1 /*
2 * s390 PCI BUS
3 *
4 * Copyright 2014 IBM Corp.
5 * Author(s): Frank Blaschka <frank.blaschka@de.ibm.com>
6 * Hong Bo Li <lihbbj@cn.ibm.com>
7 * Yi Min Zhao <zyimin@cn.ibm.com>
8 *
9 * This work is licensed under the terms of the GNU GPL, version 2 or (at
10 * your option) any later version. See the COPYING file in the top-level
11 * directory.
12 */
13
14 #include "qemu/osdep.h"
15 #include "qapi/error.h"
16 #include "qapi/visitor.h"
17 #include "exec/target_page.h"
18 #include "hw/s390x/s390-pci-bus.h"
19 #include "hw/s390x/s390-pci-inst.h"
20 #include "hw/s390x/s390-pci-kvm.h"
21 #include "hw/s390x/s390-pci-vfio.h"
22 #include "hw/s390x/s390-virtio-ccw.h"
23 #include "hw/boards.h"
24 #include "hw/pci/pci_bus.h"
25 #include "hw/qdev-properties.h"
26 #include "hw/pci/pci_bridge.h"
27 #include "hw/pci/msi.h"
28 #include "qemu/error-report.h"
29 #include "qemu/module.h"
30 #include "system/reset.h"
31 #include "system/runstate.h"
32
33 #include "trace.h"
34
s390_get_phb(void)35 S390pciState *s390_get_phb(void)
36 {
37 static S390pciState *phb;
38
39 if (!phb) {
40 phb = S390_PCI_HOST_BRIDGE(
41 object_resolve_path(TYPE_S390_PCI_HOST_BRIDGE, NULL));
42 assert(phb != NULL);
43 }
44
45 return phb;
46 }
47
pci_chsc_sei_nt2_get_event(void * res)48 int pci_chsc_sei_nt2_get_event(void *res)
49 {
50 ChscSeiNt2Res *nt2_res = (ChscSeiNt2Res *)res;
51 PciCcdfAvail *accdf;
52 PciCcdfErr *eccdf;
53 int rc = 1;
54 SeiContainer *sei_cont;
55 S390pciState *s = s390_get_phb();
56
57 sei_cont = QTAILQ_FIRST(&s->pending_sei);
58 if (sei_cont) {
59 QTAILQ_REMOVE(&s->pending_sei, sei_cont, link);
60 nt2_res->nt = 2;
61 nt2_res->cc = sei_cont->cc;
62 nt2_res->length = cpu_to_be16(sizeof(ChscSeiNt2Res));
63 switch (sei_cont->cc) {
64 case 1: /* error event */
65 eccdf = (PciCcdfErr *)nt2_res->ccdf;
66 eccdf->fid = cpu_to_be32(sei_cont->fid);
67 eccdf->fh = cpu_to_be32(sei_cont->fh);
68 eccdf->e = cpu_to_be32(sei_cont->e);
69 eccdf->faddr = cpu_to_be64(sei_cont->faddr);
70 eccdf->pec = cpu_to_be16(sei_cont->pec);
71 break;
72 case 2: /* availability event */
73 accdf = (PciCcdfAvail *)nt2_res->ccdf;
74 accdf->fid = cpu_to_be32(sei_cont->fid);
75 accdf->fh = cpu_to_be32(sei_cont->fh);
76 accdf->pec = cpu_to_be16(sei_cont->pec);
77 break;
78 default:
79 abort();
80 }
81 g_free(sei_cont);
82 rc = 0;
83 }
84
85 return rc;
86 }
87
pci_chsc_sei_nt2_have_event(void)88 int pci_chsc_sei_nt2_have_event(void)
89 {
90 S390pciState *s = s390_get_phb();
91
92 return !QTAILQ_EMPTY(&s->pending_sei);
93 }
94
s390_pci_find_next_avail_dev(S390pciState * s,S390PCIBusDevice * pbdev)95 S390PCIBusDevice *s390_pci_find_next_avail_dev(S390pciState *s,
96 S390PCIBusDevice *pbdev)
97 {
98 S390PCIBusDevice *ret = pbdev ? QTAILQ_NEXT(pbdev, link) :
99 QTAILQ_FIRST(&s->zpci_devs);
100
101 while (ret && ret->state == ZPCI_FS_RESERVED) {
102 ret = QTAILQ_NEXT(ret, link);
103 }
104
105 return ret;
106 }
107
s390_pci_find_dev_by_fid(S390pciState * s,uint32_t fid)108 S390PCIBusDevice *s390_pci_find_dev_by_fid(S390pciState *s, uint32_t fid)
109 {
110 S390PCIBusDevice *pbdev;
111
112 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
113 if (pbdev->fid == fid) {
114 return pbdev;
115 }
116 }
117
118 return NULL;
119 }
120
s390_pci_sclp_configure(SCCB * sccb)121 void s390_pci_sclp_configure(SCCB *sccb)
122 {
123 IoaCfgSccb *psccb = (IoaCfgSccb *)sccb;
124 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(s390_get_phb(),
125 be32_to_cpu(psccb->aid));
126 uint16_t rc;
127
128 if (!pbdev) {
129 trace_s390_pci_sclp_nodev("configure", be32_to_cpu(psccb->aid));
130 rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
131 goto out;
132 }
133
134 switch (pbdev->state) {
135 case ZPCI_FS_RESERVED:
136 rc = SCLP_RC_ADAPTER_IN_RESERVED_STATE;
137 break;
138 case ZPCI_FS_STANDBY:
139 pbdev->state = ZPCI_FS_DISABLED;
140 rc = SCLP_RC_NORMAL_COMPLETION;
141 break;
142 default:
143 rc = SCLP_RC_NO_ACTION_REQUIRED;
144 }
145 out:
146 psccb->header.response_code = cpu_to_be16(rc);
147 }
148
s390_pci_shutdown_notifier(Notifier * n,void * opaque)149 static void s390_pci_shutdown_notifier(Notifier *n, void *opaque)
150 {
151 S390PCIBusDevice *pbdev = container_of(n, S390PCIBusDevice,
152 shutdown_notifier);
153
154 pci_device_reset(pbdev->pdev);
155 }
156
s390_pci_perform_unplug(S390PCIBusDevice * pbdev)157 static void s390_pci_perform_unplug(S390PCIBusDevice *pbdev)
158 {
159 HotplugHandler *hotplug_ctrl;
160
161 if (pbdev->pft == ZPCI_PFT_ISM) {
162 notifier_remove(&pbdev->shutdown_notifier);
163 }
164
165 /* Unplug the PCI device */
166 if (pbdev->pdev) {
167 DeviceState *pdev = DEVICE(pbdev->pdev);
168
169 hotplug_ctrl = qdev_get_hotplug_handler(pdev);
170 hotplug_handler_unplug(hotplug_ctrl, pdev, &error_abort);
171 object_unparent(OBJECT(pdev));
172 }
173
174 /* Unplug the zPCI device */
175 hotplug_ctrl = qdev_get_hotplug_handler(DEVICE(pbdev));
176 hotplug_handler_unplug(hotplug_ctrl, DEVICE(pbdev), &error_abort);
177 object_unparent(OBJECT(pbdev));
178 }
179
s390_pci_sclp_deconfigure(SCCB * sccb)180 void s390_pci_sclp_deconfigure(SCCB *sccb)
181 {
182 IoaCfgSccb *psccb = (IoaCfgSccb *)sccb;
183 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(s390_get_phb(),
184 be32_to_cpu(psccb->aid));
185 uint16_t rc;
186
187 if (!pbdev) {
188 trace_s390_pci_sclp_nodev("deconfigure", be32_to_cpu(psccb->aid));
189 rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
190 goto out;
191 }
192
193 switch (pbdev->state) {
194 case ZPCI_FS_RESERVED:
195 rc = SCLP_RC_ADAPTER_IN_RESERVED_STATE;
196 break;
197 case ZPCI_FS_STANDBY:
198 rc = SCLP_RC_NO_ACTION_REQUIRED;
199 break;
200 default:
201 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) {
202 /* Interpreted devices were using interrupt forwarding */
203 s390_pci_kvm_aif_disable(pbdev);
204 } else if (pbdev->summary_ind) {
205 pci_dereg_irqs(pbdev);
206 }
207 if (pbdev->iommu->enabled) {
208 pci_dereg_ioat(pbdev->iommu);
209 }
210 pbdev->state = ZPCI_FS_STANDBY;
211 rc = SCLP_RC_NORMAL_COMPLETION;
212
213 if (pbdev->unplug_requested) {
214 s390_pci_perform_unplug(pbdev);
215 }
216 }
217 out:
218 psccb->header.response_code = cpu_to_be16(rc);
219 }
220
s390_pci_find_dev_by_uid(S390pciState * s,uint16_t uid)221 static S390PCIBusDevice *s390_pci_find_dev_by_uid(S390pciState *s, uint16_t uid)
222 {
223 S390PCIBusDevice *pbdev;
224
