xref: /openbmc/qemu/hw/intc/spapr_xive.c (revision 80748eb4fbc70f0a3ae423f2c01cb5a4584d803f)
1 /*
2  * QEMU PowerPC sPAPR XIVE interrupt controller model
3  *
4  * Copyright (c) 2017-2018, IBM Corporation.
5  *
6  * This code is licensed under the GPL version 2 or later. See the
7  * COPYING file in the top-level directory.
8  */
9 
10 #include "qemu/osdep.h"
11 #include "qemu/log.h"
12 #include "qemu/module.h"
13 #include "qapi/error.h"
14 #include "qemu/error-report.h"
15 #include "target/ppc/cpu.h"
16 #include "sysemu/cpus.h"
17 #include "sysemu/reset.h"
18 #include "migration/vmstate.h"
19 #include "hw/ppc/fdt.h"
20 #include "hw/ppc/spapr.h"
21 #include "hw/ppc/spapr_cpu_core.h"
22 #include "hw/ppc/spapr_xive.h"
23 #include "hw/ppc/xive.h"
24 #include "hw/ppc/xive_regs.h"
25 #include "hw/qdev-properties.h"
26 #include "trace.h"
27 
28 /*
29  * XIVE Virtualization Controller BAR and Thread Management BAR that we
30  * use for the ESB pages and the TIMA pages
31  */
32 #define SPAPR_XIVE_VC_BASE   0x0006010000000000ull
33 #define SPAPR_XIVE_TM_BASE   0x0006030203180000ull
34 
35 /*
36  * The allocation of VP blocks is a complex operation in OPAL and the
37  * VP identifiers have a relation with the number of HW chips, the
38  * size of the VP blocks, VP grouping, etc. The QEMU sPAPR XIVE
39  * controller model does not have the same constraints and can use a
40  * simple mapping scheme of the CPU vcpu_id
41  *
42  * These identifiers are never returned to the OS.
43  */
44 
45 #define SPAPR_XIVE_NVT_BASE 0x400
46 
47 /*
48  * sPAPR NVT and END indexing helpers
49  */
spapr_xive_nvt_to_target(uint8_t nvt_blk,uint32_t nvt_idx)50 static uint32_t spapr_xive_nvt_to_target(uint8_t nvt_blk, uint32_t nvt_idx)
51 {
52     return nvt_idx - SPAPR_XIVE_NVT_BASE;
53 }
54 
spapr_xive_cpu_to_nvt(PowerPCCPU * cpu,uint8_t * out_nvt_blk,uint32_t * out_nvt_idx)55 static void spapr_xive_cpu_to_nvt(PowerPCCPU *cpu,
56                                   uint8_t *out_nvt_blk, uint32_t *out_nvt_idx)
57 {
58     assert(cpu);
59 
60     if (out_nvt_blk) {
61         *out_nvt_blk = SPAPR_XIVE_BLOCK_ID;
62     }
63 
64     if (out_nvt_blk) {
65         *out_nvt_idx = SPAPR_XIVE_NVT_BASE + cpu->vcpu_id;
66     }
67 }
68 
spapr_xive_target_to_nvt(uint32_t target,uint8_t * out_nvt_blk,uint32_t * out_nvt_idx)69 static int spapr_xive_target_to_nvt(uint32_t target,
70                                     uint8_t *out_nvt_blk, uint32_t *out_nvt_idx)
71 {
72     PowerPCCPU *cpu = spapr_find_cpu(target);
73 
74     if (!cpu) {
75         return -1;
76     }
77 
78     spapr_xive_cpu_to_nvt(cpu, out_nvt_blk, out_nvt_idx);
79     return 0;
80 }
81 
82 /*
83  * sPAPR END indexing uses a simple mapping of the CPU vcpu_id, 8
84  * priorities per CPU
85  */
spapr_xive_end_to_target(uint8_t end_blk,uint32_t end_idx,uint32_t * out_server,uint8_t * out_prio)86 int spapr_xive_end_to_target(uint8_t end_blk, uint32_t end_idx,
87                              uint32_t *out_server, uint8_t *out_prio)
88 {
89 
90     assert(end_blk == SPAPR_XIVE_BLOCK_ID);
91 
92     if (out_server) {
93         *out_server = end_idx >> 3;
94     }
95 
96     if (out_prio) {
97         *out_prio = end_idx & 0x7;
98     }
99     return 0;
100 }
101 
spapr_xive_cpu_to_end(PowerPCCPU * cpu,uint8_t prio,uint8_t * out_end_blk,uint32_t * out_end_idx)102 static void spapr_xive_cpu_to_end(PowerPCCPU *cpu, uint8_t prio,
103                                   uint8_t *out_end_blk, uint32_t *out_end_idx)
104 {
105     assert(cpu);
106 
107     if (out_end_blk) {
108         *out_end_blk = SPAPR_XIVE_BLOCK_ID;
109     }
110 
111     if (out_end_idx) {
112         *out_end_idx = (cpu->vcpu_id << 3) + prio;
113     }
114 }
115 
spapr_xive_target_to_end(uint32_t target,uint8_t prio,uint8_t * out_end_blk,uint32_t * out_end_idx)116 static int spapr_xive_target_to_end(uint32_t target, uint8_t prio,
117                                     uint8_t *out_end_blk, uint32_t *out_end_idx)
118 {
119     PowerPCCPU *cpu = spapr_find_cpu(target);
120 
121     if (!cpu) {
122         return -1;
123     }
124 
125     spapr_xive_cpu_to_end(cpu, prio, out_end_blk, out_end_idx);
126     return 0;
127 }
128 
129 /*
130  * On sPAPR machines, use a simplified output for the XIVE END
131  * structure dumping only the information related to the OS EQ.
132  */
spapr_xive_end_pic_print_info(SpaprXive * xive,XiveEND * end,GString * buf)133 static void spapr_xive_end_pic_print_info(SpaprXive *xive, XiveEND *end,
134                                           GString *buf)
135 {
136     uint64_t qaddr_base = xive_end_qaddr(end);
137     uint32_t qindex = xive_get_field32(END_W1_PAGE_OFF, end->w1);
138     uint32_t qgen = xive_get_field32(END_W1_GENERATION, end->w1);
139     uint32_t qsize = xive_get_field32(END_W0_QSIZE, end->w0);
140     uint32_t qentries = 1 << (qsize + 10);
141     uint32_t nvt = xive_get_field32(END_W6_NVT_INDEX, end->w6);
142     uint8_t priority = xive_get_field32(END_W7_F0_PRIORITY, end->w7);
143 
144     g_string_append_printf(buf, "%3d/%d % 6d/%5d @%"PRIx64" ^%d",
145                            spapr_xive_nvt_to_target(0, nvt),
146                            priority, qindex, qentries, qaddr_base, qgen);
147 
148     xive_end_queue_pic_print_info(end, 6, buf);
149 }
150 
151 /*
152  * kvm_irqchip_in_kernel() will cause the compiler to turn this
153  * info a nop if CONFIG_KVM isn't defined.
154  */
155 #define spapr_xive_in_kernel(xive) \
156     (kvm_irqchip_in_kernel() && (xive)->fd != -1)
157 
spapr_xive_pic_print_info(SpaprXive * xive,GString * buf)158 static void spapr_xive_pic_print_info(SpaprXive *xive, GString *buf)
159 {
160     XiveSource *xsrc = &xive->source;
161     int i;
162 
163     if (spapr_xive_in_kernel(xive)) {
164         Error *local_err = NULL;
165 
166         kvmppc_xive_synchronize_state(xive, &local_err);
167         if (local_err) {
168             error_report_err(local_err);
169             return;
170         }
171     }
172 
173     g_string_append_printf(buf, "  LISN         PQ    EISN     CPU/PRIO EQ\n");
174 
175     for (i = 0; i < xive->nr_irqs; i++) {
176         uint8_t pq = xive_source_esb_get(xsrc, i);
177         XiveEAS *eas = &xive->eat[i];
178 
179         if (!xive_eas_is_valid(eas)) {
180             continue;
181         }
182 
183         g_string_append_printf(buf, "  %08x %s %c%c%c %s %08x ", i,
184                                xive_source_irq_is_lsi(xsrc, i) ? "LSI" : "MSI",
185                                pq & XIVE_ESB_VAL_P ? 'P' : '-',
186                                pq & XIVE_ESB_VAL_Q ? 'Q' : '-',
187                                xive_source_is_asserted(xsrc, i) ? 'A' : ' ',
188                                xive_eas_is_masked(eas) ? "M" : " ",
189                                (int) xive_get_field64(EAS_END_DATA, eas->w));
190 
191         if (!xive_eas_is_masked(eas)) {
192             uint32_t end_idx = xive_get_field64(EAS_END_INDEX, eas->w);
193             XiveEND *end;
194 
195             assert(end_idx < xive->nr_ends);
196             end = &xive->endt[end_idx];
197 
198             if (xive_end_is_valid(end)) {
199                 spapr_xive_end_pic_print_info(xive, end, buf);
200             }
201 
202         }
203         g_string_append_c(buf, '\n');
204     }
205 }
206 
spapr_xive_mmio_set_enabled(SpaprXive * xive,bool enable)207 void spapr_xive_mmio_set_enabled(SpaprXive *xive, bool enable)
208 {
209     memory_region_set_enabled(&xive->source.esb_mmio, enable);
210     memory_region_set_enabled(&xive->tm_mmio, enable);
211 
212     /* Disable the END ESBs until a guest OS makes use of them */
213     memory_region_set_enabled(&xive->end_source.esb_mmio, false);
214 }
215 
spapr_xive_tm_write(void * opaque,hwaddr offset,uint64_t value,unsigned size)216 static void spapr_xive_tm_write(void *opaque, hwaddr offset,
217                           uint64_t value, unsigned size)
218 {
219     XiveTCTX *tctx = spapr_cpu_state(POWERPC_CPU(current_cpu))->tctx;
220 
221     xive_tctx_tm_write(XIVE_PRESENTER(opaque), tctx, offset, value, size);
222 }
223 
spapr_xive_tm_read(void * opaque,hwaddr offset,unsigned size)224 static uint64_t spapr_xive_tm_read(void *opaque, hwaddr offset, unsigned size)
225 {
226     XiveTCTX *tctx = spapr_cpu_state(POWERPC_CPU(current_cpu))->tctx;
227 
228     return xive_tctx_tm_read(XIVE_PRESENTER(opaque), tctx, offset, size);
229 }
230 
