1 /* 2 * QEMU PowerPC XIVE interrupt controller model 3 * 4 * Copyright (c) 2017-2018, IBM Corporation. 5 * 6 * SPDX-License-Identifier: GPL-2.0-or-later 7 */ 8 9 #include "qemu/osdep.h" 10 #include "qemu/log.h" 11 #include "qemu/module.h" 12 #include "qapi/error.h" 13 #include "target/ppc/cpu.h" 14 #include "system/cpus.h" 15 #include "system/dma.h" 16 #include "system/reset.h" 17 #include "hw/qdev-properties.h" 18 #include "migration/vmstate.h" 19 #include "hw/irq.h" 20 #include "hw/ppc/xive.h" 21 #include "hw/ppc/xive2.h" 22 #include "hw/ppc/xive_regs.h" 23 #include "trace.h" 24 25 /* 26 * XIVE Thread Interrupt Management context 27 */ 28 bool xive_nsr_indicates_exception(uint8_t ring, uint8_t nsr) 29 { 30 switch (ring) { 31 case TM_QW1_OS: 32 return !!(nsr & TM_QW1_NSR_EO); 33 case TM_QW2_HV_POOL: 34 case TM_QW3_HV_PHYS: 35 return !!(nsr & TM_QW3_NSR_HE); 36 default: 37 g_assert_not_reached(); 38 } 39 } 40 41 bool xive_nsr_indicates_group_exception(uint8_t ring, uint8_t nsr) 42 { 43 if ((nsr & TM_NSR_GRP_LVL) > 0) { 44 g_assert(xive_nsr_indicates_exception(ring, nsr)); 45 return true; 46 } 47 return false; 48 } 49 50 uint8_t xive_nsr_exception_ring(uint8_t ring, uint8_t nsr) 51 { 52 /* NSR determines if pool/phys ring is for phys or pool interrupt */ 53 if ((ring == TM_QW3_HV_PHYS) || (ring == TM_QW2_HV_POOL)) { 54 uint8_t he = (nsr & TM_QW3_NSR_HE) >> 6; 55 56 if (he == TM_QW3_NSR_HE_PHYS) { 57 return TM_QW3_HV_PHYS; 58 } else if (he == TM_QW3_NSR_HE_POOL) { 59 return TM_QW2_HV_POOL; 60 } else { 61 /* Don't support LSI mode */ 62 g_assert_not_reached(); 63 } 64 } 65 return ring; 66 } 67 68 static qemu_irq xive_tctx_output(XiveTCTX *tctx, uint8_t ring) 69 { 70 switch (ring) { 71 case TM_QW0_USER: 72 return 0; /* Not supported */ 73 case TM_QW1_OS: 74 return tctx->os_output; 75 case TM_QW2_HV_POOL: 76 case TM_QW3_HV_PHYS: 77 return tctx->hv_output; 78 default: 79 return 0; 80 } 81 } 82 83 /* 84 * interrupt is accepted on the presentation ring, for PHYS ring the NSR 85 * directs it to the PHYS or POOL rings. 86 */ 87 uint64_t xive_tctx_accept(XiveTCTX *tctx, uint8_t sig_ring) 88 { 89 uint8_t *sig_regs = &tctx->regs[sig_ring]; 90 uint8_t nsr = sig_regs[TM_NSR]; 91 92 g_assert(sig_ring == TM_QW1_OS || sig_ring == TM_QW3_HV_PHYS); 93 94 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_NSR] == 0); 95 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_PIPR] == 0); 96 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_CPPR] == 0); 97 98 if (xive_nsr_indicates_exception(sig_ring, nsr)) { 99 uint8_t cppr = sig_regs[TM_PIPR]; 100 uint8_t ring; 101 uint8_t *regs; 102 103 ring = xive_nsr_exception_ring(sig_ring, nsr); 104 regs = &tctx->regs[ring]; 105 106 sig_regs[TM_CPPR] = cppr; 107 108 /* 109 * If the interrupt was for a specific VP, reset the pending 110 * buffer bit, otherwise clear the logical server indicator 111 */ 112 if (!xive_nsr_indicates_group_exception(sig_ring, nsr)) { 113 regs[TM_IPB] &= ~xive_priority_to_ipb(cppr); 114 } 115 116 /* Clear the exception from NSR */ 117 sig_regs[TM_NSR] = 0; 118 qemu_irq_lower(xive_tctx_output(tctx, sig_ring)); 119 120 trace_xive_tctx_accept(tctx->cs->cpu_index, ring, 121 regs[TM_IPB], sig_regs[TM_PIPR], 122 sig_regs[TM_CPPR], sig_regs[TM_NSR]); 123 } 124 125 return ((uint64_t)nsr << 8) | sig_regs[TM_CPPR]; 126 } 127 128 /* Change PIPR and calculate NSR and irq based on PIPR, CPPR, group */ 129 void xive_tctx_pipr_set(XiveTCTX *tctx, uint8_t ring, uint8_t pipr, 130 uint8_t group_level) 131 { 132 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 133 uint8_t *regs = &tctx->regs[ring]; 134 135 g_assert(!xive_nsr_indicates_group_exception(ring, sig_regs[TM_NSR])); 136 137 sig_regs[TM_PIPR] = pipr; 138 139 if (pipr < sig_regs[TM_CPPR]) { 140 switch (ring) { 141 case TM_QW1_OS: 142 sig_regs[TM_NSR] = TM_QW1_NSR_EO | (group_level & 0x3F); 143 break; 144 case TM_QW2_HV_POOL: 145 sig_regs[TM_NSR] = (TM_QW3_NSR_HE_POOL << 6) | (group_level & 0x3F); 146 break; 147 case TM_QW3_HV_PHYS: 148 sig_regs[TM_NSR] = (TM_QW3_NSR_HE_PHYS << 6) | (group_level & 0x3F); 149 break; 150 default: 151 g_assert_not_reached(); 152 } 153 trace_xive_tctx_notify(tctx->cs->cpu_index, ring, 154 regs[TM_IPB], pipr, 155 sig_regs[TM_CPPR], sig_regs[TM_NSR]); 156 qemu_irq_raise(xive_tctx_output(tctx, ring)); 157 } else { 158 sig_regs[TM_NSR] = 0; 159 qemu_irq_lower(xive_tctx_output(tctx, ring)); 160 } 161 } 162 163 void xive_tctx_reset_signal(XiveTCTX *tctx, uint8_t ring) 164 { 165 /* 166 * Lower the External interrupt. Used when pulling a context. It is 167 * necessary to avoid catching it in the higher privilege context. It 168 * should be raised again when re-pushing the lower privilege context. 169 */ 170 qemu_irq_lower(xive_tctx_output(tctx, ring)); 171 } 172 173 static void xive_tctx_set_cppr(XiveTCTX *tctx, uint8_t ring, uint8_t cppr) 174 { 175 uint8_t *sig_regs = &tctx->regs[ring]; 176 uint8_t pipr_min; 177 uint8_t ring_min; 178 179 g_assert(ring == TM_QW1_OS || ring == TM_QW3_HV_PHYS); 180 181 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_NSR] == 0); 182 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_PIPR] == 0); 183 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_CPPR] == 0); 184 185 /* XXX: should show pool IPB for PHYS ring */ 186 trace_xive_tctx_set_cppr(tctx->cs->cpu_index, ring, 187 sig_regs[TM_IPB], sig_regs[TM_PIPR], 188 cppr, sig_regs[TM_NSR]); 189 190 if (cppr > XIVE_PRIORITY_MAX) { 191 cppr = 0xff; 192 } 193 194 sig_regs[TM_CPPR] = cppr; 195 196 /* 197 * Recompute the PIPR based on local pending interrupts. The PHYS 198 * ring must take the minimum of both the PHYS and POOL PIPR values. 199 */ 200 pipr_min = xive_ipb_to_pipr(sig_regs[TM_IPB]); 201 ring_min = ring; 202 203 /* PHYS updates also depend on POOL values */ 204 if (ring == TM_QW3_HV_PHYS) { 205 uint8_t *pool_regs = &tctx->regs[TM_QW2_HV_POOL]; 206 207 /* POOL values only matter if POOL ctx is valid */ 208 if (pool_regs[TM_WORD2] & 0x80) { 209 uint8_t pool_pipr = xive_ipb_to_pipr(pool_regs[TM_IPB]); 210 211 /* 212 * Determine highest priority interrupt and 213 * remember which ring has it. 214 */ 215 if (pool_pipr < pipr_min) { 216 pipr_min = pool_pipr; 217 ring_min = TM_QW2_HV_POOL; 218 } 219 } 220 } 221 222 /* CPPR has changed, this may present or preclude a pending exception */ 223 xive_tctx_pipr_set(tctx, ring_min, pipr_min, 0); 224 } 225 226 static void xive_tctx_pipr_recompute_from_ipb(XiveTCTX *tctx, uint8_t ring) 227 { 228 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 229 uint8_t *regs = &tctx->regs[ring]; 230 231 /* Does not support a presented group interrupt */ 232 g_assert(!xive_nsr_indicates_group_exception(ring, sig_regs[TM_NSR])); 233 234 xive_tctx_pipr_set(tctx, ring, xive_ipb_to_pipr(regs[TM_IPB]), 0); 235 } 236 237 void xive_tctx_pipr_present(XiveTCTX *tctx, uint8_t ring, uint8_t priority, 238 uint8_t group_level) 239 { 240 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 241 uint8_t *regs = &tctx->regs[ring]; 242 uint8_t pipr = xive_priority_to_pipr(priority); 243 244 if (group_level == 0) { 245 regs[TM_IPB] |= xive_priority_to_ipb(priority); 246 if (pipr >= sig_regs[TM_PIPR]) { 247 /* VP interrupts can come here with lower priority than PIPR */ 248 return; 249 } 250 } 251 g_assert(pipr <= xive_ipb_to_pipr(regs[TM_IPB])); 252 g_assert(pipr < sig_regs[TM_PIPR]); 253 xive_tctx_pipr_set(tctx, ring, pipr, group_level); 254 } 255 256 /* 257 * XIVE Thread Interrupt Management Area (TIMA) 258 */ 259 260 static void xive_tm_set_hv_cppr(XivePresenter *xptr, XiveTCTX *tctx, 261 hwaddr offset, uint64_t value, unsigned size) 262 { 263 xive_tctx_set_cppr(tctx, TM_QW3_HV_PHYS, value & 0xff); 264 } 265 266 static uint64_t xive_tm_ack_hv_reg(XivePresenter *xptr, XiveTCTX *tctx, 267 hwaddr offset, unsigned size) 268 { 269 return xive_tctx_accept(tctx, TM_QW3_HV_PHYS); 270 } 271 272 static void xive_pool_cam_decode(uint32_t cam, uint8_t *nvt_blk, 273 uint32_t *nvt_idx, bool *vp) 274 { 275 if (nvt_blk) { 276 *nvt_blk = xive_nvt_blk(cam); 277 } 278 if (nvt_idx) { 279 *nvt_idx = xive_nvt_idx(cam); 280 } 281 if (vp) { 282 *vp = !!(cam & TM_QW2W2_VP); 283 } 284 } 285 286 static uint32_t xive_tctx_get_pool_cam(XiveTCTX *tctx, uint8_t *nvt_blk, 287 uint32_t *nvt_idx, bool *vp) 288 { 289 uint32_t qw2w2 = xive_tctx_word2(&tctx->regs[TM_QW2_HV_POOL]); 290 uint32_t cam = be32_to_cpu(qw2w2); 291 292 xive_pool_cam_decode(cam, nvt_blk, nvt_idx, vp); 293 return qw2w2; 294 } 295 296 static void xive_tctx_set_pool_cam(XiveTCTX *tctx, uint32_t qw2w2) 297 { 298 memcpy(&tctx->regs[TM_QW2_HV_POOL + TM_WORD2], &qw2w2, 4); 299 } 300 301 static uint64_t xive_tm_pull_pool_ctx(XivePresenter *xptr, XiveTCTX *tctx, 302 hwaddr offset, unsigned size) 303 { 304 uint32_t qw2w2; 305 uint32_t qw2w2_new; 306 uint8_t nvt_blk; 307 uint32_t nvt_idx; 308 bool vp; 309 310 qw2w2 = xive_tctx_get_pool_cam(tctx, &nvt_blk, &nvt_idx, &vp); 311 312 if (!vp) { 313 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: pull invalid POOL NVT %x/%x !?