1 /* 2 * QEMU PowerPC XIVE interrupt controller model 3 * 4 * Copyright (c) 2017-2018, IBM Corporation. 5 * 6 * SPDX-License-Identifier: GPL-2.0-or-later 7 */ 8 9 #include "qemu/osdep.h" 10 #include "qemu/log.h" 11 #include "qemu/module.h" 12 #include "qapi/error.h" 13 #include "target/ppc/cpu.h" 14 #include "system/cpus.h" 15 #include "system/dma.h" 16 #include "system/reset.h" 17 #include "hw/qdev-properties.h" 18 #include "migration/vmstate.h" 19 #include "hw/irq.h" 20 #include "hw/ppc/xive.h" 21 #include "hw/ppc/xive2.h" 22 #include "hw/ppc/xive_regs.h" 23 #include "trace.h" 24 25 /* 26 * XIVE Thread Interrupt Management context 27 */ 28 bool xive_nsr_indicates_exception(uint8_t ring, uint8_t nsr) 29 { 30 switch (ring) { 31 case TM_QW1_OS: 32 return !!(nsr & TM_QW1_NSR_EO); 33 case TM_QW2_HV_POOL: 34 case TM_QW3_HV_PHYS: 35 return !!(nsr & TM_QW3_NSR_HE); 36 default: 37 g_assert_not_reached(); 38 } 39 } 40 41 bool xive_nsr_indicates_group_exception(uint8_t ring, uint8_t nsr) 42 { 43 if ((nsr & TM_NSR_GRP_LVL) > 0) { 44 g_assert(xive_nsr_indicates_exception(ring, nsr)); 45 return true; 46 } 47 return false; 48 } 49 50 uint8_t xive_nsr_exception_ring(uint8_t ring, uint8_t nsr) 51 { 52 /* NSR determines if pool/phys ring is for phys or pool interrupt */ 53 if ((ring == TM_QW3_HV_PHYS) || (ring == TM_QW2_HV_POOL)) { 54 uint8_t he = (nsr & TM_QW3_NSR_HE) >> 6; 55 56 if (he == TM_QW3_NSR_HE_PHYS) { 57 return TM_QW3_HV_PHYS; 58 } else if (he == TM_QW3_NSR_HE_POOL) { 59 return TM_QW2_HV_POOL; 60 } else { 61 /* Don't support LSI mode */ 62 g_assert_not_reached(); 63 } 64 } 65 return ring; 66 } 67 68 static qemu_irq xive_tctx_output(XiveTCTX *tctx, uint8_t ring) 69 { 70 switch (ring) { 71 case TM_QW0_USER: 72 return 0; /* Not supported */ 73 case TM_QW1_OS: 74 return tctx->os_output; 75 case TM_QW2_HV_POOL: 76 case TM_QW3_HV_PHYS: 77 return tctx->hv_output; 78 default: 79 return 0; 80 } 81 } 82 83 /* 84 * interrupt is accepted on the presentation ring, for PHYS ring the NSR 85 * directs it to the PHYS or POOL rings. 86 */ 87 uint64_t xive_tctx_accept(XiveTCTX *tctx, uint8_t sig_ring) 88 { 89 uint8_t *sig_regs = &tctx->regs[sig_ring]; 90 uint8_t nsr = sig_regs[TM_NSR]; 91 92 g_assert(sig_ring == TM_QW1_OS || sig_ring == TM_QW3_HV_PHYS); 93 94 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_NSR] == 0); 95 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_PIPR] == 0); 96 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_CPPR] == 0); 97 98 qemu_irq_lower(xive_tctx_output(tctx, sig_ring)); 99 100 if (xive_nsr_indicates_exception(sig_ring, nsr)) { 101 uint8_t cppr = sig_regs[TM_PIPR]; 102 uint8_t ring; 103 uint8_t *regs; 104 105 ring = xive_nsr_exception_ring(sig_ring, nsr); 106 regs = &tctx->regs[ring]; 107 108 sig_regs[TM_CPPR] = cppr; 109 110 /* 111 * If the interrupt was for a specific VP, reset the pending 112 * buffer bit, otherwise clear the logical server indicator 113 */ 114 if (!xive_nsr_indicates_group_exception(sig_ring, nsr)) { 115 regs[TM_IPB] &= ~xive_priority_to_ipb(cppr); 116 } 117 118 /* Clear the exception from NSR */ 119 sig_regs[TM_NSR] = 0; 120 121 trace_xive_tctx_accept(tctx->cs->cpu_index, ring, 122 regs[TM_IPB], sig_regs[TM_PIPR], 123 sig_regs[TM_CPPR], sig_regs[TM_NSR]); 124 } 125 126 return ((uint64_t)nsr << 8) | sig_regs[TM_CPPR]; 127 } 128 129 void xive_tctx_notify(XiveTCTX *tctx, uint8_t ring, uint8_t group_level) 130 { 131 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 132 uint8_t *regs = &tctx->regs[ring]; 133 134 if (sig_regs[TM_PIPR] < sig_regs[TM_CPPR]) { 135 switch (ring) { 136 case TM_QW1_OS: 137 sig_regs[TM_NSR] = TM_QW1_NSR_EO | (group_level & 0x3F); 138 break; 139 case TM_QW2_HV_POOL: 140 sig_regs[TM_NSR] = (TM_QW3_NSR_HE_POOL << 6) | (group_level & 0x3F); 141 break; 142 case TM_QW3_HV_PHYS: 143 sig_regs[TM_NSR] = (TM_QW3_NSR_HE_PHYS << 6) | (group_level & 0x3F); 144 break; 145 default: 146 g_assert_not_reached(); 147 } 148 trace_xive_tctx_notify(tctx->cs->cpu_index, ring, 149 regs[TM_IPB], sig_regs[TM_PIPR], 150 sig_regs[TM_CPPR], sig_regs[TM_NSR]); 151 qemu_irq_raise(xive_tctx_output(tctx, ring)); 152 } else { 153 sig_regs[TM_NSR] = 0; 154 qemu_irq_lower(xive_tctx_output(tctx, ring)); 155 } 156 } 157 158 void xive_tctx_reset_signal(XiveTCTX *tctx, uint8_t ring) 159 { 160 /* 161 * Lower the External interrupt. Used when pulling a context. It is 162 * necessary to avoid catching it in the higher privilege context. It 163 * should be raised again when re-pushing the lower privilege context. 164 */ 165 qemu_irq_lower(xive_tctx_output(tctx, ring)); 166 } 167 168 static void xive_tctx_set_cppr(XiveTCTX *tctx, uint8_t ring, uint8_t cppr) 169 { 170 uint8_t *sig_regs = &tctx->regs[ring]; 171 uint8_t pipr_min; 172 uint8_t ring_min; 173 174 g_assert(ring == TM_QW1_OS || ring == TM_QW3_HV_PHYS); 175 176 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_NSR] == 0); 177 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_PIPR] == 0); 178 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_CPPR] == 0); 179 180 /* XXX: should show pool IPB for PHYS ring */ 181 trace_xive_tctx_set_cppr(tctx->cs->cpu_index, ring, 182 sig_regs[TM_IPB], sig_regs[TM_PIPR], 183 cppr, sig_regs[TM_NSR]); 184 185 if (cppr > XIVE_PRIORITY_MAX) { 186 cppr = 0xff; 187 } 188 189 sig_regs[TM_CPPR] = cppr; 190 191 /* 192 * Recompute the PIPR based on local pending interrupts. The PHYS 193 * ring must take the minimum of both the PHYS and POOL PIPR values. 194 */ 195 pipr_min = xive_ipb_to_pipr(sig_regs[TM_IPB]); 196 ring_min = ring; 197 198 /* PHYS updates also depend on POOL values */ 199 if (ring == TM_QW3_HV_PHYS) { 200 uint8_t *pool_regs = &tctx->regs[TM_QW2_HV_POOL]; 201 202 /* POOL values only matter if POOL ctx is valid */ 203 if (pool_regs[TM_WORD2] & 0x80) { 204 uint8_t pool_pipr = xive_ipb_to_pipr(pool_regs[TM_IPB]); 205 206 /* 207 * Determine highest priority interrupt and 208 * remember which ring has it. 209 */ 210 if (pool_pipr < pipr_min) { 211 pipr_min = pool_pipr; 212 ring_min = TM_QW2_HV_POOL; 213 } 214 } 215 } 216 217 sig_regs[TM_PIPR] = pipr_min; 218 219 /* CPPR has changed, check if we need to raise a pending exception */ 220 xive_tctx_notify(tctx, ring_min, 0); 221 } 222 223 void xive_tctx_pipr_update(XiveTCTX *tctx, uint8_t ring, uint8_t priority, 224 uint8_t group_level) 225 { 226 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 227 uint8_t *regs = &tctx->regs[ring]; 228 229 if (group_level == 0) { 230 /* VP-specific */ 231 regs[TM_IPB] |= xive_priority_to_ipb(priority); 232 sig_regs[TM_PIPR] = xive_ipb_to_pipr(regs[TM_IPB]); 233 } else { 234 /* VP-group */ 235 sig_regs[TM_PIPR] = xive_priority_to_pipr(priority); 236 } 237 xive_tctx_notify(tctx, ring, group_level); 238 } 239 240 static void xive_tctx_pipr_recompute_from_ipb(XiveTCTX *tctx, uint8_t ring) 241 { 242 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 243 uint8_t *regs = &tctx->regs[ring]; 244 245 /* Does not support a presented group interrupt */ 246 g_assert(!xive_nsr_indicates_group_exception(ring, sig_regs[TM_NSR])); 247 248 sig_regs[TM_PIPR] = xive_ipb_to_pipr(regs[TM_IPB]); 249 xive_tctx_notify(tctx, ring, 0); 250 } 251 252 void xive_tctx_pipr_present(XiveTCTX *tctx, uint8_t ring, uint8_t priority, 253 uint8_t group_level) 254 { 255 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 256 uint8_t *regs = &tctx->regs[ring]; 257 uint8_t pipr = xive_priority_to_pipr(priority); 258 259 if (group_level == 0) { 260 regs[TM_IPB] |= xive_priority_to_ipb(priority); 261 if (pipr >= sig_regs[TM_PIPR]) { 262 /* VP interrupts can come here with lower priority than PIPR */ 263 return; 264 } 265 } 266 g_assert(pipr <= xive_ipb_to_pipr(regs[TM_IPB])); 267 g_assert(pipr < sig_regs[TM_PIPR]); 268 sig_regs[TM_PIPR] = pipr; 269 xive_tctx_notify(tctx, ring, group_level); 270 } 271 272 /* 273 * XIVE Thread Interrupt Management Area (TIMA) 274 */ 275 276 static void xive_tm_set_hv_cppr(XivePresenter *xptr, XiveTCTX *tctx, 277 hwaddr offset, uint64_t value, unsigned size) 278 { 279 xive_tctx_set_cppr(tctx, TM_QW3_HV_PHYS, value & 0xff); 280 } 281 282 static uint64_t xive_tm_ack_hv_reg(XivePresenter *xptr, XiveTCTX *tctx, 283 hwaddr offset, unsigned size) 284 { 285 return xive_tctx_accept(tctx, TM_QW3_HV_PHYS); 286 } 287 288 static void xive_pool_cam_decode(uint32_t cam, uint8_t *nvt_blk, 289 uint32_t *nvt_idx, bool *vp) 290 { 291 if (nvt_blk) { 292 *nvt_blk = xive_nvt_blk(cam); 293 } 294 if (nvt_idx) { 295 *nvt_idx = xive_nvt_idx(cam); 296 } 297 if (vp) { 298 *vp = !!(cam & TM_QW2W2_VP); 299 } 300 } 301 302 static uint32_t xive_tctx_get_pool_cam(XiveTCTX *tctx, uint8_t *nvt_blk, 303 uint32_t *nvt_idx, bool *vp) 304 { 305 uint32_t qw2w2 = xive_tctx_word2(&tctx->regs[TM_QW2_HV_POOL]); 306 uint32_t cam = be32_to_cpu(qw2w2); 307 308 xive_pool_cam_decode(cam, nvt_blk, nvt_idx, vp); 309 return qw2w2; 310 } 311 312 static void xive_tctx_set_pool_cam(XiveTCTX *tctx, uint32_t qw2w2) 313 { 314 memcpy(&tctx->regs[TM_QW2_HV_POOL + TM_WORD2], &qw2w2, 4); 315 } 316 317 static uint64_t xive_tm_pull_pool_ctx(XivePresenter *xptr, XiveTCTX *tctx, 318 hwaddr offset, unsigned size) 319 { 320 uint32_t qw2w2; 321 uint32_t qw2w2_new; 322 uint8_t nvt_blk; 323 uint32_t nvt_idx; 324 bool vp; 325 326 qw2w2 = xive_tctx_get_pool_cam(tctx, &nvt_blk, &nvt_idx, &vp); 327 328 if (!vp) { 329 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: pull invalid POOL NVT %x/%x !?