[Spice-commits] 22 commits - hw/misc hw/usb include/hw include/qemu memory.c pc-bios/bios-256k.bin pc-bios/bios.bin pc-bios/vgabios-cirrus.bin pc-bios/vgabios-qxl.bin pc-bios/vgabios-stdvga.bin pc-bios/vgabios-vmware.bin pc-bios/vgabios.bin roms/seabios tests/Makefile tests/libqos tests/usb-hcd-ehci-test.c trace-events
Gerd Hoffmann
kraxel at kemper.freedesktop.org
Wed Jun 4 04:34:19 PDT 2014
hw/misc/vfio.c | 428 +++++++++++++++++++++++++++++++++++++++------
hw/usb/core.c | 21 ++
hw/usb/desc.c | 12 -
hw/usb/hcd-ehci.c | 79 --------
hw/usb/hcd-uhci.c | 36 ---
hw/usb/hcd-xhci.c | 47 +++-
hw/usb/host-libusb.c | 76 ++++++-
include/hw/i386/pc.h | 4
include/hw/usb.h | 1
include/hw/usb/ehci-regs.h | 82 ++++++++
include/hw/usb/uhci-regs.h | 40 ++++
include/qemu/int128.h | 5
memory.c | 7
pc-bios/bios-256k.bin |binary
pc-bios/bios.bin |binary
pc-bios/vgabios-cirrus.bin |binary
pc-bios/vgabios-qxl.bin |binary
pc-bios/vgabios-stdvga.bin |binary
pc-bios/vgabios-vmware.bin |binary
pc-bios/vgabios.bin |binary
roms/seabios | 2
tests/Makefile | 4
tests/libqos/pci.c | 2
tests/usb-hcd-ehci-test.c | 153 +++++++++++++++-
trace-events | 2
25 files changed, 798 insertions(+), 203 deletions(-)
New commits:
commit e00fcfeab3d452cba3d0a08991a39ab15df66424
Merge: 278073b 5e70018
Author: Peter Maydell <peter.maydell at linaro.org>
Date: Tue Jun 3 14:37:43 2014 +0100
Merge remote-tracking branch 'remotes/awilliam/tags/vfio-pci-for-qemu-20140602.0' into staging
VFIO patches: realtek NIC quirk + SPAPR IOMMU AddressSpace support
# gpg: Signature made Mon 02 Jun 2014 22:44:42 BST using RSA key ID 3BB08B22
# gpg: Can't check signature: public key not found
* remotes/awilliam/tags/vfio-pci-for-qemu-20140602.0:
vfio: Add guest side IOMMU support
vfio: Create VFIOAddressSpace objects as needed
vfio: Introduce VFIO address spaces
vfio: Rework to have error paths
vfio: Fix 128 bit handling
int128: Add int128_exts64()
memory: Sanity check that no listeners remain on a destroyed AddressSpace
vfio-pci: Quirk RTL8168 NIC
Signed-off-by: Peter Maydell <peter.maydell at linaro.org>
commit 278073ba293d2b78641505f9c40e6f37c4a2f024
Merge: 82ea61c 3257fc8
Author: Peter Maydell <peter.maydell at linaro.org>
Date: Tue Jun 3 11:59:48 2014 +0100
Merge remote-tracking branch 'remotes/kraxel/tags/pull-roms-3' into staging
seabios: update to 1.7.5 final
# gpg: Signature made Mon 02 Jun 2014 15:49:59 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel at redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd at kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel at gmail.com>"
* remotes/kraxel/tags/pull-roms-3:
seabios: update to 1.7.5 final
Signed-off-by: Peter Maydell <peter.maydell at linaro.org>
commit 82ea61c6da4daa81d8614297391b8087e806ded9
Merge: 1673e89 7bafd88
Author: Peter Maydell <peter.maydell at linaro.org>
Date: Mon Jun 2 17:07:21 2014 +0100
Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-8' into staging
qtest: improve ehci/uhci test
usb: misc fixes, mostly for usb3/xhci
# gpg: Signature made Mon 02 Jun 2014 15:40:34 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel at redhat.com>"
# gpg: aka "Gerd Hoffmann <gerd at kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kraxel at gmail.com>"
* remotes/kraxel/tags/pull-usb-8:
xhci: order superspeed ports first
xhci: make port reset trace point more verbose
usb: add usb_pick_speed
usb-host: add HAVE_STREAMS define
usb-host: allow attaching usb3 devices to ehci
usb: improve ehci/uhci test
usb: move ehci register defines to header file
usb: add uhci port status reserved bit
usb: move uhci register defines to header file
qtest: fix qpci_config_writel
Signed-off-by: Peter Maydell <peter.maydell at linaro.org>
commit 3257fc8383b13856e6719d1390655ce24bafd071
Author: Gerd Hoffmann <kraxel at redhat.com>
Date: Mon Jun 2 16:49:00 2014 +0200
seabios: update to 1.7.5 final
git shortlog since -rc1:
Gerd Hoffmann (2):
acpi: remove PORT_ACPI_PM_BASE constant
Allow using full io region on q35.
Kevin O'Connor (2):
vgabios: Add debug message if x86emu leal check triggers.
python3 fixes for vgabios and csm builds.
Paolo Bonzini (1):
smm: remove code to handle ACPI disable/enable
Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
diff --git a/pc-bios/bios-256k.bin b/pc-bios/bios-256k.bin
index 3e60a3d..09686a3 100644
Binary files a/pc-bios/bios-256k.bin and b/pc-bios/bios-256k.bin differ
diff --git a/pc-bios/bios.bin b/pc-bios/bios.bin
index d360d0a..2314027 100644
Binary files a/pc-bios/bios.bin and b/pc-bios/bios.bin differ
diff --git a/pc-bios/vgabios-cirrus.bin b/pc-bios/vgabios-cirrus.bin
index 2ddef2e..57a5f95 100644
Binary files a/pc-bios/vgabios-cirrus.bin and b/pc-bios/vgabios-cirrus.bin differ
diff --git a/pc-bios/vgabios-qxl.bin b/pc-bios/vgabios-qxl.bin
index f84a984..ed79993 100644
Binary files a/pc-bios/vgabios-qxl.bin and b/pc-bios/vgabios-qxl.bin differ
diff --git a/pc-bios/vgabios-stdvga.bin b/pc-bios/vgabios-stdvga.bin
index 833c464..d3579b4 100644
Binary files a/pc-bios/vgabios-stdvga.bin and b/pc-bios/vgabios-stdvga.bin differ
diff --git a/pc-bios/vgabios-vmware.bin b/pc-bios/vgabios-vmware.bin
index c4bf322..f89845e 100644
Binary files a/pc-bios/vgabios-vmware.bin and b/pc-bios/vgabios-vmware.bin differ
diff --git a/pc-bios/vgabios.bin b/pc-bios/vgabios.bin
index 55c6db3..d3038f4 100644
Binary files a/pc-bios/vgabios.bin and b/pc-bios/vgabios.bin differ
diff --git a/roms/seabios b/roms/seabios
index b1d4dc9..e51488c 160000
--- a/roms/seabios
+++ b/roms/seabios
@@ -1 +1 @@
-Subproject commit b1d4dc908401719c5de78c25313cf82c7cd1d602
+Subproject commit e51488c5f8800a52ac5c8da7a31b85cca5cc95d2
commit 7bafd8889ea3599285a8fcb1262d50e52d941c0e
Author: Gerd Hoffmann <kraxel at redhat.com>
Date: Thu May 15 12:42:16 2014 +0200
xhci: order superspeed ports first
Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
index 72308e0..7f2af89 100644
--- a/hw/usb/hcd-xhci.c
+++ b/hw/usb/hcd-xhci.c
@@ -498,6 +498,7 @@ typedef struct XHCIEvRingSeg {
enum xhci_flags {
XHCI_FLAG_USE_MSI = 1,
XHCI_FLAG_USE_MSI_X,
+ XHCI_FLAG_SS_FIRST,
};
static void xhci_kick_ep(XHCIState *xhci, unsigned int slotid,
@@ -714,10 +715,18 @@ static XHCIPort *xhci_lookup_port(XHCIState *xhci, struct USBPort *uport)
case USB_SPEED_LOW:
case USB_SPEED_FULL:
case USB_SPEED_HIGH:
- index = uport->index;
+ if (xhci_get_flag(xhci, XHCI_FLAG_SS_FIRST)) {
+ index = uport->index + xhci->numports_3;
+ } else {
+ index = uport->index;
+ }
break;
case USB_SPEED_SUPER:
- index = uport->index + xhci->numports_2;
+ if (xhci_get_flag(xhci, XHCI_FLAG_SS_FIRST)) {
+ index = uport->index;
+ } else {
+ index = uport->index + xhci->numports_2;
+ }
break;
default:
return NULL;
@@ -2972,7 +2981,11 @@ static uint64_t xhci_cap_read(void *ptr, hwaddr reg, unsigned size)
ret = 0x20425355; /* "USB " */
break;
case 0x28: /* Supported Protocol:08 */
- ret = 0x00000001 | (xhci->numports_2<<8);
+ if (xhci_get_flag(xhci, XHCI_FLAG_SS_FIRST)) {
+ ret = (xhci->numports_2<<8) | (xhci->numports_3+1);
+ } else {
+ ret = (xhci->numports_2<<8) | 1;
+ }
break;
case 0x2c: /* Supported Protocol:0c */
ret = 0x00000000; /* reserved */
@@ -2984,7 +2997,11 @@ static uint64_t xhci_cap_read(void *ptr, hwaddr reg, unsigned size)
ret = 0x20425355; /* "USB " */
break;
case 0x38: /* Supported Protocol:08 */
- ret = 0x00000000 | (xhci->numports_2+1) | (xhci->numports_3<<8);
+ if (xhci_get_flag(xhci, XHCI_FLAG_SS_FIRST)) {
+ ret = (xhci->numports_3<<8) | 1;
+ } else {
+ ret = (xhci->numports_3<<8) | (xhci->numports_2+1);
+ }
break;
case 0x3c: /* Supported Protocol:0c */
ret = 0x00000000; /* reserved */
@@ -3517,8 +3534,13 @@ static void usb_xhci_init(XHCIState *xhci)
for (i = 0; i < usbports; i++) {
speedmask = 0;
if (i < xhci->numports_2) {
- port = &xhci->ports[i];
- port->portnr = i + 1;
+ if (xhci_get_flag(xhci, XHCI_FLAG_SS_FIRST)) {
+ port = &xhci->ports[i + xhci->numports_3];
+ port->portnr = i + 1 + xhci->numports_3;
+ } else {
+ port = &xhci->ports[i];
+ port->portnr = i + 1;
+ }
port->uport = &xhci->uports[i];
port->speedmask =
USB_SPEED_MASK_LOW |
@@ -3528,8 +3550,13 @@ static void usb_xhci_init(XHCIState *xhci)
speedmask |= port->speedmask;
}
if (i < xhci->numports_3) {
- port = &xhci->ports[i + xhci->numports_2];
- port->portnr = i + 1 + xhci->numports_2;
+ if (xhci_get_flag(xhci, XHCI_FLAG_SS_FIRST)) {
+ port = &xhci->ports[i];
+ port->portnr = i + 1;
+ } else {
+ port = &xhci->ports[i + xhci->numports_2];
