1 /*
2 * s390 PCI BUS
3 *
4 * Copyright 2014 IBM Corp.
5 * Author(s): Frank Blaschka <frank.blaschka@de.ibm.com>
6 * Hong Bo Li <lihbbj@cn.ibm.com>
7 * Yi Min Zhao <zyimin@cn.ibm.com>
8 *
9 * This work is licensed under the terms of the GNU GPL, version 2 or (at
10 * your option) any later version. See the COPYING file in the top-level
11 * directory.
12 */
13
14 #include "qemu/osdep.h"
15 #include "qapi/error.h"
16 #include "qapi/visitor.h"
17 #include "hw/s390x/s390-pci-bus.h"
18 #include "hw/s390x/s390-pci-inst.h"
19 #include "hw/s390x/s390-pci-kvm.h"
20 #include "hw/s390x/s390-pci-vfio.h"
21 #include "hw/pci/pci_bus.h"
22 #include "hw/qdev-properties.h"
23 #include "hw/pci/pci_bridge.h"
24 #include "hw/pci/msi.h"
25 #include "qemu/error-report.h"
26 #include "qemu/module.h"
27 #include "sysemu/reset.h"
28 #include "sysemu/runstate.h"
29
30 #include "trace.h"
31
s390_get_phb(void)32 S390pciState *s390_get_phb(void)
33 {
34 static S390pciState *phb;
35
36 if (!phb) {
37 phb = S390_PCI_HOST_BRIDGE(
38 object_resolve_path(TYPE_S390_PCI_HOST_BRIDGE, NULL));
39 assert(phb != NULL);
40 }
41
42 return phb;
43 }
44
pci_chsc_sei_nt2_get_event(void * res)45 int pci_chsc_sei_nt2_get_event(void *res)
46 {
47 ChscSeiNt2Res *nt2_res = (ChscSeiNt2Res *)res;
48 PciCcdfAvail *accdf;
49 PciCcdfErr *eccdf;
50 int rc = 1;
51 SeiContainer *sei_cont;
52 S390pciState *s = s390_get_phb();
53
54 sei_cont = QTAILQ_FIRST(&s->pending_sei);
55 if (sei_cont) {
56 QTAILQ_REMOVE(&s->pending_sei, sei_cont, link);
57 nt2_res->nt = 2;
58 nt2_res->cc = sei_cont->cc;
59 nt2_res->length = cpu_to_be16(sizeof(ChscSeiNt2Res));
60 switch (sei_cont->cc) {
61 case 1: /* error event */
62 eccdf = (PciCcdfErr *)nt2_res->ccdf;
63 eccdf->fid = cpu_to_be32(sei_cont->fid);
64 eccdf->fh = cpu_to_be32(sei_cont->fh);
65 eccdf->e = cpu_to_be32(sei_cont->e);
66 eccdf->faddr = cpu_to_be64(sei_cont->faddr);
67 eccdf->pec = cpu_to_be16(sei_cont->pec);
68 break;
69 case 2: /* availability event */
70 accdf = (PciCcdfAvail *)nt2_res->ccdf;
71 accdf->fid = cpu_to_be32(sei_cont->fid);
72 accdf->fh = cpu_to_be32(sei_cont->fh);
73 accdf->pec = cpu_to_be16(sei_cont->pec);
74 break;
75 default:
76 abort();
77 }
78 g_free(sei_cont);
79 rc = 0;
80 }
81
82 return rc;
83 }
84
pci_chsc_sei_nt2_have_event(void)85 int pci_chsc_sei_nt2_have_event(void)
86 {
87 S390pciState *s = s390_get_phb();
88
89 return !QTAILQ_EMPTY(&s->pending_sei);
90 }
91
s390_pci_find_next_avail_dev(S390pciState * s,S390PCIBusDevice * pbdev)92 S390PCIBusDevice *s390_pci_find_next_avail_dev(S390pciState *s,
93 S390PCIBusDevice *pbdev)
94 {
95 S390PCIBusDevice *ret = pbdev ? QTAILQ_NEXT(pbdev, link) :
96 QTAILQ_FIRST(&s->zpci_devs);
97
98 while (ret && ret->state == ZPCI_FS_RESERVED) {
99 ret = QTAILQ_NEXT(ret, link);
100 }
101
102 return ret;
103 }
104
s390_pci_find_dev_by_fid(S390pciState * s,uint32_t fid)105 S390PCIBusDevice *s390_pci_find_dev_by_fid(S390pciState *s, uint32_t fid)
106 {
107 S390PCIBusDevice *pbdev;
108
109 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
110 if (pbdev->fid == fid) {
111 return pbdev;
112 }
113 }
114
115 return NULL;
116 }
117
s390_pci_sclp_configure(SCCB * sccb)118 void s390_pci_sclp_configure(SCCB *sccb)
119 {
120 IoaCfgSccb *psccb = (IoaCfgSccb *)sccb;
121 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(s390_get_phb(),
122 be32_to_cpu(psccb->aid));
123 uint16_t rc;
124
125 if (!pbdev) {
126 trace_s390_pci_sclp_nodev("configure", be32_to_cpu(psccb->aid));
127 rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
128 goto out;
129 }
130
131 switch (pbdev->state) {
132 case ZPCI_FS_RESERVED:
133 rc = SCLP_RC_ADAPTER_IN_RESERVED_STATE;
134 break;
135 case ZPCI_FS_STANDBY:
136 pbdev->state = ZPCI_FS_DISABLED;
137 rc = SCLP_RC_NORMAL_COMPLETION;
138 break;
139 default:
140 rc = SCLP_RC_NO_ACTION_REQUIRED;
141 }
142 out:
143 psccb->header.response_code = cpu_to_be16(rc);
144 }
145
s390_pci_shutdown_notifier(Notifier * n,void * opaque)146 static void s390_pci_shutdown_notifier(Notifier *n, void *opaque)
147 {
148 S390PCIBusDevice *pbdev = container_of(n, S390PCIBusDevice,
149 shutdown_notifier);
150
151 pci_device_reset(pbdev->pdev);
152 }
153
s390_pci_perform_unplug(S390PCIBusDevice * pbdev)154 static void s390_pci_perform_unplug(S390PCIBusDevice *pbdev)
155 {
156 HotplugHandler *hotplug_ctrl;
157
158 if (pbdev->pft == ZPCI_PFT_ISM) {
159 notifier_remove(&pbdev->shutdown_notifier);
160 }
161
162 /* Unplug the PCI device */
163 if (pbdev->pdev) {
164 DeviceState *pdev = DEVICE(pbdev->pdev);
165
166 hotplug_ctrl = qdev_get_hotplug_handler(pdev);
167 hotplug_handler_unplug(hotplug_ctrl, pdev, &error_abort);
168 object_unparent(OBJECT(pdev));
169 }
170
171 /* Unplug the zPCI device */
172 hotplug_ctrl = qdev_get_hotplug_handler(DEVICE(pbdev));
173 hotplug_handler_unplug(hotplug_ctrl, DEVICE(pbdev), &error_abort);
174 object_unparent(OBJECT(pbdev));
175 }
176
s390_pci_sclp_deconfigure(SCCB * sccb)177 void s390_pci_sclp_deconfigure(SCCB *sccb)
178 {
179 IoaCfgSccb *psccb = (IoaCfgSccb *)sccb;
180 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(s390_get_phb(),
181 be32_to_cpu(psccb->aid));
182 uint16_t rc;
183
184 if (!pbdev) {
185 trace_s390_pci_sclp_nodev("deconfigure", be32_to_cpu(psccb->aid));
186 rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
187 goto out;
188 }
189
190 switch (pbdev->state) {
191 case ZPCI_FS_RESERVED:
192 rc = SCLP_RC_ADAPTER_IN_RESERVED_STATE;
193 break;
194 case ZPCI_FS_STANDBY:
195 rc = SCLP_RC_NO_ACTION_REQUIRED;
196 break;
197 default:
198 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) {
199 /* Interpreted devices were using interrupt forwarding */
200 s390_pci_kvm_aif_disable(pbdev);
201 } else if (pbdev->summary_ind) {
202 pci_dereg_irqs(pbdev);
203 }
204 if (pbdev->iommu->enabled) {
205 pci_dereg_ioat(pbdev->iommu);
206 }
207 pbdev->state = ZPCI_FS_STANDBY;
208 rc = SCLP_RC_NORMAL_COMPLETION;
209
210 if (pbdev->unplug_requested) {
211 s390_pci_perform_unplug(pbdev);
212 }
213 }
214 out:
215 psccb->header.response_code = cpu_to_be16(rc);
216 }
217
s390_pci_find_dev_by_uid(S390pciState * s,uint16_t uid)218 static S390PCIBusDevice *s390_pci_find_dev_by_uid(S390pciState *s, uint16_t uid)
219 {
220 S390PCIBusDevice *pbdev;
