direct-io.hg

changeset 15008:623a07dda15c

[qemu patches] Update patches upto changeset 14986:1ddaf2650633.

Signed-off-by: Christian Limpach <Christian.Limpach@xensource.com>
author Christian Limpach <Christian.Limpach@xensource.com>
date Thu May 03 15:39:45 2007 +0100 (2007-05-03)
parents c857bf38f015
children 3a5722420de7
files tools/ioemu/patches/acpi-poweroff-support tools/ioemu/patches/acpi-support tools/ioemu/patches/acpi-timer-support tools/ioemu/patches/domain-destroy tools/ioemu/patches/domain-reset tools/ioemu/patches/domain-timeoffset tools/ioemu/patches/hypervisor-pit tools/ioemu/patches/ide-cd-dma tools/ioemu/patches/ide-error-reporting tools/ioemu/patches/ide-hd-multithread tools/ioemu/patches/ioemu-buffer-pio-ia64 tools/ioemu/patches/ioemu-ia64 tools/ioemu/patches/ioemu-save-restore tools/ioemu/patches/ioemu-save-restore-acpi tools/ioemu/patches/ioemu-save-restore-ide tools/ioemu/patches/ioemu-save-restore-logdirty tools/ioemu/patches/ioemu-save-restore-ne2000 tools/ioemu/patches/ioemu-save-restore-pcnet tools/ioemu/patches/ioemu-save-restore-rtl8139 tools/ioemu/patches/ioemu-save-restore-timer tools/ioemu/patches/ioemu-save-restore-usb tools/ioemu/patches/nodelay-serial-over-tcp tools/ioemu/patches/qemu-64bit tools/ioemu/patches/qemu-block-device-bounds-checks tools/ioemu/patches/qemu-bootorder tools/ioemu/patches/qemu-cirrus-bounds-checks tools/ioemu/patches/qemu-cleanup tools/ioemu/patches/qemu-daemonize tools/ioemu/patches/qemu-dm tools/ioemu/patches/qemu-dma-null-pointer-check tools/ioemu/patches/qemu-logging tools/ioemu/patches/qemu-pci tools/ioemu/patches/qemu-pci-vendor-ids tools/ioemu/patches/qemu-serial-fixes tools/ioemu/patches/qemu-smp tools/ioemu/patches/qemu-target-i386-dm tools/ioemu/patches/qemu-timer tools/ioemu/patches/qemu-tunable-ide-write-cache tools/ioemu/patches/scsi tools/ioemu/patches/serial-non-block tools/ioemu/patches/series tools/ioemu/patches/shadow-vram tools/ioemu/patches/shared-vram tools/ioemu/patches/support-xm-console tools/ioemu/patches/tpm-tis-device tools/ioemu/patches/usb-mouse-tablet-status-check tools/ioemu/patches/vnc-altgr-keysym tools/ioemu/patches/vnc-backoff-screen-scan tools/ioemu/patches/vnc-cleanup tools/ioemu/patches/vnc-display-find-unused tools/ioemu/patches/vnc-fix-signedness tools/ioemu/patches/vnc-fix-version-check tools/ioemu/patches/vnc-fixes tools/ioemu/patches/vnc-listen-specific-interface tools/ioemu/patches/vnc-password tools/ioemu/patches/vnc-start-vncviewer tools/ioemu/patches/xen-build tools/ioemu/patches/xen-domain-name tools/ioemu/patches/xen-domid tools/ioemu/patches/xen-mapcache tools/ioemu/patches/xen-mm tools/ioemu/patches/xen-network tools/ioemu/patches/xen-platform-device tools/ioemu/patches/xen-support-buffered-ioreqs tools/ioemu/patches/xenstore tools/ioemu/patches/xenstore-block-device-config tools/ioemu/patches/xenstore-device-info-functions tools/ioemu/patches/xenstore-write-vnc-port
line diff
     1.1 --- a/tools/ioemu/patches/acpi-poweroff-support	Thu May 03 11:22:58 2007 +0100
     1.2 +++ b/tools/ioemu/patches/acpi-poweroff-support	Thu May 03 15:39:45 2007 +0100
     1.3 @@ -1,7 +1,7 @@
     1.4  Index: ioemu/hw/piix4acpi.c
     1.5  ===================================================================
     1.6 ---- ioemu.orig/hw/piix4acpi.c	2006-08-17 19:50:05.060576667 +0100
     1.7 -+++ ioemu/hw/piix4acpi.c	2006-08-17 19:50:07.563300039 +0100
     1.8 +--- ioemu.orig/hw/piix4acpi.c	2007-05-02 15:59:27.000000000 +0100
     1.9 ++++ ioemu/hw/piix4acpi.c	2007-05-02 16:02:29.000000000 +0100
    1.10  @@ -45,6 +45,10 @@
    1.11   #define GBL_RLS           (1 << 2)
    1.12   #define SLP_EN            (1 << 13)
    1.13 @@ -13,23 +13,22 @@ Index: ioemu/hw/piix4acpi.c
    1.14   typedef struct AcpiDeviceState AcpiDeviceState;
    1.15   AcpiDeviceState *acpi_device_table;
    1.16   
    1.17 -@@ -190,7 +194,14 @@
    1.18 -     s->pm1_control = (val<<8)||(s->pm1_control);
    1.19 +@@ -81,7 +85,13 @@
    1.20 +     s->pm1_control = (s->pm1_control & 0xff) | (val << 8);
    1.21   /*    printf("acpiPm1ControlP1_writeb \n addr %x val:%x\n", addr, val); */
    1.22   
    1.23  -} 
    1.24  +    // Check for power off request
    1.25 -+
    1.26 ++    val <<= 8;
    1.27  +    if (((val & SLP_EN) != 0) &&
    1.28  +        ((val & SLP_TYP_MASK) == SLP_VAL)) {
    1.29 -+        s->pm1_timer=0x0; //clear ACPI timer
    1.30  +        qemu_system_shutdown_request();
    1.31  +    }
    1.32  +}
    1.33   
    1.34   static uint32_t acpiPm1ControlP1_readb(void *opaque, uint32_t addr)
    1.35   {
    1.36 -@@ -257,7 +268,14 @@
    1.37 +@@ -105,7 +115,14 @@
    1.38       s->pm1_control = val;
    1.39   /*    printf("acpiPm1Control_writew \n addr %x val:%x\n", addr, val); */
    1.40   
     2.1 --- a/tools/ioemu/patches/acpi-support	Thu May 03 11:22:58 2007 +0100
     2.2 +++ b/tools/ioemu/patches/acpi-support	Thu May 03 15:39:45 2007 +0100
     2.3 @@ -1,7 +1,7 @@
     2.4  Index: ioemu/Makefile.target
     2.5  ===================================================================
     2.6 ---- ioemu.orig/Makefile.target	2006-12-08 02:00:40.000000000 +0000
     2.7 -+++ ioemu/Makefile.target	2006-12-08 02:00:40.000000000 +0000
     2.8 +--- ioemu.orig/Makefile.target	2007-05-03 15:06:42.000000000 +0100
     2.9 ++++ ioemu/Makefile.target	2007-05-03 15:07:21.000000000 +0100
    2.10  @@ -358,6 +358,7 @@
    2.11   VL_OBJS+= fdc.o mc146818rtc.o serial.o pc.o
    2.12   VL_OBJS+= cirrus_vga.o mixeng.o parallel.o acpi.o piix_pci.o
    2.13 @@ -12,11 +12,11 @@ Index: ioemu/Makefile.target
    2.14   ifeq ($(TARGET_BASE_ARCH), ppc)
    2.15  Index: ioemu/hw/pc.c
    2.16  ===================================================================
    2.17 ---- ioemu.orig/hw/pc.c	2006-12-08 02:00:40.000000000 +0000
    2.18 -+++ ioemu/hw/pc.c	2006-12-08 02:00:40.000000000 +0000
    2.19 -@@ -874,13 +874,19 @@
    2.20 +--- ioemu.orig/hw/pc.c	2007-05-03 15:06:42.000000000 +0100
    2.21 ++++ ioemu/hw/pc.c	2007-05-03 15:07:21.000000000 +0100
    2.22 +@@ -873,13 +873,19 @@
    2.23   
    2.24 -     cmos_init(ram_size, boot_device, bs_table, timeoffset);
    2.25 +     cmos_init(ram_size, boot_device, bs_table);
    2.26   
    2.27  +    /* using PIIX4 acpi model */
    2.28  +    if (pci_enabled && acpi_enabled)
    2.29 @@ -35,7 +35,7 @@ Index: ioemu/hw/pc.c
    2.30   
    2.31   #if 0
    2.32       /* ??? Need to figure out some way for the user to
    2.33 -@@ -903,8 +909,10 @@
    2.34 +@@ -902,8 +908,10 @@
    2.35       /* XXX: should be done in the Bochs BIOS */
    2.36       if (pci_enabled) {
    2.37           pci_bios_init();
    2.38 @@ -49,8 +49,8 @@ Index: ioemu/hw/pc.c
    2.39  Index: ioemu/hw/piix4acpi.c
    2.40  ===================================================================
    2.41  --- /dev/null	1970-01-01 00:00:00.000000000 +0000
    2.42 -+++ ioemu/hw/piix4acpi.c	2006-12-08 02:00:40.000000000 +0000
    2.43 -@@ -0,0 +1,396 @@
    2.44 ++++ ioemu/hw/piix4acpi.c	2007-05-03 15:07:31.000000000 +0100
    2.45 +@@ -0,0 +1,186 @@
    2.46  +/*
    2.47  + * PIIX4 ACPI controller emulation
    2.48  + *
    2.49 @@ -101,23 +101,11 @@ Index: ioemu/hw/piix4acpi.c
    2.50  +typedef struct AcpiDeviceState AcpiDeviceState;
    2.51  +AcpiDeviceState *acpi_device_table;
    2.52  +
    2.53 -+/* Bits of PM1a register define here  */
    2.54 -+typedef struct PM1Event_BLK {
    2.55 -+    uint16_t pm1_status; /* pm1a_EVT_BLK */
    2.56 -+    uint16_t pm1_enable; /* pm1a_EVT_BLK+2 */
    2.57 -+}PM1Event_BLK;
    2.58 -+
    2.59  +typedef struct PCIAcpiState {
    2.60  +    PCIDevice dev;
    2.61 -+    uint16_t irq;
    2.62 -+    uint16_t pm1_status; /* pm1a_EVT_BLK */
    2.63 -+    uint16_t pm1_enable; /* pm1a_EVT_BLK+2 */
    2.64  +    uint16_t pm1_control; /* pm1a_ECNT_BLK */
    2.65 -+    uint32_t pm1_timer; /* pmtmr_BLK */
    2.66  +} PCIAcpiState;
    2.67  +
    2.68 -+static PCIAcpiState *acpi_state;
    2.69 -+
    2.70  +static inline void acpi_set_irq(PCIAcpiState *s)
    2.71  +{
    2.72  +/* no real SCI event need for now, so comment the following line out */
    2.73 @@ -125,108 +113,11 @@ Index: ioemu/hw/piix4acpi.c
    2.74  +    printf("acpi_set_irq: s->irq %x \n",s->irq);
    2.75  +}
    2.76  +
    2.77 -+static void acpi_reset(PCIAcpiState *s)
    2.78 -+{
    2.79 -+    uint8_t *pci_conf;
    2.80 -+    pci_conf = s->dev.config;
    2.81 -+
    2.82 -+    pci_conf[0x42] = 0x00;
    2.83 -+    pci_conf[0x43] = 0x00;
    2.84 -+    s->irq = 9;
    2.85 -+    s->pm1_status = 0;
    2.86 -+    s->pm1_enable = 0x00;    /* TMROF_EN should cleared */
    2.87 -+    s->pm1_control = SCI_EN; /* SCI_EN */
    2.88 -+    s->pm1_timer = 0;
    2.89 -+}
    2.90 -+
    2.91 -+/*byte access  */
    2.92 -+static void acpiPm1Status_writeb(void *opaque, uint32_t addr, uint32_t val)
    2.93 -+{
    2.94 -+    PCIAcpiState *s = opaque;
    2.95 -+
    2.96 -+    if ((val&TMROF_STS)==TMROF_STS)
    2.97 -+        s->pm1_status = s->pm1_status&!TMROF_STS;
    2.98 -+
    2.99 -+    if ((val&GBL_STS)==GBL_STS)
   2.100 -+        s->pm1_status = s->pm1_status&!GBL_STS;     
   2.101 -+    
   2.102 -+/*     printf("acpiPm1Status_writeb \n addr %x val:%x pm1_status:%x \n", addr, val,s->pm1_status); */
   2.103 -+}
   2.104 -+
   2.105 -+static uint32_t acpiPm1Status_readb(void *opaque, uint32_t addr)
   2.106 -+{
   2.107 -+    PCIAcpiState *s = opaque;
   2.108 -+    uint32_t val;
   2.109 -+
   2.110 -+    val = s->pm1_status;
   2.111 -+/*         printf("acpiPm1Status_readb \n addr %x val:%x\n", addr, val); */
   2.112 -+
   2.113 -+   return val;
   2.114 -+}
   2.115 -+
   2.116 -+static void acpiPm1StatusP1_writeb(void *opaque, uint32_t addr, uint32_t val)
   2.117 -+{
   2.118 -+    PCIAcpiState *s = opaque;
   2.119 -+
   2.120 -+     s->pm1_status = (val<<8)||(s->pm1_status);
   2.121 -+/*     printf("acpiPm1StatusP1_writeb \n addr %x val:%x\n", addr, val); */
   2.122 -+}
   2.123 -+
   2.124 -+static uint32_t acpiPm1StatusP1_readb(void *opaque, uint32_t addr)
   2.125 -+{
   2.126 -+    PCIAcpiState *s = opaque;
   2.127 -+    uint32_t val;
   2.128 -+
   2.129 -+    val = (s->pm1_status)>>8;
   2.130 -+    printf("acpiPm1StatusP1_readb \n addr %x val:%x\n", addr, val);
   2.131 -+
   2.132 -+    return val;
   2.133 -+}
   2.134 -+
   2.135 -+static void acpiPm1Enable_writeb(void *opaque, uint32_t addr, uint32_t val)
   2.136 -+{
   2.137 -+    PCIAcpiState *s = opaque;
   2.138 -+
   2.139 -+    s->pm1_enable = val;
   2.140 -+/*   printf("acpiPm1Enable_writeb \n addr %x val:%x\n", addr, val); */
   2.141 -+}
   2.142 -+
   2.143 -+static uint32_t acpiPm1Enable_readb(void *opaque, uint32_t addr)
   2.144 -+{
   2.145 -+    PCIAcpiState *s = opaque;
   2.146 -+    uint32_t val;
   2.147 -+
   2.148 -+    val = (s->pm1_enable)||0x1;
   2.149 -+/*  printf("acpiPm1Enable_readb \n addr %x val:%x\n", addr, val); */
   2.150 -+
   2.151 -+    return val;
   2.152 -+}
   2.153 -+
   2.154 -+static void acpiPm1EnableP1_writeb(void *opaque, uint32_t addr, uint32_t val)
   2.155 -+{
   2.156 -+    PCIAcpiState *s = opaque;
   2.157 -+
   2.158 -+    s->pm1_enable = (val<<8)||(s->pm1_enable);
   2.159 -+/*    printf("acpiPm1EnableP1_writeb \n addr %x val:%x\n", addr, val); */
   2.160 -+
   2.161 -+}
   2.162 -+
   2.163 -+static uint32_t acpiPm1EnableP1_readb(void *opaque, uint32_t addr)
   2.164 -+{
   2.165 -+    PCIAcpiState *s = opaque;
   2.166 -+    uint32_t val;
   2.167 -+
   2.168 -+    val = (s->pm1_enable)>>8;
   2.169 -+/*  printf("acpiPm1EnableP1_readb \n addr %x val:%x\n", addr, val); */
   2.170 -+
   2.171 -+    return val;
   2.172 -+}
   2.173 -+
   2.174  +static void acpiPm1Control_writeb(void *opaque, uint32_t addr, uint32_t val)
   2.175  +{
   2.176  +    PCIAcpiState *s = opaque;
   2.177  +
   2.178 -+    s->pm1_control = val;
   2.179 ++    s->pm1_control = (s->pm1_control & 0xff00) | (val & 0xff);
   2.180  +/*  printf("acpiPm1Control_writeb \n addr %x val:%x\n", addr, val); */
   2.181  +
   2.182  +}
   2.183 @@ -236,7 +127,8 @@ Index: ioemu/hw/piix4acpi.c
   2.184  +    PCIAcpiState *s = opaque;
   2.185  +    uint32_t val;
   2.186  +
   2.187 -+    val = s->pm1_control;
   2.188 ++    /* Mask out the write-only bits */
   2.189 ++    val = s->pm1_control & ~(GBL_RLS|SLP_EN) & 0xff;
   2.190  +/*    printf("acpiPm1Control_readb \n addr %x val:%x\n", addr, val); */
   2.191  +
   2.192  +    return val;
   2.193 @@ -246,7 +138,7 @@ Index: ioemu/hw/piix4acpi.c
   2.194  +{
   2.195  +    PCIAcpiState *s = opaque;
   2.196  +
   2.197 -+    s->pm1_control = (val<<8)||(s->pm1_control);
   2.198 ++    s->pm1_control = (s->pm1_control & 0xff) | (val << 8);
   2.199  +/*    printf("acpiPm1ControlP1_writeb \n addr %x val:%x\n", addr, val); */
   2.200  +
   2.201  +} 
   2.202 @@ -256,7 +148,8 @@ Index: ioemu/hw/piix4acpi.c
   2.203  +    PCIAcpiState *s = opaque;
   2.204  +    uint32_t val;
   2.205  +
   2.206 -+    val = (s->pm1_control)>>8;
   2.207 ++    /* Mask out the write-only bits */
   2.208 ++    val = (s->pm1_control & ~(GBL_RLS|SLP_EN)) >> 8;
   2.209  +/*    printf("acpiPm1ControlP1_readb \n addr %x val:%x\n", addr, val); */
   2.210  +
   2.211  +    return val;
   2.212 @@ -265,50 +158,6 @@ Index: ioemu/hw/piix4acpi.c
   2.213  +
   2.214  +/* word access   */
   2.215  +
   2.216 -+static void acpiPm1Status_writew(void *opaque, uint32_t addr, uint32_t val)
   2.217 -+{
   2.218 -+    PCIAcpiState *s = opaque;
   2.219 -+
   2.220 -+    if ((val&TMROF_STS)==TMROF_STS)
   2.221 -+        s->pm1_status = s->pm1_status&!TMROF_STS;
   2.222 -+
   2.223 -+    if ((val&GBL_STS)==GBL_STS)
   2.224 -+        s->pm1_status = s->pm1_status&!GBL_STS;     
   2.225 -+
   2.226 -+/*    printf("acpiPm1Status_writew \n addr %x val:%x pm1_status:%x \n", addr, val,s->pm1_status); */
   2.227 -+}
   2.228 -+
   2.229 -+static uint32_t acpiPm1Status_readw(void *opaque, uint32_t addr)
   2.230 -+{
   2.231 -+    PCIAcpiState *s = opaque;
   2.232 -+    uint32_t val;
   2.233 -+
   2.234 -+    val = s->pm1_status;
   2.235 -+/*    printf("acpiPm1Status_readw \n addr %x val:%x\n", addr, val); */
   2.236 -+
   2.237 -+    return val;
   2.238 -+}
   2.239 -+
   2.240 -+static void acpiPm1Enable_writew(void *opaque, uint32_t addr, uint32_t val)
   2.241 -+{
   2.242 -+    PCIAcpiState *s = opaque;
   2.243 -+
   2.244 -+    s->pm1_enable = val;
   2.245 -+/*    printf("acpiPm1Enable_writew \n addr %x val:%x\n", addr, val); */
   2.246 -+
   2.247 -+}
   2.248 -+
   2.249 -+static uint32_t acpiPm1Enable_readw(void *opaque, uint32_t addr)
   2.250 -+{
   2.251 -+    PCIAcpiState *s = opaque;
   2.252 -+    uint32_t val;
   2.253 -+
   2.254 -+    val = s->pm1_enable;
   2.255 -+/*    printf("acpiPm1Enable_readw \n addr %x val:%x\n", addr, val); */
   2.256 -+
   2.257 -+   return val;
   2.258 -+}
   2.259 -+
   2.260  +static void acpiPm1Control_writew(void *opaque, uint32_t addr, uint32_t val)
   2.261  +{
   2.262  +    PCIAcpiState *s = opaque;
   2.263 @@ -323,50 +172,13 @@ Index: ioemu/hw/piix4acpi.c
   2.264  +    PCIAcpiState *s = opaque;
   2.265  +    uint32_t val;
   2.266  +
   2.267 -+    val = s->pm1_control;
   2.268 ++    /* Mask out the write-only bits */
   2.269 ++    val = s->pm1_control & ~(GBL_RLS|SLP_EN);
   2.270  +/*    printf("acpiPm1Control_readw \n addr %x val:%x\n", addr, val);  */
   2.271  +
   2.272  +    return val;
   2.273  +}
   2.274  +
   2.275 -+/* dword access */
   2.276 -+
   2.277 -+static void acpiPm1Event_writel(void *opaque, uint32_t addr, uint32_t val)
   2.278 -+{
   2.279 -+    PCIAcpiState *s = opaque;
   2.280 -+
   2.281 -+    s->pm1_status = val;
   2.282 -+    s->pm1_enable = val>>16;
   2.283 -+/*     printf("acpiPm1Event_writel \n addr %x val:%x \n", addr, val); */
   2.284 -+
   2.285 -+}
   2.286 -+
   2.287 -+static void acpiPm1Event_readl(void *opaque, uint32_t addr)
   2.288 -+{
   2.289 -+    PCIAcpiState *s = opaque;
   2.290 -+    uint32_t val;
   2.291 -+
   2.292 -+    val=s->pm1_status|(s->pm1_enable<<16);
   2.293 -+/*    printf("acpiPm1Event_readl \n addr %x val:%x\n", addr, val);    */
   2.294 -+}
   2.295 -+
   2.296 -+static void acpiPm1Timer_writel(void *opaque, uint32_t addr, uint32_t val)
   2.297 -+{
   2.298 -+    PCIAcpiState *s = opaque;
   2.299 -+
   2.300 -+    s->pm1_timer = val;
   2.301 -+/*    printf("acpiPm1Timer_writel \n addr %x val:%x\n", addr, val); */
   2.302 -+}
   2.303 -+
   2.304 -+static uint32_t acpiPm1Timer_readl(void *opaque, uint32_t addr)
   2.305 -+{
   2.306 -+    PCIAcpiState *s = opaque;
   2.307 -+    uint32_t val;
   2.308 -+
   2.309 -+    val = s->pm1_timer;
   2.310 -+/*    printf("acpiPm1Timer_readl \n addr %x val:%x\n", addr, val); */
   2.311 -+    return val;
   2.312 -+}
   2.313  +
   2.314  +static void acpi_map(PCIDevice *pci_dev, int region_num,
   2.315  +                    uint32_t addr, uint32_t size, int type)
   2.316 @@ -376,39 +188,15 @@ Index: ioemu/hw/piix4acpi.c
   2.317  +    printf("register acpi io \n");
   2.318  +
   2.319  +    /* Byte access */
   2.320 -+    register_ioport_write(addr, 1, 1, acpiPm1Status_writeb, d);
   2.321 -+    register_ioport_read(addr, 1, 1, acpiPm1Status_readb, d);
   2.322 -+    register_ioport_write(addr+1, 1, 1, acpiPm1StatusP1_writeb, d);
   2.323 -+    register_ioport_read(addr+1, 1, 1, acpiPm1StatusP1_readb, d);
   2.324 -+
   2.325 -+    register_ioport_write(addr + 2, 1, 1, acpiPm1Enable_writeb, d);
   2.326 -+    register_ioport_read(addr + 2, 1, 1, acpiPm1Enable_readb, d);
   2.327 -+    register_ioport_write(addr + 2 +1, 1, 1, acpiPm1EnableP1_writeb, d);
   2.328 -+    register_ioport_read(addr + 2 +1, 1, 1, acpiPm1EnableP1_readb, d);
   2.329 -+
   2.330  +    register_ioport_write(addr + 4, 1, 1, acpiPm1Control_writeb, d);
   2.331  +    register_ioport_read(addr + 4, 1, 1, acpiPm1Control_readb, d);
   2.332  +    register_ioport_write(addr + 4 + 1, 1, 1, acpiPm1ControlP1_writeb, d);
   2.333 -+    register_ioport_read(addr + 4 +1, 1, 1, acpiPm1ControlP1_readb, d);	
   2.334 ++    register_ioport_read(addr + 4 +1, 1, 1, acpiPm1ControlP1_readb, d);
   2.335  +
   2.336  +    /* Word access */
   2.337 -+    register_ioport_write(addr, 2, 2, acpiPm1Status_writew, d);
   2.338 -+    register_ioport_read(addr, 2, 2, acpiPm1Status_readw, d);
   2.339 -+
   2.340 -+    register_ioport_write(addr + 2, 2, 2, acpiPm1Enable_writew, d);
   2.341 -+    register_ioport_read(addr + 2, 2, 2, acpiPm1Enable_readw, d); 
   2.342 -+
   2.343  +    register_ioport_write(addr + 4, 2, 2, acpiPm1Control_writew, d);
   2.344  +    register_ioport_read(addr + 4, 2, 2, acpiPm1Control_readw, d);
   2.345 -+
   2.346 -+    /* DWord access */
   2.347 -+    register_ioport_write(addr, 4, 4, acpiPm1Event_writel, d);
   2.348 -+    register_ioport_read(addr, 4, 4, acpiPm1Event_readl, d);
   2.349 -+		
   2.350 -+    register_ioport_write(addr + 8, 4, 4, acpiPm1Timer_writel, d);
   2.351 -+    register_ioport_read(addr + 8, 4, 4, acpiPm1Timer_readl, d);
   2.352  +}
   2.353 -+													
   2.354  +
   2.355  +/* PIIX4 acpi pci configuration space, func 2 */
   2.356  +void pci_piix4_acpi_init(PCIBus *bus, int devfn)
   2.357 @@ -421,7 +209,6 @@ Index: ioemu/hw/piix4acpi.c
   2.358  +        bus, "PIIX4 ACPI", sizeof(PCIAcpiState),
   2.359  +        devfn, NULL, NULL);
   2.360  +
   2.361 -+    acpi_state = d;
   2.362  +    pci_conf = d->dev.config;
   2.363  +    pci_conf[0x00] = 0x86;  /* Intel */
   2.364  +    pci_conf[0x01] = 0x80;
   2.365 @@ -444,14 +231,17 @@ Index: ioemu/hw/piix4acpi.c
   2.366  +     */
   2.367  +    pci_conf[0x40] = 0x41; /* Special device-specific BAR at 0x40 */
   2.368  +    pci_conf[0x41] = 0x1f;
   2.369 ++    pci_conf[0x42] = 0x00;
   2.370 ++    pci_conf[0x43] = 0x00;
   2.371 ++    d->pm1_control = SCI_EN;
   2.372 ++
   2.373  +    acpi_map(d, 0, 0x1f40, 0x10, PCI_ADDRESS_SPACE_IO);
   2.374 -+    acpi_reset(d);
   2.375  +}
   2.376  Index: ioemu/vl.c
   2.377  ===================================================================
   2.378 ---- ioemu.orig/vl.c	2006-12-08 02:00:40.000000000 +0000
   2.379 -+++ ioemu/vl.c	2006-12-08 02:00:40.000000000 +0000
   2.380 -@@ -156,7 +156,7 @@
   2.381 +--- ioemu.orig/vl.c	2007-05-03 15:06:42.000000000 +0100
   2.382 ++++ ioemu/vl.c	2007-05-03 15:07:21.000000000 +0100
   2.383 +@@ -157,7 +157,7 @@
   2.384   #else
   2.385   #define MAX_CPUS 1
   2.386   #endif
   2.387 @@ -460,33 +250,33 @@ Index: ioemu/vl.c
   2.388   int fd_bootchk = 1;
   2.389   
   2.390   extern int vcpus;
   2.391 -@@ -5341,6 +5341,7 @@
   2.392 +@@ -5415,6 +5415,7 @@
   2.393 + #endif
   2.394              "-loadvm file    start right away with a saved state (loadvm in monitor)\n"
   2.395   	   "-vnc display    start a VNC server on display\n"
   2.396 -            "-timeoffset     time offset (in seconds) from local time\n"
   2.397  +           "-acpi           disable or enable ACPI of HVM domain \n"
   2.398              "\n"
   2.399              "During emulation, the following keys are useful:\n"
   2.400              "ctrl-alt-f      toggle full screen\n"
   2.401 -@@ -5426,6 +5427,7 @@
   2.402 +@@ -5499,6 +5500,7 @@
   2.403 + 
   2.404       QEMU_OPTION_d,
   2.405       QEMU_OPTION_vcpus,
   2.406 -     QEMU_OPTION_timeoffset,
   2.407  +    QEMU_OPTION_acpi,
   2.408   };
   2.409   
   2.410   typedef struct QEMUOption {
   2.411 -@@ -5509,6 +5511,7 @@
   2.412 +@@ -5581,6 +5583,7 @@
   2.413 +     
   2.414       { "d", HAS_ARG, QEMU_OPTION_d },
   2.415       { "vcpus", 1, QEMU_OPTION_vcpus },
   2.416 -     { "timeoffset", HAS_ARG, QEMU_OPTION_timeoffset },
   2.417  +    { "acpi", 0, QEMU_OPTION_acpi },
   2.418       { NULL },
   2.419   };
   2.420   
   2.421 -@@ -6240,6 +6243,9 @@
   2.422 -             case QEMU_OPTION_timeoffset:
   2.423 -                 timeoffset = strtol(optarg, NULL, 0);
   2.424 +@@ -6322,6 +6325,9 @@
   2.425 +                 vcpus = atoi(optarg);
   2.426 +                 fprintf(logfile, "qemu: the number of cpus is %d\n", vcpus);
   2.427                   break;
   2.428  +            case QEMU_OPTION_acpi:
   2.429  +                acpi_enabled = 1;
   2.430 @@ -496,8 +286,8 @@ Index: ioemu/vl.c
   2.431       }
   2.432  Index: ioemu/vl.h
   2.433  ===================================================================
   2.434 ---- ioemu.orig/vl.h	2006-12-08 02:00:40.000000000 +0000
   2.435 -+++ ioemu/vl.h	2006-12-08 02:00:40.000000000 +0000
   2.436 +--- ioemu.orig/vl.h	2007-05-03 15:06:42.000000000 +0100
   2.437 ++++ ioemu/vl.h	2007-05-03 15:07:21.000000000 +0100
   2.438  @@ -168,6 +168,7 @@
   2.439   extern int kqemu_allowed;
   2.440   extern int win2k_install_hack;
   2.441 @@ -506,7 +296,7 @@ Index: ioemu/vl.h
   2.442   extern int smp_cpus;
   2.443   
   2.444   /* XXX: make it dynamic */
   2.445 -@@ -923,6 +924,9 @@
   2.446 +@@ -924,6 +925,9 @@
   2.447   void piix4_pm_init(PCIBus *bus, int devfn);
   2.448   void acpi_bios_init(void);
   2.449   
   2.450 @@ -518,8 +308,8 @@ Index: ioemu/vl.h
   2.451   extern QEMUMachine isapc_machine;
   2.452  Index: ioemu/hw/piix_pci.c
   2.453  ===================================================================
   2.454 ---- ioemu.orig/hw/piix_pci.c	2006-12-08 02:00:39.000000000 +0000
   2.455 -+++ ioemu/hw/piix_pci.c	2006-12-08 02:00:40.000000000 +0000
   2.456 +--- ioemu.orig/hw/piix_pci.c	2007-05-03 15:06:42.000000000 +0100
   2.457 ++++ ioemu/hw/piix_pci.c	2007-05-03 15:07:13.000000000 +0100
   2.458  @@ -241,7 +241,7 @@
   2.459   static uint32_t pci_bios_io_addr;
   2.460   static uint32_t pci_bios_mem_addr;
     3.1 --- a/tools/ioemu/patches/acpi-timer-support	Thu May 03 11:22:58 2007 +0100
     3.2 +++ b/tools/ioemu/patches/acpi-timer-support	Thu May 03 15:39:45 2007 +0100
     3.3 @@ -1,8 +1,8 @@
     3.4  Index: ioemu/hw/piix4acpi.c
     3.5  ===================================================================
     3.6 ---- ioemu.orig/hw/piix4acpi.c	2006-12-08 01:35:52.000000000 +0000
     3.7 -+++ ioemu/hw/piix4acpi.c	2006-12-08 01:35:59.000000000 +0000
     3.8 -@@ -24,31 +24,30 @@
     3.9 +--- ioemu.orig/hw/piix4acpi.c	2007-05-02 15:59:22.000000000 +0100
    3.10 ++++ ioemu/hw/piix4acpi.c	2007-05-02 15:59:27.000000000 +0100
    3.11 +@@ -24,26 +24,26 @@
    3.12    */
    3.13   
    3.14   #include "vl.h"
    3.15 @@ -41,20 +41,10 @@ Index: ioemu/hw/piix4acpi.c
    3.16   
    3.17   typedef struct AcpiDeviceState AcpiDeviceState;
    3.18   AcpiDeviceState *acpi_device_table;
    3.19 - 
    3.20 --/* Bits of PM1a register define here  */
    3.21 - typedef struct PM1Event_BLK {
    3.22 -     uint16_t pm1_status; /* pm1a_EVT_BLK */
    3.23 -     uint16_t pm1_enable; /* pm1a_EVT_BLK+2 */
    3.24 -@@ -61,17 +60,11 @@
    3.25 -     uint16_t pm1_enable; /* pm1a_EVT_BLK+2 */
    3.26 +@@ -53,13 +53,6 @@
    3.27       uint16_t pm1_control; /* pm1a_ECNT_BLK */
    3.28 -     uint32_t pm1_timer; /* pmtmr_BLK */
    3.29 -+    uint64_t old_vmck_ticks; /* using vm_clock counter */
    3.30   } PCIAcpiState;
    3.31   
    3.32 - static PCIAcpiState *acpi_state;
    3.33 - 
    3.34  -static inline void acpi_set_irq(PCIAcpiState *s)
    3.35  -{
    3.36  -/* no real SCI event need for now, so comment the following line out */
    3.37 @@ -62,92 +52,10 @@ Index: ioemu/hw/piix4acpi.c
    3.38  -    printf("acpi_set_irq: s->irq %x \n",s->irq);
    3.39  -}
    3.40  -
    3.41 - static void acpi_reset(PCIAcpiState *s)
    3.42 - {
    3.43 -     uint8_t *pci_conf;
    3.44 -@@ -84,6 +77,7 @@
    3.45 -     s->pm1_enable = 0x00;    /* TMROF_EN should cleared */
    3.46 -     s->pm1_control = SCI_EN; /* SCI_EN */
    3.47 -     s->pm1_timer = 0;
    3.48 -+    s->old_vmck_ticks = qemu_get_clock(vm_clock);
    3.49 - }
    3.50 - 
    3.51 - /*byte access  */
    3.52 -@@ -95,8 +89,8 @@
    3.53 -         s->pm1_status = s->pm1_status&!TMROF_STS;
    3.54 - 
    3.55 -     if ((val&GBL_STS)==GBL_STS)
    3.56 --        s->pm1_status = s->pm1_status&!GBL_STS;     
    3.57 --    
    3.58 -+        s->pm1_status = s->pm1_status&!GBL_STS;
    3.59 -+
    3.60 - /*     printf("acpiPm1Status_writeb \n addr %x val:%x pm1_status:%x \n", addr, val,s->pm1_status); */
    3.61 - }
    3.62 - 
    3.63 -@@ -115,7 +109,7 @@
    3.64 + static void acpiPm1Control_writeb(void *opaque, uint32_t addr, uint32_t val)
    3.65   {
    3.66       PCIAcpiState *s = opaque;
    3.67 - 
    3.68 --     s->pm1_status = (val<<8)||(s->pm1_status);
    3.69 -+    s->pm1_status = (val<<8)||(s->pm1_status);
    3.70 - /*     printf("acpiPm1StatusP1_writeb \n addr %x val:%x\n", addr, val); */
    3.71 - }
    3.72 - 
    3.73 -@@ -220,7 +214,7 @@
    3.74 -         s->pm1_status = s->pm1_status&!TMROF_STS;
    3.75 - 
    3.76 -     if ((val&GBL_STS)==GBL_STS)
    3.77 --        s->pm1_status = s->pm1_status&!GBL_STS;     
    3.78 -+        s->pm1_status = s->pm1_status&!GBL_STS;
    3.79 - 
    3.80 - /*    printf("acpiPm1Status_writew \n addr %x val:%x pm1_status:%x \n", addr, val,s->pm1_status); */
    3.81 - }
    3.82 -@@ -288,13 +282,15 @@
    3.83 - 
    3.84 - }
    3.85 - 
    3.86 --static void acpiPm1Event_readl(void *opaque, uint32_t addr)
    3.87 -+static uint32_t acpiPm1Event_readl(void *opaque, uint32_t addr)
    3.88 - {
    3.89 -     PCIAcpiState *s = opaque;
    3.90 -     uint32_t val;
    3.91 - 
    3.92 --    val=s->pm1_status|(s->pm1_enable<<16);
    3.93 -+    val = s->pm1_status|(s->pm1_enable<<16);
    3.94 - /*    printf("acpiPm1Event_readl \n addr %x val:%x\n", addr, val);    */
    3.95 -+
    3.96 -+    return val;
    3.97 - }
    3.98 - 
    3.99 - static void acpiPm1Timer_writel(void *opaque, uint32_t addr, uint32_t val)
   3.100 -@@ -302,17 +298,21 @@
   3.101 -     PCIAcpiState *s = opaque;
   3.102 - 
   3.103 -     s->pm1_timer = val;
   3.104 --/*    printf("acpiPm1Timer_writel \n addr %x val:%x\n", addr, val); */
   3.105 -+    s->old_vmck_ticks = qemu_get_clock(vm_clock) +
   3.106 -+        muldiv64(val, FREQUENCE_PMTIMER, ticks_per_sec);
   3.107 - }
   3.108 - 
   3.109 - static uint32_t acpiPm1Timer_readl(void *opaque, uint32_t addr)
   3.110 - {
   3.111 -     PCIAcpiState *s = opaque;
   3.112 --    uint32_t val;
   3.113 -+    int64_t current_vmck_ticks = qemu_get_clock(vm_clock);
   3.114 -+    int64_t vmck_ticks_delta = current_vmck_ticks - s->old_vmck_ticks;
   3.115 - 
   3.116 --    val = s->pm1_timer;
   3.117 --/*    printf("acpiPm1Timer_readl \n addr %x val:%x\n", addr, val); */
   3.118 --    return val;
   3.119 -+    if (s->old_vmck_ticks)
   3.120 -+        s->pm1_timer += muldiv64(vmck_ticks_delta, FREQUENCE_PMTIMER,
   3.121 -+                                 ticks_per_sec);
   3.122 -+    s->old_vmck_ticks = current_vmck_ticks;
   3.123 -+    return s->pm1_timer;
   3.124 - }
   3.125 - 
   3.126 - static void acpi_map(PCIDevice *pci_dev, int region_num,
   3.127 -@@ -320,7 +320,7 @@
   3.128 +@@ -132,7 +125,7 @@
   3.129   {
   3.130       PCIAcpiState *d = (PCIAcpiState *)pci_dev;
   3.131   
   3.132 @@ -155,34 +63,4 @@ Index: ioemu/hw/piix4acpi.c
   3.133  +    printf("register acpi io\n");
   3.134   
   3.135       /* Byte access */
   3.136 -     register_ioport_write(addr, 1, 1, acpiPm1Status_writeb, d);
   3.137 -@@ -336,14 +336,14 @@
   3.138       register_ioport_write(addr + 4, 1, 1, acpiPm1Control_writeb, d);
   3.139 -     register_ioport_read(addr + 4, 1, 1, acpiPm1Control_readb, d);
   3.140 -     register_ioport_write(addr + 4 + 1, 1, 1, acpiPm1ControlP1_writeb, d);
   3.141 --    register_ioport_read(addr + 4 +1, 1, 1, acpiPm1ControlP1_readb, d);	
   3.142 -+    register_ioport_read(addr + 4 +1, 1, 1, acpiPm1ControlP1_readb, d);
   3.143 - 
   3.144 -     /* Word access */
   3.145 -     register_ioport_write(addr, 2, 2, acpiPm1Status_writew, d);
   3.146 -     register_ioport_read(addr, 2, 2, acpiPm1Status_readw, d);
   3.147 - 
   3.148 -     register_ioport_write(addr + 2, 2, 2, acpiPm1Enable_writew, d);
   3.149 --    register_ioport_read(addr + 2, 2, 2, acpiPm1Enable_readw, d); 
   3.150 -+    register_ioport_read(addr + 2, 2, 2, acpiPm1Enable_readw, d);
   3.151 - 
   3.152 -     register_ioport_write(addr + 4, 2, 2, acpiPm1Control_writew, d);
   3.153 -     register_ioport_read(addr + 4, 2, 2, acpiPm1Control_readw, d);
   3.154 -@@ -351,11 +351,10 @@
   3.155 -     /* DWord access */
   3.156 -     register_ioport_write(addr, 4, 4, acpiPm1Event_writel, d);
   3.157 -     register_ioport_read(addr, 4, 4, acpiPm1Event_readl, d);
   3.158 --		
   3.159 -+
   3.160 -     register_ioport_write(addr + 8, 4, 4, acpiPm1Timer_writel, d);
   3.161 -     register_ioport_read(addr + 8, 4, 4, acpiPm1Timer_readl, d);
   3.162 - }
   3.163 --													
   3.164 - 
   3.165 - /* PIIX4 acpi pci configuration space, func 2 */
   3.166 - void pci_piix4_acpi_init(PCIBus *bus, int devfn)
     4.1 --- a/tools/ioemu/patches/domain-destroy	Thu May 03 11:22:58 2007 +0100
     4.2 +++ b/tools/ioemu/patches/domain-destroy	Thu May 03 15:39:45 2007 +0100
     4.3 @@ -1,7 +1,7 @@
     4.4  Index: ioemu/monitor.c
     4.5  ===================================================================
     4.6 ---- ioemu.orig/monitor.c	2006-12-08 01:26:07.000000000 +0000
     4.7 -+++ ioemu/monitor.c	2006-12-08 01:26:08.000000000 +0000
     4.8 +--- ioemu.orig/monitor.c	2007-05-03 14:54:59.000000000 +0100
     4.9 ++++ ioemu/monitor.c	2007-05-03 14:55:01.000000000 +0100
    4.10  @@ -308,6 +308,7 @@
    4.11   
    4.12   static void do_quit(void)
    4.13 @@ -12,13 +12,14 @@ Index: ioemu/monitor.c
    4.14   
    4.15  Index: ioemu/target-i386-dm/helper2.c
    4.16  ===================================================================
    4.17 ---- ioemu.orig/target-i386-dm/helper2.c	2006-12-08 01:26:08.000000000 +0000
    4.18 -+++ ioemu/target-i386-dm/helper2.c	2006-12-08 01:26:08.000000000 +0000
    4.19 -@@ -507,5 +507,25 @@
    4.20 +--- ioemu.orig/target-i386-dm/helper2.c	2007-05-03 14:55:00.000000000 +0100
    4.21 ++++ ioemu/target-i386-dm/helper2.c	2007-05-03 14:55:01.000000000 +0100
    4.22 +@@ -549,5 +549,26 @@
    4.23           /* Wait up to 10 msec. */
    4.24           main_loop_wait(10);
    4.25 -     }
    4.26 + 
    4.27  +    destroy_hvm_domain();
    4.28 ++
    4.29       return 0;
    4.30   }
    4.31  +
    4.32 @@ -42,8 +43,8 @@ Index: ioemu/target-i386-dm/helper2.c
    4.33  +}
    4.34  Index: ioemu/vl.h
    4.35  ===================================================================
    4.36 ---- ioemu.orig/vl.h	2006-12-08 01:26:08.000000000 +0000
    4.37 -+++ ioemu/vl.h	2006-12-08 01:26:08.000000000 +0000
    4.38 +--- ioemu.orig/vl.h	2007-05-03 14:55:00.000000000 +0100
    4.39 ++++ ioemu/vl.h	2007-05-03 14:55:01.000000000 +0100
    4.40  @@ -1190,4 +1190,7 @@
    4.41   void kqemu_record_dump(void);
    4.42   
     5.1 --- a/tools/ioemu/patches/domain-reset	Thu May 03 11:22:58 2007 +0100
     5.2 +++ b/tools/ioemu/patches/domain-reset	Thu May 03 15:39:45 2007 +0100
     5.3 @@ -1,17 +1,14 @@
     5.4  Index: ioemu/target-i386-dm/helper2.c
     5.5  ===================================================================
     5.6 ---- ioemu.orig/target-i386-dm/helper2.c	2006-12-08 01:26:06.000000000 +0000
     5.7 -+++ ioemu/target-i386-dm/helper2.c	2006-12-08 01:26:08.000000000 +0000
     5.8 -@@ -127,6 +127,25 @@
     5.9 +--- ioemu.orig/target-i386-dm/helper2.c	2007-05-03 14:54:46.000000000 +0100
    5.10 ++++ ioemu/target-i386-dm/helper2.c	2007-05-03 14:55:00.000000000 +0100
    5.11 +@@ -127,6 +127,22 @@
    5.12   /* called from main_cpu_reset */
    5.13   void cpu_reset(CPUX86State *env)
    5.14   {
    5.15  +    int xcHandle;
    5.16  +    int sts;
    5.17  +
    5.18 -+    /* pause domain first, to avoid repeated reboot request*/
    5.19 -+    xc_domain_pause(xc_handle, domid);
    5.20 -+
    5.21  +    xcHandle = xc_interface_open();
    5.22  +    if (xcHandle < 0)
    5.23  +        fprintf(logfile, "Cannot acquire xenctrl handle\n");
    5.24 @@ -28,22 +25,28 @@ Index: ioemu/target-i386-dm/helper2.c
    5.25   }
    5.26   
    5.27   void cpu_x86_close(CPUX86State *env)
    5.28 -@@ -479,6 +498,10 @@
    5.29 -         if (vm_running) {
    5.30 -             if (shutdown_requested)
    5.31 -                 break;
    5.32 -+            if (reset_requested) {
    5.33 -+                qemu_system_reset();
    5.34 -+                reset_requested = 0;
    5.35 -+            }
    5.36 -         }
    5.37 +@@ -529,14 +545,9 @@
    5.38 + 
    5.39 +     qemu_set_fd_handler(evtchn_fd, cpu_handle_ioreq, NULL, env);
    5.40   
    5.41 +-    while (1) {
    5.42 +-        if (vm_running) {
    5.43 +-            if (shutdown_requested)
    5.44 +-                break;
    5.45 +-        }
    5.46 +-
    5.47 ++    while (!(vm_running && suspend_requested))
    5.48           /* Wait up to 10 msec. */
    5.49 +         main_loop_wait(10);
    5.50 +-    }
    5.51 ++
    5.52 +     return 0;
    5.53 + }
    5.54  Index: ioemu/vl.c
    5.55  ===================================================================
    5.56 ---- ioemu.orig/vl.c	2006-12-08 01:26:08.000000000 +0000
    5.57 -+++ ioemu/vl.c	2006-12-08 01:26:08.000000000 +0000
    5.58 -@@ -4948,7 +4948,7 @@
    5.59 +--- ioemu.orig/vl.c	2007-05-03 14:55:00.000000000 +0100
    5.60 ++++ ioemu/vl.c	2007-05-03 14:55:00.000000000 +0100
    5.61 +@@ -4957,7 +4957,7 @@
    5.62   } QEMUResetEntry;
    5.63   
    5.64   static QEMUResetEntry *first_reset_entry;
    5.65 @@ -54,8 +57,8 @@ Index: ioemu/vl.c
    5.66   
    5.67  Index: ioemu/vl.h
    5.68  ===================================================================
    5.69 ---- ioemu.orig/vl.h	2006-12-08 01:26:07.000000000 +0000
    5.70 -+++ ioemu/vl.h	2006-12-08 01:26:08.000000000 +0000
    5.71 +--- ioemu.orig/vl.h	2007-05-03 14:55:00.000000000 +0100
    5.72 ++++ ioemu/vl.h	2007-05-03 14:55:00.000000000 +0100
    5.73  @@ -131,6 +131,7 @@
    5.74   
    5.75   void qemu_register_reset(QEMUResetHandler *func, void *opaque);
     6.1 --- a/tools/ioemu/patches/domain-timeoffset	Thu May 03 11:22:58 2007 +0100
     6.2 +++ b/tools/ioemu/patches/domain-timeoffset	Thu May 03 15:39:45 2007 +0100
     6.3 @@ -1,7 +1,7 @@
     6.4  Index: ioemu/hw/mc146818rtc.c
     6.5  ===================================================================
     6.6 ---- ioemu.orig/hw/mc146818rtc.c	2006-12-20 15:21:33.000000000 +0000
     6.7 -+++ ioemu/hw/mc146818rtc.c	2006-12-20 15:21:50.000000000 +0000
     6.8 +--- ioemu.orig/hw/mc146818rtc.c	2007-05-03 15:38:35.000000000 +0100
     6.9 ++++ ioemu/hw/mc146818rtc.c	2007-05-03 15:38:45.000000000 +0100
    6.10  @@ -178,10 +178,27 @@
    6.11       }
    6.12   }
    6.13 @@ -46,8 +46,8 @@ Index: ioemu/hw/mc146818rtc.c
    6.14   static void rtc_copy_date(RTCState *s)
    6.15  Index: ioemu/hw/pc.c
    6.16  ===================================================================
    6.17 ---- ioemu.orig/hw/pc.c	2006-12-20 15:21:49.000000000 +0000
    6.18 -+++ ioemu/hw/pc.c	2006-12-20 15:21:50.000000000 +0000
    6.19 +--- ioemu.orig/hw/pc.c	2007-05-03 15:38:44.000000000 +0100
    6.20 ++++ ioemu/hw/pc.c	2007-05-03 15:38:45.000000000 +0100
    6.21  @@ -159,7 +159,7 @@
    6.22   }
    6.23   
    6.24 @@ -81,9 +81,9 @@ Index: ioemu/hw/pc.c
    6.25  -    cmos_init(ram_size, boot_device, bs_table);
    6.26  +    cmos_init(ram_size, boot_device, bs_table, timeoffset);
    6.27   
    6.28 -     if (pci_enabled && usb_enabled) {
    6.29 -         usb_uhci_init(pci_bus, piix3_devfn + 2);
    6.30 -@@ -912,12 +913,13 @@
    6.31 +     /* using PIIX4 acpi model */
    6.32 +     if (pci_enabled && acpi_enabled)
    6.33 +@@ -920,12 +921,13 @@
    6.34                           int snapshot, 
    6.35                           const char *kernel_filename, 
    6.36                           const char *kernel_cmdline,
    6.37 @@ -99,7 +99,7 @@ Index: ioemu/hw/pc.c
    6.38   }
    6.39   
    6.40   static void pc_init_isa(uint64_t ram_size, int vga_ram_size, int boot_device,
    6.41 -@@ -925,12 +927,13 @@
    6.42 +@@ -933,12 +935,13 @@
    6.43                           int snapshot, 
    6.44                           const char *kernel_filename, 
    6.45                           const char *kernel_cmdline,
    6.46 @@ -117,9 +117,9 @@ Index: ioemu/hw/pc.c
    6.47   QEMUMachine pc_machine = {
    6.48  Index: ioemu/vl.c
    6.49  ===================================================================
    6.50 ---- ioemu.orig/vl.c	2006-12-20 15:21:49.000000000 +0000
    6.51 -+++ ioemu/vl.c	2006-12-20 15:21:50.000000000 +0000
    6.52 -@@ -163,6 +163,8 @@
    6.53 +--- ioemu.orig/vl.c	2007-05-03 15:38:45.000000000 +0100
    6.54 ++++ ioemu/vl.c	2007-05-03 15:38:45.000000000 +0100
    6.55 +@@ -167,6 +167,8 @@
    6.56   
    6.57   int xc_handle;
    6.58   
    6.59 @@ -128,41 +128,51 @@ Index: ioemu/vl.c
    6.60   char domain_name[1024] = { 'H','V', 'M', 'X', 'E', 'N', '-'};
    6.61   extern int domid;
    6.62   
    6.63 -@@ -5338,6 +5340,7 @@
    6.64 - #endif
    6.65 -            "-loadvm file    start right away with a saved state (loadvm in monitor)\n"
    6.66 - 	   "-vnc display    start a VNC server on display\n"
    6.67 +@@ -5435,6 +5437,7 @@
    6.68 +            "-vncviewer      start a vncviewer process for this domain\n"
    6.69 +            "-vncunused      bind the VNC server to an unused port\n"
    6.70 +            "-vnclisten      bind the VNC server to this address\n"
    6.71  +           "-timeoffset     time offset (in seconds) from local time\n"
    6.72 +            "-acpi           disable or enable ACPI of HVM domain \n"
    6.73              "\n"
    6.74              "During emulation, the following keys are useful:\n"
    6.75 -            "ctrl-alt-f      toggle full screen\n"
    6.76 -@@ -5422,6 +5425,7 @@
    6.77 +@@ -5522,6 +5525,7 @@
    6.78   
    6.79       QEMU_OPTION_d,
    6.80       QEMU_OPTION_vcpus,
    6.81  +    QEMU_OPTION_timeoffset,
    6.82 - };
    6.83 - 
    6.84 - typedef struct QEMUOption {
    6.85 -@@ -5504,6 +5508,7 @@
    6.86 +     QEMU_OPTION_acpi,
    6.87 +     QEMU_OPTION_vncviewer,
    6.88 +     QEMU_OPTION_vncunused,
    6.89 +@@ -5613,6 +5617,7 @@
    6.90       
    6.91       { "d", HAS_ARG, QEMU_OPTION_d },
    6.92       { "vcpus", 1, QEMU_OPTION_vcpus },
    6.93  +    { "timeoffset", HAS_ARG, QEMU_OPTION_timeoffset },
    6.94 +     { "acpi", 0, QEMU_OPTION_acpi },
    6.95       { NULL },
    6.96   };
    6.97 - 
    6.98 -@@ -6232,6 +6237,9 @@
    6.99 +@@ -6377,6 +6382,9 @@
   6.100                   vcpus = atoi(optarg);
   6.101                   fprintf(logfile, "qemu: the number of cpus is %d\n", vcpus);
   6.102                   break;
   6.103  +            case QEMU_OPTION_timeoffset:
   6.104  +                timeoffset = strtol(optarg, NULL, 0);
   6.105  +                break;
   6.106 -             }
   6.107 -         }
   6.108 +             case QEMU_OPTION_acpi:
   6.109 +                 acpi_enabled = 1;
   6.110 +                 break;
   6.111 +@@ -6531,6 +6539,9 @@
   6.112       }
   6.113 -@@ -6484,7 +6492,8 @@
   6.114 +     free(page_array);
   6.115 + #endif
   6.116 ++
   6.117 ++    timeoffset_get();
   6.118 ++
   6.119 + #else  /* !CONFIG_DM */
   6.120 + 
   6.121 +     phys_ram_base = qemu_vmalloc(phys_ram_size);
   6.122 +@@ -6662,7 +6673,8 @@
   6.123   
   6.124       machine->init(ram_size, vga_ram_size, boot_device,
   6.125                     ds, fd_filename, snapshot,
   6.126 @@ -174,9 +184,9 @@ Index: ioemu/vl.c
   6.127       if (usb_enabled) {
   6.128  Index: ioemu/vl.h
   6.129  ===================================================================
   6.130 ---- ioemu.orig/vl.h	2006-12-20 15:21:49.000000000 +0000
   6.131 -+++ ioemu/vl.h	2006-12-20 15:21:50.000000000 +0000
   6.132 -@@ -576,7 +576,7 @@
   6.133 +--- ioemu.orig/vl.h	2007-05-03 15:38:45.000000000 +0100
   6.134 ++++ ioemu/vl.h	2007-05-03 15:38:45.000000000 +0100
   6.135 +@@ -581,7 +581,7 @@
   6.136                                    int boot_device,
   6.137                DisplayState *ds, const char **fd_filename, int snapshot,
   6.138                const char *kernel_filename, const char *kernel_cmdline,
   6.139 @@ -185,3 +195,72 @@ Index: ioemu/vl.h
   6.140   
   6.141   typedef struct QEMUMachine {
   6.142       const char *name;
   6.143 +@@ -1216,6 +1216,10 @@
   6.144 + int xenstore_vm_write(int domid, char *key, char *val);
   6.145 + char *xenstore_vm_read(int domid, char *key, int *len);
   6.146 + 
   6.147 ++/* helper2.c */
   6.148 ++extern long time_offset;
   6.149 ++void timeoffset_get(void);
   6.150 ++
   6.151 + void kqemu_record_dump(void);
   6.152 + 
   6.153 + extern char domain_name[];
   6.154 +Index: ioemu/target-i386-dm/helper2.c
   6.155 +===================================================================
   6.156 +--- ioemu.orig/target-i386-dm/helper2.c	2007-05-03 15:38:44.000000000 +0100
   6.157 ++++ ioemu/target-i386-dm/helper2.c	2007-05-03 15:38:45.000000000 +0100
   6.158 +@@ -74,6 +74,8 @@
   6.159 + 
   6.160 + int xc_handle;
   6.161 + 
   6.162 ++long time_offset = 0;
   6.163 ++
   6.164 + shared_iopage_t *shared_page = NULL;
   6.165 + 
   6.166 + /* the evtchn fd for polling */
   6.167 +@@ -447,6 +449,34 @@
   6.168 +     req->data = tmp1;
   6.169 + }
   6.170 + 
   6.171 ++void timeoffset_get()
   6.172 ++{
   6.173 ++    char *p;
   6.174 ++
   6.175 ++    p = xenstore_vm_read(domid, "rtc/timeoffset", NULL);
   6.176 ++    if (!p)
   6.177 ++	return;
   6.178 ++
   6.179 ++    if (sscanf(p, "%ld", &time_offset) == 1)
   6.180 ++	fprintf(logfile, "Time offset set %ld\n", time_offset);
   6.181 ++    else
   6.182 ++	time_offset = 0;
   6.183 ++
   6.184 ++    xc_domain_set_time_offset(xc_handle, domid, time_offset);
   6.185 ++
   6.186 ++    free(p);
   6.187 ++}
   6.188 ++
   6.189 ++void cpu_ioreq_timeoffset(CPUState *env, ioreq_t *req)
   6.190 ++{
   6.191 ++    char b[64];
   6.192 ++
   6.193 ++    time_offset += (ulong)req->data;
   6.194 ++
   6.195 ++    sprintf(b, "%ld", time_offset);
   6.196 ++    xenstore_vm_write(domid, "rtc/timeoffset", b);
   6.197 ++}
   6.198 ++
   6.199 + void cpu_ioreq_xchg(CPUState *env, ioreq_t *req)
   6.200 + {
   6.201 +     unsigned long tmp1;
   6.202 +@@ -497,6 +527,9 @@
   6.203 +         case IOREQ_TYPE_XCHG:
   6.204 +             cpu_ioreq_xchg(env, req);
   6.205 +             break;
   6.206 ++	case IOREQ_TYPE_TIMEOFFSET:
   6.207 ++            cpu_ioreq_timeoffset(env, req);
   6.208 ++            break;
   6.209 +         default:
   6.210 +             hw_error("Invalid ioreq type 0x%x\n", req->type);
   6.211 +         }
     7.1 --- a/tools/ioemu/patches/hypervisor-pit	Thu May 03 11:22:58 2007 +0100
     7.2 +++ b/tools/ioemu/patches/hypervisor-pit	Thu May 03 15:39:45 2007 +0100
     7.3 @@ -1,7 +1,7 @@
     7.4  Index: ioemu/Makefile.target
     7.5  ===================================================================
     7.6 ---- ioemu.orig/Makefile.target	2006-12-08 01:41:12.000000000 +0000
     7.7 -+++ ioemu/Makefile.target	2006-12-08 01:41:12.000000000 +0000
     7.8 +--- ioemu.orig/Makefile.target	2007-05-03 10:07:52.000000000 +0100
     7.9 ++++ ioemu/Makefile.target	2007-05-03 10:07:53.000000000 +0100
    7.10  @@ -355,7 +355,7 @@
    7.11   ifeq ($(TARGET_BASE_ARCH), i386)
    7.12   # Hardware support
    7.13 @@ -13,8 +13,8 @@ Index: ioemu/Makefile.target
    7.14   DEFINES += -DHAS_AUDIO
    7.15  Index: ioemu/hw/pc.c
    7.16  ===================================================================
    7.17 ---- ioemu.orig/hw/pc.c	2006-12-08 01:41:12.000000000 +0000
    7.18 -+++ ioemu/hw/pc.c	2006-12-08 01:41:12.000000000 +0000
    7.19 +--- ioemu.orig/hw/pc.c	2007-05-03 10:07:52.000000000 +0100
    7.20 ++++ ioemu/hw/pc.c	2007-05-03 10:07:53.000000000 +0100
    7.21  @@ -38,7 +38,9 @@
    7.22   
    7.23   static fdctrl_t *floppy_controller;
    7.24 @@ -38,9 +38,9 @@ Index: ioemu/hw/pc.c
    7.25           pic_set_alt_irq_func(isa_pic, ioapic_set_irq, ioapic);
    7.26  Index: ioemu/vl.c
    7.27  ===================================================================
    7.28 ---- ioemu.orig/vl.c	2006-12-08 01:41:12.000000000 +0000
    7.29 -+++ ioemu/vl.c	2006-12-08 01:41:12.000000000 +0000
    7.30 -@@ -5570,6 +5570,7 @@
    7.31 +--- ioemu.orig/vl.c	2007-05-03 10:07:53.000000000 +0100
    7.32 ++++ ioemu/vl.c	2007-05-03 10:07:53.000000000 +0100
    7.33 +@@ -5622,6 +5622,7 @@
    7.34   
    7.35   #ifdef HAS_AUDIO
    7.36   struct soundhw soundhw[] = {
    7.37 @@ -48,7 +48,7 @@ Index: ioemu/vl.c
    7.38   #ifdef TARGET_I386
    7.39       {
    7.40           "pcspk",
    7.41 -@@ -5579,6 +5580,7 @@
    7.42 +@@ -5631,6 +5632,7 @@
    7.43           { .init_isa = pcspk_audio_init }
    7.44       },
    7.45   #endif
     8.1 --- a/tools/ioemu/patches/ide-cd-dma	Thu May 03 11:22:58 2007 +0100
     8.2 +++ b/tools/ioemu/patches/ide-cd-dma	Thu May 03 15:39:45 2007 +0100
     8.3 @@ -5,9 +5,11 @@
     8.4  [HVM] Enable DMA mode for CD-ROM IDE ATAPI interface.
