1 /*
2 * s390 PCI BUS
3 *
4 * Copyright 2014 IBM Corp.
5 * Author(s): Frank Blaschka <frank.blaschka@de.ibm.com>
6 * Hong Bo Li <lihbbj@cn.ibm.com>
7 * Yi Min Zhao <zyimin@cn.ibm.com>
8 *
9 * This work is licensed under the terms of the GNU GPL, version 2 or (at
10 * your option) any later version. See the COPYING file in the top-level
11 * directory.
12 */
13
14 #include "qemu/osdep.h"
15 #include "qapi/error.h"
16 #include "qapi/visitor.h"
17 #include "hw/s390x/s390-pci-bus.h"
18 #include "hw/s390x/s390-pci-inst.h"
19 #include "hw/s390x/s390-pci-kvm.h"
20 #include "hw/s390x/s390-pci-vfio.h"
21 #include "hw/s390x/s390-virtio-ccw.h"
22 #include "hw/boards.h"
23 #include "hw/pci/pci_bus.h"
24 #include "hw/qdev-properties.h"
25 #include "hw/pci/pci_bridge.h"
26 #include "hw/pci/msi.h"
27 #include "qemu/error-report.h"
28 #include "qemu/module.h"
29 #include "system/reset.h"
30 #include "system/runstate.h"
31
32 #include "trace.h"
33
s390_get_phb(void)34 S390pciState *s390_get_phb(void)
35 {
36 static S390pciState *phb;
37
38 if (!phb) {
39 phb = S390_PCI_HOST_BRIDGE(
40 object_resolve_path(TYPE_S390_PCI_HOST_BRIDGE, NULL));
41 assert(phb != NULL);
42 }
43
44 return phb;
45 }
46
pci_chsc_sei_nt2_get_event(void * res)47 int pci_chsc_sei_nt2_get_event(void *res)
48 {
49 ChscSeiNt2Res *nt2_res = (ChscSeiNt2Res *)res;
50 PciCcdfAvail *accdf;
51 PciCcdfErr *eccdf;
52 int rc = 1;
53 SeiContainer *sei_cont;
54 S390pciState *s = s390_get_phb();
55
56 sei_cont = QTAILQ_FIRST(&s->pending_sei);
57 if (sei_cont) {
58 QTAILQ_REMOVE(&s->pending_sei, sei_cont, link);
59 nt2_res->nt = 2;
60 nt2_res->cc = sei_cont->cc;
61 nt2_res->length = cpu_to_be16(sizeof(ChscSeiNt2Res));
62 switch (sei_cont->cc) {
63 case 1: /* error event */
64 eccdf = (PciCcdfErr *)nt2_res->ccdf;
65 eccdf->fid = cpu_to_be32(sei_cont->fid);
66 eccdf->fh = cpu_to_be32(sei_cont->fh);
67 eccdf->e = cpu_to_be32(sei_cont->e);
68 eccdf->faddr = cpu_to_be64(sei_cont->faddr);
69 eccdf->pec = cpu_to_be16(sei_cont->pec);
70 break;
71 case 2: /* availability event */
72 accdf = (PciCcdfAvail *)nt2_res->ccdf;
73 accdf->fid = cpu_to_be32(sei_cont->fid);
74 accdf->fh = cpu_to_be32(sei_cont->fh);
75 accdf->pec = cpu_to_be16(sei_cont->pec);
76 break;
77 default:
78 abort();
79 }
80 g_free(sei_cont);
81 rc = 0;
82 }
83
84 return rc;
85 }
86
pci_chsc_sei_nt2_have_event(void)87 int pci_chsc_sei_nt2_have_event(void)
88 {
89 S390pciState *s = s390_get_phb();
90
91 return !QTAILQ_EMPTY(&s->pending_sei);
92 }
93
s390_pci_find_next_avail_dev(S390pciState * s,S390PCIBusDevice * pbdev)94 S390PCIBusDevice *s390_pci_find_next_avail_dev(S390pciState *s,
95 S390PCIBusDevice *pbdev)
96 {
97 S390PCIBusDevice *ret = pbdev ? QTAILQ_NEXT(pbdev, link) :
98 QTAILQ_FIRST(&s->zpci_devs);
99
100 while (ret && ret->state == ZPCI_FS_RESERVED) {
101 ret = QTAILQ_NEXT(ret, link);
102 }
103
104 return ret;
105 }
106
s390_pci_find_dev_by_fid(S390pciState * s,uint32_t fid)107 S390PCIBusDevice *s390_pci_find_dev_by_fid(S390pciState *s, uint32_t fid)
108 {
109 S390PCIBusDevice *pbdev;
110
111 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
112 if (pbdev->fid == fid) {
113 return pbdev;
114 }
115 }
116
117 return NULL;
118 }
119
s390_pci_sclp_configure(SCCB * sccb)120 void s390_pci_sclp_configure(SCCB *sccb)
121 {
122 IoaCfgSccb *psccb = (IoaCfgSccb *)sccb;
123 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(s390_get_phb(),
124 be32_to_cpu(psccb->aid));
125 uint16_t rc;
126
127 if (!pbdev) {
128 trace_s390_pci_sclp_nodev("configure", be32_to_cpu(psccb->aid));
129 rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
130 goto out;
131 }
132
133 switch (pbdev->state) {
134 case ZPCI_FS_RESERVED:
135 rc = SCLP_RC_ADAPTER_IN_RESERVED_STATE;
136 break;
137 case ZPCI_FS_STANDBY:
138 pbdev->state = ZPCI_FS_DISABLED;
139 rc = SCLP_RC_NORMAL_COMPLETION;
140 break;
141 default:
142 rc = SCLP_RC_NO_ACTION_REQUIRED;
143 }
144 out:
145 psccb->header.response_code = cpu_to_be16(rc);
146 }
147
s390_pci_shutdown_notifier(Notifier * n,void * opaque)148 static void s390_pci_shutdown_notifier(Notifier *n, void *opaque)
149 {
150 S390PCIBusDevice *pbdev = container_of(n, S390PCIBusDevice,
151 shutdown_notifier);
152
153 pci_device_reset(pbdev->pdev);
154 }
155
s390_pci_perform_unplug(S390PCIBusDevice * pbdev)156 static void s390_pci_perform_unplug(S390PCIBusDevice *pbdev)
157 {
158 HotplugHandler *hotplug_ctrl;
159
160 if (pbdev->pft == ZPCI_PFT_ISM) {
161 notifier_remove(&pbdev->shutdown_notifier);
162 }
163
164 /* Unplug the PCI device */
165 if (pbdev->pdev) {
166 DeviceState *pdev = DEVICE(pbdev->pdev);
167
168 hotplug_ctrl = qdev_get_hotplug_handler(pdev);
169 hotplug_handler_unplug(hotplug_ctrl, pdev, &error_abort);
170 object_unparent(OBJECT(pdev));
171 }
172
173 /* Unplug the zPCI device */
174 hotplug_ctrl = qdev_get_hotplug_handler(DEVICE(pbdev));
175 hotplug_handler_unplug(hotplug_ctrl, DEVICE(pbdev), &error_abort);
176 object_unparent(OBJECT(pbdev));
177 }
178
s390_pci_sclp_deconfigure(SCCB * sccb)179 void s390_pci_sclp_deconfigure(SCCB *sccb)
180 {
181 IoaCfgSccb *psccb = (IoaCfgSccb *)sccb;
182 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(s390_get_phb(),
183 be32_to_cpu(psccb->aid));
184 uint16_t rc;
185
186 if (!pbdev) {
187 trace_s390_pci_sclp_nodev("deconfigure", be32_to_cpu(psccb->aid));
188 rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
189 goto out;
190 }
191
192 switch (pbdev->state) {
193 case ZPCI_FS_RESERVED:
194 rc = SCLP_RC_ADAPTER_IN_RESERVED_STATE;
195 break;
196 case ZPCI_FS_STANDBY:
197 rc = SCLP_RC_NO_ACTION_REQUIRED;
198 break;
199 default:
200 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) {
201 /* Interpreted devices were using interrupt forwarding */
202 s390_pci_kvm_aif_disable(pbdev);
203 } else if (pbdev->summary_ind) {
204 pci_dereg_irqs(pbdev);
205 }
206 if (pbdev->iommu->enabled) {
207 pci_dereg_ioat(pbdev->iommu);
208 }
209 pbdev->state = ZPCI_FS_STANDBY;
210 rc = SCLP_RC_NORMAL_COMPLETION;
211
212 if (pbdev->unplug_requested) {
213 s390_pci_perform_unplug(pbdev);
214 }
215 }
216 out:
217 psccb->header.response_code = cpu_to_be16(rc);
218 }
219
s390_pci_find_dev_by_uid(S390pciState * s,uint16_t uid)220 static S390PCIBusDevice *s390_pci_find_dev_by_uid(S390pciState *s, uint16_t uid)
