Fill debug configuration from overlay definitions in the DEBUG_SECTION.
Add DEBUG_SECTION to DC232B and FSF cores.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Add DBREAKA/DBREAKC SRs and implement DBREAK breakpoints as debug
watchpoints.
This implementation is not fully compliant to ISA: when a breakpoint is
set to an unmapped/inaccessible memory address it generates TLB/memory
protection exception instead of debug exception.
See ISA, 4.7.7.3, 4.7.7.6 for more details.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
In case of BP_STOP_BEFORE_ACCESS watchpoint check_watchpoint intends to
signal EXCP_DEBUG exception on exit from cpu loop, but later overwrites
exception code by the cpu_resume_from_signal call.
Use cpu_loop_exit with BP_STOP_BEFORE_ACCESS watchpoints.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
ICOUNT SR gets incremented on every instruction completion provided that
CINTLEVEL at the beginning of the instruction execution is lower than
ICOUNTLEVEL.
When ICOUNT would increment to 0 a debug exception is raised if
CINTLEVEL is lower than DEBUGLEVEL.
See ISA, 4.7.7.5 for more details.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Add IBREAKA/IBREAKENABLE SRs and implement debug exception, BREAK and
BREAK.N instructions and IBREAK breakpoints.
IBREAK breakpoint address is considered constant for TB lifetime.
On IBREAKA/IBREAKENABLE change corresponding TBs are invalidated.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
DEBUGCAUSE SR holds information about the most recent debug exception.
See ISA, 4.7.7 for more details.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
TLB_TEMPLATE macro specifies TLB geometry in the core configuration.
Make TLB_TEMPLATE available for region protection core variants,
defining 1 way ITLB and DTLB with 8 entries each.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Trying to interact with a stopped guest will queue up the events,
then send them all at once when the guest continues running, with
a high chance to have them cause unwanted actions.
Avoid that by only injecting the input events only when the guest
is in running state.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When an input line is handled as level-triggered, it will immediately
raise an IRQ on the output of a PIC again that goes through an init
reset. So only clear the edge-triggered inputs from IRR in that
scenario.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Instead of providing 4 individual query functions for mode, gate, output
and initial counter state, introduce a service that queries all
information at once. This comes with tiny additional costs for
pcspk_callback but with a much cleaner interface. Also, it will simplify
the implementation of the KVM in-kernel PIT model.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Convert the PC speaker device to a qdev ISA model. Move the public
interface to a dedicated header file at this chance.
CC: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When the HPET enters legacy mode, the IRQ output of the PIT is
suppressed and replaced by the HPET timer 0. But the current code to
emulate this was broken in many ways. It reset the PIT state after
re-enabling, it worked against a stale static PIT structure, and it did
not properly saved/restored the IRQ output mask in the PIT vmstate.
This patch solves the PIT IRQ control in a different way. On x86, it
both redirects the PIT IRQ to the HPET, just like the RTC. But it also
keeps the control line from the HPET to the PIT. This allows to disable
the PIT QEMU timer when it is not needed. The PIT's view on the control
line state is now saved in the same format that qemu-kvm is already
using.
Note that, in contrast to the suppressed RTC IRQ line, we do not need to
save/restore the PIT line state in the HPET. As we trigger a PIT IRQ
update via the control line, the line state is reconstructed on mode
switch.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
HPET legacy emulation will require control over the PIT IRQ output. To
enable this, add support for an alternative IRQ output object to the PIT
factory function. If the isa_irq number is < 0, this object will be
used.
This also removes the IRQ number property from the PIT class as we now
use a generic GPIO output pin that is connected by the factory function.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Move the public interface of the PIT into its own header file and update
all users.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In legacy mode, the HPET suppresses the RTC interrupt delivery via IRQ
8 but keeps track of the RTC output level and applies it when legacy
mode is turned off again. This value has to be preserved across save/
restore as it cannot be reconstructed otherwise.
To document that a raised rtc_irq_level won't survive a vmload without
a hpet/rtc_irq_level subsection, add an explicit clearing to the reset
handler.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Avoid changing the IRQ level to high on reset as it may trigger spurious
events. Instead, open-code the effects of pit_load_count(0) in the reset
handler.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Currently when disabling login in VNC, the password is cleared out and the
authentication protocol is forced to AUTH_VNC. If you're using a stronger
authentication protocol, this has the effect of downgrading your security
protocol.
Fix this by only changing the authentication protocol if the current
authentication protocol is AUTH_NONE. That ensures we're never downgrading.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
--
NB. This patch is derived from one posted by Anthony last year, which got
accidentally lost after Luiz took over the QMP series work
https://lists.gnu.org/archive/html/qemu-devel/2011-09/msg00392.html
v1 -> v2
- Make sure to not demote when changing password (Daniel)
v2 -> v3
- Rebase to latest GIT master wrt QMP changes
Since QOM'ification, qdev_try_create() uses object_new() internally,
which asserts "type != NULL" when the type is not registered.
