1 /* 2 * QEMU PowerPC XIVE interrupt controller model 3 * 4 * Copyright (c) 2017-2018, IBM Corporation. 5 * 6 * SPDX-License-Identifier: GPL-2.0-or-later 7 */ 8 9 #include "qemu/osdep.h" 10 #include "qemu/log.h" 11 #include "qemu/module.h" 12 #include "qapi/error.h" 13 #include "target/ppc/cpu.h" 14 #include "system/cpus.h" 15 #include "system/dma.h" 16 #include "system/reset.h" 17 #include "hw/qdev-properties.h" 18 #include "migration/vmstate.h" 19 #include "hw/irq.h" 20 #include "hw/ppc/xive.h" 21 #include "hw/ppc/xive2.h" 22 #include "hw/ppc/xive_regs.h" 23 #include "trace.h" 24 25 /* 26 * XIVE Thread Interrupt Management context 27 */ 28 bool xive_nsr_indicates_exception(uint8_t ring, uint8_t nsr) 29 { 30 switch (ring) { 31 case TM_QW1_OS: 32 return !!(nsr & TM_QW1_NSR_EO); 33 case TM_QW2_HV_POOL: 34 case TM_QW3_HV_PHYS: 35 return !!(nsr & TM_QW3_NSR_HE); 36 default: 37 g_assert_not_reached(); 38 } 39 } 40 41 bool xive_nsr_indicates_group_exception(uint8_t ring, uint8_t nsr) 42 { 43 if ((nsr & TM_NSR_GRP_LVL) > 0) { 44 g_assert(xive_nsr_indicates_exception(ring, nsr)); 45 return true; 46 } 47 return false; 48 } 49 50 uint8_t xive_nsr_exception_ring(uint8_t ring, uint8_t nsr) 51 { 52 /* NSR determines if pool/phys ring is for phys or pool interrupt */ 53 if ((ring == TM_QW3_HV_PHYS) || (ring == TM_QW2_HV_POOL)) { 54 uint8_t he = (nsr & TM_QW3_NSR_HE) >> 6; 55 56 if (he == TM_QW3_NSR_HE_PHYS) { 57 return TM_QW3_HV_PHYS; 58 } else if (he == TM_QW3_NSR_HE_POOL) { 59 return TM_QW2_HV_POOL; 60 } else { 61 /* Don't support LSI mode */ 62 g_assert_not_reached(); 63 } 64 } 65 return ring; 66 } 67 68 static qemu_irq xive_tctx_output(XiveTCTX *tctx, uint8_t ring) 69 { 70 switch (ring) { 71 case TM_QW0_USER: 72 return 0; /* Not supported */ 73 case TM_QW1_OS: 74 return tctx->os_output; 75 case TM_QW2_HV_POOL: 76 case TM_QW3_HV_PHYS: 77 return tctx->hv_output; 78 default: 79 return 0; 80 } 81 } 82 83 /* 84 * interrupt is accepted on the presentation ring, for PHYS ring the NSR 85 * directs it to the PHYS or POOL rings. 86 */ 87 uint64_t xive_tctx_accept(XiveTCTX *tctx, uint8_t sig_ring) 88 { 89 uint8_t *sig_regs = &tctx->regs[sig_ring]; 90 uint8_t nsr = sig_regs[TM_NSR]; 91 92 g_assert(sig_ring == TM_QW1_OS || sig_ring == TM_QW3_HV_PHYS); 93 94 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_NSR] == 0); 95 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_PIPR] == 0); 96 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_CPPR] == 0); 97 98 if (xive_nsr_indicates_exception(sig_ring, nsr)) { 99 uint8_t cppr = sig_regs[TM_PIPR]; 100 uint8_t ring; 101 uint8_t *regs; 102 103 ring = xive_nsr_exception_ring(sig_ring, nsr); 104 regs = &tctx->regs[ring]; 105 106 sig_regs[TM_CPPR] = cppr; 107 108 /* 109 * If the interrupt was for a specific VP, reset the pending 110 * buffer bit, otherwise clear the logical server indicator 111 */ 112 if (!xive_nsr_indicates_group_exception(sig_ring, nsr)) { 113 regs[TM_IPB] &= ~xive_priority_to_ipb(cppr); 114 } 115 116 /* Clear the exception from NSR */ 117 sig_regs[TM_NSR] = 0; 118 qemu_irq_lower(xive_tctx_output(tctx, sig_ring)); 119 120 trace_xive_tctx_accept(tctx->cs->cpu_index, ring, 121 regs[TM_IPB], sig_regs[TM_PIPR], 122 sig_regs[TM_CPPR], sig_regs[TM_NSR]); 123 } 124 125 return ((uint64_t)nsr << 8) | sig_regs[TM_CPPR]; 126 } 127 128 void xive_tctx_notify(XiveTCTX *tctx, uint8_t ring, uint8_t group_level) 129 { 130 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 131 uint8_t *regs = &tctx->regs[ring]; 132 133 if (sig_regs[TM_PIPR] < sig_regs[TM_CPPR]) { 134 switch (ring) { 135 case TM_QW1_OS: 136 sig_regs[TM_NSR] = TM_QW1_NSR_EO | (group_level & 0x3F); 137 break; 138 case TM_QW2_HV_POOL: 139 sig_regs[TM_NSR] = (TM_QW3_NSR_HE_POOL << 6) | (group_level & 0x3F); 140 break; 141 case TM_QW3_HV_PHYS: 142 sig_regs[TM_NSR] = (TM_QW3_NSR_HE_PHYS << 6) | (group_level & 0x3F); 143 break; 144 default: 145 g_assert_not_reached(); 146 } 147 trace_xive_tctx_notify(tctx->cs->cpu_index, ring, 148 regs[TM_IPB], sig_regs[TM_PIPR], 149 sig_regs[TM_CPPR], sig_regs[TM_NSR]); 150 qemu_irq_raise(xive_tctx_output(tctx, ring)); 151 } else { 152 sig_regs[TM_NSR] = 0; 153 qemu_irq_lower(xive_tctx_output(tctx, ring)); 154 } 155 } 156 157 void xive_tctx_reset_signal(XiveTCTX *tctx, uint8_t ring) 158 { 159 /* 160 * Lower the External interrupt. Used when pulling a context. It is 161 * necessary to avoid catching it in the higher privilege context. It 162 * should be raised again when re-pushing the lower privilege context. 163 */ 164 qemu_irq_lower(xive_tctx_output(tctx, ring)); 165 } 166 167 static void xive_tctx_set_cppr(XiveTCTX *tctx, uint8_t ring, uint8_t cppr) 168 { 169 uint8_t *sig_regs = &tctx->regs[ring]; 170 uint8_t pipr_min; 171 uint8_t ring_min; 172 173 g_assert(ring == TM_QW1_OS || ring == TM_QW3_HV_PHYS); 174 175 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_NSR] == 0); 176 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_PIPR] == 0); 177 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_CPPR] == 0); 178 179 /* XXX: should show pool IPB for PHYS ring */ 180 trace_xive_tctx_set_cppr(tctx->cs->cpu_index, ring, 181 sig_regs[TM_IPB], sig_regs[TM_PIPR], 182 cppr, sig_regs[TM_NSR]); 183 184 if (cppr > XIVE_PRIORITY_MAX) { 185 cppr = 0xff; 186 } 187 188 sig_regs[TM_CPPR] = cppr; 189 190 /* 191 * Recompute the PIPR based on local pending interrupts. The PHYS 192 * ring must take the minimum of both the PHYS and POOL PIPR values. 193 */ 194 pipr_min = xive_ipb_to_pipr(sig_regs[TM_IPB]); 195 ring_min = ring; 196 197 /* PHYS updates also depend on POOL values */ 198 if (ring == TM_QW3_HV_PHYS) { 199 uint8_t *pool_regs = &tctx->regs[TM_QW2_HV_POOL]; 200 201 /* POOL values only matter if POOL ctx is valid */ 202 if (pool_regs[TM_WORD2] & 0x80) { 203 uint8_t pool_pipr = xive_ipb_to_pipr(pool_regs[TM_IPB]); 204 205 /* 206 * Determine highest priority interrupt and 207 * remember which ring has it. 208 */ 209 if (pool_pipr < pipr_min) { 210 pipr_min = pool_pipr; 211 ring_min = TM_QW2_HV_POOL; 212 } 213 } 214 } 215 216 sig_regs[TM_PIPR] = pipr_min; 217 218 /* CPPR has changed, check if we need to raise a pending exception */ 219 xive_tctx_notify(tctx, ring_min, 0); 220 } 221 222 void xive_tctx_pipr_update(XiveTCTX *tctx, uint8_t ring, uint8_t priority, 223 uint8_t group_level) 224 { 225 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 226 uint8_t *regs = &tctx->regs[ring]; 227 228 if (group_level == 0) { 229 /* VP-specific */ 230 regs[TM_IPB] |= xive_priority_to_ipb(priority); 231 sig_regs[TM_PIPR] = xive_ipb_to_pipr(regs[TM_IPB]); 232 } else { 233 /* VP-group */ 234 sig_regs[TM_PIPR] = xive_priority_to_pipr(priority); 235 } 236 xive_tctx_notify(tctx, ring, group_level); 237 } 238 239 static void xive_tctx_pipr_recompute_from_ipb(XiveTCTX *tctx, uint8_t ring) 240 { 241 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 242 uint8_t *regs = &tctx->regs[ring]; 243 244 /* Does not support a presented group interrupt */ 245 g_assert(!xive_nsr_indicates_group_exception(ring, sig_regs[TM_NSR])); 246 247 sig_regs[TM_PIPR] = xive_ipb_to_pipr(regs[TM_IPB]); 248 xive_tctx_notify(tctx, ring, 0); 249 } 250 251 void xive_tctx_pipr_present(XiveTCTX *tctx, uint8_t ring, uint8_t priority, 252 uint8_t group_level) 253 { 254 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 255 uint8_t *regs = &tctx->regs[ring]; 256 uint8_t pipr = xive_priority_to_pipr(priority); 257 258 if (group_level == 0) { 259 regs[TM_IPB] |= xive_priority_to_ipb(priority); 260 if (pipr >= sig_regs[TM_PIPR]) { 261 /* VP interrupts can come here with lower priority than PIPR */ 262 return; 263 } 264 } 265 g_assert(pipr <= xive_ipb_to_pipr(regs[TM_IPB])); 266 g_assert(pipr < sig_regs[TM_PIPR]); 267 sig_regs[TM_PIPR] = pipr; 268 xive_tctx_notify(tctx, ring, group_level); 269 } 270 271 /* 272 * XIVE Thread Interrupt Management Area (TIMA) 273 */ 274 275 static void xive_tm_set_hv_cppr(XivePresenter *xptr, XiveTCTX *tctx, 276 hwaddr offset, uint64_t value, unsigned size) 277 { 278 xive_tctx_set_cppr(tctx, TM_QW3_HV_PHYS, value & 0xff); 279 } 280 281 static uint64_t xive_tm_ack_hv_reg(XivePresenter *xptr, XiveTCTX *tctx, 282 hwaddr offset, unsigned size) 283 { 284 return xive_tctx_accept(tctx, TM_QW3_HV_PHYS); 285 } 286 287 static void xive_pool_cam_decode(uint32_t cam, uint8_t *nvt_blk, 288 uint32_t *nvt_idx, bool *vp) 289 { 290 if (nvt_blk) { 291 *nvt_blk = xive_nvt_blk(cam); 292 } 293 if (nvt_idx) { 294 *nvt_idx = xive_nvt_idx(cam); 295 } 296 if (vp) { 297 *vp = !!(cam & TM_QW2W2_VP); 298 } 299 } 300 301 static uint32_t xive_tctx_get_pool_cam(XiveTCTX *tctx, uint8_t *nvt_blk, 302 uint32_t *nvt_idx, bool *vp) 303 { 304 uint32_t qw2w2 = xive_tctx_word2(&tctx->regs[TM_QW2_HV_POOL]); 305 uint32_t cam = be32_to_cpu(qw2w2); 306 307 xive_pool_cam_decode(cam, nvt_blk, nvt_idx, vp); 308 return qw2w2; 309 } 310 311 static void xive_tctx_set_pool_cam(XiveTCTX *tctx, uint32_t qw2w2) 312 { 313 memcpy(&tctx->regs[TM_QW2_HV_POOL + TM_WORD2], &qw2w2, 4); 314 } 315 316 static uint64_t xive_tm_pull_pool_ctx(XivePresenter *xptr, XiveTCTX *tctx, 317 hwaddr offset, unsigned size) 318 { 319 uint32_t qw2w2; 320 uint32_t qw2w2_new; 321 uint8_t nvt_blk; 322 uint32_t nvt_idx; 323 bool vp; 324 325 qw2w2 = xive_tctx_get_pool_cam(tctx, &nvt_blk, &nvt_idx, &vp); 326 327 if (!vp) { 328 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: pull invalid POOL NVT %x/%x !?