Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160304' into staging

    }

    size = load_elf(palcode_filename, cpu_alpha_superpage_to_phys,

                    NULL, &palcode_entry, &palcode_low, &palcode_high,

                    0, EM_ALPHA, 0);

                    0, EM_ALPHA, 0, 0);

    if (size < 0) {

        error_report("could not load palcode '%s'", palcode_filename);

        exit(1);

        size = load_elf(kernel_filename, cpu_alpha_superpage_to_phys,

                        NULL, &kernel_entry, &kernel_low, &kernel_high,

                        0, EM_ALPHA, 0);

                        0, EM_ALPHA, 0, 0);

        if (size < 0) {

            error_report("could not load kernel '%s'", kernel_filename);

            exit(1);

    if (kernel_filename) {

        image_size = load_elf(kernel_filename, NULL, NULL, &entry, &lowaddr,

                              NULL, big_endian, EM_ARM, 1);

                              NULL, big_endian, EM_ARM, 1, 0);

        if (image_size < 0) {

            image_size = load_image_targphys(kernel_filename, 0, mem_size);

            lowaddr = 0;

    cpu_reset(cs);

    if (info) {

        if (!info->is_linux) {

            int i;

            /* Jump to the entry point.  */

            uint64_t entry = info->entry;

            switch (info->endianness) {

            case ARM_ENDIANNESS_LE:

                env->cp15.sctlr_el[1] &= ~SCTLR_E0E;

                for (i = 1; i < 4; ++i) {

                    env->cp15.sctlr_el[i] &= ~SCTLR_EE;

                }

                env->uncached_cpsr &= ~CPSR_E;

                break;

            case ARM_ENDIANNESS_BE8:

                env->cp15.sctlr_el[1] |= SCTLR_E0E;

                for (i = 1; i < 4; ++i) {

                    env->cp15.sctlr_el[i] |= SCTLR_EE;

                }

                env->uncached_cpsr |= CPSR_E;

                break;

            case ARM_ENDIANNESS_BE32:

                env->cp15.sctlr_el[1] |= SCTLR_B;

                break;

            case ARM_ENDIANNESS_UNKNOWN:

                break; /* Board's decision */

            default:

                g_assert_not_reached();

            }

            if (!env->aarch64) {

                env->thumb = info->entry & 1;

                entry &= 0xfffffffe;

    return 0;

}

static uint64_t arm_load_elf(struct arm_boot_info *info, uint64_t *pentry,

                             uint64_t *lowaddr, uint64_t *highaddr,

                             int elf_machine)

{

    bool elf_is64;

    union {

        Elf32_Ehdr h32;

        Elf64_Ehdr h64;

    } elf_header;

    int data_swab = 0;

    bool big_endian;

    uint64_t ret = -1;

    Error *err = NULL;

    load_elf_hdr(info->kernel_filename, &elf_header, &elf_is64, &err);

    if (err) {

        return ret;

    }

    if (elf_is64) {

        big_endian = elf_header.h64.e_ident[EI_DATA] == ELFDATA2MSB;

        info->endianness = big_endian ? ARM_ENDIANNESS_BE8

                                      : ARM_ENDIANNESS_LE;

    } else {

        big_endian = elf_header.h32.e_ident[EI_DATA] == ELFDATA2MSB;

        if (big_endian) {

            if (bswap32(elf_header.h32.e_flags) & EF_ARM_BE8) {

                info->endianness = ARM_ENDIANNESS_BE8;

            } else {

                info->endianness = ARM_ENDIANNESS_BE32;

                /* In BE32, the CPU has a different view of the per-byte

                 * address map than the rest of the system. BE32 ELF files

                 * are organised such that they can be programmed through

                 * the CPU's per-word byte-reversed view of the world. QEMU

                 * however loads ELF files independently of the CPU. So

                 * tell the ELF loader to byte reverse the data for us.