221
222 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
223 if (pbdev->uid == uid) {
224 return pbdev;
225 }
226 }
227
228 return NULL;
229 }
230
s390_pci_find_dev_by_target(S390pciState * s,const char * target)231 S390PCIBusDevice *s390_pci_find_dev_by_target(S390pciState *s,
232 const char *target)
233 {
234 S390PCIBusDevice *pbdev;
235
236 if (!target) {
237 return NULL;
238 }
239
240 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
241 if (!strcmp(pbdev->target, target)) {
242 return pbdev;
243 }
244 }
245
246 return NULL;
247 }
248
s390_pci_find_dev_by_pci(S390pciState * s,PCIDevice * pci_dev)249 static S390PCIBusDevice *s390_pci_find_dev_by_pci(S390pciState *s,
250 PCIDevice *pci_dev)
251 {
252 S390PCIBusDevice *pbdev;
253
254 if (!pci_dev) {
255 return NULL;
256 }
257
258 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
259 if (pbdev->pdev == pci_dev) {
260 return pbdev;
261 }
262 }
263
264 return NULL;
265 }
266
s390_pci_find_dev_by_idx(S390pciState * s,uint32_t idx)267 S390PCIBusDevice *s390_pci_find_dev_by_idx(S390pciState *s, uint32_t idx)
268 {
269 return g_hash_table_lookup(s->zpci_table, &idx);
270 }
271
s390_pci_find_dev_by_fh(S390pciState * s,uint32_t fh)272 S390PCIBusDevice *s390_pci_find_dev_by_fh(S390pciState *s, uint32_t fh)
273 {
274 uint32_t idx = FH_MASK_INDEX & fh;
275 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_idx(s, idx);
276
277 if (pbdev && pbdev->fh == fh) {
278 return pbdev;
279 }
280
281 return NULL;
282 }
283
s390_pci_generate_event(uint8_t cc,uint16_t pec,uint32_t fh,uint32_t fid,uint64_t faddr,uint32_t e)284 static void s390_pci_generate_event(uint8_t cc, uint16_t pec, uint32_t fh,
285 uint32_t fid, uint64_t faddr, uint32_t e)
286 {
287 SeiContainer *sei_cont;
288 S390pciState *s = s390_get_phb();
289
290 sei_cont = g_new0(SeiContainer, 1);
291 sei_cont->fh = fh;
292 sei_cont->fid = fid;
293 sei_cont->cc = cc;
294 sei_cont->pec = pec;
295 sei_cont->faddr = faddr;
296 sei_cont->e = e;
297
298 QTAILQ_INSERT_TAIL(&s->pending_sei, sei_cont, link);
299 css_generate_css_crws(0);
300 }
301
s390_pci_generate_plug_event(uint16_t pec,uint32_t fh,uint32_t fid)302 static void s390_pci_generate_plug_event(uint16_t pec, uint32_t fh,
303 uint32_t fid)
304 {
305 s390_pci_generate_event(2, pec, fh, fid, 0, 0);
306 }
307
s390_pci_generate_error_event(uint16_t pec,uint32_t fh,uint32_t fid,uint64_t faddr,uint32_t e)308 void s390_pci_generate_error_event(uint16_t pec, uint32_t fh, uint32_t fid,
309 uint64_t faddr, uint32_t e)
310 {
311 s390_pci_generate_event(1, pec, fh, fid, faddr, e);
312 }
313
s390_pci_set_irq(void * opaque,int irq,int level)314 static void s390_pci_set_irq(void *opaque, int irq, int level)
315 {
316 /* nothing to do */
317 }
318
s390_pci_map_irq(PCIDevice * pci_dev,int irq_num)319 static int s390_pci_map_irq(PCIDevice *pci_dev, int irq_num)
320 {
321 /* nothing to do */
322 return 0;
323 }
324
s390_pci_get_table_origin(uint64_t iota)325 static uint64_t s390_pci_get_table_origin(uint64_t iota)
326 {
327 return iota & ~ZPCI_IOTA_RTTO_FLAG;
328 }
329
calc_rtx(dma_addr_t ptr)330 static unsigned int calc_rtx(dma_addr_t ptr)
331 {
332 return ((unsigned long) ptr >> ZPCI_RT_SHIFT) & ZPCI_INDEX_MASK;
333 }
334
calc_sx(dma_addr_t ptr)335 static unsigned int calc_sx(dma_addr_t ptr)
336 {
337 return ((unsigned long) ptr >> ZPCI_ST_SHIFT) & ZPCI_INDEX_MASK;
338 }
339
calc_px(dma_addr_t ptr)340 static unsigned int calc_px(dma_addr_t ptr)
341 {
342 return ((unsigned long) ptr >> TARGET_PAGE_BITS) & ZPCI_PT_MASK;
343 }
344
get_rt_sto(uint64_t entry)345 static uint64_t get_rt_sto(uint64_t entry)
346 {
347 return ((entry & ZPCI_TABLE_TYPE_MASK) == ZPCI_TABLE_TYPE_RTX)
348 ? (entry & ZPCI_RTE_ADDR_MASK)
349 : 0;
350 }
351
get_st_pto(uint64_t entry)352 static uint64_t get_st_pto(uint64_t entry)
353 {
354 return ((entry & ZPCI_TABLE_TYPE_MASK) == ZPCI_TABLE_TYPE_SX)
355 ? (entry & ZPCI_STE_ADDR_MASK)
356 : 0;
357 }
358
rt_entry_isvalid(uint64_t entry)359 static bool rt_entry_isvalid(uint64_t entry)
360 {
361 return (entry & ZPCI_TABLE_VALID_MASK) == ZPCI_TABLE_VALID;
362 }
363
pt_entry_isvalid(uint64_t entry)364 static bool pt_entry_isvalid(uint64_t entry)
365 {
366 return (entry & ZPCI_PTE_VALID_MASK) == ZPCI_PTE_VALID;
367 }
368
entry_isprotected(uint64_t entry)369 static bool entry_isprotected(uint64_t entry)
370 {
371 return (entry & ZPCI_TABLE_PROT_MASK) == ZPCI_TABLE_PROTECTED;
372 }
373
374 /* ett is expected table type, -1 page table, 0 segment table, 1 region table */
get_table_index(uint64_t iova,int8_t ett)375 static uint64_t get_table_index(uint64_t iova, int8_t ett)
376 {
377 switch (ett) {
378 case ZPCI_ETT_PT:
379 return calc_px(iova);
380 case ZPCI_ETT_ST:
381 return calc_sx(iova);
382 case ZPCI_ETT_RT:
383 return calc_rtx(iova);
384 }
385
386 return -1;
387 }
388
entry_isvalid(uint64_t entry,int8_t ett)389 static bool entry_isvalid(uint64_t entry, int8_t ett)
390 {
391 switch (ett) {
392 case ZPCI_ETT_PT:
393 return pt_entry_isvalid(entry);
394 case ZPCI_ETT_ST:
395 case ZPCI_ETT_RT:
396 return rt_entry_isvalid(entry);
397 }
398
399 return false;
400 }
401
402 /* Return true if address translation is done */
translate_iscomplete(uint64_t entry,int8_t ett)403 static bool translate_iscomplete(uint64_t entry, int8_t ett)
404 {
405 switch (ett) {
406 case 0:
407 return (entry & ZPCI_TABLE_FC) ? true : false;
408 case 1:
409 return false;
410 }
411
412 return true;
413 }
414
get_frame_size(int8_t ett)415 static uint64_t get_frame_size(int8_t ett)
416 {
417 switch (ett) {
418 case ZPCI_ETT_PT:
419 return 1ULL << 12;
420 case ZPCI_ETT_ST:
421 return 1ULL << 20;
422 case ZPCI_ETT_RT:
423 return 1ULL << 31;
424 }
425
426 return 0;
427 }
428
get_next_table_origin(uint64_t entry,int8_t ett)429 static uint64_t get_next_table_origin(uint64_t entry, int8_t ett)
430 {
431 switch (ett) {
432 case ZPCI_ETT_PT:
433 return entry & ZPCI_PTE_ADDR_MASK;
434 case ZPCI_ETT_ST:
435 return get_st_pto(entry);
436 case ZPCI_ETT_RT:
437 return get_rt_sto(entry);
438 }
439
440 return 0;
441 }
442
443 /**
444 * table_translate: do translation within one table and return the following
445 * table origin
446 *
447 * @entry: the entry being translated, the result is stored in this.