     8.5  Signed-off-by: Winston Wang <winston.l.wang@intel.com
     8.6  
     8.7 ---- ioemu/hw/ide.c	Wed Oct 18 18:37:18 2006 +0100
     8.8 -+++ ioemu/hw/ide.c	Wed Oct 18 18:41:47 2006 +0100
     8.9 -@@ -557,9 +557,9 @@ static void ide_atapi_identify(IDEState 
    8.10 +Index: ioemu/hw/ide.c
    8.11 +===================================================================
    8.12 +--- ioemu.orig/hw/ide.c	2007-05-03 15:07:16.000000000 +0100
    8.13 ++++ ioemu/hw/ide.c	2007-05-03 15:07:16.000000000 +0100
    8.14 +@@ -713,9 +713,9 @@
    8.15       padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
    8.16       padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
    8.17       put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
     9.1 --- a/tools/ioemu/patches/ide-error-reporting	Thu May 03 11:22:58 2007 +0100
     9.2 +++ b/tools/ioemu/patches/ide-error-reporting	Thu May 03 15:39:45 2007 +0100
     9.3 @@ -33,9 +33,9 @@ Signed-off-by: Keir Fraser <keir@xensour
     9.4  
     9.5  Index: ioemu/hw/ide.c
     9.6  ===================================================================
     9.7 ---- ioemu.orig/hw/ide.c	2006-12-08 18:21:36.000000000 +0000
     9.8 -+++ ioemu/hw/ide.c	2006-12-08 18:23:18.000000000 +0000
     9.9 -@@ -680,7 +680,7 @@
    9.10 +--- ioemu.orig/hw/ide.c	2007-05-03 15:07:16.000000000 +0100
    9.11 ++++ ioemu/hw/ide.c	2007-05-03 15:07:17.000000000 +0100
    9.12 +@@ -838,7 +838,7 @@
    9.13   static void ide_sector_read(IDEState *s)
    9.14   {
    9.15       int64_t sector_num;
    9.16 @@ -44,7 +44,7 @@ Index: ioemu/hw/ide.c
    9.17   
    9.18       s->status = READY_STAT | SEEK_STAT;
    9.19       s->error = 0; /* not needed by IDE spec, but needed by Windows */
    9.20 -@@ -695,7 +695,11 @@
    9.21 +@@ -853,7 +853,11 @@
    9.22   #endif
    9.23           if (n > s->req_nb_sectors)
    9.24               n = s->req_nb_sectors;
    9.25 @@ -57,7 +57,7 @@ Index: ioemu/hw/ide.c
    9.26           ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
    9.27           ide_set_irq(s);
    9.28           ide_set_sector(s, sector_num + n);
    9.29 -@@ -721,7 +725,11 @@
    9.30 +@@ -879,7 +883,11 @@
    9.31               if (n > MAX_MULT_SECTORS)
    9.32                   n = MAX_MULT_SECTORS;
    9.33               sector_num = ide_get_sector(s);
    9.34 @@ -70,7 +70,7 @@ Index: ioemu/hw/ide.c
    9.35               s->io_buffer_index = 0;
    9.36               s->io_buffer_size = n * 512;
    9.37               len = s->io_buffer_size;
    9.38 -@@ -767,7 +775,7 @@
    9.39 +@@ -925,7 +933,7 @@
    9.40   static void ide_sector_write(IDEState *s)
    9.41   {
    9.42       int64_t sector_num;
    9.43 @@ -79,7 +79,7 @@ Index: ioemu/hw/ide.c
    9.44   
    9.45       s->status = READY_STAT | SEEK_STAT;
    9.46       sector_num = ide_get_sector(s);
    9.47 -@@ -777,7 +785,11 @@
    9.48 +@@ -935,7 +943,11 @@
    9.49       n = s->nsector;
    9.50       if (n > s->req_nb_sectors)
    9.51           n = s->req_nb_sectors;
    9.52 @@ -92,7 +92,7 @@ Index: ioemu/hw/ide.c
    9.53       s->nsector -= n;
    9.54       if (s->nsector == 0) {
    9.55           /* no more sector to write */
    9.56 -@@ -823,8 +835,13 @@
    9.57 +@@ -981,8 +993,13 @@
    9.58           if (len == 0) {
    9.59               n = s->io_buffer_size >> 9;
    9.60               sector_num = ide_get_sector(s);
    10.1 --- a/tools/ioemu/patches/ide-hd-multithread	Thu May 03 11:22:58 2007 +0100
    10.2 +++ b/tools/ioemu/patches/ide-hd-multithread	Thu May 03 15:39:45 2007 +0100
    10.3 @@ -1,7 +1,7 @@
    10.4  Index: ioemu/hw/ide.c
    10.5  ===================================================================
    10.6 ---- ioemu.orig/hw/ide.c	2006-08-17 19:37:36.267534285 +0100
    10.7 -+++ ioemu/hw/ide.c	2006-08-17 19:49:57.830375828 +0100
    10.8 +--- ioemu.orig/hw/ide.c	2007-05-03 15:03:18.000000000 +0100
    10.9 ++++ ioemu/hw/ide.c	2007-05-03 15:06:48.000000000 +0100
   10.10  @@ -22,6 +22,7 @@
   10.11    * THE SOFTWARE.
   10.12    */
   10.13 @@ -10,7 +10,7 @@ Index: ioemu/hw/ide.c
   10.14   
   10.15   /* debug IDE devices */
   10.16   //#define DEBUG_IDE
   10.17 -@@ -390,6 +391,48 @@
   10.18 +@@ -390,6 +391,89 @@
   10.19       int type; /* see IDE_TYPE_xxx */
   10.20   } PCIIDEState;
   10.21   
   10.22 @@ -18,17 +18,41 @@ Index: ioemu/hw/ide.c
   10.23  +
   10.24  +#ifdef DMA_MULTI_THREAD
   10.25  +
   10.26 ++static pthread_t ide_dma_thread;
   10.27  +static int file_pipes[2];
   10.28  +
   10.29  +static void ide_dma_loop(BMDMAState *bm);
   10.30  +static void dma_thread_loop(BMDMAState *bm);
   10.31  +
   10.32 ++extern int suspend_requested;
   10.33  +static void *dma_thread_func(void* opaque)
   10.34  +{
   10.35  +    BMDMAState* req;
   10.36 ++    fd_set fds;
   10.37 ++    int rv, nfds = file_pipes[0] + 1;
   10.38 ++    struct timeval tm;
   10.39  +
   10.40 -+    while (read(file_pipes[0], &req, sizeof(req))) {
   10.41 -+        dma_thread_loop(req);
   10.42 ++    while (1) {
   10.43 ++
   10.44 ++        /* Wait at most a second for the pipe to become readable */
   10.45 ++        FD_ZERO(&fds);
   10.46 ++        FD_SET(file_pipes[0], &fds);
   10.47 ++        tm.tv_sec = 1;
   10.48 ++        tm.tv_usec = 0;
   10.49 ++        rv = select(nfds, &fds, NULL, NULL, &tm);
   10.50 ++        
   10.51 ++        if (rv != 0) {
   10.52 ++            if (read(file_pipes[0], &req, sizeof(req)) == 0)
   10.53 ++                return NULL;
   10.54 ++            dma_thread_loop(req);
   10.55 ++        } else {
   10.56 ++            if (suspend_requested)  {
   10.57 ++                /* Need to tidy up the DMA thread so that we don't end up 
   10.58 ++                 * finishing operations after the domain's ioreqs are 
   10.59 ++                 * drained and its state saved */
   10.60 ++                return NULL;
   10.61 ++            }
   10.62 ++        }
   10.63  +    }
   10.64  +
   10.65  +    return NULL;
   10.66 @@ -36,30 +60,47 @@ Index: ioemu/hw/ide.c
   10.67  +
   10.68  +static void dma_create_thread(void)
   10.69  +{
   10.70 -+    pthread_t tid;
   10.71  +    int rt;
   10.72 ++    pthread_attr_t a;
   10.73  +
   10.74  +    if (pipe(file_pipes) != 0) {
   10.75  +        fprintf(stderr, "create pipe failed\n");
   10.76  +        exit(1);
   10.77  +    }
   10.78  +
   10.79 -+    if ((rt = pthread_create(&tid, NULL, dma_thread_func, NULL))) {
   10.80 ++    if ((rt = pthread_attr_init(&a))
   10.81 ++        || (rt = pthread_attr_setdetachstate(&a, PTHREAD_CREATE_JOINABLE))) {
   10.82 ++        fprintf(stderr, "Oops, dma thread attr setup failed, errno=%d\n", rt);
   10.83 ++        exit(1);
   10.84 ++    }    
   10.85 ++    
   10.86 ++    if ((rt = pthread_create(&ide_dma_thread, &a, dma_thread_func, NULL))) {
   10.87  +        fprintf(stderr, "Oops, dma thread creation failed, errno=%d\n", rt);
   10.88  +        exit(1);
   10.89  +    }
   10.90 ++}
   10.91  +
   10.92 -+    if ((rt = pthread_detach(tid))) {
   10.93 -+        fprintf(stderr, "Oops, dma thread detachment failed, errno=%d\n", rt);
   10.94 -+        exit(1);
   10.95 ++void ide_stop_dma_thread(void)
   10.96 ++{
   10.97 ++    int rc;
   10.98 ++    /* Make sure the IDE DMA thread is stopped */
   10.99 ++    if ( (rc = pthread_join(ide_dma_thread, NULL)) != 0 )
  10.100 ++    {
  10.101 ++        fprintf(stderr, "Oops, error collecting IDE DMA thread (%s)\n", 
  10.102 ++                strerror(rc));
  10.103  +    }
  10.104  +}
  10.105 ++
  10.106 ++#else
  10.107 ++void ide_stop_dma_thread(void)
  10.108 ++{
  10.109 ++}
  10.110  +#endif /* DMA_MULTI_THREAD */
  10.111  +
  10.112   static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb);
  10.113   
  10.114   static void padstr(char *str, const char *src, int len)
  10.115 -@@ -695,7 +738,9 @@
  10.116 +@@ -695,7 +779,9 @@
  10.117       }
  10.118       if (s->io_buffer_index >= s->io_buffer_size && s->nsector == 0) {
  10.119           s->status = READY_STAT | SEEK_STAT;
  10.120 @@ -69,7 +110,7 @@ Index: ioemu/hw/ide.c
  10.121   #ifdef DEBUG_IDE_ATAPI
  10.122           printf("dma status=0x%x\n", s->status);
  10.123   #endif
  10.124 -@@ -795,7 +840,11 @@
  10.125 +@@ -795,7 +881,11 @@
  10.126                               qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
  10.127                   } else 
  10.128   #endif
  10.129 @@ -81,7 +122,7 @@ Index: ioemu/hw/ide.c
  10.130                   return 0;
  10.131               }
  10.132               if (n > MAX_MULT_SECTORS)
  10.133 -@@ -1046,7 +1095,9 @@
  10.134 +@@ -1046,7 +1136,9 @@
  10.135       if (s->packet_transfer_size <= 0) {
  10.136           s->status = READY_STAT;
  10.137           s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
  10.138 @@ -91,7 +132,7 @@ Index: ioemu/hw/ide.c
  10.139   #ifdef DEBUG_IDE_ATAPI
  10.140           printf("dma status=0x%x\n", s->status);
  10.141   #endif
  10.142 -@@ -2103,9 +2154,30 @@
  10.143 +@@ -2103,9 +2195,30 @@
  10.144       }
  10.145   }
  10.146   
  10.147 @@ -122,7 +163,7 @@ Index: ioemu/hw/ide.c
  10.148   {
  10.149       struct {
  10.150           uint32_t addr;
  10.151 -@@ -2141,10 +2213,7 @@
  10.152 +@@ -2141,10 +2254,7 @@
  10.153       }
  10.154       /* end of transfer */
  10.155    the_end:
  10.156 @@ -134,7 +175,7 @@ Index: ioemu/hw/ide.c
  10.157   }
  10.158   
  10.159   static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb)
  10.160 -@@ -2370,6 +2439,9 @@
  10.161 +@@ -2370,6 +2480,9 @@
  10.162                 cmd646_set_irq, d, 0);
  10.163       ide_init2(&d->ide_if[2], hd_table[2], hd_table[3],
  10.164                 cmd646_set_irq, d, 1);
  10.165 @@ -143,14 +184,41 @@ Index: ioemu/hw/ide.c
  10.166  +#endif /* DMA_MULTI_THREAD */
  10.167   }
  10.168   
  10.169 - /* hd_table must contain 4 block drivers */
  10.170 -@@ -2405,6 +2477,9 @@
  10.171 -               pic_set_irq_new, isa_pic, 15);
  10.172 -     ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
  10.173 -     ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
  10.174 + static void pci_ide_save(QEMUFile* f, void *opaque)
  10.175 +@@ -2522,6 +2635,10 @@
  10.176 + 
  10.177 +     register_savevm("ide_pci", 0, 1, generic_pci_save, generic_pci_load, d);
  10.178 +     register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
  10.179 ++
  10.180  +#ifdef DMA_MULTI_THREAD    
  10.181  +    dma_create_thread();
  10.182  +#endif //DMA_MULTI_THREAD    
  10.183   }
  10.184   
  10.185   /***********************************************************/
  10.186 +Index: ioemu/target-i386-dm/helper2.c
  10.187 +===================================================================
  10.188 +--- ioemu.orig/target-i386-dm/helper2.c	2007-05-03 15:03:18.000000000 +0100
  10.189 ++++ ioemu/target-i386-dm/helper2.c	2007-05-03 15:06:41.000000000 +0100
  10.190 +@@ -556,6 +556,9 @@
  10.191 +     handle_buffered_io(env);
  10.192 +     main_loop_wait(1); /* For the select() on events */
  10.193 + 
  10.194 ++    /* Stop the IDE thread */
  10.195 ++    ide_stop_dma_thread();
  10.196 ++
  10.197 +     /* Save the device state */
  10.198 +     sprintf(qemu_file, "/tmp/xen.qemu-dm.%d", domid);
  10.199 +     if (qemu_savevm(qemu_file) < 0)
  10.200 +Index: ioemu/vl.h
  10.201 +===================================================================
  10.202 +--- ioemu.orig/vl.h	2007-05-03 15:03:18.000000000 +0100
  10.203 ++++ ioemu/vl.h	2007-05-03 15:06:42.000000000 +0100
  10.204 +@@ -797,6 +797,7 @@
  10.205 + void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn);
  10.206 + int pmac_ide_init (BlockDriverState **hd_table,
  10.207 +                    SetIRQFunc *set_irq, void *irq_opaque, int irq);
  10.208 ++void ide_stop_dma_thread(void);
  10.209 + 
  10.210 + /* cdrom.c */
  10.211 + int cdrom_read_toc(int nb_sectors, uint8_t *buf, int msf, int start_track);
    11.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    11.2 +++ b/tools/ioemu/patches/ioemu-buffer-pio-ia64	Thu May 03 15:39:45 2007 +0100
    11.3 @@ -0,0 +1,215 @@
    11.4 +Index: ioemu/vl.c
    11.5 +===================================================================
    11.6 +--- ioemu.orig/vl.c	2007-05-03 15:07:15.000000000 +0100
    11.7 ++++ ioemu/vl.c	2007-05-03 15:07:15.000000000 +0100
    11.8 +@@ -5924,6 +5924,7 @@
    11.9 +     unsigned long ioreq_pfn;
   11.10 +     extern void *shared_page;
   11.11 +     extern void *buffered_io_page;
   11.12 ++    extern void *buffered_pio_page;
   11.13 +     unsigned long nr_pages;
   11.14 + 
   11.15 +     char qemu_dm_logfilename[64];
   11.16 +@@ -6530,6 +6531,10 @@
   11.17 +                                        PROT_READ|PROT_WRITE,
   11.18 +                                        BUFFER_IO_PAGE_START >> PAGE_SHIFT);
   11.19 + 
   11.20 ++    buffered_pio_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
   11.21 ++                                       PROT_READ|PROT_WRITE,
   11.22 ++                                       BUFFER_PIO_PAGE_START >> PAGE_SHIFT);
   11.23 ++
   11.24 +     for (i = 0; i < nr_pages; i++)
   11.25 +         page_array[i] = i;
   11.26 + 	
   11.27 +Index: ioemu/hw/ide.c
   11.28 +===================================================================
   11.29 +--- ioemu.orig/hw/ide.c	2007-05-03 15:07:15.000000000 +0100
   11.30 ++++ ioemu/hw/ide.c	2007-05-03 15:07:15.000000000 +0100
   11.31 +@@ -474,6 +474,121 @@
   11.32 + }
   11.33 + #endif /* DMA_MULTI_THREAD */
   11.34 + 
   11.35 ++#if defined(__ia64__)
   11.36 ++#include <xen/hvm/ioreq.h>
   11.37 ++
   11.38 ++struct buffered_piopage *buffered_pio_page;
   11.39 ++
   11.40 ++static inline struct pio_buffer *
   11.41 ++piobuf_by_addr(uint32_t addr)
   11.42 ++{
   11.43 ++    if (addr == 0x1F0)
   11.44 ++        return &buffered_pio_page->pio[PIO_BUFFER_IDE_PRIMARY];
   11.45 ++    if (addr == 0x170)
   11.46 ++        return &buffered_pio_page->pio[PIO_BUFFER_IDE_SECONDARY];
   11.47 ++    return NULL;
   11.48 ++}
   11.49 ++
   11.50 ++static void
   11.51 ++buffered_pio_init(void)
   11.52 ++{
   11.53 ++    struct pio_buffer *p1, *p2;
   11.54 ++    uint32_t off1, off2;
   11.55 ++
   11.56 ++    if (!buffered_pio_page)
   11.57 ++        return;
   11.58 ++
   11.59 ++    p1 = &buffered_pio_page->pio[PIO_BUFFER_IDE_PRIMARY];
   11.60 ++    p2 = &buffered_pio_page->pio[PIO_BUFFER_IDE_SECONDARY];
   11.61 ++    off1 = offsetof(struct buffered_piopage, buffer);
   11.62 ++    off2 = (off1 + TARGET_PAGE_SIZE)/2;
   11.63 ++
   11.64 ++    p1->buf_size = off2 - off1;
   11.65 ++    p1->page_offset = off1;
   11.66 ++
   11.67 ++    p2->buf_size = TARGET_PAGE_SIZE - off2;
   11.68 ++    p2->page_offset = off2;
   11.69 ++}
   11.70 ++
   11.71 ++static inline void
   11.72 ++buffered_pio_flush(struct pio_buffer *piobuf)
   11.73 ++{
   11.74 ++    IDEState *s = piobuf->opaque;
   11.75 ++    uint32_t pointer = piobuf->pointer;
   11.76 ++
   11.77 ++    if (s != NULL && pointer > 0) {
   11.78 ++        uint8_t *buf = (uint8_t *)buffered_pio_page + piobuf->page_offset;
   11.79 ++        memcpy(s->data_ptr, buf, pointer);
   11.80 ++        s->data_ptr += pointer;
   11.81 ++    }
   11.82 ++}
   11.83 ++
   11.84 ++static inline void
   11.85 ++buffered_pio_reset(IDEState *s)
   11.86 ++{
   11.87 ++    struct pio_buffer *piobuf;
   11.88 ++
   11.89 ++    if ((unsigned)s->drive_serial - 1 < 2)      /* 1,2 */
   11.90 ++        piobuf = &buffered_pio_page->pio[PIO_BUFFER_IDE_PRIMARY];
   11.91 ++    else if ((unsigned)s->drive_serial - 3 < 2) /* 3,4 */
   11.92 ++        piobuf = &buffered_pio_page->pio[PIO_BUFFER_IDE_SECONDARY];
   11.93 ++    else
   11.94 ++        return;
   11.95 ++    buffered_pio_flush(piobuf);
   11.96 ++    piobuf->pointer = 0;
   11.97 ++    piobuf->data_end = 0;
   11.98 ++    piobuf->opaque = NULL;
   11.99 ++}
  11.100 ++
  11.101 ++static inline void
  11.102 ++buffered_pio_write(IDEState *s, uint32_t addr, int size)
  11.103 ++{
  11.104 ++    struct pio_buffer *piobuf = piobuf_by_addr(addr);
  11.105 ++    int data_end;
  11.106 ++
  11.107 ++    if (!piobuf)
  11.108 ++        return;
  11.109 ++    buffered_pio_flush(piobuf);
  11.110 ++    data_end = s->data_end - s->data_ptr - size;
  11.111 ++    if (data_end <= 0)
  11.112 ++        data_end = 0;
  11.113 ++    else if (data_end > piobuf->buf_size)
  11.114 ++        data_end = piobuf->buf_size;
  11.115 ++    piobuf->pointer = 0;
  11.116 ++    piobuf->data_end = data_end;
  11.117 ++    piobuf->opaque = s;
  11.118 ++}
  11.119 ++
  11.120 ++static inline void
  11.121 ++buffered_pio_read(IDEState *s, uint32_t addr, int size)
  11.122 ++{
  11.123 ++    struct pio_buffer *piobuf = piobuf_by_addr(addr);
  11.124 ++    int data_end;
  11.125 ++
  11.126 ++    if (!piobuf)
  11.127 ++        return;
  11.128 ++    s->data_ptr += piobuf->pointer;
  11.129 ++    data_end = s->data_end - s->data_ptr - size;
  11.130 ++    if (data_end <= 0) {
  11.131 ++        data_end = 0;
  11.132 ++    } else {
  11.133 ++	uint8_t *buf = (uint8_t *)buffered_pio_page + piobuf->page_offset;
  11.134 ++        if (data_end > piobuf->buf_size)
  11.135 ++            data_end = piobuf->buf_size;
  11.136 ++        memcpy(buf, s->data_ptr + size, data_end);
  11.137 ++    }
  11.138 ++    piobuf->pointer = 0;
  11.139 ++    piobuf->data_end = data_end;
  11.140 ++    piobuf->opaque = NULL;
  11.141 ++}
  11.142 ++
  11.143 ++#else /* !__ia64__ */
  11.144 ++#define buffered_pio_init()         do {} while (0)
  11.145 ++#define buffered_pio_reset(I)       do {} while (0)
  11.146 ++#define buffered_pio_write(I,A,S)   do {} while (0)
  11.147 ++#define buffered_pio_read(I,A,S)    do {} while (0)
  11.148 ++#endif
  11.149 ++
  11.150 + static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb);
  11.151 + 
  11.152 + static void padstr(char *str, const char *src, int len)
  11.153 +@@ -658,6 +773,7 @@
  11.154 +     s->data_ptr = buf;
  11.155 +     s->data_end = buf + size;
  11.156 +     s->status |= DRQ_STAT;
  11.157 ++    buffered_pio_reset(s);
  11.158 + }
  11.159 + 
  11.160 + static void ide_transfer_stop(IDEState *s)
  11.161 +@@ -666,6 +782,7 @@
  11.162 +     s->data_ptr = s->io_buffer;
  11.163 +     s->data_end = s->io_buffer;
  11.164 +     s->status &= ~DRQ_STAT;
  11.165 ++    buffered_pio_reset(s);
  11.166 + }
  11.167 + 
  11.168 + static int64_t ide_get_sector(IDEState *s)
  11.169 +@@ -1578,6 +1695,7 @@
  11.170 +         ide_if[0].select = (val & ~0x10) | 0xa0;
  11.171 +         ide_if[1].select = (val | 0x10) | 0xa0;
  11.172 +         /* select drive */
  11.173 ++        buffered_pio_reset(ide_if->cur_drive);
  11.174 +         unit = (val >> 4) & 1;
  11.175 +         s = ide_if + unit;
  11.176 +         ide_if->cur_drive = s;
  11.177 +@@ -1936,6 +2054,7 @@
  11.178 +     IDEState *s = ((IDEState *)opaque)->cur_drive;
  11.179 +     uint8_t *p;
  11.180 + 
  11.181 ++    buffered_pio_write(s, addr, 2);
  11.182 +     p = s->data_ptr;
  11.183 +     *(uint16_t *)p = le16_to_cpu(val);
  11.184 +     p += 2;
  11.185 +@@ -1949,6 +2068,8 @@
  11.186 +     IDEState *s = ((IDEState *)opaque)->cur_drive;
  11.187 +     uint8_t *p;
  11.188 +     int ret;
  11.189 ++    
  11.190 ++    buffered_pio_read(s, addr, 2);
  11.191 +     p = s->data_ptr;
  11.192 +     ret = cpu_to_le16(*(uint16_t *)p);
  11.193 +     p += 2;
  11.194 +@@ -1963,6 +2084,7 @@
  11.195 +     IDEState *s = ((IDEState *)opaque)->cur_drive;
  11.196 +     uint8_t *p;
  11.197 + 
  11.198 ++    buffered_pio_write(s, addr, 4);
  11.199 +     p = s->data_ptr;
  11.200 +     *(uint32_t *)p = le32_to_cpu(val);
  11.201 +     p += 4;
  11.202 +@@ -1977,6 +2099,7 @@
  11.203 +     uint8_t *p;
  11.204 +     int ret;
  11.205 +     
  11.206 ++    buffered_pio_read(s, addr, 4);
  11.207 +     p = s->data_ptr;
  11.208 +     ret = cpu_to_le32(*(uint32_t *)p);
  11.209 +     p += 4;
  11.210 +@@ -2634,6 +2757,8 @@
  11.211 +     ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
  11.212 +     ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
  11.213 + 
  11.214 ++    buffered_pio_init();
  11.215 ++
  11.216 +     register_savevm("ide_pci", 0, 1, generic_pci_save, generic_pci_load, d);
  11.217 +     register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
  11.218 + 
    12.1 --- a/tools/ioemu/patches/ioemu-ia64	Thu May 03 11:22:58 2007 +0100
    12.2 +++ b/tools/ioemu/patches/ioemu-ia64	Thu May 03 15:39:45 2007 +0100
    12.3 @@ -1,7 +1,7 @@
    12.4  Index: ioemu/hw/iommu.c
    12.5  ===================================================================
    12.6 ---- ioemu.orig/hw/iommu.c	2006-12-20 15:04:54.000000000 +0000
    12.7 -+++ ioemu/hw/iommu.c	2006-12-20 15:04:54.000000000 +0000
    12.8 +--- ioemu.orig/hw/iommu.c	2007-05-03 09:56:32.000000000 +0100
    12.9 ++++ ioemu/hw/iommu.c	2007-05-03 10:05:51.000000000 +0100
   12.10  @@ -82,7 +82,11 @@
   12.11   #define IOPTE_VALID         0x00000002 /* IOPTE is valid */
   12.12   #define IOPTE_WAZ           0x00000001 /* Write as zeros */
   12.13 @@ -16,8 +16,8 @@ Index: ioemu/hw/iommu.c
   12.14   
   12.15  Index: ioemu/cpu-all.h
   12.16  ===================================================================
   12.17 ---- ioemu.orig/cpu-all.h	2006-12-20 15:04:54.000000000 +0000
   12.18 -+++ ioemu/cpu-all.h	2006-12-20 15:04:54.000000000 +0000
   12.19 +--- ioemu.orig/cpu-all.h	2007-05-03 09:56:32.000000000 +0100
   12.20 ++++ ioemu/cpu-all.h	2007-05-03 10:05:51.000000000 +0100
   12.21  @@ -835,6 +835,31 @@
   12.22                   :"=m" (*(volatile long *)addr)
   12.23                   :"dIr" (nr));
   12.24 @@ -52,17 +52,13 @@ Index: ioemu/cpu-all.h
   12.25   /* memory API */
   12.26  Index: ioemu/vl.c
   12.27  ===================================================================
   12.28 ---- ioemu.orig/vl.c	2006-12-20 15:04:54.000000000 +0000
   12.29 -+++ ioemu/vl.c	2006-12-20 15:12:00.000000000 +0000
   12.30 -@@ -6137,6 +6137,15 @@
   12.31 +--- ioemu.orig/vl.c	2007-05-03 10:04:06.000000000 +0100
   12.32 ++++ ioemu/vl.c	2007-05-03 10:25:23.000000000 +0100
   12.33 +@@ -6142,6 +6142,11 @@
   12.34               exit(1);
   12.35       }
   12.36   
   12.37  +#if defined (__ia64__)
   12.38 -+    /* ram_size passed from xend has added on GFW memory,
   12.39 -+       so we must subtract it here */
   12.40 -+    ram_size -= 16 * MEM_M;
   12.41 -+
   12.42  +    if (ram_size > MMIO_START)
   12.43  +        ram_size += 1 * MEM_G; /* skip 3G-4G MMIO, LEGACY_IO_SPACE etc. */
   12.44  +#endif
   12.45 @@ -70,20 +66,20 @@ Index: ioemu/vl.c
   12.46       /* init the memory */
   12.47       phys_ram_size = ram_size + vga_ram_size + bios_size;
   12.48   
   12.49 -@@ -6161,6 +6170,7 @@
   12.50 -         exit(-1);
   12.51 -     }
   12.52 - 
   12.53 -+#if defined(__i386__) || defined(__x86_64__)
   12.54 -     for ( i = 0; i < tmp_nr_pages; i++)
   12.55 -         page_array[i] = i;
   12.56 - 
   12.57 -@@ -6185,6 +6195,36 @@
   12.58 +@@ -6182,6 +6187,44 @@
   12.59   
   12.60       free(page_array);
   12.61   
   12.62  +#elif defined(__ia64__)
   12.63 -+  
   12.64 ++
   12.65 ++    nr_pages = ram_size/PAGE_SIZE;
   12.66 ++
   12.67 ++    page_array = (xen_pfn_t *)malloc(nr_pages * sizeof(xen_pfn_t));
   12.68 ++    if (page_array == NULL) {
   12.69 ++        fprintf(logfile, "malloc returned error %d\n", errno);
   12.70 ++        exit(-1);
   12.71 ++    }
   12.72 ++
   12.73  +    shared_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
   12.74  +                                       PROT_READ|PROT_WRITE,
   12.75  +                                       IO_PAGE_START >> PAGE_SHIFT);
   12.76 @@ -92,7 +88,7 @@ Index: ioemu/vl.c
   12.77  +                                       PROT_READ|PROT_WRITE,
   12.78  +                                       BUFFER_IO_PAGE_START >> PAGE_SHIFT);
   12.79  +
   12.80 -+    for (i = 0; i < tmp_nr_pages; i++)
   12.81 ++    for (i = 0; i < nr_pages; i++)
   12.82  +        page_array[i] = i;
   12.83  +	
   12.84  +    /* VTI will not use memory between 3G~4G, so we just pass a legal pfn
   12.85 @@ -117,8 +113,8 @@ Index: ioemu/vl.c
   12.86       phys_ram_base = qemu_vmalloc(phys_ram_size);
   12.87  Index: ioemu/exec-all.h
   12.88  ===================================================================
   12.89 ---- ioemu.orig/exec-all.h	2006-12-20 15:04:54.000000000 +0000
   12.90 -+++ ioemu/exec-all.h	2006-12-20 15:04:54.000000000 +0000
   12.91 +--- ioemu.orig/exec-all.h	2007-05-03 09:56:32.000000000 +0100
   12.92 ++++ ioemu/exec-all.h	2007-05-03 10:05:51.000000000 +0100
   12.93  @@ -462,12 +462,13 @@
   12.94   }
   12.95   #endif
   12.96 @@ -138,8 +134,8 @@ Index: ioemu/exec-all.h
   12.97   
   12.98  Index: ioemu/target-i386-dm/cpu.h
   12.99  ===================================================================
  12.100 ---- ioemu.orig/target-i386-dm/cpu.h	2006-12-20 15:04:54.000000000 +0000
  12.101 -+++ ioemu/target-i386-dm/cpu.h	2006-12-20 15:10:13.000000000 +0000
  12.102 +--- ioemu.orig/target-i386-dm/cpu.h	2007-05-03 09:56:32.000000000 +0100
  12.103 ++++ ioemu/target-i386-dm/cpu.h	2007-05-03 10:25:13.000000000 +0100
  12.104  @@ -78,7 +78,11 @@
  12.105   /* helper2.c */
  12.106   int main_loop(void);
  12.107 @@ -155,7 +151,7 @@ Index: ioemu/target-i386-dm/cpu.h
  12.108  Index: ioemu/ia64_intrinsic.h
  12.109  ===================================================================
  12.110  --- /dev/null	1970-01-01 00:00:00.000000000 +0000
  12.111 -+++ ioemu/ia64_intrinsic.h	2006-12-20 15:04:54.000000000 +0000
  12.112 ++++ ioemu/ia64_intrinsic.h	2007-05-03 10:05:51.000000000 +0100
  12.113  @@ -0,0 +1,276 @@
  12.114  +#ifndef IA64_INTRINSIC_H
  12.115  +#define IA64_INTRINSIC_H
    13.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    13.2 +++ b/tools/ioemu/patches/ioemu-save-restore	Thu May 03 15:39:45 2007 +0100
    13.3 @@ -0,0 +1,225 @@
    13.4 +Index: ioemu/hw/cirrus_vga.c
    13.5 +===================================================================
    13.6 +--- ioemu.orig/hw/cirrus_vga.c	2007-05-03 15:03:18.000000000 +0100
    13.7 ++++ ioemu/hw/cirrus_vga.c	2007-05-03 15:08:02.000000000 +0100
    13.8 +@@ -3011,11 +3011,42 @@
    13.9 +     cirrus_mmio_writel,
   13.10 + };
   13.11 + 
   13.12 ++void cirrus_stop_acc(CirrusVGAState *s)
   13.13 ++{
   13.14 ++    if (s->map_addr){
   13.15 ++        int error;
   13.16 ++        s->map_addr = 0;
   13.17 ++        error = unset_vram_mapping(s->cirrus_lfb_addr,
   13.18 ++                s->cirrus_lfb_end, s->vram_ptr);
   13.19 ++        fprintf(stderr, "cirrus_stop_acc:unset_vram_mapping.\n");
   13.20 ++    }
   13.21 ++}
   13.22 ++
   13.23 ++void cirrus_restart_acc(CirrusVGAState *s)
   13.24 ++{
   13.25 ++    if (s->cirrus_lfb_addr && s->cirrus_lfb_end) {
   13.26 ++        void *vram_pointer, *old_vram;
   13.27 ++        fprintf(stderr, "cirrus_vga_load:re-enable vga acc.lfb_addr=0x%lx, lfb_end=0x%lx.\n",
   13.28 ++                s->cirrus_lfb_addr, s->cirrus_lfb_end);
   13.29 ++        vram_pointer = set_vram_mapping(s->cirrus_lfb_addr ,s->cirrus_lfb_end);
   13.30 ++        if (!vram_pointer){
   13.31 ++            fprintf(stderr, "cirrus_vga_load:NULL vram_pointer\n");
   13.32 ++        } else {
   13.33 ++            old_vram = vga_update_vram((VGAState *)s, vram_pointer,
   13.34 ++                    VGA_RAM_SIZE);
   13.35 ++            qemu_free(old_vram);
   13.36 ++            s->map_addr = s->cirrus_lfb_addr;
   13.37 ++            s->map_end = s->cirrus_lfb_end;
   13.38 ++        }
   13.39 ++    }
   13.40 ++}
   13.41 ++
   13.42 + /* load/save state */
   13.43 + 
   13.44 + static void cirrus_vga_save(QEMUFile *f, void *opaque)
   13.45 + {
   13.46 +     CirrusVGAState *s = opaque;
   13.47 ++    uint8_t vga_acc;
   13.48 + 
   13.49 +     qemu_put_be32s(f, &s->latch);
   13.50 +     qemu_put_8s(f, &s->sr_index);
   13.51 +@@ -3050,11 +3081,20 @@
   13.52 +     qemu_put_be32s(f, &s->hw_cursor_y);
   13.53 +     /* XXX: we do not save the bitblt state - we assume we do not save
   13.54 +        the state when the blitter is active */
   13.55 ++
   13.56 ++    vga_acc = (!!s->map_addr);
   13.57 ++    qemu_put_8s(f, &vga_acc);
   13.58 ++    qemu_put_be64s(f, (uint64_t*)&s->cirrus_lfb_addr);
   13.59 ++    qemu_put_be64s(f, (uint64_t*)&s->cirrus_lfb_end);
   13.60 ++    qemu_put_buffer(f, s->vram_ptr, VGA_RAM_SIZE); 
   13.61 ++    if (vga_acc)
   13.62 ++        cirrus_stop_acc(s);
   13.63 + }
   13.64 + 
   13.65 + static int cirrus_vga_load(QEMUFile *f, void *opaque, int version_id)
   13.66 + {
   13.67 +     CirrusVGAState *s = opaque;
   13.68 ++    uint8_t vga_acc = 0;
   13.69 + 
   13.70 +     if (version_id != 1)
   13.71 +         return -EINVAL;
   13.72 +@@ -3093,6 +3133,14 @@
   13.73 +     qemu_get_be32s(f, &s->hw_cursor_x);
   13.74 +     qemu_get_be32s(f, &s->hw_cursor_y);
   13.75 + 
   13.76 ++    qemu_get_8s(f, &vga_acc);
   13.77 ++    qemu_get_be64s(f, (uint64_t*)&s->cirrus_lfb_addr);
   13.78 ++    qemu_get_be64s(f, (uint64_t*)&s->cirrus_lfb_end);
   13.79 ++    qemu_get_buffer(f, s->vram_ptr, VGA_RAM_SIZE); 
   13.80 ++    if (vga_acc){
   13.81 ++        cirrus_restart_acc(s);
   13.82 ++    }
   13.83 ++
   13.84 +     /* force refresh */
   13.85 +     s->graphic_mode = -1;
   13.86 +     cirrus_update_bank_ptr(s, 0);
   13.87 +@@ -3298,6 +3346,8 @@
   13.88 +                     ds, vga_ram_base, vga_ram_offset, vga_ram_size);
   13.89 +     cirrus_init_common(s, device_id, 1);
   13.90 + 
   13.91 ++    register_savevm("cirrus_vga_pci", 0, 1, generic_pci_save, generic_pci_load, d);
   13.92 ++
   13.93 +     /* setup memory space */
   13.94 +     /* memory #0 LFB */
   13.95 +     /* memory #1 memory-mapped I/O */
   13.96 +Index: ioemu/vl.c
   13.97 +===================================================================
   13.98 +--- ioemu.orig/vl.c	2007-05-03 15:03:18.000000000 +0100
   13.99 ++++ ioemu/vl.c	2007-05-03 15:08:04.000000000 +0100
  13.100 +@@ -4470,6 +4470,11 @@
  13.101 +         qemu_fseek(f, cur_pos + record_len, SEEK_SET);
  13.102 +     }
  13.103 +     fclose(f);
  13.104 ++
  13.105 ++    /* del tmp file */
  13.106 ++    if (unlink(filename) == -1)
  13.107 ++        fprintf(stderr, "delete tmp qemu state file failed.\n");
  13.108 ++
  13.109 +     ret = 0;
  13.110 +  the_end:
  13.111 +     if (saved_vm_running)
  13.112 +@@ -5056,6 +5061,7 @@
  13.113 + static QEMUResetEntry *first_reset_entry;
  13.114 + int reset_requested;
  13.115 + int shutdown_requested;
  13.116 ++int suspend_requested;
  13.117 + static int powerdown_requested;
  13.118 + 
  13.119 + void qemu_register_reset(QEMUResetHandler *func, void *opaque)
  13.120 +@@ -5816,6 +5822,15 @@
  13.121 +     return 0;
  13.122 + }
  13.123 + 
  13.124 ++void suspend(int sig)
  13.125 ++{
  13.126 ++    fprintf(logfile, "suspend sig handler called with requested=%d!\n",
  13.127 ++            suspend_requested);
  13.128 ++    if (sig != SIGUSR1)
  13.129 ++        fprintf(logfile, "suspend signal dismatch, get sig=%d!\n", sig);
  13.130 ++    suspend_requested = 1;
  13.131 ++}
  13.132 ++
  13.133 + int main(int argc, char **argv)
  13.134 + {
  13.135 + #ifdef CONFIG_GDBSTUB
  13.136 +@@ -6581,6 +6596,26 @@
  13.137 +             vm_start();
  13.138 +         }
  13.139 +     }
  13.140 ++
  13.141 ++    /* register signal for the suspend request when save */
  13.142 ++    {
  13.143 ++        struct sigaction act;
  13.144 ++        sigset_t set;
  13.145 ++        act.sa_handler = suspend;
  13.146 ++        act.sa_flags = SA_RESTART;
  13.147 ++        sigemptyset(&act.sa_mask);
  13.148 ++
  13.149 ++        sigaction(SIGUSR1, &act, NULL);
  13.150 ++
  13.151 ++        /* control panel mask some signals when spawn qemu, need unmask here*/
  13.152 ++        sigemptyset(&set);
  13.153 ++        sigaddset(&set, SIGUSR1);
  13.154 ++        sigaddset(&set, SIGTERM);
  13.155 ++        if (sigprocmask(SIG_UNBLOCK, &set, NULL) == -1)
  13.156 ++            fprintf(stderr, "unblock signal fail, possible issue for HVM save!\n");
  13.157 ++
  13.158 ++    }
  13.159 ++
  13.160 +     main_loop();
  13.161 +     quit_timers();
  13.162 +     return 0;
  13.163 +Index: ioemu/hw/pci.c
  13.164 +===================================================================
  13.165 +--- ioemu.orig/hw/pci.c	2007-05-03 15:03:12.000000000 +0100
  13.166 ++++ ioemu/hw/pci.c	2007-05-03 15:08:02.000000000 +0100
  13.167 +@@ -40,6 +40,8 @@
  13.168 + static int pci_irq_index;
  13.169 + static PCIBus *first_bus;
  13.170 + 
  13.171 ++static void pci_update_mappings(PCIDevice *d);
  13.172 ++
  13.173 + PCIBus *pci_register_bus(pci_set_irq_fn set_irq, void *pic, int devfn_min)
  13.174 + {
  13.175 +     PCIBus *bus;
  13.176 +@@ -71,6 +73,7 @@
  13.177 +         return -EINVAL;
  13.178 + 
  13.179 +     qemu_get_buffer(f, s->config, 256);
  13.180 ++    pci_update_mappings(s);
  13.181 +     return 0;
  13.182 + }
  13.183 + 
  13.184 +Index: ioemu/hw/ide.c
  13.185 +===================================================================
  13.186 +--- ioemu.orig/hw/ide.c	2007-05-03 15:03:12.000000000 +0100
  13.187 ++++ ioemu/hw/ide.c	2007-05-03 15:08:04.000000000 +0100
  13.188 +@@ -2405,6 +2405,8 @@
  13.189 +               pic_set_irq_new, isa_pic, 15);
  13.190 +     ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
  13.191 +     ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
  13.192 ++
  13.193 ++    register_savevm("ide_pci", 0, 1, generic_pci_save, generic_pci_load, d);
  13.194 + }
  13.195 + 
  13.196 + /***********************************************************/
  13.197 +Index: ioemu/target-i386-dm/helper2.c
  13.198 +===================================================================
  13.199 +--- ioemu.orig/target-i386-dm/helper2.c	2007-05-03 15:03:18.000000000 +0100
  13.200 ++++ ioemu/target-i386-dm/helper2.c	2007-05-03 15:09:10.000000000 +0100
  13.201 +@@ -540,8 +540,10 @@
  13.202 + {
  13.203 +     extern int vm_running;
  13.204 +     extern int shutdown_requested;
  13.205 ++    extern int suspend_requested;
  13.206 +     CPUState *env = cpu_single_env;
  13.207 +     int evtchn_fd = xc_evtchn_fd(xce_handle);
  13.208 ++    char qemu_file[20];
  13.209 + 
  13.210 +     qemu_set_fd_handler(evtchn_fd, cpu_handle_ioreq, NULL, env);
  13.211 + 
  13.212 +@@ -549,7 +551,15 @@
  13.213 +         /* Wait up to 10 msec. */
  13.214 +         main_loop_wait(10);
  13.215 + 
  13.216 +-    destroy_hvm_domain();
  13.217 ++    fprintf(logfile, "device model received suspend signal!\n");
  13.218 ++
  13.219 ++    /* Pull all outstanding ioreqs through the system */
  13.220 ++    main_loop_wait(1); /* For the select() on events */
  13.221 ++
  13.222 ++    /* Save the device state */
  13.223 ++    sprintf(qemu_file, "/tmp/xen.qemu-dm.%d", domid);
  13.224 ++    if (qemu_savevm(qemu_file) < 0)
  13.225 ++        fprintf(stderr, "qemu save fail.\n");
  13.226 + 
  13.227 +     return 0;
  13.228 + }
    14.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    14.2 +++ b/tools/ioemu/patches/ioemu-save-restore-acpi	Thu May 03 15:39:45 2007 +0100
    14.3 @@ -0,0 +1,34 @@
    14.4 +Index: ioemu/hw/piix4acpi.c
    14.5 +===================================================================
    14.6 +--- ioemu.orig/hw/piix4acpi.c	2007-05-03 15:07:43.000000000 +0100
    14.7 ++++ ioemu/hw/piix4acpi.c	2007-05-03 15:07:43.000000000 +0100
    14.8 +@@ -57,6 +57,20 @@
    14.9 +     uint16_t pm1_control; /* pm1a_ECNT_BLK */
   14.10 + } PCIAcpiState;
   14.11 + 
   14.12 ++static void piix4acpi_save(QEMUFile *f, void *opaque)
   14.13 ++{
   14.14 ++    PCIAcpiState *s = opaque;
   14.15 ++    qemu_put_be16s(f, &s->pm1_control);
   14.16 ++}
   14.17 ++
   14.18 ++static int piix4acpi_load(QEMUFile *f, void *opaque, int version_id)
   14.19 ++{
   14.20 ++    PCIAcpiState *s = opaque;
   14.21 ++    if (version_id > 1) 
   14.22 ++        return -EINVAL;
   14.23 ++    qemu_get_be16s(f, &s->pm1_control);
   14.24 ++}
   14.25 ++
   14.26 + static void acpiPm1Control_writeb(void *opaque, uint32_t addr, uint32_t val)
   14.27 + {
   14.28 +     PCIAcpiState *s = opaque;
   14.29 +@@ -193,4 +207,8 @@
   14.30 +     d->pm1_control = SCI_EN;
   14.31 + 
   14.32 +     acpi_map(d, 0, 0x1f40, 0x10, PCI_ADDRESS_SPACE_IO);
   14.33 ++
   14.34 ++    register_savevm("piix4acpi", 0, 1, piix4acpi_save, piix4acpi_load, d);    
   14.35 ++    register_savevm("piix4acpi_pci", 0, 1, generic_pci_save, generic_pci_load, 
   14.36 ++                    &d->dev);
   14.37 + }
    15.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    15.2 +++ b/tools/ioemu/patches/ioemu-save-restore-ide	Thu May 03 15:39:45 2007 +0100
    15.3 @@ -0,0 +1,133 @@
    15.4 +Index: ioemu/hw/ide.c
    15.5 +===================================================================
    15.6 +--- ioemu.orig/hw/ide.c	2007-05-02 14:12:00.000000000 +0100
    15.7 ++++ ioemu/hw/ide.c	2007-05-02 14:12:40.000000000 +0100
    15.8 +@@ -2372,6 +2372,120 @@
    15.9 +               cmd646_set_irq, d, 1);
   15.10 + }
   15.11 + 
   15.12 ++static void pci_ide_save(QEMUFile* f, void *opaque)
   15.13 ++{
   15.14 ++    PCIIDEState *d = opaque;
   15.15 ++    int i;
   15.16 ++
   15.17 ++    for(i = 0; i < 2; i++) {
   15.18 ++        BMDMAState *bm = &d->bmdma[i];
   15.19 ++        qemu_put_8s(f, &bm->cmd);
   15.20 ++        qemu_put_8s(f, &bm->status);
   15.21 ++        qemu_put_be32s(f, &bm->addr);
   15.22 ++        /* XXX: if a transfer is pending, we do not save it yet */
   15.23 ++    }
   15.24 ++
   15.25 ++    /* per IDE interface data */
   15.26 ++    for(i = 0; i < 2; i++) {
   15.27 ++        IDEState *s = &d->ide_if[i * 2];
   15.28 ++        uint8_t drive1_selected;
   15.29 ++        qemu_put_8s(f, &s->cmd);
   15.30 ++        drive1_selected = (s->cur_drive != s);
   15.31 ++        qemu_put_8s(f, &drive1_selected);
   15.32 ++    }
   15.33 ++
   15.34 ++    /* per IDE drive data */
   15.35 ++    for(i = 0; i < 4; i++) {
   15.36 ++        IDEState *s = &d->ide_if[i];
   15.37 ++        qemu_put_be32s(f, &s->mult_sectors);
   15.38 ++        qemu_put_be32s(f, &s->identify_set);
   15.39 ++        if (s->identify_set) {
   15.40 ++            qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
   15.41 ++        }
   15.42 ++        qemu_put_8s(f, &s->write_cache);
   15.43 ++        qemu_put_8s(f, &s->feature);
   15.44 ++        qemu_put_8s(f, &s->error);
   15.45 ++        qemu_put_be32s(f, &s->nsector);
   15.46 ++        qemu_put_8s(f, &s->sector);
   15.47 ++        qemu_put_8s(f, &s->lcyl);
   15.48 ++        qemu_put_8s(f, &s->hcyl);
   15.49 ++        qemu_put_8s(f, &s->hob_feature);
   15.50 ++        qemu_put_8s(f, &s->hob_nsector);
   15.51 ++        qemu_put_8s(f, &s->hob_sector);
   15.52 ++        qemu_put_8s(f, &s->hob_lcyl);
   15.53 ++        qemu_put_8s(f, &s->hob_hcyl);
   15.54 ++        qemu_put_8s(f, &s->select);
   15.55 ++        qemu_put_8s(f, &s->status);
   15.56 ++        qemu_put_8s(f, &s->lba48);
   15.57 ++
   15.58 ++        qemu_put_8s(f, &s->sense_key);