                 */

                data_swab = 2;

            }

        } else {

            info->endianness = ARM_ENDIANNESS_LE;

        }

    }

    ret = load_elf(info->kernel_filename, NULL, NULL,

                   pentry, lowaddr, highaddr, big_endian, elf_machine,

                   1, data_swab);

    if (ret <= 0) {

        /* The header loaded but the image didn't */

        exit(1);

    }

    return ret;

}

static void arm_load_kernel_notify(Notifier *notifier, void *data)

{

    CPUState *cs;

    uint64_t elf_entry, elf_low_addr, elf_high_addr;

    int elf_machine;

    hwaddr entry, kernel_load_offset;

    int big_endian;

    static const ARMInsnFixup *primary_loader;

    ArmLoadKernelNotifier *n = DO_UPCAST(ArmLoadKernelNotifier,

                                         notifier, notifier);

    if (info->nb_cpus == 0)

        info->nb_cpus = 1;

#ifdef TARGET_WORDS_BIGENDIAN

    big_endian = 1;

#else

    big_endian = 0;

#endif

    /* We want to put the initrd far enough into RAM that when the

     * kernel is uncompressed it will not clobber the initrd. However

     * on boards without much RAM we must ensure that we still leave

        MIN(info->ram_size / 2, 128 * 1024 * 1024);

    /* Assume that raw images are linux kernels, and ELF images are not.  */

    kernel_size = load_elf(info->kernel_filename, NULL, NULL, &elf_entry,

                           &elf_low_addr, &elf_high_addr, big_endian,

                           elf_machine, 1);

    kernel_size = arm_load_elf(info, &elf_entry, &elf_low_addr,

                               &elf_high_addr, elf_machine);

    if (kernel_size > 0 && have_dtb(info)) {

        /* If there is still some room left at the base of RAM, try and put

         * the DTB there like we do for images loaded with -bios or -pflash.

    uint32_t clock_phandle;

    uint32_t gic_phandle;

    uint32_t v2m_phandle;

    bool using_psci;

} VirtBoardInfo;

typedef struct {

#define VIRT_MACHINE_CLASS(klass) \

    OBJECT_CLASS_CHECK(VirtMachineClass, klass, TYPE_VIRT_MACHINE)

/* RAM limit in GB. Since VIRT_MEM starts at the 1GB mark, this means

 * RAM can go up to the 256GB mark, leaving 256GB of the physical

 * address space unallocated and free for future use between 256G and 512G.

 * If we need to provide more RAM to VMs in the future then we need to:

 *  * allocate a second bank of RAM starting at 2TB and working up

 *  * fix the DT and ACPI table generation code in QEMU to correctly

 *    report two split lumps of RAM to the guest

 *  * fix KVM in the host kernel to allow guests with >40 bit address spaces

 * (We don't want to fill all the way up to 512GB with RAM because

 * we might want it for non-RAM purposes later. Conversely it seems

 * reasonable to assume that anybody configuring a VM with a quarter

 * of a terabyte of RAM will be doing it on a host with more than a

 * terabyte of physical address space.)

 */

#define RAMLIMIT_GB 255

#define RAMLIMIT_BYTES (RAMLIMIT_GB * 1024ULL * 1024 * 1024)

/* Addresses and sizes of our components.

 * 0..128MB is space for a flash device so we can run bootrom code such as UEFI.

 * 128MB..256MB is used for miscellaneous device I/O.

