Commit Graph

84 Commits

Author SHA1 Message Date
Markus Armbruster
fa66b909f3 scsi: scsi_bus_legacy_handle_cmdline() can fail, fix callers
None of its callers checks for failure.  scsi_hot_add() can crash
because of that:

(qemu) drive_add 4 if=scsi,format=host_device,file=/dev/sg1
scsi-generic: scsi generic interface too old
Segmentation fault (core dumped)

Fix all callers, not just scsi_hot_add().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-07-02 13:18:01 +02:00
Paolo Bonzini
d1d74664ea lsi53c895a: fix Phase Mismatch Jump
lsi_bad_phase has a bug in the choice of pmjad1/pmjad2.  This does
not matter with Linux guests because it uses just one routine for
both, but it breaks Windows 64-bit guests.  This is the text
from the spec:

   "[The PMJCTL] bit controls which decision mechanism is used
   when jumping on phase mismatch. When this bit is cleared the
   LSI53C895A will use Phase Mismatch Jump Address 1 (PMJAD1) when
   the WSR bit is cleared and Phase Mismatch Jump Address 2 (PMJAD2)
   when the WSR bit is set.  When this bit is set the LSI53C895A will
   use jump address one (PMJAD1) on data out (data out, command,
   message out) transfers and jump address two (PMJAD2) on data in
   (data in, status, message in) transfers."

Which means:

    CCNTL0.PMJCTL
        0              SCNTL2.WSR = 0             PMJAD1
        0              SCNTL2.WSR = 1             PMJAD2
        1                    out                  PMJAD1
        1                    in                   PMJAD2

In qemu, what you get instead is:

    CCNTL0.PMJCTL
        0                    out                  PMJAD1
        0                    in                   PMJAD2    <<<<<
        1                    out                  PMJAD1
        1                    in                   PMJAD1    <<<<<

Considering that qemu always has SCNTL2.WSR cleared, the two marked cases
(corresponding to phase mismatch on input) are always jumping to the
wrong PMJAD register.  The patch implements the correct semantics.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-06-29 23:07:52 +02:00
Jan Kiszka
259d5577ae lsi: Fix value overflow in request tag processing
This fixes a mismerge of 64d564094c (wrong
patch version): We need to mask the tag value properly to obtain its
device ID.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-05-22 15:32:32 +02:00
Jan Kiszka
64d564094c lsi: Handle removal of selected devices
We must not store references to selected devices as they may be
hot-removed. Instead, look up the device based on its tag right before
using it. If the device disappeared, throw an interrupt and disconnect.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-05-10 11:36:04 -05:00
Jan Kiszka
12aa6dd61c lsi: Adjust some register reset values
According to the LSI spec, the reset value of dcmd, dstat, and ctest2
were wrong, and sdid as well as ssid require zero initialization. There
are surely more discrepancies, this is just another increment.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-05-10 11:36:03 -05:00
Jan Kiszka
d43ba0af97 lsi: Purge message queue on reset
Declare the input message queue empty and initialize the related state
machine properly on controller reset. This fixes unrecoverable errors
when the controller was reset during ongoing requests.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-05-10 11:36:03 -05:00
Jan Kiszka
54eefd72bf lsi: Properly initialize controller state on reset
The LSI controller was lacking a system reset handler. Simply invoke the
existing soft reset handler in this case. This also allows to drop its
explicit invocation during init.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-05-03 12:09:48 -05:00
Jan Kiszka
51336214da lsi: Purge request queue on soft reset
Avoid keeping zombie requests across controller reset by purging the
queue and also dropping the currently active request.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-05-03 12:09:48 -05:00
Gerd Hoffmann
6ac08101f9 lsi: fix segfault in lsi_command_complete
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-04-09 21:52:01 +02:00
Gerd Hoffmann
aa4d32c474 lsi: pass lsi_request to lsi_reselect
All callers of lsi_reselect have a lsi_request struct at hand anyway.
So just pass it directly instead of having lsi_reselect search for it
using the tag.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-11 09:56:30 -06:00
Gerd Hoffmann
b96a0da06b lsi: move dma_len+dma_buf into lsi_request
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-11 09:56:30 -06:00
Gerd Hoffmann
daa70311e0 lsi: move current_dev into lsi_request
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-11 09:56:30 -06:00
Gerd Hoffmann
af12ac9880 lsi: have lsi_request for the whole life time of the request.
Right now lsi_request is allocated when a request is queued and released
when a request is unqueued.  With this patch applied the lsi_request is
kept for the whole lifetime of the scsi request.