\n", 330 nvt_blk, nvt_idx); 331 } 332 333 /* Invalidate CAM line */ 334 qw2w2_new = xive_set_field32(TM_QW2W2_VP, qw2w2, 0); 335 xive_tctx_set_pool_cam(tctx, qw2w2_new); 336 337 xive_tctx_reset_signal(tctx, TM_QW1_OS); 338 xive_tctx_reset_signal(tctx, TM_QW2_HV_POOL); 339 return qw2w2; 340 } 341 342 static uint64_t xive_tm_pull_phys_ctx(XivePresenter *xptr, XiveTCTX *tctx, 343 hwaddr offset, unsigned size) 344 { 345 uint8_t qw3b8 = tctx->regs[TM_QW3_HV_PHYS + TM_WORD2]; 346 uint8_t qw3b8_new; 347 348 qw3b8 = tctx->regs[TM_QW3_HV_PHYS + TM_WORD2]; 349 if (!(qw3b8 & TM_QW3B8_VT)) { 350 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: pulling invalid PHYS thread!?\n"); 351 } 352 qw3b8_new = qw3b8 & ~TM_QW3B8_VT; 353 tctx->regs[TM_QW3_HV_PHYS + TM_WORD2] = qw3b8_new; 354 355 xive_tctx_reset_signal(tctx, TM_QW1_OS); 356 xive_tctx_reset_signal(tctx, TM_QW3_HV_PHYS); 357 return qw3b8; 358 } 359 360 static void xive_tm_vt_push(XivePresenter *xptr, XiveTCTX *tctx, hwaddr offset, 361 uint64_t value, unsigned size) 362 { 363 tctx->regs[TM_QW3_HV_PHYS + TM_WORD2] = value & 0xff; 364 } 365 366 static uint64_t xive_tm_vt_poll(XivePresenter *xptr, XiveTCTX *tctx, 367 hwaddr offset, unsigned size) 368 { 369 return tctx->regs[TM_QW3_HV_PHYS + TM_WORD2] & 0xff; 370 } 371 372 /* 373 * Define an access map for each page of the TIMA that we will use in 374 * the memory region ops to filter values when doing loads and stores 375 * of raw registers values 376 * 377 * Registers accessibility bits : 378 * 379 * 0x0 - no access 380 * 0x1 - write only 381 * 0x2 - read only 382 * 0x3 - read/write 383 */ 384 385 static const uint8_t xive_tm_hw_view[] = { 386 3, 0, 0, 0, 0, 0, 0, 0, 3, 3, 3, 3, 0, 0, 0, 0, /* QW-0 User */ 387 3, 3, 3, 3, 3, 3, 0, 2, 3, 3, 3, 3, 0, 0, 0, 3, /* QW-1 OS */ 388 0, 0, 3, 3, 0, 3, 3, 0, 3, 3, 3, 3, 0, 0, 0, 0, /* QW-2 POOL */ 389 3, 3, 3, 3, 0, 3, 0, 2, 3, 0, 0, 3, 3, 3, 3, 0, /* QW-3 PHYS */ 390 }; 391 392 static const uint8_t xive_tm_hv_view[] = { 393 3, 0, 0, 0, 0, 0, 0, 0, 3, 3, 3, 3, 0, 0, 0, 0, /* QW-0 User */ 394 3, 3, 3, 3, 3, 3, 0, 2, 3, 3, 3, 3, 0, 0, 0, 3, /* QW-1 OS */ 395 0, 0, 3, 3, 0, 3, 3, 0, 0, 3, 3, 3, 0, 0, 0, 0, /* QW-2 POOL */ 396 3, 3, 3, 3, 0, 3, 0, 2, 3, 0, 0, 3, 0, 0, 0, 0, /* QW-3 PHYS */ 397 }; 398 399 static const uint8_t xive_tm_os_view[] = { 400 3, 0, 0, 0, 0, 0, 0, 0, 3, 3, 3, 3, 0, 0, 0, 0, /* QW-0 User */ 401 2, 3, 2, 2, 2, 2, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-1 OS */ 402 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-2 POOL */ 403 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-3 PHYS */ 404 }; 405 406 static const uint8_t xive_tm_user_view[] = { 407 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-0 User */ 408 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-1 OS */ 409 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-2 POOL */ 410 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-3 PHYS */ 411 }; 412 413 /* 414 * Overall TIMA access map for the thread interrupt management context 415 * registers 416 */ 417 static const uint8_t *xive_tm_views[] = { 418 [XIVE_TM_HW_PAGE] = xive_tm_hw_view, 419 [XIVE_TM_HV_PAGE] = xive_tm_hv_view, 420 [XIVE_TM_OS_PAGE] = xive_tm_os_view, 421 [XIVE_TM_USER_PAGE] = xive_tm_user_view, 422 }; 423 424 /* 425 * Computes a register access mask for a given offset in the TIMA 426 */ 427 static uint64_t xive_tm_mask(hwaddr offset, unsigned size, bool write) 428 { 429 uint8_t page_offset = (offset >> TM_SHIFT) & 0x3; 430 uint8_t reg_offset = offset & TM_REG_OFFSET; 431 uint8_t reg_mask = write ? 0x1 : 0x2; 432 uint64_t mask = 0x0; 433 int i; 434 435 for (i = 0; i < size; i++) { 436 if (xive_tm_views[page_offset][reg_offset + i] & reg_mask) { 437 mask |= (uint64_t) 0xff << (8 * (size - i - 1)); 438 } 439 } 440 441 return mask; 442 } 443 444 static void xive_tm_raw_write(XiveTCTX *tctx, hwaddr offset, uint64_t value, 445 unsigned size) 446 { 447 uint8_t ring_offset = offset & TM_RING_OFFSET; 448 uint8_t reg_offset = offset & TM_REG_OFFSET; 449 uint64_t mask = xive_tm_mask(offset, size, true); 450 int i; 451 452 /* 453 * Only 4 or 8 bytes stores are allowed and the User ring is 454 * excluded 455 */ 456 if (size < 4 || !mask || ring_offset == TM_QW0_USER) { 457 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid write access at TIMA @%" 458 HWADDR_PRIx" size %d\n", offset, size); 459 return; 460 } 461 462 /* 463 * Use the register offset for the raw values and filter out 464 * reserved values 465 */ 466 for (i = 0; i < size; i++) { 467 uint8_t byte_mask = (mask >> (8 * (size - i - 1))); 468 if (byte_mask) { 469 tctx->regs[reg_offset + i] = (value >> (8 * (size - i - 1))) & 470 byte_mask; 471 } 472 } 473 } 474 475 static uint64_t xive_tm_raw_read(XiveTCTX *tctx, hwaddr offset, unsigned size) 476 { 477 uint8_t ring_offset = offset & TM_RING_OFFSET; 478 uint8_t reg_offset = offset & TM_REG_OFFSET; 479 uint64_t mask = xive_tm_mask(offset, size, false); 480 uint64_t ret; 481 int i; 482 483 /* 484 * Only 4 or 8 bytes loads are allowed and the User ring is 485 * excluded 486 */ 487 if (size < 4 || !mask || ring_offset == TM_QW0_USER) { 488 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid read access at TIMA @%" 489 HWADDR_PRIx" size %d\n", offset, size); 490 return -1; 491 } 492 493 /* Use the register offset for the raw values */ 494 ret = 0; 495 for (i = 0; i < size; i++) { 496 ret |= (uint64_t) tctx->regs[reg_offset + i] << (8 * (size - i - 1)); 497 } 498 499 /* filter out reserved values */ 500 return ret & mask; 501 } 502 503 /* 504 * The TM context is mapped twice within each page. Stores and loads 505 * to the first mapping below 2K write and read the specified values 506 * without modification. The second mapping above 2K performs specific 507 * state changes (side effects) in addition to setting/returning the 508 * interrupt management area context of the processor thread. 509 */ 510 static uint64_t xive_tm_ack_os_reg(XivePresenter *xptr, XiveTCTX *tctx, 511 hwaddr offset, unsigned size) 512 { 513 return xive_tctx_accept(tctx, TM_QW1_OS); 514 } 515 516 static void xive_tm_set_os_cppr(XivePresenter *xptr, XiveTCTX *tctx, 517 hwaddr offset, uint64_t value, unsigned size) 518 { 519 xive_tctx_set_cppr(tctx, TM_QW1_OS, value & 0xff); 520 } 521 522 static void xive_tctx_set_lgs(XiveTCTX *tctx, uint8_t ring, uint8_t lgs) 523 { 524 uint8_t *regs = &tctx->regs[ring]; 525 526 regs[TM_LGS] = lgs; 527 } 528 529 static void xive_tm_set_os_lgs(XivePresenter *xptr, XiveTCTX *tctx, 530 hwaddr offset, uint64_t value, unsigned size) 531 { 532 xive_tctx_set_lgs(tctx, TM_QW1_OS, value & 0xff); 533 } 534 535 /* 536 * Adjust the PIPR to allow a CPU to process event queues of other 537 * priorities during one physical interrupt cycle. 538 */ 539 static void xive_tm_set_os_pending(XivePresenter *xptr, XiveTCTX *tctx, 540 hwaddr offset, uint64_t value, unsigned size) 541 { 542 uint8_t ring = TM_QW1_OS; 543 uint8_t *regs = &tctx->regs[ring]; 544 545 /* XXX: how should this work exactly? */ 546 regs[TM_IPB] |= xive_priority_to_ipb(value & 0xff); 547 xive_tctx_pipr_recompute_from_ipb(tctx, ring); 548 } 549 550 static void xive_os_cam_decode(uint32_t cam, uint8_t *nvt_blk, 551 uint32_t *nvt_idx, bool *vo) 552 { 553 if (nvt_blk) { 554 *nvt_blk = xive_nvt_blk(cam); 555 } 556 if (nvt_idx) { 557 *nvt_idx = xive_nvt_idx(cam); 558 } 559 if (vo) { 560 *vo = !!(cam & TM_QW1W2_VO); 561 } 562 } 563 564 static uint32_t xive_tctx_get_os_cam(XiveTCTX *tctx, uint8_t *nvt_blk, 565 uint32_t *nvt_idx, bool *vo) 566 { 567 uint32_t qw1w2 = xive_tctx_word2(&tctx->regs[TM_QW1_OS]); 568 uint32_t cam = be32_to_cpu(qw1w2); 569 570 xive_os_cam_decode(cam, nvt_blk, nvt_idx, vo); 571 return qw1w2; 572 } 573 574 static void xive_tctx_set_os_cam(XiveTCTX *tctx, uint32_t qw1w2) 575 { 576 memcpy(&tctx->regs[TM_QW1_OS + TM_WORD2], &qw1w2, 4); 577 } 578 579 static uint64_t xive_tm_pull_os_ctx(XivePresenter *xptr, XiveTCTX *tctx, 580 hwaddr offset, unsigned size) 581 { 582 uint32_t qw1w2; 583 uint32_t qw1w2_new; 584 uint8_t nvt_blk; 585 uint32_t nvt_idx; 586 bool vo; 587 588 qw1w2 = xive_tctx_get_os_cam(tctx, &nvt_blk, &nvt_idx, &vo); 589 590 if (!vo) { 591 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: pull invalid OS NVT %x/%x !?\n", 592 nvt_blk, nvt_idx); 593 } 594 595 /* Invalidate CAM line */ 596 qw1w2_new = xive_set_field32(TM_QW1W2_VO, qw1w2, 0); 597 xive_tctx_set_os_cam(tctx, qw1w2_new); 598 599 xive_tctx_reset_signal(tctx, TM_QW1_OS); 600 return qw1w2; 601 } 602 603 static void xive_tctx_need_resend(XiveRouter *xrtr, XiveTCTX *tctx, 604 uint8_t nvt_blk, uint32_t nvt_idx) 605 { 606 XiveNVT nvt; 607 uint8_t ipb; 608 609 /* 610 * Grab the associated NVT to pull the pending bits, and merge 611 * them with the IPB of the thread interrupt context registers 612 */ 613 if (xive_router_get_nvt(xrtr, nvt_blk, nvt_idx, &nvt)) { 614 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid NVT %x/%x\n", 615 nvt_blk, nvt_idx); 616 return; 617 } 618 619 ipb = xive_get_field32(NVT_W4_IPB, nvt.w4); 620 621 if (ipb) { 622 /* Reset the NVT value */ 623 nvt.w4 = xive_set_field32(NVT_W4_IPB, nvt.w4, 0); 624 xive_router_write_nvt(xrtr, nvt_blk, nvt_idx, &nvt, 4); 625 626 uint8_t *regs = &tctx->regs[TM_QW1_OS]; 627 regs[TM_IPB] |= ipb; 628 } 629 630 /* 631 * Always call xive_tctx_recompute_from_ipb(). Even if there were no 632 * escalation triggered, there could be a pending interrupt which 633 * was saved when the context was pulled and that we need to take 634 * into account by recalculating the PIPR (which is not 635 * saved/restored). 