\n", 314 nvt_blk, nvt_idx); 315 } 316 317 /* Invalidate CAM line */ 318 qw2w2_new = xive_set_field32(TM_QW2W2_VP, qw2w2, 0); 319 xive_tctx_set_pool_cam(tctx, qw2w2_new); 320 321 xive_tctx_reset_signal(tctx, TM_QW1_OS); 322 xive_tctx_reset_signal(tctx, TM_QW2_HV_POOL); 323 return qw2w2; 324 } 325 326 static uint64_t xive_tm_pull_phys_ctx(XivePresenter *xptr, XiveTCTX *tctx, 327 hwaddr offset, unsigned size) 328 { 329 uint8_t qw3b8 = tctx->regs[TM_QW3_HV_PHYS + TM_WORD2]; 330 uint8_t qw3b8_new; 331 332 qw3b8 = tctx->regs[TM_QW3_HV_PHYS + TM_WORD2]; 333 if (!(qw3b8 & TM_QW3B8_VT)) { 334 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: pulling invalid PHYS thread!?\n"); 335 } 336 qw3b8_new = qw3b8 & ~TM_QW3B8_VT; 337 tctx->regs[TM_QW3_HV_PHYS + TM_WORD2] = qw3b8_new; 338 339 xive_tctx_reset_signal(tctx, TM_QW1_OS); 340 xive_tctx_reset_signal(tctx, TM_QW3_HV_PHYS); 341 return qw3b8; 342 } 343 344 static void xive_tm_vt_push(XivePresenter *xptr, XiveTCTX *tctx, hwaddr offset, 345 uint64_t value, unsigned size) 346 { 347 tctx->regs[TM_QW3_HV_PHYS + TM_WORD2] = value & 0xff; 348 } 349 350 static uint64_t xive_tm_vt_poll(XivePresenter *xptr, XiveTCTX *tctx, 351 hwaddr offset, unsigned size) 352 { 353 return tctx->regs[TM_QW3_HV_PHYS + TM_WORD2] & 0xff; 354 } 355 356 /* 357 * Define an access map for each page of the TIMA that we will use in 358 * the memory region ops to filter values when doing loads and stores 359 * of raw registers values 360 * 361 * Registers accessibility bits : 362 * 363 * 0x0 - no access 364 * 0x1 - write only 365 * 0x2 - read only 366 * 0x3 - read/write 367 */ 368 369 static const uint8_t xive_tm_hw_view[] = { 370 3, 0, 0, 0, 0, 0, 0, 0, 3, 3, 3, 3, 0, 0, 0, 0, /* QW-0 User */ 371 3, 3, 3, 3, 3, 3, 0, 2, 3, 3, 3, 3, 0, 0, 0, 3, /* QW-1 OS */ 372 0, 0, 3, 3, 0, 3, 3, 0, 3, 3, 3, 3, 0, 0, 0, 0, /* QW-2 POOL */ 373 3, 3, 3, 3, 0, 3, 0, 2, 3, 0, 0, 3, 3, 3, 3, 0, /* QW-3 PHYS */ 374 }; 375 376 static const uint8_t xive_tm_hv_view[] = { 377 3, 0, 0, 0, 0, 0, 0, 0, 3, 3, 3, 3, 0, 0, 0, 0, /* QW-0 User */ 378 3, 3, 3, 3, 3, 3, 0, 2, 3, 3, 3, 3, 0, 0, 0, 3, /* QW-1 OS */ 379 0, 0, 3, 3, 0, 3, 3, 0, 0, 3, 3, 3, 0, 0, 0, 0, /* QW-2 POOL */ 380 3, 3, 3, 3, 0, 3, 0, 2, 3, 0, 0, 3, 0, 0, 0, 0, /* QW-3 PHYS */ 381 }; 382 383 static const uint8_t xive_tm_os_view[] = { 384 3, 0, 0, 0, 0, 0, 0, 0, 3, 3, 3, 3, 0, 0, 0, 0, /* QW-0 User */ 385 2, 3, 2, 2, 2, 2, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-1 OS */ 386 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-2 POOL */ 387 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-3 PHYS */ 388 }; 389 390 static const uint8_t xive_tm_user_view[] = { 391 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-0 User */ 392 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-1 OS */ 393 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-2 POOL */ 394 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-3 PHYS */ 395 }; 396 397 /* 398 * Overall TIMA access map for the thread interrupt management context 399 * registers 400 */ 401 static const uint8_t *xive_tm_views[] = { 402 [XIVE_TM_HW_PAGE] = xive_tm_hw_view, 403 [XIVE_TM_HV_PAGE] = xive_tm_hv_view, 404 [XIVE_TM_OS_PAGE] = xive_tm_os_view, 405 [XIVE_TM_USER_PAGE] = xive_tm_user_view, 406 }; 407 408 /* 409 * Computes a register access mask for a given offset in the TIMA 410 */ 411 static uint64_t xive_tm_mask(hwaddr offset, unsigned size, bool write) 412 { 413 uint8_t page_offset = (offset >> TM_SHIFT) & 0x3; 414 uint8_t reg_offset = offset & TM_REG_OFFSET; 415 uint8_t reg_mask = write ? 0x1 : 0x2; 416 uint64_t mask = 0x0; 417 int i; 418 419 for (i = 0; i < size; i++) { 420 if (xive_tm_views[page_offset][reg_offset + i] & reg_mask) { 421 mask |= (uint64_t) 0xff << (8 * (size - i - 1)); 422 } 423 } 424 425 return mask; 426 } 427 428 static void xive_tm_raw_write(XiveTCTX *tctx, hwaddr offset, uint64_t value, 429 unsigned size) 430 { 431 uint8_t ring_offset = offset & TM_RING_OFFSET; 432 uint8_t reg_offset = offset & TM_REG_OFFSET; 433 uint64_t mask = xive_tm_mask(offset, size, true); 434 int i; 435 436 /* 437 * Only 4 or 8 bytes stores are allowed and the User ring is 438 * excluded 439 */ 440 if (size < 4 || !mask || ring_offset == TM_QW0_USER) { 441 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid write access at TIMA @%" 442 HWADDR_PRIx" size %d\n", offset, size); 443 return; 444 } 445 446 /* 447 * Use the register offset for the raw values and filter out 448 * reserved values 449 */ 450 for (i = 0; i < size; i++) { 451 uint8_t byte_mask = (mask >> (8 * (size - i - 1))); 452 if (byte_mask) { 453 tctx->regs[reg_offset + i] = (value >> (8 * (size - i - 1))) & 454 byte_mask; 455 } 456 } 457 } 458 459 static uint64_t xive_tm_raw_read(XiveTCTX *tctx, hwaddr offset, unsigned size) 460 { 461 uint8_t ring_offset = offset & TM_RING_OFFSET; 462 uint8_t reg_offset = offset & TM_REG_OFFSET; 463 uint64_t mask = xive_tm_mask(offset, size, false); 464 uint64_t ret; 465 int i; 466 467 /* 468 * Only 4 or 8 bytes loads are allowed and the User ring is 469 * excluded 470 */ 471 if (size < 4 || !mask || ring_offset == TM_QW0_USER) { 472 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid read access at TIMA @%" 473 HWADDR_PRIx" size %d\n", offset, size); 474 return -1; 475 } 476 477 /* Use the register offset for the raw values */ 478 ret = 0; 479 for (i = 0; i < size; i++) { 480 ret |= (uint64_t) tctx->regs[reg_offset + i] << (8 * (size - i - 1)); 481 } 482 483 /* filter out reserved values */ 484 return ret & mask; 485 } 486 487 /* 488 * The TM context is mapped twice within each page. Stores and loads 489 * to the first mapping below 2K write and read the specified values 490 * without modification. The second mapping above 2K performs specific 491 * state changes (side effects) in addition to setting/returning the 492 * interrupt management area context of the processor thread. 493 */ 494 static uint64_t xive_tm_ack_os_reg(XivePresenter *xptr, XiveTCTX *tctx, 495 hwaddr offset, unsigned size) 496 { 497 return xive_tctx_accept(tctx, TM_QW1_OS); 498 } 499 500 static void xive_tm_set_os_cppr(XivePresenter *xptr, XiveTCTX *tctx, 501 hwaddr offset, uint64_t value, unsigned size) 502 { 503 xive_tctx_set_cppr(tctx, TM_QW1_OS, value & 0xff); 504 } 505 506 static void xive_tctx_set_lgs(XiveTCTX *tctx, uint8_t ring, uint8_t lgs) 507 { 508 uint8_t *regs = &tctx->regs[ring]; 509 510 regs[TM_LGS] = lgs; 511 } 512 513 static void xive_tm_set_os_lgs(XivePresenter *xptr, XiveTCTX *tctx, 514 hwaddr offset, uint64_t value, unsigned size) 515 { 516 xive_tctx_set_lgs(tctx, TM_QW1_OS, value & 0xff); 517 } 518 519 /* 520 * Adjust the PIPR to allow a CPU to process event queues of other 521 * priorities during one physical interrupt cycle. 522 */ 523 static void xive_tm_set_os_pending(XivePresenter *xptr, XiveTCTX *tctx, 524 hwaddr offset, uint64_t value, unsigned size) 525 { 526 uint8_t ring = TM_QW1_OS; 527 uint8_t *regs = &tctx->regs[ring]; 528 529 /* XXX: how should this work exactly? */ 530 regs[TM_IPB] |= xive_priority_to_ipb(value & 0xff); 531 xive_tctx_pipr_recompute_from_ipb(tctx, ring); 532 } 533 534 static void xive_os_cam_decode(uint32_t cam, uint8_t *nvt_blk, 535 uint32_t *nvt_idx, bool *vo) 536 { 537 if (nvt_blk) { 538 *nvt_blk = xive_nvt_blk(cam); 539 } 540 if (nvt_idx) { 541 *nvt_idx = xive_nvt_idx(cam); 542 } 543 if (vo) { 544 *vo = !!(cam & TM_QW1W2_VO); 545 } 546 } 547 548 static uint32_t xive_tctx_get_os_cam(XiveTCTX *tctx, uint8_t *nvt_blk, 549 uint32_t *nvt_idx, bool *vo) 550 { 551 uint32_t qw1w2 = xive_tctx_word2(&tctx->regs[TM_QW1_OS]); 552 uint32_t cam = be32_to_cpu(qw1w2); 553 554 xive_os_cam_decode(cam, nvt_blk, nvt_idx, vo); 555 return qw1w2; 556 } 557 558 static void xive_tctx_set_os_cam(XiveTCTX *tctx, uint32_t qw1w2) 559 { 560 memcpy(&tctx->regs[TM_QW1_OS + TM_WORD2], &qw1w2, 4); 561 } 562 563 static uint64_t xive_tm_pull_os_ctx(XivePresenter *xptr, XiveTCTX *tctx, 564 hwaddr offset, unsigned size) 565 { 566 uint32_t qw1w2; 567 uint32_t qw1w2_new; 568 uint8_t nvt_blk; 569 uint32_t nvt_idx; 570 bool vo; 571 572 qw1w2 = xive_tctx_get_os_cam(tctx, &nvt_blk, &nvt_idx, &vo); 573 574 if (!vo) { 575 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: pull invalid OS NVT %x/%x !?\n", 576 nvt_blk, nvt_idx); 577 } 578 579 /* Invalidate CAM line */ 580 qw1w2_new = xive_set_field32(TM_QW1W2_VO, qw1w2, 0); 581 xive_tctx_set_os_cam(tctx, qw1w2_new); 582 583 xive_tctx_reset_signal(tctx, TM_QW1_OS); 584 return qw1w2; 585 } 586 587 static void xive_tctx_need_resend(XiveRouter *xrtr, XiveTCTX *tctx, 588 uint8_t nvt_blk, uint32_t nvt_idx) 589 { 590 XiveNVT nvt; 591 uint8_t ipb; 592 593 /* 594 * Grab the associated NVT to pull the pending bits, and merge 595 * them with the IPB of the thread interrupt context registers 596 */ 597 if (xive_router_get_nvt(xrtr, nvt_blk, nvt_idx, &nvt)) { 598 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid NVT %x/%x\n", 599 nvt_blk, nvt_idx); 600 return; 601 } 602 603 ipb = xive_get_field32(NVT_W4_IPB, nvt.w4); 604 605 if (ipb) { 606 /* Reset the NVT value */ 607 nvt.w4 = xive_set_field32(NVT_W4_IPB, nvt.w4, 0); 608 xive_router_write_nvt(xrtr, nvt_blk, nvt_idx, &nvt, 4); 609 610 uint8_t *regs = &tctx->regs[TM_QW1_OS]; 611 regs[TM_IPB] |= ipb; 612 } 613 614 /* 615 * Always call xive_tctx_recompute_from_ipb(). Even if there were no 616 * escalation triggered, there could be a pending interrupt which 617 * was saved when the context was pulled and that we need to take 618 * into account by recalculating the PIPR (which is not 619 * saved/restored). 