1 /* 2 * QEMU PowerPC XIVE2 interrupt controller model (POWER10) 3 * 4 * Copyright (c) 2019-2024, IBM Corporation.. 5 * 6 * SPDX-License-Identifier: GPL-2.0-or-later 7 */ 8 9 #include "qemu/osdep.h" 10 #include "qemu/log.h" 11 #include "qemu/module.h" 12 #include "qapi/error.h" 13 #include "target/ppc/cpu.h" 14 #include "system/cpus.h" 15 #include "system/dma.h" 16 #include "hw/qdev-properties.h" 17 #include "hw/ppc/xive.h" 18 #include "hw/ppc/xive2.h" 19 #include "hw/ppc/xive2_regs.h" 20 21 uint32_t xive2_router_get_config(Xive2Router *xrtr) 22 { 23 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 24 25 return xrc->get_config(xrtr); 26 } 27 28 static int xive2_router_get_block_id(Xive2Router *xrtr) 29 { 30 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 31 32 return xrc->get_block_id(xrtr); 33 } 34 35 static uint64_t xive2_nvp_reporting_addr(Xive2Nvp *nvp) 36 { 37 uint64_t cache_addr; 38 39 cache_addr = xive_get_field32(NVP2_W6_REPORTING_LINE, nvp->w6) << 24 | 40 xive_get_field32(NVP2_W7_REPORTING_LINE, nvp->w7); 41 cache_addr <<= 8; /* aligned on a cache line pair */ 42 return cache_addr; 43 } 44 45 static uint32_t xive2_nvgc_get_backlog(Xive2Nvgc *nvgc, uint8_t priority) 46 { 47 uint32_t val = 0; 48 uint8_t *ptr, i; 49 50 if (priority > 7) { 51 return 0; 52 } 53 54 /* 55 * The per-priority backlog counters are 24-bit and the structure 56 * is stored in big endian. NVGC is 32-bytes long, so 24-bytes from 57 * w2, which fits 8 priorities * 24-bits per priority. 58 */ 59 ptr = (uint8_t *)&nvgc->w2 + priority * 3; 60 for (i = 0; i < 3; i++, ptr++) { 61 val = (val << 8) + *ptr; 62 } 63 return val; 64 } 65 66 static void xive2_nvgc_set_backlog(Xive2Nvgc *nvgc, uint8_t priority, 67 uint32_t val) 68 { 69 uint8_t *ptr, i; 70 uint32_t shift; 71 72 if (priority > 7) { 73 return; 74 } 75 76 if (val > 0xFFFFFF) { 77 val = 0xFFFFFF; 78 } 79 /* 80 * The per-priority backlog counters are 24-bit and the structure 81 * is stored in big endian 82 */ 83 ptr = (uint8_t *)&nvgc->w2 + priority * 3; 84 for (i = 0; i < 3; i++, ptr++) { 85 shift = 8 * (2 - i); 86 *ptr = (val >> shift) & 0xFF; 87 } 88 } 89 90 void xive2_eas_pic_print_info(Xive2Eas *eas, uint32_t lisn, GString *buf) 91 { 92 if (!xive2_eas_is_valid(eas)) { 93 return; 94 } 95 96 g_string_append_printf(buf, " %08x %s end:%02x/%04x data:%08x\n", 97 lisn, xive2_eas_is_masked(eas) ? "M" : " ", 98 (uint8_t) xive_get_field64(EAS2_END_BLOCK, eas->w), 99 (uint32_t) xive_get_field64(EAS2_END_INDEX, eas->w), 100 (uint32_t) xive_get_field64(EAS2_END_DATA, eas->w)); 101 } 102 103 void xive2_end_queue_pic_print_info(Xive2End *end, uint32_t width, GString *buf) 104 { 105 uint64_t qaddr_base = xive2_end_qaddr(end); 106 uint32_t qsize = xive_get_field32(END2_W3_QSIZE, end->w3); 107 uint32_t qindex = xive_get_field32(END2_W1_PAGE_OFF, end->w1); 108 uint32_t qentries = 1 << (qsize + 10); 109 int i; 110 111 /* 112 * print out the [ (qindex - (width - 1)) .. (qindex + 1)] window 113 */ 114 g_string_append_printf(buf, " [ "); 115 qindex = (qindex - (width - 1)) & (qentries - 1); 116 for (i = 0; i < width; i++) { 117 uint64_t qaddr = qaddr_base + (qindex << 2); 118 uint32_t qdata = -1; 119 120 if (dma_memory_read(&address_space_memory, qaddr, &qdata, 121 sizeof(qdata), MEMTXATTRS_UNSPECIFIED)) { 122 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: failed to read EQ @0x%" 123 HWADDR_PRIx "\n", qaddr); 124 return; 125 } 126 g_string_append_printf(buf, "%s%08x ", i == width - 1 ? "^" : "", 127 be32_to_cpu(qdata)); 128 qindex = (qindex + 1) & (qentries - 1); 129 } 130 g_string_append_printf(buf, "]"); 131 } 132 133 void xive2_end_pic_print_info(Xive2End *end, uint32_t end_idx, GString *buf) 134 { 135 uint64_t qaddr_base = xive2_end_qaddr(end); 136 uint32_t qindex = xive_get_field32(END2_W1_PAGE_OFF, end->w1); 137 uint32_t qgen = xive_get_field32(END2_W1_GENERATION, end->w1); 138 uint32_t qsize = xive_get_field32(END2_W3_QSIZE, end->w3); 139 uint32_t qentries = 1 << (qsize + 10); 140 141 uint32_t nvp_blk = xive_get_field32(END2_W6_VP_BLOCK, end->w6); 142 uint32_t nvp_idx = xive_get_field32(END2_W6_VP_OFFSET, end->w6); 143 uint8_t priority = xive_get_field32(END2_W7_F0_PRIORITY, end->w7); 144 uint8_t pq; 145 146 if (!xive2_end_is_valid(end)) { 147 return; 148 } 149 150 pq = xive_get_field32(END2_W1_ESn, end->w1); 151 152 g_string_append_printf(buf, 153 " %08x %c%c %c%c%c%c%c%c%c%c%c%c%c %c%c " 154 "prio:%d nvp:%02x/%04x", 155 end_idx, 156 pq & XIVE_ESB_VAL_P ? 'P' : '-', 157 pq & XIVE_ESB_VAL_Q ? 'Q' : '-', 158 xive2_end_is_valid(end) ? 'v' : '-', 159 xive2_end_is_enqueue(end) ? 'q' : '-', 160 xive2_end_is_notify(end) ? 'n' : '-', 161 xive2_end_is_backlog(end) ? 'b' : '-', 162 xive2_end_is_precluded_escalation(end) ? 'p' : '-', 163 xive2_end_is_escalate(end) ? 'e' : '-', 164 xive2_end_is_escalate_end(end) ? 'N' : '-', 165 xive2_end_is_uncond_escalation(end) ? 'u' : '-', 166 xive2_end_is_silent_escalation(end) ? 's' : '-', 167 xive2_end_is_firmware1(end) ? 'f' : '-', 168 xive2_end_is_firmware2(end) ? 'F' : '-', 169 xive2_end_is_ignore(end) ? 'i' : '-', 170 xive2_end_is_crowd(end) ? 'c' : '-', 171 priority, nvp_blk, nvp_idx); 172 173 if (qaddr_base) { 174 g_string_append_printf(buf, " eq:@%08"PRIx64"% 6d/%5d ^%d", 175 qaddr_base, qindex, qentries, qgen); 176 xive2_end_queue_pic_print_info(end, 6, buf); 177 } 178 g_string_append_c(buf, '\n'); 179 } 180 181 void xive2_end_eas_pic_print_info(Xive2End *end, uint32_t end_idx, 182 GString *buf) 183 { 184 Xive2Eas *eas = (Xive2Eas *) &end->w4; 185 uint8_t pq; 186 187 if (!xive2_end_is_escalate(end)) { 188 return; 189 } 190 191 pq = xive_get_field32(END2_W1_ESe, end->w1); 192 193 g_string_append_printf(buf, " %08x %c%c %c%c end:%02x/%04x data:%08x\n", 194 end_idx, 195 pq & XIVE_ESB_VAL_P ? 