221 {
222 S390PCIBusDevice *pbdev;
223
224 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
225 if (pbdev->uid == uid) {
226 return pbdev;
227 }
228 }
229
230 return NULL;
231 }
232
s390_pci_find_dev_by_target(S390pciState * s,const char * target)233 S390PCIBusDevice *s390_pci_find_dev_by_target(S390pciState *s,
234 const char *target)
235 {
236 S390PCIBusDevice *pbdev;
237
238 if (!target) {
239 return NULL;
240 }
241
242 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
243 if (!strcmp(pbdev->target, target)) {
244 return pbdev;
245 }
246 }
247
248 return NULL;
249 }
250
s390_pci_find_dev_by_pci(S390pciState * s,PCIDevice * pci_dev)251 static S390PCIBusDevice *s390_pci_find_dev_by_pci(S390pciState *s,
252 PCIDevice *pci_dev)
253 {
254 S390PCIBusDevice *pbdev;
255
256 if (!pci_dev) {
257 return NULL;
258 }
259
260 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
261 if (pbdev->pdev == pci_dev) {
262 return pbdev;
263 }
264 }
265
266 return NULL;
267 }
268
s390_pci_find_dev_by_idx(S390pciState * s,uint32_t idx)269 S390PCIBusDevice *s390_pci_find_dev_by_idx(S390pciState *s, uint32_t idx)
270 {
271 return g_hash_table_lookup(s->zpci_table, &idx);
272 }
273
s390_pci_find_dev_by_fh(S390pciState * s,uint32_t fh)274 S390PCIBusDevice *s390_pci_find_dev_by_fh(S390pciState *s, uint32_t fh)
275 {
276 uint32_t idx = FH_MASK_INDEX & fh;
277 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_idx(s, idx);
278
279 if (pbdev && pbdev->fh == fh) {
280 return pbdev;
281 }
282
283 return NULL;
284 }
285
s390_pci_generate_event(uint8_t cc,uint16_t pec,uint32_t fh,uint32_t fid,uint64_t faddr,uint32_t e)286 static void s390_pci_generate_event(uint8_t cc, uint16_t pec, uint32_t fh,
287 uint32_t fid, uint64_t faddr, uint32_t e)
288 {
289 SeiContainer *sei_cont;
290 S390pciState *s = s390_get_phb();
291
292 sei_cont = g_new0(SeiContainer, 1);
293 sei_cont->fh = fh;
294 sei_cont->fid = fid;
295 sei_cont->cc = cc;
296 sei_cont->pec = pec;
297 sei_cont->faddr = faddr;
298 sei_cont->e = e;
299
300 QTAILQ_INSERT_TAIL(&s->pending_sei, sei_cont, link);
301 css_generate_css_crws(0);
302 }
303
s390_pci_generate_plug_event(uint16_t pec,uint32_t fh,uint32_t fid)304 static void s390_pci_generate_plug_event(uint16_t pec, uint32_t fh,
305 uint32_t fid)
306 {
307 s390_pci_generate_event(2, pec, fh, fid, 0, 0);
308 }
309
s390_pci_generate_error_event(uint16_t pec,uint32_t fh,uint32_t fid,uint64_t faddr,uint32_t e)310 void s390_pci_generate_error_event(uint16_t pec, uint32_t fh, uint32_t fid,
311 uint64_t faddr, uint32_t e)
312 {
313 s390_pci_generate_event(1, pec, fh, fid, faddr, e);
314 }
315
s390_pci_set_irq(void * opaque,int irq,int level)316 static void s390_pci_set_irq(void *opaque, int irq, int level)
317 {
318 /* nothing to do */
319 }
320
s390_pci_map_irq(PCIDevice * pci_dev,int irq_num)321 static int s390_pci_map_irq(PCIDevice *pci_dev, int irq_num)
322 {
323 /* nothing to do */
324 return 0;
325 }
326
s390_pci_get_table_origin(uint64_t iota)327 static uint64_t s390_pci_get_table_origin(uint64_t iota)
328 {
329 return iota & ~ZPCI_IOTA_RTTO_FLAG;
330 }
331
calc_rtx(dma_addr_t ptr)332 static unsigned int calc_rtx(dma_addr_t ptr)
333 {
334 return ((unsigned long) ptr >> ZPCI_RT_SHIFT) & ZPCI_INDEX_MASK;
335 }
336
calc_sx(dma_addr_t ptr)337 static unsigned int calc_sx(dma_addr_t ptr)
338 {
339 return ((unsigned long) ptr >> ZPCI_ST_SHIFT) & ZPCI_INDEX_MASK;
340 }
341
calc_px(dma_addr_t ptr)342 static unsigned int calc_px(dma_addr_t ptr)
343 {
344 return ((unsigned long) ptr >> TARGET_PAGE_BITS) & ZPCI_PT_MASK;
345 }
346
get_rt_sto(uint64_t entry)347 static uint64_t get_rt_sto(uint64_t entry)
348 {
349 return ((entry & ZPCI_TABLE_TYPE_MASK) == ZPCI_TABLE_TYPE_RTX)
350 ? (entry & ZPCI_RTE_ADDR_MASK)
351 : 0;
352 }
353
get_st_pto(uint64_t entry)354 static uint64_t get_st_pto(uint64_t entry)
355 {
356 return ((entry & ZPCI_TABLE_TYPE_MASK) == ZPCI_TABLE_TYPE_SX)
357 ? (entry & ZPCI_STE_ADDR_MASK)
358 : 0;
359 }
360
rt_entry_isvalid(uint64_t entry)361 static bool rt_entry_isvalid(uint64_t entry)
362 {
363 return (entry & ZPCI_TABLE_VALID_MASK) == ZPCI_TABLE_VALID;
364 }
365
pt_entry_isvalid(uint64_t entry)366 static bool pt_entry_isvalid(uint64_t entry)
367 {
368 return (entry & ZPCI_PTE_VALID_MASK) == ZPCI_PTE_VALID;
369 }
370
entry_isprotected(uint64_t entry)371 static bool entry_isprotected(uint64_t entry)
372 {
373 return (entry & ZPCI_TABLE_PROT_MASK) == ZPCI_TABLE_PROTECTED;
374 }
375
376 /* ett is expected table type, -1 page table, 0 segment table, 1 region table */
get_table_index(uint64_t iova,int8_t ett)377 static uint64_t get_table_index(uint64_t iova, int8_t ett)
378 {
379 switch (ett) {
380 case ZPCI_ETT_PT:
381 return calc_px(iova);
382 case ZPCI_ETT_ST:
383 return calc_sx(iova);
384 case ZPCI_ETT_RT:
385 return calc_rtx(iova);
386 }
387
388 return -1;
389 }
390
entry_isvalid(uint64_t entry,int8_t ett)391 static bool entry_isvalid(uint64_t entry, int8_t ett)
392 {
393 switch (ett) {
394 case ZPCI_ETT_PT:
395 return pt_entry_isvalid(entry);
396 case ZPCI_ETT_ST:
397 case ZPCI_ETT_RT:
398 return rt_entry_isvalid(entry);
399 }
400
401 return false;
402 }
403
404 /* Return true if address translation is done */
translate_iscomplete(uint64_t entry,int8_t ett)405 static bool translate_iscomplete(uint64_t entry, int8_t ett)
406 {
407 switch (ett) {
408 case 0:
409 return (entry & ZPCI_TABLE_FC) ? true : false;
410 case 1:
411 return false;
412 }
413
414 return true;
415 }
416
get_frame_size(int8_t ett)417 static uint64_t get_frame_size(int8_t ett)
418 {
419 switch (ett) {
420 case ZPCI_ETT_PT:
421 return 1ULL << 12;
422 case ZPCI_ETT_ST:
423 return 1ULL << 20;
424 case ZPCI_ETT_RT:
425 return 1ULL << 31;
426 }
427
428 return 0;
429 }
430
get_next_table_origin(uint64_t entry,int8_t ett)431 static uint64_t get_next_table_origin(uint64_t entry, int8_t ett)
432 {
433 switch (ett) {
434 case ZPCI_ETT_PT:
435 return entry & ZPCI_PTE_ADDR_MASK;
436 case ZPCI_ETT_ST:
437 return get_st_pto(entry);
438 case ZPCI_ETT_RT:
439 return get_rt_sto(entry);
440 }
441
442 return 0;
443 }
444
445 /**
446 * table_translate: do translation within one table and return the following
447 * table origin
448 *
449 * @entry: the entry being translated, the result is stored in this.