+ port->portnr = i + 1 + xhci->numports_2;
+ }
port->uport = &xhci->uports[i];
port->speedmask = USB_SPEED_MASK_SUPER;
snprintf(port->name, sizeof(port->name), "usb3 port #%d", i+1);
@@ -3788,6 +3815,8 @@ static const VMStateDescription vmstate_xhci = {
static Property xhci_properties[] = {
DEFINE_PROP_BIT("msi", XHCIState, flags, XHCI_FLAG_USE_MSI, true),
DEFINE_PROP_BIT("msix", XHCIState, flags, XHCI_FLAG_USE_MSI_X, true),
+ DEFINE_PROP_BIT("superspeed-ports-first",
+ XHCIState, flags, XHCI_FLAG_SS_FIRST, true),
DEFINE_PROP_UINT32("intrs", XHCIState, numintrs, MAXINTRS),
DEFINE_PROP_UINT32("slots", XHCIState, numslots, MAXSLOTS),
DEFINE_PROP_UINT32("p2", XHCIState, numports_2, 4),
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 32a7687..31328a8 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -271,6 +271,10 @@ bool e820_get_entry(int, uint32_t, uint64_t *, uint64_t *);
.driver = "apic",\
.property = "version",\
.value = stringify(0x11),\
+ },{\
+ .driver = "nec-usb-xhci",\
+ .property = "superspeed-ports-first",\
+ .value = "off",\
}
#define PC_COMPAT_1_7 \
commit 7bd3055ffd5f87d83f04659e496c91fbfc839143
Author: Gerd Hoffmann <kraxel at redhat.com>
Date: Fri May 23 15:44:42 2014 +0200
xhci: make port reset trace point more verbose
Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
index 54dea16..72308e0 100644
--- a/hw/usb/hcd-xhci.c
+++ b/hw/usb/hcd-xhci.c
@@ -2856,7 +2856,7 @@ static void xhci_port_update(XHCIPort *port, int is_detach)
static void xhci_port_reset(XHCIPort *port, bool warm_reset)
{
- trace_usb_xhci_port_reset(port->portnr);
+ trace_usb_xhci_port_reset(port->portnr, warm_reset);
if (!xhci_port_have_device(port)) {
return;
diff --git a/trace-events b/trace-events
index f256ca5..c5b64cb 100644
--- a/trace-events
+++ b/trace-events
@@ -371,7 +371,7 @@ usb_xhci_irq_msix_use(uint32_t nr) "nr %d"
usb_xhci_irq_msix_unuse(uint32_t nr) "nr %d"
usb_xhci_queue_event(uint32_t vector, uint32_t idx, const char *trb, const char *evt, uint64_t param, uint32_t status, uint32_t control) "v %d, idx %d, %s, %s, p %016" PRIx64 ", s %08x, c 0x%08x"
usb_xhci_fetch_trb(uint64_t addr, const char *name, uint64_t param, uint32_t status, uint32_t control) "addr %016" PRIx64 ", %s, p %016" PRIx64 ", s %08x, c 0x%08x"
-usb_xhci_port_reset(uint32_t port) "port %d"
+usb_xhci_port_reset(uint32_t port, bool warm) "port %d, warm %d"
usb_xhci_port_link(uint32_t port, uint32_t pls) "port %d, pls %d"
usb_xhci_port_notify(uint32_t port, uint32_t pls) "port %d, bits %x"
usb_xhci_slot_enable(uint32_t slotid) "slotid %d"
commit b791c3b38c7969cb9f4acda8229e19fd865a1c08
Author: Gerd Hoffmann <kraxel at redhat.com>
Date: Fri May 23 16:20:54 2014 +0200
usb: add usb_pick_speed
We can pick the usb port speed in generic code, by looking at the port
and device speed masks and looking for the fastest match. So add a
function to do exactly that, and drop the speed setting code from
usb_desc_attach as it isn't needed any more.
This way we can set the device speed before calling port->ops->attach,
which fixes some xhci hotplug issues.
https://bugzilla.redhat.com/show_bug.cgi?id=1046873
Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
diff --git a/hw/usb/core.c b/hw/usb/core.c
index 67ba7d6..cf34755 100644
--- a/hw/usb/core.c
+++ b/hw/usb/core.c
@@ -28,6 +28,26 @@
#include "qemu/iov.h"
#include "trace.h"
+void usb_pick_speed(USBPort *port)
+{
+ static const int speeds[] = {
+ USB_SPEED_SUPER,
+ USB_SPEED_HIGH,
+ USB_SPEED_FULL,
+ USB_SPEED_LOW,
+ };
+ USBDevice *udev = port->dev;
+ int i;
+
+ for (i = 0; i < ARRAY_SIZE(speeds); i++) {
+ if ((udev->speedmask & (1 << speeds[i])) &&
+ (port->speedmask & (1 << speeds[i]))) {
+ udev->speed = speeds[i];
+ return;
+ }
+ }
+}
+
void usb_attach(USBPort *port)
{
USBDevice *dev = port->dev;
@@ -35,6 +55,7 @@ void usb_attach(USBPort *port)
assert(dev != NULL);
assert(dev->attached);
assert(dev->state == USB_STATE_NOTATTACHED);
+ usb_pick_speed(port);
port->ops->attach(port);
dev->state = USB_STATE_ATTACHED;
usb_device_handle_attach(dev);
diff --git a/hw/usb/desc.c b/hw/usb/desc.c
index ab48691..b82c397 100644
--- a/hw/usb/desc.c
+++ b/hw/usb/desc.c
@@ -518,18 +518,6 @@ void usb_desc_init(USBDevice *dev)
void usb_desc_attach(USBDevice *dev)
{
- const USBDesc *desc = usb_device_get_usb_desc(dev);
-
- assert(desc != NULL);
- if (desc->super && (dev->port->speedmask & USB_SPEED_MASK_SUPER)) {
- dev->speed = USB_SPEED_SUPER;
- } else if (desc->high && (dev->port->speedmask & USB_SPEED_MASK_HIGH)) {
- dev->speed = USB_SPEED_HIGH;
- } else if (desc->full && (dev->port->speedmask & USB_SPEED_MASK_FULL)) {
- dev->speed = USB_SPEED_FULL;
- } else {
- return;
- }
usb_desc_setdefaults(dev);
}
diff --git a/include/hw/usb.h b/include/hw/usb.h
index 1919bdc..8bcab48 100644
--- a/include/hw/usb.h
+++ b/include/hw/usb.h
@@ -458,6 +458,7 @@ void usb_ep_combine_input_packets(USBEndpoint *ep);
void usb_combined_input_packet_complete(USBDevice *dev, USBPacket *p);
void usb_combined_packet_cancel(USBDevice *dev, USBPacket *p);
+void usb_pick_speed(USBPort *port);
void usb_attach(USBPort *port);
void usb_detach(USBPort *port);
void usb_port_reset(USBPort *port);
commit 322fd1f4f7c884c75749398bf48e01bd4b226e9f
Author: Gerd Hoffmann <kraxel at redhat.com>
Date: Fri May 23 11:26:52 2014 +0200
usb-host: add HAVE_STREAMS define
diff --git a/hw/usb/host-libusb.c b/hw/usb/host-libusb.c
index e465028..afbf156 100644
--- a/hw/usb/host-libusb.c
+++ b/hw/usb/host-libusb.c
@@ -147,6 +147,10 @@ static void usb_host_attach_kernel(USBHostDevice *s);
#define BULK_TIMEOUT 0 /* unlimited */
#define INTR_TIMEOUT 0 /* unlimited */
+#if LIBUSBX_API_VERSION >= 0x01000103
+# define HAVE_STREAMS 1
+#endif
+
static const char *speed_name[] = {
[LIBUSB_SPEED_UNKNOWN] = "?",
[LIBUSB_SPEED_LOW] = "1.5",
@@ -686,7 +690,7 @@ static void usb_host_speed_compat(USBHostDevice *s)
struct libusb_config_descriptor *conf;
const struct libusb_interface_descriptor *intf;
const struct libusb_endpoint_descriptor *endp;
-#if LIBUSBX_API_VERSION >= 0x01000103
+#ifdef HAVE_STREAMS
struct libusb_ss_endpoint_companion_descriptor *endp_ss_comp;
#endif
bool compat_high = true;
@@ -711,7 +715,7 @@ static void usb_host_speed_compat(USBHostDevice *s)
compat_high = false;
break;
case 0x02: /* BULK */
-#if LIBUSBX_API_VERSION >= 0x01000103
+#ifdef HAVE_STREAMS
rc = libusb_get_ss_endpoint_companion_descriptor
(ctx, endp, &endp_ss_comp);
if (rc == LIBUSB_SUCCESS) {
@@ -761,7 +765,7 @@ static void usb_host_ep_update(USBHostDevice *s)
struct libusb_config_descriptor *conf;
const struct libusb_interface_descriptor *intf;
const struct libusb_endpoint_descriptor *endp;
-#if LIBUSBX_API_VERSION >= 0x01000103
+#ifdef HAVE_STREAMS
struct libusb_ss_endpoint_companion_descriptor *endp_ss_comp;
#endif
uint8_t devep, type;
@@ -809,7 +813,7 @@ static void usb_host_ep_update(USBHostDevice *s)
usb_ep_set_type(udev, pid, ep, type);
usb_ep_set_ifnum(udev, pid, ep, i);
usb_ep_set_halted(udev, pid, ep, 0);
-#if LIBUSBX_API_VERSION >= 0x01000103
+#ifdef HAVE_STREAMS
if (type == LIBUSB_TRANSFER_TYPE_BULK &&
libusb_get_ss_endpoint_companion_descriptor(ctx, endp,
&endp_ss_comp) == LIBUSB_SUCCESS) {
@@ -1261,7 +1265,7 @@ static void usb_host_handle_data(USBDevice *udev, USBPacket *p)
}
ep = p->ep->nr | (r->in ? USB_DIR_IN : 0);
if (p->stream) {
-#if LIBUSBX_API_VERSION >= 0x01000103
+#ifdef HAVE_STREAMS
libusb_fill_bulk_stream_transfer(r->xfer, s->dh, ep, p->stream,
r->buffer, size,
usb_host_req_complete_data, r,
@@ -1342,7 +1346,7 @@ static void usb_host_handle_reset(USBDevice *udev)
static int usb_host_alloc_streams(USBDevice *udev, USBEndpoint **eps,
int nr_eps, int streams)
{
-#if LIBUSBX_API_VERSION >= 0x01000103
+#ifdef HAVE_STREAMS
USBHostDevice *s = USB_HOST_DEVICE(udev);
unsigned char endpoints[30];
int i, rc;
@@ -1372,7 +1376,7 @@ static int usb_host_alloc_streams(USBDevice *udev, USBEndpoint **eps,
static void usb_host_free_streams(USBDevice *udev, USBEndpoint **eps,
int nr_eps)
{
-#if LIBUSBX_API_VERSION >= 0x01000103
+#ifdef HAVE_STREAMS
USBHostDevice *s = USB_HOST_DEVICE(udev);
unsigned char endpoints[30];
int i;
commit b88a3e01f5718d5da538bfe072cc8452107badca
Author: Gerd Hoffmann <kraxel at redhat.com>
Date: Fri May 23 10:27:00 2014 +0200
usb-host: allow attaching usb3 devices to ehci
Extend compatibility test function to also figure whenever usb3
devices can be supported on ehci. Tweak ep0 maxpacketsize field
due to usb2 <-> usb3 difference.
Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
diff --git a/hw/usb/host-libusb.c b/hw/usb/host-libusb.c
index 8007d1d..e465028 100644
--- a/hw/usb/host-libusb.c
+++ b/hw/usb/host-libusb.c
@@ -111,6 +111,7 @@ struct USBHostRequest {
unsigned char *buffer;
unsigned char *cbuf;
unsigned int clen;
+ bool usb3ep0quirk;
QTAILQ_ENTRY(USBHostRequest) next;
};
@@ -346,6 +347,13 @@ static void usb_host_req_complete_ctrl(struct libusb_transfer *xfer)
r->p->actual_length = xfer->actual_length;
if (r->in && xfer->actual_length) {
memcpy(r->cbuf, r->buffer + 8, xfer->actual_length);
+
+ /* Fix up USB-3 ep0 maxpacket size to allow superspeed connected devices
+ * to work redirected to a not superspeed capable hcd */
+ if (r->usb3ep0quirk && xfer->actual_length >= 18 &&
+ r->cbuf[7] == 9) {
+ r->cbuf[7] = 64;
+ }
}
trace_usb_host_req_complete(s->bus_num, s->addr, r->p,
r->p->status, r->p->actual_length);
@@ -672,11 +680,17 @@ static void usb_host_iso_data_out(USBHostDevice *s, USBPacket *p)
/* ------------------------------------------------------------------------ */
-static bool usb_host_full_speed_compat(USBHostDevice *s)
+static void usb_host_speed_compat(USBHostDevice *s)
{
+ USBDevice *udev = USB_DEVICE(s);
struct libusb_config_descriptor *conf;
const struct libusb_interface_descriptor *intf;
const struct libusb_endpoint_descriptor *endp;
+#if LIBUSBX_API_VERSION >= 0x01000103
+ struct libusb_ss_endpoint_companion_descriptor *endp_ss_comp;
+#endif
+ bool compat_high = true;
+ bool compat_full = true;
uint8_t type;
int rc, c, i, a, e;
@@ -693,10 +707,27 @@ static bool usb_host_full_speed_compat(USBHostDevice *s)
type = endp->bmAttributes & 0x3;
switch (type) {
case 0x01: /* ISO */
- return false;
+ compat_full = false;
+ compat_high = false;
+ break;
+ case 0x02: /* BULK */
+#if LIBUSBX_API_VERSION >= 0x01000103
+ rc = libusb_get_ss_endpoint_companion_descriptor
+ (ctx, endp, &endp_ss_comp);
+ if (rc == LIBUSB_SUCCESS) {
+ libusb_free_ss_endpoint_companion_descriptor
+ (endp_ss_comp);
+ compat_full = false;
+ compat_high = false;
+ }
+#endif
+ break;
case 0x03: /* INTERRUPT */
if (endp->wMaxPacketSize > 64) {
- return false;
+ compat_full = false;
+ }
+ if (endp->wMaxPacketSize > 1024) {
+ compat_high = false;
}
break;
}
@@ -705,7 +736,17 @@ static bool usb_host_full_speed_compat(USBHostDevice *s)
}
libusb_free_config_descriptor(conf);
}
- return true;
+
+ udev->speedmask = (1 << udev->speed);
+ if (udev->speed == USB_SPEED_SUPER && compat_high) {
+ udev->speedmask |= USB_SPEED_HIGH;
+ }
+ if (udev->speed == USB_SPEED_SUPER && compat_full) {
+ udev->speedmask |= USB_SPEED_FULL;
+ }
+ if (udev->speed == USB_SPEED_HIGH && compat_full) {
+ udev->speedmask |= USB_SPEED_FULL;
+ }
}
static void usb_host_ep_update(USBHostDevice *s)
@@ -813,10 +854,7 @@ static int usb_host_open(USBHostDevice *s, libusb_device *dev)
usb_host_ep_update(s);
udev->speed = speed_map[libusb_get_device_speed(dev)];
- udev->speedmask = (1 << udev->speed);
- if (udev->speed == USB_SPEED_HIGH && usb_host_full_speed_compat(s)) {
- udev->speedmask |= USB_SPEED_MASK_FULL;
- }
+ usb_host_speed_compat(s);
if (s->ddesc.iProduct) {
libusb_get_string_descriptor_ascii(s->dh, s->ddesc.iProduct,
@@ -1162,6 +1200,14 @@ static void usb_host_handle_control(USBDevice *udev, USBPacket *p,
memcpy(r->buffer + 8, r->cbuf, r->clen);
}
+ /* Fix up USB-3 ep0 maxpacket size to allow superspeed connected devices
+ * to work redirected to a not superspeed capable hcd */
+ if (udev->speed == USB_SPEED_SUPER &&
+ !((udev->port->speedmask & USB_SPEED_MASK_SUPER)) &&
+ request == 0x8006 && value == 0x100 && index == 0) {
+ r->usb3ep0quirk = true;
+ }
+
libusb_fill_control_transfer(r->xfer, s->dh, r->buffer,
usb_host_req_complete_ctrl, r,
CONTROL_TIMEOUT);
commit d81d4106355f075dada63ae89a84ee45f588face
Author: Gerd Hoffmann <kraxel at redhat.com>
Date: Wed May 7 16:39:11 2014 +0200
usb: improve ehci/uhci test
* Attach usb devices to the bus.
* Check initial port status register state.
* Flip ehci initialization bit.
* Check port status register state again to
see whenever device handover to ehci worked.
Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
diff --git a/tests/Makefile b/tests/Makefile
index 8f71e0d..6b294a7 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -154,6 +154,8 @@ gcov-files-i386-y += hw/pci-bridge/ioh3420.c
check-qtest-i386-y += tests/usb-hcd-ehci-test$(EXESUF)
gcov-files-i386-y += hw/usb/hcd-ehci.c
gcov-files-i386-y += hw/usb/hcd-uhci.c
+gcov-files-i386-y += hw/usb/dev-hid.c
+gcov-files-i386-y += hw/usb/dev-storage.c
check-qtest-x86_64-y = $(check-qtest-i386-y)
gcov-files-i386-y += i386-softmmu/hw/timer/mc146818rtc.c
gcov-files-x86_64-y = $(subst i386-softmmu/,x86_64-softmmu/,$(gcov-files-i386-y))
@@ -319,7 +321,7 @@ tests/ac97-test$(EXESUF): tests/ac97-test.o
tests/es1370-test$(EXESUF): tests/es1370-test.o
tests/intel-hda-test$(EXESUF): tests/intel-hda-test.o
tests/ioh3420-test$(EXESUF): tests/ioh3420-test.o
-tests/usb-hcd-ehci-test$(EXESUF): tests/usb-hcd-ehci-test.o
+tests/usb-hcd-ehci-test$(EXESUF): tests/usb-hcd-ehci-test.o $(libqos-pc-obj-y)
tests/qemu-iotests/socket_scm_helper$(EXESUF): tests/qemu-iotests/socket_scm_helper.o
tests/test-qemu-opts$(EXESUF): tests/test-qemu-opts.o libqemuutil.a libqemustub.a
diff --git a/tests/usb-hcd-ehci-test.c b/tests/usb-hcd-ehci-test.c
index bc56ba7..bcdf62f 100644
--- a/tests/usb-hcd-ehci-test.c
+++ b/tests/usb-hcd-ehci-test.c
@@ -9,12 +9,149 @@
#include <glib.h>
#include <string.h>
+#include <stdio.h>
#include "libqtest.h"
+#include "libqos/pci-pc.h"
#include "qemu/osdep.h"
+#include "hw/usb/uhci-regs.h"
+#include "hw/usb/ehci-regs.h"
-/* Tests only initialization so far. TODO: Replace with functional tests */
-static void pci_nop(void)
+struct qhc {
+ QPCIDevice *dev;
+ void *base;
+};
+
+static QPCIBus *pcibus;
+static struct qhc uhci1;
+static struct qhc uhci2;
+static struct qhc uhci3;
+static struct qhc ehci1;
+
+/* helpers */
+
+static void pci_init_one(struct qhc *hc, uint32_t devfn, int bar)
+{
+ hc->dev = qpci_device_find(pcibus, devfn);
+ g_assert(hc->dev != NULL);
+ qpci_device_enable(hc->dev);
+ hc->base = qpci_iomap(hc->dev, bar);
+ g_assert(hc->base != NULL);
+}
+
+#if 0
+static void uhci_port_update(struct qhc *hc, int port,
+ uint16_t set, uint16_t clear)
{
+ void *addr = hc->base + 0x10 + 2 * port;
+ uint16_t value;
+
+ value = qpci_io_readw(hc->dev, addr);
+ value |= set;
+ value &= ~clear;
+ qpci_io_writew(hc->dev, addr, value);
+}
+#endif
+
+static void uhci_port_test(struct qhc *hc, int port, uint16_t expect)
+{
+ void *addr = hc->base + 0x10 + 2 * port;
+ uint16_t value = qpci_io_readw(hc->dev, addr);
+ uint16_t mask = ~(UHCI_PORT_WRITE_CLEAR | UHCI_PORT_RSVD1);
+
+#if 0
+ fprintf(stderr, "%s: %d, have 0x%04x, want 0x%04x\n",
+ __func__, port, value & mask, expect & mask);
+#endif
+ g_assert((value & mask) == (expect & mask));
+}
+
+static void ehci_port_test(struct qhc *hc, int port, uint32_t expect)
+{
+ void *addr = hc->base + 0x64 + 4 * port;
+ uint32_t value = qpci_io_readl(hc->dev, addr);
+ uint16_t mask = ~(PORTSC_CSC | PORTSC_PEDC | PORTSC_OCC);
+
+#if 0
+ fprintf(stderr, "%s: %d, have 0x%08x, want 0x%08x\n",
+ __func__, port, value & mask, expect & mask);
+#endif
+ g_assert((value & mask) == (expect & mask));
+}
+
+/* tests */
+
+static void pci_init(void)
+{
+ if (pcibus) {
+ return;
+ }
+ pcibus = qpci_init_pc();
+ g_assert(pcibus != NULL);
+
+ pci_init_one(&uhci1, QPCI_DEVFN(0x1d, 0), 4);
+ pci_init_one(&uhci2, QPCI_DEVFN(0x1d, 1), 4);
+ pci_init_one(&uhci3, QPCI_DEVFN(0x1d, 2), 4);
+ pci_init_one(&ehci1, QPCI_DEVFN(0x1d, 7), 0);
+}
+
+static void pci_uhci_port_1(void)
+{
+ g_assert(pcibus != NULL);
+
+ uhci_port_test(&uhci1, 0, UHCI_PORT_CCS); /* usb-tablet */
+ uhci_port_test(&uhci1, 1, UHCI_PORT_CCS); /* usb-storage */
+ uhci_port_test(&uhci2, 0, 0);
+ uhci_port_test(&uhci2, 1, 0);
+ uhci_port_test(&uhci3, 0, 0);
+ uhci_port_test(&uhci3, 1, 0);
+}
+
+static void pci_ehci_port_1(void)
+{
+ int i;
+
+ g_assert(pcibus != NULL);
+
+ for (i = 0; i < 6; i++) {
+ ehci_port_test(&ehci1, i, PORTSC_POWNER | PORTSC_PPOWER);
+ }
+}
+
+static void pci_ehci_config(void)
+{
+ /* hands over all ports from companion uhci to ehci */
+ qpci_io_writew(ehci1.dev, ehci1.base + 0x60, 1);
+}
+
+static void pci_uhci_port_2(void)
+{
+ g_assert(pcibus != NULL);
+
+ uhci_port_test(&uhci1, 0, 0); /* usb-tablet, @ehci */
+ uhci_port_test(&uhci1, 1, 0); /* usb-storage, @ehci */
+ uhci_port_test(&uhci2, 0, 0);
+ uhci_port_test(&uhci2, 1, 0);
+ uhci_port_test(&uhci3, 0, 0);
+ uhci_port_test(&uhci3, 1, 0);
+}
+
+static void pci_ehci_port_2(void)
+{
+ static uint32_t expect[] = {
+ PORTSC_PPOWER | PORTSC_CONNECT, /* usb-tablet */
+ PORTSC_PPOWER | PORTSC_CONNECT, /* usb-storage */
+ PORTSC_PPOWER,
+ PORTSC_PPOWER,
+ PORTSC_PPOWER,
+ PORTSC_PPOWER,
+ };
+ int i;
+
+ g_assert(pcibus != NULL);
+
+ for (i = 0; i < 6; i++) {
+ ehci_port_test(&ehci1, i, expect[i]);
+ }
}
int main(int argc, char **argv)
@@ -22,7 +159,12 @@ int main(int argc, char **argv)
int ret;
g_test_init(&argc, &argv, NULL);
- qtest_add_func("/ehci/pci/nop", pci_nop);
+ qtest_add_func("/ehci/pci/init", pci_init);
+ qtest_add_func("/ehci/pci/uhci-port-1", pci_uhci_port_1);
+ qtest_add_func("/ehci/pci/ehci-port-1", pci_ehci_port_1);
+ qtest_add_func("/ehci/pci/ehci-config", pci_ehci_config);
+ qtest_add_func("/ehci/pci/uhci-port-2", pci_uhci_port_2);
+ qtest_add_func("/ehci/pci/ehci-port-2", pci_ehci_port_2);
qtest_start("-machine q35 -device ich9-usb-ehci1,bus=pcie.0,addr=1d.7,"
"multifunction=on,id=ich9-ehci-1 "
@@ -31,7 +173,10 @@ int main(int argc, char **argv)
"-device ich9-usb-uhci2,bus=pcie.0,addr=1d.1,"
"multifunction=on,masterbus=ich9-ehci-1.0,firstport=2 "
"-device ich9-usb-uhci3,bus=pcie.0,addr=1d.2,"
- "multifunction=on,masterbus=ich9-ehci-1.0,firstport=4");
+ "multifunction=on,masterbus=ich9-ehci-1.0,firstport=4 "
+ "-drive if=none,id=usbcdrom,media=cdrom "
+ "-device usb-tablet,bus=ich9-ehci-1.0,port=1,usb_version=1 "
+ "-device usb-storage,bus=ich9-ehci-1.0,port=2,drive=usbcdrom ");
ret = g_test_run();
qtest_end();
commit 381626a96902d4c2c8e0f9cbf0b293bdf6408414
Author: Gerd Hoffmann <kraxel at redhat.com>
Date: Thu May 8 12:15:23 2014 +0200
usb: move ehci register defines to header file
So we can easily use them in tests.
Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index a3ae9f2..a00a93c 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -27,87 +27,10 @@
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
+#include "hw/usb/ehci-regs.h"
#include "hw/usb/hcd-ehci.h"
#include "trace.h"
-/* Capability Registers Base Address - section 2.2 */
-#define CAPLENGTH 0x0000 /* 1-byte, 0x0001 reserved */
-#define HCIVERSION 0x0002 /* 2-bytes, i/f version # */
-#define HCSPARAMS 0x0004 /* 4-bytes, structural params */
-#define HCCPARAMS 0x0008 /* 4-bytes, capability params */
-#define EECP HCCPARAMS + 1
-#define HCSPPORTROUTE1 0x000c
-#define HCSPPORTROUTE2 0x0010
-
-#define USBCMD 0x0000
-#define USBCMD_RUNSTOP (1 << 0) // run / Stop
-#define USBCMD_HCRESET (1 << 1) // HC Reset
-#define USBCMD_FLS (3 << 2) // Frame List Size
-#define USBCMD_FLS_SH 2 // Frame List Size Shift
-#define USBCMD_PSE (1 << 4) // Periodic Schedule Enable
-#define USBCMD_ASE (1 << 5) // Asynch Schedule Enable
-#define USBCMD_IAAD (1 << 6) // Int Asynch Advance Doorbell
-#define USBCMD_LHCR (1 << 7) // Light Host Controller Reset
-#define USBCMD_ASPMC (3 << 8) // Async Sched Park Mode Count
-#define USBCMD_ASPME (1 << 11) // Async Sched Park Mode Enable
-#define USBCMD_ITC (0x7f << 16) // Int Threshold Control
-#define USBCMD_ITC_SH 16 // Int Threshold Control Shift
-
-#define USBSTS 0x0004
-#define USBSTS_RO_MASK 0x0000003f
-#define USBSTS_INT (1 << 0) // USB Interrupt
-#define USBSTS_ERRINT (1 << 1) // Error Interrupt
-#define USBSTS_PCD (1 << 2) // Port Change Detect
-#define USBSTS_FLR (1 << 3) // Frame List Rollover
-#define USBSTS_HSE (1 << 4) // Host System Error
-#define USBSTS_IAA (1 << 5) // Interrupt on Async Advance
-#define USBSTS_HALT (1 << 12) // HC Halted
-#define USBSTS_REC (1 << 13) // Reclamation
-#define USBSTS_PSS (1 << 14) // Periodic Schedule Status
-#define USBSTS_ASS (1 << 15) // Asynchronous Schedule Status
-
-/*
- * Interrupt enable bits correspond to the interrupt active bits in USBSTS
- * so no need to redefine here.
- */
-#define USBINTR 0x0008
-#define USBINTR_MASK 0x0000003f
-
-#define FRINDEX 0x000c
-#define CTRLDSSEGMENT 0x0010
-#define PERIODICLISTBASE 0x0014
-#define ASYNCLISTADDR 0x0018
-#define ASYNCLISTADDR_MASK 0xffffffe0
-
-#define CONFIGFLAG 0x0040
-
-/*
- * Bits that are reserved or are read-only are masked out of values
- * written to us by software
- */
-#define PORTSC_RO_MASK 0x007001c0
-#define PORTSC_RWC_MASK 0x0000002a
-#define PORTSC_WKOC_E (1 << 22) // Wake on Over Current Enable
-#define PORTSC_WKDS_E (1 << 21) // Wake on Disconnect Enable
-#define PORTSC_WKCN_E (1 << 20) // Wake on Connect Enable
-#define PORTSC_PTC (15 << 16) // Port Test Control
-#define PORTSC_PTC_SH 16 // Port Test Control shift
-#define PORTSC_PIC (3 << 14) // Port Indicator Control
-#define PORTSC_PIC_SH 14 // Port Indicator Control Shift
-#define PORTSC_POWNER (1 << 13) // Port Owner
-#define PORTSC_PPOWER (1 << 12) // Port Power
-#define PORTSC_LINESTAT (3 << 10) // Port Line Status
-#define PORTSC_LINESTAT_SH 10 // Port Line Status Shift
-#define PORTSC_PRESET (1 << 8) // Port Reset
-#define PORTSC_SUSPEND (1 << 7) // Port Suspend
-#define PORTSC_FPRES (1 << 6) // Force Port Resume
-#define PORTSC_OCC (1 << 5) // Over Current Change
-#define PORTSC_OCA (1 << 4) // Over Current Active
-#define PORTSC_PEDC (1 << 3) // Port Enable/Disable Change
-#define PORTSC_PED (1 << 2) // Port Enable/Disable
-#define PORTSC_CSC (1 << 1) // Connect Status Change
-#define PORTSC_CONNECT (1 << 0) // Current Connect Status
-
#define FRAME_TIMER_FREQ 1000
#define FRAME_TIMER_NS (1000000000 / FRAME_TIMER_FREQ)
#define UFRAME_TIMER_NS (FRAME_TIMER_NS / 8)
diff --git a/include/hw/usb/ehci-regs.h b/include/hw/usb/ehci-regs.h
new file mode 100644
index 0000000..616f1b8
--- /dev/null
+++ b/include/hw/usb/ehci-regs.h
@@ -0,0 +1,82 @@
+#ifndef HW_USB_EHCI_REGS_H
+#define HW_USB_EHCI_REGS_H 1
+
+/* Capability Registers Base Address - section 2.2 */
+#define CAPLENGTH 0x0000 /* 1-byte, 0x0001 reserved */
+#define HCIVERSION 0x0002 /* 2-bytes, i/f version # */
+#define HCSPARAMS 0x0004 /* 4-bytes, structural params */
+#define HCCPARAMS 0x0008 /* 4-bytes, capability params */
+#define EECP HCCPARAMS + 1
+#define HCSPPORTROUTE1 0x000c
+#define HCSPPORTROUTE2 0x0010
+
+#define USBCMD 0x0000
+#define USBCMD_RUNSTOP (1 << 0) // run / Stop
+#define USBCMD_HCRESET (1 << 1) // HC Reset
+#define USBCMD_FLS (3 << 2) // Frame List Size
+#define USBCMD_FLS_SH 2 // Frame List Size Shift
+#define USBCMD_PSE (1 << 4) // Periodic Schedule Enable
+#define USBCMD_ASE (1 << 5) // Asynch Schedule Enable
+#define USBCMD_IAAD (1 << 6) // Int Asynch Advance Doorbell
+#define USBCMD_LHCR (1 << 7) // Light Host Controller Reset
+#define USBCMD_ASPMC (3 << 8) // Async Sched Park Mode Count
+#define USBCMD_ASPME (1 << 11) // Async Sched Park Mode Enable
+#define USBCMD_ITC (0x7f << 16) // Int Threshold Control
+#define USBCMD_ITC_SH 16 // Int Threshold Control Shift
+
+#define USBSTS 0x0004
+#define USBSTS_RO_MASK 0x0000003f
+#define USBSTS_INT (1 << 0) // USB Interrupt
+#define USBSTS_ERRINT (1 << 1) // Error Interrupt
+#define USBSTS_PCD (1 << 2) // Port Change Detect
+#define USBSTS_FLR (1 << 3) // Frame List Rollover
+#define USBSTS_HSE (1 << 4) // Host System Error
+#define USBSTS_IAA (1 << 5) // Interrupt on Async Advance
+#define USBSTS_HALT (1 << 12) // HC Halted
+#define USBSTS_REC (1 << 13) // Reclamation
+#define USBSTS_PSS (1 << 14) // Periodic Schedule Status
+#define USBSTS_ASS (1 << 15) // Asynchronous Schedule Status
+
+/*
+ * Interrupt enable bits correspond to the interrupt active bits in USBSTS
+ * so no need to redefine here.
