diff options
author | Marcin Juszkiewicz <hrw@openembedded.org> | 2008-10-23 17:40:41 +0200 |
---|---|---|
committer | Marcin Juszkiewicz <hrw@openembedded.org> | 2008-10-23 17:40:41 +0200 |
commit | 82b5d4ce1ba5e74f7d700af30d3e4b0a4e2d243e (patch) | |
tree | 5392b74e54e22867a4127caaad4ec9890f5b2a14 /packages/qemu | |
parent | a9acdf3130aea04eeb9064530b748dafe9bc4323 (diff) |
qemu: added SVN version (from Poky)
Diffstat (limited to 'packages/qemu')
29 files changed, 4243 insertions, 0 deletions
diff --git a/packages/qemu/qemu-0.9.1+svn/05_non-fatal_if_linux_hd_missing.patch b/packages/qemu/qemu-0.9.1+svn/05_non-fatal_if_linux_hd_missing.patch new file mode 100644 index 0000000000..a66737d9ce --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/05_non-fatal_if_linux_hd_missing.patch @@ -0,0 +1,17 @@ +#DPATCHLEVEL=1 +--- +# hw/pc.c | 1 - +# 1 file changed, 1 deletion(-) +# +Index: trunk/hw/pc.c +=================================================================== +--- trunk.orig/hw/pc.c 2008-04-24 20:15:46.000000000 +0100 ++++ trunk/hw/pc.c 2008-04-24 20:15:49.000000000 +0100 +@@ -399,7 +399,6 @@ + if (hda == -1) { + fprintf(stderr, "A disk image must be given for 'hda' when booting " + "a Linux kernel\n"); +- exit(1); + } + + memset(bootsect, 0, sizeof(bootsect)); diff --git a/packages/qemu/qemu-0.9.1+svn/06_exit_segfault.patch b/packages/qemu/qemu-0.9.1+svn/06_exit_segfault.patch new file mode 100644 index 0000000000..bc02d31839 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/06_exit_segfault.patch @@ -0,0 +1,45 @@ +#DPATCHLEVEL=0 +--- +# linux-user/main.c | 8 ++++---- +# 1 file changed, 4 insertions(+), 4 deletions(-) +# +Index: linux-user/main.c +=================================================================== +--- linux-user/main.c.orig 2008-04-24 20:15:46.000000000 +0100 ++++ linux-user/main.c 2008-04-24 20:15:53.000000000 +0100 +@@ -765,7 +765,7 @@ + default: + printf ("Unhandled trap: 0x%x\n", trapnr); + cpu_dump_state(env, stderr, fprintf, 0); +- exit (1); ++ _exit (1); + } + process_pending_signals (env); + } +@@ -1697,7 +1697,7 @@ + default: + printf ("Unhandled trap: 0x%x\n", trapnr); + cpu_dump_state(env, stderr, fprintf, 0); +- exit (1); ++ _exit (1); + } + process_pending_signals (env); + } +@@ -2026,7 +2026,7 @@ + for(item = cpu_log_items; item->mask != 0; item++) { + printf("%-10s %s\n", item->name, item->help); + } +- exit(1); ++ _exit(1); + } + cpu_set_log(mask); + } else if (!strcmp(r, "s")) { +@@ -2045,7 +2045,7 @@ + if (qemu_host_page_size == 0 || + (qemu_host_page_size & (qemu_host_page_size - 1)) != 0) { + fprintf(stderr, "page size must be a power of two\n"); +- exit(1); ++ _exit(1); + } + } else if (!strcmp(r, "g")) { + gdbstub_port = atoi(argv[optind++]); diff --git a/packages/qemu/qemu-0.9.1+svn/10_signal_jobs.patch b/packages/qemu/qemu-0.9.1+svn/10_signal_jobs.patch new file mode 100644 index 0000000000..d79482d2f4 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/10_signal_jobs.patch @@ -0,0 +1,26 @@ +#DPATCHLEVEL=0 +--- +# linux-user/signal.c | 7 ++++++- +# 1 file changed, 6 insertions(+), 1 deletion(-) +# +Index: linux-user/signal.c +=================================================================== +--- linux-user/signal.c.orig 2008-04-24 20:15:46.000000000 +0100 ++++ linux-user/signal.c 2008-04-24 20:15:55.000000000 +0100 +@@ -364,10 +364,15 @@ + k = &sigact_table[sig - 1]; + handler = k->sa._sa_handler; + if (handler == TARGET_SIG_DFL) { ++ if (sig == TARGET_SIGTSTP || sig == TARGET_SIGTTIN || sig == TARGET_SIGTTOU) { ++ kill(getpid(),SIGSTOP); ++ return 0; ++ } else + /* default handler : ignore some signal. The other are fatal */ + if (sig != TARGET_SIGCHLD && + sig != TARGET_SIGURG && +- sig != TARGET_SIGWINCH) { ++ sig != TARGET_SIGWINCH && ++ sig != TARGET_SIGCONT) { + force_sig(sig); + } else { + return 0; /* indicate ignored */ diff --git a/packages/qemu/qemu-0.9.1+svn/11_signal_sigaction.patch b/packages/qemu/qemu-0.9.1+svn/11_signal_sigaction.patch new file mode 100644 index 0000000000..cd56541b71 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/11_signal_sigaction.patch @@ -0,0 +1,21 @@ +#DPATCHLEVEL=0 +--- +# linux-user/signal.c | 5 +++++ +# 1 file changed, 5 insertions(+) +# +Index: linux-user/signal.c +=================================================================== +--- linux-user/signal.c.orig 2008-04-24 20:15:55.000000000 +0100 ++++ linux-user/signal.c 2008-04-24 20:15:57.000000000 +0100 +@@ -512,6 +512,11 @@ + + if (sig < 1 || sig > TARGET_NSIG || sig == SIGKILL || sig == SIGSTOP) + return -EINVAL; ++ ++ /* no point doing the stuff as those are not allowed for sigaction */ ++ if ((sig == TARGET_SIGKILL) || (sig == TARGET_SIGSTOP)) ++ return -EINVAL; ++ + k = &sigact_table[sig - 1]; + #if defined(DEBUG_SIGNAL) + fprintf(stderr, "sigaction sig=%d act=0x%08x, oact=0x%08x\n", diff --git a/packages/qemu/qemu-0.9.1+svn/22_net_tuntap_stall.patch b/packages/qemu/qemu-0.9.1+svn/22_net_tuntap_stall.patch new file mode 100644 index 0000000000..0e1038983b --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/22_net_tuntap_stall.patch @@ -0,0 +1,18 @@ +#DPATCHLEVEL=0 +--- +# vl.c | 2 +- +# 1 file changed, 1 insertion(+), 1 deletion(-) +# +Index: vl.c +=================================================================== +--- vl.c.orig 2008-04-24 20:15:46.000000000 +0100 ++++ vl.c 2008-04-24 20:15:58.000000000 +0100 +@@ -4155,7 +4155,7 @@ + return -1; + } + memset(&ifr, 0, sizeof(ifr)); +- ifr.ifr_flags = IFF_TAP | IFF_NO_PI; ++ ifr.ifr_flags = IFF_TAP | IFF_NO_PI | IFF_ONE_QUEUE; + if (ifname[0] != '\0') + pstrcpy(ifr.ifr_name, IFNAMSIZ, ifname); + else diff --git a/packages/qemu/qemu-0.9.1+svn/31_syscalls.patch b/packages/qemu/qemu-0.9.1+svn/31_syscalls.patch new file mode 100644 index 0000000000..15565ae11d --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/31_syscalls.patch @@ -0,0 +1,48 @@ +#DPATCHLEVEL=0 +--- +# linux-user/syscall.c | 11 ++++++++--- +# 1 file changed, 8 insertions(+), 3 deletions(-) +# +Index: linux-user/syscall.c +=================================================================== +--- linux-user/syscall.c.orig 2008-04-24 20:15:46.000000000 +0100 ++++ linux-user/syscall.c 2008-04-24 20:15:59.000000000 +0100 +@@ -250,6 +250,7 @@ + extern int setresgid(gid_t, gid_t, gid_t); + extern int getresgid(gid_t *, gid_t *, gid_t *); + extern int setgroups(int, gid_t *); ++extern int uselib(const char*); + + #define ERRNO_TABLE_SIZE 1200 + +@@ -4041,7 +4042,8 @@ + #endif + #ifdef TARGET_NR_uselib + case TARGET_NR_uselib: +- goto unimplemented; ++ ret = get_errno(uselib(path((const char*)arg1))); ++ break; + #endif + #ifdef TARGET_NR_swapon + case TARGET_NR_swapon: +@@ -5322,7 +5324,9 @@ + goto unimplemented; + #ifdef TARGET_NR_mincore + case TARGET_NR_mincore: +- goto unimplemented; ++ /*page_unprotect_range((void*)arg3, ((size_t)arg2 + TARGET_PAGE_SIZE - 1) / TARGET_PAGE_SIZE);*/ ++ ret = get_errno(mincore((void*)arg1, (size_t)arg2, (unsigned char*)arg3)); ++ break; + #endif + #ifdef TARGET_NR_madvise + case TARGET_NR_madvise: +@@ -5462,7 +5466,8 @@ + break; + #ifdef TARGET_NR_readahead + case TARGET_NR_readahead: +- goto unimplemented; ++ ret = get_errno(readahead((int)arg1, (off64_t)arg2, (size_t)arg3)); ++ break; + #endif + #ifdef TARGET_NR_setxattr + case TARGET_NR_setxattr: diff --git a/packages/qemu/qemu-0.9.1+svn/32_syscall_sysctl.patch b/packages/qemu/qemu-0.9.1+svn/32_syscall_sysctl.patch new file mode 100644 index 0000000000..d42c44cebc --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/32_syscall_sysctl.patch @@ -0,0 +1,55 @@ +#DPATCHLEVEL=0 +--- +# linux-user/syscall.c | 32 +++++++++++++++++++++++++++++--- +# 1 file changed, 29 insertions(+), 3 deletions(-) +# +Index: linux-user/syscall.c +=================================================================== +--- linux-user/syscall.c.orig 2008-04-24 20:15:59.000000000 +0100 ++++ linux-user/syscall.c 2008-04-24 20:16:01.000000000 +0100 +@@ -52,6 +52,7 @@ + //#include <sys/user.h> + #include <netinet/ip.h> + #include <netinet/tcp.h> ++#include <sys/sysctl.h> + + #define termios host_termios + #define winsize host_winsize +@@ -4758,9 +4759,34 @@ + break; + #endif + case TARGET_NR__sysctl: +- /* We don't implement this, but ENOTDIR is always a safe +- return value. */ +- ret = -TARGET_ENOTDIR; ++ { ++ struct __sysctl_args *args = (struct __sysctl_args *) arg1; ++ int *name_target, *name, nlen, *oldlenp, oldlen, newlen, i; ++ void *oldval, *newval; ++ ++ name_target = (int *) tswapl((long) args->name); ++ nlen = tswapl(args->nlen); ++ oldval = (void *) tswapl((long) args->oldval); ++ oldlenp = (int *) tswapl((long) args->oldlenp); ++ oldlen = tswapl(*oldlenp); ++ newval = (void *) tswapl((long) args->newval); ++ newlen = tswapl(args->newlen); ++ ++ name = alloca(nlen * sizeof (int)); ++ for (i = 0; i < nlen; i++) ++ name[i] = tswapl(name_target[i]); ++ ++ if (nlen == 2 && name[0] == CTL_KERN && name[1] == KERN_VERSION) { ++ ret = get_errno( ++ sysctl(name, nlen, oldval, &oldlen, newval, newlen)); ++ if (!is_error(ret)) { ++ *oldlenp = tswapl(oldlen); ++ } ++ } else { ++ gemu_log("qemu: Unsupported sysctl name\n"); ++ ret = -ENOSYS; ++ } ++ } + break; + case TARGET_NR_sched_setparam: + { diff --git a/packages/qemu/qemu-0.9.1+svn/33_syscall_ppc_clone.patch b/packages/qemu/qemu-0.9.1+svn/33_syscall_ppc_clone.patch new file mode 100644 index 0000000000..962f821523 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/33_syscall_ppc_clone.patch @@ -0,0 +1,22 @@ +#DPATCHLEVEL=0 +--- +# linux-user/syscall.c | 6 +----- +# 1 file changed, 1 insertion(+), 5 deletions(-) +# +Index: linux-user/syscall.c +=================================================================== +--- linux-user/syscall.c.orig 2008-04-24 20:16:01.000000000 +0100 ++++ linux-user/syscall.c 2008-04-24 20:16:02.000000000 +0100 +@@ -2760,11 +2760,7 @@ + if (!newsp) + newsp = env->gpr[1]; + new_env->gpr[1] = newsp; +- { +- int i; +- for (i = 7; i < 32; i++) +- new_env->gpr[i] = 0; +- } ++ new_env->gpr[3] = 0; + #elif defined(TARGET_SH4) + if (!newsp) + newsp = env->gregs[15]; diff --git a/packages/qemu/qemu-0.9.1+svn/39_syscall_fadvise64.patch b/packages/qemu/qemu-0.9.1+svn/39_syscall_fadvise64.patch new file mode 100644 index 0000000000..845232cfca --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/39_syscall_fadvise64.patch @@ -0,0 +1,21 @@ +--- + linux-user/syscall.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +Index: linux-user/syscall.c +=================================================================== +--- linux-user/syscall.c.orig 2008-04-24 20:16:02.000000000 +0100 ++++ linux-user/syscall.c 2008-04-24 20:16:03.000000000 +0100 +@@ -5350,6 +5350,12 @@ + ret = get_errno(mincore((void*)arg1, (size_t)arg2, (unsigned char*)arg3)); + break; + #endif ++#ifdef TARGET_NR_fadvise64_64 ++ case TARGET_NR_fadvise64_64: ++ /* Just return success */ ++ ret = get_errno(0); ++ break; ++#endif + #ifdef TARGET_NR_madvise + case TARGET_NR_madvise: + /* A straight passthrough may not be safe because qemu sometimes diff --git a/packages/qemu/qemu-0.9.1+svn/52_ne2000_return.patch b/packages/qemu/qemu-0.9.1+svn/52_ne2000_return.patch new file mode 100644 index 0000000000..e364bff731 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/52_ne2000_return.patch @@ -0,0 +1,17 @@ +--- + hw/ne2000.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: trunk/hw/ne2000.c +=================================================================== +--- trunk.orig/hw/ne2000.c 2008-04-24 20:15:46.000000000 +0100 ++++ trunk/hw/ne2000.c 2008-04-24 20:16:05.000000000 +0100 +@@ -217,7 +217,7 @@ + NE2000State *s = opaque; + + if (s->cmd & E8390_STOP) +- return 1; ++ return 0; + return !ne2000_buffer_full(s); + } + diff --git a/packages/qemu/qemu-0.9.1+svn/61_safe_64bit_int.patch b/packages/qemu/qemu-0.9.1+svn/61_safe_64bit_int.patch new file mode 100644 index 0000000000..9a67feac6b --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/61_safe_64bit_int.patch @@ -0,0 +1,27 @@ +#DPATCHLEVEL=0 +--- +# dyngen-exec.h | 4 ++-- +# 1 file changed, 2 insertions(+), 2 deletions(-) +# +Index: dyngen-exec.h +=================================================================== +--- dyngen-exec.h.orig 2008-04-24 20:15:46.000000000 +0100 ++++ dyngen-exec.h 2008-04-24 20:16:06.000000000 +0100 +@@ -38,7 +38,7 @@ + // Linux/Sparc64 defines uint64_t + #if !(defined (__sparc_v9__) && defined(__linux__)) + /* XXX may be done for all 64 bits targets ? */ +-#if defined (__x86_64__) || defined(__ia64) || defined(__s390x__) || defined(__alpha__) ++#if defined (__x86_64__) || defined(__ia64) || defined(__s390x__) || defined(__alpha__) || defined(__sparc__) + typedef unsigned long uint64_t; + #else + typedef unsigned long long uint64_t; +@@ -55,7 +55,7 @@ + typedef signed int int32_t; + // Linux/Sparc64 defines int64_t + #if !(defined (__sparc_v9__) && defined(__linux__)) +-#if defined (__x86_64__) || defined(__ia64) || defined(__s390x__) || defined(__alpha__) ++#if defined (__x86_64__) || defined(__ia64) || defined(__s390x__) || defined(__alpha__) || defined(__sparc__) + typedef signed long int64_t; + #else + typedef signed long long int64_t; diff --git a/packages/qemu/qemu-0.9.1+svn/63_sparc_build.patch b/packages/qemu/qemu-0.9.1+svn/63_sparc_build.patch new file mode 100644 index 0000000000..097f55a09e --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/63_sparc_build.patch @@ -0,0 +1,18 @@ +#DPATCHLEVEL=0 +--- +# sparc.ld | 2 +- +# 1 file changed, 1 insertion(+), 1 deletion(-) +# +Index: sparc.ld +=================================================================== +--- sparc.ld.orig 2008-04-24 20:15:46.000000000 +0100 ++++ sparc.ld 2008-04-24 20:16:07.000000000 +0100 +@@ -6,7 +6,7 @@ + SECTIONS + { + /* Read-only sections, merged into text segment: */ +- . = 0x60000000 + SIZEOF_HEADERS; ++ . = 0x60000000 + 0x400; + .interp : { *(.interp) } + .hash : { *(.hash) } + .dynsym : { *(.dynsym) } diff --git a/packages/qemu/qemu-0.9.1+svn/64_ppc_asm_constraints.patch b/packages/qemu/qemu-0.9.1+svn/64_ppc_asm_constraints.patch new file mode 100644 index 0000000000..7d19817278 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/64_ppc_asm_constraints.patch @@ -0,0 +1,18 @@ +#DPATCHLEVEL=1 +--- +# cpu-all.h | 2 +- +# 1 file changed, 1 insertion(+), 1 deletion(-) +# +Index: trunk/cpu-all.h +=================================================================== +--- trunk.orig/cpu-all.h 2008-04-24 20:15:46.000000000 +0100 ++++ trunk/cpu-all.h 2008-04-24 20:16:08.000000000 +0100 +@@ -285,7 +285,7 @@ + static inline void stl_le_p(void *ptr, int v) + { + #ifdef __powerpc__ +- __asm__ __volatile__ ("stwbrx %1,0,%2" : "=m" (*(uint32_t *)ptr) : "r" (v), "r" (ptr)); ++ __asm__ __volatile__ ("stwbrx %0,0,%1" : : "r" (v), "r" (ptr) : "memory"); + #else + uint8_t *p = ptr; + p[0] = v; diff --git a/packages/qemu/qemu-0.9.1+svn/65_kfreebsd.patch b/packages/qemu/qemu-0.9.1+svn/65_kfreebsd.patch new file mode 100644 index 0000000000..028e85a878 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/65_kfreebsd.patch @@ -0,0 +1,35 @@ +--- + configure | 6 ++++++ + vl.c | 2 ++ + 2 files changed, 8 insertions(+) + +Index: configure +=================================================================== +--- configure.orig 2008-04-24 20:15:46.000000000 +0100 ++++ configure 2008-04-24 20:16:09.000000000 +0100 +@@ -135,6 +135,12 @@ + kqemu="yes" + fi + ;; ++GNU/kFreeBSD) ++oss="yes" ++if [ "$cpu" = "i386" -o "$cpu" = "x86_64" ] ; then ++ kqemu="yes" ++fi ++;; + FreeBSD) + bsd="yes" + oss="yes" +Index: vl.c +=================================================================== +--- vl.c.orig 2008-04-24 20:15:58.000000000 +0100 ++++ vl.c 2008-04-24 20:16:09.000000000 +0100 +@@ -97,6 +97,8 @@ + #include <stropts.h> + #endif + #endif ++#elif defined (__GLIBC__) && defined (__FreeBSD_kernel__) ++#include <freebsd/stdlib.h> + #else + #include <winsock2.h> + int inet_aton(const char *cp, struct in_addr *ia); diff --git a/packages/qemu/qemu-0.9.1+svn/66_tls_ld.patch b/packages/qemu/qemu-0.9.1+svn/66_tls_ld.patch new file mode 100644 index 0000000000..cbd3f873d8 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/66_tls_ld.patch @@ -0,0 +1,55 @@ +--- + arm.ld | 7 +++++++ + i386.ld | 7 +++++++ + 2 files changed, 14 insertions(+) + +Index: arm.ld +=================================================================== +--- arm.ld.orig 2008-04-24 20:15:45.000000000 +0100 ++++ arm.ld 2008-04-24 20:16:11.000000000 +0100 +@@ -26,6 +26,10 @@ + { *(.rel.rodata) *(.rel.gnu.linkonce.r*) } + .rela.rodata : + { *(.rela.rodata) *(.rela.gnu.linkonce.r*) } ++ .rel.tdata : { *(.rel.tdata .rel.tdata.* .rel.gnu.linkonce.td.*) } ++ .rela.tdata : { *(.rela.tdata .rela.tdata.* .rela.gnu.linkonce.td.*) } ++ .rel.tbss : { *(.rel.tbss .rel.tbss.* .rel.gnu.linkonce.tb.*) } ++ .rela.tbss : { *(.rela.tbss .rela.tbss.* .rela.gnu.linkonce.tb.*) } + .rel.got : { *(.rel.got) } + .rela.got : { *(.rela.got) } + .rel.ctors : { *(.rel.ctors) } +@@ -58,6 +62,9 @@ + .ARM.exidx : { *(.ARM.exidx* .gnu.linkonce.armexidx.