450 * @to: the address of table origin.
451 * @ett: expected table type, 1 region table, 0 segment table and -1 page table.
452 * @error: error code
453 */
table_translate(S390IOTLBEntry * entry,uint64_t to,int8_t ett,uint16_t * error)454 static uint64_t table_translate(S390IOTLBEntry *entry, uint64_t to, int8_t ett,
455 uint16_t *error)
456 {
457 uint64_t tx, te, nto = 0;
458 uint16_t err = 0;
459
460 tx = get_table_index(entry->iova, ett);
461 te = address_space_ldq(&address_space_memory, to + tx * sizeof(uint64_t),
462 MEMTXATTRS_UNSPECIFIED, NULL);
463
464 if (!te) {
465 err = ERR_EVENT_INVALTE;
466 goto out;
467 }
468
469 if (!entry_isvalid(te, ett)) {
470 entry->perm &= IOMMU_NONE;
471 goto out;
472 }
473
474 if (ett == ZPCI_ETT_RT && ((te & ZPCI_TABLE_LEN_RTX) != ZPCI_TABLE_LEN_RTX
475 || te & ZPCI_TABLE_OFFSET_MASK)) {
476 err = ERR_EVENT_INVALTL;
477 goto out;
478 }
479
480 nto = get_next_table_origin(te, ett);
481 if (!nto) {
482 err = ERR_EVENT_TT;
483 goto out;
484 }
485
486 if (entry_isprotected(te)) {
487 entry->perm &= IOMMU_RO;
488 } else {
489 entry->perm &= IOMMU_RW;
490 }
491
492 if (translate_iscomplete(te, ett)) {
493 switch (ett) {
494 case ZPCI_ETT_PT:
495 entry->translated_addr = te & ZPCI_PTE_ADDR_MASK;
496 break;
497 case ZPCI_ETT_ST:
498 entry->translated_addr = (te & ZPCI_SFAA_MASK) |
499 (entry->iova & ~ZPCI_SFAA_MASK);
500 break;
501 }
502 nto = 0;
503 }
504 out:
505 if (err) {
506 entry->perm = IOMMU_NONE;
507 *error = err;
508 }
509 entry->len = get_frame_size(ett);
510 return nto;
511 }
512
s390_guest_io_table_walk(uint64_t g_iota,hwaddr addr,S390IOTLBEntry * entry)513 uint16_t s390_guest_io_table_walk(uint64_t g_iota, hwaddr addr,
514 S390IOTLBEntry *entry)
515 {
516 uint64_t to = s390_pci_get_table_origin(g_iota);
517 int8_t ett = 1;
518 uint16_t error = 0;
519
520 entry->iova = addr & TARGET_PAGE_MASK;
521 entry->translated_addr = 0;
522 entry->perm = IOMMU_RW;
523
524 if (entry_isprotected(g_iota)) {
525 entry->perm &= IOMMU_RO;
526 }
527
528 while (to) {
529 to = table_translate(entry, to, ett--, &error);
530 }
531
532 return error;
533 }
534
s390_translate_iommu(IOMMUMemoryRegion * mr,hwaddr addr,IOMMUAccessFlags flag,int iommu_idx)535 static IOMMUTLBEntry s390_translate_iommu(IOMMUMemoryRegion *mr, hwaddr addr,
536 IOMMUAccessFlags flag, int iommu_idx)
537 {
538 S390PCIIOMMU *iommu = container_of(mr, S390PCIIOMMU, iommu_mr);
539 S390IOTLBEntry *entry;
540 uint64_t iova = addr & TARGET_PAGE_MASK;
541 uint16_t error = 0;
542 IOMMUTLBEntry ret = {
543 .target_as = &address_space_memory,
544 .iova = 0,
545 .translated_addr = 0,
546 .addr_mask = ~(hwaddr)0,
547 .perm = IOMMU_NONE,
548 };
549
550 switch (iommu->pbdev->state) {
551 case ZPCI_FS_ENABLED:
552 case ZPCI_FS_BLOCKED:
553 if (!iommu->enabled) {
554 return ret;
555 }
556 break;
557 default:
558 return ret;
559 }
560
561 trace_s390_pci_iommu_xlate(addr);
562
563 if (addr < iommu->pba || addr > iommu->pal) {
564 error = ERR_EVENT_OORANGE;
565 goto err;
566 }
567
568 entry = g_hash_table_lookup(iommu->iotlb, &iova);
569 if (entry) {
570 ret.iova = entry->iova;
571 ret.translated_addr = entry->translated_addr;
572 ret.addr_mask = entry->len - 1;
573 ret.perm = entry->perm;
574 } else {
575 ret.iova = iova;
576 ret.addr_mask = ~TARGET_PAGE_MASK;
577 ret.perm = IOMMU_NONE;
578 }
579
580 if (flag != IOMMU_NONE && !(flag & ret.perm)) {
581 error = ERR_EVENT_TPROTE;
582 }
583 err:
584 if (error) {
585 iommu->pbdev->state = ZPCI_FS_ERROR;
586 s390_pci_generate_error_event(error, iommu->pbdev->fh,
587 iommu->pbdev->fid, addr, 0);
588 }
589 return ret;
590 }
591
s390_pci_iommu_replay(IOMMUMemoryRegion * iommu,IOMMUNotifier * notifier)592 static void s390_pci_iommu_replay(IOMMUMemoryRegion *iommu,
593 IOMMUNotifier *notifier)
594 {
595 /* It's impossible to plug a pci device on s390x that already has iommu
596 * mappings which need to be replayed, that is due to the "one iommu per
597 * zpci device" construct. But when we support migration of vfio-pci
598 * devices in future, we need to revisit this.