    [VIRT_MMIO] =               { 0x0a000000, 0x00000200 },

    /* ...repeating for a total of NUM_VIRTIO_TRANSPORTS, each of that size */

    [VIRT_PLATFORM_BUS] =       { 0x0c000000, 0x02000000 },

    [VIRT_SECURE_MEM] =         { 0x0e000000, 0x01000000 },

    [VIRT_PCIE_MMIO] =          { 0x10000000, 0x2eff0000 },

    [VIRT_PCIE_PIO] =           { 0x3eff0000, 0x00010000 },

    [VIRT_PCIE_ECAM] =          { 0x3f000000, 0x01000000 },

    [VIRT_MEM] =                { 0x40000000, 30ULL * 1024 * 1024 * 1024 },

    [VIRT_MEM] =                { 0x40000000, RAMLIMIT_BYTES },

    /* Second PCIe window, 512GB wide at the 512GB boundary */

    [VIRT_PCIE_MMIO_HIGH] =   { 0x8000000000ULL, 0x8000000000ULL },

};

    void *fdt = vbi->fdt;

    ARMCPU *armcpu = ARM_CPU(qemu_get_cpu(0));

    if (!vbi->using_psci) {

        return;

    }

    qemu_fdt_add_subnode(fdt, "/psci");

    if (armcpu->psci_version == 2) {

        const char comp[] = "arm,psci-0.2\0arm,psci";

        qemu_fdt_setprop_string(vbi->fdt, nodename, "compatible",

                                    armcpu->dtb_compatible);

        if (vbi->smp_cpus > 1) {

        if (vbi->using_psci && vbi->smp_cpus > 1) {

            qemu_fdt_setprop_string(vbi->fdt, nodename,

                                        "enable-method", "psci");

        }

}

static void create_one_flash(const char *name, hwaddr flashbase,

                             hwaddr flashsize)

                             hwaddr flashsize, const char *file,

                             MemoryRegion *sysmem)

{

    /* Create and map a single flash device. We use the same

     * parameters as the flash devices on the Versatile Express board.

     */

    DriveInfo *dinfo = drive_get_next(IF_PFLASH);

    DeviceState *dev = qdev_create(NULL, "cfi.pflash01");

    SysBusDevice *sbd = SYS_BUS_DEVICE(dev);

    const uint64_t sectorlength = 256 * 1024;

    if (dinfo) {

    qdev_prop_set_string(dev, "name", name);

    qdev_init_nofail(dev);

    sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, flashbase);

}

static void create_flash(const VirtBoardInfo *vbi)

{

    /* Create two flash devices to fill the VIRT_FLASH space in the memmap.

     * Any file passed via -bios goes in the first of these.

     */

    hwaddr flashsize = vbi->memmap[VIRT_FLASH].size / 2;

    hwaddr flashbase = vbi->memmap[VIRT_FLASH].base;

    char *nodename;

    memory_region_add_subregion(sysmem, flashbase,

                                sysbus_mmio_get_region(SYS_BUS_DEVICE(dev), 0));

    if (bios_name) {

    if (file) {

        char *fn;

        int image_size;

                         "but you cannot use both options at once");

            exit(1);

        }

        fn = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);

        fn = qemu_find_file(QEMU_FILE_TYPE_BIOS, file);

        if (!fn) {

            error_report("Could not find ROM image '%s'", bios_name);

            error_report("Could not find ROM image '%s'", file);

            exit(1);

        }

        image_size = load_image_targphys(fn, flashbase, flashsize);

        image_size = load_image_mr(fn, sysbus_mmio_get_region(sbd, 0));

        g_free(fn);

        if (image_size < 0) {

            error_report("Could not load ROM image '%s'", bios_name);

            error_report("Could not load ROM image '%s'", file);

            exit(1);

        }

    }

}

static void create_flash(const VirtBoardInfo *vbi,

                         MemoryRegion *sysmem,

                         MemoryRegion *secure_sysmem)

{

    /* Create two flash devices to fill the VIRT_FLASH space in the memmap.

     * Any file passed via -bios goes in the first of these.

     * sysmem is the system memory space. secure_sysmem is the secure view

     * of the system, and the first flash device should be made visible only

     * there. The second flash device is visible to both secure and nonsecure.

     * If sysmem == secure_sysmem this means there is no separate Secure

     * address space and both flash devices are generally visible.