231 const MemoryRegionOps spapr_xive_tm_ops = {
232     .read = spapr_xive_tm_read,
233     .write = spapr_xive_tm_write,
234     .endianness = DEVICE_BIG_ENDIAN,
235     .valid = {
236         .min_access_size = 1,
237         .max_access_size = 8,
238     },
239     .impl = {
240         .min_access_size = 1,
241         .max_access_size = 8,
242     },
243 };
244 
spapr_xive_end_reset(XiveEND * end)245 static void spapr_xive_end_reset(XiveEND *end)
246 {
247     memset(end, 0, sizeof(*end));
248 
249     /* switch off the escalation and notification ESBs */
250     end->w1 = cpu_to_be32(END_W1_ESe_Q | END_W1_ESn_Q);
251 }
252 
spapr_xive_reset(void * dev)253 static void spapr_xive_reset(void *dev)
254 {
255     SpaprXive *xive = SPAPR_XIVE(dev);
256     int i;
257 
258     /*
259      * The XiveSource has its own reset handler, which mask off all
260      * IRQs (!P|Q)
261      */
262 
263     /* Mask all valid EASs in the IRQ number space. */
264     for (i = 0; i < xive->nr_irqs; i++) {
265         XiveEAS *eas = &xive->eat[i];
266         if (xive_eas_is_valid(eas)) {
267             eas->w = cpu_to_be64(EAS_VALID | EAS_MASKED);
268         } else {
269             eas->w = 0;
270         }
271     }
272 
273     /* Clear all ENDs */
274     for (i = 0; i < xive->nr_ends; i++) {
275         spapr_xive_end_reset(&xive->endt[i]);
276     }
277 }
278 
spapr_xive_instance_init(Object * obj)279 static void spapr_xive_instance_init(Object *obj)
280 {
281     SpaprXive *xive = SPAPR_XIVE(obj);
282 
283     object_initialize_child(obj, "source", &xive->source, TYPE_XIVE_SOURCE);
284 
285     object_initialize_child(obj, "end_source", &xive->end_source,
286                             TYPE_XIVE_END_SOURCE);
287 
288     /* Not connected to the KVM XIVE device */
289     xive->fd = -1;
290 }
291 
spapr_xive_realize(DeviceState * dev,Error ** errp)292 static void spapr_xive_realize(DeviceState *dev, Error **errp)
293 {
294     SpaprXive *xive = SPAPR_XIVE(dev);
295     SpaprXiveClass *sxc = SPAPR_XIVE_GET_CLASS(xive);
296     XiveSource *xsrc = &xive->source;
297     XiveENDSource *end_xsrc = &xive->end_source;
298     Error *local_err = NULL;
299 
300     /* Set by spapr_irq_init() */
301     g_assert(xive->nr_irqs);
302     g_assert(xive->nr_ends);
303 
304     sxc->parent_realize(dev, &local_err);
305     if (local_err) {
306         error_propagate(errp, local_err);
307         return;
308     }
309 
310     /*
311      * Initialize the internal sources, for IPIs and virtual devices.
312      */
313     object_property_set_int(OBJECT(xsrc), "nr-irqs", xive->nr_irqs,
314                             &error_fatal);
315     object_property_set_link(OBJECT(xsrc), "xive", OBJECT(xive), &error_abort);
316     if (!qdev_realize(DEVICE(xsrc), NULL, errp)) {
317         return;
318     }
319 
320     /*
321      * Initialize the END ESB source
322      */
323     object_property_set_int(OBJECT(end_xsrc), "nr-ends", xive->nr_irqs,
324                             &error_fatal);
325     object_property_set_link(OBJECT(end_xsrc), "xive", OBJECT(xive),
326                              &error_abort);
327     if (!qdev_realize(DEVICE(end_xsrc), NULL, errp)) {
328         return;
329     }
330 
331     /* Set the mapping address of the END ESB pages after the source ESBs */
332     xive->end_base = xive->vc_base + xive_source_esb_len(xsrc);
333 
334     /*
335      * Allocate the routing tables
336      */
337     xive->eat = g_new0(XiveEAS, xive->nr_irqs);
338     xive->endt = g_new0(XiveEND, xive->nr_ends);
339 
340     xive->nodename = g_strdup_printf("interrupt-controller@%" PRIx64,
341                            xive->tm_base + XIVE_TM_USER_PAGE * (1 << TM_SHIFT));
342 
343     qemu_register_reset(spapr_xive_reset, dev);
344 
345     /* TIMA initialization */
346     memory_region_init_io(&xive->tm_mmio, OBJECT(xive), &spapr_xive_tm_ops,
347                           xive, "xive.tima", 4ull << TM_SHIFT);
348 
349     /*
350      * Map all regions. These will be enabled or disabled at reset and
351      * can also be overridden by KVM memory regions if active
352      */
353     memory_region_add_subregion(get_system_memory(), xive->vc_base,
354                                 &xsrc->esb_mmio);
355     memory_region_add_subregion(get_system_memory(), xive->end_base,
356                                 &end_xsrc->esb_mmio);
357     memory_region_add_subregion(get_system_memory(), xive->tm_base,
358                                 &xive->tm_mmio);
359 }
360 
spapr_xive_get_eas(XiveRouter * xrtr,uint8_t eas_blk,uint32_t eas_idx,XiveEAS * eas)361 static int spapr_xive_get_eas(XiveRouter *xrtr, uint8_t eas_blk,
362                               uint32_t eas_idx, XiveEAS *eas)
363 {
364     SpaprXive *xive = SPAPR_XIVE(xrtr);
365 
366     if (eas_idx >= xive->nr_irqs) {
367         return -1;
368     }
369 
370     *eas = xive->eat[eas_idx];
371     return 0;
372 }
373 
spapr_xive_get_end(XiveRouter * xrtr,uint8_t end_blk,uint32_t end_idx,XiveEND * end)374 static int spapr_xive_get_end(XiveRouter *xrtr,
375                               uint8_t end_blk, uint32_t end_idx, XiveEND *end)
376 {
377     SpaprXive *xive = SPAPR_XIVE(xrtr);
378 
379     if (end_idx >= xive->nr_ends) {
380         return -1;
381     }
382 
383     memcpy(end, &xive->endt[end_idx], sizeof(XiveEND));
384     return 0;
385 }
386 
spapr_xive_write_end(XiveRouter * xrtr,uint8_t end_blk,uint32_t end_idx,XiveEND * end,uint8_t word_number)387 static int spapr_xive_write_end(XiveRouter *xrtr, uint8_t end_blk,
388                                 uint32_t end_idx, XiveEND *end,
389                                 uint8_t word_number)
390 {
391     SpaprXive *xive = SPAPR_XIVE(xrtr);
392 
393     if (end_idx >= xive->nr_ends) {
394         return -1;
395     }
396 
397     memcpy(&xive->endt[end_idx], end, sizeof(XiveEND));
398     return 0;
399 }
400 
spapr_xive_get_nvt(XiveRouter * xrtr,uint8_t nvt_blk,uint32_t nvt_idx,XiveNVT * nvt)401 static int spapr_xive_get_nvt(XiveRouter *xrtr,
402                               uint8_t nvt_blk, uint32_t nvt_idx, XiveNVT *nvt)
403 {
404     uint32_t vcpu_id = spapr_xive_nvt_to_target(nvt_blk, nvt_idx);
405     PowerPCCPU *cpu = spapr_find_cpu(vcpu_id);
406 
407     if (!cpu) {
408         /* TODO: should we assert() if we can find a NVT ? */
409         return -1;
410     }
411 
412     /*
413      * sPAPR does not maintain a NVT table. Return that the NVT is
414      * valid if we have found a matching CPU
415      */
416     nvt->w0 = cpu_to_be32(NVT_W0_VALID);
417     return 0;
418 }
419 
spapr_xive_write_nvt(XiveRouter * xrtr,uint8_t nvt_blk,uint32_t nvt_idx,XiveNVT * nvt,uint8_t word_number)420 static int spapr_xive_write_nvt(XiveRouter *xrtr, uint8_t nvt_blk,
421                                 uint32_t nvt_idx, XiveNVT *nvt,
422                                 uint8_t word_number)
423 {
424     /*
425      * We don't need to write back to the NVTs because the sPAPR
426      * machine should never hit a non-scheduled NVT. It should never
427      * get called.
428      */
429     g_assert_not_reached();
430 }
431 
spapr_xive_match_nvt(XivePresenter * xptr,uint8_t format,uint8_t nvt_blk,uint32_t nvt_idx,bool cam_ignore,uint8_t priority,uint32_t logic_serv,XiveTCTXMatch * match)432 static int spapr_xive_match_nvt(XivePresenter *xptr, uint8_t format,
433                                 uint8_t nvt_blk, uint32_t nvt_idx,
434                                 bool cam_ignore, uint8_t priority,
435                                 uint32_t logic_serv, XiveTCTXMatch *match)
436 {
437     CPUState *cs;
438     int count = 0;
439 
440     CPU_FOREACH(cs) {
441         PowerPCCPU *cpu = POWERPC_CPU(cs);
442         XiveTCTX *tctx = spapr_cpu_state(cpu)->tctx;
443         int ring;
444 
445         /*
446          * Skip partially initialized vCPUs. This can happen when
447          * vCPUs are hotplugged.
448          */
449         if (!tctx) {
450             continue;
451         }
452 
453         /*
454          * Check the thread context CAM lines and record matches.
455          */
456         ring = xive_presenter_tctx_match(xptr, tctx, format, nvt_blk, nvt_idx,
457                                          cam_ignore, logic_serv);
458         /*
459          * Save the matching thread interrupt context and follow on to
460          * check for duplicates which are invalid.