\n", 329 nvt_blk, nvt_idx); 330 } 331 332 /* Invalidate CAM line */ 333 qw2w2_new = xive_set_field32(TM_QW2W2_VP, qw2w2, 0); 334 xive_tctx_set_pool_cam(tctx, qw2w2_new); 335 336 xive_tctx_reset_signal(tctx, TM_QW1_OS); 337 xive_tctx_reset_signal(tctx, TM_QW2_HV_POOL); 338 return qw2w2; 339 } 340 341 static uint64_t xive_tm_pull_phys_ctx(XivePresenter *xptr, XiveTCTX *tctx, 342 hwaddr offset, unsigned size) 343 { 344 uint8_t qw3b8 = tctx->regs[TM_QW3_HV_PHYS + TM_WORD2]; 345 uint8_t qw3b8_new; 346 347 qw3b8 = tctx->regs[TM_QW3_HV_PHYS + TM_WORD2]; 348 if (!(qw3b8 & TM_QW3B8_VT)) { 349 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: pulling invalid PHYS thread!?\n"); 350 } 351 qw3b8_new = qw3b8 & ~TM_QW3B8_VT; 352 tctx->regs[TM_QW3_HV_PHYS + TM_WORD2] = qw3b8_new; 353 354 xive_tctx_reset_signal(tctx, TM_QW1_OS); 355 xive_tctx_reset_signal(tctx, TM_QW3_HV_PHYS); 356 return qw3b8; 357 } 358 359 static void xive_tm_vt_push(XivePresenter *xptr, XiveTCTX *tctx, hwaddr offset, 360 uint64_t value, unsigned size) 361 { 362 tctx->regs[TM_QW3_HV_PHYS + TM_WORD2] = value & 0xff; 363 } 364 365 static uint64_t xive_tm_vt_poll(XivePresenter *xptr, XiveTCTX *tctx, 366 hwaddr offset, unsigned size) 367 { 368 return tctx->regs[TM_QW3_HV_PHYS + TM_WORD2] & 0xff; 369 } 370 371 /* 372 * Define an access map for each page of the TIMA that we will use in 373 * the memory region ops to filter values when doing loads and stores 374 * of raw registers values 375 * 376 * Registers accessibility bits : 377 * 378 * 0x0 - no access 379 * 0x1 - write only 380 * 0x2 - read only 381 * 0x3 - read/write 382 */ 383 384 static const uint8_t xive_tm_hw_view[] = { 385 3, 0, 0, 0, 0, 0, 0, 0, 3, 3, 3, 3, 0, 0, 0, 0, /* QW-0 User */ 386 3, 3, 3, 3, 3, 3, 0, 2, 3, 3, 3, 3, 0, 0, 0, 3, /* QW-1 OS */ 387 0, 0, 3, 3, 0, 3, 3, 0, 3, 3, 3, 3, 0, 0, 0, 0, /* QW-2 POOL */ 388 3, 3, 3, 3, 0, 3, 0, 2, 3, 0, 0, 3, 3, 3, 3, 0, /* QW-3 PHYS */ 389 }; 390 391 static const uint8_t xive_tm_hv_view[] = { 392 3, 0, 0, 0, 0, 0, 0, 0, 3, 3, 3, 3, 0, 0, 0, 0, /* QW-0 User */ 393 3, 3, 3, 3, 3, 3, 0, 2, 3, 3, 3, 3, 0, 0, 0, 3, /* QW-1 OS */ 394 0, 0, 3, 3, 0, 3, 3, 0, 0, 3, 3, 3, 0, 0, 0, 0, /* QW-2 POOL */ 395 3, 3, 3, 3, 0, 3, 0, 2, 3, 0, 0, 3, 0, 0, 0, 0, /* QW-3 PHYS */ 396 }; 397 398 static const uint8_t xive_tm_os_view[] = { 399 3, 0, 0, 0, 0, 0, 0, 0, 3, 3, 3, 3, 0, 0, 0, 0, /* QW-0 User */ 400 2, 3, 2, 2, 2, 2, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-1 OS */ 401 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-2 POOL */ 402 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-3 PHYS */ 403 }; 404 405 static const uint8_t xive_tm_user_view[] = { 406 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-0 User */ 407 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-1 OS */ 408 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-2 POOL */ 409 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* QW-3 PHYS */ 410 }; 411 412 /* 413 * Overall TIMA access map for the thread interrupt management context 414 * registers 415 */ 416 static const uint8_t *xive_tm_views[] = { 417 [XIVE_TM_HW_PAGE] = xive_tm_hw_view, 418 [XIVE_TM_HV_PAGE] = xive_tm_hv_view, 419 [XIVE_TM_OS_PAGE] = xive_tm_os_view, 420 [XIVE_TM_USER_PAGE] = xive_tm_user_view, 421 }; 422 423 /* 424 * Computes a register access mask for a given offset in the TIMA 425 */ 426 static uint64_t xive_tm_mask(hwaddr offset, unsigned size, bool write) 427 { 428 uint8_t page_offset = (offset >> TM_SHIFT) & 0x3; 429 uint8_t reg_offset = offset & TM_REG_OFFSET; 430 uint8_t reg_mask = write ? 0x1 : 0x2; 431 uint64_t mask = 0x0; 432 int i; 433 434 for (i = 0; i < size; i++) { 435 if (xive_tm_views[page_offset][reg_offset + i] & reg_mask) { 436 mask |= (uint64_t) 0xff << (8 * (size - i - 1)); 437 } 438 } 439 440 return mask; 441 } 442 443 static void xive_tm_raw_write(XiveTCTX *tctx, hwaddr offset, uint64_t value, 444 unsigned size) 445 { 446 uint8_t ring_offset = offset & TM_RING_OFFSET; 447 uint8_t reg_offset = offset & TM_REG_OFFSET; 448 uint64_t mask = xive_tm_mask(offset, size, true); 449 int i; 450 451 /* 452 * Only 4 or 8 bytes stores are allowed and the User ring is 453 * excluded 454 */ 455 if (size < 4 || !mask || ring_offset == TM_QW0_USER) { 456 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid write access at TIMA @%" 457 HWADDR_PRIx" size %d\n", offset, size); 458 return; 459 } 460 461 /* 462 * Use the register offset for the raw values and filter out 463 * reserved values 464 */ 465 for (i = 0; i < size; i++) { 466 uint8_t byte_mask = (mask >> (8 * (size - i - 1))); 467 if (byte_mask) { 468 tctx->regs[reg_offset + i] = (value >> (8 * (size - i - 1))) & 469 byte_mask; 470 } 471 } 472 } 473 474 static uint64_t xive_tm_raw_read(XiveTCTX *tctx, hwaddr offset, unsigned size) 475 { 476 uint8_t ring_offset = offset & TM_RING_OFFSET; 477 uint8_t reg_offset = offset & TM_REG_OFFSET; 478 uint64_t mask = xive_tm_mask(offset, size, false); 479 uint64_t ret; 480 int i; 481 482 /* 483 * Only 4 or 8 bytes loads are allowed and the User ring is 484 * excluded 485 */ 486 if (size < 4 || !mask || ring_offset == TM_QW0_USER) { 487 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid read access at TIMA @%" 488 HWADDR_PRIx" size %d\n", offset, size); 489 return -1; 490 } 491 492 /* Use the register offset for the raw values */ 493 ret = 0; 494 for (i = 0; i < size; i++) { 495 ret |= (uint64_t) tctx->regs[reg_offset + i] << (8 * (size - i - 1)); 496 } 497 498 /* filter out reserved values */ 499 return ret & mask; 500 } 501 502 /* 503 * The TM context is mapped twice within each page. Stores and loads 504 * to the first mapping below 2K write and read the specified values 505 * without modification. The second mapping above 2K performs specific 506 * state changes (side effects) in addition to setting/returning the 507 * interrupt management area context of the processor thread. 508 */ 509 static uint64_t xive_tm_ack_os_reg(XivePresenter *xptr, XiveTCTX *tctx, 510 hwaddr offset, unsigned size) 511 { 512 return xive_tctx_accept(tctx, TM_QW1_OS); 513 } 514 515 static void xive_tm_set_os_cppr(XivePresenter *xptr, XiveTCTX *tctx, 516 hwaddr offset, uint64_t value, unsigned size) 517 { 518 xive_tctx_set_cppr(tctx, TM_QW1_OS, value & 0xff); 519 } 520 521 static void xive_tctx_set_lgs(XiveTCTX *tctx, uint8_t ring, uint8_t lgs) 522 { 523 uint8_t *regs = &tctx->regs[ring]; 524 525 regs[TM_LGS] = lgs; 526 } 527 528 static void xive_tm_set_os_lgs(XivePresenter *xptr, XiveTCTX *tctx, 529 hwaddr offset, uint64_t value, unsigned size) 530 { 531 xive_tctx_set_lgs(tctx, TM_QW1_OS, value & 0xff); 532 } 533 534 /* 535 * Adjust the PIPR to allow a CPU to process event queues of other 536 * priorities during one physical interrupt cycle. 537 */ 538 static void xive_tm_set_os_pending(XivePresenter *xptr, XiveTCTX *tctx, 539 hwaddr offset, uint64_t value, unsigned size) 540 { 541 uint8_t ring = TM_QW1_OS; 542 uint8_t *regs = &tctx->regs[ring]; 543 544 /* XXX: how should this work exactly? */ 545 regs[TM_IPB] |= xive_priority_to_ipb(value & 0xff); 546 xive_tctx_pipr_recompute_from_ipb(tctx, ring); 547 } 548 549 static void xive_os_cam_decode(uint32_t cam, uint8_t *nvt_blk, 550 uint32_t *nvt_idx, bool *vo) 551 { 552 if (nvt_blk) { 553 *nvt_blk = xive_nvt_blk(cam); 554 } 555 if (nvt_idx) { 556 *nvt_idx = xive_nvt_idx(cam); 557 } 558 if (vo) { 559 *vo = !!(cam & TM_QW1W2_VO); 560 } 561 } 562 563 static uint32_t xive_tctx_get_os_cam(XiveTCTX *tctx, uint8_t *nvt_blk, 564 uint32_t *nvt_idx, bool *vo) 565 { 566 uint32_t qw1w2 = xive_tctx_word2(&tctx->regs[TM_QW1_OS]); 567 uint32_t cam = be32_to_cpu(qw1w2); 568 569 xive_os_cam_decode(cam, nvt_blk, nvt_idx, vo); 570 return qw1w2; 571 } 572 573 static void xive_tctx_set_os_cam(XiveTCTX *tctx, uint32_t qw1w2) 574 { 575 memcpy(&tctx->regs[TM_QW1_OS + TM_WORD2], &qw1w2, 4); 576 } 577 578 static uint64_t xive_tm_pull_os_ctx(XivePresenter *xptr, XiveTCTX *tctx, 579 hwaddr offset, unsigned size) 580 { 581 uint32_t qw1w2; 582 uint32_t qw1w2_new; 583 uint8_t nvt_blk; 584 uint32_t nvt_idx; 585 bool vo; 586 587 qw1w2 = xive_tctx_get_os_cam(tctx, &nvt_blk, &nvt_idx, &vo); 588 589 if (!vo) { 590 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: pull invalid OS NVT %x/%x !?\n", 591 nvt_blk, nvt_idx); 592 } 593 594 /* Invalidate CAM line */ 595 qw1w2_new = xive_set_field32(TM_QW1W2_VO, qw1w2, 0); 596 xive_tctx_set_os_cam(tctx, qw1w2_new); 597 598 xive_tctx_reset_signal(tctx, TM_QW1_OS); 599 return qw1w2; 600 } 601 602 static void xive_tctx_need_resend(XiveRouter *xrtr, XiveTCTX *tctx, 603 uint8_t nvt_blk, uint32_t nvt_idx) 604 { 605 XiveNVT nvt; 606 uint8_t ipb; 607 608 /* 609 * Grab the associated NVT to pull the pending bits, and merge 610 * them with the IPB of the thread interrupt context registers 611 */ 612 if (xive_router_get_nvt(xrtr, nvt_blk, nvt_idx, &nvt)) { 613 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid NVT %x/%x\n", 614 nvt_blk, nvt_idx); 615 return; 616 } 617 618 ipb = xive_get_field32(NVT_W4_IPB, nvt.w4); 619 620 if (ipb) { 621 /* Reset the NVT value */ 622 nvt.w4 = xive_set_field32(NVT_W4_IPB, nvt.w4, 0); 623 xive_router_write_nvt(xrtr, nvt_blk, nvt_idx, &nvt, 4); 624 625 uint8_t *regs = &tctx->regs[TM_QW1_OS]; 626 regs[TM_IPB] |= ipb; 627 } 628 629 /* 630 * Always call xive_tctx_recompute_from_ipb(). Even if there were no 631 * escalation triggered, there could be a pending interrupt which 632 * was saved when the context was pulled and that we need to take 633 * into account by recalculating the PIPR (which is not 634 * saved/restored). 