599 */
600 return;
601 }
602
s390_pci_get_iommu(S390pciState * s,PCIBus * bus,int devfn)603 static S390PCIIOMMU *s390_pci_get_iommu(S390pciState *s, PCIBus *bus,
604 int devfn)
605 {
606 uint64_t key = (uintptr_t)bus;
607 S390PCIIOMMUTable *table = g_hash_table_lookup(s->iommu_table, &key);
608 S390PCIIOMMU *iommu;
609
610 if (!table) {
611 table = g_new0(S390PCIIOMMUTable, 1);
612 table->key = key;
613 g_hash_table_insert(s->iommu_table, &table->key, table);
614 }
615
616 iommu = table->iommu[PCI_SLOT(devfn)];
617 if (!iommu) {
618 iommu = S390_PCI_IOMMU(object_new(TYPE_S390_PCI_IOMMU));
619
620 char *mr_name = g_strdup_printf("iommu-root-%02x:%02x.%01x",
621 pci_bus_num(bus),
622 PCI_SLOT(devfn),
623 PCI_FUNC(devfn));
624 char *as_name = g_strdup_printf("iommu-pci-%02x:%02x.%01x",
625 pci_bus_num(bus),
626 PCI_SLOT(devfn),
627 PCI_FUNC(devfn));
628 memory_region_init(&iommu->mr, OBJECT(iommu), mr_name, UINT64_MAX);
629 address_space_init(&iommu->as, &iommu->mr, as_name);
630 iommu->iotlb = g_hash_table_new_full(g_int64_hash, g_int64_equal,
631 NULL, g_free);
632 table->iommu[PCI_SLOT(devfn)] = iommu;
633
634 g_free(mr_name);
635 g_free(as_name);
636 }
637
638 return iommu;
639 }
640
s390_pci_dma_iommu(PCIBus * bus,void * opaque,int devfn)641 static AddressSpace *s390_pci_dma_iommu(PCIBus *bus, void *opaque, int devfn)
642 {
643 S390pciState *s = opaque;
644 S390PCIIOMMU *iommu = s390_pci_get_iommu(s, bus, devfn);
645
646 return &iommu->as;
647 }
648
649 static const PCIIOMMUOps s390_iommu_ops = {
650 .get_address_space = s390_pci_dma_iommu,
651 };
652
set_ind_atomic(uint64_t ind_loc,uint8_t to_be_set)653 static uint8_t set_ind_atomic(uint64_t ind_loc, uint8_t to_be_set)
654 {
655 uint8_t expected, actual;
656 hwaddr len = 1;
657 /* avoid multiple fetches */
658 uint8_t volatile *ind_addr;
659
660 ind_addr = cpu_physical_memory_map(ind_loc, &len, true);
661 if (!ind_addr) {
662 s390_pci_generate_error_event(ERR_EVENT_AIRERR, 0, 0, 0, 0);
663 return -1;
664 }
665 actual = *ind_addr;
666 do {
667 expected = actual;
668 actual = qatomic_cmpxchg(ind_addr, expected, expected | to_be_set);
669 } while (actual != expected);
670 cpu_physical_memory_unmap((void *)ind_addr, len, 1, len);
671
672 return actual;
673 }
674
s390_msi_ctrl_write(void * opaque,hwaddr addr,uint64_t data,unsigned int size)675 static void s390_msi_ctrl_write(void *opaque, hwaddr addr, uint64_t data,
676 unsigned int size)
677 {
678 S390PCIBusDevice *pbdev = opaque;
679 uint32_t vec = data & ZPCI_MSI_VEC_MASK;
680 uint64_t ind_bit;
681 uint32_t sum_bit;
682
683 assert(pbdev);
684
685 trace_s390_pci_msi_ctrl_write(data, pbdev->idx, vec);
686
687 if (pbdev->state != ZPCI_FS_ENABLED) {
688 return;
689 }
690
691 ind_bit = pbdev->routes.adapter.ind_offset;
692 sum_bit = pbdev->routes.adapter.summary_offset;
693
694 set_ind_atomic(pbdev->routes.adapter.ind_addr + (ind_bit + vec) / 8,
695 0x80 >> ((ind_bit + vec) % 8));
696 if (!set_ind_atomic(pbdev->routes.adapter.summary_addr + sum_bit / 8,
697 0x80 >> (sum_bit % 8))) {
698 css_adapter_interrupt(CSS_IO_ADAPTER_PCI, pbdev->isc);
699 }
700 }
701
s390_msi_ctrl_read(void * opaque,hwaddr addr,unsigned size)702 static uint64_t s390_msi_ctrl_read(void *opaque, hwaddr addr, unsigned size)
703 {
704 return 0xffffffff;
705 }
706
707 static const MemoryRegionOps s390_msi_ctrl_ops = {
708 .write = s390_msi_ctrl_write,
709 .read = s390_msi_ctrl_read,
710 .endianness = DEVICE_LITTLE_ENDIAN,
711 };
712
s390_pci_iommu_enable(S390PCIIOMMU * iommu)713 void s390_pci_iommu_enable(S390PCIIOMMU *iommu)
714 {
715 /*
716 * The iommu region is initialized against a 0-mapped address space,
717 * so the smallest IOMMU region we can define runs from 0 to the end
718 * of the PCI address space.
719 */
720 char *name = g_strdup_printf("iommu-s390-%04x", iommu->pbdev->uid);
721 memory_region_init_iommu(&iommu->iommu_mr, sizeof(iommu->iommu_mr),
722 TYPE_S390_IOMMU_MEMORY_REGION, OBJECT(&iommu->mr),
723 name, iommu->pal + 1);
724 iommu->enabled = true;
725 memory_region_add_subregion(&iommu->mr, 0, MEMORY_REGION(&iommu->iommu_mr));
726 g_free(name);
727 }
728
s390_pci_iommu_direct_map_enable(S390PCIIOMMU * iommu)729 void s390_pci_iommu_direct_map_enable(S390PCIIOMMU *iommu)
730 {
731 MachineState *ms = MACHINE(qdev_get_machine());
732 S390CcwMachineState *s390ms = S390_CCW_MACHINE(ms);
733
734 /*
735 * For direct-mapping we must map the entire guest address space. Rather
736 * than using an iommu, create a memory region alias that maps GPA X to
737 * IOVA X + SDMA. VFIO will handle pinning via its memory listener.
738 */
739 g_autofree char *name = g_strdup_printf("iommu-dm-s390-%04x",
740 iommu->pbdev->uid);
741
742 iommu->dm_mr = g_malloc0(sizeof(*iommu->dm_mr));
743 memory_region_init_alias(iommu->dm_mr, OBJECT(&iommu->mr), name,
744 get_system_memory(), 0,
745 s390_get_memory_limit(s390ms));
746 iommu->enabled = true;
747 memory_region_add_subregion(&iommu->mr, iommu->pbdev->zpci_fn.sdma,
748 iommu->dm_mr);
749 }
750
s390_pci_iommu_disable(S390PCIIOMMU * iommu)751 void s390_pci_iommu_disable(S390PCIIOMMU *iommu)
752 {
753 iommu->enabled = false;
754 g_hash_table_remove_all(iommu->iotlb);
755 if (iommu->dm_mr) {
756 memory_region_del_subregion(&iommu->mr, iommu->dm_mr);
757 object_unparent(OBJECT(iommu->dm_mr));
758 g_free(iommu->dm_mr);
759 iommu->dm_mr = NULL;
760 } else {
761 memory_region_del_subregion(&iommu->mr,
762 MEMORY_REGION(&iommu->iommu_mr));
763 object_unparent(OBJECT(&iommu->iommu_mr));
764 }
765 }
766
s390_pci_iommu_free(S390pciState * s,PCIBus * bus,int32_t devfn)767 static void s390_pci_iommu_free(S390pciState *s, PCIBus *bus, int32_t devfn)
768 {
769 uint64_t key = (uintptr_t)bus;
770 S390PCIIOMMUTable *table = g_hash_table_lookup(s->iommu_table, &key);
771 S390PCIIOMMU *iommu = table ? table->iommu[PCI_SLOT(devfn)] : NULL;
772
773 if (!table || !iommu) {
774 return;
775 }
776
777 table->iommu[PCI_SLOT(devfn)] = NULL;
778 g_hash_table_destroy(iommu->iotlb);
779 /*
780 * An attached PCI device may have memory listeners, eg. VFIO PCI.
781 * The associated subregion will already have been unmapped in
782 * s390_pci_iommu_disable in response to the guest deconfigure request.
783 * Remove the listeners now before destroying the address space.