Rationale: We can use it for per-request data then.  The patch does that
already for the request tag.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-11 09:56:30 -06:00
Gerd Hoffmann
042ec49dc5 lsi: use QTAILQ for lsi_queue
Replace the funky array logic for queued commands with standard
qemu list functions.  Also rename lsi_queue to lsi_request.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-11 09:56:30 -06:00
Anthony Liguori
ea3fdd5d8c Merge remote branch 'mst/for_anthony' into staging 2010-01-06 07:16:59 -06:00
Blue Swirl
f6dc18df5c Fix Sparse warning: dubious: !x & y
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-12-25 16:12:17 +00:00
Michael S. Tsirkin
5845f0e5e8 lsi: symbolic names for pci registers
No functional changes. I verified that the generated binary
does not change.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Juan Quintela <quintela@redhat.com>
Acked-by: Glauber Costa <glommer@gmail.com>
2009-12-23 16:35:00 +02:00
Ryan Harper
b4b2f05403 Fix compile error when LSI_DEBUG is defined
This patch fixes the follow error when LSI_DEBUG is set.

  CC    libhw64/lsi53c895a.o
cc1: warnings being treated as errors
qemu/hw/lsi53c895a.c: In function 'lsi_io_mapfunc':
qemu/hw/lsi53c895a.c:1932: error: format '%08x' expects type 'unsigned int', but argument 2 has type 'pcibus_t'
qemu/hw/lsi53c895a.c: In function 'lsi_ram_mapfunc':
/qemu/hw/lsi53c895a.c:1947: error: format '%08x' expects type 'unsigned int', but argument 2 has type 'pcibus_t'
qemu/hw/lsi53c895a.c: In function 'lsi_mmio_mapfunc':
qemu/hw/lsi53c895a.c:1957: error: format '%08x' expects type 'unsigned int', but argument 2 has type 'pcibus_t'
make[1]: *** [lsi53c895a.o] Error 1
make: *** [subdir-libhw64] Error 2

Signed-off-by: Ryan Harper <ryanh@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-12-03 15:26:00 -06:00
Juan Quintela
be73cfe2be savevm: Port to qdev.vmsd all devices that have qdev
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-12-03 10:05:58 -06:00
Laszlo Ast
e560125e26 lsi53c895a: Implement IRQ on reselection
The critical part of this change is how to deal with simultaneaous
generation of interrupts. The only (normal) case when this happens in
the emulation is near simultaneous reselection + selection. If selection
comes first, there is no problem, since the target attempting
reselection loses the arbitration (in the emulation it only means that
the reselect function will not be started). In the worst case the host
adapter is reselected, but the device driver already started a
selection, so we jump to the alternative address to handle the
situation.

The SCRIPTS code can trigger another interrupt to notify the driver that
the new task has to be postponed. I suppose that on real hardware there
is enough time after the reselection interrupt to set the SIP bit before
the next interrupt comes, so it would result in 2 stacked interrupts (a
SCSI and a DMA one). However, in the emulation there is no interrupt
stacking, so there is a good chance that the 2 interrupts will get to
the interrupt handler at the same time.

Nevertheless, it should not make a big difference in interrupt handling,
since in both cases both interrupts have to be fetched first, and after
that the new task (that failed during the selection phase) has to be
prepared/reset for a later restart, and the reconnected device has to be
serviced.

The changes do not modify the host adapter's behavior if this interrupt
is not enabled.

See also LSI53C895A technical manual, SCID and SIEN0.

Signed-off-by: Laszlo Ast <laszlo.ast@siemens-enterprise.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-12-03 09:41:41 -06:00
Laszlo Ast
38f5b2b88c lsi53c895a: Use alternative address when already reselected
See SCRIPTS, 3.2.17 SELECT.