635 * It will also raise the External interrupt signal if needed. 636 */ 637 xive_tctx_pipr_recompute_from_ipb(tctx, TM_QW1_OS); /* fxb */ 638 } 639 640 /* 641 * Updating the OS CAM line can trigger a resend of interrupt 642 */ 643 static void xive_tm_push_os_ctx(XivePresenter *xptr, XiveTCTX *tctx, 644 hwaddr offset, uint64_t value, unsigned size) 645 { 646 uint32_t cam = value; 647 uint32_t qw1w2 = cpu_to_be32(cam); 648 uint8_t nvt_blk; 649 uint32_t nvt_idx; 650 bool vo; 651 652 xive_os_cam_decode(cam, &nvt_blk, &nvt_idx, &vo); 653 654 /* First update the registers */ 655 xive_tctx_set_os_cam(tctx, qw1w2); 656 657 /* Check the interrupt pending bits */ 658 if (vo) { 659 xive_tctx_need_resend(XIVE_ROUTER(xptr), tctx, nvt_blk, nvt_idx); 660 } 661 } 662 663 static uint32_t xive_presenter_get_config(XivePresenter *xptr) 664 { 665 XivePresenterClass *xpc = XIVE_PRESENTER_GET_CLASS(xptr); 666 667 return xpc->get_config(xptr); 668 } 669 670 /* 671 * Define a mapping of "special" operations depending on the TIMA page 672 * offset and the size of the operation. 673 */ 674 typedef struct XiveTmOp { 675 uint8_t page_offset; 676 uint32_t op_offset; 677 unsigned size; 678 void (*write_handler)(XivePresenter *xptr, XiveTCTX *tctx, 679 hwaddr offset, 680 uint64_t value, unsigned size); 681 uint64_t (*read_handler)(XivePresenter *xptr, XiveTCTX *tctx, hwaddr offset, 682 unsigned size); 683 } XiveTmOp; 684 685 static const XiveTmOp xive_tm_operations[] = { 686 /* 687 * MMIOs below 2K : raw values and special operations without side 688 * effects 689 */ 690 { XIVE_TM_OS_PAGE, TM_QW1_OS + TM_CPPR, 1, xive_tm_set_os_cppr, 691 NULL }, 692 { XIVE_TM_HV_PAGE, TM_QW1_OS + TM_WORD2, 4, xive_tm_push_os_ctx, 693 NULL }, 694 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_CPPR, 1, xive_tm_set_hv_cppr, 695 NULL }, 696 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_WORD2, 1, xive_tm_vt_push, 697 NULL }, 698 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_WORD2, 1, NULL, 699 xive_tm_vt_poll }, 700 701 /* MMIOs above 2K : special operations with side effects */ 702 { XIVE_TM_OS_PAGE, TM_SPC_ACK_OS_REG, 2, NULL, 703 xive_tm_ack_os_reg }, 704 { XIVE_TM_OS_PAGE, TM_SPC_SET_OS_PENDING, 1, xive_tm_set_os_pending, 705 NULL }, 706 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX, 4, NULL, 707 xive_tm_pull_os_ctx }, 708 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX, 8, NULL, 709 xive_tm_pull_os_ctx }, 710 { XIVE_TM_HV_PAGE, TM_SPC_ACK_HV_REG, 2, NULL, 711 xive_tm_ack_hv_reg }, 712 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX, 4, NULL, 713 xive_tm_pull_pool_ctx }, 714 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX, 8, NULL, 715 xive_tm_pull_pool_ctx }, 716 { XIVE_TM_HV_PAGE, TM_SPC_PULL_PHYS_CTX, 1, NULL, 717 xive_tm_pull_phys_ctx }, 718 }; 719 720 static const XiveTmOp xive2_tm_operations[] = { 721 /* 722 * MMIOs below 2K : raw values and special operations without side 723 * effects 724 */ 725 { XIVE_TM_OS_PAGE, TM_QW1_OS + TM_CPPR, 1, xive2_tm_set_os_cppr, 726 NULL }, 727 { XIVE_TM_HV_PAGE, TM_QW1_OS + TM_WORD2, 4, xive2_tm_push_os_ctx, 728 NULL }, 729 { XIVE_TM_HV_PAGE, TM_QW1_OS + TM_WORD2, 8, xive2_tm_push_os_ctx, 730 NULL }, 731 { XIVE_TM_OS_PAGE, TM_QW1_OS + TM_LGS, 1, xive_tm_set_os_lgs, 732 NULL }, 733 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_CPPR, 1, xive2_tm_set_hv_cppr, 734 NULL }, 735 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_WORD2, 1, xive_tm_vt_push, 736 NULL }, 737 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_WORD2, 1, NULL, 738 xive_tm_vt_poll }, 739 { XIVE_TM_HV_PAGE, TM_QW3_HV_PHYS + TM_T, 1, xive2_tm_set_hv_target, 740 NULL }, 741 742 /* MMIOs above 2K : special operations with side effects */ 743 { XIVE_TM_OS_PAGE, TM_SPC_ACK_OS_REG, 2, NULL, 744 xive_tm_ack_os_reg }, 745 { XIVE_TM_OS_PAGE, TM_SPC_SET_OS_PENDING, 1, xive_tm_set_os_pending, 746 NULL }, 747 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX_G2, 4, NULL, 748 xive2_tm_pull_os_ctx }, 749 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX, 4, NULL, 750 xive2_tm_pull_os_ctx }, 751 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX, 8, NULL, 752 xive2_tm_pull_os_ctx }, 753 { XIVE_TM_HV_PAGE, TM_SPC_ACK_HV_REG, 2, NULL, 754 xive_tm_ack_hv_reg }, 755 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX_G2, 4, NULL, 756 xive2_tm_pull_pool_ctx }, 757 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX, 4, NULL, 758 xive2_tm_pull_pool_ctx }, 759 { XIVE_TM_HV_PAGE, TM_SPC_PULL_POOL_CTX, 8, NULL, 760 xive2_tm_pull_pool_ctx }, 761 { XIVE_TM_HV_PAGE, TM_SPC_PULL_OS_CTX_OL, 1, xive2_tm_pull_os_ctx_ol, 762 NULL }, 763 { XIVE_TM_HV_PAGE, TM_SPC_PULL_PHYS_CTX_G2, 4, NULL, 764 xive2_tm_pull_phys_ctx }, 765 { XIVE_TM_HV_PAGE, TM_SPC_PULL_PHYS_CTX, 1, NULL, 766 xive2_tm_pull_phys_ctx }, 767 { XIVE_TM_HV_PAGE, TM_SPC_PULL_PHYS_CTX_OL, 1, xive2_tm_pull_phys_ctx_ol, 768 NULL }, 769 { XIVE_TM_OS_PAGE, TM_SPC_ACK_OS_EL, 1, xive2_tm_ack_os_el, 770 NULL }, 771 }; 772 773 static const XiveTmOp *xive_tm_find_op(XivePresenter *xptr, hwaddr offset, 774 unsigned size, bool write) 775 { 776 uint8_t page_offset = (offset >> TM_SHIFT) & 0x3; 777 uint32_t op_offset = offset & TM_ADDRESS_MASK; 778 const XiveTmOp *tm_ops; 779 int i, tm_ops_count; 780 uint32_t cfg; 781 782 cfg = xive_presenter_get_config(xptr); 783 if (cfg & XIVE_PRESENTER_GEN1_TIMA_OS) { 784 tm_ops = xive_tm_operations; 785 tm_ops_count = ARRAY_SIZE(xive_tm_operations); 786 } else { 787 tm_ops = xive2_tm_operations; 788 tm_ops_count = ARRAY_SIZE(xive2_tm_operations); 789 } 790 791 for (i = 0; i < tm_ops_count; i++) { 792 const XiveTmOp *xto = &tm_ops[i]; 793 794 /* Accesses done from a more privileged TIMA page is allowed */ 795 if (xto->page_offset >= page_offset && 796 xto->op_offset == op_offset && 797 xto->size == size && 798 ((write && xto->write_handler) || (!write && xto->read_handler))) { 799 return xto; 800 } 801 } 802 return NULL; 803 } 804 805 /* 806 * TIMA MMIO handlers 807 */ 808 void xive_tctx_tm_write(XivePresenter *xptr, XiveTCTX *tctx, hwaddr offset, 809 uint64_t value, unsigned size) 810 { 811 const XiveTmOp *xto; 812 813 trace_xive_tctx_tm_write(tctx->cs->cpu_index, offset, size, value); 814 815 /* 816 * TODO: check V bit in Q[0-3]W2 817 */ 818 819 /* 820 * First, check for special operations in the 2K region 821 */ 822 if (offset & TM_SPECIAL_OP) { 823 xto = xive_tm_find_op(tctx->xptr, offset, size, true); 824 if (!xto) { 825 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid write access at TIMA " 826 "@%"HWADDR_PRIx" size %d\n", offset, size); 827 } else { 828 xto->write_handler(xptr, tctx, offset, value, size); 829 } 830 return; 831 } 832 833 /* 834 * Then, for special operations in the region below 2K. 835 */ 836 xto = xive_tm_find_op(tctx->xptr, offset, size, true); 837 if (xto) { 838 xto->write_handler(xptr, tctx, offset, value, size); 839 return; 840 } 841 842 /* 843 * Finish with raw access to the register values 844 */ 845 xive_tm_raw_write(tctx, offset, value, size); 846 } 847 848 uint64_t xive_tctx_tm_read(XivePresenter *xptr, XiveTCTX *tctx, hwaddr offset, 849 unsigned size) 850 { 851 const XiveTmOp *xto; 852 uint64_t ret; 853 854 /* 855 * TODO: check V bit in Q[0-3]W2 856 */ 857 858 /* 859 * First, check for special operations in the 2K region 860 */ 861 if (offset & TM_SPECIAL_OP) { 862 xto = xive_tm_find_op(tctx->xptr, offset, size, false); 863 if (!xto) { 864 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid read access to TIMA" 865 "@%"HWADDR_PRIx" size %d\n", offset, size); 866 return -1; 867 } 868 ret = xto->read_handler(xptr, tctx, offset, size); 869 goto out; 870 } 871 872 /* 873 * Then, for special operations in the region below 2K. 874 */ 875 xto = xive_tm_find_op(tctx->xptr, offset, size, false); 876 if (xto) { 877 ret = xto->read_handler(xptr, tctx, offset, size); 878 goto out; 879 } 880 881 /* 882 * Finish with raw access to the register values 883 */ 884 ret = xive_tm_raw_read(tctx, offset, size); 885 out: 886 trace_xive_tctx_tm_read(tctx->cs->cpu_index, offset, size, ret); 887 return ret; 888 } 889 890 static char *xive_tctx_ring_print(uint8_t *ring) 891 { 892 uint32_t w2 = xive_tctx_word2(ring); 893 894 return g_strdup_printf("%02x %02x %02x %02x %02x " 895 "%02x %02x %02x %08x", 896 ring[TM_NSR], ring[TM_CPPR], ring[TM_IPB], ring[TM_LSMFB], 897 ring[TM_ACK_CNT], ring[TM_INC], ring[TM_AGE], ring[TM_PIPR], 898 be32_to_cpu(w2)); 899 } 900 901 static const char * const xive_tctx_ring_names[] = { 902 "USER", "OS", "POOL", "PHYS", 903 }; 904 905 /* 906 * kvm_irqchip_in_kernel() will cause the compiler to turn this 907 * info a nop if CONFIG_KVM isn't defined. 