784 */
785 address_space_remove_listeners(&iommu->as);
786 address_space_destroy(&iommu->as);
787 object_unparent(OBJECT(&iommu->mr));
788 object_unparent(OBJECT(iommu));
789 object_unref(OBJECT(iommu));
790 }
791
s390_group_create(int id,int host_id)792 S390PCIGroup *s390_group_create(int id, int host_id)
793 {
794 S390PCIGroup *group;
795 S390pciState *s = s390_get_phb();
796
797 group = g_new0(S390PCIGroup, 1);
798 group->id = id;
799 group->host_id = host_id;
800 QTAILQ_INSERT_TAIL(&s->zpci_groups, group, link);
801 return group;
802 }
803
s390_group_find(int id)804 S390PCIGroup *s390_group_find(int id)
805 {
806 S390PCIGroup *group;
807 S390pciState *s = s390_get_phb();
808
809 QTAILQ_FOREACH(group, &s->zpci_groups, link) {
810 if (group->id == id) {
811 return group;
812 }
813 }
814 return NULL;
815 }
816
s390_group_find_host_sim(int host_id)817 S390PCIGroup *s390_group_find_host_sim(int host_id)
818 {
819 S390PCIGroup *group;
820 S390pciState *s = s390_get_phb();
821
822 QTAILQ_FOREACH(group, &s->zpci_groups, link) {
823 if (group->id >= ZPCI_SIM_GRP_START && group->host_id == host_id) {
824 return group;
825 }
826 }
827 return NULL;
828 }
829
s390_pci_init_default_group(void)830 static void s390_pci_init_default_group(void)
831 {
832 S390PCIGroup *group;
833 ClpRspQueryPciGrp *resgrp;
834
835 group = s390_group_create(ZPCI_DEFAULT_FN_GRP, ZPCI_DEFAULT_FN_GRP);
836 resgrp = &group->zpci_group;
837 resgrp->fr = 1;
838 resgrp->dasm = 0;
839 resgrp->msia = ZPCI_MSI_ADDR;
840 resgrp->mui = DEFAULT_MUI;
841 resgrp->i = 128;
842 resgrp->maxstbl = 128;
843 resgrp->version = 0;
844 resgrp->dtsm = ZPCI_DTSM;
845 }
846
set_pbdev_info(S390PCIBusDevice * pbdev)847 static void set_pbdev_info(S390PCIBusDevice *pbdev)
848 {
849 pbdev->zpci_fn.sdma = ZPCI_SDMA_ADDR;
850 pbdev->zpci_fn.edma = ZPCI_EDMA_ADDR;
851 pbdev->zpci_fn.pchid = 0;
852 pbdev->zpci_fn.pfgid = ZPCI_DEFAULT_FN_GRP;
853 pbdev->zpci_fn.fid = pbdev->fid;
854 pbdev->zpci_fn.uid = pbdev->uid;
855 pbdev->pci_group = s390_group_find(ZPCI_DEFAULT_FN_GRP);
856 }
857
s390_pcihost_realize(DeviceState * dev,Error ** errp)858 static void s390_pcihost_realize(DeviceState *dev, Error **errp)
859 {
860 PCIBus *b;
861 BusState *bus;
862 PCIHostState *phb = PCI_HOST_BRIDGE(dev);
863 S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
864
865 trace_s390_pcihost("realize");
866
867 b = pci_register_root_bus(dev, NULL, s390_pci_set_irq, s390_pci_map_irq,
868 NULL, get_system_memory(), get_system_io(), 0,
869 64, TYPE_PCI_BUS);
870 pci_setup_iommu(b, &s390_iommu_ops, s);
871
872 bus = BUS(b);
873 qbus_set_hotplug_handler(bus, OBJECT(dev));
874 phb->bus = b;
875
876 s->bus = S390_PCI_BUS(qbus_new(TYPE_S390_PCI_BUS, dev, NULL));
877 qbus_set_hotplug_handler(BUS(s->bus), OBJECT(dev));
878
879 s->iommu_table = g_hash_table_new_full(g_int64_hash, g_int64_equal,
880 NULL, g_free);
881 s->zpci_table = g_hash_table_new_full(g_int_hash, g_int_equal, NULL, NULL);
882 s->bus_no = 0;
883 s->next_sim_grp = ZPCI_SIM_GRP_START;
884 QTAILQ_INIT(&s->pending_sei);
885 QTAILQ_INIT(&s->zpci_devs);
886 QTAILQ_INIT(&s->zpci_dma_limit);
887 QTAILQ_INIT(&s->zpci_groups);
888
889 s390_pci_init_default_group();
890 css_register_io_adapters(CSS_IO_ADAPTER_PCI, true, false,
891 S390_ADAPTER_SUPPRESSIBLE, errp);
892 }
893
s390_pcihost_unrealize(DeviceState * dev)894 static void s390_pcihost_unrealize(DeviceState *dev)
895 {
896 S390PCIGroup *group;
897 S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
898
899 while (!QTAILQ_EMPTY(&s->zpci_groups)) {
900 group = QTAILQ_FIRST(&s->zpci_groups);
901 QTAILQ_REMOVE(&s->zpci_groups, group, link);
902 }
903 }
904
s390_pci_msix_init(S390PCIBusDevice * pbdev)905 static int s390_pci_msix_init(S390PCIBusDevice *pbdev)
906 {
907 char *name;
908 uint8_t pos;
909 uint16_t ctrl;
910 uint32_t table, pba;
911
912 pos = pci_find_capability(pbdev->pdev, PCI_CAP_ID_MSIX);
913 if (!pos) {
914 return -1;
915 }
916
917 ctrl = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_FLAGS,
918 pci_config_size(pbdev->pdev), sizeof(ctrl));
919 table = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_TABLE,
920 pci_config_size(pbdev->pdev), sizeof(table));
921 pba = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_PBA,
922 pci_config_size(pbdev->pdev), sizeof(pba));
923
924 pbdev->msix.table_bar = table & PCI_MSIX_FLAGS_BIRMASK;
925 pbdev->msix.table_offset = table & ~PCI_MSIX_FLAGS_BIRMASK;
926 pbdev->msix.pba_bar = pba & PCI_MSIX_FLAGS_BIRMASK;
927 pbdev->msix.pba_offset = pba & ~PCI_MSIX_FLAGS_BIRMASK;
928 pbdev->msix.entries = (ctrl & PCI_MSIX_FLAGS_QSIZE) + 1;
929
930 name = g_strdup_printf("msix-s390-%04x", pbdev->uid);
931 memory_region_init_io(&pbdev->msix_notify_mr, OBJECT(pbdev),
932 &s390_msi_ctrl_ops, pbdev, name, TARGET_PAGE_SIZE);
933 memory_region_add_subregion(&pbdev->iommu->mr,
934 pbdev->pci_group->zpci_group.msia,
935 &pbdev->msix_notify_mr);
936 g_free(name);
937
938 return 0;
939 }
940
s390_pci_msix_free(S390PCIBusDevice * pbdev)941 static void s390_pci_msix_free(S390PCIBusDevice *pbdev)
942 {
943 if (pbdev->msix.entries == 0) {
944 return;
945 }
946
947 memory_region_del_subregion(&pbdev->iommu->mr, &pbdev->msix_notify_mr);
948 object_unparent(OBJECT(&pbdev->msix_notify_mr));
949 }
950
s390_pci_device_new(S390pciState * s,const char * target,Error ** errp)951 static S390PCIBusDevice *s390_pci_device_new(S390pciState *s,
952 const char *target, Error **errp)
953 {
954 Error *local_err = NULL;
955 DeviceState *dev;
956
957 dev = qdev_try_new(TYPE_S390_PCI_DEVICE);
958 if (!dev) {
959 error_setg(errp, "zPCI device could not be created");
960 return NULL;
961 }
962
963 if (!object_property_set_str(OBJECT(dev), "target", target, &local_err)) {
964 object_unparent(OBJECT(dev));
965 error_propagate_prepend(errp, local_err,
966 "zPCI device could not be created: ");
967 return NULL;
968 }
969 if (!qdev_realize_and_unref(dev, BUS(s->bus), &local_err)) {
970 object_unparent(OBJECT(dev));
971 error_propagate_prepend(errp, local_err,
972 "zPCI device could not be created: ");
973 return NULL;
974 }
975
976 return S390_PCI_DEVICE(dev);
977 }
978
s390_pci_alloc_idx(S390pciState * s,S390PCIBusDevice * pbdev)979 static bool s390_pci_alloc_idx(S390pciState *s, S390PCIBusDevice *pbdev)
980 {
981 uint32_t idx;
982
983 idx = s->next_idx;
984 while (s390_pci_find_dev_by_idx(s, idx)) {
985 idx = (idx + 1) & FH_MASK_INDEX;
986 if (idx == s->next_idx) {
987 return false;
988 }
989 }
990
991 pbdev->idx = idx;
992 return true;
993 }
994
s390_pcihost_pre_plug(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)995 static void s390_pcihost_pre_plug(HotplugHandler *hotplug_dev, DeviceState *dev,
996 Error **errp)
997 {
998 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
999
1000 if (!s390_has_feat(S390_FEAT_ZPCI)) {
1001 warn_report("Plugging a PCI/zPCI device without the 'zpci' CPU "
1002 "feature enabled; the guest will not be able to see/use "
1003 "this device");
1004 }
1005
1006 if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1007 S390PCIBusDevice *pbdev = S390_PCI_DEVICE(dev);
1008
1009 if (!s390_pci_alloc_idx(s, pbdev)) {
1010 error_setg(errp, "no slot for plugging zpci device");
1011 return;
1012 }
1013 }
1014 }
1015
s390_pci_update_subordinate(PCIDevice * dev,uint32_t nr)1016 static void s390_pci_update_subordinate(PCIDevice *dev, uint32_t nr)
1017 {
1018 uint32_t old_nr;
1019
1020 pci_default_write_config(dev, PCI_SUBORDINATE_BUS, nr, 1);
1021 while (!pci_bus_is_root(pci_get_bus(dev))) {
1022 dev = pci_get_bus(dev)->parent_dev;
1023
1024 old_nr = pci_default_read_config(dev, PCI_SUBORDINATE_BUS, 1);
1025 if (old_nr < nr) {
1026 pci_default_write_config(dev, PCI_SUBORDINATE_BUS, nr, 1);
1027 }
1028 }
1029 }
1030
s390_pci_interp_plug(S390pciState * s,S390PCIBusDevice * pbdev)1031 static int s390_pci_interp_plug(S390pciState *s, S390PCIBusDevice *pbdev)
1032 {
1033 uint32_t idx, fh;
1034
1035 if (!s390_pci_get_host_fh(pbdev, &fh)) {
1036 return -EPERM;
1037 }
1038
1039 /*
1040 * The host device is already in an enabled state, but we always present
1041 * the initial device state to the guest as disabled (ZPCI_FS_DISABLED).