620 * It will also raise the External interrupt signal if needed. 621 */ 622 xive_tctx_pipr_recompute_from_ipb(tctx, TM_QW1_OS); /* fxb */ 623 } 624 625 /* 626 * Updating the OS CAM line can trigger a resend of interrupt 627 */ 628 static void xive_tm_push_os_ctx(XivePresenter *xptr, XiveTCTX *tctx, 629 hwaddr offset, uint64_t value, unsigned size) 630 { 631 uint32_t cam = value; 632 uint32_t qw1w2 = cpu_to_be32(cam); 633 uint8_t nvt_blk; 634 uint32_t nvt_idx; 635 bool vo; 636 637 xive_os_cam_decode(cam, &nvt_blk, &nvt_idx, &vo); 638 639 /* First update the registers */ 640 xive_tctx_set_os_cam(tctx, qw1w2); 641 642 /* Check the interrupt pending bits */ 643 if (vo) { 644 xive_tctx_need_resend(XIVE_ROUTER(xptr), tctx, nvt_blk, nvt_idx); 645 } 646 } 647 648 static uint32_t xive_presenter_get_config(XivePresenter *xptr) 649 { 650 XivePresenterClass *xpc = XIVE_PRESENTER_GET_CLASS(xptr); 651 652 return xpc->get_config(xptr); 653 } 654 655 /* 656 * Define a mapping of "special" operations depending on the TIMA page 657 * offset and the size of the operation. 658 */ 659 typedef struct XiveTmOp { 660 uint8_t page_offset; 661 uint32_t op_offset; 662 unsigned size; 663 void (*write_handler)(XivePresenter *xptr, XiveTCTX *tctx, 664 hwaddr offset, 665 uint64_t value, unsigned size); 666 uint64_t (*read_handler)(XivePresenter *xptr, XiveTCTX *tctx, hwaddr offset, 667 unsigned size); 668 } XiveTmOp; 669 670 static const XiveTmOp xive_tm_operations[] = { 671 /* 672 * MMIOs below 2K : raw values and special operations without side 673 * effects 674 */ 675 { XIVE_TM_OS_PAGE, TM_QW1_OS + TM_CPPR, 1, xive_tm_set_os_cppr, 676 NULL }, 677 { XIVE_TM_HV_PAGE, TM_QW1_OS + TM_WORD2, 4, xive_tm_push_os_ctx, 678 NULL }, 679 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_CPPR, 1, xive_tm_set_hv_cppr, 680 NULL }, 681 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_WORD2, 1, xive_tm_vt_push, 682 NULL }, 683 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_WORD2, 1, NULL, 684 xive_tm_vt_poll }, 685 686 /* MMIOs above 2K : special operations with side effects */ 687 { XIVE_TM_OS_PAGE, TM_SPC_ACK_OS_REG, 2, NULL, 688 xive_tm_ack_os_reg }, 689 { XIVE_TM_OS_PAGE, TM_SPC_SET_OS_PENDING, 1, xive_tm_set_os_pending, 690 NULL }, 691 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX, 4, NULL, 692 xive_tm_pull_os_ctx }, 693 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX, 8, NULL, 694 xive_tm_pull_os_ctx }, 695 { XIVE_TM_HV_PAGE, TM_SPC_ACK_HV_REG, 2, NULL, 696 xive_tm_ack_hv_reg }, 697 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX, 4, NULL, 698 xive_tm_pull_pool_ctx }, 699 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX, 8, NULL, 700 xive_tm_pull_pool_ctx }, 701 { XIVE_TM_HV_PAGE, TM_SPC_PULL_PHYS_CTX, 1, NULL, 702 xive_tm_pull_phys_ctx }, 703 }; 704 705 static const XiveTmOp xive2_tm_operations[] = { 706 /* 707 * MMIOs below 2K : raw values and special operations without side 708 * effects 709 */ 710 { XIVE_TM_OS_PAGE, TM_QW1_OS + TM_CPPR, 1, xive2_tm_set_os_cppr, 711 NULL }, 712 { XIVE_TM_HV_PAGE, TM_QW1_OS + TM_WORD2, 4, xive2_tm_push_os_ctx, 713 NULL }, 714 { XIVE_TM_HV_PAGE, TM_QW1_OS + TM_WORD2, 8, xive2_tm_push_os_ctx, 715 NULL }, 716 { XIVE_TM_OS_PAGE, TM_QW1_OS + TM_LGS, 1, xive_tm_set_os_lgs, 717 NULL }, 718 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_CPPR, 1, xive2_tm_set_hv_cppr, 719 NULL }, 720 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_WORD2, 1, xive_tm_vt_push, 721 NULL }, 722 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_WORD2, 1, NULL, 723 xive_tm_vt_poll }, 724 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_T, 1, xive2_tm_set_hv_target, 725 NULL }, 726 727 /* MMIOs above 2K : special operations with side effects */ 728 { XIVE_TM_OS_PAGE, TM_SPC_ACK_OS_REG, 2, NULL, 729 xive_tm_ack_os_reg }, 730 { XIVE_TM_OS_PAGE, TM_SPC_SET_OS_PENDING, 1, xive_tm_set_os_pending, 731 NULL }, 732 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX_G2, 4, NULL, 733 xive2_tm_pull_os_ctx }, 734 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX, 4, NULL, 735 xive2_tm_pull_os_ctx }, 736 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX, 8, NULL, 737 xive2_tm_pull_os_ctx }, 738 { XIVE_TM_HV_PAGE, TM_SPC_ACK_HV_REG, 2, NULL, 739 xive_tm_ack_hv_reg }, 740 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX_G2, 4, NULL, 741 xive2_tm_pull_pool_ctx }, 742 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX, 4, NULL, 743 xive2_tm_pull_pool_ctx }, 744 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX, 8, NULL, 745 xive2_tm_pull_pool_ctx }, 746 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX_OL, 1, xive2_tm_pull_os_ctx_ol, 747 NULL }, 748 { XIVE_TM_HV_PAGE, TM_SPC_PULL_PHYS_CTX_G2, 4, NULL, 749 xive2_tm_pull_phys_ctx }, 750 { XIVE_TM_HV_PAGE, TM_SPC_PULL_PHYS_CTX, 1, NULL, 751 xive2_tm_pull_phys_ctx }, 752 { XIVE_TM_HV_PAGE, TM_SPC_PULL_PHYS_CTX_OL, 1, xive2_tm_pull_phys_ctx_ol, 753 NULL }, 754 { XIVE_TM_OS_PAGE, TM_SPC_ACK_OS_EL, 1, xive2_tm_ack_os_el, 755 NULL }, 756 }; 757 758 static const XiveTmOp *xive_tm_find_op(XivePresenter *xptr, hwaddr offset, 759 unsigned size, bool write) 760 { 761 uint8_t page_offset = (offset >> TM_SHIFT) & 0x3; 762 uint32_t op_offset = offset & TM_ADDRESS_MASK; 763 const XiveTmOp *tm_ops; 764 int i, tm_ops_count; 765 uint32_t cfg; 766 767 cfg = xive_presenter_get_config(xptr); 768 if (cfg & XIVE_PRESENTER_GEN1_TIMA_OS) { 769 tm_ops = xive_tm_operations; 770 tm_ops_count = ARRAY_SIZE(xive_tm_operations); 771 } else { 772 tm_ops = xive2_tm_operations; 773 tm_ops_count = ARRAY_SIZE(xive2_tm_operations); 774 } 775 776 for (i = 0; i < tm_ops_count; i++) { 777 const XiveTmOp *xto = &tm_ops[i]; 778 779 /* Accesses done from a more privileged TIMA page is allowed */ 780 if (xto->page_offset >= page_offset && 781 xto->op_offset == op_offset && 782 xto->size == size && 783 ((write && xto->write_handler) || (!write && xto->read_handler))) { 784 return xto; 785 } 786 } 787 return NULL; 788 } 789 790 /* 791 * TIMA MMIO handlers 792 */ 793 void xive_tctx_tm_write(XivePresenter *xptr, XiveTCTX *tctx, hwaddr offset, 794 uint64_t value, unsigned size) 795 { 796 const XiveTmOp *xto; 797 798 trace_xive_tctx_tm_write(tctx->cs->cpu_index, offset, size, value); 799 800 /* 801 * TODO: check V bit in Q[0-3]W2 802 */ 803 804 /* 805 * First, check for special operations in the 2K region 806 */ 807 if (offset & TM_SPECIAL_OP) { 808 xto = xive_tm_find_op(tctx->xptr, offset, size, true); 809 if (!xto) { 810 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid write access at TIMA " 811 "@%"HWADDR_PRIx" size %d\n", offset, size); 812 } else { 813 xto->write_handler(xptr, tctx, offset, value, size); 814 } 815 return; 816 } 817 818 /* 819 * Then, for special operations in the region below 2K. 820 */ 821 xto = xive_tm_find_op(tctx->xptr, offset, size, true); 822 if (xto) { 823 xto->write_handler(xptr, tctx, offset, value, size); 824 return; 825 } 826 827 /* 828 * Finish with raw access to the register values 829 */ 830 xive_tm_raw_write(tctx, offset, value, size); 831 } 832 833 uint64_t xive_tctx_tm_read(XivePresenter *xptr, XiveTCTX *tctx, hwaddr offset, 834 unsigned size) 835 { 836 const XiveTmOp *xto; 837 uint64_t ret; 838 839 /* 840 * TODO: check V bit in Q[0-3]W2 841 */ 842 843 /* 844 * First, check for special operations in the 2K region 845 */ 846 if (offset & TM_SPECIAL_OP) { 847 xto = xive_tm_find_op(tctx->xptr, offset, size, false); 848 if (!xto) { 849 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid read access to TIMA" 850 "@%"HWADDR_PRIx" size %d\n", offset, size); 851 return -1; 852 } 853 ret = xto->read_handler(xptr, tctx, offset, size); 854 goto out; 855 } 856 857 /* 858 * Then, for special operations in the region below 2K. 859 */ 860 xto = xive_tm_find_op(tctx->xptr, offset, size, false); 861 if (xto) { 862 ret = xto->read_handler(xptr, tctx, offset, size); 863 goto out; 864 } 865 866 /* 867 * Finish with raw access to the register values 868 */ 869 ret = xive_tm_raw_read(tctx, offset, size); 870 out: 871 trace_xive_tctx_tm_read(tctx->cs->cpu_index, offset, size, ret); 872 return ret; 873 } 874 875 static char *xive_tctx_ring_print(uint8_t *ring) 876 { 877 uint32_t w2 = xive_tctx_word2(ring); 878 879 return g_strdup_printf("%02x %02x %02x %02x %02x " 880 "%02x %02x %02x %08x", 881 ring[TM_NSR], ring[TM_CPPR], ring[TM_IPB], ring[TM_LSMFB], 882 ring[TM_ACK_CNT], ring[TM_INC], ring[TM_AGE], ring[TM_PIPR], 883 be32_to_cpu(w2)); 884 } 885 886 static const char * const xive_tctx_ring_names[] = { 887 "USER", "OS", "POOL", "PHYS", 888 }; 889 890 /* 891 * kvm_irqchip_in_kernel() will cause the compiler to turn this 892 * info a nop if CONFIG_KVM isn't defined. 