461          */
462         if (ring != -1) {
463             if (match->tctx) {
464                 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: already found a thread "
465                               "context NVT %x/%x\n", nvt_blk, nvt_idx);
466                 return -1;
467             }
468 
469             match->ring = ring;
470             match->tctx = tctx;
471             count++;
472         }
473     }
474 
475     return count;
476 }
477 
spapr_xive_presenter_get_config(XivePresenter * xptr)478 static uint32_t spapr_xive_presenter_get_config(XivePresenter *xptr)
479 {
480     uint32_t cfg = 0;
481 
482     /*
483      * Let's claim GEN1 TIMA format. If running with KVM on P10, the
484      * correct answer is deep in the hardware and not accessible to
485      * us.  But it shouldn't matter as it only affects the presenter
486      * as seen by a guest OS.
487      */
488     cfg |= XIVE_PRESENTER_GEN1_TIMA_OS;
489 
490     return cfg;
491 }
492 
spapr_xive_get_block_id(XiveRouter * xrtr)493 static uint8_t spapr_xive_get_block_id(XiveRouter *xrtr)
494 {
495     return SPAPR_XIVE_BLOCK_ID;
496 }
497 
spapr_xive_get_pq(XiveRouter * xrtr,uint8_t blk,uint32_t idx,uint8_t * pq)498 static int spapr_xive_get_pq(XiveRouter *xrtr, uint8_t blk, uint32_t idx,
499                              uint8_t *pq)
500 {
501     SpaprXive *xive = SPAPR_XIVE(xrtr);
502 
503     assert(SPAPR_XIVE_BLOCK_ID == blk);
504 
505     *pq = xive_source_esb_get(&xive->source, idx);
506     return 0;
507 }
508 
spapr_xive_set_pq(XiveRouter * xrtr,uint8_t blk,uint32_t idx,uint8_t * pq)509 static int spapr_xive_set_pq(XiveRouter *xrtr, uint8_t blk, uint32_t idx,
510                              uint8_t *pq)
511 {
512     SpaprXive *xive = SPAPR_XIVE(xrtr);
513 
514     assert(SPAPR_XIVE_BLOCK_ID == blk);
515 
516     *pq = xive_source_esb_set(&xive->source, idx, *pq);
517     return 0;
518 }
519 
520 
521 static const VMStateDescription vmstate_spapr_xive_end = {
522     .name = TYPE_SPAPR_XIVE "/end",
523     .version_id = 1,
524     .minimum_version_id = 1,
525     .fields = (const VMStateField []) {
526         VMSTATE_UINT32(w0, XiveEND),
527         VMSTATE_UINT32(w1, XiveEND),
528         VMSTATE_UINT32(w2, XiveEND),
529         VMSTATE_UINT32(w3, XiveEND),
530         VMSTATE_UINT32(w4, XiveEND),
531         VMSTATE_UINT32(w5, XiveEND),
532         VMSTATE_UINT32(w6, XiveEND),
533         VMSTATE_UINT32(w7, XiveEND),
534         VMSTATE_END_OF_LIST()
535     },
536 };
537 
538 static const VMStateDescription vmstate_spapr_xive_eas = {
539     .name = TYPE_SPAPR_XIVE "/eas",
540     .version_id = 1,
541     .minimum_version_id = 1,
542     .fields = (const VMStateField []) {
543         VMSTATE_UINT64(w, XiveEAS),
544         VMSTATE_END_OF_LIST()
545     },
546 };
547 
vmstate_spapr_xive_pre_save(void * opaque)548 static int vmstate_spapr_xive_pre_save(void *opaque)
549 {
550     SpaprXive *xive = SPAPR_XIVE(opaque);
551 
552     if (spapr_xive_in_kernel(xive)) {
553         return kvmppc_xive_pre_save(xive);
554     }
555 
556     return 0;
557 }
558 
559 /*
560  * Called by the sPAPR IRQ backend 'post_load' method at the machine
561  * level.
562  */
spapr_xive_post_load(SpaprInterruptController * intc,int version_id)563 static int spapr_xive_post_load(SpaprInterruptController *intc, int version_id)
564 {
565     SpaprXive *xive = SPAPR_XIVE(intc);
566 
567     if (spapr_xive_in_kernel(xive)) {
568         return kvmppc_xive_post_load(xive, version_id);
569     }
570 
571     return 0;
572 }
573 
574 static const VMStateDescription vmstate_spapr_xive = {
575     .name = TYPE_SPAPR_XIVE,
576     .version_id = 1,
577     .minimum_version_id = 1,
578     .pre_save = vmstate_spapr_xive_pre_save,
579     .post_load = NULL, /* handled at the machine level */
580     .fields = (const VMStateField[]) {
581         VMSTATE_UINT32_EQUAL(nr_irqs, SpaprXive, NULL),
582         VMSTATE_STRUCT_VARRAY_POINTER_UINT32(eat, SpaprXive, nr_irqs,
583                                      vmstate_spapr_xive_eas, XiveEAS),
584         VMSTATE_STRUCT_VARRAY_POINTER_UINT32(endt, SpaprXive, nr_ends,
585                                              vmstate_spapr_xive_end, XiveEND),
586         VMSTATE_END_OF_LIST()
587     },
588 };
589 
spapr_xive_claim_irq(SpaprInterruptController * intc,int lisn,bool lsi,Error ** errp)590 static int spapr_xive_claim_irq(SpaprInterruptController *intc, int lisn,
591                                 bool lsi, Error **errp)
592 {
593     SpaprXive *xive = SPAPR_XIVE(intc);
594     XiveSource *xsrc = &xive->source;
595 
596     assert(lisn < xive->nr_irqs);
597 
598     trace_spapr_xive_claim_irq(lisn, lsi);
599 
600     if (xive_eas_is_valid(&xive->eat[lisn])) {
601         error_setg(errp, "IRQ %d is not free", lisn);
602         return -EBUSY;
603     }
604 
605     /*
606      * Set default values when allocating an IRQ number
607      */
608     xive->eat[lisn].w |= cpu_to_be64(EAS_VALID | EAS_MASKED);
609     if (lsi) {
610         xive_source_irq_set_lsi(xsrc, lisn);
611     }
612 
613     if (spapr_xive_in_kernel(xive)) {
614         return kvmppc_xive_source_reset_one(xsrc, lisn, errp);
615     }
616 
617     return 0;
618 }
619 
spapr_xive_free_irq(SpaprInterruptController * intc,int lisn)620 static void spapr_xive_free_irq(SpaprInterruptController *intc, int lisn)
621 {
622     SpaprXive *xive = SPAPR_XIVE(intc);
623     assert(lisn < xive->nr_irqs);
624 
625     trace_spapr_xive_free_irq(lisn);
626 
627     xive->eat[lisn].w &= cpu_to_be64(~EAS_VALID);
628 }
629 
630 static Property spapr_xive_properties[] = {
631     DEFINE_PROP_UINT32("nr-irqs", SpaprXive, nr_irqs, 0),
632     DEFINE_PROP_UINT32("nr-ends", SpaprXive, nr_ends, 0),
633     DEFINE_PROP_UINT64("vc-base", SpaprXive, vc_base, SPAPR_XIVE_VC_BASE),
634     DEFINE_PROP_UINT64("tm-base", SpaprXive, tm_base, SPAPR_XIVE_TM_BASE),
635     DEFINE_PROP_UINT8("hv-prio", SpaprXive, hv_prio, 7),
636     DEFINE_PROP_END_OF_LIST(),
637 };
638 
spapr_xive_cpu_intc_create(SpaprInterruptController * intc,PowerPCCPU * cpu,Error ** errp)639 static int spapr_xive_cpu_intc_create(SpaprInterruptController *intc,
640                                       PowerPCCPU *cpu, Error **errp)
641 {
642     SpaprXive *xive = SPAPR_XIVE(intc);
643     Object *obj;
644     SpaprCpuState *spapr_cpu = spapr_cpu_state(cpu);
645 
646     obj = xive_tctx_create(OBJECT(cpu), XIVE_PRESENTER(xive), errp);
647     if (!obj) {
648         return -1;
649     }
650 
651     spapr_cpu->tctx = XIVE_TCTX(obj);
652     return 0;
653 }
654 
xive_tctx_set_os_cam(XiveTCTX * tctx,uint32_t os_cam)655 static void xive_tctx_set_os_cam(XiveTCTX *tctx, uint32_t os_cam)
656 {
657     uint32_t qw1w2 = cpu_to_be32(TM_QW1W2_VO | os_cam);
658     memcpy(&tctx->regs[TM_QW1_OS + TM_WORD2], &qw1w2, 4);
659 }
660 
spapr_xive_cpu_intc_reset(SpaprInterruptController * intc,PowerPCCPU * cpu)661 static void spapr_xive_cpu_intc_reset(SpaprInterruptController *intc,
662                                      PowerPCCPU *cpu)
663 {
664     XiveTCTX *tctx = spapr_cpu_state(cpu)->tctx;
665     uint8_t  nvt_blk;
666     uint32_t nvt_idx;
667 
668     xive_tctx_reset(tctx);
669 
670     /*
671      * When a Virtual Processor is scheduled to run on a HW thread,
672      * the hypervisor pushes its identifier in the OS CAM line.
673      * Emulate the same behavior under QEMU.