1042 * Therefore, mask off the enable bit from the passthrough handle until
1043 * the guest issues a CLP SET PCI FN later to enable the device.
1044 */
1045 pbdev->fh = fh & ~FH_MASK_ENABLE;
1046
1047 /* Next, see if the idx is already in-use */
1048 idx = pbdev->fh & FH_MASK_INDEX;
1049 if (pbdev->idx != idx) {
1050 if (s390_pci_find_dev_by_idx(s, idx)) {
1051 return -EINVAL;
1052 }
1053 /*
1054 * Update the idx entry with the passed through idx
1055 * If the relinquished idx is lower than next_idx, use it
1056 * to replace next_idx
1057 */
1058 g_hash_table_remove(s->zpci_table, &pbdev->idx);
1059 if (idx < s->next_idx) {
1060 s->next_idx = idx;
1061 }
1062 pbdev->idx = idx;
1063 g_hash_table_insert(s->zpci_table, &pbdev->idx, pbdev);
1064 }
1065
1066 return 0;
1067 }
1068
s390_pcihost_plug(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)1069 static void s390_pcihost_plug(HotplugHandler *hotplug_dev, DeviceState *dev,
1070 Error **errp)
1071 {
1072 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
1073 PCIDevice *pdev = NULL;
1074 S390PCIBusDevice *pbdev = NULL;
1075 int rc;
1076
1077 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_BRIDGE)) {
1078 PCIBridge *pb = PCI_BRIDGE(dev);
1079
1080 pdev = PCI_DEVICE(dev);
1081 pci_bridge_map_irq(pb, dev->id, s390_pci_map_irq);
1082 pci_setup_iommu(&pb->sec_bus, &s390_iommu_ops, s);
1083
1084 qbus_set_hotplug_handler(BUS(&pb->sec_bus), OBJECT(s));
1085
1086 if (dev->hotplugged) {
1087 pci_default_write_config(pdev, PCI_PRIMARY_BUS,
1088 pci_dev_bus_num(pdev), 1);
1089 s->bus_no += 1;
1090 pci_default_write_config(pdev, PCI_SECONDARY_BUS, s->bus_no, 1);
1091
1092 s390_pci_update_subordinate(pdev, s->bus_no);
1093 }
1094 } else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
1095 pdev = PCI_DEVICE(dev);
1096
1097 /*
1098 * Multifunction is not supported due to the lack of CLP. However,
1099 * do not check for multifunction capability for SR-IOV devices because
1100 * SR-IOV devices automatically add the multifunction capability whether
1101 * the user intends to use the functions other than the PF.
1102 */
1103 if (pdev->cap_present & QEMU_PCI_CAP_MULTIFUNCTION &&
1104 !pdev->exp.sriov_cap) {
1105 error_setg(errp, "multifunction not supported in s390");
1106 return;
1107 }
1108
1109 if (!dev->id) {
1110 /* In the case the PCI device does not define an id */
1111 /* we generate one based on the PCI address */
1112 dev->id = g_strdup_printf("auto_%02x:%02x.%01x",
1113 pci_dev_bus_num(pdev),
1114 PCI_SLOT(pdev->devfn),
1115 PCI_FUNC(pdev->devfn));
1116 }
1117
1118 pbdev = s390_pci_find_dev_by_target(s, dev->id);
1119 if (!pbdev) {
1120 /*
1121 * VFs are automatically created by PF, and creating zpci for them
1122 * will result in unexpected usage of fids. Currently QEMU does not
1123 * support multifunction for s390x so we don't need zpci for VFs
1124 * anyway.
1125 */
1126 if (pci_is_vf(pdev)) {
1127 return;
1128 }
1129
1130 pbdev = s390_pci_device_new(s, dev->id, errp);
1131 if (!pbdev) {
1132 return;
1133 }
1134 }
1135
1136 pbdev->pdev = pdev;
1137 pbdev->iommu = s390_pci_get_iommu(s, pci_get_bus(pdev), pdev->devfn);
1138 pbdev->iommu->pbdev = pbdev;
1139 pbdev->state = ZPCI_FS_DISABLED;
1140 set_pbdev_info(pbdev);
1141
1142 if (object_dynamic_cast(OBJECT(dev), "vfio-pci")) {
1143 /*
1144 * By default, interpretation is always requested; if the available
1145 * facilities indicate it is not available, fallback to the
1146 * interception model.
1147 */
1148 if (pbdev->interp) {
1149 if (s390_pci_kvm_interp_allowed()) {
1150 rc = s390_pci_interp_plug(s, pbdev);
1151 if (rc) {
1152 error_setg(errp, "Plug failed for zPCI device in "
1153 "interpretation mode: %d", rc);
1154 return;
1155 }
1156 } else {
1157 trace_s390_pcihost("zPCI interpretation missing");
1158 pbdev->interp = false;
1159 pbdev->forwarding_assist = false;
1160 }
1161 }
1162 pbdev->iommu->dma_limit = s390_pci_start_dma_count(s, pbdev);
1163 /* Fill in CLP information passed via the vfio region */
1164 s390_pci_get_clp_info(pbdev);
1165 if (!pbdev->interp) {
1166 /* Do vfio passthrough but intercept for I/O */
1167 pbdev->fh |= FH_SHM_VFIO;
1168 pbdev->forwarding_assist = false;
1169 }
1170 /* Register shutdown notifier and reset callback for ISM devices */
1171 if (pbdev->pft == ZPCI_PFT_ISM) {
1172 pbdev->shutdown_notifier.notify = s390_pci_shutdown_notifier;
1173 qemu_register_shutdown_notifier(&pbdev->shutdown_notifier);
1174 }
1175 } else {
1176 pbdev->fh |= FH_SHM_EMUL;
1177 /* Always intercept emulated devices */
1178 pbdev->interp = false;
1179 pbdev->forwarding_assist = false;
1180 pbdev->rtr_avail = false;
1181 }
1182
1183 if (s390_pci_msix_init(pbdev) && !pbdev->interp) {
1184 error_setg(errp, "MSI-X support is mandatory "
1185 "in the S390 architecture");
1186 return;
1187 }
1188
1189 if (dev->hotplugged) {
1190 s390_pci_generate_plug_event(HP_EVENT_TO_CONFIGURED ,
1191 pbdev->fh, pbdev->fid);
1192 }
1193 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1194 pbdev = S390_PCI_DEVICE(dev);
1195
1196 /* the allocated idx is actually getting used */
1197 s->next_idx = (pbdev->idx + 1) & FH_MASK_INDEX;
1198 pbdev->fh = pbdev->idx;
1199 QTAILQ_INSERT_TAIL(&s->zpci_devs, pbdev, link);
1200 g_hash_table_insert(s->zpci_table, &pbdev->idx, pbdev);
1201 } else {
1202 g_assert_not_reached();
1203 }
1204 }
1205
s390_pcihost_unplug(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)1206 static void s390_pcihost_unplug(HotplugHandler *hotplug_dev, DeviceState *dev,
1207 Error **errp)
1208 {
1209 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
1210 S390PCIBusDevice *pbdev = NULL;
1211
1212 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
1213 PCIDevice *pci_dev = PCI_DEVICE(dev);
1214 PCIBus *bus;
1215 int32_t devfn;
1216
1217 pbdev = s390_pci_find_dev_by_pci(s, PCI_DEVICE(dev));
1218 if (!pbdev) {
1219 g_assert(pci_is_vf(pci_dev));
1220 return;
1221 }
1222
1223 s390_pci_generate_plug_event(HP_EVENT_STANDBY_TO_RESERVED,
1224 pbdev->fh, pbdev->fid);
1225 bus = pci_get_bus(pci_dev);
1226 devfn = pci_dev->devfn;
1227 qdev_unrealize(dev);
1228
1229 s390_pci_msix_free(pbdev);
1230 s390_pci_iommu_free(s, bus, devfn);
1231 pbdev->pdev = NULL;
1232 pbdev->state = ZPCI_FS_RESERVED;
1233 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1234 pbdev = S390_PCI_DEVICE(dev);
1235 pbdev->fid = 0;
1236 QTAILQ_REMOVE(&s->zpci_devs, pbdev, link);
1237 g_hash_table_remove(s->zpci_table, &pbdev->idx);
1238 if (pbdev->iommu->dma_limit) {
1239 s390_pci_end_dma_count(s, pbdev->iommu->dma_limit);
1240 }
1241 qdev_unrealize(dev);
1242 }
1243 }
1244
s390_pcihost_unplug_request(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)1245 static void s390_pcihost_unplug_request(HotplugHandler *hotplug_dev,
1246 DeviceState *dev,
1247 Error **errp)
1248 {
1249 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
1250 S390PCIBusDevice *pbdev;
1251
1252 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_BRIDGE)) {
1253 error_setg(errp, "PCI bridge hot unplug currently not supported");
1254 } else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
1255 /*
1256 * Redirect the unplug request to the zPCI device and remember that
1257 * we've checked the PCI device already (to prevent endless recursion).