893 */ 894 #define xive_in_kernel(xptr) \ 895 (kvm_irqchip_in_kernel() && \ 896 ({ \ 897 XivePresenterClass *xpc = XIVE_PRESENTER_GET_CLASS(xptr); \ 898 xpc->in_kernel ? xpc->in_kernel(xptr) : false; \ 899 })) 900 901 void xive_tctx_pic_print_info(XiveTCTX *tctx, GString *buf) 902 { 903 int cpu_index; 904 int i; 905 906 /* Skip partially initialized vCPUs. This can happen on sPAPR when vCPUs 907 * are hot plugged or unplugged. 908 */ 909 if (!tctx) { 910 return; 911 } 912 913 cpu_index = tctx->cs ? tctx->cs->cpu_index : -1; 914 915 if (xive_in_kernel(tctx->xptr)) { 916 Error *local_err = NULL; 917 918 kvmppc_xive_cpu_synchronize_state(tctx, &local_err); 919 if (local_err) { 920 error_report_err(local_err); 921 return; 922 } 923 } 924 925 if (xive_presenter_get_config(tctx->xptr) & XIVE_PRESENTER_GEN1_TIMA_OS) { 926 g_string_append_printf(buf, "CPU[%04x]: " 927 "QW NSR CPPR IPB LSMFB ACK# INC AGE PIPR" 928 " W2\n", cpu_index); 929 } else { 930 g_string_append_printf(buf, "CPU[%04x]: " 931 "QW NSR CPPR IPB LSMFB - LGS T PIPR" 932 " W2\n", cpu_index); 933 } 934 935 for (i = 0; i < XIVE_TM_RING_COUNT; i++) { 936 char *s = xive_tctx_ring_print(&tctx->regs[i * XIVE_TM_RING_SIZE]); 937 g_string_append_printf(buf, "CPU[%04x]: %4s %s\n", 938 cpu_index, xive_tctx_ring_names[i], s); 939 g_free(s); 940 } 941 } 942 943 void xive_tctx_reset(XiveTCTX *tctx) 944 { 945 memset(tctx->regs, 0, sizeof(tctx->regs)); 946 947 /* Set some defaults */ 948 tctx->regs[TM_QW1_OS + TM_LSMFB] = 0xFF; 949 tctx->regs[TM_QW1_OS + TM_ACK_CNT] = 0xFF; 950 tctx->regs[TM_QW1_OS + TM_AGE] = 0xFF; 951 if (!(xive_presenter_get_config(tctx->xptr) & 952 XIVE_PRESENTER_GEN1_TIMA_OS)) { 953 tctx->regs[TM_QW1_OS + TM_OGEN] = 2; 954 } 955 956 /* 957 * Initialize PIPR to 0xFF to avoid phantom interrupts when the 958 * CPPR is first set. 959 */ 960 tctx->regs[TM_QW1_OS + TM_PIPR] = 961 xive_ipb_to_pipr(tctx->regs[TM_QW1_OS + TM_IPB]); 962 tctx->regs[TM_QW3_HV_PHYS + TM_PIPR] = 963 xive_ipb_to_pipr(tctx->regs[TM_QW3_HV_PHYS + TM_IPB]); 964 } 965 966 static void xive_tctx_realize(DeviceState *dev, Error **errp) 967 { 968 XiveTCTX *tctx = XIVE_TCTX(dev); 969 PowerPCCPU *cpu; 970 CPUPPCState *env; 971 972 assert(tctx->cs); 973 assert(tctx->xptr); 974 975 cpu = POWERPC_CPU(tctx->cs); 976 env = &cpu->env; 977 switch (PPC_INPUT(env)) { 978 case PPC_FLAGS_INPUT_POWER9: 979 tctx->hv_output = qdev_get_gpio_in(DEVICE(cpu), POWER9_INPUT_HINT); 980 tctx->os_output = qdev_get_gpio_in(DEVICE(cpu), POWER9_INPUT_INT); 981 break; 982 983 default: 984 error_setg(errp, "XIVE interrupt controller does not support " 985 "this CPU bus model"); 986 return; 987 } 988 989 /* Connect the presenter to the VCPU (required for CPU hotplug) */ 990 if (xive_in_kernel(tctx->xptr)) { 991 if (kvmppc_xive_cpu_connect(tctx, errp) < 0) { 992 return; 993 } 994 } 995 } 996 997 static int vmstate_xive_tctx_pre_save(void *opaque) 998 { 999 XiveTCTX *tctx = XIVE_TCTX(opaque); 1000 Error *local_err = NULL; 1001 int ret; 1002 1003 if (xive_in_kernel(tctx->xptr)) { 1004 ret = kvmppc_xive_cpu_get_state(tctx, &local_err); 1005 if (ret < 0) { 1006 error_report_err(local_err); 1007 return ret; 1008 } 1009 } 1010 1011 return 0; 1012 } 1013 1014 static int vmstate_xive_tctx_post_load(void *opaque, int version_id) 1015 { 1016 XiveTCTX *tctx = XIVE_TCTX(opaque); 1017 Error *local_err = NULL; 1018 int ret; 1019 1020 if (xive_in_kernel(tctx->xptr)) { 1021 /* 1022 * Required for hotplugged CPU, for which the state comes 1023 * after all states of the machine. 1024 */ 1025 ret = kvmppc_xive_cpu_set_state(tctx, &local_err); 1026 if (ret < 0) { 1027 error_report_err(local_err); 1028 return ret; 1029 } 1030 } 1031 1032 return 0; 1033 } 1034 1035 static const VMStateDescription vmstate_xive_tctx = { 1036 .name = TYPE_XIVE_TCTX, 1037 .version_id = 1, 1038 .minimum_version_id = 1, 1039 .pre_save = vmstate_xive_tctx_pre_save, 1040 .post_load = vmstate_xive_tctx_post_load, 1041 .fields = (const VMStateField[]) { 1042 VMSTATE_BUFFER(regs, XiveTCTX), 1043 VMSTATE_END_OF_LIST() 1044 }, 1045 }; 1046 1047 static const Property xive_tctx_properties[] = { 1048 DEFINE_PROP_LINK("cpu", XiveTCTX, cs, TYPE_CPU, CPUState *), 1049 DEFINE_PROP_LINK("presenter", XiveTCTX, xptr, TYPE_XIVE_PRESENTER, 1050 XivePresenter *), 1051 }; 1052 1053 static void xive_tctx_class_init(ObjectClass *klass, const void *data) 1054 { 1055 DeviceClass *dc = DEVICE_CLASS(klass); 1056 1057 dc->desc = "XIVE Interrupt Thread Context"; 1058 dc->realize = xive_tctx_realize; 1059 dc->vmsd = &vmstate_xive_tctx; 1060 device_class_set_props(dc, xive_tctx_properties); 1061 /* 1062 * Reason: part of XIVE interrupt controller, needs to be wired up 1063 * by xive_tctx_create(). 1064 */ 1065 dc->user_creatable = false; 1066 } 1067 1068 static const TypeInfo xive_tctx_info = { 1069 .name = TYPE_XIVE_TCTX, 1070 .parent = TYPE_DEVICE, 1071 .instance_size = sizeof(XiveTCTX), 1072 .class_init = xive_tctx_class_init, 1073 }; 1074 1075 Object *xive_tctx_create(Object *cpu, XivePresenter *xptr, Error **errp) 1076 { 1077 Object *obj; 1078 1079 obj = object_new(TYPE_XIVE_TCTX); 1080 object_property_add_child(cpu, TYPE_XIVE_TCTX, obj); 1081 object_unref(obj); 1082 object_property_set_link(obj, "cpu", cpu, &error_abort); 1083 object_property_set_link(obj, "presenter", OBJECT(xptr), &error_abort); 1084 if (!qdev_realize(DEVICE(obj), NULL, errp)) { 1085 object_unparent(obj); 1086 return NULL; 1087 } 1088 return obj; 1089 } 1090 1091 void xive_tctx_destroy(XiveTCTX *tctx) 1092 { 1093 Object *obj = OBJECT(tctx); 1094 1095 object_unparent(obj); 1096 } 1097 1098 /* 1099 * XIVE ESB helpers 1100 */ 1101 1102 uint8_t xive_esb_set(uint8_t *pq, uint8_t value) 1103 { 1104 uint8_t old_pq = *pq & 0x3; 1105 1106 *pq &= ~0x3; 1107 *pq |= value & 0x3; 1108 1109 return old_pq; 1110 } 1111 1112 bool xive_esb_trigger(uint8_t *pq) 1113 { 1114 uint8_t old_pq = *pq & 0x3; 1115 1116 switch (old_pq) { 1117 case XIVE_ESB_RESET: 1118 xive_esb_set(pq, XIVE_ESB_PENDING); 1119 return true; 1120 case XIVE_ESB_PENDING: 1121 case XIVE_ESB_QUEUED: 1122 xive_esb_set(pq, XIVE_ESB_QUEUED); 1123 return false; 1124 case XIVE_ESB_OFF: 1125 xive_esb_set(pq, XIVE_ESB_OFF); 1126 return false; 1127 default: 1128 g_assert_not_reached(); 1129 } 1130 } 1131 1132 bool xive_esb_eoi(uint8_t *pq) 1133 { 1134 uint8_t old_pq = *pq & 0x3; 1135 1136 switch (old_pq) { 1137 case XIVE_ESB_RESET: 1138 case XIVE_ESB_PENDING: 1139 xive_esb_set(pq, XIVE_ESB_RESET); 1140 return false; 1141 case XIVE_ESB_QUEUED: 1142 xive_esb_set(pq, XIVE_ESB_PENDING); 1143 return true; 1144 case XIVE_ESB_OFF: 1145 xive_esb_set(pq, XIVE_ESB_OFF); 1146 return false; 1147 default: 1148 g_assert_not_reached(); 1149 } 1150 } 1151 1152 /* 1153 * XIVE Interrupt Source (or IVSE) 1154 */ 1155 1156 uint8_t xive_source_esb_get(XiveSource *xsrc, uint32_t srcno) 1157 { 1158 assert(srcno < xsrc->nr_irqs); 1159 1160 return xsrc->status[srcno] & 0x3; 1161 } 1162 1163 uint8_t xive_source_esb_set(XiveSource *xsrc, uint32_t srcno, uint8_t pq) 1164 { 1165 assert(srcno < xsrc->nr_irqs); 1166 1167 return xive_esb_set(&xsrc->status[srcno], pq); 1168 } 1169 1170 /* 1171 * Returns whether the event notification should be forwarded. 1172 */ 1173 static bool xive_source_lsi_trigger(XiveSource *xsrc, uint32_t srcno) 1174 { 1175 uint8_t old_pq = xive_source_esb_get(xsrc, srcno); 1176 1177 xive_source_set_asserted(xsrc, srcno, true); 1178 1179 switch (old_pq) { 1180 case XIVE_ESB_RESET: 1181 xive_source_esb_set(xsrc, srcno, XIVE_ESB_PENDING); 1182 return true; 1183 default: 1184 return false; 1185 } 1186 } 1187 1188 /* 1189 * Sources can be configured with PQ offloading in which case the check 1190 * on the PQ state bits of MSIs is disabled 1191 */ 1192 static bool xive_source_esb_disabled(XiveSource *xsrc, uint32_t srcno) 1193 { 1194 return (xsrc->esb_flags & XIVE_SRC_PQ_DISABLE) && 1195 !xive_source_irq_is_lsi(xsrc, srcno); 1196 } 1197 1198 /* 1199 * Returns whether the event notification should be forwarded. 1200 */ 1201 static bool xive_source_esb_trigger(XiveSource *xsrc, uint32_t srcno) 1202 { 1203 bool ret; 1204 1205 assert(srcno < xsrc->nr_irqs); 1206 1207 if (xive_source_esb_disabled(xsrc, srcno)) { 1208 return true; 1209 } 1210 1211 ret = xive_esb_trigger(&xsrc->status[srcno]); 1212 1213 if (xive_source_irq_is_lsi(xsrc, srcno) && 1214 xive_source_esb_get(xsrc, srcno) == XIVE_ESB_QUEUED) { 1215 qemu_log_mask(LOG_GUEST_ERROR, 1216 "XIVE: queued an event on LSI IRQ %d\n", srcno); 1217 } 1218 1219 return ret; 1220 } 1221 1222 /* 1223 * Returns whether the event notification should be forwarded. 