   15.59 ++        qemu_put_8s(f, &s->asc);
   15.60 ++        /* XXX: if a transfer is pending, we do not save it yet */
   15.61 ++    }
   15.62 ++}
   15.63 ++
   15.64 ++static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
   15.65 ++{
   15.66 ++    PCIIDEState *d = opaque;
   15.67 ++    int ret, i;
   15.68 ++
   15.69 ++    if (version_id != 1)
   15.70 ++        return -EINVAL;
   15.71 ++
   15.72 ++    for(i = 0; i < 2; i++) {
   15.73 ++        BMDMAState *bm = &d->bmdma[i];
   15.74 ++        qemu_get_8s(f, &bm->cmd);
   15.75 ++        qemu_get_8s(f, &bm->status);
   15.76 ++        qemu_get_be32s(f, &bm->addr);
   15.77 ++        /* XXX: if a transfer is pending, we do not save it yet */
   15.78 ++    }
   15.79 ++
   15.80 ++    /* per IDE interface data */
   15.81 ++    for(i = 0; i < 2; i++) {
   15.82 ++        IDEState *s = &d->ide_if[i * 2];
   15.83 ++        uint8_t drive1_selected;
   15.84 ++        qemu_get_8s(f, &s->cmd);
   15.85 ++        qemu_get_8s(f, &drive1_selected);
   15.86 ++        s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
   15.87 ++    }
   15.88 ++
   15.89 ++    /* per IDE drive data */
   15.90 ++    for(i = 0; i < 4; i++) {
   15.91 ++        IDEState *s = &d->ide_if[i];
   15.92 ++        qemu_get_be32s(f, &s->mult_sectors);
   15.93 ++        qemu_get_be32s(f, &s->identify_set);
   15.94 ++        if (s->identify_set) {
   15.95 ++            qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
   15.96 ++        }
   15.97 ++        qemu_get_8s(f, &s->write_cache);
   15.98 ++        qemu_get_8s(f, &s->feature);
   15.99 ++        qemu_get_8s(f, &s->error);
  15.100 ++        qemu_get_be32s(f, &s->nsector);
  15.101 ++        qemu_get_8s(f, &s->sector);
  15.102 ++        qemu_get_8s(f, &s->lcyl);
  15.103 ++        qemu_get_8s(f, &s->hcyl);
  15.104 ++        qemu_get_8s(f, &s->hob_feature);
  15.105 ++        qemu_get_8s(f, &s->hob_nsector);
  15.106 ++        qemu_get_8s(f, &s->hob_sector);
  15.107 ++        qemu_get_8s(f, &s->hob_lcyl);
  15.108 ++        qemu_get_8s(f, &s->hob_hcyl);
  15.109 ++        qemu_get_8s(f, &s->select);
  15.110 ++        qemu_get_8s(f, &s->status);
  15.111 ++        qemu_get_8s(f, &s->lba48);
  15.112 ++
  15.113 ++        qemu_get_8s(f, &s->sense_key);
  15.114 ++        qemu_get_8s(f, &s->asc);
  15.115 ++        /* XXX: if a transfer is pending, we do not save it yet */
  15.116 ++        if (s->status & (DRQ_STAT|BUSY_STAT)) {
  15.117 ++            /* Tell the guest that its transfer has gone away */
  15.118 ++            ide_abort_command(s);
  15.119 ++            ide_set_irq(s);
  15.120 ++        }
  15.121 ++    }
  15.122 ++    return 0;
  15.123 ++}
  15.124 ++
  15.125 ++
  15.126 + /* hd_table must contain 4 block drivers */
  15.127 + /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
  15.128 + void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn)
  15.129 +@@ -2407,6 +2521,7 @@
  15.130 +     ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
  15.131 + 
  15.132 +     register_savevm("ide_pci", 0, 1, generic_pci_save, generic_pci_load, d);
  15.133 ++    register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
  15.134 + }
  15.135 + 
  15.136 + /***********************************************************/
    16.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    16.2 +++ b/tools/ioemu/patches/ioemu-save-restore-logdirty	Thu May 03 15:39:45 2007 +0100
    16.3 @@ -0,0 +1,190 @@
    16.4 +Index: ioemu/xenstore.c
    16.5 +===================================================================
    16.6 +--- ioemu.orig/xenstore.c	2007-05-03 10:42:11.000000000 +0100
    16.7 ++++ ioemu/xenstore.c	2007-05-03 14:17:13.000000000 +0100
    16.8 +@@ -11,6 +11,11 @@
    16.9 + #include "vl.h"
   16.10 + #include "block_int.h"
   16.11 + #include <unistd.h>
   16.12 ++#include <sys/ipc.h>
   16.13 ++#include <sys/shm.h>
   16.14 ++#include <sys/types.h>
   16.15 ++#include <sys/stat.h>
   16.16 ++#include <fcntl.h>
   16.17 + 
   16.18 + static struct xs_handle *xsh = NULL;
   16.19 + static char *media_filename[MAX_DISKS];
   16.20 +@@ -173,6 +178,13 @@
   16.21 + 	}
   16.22 +     }
   16.23 + 
   16.24 ++    /* Set a watch for log-dirty requests from the migration tools */
   16.25 ++    if (pasprintf(&buf, "%s/logdirty/next-active", path) != -1) {
   16.26 ++        xs_watch(xsh, buf, "logdirty");
   16.27 ++        fprintf(logfile, "Watching %s\n", buf);
   16.28 ++    }
   16.29 ++
   16.30 ++
   16.31 +  out:
   16.32 +     free(type);
   16.33 +     free(params);
   16.34 +@@ -191,6 +203,112 @@
   16.35 +     return -1;
   16.36 + }
   16.37 + 
   16.38 ++unsigned long *logdirty_bitmap = NULL;
   16.39 ++unsigned long logdirty_bitmap_size;
   16.40 ++extern int vga_ram_size, bios_size;
   16.41 ++
   16.42 ++void xenstore_process_logdirty_event(void)
   16.43 ++{
   16.44 ++    char *act;
   16.45 ++    static char *active_path = NULL;
   16.46 ++    static char *next_active_path = NULL;
   16.47 ++    static char *seg = NULL;
   16.48 ++    unsigned int len;
   16.49 ++    int i;
   16.50 ++
   16.51 ++    fprintf(logfile, "Triggered log-dirty buffer switch\n");
   16.52 ++
   16.53 ++    if (!seg) {
   16.54 ++        char *path, *p, *key_ascii, key_terminated[17] = {0,};
   16.55 ++        key_t key;
   16.56 ++        int shmid;
   16.57 ++
   16.58 ++        /* Find and map the shared memory segment for log-dirty bitmaps */
   16.59 ++        if (!(path = xs_get_domain_path(xsh, domid))) {            
   16.60 ++            fprintf(logfile, "Log-dirty: can't get domain path in store\n");
   16.61 ++            exit(1);
   16.62 ++        }
   16.63 ++        if (!(path = realloc(path, strlen(path) 
   16.64 ++                             + strlen("/logdirty/next-active") + 1))) {
   16.65 ++            fprintf(logfile, "Log-dirty: out of memory\n");
   16.66 ++            exit(1);
   16.67 ++        }
   16.68 ++        strcat(path, "/logdirty/");
   16.69 ++        p = path + strlen(path);
   16.70 ++        strcpy(p, "key");
   16.71 ++        
   16.72 ++        key_ascii = xs_read(xsh, XBT_NULL, path, &len);
   16.73 ++        if (!key_ascii) {
   16.74 ++            /* No key yet: wait for the next watch */
   16.75 ++            free(path);
   16.76 ++            return;
   16.77 ++        }
   16.78 ++        strncpy(key_terminated, key_ascii, 16);
   16.79 ++        free(key_ascii);
   16.80 ++        key = (key_t) strtoull(key_terminated, NULL, 16);
   16.81 ++
   16.82 ++        /* Figure out how bit the log-dirty bitmaps are */
   16.83 ++        logdirty_bitmap_size = xc_memory_op(xc_handle, 
   16.84 ++                                            XENMEM_maximum_gpfn, &domid) + 1;
   16.85 ++        logdirty_bitmap_size = ((logdirty_bitmap_size + HOST_LONG_BITS - 1)
   16.86 ++                                / HOST_LONG_BITS); /* longs */
   16.87 ++        logdirty_bitmap_size *= sizeof (unsigned long); /* bytes */
   16.88 ++
   16.89 ++        /* Map the shared-memory segment */
   16.90 ++        if ((shmid = shmget(key, 
   16.91 ++                            2 * logdirty_bitmap_size, 
   16.92 ++                            S_IRUSR|S_IWUSR)) == -1 
   16.93 ++            || (seg = shmat(shmid, NULL, 0)) == (void *)-1) {
   16.94 ++            fprintf(logfile, "Log-dirty: can't map segment %16.16llx (%s)\n",
   16.95 ++                    (unsigned long long) key, strerror(errno));
   16.96 ++            exit(1);
   16.97 ++        }
   16.98 ++
   16.99 ++        fprintf(logfile, "Log-dirty: mapped segment at %p\n", seg);
  16.100 ++
  16.101 ++        /* Double-check that the bitmaps are the size we expect */
  16.102 ++        if (logdirty_bitmap_size != *(uint32_t *)seg) {
  16.103 ++            fprintf(logfile, "Log-dirty: got %u, calc %lu\n", 
  16.104 ++                    *(uint32_t *)seg, logdirty_bitmap_size);
  16.105 ++            return;
  16.106 ++        }
  16.107 ++
  16.108 ++        /* Remember the paths for the next-active and active entries */
  16.109 ++        strcpy(p, "active");
  16.110 ++        if (!(active_path = strdup(path))) {
  16.111 ++            fprintf(logfile, "Log-dirty: out of memory\n");
  16.112 ++            exit(1);
  16.113 ++        }
  16.114 ++        strcpy(p, "next-active");
  16.115 ++        if (!(next_active_path = strdup(path))) {
  16.116 ++            fprintf(logfile, "Log-dirty: out of memory\n");
  16.117 ++            exit(1);
  16.118 ++        }
  16.119 ++        free(path);
  16.120 ++    }
  16.121 ++    
  16.122 ++    /* Read the required active buffer from the store */
  16.123 ++    act = xs_read(xsh, XBT_NULL, next_active_path, &len);
  16.124 ++    if (!act) {
  16.125 ++        fprintf(logfile, "Log-dirty: can't read next-active\n");
  16.126 ++        exit(1);
  16.127 ++    }
  16.128 ++
  16.129 ++    /* Switch buffers */
  16.130 ++    i = act[0] - '0';
  16.131 ++    if (i != 0 && i != 1) {
  16.132 ++        fprintf(logfile, "Log-dirty: bad next-active entry: %s\n", act);
  16.133 ++        exit(1);
  16.134 ++    }
  16.135 ++    logdirty_bitmap = (unsigned long *)(seg + i * logdirty_bitmap_size);
  16.136 ++
  16.137 ++    /* Ack that we've switched */
  16.138 ++    xs_write(xsh, XBT_NULL, active_path, act, len);
  16.139 ++    free(act);
  16.140 ++}
  16.141 ++
  16.142 ++
  16.143 ++
  16.144 + void xenstore_process_event(void *opaque)
  16.145 + {
  16.146 +     char **vec, *image = NULL;
  16.147 +@@ -200,6 +318,11 @@
  16.148 +     if (!vec)
  16.149 + 	return;
  16.150 + 
  16.151 ++    if (!strcmp(vec[XS_WATCH_TOKEN], "logdirty")) {
  16.152 ++        xenstore_process_logdirty_event();
  16.153 ++        goto out;
  16.154 ++    }
  16.155 ++
  16.156 +     if (strncmp(vec[XS_WATCH_TOKEN], "hd", 2) ||
  16.157 + 	strlen(vec[XS_WATCH_TOKEN]) != 3)
  16.158 + 	goto out;
  16.159 +Index: ioemu/target-i386-dm/exec-dm.c
  16.160 +===================================================================
  16.161 +--- ioemu.orig/target-i386-dm/exec-dm.c	2007-05-03 14:13:38.000000000 +0100
  16.162 ++++ ioemu/target-i386-dm/exec-dm.c	2007-05-03 14:18:14.000000000 +0100
  16.163 +@@ -431,6 +431,9 @@
  16.164 + #define phys_ram_addr(x) ((addr < ram_size) ? (phys_ram_base + (x)) : NULL)
  16.165 + #endif
  16.166 + 
  16.167 ++extern unsigned long *logdirty_bitmap;
  16.168 ++extern unsigned long logdirty_bitmap_size;
  16.169 ++
  16.170 + void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf, 
  16.171 +                             int len, int is_write)
  16.172 + {
  16.173 +@@ -466,8 +469,19 @@
  16.174 +                     l = 1;
  16.175 +                 }
  16.176 +             } else if ((ptr = phys_ram_addr(addr)) != NULL) {
  16.177 +-                /* Reading from RAM */
  16.178 ++                /* Writing to RAM */
  16.179 +                 memcpy(ptr, buf, l);
  16.180 ++                if (logdirty_bitmap != NULL) {
  16.181 ++                    /* Record that we have dirtied this frame */
  16.182 ++                    unsigned long pfn = addr >> TARGET_PAGE_BITS;
  16.183 ++                    if (pfn / 8 >= logdirty_bitmap_size) {
  16.184 ++                        fprintf(logfile, "dirtying pfn %lx >= bitmap "
  16.185 ++                                "size %lx\n", pfn, logdirty_bitmap_size * 8);
  16.186 ++                    } else {
  16.187 ++                        logdirty_bitmap[pfn / HOST_LONG_BITS]
  16.188 ++                            |= 1UL << pfn % HOST_LONG_BITS;
  16.189 ++                    }
  16.190 ++                }
  16.191 + #ifdef __ia64__
  16.192 +                 sync_icache(ptr, l);
  16.193 + #endif 
    17.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    17.2 +++ b/tools/ioemu/patches/ioemu-save-restore-ne2000	Thu May 03 15:39:45 2007 +0100
    17.3 @@ -0,0 +1,34 @@
    17.4 +Index: ioemu/hw/ne2000.c
    17.5 +===================================================================
    17.6 +--- ioemu.orig/hw/ne2000.c	2007-05-02 16:09:35.000000000 +0100
    17.7 ++++ ioemu/hw/ne2000.c	2007-05-02 16:10:03.000000000 +0100
    17.8 +@@ -739,7 +739,7 @@
    17.9 +              s->macaddr[4],
   17.10 +              s->macaddr[5]);
   17.11 +              
   17.12 +-    register_savevm("ne2000", 0, 2, ne2000_save, ne2000_load, s);
   17.13 ++    register_savevm("ne2000", base, 2, ne2000_save, ne2000_load, s);
   17.14 + }
   17.15 + 
   17.16 + /***********************************************************/
   17.17 +@@ -775,6 +775,7 @@
   17.18 +     PCINE2000State *d;
   17.19 +     NE2000State *s;
   17.20 +     uint8_t *pci_conf;
   17.21 ++    int instance;
   17.22 +     
   17.23 +     d = (PCINE2000State *)pci_register_device(bus,
   17.24 +                                               "NE2000", sizeof(PCINE2000State),
   17.25 +@@ -809,8 +810,8 @@
   17.26 +              s->macaddr[4],
   17.27 +              s->macaddr[5]);
   17.28 +              
   17.29 +-    /* XXX: instance number ? */
   17.30 +-    register_savevm("ne2000", 0, 2, ne2000_save, ne2000_load, s);
   17.31 +-    register_savevm("ne2000_pci", 0, 1, generic_pci_save, generic_pci_load, 
   17.32 +-                    &d->dev);
   17.33 ++    instance = pci_bus_num(bus) << 8 | s->pci_dev->devfn;
   17.34 ++    register_savevm("ne2000", instance, 2, ne2000_save, ne2000_load, s);
   17.35 ++    register_savevm("ne2000_pci", instance, 1, generic_pci_save, 
   17.36 ++                    generic_pci_load, &d->dev);
   17.37 + }
    18.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    18.2 +++ b/tools/ioemu/patches/ioemu-save-restore-pcnet	Thu May 03 15:39:45 2007 +0100
    18.3 @@ -0,0 +1,80 @@
    18.4 +Index: ioemu/hw/pcnet.c
    18.5 +===================================================================
    18.6 +--- ioemu.orig/hw/pcnet.c	2007-05-02 16:09:36.000000000 +0100
    18.7 ++++ ioemu/hw/pcnet.c	2007-05-02 16:10:28.000000000 +0100
    18.8 +@@ -1727,10 +1727,63 @@
    18.9 +     cpu_register_physical_memory(addr, PCNET_PNPMMIO_SIZE, d->mmio_io_addr);
   18.10 + }
   18.11 + 
   18.12 ++
   18.13 ++static void pcnet_save(QEMUFile *f, void *opaque)
   18.14 ++{
   18.15 ++    PCNetState *s = opaque;
   18.16 ++    unsigned int i;
   18.17 ++
   18.18 ++    qemu_put_be32s(f, &s->rap);
   18.19 ++    qemu_put_be32s(f, &s->isr);
   18.20 ++    qemu_put_be32s(f, &s->lnkst);
   18.21 ++    qemu_put_be32s(f, &s->rdra);
   18.22 ++    qemu_put_be32s(f, &s->tdra);
   18.23 ++    qemu_put_buffer(f, s->prom, 16);
   18.24 ++    for (i = 0; i < 128; i++)
   18.25 ++        qemu_put_be16s(f, &s->csr[i]);
   18.26 ++    for (i = 0; i < 32; i++)
   18.27 ++        qemu_put_be16s(f, &s->bcr[i]);
   18.28 ++    qemu_put_be64s(f, &s->timer);
   18.29 ++    qemu_put_be32s(f, &s->xmit_pos);
   18.30 ++    qemu_put_be32s(f, &s->recv_pos);
   18.31 ++    qemu_put_buffer(f, s->buffer, 4096);
   18.32 ++    qemu_put_be32s(f, &s->tx_busy);
   18.33 ++    qemu_put_timer(f, s->poll_timer);
   18.34 ++}
   18.35 ++
   18.36 ++static int pcnet_load(QEMUFile *f, void *opaque, int version_id)
   18.37 ++{
   18.38 ++    PCNetState *s = opaque;
   18.39 ++    int i, ret;
   18.40 ++
   18.41 ++    if (version_id != 1)
   18.42 ++        return -EINVAL;
   18.43 ++
   18.44 ++    qemu_get_be32s(f, &s->rap);
   18.45 ++    qemu_get_be32s(f, &s->isr);
   18.46 ++    qemu_get_be32s(f, &s->lnkst);
   18.47 ++    qemu_get_be32s(f, &s->rdra);
   18.48 ++    qemu_get_be32s(f, &s->tdra);
   18.49 ++    qemu_get_buffer(f, s->prom, 16);
   18.50 ++    for (i = 0; i < 128; i++)
   18.51 ++        qemu_get_be16s(f, &s->csr[i]);
   18.52 ++    for (i = 0; i < 32; i++)
   18.53 ++        qemu_get_be16s(f, &s->bcr[i]);
   18.54 ++    qemu_get_be64s(f, &s->timer);
   18.55 ++    qemu_get_be32s(f, &s->xmit_pos);
   18.56 ++    qemu_get_be32s(f, &s->recv_pos);
   18.57 ++    qemu_get_buffer(f, s->buffer, 4096);
   18.58 ++    qemu_get_be32s(f, &s->tx_busy);
   18.59 ++    qemu_get_timer(f, s->poll_timer);
   18.60 ++
   18.61 ++    return 0;
   18.62 ++}
   18.63 ++
   18.64 + void pci_pcnet_init(PCIBus *bus, NICInfo *nd)
   18.65 + {
   18.66 +     PCNetState *d;
   18.67 +     uint8_t *pci_conf;
   18.68 ++    int instance;
   18.69 + 
   18.70 + #if 0
   18.71 +     printf("sizeof(RMD)=%d, sizeof(TMD)=%d\n", 
   18.72 +@@ -1775,6 +1828,11 @@
   18.73 + 
   18.74 +     d->vc = qemu_new_vlan_client(nd->vlan, pcnet_receive, 
   18.75 +                                  pcnet_can_receive, d);
   18.76 ++
   18.77 ++    instance = pci_bus_num(bus) << 8 | d->dev.devfn;
   18.78 ++    register_savevm("pcnet", instance, 1, pcnet_save, pcnet_load, d);
   18.79 ++    register_savevm("pcnet_pci", instance, 1, generic_pci_save,
   18.80 ++                    generic_pci_load, &d->dev);
   18.81 +     
   18.82 +     snprintf(d->vc->info_str, sizeof(d->vc->info_str),
   18.83 +              "pcnet macaddr=%02x:%02x:%02x:%02x:%02x:%02x",
    19.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    19.2 +++ b/tools/ioemu/patches/ioemu-save-restore-rtl8139	Thu May 03 15:39:45 2007 +0100
    19.3 @@ -0,0 +1,27 @@
    19.4 +Index: ioemu/hw/rtl8139.c
    19.5 +===================================================================
    19.6 +--- ioemu.orig/hw/rtl8139.c	2007-05-02 16:09:35.000000000 +0100
    19.7 ++++ ioemu/hw/rtl8139.c	2007-05-02 16:10:56.000000000 +0100
    19.8 +@@ -3406,6 +3406,7 @@
    19.9 +     PCIRTL8139State *d;
   19.10 +     RTL8139State *s;
   19.11 +     uint8_t *pci_conf;
   19.12 ++    int instance;
   19.13 +     
   19.14 +     d = (PCIRTL8139State *)pci_register_device(bus,
   19.15 +                                               "RTL8139", sizeof(PCIRTL8139State),
   19.16 +@@ -3456,10 +3457,10 @@
   19.17 +     s->cplus_txbuffer_len = 0;
   19.18 +     s->cplus_txbuffer_offset = 0;
   19.19 +              
   19.20 +-    /* XXX: instance number ? */
   19.21 +-    register_savevm("rtl8139", 0, 2, rtl8139_save, rtl8139_load, s);
   19.22 +-    register_savevm("rtl8139_pci", 0, 1, generic_pci_save, generic_pci_load, 
   19.23 +-                    &d->dev);
   19.24 ++    instance = pci_bus_num(bus) << 8 | s->pci_dev->devfn;
   19.25 ++    register_savevm("rtl8139", instance, 2, rtl8139_save, rtl8139_load, s);
   19.26 ++    register_savevm("rtl8139_pci", instance, 1, generic_pci_save, 
   19.27 ++                    generic_pci_load, &d->dev);
   19.28 + 
   19.29 + #if RTL8139_ONBOARD_TIMER
   19.30 +     s->timer = qemu_new_timer(vm_clock, rtl8139_timer, s);
    20.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    20.2 +++ b/tools/ioemu/patches/ioemu-save-restore-timer	Thu May 03 15:39:45 2007 +0100
    20.3 @@ -0,0 +1,27 @@
    20.4 +Index: ioemu/vl.c
    20.5 +===================================================================
    20.6 +--- ioemu.orig/vl.c	2007-05-03 10:07:54.000000000 +0100
    20.7 ++++ ioemu/vl.c	2007-05-03 10:07:54.000000000 +0100
    20.8 +@@ -828,10 +828,22 @@
    20.9 + #ifdef CONFIG_DM
   20.10 + static void timer_save(QEMUFile *f, void *opaque)
   20.11 + {
   20.12 ++    /* need timer for save/restoe qemu_timer in usb_uhci */
   20.13 ++    if (cpu_ticks_enabled) {
   20.14 ++        hw_error("cannot save state if virtual timers are running");
   20.15 ++    }
   20.16 ++    qemu_put_be64s(f, &cpu_clock_offset);
   20.17 + }
   20.18 + 
   20.19 + static int timer_load(QEMUFile *f, void *opaque, int version_id)
   20.20 + {
   20.21 ++    if (version_id != 1)
   20.22 ++        return -EINVAL;
   20.23 ++    if (cpu_ticks_enabled) {
   20.24 ++        return -EINVAL;
   20.25 ++    }
   20.26 ++
   20.27 ++    qemu_get_be64s(f, &cpu_clock_offset);
   20.28 +     return 0;
   20.29 + }
   20.30 + #else  /* !CONFIG_DM */
    21.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    21.2 +++ b/tools/ioemu/patches/ioemu-save-restore-usb	Thu May 03 15:39:45 2007 +0100
    21.3 @@ -0,0 +1,235 @@
    21.4 +Index: ioemu/hw/usb-hid.c
    21.5 +===================================================================
    21.6 +--- ioemu.orig/hw/usb-hid.c	2007-05-03 09:56:32.000000000 +0100
    21.7 ++++ ioemu/hw/usb-hid.c	2007-05-03 10:07:54.000000000 +0100
    21.8 +@@ -508,6 +508,49 @@
    21.9 +     qemu_free(s);
   21.10 + }
   21.11 + 
   21.12 ++void usb_mouse_save(QEMUFile *f, void *opaque)
   21.13 ++{
   21.14 ++    USBMouseState *s = (USBMouseState*)opaque;
   21.15 ++
   21.16 ++    qemu_put_be32s(f, &s->dx);
   21.17 ++    qemu_put_be32s(f, &s->dy);
   21.18 ++    qemu_put_be32s(f, &s->dz);
   21.19 ++    qemu_put_be32s(f, &s->buttons_state);
   21.20 ++    qemu_put_be32s(f, &s->x);
   21.21 ++    qemu_put_be32s(f, &s->y);
   21.22 ++    qemu_put_be32s(f, &s->kind);
   21.23 ++    qemu_put_be32s(f, &s->mouse_grabbed);
   21.24 ++    qemu_put_be32s(f, &s->status_changed);
   21.25 ++
   21.26 ++}
   21.27 ++
   21.28 ++int usb_mouse_load(QEMUFile *f, void *opaque, int version_id)
   21.29 ++{
   21.30 ++    USBMouseState *s = (USBMouseState*)opaque;
   21.31 ++
   21.32 ++    if (version_id != 1)
   21.33 ++        return -EINVAL;
   21.34 ++
   21.35 ++    qemu_get_be32s(f, &s->dx);
   21.36 ++    qemu_get_be32s(f, &s->dy);
   21.37 ++    qemu_get_be32s(f, &s->dz);
   21.38 ++    qemu_get_be32s(f, &s->buttons_state);
   21.39 ++    qemu_get_be32s(f, &s->x);
   21.40 ++    qemu_get_be32s(f, &s->y);
   21.41 ++    qemu_get_be32s(f, &s->kind);
   21.42 ++    qemu_get_be32s(f, &s->mouse_grabbed);
   21.43 ++    qemu_get_be32s(f, &s->status_changed);
   21.44 ++
   21.45 ++    if ( s->kind == USB_TABLET) {
   21.46 ++        fprintf(logfile, "usb_mouse_load:add usb_tablet_event.\n");
   21.47 ++        qemu_add_mouse_event_handler(usb_tablet_event, s, 1);
   21.48 ++    } else if ( s->kind == USB_MOUSE) {
   21.49 ++        fprintf(logfile, "usb_mouse_load:add usb_mouse_event.\n");
   21.50 ++        qemu_add_mouse_event_handler(usb_mouse_event, s, 0);
   21.51 ++    }
   21.52 ++}
   21.53 ++
   21.54 ++
   21.55 + USBDevice *usb_tablet_init(void)
   21.56 + {
   21.57 +     USBMouseState *s;
   21.58 +@@ -526,6 +569,8 @@
   21.59 + 
   21.60 +     pstrcpy(s->dev.devname, sizeof(s->dev.devname), "QEMU USB Tablet");
   21.61 + 
   21.62 ++    register_savevm("USB tablet dev", 0, 1, usb_mouse_save, usb_mouse_load, s);
   21.63 ++
   21.64 +     return (USBDevice *)s;
   21.65 + }
   21.66 + 
   21.67 +@@ -547,5 +592,7 @@
   21.68 + 
   21.69 +     pstrcpy(s->dev.devname, sizeof(s->dev.devname), "QEMU USB Mouse");
   21.70 + 
   21.71 ++    register_savevm("USB mouse dev", 0, 1, usb_mouse_save, usb_mouse_load, s);
   21.72 ++
   21.73 +     return (USBDevice *)s;
   21.74 + }
   21.75 +Index: ioemu/vl.c
   21.76 +===================================================================
   21.77 +--- ioemu.orig/vl.c	2007-05-03 10:07:53.000000000 +0100
   21.78 ++++ ioemu/vl.c	2007-05-03 10:07:54.000000000 +0100
   21.79 +@@ -3878,6 +3878,7 @@
   21.80 +     const char *p;
   21.81 +     USBDevice *dev;
   21.82 +     USBPort *port;
   21.83 ++    char usb_name[256] = "USB ";
   21.84 + 
   21.85 +     if (!free_usb_ports)
   21.86 +         return -1;
   21.87 +@@ -3914,6 +3915,12 @@
   21.88 +     free_usb_ports = port->next;
   21.89 +     port->next = used_usb_ports;
   21.90 +     used_usb_ports = port;
   21.91 ++
   21.92 ++    pstrcpy(usb_name + strlen(usb_name), 
   21.93 ++            sizeof(usb_name) - strlen(usb_name), 
   21.94 ++            devname);
   21.95 ++    register_savevm(usb_name, 0, 1, generic_usb_save, generic_usb_load, dev);
   21.96 ++    
   21.97 +     usb_attach(port, dev);
   21.98 +     return 0;
   21.99 + }
  21.100 +Index: ioemu/hw/usb.c
  21.101 +===================================================================
  21.102 +--- ioemu.orig/hw/usb.c	2007-05-03 09:56:32.000000000 +0100
  21.103 ++++ ioemu/hw/usb.c	2007-05-03 10:07:54.000000000 +0100
  21.104 +@@ -191,3 +191,43 @@
  21.105 +     }
  21.106 +     return q - buf;
  21.107 + }
  21.108 ++
  21.109 ++void generic_usb_save(QEMUFile* f, void *opaque)
  21.110 ++{
  21.111 ++    USBDevice *s = (USBDevice*)opaque;
  21.112 ++
  21.113 ++    qemu_put_be32s(f, &s->speed);
  21.114 ++    qemu_put_8s(f, &s->addr);
  21.115 ++    qemu_put_be32s(f, &s->state);
  21.116 ++
  21.117 ++    qemu_put_buffer(f, s->setup_buf, 8);
  21.118 ++    qemu_put_buffer(f, s->data_buf, 1024);
  21.119 ++
  21.120 ++    qemu_put_be32s(f, &s->remote_wakeup);
  21.121 ++    qemu_put_be32s(f, &s->setup_state);
  21.122 ++    qemu_put_be32s(f, &s->setup_len);
  21.123 ++    qemu_put_be32s(f, &s->setup_index);
  21.124 ++
  21.125 ++}
  21.126 ++
  21.127 ++int generic_usb_load(QEMUFile* f, void *opaque, int version_id)
  21.128 ++{
  21.129 ++    USBDevice *s = (USBDevice*)opaque;
  21.130 ++
  21.131 ++    if (version_id != 1)
  21.132 ++        return -EINVAL;
  21.133 ++
  21.134 ++    qemu_get_be32s(f, &s->speed);
  21.135 ++    qemu_get_8s(f, &s->addr);
  21.136 ++    qemu_get_be32s(f, &s->state);
  21.137 ++
  21.138 ++    qemu_get_buffer(f, s->setup_buf, 8);
  21.139 ++    qemu_get_buffer(f, s->data_buf, 1024);
  21.140 ++
  21.141 ++    qemu_get_be32s(f, &s->remote_wakeup);
  21.142 ++    qemu_get_be32s(f, &s->setup_state);
  21.143 ++    qemu_get_be32s(f, &s->setup_len);
  21.144 ++    qemu_get_be32s(f, &s->setup_index);
  21.145 ++
  21.146 ++    return 0;
  21.147 ++}
  21.148 +Index: ioemu/hw/usb-ohci.c
  21.149 +===================================================================
  21.150 +--- ioemu.orig/hw/usb-ohci.c	2007-05-03 09:56:32.000000000 +0100
  21.151 ++++ ioemu/hw/usb-ohci.c	2007-05-03 10:07:54.000000000 +0100
  21.152 +@@ -1186,5 +1186,7 @@
  21.153 +         qemu_register_usb_port(&ohci->rhport[i].port, ohci, i, ohci_attach);
  21.154 +     }
  21.155 + 
  21.156 ++    register_savevm("OHCI USB", 0, 1, generic_pci_save, generic_pci_load, ohci);
  21.157 ++
  21.158 +     ohci_reset(ohci);
  21.159 + }
  21.160 +Index: ioemu/hw/usb.h
  21.161 +===================================================================
  21.162 +--- ioemu.orig/hw/usb.h	2007-05-03 09:56:32.000000000 +0100
  21.163 ++++ ioemu/hw/usb.h	2007-05-03 10:07:54.000000000 +0100
  21.164 +@@ -176,3 +176,9 @@
  21.165 + 
  21.166 + /* usb-msd.c */
  21.167 + USBDevice *usb_msd_init(const char *filename);
  21.168 ++
  21.169 ++/* usb.c */
  21.170 ++void generic_usb_save(QEMUFile* f, void *opaque);
  21.171 ++int generic_usb_load(QEMUFile* f, void *opaque, int version_id);
  21.172 ++
  21.173 ++
  21.174 +Index: ioemu/hw/usb-uhci.c
  21.175 +===================================================================
  21.176 +--- ioemu.orig/hw/usb-uhci.c	2007-05-03 09:56:32.000000000 +0100
  21.177 ++++ ioemu/hw/usb-uhci.c	2007-05-03 10:07:54.000000000 +0100
  21.178 +@@ -638,6 +638,51 @@
  21.179 +     register_ioport_read(addr, 32, 1, uhci_ioport_readb, s);
  21.180 + }
  21.181 + 
  21.182 ++void uhci_usb_save(QEMUFile *f, void *opaque)
  21.183 ++{
  21.184 ++    int i;
  21.185 ++    UHCIState *s = (UHCIState*)opaque;
  21.186 ++
  21.187 ++    qemu_put_be16s(f, &s->cmd);
  21.188 ++    qemu_put_be16s(f, &s->status);
  21.189 ++    qemu_put_be16s(f, &s->intr);
  21.190 ++    qemu_put_be16s(f, &s->frnum);
  21.191 ++    qemu_put_be32s(f, &s->fl_base_addr);
  21.192 ++    qemu_put_8s(f, &s->sof_timing);
  21.193 ++    qemu_put_8s(f, &s->status2);
  21.194 ++
  21.195 ++    for(i = 0; i < NB_PORTS; i++) {
  21.196 ++        qemu_put_be16s(f, &s->ports[i].ctrl);
  21.197 ++    }
  21.198 ++
  21.199 ++    qemu_put_timer(f, s->frame_timer);
  21.200 ++}
  21.201 ++
  21.202 ++int uhci_usb_load(QEMUFile *f, void *opaque, int version_id)
  21.203 ++{
  21.204 ++    int i;
  21.205 ++    UHCIState *s = (UHCIState*)opaque;
  21.206 ++
  21.207 ++    if (version_id != 1)
  21.208 ++        return -EINVAL;
  21.209 ++
  21.210 ++    qemu_get_be16s(f, &s->cmd);
  21.211 ++    qemu_get_be16s(f, &s->status);
  21.212 ++    qemu_get_be16s(f, &s->intr);
  21.213 ++    qemu_get_be16s(f, &s->frnum);
  21.214 ++    qemu_get_be32s(f, &s->fl_base_addr);
  21.215 ++    qemu_get_8s(f, &s->sof_timing);
  21.216 ++    qemu_get_8s(f, &s->status2);
  21.217 ++
  21.218 ++    for(i = 0; i < NB_PORTS; i++) {
  21.219 ++        qemu_get_be16s(f, &s->ports[i].ctrl);
  21.220 ++    }
  21.221 ++
  21.222 ++    qemu_get_timer(f, s->frame_timer);
  21.223 ++
  21.224 ++    return 0;
  21.225 ++}
  21.226 ++
  21.227 + void usb_uhci_init(PCIBus *bus, int devfn)
  21.228 + {
  21.229 +     UHCIState *s;
  21.230 +@@ -671,4 +716,8 @@
  21.231 +        to rely on this.  */
  21.232 +     pci_register_io_region(&s->dev, 4, 0x20, 
  21.233 +                            PCI_ADDRESS_SPACE_IO, uhci_map);
  21.234 ++
  21.235 ++    register_savevm("UHCI_usb_pci", 0, 1, generic_pci_save, generic_pci_load, s);
  21.236 ++
  21.237 ++    register_savevm("UHCI usb controller", 0, 1, uhci_usb_save, uhci_usb_load, s);
  21.238 + }
    22.1 --- a/tools/ioemu/patches/nodelay-serial-over-tcp	Thu May 03 11:22:58 2007 +0100
    22.2 +++ b/tools/ioemu/patches/nodelay-serial-over-tcp	Thu May 03 15:39:45 2007 +0100
    22.3 @@ -8,9 +8,9 @@ Signed-off-by: Steven Smith <sos22@cam.a
    22.4  
    22.5  Index: ioemu/vl.c
    22.6  ===================================================================
    22.7 ---- ioemu.orig/vl.c	2006-12-08 18:21:56.000000000 +0000
    22.8 -+++ ioemu/vl.c	2006-12-08 18:22:42.000000000 +0000
    22.9 -@@ -2530,6 +2530,7 @@
   22.10 +--- ioemu.orig/vl.c	2007-05-03 10:09:02.000000000 +0100
   22.11 ++++ ioemu/vl.c	2007-05-03 10:09:03.000000000 +0100
   22.12 +@@ -2586,6 +2586,7 @@
   22.13       int is_waitconnect = 1;
   22.14       const char *ptr;
   22.15       struct sockaddr_in saddr;
   22.16 @@ -18,7 +18,7 @@ Index: ioemu/vl.c
   22.17   
   22.18       if (parse_host_port(&saddr, host_str) < 0)
   22.19           goto fail;
   22.20 -@@ -2598,6 +2599,8 @@
   22.21 +@@ -2654,6 +2655,8 @@
   22.22               }
   22.23           }
   22.24           s->fd = fd;
    23.1 --- a/tools/ioemu/patches/qemu-64bit	Thu May 03 11:22:58 2007 +0100
    23.2 +++ b/tools/ioemu/patches/qemu-64bit	Thu May 03 15:39:45 2007 +0100
    23.3 @@ -1,7 +1,7 @@
    23.4  Index: ioemu/cpu-all.h
    23.5  ===================================================================
    23.6 ---- ioemu.orig/cpu-all.h	2006-08-06 02:14:09.796902750 +0100
    23.7 -+++ ioemu/cpu-all.h	2006-08-06 02:15:39.707879423 +0100
    23.8 +--- ioemu.orig/cpu-all.h	2007-05-02 16:04:46.000000000 +0100
    23.9 ++++ ioemu/cpu-all.h	2007-05-02 16:05:50.000000000 +0100
   23.10  @@ -822,7 +822,7 @@
   23.11   
   23.12   /* memory API */
   23.13 @@ -13,8 +13,8 @@ Index: ioemu/cpu-all.h
   23.14   extern uint8_t *phys_ram_dirty;
   23.15  Index: ioemu/hw/pc.c
   23.16  ===================================================================
   23.17 ---- ioemu.orig/hw/pc.c	2006-08-06 02:14:09.797902638 +0100
   23.18 -+++ ioemu/hw/pc.c	2006-08-06 02:15:39.708879311 +0100
   23.19 +--- ioemu.orig/hw/pc.c	2007-05-02 16:04:46.000000000 +0100
   23.20 ++++ ioemu/hw/pc.c	2007-05-02 16:05:50.000000000 +0100
   23.21  @@ -155,7 +155,7 @@
   23.22   }
   23.23   
   23.24 @@ -53,8 +53,8 @@ Index: ioemu/hw/pc.c
   23.25                           const char *kernel_filename, 
   23.26  Index: ioemu/vl.c
   23.27  ===================================================================
   23.28 ---- ioemu.orig/vl.c	2006-08-06 02:15:31.040845624 +0100
   23.29 -+++ ioemu/vl.c	2006-08-06 02:15:39.711878977 +0100
   23.30 +--- ioemu.orig/vl.c	2007-05-02 16:05:50.000000000 +0100
   23.31 ++++ ioemu/vl.c	2007-05-02 16:05:50.000000000 +0100
   23.32  @@ -122,7 +122,7 @@
   23.33   const char* keyboard_layout = NULL;
   23.34   int64_t ticks_per_sec;
   23.35 @@ -64,7 +64,7 @@ Index: ioemu/vl.c
   23.36   int pit_min_timer_count = 0;
   23.37   int nb_nics;
   23.38   NICInfo nd_table[MAX_NICS];
   23.39 -@@ -5895,7 +5895,7 @@
   23.40 +@@ -5899,7 +5899,7 @@
   23.41                   help();
   23.42                   break;
   23.43               case QEMU_OPTION_m:
   23.44 @@ -75,8 +75,8 @@ Index: ioemu/vl.c
   23.45                   if (ram_size > PHYS_RAM_MAX_SIZE) {
   23.46  Index: ioemu/vl.h
   23.47  ===================================================================
   23.48 ---- ioemu.orig/vl.h	2006-08-06 02:15:10.368150219 +0100
   23.49 -+++ ioemu/vl.h	2006-08-06 02:15:39.711878977 +0100
   23.50 +--- ioemu.orig/vl.h	2007-05-02 16:05:50.000000000 +0100
   23.51 ++++ ioemu/vl.h	2007-05-02 16:05:50.000000000 +0100
   23.52  @@ -146,7 +146,7 @@
   23.53   extern int xc_handle;
   23.54   extern int domid;
   23.55 @@ -97,8 +97,8 @@ Index: ioemu/vl.h
   23.56                const char *kernel_filename, const char *kernel_cmdline,
   23.57  Index: ioemu/hw/vga.c
   23.58  ===================================================================
   23.59 ---- ioemu.orig/hw/vga.c	2006-08-06 02:15:10.364150665 +0100
   23.60 -+++ ioemu/hw/vga.c	2006-08-06 02:15:39.712878866 +0100
   23.61 +--- ioemu.orig/hw/vga.c	2007-05-02 16:05:50.000000000 +0100
   23.62 ++++ ioemu/hw/vga.c	2007-05-02 16:05:50.000000000 +0100
   23.63  @@ -1365,7 +1365,8 @@
   23.64   static void vga_draw_graphic(VGAState *s, int full_update)
   23.65   {
    24.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    24.2 +++ b/tools/ioemu/patches/qemu-block-device-bounds-checks	Thu May 03 15:39:45 2007 +0100
    24.3 @@ -0,0 +1,22 @@
    24.4 +Index: ioemu/block.c
    24.5 +===================================================================
    24.6 +--- ioemu.orig/block.c	2007-05-03 14:55:04.000000000 +0100
    24.7 ++++ ioemu/block.c	2007-05-03 14:59:20.000000000 +0100
    24.8 +@@ -420,6 +420,8 @@
    24.9 + 
   24.10 +     if (!bs->inserted)
   24.11 +         return -1;
   24.12 ++    if (sector_num < 0)
   24.13 ++	return -1;
   24.14 + 
   24.15 +     while (nb_sectors > 0) {
   24.16 +         if (sector_num == 0 && bs->boot_sector_enabled) {
   24.17 +@@ -458,6 +460,8 @@
   24.18 +         return -1;
   24.19 +     if (bs->read_only)
   24.20 +         return -1;
   24.21 ++    if (sector_num < 0)
   24.22 ++	return -1;
   24.23 +     if (sector_num == 0 && bs->boot_sector_enabled && nb_sectors > 0) {
   24.24 +         memcpy(bs->boot_sector_data, buf, 512);   
   24.25 +     }
    25.1 --- a/tools/ioemu/patches/qemu-bootorder	Thu May 03 11:22:58 2007 +0100
    25.2 +++ b/tools/ioemu/patches/qemu-bootorder	Thu May 03 15:39:45 2007 +0100
    25.3 @@ -1,8 +1,8 @@
    25.4  Index: ioemu/vl.c
    25.5  ===================================================================
    25.6 ---- ioemu.orig/vl.c	2006-12-20 15:12:08.000000000 +0000
    25.7 -+++ ioemu/vl.c	2006-12-20 15:21:19.000000000 +0000
    25.8 -@@ -125,7 +125,7 @@
    25.9 +--- ioemu.orig/vl.c	2007-05-03 15:20:35.000000000 +0100
   25.10 ++++ ioemu/vl.c	2007-05-03 15:20:43.000000000 +0100
   25.11 +@@ -126,7 +126,7 @@
   25.12   struct sockaddr_in vnclisten_addr;
   25.13   const char* keyboard_layout = NULL;
   25.14   int64_t ticks_per_sec;
   25.15 @@ -11,7 +11,7 @@ Index: ioemu/vl.c
   25.16   uint64_t ram_size;
   25.17   int pit_min_timer_count = 0;
   25.18   int nb_nics;
   25.19 -@@ -6059,14 +6059,14 @@
   25.20 +@@ -6150,14 +6150,14 @@
   25.21                   break;
   25.22   #endif /* !CONFIG_DM */
   25.23               case QEMU_OPTION_boot:
   25.24 @@ -34,7 +34,7 @@ Index: ioemu/vl.c
   25.25                       exit(1);
   25.26                   }
   25.27                   break;
   25.28 -@@ -6333,6 +6333,7 @@
   25.29 +@@ -6424,6 +6424,7 @@
   25.30           fd_filename[0] == '\0')
   25.31           help();
   25.32       
   25.33 @@ -42,7 +42,7 @@ Index: ioemu/vl.c
   25.34       /* boot to cd by default if no hard disk */
   25.35       if (hd_filename[0] == '\0' && boot_device == 'c') {
   25.36           if (fd_filename[0] != '\0')
   25.37 -@@ -6340,6 +6341,7 @@
   25.38 +@@ -6431,6 +6432,7 @@
   25.39           else
   25.40               boot_device = 'd';
   25.41       }
   25.42 @@ -50,7 +50,7 @@ Index: ioemu/vl.c
   25.43   #endif /* !CONFIG_DM */
   25.44   
   25.45       setvbuf(stdout, NULL, _IOLBF, 0);
   25.46 -@@ -6590,6 +6592,7 @@
   25.47 +@@ -6692,6 +6694,7 @@
   25.48                     ds, fd_filename, snapshot,
   25.49                     kernel_filename, kernel_cmdline, initrd_filename,
   25.50                     timeoffset);
   25.51 @@ -60,8 +60,8 @@ Index: ioemu/vl.c
   25.52       if (usb_enabled) {
   25.53  Index: ioemu/vl.h
   25.54  ===================================================================
   25.55 ---- ioemu.orig/vl.h	2006-12-20 15:12:08.000000000 +0000
   25.56 -+++ ioemu/vl.h	2006-12-20 15:21:14.000000000 +0000
   25.57 +--- ioemu.orig/vl.h	2007-05-03 15:20:39.000000000 +0100
   25.58 ++++ ioemu/vl.h	2007-05-03 15:20:43.000000000 +0100
   25.59  @@ -578,7 +578,7 @@
   25.60   #ifndef QEMU_TOOL
   25.61   
   25.62 @@ -71,7 +71,7 @@ Index: ioemu/vl.h
   25.63                DisplayState *ds, const char **fd_filename, int snapshot,
   25.64                const char *kernel_filename, const char *kernel_cmdline,
   25.65                const char *initrd_filename, time_t timeoffset);
   25.66 -@@ -1023,7 +1023,7 @@
   25.67 +@@ -1024,7 +1024,7 @@
   25.68                       uint32_t start, uint32_t count);
   25.69   int PPC_NVRAM_set_params (m48t59_t *nvram, uint16_t NVRAM_size,
   25.70                             const unsigned char *arch,
   25.71 @@ -82,8 +82,8 @@ Index: ioemu/vl.h
   25.72                             uint32_t initrd_image, uint32_t initrd_size,
   25.73  Index: ioemu/hw/pc.c
   25.74  ===================================================================
   25.75 ---- ioemu.orig/hw/pc.c	2006-12-20 15:12:08.000000000 +0000
   25.76 -+++ ioemu/hw/pc.c	2006-12-20 15:21:19.000000000 +0000
   25.77 +--- ioemu.orig/hw/pc.c	2007-05-03 15:20:35.000000000 +0100
   25.78 ++++ ioemu/hw/pc.c	2007-05-03 15:20:43.000000000 +0100
   25.79  @@ -158,8 +158,25 @@
   25.80       rtc_set_memory(s, info_ofs + 8, sectors);
   25.81   }
    26.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    26.2 +++ b/tools/ioemu/patches/qemu-cirrus-bounds-checks	Thu May 03 15:39:45 2007 +0100
    26.3 @@ -0,0 +1,350 @@
    26.4 +Index: ioemu/hw/cirrus_vga.c
    26.5 +===================================================================
    26.6 +--- ioemu.orig/hw/cirrus_vga.c	2007-05-03 14:55:45.000000000 +0100
    26.7 ++++ ioemu/hw/cirrus_vga.c	2007-05-03 14:58:05.000000000 +0100
    26.8 +@@ -601,7 +601,8 @@
    26.9 + 	off_cur_end = off_cur + bytesperline;
   26.10 + 	off_cur &= TARGET_PAGE_MASK;
   26.11 + 	while (off_cur < off_cur_end) {
   26.12 +-	    cpu_physical_memory_set_dirty(s->vram_offset + off_cur);
   26.13 ++	    cpu_physical_memory_set_dirty(s->vram_offset +
   26.14 ++					  (off_cur & s->cirrus_addr_mask));
   26.15 + 	    off_cur += TARGET_PAGE_SIZE;
   26.16 + 	}
   26.17 + 	off_begin += off_pitch;
   26.18 +Index: ioemu/hw/cirrus_vga_rop.h
   26.19 +===================================================================
   26.20 +--- ioemu.orig/hw/cirrus_vga_rop.h	2007-05-02 10:30:05.000000000 +0100
   26.21 ++++ ioemu/hw/cirrus_vga_rop.h	2007-05-03 14:58:22.000000000 +0100
   26.22 +@@ -22,18 +22,36 @@
   26.23 +  * THE SOFTWARE.