908 */ 909 #define xive_in_kernel(xptr) \ 910 (kvm_irqchip_in_kernel() && \ 911 ({ \ 912 XivePresenterClass *xpc = XIVE_PRESENTER_GET_CLASS(xptr); \ 913 xpc->in_kernel ? xpc->in_kernel(xptr) : false; \ 914 })) 915 916 void xive_tctx_pic_print_info(XiveTCTX *tctx, GString *buf) 917 { 918 int cpu_index; 919 int i; 920 921 /* Skip partially initialized vCPUs. This can happen on sPAPR when vCPUs 922 * are hot plugged or unplugged. 923 */ 924 if (!tctx) { 925 return; 926 } 927 928 cpu_index = tctx->cs ? tctx->cs->cpu_index : -1; 929 930 if (xive_in_kernel(tctx->xptr)) { 931 Error *local_err = NULL; 932 933 kvmppc_xive_cpu_synchronize_state(tctx, &local_err); 934 if (local_err) { 935 error_report_err(local_err); 936 return; 937 } 938 } 939 940 if (xive_presenter_get_config(tctx->xptr) & XIVE_PRESENTER_GEN1_TIMA_OS) { 941 g_string_append_printf(buf, "CPU[%04x]: " 942 "QW NSR CPPR IPB LSMFB ACK# INC AGE PIPR" 943 " W2\n", cpu_index); 944 } else { 945 g_string_append_printf(buf, "CPU[%04x]: " 946 "QW NSR CPPR IPB LSMFB - LGS T PIPR" 947 " W2\n", cpu_index); 948 } 949 950 for (i = 0; i < XIVE_TM_RING_COUNT; i++) { 951 char *s = xive_tctx_ring_print(&tctx->regs[i * XIVE_TM_RING_SIZE]); 952 g_string_append_printf(buf, "CPU[%04x]: %4s %s\n", 953 cpu_index, xive_tctx_ring_names[i], s); 954 g_free(s); 955 } 956 } 957 958 void xive_tctx_reset(XiveTCTX *tctx) 959 { 960 memset(tctx->regs, 0, sizeof(tctx->regs)); 961 962 /* Set some defaults */ 963 tctx->regs[TM_QW1_OS + TM_LSMFB] = 0xFF; 964 tctx->regs[TM_QW1_OS + TM_ACK_CNT] = 0xFF; 965 tctx->regs[TM_QW1_OS + TM_AGE] = 0xFF; 966 if (!(xive_presenter_get_config(tctx->xptr) & 967 XIVE_PRESENTER_GEN1_TIMA_OS)) { 968 tctx->regs[TM_QW1_OS + TM_OGEN] = 2; 969 } 970 971 /* 972 * Initialize PIPR to 0xFF to avoid phantom interrupts when the 973 * CPPR is first set. 974 */ 975 tctx->regs[TM_QW1_OS + TM_PIPR] = 976 xive_ipb_to_pipr(tctx->regs[TM_QW1_OS + TM_IPB]); 977 tctx->regs[TM_QW3_HV_PHYS + TM_PIPR] = 978 xive_ipb_to_pipr(tctx->regs[TM_QW3_HV_PHYS + TM_IPB]); 979 } 980 981 static void xive_tctx_realize(DeviceState *dev, Error **errp) 982 { 983 XiveTCTX *tctx = XIVE_TCTX(dev); 984 PowerPCCPU *cpu; 985 CPUPPCState *env; 986 987 assert(tctx->cs); 988 assert(tctx->xptr); 989 990 cpu = POWERPC_CPU(tctx->cs); 991 env = &cpu->env; 992 switch (PPC_INPUT(env)) { 993 case PPC_FLAGS_INPUT_POWER9: 994 tctx->hv_output = qdev_get_gpio_in(DEVICE(cpu), POWER9_INPUT_HINT); 995 tctx->os_output = qdev_get_gpio_in(DEVICE(cpu), POWER9_INPUT_INT); 996 break; 997 998 default: 999 error_setg(errp, "XIVE interrupt controller does not support " 1000 "this CPU bus model"); 1001 return; 1002 } 1003 1004 /* Connect the presenter to the VCPU (required for CPU hotplug) */ 1005 if (xive_in_kernel(tctx->xptr)) { 1006 if (kvmppc_xive_cpu_connect(tctx, errp) < 0) { 1007 return; 1008 } 1009 } 1010 } 1011 1012 static int vmstate_xive_tctx_pre_save(void *opaque) 1013 { 1014 XiveTCTX *tctx = XIVE_TCTX(opaque); 1015 Error *local_err = NULL; 1016 int ret; 1017 1018 if (xive_in_kernel(tctx->xptr)) { 1019 ret = kvmppc_xive_cpu_get_state(tctx, &local_err); 1020 if (ret < 0) { 1021 error_report_err(local_err); 1022 return ret; 1023 } 1024 } 1025 1026 return 0; 1027 } 1028 1029 static int vmstate_xive_tctx_post_load(void *opaque, int version_id) 1030 { 1031 XiveTCTX *tctx = XIVE_TCTX(opaque); 1032 Error *local_err = NULL; 1033 int ret; 1034 1035 if (xive_in_kernel(tctx->xptr)) { 1036 /* 1037 * Required for hotplugged CPU, for which the state comes 1038 * after all states of the machine. 1039 */ 1040 ret = kvmppc_xive_cpu_set_state(tctx, &local_err); 1041 if (ret < 0) { 1042 error_report_err(local_err); 1043 return ret; 1044 } 1045 } 1046 1047 return 0; 1048 } 1049 1050 static const VMStateDescription vmstate_xive_tctx = { 1051 .name = TYPE_XIVE_TCTX, 1052 .version_id = 1, 1053 .minimum_version_id = 1, 1054 .pre_save = vmstate_xive_tctx_pre_save, 1055 .post_load = vmstate_xive_tctx_post_load, 1056 .fields = (const VMStateField[]) { 1057 VMSTATE_BUFFER(regs, XiveTCTX), 1058 VMSTATE_END_OF_LIST() 1059 }, 1060 }; 1061 1062 static const Property xive_tctx_properties[] = { 1063 DEFINE_PROP_LINK("cpu", XiveTCTX, cs, TYPE_CPU, CPUState *), 1064 DEFINE_PROP_LINK("presenter", XiveTCTX, xptr, TYPE_XIVE_PRESENTER, 1065 XivePresenter *), 1066 }; 1067 1068 static void xive_tctx_class_init(ObjectClass *klass, const void *data) 1069 { 1070 DeviceClass *dc = DEVICE_CLASS(klass); 1071 1072 dc->desc = "XIVE Interrupt Thread Context"; 1073 dc->realize = xive_tctx_realize; 1074 dc->vmsd = &vmstate_xive_tctx; 1075 device_class_set_props(dc, xive_tctx_properties); 1076 /* 1077 * Reason: part of XIVE interrupt controller, needs to be wired up 1078 * by xive_tctx_create(). 1079 */ 1080 dc->user_creatable = false; 1081 } 1082 1083 static const TypeInfo xive_tctx_info = { 1084 .name = TYPE_XIVE_TCTX, 1085 .parent = TYPE_DEVICE, 1086 .instance_size = sizeof(XiveTCTX), 1087 .class_init = xive_tctx_class_init, 1088 }; 1089 1090 Object *xive_tctx_create(Object *cpu, XivePresenter *xptr, Error **errp) 1091 { 1092 Object *obj; 1093 1094 obj = object_new(TYPE_XIVE_TCTX); 1095 object_property_add_child(cpu, TYPE_XIVE_TCTX, obj); 1096 object_unref(obj); 1097 object_property_set_link(obj, "cpu", cpu, &error_abort); 1098 object_property_set_link(obj, "presenter", OBJECT(xptr), &error_abort); 1099 if (!qdev_realize(DEVICE(obj), NULL, errp)) { 1100 object_unparent(obj); 1101 return NULL; 1102 } 1103 return obj; 1104 } 1105 1106 void xive_tctx_destroy(XiveTCTX *tctx) 1107 { 1108 Object *obj = OBJECT(tctx); 1109 1110 object_unparent(obj); 1111 } 1112 1113 /* 1114 * XIVE ESB helpers 1115 */ 1116 1117 uint8_t xive_esb_set(uint8_t *pq, uint8_t value) 1118 { 1119 uint8_t old_pq = *pq & 0x3; 1120 1121 *pq &= ~0x3; 1122 *pq |= value & 0x3; 1123 1124 return old_pq; 1125 } 1126 1127 bool xive_esb_trigger(uint8_t *pq) 1128 { 1129 uint8_t old_pq = *pq & 0x3; 1130 1131 switch (old_pq) { 1132 case XIVE_ESB_RESET: 1133 xive_esb_set(pq, XIVE_ESB_PENDING); 1134 return true; 1135 case XIVE_ESB_PENDING: 1136 case XIVE_ESB_QUEUED: 1137 xive_esb_set(pq, XIVE_ESB_QUEUED); 1138 return false; 1139 case XIVE_ESB_OFF: 1140 xive_esb_set(pq, XIVE_ESB_OFF); 1141 return false; 1142 default: 1143 g_assert_not_reached(); 1144 } 1145 } 1146 1147 bool xive_esb_eoi(uint8_t *pq) 1148 { 1149 uint8_t old_pq = *pq & 0x3; 1150 1151 switch (old_pq) { 1152 case XIVE_ESB_RESET: 1153 case XIVE_ESB_PENDING: 1154 xive_esb_set(pq, XIVE_ESB_RESET); 1155 return false; 1156 case XIVE_ESB_QUEUED: 1157 xive_esb_set(pq, XIVE_ESB_PENDING); 1158 return true; 1159 case XIVE_ESB_OFF: 1160 xive_esb_set(pq, XIVE_ESB_OFF); 1161 return false; 1162 default: 1163 g_assert_not_reached(); 1164 } 1165 } 1166 1167 /* 1168 * XIVE Interrupt Source (or IVSE) 1169 */ 1170 1171 uint8_t xive_source_esb_get(XiveSource *xsrc, uint32_t srcno) 1172 { 1173 assert(srcno < xsrc->nr_irqs); 1174 1175 return xsrc->status[srcno] & 0x3; 1176 } 1177 1178 uint8_t xive_source_esb_set(XiveSource *xsrc, uint32_t srcno, uint8_t pq) 1179 { 1180 assert(srcno < xsrc->nr_irqs); 1181 1182 return xive_esb_set(&xsrc->status[srcno], pq); 1183 } 1184 1185 /* 1186 * Returns whether the event notification should be forwarded. 1187 */ 1188 static bool xive_source_lsi_trigger(XiveSource *xsrc, uint32_t srcno) 1189 { 1190 uint8_t old_pq = xive_source_esb_get(xsrc, srcno); 1191 1192 xive_source_set_asserted(xsrc, srcno, true); 1193 1194 switch (old_pq) { 1195 case XIVE_ESB_RESET: 1196 xive_source_esb_set(xsrc, srcno, XIVE_ESB_PENDING); 1197 return true; 1198 default: 1199 return false; 1200 } 1201 } 1202 1203 /* 1204 * Sources can be configured with PQ offloading in which case the check 1205 * on the PQ state bits of MSIs is disabled 1206 */ 1207 static bool xive_source_esb_disabled(XiveSource *xsrc, uint32_t srcno) 1208 { 1209 return (xsrc->esb_flags & XIVE_SRC_PQ_DISABLE) && 1210 !xive_source_irq_is_lsi(xsrc, srcno); 1211 } 1212 1213 /* 1214 * Returns whether the event notification should be forwarded. 1215 */ 1216 static bool xive_source_esb_trigger(XiveSource *xsrc, uint32_t srcno) 1217 { 1218 bool ret; 1219 1220 assert(srcno < xsrc->nr_irqs); 1221 1222 if (xive_source_esb_disabled(xsrc, srcno)) { 1223 return true; 1224 } 1225 1226 ret = xive_esb_trigger(&xsrc->status[srcno]); 1227 1228 if (xive_source_irq_is_lsi(xsrc, srcno) && 1229 xive_source_esb_get(xsrc, srcno) == XIVE_ESB_QUEUED) { 1230 qemu_log_mask(LOG_GUEST_ERROR, 1231 "XIVE: queued an event on LSI IRQ %d\n", srcno); 1232 } 1233 1234 return ret; 1235 } 1236 1237 /* 1238 * Returns whether the event notification should be forwarded. 