636 * It will also raise the External interrupt signal if needed. 637 */ 638 xive_tctx_pipr_recompute_from_ipb(tctx, TM_QW1_OS); /* fxb */ 639 } 640 641 /* 642 * Updating the OS CAM line can trigger a resend of interrupt 643 */ 644 static void xive_tm_push_os_ctx(XivePresenter *xptr, XiveTCTX *tctx, 645 hwaddr offset, uint64_t value, unsigned size) 646 { 647 uint32_t cam = value; 648 uint32_t qw1w2 = cpu_to_be32(cam); 649 uint8_t nvt_blk; 650 uint32_t nvt_idx; 651 bool vo; 652 653 xive_os_cam_decode(cam, &nvt_blk, &nvt_idx, &vo); 654 655 /* First update the registers */ 656 xive_tctx_set_os_cam(tctx, qw1w2); 657 658 /* Check the interrupt pending bits */ 659 if (vo) { 660 xive_tctx_need_resend(XIVE_ROUTER(xptr), tctx, nvt_blk, nvt_idx); 661 } 662 } 663 664 static uint32_t xive_presenter_get_config(XivePresenter *xptr) 665 { 666 XivePresenterClass *xpc = XIVE_PRESENTER_GET_CLASS(xptr); 667 668 return xpc->get_config(xptr); 669 } 670 671 /* 672 * Define a mapping of "special" operations depending on the TIMA page 673 * offset and the size of the operation. 674 */ 675 typedef struct XiveTmOp { 676 uint8_t page_offset; 677 uint32_t op_offset; 678 unsigned size; 679 void (*write_handler)(XivePresenter *xptr, XiveTCTX *tctx, 680 hwaddr offset, 681 uint64_t value, unsigned size); 682 uint64_t (*read_handler)(XivePresenter *xptr, XiveTCTX *tctx, hwaddr offset, 683 unsigned size); 684 } XiveTmOp; 685 686 static const XiveTmOp xive_tm_operations[] = { 687 /* 688 * MMIOs below 2K : raw values and special operations without side 689 * effects 690 */ 691 { XIVE_TM_OS_PAGE, TM_QW1_OS + TM_CPPR, 1, xive_tm_set_os_cppr, 692 NULL }, 693 { XIVE_TM_HV_PAGE, TM_QW1_OS + TM_WORD2, 4, xive_tm_push_os_ctx, 694 NULL }, 695 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_CPPR, 1, xive_tm_set_hv_cppr, 696 NULL }, 697 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_WORD2, 1, xive_tm_vt_push, 698 NULL }, 699 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_WORD2, 1, NULL, 700 xive_tm_vt_poll }, 701 702 /* MMIOs above 2K : special operations with side effects */ 703 { XIVE_TM_OS_PAGE, TM_SPC_ACK_OS_REG, 2, NULL, 704 xive_tm_ack_os_reg }, 705 { XIVE_TM_OS_PAGE, TM_SPC_SET_OS_PENDING, 1, xive_tm_set_os_pending, 706 NULL }, 707 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX, 4, NULL, 708 xive_tm_pull_os_ctx }, 709 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX, 8, NULL, 710 xive_tm_pull_os_ctx }, 711 { XIVE_TM_HV_PAGE, TM_SPC_ACK_HV_REG, 2, NULL, 712 xive_tm_ack_hv_reg }, 713 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX, 4, NULL, 714 xive_tm_pull_pool_ctx }, 715 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX, 8, NULL, 716 xive_tm_pull_pool_ctx }, 717 { XIVE_TM_HV_PAGE, TM_SPC_PULL_PHYS_CTX, 1, NULL, 718 xive_tm_pull_phys_ctx }, 719 }; 720 721 static const XiveTmOp xive2_tm_operations[] = { 722 /* 723 * MMIOs below 2K : raw values and special operations without side 724 * effects 725 */ 726 { XIVE_TM_OS_PAGE, TM_QW1_OS + TM_CPPR, 1, xive2_tm_set_os_cppr, 727 NULL }, 728 { XIVE_TM_HV_PAGE, TM_QW1_OS + TM_WORD2, 4, xive2_tm_push_os_ctx, 729 NULL }, 730 { XIVE_TM_HV_PAGE, TM_QW1_OS + TM_WORD2, 8, xive2_tm_push_os_ctx, 731 NULL }, 732 { XIVE_TM_OS_PAGE, TM_QW1_OS + TM_LGS, 1, xive_tm_set_os_lgs, 733 NULL }, 734 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_CPPR, 1, xive2_tm_set_hv_cppr, 735 NULL }, 736 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_WORD2, 1, xive_tm_vt_push, 737 NULL }, 738 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_WORD2, 1, NULL, 739 xive_tm_vt_poll }, 740 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_T, 1, xive2_tm_set_hv_target, 741 NULL }, 742 743 /* MMIOs above 2K : special operations with side effects */ 744 { XIVE_TM_OS_PAGE, TM_SPC_ACK_OS_REG, 2, NULL, 745 xive_tm_ack_os_reg }, 746 { XIVE_TM_OS_PAGE, TM_SPC_SET_OS_PENDING, 1, xive_tm_set_os_pending, 747 NULL }, 748 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX_G2, 4, NULL, 749 xive2_tm_pull_os_ctx }, 750 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX, 4, NULL, 751 xive2_tm_pull_os_ctx }, 752 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX, 8, NULL, 753 xive2_tm_pull_os_ctx }, 754 { XIVE_TM_HV_PAGE, TM_SPC_ACK_HV_REG, 2, NULL, 755 xive_tm_ack_hv_reg }, 756 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX_G2, 4, NULL, 757 xive2_tm_pull_pool_ctx }, 758 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX, 4, NULL, 759 xive2_tm_pull_pool_ctx }, 760 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX, 8, NULL, 761 xive2_tm_pull_pool_ctx }, 762 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX_OL, 1, xive2_tm_pull_os_ctx_ol, 763 NULL }, 764 { XIVE_TM_HV_PAGE, TM_SPC_PULL_PHYS_CTX_G2, 4, NULL, 765 xive2_tm_pull_phys_ctx }, 766 { XIVE_TM_HV_PAGE, TM_SPC_PULL_PHYS_CTX, 1, NULL, 767 xive2_tm_pull_phys_ctx }, 768 { XIVE_TM_HV_PAGE, TM_SPC_PULL_PHYS_CTX_OL, 1, xive2_tm_pull_phys_ctx_ol, 769 NULL }, 770 { XIVE_TM_OS_PAGE, TM_SPC_ACK_OS_EL, 1, xive2_tm_ack_os_el, 771 NULL }, 772 }; 773 774 static const XiveTmOp *xive_tm_find_op(XivePresenter *xptr, hwaddr offset, 775 unsigned size, bool write) 776 { 777 uint8_t page_offset = (offset >> TM_SHIFT) & 0x3; 778 uint32_t op_offset = offset & TM_ADDRESS_MASK; 779 const XiveTmOp *tm_ops; 780 int i, tm_ops_count; 781 uint32_t cfg; 782 783 cfg = xive_presenter_get_config(xptr); 784 if (cfg & XIVE_PRESENTER_GEN1_TIMA_OS) { 785 tm_ops = xive_tm_operations; 786 tm_ops_count = ARRAY_SIZE(xive_tm_operations); 787 } else { 788 tm_ops = xive2_tm_operations; 789 tm_ops_count = ARRAY_SIZE(xive2_tm_operations); 790 } 791 792 for (i = 0; i < tm_ops_count; i++) { 793 const XiveTmOp *xto = &tm_ops[i]; 794 795 /* Accesses done from a more privileged TIMA page is allowed */ 796 if (xto->page_offset >= page_offset && 797 xto->op_offset == op_offset && 798 xto->size == size && 799 ((write && xto->write_handler) || (!write && xto->read_handler))) { 800 return xto; 801 } 802 } 803 return NULL; 804 } 805 806 /* 807 * TIMA MMIO handlers 808 */ 809 void xive_tctx_tm_write(XivePresenter *xptr, XiveTCTX *tctx, hwaddr offset, 810 uint64_t value, unsigned size) 811 { 812 const XiveTmOp *xto; 813 814 trace_xive_tctx_tm_write(tctx->cs->cpu_index, offset, size, value); 815 816 /* 817 * TODO: check V bit in Q[0-3]W2 818 */ 819 820 /* 821 * First, check for special operations in the 2K region 822 */ 823 if (offset & TM_SPECIAL_OP) { 824 xto = xive_tm_find_op(tctx->xptr, offset, size, true); 825 if (!xto) { 826 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid write access at TIMA " 827 "@%"HWADDR_PRIx" size %d\n", offset, size); 828 } else { 829 xto->write_handler(xptr, tctx, offset, value, size); 830 } 831 return; 832 } 833 834 /* 835 * Then, for special operations in the region below 2K. 836 */ 837 xto = xive_tm_find_op(tctx->xptr, offset, size, true); 838 if (xto) { 839 xto->write_handler(xptr, tctx, offset, value, size); 840 return; 841 } 842 843 /* 844 * Finish with raw access to the register values 845 */ 846 xive_tm_raw_write(tctx, offset, value, size); 847 } 848 849 uint64_t xive_tctx_tm_read(XivePresenter *xptr, XiveTCTX *tctx, hwaddr offset, 850 unsigned size) 851 { 852 const XiveTmOp *xto; 853 uint64_t ret; 854 855 /* 856 * TODO: check V bit in Q[0-3]W2 857 */ 858 859 /* 860 * First, check for special operations in the 2K region 861 */ 862 if (offset & TM_SPECIAL_OP) { 863 xto = xive_tm_find_op(tctx->xptr, offset, size, false); 864 if (!xto) { 865 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid read access to TIMA" 866 "@%"HWADDR_PRIx" size %d\n", offset, size); 867 return -1; 868 } 869 ret = xto->read_handler(xptr, tctx, offset, size); 870 goto out; 871 } 872 873 /* 874 * Then, for special operations in the region below 2K. 875 */ 876 xto = xive_tm_find_op(tctx->xptr, offset, size, false); 877 if (xto) { 878 ret = xto->read_handler(xptr, tctx, offset, size); 879 goto out; 880 } 881 882 /* 883 * Finish with raw access to the register values 884 */ 885 ret = xive_tm_raw_read(tctx, offset, size); 886 out: 887 trace_xive_tctx_tm_read(tctx->cs->cpu_index, offset, size, ret); 888 return ret; 889 } 890 891 static char *xive_tctx_ring_print(uint8_t *ring) 892 { 893 uint32_t w2 = xive_tctx_word2(ring); 894 895 return g_strdup_printf("%02x %02x %02x %02x %02x " 896 "%02x %02x %02x %08x", 897 ring[TM_NSR], ring[TM_CPPR], ring[TM_IPB], ring[TM_LSMFB], 898 ring[TM_ACK_CNT], ring[TM_INC], ring[TM_AGE], ring[TM_PIPR], 899 be32_to_cpu(w2)); 900 } 901 902 static const char * const xive_tctx_ring_names[] = { 903 "USER", "OS", "POOL", "PHYS", 904 }; 905 906 /* 907 * kvm_irqchip_in_kernel() will cause the compiler to turn this 908 * info a nop if CONFIG_KVM isn't defined. 