From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1IaBvg-0000Oy-Rk
	for qemu-devel@nongnu.org; Tue, 25 Sep 2007 11:02:28 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1IaBvc-0000K0-EU
	for qemu-devel@nongnu.org; Tue, 25 Sep 2007 11:02:28 -0400
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1IaBvc-0000Jq-72
	for qemu-devel@nongnu.org; Tue, 25 Sep 2007 11:02:24 -0400
Received: from mx2.suse.de ([195.135.220.15])
	by monty-python.gnu.org with esmtps
	(TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60)
	(envelope-from <agraf@suse.de>) id 1IaBvb-0007b5-Fu
	for qemu-devel@nongnu.org; Tue, 25 Sep 2007 11:02:23 -0400
Received: from Relay2.suse.de (mail2.suse.de [195.135.221.8])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx2.suse.de (Postfix) with ESMTP id 9C43F22DE6
	for <qemu-devel@nongnu.org>; Tue, 25 Sep 2007 17:02:20 +0200 (CEST)
Message-ID: <46F92376.3060706@suse.de>
Date: Tue, 25 Sep 2007 17:04:22 +0200
From: Alexander Graf <agraf@suse.de>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="------------000502080900080300050709"
Subject: [Qemu-devel] [PATCH] SVM VINTR fix
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

This is a multi-part message in MIME format.
--------------000502080900080300050709
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Hi,

in the recently introduced svm patch I misread the documentation and so
a bug came to get included in there. This patch should fix the virtual
interrupt handling completely and thus makes gfxboot work in the
virtualized machine.

Please apply this.

Thanks,

Alex

--------------000502080900080300050709
Content-Type: text/x-patch;
 name="svm_vintr.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="svm_vintr.patch"

Index: qemu/cpu-exec.c
===================================================================
--- qemu.orig/cpu-exec.c
+++ qemu/cpu-exec.c
@@ -408,7 +408,7 @@ int cpu_exec(CPUState *env1)
                         !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
                         int intno;
                         svm_check_intercept(SVM_EXIT_INTR);
-                        env->interrupt_request &= ~CPU_INTERRUPT_HARD;
+                        env->interrupt_request &= ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_VIRQ);
                         intno = cpu_get_pic_interrupt(env);
                         if (loglevel & CPU_LOG_TB_IN_ASM) {
                             fprintf(logfile, "Servicing hardware INT=0x%02x\n", intno);
@@ -427,12 +427,13 @@ int cpu_exec(CPUState *env1)
                          int intno;
                          /* FIXME: this should respect TPR */
                          env->interrupt_request &= ~CPU_INTERRUPT_VIRQ;
-                         stl_phys(env->vm_vmcb + offsetof(struct vmcb, control.int_ctl),
-                                  ldl_phys(env->vm_vmcb + offsetof(struct vmcb, control.int_ctl)) & ~V_IRQ_MASK);
+                         svm_check_intercept(SVM_EXIT_VINTR);
                          intno = ldl_phys(env->vm_vmcb + offsetof(struct vmcb, control.int_vector));
                          if (loglevel & CPU_LOG_TB_IN_ASM)
                              fprintf(logfile, "Servicing virtual hardware INT=0x%02x\n", intno);
 	                 do_interrupt(intno, 0, 0, -1, 1);
+                         stl_phys(env->vm_vmcb + offsetof(struct vmcb, control.int_ctl),
+                                  ldl_phys(env->vm_vmcb + offsetof(struct vmcb, control.int_ctl)) & ~V_IRQ_MASK);
 #if defined(__sparc__) && !defined(HOST_SOLARIS)
                          tmp_T0 = 0;
 #else
Index: qemu/target-i386/helper.c
===================================================================
--- qemu.orig/target-i386/helper.c
+++ qemu/target-i386/helper.c
@@ -4120,8 +4122,9 @@ void helper_vmrun(target_ulong addr)
         if (loglevel & CPU_LOG_TB_IN_ASM)
             fprintf(logfile, " %#x %#x\n", env->exception_index, env->error_code);
     }
-    if (int_ctl & V_IRQ_MASK)
+    if ((int_ctl & V_IRQ_MASK) || (env->intercept & INTERCEPT_VINTR)) {
         env->interrupt_request |= CPU_INTERRUPT_VIRQ;
+    }
 
     cpu_loop_exit();
 }
@@ -4283,6 +4291,13 @@ void vmexit(uint64_t exit_code, uint64_t
                 ldq_phys(env->vm_vmcb + offsetof(struct vmcb, control.exit_info_2)),
                 EIP);
 
+    if(env->hflags & HF_INHIBIT_IRQ_MASK) {
+        stl_phys(env->vm_vmcb + offsetof(struct vmcb, control.int_state), SVM_INTERRUPT_SHADOW_MASK);
+        env->hflags &= ~HF_INHIBIT_IRQ_MASK;
+    } else {
+        stl_phys(env->vm_vmcb + offsetof(struct vmcb, control.int_state), 0);
+    }
+
     /* Save the VM state in the vmcb */
     SVM_SAVE_SEG(env->vm_vmcb, segs[R_ES], es);
     SVM_SAVE_SEG(env->vm_vmcb, segs[R_CS], cs);
Index: qemu/target-i386/translate.c
===================================================================
--- qemu.orig/target-i386/translate.c
+++ qemu/target-i386/translate.c
@@ -5551,8 +5551,6 @@ static target_ulong disas_insn(DisasCont
                     gen_op_set_inhibit_irq();
                 /* give a chance to handle pending irqs */
                 gen_jmp_im(s->pc - s->cs_base);
-                if (gen_svm_check_intercept(s, pc_start, SVM_EXIT_VINTR))
-                    break;
                 gen_eob(s);
             } else {
                 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);

--------------000502080900080300050709--