1239 */ 1240 static bool xive_source_esb_eoi(XiveSource *xsrc, uint32_t srcno) 1241 { 1242 bool ret; 1243 1244 assert(srcno < xsrc->nr_irqs); 1245 1246 if (xive_source_esb_disabled(xsrc, srcno)) { 1247 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid EOI for IRQ %d\n", srcno); 1248 return false; 1249 } 1250 1251 ret = xive_esb_eoi(&xsrc->status[srcno]); 1252 1253 /* 1254 * LSI sources do not set the Q bit but they can still be 1255 * asserted, in which case we should forward a new event 1256 * notification 1257 */ 1258 if (xive_source_irq_is_lsi(xsrc, srcno) && 1259 xive_source_is_asserted(xsrc, srcno)) { 1260 ret = xive_source_lsi_trigger(xsrc, srcno); 1261 } 1262 1263 return ret; 1264 } 1265 1266 /* 1267 * Forward the source event notification to the Router 1268 */ 1269 static void xive_source_notify(XiveSource *xsrc, int srcno) 1270 { 1271 XiveNotifierClass *xnc = XIVE_NOTIFIER_GET_CLASS(xsrc->xive); 1272 bool pq_checked = !xive_source_esb_disabled(xsrc, srcno); 1273 1274 if (xnc->notify) { 1275 xnc->notify(xsrc->xive, srcno, pq_checked); 1276 } 1277 } 1278 1279 /* 1280 * In a two pages ESB MMIO setting, even page is the trigger page, odd 1281 * page is for management 1282 */ 1283 static inline bool addr_is_even(hwaddr addr, uint32_t shift) 1284 { 1285 return !((addr >> shift) & 1); 1286 } 1287 1288 static inline bool xive_source_is_trigger_page(XiveSource *xsrc, hwaddr addr) 1289 { 1290 return xive_source_esb_has_2page(xsrc) && 1291 addr_is_even(addr, xsrc->esb_shift - 1); 1292 } 1293 1294 /* 1295 * ESB MMIO loads 1296 * Trigger page Management/EOI page 1297 * 1298 * ESB MMIO setting 2 pages 1 or 2 pages 1299 * 1300 * 0x000 .. 0x3FF -1 EOI and return 0|1 1301 * 0x400 .. 0x7FF -1 EOI and return 0|1 1302 * 0x800 .. 0xBFF -1 return PQ 1303 * 0xC00 .. 0xCFF -1 return PQ and atomically PQ=00 1304 * 0xD00 .. 0xDFF -1 return PQ and atomically PQ=01 1305 * 0xE00 .. 0xDFF -1 return PQ and atomically PQ=10 1306 * 0xF00 .. 0xDFF -1 return PQ and atomically PQ=11 1307 */ 1308 static uint64_t xive_source_esb_read(void *opaque, hwaddr addr, unsigned size) 1309 { 1310 XiveSource *xsrc = XIVE_SOURCE(opaque); 1311 uint32_t offset = addr & 0xFFF; 1312 uint32_t srcno = addr >> xsrc->esb_shift; 1313 uint64_t ret = -1; 1314 1315 /* In a two pages ESB MMIO setting, trigger page should not be read */ 1316 if (xive_source_is_trigger_page(xsrc, addr)) { 1317 qemu_log_mask(LOG_GUEST_ERROR, 1318 "XIVE: invalid load on IRQ %d trigger page at " 1319 "0x%"HWADDR_PRIx"\n", srcno, addr); 1320 return -1; 1321 } 1322 1323 switch (offset) { 1324 case XIVE_ESB_LOAD_EOI ... XIVE_ESB_LOAD_EOI + 0x7FF: 1325 ret = xive_source_esb_eoi(xsrc, srcno); 1326 1327 /* Forward the source event notification for routing */ 1328 if (ret) { 1329 trace_xive_source_notify(srcno); 1330 xive_source_notify(xsrc, srcno); 1331 } 1332 break; 1333 1334 case XIVE_ESB_GET ... XIVE_ESB_GET + 0x3FF: 1335 ret = xive_source_esb_get(xsrc, srcno); 1336 break; 1337 1338 case XIVE_ESB_SET_PQ_00 ... XIVE_ESB_SET_PQ_00 + 0x0FF: 1339 case XIVE_ESB_SET_PQ_01 ... XIVE_ESB_SET_PQ_01 + 0x0FF: 1340 case XIVE_ESB_SET_PQ_10 ... XIVE_ESB_SET_PQ_10 + 0x0FF: 1341 case XIVE_ESB_SET_PQ_11 ... XIVE_ESB_SET_PQ_11 + 0x0FF: 1342 ret = xive_source_esb_set(xsrc, srcno, (offset >> 8) & 0x3); 1343 break; 1344 default: 1345 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid ESB load addr %x\n", 1346 offset); 1347 } 1348 1349 trace_xive_source_esb_read(addr, srcno, ret); 1350 1351 return ret; 1352 } 1353 1354 /* 1355 * ESB MMIO stores 1356 * Trigger page Management/EOI page 1357 * 1358 * ESB MMIO setting 2 pages 1 or 2 pages 1359 * 1360 * 0x000 .. 0x3FF Trigger Trigger 1361 * 0x400 .. 0x7FF Trigger EOI 1362 * 0x800 .. 0xBFF Trigger undefined 1363 * 0xC00 .. 0xCFF Trigger PQ=00 1364 * 0xD00 .. 0xDFF Trigger PQ=01 1365 * 0xE00 .. 0xDFF Trigger PQ=10 1366 * 0xF00 .. 0xDFF Trigger PQ=11 1367 */ 1368 static void xive_source_esb_write(void *opaque, hwaddr addr, 1369 uint64_t value, unsigned size) 1370 { 1371 XiveSource *xsrc = XIVE_SOURCE(opaque); 1372 uint32_t offset = addr & 0xFFF; 1373 uint32_t srcno = addr >> xsrc->esb_shift; 1374 bool notify = false; 1375 1376 trace_xive_source_esb_write(addr, srcno, value); 1377 1378 /* In a two pages ESB MMIO setting, trigger page only triggers */ 1379 if (xive_source_is_trigger_page(xsrc, addr)) { 1380 notify = xive_source_esb_trigger(xsrc, srcno); 1381 goto out; 1382 } 1383 1384 switch (offset) { 1385 case 0 ... 0x3FF: 1386 notify = xive_source_esb_trigger(xsrc, srcno); 1387 break; 1388 1389 case XIVE_ESB_STORE_EOI ... XIVE_ESB_STORE_EOI + 0x3FF: 1390 if (!(xsrc->esb_flags & XIVE_SRC_STORE_EOI)) { 1391 qemu_log_mask(LOG_GUEST_ERROR, 1392 "XIVE: invalid Store EOI for IRQ %d\n", srcno); 1393 return; 1394 } 1395 1396 notify = xive_source_esb_eoi(xsrc, srcno); 1397 break; 1398 1399 /* 1400 * This is an internal offset used to inject triggers when the PQ 1401 * state bits are not controlled locally. Such as for LSIs when 1402 * under ABT mode. 1403 */ 1404 case XIVE_ESB_INJECT ... XIVE_ESB_INJECT + 0x3FF: 1405 notify = true; 1406 break; 1407 1408 case XIVE_ESB_SET_PQ_00 ... XIVE_ESB_SET_PQ_00 + 0x0FF: 1409 case XIVE_ESB_SET_PQ_01 ... XIVE_ESB_SET_PQ_01 + 0x0FF: 1410 case XIVE_ESB_SET_PQ_10 ... XIVE_ESB_SET_PQ_10 + 0x0FF: 1411 case XIVE_ESB_SET_PQ_11 ... XIVE_ESB_SET_PQ_11 + 0x0FF: 1412 xive_source_esb_set(xsrc, srcno, (offset >> 8) & 0x3); 1413 break; 1414 1415 default: 1416 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid ESB write addr %x\n", 1417 offset); 1418 return; 1419 } 1420 1421 out: 1422 /* Forward the source event notification for routing */ 1423 if (notify) { 1424 xive_source_notify(xsrc, srcno); 1425 } else { 1426 trace_xive_source_blocked(srcno); 1427 } 1428 } 1429 1430 static const MemoryRegionOps xive_source_esb_ops = { 1431 .read = xive_source_esb_read, 1432 .write = xive_source_esb_write, 1433 .endianness = DEVICE_BIG_ENDIAN, 1434 .valid = { 1435 .min_access_size = 1, 1436 .max_access_size = 8, 1437 }, 1438 .impl = { 1439 .min_access_size = 1, 1440 .max_access_size = 8, 1441 }, 1442 }; 1443 1444 void xive_source_set_irq(void *opaque, int srcno, int val) 1445 { 1446 XiveSource *xsrc = XIVE_SOURCE(opaque); 1447 bool notify = false; 1448 1449 if (xive_source_irq_is_lsi(xsrc, srcno)) { 1450 if (val) { 1451 notify = xive_source_lsi_trigger(xsrc, srcno); 1452 } else { 1453 xive_source_set_asserted(xsrc, srcno, false); 1454 } 1455 } else { 1456 if (val) { 1457 notify = xive_source_esb_trigger(xsrc, srcno); 1458 } 1459 } 1460 1461 /* Forward the source event notification for routing */ 1462 if (notify) { 1463 xive_source_notify(xsrc, srcno); 1464 } 1465 } 1466 1467 void xive_source_pic_print_info(XiveSource *xsrc, uint32_t offset, GString *buf) 1468 { 1469 for (unsigned i = 0; i < xsrc->nr_irqs; i++) { 1470 uint8_t pq = xive_source_esb_get(xsrc, i); 1471 1472 if (pq == XIVE_ESB_OFF) { 1473 continue; 1474 } 1475 1476 g_string_append_printf(buf, " %08x %s %c%c%c\n", i + offset, 1477 xive_source_irq_is_lsi(xsrc, i) ? "LSI" : "MSI", 1478 pq & XIVE_ESB_VAL_P ? 'P' : '-', 1479 pq & XIVE_ESB_VAL_Q ? 'Q' : '-', 1480 xive_source_is_asserted(xsrc, i) ? 'A' : ' '); 1481 } 1482 } 1483 1484 static void xive_source_reset(void *dev) 1485 { 1486 XiveSource *xsrc = XIVE_SOURCE(dev); 1487 1488 /* Do not clear the LSI bitmap */ 1489 1490 memset(xsrc->status, xsrc->reset_pq, xsrc->nr_irqs); 1491 } 1492 1493 static void xive_source_realize(DeviceState *dev, Error **errp) 1494 { 1495 XiveSource *xsrc = XIVE_SOURCE(dev); 1496 uint64_t esb_len = xive_source_esb_len(xsrc); 1497 1498 assert(xsrc->xive); 1499 1500 if (!xsrc->nr_irqs) { 1501 error_setg(errp, "Number of interrupt needs to be greater than 0"); 1502 return; 1503 } 1504 1505 if (xsrc->esb_shift != XIVE_ESB_4K && 1506 xsrc->esb_shift != XIVE_ESB_4K_2PAGE && 1507 xsrc->esb_shift != XIVE_ESB_64K && 1508 xsrc->esb_shift != XIVE_ESB_64K_2PAGE) { 1509 error_setg(errp, "Invalid ESB shift setting"); 1510 return; 1511 } 1512 1513 xsrc->status = g_malloc0(xsrc->nr_irqs); 1514 xsrc->lsi_map = bitmap_new(xsrc->nr_irqs); 1515 1516 memory_region_init(&xsrc->esb_mmio, OBJECT(xsrc), "xive.esb", esb_len); 1517 memory_region_init_io(&xsrc->esb_mmio_emulated, OBJECT(xsrc), 1518 &xive_source_esb_ops, xsrc, "xive.esb-emulated", 1519 esb_len); 1520 memory_region_add_subregion(&xsrc->esb_mmio, 0, &xsrc->esb_mmio_emulated); 1521 1522 qemu_register_reset(xive_source_reset, dev); 1523 } 1524 1525 static const VMStateDescription vmstate_xive_source = { 1526 .name = TYPE_XIVE_SOURCE, 1527 .version_id = 1, 1528 .minimum_version_id = 1, 1529 .fields = (const VMStateField[]) { 1530 VMSTATE_UINT32_EQUAL(nr_irqs, XiveSource, NULL), 1531 VMSTATE_VBUFFER_UINT32(status, XiveSource, 1, NULL, nr_irqs), 1532 VMSTATE_END_OF_LIST() 1533 }, 1534 }; 1535 1536 /* 1537 * The default XIVE interrupt source setting for the ESB MMIOs is two 1538 * 64k pages without Store EOI, to be in sync with KVM. 1539 */ 1540 static const Property xive_source_properties[] = { 1541 DEFINE_PROP_UINT64("flags", XiveSource, esb_flags, 0), 1542 DEFINE_PROP_UINT32("nr-irqs", XiveSource, nr_irqs, 0), 1543 DEFINE_PROP_UINT32("shift", XiveSource, esb_shift, XIVE_ESB_64K_2PAGE), 1544 /* 1545 * By default, PQs are initialized to 0b01 (Q=1) which corresponds 1546 * to "ints off" 1547 */ 1548 DEFINE_PROP_UINT8("reset-pq", XiveSource, reset_pq, XIVE_ESB_OFF), 1549 DEFINE_PROP_LINK("xive", XiveSource, xive, TYPE_XIVE_NOTIFIER, 1550 XiveNotifier *), 1551 }; 1552 1553 static void xive_source_class_init(ObjectClass *klass, const void *data) 1554 { 1555 DeviceClass *dc = DEVICE_CLASS(klass); 1556 1557 dc->desc = "XIVE Interrupt Source"; 1558 device_class_set_props(dc, xive_source_properties); 1559 dc->realize = xive_source_realize; 1560 dc->vmsd = &vmstate_xive_source; 1561 /* 1562 * Reason: part of XIVE interrupt controller, needs to be wired up, 1563 * e.g. by spapr_xive_instance_init(). 