909 */ 910 #define xive_in_kernel(xptr) \ 911 (kvm_irqchip_in_kernel() && \ 912 ({ \ 913 XivePresenterClass *xpc = XIVE_PRESENTER_GET_CLASS(xptr); \ 914 xpc->in_kernel ? xpc->in_kernel(xptr) : false; \ 915 })) 916 917 void xive_tctx_pic_print_info(XiveTCTX *tctx, GString *buf) 918 { 919 int cpu_index; 920 int i; 921 922 /* Skip partially initialized vCPUs. This can happen on sPAPR when vCPUs 923 * are hot plugged or unplugged. 924 */ 925 if (!tctx) { 926 return; 927 } 928 929 cpu_index = tctx->cs ? tctx->cs->cpu_index : -1; 930 931 if (xive_in_kernel(tctx->xptr)) { 932 Error *local_err = NULL; 933 934 kvmppc_xive_cpu_synchronize_state(tctx, &local_err); 935 if (local_err) { 936 error_report_err(local_err); 937 return; 938 } 939 } 940 941 if (xive_presenter_get_config(tctx->xptr) & XIVE_PRESENTER_GEN1_TIMA_OS) { 942 g_string_append_printf(buf, "CPU[%04x]: " 943 "QW NSR CPPR IPB LSMFB ACK# INC AGE PIPR" 944 " W2\n", cpu_index); 945 } else { 946 g_string_append_printf(buf, "CPU[%04x]: " 947 "QW NSR CPPR IPB LSMFB - LGS T PIPR" 948 " W2\n", cpu_index); 949 } 950 951 for (i = 0; i < XIVE_TM_RING_COUNT; i++) { 952 char *s = xive_tctx_ring_print(&tctx->regs[i * XIVE_TM_RING_SIZE]); 953 g_string_append_printf(buf, "CPU[%04x]: %4s %s\n", 954 cpu_index, xive_tctx_ring_names[i], s); 955 g_free(s); 956 } 957 } 958 959 void xive_tctx_reset(XiveTCTX *tctx) 960 { 961 memset(tctx->regs, 0, sizeof(tctx->regs)); 962 963 /* Set some defaults */ 964 tctx->regs[TM_QW1_OS + TM_LSMFB] = 0xFF; 965 tctx->regs[TM_QW1_OS + TM_ACK_CNT] = 0xFF; 966 tctx->regs[TM_QW1_OS + TM_AGE] = 0xFF; 967 if (!(xive_presenter_get_config(tctx->xptr) & 968 XIVE_PRESENTER_GEN1_TIMA_OS)) { 969 tctx->regs[TM_QW1_OS + TM_OGEN] = 2; 970 } 971 972 /* 973 * Initialize PIPR to 0xFF to avoid phantom interrupts when the 974 * CPPR is first set. 975 */ 976 tctx->regs[TM_QW1_OS + TM_PIPR] = 977 xive_ipb_to_pipr(tctx->regs[TM_QW1_OS + TM_IPB]); 978 tctx->regs[TM_QW3_HV_PHYS + TM_PIPR] = 979 xive_ipb_to_pipr(tctx->regs[TM_QW3_HV_PHYS + TM_IPB]); 980 } 981 982 static void xive_tctx_realize(DeviceState *dev, Error **errp) 983 { 984 XiveTCTX *tctx = XIVE_TCTX(dev); 985 PowerPCCPU *cpu; 986 CPUPPCState *env; 987 988 assert(tctx->cs); 989 assert(tctx->xptr); 990 991 cpu = POWERPC_CPU(tctx->cs); 992 env = &cpu->env; 993 switch (PPC_INPUT(env)) { 994 case PPC_FLAGS_INPUT_POWER9: 995 tctx->hv_output = qdev_get_gpio_in(DEVICE(cpu), POWER9_INPUT_HINT); 996 tctx->os_output = qdev_get_gpio_in(DEVICE(cpu), POWER9_INPUT_INT); 997 break; 998 999 default: 1000 error_setg(errp, "XIVE interrupt controller does not support " 1001 "this CPU bus model"); 1002 return; 1003 } 1004 1005 /* Connect the presenter to the VCPU (required for CPU hotplug) */ 1006 if (xive_in_kernel(tctx->xptr)) { 1007 if (kvmppc_xive_cpu_connect(tctx, errp) < 0) { 1008 return; 1009 } 1010 } 1011 } 1012 1013 static int vmstate_xive_tctx_pre_save(void *opaque) 1014 { 1015 XiveTCTX *tctx = XIVE_TCTX(opaque); 1016 Error *local_err = NULL; 1017 int ret; 1018 1019 if (xive_in_kernel(tctx->xptr)) { 1020 ret = kvmppc_xive_cpu_get_state(tctx, &local_err); 1021 if (ret < 0) { 1022 error_report_err(local_err); 1023 return ret; 1024 } 1025 } 1026 1027 return 0; 1028 } 1029 1030 static int vmstate_xive_tctx_post_load(void *opaque, int version_id) 1031 { 1032 XiveTCTX *tctx = XIVE_TCTX(opaque); 1033 Error *local_err = NULL; 1034 int ret; 1035 1036 if (xive_in_kernel(tctx->xptr)) { 1037 /* 1038 * Required for hotplugged CPU, for which the state comes 1039 * after all states of the machine. 1040 */ 1041 ret = kvmppc_xive_cpu_set_state(tctx, &local_err); 1042 if (ret < 0) { 1043 error_report_err(local_err); 1044 return ret; 1045 } 1046 } 1047 1048 return 0; 1049 } 1050 1051 static const VMStateDescription vmstate_xive_tctx = { 1052 .name = TYPE_XIVE_TCTX, 1053 .version_id = 1, 1054 .minimum_version_id = 1, 1055 .pre_save = vmstate_xive_tctx_pre_save, 1056 .post_load = vmstate_xive_tctx_post_load, 1057 .fields = (const VMStateField[]) { 1058 VMSTATE_BUFFER(regs, XiveTCTX), 1059 VMSTATE_END_OF_LIST() 1060 }, 1061 }; 1062 1063 static const Property xive_tctx_properties[] = { 1064 DEFINE_PROP_LINK("cpu", XiveTCTX, cs, TYPE_CPU, CPUState *), 1065 DEFINE_PROP_LINK("presenter", XiveTCTX, xptr, TYPE_XIVE_PRESENTER, 1066 XivePresenter *), 1067 }; 1068 1069 static void xive_tctx_class_init(ObjectClass *klass, const void *data) 1070 { 1071 DeviceClass *dc = DEVICE_CLASS(klass); 1072 1073 dc->desc = "XIVE Interrupt Thread Context"; 1074 dc->realize = xive_tctx_realize; 1075 dc->vmsd = &vmstate_xive_tctx; 1076 device_class_set_props(dc, xive_tctx_properties); 1077 /* 1078 * Reason: part of XIVE interrupt controller, needs to be wired up 1079 * by xive_tctx_create(). 1080 */ 1081 dc->user_creatable = false; 1082 } 1083 1084 static const TypeInfo xive_tctx_info = { 1085 .name = TYPE_XIVE_TCTX, 1086 .parent = TYPE_DEVICE, 1087 .instance_size = sizeof(XiveTCTX), 1088 .class_init = xive_tctx_class_init, 1089 }; 1090 1091 Object *xive_tctx_create(Object *cpu, XivePresenter *xptr, Error **errp) 1092 { 1093 Object *obj; 1094 1095 obj = object_new(TYPE_XIVE_TCTX); 1096 object_property_add_child(cpu, TYPE_XIVE_TCTX, obj); 1097 object_unref(obj); 1098 object_property_set_link(obj, "cpu", cpu, &error_abort); 1099 object_property_set_link(obj, "presenter", OBJECT(xptr), &error_abort); 1100 if (!qdev_realize(DEVICE(obj), NULL, errp)) { 1101 object_unparent(obj); 1102 return NULL; 1103 } 1104 return obj; 1105 } 1106 1107 void xive_tctx_destroy(XiveTCTX *tctx) 1108 { 1109 Object *obj = OBJECT(tctx); 1110 1111 object_unparent(obj); 1112 } 1113 1114 /* 1115 * XIVE ESB helpers 1116 */ 1117 1118 uint8_t xive_esb_set(uint8_t *pq, uint8_t value) 1119 { 1120 uint8_t old_pq = *pq & 0x3; 1121 1122 *pq &= ~0x3; 1123 *pq |= value & 0x3; 1124 1125 return old_pq; 1126 } 1127 1128 bool xive_esb_trigger(uint8_t *pq) 1129 { 1130 uint8_t old_pq = *pq & 0x3; 1131 1132 switch (old_pq) { 1133 case XIVE_ESB_RESET: 1134 xive_esb_set(pq, XIVE_ESB_PENDING); 1135 return true; 1136 case XIVE_ESB_PENDING: 1137 case XIVE_ESB_QUEUED: 1138 xive_esb_set(pq, XIVE_ESB_QUEUED); 1139 return false; 1140 case XIVE_ESB_OFF: 1141 xive_esb_set(pq, XIVE_ESB_OFF); 1142 return false; 1143 default: 1144 g_assert_not_reached(); 1145 } 1146 } 1147 1148 bool xive_esb_eoi(uint8_t *pq) 1149 { 1150 uint8_t old_pq = *pq & 0x3; 1151 1152 switch (old_pq) { 1153 case XIVE_ESB_RESET: 1154 case XIVE_ESB_PENDING: 1155 xive_esb_set(pq, XIVE_ESB_RESET); 1156 return false; 1157 case XIVE_ESB_QUEUED: 1158 xive_esb_set(pq, XIVE_ESB_PENDING); 1159 return true; 1160 case XIVE_ESB_OFF: 1161 xive_esb_set(pq, XIVE_ESB_OFF); 1162 return false; 1163 default: 1164 g_assert_not_reached(); 1165 } 1166 } 1167 1168 /* 1169 * XIVE Interrupt Source (or IVSE) 1170 */ 1171 1172 uint8_t xive_source_esb_get(XiveSource *xsrc, uint32_t srcno) 1173 { 1174 assert(srcno < xsrc->nr_irqs); 1175 1176 return xsrc->status[srcno] & 0x3; 1177 } 1178 1179 uint8_t xive_source_esb_set(XiveSource *xsrc, uint32_t srcno, uint8_t pq) 1180 { 1181 assert(srcno < xsrc->nr_irqs); 1182 1183 return xive_esb_set(&xsrc->status[srcno], pq); 1184 } 1185 1186 /* 1187 * Returns whether the event notification should be forwarded. 1188 */ 1189 static bool xive_source_lsi_trigger(XiveSource *xsrc, uint32_t srcno) 1190 { 1191 uint8_t old_pq = xive_source_esb_get(xsrc, srcno); 1192 1193 xive_source_set_asserted(xsrc, srcno, true); 1194 1195 switch (old_pq) { 1196 case XIVE_ESB_RESET: 1197 xive_source_esb_set(xsrc, srcno, XIVE_ESB_PENDING); 1198 return true; 1199 default: 1200 return false; 1201 } 1202 } 1203 1204 /* 1205 * Sources can be configured with PQ offloading in which case the check 1206 * on the PQ state bits of MSIs is disabled 1207 */ 1208 static bool xive_source_esb_disabled(XiveSource *xsrc, uint32_t srcno) 1209 { 1210 return (xsrc->esb_flags & XIVE_SRC_PQ_DISABLE) && 1211 !xive_source_irq_is_lsi(xsrc, srcno); 1212 } 1213 1214 /* 1215 * Returns whether the event notification should be forwarded. 1216 */ 1217 static bool xive_source_esb_trigger(XiveSource *xsrc, uint32_t srcno) 1218 { 1219 bool ret; 1220 1221 assert(srcno < xsrc->nr_irqs); 1222 1223 if (xive_source_esb_disabled(xsrc, srcno)) { 1224 return true; 1225 } 1226 1227 ret = xive_esb_trigger(&xsrc->status[srcno]); 1228 1229 if (xive_source_irq_is_lsi(xsrc, srcno) && 1230 xive_source_esb_get(xsrc, srcno) == XIVE_ESB_QUEUED) { 1231 qemu_log_mask(LOG_GUEST_ERROR, 1232 "XIVE: queued an event on LSI IRQ %d\n", srcno); 1233 } 1234 1235 return ret; 1236 } 1237 1238 /* 1239 * Returns whether the event notification should be forwarded. 