1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * VGIC MMIO handling functions 4 */ 5 6 #include <linux/bitops.h> 7 #include <linux/bsearch.h> 8 #include <linux/interrupt.h> 9 #include <linux/irq.h> 10 #include <linux/kvm.h> 11 #include <linux/kvm_host.h> 12 #include <kvm/iodev.h> 13 #include <kvm/arm_arch_timer.h> 14 #include <kvm/arm_vgic.h> 15 16 #include "vgic.h" 17 #include "vgic-mmio.h" 18 19 unsigned long vgic_mmio_read_raz(struct kvm_vcpu *vcpu, 20 gpa_t addr, unsigned int len) 21 { 22 return 0; 23 } 24 25 unsigned long vgic_mmio_read_rao(struct kvm_vcpu *vcpu, 26 gpa_t addr, unsigned int len) 27 { 28 return -1UL; 29 } 30 31 void vgic_mmio_write_wi(struct kvm_vcpu *vcpu, gpa_t addr, 32 unsigned int len, unsigned long val) 33 { 34 /* Ignore */ 35 } 36 37 int vgic_mmio_uaccess_write_wi(struct kvm_vcpu *vcpu, gpa_t addr, 38 unsigned int len, unsigned long val) 39 { 40 /* Ignore */ 41 return 0; 42 } 43 44 unsigned long vgic_mmio_read_group(struct kvm_vcpu *vcpu, 45 gpa_t addr, unsigned int len) 46 { 47 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 48 u32 value = 0; 49 int i; 50 51 /* Loop over all IRQs affected by this read */ 52 for (i = 0; i < len * 8; i++) { 53 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 54 55 if (irq->group) 56 value |= BIT(i); 57 58 vgic_put_irq(vcpu->kvm, irq); 59 } 60 61 return value; 62 } 63 64 static void vgic_update_vsgi(struct vgic_irq *irq) 65 { 66 WARN_ON(its_prop_update_vsgi(irq->host_irq, irq->priority, irq->group)); 67 } 68 69 void vgic_mmio_write_group(struct kvm_vcpu *vcpu, gpa_t addr, 70 unsigned int len, unsigned long val) 71 { 72 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 73 int i; 74 unsigned long flags; 75 76 for (i = 0; i < len * 8; i++) { 77 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 78 79 raw_spin_lock_irqsave(&irq->irq_lock, flags); 80 irq->group = !!(val & BIT(i)); 81 if (irq->hw && vgic_irq_is_sgi(irq->intid)) { 82 vgic_update_vsgi(irq); 83 raw_spin_unlock_irqrestore(&irq->irq_lock, flags); 84 } else { 85 vgic_queue_irq_unlock(vcpu->kvm, irq, flags); 86 } 87 88 vgic_put_irq(vcpu->kvm, irq); 89 } 90 } 91 92 /* 93 * Read accesses to both GICD_ICENABLER and GICD_ISENABLER return the value 94 * of the enabled bit, so there is only one function for both here. 95 */ 96 unsigned long vgic_mmio_read_enable(struct kvm_vcpu *vcpu, 97 gpa_t addr, unsigned int len) 98 { 99 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 100 u32 value = 0; 101 int i; 102 103 /* Loop over all IRQs affected by this read */ 104 for (i = 0; i < len * 8; i++) { 105 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 106 107 if (irq->enabled) 108 value |= (1U << i); 109 110 vgic_put_irq(vcpu->kvm, irq); 111 } 112 113 return value; 114 } 115 116 void vgic_mmio_write_senable(struct kvm_vcpu *vcpu, 117 gpa_t addr, unsigned int len, 118 unsigned long val) 119 { 120 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 121 int i; 122 unsigned long flags; 123 124 for_each_set_bit(i, &val, len * 8) { 125 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 126 127 raw_spin_lock_irqsave(&irq->irq_lock, flags); 128 if (irq->hw && vgic_irq_is_sgi(irq->intid)) { 129 if (!irq->enabled) { 130 struct irq_data *data; 131 132 irq->enabled = true; 133 data = &irq_to_desc(irq->host_irq)->irq_data; 134 while (irqd_irq_disabled(data)) 135 enable_irq(irq->host_irq); 136 } 137 138 raw_spin_unlock_irqrestore(&irq->irq_lock, flags); 139 vgic_put_irq(vcpu->kvm, irq); 140 141 continue; 142 } else if (vgic_irq_is_mapped_level(irq)) { 143 bool was_high = irq->line_level; 144 145 /* 146 * We need to update the state of the interrupt because 147 * the guest might have changed the state of the device 148 * while the interrupt was disabled at the VGIC level. 149 */ 150 irq->line_level = vgic_get_phys_line_level(irq); 151 /* 152 * Deactivate the physical interrupt so the GIC will let 153 * us know when it is asserted again. 