1224 */ 1225 static bool xive_source_esb_eoi(XiveSource *xsrc, uint32_t srcno) 1226 { 1227 bool ret; 1228 1229 assert(srcno < xsrc->nr_irqs); 1230 1231 if (xive_source_esb_disabled(xsrc, srcno)) { 1232 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid EOI for IRQ %d\n", srcno); 1233 return false; 1234 } 1235 1236 ret = xive_esb_eoi(&xsrc->status[srcno]); 1237 1238 /* 1239 * LSI sources do not set the Q bit but they can still be 1240 * asserted, in which case we should forward a new event 1241 * notification 1242 */ 1243 if (xive_source_irq_is_lsi(xsrc, srcno) && 1244 xive_source_is_asserted(xsrc, srcno)) { 1245 ret = xive_source_lsi_trigger(xsrc, srcno); 1246 } 1247 1248 return ret; 1249 } 1250 1251 /* 1252 * Forward the source event notification to the Router 1253 */ 1254 static void xive_source_notify(XiveSource *xsrc, int srcno) 1255 { 1256 XiveNotifierClass *xnc = XIVE_NOTIFIER_GET_CLASS(xsrc->xive); 1257 bool pq_checked = !xive_source_esb_disabled(xsrc, srcno); 1258 1259 if (xnc->notify) { 1260 xnc->notify(xsrc->xive, srcno, pq_checked); 1261 } 1262 } 1263 1264 /* 1265 * In a two pages ESB MMIO setting, even page is the trigger page, odd 1266 * page is for management 1267 */ 1268 static inline bool addr_is_even(hwaddr addr, uint32_t shift) 1269 { 1270 return !((addr >> shift) & 1); 1271 } 1272 1273 static inline bool xive_source_is_trigger_page(XiveSource *xsrc, hwaddr addr) 1274 { 1275 return xive_source_esb_has_2page(xsrc) && 1276 addr_is_even(addr, xsrc->esb_shift - 1); 1277 } 1278 1279 /* 1280 * ESB MMIO loads 1281 * Trigger page Management/EOI page 1282 * 1283 * ESB MMIO setting 2 pages 1 or 2 pages 1284 * 1285 * 0x000 .. 0x3FF -1 EOI and return 0|1 1286 * 0x400 .. 0x7FF -1 EOI and return 0|1 1287 * 0x800 .. 0xBFF -1 return PQ 1288 * 0xC00 .. 0xCFF -1 return PQ and atomically PQ=00 1289 * 0xD00 .. 0xDFF -1 return PQ and atomically PQ=01 1290 * 0xE00 .. 0xDFF -1 return PQ and atomically PQ=10 1291 * 0xF00 .. 0xDFF -1 return PQ and atomically PQ=11 1292 */ 1293 static uint64_t xive_source_esb_read(void *opaque, hwaddr addr, unsigned size) 1294 { 1295 XiveSource *xsrc = XIVE_SOURCE(opaque); 1296 uint32_t offset = addr & 0xFFF; 1297 uint32_t srcno = addr >> xsrc->esb_shift; 1298 uint64_t ret = -1; 1299 1300 /* In a two pages ESB MMIO setting, trigger page should not be read */ 1301 if (xive_source_is_trigger_page(xsrc, addr)) { 1302 qemu_log_mask(LOG_GUEST_ERROR, 1303 "XIVE: invalid load on IRQ %d trigger page at " 1304 "0x%"HWADDR_PRIx"\n", srcno, addr); 1305 return -1; 1306 } 1307 1308 switch (offset) { 1309 case XIVE_ESB_LOAD_EOI ... XIVE_ESB_LOAD_EOI + 0x7FF: 1310 ret = xive_source_esb_eoi(xsrc, srcno); 1311 1312 /* Forward the source event notification for routing */ 1313 if (ret) { 1314 trace_xive_source_notify(srcno); 1315 xive_source_notify(xsrc, srcno); 1316 } 1317 break; 1318 1319 case XIVE_ESB_GET ... XIVE_ESB_GET + 0x3FF: 1320 ret = xive_source_esb_get(xsrc, srcno); 1321 break; 1322 1323 case XIVE_ESB_SET_PQ_00 ... XIVE_ESB_SET_PQ_00 + 0x0FF: 1324 case XIVE_ESB_SET_PQ_01 ... XIVE_ESB_SET_PQ_01 + 0x0FF: 1325 case XIVE_ESB_SET_PQ_10 ... XIVE_ESB_SET_PQ_10 + 0x0FF: 1326 case XIVE_ESB_SET_PQ_11 ... XIVE_ESB_SET_PQ_11 + 0x0FF: 1327 ret = xive_source_esb_set(xsrc, srcno, (offset >> 8) & 0x3); 1328 break; 1329 default: 1330 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid ESB load addr %x\n", 1331 offset); 1332 } 1333 1334 trace_xive_source_esb_read(addr, srcno, ret); 1335 1336 return ret; 1337 } 1338 1339 /* 1340 * ESB MMIO stores 1341 * Trigger page Management/EOI page 1342 * 1343 * ESB MMIO setting 2 pages 1 or 2 pages 1344 * 1345 * 0x000 .. 0x3FF Trigger Trigger 1346 * 0x400 .. 0x7FF Trigger EOI 1347 * 0x800 .. 0xBFF Trigger undefined 1348 * 0xC00 .. 0xCFF Trigger PQ=00 1349 * 0xD00 .. 0xDFF Trigger PQ=01 1350 * 0xE00 .. 0xDFF Trigger PQ=10 1351 * 0xF00 .. 0xDFF Trigger PQ=11 1352 */ 1353 static void xive_source_esb_write(void *opaque, hwaddr addr, 1354 uint64_t value, unsigned size) 1355 { 1356 XiveSource *xsrc = XIVE_SOURCE(opaque); 1357 uint32_t offset = addr & 0xFFF; 1358 uint32_t srcno = addr >> xsrc->esb_shift; 1359 bool notify = false; 1360 1361 trace_xive_source_esb_write(addr, srcno, value); 1362 1363 /* In a two pages ESB MMIO setting, trigger page only triggers */ 1364 if (xive_source_is_trigger_page(xsrc, addr)) { 1365 notify = xive_source_esb_trigger(xsrc, srcno); 1366 goto out; 1367 } 1368 1369 switch (offset) { 1370 case 0 ... 0x3FF: 1371 notify = xive_source_esb_trigger(xsrc, srcno); 1372 break; 1373 1374 case XIVE_ESB_STORE_EOI ... XIVE_ESB_STORE_EOI + 0x3FF: 1375 if (!(xsrc->esb_flags & XIVE_SRC_STORE_EOI)) { 1376 qemu_log_mask(LOG_GUEST_ERROR, 1377 "XIVE: invalid Store EOI for IRQ %d\n", srcno); 1378 return; 1379 } 1380 1381 notify = xive_source_esb_eoi(xsrc, srcno); 1382 break; 1383 1384 /* 1385 * This is an internal offset used to inject triggers when the PQ 1386 * state bits are not controlled locally. Such as for LSIs when 1387 * under ABT mode. 1388 */ 1389 case XIVE_ESB_INJECT ... XIVE_ESB_INJECT + 0x3FF: 1390 notify = true; 1391 break; 1392 1393 case XIVE_ESB_SET_PQ_00 ... XIVE_ESB_SET_PQ_00 + 0x0FF: 1394 case XIVE_ESB_SET_PQ_01 ... XIVE_ESB_SET_PQ_01 + 0x0FF: 1395 case XIVE_ESB_SET_PQ_10 ... XIVE_ESB_SET_PQ_10 + 0x0FF: 1396 case XIVE_ESB_SET_PQ_11 ... XIVE_ESB_SET_PQ_11 + 0x0FF: 1397 xive_source_esb_set(xsrc, srcno, (offset >> 8) & 0x3); 1398 break; 1399 1400 default: 1401 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid ESB write addr %x\n", 1402 offset); 1403 return; 1404 } 1405 1406 out: 1407 /* Forward the source event notification for routing */ 1408 if (notify) { 1409 xive_source_notify(xsrc, srcno); 1410 } else { 1411 trace_xive_source_blocked(srcno); 1412 } 1413 } 1414 1415 static const MemoryRegionOps xive_source_esb_ops = { 1416 .read = xive_source_esb_read, 1417 .write = xive_source_esb_write, 1418 .endianness = DEVICE_BIG_ENDIAN, 1419 .valid = { 1420 .min_access_size = 1, 1421 .max_access_size = 8, 1422 }, 1423 .impl = { 1424 .min_access_size = 1, 1425 .max_access_size = 8, 1426 }, 1427 }; 1428 1429 void xive_source_set_irq(void *opaque, int srcno, int val) 1430 { 1431 XiveSource *xsrc = XIVE_SOURCE(opaque); 1432 bool notify = false; 1433 1434 if (xive_source_irq_is_lsi(xsrc, srcno)) { 1435 if (val) { 1436 notify = xive_source_lsi_trigger(xsrc, srcno); 1437 } else { 1438 xive_source_set_asserted(xsrc, srcno, false); 1439 } 1440 } else { 1441 if (val) { 1442 notify = xive_source_esb_trigger(xsrc, srcno); 1443 } 1444 } 1445 1446 /* Forward the source event notification for routing */ 1447 if (notify) { 1448 xive_source_notify(xsrc, srcno); 1449 } 1450 } 1451 1452 void xive_source_pic_print_info(XiveSource *xsrc, uint32_t offset, GString *buf) 1453 { 1454 for (unsigned i = 0; i < xsrc->nr_irqs; i++) { 1455 uint8_t pq = xive_source_esb_get(xsrc, i); 1456 1457 if (pq == XIVE_ESB_OFF) { 1458 continue; 1459 } 1460 1461 g_string_append_printf(buf, " %08x %s %c%c%c\n", i + offset, 1462 xive_source_irq_is_lsi(xsrc, i) ? "LSI" : "MSI", 1463 pq & XIVE_ESB_VAL_P ? 'P' : '-', 1464 pq & XIVE_ESB_VAL_Q ? 'Q' : '-', 1465 xive_source_is_asserted(xsrc, i) ? 'A' : ' '); 1466 } 1467 } 1468 1469 static void xive_source_reset(void *dev) 1470 { 1471 XiveSource *xsrc = XIVE_SOURCE(dev); 1472 1473 /* Do not clear the LSI bitmap */ 1474 1475 memset(xsrc->status, xsrc->reset_pq, xsrc->nr_irqs); 1476 } 1477 1478 static void xive_source_realize(DeviceState *dev, Error **errp) 1479 { 1480 XiveSource *xsrc = XIVE_SOURCE(dev); 1481 uint64_t esb_len = xive_source_esb_len(xsrc); 1482 1483 assert(xsrc->xive); 1484 1485 if (!xsrc->nr_irqs) { 1486 error_setg(errp, "Number of interrupt needs to be greater than 0"); 1487 return; 1488 } 1489 1490 if (xsrc->esb_shift != XIVE_ESB_4K && 1491 xsrc->esb_shift != XIVE_ESB_4K_2PAGE && 1492 xsrc->esb_shift != XIVE_ESB_64K && 1493 xsrc->esb_shift != XIVE_ESB_64K_2PAGE) { 1494 error_setg(errp, "Invalid ESB shift setting"); 1495 return; 1496 } 1497 1498 xsrc->status = g_malloc0(xsrc->nr_irqs); 1499 xsrc->lsi_map = bitmap_new(xsrc->nr_irqs); 1500 1501 memory_region_init(&xsrc->esb_mmio, OBJECT(xsrc), "xive.esb", esb_len); 1502 memory_region_init_io(&xsrc->esb_mmio_emulated, OBJECT(xsrc), 1503 &xive_source_esb_ops, xsrc, "xive.esb-emulated", 1504 esb_len); 1505 memory_region_add_subregion(&xsrc->esb_mmio, 0, &xsrc->esb_mmio_emulated); 1506 1507 qemu_register_reset(xive_source_reset, dev); 1508 } 1509 1510 static const VMStateDescription vmstate_xive_source = { 1511 .name = TYPE_XIVE_SOURCE, 1512 .version_id = 1, 1513 .minimum_version_id = 1, 1514 .fields = (const VMStateField[]) { 1515 VMSTATE_UINT32_EQUAL(nr_irqs, XiveSource, NULL), 1516 VMSTATE_VBUFFER_UINT32(status, XiveSource, 1, NULL, nr_irqs), 1517 VMSTATE_END_OF_LIST() 1518 }, 1519 }; 1520 1521 /* 1522 * The default XIVE interrupt source setting for the ESB MMIOs is two 1523 * 64k pages without Store EOI, to be in sync with KVM. 1524 */ 1525 static const Property xive_source_properties[] = { 1526 DEFINE_PROP_UINT64("flags", XiveSource, esb_flags, 0), 1527 DEFINE_PROP_UINT32("nr-irqs", XiveSource, nr_irqs, 0), 1528 DEFINE_PROP_UINT32("shift", XiveSource, esb_shift, XIVE_ESB_64K_2PAGE), 1529 /* 1530 * By default, PQs are initialized to 0b01 (Q=1) which corresponds 1531 * to "ints off" 1532 */ 1533 DEFINE_PROP_UINT8("reset-pq", XiveSource, reset_pq, XIVE_ESB_OFF), 1534 DEFINE_PROP_LINK("xive", XiveSource, xive, TYPE_XIVE_NOTIFIER, 1535 XiveNotifier *), 1536 }; 1537 1538 static void xive_source_class_init(ObjectClass *klass, const void *data) 1539 { 1540 DeviceClass *dc = DEVICE_CLASS(klass); 1541 1542 dc->desc = "XIVE Interrupt Source"; 1543 device_class_set_props(dc, xive_source_properties); 1544 dc->realize = xive_source_realize; 1545 dc->vmsd = &vmstate_xive_source; 1546 /* 1547 * Reason: part of XIVE interrupt controller, needs to be wired up, 1548 * e.g. by spapr_xive_instance_init(). 