225 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
226 if (pbdev->uid == uid) {
227 return pbdev;
228 }
229 }
230
231 return NULL;
232 }
233
s390_pci_find_dev_by_target(S390pciState * s,const char * target)234 S390PCIBusDevice *s390_pci_find_dev_by_target(S390pciState *s,
235 const char *target)
236 {
237 S390PCIBusDevice *pbdev;
238
239 if (!target) {
240 return NULL;
241 }
242
243 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
244 if (!strcmp(pbdev->target, target)) {
245 return pbdev;
246 }
247 }
248
249 return NULL;
250 }
251
s390_pci_find_dev_by_pci(S390pciState * s,PCIDevice * pci_dev)252 static S390PCIBusDevice *s390_pci_find_dev_by_pci(S390pciState *s,
253 PCIDevice *pci_dev)
254 {
255 S390PCIBusDevice *pbdev;
256
257 if (!pci_dev) {
258 return NULL;
259 }
260
261 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
262 if (pbdev->pdev == pci_dev) {
263 return pbdev;
264 }
265 }
266
267 return NULL;
268 }
269
s390_pci_find_dev_by_idx(S390pciState * s,uint32_t idx)270 S390PCIBusDevice *s390_pci_find_dev_by_idx(S390pciState *s, uint32_t idx)
271 {
272 return g_hash_table_lookup(s->zpci_table, &idx);
273 }
274
s390_pci_find_dev_by_fh(S390pciState * s,uint32_t fh)275 S390PCIBusDevice *s390_pci_find_dev_by_fh(S390pciState *s, uint32_t fh)
276 {
277 uint32_t idx = FH_MASK_INDEX & fh;
278 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_idx(s, idx);
279
280 if (pbdev && pbdev->fh == fh) {
281 return pbdev;
282 }
283
284 return NULL;
285 }
286
s390_pci_generate_event(uint8_t cc,uint16_t pec,uint32_t fh,uint32_t fid,uint64_t faddr,uint32_t e)287 static void s390_pci_generate_event(uint8_t cc, uint16_t pec, uint32_t fh,
288 uint32_t fid, uint64_t faddr, uint32_t e)
289 {
290 SeiContainer *sei_cont;
291 S390pciState *s = s390_get_phb();
292
293 sei_cont = g_new0(SeiContainer, 1);
294 sei_cont->fh = fh;
295 sei_cont->fid = fid;
296 sei_cont->cc = cc;
297 sei_cont->pec = pec;
298 sei_cont->faddr = faddr;
299 sei_cont->e = e;
300
301 QTAILQ_INSERT_TAIL(&s->pending_sei, sei_cont, link);
302 css_generate_css_crws(0);
303 }
304
s390_pci_generate_plug_event(uint16_t pec,uint32_t fh,uint32_t fid)305 static void s390_pci_generate_plug_event(uint16_t pec, uint32_t fh,
306 uint32_t fid)
307 {
308 s390_pci_generate_event(2, pec, fh, fid, 0, 0);
309 }
310
s390_pci_generate_error_event(uint16_t pec,uint32_t fh,uint32_t fid,uint64_t faddr,uint32_t e)311 void s390_pci_generate_error_event(uint16_t pec, uint32_t fh, uint32_t fid,
312 uint64_t faddr, uint32_t e)
313 {
314 s390_pci_generate_event(1, pec, fh, fid, faddr, e);
315 }
316
s390_pci_set_irq(void * opaque,int irq,int level)317 static void s390_pci_set_irq(void *opaque, int irq, int level)
318 {
319 /* nothing to do */
320 }
321
s390_pci_map_irq(PCIDevice * pci_dev,int irq_num)322 static int s390_pci_map_irq(PCIDevice *pci_dev, int irq_num)
323 {
324 /* nothing to do */
325 return 0;
326 }
327
s390_pci_get_table_origin(uint64_t iota)328 static uint64_t s390_pci_get_table_origin(uint64_t iota)
329 {
330 return iota & ~ZPCI_IOTA_RTTO_FLAG;
331 }
332
calc_rtx(dma_addr_t ptr)333 static unsigned int calc_rtx(dma_addr_t ptr)
334 {
335 return ((unsigned long) ptr >> ZPCI_RT_SHIFT) & ZPCI_INDEX_MASK;
336 }
337
calc_sx(dma_addr_t ptr)338 static unsigned int calc_sx(dma_addr_t ptr)
339 {
340 return ((unsigned long) ptr >> ZPCI_ST_SHIFT) & ZPCI_INDEX_MASK;
341 }
342
calc_px(dma_addr_t ptr)343 static unsigned int calc_px(dma_addr_t ptr)
344 {
345 return ((unsigned long) ptr >> TARGET_PAGE_BITS) & ZPCI_PT_MASK;
346 }
347
get_rt_sto(uint64_t entry)348 static uint64_t get_rt_sto(uint64_t entry)
349 {
350 return ((entry & ZPCI_TABLE_TYPE_MASK) == ZPCI_TABLE_TYPE_RTX)
351 ? (entry & ZPCI_RTE_ADDR_MASK)
352 : 0;
353 }
354
get_st_pto(uint64_t entry)355 static uint64_t get_st_pto(uint64_t entry)
356 {
357 return ((entry & ZPCI_TABLE_TYPE_MASK) == ZPCI_TABLE_TYPE_SX)
358 ? (entry & ZPCI_STE_ADDR_MASK)
359 : 0;
360 }
361
rt_entry_isvalid(uint64_t entry)362 static bool rt_entry_isvalid(uint64_t entry)
363 {
364 return (entry & ZPCI_TABLE_VALID_MASK) == ZPCI_TABLE_VALID;
365 }
366
pt_entry_isvalid(uint64_t entry)367 static bool pt_entry_isvalid(uint64_t entry)
368 {
369 return (entry & ZPCI_PTE_VALID_MASK) == ZPCI_PTE_VALID;
370 }
371
entry_isprotected(uint64_t entry)372 static bool entry_isprotected(uint64_t entry)
373 {
374 return (entry & ZPCI_TABLE_PROT_MASK) == ZPCI_TABLE_PROTECTED;
375 }
376
377 /* ett is expected table type, -1 page table, 0 segment table, 1 region table */
get_table_index(uint64_t iova,int8_t ett)378 static uint64_t get_table_index(uint64_t iova, int8_t ett)
379 {
380 switch (ett) {
381 case ZPCI_ETT_PT:
382 return calc_px(iova);
383 case ZPCI_ETT_ST:
384 return calc_sx(iova);
385 case ZPCI_ETT_RT:
386 return calc_rtx(iova);
387 default:
388 g_assert_not_reached();
389 }
390 }
391
entry_isvalid(uint64_t entry,int8_t ett)392 static bool entry_isvalid(uint64_t entry, int8_t ett)
393 {
394 switch (ett) {
395 case ZPCI_ETT_PT:
396 return pt_entry_isvalid(entry);
397 case ZPCI_ETT_ST:
398 case ZPCI_ETT_RT:
399 return rt_entry_isvalid(entry);
400 default:
401 g_assert_not_reached();
402 }
403 }
404
405 /* Return true if address translation is done */
translate_iscomplete(uint64_t entry,int8_t ett)406 static bool translate_iscomplete(uint64_t entry, int8_t ett)
407 {
408 switch (ett) {
409 case ZPCI_ETT_ST:
410 return (entry & ZPCI_TABLE_FC) ? true : false;
411 case ZPCI_ETT_RT:
412 return false;
413 case ZPCI_ETT_PT:
414 return true;
415 default:
416 g_assert_not_reached();
417 }
418 }
419
get_frame_size(int8_t ett)420 static uint64_t get_frame_size(int8_t ett)
421 {
422 switch (ett) {
423 case ZPCI_ETT_PT:
424 return 1ULL << 12;
425 case ZPCI_ETT_ST:
426 return 1ULL << 20;
427 case ZPCI_ETT_RT:
428 return 1ULL << 31;
429 default:
430 g_assert_not_reached();
431 }
432 }
433
get_next_table_origin(uint64_t entry,int8_t ett)434 static uint64_t get_next_table_origin(uint64_t entry, int8_t ett)
435 {
436 switch (ett) {
437 case ZPCI_ETT_PT:
438 return entry & ZPCI_PTE_ADDR_MASK;
439 case ZPCI_ETT_ST:
440 return get_st_pto(entry);
441 case ZPCI_ETT_RT:
442 return get_rt_sto(entry);
443 default:
444 g_assert_not_reached();
445 }
446 }
447
448 /**
449 * table_translate: do translation within one table and return the following
450 * table origin
451 *
452 * @entry: the entry being translated, the result is stored in this.