154 */ 155 if (!irq->active && was_high && !irq->line_level) 156 vgic_irq_set_phys_active(irq, false); 157 } 158 irq->enabled = true; 159 vgic_queue_irq_unlock(vcpu->kvm, irq, flags); 160 161 vgic_put_irq(vcpu->kvm, irq); 162 } 163 } 164 165 void vgic_mmio_write_cenable(struct kvm_vcpu *vcpu, 166 gpa_t addr, unsigned int len, 167 unsigned long val) 168 { 169 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 170 int i; 171 unsigned long flags; 172 173 for_each_set_bit(i, &val, len * 8) { 174 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 175 176 raw_spin_lock_irqsave(&irq->irq_lock, flags); 177 if (irq->hw && vgic_irq_is_sgi(irq->intid) && irq->enabled) 178 disable_irq_nosync(irq->host_irq); 179 180 irq->enabled = false; 181 182 raw_spin_unlock_irqrestore(&irq->irq_lock, flags); 183 vgic_put_irq(vcpu->kvm, irq); 184 } 185 } 186 187 int vgic_uaccess_write_senable(struct kvm_vcpu *vcpu, 188 gpa_t addr, unsigned int len, 189 unsigned long val) 190 { 191 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 192 int i; 193 unsigned long flags; 194 195 for_each_set_bit(i, &val, len * 8) { 196 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 197 198 raw_spin_lock_irqsave(&irq->irq_lock, flags); 199 irq->enabled = true; 200 vgic_queue_irq_unlock(vcpu->kvm, irq, flags); 201 202 vgic_put_irq(vcpu->kvm, irq); 203 } 204 205 return 0; 206 } 207 208 int vgic_uaccess_write_cenable(struct kvm_vcpu *vcpu, 209 gpa_t addr, unsigned int len, 210 unsigned long val) 211 { 212 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 213 int i; 214 unsigned long flags; 215 216 for_each_set_bit(i, &val, len * 8) { 217 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 218 219 raw_spin_lock_irqsave(&irq->irq_lock, flags); 220 irq->enabled = false; 221 raw_spin_unlock_irqrestore(&irq->irq_lock, flags); 222 223 vgic_put_irq(vcpu->kvm, irq); 224 } 225 226 return 0; 227 } 228 229 static unsigned long __read_pending(struct kvm_vcpu *vcpu, 230 gpa_t addr, unsigned int len, 231 bool is_user) 232 { 233 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 234 u32 value = 0; 235 int i; 236 237 /* Loop over all IRQs affected by this read */ 238 for (i = 0; i < len * 8; i++) { 239 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 240 unsigned long flags; 241 bool val; 242 243 /* 244 * When used from userspace with a GICv3 model: 245 * 246 * Pending state of interrupt is latched in pending_latch 247 * variable. Userspace will save and restore pending state 248 * and line_level separately. 249 * Refer to Documentation/virt/kvm/devices/arm-vgic-v3.rst 250 * for handling of ISPENDR and ICPENDR. 251 */ 252 raw_spin_lock_irqsave(&irq->irq_lock, flags); 253 if (irq->hw && vgic_irq_is_sgi(irq->intid)) { 254 int err; 255 256 val = false; 257 err = irq_get_irqchip_state(irq->host_irq, 258 IRQCHIP_STATE_PENDING, 259 &val); 260 WARN_RATELIMIT(err, "IRQ %d", irq->host_irq); 261 } else if (!is_user && vgic_irq_is_mapped_level(irq)) { 262 val = vgic_get_phys_line_level(irq); 263 } else { 264 switch (vcpu->kvm->arch.vgic.vgic_model) { 265 case KVM_DEV_TYPE_ARM_VGIC_V3: 266 if (is_user) { 267 val = irq->pending_latch; 268 break; 269 } 270 fallthrough; 271 default: 272 val = irq_is_pending(irq); 273 break; 274 } 275 } 276 277 value |= ((u32)val << i); 278 raw_spin_unlock_irqrestore(&irq->irq_lock, flags); 279 280 vgic_put_irq(vcpu->kvm, irq); 281 } 282 283 return value; 284 } 285 286 unsigned long vgic_mmio_read_pending(struct kvm_vcpu *vcpu, 287 gpa_t addr, unsigned int len) 288 { 289 return __read_pending(vcpu, addr, len, false); 290 } 291 292 unsigned long vgic_uaccess_read_pending(struct kvm_vcpu *vcpu, 293 gpa_t addr, unsigned int len) 294 { 295 return __read_pending(vcpu, addr, len, true); 296 } 297 298 static bool is_vgic_v2_sgi(struct kvm_vcpu *vcpu, struct