1549 */ 1550 dc->user_creatable = false; 1551 } 1552 1553 static const TypeInfo xive_source_info = { 1554 .name = TYPE_XIVE_SOURCE, 1555 .parent = TYPE_DEVICE, 1556 .instance_size = sizeof(XiveSource), 1557 .class_init = xive_source_class_init, 1558 }; 1559 1560 /* 1561 * XiveEND helpers 1562 */ 1563 1564 void xive_end_queue_pic_print_info(XiveEND *end, uint32_t width, GString *buf) 1565 { 1566 uint64_t qaddr_base = xive_end_qaddr(end); 1567 uint32_t qsize = xive_get_field32(END_W0_QSIZE, end->w0); 1568 uint32_t qindex = xive_get_field32(END_W1_PAGE_OFF, end->w1); 1569 uint32_t qentries = 1 << (qsize + 10); 1570 int i; 1571 1572 /* 1573 * print out the [ (qindex - (width - 1)) .. (qindex + 1)] window 1574 */ 1575 g_string_append_printf(buf, " [ "); 1576 qindex = (qindex - (width - 1)) & (qentries - 1); 1577 for (i = 0; i < width; i++) { 1578 uint64_t qaddr = qaddr_base + (qindex << 2); 1579 uint32_t qdata = -1; 1580 1581 if (dma_memory_read(&address_space_memory, qaddr, 1582 &qdata, sizeof(qdata), MEMTXATTRS_UNSPECIFIED)) { 1583 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: failed to read EQ @0x%" 1584 HWADDR_PRIx "\n", qaddr); 1585 return; 1586 } 1587 g_string_append_printf(buf, "%s%08x ", i == width - 1 ? "^" : "", 1588 be32_to_cpu(qdata)); 1589 qindex = (qindex + 1) & (qentries - 1); 1590 } 1591 g_string_append_c(buf, ']'); 1592 } 1593 1594 void xive_end_pic_print_info(XiveEND *end, uint32_t end_idx, GString *buf) 1595 { 1596 uint64_t qaddr_base = xive_end_qaddr(end); 1597 uint32_t qindex = xive_get_field32(END_W1_PAGE_OFF, end->w1); 1598 uint32_t qgen = xive_get_field32(END_W1_GENERATION, end->w1); 1599 uint32_t qsize = xive_get_field32(END_W0_QSIZE, end->w0); 1600 uint32_t qentries = 1 << (qsize + 10); 1601 1602 uint32_t nvt_blk = xive_get_field32(END_W6_NVT_BLOCK, end->w6); 1603 uint32_t nvt_idx = xive_get_field32(END_W6_NVT_INDEX, end->w6); 1604 uint8_t priority = xive_get_field32(END_W7_F0_PRIORITY, end->w7); 1605 uint8_t pq; 1606 1607 if (!xive_end_is_valid(end)) { 1608 return; 1609 } 1610 1611 pq = xive_get_field32(END_W1_ESn, end->w1); 1612 1613 g_string_append_printf(buf, 1614 " %08x %c%c %c%c%c%c%c%c%c%c prio:%d nvt:%02x/%04x", 1615 end_idx, 1616 pq & XIVE_ESB_VAL_P ? 'P' : '-', 1617 pq & XIVE_ESB_VAL_Q ? 'Q' : '-', 1618 xive_end_is_valid(end) ? 'v' : '-', 1619 xive_end_is_enqueue(end) ? 'q' : '-', 1620 xive_end_is_notify(end) ? 'n' : '-', 1621 xive_end_is_backlog(end) ? 'b' : '-', 1622 xive_end_is_escalate(end) ? 'e' : '-', 1623 xive_end_is_uncond_escalation(end) ? 'u' : '-', 1624 xive_end_is_silent_escalation(end) ? 's' : '-', 1625 xive_end_is_firmware(end) ? 'f' : '-', 1626 priority, nvt_blk, nvt_idx); 1627 1628 if (qaddr_base) { 1629 g_string_append_printf(buf, " eq:@%08"PRIx64"% 6d/%5d ^%d", 1630 qaddr_base, qindex, qentries, qgen); 1631 xive_end_queue_pic_print_info(end, 6, buf); 1632 } 1633 g_string_append_c(buf, '\n'); 1634 } 1635 1636 static void xive_end_enqueue(XiveEND *end, uint32_t data) 1637 { 1638 uint64_t qaddr_base = xive_end_qaddr(end); 1639 uint32_t qsize = xive_get_field32(END_W0_QSIZE, end->w0); 1640 uint32_t qindex = xive_get_field32(END_W1_PAGE_OFF, end->w1); 1641 uint32_t qgen = xive_get_field32(END_W1_GENERATION, end->w1); 1642 1643 uint64_t qaddr = qaddr_base + (qindex << 2); 1644 uint32_t qdata = cpu_to_be32((qgen << 31) | (data & 0x7fffffff)); 1645 uint32_t qentries = 1 << (qsize + 10); 1646 1647 if (dma_memory_write(&address_space_memory, qaddr, 1648 &qdata, sizeof(qdata), MEMTXATTRS_UNSPECIFIED)) { 1649 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: failed to write END data @0x%" 1650 HWADDR_PRIx "\n", qaddr); 1651 return; 1652 } 1653 1654 qindex = (qindex + 1) & (qentries - 1); 1655 if (qindex == 0) { 1656 qgen ^= 1; 1657 end->w1 = xive_set_field32(END_W1_GENERATION, end->w1, qgen); 1658 } 1659 end->w1 = xive_set_field32(END_W1_PAGE_OFF, end->w1, qindex); 1660 } 1661 1662 void xive_end_eas_pic_print_info(XiveEND *end, uint32_t end_idx, GString *buf) 1663 { 1664 XiveEAS *eas = (XiveEAS *) &end->w4; 1665 uint8_t pq; 1666 1667 if (!xive_end_is_escalate(end)) { 1668 return; 1669 } 1670 1671 pq = xive_get_field32(END_W1_ESe, end->w1); 1672 1673 g_string_append_printf(buf, " %08x %c%c %c%c end:%02x/%04x data:%08x\n", 1674 end_idx, 1675 pq & XIVE_ESB_VAL_P ? 'P' : '-', 1676 pq & XIVE_ESB_VAL_Q ? 'Q' : '-', 1677 xive_eas_is_valid(eas) ? 'V' : ' ', 1678 xive_eas_is_masked(eas) ? 'M' : ' ', 1679 (uint8_t) xive_get_field64(EAS_END_BLOCK, eas->w), 1680 (uint32_t) xive_get_field64(EAS_END_INDEX, eas->w), 1681 (uint32_t) xive_get_field64(EAS_END_DATA, eas->w)); 1682 } 1683 1684 /* 1685 * XIVE Router (aka. Virtualization Controller or IVRE) 1686 */ 1687 1688 int xive_router_get_eas(XiveRouter *xrtr, uint8_t eas_blk, uint32_t eas_idx, 1689 XiveEAS *eas) 1690 { 1691 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1692 1693 return xrc->get_eas(xrtr, eas_blk, eas_idx, eas); 1694 } 1695 1696 static 1697 int xive_router_get_pq(XiveRouter *xrtr, uint8_t eas_blk, uint32_t eas_idx, 1698 uint8_t *pq) 1699 { 1700 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1701 1702 return xrc->get_pq(xrtr, eas_blk, eas_idx, pq); 1703 } 1704 1705 static 1706 int xive_router_set_pq(XiveRouter *xrtr, uint8_t eas_blk, uint32_t eas_idx, 1707 uint8_t *pq) 1708 { 1709 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1710 1711 return xrc->set_pq(xrtr, eas_blk, eas_idx, pq); 1712 } 1713 1714 int xive_router_get_end(XiveRouter *xrtr, uint8_t end_blk, uint32_t end_idx, 1715 XiveEND *end) 1716 { 1717 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1718 1719 return xrc->get_end(xrtr, end_blk, end_idx, end); 1720 } 1721 1722 int xive_router_write_end(XiveRouter *xrtr, uint8_t end_blk, uint32_t end_idx, 1723 XiveEND *end, uint8_t word_number) 1724 { 1725 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1726 1727 return xrc->write_end(xrtr, end_blk, end_idx, end, word_number); 1728 } 1729 1730 int xive_router_get_nvt(XiveRouter *xrtr, uint8_t nvt_blk, uint32_t nvt_idx, 1731 XiveNVT *nvt) 1732 { 1733 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1734 1735 return xrc->get_nvt(xrtr, nvt_blk, nvt_idx, nvt); 1736 } 1737 1738 int xive_router_write_nvt(XiveRouter *xrtr, uint8_t nvt_blk, uint32_t nvt_idx, 1739 XiveNVT *nvt, uint8_t word_number) 1740 { 1741 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1742 1743 return xrc->write_nvt(xrtr, nvt_blk, nvt_idx, nvt, word_number); 1744 } 1745 1746 static int xive_router_get_block_id(XiveRouter *xrtr) 1747 { 1748 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1749 1750 return xrc->get_block_id(xrtr); 1751 } 1752 1753 static void xive_router_realize(DeviceState *dev, Error **errp) 1754 { 1755 XiveRouter *xrtr = XIVE_ROUTER(dev); 1756 1757 assert(xrtr->xfb); 1758 } 1759 1760 static void xive_router_end_notify_handler(XiveRouter *xrtr, XiveEAS *eas) 1761 { 1762 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1763 1764 return xrc->end_notify(xrtr, eas); 1765 } 1766 1767 /* 1768 * Encode the HW CAM line in the block group mode format : 1769 * 1770 * chip << 19 | 0000000 0 0001 thread (7Bit) 1771 */ 1772 static uint32_t xive_tctx_hw_cam_line(XivePresenter *xptr, XiveTCTX *tctx) 1773 { 1774 CPUPPCState *env = &POWERPC_CPU(tctx->cs)->env; 1775 uint32_t pir = env->spr_cb[SPR_PIR].default_value; 1776 uint8_t blk = xive_router_get_block_id(XIVE_ROUTER(xptr)); 1777 1778 return xive_nvt_cam_line(blk, 1 << 7 | (pir & 0x7f)); 1779 } 1780 1781 uint32_t xive_get_vpgroup_size(uint32_t nvp_index) 1782 { 1783 /* 1784 * Group size is a power of 2. The position of the first 0 1785 * (starting with the least significant bits) in the NVP index 1786 * gives the size of the group. 1787 */ 1788 int first_zero = cto32(nvp_index); 1789 if (first_zero >= 31) { 1790 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid group index 0x%08x", 1791 nvp_index); 1792 return 0; 1793 } 1794 1795 return 1U << (first_zero + 1); 1796 } 1797 1798 uint8_t xive_get_group_level(bool crowd, bool ignore, 1799 uint32_t nvp_blk, uint32_t nvp_index) 1800 { 1801 int first_zero; 1802 uint8_t level; 1803 1804 if (!ignore) { 1805 g_assert(!crowd); 1806 return 0; 1807 } 1808 1809 first_zero = cto32(nvp_index); 1810 if (first_zero >= 31) { 1811 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid group index 0x%08x", 1812 nvp_index); 1813 return 0; 1814 } 1815 1816 level = (first_zero + 1) & 0b1111; 1817 if (crowd) { 1818 uint32_t blk; 1819 1820 /* crowd level is bit position of first 0 from the right in nvp_blk */ 1821 first_zero = cto32(nvp_blk); 1822 if (first_zero >= 31) { 1823 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid crowd block 0x%08x", 1824 nvp_blk); 1825 return 0; 1826 } 1827 blk = first_zero + 1; 1828 1829 /* 1830 * Supported crowd sizes are 2^1, 2^2, and 2^4. 2^3 is not supported. 1831 * HW will encode level 4 as the value 3. See xive2_pgofnext(). 