI_BOOT)) +/* AST2500 evb hardware value: 0xF100C2E6 */ #define AST2500_EVB_HW_STRAP1 (( \ AST2500_HW_STRAP1_DEFAULTS | \ SCU_AST2500_HW_STRAP_SPI_AUTOFETCH_ENABLE | \ @@ -64,9 +70,38 @@ enum { SCU_HW_STRAP_MAC0_RGMII) & \ ~SCU_HW_STRAP_2ND_BOOT_WDT) +/* Romulus hardware value: 0xF10AD206 */ +#define ROMULUS_BMC_HW_STRAP1 ( \ + AST2500_HW_STRAP1_DEFAULTS | \ + SCU_AST2500_HW_STRAP_SPI_AUTOFETCH_ENABLE | \ + SCU_AST2500_HW_STRAP_GPIO_STRAP_ENABLE | \ + SCU_AST2500_HW_STRAP_UART_DEBUG | \ + SCU_AST2500_HW_STRAP_DDR4_ENABLE | \ + SCU_AST2500_HW_STRAP_ACPI_ENABLE | \ + SCU_HW_STRAP_SPI_MODE(SCU_HW_STRAP_SPI_MASTER)) + static const AspeedBoardConfig aspeed_boards[] = { - [PALMETTO_BMC] = { "ast2400-a0", PALMETTO_BMC_HW_STRAP1 }, - [AST2500_EVB] = { "ast2500-a1", AST2500_EVB_HW_STRAP1 }, + [PALMETTO_BMC] = { + .soc_name = "ast2400-a1", + .hw_strap1 = PALMETTO_BMC_HW_STRAP1, + .fmc_model = "n25q256a", + .spi_model = "mx25l25635e", + .num_cs = 1, + }, + [AST2500_EVB] = { + .soc_name = "ast2500-a1", + .hw_strap1 = AST2500_EVB_HW_STRAP1, + .fmc_model = "n25q256a", + .spi_model = "mx25l25635e", + .num_cs = 1, + }, + [ROMULUS_BMC] = { + .soc_name = "ast2500-a1", + .hw_strap1 = ROMULUS_BMC_HW_STRAP1, + .fmc_model = "n25q256a", + .spi_model = "mx66l1g45g", + .num_cs = 2, + }, }; static void aspeed_board_init_flashes(AspeedSMCState *s, const char *flashtype, @@ -112,6 +147,8 @@ static void aspeed_board_init(MachineState *machine, &error_abort); object_property_set_int(OBJECT(&bmc->soc), cfg->hw_strap1, "hw-strap1", &error_abort); + object_property_set_int(OBJECT(&bmc->soc), cfg->num_cs, "num-cs", + &error_abort); object_property_set_bool(OBJECT(&bmc->soc), true, "realized", &error_abort); @@ -128,8 +165,8 @@ static void aspeed_board_init(MachineState *machine, object_property_add_const_link(OBJECT(&bmc->soc), "ram", OBJECT(&bmc->ram), &error_abort); - aspeed_board_init_flashes(&bmc->soc.fmc, "n25q256a", &error_abort); - aspeed_board_init_flashes(&bmc->soc.spi[0], "mx25l25635e", &error_abort); + aspeed_board_init_flashes(&bmc->soc.fmc, cfg->fmc_model, &error_abort); + aspeed_board_init_flashes(&bmc->soc.spi[0], cfg->spi_model, &error_abort); aspeed_board_binfo.kernel_filename = machine->kernel_filename; aspeed_board_binfo.initrd_filename = machine->initrd_filename; @@ -188,10 +225,35 @@ static const TypeInfo ast2500_evb_type = { .class_init = ast2500_evb_class_init, }; +static void romulus_bmc_init(MachineState *machine) +{ + aspeed_board_init(machine, &aspeed_boards[ROMULUS_BMC]); +} + +static void romulus_bmc_class_init(ObjectClass *oc, void *data) +{ + MachineClass *mc = MACHINE_CLASS(oc); + + mc->desc = "OpenPOWER Romulus BMC (ARM1176)"; + mc->init = romulus_bmc_init; + mc->max_cpus = 1; + mc->no_sdcard = 1; + mc->no_floppy = 1; + mc->no_cdrom = 1; + mc->no_parallel = 1; +} + +static const TypeInfo romulus_bmc_type = { + .name = MACHINE_TYPE_NAME("romulus-bmc"), + .parent = TYPE_MACHINE, + .class_init = romulus_bmc_class_init, +}; + static void aspeed_machine_init(void) { type_register_static(&palmetto_bmc_type); type_register_static(&ast2500_evb_type); + type_register_static(&romulus_bmc_type); } type_init(aspeed_machine_init) diff --git a/hw/arm/aspeed_soc.c b/hw/arm/aspeed_soc.c index e14f5c217e..b3e7f07b61 100644 --- a/hw/arm/aspeed_soc.c +++ b/hw/arm/aspeed_soc.c @@ -29,6 +29,7 @@ #define ASPEED_SOC_VIC_BASE 0x1E6C0000 #define ASPEED_SOC_SDMC_BASE 0x1E6E0000 #define ASPEED_SOC_SCU_BASE 0x1E6E2000 +#define ASPEED_SOC_SRAM_BASE 0x1E720000 #define ASPEED_SOC_TIMER_BASE 0x1E782000 #define ASPEED_SOC_I2C_BASE 0x1E78A000 @@ -47,15 +48,47 @@ static const char *aspeed_soc_ast2500_typenames[] = { "aspeed.smc.ast2500-spi1", "aspeed.smc.ast2500-spi2" }; static const AspeedSoCInfo aspeed_socs[] = { - { "ast2400-a0", "arm926", AST2400_A0_SILICON_REV, AST2400_SDRAM_BASE, - 1, aspeed_soc_ast2400_spi_bases, - "aspeed.smc.fmc", aspeed_soc_ast2400_typenames }, - { "ast2400", "arm926", AST2400_A0_SILICON_REV, AST2400_SDRAM_BASE, - 1, aspeed_soc_ast2400_spi_bases, - "aspeed.smc.fmc", aspeed_soc_ast2400_typenames }, - { "ast2500-a1", "arm1176", AST2500_A1_SILICON_REV, AST2500_SDRAM_BASE, - 2, aspeed_soc_ast2500_spi_bases, - "aspeed.smc.ast2500-fmc", aspeed_soc_ast2500_typenames }, + { + .name = "ast2400-a0", + .cpu_model = "arm926", + .silicon_rev = AST2400_A0_SILICON_REV, + .sdram_base = AST2400_SDRAM_BASE, + .sram_size = 0x8000, + .spis_num = 1, + .spi_bases = aspeed_soc_ast2400_spi_bases, + .fmc_typename = "aspeed.smc.fmc", + .spi_typename = aspeed_soc_ast2400_typenames, + }, { + .name = "ast2400-a1", + .cpu_model = "arm926", + .silicon_rev = AST2400_A1_SILICON_REV, + .sdram_base = AST2400_SDRAM_BASE, + .sram_size = 0x8000, + .spis_num = 1, + .spi_bases = aspeed_soc_ast2400_spi_bases, + .fmc_typename = "aspeed.smc.fmc", + .spi_typename = aspeed_soc_ast2400_typenames, + }, { + .name = "ast2400", + .cpu_model = "arm926", + .silicon_rev = AST2400_A0_SILICON_REV, + .sdram_base = AST2400_SDRAM_BASE, + .sram_size = 0x8000, + .spis_num = 1, + .spi_bases = aspeed_soc_ast2400_spi_bases, + .fmc_typename = "aspeed.smc.fmc", + .spi_typename = aspeed_soc_ast2400_typenames, + }, { + .name = "ast2500-a1", + .cpu_model = "arm1176", + .silicon_rev = AST2500_A1_SILICON_REV, + .sdram_base = AST2500_SDRAM_BASE, + .sram_size = 0x9000, + .spis_num = 2, + .spi_bases = aspeed_soc_ast2500_spi_bases, + .fmc_typename = "aspeed.smc.ast2500-fmc", + .spi_typename = aspeed_soc_ast2500_typenames, + }, }; /* @@ -87,9 +120,13 @@ static void aspeed_soc_init(Object *obj) { AspeedSoCState *s = ASPEED_SOC(obj); AspeedSoCClass *sc = ASPEED_SOC_GET_CLASS(s); + char *cpu_typename; int i; - s->cpu = cpu_arm_init(sc->info->cpu_model); + cpu_typename = g_strdup_printf("%s-" TYPE_ARM_CPU, sc->info->cpu_model); + object_initialize(&s->cpu, sizeof(s->cpu), cpu_typename); + object_property_add_child(obj, "cpu", OBJECT(&s->cpu), NULL); + g_free(cpu_typename); object_initialize(&s->vic, sizeof(s->vic), TYPE_ASPEED_VIC); object_property_add_child(obj, "vic", OBJECT(&s->vic), NULL); @@ -116,11 +153,13 @@ static void aspeed_soc_init(Object *obj) object_initialize(&s->fmc, sizeof(s->fmc), sc->info->fmc_typename); object_property_add_child(obj, "fmc", OBJECT(&s->fmc), NULL); qdev_set_parent_bus(DEVICE(&s->fmc), sysbus_get_default()); + object_property_add_alias(obj, "num-cs", OBJECT(&s->fmc), "num-cs", + &error_abort); for (i = 0; i < sc->info->spis_num; i++) { object_initialize(&s->spi[i], sizeof(s->spi[i]), sc->info->spi_typename[i]); - object_property_add_child(obj, "spi", OBJECT(&s->spi[i]), NULL); + object_property_add_child(obj, "spi[*]", OBJECT(&s->spi[i]), NULL); qdev_set_parent_bus(DEVICE(&s->spi[i]), sysbus_get_default()); } @@ -146,6 +185,24 @@ static void aspeed_soc_realize(DeviceState *dev, Error **errp) memory_region_add_subregion_overlap(get_system_memory(), ASPEED_SOC_IOMEM_BASE, &s->iomem, -1); + /* CPU */ + object_property_set_bool(OBJECT(&s->cpu), true, "realized", &err); + if (err) { + error_propagate(errp, err); + return; + } + + /* SRAM */ + memory_region_init_ram(&s->sram, OBJECT(dev), "aspeed.sram", + sc->info->sram_size, &err); + if (err) { + error_propagate(errp, err); + return; + } + vmstate_register_ram_global(&s->sram); + memory_region_add_subregion(get_system_memory(), ASPEED_SOC_SRAM_BASE, + &s->sram); + /* VIC */ object_property_set_bool(OBJECT(&s->vic), true, "realized", &err); if (err) { @@ -154,9 +211,9 @@ static void aspeed_soc_realize(DeviceState *dev, Error **errp) } sysbus_mmio_map(SYS_BUS_DEVICE(&s->vic), 0, ASPEED_SOC_VIC_BASE); sysbus_connect_irq(SYS_BUS_DEVICE(&s->vic), 0, - qdev_get_gpio_in(DEVICE(s->cpu), ARM_CPU_IRQ)); + qdev_get_gpio_in(DEVICE(&s->cpu), ARM_CPU_IRQ)); sysbus_connect_irq(SYS_BUS_DEVICE(&s->vic), 1, - qdev_get_gpio_in(DEVICE(s->cpu), ARM_CPU_FIQ)); + qdev_get_gpio_in(DEVICE(&s->cpu), ARM_CPU_FIQ)); /* Timer */ object_property_set_bool(OBJECT(&s->timerctrl), true, "realized", &err); @@ -195,10 +252,8 @@ static void aspeed_soc_realize(DeviceState *dev, Error **errp) sysbus_connect_irq(SYS_BUS_DEVICE(&s->i2c), 0, qdev_get_gpio_in(DEVICE(&s->vic), 12)); - /* FMC */ - object_property_set_int(OBJECT(&s->fmc), 1, "num-cs", &err); - object_property_set_bool(OBJECT(&s->fmc), true, "realized", &local_err); - error_propagate(&err, local_err); + /* FMC, The number of CS is set at the board level */ + object_property_set_bool(OBJECT(&s->fmc), true, "realized", &err); if (err) { error_propagate(errp, err); return; @@ -240,12 +295,6 @@ static void aspeed_soc_class_init(ObjectClass *oc, void *data) sc->info = (AspeedSoCInfo *) data; dc->realize = aspeed_soc_realize; - - /* - * Reason: creates an ARM CPU, thus use after free(), see - * arm_cpu_class_init() - */ - dc->cannot_destroy_with_object_finalize_yet = true; } static const TypeInfo aspeed_soc_type_info = { diff --git a/hw/arm/pxa2xx.c b/hw/arm/pxa2xx.c index 21ea1d6210..bdcf6bcce7 100644 --- a/hw/arm/pxa2xx.c +++ b/hw/arm/pxa2xx.c @@ -1449,17 +1449,10 @@ static const VMStateDescription vmstate_pxa2xx_i2c = { } }; -static int pxa2xx_i2c_slave_init(I2CSlave *i2c) -{ - /* Nothing to do. */ - return 0; -} - static void pxa2xx_i2c_slave_class_init(ObjectClass *klass, void *data) { I2CSlaveClass *k = I2C_SLAVE_CLASS(klass); - k->init = pxa2xx_i2c_slave_init; k->event = pxa2xx_i2c_event; k->recv = pxa2xx_i2c_rx; k->send = pxa2xx_i2c_tx; @@ -2070,7 +2063,7 @@ PXA2xxState *pxa270_init(MemoryRegion *address_space, } if (!revision) revision = "pxa270"; - + s->cpu = cpu_arm_init(revision); if (s->cpu == NULL) { fprintf(stderr, "Unable to find CPU definition\n"); diff --git a/hw/arm/tosa.c b/hw/arm/tosa.c index 1ee12f49b3..39d9dbbae6 100644 --- a/hw/arm/tosa.c +++ b/hw/arm/tosa.c @@ -202,12 +202,6 @@ static int tosa_dac_recv(I2CSlave *s) return -1; } -static int tosa_dac_init(I2CSlave *i2c) -{ - /* Nothing to do. */ - return 0; -} - static void tosa_tg_init(PXA2xxState *cpu) { I2CBus *bus = pxa2xx_i2c_bus(cpu->i2c[0]); @@ -275,7 +269,6 @@ static void tosa_dac_class_init(ObjectClass *klass, void *data) { I2CSlaveClass *k = I2C_SLAVE_CLASS(klass); - k->init = tosa_dac_init; k->event = tosa_dac_event; k->recv = tosa_dac_recv; k->send = tosa_dac_send; diff --git a/hw/arm/virt.c b/hw/arm/virt.c index d04e4acbd9..11c53a56e0 100644 --- a/hw/arm/virt.c +++ b/hw/arm/virt.c @@ -1525,7 +1525,7 @@ static void machvirt_machine_init(void) } type_init(machvirt_machine_init); -static void virt_2_8_instance_init(Object *obj) +static void virt_2_9_instance_init(Object *obj) { VirtMachineState *vms = VIRT_MACHINE(obj); @@ -1558,10 +1558,25 @@ static void virt_2_8_instance_init(Object *obj) "Valid values are 2, 3 and host", NULL); } +static void virt_machine_2_9_options(MachineClass *mc) +{ +} +DEFINE_VIRT_MACHINE_AS_LATEST(2, 9) + +#define VIRT_COMPAT_2_8 \ + HW_COMPAT_2_8 + +static void virt_2_8_instance_init(Object *obj) +{ + virt_2_9_instance_init(obj); +} + static void virt_machine_2_8_options(MachineClass *mc) { + virt_machine_2_9_options(mc); + SET_MACHINE_COMPAT(mc, VIRT_COMPAT_2_8); } -DEFINE_VIRT_MACHINE_AS_LATEST(2, 8) +DEFINE_VIRT_MACHINE(2, 8) #define VIRT_COMPAT_2_7 \ HW_COMPAT_2_7 diff --git a/hw/arm/z2.c b/hw/arm/z2.c index 68a92f3184..b3a6bbd210 100644 --- a/hw/arm/z2.c +++ b/hw/arm/z2.c @@ -263,12 +263,6 @@ static int aer915_recv(I2CSlave *slave) return retval; } -static int aer915_init(I2CSlave *i2c) -{ - /* Nothing to do. */ - return 0; -} - static VMStateDescription vmstate_aer915_state = { .name = "aer915", .version_id = 1, @@ -285,7 +279,6 @@ static void aer915_class_init(ObjectClass *klass, void *data) DeviceClass *dc = DEVICE_CLASS(klass); I2CSlaveClass *k = I2C_SLAVE_CLASS(klass); - k->init = aer915_init; k->event = aer915_event; k->recv = aer915_recv; k->send = aer915_send; diff --git a/hw/block/m25p80.c b/hw/block/m25p80.c index d29ff4cb4f..e3c1166ea6 100644 --- a/hw/block/m25p80.c +++ b/hw/block/m25p80.c @@ -203,6 +203,7 @@ static const FlashPartInfo known_devices[] = { { INFO("mx25l25655e", 0xc22619, 0, 64 << 10, 512, 0) }, { INFO("mx66u51235f", 0xc2253a, 0, 64 << 10, 1024, ER_4K | ER_32K) }, { INFO("mx66u1g45g", 0xc2253b, 0, 64 << 10, 2048, ER_4K | ER_32K) }, + { INFO("mx66l1g45g", 0xc2201b, 0, 64 << 10, 2048, ER_4K | ER_32K) }, /* Micron */ { INFO("n25q032a11", 0x20bb16, 0, 64 << 10, 64, ER_4K) }, diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c index 0c5fd27593..50bb0cbb93 100644 --- a/hw/block/virtio-blk.c +++ b/hw/block/virtio-blk.c @@ -588,13 +588,19 @@ void virtio_blk_handle_vq(VirtIOBlock *s, VirtQueue *vq) blk_io_plug(s->blk); - while ((req = virtio_blk_get_request(s, vq))) { - if (virtio_blk_handle_request(req, &mrb)) { - virtqueue_detach_element(req->vq, &req->elem, 0); - virtio_blk_free_request(req); - break; + do { + virtio_queue_set_notification(vq, 0); + + while ((req = virtio_blk_get_request(s, vq))) { + if (virtio_blk_handle_request(req, &mrb)) { + virtqueue_detach_element(req->vq, &req->elem, 