+ */
+#define USBINTR 0x0008
+#define USBINTR_MASK 0x0000003f
+
+#define FRINDEX 0x000c
+#define CTRLDSSEGMENT 0x0010
+#define PERIODICLISTBASE 0x0014
+#define ASYNCLISTADDR 0x0018
+#define ASYNCLISTADDR_MASK 0xffffffe0
+
+#define CONFIGFLAG 0x0040
+
+/*
+ * Bits that are reserved or are read-only are masked out of values
+ * written to us by software
+ */
+#define PORTSC_RO_MASK 0x007001c0
+#define PORTSC_RWC_MASK 0x0000002a
+#define PORTSC_WKOC_E (1 << 22) // Wake on Over Current Enable
+#define PORTSC_WKDS_E (1 << 21) // Wake on Disconnect Enable
+#define PORTSC_WKCN_E (1 << 20) // Wake on Connect Enable
+#define PORTSC_PTC (15 << 16) // Port Test Control
+#define PORTSC_PTC_SH 16 // Port Test Control shift
+#define PORTSC_PIC (3 << 14) // Port Indicator Control
+#define PORTSC_PIC_SH 14 // Port Indicator Control Shift
+#define PORTSC_POWNER (1 << 13) // Port Owner
+#define PORTSC_PPOWER (1 << 12) // Port Power
+#define PORTSC_LINESTAT (3 << 10) // Port Line Status
+#define PORTSC_LINESTAT_SH 10 // Port Line Status Shift
+#define PORTSC_PRESET (1 << 8) // Port Reset
+#define PORTSC_SUSPEND (1 << 7) // Port Suspend
+#define PORTSC_FPRES (1 << 6) // Force Port Resume
+#define PORTSC_OCC (1 << 5) // Over Current Change
+#define PORTSC_OCA (1 << 4) // Over Current Active
+#define PORTSC_PEDC (1 << 3) // Port Enable/Disable Change
+#define PORTSC_PED (1 << 2) // Port Enable/Disable
+#define PORTSC_CSC (1 << 1) // Connect Status Change
+#define PORTSC_CONNECT (1 << 0) // Current Connect Status
+
+#endif /* HW_USB_EHCI_REGS_H */
commit 95dd1c4d7a46d4a21fe870bb8654aeae338de85c
Author: Gerd Hoffmann <kraxel at redhat.com>
Date: Thu May 8 11:42:53 2014 +0200
usb: add uhci port status reserved bit
Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
diff --git a/include/hw/usb/uhci-regs.h b/include/hw/usb/uhci-regs.h
index 63c8223..c7315c5 100644
--- a/include/hw/usb/uhci-regs.h
+++ b/include/hw/usb/uhci-regs.h
@@ -27,6 +27,7 @@
#define UHCI_PORT_SUSPEND (1 << 12)
#define UHCI_PORT_RESET (1 << 9)
#define UHCI_PORT_LSDA (1 << 8)
+#define UHCI_PORT_RSVD1 (1 << 7)
#define UHCI_PORT_RD (1 << 6)
#define UHCI_PORT_ENC (1 << 3)
#define UHCI_PORT_EN (1 << 2)
commit 9a1d111e70d6d3e0d8faf750e28aa5d2cc30d6bf
Author: Gerd Hoffmann <kraxel at redhat.com>
Date: Thu May 8 10:58:44 2014 +0200
usb: move uhci register defines to header file
So we can easily use them in tests.
Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
diff --git a/hw/usb/hcd-uhci.c b/hw/usb/hcd-uhci.c
index 9b1166b..c3bf72c 100644
--- a/hw/usb/hcd-uhci.c
+++ b/hw/usb/hcd-uhci.c
@@ -27,6 +27,7 @@
*/
#include "hw/hw.h"
#include "hw/usb.h"
+#include "hw/usb/uhci-regs.h"
#include "hw/pci/pci.h"
#include "qemu/timer.h"
#include "qemu/iov.h"
@@ -37,41 +38,6 @@
//#define DEBUG
//#define DEBUG_DUMP_DATA
-#define UHCI_CMD_FGR (1 << 4)
-#define UHCI_CMD_EGSM (1 << 3)
-#define UHCI_CMD_GRESET (1 << 2)
-#define UHCI_CMD_HCRESET (1 << 1)
-#define UHCI_CMD_RS (1 << 0)
-
-#define UHCI_STS_HCHALTED (1 << 5)
-#define UHCI_STS_HCPERR (1 << 4)
-#define UHCI_STS_HSERR (1 << 3)
-#define UHCI_STS_RD (1 << 2)
-#define UHCI_STS_USBERR (1 << 1)
-#define UHCI_STS_USBINT (1 << 0)
-
-#define TD_CTRL_SPD (1 << 29)
-#define TD_CTRL_ERROR_SHIFT 27
-#define TD_CTRL_IOS (1 << 25)
-#define TD_CTRL_IOC (1 << 24)
-#define TD_CTRL_ACTIVE (1 << 23)
-#define TD_CTRL_STALL (1 << 22)
-#define TD_CTRL_BABBLE (1 << 20)
-#define TD_CTRL_NAK (1 << 19)
-#define TD_CTRL_TIMEOUT (1 << 18)
-
-#define UHCI_PORT_SUSPEND (1 << 12)
-#define UHCI_PORT_RESET (1 << 9)
-#define UHCI_PORT_LSDA (1 << 8)
-#define UHCI_PORT_RD (1 << 6)
-#define UHCI_PORT_ENC (1 << 3)
-#define UHCI_PORT_EN (1 << 2)
-#define UHCI_PORT_CSC (1 << 1)
-#define UHCI_PORT_CCS (1 << 0)
-
-#define UHCI_PORT_READ_ONLY (0x1bb)
-#define UHCI_PORT_WRITE_CLEAR (UHCI_PORT_CSC | UHCI_PORT_ENC)
-
#define FRAME_TIMER_FREQ 1000
#define FRAME_MAX_LOOPS 256
diff --git a/include/hw/usb/uhci-regs.h b/include/hw/usb/uhci-regs.h
new file mode 100644
index 0000000..63c8223
--- /dev/null
+++ b/include/hw/usb/uhci-regs.h
@@ -0,0 +1,39 @@
+#ifndef HW_USB_UHCI_REGS_H
+#define HW_USB_UHCI_REGS_H 1
+
+#define UHCI_CMD_FGR (1 << 4)
+#define UHCI_CMD_EGSM (1 << 3)
+#define UHCI_CMD_GRESET (1 << 2)
+#define UHCI_CMD_HCRESET (1 << 1)
+#define UHCI_CMD_RS (1 << 0)
+
+#define UHCI_STS_HCHALTED (1 << 5)
+#define UHCI_STS_HCPERR (1 << 4)
+#define UHCI_STS_HSERR (1 << 3)
+#define UHCI_STS_RD (1 << 2)
+#define UHCI_STS_USBERR (1 << 1)
+#define UHCI_STS_USBINT (1 << 0)
+
+#define TD_CTRL_SPD (1 << 29)
+#define TD_CTRL_ERROR_SHIFT 27
+#define TD_CTRL_IOS (1 << 25)
+#define TD_CTRL_IOC (1 << 24)
+#define TD_CTRL_ACTIVE (1 << 23)
+#define TD_CTRL_STALL (1 << 22)
+#define TD_CTRL_BABBLE (1 << 20)
+#define TD_CTRL_NAK (1 << 19)
+#define TD_CTRL_TIMEOUT (1 << 18)
+
+#define UHCI_PORT_SUSPEND (1 << 12)
+#define UHCI_PORT_RESET (1 << 9)
+#define UHCI_PORT_LSDA (1 << 8)
+#define UHCI_PORT_RD (1 << 6)
+#define UHCI_PORT_ENC (1 << 3)
+#define UHCI_PORT_EN (1 << 2)
+#define UHCI_PORT_CSC (1 << 1)
+#define UHCI_PORT_CCS (1 << 0)
+
+#define UHCI_PORT_READ_ONLY (0x1bb)
+#define UHCI_PORT_WRITE_CLEAR (UHCI_PORT_CSC | UHCI_PORT_ENC)
+
+#endif /* HW_USB_UHCI_REGS_H */
commit ad489e9346273e71facdf786b811600688ab2149
Author: Gerd Hoffmann <kraxel at redhat.com>
Date: Thu May 8 10:54:33 2014 +0200
qtest: fix qpci_config_writel
Found by Paolo.
Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
diff --git a/tests/libqos/pci.c b/tests/libqos/pci.c
index 7e0907b..c9a0b91 100644
--- a/tests/libqos/pci.c
+++ b/tests/libqos/pci.c
@@ -103,7 +103,7 @@ void qpci_config_writew(QPCIDevice *dev, uint8_t offset, uint16_t value)
void qpci_config_writel(QPCIDevice *dev, uint8_t offset, uint32_t value)
{
- dev->bus->config_writew(dev->bus, dev->devfn, offset, value);
+ dev->bus->config_writel(dev->bus, dev->devfn, offset, value);
}
commit 5e70018b00dbe59a96b80933a0dd308ee1ec4488
Author: David Gibson <david at gibson.dropbear.id.au>
Date: Fri May 30 13:10:07 2014 -0600
vfio: Add guest side IOMMU support
This patch uses the new IOMMU notifiers to allow VFIO pass through devices
to work with guest side IOMMUs, as long as the host-side VFIO iommu has
sufficient capability and granularity to match the guest side. This works
by tracking all map and unmap operations on the guest IOMMU using the
notifiers, and mirroring them into VFIO.
There are a number of FIXMEs, and the scheme involves rather more notifier
structures than I'd like, but it should make for a reasonable proof of
concept.
Signed-off-by: David Gibson <david at gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik at ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson at redhat.com>
diff --git a/hw/misc/vfio.c b/hw/misc/vfio.c
index b170fd2..7437c2e 100644
--- a/hw/misc/vfio.c
+++ b/hw/misc/vfio.c
@@ -160,10 +160,18 @@ typedef struct VFIOContainer {
};
void (*release)(struct VFIOContainer *);
} iommu_data;
+ QLIST_HEAD(, VFIOGuestIOMMU) giommu_list;
QLIST_HEAD(, VFIOGroup) group_list;
QLIST_ENTRY(VFIOContainer) next;
} VFIOContainer;
+typedef struct VFIOGuestIOMMU {
+ VFIOContainer *container;
+ MemoryRegion *iommu;
+ Notifier n;
+ QLIST_ENTRY(VFIOGuestIOMMU) giommu_next;
+} VFIOGuestIOMMU;
+
/* Cache of MSI-X setup plus extra mmap and memory region for split BAR map */
typedef struct VFIOMSIXInfo {
uint8_t table_bar;
@@ -2383,7 +2391,8 @@ static int vfio_dma_map(VFIOContainer *container, hwaddr iova,
static bool vfio_listener_skipped_section(MemoryRegionSection *section)
{
- return !memory_region_is_ram(section->mr) ||
+ return (!memory_region_is_ram(section->mr) &&
+ !memory_region_is_iommu(section->mr)) ||
/*
* Sizing an enabled 64-bit BAR can cause spurious mappings to
* addresses in the upper part of the 64-bit address space. These
@@ -2393,6 +2402,65 @@ static bool vfio_listener_skipped_section(MemoryRegionSection *section)
section->offset_within_address_space & (1ULL << 63);
}
+static void vfio_iommu_map_notify(Notifier *n, void *data)
+{
+ VFIOGuestIOMMU *giommu = container_of(n, VFIOGuestIOMMU, n);
+ VFIOContainer *container = giommu->container;
+ IOMMUTLBEntry *iotlb = data;
+ MemoryRegion *mr;
+ hwaddr xlat;
+ hwaddr len = iotlb->addr_mask + 1;
+ void *vaddr;
+ int ret;
+
+ DPRINTF("iommu map @ %"HWADDR_PRIx" - %"HWADDR_PRIx"\n",
+ iotlb->iova, iotlb->iova + iotlb->addr_mask);
+
+ /*
+ * The IOMMU TLB entry we have just covers translation through
+ * this IOMMU to its immediate target. We need to translate
+ * it the rest of the way through to memory.