453 * @to: the address of table origin.
454 * @ett: expected table type, 1 region table, 0 segment table and -1 page table.
455 * @error: error code
456 */
table_translate(S390IOTLBEntry * entry,uint64_t to,int8_t ett,uint16_t * error)457 static uint64_t table_translate(S390IOTLBEntry *entry, uint64_t to, int8_t ett,
458 uint16_t *error)
459 {
460 uint64_t tx, te, nto = 0;
461 uint16_t err = 0;
462
463 tx = get_table_index(entry->iova, ett);
464 te = address_space_ldq(&address_space_memory, to + tx * sizeof(uint64_t),
465 MEMTXATTRS_UNSPECIFIED, NULL);
466
467 if (!te) {
468 err = ERR_EVENT_INVALTE;
469 goto out;
470 }
471
472 if (!entry_isvalid(te, ett)) {
473 entry->perm &= IOMMU_NONE;
474 goto out;
475 }
476
477 if (ett == ZPCI_ETT_RT && ((te & ZPCI_TABLE_LEN_RTX) != ZPCI_TABLE_LEN_RTX
478 || te & ZPCI_TABLE_OFFSET_MASK)) {
479 err = ERR_EVENT_INVALTL;
480 goto out;
481 }
482
483 nto = get_next_table_origin(te, ett);
484 if (!nto) {
485 err = ERR_EVENT_TT;
486 goto out;
487 }
488
489 if (entry_isprotected(te)) {
490 entry->perm &= IOMMU_RO;
491 } else {
492 entry->perm &= IOMMU_RW;
493 }
494
495 if (translate_iscomplete(te, ett)) {
496 switch (ett) {
497 case ZPCI_ETT_PT:
498 entry->translated_addr = te & ZPCI_PTE_ADDR_MASK;
499 break;
500 case ZPCI_ETT_ST:
501 entry->translated_addr = (te & ZPCI_SFAA_MASK) |
502 (entry->iova & ~ZPCI_SFAA_MASK);
503 break;
504 }
505 nto = 0;
506 }
507 out:
508 if (err) {
509 entry->perm = IOMMU_NONE;
510 *error = err;
511 }
512 entry->len = get_frame_size(ett);
513 return nto;
514 }
515
s390_guest_io_table_walk(uint64_t g_iota,hwaddr addr,S390IOTLBEntry * entry)516 uint16_t s390_guest_io_table_walk(uint64_t g_iota, hwaddr addr,
517 S390IOTLBEntry *entry)
518 {
519 uint64_t to = s390_pci_get_table_origin(g_iota);
520 int8_t ett = 1;
521 uint16_t error = 0;
522
523 entry->iova = addr & TARGET_PAGE_MASK;
524 entry->translated_addr = 0;
525 entry->perm = IOMMU_RW;
526
527 if (entry_isprotected(g_iota)) {
528 entry->perm &= IOMMU_RO;
529 }
530
531 while (to) {
532 to = table_translate(entry, to, ett--, &error);
533 }
534
535 return error;
536 }
537
s390_translate_iommu(IOMMUMemoryRegion * mr,hwaddr addr,IOMMUAccessFlags flag,int iommu_idx)538 static IOMMUTLBEntry s390_translate_iommu(IOMMUMemoryRegion *mr, hwaddr addr,
539 IOMMUAccessFlags flag, int iommu_idx)
540 {
541 S390PCIIOMMU *iommu = container_of(mr, S390PCIIOMMU, iommu_mr);
542 S390IOTLBEntry *entry;
543 uint64_t iova = addr & TARGET_PAGE_MASK;
544 uint16_t error = 0;
545 IOMMUTLBEntry ret = {
546 .target_as = &address_space_memory,
547 .iova = 0,
548 .translated_addr = 0,
549 .addr_mask = ~(hwaddr)0,
550 .perm = IOMMU_NONE,
551 };
552
553 switch (iommu->pbdev->state) {
554 case ZPCI_FS_ENABLED:
555 case ZPCI_FS_BLOCKED:
556 if (!iommu->enabled) {
557 return ret;
558 }
559 break;
560 default:
561 return ret;
562 }
563
564 trace_s390_pci_iommu_xlate(addr);
565
566 if (addr < iommu->pba || addr > iommu->pal) {
567 error = ERR_EVENT_OORANGE;
568 goto err;
569 }
570
571 entry = g_hash_table_lookup(iommu->iotlb, &iova);
572 if (entry) {
573 ret.iova = entry->iova;
574 ret.translated_addr = entry->translated_addr;
575 ret.addr_mask = entry->len - 1;
576 ret.perm = entry->perm;
577 } else {
578 ret.iova = iova;
579 ret.addr_mask = ~TARGET_PAGE_MASK;
580 ret.perm = IOMMU_NONE;
581 }
582
583 if (flag != IOMMU_NONE && !(flag & ret.perm)) {
584 error = ERR_EVENT_TPROTE;
585 }
586 err:
587 if (error) {
588 iommu->pbdev->state = ZPCI_FS_ERROR;
589 s390_pci_generate_error_event(error, iommu->pbdev->fh,
590 iommu->pbdev->fid, addr, 0);
591 }
592 return ret;
593 }
594
s390_pci_iommu_replay(IOMMUMemoryRegion * iommu,IOMMUNotifier * notifier)595 static void s390_pci_iommu_replay(IOMMUMemoryRegion *iommu,
596 IOMMUNotifier *notifier)
597 {
598 /* It's impossible to plug a pci device on s390x that already has iommu
599 * mappings which need to be replayed, that is due to the "one iommu per
600 * zpci device" construct. But when we support migration of vfio-pci
601 * devices in future, we need to revisit this.