1240 */ 1241 static bool xive_source_esb_eoi(XiveSource *xsrc, uint32_t srcno) 1242 { 1243 bool ret; 1244 1245 assert(srcno < xsrc->nr_irqs); 1246 1247 if (xive_source_esb_disabled(xsrc, srcno)) { 1248 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid EOI for IRQ %d\n", srcno); 1249 return false; 1250 } 1251 1252 ret = xive_esb_eoi(&xsrc->status[srcno]); 1253 1254 /* 1255 * LSI sources do not set the Q bit but they can still be 1256 * asserted, in which case we should forward a new event 1257 * notification 1258 */ 1259 if (xive_source_irq_is_lsi(xsrc, srcno) && 1260 xive_source_is_asserted(xsrc, srcno)) { 1261 ret = xive_source_lsi_trigger(xsrc, srcno); 1262 } 1263 1264 return ret; 1265 } 1266 1267 /* 1268 * Forward the source event notification to the Router 1269 */ 1270 static void xive_source_notify(XiveSource *xsrc, int srcno) 1271 { 1272 XiveNotifierClass *xnc = XIVE_NOTIFIER_GET_CLASS(xsrc->xive); 1273 bool pq_checked = !xive_source_esb_disabled(xsrc, srcno); 1274 1275 if (xnc->notify) { 1276 xnc->notify(xsrc->xive, srcno, pq_checked); 1277 } 1278 } 1279 1280 /* 1281 * In a two pages ESB MMIO setting, even page is the trigger page, odd 1282 * page is for management 1283 */ 1284 static inline bool addr_is_even(hwaddr addr, uint32_t shift) 1285 { 1286 return !((addr >> shift) & 1); 1287 } 1288 1289 static inline bool xive_source_is_trigger_page(XiveSource *xsrc, hwaddr addr) 1290 { 1291 return xive_source_esb_has_2page(xsrc) && 1292 addr_is_even(addr, xsrc->esb_shift - 1); 1293 } 1294 1295 /* 1296 * ESB MMIO loads 1297 * Trigger page Management/EOI page 1298 * 1299 * ESB MMIO setting 2 pages 1 or 2 pages 1300 * 1301 * 0x000 .. 0x3FF -1 EOI and return 0|1 1302 * 0x400 .. 0x7FF -1 EOI and return 0|1 1303 * 0x800 .. 0xBFF -1 return PQ 1304 * 0xC00 .. 0xCFF -1 return PQ and atomically PQ=00 1305 * 0xD00 .. 0xDFF -1 return PQ and atomically PQ=01 1306 * 0xE00 .. 0xDFF -1 return PQ and atomically PQ=10 1307 * 0xF00 .. 0xDFF -1 return PQ and atomically PQ=11 1308 */ 1309 static uint64_t xive_source_esb_read(void *opaque, hwaddr addr, unsigned size) 1310 { 1311 XiveSource *xsrc = XIVE_SOURCE(opaque); 1312 uint32_t offset = addr & 0xFFF; 1313 uint32_t srcno = addr >> xsrc->esb_shift; 1314 uint64_t ret = -1; 1315 1316 /* In a two pages ESB MMIO setting, trigger page should not be read */ 1317 if (xive_source_is_trigger_page(xsrc, addr)) { 1318 qemu_log_mask(LOG_GUEST_ERROR, 1319 "XIVE: invalid load on IRQ %d trigger page at " 1320 "0x%"HWADDR_PRIx"\n", srcno, addr); 1321 return -1; 1322 } 1323 1324 switch (offset) { 1325 case XIVE_ESB_LOAD_EOI ... XIVE_ESB_LOAD_EOI + 0x7FF: 1326 ret = xive_source_esb_eoi(xsrc, srcno); 1327 1328 /* Forward the source event notification for routing */ 1329 if (ret) { 1330 trace_xive_source_notify(srcno); 1331 xive_source_notify(xsrc, srcno); 1332 } 1333 break; 1334 1335 case XIVE_ESB_GET ... XIVE_ESB_GET + 0x3FF: 1336 ret = xive_source_esb_get(xsrc, srcno); 1337 break; 1338 1339 case XIVE_ESB_SET_PQ_00 ... XIVE_ESB_SET_PQ_00 + 0x0FF: 1340 case XIVE_ESB_SET_PQ_01 ... XIVE_ESB_SET_PQ_01 + 0x0FF: 1341 case XIVE_ESB_SET_PQ_10 ... XIVE_ESB_SET_PQ_10 + 0x0FF: 1342 case XIVE_ESB_SET_PQ_11 ... XIVE_ESB_SET_PQ_11 + 0x0FF: 1343 ret = xive_source_esb_set(xsrc, srcno, (offset >> 8) & 0x3); 1344 break; 1345 default: 1346 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid ESB load addr %x\n", 1347 offset); 1348 } 1349 1350 trace_xive_source_esb_read(addr, srcno, ret); 1351 1352 return ret; 1353 } 1354 1355 /* 1356 * ESB MMIO stores 1357 * Trigger page Management/EOI page 1358 * 1359 * ESB MMIO setting 2 pages 1 or 2 pages 1360 * 1361 * 0x000 .. 0x3FF Trigger Trigger 1362 * 0x400 .. 0x7FF Trigger EOI 1363 * 0x800 .. 0xBFF Trigger undefined 1364 * 0xC00 .. 0xCFF Trigger PQ=00 1365 * 0xD00 .. 0xDFF Trigger PQ=01 1366 * 0xE00 .. 0xDFF Trigger PQ=10 1367 * 0xF00 .. 0xDFF Trigger PQ=11 1368 */ 1369 static void xive_source_esb_write(void *opaque, hwaddr addr, 1370 uint64_t value, unsigned size) 1371 { 1372 XiveSource *xsrc = XIVE_SOURCE(opaque); 1373 uint32_t offset = addr & 0xFFF; 1374 uint32_t srcno = addr >> xsrc->esb_shift; 1375 bool notify = false; 1376 1377 trace_xive_source_esb_write(addr, srcno, value); 1378 1379 /* In a two pages ESB MMIO setting, trigger page only triggers */ 1380 if (xive_source_is_trigger_page(xsrc, addr)) { 1381 notify = xive_source_esb_trigger(xsrc, srcno); 1382 goto out; 1383 } 1384 1385 switch (offset) { 1386 case 0 ... 0x3FF: 1387 notify = xive_source_esb_trigger(xsrc, srcno); 1388 break; 1389 1390 case XIVE_ESB_STORE_EOI ... XIVE_ESB_STORE_EOI + 0x3FF: 1391 if (!(xsrc->esb_flags & XIVE_SRC_STORE_EOI)) { 1392 qemu_log_mask(LOG_GUEST_ERROR, 1393 "XIVE: invalid Store EOI for IRQ %d\n", srcno); 1394 return; 1395 } 1396 1397 notify = xive_source_esb_eoi(xsrc, srcno); 1398 break; 1399 1400 /* 1401 * This is an internal offset used to inject triggers when the PQ 1402 * state bits are not controlled locally. Such as for LSIs when 1403 * under ABT mode. 1404 */ 1405 case XIVE_ESB_INJECT ... XIVE_ESB_INJECT + 0x3FF: 1406 notify = true; 1407 break; 1408 1409 case XIVE_ESB_SET_PQ_00 ... XIVE_ESB_SET_PQ_00 + 0x0FF: 1410 case XIVE_ESB_SET_PQ_01 ... XIVE_ESB_SET_PQ_01 + 0x0FF: 1411 case XIVE_ESB_SET_PQ_10 ... XIVE_ESB_SET_PQ_10 + 0x0FF: 1412 case XIVE_ESB_SET_PQ_11 ... XIVE_ESB_SET_PQ_11 + 0x0FF: 1413 xive_source_esb_set(xsrc, srcno, (offset >> 8) & 0x3); 1414 break; 1415 1416 default: 1417 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid ESB write addr %x\n", 1418 offset); 1419 return; 1420 } 1421 1422 out: 1423 /* Forward the source event notification for routing */ 1424 if (notify) { 1425 xive_source_notify(xsrc, srcno); 1426 } else { 1427 trace_xive_source_blocked(srcno); 1428 } 1429 } 1430 1431 static const MemoryRegionOps xive_source_esb_ops = { 1432 .read = xive_source_esb_read, 1433 .write = xive_source_esb_write, 1434 .endianness = DEVICE_BIG_ENDIAN, 1435 .valid = { 1436 .min_access_size = 1, 1437 .max_access_size = 8, 1438 }, 1439 .impl = { 1440 .min_access_size = 1, 1441 .max_access_size = 8, 1442 }, 1443 }; 1444 1445 void xive_source_set_irq(void *opaque, int srcno, int val) 1446 { 1447 XiveSource *xsrc = XIVE_SOURCE(opaque); 1448 bool notify = false; 1449 1450 if (xive_source_irq_is_lsi(xsrc, srcno)) { 1451 if (val) { 1452 notify = xive_source_lsi_trigger(xsrc, srcno); 1453 } else { 1454 xive_source_set_asserted(xsrc, srcno, false); 1455 } 1456 } else { 1457 if (val) { 1458 notify = xive_source_esb_trigger(xsrc, srcno); 1459 } 1460 } 1461 1462 /* Forward the source event notification for routing */ 1463 if (notify) { 1464 xive_source_notify(xsrc, srcno); 1465 } 1466 } 1467 1468 void xive_source_pic_print_info(XiveSource *xsrc, uint32_t offset, GString *buf) 1469 { 1470 for (unsigned i = 0; i < xsrc->nr_irqs; i++) { 1471 uint8_t pq = xive_source_esb_get(xsrc, i); 1472 1473 if (pq == XIVE_ESB_OFF) { 1474 continue; 1475 } 1476 1477 g_string_append_printf(buf, " %08x %s %c%c%c\n", i + offset, 1478 xive_source_irq_is_lsi(xsrc, i) ? "LSI" : "MSI", 1479 pq & XIVE_ESB_VAL_P ? 'P' : '-', 1480 pq & XIVE_ESB_VAL_Q ? 'Q' : '-', 1481 xive_source_is_asserted(xsrc, i) ? 'A' : ' '); 1482 } 1483 } 1484 1485 static void xive_source_reset(void *dev) 1486 { 1487 XiveSource *xsrc = XIVE_SOURCE(dev); 1488 1489 /* Do not clear the LSI bitmap */ 1490 1491 memset(xsrc->status, xsrc->reset_pq, xsrc->nr_irqs); 1492 } 1493 1494 static void xive_source_realize(DeviceState *dev, Error **errp) 1495 { 1496 XiveSource *xsrc = XIVE_SOURCE(dev); 1497 uint64_t esb_len = xive_source_esb_len(xsrc); 1498 1499 assert(xsrc->xive); 1500 1501 if (!xsrc->nr_irqs) { 1502 error_setg(errp, "Number of interrupt needs to be greater than 0"); 1503 return; 1504 } 1505 1506 if (xsrc->esb_shift != XIVE_ESB_4K && 1507 xsrc->esb_shift != XIVE_ESB_4K_2PAGE && 1508 xsrc->esb_shift != XIVE_ESB_64K && 1509 xsrc->esb_shift != XIVE_ESB_64K_2PAGE) { 1510 error_setg(errp, "Invalid ESB shift setting"); 1511 return; 1512 } 1513 1514 xsrc->status = g_malloc0(xsrc->nr_irqs); 1515 xsrc->lsi_map = bitmap_new(xsrc->nr_irqs); 1516 1517 memory_region_init(&xsrc->esb_mmio, OBJECT(xsrc), "xive.esb", esb_len); 1518 memory_region_init_io(&xsrc->esb_mmio_emulated, OBJECT(xsrc), 1519 &xive_source_esb_ops, xsrc, "xive.esb-emulated", 1520 esb_len); 1521 memory_region_add_subregion(&xsrc->esb_mmio, 0, &xsrc->esb_mmio_emulated); 1522 1523 qemu_register_reset(xive_source_reset, dev); 1524 } 1525 1526 static const VMStateDescription vmstate_xive_source = { 1527 .name = TYPE_XIVE_SOURCE, 1528 .version_id = 1, 1529 .minimum_version_id = 1, 1530 .fields = (const VMStateField[]) { 1531 VMSTATE_UINT32_EQUAL(nr_irqs, XiveSource, NULL), 1532 VMSTATE_VBUFFER_UINT32(status, XiveSource, 1, NULL, nr_irqs), 1533 VMSTATE_END_OF_LIST() 1534 }, 1535 }; 1536 1537 /* 1538 * The default XIVE interrupt source setting for the ESB MMIOs is two 1539 * 64k pages without Store EOI, to be in sync with KVM. 1540 */ 1541 static const Property xive_source_properties[] = { 1542 DEFINE_PROP_UINT64("flags", XiveSource, esb_flags, 0), 1543 DEFINE_PROP_UINT32("nr-irqs", XiveSource, nr_irqs, 0), 1544 DEFINE_PROP_UINT32("shift", XiveSource, esb_shift, XIVE_ESB_64K_2PAGE), 1545 /* 1546 * By default, PQs are initialized to 0b01 (Q=1) which corresponds 1547 * to "ints off" 1548 */ 1549 DEFINE_PROP_UINT8("reset-pq", XiveSource, reset_pq, XIVE_ESB_OFF), 1550 DEFINE_PROP_LINK("xive", XiveSource, xive, TYPE_XIVE_NOTIFIER, 1551 XiveNotifier *), 1552 }; 1553 1554 static void xive_source_class_init(ObjectClass *klass, const void *data) 1555 { 1556 DeviceClass *dc = DEVICE_CLASS(klass); 1557 1558 dc->desc = "XIVE Interrupt Source"; 1559 device_class_set_props(dc, xive_source_properties); 1560 dc->realize = xive_source_realize; 1561 dc->vmsd = &vmstate_xive_source; 1562 /* 1563 * Reason: part of XIVE interrupt controller, needs to be wired up, 1564 * e.g. by spapr_xive_instance_init(). 