'P' : '-', 196 pq & XIVE_ESB_VAL_Q ? 'Q' : '-', 197 xive2_eas_is_valid(eas) ? 'v' : ' ', 198 xive2_eas_is_masked(eas) ? 'M' : ' ', 199 (uint8_t) xive_get_field64(EAS2_END_BLOCK, eas->w), 200 (uint32_t) xive_get_field64(EAS2_END_INDEX, eas->w), 201 (uint32_t) xive_get_field64(EAS2_END_DATA, eas->w)); 202 } 203 204 void xive2_nvp_pic_print_info(Xive2Nvp *nvp, uint32_t nvp_idx, GString *buf) 205 { 206 uint8_t eq_blk = xive_get_field32(NVP2_W5_VP_END_BLOCK, nvp->w5); 207 uint32_t eq_idx = xive_get_field32(NVP2_W5_VP_END_INDEX, nvp->w5); 208 uint64_t cache_line = xive2_nvp_reporting_addr(nvp); 209 210 if (!xive2_nvp_is_valid(nvp)) { 211 return; 212 } 213 214 g_string_append_printf(buf, " %08x end:%02x/%04x IPB:%02x PGoFirst:%02x", 215 nvp_idx, eq_blk, eq_idx, 216 xive_get_field32(NVP2_W2_IPB, nvp->w2), 217 xive_get_field32(NVP2_W0_PGOFIRST, nvp->w0)); 218 if (cache_line) { 219 g_string_append_printf(buf, " reporting CL:%016"PRIx64, cache_line); 220 } 221 222 /* 223 * When the NVP is HW controlled, more fields are updated 224 */ 225 if (xive2_nvp_is_hw(nvp)) { 226 g_string_append_printf(buf, " CPPR:%02x", 227 xive_get_field32(NVP2_W2_CPPR, nvp->w2)); 228 if (xive2_nvp_is_co(nvp)) { 229 g_string_append_printf(buf, " CO:%04x", 230 xive_get_field32(NVP2_W1_CO_THRID, nvp->w1)); 231 } 232 } 233 g_string_append_c(buf, '\n'); 234 } 235 236 void xive2_nvgc_pic_print_info(Xive2Nvgc *nvgc, uint32_t nvgc_idx, GString *buf) 237 { 238 uint8_t i; 239 240 if (!xive2_nvgc_is_valid(nvgc)) { 241 return; 242 } 243 244 g_string_append_printf(buf, " %08x PGoNext:%02x bklog: ", nvgc_idx, 245 xive_get_field32(NVGC2_W0_PGONEXT, nvgc->w0)); 246 for (i = 0; i <= XIVE_PRIORITY_MAX; i++) { 247 g_string_append_printf(buf, "[%d]=0x%x ", 248 i, xive2_nvgc_get_backlog(nvgc, i)); 249 } 250 g_string_append_printf(buf, "\n"); 251 } 252 253 static void xive2_end_enqueue(Xive2End *end, uint32_t data) 254 { 255 uint64_t qaddr_base = xive2_end_qaddr(end); 256 uint32_t qsize = xive_get_field32(END2_W3_QSIZE, end->w3); 257 uint32_t qindex = xive_get_field32(END2_W1_PAGE_OFF, end->w1); 258 uint32_t qgen = xive_get_field32(END2_W1_GENERATION, end->w1); 259 260 uint64_t qaddr = qaddr_base + (qindex << 2); 261 uint32_t qdata = cpu_to_be32((qgen << 31) | (data & 0x7fffffff)); 262 uint32_t qentries = 1 << (qsize + 10); 263 264 if (dma_memory_write(&address_space_memory, qaddr, &qdata, sizeof(qdata), 265 MEMTXATTRS_UNSPECIFIED)) { 266 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: failed to write END data @0x%" 267 HWADDR_PRIx "\n", qaddr); 268 return; 269 } 270 271 qindex = (qindex + 1) & (qentries - 1); 272 if (qindex == 0) { 273 qgen ^= 1; 274 end->w1 = xive_set_field32(END2_W1_GENERATION, end->w1, qgen); 275 276 /* TODO(PowerNV): reset GF bit on a cache watch operation */ 277 end->w1 = xive_set_field32(END2_W1_GEN_FLIPPED, end->w1, qgen); 278 } 279 end->w1 = xive_set_field32(END2_W1_PAGE_OFF, end->w1, qindex); 280 } 281 282 /* 283 * Scan the group chain and return the highest priority and group 284 * level of pending group interrupts. 285 */ 286 static uint8_t xive2_presenter_backlog_scan(XivePresenter *xptr, 287 uint8_t nvp_blk, uint32_t nvp_idx, 288 uint8_t first_group, 289 uint8_t *out_level) 290 { 291 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 292 uint32_t nvgc_idx, mask; 293 uint32_t current_level, count; 294 uint8_t prio; 295 Xive2Nvgc nvgc; 296 297 for (prio = 0; prio <= XIVE_PRIORITY_MAX; prio++) { 298 current_level = first_group & 0xF; 299 300 while (current_level) { 301 mask = (1 << current_level) - 1; 302 nvgc_idx = nvp_idx & ~mask; 303 nvgc_idx |= mask >> 1; 304 qemu_log("fxb %s checking backlog for prio %d group idx %x\n", 305 __func__, prio, nvgc_idx); 306 307 if (xive2_router_get_nvgc(xrtr, false, nvp_blk, nvgc_idx, &nvgc)) { 308 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No NVG %x/%x\n", 309 nvp_blk, nvgc_idx); 310 return 0xFF; 311 } 312 if (!xive2_nvgc_is_valid(&nvgc)) { 313 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid NVG %x/%x\n", 314 nvp_blk, nvgc_idx); 315 return 0xFF; 316 } 317 318 count = xive2_nvgc_get_backlog(&nvgc, prio); 319 if (count) { 320 *out_level = current_level; 321 return prio; 322 } 323 current_level = xive_get_field32(NVGC2_W0_PGONEXT, nvgc.w0) & 0xF; 324 } 325 } 326 return 0xFF; 327 } 328 329 static void xive2_presenter_backlog_decr(XivePresenter *xptr, 330 uint8_t nvp_blk, uint32_t nvp_idx, 331 uint8_t group_prio, 332 uint8_t group_level) 333 { 334 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 335 uint32_t nvgc_idx, mask, count; 336 Xive2Nvgc nvgc; 337 338 group_level &= 0xF; 339 mask = (1 << group_level) - 1; 340 nvgc_idx = nvp_idx & ~mask; 341 nvgc_idx |= mask >> 1; 342 343 if (xive2_router_get_nvgc(xrtr, false, nvp_blk, nvgc_idx, &nvgc)) { 344 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No NVG %x/%x\n", 345 nvp_blk, nvgc_idx); 346 return; 347 } 348 if (!xive2_nvgc_is_valid(&nvgc)) { 349 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid NVG %x/%x\n", 350 nvp_blk, nvgc_idx); 351 return; 352 } 353 count = xive2_nvgc_get_backlog(&nvgc, group_prio); 354 if (!count) { 355 return; 356 } 357 xive2_nvgc_set_backlog(&nvgc, group_prio, count - 1); 358 xive2_router_write_nvgc(xrtr, false, nvp_blk, nvgc_idx, &nvgc); 359 } 360 361 /* 362 * XIVE Thread Interrupt Management Area (TIMA) - Gen2 mode 363 * 364 * TIMA Gen2 VP “save & restore” (S&R) indicated by H bit next to V bit 365 * 366 * - if a context is enabled with the H bit set, the VP context 367 * information is retrieved from the NVP structure (“check out”) 368 * and stored back on a context pull (“check in”), the SW receives 369 * the same context pull information as on P9 370 * 371 * - the H bit cannot be changed while