+ */
+ mr = address_space_translate(&address_space_memory,
+ iotlb->translated_addr,
+ &xlat, &len, iotlb->perm & IOMMU_WO);
+ if (!memory_region_is_ram(mr)) {
+ DPRINTF("iommu map to non memory area %"HWADDR_PRIx"\n",
+ xlat);
+ return;
+ }
+ /*
+ * Translation truncates length to the IOMMU page size,
+ * check that it did not truncate too much.
+ */
+ if (len & iotlb->addr_mask) {
+ DPRINTF("iommu has granularity incompatible with target AS\n");
+ return;
+ }
+
+ if (iotlb->perm != IOMMU_NONE) {
+ vaddr = memory_region_get_ram_ptr(mr) + xlat;
+
+ ret = vfio_dma_map(container, iotlb->iova,
+ iotlb->addr_mask + 1, vaddr,
+ !(iotlb->perm & IOMMU_WO) || mr->readonly);
+ if (ret) {
+ error_report("vfio_dma_map(%p, 0x%"HWADDR_PRIx", "
+ "0x%"HWADDR_PRIx", %p) = %d (%m)",
+ container, iotlb->iova,
+ iotlb->addr_mask + 1, vaddr, ret);
+ }
+ } else {
+ ret = vfio_dma_unmap(container, iotlb->iova, iotlb->addr_mask + 1);
+ if (ret) {
+ error_report("vfio_dma_unmap(%p, 0x%"HWADDR_PRIx", "
+ "0x%"HWADDR_PRIx") = %d (%m)",
+ container, iotlb->iova,
+ iotlb->addr_mask + 1, ret);
+ }
+ }
+}
+
static void vfio_listener_region_add(MemoryListener *listener,
MemoryRegionSection *section)
{
@@ -2403,8 +2471,6 @@ static void vfio_listener_region_add(MemoryListener *listener,
void *vaddr;
int ret;
- assert(!memory_region_is_iommu(section->mr));
-
if (vfio_listener_skipped_section(section)) {
DPRINTF("SKIPPING region_add %"HWADDR_PRIx" - %"PRIx64"\n",
section->offset_within_address_space,
@@ -2428,15 +2494,57 @@ static void vfio_listener_region_add(MemoryListener *listener,
return;
}
+ memory_region_ref(section->mr);
+
+ if (memory_region_is_iommu(section->mr)) {
+ VFIOGuestIOMMU *giommu;
+
+ DPRINTF("region_add [iommu] %"HWADDR_PRIx" - %"HWADDR_PRIx"\n",
+ iova, int128_get64(int128_sub(llend, int128_one())));
+ /*
+ * FIXME: We should do some checking to see if the
+ * capabilities of the host VFIO IOMMU are adequate to model
+ * the guest IOMMU
+ *
+ * FIXME: For VFIO iommu types which have KVM acceleration to
+ * avoid bouncing all map/unmaps through qemu this way, this
+ * would be the right place to wire that up (tell the KVM
+ * device emulation the VFIO iommu handles to use).
+ */
+ /*
+ * This assumes that the guest IOMMU is empty of
+ * mappings at this point.
+ *
+ * One way of doing this is:
+ * 1. Avoid sharing IOMMUs between emulated devices or different
+ * IOMMU groups.
+ * 2. Implement VFIO_IOMMU_ENABLE in the host kernel to fail if
+ * there are some mappings in IOMMU.
+ *
+ * VFIO on SPAPR does that. Other IOMMU models may do that different,
+ * they must make sure there are no existing mappings or
+ * loop through existing mappings to map them into VFIO.
+ */
+ giommu = g_malloc0(sizeof(*giommu));
+ giommu->iommu = section->mr;
+ giommu->container = container;
+ giommu->n.notify = vfio_iommu_map_notify;
+ QLIST_INSERT_HEAD(&container->giommu_list, giommu, giommu_next);
+ memory_region_register_iommu_notifier(giommu->iommu, &giommu->n);
+
+ return;
+ }
+
+ /* Here we assume that memory_region_is_ram(section->mr)==true */
+
end = int128_get64(llend);
vaddr = memory_region_get_ram_ptr(section->mr) +
section->offset_within_region +
(iova - section->offset_within_address_space);
- DPRINTF("region_add %"HWADDR_PRIx" - %"HWADDR_PRIx" [%p]\n",
+ DPRINTF("region_add [ram] %"HWADDR_PRIx" - %"HWADDR_PRIx" [%p]\n",
iova, end - 1, vaddr);
- memory_region_ref(section->mr);
ret = vfio_dma_map(container, iova, end - iova, vaddr, section->readonly);
if (ret) {
error_report("vfio_dma_map(%p, 0x%"HWADDR_PRIx", "
@@ -2480,6 +2588,27 @@ static void vfio_listener_region_del(MemoryListener *listener,
return;
}
+ if (memory_region_is_iommu(section->mr)) {
+ VFIOGuestIOMMU *giommu;
+
+ QLIST_FOREACH(giommu, &container->giommu_list, giommu_next) {
+ if (giommu->iommu == section->mr) {
+ memory_region_unregister_iommu_notifier(&giommu->n);
+ QLIST_REMOVE(giommu, giommu_next);
+ g_free(giommu);
+ break;
+ }
+ }
+
+ /*
+ * FIXME: We assume the one big unmap below is adequate to
+ * remove any individual page mappings in the IOMMU which
+ * might have been copied into VFIO. This works for a page table
+ * based IOMMU where a big unmap flattens a large range of IO-PTEs.
+ * That may not be true for all IOMMU types.
+ */
+ }
+
iova = TARGET_PAGE_ALIGN(section->offset_within_address_space);
end = (section->offset_within_address_space + int128_get64(section->size)) &
TARGET_PAGE_MASK;
commit 0688448b71d22912601380b7e7eb66a38dc996b8
Author: David Gibson <david at gibson.dropbear.id.au>
Date: Fri May 30 13:09:14 2014 -0600
vfio: Create VFIOAddressSpace objects as needed
So far, VFIO has a notion of different logical DMA address spaces, but
only ever uses one (system memory). This patch extends this, creating
new VFIOAddressSpace objects as necessary, according to the AddressSpace
reported by the PCI subsystem for this device's DMAs.
This isn't enough yet to support guest side IOMMUs with VFIO, but it does
mean we could now support VFIO devices on, for example, a guest side PCI
host bridge which maps system memory at somewhere other than 0 in PCI
space.
Signed-off-by: David Gibson <david at gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik at ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson at redhat.com>
diff --git a/hw/misc/vfio.c b/hw/misc/vfio.c
index c764322..b170fd2 100644
--- a/hw/misc/vfio.c
+++ b/hw/misc/vfio.c
@@ -139,13 +139,8 @@ typedef struct VFIOAddressSpace {
QLIST_ENTRY(VFIOAddressSpace) list;
} VFIOAddressSpace;
-static VFIOAddressSpace vfio_address_space_memory;
-
-static void vfio_address_space_init(VFIOAddressSpace *space, AddressSpace *as)
-{
- space->as = as;
- QLIST_INIT(&space->containers);
-}
+static QLIST_HEAD(, VFIOAddressSpace) vfio_address_spaces =
+ QLIST_HEAD_INITIALIZER(vfio_address_spaces);
struct VFIOGroup;
@@ -3433,13 +3428,41 @@ static void vfio_kvm_device_del_group(VFIOGroup *group)
#endif
}
+static VFIOAddressSpace *vfio_get_address_space(AddressSpace *as)
+{
+ VFIOAddressSpace *space;
+
+ QLIST_FOREACH(space, &vfio_address_spaces, list) {
+ if (space->as == as) {
+ return space;
+ }
+ }
+
+ /* No suitable VFIOAddressSpace, create a new one */
+ space = g_malloc0(sizeof(*space));
+ space->as = as;
+ QLIST_INIT(&space->containers);
+
+ QLIST_INSERT_HEAD(&vfio_address_spaces, space, list);
+
+ return space;
+}
+
+static void vfio_put_address_space(VFIOAddressSpace *space)
+{
+ if (QLIST_EMPTY(&space->containers)) {
+ QLIST_REMOVE(space, list);
+ g_free(space);
+ }
+}
+
static int vfio_connect_container(VFIOGroup *group, AddressSpace *as)
{
VFIOContainer *container;
int ret, fd;
VFIOAddressSpace *space;
- space = &vfio_address_space_memory;
+ space = vfio_get_address_space(as);
QLIST_FOREACH(container, &space->containers, next) {
if (!ioctl(group->fd, VFIO_GROUP_SET_CONTAINER, &container->fd)) {
@@ -3452,7 +3475,8 @@ static int vfio_connect_container(VFIOGroup *group, AddressSpace *as)
fd = qemu_open("/dev/vfio/vfio", O_RDWR);
if (fd < 0) {
error_report("vfio: failed to open /dev/vfio/vfio: %m");
- return -errno;
+ ret = -errno;
+ goto put_space_exit;
}
ret = ioctl(fd, VFIO_GET_API_VERSION);
@@ -3519,6 +3543,9 @@ free_container_exit:
close_fd_exit:
close(fd);
+put_space_exit:
+ vfio_put_address_space(space);
+
return ret;
}
@@ -3535,6 +3562,8 @@ static void vfio_disconnect_container(VFIOGroup *group)
group->container = NULL;
if (QLIST_EMPTY(&container->group_list)) {
+ VFIOAddressSpace *space = container->space;
+
if (container->iommu_data.release) {
container->iommu_data.release(container);
}
@@ -3542,6 +3571,8 @@ static void vfio_disconnect_container(VFIOGroup *group)
DPRINTF("vfio_disconnect_container: close container->fd\n");
close(container->fd);
g_free(container);
+
+ vfio_put_address_space(space);
}
}
@@ -3940,12 +3971,7 @@ static int vfio_initfn(PCIDevice *pdev)
DPRINTF("%s(%04x:%02x:%02x.%x) group %d\n", __func__, vdev->host.domain,
vdev->host.bus, vdev->host.slot, vdev->host.function, groupid);
- if (pci_device_iommu_address_space(pdev) != &address_space_memory) {
- error_report("vfio: DMA address space must be system memory");
- return -EINVAL;
- }
-
- group = vfio_get_group(groupid, &address_space_memory);
+ group = vfio_get_group(groupid, pci_device_iommu_address_space(pdev));
if (!group) {
error_report("vfio: failed to get group %d", groupid);
return -ENOENT;
@@ -4159,7 +4185,6 @@ static const TypeInfo vfio_pci_dev_info = {
static void register_vfio_pci_dev_type(void)
{
- vfio_address_space_init(&vfio_address_space_memory, &address_space_memory);
type_register_static(&vfio_pci_dev_info);
}
commit 3df3e0a5872cbc8fcc55a0413416352eec68132e
Author: David Gibson <david at gibson.dropbear.id.au>
Date: Fri May 30 13:05:19 2014 -0600
vfio: Introduce VFIO address spaces
The only model so far supported for VFIO passthrough devices is the model
usually used on x86, where all of the guest's RAM is mapped into the
(host) IOMMU and there is no IOMMU visible in the guest.
This patch begins to relax this model, introducing the notion of a
VFIOAddressSpace. This represents a logical DMA address space which will
be visible to one or more VFIO devices by appropriate mapping in the (host)
IOMMU. Thus the currently global list of containers becomes local to
a VFIOAddressSpace, and we verify that we don't attempt to add a VFIO
group to multiple address spaces.