   26.24 +  */
   26.25 + 
   26.26 ++#define get_base(p, s, b) do { \
   26.27 ++    if ((p) >= (s)->vram_ptr && (p) < (s)->vram_ptr + (s)->vram_size) \
   26.28 ++	(b) = (s)->vram_ptr; \
   26.29 ++    else if ((p) >= &(s)->cirrus_bltbuf[0] && \
   26.30 ++	     (p) < &(s)->cirrus_bltbuf[CIRRUS_BLTBUFSIZE]) \
   26.31 ++	(b) = &(s)->cirrus_bltbuf[0]; \
   26.32 ++    else \
   26.33 ++	return; \
   26.34 ++} while(0)
   26.35 ++
   26.36 ++#define m(x) ((x) & s->cirrus_addr_mask)
   26.37 ++
   26.38 + static void
   26.39 + glue(cirrus_bitblt_rop_fwd_, ROP_NAME)(CirrusVGAState *s,
   26.40 +-                             uint8_t *dst,const uint8_t *src,
   26.41 ++                             uint8_t *dst_,const uint8_t *src_,
   26.42 +                              int dstpitch,int srcpitch,
   26.43 +                              int bltwidth,int bltheight)
   26.44 + {
   26.45 +     int x,y;
   26.46 ++    uint32_t dst, src;
   26.47 ++    uint8_t *dst_base, *src_base;
   26.48 ++    get_base(dst_, s, dst_base);
   26.49 ++    get_base(src_, s, src_base);
   26.50 ++    dst = dst_ - dst_base;
   26.51 ++    src = src_ - src_base;
   26.52 +     dstpitch -= bltwidth;
   26.53 +     srcpitch -= bltwidth;
   26.54 +     for (y = 0; y < bltheight; y++) {
   26.55 +         for (x = 0; x < bltwidth; x++) {
   26.56 +-            ROP_OP(*dst, *src);
   26.57 ++            ROP_OP(*(dst_base + m(dst)), *(src_base + m(src)));
   26.58 +             dst++;
   26.59 +             src++;
   26.60 +         }
   26.61 +@@ -44,16 +62,22 @@
   26.62 + 
   26.63 + static void
   26.64 + glue(cirrus_bitblt_rop_bkwd_, ROP_NAME)(CirrusVGAState *s,
   26.65 +-                                        uint8_t *dst,const uint8_t *src,
   26.66 ++                                        uint8_t *dst_,const uint8_t *src_,
   26.67 +                                         int dstpitch,int srcpitch,
   26.68 +                                         int bltwidth,int bltheight)
   26.69 + {
   26.70 +     int x,y;
   26.71 ++    uint32_t dst, src;
   26.72 ++    uint8_t *dst_base, *src_base;
   26.73 ++    get_base(dst_, s, dst_base);
   26.74 ++    get_base(src_, s, src_base);
   26.75 ++    dst = dst_ - dst_base;
   26.76 ++    src = src_ - src_base;
   26.77 +     dstpitch += bltwidth;
   26.78 +     srcpitch += bltwidth;
   26.79 +     for (y = 0; y < bltheight; y++) {
   26.80 +         for (x = 0; x < bltwidth; x++) {
   26.81 +-            ROP_OP(*dst, *src);
   26.82 ++            ROP_OP(*(dst_base + m(dst)), *(src_base + m(src)));
   26.83 +             dst--;
   26.84 +             src--;
   26.85 +         }
   26.86 +@@ -76,3 +100,6 @@
   26.87 + 
   26.88 + #undef ROP_NAME
   26.89 + #undef ROP_OP
   26.90 ++
   26.91 ++#undef get_base
   26.92 ++#undef m
   26.93 +Index: ioemu/hw/cirrus_vga_rop2.h
   26.94 +===================================================================
   26.95 +--- ioemu.orig/hw/cirrus_vga_rop2.h	2007-05-02 10:30:05.000000000 +0100
   26.96 ++++ ioemu/hw/cirrus_vga_rop2.h	2007-05-03 14:58:42.000000000 +0100
   26.97 +@@ -23,36 +23,42 @@
   26.98 +  */
   26.99 + 
  26.100 + #if DEPTH == 8
  26.101 +-#define PUTPIXEL()    ROP_OP(d[0], col)
  26.102 ++#define PUTPIXEL()    ROP_OP((dst_base + m(d))[0], col)
  26.103 + #elif DEPTH == 16
  26.104 +-#define PUTPIXEL()    ROP_OP(((uint16_t *)d)[0], col);
  26.105 ++#define PUTPIXEL()    ROP_OP(((uint16_t *)(dst_base + m(d)))[0], col);
  26.106 + #elif DEPTH == 24
  26.107 +-#define PUTPIXEL()    ROP_OP(d[0], col); \
  26.108 +-                      ROP_OP(d[1], (col >> 8)); \
  26.109 +-                      ROP_OP(d[2], (col >> 16))
  26.110 ++#define PUTPIXEL()    ROP_OP((dst_base + m(d))[0], col); \
  26.111 ++                      ROP_OP((dst_base + m(d))[1], (col >> 8)); \
  26.112 ++                      ROP_OP((dst_base + m(d))[2], (col >> 16))
  26.113 + #elif DEPTH == 32
  26.114 +-#define PUTPIXEL()    ROP_OP(((uint32_t *)d)[0], col)
  26.115 ++#define PUTPIXEL()    ROP_OP(((uint32_t *)(dst_base + m(d)))[0], col)
  26.116 + #else
  26.117 + #error unsupported DEPTH
  26.118 + #endif                
  26.119 + 
  26.120 + static void
  26.121 + glue(glue(glue(cirrus_patternfill_, ROP_NAME), _),DEPTH)
  26.122 +-     (CirrusVGAState * s, uint8_t * dst,
  26.123 +-      const uint8_t * src, 
  26.124 ++     (CirrusVGAState * s, uint8_t * dst_,
  26.125 ++      const uint8_t * src_, 
  26.126 +       int dstpitch, int srcpitch, 
  26.127 +       int bltwidth, int bltheight)
  26.128 + {
  26.129 +-    uint8_t *d;
  26.130 ++    uint8_t *dst_base, *src_base;
  26.131 ++    uint32_t src, dst;
  26.132 ++    uint32_t d;
  26.133 +     int x, y, pattern_y, pattern_pitch, pattern_x;
  26.134 +     unsigned int col;
  26.135 +-    const uint8_t *src1;
  26.136 ++    uint32_t src1;
  26.137 + #if DEPTH == 24
  26.138 +     int skipleft = s->gr[0x2f] & 0x1f;
  26.139 + #else
  26.140 +     int skipleft = (s->gr[0x2f] & 0x07) * (DEPTH / 8);
  26.141 + #endif
  26.142 + 
  26.143 ++    get_base(dst_, s, dst_base);
  26.144 ++    get_base(src_, s, src_base);
  26.145 ++    dst = dst_ - dst_base;
  26.146 ++    src = src_ - src_base;
  26.147 + #if DEPTH == 8
  26.148 +     pattern_pitch = 8;
  26.149 + #elif DEPTH == 16
  26.150 +@@ -67,19 +73,19 @@
  26.151 +         src1 = src + pattern_y * pattern_pitch;
  26.152 +         for (x = skipleft; x < bltwidth; x += (DEPTH / 8)) {
  26.153 + #if DEPTH == 8
  26.154 +-            col = src1[pattern_x];
  26.155 ++            col = *(src_base + m(src1 + pattern_x));
  26.156 +             pattern_x = (pattern_x + 1) & 7;
  26.157 + #elif DEPTH == 16
  26.158 +-            col = ((uint16_t *)(src1 + pattern_x))[0];
  26.159 ++            col = *(uint16_t *)(src_base + m(src1 + pattern_x));
  26.160 +             pattern_x = (pattern_x + 2) & 15;
  26.161 + #elif DEPTH == 24
  26.162 +             {
  26.163 +-                const uint8_t *src2 = src1 + pattern_x * 3;
  26.164 ++                const uint8_t *src2 = src_base + m(src1 + pattern_x * 3);
  26.165 +                 col = src2[0] | (src2[1] << 8) | (src2[2] << 16);
  26.166 +                 pattern_x = (pattern_x + 1) & 7;
  26.167 +             }
  26.168 + #else
  26.169 +-            col = ((uint32_t *)(src1 + pattern_x))[0];
  26.170 ++            col = *(uint32_t *)(src_base + m(src1 + pattern_x));
  26.171 +             pattern_x = (pattern_x + 4) & 31;
  26.172 + #endif
  26.173 +             PUTPIXEL();
  26.174 +@@ -93,12 +99,14 @@
  26.175 + /* NOTE: srcpitch is ignored */
  26.176 + static void
  26.177 + glue(glue(glue(cirrus_colorexpand_transp_, ROP_NAME), _),DEPTH)
  26.178 +-     (CirrusVGAState * s, uint8_t * dst,
  26.179 +-      const uint8_t * src, 
  26.180 ++     (CirrusVGAState * s, uint8_t * dst_,
  26.181 ++      const uint8_t * src_, 
  26.182 +       int dstpitch, int srcpitch, 
  26.183 +       int bltwidth, int bltheight)
  26.184 + {
  26.185 +-    uint8_t *d;
  26.186 ++    uint8_t *dst_base, *src_base;
  26.187 ++    uint32_t src, dst;
  26.188 ++    uint32_t d;
  26.189 +     int x, y;
  26.190 +     unsigned bits, bits_xor;
  26.191 +     unsigned int col;
  26.192 +@@ -112,6 +120,10 @@
  26.193 +     int dstskipleft = srcskipleft * (DEPTH / 8);
  26.194 + #endif
  26.195 + 
  26.196 ++    get_base(dst_, s, dst_base);
  26.197 ++    get_base(src_, s, src_base);
  26.198 ++    dst = dst_ - dst_base;
  26.199 ++    src = src_ - src_base;
  26.200 +     if (s->cirrus_blt_modeext & CIRRUS_BLTMODEEXT_COLOREXPINV) {
  26.201 +         bits_xor = 0xff;
  26.202 +         col = s->cirrus_blt_bgcol;
  26.203 +@@ -122,12 +134,12 @@
  26.204 + 
  26.205 +     for(y = 0; y < bltheight; y++) {
  26.206 +         bitmask = 0x80 >> srcskipleft;
  26.207 +-        bits = *src++ ^ bits_xor;
  26.208 ++        bits = *(src_base + m(src++)) ^ bits_xor;
  26.209 +         d = dst + dstskipleft;
  26.210 +         for (x = dstskipleft; x < bltwidth; x += (DEPTH / 8)) {
  26.211 +             if ((bitmask & 0xff) == 0) {
  26.212 +                 bitmask = 0x80;
  26.213 +-                bits = *src++ ^ bits_xor;
  26.214 ++                bits = *(src_base + m(src++)) ^ bits_xor;
  26.215 +             }
  26.216 +             index = (bits & bitmask);
  26.217 +             if (index) {
  26.218 +@@ -142,13 +154,15 @@
  26.219 + 
  26.220 + static void
  26.221 + glue(glue(glue(cirrus_colorexpand_, ROP_NAME), _),DEPTH)
  26.222 +-     (CirrusVGAState * s, uint8_t * dst,
  26.223 +-      const uint8_t * src, 
  26.224 ++     (CirrusVGAState * s, uint8_t * dst_,
  26.225 ++      const uint8_t * src_, 
  26.226 +       int dstpitch, int srcpitch, 
  26.227 +       int bltwidth, int bltheight)
  26.228 + {
  26.229 ++    uint8_t *dst_base, *src_base;
  26.230 ++    uint32_t src, dst;
  26.231 +     uint32_t colors[2];
  26.232 +-    uint8_t *d;
  26.233 ++    uint32_t d;
  26.234 +     int x, y;
  26.235 +     unsigned bits;
  26.236 +     unsigned int col;
  26.237 +@@ -156,16 +170,20 @@
  26.238 +     int srcskipleft = s->gr[0x2f] & 0x07;
  26.239 +     int dstskipleft = srcskipleft * (DEPTH / 8);
  26.240 + 
  26.241 ++    get_base(dst_, s, dst_base);
  26.242 ++    get_base(src_, s, src_base);
  26.243 ++    dst = dst_ - dst_base;
  26.244 ++    src = src_ - src_base;
  26.245 +     colors[0] = s->cirrus_blt_bgcol;
  26.246 +     colors[1] = s->cirrus_blt_fgcol;
  26.247 +     for(y = 0; y < bltheight; y++) {
  26.248 +         bitmask = 0x80 >> srcskipleft;
  26.249 +-        bits = *src++;
  26.250 ++        bits = *(src_base + m(src++));
  26.251 +         d = dst + dstskipleft;
  26.252 +         for (x = dstskipleft; x < bltwidth; x += (DEPTH / 8)) {
  26.253 +             if ((bitmask & 0xff) == 0) {
  26.254 +                 bitmask = 0x80;
  26.255 +-                bits = *src++;
  26.256 ++                bits = *(src_base + m(src++));
  26.257 +             }
  26.258 +             col = colors[!!(bits & bitmask)];
  26.259 +             PUTPIXEL();
  26.260 +@@ -178,12 +196,14 @@
  26.261 + 
  26.262 + static void
  26.263 + glue(glue(glue(cirrus_colorexpand_pattern_transp_, ROP_NAME), _),DEPTH)
  26.264 +-     (CirrusVGAState * s, uint8_t * dst,
  26.265 +-      const uint8_t * src, 
  26.266 ++     (CirrusVGAState * s, uint8_t * dst_,
  26.267 ++      const uint8_t * src_, 
  26.268 +       int dstpitch, int srcpitch, 
  26.269 +       int bltwidth, int bltheight)
  26.270 + {
  26.271 +-    uint8_t *d;
  26.272 ++    uint8_t *dst_base, *src_base;
  26.273 ++    uint32_t src, dst;
  26.274 ++    uint32_t d;
  26.275 +     int x, y, bitpos, pattern_y;
  26.276 +     unsigned int bits, bits_xor;
  26.277 +     unsigned int col;
  26.278 +@@ -195,6 +215,10 @@
  26.279 +     int dstskipleft = srcskipleft * (DEPTH / 8);
  26.280 + #endif
  26.281 + 
  26.282 ++    get_base(dst_, s, dst_base);
  26.283 ++    get_base(src_, s, src_base);
  26.284 ++    dst = dst_ - dst_base;
  26.285 ++    src = src_ - src_base;
  26.286 +     if (s->cirrus_blt_modeext & CIRRUS_BLTMODEEXT_COLOREXPINV) {
  26.287 +         bits_xor = 0xff;
  26.288 +         col = s->cirrus_blt_bgcol;
  26.289 +@@ -205,7 +229,7 @@
  26.290 +     pattern_y = s->cirrus_blt_srcaddr & 7;
  26.291 + 
  26.292 +     for(y = 0; y < bltheight; y++) {
  26.293 +-        bits = src[pattern_y] ^ bits_xor;
  26.294 ++        bits = *(src_base + m(src + pattern_y)) ^ bits_xor;
  26.295 +         bitpos = 7 - srcskipleft;
  26.296 +         d = dst + dstskipleft;
  26.297 +         for (x = dstskipleft; x < bltwidth; x += (DEPTH / 8)) {
  26.298 +@@ -222,25 +246,31 @@
  26.299 + 
  26.300 + static void
  26.301 + glue(glue(glue(cirrus_colorexpand_pattern_, ROP_NAME), _),DEPTH)
  26.302 +-     (CirrusVGAState * s, uint8_t * dst,
  26.303 +-      const uint8_t * src, 
  26.304 ++     (CirrusVGAState * s, uint8_t * dst_,
  26.305 ++      const uint8_t * src_, 
  26.306 +       int dstpitch, int srcpitch, 
  26.307 +       int bltwidth, int bltheight)
  26.308 + {
  26.309 ++    uint8_t *dst_base, *src_base;
  26.310 ++    uint32_t src, dst;
  26.311 +     uint32_t colors[2];
  26.312 +-    uint8_t *d;
  26.313 ++    uint32_t d;
  26.314 +     int x, y, bitpos, pattern_y;
  26.315 +     unsigned int bits;
  26.316 +     unsigned int col;
  26.317 +     int srcskipleft = s->gr[0x2f] & 0x07;
  26.318 +     int dstskipleft = srcskipleft * (DEPTH / 8);
  26.319 + 
  26.320 ++    get_base(dst_, s, dst_base);
  26.321 ++    get_base(src_, s, src_base);
  26.322 ++    dst = dst_ - dst_base;
  26.323 ++    src = src_ - src_base;
  26.324 +     colors[0] = s->cirrus_blt_bgcol;
  26.325 +     colors[1] = s->cirrus_blt_fgcol;
  26.326 +     pattern_y = s->cirrus_blt_srcaddr & 7;
  26.327 + 
  26.328 +     for(y = 0; y < bltheight; y++) {
  26.329 +-        bits = src[pattern_y];
  26.330 ++        bits = *(src_base + m(src + pattern_y));
  26.331 +         bitpos = 7 - srcskipleft;
  26.332 +         d = dst + dstskipleft;
  26.333 +         for (x = dstskipleft; x < bltwidth; x += (DEPTH / 8)) {
  26.334 +@@ -257,13 +287,17 @@
  26.335 + static void 
  26.336 + glue(glue(glue(cirrus_fill_, ROP_NAME), _),DEPTH)
  26.337 +      (CirrusVGAState *s,
  26.338 +-      uint8_t *dst, int dst_pitch, 
  26.339 ++      uint8_t *dst_, int dst_pitch, 
  26.340 +       int width, int height)
  26.341 + {
  26.342 +-    uint8_t *d, *d1;
  26.343 ++    uint8_t *dst_base;
  26.344 ++    uint32_t dst;
  26.345 ++    uint32_t d, d1;
  26.346 +     uint32_t col;
  26.347 +     int x, y;
  26.348 + 
  26.349 ++    get_base(dst_, s, dst_base);
  26.350 ++    dst = dst_ - dst_base;
  26.351 +     col = s->cirrus_blt_fgcol;
  26.352 + 
  26.353 +     d1 = dst;
    27.1 --- a/tools/ioemu/patches/qemu-cleanup	Thu May 03 11:22:58 2007 +0100
    27.2 +++ b/tools/ioemu/patches/qemu-cleanup	Thu May 03 15:39:45 2007 +0100
    27.3 @@ -1,7 +1,7 @@
    27.4  Index: ioemu/hw/vga.c
    27.5  ===================================================================
    27.6 ---- ioemu.orig/hw/vga.c	2006-10-24 14:44:03.000000000 +0100
    27.7 -+++ ioemu/hw/vga.c	2006-10-24 14:45:22.000000000 +0100
    27.8 +--- ioemu.orig/hw/vga.c	2007-05-02 16:04:46.000000000 +0100
    27.9 ++++ ioemu/hw/vga.c	2007-05-02 16:05:50.000000000 +0100
   27.10  @@ -1622,7 +1622,9 @@
   27.11   static void vga_save(QEMUFile *f, void *opaque)
   27.12   {
   27.13 @@ -26,8 +26,8 @@ Index: ioemu/hw/vga.c
   27.14           return -EINVAL;
   27.15  Index: ioemu/vl.c
   27.16  ===================================================================
   27.17 ---- ioemu.orig/vl.c	2006-10-24 14:44:08.000000000 +0100
   27.18 -+++ ioemu/vl.c	2006-10-24 14:45:29.000000000 +0100
   27.19 +--- ioemu.orig/vl.c	2007-05-02 16:05:50.000000000 +0100
   27.20 ++++ ioemu/vl.c	2007-05-02 16:05:50.000000000 +0100
   27.21  @@ -39,6 +39,7 @@
   27.22   #include <sys/ioctl.h>
   27.23   #include <sys/socket.h>
   27.24 @@ -74,7 +74,7 @@ Index: ioemu/vl.c
   27.25   #ifdef USE_KQEMU
   27.26       { "no-kqemu", 0, QEMU_OPTION_no_kqemu },
   27.27       { "kernel-kqemu", 0, QEMU_OPTION_kernel_kqemu },
   27.28 -@@ -5849,9 +5854,11 @@
   27.29 +@@ -5853,9 +5858,11 @@
   27.30                   fd_bootchk = 0;
   27.31                   break;
   27.32   #endif
   27.33 @@ -88,8 +88,8 @@ Index: ioemu/vl.c
   27.34                       fprintf(stderr, "qemu: too many network clients\n");
   27.35  Index: ioemu/vl.h
   27.36  ===================================================================
   27.37 ---- ioemu.orig/vl.h	2006-10-24 14:44:08.000000000 +0100
   27.38 -+++ ioemu/vl.h	2006-10-24 14:45:22.000000000 +0100
   27.39 +--- ioemu.orig/vl.h	2007-05-02 16:05:50.000000000 +0100
   27.40 ++++ ioemu/vl.h	2007-05-02 16:05:50.000000000 +0100
   27.41  @@ -957,7 +957,7 @@
   27.42   	       unsigned long vram_offset, int vram_size, int width, int height);
   27.43   
   27.44 @@ -101,8 +101,8 @@ Index: ioemu/vl.h
   27.45   void slavio_irq_info(void *opaque);
   27.46  Index: ioemu/usb-linux.c
   27.47  ===================================================================
   27.48 ---- ioemu.orig/usb-linux.c	2006-10-24 14:44:03.000000000 +0100
   27.49 -+++ ioemu/usb-linux.c	2006-10-24 14:44:08.000000000 +0100
   27.50 +--- ioemu.orig/usb-linux.c	2007-05-02 16:04:46.000000000 +0100
   27.51 ++++ ioemu/usb-linux.c	2007-05-02 16:05:50.000000000 +0100
   27.52  @@ -26,7 +26,9 @@
   27.53   #if defined(__linux__)
   27.54   #include <dirent.h>
    28.1 --- a/tools/ioemu/patches/qemu-daemonize	Thu May 03 11:22:58 2007 +0100
    28.2 +++ b/tools/ioemu/patches/qemu-daemonize	Thu May 03 15:39:45 2007 +0100
    28.3 @@ -2,9 +2,9 @@ Changes required because qemu-dm runs da
    28.4  
    28.5  Index: ioemu/vl.c
    28.6  ===================================================================
    28.7 ---- ioemu.orig/vl.c	2006-12-08 02:00:42.000000000 +0000
    28.8 -+++ ioemu/vl.c	2006-12-08 02:00:42.000000000 +0000
    28.9 -@@ -6038,10 +6038,11 @@
   28.10 +--- ioemu.orig/vl.c	2007-05-03 10:11:05.000000000 +0100
   28.11 ++++ ioemu/vl.c	2007-05-03 10:11:05.000000000 +0100
   28.12 +@@ -6129,10 +6129,11 @@
   28.13                   }
   28.14                   break;
   28.15               case QEMU_OPTION_nographic:
    29.1 --- a/tools/ioemu/patches/qemu-dm	Thu May 03 11:22:58 2007 +0100
    29.2 +++ b/tools/ioemu/patches/qemu-dm	Thu May 03 15:39:45 2007 +0100
    29.3 @@ -1,7 +1,7 @@
    29.4  Index: ioemu/Makefile.target
    29.5  ===================================================================
    29.6 ---- ioemu.orig/Makefile.target	2006-12-08 01:41:05.000000000 +0000
    29.7 -+++ ioemu/Makefile.target	2006-12-08 01:41:10.000000000 +0000
    29.8 +--- ioemu.orig/Makefile.target	2007-05-02 15:48:40.000000000 +0100
    29.9 ++++ ioemu/Makefile.target	2007-05-02 16:04:46.000000000 +0100
   29.10  @@ -303,7 +303,7 @@
   29.11   endif
   29.12   
   29.13 @@ -13,8 +13,8 @@ Index: ioemu/Makefile.target
   29.14   VL_OBJS+=tap-win32.o
   29.15  Index: ioemu/configure
   29.16  ===================================================================
   29.17 ---- ioemu.orig/configure	2006-12-08 01:40:58.000000000 +0000
   29.18 -+++ ioemu/configure	2006-12-08 01:41:10.000000000 +0000
   29.19 +--- ioemu.orig/configure	2007-05-02 15:48:40.000000000 +0100
   29.20 ++++ ioemu/configure	2007-05-02 16:04:46.000000000 +0100
   29.21  @@ -75,8 +75,8 @@
   29.22   bigendian="no"
   29.23   mingw32="no"
   29.24 @@ -37,8 +37,8 @@ Index: ioemu/configure
   29.25     target_user_only="yes"
   29.26  Index: ioemu/cpu-all.h
   29.27  ===================================================================
   29.28 ---- ioemu.orig/cpu-all.h	2006-12-08 01:40:58.000000000 +0000
   29.29 -+++ ioemu/cpu-all.h	2006-12-08 01:41:10.000000000 +0000
   29.30 +--- ioemu.orig/cpu-all.h	2007-05-02 15:48:36.000000000 +0100
   29.31 ++++ ioemu/cpu-all.h	2007-05-02 16:04:46.000000000 +0100
   29.32  @@ -690,7 +690,9 @@
   29.33   void page_set_flags(target_ulong start, target_ulong end, int flags);
   29.34   void page_unprotect_range(target_ulong data, target_ulong data_size);
   29.35 @@ -64,8 +64,8 @@ Index: ioemu/cpu-all.h
   29.36   void cpu_dump_state(CPUState *env, FILE *f, 
   29.37  Index: ioemu/disas.h
   29.38  ===================================================================
   29.39 ---- ioemu.orig/disas.h	2006-12-08 01:40:58.000000000 +0000
   29.40 -+++ ioemu/disas.h	2006-12-08 01:41:10.000000000 +0000
   29.41 +--- ioemu.orig/disas.h	2007-05-02 15:48:36.000000000 +0100
   29.42 ++++ ioemu/disas.h	2007-05-02 15:48:40.000000000 +0100
   29.43  @@ -1,6 +1,7 @@
   29.44   #ifndef _QEMU_DISAS_H
   29.45   #define _QEMU_DISAS_H
   29.46 @@ -83,8 +83,8 @@ Index: ioemu/disas.h
   29.47   #endif /* _QEMU_DISAS_H */
   29.48  Index: ioemu/exec-all.h
   29.49  ===================================================================
   29.50 ---- ioemu.orig/exec-all.h	2006-12-08 01:40:58.000000000 +0000
   29.51 -+++ ioemu/exec-all.h	2006-12-08 01:41:10.000000000 +0000
   29.52 +--- ioemu.orig/exec-all.h	2007-05-02 15:48:36.000000000 +0100
   29.53 ++++ ioemu/exec-all.h	2007-05-02 16:04:45.000000000 +0100
   29.54  @@ -509,7 +509,7 @@
   29.55   
   29.56   extern int tb_invalidated_flag;
   29.57 @@ -105,8 +105,8 @@ Index: ioemu/exec-all.h
   29.58       return addr;
   29.59  Index: ioemu/hw/pc.c
   29.60  ===================================================================
   29.61 ---- ioemu.orig/hw/pc.c	2006-12-08 01:40:58.000000000 +0000
   29.62 -+++ ioemu/hw/pc.c	2006-12-08 01:41:10.000000000 +0000
   29.63 +--- ioemu.orig/hw/pc.c	2007-05-02 15:48:36.000000000 +0100
   29.64 ++++ ioemu/hw/pc.c	2007-05-02 16:04:46.000000000 +0100
   29.65  @@ -73,6 +73,7 @@
   29.66       }
   29.67   }
   29.68 @@ -184,8 +184,8 @@ Index: ioemu/hw/pc.c
   29.69           if (serial_hds[i]) {
   29.70  Index: ioemu/hw/vga_int.h
   29.71  ===================================================================
   29.72 ---- ioemu.orig/hw/vga_int.h	2006-12-08 01:40:58.000000000 +0000
   29.73 -+++ ioemu/hw/vga_int.h	2006-12-08 01:41:10.000000000 +0000
   29.74 +--- ioemu.orig/hw/vga_int.h	2007-05-02 15:48:36.000000000 +0100
   29.75 ++++ ioemu/hw/vga_int.h	2007-05-02 16:04:45.000000000 +0100
   29.76  @@ -28,7 +28,7 @@
   29.77   #define ST01_DISP_ENABLE    0x01
   29.78   
   29.79 @@ -197,8 +197,8 @@ Index: ioemu/hw/vga_int.h
   29.80   #define VBE_DISPI_MAX_YRES              1200
   29.81  Index: ioemu/monitor.c
   29.82  ===================================================================
   29.83 ---- ioemu.orig/monitor.c	2006-12-08 01:40:58.000000000 +0000
   29.84 -+++ ioemu/monitor.c	2006-12-08 01:41:10.000000000 +0000
   29.85 +--- ioemu.orig/monitor.c	2007-05-02 15:48:36.000000000 +0100
   29.86 ++++ ioemu/monitor.c	2007-05-02 16:04:46.000000000 +0100
   29.87  @@ -68,6 +68,12 @@
   29.88   
   29.89   void term_flush(void)
   29.90 @@ -429,8 +429,8 @@ Index: ioemu/monitor.c
   29.91   {
   29.92  Index: ioemu/vl.c
   29.93  ===================================================================
   29.94 ---- ioemu.orig/vl.c	2006-12-08 01:40:58.000000000 +0000
   29.95 -+++ ioemu/vl.c	2006-12-08 01:41:10.000000000 +0000
   29.96 +--- ioemu.orig/vl.c	2007-05-02 15:48:36.000000000 +0100
   29.97 ++++ ioemu/vl.c	2007-05-02 16:05:40.000000000 +0100
   29.98  @@ -422,12 +422,15 @@
   29.99   void hw_error(const char *fmt, ...)
  29.100   {
  29.101 @@ -489,7 +489,31 @@ Index: ioemu/vl.c
  29.102   
  29.103   /***********************************************************/
  29.104   /* machine registration */
  29.105 -@@ -6054,6 +6078,7 @@
  29.106 +@@ -5664,15 +5688,19 @@
  29.107 + #endif
  29.108 +     cyls = heads = secs = 0;
  29.109 +     translation = BIOS_ATA_TRANSLATION_AUTO;
  29.110 +-    pstrcpy(monitor_device, sizeof(monitor_device), "vc");
  29.111 ++    pstrcpy(monitor_device, sizeof(monitor_device), "null");
  29.112 + 
  29.113 +-    pstrcpy(serial_devices[0], sizeof(serial_devices[0]), "vc");
  29.114 +-    for(i = 1; i < MAX_SERIAL_PORTS; i++)
  29.115 ++    for(i = 0; i < MAX_SERIAL_PORTS; i++)
  29.116 +         serial_devices[i][0] = '\0';
  29.117 +     serial_device_index = 0;
  29.118 +-    
  29.119 ++
  29.120 ++#ifndef CONFIG_DM
  29.121 +     pstrcpy(parallel_devices[0], sizeof(parallel_devices[0]), "vc");
  29.122 +     for(i = 1; i < MAX_PARALLEL_PORTS; i++)
  29.123 ++#else
  29.124 ++    /* Xen steals IRQ7 for PCI. Disable LPT1 by default. */
  29.125 ++    for(i = 0; i < MAX_PARALLEL_PORTS; i++)
  29.126 ++#endif
  29.127 +         parallel_devices[i][0] = '\0';
  29.128 +     parallel_device_index = 0;
  29.129 +     
  29.130 +@@ -6054,6 +6082,7 @@
  29.131       socket_init();
  29.132   #endif
  29.133   
  29.134 @@ -497,7 +521,7 @@ Index: ioemu/vl.c
  29.135       /* init network clients */
  29.136       if (nb_net_clients == 0) {
  29.137           /* if no clients, we use a default config */
  29.138 -@@ -6063,6 +6088,7 @@
  29.139 +@@ -6063,6 +6092,7 @@
  29.140                   "user");
  29.141           nb_net_clients = 2;
  29.142       }
    30.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    30.2 +++ b/tools/ioemu/patches/qemu-dma-null-pointer-check	Thu May 03 15:39:45 2007 +0100
    30.3 @@ -0,0 +1,13 @@
    30.4 +Index: ioemu/hw/dma.c
    30.5 +===================================================================
    30.6 +--- ioemu.orig/hw/dma.c	2007-05-02 10:30:05.000000000 +0100
    30.7 ++++ ioemu/hw/dma.c	2007-05-03 14:59:53.000000000 +0100
    30.8 +@@ -340,6 +340,8 @@
    30.9 + #endif
   30.10 + 
   30.11 +     r = dma_controllers[ncont].regs + ichan;
   30.12 ++    if (r->transfer_handler == NULL)
   30.13 ++	return;
   30.14 +     n = r->transfer_handler (r->opaque, ichan + (ncont << 2),
   30.15 +                              r->now[COUNT], (r->base[COUNT] + 1) << ncont);
   30.16 +     r->now[COUNT] = n;
    31.1 --- a/tools/ioemu/patches/qemu-logging	Thu May 03 11:22:58 2007 +0100
    31.2 +++ b/tools/ioemu/patches/qemu-logging	Thu May 03 15:39:45 2007 +0100
    31.3 @@ -1,7 +1,7 @@
    31.4  Index: ioemu/vl.c
    31.5  ===================================================================
    31.6 ---- ioemu.orig/vl.c	2006-10-24 14:36:58.000000000 +0100
    31.7 -+++ ioemu/vl.c	2006-10-24 14:37:03.000000000 +0100
    31.8 +--- ioemu.orig/vl.c	2007-05-02 16:05:51.000000000 +0100
    31.9 ++++ ioemu/vl.c	2007-05-02 16:05:51.000000000 +0100
   31.10  @@ -5234,7 +5234,7 @@
   31.11              "-S              freeze CPU at startup (use 'c' to start execution)\n"
   31.12              "-s              wait gdb connection to port %d\n"
   31.13 @@ -38,7 +38,7 @@ Index: ioemu/vl.c
   31.14       LIST_INIT (&vm_change_state_head);
   31.15   #ifndef _WIN32
   31.16       {
   31.17 -@@ -5715,6 +5717,11 @@
   31.18 +@@ -5719,6 +5721,11 @@
   31.19       nb_nics = 0;
   31.20       /* default mac address of the first network interface */
   31.21       
   31.22 @@ -50,7 +50,7 @@ Index: ioemu/vl.c
   31.23       optind = 1;
   31.24       for(;;) {
   31.25           if (optind >= argc)
   31.26 -@@ -5905,7 +5912,7 @@
   31.27 +@@ -5909,7 +5916,7 @@
   31.28                       exit(1);
   31.29                   }
   31.30                   break;
    32.1 --- a/tools/ioemu/patches/qemu-pci	Thu May 03 11:22:58 2007 +0100
    32.2 +++ b/tools/ioemu/patches/qemu-pci	Thu May 03 15:39:45 2007 +0100
    32.3 @@ -1,8 +1,8 @@
    32.4  Index: ioemu/hw/pci.c
    32.5  ===================================================================
    32.6 ---- ioemu.orig/hw/pci.c	2006-12-08 02:02:05.000000000 +0000
    32.7 -+++ ioemu/hw/pci.c	2006-12-08 18:16:55.000000000 +0000
    32.8 -@@ -286,6 +286,7 @@
    32.9 +--- ioemu.orig/hw/pci.c	2007-05-03 15:20:35.000000000 +0100
   32.10 ++++ ioemu/hw/pci.c	2007-05-03 15:20:43.000000000 +0100
   32.11 +@@ -289,6 +289,7 @@
   32.12               case 0x0b:
   32.13               case 0x0e:
   32.14               case 0x10 ... 0x27: /* base */
   32.15 @@ -10,7 +10,7 @@ Index: ioemu/hw/pci.c
   32.16               case 0x30 ... 0x33: /* rom */
   32.17               case 0x3d:
   32.18                   can_write = 0;
   32.19 -@@ -318,6 +319,18 @@
   32.20 +@@ -321,6 +322,18 @@
   32.21               break;
   32.22           }
   32.23           if (can_write) {
   32.24 @@ -31,9 +31,9 @@ Index: ioemu/hw/pci.c
   32.25           addr++;
   32.26  Index: ioemu/hw/rtl8139.c
   32.27  ===================================================================
   32.28 ---- ioemu.orig/hw/rtl8139.c	2006-12-08 02:02:05.000000000 +0000
   32.29 -+++ ioemu/hw/rtl8139.c	2006-12-08 18:16:47.000000000 +0000
   32.30 -@@ -3423,6 +3423,8 @@
   32.31 +--- ioemu.orig/hw/rtl8139.c	2007-05-03 15:20:35.000000000 +0100
   32.32 ++++ ioemu/hw/rtl8139.c	2007-05-03 15:20:43.000000000 +0100
   32.33 +@@ -3424,6 +3424,8 @@
   32.34       pci_conf[0x0e] = 0x00; /* header_type */
   32.35       pci_conf[0x3d] = 1;    /* interrupt pin 0 */
   32.36       pci_conf[0x34] = 0xdc;
   32.37 @@ -44,9 +44,9 @@ Index: ioemu/hw/rtl8139.c
   32.38   
   32.39  Index: ioemu/hw/usb-uhci.c
   32.40  ===================================================================
   32.41 ---- ioemu.orig/hw/usb-uhci.c	2006-12-08 02:02:05.000000000 +0000
   32.42 -+++ ioemu/hw/usb-uhci.c	2006-12-08 02:02:38.000000000 +0000
   32.43 -@@ -659,6 +659,8 @@
   32.44 +--- ioemu.orig/hw/usb-uhci.c	2007-05-03 15:20:35.000000000 +0100
   32.45 ++++ ioemu/hw/usb-uhci.c	2007-05-03 15:20:43.000000000 +0100
   32.46 +@@ -704,6 +704,8 @@
   32.47       pci_conf[0x0e] = 0x00; // header_type
   32.48       pci_conf[0x3d] = 4; // interrupt pin 3
   32.49       pci_conf[0x60] = 0x10; // release number
   32.50 @@ -57,8 +57,8 @@ Index: ioemu/hw/usb-uhci.c
   32.51           qemu_register_usb_port(&s->ports[i].port, s, i, uhci_attach);
   32.52  Index: ioemu/vl.h
   32.53  ===================================================================
   32.54 ---- ioemu.orig/vl.h	2006-12-08 18:16:47.000000000 +0000
   32.55 -+++ ioemu/vl.h	2006-12-08 18:16:55.000000000 +0000
   32.56 +--- ioemu.orig/vl.h	2007-05-03 15:20:43.000000000 +0100
   32.57 ++++ ioemu/vl.h	2007-05-03 15:20:43.000000000 +0100
   32.58  @@ -650,8 +650,11 @@
   32.59   #define PCI_MAX_LAT		0x3f	/* 8 bits */
   32.60   
    33.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    33.2 +++ b/tools/ioemu/patches/qemu-pci-vendor-ids	Thu May 03 15:39:45 2007 +0100
    33.3 @@ -0,0 +1,47 @@
    33.4 +Index: ioemu/hw/cirrus_vga.c
    33.5 +===================================================================
    33.6 +--- ioemu.orig/hw/cirrus_vga.c	2007-05-03 15:06:41.000000000 +0100
    33.7 ++++ ioemu/hw/cirrus_vga.c	2007-05-03 15:07:16.000000000 +0100
    33.8 +@@ -3339,6 +3339,10 @@
    33.9 +     pci_conf[0x0a] = PCI_CLASS_SUB_VGA;
   33.10 +     pci_conf[0x0b] = PCI_CLASS_BASE_DISPLAY;
   33.11 +     pci_conf[0x0e] = PCI_CLASS_HEADERTYPE_00h;
   33.12 ++    pci_conf[0x2c] = 0x53; /* subsystem vendor: XenSource */
   33.13 ++    pci_conf[0x2d] = 0x58;
   33.14 ++    pci_conf[0x2e] = 0x01; /* subsystem device */
   33.15 ++    pci_conf[0x2f] = 0x00;
   33.16 + 
   33.17 +     /* setup VGA */
   33.18 +     s = &d->cirrus_vga;
   33.19 +Index: ioemu/hw/rtl8139.c
   33.20 +===================================================================
   33.21 +--- ioemu.orig/hw/rtl8139.c	2007-05-03 15:07:16.000000000 +0100
   33.22 ++++ ioemu/hw/rtl8139.c	2007-05-03 15:07:16.000000000 +0100
   33.23 +@@ -3424,8 +3424,10 @@
   33.24 +     pci_conf[0x0e] = 0x00; /* header_type */
   33.25 +     pci_conf[0x3d] = 1;    /* interrupt pin 0 */
   33.26 +     pci_conf[0x34] = 0xdc;
   33.27 +-    pci_conf[0x2c] = pci_conf[0x00]; // same as Vendor ID
   33.28 +-    pci_conf[0x2d] = pci_conf[0x01];
   33.29 ++    pci_conf[0x2c] = 0x53; /* subsystem vendor: XenSource */
   33.30 ++    pci_conf[0x2d] = 0x58;
   33.31 ++    pci_conf[0x2e] = 0x01; /* subsystem device */
   33.32 ++    pci_conf[0x2f] = 0x00;
   33.33 + 
   33.34 +     s = &d->rtl8139;
   33.35 + 
   33.36 +Index: ioemu/hw/ide.c
   33.37 +===================================================================
   33.38 +--- ioemu.orig/hw/ide.c	2007-05-03 15:07:16.000000000 +0100
   33.39 ++++ ioemu/hw/ide.c	2007-05-03 15:07:16.000000000 +0100
   33.40 +@@ -2763,6 +2763,10 @@
   33.41 +     pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
   33.42 +     pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
   33.43 +     pci_conf[0x0e] = 0x00; // header_type
   33.44 ++    pci_conf[0x2c] = 0x53; /* subsystem vendor: XenSource */
   33.45 ++    pci_conf[0x2d] = 0x58;
   33.46 ++    pci_conf[0x2e] = 0x01; /* subsystem device */
   33.47 ++    pci_conf[0x2f] = 0x00;
   33.48 + 
   33.49 +     pci_register_io_region((PCIDevice *)d, 4, 0x10, 
   33.50 +                            PCI_ADDRESS_SPACE_IO, bmdma_map);
    34.1 --- a/tools/ioemu/patches/qemu-serial-fixes	Thu May 03 11:22:58 2007 +0100
    34.2 +++ b/tools/ioemu/patches/qemu-serial-fixes	Thu May 03 15:39:45 2007 +0100
    34.3 @@ -13,9 +13,9 @@ Signed-off-by: Keir Fraser <keir@xensour
    34.4  
    34.5  Index: ioemu/vl.c
    34.6  ===================================================================
    34.7 ---- ioemu.orig/vl.c	2006-12-08 01:28:59.000000000 +0000
    34.8 -+++ ioemu/vl.c	2006-12-08 01:28:59.000000000 +0000
    34.9 -@@ -1684,7 +1684,7 @@
   34.10 +--- ioemu.orig/vl.c	2007-05-03 10:09:02.000000000 +0100
   34.11 ++++ ioemu/vl.c	2007-05-03 10:09:02.000000000 +0100
   34.12 +@@ -1740,7 +1740,7 @@
   34.13   
   34.14       tty.c_iflag &= ~(IGNBRK|BRKINT|PARMRK|ISTRIP
   34.15                             |INLCR|IGNCR|ICRNL|IXON);
   34.16 @@ -26,8 +26,8 @@ Index: ioemu/vl.c
   34.17       switch(data_bits) {
   34.18  Index: ioemu/hw/serial.c
   34.19  ===================================================================
   34.20 ---- ioemu.orig/hw/serial.c	2006-12-08 01:28:17.000000000 +0000
   34.21 -+++ ioemu/hw/serial.c	2006-12-08 01:29:10.000000000 +0000
   34.22 +--- ioemu.orig/hw/serial.c	2007-05-03 10:09:02.000000000 +0100
   34.23 ++++ ioemu/hw/serial.c	2007-05-03 10:09:02.000000000 +0100
   34.24  @@ -73,6 +73,11 @@
   34.25   #define UART_LSR_OE	0x02	/* Overrun error indicator */
   34.26   #define UART_LSR_DR	0x01	/* Receiver data ready */
    35.1 --- a/tools/ioemu/patches/qemu-smp	Thu May 03 11:22:58 2007 +0100
    35.2 +++ b/tools/ioemu/patches/qemu-smp	Thu May 03 15:39:45 2007 +0100
    35.3 @@ -1,8 +1,8 @@
    35.4  Index: ioemu/vl.c
    35.5  ===================================================================
    35.6 ---- ioemu.orig/vl.c	2006-08-06 02:18:54.847125593 +0100
    35.7 -+++ ioemu/vl.c	2006-08-06 02:19:00.413505070 +0100
    35.8 -@@ -158,6 +158,8 @@
    35.9 +--- ioemu.orig/vl.c	2007-05-03 10:07:47.000000000 +0100
   35.10 ++++ ioemu/vl.c	2007-05-03 10:07:52.000000000 +0100
   35.11 +@@ -159,6 +159,8 @@
   35.12   int acpi_enabled = 1;
   35.13   int fd_bootchk = 1;
   35.14   
   35.15 @@ -11,7 +11,7 @@ Index: ioemu/vl.c
   35.16   int xc_handle;
   35.17   
   35.18   char domain_name[1024] = { 'H','V', 'M', 'X', 'E', 'N', '-'};
   35.19 -@@ -5172,6 +5174,7 @@
   35.20 +@@ -5173,6 +5175,7 @@
   35.21              "-m megs         set virtual RAM size to megs MB [default=%d]\n"
   35.22              "-smp n          set the number of CPUs to 'n' [default=1]\n"
   35.23              "-nographic      disable graphical output and redirect serial I/Os to console\n"
   35.24 @@ -19,7 +19,7 @@ Index: ioemu/vl.c
   35.25   #ifndef _WIN32
   35.26   	   "-k language     use keyboard layout (for example \"fr\" for French)\n"
   35.27   #endif
   35.28 -@@ -5342,6 +5345,7 @@
   35.29 +@@ -5343,6 +5346,7 @@
   35.30       QEMU_OPTION_no_acpi,
   35.31   
   35.32       QEMU_OPTION_d,
   35.33 @@ -27,7 +27,7 @@ Index: ioemu/vl.c
   35.34   };
   35.35   
   35.36   typedef struct QEMUOption {
   35.37 -@@ -5423,6 +5427,7 @@
   35.38 +@@ -5424,6 +5428,7 @@
   35.39       { "no-acpi", 0, QEMU_OPTION_no_acpi },
   35.40       
   35.41       { "d", HAS_ARG, QEMU_OPTION_d },
   35.42 @@ -35,7 +35,7 @@ Index: ioemu/vl.c
   35.43       { NULL },
   35.44   };
   35.45   
   35.46 -@@ -6087,6 +6092,10 @@
   35.47 +@@ -6092,6 +6097,10 @@
   35.48                   domid = atoi(optarg);
   35.49                   fprintf(logfile, "domid: %d\n", domid);
   35.50                   break;
    36.1 --- a/tools/ioemu/patches/qemu-target-i386-dm	Thu May 03 11:22:58 2007 +0100
    36.2 +++ b/tools/ioemu/patches/qemu-target-i386-dm	Thu May 03 15:39:45 2007 +0100
    36.3 @@ -1,7 +1,7 @@
    36.4  Index: ioemu/Makefile.target
    36.5  ===================================================================
    36.6 ---- ioemu.orig/Makefile.target	2006-12-08 01:41:10.000000000 +0000
    36.7 -+++ ioemu/Makefile.target	2006-12-08 01:41:11.000000000 +0000
    36.8 +--- ioemu.orig/Makefile.target	2007-05-03 14:53:03.000000000 +0100
    36.9 ++++ ioemu/Makefile.target	2007-05-03 14:53:58.000000000 +0100
   36.10  @@ -62,6 +62,8 @@
   36.11   QEMU_SYSTEM=qemu-fast
   36.12   endif
   36.13 @@ -32,8 +32,8 @@ Index: ioemu/Makefile.target
   36.14   DEFINES += -DHAS_AUDIO
   36.15  Index: ioemu/configure
   36.16  ===================================================================
   36.17 ---- ioemu.orig/configure	2006-12-08 01:41:10.000000000 +0000
   36.18 -+++ ioemu/configure	2006-12-08 01:41:11.000000000 +0000
   36.19 +--- ioemu.orig/configure	2007-05-03 14:53:03.000000000 +0100
   36.20 ++++ ioemu/configure	2007-05-03 14:53:57.000000000 +0100
   36.21  @@ -373,6 +373,8 @@
   36.22       if [ "$user" = "yes" ] ; then
   36.23           target_list="i386-user arm-user armeb-user sparc-user ppc-user mips-user mipsel-user $target_list"
   36.24 @@ -45,8 +45,8 @@ Index: ioemu/configure
   36.25   fi
   36.26  Index: ioemu/monitor.c
   36.27  ===================================================================
   36.28 ---- ioemu.orig/monitor.c	2006-12-08 01:41:10.000000000 +0000
   36.29 -+++ ioemu/monitor.c	2006-12-08 01:41:11.000000000 +0000
   36.30 +--- ioemu.orig/monitor.c	2007-05-03 14:53:03.000000000 +0100
   36.31 ++++ ioemu/monitor.c	2007-05-03 14:53:58.000000000 +0100
   36.32  @@ -1262,6 +1262,10 @@
   36.33         "", "show profiling information", },
   36.34       { "capture", "", do_info_capture,
   36.35 @@ -60,8 +60,8 @@ Index: ioemu/monitor.c
   36.36   
   36.37  Index: ioemu/vl.c
   36.38  ===================================================================
   36.39 ---- ioemu.orig/vl.c	2006-12-08 01:41:10.000000000 +0000
   36.40 -+++ ioemu/vl.c	2006-12-08 01:41:11.000000000 +0000
   36.41 +--- ioemu.orig/vl.c	2007-05-03 14:53:03.000000000 +0100
   36.42 ++++ ioemu/vl.c	2007-05-03 14:53:59.000000000 +0100
   36.43  @@ -87,7 +87,7 @@
   36.44   
   36.45   #include "exec-all.h"
   36.46 @@ -98,8 +98,8 @@ Index: ioemu/vl.c
   36.47   {
   36.48  Index: ioemu/vl.h
   36.49  ===================================================================
   36.50 ---- ioemu.orig/vl.h	2006-12-08 01:40:58.000000000 +0000
   36.51 -+++ ioemu/vl.h	2006-12-08 01:41:11.000000000 +0000
   36.52 +--- ioemu.orig/vl.h	2007-05-03 14:52:58.000000000 +0100
   36.53 ++++ ioemu/vl.h	2007-05-03 14:53:59.000000000 +0100
   36.54  @@ -37,6 +37,8 @@
   36.55   #include <unistd.h>
   36.56   #include <fcntl.h>
   36.57 @@ -132,7 +132,7 @@ Index: ioemu/vl.h
   36.58  Index: ioemu/target-i386-dm/cpu.h
   36.59  ===================================================================
   36.60  --- /dev/null	1970-01-01 00:00:00.000000000 +0000
   36.61 -+++ ioemu/target-i386-dm/cpu.h	2006-12-08 01:41:11.000000000 +0000
   36.62 ++++ ioemu/target-i386-dm/cpu.h	2007-05-03 14:53:58.000000000 +0100
   36.63  @@ -0,0 +1,84 @@
   36.64  +/*
   36.65  + * i386 virtual CPU header
   36.66 @@ -221,8 +221,8 @@ Index: ioemu/target-i386-dm/cpu.h
   36.67  Index: ioemu/target-i386-dm/exec-dm.c
   36.68  ===================================================================
   36.69  --- /dev/null	1970-01-01 00:00:00.000000000 +0000
   36.70 -+++ ioemu/target-i386-dm/exec-dm.c	2006-12-08 01:41:11.000000000 +0000
   36.71 -@@ -0,0 +1,546 @@
   36.72 ++++ ioemu/target-i386-dm/exec-dm.c	2007-05-03 14:53:56.000000000 +0100
   36.73 +@@ -0,0 +1,540 @@
   36.74  +/*
   36.75  + *  virtual page mapping and translated block handling
   36.76  + * 
   36.77 @@ -638,14 +638,8 @@ Index: ioemu/target-i386-dm/exec-dm.c
   36.78  +{
   36.79  +    /* Is this guest physical address RAM-backed? */
   36.80  +#if defined(CONFIG_DM) && (defined(__i386__) || defined(__x86_64__))
   36.81 -+    if (ram_size <= HVM_BELOW_4G_RAM_END)
   36.82 -+        /* RAM is contiguous */
   36.83 -+        return (addr < ram_size);
   36.84 -+    else
   36.85 -+        /* There is RAM below and above the MMIO hole */
   36.86 -+        return ((addr < HVM_BELOW_4G_MMIO_START) ||
   36.87 -+                ((addr >= HVM_BELOW_4G_MMIO_START + HVM_BELOW_4G_MMIO_LENGTH)
   36.88 -+                 && (addr < ram_size + HVM_BELOW_4G_MMIO_LENGTH)));
   36.89 ++    return ((addr < HVM_BELOW_4G_MMIO_START) ||
   36.90 ++            (addr >= HVM_BELOW_4G_MMIO_START + HVM_BELOW_4G_MMIO_LENGTH));
   36.91  +#else
   36.92  +    return (addr < ram_size);
   36.93  +#endif
   36.94 @@ -772,8 +766,8 @@ Index: ioemu/target-i386-dm/exec-dm.c
   36.95  Index: ioemu/target-i386-dm/helper2.c
   36.96  ===================================================================
   36.97  --- /dev/null	1970-01-01 00:00:00.000000000 +0000
   36.98 -+++ ioemu/target-i386-dm/helper2.c	2006-12-08 01:41:11.000000000 +0000
   36.99 -@@ -0,0 +1,488 @@
  36.100 ++++ ioemu/target-i386-dm/helper2.c	2007-05-03 14:54:46.000000000 +0100
  36.101 +@@ -0,0 +1,542 @@
  36.102  +/*
  36.103  + *  i386 helpers (without register variable usage)
  36.104  + *
  36.105 @@ -1162,6 +1156,21 @@ Index: ioemu/target-i386-dm/helper2.c
  36.106  +    req->data = tmp1;
  36.107  +}
  36.108  +
  36.109 ++void cpu_ioreq_sub(CPUState *env, ioreq_t *req)
  36.110 ++{
  36.111 ++    unsigned long tmp1, tmp2;
  36.112 ++
  36.113 ++    if (req->data_is_ptr != 0)
  36.114 ++        hw_error("expected scalar value");
  36.115 ++
  36.116 ++    read_physical(req->addr, req->size, &tmp1);
  36.117 ++    if (req->dir == IOREQ_WRITE) {
  36.118 ++        tmp2 = tmp1 - (unsigned long) req->data;
  36.119 ++        write_physical(req->addr, req->size, &tmp2);
  36.120 ++    }
  36.121 ++    req->data = tmp1;
  36.122 ++}
  36.123 ++
  36.124  +void cpu_ioreq_or(CPUState *env, ioreq_t *req)
  36.125  +{
  36.126  +    unsigned long tmp1, tmp2;
  36.127 @@ -1192,8 +1201,22 @@ Index: ioemu/target-i386-dm/helper2.c
  36.128  +    req->data = tmp1;
  36.129  +}
  36.130  +
  36.131 ++void cpu_ioreq_xchg(CPUState *env, ioreq_t *req)
  36.132 ++{
  36.133 ++    unsigned long tmp1;
  36.134 ++
  36.135 ++    if (req->data_is_ptr != 0)
  36.136 ++        hw_error("expected scalar value");
  36.137 ++
  36.138 ++    read_physical(req->addr, req->size, &tmp1);
  36.139 ++    write_physical(req->addr, req->size, &req->data);
  36.140 ++    req->data = tmp1;
  36.141 ++}
  36.142 ++
  36.143  +void cpu_handle_ioreq(void *opaque)
  36.144  +{
  36.145 ++    extern int vm_running;
  36.146 ++    extern int shutdown_requested;
  36.147  +    CPUState *env = opaque;
  36.148  +    ioreq_t *req = cpu_get_ioreq();
  36.149  +
  36.150 @@ -1216,12 +1239,18 @@ Index: ioemu/target-i386-dm/helper2.c
  36.151  +        case IOREQ_TYPE_ADD:
  36.152  +            cpu_ioreq_add(env, req);
  36.153  +            break;
  36.154 ++        case IOREQ_TYPE_SUB:
  36.155 ++            cpu_ioreq_sub(env, req);
  36.156 ++            break;
  36.157  +        case IOREQ_TYPE_OR:
  36.158  +            cpu_ioreq_or(env, req);
  36.159  +            break;
  36.160  +        case IOREQ_TYPE_XOR:
  36.161  +            cpu_ioreq_xor(env, req);
  36.162  +            break;
  36.163 ++        case IOREQ_TYPE_XCHG:
  36.164 ++            cpu_ioreq_xchg(env, req);
  36.165 ++            break;
  36.166  +        default:
  36.167  +            hw_error("Invalid ioreq type 0x%x\n", req->type);
  36.168  +        }
  36.169 @@ -1237,6 +1266,25 @@ Index: ioemu/target-i386-dm/helper2.c
  36.170  +        }
  36.171  +
  36.172  +        wmb(); /* Update ioreq contents /then/ update state. */
  36.173 ++
  36.174 ++	/*
  36.175 ++         * We do this before we send the response so that the tools
  36.176 ++         * have the opportunity to pick up on the reset before the
  36.177 ++         * guest resumes and does a hlt with interrupts disabled which
  36.178 ++         * causes Xen to powerdown the domain.