*) } + __exidx_end = .; + .reginfo : { *(.reginfo) } ++ /* Thread Local Storage sections */ ++ .tdata : { *(.tdata .tdata.* .gnu.linkonce.td.*) } ++ .tbss : { *(.tbss .tbss.* .gnu.linkonce.tb.*) *(.tcommon) } + /* Adjust the address for the data segment. We want to adjust up to + the same address within the page on the next page up. */ + . = ALIGN(0x100000) + (. & (0x100000 - 1)); +Index: i386.ld +=================================================================== +--- i386.ld.orig 2008-04-24 20:15:45.000000000 +0100 ++++ i386.ld 2008-04-24 20:16:11.000000000 +0100 +@@ -28,6 +28,10 @@ + { *(.rel.rodata) *(.rel.gnu.linkonce.r*) } + .rela.rodata : + { *(.rela.rodata) *(.rela.gnu.linkonce.r*) } ++ .rel.tdata : { *(.rel.tdata .rel.tdata.* .rel.gnu.linkonce.td.*) } ++ .rela.tdata : { *(.rela.tdata .rela.tdata.* .rela.gnu.linkonce.td.*) } ++ .rel.tbss : { *(.rel.tbss .rel.tbss.* .rel.gnu.linkonce.tb.*) } ++ .rela.tbss : { *(.rela.tbss .rela.tbss.* .rela.gnu.linkonce.tb.*) } + .rel.got : { *(.rel.got) } + .rela.got : { *(.rela.got) } + .rel.ctors : { *(.rel.ctors) } +@@ -53,6 +57,9 @@ + _etext = .; + PROVIDE (etext = .); + .fini : { *(.fini) } =0x47ff041f ++ /* Thread Local Storage sections */ ++ .tdata : { *(.tdata .tdata.* .gnu.linkonce.td.*) } ++ .tbss : { *(.tbss .tbss.* .gnu.linkonce.tb.*) *(.tcommon) } + . = ALIGN(32 / 8); + PROVIDE (__preinit_array_start = .); + .preinit_array : { *(.preinit_array) } diff --git a/packages/qemu/qemu-0.9.1+svn/91-oh-sdl-cursor.patch b/packages/qemu/qemu-0.9.1+svn/91-oh-sdl-cursor.patch new file mode 100644 index 0000000000..b3d95a4534 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/91-oh-sdl-cursor.patch @@ -0,0 +1,18 @@ +=== modified file 'sdl.c' +--- + sdl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: sdl.c +=================================================================== +--- sdl.c.orig 2008-04-24 20:15:45.000000000 +0100 ++++ sdl.c 2008-04-24 20:16:12.000000000 +0100 +@@ -247,7 +247,7 @@ + + if (kbd_mouse_is_absolute()) { + SDL_ShowCursor(1); +- SDL_SetCursor(sdl_cursor_hidden); ++ /* SDL_SetCursor(sdl_cursor_hidden); */ + } else { + SDL_ShowCursor(0); + } diff --git a/packages/qemu/qemu-0.9.1+svn/configure_symlinkpath_fix.patch b/packages/qemu/qemu-0.9.1+svn/configure_symlinkpath_fix.patch new file mode 100644 index 0000000000..3ec304a38c --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/configure_symlinkpath_fix.patch @@ -0,0 +1,28 @@ +Index: qemu-0.9.1/configure +=================================================================== +--- qemu-0.9.1.orig/configure 2008-01-24 15:33:13.000000000 +0000 ++++ qemu-0.9.1/configure 2008-01-24 15:45:50.000000000 +0000 +@@ -209,15 +209,17 @@ + + # find source path + source_path=`dirname "$0"` ++source_path_used="no" ++workdir=`pwd` ++workdir=`readlink -f $workdir` + if [ -z "$source_path" ]; then +- source_path=`pwd` ++ source_path=$workdir + else + source_path=`cd "$source_path"; pwd` +-fi +-if test "$source_path" = `pwd` ; then +- source_path_used="no" +-else +- source_path_used="yes" ++ source_path=`readlink -f $source_path` ++ if test "$source_path" != "$workdir" ; then ++ source_path_used="yes" ++ fi + fi + + werror="no" diff --git a/packages/qemu/qemu-0.9.1+svn/fix_brk.patch b/packages/qemu/qemu-0.9.1+svn/fix_brk.patch new file mode 100644 index 0000000000..f15e001dd6 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/fix_brk.patch @@ -0,0 +1,59 @@ +Index: trunk/linux-user/syscall.c +=================================================================== +--- trunk.orig/linux-user/syscall.c 2008-04-24 20:16:24.000000000 +0100 ++++ trunk/linux-user/syscall.c 2008-04-24 20:16:32.000000000 +0100 +@@ -440,7 +440,7 @@ + if (!new_brk) + return target_brk; + if (new_brk < target_original_brk) +- return -TARGET_ENOMEM; ++ return target_brk; + + brk_page = HOST_PAGE_ALIGN(target_brk); + +@@ -455,12 +455,11 @@ + mapped_addr = get_errno(target_mmap(brk_page, new_alloc_size, + PROT_READ|PROT_WRITE, + MAP_ANON|MAP_FIXED|MAP_PRIVATE, 0, 0)); +- if (is_error(mapped_addr)) { +- return mapped_addr; +- } else { ++ ++ if (!is_error(mapped_addr)) + target_brk = new_brk; +- return target_brk; +- } ++ ++ return target_brk; + } + + static inline abi_long copy_from_user_fdset(fd_set *fds, +Index: trunk/linux-user/mmap.c +=================================================================== +--- trunk.orig/linux-user/mmap.c 2008-04-24 20:16:16.000000000 +0100 ++++ trunk/linux-user/mmap.c 2008-04-24 20:16:32.000000000 +0100 +@@ -264,6 +264,9 @@ + host_start += offset - host_offset; + start = h2g(host_start); + } else { ++ int flg; ++ target_ulong addr; ++ + if (start & ~TARGET_PAGE_MASK) { + errno = EINVAL; + return -1; +@@ -271,6 +274,14 @@ + end = start + len; + real_end = HOST_PAGE_ALIGN(end); + ++ for(addr = real_start; addr < real_end; addr += TARGET_PAGE_SIZE) { ++ flg = page_get_flags(addr); ++ if( flg & PAGE_RESERVED ) { ++ errno = ENXIO; ++ return -1; ++ } ++ } ++ + /* worst case: we cannot map the file because the offset is not + aligned, so we read it */ + if (!(flags & MAP_ANONYMOUS) && diff --git a/packages/qemu/qemu-0.9.1+svn/fix_protection_bits.patch b/packages/qemu/qemu-0.9.1+svn/fix_protection_bits.patch new file mode 100644 index 0000000000..ee2b077602 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/fix_protection_bits.patch @@ -0,0 +1,14 @@ +Index: qemu-0.9.1/linux-user/mmap.c +=================================================================== +--- qemu-0.9.1.orig/linux-user/mmap.c 2008-04-16 14:10:26.000000000 +0100 ++++ qemu-0.9.1/linux-user/mmap.c 2008-04-16 14:10:51.000000000 +0100 +@@ -49,8 +49,7 @@ + end = start + len; + if (end < start) + return -EINVAL; +- if (prot & ~(PROT_READ | PROT_WRITE | PROT_EXEC)) +- return -EINVAL; ++ prot = prot & (PROT_READ | PROT_WRITE | PROT_EXEC); + if (len == 0) + return 0; + diff --git a/packages/qemu/qemu-0.9.1+svn/fix_segfault.patch b/packages/qemu/qemu-0.9.1+svn/fix_segfault.patch new file mode 100644 index 0000000000..224a8b813d --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/fix_segfault.patch @@ -0,0 +1,37 @@ +--- + linux-user/syscall.c | 22 ---------------------- + 1 file changed, 22 deletions(-) + +Index: trunk/linux-user/syscall.c +=================================================================== +--- trunk.orig/linux-user/syscall.c 2008-04-24 20:16:21.000000000 +0100 ++++ trunk/linux-user/syscall.c 2008-04-24 20:16:24.000000000 +0100 +@@ -5728,28 +5728,6 @@ + goto unimplemented_nowarn; + #endif + +-#ifdef TARGET_NR_clock_gettime +- case TARGET_NR_clock_gettime: +- { +- struct timespec ts; +- ret = get_errno(clock_gettime(arg1, &ts)); +- if (!is_error(ret)) { +- host_to_target_timespec(arg2, &ts); +- } +- break; +- } +-#endif +-#ifdef TARGET_NR_clock_getres +- case TARGET_NR_clock_getres: +- { +- struct timespec ts; +- ret = get_errno(clock_getres(arg1, &ts)); +- if (!is_error(ret)) { +- host_to_target_timespec(arg2, &ts); +- } +- break; +- } +-#endif + + #if defined(TARGET_NR_set_tid_address) && defined(__NR_set_tid_address) + case TARGET_NR_set_tid_address: diff --git a/packages/qemu/qemu-0.9.1+svn/no-strip.patch b/packages/qemu/qemu-0.9.1+svn/no-strip.patch new file mode 100644 index 0000000000..4813dd4e2b --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/no-strip.patch @@ -0,0 +1,26 @@ +Index: trunk/Makefile +=================================================================== +--- trunk.orig/Makefile 2008-04-24 20:15:37.000000000 +0100 ++++ trunk/Makefile 2008-04-24 20:16:30.000000000 +0100 +@@ -196,7 +196,7 @@ + install: all $(if $(BUILD_DOCS),install-doc) + mkdir -p "$(DESTDIR)$(bindir)" + ifneq ($(TOOLS),) +- $(INSTALL) -m 755 -s $(TOOLS) "$(DESTDIR)$(bindir)" ++ $(INSTALL) -m 755 $(TOOLS) "$(DESTDIR)$(bindir)" + endif + mkdir -p "$(DESTDIR)$(datadir)" + set -e; for x in bios.bin vgabios.bin vgabios-cirrus.bin ppc_rom.bin \ +Index: trunk/Makefile.target +=================================================================== +--- trunk.orig/Makefile.target 2008-04-24 20:15:37.000000000 +0100 ++++ trunk/Makefile.target 2008-04-24 20:16:30.000000000 +0100 +@@ -685,7 +685,7 @@ + + install: all + ifneq ($(PROGS),) +- $(INSTALL) -m 755 -s $(PROGS) "$(DESTDIR)$(bindir)" ++ $(INSTALL) -m 755 $(PROGS) "$(DESTDIR)$(bindir)" + endif + + # Include automatically generated dependency files diff --git a/packages/qemu/qemu-0.9.1+svn/qemu-0.9.0-nptl.patch b/packages/qemu/qemu-0.9.1+svn/qemu-0.9.0-nptl.patch new file mode 100644 index 0000000000..ac68ebf460 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/qemu-0.9.0-nptl.patch @@ -0,0 +1,1100 @@ +--- + configure | 25 ++++++ + exec-all.h | 165 ------------------------------------------ + linux-user/arm/syscall.h | 4 - + linux-user/main.c | 94 +++++++++++++++++++++--- + linux-user/qemu.h | 3 + linux-user/syscall.c | 91 ++++++++++++++++++++++- + qemu_spinlock.h | 181 +++++++++++++++++++++++++++++++++++++++++++++++ + target-arm/cpu.h | 10 ++ + target-arm/op.c | 6 + + target-arm/translate.c | 9 ++ + 10 files changed, 405 insertions(+), 183 deletions(-) + +Index: trunk/configure +=================================================================== +--- trunk.orig/configure 2008-04-24 20:16:52.000000000 +0100 ++++ trunk/configure 2008-04-24 20:16:53.000000000 +0100 +@@ -112,6 +112,7 @@ + build_docs="no" + uname_release="" + curses="yes" ++nptl="yes" + + # OS specific + targetos=`uname -s` +@@ -339,6 +340,8 @@ + ;; + *) echo "ERROR: unknown option $opt"; show_help="yes" + ;; ++ --disable-nptl) nptl="no" ++ ;; + esac + done + +@@ -436,6 +439,7 @@ + echo " --disable-linux-user disable all linux usermode emulation targets" + echo " --enable-darwin-user enable all darwin usermode emulation targets" + echo " --disable-darwin-user disable all darwin usermode emulation targets" ++echo " --disable-nptl disable usermode NPTL guest support" + echo " --fmod-lib path to FMOD library" + echo " --fmod-inc path to FMOD includes" + echo " --enable-uname-release=R Return R for uname -r in usermode emulation" +@@ -647,6 +651,23 @@ + } + EOF + ++# check NPTL support ++cat > $TMPC <<EOF ++#include <sched.h> ++void foo() ++{ ++#ifndef CLONE_SETTLS ++#error bork ++#endif ++} ++EOF ++ ++if $cc -c -o $TMPO $TMPC 2> /dev/null ; then ++ : ++else ++ nptl="no" ++fi ++ + ########################################## + # SDL probe + +@@ -845,6 +866,7 @@ + echo "Documentation $build_docs" + [ ! -z "$uname_release" ] && \ + echo "uname -r $uname_release" ++echo "NPTL support $nptl" + + if test $sdl_too_old = "yes"; then + echo "-> Your SDL version is too old - please upgrade to have SDL support" +@@ -1228,6 +1250,9 @@ + echo "#define TARGET_ARM 1" >> $config_h + echo "#define CONFIG_NO_DYNGEN_OP 1" >> $config_h + bflt="yes" ++ if test "$nptl" = "yes" ; then ++ echo "#define USE_NPTL 1" >> $config_h ++ fi + ;; + cris) + echo "TARGET_ARCH=cris" >> $config_mak +Index: trunk/exec-all.h +=================================================================== +--- trunk.orig/exec-all.h 2008-04-24 20:16:41.000000000 +0100 ++++ trunk/exec-all.h 2008-04-24 20:16:53.000000000 +0100 +@@ -303,217 +303,7 @@ + extern CPUReadMemoryFunc *io_mem_read[IO_MEM_NB_ENTRIES][4]; + extern void *io_mem_opaque[IO_MEM_NB_ENTRIES]; + +-#if defined(__hppa__) +- +-typedef int spinlock_t[4]; +- +-#define SPIN_LOCK_UNLOCKED { 1, 1, 1, 1 } +- +-static inline void resetlock (spinlock_t *p) +-{ +- (*p)[0] = (*p)[1] = (*p)[2] = (*p)[3] = 1; +-} +- +-#else +- +-typedef int spinlock_t; +- +-#define SPIN_LOCK_UNLOCKED 0 +- +-static inline void resetlock (spinlock_t *p) +-{ +- *p = SPIN_LOCK_UNLOCKED; +-} +- +-#endif +- +-#if defined(__powerpc__) +-static inline int testandset (int *p) +-{ +- int ret; +- __asm__ __volatile__ ( +- "0: lwarx %0,0,%1\n" +- " xor. %0,%3,%0\n" +- " bne 1f\n" +- " stwcx. %2,0,%1\n" +- " bne- 0b\n" +- "1: " +- : "=&r" (ret) +- : "r" (p), "r" (1), "r" (0) +- : "cr0", "memory"); +- return ret; +-} +-#elif defined(__i386__) +-static inline int testandset (int *p) +-{ +- long int readval = 0; +- +- __asm__ __volatile__ ("lock; cmpxchgl %2, %0" +- : "+m" (*p), "+a" (readval) +- : "r" (1) +- : "cc"); +- return readval; +-} +-#elif defined(__x86_64__) +-static inline int testandset (int *p) +-{ +- long int readval = 0; +- +- __asm__ __volatile__ ("lock; cmpxchgl %2, %0" +- : "+m" (*p), "+a" (readval) +- : "r" (1) +- : "cc"); +- return readval; +-} +-#elif defined(__s390__) +-static inline int testandset (int *p) +-{ +- int ret; +- +- __asm__ __volatile__ ("0: cs %0,%1,0(%2)\n" +- " jl 0b" +- : "=&d" (ret) +- : "r" (1), "a" (p), "0" (*p) +- : "cc", "memory" ); +- return ret; +-} +-#elif defined(__alpha__) +-static inline int testandset (int *p) +-{ +- int ret; +- unsigned long one; +- +- __asm__ __volatile__ ("0: mov 1,%2\n" +- " ldl_l %0,%1\n" +- " stl_c %2,%1\n" +- " beq %2,1f\n" +- ".subsection 2\n" +- "1: br 0b\n" +- ".previous" +- : "=r" (ret), "=m" (*p), "=r" (one) +- : "m" (*p)); +- return ret; +-} +-#elif defined(__sparc__) +-static inline int testandset (int *p) +-{ +- int ret; +- +- __asm__ __volatile__("ldstub [%1], %0" +- : "=r" (ret) +- : "r" (p) +- : "memory"); +- +- return (ret ? 1 : 0); +-} +-#elif defined(__arm__) +-static inline int testandset (int *spinlock) +-{ +- register unsigned int ret; +- __asm__ __volatile__("swp %0, %1, [%2]" +- : "=r"(ret) +- : "0"(1), "r"(spinlock)); +- +- return ret; +-} +-#elif defined(__mc68000) +-static inline int testandset (int *p) +-{ +- char ret; +- __asm__ __volatile__("tas %1; sne %0" +- : "=r" (ret) +- : "m" (p) +- : "cc","memory"); +- return ret; +-} +-#elif defined(__hppa__) +- +-/* Because malloc only guarantees 8-byte alignment for malloc'd data, +- and GCC only guarantees 8-byte alignment for stack locals, we can't +- be assured of 16-byte alignment for atomic lock data even if we +- specify "__attribute ((aligned(16)))" in the type declaration. So, +- we use a struct containing an array of four ints for the atomic lock +- type and dynamically select the 16-byte aligned int from the array +- for the semaphore. */ +-#define __PA_LDCW_ALIGNMENT 16 +-static inline void *ldcw_align (void *p) { +- unsigned long a = (unsigned long)p; +- a = (a + __PA_LDCW_ALIGNMENT - 1) & ~(__PA_LDCW_ALIGNMENT - 1); +- return (void *)a; +-} +- +-static inline int testandset (spinlock_t *p) +-{ +- unsigned int ret; +- p = ldcw_align(p); +- __asm__ __volatile__("ldcw 0(%1),%0" +- : "=r" (ret) +- : "r" (p) +- : "memory" ); +- return !ret; +-} +- +-#elif defined(__ia64) +- +-#include <ia64intrin.h> +- +-static inline int testandset (int *p) +-{ +- return __sync_lock_test_and_set (p, 1); +-} +-#elif defined(__mips__) +-static inline int testandset (int *p) +-{ +- int ret; +- +- __asm__ __volatile__ ( +- " .set push \n" +- " .set noat \n" +- " .set mips2 \n" +- "1: li $1, 1 \n" +- " ll %0, %1 \n" +- " sc $1, %1 \n" +- " beqz $1, 1b \n" +- " .set pop " +- : "=r" (ret), "+R" (*p) +- : +- : "memory"); +- +- return ret; +-} +-#else +-#error unimplemented CPU support +-#endif +- +-#if defined(CONFIG_USER_ONLY) +-static inline void spin_lock(spinlock_t *lock) +-{ +- while (testandset(lock)); +-} +- +-static inline void spin_unlock(spinlock_t *lock) +-{ +- resetlock(lock); +-} +- +-static inline int spin_trylock(spinlock_t *lock) +-{ +- return !testandset(lock); +-} +-#else +-static inline void spin_lock(spinlock_t *lock) +-{ +-} +- +-static inline void spin_unlock(spinlock_t *lock) +-{ +-} +- +-static inline int spin_trylock(spinlock_t *lock) +-{ +- return 1; +-} +-#endif ++#include "qemu_spinlock.h" + + extern spinlock_t tb_lock; + +Index: trunk/linux-user/arm/syscall.h +=================================================================== +--- trunk.orig/linux-user/arm/syscall.h 2008-04-24 20:16:41.000000000 +0100 ++++ trunk/linux-user/arm/syscall.h 2008-04-24 20:16:53.000000000 +0100 +@@ -28,7 +28,9 @@ + #define ARM_SYSCALL_BASE 0x900000 + #define ARM_THUMB_SYSCALL 0 + +-#define ARM_NR_cacheflush (ARM_SYSCALL_BASE + 0xf0000 + 2) ++#define ARM_NR_BASE 0xf0000 ++#define ARM_NR_cacheflush (ARM_NR_BASE + 2) ++#define ARM_NR_set_tls (ARM_NR_BASE + 5) + + #define ARM_NR_semihosting 0x123456 + #define ARM_NR_thumb_semihosting 0xAB +Index: trunk/linux-user/main.c +=================================================================== +--- trunk.orig/linux-user/main.c 2008-04-24 20:16:47.000000000 +0100 ++++ trunk/linux-user/main.c 2008-04-24 20:17:38.000000000 +0100 +@@ -365,6 +365,50 @@ + } + } + ++/* Handle a jump to the kernel code page. */ ++static int ++do_kernel_trap(CPUARMState *env) ++{ ++ uint32_t addr; ++ uint32_t *ptr; ++ uint32_t cpsr; ++ ++ switch (env->regs[15]) { ++ case 0xffff0fc0: /* __kernel_cmpxchg */ ++ /* XXX: This only works between threads, not between processes. ++ Use native atomic operations. */ ++ /* ??? This probably breaks horribly if the access segfaults. */ ++ cpu_lock(); ++ ptr = (uint32_t *)env->regs[2]; ++ cpsr = cpsr_read(env); ++ if (*ptr == env->regs[0]) { ++ *ptr = env->regs[1]; ++ env->regs[0] = 0; ++ cpsr |= CPSR_C; ++ } else { ++ env->regs[0] = -1; ++ cpsr &= ~CPSR_C; ++ } ++ cpsr_write(env, cpsr, CPSR_C); ++ cpu_unlock(); ++ break; ++ case 0xffff0fe0: /* __kernel_get_tls */ ++ env->regs[0] = env->cp15.c13_tls2; ++ break; ++ default: ++ return 1; ++ } ++ /* Jump back to the caller. */ ++ addr = env->regs[14]; ++ if (addr & 1) { ++ env->thumb = 1; ++ addr &= ~1; ++ } ++ env->regs[15] = addr; ++ ++ return 0; ++} ++ + void cpu_loop(CPUARMState *env) + { + int trapnr; +@@ -475,10 +519,8 @@ + } + } + +- if (n == ARM_NR_cacheflush) { +- arm_cache_flush(env->regs[0], env->regs[1]); +- } else if (n == ARM_NR_semihosting +- || n == ARM_NR_thumb_semihosting) { ++ if (n == ARM_NR_semihosting ++ || n == ARM_NR_thumb_semihosting) { + env->regs[0] = do_arm_semihosting (env); + } else if (n == 0 || n >= ARM_SYSCALL_BASE + || (env->thumb && n == ARM_THUMB_SYSCALL)) { +@@ -489,14 +531,34 @@ + n -= ARM_SYSCALL_BASE; + env->eabi = 0; + } +- env->regs[0] = do_syscall(env, +- n, +- env->regs[0], +- env->regs[1], +- env->regs[2], +- env->regs[3], +- env->regs[4], +- env->regs[5]); ++ if ( n > ARM_NR_BASE) { ++ switch (n) ++ { ++ case ARM_NR_cacheflush: ++ arm_cache_flush(env->regs[0], env->regs[1]); ++ break; ++#ifdef USE_NPTL ++ case ARM_NR_set_tls: ++ cpu_set_tls(env, env->regs[0]); ++ env->regs[0] = 0; ++ break; ++#endif ++ default: ++ printf ("Error: Bad syscall: %x\n", n); ++ goto error; ++ } ++ } ++ else ++ { ++ env->regs[0] = do_syscall(env, ++ n, ++ env->regs[0], ++ env->regs[1], ++ env->regs[2], ++ env->regs[3], ++ env->regs[4], ++ env->regs[5]); ++ } + } else { + goto error; + } +@@ -535,6 +597,10 @@ + } + } + break; ++ case EXCP_KERNEL_TRAP: ++ if (do_kernel_trap(env)) ++ goto error; ++ break; + default: + error: + fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n", +@@ -1994,6 +2060,11 @@ + int drop_ld_preload = 0, environ_count = 0; + char **target_environ, **wrk, **dst; + ++ char *assume_kernel = getenv("QEMU_ASSUME_KERNEL"); ++ ++ if (assume_kernel) ++ setenv("LD_ASSUME_KERNEL", assume_kernel, 1); ++ + if (argc <= 1) + usage(); + +@@ -2403,6 +2474,10 @@ + ts->heap_base = info->brk; + /* This will be filled in on the first SYS_HEAPINFO call. */ + ts->heap_limit = 0; ++ /* Register the magic kernel code page. The cpu will generate a ++ special exception when it tries to execute code here. We can't ++ put real code here because it may be in use by the host kernel. */ ++ page_set_flags(0xffff0000, 0xffff0fff, 0); + #endif + + if (gdbstub_port) { +Index: trunk/linux-user/qemu.h +=================================================================== +--- trunk.orig/linux-user/qemu.h 2008-04-24 20:16:41.000000000 +0100 ++++ trunk/linux-user/qemu.h 2008-04-24 20:16:53.000000000 +0100 +@@ -107,6 +107,9 @@ + uint32_t heap_base; + uint32_t heap_limit; + #endif ++#ifdef USE_NPTL ++ uint32_t *child_tidptr; ++#endif + int used; /* non zero if used */ + struct image_info *info; + uint8_t stack[0]; +Index: trunk/linux-user/syscall.c +=================================================================== +--- trunk.orig/linux-user/syscall.c 2008-04-24 20:16:50.000000000 +0100 ++++ trunk/linux-user/syscall.c 2008-04-24 20:19:52.000000000 +0100 +@@ -61,6 +61,7 @@ + #define tchars host_tchars /* same as target */ + #define ltchars host_ltchars /* same as target */ + ++#include <linux/futex.h> + #include <linux/termios.h> + #include <linux/unistd.h> + #include <linux/utsname.h> +@@ -71,9 +72,18 @@ + #include <linux/kd.h> + + #include "qemu.h" ++#include "qemu_spinlock.h" + + //#define DEBUG + ++#ifdef USE_NPTL ++#define CLONE_NPTL_FLAGS2 (CLONE_SETTLS | \ ++ CLONE_PARENT_SETTID | CLONE_CHILD_SETTID | CLONE_CHILD_CLEARTID) ++#else ++/* XXX: Hardcode the above values. */ ++#define CLONE_NPTL_FLAGS2 0 ++#endif ++ + #if defined(TARGET_I386) || defined(TARGET_ARM) || defined(TARGET_SPARC) \ + || defined(TARGET_M68K) || defined(TARGET_SH4) || defined(TARGET_CRIS) + /* 16 bit uid wrappers emulation */ +@@ -2695,16 +2705,25 @@ + return 0; + } + #endif +- + #endif /* defined(TARGET_I386) */ + + /* this stack is the equivalent of the kernel stack associated with a + thread/process */ + #define NEW_STACK_SIZE 8192 + ++#ifdef USE_NPTL ++static spinlock_t nptl_lock = SPIN_LOCK_UNLOCKED; ++#endif ++ + static int clone_func(void *arg) + { + CPUState *env = arg; ++#ifdef HAVE_NPTL ++ /* Wait until the parent has finshed initializing the tls state. */ ++ while (!spin_trylock(&nptl_lock)) ++ usleep(1); ++ spin_unlock(&nptl_lock); ++#endif + cpu_loop(env); + /* never exits */ + return 0; +@@ -2712,15 +2731,27 @@ + + /* do_fork() Must return host values and target errnos (unlike most + do_*() functions). */ +-int do_fork(CPUState *env, unsigned int flags, abi_ulong newsp) ++int do_fork(CPUState *env, unsigned int flags, unsigned long newsp, ++ uint32_t *parent_tidptr, void *newtls, ++ uint32_t *child_tidptr) + { + int ret; + TaskState *ts; + uint8_t *new_stack; + CPUState *new_env; ++#if defined(TARGET_I386) ++ uint64_t *new_gdt_table; ++#endif ++#ifdef USE_NPTL ++ unsigned int nptl_flags; + ++ if (flags & CLONE_PARENT_SETTID) ++ *parent_tidptr = gettid(); ++#endif + if (flags & CLONE_VM) { + ts = malloc(sizeof(TaskState) + NEW_STACK_SIZE); ++ if (!ts) ++ return -ENOMEM; + memset(ts, 0, sizeof(TaskState)); + new_stack = ts->stack; + ts->used = 1; +@@ -2732,6 +2763,29 @@ + #if defined(TARGET_I386) + if (!newsp) + newsp = env->regs[R_ESP]; ++ new_gdt_table = malloc(9 * 8); ++ if (!new_gdt_table) { ++ free(new_env); ++ return -ENOMEM; ++ } ++ /* Copy main GDT table from parent, but clear TLS entries */ ++ memcpy(new_gdt_table, g2h(env->gdt.base), 6 * 8); ++ memset(&new_gdt_table[6], 0, 3 * 8); ++ new_env->gdt.base = h2g(new_gdt_table); ++ if (flags & 0x00080000 /* CLONE_SETTLS */) { ++ ret = do_set_thread_area(new_env, new_env->regs[R_ESI]); ++ if (ret) { ++ free(new_gdt_table); ++ free(new_env); ++ return ret; ++ } ++ } ++ cpu_x86_load_seg(env, R_CS, new_env->regs[R_CS]); ++ cpu_x86_load_seg(env, R_DS, new_env->regs[R_DS]); ++ cpu_x86_load_seg(env, R_ES, new_env->regs[R_ES]); ++ cpu_x86_load_seg(env, R_SS, new_env->regs[R_SS]); ++ cpu_x86_load_seg(env, R_FS, new_env->regs[R_FS]); ++ cpu_x86_load_seg(env, R_GS, new_env->regs[R_GS]); + new_env->regs[R_ESP] = newsp; + new_env->regs[R_EAX] = 0; + #elif defined(TARGET_ARM) +@@ -2784,16 +2838,67 @@ + #error unsupported target CPU + #endif + new_env->opaque = ts; ++#ifdef USE_NPTL ++ nptl_flags = flags; ++ flags &= ~CLONE_NPTL_FLAGS2; ++ ++ if (nptl_flags & CLONE_CHILD_CLEARTID) { ++ ts->child_tidptr = child_tidptr; ++ } ++ ++ if (nptl_flags & CLONE_SETTLS) ++ cpu_set_tls (new_env, newtls); ++ ++ /* Grab the global cpu lock so that the thread setup appears ++ atomic. */ ++ if (nptl_flags & CLONE_CHILD_SETTID) ++ spin_lock(&nptl_lock); ++ ++#else ++ if (flags & CLONE_NPTL_FLAGS2) ++ return -EINVAL; ++#endif ++ ++ if (CLONE_VFORK & flags) ++ flags ^= CLONE_VM; + #ifdef __ia64__ + ret = __clone2(clone_func, new_stack + NEW_STACK_SIZE, flags, new_env); + #else + ret = clone(clone_func, new_stack + NEW_STACK_SIZE, flags, new_env); + #endif ++#ifdef USE_NPTL ++ if (ret != -1) { ++ if (nptl_flags & CLONE_CHILD_SETTID) ++ *child_tidptr = ret; ++ } ++ ++ /* Allow the child to continue. */ ++ if (nptl_flags & CLONE_CHILD_SETTID) ++ spin_unlock(&nptl_lock); ++#endif + } else { + /* if no CLONE_VM, we consider it is a fork */ +- if ((flags & ~CSIGNAL) != 0) ++ if ((flags & ~(CSIGNAL | CLONE_NPTL_FLAGS2)) != 0) + return -EINVAL; + ret = fork(); ++#ifdef USE_NPTL ++ /* There is a race condition here. The parent process could ++ theoretically read the TID in the child process before the child ++ tid is set. This would require using either ptrace ++ (not implemented) or having *_tidptr to point at a shared memory ++ mapping. We can't repeat the spinlock hack used above because ++ the child process gets its own copy of the lock. */ ++ if (ret == 0) { ++ /* Child Process. */ ++ if (flags & CLONE_CHILD_SETTID) ++ *child_tidptr = gettid(); ++ ts = (TaskState *)env->opaque; ++ if (flags & CLONE_CHILD_CLEARTID) ++ ts->child_tidptr = child_tidptr; ++ if (flags & CLONE_SETTLS) ++ cpu_set_tls (env, newtls); ++ } ++#endif + } + return ret; + } +@@ -3052,6 +3157,68 @@ + unlock_user_struct(target_ts, target_addr, 1); + } + ++static long do_futex(target_ulong uaddr, int op, uint32_t val, ++ target_ulong utime, target_ulong uaddr2, ++ uint32_t val3) ++{ ++ struct timespec host_utime; ++ unsigned long val2 = utime; ++ ++ if (utime && (op == FUTEX_WAIT || op == FUTEX_LOCK_PI)) { ++ target_to_host_timespec(&host_utime, utime); ++ val2 = (unsigned long)&host_utime; ++ } ++ ++#ifdef BSWAP_NEEDED ++ switch(op) { ++ case FUTEX_CMP_REQUEUE: ++ val3 = tswap32(val3); ++ case FUTEX_REQUEUE: ++ val2 = tswap32(val2); ++ case FUTEX_WAIT: ++ case FUTEX_WAKE: ++ val = tswap32(val); ++ case FUTEX_LOCK_PI: /* This one's icky, but comes out OK */ ++ case FUTEX_UNLOCK_PI: ++ break; ++ default: ++ gemu_log("qemu: Unsupported futex op %d\n", op); ++ return -ENOSYS; ++ } ++#if 0 /* No, it's worse than this */ ++ if (op == FUTEX_WAKE_OP) { ++ /* Need to munge the secondary operation (val3) */ ++ val3 = tswap32(val3); ++ int op2 = (val3 >> 28) & 7; ++ int cmp = (val3 >> 24) & 15; ++ int oparg = (val3 << 8) >> 20; ++ int cmparg = (val3 << 20) >> 20; ++ int shift = val3 & (FUTEX_OP_OPARG_SHIFT << 28); ++ ++ if (shift) ++ oparg = (oparg & 7) + 24 - (oparg & 24); ++ else oparg = ++ if (op2 == FUTEX_OP_ADD) { ++ gemu_log("qemu: Unsupported wrong-endian FUTEX_OP_ADD\n"); ++ return -ENOSYS; ++ } ++ if (cmparg == FUTEX_OP_CMP_LT || cmparg == FUTEX_OP_CMP_GE || ++ cmparg == FUTEX_OP_CMP_LE || cmparg == FUTEX_OP_CMP_GT) { ++ gemu_log("qemu: Unsupported wrong-endian futex cmparg %d\n", cmparg); ++ return -ENOSYS; ++ } ++ val3 = shift | (op2<<28) | (cmp<<24) | (oparg<<12) | cmparg; ++ } ++#endif ++#endif ++ return syscall(__NR_futex, g2h(uaddr), op, val, val2, g2h(uaddr2), val3); ++} ++ ++int do_set_tid_address(target_ulong tidptr) ++{ ++ return syscall(__NR_set_tid_address, g2h(tidptr)); ++} ++ + /* do_syscall() should always have a single exit point at the end so + that actions, such as logging of syscall results, can be performed. + All errnos that do_syscall() returns must be -TARGET_<errcode>. */ +@@ -3076,7 +3243,7 @@ + _mcleanup(); + #endif + gdb_exit(cpu_env, arg1); +- /* XXX: should free thread stack and CPU env */ ++ /* XXX: should free thread stack, GDT and CPU env */ + _exit(arg1); + ret = 0; /* avoid warning */ + break; +@@ -3118,7 +3285,7 @@ + ret = do_brk(arg1); + break; + case TARGET_NR_fork: +- ret = get_errno(do_fork(cpu_env, SIGCHLD, 0)); ++ ret = get_errno(do_fork(cpu_env, SIGCHLD, 0, NULL, NULL, NULL)); + break; + #ifdef TARGET_NR_waitpid + case TARGET_NR_waitpid: +@@ -4482,7 +4649,8 @@ + ret = get_errno(fsync(arg1)); + break; + case TARGET_NR_clone: +- ret = get_errno(do_fork(cpu_env, arg1, arg2)); ++ ret = get_errno(do_fork(cpu_env, arg1, arg2, (uint32_t *)arg3, ++ (void *)arg4, (uint32_t *)arg5)); + break; + #ifdef __NR_exit_group + /* new thread calls */ +@@ -4943,7 +5111,8 @@ + #endif + #ifdef TARGET_NR_vfork + case TARGET_NR_vfork: +- ret = get_errno(do_fork(cpu_env, CLONE_VFORK | CLONE_VM | SIGCHLD, 0)); ++ ret = get_errno(do_fork(cpu_env, CLONE_VFORK | CLONE_VM | SIGCHLD, 0, ++ NULL, NULL, NULL)); + break; + #endif + #ifdef TARGET_NR_ugetrlimit +@@ -5521,6 +5690,9 @@ + #elif defined(TARGET_I386) && defined(TARGET_ABI32) + ret = do_set_thread_area(cpu_env, arg1); + break; ++#elif TARGET_i386 ++ ret = get_errno(do_set_thread_area(cpu_env, arg1)); ++ break; + #else + goto unimplemented_nowarn; + #endif +@@ -5538,6 +5710,12 @@ + goto unimplemented_nowarn; + #endif + ++#ifdef TARGET_NR_futex ++ case TARGET_NR_futex: ++ ret = get_errno(do_futex(arg1, arg2, arg3, arg4, arg5, arg6)); ++ break; ++#endif ++ + #ifdef TARGET_NR_clock_gettime + case TARGET_NR_clock_gettime: + { +Index: trunk/qemu_spinlock.h +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ trunk/qemu_spinlock.h 2008-04-24 20:16:53.000000000 +0100 +@@ -0,0 +1,250 @@ ++/* ++ * Atomic operation helper include ++ * ++ * Copyright (c) 2005 Fabrice Bellard ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ++ */ ++#ifndef QEMU_SPINLOCK_H ++#define QEMU_SPINLOCK_H ++ ++#ifdef __powerpc__ ++static inline int testandset (int *p) ++{ ++ int ret; ++ __asm__ __volatile__ ( ++ "0: lwarx %0,0,%1\n" ++ " xor. %0,%3,%0\n" ++ " bne 1f\n" ++ " stwcx. %2,0,%1\n" ++ " bne- 0b\n" ++ "1: " ++ : "=&r" (ret) ++ : "r" (p), "r" (1), "r" (0) ++ : "cr0", "memory"); ++ return ret; ++} ++#endif ++ ++#ifdef __i386__ ++static inline int testandset (int *p) ++{ ++ long int readval = 0; ++ ++ __asm__ __volatile__ ("lock; cmpxchgl %2, %0" ++ : "+m" (*p), "+a" (readval) ++ : "r" (1) ++ : "cc"); ++ return readval; ++} ++#endif ++ ++#ifdef __x86_64__ ++static inline int testandset (int *p) ++{ ++ long int readval = 0; ++ ++ __asm__ __volatile__ ("lock; cmpxchgl %2, %0" ++ : "+m" (*p), "+a" (readval) ++ : "r" (1) ++ : "cc"); ++ return readval; ++} ++#endif ++ ++#ifdef __s390__ ++static inline int testandset (int *p) ++{ ++ int ret; ++ ++ __asm__ __volatile__ ("0: cs %0,%1,0(%2)\n" ++ " jl 0b" ++ : "=&d" (ret) ++ : "r" (1), "a" (p), "0" (*p) ++ : "cc", "memory" ); ++ return ret; ++} ++#endif ++ ++#ifdef __alpha__ ++static inline int testandset (int *p) ++{ ++ int ret; ++ unsigned long one; ++ ++ __asm__ __volatile__ ("0: mov 1,%2\n" ++ " ldl_l %0,%1\n" ++ " stl_c %2,%1\n" ++ " beq %2,1f\n" ++ ".subsection 2\n" ++ "1: br 0b\n" ++ ".previous" ++ : "=r" (ret), "=m" (*p), "=r" (one) ++ : "m" (*p)); ++ return ret; ++} ++#endif ++ ++#ifdef __sparc__ ++static inline int testandset (int *p) ++{ ++ int ret; ++ ++ __asm__ __volatile__("ldstub [%1], %0" ++ : "=r" (ret) ++ : "r" (p) ++ : "memory"); ++ ++ return (ret ? 1 : 0); ++} ++#endif ++ ++#ifdef __arm__ ++static inline int testandset (int *spinlock) ++{ ++ register unsigned int ret; ++ __asm__ __volatile__("swp %0, %1, [%2]" ++ : "=r"(ret) ++ : "0"(1), "r"(spinlock)); ++ ++ return ret; ++} ++#endif ++ ++#ifdef __mc68000 ++static inline int testandset (int *p) ++{ ++ char ret; ++ __asm__ __volatile__("tas %1; sne %0" ++ : "=r" (ret) ++ : "m" (p) ++ : "cc","memory"); ++ return ret; ++} ++#endif ++ ++#ifdef __hppa__ ++/* Because malloc only guarantees 8-byte alignment for malloc'd data, ++ and GCC only guarantees 8-byte alignment for stack locals, we can't ++ be assured of 16-byte alignment for atomic lock data even if we ++ specify "__attribute ((aligned(16)))" in the type declaration. So, ++ we use a struct containing an array of four ints for the atomic lock ++ type and dynamically select the 16-byte aligned int from the array ++ for the semaphore. */ ++#define __PA_LDCW_ALIGNMENT 16 ++static inline void *ldcw_align (void *p) { ++ unsigned long a = (unsigned long)p; ++ a = (a + __PA_LDCW_ALIGNMENT - 1) & ~(__PA_LDCW_ALIGNMENT - 1); ++ return (void *)a; ++} ++ ++static inline int testandset (spinlock_t *p) ++{ ++ unsigned int ret; ++ p = ldcw_align(p); ++ __asm__ __volatile__("ldcw 0(%1),%0" ++ : "=r" (ret) ++ : "r" (p) ++ : "memory" ); ++ return !ret; ++} ++#endif ++ ++#ifdef __ia64 ++#include <ia64intrin.h> ++ ++static inline int testandset (int *p) ++{ ++ return __sync_lock_test_and_set (p, 1); ++} ++#endif ++ ++#ifdef __mips__ ++static inline int testandset (int *p) ++{ ++ int ret; ++ ++ __asm__ __volatile__ ( ++ " .set push \n" ++ " .set noat \n" ++ " .set mips2 \n" ++ "1: li $1, 1 \n" ++ " ll %0, %1 \n" ++ " sc $1, %1 \n" ++ " beqz $1, 1b \n" ++ " .set pop " ++ : "=r" (ret), "+R" (*p) ++ : ++ : "memory"); ++ ++ return ret; ++} ++#endif ++ ++#if defined(__hppa__) ++ ++typedef int spinlock_t[4]; ++ ++#define SPIN_LOCK_UNLOCKED { 1, 1, 1, 1 } ++ ++static inline void resetlock (spinlock_t *p) ++{ ++ (*p)[0] = (*p)[1] = (*p)[2] = (*p)[3] = 1; ++} ++ ++#else ++ ++typedef int spinlock_t; ++ ++#define SPIN_LOCK_UNLOCKED 0 ++ ++static inline void resetlock (spinlock_t *p) ++{ ++ *p = SPIN_LOCK_UNLOCKED; ++} ++ ++#endif ++ ++#if defined(CONFIG_USER_ONLY) ++static inline void spin_lock(spinlock_t *lock) ++{ ++ while (testandset(lock)); ++} ++ ++static inline void spin_unlock(spinlock_t *lock) ++{ ++ resetlock(lock); ++} ++ ++static inline int spin_trylock(spinlock_t *lock) ++{ ++ return !testandset(lock); ++} ++#else ++static inline void spin_lock(spinlock_t *lock) ++{ ++} ++ ++static inline void spin_unlock(spinlock_t *lock) ++{ ++} ++ ++static inline int spin_trylock(spinlock_t *lock) ++{ ++ return 1; ++} ++#endif ++ ++#endif +Index: trunk/target-arm/cpu.h +=================================================================== +--- trunk.orig/target-arm/cpu.h 2008-04-24 20:16:41.000000000 +0100 ++++ trunk/target-arm/cpu.h 2008-04-24 20:16:53.000000000 +0100 +@@ -38,6 +38,7 @@ + #define EXCP_FIQ 6 + #define EXCP_BKPT 7 + #define EXCP_EXCEPTION_EXIT 8 /* Return from v7M exception. */ ++#define EXCP_KERNEL_TRAP 9 /* Jumped to kernel code page. */ + + #define ARMV7M_EXCP_RESET 1 + #define ARMV7M_EXCP_NMI 2 +@@ -218,6 +219,15 @@ + void cpu_lock(void); + void cpu_unlock(void); + ++void cpu_lock(void); ++void cpu_unlock(void); ++#if defined(USE_NPTL) ++static inline void cpu_set_tls(CPUARMState *env, void *newtls) ++{ ++ env->cp15.c13_tls2 = (uint32_t)(long)newtls; ++} ++#endif ++ + #define CPSR_M (0x1f) + #define CPSR_T (1 << 5) + #define CPSR_F (1 << 6) +Index: trunk/target-arm/translate.c +=================================================================== +--- trunk.orig/target-arm/translate.c 2008-04-24 20:16:41.000000000 +0100 ++++ trunk/target-arm/translate.c 2008-04-24 20:16:53.000000000 +0100 +@@ -8606,7 +8606,14 @@ + gen_exception(EXCP_EXCEPTION_EXIT); + } + #endif +- ++#ifdef CONFIG_USER_ONLY ++ /* Intercept jump to the magic kernel page. */ ++ if (dc->pc > 0xffff0000) { ++ gen_exception(EXCP_KERNEL_TRAP); ++ dc->is_jmp = DISAS_UPDATE; ++ break; ++ } ++#endif + if (env->nb_breakpoints > 0) { + for(j = 0; j < env->nb_breakpoints; j++) { + if (env->breakpoints[j] == dc->pc) { diff --git a/packages/qemu/qemu-0.9.1+svn/qemu-amd64-32b-mapping-0.9.0.patch b/packages/qemu/qemu-0.9.1+svn/qemu-amd64-32b-mapping-0.9.0.patch new file mode 100644 index 0000000000..02f093abb9 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/qemu-amd64-32b-mapping-0.9.0.patch @@ -0,0 +1,37 @@ +--- + linux-user/mmap.