1564 */ 1565 dc->user_creatable = false; 1566 } 1567 1568 static const TypeInfo xive_source_info = { 1569 .name = TYPE_XIVE_SOURCE, 1570 .parent = TYPE_DEVICE, 1571 .instance_size = sizeof(XiveSource), 1572 .class_init = xive_source_class_init, 1573 }; 1574 1575 /* 1576 * XiveEND helpers 1577 */ 1578 1579 void xive_end_queue_pic_print_info(XiveEND *end, uint32_t width, GString *buf) 1580 { 1581 uint64_t qaddr_base = xive_end_qaddr(end); 1582 uint32_t qsize = xive_get_field32(END_W0_QSIZE, end->w0); 1583 uint32_t qindex = xive_get_field32(END_W1_PAGE_OFF, end->w1); 1584 uint32_t qentries = 1 << (qsize + 10); 1585 int i; 1586 1587 /* 1588 * print out the [ (qindex - (width - 1)) .. (qindex + 1)] window 1589 */ 1590 g_string_append_printf(buf, " [ "); 1591 qindex = (qindex - (width - 1)) & (qentries - 1); 1592 for (i = 0; i < width; i++) { 1593 uint64_t qaddr = qaddr_base + (qindex << 2); 1594 uint32_t qdata = -1; 1595 1596 if (dma_memory_read(&address_space_memory, qaddr, 1597 &qdata, sizeof(qdata), MEMTXATTRS_UNSPECIFIED)) { 1598 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: failed to read EQ @0x%" 1599 HWADDR_PRIx "\n", qaddr); 1600 return; 1601 } 1602 g_string_append_printf(buf, "%s%08x ", i == width - 1 ? "^" : "", 1603 be32_to_cpu(qdata)); 1604 qindex = (qindex + 1) & (qentries - 1); 1605 } 1606 g_string_append_c(buf, ']'); 1607 } 1608 1609 void xive_end_pic_print_info(XiveEND *end, uint32_t end_idx, GString *buf) 1610 { 1611 uint64_t qaddr_base = xive_end_qaddr(end); 1612 uint32_t qindex = xive_get_field32(END_W1_PAGE_OFF, end->w1); 1613 uint32_t qgen = xive_get_field32(END_W1_GENERATION, end->w1); 1614 uint32_t qsize = xive_get_field32(END_W0_QSIZE, end->w0); 1615 uint32_t qentries = 1 << (qsize + 10); 1616 1617 uint32_t nvt_blk = xive_get_field32(END_W6_NVT_BLOCK, end->w6); 1618 uint32_t nvt_idx = xive_get_field32(END_W6_NVT_INDEX, end->w6); 1619 uint8_t priority = xive_get_field32(END_W7_F0_PRIORITY, end->w7); 1620 uint8_t pq; 1621 1622 if (!xive_end_is_valid(end)) { 1623 return; 1624 } 1625 1626 pq = xive_get_field32(END_W1_ESn, end->w1); 1627 1628 g_string_append_printf(buf, 1629 " %08x %c%c %c%c%c%c%c%c%c%c prio:%d nvt:%02x/%04x", 1630 end_idx, 1631 pq & XIVE_ESB_VAL_P ? 'P' : '-', 1632 pq & XIVE_ESB_VAL_Q ? 'Q' : '-', 1633 xive_end_is_valid(end) ? 'v' : '-', 1634 xive_end_is_enqueue(end) ? 'q' : '-', 1635 xive_end_is_notify(end) ? 'n' : '-', 1636 xive_end_is_backlog(end) ? 'b' : '-', 1637 xive_end_is_escalate(end) ? 'e' : '-', 1638 xive_end_is_uncond_escalation(end) ? 'u' : '-', 1639 xive_end_is_silent_escalation(end) ? 's' : '-', 1640 xive_end_is_firmware(end) ? 'f' : '-', 1641 priority, nvt_blk, nvt_idx); 1642 1643 if (qaddr_base) { 1644 g_string_append_printf(buf, " eq:@%08"PRIx64"% 6d/%5d ^%d", 1645 qaddr_base, qindex, qentries, qgen); 1646 xive_end_queue_pic_print_info(end, 6, buf); 1647 } 1648 g_string_append_c(buf, '\n'); 1649 } 1650 1651 static void xive_end_enqueue(XiveEND *end, uint32_t data) 1652 { 1653 uint64_t qaddr_base = xive_end_qaddr(end); 1654 uint32_t qsize = xive_get_field32(END_W0_QSIZE, end->w0); 1655 uint32_t qindex = xive_get_field32(END_W1_PAGE_OFF, end->w1); 1656 uint32_t qgen = xive_get_field32(END_W1_GENERATION, end->w1); 1657 1658 uint64_t qaddr = qaddr_base + (qindex << 2); 1659 uint32_t qdata = cpu_to_be32((qgen << 31) | (data & 0x7fffffff)); 1660 uint32_t qentries = 1 << (qsize + 10); 1661 1662 if (dma_memory_write(&address_space_memory, qaddr, 1663 &qdata, sizeof(qdata), MEMTXATTRS_UNSPECIFIED)) { 1664 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: failed to write END data @0x%" 1665 HWADDR_PRIx "\n", qaddr); 1666 return; 1667 } 1668 1669 qindex = (qindex + 1) & (qentries - 1); 1670 if (qindex == 0) { 1671 qgen ^= 1; 1672 end->w1 = xive_set_field32(END_W1_GENERATION, end->w1, qgen); 1673 } 1674 end->w1 = xive_set_field32(END_W1_PAGE_OFF, end->w1, qindex); 1675 } 1676 1677 void xive_end_eas_pic_print_info(XiveEND *end, uint32_t end_idx, GString *buf) 1678 { 1679 XiveEAS *eas = (XiveEAS *) &end->w4; 1680 uint8_t pq; 1681 1682 if (!xive_end_is_escalate(end)) { 1683 return; 1684 } 1685 1686 pq = xive_get_field32(END_W1_ESe, end->w1); 1687 1688 g_string_append_printf(buf, " %08x %c%c %c%c end:%02x/%04x data:%08x\n", 1689 end_idx, 1690 pq & XIVE_ESB_VAL_P ? 'P' : '-', 1691 pq & XIVE_ESB_VAL_Q ? 'Q' : '-', 1692 xive_eas_is_valid(eas) ? 'V' : ' ', 1693 xive_eas_is_masked(eas) ? 'M' : ' ', 1694 (uint8_t) xive_get_field64(EAS_END_BLOCK, eas->w), 1695 (uint32_t) xive_get_field64(EAS_END_INDEX, eas->w), 1696 (uint32_t) xive_get_field64(EAS_END_DATA, eas->w)); 1697 } 1698 1699 /* 1700 * XIVE Router (aka. Virtualization Controller or IVRE) 1701 */ 1702 1703 int xive_router_get_eas(XiveRouter *xrtr, uint8_t eas_blk, uint32_t eas_idx, 1704 XiveEAS *eas) 1705 { 1706 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1707 1708 return xrc->get_eas(xrtr, eas_blk, eas_idx, eas); 1709 } 1710 1711 static 1712 int xive_router_get_pq(XiveRouter *xrtr, uint8_t eas_blk, uint32_t eas_idx, 1713 uint8_t *pq) 1714 { 1715 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1716 1717 return xrc->get_pq(xrtr, eas_blk, eas_idx, pq); 1718 } 1719 1720 static 1721 int xive_router_set_pq(XiveRouter *xrtr, uint8_t eas_blk, uint32_t eas_idx, 1722 uint8_t *pq) 1723 { 1724 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1725 1726 return xrc->set_pq(xrtr, eas_blk, eas_idx, pq); 1727 } 1728 1729 int xive_router_get_end(XiveRouter *xrtr, uint8_t end_blk, uint32_t end_idx, 1730 XiveEND *end) 1731 { 1732 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1733 1734 return xrc->get_end(xrtr, end_blk, end_idx, end); 1735 } 1736 1737 int xive_router_write_end(XiveRouter *xrtr, uint8_t end_blk, uint32_t end_idx, 1738 XiveEND *end, uint8_t word_number) 1739 { 1740 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1741 1742 return xrc->write_end(xrtr, end_blk, end_idx, end, word_number); 1743 } 1744 1745 int xive_router_get_nvt(XiveRouter *xrtr, uint8_t nvt_blk, uint32_t nvt_idx, 1746 XiveNVT *nvt) 1747 { 1748 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1749 1750 return xrc->get_nvt(xrtr, nvt_blk, nvt_idx, nvt); 1751 } 1752 1753 int xive_router_write_nvt(XiveRouter *xrtr, uint8_t nvt_blk, uint32_t nvt_idx, 1754 XiveNVT *nvt, uint8_t word_number) 1755 { 1756 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1757 1758 return xrc->write_nvt(xrtr, nvt_blk, nvt_idx, nvt, word_number); 1759 } 1760 1761 static int xive_router_get_block_id(XiveRouter *xrtr) 1762 { 1763 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1764 1765 return xrc->get_block_id(xrtr); 1766 } 1767 1768 static void xive_router_realize(DeviceState *dev, Error **errp) 1769 { 1770 XiveRouter *xrtr = XIVE_ROUTER(dev); 1771 1772 assert(xrtr->xfb); 1773 } 1774 1775 static void xive_router_end_notify_handler(XiveRouter *xrtr, XiveEAS *eas) 1776 { 1777 XiveRouterClass *xrc = XIVE_ROUTER_GET_CLASS(xrtr); 1778 1779 return xrc->end_notify(xrtr, eas); 1780 } 1781 1782 /* 1783 * Encode the HW CAM line in the block group mode format : 1784 * 1785 * chip << 19 | 0000000 0 0001 thread (7Bit) 1786 */ 1787 static uint32_t xive_tctx_hw_cam_line(XivePresenter *xptr, XiveTCTX *tctx) 1788 { 1789 CPUPPCState *env = &POWERPC_CPU(tctx->cs)->env; 1790 uint32_t pir = env->spr_cb[SPR_PIR].default_value; 1791 uint8_t blk = xive_router_get_block_id(XIVE_ROUTER(xptr)); 1792 1793 return xive_nvt_cam_line(blk, 1 << 7 | (pir & 0x7f)); 1794 } 1795 1796 uint32_t xive_get_vpgroup_size(uint32_t nvp_index) 1797 { 1798 /* 1799 * Group size is a power of 2. The position of the first 0 1800 * (starting with the least significant bits) in the NVP index 1801 * gives the size of the group. 1802 */ 1803 int first_zero = cto32(nvp_index); 1804 if (first_zero >= 31) { 1805 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid group index 0x%08x", 1806 nvp_index); 1807 return 0; 1808 } 1809 1810 return 1U << (first_zero + 1); 1811 } 1812 1813 uint8_t xive_get_group_level(bool crowd, bool ignore, 1814 uint32_t nvp_blk, uint32_t nvp_index) 1815 { 1816 int first_zero; 1817 uint8_t level; 1818 1819 if (!ignore) { 1820 g_assert(!crowd); 1821 return 0; 1822 } 1823 1824 first_zero = cto32(nvp_index); 1825 if (first_zero >= 31) { 1826 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid group index 0x%08x", 1827 nvp_index); 1828 return 0; 1829 } 1830 1831 level = (first_zero + 1) & 0b1111; 1832 if (crowd) { 1833 uint32_t blk; 1834 1835 /* crowd level is bit position of first 0 from the right in nvp_blk */ 1836 first_zero = cto32(nvp_blk); 1837 if (first_zero >= 31) { 1838 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid crowd block 0x%08x", 1839 nvp_blk); 1840 return 0; 1841 } 1842 blk = first_zero + 1; 1843 1844 /* 1845 * Supported crowd sizes are 2^1, 2^2, and 2^4. 2^3 is not supported. 1846 * HW will encode level 4 as the value 3. See xive2_pgofnext(). 