  36.179 ++         */
  36.180 ++        if (vm_running) {
  36.181 ++            if (shutdown_requested) {
  36.182 ++		fprintf(logfile, "shutdown requested in cpu_handle_ioreq\n");
  36.183 ++		destroy_hvm_domain();
  36.184 ++	    }
  36.185 ++	    if (reset_requested) {
  36.186 ++		fprintf(logfile, "reset requested in cpu_handle_ioreq.\n");
  36.187 ++		qemu_system_reset();
  36.188 ++		reset_requested = 0;
  36.189 ++	    }
  36.190 ++	}
  36.191 ++
  36.192  +        req->state = STATE_IORESP_READY;
  36.193  +        xc_evtchn_notify(xce_handle, ioreq_local_port[send_vcpu]);
  36.194  +    }
  36.195 @@ -1265,7 +1313,7 @@ Index: ioemu/target-i386-dm/helper2.c
  36.196  Index: ioemu/target-i386-dm/i8259-dm.c
  36.197  ===================================================================
  36.198  --- /dev/null	1970-01-01 00:00:00.000000000 +0000
  36.199 -+++ ioemu/target-i386-dm/i8259-dm.c	2006-12-08 01:41:11.000000000 +0000
  36.200 ++++ ioemu/target-i386-dm/i8259-dm.c	2007-05-03 14:53:57.000000000 +0100
  36.201  @@ -0,0 +1,67 @@
  36.202  +/* Xen 8259 stub for interrupt controller emulation
  36.203  + * 
  36.204 @@ -1337,7 +1385,7 @@ Index: ioemu/target-i386-dm/i8259-dm.c
  36.205  Index: ioemu/target-i386-dm/qemu-dm.debug
  36.206  ===================================================================
  36.207  --- /dev/null	1970-01-01 00:00:00.000000000 +0000
  36.208 -+++ ioemu/target-i386-dm/qemu-dm.debug	2006-12-08 01:41:11.000000000 +0000
  36.209 ++++ ioemu/target-i386-dm/qemu-dm.debug	2007-05-03 14:53:03.000000000 +0100
  36.210  @@ -0,0 +1,10 @@
  36.211  +#!/bin/sh
  36.212  +
  36.213 @@ -1352,15 +1400,14 @@ Index: ioemu/target-i386-dm/qemu-dm.debu
  36.214  Index: ioemu/target-i386-dm/qemu-ifup
  36.215  ===================================================================
  36.216  --- /dev/null	1970-01-01 00:00:00.000000000 +0000
  36.217 -+++ ioemu/target-i386-dm/qemu-ifup	2006-12-08 01:41:11.000000000 +0000
  36.218 -@@ -0,0 +1,10 @@
  36.219 ++++ ioemu/target-i386-dm/qemu-ifup	2007-05-03 14:53:03.000000000 +0100
  36.220 +@@ -0,0 +1,9 @@
  36.221  +#!/bin/sh
  36.222  +
  36.223  +#. /etc/rc.d/init.d/functions
  36.224  +#ulimit -c unlimited
  36.225  +
  36.226 -+echo -c 'config qemu network with xen bridge for '
  36.227 -+echo $*
  36.228 ++echo 'config qemu network with xen bridge for ' $*
  36.229  +
  36.230  +ifconfig $1 0.0.0.0 up
  36.231  +brctl addif $2 $1
    37.1 --- a/tools/ioemu/patches/qemu-timer	Thu May 03 11:22:58 2007 +0100
    37.2 +++ b/tools/ioemu/patches/qemu-timer	Thu May 03 15:39:45 2007 +0100
    37.3 @@ -1,8 +1,8 @@
    37.4  Index: ioemu/vl.c
    37.5  ===================================================================
    37.6 ---- ioemu.orig/vl.c	2006-08-06 02:22:53.925474246 +0100
    37.7 -+++ ioemu/vl.c	2006-08-06 02:22:56.618174081 +0100
    37.8 -@@ -824,6 +824,16 @@
    37.9 +--- ioemu.orig/vl.c	2007-05-03 10:07:52.000000000 +0100
   37.10 ++++ ioemu/vl.c	2007-05-03 10:07:52.000000000 +0100
   37.11 +@@ -825,6 +825,16 @@
   37.12       }
   37.13   }
   37.14   
   37.15 @@ -19,7 +19,7 @@ Index: ioemu/vl.c
   37.16   static void timer_save(QEMUFile *f, void *opaque)
   37.17   {
   37.18       if (cpu_ticks_enabled) {
   37.19 -@@ -940,6 +950,8 @@
   37.20 +@@ -941,6 +951,8 @@
   37.21   
   37.22   #endif /* !defined(_WIN32) */
   37.23   
   37.24 @@ -28,7 +28,7 @@ Index: ioemu/vl.c
   37.25   static void init_timer_alarm(void)
   37.26   {
   37.27   #ifdef _WIN32
   37.28 -@@ -971,12 +983,15 @@
   37.29 +@@ -972,12 +984,15 @@
   37.30       pit_min_timer_count = ((uint64_t)10000 * PIT_FREQ) / 1000000;
   37.31   #else
   37.32       {
   37.33 @@ -44,7 +44,7 @@ Index: ioemu/vl.c
   37.34           /* timer signal */
   37.35           sigfillset(&act.sa_mask);
   37.36          act.sa_flags = 0;
   37.37 -@@ -1022,6 +1037,7 @@
   37.38 +@@ -1023,6 +1038,7 @@
   37.39               pit_min_timer_count = ((uint64_t)itv.it_interval.tv_usec * 
   37.40                                      PIT_FREQ) / 1000000;
   37.41           }
    38.1 --- a/tools/ioemu/patches/qemu-tunable-ide-write-cache	Thu May 03 11:22:58 2007 +0100
    38.2 +++ b/tools/ioemu/patches/qemu-tunable-ide-write-cache	Thu May 03 15:39:45 2007 +0100
    38.3 @@ -1,7 +1,7 @@
    38.4  Index: ioemu/hw/ide.c
    38.5  ===================================================================
    38.6 ---- ioemu.orig/hw/ide.c	2006-08-20 22:22:36.000000000 +0100
    38.7 -+++ ioemu/hw/ide.c	2006-08-20 23:56:13.000000000 +0100
    38.8 +--- ioemu.orig/hw/ide.c	2007-05-03 15:07:15.000000000 +0100
    38.9 ++++ ioemu/hw/ide.c	2007-05-03 15:07:16.000000000 +0100
   38.10  @@ -305,6 +305,7 @@
   38.11       PCIDevice *pci_dev;
   38.12       struct BMDMAState *bmdma;
   38.13 @@ -10,7 +10,7 @@ Index: ioemu/hw/ide.c
   38.14       /* ide regs */
   38.15       uint8_t feature;
   38.16       uint8_t error;
   38.17 -@@ -789,6 +790,9 @@
   38.18 +@@ -947,6 +948,9 @@
   38.19       }
   38.20       ide_set_sector(s, sector_num + n);
   38.21       
   38.22 @@ -20,7 +20,7 @@ Index: ioemu/hw/ide.c
   38.23   #ifdef TARGET_I386
   38.24       if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
   38.25           /* It seems there is a bug in the Windows 2000 installer HDD
   38.26 -@@ -863,6 +867,10 @@
   38.27 +@@ -1021,6 +1025,10 @@
   38.28           transfer_size -= len;
   38.29           phys_addr += len;
   38.30       }
   38.31 @@ -31,7 +31,7 @@ Index: ioemu/hw/ide.c
   38.32       return transfer_size1 - transfer_size;
   38.33   }
   38.34   
   38.35 -@@ -1672,7 +1680,15 @@
   38.36 +@@ -1831,7 +1839,15 @@
   38.37               /* XXX: valid for CDROM ? */
   38.38               switch(s->feature) {
   38.39               case 0x02: /* write cache enable */
   38.40 @@ -47,7 +47,7 @@ Index: ioemu/hw/ide.c
   38.41               case 0xaa: /* read look-ahead enable */
   38.42               case 0x55: /* read look-ahead disable */
   38.43                   s->status = READY_STAT | SEEK_STAT;
   38.44 -@@ -2090,6 +2106,7 @@
   38.45 +@@ -2254,6 +2270,7 @@
   38.46           s->irq = irq;
   38.47           s->sector_write_timer = qemu_new_timer(vm_clock, 
   38.48                                                  ide_sector_write_timer_cb, s);
    39.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    39.2 +++ b/tools/ioemu/patches/scsi	Thu May 03 15:39:45 2007 +0100
    39.3 @@ -0,0 +1,194 @@
    39.4 +Index: ioemu/vl.c
    39.5 +===================================================================
    39.6 +--- ioemu.orig/vl.c	2007-05-03 15:20:45.000000000 +0100
    39.7 ++++ ioemu/vl.c	2007-05-03 15:20:45.000000000 +0100
    39.8 +@@ -116,7 +116,7 @@
    39.9 + void *ioport_opaque[MAX_IOPORTS];
   39.10 + IOPortReadFunc *ioport_read_table[3][MAX_IOPORTS];
   39.11 + IOPortWriteFunc *ioport_write_table[3][MAX_IOPORTS];
   39.12 +-BlockDriverState *bs_table[MAX_DISKS], *fd_table[MAX_FD];
   39.13 ++BlockDriverState *bs_table[MAX_DISKS + MAX_SCSI_DISKS], *fd_table[MAX_FD];
   39.14 + int vga_ram_size;
   39.15 + int bios_size;
   39.16 + static DisplayState display_state;
   39.17 +@@ -1396,7 +1396,7 @@
   39.18 +         case 's': 
   39.19 +             {
   39.20 +                 int i;
   39.21 +-                for (i = 0; i < MAX_DISKS; i++) {
   39.22 ++                for (i = 0; i < MAX_DISKS + MAX_SCSI_DISKS; i++) {
   39.23 +                     if (bs_table[i])
   39.24 +                         bdrv_commit(bs_table[i]);
   39.25 +                 }
   39.26 +@@ -6057,7 +6057,7 @@
   39.27 +     int snapshot, linux_boot;
   39.28 +     const char *initrd_filename;
   39.29 + #ifndef CONFIG_DM
   39.30 +-    const char *hd_filename[MAX_DISKS];
   39.31 ++    const char *hd_filename[MAX_DISKS + MAX_SCSI_DISKS];
   39.32 + #endif /* !CONFIG_DM */
   39.33 +     const char *fd_filename[MAX_FD];
   39.34 +     const char *kernel_filename, *kernel_cmdline;
   39.35 +@@ -6126,7 +6126,7 @@
   39.36 +     for(i = 0; i < MAX_FD; i++)
   39.37 +         fd_filename[i] = NULL;
   39.38 + #ifndef CONFIG_DM
   39.39 +-    for(i = 0; i < MAX_DISKS; i++)
   39.40 ++    for(i = 0; i < MAX_DISKS + MAX_SCSI_DISKS; i++)
   39.41 +         hd_filename[i] = NULL;
   39.42 + #endif /* !CONFIG_DM */
   39.43 +     ram_size = DEFAULT_RAM_SIZE * 1024 * 1024;
   39.44 +@@ -6724,7 +6724,7 @@
   39.45 +     }
   39.46 + 
   39.47 +     /* open the virtual block devices */
   39.48 +-    for(i = 0; i < MAX_DISKS; i++) {
   39.49 ++    for(i = 0; i < MAX_DISKS + MAX_SCSI_DISKS; i++) {
   39.50 +         if (hd_filename[i]) {
   39.51 +             if (!bs_table[i]) {
   39.52 +                 char buf[64];
   39.53 +Index: ioemu/vl.h
   39.54 +===================================================================
   39.55 +--- ioemu.orig/vl.h	2007-05-03 15:20:45.000000000 +0100
   39.56 ++++ ioemu/vl.h	2007-05-03 15:20:45.000000000 +0100
   39.57 +@@ -818,8 +818,9 @@
   39.58 + 
   39.59 + /* ide.c */
   39.60 + #define MAX_DISKS 4
   39.61 ++#define MAX_SCSI_DISKS 7
   39.62 + 
   39.63 +-extern BlockDriverState *bs_table[MAX_DISKS];
   39.64 ++extern BlockDriverState *bs_table[MAX_DISKS + MAX_SCSI_DISKS];
   39.65 + 
   39.66 + void isa_ide_init(int iobase, int iobase2, int irq,
   39.67 +                   BlockDriverState *hd0, BlockDriverState *hd1);
   39.68 +Index: ioemu/hw/pc.c
   39.69 +===================================================================
   39.70 +--- ioemu.orig/hw/pc.c	2007-05-03 15:20:44.000000000 +0100
   39.71 ++++ ioemu/hw/pc.c	2007-05-03 15:20:45.000000000 +0100
   39.72 +@@ -902,7 +902,6 @@
   39.73 +     if (pci_enabled && acpi_enabled) {
   39.74 +         piix4_pm_init(pci_bus, piix3_devfn + 3);
   39.75 +     }
   39.76 +-#endif /* !CONFIG_DM */
   39.77 + 
   39.78 + #if 0
   39.79 +     /* ??? Need to figure out some way for the user to
   39.80 +@@ -921,6 +920,18 @@
   39.81 +         lsi_scsi_attach(scsi, bdrv, -1);
   39.82 +     }
   39.83 + #endif
   39.84 ++#else
   39.85 ++    if (pci_enabled) {
   39.86 ++        void *scsi = NULL;
   39.87 ++        for (i = 0; i < MAX_SCSI_DISKS ; i++) {
   39.88 ++            if (!bs_table[i + MAX_DISKS])
   39.89 ++                continue;
   39.90 ++            if (!scsi)
   39.91 ++                scsi = lsi_scsi_init(pci_bus, -1);
   39.92 ++            lsi_scsi_attach(scsi, bs_table[i + MAX_DISKS], -1);
   39.93 ++        }
   39.94 ++    }
   39.95 ++#endif /* !CONFIG_DM */
   39.96 +     /* must be done after all PCI devices are instanciated */
   39.97 +     /* XXX: should be done in the Bochs BIOS */
   39.98 +     if (pci_enabled) {
   39.99 +Index: ioemu/xenstore.c
  39.100 +===================================================================
  39.101 +--- ioemu.orig/xenstore.c	2007-05-03 15:20:45.000000000 +0100
  39.102 ++++ ioemu/xenstore.c	2007-05-03 15:20:45.000000000 +0100
  39.103 +@@ -18,7 +18,7 @@
  39.104 + #include <fcntl.h>
  39.105 + 
  39.106 + static struct xs_handle *xsh = NULL;
  39.107 +-static char *media_filename[MAX_DISKS];
  39.108 ++static char *media_filename[MAX_DISKS + MAX_SCSI_DISKS];
  39.109 + static QEMUTimer *insert_timer = NULL;
  39.110 + 
  39.111 + #define UWAIT_MAX (30*1000000) /* thirty seconds */
  39.112 +@@ -44,7 +44,7 @@
  39.113 + {
  39.114 +     int i;
  39.115 + 
  39.116 +-    for (i = 0; i < MAX_DISKS; i++) {
  39.117 ++    for (i = 0; i < MAX_DISKS + MAX_SCSI_DISKS; i++) {
  39.118 +         if (media_filename[i] && bs_table[i]) {
  39.119 +             do_change(bs_table[i]->device_name, media_filename[i]);
  39.120 +             free(media_filename[i]);
  39.121 +@@ -83,10 +83,10 @@
  39.122 +     char *buf = NULL, *path;
  39.123 +     char *fpath = NULL, *bpath = NULL,
  39.124 +         *dev = NULL, *params = NULL, *type = NULL;
  39.125 +-    int i;
  39.126 ++    int i, is_scsi;
  39.127 +     unsigned int len, num, hd_index;
  39.128 + 
  39.129 +-    for(i = 0; i < MAX_DISKS; i++)
  39.130 ++    for(i = 0; i < MAX_DISKS + MAX_SCSI_DISKS; i++)
  39.131 +         media_filename[i] = NULL;
  39.132 + 
  39.133 +     xsh = xs_daemon_open();
  39.134 +@@ -123,10 +123,11 @@
  39.135 +         dev = xs_read(xsh, XBT_NULL, buf, &len);
  39.136 +         if (dev == NULL)
  39.137 +             continue;
  39.138 +-        if (strncmp(dev, "hd", 2) || strlen(dev) != 3)
  39.139 ++        is_scsi = !strncmp(dev, "sd", 2);
  39.140 ++        if ((strncmp(dev, "hd", 2) && !is_scsi) || strlen(dev) != 3 )
  39.141 +             continue;
  39.142 +         hd_index = dev[2] - 'a';
  39.143 +-        if (hd_index >= MAX_DISKS)
  39.144 ++        if (hd_index >= (is_scsi ? MAX_SCSI_DISKS : MAX_DISKS))
  39.145 +             continue;
  39.146 +         /* read the type of the device */
  39.147 +         if (pasprintf(&buf, "%s/device/vbd/%s/device-type", path, e[i]) == -1)
  39.148 +@@ -163,7 +164,7 @@
  39.149 +             }
  39.150 +         }
  39.151 + 
  39.152 +-        bs_table[hd_index] = bdrv_new(dev);
  39.153 ++        bs_table[hd_index + (is_scsi ? MAX_DISKS : 0)] = bdrv_new(dev);
  39.154 +         /* check if it is a cdrom */
  39.155 +         if (type && !strcmp(type, "cdrom")) {
  39.156 +             bdrv_set_type_hint(bs_table[hd_index], BDRV_TYPE_CDROM);
  39.157 +@@ -172,7 +173,8 @@
  39.158 +         }
  39.159 +         /* open device now if media present */
  39.160 +         if (params[0]) {
  39.161 +-            if (bdrv_open(bs_table[hd_index], params, 0 /* snapshot */) < 0)
  39.162 ++            if (bdrv_open(bs_table[hd_index + (is_scsi ? MAX_DISKS : 0)],
  39.163 ++                          params, 0 /* snapshot */) < 0)
  39.164 +                 fprintf(stderr, "qemu: could not open hard disk image '%s'\n",
  39.165 +                         params);
  39.166 +         }
  39.167 +Index: ioemu/monitor.c
  39.168 +===================================================================
  39.169 +--- ioemu.orig/monitor.c	2007-05-03 15:18:43.000000000 +0100
  39.170 ++++ ioemu/monitor.c	2007-05-03 15:20:45.000000000 +0100
  39.171 +@@ -180,7 +180,7 @@
  39.172 + {
  39.173 +     int i;
  39.174 + 
  39.175 +-    for (i = 0; i < MAX_DISKS; i++) {
  39.176 ++    for (i = 0; i < MAX_DISKS + MAX_SCSI_DISKS; i++) {
  39.177 +         if (bs_table[i]) {
  39.178 +             bdrv_commit(bs_table[i]);
  39.179 +         }
  39.180 +Index: ioemu/hw/lsi53c895a.c
  39.181 +===================================================================
  39.182 +--- ioemu.orig/hw/lsi53c895a.c	2007-05-03 15:18:43.000000000 +0100
  39.183 ++++ ioemu/hw/lsi53c895a.c	2007-05-03 15:20:45.000000000 +0100
  39.184 +@@ -1071,8 +1071,13 @@
  39.185 +         shift = (offset & 3) * 8;
  39.186 +         return (s->scratch[n] >> shift) & 0xff;
  39.187 +     }
  39.188 ++#ifndef CONFIG_DM
  39.189 +     BADF("readb 0x%x\n", offset);
  39.190 +     exit(1);
  39.191 ++#else
  39.192 ++    /* XEN: This path can be triggered (e.g. ASPI8DOS.SYS reads 0x8). */
  39.193 ++    return 0;
  39.194 ++#endif
  39.195 + #undef CASE_GET_REG32
  39.196 + }
  39.197 + 
    40.1 --- a/tools/ioemu/patches/serial-non-block	Thu May 03 11:22:58 2007 +0100
    40.2 +++ b/tools/ioemu/patches/serial-non-block	Thu May 03 15:39:45 2007 +0100
    40.3 @@ -1,8 +1,8 @@
    40.4  Index: ioemu/vl.c
    40.5  ===================================================================
    40.6 ---- ioemu.orig/vl.c	2006-08-17 19:49:52.162002356 +0100
    40.7 -+++ ioemu/vl.c	2006-08-17 19:49:56.273547905 +0100
    40.8 -@@ -1175,19 +1175,34 @@
    40.9 +--- ioemu.orig/vl.c	2007-05-03 10:07:53.000000000 +0100
   40.10 ++++ ioemu/vl.c	2007-05-03 10:07:53.000000000 +0100
   40.11 +@@ -1176,19 +1176,34 @@
   40.12   
   40.13   static int unix_write(int fd, const uint8_t *buf, int len1)
   40.14   {
    41.1 --- a/tools/ioemu/patches/series	Thu May 03 11:22:58 2007 +0100
    41.2 +++ b/tools/ioemu/patches/series	Thu May 03 15:39:45 2007 +0100
    41.3 @@ -24,11 +24,18 @@ hypervisor-pit
    41.4  shared-vram
    41.5  shadow-vram
    41.6  serial-non-block
    41.7 +ioemu-save-restore
    41.8 +ioemu-save-restore-ide
    41.9 +ioemu-save-restore-usb
   41.10 +ioemu-save-restore-timer
   41.11 +ioemu-save-restore-rtl8139
   41.12 +ioemu-save-restore-pcnet
   41.13 +ioemu-save-restore-ne2000
   41.14  ide-hd-multithread
   41.15 -domain-timeoffset
   41.16  acpi-support
   41.17  acpi-timer-support
   41.18  acpi-poweroff-support
   41.19 +ioemu-save-restore-acpi
   41.20  fix-vga-scanning-code-overflow
   41.21  vnc-cleanup
   41.22  vnc-fixes
   41.23 @@ -39,16 +46,20 @@ vnc-access-monitor-vt
   41.24  vnc-display-find-unused
   41.25  vnc-listen-specific-interface
   41.26  vnc-backoff-screen-scan
   41.27 +xenstore
   41.28  xenstore-block-device-config
   41.29  xenstore-write-vnc-port
   41.30 +domain-timeoffset
   41.31  qemu-allow-disable-sdl
   41.32  qemu-fix-memset-args
   41.33  xen-support-buffered-ioreqs
   41.34 +ioemu-buffer-pio-ia64
   41.35  qemu-daemonize
   41.36  xen-platform-device
   41.37  qemu-bootorder
   41.38  qemu-tunable-ide-write-cache
   41.39  qemu-pci 
   41.40 +qemu-pci-vendor-ids
   41.41  serial-port-rate-limit
   41.42  hypervisor-rtc
   41.43  ide-cd-dma
   41.44 @@ -67,5 +78,13 @@ usb-uhci-buffer-size
   41.45  vnc-monitor-shift-key-processing
   41.46  ide-error-reporting
   41.47  vnc-numpad-handling
   41.48 +vnc-altgr-keysym
   41.49  xen-mapcache
   41.50 -usb-mouse-tablet-status-check -p3
   41.51 +ioemu-save-restore-logdirty
   41.52 +usb-mouse-tablet-status-check
   41.53 +vnc-fix-signedness
   41.54 +vnc-fix-version-check
   41.55 +scsi
   41.56 +qemu-cirrus-bounds-checks
   41.57 +qemu-block-device-bounds-checks
   41.58 +qemu-dma-null-pointer-check
    42.1 --- a/tools/ioemu/patches/shadow-vram	Thu May 03 11:22:58 2007 +0100
    42.2 +++ b/tools/ioemu/patches/shadow-vram	Thu May 03 15:39:45 2007 +0100
    42.3 @@ -1,7 +1,7 @@
    42.4  Index: ioemu/hw/vga.c
    42.5  ===================================================================
    42.6 ---- ioemu.orig/hw/vga.c	2006-08-17 19:49:52.159002688 +0100
    42.7 -+++ ioemu/hw/vga.c	2006-08-17 19:49:54.575735565 +0100
    42.8 +--- ioemu.orig/hw/vga.c	2007-05-02 10:32:35.000000000 +0100
    42.9 ++++ ioemu/hw/vga.c	2007-05-02 10:35:05.000000000 +0100
   42.10  @@ -1359,6 +1359,105 @@
   42.11       }
   42.12   }
   42.13 @@ -120,10 +120,11 @@ Index: ioemu/hw/vga.c
   42.14       addr1 = (s->start_addr * 4);
   42.15       bwidth = width * 4;
   42.16       y_start = -1;
   42.17 -@@ -1889,6 +1993,14 @@
   42.18 +@@ -1889,7 +1993,18 @@
   42.19   
   42.20       vga_reset(s);
   42.21   
   42.22 +-    s->vram_ptr = qemu_malloc(vga_ram_size);
   42.23  +    check_sse2();
   42.24  +    s->vram_shadow = qemu_malloc(vga_ram_size+TARGET_PAGE_SIZE+1);
   42.25  +    if (s->vram_shadow == NULL)
   42.26 @@ -132,16 +133,43 @@ Index: ioemu/hw/vga.c
   42.27  +    s->vram_shadow = (uint8_t *)((long)(s->vram_shadow + TARGET_PAGE_SIZE - 1)
   42.28  +                                 & ~(TARGET_PAGE_SIZE - 1));
   42.29  +
   42.30 -     s->vram_ptr = qemu_malloc(vga_ram_size);
   42.31 ++    /* Video RAM must be 128-bit aligned for SSE optimizations later */
   42.32 ++    s->vram_alloc = qemu_malloc(vga_ram_size + 15);
   42.33 ++    s->vram_ptr = (uint8_t *)((long)(s->vram_alloc + 15) & ~15L);
   42.34 ++
   42.35       s->vram_offset = vga_ram_offset;
   42.36       s->vram_size = vga_ram_size;
   42.37 +     s->ds = ds;
   42.38 +@@ -2013,7 +2128,7 @@
   42.39 +     }
   42.40 + 
   42.41 +     if (!vga_ram_base) {
   42.42 +-        vga_ram_base = qemu_malloc(vga_ram_size);
   42.43 ++        vga_ram_base = qemu_malloc(vga_ram_size + TARGET_PAGE_SIZE + 1);
   42.44 +         if (!vga_ram_base) {
   42.45 +             fprintf(stderr, "reallocate error\n");
   42.46 +             return NULL;
   42.47 +@@ -2021,8 +2136,10 @@
   42.48 +     }
   42.49 + 
   42.50 +     /* XXX lock needed? */
   42.51 ++    old_pointer = s->vram_alloc;
   42.52 ++    s->vram_alloc = vga_ram_base;
   42.53 ++    vga_ram_base = (uint8_t *)((long)(vga_ram_base + 15) & ~15L);
   42.54 +     memcpy(vga_ram_base, s->vram_ptr, vga_ram_size);
   42.55 +-    old_pointer = s->vram_ptr;
   42.56 +     s->vram_ptr = vga_ram_base;
   42.57 + 
   42.58 +     return old_pointer;
   42.59  Index: ioemu/hw/vga_int.h
   42.60  ===================================================================
   42.61 ---- ioemu.orig/hw/vga_int.h	2006-08-17 19:49:52.159002688 +0100
   42.62 -+++ ioemu/hw/vga_int.h	2006-08-17 19:49:54.575735565 +0100
   42.63 -@@ -79,6 +79,7 @@
   42.64 +--- ioemu.orig/hw/vga_int.h	2007-05-02 10:32:35.000000000 +0100
   42.65 ++++ ioemu/hw/vga_int.h	2007-05-02 10:35:10.000000000 +0100
   42.66 +@@ -78,7 +78,9 @@
   42.67 + #define VGA_MAX_HEIGHT 2048
   42.68   
   42.69   #define VGA_STATE_COMMON                                                \
   42.70 ++    uint8_t *vram_alloc;                                                \
   42.71       uint8_t *vram_ptr;                                                  \
   42.72  +    uint8_t *vram_shadow;                                               \
   42.73       unsigned long vram_offset;                                          \
    43.1 --- a/tools/ioemu/patches/shared-vram	Thu May 03 11:22:58 2007 +0100
    43.2 +++ b/tools/ioemu/patches/shared-vram	Thu May 03 15:39:45 2007 +0100
    43.3 @@ -1,7 +1,7 @@
    43.4  Index: ioemu/hw/cirrus_vga.c
    43.5  ===================================================================
    43.6 ---- ioemu.orig/hw/cirrus_vga.c	2006-12-08 01:57:54.000000000 +0000
    43.7 -+++ ioemu/hw/cirrus_vga.c	2006-12-08 02:00:04.000000000 +0000
    43.8 +--- ioemu.orig/hw/cirrus_vga.c	2007-05-03 09:56:32.000000000 +0100
    43.9 ++++ ioemu/hw/cirrus_vga.c	2007-05-03 10:07:53.000000000 +0100
   43.10  @@ -28,6 +28,9 @@
   43.11    */
   43.12   #include "vl.h"
   43.13 @@ -39,7 +39,7 @@ Index: ioemu/hw/cirrus_vga.c
   43.14   /***************************************
   43.15    *
   43.16    *  prototypes.
   43.17 -@@ -2520,6 +2529,80 @@
   43.18 +@@ -2520,6 +2529,83 @@
   43.19       cirrus_linear_bitblt_writel,
   43.20   };
   43.21   
   43.22 @@ -85,7 +85,8 @@ Index: ioemu/hw/cirrus_vga.c
   43.23  +    return vram_pointer;
   43.24  +}
   43.25  +
   43.26 -+static int unset_vram_mapping(unsigned long begin, unsigned long end)
   43.27 ++static int unset_vram_mapping(unsigned long begin, unsigned long end, 
   43.28 ++                              void *mapping)
   43.29  +{
   43.30  +    xen_pfn_t *extent_start = NULL;
   43.31  +    unsigned long nr_extents;
   43.32 @@ -105,11 +106,13 @@ Index: ioemu/hw/cirrus_vga.c
   43.33  +        return -1;
   43.34  +    }
   43.35  +
   43.36 ++    /* Drop our own references to the vram pages */
   43.37 ++    munmap(mapping, nr_extents * TARGET_PAGE_SIZE);
   43.38 ++
   43.39 ++    /* Now drop the guest's mappings */
   43.40  +    memset(extent_start, 0, sizeof(xen_pfn_t) * nr_extents);
   43.41 -+
   43.42  +    for (i = 0; i < nr_extents; i++)
   43.43  +        extent_start[i] = (begin + (i * TARGET_PAGE_SIZE)) >> TARGET_PAGE_BITS;
   43.44 -+
   43.45  +    unset_mm_mapping(xc_handle, domid, nr_extents, 0, extent_start);
   43.46  +
   43.47  +    free(extent_start);
   43.48 @@ -120,7 +123,7 @@ Index: ioemu/hw/cirrus_vga.c
   43.49   /* Compute the memory access functions */
   43.50   static void cirrus_update_memory_access(CirrusVGAState *s)
   43.51   {
   43.52 -@@ -2538,11 +2621,39 @@
   43.53 +@@ -2538,11 +2624,37 @@
   43.54           
   43.55   	mode = s->gr[0x05] & 0x7;
   43.56   	if (mode < 4 || mode > 5 || ((s->gr[0x0B] & 0x4) == 0)) {
   43.57 @@ -145,22 +148,20 @@ Index: ioemu/hw/cirrus_vga.c
   43.58           } else {
   43.59           generic_io:
   43.60  +            if (s->cirrus_lfb_addr && s->cirrus_lfb_end && s->map_addr) {
   43.61 -+		int error;
   43.62 -+                void *old_vram = NULL;
   43.63 ++                void *old_vram;
   43.64 ++
   43.65 ++                old_vram = vga_update_vram((VGAState *)s, NULL, VGA_RAM_SIZE);
   43.66  +
   43.67 -+		error = unset_vram_mapping(s->cirrus_lfb_addr,
   43.68 -+					   s->cirrus_lfb_end);
   43.69 -+		if (!error)
   43.70 -+		    old_vram = vga_update_vram((VGAState *)s, NULL,
   43.71 -+                                               VGA_RAM_SIZE);
   43.72 -+                if (old_vram)
   43.73 -+                    munmap(old_vram, s->map_addr - s->map_end);
   43.74 ++                unset_vram_mapping(s->cirrus_lfb_addr,
   43.75 ++                                   s->cirrus_lfb_end, 
   43.76 ++                                   old_vram);
   43.77 ++
   43.78  +                s->map_addr = s->map_end = 0;
   43.79  +            }
   43.80               s->cirrus_linear_write[0] = cirrus_linear_writeb;
   43.81               s->cirrus_linear_write[1] = cirrus_linear_writew;
   43.82               s->cirrus_linear_write[2] = cirrus_linear_writel;
   43.83 -@@ -3136,6 +3247,13 @@
   43.84 +@@ -3136,6 +3248,13 @@
   43.85       /* XXX: add byte swapping apertures */
   43.86       cpu_register_physical_memory(addr, s->vram_size,
   43.87   				 s->cirrus_linear_io_addr);
   43.88 @@ -176,8 +177,8 @@ Index: ioemu/hw/cirrus_vga.c
   43.89   }
   43.90  Index: ioemu/hw/pc.c
   43.91  ===================================================================
   43.92 ---- ioemu.orig/hw/pc.c	2006-12-08 02:00:04.000000000 +0000
   43.93 -+++ ioemu/hw/pc.c	2006-12-08 02:00:04.000000000 +0000
   43.94 +--- ioemu.orig/hw/pc.c	2007-05-03 10:07:53.000000000 +0100
   43.95 ++++ ioemu/hw/pc.c	2007-05-03 10:07:53.000000000 +0100
   43.96  @@ -790,14 +790,14 @@
   43.97       if (cirrus_vga_enabled) {
   43.98           if (pci_enabled) {
   43.99 @@ -198,8 +199,8 @@ Index: ioemu/hw/pc.c
  43.100   
  43.101  Index: ioemu/hw/vga.c
  43.102  ===================================================================
  43.103 ---- ioemu.orig/hw/vga.c	2006-12-08 02:00:04.000000000 +0000
  43.104 -+++ ioemu/hw/vga.c	2006-12-08 02:00:04.000000000 +0000
  43.105 +--- ioemu.orig/hw/vga.c	2007-05-03 10:07:52.000000000 +0100
  43.106 ++++ ioemu/hw/vga.c	2007-05-03 10:07:53.000000000 +0100
  43.107  @@ -1858,6 +1858,7 @@
  43.108       /* TODO: add vbe support if enabled */
  43.109   }
  43.110 @@ -251,8 +252,8 @@ Index: ioemu/hw/vga.c
  43.111   
  43.112  Index: ioemu/hw/vga_int.h
  43.113  ===================================================================
  43.114 ---- ioemu.orig/hw/vga_int.h	2006-12-08 01:57:54.000000000 +0000
  43.115 -+++ ioemu/hw/vga_int.h	2006-12-08 02:00:04.000000000 +0000
  43.116 +--- ioemu.orig/hw/vga_int.h	2007-05-03 09:56:32.000000000 +0100
  43.117 ++++ ioemu/hw/vga_int.h	2007-05-03 10:07:53.000000000 +0100
  43.118  @@ -169,5 +169,6 @@
  43.119                                unsigned int color0, unsigned int color1,
  43.120                                unsigned int color_xor);
  43.121 @@ -262,9 +263,9 @@ Index: ioemu/hw/vga_int.h
  43.122   extern const uint8_t gr_mask[16];
  43.123  Index: ioemu/vl.c
  43.124  ===================================================================
  43.125 ---- ioemu.orig/vl.c	2006-12-08 02:00:04.000000000 +0000
  43.126 -+++ ioemu/vl.c	2006-12-08 02:00:27.000000000 +0000
  43.127 -@@ -5693,6 +5693,62 @@
  43.128 +--- ioemu.orig/vl.c	2007-05-03 10:07:53.000000000 +0100
  43.129 ++++ ioemu/vl.c	2007-05-03 10:07:53.000000000 +0100
  43.130 +@@ -5745,6 +5745,62 @@
  43.131   
  43.132   #define MAX_NET_CLIENTS 32
  43.133   
  43.134 @@ -278,17 +279,17 @@ Index: ioemu/vl.c
  43.135  +    int err = 0;
  43.136  +    xc_dominfo_t info;
  43.137  +
  43.138 ++    xc_domain_getinfo(xc_handle, domid, 1, &info);
  43.139 ++    if ((info.nr_pages - nr_pages) <= 0) {
  43.140 ++        fprintf(stderr, "unset_mm_mapping: error nr_pages\n");
  43.141 ++        err = -1;
  43.142 ++    }
  43.143 ++
  43.144  +    err = xc_domain_memory_decrease_reservation(xc_handle, domid,
  43.145  +                                                nr_pages, 0, extent_start);
  43.146  +    if (err)
  43.147  +        fprintf(stderr, "Failed to decrease physmap\n");
  43.148  +
  43.149 -+    xc_domain_getinfo(xc_handle, domid, 1, &info);
  43.150 -+
  43.151 -+    if ((info.nr_pages - nr_pages) <= 0) {
  43.152 -+        fprintf(stderr, "unset_mm_mapping: error nr_pages\n");
  43.153 -+        err = -1;
  43.154 -+    }
  43.155  +
  43.156  +    if (xc_domain_setmaxmem(xc_handle, domid, (info.nr_pages - nr_pages) *
  43.157  +                            PAGE_SIZE/1024) != 0) {
  43.158 @@ -329,8 +330,8 @@ Index: ioemu/vl.c
  43.159   #ifdef CONFIG_GDBSTUB
  43.160  Index: ioemu/vl.h
  43.161  ===================================================================
  43.162 ---- ioemu.orig/vl.h	2006-12-08 02:00:04.000000000 +0000
  43.163 -+++ ioemu/vl.h	2006-12-08 02:00:04.000000000 +0000
  43.164 +--- ioemu.orig/vl.h	2007-05-03 10:07:53.000000000 +0100
  43.165 ++++ ioemu/vl.h	2007-05-03 10:07:53.000000000 +0100
  43.166  @@ -145,6 +145,13 @@
  43.167   
  43.168   void main_loop_wait(int timeout);
    44.1 --- a/tools/ioemu/patches/support-xm-console	Thu May 03 11:22:58 2007 +0100
    44.2 +++ b/tools/ioemu/patches/support-xm-console	Thu May 03 15:39:45 2007 +0100
    44.3 @@ -1,17 +1,56 @@
    44.4  Index: ioemu/vl.c
    44.5  ===================================================================
    44.6 ---- ioemu.orig/vl.c	2006-08-17 19:49:40.119333436 +0100
    44.7 -+++ ioemu/vl.c	2006-08-17 19:49:48.566399780 +0100
    44.8 -@@ -1536,26 +1536,65 @@
    44.9 +--- ioemu.orig/vl.c	2007-05-03 10:24:03.000000000 +0100
   44.10 ++++ ioemu/vl.c	2007-05-03 10:24:04.000000000 +0100
   44.11 +@@ -1537,26 +1537,108 @@
   44.12       return chr;
   44.13   }
   44.14   
   44.15 -+int store_console_dev(int domid, char *pts)
   44.16 ++/*
   44.17 ++ * Create a store entry for a device (e.g., monitor, serial/parallel lines).
   44.18 ++ * The entry is <domain-path><storeString>/tty and the value is the name
   44.19 ++ * of the pty associated with the device.