602 */
603 }
604
s390_pci_get_iommu(S390pciState * s,PCIBus * bus,int devfn)605 static S390PCIIOMMU *s390_pci_get_iommu(S390pciState *s, PCIBus *bus,
606 int devfn)
607 {
608 uint64_t key = (uintptr_t)bus;
609 S390PCIIOMMUTable *table = g_hash_table_lookup(s->iommu_table, &key);
610 S390PCIIOMMU *iommu;
611
612 if (!table) {
613 table = g_new0(S390PCIIOMMUTable, 1);
614 table->key = key;
615 g_hash_table_insert(s->iommu_table, &table->key, table);
616 }
617
618 iommu = table->iommu[PCI_SLOT(devfn)];
619 if (!iommu) {
620 iommu = S390_PCI_IOMMU(object_new(TYPE_S390_PCI_IOMMU));
621
622 char *mr_name = g_strdup_printf("iommu-root-%02x:%02x.%01x",
623 pci_bus_num(bus),
624 PCI_SLOT(devfn),
625 PCI_FUNC(devfn));
626 char *as_name = g_strdup_printf("iommu-pci-%02x:%02x.%01x",
627 pci_bus_num(bus),
628 PCI_SLOT(devfn),
629 PCI_FUNC(devfn));
630 memory_region_init(&iommu->mr, OBJECT(iommu), mr_name, UINT64_MAX);
631 address_space_init(&iommu->as, &iommu->mr, as_name);
632 iommu->iotlb = g_hash_table_new_full(g_int64_hash, g_int64_equal,
633 NULL, g_free);
634 table->iommu[PCI_SLOT(devfn)] = iommu;
635
636 g_free(mr_name);
637 g_free(as_name);
638 }
639
640 return iommu;
641 }
642
s390_pci_dma_iommu(PCIBus * bus,void * opaque,int devfn)643 static AddressSpace *s390_pci_dma_iommu(PCIBus *bus, void *opaque, int devfn)
644 {
645 S390pciState *s = opaque;
646 S390PCIIOMMU *iommu = s390_pci_get_iommu(s, bus, devfn);
647
648 return &iommu->as;
649 }
650
651 static const PCIIOMMUOps s390_iommu_ops = {
652 .get_address_space = s390_pci_dma_iommu,
653 };
654
set_ind_atomic(uint64_t ind_loc,uint8_t to_be_set)655 static uint8_t set_ind_atomic(uint64_t ind_loc, uint8_t to_be_set)
656 {
657 uint8_t expected, actual;
658 hwaddr len = 1;
659 /* avoid multiple fetches */
660 uint8_t volatile *ind_addr;
661
662 ind_addr = cpu_physical_memory_map(ind_loc, &len, true);
663 if (!ind_addr) {
664 s390_pci_generate_error_event(ERR_EVENT_AIRERR, 0, 0, 0, 0);
665 return -1;
666 }
667 actual = *ind_addr;
668 do {
669 expected = actual;
670 actual = qatomic_cmpxchg(ind_addr, expected, expected | to_be_set);
671 } while (actual != expected);
672 cpu_physical_memory_unmap((void *)ind_addr, len, 1, len);
673
674 return actual;
675 }
676
s390_msi_ctrl_write(void * opaque,hwaddr addr,uint64_t data,unsigned int size)677 static void s390_msi_ctrl_write(void *opaque, hwaddr addr, uint64_t data,
678 unsigned int size)
679 {
680 S390PCIBusDevice *pbdev = opaque;
681 uint32_t vec = data & ZPCI_MSI_VEC_MASK;
682 uint64_t ind_bit;
683 uint32_t sum_bit;
684
685 assert(pbdev);
686
687 trace_s390_pci_msi_ctrl_write(data, pbdev->idx, vec);
688
689 if (pbdev->state != ZPCI_FS_ENABLED) {
690 return;
691 }
692
693 ind_bit = pbdev->routes.adapter.ind_offset;
694 sum_bit = pbdev->routes.adapter.summary_offset;
695
696 set_ind_atomic(pbdev->routes.adapter.ind_addr + (ind_bit + vec) / 8,
697 0x80 >> ((ind_bit + vec) % 8));
698 if (!set_ind_atomic(pbdev->routes.adapter.summary_addr + sum_bit / 8,
699 0x80 >> (sum_bit % 8))) {
700 css_adapter_interrupt(CSS_IO_ADAPTER_PCI, pbdev->isc);
701 }
702 }
703
s390_msi_ctrl_read(void * opaque,hwaddr addr,unsigned size)704 static uint64_t s390_msi_ctrl_read(void *opaque, hwaddr addr, unsigned size)
705 {
706 return 0xffffffff;
707 }
708
709 static const MemoryRegionOps s390_msi_ctrl_ops = {
710 .write = s390_msi_ctrl_write,
711 .read = s390_msi_ctrl_read,
712 .endianness = DEVICE_LITTLE_ENDIAN,
713 };
714
s390_pci_iommu_enable(S390PCIIOMMU * iommu)715 void s390_pci_iommu_enable(S390PCIIOMMU *iommu)
716 {
717 /*
718 * The iommu region is initialized against a 0-mapped address space,
719 * so the smallest IOMMU region we can define runs from 0 to the end
720 * of the PCI address space.
721 */
722 char *name = g_strdup_printf("iommu-s390-%04x", iommu->pbdev->uid);
723 memory_region_init_iommu(&iommu->iommu_mr, sizeof(iommu->iommu_mr),
724 TYPE_S390_IOMMU_MEMORY_REGION, OBJECT(&iommu->mr),
725 name, iommu->pal + 1);
726 iommu->enabled = true;
727 memory_region_add_subregion(&iommu->mr, 0, MEMORY_REGION(&iommu->iommu_mr));
728 g_free(name);
729 }
730
s390_pci_iommu_direct_map_enable(S390PCIIOMMU * iommu)731 void s390_pci_iommu_direct_map_enable(S390PCIIOMMU *iommu)
732 {
733 MachineState *ms = MACHINE(qdev_get_machine());
734 S390CcwMachineState *s390ms = S390_CCW_MACHINE(ms);
735
736 /*
737 * For direct-mapping we must map the entire guest address space. Rather
738 * than using an iommu, create a memory region alias that maps GPA X to
739 * IOVA X + SDMA. VFIO will handle pinning via its memory listener.
740 */
741 g_autofree char *name = g_strdup_printf("iommu-dm-s390-%04x",
742 iommu->pbdev->uid);
743
744 iommu->dm_mr = g_malloc0(sizeof(*iommu->dm_mr));
745 memory_region_init_alias(iommu->dm_mr, OBJECT(&iommu->mr), name,
746 get_system_memory(), 0,
747 s390_get_memory_limit(s390ms));
748 iommu->enabled = true;
749 memory_region_add_subregion(&iommu->mr, iommu->pbdev->zpci_fn.sdma,
750 iommu->dm_mr);
751 }
752
s390_pci_iommu_disable(S390PCIIOMMU * iommu)753 void s390_pci_iommu_disable(S390PCIIOMMU *iommu)
754 {
755 iommu->enabled = false;
756 g_hash_table_remove_all(iommu->iotlb);
757 if (iommu->dm_mr) {
758 memory_region_del_subregion(&iommu->mr, iommu->dm_mr);
759 object_unparent(OBJECT(iommu->dm_mr));
760 g_free(iommu->dm_mr);
761 iommu->dm_mr = NULL;
762 } else {
763 memory_region_del_subregion(&iommu->mr,
764 MEMORY_REGION(&iommu->iommu_mr));
765 object_unparent(OBJECT(&iommu->iommu_mr));
766 }
767 }
768
s390_pci_iommu_free(S390pciState * s,PCIBus * bus,int32_t devfn)769 static void s390_pci_iommu_free(S390pciState *s, PCIBus *bus, int32_t devfn)
770 {
771 uint64_t key = (uintptr_t)bus;
772 S390PCIIOMMUTable *table = g_hash_table_lookup(s->iommu_table, &key);
773 S390PCIIOMMU *iommu = table ? table->iommu[PCI_SLOT(devfn)] : NULL;
774
775 if (!table || !iommu) {
776 return;
777 }
778
779 table->iommu[PCI_SLOT(devfn)] = NULL;
780 g_hash_table_destroy(iommu->iotlb);
781 /*
782 * An attached PCI device may have memory listeners, eg. VFIO PCI.
783 * The associated subregion will already have been unmapped in
784 * s390_pci_iommu_disable in response to the guest deconfigure request.
785 * Remove the listeners now before destroying the address space.