448 * @to: the address of table origin.
449 * @ett: expected table type, 1 region table, 0 segment table and -1 page table.
450 * @error: error code
451 */
table_translate(S390IOTLBEntry * entry,uint64_t to,int8_t ett,uint16_t * error)452 static uint64_t table_translate(S390IOTLBEntry *entry, uint64_t to, int8_t ett,
453 uint16_t *error)
454 {
455 uint64_t tx, te, nto = 0;
456 uint16_t err = 0;
457
458 tx = get_table_index(entry->iova, ett);
459 te = address_space_ldq(&address_space_memory, to + tx * sizeof(uint64_t),
460 MEMTXATTRS_UNSPECIFIED, NULL);
461
462 if (!te) {
463 err = ERR_EVENT_INVALTE;
464 goto out;
465 }
466
467 if (!entry_isvalid(te, ett)) {
468 entry->perm &= IOMMU_NONE;
469 goto out;
470 }
471
472 if (ett == ZPCI_ETT_RT && ((te & ZPCI_TABLE_LEN_RTX) != ZPCI_TABLE_LEN_RTX
473 || te & ZPCI_TABLE_OFFSET_MASK)) {
474 err = ERR_EVENT_INVALTL;
475 goto out;
476 }
477
478 nto = get_next_table_origin(te, ett);
479 if (!nto) {
480 err = ERR_EVENT_TT;
481 goto out;
482 }
483
484 if (entry_isprotected(te)) {
485 entry->perm &= IOMMU_RO;
486 } else {
487 entry->perm &= IOMMU_RW;
488 }
489
490 if (translate_iscomplete(te, ett)) {
491 switch (ett) {
492 case ZPCI_ETT_PT:
493 entry->translated_addr = te & ZPCI_PTE_ADDR_MASK;
494 break;
495 case ZPCI_ETT_ST:
496 entry->translated_addr = (te & ZPCI_SFAA_MASK) |
497 (entry->iova & ~ZPCI_SFAA_MASK);
498 break;
499 }
500 nto = 0;
501 }
502 out:
503 if (err) {
504 entry->perm = IOMMU_NONE;
505 *error = err;
506 }
507 entry->len = get_frame_size(ett);
508 return nto;
509 }
510
s390_guest_io_table_walk(uint64_t g_iota,hwaddr addr,S390IOTLBEntry * entry)511 uint16_t s390_guest_io_table_walk(uint64_t g_iota, hwaddr addr,
512 S390IOTLBEntry *entry)
513 {
514 uint64_t to = s390_pci_get_table_origin(g_iota);
515 int8_t ett = 1;
516 uint16_t error = 0;
517
518 entry->iova = addr & TARGET_PAGE_MASK;
519 entry->translated_addr = 0;
520 entry->perm = IOMMU_RW;
521
522 if (entry_isprotected(g_iota)) {
523 entry->perm &= IOMMU_RO;
524 }
525
526 while (to) {
527 to = table_translate(entry, to, ett--, &error);
528 }
529
530 return error;
531 }
532
s390_translate_iommu(IOMMUMemoryRegion * mr,hwaddr addr,IOMMUAccessFlags flag,int iommu_idx)533 static IOMMUTLBEntry s390_translate_iommu(IOMMUMemoryRegion *mr, hwaddr addr,
534 IOMMUAccessFlags flag, int iommu_idx)
535 {
536 S390PCIIOMMU *iommu = container_of(mr, S390PCIIOMMU, iommu_mr);
537 S390IOTLBEntry *entry;
538 uint64_t iova = addr & TARGET_PAGE_MASK;
539 uint16_t error = 0;
540 IOMMUTLBEntry ret = {
541 .target_as = &address_space_memory,
542 .iova = 0,
543 .translated_addr = 0,
544 .addr_mask = ~(hwaddr)0,
545 .perm = IOMMU_NONE,
546 };
547
548 switch (iommu->pbdev->state) {
549 case ZPCI_FS_ENABLED:
550 case ZPCI_FS_BLOCKED:
551 if (!iommu->enabled) {
552 return ret;
553 }
554 break;
555 default:
556 return ret;
557 }
558
559 trace_s390_pci_iommu_xlate(addr);
560
561 if (addr < iommu->pba || addr > iommu->pal) {
562 error = ERR_EVENT_OORANGE;
563 goto err;
564 }
565
566 entry = g_hash_table_lookup(iommu->iotlb, &iova);
567 if (entry) {
568 ret.iova = entry->iova;
569 ret.translated_addr = entry->translated_addr;
570 ret.addr_mask = entry->len - 1;
571 ret.perm = entry->perm;
572 } else {
573 ret.iova = iova;
574 ret.addr_mask = ~TARGET_PAGE_MASK;
575 ret.perm = IOMMU_NONE;
576 }
577
578 if (flag != IOMMU_NONE && !(flag & ret.perm)) {
579 error = ERR_EVENT_TPROTE;
580 }
581 err:
582 if (error) {
583 iommu->pbdev->state = ZPCI_FS_ERROR;
584 s390_pci_generate_error_event(error, iommu->pbdev->fh,
585 iommu->pbdev->fid, addr, 0);
586 }
587 return ret;
588 }
589
s390_pci_iommu_replay(IOMMUMemoryRegion * iommu,IOMMUNotifier * notifier)590 static void s390_pci_iommu_replay(IOMMUMemoryRegion *iommu,
591 IOMMUNotifier *notifier)
592 {
593 /* It's impossible to plug a pci device on s390x that already has iommu
594 * mappings which need to be replayed, that is due to the "one iommu per
595 * zpci device" construct. But when we support migration of vfio-pci
596 * devices in future, we need to revisit this.