674      */
675     spapr_xive_cpu_to_nvt(cpu, &nvt_blk, &nvt_idx);
676 
677     xive_tctx_set_os_cam(tctx, xive_nvt_cam_line(nvt_blk, nvt_idx));
678 }
679 
spapr_xive_cpu_intc_destroy(SpaprInterruptController * intc,PowerPCCPU * cpu)680 static void spapr_xive_cpu_intc_destroy(SpaprInterruptController *intc,
681                                         PowerPCCPU *cpu)
682 {
683     SpaprCpuState *spapr_cpu = spapr_cpu_state(cpu);
684 
685     xive_tctx_destroy(spapr_cpu->tctx);
686     spapr_cpu->tctx = NULL;
687 }
688 
spapr_xive_set_irq(SpaprInterruptController * intc,int irq,int val)689 static void spapr_xive_set_irq(SpaprInterruptController *intc, int irq, int val)
690 {
691     SpaprXive *xive = SPAPR_XIVE(intc);
692 
693     trace_spapr_xive_set_irq(irq, val);
694 
695     if (spapr_xive_in_kernel(xive)) {
696         kvmppc_xive_source_set_irq(&xive->source, irq, val);
697     } else {
698         xive_source_set_irq(&xive->source, irq, val);
699     }
700 }
701 
spapr_xive_print_info(SpaprInterruptController * intc,GString * buf)702 static void spapr_xive_print_info(SpaprInterruptController *intc, GString *buf)
703 {
704     SpaprXive *xive = SPAPR_XIVE(intc);
705     CPUState *cs;
706 
707     CPU_FOREACH(cs) {
708         PowerPCCPU *cpu = POWERPC_CPU(cs);
709 
710         xive_tctx_pic_print_info(spapr_cpu_state(cpu)->tctx, buf);
711     }
712     spapr_xive_pic_print_info(xive, buf);
713 }
714 
spapr_xive_dt(SpaprInterruptController * intc,uint32_t nr_servers,void * fdt,uint32_t phandle)715 static void spapr_xive_dt(SpaprInterruptController *intc, uint32_t nr_servers,
716                           void *fdt, uint32_t phandle)
717 {
718     SpaprXive *xive = SPAPR_XIVE(intc);
719     int node;
720     uint64_t timas[2 * 2];
721     /* Interrupt number ranges for the IPIs */
722     uint32_t lisn_ranges[] = {
723         cpu_to_be32(SPAPR_IRQ_IPI),
724         cpu_to_be32(SPAPR_IRQ_IPI + nr_servers),
725     };
726     /*
727      * EQ size - the sizes of pages supported by the system 4K, 64K,
728      * 2M, 16M. We only advertise 64K for the moment.
729      */
730     uint32_t eq_sizes[] = {
731         cpu_to_be32(16), /* 64K */
732     };
733     /*
734      * QEMU/KVM only needs to define a single range to reserve the
735      * escalation priority. A priority bitmask would have been more
736      * appropriate.
737      */
738     uint32_t plat_res_int_priorities[] = {
739         cpu_to_be32(xive->hv_prio),    /* start */
740         cpu_to_be32(0xff - xive->hv_prio), /* count */
741     };
742 
743     /* Thread Interrupt Management Area : User (ring 3) and OS (ring 2) */
744     timas[0] = cpu_to_be64(xive->tm_base +
745                            XIVE_TM_USER_PAGE * (1ull << TM_SHIFT));
746     timas[1] = cpu_to_be64(1ull << TM_SHIFT);
747     timas[2] = cpu_to_be64(xive->tm_base +
748                            XIVE_TM_OS_PAGE * (1ull << TM_SHIFT));
749     timas[3] = cpu_to_be64(1ull << TM_SHIFT);
750 
751     _FDT(node = fdt_add_subnode(fdt, 0, xive->nodename));
752 
753     _FDT(fdt_setprop_string(fdt, node, "device_type", "power-ivpe"));
754     _FDT(fdt_setprop(fdt, node, "reg", timas, sizeof(timas)));
755 
756     _FDT(fdt_setprop_string(fdt, node, "compatible", "ibm,power-ivpe"));
757     _FDT(fdt_setprop(fdt, node, "ibm,xive-eq-sizes", eq_sizes,
758                      sizeof(eq_sizes)));
759     _FDT(fdt_setprop(fdt, node, "ibm,xive-lisn-ranges", lisn_ranges,
760                      sizeof(lisn_ranges)));
761 
762     /* For Linux to link the LSIs to the interrupt controller. */
763     _FDT(fdt_setprop(fdt, node, "interrupt-controller", NULL, 0));
764     _FDT(fdt_setprop_cell(fdt, node, "#interrupt-cells", 2));
765 
766     /* For SLOF */
767     _FDT(fdt_setprop_cell(fdt, node, "linux,phandle", phandle));
768     _FDT(fdt_setprop_cell(fdt, node, "phandle", phandle));
769 
770     /*
771      * The "ibm,plat-res-int-priorities" property defines the priority
772      * ranges reserved by the hypervisor
773      */
774     _FDT(fdt_setprop(fdt, 0, "ibm,plat-res-int-priorities",
775                      plat_res_int_priorities, sizeof(plat_res_int_priorities)));
776 }
777 
spapr_xive_activate(SpaprInterruptController * intc,uint32_t nr_servers,Error ** errp)778 static int spapr_xive_activate(SpaprInterruptController *intc,
779                                uint32_t nr_servers, Error **errp)
780 {
781     SpaprXive *xive = SPAPR_XIVE(intc);
782 
783     if (kvm_enabled()) {
784         int rc = spapr_irq_init_kvm(kvmppc_xive_connect, intc, nr_servers,
785                                     errp);
786         if (rc < 0) {
787             return rc;
788         }
789     }
790 
791     /* Activate the XIVE MMIOs */
792     spapr_xive_mmio_set_enabled(xive, true);
793 
794     return 0;
795 }
796 
spapr_xive_deactivate(SpaprInterruptController * intc)797 static void spapr_xive_deactivate(SpaprInterruptController *intc)
798 {
799     SpaprXive *xive = SPAPR_XIVE(intc);
800 
801     spapr_xive_mmio_set_enabled(xive, false);
802 
803     if (spapr_xive_in_kernel(xive)) {
804         kvmppc_xive_disconnect(intc);
805     }
806 }
807 
spapr_xive_in_kernel_xptr(const XivePresenter * xptr)808 static bool spapr_xive_in_kernel_xptr(const XivePresenter *xptr)
809 {
810     return spapr_xive_in_kernel(SPAPR_XIVE(xptr));
811 }
812 
spapr_xive_class_init(ObjectClass * klass,void * data)813 static void spapr_xive_class_init(ObjectClass *klass, void *data)
814 {
815     DeviceClass *dc = DEVICE_CLASS(klass);
816     XiveRouterClass *xrc = XIVE_ROUTER_CLASS(klass);
817     SpaprInterruptControllerClass *sicc = SPAPR_INTC_CLASS(klass);
818     XivePresenterClass *xpc = XIVE_PRESENTER_CLASS(klass);
819     SpaprXiveClass *sxc = SPAPR_XIVE_CLASS(klass);
820 
821     dc->desc    = "sPAPR XIVE Interrupt Controller";
822     device_class_set_props(dc, spapr_xive_properties);
823     device_class_set_parent_realize(dc, spapr_xive_realize,
824                                     &sxc->parent_realize);
825     dc->vmsd    = &vmstate_spapr_xive;
826 
827     xrc->get_eas = spapr_xive_get_eas;
828     xrc->get_pq  = spapr_xive_get_pq;
829     xrc->set_pq  = spapr_xive_set_pq;
830     xrc->get_end = spapr_xive_get_end;
831     xrc->write_end = spapr_xive_write_end;
832     xrc->get_nvt = spapr_xive_get_nvt;
833     xrc->write_nvt = spapr_xive_write_nvt;
834     xrc->get_block_id = spapr_xive_get_block_id;
835 
836     sicc->activate = spapr_xive_activate;
837     sicc->deactivate = spapr_xive_deactivate;
838     sicc->cpu_intc_create = spapr_xive_cpu_intc_create;
839     sicc->cpu_intc_reset = spapr_xive_cpu_intc_reset;
840     sicc->cpu_intc_destroy = spapr_xive_cpu_intc_destroy;
841     sicc->claim_irq = spapr_xive_claim_irq;
842     sicc->free_irq = spapr_xive_free_irq;
843     sicc->set_irq = spapr_xive_set_irq;
844     sicc->print_info = spapr_xive_print_info;
845     sicc->dt = spapr_xive_dt;
846     sicc->post_load = spapr_xive_post_load;
847 
848     xpc->match_nvt  = spapr_xive_match_nvt;
849     xpc->get_config = spapr_xive_presenter_get_config;
850     xpc->in_kernel  = spapr_xive_in_kernel_xptr;
851 }
852 
853 static const TypeInfo spapr_xive_info = {
854     .name = TYPE_SPAPR_XIVE,
855     .parent = TYPE_XIVE_ROUTER,
856     .instance_init = spapr_xive_instance_init,
857     .instance_size = sizeof(SpaprXive),
858     .class_init = spapr_xive_class_init,
859     .class_size = sizeof(SpaprXiveClass),
860     .interfaces = (InterfaceInfo[]) {
861         { TYPE_SPAPR_INTC },
862         { }
863     },
864 };
865 
spapr_xive_register_types(void)866 static void spapr_xive_register_types(void)
867 {
868     type_register_static(&spapr_xive_info);
869 }
870 
type_init(spapr_xive_register_types)871 type_init(spapr_xive_register_types)
872 
873 /*
874  * XIVE hcalls
875  *
876  * The terminology used by the XIVE hcalls is the following :
877  *
878  *   TARGET vCPU number
879  *   EQ     Event Queue assigned by OS to receive event data
880  *   ESB    page for source interrupt management
881  *   LISN   Logical Interrupt Source Number identifying a source in the
882  *          machine
883  *   EISN   Effective Interrupt Source Number used by guest OS to
884  *          identify source in the guest
885  *
886  * The EAS, END, NVT structures are not exposed.
887  */
888 
889 /*
890  * On POWER9, the KVM XIVE device uses priority 7 for the escalation
891  * interrupts. So we only allow the guest to use priorities [0..6].
892  */
893 static bool spapr_xive_priority_is_reserved(SpaprXive *xive, uint8_t priority)
894 {
895     return priority >= xive->hv_prio;
896 }
897 
898 /*
899  * The H_INT_GET_SOURCE_INFO hcall() is used to obtain the logical
900  * real address of the MMIO page through which the Event State Buffer
901  * entry associated with the value of the "lisn" parameter is managed.
