1 /* 2 * QEMU PowerPC XIVE2 interrupt controller model (POWER10) 3 * 4 * Copyright (c) 2019-2024, IBM Corporation.. 5 * 6 * SPDX-License-Identifier: GPL-2.0-or-later 7 */ 8 9 #include "qemu/osdep.h" 10 #include "qemu/log.h" 11 #include "qemu/module.h" 12 #include "qapi/error.h" 13 #include "target/ppc/cpu.h" 14 #include "system/cpus.h" 15 #include "system/dma.h" 16 #include "hw/qdev-properties.h" 17 #include "hw/ppc/xive.h" 18 #include "hw/ppc/xive2.h" 19 #include "hw/ppc/xive2_regs.h" 20 #include "trace.h" 21 22 static void xive2_router_end_notify(Xive2Router *xrtr, uint8_t end_blk, 23 uint32_t end_idx, uint32_t end_data, 24 bool redistribute); 25 26 static int xive2_tctx_get_nvp_indexes(XiveTCTX *tctx, uint8_t ring, 27 uint8_t *nvp_blk, uint32_t *nvp_idx); 28 29 uint32_t xive2_router_get_config(Xive2Router *xrtr) 30 { 31 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 32 33 return xrc->get_config(xrtr); 34 } 35 36 static int xive2_router_get_block_id(Xive2Router *xrtr) 37 { 38 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 39 40 return xrc->get_block_id(xrtr); 41 } 42 43 static uint64_t xive2_nvp_reporting_addr(Xive2Nvp *nvp) 44 { 45 uint64_t cache_addr; 46 47 cache_addr = xive_get_field32(NVP2_W6_REPORTING_LINE, nvp->w6) << 24 | 48 xive_get_field32(NVP2_W7_REPORTING_LINE, nvp->w7); 49 cache_addr <<= 8; /* aligned on a cache line pair */ 50 return cache_addr; 51 } 52 53 static uint32_t xive2_nvgc_get_backlog(Xive2Nvgc *nvgc, uint8_t priority) 54 { 55 uint32_t val = 0; 56 uint8_t *ptr, i; 57 58 if (priority > 7) { 59 return 0; 60 } 61 62 /* 63 * The per-priority backlog counters are 24-bit and the structure 64 * is stored in big endian. NVGC is 32-bytes long, so 24-bytes from 65 * w2, which fits 8 priorities * 24-bits per priority. 66 */ 67 ptr = (uint8_t *)&nvgc->w2 + priority * 3; 68 for (i = 0; i < 3; i++, ptr++) { 69 val = (val << 8) + *ptr; 70 } 71 return val; 72 } 73 74 static void xive2_nvgc_set_backlog(Xive2Nvgc *nvgc, uint8_t priority, 75 uint32_t val) 76 { 77 uint8_t *ptr, i; 78 uint32_t shift; 79 80 if (priority > 7) { 81 return; 82 } 83 84 if (val > 0xFFFFFF) { 85 val = 0xFFFFFF; 86 } 87 /* 88 * The per-priority backlog counters are 24-bit and the structure 89 * is stored in big endian 90 */ 91 ptr = (uint8_t *)&nvgc->w2 + priority * 3; 92 for (i = 0; i < 3; i++, ptr++) { 93 shift = 8 * (2 - i); 94 *ptr = (val >> shift) & 0xFF; 95 } 96 } 97 98 uint64_t xive2_presenter_nvgc_backlog_op(XivePresenter *xptr, 99 bool crowd, 100 uint8_t blk, uint32_t idx, 101 uint16_t offset, uint16_t val) 102 { 103 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 104 uint8_t priority = GETFIELD(NVx_BACKLOG_PRIO, offset); 105 uint8_t op = GETFIELD(NVx_BACKLOG_OP, offset); 106 Xive2Nvgc nvgc; 107 uint32_t count, old_count; 108 109 if (xive2_router_get_nvgc(xrtr, crowd, blk, idx, &nvgc)) { 110 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No %s %x/%x\n", 111 crowd ? "NVC" : "NVG", blk, idx); 112 return -1; 113 } 114 if (!xive2_nvgc_is_valid(&nvgc)) { 115 