vgic_irq *irq) 299 { 300 return (vgic_irq_is_sgi(irq->intid) && 301 vcpu->kvm->arch.vgic.vgic_model == KVM_DEV_TYPE_ARM_VGIC_V2); 302 } 303 304 void vgic_mmio_write_spending(struct kvm_vcpu *vcpu, 305 gpa_t addr, unsigned int len, 306 unsigned long val) 307 { 308 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 309 int i; 310 unsigned long flags; 311 312 for_each_set_bit(i, &val, len * 8) { 313 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 314 315 /* GICD_ISPENDR0 SGI bits are WI */ 316 if (is_vgic_v2_sgi(vcpu, irq)) { 317 vgic_put_irq(vcpu->kvm, irq); 318 continue; 319 } 320 321 raw_spin_lock_irqsave(&irq->irq_lock, flags); 322 323 if (irq->hw && vgic_irq_is_sgi(irq->intid)) { 324 /* HW SGI? Ask the GIC to inject it */ 325 int err; 326 err = irq_set_irqchip_state(irq->host_irq, 327 IRQCHIP_STATE_PENDING, 328 true); 329 WARN_RATELIMIT(err, "IRQ %d", irq->host_irq); 330 331 raw_spin_unlock_irqrestore(&irq->irq_lock, flags); 332 vgic_put_irq(vcpu->kvm, irq); 333 334 continue; 335 } 336 337 irq->pending_latch = true; 338 if (irq->hw) 339 vgic_irq_set_phys_active(irq, true); 340 341 vgic_queue_irq_unlock(vcpu->kvm, irq, flags); 342 vgic_put_irq(vcpu->kvm, irq); 343 } 344 } 345 346 int vgic_uaccess_write_spending(struct kvm_vcpu *vcpu, 347 gpa_t addr, unsigned int len, 348 unsigned long val) 349 { 350 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 351 int i; 352 unsigned long flags; 353 354 for_each_set_bit(i, &val, len * 8) { 355 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 356 357 raw_spin_lock_irqsave(&irq->irq_lock, flags); 358 irq->pending_latch = true; 359 360 /* 361 * GICv2 SGIs are terribly broken. We can't restore 362 * the source of the interrupt, so just pick the vcpu 363 * itself as the source... 364 */ 365 if (is_vgic_v2_sgi(vcpu, irq)) 366 irq->source |= BIT(vcpu->vcpu_id); 367 368 vgic_queue_irq_unlock(vcpu->kvm, irq, flags); 369 370 vgic_put_irq(vcpu->kvm, irq); 371 } 372 373 return 0; 374 } 375 376 /* Must be called with irq->irq_lock held */ 377 static void vgic_hw_irq_cpending(struct kvm_vcpu *vcpu, struct vgic_irq *irq) 378 { 379 irq->pending_latch = false; 380 381 /* 382 * We don't want the guest to effectively mask the physical 383 * interrupt by doing a write to SPENDR followed by a write to 384 * CPENDR for HW interrupts, so we clear the active state on 385 * the physical side if the virtual interrupt is not active. 386 * This may lead to taking an additional interrupt on the 387 * host, but that should not be a problem as the worst that 388 * can happen is an additional vgic injection. We also clear 389 * the pending state to maintain proper semantics for edge HW 390 * interrupts. 391 */ 392 vgic_irq_set_phys_pending(irq, false); 393 if (!irq->active) 394 vgic_irq_set_phys_active(irq, false); 395 } 396 397 void vgic_mmio_write_cpending(struct kvm_vcpu *vcpu, 398 gpa_t addr, unsigned int len, 399 unsigned long val) 400 { 401 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 402 int i; 403 unsigned long flags; 404 405 for_each_set_bit(i, &val, len * 8) { 406 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 407 408 /* GICD_ICPENDR0 SGI bits are WI */ 409 if (is_vgic_v2_sgi(vcpu, irq)) { 410 vgic_put_irq(vcpu->kvm, irq); 411 continue; 412 } 413 414 raw_spin_lock_irqsave(&irq->irq_lock, flags); 415 416 if (irq->hw && vgic_irq_is_sgi(irq->intid)) { 417 /* HW SGI? Ask the GIC to clear its pending bit */ 418 int err; 419 err = irq_set_irqchip_state(irq->host_irq, 420 IRQCHIP_STATE_PENDING, 421 false); 422 WARN_RATELIMIT(err, "IRQ %d", irq->host_irq); 423 424 raw_spin_unlock_irqrestore(&irq->irq_lock, flags); 425 vgic_put_irq(vcpu->kvm, irq); 426 427 continue; 428 } 429 430 if (irq->hw) 431 vgic_hw_irq_cpending(vcpu, irq); 432 else 433 irq->pending_latch = false; 434 435 raw_spin_unlock_irqrestore(&irq->irq_lock, flags); 436 vgic_put_irq(vcpu->kvm, irq); 