597 */
598 return;
599 }
600
s390_pci_get_iommu(S390pciState * s,PCIBus * bus,int devfn)601 static S390PCIIOMMU *s390_pci_get_iommu(S390pciState *s, PCIBus *bus,
602 int devfn)
603 {
604 uint64_t key = (uintptr_t)bus;
605 S390PCIIOMMUTable *table = g_hash_table_lookup(s->iommu_table, &key);
606 S390PCIIOMMU *iommu;
607
608 if (!table) {
609 table = g_new0(S390PCIIOMMUTable, 1);
610 table->key = key;
611 g_hash_table_insert(s->iommu_table, &table->key, table);
612 }
613
614 iommu = table->iommu[PCI_SLOT(devfn)];
615 if (!iommu) {
616 iommu = S390_PCI_IOMMU(object_new(TYPE_S390_PCI_IOMMU));
617
618 char *mr_name = g_strdup_printf("iommu-root-%02x:%02x.%01x",
619 pci_bus_num(bus),
620 PCI_SLOT(devfn),
621 PCI_FUNC(devfn));
622 char *as_name = g_strdup_printf("iommu-pci-%02x:%02x.%01x",
623 pci_bus_num(bus),
624 PCI_SLOT(devfn),
625 PCI_FUNC(devfn));
626 memory_region_init(&iommu->mr, OBJECT(iommu), mr_name, UINT64_MAX);
627 address_space_init(&iommu->as, &iommu->mr, as_name);
628 iommu->iotlb = g_hash_table_new_full(g_int64_hash, g_int64_equal,
629 NULL, g_free);
630 table->iommu[PCI_SLOT(devfn)] = iommu;
631
632 g_free(mr_name);
633 g_free(as_name);
634 }
635
636 return iommu;
637 }
638
s390_pci_dma_iommu(PCIBus * bus,void * opaque,int devfn)639 static AddressSpace *s390_pci_dma_iommu(PCIBus *bus, void *opaque, int devfn)
640 {
641 S390pciState *s = opaque;
642 S390PCIIOMMU *iommu = s390_pci_get_iommu(s, bus, devfn);
643
644 return &iommu->as;
645 }
646
647 static const PCIIOMMUOps s390_iommu_ops = {
648 .get_address_space = s390_pci_dma_iommu,
649 };
650
set_ind_atomic(uint64_t ind_loc,uint8_t to_be_set)651 static uint8_t set_ind_atomic(uint64_t ind_loc, uint8_t to_be_set)
652 {
653 uint8_t expected, actual;
654 hwaddr len = 1;
655 /* avoid multiple fetches */
656 uint8_t volatile *ind_addr;
657
658 ind_addr = cpu_physical_memory_map(ind_loc, &len, true);
659 if (!ind_addr) {
660 s390_pci_generate_error_event(ERR_EVENT_AIRERR, 0, 0, 0, 0);
661 return -1;
662 }
663 actual = *ind_addr;
664 do {
665 expected = actual;
666 actual = qatomic_cmpxchg(ind_addr, expected, expected | to_be_set);
667 } while (actual != expected);
668 cpu_physical_memory_unmap((void *)ind_addr, len, 1, len);
669
670 return actual;
671 }
672
s390_msi_ctrl_write(void * opaque,hwaddr addr,uint64_t data,unsigned int size)673 static void s390_msi_ctrl_write(void *opaque, hwaddr addr, uint64_t data,
674 unsigned int size)
675 {
676 S390PCIBusDevice *pbdev = opaque;
677 uint32_t vec = data & ZPCI_MSI_VEC_MASK;
678 uint64_t ind_bit;
679 uint32_t sum_bit;
680
681 assert(pbdev);
682
683 trace_s390_pci_msi_ctrl_write(data, pbdev->idx, vec);
684
685 if (pbdev->state != ZPCI_FS_ENABLED) {
686 return;
687 }
688
689 ind_bit = pbdev->routes.adapter.ind_offset;
690 sum_bit = pbdev->routes.adapter.summary_offset;
691
692 set_ind_atomic(pbdev->routes.adapter.ind_addr + (ind_bit + vec) / 8,
693 0x80 >> ((ind_bit + vec) % 8));
694 if (!set_ind_atomic(pbdev->routes.adapter.summary_addr + sum_bit / 8,
695 0x80 >> (sum_bit % 8))) {
696 css_adapter_interrupt(CSS_IO_ADAPTER_PCI, pbdev->isc);
697 }
698 }
699
s390_msi_ctrl_read(void * opaque,hwaddr addr,unsigned size)700 static uint64_t s390_msi_ctrl_read(void *opaque, hwaddr addr, unsigned size)
701 {
702 return 0xffffffff;
703 }
704
705 static const MemoryRegionOps s390_msi_ctrl_ops = {
706 .write = s390_msi_ctrl_write,
707 .read = s390_msi_ctrl_read,
708 .endianness = DEVICE_LITTLE_ENDIAN,
709 };
710
s390_pci_iommu_enable(S390PCIIOMMU * iommu)711 void s390_pci_iommu_enable(S390PCIIOMMU *iommu)
712 {
713 /*
714 * The iommu region is initialized against a 0-mapped address space,
715 * so the smallest IOMMU region we can define runs from 0 to the end
716 * of the PCI address space.
717 */
718 char *name = g_strdup_printf("iommu-s390-%04x", iommu->pbdev->uid);
719 memory_region_init_iommu(&iommu->iommu_mr, sizeof(iommu->iommu_mr),
720 TYPE_S390_IOMMU_MEMORY_REGION, OBJECT(&iommu->mr),
721 name, iommu->pal + 1);
722 iommu->enabled = true;
723 memory_region_add_subregion(&iommu->mr, 0, MEMORY_REGION(&iommu->iommu_mr));
724 g_free(name);
725 }
726
s390_pci_iommu_disable(S390PCIIOMMU * iommu)727 void s390_pci_iommu_disable(S390PCIIOMMU *iommu)
728 {
729 iommu->enabled = false;
730 g_hash_table_remove_all(iommu->iotlb);
731 memory_region_del_subregion(&iommu->mr, MEMORY_REGION(&iommu->iommu_mr));
732 object_unparent(OBJECT(&iommu->iommu_mr));
733 }
734
s390_pci_iommu_free(S390pciState * s,PCIBus * bus,int32_t devfn)735 static void s390_pci_iommu_free(S390pciState *s, PCIBus *bus, int32_t devfn)
736 {
737 uint64_t key = (uintptr_t)bus;
738 S390PCIIOMMUTable *table = g_hash_table_lookup(s->iommu_table, &key);
739 S390PCIIOMMU *iommu = table ? table->iommu[PCI_SLOT(devfn)] : NULL;
740
741 if (!table || !iommu) {
742 return;
743 }
744
745 table->iommu[PCI_SLOT(devfn)] = NULL;
746 g_hash_table_destroy(iommu->iotlb);
747 /*
748 * An attached PCI device may have memory listeners, eg. VFIO PCI.
749 * The associated subregion will already have been unmapped in
750 * s390_pci_iommu_disable in response to the guest deconfigure request.
751 * Remove the listeners now before destroying the address space.