the V bit is set, i.e. a 372 * context cannot be set up in the TIMA and then be “pushed” into 373 * the NVP by changing the H bit while the context is enabled 374 */ 375 376 static void xive2_tctx_save_ctx(Xive2Router *xrtr, XiveTCTX *tctx, 377 uint8_t nvp_blk, uint32_t nvp_idx, 378 uint8_t ring) 379 { 380 CPUPPCState *env = &POWERPC_CPU(tctx->cs)->env; 381 uint32_t pir = env->spr_cb[SPR_PIR].default_value; 382 Xive2Nvp nvp; 383 uint8_t *regs = &tctx->regs[ring]; 384 385 if (xive2_router_get_nvp(xrtr, nvp_blk, nvp_idx, &nvp)) { 386 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No NVP %x/%x\n", 387 nvp_blk, nvp_idx); 388 return; 389 } 390 391 if (!xive2_nvp_is_valid(&nvp)) { 392 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid NVP %x/%x\n", 393 nvp_blk, nvp_idx); 394 return; 395 } 396 397 if (!xive2_nvp_is_hw(&nvp)) { 398 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: NVP %x/%x is not HW owned\n", 399 nvp_blk, nvp_idx); 400 return; 401 } 402 403 if (!xive2_nvp_is_co(&nvp)) { 404 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: NVP %x/%x is not checkout\n", 405 nvp_blk, nvp_idx); 406 return; 407 } 408 409 if (xive_get_field32(NVP2_W1_CO_THRID_VALID, nvp.w1) && 410 xive_get_field32(NVP2_W1_CO_THRID, nvp.w1) != pir) { 411 qemu_log_mask(LOG_GUEST_ERROR, 412 "XIVE: NVP %x/%x invalid checkout Thread %x\n", 413 nvp_blk, nvp_idx, pir); 414 return; 415 } 416 417 nvp.w2 = xive_set_field32(NVP2_W2_IPB, nvp.w2, regs[TM_IPB]); 418 nvp.w2 = xive_set_field32(NVP2_W2_CPPR, nvp.w2, regs[TM_CPPR]); 419 if (nvp.w0 & NVP2_W0_L) { 420 /* 421 * Typically not used. If LSMFB is restored with 0, it will 422 * force a backlog rescan 423 */ 424 nvp.w2 = xive_set_field32(NVP2_W2_LSMFB, nvp.w2, regs[TM_LSMFB]); 425 } 426 if (nvp.w0 & NVP2_W0_G) { 427 nvp.w2 = xive_set_field32(NVP2_W2_LGS, nvp.w2, regs[TM_LGS]); 428 } 429 if (nvp.w0 & NVP2_W0_T) { 430 nvp.w2 = xive_set_field32(NVP2_W2_T, nvp.w2, regs[TM_T]); 431 } 432 xive2_router_write_nvp(xrtr, nvp_blk, nvp_idx, &nvp, 2); 433 434 nvp.w1 = xive_set_field32(NVP2_W1_CO, nvp.w1, 0); 435 /* NVP2_W1_CO_THRID_VALID only set once */ 436 nvp.w1 = xive_set_field32(NVP2_W1_CO_THRID, nvp.w1, 0xFFFF); 437 xive2_router_write_nvp(xrtr, nvp_blk, nvp_idx, &nvp, 1); 438 } 439 440 static void xive2_cam_decode(uint32_t cam, uint8_t *nvp_blk, 441 uint32_t *nvp_idx, bool *valid, bool *hw) 442 { 443 *nvp_blk = xive2_nvp_blk(cam); 444 *nvp_idx = xive2_nvp_idx(cam); 445 *valid = !!(cam & TM2_W2_VALID); 446 *hw = !!(cam & TM2_W2_HW); 447 } 448 449 /* 450 * Encode the HW CAM line with 7bit or 8bit thread id. The thread id 451 * width and block id width is configurable at the IC level. 452 * 453 * chipid << 24 | 0000 0000 0000 0000 1 threadid (7Bit) 454 * chipid << 24 | 0000 0000 0000 0001 threadid (8Bit) 455 */ 456 static uint32_t xive2_tctx_hw_cam_line(XivePresenter *xptr, XiveTCTX *tctx) 457 { 458 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 459 CPUPPCState *env = &POWERPC_CPU(tctx->cs)->env; 460 uint32_t pir = env->spr_cb[SPR_PIR].default_value; 461 uint8_t blk = xive2_router_get_block_id(xrtr); 462 uint8_t tid_shift = 463 xive2_router_get_config(xrtr) & XIVE2_THREADID_8BITS ? 8 : 7; 464 uint8_t tid_mask = (1 << tid_shift) - 1; 465 466 return xive2_nvp_cam_line(blk, 1 << tid_shift | (pir & tid_mask)); 467 } 468 469 static uint64_t xive2_tm_pull_ctx(XivePresenter *xptr, XiveTCTX *tctx, 470 hwaddr offset, unsigned size, uint8_t ring) 471 { 472 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 473 uint32_t target_ringw2 = xive_tctx_word2(&tctx->regs[ring]); 474 uint32_t cam = be32_to_cpu(target_ringw2); 475 uint8_t nvp_blk; 476 uint32_t nvp_idx; 477 uint8_t cur_ring; 478 bool valid; 479 bool do_save; 480 481 xive2_cam_decode(cam, &nvp_blk, &nvp_idx, &valid, &do_save); 482 483 if (!valid) { 484 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: pulling invalid NVP %x/%x !?\n", 485 nvp_blk, nvp_idx); 486 } 487 488 /* Invalidate CAM line of requested ring and all lower rings */ 489 for (cur_ring = TM_QW0_USER; cur_ring <= ring; 490 cur_ring += XIVE_TM_RING_SIZE) { 491 uint32_t ringw2 = xive_tctx_word2(&tctx->regs[cur_ring]); 492 uint32_t ringw2_new = xive_set_field32(TM2_QW1W2_VO, ringw2, 0); 493 memcpy(&tctx->regs[cur_ring + TM_WORD2], &ringw2_new, 4); 494 } 495 496 if (xive2_router_get_config(xrtr) & XIVE2_VP_SAVE_RESTORE && do_save) { 497 xive2_tctx_save_ctx(xrtr, tctx, nvp_blk, nvp_idx, ring); 498 } 499 500 /* 501 * Lower external interrupt line of requested ring and below except for 502 * USER, which doesn't exist. 503 */ 504 for (cur_ring = TM_QW1_OS; cur_ring <= ring; 505 cur_ring += XIVE_TM_RING_SIZE) { 506 xive_tctx_reset_signal(tctx, cur_ring); 507 } 508 return target_ringw2; 509 } 510 511 uint64_t xive2_tm_pull_os_ctx(XivePresenter *xptr, XiveTCTX *tctx, 512 hwaddr offset, unsigned size) 513 { 514 return xive2_tm_pull_ctx(xptr, tctx, offset, size, TM_QW1_OS); 515 } 516 517 #define REPORT_LINE_GEN1_SIZE 16 518 519 static void xive2_tm_report_line_gen1(XiveTCTX *tctx, uint8_t *data, 520 uint8_t size) 521 { 522 uint8_t *regs = tctx->regs; 523 524 g_assert(size == REPORT_LINE_GEN1_SIZE); 525 memset(data, 0, size); 526 /* 527 * See xive architecture for description of what is saved. It is 528 * hand-picked information to fit in 16 bytes. 