Signed-off-by: Laszlo Ast <laszlo.ast@siemens-enterprise.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-12-03 09:41:41 -06:00
Laszlo Ast
07a1bea883 lsi53c895a: Fix SDID in SELECT ID command
See SCRIPTS Programming Guide, 3.2.17 SELECT.

Signed-off-by: Laszlo Ast <laszlo.ast@siemens-enterprise.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-12-03 09:41:40 -06:00
Laszlo Ast
77203ea00b lsi53c895a: Fix message code of DISCONNECT
See SCSI-2, 6.5 Message system description/message codes.

Signed-off-by: Laszlo Ast <laszlo.ast@siemens-enterprise.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-12-03 09:41:40 -06:00
Laszlo Ast
cc9f28bc2a lsi53c895a: Add support for LSI53C700 Family Compatibility bit
Signed-off-by: Laszlo Ast <laszlo.ast@siemens-enterprise.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-12-03 09:41:40 -06:00
Laszlo Ast
a15fdf8619 lsi53c895a: Whitespace and typo fixes
Signed-off-by: Laszlo Ast <laszlo.ast@siemens-enterprise.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-12-03 09:41:40 -06:00
Michael S. Tsirkin
18e08a5529 pci: pci.h cleanup: move out stuff not in pci.c
pci.h declares some functions which aren't
defined in pci.h. Clean up moving things
to appropriate headers, and update all users.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2009-12-01 17:51:04 +02:00
Isaku Yamahata
6e355d901b pci: introduce pcibus_t to represent pci bus address/size instead of uint32_t
This patch is preliminary for 64 bit BAR support.
Introduce dedicated type, pcibus_t, to represent pci bus address/size
instead of uint32_t.
Later this type will be changed to uint64_t.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-11-09 08:43:08 -06:00
Isaku Yamahata
0392a017ae pci: s/PCI_ADDRESS_SPACE_/PCI_BASE_ADDRESS_SPACE_/ to match pci_regs.h
make constants for pci base address match pci_regs.h by
renaming PCI_ADDRESS_SPACE_xxx to PCI_BASE_ADDRESS_SPACE_xxx.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-11-09 08:43:07 -06:00
Gerd Hoffmann
43b443b668 scsi: move scsi-disk.h -> scsi.h
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-11-09 08:43:03 -06:00
Gerd Hoffmann
1cd3af5480 scsi: move scsi.h -> esp.h
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-11-09 08:43:03 -06:00
Juan Quintela
4a1b0f1cc2 lsi_scsi: port to vmstate
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-10-27 12:28:57 -05:00
Gerd Hoffmann
5b684b5a56 hotplug: fix "pci_add storage if=scsi"
Explicitly add the drive to the bus of the newly created scsi adapter
instead of hoping that scsi_bus_legacy_handle_cmdline() picks it up
correctly.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-10-27 12:28:42 -05:00
Gerd Hoffmann
e3936fa574 pci: move unregister from PCIDevice to PCIDeviceInfo
One more cleanup while being at it ;)

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-10-05 09:32:48 -05:00
Gerd Hoffmann
ca9c39faed switch scsi bus to inplace allocation.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-10-05 09:32:46 -05:00
Anthony Liguori
c227f0995e Revert "Get rid of _t suffix"
In the very least, a change like this requires discussion on the list.

The naming convention is goofy and it causes a massive merge problem.  Something
like this _must_ be presented on the list first so people can provide input
and cope with it.

This reverts commit 99a0949b72.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-10-01 16:12:16 -05:00
malc
99a0949b72 Get rid of _t suffix
Some not so obvious bits, slirp and Xen were left alone for the time
being.

Signed-off-by: malc <av1474@comtv.ru>
2009-10-01 22:45:02 +04:00
Gerd Hoffmann
d52affa7f6 qdev/scsi: add scsi bus support to qdev, convert drivers.
* Add SCSIBus.
 * Add SCSIDeviceInfo, move device callbacks here.
 * add qdev/scsi helper functions.
 * convert drivers.