1565 */ 1566 dc->user_creatable = false; 1567 } 1568 1569 static const TypeInfo xive_source_info = { 1570 .name = TYPE_XIVE_SOURCE, 1571 .parent = TYPE_DEVICE, 1572 .instance_size = sizeof(XiveSource), 1573 .class_init = xive_source_class_init, 1574 }; 1575 1576 /* 1577 * XiveEND helpers 1578 */ 1579 1580 void xive_end_queue_pic_print_info(XiveEND *end, uint32_t width, GString *buf) 1581 { 1582 uint64_t qaddr_base = xive_end_qaddr(end); 1583 uint32_t qsize = xive_get_field32(END_W0_QSIZE, end->w0); 1584 uint32_t qindex = xive_get_field32(END_W1_PAGE_OFF, end->w1); 1585 uint32_t qentries = 1 << (qsize + 10); 1586 int i; 1587 1588 /* 1589 * print out the [ (qindex - (width - 1)) .. (qindex + 1)] window 1590 */ 1591 g_string_append_printf(buf, " [ "); 1592 qindex = (qindex - (width - 1)) & (qentries - 1); 1593 for (i = 0; i < width; i++) { 1594 uint64_t qaddr = qaddr_base + (qindex << 2); 1595 uint32_t qdata = -1; 1596 1597 if (dma_memory_read(&address_space_memory, qaddr, 1598 &qdata, sizeof(qdata), MEMTXATTRS_UNSPECIFIED)) { 1599 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: failed to read EQ @0x%" 1600 HWADDR_PRIx "\n", qaddr); 1601 return; 1602 } 1603 g_string_append_printf(buf, "%s%08x ", i == width - 1 ? "^" : "", 1604 be32_to_cpu(qdata)); 1605 qindex = (qindex + 1) & (qentries - 1); 1606 } 1607 g_string_append_c(buf, ']'); 1608 } 1609 1610 void xive_end_pic_print_info(XiveEND *end, uint32_t end_idx, GString *buf) 1611 { 1612 uint64_t qaddr_base = xive_end_qaddr(end); 1613 uint32_t qindex = xive_get_field32(END_W1_PAGE_OFF, end->w1); 1614 uint32_t qgen = xive_get_field32(END_W1_GENERATION, end->w1); 1615 uint32_t qsize = xive_get_field32(END_W0_QSIZE, end->w0); 1616 uint32_t qentries = 1 << (qsize + 10); 1617 1618 uint32_t nvt_blk = xive_get_field32(END_W6_NVT_BLOCK, end->w6); 1619 uint32_t nvt_idx = xive_get_field32(END_W6_NVT_INDEX, end->w6); 1620 uint8_t priority = xive_get_field32(END_W7_F0_PRIORITY, end->w7); 1621 uint8_t pq; 1622 1623 if (!xive_end_is_valid(end)) { 1624 return; 1625 } 1626 1627 pq = xive_get_field32(END_W1_ESn, end->w1); 1628 1629 g_string_append_printf(buf, 1630 " %08x %c%c %c%c%c%c%c%c%c%c prio:%d nvt:%02x/%04x", 1631 end_idx, 1632 pq & XIVE_ESB_VAL_P ? 'P' : '-', 1633 pq & XIVE_ESB_VAL_Q ? 'Q' : '-', 1634 xive_end_is_valid(end) ? 'v' : '-', 1635 xive_end_is_enqueue(end) ? 'q' : '-', 1636 xive_end_is_notify(end) ? 'n' : '-', 1637 xive_end_is_backlog(end) ? 'b' : '-', 1638 xive_end_is_escalate(end) ? 'e' : '-', 1639 xive_end_is_uncond_escalation(end) ? 'u' : '-', 1640 xive_end_is_silent_escalation(end) ? 's' : '-', 1641 xive_end_is_firmware(end) ? 'f' : '-', 1642 priority, nvt_blk, nvt_idx); 1643 1644 if (qaddr_base) { 1645 g_string_append_printf(buf, " eq:@%08"PRIx64"% 6d/%5d ^%d", 1646 qaddr_base, qindex, qentries, qgen); 1647 xive_end_queue_pic_print_info(end, 6, buf); 1648 } 1649 g_string_append_c(buf, '\n'); 1650 } 1651 1652 static void xive_end_enqueue(XiveEND *end, uint32_t data) 1653 { 1654 uint64_t qaddr_base = xive_end_qaddr(end); 1655 uint32_t qsize = xive_get_field32(END_W0_QSIZE, end->w0); 1656 uint32_t qindex = xive_get_field32(END_W1_PAGE_OFF, end->w1); 1657 uint32_t qgen = xive_get_field32(END_W1_GENERATION, end->w1); 1658 1659 uint64_t qaddr = qaddr_base + (qindex << 2); 1660 uint32_t qdata = cpu_to_be32((qgen << 31) | (data & 0x7fffffff)); 1661 uint32_t qentries = 1 << (qsize + 10); 1662 1663 if (dma_memory_write(&address_space_memory, qaddr, 1664 &qdata, sizeof(qdata), MEMTXATTRS_UNSPECIFIED)) { 1665 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: failed to write END data @0x%" 1666 HWADDR_PRIx "\n", qaddr); 1667 return; 1668 } 1669 1670 qindex = (qindex + 1) & (qentries - 1); 1671 if (qindex == 0) { 1672 qgen ^= 1; 1673 end->w1 = xive_set_field32(END_W1_GENERATION, end->w1, qgen); 1674 } 1675 end->w1 = xive_set_field32(END_W1_PAGE_OFF, end->w1, qindex); 1676 } 1677 1678 void xive_end_eas_pic_print_info(XiveEND *end, uint32_t end_idx, GString *buf) 1679 { 1680 XiveEAS *eas = (XiveEAS *) &end->w4; 1681 uint8_t pq; 1682 1683 if (!xive_end_is_escalate(end)) { 1684 return; 1685 } 1686 1687 pq = xive_get_field32(END_W1_ESe, end->w1); 1688 1689 g_string_append_printf(buf, " %08x %c%c %c%c end:%02x/%04x data:%08x\n", 1690 end_idx, 1691 pq & XIVE_ESB_VAL_P ? 'P' : '-', 1692 pq & XIVE_ESB_VAL_Q ? 'Q' : '-', 1693 xive_eas_is_valid(eas) ? 'V' : ' ', 1694 xive_eas_is_masked(eas) ? 'M' : ' ', 1695 (uint8_t) xive_get_field64(EAS_END_BLOCK, eas->w), 1696 (uint32_t) xive_get_field64(EAS_END_INDEX, eas->w), 1697 (uint32_t) xive_get_field64(EAS_END_DATA, eas->w)); 1698 } 1699 1700 /* 1701 * XIVE Router (aka. Virtualization Controller or IVRE) 1702 */ 1703 1704 int xive_router_get_eas(XiveRouter *xrtr, uint8_t eas_blk, uint32_t eas_idx, 1705 XiveEAS *eas) 1706 { 1707 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1708 1709 return xrc->get_eas(xrtr, eas_blk, eas_idx, eas); 1710 } 1711 1712 static 1713 int xive_router_get_pq(XiveRouter *xrtr, uint8_t eas_blk, uint32_t eas_idx, 1714 uint8_t *pq) 1715 { 1716 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1717 1718 return xrc->get_pq(xrtr, eas_blk, eas_idx, pq); 1719 } 1720 1721 static 1722 int xive_router_set_pq(XiveRouter *xrtr, uint8_t eas_blk, uint32_t eas_idx, 1723 uint8_t *pq) 1724 { 1725 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1726 1727 return xrc->set_pq(xrtr, eas_blk, eas_idx, pq); 1728 } 1729 1730 int xive_router_get_end(XiveRouter *xrtr, uint8_t end_blk, uint32_t end_idx, 1731 XiveEND *end) 1732 { 1733 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1734 1735 return xrc->get_end(xrtr, end_blk, end_idx, end); 1736 } 1737 1738 int xive_router_write_end(XiveRouter *xrtr, uint8_t end_blk, uint32_t end_idx, 1739 XiveEND *end, uint8_t word_number) 1740 { 1741 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1742 1743 return xrc->write_end(xrtr, end_blk, end_idx, end, word_number); 1744 } 1745 1746 int xive_router_get_nvt(XiveRouter *xrtr, uint8_t nvt_blk, uint32_t nvt_idx, 1747 XiveNVT *nvt) 1748 { 1749 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1750 1751 return xrc->get_nvt(xrtr, nvt_blk, nvt_idx, nvt); 1752 } 1753 1754 int xive_router_write_nvt(XiveRouter *xrtr, uint8_t nvt_blk, uint32_t nvt_idx, 1755 XiveNVT *nvt, uint8_t word_number) 1756 { 1757 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1758 1759 return xrc->write_nvt(xrtr, nvt_blk, nvt_idx, nvt, word_number); 1760 } 1761 1762 static int xive_router_get_block_id(XiveRouter *xrtr) 1763 { 1764 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1765 1766 return xrc->get_block_id(xrtr); 1767 } 1768 1769 static void xive_router_realize(DeviceState *dev, Error **errp) 1770 { 1771 XiveRouter *xrtr = XIVE_ROUTER(dev); 1772 1773 assert(xrtr->xfb); 1774 } 1775 1776 static void xive_router_end_notify_handler(XiveRouter *xrtr, XiveEAS *eas) 1777 { 1778 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1779 1780 return xrc->end_notify(xrtr, eas); 1781 } 1782 1783 /* 1784 * Encode the HW CAM line in the block group mode format : 1785 * 1786 * chip << 19 | 0000000 0 0001 thread (7Bit) 1787 */ 1788 static uint32_t xive_tctx_hw_cam_line(XivePresenter *xptr, XiveTCTX *tctx) 1789 { 1790 CPUPPCState *env = &POWERPC_CPU(tctx->cs)->env; 1791 uint32_t pir = env->spr_cb[SPR_PIR].default_value; 1792 uint8_t blk = xive_router_get_block_id(XIVE_ROUTER(xptr)); 1793 1794 return xive_nvt_cam_line(blk, 1 << 7 | (pir & 0x7f)); 1795 } 1796 1797 uint32_t xive_get_vpgroup_size(uint32_t nvp_index) 1798 { 1799 /* 1800 * Group size is a power of 2. The position of the first 0 1801 * (starting with the least significant bits) in the NVP index 1802 * gives the size of the group. 1803 */ 1804 int first_zero = cto32(nvp_index); 1805 if (first_zero >= 31) { 1806 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid group index 0x%08x", 1807 nvp_index); 1808 return 0; 1809 } 1810 1811 return 1U << (first_zero + 1); 1812 } 1813 1814 uint8_t xive_get_group_level(bool crowd, bool ignore, 1815 uint32_t nvp_blk, uint32_t nvp_index) 1816 { 1817 int first_zero; 1818 uint8_t level; 1819 1820 if (!ignore) { 1821 g_assert(!crowd); 1822 return 0; 1823 } 1824 1825 first_zero = cto32(nvp_index); 1826 if (first_zero >= 31) { 1827 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid group index 0x%08x", 1828 nvp_index); 1829 return 0; 1830 } 1831 1832 level = (first_zero + 1) & 0b1111; 1833 if (crowd) { 1834 uint32_t blk; 1835 1836 /* crowd level is bit position of first 0 from the right in nvp_blk */ 1837 first_zero = cto32(nvp_blk); 1838 if (first_zero >= 31) { 1839 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid crowd block 0x%08x", 1840 nvp_blk); 1841 return 0; 1842 } 1843 blk = first_zero + 1; 1844 1845 /* 1846 * Supported crowd sizes are 2^1, 2^2, and 2^4. 2^3 is not supported. 1847 * HW will encode level 4 as the value 3. See xive2_pgofnext(). 