786 */
787 address_space_remove_listeners(&iommu->as);
788 address_space_destroy(&iommu->as);
789 object_unparent(OBJECT(&iommu->mr));
790 object_unparent(OBJECT(iommu));
791 object_unref(OBJECT(iommu));
792 }
793
s390_group_create(int id,int host_id)794 S390PCIGroup *s390_group_create(int id, int host_id)
795 {
796 S390PCIGroup *group;
797 S390pciState *s = s390_get_phb();
798
799 group = g_new0(S390PCIGroup, 1);
800 group->id = id;
801 group->host_id = host_id;
802 QTAILQ_INSERT_TAIL(&s->zpci_groups, group, link);
803 return group;
804 }
805
s390_group_find(int id)806 S390PCIGroup *s390_group_find(int id)
807 {
808 S390PCIGroup *group;
809 S390pciState *s = s390_get_phb();
810
811 QTAILQ_FOREACH(group, &s->zpci_groups, link) {
812 if (group->id == id) {
813 return group;
814 }
815 }
816 return NULL;
817 }
818
s390_group_find_host_sim(int host_id)819 S390PCIGroup *s390_group_find_host_sim(int host_id)
820 {
821 S390PCIGroup *group;
822 S390pciState *s = s390_get_phb();
823
824 QTAILQ_FOREACH(group, &s->zpci_groups, link) {
825 if (group->id >= ZPCI_SIM_GRP_START && group->host_id == host_id) {
826 return group;
827 }
828 }
829 return NULL;
830 }
831
s390_pci_init_default_group(void)832 static void s390_pci_init_default_group(void)
833 {
834 S390PCIGroup *group;
835 ClpRspQueryPciGrp *resgrp;
836
837 group = s390_group_create(ZPCI_DEFAULT_FN_GRP, ZPCI_DEFAULT_FN_GRP);
838 resgrp = &group->zpci_group;
839 resgrp->fr = 1;
840 resgrp->dasm = 0;
841 resgrp->msia = ZPCI_MSI_ADDR;
842 resgrp->mui = DEFAULT_MUI;
843 resgrp->i = 128;
844 resgrp->maxstbl = 128;
845 resgrp->version = 0;
846 resgrp->dtsm = ZPCI_DTSM;
847 }
848
set_pbdev_info(S390PCIBusDevice * pbdev)849 static void set_pbdev_info(S390PCIBusDevice *pbdev)
850 {
851 pbdev->zpci_fn.sdma = ZPCI_SDMA_ADDR;
852 pbdev->zpci_fn.edma = ZPCI_EDMA_ADDR;
853 pbdev->zpci_fn.pchid = 0;
854 pbdev->zpci_fn.pfgid = ZPCI_DEFAULT_FN_GRP;
855 pbdev->zpci_fn.fid = pbdev->fid;
856 pbdev->zpci_fn.uid = pbdev->uid;
857 pbdev->pci_group = s390_group_find(ZPCI_DEFAULT_FN_GRP);
858 }
859
s390_pcihost_realize(DeviceState * dev,Error ** errp)860 static void s390_pcihost_realize(DeviceState *dev, Error **errp)
861 {
862 PCIBus *b;
863 BusState *bus;
864 PCIHostState *phb = PCI_HOST_BRIDGE(dev);
865 S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
866
867 trace_s390_pcihost("realize");
868
869 b = pci_register_root_bus(dev, NULL, s390_pci_set_irq, s390_pci_map_irq,
870 NULL, get_system_memory(), get_system_io(), 0,
871 64, TYPE_PCI_BUS);
872 pci_setup_iommu(b, &s390_iommu_ops, s);
873
874 bus = BUS(b);
875 qbus_set_hotplug_handler(bus, OBJECT(dev));
876 phb->bus = b;
877
878 s->bus = S390_PCI_BUS(qbus_new(TYPE_S390_PCI_BUS, dev, NULL));
879 qbus_set_hotplug_handler(BUS(s->bus), OBJECT(dev));
880
881 s->iommu_table = g_hash_table_new_full(g_int64_hash, g_int64_equal,
882 NULL, g_free);
883 s->zpci_table = g_hash_table_new_full(g_int_hash, g_int_equal, NULL, NULL);
884 s->bus_no = 0;
885 s->next_sim_grp = ZPCI_SIM_GRP_START;
886 QTAILQ_INIT(&s->pending_sei);
887 QTAILQ_INIT(&s->zpci_devs);
888 QTAILQ_INIT(&s->zpci_dma_limit);
889 QTAILQ_INIT(&s->zpci_groups);
890
891 s390_pci_init_default_group();
892 css_register_io_adapters(CSS_IO_ADAPTER_PCI, true, false,
893 S390_ADAPTER_SUPPRESSIBLE, errp);
894 }
895
s390_pcihost_unrealize(DeviceState * dev)896 static void s390_pcihost_unrealize(DeviceState *dev)
897 {
898 S390PCIGroup *group;
899 S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
900
901 while (!QTAILQ_EMPTY(&s->zpci_groups)) {
902 group = QTAILQ_FIRST(&s->zpci_groups);
903 QTAILQ_REMOVE(&s->zpci_groups, group, link);
904 }
905 }
906
s390_pci_msix_init(S390PCIBusDevice * pbdev)907 static int s390_pci_msix_init(S390PCIBusDevice *pbdev)
908 {
909 char *name;
910 uint8_t pos;
911 uint16_t ctrl;
912 uint32_t table, pba;
913
914 pos = pci_find_capability(pbdev->pdev, PCI_CAP_ID_MSIX);
915 if (!pos) {
916 return -1;
917 }
918
919 ctrl = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_FLAGS,
920 pci_config_size(pbdev->pdev), sizeof(ctrl));
921 table = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_TABLE,
922 pci_config_size(pbdev->pdev), sizeof(table));
923 pba = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_PBA,
924 pci_config_size(pbdev->pdev), sizeof(pba));
925
926 pbdev->msix.table_bar = table & PCI_MSIX_FLAGS_BIRMASK;
927 pbdev->msix.table_offset = table & ~PCI_MSIX_FLAGS_BIRMASK;
928 pbdev->msix.pba_bar = pba & PCI_MSIX_FLAGS_BIRMASK;
929 pbdev->msix.pba_offset = pba & ~PCI_MSIX_FLAGS_BIRMASK;
930 pbdev->msix.entries = (ctrl & PCI_MSIX_FLAGS_QSIZE) + 1;
931
932 name = g_strdup_printf("msix-s390-%04x", pbdev->uid);
933 memory_region_init_io(&pbdev->msix_notify_mr, OBJECT(pbdev),
934 &s390_msi_ctrl_ops, pbdev, name, TARGET_PAGE_SIZE);
935 memory_region_add_subregion(&pbdev->iommu->mr,
936 pbdev->pci_group->zpci_group.msia,
937 &pbdev->msix_notify_mr);
938 g_free(name);
939
940 return 0;
941 }
942
s390_pci_msix_free(S390PCIBusDevice * pbdev)943 static void s390_pci_msix_free(S390PCIBusDevice *pbdev)
944 {
945 if (pbdev->msix.entries == 0) {
946 return;
947 }
948
949 memory_region_del_subregion(&pbdev->iommu->mr, &pbdev->msix_notify_mr);
950 object_unparent(OBJECT(&pbdev->msix_notify_mr));
951 }
952
s390_pci_device_new(S390pciState * s,const char * target,Error ** errp)953 static S390PCIBusDevice *s390_pci_device_new(S390pciState *s,
954 const char *target, Error **errp)
955 {
956 Error *local_err = NULL;
957 DeviceState *dev;
958
959 dev = qdev_try_new(TYPE_S390_PCI_DEVICE);
960 if (!dev) {
961 error_setg(errp, "zPCI device could not be created");
962 return NULL;
963 }
964
965 if (!object_property_set_str(OBJECT(dev), "target", target, &local_err)) {
966 object_unparent(OBJECT(dev));
967 error_propagate_prepend(errp, local_err,
968 "zPCI device could not be created: ");
969 return NULL;
970 }
971 if (!qdev_realize_and_unref(dev, BUS(s->bus), &local_err)) {
972 object_unparent(OBJECT(dev));
973 error_propagate_prepend(errp, local_err,
974 "zPCI device could not be created: ");
975 return NULL;
976 }
977
978 return S390_PCI_DEVICE(dev);
979 }
980
s390_pci_alloc_idx(S390pciState * s,S390PCIBusDevice * pbdev)981 static bool s390_pci_alloc_idx(S390pciState *s, S390PCIBusDevice *pbdev)
982 {
983 uint32_t idx;
984
985 idx = s->next_idx;
986 while (s390_pci_find_dev_by_idx(s, idx)) {
987 idx = (idx + 1) & FH_MASK_INDEX;
988 if (idx == s->next_idx) {
989 return false;
990 }
991 }
992
993 pbdev->idx = idx;
994 return true;
995 }
996
s390_pcihost_pre_plug(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)997 static void s390_pcihost_pre_plug(HotplugHandler *hotplug_dev, DeviceState *dev,
998 Error **errp)
999 {
1000 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
1001
1002 if (!s390_has_feat(S390_FEAT_ZPCI)) {
1003 warn_report("Plugging a PCI/zPCI device without the 'zpci' CPU "
1004 "feature enabled; the guest will not be able to see/use "
1005 "this device");
1006 }
1007
1008 if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1009 S390PCIBusDevice *pbdev = S390_PCI_DEVICE(dev);
1010
1011 if (!s390_pci_alloc_idx(s, pbdev)) {
1012 error_setg(errp, "no slot for plugging zpci device");
1013 return;
1014 }
1015 }
1016 }
1017
s390_pci_update_subordinate(PCIDevice * dev,uint32_t nr)1018 static void s390_pci_update_subordinate(PCIDevice *dev, uint32_t nr)
1019 {
1020 uint32_t old_nr;
1021
1022 pci_default_write_config(dev, PCI_SUBORDINATE_BUS, nr, 1);
1023 while (!pci_bus_is_root(pci_get_bus(dev))) {
1024 dev = pci_get_bus(dev)->parent_dev;
1025
1026 old_nr = pci_default_read_config(dev, PCI_SUBORDINATE_BUS, 1);
1027 if (old_nr < nr) {
1028 pci_default_write_config(dev, PCI_SUBORDINATE_BUS, nr, 1);
1029 }
1030 }
1031 }
1032
s390_pci_interp_plug(S390pciState * s,S390PCIBusDevice * pbdev)1033 static int s390_pci_interp_plug(S390pciState *s, S390PCIBusDevice *pbdev)
1034 {
1035 uint32_t idx, fh;
1036
1037 if (!s390_pci_get_host_fh(pbdev, &fh)) {
1038 return -EPERM;
1039 }
1040
1041 /*
1042 * The host device is already in an enabled state, but we always present
1043 * the initial device state to the guest as disabled (ZPCI_FS_DISABLED).