0); + virtio_blk_free_request(req); + break; + } } - } + + virtio_queue_set_notification(vq, 1); + } while (!virtio_queue_empty(vq)); if (mrb.num_reqs) { virtio_blk_submit_multireq(s->blk, &mrb); diff --git a/hw/char/cadence_uart.c b/hw/char/cadence_uart.c index 0215d6518d..4dcee571c0 100644 --- a/hw/char/cadence_uart.c +++ b/hw/char/cadence_uart.c @@ -138,9 +138,10 @@ static void fifo_trigger_update(void *opaque) { CadenceUARTState *s = opaque; - s->r[R_CISR] |= UART_INTR_TIMEOUT; - - uart_update_status(s); + if (s->r[R_RTOR]) { + s->r[R_CISR] |= UART_INTR_TIMEOUT; + uart_update_status(s); + } } static void uart_rx_reset(CadenceUARTState *s) @@ -502,6 +503,13 @@ static int cadence_uart_post_load(void *opaque, int version_id) { CadenceUARTState *s = opaque; + /* Ensure these two aren't invalid numbers */ + if (s->r[R_BRGR] < 1 || s->r[R_BRGR] & ~0xFFFF || + s->r[R_BDIV] <= 3 || s->r[R_BDIV] & ~0xFF) { + /* Value is invalid, abort */ + return 1; + } + uart_parameters_setup(s); uart_update_status(s); return 0; diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c index 23f39de94d..b13ced38fa 100644 --- a/hw/display/virtio-gpu-3d.c +++ b/hw/display/virtio-gpu-3d.c @@ -291,8 +291,11 @@ static void virgl_resource_attach_backing(VirtIOGPU *g, return; } - virgl_renderer_resource_attach_iov(att_rb.resource_id, - res_iovs, att_rb.nr_entries); + ret = virgl_renderer_resource_attach_iov(att_rb.resource_id, + res_iovs, att_rb.nr_entries); + + if (ret != 0) + virtio_gpu_cleanup_mapping_iov(res_iovs, att_rb.nr_entries); } static void virgl_resource_detach_backing(VirtIOGPU *g, @@ -371,8 +374,12 @@ static void virgl_cmd_get_capset(VirtIOGPU *g, virgl_renderer_get_cap_set(gc.capset_id, &max_ver, &max_size); - resp = g_malloc(sizeof(*resp) + max_size); + if (!max_size) { + cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER; + return; + } + resp = g_malloc(sizeof(*resp) + max_size); resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET; virgl_renderer_fill_caps(gc.capset_id, gc.capset_version, diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c index 5f32e1aae9..ca88cf478d 100644 --- a/hw/display/virtio-gpu.c +++ b/hw/display/virtio-gpu.c @@ -28,6 +28,8 @@ static struct virtio_gpu_simple_resource* virtio_gpu_find_resource(VirtIOGPU *g, uint32_t resource_id); +static void virtio_gpu_cleanup_mapping(struct virtio_gpu_simple_resource *res); + #ifdef CONFIG_VIRGL #include <virglrenderer.h> #define VIRGL(_g, _virgl, _simple, ...) \ @@ -338,10 +340,14 @@ static void virtio_gpu_resource_create_2d(VirtIOGPU *g, cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER; return; } - res->image = pixman_image_create_bits(pformat, - c2d.width, - c2d.height, - NULL, 0); + + res->hostmem = PIXMAN_FORMAT_BPP(pformat) * c2d.width * c2d.height; + if (res->hostmem + g->hostmem < g->conf.max_hostmem) { + res->image = pixman_image_create_bits(pformat, + c2d.width, + c2d.height, + NULL, 0); + } if (!res->image) { qemu_log_mask(LOG_GUEST_ERROR, @@ -353,13 +359,16 @@ static void virtio_gpu_resource_create_2d(VirtIOGPU *g, } QTAILQ_INSERT_HEAD(&g->reslist, res, next); + g->hostmem += res->hostmem; } static void virtio_gpu_resource_destroy(VirtIOGPU *g, struct virtio_gpu_simple_resource *res) { pixman_image_unref(res->image); + virtio_gpu_cleanup_mapping(res); QTAILQ_REMOVE(&g->reslist, res, next); + g->hostmem -= res->hostmem; g_free(res); } @@ -705,6 +714,11 @@ virtio_gpu_resource_attach_backing(VirtIOGPU *g, return; } + if (res->iov) { + cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; + return; + } + ret = virtio_gpu_create_mapping_iov(&ab, cmd, &res->addrs, &res->iov); if (ret != 0) { cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; @@ -1241,6 +1255,8 @@ static const VMStateDescription vmstate_virtio_gpu = { static Property virtio_gpu_properties[] = { DEFINE_PROP_UINT32("max_outputs", VirtIOGPU, conf.max_outputs, 1), + DEFINE_PROP_SIZE("max_hostmem", VirtIOGPU, conf.max_hostmem, + 256 * 1024 * 1024), #ifdef CONFIG_VIRGL DEFINE_PROP_BIT("virgl", VirtIOGPU, conf.flags, VIRTIO_GPU_FLAG_VIRGL_ENABLED, true), diff --git a/hw/i2c/core.c b/hw/i2c/core.c index abd4c4cddb..e40781ea3b 100644 --- a/hw/i2c/core.c +++ b/hw/i2c/core.c @@ -260,7 +260,11 @@ static int i2c_slave_qdev_init(DeviceState *dev) I2CSlave *s = I2C_SLAVE(dev); I2CSlaveClass *sc = I2C_SLAVE_GET_CLASS(s); - return sc->init(s); + if (sc->init) { + return sc->init(s); + } + + return 0; } DeviceState *i2c_create_slave(I2CBus *bus, const char *name, uint8_t addr) diff --git a/hw/intc/arm_gicv3.c b/hw/intc/arm_gicv3.c index 8a6c647219..f0c967b304 100644 --- a/hw/intc/arm_gicv3.c +++ b/hw/intc/arm_gicv3.c @@ -54,6 +54,7 @@ static uint32_t gicd_int_pending(GICv3State *s, int irq) * + the PENDING latch is set OR it is level triggered and the input is 1 * + its ENABLE bit is set * + the GICD enable bit for its group is set + * + its ACTIVE bit is not set (otherwise it would be Active+Pending) * Conveniently we can bulk-calculate this with bitwise operations. */ uint32_t pend, grpmask; @@ -63,9 +64,11 @@ static uint32_t gicd_int_pending(GICv3State *s, int irq) uint32_t group = *gic_bmp_ptr32(s->group, irq); uint32_t grpmod = *gic_bmp_ptr32(s->grpmod, irq); uint32_t enable = *gic_bmp_ptr32(s->enabled, irq); + uint32_t active = *gic_bmp_ptr32(s->active, irq); pend = pending | (~edge_trigger & level); pend &= enable; + pend &= ~active; if (s->gicd_ctlr & GICD_CTLR_DS) { grpmod = 0; @@ -96,12 +99,14 @@ static uint32_t gicr_int_pending(GICv3CPUState *cs) * + the PENDING latch is set OR it is level triggered and the input is 1 * + its ENABLE bit is set * + the GICD enable bit for its group is set + * + its ACTIVE bit is not set (otherwise it would be Active+Pending) * Conveniently we can bulk-calculate this with bitwise operations. */ uint32_t pend, grpmask, grpmod; pend = cs->gicr_ipendr0 | (~cs->edge_trigger & cs->level); pend &= cs->gicr_ienabler0; + pend &= ~cs->gicr_iactiver0; if (cs->gic->gicd_ctlr & GICD_CTLR_DS) { grpmod = 0; diff --git a/hw/intc/arm_gicv3_common.c b/hw/intc/arm_gicv3_common.c index 0f8c4b86e0..0aa9b9ca66 100644 --- a/hw/intc/arm_gicv3_common.c +++ b/hw/intc/arm_gicv3_common.c @@ -204,7 +204,8 @@ static void arm_gicv3_common_realize(DeviceState *dev, Error **errp) /* The CPU mp-affinity property is in MPIDR register format; squash * the affinity bytes into 32 bits as the GICR_TYPER has them. */ - cpu_affid = (cpu_affid & 0xFF00000000ULL >> 8) | (cpu_affid & 0xFFFFFF); + cpu_affid = ((cpu_affid & 0xFF00000000ULL) >> 8) | + (cpu_affid & 0xFFFFFF); s->cpu[i].gicr_typer = (cpu_affid << 32) | (1 << 24) | (i << 8) | diff --git a/hw/intc/arm_gicv3_cpuif.c b/hw/intc/arm_gicv3_cpuif.c index bca30c49da..35e8eb30fc 100644 --- a/hw/intc/arm_gicv3_cpuif.c +++ b/hw/intc/arm_gicv3_cpuif.c @@ -1118,35 +1118,35 @@ static const ARMCPRegInfo gicv3_cpuif_reginfo[] = { .opc0 = 3, .opc1 = 0, .crn = 12, .crm = 8, .opc2 = 3, .type = ARM_CP_IO | ARM_CP_NO_RAW, .access = PL1_RW, .accessfn = gicv3_fiq_access, - .fieldoffset = offsetof(GICv3CPUState, icc_bpr[GICV3_G0]), + .readfn = icc_bpr_read, .writefn = icc_bpr_write, }, { .name = "ICC_AP0R0_EL1", .state = ARM_CP_STATE_BOTH, .opc0 = 3, .opc1 = 0, .crn = 12, .crm = 8, .opc2 = 4, .type = ARM_CP_IO | ARM_CP_NO_RAW, .access = PL1_RW, .accessfn = gicv3_fiq_access, - .fieldoffset = offsetof(GICv3CPUState, icc_apr[GICV3_G0][0]), + .readfn = icc_ap_read, .writefn = icc_ap_write, }, { .name = "ICC_AP0R1_EL1", .state = ARM_CP_STATE_BOTH, .opc0 = 3, .opc1 = 0, .crn = 12, .crm = 8, .opc2 = 5, .type = ARM_CP_IO | ARM_CP_NO_RAW, .access = PL1_RW, .accessfn = gicv3_fiq_access, - .fieldoffset = offsetof(GICv3CPUState, icc_apr[GICV3_G0][1]), + .readfn = icc_ap_read, .writefn = icc_ap_write, }, { .name = "ICC_AP0R2_EL1", .state = ARM_CP_STATE_BOTH, .opc0 = 3, .opc1 = 0, .crn = 12, .crm = 8, .opc2 = 6, .type = ARM_CP_IO | ARM_CP_NO_RAW, .access = PL1_RW, .accessfn = gicv3_fiq_access, - .fieldoffset = offsetof(GICv3CPUState, icc_apr[GICV3_G0][2]), + .readfn = icc_ap_read, .writefn = icc_ap_write, }, { .name = "ICC_AP0R3_EL1", .state = ARM_CP_STATE_BOTH, .opc0 = 3, .opc1 = 0, .crn = 12, .crm = 8, .opc2 = 7, .type = ARM_CP_IO | ARM_CP_NO_RAW, .access = PL1_RW, .accessfn = gicv3_fiq_access, - .fieldoffset = offsetof(GICv3CPUState, icc_apr[GICV3_G0][3]), + .readfn = icc_ap_read, .writefn = icc_ap_write, }, /* All the ICC_AP1R*_EL1 registers are banked */ @@ -1275,7 +1275,7 @@ static const ARMCPRegInfo gicv3_cpuif_reginfo[] = { .opc0 = 3, .opc1 = 0, .crn = 12, .crm = 12, .opc2 = 6, .type = ARM_CP_IO | ARM_CP_NO_RAW, .access = PL1_RW, .accessfn = gicv3_fiq_access, - .fieldoffset = offsetof(GICv3CPUState, icc_igrpen[GICV3_G0]), + .readfn = icc_igrpen_read, .writefn = icc_igrpen_write, }, /* This register is banked */ @@ -1299,7 +1299,6 @@ static const ARMCPRegInfo gicv3_cpuif_reginfo[] = { .opc0 = 3, .opc1 = 6, .crn = 12, .crm = 12, .opc2 = 4, .type = ARM_CP_IO | ARM_CP_NO_RAW, .access = PL3_RW, - .fieldoffset = offsetof(GICv3CPUState, icc_ctlr_el3), .readfn = icc_ctlr_el3_read, .writefn = icc_ctlr_el3_write, }, diff --git a/hw/misc/aspeed_scu.c b/hw/misc/aspeed_scu.c index b1f3e6f6b8..95022d3607 100644 --- a/hw/misc/aspeed_scu.c +++ b/hw/misc/aspeed_scu.c @@ -86,7 +86,7 @@ #define BMC_DEV_ID TO_REG(0x1A4) #define PROT_KEY_UNLOCK 0x1688A8A8 -#define SCU_IO_REGION_SIZE 0x20000 +#define SCU_IO_REGION_SIZE 0x1000 static const uint32_t ast2400_a0_resets[ASPEED_SCU_NR_REGS] = { [SYS_RST_CTRL] = 0xFFCFFEDCU, @@ -231,6 +231,7 @@ static void aspeed_scu_reset(DeviceState *dev) switch (s->silicon_rev) { case AST2400_A0_SILICON_REV: + case AST2400_A1_SILICON_REV: reset = ast2400_a0_resets; break; case AST2500_A0_SILICON_REV: @@ -249,6 +250,7 @@ static void aspeed_scu_reset(DeviceState *dev) static uint32_t aspeed_silicon_revs[] = { AST2400_A0_SILICON_REV, + AST2400_A1_SILICON_REV, AST2500_A0_SILICON_REV, AST2500_A1_SILICON_REV, }; diff --git a/hw/misc/aspeed_sdmc.c b/hw/misc/aspeed_sdmc.c index 8830dc084c..5f3ac0b6f6 100644 --- a/hw/misc/aspeed_sdmc.c +++ b/hw/misc/aspeed_sdmc.c @@ -119,6 +119,7 @@ static void aspeed_sdmc_write(void *opaque, hwaddr addr, uint64_t data, /* Make sure readonly bits are kept */ switch (s->silicon_rev) { case AST2400_A0_SILICON_REV: + case AST2400_A1_SILICON_REV: data &= ~ASPEED_SDMC_READONLY_MASK; break; case AST2500_A0_SILICON_REV: @@ -193,6 +194,7 @@ static void aspeed_sdmc_reset(DeviceState *dev) /* Set ram size bit and defaults values */ switch (s->silicon_rev) { case AST2400_A0_SILICON_REV: + case AST2400_A1_SILICON_REV: s->regs[R_CONF] |= ASPEED_SDMC_VGA_COMPAT | ASPEED_SDMC_DRAM_SIZE(s->ram_bits); @@ -224,6 +226,7 @@ static void aspeed_sdmc_realize(DeviceState *dev, Error **errp) switch (s->silicon_rev) { case AST2400_A0_SILICON_REV: + case AST2400_A1_SILICON_REV: s->ram_bits = ast2400_rambits(s); break; case AST2500_A0_SILICON_REV: diff --git a/hw/net/fsl_etsec/rings.c b/hw/net/fsl_etsec/rings.c index 54c01275d4..d0f93eebfc 100644 --- a/hw/net/fsl_etsec/rings.c +++ b/hw/net/fsl_etsec/rings.c @@ -358,25 +358,24 @@ void etsec_walk_tx_ring(eTSEC *etsec, int ring_nbr) /* Save flags before BD update */ bd_flags = bd.flags; - if (bd_flags & BD_TX_READY) { - process_tx_bd(etsec, &bd); - - /* Write back BD after update */ - write_buffer_descriptor(etsec, bd_addr, &bd); + if (!(bd_flags & BD_TX_READY)) { + break; } + process_tx_bd(etsec, &bd); + /* Write back BD after update */ + write_buffer_descriptor(etsec, bd_addr, &bd); + /* Wrap or next BD */ if (bd_flags & BD_WRAP) { bd_addr = ring_base; } else { bd_addr += sizeof(eTSEC_rxtx_bd); } + } while (TRUE); - } while (bd_addr != ring_base); - - bd_addr = ring_base; - - /* Save the Buffer Descriptor Pointers to current bd */ + /* Save the Buffer Descriptor Pointers to last bd that was not + * succesfully closed */ etsec->regs[TBPTR0 + ring_nbr].value = bd_addr; /* Set transmit halt THLTx */ diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c index f05e59c85f..671c7e48c6 100644 --- a/hw/net/rtl8139.c +++ b/hw/net/rtl8139.c @@ -1205,6 +1205,20 @@ static void rtl8139_reset_rxring(RTL8139State *s, uint32_t bufferSize) s->RxBufAddr = 0; } +static void rtl8139_reset_phy(RTL8139State *s) +{ + s->BasicModeStatus = 0x7809; + s->BasicModeStatus |= 0x0020; /* autonegotiation completed */ + /* preserve link state */ + s->BasicModeStatus |= qemu_get_queue(s->nic)->link_down ? 0 : 0x04; + + s->NWayAdvert = 0x05e1; /* all modes, full duplex */ + s->NWayLPAR = 0x05e1; /* all modes, full duplex */ + s->NWayExpansion = 0x0001; /* autonegotiation supported */ + + s->CSCR = CSCR_F_LINK_100 | CSCR_HEART_BIT | CSCR_LD; +} + static void rtl8139_reset(DeviceState *d) { RTL8139State *s = RTL8139(d); @@ -1256,25 +1270,14 @@ static void rtl8139_reset(DeviceState *d) s->Config3 = 0x1; /* fast back-to-back compatible */ s->Config5 = 0x0; - s->CSCR = CSCR_F_LINK_100 | CSCR_HEART_BIT | CSCR_LD; - s->CpCmd = 0x0; /* reset C+ mode */ s->cplus_enabled = 0; - // s->BasicModeCtrl = 0x3100; // 100Mbps, full duplex, autonegotiation // s->BasicModeCtrl = 0x2100; // 100Mbps, full duplex s->BasicModeCtrl = 0x1000; // autonegotiation - s->BasicModeStatus = 0x7809; - //s->BasicModeStatus |= 0x0040; /* UTP medium */ - s->BasicModeStatus |= 0x0020; /* autonegotiation completed */ - /* preserve link state */ - s->BasicModeStatus |= qemu_get_queue(s->nic)->link_down ? 