902  *
903  * Parameters:
904  * Input
905  * - R4: "flags"
906  *         Bits 0-63 reserved
907  * - R5: "lisn" is per "interrupts", "interrupt-map", or
908  *       "ibm,xive-lisn-ranges" properties, or as returned by the
909  *       ibm,query-interrupt-source-number RTAS call, or as returned
910  *       by the H_ALLOCATE_VAS_WINDOW hcall
911  *
912  * Output
913  * - R4: "flags"
914  *         Bits 0-59: Reserved
915  *         Bit 60: H_INT_ESB must be used for Event State Buffer
916  *                 management
917  *         Bit 61: 1 == LSI  0 == MSI
918  *         Bit 62: the full function page supports trigger
919  *         Bit 63: Store EOI Supported
920  * - R5: Logical Real address of full function Event State Buffer
921  *       management page, -1 if H_INT_ESB hcall flag is set to 1.
922  * - R6: Logical Real Address of trigger only Event State Buffer
923  *       management page or -1.
924  * - R7: Power of 2 page size for the ESB management pages returned in
925  *       R5 and R6.
926  */
927 
928 #define SPAPR_XIVE_SRC_H_INT_ESB     PPC_BIT(60) /* ESB manage with H_INT_ESB */
929 #define SPAPR_XIVE_SRC_LSI           PPC_BIT(61) /* Virtual LSI type */
930 #define SPAPR_XIVE_SRC_TRIGGER       PPC_BIT(62) /* Trigger and management
931                                                     on same page */
932 #define SPAPR_XIVE_SRC_STORE_EOI     PPC_BIT(63) /* Store EOI support */
933 
h_int_get_source_info(PowerPCCPU * cpu,SpaprMachineState * spapr,target_ulong opcode,target_ulong * args)934 static target_ulong h_int_get_source_info(PowerPCCPU *cpu,
935                                           SpaprMachineState *spapr,
936                                           target_ulong opcode,
937                                           target_ulong *args)
938 {
939     SpaprXive *xive = spapr->xive;
940     XiveSource *xsrc = &xive->source;
941     target_ulong flags  = args[0];
942     target_ulong lisn   = args[1];
943 
944     trace_spapr_xive_get_source_info(flags, lisn);
945 
946     if (!spapr_ovec_test(spapr->ov5_cas, OV5_XIVE_EXPLOIT)) {
947         return H_FUNCTION;
948     }
949 
950     if (flags) {
951         return H_PARAMETER;
952     }
953 
954     if (lisn >= xive->nr_irqs) {
955         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Unknown LISN " TARGET_FMT_lx "\n",
956                       lisn);
957         return H_P2;
958     }
959 
960     if (!xive_eas_is_valid(&xive->eat[lisn])) {
961         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid LISN " TARGET_FMT_lx "\n",
962                       lisn);
963         return H_P2;
964     }
965 
966     /*
967      * All sources are emulated under the main XIVE object and share
968      * the same characteristics.
969      */
970     args[0] = 0;
971     if (!xive_source_esb_has_2page(xsrc)) {
972         args[0] |= SPAPR_XIVE_SRC_TRIGGER;
973     }
974     if (xsrc->esb_flags & XIVE_SRC_STORE_EOI) {
975         args[0] |= SPAPR_XIVE_SRC_STORE_EOI;
976     }
977 
978     /*
979      * Force the use of the H_INT_ESB hcall in case of an LSI
980      * interrupt. This is necessary under KVM to re-trigger the
981      * interrupt if the level is still asserted
982      */
983     if (xive_source_irq_is_lsi(xsrc, lisn)) {
984         args[0] |= SPAPR_XIVE_SRC_H_INT_ESB | SPAPR_XIVE_SRC_LSI;
985     }
986 
987     if (!(args[0] & SPAPR_XIVE_SRC_H_INT_ESB)) {
988         args[1] = xive->vc_base + xive_source_esb_mgmt(xsrc, lisn);
989     } else {
990         args[1] = -1;
991     }
992 
993     if (xive_source_esb_has_2page(xsrc) &&
994         !(args[0] & SPAPR_XIVE_SRC_H_INT_ESB)) {
995         args[2] = xive->vc_base + xive_source_esb_page(xsrc, lisn);
996     } else {
997         args[2] = -1;
998     }
999 
1000     if (xive_source_esb_has_2page(xsrc)) {
1001         args[3] = xsrc->esb_shift - 1;
1002     } else {
1003         args[3] = xsrc->esb_shift;
1004     }
1005 
1006     return H_SUCCESS;
1007 }
1008 
1009 /*
1010  * The H_INT_SET_SOURCE_CONFIG hcall() is used to assign a Logical
1011  * Interrupt Source to a target. The Logical Interrupt Source is
1012  * designated with the "lisn" parameter and the target is designated
1013  * with the "target" and "priority" parameters.  Upon return from the
1014  * hcall(), no additional interrupts will be directed to the old EQ.
1015  *
1016  * Parameters:
1017  * Input:
1018  * - R4: "flags"
1019  *         Bits 0-61: Reserved
1020  *         Bit 62: set the "eisn" in the EAS
1021  *         Bit 63: masks the interrupt source in the hardware interrupt
1022  *       control structure. An interrupt masked by this mechanism will
1023  *       be dropped, but it's source state bits will still be
1024  *       set. There is no race-free way of unmasking and restoring the
1025  *       source. Thus this should only be used in interrupts that are
1026  *       also masked at the source, and only in cases where the
1027  *       interrupt is not meant to be used for a large amount of time
1028  *       because no valid target exists for it for example
1029  * - R5: "lisn" is per "interrupts", "interrupt-map", or
1030  *       "ibm,xive-lisn-ranges" properties, or as returned by the
1031  *       ibm,query-interrupt-source-number RTAS call, or as returned by
1032  *       the H_ALLOCATE_VAS_WINDOW hcall
1033  * - R6: "target" is per "ibm,ppc-interrupt-server#s" or
1034  *       "ibm,ppc-interrupt-gserver#s"
1035  * - R7: "priority" is a valid priority not in
1036  *       "ibm,plat-res-int-priorities"
1037  * - R8: "eisn" is the guest EISN associated with the "lisn"
1038  *
1039  * Output:
1040  * - None
1041  */
1042 
1043 #define SPAPR_XIVE_SRC_SET_EISN PPC_BIT(62)
1044 #define SPAPR_XIVE_SRC_MASK     PPC_BIT(63)
1045 
h_int_set_source_config(PowerPCCPU * cpu,SpaprMachineState * spapr,target_ulong opcode,target_ulong * args)1046 static target_ulong h_int_set_source_config(PowerPCCPU *cpu,
1047                                             SpaprMachineState *spapr,
1048                                             target_ulong opcode,
1049                                             target_ulong *args)
1050 {
1051     SpaprXive *xive = spapr->xive;
1052     XiveEAS eas, new_eas;
1053     target_ulong flags    = args[0];
1054     target_ulong lisn     = args[1];
1055     target_ulong target   = args[2];
1056     target_ulong priority = args[3];
1057     target_ulong eisn     = args[4];
1058     uint8_t end_blk;
1059     uint32_t end_idx;
1060 
1061     trace_spapr_xive_set_source_config(flags, lisn, target, priority, eisn);
1062 
1063     if (!spapr_ovec_test(spapr->ov5_cas, OV5_XIVE_EXPLOIT)) {
1064         return H_FUNCTION;
1065     }
1066 
1067     if (flags & ~(SPAPR_XIVE_SRC_SET_EISN | SPAPR_XIVE_SRC_MASK)) {
1068         return H_PARAMETER;
1069     }
1070 
1071     if (lisn >= xive->nr_irqs) {
1072         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Unknown LISN " TARGET_FMT_lx "\n",
1073                       lisn);
1074         return H_P2;
1075     }
1076 
1077     eas = xive->eat[lisn];
1078     if (!xive_eas_is_valid(&eas)) {
1079         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid LISN " TARGET_FMT_lx "\n",
1080                       lisn);
1081         return H_P2;
1082     }
1083 
1084     /* priority 0xff is used to reset the EAS */
1085     if (priority == 0xff) {
1086         new_eas.w = cpu_to_be64(EAS_VALID | EAS_MASKED);
1087         goto out;
1088     }
1089 
1090     if (flags & SPAPR_XIVE_SRC_MASK) {
1091         new_eas.w = eas.w | cpu_to_be64(EAS_MASKED);
1092     } else {
1093         new_eas.w = eas.w & cpu_to_be64(~EAS_MASKED);
1094     }
1095 
1096     if (spapr_xive_priority_is_reserved(xive, priority)) {
1097         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: priority " TARGET_FMT_ld
1098                       " is reserved\n", priority);
1099         return H_P4;
1100     }
1101 
1102     /*
1103      * Validate that "target" is part of the list of threads allocated
1104      * to the partition. For that, find the END corresponding to the
1105      * target.
1106      */
1107     if (spapr_xive_target_to_end(target, priority, &end_blk, &end_idx)) {
1108         return H_P3;
1109     }
1110 
1111     new_eas.w = xive_set_field64(EAS_END_BLOCK, new_eas.w, end_blk);
1112     new_eas.w = xive_set_field64(EAS_END_INDEX, new_eas.w, end_idx);
1113 
1114     if (flags & SPAPR_XIVE_SRC_SET_EISN) {
1115         new_eas.w = xive_set_field64(EAS_END_DATA, new_eas.w, eisn);
1116     }
1117 
1118     if (spapr_xive_in_kernel(xive)) {
1119         Error *local_err = NULL;
1120 
1121         kvmppc_xive_set_source_config(xive, lisn, &new_eas, &local_err);
1122         if (local_err) {
1123             error_report_err(local_err);
1124             return H_HARDWARE;
1125         }
1126     }
1127 
1128 out:
1129     xive->eat[lisn] = new_eas;
1130     return H_SUCCESS;
1131 }
1132 
1133 /*
1134  * The H_INT_GET_SOURCE_CONFIG hcall() is used to determine to which
1135  * target/priority pair is assigned to the specified Logical Interrupt
1136  * Source.