     */

    hwaddr flashsize = vbi->memmap[VIRT_FLASH].size / 2;

    hwaddr flashbase = vbi->memmap[VIRT_FLASH].base;

    char *nodename;

    create_one_flash("virt.flash0", flashbase, flashsize);

    create_one_flash("virt.flash1", flashbase + flashsize, flashsize);

    create_one_flash("virt.flash0", flashbase, flashsize,

                     bios_name, secure_sysmem);

    create_one_flash("virt.flash1", flashbase + flashsize, flashsize,

                     NULL, sysmem);

    if (sysmem == secure_sysmem) {

        /* Report both flash devices as a single node in the DT */

        nodename = g_strdup_printf("/flash@%" PRIx64, flashbase);

        qemu_fdt_add_subnode(vbi->fdt, nodename);

        qemu_fdt_setprop_string(vbi->fdt, nodename, "compatible", "cfi-flash");

                                     2, flashbase + flashsize, 2, flashsize);

        qemu_fdt_setprop_cell(vbi->fdt, nodename, "bank-width", 4);

        g_free(nodename);

    } else {

        /* Report the devices as separate nodes so we can mark one as

         * only visible to the secure world.

         */

        nodename = g_strdup_printf("/secflash@%" PRIx64, flashbase);

        qemu_fdt_add_subnode(vbi->fdt, nodename);

        qemu_fdt_setprop_string(vbi->fdt, nodename, "compatible", "cfi-flash");

        qemu_fdt_setprop_sized_cells(vbi->fdt, nodename, "reg",

                                     2, flashbase, 2, flashsize);

        qemu_fdt_setprop_cell(vbi->fdt, nodename, "bank-width", 4);

        qemu_fdt_setprop_string(vbi->fdt, nodename, "status", "disabled");

        qemu_fdt_setprop_string(vbi->fdt, nodename, "secure-status", "okay");

        g_free(nodename);

        nodename = g_strdup_printf("/flash@%" PRIx64, flashbase);

        qemu_fdt_add_subnode(vbi->fdt, nodename);

        qemu_fdt_setprop_string(vbi->fdt, nodename, "compatible", "cfi-flash");

        qemu_fdt_setprop_sized_cells(vbi->fdt, nodename, "reg",

                                     2, flashbase + flashsize, 2, flashsize);

        qemu_fdt_setprop_cell(vbi->fdt, nodename, "bank-width", 4);

        g_free(nodename);

    }

}

static void create_fw_cfg(const VirtBoardInfo *vbi, AddressSpace *as)

                                sysbus_mmio_get_region(s, 0));

}

static void create_secure_ram(VirtBoardInfo *vbi, MemoryRegion *secure_sysmem)

{

    MemoryRegion *secram = g_new(MemoryRegion, 1);

    char *nodename;

    hwaddr base = vbi->memmap[VIRT_SECURE_MEM].base;

    hwaddr size = vbi->memmap[VIRT_SECURE_MEM].size;

    memory_region_init_ram(secram, NULL, "virt.secure-ram", size, &error_fatal);

    vmstate_register_ram_global(secram);

    memory_region_add_subregion(secure_sysmem, base, secram);

    nodename = g_strdup_printf("/secram@%" PRIx64, base);

    qemu_fdt_add_subnode(vbi->fdt, nodename);

    qemu_fdt_setprop_string(vbi->fdt, nodename, "device_type", "memory");

    qemu_fdt_setprop_sized_cells(vbi->fdt, nodename, "reg", 2, base, 2, size);

    qemu_fdt_setprop_string(vbi->fdt, nodename, "status", "disabled");

    qemu_fdt_setprop_string(vbi->fdt, nodename, "secure-status", "okay");

    g_free(nodename);

}

static void *machvirt_dtb(const struct arm_boot_info *binfo, int *fdt_size)

{

    const VirtBoardInfo *board = (const VirtBoardInfo *)binfo;