Adding scsi disks via -device works now, i.e. you can do:

 -drive id=sda,if=none,...
 -device lsi
 -device scsi-disk,drive=sda

legacy command lines (-drive if=scsi,...) continue to work.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-09-09 14:57:19 -05:00
Juan Quintela
63124a0d88 lsi53c895a: LSIState is a DeviceHost
Go figure.

Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-08-27 20:46:59 -05:00
Juan Quintela
f305261fbb lsi53c895a: rename PCIDevice field from pci_dev to dev (consistence)
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-08-27 20:46:59 -05:00
Juan Quintela
dc5d0b9a8e lsi53c895a: use DO_UPCAST to cast from PCIDevice
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-08-27 20:46:59 -05:00
Juan Quintela
eb40f9845b lsi53c895a: remove pointless cast from void *
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-08-27 20:46:59 -05:00
Gerd Hoffmann
81a322d4a1 qdev: add return value to init() callbacks.
Sorry folks, but it has to be.  One more of these invasive qdev patches.

We have a serious design bug in the qdev interface:  device init
callbacks can't signal failure because the init() callback has no
return value.  This patch fixes it.

We have already one case in-tree where this is needed:
Try -device virtio-blk-pci (without drive= specified) and watch qemu
segfault.  This patch fixes it.

With usb+scsi being converted to qdev we'll get more devices where the
init callback can fail for various reasons.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-08-27 20:43:28 -05:00
Blue Swirl
d60efc6b0d Make CPURead/WriteFunc structure 'const'
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-08-25 18:29:31 +00:00
Nolan
777aec7ac9 Add save/restore support to the LSI logic SCSI device model.
This patch requires "Handle BH's queued by AIO completions in
qemu_aio_flush()" to work reliably.  The combination of those two
patches survived 300+ migrations with heavy IO load running in the
guest.

Signed-off-by: Nolan Leake <nolan <at> sigbus.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-07-22 10:58:47 -05:00
Gerd Hoffmann
0aab0d3a4a qdev: update pci device registration.
Makes pci_qdev_register take a PCIDeviceInfo struct instead of a bunch
of parameters.  Also adds config_read and config_write callbacks to
PCIDeviceInfo, so drivers needing these can be converted to the qdev
device API too.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2009-07-09 13:07:02 +01:00
Sebastian Herbszt
49c47daa32 lsi53c895a: Implement write access to DMA Byte Counter
Adds CASE_SET_REG24 and fixes the following errors:

lsi_scsi: error: Unhandled writeb 0x24 = 0x0
lsi_scsi: error: Unhandled writeb 0x25 = 0x0

Signed-off-by: Sebastian Herbszt <herbszt@gmx.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-16 15:18:39 -05:00
Sebastian Herbszt
4b9a2d6de7 lsi53c895a: Implement read and write access to DMA Next Address
Fixes the following errors:

lsi_scsi: error: Unhandled writeb 0x28 = 0x0
lsi_scsi: error: Unhandled writeb 0x29 = 0x0
lsi_scsi: error: Unhandled writeb 0x2a = 0x0
lsi_scsi: error: Unhandled writeb 0x2b = 0x0

Signed-off-by: Sebastian Herbszt <herbszt@gmx.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-16 15:18:38 -05:00
Sebastian Herbszt
bd8ee11a6b lsi53c895a: Implement Scratch Byte Register
Fixes the following errors:

lsi_scsi: error: Unhandled writeb 0x3a = 0x0
lsi_scsi: error: readb 0x3a

Signed-off-by: Sebastian Herbszt <herbszt@gmx.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-16 15:18:38 -05:00
Avi Kivity
28c2c26495 Rename pci_register_io_region() to pci_register_bar()
This function is used to manage a PCI BAR, so make the more generic
pci_register_io_region() available to other uses.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-16 15:18:38 -05:00
Avi Kivity
1eed09cb4a Remove io_index argument from cpu_register_io_memory()
The parameter is always zero except when registering the three internal
io regions (ROM, unassigned, notdirty).  Remove the parameter to reduce
the API's power, thus facilitating future change.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-06-16 15:18:37 -05:00