1258 */
1259 pbdev = s390_pci_find_dev_by_pci(s, PCI_DEVICE(dev));
1260 if (!pbdev) {
1261 g_assert(pci_is_vf(PCI_DEVICE(dev)));
1262 return;
1263 }
1264
1265 pbdev->pci_unplug_request_processed = true;
1266 qdev_unplug(DEVICE(pbdev), errp);
1267 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1268 pbdev = S390_PCI_DEVICE(dev);
1269
1270 /*
1271 * If unplug was initially requested for the zPCI device, we
1272 * first have to redirect to the PCI device, which will in return
1273 * redirect back to us after performing its checks (if the request
1274 * is not blocked, e.g. because it's a PCI bridge).
1275 */
1276 if (pbdev->pdev && !pbdev->pci_unplug_request_processed) {
1277 qdev_unplug(DEVICE(pbdev->pdev), errp);
1278 return;
1279 }
1280 pbdev->pci_unplug_request_processed = false;
1281
1282 switch (pbdev->state) {
1283 case ZPCI_FS_STANDBY:
1284 case ZPCI_FS_RESERVED:
1285 s390_pci_perform_unplug(pbdev);
1286 break;
1287 default:
1288 /*
1289 * Allow to send multiple requests, e.g. if the guest crashed
1290 * before releasing the device, we would not be able to send
1291 * another request to the same VM (e.g. fresh OS).
1292 */
1293 pbdev->unplug_requested = true;
1294 s390_pci_generate_plug_event(HP_EVENT_DECONFIGURE_REQUEST,
1295 pbdev->fh, pbdev->fid);
1296 }
1297 } else {
1298 g_assert_not_reached();
1299 }
1300 }
1301
s390_pci_enumerate_bridge(PCIBus * bus,PCIDevice * pdev,void * opaque)1302 static void s390_pci_enumerate_bridge(PCIBus *bus, PCIDevice *pdev,
1303 void *opaque)
1304 {
1305 S390pciState *s = opaque;
1306 PCIBus *sec_bus = NULL;
1307
1308 if ((pci_default_read_config(pdev, PCI_HEADER_TYPE, 1) !=
1309 PCI_HEADER_TYPE_BRIDGE)) {
1310 return;
1311 }
1312
1313 (s->bus_no)++;
1314 pci_default_write_config(pdev, PCI_PRIMARY_BUS, pci_dev_bus_num(pdev), 1);
1315 pci_default_write_config(pdev, PCI_SECONDARY_BUS, s->bus_no, 1);
1316 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, s->bus_no, 1);
1317
1318 sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(pdev));
1319 if (!sec_bus) {
1320 return;
1321 }
1322
1323 /* Assign numbers to all child bridges. The last is the highest number. */
1324 pci_for_each_device_under_bus(sec_bus, s390_pci_enumerate_bridge, s);
1325 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, s->bus_no, 1);
1326 }
1327
s390_pci_ism_reset(void)1328 void s390_pci_ism_reset(void)
1329 {
1330 S390pciState *s = s390_get_phb();
1331
1332 S390PCIBusDevice *pbdev, *next;
1333
1334 /* Trigger reset event for each passthrough ISM device currently in-use */
1335 QTAILQ_FOREACH_SAFE(pbdev, &s->zpci_devs, link, next) {
1336 if (pbdev->interp && pbdev->pft == ZPCI_PFT_ISM &&
1337 pbdev->fh & FH_MASK_ENABLE) {
1338 s390_pci_kvm_aif_disable(pbdev);
1339
1340 pci_device_reset(pbdev->pdev);
1341 }
1342 }
1343 }
1344
s390_pcihost_reset(DeviceState * dev)1345 static void s390_pcihost_reset(DeviceState *dev)
1346 {
1347 S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
1348 PCIBus *bus = s->parent_obj.bus;
1349 S390PCIBusDevice *pbdev, *next;
1350
1351 /* Process all pending unplug requests */
1352 QTAILQ_FOREACH_SAFE(pbdev, &s->zpci_devs, link, next) {
1353 if (pbdev->unplug_requested) {
1354 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) {
1355 /* Interpreted devices were using interrupt forwarding */
1356 s390_pci_kvm_aif_disable(pbdev);
1357 } else if (pbdev->summary_ind) {
1358 pci_dereg_irqs(pbdev);
1359 }
1360 if (pbdev->iommu->enabled) {
1361 pci_dereg_ioat(pbdev->iommu);
1362 }
1363 pbdev->state = ZPCI_FS_STANDBY;
1364 s390_pci_perform_unplug(pbdev);
1365 }
1366 }
1367
1368 /*
1369 * When resetting a PCI bridge, the assigned numbers are set to 0. So
1370 * on every system reset, we also have to reassign numbers.