1832 */ 1833 switch (blk) { 1834 case 1: 1835 case 2: 1836 break; 1837 case 4: 1838 blk = 3; 1839 break; 1840 default: 1841 g_assert_not_reached(); 1842 } 1843 1844 /* Crowd level bits reside in upper 2 bits of the 6 bit group level */ 1845 level |= blk << 4; 1846 } 1847 return level; 1848 } 1849 1850 /* 1851 * The thread context register words are in big-endian format. 1852 */ 1853 int xive_presenter_tctx_match(XivePresenter *xptr, XiveTCTX *tctx, 1854 uint8_t format, 1855 uint8_t nvt_blk, uint32_t nvt_idx, 1856 bool cam_ignore, uint32_t logic_serv) 1857 { 1858 uint32_t cam = xive_nvt_cam_line(nvt_blk, nvt_idx); 1859 uint32_t qw3w2 = xive_tctx_word2(&tctx->regs[TM_QW3_HV_PHYS]); 1860 uint32_t qw2w2 = xive_tctx_word2(&tctx->regs[TM_QW2_HV_POOL]); 1861 uint32_t qw1w2 = xive_tctx_word2(&tctx->regs[TM_QW1_OS]); 1862 uint32_t qw0w2 = xive_tctx_word2(&tctx->regs[TM_QW0_USER]); 1863 1864 /* 1865 * TODO (PowerNV): ignore mode. The low order bits of the NVT 1866 * identifier are ignored in the "CAM" match. 1867 */ 1868 1869 if (format == 0) { 1870 if (cam_ignore == true) { 1871 /* 1872 * F=0 & i=1: Logical server notification (bits ignored at 1873 * the end of the NVT identifier) 1874 */ 1875 qemu_log_mask(LOG_UNIMP, "XIVE: no support for LS NVT %x/%x\n", 1876 nvt_blk, nvt_idx); 1877 return -1; 1878 } 1879 1880 /* F=0 & i=0: Specific NVT notification */ 1881 1882 /* PHYS ring */ 1883 if ((be32_to_cpu(qw3w2) & TM_QW3W2_VT) && 1884 cam == xive_tctx_hw_cam_line(xptr, tctx)) { 1885 return TM_QW3_HV_PHYS; 1886 } 1887 1888 /* HV POOL ring */ 1889 if ((be32_to_cpu(qw2w2) & TM_QW2W2_VP) && 1890 cam == xive_get_field32(TM_QW2W2_POOL_CAM, qw2w2)) { 1891 return TM_QW2_HV_POOL; 1892 } 1893 1894 /* OS ring */ 1895 if ((be32_to_cpu(qw1w2) & TM_QW1W2_VO) && 1896 cam == xive_get_field32(TM_QW1W2_OS_CAM, qw1w2)) { 1897 return TM_QW1_OS; 1898 } 1899 } else { 1900 /* F=1 : User level Event-Based Branch (EBB) notification */ 1901 1902 /* USER ring */ 1903 if ((be32_to_cpu(qw1w2) & TM_QW1W2_VO) && 1904 (cam == xive_get_field32(TM_QW1W2_OS_CAM, qw1w2)) && 1905 (be32_to_cpu(qw0w2) & TM_QW0W2_VU) && 1906 (logic_serv == xive_get_field32(TM_QW0W2_LOGIC_SERV, qw0w2))) { 1907 return TM_QW0_USER; 1908 } 1909 } 1910 return -1; 1911 } 1912 1913 /* 1914 * This is our simple Xive Presenter Engine model. It is merged in the 1915 * Router as it does not require an extra object. 1916 */ 1917 bool xive_presenter_match(XiveFabric *xfb, uint8_t format, 1918 uint8_t nvt_blk, uint32_t nvt_idx, 1919 bool crowd, bool cam_ignore, uint8_t priority, 1920 uint32_t logic_serv, XiveTCTXMatch *match) 1921 { 1922 XiveFabricClass *xfc = XIVE_FABRIC_GET_CLASS(xfb); 1923 1924 memset(match, 0, sizeof(*match)); 1925 1926 /* 1927 * Ask the machine to scan the interrupt controllers for a match. 1928 * 1929 * For VP-specific notification, we expect at most one match and 1930 * one call to the presenters is all we need (abbreviated notify 1931 * sequence documented by the architecture). 1932 * 1933 * For VP-group notification, match_nvt() is the equivalent of the 1934 * "histogram" and "poll" commands sent to the power bus to the 1935 * presenters. 'count' could be more than one, but we always 1936 * select the first match for now. 'precluded' tells if (at least) 1937 * one thread matches but can't take the interrupt now because 1938 * it's running at a more favored priority. We return the 1939 * information to the router so that it can take appropriate 1940 * actions (backlog, escalation, broadcast, etc...) 1941 * 1942 * If we were to implement a better way of dispatching the 1943 * interrupt in case of multiple matches (instead of the first 1944 * match), we would need a heuristic to elect a thread (for 1945 * example, the hardware keeps track of an 'age' in the TIMA) and 1946 * a new command to the presenters (the equivalent of the "assign" 1947 * power bus command in the documented full notify sequence. 1948 */ 1949 return xfc->match_nvt(xfb, format, nvt_blk, nvt_idx, crowd, cam_ignore, 1950 priority, logic_serv, match); 1951 } 1952 1953 /* 1954 * Notification using the END ESe/ESn bit (Event State Buffer for 1955 * escalation and notification). Provide further coalescing in the 1956 * Router. 1957 */ 1958 static bool xive_router_end_es_notify(XiveRouter *xrtr, uint8_t end_blk, 1959 uint32_t end_idx, XiveEND *end, 1960 uint32_t end_esmask) 1961 { 1962 uint8_t pq = xive_get_field32(end_esmask, end->w1); 1963 bool notify = xive_esb_trigger(&pq); 1964 1965 if (pq != xive_get_field32(end_esmask, end->w1)) { 1966 end->w1 = xive_set_field32(end_esmask, end->w1, pq); 1967 xive_router_write_end(xrtr, end_blk, end_idx, end, 1); 1968 } 1969 1970 /* ESe/n[Q]=1 : end of notification */ 1971 return notify; 1972 } 1973 1974 /* 1975 * An END trigger can come from an event trigger (IPI or HW) or from 1976 * another chip. We don't model the PowerBus but the END trigger 1977 * message has the same parameters than in the function below. 1978 */ 1979 void xive_router_end_notify(XiveRouter *xrtr, XiveEAS *eas) 1980 { 1981 XiveEND end; 1982 uint8_t priority; 1983 uint8_t format; 1984 uint8_t nvt_blk; 1985 uint32_t nvt_idx; 1986 XiveNVT nvt; 1987 XiveTCTXMatch match; 1988 1989 uint8_t end_blk = xive_get_field64(EAS_END_BLOCK, eas->w); 1990 uint32_t end_idx = xive_get_field64(EAS_END_INDEX, eas->w); 1991 uint32_t end_data = xive_get_field64(EAS_END_DATA, eas->w); 1992 1993 /* END cache lookup */ 1994 if (xive_router_get_end(xrtr, end_blk, end_idx, &end)) { 1995 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No END %x/%x\n", end_blk, 1996 end_idx); 1997 return; 1998 } 1999 2000 if (!xive_end_is_valid(&end)) { 2001 trace_xive_router_end_notify(end_blk, end_idx, end_data); 2002 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: END %x/%x is invalid\n", 2003 end_blk, end_idx); 2004 return; 2005 } 2006 2007 if (xive_end_is_enqueue(&end)) { 2008 xive_end_enqueue(&end, end_data); 2009 /* Enqueuing event data modifies the EQ toggle and index */ 2010 xive_router_write_end(xrtr, end_blk, end_idx, &end, 1); 2011 } 2012 2013 /* 2014 * When the END is silent, we skip the notification part. 2015 */ 2016 if (xive_end_is_silent_escalation(&end)) { 2017 goto do_escalation; 2018 } 2019 2020 /* 2021 * The W7 format depends on the F bit in W6. It defines the type 2022 * of the notification : 2023 * 2024 * F=0 : single or multiple NVT notification 2025 * F=1 : User level Event-Based Branch (EBB) notification, no 2026 * priority 2027 */ 2028 format = xive_get_field32(END_W6_FORMAT_BIT, end.w6); 2029 priority = xive_get_field32(END_W7_F0_PRIORITY, end.w7); 2030 2031 /* The END is masked */ 2032 if (format == 0 && priority == 0xff) { 2033 return; 2034 } 2035 2036 /* 2037 * Check the END ESn (Event State Buffer for notification) for 2038 * even further coalescing in the Router 2039 */ 2040 if (!xive_end_is_notify(&end)) { 2041 /* ESn[Q]=1 : end of notification */ 2042 if (!xive_router_end_es_notify(xrtr, end_blk, end_idx, 2043 &end, END_W1_ESn)) { 2044 return; 2045 } 2046 } 2047 2048 /* 2049 * Follows IVPE notification 2050 */ 2051 nvt_blk = xive_get_field32(END_W6_NVT_BLOCK, end.w6); 2052 nvt_idx = xive_get_field32(END_W6_NVT_INDEX, end.w6); 2053 2054 /* NVT cache lookup */ 2055 if (xive_router_get_nvt(xrtr, nvt_blk, nvt_idx, &nvt)) { 2056 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: no NVT %x/%x\n", 2057 nvt_blk, nvt_idx); 2058 return; 2059 } 2060 2061 if (!xive_nvt_is_valid(&nvt)) { 2062 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: NVT %x/%x is invalid\n", 2063 nvt_blk, nvt_idx); 2064 return; 2065 } 2066 2067 /* TODO: Auto EOI. */ 2068 /* we don't support VP-group notification on P9, so precluded is not used */ 2069 if (xive_presenter_match(xrtr->xfb, format, nvt_blk, nvt_idx, 2070 false /* crowd */, 2071 xive_get_field32(END_W7_F0_IGNORE, end.w7), 2072 priority, 2073 xive_get_field32(END_W7_F1_LOG_SERVER_ID, end.w7), 2074 &match)) { 2075 trace_xive_presenter_notify(nvt_blk, nvt_idx, match.ring, 0); 2076 xive_tctx_pipr_present(match.tctx, match.ring, priority, 0); 2077 return; 2078 } 2079 2080 /* 2081 * If no matching NVT is dispatched on a HW thread : 2082 * - specific VP: update the NVT structure if backlog is activated 2083 * - logical server : forward request to IVPE (not supported) 2084 */ 2085 if (xive_end_is_backlog(&end)) { 2086 uint8_t ipb; 2087 2088 if (format == 1) { 2089 qemu_log_mask(LOG_GUEST_ERROR, 2090 "XIVE: END %x/%x invalid config: F1 & backlog\n", 2091 end_blk, end_idx); 2092 return; 2093 } 2094 /* 2095 * Record the IPB in the associated NVT structure for later 2096 * use. The presenter will resend the interrupt when the vCPU 2097 * is dispatched again on a HW thread. 