752 */
753 address_space_remove_listeners(&iommu->as);
754 address_space_destroy(&iommu->as);
755 object_unparent(OBJECT(&iommu->mr));
756 object_unparent(OBJECT(iommu));
757 object_unref(OBJECT(iommu));
758 }
759
s390_group_create(int id,int host_id)760 S390PCIGroup *s390_group_create(int id, int host_id)
761 {
762 S390PCIGroup *group;
763 S390pciState *s = s390_get_phb();
764
765 group = g_new0(S390PCIGroup, 1);
766 group->id = id;
767 group->host_id = host_id;
768 QTAILQ_INSERT_TAIL(&s->zpci_groups, group, link);
769 return group;
770 }
771
s390_group_find(int id)772 S390PCIGroup *s390_group_find(int id)
773 {
774 S390PCIGroup *group;
775 S390pciState *s = s390_get_phb();
776
777 QTAILQ_FOREACH(group, &s->zpci_groups, link) {
778 if (group->id == id) {
779 return group;
780 }
781 }
782 return NULL;
783 }
784
s390_group_find_host_sim(int host_id)785 S390PCIGroup *s390_group_find_host_sim(int host_id)
786 {
787 S390PCIGroup *group;
788 S390pciState *s = s390_get_phb();
789
790 QTAILQ_FOREACH(group, &s->zpci_groups, link) {
791 if (group->id >= ZPCI_SIM_GRP_START && group->host_id == host_id) {
792 return group;
793 }
794 }
795 return NULL;
796 }
797
s390_pci_init_default_group(void)798 static void s390_pci_init_default_group(void)
799 {
800 S390PCIGroup *group;
801 ClpRspQueryPciGrp *resgrp;
802
803 group = s390_group_create(ZPCI_DEFAULT_FN_GRP, ZPCI_DEFAULT_FN_GRP);
804 resgrp = &group->zpci_group;
805 resgrp->fr = 1;
806 resgrp->dasm = 0;
807 resgrp->msia = ZPCI_MSI_ADDR;
808 resgrp->mui = DEFAULT_MUI;
809 resgrp->i = 128;
810 resgrp->maxstbl = 128;
811 resgrp->version = 0;
812 resgrp->dtsm = ZPCI_DTSM;
813 }
814
set_pbdev_info(S390PCIBusDevice * pbdev)815 static void set_pbdev_info(S390PCIBusDevice *pbdev)
816 {
817 pbdev->zpci_fn.sdma = ZPCI_SDMA_ADDR;
818 pbdev->zpci_fn.edma = ZPCI_EDMA_ADDR;
819 pbdev->zpci_fn.pchid = 0;
820 pbdev->zpci_fn.pfgid = ZPCI_DEFAULT_FN_GRP;
821 pbdev->zpci_fn.fid = pbdev->fid;
822 pbdev->zpci_fn.uid = pbdev->uid;
823 pbdev->pci_group = s390_group_find(ZPCI_DEFAULT_FN_GRP);
824 }
825
s390_pcihost_realize(DeviceState * dev,Error ** errp)826 static void s390_pcihost_realize(DeviceState *dev, Error **errp)
827 {
828 PCIBus *b;
829 BusState *bus;
830 PCIHostState *phb = PCI_HOST_BRIDGE(dev);
831 S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
832
833 trace_s390_pcihost("realize");
834
835 b = pci_register_root_bus(dev, NULL, s390_pci_set_irq, s390_pci_map_irq,
836 NULL, get_system_memory(), get_system_io(), 0,
837 64, TYPE_PCI_BUS);
838 pci_setup_iommu(b, &s390_iommu_ops, s);
839
840 bus = BUS(b);
841 qbus_set_hotplug_handler(bus, OBJECT(dev));
842 phb->bus = b;
843
844 s->bus = S390_PCI_BUS(qbus_new(TYPE_S390_PCI_BUS, dev, NULL));
845 qbus_set_hotplug_handler(BUS(s->bus), OBJECT(dev));
846
847 s->iommu_table = g_hash_table_new_full(g_int64_hash, g_int64_equal,
848 NULL, g_free);
849 s->zpci_table = g_hash_table_new_full(g_int_hash, g_int_equal, NULL, NULL);
850 s->bus_no = 0;
851 s->next_sim_grp = ZPCI_SIM_GRP_START;
852 QTAILQ_INIT(&s->pending_sei);
853 QTAILQ_INIT(&s->zpci_devs);
854 QTAILQ_INIT(&s->zpci_dma_limit);
855 QTAILQ_INIT(&s->zpci_groups);
856
857 s390_pci_init_default_group();
858 css_register_io_adapters(CSS_IO_ADAPTER_PCI, true, false,
859 S390_ADAPTER_SUPPRESSIBLE, errp);
860 }
861
s390_pcihost_unrealize(DeviceState * dev)862 static void s390_pcihost_unrealize(DeviceState *dev)
863 {
864 S390PCIGroup *group;
865 S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
866
867 while (!QTAILQ_EMPTY(&s->zpci_groups)) {
868 group = QTAILQ_FIRST(&s->zpci_groups);
869 QTAILQ_REMOVE(&s->zpci_groups, group, link);
870 }
871 }
872
s390_pci_msix_init(S390PCIBusDevice * pbdev)873 static int s390_pci_msix_init(S390PCIBusDevice *pbdev)
874 {
875 char *name;
876 uint8_t pos;
877 uint16_t ctrl;
878 uint32_t table, pba;
879
880 pos = pci_find_capability(pbdev->pdev, PCI_CAP_ID_MSIX);
881 if (!pos) {
882 return -1;
883 }
884
885 ctrl = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_FLAGS,
886 pci_config_size(pbdev->pdev), sizeof(ctrl));
887 table = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_TABLE,
888 pci_config_size(pbdev->pdev), sizeof(table));
889 pba = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_PBA,
890 pci_config_size(pbdev->pdev), sizeof(pba));
891
892 pbdev->msix.table_bar = table & PCI_MSIX_FLAGS_BIRMASK;
893 pbdev->msix.table_offset = table & ~PCI_MSIX_FLAGS_BIRMASK;
894 pbdev->msix.pba_bar = pba & PCI_MSIX_FLAGS_BIRMASK;
895 pbdev->msix.pba_offset = pba & ~PCI_MSIX_FLAGS_BIRMASK;
896 pbdev->msix.entries = (ctrl & PCI_MSIX_FLAGS_QSIZE) + 1;
897
898 name = g_strdup_printf("msix-s390-%04x", pbdev->uid);
899 memory_region_init_io(&pbdev->msix_notify_mr, OBJECT(pbdev),
900 &s390_msi_ctrl_ops, pbdev, name, TARGET_PAGE_SIZE);
901 memory_region_add_subregion(&pbdev->iommu->mr,
902 pbdev->pci_group->zpci_group.msia,
903 &pbdev->msix_notify_mr);
904 g_free(name);
905
906 return 0;
907 }
908
s390_pci_msix_free(S390PCIBusDevice * pbdev)909 static void s390_pci_msix_free(S390PCIBusDevice *pbdev)
910 {
911 if (pbdev->msix.entries == 0) {
912 return;
913 }
914
915 memory_region_del_subregion(&pbdev->iommu->mr, &pbdev->msix_notify_mr);
916 object_unparent(OBJECT(&pbdev->msix_notify_mr));
917 }
918
s390_pci_device_new(S390pciState * s,const char * target,Error ** errp)919 static S390PCIBusDevice *s390_pci_device_new(S390pciState *s,
920 const char *target, Error **errp)
921 {
922 Error *local_err = NULL;
923 DeviceState *dev;
924
925 dev = qdev_try_new(TYPE_S390_PCI_DEVICE);
926 if (!dev) {
927 error_setg(errp, "zPCI device could not be created");
928 return NULL;
929 }
930
931 if (!object_property_set_str(OBJECT(dev), "target", target, &local_err)) {
932 object_unparent(OBJECT(dev));
933 error_propagate_prepend(errp, local_err,
934 "zPCI device could not be created: ");
935 return NULL;
936 }
937 if (!qdev_realize_and_unref(dev, BUS(s->bus), &local_err)) {
938 object_unparent(OBJECT(dev));
939 error_propagate_prepend(errp, local_err,
940 "zPCI device could not be created: ");
941 return NULL;
942 }
943
944 return S390_PCI_DEVICE(dev);
945 }
946
s390_pci_alloc_idx(S390pciState * s,S390PCIBusDevice * pbdev)947 static bool s390_pci_alloc_idx(S390pciState *s, S390PCIBusDevice *pbdev)
948 {
949 uint32_t idx;
950
951 idx = s->next_idx;
952 while (s390_pci_find_dev_by_idx(s, idx)) {
953 idx = (idx + 1) & FH_MASK_INDEX;
954 if (idx == s->next_idx) {
955 return false;
956 }
957 }
958
959 pbdev->idx = idx;
960 return true;
961 }
962
s390_pcihost_pre_plug(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)963 static void s390_pcihost_pre_plug(HotplugHandler *hotplug_dev, DeviceState *dev,
964 Error **errp)
965 {
966 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
967
968 if (!s390_has_feat(S390_FEAT_ZPCI)) {
969 warn_report("Plugging a PCI/zPCI device without the 'zpci' CPU "
970 "feature enabled; the guest will not be able to see/use "
971 "this device");
972 }
973
974 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
975 PCIDevice *pdev = PCI_DEVICE(dev);
976
977 if (pdev->cap_present & QEMU_PCI_CAP_MULTIFUNCTION) {
978 error_setg(errp, "multifunction not supported in s390");
979 return;
980 }
981 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
982 S390PCIBusDevice *pbdev = S390_PCI_DEVICE(dev);
983
984 if (!s390_pci_alloc_idx(s, pbdev)) {
985 error_setg(errp, "no slot for plugging zpci device");
986 return;
987 }
988 }
989 }
990
s390_pci_update_subordinate(PCIDevice * dev,uint32_t nr)991 static void s390_pci_update_subordinate(PCIDevice *dev, uint32_t nr)
992 {
993 uint32_t old_nr;
994
995 pci_default_write_config(dev, PCI_SUBORDINATE_BUS, nr, 1);
996 while (!pci_bus_is_root(pci_get_bus(dev))) {
997 dev = pci_get_bus(dev)->parent_dev;
998
999 old_nr = pci_default_read_config(dev, PCI_SUBORDINATE_BUS, 1);
1000 if (old_nr < nr) {
1001 pci_default_write_config(dev, PCI_SUBORDINATE_BUS, nr, 1);
1002 }
1003 }
1004 }
1005
s390_pci_interp_plug(S390pciState * s,S390PCIBusDevice * pbdev)1006 static int s390_pci_interp_plug(S390pciState *s, S390PCIBusDevice *pbdev)
1007 {
1008 uint32_t idx, fh;
1009
1010 if (!s390_pci_get_host_fh(pbdev, &fh)) {
1011 return -EPERM;
1012 }
1013
1014 /*
1015 * The host device is already in an enabled state, but we always present
1016 * the initial device state to the guest as disabled (ZPCI_FS_DISABLED).