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid NVG %x/%x\n", blk, idx); 116 return -1; 117 } 118 119 old_count = xive2_nvgc_get_backlog(&nvgc, priority); 120 count = old_count; 121 /* 122 * op: 123 * 0b00 => increment 124 * 0b01 => decrement 125 * 0b1- => read 126 */ 127 if (op == 0b00 || op == 0b01) { 128 if (op == 0b00) { 129 count += val; 130 } else { 131 if (count > val) { 132 count -= val; 133 } else { 134 count = 0; 135 } 136 } 137 xive2_nvgc_set_backlog(&nvgc, priority, count); 138 xive2_router_write_nvgc(xrtr, crowd, blk, idx, &nvgc); 139 } 140 trace_xive_nvgc_backlog_op(crowd, blk, idx, op, priority, old_count); 141 return old_count; 142 } 143 144 uint64_t xive2_presenter_nvp_backlog_op(XivePresenter *xptr, 145 uint8_t blk, uint32_t idx, 146 uint16_t offset) 147 { 148 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 149 uint8_t priority = GETFIELD(NVx_BACKLOG_PRIO, offset); 150 uint8_t op = GETFIELD(NVx_BACKLOG_OP, offset); 151 Xive2Nvp nvp; 152 uint8_t ipb, old_ipb, rc; 153 154 if (xive2_router_get_nvp(xrtr, blk, idx, &nvp)) { 155 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No NVP %x/%x\n", blk, idx); 156 return -1; 157 } 158 if (!xive2_nvp_is_valid(&nvp)) { 159 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid NVP %x/%x\n", blk, idx); 160 return -1; 161 } 162 163 old_ipb = xive_get_field32(NVP2_W2_IPB, nvp.w2); 164 ipb = old_ipb; 165 /* 166 * op: 167 * 0b00 => set priority bit 168 * 0b01 => reset priority bit 169 * 0b1- => read 170 */ 171 if (op == 0b00 || op == 0b01) { 172 if (op == 0b00) { 173 ipb |= xive_priority_to_ipb(priority); 174 } else { 175 ipb &= ~xive_priority_to_ipb(priority); 176 } 177 nvp.w2 = xive_set_field32(NVP2_W2_IPB, nvp.w2, ipb); 178 xive2_router_write_nvp(xrtr, blk, idx, &nvp, 2); 179 } 180 rc = !!(old_ipb & xive_priority_to_ipb(priority)); 181 trace_xive_nvp_backlog_op(blk, idx, op, priority, rc); 182 return rc; 183 } 184 185 void xive2_eas_pic_print_info(Xive2Eas *eas, uint32_t lisn, GString *buf) 186 { 187 if (!xive2_eas_is_valid(eas)) { 188 return; 189 } 190 191 g_string_append_printf(buf, " %08x %s end:%02x/%04x data:%08x\n", 192 lisn, xive2_eas_is_masked(eas) ? "M" : " ", 193 (uint8_t) xive_get_field64(EAS2_END_BLOCK, eas->w), 194 (uint32_t) xive_get_field64(EAS2_END_INDEX, eas->w), 195 (uint32_t) xive_get_field64(EAS2_END_DATA, eas->w)); 196 } 197 198 #define XIVE2_QSIZE_CHUNK_CL 128 199 #define XIVE2_QSIZE_CHUNK_4k 4096 200 /* Calculate max number of queue entries for an END */ 201 static uint32_t xive2_end_get_qentries(Xive2End *end) 202 { 203 uint32_t w3 = end->w3; 204 uint32_t qsize = xive_get_field32(END2_W3_QSIZE, w3); 205 if (xive_get_field32(END2_W3_CL, w3)) { 206 g_assert(qsize <= 4); 207 return (XIVE2_QSIZE_CHUNK_CL << qsize) / sizeof(uint32_t); 208 } else { 209 g_assert(qsize <= 12); 210 return (XIVE2_QSIZE_CHUNK_4k << qsize) / sizeof(uint32_t); 211 } 212 } 213 214 void xive2_end_queue_pic_print_info(Xive2End *end, uint32_t width, GString *buf) 215 { 216 uint64_t qaddr_base = xive2_end_qaddr(end); 