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +Index: trunk/linux-user/mmap.c +=================================================================== +--- trunk.orig/linux-user/mmap.c 2008-04-24 20:15:37.000000000 +0100 ++++ trunk/linux-user/mmap.c 2008-04-24 20:16:16.000000000 +0100 +@@ -29,6 +29,10 @@ + + //#define DEBUG_MMAP + ++#ifndef MAP_32BIT ++#define MAP_32BIT 0 ++#endif ++ + /* NOTE: all the constants are the HOST ones, but addresses are target. */ + int target_mprotect(abi_ulong start, abi_ulong len, int prot) + { +@@ -251,7 +255,7 @@ + especially important if qemu_host_page_size > + qemu_real_host_page_size */ + p = mmap(g2h(mmap_start), +- host_len, prot, flags | MAP_FIXED, fd, host_offset); ++ host_len, prot, flags | MAP_FIXED | MAP_32BIT, fd, host_offset); + if (p == MAP_FAILED) + return -1; + /* update start so that it points to the file position at 'offset' */ +@@ -406,7 +410,7 @@ + unsigned long host_addr; + + /* XXX: use 5 args syscall */ +- host_addr = (long)mremap(g2h(old_addr), old_size, new_size, flags); ++ host_addr = (long)mremap(g2h(old_addr), old_size, new_size, flags | MAP_32BIT); + if (host_addr == -1) + return -1; + new_addr = h2g(host_addr); diff --git a/packages/qemu/qemu-0.9.1+svn/qemu-n800-support.patch b/packages/qemu/qemu-0.9.1+svn/qemu-n800-support.patch new file mode 100644 index 0000000000..1224fb4cbd --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/qemu-n800-support.patch @@ -0,0 +1,2381 @@ +diff -urN 4242/cpu-all.h qemu-omap/cpu-all.h +--- 4242/cpu-all.h 2008-04-24 21:26:19.000000000 +0100 ++++ qemu-omap/cpu-all.h 2008-04-23 09:57:55.000000000 +0100 +@@ -816,7 +816,7 @@ + /* physical memory access */ + #define TLB_INVALID_MASK (1 << 3) + #define IO_MEM_SHIFT 4 +-#define IO_MEM_NB_ENTRIES (1 << (TARGET_PAGE_BITS - IO_MEM_SHIFT)) ++#define IO_MEM_NB_ENTRIES (16 << (TARGET_PAGE_BITS - IO_MEM_SHIFT)) + + #define IO_MEM_RAM (0 << IO_MEM_SHIFT) /* hardcoded offset */ + #define IO_MEM_ROM (1 << IO_MEM_SHIFT) /* hardcoded offset */ +diff -urN 4242/exec.c qemu-omap/exec.c +--- 4242/exec.c 2008-04-24 18:11:49.000000000 +0100 ++++ qemu-omap/exec.c 2008-04-23 09:57:55.000000000 +0100 +@@ -1664,7 +1664,7 @@ + { + if ((pd & ~TARGET_PAGE_MASK) > IO_MEM_ROM && !(pd & IO_MEM_ROMD)) { + /* IO memory case */ +- address = vaddr | pd; ++ address = vaddr | (pd & ~TARGET_PAGE_MASK); + addend = paddr; + } else { + /* standard memory */ +@@ -1698,7 +1698,9 @@ + } else { + te->addr_read = -1; + } +- if (prot & PAGE_EXEC) { ++ if ((pd & ~TARGET_PAGE_MASK) > IO_MEM_ROM && !(pd & IO_MEM_ROMD)) { ++ te->addr_code = pd; ++ } else if (prot & PAGE_EXEC) { + te->addr_code = address; + } else { + te->addr_code = -1; +@@ -2493,7 +2495,9 @@ + if (io_index <= 0) { + if (io_mem_nb >= IO_MEM_NB_ENTRIES) + return -1; +- io_index = io_mem_nb++; ++ do io_index = io_mem_nb++; ++ while (((io_index << IO_MEM_SHIFT) & ~TARGET_PAGE_MASK) ++ <= IO_MEM_NOTDIRTY); + } else { + if (io_index >= IO_MEM_NB_ENTRIES) + return -1; +diff -urN 4242/hw/max7310.c qemu-omap/hw/max7310.c +--- 4242/hw/max7310.c 2008-04-24 18:11:49.000000000 +0100 ++++ qemu-omap/hw/max7310.c 2008-03-02 19:31:55.000000000 +0000 +@@ -134,8 +134,8 @@ + s->i2c_command_byte = 1; + break; + case I2C_FINISH: +- if (s->len == 1) + #ifdef VERBOSE ++ if (s->len == 1) + printf("%s: message too short (%i bytes)\n", __FUNCTION__, s->len); + #endif + break; +diff -urN 4242/hw/ndis.h qemu-omap/hw/ndis.h +--- 4242/hw/ndis.h 1970-01-01 01:00:00.000000000 +0100 ++++ qemu-omap/hw/ndis.h 2008-04-23 09:57:56.000000000 +0100 +@@ -0,0 +1,217 @@ ++/* ++ * ndis.h ++ * ++ * ntddndis.h modified by Benedikt Spranger <b.spranger@pengutronix.de> ++ * ++ * Thanks to the cygwin development team, ++ * espacially to Casper S. Hornstrup <chorns@users.sourceforge.net> ++ * ++ * THIS SOFTWARE IS NOT COPYRIGHTED ++ * ++ * This source code is offered for use in the public domain. You may ++ * use, modify or distribute it freely. ++ * ++ * This code is distributed in the hope that it will be useful but ++ * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY ++ * DISCLAIMED. This includes but is not limited to warranties of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ++ * ++ */ ++ ++#ifndef _LINUX_NDIS_H ++#define _LINUX_NDIS_H ++ ++ ++#define NDIS_STATUS_MULTICAST_FULL 0xC0010009 ++#define NDIS_STATUS_MULTICAST_EXISTS 0xC001000A ++#define NDIS_STATUS_MULTICAST_NOT_FOUND 0xC001000B ++ ++enum NDIS_DEVICE_POWER_STATE { ++ NdisDeviceStateUnspecified = 0, ++ NdisDeviceStateD0, ++ NdisDeviceStateD1, ++ NdisDeviceStateD2, ++ NdisDeviceStateD3, ++ NdisDeviceStateMaximum ++}; ++ ++struct NDIS_PM_WAKE_UP_CAPABILITIES { ++ enum NDIS_DEVICE_POWER_STATE MinMagicPacketWakeUp; ++ enum NDIS_DEVICE_POWER_STATE MinPatternWakeUp; ++ enum NDIS_DEVICE_POWER_STATE MinLinkChangeWakeUp; ++}; ++ ++/* NDIS_PNP_CAPABILITIES.Flags constants */ ++#define NDIS_DEVICE_WAKE_UP_ENABLE 0x00000001 ++#define NDIS_DEVICE_WAKE_ON_PATTERN_MATCH_ENABLE 0x00000002 ++#define NDIS_DEVICE_WAKE_ON_MAGIC_PACKET_ENABLE 0x00000004 ++ ++struct NDIS_PNP_CAPABILITIES { ++ __le32 Flags; ++ struct NDIS_PM_WAKE_UP_CAPABILITIES WakeUpCapabilities; ++}; ++ ++struct NDIS_PM_PACKET_PATTERN { ++ __le32 Priority; ++ __le32 Reserved; ++ __le32 MaskSize; ++ __le32 PatternOffset; ++ __le32 PatternSize; ++ __le32 PatternFlags; ++}; ++ ++ ++/* Required Object IDs (OIDs) */ ++#define OID_GEN_SUPPORTED_LIST 0x00010101 ++#define OID_GEN_HARDWARE_STATUS 0x00010102 ++#define OID_GEN_MEDIA_SUPPORTED 0x00010103 ++#define OID_GEN_MEDIA_IN_USE 0x00010104 ++#define OID_GEN_MAXIMUM_LOOKAHEAD 0x00010105 ++#define OID_GEN_MAXIMUM_FRAME_SIZE 0x00010106 ++#define OID_GEN_LINK_SPEED 0x00010107 ++#define OID_GEN_TRANSMIT_BUFFER_SPACE 0x00010108 ++#define OID_GEN_RECEIVE_BUFFER_SPACE 0x00010109 ++#define OID_GEN_TRANSMIT_BLOCK_SIZE 0x0001010A ++#define OID_GEN_RECEIVE_BLOCK_SIZE 0x0001010B ++#define OID_GEN_VENDOR_ID 0x0001010C ++#define OID_GEN_VENDOR_DESCRIPTION 0x0001010D ++#define OID_GEN_CURRENT_PACKET_FILTER 0x0001010E ++#define OID_GEN_CURRENT_LOOKAHEAD 0x0001010F ++#define OID_GEN_DRIVER_VERSION 0x00010110 ++#define OID_GEN_MAXIMUM_TOTAL_SIZE 0x00010111 ++#define OID_GEN_PROTOCOL_OPTIONS 0x00010112 ++#define OID_GEN_MAC_OPTIONS 0x00010113 ++#define OID_GEN_MEDIA_CONNECT_STATUS 0x00010114 ++#define OID_GEN_MAXIMUM_SEND_PACKETS 0x00010115 ++#define OID_GEN_VENDOR_DRIVER_VERSION 0x00010116 ++#define OID_GEN_SUPPORTED_GUIDS 0x00010117 ++#define OID_GEN_NETWORK_LAYER_ADDRESSES 0x00010118 ++#define OID_GEN_TRANSPORT_HEADER_OFFSET 0x00010119 ++#define OID_GEN_MACHINE_NAME 0x0001021A ++#define OID_GEN_RNDIS_CONFIG_PARAMETER 0x0001021B ++#define OID_GEN_VLAN_ID 0x0001021C ++ ++/* Optional OIDs */ ++#define OID_GEN_MEDIA_CAPABILITIES 0x00010201 ++#define OID_GEN_PHYSICAL_MEDIUM 0x00010202 ++ ++/* Required statistics OIDs */ ++#define OID_GEN_XMIT_OK 0x00020101 ++#define OID_GEN_RCV_OK 0x00020102 ++#define OID_GEN_XMIT_ERROR 0x00020103 ++#define OID_GEN_RCV_ERROR 0x00020104 ++#define OID_GEN_RCV_NO_BUFFER 0x00020105 ++ ++/* Optional statistics OIDs */ ++#define OID_GEN_DIRECTED_BYTES_XMIT 0x00020201 ++#define OID_GEN_DIRECTED_FRAMES_XMIT 0x00020202 ++#define OID_GEN_MULTICAST_BYTES_XMIT 0x00020203 ++#define OID_GEN_MULTICAST_FRAMES_XMIT 0x00020204 ++#define OID_GEN_BROADCAST_BYTES_XMIT 0x00020205 ++#define OID_GEN_BROADCAST_FRAMES_XMIT 0x00020206 ++#define OID_GEN_DIRECTED_BYTES_RCV 0x00020207 ++#define OID_GEN_DIRECTED_FRAMES_RCV 0x00020208 ++#define OID_GEN_MULTICAST_BYTES_RCV 0x00020209 ++#define OID_GEN_MULTICAST_FRAMES_RCV 0x0002020A ++#define OID_GEN_BROADCAST_BYTES_RCV 0x0002020B ++#define OID_GEN_BROADCAST_FRAMES_RCV 0x0002020C ++#define OID_GEN_RCV_CRC_ERROR 0x0002020D ++#define OID_GEN_TRANSMIT_QUEUE_LENGTH 0x0002020E ++#define OID_GEN_GET_TIME_CAPS 0x0002020F ++#define OID_GEN_GET_NETCARD_TIME 0x00020210 ++#define OID_GEN_NETCARD_LOAD 0x00020211 ++#define OID_GEN_DEVICE_PROFILE 0x00020212 ++#define OID_GEN_INIT_TIME_MS 0x00020213 ++#define OID_GEN_RESET_COUNTS 0x00020214 ++#define OID_GEN_MEDIA_SENSE_COUNTS 0x00020215 ++#define OID_GEN_FRIENDLY_NAME 0x00020216 ++#define OID_GEN_MINIPORT_INFO 0x00020217 ++#define OID_GEN_RESET_VERIFY_PARAMETERS 0x00020218 ++ ++/* IEEE 802.3 (Ethernet) OIDs */ ++#define NDIS_802_3_MAC_OPTION_PRIORITY 0x00000001 ++ ++#define OID_802_3_PERMANENT_ADDRESS 0x01010101 ++#define OID_802_3_CURRENT_ADDRESS 0x01010102 ++#define OID_802_3_MULTICAST_LIST 0x01010103 ++#define OID_802_3_MAXIMUM_LIST_SIZE 0x01010104 ++#define OID_802_3_MAC_OPTIONS 0x01010105 ++#define OID_802_3_RCV_ERROR_ALIGNMENT 0x01020101 ++#define OID_802_3_XMIT_ONE_COLLISION 0x01020102 ++#define OID_802_3_XMIT_MORE_COLLISIONS 0x01020103 ++#define OID_802_3_XMIT_DEFERRED 0x01020201 ++#define OID_802_3_XMIT_MAX_COLLISIONS 0x01020202 ++#define OID_802_3_RCV_OVERRUN 0x01020203 ++#define OID_802_3_XMIT_UNDERRUN 0x01020204 ++#define OID_802_3_XMIT_HEARTBEAT_FAILURE 0x01020205 ++#define OID_802_3_XMIT_TIMES_CRS_LOST 0x01020206 ++#define OID_802_3_XMIT_LATE_COLLISIONS 0x01020207 ++ ++/* OID_GEN_MINIPORT_INFO constants */ ++#define NDIS_MINIPORT_BUS_MASTER 0x00000001 ++#define NDIS_MINIPORT_WDM_DRIVER 0x00000002 ++#define NDIS_MINIPORT_SG_LIST 0x00000004 ++#define NDIS_MINIPORT_SUPPORTS_MEDIA_QUERY 0x00000008 ++#define NDIS_MINIPORT_INDICATES_PACKETS 0x00000010 ++#define NDIS_MINIPORT_IGNORE_PACKET_QUEUE 0x00000020 ++#define NDIS_MINIPORT_IGNORE_REQUEST_QUEUE 0x00000040 ++#define NDIS_MINIPORT_IGNORE_TOKEN_RING_ERRORS 0x00000080 ++#define NDIS_MINIPORT_INTERMEDIATE_DRIVER 0x00000100 ++#define NDIS_MINIPORT_IS_NDIS_5 0x00000200 ++#define NDIS_MINIPORT_IS_CO 0x00000400 ++#define NDIS_MINIPORT_DESERIALIZE 0x00000800 ++#define NDIS_MINIPORT_REQUIRES_MEDIA_POLLING 0x00001000 ++#define NDIS_MINIPORT_SUPPORTS_MEDIA_SENSE 0x00002000 ++#define NDIS_MINIPORT_NETBOOT_CARD 0x00004000 ++#define NDIS_MINIPORT_PM_SUPPORTED 0x00008000 ++#define NDIS_MINIPORT_SUPPORTS_MAC_ADDRESS_OVERWRITE 0x00010000 ++#define NDIS_MINIPORT_USES_SAFE_BUFFER_APIS 0x00020000 ++#define NDIS_MINIPORT_HIDDEN 0x00040000 ++#define NDIS_MINIPORT_SWENUM 0x00080000 ++#define NDIS_MINIPORT_SURPRISE_REMOVE_OK 0x00100000 ++#define NDIS_MINIPORT_NO_HALT_ON_SUSPEND 0x00200000 ++#define NDIS_MINIPORT_HARDWARE_DEVICE 0x00400000 ++#define NDIS_MINIPORT_SUPPORTS_CANCEL_SEND_PACKETS 0x00800000 ++#define NDIS_MINIPORT_64BITS_DMA 0x01000000 ++ ++#define NDIS_MEDIUM_802_3 0x00000000 ++#define NDIS_MEDIUM_802_5 0x00000001 ++#define NDIS_MEDIUM_FDDI 0x00000002 ++#define NDIS_MEDIUM_WAN 0x00000003 ++#define NDIS_MEDIUM_LOCAL_TALK 0x00000004 ++#define NDIS_MEDIUM_DIX 0x00000005 ++#define NDIS_MEDIUM_ARCENT_RAW 0x00000006 ++#define NDIS_MEDIUM_ARCENT_878_2 0x00000007 ++#define NDIS_MEDIUM_ATM 0x00000008 ++#define NDIS_MEDIUM_WIRELESS_LAN 0x00000009 ++#define NDIS_MEDIUM_IRDA 0x0000000A ++#define NDIS_MEDIUM_BPC 0x0000000B ++#define NDIS_MEDIUM_CO_WAN 0x0000000C ++#define NDIS_MEDIUM_1394 0x0000000D ++ ++#define NDIS_PACKET_TYPE_DIRECTED 0x00000001 ++#define NDIS_PACKET_TYPE_MULTICAST 0x00000002 ++#define NDIS_PACKET_TYPE_ALL_MULTICAST 0x00000004 ++#define NDIS_PACKET_TYPE_BROADCAST 0x00000008 ++#define NDIS_PACKET_TYPE_SOURCE_ROUTING 0x00000010 ++#define NDIS_PACKET_TYPE_PROMISCUOUS 0x00000020 ++#define NDIS_PACKET_TYPE_SMT 0x00000040 ++#define NDIS_PACKET_TYPE_ALL_LOCAL 0x00000080 ++#define NDIS_PACKET_TYPE_GROUP 0x00000100 ++#define NDIS_PACKET_TYPE_ALL_FUNCTIONAL 0x00000200 ++#define NDIS_PACKET_TYPE_FUNCTIONAL 0x00000400 ++#define NDIS_PACKET_TYPE_MAC_FRAME 0x00000800 ++ ++#define NDIS_MEDIA_STATE_CONNECTED 0x00000000 ++#define NDIS_MEDIA_STATE_DISCONNECTED 0x00000001 ++ ++#define NDIS_MAC_OPTION_COPY_LOOKAHEAD_DATA 0x00000001 ++#define NDIS_MAC_OPTION_RECEIVE_SERIALIZED 0x00000002 ++#define NDIS_MAC_OPTION_TRANSFERS_NOT_PEND 0x00000004 ++#define NDIS_MAC_OPTION_NO_LOOPBACK 0x00000008 ++#define NDIS_MAC_OPTION_FULL_DUPLEX 0x00000010 ++#define NDIS_MAC_OPTION_EOTX_INDICATION 0x00000020 ++#define NDIS_MAC_OPTION_8021P_PRIORITY 0x00000040 ++#define NDIS_MAC_OPTION_RESERVED 0x80000000 ++ ++#endif /* _LINUX_NDIS_H */ +diff -urN 4242/hw/nseries.c qemu-omap/hw/nseries.c +--- 4242/hw/nseries.c 2008-04-24 18:11:49.000000000 +0100 ++++ qemu-omap/hw/nseries.c 2008-04-23 09:57:56.000000000 +0100 +@@ -602,6 +602,37 @@ + (void *) &config7, sizeof(config7)); + } + ++#if 0 ++static uint32_t n800_pinout[104] = { ++ 0x080f00d8, 0x00d40808, 0x03080808, 0x080800d0, ++ 0x00dc0808, 0x0b0f0f00, 0x080800b4, 0x00c00808, ++ 0x08080808, 0x180800c4, 0x00b80000, 0x08080808, ++ 0x080800bc, 0x00cc0808, 0x08081818, 0x18180128, ++ 0x01241800, 0x18181818, 0x000000f0, 0x01300000, ++ 0x00001b0b, 0x1b0f0138, 0x00e0181b, 0x1b031b0b, ++ 0x180f0078, 0x00740018, 0x0f0f0f1a, 0x00000080, ++ 0x007c0000, 0x00000000, 0x00000088, 0x00840000, ++ 0x00000000, 0x00000094, 0x00980300, 0x0f180003, ++ 0x0000008c, 0x00900f0f, 0x0f0f1b00, 0x0f00009c, ++ 0x01140000, 0x1b1b0f18, 0x0818013c, 0x01400008, ++ 0x00001818, 0x000b0110, 0x010c1800, 0x0b030b0f, ++ 0x181800f4, 0x00f81818, 0x00000018, 0x000000fc, ++ 0x00401808, 0x00000000, 0x0f1b0030, 0x003c0008, ++ 0x00000000, 0x00000038, 0x00340000, 0x00000000, ++ 0x1a080070, 0x00641a1a, 0x08080808, 0x08080060, ++ 0x005c0808, 0x08080808, 0x08080058, 0x00540808, ++ 0x08080808, 0x0808006c, 0x00680808, 0x08080808, ++ 0x000000a8, 0x00b00000, 0x08080808, 0x000000a0, ++ 0x00a40000, 0x00000000, 0x08ff0050, 0x004c0808, ++ 0xffffffff, 0xffff0048, 0x0044ffff, 0xffffffff, ++ 0x000000ac, 0x01040800, 0x08080b0f, 0x18180100, ++ 0x01081818, 0x0b0b1808, 0x1a0300e4, 0x012c0b1a, ++ 0x02020018, 0x0b000134, 0x011c0800, 0x0b1b1b00, ++ 0x0f0000c8, 0x00ec181b, 0x000f0f02, 0x00180118, ++ 0x01200000, 0x0f0b1b1b, 0x0f0200e8, 0x0000020b, ++}; ++#endif ++ + /* Setup sequence done by the bootloader */ + static void n800_boot_init(void *opaque) + { +@@ -942,3 +973,71 @@ + "Nokia N800 aka. RX-34 tablet (OMAP2420)", + n800_init, + }; ++ ++#if 0 ++/* cx3110x.c */ ++#define CY_ARM_INT 0x00 ++#define CY_ARM_INT_ENA 0x00 ++#define CY_HOST_INT 0x00 ++#define CY_HOST_INT_ENA 0x00 ++#define CY_HOST_INT_ACK 0x00 ++#define CY_GP1_COMM 0x00 ++#define CY_GP2_COMM 0x00 ++#define CY_DEV_CTRL_STA 0x00 ++#define CY_DMA_DATA 0x00 /* 16-bit */ ++#define CY_DMA_WR_CTRL 0x00 /* 16-bit */ ++#define CY_DMA_WR_LEN 0x00 /* 16-bit */ ++#define CY_DMA_WR_BASE 0x00 ++#define CY_DMA_RD_CTRL 0x00 /* 16-bit */ ++#define CY_DMA_RD_LEN 0x00 /* 16-bit */ ++#define CY_DMA_RD_BASE 0x00 ++ ++HW: ++(spi bus 1.0) ++ tsc2005 ++(spi bus 1.1) ++ lcd_mipid ++(spi bus 2.0) ++ cx3110x (WLAN) ++(spi somewhere?) ++ pc2400m (WiMAX) ++(i2c bus 0) ++ TLV320AIC33 (audio codec on i2c) ++ TCM825x (camera on i2c) ++ lp5521 (LED on i2c) ++ tsl2563 (light sensor, hwmon on i2c) ++ lm8323 (keypad on i2c) ++(i2c bus 1) ++ tmp105 (temperature sensor, hwmon on i2c) ++ menelaus (power on i2c) ++ ++GPIO 0: out hi ++GPIO 8: in hi ++GPIO 9: out hi ++GPIO 10: out lo ++GPIO 12: out lo ++GPIO 15: out lo ++GPIO 23: out hi ++GPIO 26: in hi, irq-186 rising ++GPIO 53: out lo ++GPIO 58: in hi, irq-218 low wakeup ++GPIO 62: out lo ++GPIO 64: out hi ++GPIO 65: in hi ++GPIO 66: out lo ++GPIO 93: out lo ++GPIO 94: in hi ++GPIO 95: out lo ++GPIO 96: out hi ++GPIO 101: out lo ++GPIO 102: in hi, irq-262 bothedge ++GPIO 106: in hi, irq-266 falling wakeup ++GPIO 107: in hi, irq-267 bothedge ++GPIO 108: in lo, irq-268 rising wakeup ++GPIO 109: in hi, irq-269 falling wakeup ++GPIO 110: in hi, irq-270 bothedge ++GPIO 111: in lo, irq-271 rising ++GPIO 112: out hi ++GPIO 118: out hi ++GPIO 125: in lo, irq-285 rising ++#endif +diff -urN 4242/hw/omap2.c