1848 */ 1849 switch (blk) { 1850 case 1: 1851 case 2: 1852 break; 1853 case 4: 1854 blk = 3; 1855 break; 1856 default: 1857 g_assert_not_reached(); 1858 } 1859 1860 /* Crowd level bits reside in upper 2 bits of the 6 bit group level */ 1861 level |= blk << 4; 1862 } 1863 return level; 1864 } 1865 1866 /* 1867 * The thread context register words are in big-endian format. 1868 */ 1869 int xive_presenter_tctx_match(XivePresenter *xptr, XiveTCTX *tctx, 1870 uint8_t format, 1871 uint8_t nvt_blk, uint32_t nvt_idx, 1872 bool cam_ignore, uint32_t logic_serv) 1873 { 1874 uint32_t cam = xive_nvt_cam_line(nvt_blk, nvt_idx); 1875 uint32_t qw3w2 = xive_tctx_word2(&tctx->regs[TM_QW3_HV_PHYS]); 1876 uint32_t qw2w2 = xive_tctx_word2(&tctx->regs[TM_QW2_HV_POOL]); 1877 uint32_t qw1w2 = xive_tctx_word2(&tctx->regs[TM_QW1_OS]); 1878 uint32_t qw0w2 = xive_tctx_word2(&tctx->regs[TM_QW0_USER]); 1879 1880 /* 1881 * TODO (PowerNV): ignore mode. The low order bits of the NVT 1882 * identifier are ignored in the "CAM" match. 1883 */ 1884 1885 if (format == 0) { 1886 if (cam_ignore == true) { 1887 /* 1888 * F=0 & i=1: Logical server notification (bits ignored at 1889 * the end of the NVT identifier) 1890 */ 1891 qemu_log_mask(LOG_UNIMP, "XIVE: no support for LS NVT %x/%x\n", 1892 nvt_blk, nvt_idx); 1893 return -1; 1894 } 1895 1896 /* F=0 & i=0: Specific NVT notification */ 1897 1898 /* PHYS ring */ 1899 if ((be32_to_cpu(qw3w2) & TM_QW3W2_VT) && 1900 cam == xive_tctx_hw_cam_line(xptr, tctx)) { 1901 return TM_QW3_HV_PHYS; 1902 } 1903 1904 /* HV POOL ring */ 1905 if ((be32_to_cpu(qw2w2) & TM_QW2W2_VP) && 1906 cam == xive_get_field32(TM_QW2W2_POOL_CAM, qw2w2)) { 1907 return TM_QW2_HV_POOL; 1908 } 1909 1910 /* OS ring */ 1911 if ((be32_to_cpu(qw1w2) & TM_QW1W2_VO) && 1912 cam == xive_get_field32(TM_QW1W2_OS_CAM, qw1w2)) { 1913 return TM_QW1_OS; 1914 } 1915 } else { 1916 /* F=1 : User level Event-Based Branch (EBB) notification */ 1917 1918 /* USER ring */ 1919 if ((be32_to_cpu(qw1w2) & TM_QW1W2_VO) && 1920 (cam == xive_get_field32(TM_QW1W2_OS_CAM, qw1w2)) && 1921 (be32_to_cpu(qw0w2) & TM_QW0W2_VU) && 1922 (logic_serv == xive_get_field32(TM_QW0W2_LOGIC_SERV, qw0w2))) { 1923 return TM_QW0_USER; 1924 } 1925 } 1926 return -1; 1927 } 1928 1929 /* 1930 * This is our simple Xive Presenter Engine model. It is merged in the 1931 * Router as it does not require an extra object. 1932 */ 1933 bool xive_presenter_match(XiveFabric *xfb, uint8_t format, 1934 uint8_t nvt_blk, uint32_t nvt_idx, 1935 bool crowd, bool cam_ignore, uint8_t priority, 1936 uint32_t logic_serv, XiveTCTXMatch *match) 1937 { 1938 XiveFabricClass *xfc = XIVE_FABRIC_GET_CLASS(xfb); 1939 1940 memset(match, 0, sizeof(*match)); 1941 1942 /* 1943 * Ask the machine to scan the interrupt controllers for a match. 1944 * 1945 * For VP-specific notification, we expect at most one match and 1946 * one call to the presenters is all we need (abbreviated notify 1947 * sequence documented by the architecture). 1948 * 1949 * For VP-group notification, match_nvt() is the equivalent of the 1950 * "histogram" and "poll" commands sent to the power bus to the 1951 * presenters. 'count' could be more than one, but we always 1952 * select the first match for now. 'precluded' tells if (at least) 1953 * one thread matches but can't take the interrupt now because 1954 * it's running at a more favored priority. We return the 1955 * information to the router so that it can take appropriate 1956 * actions (backlog, escalation, broadcast, etc...) 1957 * 1958 * If we were to implement a better way of dispatching the 1959 * interrupt in case of multiple matches (instead of the first 1960 * match), we would need a heuristic to elect a thread (for 1961 * example, the hardware keeps track of an 'age' in the TIMA) and 1962 * a new command to the presenters (the equivalent of the "assign" 1963 * power bus command in the documented full notify sequence. 1964 */ 1965 return xfc->match_nvt(xfb, format, nvt_blk, nvt_idx, crowd, cam_ignore, 1966 priority, logic_serv, match); 1967 } 1968 1969 /* 1970 * Notification using the END ESe/ESn bit (Event State Buffer for 1971 * escalation and notification). Provide further coalescing in the 1972 * Router. 1973 */ 1974 static bool xive_router_end_es_notify(XiveRouter *xrtr, uint8_t end_blk, 1975 uint32_t end_idx, XiveEND *end, 1976 uint32_t end_esmask) 1977 { 1978 uint8_t pq = xive_get_field32(end_esmask, end->w1); 1979 bool notify = xive_esb_trigger(&pq); 1980 1981 if (pq != xive_get_field32(end_esmask, end->w1)) { 1982 end->w1 = xive_set_field32(end_esmask, end->w1, pq); 1983 xive_router_write_end(xrtr, end_blk, end_idx, end, 1); 1984 } 1985 1986 /* ESe/n[Q]=1 : end of notification */ 1987 return notify; 1988 } 1989 1990 /* 1991 * An END trigger can come from an event trigger (IPI or HW) or from 1992 * another chip. We don't model the PowerBus but the END trigger 1993 * message has the same parameters than in the function below. 1994 */ 1995 void xive_router_end_notify(XiveRouter *xrtr, XiveEAS *eas) 1996 { 1997 XiveEND end; 1998 uint8_t priority; 1999 uint8_t format; 2000 uint8_t nvt_blk; 2001 uint32_t nvt_idx; 2002 XiveNVT nvt; 2003 XiveTCTXMatch match; 2004 2005 uint8_t end_blk = xive_get_field64(EAS_END_BLOCK, eas->w); 2006 uint32_t end_idx = xive_get_field64(EAS_END_INDEX, eas->w); 2007 uint32_t end_data = xive_get_field64(EAS_END_DATA, eas->w); 2008 2009 /* END cache lookup */ 2010 if (xive_router_get_end(xrtr, end_blk, end_idx, &end)) { 2011 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No END %x/%x\n", end_blk, 2012 end_idx); 2013 return; 2014 } 2015 2016 if (!xive_end_is_valid(&end)) { 2017 trace_xive_router_end_notify(end_blk, end_idx, end_data); 2018 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: END %x/%x is invalid\n", 2019 end_blk, end_idx); 2020 return; 2021 } 2022 2023 if (xive_end_is_enqueue(&end)) { 2024 xive_end_enqueue(&end, end_data); 2025 /* Enqueuing event data modifies the EQ toggle and index */ 2026 xive_router_write_end(xrtr, end_blk, end_idx, &end, 1); 2027 } 2028 2029 /* 2030 * When the END is silent, we skip the notification part. 2031 */ 2032 if (xive_end_is_silent_escalation(&end)) { 2033 goto do_escalation; 2034 } 2035 2036 /* 2037 * The W7 format depends on the F bit in W6. It defines the type 2038 * of the notification : 2039 * 2040 * F=0 : single or multiple NVT notification 2041 * F=1 : User level Event-Based Branch (EBB) notification, no 2042 * priority 2043 */ 2044 format = xive_get_field32(END_W6_FORMAT_BIT, end.w6); 2045 priority = xive_get_field32(END_W7_F0_PRIORITY, end.w7); 2046 2047 /* The END is masked */ 2048 if (format == 0 && priority == 0xff) { 2049 return; 2050 } 2051 2052 /* 2053 * Check the END ESn (Event State Buffer for notification) for 2054 * even further coalescing in the Router 2055 */ 2056 if (!xive_end_is_notify(&end)) { 2057 /* ESn[Q]=1 : end of notification */ 2058 if (!xive_router_end_es_notify(xrtr, end_blk, end_idx, 2059 &end, END_W1_ESn)) { 2060 return; 2061 } 2062 } 2063 2064 /* 2065 * Follows IVPE notification 2066 */ 2067 nvt_blk = xive_get_field32(END_W6_NVT_BLOCK, end.w6); 2068 nvt_idx = xive_get_field32(END_W6_NVT_INDEX, end.w6); 2069 2070 /* NVT cache lookup */ 2071 if (xive_router_get_nvt(xrtr, nvt_blk, nvt_idx, &nvt)) { 2072 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: no NVT %x/%x\n", 2073 nvt_blk, nvt_idx); 2074 return; 2075 } 2076 2077 if (!xive_nvt_is_valid(&nvt)) { 2078 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: NVT %x/%x is invalid\n", 2079 nvt_blk, nvt_idx); 2080 return; 2081 } 2082 2083 /* TODO: Auto EOI. */ 2084 /* we don't support VP-group notification on P9, so precluded is not used */ 2085 if (xive_presenter_match(xrtr->xfb, format, nvt_blk, nvt_idx, 2086 false /* crowd */, 2087 xive_get_field32(END_W7_F0_IGNORE, end.w7), 2088 priority, 2089 xive_get_field32(END_W7_F1_LOG_SERVER_ID, end.w7), 2090 &match)) { 2091 trace_xive_presenter_notify(nvt_blk, nvt_idx, match.ring, 0); 2092 xive_tctx_pipr_present(match.tctx, match.ring, priority, 0); 2093 return; 2094 } 2095 2096 /* 2097 * If no matching NVT is dispatched on a HW thread : 2098 * - specific VP: update the NVT structure if backlog is activated 2099 * - logical server : forward request to IVPE (not supported) 2100 */ 2101 if (xive_end_is_backlog(&end)) { 2102 uint8_t ipb; 2103 2104 if (format == 1) { 2105 qemu_log_mask(LOG_GUEST_ERROR, 2106 "XIVE: END %x/%x invalid config: F1 & backlog\n", 2107 end_blk, end_idx); 2108 return; 2109 } 2110 /* 2111 * Record the IPB in the associated NVT structure for later 2112 * use. The presenter will resend the interrupt when the vCPU 2113 * is dispatched again on a HW thread. 