0 : 0x04; - - s->NWayAdvert = 0x05e1; /* all modes, full duplex */ - s->NWayLPAR = 0x05e1; /* all modes, full duplex */ - s->NWayExpansion = 0x0001; /* autonegotiation supported */ + rtl8139_reset_phy(s); /* also reset timer and disable timer interrupt */ s->TCTR = 0; @@ -1469,7 +1472,7 @@ static void rtl8139_BasicModeCtrl_write(RTL8139State *s, uint32_t val) DPRINTF("BasicModeCtrl register write(w) val=0x%04x\n", val); /* mask unwritable bits */ - uint32_t mask = 0x4cff; + uint32_t mask = 0xccff; if (1 || !rtl8139_config_writable(s)) { @@ -1479,6 +1482,11 @@ static void rtl8139_BasicModeCtrl_write(RTL8139State *s, uint32_t val) mask |= 0x0100; } + if (val & 0x8000) { + /* Reset PHY */ + rtl8139_reset_phy(s); + } + val = SET_MASKED(val, mask, s->BasicModeCtrl); s->BasicModeCtrl = val; diff --git a/hw/scsi/virtio-scsi.c b/hw/scsi/virtio-scsi.c index 34bba35d83..204e14f237 100644 --- a/hw/scsi/virtio-scsi.c +++ b/hw/scsi/virtio-scsi.c @@ -592,26 +592,32 @@ static void virtio_scsi_handle_cmd_req_submit(VirtIOSCSI *s, VirtIOSCSIReq *req) void virtio_scsi_handle_cmd_vq(VirtIOSCSI *s, VirtQueue *vq) { VirtIOSCSIReq *req, *next; - int ret; + int ret = 0; QTAILQ_HEAD(, VirtIOSCSIReq) reqs = QTAILQ_HEAD_INITIALIZER(reqs); - while ((req = virtio_scsi_pop_req(s, vq))) { - ret = virtio_scsi_handle_cmd_req_prepare(s, req); - if (!ret) { - QTAILQ_INSERT_TAIL(&reqs, req, next); - } else if (ret == -EINVAL) { - /* The device is broken and shouldn't process any request */ - while (!QTAILQ_EMPTY(&reqs)) { - req = QTAILQ_FIRST(&reqs); - QTAILQ_REMOVE(&reqs, req, next); - blk_io_unplug(req->sreq->dev->conf.blk); - scsi_req_unref(req->sreq); - virtqueue_detach_element(req->vq, &req->elem, 0); - virtio_scsi_free_req(req); + do { + virtio_queue_set_notification(vq, 0); + + while ((req = virtio_scsi_pop_req(s, vq))) { + ret = virtio_scsi_handle_cmd_req_prepare(s, req); + if (!ret) { + QTAILQ_INSERT_TAIL(&reqs, req, next); + } else if (ret == -EINVAL) { + /* The device is broken and shouldn't process any request */ + while (!QTAILQ_EMPTY(&reqs)) { + req = QTAILQ_FIRST(&reqs); + QTAILQ_REMOVE(&reqs, req, next); + blk_io_unplug(req->sreq->dev->conf.blk); + scsi_req_unref(req->sreq); + virtqueue_detach_element(req->vq, &req->elem, 0); + virtio_scsi_free_req(req); + } } } - } + + virtio_queue_set_notification(vq, 1); + } while (ret != -EINVAL && !virtio_queue_empty(vq)); QTAILQ_FOREACH_SAFE(req, &reqs, next, next) { virtio_scsi_handle_cmd_req_submit(s, req); diff --git a/hw/ssi/aspeed_smc.c b/hw/ssi/aspeed_smc.c index 6e8403ebc2..78f5aed532 100644 --- a/hw/ssi/aspeed_smc.c +++ b/hw/ssi/aspeed_smc.c @@ -253,7 +253,8 @@ static void aspeed_smc_flash_set_segment(AspeedSMCState *s, int cs, qemu_log_mask(LOG_GUEST_ERROR, "%s: Tried to change CS0 start address to 0x%" HWADDR_PRIx "\n", s->ctrl->name, seg.addr); - return; + seg.addr = s->ctrl->flash_window_base; + new = aspeed_smc_segment_to_reg(&seg); } /* @@ -267,8 +268,10 @@ static void aspeed_smc_flash_set_segment(AspeedSMCState *s, int cs, s->ctrl->segments[cs].size) { qemu_log_mask(LOG_GUEST_ERROR, "%s: Tried to change CS%d end address to 0x%" - HWADDR_PRIx "\n", s->ctrl->name, cs, seg.addr); - return; + HWADDR_PRIx "\n", s->ctrl->name, cs, seg.addr + seg.size); + seg.size = s->ctrl->segments[cs].addr + s->ctrl->segments[cs].size - + seg.addr; + new = aspeed_smc_segment_to_reg(&seg); } /* Keep the segment in the overall flash window */ @@ -281,16 +284,14 @@ static void aspeed_smc_flash_set_segment(AspeedSMCState *s, int cs, } /* Check start address vs. alignment */ - if (seg.addr % seg.size) { + if (seg.size && !QEMU_IS_ALIGNED(seg.addr, seg.size)) { qemu_log_mask(LOG_GUEST_ERROR, "%s: new segment for CS%d is not " "aligned : [ 0x%"HWADDR_PRIx" - 0x%"HWADDR_PRIx" ]\n", s->ctrl->name, cs, seg.addr, seg.addr + seg.size); } - /* And segments should not overlap */ - if (aspeed_smc_flash_overlap(s, &seg, cs)) { - return; - } + /* And segments should not overlap (in the specs) */ + aspeed_smc_flash_overlap(s, &seg, cs); /* All should be fine now to move the region */ memory_region_transaction_begin(); diff --git a/hw/timer/ds1338.c b/hw/timer/ds1338.c index 0112949e23..f5d04dd5d7 100644 --- a/hw/timer/ds1338.c +++ b/hw/timer/ds1338.c @@ -198,11 +198,6 @@ static int ds1338_send(I2CSlave *i2c, uint8_t data) return 0; } -static int ds1338_init(I2CSlave *i2c) -{ - return 0; -} - static void ds1338_reset(DeviceState *dev) { DS1338State *s = DS1338(dev); @@ -220,7 +215,6 @@ static void ds1338_class_init(ObjectClass *klass, void *data) DeviceClass *dc = DEVICE_CLASS(klass); I2CSlaveClass *k = I2C_SLAVE_CLASS(klass); - k->init = ds1338_init; k->event = ds1338_event; k->recv = ds1338_recv; k->send = ds1338_send; diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c index 1af2de2714..d40711a31d 100644 --- a/hw/virtio/virtio.c +++ b/hw/virtio/virtio.c @@ -87,8 +87,8 @@ struct VirtQueue /* Last used index value we have signalled on */ bool signalled_used_valid; - /* Notification enabled? */ - bool notification; + /* Nested host->guest notification disabled counter */ + unsigned int notification_disabled; uint16_t queue_index; @@ -201,7 +201,7 @@ static inline void vring_used_flags_unset_bit(VirtQueue *vq, int mask) static inline void vring_set_avail_event(VirtQueue *vq, uint16_t val) { hwaddr pa; - if (!vq->notification) { + if (vq->notification_disabled) { return; } pa = vq->vring.used + offsetof(VRingUsed, ring[vq->vring.num]); @@ -210,7 +210,13 @@ static inline void vring_set_avail_event(VirtQueue *vq, uint16_t val) void virtio_queue_set_notification(VirtQueue *vq, int enable) { - vq->notification = enable; + if (enable) { + assert(vq->notification_disabled > 0); + vq->notification_disabled--; + } else { + vq->notification_disabled++; + } + if (virtio_vdev_has_feature(vq->vdev, VIRTIO_RING_F_EVENT_IDX)) { vring_set_avail_event(vq, vring_avail_idx(vq)); } else if (enable) { @@ -959,7 +965,7 @@ void virtio_reset(void *opaque) virtio_queue_set_vector(vdev, i, VIRTIO_NO_VECTOR); vdev->vq[i].signalled_used = 0; vdev->vq[i].signalled_used_valid = false; - vdev->vq[i].notification = true; + vdev->vq[i].notification_disabled = 0; vdev->vq[i].vring.num = vdev->vq[i].vring.num_default; vdev->vq[i].inuse = 0; } @@ -1770,7 +1776,7 @@ int virtio_load(VirtIODevice *vdev, QEMUFile *f, int version_id) vdev->vq[i].vring.desc = qemu_get_be64(f); qemu_get_be16s(f, &vdev->vq[i].last_avail_idx); vdev->vq[i].signalled_used_valid = false; - vdev->vq[i].notification = true; + vdev->vq[i].notification_disabled = 0; if (vdev->vq[i].vring.desc) { /* XXX virtio-1 devices */ @@ -2047,15 +2053,47 @@ static void virtio_queue_host_notifier_aio_read(EventNotifier *n) } } +static void virtio_queue_host_notifier_aio_poll_begin(EventNotifier *n) +{ + VirtQueue *vq = container_of(n, VirtQueue, host_notifier); + + virtio_queue_set_notification(vq, 0); +} + +static bool virtio_queue_host_notifier_aio_poll(void *opaque) +{ + EventNotifier *n = opaque; + VirtQueue *vq = container_of(n, VirtQueue, host_notifier); + + if (virtio_queue_empty(vq)) { + return false; + } + + virtio_queue_notify_aio_vq(vq); + return true; +} + +static void virtio_queue_host_notifier_aio_poll_end(EventNotifier *n) +{ + VirtQueue *vq = container_of(n, VirtQueue, host_notifier); + + /* Caller polls once more after this to catch requests that race with us */ + virtio_queue_set_notification(vq, 1); +} + void virtio_queue_aio_set_host_notifier_handler(VirtQueue *vq, AioContext *ctx, VirtIOHandleOutput handle_output) { if (handle_output) { vq->handle_aio_output = handle_output; aio_set_event_notifier(ctx, &vq->host_notifier, true, - virtio_queue_host_notifier_aio_read); + virtio_queue_host_notifier_aio_read, + virtio_queue_host_notifier_aio_poll); + aio_set_event_notifier_poll(ctx, &vq->host_notifier, + virtio_queue_host_notifier_aio_poll_begin, + virtio_queue_host_notifier_aio_poll_end); } else { - aio_set_event_notifier(ctx, &vq->host_notifier, true, NULL); + aio_set_event_notifier(ctx, &vq->host_notifier, true, NULL, NULL); /* Test and clear notifier before after disabling event, * in case poll callback didn't have time to run. */ virtio_queue_host_notifier_aio_read(&vq->host_notifier); |