For now, only one VFIOAddressSpace is created and used, corresponding to
main system memory, that will change in future patches.
Signed-off-by: David Gibson <david at gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik at ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson at redhat.com>
diff --git a/hw/misc/vfio.c b/hw/misc/vfio.c
index cba0ac1..c764322 100644
--- a/hw/misc/vfio.c
+++ b/hw/misc/vfio.c
@@ -133,6 +133,20 @@ enum {
VFIO_INT_MSIX = 3,
};
+typedef struct VFIOAddressSpace {
+ AddressSpace *as;
+ QLIST_HEAD(, VFIOContainer) containers;
+ QLIST_ENTRY(VFIOAddressSpace) list;
+} VFIOAddressSpace;
+
+static VFIOAddressSpace vfio_address_space_memory;
+
+static void vfio_address_space_init(VFIOAddressSpace *space, AddressSpace *as)
+{
+ space->as = as;
+ QLIST_INIT(&space->containers);
+}
+
struct VFIOGroup;
typedef struct VFIOType1 {
@@ -142,6 +156,7 @@ typedef struct VFIOType1 {
} VFIOType1;
typedef struct VFIOContainer {
+ VFIOAddressSpace *space;
int fd; /* /dev/vfio/vfio, empowered by the attached groups */
struct {
/* enable abstraction to support various iommu backends */
@@ -234,9 +249,6 @@ static const VFIORomBlacklistEntry romblacklist[] = {
#define MSIX_CAP_LENGTH 12
-static QLIST_HEAD(, VFIOContainer)
- container_list = QLIST_HEAD_INITIALIZER(container_list);
-
static QLIST_HEAD(, VFIOGroup)
group_list = QLIST_HEAD_INITIALIZER(group_list);
@@ -3421,16 +3433,15 @@ static void vfio_kvm_device_del_group(VFIOGroup *group)
#endif
}
-static int vfio_connect_container(VFIOGroup *group)
+static int vfio_connect_container(VFIOGroup *group, AddressSpace *as)
{
VFIOContainer *container;
int ret, fd;
+ VFIOAddressSpace *space;
- if (group->container) {
- return 0;
- }
+ space = &vfio_address_space_memory;
- QLIST_FOREACH(container, &container_list, next) {
+ QLIST_FOREACH(container, &space->containers, next) {
if (!ioctl(group->fd, VFIO_GROUP_SET_CONTAINER, &container->fd)) {
group->container = container;
QLIST_INSERT_HEAD(&container->group_list, group, container_next);
@@ -3453,6 +3464,7 @@ static int vfio_connect_container(VFIOGroup *group)
}
container = g_malloc0(sizeof(*container));
+ container->space = space;
container->fd = fd;
if (ioctl(fd, VFIO_CHECK_EXTENSION, VFIO_TYPE1_IOMMU)) {
@@ -3491,7 +3503,7 @@ static int vfio_connect_container(VFIOGroup *group)
}
QLIST_INIT(&container->group_list);
- QLIST_INSERT_HEAD(&container_list, container, next);
+ QLIST_INSERT_HEAD(&space->containers, container, next);
group->container = container;
QLIST_INSERT_HEAD(&container->group_list, group, container_next);
@@ -3533,7 +3545,7 @@ static void vfio_disconnect_container(VFIOGroup *group)
}
}
-static VFIOGroup *vfio_get_group(int groupid)
+static VFIOGroup *vfio_get_group(int groupid, AddressSpace *as)
{
VFIOGroup *group;
char path[32];
@@ -3541,7 +3553,14 @@ static VFIOGroup *vfio_get_group(int groupid)
QLIST_FOREACH(group, &group_list, next) {
if (group->groupid == groupid) {
- return group;
+ /* Found it. Now is it already in the right context? */
+ if (group->container->space->as == as) {
+ return group;
+ } else {
+ error_report("vfio: group %d used in multiple address spaces",
+ group->groupid);
+ return NULL;
+ }
}
}
@@ -3569,7 +3588,7 @@ static VFIOGroup *vfio_get_group(int groupid)
group->groupid = groupid;
QLIST_INIT(&group->device_list);
- if (vfio_connect_container(group)) {
+ if (vfio_connect_container(group, as)) {
error_report("vfio: failed to setup container for group %d", groupid);
goto close_fd_exit;
}
@@ -3921,7 +3940,12 @@ static int vfio_initfn(PCIDevice *pdev)
DPRINTF("%s(%04x:%02x:%02x.%x) group %d\n", __func__, vdev->host.domain,
vdev->host.bus, vdev->host.slot, vdev->host.function, groupid);
- group = vfio_get_group(groupid);
+ if (pci_device_iommu_address_space(pdev) != &address_space_memory) {
+ error_report("vfio: DMA address space must be system memory");
+ return -EINVAL;
+ }
+
+ group = vfio_get_group(groupid, &address_space_memory);
if (!group) {
error_report("vfio: failed to get group %d", groupid);
return -ENOENT;
@@ -4135,6 +4159,7 @@ static const TypeInfo vfio_pci_dev_info = {
static void register_vfio_pci_dev_type(void)
{
+ vfio_address_space_init(&vfio_address_space_memory, &address_space_memory);
type_register_static(&vfio_pci_dev_info);
}
commit 279a35ab4a8515d1eac06a76547d4b65a6cde519
Author: Alexey Kardashevskiy <aik at ozlabs.ru>
Date: Fri May 30 13:03:21 2014 -0600
vfio: Rework to have error paths
This reworks vfio_connect_container() and vfio_get_group() to have
common exit path at the end of the function bodies.
Signed-off-by: Alexey Kardashevskiy <aik at ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson at redhat.com>
diff --git a/hw/misc/vfio.c b/hw/misc/vfio.c
index 0d4594e..cba0ac1 100644
--- a/hw/misc/vfio.c
+++ b/hw/misc/vfio.c
@@ -3448,8 +3448,8 @@ static int vfio_connect_container(VFIOGroup *group)
if (ret != VFIO_API_VERSION) {
error_report("vfio: supported vfio version: %d, "
"reported version: %d", VFIO_API_VERSION, ret);
- close(fd);
- return -EINVAL;
+ ret = -EINVAL;
+ goto close_fd_exit;
}
container = g_malloc0(sizeof(*container));
@@ -3459,17 +3459,15 @@ static int vfio_connect_container(VFIOGroup *group)
ret = ioctl(group->fd, VFIO_GROUP_SET_CONTAINER, &fd);
if (ret) {
error_report("vfio: failed to set group container: %m");
- g_free(container);
- close(fd);
- return -errno;
+ ret = -errno;
+ goto free_container_exit;
}
ret = ioctl(fd, VFIO_SET_IOMMU, VFIO_TYPE1_IOMMU);
if (ret) {
error_report("vfio: failed to set iommu for container: %m");
- g_free(container);
- close(fd);
- return -errno;
+ ret = -errno;
+ goto free_container_exit;
}
container->iommu_data.type1.listener = vfio_memory_listener;
@@ -3480,20 +3478,16 @@ static int vfio_connect_container(VFIOGroup *group)
if (container->iommu_data.type1.error) {
ret = container->iommu_data.type1.error;
- vfio_listener_release(container);
- g_free(container);
- close(fd);
error_report("vfio: memory listener initialization failed for container");
- return ret;
+ goto listener_release_exit;
}
container->iommu_data.type1.initialized = true;
} else {
error_report("vfio: No available IOMMU models");
- g_free(container);
- close(fd);
- return -EINVAL;
+ ret = -EINVAL;
+ goto free_container_exit;
}
QLIST_INIT(&container->group_list);
@@ -3503,6 +3497,17 @@ static int vfio_connect_container(VFIOGroup *group)
QLIST_INSERT_HEAD(&container->group_list, group, container_next);
return 0;
+
+listener_release_exit:
+ vfio_listener_release(container);
+
+free_container_exit:
+ g_free(container);
+
+close_fd_exit:
+ close(fd);
+
+ return ret;
}
static void vfio_disconnect_container(VFIOGroup *group)
@@ -3546,24 +3551,19 @@ static VFIOGroup *vfio_get_group(int groupid)
group->fd = qemu_open(path, O_RDWR);
if (group->fd < 0) {
error_report("vfio: error opening %s: %m", path);
- g_free(group);
- return NULL;
+ goto free_group_exit;
}
if (ioctl(group->fd, VFIO_GROUP_GET_STATUS, &status)) {
error_report("vfio: error getting group status: %m");
- close(group->fd);
- g_free(group);
- return NULL;
+ goto close_fd_exit;
}
if (!(status.flags & VFIO_GROUP_FLAGS_VIABLE)) {
error_report("vfio: error, group %d is not viable, please ensure "
"all devices within the iommu_group are bound to their "
"vfio bus driver.", groupid);
- close(group->fd);
- g_free(group);
- return NULL;
+ goto close_fd_exit;
}
group->groupid = groupid;
@@ -3571,9 +3571,7 @@ static VFIOGroup *vfio_get_group(int groupid)
if (vfio_connect_container(group)) {
error_report("vfio: failed to setup container for group %d", groupid);
- close(group->fd);
- g_free(group);
- return NULL;
+ goto close_fd_exit;
}
if (QLIST_EMPTY(&group_list)) {
@@ -3585,6 +3583,14 @@ static VFIOGroup *vfio_get_group(int groupid)
vfio_kvm_device_add_group(group);
return group;
+
+close_fd_exit:
+ close(group->fd);
+
+free_group_exit:
+ g_free(group);
+
+ return NULL;
}
static void vfio_put_group(VFIOGroup *group)
commit 7532d3cbf148f72c9476484223b94a188ab59706
Author: Alexey Kardashevskiy <aik at ozlabs.ru>
Date: Fri May 30 13:02:02 2014 -0600
vfio: Fix 128 bit handling
Upcoming VFIO on SPAPR PPC64 support will initialize the IOMMU
memory region with UINT64_MAX (2^64 bytes) size so int128_get64()
will assert.
The patch takes care of this check. The existing type1 IOMMU code
is not expected to map all 64 bits of RAM so the patch does not
touch that part.
Signed-off-by: Alexey Kardashevskiy <aik at ozlabs.ru>
Reviewed-by: Paolo Bonzini <pbonzini at redhat.com>
Signed-off-by: Alex Williamson <alex.williamson at redhat.com>
diff --git a/hw/misc/vfio.c b/hw/misc/vfio.c
index 76715cc..0d4594e 100644
--- a/hw/misc/vfio.c
+++ b/hw/misc/vfio.c
@@ -2392,6 +2392,7 @@ static void vfio_listener_region_add(MemoryListener *listener,
VFIOContainer *container = container_of(listener, VFIOContainer,
iommu_data.type1.listener);
hwaddr iova, end;
+ Int128 llend;
void *vaddr;
int ret;
@@ -2412,13 +2413,15 @@ static void vfio_listener_region_add(MemoryListener *listener,
}
iova = TARGET_PAGE_ALIGN(section->offset_within_address_space);
- end = (section->offset_within_address_space + int128_get64(section->size)) &
- TARGET_PAGE_MASK;
+ llend = int128_make64(section->offset_within_address_space);
+ llend = int128_add(llend, section->size);
+ llend = int128_and(llend, int128_exts64(TARGET_PAGE_MASK));
- if (iova >= end) {
+ if (int128_ge(int128_make64(iova), llend)) {
return;
}
+ end = int128_get64(llend);
vaddr = memory_region_get_ram_ptr(section->mr) +
section->offset_within_region +
(iova - section->offset_within_address_space);
commit 12e1129b800a14ee77abe598beba41a95c7b86a5
Author: Alexey Kardashevskiy <aik at ozlabs.ru>
Date: Fri May 30 13:00:28 2014 -0600
int128: Add int128_exts64()
This adds macro to extend signed 64bit value to signed 128bit value.