437 } 438 } 439 440 int vgic_uaccess_write_cpending(struct kvm_vcpu *vcpu, 441 gpa_t addr, unsigned int len, 442 unsigned long val) 443 { 444 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 445 int i; 446 unsigned long flags; 447 448 for_each_set_bit(i, &val, len * 8) { 449 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 450 451 raw_spin_lock_irqsave(&irq->irq_lock, flags); 452 /* 453 * More fun with GICv2 SGIs! If we're clearing one of them 454 * from userspace, which source vcpu to clear? Let's not 455 * even think of it, and blow the whole set. 456 */ 457 if (is_vgic_v2_sgi(vcpu, irq)) 458 irq->source = 0; 459 460 irq->pending_latch = false; 461 462 raw_spin_unlock_irqrestore(&irq->irq_lock, flags); 463 464 vgic_put_irq(vcpu->kvm, irq); 465 } 466 467 return 0; 468 } 469 470 /* 471 * If we are fiddling with an IRQ's active state, we have to make sure the IRQ 472 * is not queued on some running VCPU's LRs, because then the change to the 473 * active state can be overwritten when the VCPU's state is synced coming back 474 * from the guest. 475 * 476 * For shared interrupts as well as GICv3 private interrupts, we have to 477 * stop all the VCPUs because interrupts can be migrated while we don't hold 478 * the IRQ locks and we don't want to be chasing moving targets. 479 * 480 * For GICv2 private interrupts we don't have to do anything because 481 * userspace accesses to the VGIC state already require all VCPUs to be 482 * stopped, and only the VCPU itself can modify its private interrupts 483 * active state, which guarantees that the VCPU is not running. 484 */ 485 static void vgic_access_active_prepare(struct kvm_vcpu *vcpu, u32 intid) 486 { 487 if (vcpu->kvm->arch.vgic.vgic_model == KVM_DEV_TYPE_ARM_VGIC_V3 || 488 intid >= VGIC_NR_PRIVATE_IRQS) 489 kvm_arm_halt_guest(vcpu->kvm); 490 } 491 492 /* See vgic_access_active_prepare */ 493 static void vgic_access_active_finish(struct kvm_vcpu *vcpu, u32 intid) 494 { 495 if (vcpu->kvm->arch.vgic.vgic_model == KVM_DEV_TYPE_ARM_VGIC_V3 || 496 intid >= VGIC_NR_PRIVATE_IRQS) 497 kvm_arm_resume_guest(vcpu->kvm); 498 } 499 500 static unsigned long __vgic_mmio_read_active(struct kvm_vcpu *vcpu, 501 gpa_t addr, unsigned int len) 502 { 503 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 504 u32 value = 0; 505 int i; 506 507 /* Loop over all IRQs affected by this read */ 508 for (i = 0; i < len * 8; i++) { 509 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 510 511 /* 512 * Even for HW interrupts, don't evaluate the HW state as 513 * all the guest is interested in is the virtual state. 514 */ 515 if (irq->active) 516 value |= (1U << i); 517 518 vgic_put_irq(vcpu->kvm, irq); 519 } 520 521 return value; 522 } 523 524 unsigned long vgic_mmio_read_active(struct kvm_vcpu *vcpu, 525 gpa_t addr, unsigned int len) 526 { 527 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 528 u32 val; 529 530 mutex_lock(&vcpu->kvm->lock); 531 vgic_access_active_prepare(vcpu, intid); 532 533 val = __vgic_mmio_read_active(vcpu, addr, len); 534 535 vgic_access_active_finish(vcpu, intid); 536 mutex_unlock(&vcpu->kvm->lock); 537 538 return val; 539 } 540 541 unsigned long vgic_uaccess_read_active(struct kvm_vcpu *vcpu, 542 gpa_t addr, unsigned int len) 543 { 544 return __vgic_mmio_read_active(vcpu, addr, len); 545 } 546 547 /* Must be called with irq->irq_lock held */ 548 static void vgic_hw_irq_change_active(struct kvm_vcpu *vcpu, struct vgic_irq *irq, 549 bool active, bool is_uaccess) 550 { 551 if (is_uaccess) 552 return; 553 554 irq->active = active; 555 vgic_irq_set_phys_active(irq, active); 556 } 557 558 static void vgic_mmio_change_active(struct kvm_vcpu *vcpu, struct vgic_irq *irq, 559 bool active) 560 { 561 unsigned long flags; 562 struct kvm_vcpu *requester_vcpu = kvm_get_running_vcpu(); 563 564 raw_spin_lock_irqsave(&irq->irq_lock, flags); 