2114 */ 2115 ipb = xive_get_field32(NVT_W4_IPB, nvt.w4) | 2116 xive_priority_to_ipb(priority); 2117 nvt.w4 = xive_set_field32(NVT_W4_IPB, nvt.w4, ipb); 2118 xive_router_write_nvt(xrtr, nvt_blk, nvt_idx, &nvt, 4); 2119 2120 /* 2121 * On HW, follows a "Broadcast Backlog" to IVPEs 2122 */ 2123 } 2124 2125 do_escalation: 2126 /* 2127 * If activated, escalate notification using the ESe PQ bits and 2128 * the EAS in w4-5 2129 */ 2130 if (!xive_end_is_escalate(&end)) { 2131 return; 2132 } 2133 2134 /* 2135 * Check the END ESe (Event State Buffer for escalation) for even 2136 * further coalescing in the Router 2137 */ 2138 if (!xive_end_is_uncond_escalation(&end)) { 2139 /* ESe[Q]=1 : end of notification */ 2140 if (!xive_router_end_es_notify(xrtr, end_blk, end_idx, 2141 &end, END_W1_ESe)) { 2142 return; 2143 } 2144 } 2145 2146 trace_xive_router_end_escalate(end_blk, end_idx, 2147 (uint8_t) xive_get_field32(END_W4_ESC_END_BLOCK, end.w4), 2148 (uint32_t) xive_get_field32(END_W4_ESC_END_INDEX, end.w4), 2149 (uint32_t) xive_get_field32(END_W5_ESC_END_DATA, end.w5)); 2150 /* 2151 * The END trigger becomes an Escalation trigger 2152 */ 2153 xive_router_end_notify_handler(xrtr, (XiveEAS *) &end.w4); 2154 } 2155 2156 void xive_router_notify(XiveNotifier *xn, uint32_t lisn, bool pq_checked) 2157 { 2158 XiveRouter *xrtr = XIVE_ROUTER(xn); 2159 uint8_t eas_blk = XIVE_EAS_BLOCK(lisn); 2160 uint32_t eas_idx = XIVE_EAS_INDEX(lisn); 2161 XiveEAS eas; 2162 2163 /* EAS cache lookup */ 2164 if (xive_router_get_eas(xrtr, eas_blk, eas_idx, &eas)) { 2165 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Unknown LISN %x\n", lisn); 2166 return; 2167 } 2168 2169 if (!pq_checked) { 2170 bool notify; 2171 uint8_t pq; 2172 2173 /* PQ cache lookup */ 2174 if (xive_router_get_pq(xrtr, eas_blk, eas_idx, &pq)) { 2175 /* Set FIR */ 2176 g_assert_not_reached(); 2177 } 2178 2179 notify = xive_esb_trigger(&pq); 2180 2181 if (xive_router_set_pq(xrtr, eas_blk, eas_idx, &pq)) { 2182 /* Set FIR */ 2183 g_assert_not_reached(); 2184 } 2185 2186 if (!notify) { 2187 return; 2188 } 2189 } 2190 2191 if (!xive_eas_is_valid(&eas)) { 2192 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid LISN %x\n", lisn); 2193 return; 2194 } 2195 2196 if (xive_eas_is_masked(&eas)) { 2197 /* Notification completed */ 2198 return; 2199 } 2200 2201 /* 2202 * The event trigger becomes an END trigger 2203 */ 2204 xive_router_end_notify_handler(xrtr, &eas); 2205 } 2206 2207 static const Property xive_router_properties[] = { 2208 DEFINE_PROP_LINK("xive-fabric", XiveRouter, xfb, 2209 TYPE_XIVE_FABRIC, XiveFabric *), 2210 }; 2211 2212 static void xive_router_class_init(ObjectClass *klass, const void *data) 2213 { 2214 DeviceClass *dc = DEVICE_CLASS(klass); 2215 XiveNotifierClass *xnc = XIVE_NOTIFIER_CLASS(klass); 2216 XiveRouterClass *xrc = XIVE_ROUTER_CLASS(klass); 2217 2218 dc->desc = "XIVE Router Engine"; 2219 device_class_set_props(dc, xive_router_properties); 2220 /* Parent is SysBusDeviceClass. No need to call its realize hook */ 2221 dc->realize = xive_router_realize; 2222 xnc->notify = xive_router_notify; 2223 2224 /* By default, the router handles END triggers locally */ 2225 xrc->end_notify = xive_router_end_notify; 2226 } 2227 2228 static const TypeInfo xive_router_info = { 2229 .name = TYPE_XIVE_ROUTER, 2230 .parent = TYPE_SYS_BUS_DEVICE, 2231 .abstract = true, 2232 .instance_size = sizeof(XiveRouter), 2233 .class_size = sizeof(XiveRouterClass), 2234 .class_init = xive_router_class_init, 2235 .interfaces = (const InterfaceInfo[]) { 2236 { TYPE_XIVE_NOTIFIER }, 2237 { TYPE_XIVE_PRESENTER }, 2238 { } 2239 } 2240 }; 2241 2242 void xive_eas_pic_print_info(XiveEAS *eas, uint32_t lisn, GString *buf) 2243 { 2244 if (!xive_eas_is_valid(eas)) { 2245 return; 2246 } 2247 2248 g_string_append_printf(buf, " %08x %s end:%02x/%04x data:%08x\n", 2249 lisn, xive_eas_is_masked(eas) ? "M" : " ", 2250 (uint8_t) xive_get_field64(EAS_END_BLOCK, eas->w), 2251 (uint32_t) xive_get_field64(EAS_END_INDEX, eas->w), 2252 (uint32_t) xive_get_field64(EAS_END_DATA, eas->w)); 2253 } 2254 2255 /* 2256 * END ESB MMIO loads 2257 */ 2258 static uint64_t xive_end_source_read(void *opaque, hwaddr addr, unsigned size) 2259 { 2260 XiveENDSource *xsrc = XIVE_END_SOURCE(opaque); 2261 uint32_t offset = addr & 0xFFF; 2262 uint8_t end_blk; 2263 uint32_t end_idx; 2264 XiveEND end; 2265 uint32_t end_esmask; 2266 uint8_t pq; 2267 uint64_t ret = -1; 2268 2269 /* 2270 * The block id should be deduced from the load address on the END 2271 * ESB MMIO but our model only supports a single block per XIVE chip. 2272 */ 2273 end_blk = xive_router_get_block_id(xsrc->xrtr); 2274 end_idx = addr >> (xsrc->esb_shift + 1); 2275 2276 trace_xive_end_source_read(end_blk, end_idx, addr); 2277 2278 if (xive_router_get_end(xsrc->xrtr, end_blk, end_idx, &end)) { 2279 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No END %x/%x\n", end_blk, 2280 end_idx); 2281 return -1; 2282 } 2283 2284 if (!xive_end_is_valid(&end)) { 2285 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: END %x/%x is invalid\n", 2286 end_blk, end_idx); 2287 return -1; 2288 } 2289 2290 end_esmask = addr_is_even(addr, xsrc->esb_shift) ? END_W1_ESn : END_W1_ESe; 2291 pq = xive_get_field32(end_esmask, end.w1); 2292 2293 switch (offset) { 2294 case XIVE_ESB_LOAD_EOI ... XIVE_ESB_LOAD_EOI + 0x7FF: 2295 ret = xive_esb_eoi(&pq); 2296 2297 /* Forward the source event notification for routing ?? */ 2298 break; 2299 2300 case XIVE_ESB_GET ... XIVE_ESB_GET + 0x3FF: 2301 ret = pq; 2302 break; 2303 2304 case XIVE_ESB_SET_PQ_00 ... XIVE_ESB_SET_PQ_00 + 0x0FF: 2305 case XIVE_ESB_SET_PQ_01 ... XIVE_ESB_SET_PQ_01 + 0x0FF: 2306 case XIVE_ESB_SET_PQ_10 ... XIVE_ESB_SET_PQ_10 + 0x0FF: 2307 case XIVE_ESB_SET_PQ_11 ... XIVE_ESB_SET_PQ_11 + 0x0FF: 2308 ret = xive_esb_set(&pq, (offset >> 8) & 0x3); 2309 break; 2310 default: 2311 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid END ESB load addr %d\n", 2312 offset); 2313 return -1; 2314 } 2315 2316 if (pq != xive_get_field32(end_esmask, end.w1)) { 2317 end.w1 = xive_set_field32(end_esmask, end.w1, pq); 2318 xive_router_write_end(xsrc->xrtr, end_blk, end_idx, &end, 1); 2319 } 2320 2321 return ret; 2322 } 2323 2324 /* 2325 * END ESB MMIO stores are invalid 2326 */ 2327 static void xive_end_source_write(void *opaque, hwaddr addr, 2328 uint64_t value, unsigned size) 2329 { 2330 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid ESB write addr 0x%" 2331 HWADDR_PRIx"\n", addr); 2332 } 2333 2334 static const MemoryRegionOps xive_end_source_ops = { 2335 .read = xive_end_source_read, 2336 .write = xive_end_source_write, 2337 .endianness = DEVICE_BIG_ENDIAN, 2338 .valid = { 2339 .min_access_size = 1, 2340 .max_access_size = 8, 2341 }, 2342 .impl = { 2343 .min_access_size = 1, 2344 .max_access_size = 8, 2345 }, 2346 }; 2347 2348 static void xive_end_source_realize(DeviceState *dev, Error **errp) 2349 { 2350 XiveENDSource *xsrc = XIVE_END_SOURCE(dev); 2351 2352 assert(xsrc->xrtr); 2353 2354 if (!xsrc->nr_ends) { 2355 error_setg(errp, "Number of interrupt needs to be greater than 0"); 2356 return; 2357 } 2358 2359 if (xsrc->esb_shift != XIVE_ESB_4K && 2360 xsrc->esb_shift != XIVE_ESB_64K) { 2361 error_setg(errp, "Invalid ESB shift setting"); 2362 return; 2363 } 2364 2365 /* 2366 * Each END is assigned an even/odd pair of MMIO pages, the even page 2367 * manages the ESn field while the odd page manages the ESe field. 2368 */ 2369 memory_region_init_io(&xsrc->esb_mmio, OBJECT(xsrc), 2370 &xive_end_source_ops, xsrc, "xive.end", 2371 (1ull << (xsrc->esb_shift + 1)) * xsrc->nr_ends); 2372 } 2373 2374 static const Property xive_end_source_properties[] = { 2375 DEFINE_PROP_UINT32("nr-ends", XiveENDSource, nr_ends, 0), 2376 DEFINE_PROP_UINT32("shift", XiveENDSource, esb_shift, XIVE_ESB_64K), 2377 DEFINE_PROP_LINK("xive", XiveENDSource, xrtr, TYPE_XIVE_ROUTER, 2378 XiveRouter *), 2379 }; 2380 2381 static void xive_end_source_class_init(ObjectClass *klass, const void *data) 2382 { 2383 DeviceClass *dc = DEVICE_CLASS(klass); 2384 2385 dc->desc = "XIVE END Source"; 2386 device_class_set_props(dc, xive_end_source_properties); 2387 dc->realize = xive_end_source_realize; 2388 /* 2389 * Reason: part of XIVE interrupt controller, needs to be wired up, 2390 * e.g. by spapr_xive_instance_init(). 2391 */ 2392 dc->user_creatable = false; 2393 } 2394 2395 static const TypeInfo xive_end_source_info = { 2396 .name = TYPE_XIVE_END_SOURCE, 2397 .parent = TYPE_DEVICE, 2398 .instance_size = sizeof(XiveENDSource), 2399 .class_init = xive_end_source_class_init, 2400 }; 2401 2402 /* 2403 * XIVE Notifier 2404 */ 2405 static const TypeInfo xive_notifier_info = { 2406 .name = TYPE_XIVE_NOTIFIER, 2407 .parent = TYPE_INTERFACE, 2408 .class_size = sizeof(XiveNotifierClass), 2409 }; 2410 2411 /* 2412 * XIVE Presenter 2413 */ 2414 static const TypeInfo xive_presenter_info = { 2415 .name = TYPE_XIVE_PRESENTER, 2416 .parent = TYPE_INTERFACE, 2417 .class_size = sizeof(XivePresenterClass), 2418 }; 2419 2420 /* 2421 * XIVE Fabric 2422 */ 2423 static const TypeInfo xive_fabric_info = { 2424 .name = TYPE_XIVE_FABRIC, 2425 .parent = TYPE_INTERFACE, 2426 .class_size = sizeof(XiveFabricClass), 2427 }; 2428 2429 static void xive_register_types(void) 2430 { 2431 type_register_static(&xive_fabric_info); 2432 type_register_static(&xive_source_info); 2433 type_register_static(&xive_notifier_info); 2434 type_register_static(&xive_presenter_info); 2435 type_register_static(&xive_router_info); 2436 type_register_static(&xive_end_source_info); 2437 type_register_static(&xive_tctx_info); 2438 } 2439 2440 type_init(xive_register_types) 2441