1017 * Therefore, mask off the enable bit from the passthrough handle until
1018 * the guest issues a CLP SET PCI FN later to enable the device.
1019 */
1020 pbdev->fh = fh & ~FH_MASK_ENABLE;
1021
1022 /* Next, see if the idx is already in-use */
1023 idx = pbdev->fh & FH_MASK_INDEX;
1024 if (pbdev->idx != idx) {
1025 if (s390_pci_find_dev_by_idx(s, idx)) {
1026 return -EINVAL;
1027 }
1028 /*
1029 * Update the idx entry with the passed through idx
1030 * If the relinquished idx is lower than next_idx, use it
1031 * to replace next_idx
1032 */
1033 g_hash_table_remove(s->zpci_table, &pbdev->idx);
1034 if (idx < s->next_idx) {
1035 s->next_idx = idx;
1036 }
1037 pbdev->idx = idx;
1038 g_hash_table_insert(s->zpci_table, &pbdev->idx, pbdev);
1039 }
1040
1041 return 0;
1042 }
1043
s390_pcihost_plug(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)1044 static void s390_pcihost_plug(HotplugHandler *hotplug_dev, DeviceState *dev,
1045 Error **errp)
1046 {
1047 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
1048 PCIDevice *pdev = NULL;
1049 S390PCIBusDevice *pbdev = NULL;
1050 int rc;
1051
1052 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_BRIDGE)) {
1053 PCIBridge *pb = PCI_BRIDGE(dev);
1054
1055 pdev = PCI_DEVICE(dev);
1056 pci_bridge_map_irq(pb, dev->id, s390_pci_map_irq);
1057 pci_setup_iommu(&pb->sec_bus, &s390_iommu_ops, s);
1058
1059 qbus_set_hotplug_handler(BUS(&pb->sec_bus), OBJECT(s));
1060
1061 if (dev->hotplugged) {
1062 pci_default_write_config(pdev, PCI_PRIMARY_BUS,
1063 pci_dev_bus_num(pdev), 1);
1064 s->bus_no += 1;
1065 pci_default_write_config(pdev, PCI_SECONDARY_BUS, s->bus_no, 1);
1066
1067 s390_pci_update_subordinate(pdev, s->bus_no);
1068 }
1069 } else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
1070 pdev = PCI_DEVICE(dev);
1071
1072 if (!dev->id) {
1073 /* In the case the PCI device does not define an id */
1074 /* we generate one based on the PCI address */
1075 dev->id = g_strdup_printf("auto_%02x:%02x.%01x",
1076 pci_dev_bus_num(pdev),
1077 PCI_SLOT(pdev->devfn),
1078 PCI_FUNC(pdev->devfn));
1079 }
1080
1081 pbdev = s390_pci_find_dev_by_target(s, dev->id);
1082 if (!pbdev) {
1083 pbdev = s390_pci_device_new(s, dev->id, errp);
1084 if (!pbdev) {
1085 return;
1086 }
1087 }
1088
1089 pbdev->pdev = pdev;
1090 pbdev->iommu = s390_pci_get_iommu(s, pci_get_bus(pdev), pdev->devfn);
1091 pbdev->iommu->pbdev = pbdev;
1092 pbdev->state = ZPCI_FS_DISABLED;
1093 set_pbdev_info(pbdev);
1094
1095 if (object_dynamic_cast(OBJECT(dev), "vfio-pci")) {
1096 /*
1097 * By default, interpretation is always requested; if the available
1098 * facilities indicate it is not available, fallback to the
1099 * interception model.
1100 */
1101 if (pbdev->interp) {
1102 if (s390_pci_kvm_interp_allowed()) {
1103 rc = s390_pci_interp_plug(s, pbdev);
1104 if (rc) {
1105 error_setg(errp, "Plug failed for zPCI device in "
1106 "interpretation mode: %d", rc);
1107 return;
1108 }
1109 } else {
1110 trace_s390_pcihost("zPCI interpretation missing");
1111 pbdev->interp = false;
1112 pbdev->forwarding_assist = false;
1113 }
1114 }
1115 pbdev->iommu->dma_limit = s390_pci_start_dma_count(s, pbdev);
1116 /* Fill in CLP information passed via the vfio region */
1117 s390_pci_get_clp_info(pbdev);
1118 if (!pbdev->interp) {
1119 /* Do vfio passthrough but intercept for I/O */
1120 pbdev->fh |= FH_SHM_VFIO;
1121 pbdev->forwarding_assist = false;
1122 }
1123 /* Register shutdown notifier and reset callback for ISM devices */
1124 if (pbdev->pft == ZPCI_PFT_ISM) {
1125 pbdev->shutdown_notifier.notify = s390_pci_shutdown_notifier;
1126 qemu_register_shutdown_notifier(&pbdev->shutdown_notifier);
1127 }
1128 } else {
1129 pbdev->fh |= FH_SHM_EMUL;
1130 /* Always intercept emulated devices */
1131 pbdev->interp = false;
1132 pbdev->forwarding_assist = false;
1133 }
1134
1135 if (s390_pci_msix_init(pbdev) && !pbdev->interp) {
1136 error_setg(errp, "MSI-X support is mandatory "
1137 "in the S390 architecture");
1138 return;
1139 }
1140
1141 if (dev->hotplugged) {
1142 s390_pci_generate_plug_event(HP_EVENT_TO_CONFIGURED ,
1143 pbdev->fh, pbdev->fid);
1144 }
1145 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1146 pbdev = S390_PCI_DEVICE(dev);
1147
1148 /* the allocated idx is actually getting used */
1149 s->next_idx = (pbdev->idx + 1) & FH_MASK_INDEX;
1150 pbdev->fh = pbdev->idx;
1151 QTAILQ_INSERT_TAIL(&s->zpci_devs, pbdev, link);
1152 g_hash_table_insert(s->zpci_table, &pbdev->idx, pbdev);
1153 } else {
1154 g_assert_not_reached();
1155 }
1156 }
1157
s390_pcihost_unplug(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)1158 static void s390_pcihost_unplug(HotplugHandler *hotplug_dev, DeviceState *dev,
1159 Error **errp)
1160 {
1161 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
1162 S390PCIBusDevice *pbdev = NULL;
1163
1164 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
1165 PCIDevice *pci_dev = PCI_DEVICE(dev);
1166 PCIBus *bus;
1167 int32_t devfn;
1168
1169 pbdev = s390_pci_find_dev_by_pci(s, PCI_DEVICE(dev));
1170 g_assert(pbdev);
1171
1172 s390_pci_generate_plug_event(HP_EVENT_STANDBY_TO_RESERVED,
1173 pbdev->fh, pbdev->fid);
1174 bus = pci_get_bus(pci_dev);
1175 devfn = pci_dev->devfn;
1176 qdev_unrealize(dev);
1177
1178 s390_pci_msix_free(pbdev);
1179 s390_pci_iommu_free(s, bus, devfn);
1180 pbdev->pdev = NULL;
1181 pbdev->state = ZPCI_FS_RESERVED;
1182 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1183 pbdev = S390_PCI_DEVICE(dev);
1184 pbdev->fid = 0;
1185 QTAILQ_REMOVE(&s->zpci_devs, pbdev, link);
1186 g_hash_table_remove(s->zpci_table, &pbdev->idx);
1187 if (pbdev->iommu->dma_limit) {
1188 s390_pci_end_dma_count(s, pbdev->iommu->dma_limit);
1189 }
1190 qdev_unrealize(dev);
1191 }
1192 }
1193
s390_pcihost_unplug_request(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)1194 static void s390_pcihost_unplug_request(HotplugHandler *hotplug_dev,
1195 DeviceState *dev,
1196 Error **errp)
1197 {
1198 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
1199 S390PCIBusDevice *pbdev;
1200
1201 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_BRIDGE)) {
1202 error_setg(errp, "PCI bridge hot unplug currently not supported");
1203 } else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
1204 /*
1205 * Redirect the unplug request to the zPCI device and remember that
1206 * we've checked the PCI device already (to prevent endless recursion).