565 566 if (irq->hw && !vgic_irq_is_sgi(irq->intid)) { 567 vgic_hw_irq_change_active(vcpu, irq, active, !requester_vcpu); 568 } else if (irq->hw && vgic_irq_is_sgi(irq->intid)) { 569 /* 570 * GICv4.1 VSGI feature doesn't track an active state, 571 * so let's not kid ourselves, there is nothing we can 572 * do here. 573 */ 574 irq->active = false; 575 } else { 576 u32 model = vcpu->kvm->arch.vgic.vgic_model; 577 u8 active_source; 578 579 irq->active = active; 580 581 /* 582 * The GICv2 architecture indicates that the source CPUID for 583 * an SGI should be provided during an EOI which implies that 584 * the active state is stored somewhere, but at the same time 585 * this state is not architecturally exposed anywhere and we 586 * have no way of knowing the right source. 587 * 588 * This may lead to a VCPU not being able to receive 589 * additional instances of a particular SGI after migration 590 * for a GICv2 VM on some GIC implementations. Oh well. 591 */ 592 active_source = (requester_vcpu) ? requester_vcpu->vcpu_id : 0; 593 594 if (model == KVM_DEV_TYPE_ARM_VGIC_V2 && 595 active && vgic_irq_is_sgi(irq->intid)) 596 irq->active_source = active_source; 597 } 598 599 if (irq->active) 600 vgic_queue_irq_unlock(vcpu->kvm, irq, flags); 601 else 602 raw_spin_unlock_irqrestore(&irq->irq_lock, flags); 603 } 604 605 static void __vgic_mmio_write_cactive(struct kvm_vcpu *vcpu, 606 gpa_t addr, unsigned int len, 607 unsigned long val) 608 { 609 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 610 int i; 611 612 for_each_set_bit(i, &val, len * 8) { 613 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 614 vgic_mmio_change_active(vcpu, irq, false); 615 vgic_put_irq(vcpu->kvm, irq); 616 } 617 } 618 619 void vgic_mmio_write_cactive(struct kvm_vcpu *vcpu, 620 gpa_t addr, unsigned int len, 621 unsigned long val) 622 { 623 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 624 625 mutex_lock(&vcpu->kvm->lock); 626 vgic_access_active_prepare(vcpu, intid); 627 628 __vgic_mmio_write_cactive(vcpu, addr, len, val); 629 630 vgic_access_active_finish(vcpu, intid); 631 mutex_unlock(&vcpu->kvm->lock); 632 } 633 634 int vgic_mmio_uaccess_write_cactive(struct kvm_vcpu *vcpu, 635 gpa_t addr, unsigned int len, 636 unsigned long val) 637 { 638 __vgic_mmio_write_cactive(vcpu, addr, len, val); 639 return 0; 640 } 641 642 static void __vgic_mmio_write_sactive(struct kvm_vcpu *vcpu, 643 gpa_t addr, unsigned int len, 644 unsigned long val) 645 { 646 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 647 int i; 648 649 for_each_set_bit(i, &val, len * 8) { 650 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 651 vgic_mmio_change_active(vcpu, irq, true); 652 vgic_put_irq(vcpu->kvm, irq); 653 } 654 } 655 656 void vgic_mmio_write_sactive(struct kvm_vcpu *vcpu, 657 gpa_t addr, unsigned int len, 658 unsigned long val) 659 { 660 u32 intid = VGIC_ADDR_TO_INTID(addr, 1); 661 662 mutex_lock(&vcpu->kvm->lock); 663 vgic_access_active_prepare(vcpu, intid); 664 665 __vgic_mmio_write_sactive(vcpu, addr, len, val); 666 667 vgic_access_active_finish(vcpu, intid); 668 mutex_unlock(&vcpu->kvm->lock); 669 } 670 671 int vgic_mmio_uaccess_write_sactive(struct kvm_vcpu *vcpu, 672 gpa_t addr, unsigned int len, 673 unsigned long val) 674 { 675 __vgic_mmio_write_sactive(vcpu, addr, len, val); 676 return 0; 677 } 678 679 unsigned long vgic_mmio_read_priority(struct kvm_vcpu *vcpu, 680 gpa_t addr, unsigned int len) 681 { 682 u32 intid = VGIC_ADDR_TO_INTID(addr, 8); 683 int i; 684 u64 val = 0; 685 686 for (i = 0; i < len; i++) { 687 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 688 689 val |= (u64)irq->priority << (i * 8); 690 691 vgic_put_irq(vcpu->kvm, irq); 692 } 693 694 return val; 695 } 696 697 /* 698 * We currently don't handle changing the priority of an interrupt that 699 * is already pending on a VCPU. If there is a need for this, we would 700 * need to make this VCPU exit and re-evaluate the priorities, potentially 701 * leading to this interrupt getting presented now to the guest (if it has 702 * been masked by the priority mask before). 