1137  *
1138  * Parameters:
1139  * Input:
1140  * - R4: "flags"
1141  *         Bits 0-63 Reserved
1142  * - R5: "lisn" is per "interrupts", "interrupt-map", or
1143  *       "ibm,xive-lisn-ranges" properties, or as returned by the
1144  *       ibm,query-interrupt-source-number RTAS call, or as
1145  *       returned by the H_ALLOCATE_VAS_WINDOW hcall
1146  *
1147  * Output:
1148  * - R4: Target to which the specified Logical Interrupt Source is
1149  *       assigned
1150  * - R5: Priority to which the specified Logical Interrupt Source is
1151  *       assigned
1152  * - R6: EISN for the specified Logical Interrupt Source (this will be
1153  *       equivalent to the LISN if not changed by H_INT_SET_SOURCE_CONFIG)
1154  */
h_int_get_source_config(PowerPCCPU * cpu,SpaprMachineState * spapr,target_ulong opcode,target_ulong * args)1155 static target_ulong h_int_get_source_config(PowerPCCPU *cpu,
1156                                             SpaprMachineState *spapr,
1157                                             target_ulong opcode,
1158                                             target_ulong *args)
1159 {
1160     SpaprXive *xive = spapr->xive;
1161     target_ulong flags = args[0];
1162     target_ulong lisn = args[1];
1163     XiveEAS eas;
1164     XiveEND *end;
1165     uint8_t nvt_blk;
1166     uint32_t end_idx, nvt_idx;
1167 
1168     trace_spapr_xive_get_source_config(flags, lisn);
1169 
1170     if (!spapr_ovec_test(spapr->ov5_cas, OV5_XIVE_EXPLOIT)) {
1171         return H_FUNCTION;
1172     }
1173 
1174     if (flags) {
1175         return H_PARAMETER;
1176     }
1177 
1178     if (lisn >= xive->nr_irqs) {
1179         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Unknown LISN " TARGET_FMT_lx "\n",
1180                       lisn);
1181         return H_P2;
1182     }
1183 
1184     eas = xive->eat[lisn];
1185     if (!xive_eas_is_valid(&eas)) {
1186         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid LISN " TARGET_FMT_lx "\n",
1187                       lisn);
1188         return H_P2;
1189     }
1190 
1191     /* EAS_END_BLOCK is unused on sPAPR */
1192     end_idx = xive_get_field64(EAS_END_INDEX, eas.w);
1193 
1194     assert(end_idx < xive->nr_ends);
1195     end = &xive->endt[end_idx];
1196 
1197     nvt_blk = xive_get_field32(END_W6_NVT_BLOCK, end->w6);
1198     nvt_idx = xive_get_field32(END_W6_NVT_INDEX, end->w6);
1199     args[0] = spapr_xive_nvt_to_target(nvt_blk, nvt_idx);
1200 
1201     if (xive_eas_is_masked(&eas)) {
1202         args[1] = 0xff;
1203     } else {
1204         args[1] = xive_get_field32(END_W7_F0_PRIORITY, end->w7);
1205     }
1206 
1207     args[2] = xive_get_field64(EAS_END_DATA, eas.w);
1208 
1209     return H_SUCCESS;
1210 }
1211 
1212 /*
1213  * The H_INT_GET_QUEUE_INFO hcall() is used to get the logical real
1214  * address of the notification management page associated with the
1215  * specified target and priority.
1216  *
1217  * Parameters:
1218  * Input:
1219  * - R4: "flags"
1220  *         Bits 0-63 Reserved
1221  * - R5: "target" is per "ibm,ppc-interrupt-server#s" or
1222  *       "ibm,ppc-interrupt-gserver#s"
1223  * - R6: "priority" is a valid priority not in
1224  *       "ibm,plat-res-int-priorities"
1225  *
1226  * Output:
1227  * - R4: Logical real address of notification page
1228  * - R5: Power of 2 page size of the notification page
1229  */
h_int_get_queue_info(PowerPCCPU * cpu,SpaprMachineState * spapr,target_ulong opcode,target_ulong * args)1230 static target_ulong h_int_get_queue_info(PowerPCCPU *cpu,
1231                                          SpaprMachineState *spapr,
1232                                          target_ulong opcode,
1233                                          target_ulong *args)
1234 {
1235     SpaprXive *xive = spapr->xive;
1236     XiveENDSource *end_xsrc = &xive->end_source;
1237     target_ulong flags = args[0];
1238     target_ulong target = args[1];
1239     target_ulong priority = args[2];
1240     XiveEND *end;
1241     uint8_t end_blk;
1242     uint32_t end_idx;
1243 
1244     trace_spapr_xive_get_queue_info(flags, target, priority);
1245 
1246     if (!spapr_ovec_test(spapr->ov5_cas, OV5_XIVE_EXPLOIT)) {
1247         return H_FUNCTION;
1248     }
1249 
1250     if (flags) {
1251         return H_PARAMETER;
1252     }
1253 
1254     /*
1255      * H_STATE should be returned if a H_INT_RESET is in progress.
1256      * This is not needed when running the emulation under QEMU
1257      */
1258 
1259     if (spapr_xive_priority_is_reserved(xive, priority)) {
1260         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: priority " TARGET_FMT_ld
1261                       " is reserved\n", priority);
1262         return H_P3;
1263     }
1264 
1265     /*
1266      * Validate that "target" is part of the list of threads allocated
1267      * to the partition. For that, find the END corresponding to the
1268      * target.
1269      */
1270     if (spapr_xive_target_to_end(target, priority, &end_blk, &end_idx)) {
1271         return H_P2;
1272     }
1273 
1274     assert(end_idx < xive->nr_ends);
1275     end = &xive->endt[end_idx];
1276 
1277     args[0] = xive->end_base + (1ull << (end_xsrc->esb_shift + 1)) * end_idx;
1278     if (xive_end_is_enqueue(end)) {
1279         args[1] = xive_get_field32(END_W0_QSIZE, end->w0) + 12;
1280     } else {
1281         args[1] = 0;
1282     }
1283 
1284     return H_SUCCESS;
1285 }
1286 
1287 /*
1288  * The H_INT_SET_QUEUE_CONFIG hcall() is used to set or reset a EQ for
1289  * a given "target" and "priority".  It is also used to set the
1290  * notification config associated with the EQ.  An EQ size of 0 is
1291  * used to reset the EQ config for a given target and priority. If
1292  * resetting the EQ config, the END associated with the given "target"
1293  * and "priority" will be changed to disable queueing.
1294  *
1295  * Upon return from the hcall(), no additional interrupts will be
1296  * directed to the old EQ (if one was set). The old EQ (if one was
1297  * set) should be investigated for interrupts that occurred prior to
1298  * or during the hcall().
1299  *
1300  * Parameters:
1301  * Input:
1302  * - R4: "flags"
1303  *         Bits 0-62: Reserved
1304  *         Bit 63: Unconditional Notify (n) per the XIVE spec
1305  * - R5: "target" is per "ibm,ppc-interrupt-server#s" or
1306  *       "ibm,ppc-interrupt-gserver#s"
1307  * - R6: "priority" is a valid priority not in
1308  *       "ibm,plat-res-int-priorities"
1309  * - R7: "eventQueue": The logical real address of the start of the EQ
1310  * - R8: "eventQueueSize": The power of 2 EQ size per "ibm,xive-eq-sizes"
1311  *
1312  * Output:
1313  * - None
1314  */
1315 
1316 #define SPAPR_XIVE_END_ALWAYS_NOTIFY PPC_BIT(63)
1317 
h_int_set_queue_config(PowerPCCPU * cpu,SpaprMachineState * spapr,target_ulong opcode,target_ulong * args)1318 static target_ulong h_int_set_queue_config(PowerPCCPU *cpu,
1319                                            SpaprMachineState *spapr,
1320                                            target_ulong opcode,
1321                                            target_ulong *args)
1322 {
1323     SpaprXive *xive = spapr->xive;
1324     target_ulong flags = args[0];
1325     target_ulong target = args[1];
1326     target_ulong priority = args[2];
1327     target_ulong qpage = args[3];
1328     target_ulong qsize = args[4];
1329     XiveEND end;
1330     uint8_t end_blk, nvt_blk;
1331     uint32_t end_idx, nvt_idx;
1332 
1333     trace_spapr_xive_set_queue_config(flags, target, priority, qpage, qsize);
1334 
1335     if (!spapr_ovec_test(spapr->ov5_cas, OV5_XIVE_EXPLOIT)) {
1336         return H_FUNCTION;
1337     }
1338 
1339     if (flags & ~SPAPR_XIVE_END_ALWAYS_NOTIFY) {
1340         return H_PARAMETER;
1341     }
1342 
1343     /*
1344      * H_STATE should be returned if a H_INT_RESET is in progress.
1345      * This is not needed when running the emulation under QEMU
1346      */
1347 
1348     if (spapr_xive_priority_is_reserved(xive, priority)) {
1349         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: priority " TARGET_FMT_ld
1350                       " is reserved\n", priority);
1351         return H_P3;
1352     }
1353 
1354     /*
1355      * Validate that "target" is part of the list of threads allocated
1356      * to the partition. For that, find the END corresponding to the
1357      * target.
1358      */
1359 
1360     if (spapr_xive_target_to_end(target, priority, &end_blk, &end_idx)) {
1361         return H_P2;
1362     }
1363 
1364     assert(end_idx < xive->nr_ends);
1365     memcpy(&end, &xive->endt[end_idx], sizeof(XiveEND));
1366 
1367     switch (qsize) {
1368     case 12:
1369     case 16:
1370     case 21:
1371     case 24:
1372         if (!QEMU_IS_ALIGNED(qpage, 1ul << qsize)) {
1373             qemu_log_mask(LOG_GUEST_ERROR, "XIVE: EQ @0x%" HWADDR_PRIx
1374                           " is not naturally aligned with %" HWADDR_PRIx "\n",
1375                           qpage, (hwaddr)1 << qsize);
1376             return H_P4;
1377         }
1378         end.w2 = cpu_to_be32((qpage >> 32) & 0x0fffffff);
1379         end.w3 = cpu_to_be32(qpage & 0xffffffff);
1380         end.w0 |= cpu_to_be32(END_W0_ENQUEUE);
1381         end.w0 = xive_set_field32(END_W0_QSIZE, end.w0, qsize - 12);
1382         break;
1383     case 0:
1384         /* reset queue and disable queueing */
1385         spapr_xive_end_reset(&end);
1386         goto out;
1387 
1388     default:
1389         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid EQ size %"PRIx64"\n",
1390                       qsize);
1391         return H_P5;
1392     }
1393 
1394     if (qsize) {
1395         hwaddr plen = 1 << qsize;
1396         void *eq;
1397 
1398         /*
1399          * Validate the guest EQ. We should also check that the queue
1400          * has been zeroed by the OS.