1044 * Therefore, mask off the enable bit from the passthrough handle until
1045 * the guest issues a CLP SET PCI FN later to enable the device.
1046 */
1047 pbdev->fh = fh & ~FH_MASK_ENABLE;
1048
1049 /* Next, see if the idx is already in-use */
1050 idx = pbdev->fh & FH_MASK_INDEX;
1051 if (pbdev->idx != idx) {
1052 if (s390_pci_find_dev_by_idx(s, idx)) {
1053 return -EINVAL;
1054 }
1055 /*
1056 * Update the idx entry with the passed through idx
1057 * If the relinquished idx is lower than next_idx, use it
1058 * to replace next_idx
1059 */
1060 g_hash_table_remove(s->zpci_table, &pbdev->idx);
1061 if (idx < s->next_idx) {
1062 s->next_idx = idx;
1063 }
1064 pbdev->idx = idx;
1065 g_hash_table_insert(s->zpci_table, &pbdev->idx, pbdev);
1066 }
1067
1068 return 0;
1069 }
1070
s390_pcihost_plug(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)1071 static void s390_pcihost_plug(HotplugHandler *hotplug_dev, DeviceState *dev,
1072 Error **errp)
1073 {
1074 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
1075 PCIDevice *pdev = NULL;
1076 S390PCIBusDevice *pbdev = NULL;
1077 int rc;
1078
1079 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_BRIDGE)) {
1080 PCIBridge *pb = PCI_BRIDGE(dev);
1081
1082 pdev = PCI_DEVICE(dev);
1083 pci_bridge_map_irq(pb, dev->id, s390_pci_map_irq);
1084 pci_setup_iommu(&pb->sec_bus, &s390_iommu_ops, s);
1085
1086 qbus_set_hotplug_handler(BUS(&pb->sec_bus), OBJECT(s));
1087
1088 if (dev->hotplugged) {
1089 pci_default_write_config(pdev, PCI_PRIMARY_BUS,
1090 pci_dev_bus_num(pdev), 1);
1091 s->bus_no += 1;
1092 pci_default_write_config(pdev, PCI_SECONDARY_BUS, s->bus_no, 1);
1093
1094 s390_pci_update_subordinate(pdev, s->bus_no);
1095 }
1096 } else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
1097 pdev = PCI_DEVICE(dev);
1098
1099 /*
1100 * Multifunction is not supported due to the lack of CLP. However,
1101 * do not check for multifunction capability for SR-IOV devices because
1102 * SR-IOV devices automatically add the multifunction capability whether
1103 * the user intends to use the functions other than the PF.
1104 */
1105 if (pdev->cap_present & QEMU_PCI_CAP_MULTIFUNCTION &&
1106 !pdev->exp.sriov_cap) {
1107 error_setg(errp, "multifunction not supported in s390");
1108 return;
1109 }
1110
1111 if (!dev->id) {
1112 /* In the case the PCI device does not define an id */
1113 /* we generate one based on the PCI address */
1114 dev->id = g_strdup_printf("auto_%02x:%02x.%01x",
1115 pci_dev_bus_num(pdev),
1116 PCI_SLOT(pdev->devfn),
1117 PCI_FUNC(pdev->devfn));
1118 }
1119
1120 pbdev = s390_pci_find_dev_by_target(s, dev->id);
1121 if (!pbdev) {
1122 /*
1123 * VFs are automatically created by PF, and creating zpci for them
1124 * will result in unexpected usage of fids. Currently QEMU does not
1125 * support multifunction for s390x so we don't need zpci for VFs
1126 * anyway.
1127 */
1128 if (pci_is_vf(pdev)) {
1129 return;
1130 }
1131
1132 pbdev = s390_pci_device_new(s, dev->id, errp);
1133 if (!pbdev) {
1134 return;
1135 }
1136 }
1137
1138 pbdev->pdev = pdev;
1139 pbdev->iommu = s390_pci_get_iommu(s, pci_get_bus(pdev), pdev->devfn);
1140 pbdev->iommu->pbdev = pbdev;
1141 pbdev->state = ZPCI_FS_DISABLED;
1142 set_pbdev_info(pbdev);
1143
1144 if (object_dynamic_cast(OBJECT(dev), "vfio-pci")) {
1145 /*
1146 * By default, interpretation is always requested; if the available
1147 * facilities indicate it is not available, fallback to the
1148 * interception model.
1149 */
1150 if (pbdev->interp) {
1151 if (s390_pci_kvm_interp_allowed()) {
1152 rc = s390_pci_interp_plug(s, pbdev);
1153 if (rc) {
1154 error_setg(errp, "Plug failed for zPCI device in "
1155 "interpretation mode: %d", rc);
1156 return;
1157 }
1158 } else {
1159 trace_s390_pcihost("zPCI interpretation missing");
1160 pbdev->interp = false;
1161 pbdev->forwarding_assist = false;
1162 }
1163 }
1164 pbdev->iommu->dma_limit = s390_pci_start_dma_count(s, pbdev);
1165 /* Fill in CLP information passed via the vfio region */
1166 s390_pci_get_clp_info(pbdev);
1167 if (!pbdev->interp) {
1168 /* Do vfio passthrough but intercept for I/O */
1169 pbdev->fh |= FH_SHM_VFIO;
1170 pbdev->forwarding_assist = false;
1171 }
1172 /* Register shutdown notifier and reset callback for ISM devices */
1173 if (pbdev->pft == ZPCI_PFT_ISM) {
1174 pbdev->shutdown_notifier.notify = s390_pci_shutdown_notifier;
1175 qemu_register_shutdown_notifier(&pbdev->shutdown_notifier);
1176 }
1177 } else {
1178 pbdev->fh |= FH_SHM_EMUL;
1179 /* Always intercept emulated devices */
1180 pbdev->interp = false;
1181 pbdev->forwarding_assist = false;
1182 pbdev->rtr_avail = false;
1183 }
1184
1185 if (s390_pci_msix_init(pbdev) && !pbdev->interp) {
1186 error_setg(errp, "MSI-X support is mandatory "
1187 "in the S390 architecture");
1188 return;
1189 }
1190
1191 if (dev->hotplugged) {
1192 s390_pci_generate_plug_event(HP_EVENT_TO_CONFIGURED ,
1193 pbdev->fh, pbdev->fid);
1194 }
1195 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1196 pbdev = S390_PCI_DEVICE(dev);
1197
1198 /* the allocated idx is actually getting used */
1199 s->next_idx = (pbdev->idx + 1) & FH_MASK_INDEX;
1200 pbdev->fh = pbdev->idx;
1201 QTAILQ_INSERT_TAIL(&s->zpci_devs, pbdev, link);
1202 g_hash_table_insert(s->zpci_table, &pbdev->idx, pbdev);
1203 } else {
1204 g_assert_not_reached();
1205 }
1206 }
1207
s390_pcihost_unplug(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)1208 static void s390_pcihost_unplug(HotplugHandler *hotplug_dev, DeviceState *dev,
1209 Error **errp)
1210 {
1211 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
1212 S390PCIBusDevice *pbdev = NULL;
1213
1214 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
1215 PCIDevice *pci_dev = PCI_DEVICE(dev);
1216 PCIBus *bus;
1217 int32_t devfn;
1218
1219 pbdev = s390_pci_find_dev_by_pci(s, PCI_DEVICE(dev));
1220 if (!pbdev) {
1221 g_assert(pci_is_vf(pci_dev));
1222 return;
1223 }
1224
1225 s390_pci_generate_plug_event(HP_EVENT_STANDBY_TO_RESERVED,
1226 pbdev->fh, pbdev->fid);
1227 bus = pci_get_bus(pci_dev);
1228 devfn = pci_dev->devfn;
1229 qdev_unrealize(dev);
1230
1231 s390_pci_msix_free(pbdev);
1232 s390_pci_iommu_free(s, bus, devfn);
1233 pbdev->pdev = NULL;
1234 pbdev->state = ZPCI_FS_RESERVED;
1235 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1236 pbdev = S390_PCI_DEVICE(dev);
1237 pbdev->fid = 0;
1238 QTAILQ_REMOVE(&s->zpci_devs, pbdev, link);
1239 g_hash_table_remove(s->zpci_table, &pbdev->idx);
1240 if (pbdev->iommu->dma_limit) {
1241 s390_pci_end_dma_count(s, pbdev->iommu->dma_limit);
1242 }
1243 qdev_unrealize(dev);
1244 }
1245 }
1246
s390_pcihost_unplug_request(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)1247 static void s390_pcihost_unplug_request(HotplugHandler *hotplug_dev,
1248 DeviceState *dev,
1249 Error **errp)
1250 {
1251 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
1252 S390PCIBusDevice *pbdev;
1253
1254 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_BRIDGE)) {
1255 error_setg(errp, "PCI bridge hot unplug currently not supported");
1256 } else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
1257 /*
1258 * Redirect the unplug request to the zPCI device and remember that
1259 * we've checked the PCI device already (to prevent endless recursion).