1207 */
1208 pbdev = s390_pci_find_dev_by_pci(s, PCI_DEVICE(dev));
1209 g_assert(pbdev);
1210 pbdev->pci_unplug_request_processed = true;
1211 qdev_unplug(DEVICE(pbdev), errp);
1212 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1213 pbdev = S390_PCI_DEVICE(dev);
1214
1215 /*
1216 * If unplug was initially requested for the zPCI device, we
1217 * first have to redirect to the PCI device, which will in return
1218 * redirect back to us after performing its checks (if the request
1219 * is not blocked, e.g. because it's a PCI bridge).
1220 */
1221 if (pbdev->pdev && !pbdev->pci_unplug_request_processed) {
1222 qdev_unplug(DEVICE(pbdev->pdev), errp);
1223 return;
1224 }
1225 pbdev->pci_unplug_request_processed = false;
1226
1227 switch (pbdev->state) {
1228 case ZPCI_FS_STANDBY:
1229 case ZPCI_FS_RESERVED:
1230 s390_pci_perform_unplug(pbdev);
1231 break;
1232 default:
1233 /*
1234 * Allow to send multiple requests, e.g. if the guest crashed
1235 * before releasing the device, we would not be able to send
1236 * another request to the same VM (e.g. fresh OS).
1237 */
1238 pbdev->unplug_requested = true;
1239 s390_pci_generate_plug_event(HP_EVENT_DECONFIGURE_REQUEST,
1240 pbdev->fh, pbdev->fid);
1241 }
1242 } else {
1243 g_assert_not_reached();
1244 }
1245 }
1246
s390_pci_enumerate_bridge(PCIBus * bus,PCIDevice * pdev,void * opaque)1247 static void s390_pci_enumerate_bridge(PCIBus *bus, PCIDevice *pdev,
1248 void *opaque)
1249 {
1250 S390pciState *s = opaque;
1251 PCIBus *sec_bus = NULL;
1252
1253 if ((pci_default_read_config(pdev, PCI_HEADER_TYPE, 1) !=
1254 PCI_HEADER_TYPE_BRIDGE)) {
1255 return;
1256 }
1257
1258 (s->bus_no)++;
1259 pci_default_write_config(pdev, PCI_PRIMARY_BUS, pci_dev_bus_num(pdev), 1);
1260 pci_default_write_config(pdev, PCI_SECONDARY_BUS, s->bus_no, 1);
1261 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, s->bus_no, 1);
1262
1263 sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(pdev));
1264 if (!sec_bus) {
1265 return;
1266 }
1267
1268 /* Assign numbers to all child bridges. The last is the highest number. */
1269 pci_for_each_device_under_bus(sec_bus, s390_pci_enumerate_bridge, s);
1270 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, s->bus_no, 1);
1271 }
1272
s390_pci_ism_reset(void)1273 void s390_pci_ism_reset(void)
1274 {
1275 S390pciState *s = s390_get_phb();
1276
1277 S390PCIBusDevice *pbdev, *next;
1278
1279 /* Trigger reset event for each passthrough ISM device currently in-use */
1280 QTAILQ_FOREACH_SAFE(pbdev, &s->zpci_devs, link, next) {
1281 if (pbdev->interp && pbdev->pft == ZPCI_PFT_ISM &&
1282 pbdev->fh & FH_MASK_ENABLE) {
1283 s390_pci_kvm_aif_disable(pbdev);
1284
1285 pci_device_reset(pbdev->pdev);
1286 }
1287 }
1288 }
1289
s390_pcihost_reset(DeviceState * dev)1290 static void s390_pcihost_reset(DeviceState *dev)
1291 {
1292 S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
1293 PCIBus *bus = s->parent_obj.bus;
1294 S390PCIBusDevice *pbdev, *next;
1295
1296 /* Process all pending unplug requests */
1297 QTAILQ_FOREACH_SAFE(pbdev, &s->zpci_devs, link, next) {
1298 if (pbdev->unplug_requested) {
1299 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) {
1300 /* Interpreted devices were using interrupt forwarding */
1301 s390_pci_kvm_aif_disable(pbdev);
1302 } else if (pbdev->summary_ind) {
1303 pci_dereg_irqs(pbdev);
1304 }
1305 if (pbdev->iommu->enabled) {
1306 pci_dereg_ioat(pbdev->iommu);
1307 }
1308 pbdev->state = ZPCI_FS_STANDBY;
1309 s390_pci_perform_unplug(pbdev);
1310 }
1311 }
1312
1313 /*
1314 * When resetting a PCI bridge, the assigned numbers are set to 0. So
1315 * on every system reset, we also have to reassign numbers.