217 uint32_t qindex = xive_get_field32(END2_W1_PAGE_OFF, end->w1); 218 uint32_t qentries = xive2_end_get_qentries(end); 219 int i; 220 221 /* 222 * print out the [ (qindex - (width - 1)) .. (qindex + 1)] window 223 */ 224 g_string_append_printf(buf, " [ "); 225 qindex = (qindex - (width - 1)) & (qentries - 1); 226 for (i = 0; i < width; i++) { 227 uint64_t qaddr = qaddr_base + (qindex << 2); 228 uint32_t qdata = -1; 229 230 if (dma_memory_read(&address_space_memory, qaddr, &qdata, 231 sizeof(qdata), MEMTXATTRS_UNSPECIFIED)) { 232 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: failed to read EQ @0x%" 233 HWADDR_PRIx "\n", qaddr); 234 return; 235 } 236 g_string_append_printf(buf, "%s%08x ", i == width - 1 ? "^" : "", 237 be32_to_cpu(qdata)); 238 qindex = (qindex + 1) & (qentries - 1); 239 } 240 g_string_append_printf(buf, "]"); 241 } 242 243 void xive2_end_pic_print_info(Xive2End *end, uint32_t end_idx, GString *buf) 244 { 245 uint64_t qaddr_base = xive2_end_qaddr(end); 246 uint32_t qindex = xive_get_field32(END2_W1_PAGE_OFF, end->w1); 247 uint32_t qgen = xive_get_field32(END2_W1_GENERATION, end->w1); 248 uint32_t qentries = xive2_end_get_qentries(end); 249 250 uint32_t nvx_blk = xive_get_field32(END2_W6_VP_BLOCK, end->w6); 251 uint32_t nvx_idx = xive_get_field32(END2_W6_VP_OFFSET, end->w6); 252 uint8_t priority = xive_get_field32(END2_W7_F0_PRIORITY, end->w7); 253 uint8_t pq; 254 255 if (!xive2_end_is_valid(end)) { 256 return; 257 } 258 259 pq = xive_get_field32(END2_W1_ESn, end->w1); 260 261 g_string_append_printf(buf, 262 " %08x %c%c %c%c%c%c%c%c%c%c%c%c%c %c%c " 263 "prio:%d nvp:%02x/%04x", 264 end_idx, 265 pq & XIVE_ESB_VAL_P ? 'P' : '-', 266 pq & XIVE_ESB_VAL_Q ? 'Q' : '-', 267 xive2_end_is_valid(end) ? 'v' : '-', 268 xive2_end_is_enqueue(end) ? 'q' : '-', 269 xive2_end_is_notify(end) ? 'n' : '-', 270 xive2_end_is_backlog(end) ? 'b' : '-', 271 xive2_end_is_precluded_escalation(end) ? 'p' : '-', 272 xive2_end_is_escalate(end) ? 'e' : '-', 273 xive2_end_is_escalate_end(end) ? 'N' : '-', 274 xive2_end_is_uncond_escalation(end) ? 'u' : '-', 275 xive2_end_is_silent_escalation(end) ? 's' : '-', 276 xive2_end_is_firmware1(end) ? 'f' : '-', 277 xive2_end_is_firmware2(end) ? 'F' : '-', 278 xive2_end_is_ignore(end) ? 'i' : '-', 279 xive2_end_is_crowd(end) ? 'c' : '-', 280 priority, nvx_blk, nvx_idx); 281 282 if (qaddr_base) { 283 g_string_append_printf(buf, " eq:@%08"PRIx64"% 6d/%5d ^%d", 284 qaddr_base, qindex, qentries, qgen); 285 xive2_end_queue_pic_print_info(end, 6, buf); 286 } 287 g_string_append_c(buf, '\n'); 288 } 289 290 void xive2_end_eas_pic_print_info(Xive2End *end, uint32_t end_idx, 291 GString *buf) 292 { 293 Xive2Eas *eas = (Xive2Eas *) &end->w4; 294 uint8_t pq; 295 296 if (!xive2_end_is_escalate(end)) { 297 return; 298 } 299 300 pq = xive_get_field32(END2_W1_ESe, end->w1); 301 302 g_string_append_printf(buf, " %08x %c%c %c%c end:%02x/%04x data:%08x\n", 303 end_idx, 304 pq & XIVE_ESB_VAL_P ? 'P' : '-', 305 pq & XIVE_ESB_VAL_Q ? 'Q' : '-', 306 xive2_eas_is_valid(eas) ? 