1260 */
1261 pbdev = s390_pci_find_dev_by_pci(s, PCI_DEVICE(dev));
1262 if (!pbdev) {
1263 g_assert(pci_is_vf(PCI_DEVICE(dev)));
1264 return;
1265 }
1266
1267 pbdev->pci_unplug_request_processed = true;
1268 qdev_unplug(DEVICE(pbdev), errp);
1269 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1270 pbdev = S390_PCI_DEVICE(dev);
1271
1272 /*
1273 * If unplug was initially requested for the zPCI device, we
1274 * first have to redirect to the PCI device, which will in return
1275 * redirect back to us after performing its checks (if the request
1276 * is not blocked, e.g. because it's a PCI bridge).
1277 */
1278 if (pbdev->pdev && !pbdev->pci_unplug_request_processed) {
1279 qdev_unplug(DEVICE(pbdev->pdev), errp);
1280 return;
1281 }
1282 pbdev->pci_unplug_request_processed = false;
1283
1284 switch (pbdev->state) {
1285 case ZPCI_FS_STANDBY:
1286 case ZPCI_FS_RESERVED:
1287 s390_pci_perform_unplug(pbdev);
1288 break;
1289 default:
1290 /*
1291 * Allow to send multiple requests, e.g. if the guest crashed
1292 * before releasing the device, we would not be able to send
1293 * another request to the same VM (e.g. fresh OS).
1294 */
1295 pbdev->unplug_requested = true;
1296 s390_pci_generate_plug_event(HP_EVENT_DECONFIGURE_REQUEST,
1297 pbdev->fh, pbdev->fid);
1298 }
1299 } else {
1300 g_assert_not_reached();
1301 }
1302 }
1303
s390_pci_enumerate_bridge(PCIBus * bus,PCIDevice * pdev,void * opaque)1304 static void s390_pci_enumerate_bridge(PCIBus *bus, PCIDevice *pdev,
1305 void *opaque)
1306 {
1307 S390pciState *s = opaque;
1308 PCIBus *sec_bus = NULL;
1309
1310 if ((pci_default_read_config(pdev, PCI_HEADER_TYPE, 1) !=
1311 PCI_HEADER_TYPE_BRIDGE)) {
1312 return;
1313 }
1314
1315 (s->bus_no)++;
1316 pci_default_write_config(pdev, PCI_PRIMARY_BUS, pci_dev_bus_num(pdev), 1);
1317 pci_default_write_config(pdev, PCI_SECONDARY_BUS, s->bus_no, 1);
1318 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, s->bus_no, 1);
1319
1320 sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(pdev));
1321 if (!sec_bus) {
1322 return;
1323 }
1324
1325 /* Assign numbers to all child bridges. The last is the highest number. */
1326 pci_for_each_device_under_bus(sec_bus, s390_pci_enumerate_bridge, s);
1327 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, s->bus_no, 1);
1328 }
1329
s390_pci_ism_reset(void)1330 void s390_pci_ism_reset(void)
1331 {
1332 S390pciState *s = s390_get_phb();
1333
1334 S390PCIBusDevice *pbdev, *next;
1335
1336 /* Trigger reset event for each passthrough ISM device currently in-use */
1337 QTAILQ_FOREACH_SAFE(pbdev, &s->zpci_devs, link, next) {
1338 if (pbdev->interp && pbdev->pft == ZPCI_PFT_ISM &&
1339 pbdev->fh & FH_MASK_ENABLE) {
1340 s390_pci_kvm_aif_disable(pbdev);
1341
1342 pci_device_reset(pbdev->pdev);
1343 }
1344 }
1345 }
1346
s390_pcihost_reset(DeviceState * dev)1347 static void s390_pcihost_reset(DeviceState *dev)
1348 {
1349 S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
1350 PCIBus *bus = s->parent_obj.bus;
1351 S390PCIBusDevice *pbdev, *next;
1352
1353 /* Process all pending unplug requests */
1354 QTAILQ_FOREACH_SAFE(pbdev, &s->zpci_devs, link, next) {
1355 if (pbdev->unplug_requested) {
1356 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) {
1357 /* Interpreted devices were using interrupt forwarding */
1358 s390_pci_kvm_aif_disable(pbdev);
1359 } else if (pbdev->summary_ind) {
1360 pci_dereg_irqs(pbdev);
1361 }
1362 if (pbdev->iommu->enabled) {
1363 pci_dereg_ioat(pbdev->iommu);
1364 }
1365 pbdev->state = ZPCI_FS_STANDBY;
1366 s390_pci_perform_unplug(pbdev);
1367 }
1368 }
1369
1370 /*
1371 * When resetting a PCI bridge, the assigned numbers are set to 0. So
1372 * on every system reset, we also have to reassign numbers.