qemu-omap/hw/omap2.c +--- 4242/hw/omap2.c 2008-04-24 18:11:49.000000000 +0100 ++++ qemu-omap/hw/omap2.c 2008-04-23 09:57:56.000000000 +0100 +@@ -3675,152 +3675,152 @@ + omap_findclk(s, "dss_l4_iclk")); + + /* All register mappings (includin those not currenlty implemented): +- * SystemControlMod 48000000 - 48000fff +- * SystemControlL4 48001000 - 48001fff +- * 32kHz Timer Mod 48004000 - 48004fff +- * 32kHz Timer L4 48005000 - 48005fff +- * PRCM ModA 48008000 - 480087ff ++ * SystemControlMod 48000000 - 48000fff (REV 0x00000010) ++ * SystemControlL4 48001000 - 48001fff (0x00200010, 0x01000200, 0x00000000) ++ * 32kHz Timer Mod 48004000 - 48004fff (REV 0x00000011) ++ * 32kHz Timer L4 48005000 - 48005fff (0x00200010, 0x01000200, 0x00000000) ++ * PRCM ModA 48008000 - 480087ff (REV 0x00000010) + * PRCM ModB 48008800 - 48008fff +- * PRCM L4 48009000 - 48009fff +- * TEST-BCM Mod 48012000 - 48012fff +- * TEST-BCM L4 48013000 - 48013fff +- * TEST-TAP Mod 48014000 - 48014fff +- * TEST-TAP L4 48015000 - 48015fff +- * GPIO1 Mod 48018000 - 48018fff +- * GPIO Top 48019000 - 48019fff +- * GPIO2 Mod 4801a000 - 4801afff +- * GPIO L4 4801b000 - 4801bfff +- * GPIO3 Mod 4801c000 - 4801cfff +- * GPIO4 Mod 4801e000 - 4801efff +- * WDTIMER1 Mod 48020000 - 48010fff ++ * PRCM L4 48009000 - 48009fff (0x00200010, 0x00000200, 0x00000000) ++ * TEST-BCM Mod 48012000 - 48012fff (REV 0x00000010) ++ * TEST-BCM L4 48013000 - 48013fff (0x00200010, 0x00000200, 0x00000000) ++ * TEST-TAP Mod 48014000 - 48014fff (REV 0x00000010) ++ * TEST-TAP L4 48015000 - 48015fff (0x00200010, 0x00000200, 0x00000000) ++ * GPIO1 Mod 48018000 - 48018fff (REV 0x00000018) ++ * GPIO Top 48019000 - 48019fff (REV 0x00000011) ++ * GPIO2 Mod 4801a000 - 4801afff (REV 0x00000018) ++ * GPIO L4 4801b000 - 4801bfff (0x00200010, 0x00000200, 0x00000000) ++ * GPIO3 Mod 4801c000 - 4801cfff (REV 0x00000018) ++ * GPIO4 Mod 4801e000 - 4801efff (REV 0x00000018) ++ * WDTIMER1 Mod 48020000 - 48010fff (REV Abort) + * WDTIMER Top 48021000 - 48011fff +- * WDTIMER2 Mod 48022000 - 48012fff +- * WDTIMER L4 48023000 - 48013fff +- * WDTIMER3 Mod 48024000 - 48014fff +- * WDTIMER3 L4 48025000 - 48015fff +- * WDTIMER4 Mod 48026000 - 48016fff +- * WDTIMER4 L4 48027000 - 48017fff +- * GPTIMER1 Mod 48028000 - 48018fff +- * GPTIMER1 L4 48029000 - 48019fff +- * GPTIMER2 Mod 4802a000 - 4801afff +- * GPTIMER2 L4 4802b000 - 4801bfff ++ * WDTIMER2 Mod 48022000 - 48012fff (REV 0x00000011) ++ * WDTIMER L4 48023000 - 48013fff (0x00200010, 0x00000200, 0x00000000) ++ * WDTIMER3 Mod 48024000 - 48014fff (REV 0x00000011) ++ * WDTIMER3 L4 48025000 - 48015fff (0x00200010, 0x00000200, 0x00000000) ++ * WDTIMER4 Mod 48026000 - 48016fff (REV 0x00000011) ++ * WDTIMER4 L4 48027000 - 48017fff (0x00200010, 0x00000200, 0x00000000) ++ * GPTIMER1 Mod 48028000 - 48018fff (REV 0x00000013) ++ * GPTIMER1 L4 48029000 - 48019fff (0x00200010, 0x00000200, 0x00000000) ++ * GPTIMER2 Mod 4802a000 - 4801afff (REV Abort) ++ * GPTIMER2 L4 4802b000 - 4801bfff (0x00200010, 0x00000200, 0x00000000) + * L4-Config AP 48040000 - 480407ff + * L4-Config IP 48040800 - 48040fff + * L4-Config LA 48041000 - 48041fff +- * ARM11ETB Mod 48048000 - 48049fff +- * ARM11ETB L4 4804a000 - 4804afff +- * DISPLAY Top 48050000 - 480503ff +- * DISPLAY DISPC 48050400 - 480507ff +- * DISPLAY RFBI 48050800 - 48050bff +- * DISPLAY VENC 48050c00 - 48050fff +- * DISPLAY L4 48051000 - 48051fff +- * CAMERA Top 48052000 - 480523ff +- * CAMERA core 48052400 - 480527ff +- * CAMERA DMA 48052800 - 48052bff +- * CAMERA MMU 48052c00 - 48052fff +- * CAMERA L4 48053000 - 48053fff +- * SDMA Mod 48056000 - 48056fff +- * SDMA L4 48057000 - 48057fff +- * SSI Top 48058000 - 48058fff +- * SSI GDD 48059000 - 48059fff +- * SSI Port1 4805a000 - 4805afff +- * SSI Port2 4805b000 - 4805bfff +- * SSI L4 4805c000 - 4805cfff +- * USB Mod 4805e000 - 480fefff +- * USB L4 4805f000 - 480fffff +- * WIN_TRACER1 Mod 48060000 - 48060fff +- * WIN_TRACER1 L4 48061000 - 48061fff +- * WIN_TRACER2 Mod 48062000 - 48062fff +- * WIN_TRACER2 L4 48063000 - 48063fff +- * WIN_TRACER3 Mod 48064000 - 48064fff +- * WIN_TRACER3 L4 48065000 - 48065fff +- * WIN_TRACER4 Top 48066000 - 480660ff +- * WIN_TRACER4 ETT 48066100 - 480661ff +- * WIN_TRACER4 WT 48066200 - 480662ff +- * WIN_TRACER4 L4 48067000 - 48067fff +- * XTI Mod 48068000 - 48068fff +- * XTI L4 48069000 - 48069fff +- * UART1 Mod 4806a000 - 4806afff +- * UART1 L4 4806b000 - 4806bfff +- * UART2 Mod 4806c000 - 4806cfff +- * UART2 L4 4806d000 - 4806dfff +- * UART3 Mod 4806e000 - 4806efff +- * UART3 L4 4806f000 - 4806ffff +- * I2C1 Mod 48070000 - 48070fff +- * I2C1 L4 48071000 - 48071fff +- * I2C2 Mod 48072000 - 48072fff +- * I2C2 L4 48073000 - 48073fff +- * McBSP1 Mod 48074000 - 48074fff +- * McBSP1 L4 48075000 - 48075fff +- * McBSP2 Mod 48076000 - 48076fff +- * McBSP2 L4 48077000 - 48077fff +- * GPTIMER3 Mod 48078000 - 48078fff +- * GPTIMER3 L4 48079000 - 48079fff +- * GPTIMER4 Mod 4807a000 - 4807afff +- * GPTIMER4 L4 4807b000 - 4807bfff +- * GPTIMER5 Mod 4807c000 - 4807cfff +- * GPTIMER5 L4 4807d000 - 4807dfff +- * GPTIMER6 Mod 4807e000 - 4807efff +- * GPTIMER6 L4 4807f000 - 4807ffff +- * GPTIMER7 Mod 48080000 - 48080fff +- * GPTIMER7 L4 48081000 - 48081fff +- * GPTIMER8 Mod 48082000 - 48082fff +- * GPTIMER8 L4 48083000 - 48083fff +- * GPTIMER9 Mod 48084000 - 48084fff +- * GPTIMER9 L4 48085000 - 48085fff +- * GPTIMER10 Mod 48086000 - 48086fff +- * GPTIMER10 L4 48087000 - 48087fff +- * GPTIMER11 Mod 48088000 - 48088fff +- * GPTIMER11 L4 48089000 - 48089fff +- * GPTIMER12 Mod 4808a000 - 4808afff +- * GPTIMER12 L4 4808b000 - 4808bfff +- * EAC Mod 48090000 - 48090fff +- * EAC L4 48091000 - 48091fff +- * FAC Mod 48092000 - 48092fff +- * FAC L4 48093000 - 48093fff +- * MAILBOX Mod 48094000 - 48094fff +- * MAILBOX L4 48095000 - 48095fff +- * SPI1 Mod 48098000 - 48098fff +- * SPI1 L4 48099000 - 48099fff +- * SPI2 Mod 4809a000 - 4809afff +- * SPI2 L4 4809b000 - 4809bfff +- * MMC/SDIO Mod 4809c000 - 4809cfff +- * MMC/SDIO L4 4809d000 - 4809dfff +- * MS_PRO Mod 4809e000 - 4809efff +- * MS_PRO L4 4809f000 - 4809ffff +- * RNG Mod 480a0000 - 480a0fff +- * RNG L4 480a1000 - 480a1fff +- * DES3DES Mod 480a2000 - 480a2fff +- * DES3DES L4 480a3000 - 480a3fff +- * SHA1MD5 Mod 480a4000 - 480a4fff +- * SHA1MD5 L4 480a5000 - 480a5fff +- * AES Mod 480a6000 - 480a6fff +- * AES L4 480a7000 - 480a7fff +- * PKA Mod 480a8000 - 480a9fff +- * PKA L4 480aa000 - 480aafff +- * MG Mod 480b0000 - 480b0fff +- * MG L4 480b1000 - 480b1fff +- * HDQ/1-wire Mod 480b2000 - 480b2fff +- * HDQ/1-wire L4 480b3000 - 480b3fff +- * MPU interrupt 480fe000 - 480fefff +- * IVA RAM 5c000000 - 5c01ffff +- * IVA ROM 5c020000 - 5c027fff +- * IMG_BUF_A 5c040000 - 5c040fff +- * IMG_BUF_B 5c042000 - 5c042fff +- * VLCDS 5c048000 - 5c0487ff +- * IMX_COEF 5c049000 - 5c04afff +- * IMX_CMD 5c051000 - 5c051fff +- * VLCDQ 5c053000 - 5c0533ff +- * VLCDH 5c054000 - 5c054fff +- * SEQ_CMD 5c055000 - 5c055fff +- * IMX_REG 5c056000 - 5c0560ff +- * VLCD_REG 5c056100 - 5c0561ff +- * SEQ_REG 5c056200 - 5c0562ff +- * IMG_BUF_REG 5c056300 - 5c0563ff +- * SEQIRQ_REG 5c056400 - 5c0564ff +- * OCP_REG 5c060000 - 5c060fff +- * SYSC_REG 5c070000 - 5c070fff +- * MMU_REG 5d000000 - 5d000fff ++ * ARM11ETB Mod 48048000 - 48049fff (REV 0x00000011) ++ * ARM11ETB L4 4804a000 - 4804afff (0x00200010, 0x00000200, 0x00000000) ++ * DISPLAY Top 48050000 - 480503ff (REV 0x00000003) ++ * DISPLAY DISPC 48050400 - 480507ff (REV 0x00000020) ++ * DISPLAY RFBI 48050800 - 48050bff (REV 0x00000010) ++ * DISPLAY VENC 48050c00 - 48050fff (REV Abort) ++ * DISPLAY L4 48051000 - 48051fff (0x00200010, 0x00000200, 0x00000100) ++ * CAMERA Top 48052000 - 480523ff (REV 0x00000020) ++ * CAMERA core 48052400 - 480527ff (REV 0x00000020) ++ * CAMERA DMA 48052800 - 48052bff (REV 0x00000020) ++ * CAMERA MMU 48052c00 - 48052fff (REV 0x00000010) ++ * CAMERA L4 48053000 - 48053fff (0x00200010, 0x00000200, 0x00000000) ++ * SDMA Mod 48056000 - 48056fff (REV 0x00000020) ++ * SDMA L4 48057000 - 48057fff (0x00200010, 0x00000200, 0x00000000) ++ * SSI Top 48058000 - 48058fff (REV Abort) ++ * SSI GDD 48059000 - 48059fff (REV Abort) ++ * SSI Port1 4805a000 - 4805afff (REV Abort) ++ * SSI Port2 4805b000 - 4805bfff (REV Abort) ++ * SSI L4 4805c000 - 4805cfff (0x00200010, 0x00000200, 0x00000100) ++ * USB Mod 4805e000 - 480fefff (REV Abort) ++ * USB L4 4805f000 - 480fffff (0x00200010, 0x01000200, 0x00000100) ++ * WIN_TRACER1 Mod 48060000 - 48060fff (REV 0x00000020) ++ * WIN_TRACER1 L4 48061000 - 48061fff (0x00200010, 0x00000200, 0x00000000) ++ * WIN_TRACER2 Mod 48062000 - 48062fff (REV 0x00000020) ++ * WIN_TRACER2 L4 48063000 - 48063fff (0x00200010, 0x00000200, 0x00000000) ++ * WIN_TRACER3 Mod 48064000 - 48064fff (REV 0x00000020) ++ * WIN_TRACER3 L4 48065000 - 48065fff (0x00200010, 0x00000200, 0x00000000) ++ * WIN_TRACER4 Top 48066000 - 480660ff (REV 0x00000011) ++ * WIN_TRACER4 ETT 48066100 - 480661ff (REV 0x00000011) ++ * WIN_TRACER4 WT 48066200 - 480662ff (REV 0x00000020) ++ * WIN_TRACER4 L4 48067000 - 48067fff (0x00200010, 0x00000200, 0x00000000) ++ * XTI Mod 48068000 - 48068fff (REV 0x00000010) ++ * XTI L4 48069000 - 48069fff (0x00200010, 0x00000200, 0x00000000) ++ * UART1 Mod 4806a000 - 4806afff (MVR Abort) ++ * UART1 L4 4806b000 - 4806bfff (0x00200010, 0x00000200, 0x00000000) ++ * UART2 Mod 4806c000 - 4806cfff (MVR Abort) ++ * UART2 L4 4806d000 - 4806dfff (0x00200010, 0x00000200, 0x00000000) ++ * UART3 Mod 4806e000 - 4806efff (MVR 0x20) ++ * UART3 L4 4806f000 - 4806ffff (0x00200010, 0x00000200, 0x00000000) ++ * I2C1 Mod 48070000 - 48070fff (REV 0x0034) ++ * I2C1 L4 48071000 - 48071fff (0x00200010, 0x01000200, 0x01000000) ++ * I2C2 Mod 48072000 - 48072fff (REV 0x0034) ++ * I2C2 L4 48073000 - 48073fff (0x00200010, 0x01000200, 0x01000000) ++ * McBSP1 Mod 48074000 - 48074fff (REV Abort) ++ * McBSP1 L4 48075000 - 48075fff (0x00200010, 0x01000200, 0x01000000) ++ * McBSP2 Mod 48076000 - 48076fff (REV Abort) ++ * McBSP2 L4 48077000 - 48077fff (0x00200010, 0x01000200, 0x01000000) ++ * GPTIMER3 Mod 48078000 - 48078fff (REV Abort) ++ * GPTIMER3 L4 48079000 - 48079fff (0x00200010, 0x00000200, 0x00000000) ++ * GPTIMER4 Mod 4807a000 - 4807afff (REV Abort) ++ * GPTIMER4 L4 4807b000 - 4807bfff (0x00200010, 0x00000200, 0x00000000) ++ * GPTIMER5 Mod 4807c000 - 4807cfff (REV Abort) ++ * GPTIMER5 L4 4807d000 - 4807dfff (0x00200010, 0x00000200, 0x00000000) ++ * GPTIMER6 Mod 4807e000 - 4807efff (REV Abort) ++ * GPTIMER6 L4 4807f000 - 4807ffff (0x00200010, 0x00000200, 0x00000000) ++ * GPTIMER7 Mod 48080000 - 48080fff (REV Abort) ++ * GPTIMER7 L4 48081000 - 48081fff (0x00200010, 0x00000200, 0x00000000) ++ * GPTIMER8 Mod 48082000 - 48082fff (REV Abort) ++ * GPTIMER8 L4 48083000 - 48083fff (0x00200010, 0x00000200, 0x00000000) ++ * GPTIMER9 Mod 48084000 - 48084fff (REV Abort) ++ * GPTIMER9 L4 48085000 - 48085fff (0x00200010, 0x00000200, 0x00000000) ++ * GPTIMER10 Mod 48086000 - 48086fff (REV Abort) ++ * GPTIMER10 L4 48087000 - 48087fff (0x00200010, 0x00000200, 0x00000000) ++ * GPTIMER11 Mod 48088000 - 48088fff (REV Abort) ++ * GPTIMER11 L4 48089000 - 48089fff (0x00200010, 0x00000200, 0x00000000) ++ * GPTIMER12 Mod 4808a000 - 4808afff (REV Abort) ++ * GPTIMER12 L4 4808b000 - 4808bfff (0x00200010, 0x00000200, 0x00000000) ++ * EAC Mod 48090000 - 48090fff (REV Abort) ++ * EAC L4 48091000 - 48091fff (0x00200010, 0x00000200, 0x00000000) ++ * FAC Mod 48092000 - 48092fff (REV Abort) ++ * FAC L4 48093000 - 48093fff (0x00200010, 0x00000200, 0x00000000) ++ * MAILBOX Mod 48094000 - 48094fff (REV 0x00000010) ++ * MAILBOX L4 48095000 - 48095fff (0x00200010, 0x00000200, 0x00000000) ++ * SPI1 Mod 48098000 - 48098fff (REV Abort) ++ * SPI1 L4 48099000 - 48099fff (0x00200010, 0x00000200, 0x00000000) ++ * SPI2 Mod 4809a000 - 4809afff (REV Abort) ++ * SPI2 L4 4809b000 - 4809bfff (0x00200010, 0x00000200, 0x00000000) ++ * MMC/SDIO Mod 4809c000 - 4809cfff (REV 0x0044) ++ * MMC/SDIO L4 4809d000 - 4809dfff (0x00200010, 0x01000200, 0x01000000) ++ * MS_PRO Mod 4809e000 - 4809efff (REV Abort) ++ * MS_PRO L4 4809f000 - 4809ffff (0x00200010, 0x01000200, 0x01000000) ++ * RNG Mod 480a0000 - 480a0fff (REV 0xFC066F93?) ++ * RNG L4 480a1000 - 480a1fff (0x00200010, 0x01000200, 0x00000000) ++ * DES3DES Mod 480a2000 - 480a2fff (REV 0x00000000?) ++ * DES3DES L4 480a3000 - 480a3fff (0x00200010, 0x01000200, 0x00000000) ++ * SHA1MD5 Mod 480a4000 - 480a4fff (REV 0x00000000?) ++ * SHA1MD5 L4 480a5000 - 480a5fff (0x00200010, 0x01000200, 0x00000000) ++ * AES Mod 480a6000 - 480a6fff (REV 0x00000000?) ++ * AES L4 480a7000 - 480a7fff (0x00200010, 0x00000200, 0x00000000) ++ * PKA Mod 480a8000 - 480a9fff (REV 0x00000000?) ++ * PKA L4 480aa000 - 480aafff (0x00200010, 0x00000200, 0x00000000) ++ * MG Mod 480b0000 - 480b0fff (REV Abort) ++ * MG L4 480b1000 - 480b1fff (0x00200010, 0x01000200, 0x01000000) ++ * HDQ/1-wire Mod 480b2000 - 480b2fff (REV 0x00000002) ++ * HDQ/1-wire L4 480b3000 - 480b3fff (0x00200010, 0x00000200, 0x00000000) ++ * MPU interrupt 480fe000 - 480fefff (REV 0x00000020) ++ * IVA RAM 5c000000 - 5c01ffff (REV Abort) ++ * IVA ROM 5c020000 - 5c027fff (REV Abort) ++ * IMG_BUF_A 5c040000 - 5c040fff (REV Abort) ++ * IMG_BUF_B 5c042000 - 5c042fff (REV Abort) ++ * VLCDS 5c048000 - 5c0487ff (REV Abort) ++ * IMX_COEF 5c049000 - 5c04afff (REV Abort) ++ * IMX_CMD 5c051000 - 5c051fff (REV Abort) ++ * VLCDQ 5c053000 - 5c0533ff (REV Abort) ++ * VLCDH 5c054000 - 5c054fff (REV Abort) ++ * SEQ_CMD 5c055000 - 5c055fff (REV Abort) ++ * IMX_REG 5c056000 - 5c0560ff (REV Abort) ++ * VLCD_REG 5c056100 - 5c0561ff (REV Abort) ++ * SEQ_REG 5c056200 - 5c0562ff (REV Abort) ++ * IMG_BUF_REG 5c056300 - 5c0563ff (REV Abort) ++ * SEQIRQ_REG 5c056400 - 5c0564ff (REV Abort) ++ * OCP_REG 5c060000 - 5c060fff (REV Abort) ++ * SYSC_REG 5c070000 - 5c070fff (REV Abort) ++ * MMU_REG 5d000000 - 5d000fff (REV Abort) + * sDMA R 68000400 - 680005ff + * sDMA W 68000600 - 680007ff + * Display Control 68000800 - 680009ff +@@ -3849,9 +3849,9 @@ + * GPMC (firewall) 68006000 - 680063ff + * GPMC (err login) 68006400 - 680067ff + * SMS (err login) 68006c00 - 68006fff +- * SMS registers 68008000 - 68008fff +- * SDRC registers 68009000 - 68009fff +- * GPMC registers 6800a000 6800afff ++ * SMS registers 68008000 - 68008fff (REV 0x00000020) ++ * SDRC registers 68009000 - 68009fff (REV 0x00000020) ++ * GPMC registers 6800a000 6800afff (REV 0x00000020) + */ + + qemu_register_reset(omap2_mpu_reset, s); +diff -urN 4242/hw/pc.c qemu-omap/hw/pc.c +--- 4242/hw/pc.c 2008-04-24 21:26:22.000000000 +0100 ++++ qemu-omap/hw/pc.c 2008-04-23 09:57:56.000000000 +0100 +@@ -445,6 +445,37 @@ + bdrv_set_boot_sector(drives_table[hda].bdrv, bootsect, sizeof(bootsect)); + } + ++static int load_kernel(const char *filename, uint8_t *addr, ++ uint8_t *real_addr) ++{ ++ int fd, size; ++ int setup_sects; ++ ++ fd = open(filename, O_RDONLY | O_BINARY); ++ if (fd < 0) ++ return -1; ++ ++ /* load 16 bit code */ ++ if (read(fd, real_addr, 512) != 512) ++ goto fail; ++ setup_sects = real_addr[0x1F1]; ++ if (!setup_sects) ++ setup_sects = 4; ++ if (read(fd, real_addr + 512, setup_sects * 512) != ++ setup_sects * 512) ++ goto fail; ++ ++ /* load 32 bit code */ ++ size = read(fd, addr, 16 * 1024 * 1024); ++ if (size < 0) ++ goto fail; ++ close(fd); ++ return size; ++ fail: ++ close(fd); ++ return -1; ++} ++ + static long get_file_size(FILE *f) + { + long where, size; +diff -urN 4242/hw/tusb6010.c qemu-omap/hw/tusb6010.c +--- 4242/hw/tusb6010.c 2008-04-23 12:18:54.000000000 +0100 ++++ qemu-omap/hw/tusb6010.c 2008-04-23 09:57:56.000000000 +0100 +@@ -287,9 +287,6 @@ + /* TODO: How is this signalled? */ + } + +-extern CPUReadMemoryFunc *musb_read[]; +-extern CPUWriteMemoryFunc *musb_write[]; +- + static uint32_t tusb_async_readb(void *opaque, target_phys_addr_t addr) + { + struct tusb_s *s = (struct tusb_s *) opaque; +diff -urN 4242/hw/usb.h qemu-omap/hw/usb.h +--- 4242/hw/usb.h 2008-04-23 12:18:54.000000000 +0100 ++++ qemu-omap/hw/usb.h 2008-04-23 09:57:56.000000000 +0100 +@@ -219,6 +219,9 @@ + /* usb-msd.c */ + USBDevice *usb_msd_init(const char *filename); + ++/* usb-net.c */ ++USBDevice *usb_net_init(NICInfo *nd); ++ + /* usb-wacom.c */ + USBDevice *usb_wacom_init(void); + +@@ -254,3 +257,7 @@ + uint32_t musb_core_intr_get(struct musb_s *s); + void musb_core_intr_clear(struct musb_s *s, uint32_t mask); + void musb_set_size(struct musb_s *s, int epnum, int size, int is_tx); ++#ifdef NEED_CPU_H ++extern CPUReadMemoryFunc *musb_read[]; ++extern CPUWriteMemoryFunc *musb_write[]; ++#endif +diff -urN 4242/hw/usb-hub.c qemu-omap/hw/usb-hub.c +--- 4242/hw/usb-hub.c 2008-04-23 11:43:37.000000000 +0100 ++++ qemu-omap/hw/usb-hub.c 2008-04-23 09:57:56.000000000 +0100 +@@ -146,8 +146,8 @@ + 0x07, /* u8 ep_bLength; */ + 0x05, /* u8 ep_bDescriptorType; Endpoint */ + 0x81, /* u8 ep_bEndpointAddress; IN Endpoint 1 */ +- 0x03, /* u8 ep_bmAttributes; Interrupt */ +- 0x02, 0x00, /* u16 ep_wMaxPacketSize; 1 + (MAX_ROOT_PORTS / 8) */ ++ 0x03, /* u8 ep_bmAttributes; Interrupt */ ++ 0x02, 0x00, /* u16 ep_wMaxPacketSize; 1 + (MAX_ROOT_PORTS / 8) */ + 0xff /* u8 ep_bInterval; (255ms -- usb 2.0 spec) */ + }; + +diff -urN 4242/hw/usb-net.c qemu-omap/hw/usb-net.c +--- 4242/hw/usb-net.c 1970-01-01 01:00:00.000000000 +0100 ++++ qemu-omap/hw/usb-net.c 2008-04-23 09:57:56.000000000 +0100 +@@ -0,0 +1,1334 @@ ++/* ++ * QEMU USB Net devices ++ * ++ * Copyright (c) 2006 Thomas Sailer ++ * based on usb-hid.c Copyright (c) 2005 Fabrice Bellard ++ * ++ * Permission is hereby granted, free of charge, to any person obtaining a copy ++ * of this software and associated documentation files (the "Software"), to deal ++ * in the Software without restriction, including without limitation the rights ++ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell ++ * copies of the Software, and to permit persons to whom the Software is ++ * furnished to do so, subject to the following conditions: ++ * ++ * The above copyright notice and this permission notice shall be included in ++ * all copies or substantial portions of the Software. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR ++ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, ++ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL ++ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER ++ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, ++ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN ++ * THE SOFTWARE. ++ */ ++ ++#include "qemu-common.h" ++#include "usb.h" ++#include "net.h" ++#include "../audio/sys-queue.h" ++ ++typedef uint32_t __le32; ++#include "ndis.h" ++ ++/*#define TRAFFIC_DEBUG*/ ++/* Thanks to NetChip Technologies for donating this product ID. ++ * It's for devices with only CDC Ethernet configurations. ++ */ ++#define CDC_VENDOR_NUM 0x0525 /* NetChip */ ++#define CDC_PRODUCT_NUM 0xa4a1 /* Linux-USB Ethernet Gadget */ ++/* For hardware that can talk RNDIS and either of the above protocols, ++ * use this ID ... the windows INF files will know it. ++ */ ++#define RNDIS_VENDOR_NUM 0x0525 /* NetChip */ ++#define RNDIS_PRODUCT_NUM 0xa4a2 /* Ethernet/RNDIS Gadget */ ++ ++#define STRING_MANUFACTURER 1 ++#define STRING_PRODUCT 2 ++#define STRING_ETHADDR 3 ++#define STRING_DATA 4 ++#define STRING_CONTROL 5 ++#define STRING_RNDIS_CONTROL 6 ++#define STRING_CDC 7 ++#define STRING_SUBSET 8 ++#define STRING_RNDIS 9 ++#define STRING_SERIALNUMBER 10 ++ ++#define DEV_CONFIG_VALUE 1 /* cdc or subset */ ++#define DEV_RNDIS_CONFIG_VALUE 2 /* rndis; optional */ ++ ++#define USB_CDC_SUBCLASS_ACM 0x02 ++#define USB_CDC_SUBCLASS_ETHERNET 0x06 ++ ++#define USB_CDC_PROTO_NONE 0 ++#define USB_CDC_ACM_PROTO_VENDOR 0xff ++ ++#define USB_CDC_HEADER_TYPE 0x00 /* header_desc */ ++#define USB_CDC_CALL_MANAGEMENT_TYPE 0x01 /* call_mgmt_descriptor */ ++#define USB_CDC_ACM_TYPE 0x02 /* acm_descriptor */ ++#define USB_CDC_UNION_TYPE 0x06 /* union_desc */ ++#define USB_CDC_ETHERNET_TYPE 0x0f /* ether_desc */ ++ ++#define USB_DT_CS_INTERFACE 0x24 ++#define USB_DT_CS_ENDPOINT 0x25 ++ ++#define ClassInterfaceRequest \ ++ ((USB_DIR_IN|USB_TYPE_CLASS|USB_RECIP_INTERFACE)<<8) ++#define ClassInterfaceOutRequest \ ++ ((USB_DIR_OUT|USB_TYPE_CLASS|USB_RECIP_INTERFACE)<<8) ++ ++#define USB_CDC_SEND_ENCAPSULATED_COMMAND 0x00 ++#define USB_CDC_GET_ENCAPSULATED_RESPONSE 0x01 ++#define USB_CDC_REQ_SET_LINE_CODING 0x20 ++#define USB_CDC_REQ_GET_LINE_CODING 0x21 ++#define USB_CDC_REQ_SET_CONTROL_LINE_STATE 0x22 ++#define USB_CDC_REQ_SEND_BREAK 0x23 ++#define USB_CDC_SET_ETHERNET_MULTICAST_FILTERS 0x40 ++#define USB_CDC_SET_ETHERNET_PM_PATTERN_FILTER 0x41 ++#define USB_CDC_GET_ETHERNET_PM_PATTERN_FILTER 0x42 ++#define USB_CDC_SET_ETHERNET_PACKET_FILTER 0x43 ++#define USB_CDC_GET_ETHERNET_STATISTIC 0x44 ++ ++#define USB_ENDPOINT_XFER_BULK 2 ++#define USB_ENDPOINT_XFER_INT 3 ++ ++#define LOG2_STATUS_INTERVAL_MSEC 5 /* 1 << 5 == 32 msec */ ++#define STATUS_BYTECOUNT 16 /* 8 byte header + data */ ++ ++#define ETH_FRAME_LEN 1514 /* Max. octets in frame sans FCS */ ++ ++/* ++ * mostly the same descriptor as the linux gadget rndis driver ++ */ ++static const uint8_t qemu_net_dev_descriptor[] = { ++ 0x12, /* u8 bLength; */ ++ USB_DT_DEVICE, /* u8 bDescriptorType; Device */ ++ 0x00, 0x02, /* u16 bcdUSB; v2.0 */ ++ USB_CLASS_COMM, /* u8 bDeviceClass; */ ++ 0x00, /* u8 bDeviceSubClass; */ ++ 0x00, /* u8 bDeviceProtocol; [ low/full speeds only ] */ ++ 0x40, /* u8 bMaxPacketSize0 */ ++ RNDIS_VENDOR_NUM & 0xff, RNDIS_VENDOR_NUM >> 8, /* u16 idVendor; */ ++ RNDIS_PRODUCT_NUM & 0xff, RNDIS_PRODUCT_NUM >> 8, /* u16 idProduct; */ ++ 0x00, 0x00, /* u16 bcdDevice */ ++ STRING_MANUFACTURER, /* u8 iManufacturer; */ ++ STRING_PRODUCT, /* u8 iProduct; */ ++ STRING_SERIALNUMBER, /* u8 iSerialNumber; */ ++ 0x02 /* u8 bNumConfigurations; */ ++}; ++ ++static const uint8_t qemu_net_rndis_config_descriptor[] = { ++ /* Configuration Descriptor */ ++ 0x09, /* u8 bLength */ ++ USB_DT_CONFIG, /* u8 bDescriptorType */ ++ 0x43, 0x00, /* le16 wTotalLength */ ++ 0x02, /* u8 bNumInterfaces */ ++ DEV_RNDIS_CONFIG_VALUE, /* u8 bConfigurationValue */ ++ STRING_RNDIS, /* u8 iConfiguration */ ++ 0xc0, /* u8 bmAttributes */ ++ 0x32, /* u8 bMaxPower */ ++ /* RNDIS Control Interface */ ++ 0x09, /* u8 bLength */ ++ USB_DT_INTERFACE, /* u8 bDescriptorType */ ++ 0x00, /* u8 bInterfaceNumber */ ++ 0x00, /* u8 bAlternateSetting */ ++ 0x01, /* u8 bNumEndpoints */ ++ USB_CLASS_COMM, /* u8 bInterfaceClass */ ++ USB_CDC_SUBCLASS_ACM, /* u8 bInterfaceSubClass */ ++ USB_CDC_ACM_PROTO_VENDOR, /* u8 bInterfaceProtocol */ ++ STRING_RNDIS_CONTROL, /* u8 iInterface */ ++ /* Header Descriptor */ ++ 0x05, /* u8 bLength */ ++ USB_DT_CS_INTERFACE, /* u8 bDescriptorType */ ++ USB_CDC_HEADER_TYPE, /* u8 bDescriptorSubType */ ++ 0x10, 0x01, /* le16 bcdCDC */ ++ /* Call Management Descriptor */ ++ 0x05, /* u8 bLength */ ++ USB_DT_CS_INTERFACE, /* u8 bDescriptorType */ ++ USB_CDC_CALL_MANAGEMENT_TYPE, /* u8 bDescriptorSubType */ ++ 0x00, /* u8 bmCapabilities */ ++ 0x01, /* u8 bDataInterface */ ++ /* ACM Descriptor */ ++ 0x04, /* u8 bLength */ ++ USB_DT_CS_INTERFACE, /* u8 bDescriptorType */ ++ USB_CDC_ACM_TYPE, /* u8 bDescriptorSubType */ ++ 0x00, /* u8 bmCapabilities */ ++ /* Union Descriptor */ ++ 0x05, /* u8 bLength */ ++ USB_DT_CS_INTERFACE, /* u8 bDescriptorType */ ++ USB_CDC_UNION_TYPE, /* u8 bDescriptorSubType */ ++ 0x00, /* u8 bMasterInterface0 */ ++ 0x01, /* u8 bSlaveInterface0 */ ++ /* Status Descriptor */ ++ 0x07, /* u8 bLength */ ++ USB_DT_ENDPOINT, /* u8 bDescriptorType */ ++ USB_DIR_IN | 1, /* u8 bEndpointAddress */ ++ USB_ENDPOINT_XFER_INT, /* u8 bmAttributes */ ++ STATUS_BYTECOUNT & 0xff, STATUS_BYTECOUNT >> 8, /* le16 wMaxPacketSize */ ++ 1 << LOG2_STATUS_INTERVAL_MSEC, /* u8 bInterval */ ++ /* RNDIS Data Interface */ ++ 0x09, /* u8 bLength */ ++ USB_DT_INTERFACE, /* u8 bDescriptorType */ ++ 0x01, /* u8 bInterfaceNumber */ ++ 0x00, /* u8 bAlternateSetting */ ++ 0x02, /* u8 bNumEndpoints */ ++ USB_CLASS_CDC_DATA, /* u8 bInterfaceClass */ ++ 0x00, /* u8 bInterfaceSubClass */ ++ 0x00, /* u8 bInterfaceProtocol */ ++ STRING_DATA, /* u8 iInterface */ ++ /* Source Endpoint */ ++ 0x07, /* u8 bLength */ ++ USB_DT_ENDPOINT, /* u8 bDescriptorType */ ++ USB_DIR_IN | 2, /* u8 bEndpointAddress */ ++ USB_ENDPOINT_XFER_BULK, /* u8 bmAttributes */ ++ 0x40, 0x00, /* le16 wMaxPacketSize */ ++ 0x00, /* u8 bInterval */ ++ /* Sink Endpoint */ ++ 0x07, /* u8 bLength */ ++ USB_DT_ENDPOINT, /* u8 bDescriptorType */ ++ USB_DIR_OUT | 2, /* u8 bEndpointAddress */ ++ USB_ENDPOINT_XFER_BULK, /* u8 bmAttributes */ ++ 0x40, 0x00, /* le16 wMaxPacketSize */ ++ 0x00 /* u8 bInterval */ ++}; ++ ++static const uint8_t qemu_net_cdc_config_descriptor[] = { ++ /* Configuration Descriptor */ ++ 0x09, /* u8 bLength */ ++ USB_DT_CONFIG, /* u8 bDescriptorType */ ++ 0x50, 0x00, /* le16 wTotalLength */ ++ 0x02, /* u8 bNumInterfaces */ ++ DEV_CONFIG_VALUE, /* u8 bConfigurationValue */ ++ STRING_CDC, /* u8 iConfiguration */ ++ 0xc0, /* u8 bmAttributes */ ++ 0x32, /* u8 bMaxPower */ ++ /* CDC Control Interface */ ++ 0x09, /* u8 bLength */ ++ USB_DT_INTERFACE, /* u8 bDescriptorType */ ++ 0x00, /* u8 bInterfaceNumber */ ++ 0x00, /* u8 bAlternateSetting */ ++ 0x01, /* u8 bNumEndpoints */ ++ USB_CLASS_COMM, /* u8 bInterfaceClass */ ++ USB_CDC_SUBCLASS_ETHERNET, /* u8 bInterfaceSubClass */ ++ USB_CDC_PROTO_NONE, /* u8 bInterfaceProtocol */ ++ STRING_CONTROL, /* u8 iInterface */ ++ /* Header Descriptor */ ++ 0x05, /* u8 bLength */ ++ USB_DT_CS_INTERFACE, /* u8 bDescriptorType */ ++ USB_CDC_HEADER_TYPE, /* u8 bDescriptorSubType */ ++ 0x10, 0x01, /* le16 bcdCDC */ ++ /* Union Descriptor */ ++ 0x05, /* u8 bLength */ ++ USB_DT_CS_INTERFACE, /* u8 bDescriptorType */ ++ USB_CDC_UNION_TYPE, /* u8 bDescriptorSubType */ ++ 0x00, /* u8 bMasterInterface0 */ ++ 0x01, /* u8 bSlaveInterface0 */ ++ /* Ethernet Descriptor */ ++ 0x0d, /* u8 bLength */ ++ USB_DT_CS_INTERFACE, /* u8 bDescriptorType */ ++ USB_CDC_ETHERNET_TYPE, /* u8 bDescriptorSubType */ ++ STRING_ETHADDR, /* u8 iMACAddress */ ++ 0x00, 0x00, 0x00, 0x00, /* le32 bmEthernetStatistics */ ++ ETH_FRAME_LEN & 0xff, ETH_FRAME_LEN >> 8, /* le16 wMaxSegmentSize */ ++ 0x00, 0x00, /* le16 wNumberMCFilters */ ++ 0x00, /* u8 bNumberPowerFilters */ ++ /* Status Descriptor */ ++ 0x07, /* u8 bLength */ ++ USB_DT_ENDPOINT, /* u8 bDescriptorType */ ++ USB_DIR_IN | 1, /* u8 bEndpointAddress */ ++ USB_ENDPOINT_XFER_INT, /* u8 bmAttributes */ ++ STATUS_BYTECOUNT & 0xff, STATUS_BYTECOUNT >> 8, /* le16 wMaxPacketSize */ ++ 1 << LOG2_STATUS_INTERVAL_MSEC, /* u8 bInterval */ ++ /* CDC Data (nop) Interface */ ++ 0x09, /* u8 bLength */ ++ USB_DT_INTERFACE, /* u8 bDescriptorType */ ++ 0x01, /* u8 bInterfaceNumber */ ++ 0x00, /* u8 bAlternateSetting */ ++ 0x00, /* u8 bNumEndpoints */ ++ USB_CLASS_CDC_DATA, /* u8 bInterfaceClass */ ++ 0x00, /* u8 bInterfaceSubClass */ ++ 0x00, /* u8 bInterfaceProtocol */ ++ 0x00, /* u8 iInterface */ ++ /* CDC Data Interface */ ++ 0x09, /* u8 bLength */ ++ USB_DT_INTERFACE, /* u8 bDescriptorType */ ++ 0x01, /* u8 bInterfaceNumber */ ++ 0x01, /* u8 bAlternateSetting */ ++ 0x02, /* u8 bNumEndpoints */ ++ USB_CLASS_CDC_DATA, /* u8 bInterfaceClass */ ++ 0x00, /* u8 bInterfaceSubClass */ ++ 0x00, /* u8 bInterfaceProtocol */ ++ STRING_DATA, /* u8 iInterface */ ++ /* Source Endpoint */ ++ 0x07, /* u8 bLength */ ++ USB_DT_ENDPOINT, /* u8 bDescriptorType */ ++ USB_DIR_IN | 2, /* u8 bEndpointAddress */ ++ USB_ENDPOINT_XFER_BULK, /* u8 bmAttributes */ ++ 0x40, 0x00, /* le16 wMaxPacketSize */ ++ 0x00, /* u8 bInterval */ ++ /* Sink Endpoint */ ++ 0x07, /* u8 bLength */ ++ USB_DT_ENDPOINT, /* u8 bDescriptorType */ ++ USB_DIR_OUT | 2, /* u8 bEndpointAddress */ ++ USB_ENDPOINT_XFER_BULK, /* u8 bmAttributes */ ++ 0x40, 0x00, /* le16 wMaxPacketSize */ ++ 0x00 /* u8 bInterval */ ++}; ++ ++/* ++ * RNDIS Status ++ */ ++ ++#define RNDIS_MAXIMUM_FRAME_SIZE 1518 ++#define RNDIS_MAX_TOTAL_SIZE 1558 ++ ++/* Remote NDIS Versions */ ++#define RNDIS_MAJOR_VERSION 1 ++#define RNDIS_MINOR_VERSION 0 ++ ++/* Status Values */ ++#define RNDIS_STATUS_SUCCESS 0x00000000U /* Success */ ++#define RNDIS_STATUS_FAILURE 0xC0000001U /* Unspecified error */ ++#define RNDIS_STATUS_INVALID_DATA 0xC0010015U /* Invalid data */ ++#define RNDIS_STATUS_NOT_SUPPORTED 0xC00000BBU /* Unsupported request */ ++#define RNDIS_STATUS_MEDIA_CONNECT 0x4001000BU /* Device connected */ ++#define RNDIS_STATUS_MEDIA_DISCONNECT 0x4001000CU /* Device disconnected */ ++ ++/* Message Set for Connectionless (802.3) Devices */ ++#define REMOTE_NDIS_PACKET_MSG 0x00000001U ++#define REMOTE_NDIS_INITIALIZE_MSG 0x00000002U /* Initialize device */ ++#define REMOTE_NDIS_HALT_MSG 0x00000003U ++#define REMOTE_NDIS_QUERY_MSG 0x00000004U ++#define REMOTE_NDIS_SET_MSG 0x00000005U ++#define REMOTE_NDIS_RESET_MSG 0x00000006U ++#define REMOTE_NDIS_INDICATE_STATUS_MSG 0x00000007U ++#define REMOTE_NDIS_KEEPALIVE_MSG 0x00000008U ++ ++/* Message completion */ ++#define REMOTE_NDIS_INITIALIZE_CMPLT 0x80000002U ++#define REMOTE_NDIS_QUERY_CMPLT 0x80000004U ++#define REMOTE_NDIS_SET_CMPLT 0x80000005U ++#define REMOTE_NDIS_RESET_CMPLT 0x80000006U ++#define REMOTE_NDIS_KEEPALIVE_CMPLT 0x80000008U ++ ++/* Device Flags */ ++#define RNDIS_DF_CONNECTIONLESS 0x00000001U ++#define RNDIS_DF_CONNECTION_ORIENTED 0x00000002U ++ ++#define RNDIS_MEDIUM_802_3 0x00000000U ++ ++/* from drivers/net/sk98lin/h/skgepnmi.h */ ++#define OID_PNP_CAPABILITIES 0xFD010100 ++#define OID_PNP_SET_POWER 0xFD010101 ++#define OID_PNP_QUERY_POWER 0xFD010102 ++#define OID_PNP_ADD_WAKE_UP_PATTERN 0xFD010103 ++#define OID_PNP_REMOVE_WAKE_UP_PATTERN 0xFD010104 ++#define OID_PNP_ENABLE_WAKE_UP 0xFD010106 ++ ++typedef struct rndis_init_msg_type ++{ ++ __le32 MessageType; ++ __le32 MessageLength; ++ __le32 RequestID; ++ __le32 MajorVersion; ++ __le32 MinorVersion; ++ __le32 MaxTransferSize; ++} rndis_init_msg_type; ++ ++typedef struct rndis_init_cmplt_type ++{ ++ __le32 MessageType; ++ __le32 MessageLength; ++ __le32 RequestID; ++ __le32 Status; ++ __le32 MajorVersion; ++ __le32 MinorVersion; ++ __le32 DeviceFlags; ++ __le32 Medium; ++ __le32 MaxPacketsPerTransfer; ++ __le32 MaxTransferSize; ++ __le32 PacketAlignmentFactor; ++ __le32 AFListOffset; ++ __le32 AFListSize; ++} rndis_init_cmplt_type; ++ ++typedef struct rndis_halt_msg_type ++{ ++ __le32 MessageType; ++ __le32 MessageLength; ++ __le32 RequestID; ++} rndis_halt_msg_type; ++ ++typedef struct rndis_query_msg_type ++{ ++ __le32 MessageType; ++ __le32 MessageLength; ++ __le32 RequestID; ++ __le32 OID; ++ __le32 InformationBufferLength; ++ __le32 InformationBufferOffset; ++ __le32 DeviceVcHandle; ++} rndis_query_msg_type; ++ ++typedef struct rndis_query_cmplt_type ++{ ++ __le32 MessageType; ++ __le32 MessageLength; ++ __le32 RequestID; ++ __le32 Status; ++ __le32 InformationBufferLength; ++ __le32 InformationBufferOffset; ++} rndis_query_cmplt_type; ++ ++typedef struct rndis_set_msg_type ++{ ++ __le32 MessageType; ++ __le32 MessageLength; ++ __le32 RequestID; ++ __le32 OID; ++ __le32 InformationBufferLength; ++ __le32 InformationBufferOffset; ++ __le32 DeviceVcHandle; ++} rndis_set_msg_type; ++ ++typedef struct rndis_set_cmplt_type ++{ ++ __le32 MessageType; ++ __le32 MessageLength; ++ __le32 RequestID; ++ __le32 Status; ++} rndis_set_cmplt_type; ++ ++typedef struct rndis_reset_msg_type ++{ ++ __le32 MessageType; ++ __le32 MessageLength; ++ __le32 Reserved; ++} rndis_reset_msg_type; ++ ++typedef struct rndis_reset_cmplt_type ++{ ++ __le32 MessageType; ++ __le32 MessageLength; ++ __le32 Status; ++ __le32 AddressingReset; ++} rndis_reset_cmplt_type; ++ ++typedef struct rndis_indicate_status_msg_type ++{ ++ __le32 MessageType; ++ __le32 MessageLength; ++ __le32 Status; ++ __le32 StatusBufferLength; ++ __le32 StatusBufferOffset; ++} rndis_indicate_status_msg_type; ++ ++typedef struct rndis_keepalive_msg_type ++{ ++ __le32 MessageType; ++ __le32 MessageLength; ++ __le32 RequestID; ++} rndis_keepalive_msg_type; ++ ++typedef struct rndis_keepalive_cmplt_type ++{ ++ __le32 MessageType; ++ __le32 MessageLength; ++ __le32 RequestID; ++ __le32 Status; ++} rndis_keepalive_cmplt_type; ++ ++struct rndis_packet_msg_type ++{ ++ __le32 MessageType; ++ __le32 MessageLength; ++ __le32 DataOffset; ++ __le32 DataLength; ++ __le32 OOBDataOffset; ++ __le32 OOBDataLength; ++ __le32 NumOOBDataElements; ++ __le32 PerPacketInfoOffset; ++ __le32 PerPacketInfoLength; ++ __le32 VcHandle; ++ __le32 Reserved; ++}; ++ ++struct rndis_config_parameter ++{ ++ __le32 ParameterNameOffset; ++ __le32 ParameterNameLength; ++ __le32 ParameterType; ++ __le32 ParameterValueOffset; ++ __le32 ParameterValueLength; ++}; ++ ++/* implementation specific */ ++enum rndis_state ++{ ++ RNDIS_UNINITIALIZED, ++ RNDIS_INITIALIZED, ++ RNDIS_DATA_INITIALIZED, ++}; ++ ++static const uint32_t oid_supported_list[] = ++{ ++ /* the general stuff */ ++ OID_GEN_SUPPORTED_LIST, ++ OID_GEN_HARDWARE_STATUS, ++ OID_GEN_MEDIA_SUPPORTED, ++ OID_GEN_MEDIA_IN_USE, ++ OID_GEN_MAXIMUM_FRAME_SIZE, ++ OID_GEN_LINK_SPEED, ++ OID_GEN_TRANSMIT_BLOCK_SIZE, ++ OID_GEN_RECEIVE_BLOCK_SIZE, ++ OID_GEN_VENDOR_ID, ++ OID_GEN_VENDOR_DESCRIPTION, ++ OID_GEN_VENDOR_DRIVER_VERSION, ++ OID_GEN_CURRENT_PACKET_FILTER, ++ OID_GEN_MAXIMUM_TOTAL_SIZE, ++ OID_GEN_MEDIA_CONNECT_STATUS, ++ OID_GEN_PHYSICAL_MEDIUM, ++ /* the statistical stuff */ ++ OID_GEN_XMIT_OK, ++ OID_GEN_RCV_OK, ++ OID_GEN_XMIT_ERROR, ++ OID_GEN_RCV_ERROR, ++ OID_GEN_RCV_NO_BUFFER, ++ /* mandatory 802.3 */ ++ /* the general stuff */ ++ OID_802_3_PERMANENT_ADDRESS, ++ OID_802_3_CURRENT_ADDRESS, ++ OID_802_3_MULTICAST_LIST, ++ OID_802_3_MAC_OPTIONS, ++ OID_802_3_MAXIMUM_LIST_SIZE, ++ ++ /* the statistical stuff */ ++ OID_802_3_RCV_ERROR_ALIGNMENT, ++ OID_802_3_XMIT_ONE_COLLISION, ++ OID_802_3_XMIT_MORE_COLLISIONS ++}; ++ ++struct rndis_response { ++ TAILQ_ENTRY(rndis_response) entries; ++ uint32_t length; ++ uint8_t buf[0]; ++}; ++ ++ ++typedef struct USBNetState { ++ USBDevice dev; ++ ++ unsigned int rndis; ++ enum