   44.20 ++ */
   44.21 ++static int store_dev_info(char *devName, int domid,
   44.22 ++                          CharDriverState *cState, char *storeString)
   44.23  +{
   44.24  +    int xc_handle;
   44.25  +    struct xs_handle *xs;
   44.26  +    char *path;
   44.27 ++    char *newpath;
   44.28 ++    FDCharDriver *s;
   44.29 ++    char *pts;
   44.30  +
   44.31 ++    /* Check for valid arguments (at least, prevent segfaults). */
   44.32 ++    if ((devName == NULL) || (cState == NULL) || (storeString == NULL)) {
   44.33 ++        fprintf(logfile, "%s - invalid arguments\n", __FUNCTION__);
   44.34 ++        return EINVAL;
   44.35 ++    }
   44.36 ++
   44.37 ++    /*
   44.38 ++     * Only continue if we're talking to a pty
   44.39 ++     * Actually, the following code works for any CharDriverState using
   44.40 ++     * FDCharDriver, but we really only care about pty's here
   44.41 ++     */
   44.42 ++    if (strcmp(devName, "pty"))
   44.43 ++        return 0;
   44.44 ++
   44.45 ++    s = cState->opaque;
   44.46 ++    if (s == NULL) {
   44.47 ++        fprintf(logfile, "%s - unable to retrieve fd for '%s'/'%s'\n",
   44.48 ++                __FUNCTION__, storeString, devName);
   44.49 ++        return EBADF;
   44.50 ++    }
   44.51 ++
   44.52 ++    pts = ptsname(s->fd_in);
   44.53 ++    if (pts == NULL) {
   44.54 ++        fprintf(logfile, "%s - unable to determine ptsname '%s'/'%s', "
   44.55 ++                "error %d (%s)\n",
   44.56 ++                __FUNCTION__, storeString, devName, errno, strerror(errno));
   44.57 ++        return errno;
   44.58 ++    }
   44.59 ++
   44.60 ++    /* We now have everything we need to set the xenstore entry. */
   44.61  +    xs = xs_daemon_open();
   44.62  +    if (xs == NULL) {
   44.63  +        fprintf(logfile, "Could not contact XenStore\n");
   44.64 @@ -29,14 +68,19 @@ Index: ioemu/vl.c
   44.65  +        fprintf(logfile, "xs_get_domain_path() error\n");
   44.66  +        return -1;
   44.67  +    }
   44.68 -+    path = realloc(path, strlen(path) + strlen("/console/tty") + 1);
   44.69 -+    if (path == NULL) {
   44.70 ++    newpath = realloc(path, (strlen(path) + strlen(storeString) +
   44.71 ++                             strlen("/tty") + 1));
   44.72 ++    if (newpath == NULL) {
   44.73 ++        free(path); /* realloc errors leave old block */
   44.74  +        fprintf(logfile, "realloc error\n");
   44.75  +        return -1;
   44.76  +    }
   44.77 -+    strcat(path, "/console/tty");
   44.78 ++    path = newpath;
   44.79 ++
   44.80 ++    strcat(path, storeString);
   44.81 ++    strcat(path, "/tty");
   44.82  +    if (!xs_write(xs, XBT_NULL, path, pts, strlen(pts))) {
   44.83 -+        fprintf(logfile, "xs_write for console fail");
   44.84 ++        fprintf(logfile, "xs_write for '%s' fail", storeString);
   44.85  +        return -1;
   44.86  +    }
   44.87  +
   44.88 @@ -71,13 +115,12 @@ Index: ioemu/vl.c
   44.89  +    tcsetattr(slave_fd, TCSAFLUSH, &tty);
   44.90  +    
   44.91  +    fprintf(stderr, "char device redirected to %s\n", ptsname(master_fd));
   44.92 -+    store_console_dev(domid, ptsname(master_fd));
   44.93   
   44.94  -    fprintf(stderr, "char device redirected to %s\n", slave_name);
   44.95       return qemu_chr_open_fd(master_fd, master_fd);
   44.96   }
   44.97   
   44.98 -@@ -5868,7 +5907,9 @@
   44.99 +@@ -5881,7 +5963,9 @@
  44.100                   break;
  44.101               case QEMU_OPTION_nographic:
  44.102                   pstrcpy(monitor_device, sizeof(monitor_device), "stdio");
  44.103 @@ -88,3 +131,43 @@ Index: ioemu/vl.c
  44.104                   nographic = 1;
  44.105                   break;
  44.106               case QEMU_OPTION_kernel:
  44.107 +@@ -6348,16 +6432,23 @@
  44.108 +         fprintf(stderr, "qemu: could not open monitor device '%s'\n", monitor_device);
  44.109 +         exit(1);
  44.110 +     }
  44.111 ++    store_dev_info(monitor_device, domid, monitor_hd, "/monitor");
  44.112 +     monitor_init(monitor_hd, !nographic);
  44.113 + 
  44.114 +     for(i = 0; i < MAX_SERIAL_PORTS; i++) {
  44.115 +         if (serial_devices[i][0] != '\0') {
  44.116 ++            char buf[16];
  44.117 +             serial_hds[i] = qemu_chr_open(serial_devices[i]);
  44.118 +             if (!serial_hds[i]) {
  44.119 +                 fprintf(stderr, "qemu: could not open serial device '%s'\n", 
  44.120 +                         serial_devices[i]);
  44.121 +                 exit(1);
  44.122 +             }
  44.123 ++            snprintf(buf, sizeof(buf), "/serial/%d", i);
  44.124 ++            store_dev_info(serial_devices[i], domid, serial_hds[i], buf);
  44.125 ++            if (i == 0) /* serial 0 is also called the console */
  44.126 ++                store_dev_info(serial_devices[i], domid,
  44.127 ++                               serial_hds[i], "/console");
  44.128 +             if (!strcmp(serial_devices[i], "vc"))
  44.129 +                 qemu_chr_printf(serial_hds[i], "serial%d console\r\n", i);
  44.130 +         }
  44.131 +@@ -6365,12 +6456,15 @@
  44.132 + 
  44.133 +     for(i = 0; i < MAX_PARALLEL_PORTS; i++) {
  44.134 +         if (parallel_devices[i][0] != '\0') {
  44.135 ++            char buf[16];
  44.136 +             parallel_hds[i] = qemu_chr_open(parallel_devices[i]);
  44.137 +             if (!parallel_hds[i]) {
  44.138 +                 fprintf(stderr, "qemu: could not open parallel device '%s'\n", 
  44.139 +                         parallel_devices[i]);
  44.140 +                 exit(1);
  44.141 +             }
  44.142 ++            snprintf(buf, sizeof(buf), "/parallel/%d", i);
  44.143 ++            store_dev_info(parallel_devices[i], domid, parallel_hds[i], buf);
  44.144 +             if (!strcmp(parallel_devices[i], "vc"))
  44.145 +                 qemu_chr_printf(parallel_hds[i], "parallel%d console\r\n", i);
  44.146 +         }
    45.1 --- a/tools/ioemu/patches/tpm-tis-device	Thu May 03 11:22:58 2007 +0100
    45.2 +++ b/tools/ioemu/patches/tpm-tis-device	Thu May 03 15:39:45 2007 +0100
    45.3 @@ -22,8 +22,8 @@ Signed-off-by: Stefan Berger <stefanb@us
    45.4  
    45.5  Index: ioemu/Makefile.target
    45.6  ===================================================================
    45.7 ---- ioemu.orig/Makefile.target	2006-12-20 15:21:55.000000000 +0000
    45.8 -+++ ioemu/Makefile.target	2006-12-20 15:21:55.000000000 +0000
    45.9 +--- ioemu.orig/Makefile.target	2007-05-03 15:20:44.000000000 +0100
   45.10 ++++ ioemu/Makefile.target	2007-05-03 15:20:44.000000000 +0100
   45.11  @@ -369,6 +369,7 @@
   45.12   VL_OBJS+= piix4acpi.o
   45.13   VL_OBJS+= xenstore.o
   45.14 @@ -34,8 +34,8 @@ Index: ioemu/Makefile.target
   45.15   ifeq ($(TARGET_BASE_ARCH), ppc)
   45.16  Index: ioemu/hw/pc.c
   45.17  ===================================================================
   45.18 ---- ioemu.orig/hw/pc.c	2006-12-20 15:21:54.000000000 +0000
   45.19 -+++ ioemu/hw/pc.c	2006-12-20 15:21:55.000000000 +0000
   45.20 +--- ioemu.orig/hw/pc.c	2007-05-03 15:20:43.000000000 +0100
   45.21 ++++ ioemu/hw/pc.c	2007-05-03 15:20:44.000000000 +0100
   45.22  @@ -877,6 +877,9 @@
   45.23           }
   45.24       }
   45.25 @@ -49,8 +49,8 @@ Index: ioemu/hw/pc.c
   45.26  Index: ioemu/hw/tpm_tis.c
   45.27  ===================================================================
   45.28  --- /dev/null	1970-01-01 00:00:00.000000000 +0000
   45.29 -+++ ioemu/hw/tpm_tis.c	2006-12-20 15:21:55.000000000 +0000
   45.30 -@@ -0,0 +1,1120 @@
   45.31 ++++ ioemu/hw/tpm_tis.c	2007-05-03 15:20:44.000000000 +0100
   45.32 +@@ -0,0 +1,1128 @@
   45.33  +/*
   45.34  + * tpm_tis.c - QEMU emulator for a 1.2 TPM with TIS interface
   45.35  + *
   45.36 @@ -570,7 +570,7 @@ Index: ioemu/hw/tpm_tis.c
   45.37  +
   45.38  +#ifdef DEBUG_TPM
   45.39  +    fprintf(logfile," read(%08x) = %08x\n",
   45.40 -+            addr,
   45.41 ++            (int)addr,
   45.42  +            val);
   45.43  +#endif
   45.44  +
   45.45 @@ -591,7 +591,7 @@ Index: ioemu/hw/tpm_tis.c
   45.46  +
   45.47  +#ifdef DEBUG_TPM
   45.48  +    fprintf(logfile,"write(%08x) = %08x\n",
   45.49 -+            addr,
   45.50 ++            (int)addr,
   45.51  +            val);
   45.52  +#endif
   45.53  +
   45.54 @@ -810,10 +810,11 @@ Index: ioemu/hw/tpm_tis.c
   45.55  +static void tpm_save(QEMUFile* f,void* opaque)
   45.56  +{
   45.57  +    tpmState* s=(tpmState*)opaque;
   45.58 ++    uint8_t locty = s->active_loc;
   45.59  +    int c;
   45.60  +
   45.61  +    /* need to wait for outstanding requests to complete */
   45.62 -+    if (IS_COMM_WITH_VTPM(s)) {
   45.63 ++    if (s->loc[locty].state == STATE_EXECUTION) {
   45.64  +        int repeats = 30; /* 30 seconds; really should be infty */
   45.65  +        while (repeats > 0 &&
   45.66  +               !(s->loc[s->active_loc].sts & STS_DATA_AVAILABLE)) {
   45.67 @@ -821,6 +822,8 @@ Index: ioemu/hw/tpm_tis.c
   45.68  +            if (n > 0) {
   45.69  +                if (IS_VALID_LOC(s->active_loc)) {
   45.70  +                    s->loc[s->active_loc].sts = STS_VALID | STS_DATA_AVAILABLE;
   45.71 ++                    s->loc[s->active_loc].state = STATE_COMPLETION;
   45.72 ++                    tis_raise_irq(s, s->active_loc, INT_DATA_AVAILABLE);
   45.73  +                }
   45.74  +                /* close the connection with the vTPM for good */
   45.75  +                close_vtpm_channel(s, 1);
   45.76 @@ -830,6 +833,10 @@ Index: ioemu/hw/tpm_tis.c
   45.77  +        }
   45.78  +    }
   45.79  +
   45.80 ++    if (IS_COMM_WITH_VTPM(s)) {
   45.81 ++        close_vtpm_channel(s, 1);
   45.82 ++    }
   45.83 ++
   45.84  +    qemu_put_be32s(f,&s->offset);
   45.85  +    qemu_put_buffer(f, s->buffer.buf, TPM_MAX_PKT);
   45.86  +    qemu_put_8s(f, &s->active_loc);
   45.87 @@ -929,6 +936,7 @@ Index: ioemu/hw/tpm_tis.c
   45.88  +    s->Transmitlayer = -1;
   45.89  +    s->tpmTx.fd[0] = -1;
   45.90  +    s->tpmTx.fd[1] = -1;
   45.91 ++    s->aborting_locty = NO_LOCALITY;
   45.92  +
   45.93  +    tpm_initialize_instance(s, s->vtpm_instance);
   45.94  +    memset(s->buffer.buf,0,sizeof(s->buffer.buf));
   45.95 @@ -1046,7 +1054,7 @@ Index: ioemu/hw/tpm_tis.c
   45.96  +        uint32_t size = tpm_get_size_from_buffer(buffer->buf);
   45.97  +        if (size + sizeof(buffer->instance) != off) {
   45.98  +            fprintf(logfile,"TPM: Packet size is bad! %d != %d\n",
   45.99 -+                    size + sizeof(buffer->instance),
  45.100 ++                    (int)(size + sizeof(buffer->instance)),
  45.101  +                    off);
  45.102  +        } else {
  45.103  +            uint32_t ret;
  45.104 @@ -1173,9 +1181,9 @@ Index: ioemu/hw/tpm_tis.c
  45.105  +}
  45.106  Index: ioemu/vl.h
  45.107  ===================================================================
  45.108 ---- ioemu.orig/vl.h	2006-12-20 15:21:55.000000000 +0000
  45.109 -+++ ioemu/vl.h	2006-12-20 15:21:55.000000000 +0000
  45.110 -@@ -932,6 +932,10 @@
  45.111 +--- ioemu.orig/vl.h	2007-05-03 15:20:44.000000000 +0100
  45.112 ++++ ioemu/vl.h	2007-05-03 15:20:44.000000000 +0100
  45.113 +@@ -933,6 +933,10 @@
  45.114   void piix4_pm_init(PCIBus *bus, int devfn);
  45.115   void acpi_bios_init(void);
  45.116   
    46.1 --- a/tools/ioemu/patches/usb-mouse-tablet-status-check	Thu May 03 11:22:58 2007 +0100
    46.2 +++ b/tools/ioemu/patches/usb-mouse-tablet-status-check	Thu May 03 15:39:45 2007 +0100
    46.3 @@ -16,10 +16,11 @@ This patch make UHC & USB mouse/tablet b
    46.4  
    46.5  Signed-off-by: Xinmei Huang <xinmei.huang@intel.com>
    46.6  
    46.7 -diff -r fb3cb6f52a29 -r 60bbcf799384 tools/ioemu/hw/usb-hid.c
    46.8 ---- a/tools/ioemu/hw/usb-hid.c	Thu Dec 07 11:51:22 2006 +0000
    46.9 -+++ b/tools/ioemu/hw/usb-hid.c	Thu Dec 07 11:52:26 2006 +0000
   46.10 -@@ -39,6 +39,7 @@ typedef struct USBMouseState {
   46.11 +Index: ioemu/hw/usb-hid.c
   46.12 +===================================================================
   46.13 +--- ioemu.orig/hw/usb-hid.c	2007-05-02 14:21:51.000000000 +0100
   46.14 ++++ ioemu/hw/usb-hid.c	2007-05-02 14:23:54.000000000 +0100
   46.15 +@@ -39,6 +39,7 @@
   46.16       int x, y;
   46.17       int kind;
   46.18       int mouse_grabbed;
   46.19 @@ -27,7 +28,7 @@ diff -r fb3cb6f52a29 -r 60bbcf799384 too
   46.20   } USBMouseState;
   46.21   
   46.22   /* mostly the same values as the Bochs USB Mouse device */
   46.23 -@@ -231,6 +232,7 @@ static void usb_mouse_event(void *opaque
   46.24 +@@ -231,6 +232,7 @@
   46.25       s->dy += dy1;
   46.26       s->dz += dz1;
   46.27       s->buttons_state = buttons_state;
   46.28 @@ -35,7 +36,7 @@ diff -r fb3cb6f52a29 -r 60bbcf799384 too
   46.29   }
   46.30   
   46.31   static void usb_tablet_event(void *opaque,
   46.32 -@@ -242,6 +244,7 @@ static void usb_tablet_event(void *opaqu
   46.33 +@@ -242,6 +244,7 @@
   46.34       s->y = y;
   46.35       s->dz += dz;
   46.36       s->buttons_state = buttons_state;
   46.37 @@ -43,7 +44,7 @@ diff -r fb3cb6f52a29 -r 60bbcf799384 too
   46.38   }
   46.39   
   46.40   static inline int int_clamp(int val, int vmin, int vmax)
   46.41 -@@ -483,10 +486,16 @@ static int usb_mouse_handle_data(USBDevi
   46.42 +@@ -483,10 +486,16 @@
   46.43       switch(pid) {
   46.44       case USB_TOKEN_IN:
   46.45           if (devep == 1) {
   46.46 @@ -64,7 +65,7 @@ diff -r fb3cb6f52a29 -r 60bbcf799384 too
   46.47           } else {
   46.48               goto fail;
   46.49           }
   46.50 -@@ -523,6 +532,7 @@ USBDevice *usb_tablet_init(void)
   46.51 +@@ -566,6 +575,7 @@
   46.52       s->dev.handle_data = usb_mouse_handle_data;
   46.53       s->dev.handle_destroy = usb_mouse_handle_destroy;
   46.54       s->kind = USB_TABLET;
   46.55 @@ -72,7 +73,7 @@ diff -r fb3cb6f52a29 -r 60bbcf799384 too
   46.56   
   46.57       pstrcpy(s->dev.devname, sizeof(s->dev.devname), "QEMU USB Tablet");
   46.58   
   46.59 -@@ -544,6 +554,7 @@ USBDevice *usb_mouse_init(void)
   46.60 +@@ -589,6 +599,7 @@
   46.61       s->dev.handle_data = usb_mouse_handle_data;
   46.62       s->dev.handle_destroy = usb_mouse_handle_destroy;
   46.63       s->kind = USB_MOUSE;
   46.64 @@ -80,27 +81,45 @@ diff -r fb3cb6f52a29 -r 60bbcf799384 too
   46.65   
   46.66       pstrcpy(s->dev.devname, sizeof(s->dev.devname), "QEMU USB Mouse");
   46.67   
   46.68 -diff -r fb3cb6f52a29 -r 60bbcf799384 tools/ioemu/hw/usb-uhci.c
   46.69 ---- a/tools/ioemu/hw/usb-uhci.c	Thu Dec 07 11:51:22 2006 +0000
   46.70 -+++ b/tools/ioemu/hw/usb-uhci.c	Thu Dec 07 11:52:26 2006 +0000
   46.71 -@@ -424,12 +424,10 @@ static int uhci_handle_td(UHCIState *s, 
   46.72 +Index: ioemu/hw/usb-uhci.c
   46.73 +===================================================================
   46.74 +--- ioemu.orig/hw/usb-uhci.c	2007-05-02 14:23:54.000000000 +0100
   46.75 ++++ ioemu/hw/usb-uhci.c	2007-05-02 14:23:54.000000000 +0100
   46.76 +@@ -43,9 +43,15 @@
   46.77 + #define TD_CTRL_IOC     (1 << 24)
   46.78 + #define TD_CTRL_ACTIVE  (1 << 23)
   46.79 + #define TD_CTRL_STALL   (1 << 22)
   46.80 ++#define TD_CTRL_BUFFER  (1 << 21)
   46.81 + #define TD_CTRL_BABBLE  (1 << 20)
   46.82 + #define TD_CTRL_NAK     (1 << 19)
   46.83 + #define TD_CTRL_TIMEOUT (1 << 18)
   46.84 ++#define TD_CTRL_BITSTUFF                                 \
   46.85 ++                        (1 << 17)
   46.86 ++#define TD_CTRL_MASK                                     \
   46.87 ++    (TD_CTRL_BITSTUFF | TD_CTRL_TIMEOUT | TD_CTRL_NAK    \
   46.88 ++     | TD_CTRL_BABBLE | TD_CTRL_BUFFER | TD_CTRL_STALL)
   46.89 + 
   46.90 + #define UHCI_PORT_RESET (1 << 9)
   46.91 + #define UHCI_PORT_LSDA  (1 << 8)
   46.92 +@@ -424,12 +430,12 @@
   46.93       uint8_t buf[2048];
   46.94       int len, max_len, err, ret;
   46.95   
   46.96  -    if (td->ctrl & TD_CTRL_IOC) {
   46.97  -        *int_mask |= 0x01;
   46.98 --    }
   46.99 ++    if (!(td->ctrl & TD_CTRL_ACTIVE)){
  46.100 ++        ret = 1;
  46.101 ++        goto out;
  46.102 +     }
  46.103  -    
  46.104  -    if (!(td->ctrl & TD_CTRL_ACTIVE))
  46.105  -        return 1;
  46.106 -+    if (!(td->ctrl & TD_CTRL_ACTIVE)){
  46.107 -+        ret = 1;
  46.108 -+        goto out;
  46.109 -+    }
  46.110 ++    /* Clear TD's status field explicitly */
  46.111 ++    td->ctrl = td->ctrl & (~TD_CTRL_MASK);
  46.112   
  46.113       /* TD is active */
  46.114       max_len = ((td->token >> 21) + 1) & 0x7ff;
  46.115 -@@ -467,7 +465,8 @@ static int uhci_handle_td(UHCIState *s, 
  46.116 +@@ -467,7 +473,8 @@
  46.117           /* invalid pid : frame interrupted */
  46.118           s->status |= UHCI_STS_HCPERR;
  46.119           uhci_update_irq(s);
  46.120 @@ -110,7 +129,7 @@ diff -r fb3cb6f52a29 -r 60bbcf799384 too
  46.121       }
  46.122       if (td->ctrl & TD_CTRL_IOS)
  46.123           td->ctrl &= ~TD_CTRL_ACTIVE;
  46.124 -@@ -479,10 +478,12 @@ static int uhci_handle_td(UHCIState *s, 
  46.125 +@@ -479,10 +486,12 @@
  46.126               len < max_len) {
  46.127               *int_mask |= 0x02;
  46.128               /* short packet: do not update QH */
  46.129 @@ -125,7 +144,7 @@ diff -r fb3cb6f52a29 -r 60bbcf799384 too
  46.130           }
  46.131       } else {
  46.132           switch(ret) {
  46.133 -@@ -501,23 +502,34 @@ static int uhci_handle_td(UHCIState *s, 
  46.134 +@@ -501,23 +510,34 @@
  46.135               }
  46.136               td->ctrl = (td->ctrl & ~(3 << TD_CTRL_ERROR_SHIFT)) | 
  46.137                   (err << TD_CTRL_ERROR_SHIFT);
  46.138 @@ -150,12 +169,10 @@ diff -r fb3cb6f52a29 -r 60bbcf799384 too
  46.139               td->ctrl &= ~TD_CTRL_ACTIVE;
  46.140               /* frame interrupted */
  46.141  -            return -1;
  46.142 --        }
  46.143 --    }
  46.144  +            ret = -1;
  46.145  +            goto out;
  46.146 -+        }
  46.147 -+    }
  46.148 +         }
  46.149 +     }
  46.150  +   
  46.151  +out:
  46.152  +    /* If TD is inactive and IOC bit set to 1 then update int_mask */ 
    47.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    47.2 +++ b/tools/ioemu/patches/vnc-altgr-keysym	Thu May 03 15:39:45 2007 +0100
    47.3 @@ -0,0 +1,24 @@
    47.4 +Index: ioemu/keymaps/modifiers
    47.5 +===================================================================
    47.6 +--- ioemu.orig/keymaps/modifiers	2007-05-02 10:30:05.000000000 +0100
    47.7 ++++ ioemu/keymaps/modifiers	2007-05-03 15:02:56.000000000 +0100
    47.8 +@@ -3,6 +3,7 @@
    47.9 + 
   47.10 + Alt_R 0xb8
   47.11 + Mode_switch 0xb8
   47.12 ++ISO_Level3_Switch 0xb8
   47.13 + Alt_L 0x38
   47.14 + 
   47.15 + Control_R 0x9d
   47.16 +Index: ioemu/vnc_keysym.h
   47.17 +===================================================================
   47.18 +--- ioemu.orig/vnc_keysym.h	2007-05-03 15:02:10.000000000 +0100
   47.19 ++++ ioemu/vnc_keysym.h	2007-05-03 15:03:03.000000000 +0100
   47.20 +@@ -215,6 +215,7 @@
   47.21 + {"Shift_R", 0xffe2},   /* XK_Shift_R */
   47.22 + {"Super_L", 0xffeb},   /* XK_Super_L */
   47.23 + {"Super_R", 0xffec},   /* XK_Super_R */
   47.24 ++{"ISO_Level3_Shift", 0xfe03}, /* XK_ISO_Level3_Shift */
   47.25 + 
   47.26 +     /* special keys */
   47.27 + {"BackSpace", 0xff08}, /* XK_BackSpace */
    48.1 --- a/tools/ioemu/patches/vnc-backoff-screen-scan	Thu May 03 11:22:58 2007 +0100
    48.2 +++ b/tools/ioemu/patches/vnc-backoff-screen-scan	Thu May 03 15:39:45 2007 +0100
    48.3 @@ -1,7 +1,7 @@
    48.4  Index: ioemu/vnc.c
    48.5  ===================================================================
    48.6 ---- ioemu.orig/vnc.c	2006-12-06 23:46:12.000000000 +0000
    48.7 -+++ ioemu/vnc.c	2006-12-06 23:46:12.000000000 +0000
    48.8 +--- ioemu.orig/vnc.c	2007-05-03 10:07:56.000000000 +0100
    48.9 ++++ ioemu/vnc.c	2007-05-03 10:07:56.000000000 +0100
   48.10  @@ -28,7 +28,19 @@
   48.11   #include "qemu_socket.h"
   48.12   #include <assert.h>
   48.13 @@ -356,9 +356,9 @@ Index: ioemu/vnc.c
   48.14       case 6:
   48.15  Index: ioemu/vl.c
   48.16  ===================================================================
   48.17 ---- ioemu.orig/vl.c	2006-12-06 23:46:12.000000000 +0000
   48.18 -+++ ioemu/vl.c	2006-12-06 23:46:12.000000000 +0000
   48.19 -@@ -726,6 +726,12 @@
   48.20 +--- ioemu.orig/vl.c	2007-05-03 10:07:56.000000000 +0100
   48.21 ++++ ioemu/vl.c	2007-05-03 10:07:56.000000000 +0100
   48.22 +@@ -725,6 +725,12 @@
   48.23       }
   48.24   }
   48.25   
   48.26 @@ -373,8 +373,8 @@ Index: ioemu/vl.c
   48.27   void qemu_mod_timer(QEMUTimer *ts, int64_t expire_time)
   48.28  Index: ioemu/vl.h
   48.29  ===================================================================
   48.30 ---- ioemu.orig/vl.h	2006-12-06 23:46:12.000000000 +0000
   48.31 -+++ ioemu/vl.h	2006-12-06 23:46:12.000000000 +0000
   48.32 +--- ioemu.orig/vl.h	2007-05-03 10:07:56.000000000 +0100
   48.33 ++++ ioemu/vl.h	2007-05-03 10:07:56.000000000 +0100
   48.34  @@ -407,6 +407,7 @@
   48.35   void qemu_free_timer(QEMUTimer *ts);
   48.36   void qemu_del_timer(QEMUTimer *ts);
    49.1 --- a/tools/ioemu/patches/vnc-cleanup	Thu May 03 11:22:58 2007 +0100
    49.2 +++ b/tools/ioemu/patches/vnc-cleanup	Thu May 03 15:39:45 2007 +0100
    49.3 @@ -1,7 +1,7 @@
    49.4  Index: ioemu/vnc.c
    49.5  ===================================================================
    49.6 ---- ioemu.orig/vnc.c	2006-09-21 18:54:22.000000000 +0100
    49.7 -+++ ioemu/vnc.c	2006-09-21 19:05:39.000000000 +0100
    49.8 +--- ioemu.orig/vnc.c	2007-05-03 09:56:31.000000000 +0100
    49.9 ++++ ioemu/vnc.c	2007-05-03 10:07:55.000000000 +0100
   49.10  @@ -143,13 +143,16 @@
   49.11   static void vnc_dpy_update(DisplayState *ds, int x, int y, int w, int h)
   49.12   {
   49.13 @@ -90,9 +90,9 @@ Index: ioemu/vnc.c
   49.14   static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings)
   49.15  Index: ioemu/vl.c
   49.16  ===================================================================
   49.17 ---- ioemu.orig/vl.c	2006-09-21 18:55:38.000000000 +0100
   49.18 -+++ ioemu/vl.c	2006-09-21 19:00:48.000000000 +0100
   49.19 -@@ -5120,10 +5120,10 @@
   49.20 +--- ioemu.orig/vl.c	2007-05-03 10:07:54.000000000 +0100
   49.21 ++++ ioemu/vl.c	2007-05-03 10:07:55.000000000 +0100
   49.22 +@@ -5195,10 +5195,10 @@
   49.23           /* XXX: better handling of removal */
   49.24           for(ioh = first_io_handler; ioh != NULL; ioh = ioh_next) {
   49.25               ioh_next = ioh->next;
    50.1 --- a/tools/ioemu/patches/vnc-display-find-unused	Thu May 03 11:22:58 2007 +0100
    50.2 +++ b/tools/ioemu/patches/vnc-display-find-unused	Thu May 03 15:39:45 2007 +0100
    50.3 @@ -1,7 +1,7 @@
    50.4  Index: ioemu/vnc.c
    50.5  ===================================================================
    50.6 ---- ioemu.orig/vnc.c	2006-12-20 15:21:52.000000000 +0000
    50.7 -+++ ioemu/vnc.c	2006-12-20 15:21:52.000000000 +0000
    50.8 +--- ioemu.orig/vnc.c	2007-05-03 10:24:06.000000000 +0100
    50.9 ++++ ioemu/vnc.c	2007-05-03 10:24:06.000000000 +0100
   50.10  @@ -1197,7 +1197,7 @@
   50.11       }
   50.12   }
   50.13 @@ -50,9 +50,9 @@ Index: ioemu/vnc.c
   50.14   int vnc_start_viewer(int port)
   50.15  Index: ioemu/vl.c
   50.16  ===================================================================
   50.17 ---- ioemu.orig/vl.c	2006-12-20 15:21:51.000000000 +0000
   50.18 -+++ ioemu/vl.c	2006-12-20 15:21:52.000000000 +0000
   50.19 -@@ -121,6 +121,7 @@
   50.20 +--- ioemu.orig/vl.c	2007-05-03 10:24:06.000000000 +0100
   50.21 ++++ ioemu/vl.c	2007-05-03 10:24:06.000000000 +0100
   50.22 +@@ -122,6 +122,7 @@
   50.23   static DisplayState display_state;
   50.24   int nographic;
   50.25   int vncviewer;
   50.26 @@ -60,23 +60,23 @@ Index: ioemu/vl.c
   50.27   const char* keyboard_layout = NULL;
   50.28   int64_t ticks_per_sec;
   50.29   int boot_device = 'c';
   50.30 -@@ -5342,6 +5343,7 @@
   50.31 +@@ -5417,6 +5418,7 @@
   50.32              "-loadvm file    start right away with a saved state (loadvm in monitor)\n"
   50.33   	   "-vnc display    start a VNC server on display\n"
   50.34              "-vncviewer      start a vncviewer process for this domain\n"
   50.35  +           "-vncunused      bind the VNC server to an unused port\n"
   50.36 -            "-timeoffset     time offset (in seconds) from local time\n"
   50.37              "-acpi           disable or enable ACPI of HVM domain \n"
   50.38              "\n"
   50.39 -@@ -5431,6 +5433,7 @@
   50.40 -     QEMU_OPTION_timeoffset,
   50.41 +            "During emulation, the following keys are useful:\n"
   50.42 +@@ -5504,6 +5506,7 @@
   50.43 +     QEMU_OPTION_vcpus,
   50.44       QEMU_OPTION_acpi,
   50.45       QEMU_OPTION_vncviewer,
   50.46  +    QEMU_OPTION_vncunused,
   50.47   };
   50.48   
   50.49   typedef struct QEMUOption {
   50.50 -@@ -5506,6 +5509,7 @@
   50.51 +@@ -5579,6 +5582,7 @@
   50.52       { "smp", HAS_ARG, QEMU_OPTION_smp },
   50.53       { "vnc", HAS_ARG, QEMU_OPTION_vnc },
   50.54       { "vncviewer", 0, QEMU_OPTION_vncviewer },
   50.55 @@ -84,7 +84,7 @@ Index: ioemu/vl.c
   50.56       
   50.57       /* temporary options */
   50.58       { "usb", 0, QEMU_OPTION_usb },
   50.59 -@@ -5857,6 +5861,7 @@
   50.60 +@@ -5938,6 +5942,7 @@
   50.61       snapshot = 0;
   50.62       nographic = 0;
   50.63       vncviewer = 0;
   50.64 @@ -92,7 +92,7 @@ Index: ioemu/vl.c
   50.65       kernel_filename = NULL;
   50.66       kernel_cmdline = "";
   50.67   #ifdef TARGET_PPC
   50.68 -@@ -6254,6 +6259,11 @@
   50.69 +@@ -6336,6 +6341,11 @@
   50.70               case QEMU_OPTION_vncviewer:
   50.71                   vncviewer++;
   50.72                   break;
   50.73 @@ -104,7 +104,7 @@ Index: ioemu/vl.c
   50.74               }
   50.75           }
   50.76       }
   50.77 -@@ -6460,7 +6470,7 @@
   50.78 +@@ -6537,7 +6547,7 @@
   50.79       if (nographic) {
   50.80           dumb_display_init(ds);
   50.81       } else if (vnc_display != -1) {
   50.82 @@ -115,8 +115,8 @@ Index: ioemu/vl.c
   50.83       } else {
   50.84  Index: ioemu/vl.h
   50.85  ===================================================================
   50.86 ---- ioemu.orig/vl.h	2006-12-20 15:21:51.000000000 +0000
   50.87 -+++ ioemu/vl.h	2006-12-20 15:21:52.000000000 +0000
   50.88 +--- ioemu.orig/vl.h	2007-05-03 10:24:06.000000000 +0100
   50.89 ++++ ioemu/vl.h	2007-05-03 10:24:06.000000000 +0100
   50.90  @@ -785,7 +785,7 @@
   50.91   void cocoa_display_init(DisplayState *ds, int full_screen);
   50.92   
    51.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    51.2 +++ b/tools/ioemu/patches/vnc-fix-signedness	Thu May 03 15:39:45 2007 +0100
    51.3 @@ -0,0 +1,222 @@
    51.4 +# HG changeset patch
    51.5 +# User kaf24@localhost.localdomain
    51.6 +# Date 1167325891 0
    51.7 +# Node ID ede2f5280810789c3cb37603cf2e6b34c60982b1
    51.8 +# Parent  a138fabc2120376cfb4bf72596a334a1edf8adb0
    51.9 +[QEMU] Fix a number of signedness issues plus a typo in the version checking in vnc.c.
   51.10 +Signed-off-by:  Anthony Liguori <aliguori@us.ibm.com>
   51.11 +
   51.12 +Index: ioemu/vnc.c
   51.13 +===================================================================
   51.14 +--- ioemu.orig/vnc.c	2007-05-02 14:03:41.000000000 +0100
   51.15 ++++ ioemu/vnc.c	2007-05-02 14:03:42.000000000 +0100
   51.16 +@@ -54,12 +54,12 @@
   51.17 + {
   51.18 +     size_t capacity;
   51.19 +     size_t offset;
   51.20 +-    char *buffer;
   51.21 ++    uint8_t *buffer;
   51.22 + } Buffer;
   51.23 + 
   51.24 + typedef struct VncState VncState;
   51.25 + 
   51.26 +-typedef int VncReadEvent(VncState *vs, char *data, size_t len);
   51.27 ++typedef int VncReadEvent(VncState *vs, uint8_t *data, size_t len);
   51.28 + 
   51.29 + typedef void VncWritePixels(VncState *vs, void *data, int size);
   51.30 + 
   51.31 +@@ -90,7 +90,7 @@
   51.32 +     uint64_t *update_row;	/* outstanding updates */
   51.33 +     int has_update;		/* there's outstanding updates in the
   51.34 + 				 * visible area */
   51.35 +-    char *old_data;
   51.36 ++    uint8_t *old_data;
   51.37 +     int depth; /* internal VNC frame buffer byte per pixel */
   51.38 +     int has_resize;
   51.39 +     int has_hextile;
   51.40 +@@ -140,7 +140,7 @@
   51.41 + static void vnc_update_client(void *opaque);
   51.42 + static void vnc_client_read(void *opaque);
   51.43 + static void framebuffer_set_updated(VncState *vs, int x, int y, int w, int h);
   51.44 +-static int make_challenge(char *random, int size);
   51.45 ++static int make_challenge(unsigned char *random, int size);
   51.46 + static void set_seed(unsigned int *seedp);
   51.47 + static void get_random(int len, unsigned char *buf);
   51.48 + 
   51.49 +@@ -330,7 +330,7 @@
   51.50 + static void send_framebuffer_update_raw(VncState *vs, int x, int y, int w, int h)
   51.51 + {
   51.52 +     int i;
   51.53 +-    char *row;
   51.54 ++    uint8_t *row;
   51.55 + 
   51.56 +     vnc_framebuffer_update(vs, x, y, w, h, 0);
   51.57 + 
   51.58 +@@ -394,9 +394,9 @@
   51.59 + static void vnc_copy(DisplayState *ds, int src_x, int src_y, int dst_x, int dst_y, int w, int h)
   51.60 + {
   51.61 +     int src, dst;
   51.62 +-    char *src_row;
   51.63 +-    char *dst_row;
   51.64 +-    char *old_row;
   51.65 ++    uint8_t *src_row;
   51.66 ++    uint8_t *dst_row;
   51.67 ++    uint8_t *old_row;
   51.68 +     int y = 0;
   51.69 +     int pitch = ds->linesize;
   51.70 +     VncState *vs = ds->opaque;
   51.71 +@@ -465,8 +465,8 @@
   51.72 +     VncState *vs = opaque;
   51.73 +     int64_t now;
   51.74 +     int y;
   51.75 +-    char *row;
   51.76 +-    char *old_row;
   51.77 ++    uint8_t *row;
   51.78 ++    uint8_t *old_row;
   51.79 +     uint64_t width_mask;
   51.80 +     int n_rectangles;
   51.81 +     int saved_offset;
   51.82 +@@ -491,7 +491,7 @@
   51.83 +     for (y = 0; y < vs->ds->height; y++) {
   51.84 + 	if (vs->dirty_row[y] & width_mask) {
   51.85 + 	    int x;
   51.86 +-	    char *ptr, *old_ptr;
   51.87 ++	    uint8_t *ptr, *old_ptr;
   51.88 + 
   51.89 + 	    ptr = row;
   51.90 + 	    old_ptr = old_row;
   51.91 +@@ -654,7 +654,7 @@
   51.92 +     return buffer->offset == 0;
   51.93 + }
   51.94 + 
   51.95 +-static char *buffer_end(Buffer *buffer)
   51.96 ++static uint8_t *buffer_end(Buffer *buffer)
   51.97 + {
   51.98 +     return buffer->buffer + buffer->offset;
   51.99 + }
  51.100 +@@ -778,7 +778,7 @@
  51.101 + 
  51.102 + static void vnc_write_u16(VncState *vs, uint16_t value)
  51.103 + {
  51.104 +-    char buf[2];
  51.105 ++    uint8_t buf[2];
  51.106 + 
  51.107 +     buf[0] = (value >> 8) & 0xFF;
  51.108 +     buf[1] = value & 0xFF;
  51.109 +@@ -788,7 +788,7 @@
  51.110 + 
  51.111 + static void vnc_write_u8(VncState *vs, uint8_t value)
  51.112 + {
  51.113 +-    vnc_write(vs, (char *)&value, 1);
  51.114 ++    vnc_write(vs, &value, 1);
  51.115 + }
  51.116 + 
  51.117 + static void vnc_flush(VncState *vs)
  51.118 +@@ -797,23 +797,23 @@
  51.119 + 	vnc_client_write(vs);
  51.120 + }
  51.121 + 
  51.122 +-static uint8_t read_u8(char *data, size_t offset)
  51.123 ++static uint8_t read_u8(uint8_t *data, size_t offset)
  51.124 + {
  51.125 +     return data[offset];
  51.126 + }
  51.127 + 
  51.128 +-static uint16_t read_u16(char *data, size_t offset)
  51.129 ++static uint16_t read_u16(uint8_t *data, size_t offset)
  51.130 + {
  51.131 +     return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF);
  51.132 + }
  51.133 + 
  51.134 +-static int32_t read_s32(char *data, size_t offset)
  51.135 ++static int32_t read_s32(uint8_t *data, size_t offset)
  51.136 + {
  51.137 +     return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) |
  51.138 + 		     (data[offset + 2] << 8) | data[offset + 3]);
  51.139 + }
  51.140 + 
  51.141 +-static uint32_t read_u32(char *data, size_t offset)
  51.142 ++static uint32_t read_u32(uint8_t *data, size_t offset)
  51.143 + {
  51.144 +     return ((data[offset] << 24) | (data[offset + 1] << 16) |
  51.145 + 	    (data[offset + 2] << 8) | data[offset + 3]);
  51.146 +@@ -1115,11 +1115,10 @@
  51.147 +     vga_hw_update();
  51.148 + }
  51.149 + 
  51.150 +-static int protocol_client_msg(VncState *vs, char *data, size_t len)
  51.151 ++static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
  51.152 + {
  51.153 +     int i;
  51.154 +     uint16_t limit;
  51.155 +-    int64_t now;
  51.156 + 
  51.157 +     switch (data[0]) {
  51.158 +     case 0:
  51.159 +@@ -1188,7 +1187,7 @@
  51.160 + 		return 8 + v;
  51.161 + 	}
  51.162 + 
  51.163 +-	client_cut_text(vs, read_u32(data, 4), data + 8);
  51.164 ++	client_cut_text(vs, read_u32(data, 4), (char *)(data + 8));
  51.165 + 	break;
  51.166 +     default:
  51.167 + 	printf("Msg: %d\n", data[0]);
  51.168 +@@ -1200,7 +1199,7 @@
  51.169 +     return 0;
  51.170 + }
  51.171 + 
  51.172 +-static int protocol_client_init(VncState *vs, char *data, size_t len)
  51.173 ++static int protocol_client_init(VncState *vs, uint8_t *data, size_t len)
  51.174 + {
  51.175 +     size_t l;
  51.176 +     char pad[3] = { 0, 0, 0 };
  51.177 +@@ -1261,7 +1260,7 @@
  51.178 +     return 0;
  51.179 + }
  51.180 + 
  51.181 +-static int protocol_response(VncState *vs, char *client_response, size_t len)
  51.182 ++static int protocol_response(VncState *vs, uint8_t *client_response, size_t len)
  51.183 + {
  51.184 +     extern char vncpasswd[64];
  51.185 +     extern unsigned char challenge[AUTHCHALLENGESIZE];
  51.186 +@@ -1299,7 +1298,7 @@
  51.187 +     return 0;
  51.188 + }
  51.189 + 
  51.190 +-static int protocol_version(VncState *vs, char *version, size_t len)
  51.191 ++static int protocol_version(VncState *vs, uint8_t *version, size_t len)
  51.192 + {
  51.193 +     extern char vncpasswd[64];
  51.194 +     extern unsigned char challenge[AUTHCHALLENGESIZE];
  51.195 +@@ -1474,7 +1473,7 @@
  51.196 + 
  51.197 + unsigned int seed;
  51.198 + 
  51.199 +-static int make_challenge(char *random, int size)
  51.200 ++static int make_challenge(unsigned char *random, int size)
  51.201 + {
  51.202 +  
  51.203 +     set_seed(&seed);
  51.204 +Index: ioemu/vnchextile.h
  51.205 +===================================================================
  51.206 +--- ioemu.orig/vnchextile.h	2007-05-02 14:03:13.000000000 +0100
  51.207 ++++ ioemu/vnchextile.h	2007-05-02 14:03:42.000000000 +0100
  51.208 +@@ -13,7 +13,7 @@
  51.209 +                                              uint32_t *last_fg32,
  51.210 +                                              int *has_bg, int *has_fg)
  51.211 + {
  51.212 +-    char *row = (vs->ds->data + y * vs->ds->linesize + x * vs->depth);
  51.213 ++    uint8_t *row = (vs->ds->data + y * vs->ds->linesize + x * vs->depth);
  51.214 +     pixel_t *irow = (pixel_t *)row;
  51.215 +     int j, i;
  51.216 +     pixel_t *last_bg = (pixel_t *)last_bg32;
  51.217 +@@ -119,7 +119,7 @@
  51.218 + 	for (j = 0; j < h; j++) {
  51.219 + 	    int has_color = 0;
  51.220 + 	    int min_x = -1;
  51.221 +-	    pixel_t color;
  51.222 ++	    pixel_t color = 0;
  51.223 + 
  51.224 + 	    for (i = 0; i < w; i++) {
  51.225 + 		if (!has_color) {
    52.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    52.2 +++ b/tools/ioemu/patches/vnc-fix-version-check	Thu May 03 15:39:45 2007 +0100
    52.3 @@ -0,0 +1,13 @@
    52.4 +Index: ioemu/vnc.c
    52.5 +===================================================================
    52.6 +--- ioemu.orig/vnc.c	2007-05-02 10:47:41.000000000 +0100
    52.7 ++++ ioemu/vnc.c	2007-05-02 10:47:42.000000000 +0100
    52.8 +@@ -1317,7 +1317,7 @@
    52.9 + 
   52.10 + 
   52.11 +     support = 0;
   52.12 +-    if (maj = 3) {
   52.13 ++    if (maj == 3) {
   52.14 + 	if (min == 3 || min ==4) {
   52.15 + 	    support = 1;
   52.16 + 	}
    53.1 --- a/tools/ioemu/patches/vnc-fixes	Thu May 03 11:22:58 2007 +0100
    53.2 +++ b/tools/ioemu/patches/vnc-fixes	Thu May 03 15:39:45 2007 +0100
    53.3 @@ -1,8 +1,8 @@
    53.4  Index: ioemu/vl.c
    53.5  ===================================================================
    53.6 ---- ioemu.orig/vl.c	2006-12-20 15:21:51.000000000 +0000
    53.7 -+++ ioemu/vl.c	2006-12-20 15:21:51.000000000 +0000
    53.8 -@@ -6511,8 +6511,10 @@
    53.9 +--- ioemu.orig/vl.c	2007-05-03 10:24:05.000000000 +0100
   53.10 ++++ ioemu/vl.c	2007-05-03 10:24:05.000000000 +0100
   53.11 +@@ -6597,8 +6597,10 @@
   53.12           }
   53.13       }
   53.14   
   53.15 @@ -17,8 +17,8 @@ Index: ioemu/vl.c
   53.16       if (use_gdbstub) {
   53.17  Index: ioemu/vnc.c
   53.18  ===================================================================
   53.19 ---- ioemu.orig/vnc.c	2006-12-20 15:21:51.000000000 +0000
   53.20 -+++ ioemu/vnc.c	2006-12-20 15:21:51.000000000 +0000
   53.21 +--- ioemu.orig/vnc.c	2007-05-03 10:24:05.000000000 +0100
   53.22 ++++ ioemu/vnc.c	2007-05-03 10:24:05.000000000 +0100
   53.23  @@ -3,6 +3,7 @@
   53.24    * 
   53.25    * Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws>
   53.26 @@ -531,8 +531,8 @@ Index: ioemu/vnc.c
   53.27   }
   53.28  Index: ioemu/vl.h
   53.29  ===================================================================
   53.30 ---- ioemu.orig/vl.h	2006-12-20 15:21:51.000000000 +0000
   53.31 -+++ ioemu/vl.h	2006-12-20 15:21:51.000000000 +0000
   53.32 +--- ioemu.orig/vl.h	2007-05-03 10:24:05.000000000 +0100
   53.33 ++++ ioemu/vl.h	2007-05-03 10:24:05.000000000 +0100
   53.34  @@ -319,6 +319,7 @@
   53.35   int is_graphic_console(void);
   53.36   CharDriverState *text_console_init(DisplayState *ds);
    54.1 --- a/tools/ioemu/patches/vnc-listen-specific-interface	Thu May 03 11:22:58 2007 +0100
    54.2 +++ b/tools/ioemu/patches/vnc-listen-specific-interface	Thu May 03 15:39:45 2007 +0100
    54.3 @@ -20,9 +20,9 @@ Signed-off-by:  Daniel P. Berrange <berr
    54.4  
    54.5  Index: ioemu/vl.c
    54.6  ===================================================================
    54.7 ---- ioemu.orig/vl.c	2006-12-20 15:21:52.000000000 +0000
    54.8 -+++ ioemu/vl.c	2006-12-20 15:21:52.000000000 +0000
    54.9 -@@ -122,6 +122,7 @@
   54.10 +--- ioemu.orig/vl.c	2007-05-03 10:24:06.000000000 +0100
   54.11 ++++ ioemu/vl.c	2007-05-03 10:24:06.000000000 +0100
   54.12 +@@ -123,6 +123,7 @@
   54.13   int nographic;
   54.14   int vncviewer;
   54.15   int vncunused;
   54.16 @@ -30,7 +30,7 @@ Index: ioemu/vl.c
   54.17   const char* keyboard_layout = NULL;
   54.18   int64_t ticks_per_sec;
   54.19   int boot_device = 'c';
   54.20 -@@ -2777,10 +2778,22 @@
   54.21 +@@ -2831,10 +2832,22 @@
   54.22       return -1;
   54.23   }
   54.24   
   54.25 @@ -54,7 +54,7 @@ Index: ioemu/vl.c
   54.26       const char *p, *r;
   54.27       int port;
   54.28   
   54.29 -@@ -2791,14 +2804,8 @@
   54.30 +@@ -2845,14 +2858,8 @@
   54.31       if (buf[0] == '\0') {
   54.32           saddr->sin_addr.s_addr = 0;
   54.33       } else {
   54.34 @@ -71,15 +71,15 @@ Index: ioemu/vl.c
   54.35       }
   54.36       port = strtol(p, (char **)&r, 0);
   54.37       if (r == p)
   54.38 -@@ -5344,6 +5351,7 @@
   54.39 +@@ -5419,6 +5426,7 @@
   54.40   	   "-vnc display    start a VNC server on display\n"
   54.41              "-vncviewer      start a vncviewer process for this domain\n"
   54.42              "-vncunused      bind the VNC server to an unused port\n"
   54.43  +           "-vnclisten      bind the VNC server to this address\n"
   54.44 -            "-timeoffset     time offset (in seconds) from local time\n"
   54.45              "-acpi           disable or enable ACPI of HVM domain \n"
   54.46              "\n"
   54.47 -@@ -5434,6 +5442,7 @@
   54.48 +            "During emulation, the following keys are useful:\n"
   54.49 +@@ -5507,6 +5515,7 @@
   54.50       QEMU_OPTION_acpi,
   54.51       QEMU_OPTION_vncviewer,
   54.52       QEMU_OPTION_vncunused,
   54.53 @@ -87,7 +87,7 @@ Index: ioemu/vl.c
   54.54   };
   54.55   
   54.56   typedef struct QEMUOption {
   54.57 -@@ -5510,6 +5519,7 @@
   54.58 +@@ -5583,6 +5592,7 @@
   54.59       { "vnc", HAS_ARG, QEMU_OPTION_vnc },
   54.60       { "vncviewer", 0, QEMU_OPTION_vncviewer },
   54.61       { "vncunused", 0, QEMU_OPTION_vncunused },
   54.62 @@ -95,7 +95,7 @@ Index: ioemu/vl.c
   54.63       
   54.64       /* temporary options */
   54.65       { "usb", 0, QEMU_OPTION_usb },
   54.66 -@@ -5889,6 +5899,8 @@
   54.67 +@@ -5974,6 +5984,8 @@
   54.68   
   54.69       nb_nics = 0;
   54.70       /* default mac address of the first network interface */
   54.71 @@ -104,7 +104,7 @@ Index: ioemu/vl.c
   54.72       
   54.73       /* init debug */
   54.74       sprintf(qemu_dm_logfilename, "/var/log/xen/qemu-dm.%ld.log", (long)getpid());
   54.75 -@@ -6264,6 +6276,9 @@
   54.76 +@@ -6346,6 +6358,9 @@
   54.77                   if (vnc_display == -1)
   54.78                       vnc_display = 0;
   54.79                   break;
   54.80 @@ -114,7 +114,7 @@ Index: ioemu/vl.c
   54.81               }
   54.82           }
   54.83       }
   54.84 -@@ -6470,7 +6485,7 @@
   54.85 +@@ -6547,7 +6562,7 @@
   54.86       if (nographic) {
   54.87           dumb_display_init(ds);
   54.88       } else if (vnc_display != -1) {
   54.89 @@ -125,8 +125,8 @@ Index: ioemu/vl.c
   54.90       } else {
   54.91  Index: ioemu/vl.h
   54.92  ===================================================================
   54.93 ---- ioemu.orig/vl.h	2006-12-20 15:21:52.000000000 +0000
   54.94 -+++ ioemu/vl.h	2006-12-20 15:21:52.000000000 +0000
   54.95 +--- ioemu.orig/vl.h	2007-05-03 10:24:06.000000000 +0100
   54.96 ++++ ioemu/vl.h	2007-05-03 10:24:06.000000000 +0100
   54.97  @@ -37,6 +37,8 @@
   54.98   #include <unistd.h>
   54.99   #include <fcntl.h>
  54.100 @@ -147,8 +147,8 @@ Index: ioemu/vl.h
  54.101   /* ide.c */
  54.102  Index: ioemu/vnc.c
  54.103  ===================================================================
  54.104 ---- ioemu.orig/vnc.c	2006-12-20 15:21:52.000000000 +0000
  54.105 -+++ ioemu/vnc.c	2006-12-20 15:21:52.000000000 +0000
  54.106 +--- ioemu.orig/vnc.c	2007-05-03 10:24:06.000000000 +0100
  54.107 ++++ ioemu/vnc.c	2007-05-03 10:24:06.000000000 +0100
  54.108  @@ -1197,9 +1197,8 @@
  54.109       }
  54.110   }
    55.1 --- a/tools/ioemu/patches/vnc-password	Thu May 03 11:22:58 2007 +0100
    55.2 +++ b/tools/ioemu/patches/vnc-password	Thu May 03 15:39:45 2007 +0100
    55.3 @@ -17,8 +17,8 @@ Signed-off-by: Masami Watanabe <masami.w
    55.4  
    55.5  Index: ioemu/Makefile.target
    55.6  ===================================================================
    55.7 ---- ioemu.orig/Makefile.target	2006-12-20 15:21:55.000000000 +0000
    55.8 -+++ ioemu/Makefile.target	2006-12-20 15:21:55.000000000 +0000
    55.9 +--- ioemu.orig/Makefile.target	2007-05-03 15:23:43.000000000 +0100
   55.10 ++++ ioemu/Makefile.target	2007-05-03 15:23:43.000000000 +0100
   55.11  @@ -407,6 +407,7 @@
   55.12   VL_OBJS+=sdl.o
   55.13   endif
   55.14 @@ -39,9 +39,9 @@ Index: ioemu/Makefile.target
   55.15   
   55.16  Index: ioemu/vl.c
   55.17  ===================================================================
   55.18 ---- ioemu.orig/vl.c	2006-12-20 15:21:54.000000000 +0000
   55.19 -+++ ioemu/vl.c	2006-12-20 15:21:55.000000000 +0000
   55.20 -@@ -171,6 +171,9 @@
   55.21 +--- ioemu.orig/vl.c	2007-05-03 15:23:43.000000000 +0100
   55.22 ++++ ioemu/vl.c	2007-05-03 15:23:43.000000000 +0100
   55.23 +@@ -172,6 +172,9 @@
   55.24   char domain_name[1024] = { 'H','V', 'M', 'X', 'E', 'N', '-'};
   55.25   extern int domid;
   55.26   
   55.27 @@ -51,7 +51,7 @@ Index: ioemu/vl.c
   55.28   /***********************************************************/
   55.29   /* x86 ISA bus support */
   55.30   
   55.31 -@@ -5895,6 +5898,7 @@
   55.32 +@@ -5982,6 +5985,7 @@
   55.33       vncunused = 0;
   55.34       kernel_filename = NULL;
   55.35       kernel_cmdline = "";
   55.36 @@ -59,7 +59,7 @@ Index: ioemu/vl.c
   55.37   #ifndef CONFIG_DM
   55.38   #ifdef TARGET_PPC
   55.39       cdrom_index = 1;
   55.40 -@@ -6535,6 +6539,10 @@
   55.41 +@@ -6627,6 +6631,10 @@
   55.42   
   55.43       init_ioports();
   55.44   
   55.45 @@ -72,17 +72,17 @@ Index: ioemu/vl.c
   55.46           dumb_display_init(ds);
   55.47  Index: ioemu/vl.h
   55.48  ===================================================================
   55.49 ---- ioemu.orig/vl.h	2006-12-20 15:21:54.000000000 +0000
   55.50 -+++ ioemu/vl.h	2006-12-20 15:21:55.000000000 +0000
   55.51 -@@ -1214,6 +1214,7 @@
   55.52 +--- ioemu.orig/vl.h	2007-05-03 15:23:43.000000000 +0100
   55.53 ++++ ioemu/vl.h	2007-05-03 15:23:43.000000000 +0100
   55.54 +@@ -1215,6 +1215,7 @@
   55.55   void xenstore_process_event(void *opaque);
   55.56   void xenstore_check_new_media_present(int timeout);
   55.57   void xenstore_write_vncport(int vnc_display);
   55.58  +int xenstore_read_vncpasswd(int domid);
   55.59   
   55.60 - /* xen_platform.c */
   55.61 - void pci_xen_platform_init(PCIBus *bus);
   55.62 -@@ -1225,4 +1226,7 @@
   55.63 + int xenstore_vm_write(int domid, char *key, char *val);
   55.64 + char *xenstore_vm_read(int domid, char *key, int *len);
   55.65 +@@ -1233,4 +1234,7 @@
   55.66   
   55.67   void destroy_hvm_domain(void);
   55.68   
   55.69 @@ -92,8 +92,8 @@ Index: ioemu/vl.h
   55.70   #endif /* VL_H */
   55.71  Index: ioemu/vnc.c
   55.72  ===================================================================
   55.73 ---- ioemu.orig/vnc.c	2006-12-20 15:21:52.000000000 +0000
   55.74 -+++ ioemu/vnc.c	2006-12-20 15:21:55.000000000 +0000
   55.75 +--- ioemu.orig/vnc.c	2007-05-03 15:22:57.000000000 +0100
   55.76 ++++ ioemu/vnc.c	2007-05-03 15:23:43.000000000 +0100
   55.77  @@ -44,6 +44,7 @@
   55.78   
   55.79   #include "vnc_keysym.h"
   55.80 @@ -209,7 +209,7 @@ Index: ioemu/vnc.c
   55.81   
   55.82       return 0;
   55.83   }
   55.84 -@@ -1344,3 +1417,32 @@
   55.85 +@@ -1350,3 +1423,32 @@
   55.86   	return pid;
   55.87       }
   55.88   }
   55.89 @@ -244,13 +244,12 @@ Index: ioemu/vnc.c
   55.90  +}
   55.91  Index: ioemu/xenstore.c
   55.92  ===================================================================
   55.93 ---- ioemu.orig/xenstore.c	2006-12-20 15:21:54.000000000 +0000
   55.94 -+++ ioemu/xenstore.c	2006-12-20 15:21:55.000000000 +0000
   55.95 -@@ -213,3 +213,54 @@
   55.96 -     free(portstr);
   55.97 +--- ioemu.orig/xenstore.c	2007-05-03 15:23:43.000000000 +0100
   55.98 ++++ ioemu/xenstore.c	2007-05-03 15:24:09.000000000 +0100
   55.99 +@@ -253,6 +253,57 @@
  55.100       free(buf);
  55.101   }
  55.102 -+
  55.103 + 
  55.104  +int xenstore_read_vncpasswd(int domid)
  55.105  +{
  55.106  +    extern char vncpasswd[64];
  55.107 @@ -258,41 +257,41 @@ Index: ioemu/xenstore.c
  55.108  +    unsigned int i, len, rc = 0;
  55.109  +
  55.110  +    if (xsh == NULL) {
  55.111 -+	return -1;
  55.112 ++        return -1;
  55.113  +    }
  55.114  +
  55.115  +    path = xs_get_domain_path(xsh, domid);
  55.116  +    if (path == NULL) {
  55.117 -+	fprintf(logfile, "xs_get_domain_path() error. domid %d.\n", domid);
  55.118 -+	return -1;
  55.119 ++        fprintf(logfile, "xs_get_domain_path() error. domid %d.\n", domid);
  55.120 ++        return -1;
  55.121  +    }
  55.122  +
  55.123  +    pasprintf(&buf, "%s/vm", path);
  55.124  +    uuid = xs_read(xsh, XBT_NULL, buf, &len);
  55.125  +    if (uuid == NULL) {
  55.126 -+	fprintf(logfile, "xs_read(): uuid get error. %s.\n", buf);
  55.127 -+	free(path);
  55.128 -+	return -1;
  55.129 ++        fprintf(logfile, "xs_read(): uuid get error. %s.\n", buf);
  55.130 ++        free(path);
  55.131 ++        return -1;
  55.132  +    }
  55.133  +
  55.134  +    pasprintf(&buf, "%s/vncpasswd", uuid);
  55.135  +    passwd = xs_read(xsh, XBT_NULL, buf, &len);
  55.136  +    if (passwd == NULL) {
  55.137 -+	fprintf(logfile, "xs_read(): vncpasswd get error. %s.\n", buf);
  55.138 -+	free(uuid);
  55.139 -+	free(path);
  55.140 -+	return rc;
  55.141 ++        fprintf(logfile, "xs_read(): vncpasswd get error. %s.\n", buf);
  55.142 ++        free(uuid);
  55.143 ++        free(path);
  55.144 ++        return rc;
  55.145  +    }
  55.146  +
  55.147  +    for (i=0; i<len && i<63; i++) {
  55.148 -+	vncpasswd[i] = passwd[i];
  55.149 -+	passwd[i] = '\0';
  55.150 ++        vncpasswd[i] = passwd[i];
  55.151 ++        passwd[i] = '\0';
  55.152  +    }
  55.153  +    vncpasswd[len] = '\0';
  55.154  +    pasprintf(&buf, "%s/vncpasswd", uuid);
  55.155  +    if (xs_write(xsh, XBT_NULL, buf, passwd, len) == 0) {
  55.156 -+	fprintf(logfile, "xs_write() vncpasswd failed.\n");
  55.157 -+	rc = -1;
  55.158 ++        fprintf(logfile, "xs_write() vncpasswd failed.\n");
  55.159 ++        rc = -1;
  55.160  +    }
  55.161  +
  55.162  +    free(passwd);
  55.163 @@ -301,10 +300,14 @@ Index: ioemu/xenstore.c
  55.164  +
  55.165  +    return rc;
  55.166  +}
  55.167 ++
  55.168 + char *xenstore_vm_read(int domid, char *key, int *len)
  55.169 + {
  55.170 +     char *buf = NULL, *path = NULL, *value = NULL;
  55.171  Index: ioemu/d3des.c
  55.172  ===================================================================
  55.173  --- /dev/null	1970-01-01 00:00:00.000000000 +0000
  55.174 -+++ ioemu/d3des.c	2006-12-20 15:21:55.000000000 +0000
  55.175 ++++ ioemu/d3des.c	2007-05-03 15:23:43.000000000 +0100
  55.176  @@ -0,0 +1,434 @@
  55.177  +/*
  55.178  + * This is D3DES (V5.09) by Richard Outerbridge with the double and
  55.179 @@ -743,7 +746,7 @@ Index: ioemu/d3des.c
  55.180  Index: ioemu/d3des.h
  55.181  ===================================================================
  55.182  --- /dev/null	1970-01-01 00:00:00.000000000 +0000
  55.183 -+++ ioemu/d3des.h	2006-12-20 15:21:55.000000000 +0000
  55.184 ++++ ioemu/d3des.h	2007-05-03 15:23:43.000000000 +0100
  55.185  @@ -0,0 +1,51 @@
  55.186  +/*
  55.187  + * This is D3DES (V5.09) by Richard Outerbridge with the double and
    56.1 --- a/tools/ioemu/patches/vnc-start-vncviewer	Thu May 03 11:22:58 2007 +0100
    56.2 +++ b/tools/ioemu/patches/vnc-start-vncviewer	Thu May 03 15:39:45 2007 +0100
    56.3 @@ -1,15 +1,15 @@
    56.4  Index: ioemu/vnc.c
    56.5  ===================================================================
    56.6 ---- ioemu.orig/vnc.c	2006-12-20 15:21:51.000000000 +0000
    56.7 -+++ ioemu/vnc.c	2006-12-20 15:21:51.000000000 +0000
    56.8 -@@ -1189,3 +1189,25 @@
    56.9 +--- ioemu.orig/vnc.c	2007-05-03 10:24:06.000000000 +0100
   56.10 ++++ ioemu/vnc.c	2007-05-03 10:24:06.000000000 +0100
   56.11 +@@ -1189,3 +1189,31 @@
   56.12   
   56.13       vnc_dpy_resize(vs->ds, 640, 400);
   56.14   }
   56.15  +
   56.16  +int vnc_start_viewer(int port)
   56.17  +{
   56.18 -+    int pid;
   56.19 ++    int pid, i, open_max;
   56.20  +    char s[16];
   56.21  +
   56.22  +    sprintf(s, ":%d", port);
   56.23 @@ -20,6 +20,12 @@ Index: ioemu/vnc.c
   56.24  +	exit(1);
   56.25  +
   56.26  +    case 0:	/* child */
   56.27 ++	open_max = sysconf(_SC_OPEN_MAX);
   56.28 ++	for (i = 0; i < open_max; i++)
   56.29 ++	    if (i != STDIN_FILENO &&
   56.30 ++		i != STDOUT_FILENO &&
   56.31 ++		i != STDERR_FILENO)
   56.32 ++		close(i);
   56.33  +	execlp("vncviewer", "vncviewer", s, NULL);
   56.34  +	fprintf(stderr, "vncviewer execlp failed\n");
   56.35  +	exit(1);
   56.36 @@ -30,9 +36,9 @@ Index: ioemu/vnc.c
   56.37  +}
   56.38  Index: ioemu/vl.c
   56.39  ===================================================================
   56.40 ---- ioemu.orig/vl.c	2006-12-20 15:21:51.000000000 +0000
   56.41 -+++ ioemu/vl.c	2006-12-20 15:21:51.000000000 +0000
   56.42 -@@ -120,6 +120,7 @@
   56.43 +--- ioemu.orig/vl.c	2007-05-03 10:24:05.000000000 +0100
   56.44 ++++ ioemu/vl.c	2007-05-03 10:24:06.000000000 +0100
   56.45 +@@ -121,6 +121,7 @@
   56.46   int bios_size;
   56.47   static DisplayState display_state;
   56.48   int nographic;
   56.49 @@ -40,23 +46,23 @@ Index: ioemu/vl.c
   56.50   const char* keyboard_layout = NULL;
   56.51   int64_t ticks_per_sec;
   56.52   int boot_device = 'c';
   56.53 -@@ -5340,6 +5341,7 @@
   56.54 +@@ -5415,6 +5416,7 @@
   56.55   #endif
   56.56              "-loadvm file    start right away with a saved state (loadvm in monitor)\n"
   56.57   	   "-vnc display    start a VNC server on display\n"
   56.58  +           "-vncviewer      start a vncviewer process for this domain\n"
   56.59 -            "-timeoffset     time offset (in seconds) from local time\n"
   56.60              "-acpi           disable or enable ACPI of HVM domain \n"
   56.61              "\n"
   56.62 -@@ -5428,6 +5430,7 @@
   56.63 +            "During emulation, the following keys are useful:\n"
   56.64 +@@ -5501,6 +5503,7 @@
   56.65 +     QEMU_OPTION_d,
   56.66       QEMU_OPTION_vcpus,
   56.67 -     QEMU_OPTION_timeoffset,
   56.68       QEMU_OPTION_acpi,
   56.69  +    QEMU_OPTION_vncviewer,
   56.70   };
   56.71   
   56.72   typedef struct QEMUOption {
   56.73 -@@ -5502,6 +5505,7 @@
   56.74 +@@ -5575,6 +5578,7 @@
   56.75       { "usbdevice", HAS_ARG, QEMU_OPTION_usbdevice },
   56.76       { "smp", HAS_ARG, QEMU_OPTION_smp },
   56.77       { "vnc", HAS_ARG, QEMU_OPTION_vnc },
   56.78 @@ -64,7 +70,7 @@ Index: ioemu/vl.c
   56.79       
   56.80       /* temporary options */
   56.81       { "usb", 0, QEMU_OPTION_usb },
   56.82 -@@ -5852,6 +5856,7 @@
   56.83 +@@ -5933,6 +5937,7 @@
   56.84   #endif
   56.85       snapshot = 0;
   56.86       nographic = 0;
   56.87 @@ -72,7 +78,7 @@ Index: ioemu/vl.c
   56.88       kernel_filename = NULL;
   56.89       kernel_cmdline = "";
   56.90   #ifdef TARGET_PPC
   56.91 -@@ -6246,6 +6251,9 @@
   56.92 +@@ -6328,6 +6333,9 @@
   56.93               case QEMU_OPTION_acpi:
   56.94                   acpi_enabled = 1;
   56.95                   break;
   56.96 @@ -82,7 +88,7 @@ Index: ioemu/vl.c
   56.97               }
   56.98           }
   56.99       }
  56.100 -@@ -6453,6 +6461,8 @@
  56.101 +@@ -6530,6 +6538,8 @@
  56.102           dumb_display_init(ds);
  56.103       } else if (vnc_display != -1) {
  56.104   	vnc_display_init(ds, vnc_display);
  56.105 @@ -93,8 +99,8 @@ Index: ioemu/vl.c
  56.106           sdl_display_init(ds, full_screen);
  56.107  Index: ioemu/vl.h
  56.108  ===================================================================
  56.109 ---- ioemu.orig/vl.h	2006-12-20 15:21:51.000000000 +0000
  56.110 -+++ ioemu/vl.h	2006-12-20 15:21:51.000000000 +0000
  56.111 +--- ioemu.orig/vl.h	2007-05-03 10:24:05.000000000 +0100
  56.112 ++++ ioemu/vl.h	2007-05-03 10:24:06.000000000 +0100
  56.113  @@ -786,6 +786,7 @@
  56.114   
  56.115   /* vnc.c */
    57.1 --- a/tools/ioemu/patches/xen-build	Thu May 03 11:22:58 2007 +0100
    57.2 +++ b/tools/ioemu/patches/xen-build	Thu May 03 15:39:45 2007 +0100
    57.3 @@ -1,7 +1,7 @@
    57.4  Index: ioemu/Makefile
    57.5  ===================================================================
    57.6 ---- ioemu.orig/Makefile	2006-12-08 01:26:04.000000000 +0000
    57.7 -+++ ioemu/Makefile	2006-12-08 01:26:06.000000000 +0000
    57.8 +--- ioemu.orig/Makefile	2007-05-03 15:38:37.000000000 +0100
    57.9 ++++ ioemu/Makefile	2007-05-03 15:38:39.000000000 +0100
   57.10  @@ -1,11 +1,14 @@
   57.11   # Makefile for QEMU.