703 */ 704 void vgic_mmio_write_priority(struct kvm_vcpu *vcpu, 705 gpa_t addr, unsigned int len, 706 unsigned long val) 707 { 708 u32 intid = VGIC_ADDR_TO_INTID(addr, 8); 709 int i; 710 unsigned long flags; 711 712 for (i = 0; i < len; i++) { 713 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 714 715 raw_spin_lock_irqsave(&irq->irq_lock, flags); 716 /* Narrow the priority range to what we actually support */ 717 irq->priority = (val >> (i * 8)) & GENMASK(7, 8 - VGIC_PRI_BITS); 718 if (irq->hw && vgic_irq_is_sgi(irq->intid)) 719 vgic_update_vsgi(irq); 720 raw_spin_unlock_irqrestore(&irq->irq_lock, flags); 721 722 vgic_put_irq(vcpu->kvm, irq); 723 } 724 } 725 726 unsigned long vgic_mmio_read_config(struct kvm_vcpu *vcpu, 727 gpa_t addr, unsigned int len) 728 { 729 u32 intid = VGIC_ADDR_TO_INTID(addr, 2); 730 u32 value = 0; 731 int i; 732 733 for (i = 0; i < len * 4; i++) { 734 struct vgic_irq *irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 735 736 if (irq->config == VGIC_CONFIG_EDGE) 737 value |= (2U << (i * 2)); 738 739 vgic_put_irq(vcpu->kvm, irq); 740 } 741 742 return value; 743 } 744 745 void vgic_mmio_write_config(struct kvm_vcpu *vcpu, 746 gpa_t addr, unsigned int len, 747 unsigned long val) 748 { 749 u32 intid = VGIC_ADDR_TO_INTID(addr, 2); 750 int i; 751 unsigned long flags; 752 753 for (i = 0; i < len * 4; i++) { 754 struct vgic_irq *irq; 755 756 /* 757 * The configuration cannot be changed for SGIs in general, 758 * for PPIs this is IMPLEMENTATION DEFINED. The arch timer 759 * code relies on PPIs being level triggered, so we also 760 * make them read-only here. 761 */ 762 if (intid + i < VGIC_NR_PRIVATE_IRQS) 763 continue; 764 765 irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 766 raw_spin_lock_irqsave(&irq->irq_lock, flags); 767 768 if (test_bit(i * 2 + 1, &val)) 769 irq->config = VGIC_CONFIG_EDGE; 770 else 771 irq->config = VGIC_CONFIG_LEVEL; 772 773 raw_spin_unlock_irqrestore(&irq->irq_lock, flags); 774 vgic_put_irq(vcpu->kvm, irq); 775 } 776 } 777 778 u32 vgic_read_irq_line_level_info(struct kvm_vcpu *vcpu, u32 intid) 779 { 780 int i; 781 u32 val = 0; 782 int nr_irqs = vcpu->kvm->arch.vgic.nr_spis + VGIC_NR_PRIVATE_IRQS; 783 784 for (i = 0; i < 32; i++) { 785 struct vgic_irq *irq; 786 787 if ((intid + i) < VGIC_NR_SGIS || (intid + i) >= nr_irqs) 788 continue; 789 790 irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 791 if (irq->config == VGIC_CONFIG_LEVEL && irq->line_level) 792 val |= (1U << i); 793 794 vgic_put_irq(vcpu->kvm, irq); 795 } 796 797 return val; 798 } 799 800 void vgic_write_irq_line_level_info(struct kvm_vcpu *vcpu, u32 intid, 801 const u32 val) 802 { 803 int i; 804 int nr_irqs = vcpu->kvm->arch.vgic.nr_spis + VGIC_NR_PRIVATE_IRQS; 805 unsigned long flags; 806 807 for (i = 0; i < 32; i++) { 808 struct vgic_irq *irq; 809 bool new_level; 810 811 if ((intid + i) < VGIC_NR_SGIS || (intid + i) >= nr_irqs) 812 continue; 813 814 irq = vgic_get_irq(vcpu->kvm, vcpu, intid + i); 815 816 /* 817 * Line level is set irrespective of irq type 818 * (level or edge) to avoid dependency that VM should 819 * restore irq config before line level. 820 */ 821 new_level = !!