2098 */ 2099 ipb = xive_get_field32(NVT_W4_IPB, nvt.w4) | 2100 xive_priority_to_ipb(priority); 2101 nvt.w4 = xive_set_field32(NVT_W4_IPB, nvt.w4, ipb); 2102 xive_router_write_nvt(xrtr, nvt_blk, nvt_idx, &nvt, 4); 2103 2104 /* 2105 * On HW, follows a "Broadcast Backlog" to IVPEs 2106 */ 2107 } 2108 2109 do_escalation: 2110 /* 2111 * If activated, escalate notification using the ESe PQ bits and 2112 * the EAS in w4-5 2113 */ 2114 if (!xive_end_is_escalate(&end)) { 2115 return; 2116 } 2117 2118 /* 2119 * Check the END ESe (Event State Buffer for escalation) for even 2120 * further coalescing in the Router 2121 */ 2122 if (!xive_end_is_uncond_escalation(&end)) { 2123 /* ESe[Q]=1 : end of notification */ 2124 if (!xive_router_end_es_notify(xrtr, end_blk, end_idx, 2125 &end, END_W1_ESe)) { 2126 return; 2127 } 2128 } 2129 2130 trace_xive_router_end_escalate(end_blk, end_idx, 2131 (uint8_t) xive_get_field32(END_W4_ESC_END_BLOCK, end.w4), 2132 (uint32_t) xive_get_field32(END_W4_ESC_END_INDEX, end.w4), 2133 (uint32_t) xive_get_field32(END_W5_ESC_END_DATA, end.w5)); 2134 /* 2135 * The END trigger becomes an Escalation trigger 2136 */ 2137 xive_router_end_notify_handler(xrtr, (XiveEAS *) &end.w4); 2138 } 2139 2140 void xive_router_notify(XiveNotifier *xn, uint32_t lisn, bool pq_checked) 2141 { 2142 XiveRouter *xrtr = XIVE_ROUTER(xn); 2143 uint8_t eas_blk = XIVE_EAS_BLOCK(lisn); 2144 uint32_t eas_idx = XIVE_EAS_INDEX(lisn); 2145 XiveEAS eas; 2146 2147 /* EAS cache lookup */ 2148 if (xive_router_get_eas(xrtr, eas_blk, eas_idx, &eas)) { 2149 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Unknown LISN %x\n", lisn); 2150 return; 2151 } 2152 2153 if (!pq_checked) { 2154 bool notify; 2155 uint8_t pq; 2156 2157 /* PQ cache lookup */ 2158 if (xive_router_get_pq(xrtr, eas_blk, eas_idx, &pq)) { 2159 /* Set FIR */ 2160 g_assert_not_reached(); 2161 } 2162 2163 notify = xive_esb_trigger(&pq); 2164 2165 if (xive_router_set_pq(xrtr, eas_blk, eas_idx, &pq)) { 2166 /* Set FIR */ 2167 g_assert_not_reached(); 2168 } 2169 2170 if (!notify) { 2171 return; 2172 } 2173 } 2174 2175 if (!xive_eas_is_valid(&eas)) { 2176 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid LISN %x\n", lisn); 2177 return; 2178 } 2179 2180 if (xive_eas_is_masked(&eas)) { 2181 /* Notification completed */ 2182 return; 2183 } 2184 2185 /* 2186 * The event trigger becomes an END trigger 2187 */ 2188 xive_router_end_notify_handler(xrtr, &eas); 2189 } 2190 2191 static const Property xive_router_properties[] = { 2192 DEFINE_PROP_LINK("xive-fabric", XiveRouter, xfb, 2193 TYPE_XIVE_FABRIC, XiveFabric *), 2194 }; 2195 2196 static void xive_router_class_init(ObjectClass *klass, const void *data) 2197 { 2198 DeviceClass *dc = DEVICE_CLASS(klass); 2199 XiveNotifierClass *xnc = XIVE_NOTIFIER_CLASS(klass); 2200 XiveRouterClass *xrc = XIVE_ROUTER_CLASS(klass); 2201 2202 dc->desc = "XIVE Router Engine"; 2203 device_class_set_props(dc, xive_router_properties); 2204 /* Parent is SysBusDeviceClass. No need to call its realize hook */ 2205 dc->realize = xive_router_realize; 2206 xnc->notify = xive_router_notify; 2207 2208 /* By default, the router handles END triggers locally */ 2209 xrc->end_notify = xive_router_end_notify; 2210 } 2211 2212 static const TypeInfo xive_router_info = { 2213 .name = TYPE_XIVE_ROUTER, 2214 .parent = TYPE_SYS_BUS_DEVICE, 2215 .abstract = true, 2216 .instance_size = sizeof(XiveRouter), 2217 .class_size = sizeof(XiveRouterClass), 2218 .class_init = xive_router_class_init, 2219 .interfaces = (const InterfaceInfo[]) { 2220 { TYPE_XIVE_NOTIFIER }, 2221 { TYPE_XIVE_PRESENTER }, 2222 { } 2223 } 2224 }; 2225 2226 void xive_eas_pic_print_info(XiveEAS *eas, uint32_t lisn, GString *buf) 2227 { 2228 if (!xive_eas_is_valid(eas)) { 2229 return; 2230 } 2231 2232 g_string_append_printf(buf, " %08x %s end:%02x/%04x data:%08x\n", 2233 lisn, xive_eas_is_masked(eas) ? "M" : " ", 2234 (uint8_t) xive_get_field64(EAS_END_BLOCK, eas->w), 2235 (uint32_t) xive_get_field64(EAS_END_INDEX, eas->w), 2236 (uint32_t) xive_get_field64(EAS_END_DATA, eas->w)); 2237 } 2238 2239 /* 2240 * END ESB MMIO loads 2241 */ 2242 static uint64_t xive_end_source_read(void *opaque, hwaddr addr, unsigned size) 2243 { 2244 XiveENDSource *xsrc = XIVE_END_SOURCE(opaque); 2245 uint32_t offset = addr & 0xFFF; 2246 uint8_t end_blk; 2247 uint32_t end_idx; 2248 XiveEND end; 2249 uint32_t end_esmask; 2250 uint8_t pq; 2251 uint64_t ret = -1; 2252 2253 /* 2254 * The block id should be deduced from the load address on the END 2255 * ESB MMIO but our model only supports a single block per XIVE chip. 2256 */ 2257 end_blk = xive_router_get_block_id(xsrc->xrtr); 2258 end_idx = addr >> (xsrc->esb_shift + 1); 2259 2260 trace_xive_end_source_read(end_blk, end_idx, addr); 2261 2262 if (xive_router_get_end(xsrc->xrtr, end_blk, end_idx, &end)) { 2263 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No END %x/%x\n", end_blk, 2264 end_idx); 2265 return -1; 2266 } 2267 2268 if (!xive_end_is_valid(&end)) { 2269 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: END %x/%x is invalid\n", 2270 end_blk, end_idx); 2271 return -1; 2272 } 2273 2274 end_esmask = addr_is_even(addr, xsrc->esb_shift) ? END_W1_ESn : END_W1_ESe; 2275 pq = xive_get_field32(end_esmask, end.w1); 2276 2277 switch (offset) { 2278 case XIVE_ESB_LOAD_EOI ... XIVE_ESB_LOAD_EOI + 0x7FF: 2279 ret = xive_esb_eoi(&pq); 2280 2281 /* Forward the source event notification for routing ?? */ 2282 break; 2283 2284 case XIVE_ESB_GET ... XIVE_ESB_GET + 0x3FF: 2285 ret = pq; 2286 break; 2287 2288 case XIVE_ESB_SET_PQ_00 ... XIVE_ESB_SET_PQ_00 + 0x0FF: 2289 case XIVE_ESB_SET_PQ_01 ... XIVE_ESB_SET_PQ_01 + 0x0FF: 2290 case XIVE_ESB_SET_PQ_10 ... XIVE_ESB_SET_PQ_10 + 0x0FF: 2291 case XIVE_ESB_SET_PQ_11 ... XIVE_ESB_SET_PQ_11 + 0x0FF: 2292 ret = xive_esb_set(&pq, (offset >> 8) & 0x3); 2293 break; 2294 default: 2295 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid END ESB load addr %d\n", 2296 offset); 2297 return -1; 2298 } 2299 2300 if (pq != xive_get_field32(end_esmask, end.w1)) { 2301 end.w1 = xive_set_field32(end_esmask, end.w1, pq); 2302 xive_router_write_end(xsrc->xrtr, end_blk, end_idx, &end, 1); 2303 } 2304 2305 return ret; 2306 } 2307 2308 /* 2309 * END ESB MMIO stores are invalid 2310 */ 2311 static void xive_end_source_write(void *opaque, hwaddr addr, 2312 uint64_t value, unsigned size) 2313 { 2314 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid ESB write addr 0x%" 2315 HWADDR_PRIx"\n", addr); 2316 } 2317 2318 static const MemoryRegionOps xive_end_source_ops = { 2319 .read = xive_end_source_read, 2320 .write = xive_end_source_write, 2321 .endianness = DEVICE_BIG_ENDIAN, 2322 .valid = { 2323 .min_access_size = 1, 2324 .max_access_size = 8, 2325 }, 2326 .impl = { 2327 .min_access_size = 1, 2328 .max_access_size = 8, 2329 }, 2330 }; 2331 2332 static void xive_end_source_realize(DeviceState *dev, Error **errp) 2333 { 2334 XiveENDSource *xsrc = XIVE_END_SOURCE(dev); 2335 2336 assert(xsrc->xrtr); 2337 2338 if (!xsrc->nr_ends) { 2339 error_setg(errp, "Number of interrupt needs to be greater than 0"); 2340 return; 2341 } 2342 2343 if (xsrc->esb_shift != XIVE_ESB_4K && 2344 xsrc->esb_shift != XIVE_ESB_64K) { 2345 error_setg(errp, "Invalid ESB shift setting"); 2346 return; 2347 } 2348 2349 /* 2350 * Each END is assigned an even/odd pair of MMIO pages, the even page 2351 * manages the ESn field while the odd page manages the ESe field. 2352 */ 2353 memory_region_init_io(&xsrc->esb_mmio, OBJECT(xsrc), 2354 &xive_end_source_ops, xsrc, "xive.end", 2355 (1ull << (xsrc->esb_shift + 1)) * xsrc->nr_ends); 2356 } 2357 2358 static const Property xive_end_source_properties[] = { 2359 DEFINE_PROP_UINT32("nr-ends", XiveENDSource, nr_ends, 0), 2360 DEFINE_PROP_UINT32("shift", XiveENDSource, esb_shift, XIVE_ESB_64K), 2361 DEFINE_PROP_LINK("xive", XiveENDSource, xrtr, TYPE_XIVE_ROUTER, 2362 XiveRouter *), 2363 }; 2364 2365 static void xive_end_source_class_init(ObjectClass *klass, const void *data) 2366 { 2367 DeviceClass *dc = DEVICE_CLASS(klass); 2368 2369 dc->desc = "XIVE END Source"; 2370 device_class_set_props(dc, xive_end_source_properties); 2371 dc->realize = xive_end_source_realize; 2372 /* 2373 * Reason: part of XIVE interrupt controller, needs to be wired up, 2374 * e.g. by spapr_xive_instance_init(). 2375 */ 2376 dc->user_creatable = false; 2377 } 2378 2379 static const TypeInfo xive_end_source_info = { 2380 .name = TYPE_XIVE_END_SOURCE, 2381 .parent = TYPE_DEVICE, 2382 .instance_size = sizeof(XiveENDSource), 2383 .class_init = xive_end_source_class_init, 2384 }; 2385 2386 /* 2387 * XIVE Notifier 2388 */ 2389 static const TypeInfo xive_notifier_info = { 2390 .name = TYPE_XIVE_NOTIFIER, 2391 .parent = TYPE_INTERFACE, 2392 .class_size = sizeof(XiveNotifierClass), 2393 }; 2394 2395 /* 2396 * XIVE Presenter 2397 */ 2398 static const TypeInfo xive_presenter_info = { 2399 .name = TYPE_XIVE_PRESENTER, 2400 .parent = TYPE_INTERFACE, 2401 .class_size = sizeof(XivePresenterClass), 2402 }; 2403 2404 /* 2405 * XIVE Fabric 2406 */ 2407 static const TypeInfo xive_fabric_info = { 2408 .name = TYPE_XIVE_FABRIC, 2409 .parent = TYPE_INTERFACE, 2410 .class_size = sizeof(XiveFabricClass), 2411 }; 2412 2413 static void xive_register_types(void) 2414 { 2415 type_register_static(&xive_fabric_info); 2416 type_register_static(&xive_source_info); 2417 type_register_static(&xive_notifier_info); 2418 type_register_static(&xive_presenter_info); 2419 type_register_static(&xive_router_info); 2420 type_register_static(&xive_end_source_info); 2421 type_register_static(&xive_tctx_info); 2422 } 2423 2424 type_init(xive_register_types) 2425