   57.12   
   57.13 @@ -41,7 +41,17 @@ Index: ioemu/Makefile
   57.14           done
   57.15   
   57.16   distclean: clean
   57.17 -@@ -68,12 +73,12 @@
   57.18 +@@ -60,24 +65,24 @@
   57.19 + 
   57.20 + install-doc: $(DOCS)
   57.21 + 	mkdir -p "$(DESTDIR)$(docdir)"
   57.22 +-	$(INSTALL) -m 644 qemu-doc.html  qemu-tech.html "$(DESTDIR)$(docdir)"
   57.23 ++	$(INSTALL_DATA) qemu-doc.html  qemu-tech.html "$(DESTDIR)$(docdir)"
   57.24 + ifndef CONFIG_WIN32
   57.25 + 	mkdir -p "$(DESTDIR)$(mandir)/man1"
   57.26 +-	$(INSTALL) qemu.1 qemu-img.1 "$(DESTDIR)$(mandir)/man1"
   57.27 ++	$(INSTALL_DATA) qemu.1 qemu-img.1 "$(DESTDIR)$(mandir)/man1"
   57.28 + endif
   57.29   
   57.30   install: all $(if $(BUILD_DOCS),install-doc)
   57.31   	mkdir -p "$(DESTDIR)$(bindir)"
   57.32 @@ -55,11 +65,16 @@ Index: ioemu/Makefile
   57.33  +#	mkdir -p "$(DESTDIR)$(datadir)"
   57.34  +#	for x in bios.bin vgabios.bin vgabios-cirrus.bin ppc_rom.bin \
   57.35  +#			video.x openbios-sparc32 linux_boot.bin; do \
   57.36 -+#		$(INSTALL) -m 644 $(SRC_PATH)/pc-bios/$$x "$(DESTDIR)$(datadir)"; \
   57.37 ++#		$(INSTALL_DATA) $(SRC_PATH)/pc-bios/$$x "$(DESTDIR)$(datadir)"; \
   57.38  +#	done
   57.39   ifndef CONFIG_WIN32
   57.40   	mkdir -p "$(DESTDIR)$(datadir)/keymaps"
   57.41   	for x in $(KEYMAPS); do \
   57.42 +-		$(INSTALL) -m 644 $(SRC_PATH)/keymaps/$$x "$(DESTDIR)$(datadir)/keymaps"; \
   57.43 ++		$(INSTALL_DATA) $(SRC_PATH)/keymaps/$$x "$(DESTDIR)$(datadir)/keymaps"; \
   57.44 + 	done
   57.45 + endif
   57.46 + 	for d in $(TARGET_DIRS); do \
   57.47  @@ -89,7 +94,7 @@
   57.48   	$(MAKE) -C tests $@
   57.49   
   57.50 @@ -85,8 +100,8 @@ Index: ioemu/Makefile
   57.51   info: qemu-doc.info qemu-tech.info
   57.52  Index: ioemu/Makefile.target
   57.53  ===================================================================
   57.54 ---- ioemu.orig/Makefile.target	2006-12-08 01:26:04.000000000 +0000
   57.55 -+++ ioemu/Makefile.target	2006-12-08 01:41:05.000000000 +0000
   57.56 +--- ioemu.orig/Makefile.target	2007-05-03 15:38:37.000000000 +0100
   57.57 ++++ ioemu/Makefile.target	2007-05-03 15:38:39.000000000 +0100
   57.58  @@ -1,5 +1,8 @@
   57.59   include config.mak
   57.60   
   57.61 @@ -163,8 +178,8 @@ Index: ioemu/Makefile.target
   57.62   include .depend
   57.63  Index: ioemu/configure
   57.64  ===================================================================
   57.65 ---- ioemu.orig/configure	2006-12-08 01:26:04.000000000 +0000
   57.66 -+++ ioemu/configure	2006-12-08 01:40:58.000000000 +0000
   57.67 +--- ioemu.orig/configure	2007-05-03 15:38:37.000000000 +0100
   57.68 ++++ ioemu/configure	2007-05-03 15:38:39.000000000 +0100
   57.69  @@ -18,8 +18,8 @@
   57.70   
   57.71   # default parameters
    58.1 --- a/tools/ioemu/patches/xen-domain-name	Thu May 03 11:22:58 2007 +0100
    58.2 +++ b/tools/ioemu/patches/xen-domain-name	Thu May 03 15:39:45 2007 +0100
    58.3 @@ -1,7 +1,7 @@
    58.4  Index: ioemu/sdl.c
    58.5  ===================================================================
    58.6 ---- ioemu.orig/sdl.c	2006-08-06 02:03:48.563137711 +0100
    58.7 -+++ ioemu/sdl.c	2006-08-06 02:17:16.063137816 +0100
    58.8 +--- ioemu.orig/sdl.c	2007-05-02 16:04:45.000000000 +0100
    58.9 ++++ ioemu/sdl.c	2007-05-02 16:05:51.000000000 +0100
   58.10  @@ -273,14 +273,14 @@
   58.11   static void sdl_update_caption(void)
   58.12   {
   58.13 @@ -21,8 +21,8 @@ Index: ioemu/sdl.c
   58.14   static void sdl_hide_cursor(void)
   58.15  Index: ioemu/vl.c
   58.16  ===================================================================
   58.17 ---- ioemu.orig/vl.c	2006-08-06 02:16:31.246133963 +0100
   58.18 -+++ ioemu/vl.c	2006-08-06 02:17:31.428424918 +0100
   58.19 +--- ioemu.orig/vl.c	2007-05-02 16:05:51.000000000 +0100
   58.20 ++++ ioemu/vl.c	2007-05-02 16:05:51.000000000 +0100
   58.21  @@ -158,6 +158,8 @@
   58.22   int acpi_enabled = 1;
   58.23   int fd_bootchk = 1;
   58.24 @@ -56,7 +56,7 @@ Index: ioemu/vl.c
   58.25       { "serial", 1, QEMU_OPTION_serial },
   58.26       { "parallel", 1, QEMU_OPTION_parallel },
   58.27       { "loadvm", HAS_ARG, QEMU_OPTION_loadvm },
   58.28 -@@ -6062,6 +6067,9 @@
   58.29 +@@ -6066,6 +6071,9 @@
   58.30               case QEMU_OPTION_no_acpi:
   58.31                   acpi_enabled = 0;
   58.32                   break;
   58.33 @@ -68,8 +68,8 @@ Index: ioemu/vl.c
   58.34       }
   58.35  Index: ioemu/vl.h
   58.36  ===================================================================
   58.37 ---- ioemu.orig/vl.h	2006-08-06 02:15:39.711878977 +0100
   58.38 -+++ ioemu/vl.h	2006-08-06 02:17:16.068137258 +0100
   58.39 +--- ioemu.orig/vl.h	2007-05-02 16:05:50.000000000 +0100
   58.40 ++++ ioemu/vl.h	2007-05-02 16:05:51.000000000 +0100
   58.41  @@ -1185,4 +1185,5 @@
   58.42   
   58.43   void kqemu_record_dump(void);
    59.1 --- a/tools/ioemu/patches/xen-domid	Thu May 03 11:22:58 2007 +0100
    59.2 +++ b/tools/ioemu/patches/xen-domid	Thu May 03 15:39:45 2007 +0100
    59.3 @@ -1,7 +1,7 @@
    59.4  Index: ioemu/vl.c
    59.5  ===================================================================
    59.6 ---- ioemu.orig/vl.c	2006-08-06 02:17:31.428424918 +0100
    59.7 -+++ ioemu/vl.c	2006-08-06 02:18:12.550840673 +0100
    59.8 +--- ioemu.orig/vl.c	2007-05-02 16:05:51.000000000 +0100
    59.9 ++++ ioemu/vl.c	2007-05-02 16:05:51.000000000 +0100
   59.10  @@ -159,6 +159,7 @@
   59.11   int fd_bootchk = 1;
   59.12   
   59.13 @@ -36,7 +36,7 @@ Index: ioemu/vl.c
   59.14       { NULL },
   59.15   };
   59.16   
   59.17 -@@ -6070,6 +6076,10 @@
   59.18 +@@ -6074,6 +6080,10 @@
   59.19               case QEMU_OPTION_domainname:
   59.20                   strncat(domain_name, optarg, sizeof(domain_name) - 20);
   59.21                   break;
    60.1 --- a/tools/ioemu/patches/xen-mapcache	Thu May 03 11:22:58 2007 +0100
    60.2 +++ b/tools/ioemu/patches/xen-mapcache	Thu May 03 15:39:45 2007 +0100
    60.3 @@ -17,44 +17,116 @@ Signed-off-by: Keir Fraser <keir@xensour
    60.4  
    60.5  Index: ioemu/vl.c
    60.6  ===================================================================
    60.7 ---- ioemu.orig/vl.c	2006-12-20 15:21:55.000000000 +0000
    60.8 -+++ ioemu/vl.c	2006-12-20 15:21:56.000000000 +0000
    60.9 -@@ -5808,6 +5808,91 @@
   60.10 +--- ioemu.orig/vl.c	2007-05-03 15:12:21.000000000 +0100
   60.11 ++++ ioemu/vl.c	2007-05-03 15:12:41.000000000 +0100
   60.12 +@@ -286,7 +286,7 @@
   60.13 +     for(i = start; i < start + length; i += size) {
   60.14 +         ioport_write_table[bsize][i] = func;
   60.15 +         if (ioport_opaque[i] != NULL && ioport_opaque[i] != opaque)
   60.16 +-            hw_error("register_ioport_read: invalid opaque");
   60.17 ++            hw_error("register_ioport_write: invalid opaque");
   60.18 +         ioport_opaque[i] = opaque;
   60.19 +     }
   60.20       return 0;
   60.21 +@@ -5894,6 +5894,157 @@
   60.22 +     suspend_requested = 1;
   60.23   }
   60.24   
   60.25 -+#if defined(__i386__) || defined(__x86_64__)
   60.26 ++#if defined(MAPCACHE)
   60.27 ++
   60.28 ++#if defined(__i386__) 
   60.29 ++#define MAX_MCACHE_SIZE    0x40000000 /* 1GB max for x86 */
   60.30 ++#define MCACHE_BUCKET_SHIFT 16
   60.31 ++#elif defined(__x86_64__)
   60.32 ++#define MAX_MCACHE_SIZE    0x1000000000 /* 64GB max for x86_64 */
   60.33 ++#define MCACHE_BUCKET_SHIFT 20
   60.34 ++#endif
   60.35 ++
   60.36 ++#define MCACHE_BUCKET_SIZE (1UL << MCACHE_BUCKET_SHIFT)
   60.37 ++
   60.38 ++#define BITS_PER_LONG (sizeof(long)*8)
   60.39 ++#define BITS_TO_LONGS(bits) \
   60.40 ++    (((bits)+BITS_PER_LONG-1)/BITS_PER_LONG)
   60.41 ++#define DECLARE_BITMAP(name,bits) \
   60.42 ++    unsigned long name[BITS_TO_LONGS(bits)]
   60.43 ++#define test_bit(bit,map) \
   60.44 ++    (!!((map)[(bit)/BITS_PER_LONG] & (1UL << ((bit)%BITS_PER_LONG))))
   60.45 ++
   60.46 ++struct map_cache {
   60.47 ++    unsigned long paddr_index;
   60.48 ++    uint8_t      *vaddr_base;
   60.49 ++    DECLARE_BITMAP(valid_mapping, MCACHE_BUCKET_SIZE>>PAGE_SHIFT);
   60.50 ++};
   60.51 ++
   60.52  +static struct map_cache *mapcache_entry;
   60.53  +static unsigned long nr_buckets;
   60.54  +
   60.55 -+static int qemu_map_cache_init(unsigned long nr_pages)
   60.56 -+{
   60.57 -+    unsigned long max_pages = MAX_MCACHE_SIZE >> PAGE_SHIFT;
   60.58 -+    int i;
   60.59 ++/* For most cases (>99.9%), the page address is the same. */
   60.60 ++static unsigned long last_address_index = ~0UL;
   60.61 ++static uint8_t      *last_address_vaddr;
   60.62  +
   60.63 -+    if (nr_pages < max_pages)
   60.64 -+        max_pages = nr_pages;
   60.65 ++static int qemu_map_cache_init(void)
   60.66 ++{
   60.67 ++    unsigned long size;
   60.68  +
   60.69 -+    nr_buckets   = max_pages + (1UL << (MCACHE_BUCKET_SHIFT - PAGE_SHIFT)) - 1;
   60.70 -+    nr_buckets >>= (MCACHE_BUCKET_SHIFT - PAGE_SHIFT);
   60.71 ++    nr_buckets = (((MAX_MCACHE_SIZE >> PAGE_SHIFT) +
   60.72 ++                   (1UL << (MCACHE_BUCKET_SHIFT - PAGE_SHIFT)) - 1) >>
   60.73 ++                  (MCACHE_BUCKET_SHIFT - PAGE_SHIFT));
   60.74  +    fprintf(logfile, "qemu_map_cache_init nr_buckets = %lx\n", nr_buckets);
   60.75  +
   60.76 -+    mapcache_entry = malloc(nr_buckets * sizeof(struct map_cache));
   60.77 -+    if (mapcache_entry == NULL) {
   60.78 ++    /*
   60.79 ++     * Use mmap() directly: lets us allocate a big hash table with no up-front
   60.80 ++     * cost in storage space. The OS will allocate memory only for the buckets
   60.81 ++     * that we actually use. All others will contain all zeroes.
   60.82 ++     */
   60.83 ++    size = nr_buckets * sizeof(struct map_cache);
   60.84 ++    size = (size + PAGE_SIZE - 1) & ~(PAGE_SIZE - 1);
   60.85 ++    mapcache_entry = mmap(NULL, size, PROT_READ|PROT_WRITE,
   60.86 ++                          MAP_SHARED|MAP_ANONYMOUS, 0, 0);
   60.87 ++    if (mapcache_entry == MAP_FAILED) {
   60.88  +        errno = ENOMEM;
   60.89  +        return -1;
   60.90  +    }
   60.91  +
   60.92 -+    memset(mapcache_entry, 0, nr_buckets * sizeof(struct map_cache));
   60.93 ++    return 0;
   60.94 ++}
   60.95 ++
   60.96 ++static void qemu_remap_bucket(struct map_cache *entry,
   60.97 ++                              unsigned long address_index)
   60.98 ++{
   60.99 ++    uint8_t *vaddr_base;
  60.100 ++    unsigned long pfns[MCACHE_BUCKET_SIZE >> PAGE_SHIFT];
  60.101 ++    unsigned int i, j;
  60.102 ++
  60.103 ++    if (entry->vaddr_base != NULL) {
  60.104 ++        errno = munmap(entry->vaddr_base, MCACHE_BUCKET_SIZE);
  60.105 ++        if (errno) {
  60.106 ++            fprintf(logfile, "unmap fails %d\n", errno);
  60.107 ++            exit(-1);
  60.108 ++        }
  60.109 ++    }
  60.110  +
  60.111 -+    /*
  60.112 -+     * To avoid ENOMEM from xc_map_foreign_batch() at runtime, we
  60.113 -+     * pre-fill all the map caches in advance.
  60.114 -+     */
  60.115 -+    for (i = 0; i < nr_buckets; i++)
  60.116 -+       (void)qemu_map_cache(((target_phys_addr_t)i) << MCACHE_BUCKET_SHIFT);
  60.117 ++    for (i = 0; i < MCACHE_BUCKET_SIZE >> PAGE_SHIFT; i++)
  60.118 ++        pfns[i] = (address_index << (MCACHE_BUCKET_SHIFT-PAGE_SHIFT)) + i;
  60.119 ++
  60.120 ++    vaddr_base = xc_map_foreign_batch(xc_handle, domid, PROT_READ|PROT_WRITE,
  60.121 ++                                      pfns, MCACHE_BUCKET_SIZE >> PAGE_SHIFT);
  60.122 ++    if (vaddr_base == NULL) {
  60.123 ++        fprintf(logfile, "xc_map_foreign_batch error %d\n", errno);
  60.124 ++        exit(-1);
  60.125 ++    }
  60.126  +
  60.127 -+    return 0;
  60.128 ++    entry->vaddr_base  = vaddr_base;
  60.129 ++    entry->paddr_index = address_index;
  60.130 ++
  60.131 ++    for (i = 0; i < MCACHE_BUCKET_SIZE >> PAGE_SHIFT; i += BITS_PER_LONG) {
  60.132 ++        unsigned long word = 0;
  60.133 ++        j = ((i + BITS_PER_LONG) > (MCACHE_BUCKET_SIZE >> PAGE_SHIFT)) ?
  60.134 ++            (MCACHE_BUCKET_SIZE >> PAGE_SHIFT) % BITS_PER_LONG : BITS_PER_LONG;
  60.135 ++        while (j > 0)
  60.136 ++            word = (word << 1) | !(pfns[i + --j] & 0xF0000000UL);
  60.137 ++        entry->valid_mapping[i / BITS_PER_LONG] = word;
  60.138 ++    }
  60.139  +}
  60.140  +
  60.141  +uint8_t *qemu_map_cache(target_phys_addr_t phys_addr)
  60.142 @@ -63,55 +135,71 @@ Index: ioemu/vl.c
  60.143  +    unsigned long address_index  = phys_addr >> MCACHE_BUCKET_SHIFT;
  60.144  +    unsigned long address_offset = phys_addr & (MCACHE_BUCKET_SIZE-1);
  60.145  +
  60.146 -+    /* For most cases (>99.9%), the page address is the same. */
  60.147 -+    static unsigned long last_address_index = ~0UL;
  60.148 -+    static uint8_t      *last_address_vaddr;
  60.149 -+
  60.150  +    if (address_index == last_address_index)
  60.151  +        return last_address_vaddr + address_offset;
  60.152  +
  60.153  +    entry = &mapcache_entry[address_index % nr_buckets];
  60.154  +
  60.155 -+    if (entry->vaddr_base == NULL || entry->paddr_index != address_index) {
  60.156 -+        /* We need to remap a bucket. */
  60.157 -+        uint8_t *vaddr_base;
  60.158 -+        unsigned long pfns[MCACHE_BUCKET_SIZE >> PAGE_SHIFT];
  60.159 -+        unsigned int i;
  60.160 -+
  60.161 -+        if (entry->vaddr_base != NULL) {
  60.162 -+            errno = munmap(entry->vaddr_base, MCACHE_BUCKET_SIZE);
  60.163 -+            if (errno) {
  60.164 -+                fprintf(logfile, "unmap fails %d\n", errno);
  60.165 -+                exit(-1);
  60.166 -+            }
  60.167 -+        }
  60.168 ++    if (entry->vaddr_base == NULL || entry->paddr_index != address_index ||
  60.169 ++        !test_bit(address_offset>>PAGE_SHIFT, entry->valid_mapping))
  60.170 ++        qemu_remap_bucket(entry, address_index);
  60.171  +
  60.172 -+        for (i = 0; i < MCACHE_BUCKET_SIZE >> PAGE_SHIFT; i++)
  60.173 -+            pfns[i] = (address_index << (MCACHE_BUCKET_SHIFT-PAGE_SHIFT)) + i;
  60.174 -+
  60.175 -+        vaddr_base = xc_map_foreign_batch(
  60.176 -+            xc_handle, domid, PROT_READ|PROT_WRITE,
  60.177 -+            pfns, MCACHE_BUCKET_SIZE >> PAGE_SHIFT);
  60.178 -+        if (vaddr_base == NULL) {
  60.179 -+            fprintf(logfile, "xc_map_foreign_batch error %d\n", errno);
  60.180 -+            exit(-1);
  60.181 -+        }
  60.182 -+
  60.183 -+        entry->vaddr_base  = vaddr_base;
  60.184 -+        entry->paddr_index = address_index;;
  60.185 -+    }
  60.186 ++    if (!test_bit(address_offset>>PAGE_SHIFT, entry->valid_mapping))
  60.187 ++        return NULL;
  60.188  +
  60.189  +    last_address_index = address_index;
  60.190  +    last_address_vaddr = entry->vaddr_base;
  60.191  +
  60.192  +    return last_address_vaddr + address_offset;
  60.193  +}
  60.194 -+#endif
  60.195 ++
  60.196 ++void qemu_invalidate_map_cache(void)
  60.197 ++{
  60.198 ++    unsigned long i;
  60.199 ++
  60.200 ++    mapcache_lock();
  60.201 ++
  60.202 ++    for (i = 0; i < nr_buckets; i++) {
  60.203 ++        struct map_cache *entry = &mapcache_entry[i];
  60.204 ++
  60.205 ++        if (entry->vaddr_base == NULL)
  60.206 ++            continue;
  60.207 ++
  60.208 ++        errno = munmap(entry->vaddr_base, MCACHE_BUCKET_SIZE);
  60.209 ++        if (errno) {
  60.210 ++            fprintf(logfile, "unmap fails %d\n", errno);
  60.211 ++            exit(-1);
  60.212 ++        }
  60.213 ++
  60.214 ++        entry->paddr_index = 0;
  60.215 ++        entry->vaddr_base  = NULL;
  60.216 ++    }
  60.217 ++
  60.218 ++    last_address_index =  ~0UL;
  60.219 ++    last_address_vaddr = NULL;
  60.220 ++
  60.221 ++    mapcache_unlock();
  60.222 ++}
  60.223 ++
  60.224 ++#endif /* defined(MAPCACHE) */
  60.225  +
  60.226   int main(int argc, char **argv)
  60.227   {
  60.228   #ifdef CONFIG_GDBSTUB
  60.229 -@@ -6130,6 +6215,7 @@
  60.230 +@@ -5930,8 +6081,11 @@
  60.231 +     unsigned long ioreq_pfn;
  60.232 +     extern void *shared_page;
  60.233 +     extern void *buffered_io_page;
  60.234 +-    extern void *buffered_pio_page;
  60.235 ++#ifdef __ia64__
  60.236 +     unsigned long nr_pages;
  60.237 ++    xen_pfn_t *page_array;
  60.238 ++    extern void *buffered_pio_page;
  60.239 ++#endif
  60.240 + 
  60.241 +     char qemu_dm_logfilename[64];
  60.242 + 
  60.243 +@@ -6221,6 +6375,7 @@
  60.244                   break;
  60.245               case QEMU_OPTION_m:
  60.246                   ram_size = atol(optarg) * 1024 * 1024;
  60.247 @@ -119,75 +207,61 @@ Index: ioemu/vl.c
  60.248                   if (ram_size <= 0)
  60.249                       help();
  60.250   #ifndef CONFIG_DM
  60.251 -@@ -6404,50 +6490,41 @@
  60.252 -         shared_page_nr = nr_pages - 1;
  60.253 - #endif
  60.254 +@@ -6482,30 +6637,15 @@
  60.255 + 
  60.256 + #if defined(__i386__) || defined(__x86_64__)
  60.257   
  60.258 --    page_array = (xen_pfn_t *)malloc(tmp_nr_pages * sizeof(xen_pfn_t));
  60.259 +-    nr_pages = ram_size/PAGE_SIZE;
  60.260 +-
  60.261 +-    page_array = (xen_pfn_t *)malloc(nr_pages * sizeof(xen_pfn_t));
  60.262  -    if (page_array == NULL) {
  60.263  -        fprintf(logfile, "malloc returned error %d\n", errno);
  60.264  -        exit(-1);
  60.265  -    }
  60.266  -
  60.267 - #if defined(__i386__) || defined(__x86_64__)
  60.268 --    for ( i = 0; i < tmp_nr_pages; i++)
  60.269 +-    for ( i = 0; i < nr_pages; i++)
  60.270  -        page_array[i] = i;
  60.271 - 
  60.272 +-
  60.273  -    phys_ram_base = xc_map_foreign_batch(xc_handle, domid,
  60.274  -                                         PROT_READ|PROT_WRITE, page_array,
  60.275 --                                         tmp_nr_pages);
  60.276 +-                                         nr_pages);
  60.277  -    if (phys_ram_base == NULL) {
  60.278  -        fprintf(logfile, "batch map guest memory returned error %d\n", errno);
  60.279 -+    if ( qemu_map_cache_init(tmp_nr_pages) )
  60.280 -+    {
  60.281 ++    if (qemu_map_cache_init()) {
  60.282  +        fprintf(logfile, "qemu_map_cache_init returned: error %d\n", errno);
  60.283           exit(-1);
  60.284       }
  60.285   
  60.286 +     xc_get_hvm_param(xc_handle, domid, HVM_PARAM_IOREQ_PFN, &ioreq_pfn);
  60.287 +     fprintf(logfile, "shared page at pfn %lx\n", ioreq_pfn);
  60.288       shared_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
  60.289  -                                       PROT_READ|PROT_WRITE,
  60.290 --                                       page_array[shared_page_nr]);
  60.291 -+                                       PROT_READ|PROT_WRITE, shared_page_nr);
  60.292 +-                                       page_array[ioreq_pfn]);
  60.293 ++                                       PROT_READ|PROT_WRITE, ioreq_pfn);
  60.294       if (shared_page == NULL) {
  60.295           fprintf(logfile, "map shared IO page returned error %d\n", errno);
  60.296           exit(-1);
  60.297 -     }
  60.298 - 
  60.299 --    fprintf(logfile, "shared page at pfn:%lx, mfn: %"PRIx64"\n",
  60.300 --            shared_page_nr, (uint64_t)(page_array[shared_page_nr]));
  60.301 -+    fprintf(logfile, "shared page at pfn:%lx\n", shared_page_nr);
  60.302 - 
  60.303 +@@ -6514,15 +6654,12 @@
  60.304 +     xc_get_hvm_param(xc_handle, domid, HVM_PARAM_BUFIOREQ_PFN, &ioreq_pfn);
  60.305 +     fprintf(logfile, "buffered io page at pfn %lx\n", ioreq_pfn);
  60.306       buffered_io_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
  60.307 -                                             PROT_READ|PROT_WRITE,
  60.308 --                                            page_array[shared_page_nr - 2]);
  60.309 -+                                            shared_page_nr - 2);
  60.310 +-                                            PROT_READ|PROT_WRITE,
  60.311 +-                                            page_array[ioreq_pfn]);
  60.312 ++                                            PROT_READ|PROT_WRITE, ioreq_pfn);
  60.313       if (buffered_io_page == NULL) {
  60.314           fprintf(logfile, "map buffered IO page returned error %d\n", errno);
  60.315           exit(-1);
  60.316       }
  60.317   
  60.318 --    fprintf(logfile, "buffered io page at pfn:%lx, mfn: %"PRIx64"\n",
  60.319 --            shared_page_nr - 2, (uint64_t)(page_array[shared_page_nr - 2]));
  60.320 +-    free(page_array);
  60.321  -
  60.322 --    free(page_array);
  60.323 -+    fprintf(logfile, "buffered io page at pfn:%lx\n", shared_page_nr - 2);
  60.324 - 
  60.325   #elif defined(__ia64__)
  60.326 --  
  60.327 -+
  60.328 -+    page_array = (xen_pfn_t *)malloc(tmp_nr_pages * sizeof(xen_pfn_t));
  60.329 -+    if (page_array == NULL) {
  60.330 -+        fprintf(logfile, "malloc returned error %d\n", errno);
  60.331 -+        exit(-1);
  60.332 -+    }
  60.333 -+
  60.334 -     shared_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
  60.335 -                                        PROT_READ|PROT_WRITE,
  60.336 -                                        IO_PAGE_START >> PAGE_SHIFT);
  60.337 + 
  60.338 +     nr_pages = ram_size/PAGE_SIZE;
  60.339  Index: ioemu/target-i386-dm/exec-dm.c
  60.340  ===================================================================
  60.341 ---- ioemu.orig/target-i386-dm/exec-dm.c	2006-12-20 15:21:42.000000000 +0000
  60.342 -+++ ioemu/target-i386-dm/exec-dm.c	2006-12-21 11:32:29.000000000 +0000
  60.343 +--- ioemu.orig/target-i386-dm/exec-dm.c	2007-05-03 15:10:22.000000000 +0100
  60.344 ++++ ioemu/target-i386-dm/exec-dm.c	2007-05-03 15:12:34.000000000 +0100
  60.345  @@ -36,6 +36,7 @@
  60.346   
  60.347   #include "cpu.h"
  60.348 @@ -196,26 +270,14 @@ Index: ioemu/target-i386-dm/exec-dm.c
  60.349   
  60.350   //#define DEBUG_TB_INVALIDATE
  60.351   //#define DEBUG_FLUSH
  60.352 -@@ -127,10 +128,29 @@
  60.353 +@@ -127,10 +128,17 @@
  60.354   FILE *logfile;
  60.355   int loglevel;
  60.356   
  60.357 -+
  60.358 -+#if defined(__i386__) || defined(__x86_64__)
  60.359 -+#define MAPCACHE
  60.360 ++#ifdef MAPCACHE
  60.361 ++pthread_mutex_t mapcache_mutex;
  60.362  +#endif
  60.363  +
  60.364 -+#ifdef MAPCACHE
  60.365 -+#include <pthread.h>
  60.366 -+static pthread_mutex_t mapcache_mutex;
  60.367 -+#define mapcache_lock() pthread_mutex_lock(&mapcache_mutex)
  60.368 -+#define mapcache_unlock() pthread_mutex_unlock(&mapcache_mutex)
  60.369 -+#else 
  60.370 -+#define mapcache_lock() ( (void)0 )
  60.371 -+#define mapcache_unlock() ( (void)0 )
  60.372 -+#endif
  60.373 -+
  60.374 -+
  60.375   void cpu_exec_init(CPUState *env)
  60.376   {
  60.377       CPUState **penv;
  60.378 @@ -226,7 +288,7 @@ Index: ioemu/target-i386-dm/exec-dm.c
  60.379   
  60.380       env->next_cpu = NULL;
  60.381       penv = &first_cpu;
  60.382 -@@ -144,6 +164,14 @@
  60.383 +@@ -144,6 +152,14 @@
  60.384   
  60.385       /* alloc dirty bits array */
  60.386       phys_ram_dirty = qemu_malloc(phys_ram_size >> TARGET_PAGE_BITS);
  60.387 @@ -241,19 +303,28 @@ Index: ioemu/target-i386-dm/exec-dm.c
  60.388   }
  60.389   
  60.390   /* enable or disable low levels log */
  60.391 -@@ -426,19 +454,27 @@
  60.392 - #endif
  60.393 +@@ -409,16 +425,11 @@
  60.394 +         return 0;
  60.395   }
  60.396   
  60.397 +-static inline int paddr_is_ram(target_phys_addr_t addr)
  60.398 +-{
  60.399 +-    /* Is this guest physical address RAM-backed? */
  60.400 +-#if defined(CONFIG_DM) && (defined(__i386__) || defined(__x86_64__))
  60.401 +-    return ((addr < HVM_BELOW_4G_MMIO_START) ||
  60.402 +-            (addr >= HVM_BELOW_4G_MMIO_START + HVM_BELOW_4G_MMIO_LENGTH));
  60.403 +-#else
  60.404 +-    return (addr < ram_size);
  60.405  +#if defined(__i386__) || defined(__x86_64__)
  60.406  +#define phys_ram_addr(x) (qemu_map_cache(x))
  60.407  +#elif defined(__ia64__)
  60.408 -+#define phys_ram_addr(x) (phys_ram_base + (x))
  60.409 -+#endif
  60.410 -+
  60.411 ++#define phys_ram_addr(x) ((addr < ram_size) ? (phys_ram_base + (x)) : NULL)
  60.412 + #endif
  60.413 +-}
  60.414 + 
  60.415   void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf, 
  60.416                               int len, int is_write)
  60.417 - {
  60.418 +@@ -426,13 +437,15 @@
  60.419       int l, io_index;
  60.420       uint8_t *ptr;
  60.421       uint32_t val;
  60.422 @@ -271,12 +342,14 @@ Index: ioemu/target-i386-dm/exec-dm.c
  60.423           io_index = iomem_index(addr);
  60.424           if (is_write) {
  60.425               if (io_index) {
  60.426 -@@ -460,9 +496,10 @@
  60.427 +@@ -452,11 +465,11 @@
  60.428 +                     io_mem_write[io_index][0](io_mem_opaque[io_index], addr, val);
  60.429 +                     l = 1;
  60.430                   }
  60.431 -             } else if (paddr_is_ram(addr)) {
  60.432 +-            } else if (paddr_is_ram(addr)) {
  60.433 ++            } else if ((ptr = phys_ram_addr(addr)) != NULL) {
  60.434                   /* Reading from RAM */
  60.435  -                memcpy(phys_ram_base + addr, buf, l);
  60.436 -+                ptr = phys_ram_addr(addr);
  60.437  +                memcpy(ptr, buf, l);
  60.438   #ifdef __ia64__
  60.439  -                sync_icache((unsigned long)(phys_ram_base + addr), l);
  60.440 @@ -284,17 +357,19 @@ Index: ioemu/target-i386-dm/exec-dm.c
  60.441   #endif 
  60.442               }
  60.443           } else {
  60.444 -@@ -485,7 +522,8 @@
  60.445 +@@ -477,9 +490,9 @@
  60.446 +                     stb_raw(buf, val);
  60.447 +                     l = 1;
  60.448                   }
  60.449 -             } else if (paddr_is_ram(addr)) {
  60.450 +-            } else if (paddr_is_ram(addr)) {
  60.451 ++            } else if ((ptr = phys_ram_addr(addr)) != NULL) {
  60.452                   /* Reading from RAM */
  60.453  -                memcpy(buf, phys_ram_base + addr, l);
  60.454 -+                ptr = phys_ram_addr(addr);
  60.455  +                memcpy(buf, ptr, l);
  60.456               } else {
  60.457                   /* Neither RAM nor known MMIO space */
  60.458                   memset(buf, 0xff, len); 
  60.459 -@@ -495,6 +533,8 @@
  60.460 +@@ -489,6 +502,8 @@
  60.461           buf += l;
  60.462           addr += l;
  60.463       }
  60.464 @@ -305,30 +380,32 @@ Index: ioemu/target-i386-dm/exec-dm.c
  60.465   
  60.466  Index: ioemu/vl.h
  60.467  ===================================================================
  60.468 ---- ioemu.orig/vl.h	2006-12-20 15:21:55.000000000 +0000
  60.469 -+++ ioemu/vl.h	2006-12-20 15:21:56.000000000 +0000
  60.470 -@@ -156,6 +156,26 @@
  60.471 +--- ioemu.orig/vl.h	2007-05-03 15:12:20.000000000 +0100
  60.472 ++++ ioemu/vl.h	2007-05-03 15:12:34.000000000 +0100
  60.473 +@@ -156,6 +156,28 @@
  60.474   
  60.475   extern FILE *logfile;
  60.476   
  60.477  +
  60.478  +#if defined(__i386__) || defined(__x86_64__)
  60.479 -+#if defined(__i386__) 
  60.480 -+#define MAX_MCACHE_SIZE    0x40000000 /* 1GB max for x86 */
  60.481 -+#define MCACHE_BUCKET_SHIFT 16
  60.482 -+#elif defined(__x86_64__)
  60.483 -+#define MAX_MCACHE_SIZE    0x1000000000 /* 64GB max for x86_64 */
  60.484 -+#define MCACHE_BUCKET_SHIFT 20
  60.485 -+#endif
  60.486  +
  60.487 -+#define MCACHE_BUCKET_SIZE (1UL << MCACHE_BUCKET_SHIFT)
  60.488 -+
  60.489 -+struct map_cache {
  60.490 -+    unsigned long paddr_index;
  60.491 -+    uint8_t      *vaddr_base;
  60.492 -+};
  60.493 ++#define MAPCACHE
  60.494  +
  60.495  +uint8_t *qemu_map_cache(target_phys_addr_t phys_addr);
  60.496 ++void     qemu_invalidate_map_cache(void);
  60.497 ++
  60.498 ++#include <pthread.h>
  60.499 ++extern  pthread_mutex_t mapcache_mutex;
  60.500 ++#define mapcache_lock() pthread_mutex_lock(&mapcache_mutex)
  60.501 ++#define mapcache_unlock() pthread_mutex_unlock(&mapcache_mutex)
  60.502 ++
  60.503 ++#else 
  60.504 ++
  60.505 ++#define qemu_invalidate_map_cache() ((void)0)
  60.506 ++
  60.507 ++#define mapcache_lock()   ((void)0)
  60.508 ++#define mapcache_unlock() ((void)0)
  60.509 ++
  60.510  +#endif
  60.511  +
  60.512   extern int xc_handle;
  60.513 @@ -336,8 +413,8 @@ Index: ioemu/vl.h
  60.514   
  60.515  Index: ioemu/target-i386-dm/cpu.h
  60.516  ===================================================================
  60.517 ---- ioemu.orig/target-i386-dm/cpu.h	2006-12-20 15:21:45.000000000 +0000
  60.518 -+++ ioemu/target-i386-dm/cpu.h	2006-12-20 15:21:56.000000000 +0000
  60.519 +--- ioemu.orig/target-i386-dm/cpu.h	2007-05-03 15:10:22.000000000 +0100
  60.520 ++++ ioemu/target-i386-dm/cpu.h	2007-05-03 15:12:21.000000000 +0100
  60.521  @@ -25,7 +25,8 @@
  60.522   #ifdef TARGET_X86_64
  60.523   #define TARGET_LONG_BITS 64
  60.524 @@ -348,3 +425,17 @@ Index: ioemu/target-i386-dm/cpu.h
  60.525   #endif
  60.526   
  60.527   /* target supports implicit self modifying code */
  60.528 +Index: ioemu/target-i386-dm/helper2.c
  60.529 +===================================================================
  60.530 +--- ioemu.orig/target-i386-dm/helper2.c	2007-05-03 15:12:19.000000000 +0100
  60.531 ++++ ioemu/target-i386-dm/helper2.c	2007-05-03 15:12:21.000000000 +0100
  60.532 +@@ -526,6 +526,9 @@
  60.533 +     case IOREQ_TYPE_TIMEOFFSET:
  60.534 +         cpu_ioreq_timeoffset(env, req);
  60.535 +         break;
  60.536 ++    case IOREQ_TYPE_INVALIDATE:
  60.537 ++        qemu_invalidate_map_cache();
  60.538 ++        break;
  60.539 +     default:
  60.540 +         hw_error("Invalid ioreq type 0x%x\n", req->type);
  60.541 +     }
    61.1 --- a/tools/ioemu/patches/xen-mm	Thu May 03 11:22:58 2007 +0100
    61.2 +++ b/tools/ioemu/patches/xen-mm	Thu May 03 15:39:45 2007 +0100
    61.3 @@ -1,7 +1,7 @@
    61.4  Index: ioemu/hw/pc.c
    61.5  ===================================================================
    61.6 ---- ioemu.orig/hw/pc.c	2006-12-08 02:00:38.000000000 +0000
    61.7 -+++ ioemu/hw/pc.c	2006-12-08 02:02:07.000000000 +0000
    61.8 +--- ioemu.orig/hw/pc.c	2007-05-03 09:54:24.000000000 +0100
    61.9 ++++ ioemu/hw/pc.c	2007-05-03 09:56:32.000000000 +0100
   61.10  @@ -646,7 +646,9 @@
   61.11       }
   61.12   
   61.13 @@ -25,9 +25,17 @@ Index: ioemu/hw/pc.c
   61.14       isa_bios_size = bios_size;
   61.15  Index: ioemu/vl.c
   61.16  ===================================================================
   61.17 ---- ioemu.orig/vl.c	2006-12-08 02:00:39.000000000 +0000
   61.18 -+++ ioemu/vl.c	2006-12-08 02:02:28.000000000 +0000
   61.19 -@@ -158,6 +158,8 @@
   61.20 +--- ioemu.orig/vl.c	2007-05-03 09:54:24.000000000 +0100
   61.21 ++++ ioemu/vl.c	2007-05-03 10:04:06.000000000 +0100
   61.22 +@@ -88,6 +88,7 @@
   61.23 + 
   61.24 + #include "exec-all.h"
   61.25 + 
   61.26 ++#include <xen/hvm/params.h>
   61.27 + #define DEFAULT_NETWORK_SCRIPT "/etc/xen/qemu-ifup"
   61.28 + 
   61.29 + //#define DEBUG_UNUSED_IOPORT
   61.30 +@@ -158,6 +159,8 @@
   61.31   int acpi_enabled = 1;
   61.32   int fd_bootchk = 1;
   61.33   
   61.34 @@ -36,17 +44,17 @@ Index: ioemu/vl.c
   61.35   char domain_name[1024] = { 'H','V', 'M', 'X', 'E', 'N', '-'};
   61.36   extern int domid;
   61.37   
   61.38 -@@ -5650,6 +5652,9 @@
   61.39 +@@ -5650,6 +5653,9 @@
   61.40       QEMUMachine *machine;
   61.41       char usb_devices[MAX_USB_CMDLINE][128];
   61.42       int usb_devices_index;
   61.43 -+    unsigned long nr_pages, tmp_nr_pages, shared_page_nr;
   61.44 -+    xen_pfn_t *page_array;
   61.45 ++    unsigned long ioreq_pfn;
   61.46  +    extern void *shared_page;
   61.47 ++    unsigned long nr_pages;
   61.48   
   61.49       char qemu_dm_logfilename[64];
   61.50   
   61.51 -@@ -5917,11 +5922,13 @@
   61.52 +@@ -5921,11 +5927,13 @@
   61.53                   ram_size = atol(optarg) * 1024 * 1024;
   61.54                   if (ram_size <= 0)
   61.55                       help();
   61.56 @@ -60,7 +68,7 @@ Index: ioemu/vl.c
   61.57                   break;
   61.58               case QEMU_OPTION_l:
   61.59                   {
   61.60 -@@ -6133,12 +6140,61 @@
   61.61 +@@ -6137,12 +6145,53 @@
   61.62       /* init the memory */
   61.63       phys_ram_size = ram_size + vga_ram_size + bios_size;
   61.64   
   61.65 @@ -68,45 +76,37 @@ Index: ioemu/vl.c
   61.66  +
   61.67  +    xc_handle = xc_interface_open();
   61.68  +
   61.69 -+    nr_pages = ram_size/PAGE_SIZE;
   61.70 -+    tmp_nr_pages = nr_pages;
   61.71 ++#if defined(__i386__) || defined(__x86_64__)
   61.72  +
   61.73 -+#if defined(__i386__) || defined(__x86_64__)
   61.74 -+    if (ram_size > HVM_BELOW_4G_RAM_END) {
   61.75 -+        tmp_nr_pages += HVM_BELOW_4G_MMIO_LENGTH >> PAGE_SHIFT;
   61.76 -+        shared_page_nr = (HVM_BELOW_4G_RAM_END >> PAGE_SHIFT) - 1;
   61.77 -+    } else
   61.78 -+        shared_page_nr = nr_pages - 1;
   61.79 -+#endif
   61.80 ++    nr_pages = ram_size/PAGE_SIZE;
   61.81  +
   61.82 -+    page_array = (xen_pfn_t *)malloc(tmp_nr_pages * sizeof(xen_pfn_t));
   61.83 ++    page_array = (xen_pfn_t *)malloc(nr_pages * sizeof(xen_pfn_t));
   61.84  +    if (page_array == NULL) {
   61.85  +        fprintf(logfile, "malloc returned error %d\n", errno);
   61.86  +        exit(-1);
   61.87  +    }
   61.88  +
   61.89 -+    for ( i = 0; i < tmp_nr_pages; i++)
   61.90 ++    for ( i = 0; i < nr_pages; i++)
   61.91  +        page_array[i] = i;
   61.92  +
   61.93  +    phys_ram_base = xc_map_foreign_batch(xc_handle, domid,
   61.94  +                                         PROT_READ|PROT_WRITE, page_array,
   61.95 -+                                         tmp_nr_pages);
   61.96 ++                                         nr_pages);
   61.97  +    if (phys_ram_base == NULL) {
   61.98  +        fprintf(logfile, "batch map guest memory returned error %d\n", errno);
   61.99  +        exit(-1);
  61.100  +    }
  61.101  +
  61.102 ++    xc_get_hvm_param(xc_handle, domid, HVM_PARAM_IOREQ_PFN, &ioreq_pfn);
  61.103 ++    fprintf(logfile, "shared page at pfn %lx\n", ioreq_pfn);
  61.104  +    shared_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
  61.105  +                                       PROT_READ|PROT_WRITE,
  61.106 -+                                       page_array[shared_page_nr]);
  61.107 ++                                       page_array[ioreq_pfn]);
  61.108  +    if (shared_page == NULL) {
  61.109  +        fprintf(logfile, "map shared IO page returned error %d\n", errno);
  61.110  +        exit(-1);
  61.111  +    }
  61.112  +
  61.113 -+    fprintf(logfile, "shared page at pfn:%lx, mfn: %"PRIx64"\n",
  61.114 -+            shared_page_nr, (uint64_t)(page_array[shared_page_nr]));
  61.115 -+
  61.116  +    free(page_array);
  61.117  +
  61.118  +#else  /* !CONFIG_DM */
  61.119 @@ -124,8 +124,8 @@ Index: ioemu/vl.c
  61.120       if (cdrom_index >= 0) {
  61.121  Index: ioemu/hw/piix_pci.c
  61.122  ===================================================================
  61.123 ---- ioemu.orig/hw/piix_pci.c	2006-12-08 02:00:36.000000000 +0000
  61.124 -+++ ioemu/hw/piix_pci.c	2006-12-08 02:02:06.000000000 +0000
  61.125 +--- ioemu.orig/hw/piix_pci.c	2007-05-03 09:54:18.000000000 +0100
  61.126 ++++ ioemu/hw/piix_pci.c	2007-05-03 09:56:32.000000000 +0100
  61.127  @@ -399,7 +399,7 @@
  61.128       uint8_t elcr[2];
  61.129   
  61.130 @@ -137,8 +137,8 @@ Index: ioemu/hw/piix_pci.c
  61.131       elcr[0] = 0x00;
  61.132  Index: ioemu/vl.h
  61.133  ===================================================================
  61.134 ---- ioemu.orig/vl.h	2006-12-08 02:00:39.000000000 +0000
  61.135 -+++ ioemu/vl.h	2006-12-08 02:02:07.000000000 +0000
  61.136 +--- ioemu.orig/vl.h	2007-05-03 09:54:24.000000000 +0100
  61.137 ++++ ioemu/vl.h	2007-05-03 09:56:32.000000000 +0100
  61.138  @@ -39,6 +39,7 @@
  61.139   #include <sys/stat.h>
  61.140   #include "xenctrl.h"
    62.1 --- a/tools/ioemu/patches/xen-network	Thu May 03 11:22:58 2007 +0100
    62.2 +++ b/tools/ioemu/patches/xen-network	Thu May 03 15:39:45 2007 +0100
    62.3 @@ -1,16 +1,16 @@
    62.4  Index: ioemu/vl.c
    62.5  ===================================================================
    62.6 ---- ioemu.orig/vl.c	2006-08-06 02:22:01.556312045 +0100
    62.7 -+++ ioemu/vl.c	2006-08-06 02:22:53.925474246 +0100
    62.8 -@@ -89,6 +89,7 @@
    62.9 - #include "exec-all.h"
   62.10 +--- ioemu.orig/vl.c	2007-05-03 10:07:52.000000000 +0100
   62.11 ++++ ioemu/vl.c	2007-05-03 10:07:52.000000000 +0100
   62.12 +@@ -90,6 +90,7 @@
   62.13   
   62.14 + #include <xen/hvm/params.h>
   62.15   #define DEFAULT_NETWORK_SCRIPT "/etc/xen/qemu-ifup"
   62.16  +#define DEFAULT_BRIDGE "xenbr0"
   62.17   
   62.18   //#define DEBUG_UNUSED_IOPORT
   62.19   //#define DEBUG_IOPORT
   62.20 -@@ -3090,11 +3091,11 @@
   62.21 +@@ -3091,11 +3092,11 @@
   62.22   #endif
   62.23   
   62.24   static int net_tap_init(VLANState *vlan, const char *ifname1,
   62.25 @@ -24,7 +24,18 @@ Index: ioemu/vl.c
   62.26       char **parg;
   62.27       char ifname[128];
   62.28   
   62.29 -@@ -3116,6 +3117,7 @@
   62.30 +@@ -3114,9 +3115,18 @@
   62.31 +         pid = fork();
   62.32 +         if (pid >= 0) {
   62.33 +             if (pid == 0) {
   62.34 ++                int open_max = sysconf(_SC_OPEN_MAX), i;
   62.35 ++                for (i = 0; i < open_max; i++)
   62.36 ++                    if (i != STDIN_FILENO &&
   62.37 ++                        i != STDOUT_FILENO &&
   62.38 ++                        i != STDERR_FILENO &&
   62.39 ++                        i != fd)
   62.40 ++                        close(i);
   62.41 ++
   62.42                   parg = args;
   62.43                   *parg++ = (char *)setup_script;
   62.44                   *parg++ = ifname;
   62.45 @@ -32,7 +43,7 @@ Index: ioemu/vl.c
   62.46                   *parg++ = NULL;
   62.47                   execv(setup_script, args);
   62.48                   _exit(1);
   62.49 -@@ -3671,6 +3673,7 @@
   62.50 +@@ -3672,6 +3682,7 @@
   62.51       if (!strcmp(device, "tap")) {
   62.52           char ifname[64];
   62.53           char setup_script[1024];
   62.54 @@ -40,7 +51,7 @@ Index: ioemu/vl.c
   62.55           int fd;
   62.56           if (get_param_value(buf, sizeof(buf), "fd", p) > 0) {
   62.57               fd = strtol(buf, NULL, 0);
   62.58 -@@ -3683,7 +3686,10 @@
   62.59 +@@ -3684,7 +3695,10 @@
   62.60               if (get_param_value(setup_script, sizeof(setup_script), "script", p) == 0) {
   62.61                   pstrcpy(setup_script, sizeof(setup_script), DEFAULT_NETWORK_SCRIPT);
   62.62               }
   62.63 @@ -52,7 +63,7 @@ Index: ioemu/vl.c
   62.64           }
   62.65       } else
   62.66   #endif
   62.67 -@@ -5208,7 +5214,7 @@
   62.68 +@@ -5209,7 +5223,7 @@
   62.69              "-net tap[,vlan=n],ifname=name\n"
   62.70              "                connect the host TAP network interface to VLAN 'n'\n"
   62.71   #else
    63.1 --- a/tools/ioemu/patches/xen-platform-device	Thu May 03 11:22:58 2007 +0100
    63.2 +++ b/tools/ioemu/patches/xen-platform-device	Thu May 03 15:39:45 2007 +0100
    63.3 @@ -3,8 +3,8 @@ will come later.