This was revealed by the combination of kvmclock's kvm_enabled() check
and early QOM type registration.
Check whether the class exists before calling object_new(), so that
the caller (e.g., qdev_create) can fail gracefully, telling us which
device could not be created.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Anthony Liguori <aliguori@codemonkey.ws>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Remove the OpenBSD workaround for the curses probe. This has not been
necessary for 5 releases now.
Signed-off-by: Brad Smith <brad@comstyle.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
libcacard is only used by system emulation.
Only define libcacard_libs/cflags once.
Signed-off-by: Paul Brook <paul@codesourcery.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The main advantage of circular lists (the fact that the head node
has the same memory layout as any other node) is completely negated
by the implementation in qemu-queue.h. Not surprisingly, nobody
uses QCIRCLEQ. While this might change if RCU is ever adopted by
QEMU, the QLIST is also RCU-friendly and in fact it is used in a
RCU-like manner by 9pfs already. So, just kill QCIRCLEQ.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Notifiers do not need to access both ends of the list, and using
a QLIST also simplifies the API.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* stefanha/trivial-patches:
linux-user: brk() debugging
virtio: Remove unneeded g_free() check in virtio_cleanup()
net: remove extra spaces in help messages
fmopl: Fix typo in function name
vl.c: Fix typo in variable name
ide: fix compilation errors when DEBUG_IDE is set
cpu-exec.c: Correct comment about this file and indentation cleanup
CODING_STYLE: Clarify style for enum and function type names
linux-user: fail execve() if env/args too big
When qemu-nbd becomes a daemon it calls daemon(3) with
nochdir=0, so daemon(3) changes current directory to /.
But at this time, qemu-nbd did not open any user-specified
files yet, so by changing current directory, all non-absolute
paths becomes wrong. The solution is to pass nochdir=1 to
daemon(3) function, and to chdir("/") after all init has
been performed, before entering the main loop, -- just like
a good daemon should do.
This patch is applicable for -stable.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Fix a typo in pl031_interrupt() which meant we were setting a bit
in the interrupt mask rather than the interrupt status register
and thus not actually raising an interrupt. This fix allows the
rtctest program from the kernel's Documentation/rtc.txt to pass
rather than hanging.
Reported-by: Daniel Forsgren <daniel.forsgren@enea.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
The primecell.h header now only has the definitions of constants
indicating the usage of the arm_sysctl GPIO lines; remove obsolete
includes of it from source files which don't care about those GPIO
lines.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Remove an obsolete declaration of pl080_init(), which has been
incorrect since the conversion of pl080 to qdev back in 2009.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Drop the legacy init function arm_sysctl_init(), since it has no
users left any more. This allows us to drop the awkward '1' from
the actual device init function.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
Add the vexpress-a15 machine, and the A-Series memory map it uses.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
The arm_boot secondary boot loader code needs the address of
the GIC CPU interface. Obtaining this from the base address
of the private peripheral region was possible for A9 and 11MPcore,
but the A15 puts the GIC CPU interface in a different place.
So make boards pass in the GIC CPU interface address directly.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Instantiate the CLCD on the vexpress motherboard as well as one on
the daughterboard -- the A15 daughterboard does not have a CLCD
and so relies on the motherboard one.
At the moment QEMU doesn't provide infrastructure for selecting
which display device gets to actually show graphics -- the first
one registered is it. Fortunately this works for the major use
case (Linux): if the daughterboard has a CLCD it will come first
and be used, otherwise we fall back to the motherboard CLCD.
So we don't (currently) need to implement the control register
which allows software to tell the mux which video output to pass
through to the outside world.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Factor out daughterboard specifics into a data structure and
daughterboard initialization function, in preparation for adding
vexpress-a15 support.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
On real Versatile Express hardware, the boot ROM puts the secondary
CPU bootcode/holding pen in SRAM. We can therefore rely on Linux not
trashing this memory until secondary CPUs have booted up, and can
put our QEMU-specific pen code in the same place. This allows us to
drop the odd "hack" RAM page we were using before.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Pull the addresses used for mapping motherboard peripherals into
memory out into a table. This will allow us to simply provide a
second table to implement the "Cortex-A Series" memory map used by
the A15 variant of Versatile Express, as well as the current
"Legacy" map used by A9.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Add a model of the Cortex-A15 memory mapped private peripheral
space. This is fairly simple because the only memory mapped
bit of the A15 is the GIC.
Note that we don't currently model a VGIC and therefore don't
map the VGIC related bits of the GIC.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Exynos4210 display controller (FIMD) has 5 hardware windows with alpha and
chroma key blending functions.
Signed-off-by: Mitsyanko Igor <i.mitsyanko@samsung.com>
Signed-off-by: Evgeny Voevodin <e.voevodin@samsung.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Max Filippov