(val & (1U << i)); 822 raw_spin_lock_irqsave(&irq->irq_lock, flags); 823 irq->line_level = new_level; 824 if (new_level) 825 vgic_queue_irq_unlock(vcpu->kvm, irq, flags); 826 else 827 raw_spin_unlock_irqrestore(&irq->irq_lock, flags); 828 829 vgic_put_irq(vcpu->kvm, irq); 830 } 831 } 832 833 static int match_region(const void *key, const void *elt) 834 { 835 const unsigned int offset = (unsigned long)key; 836 const struct vgic_register_region *region = elt; 837 838 if (offset < region->reg_offset) 839 return -1; 840 841 if (offset >= region->reg_offset + region->len) 842 return 1; 843 844 return 0; 845 } 846 847 const struct vgic_register_region * 848 vgic_find_mmio_region(const struct vgic_register_region *regions, 849 int nr_regions, unsigned int offset) 850 { 851 return bsearch((void *)(uintptr_t)offset, regions, nr_regions, 852 sizeof(regions[0]), match_region); 853 } 854 855 void vgic_set_vmcr(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcr) 856 { 857 if (kvm_vgic_global_state.type == VGIC_V2) 858 vgic_v2_set_vmcr(vcpu, vmcr); 859 else 860 vgic_v3_set_vmcr(vcpu, vmcr); 861 } 862 863 void vgic_get_vmcr(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcr) 864 { 865 if (kvm_vgic_global_state.type == VGIC_V2) 866 vgic_v2_get_vmcr(vcpu, vmcr); 867 else 868 vgic_v3_get_vmcr(vcpu, vmcr); 869 } 870 871 /* 872 * kvm_mmio_read_buf() returns a value in a format where it can be converted 873 * to a byte array and be directly observed as the guest wanted it to appear 874 * in memory if it had done the store itself, which is LE for the GIC, as the 875 * guest knows the GIC is always LE. 876 * 877 * We convert this value to the CPUs native format to deal with it as a data 878 * value. 879 */ 880 unsigned long vgic_data_mmio_bus_to_host(const void *val, unsigned int len) 881 { 882 unsigned long data = kvm_mmio_read_buf(val, len); 883 884 switch (len) { 885 case 1: 886 return data; 887 case 2: 888 return le16_to_cpu(data); 889 case 4: 890 return le32_to_cpu(data); 891 default: 892 return le64_to_cpu(data); 893 } 894 } 895 896 /* 897 * kvm_mmio_write_buf() expects a value in a format such that if converted to 898 * a byte array it is observed as the guest would see it if it could perform 899 * the load directly. Since the GIC is LE, and the guest knows this, the 900 * guest expects a value in little endian format. 901 * 902 * We convert the data value from the CPUs native format to LE so that the 903 * value is returned in the proper format. 904 */ 905 void vgic_data_host_to_mmio_bus(void *buf, unsigned int len, 906 unsigned long data) 907 { 908 switch (len) { 909 case 1: 910 break; 911 case 2: 912 data = cpu_to_le16(data); 913 break; 914 case 4: 915 data = cpu_to_le32(data); 916 break; 917 default: 918 data = cpu_to_le64(data); 919 } 920 921 kvm_mmio_write_buf(buf, len, data); 922 } 923 924 static 925 struct vgic_io_device *kvm_to_vgic_iodev(const struct kvm_io_device *dev) 926 { 927 return container_of(dev, struct vgic_io_device, dev); 928 } 929 930 static bool check_region(const struct kvm *kvm, 931 const struct vgic_register_region *region, 932 gpa_t addr, int len) 933 { 934 int flags, nr_irqs = kvm->arch.vgic.nr_spis + VGIC_NR_PRIVATE_IRQS; 935 936 switch (len) { 937 case sizeof(u8): 938 flags = VGIC_ACCESS_8bit; 939 break; 940 case sizeof(u32): 941 flags = VGIC_ACCESS_32bit; 942 break; 943 case sizeof(u64): 944 flags = VGIC_ACCESS_64bit; 945 break; 946 default: 947 return false; 948 } 949 950 if ((region->access_flags & flags) && IS_ALIGNED(addr, len)) { 951 if (!region->bits_per_irq) 952 return true; 953 954 /* Do we access a non-allocated IRQ? */ 955 return VGIC_ADDR_TO_INTID(addr, region->bits_per_irq) < nr_irqs; 956 } 957 958 return false; 959 } 960 961 const struct vgic_register_region * 962 vgic_get_mmio_region(struct kvm_vcpu *vcpu, struct vgic_io_device *iodev, 963 gpa_t addr, int len) 964 { 965 const struct vgic_register_region *region; 966 967 region = vgic_find_mmio_region(iodev->regions, iodev->nr_regions, 968 addr - iodev->base_addr); 969 if (!region || !check_region(vcpu->kvm, region, addr, len)) 970 return NULL; 971 972 return region; 973 } 974 975 static int vgic_uaccess_read(struct kvm_vcpu *vcpu, struct vgic_io_device *iodev, 976 gpa_t addr, u32 *val) 977 { 978 const struct vgic_register_region *region; 979 struct kvm_vcpu *r_vcpu; 980 981 