    63.4  
    63.5  Index: ioemu/Makefile.target
    63.6  ===================================================================
    63.7 ---- ioemu.orig/Makefile.target	2006-12-08 01:41:14.000000000 +0000
    63.8 -+++ ioemu/Makefile.target	2006-12-08 01:41:15.000000000 +0000
    63.9 +--- ioemu.orig/Makefile.target	2007-05-03 15:16:41.000000000 +0100
   63.10 ++++ ioemu/Makefile.target	2007-05-03 15:20:35.000000000 +0100
   63.11  @@ -360,6 +360,7 @@
   63.12   VL_OBJS+= usb-uhci.o
   63.13   VL_OBJS+= piix4acpi.o
   63.14 @@ -15,8 +15,8 @@ Index: ioemu/Makefile.target
   63.15   ifeq ($(TARGET_BASE_ARCH), ppc)
   63.16  Index: ioemu/hw/pc.c
   63.17  ===================================================================
   63.18 ---- ioemu.orig/hw/pc.c	2006-12-08 01:41:13.000000000 +0000
   63.19 -+++ ioemu/hw/pc.c	2006-12-08 01:41:15.000000000 +0000
   63.20 +--- ioemu.orig/hw/pc.c	2007-05-03 15:18:17.000000000 +0100
   63.21 ++++ ioemu/hw/pc.c	2007-05-03 15:20:35.000000000 +0100
   63.22  @@ -823,6 +823,9 @@
   63.23       }
   63.24   #endif /* !CONFIG_DM */
   63.25 @@ -30,8 +30,8 @@ Index: ioemu/hw/pc.c
   63.26  Index: ioemu/hw/xen_platform.c
   63.27  ===================================================================
   63.28  --- /dev/null	1970-01-01 00:00:00.000000000 +0000
   63.29 -+++ ioemu/hw/xen_platform.c	2006-12-08 01:41:15.000000000 +0000
   63.30 -@@ -0,0 +1,144 @@
   63.31 ++++ ioemu/hw/xen_platform.c	2007-05-03 15:18:17.000000000 +0100
   63.32 +@@ -0,0 +1,133 @@
   63.33  +/*
   63.34  + * XEN platform fake pci device, formerly known as the event channel device
   63.35  + * 
   63.36 @@ -63,21 +63,10 @@ Index: ioemu/hw/xen_platform.c
   63.37  +
   63.38  +extern FILE *logfile;
   63.39  +
   63.40 -+static void platform_ioport_write(void *opaque, uint32_t addr, uint32_t val)
   63.41 -+{
   63.42 -+    return;
   63.43 -+}
   63.44 -+
   63.45 -+static uint32_t platform_ioport_read(void *opaque, uint32_t addr)
   63.46 -+{
   63.47 -+    return 0;
   63.48 -+}
   63.49 -+
   63.50  +static void platform_ioport_map(PCIDevice *pci_dev, int region_num,
   63.51  +                                uint32_t addr, uint32_t size, int type)
   63.52  +{
   63.53 -+    register_ioport_write(addr, 16, 4, platform_ioport_write, NULL);
   63.54 -+    register_ioport_read(addr, 16, 1, platform_ioport_read, NULL);
   63.55 ++    /* nothing yet */
   63.56  +}
   63.57  +
   63.58  +static uint32_t platform_mmio_read(void *opaque, target_phys_addr_t addr)
   63.59 @@ -178,15 +167,16 @@ Index: ioemu/hw/xen_platform.c
   63.60  +}
   63.61  Index: ioemu/vl.h
   63.62  ===================================================================
   63.63 ---- ioemu.orig/vl.h	2006-12-08 01:41:14.000000000 +0000
   63.64 -+++ ioemu/vl.h	2006-12-08 01:41:15.000000000 +0000
   63.65 -@@ -1212,6 +1212,9 @@
   63.66 - void xenstore_check_new_media_present(int timeout);
   63.67 - void xenstore_write_vncport(int vnc_display);
   63.68 +--- ioemu.orig/vl.h	2007-05-03 15:18:17.000000000 +0100
   63.69 ++++ ioemu/vl.h	2007-05-03 15:20:39.000000000 +0100
   63.70 +@@ -1220,6 +1220,10 @@
   63.71 + extern long time_offset;
   63.72 + void timeoffset_get(void);
   63.73   
   63.74  +/* xen_platform.c */
   63.75  +void pci_xen_platform_init(PCIBus *bus);
   63.76  +
   63.77 - 
   63.78 ++
   63.79   void kqemu_record_dump(void);
   63.80   
   63.81 + extern char domain_name[];
    64.1 --- a/tools/ioemu/patches/xen-support-buffered-ioreqs	Thu May 03 11:22:58 2007 +0100
    64.2 +++ b/tools/ioemu/patches/xen-support-buffered-ioreqs	Thu May 03 15:39:45 2007 +0100
    64.3 @@ -1,38 +1,37 @@
    64.4  Index: ioemu/vl.c
    64.5  ===================================================================
    64.6 ---- ioemu.orig/vl.c	2006-12-20 15:21:54.000000000 +0000
    64.7 -+++ ioemu/vl.c	2006-12-20 15:21:54.000000000 +0000
    64.8 -@@ -5838,6 +5838,7 @@
    64.9 -     unsigned long nr_pages, tmp_nr_pages, shared_page_nr;
   64.10 -     xen_pfn_t *page_array;
   64.11 +--- ioemu.orig/vl.c	2007-05-03 15:09:21.000000000 +0100
   64.12 ++++ ioemu/vl.c	2007-05-03 15:09:48.000000000 +0100
   64.13 +@@ -5923,6 +5923,7 @@
   64.14 +     int usb_devices_index;
   64.15 +     unsigned long ioreq_pfn;
   64.16       extern void *shared_page;
   64.17  +    extern void *buffered_io_page;
   64.18 +     unsigned long nr_pages;
   64.19   
   64.20       char qemu_dm_logfilename[64];
   64.21 +@@ -6499,6 +6500,16 @@
   64.22 +         exit(-1);
   64.23 +     }
   64.24   
   64.25 -@@ -6422,6 +6423,17 @@
   64.26 -     fprintf(logfile, "shared page at pfn:%lx, mfn: %"PRIx64"\n",
   64.27 -             shared_page_nr, (uint64_t)(page_array[shared_page_nr]));
   64.28 - 
   64.29 ++    xc_get_hvm_param(xc_handle, domid, HVM_PARAM_BUFIOREQ_PFN, &ioreq_pfn);
   64.30 ++    fprintf(logfile, "buffered io page at pfn %lx\n", ioreq_pfn);
   64.31  +    buffered_io_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
   64.32  +                                            PROT_READ|PROT_WRITE,
   64.33 -+                                            page_array[shared_page_nr - 2]);
   64.34 ++                                            page_array[ioreq_pfn]);
   64.35  +    if (buffered_io_page == NULL) {
   64.36  +        fprintf(logfile, "map buffered IO page returned error %d\n", errno);
   64.37  +        exit(-1);
   64.38  +    }
   64.39  +
   64.40 -+    fprintf(logfile, "buffered io page at pfn:%lx, mfn: %"PRIx64"\n",
   64.41 -+            shared_page_nr - 2, (uint64_t)(page_array[shared_page_nr - 2]));
   64.42 -+
   64.43       free(page_array);
   64.44   
   64.45   #elif defined(__ia64__)
   64.46  Index: ioemu/target-i386-dm/helper2.c
   64.47  ===================================================================
   64.48 ---- ioemu.orig/target-i386-dm/helper2.c	2006-12-20 15:21:47.000000000 +0000
   64.49 -+++ ioemu/target-i386-dm/helper2.c	2006-12-20 15:21:54.000000000 +0000
   64.50 -@@ -76,6 +76,10 @@
   64.51 +--- ioemu.orig/target-i386-dm/helper2.c	2007-05-03 15:09:21.000000000 +0100
   64.52 ++++ ioemu/target-i386-dm/helper2.c	2007-05-03 15:10:03.000000000 +0100
   64.53 +@@ -78,6 +78,10 @@
   64.54   
   64.55   shared_iopage_t *shared_page = NULL;
   64.56   
   64.57 @@ -43,7 +42,7 @@ Index: ioemu/target-i386-dm/helper2.c
   64.58   /* the evtchn fd for polling */
   64.59   int xce_handle = -1;
   64.60   
   64.61 -@@ -435,39 +439,71 @@
   64.62 +@@ -489,6 +493,72 @@
   64.63       req->data = tmp1;
   64.64   }
   64.65   
   64.66 @@ -65,12 +64,21 @@ Index: ioemu/target-i386-dm/helper2.c
   64.67  +    case IOREQ_TYPE_ADD:
   64.68  +        cpu_ioreq_add(env, req);
   64.69  +        break;
   64.70 ++    case IOREQ_TYPE_SUB:
   64.71 ++        cpu_ioreq_sub(env, req);
   64.72 ++        break;
   64.73  +    case IOREQ_TYPE_OR:
   64.74  +        cpu_ioreq_or(env, req);
   64.75  +        break;
   64.76  +    case IOREQ_TYPE_XOR:
   64.77  +        cpu_ioreq_xor(env, req);
   64.78  +        break;
   64.79 ++    case IOREQ_TYPE_XCHG:
   64.80 ++        cpu_ioreq_xchg(env, req);
   64.81 ++        break;
   64.82 ++    case IOREQ_TYPE_TIMEOFFSET:
   64.83 ++        cpu_ioreq_timeoffset(env, req);
   64.84 ++        break;
   64.85  +    default:
   64.86  +        hw_error("Invalid ioreq type 0x%x\n", req->type);
   64.87  +    }
   64.88 @@ -106,6 +114,8 @@ Index: ioemu/target-i386-dm/helper2.c
   64.89  +
   64.90   void cpu_handle_ioreq(void *opaque)
   64.91   {
   64.92 +     extern int vm_running;
   64.93 +@@ -496,43 +566,9 @@
   64.94       CPUState *env = opaque;
   64.95       ioreq_t *req = cpu_get_ioreq();
   64.96   
   64.97 @@ -129,12 +139,21 @@ Index: ioemu/target-i386-dm/helper2.c
   64.98  -        case IOREQ_TYPE_ADD:
   64.99  -            cpu_ioreq_add(env, req);
  64.100  -            break;
  64.101 +-        case IOREQ_TYPE_SUB:
  64.102 +-            cpu_ioreq_sub(env, req);
  64.103 +-            break;
  64.104  -        case IOREQ_TYPE_OR:
  64.105  -            cpu_ioreq_or(env, req);
  64.106  -            break;
  64.107  -        case IOREQ_TYPE_XOR:
  64.108  -            cpu_ioreq_xor(env, req);
  64.109  -            break;
  64.110 +-        case IOREQ_TYPE_XCHG:
  64.111 +-            cpu_ioreq_xchg(env, req);
  64.112 +-            break;
  64.113 +-	case IOREQ_TYPE_TIMEOFFSET:
  64.114 +-            cpu_ioreq_timeoffset(env, req);
  64.115 +-            break;
  64.116  -        default:
  64.117  -            hw_error("Invalid ioreq type 0x%x\n", req->type);
  64.118  -        }
  64.119 @@ -142,9 +161,9 @@ Index: ioemu/target-i386-dm/helper2.c
  64.120   
  64.121           if (req->state != STATE_IOREQ_INPROCESS) {
  64.122               fprintf(logfile, "Badness in I/O request ... not in service?!: "
  64.123 -@@ -492,6 +528,10 @@
  64.124 -     CPUState *env = cpu_single_env;
  64.125 +@@ -578,6 +614,10 @@
  64.126       int evtchn_fd = xc_evtchn_fd(xce_handle);
  64.127 +     char qemu_file[20];
  64.128   
  64.129  +    buffered_io_timer = qemu_new_timer(rt_clock, handle_buffered_io,
  64.130  +				       cpu_single_env);
  64.131 @@ -152,4 +171,12 @@ Index: ioemu/target-i386-dm/helper2.c
  64.132  +
  64.133       qemu_set_fd_handler(evtchn_fd, cpu_handle_ioreq, NULL, env);
  64.134   
  64.135 -     while (1) {
  64.136 +     while (!(vm_running && suspend_requested))
  64.137 +@@ -587,6 +627,7 @@
  64.138 +     fprintf(logfile, "device model received suspend signal!\n");
  64.139 + 
  64.140 +     /* Pull all outstanding ioreqs through the system */
  64.141 ++    handle_buffered_io(env);
  64.142 +     main_loop_wait(1); /* For the select() on events */
  64.143 + 
  64.144 +     /* Stop the IDE thread */
    65.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    65.2 +++ b/tools/ioemu/patches/xenstore	Thu May 03 15:39:45 2007 +0100
    65.3 @@ -0,0 +1,197 @@
    65.4 +Index: ioemu/xenstore.c
    65.5 +===================================================================
    65.6 +--- /dev/null	1970-01-01 00:00:00.000000000 +0000
    65.7 ++++ ioemu/xenstore.c	2007-05-03 15:17:52.000000000 +0100
    65.8 +@@ -0,0 +1,139 @@
    65.9 ++/*
   65.10 ++ * This file is subject to the terms and conditions of the GNU General
   65.11 ++ * Public License.  See the file "COPYING" in the main directory of
   65.12 ++ * this archive for more details.
   65.13 ++ *
   65.14 ++ * Copyright (C) 2006 Christian Limpach
   65.15 ++ * Copyright (C) 2006 XenSource Ltd.
   65.16 ++ *
   65.17 ++ */
   65.18 ++
   65.19 ++#include "vl.h"
   65.20 ++
   65.21 ++static struct xs_handle *xsh = NULL;
   65.22 ++
   65.23 ++static int pasprintf(char **buf, const char *fmt, ...)
   65.24 ++{
   65.25 ++    va_list ap;
   65.26 ++    int ret = 0;
   65.27 ++
   65.28 ++    if (*buf)
   65.29 ++        free(*buf);
   65.30 ++    va_start(ap, fmt);
   65.31 ++    if (vasprintf(buf, fmt, ap) == -1) {
   65.32 ++        buf = NULL;
   65.33 ++        ret = -1;
   65.34 ++    }
   65.35 ++    va_end(ap);
   65.36 ++    return ret;
   65.37 ++}
   65.38 ++
   65.39 ++void xenstore_parse_domain_config(int domid)
   65.40 ++{
   65.41 ++    char *path;
   65.42 ++
   65.43 ++    xsh = xs_daemon_open();
   65.44 ++    if (xsh == NULL) {
   65.45 ++        fprintf(logfile, "Could not contact xenstore for domain config\n");
   65.46 ++        return;
   65.47 ++    }
   65.48 ++
   65.49 ++    path = xs_get_domain_path(xsh, domid);
   65.50 ++    if (path == NULL) {
   65.51 ++        fprintf(logfile, "xs_get_domain_path() error\n");
   65.52 ++        goto out;
   65.53 ++    }
   65.54 ++
   65.55 ++ out:
   65.56 ++    free(path);
   65.57 ++    return;
   65.58 ++}
   65.59 ++
   65.60 ++int xenstore_fd(void)
   65.61 ++{
   65.62 ++    if (xsh)
   65.63 ++        return xs_fileno(xsh);
   65.64 ++    return -1;
   65.65 ++}
   65.66 ++
   65.67 ++void xenstore_process_event(void *opaque)
   65.68 ++{
   65.69 ++    char **vec;
   65.70 ++    unsigned int num;
   65.71 ++
   65.72 ++    vec = xs_read_watch(xsh, &num);
   65.73 ++    if (!vec)
   65.74 ++        return;
   65.75 ++
   65.76 ++ out:
   65.77 ++    free(vec);
   65.78 ++}
   65.79 ++
   65.80 ++char *xenstore_vm_read(int domid, char *key, int *len)
   65.81 ++{
   65.82 ++    char *buf = NULL, *path = NULL, *value = NULL;
   65.83 ++
   65.84 ++    if (xsh == NULL)
   65.85 ++        goto out;
   65.86 ++
   65.87 ++    path = xs_get_domain_path(xsh, domid);
   65.88 ++    if (path == NULL) {
   65.89 ++        fprintf(logfile, "xs_get_domain_path(%d): error\n", domid);
   65.90 ++        goto out;
   65.91 ++    }
   65.92 ++
   65.93 ++    pasprintf(&buf, "%s/vm", path);
   65.94 ++    free(path);
   65.95 ++    path = xs_read(xsh, XBT_NULL, buf, NULL);
   65.96 ++    if (path == NULL) {
   65.97 ++        fprintf(logfile, "xs_read(%s): read error\n", buf);
   65.98 ++        goto out;
   65.99 ++    }
  65.100 ++
  65.101 ++    pasprintf(&buf, "%s/%s", path, key);
  65.102 ++    value = xs_read(xsh, XBT_NULL, buf, len);
  65.103 ++    if (value == NULL) {
  65.104 ++        fprintf(logfile, "xs_read(%s): read error\n", buf);
  65.105 ++        goto out;
  65.106 ++    }
  65.107 ++
  65.108 ++ out:
  65.109 ++    free(path);
  65.110 ++    free(buf);
  65.111 ++    return value;
  65.112 ++}
  65.113 ++
  65.114 ++int xenstore_vm_write(int domid, char *key, char *value)
  65.115 ++{
  65.116 ++    char *buf = NULL, *path = NULL;
  65.117 ++    int rc = -1;
  65.118 ++
  65.119 ++    if (xsh == NULL)
  65.120 ++        goto out;
  65.121 ++
  65.122 ++    path = xs_get_domain_path(xsh, domid);
  65.123 ++    if (path == NULL) {
  65.124 ++        fprintf(logfile, "xs_get_domain_path: error\n");
  65.125 ++        goto out;
  65.126 ++    }
  65.127 ++
  65.128 ++    pasprintf(&buf, "%s/vm", path);
  65.129 ++    free(path);
  65.130 ++    path = xs_read(xsh, XBT_NULL, buf, NULL);
  65.131 ++    if (path == NULL) {
  65.132 ++        fprintf(logfile, "xs_read(%s): read error\n", buf);
  65.133 ++        goto out;
  65.134 ++    }
  65.135 ++
  65.136 ++    pasprintf(&buf, "%s/%s", path, key);
  65.137 ++    rc = xs_write(xsh, XBT_NULL, buf, value, strlen(value));
  65.138 ++    if (rc) {
  65.139 ++        fprintf(logfile, "xs_write(%s, %s): write error\n", buf, key);
  65.140 ++        goto out;
  65.141 ++    }
  65.142 ++
  65.143 ++ out:
  65.144 ++    free(path);
  65.145 ++    free(buf);
  65.146 ++    return rc;
  65.147 ++}
  65.148 +Index: ioemu/vl.h
  65.149 +===================================================================
  65.150 +--- ioemu.orig/vl.h	2007-05-03 15:15:40.000000000 +0100
  65.151 ++++ ioemu/vl.h	2007-05-03 15:18:00.000000000 +0100
  65.152 +@@ -1204,6 +1204,12 @@
  65.153 + void readline_start(const char *prompt, int is_password,
  65.154 +                     ReadLineFunc *readline_func, void *opaque);
  65.155 + 
  65.156 ++/* xenstore.c */
  65.157 ++void xenstore_parse_domain_config(int domid);
  65.158 ++
  65.159 ++int xenstore_vm_write(int domid, char *key, char *val);
  65.160 ++char *xenstore_vm_read(int domid, char *key, int *len);
  65.161 ++
  65.162 + void kqemu_record_dump(void);
  65.163 + 
  65.164 + extern char domain_name[];
  65.165 +Index: ioemu/Makefile.target
  65.166 +===================================================================
  65.167 +--- ioemu.orig/Makefile.target	2007-05-03 15:15:39.000000000 +0100
  65.168 ++++ ioemu/Makefile.target	2007-05-03 15:16:41.000000000 +0100
  65.169 +@@ -359,6 +359,7 @@
  65.170 + VL_OBJS+= cirrus_vga.o mixeng.o parallel.o acpi.o piix_pci.o
  65.171 + VL_OBJS+= usb-uhci.o
  65.172 + VL_OBJS+= piix4acpi.o
  65.173 ++VL_OBJS+= xenstore.o
  65.174 + DEFINES += -DHAS_AUDIO
  65.175 + endif
  65.176 + ifeq ($(TARGET_BASE_ARCH), ppc)
  65.177 +Index: ioemu/vl.c
  65.178 +===================================================================
  65.179 +--- ioemu.orig/vl.c	2007-05-03 15:15:40.000000000 +0100
  65.180 ++++ ioemu/vl.c	2007-05-03 15:17:52.000000000 +0100
  65.181 +@@ -6371,6 +6371,10 @@
  65.182 +         }
  65.183 +     }
  65.184 + 
  65.185 ++#ifdef CONFIG_DM
  65.186 ++    xenstore_parse_domain_config(domid);
  65.187 ++#endif /* CONFIG_DM */
  65.188 ++
  65.189 + #ifdef USE_KQEMU
  65.190 +     if (smp_cpus > 1)
  65.191 +         kqemu_allowed = 0;
  65.192 +@@ -6624,6 +6628,8 @@
  65.193 +         }
  65.194 +     }
  65.195 + 
  65.196 ++    qemu_set_fd_handler(xenstore_fd(), xenstore_process_event, NULL, NULL);
  65.197 ++
  65.198 +     machine->init(ram_size, vga_ram_size, boot_device,
  65.199 +                   ds, fd_filename, snapshot,
  65.200 +                   kernel_filename, kernel_cmdline, initrd_filename);
    66.1 --- a/tools/ioemu/patches/xenstore-block-device-config	Thu May 03 11:22:58 2007 +0100
    66.2 +++ b/tools/ioemu/patches/xenstore-block-device-config	Thu May 03 15:39:45 2007 +0100
    66.3 @@ -1,63 +1,37 @@
    66.4 -Index: ioemu/Makefile.target
    66.5 -===================================================================
    66.6 ---- ioemu.orig/Makefile.target	2006-12-20 15:21:51.000000000 +0000
    66.7 -+++ ioemu/Makefile.target	2006-12-20 15:21:53.000000000 +0000
    66.8 -@@ -359,6 +359,7 @@
    66.9 - VL_OBJS+= cirrus_vga.o mixeng.o parallel.o acpi.o piix_pci.o
   66.10 - VL_OBJS+= usb-uhci.o
   66.11 - VL_OBJS+= piix4acpi.o
   66.12 -+VL_OBJS+= xenstore.o
   66.13 - DEFINES += -DHAS_AUDIO
   66.14 - endif
   66.15 - ifeq ($(TARGET_BASE_ARCH), ppc)
   66.16  Index: ioemu/xenstore.c
   66.17  ===================================================================
   66.18 ---- /dev/null	1970-01-01 00:00:00.000000000 +0000
   66.19 -+++ ioemu/xenstore.c	2006-12-20 15:21:53.000000000 +0000
   66.20 -@@ -0,0 +1,187 @@
   66.21 -+/*
   66.22 -+ * This file is subject to the terms and conditions of the GNU General
   66.23 -+ * Public License.  See the file "COPYING" in the main directory of
   66.24 -+ * this archive for more details.
   66.25 -+ *
   66.26 -+ * Copyright (C) 2006 Christian Limpach
   66.27 -+ * Copyright (C) 2006 XenSource Ltd.
   66.28 -+ *
   66.29 -+ */
   66.30 -+
   66.31 -+#include "vl.h"
   66.32 +--- ioemu.orig/xenstore.c	2007-05-03 15:17:52.000000000 +0100
   66.33 ++++ ioemu/xenstore.c	2007-05-03 15:18:05.000000000 +0100
   66.34 +@@ -9,8 +9,15 @@
   66.35 +  */
   66.36 + 
   66.37 + #include "vl.h"
   66.38  +#include "block_int.h"
   66.39 -+
   66.40 -+static struct xs_handle *xsh = NULL;
   66.41 -+static char *hd_filename[MAX_DISKS];
   66.42 ++#include <unistd.h>
   66.43 + 
   66.44 + static struct xs_handle *xsh = NULL;
   66.45 ++static char *media_filename[MAX_DISKS];
   66.46  +static QEMUTimer *insert_timer = NULL;
   66.47  +
   66.48 -+static int pasprintf(char **buf, const char *fmt, ...)
   66.49 -+{
   66.50 -+    va_list ap;
   66.51 -+    int ret = 0;
   66.52 -+
   66.53 -+    if (*buf)
   66.54 -+	free(*buf);
   66.55 -+    va_start(ap, fmt);
   66.56 -+    if (vasprintf(buf, fmt, ap) == -1) {
   66.57 -+	buf = NULL;
   66.58 -+	ret = -1;
   66.59 -+    }
   66.60 -+    va_end(ap);
   66.61 -+    return ret;
   66.62 -+}
   66.63 -+
   66.64 ++#define UWAIT_MAX (30*1000000) /* thirty seconds */
   66.65 ++#define UWAIT     (100000)     /* 1/10th second  */
   66.66 + 
   66.67 + static int pasprintf(char **buf, const char *fmt, ...)
   66.68 + {
   66.69 +@@ -28,9 +35,54 @@
   66.70 +     return ret;
   66.71 + }
   66.72 + 
   66.73  +static void insert_media(void *opaque)
   66.74  +{
   66.75  +    int i;
   66.76  +
   66.77  +    for (i = 0; i < MAX_DISKS; i++) {
   66.78 -+	if (hd_filename[i]) {
   66.79 -+	    do_change(bs_table[i]->device_name, hd_filename[i]);
   66.80 -+	    free(hd_filename[i]);
   66.81 -+	    hd_filename[i] = NULL;
   66.82 -+	}
   66.83 ++        if (media_filename[i] && bs_table[i]) {
   66.84 ++            do_change(bs_table[i]->device_name, media_filename[i]);
   66.85 ++            free(media_filename[i]);
   66.86 ++            media_filename[i] = NULL;
   66.87 ++        }
   66.88  +    }
   66.89  +}
   66.90  +
   66.91 @@ -65,148 +39,176 @@ Index: ioemu/xenstore.c
   66.92  +{
   66.93  +
   66.94  +    if (insert_timer == NULL)
   66.95 -+	insert_timer = qemu_new_timer(rt_clock, insert_media, NULL);
   66.96 ++        insert_timer = qemu_new_timer(rt_clock, insert_media, NULL);
   66.97  +    qemu_mod_timer(insert_timer, qemu_get_clock(rt_clock) + timeout);
   66.98  +}
   66.99  +
  66.100 -+void xenstore_parse_domain_config(int domid)
  66.101 -+{
  66.102 ++static void waitForDevice(char *fn)
  66.103 ++{ 
  66.104 ++    struct stat sbuf;
  66.105 ++    int status;
  66.106 ++    int uwait = UWAIT_MAX;
  66.107 ++
  66.108 ++    do {
  66.109 ++        status = stat(fn, &sbuf);
  66.110 ++        if (!status) break;
  66.111 ++        usleep(UWAIT);
  66.112 ++        uwait -= UWAIT;
  66.113 ++    } while (uwait > 0);
  66.114 ++
  66.115 ++    return;
  66.116 ++}
  66.117 ++
  66.118 + void xenstore_parse_domain_config(int domid)
  66.119 + {
  66.120 +-    char *path;
  66.121  +    char **e = NULL;
  66.122  +    char *buf = NULL, *path;
  66.123 -+    char *bpath = NULL, *dev = NULL, *params = NULL, *type = NULL;
  66.124 ++    char *fpath = NULL, *bpath = NULL,
  66.125 ++        *dev = NULL, *params = NULL, *type = NULL;
  66.126  +    int i;
  66.127  +    unsigned int len, num, hd_index;
  66.128  +
  66.129  +    for(i = 0; i < MAX_DISKS; i++)
  66.130 -+        hd_filename[i] = NULL;
  66.131 -+
  66.132 -+    xsh = xs_daemon_open();
  66.133 -+    if (xsh == NULL) {
  66.134 -+	fprintf(logfile, "Could not contact xenstore for domain config\n");
  66.135 -+	return;
  66.136 -+    }
  66.137 -+
  66.138 -+    path = xs_get_domain_path(xsh, domid);
  66.139 -+    if (path == NULL) {
  66.140 -+        fprintf(logfile, "xs_get_domain_path() error\n");
  66.141 ++        media_filename[i] = NULL;
  66.142 + 
  66.143 +     xsh = xs_daemon_open();
  66.144 +     if (xsh == NULL) {
  66.145 +@@ -44,8 +96,91 @@
  66.146 +         goto out;
  66.147 +     }
  66.148 + 
  66.149 ++    if (pasprintf(&buf, "%s/device/vbd", path) == -1)
  66.150  +        goto out;
  66.151 -+    }
  66.152 -+
  66.153 -+    if (pasprintf(&buf, "%s/device/vbd", path) == -1)
  66.154 -+	goto out;
  66.155  +
  66.156  +    e = xs_directory(xsh, XBT_NULL, buf, &num);
  66.157  +    if (e == NULL)
  66.158 -+	goto out;
  66.159 ++        goto out;
  66.160  +
  66.161  +    for (i = 0; i < num; i++) {
  66.162 -+	/* read the backend path */
  66.163 -+	if (pasprintf(&buf, "%s/device/vbd/%s/backend", path, e[i]) == -1)
  66.164 -+	    continue;
  66.165 -+	free(bpath);
  66.166 ++        /* read the backend path */
  66.167 ++        if (pasprintf(&buf, "%s/device/vbd/%s/backend", path, e[i]) == -1)
  66.168 ++            continue;
  66.169 ++        free(bpath);
  66.170  +        bpath = xs_read(xsh, XBT_NULL, buf, &len);
  66.171 -+	if (bpath == NULL)
  66.172 -+	    continue;
  66.173 -+	/* read the name of the device */
  66.174 -+	if (pasprintf(&buf, "%s/dev", bpath) == -1)
  66.175 -+	    continue;
  66.176 -+	free(dev);
  66.177 -+	dev = xs_read(xsh, XBT_NULL, buf, &len);
  66.178 -+	if (dev == NULL)
  66.179 -+	    continue;
  66.180 -+	if (strncmp(dev, "hd", 2) || strlen(dev) != 3)
  66.181 -+	    continue;
  66.182 -+	hd_index = dev[2] - 'a';
  66.183 -+	if (hd_index >= MAX_DISKS)
  66.184 -+	    continue;
  66.185 -+	/* read the type of the device */
  66.186 -+	if (pasprintf(&buf, "%s/device/vbd/%s/device-type", path, e[i]) == -1)
  66.187 -+	    continue;
  66.188 -+	free(type);
  66.189 -+	type = xs_read(xsh, XBT_NULL, buf, &len);
  66.190 -+	/* read params to get the patch of the image -- read it last
  66.191 -+	 * so that we have its path in buf when setting up the
  66.192 -+	 * watch */
  66.193 -+	if (pasprintf(&buf, "%s/params", bpath) == -1)
  66.194 -+	    continue;
  66.195 -+	free(params);
  66.196 -+	params = xs_read(xsh, XBT_NULL, buf, &len);
  66.197 -+	if (params == NULL)
  66.198 -+	    continue;
  66.199 -+	if (params[0]) {
  66.200 -+	    hd_filename[hd_index] = params;	/* strdup() */
  66.201 -+	    params = NULL;		/* don't free params on re-use */
  66.202 -+	}
  66.203 -+	bs_table[hd_index] = bdrv_new(dev);
  66.204 -+	/* check if it is a cdrom */
  66.205 -+	if (type && !strcmp(type, "cdrom")) {
  66.206 -+	    bdrv_set_type_hint(bs_table[hd_index], BDRV_TYPE_CDROM);
  66.207 -+	    xs_watch(xsh, buf, dev);
  66.208 -+	}
  66.209 -+	if (hd_filename[hd_index]) {
  66.210 -+            if (bdrv_open(bs_table[hd_index], hd_filename[hd_index],
  66.211 -+			  0 /* snapshot */) < 0)
  66.212 ++        if (bpath == NULL)
  66.213 ++            continue;
  66.214 ++        /* read the name of the device */
  66.215 ++        if (pasprintf(&buf, "%s/dev", bpath) == -1)
  66.216 ++            continue;
  66.217 ++        free(dev);
  66.218 ++        dev = xs_read(xsh, XBT_NULL, buf, &len);
  66.219 ++        if (dev == NULL)
  66.220 ++            continue;
  66.221 ++        if (strncmp(dev, "hd", 2) || strlen(dev) != 3)
  66.222 ++            continue;
  66.223 ++        hd_index = dev[2] - 'a';
  66.224 ++        if (hd_index >= MAX_DISKS)
  66.225 ++            continue;
  66.226 ++        /* read the type of the device */
  66.227 ++        if (pasprintf(&buf, "%s/device/vbd/%s/device-type", path, e[i]) == -1)
  66.228 ++            continue;
  66.229 ++        free(type);
  66.230 ++        type = xs_read(xsh, XBT_NULL, buf, &len);
  66.231 ++        if (pasprintf(&buf, "%s/params", bpath) == -1)
  66.232 ++            continue;
  66.233 ++        free(params);
  66.234 ++        params = xs_read(xsh, XBT_NULL, buf, &len);
  66.235 ++        if (params == NULL)
  66.236 ++            continue;
  66.237 ++        /* 
  66.238 ++         * check if device has a phantom vbd; the phantom is hooked
  66.239 ++         * to the frontend device (for ease of cleanup), so lookup 
  66.240 ++         * the frontend device, and see if there is a phantom_vbd
  66.241 ++         * if there is, we will use resolution as the filename
  66.242 ++         */
  66.243 ++        if (pasprintf(&buf, "%s/device/vbd/%s/phantom_vbd", path, e[i]) == -1)
  66.244 ++            continue;
  66.245 ++        free(fpath);
  66.246 ++        fpath = xs_read(xsh, XBT_NULL, buf, &len);
  66.247 ++        if (fpath) {
  66.248 ++            if (pasprintf(&buf, "%s/dev", fpath) == -1)
  66.249 ++                continue;
  66.250 ++            free(params);
  66.251 ++            params = xs_read(xsh, XBT_NULL, buf , &len);
  66.252 ++            if (params) {
  66.253 ++                /* 
  66.254 ++                 * wait for device, on timeout silently fail because we will 
  66.255 ++                 * fail to open below
  66.256 ++                 */
  66.257 ++                waitForDevice(params);
  66.258 ++            }
  66.259 ++        }
  66.260 ++
  66.261 ++        bs_table[hd_index] = bdrv_new(dev);
  66.262 ++        /* check if it is a cdrom */
  66.263 ++        if (type && !strcmp(type, "cdrom")) {
  66.264 ++            bdrv_set_type_hint(bs_table[hd_index], BDRV_TYPE_CDROM);
  66.265 ++            if (pasprintf(&buf, "%s/params", bpath) != -1)
  66.266 ++                xs_watch(xsh, buf, dev);
  66.267 ++        }
  66.268 ++        /* open device now if media present */
  66.269 ++        if (params[0]) {
  66.270 ++            if (bdrv_open(bs_table[hd_index], params, 0 /* snapshot */) < 0)
  66.271  +                fprintf(stderr, "qemu: could not open hard disk image '%s'\n",
  66.272 -+                        hd_filename[hd_index]);
  66.273 -+	}
  66.274 ++                        params);
  66.275 ++        }
  66.276  +    }
  66.277  +
  66.278 -+ out:
  66.279 +  out:
  66.280  +    free(type);
  66.281  +    free(params);
  66.282  +    free(dev);
  66.283  +    free(bpath);
  66.284  +    free(buf);
  66.285 -+    free(path);
  66.286 +     free(path);
  66.287  +    free(e);
  66.288 -+    return;
  66.289 -+}
  66.290 -+
  66.291 -+int xenstore_fd(void)
  66.292 -+{
  66.293 -+    if (xsh)
  66.294 -+	return xs_fileno(xsh);
  66.295 -+    return -1;
  66.296 -+}
  66.297 -+
  66.298 -+void xenstore_process_event(void *opaque)
  66.299 -+{
  66.300 +     return;
  66.301 + }
  66.302 + 
  66.303 +@@ -58,14 +193,35 @@
  66.304 + 
  66.305 + void xenstore_process_event(void *opaque)
  66.306 + {
  66.307 +-    char **vec;
  66.308 +-    unsigned int num;
  66.309  +    char **vec, *image = NULL;
  66.310  +    unsigned int len, num, hd_index;
  66.311 -+
  66.312 -+    vec = xs_read_watch(xsh, &num);
  66.313 -+    if (!vec)
  66.314 -+	return;
  66.315 -+
  66.316 + 
  66.317 +     vec = xs_read_watch(xsh, &num);
  66.318 +     if (!vec)
  66.319 +         return;
  66.320 + 
  66.321  +    if (strncmp(vec[XS_WATCH_TOKEN], "hd", 2) ||
  66.322 -+	strlen(vec[XS_WATCH_TOKEN]) != 3)
  66.323 -+	goto out;
  66.324 ++        strlen(vec[XS_WATCH_TOKEN]) != 3)
  66.325 ++        goto out;
  66.326  +    hd_index = vec[XS_WATCH_TOKEN][2] - 'a';
  66.327  +    image = xs_read(xsh, XBT_NULL, vec[XS_WATCH_PATH], &len);
  66.328  +    if (image == NULL || !strcmp(image, bs_table[hd_index]->filename))
  66.329 -+	goto out;		/* gone or identical */
  66.330 ++        goto out;  /* gone or identical */
  66.331  +
  66.332  +    do_eject(0, vec[XS_WATCH_TOKEN]);
  66.333  +    bs_table[hd_index]->filename[0] = 0;
  66.334 -+    if (hd_filename[hd_index]) {
  66.335 -+	free(hd_filename[hd_index]);
  66.336 -+	hd_filename[hd_index] = NULL;
  66.337 ++    if (media_filename[hd_index]) {
  66.338 ++        free(media_filename[hd_index]);
  66.339 ++        media_filename[hd_index] = NULL;
  66.340  +    }
  66.341  +
  66.342  +    if (image[0]) {
  66.343 -+	hd_filename[hd_index] = strdup(image);
  66.344 -+	xenstore_check_new_media_present(5000);
  66.345 ++        media_filename[hd_index] = strdup(image);
  66.346 ++        xenstore_check_new_media_present(5000);
  66.347  +    }
  66.348  +
  66.349 -+ out:
  66.350 +  out:
  66.351  +    free(image);
  66.352 -+    free(vec);
  66.353 -+}
  66.354 +     free(vec);
  66.355 + }
  66.356 + 
  66.357  Index: ioemu/vl.c
  66.358  ===================================================================
  66.359 ---- ioemu.orig/vl.c	2006-12-20 15:21:52.000000000 +0000
  66.360 -+++ ioemu/vl.c	2006-12-20 15:21:53.000000000 +0000
  66.361 -@@ -5256,9 +5256,11 @@
  66.362 +--- ioemu.orig/vl.c	2007-05-03 15:17:52.000000000 +0100
  66.363 ++++ ioemu/vl.c	2007-05-03 15:18:05.000000000 +0100
  66.364 +@@ -5331,9 +5331,11 @@
  66.365              "Standard options:\n"
  66.366              "-M machine      select emulated machine (-M ? for list)\n"
  66.367              "-fda/-fdb file  use 'file' as floppy disk 0/1 image\n"
  66.368 @@ -218,7 +220,7 @@ Index: ioemu/vl.c
  66.369              "-boot [a|c|d]   boot on floppy (a), hard disk (c) or CD-ROM (d)\n"
  66.370   	   "-snapshot       write to temporary files instead of disk image files\n"
  66.371   #ifdef TARGET_I386
  66.372 -@@ -5386,11 +5388,13 @@
  66.373 +@@ -5460,11 +5462,13 @@
  66.374       QEMU_OPTION_M,
  66.375       QEMU_OPTION_fda,
  66.376       QEMU_OPTION_fdb,
  66.377 @@ -232,7 +234,7 @@ Index: ioemu/vl.c
  66.378       QEMU_OPTION_boot,
  66.379       QEMU_OPTION_snapshot,
  66.380   #ifdef TARGET_I386
  66.381 -@@ -5463,11 +5467,13 @@
  66.382 +@@ -5536,11 +5540,13 @@
  66.383       { "M", HAS_ARG, QEMU_OPTION_M },
  66.384       { "fda", HAS_ARG, QEMU_OPTION_fda },
  66.385       { "fdb", HAS_ARG, QEMU_OPTION_fdb },
  66.386 @@ -246,7 +248,7 @@ Index: ioemu/vl.c
  66.387       { "boot", HAS_ARG, QEMU_OPTION_boot },
  66.388       { "snapshot", 0, QEMU_OPTION_snapshot },
  66.389   #ifdef TARGET_I386
  66.390 -@@ -5801,10 +5807,16 @@
  66.391 +@@ -5882,10 +5888,16 @@
  66.392   #ifdef CONFIG_GDBSTUB
  66.393       int use_gdbstub, gdbstub_port;
  66.394   #endif
  66.395 @@ -265,7 +267,7 @@ Index: ioemu/vl.c
  66.396       const char *kernel_filename, *kernel_cmdline;
  66.397       DisplayState *ds = &display_state;
  66.398       int cyls, heads, secs, translation;
  66.399 -@@ -5865,8 +5877,10 @@
  66.400 +@@ -5946,8 +5958,10 @@
  66.401       initrd_filename = NULL;
  66.402       for(i = 0; i < MAX_FD; i++)
  66.403           fd_filename[i] = NULL;
  66.404 @@ -276,7 +278,7 @@ Index: ioemu/vl.c
  66.405       ram_size = DEFAULT_RAM_SIZE * 1024 * 1024;
  66.406       vga_ram_size = VGA_RAM_SIZE;
  66.407       bios_size = BIOS_SIZE;
  66.408 -@@ -5880,11 +5894,13 @@
  66.409 +@@ -5961,11 +5975,13 @@
  66.410       vncunused = 0;
  66.411       kernel_filename = NULL;
  66.412       kernel_cmdline = "";
  66.413 @@ -289,8 +291,8 @@ Index: ioemu/vl.c
  66.414  +#endif /* !CONFIG_DM */
  66.415       cyls = heads = secs = 0;
  66.416       translation = BIOS_ATA_TRANSLATION_AUTO;
  66.417 -     pstrcpy(monitor_device, sizeof(monitor_device), "vc");
  66.418 -@@ -5919,7 +5935,11 @@
  66.419 +     pstrcpy(monitor_device, sizeof(monitor_device), "null");
  66.420 +@@ -6004,7 +6020,11 @@
  66.421               break;
  66.422           r = argv[optind];
  66.423           if (r[0] != '-') {
  66.424 @@ -302,7 +304,7 @@ Index: ioemu/vl.c
  66.425           } else {
  66.426               const QEMUOption *popt;
  66.427   
  66.428 -@@ -5963,6 +5983,7 @@
  66.429 +@@ -6048,6 +6068,7 @@
  66.430               case QEMU_OPTION_initrd:
  66.431                   initrd_filename = optarg;
  66.432                   break;
  66.433 @@ -310,7 +312,7 @@ Index: ioemu/vl.c
  66.434               case QEMU_OPTION_hda:
  66.435               case QEMU_OPTION_hdb:
  66.436               case QEMU_OPTION_hdc:
  66.437 -@@ -5975,6 +5996,7 @@
  66.438 +@@ -6060,6 +6081,7 @@
  66.439                           cdrom_index = -1;
  66.440                   }
  66.441                   break;
  66.442 @@ -318,7 +320,7 @@ Index: ioemu/vl.c
  66.443               case QEMU_OPTION_snapshot:
  66.444                   snapshot = 1;
  66.445                   break;
  66.446 -@@ -6027,11 +6049,13 @@
  66.447 +@@ -6112,11 +6134,13 @@
  66.448               case QEMU_OPTION_append:
  66.449                   kernel_cmdline = optarg;
  66.450                   break;
  66.451 @@ -332,18 +334,15 @@ Index: ioemu/vl.c
  66.452               case QEMU_OPTION_boot:
  66.453                   boot_device = optarg[0];
  66.454                   if (boot_device != 'a' && 
  66.455 -@@ -6289,12 +6313,18 @@
  66.456 -         }
  66.457 +@@ -6372,6 +6396,7 @@
  66.458       }
  66.459   
  66.460 -+#ifdef CONFIG_DM
  66.461 + #ifdef CONFIG_DM
  66.462  +    bdrv_init();
  66.463 -+    xenstore_parse_domain_config(domid);
  66.464 -+#endif /* CONFIG_DM */
  66.465 -+
  66.466 - #ifdef USE_KQEMU
  66.467 -     if (smp_cpus > 1)
  66.468 -         kqemu_allowed = 0;
  66.469 +     xenstore_parse_domain_config(domid);
  66.470 + #endif /* CONFIG_DM */
  66.471 + 
  66.472 +@@ -6381,6 +6406,7 @@
  66.473   #endif
  66.474       linux_boot = (kernel_filename != NULL);
  66.475           
  66.476 @@ -351,7 +350,7 @@ Index: ioemu/vl.c
  66.477       if (!linux_boot && 
  66.478           hd_filename[0] == '\0' && 
  66.479           (cdrom_index >= 0 && hd_filename[cdrom_index] == '\0') &&
  66.480 -@@ -6308,6 +6338,7 @@
  66.481 +@@ -6394,6 +6420,7 @@
  66.482           else
  66.483               boot_device = 'd';
  66.484       }
  66.485 @@ -359,7 +358,7 @@ Index: ioemu/vl.c
  66.486   
  66.487       setvbuf(stdout, NULL, _IOLBF, 0);
  66.488       
  66.489 -@@ -6433,6 +6464,7 @@
  66.490 +@@ -6514,6 +6541,7 @@
  66.491   
  66.492   #endif /* !CONFIG_DM */
  66.493   
  66.494 @@ -367,7 +366,7 @@ Index: ioemu/vl.c
  66.495       /* we always create the cdrom drive, even if no disk is there */
  66.496       bdrv_init();
  66.497       if (cdrom_index >= 0) {
  66.498 -@@ -6459,6 +6491,7 @@
  66.499 +@@ -6540,6 +6568,7 @@
  66.500               }
  66.501           }
  66.502       }
  66.503 @@ -375,19 +374,10 @@ Index: ioemu/vl.c
  66.504   
  66.505       /* we always create at least one floppy disk */
  66.506       fd_table[0] = bdrv_new("fda");
  66.507 -@@ -6537,6 +6570,8 @@
  66.508 -         }
  66.509 -     }
  66.510 - 
  66.511 -+    qemu_set_fd_handler(xenstore_fd(), xenstore_process_event, NULL, NULL);
  66.512 -+
  66.513 -     machine->init(ram_size, vga_ram_size, boot_device,
  66.514 -                   ds, fd_filename, snapshot,
  66.515 -                   kernel_filename, kernel_cmdline, initrd_filename,
  66.516  Index: ioemu/monitor.c
  66.517  ===================================================================
  66.518 ---- ioemu.orig/monitor.c	2006-12-20 15:21:47.000000000 +0000
  66.519 -+++ ioemu/monitor.c	2006-12-20 15:21:53.000000000 +0000
  66.520 +--- ioemu.orig/monitor.c	2007-05-03 15:17:52.000000000 +0100
  66.521 ++++ ioemu/monitor.c	2007-05-03 15:18:05.000000000 +0100
  66.522  @@ -24,6 +24,7 @@
  66.523   #include "vl.h"
  66.524   #include "disas.h"
  66.525 @@ -416,8 +406,8 @@ Index: ioemu/monitor.c
  66.526       int i;
  66.527  Index: ioemu/block.c
  66.528  ===================================================================
  66.529 ---- ioemu.orig/block.c	2006-12-20 15:21:31.000000000 +0000
  66.530 -+++ ioemu/block.c	2006-12-20 15:21:53.000000000 +0000
  66.531 +--- ioemu.orig/block.c	2007-05-03 15:17:52.000000000 +0100
  66.532 ++++ ioemu/block.c	2007-05-03 15:18:05.000000000 +0100
  66.533  @@ -758,6 +758,7 @@
  66.534   static void raw_close(BlockDriverState *bs)
  66.535   {
  66.536 @@ -428,9 +418,9 @@ Index: ioemu/block.c
  66.537   
  66.538  Index: ioemu/vl.h
  66.539  ===================================================================
  66.540 ---- ioemu.orig/vl.h	2006-12-20 15:21:52.000000000 +0000
  66.541 -+++ ioemu/vl.h	2006-12-20 15:21:53.000000000 +0000
  66.542 -@@ -1191,6 +1191,8 @@
  66.543 +--- ioemu.orig/vl.h	2007-05-03 15:18:00.000000000 +0100
  66.544 ++++ ioemu/vl.h	2007-05-03 15:18:05.000000000 +0100
  66.545 +@@ -1192,6 +1192,8 @@
  66.546   void term_print_help(void);
  66.547   void monitor_readline(const char *prompt, int is_password,
  66.548                         char *buf, int buf_size);
  66.549 @@ -439,25 +429,21 @@ Index: ioemu/vl.h
  66.550   
  66.551   /* readline.c */
  66.552   typedef void ReadLineFunc(void *opaque, const char *str);
  66.553 -@@ -1203,6 +1205,13 @@
  66.554 - void readline_start(const char *prompt, int is_password,
  66.555 -                     ReadLineFunc *readline_func, void *opaque);
  66.556 +@@ -1206,6 +1208,9 @@
  66.557   
  66.558 -+/* xenstore.c */
  66.559 -+void xenstore_parse_domain_config(int domid);
  66.560 + /* xenstore.c */
  66.561 + void xenstore_parse_domain_config(int domid);
  66.562  +int xenstore_fd(void);
  66.563  +void xenstore_process_event(void *opaque);
  66.564  +void xenstore_check_new_media_present(int timeout);
  66.565 -+
  66.566 -+
  66.567 - void kqemu_record_dump(void);
  66.568   
  66.569 - extern char domain_name[];
  66.570 + int xenstore_vm_write(int domid, char *key, char *val);
  66.571 + char *xenstore_vm_read(int domid, char *key, int *len);
  66.572  Index: ioemu/hw/ide.c
  66.573  ===================================================================
  66.574 ---- ioemu.orig/hw/ide.c	2006-12-20 15:21:49.000000000 +0000
  66.575 -+++ ioemu/hw/ide.c	2006-12-20 15:21:53.000000000 +0000
  66.576 -@@ -1158,6 +1158,7 @@
  66.577 +--- ioemu.orig/hw/ide.c	2007-05-03 15:17:52.000000000 +0100
  66.578 ++++ ioemu/hw/ide.c	2007-05-03 15:18:05.000000000 +0100
  66.579 +@@ -1199,6 +1199,7 @@
  66.580           } else {
  66.581               ide_atapi_cmd_error(s, SENSE_NOT_READY, 
  66.582                                   ASC_MEDIUM_NOT_PRESENT);
    67.1 --- a/tools/ioemu/patches/xenstore-device-info-functions	Thu May 03 11:22:58 2007 +0100
    67.2 +++ b/tools/ioemu/patches/xenstore-device-info-functions	Thu May 03 15:39:45 2007 +0100
    67.3 @@ -15,13 +15,12 @@ Signed-off-by: Stefan Berger <stefanb@us
    67.4  
    67.5  Index: ioemu/xenstore.c
    67.6  ===================================================================
    67.7 ---- ioemu.orig/xenstore.c	2006-12-08 18:20:53.000000000 +0000
    67.8 -+++ ioemu/xenstore.c	2006-12-08 18:20:53.000000000 +0000
    67.9 -@@ -264,3 +264,140 @@
   67.10 - 
   67.11 +--- ioemu.orig/xenstore.c	2007-05-03 15:21:22.000000000 +0100
   67.12 ++++ ioemu/xenstore.c	2007-05-03 15:22:05.000000000 +0100
   67.13 +@@ -304,6 +304,143 @@
   67.14       return rc;
   67.15   }
   67.16 -+
   67.17 + 
   67.18  +
   67.19  +/*
   67.20  + * get all device instances of a certain type
   67.21 @@ -38,7 +37,7 @@ Index: ioemu/xenstore.c
   67.22  +        goto out;
   67.23  +
   67.24  +    if (pasprintf(&buf, "%s/device/%s", path,devtype) == -1)
   67.25 -+	goto out;
   67.26 ++        goto out;
   67.27  +
   67.28  +    e = xs_directory(handle, XBT_NULL, buf, num);
   67.29  +
   67.30 @@ -91,13 +90,13 @@ Index: ioemu/xenstore.c
   67.31  +
   67.32  +    buf = get_device_variable_path(devtype, inst, var);
   67.33  +    if (NULL == buf)
   67.34 -+	goto out;
   67.35 ++        goto out;
   67.36  +
   67.37  +    value = xs_read(handle, XBT_NULL, buf, &len);
   67.38  +
   67.39  +    free(buf);
   67.40  +
   67.41 -+out:
   67.42 ++ out:
   67.43  +    return value;
   67.44  +}
   67.45  +
   67.46 @@ -158,11 +157,15 @@ Index: ioemu/xenstore.c
   67.47  +
   67.48  +    return rc;
   67.49  +}
   67.50 ++
   67.51 + char *xenstore_vm_read(int domid, char *key, int *len)
   67.52 + {
   67.53 +     char *buf = NULL, *path = NULL, *value = NULL;
   67.54  Index: ioemu/vl.h
   67.55  ===================================================================
   67.56 ---- ioemu.orig/vl.h	2006-12-08 18:20:53.000000000 +0000
   67.57 -+++ ioemu/vl.h	2006-12-08 18:20:53.000000000 +0000
   67.58 -@@ -1216,6 +1216,25 @@
   67.59 +--- ioemu.orig/vl.h	2007-05-03 15:21:09.000000000 +0100
   67.60 ++++ ioemu/vl.h	2007-05-03 15:21:47.000000000 +0100
   67.61 +@@ -1217,6 +1217,24 @@
   67.62   void xenstore_write_vncport(int vnc_display);
   67.63   int xenstore_read_vncpasswd(int domid);
   67.64   
   67.65 @@ -184,7 +187,6 @@ Index: ioemu/vl.h
   67.66  +                                             const char *inst,
   67.67  +                                             const char *token);
   67.68  +
   67.69 -+
   67.70 - /* xen_platform.c */
   67.71 - void pci_xen_platform_init(PCIBus *bus);
   67.72 + int xenstore_vm_write(int domid, char *key, char *val);
   67.73 + char *xenstore_vm_read(int domid, char *key, int *len);
   67.74   
    68.1 --- a/tools/ioemu/patches/xenstore-write-vnc-port	Thu May 03 11:22:58 2007 +0100
    68.2 +++ b/tools/ioemu/patches/xenstore-write-vnc-port	Thu May 03 15:39:45 2007 +0100
    68.3 @@ -1,19 +1,18 @@
    68.4  Index: ioemu/xenstore.c
    68.5  ===================================================================
    68.6 ---- ioemu.orig/xenstore.c	2006-12-20 15:21:53.000000000 +0000
    68.7 -+++ ioemu/xenstore.c	2006-12-20 15:21:54.000000000 +0000
    68.8 -@@ -185,3 +185,31 @@
    68.9 -     free(image);
   68.10 +--- ioemu.orig/xenstore.c	2007-05-03 15:18:05.000000000 +0100
   68.11 ++++ ioemu/xenstore.c	2007-05-03 15:18:17.000000000 +0100
   68.12 +@@ -225,6 +225,34 @@
   68.13       free(vec);
   68.14   }
   68.15 -+
   68.16 + 
   68.17  +void xenstore_write_vncport(int display)
   68.18  +{
   68.19  +    char *buf = NULL, *path;
   68.20  +    char *portstr = NULL;
   68.21  +
   68.22  +    if (xsh == NULL)
   68.23 -+	return;
   68.24 ++        return;
   68.25  +
   68.26  +    path = xs_get_domain_path(xsh, domid);
   68.27  +    if (path == NULL) {
   68.28 @@ -22,10 +21,10 @@ Index: ioemu/xenstore.c
   68.29  +    }
   68.30  +
   68.31  +    if (pasprintf(&buf, "%s/console/vnc-port", path) == -1)
   68.32 -+	goto out;
   68.33 ++        goto out;
   68.34  +
   68.35  +    if (pasprintf(&portstr, "%d", 5900 + display) == -1)
   68.36 -+	goto out;
   68.37 ++        goto out;
   68.38  +
   68.39  +    if (xs_write(xsh, XBT_NULL, buf, portstr, strlen(portstr)) == 0)
   68.40  +        fprintf(logfile, "xs_write() vncport failed\n");
   68.41 @@ -34,11 +33,15 @@ Index: ioemu/xenstore.c
   68.42  +    free(portstr);
   68.43  +    free(buf);
   68.44  +}
   68.45 ++
   68.46 + char *xenstore_vm_read(int domid, char *key, int *len)
   68.47 + {
   68.48 +     char *buf = NULL, *path = NULL, *value = NULL;
   68.49  Index: ioemu/vl.c
   68.50  ===================================================================
   68.51 ---- ioemu.orig/vl.c	2006-12-20 15:21:53.000000000 +0000
   68.52 -+++ ioemu/vl.c	2006-12-20 15:21:54.000000000 +0000
   68.53 -@@ -6527,6 +6527,7 @@
   68.54 +--- ioemu.orig/vl.c	2007-05-03 15:18:05.000000000 +0100
   68.55 ++++ ioemu/vl.c	2007-05-03 15:18:17.000000000 +0100
   68.56 +@@ -6604,6 +6604,7 @@
   68.57   	vnc_display = vnc_display_init(ds, vnc_display, vncunused, &vnclisten_addr);
   68.58   	if (vncviewer)
   68.59   	    vnc_start_viewer(vnc_display);
   68.60 @@ -48,13 +51,13 @@ Index: ioemu/vl.c
   68.61           sdl_display_init(ds, full_screen);
   68.62  Index: ioemu/vl.h
   68.63  ===================================================================
   68.64 ---- ioemu.orig/vl.h	2006-12-20 15:21:53.000000000 +0000
   68.65 -+++ ioemu/vl.h	2006-12-20 15:21:54.000000000 +0000
   68.66 -@@ -1210,6 +1210,7 @@
   68.67 +--- ioemu.orig/vl.h	2007-05-03 15:18:05.000000000 +0100
   68.68 ++++ ioemu/vl.h	2007-05-03 15:18:17.000000000 +0100
   68.69 +@@ -1211,6 +1211,7 @@
   68.70   int xenstore_fd(void);
   68.71   void xenstore_process_event(void *opaque);
   68.72   void xenstore_check_new_media_present(int timeout);
   68.73  +void xenstore_write_vncport(int vnc_display);
   68.74   
   68.75 - 
   68.76 - void kqemu_record_dump(void);
   68.77 + int xenstore_vm_write(int domid, char *key, char *val);
   68.78 + char *xenstore_vm_read(int domid, char *key, int *len);