Signed-off-by: Alexey Kardashevskiy <aik at ozlabs.ru>
Reviewed-by: Paolo Bonzini <pbonzini at redhat.com>
Signed-off-by: Alex Williamson <alex.williamson at redhat.com>
diff --git a/include/qemu/int128.h b/include/qemu/int128.h
index f597031..fb782aa 100644
--- a/include/qemu/int128.h
+++ b/include/qemu/int128.h
@@ -38,6 +38,11 @@ static inline Int128 int128_2_64(void)
return (Int128) { 0, 1 };
}
+static inline Int128 int128_exts64(int64_t a)
+{
+ return (Int128) { .lo = a, .hi = (a < 0) ? -1 : 0 };
+}
+
static inline Int128 int128_and(Int128 a, Int128 b)
{
return (Int128) { a.lo & b.lo, a.hi & b.hi };
commit 078c44f48eb9e5134a06f29bec362c1744ca39a3
Author: David Gibson <david at gibson.dropbear.id.au>
Date: Fri May 30 12:59:00 2014 -0600
memory: Sanity check that no listeners remain on a destroyed AddressSpace
At the moment, most AddressSpace objects last as long as the guest system
in practice, but that could well change in future. In addition, for VFIO
we will be introducing some private per-AdressSpace information, which must
be disposed of before the AddressSpace itself is destroyed.
To reduce the chances of subtle bugs in this area, this patch adds
asssertions to ensure that when an AddressSpace is destroyed, there are no
remaining MemoryListeners using that AS as a filter.
Signed-off-by: David Gibson <david at gibson.dropbear.id.au>
Signed-off-by: Alexey Kardashevskiy <aik at ozlabs.ru>
Reviewed-by: Paolo Bonzini <pbonzini at redhat.com>
Signed-off-by: Alex Williamson <alex.williamson at redhat.com>
diff --git a/memory.c b/memory.c
index 3f1df23..678661e 100644
--- a/memory.c
+++ b/memory.c
@@ -1722,12 +1722,19 @@ void address_space_init(AddressSpace *as, MemoryRegion *root, const char *name)
void address_space_destroy(AddressSpace *as)
{
+ MemoryListener *listener;
+
/* Flush out anything from MemoryListeners listening in on this */
memory_region_transaction_begin();
as->root = NULL;
memory_region_transaction_commit();
QTAILQ_REMOVE(&address_spaces, as, address_spaces_link);
address_space_destroy_dispatch(as);
+
+ QTAILQ_FOREACH(listener, &memory_listeners, link) {
+ assert(listener->address_space_filter != as);
+ }
+
flatview_unref(as->current_map);
g_free(as->name);
g_free(as->ioeventfds);
commit 4cb47d281a995cb49e4652cb26bafb3ab2d9bd28
Author: Alex Williamson <alex.williamson at redhat.com>
Date: Fri May 30 12:43:50 2014 -0600
vfio-pci: Quirk RTL8168 NIC
This device is ridiculous. It has two MMIO BARs, BAR4 and BAR2. BAR4
hosts the MSI-X table, so oviously it would be too easy to access it
directly, instead it creates a window register in BAR2 that, among
other things, provides access to the MSI-X table. This means MSI-X
doesn't work in the guest because the driver actually manages to
program the physical table. When interrupt remapping is present, the
device MSI will be blocked. The Linux driver doesn't make use of this
window, so apparently it's not required to make use of MSI-X. This
quirk makes the device work with the Windows driver that does use this
window for MSI-X, but I certainly cannot recommend this device for
assignment (the Windows 7 driver also constantly pokes PCI config
space).
Signed-off-by: Alex Williamson <alex.williamson at redhat.com>
diff --git a/hw/misc/vfio.c b/hw/misc/vfio.c
index 9cf5b84..76715cc 100644
--- a/hw/misc/vfio.c
+++ b/hw/misc/vfio.c
@@ -1668,6 +1668,149 @@ static void vfio_probe_ati_bar4_window_quirk(VFIODevice *vdev, int nr)
vdev->host.function);
}
+#define PCI_VENDOR_ID_REALTEK 0x10ec
+
+/*
+ * RTL8168 devices have a backdoor that can access the MSI-X table. At BAR2
+ * offset 0x70 there is a dword data register, offset 0x74 is a dword address
+ * register. According to the Linux r8169 driver, the MSI-X table is addressed
+ * when the "type" portion of the address register is set to 0x1. This appears
+ * to be bits 16:30. Bit 31 is both a write indicator and some sort of
+ * "address latched" indicator. Bits 12:15 are a mask field, which we can
+ * ignore because the MSI-X table should always be accessed as a dword (full
+ * mask). Bits 0:11 is offset within the type.
+ *
+ * Example trace:
+ *
+ * Read from MSI-X table offset 0
+ * vfio: vfio_bar_write(0000:05:00.0:BAR2+0x74, 0x1f000, 4) // store read addr
+ * vfio: vfio_bar_read(0000:05:00.0:BAR2+0x74, 4) = 0x8001f000 // latch
+ * vfio: vfio_bar_read(0000:05:00.0:BAR2+0x70, 4) = 0xfee00398 // read data
+ *
+ * Write 0xfee00000 to MSI-X table offset 0
+ * vfio: vfio_bar_write(0000:05:00.0:BAR2+0x70, 0xfee00000, 4) // write data
+ * vfio: vfio_bar_write(0000:05:00.0:BAR2+0x74, 0x8001f000, 4) // do write
+ * vfio: vfio_bar_read(0000:05:00.0:BAR2+0x74, 4) = 0x1f000 // complete
+ */
+
+static uint64_t vfio_rtl8168_window_quirk_read(void *opaque,
+ hwaddr addr, unsigned size)
+{
+ VFIOQuirk *quirk = opaque;
+ VFIODevice *vdev = quirk->vdev;
+
+ switch (addr) {
+ case 4: /* address */
+ if (quirk->data.flags) {
+ DPRINTF("%s fake read(%04x:%02x:%02x.%d)\n",
+ memory_region_name(&quirk->mem), vdev->host.domain,
+ vdev->host.bus, vdev->host.slot, vdev->host.function);
+
+ return quirk->data.address_match ^ 0x10000000U;
+ }
+ break;
+ case 0: /* data */
+ if (quirk->data.flags) {
+ uint64_t val;
+
+ DPRINTF("%s MSI-X table read(%04x:%02x:%02x.%d)\n",
+ memory_region_name(&quirk->mem), vdev->host.domain,
+ vdev->host.bus, vdev->host.slot, vdev->host.function);
+
+ if (!(vdev->pdev.cap_present & QEMU_PCI_CAP_MSIX)) {
+ return 0;
+ }
+
+ io_mem_read(&vdev->pdev.msix_table_mmio,
+ (hwaddr)(quirk->data.address_match & 0xfff),
+ &val, size);
+ return val;
+ }
+ }
+
+ DPRINTF("%s direct read(%04x:%02x:%02x.%d)\n",
+ memory_region_name(&quirk->mem), vdev->host.domain,
+ vdev->host.bus, vdev->host.slot, vdev->host.function);
+
+ return vfio_bar_read(&vdev->bars[quirk->data.bar], addr + 0x70, size);
+}
+
+static void vfio_rtl8168_window_quirk_write(void *opaque, hwaddr addr,
+ uint64_t data, unsigned size)
+{
+ VFIOQuirk *quirk = opaque;
+ VFIODevice *vdev = quirk->vdev;
+
+ switch (addr) {
+ case 4: /* address */
+ if ((data & 0x7fff0000) == 0x10000) {
+ if (data & 0x10000000U &&
+ vdev->pdev.cap_present & QEMU_PCI_CAP_MSIX) {
+
+ DPRINTF("%s MSI-X table write(%04x:%02x:%02x.%d)\n",
+ memory_region_name(&quirk->mem), vdev->host.domain,
+ vdev->host.bus, vdev->host.slot, vdev->host.function);
+
+ io_mem_write(&vdev->pdev.msix_table_mmio,
+ (hwaddr)(quirk->data.address_match & 0xfff),
+ data, size);
+ }
+
+ quirk->data.flags = 1;
+ quirk->data.address_match = data;
+
+ return;
+ }
+ quirk->data.flags = 0;
+ break;
+ case 0: /* data */
+ quirk->data.address_mask = data;
+ break;
+ }
+
+ DPRINTF("%s direct write(%04x:%02x:%02x.%d)\n",
+ memory_region_name(&quirk->mem), vdev->host.domain,
+ vdev->host.bus, vdev->host.slot, vdev->host.function);
+
+ vfio_bar_write(&vdev->bars[quirk->data.bar], addr + 0x70, data, size);
+}
+
+static const MemoryRegionOps vfio_rtl8168_window_quirk = {
+ .read = vfio_rtl8168_window_quirk_read,
+ .write = vfio_rtl8168_window_quirk_write,
+ .valid = {
+ .min_access_size = 4,
+ .max_access_size = 4,
+ .unaligned = false,
+ },
+ .endianness = DEVICE_LITTLE_ENDIAN,
+};
+
+static void vfio_probe_rtl8168_bar2_window_quirk(VFIODevice *vdev, int nr)
+{
+ PCIDevice *pdev = &vdev->pdev;
+ VFIOQuirk *quirk;
+
+ if (pci_get_word(pdev->config + PCI_VENDOR_ID) != PCI_VENDOR_ID_REALTEK ||
+ pci_get_word(pdev->config + PCI_DEVICE_ID) != 0x8168 || nr != 2) {
+ return;
+ }
+
+ quirk = g_malloc0(sizeof(*quirk));
+ quirk->vdev = vdev;
+ quirk->data.bar = nr;
+
+ memory_region_init_io(&quirk->mem, OBJECT(vdev), &vfio_rtl8168_window_quirk,
+ quirk, "vfio-rtl8168-window-quirk", 8);
+ memory_region_add_subregion_overlap(&vdev->bars[nr].mem,
+ 0x70, &quirk->mem, 1);
+
+ QLIST_INSERT_HEAD(&vdev->bars[nr].quirks, quirk, next);
+
+ DPRINTF("Enabled RTL8168 BAR2 window quirk for device %04x:%02x:%02x.%x\n",
+ vdev->host.domain, vdev->host.bus, vdev->host.slot,
+ vdev->host.function);
+}
/*
* Trap the BAR2 MMIO window to config space as well.
*/
@@ -2071,6 +2214,7 @@ static void vfio_bar_quirk_setup(VFIODevice *vdev, int nr)
vfio_probe_nvidia_bar5_window_quirk(vdev, nr);
vfio_probe_nvidia_bar0_88000_quirk(vdev, nr);
vfio_probe_nvidia_bar0_1800_quirk(vdev, nr);
+ vfio_probe_rtl8168_bar2_window_quirk(vdev, nr);
}
static void vfio_bar_quirk_teardown(VFIODevice *vdev, int nr)
More information about the Spice-commits
mailing list