region = vgic_get_mmio_region(vcpu, iodev, addr, sizeof(u32)); 982 if (!region) { 983 *val = 0; 984 return 0; 985 } 986 987 r_vcpu = iodev->redist_vcpu ? iodev->redist_vcpu : vcpu; 988 if (region->uaccess_read) 989 *val = region->uaccess_read(r_vcpu, addr, sizeof(u32)); 990 else 991 *val = region->read(r_vcpu, addr, sizeof(u32)); 992 993 return 0; 994 } 995 996 static int vgic_uaccess_write(struct kvm_vcpu *vcpu, struct vgic_io_device *iodev, 997 gpa_t addr, const u32 *val) 998 { 999 const struct vgic_register_region *region; 1000 struct kvm_vcpu *r_vcpu; 1001 1002 region = vgic_get_mmio_region(vcpu, iodev, addr, sizeof(u32)); 1003 if (!region) 1004 return 0; 1005 1006 r_vcpu = iodev->redist_vcpu ? iodev->redist_vcpu : vcpu; 1007 if (region->uaccess_write) 1008 return region->uaccess_write(r_vcpu, addr, sizeof(u32), *val); 1009 1010 region->write(r_vcpu, addr, sizeof(u32), *val); 1011 return 0; 1012 } 1013 1014 /* 1015 * Userland access to VGIC registers. 1016 */ 1017 int vgic_uaccess(struct kvm_vcpu *vcpu, struct vgic_io_device *dev, 1018 bool is_write, int offset, u32 *val) 1019 { 1020 if (is_write) 1021 return vgic_uaccess_write(vcpu, dev, offset, val); 1022 else 1023 return vgic_uaccess_read(vcpu, dev, offset, val); 1024 } 1025 1026 static int dispatch_mmio_read(struct kvm_vcpu *vcpu, struct kvm_io_device *dev, 1027 gpa_t addr, int len, void *val) 1028 { 1029 struct vgic_io_device *iodev = kvm_to_vgic_iodev(dev); 1030 const struct vgic_register_region *region; 1031 unsigned long data = 0; 1032 1033 region = vgic_get_mmio_region(vcpu, iodev, addr, len); 1034 if (!region) { 1035 memset(val, 0, len); 1036 return 0; 1037 } 1038 1039 switch (iodev->iodev_type) { 1040 case IODEV_CPUIF: 1041 data = region->read(vcpu, addr, len); 1042 break; 1043 case IODEV_DIST: 1044 data = region->read(vcpu, addr, len); 1045 break; 1046 case IODEV_REDIST: 1047 data = region->read(iodev->redist_vcpu, addr, len); 1048 break; 1049 case IODEV_ITS: 1050 data = region->its_read(vcpu->kvm, iodev->its, addr, len); 1051 break; 1052 } 1053 1054 vgic_data_host_to_mmio_bus(val, len, data); 1055 return 0; 1056 } 1057 1058 static int dispatch_mmio_write(struct kvm_vcpu *vcpu, struct kvm_io_device *dev, 1059 gpa_t addr, int len, const void *val) 1060 { 1061 struct vgic_io_device *iodev = kvm_to_vgic_iodev(dev); 1062 const struct vgic_register_region *region; 1063 unsigned long data = vgic_data_mmio_bus_to_host(val, len); 1064 1065 region = vgic_get_mmio_region(vcpu, iodev, addr, len); 1066 if (!region) 1067 return 0; 1068 1069 switch (iodev->iodev_type) { 1070 case IODEV_CPUIF: 1071 region->write(vcpu, addr, len, data); 1072 break; 1073 case IODEV_DIST: 1074 region->write(vcpu, addr, len, data); 1075 break; 1076 case IODEV_REDIST: 1077 region->write(iodev->redist_vcpu, addr, len, data); 1078 break; 1079 case IODEV_ITS: 1080 region->its_write(vcpu->kvm, iodev->its, addr, len, data); 1081 break; 1082 } 1083 1084 return 0; 1085 } 1086 1087 const struct kvm_io_device_ops kvm_io_gic_ops = { 1088 .read = dispatch_mmio_read, 1089 .write = dispatch_mmio_write, 1090 }; 1091 1092 int vgic_register_dist_iodev(struct kvm *kvm, gpa_t dist_base_address, 1093 enum vgic_type type) 1094 { 1095 struct vgic_io_device *io_device = &kvm->arch.vgic.dist_iodev; 1096 int ret = 0; 1097 unsigned int len; 1098 1099 switch (type) { 1100 case VGIC_V2: 1101 len = vgic_v2_init_dist_iodev(io_device); 1102 break; 1103 case VGIC_V3: 1104 len = vgic_v3_init_dist_iodev(io_device); 1105 break; 1106 default: 1107 BUG_ON(1); 1108 } 1109 1110 io_device->base_addr = dist_base_address; 1111 io_device->iodev_type = IODEV_DIST; 1112 io_device->redist_vcpu = NULL; 1113 1114 mutex_lock(&kvm->slots_lock); 1115 ret = kvm_io_bus_register_dev(kvm, KVM_MMIO_BUS, dist_base_address, 1116 len, &io_device->dev); 1117 mutex_unlock(&kvm->slots_lock); 1118 1119 return ret; 1120 } 1121