rndis_state rndis_state; ++ uint32_t medium; ++ uint32_t speed; ++ uint32_t media_state; ++ uint16_t filter; ++ uint32_t vendorid; ++ uint8_t mac[6]; ++ ++ unsigned int out_ptr; ++ uint8_t out_buf[2048]; ++ ++ USBPacket *inpkt; ++ unsigned int in_ptr, in_len; ++ uint8_t in_buf[2048]; ++ ++ VLANClientState *vc; ++ TAILQ_HEAD(rndis_resp_head, rndis_response) rndis_resp; ++} USBNetState; ++ ++ ++static int ndis_query(USBNetState *s, uint32_t oid, uint8_t *inbuf, unsigned int inlen, uint8_t *outbuf) ++{ ++ switch (oid) { ++ /* general oids (table 4-1) */ ++ /* mandatory */ ++ case OID_GEN_SUPPORTED_LIST: ++ { ++ unsigned int i, count = sizeof(oid_supported_list) / sizeof(uint32_t); ++ for (i = 0; i < count; i++) ++ ((__le32 *)outbuf)[i] = cpu_to_le32(oid_supported_list[i]); ++ return sizeof(oid_supported_list); ++ } ++ ++ /* mandatory */ ++ case OID_GEN_HARDWARE_STATUS: ++ *((__le32 *)outbuf) = cpu_to_le32(0); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_MEDIA_SUPPORTED: ++ *((__le32 *)outbuf) = cpu_to_le32(s->medium); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_MEDIA_IN_USE: ++ *((__le32 *)outbuf) = cpu_to_le32(s->medium); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_MAXIMUM_FRAME_SIZE: ++ *((__le32 *)outbuf) = cpu_to_le32(ETH_FRAME_LEN); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_LINK_SPEED: ++ *((__le32 *)outbuf) = cpu_to_le32(s->speed); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_TRANSMIT_BLOCK_SIZE: ++ *((__le32 *)outbuf) = cpu_to_le32(ETH_FRAME_LEN); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_RECEIVE_BLOCK_SIZE: ++ *((__le32 *)outbuf) = cpu_to_le32(ETH_FRAME_LEN); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_VENDOR_ID: ++ *((__le32 *)outbuf) = cpu_to_le32(0x1234); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_VENDOR_DESCRIPTION: ++ strcpy(outbuf, "QEMU USB RNDIS Net"); ++ return strlen(outbuf) + 1; ++ ++ case OID_GEN_VENDOR_DRIVER_VERSION: ++ *((__le32 *)outbuf) = cpu_to_le32(1); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_CURRENT_PACKET_FILTER: ++ *((__le32 *)outbuf) = cpu_to_le32(s->filter); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_MAXIMUM_TOTAL_SIZE: ++ *((__le32 *)outbuf) = cpu_to_le32(RNDIS_MAX_TOTAL_SIZE); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_MEDIA_CONNECT_STATUS: ++ *((__le32 *)outbuf) = cpu_to_le32(s->media_state); ++ return sizeof(__le32); ++ ++ case OID_GEN_PHYSICAL_MEDIUM: ++ *((__le32 *)outbuf) = cpu_to_le32(0); ++ return sizeof(__le32); ++ ++ case OID_GEN_MAC_OPTIONS: ++ *((__le32 *)outbuf) = cpu_to_le32(NDIS_MAC_OPTION_RECEIVE_SERIALIZED | NDIS_MAC_OPTION_FULL_DUPLEX); ++ return sizeof(__le32); ++ ++ /* statistics OIDs (table 4-2) */ ++ /* mandatory */ ++ case OID_GEN_XMIT_OK: ++ *((__le32 *)outbuf) = cpu_to_le32(0); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_RCV_OK: ++ *((__le32 *)outbuf) = cpu_to_le32(0); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_XMIT_ERROR: ++ *((__le32 *)outbuf) = cpu_to_le32(0); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_RCV_ERROR: ++ *((__le32 *)outbuf) = cpu_to_le32(0); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_GEN_RCV_NO_BUFFER: ++ *((__le32 *)outbuf) = cpu_to_le32(0); ++ return sizeof(__le32); ++ ++ /* ieee802.3 OIDs (table 4-3) */ ++ /* mandatory */ ++ case OID_802_3_PERMANENT_ADDRESS: ++ memcpy(outbuf, s->mac, 6); ++ return 6; ++ ++ /* mandatory */ ++ case OID_802_3_CURRENT_ADDRESS: ++ memcpy(outbuf, s->mac, 6); ++ return 6; ++ ++ /* mandatory */ ++ case OID_802_3_MULTICAST_LIST: ++ *((__le32 *)outbuf) = cpu_to_le32(0xE0000000); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_802_3_MAXIMUM_LIST_SIZE: ++ *((__le32 *)outbuf) = cpu_to_le32(1); ++ return sizeof(__le32); ++ ++ case OID_802_3_MAC_OPTIONS: ++ return 0; ++ ++ /* ieee802.3 statistics OIDs (table 4-4) */ ++ /* mandatory */ ++ case OID_802_3_RCV_ERROR_ALIGNMENT: ++ *((__le32 *)outbuf) = cpu_to_le32(0); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_802_3_XMIT_ONE_COLLISION: ++ *((__le32 *)outbuf) = cpu_to_le32(0); ++ return sizeof(__le32); ++ ++ /* mandatory */ ++ case OID_802_3_XMIT_MORE_COLLISIONS: ++ *((__le32 *)outbuf) = cpu_to_le32(0); ++ return sizeof(__le32); ++ ++ default: ++ fprintf(stderr, "usbnet: unknown OID 0x%08x\n", oid); ++ return 0; ++ } ++ return -1; ++} ++ ++static int ndis_set(USBNetState *s, uint32_t oid, uint8_t *inbuf, unsigned int inlen) ++{ ++ switch (oid) { ++ case OID_GEN_CURRENT_PACKET_FILTER: ++ s->filter = le32_to_cpup((__le32 *)inbuf); ++ if (s->filter) { ++ s->rndis_state = RNDIS_DATA_INITIALIZED; ++ } else { ++ s->rndis_state = RNDIS_INITIALIZED; ++ } ++ return 0; ++ ++ case OID_802_3_MULTICAST_LIST: ++ return 0; ++ ++ } ++ return -1; ++} ++ ++static int rndis_get_response(USBNetState *s, uint8_t *buf) ++{ ++ int ret = 0; ++ struct rndis_response *r = s->rndis_resp.tqh_first; ++ if (!r) ++ return ret; ++ TAILQ_REMOVE(&s->rndis_resp, r, entries); ++ ret = r->length; ++ memcpy(buf, r->buf, r->length); ++ qemu_free(r); ++ return ret; ++} ++ ++static void *rndis_queue_response(USBNetState *s, unsigned int length) ++{ ++ struct rndis_response *r = qemu_mallocz(sizeof(struct rndis_response) + length); ++ if (!r) ++ return NULL; ++ TAILQ_INSERT_TAIL(&s->rndis_resp, r, entries); ++ r->length = length; ++ return &r->buf[0]; ++} ++ ++static void rndis_clear_responsequeue(USBNetState *s) ++{ ++ struct rndis_response *r; ++ ++ while ((r = s->rndis_resp.tqh_first)) { ++ TAILQ_REMOVE(&s->rndis_resp, r, entries); ++ qemu_free(r); ++ } ++} ++ ++static int rndis_init_response(USBNetState *s, rndis_init_msg_type *buf) ++{ ++ rndis_init_cmplt_type *resp = rndis_queue_response(s, sizeof(rndis_init_cmplt_type)); ++ if (!resp) ++ return USB_RET_STALL; ++ resp->MessageType = cpu_to_le32(REMOTE_NDIS_INITIALIZE_CMPLT); ++ resp->MessageLength = cpu_to_le32(sizeof(rndis_init_cmplt_type)); ++ resp->RequestID = buf->RequestID; /* Still LE in msg buffer */ ++ resp->Status = cpu_to_le32(RNDIS_STATUS_SUCCESS); ++ resp->MajorVersion = cpu_to_le32(RNDIS_MAJOR_VERSION); ++ resp->MinorVersion = cpu_to_le32(RNDIS_MINOR_VERSION); ++ resp->DeviceFlags = cpu_to_le32(RNDIS_DF_CONNECTIONLESS); ++ resp->Medium = cpu_to_le32(RNDIS_MEDIUM_802_3); ++ resp->MaxPacketsPerTransfer = cpu_to_le32(1); ++ resp->MaxTransferSize = cpu_to_le32(ETH_FRAME_LEN + sizeof(struct rndis_packet_msg_type) + 22); ++ resp->PacketAlignmentFactor = cpu_to_le32(0); ++ resp->AFListOffset = cpu_to_le32(0); ++ resp->AFListSize = cpu_to_le32(0); ++ return 0; ++} ++ ++static int rndis_query_response(USBNetState *s, rndis_query_msg_type *buf, unsigned int length) ++{ ++ rndis_query_cmplt_type *resp; ++ uint8_t infobuf[sizeof(oid_supported_list)]; /* oid_supported_list is the largest data reply */ ++ uint32_t bufoffs, buflen; ++ int infobuflen; ++ unsigned int resplen; ++ bufoffs = le32_to_cpu(buf->InformationBufferOffset) + 8; ++ buflen = le32_to_cpu(buf->InformationBufferLength); ++ if (bufoffs + buflen > length) ++ return USB_RET_STALL; ++ infobuflen = ndis_query(s, le32_to_cpu(buf->OID), bufoffs + (uint8_t *)buf, buflen, infobuf); ++ resplen = sizeof(rndis_query_cmplt_type) + ((infobuflen < 0) ? 0 : infobuflen); ++ resp = rndis_queue_response(s, resplen); ++ if (!resp) ++ return USB_RET_STALL; ++ resp->MessageType = cpu_to_le32(REMOTE_NDIS_QUERY_CMPLT); ++ resp->RequestID = buf->RequestID; /* Still LE in msg buffer */ ++ resp->MessageLength = cpu_to_le32(resplen); ++ if (infobuflen < 0) { ++ /* OID not supported */ ++ resp->Status = cpu_to_le32(RNDIS_STATUS_NOT_SUPPORTED); ++ resp->InformationBufferLength = cpu_to_le32(0); ++ resp->InformationBufferOffset = cpu_to_le32(0); ++ return 0; ++ } ++ resp->Status = cpu_to_le32(RNDIS_STATUS_SUCCESS); ++ resp->InformationBufferOffset = cpu_to_le32(infobuflen ? sizeof(rndis_query_cmplt_type) - 8 : 0); ++ resp->InformationBufferLength = cpu_to_le32(infobuflen); ++ memcpy(resp + 1, infobuf, infobuflen); ++ return 0; ++} ++ ++static int rndis_set_response(USBNetState *s, rndis_set_msg_type *buf, unsigned int length) ++{ ++ rndis_set_cmplt_type *resp = rndis_queue_response(s, sizeof(rndis_set_cmplt_type)); ++ uint32_t bufoffs, buflen; ++ if (!resp) ++ return USB_RET_STALL; ++ bufoffs = le32_to_cpu(buf->InformationBufferOffset) + 8; ++ buflen = le32_to_cpu(buf->InformationBufferLength); ++ if (bufoffs + buflen > length) ++ return USB_RET_STALL; ++ int ret = ndis_set(s, le32_to_cpu(buf->OID), bufoffs + (uint8_t *)buf, buflen); ++ resp->MessageType = cpu_to_le32(REMOTE_NDIS_SET_CMPLT); ++ resp->RequestID = buf->RequestID; /* Still LE in msg buffer */ ++ resp->MessageLength = cpu_to_le32(sizeof(rndis_set_cmplt_type)); ++ if (ret < 0) { ++ /* OID not supported */ ++ resp->Status = cpu_to_le32(RNDIS_STATUS_NOT_SUPPORTED); ++ return 0; ++ } ++ resp->Status = cpu_to_le32(RNDIS_STATUS_SUCCESS); ++ return 0; ++} ++ ++static int rndis_reset_response(USBNetState *s, rndis_reset_msg_type *buf) ++{ ++ rndis_reset_cmplt_type *resp = rndis_queue_response(s, sizeof(rndis_reset_cmplt_type)); ++ if (!resp) ++ return USB_RET_STALL; ++ resp->MessageType = cpu_to_le32(REMOTE_NDIS_RESET_CMPLT); ++ resp->MessageLength = cpu_to_le32(sizeof(rndis_reset_cmplt_type)); ++ resp->Status = cpu_to_le32(RNDIS_STATUS_SUCCESS); ++ /* resent information */ ++ resp->AddressingReset = cpu_to_le32(1); ++ return 0; ++} ++ ++static int rndis_keepalive_response(USBNetState *s, rndis_keepalive_msg_type *buf) ++{ ++ rndis_keepalive_cmplt_type *resp = rndis_queue_response(s, sizeof(rndis_keepalive_cmplt_type)); ++ if (!resp) ++ return USB_RET_STALL; ++ resp->MessageType = cpu_to_le32(REMOTE_NDIS_KEEPALIVE_CMPLT); ++ resp->MessageLength = cpu_to_le32(sizeof(rndis_keepalive_cmplt_type)); ++ resp->RequestID = buf->RequestID; /* Still LE in msg buffer */ ++ resp->Status = cpu_to_le32(RNDIS_STATUS_SUCCESS); ++ return 0; ++} ++ ++static int rndis_parse(USBNetState *s, uint8_t *data, int length) ++{ ++ uint32_t MsgType, MsgLength; ++ __le32 *tmp = (__le32 *)data; ++ MsgType = le32_to_cpup(tmp++); ++ MsgLength = le32_to_cpup(tmp++); ++ ++ switch (MsgType) { ++ case REMOTE_NDIS_INITIALIZE_MSG: ++ s->rndis_state = RNDIS_INITIALIZED; ++ return rndis_init_response(s, (rndis_init_msg_type *)data); ++ ++ case REMOTE_NDIS_HALT_MSG: ++ s->rndis_state = RNDIS_UNINITIALIZED; ++ return 0; ++ ++ case REMOTE_NDIS_QUERY_MSG: ++ return rndis_query_response(s, (rndis_query_msg_type *)data, length); ++ ++ case REMOTE_NDIS_SET_MSG: ++ return rndis_set_response(s, (rndis_set_msg_type *)data, length); ++ ++ case REMOTE_NDIS_RESET_MSG: ++ rndis_clear_responsequeue(s); ++ s->out_ptr = s->in_ptr = s->in_len = 0; ++ return rndis_reset_response(s, (rndis_reset_msg_type *)data); ++ ++ case REMOTE_NDIS_KEEPALIVE_MSG: ++ /* For USB: host does this every 5 seconds */ ++ return rndis_keepalive_response(s, (rndis_keepalive_msg_type *)data); ++ } ++ return USB_RET_STALL; ++} ++ ++static void usb_net_handle_reset(USBDevice *dev) ++{ ++} ++ ++static int usb_net_handle_control(USBDevice *dev, int request, int value, ++ int index, int length, uint8_t *data) ++{ ++ USBNetState *s = (USBNetState *)dev; ++ int ret = 0; ++ ++ switch(request) { ++ case DeviceRequest | USB_REQ_GET_STATUS: ++ data[0] = (1 << USB_DEVICE_SELF_POWERED) | ++ (dev->remote_wakeup << USB_DEVICE_REMOTE_WAKEUP); ++ data[1] = 0x00; ++ ret = 2; ++ break; ++ ++ case DeviceOutRequest | USB_REQ_CLEAR_FEATURE: ++ if (value == USB_DEVICE_REMOTE_WAKEUP) { ++ dev->remote_wakeup = 0; ++ } else { ++ goto fail; ++ } ++ ret = 0; ++ break; ++ ++ case DeviceOutRequest | USB_REQ_SET_FEATURE: ++ if (value == USB_DEVICE_REMOTE_WAKEUP) { ++ dev->remote_wakeup = 1; ++ } else { ++ goto fail; ++ } ++ ret = 0; ++ break; ++ ++ case DeviceOutRequest | USB_REQ_SET_ADDRESS: ++ dev->addr = value; ++ ret = 0; ++ break; ++ ++ case ClassInterfaceOutRequest | USB_CDC_SEND_ENCAPSULATED_COMMAND: ++ if (!s->rndis || value || index != 0) ++ goto fail; ++#if TRAFFIC_DEBUG ++ { ++ unsigned int i; ++ fprintf(stderr, "SEND_ENCAPSULATED_COMMAND:"); ++ for (i = 0; i < length; i++) { ++ if (!(i & 15)) ++ fprintf(stderr, "\n%04X:", i); ++ fprintf(stderr, " %02X", data[i]); ++ } ++ fprintf(stderr, "\n\n"); ++ } ++#endif ++ ret = rndis_parse(s, data, length); ++ break; ++ ++ case ClassInterfaceRequest | USB_CDC_GET_ENCAPSULATED_RESPONSE: ++ if (!s->rndis || value || index != 0) ++ goto fail; ++ ret = rndis_get_response(s, data); ++ if (!ret) { ++ data[0] = 0; ++ ret = 1; ++ } ++#if TRAFFIC_DEBUG ++ { ++ unsigned int i; ++ fprintf(stderr, "GET_ENCAPSULATED_RESPONSE:"); ++ for (i = 0; i < ret; i++) { ++ if (!(i & 15)) ++ fprintf(stderr, "\n%04X:", i); ++ fprintf(stderr, " %02X", data[i]); ++ } ++ fprintf(stderr, "\n\n"); ++ } ++#endif ++ break; ++ ++ case DeviceRequest | USB_REQ_GET_DESCRIPTOR: ++ switch(value >> 8) { ++ case USB_DT_DEVICE: ++ ret = sizeof(qemu_net_dev_descriptor); ++ memcpy(data, qemu_net_dev_descriptor, ret); ++ break; ++ ++ case USB_DT_CONFIG: ++ switch (value & 0xff) { ++ case 0: ++ ret = sizeof(qemu_net_rndis_config_descriptor); ++ memcpy(data, qemu_net_rndis_config_descriptor, ++ ret); ++ break; ++ ++ case 1: ++ ret = sizeof(qemu_net_cdc_config_descriptor); ++ memcpy(data, qemu_net_cdc_config_descriptor, ++ ret); ++ break; ++ ++ default: ++ goto fail; ++ } ++ data[2] = ret & 0xff; ++ data[3] = ret >> 8; ++ break; ++ ++ case USB_DT_STRING: ++ switch (value & 0xff) { ++ case 0: ++ /* language ids */ ++ data[0] = 4; ++ data[1] = 3; ++ data[2] = 0x09; ++ data[3] = 0x04; ++ ret = 4; ++ break; ++ ++ case STRING_MANUFACTURER: ++ ret = set_usb_string(data, "QEMU"); ++ break; ++ ++ case STRING_PRODUCT: ++ ret = set_usb_string(data, "RNDIS/QEMU USB Network Device"); ++ break; ++ ++ case STRING_ETHADDR: ++ ret = set_usb_string(data, "400102030405"); ++ break; ++ ++ case STRING_DATA: ++ ret = set_usb_string(data, "QEMU USB Net Data Interface"); ++ break; ++ ++ case STRING_CONTROL: ++ ret = set_usb_string(data, "QEMU USB Net Control Interface"); ++ break; ++ ++ case STRING_RNDIS_CONTROL: ++ ret = set_usb_string(data, "QEMU USB Net RNDIS Control Interface"); ++ break; ++ ++ case STRING_CDC: ++ ret = set_usb_string(data, "QEMU USB Net CDC"); ++ break; ++ ++ case STRING_SUBSET: ++ ret = set_usb_string(data, "QEMU USB Net Subset"); ++ break; ++ ++ case STRING_RNDIS: ++ ret = set_usb_string(data, "QEMU USB Net RNDIS"); ++ break; ++ ++ case STRING_SERIALNUMBER: ++ ret = set_usb_string(data, "1"); ++ break; ++ ++ default: ++ goto fail; ++ } ++ break; ++ ++ default: ++ goto fail; ++ } ++ break; ++ ++ case DeviceRequest | USB_REQ_GET_CONFIGURATION: ++ data[0] = s->rndis ? DEV_RNDIS_CONFIG_VALUE : DEV_CONFIG_VALUE; ++ ret = 1; ++ break; ++ ++ case DeviceOutRequest | USB_REQ_SET_CONFIGURATION: ++ switch (value & 0xff) { ++ case DEV_CONFIG_VALUE: ++ s->rndis = 0; ++ break; ++ ++ case DEV_RNDIS_CONFIG_VALUE: ++ s->rndis = 1; ++ break; ++ ++ default: ++ goto fail; ++ } ++ ret = 0; ++ break; ++ ++ case DeviceRequest | USB_REQ_GET_INTERFACE: ++ case InterfaceRequest | USB_REQ_GET_INTERFACE: ++ data[0] = 0; ++ ret = 1; ++ break; ++ ++ case DeviceOutRequest | USB_REQ_SET_INTERFACE: ++ case InterfaceOutRequest | USB_REQ_SET_INTERFACE: ++ ret = 0; ++ break; ++ ++ default: ++ fail: ++ fprintf(stderr, "usbnet: failed control transaction: request 0x%x value 0x%x index 0x%x length 0x%x\n", ++ request, value, index, length); ++ ret = USB_RET_STALL; ++ break; ++ } ++ return ret; ++} ++ ++static int usb_net_handle_statusin(USBNetState *s, USBPacket *p) ++{ ++ int ret = 8; ++ if (p->len < 8) ++ return USB_RET_STALL; ++ ((__le32 *)p->data)[0] = cpu_to_le32(1); ++ ((__le32 *)p->data)[1] = cpu_to_le32(0); ++ if (!s->rndis_resp.tqh_first) ++ ret = USB_RET_NAK; ++#if DEBUG ++ fprintf(stderr, "usbnet: interrupt poll len %u return %d", p->len, ret); ++ { ++ int i; ++ fprintf(stderr, ":"); ++ for (i = 0; i < ret; i++) { ++ if (!(i & 15)) ++ fprintf(stderr, "\n%04X:", i); ++ fprintf(stderr, " %02X", p->data[i]); ++ } ++ fprintf(stderr, "\n\n"); ++ } ++#endif ++ return ret; ++} ++ ++static int usb_net_handle_datain(USBNetState *s, USBPacket *p) ++{ ++ int ret = USB_RET_NAK; ++ ++ if (s->in_ptr > s->in_len) { ++ s->in_ptr = s->in_len = 0; ++ ret = USB_RET_NAK; ++ return ret; ++ } ++ if (!s->in_len) { ++ ret = USB_RET_NAK; ++ return ret; ++ } ++ ret = s->in_len - s->in_ptr; ++ if (ret > p->len) ++ ret = p->len; ++ memcpy(p->data, &s->in_buf[s->in_ptr], ret); ++ s->in_ptr += ret; ++ if (s->in_ptr >= s->in_len && (s->rndis || (s->in_len & (64-1)) || !ret)) { ++ /* no short packet necessary */ ++ s->in_ptr = s->in_len = 0; ++ } ++#if TRAFFIC_DEBUG ++ fprintf(stderr, "usbnet: data in len %u return %d", p->len, ret); ++ { ++ int i; ++ fprintf(stderr, ":"); ++ for (i = 0; i < ret; i++) { ++ if (!