    VirtGuestInfoState *guest_info_state = g_malloc0(sizeof *guest_info_state);

    VirtGuestInfo *guest_info = &guest_info_state->info;

    char **cpustr;

    bool firmware_loaded = bios_name || drive_get(IF_PFLASH, 0, 0);

    if (!cpu_model) {

        cpu_model = "cortex-a15";

        exit(1);

    }

    /* If we have an EL3 boot ROM then the assumption is that it will

     * implement PSCI itself, so disable QEMU's internal implementation

     * so it doesn't get in the way. Instead of starting secondary

     * CPUs in PSCI powerdown state we will start them all running and

     * let the boot ROM sort them out.

     * The usual case is that we do use QEMU's PSCI implementation.

     */

    vbi->using_psci = !(vms->secure && firmware_loaded);

    /* The maximum number of CPUs depends on the GIC version, or on how

     * many redistributors we can fit into the memory map.

     */

    vbi->smp_cpus = smp_cpus;

    if (machine->ram_size > vbi->memmap[VIRT_MEM].size) {

        error_report("mach-virt: cannot model more than 30GB RAM");

        error_report("mach-virt: cannot model more than %dGB RAM", RAMLIMIT_GB);

        exit(1);

    }

            object_property_set_bool(cpuobj, false, "has_el3", NULL);

        }

        object_property_set_int(cpuobj, QEMU_PSCI_CONDUIT_HVC, "psci-conduit",

                                NULL);

        if (vbi->using_psci) {

            object_property_set_int(cpuobj, QEMU_PSCI_CONDUIT_HVC,

                                    "psci-conduit", NULL);

            /* Secondary CPUs start in PSCI powered-down state */

            if (n > 0) {

            object_property_set_bool(cpuobj, true, "start-powered-off", NULL);

                object_property_set_bool(cpuobj, true,

                                         "start-powered-off", NULL);

            }

        }

        if (object_property_find(cpuobj, "reset-cbar", NULL)) {

                                         machine->ram_size);

    memory_region_add_subregion(sysmem, vbi->memmap[VIRT_MEM].base, ram);

    create_flash(vbi);

    create_flash(vbi, sysmem, secure_sysmem ? secure_sysmem : sysmem);

    create_gic(vbi, pic, gic_version, vms->secure);

    create_uart(vbi, pic, VIRT_UART, sysmem);

    if (vms->secure) {

        create_secure_ram(vbi, secure_sysmem);

        create_uart(vbi, pic, VIRT_SECURE_UART, secure_sysmem);

    }

    vbi->bootinfo.board_id = -1;

    vbi->bootinfo.loader_start = vbi->memmap[VIRT_MEM].base;

    vbi->bootinfo.get_dtb = machvirt_dtb;

    vbi->bootinfo.firmware_loaded = bios_name || drive_get(IF_PFLASH, 0, 0);

    vbi->bootinfo.firmware_loaded = firmware_loaded;

    arm_load_kernel(ARM_CPU(first_cpu), &vbi->bootinfo);

    /*

    return size;

}

int load_image_mr(const char *filename, MemoryRegion *mr)

{

    int size;

    if (!memory_access_is_direct(mr, false)) {

        /* Can only load an image into RAM or ROM */

        return -1;

    }

    size = get_image_size(filename);

    if (size > memory_region_size(mr)) {

        return -1;

    }

    if (size > 0) {

        if (rom_add_file_mr(filename, mr, -1) < 0) {

            return -1;

        }

    }

    return size;

}

void pstrcpy_targphys(const char *name, hwaddr dest, int buf_size,

                      const char *source)

{

    }

}

void load_elf_hdr(const char *filename, void *hdr, bool *is64, Error **errp)

{

    int fd;

    uint8_t e_ident_local[EI_NIDENT];

    uint8_t *e_ident;

    size_t hdr_size, off;

    bool is64l;

    if (!hdr) {

        hdr = e_ident_local;