1316 */
1317 s->bus_no = 0;
1318 pci_for_each_device_under_bus(bus, s390_pci_enumerate_bridge, s);
1319 }
1320
s390_pcihost_class_init(ObjectClass * klass,void * data)1321 static void s390_pcihost_class_init(ObjectClass *klass, void *data)
1322 {
1323 DeviceClass *dc = DEVICE_CLASS(klass);
1324 HotplugHandlerClass *hc = HOTPLUG_HANDLER_CLASS(klass);
1325
1326 device_class_set_legacy_reset(dc, s390_pcihost_reset);
1327 dc->realize = s390_pcihost_realize;
1328 dc->unrealize = s390_pcihost_unrealize;
1329 hc->pre_plug = s390_pcihost_pre_plug;
1330 hc->plug = s390_pcihost_plug;
1331 hc->unplug_request = s390_pcihost_unplug_request;
1332 hc->unplug = s390_pcihost_unplug;
1333 msi_nonbroken = true;
1334 }
1335
1336 static const TypeInfo s390_pcihost_info = {
1337 .name = TYPE_S390_PCI_HOST_BRIDGE,
1338 .parent = TYPE_PCI_HOST_BRIDGE,
1339 .instance_size = sizeof(S390pciState),
1340 .class_init = s390_pcihost_class_init,
1341 .interfaces = (InterfaceInfo[]) {
1342 { TYPE_HOTPLUG_HANDLER },
1343 { }
1344 }
1345 };
1346
1347 static const TypeInfo s390_pcibus_info = {
1348 .name = TYPE_S390_PCI_BUS,
1349 .parent = TYPE_BUS,
1350 .instance_size = sizeof(S390PCIBus),
1351 };
1352
s390_pci_generate_uid(S390pciState * s)1353 static uint16_t s390_pci_generate_uid(S390pciState *s)
1354 {
1355 uint16_t uid = 0;
1356
1357 do {
1358 uid++;
1359 if (!s390_pci_find_dev_by_uid(s, uid)) {
1360 return uid;
1361 }
1362 } while (uid < ZPCI_MAX_UID);
1363
1364 return UID_UNDEFINED;
1365 }
1366
s390_pci_generate_fid(S390pciState * s,Error ** errp)1367 static uint32_t s390_pci_generate_fid(S390pciState *s, Error **errp)
1368 {
1369 uint32_t fid = 0;
1370
1371 do {
1372 if (!s390_pci_find_dev_by_fid(s, fid)) {
1373 return fid;
1374 }
1375 } while (fid++ != ZPCI_MAX_FID);
1376
1377 error_setg(errp, "no free fid could be found");
1378 return 0;
1379 }
1380
s390_pci_device_realize(DeviceState * dev,Error ** errp)1381 static void s390_pci_device_realize(DeviceState *dev, Error **errp)
1382 {
1383 S390PCIBusDevice *zpci = S390_PCI_DEVICE(dev);
1384 S390pciState *s = s390_get_phb();
1385
1386 if (!zpci->target) {
1387 error_setg(errp, "target must be defined");
1388 return;
1389 }
1390
1391 if (s390_pci_find_dev_by_target(s, zpci->target)) {
1392 error_setg(errp, "target %s already has an associated zpci device",
1393 zpci->target);
1394 return;
1395 }
1396
1397 if (zpci->uid == UID_UNDEFINED) {
1398 zpci->uid = s390_pci_generate_uid(s);
1399 if (!zpci->uid) {
1400 error_setg(errp, "no free uid could be found");
1401 return;
1402 }
1403 } else if (s390_pci_find_dev_by_uid(s, zpci->uid)) {
1404 error_setg(errp, "uid %u already in use", zpci->uid);
1405 return;
1406 }
1407
1408 if (!zpci->fid_defined) {
1409 Error *local_error = NULL;
1410
1411 zpci->fid = s390_pci_generate_fid(s, &local_error);
1412 if (local_error) {
1413 error_propagate(errp, local_error);
1414 return;
1415 }
1416 } else if (s390_pci_find_dev_by_fid(s, zpci->fid)) {
1417 error_setg(errp, "fid %u already in use", zpci->fid);
1418 return;
1419 }
1420
1421 zpci->state = ZPCI_FS_RESERVED;
1422 zpci->fmb.format = ZPCI_FMB_FORMAT;
1423 }
1424
s390_pci_device_reset(DeviceState * dev)1425 static void s390_pci_device_reset(DeviceState *dev)
1426 {
1427 S390PCIBusDevice *pbdev = S390_PCI_DEVICE(dev);
1428
1429 switch (pbdev->state) {
1430 case ZPCI_FS_RESERVED:
1431 return;
1432 case ZPCI_FS_STANDBY:
1433 break;
1434 default:
1435 pbdev->fh &= ~FH_MASK_ENABLE;
1436 pbdev->state = ZPCI_FS_DISABLED;
1437 break;
1438 }
1439
1440 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) {
1441 /* Interpreted devices were using interrupt forwarding */
1442 s390_pci_kvm_aif_disable(pbdev);
1443 } else if (pbdev->summary_ind) {
1444 pci_dereg_irqs(pbdev);
1445 }
1446 if (pbdev->iommu->enabled) {
1447 pci_dereg_ioat(pbdev->iommu);
1448 }
1449
1450 fmb_timer_free(pbdev);
1451 }
1452
s390_pci_get_fid(Object * obj,Visitor * v,const char * name,void * opaque,Error ** errp)1453 static void s390_pci_get_fid(Object *obj, Visitor *v, const char *name,
1454 void *opaque, Error **errp)
1455 {
1456 Property *prop = opaque;
1457 uint32_t *ptr = object_field_prop_ptr(obj, prop);
1458
1459 visit_type_uint32(v, name, ptr, errp);
1460 }
1461
s390_pci_set_fid(Object * obj,Visitor * v,const char * name,void * opaque,Error ** errp)1462 static void s390_pci_set_fid(Object *obj, Visitor *v, const char *name,
1463 void *opaque, Error **errp)
1464 {
1465 S390PCIBusDevice *zpci = S390_PCI_DEVICE(obj);
1466 Property *prop = opaque;
1467 uint32_t *ptr = object_field_prop_ptr(obj, prop);
1468
1469 if (!visit_type_uint32(v, name, ptr, errp)) {
1470 return;
1471 }
1472 zpci->fid_defined = true;
1473 }
1474
1475 static const PropertyInfo s390_pci_fid_propinfo = {
1476 .name = "zpci_fid",
1477 .get = s390_pci_get_fid,
1478 .set = s390_pci_set_fid,
1479 };
1480
1481 #define DEFINE_PROP_S390_PCI_FID(_n, _s, _f) \
1482 DEFINE_PROP(_n, _s, _f, s390_pci_fid_propinfo, uint32_t)
1483
1484 static Property s390_pci_device_properties[] = {
1485 DEFINE_PROP_UINT16("uid", S390PCIBusDevice, uid, UID_UNDEFINED),
1486 DEFINE_PROP_S390_PCI_FID("fid", S390PCIBusDevice, fid),
1487 DEFINE_PROP_STRING("target", S390PCIBusDevice, target),
1488 DEFINE_PROP_BOOL("interpret", S390PCIBusDevice, interp, true),
1489 DEFINE_PROP_BOOL("forwarding-assist", S390PCIBusDevice, forwarding_assist,
1490 true),
1491 DEFINE_PROP_END_OF_LIST(),
1492 };
1493
1494 static const VMStateDescription s390_pci_device_vmstate = {
1495 .name = TYPE_S390_PCI_DEVICE,
1496 /*
1497 * TODO: add state handling here, so migration works at least with
1498 * emulated pci devices on s390x
1499 */
1500 .unmigratable = 1,
1501 };
1502
s390_pci_device_class_init(ObjectClass * klass,void * data)1503 static void s390_pci_device_class_init(ObjectClass *klass, void *data)
1504 {
1505 DeviceClass *dc = DEVICE_CLASS(klass);
1506
1507 dc->desc = "zpci device";
1508 set_bit(DEVICE_CATEGORY_MISC, dc->categories);
1509 device_class_set_legacy_reset(dc, s390_pci_device_reset);
1510 dc->bus_type = TYPE_S390_PCI_BUS;
1511 dc->realize = s390_pci_device_realize;
1512 device_class_set_props(dc, s390_pci_device_properties);
1513 dc->vmsd = &s390_pci_device_vmstate;
1514 }
1515
1516 static const TypeInfo s390_pci_device_info = {
1517 .name = TYPE_S390_PCI_DEVICE,
1518 .parent = TYPE_DEVICE,
1519 .instance_size = sizeof(S390PCIBusDevice),
1520 .class_init = s390_pci_device_class_init,
1521 };
1522
1523 static const TypeInfo s390_pci_iommu_info = {
1524 .name = TYPE_S390_PCI_IOMMU,
1525 .parent = TYPE_OBJECT,
1526 .instance_size = sizeof(S390PCIIOMMU),
1527 };
1528
s390_iommu_memory_region_class_init(ObjectClass * klass,void * data)1529 static void s390_iommu_memory_region_class_init(ObjectClass *klass, void *data)
1530 {
1531 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_CLASS(klass);
1532
1533 imrc->translate = s390_translate_iommu;
1534 imrc->replay = s390_pci_iommu_replay;
1535 }
1536
1537 static const TypeInfo s390_iommu_memory_region_info = {
1538 .parent = TYPE_IOMMU_MEMORY_REGION,
1539 .name = TYPE_S390_IOMMU_MEMORY_REGION,
1540 .class_init = s390_iommu_memory_region_class_init,
1541 };
1542
s390_pci_register_types(void)1543 static void s390_pci_register_types(void)
1544 {
1545 type_register_static(&s390_pcihost_info);
1546 type_register_static(&s390_pcibus_info);
1547 type_register_static(&s390_pci_device_info);
1548 type_register_static(&s390_pci_iommu_info);
1549 type_register_static(&s390_iommu_memory_region_info);
1550 }
1551
1552 type_init(s390_pci_register_types)
1553