529 */ 530 data[0x0] = regs[TM_QW3_HV_PHYS + TM_NSR]; 531 data[0x1] = regs[TM_QW3_HV_PHYS + TM_CPPR]; 532 data[0x2] = regs[TM_QW3_HV_PHYS + TM_IPB]; 533 data[0x3] = regs[TM_QW2_HV_POOL + TM_IPB]; 534 data[0x4] = regs[TM_QW1_OS + TM_ACK_CNT]; 535 data[0x5] = regs[TM_QW3_HV_PHYS + TM_LGS]; 536 data[0x6] = 0xFF; 537 data[0x7] = regs[TM_QW3_HV_PHYS + TM_WORD2] & 0x80; 538 data[0x7] |= (regs[TM_QW2_HV_POOL + TM_WORD2] & 0x80) >> 1; 539 data[0x7] |= (regs[TM_QW1_OS + TM_WORD2] & 0x80) >> 2; 540 data[0x7] |= (regs[TM_QW3_HV_PHYS + TM_WORD2] & 0x3); 541 data[0x8] = regs[TM_QW1_OS + TM_NSR]; 542 data[0x9] = regs[TM_QW1_OS + TM_CPPR]; 543 data[0xA] = regs[TM_QW1_OS + TM_IPB]; 544 data[0xB] = regs[TM_QW1_OS + TM_LGS]; 545 if (regs[TM_QW0_USER + TM_WORD2] & 0x80) { 546 /* 547 * Logical server extension, except VU bit replaced by EB bit 548 * from NSR 549 */ 550 data[0xC] = regs[TM_QW0_USER + TM_WORD2]; 551 data[0xC] &= ~0x80; 552 data[0xC] |= regs[TM_QW0_USER + TM_NSR] & 0x80; 553 data[0xD] = regs[TM_QW0_USER + TM_WORD2 + 1]; 554 data[0xE] = regs[TM_QW0_USER + TM_WORD2 + 2]; 555 data[0xF] = regs[TM_QW0_USER + TM_WORD2 + 3]; 556 } 557 } 558 559 static void xive2_tm_pull_ctx_ol(XivePresenter *xptr, XiveTCTX *tctx, 560 hwaddr offset, uint64_t value, 561 unsigned size, uint8_t ring) 562 { 563 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 564 uint32_t hw_cam, nvp_idx, xive2_cfg, reserved; 565 uint8_t nvp_blk; 566 Xive2Nvp nvp; 567 uint64_t phys_addr; 568 MemTxResult result; 569 570 hw_cam = xive2_tctx_hw_cam_line(xptr, tctx); 571 nvp_blk = xive2_nvp_blk(hw_cam); 572 nvp_idx = xive2_nvp_idx(hw_cam); 573 574 if (xive2_router_get_nvp(xrtr, nvp_blk, nvp_idx, &nvp)) { 575 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No NVP %x/%x\n", 576 nvp_blk, nvp_idx); 577 return; 578 } 579 580 if (!xive2_nvp_is_valid(&nvp)) { 581 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid NVP %x/%x\n", 582 nvp_blk, nvp_idx); 583 return; 584 } 585 586 xive2_cfg = xive2_router_get_config(xrtr); 587 588 phys_addr = xive2_nvp_reporting_addr(&nvp) + 0x80; /* odd line */ 589 if (xive2_cfg & XIVE2_GEN1_TIMA_OS) { 590 uint8_t pull_ctxt[REPORT_LINE_GEN1_SIZE]; 591 592 xive2_tm_report_line_gen1(tctx, pull_ctxt, REPORT_LINE_GEN1_SIZE); 593 result = dma_memory_write(&address_space_memory, phys_addr, 594 pull_ctxt, REPORT_LINE_GEN1_SIZE, 595 MEMTXATTRS_UNSPECIFIED); 596 assert(result == MEMTX_OK); 597 } else { 598 result = dma_memory_write(&address_space_memory, phys_addr, 599 &tctx->regs, sizeof(tctx->regs), 600 MEMTXATTRS_UNSPECIFIED); 601 assert(result == MEMTX_OK); 602 reserved = 0xFFFFFFFF; 603 result = dma_memory_write(&address_space_memory, phys_addr + 12, 604 &reserved, sizeof(reserved), 605 MEMTXATTRS_UNSPECIFIED); 606 assert(result == MEMTX_OK); 607 } 608 609 /* the rest is similar to pull context to registers */ 610 xive2_tm_pull_ctx(xptr, tctx, offset, size, ring); 611 } 612 613 void xive2_tm_pull_os_ctx_ol(XivePresenter *xptr, XiveTCTX *tctx, 614 hwaddr offset, uint64_t value, unsigned size) 615 { 616 xive2_tm_pull_ctx_ol(xptr, tctx, offset, value, size, TM_QW1_OS); 617 } 618 619 620 void xive2_tm_pull_phys_ctx_ol(XivePresenter *xptr, XiveTCTX *tctx, 621 hwaddr offset, uint64_t value, unsigned size) 622 { 623 xive2_tm_pull_ctx_ol(xptr, tctx, offset, value, size, TM_QW3_HV_PHYS); 624 } 625 626 static uint8_t xive2_tctx_restore_os_ctx(Xive2Router *xrtr, XiveTCTX *tctx, 627 uint8_t nvp_blk, uint32_t nvp_idx, 628 Xive2Nvp *nvp) 629 { 630 CPUPPCState *env = &POWERPC_CPU(tctx->cs)->env; 631 uint32_t pir = env->spr_cb[SPR_PIR].default_value; 632 uint8_t cppr; 633 634 if (!xive2_nvp_is_hw(nvp)) { 635 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: NVP %x/%x is not HW owned\n", 636 nvp_blk, nvp_idx); 637 return 0; 638 } 639 640 cppr = xive_get_field32(NVP2_W2_CPPR, nvp->w2); 641 nvp->w2 = xive_set_field32(NVP2_W2_CPPR, nvp->w2, 0); 642 xive2_router_write_nvp(xrtr, nvp_blk, nvp_idx, nvp, 2); 643 644 tctx->regs[TM_QW1_OS + TM_CPPR] = cppr; 645 tctx->regs[TM_QW1_OS + TM_LSMFB] = xive_get_field32(NVP2_W2_LSMFB, nvp->w2); 646 tctx->regs[TM_QW1_OS + TM_LGS] = xive_get_field32(NVP2_W2_LGS, nvp->w2); 647 tctx->regs[TM_QW1_OS + TM_T] = xive_get_field32(NVP2_W2_T, nvp->w2); 648 649 nvp->w1 = xive_set_field32(NVP2_W1_CO, nvp->w1, 1); 650 nvp->w1 = xive_set_field32(NVP2_W1_CO_THRID_VALID, nvp->w1, 1); 651 nvp->w1 = xive_set_field32(NVP2_W1_CO_THRID, nvp->w1, pir); 652 653 /* 654 * Checkout privilege: 0:OS, 1:Pool, 2:Hard 655 * 656 * TODO: we only support OS push/pull 657 */ 658 nvp->w1 = xive_set_field32(NVP2_W1_CO_PRIV, nvp->w1, 0); 659 660 xive2_router_write_nvp(xrtr, nvp_blk, nvp_idx, nvp, 1); 661 662 /* return restored CPPR to generate a CPU exception if needed */ 663 return cppr; 664 } 665 666 static void xive2_tctx_need_resend(Xive2Router *xrtr, XiveTCTX *tctx, 667 uint8_t nvp_blk, uint32_t nvp_idx, 668 bool do_restore) 669 { 670 XivePresenter *xptr = XIVE_PRESENTER(xrtr); 671 uint8_t ipb; 672 uint8_t backlog_level; 673 uint8_t group_level; 674 uint8_t first_group; 675 uint8_t backlog_prio; 676 uint8_t group_prio; 677 uint8_t *regs = &tctx->regs[TM_QW1_OS]; 678 Xive2Nvp nvp; 679 680 /* 681 * Grab the associated thread interrupt context registers in the 682 * associated NVP 683 */ 684 if (xive2_router_get_nvp(xrtr, nvp_blk, nvp_idx, &nvp)) { 685 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No NVP %x/%x\n", 686 nvp_blk, nvp_idx); 687 return; 688 } 689 690 if (!xive2_nvp_is_valid(&nvp)) { 691 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid NVP %x/%x\n", 692 nvp_blk, nvp_idx); 693 return; 694 } 695 696 /* Automatically restore thread context registers */ 697 if (xive2_router_get_config(xrtr) & XIVE2_VP_SAVE_RESTORE && 698 do_restore) { 699 xive2_tctx_restore_os_ctx(xrtr, tctx, nvp_blk, nvp_idx, &nvp); 700 } 701 702 ipb = xive_get_field32(NVP2_W2_IPB, nvp.w2); 703 if (ipb) { 704 nvp.w2 = xive_set_field32(NVP2_W2_IPB, nvp.w2, 0); 705 xive2_router_write_nvp(xrtr, nvp_blk, nvp_idx, &nvp, 2); 706 } 707 regs[TM_IPB] |= ipb; 708 backlog_prio = xive_ipb_to_pipr(ipb); 709 backlog_level = 0; 710 711 first_group = xive_get_field32(NVP2_W0_PGOFIRST, nvp.w0); 712 if (first_group && regs[TM_LSMFB] < backlog_prio) { 713 group_prio = xive2_presenter_backlog_scan(xptr, nvp_blk, nvp_idx, 714 first_group, &group_level); 715 regs[TM_LSMFB] = group_prio; 716 if (regs[TM_LGS] && group_prio < backlog_prio) { 717 /* VP can take a group interrupt */ 718 xive2_presenter_backlog_decr(xptr, nvp_blk, nvp_idx, 719 group_prio, group_level); 720 backlog_prio = group_prio; 721 backlog_level = group_level; 722 } 723 } 724 725 /* 726 * Compute the PIPR based on the restored state. 