    }

    e_ident = hdr;

    fd = open(filename, O_RDONLY | O_BINARY);

    if (fd < 0) {

        error_setg_errno(errp, errno, "Failed to open file: %s", filename);

        return;

    }

    if (read(fd, hdr, EI_NIDENT) != EI_NIDENT) {

        error_setg_errno(errp, errno, "Failed to read file: %s", filename);

        goto fail;

    }

    if (e_ident[0] != ELFMAG0 ||

        e_ident[1] != ELFMAG1 ||

        e_ident[2] != ELFMAG2 ||

        e_ident[3] != ELFMAG3) {

        error_setg(errp, "Bad ELF magic");

        goto fail;

    }

    is64l = e_ident[EI_CLASS] == ELFCLASS64;

    hdr_size = is64l ? sizeof(Elf64_Ehdr) : sizeof(Elf32_Ehdr);

    if (is64) {

        *is64 = is64l;

    }

    off = EI_NIDENT;

    while (hdr != e_ident_local && off < hdr_size) {

        size_t br = read(fd, hdr + off, hdr_size - off);

        switch (br) {

        case 0:

            error_setg(errp, "File too short: %s", filename);

            goto fail;

        case -1:

            error_setg_errno(errp, errno, "Failed to read file: %s",

                             filename);

            goto fail;

        }

        off += br;

    }

fail:

    close(fd);

}

/* return < 0 if error, otherwise the number of bytes loaded in memory */

int load_elf(const char *filename, uint64_t (*translate_fn)(void *, uint64_t),

             void *translate_opaque, uint64_t *pentry, uint64_t *lowaddr,

             uint64_t *highaddr, int big_endian, int elf_machine, int clear_lsb)

             uint64_t *highaddr, int big_endian, int elf_machine,

             int clear_lsb, int data_swab)

{

    int fd, data_order, target_data_order, must_swab, ret = ELF_LOAD_FAILED;

    uint8_t e_ident[EI_NIDENT];

    lseek(fd, 0, SEEK_SET);

    if (e_ident[EI_CLASS] == ELFCLASS64) {

        ret = load_elf64(filename, fd, translate_fn, translate_opaque, must_swab,

                         pentry, lowaddr, highaddr, elf_machine, clear_lsb);

                         pentry, lowaddr, highaddr, elf_machine, clear_lsb,

                         data_swab);

    } else {

        ret = load_elf32(filename, fd, translate_fn, translate_opaque, must_swab,

                         pentry, lowaddr, highaddr, elf_machine, clear_lsb);

                         pentry, lowaddr, highaddr, elf_machine, clear_lsb,

                         data_swab);

    }

 fail:

int rom_add_file(const char *file, const char *fw_dir,

                 hwaddr addr, int32_t bootindex,

                 bool option_rom)

                 bool option_rom, MemoryRegion *mr)

{

    MachineClass *mc = MACHINE_GET_CLASS(qdev_get_machine());

    Rom *rom;

        }

        fw_cfg_add_file(fw_cfg, fw_file_name, data, rom->romsize);

    } else {

        if (mr) {

            rom->mr = mr;

            snprintf(devpath, sizeof(devpath), "/rom@%s", file);

        } else {

            snprintf(devpath, sizeof(devpath), "/rom@" TARGET_FMT_plx, addr);

        }

    }

    add_boot_device_path(bootindex, NULL, devpath);

    return 0;

int rom_add_vga(const char *file)

{

    return rom_add_file(file, "vgaroms", 0, -1, true);

    return rom_add_file(file, "vgaroms", 0, -1, true, NULL);

}

int rom_add_option(const char *file, int32_t bootindex)

{

    return rom_add_file(file, "genroms", 0, bootindex, true);

    return rom_add_file(file, "genroms", 0, bootindex, true, NULL);

}

static void rom_reset(void *unused)