1847 */ 1848 switch (blk) { 1849 case 1: 1850 case 2: 1851 break; 1852 case 4: 1853 blk = 3; 1854 break; 1855 default: 1856 g_assert_not_reached(); 1857 } 1858 1859 /* Crowd level bits reside in upper 2 bits of the 6 bit group level */ 1860 level |= blk << 4; 1861 } 1862 return level; 1863 } 1864 1865 /* 1866 * The thread context register words are in big-endian format. 1867 */ 1868 int xive_presenter_tctx_match(XivePresenter *xptr, XiveTCTX *tctx, 1869 uint8_t format, 1870 uint8_t nvt_blk, uint32_t nvt_idx, 1871 bool cam_ignore, uint32_t logic_serv) 1872 { 1873 uint32_t cam = xive_nvt_cam_line(nvt_blk, nvt_idx); 1874 uint32_t qw3w2 = xive_tctx_word2(&tctx->regs[TM_QW3_HV_PHYS]); 1875 uint32_t qw2w2 = xive_tctx_word2(&tctx->regs[TM_QW2_HV_POOL]); 1876 uint32_t qw1w2 = xive_tctx_word2(&tctx->regs[TM_QW1_OS]); 1877 uint32_t qw0w2 = xive_tctx_word2(&tctx->regs[TM_QW0_USER]); 1878 1879 /* 1880 * TODO (PowerNV): ignore mode. The low order bits of the NVT 1881 * identifier are ignored in the "CAM" match. 1882 */ 1883 1884 if (format == 0) { 1885 if (cam_ignore == true) { 1886 /* 1887 * F=0 & i=1: Logical server notification (bits ignored at 1888 * the end of the NVT identifier) 1889 */ 1890 qemu_log_mask(LOG_UNIMP, "XIVE: no support for LS NVT %x/%x\n", 1891 nvt_blk, nvt_idx); 1892 return -1; 1893 } 1894 1895 /* F=0 & i=0: Specific NVT notification */ 1896 1897 /* PHYS ring */ 1898 if ((be32_to_cpu(qw3w2) & TM_QW3W2_VT) && 1899 cam == xive_tctx_hw_cam_line(xptr, tctx)) { 1900 return TM_QW3_HV_PHYS; 1901 } 1902 1903 /* HV POOL ring */ 1904 if ((be32_to_cpu(qw2w2) & TM_QW2W2_VP) && 1905 cam == xive_get_field32(TM_QW2W2_POOL_CAM, qw2w2)) { 1906 return TM_QW2_HV_POOL; 1907 } 1908 1909 /* OS ring */ 1910 if ((be32_to_cpu(qw1w2) & TM_QW1W2_VO) && 1911 cam == xive_get_field32(TM_QW1W2_OS_CAM, qw1w2)) { 1912 return TM_QW1_OS; 1913 } 1914 } else { 1915 /* F=1 : User level Event-Based Branch (EBB) notification */ 1916 1917 /* USER ring */ 1918 if ((be32_to_cpu(qw1w2) & TM_QW1W2_VO) && 1919 (cam == xive_get_field32(TM_QW1W2_OS_CAM, qw1w2)) && 1920 (be32_to_cpu(qw0w2) & TM_QW0W2_VU) && 1921 (logic_serv == xive_get_field32(TM_QW0W2_LOGIC_SERV, qw0w2))) { 1922 return TM_QW0_USER; 1923 } 1924 } 1925 return -1; 1926 } 1927 1928 /* 1929 * This is our simple Xive Presenter Engine model. It is merged in the 1930 * Router as it does not require an extra object. 1931 */ 1932 bool xive_presenter_match(XiveFabric *xfb, uint8_t format, 1933 uint8_t nvt_blk, uint32_t nvt_idx, 1934 bool crowd, bool cam_ignore, uint8_t priority, 1935 uint32_t logic_serv, XiveTCTXMatch *match) 1936 { 1937 XiveFabricClass *xfc = XIVE_FABRIC_GET_CLASS(xfb); 1938 1939 memset(match, 0, sizeof(*match)); 1940 1941 /* 1942 * Ask the machine to scan the interrupt controllers for a match. 1943 * 1944 * For VP-specific notification, we expect at most one match and 1945 * one call to the presenters is all we need (abbreviated notify 1946 * sequence documented by the architecture). 1947 * 1948 * For VP-group notification, match_nvt() is the equivalent of the 1949 * "histogram" and "poll" commands sent to the power bus to the 1950 * presenters. 'count' could be more than one, but we always 1951 * select the first match for now. 'precluded' tells if (at least) 1952 * one thread matches but can't take the interrupt now because 1953 * it's running at a more favored priority. We return the 1954 * information to the router so that it can take appropriate 1955 * actions (backlog, escalation, broadcast, etc...) 1956 * 1957 * If we were to implement a better way of dispatching the 1958 * interrupt in case of multiple matches (instead of the first 1959 * match), we would need a heuristic to elect a thread (for 1960 * example, the hardware keeps track of an 'age' in the TIMA) and 1961 * a new command to the presenters (the equivalent of the "assign" 1962 * power bus command in the documented full notify sequence. 1963 */ 1964 return xfc->match_nvt(xfb, format, nvt_blk, nvt_idx, crowd, cam_ignore, 1965 priority, logic_serv, match); 1966 } 1967 1968 /* 1969 * Notification using the END ESe/ESn bit (Event State Buffer for 1970 * escalation and notification). Provide further coalescing in the 1971 * Router. 1972 */ 1973 static bool xive_router_end_es_notify(XiveRouter *xrtr, uint8_t end_blk, 1974 uint32_t end_idx, XiveEND *end, 1975 uint32_t end_esmask) 1976 { 1977 uint8_t pq = xive_get_field32(end_esmask, end->w1); 1978 bool notify = xive_esb_trigger(&pq); 1979 1980 if (pq != xive_get_field32(end_esmask, end->w1)) { 1981 end->w1 = xive_set_field32(end_esmask, end->w1, pq); 1982 xive_router_write_end(xrtr, end_blk, end_idx, end, 1); 1983 } 1984 1985 /* ESe/n[Q]=1 : end of notification */ 1986 return notify; 1987 } 1988 1989 /* 1990 * An END trigger can come from an event trigger (IPI or HW) or from 1991 * another chip. We don't model the PowerBus but the END trigger 1992 * message has the same parameters than in the function below. 1993 */ 1994 void xive_router_end_notify(XiveRouter *xrtr, XiveEAS *eas) 1995 { 1996 XiveEND end; 1997 uint8_t priority; 1998 uint8_t format; 1999 uint8_t nvt_blk; 2000 uint32_t nvt_idx; 2001 XiveNVT nvt; 2002 XiveTCTXMatch match; 2003 2004 uint8_t end_blk = xive_get_field64(EAS_END_BLOCK, eas->w); 2005 uint32_t end_idx = xive_get_field64(EAS_END_INDEX, eas->w); 2006 uint32_t end_data = xive_get_field64(EAS_END_DATA, eas->w); 2007 2008 /* END cache lookup */ 2009 if (xive_router_get_end(xrtr, end_blk, end_idx, &end)) { 2010 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No END %x/%x\n", end_blk, 2011 end_idx); 2012 return; 2013 } 2014 2015 if (!xive_end_is_valid(&end)) { 2016 trace_xive_router_end_notify(end_blk, end_idx, end_data); 2017 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: END %x/%x is invalid\n", 2018 end_blk, end_idx); 2019 return; 2020 } 2021 2022 if (xive_end_is_enqueue(&end)) { 2023 xive_end_enqueue(&end, end_data); 2024 /* Enqueuing event data modifies the EQ toggle and index */ 2025 xive_router_write_end(xrtr, end_blk, end_idx, &end, 1); 2026 } 2027 2028 /* 2029 * When the END is silent, we skip the notification part. 2030 */ 2031 if (xive_end_is_silent_escalation(&end)) { 2032 goto do_escalation; 2033 } 2034 2035 /* 2036 * The W7 format depends on the F bit in W6. It defines the type 2037 * of the notification : 2038 * 2039 * F=0 : single or multiple NVT notification 2040 * F=1 : User level Event-Based Branch (EBB) notification, no 2041 * priority 2042 */ 2043 format = xive_get_field32(END_W6_FORMAT_BIT, end.w6); 2044 priority = xive_get_field32(END_W7_F0_PRIORITY, end.w7); 2045 2046 /* The END is masked */ 2047 if (format == 0 && priority == 0xff) { 2048 return; 2049 } 2050 2051 /* 2052 * Check the END ESn (Event State Buffer for notification) for 2053 * even further coalescing in the Router 2054 */ 2055 if (!xive_end_is_notify(&end)) { 2056 /* ESn[Q]=1 : end of notification */ 2057 if (!xive_router_end_es_notify(xrtr, end_blk, end_idx, 2058 &end, END_W1_ESn)) { 2059 return; 2060 } 2061 } 2062 2063 /* 2064 * Follows IVPE notification 2065 */ 2066 nvt_blk = xive_get_field32(END_W6_NVT_BLOCK, end.w6); 2067 nvt_idx = xive_get_field32(END_W6_NVT_INDEX, end.w6); 2068 2069 /* NVT cache lookup */ 2070 if (xive_router_get_nvt(xrtr, nvt_blk, nvt_idx, &nvt)) { 2071 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: no NVT %x/%x\n", 2072 nvt_blk, nvt_idx); 2073 return; 2074 } 2075 2076 if (!xive_nvt_is_valid(&nvt)) { 2077 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: NVT %x/%x is invalid\n", 2078 nvt_blk, nvt_idx); 2079 return; 2080 } 2081 2082 /* TODO: Auto EOI. */ 2083 /* we don't support VP-group notification on P9, so precluded is not used */ 2084 if (xive_presenter_match(xrtr->xfb, format, nvt_blk, nvt_idx, 2085 false /* crowd */, 2086 xive_get_field32(END_W7_F0_IGNORE, end.w7), 2087 priority, 2088 xive_get_field32(END_W7_F1_LOG_SERVER_ID, end.w7), 2089 &match)) { 2090 trace_xive_presenter_notify(nvt_blk, nvt_idx, match.ring, 0); 2091 xive_tctx_pipr_present(match.tctx, match.ring, priority, 0); 2092 return; 2093 } 2094 2095 /* 2096 * If no matching NVT is dispatched on a HW thread : 2097 * - specific VP: update the NVT structure if backlog is activated 2098 * - logical server : forward request to IVPE (not supported) 2099 */ 2100 if (xive_end_is_backlog(&end)) { 2101 uint8_t ipb; 2102 2103 if (format == 1) { 2104 qemu_log_mask(LOG_GUEST_ERROR, 2105 "XIVE: END %x/%x invalid config: F1 & backlog\n", 2106 end_blk, end_idx); 2107 return; 2108 } 2109 /* 2110 * Record the IPB in the associated NVT structure for later 2111 * use. The presenter will resend the interrupt when the vCPU 2112 * is dispatched again on a HW thread. 