727 * It will raise the External interrupt signal if needed. 728 */ 729 xive_tctx_pipr_update(tctx, TM_QW1_OS, backlog_prio, backlog_level); 730 } 731 732 /* 733 * Updating the OS CAM line can trigger a resend of interrupt 734 */ 735 void xive2_tm_push_os_ctx(XivePresenter *xptr, XiveTCTX *tctx, 736 hwaddr offset, uint64_t value, unsigned size) 737 { 738 uint32_t cam; 739 uint32_t qw1w2; 740 uint64_t qw1dw1; 741 uint8_t nvp_blk; 742 uint32_t nvp_idx; 743 bool vo; 744 bool do_restore; 745 746 /* First update the thead context */ 747 switch (size) { 748 case 4: 749 cam = value; 750 qw1w2 = cpu_to_be32(cam); 751 memcpy(&tctx->regs[TM_QW1_OS + TM_WORD2], &qw1w2, 4); 752 break; 753 case 8: 754 cam = value >> 32; 755 qw1dw1 = cpu_to_be64(value); 756 memcpy(&tctx->regs[TM_QW1_OS + TM_WORD2], &qw1dw1, 8); 757 break; 758 default: 759 g_assert_not_reached(); 760 } 761 762 xive2_cam_decode(cam, &nvp_blk, &nvp_idx, &vo, &do_restore); 763 764 /* Check the interrupt pending bits */ 765 if (vo) { 766 xive2_tctx_need_resend(XIVE2_ROUTER(xptr), tctx, nvp_blk, nvp_idx, 767 do_restore); 768 } 769 } 770 771 static void xive2_tctx_set_target(XiveTCTX *tctx, uint8_t ring, uint8_t target) 772 { 773 uint8_t *regs = &tctx->regs[ring]; 774 775 regs[TM_T] = target; 776 } 777 778 void xive2_tm_set_hv_target(XivePresenter *xptr, XiveTCTX *tctx, 779 hwaddr offset, uint64_t value, unsigned size) 780 { 781 xive2_tctx_set_target(tctx, TM_QW3_HV_PHYS, value & 0xff); 782 } 783 784 /* 785 * XIVE Router (aka. Virtualization Controller or IVRE) 786 */ 787 788 int xive2_router_get_eas(Xive2Router *xrtr, uint8_t eas_blk, uint32_t eas_idx, 789 Xive2Eas *eas) 790 { 791 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 792 793 return xrc->get_eas(xrtr, eas_blk, eas_idx, eas); 794 } 795 796 static 797 int xive2_router_get_pq(Xive2Router *xrtr, uint8_t eas_blk, uint32_t eas_idx, 798 uint8_t *pq) 799 { 800 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 801 802 return xrc->get_pq(xrtr, eas_blk, eas_idx, pq); 803 } 804 805 static 806 int xive2_router_set_pq(Xive2Router *xrtr, uint8_t eas_blk, uint32_t eas_idx, 807 uint8_t *pq) 808 { 809 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 810 811 return xrc->set_pq(xrtr, eas_blk, eas_idx, pq); 812 } 813 814 int xive2_router_get_end(Xive2Router *xrtr, uint8_t end_blk, uint32_t end_idx, 815 Xive2End *end) 816 { 817 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 818 819 return xrc->get_end(xrtr, end_blk, end_idx, end); 820 } 821 822 int xive2_router_write_end(Xive2Router *xrtr, uint8_t end_blk, uint32_t end_idx, 823 Xive2End *end, uint8_t word_number) 824 { 825 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 826 827 return xrc->write_end(xrtr, end_blk, end_idx, end, word_number); 828 } 829 830 int xive2_router_get_nvp(Xive2Router *xrtr, uint8_t nvp_blk, uint32_t nvp_idx, 831 Xive2Nvp *nvp) 832 { 833 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 834 835 return xrc->get_nvp(xrtr, nvp_blk, nvp_idx, nvp); 836 } 837 838 int xive2_router_write_nvp(Xive2Router *xrtr, uint8_t nvp_blk, uint32_t nvp_idx, 839 Xive2Nvp *nvp, uint8_t word_number) 840 { 841 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 842 843 return xrc->write_nvp(xrtr, nvp_blk, nvp_idx, nvp, word_number); 844 } 845 846 int xive2_router_get_nvgc(Xive2Router *xrtr, bool crowd, 847 uint8_t nvgc_blk, uint32_t nvgc_idx, 848 Xive2Nvgc *nvgc) 849 { 850 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 851 852 return xrc->get_nvgc(xrtr, crowd, nvgc_blk, nvgc_idx, nvgc); 853 } 854 855 int xive2_router_write_nvgc(Xive2Router *xrtr, bool crowd, 856 uint8_t nvgc_blk, uint32_t nvgc_idx, 857 Xive2Nvgc *nvgc) 858 { 859 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 860 861 return xrc->write_nvgc(xrtr, crowd, nvgc_blk, nvgc_idx, nvgc); 862 } 863 864 static bool xive2_vp_match_mask(uint32_t cam1, uint32_t cam2, 865 uint32_t vp_mask) 866 { 867 return (cam1 & vp_mask) == (cam2 & vp_mask); 868 } 869 870 /* 871 * The thread context register words are in big-endian format. 872 */ 873 int xive2_presenter_tctx_match(XivePresenter *xptr, XiveTCTX *tctx, 874 uint8_t format, 875 uint8_t nvt_blk, uint32_t nvt_idx, 876 bool cam_ignore, uint32_t logic_serv) 877 { 878 uint32_t cam = xive2_nvp_cam_line(nvt_blk, nvt_idx); 879 uint32_t qw3w2 = xive_tctx_word2(&tctx->regs[TM_QW3_HV_PHYS]); 880 uint32_t qw2w2 = xive_tctx_word2(&tctx->regs[TM_QW2_HV_POOL]); 881 uint32_t qw1w2 = xive_tctx_word2(&tctx->regs[TM_QW1_OS]); 882 uint32_t qw0w2 = xive_tctx_word2(&tctx->regs[TM_QW0_USER]); 883 884 uint32_t vp_mask = 0xFFFFFFFF; 885 886 if (format == 0) { 887 /* 888 * i=0: Specific NVT notification 889 * i=1: VP-group notification (bits ignored at the end of the 890 * NVT identifier) 891 */ 892 if (cam_ignore) { 893 vp_mask = ~(xive_get_vpgroup_size(nvt_idx) - 1); 894 } 895 896 /* For VP-group notifications, threads with LGS=0 are excluded */ 897 898 /* PHYS ring */ 899 if ((be32_to_cpu(qw3w2) & TM2_QW3W2_VT) && 900 !(cam_ignore && tctx->regs[TM_QW3_HV_PHYS + TM_LGS] == 0) && 901 xive2_vp_match_mask(cam, 902 xive2_tctx_hw_cam_line(xptr, tctx), 903 vp_mask)) { 904 return TM_QW3_HV_PHYS; 905 } 906 907 /* HV POOL ring */ 908 if ((be32_to_cpu(qw2w2) & TM2_QW2W2_VP) && 909 !