1371 */
1372 s->bus_no = 0;
1373 pci_for_each_device_under_bus(bus, s390_pci_enumerate_bridge, s);
1374 }
1375
s390_pcihost_class_init(ObjectClass * klass,void * data)1376 static void s390_pcihost_class_init(ObjectClass *klass, void *data)
1377 {
1378 DeviceClass *dc = DEVICE_CLASS(klass);
1379 HotplugHandlerClass *hc = HOTPLUG_HANDLER_CLASS(klass);
1380
1381 device_class_set_legacy_reset(dc, s390_pcihost_reset);
1382 dc->realize = s390_pcihost_realize;
1383 dc->unrealize = s390_pcihost_unrealize;
1384 hc->pre_plug = s390_pcihost_pre_plug;
1385 hc->plug = s390_pcihost_plug;
1386 hc->unplug_request = s390_pcihost_unplug_request;
1387 hc->unplug = s390_pcihost_unplug;
1388 msi_nonbroken = true;
1389 }
1390
1391 static const TypeInfo s390_pcihost_info = {
1392 .name = TYPE_S390_PCI_HOST_BRIDGE,
1393 .parent = TYPE_PCI_HOST_BRIDGE,
1394 .instance_size = sizeof(S390pciState),
1395 .class_init = s390_pcihost_class_init,
1396 .interfaces = (InterfaceInfo[]) {
1397 { TYPE_HOTPLUG_HANDLER },
1398 { }
1399 }
1400 };
1401
1402 static const TypeInfo s390_pcibus_info = {
1403 .name = TYPE_S390_PCI_BUS,
1404 .parent = TYPE_BUS,
1405 .instance_size = sizeof(S390PCIBus),
1406 };
1407
s390_pci_generate_uid(S390pciState * s)1408 static uint16_t s390_pci_generate_uid(S390pciState *s)
1409 {
1410 uint16_t uid = 0;
1411
1412 do {
1413 uid++;
1414 if (!s390_pci_find_dev_by_uid(s, uid)) {
1415 return uid;
1416 }
1417 } while (uid < ZPCI_MAX_UID);
1418
1419 return UID_UNDEFINED;
1420 }
1421
s390_pci_generate_fid(S390pciState * s,Error ** errp)1422 static uint32_t s390_pci_generate_fid(S390pciState *s, Error **errp)
1423 {
1424 uint32_t fid = 0;
1425
1426 do {
1427 if (!s390_pci_find_dev_by_fid(s, fid)) {
1428 return fid;
1429 }
1430 } while (fid++ != ZPCI_MAX_FID);
1431
1432 error_setg(errp, "no free fid could be found");
1433 return 0;
1434 }
1435
s390_pci_device_realize(DeviceState * dev,Error ** errp)1436 static void s390_pci_device_realize(DeviceState *dev, Error **errp)
1437 {
1438 S390PCIBusDevice *zpci = S390_PCI_DEVICE(dev);
1439 S390pciState *s = s390_get_phb();
1440
1441 if (!zpci->target) {
1442 error_setg(errp, "target must be defined");
1443 return;
1444 }
1445
1446 if (s390_pci_find_dev_by_target(s, zpci->target)) {
1447 error_setg(errp, "target %s already has an associated zpci device",
1448 zpci->target);
1449 return;
1450 }
1451
1452 if (zpci->uid == UID_UNDEFINED) {
1453 zpci->uid = s390_pci_generate_uid(s);
1454 if (!zpci->uid) {
1455 error_setg(errp, "no free uid could be found");
1456 return;
1457 }
1458 } else if (s390_pci_find_dev_by_uid(s, zpci->uid)) {
1459 error_setg(errp, "uid %u already in use", zpci->uid);
1460 return;
1461 }
1462
1463 if (!zpci->fid_defined) {
1464 Error *local_error = NULL;
1465
1466 zpci->fid = s390_pci_generate_fid(s, &local_error);
1467 if (local_error) {
1468 error_propagate(errp, local_error);
1469 return;
1470 }
1471 } else if (s390_pci_find_dev_by_fid(s, zpci->fid)) {
1472 error_setg(errp, "fid %u already in use", zpci->fid);
1473 return;
1474 }
1475
1476 zpci->state = ZPCI_FS_RESERVED;
1477 zpci->fmb.format = ZPCI_FMB_FORMAT;
1478 }
1479
s390_pci_device_reset(DeviceState * dev)1480 static void s390_pci_device_reset(DeviceState *dev)
1481 {
1482 S390PCIBusDevice *pbdev = S390_PCI_DEVICE(dev);
1483
1484 switch (pbdev->state) {
1485 case ZPCI_FS_RESERVED:
1486 return;
1487 case ZPCI_FS_STANDBY:
1488 break;
1489 default:
1490 pbdev->fh &= ~FH_MASK_ENABLE;
1491 pbdev->state = ZPCI_FS_DISABLED;
1492 break;
1493 }
1494
1495 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) {
1496 /* Interpreted devices were using interrupt forwarding */
1497 s390_pci_kvm_aif_disable(pbdev);
1498 } else if (pbdev->summary_ind) {
1499 pci_dereg_irqs(pbdev);
1500 }
1501 if (pbdev->iommu->enabled) {
1502 pci_dereg_ioat(pbdev->iommu);
1503 }
1504
1505 fmb_timer_free(pbdev);
1506 }
1507
s390_pci_get_fid(Object * obj,Visitor * v,const char * name,void * opaque,Error ** errp)1508 static void s390_pci_get_fid(Object *obj, Visitor *v, const char *name,
1509 void *opaque, Error **errp)
1510 {
1511 const Property *prop = opaque;
1512 uint32_t *ptr = object_field_prop_ptr(obj, prop);
1513
1514 visit_type_uint32(v, name, ptr, errp);
1515 }
1516
s390_pci_set_fid(Object * obj,Visitor * v,const char * name,void * opaque,Error ** errp)1517 static void s390_pci_set_fid(Object *obj, Visitor *v, const char *name,
1518 void *opaque, Error **errp)
1519 {
1520 S390PCIBusDevice *zpci = S390_PCI_DEVICE(obj);
1521 const Property *prop = opaque;
1522 uint32_t *ptr = object_field_prop_ptr(obj, prop);
1523
1524 if (!visit_type_uint32(v, name, ptr, errp)) {
1525 return;
1526 }
1527 zpci->fid_defined = true;
1528 }
1529
1530 static const PropertyInfo s390_pci_fid_propinfo = {
1531 .type = "uint32",
1532 .description = "zpci_fid",
1533 .get = s390_pci_get_fid,
1534 .set = s390_pci_set_fid,
1535 };
1536
1537 #define DEFINE_PROP_S390_PCI_FID(_n, _s, _f) \
1538 DEFINE_PROP(_n, _s, _f, s390_pci_fid_propinfo, uint32_t)
1539
1540 static const Property s390_pci_device_properties[] = {
1541 DEFINE_PROP_UINT16("uid", S390PCIBusDevice, uid, UID_UNDEFINED),
1542 DEFINE_PROP_S390_PCI_FID("fid", S390PCIBusDevice, fid),
1543 DEFINE_PROP_STRING("target", S390PCIBusDevice, target),
1544 DEFINE_PROP_BOOL("interpret", S390PCIBusDevice, interp, true),
1545 DEFINE_PROP_BOOL("forwarding-assist", S390PCIBusDevice, forwarding_assist,
1546 true),
1547 DEFINE_PROP_BOOL("relaxed-translation", S390PCIBusDevice, rtr_avail,
1548 true),
1549 };
1550
1551 static const VMStateDescription s390_pci_device_vmstate = {
1552 .name = TYPE_S390_PCI_DEVICE,
1553 /*
1554 * TODO: add state handling here, so migration works at least with
1555 * emulated pci devices on s390x
1556 */
1557 .unmigratable = 1,
1558 };
1559
s390_pci_device_class_init(ObjectClass * klass,void * data)1560 static void s390_pci_device_class_init(ObjectClass *klass, void *data)
1561 {
1562 DeviceClass *dc = DEVICE_CLASS(klass);
1563
1564 dc->desc = "zpci device";
1565 set_bit(DEVICE_CATEGORY_MISC, dc->categories);
1566 device_class_set_legacy_reset(dc, s390_pci_device_reset);
1567 dc->bus_type = TYPE_S390_PCI_BUS;
1568 dc->realize = s390_pci_device_realize;
1569 device_class_set_props(dc, s390_pci_device_properties);
1570 dc->vmsd = &s390_pci_device_vmstate;
1571 }
1572
1573 static const TypeInfo s390_pci_device_info = {
1574 .name = TYPE_S390_PCI_DEVICE,
1575 .parent = TYPE_DEVICE,
1576 .instance_size = sizeof(S390PCIBusDevice),
1577 .class_init = s390_pci_device_class_init,
1578 };
1579
1580 static const TypeInfo s390_pci_iommu_info = {
1581 .name = TYPE_S390_PCI_IOMMU,
1582 .parent = TYPE_OBJECT,
1583 .instance_size = sizeof(S390PCIIOMMU),
1584 };
1585
s390_iommu_memory_region_class_init(ObjectClass * klass,void * data)1586 static void s390_iommu_memory_region_class_init(ObjectClass *klass, void *data)
1587 {
1588 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_CLASS(klass);
1589
1590 imrc->translate = s390_translate_iommu;
1591 imrc->replay = s390_pci_iommu_replay;
1592 }
1593
1594 static const TypeInfo s390_iommu_memory_region_info = {
1595 .parent = TYPE_IOMMU_MEMORY_REGION,
1596 .name = TYPE_S390_IOMMU_MEMORY_REGION,
1597 .class_init = s390_iommu_memory_region_class_init,
1598 };
1599
s390_pci_register_types(void)1600 static void s390_pci_register_types(void)
1601 {
1602 type_register_static(&s390_pcihost_info);
1603 type_register_static(&s390_pcibus_info);
1604 type_register_static(&s390_pci_device_info);
1605 type_register_static(&s390_pci_iommu_info);
1606 type_register_static(&s390_iommu_memory_region_info);
1607 }
1608
1609 type_init(s390_pci_register_types)
1610