2113 */ 2114 ipb = xive_get_field32(NVT_W4_IPB, nvt.w4) | 2115 xive_priority_to_ipb(priority); 2116 nvt.w4 = xive_set_field32(NVT_W4_IPB, nvt.w4, ipb); 2117 xive_router_write_nvt(xrtr, nvt_blk, nvt_idx, &nvt, 4); 2118 2119 /* 2120 * On HW, follows a "Broadcast Backlog" to IVPEs 2121 */ 2122 } 2123 2124 do_escalation: 2125 /* 2126 * If activated, escalate notification using the ESe PQ bits and 2127 * the EAS in w4-5 2128 */ 2129 if (!xive_end_is_escalate(&end)) { 2130 return; 2131 } 2132 2133 /* 2134 * Check the END ESe (Event State Buffer for escalation) for even 2135 * further coalescing in the Router 2136 */ 2137 if (!xive_end_is_uncond_escalation(&end)) { 2138 /* ESe[Q]=1 : end of notification */ 2139 if (!xive_router_end_es_notify(xrtr, end_blk, end_idx, 2140 &end, END_W1_ESe)) { 2141 return; 2142 } 2143 } 2144 2145 trace_xive_router_end_escalate(end_blk, end_idx, 2146 (uint8_t) xive_get_field32(END_W4_ESC_END_BLOCK, end.w4), 2147 (uint32_t) xive_get_field32(END_W4_ESC_END_INDEX, end.w4), 2148 (uint32_t) xive_get_field32(END_W5_ESC_END_DATA, end.w5)); 2149 /* 2150 * The END trigger becomes an Escalation trigger 2151 */ 2152 xive_router_end_notify_handler(xrtr, (XiveEAS *) &end.w4); 2153 } 2154 2155 void xive_router_notify(XiveNotifier *xn, uint32_t lisn, bool pq_checked) 2156 { 2157 XiveRouter *xrtr = XIVE_ROUTER(xn); 2158 uint8_t eas_blk = XIVE_EAS_BLOCK(lisn); 2159 uint32_t eas_idx = XIVE_EAS_INDEX(lisn); 2160 XiveEAS eas; 2161 2162 /* EAS cache lookup */ 2163 if (xive_router_get_eas(xrtr, eas_blk, eas_idx, &eas)) { 2164 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Unknown LISN %x\n", lisn); 2165 return; 2166 } 2167 2168 if (!pq_checked) { 2169 bool notify; 2170 uint8_t pq; 2171 2172 /* PQ cache lookup */ 2173 if (xive_router_get_pq(xrtr, eas_blk, eas_idx, &pq)) { 2174 /* Set FIR */ 2175 g_assert_not_reached(); 2176 } 2177 2178 notify = xive_esb_trigger(&pq); 2179 2180 if (xive_router_set_pq(xrtr, eas_blk, eas_idx, &pq)) { 2181 /* Set FIR */ 2182 g_assert_not_reached(); 2183 } 2184 2185 if (!notify) { 2186 return; 2187 } 2188 } 2189 2190 if (!xive_eas_is_valid(&eas)) { 2191 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid LISN %x\n", lisn); 2192 return; 2193 } 2194 2195 if (xive_eas_is_masked(&eas)) { 2196 /* Notification completed */ 2197 return; 2198 } 2199 2200 /* 2201 * The event trigger becomes an END trigger 2202 */ 2203 xive_router_end_notify_handler(xrtr, &eas); 2204 } 2205 2206 static const Property xive_router_properties[] = { 2207 DEFINE_PROP_LINK("xive-fabric", XiveRouter, xfb, 2208 TYPE_XIVE_FABRIC, XiveFabric *), 2209 }; 2210 2211 static void xive_router_class_init(ObjectClass *klass, const void *data) 2212 { 2213 DeviceClass *dc = DEVICE_CLASS(klass); 2214 XiveNotifierClass *xnc = XIVE_NOTIFIER_CLASS(klass); 2215 XiveRouterClass *xrc = XIVE_ROUTER_CLASS(klass); 2216 2217 dc->desc = "XIVE Router Engine"; 2218 device_class_set_props(dc, xive_router_properties); 2219 /* Parent is SysBusDeviceClass. No need to call its realize hook */ 2220 dc->realize = xive_router_realize; 2221 xnc->notify = xive_router_notify; 2222 2223 /* By default, the router handles END triggers locally */ 2224 xrc->end_notify = xive_router_end_notify; 2225 } 2226 2227 static const TypeInfo xive_router_info = { 2228 .name = TYPE_XIVE_ROUTER, 2229 .parent = TYPE_SYS_BUS_DEVICE, 2230 .abstract = true, 2231 .instance_size = sizeof(XiveRouter), 2232 .class_size = sizeof(XiveRouterClass), 2233 .class_init = xive_router_class_init, 2234 .interfaces = (const InterfaceInfo[]) { 2235 { TYPE_XIVE_NOTIFIER }, 2236 { TYPE_XIVE_PRESENTER }, 2237 { } 2238 } 2239 }; 2240 2241 void xive_eas_pic_print_info(XiveEAS *eas, uint32_t lisn, GString *buf) 2242 { 2243 if (!xive_eas_is_valid(eas)) { 2244 return; 2245 } 2246 2247 g_string_append_printf(buf, " %08x %s end:%02x/%04x data:%08x\n", 2248 lisn, xive_eas_is_masked(eas) ? "M" : " ", 2249 (uint8_t) xive_get_field64(EAS_END_BLOCK, eas->w), 2250 (uint32_t) xive_get_field64(EAS_END_INDEX, eas->w), 2251 (uint32_t) xive_get_field64(EAS_END_DATA, eas->w)); 2252 } 2253 2254 /* 2255 * END ESB MMIO loads 2256 */ 2257 static uint64_t xive_end_source_read(void *opaque, hwaddr addr, unsigned size) 2258 { 2259 XiveENDSource *xsrc = XIVE_END_SOURCE(opaque); 2260 uint32_t offset = addr & 0xFFF; 2261 uint8_t end_blk; 2262 uint32_t end_idx; 2263 XiveEND end; 2264 uint32_t end_esmask; 2265 uint8_t pq; 2266 uint64_t ret = -1; 2267 2268 /* 2269 * The block id should be deduced from the load address on the END 2270 * ESB MMIO but our model only supports a single block per XIVE chip. 2271 */ 2272 end_blk = xive_router_get_block_id(xsrc->xrtr); 2273 end_idx = addr >> (xsrc->esb_shift + 1); 2274 2275 trace_xive_end_source_read(end_blk, end_idx, addr); 2276 2277 if (xive_router_get_end(xsrc->xrtr, end_blk, end_idx, &end)) { 2278 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No END %x/%x\n", end_blk, 2279 end_idx); 2280 return -1; 2281 } 2282 2283 if (!xive_end_is_valid(&end)) { 2284 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: END %x/%x is invalid\n", 2285 end_blk, end_idx); 2286 return -1; 2287 } 2288 2289 end_esmask = addr_is_even(addr, xsrc->esb_shift) ? END_W1_ESn : END_W1_ESe; 2290 pq = xive_get_field32(end_esmask, end.w1); 2291 2292 switch (offset) { 2293 case XIVE_ESB_LOAD_EOI ... XIVE_ESB_LOAD_EOI + 0x7FF: 2294 ret = xive_esb_eoi(&pq); 2295 2296 /* Forward the source event notification for routing ?? */ 2297 break; 2298 2299 case XIVE_ESB_GET ... XIVE_ESB_GET + 0x3FF: 2300 ret = pq; 2301 break; 2302 2303 case XIVE_ESB_SET_PQ_00 ... XIVE_ESB_SET_PQ_00 + 0x0FF: 2304 case XIVE_ESB_SET_PQ_01 ... XIVE_ESB_SET_PQ_01 + 0x0FF: 2305 case XIVE_ESB_SET_PQ_10 ... XIVE_ESB_SET_PQ_10 + 0x0FF: 2306 case XIVE_ESB_SET_PQ_11 ... XIVE_ESB_SET_PQ_11 + 0x0FF: 2307 ret = xive_esb_set(&pq, (offset >> 8) & 0x3); 2308 break; 2309 default: 2310 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid END ESB load addr %d\n", 2311 offset); 2312 return -1; 2313 } 2314 2315 if (pq != xive_get_field32(end_esmask, end.w1)) { 2316 end.w1 = xive_set_field32(end_esmask, end.w1, pq); 2317 xive_router_write_end(xsrc->xrtr, end_blk, end_idx, &end, 1); 2318 } 2319 2320 return ret; 2321 } 2322 2323 /* 2324 * END ESB MMIO stores are invalid 2325 */ 2326 static void xive_end_source_write(void *opaque, hwaddr addr, 2327 uint64_t value, unsigned size) 2328 { 2329 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid ESB write addr 0x%" 2330 HWADDR_PRIx"\n", addr); 2331 } 2332 2333 static const MemoryRegionOps xive_end_source_ops = { 2334 .read = xive_end_source_read, 2335 .write = xive_end_source_write, 2336 .endianness = DEVICE_BIG_ENDIAN, 2337 .valid = { 2338 .min_access_size = 1, 2339 .max_access_size = 8, 2340 }, 2341 .impl = { 2342 .min_access_size = 1, 2343 .max_access_size = 8, 2344 }, 2345 }; 2346 2347 static void xive_end_source_realize(DeviceState *dev, Error **errp) 2348 { 2349 XiveENDSource *xsrc = XIVE_END_SOURCE(dev); 2350 2351 assert(xsrc->xrtr); 2352 2353 if (!xsrc->nr_ends) { 2354 error_setg(errp, "Number of interrupt needs to be greater than 0"); 2355 return; 2356 } 2357 2358 if (xsrc->esb_shift != XIVE_ESB_4K && 2359 xsrc->esb_shift != XIVE_ESB_64K) { 2360 error_setg(errp, "Invalid ESB shift setting"); 2361 return; 2362 } 2363 2364 /* 2365 * Each END is assigned an even/odd pair of MMIO pages, the even page 2366 * manages the ESn field while the odd page manages the ESe field. 2367 */ 2368 memory_region_init_io(&xsrc->esb_mmio, OBJECT(xsrc), 2369 &xive_end_source_ops, xsrc, "xive.end", 2370 (1ull << (xsrc->esb_shift + 1)) * xsrc->nr_ends); 2371 } 2372 2373 static const Property xive_end_source_properties[] = { 2374 DEFINE_PROP_UINT32("nr-ends", XiveENDSource, nr_ends, 0), 2375 DEFINE_PROP_UINT32("shift", XiveENDSource, esb_shift, XIVE_ESB_64K), 2376 DEFINE_PROP_LINK("xive", XiveENDSource, xrtr, TYPE_XIVE_ROUTER, 2377 XiveRouter *), 2378 }; 2379 2380 static void xive_end_source_class_init(ObjectClass *klass, const void *data) 2381 { 2382 DeviceClass *dc = DEVICE_CLASS(klass); 2383 2384 dc->desc = "XIVE END Source"; 2385 device_class_set_props(dc, xive_end_source_properties); 2386 dc->realize = xive_end_source_realize; 2387 /* 2388 * Reason: part of XIVE interrupt controller, needs to be wired up, 2389 * e.g. by spapr_xive_instance_init(). 2390 */ 2391 dc->user_creatable = false; 2392 } 2393 2394 static const TypeInfo xive_end_source_info = { 2395 .name = TYPE_XIVE_END_SOURCE, 2396 .parent = TYPE_DEVICE, 2397 .instance_size = sizeof(XiveENDSource), 2398 .class_init = xive_end_source_class_init, 2399 }; 2400 2401 /* 2402 * XIVE Notifier 2403 */ 2404 static const TypeInfo xive_notifier_info = { 2405 .name = TYPE_XIVE_NOTIFIER, 2406 .parent = TYPE_INTERFACE, 2407 .class_size = sizeof(XiveNotifierClass), 2408 }; 2409 2410 /* 2411 * XIVE Presenter 2412 */ 2413 static const TypeInfo xive_presenter_info = { 2414 .name = TYPE_XIVE_PRESENTER, 2415 .parent = TYPE_INTERFACE, 2416 .class_size = sizeof(XivePresenterClass), 2417 }; 2418 2419 /* 2420 * XIVE Fabric 2421 */ 2422 static const TypeInfo xive_fabric_info = { 2423 .name = TYPE_XIVE_FABRIC, 2424 .parent = TYPE_INTERFACE, 2425 .class_size = sizeof(XiveFabricClass), 2426 }; 2427 2428 static void xive_register_types(void) 2429 { 2430 type_register_static(&xive_fabric_info); 2431 type_register_static(&xive_source_info); 2432 type_register_static(&xive_notifier_info); 2433 type_register_static(&xive_presenter_info); 2434 type_register_static(&xive_router_info); 2435 type_register_static(&xive_end_source_info); 2436 type_register_static(&xive_tctx_info); 2437 } 2438 2439 type_init(xive_register_types) 2440