(i & 15)) ++ fprintf(stderr, "\n%04X:", i); ++ fprintf(stderr, " %02X", p->data[i]); ++ } ++ fprintf(stderr, "\n\n"); ++ } ++#endif ++ return ret; ++} ++ ++static int usb_net_handle_dataout(USBNetState *s, USBPacket *p) ++{ ++ int ret = p->len; ++ int sz = sizeof(s->out_buf) - s->out_ptr; ++ struct rndis_packet_msg_type *msg = (struct rndis_packet_msg_type *)s->out_buf; ++ uint32_t len; ++ ++#if TRAFFIC_DEBUG ++ fprintf(stderr, "usbnet: data out len %u\n", p->len); ++ { ++ int i; ++ fprintf(stderr, ":"); ++ for (i = 0; i < p->len; i++) { ++ if (!(i & 15)) ++ fprintf(stderr, "\n%04X:", i); ++ fprintf(stderr, " %02X", p->data[i]); ++ } ++ fprintf(stderr, "\n\n"); ++ } ++#endif ++ if (sz > ret) ++ sz = ret; ++ memcpy(&s->out_buf[s->out_ptr], p->data, sz); ++ s->out_ptr += sz; ++ if (!s->rndis) { ++ if (ret < 64) { ++ qemu_send_packet(s->vc, s->out_buf, s->out_ptr); ++ s->out_ptr = 0; ++ } ++ return ret; ++ } ++ len = le32_to_cpu(msg->MessageLength); ++ if (s->out_ptr < 8 || s->out_ptr < len) ++ return ret; ++ if (le32_to_cpu(msg->MessageType) == REMOTE_NDIS_PACKET_MSG) { ++ uint32_t offs = 8 + le32_to_cpu(msg->DataOffset); ++ uint32_t size = le32_to_cpu(msg->DataLength); ++ if (offs + size <= len) ++ qemu_send_packet(s->vc, s->out_buf + offs, size); ++ } ++ s->out_ptr -= len; ++ memmove(s->out_buf, &s->out_buf[len], s->out_ptr); ++ return ret; ++} ++ ++static int usb_net_handle_data(USBDevice *dev, USBPacket *p) ++{ ++ USBNetState *s = (USBNetState *)dev; ++ int ret = 0; ++ ++ switch(p->pid) { ++ case USB_TOKEN_IN: ++ switch (p->devep) { ++ case 1: ++ ret = usb_net_handle_statusin(s, p); ++ break; ++ ++ case 2: ++ ret = usb_net_handle_datain(s, p); ++ break; ++ ++ default: ++ goto fail; ++ } ++ break; ++ ++ case USB_TOKEN_OUT: ++ switch (p->devep) { ++ case 2: ++ ret = usb_net_handle_dataout(s, p); ++ break; ++ ++ default: ++ goto fail; ++ } ++ break; ++ ++ default: ++ fail: ++ ret = USB_RET_STALL; ++ break; ++ } ++ if (ret == USB_RET_STALL) ++ fprintf(stderr, "usbnet: failed data transaction: pid 0x%x ep 0x%x len 0x%x\n", p->pid, p->devep, p->len); ++ return ret; ++} ++ ++static void usbnet_receive(void *opaque, const uint8_t *buf, int size) ++{ ++ USBNetState *s = opaque; ++ ++ if (s->rndis) { ++ struct rndis_packet_msg_type *msg = (struct rndis_packet_msg_type *)s->in_buf; ++ if (!s->rndis_state == RNDIS_DATA_INITIALIZED) ++ return; ++ if (size + sizeof(struct rndis_packet_msg_type) > sizeof(s->in_buf)) ++ return; ++ memset(msg, 0, sizeof(struct rndis_packet_msg_type)); ++ msg->MessageType = cpu_to_le32(REMOTE_NDIS_PACKET_MSG); ++ msg->MessageLength = cpu_to_le32(size + sizeof(struct rndis_packet_msg_type)); ++ msg->DataOffset = cpu_to_le32(sizeof(struct rndis_packet_msg_type) - 8); ++ msg->DataLength = cpu_to_le32(size); ++ //msg->OOBDataOffset; ++ //msg->OOBDataLength; ++ //msg->NumOOBDataElements; ++ //msg->PerPacketInfoOffset; ++ //msg->PerPacketInfoLength; ++ //msg->VcHandle; ++ //msg->Reserved; ++ memcpy(msg + 1, buf, size); ++ s->in_len = size + sizeof(struct rndis_packet_msg_type); ++ } else { ++ if (size > sizeof(s->in_buf)) ++ return; ++ memcpy(s->in_buf, buf, size); ++ s->in_len = size; ++ } ++ s->in_ptr = 0; ++} ++ ++static int usbnet_can_receive(void *opaque) ++{ ++ USBNetState *s = opaque; ++ ++ if (s->rndis && !s->rndis_state == RNDIS_DATA_INITIALIZED) ++ return 1; ++ return !s->in_len; ++} ++ ++static void usb_net_handle_destroy(USBDevice *dev) ++{ ++ USBNetState *s = (USBNetState *)dev; ++ rndis_clear_responsequeue(s); ++ qemu_free(s); ++} ++ ++USBDevice *usb_net_init(NICInfo *nd) ++{ ++ USBNetState *s; ++ ++ s = qemu_mallocz(sizeof(USBNetState)); ++ if (!s) ++ return NULL; ++ s->dev.speed = USB_SPEED_FULL; ++ s->dev.handle_packet = usb_generic_handle_packet; ++ ++ s->dev.handle_reset = usb_net_handle_reset; ++ s->dev.handle_control = usb_net_handle_control; ++ s->dev.handle_data = usb_net_handle_data; ++ s->dev.handle_destroy = usb_net_handle_destroy; ++ ++ s->rndis = 1; ++ s->rndis_state = RNDIS_UNINITIALIZED; ++ s->medium = NDIS_MEDIUM_802_3; ++ s->speed = 1000000; /* 100MBps, in 100Bps units */ ++ s->media_state = NDIS_MEDIA_STATE_CONNECTED; ++ s->filter = 0; ++ s->vendorid = 0x1234; ++ memcpy(s->mac, nd->macaddr, 6); ++ TAILQ_INIT(&s->rndis_resp); ++ ++ pstrcpy(s->dev.devname, sizeof(s->dev.devname), "QEMU USB Network Interface"); ++ s->vc = qemu_new_vlan_client(nd->vlan, usbnet_receive, usbnet_can_receive, s); ++ snprintf(s->vc->info_str, sizeof(s->vc->info_str), ++ "usbnet macaddr=%02x:%02x:%02x:%02x:%02x:%02x", ++ s->mac[0], s->mac[1], s->mac[2], ++ s->mac[3], s->mac[4], s->mac[5]); ++ fprintf(stderr, "usbnet: initialized mac %02x:%02x:%02x:%02x:%02x:%02x\n", ++ s->mac[0], s->mac[1], s->mac[2], ++ s->mac[3], s->mac[4], s->mac[5]); ++ return (USBDevice *)s; ++} +diff -urN 4242/Makefile qemu-omap/Makefile +--- 4242/Makefile 2008-04-24 20:17:05.000000000 +0100 ++++ qemu-omap/Makefile 2008-04-23 09:57:55.000000000 +0100 +@@ -55,7 +55,8 @@ + OBJS+=tmp105.o + OBJS+=scsi-disk.o cdrom.o + OBJS+=scsi-generic.o +-OBJS+=usb.o usb-hub.o usb-linux.o usb-hid.o usb-msd.o usb-wacom.o usb-serial.o ++OBJS+=usb.o usb-hub.o usb-linux.o usb-hid.o usb-msd.o usb-net.o ++OBJS+=usb-wacom.o usb-serial.o + OBJS+=sd.o ssi-sd.o + + ifdef CONFIG_BRLAPI +diff -urN 4242/softmmu_template.h qemu-omap/softmmu_template.h +--- 4242/softmmu_template.h 2008-04-24 18:11:49.000000000 +0100 ++++ qemu-omap/softmmu_template.h 2008-04-23 09:57:56.000000000 +0100 +@@ -51,12 +51,15 @@ + int mmu_idx, + void *retaddr); + static inline DATA_TYPE glue(io_read, SUFFIX)(target_phys_addr_t physaddr, +- target_ulong tlb_addr) ++ target_ulong tlb_addr, ++ target_ulong tlb_io) + { + DATA_TYPE res; + int index; + +- index = (tlb_addr >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); ++ index = (tlb_addr & ~TARGET_PAGE_MASK) >> IO_MEM_SHIFT; ++ if (index > 4) ++ index = (tlb_io >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); + #if SHIFT <= 2 + res = io_mem_read[index][SHIFT](io_mem_opaque[index], physaddr); + #else +@@ -95,7 +98,9 @@ + /* IO access */ + if ((addr & (DATA_SIZE - 1)) != 0) + goto do_unaligned_access; +- res = glue(io_read, SUFFIX)(physaddr, tlb_addr); ++ res = glue(io_read, SUFFIX)(physaddr, tlb_addr, ++ env->tlb_table[mmu_idx] ++ [index].addr_code); + } else if (((addr & ~TARGET_PAGE_MASK) + DATA_SIZE - 1) >= TARGET_PAGE_SIZE) { + /* slow unaligned access (it spans two pages or IO) */ + do_unaligned_access: +@@ -147,7 +152,9 @@ + /* IO access */ + if ((addr & (DATA_SIZE - 1)) != 0) + goto do_unaligned_access; +- res = glue(io_read, SUFFIX)(physaddr, tlb_addr); ++ res = glue(io_read, SUFFIX)(physaddr, tlb_addr, ++ env->tlb_table[mmu_idx] ++ [index].addr_code); + } else if (((addr & ~TARGET_PAGE_MASK) + DATA_SIZE - 1) >= TARGET_PAGE_SIZE) { + do_unaligned_access: + /* slow unaligned access (it spans two pages) */ +@@ -186,11 +193,14 @@ + static inline void glue(io_write, SUFFIX)(target_phys_addr_t physaddr, + DATA_TYPE val, + target_ulong tlb_addr, +- void *retaddr) ++ void *retaddr, ++ target_ulong tlb_io) + { + int index; + +- index = (tlb_addr >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); ++ index = (tlb_addr & ~TARGET_PAGE_MASK) >> IO_MEM_SHIFT; ++ if (index > 4) ++ index = (tlb_io >> IO_MEM_SHIFT) & (IO_MEM_NB_ENTRIES - 1); + env->mem_write_vaddr = tlb_addr; + env->mem_write_pc = (unsigned long)retaddr; + #if SHIFT <= 2 +@@ -228,7 +238,8 @@ + if ((addr & (DATA_SIZE - 1)) != 0) + goto do_unaligned_access; + retaddr = GETPC(); +- glue(io_write, SUFFIX)(physaddr, val, tlb_addr, retaddr); ++ glue(io_write, SUFFIX)(physaddr, val, tlb_addr, retaddr, ++ env->tlb_table[mmu_idx][index].addr_code); + } else if (((addr & ~TARGET_PAGE_MASK) + DATA_SIZE - 1) >= TARGET_PAGE_SIZE) { + do_unaligned_access: + retaddr = GETPC(); +@@ -278,7 +289,8 @@ + /* IO access */ + if ((addr & (DATA_SIZE - 1)) != 0) + goto do_unaligned_access; +- glue(io_write, SUFFIX)(physaddr, val, tlb_addr, retaddr); ++ glue(io_write, SUFFIX)(physaddr, val, tlb_addr, retaddr, ++ env->tlb_table[mmu_idx][index].addr_code); + } else if (((addr & ~TARGET_PAGE_MASK) + DATA_SIZE - 1) >= TARGET_PAGE_SIZE) { + do_unaligned_access: + /* XXX: not efficient, but simple */ +diff -urN 4242/target-i386/cpu.h qemu-omap/target-i386/cpu.h +--- 4242/target-i386/cpu.h 2008-04-23 12:18:51.000000000 +0100 ++++ qemu-omap/target-i386/cpu.h 2008-04-23 09:57:56.000000000 +0100 +@@ -499,7 +499,7 @@ + SegmentCache idt; /* only base and limit are used */ + + target_ulong cr[9]; /* NOTE: cr1, cr5-7 are unused */ +- uint64_t a20_mask; ++ uint32_t a20_mask; + + /* FPU state */ + unsigned int fpstt; /* top of stack index */ +diff -urN 4242/target-i386/helper2.c qemu-omap/target-i386/helper2.c +--- 4242/target-i386/helper2.c 2008-04-23 12:18:51.000000000 +0100 ++++ qemu-omap/target-i386/helper2.c 2008-04-23 09:57:56.000000000 +0100 +@@ -377,7 +377,7 @@ + env->hflags |= HF_GIF_MASK; + + cpu_x86_update_cr0(env, 0x60000010); +- env->a20_mask = ~0x0; ++ env->a20_mask = 0xffffffff; + env->smbase = 0x30000; + + env->idt.limit = 0xffff; +@@ -695,7 +695,7 @@ + /* when a20 is changed, all the MMU mappings are invalid, so + we must flush everything */ + tlb_flush(env, 1); +- env->a20_mask = (~0x100000) | (a20_state << 20); ++ env->a20_mask = 0xffefffff | (a20_state << 20); + } + } + +@@ -800,8 +800,7 @@ + + #else + +-/* Bits 52-62 of a PTE are reserved. Bit 63 is the NX bit. */ +-#define PHYS_ADDR_MASK 0xffffffffff000L ++#define PHYS_ADDR_MASK 0xfffff000 + + /* return value: + -1 = cannot handle fault +@@ -813,10 +812,9 @@ + int is_write1, int mmu_idx, int is_softmmu) + { + uint64_t ptep, pte; +- target_ulong pde_addr, pte_addr; ++ uint32_t pdpe_addr, pde_addr, pte_addr; + int error_code, is_dirty, prot, page_size, ret, is_write, is_user; +- target_phys_addr_t paddr; +- uint32_t page_offset; ++ unsigned long paddr, page_offset; + target_ulong vaddr, virt_addr; + + is_user = mmu_idx == MMU_USER_IDX; +@@ -836,11 +834,12 @@ + + if (env->cr[4] & CR4_PAE_MASK) { + uint64_t pde, pdpe; +- target_ulong pdpe_addr; + ++ /* XXX: we only use 32 bit physical addresses */ + #ifdef TARGET_X86_64 + if (env->hflags & HF_LMA_MASK) { +- uint64_t pml4e_addr, pml4e; ++ uint32_t pml4e_addr; ++ uint64_t pml4e; + int32_t sext; + + /* test virtual address sign extension */ +@@ -1102,19 +1101,17 @@ + + target_phys_addr_t cpu_get_phys_page_debug(CPUState *env, target_ulong addr) + { +- target_ulong pde_addr, pte_addr; +- uint64_t pte; +- target_phys_addr_t paddr; +- uint32_t page_offset; +- int page_size; ++ uint32_t pde_addr, pte_addr; ++ uint32_t pde, pte, paddr, page_offset, page_size; + + if (env->cr[4] & CR4_PAE_MASK) { +- target_ulong pdpe_addr; +- uint64_t pde, pdpe; ++ uint32_t pdpe_addr, pde_addr, pte_addr; ++ uint32_t pdpe; + ++ /* XXX: we only use 32 bit physical addresses */ + #ifdef TARGET_X86_64 + if (env->hflags & HF_LMA_MASK) { +- uint64_t pml4e_addr, pml4e; ++ uint32_t pml4e_addr, pml4e; + int32_t sext; + + /* test virtual address sign extension */ +@@ -1124,13 +1121,13 @@ + + pml4e_addr = ((env->cr[3] & ~0xfff) + (((addr >> 39) & 0x1ff) << 3)) & + env->a20_mask; +- pml4e = ldq_phys(pml4e_addr); ++ pml4e = ldl_phys(pml4e_addr); + if (!(pml4e & PG_PRESENT_MASK)) + return -1; + + pdpe_addr = ((pml4e & ~0xfff) + (((addr >> 30) & 0x1ff) << 3)) & + env->a20_mask; +- pdpe = ldq_phys(pdpe_addr); ++ pdpe = ldl_phys(pdpe_addr); + if (!(pdpe & PG_PRESENT_MASK)) + return -1; + } else +@@ -1138,14 +1135,14 @@ + { + pdpe_addr = ((env->cr[3] & ~0x1f) + ((addr >> 27) & 0x18)) & + env->a20_mask; +- pdpe = ldq_phys(pdpe_addr); ++ pdpe = ldl_phys(pdpe_addr); + if (!(pdpe & PG_PRESENT_MASK)) + return -1; + } + + pde_addr = ((pdpe & ~0xfff) + (((addr >> 21) & 0x1ff) << 3)) & + env->a20_mask; +- pde = ldq_phys(pde_addr); ++ pde = ldl_phys(pde_addr); + if (!(pde & PG_PRESENT_MASK)) { + return -1; + } +@@ -1158,11 +1155,9 @@ + pte_addr = ((pde & ~0xfff) + (((addr >> 12) & 0x1ff) << 3)) & + env->a20_mask; + page_size = 4096; +- pte = ldq_phys(pte_addr); ++ pte = ldl_phys(pte_addr); + } + } else { +- uint32_t pde; +- + if (!(env->cr[0] & CR0_PG_MASK)) { + pte = addr; + page_size = 4096; +diff -urN 4242/vl.c qemu-omap/vl.c +--- 4242/vl.c 2008-04-24 21:26:21.000000000 +0100 ++++ qemu-omap/vl.c 2008-04-23 09:57:57.000000000 +0100 +@@ -5284,6 +5284,11 @@ + dev = usb_keyboard_init(); + } else if (strstart(devname, "disk:", &p)) { + dev = usb_msd_init(p); ++ } else if (strstart(devname, "net:", &p)) { ++ unsigned int nr = strtoul(p, NULL, 0); ++ if (nr >= (unsigned int) nb_nics || strcmp(nd_table[nr].model, "usb")) ++ return -1; ++ dev = usb_net_init(&nd_table[nr]); + } else if (!strcmp(devname, "wacom-tablet")) { + dev = usb_wacom_init(); + } else if (strstart(devname, "serial:", &p)) { diff --git a/packages/qemu/qemu-0.9.1+svn/revert_arm_tcg.patch.gz b/packages/qemu/qemu-0.9.1+svn/revert_arm_tcg.patch.gz Binary files differnew file mode 100644 index 0000000000..eb2a76c167 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/revert_arm_tcg.patch.gz diff --git a/packages/qemu/qemu-0.9.1+svn/series b/packages/qemu/qemu-0.9.1+svn/series new file mode 100644 index 0000000000..fb110340c4 --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/series @@ -0,0 +1,25 @@ +05_non-fatal_if_linux_hd_missing.patch +06_exit_segfault.patch -p0 +10_signal_jobs.patch -p0 +11_signal_sigaction.patch -p0 +22_net_tuntap_stall.patch -p0 +31_syscalls.patch -p0 +32_syscall_sysctl.patch -p0 +33_syscall_ppc_clone.patch -p0 +39_syscall_fadvise64.patch -p0 +52_ne2000_return.patch +61_safe_64bit_int.patch -p0 +63_sparc_build.patch -p0 +64_ppc_asm_constraints.patch +65_kfreebsd.patch -p0 +66_tls_ld.patch -p0 +91-oh-sdl-cursor.patch -p0 +qemu-0.9.0-nptl.patch +qemu-0.9.0-nptl-update.patch +qemu-amd64-32b-mapping-0.9.0.patch +workaround_bad_futex_headers.patch -p1 +fix_segfault.patch +no-strip.patch +fix_brk.patch +fix_protection_bits.patch -p1 +qemu-n800-support.patch -p1 diff --git a/packages/qemu/qemu-0.9.1+svn/workaround_bad_futex_headers.patch b/packages/qemu/qemu-0.9.1+svn/workaround_bad_futex_headers.patch new file mode 100644 index 0000000000..cc122ebdba --- /dev/null +++ b/packages/qemu/qemu-0.9.1+svn/workaround_bad_futex_headers.patch @@ -0,0 +1,25 @@ +--- + linux-user/syscall.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +Index: qemu/linux-user/syscall.c +=================================================================== +--- qemu.orig/linux-user/syscall.c 2007-08-09 20:28:06.000000000 +0100 ++++ qemu/linux-user/syscall.c 2007-08-09 20:28:41.000000000 +0100 +@@ -61,7 +61,15 @@ + #define tchars host_tchars /* same as target */ + #define ltchars host_ltchars /* same as target */ + +-#include <linux/futex.h> ++#define FUTEX_WAIT 0 ++#define FUTEX_WAKE 1 ++#define FUTEX_FD 2 ++#define FUTEX_REQUEUE 3 ++#define FUTEX_CMP_REQUEUE 4 ++#define FUTEX_WAKE_OP 5 ++#define FUTEX_LOCK_PI 6 ++#define FUTEX_UNLOCK_PI 7 ++ + #include <linux/termios.h> + #include <linux/unistd.h> + #include <linux/utsname.h> diff --git a/packages/qemu/qemu-native_svn.bb b/packages/qemu/qemu-native_svn.bb new file mode 100644 index 0000000000..1e3a4dbbfa --- /dev/null +++ b/packages/qemu/qemu-native_svn.bb @@ -0,0 +1,2 @@ +require qemu_svn.bb +require qemu-native.inc diff --git a/packages/qemu/qemu_svn.bb b/packages/qemu/qemu_svn.bb new file mode 100644 index 0000000000..6e52a1513f --- /dev/null +++ b/packages/qemu/qemu_svn.bb @@ -0,0 +1,48 @@ +LICENSE = "GPL" +DEPENDS = "zlib" +PV = "0.9.1+svnr${SRCREV}" +PR = "r12" + +FILESPATH = "${FILE_DIRNAME}/qemu-${PV}/:${FILE_DIRNAME}/qemu-0.9.1+svn/" + +SRC_URI = "\ + svn://svn.savannah.nongnu.org/qemu;module=trunk \ + file://05_non-fatal_if_linux_hd_missing.patch;patch=1;pnum=1 \ + file://06_exit_segfault.patch;patch=1;pnum=0 \ + file://10_signal_jobs.patch;patch=1;pnum=0 \ + file://11_signal_sigaction.patch;patch=1;pnum=0 \ + file://22_net_tuntap_stall.patch;patch=1;pnum=0 \ + file://31_syscalls.patch;patch=1;pnum=0 \ + file://32_syscall_sysctl.patch;patch=1;pnum=0 \ + file://33_syscall_ppc_clone.patch;patch=1;pnum=0 \ + file://39_syscall_fadvise64.patch;patch=1;pnum=0 \ + file://41_arm_fpa_sigfpe.patch;patch=1;pnum=0;maxrev=4028 \ + file://52_ne2000_return.patch;patch=1;pnum=1 \ + file://61_safe_64bit_int.patch;patch=1;pnum=0 \ + file://63_sparc_build.patch;patch=1;pnum=0 \ + file://64_ppc_asm_constraints.patch;patch=1;pnum=1 \ + file://65_kfreebsd.patch;patch=1;pnum=0 \ + file://66_tls_ld.patch;patch=1;pnum=0 \ + file://91-oh-sdl-cursor.patch;patch=1;pnum=0 \ + file://qemu-0.9.0-nptl.patch;patch=1 \ + file://qemu-0.9.0-nptl-update.patch;patch=1;maxrev=4028 \ + file://qemu-amd64-32b-mapping-0.9.0.patch;patch=1 \ + file://workaround_bad_futex_headers.patch;patch=1 \ + file://fix_segfault.patch;patch=1 \ + file://no-strip.patch;patch=1 \ + file://fix_brk.patch;patch=1 \ + file://fix_protection_bits.patch;patch=1 \ + file://revert_arm_tcg.patch.gz;patch=1;minrev=4242 \ + file://qemu-n800-support.patch;patch=1" + +S = "${WORKDIR}/trunk" + +#EXTRA_OECONF += "--disable-sdl" +#EXTRA_OECONF += "--target-list=arm-linux-user,arm-softmmu,i386-softmmu" +EXTRA_OECONF += "--disable-gfx-check" + +inherit autotools + +do_configure() { + ${S}/configure --prefix=${prefix} ${EXTRA_OECONF} +} |