(cam_ignore && tctx->regs[TM_QW2_HV_POOL + TM_LGS] == 0) && 910 xive2_vp_match_mask(cam, 911 xive_get_field32(TM2_QW2W2_POOL_CAM, qw2w2), 912 vp_mask)) { 913 return TM_QW2_HV_POOL; 914 } 915 916 /* OS ring */ 917 if ((be32_to_cpu(qw1w2) & TM2_QW1W2_VO) && 918 !(cam_ignore && tctx->regs[TM_QW1_OS + TM_LGS] == 0) && 919 xive2_vp_match_mask(cam, 920 xive_get_field32(TM2_QW1W2_OS_CAM, qw1w2), 921 vp_mask)) { 922 return TM_QW1_OS; 923 } 924 } else { 925 /* F=1 : User level Event-Based Branch (EBB) notification */ 926 927 /* FIXME: what if cam_ignore and LGS = 0 ? */ 928 /* USER ring */ 929 if ((be32_to_cpu(qw1w2) & TM2_QW1W2_VO) && 930 (cam == xive_get_field32(TM2_QW1W2_OS_CAM, qw1w2)) && 931 (be32_to_cpu(qw0w2) & TM2_QW0W2_VU) && 932 (logic_serv == xive_get_field32(TM2_QW0W2_LOGIC_SERV, qw0w2))) { 933 return TM_QW0_USER; 934 } 935 } 936 return -1; 937 } 938 939 bool xive2_tm_irq_precluded(XiveTCTX *tctx, int ring, uint8_t priority) 940 { 941 uint8_t *regs = &tctx->regs[ring]; 942 943 /* 944 * The xive2_presenter_tctx_match() above tells if there's a match 945 * but for VP-group notification, we still need to look at the 946 * priority to know if the thread can take the interrupt now or if 947 * it is precluded. 948 */ 949 if (priority < regs[TM_CPPR]) { 950 return false; 951 } 952 return true; 953 } 954 955 void xive2_tm_set_lsmfb(XiveTCTX *tctx, int ring, uint8_t priority) 956 { 957 uint8_t *regs = &tctx->regs[ring]; 958 959 /* 960 * Called by the router during a VP-group notification when the 961 * thread matches but can't take the interrupt because it's 962 * already running at a more favored priority. It then stores the 963 * new interrupt priority in the LSMFB field. 964 */ 965 regs[TM_LSMFB] = priority; 966 } 967 968 static void xive2_router_realize(DeviceState *dev, Error **errp) 969 { 970 Xive2Router *xrtr = XIVE2_ROUTER(dev); 971 972 assert(xrtr->xfb); 973 } 974 975 /* 976 * Notification using the END ESe/ESn bit (Event State Buffer for 977 * escalation and notification). Profide further coalescing in the 978 * Router. 979 */ 980 static bool xive2_router_end_es_notify(Xive2Router *xrtr, uint8_t end_blk, 981 uint32_t end_idx, Xive2End *end, 982 uint32_t end_esmask) 983 { 984 uint8_t pq = xive_get_field32(end_esmask, end->w1); 985 bool notify = xive_esb_trigger(&pq); 986 987 if (pq != xive_get_field32(end_esmask, end->w1)) { 988 end->w1 = xive_set_field32(end_esmask, end->w1, pq); 989 xive2_router_write_end(xrtr, end_blk, end_idx, end, 1); 990 } 991 992 /* ESe/n[Q]=1 : end of notification */ 993 return notify; 994 } 995 996 /* 997 * An END trigger can come from an event trigger (IPI or HW) or from 998 * another chip. We don't model the PowerBus but the END trigger 999 * message has the same parameters than in the function below. 1000 */ 1001 static void xive2_router_end_notify(Xive2Router *xrtr, uint8_t end_blk, 1002 uint32_t end_idx, uint32_t end_data) 1003 { 1004 Xive2End end; 1005 uint8_t priority; 1006 uint8_t format; 1007 bool found, precluded; 1008 uint8_t nvp_blk; 1009 uint32_t nvp_idx; 1010 1011 /* END cache lookup */ 1012 if (xive2_router_get_end(xrtr, end_blk, end_idx, &end)) { 1013 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No END %x/%x\n", end_blk, 1014 end_idx); 1015 return; 1016 } 1017 1018 if (!xive2_end_is_valid(&end)) { 1019 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: END %x/%x is invalid\n", 1020 end_blk, end_idx); 1021 return; 1022 } 1023 1024 if (xive2_end_is_enqueue(&end)) { 1025 xive2_end_enqueue(&end, end_data); 1026 /* Enqueuing event data modifies the EQ toggle and index */ 1027 xive2_router_write_end(xrtr, end_blk, end_idx, &end, 1); 1028 } 1029 1030 /* 1031 * When the END is silent, we skip the notification part. 1032 */ 1033 if (xive2_end_is_silent_escalation(&end)) { 1034 goto do_escalation; 1035 } 1036 1037 /* 1038 * The W7 format depends on the F bit in W6. It defines the type 1039 * of the notification : 1040 * 1041 * F=0 : single or multiple NVP notification 1042 * F=1 : User level Event-Based Branch (EBB) notification, no 1043 * priority 1044 */ 1045 format = xive_get_field32(END2_W6_FORMAT_BIT, end.w6); 1046 priority = xive_get_field32(END2_W7_F0_PRIORITY, end.w7); 1047 1048 /* The END is masked */ 1049 if (format == 0 && priority == 0xff) { 1050 return; 1051 } 1052 1053 /* 1054 * Check the END ESn (Event State Buffer for notification) for 1055 * even further coalescing in the Router 1056 */ 1057 if (!xive2_end_is_notify(&end)) { 1058 /* ESn[Q]=1 : end of notification */ 1059 if (!xive2_router_end_es_notify(xrtr, end_blk, end_idx, 1060 &end, END2_W1_ESn)) { 1061 return; 1062 } 1063 } 1064 1065 /* 1066 * Follows IVPE notification 1067 */ 1068 nvp_blk = xive_get_field32(END2_W6_VP_BLOCK, end.w6); 1069 nvp_idx = xive_get_field32(END2_W6_VP_OFFSET, end.w6); 1070 1071 found = xive_presenter_notify(xrtr->xfb, format, nvp_blk, nvp_idx, 1072 xive2_end_is_ignore(&end), 1073 priority, 1074 xive_get_field32(END2_W7_F1_LOG_SERVER_ID, end.w7), 1075 &precluded); 1076 1077 /* TODO: Auto EOI. */ 1078 1079 if (found) { 1080 return; 1081 } 1082 1083 /* 1084 * If no matching NVP is dispatched on a HW thread : 1085 * - specific VP: update the NVP structure if backlog is activated 1086 * - VP-group: update the backlog counter for that priority in the NVG 1087 */ 1088 if (xive2_end_is_backlog(&end)) { 1089 1090 if (format == 1) { 1091 qemu_log_mask(LOG_GUEST_ERROR, 1092 "XIVE: END %x/%x invalid config: F1 & backlog\n", 1093 end_blk, end_idx); 1094 return; 1095 } 1096 1097 if (!xive2_end_is_ignore(&end)) { 1098 uint8_t ipb; 1099 Xive2Nvp nvp; 1100 1101 /* NVP cache lookup */ 1102 if (xive2_router_get_nvp(xrtr, nvp_blk, nvp_idx, &nvp)) { 1103 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: no NVP %x/%x\n", 1104 nvp_blk, nvp_idx); 1105 return; 1106 } 1107 1108 if (!xive2_nvp_is_valid(&nvp)) { 1109 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: NVP %x/%x is invalid\n", 1110 nvp_blk, nvp_idx); 1111 return; 1112 } 1113 1114 /* 1115 * Record the IPB in the associated NVP structure for later 1116 * use. The presenter will resend the interrupt when the vCPU 1117 * is dispatched again on a HW thread. 