1373 */
1374 s->bus_no = 0;
1375 pci_for_each_device_under_bus(bus, s390_pci_enumerate_bridge, s);
1376 }
1377
s390_pcihost_class_init(ObjectClass * klass,const void * data)1378 static void s390_pcihost_class_init(ObjectClass *klass, const void *data)
1379 {
1380 DeviceClass *dc = DEVICE_CLASS(klass);
1381 HotplugHandlerClass *hc = HOTPLUG_HANDLER_CLASS(klass);
1382
1383 device_class_set_legacy_reset(dc, s390_pcihost_reset);
1384 dc->realize = s390_pcihost_realize;
1385 dc->unrealize = s390_pcihost_unrealize;
1386 hc->pre_plug = s390_pcihost_pre_plug;
1387 hc->plug = s390_pcihost_plug;
1388 hc->unplug_request = s390_pcihost_unplug_request;
1389 hc->unplug = s390_pcihost_unplug;
1390 msi_nonbroken = true;
1391 }
1392
1393 static const TypeInfo s390_pcihost_info = {
1394 .name = TYPE_S390_PCI_HOST_BRIDGE,
1395 .parent = TYPE_PCI_HOST_BRIDGE,
1396 .instance_size = sizeof(S390pciState),
1397 .class_init = s390_pcihost_class_init,
1398 .interfaces = (const InterfaceInfo[]) {
1399 { TYPE_HOTPLUG_HANDLER },
1400 { }
1401 }
1402 };
1403
1404 static const TypeInfo s390_pcibus_info = {
1405 .name = TYPE_S390_PCI_BUS,
1406 .parent = TYPE_BUS,
1407 .instance_size = sizeof(S390PCIBus),
1408 };
1409
s390_pci_generate_uid(S390pciState * s)1410 static uint16_t s390_pci_generate_uid(S390pciState *s)
1411 {
1412 uint16_t uid = 0;
1413
1414 do {
1415 uid++;
1416 if (!s390_pci_find_dev_by_uid(s, uid)) {
1417 return uid;
1418 }
1419 } while (uid < ZPCI_MAX_UID);
1420
1421 return UID_UNDEFINED;
1422 }
1423
s390_pci_generate_fid(S390pciState * s,Error ** errp)1424 static uint32_t s390_pci_generate_fid(S390pciState *s, Error **errp)
1425 {
1426 uint32_t fid = 0;
1427
1428 do {
1429 if (!s390_pci_find_dev_by_fid(s, fid)) {
1430 return fid;
1431 }
1432 } while (fid++ != ZPCI_MAX_FID);
1433
1434 error_setg(errp, "no free fid could be found");
1435 return 0;
1436 }
1437
s390_pci_device_realize(DeviceState * dev,Error ** errp)1438 static void s390_pci_device_realize(DeviceState *dev, Error **errp)
1439 {
1440 S390PCIBusDevice *zpci = S390_PCI_DEVICE(dev);
1441 S390pciState *s = s390_get_phb();
1442
1443 if (!zpci->target) {
1444 error_setg(errp, "target must be defined");
1445 return;
1446 }
1447
1448 if (s390_pci_find_dev_by_target(s, zpci->target)) {
1449 error_setg(errp, "target %s already has an associated zpci device",
1450 zpci->target);
1451 return;
1452 }
1453
1454 if (zpci->uid == UID_UNDEFINED) {
1455 zpci->uid = s390_pci_generate_uid(s);
1456 if (!zpci->uid) {
1457 error_setg(errp, "no free uid could be found");
1458 return;
1459 }
1460 } else if (s390_pci_find_dev_by_uid(s, zpci->uid)) {
1461 error_setg(errp, "uid %u already in use", zpci->uid);
1462 return;
1463 }
1464
1465 if (!zpci->fid_defined) {
1466 Error *local_error = NULL;
1467
1468 zpci->fid = s390_pci_generate_fid(s, &local_error);
1469 if (local_error) {
1470 error_propagate(errp, local_error);
1471 return;
1472 }
1473 } else if (s390_pci_find_dev_by_fid(s, zpci->fid)) {
1474 error_setg(errp, "fid %u already in use", zpci->fid);
1475 return;
1476 }
1477
1478 zpci->state = ZPCI_FS_RESERVED;
1479 zpci->fmb.format = ZPCI_FMB_FORMAT;
1480 }
1481
s390_pci_device_reset(DeviceState * dev)1482 static void s390_pci_device_reset(DeviceState *dev)
1483 {
1484 S390PCIBusDevice *pbdev = S390_PCI_DEVICE(dev);
1485
1486 switch (pbdev->state) {
1487 case ZPCI_FS_RESERVED:
1488 return;
1489 case ZPCI_FS_STANDBY:
1490 break;
1491 default:
1492 pbdev->fh &= ~FH_MASK_ENABLE;
1493 pbdev->state = ZPCI_FS_DISABLED;
1494 break;
1495 }
1496
1497 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) {
1498 /* Interpreted devices were using interrupt forwarding */
1499 s390_pci_kvm_aif_disable(pbdev);
1500 } else if (pbdev->summary_ind) {
1501 pci_dereg_irqs(pbdev);
1502 }
1503 if (pbdev->iommu->enabled) {
1504 pci_dereg_ioat(pbdev->iommu);
1505 }
1506
1507 fmb_timer_free(pbdev);
1508 }
1509
s390_pci_get_fid(Object * obj,Visitor * v,const char * name,void * opaque,Error ** errp)1510 static void s390_pci_get_fid(Object *obj, Visitor *v, const char *name,
1511 void *opaque, Error **errp)
1512 {
1513 const Property *prop = opaque;
1514 uint32_t *ptr = object_field_prop_ptr(obj, prop);
1515
1516 visit_type_uint32(v, name, ptr, errp);
1517 }
1518
s390_pci_set_fid(Object * obj,Visitor * v,const char * name,void * opaque,Error ** errp)1519 static void s390_pci_set_fid(Object *obj, Visitor *v, const char *name,
1520 void *opaque, Error **errp)
1521 {
1522 S390PCIBusDevice *zpci = S390_PCI_DEVICE(obj);
1523 const Property *prop = opaque;
1524 uint32_t *ptr = object_field_prop_ptr(obj, prop);
1525
1526 if (!visit_type_uint32(v, name, ptr, errp)) {
1527 return;
1528 }
1529 zpci->fid_defined = true;
1530 }
1531
1532 static const PropertyInfo s390_pci_fid_propinfo = {
1533 .type = "uint32",
1534 .description = "zpci_fid",
1535 .get = s390_pci_get_fid,
1536 .set = s390_pci_set_fid,
1537 };
1538
1539 #define DEFINE_PROP_S390_PCI_FID(_n, _s, _f) \
1540 DEFINE_PROP(_n, _s, _f, s390_pci_fid_propinfo, uint32_t)
1541
1542 static const Property s390_pci_device_properties[] = {
1543 DEFINE_PROP_UINT16("uid", S390PCIBusDevice, uid, UID_UNDEFINED),
1544 DEFINE_PROP_S390_PCI_FID("fid", S390PCIBusDevice, fid),
1545 DEFINE_PROP_STRING("target", S390PCIBusDevice, target),
1546 DEFINE_PROP_BOOL("interpret", S390PCIBusDevice, interp, true),
1547 DEFINE_PROP_BOOL("forwarding-assist", S390PCIBusDevice, forwarding_assist,
1548 true),
1549 DEFINE_PROP_BOOL("relaxed-translation", S390PCIBusDevice, rtr_avail,
1550 true),
1551 };
1552
1553 static const VMStateDescription s390_pci_device_vmstate = {
1554 .name = TYPE_S390_PCI_DEVICE,
1555 /*
1556 * TODO: add state handling here, so migration works at least with
1557 * emulated pci devices on s390x
1558 */
1559 .unmigratable = 1,
1560 };
1561
s390_pci_device_class_init(ObjectClass * klass,const void * data)1562 static void s390_pci_device_class_init(ObjectClass *klass, const void *data)
1563 {
1564 DeviceClass *dc = DEVICE_CLASS(klass);
1565
1566 dc->desc = "zpci device";
1567 set_bit(DEVICE_CATEGORY_MISC, dc->categories);
1568 device_class_set_legacy_reset(dc, s390_pci_device_reset);
1569 dc->bus_type = TYPE_S390_PCI_BUS;
1570 dc->realize = s390_pci_device_realize;
1571 device_class_set_props(dc, s390_pci_device_properties);
1572 dc->vmsd = &s390_pci_device_vmstate;
1573 }
1574
1575 static const TypeInfo s390_pci_device_info = {
1576 .name = TYPE_S390_PCI_DEVICE,
1577 .parent = TYPE_DEVICE,
1578 .instance_size = sizeof(S390PCIBusDevice),
1579 .class_init = s390_pci_device_class_init,
1580 };
1581
1582 static const TypeInfo s390_pci_iommu_info = {
1583 .name = TYPE_S390_PCI_IOMMU,
1584 .parent = TYPE_OBJECT,
1585 .instance_size = sizeof(S390PCIIOMMU),
1586 };
1587
s390_iommu_memory_region_class_init(ObjectClass * klass,const void * data)1588 static void s390_iommu_memory_region_class_init(ObjectClass *klass,
1589 const void *data)
1590 {
1591 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_CLASS(klass);
1592
1593 imrc->translate = s390_translate_iommu;
1594 imrc->replay = s390_pci_iommu_replay;
1595 }
1596
1597 static const TypeInfo s390_iommu_memory_region_info = {
1598 .parent = TYPE_IOMMU_MEMORY_REGION,
1599 .name = TYPE_S390_IOMMU_MEMORY_REGION,
1600 .class_init = s390_iommu_memory_region_class_init,
1601 };
1602
s390_pci_register_types(void)1603 static void s390_pci_register_types(void)
1604 {
1605 type_register_static(&s390_pcihost_info);
1606 type_register_static(&s390_pcibus_info);
1607 type_register_static(&s390_pci_device_info);
1608 type_register_static(&s390_pci_iommu_info);
1609 type_register_static(&s390_iommu_memory_region_info);
1610 }
1611
1612 type_init(s390_pci_register_types)
1613