1401          */
1402         eq = address_space_map(CPU(cpu)->as, qpage, &plen, true,
1403                                MEMTXATTRS_UNSPECIFIED);
1404         if (plen != 1 << qsize) {
1405             qemu_log_mask(LOG_GUEST_ERROR, "XIVE: failed to map EQ @0x%"
1406                           HWADDR_PRIx "\n", qpage);
1407             return H_P4;
1408         }
1409         address_space_unmap(CPU(cpu)->as, eq, plen, true, plen);
1410     }
1411 
1412     /* "target" should have been validated above */
1413     if (spapr_xive_target_to_nvt(target, &nvt_blk, &nvt_idx)) {
1414         g_assert_not_reached();
1415     }
1416 
1417     /*
1418      * Ensure the priority and target are correctly set (they will not
1419      * be right after allocation)
1420      */
1421     end.w6 = xive_set_field32(END_W6_NVT_BLOCK, 0ul, nvt_blk) |
1422         xive_set_field32(END_W6_NVT_INDEX, 0ul, nvt_idx);
1423     end.w7 = xive_set_field32(END_W7_F0_PRIORITY, 0ul, priority);
1424 
1425     if (flags & SPAPR_XIVE_END_ALWAYS_NOTIFY) {
1426         end.w0 |= cpu_to_be32(END_W0_UCOND_NOTIFY);
1427     } else {
1428         end.w0 &= cpu_to_be32((uint32_t)~END_W0_UCOND_NOTIFY);
1429     }
1430 
1431     /*
1432      * The generation bit for the END starts at 1 and The END page
1433      * offset counter starts at 0.
1434      */
1435     end.w1 = cpu_to_be32(END_W1_GENERATION) |
1436         xive_set_field32(END_W1_PAGE_OFF, 0ul, 0ul);
1437     end.w0 |= cpu_to_be32(END_W0_VALID);
1438 
1439     /*
1440      * TODO: issue syncs required to ensure all in-flight interrupts
1441      * are complete on the old END
1442      */
1443 
1444 out:
1445     if (spapr_xive_in_kernel(xive)) {
1446         Error *local_err = NULL;
1447 
1448         kvmppc_xive_set_queue_config(xive, end_blk, end_idx, &end, &local_err);
1449         if (local_err) {
1450             error_report_err(local_err);
1451             return H_HARDWARE;
1452         }
1453     }
1454 
1455     /* Update END */
1456     memcpy(&xive->endt[end_idx], &end, sizeof(XiveEND));
1457     return H_SUCCESS;
1458 }
1459 
1460 /*
1461  * The H_INT_GET_QUEUE_CONFIG hcall() is used to get a EQ for a given
1462  * target and priority.
1463  *
1464  * Parameters:
1465  * Input:
1466  * - R4: "flags"
1467  *         Bits 0-62: Reserved
1468  *         Bit 63: Debug: Return debug data
1469  * - R5: "target" is per "ibm,ppc-interrupt-server#s" or
1470  *       "ibm,ppc-interrupt-gserver#s"
1471  * - R6: "priority" is a valid priority not in
1472  *       "ibm,plat-res-int-priorities"
1473  *
1474  * Output:
1475  * - R4: "flags":
1476  *       Bits 0-61: Reserved
1477  *       Bit 62: The value of Event Queue Generation Number (g) per
1478  *              the XIVE spec if "Debug" = 1
1479  *       Bit 63: The value of Unconditional Notify (n) per the XIVE spec
1480  * - R5: The logical real address of the start of the EQ
1481  * - R6: The power of 2 EQ size per "ibm,xive-eq-sizes"
1482  * - R7: The value of Event Queue Offset Counter per XIVE spec
1483  *       if "Debug" = 1, else 0
1484  *
1485  */
1486 
1487 #define SPAPR_XIVE_END_DEBUG     PPC_BIT(63)
1488 
h_int_get_queue_config(PowerPCCPU * cpu,SpaprMachineState * spapr,target_ulong opcode,target_ulong * args)1489 static target_ulong h_int_get_queue_config(PowerPCCPU *cpu,
1490                                            SpaprMachineState *spapr,
1491                                            target_ulong opcode,
1492                                            target_ulong *args)
1493 {
1494     SpaprXive *xive = spapr->xive;
1495     target_ulong flags = args[0];
1496     target_ulong target = args[1];
1497     target_ulong priority = args[2];
1498     XiveEND *end;
1499     uint8_t end_blk;
1500     uint32_t end_idx;
1501 
1502     trace_spapr_xive_get_queue_config(flags, target, priority);
1503 
1504     if (!spapr_ovec_test(spapr->ov5_cas, OV5_XIVE_EXPLOIT)) {
1505         return H_FUNCTION;
1506     }
1507 
1508     if (flags & ~SPAPR_XIVE_END_DEBUG) {
1509         return H_PARAMETER;
1510     }
1511 
1512     /*
1513      * H_STATE should be returned if a H_INT_RESET is in progress.
1514      * This is not needed when running the emulation under QEMU
1515      */
1516 
1517     if (spapr_xive_priority_is_reserved(xive, priority)) {
1518         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: priority " TARGET_FMT_ld
1519                       " is reserved\n", priority);
1520         return H_P3;
1521     }
1522 
1523     /*
1524      * Validate that "target" is part of the list of threads allocated
1525      * to the partition. For that, find the END corresponding to the
1526      * target.
1527      */
1528     if (spapr_xive_target_to_end(target, priority, &end_blk, &end_idx)) {
1529         return H_P2;
1530     }
1531 
1532     assert(end_idx < xive->nr_ends);
1533     end = &xive->endt[end_idx];
1534 
1535     args[0] = 0;
1536     if (xive_end_is_notify(end)) {
1537         args[0] |= SPAPR_XIVE_END_ALWAYS_NOTIFY;
1538     }
1539 
1540     if (xive_end_is_enqueue(end)) {
1541         args[1] = xive_end_qaddr(end);
1542         args[2] = xive_get_field32(END_W0_QSIZE, end->w0) + 12;
1543     } else {
1544         args[1] = 0;
1545         args[2] = 0;
1546     }
1547 
1548     if (spapr_xive_in_kernel(xive)) {
1549         Error *local_err = NULL;
1550 
1551         kvmppc_xive_get_queue_config(xive, end_blk, end_idx, end, &local_err);
1552         if (local_err) {
1553             error_report_err(local_err);
1554             return H_HARDWARE;
1555         }
1556     }
1557 
1558     /* TODO: do we need any locking on the END ? */
1559     if (flags & SPAPR_XIVE_END_DEBUG) {
1560         /* Load the event queue generation number into the return flags */
1561         args[0] |= (uint64_t)xive_get_field32(END_W1_GENERATION, end->w1) << 62;
1562 
1563         /* Load R7 with the event queue offset counter */
1564         args[3] = xive_get_field32(END_W1_PAGE_OFF, end->w1);
1565     } else {
1566         args[3] = 0;
1567     }
1568 
1569     return H_SUCCESS;
1570 }
1571 
1572 /*
1573  * The H_INT_SET_OS_REPORTING_LINE hcall() is used to set the
1574  * reporting cache line pair for the calling thread.  The reporting
1575  * cache lines will contain the OS interrupt context when the OS
1576  * issues a CI store byte to @TIMA+0xC10 to acknowledge the OS
1577  * interrupt. The reporting cache lines can be reset by inputting -1
1578  * in "reportingLine".  Issuing the CI store byte without reporting
1579  * cache lines registered will result in the data not being accessible
1580  * to the OS.
1581  *
1582  * Parameters:
1583  * Input:
1584  * - R4: "flags"
1585  *         Bits 0-63: Reserved
1586  * - R5: "reportingLine": The logical real address of the reporting cache
1587  *       line pair
1588  *
1589  * Output:
1590  * - None
1591  */
h_int_set_os_reporting_line(PowerPCCPU * cpu,SpaprMachineState * spapr,target_ulong opcode,target_ulong * args)1592 static target_ulong h_int_set_os_reporting_line(PowerPCCPU *cpu,
1593                                                 SpaprMachineState *spapr,
1594                                                 target_ulong opcode,
1595                                                 target_ulong *args)
1596 {
1597     target_ulong flags   = args[0];
1598 
1599     trace_spapr_xive_set_os_reporting_line(flags);
1600 
1601     if (!spapr_ovec_test(spapr->ov5_cas, OV5_XIVE_EXPLOIT)) {
1602         return H_FUNCTION;
1603     }
1604 
1605     /*
1606      * H_STATE should be returned if a H_INT_RESET is in progress.
1607      * This is not needed when running the emulation under QEMU
1608      */
1609 
1610     /* TODO: H_INT_SET_OS_REPORTING_LINE */
1611     return H_FUNCTION;
1612 }
1613 
1614 /*
1615  * The H_INT_GET_OS_REPORTING_LINE hcall() is used to get the logical
1616  * real address of the reporting cache line pair set for the input
1617  * "target".  If no reporting cache line pair has been set, -1 is
1618  * returned.
1619  *
1620  * Parameters:
1621  * Input:
1622  * - R4: "flags"
1623  *         Bits 0-63: Reserved
1624  * - R5: "target" is per "ibm,ppc-interrupt-server#s" or
1625  *       "ibm,ppc-interrupt-gserver#s"
1626  * - R6: "reportingLine": The logical real address of the reporting
1627  *        cache line pair
1628  *
1629  * Output:
1630  * - R4: The logical real address of the reporting line if set, else -1
1631  */
h_int_get_os_reporting_line(PowerPCCPU * cpu,SpaprMachineState * spapr,target_ulong opcode,target_ulong * args)1632 static target_ulong h_int_get_os_reporting_line(PowerPCCPU *cpu,
1633                                                 SpaprMachineState *spapr,
1634                                                 target_ulong opcode,
1635                                                 target_ulong *args)
1636 {
1637     target_ulong flags   = args[0];
1638 
1639     trace_spapr_xive_get_os_reporting_line(flags);
1640 
1641     if (!spapr_ovec_test(spapr->ov5_cas, OV5_XIVE_EXPLOIT)) {
1642         return H_FUNCTION;
1643     }
1644 
1645     /*
1646      * H_STATE should be returned if a H_INT_RESET is in progress.