1118 */ 1119 ipb = xive_get_field32(NVP2_W2_IPB, nvp.w2) | 1120 xive_priority_to_ipb(priority); 1121 nvp.w2 = xive_set_field32(NVP2_W2_IPB, nvp.w2, ipb); 1122 xive2_router_write_nvp(xrtr, nvp_blk, nvp_idx, &nvp, 2); 1123 } else { 1124 Xive2Nvgc nvg; 1125 uint32_t backlog; 1126 1127 /* For groups, the per-priority backlog counters are in the NVG */ 1128 if (xive2_router_get_nvgc(xrtr, false, nvp_blk, nvp_idx, &nvg)) { 1129 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: no NVG %x/%x\n", 1130 nvp_blk, nvp_idx); 1131 return; 1132 } 1133 1134 if (!xive2_nvgc_is_valid(&nvg)) { 1135 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: NVG %x/%x is invalid\n", 1136 nvp_blk, nvp_idx); 1137 return; 1138 } 1139 1140 /* 1141 * Increment the backlog counter for that priority. 1142 * We only call broadcast the first time the counter is 1143 * incremented. broadcast will set the LSMFB field of the TIMA of 1144 * relevant threads so that they know an interrupt is pending. 1145 */ 1146 backlog = xive2_nvgc_get_backlog(&nvg, priority) + 1; 1147 xive2_nvgc_set_backlog(&nvg, priority, backlog); 1148 xive2_router_write_nvgc(xrtr, false, nvp_blk, nvp_idx, &nvg); 1149 1150 if (backlog == 1) { 1151 XiveFabricClass *xfc = XIVE_FABRIC_GET_CLASS(xrtr->xfb); 1152 xfc->broadcast(xrtr->xfb, nvp_blk, nvp_idx, priority); 1153 1154 if (!xive2_end_is_precluded_escalation(&end)) { 1155 /* 1156 * The interrupt will be picked up when the 1157 * matching thread lowers its priority level 1158 */ 1159 return; 1160 } 1161 } 1162 } 1163 } 1164 1165 do_escalation: 1166 /* 1167 * If activated, escalate notification using the ESe PQ bits and 1168 * the EAS in w4-5 1169 */ 1170 if (!xive2_end_is_escalate(&end)) { 1171 return; 1172 } 1173 1174 /* 1175 * Check the END ESe (Event State Buffer for escalation) for even 1176 * further coalescing in the Router 1177 */ 1178 if (!xive2_end_is_uncond_escalation(&end)) { 1179 /* ESe[Q]=1 : end of escalation notification */ 1180 if (!xive2_router_end_es_notify(xrtr, end_blk, end_idx, 1181 &end, END2_W1_ESe)) { 1182 return; 1183 } 1184 } 1185 1186 /* 1187 * The END trigger becomes an Escalation trigger 1188 */ 1189 xive2_router_end_notify(xrtr, 1190 xive_get_field32(END2_W4_END_BLOCK, end.w4), 1191 xive_get_field32(END2_W4_ESC_END_INDEX, end.w4), 1192 xive_get_field32(END2_W5_ESC_END_DATA, end.w5)); 1193 } 1194 1195 void xive2_router_notify(XiveNotifier *xn, uint32_t lisn, bool pq_checked) 1196 { 1197 Xive2Router *xrtr = XIVE2_ROUTER(xn); 1198 uint8_t eas_blk = XIVE_EAS_BLOCK(lisn); 1199 uint32_t eas_idx = XIVE_EAS_INDEX(lisn); 1200 Xive2Eas eas; 1201 1202 /* EAS cache lookup */ 1203 if (xive2_router_get_eas(xrtr, eas_blk, eas_idx, &eas)) { 1204 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Unknown LISN %x\n", lisn); 1205 return; 1206 } 1207 1208 if (!pq_checked) { 1209 bool notify; 1210 uint8_t pq; 1211 1212 /* PQ cache lookup */ 1213 if (xive2_router_get_pq(xrtr, eas_blk, eas_idx, &pq)) { 1214 /* Set FIR */ 1215 g_assert_not_reached(); 1216 } 1217 1218 notify = xive_esb_trigger(&pq); 1219 1220 if (xive2_router_set_pq(xrtr, eas_blk, eas_idx, &pq)) { 1221 /* Set FIR */ 1222 g_assert_not_reached(); 1223 } 1224 1225 if (!notify) { 1226 return; 1227 } 1228 } 1229 1230 if (!xive2_eas_is_valid(&eas)) { 1231 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid LISN %x\n", lisn); 1232 return; 1233 } 1234 1235 if (xive2_eas_is_masked(&eas)) { 1236 /* Notification completed */ 1237 return; 1238 } 1239 1240 /* 1241 * The event trigger becomes an END trigger 1242 */ 1243 xive2_router_end_notify(xrtr, 1244 xive_get_field64(EAS2_END_BLOCK, eas.w), 1245 xive_get_field64(EAS2_END_INDEX, eas.w), 1246 xive_get_field64(EAS2_END_DATA, eas.w)); 1247 } 1248 1249 static const Property xive2_router_properties[] = { 1250 DEFINE_PROP_LINK("xive-fabric", Xive2Router, xfb, 1251 TYPE_XIVE_FABRIC, XiveFabric *), 1252 }; 1253 1254 static void xive2_router_class_init(ObjectClass *klass, void *data) 1255 { 1256 DeviceClass *dc = DEVICE_CLASS(klass); 1257 XiveNotifierClass *xnc = XIVE_NOTIFIER_CLASS(klass); 1258 1259 dc->desc = "XIVE2 Router Engine"; 1260 device_class_set_props(dc, xive2_router_properties); 1261 /* Parent is SysBusDeviceClass. No need to call its realize hook */ 1262 dc->realize = xive2_router_realize; 1263 xnc->notify = xive2_router_notify; 1264 } 1265 1266 static const TypeInfo xive2_router_info = { 1267 .name = TYPE_XIVE2_ROUTER, 1268 .parent = TYPE_SYS_BUS_DEVICE, 1269 .abstract = true, 1270 .instance_size = sizeof(Xive2Router), 1271 .class_size = sizeof(Xive2RouterClass), 1272 .class_init = xive2_router_class_init, 1273 .interfaces = (InterfaceInfo[]) { 1274 { TYPE_XIVE_NOTIFIER }, 1275 { TYPE_XIVE_PRESENTER }, 1276 { } 1277 } 1278 }; 1279 1280 static inline bool addr_is_even(hwaddr addr, uint32_t shift) 1281 { 1282 return !