1647      * This is not needed when running the emulation under QEMU
1648      */
1649 
1650     /* TODO: H_INT_GET_OS_REPORTING_LINE */
1651     return H_FUNCTION;
1652 }
1653 
1654 /*
1655  * The H_INT_ESB hcall() is used to issue a load or store to the ESB
1656  * page for the input "lisn".  This hcall is only supported for LISNs
1657  * that have the ESB hcall flag set to 1 when returned from hcall()
1658  * H_INT_GET_SOURCE_INFO.
1659  *
1660  * Parameters:
1661  * Input:
1662  * - R4: "flags"
1663  *         Bits 0-62: Reserved
1664  *         bit 63: Store: Store=1, store operation, else load operation
1665  * - R5: "lisn" is per "interrupts", "interrupt-map", or
1666  *       "ibm,xive-lisn-ranges" properties, or as returned by the
1667  *       ibm,query-interrupt-source-number RTAS call, or as
1668  *       returned by the H_ALLOCATE_VAS_WINDOW hcall
1669  * - R6: "esbOffset" is the offset into the ESB page for the load or
1670  *       store operation
1671  * - R7: "storeData" is the data to write for a store operation
1672  *
1673  * Output:
1674  * - R4: The value of the load if load operation, else -1
1675  */
1676 
1677 #define SPAPR_XIVE_ESB_STORE PPC_BIT(63)
1678 
h_int_esb(PowerPCCPU * cpu,SpaprMachineState * spapr,target_ulong opcode,target_ulong * args)1679 static target_ulong h_int_esb(PowerPCCPU *cpu,
1680                               SpaprMachineState *spapr,
1681                               target_ulong opcode,
1682                               target_ulong *args)
1683 {
1684     SpaprXive *xive = spapr->xive;
1685     XiveEAS eas;
1686     target_ulong flags  = args[0];
1687     target_ulong lisn   = args[1];
1688     target_ulong offset = args[2];
1689     target_ulong data   = args[3];
1690     hwaddr mmio_addr;
1691     XiveSource *xsrc = &xive->source;
1692 
1693     trace_spapr_xive_esb(flags, lisn, offset, data);
1694 
1695     if (!spapr_ovec_test(spapr->ov5_cas, OV5_XIVE_EXPLOIT)) {
1696         return H_FUNCTION;
1697     }
1698 
1699     if (flags & ~SPAPR_XIVE_ESB_STORE) {
1700         return H_PARAMETER;
1701     }
1702 
1703     if (lisn >= xive->nr_irqs) {
1704         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Unknown LISN " TARGET_FMT_lx "\n",
1705                       lisn);
1706         return H_P2;
1707     }
1708 
1709     eas = xive->eat[lisn];
1710     if (!xive_eas_is_valid(&eas)) {
1711         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid LISN " TARGET_FMT_lx "\n",
1712                       lisn);
1713         return H_P2;
1714     }
1715 
1716     if (offset > (1ull << xsrc->esb_shift)) {
1717         return H_P3;
1718     }
1719 
1720     if (spapr_xive_in_kernel(xive)) {
1721         args[0] = kvmppc_xive_esb_rw(xsrc, lisn, offset, data,
1722                                      flags & SPAPR_XIVE_ESB_STORE);
1723     } else {
1724         mmio_addr = xive->vc_base + xive_source_esb_mgmt(xsrc, lisn) + offset;
1725 
1726         if (dma_memory_rw(&address_space_memory, mmio_addr, &data, 8,
1727                           (flags & SPAPR_XIVE_ESB_STORE),
1728                           MEMTXATTRS_UNSPECIFIED)) {
1729             qemu_log_mask(LOG_GUEST_ERROR, "XIVE: failed to access ESB @0x%"
1730                           HWADDR_PRIx "\n", mmio_addr);
1731             return H_HARDWARE;
1732         }
1733         args[0] = (flags & SPAPR_XIVE_ESB_STORE) ? -1 : data;
1734     }
1735     return H_SUCCESS;
1736 }
1737 
1738 /*
1739  * The H_INT_SYNC hcall() is used to issue hardware syncs that will
1740  * ensure any in flight events for the input lisn are in the event
1741  * queue.
1742  *
1743  * Parameters:
1744  * Input:
1745  * - R4: "flags"
1746  *         Bits 0-63: Reserved
1747  * - R5: "lisn" is per "interrupts", "interrupt-map", or
1748  *       "ibm,xive-lisn-ranges" properties, or as returned by the
1749  *       ibm,query-interrupt-source-number RTAS call, or as
1750  *       returned by the H_ALLOCATE_VAS_WINDOW hcall
1751  *
1752  * Output:
1753  * - None
1754  */
h_int_sync(PowerPCCPU * cpu,SpaprMachineState * spapr,target_ulong opcode,target_ulong * args)1755 static target_ulong h_int_sync(PowerPCCPU *cpu,
1756                                SpaprMachineState *spapr,
1757                                target_ulong opcode,
1758                                target_ulong *args)
1759 {
1760     SpaprXive *xive = spapr->xive;
1761     XiveEAS eas;
1762     target_ulong flags = args[0];
1763     target_ulong lisn = args[1];
1764 
1765     trace_spapr_xive_sync(flags, lisn);
1766 
1767     if (!spapr_ovec_test(spapr->ov5_cas, OV5_XIVE_EXPLOIT)) {
1768         return H_FUNCTION;
1769     }
1770 
1771     if (flags) {
1772         return H_PARAMETER;
1773     }
1774 
1775     if (lisn >= xive->nr_irqs) {
1776         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Unknown LISN " TARGET_FMT_lx "\n",
1777                       lisn);
1778         return H_P2;
1779     }
1780 
1781     eas = xive->eat[lisn];
1782     if (!xive_eas_is_valid(&eas)) {
1783         qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid LISN " TARGET_FMT_lx "\n",
1784                       lisn);
1785         return H_P2;
1786     }
1787 
1788     /*
1789      * H_STATE should be returned if a H_INT_RESET is in progress.
1790      * This is not needed when running the emulation under QEMU
1791      */
1792 
1793     /*
1794      * This is not real hardware. Nothing to be done unless when
1795      * under KVM
1796      */
1797 
1798     if (spapr_xive_in_kernel(xive)) {
1799         Error *local_err = NULL;
1800 
1801         kvmppc_xive_sync_source(xive, lisn, &local_err);
1802         if (local_err) {
1803             error_report_err(local_err);
1804             return H_HARDWARE;
1805         }
1806     }
1807     return H_SUCCESS;
1808 }
1809 
1810 /*
1811  * The H_INT_RESET hcall() is used to reset all of the partition's
1812  * interrupt exploitation structures to their initial state.  This
1813  * means losing all previously set interrupt state set via
1814  * H_INT_SET_SOURCE_CONFIG and H_INT_SET_QUEUE_CONFIG.
1815  *
1816  * Parameters:
1817  * Input:
1818  * - R4: "flags"
1819  *         Bits 0-63: Reserved
1820  *
1821  * Output:
1822  * - None
1823  */
h_int_reset(PowerPCCPU * cpu,SpaprMachineState * spapr,target_ulong opcode,target_ulong * args)1824 static target_ulong h_int_reset(PowerPCCPU *cpu,
1825                                 SpaprMachineState *spapr,
1826                                 target_ulong opcode,
1827                                 target_ulong *args)
1828 {
1829     SpaprXive *xive = spapr->xive;
1830     target_ulong flags   = args[0];
1831 
1832     trace_spapr_xive_reset(flags);
1833 
1834     if (!spapr_ovec_test(spapr->ov5_cas, OV5_XIVE_EXPLOIT)) {
1835         return H_FUNCTION;
1836     }
1837 
1838     if (flags) {
1839         return H_PARAMETER;
1840     }
1841 
1842     device_cold_reset(DEVICE(xive));
1843 
1844     if (spapr_xive_in_kernel(xive)) {
1845         Error *local_err = NULL;
1846 
1847         kvmppc_xive_reset(xive, &local_err);
1848         if (local_err) {
1849             error_report_err(local_err);
1850             return H_HARDWARE;
1851         }
1852     }
1853     return H_SUCCESS;
1854 }
1855 
spapr_xive_hcall_init(SpaprMachineState * spapr)1856 void spapr_xive_hcall_init(SpaprMachineState *spapr)
1857 {
1858     spapr_register_hypercall(H_INT_GET_SOURCE_INFO, h_int_get_source_info);
1859     spapr_register_hypercall(H_INT_SET_SOURCE_CONFIG, h_int_set_source_config);
1860     spapr_register_hypercall(H_INT_GET_SOURCE_CONFIG, h_int_get_source_config);
1861     spapr_register_hypercall(H_INT_GET_QUEUE_INFO, h_int_get_queue_info);
1862     spapr_register_hypercall(H_INT_SET_QUEUE_CONFIG, h_int_set_queue_config);
1863     spapr_register_hypercall(H_INT_GET_QUEUE_CONFIG, h_int_get_queue_config);
1864     spapr_register_hypercall(H_INT_SET_OS_REPORTING_LINE,
1865                              h_int_set_os_reporting_line);
1866     spapr_register_hypercall(H_INT_GET_OS_REPORTING_LINE,
1867                              h_int_get_os_reporting_line);
1868     spapr_register_hypercall(H_INT_ESB, h_int_esb);
1869     spapr_register_hypercall(H_INT_SYNC, h_int_sync);
1870     spapr_register_hypercall(H_INT_RESET, h_int_reset);
1871 }
1872