((addr >> shift) & 1); 1283 } 1284 1285 static uint64_t xive2_end_source_read(void *opaque, hwaddr addr, unsigned size) 1286 { 1287 Xive2EndSource *xsrc = XIVE2_END_SOURCE(opaque); 1288 uint32_t offset = addr & 0xFFF; 1289 uint8_t end_blk; 1290 uint32_t end_idx; 1291 Xive2End end; 1292 uint32_t end_esmask; 1293 uint8_t pq; 1294 uint64_t ret; 1295 1296 /* 1297 * The block id should be deduced from the load address on the END 1298 * ESB MMIO but our model only supports a single block per XIVE chip. 1299 */ 1300 end_blk = xive2_router_get_block_id(xsrc->xrtr); 1301 end_idx = addr >> (xsrc->esb_shift + 1); 1302 1303 if (xive2_router_get_end(xsrc->xrtr, end_blk, end_idx, &end)) { 1304 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No END %x/%x\n", end_blk, 1305 end_idx); 1306 return -1; 1307 } 1308 1309 if (!xive2_end_is_valid(&end)) { 1310 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: END %x/%x is invalid\n", 1311 end_blk, end_idx); 1312 return -1; 1313 } 1314 1315 end_esmask = addr_is_even(addr, xsrc->esb_shift) ? END2_W1_ESn : 1316 END2_W1_ESe; 1317 pq = xive_get_field32(end_esmask, end.w1); 1318 1319 switch (offset) { 1320 case XIVE_ESB_LOAD_EOI ... XIVE_ESB_LOAD_EOI + 0x7FF: 1321 ret = xive_esb_eoi(&pq); 1322 1323 /* Forward the source event notification for routing ?? */ 1324 break; 1325 1326 case XIVE_ESB_GET ... XIVE_ESB_GET + 0x3FF: 1327 ret = pq; 1328 break; 1329 1330 case XIVE_ESB_SET_PQ_00 ... XIVE_ESB_SET_PQ_00 + 0x0FF: 1331 case XIVE_ESB_SET_PQ_01 ... XIVE_ESB_SET_PQ_01 + 0x0FF: 1332 case XIVE_ESB_SET_PQ_10 ... XIVE_ESB_SET_PQ_10 + 0x0FF: 1333 case XIVE_ESB_SET_PQ_11 ... XIVE_ESB_SET_PQ_11 + 0x0FF: 1334 ret = xive_esb_set(&pq, (offset >> 8) & 0x3); 1335 break; 1336 default: 1337 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid END ESB load addr %d\n", 1338 offset); 1339 return -1; 1340 } 1341 1342 if (pq != xive_get_field32(end_esmask, end.w1)) { 1343 end.w1 = xive_set_field32(end_esmask, end.w1, pq); 1344 xive2_router_write_end(xsrc->xrtr, end_blk, end_idx, &end, 1); 1345 } 1346 1347 return ret; 1348 } 1349 1350 static void xive2_end_source_write(void *opaque, hwaddr addr, 1351 uint64_t value, unsigned size) 1352 { 1353 Xive2EndSource *xsrc = XIVE2_END_SOURCE(opaque); 1354 uint32_t offset = addr & 0xFFF; 1355 uint8_t end_blk; 1356 uint32_t end_idx; 1357 Xive2End end; 1358 uint32_t end_esmask; 1359 uint8_t pq; 1360 bool notify = false; 1361 1362 /* 1363 * The block id should be deduced from the load address on the END 1364 * ESB MMIO but our model only supports a single block per XIVE chip. 1365 */ 1366 end_blk = xive2_router_get_block_id(xsrc->xrtr); 1367 end_idx = addr >> (xsrc->esb_shift + 1); 1368 1369 if (xive2_router_get_end(xsrc->xrtr, end_blk, end_idx, &end)) { 1370 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No END %x/%x\n", end_blk, 1371 end_idx); 1372 return; 1373 } 1374 1375 if (!xive2_end_is_valid(&end)) { 1376 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: END %x/%x is invalid\n", 1377 end_blk, end_idx); 1378 return; 1379 } 1380 1381 end_esmask = addr_is_even(addr, xsrc->esb_shift) ? END2_W1_ESn : 1382 END2_W1_ESe; 1383 pq = xive_get_field32(end_esmask, end.w1); 1384 1385 switch (offset) { 1386 case 0 ... 0x3FF: 1387 notify = xive_esb_trigger(&pq); 1388 break; 1389 1390 case XIVE_ESB_STORE_EOI ... XIVE_ESB_STORE_EOI + 0x3FF: 1391 /* TODO: can we check StoreEOI availability from the router ? */ 1392 notify = xive_esb_eoi(&pq); 1393 break; 1394 1395 case XIVE_ESB_INJECT ... XIVE_ESB_INJECT + 0x3FF: 1396 if (end_esmask == END2_W1_ESe) { 1397 qemu_log_mask(LOG_GUEST_ERROR, 1398 "XIVE: END %x/%x can not EQ inject on ESe\n", 1399 end_blk, end_idx); 1400 return; 1401 } 1402 notify = true; 1403 break; 1404 1405 default: 1406 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid END ESB write addr %d\n", 1407 offset); 1408 return; 1409 } 1410 1411 if (pq != xive_get_field32(end_esmask, end.w1)) { 1412 end.w1 = xive_set_field32(end_esmask, end.w1, pq); 1413 xive2_router_write_end(xsrc->xrtr, end_blk, end_idx, &end, 1); 1414 } 1415 1416 /* TODO: Forward the source event notification for routing */ 1417 if (notify) { 1418 ; 1419 } 1420 } 1421 1422 static const MemoryRegionOps xive2_end_source_ops = { 1423 .read = xive2_end_source_read, 1424 .write = xive2_end_source_write, 1425 .endianness = DEVICE_BIG_ENDIAN, 1426 .valid = { 1427 .min_access_size = 1, 1428 .max_access_size = 8, 1429 }, 1430 .impl = { 1431 .min_access_size = 1, 1432 .max_access_size = 8, 1433 }, 1434 }; 1435 1436 static void xive2_end_source_realize(DeviceState *dev, Error **errp) 1437 { 1438 Xive2EndSource *xsrc = XIVE2_END_SOURCE(dev); 1439 1440 assert(xsrc->xrtr); 1441 1442 if (!xsrc->nr_ends) { 1443 error_setg(errp, "Number of interrupt needs to be greater than 0"); 1444 return; 1445 } 1446 1447 if (xsrc->esb_shift != XIVE_ESB_4K && 1448 xsrc->esb_shift != XIVE_ESB_64K) { 1449 error_setg(errp, "Invalid ESB shift setting"); 1450 return; 1451 } 1452 1453 /* 1454 * Each END is assigned an even/odd pair of MMIO pages, the even page 1455 * manages the ESn field while the odd page manages the ESe field. 1456 */ 1457 memory_region_init_io(&xsrc->esb_mmio, OBJECT(xsrc), 1458 &xive2_end_source_ops, xsrc, "xive.end", 1459 (1ull << (xsrc->esb_shift + 1)) * xsrc->nr_ends); 1460 } 1461 1462 static const Property xive2_end_source_properties[] = { 1463 DEFINE_PROP_UINT32("nr-ends", Xive2EndSource, nr_ends, 0), 1464 DEFINE_PROP_UINT32("shift", Xive2EndSource, esb_shift, XIVE_ESB_64K), 1465 DEFINE_PROP_LINK("xive", Xive2EndSource, xrtr, TYPE_XIVE2_ROUTER, 1466 Xive2Router *), 1467 }; 1468 1469 static void xive2_end_source_class_init(ObjectClass *klass, void *data) 1470 { 1471 DeviceClass *dc = DEVICE_CLASS(klass); 1472 1473 dc->desc = "XIVE END Source"; 1474 device_class_set_props(dc, xive2_end_source_properties); 1475 dc->realize = xive2_end_source_realize; 1476 dc->user_creatable = false; 1477 } 1478 1479 static const TypeInfo xive2_end_source_info = { 1480 .name = TYPE_XIVE2_END_SOURCE, 1481 .parent = TYPE_DEVICE, 1482 .instance_size = sizeof(Xive2EndSource), 1483 .class_init = xive2_end_source_class_init, 1484 }; 1485 1486 static void xive2_register_types(void) 1487 { 1488 type_register_static(&xive2_router_info); 1489 type_register_static(&xive2_end_source_info); 1490 } 1491 1492 type_init(xive2_register_types) 1493