'v' : ' ', 307 xive2_eas_is_masked(eas) ? 'M' : ' ', 308 (uint8_t) xive_get_field64(EAS2_END_BLOCK, eas->w), 309 (uint32_t) xive_get_field64(EAS2_END_INDEX, eas->w), 310 (uint32_t) xive_get_field64(EAS2_END_DATA, eas->w)); 311 } 312 313 void xive2_nvp_pic_print_info(Xive2Nvp *nvp, uint32_t nvp_idx, GString *buf) 314 { 315 uint8_t eq_blk = xive_get_field32(NVP2_W5_VP_END_BLOCK, nvp->w5); 316 uint32_t eq_idx = xive_get_field32(NVP2_W5_VP_END_INDEX, nvp->w5); 317 uint64_t cache_line = xive2_nvp_reporting_addr(nvp); 318 319 if (!xive2_nvp_is_valid(nvp)) { 320 return; 321 } 322 323 g_string_append_printf(buf, " %08x end:%02x/%04x IPB:%02x PGoFirst:%02x", 324 nvp_idx, eq_blk, eq_idx, 325 xive_get_field32(NVP2_W2_IPB, nvp->w2), 326 xive_get_field32(NVP2_W0_PGOFIRST, nvp->w0)); 327 if (cache_line) { 328 g_string_append_printf(buf, " reporting CL:%016"PRIx64, cache_line); 329 } 330 331 /* 332 * When the NVP is HW controlled, more fields are updated 333 */ 334 if (xive2_nvp_is_hw(nvp)) { 335 g_string_append_printf(buf, " CPPR:%02x", 336 xive_get_field32(NVP2_W2_CPPR, nvp->w2)); 337 if (xive2_nvp_is_co(nvp)) { 338 g_string_append_printf(buf, " CO:%04x", 339 xive_get_field32(NVP2_W1_CO_THRID, nvp->w1)); 340 } 341 } 342 g_string_append_c(buf, '\n'); 343 } 344 345 void xive2_nvgc_pic_print_info(Xive2Nvgc *nvgc, uint32_t nvgc_idx, GString *buf) 346 { 347 uint8_t i; 348 349 if (!xive2_nvgc_is_valid(nvgc)) { 350 return; 351 } 352 353 g_string_append_printf(buf, " %08x PGoNext:%02x bklog: ", nvgc_idx, 354 xive_get_field32(NVGC2_W0_PGONEXT, nvgc->w0)); 355 for (i = 0; i <= XIVE_PRIORITY_MAX; i++) { 356 g_string_append_printf(buf, "[%d]=0x%x ", 357 i, xive2_nvgc_get_backlog(nvgc, i)); 358 } 359 g_string_append_printf(buf, "\n"); 360 } 361 362 static void xive2_end_enqueue(Xive2End *end, uint32_t data) 363 { 364 uint64_t qaddr_base = xive2_end_qaddr(end); 365 uint32_t qindex = xive_get_field32(END2_W1_PAGE_OFF, end->w1); 366 uint32_t qgen = xive_get_field32(END2_W1_GENERATION, end->w1); 367 368 uint64_t qaddr = qaddr_base + (qindex << 2); 369 uint32_t qdata = cpu_to_be32((qgen << 31) | (data & 0x7fffffff)); 370 uint32_t qentries = xive2_end_get_qentries(end); 371 372 if (dma_memory_write(&address_space_memory, qaddr, &qdata, sizeof(qdata), 373 MEMTXATTRS_UNSPECIFIED)) { 374 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: failed to write END data @0x%" 375 HWADDR_PRIx "\n", qaddr); 376 return; 377 } 378 379 qindex = (qindex + 1) & (qentries - 1); 380 if (qindex == 0) { 381 qgen ^= 1; 382 end->w1 = xive_set_field32(END2_W1_GENERATION, end->w1, qgen); 383 384 /* Set gen flipped to 1, it gets reset on a cache watch operation */ 385 end->w1 = xive_set_field32(END2_W1_GEN_FLIPPED, end->w1, 1); 386 } 387 end->w1 = xive_set_field32(END2_W1_PAGE_OFF, end->w1, qindex); 388 } 389 390 static void xive2_pgofnext(uint8_t *nvgc_blk, uint32_t *nvgc_idx, 391 uint8_t next_level) 392 { 393 uint32_t mask, next_idx; 394 uint8_t next_blk; 395 396 /* 397 * Adjust the block and index of a VP for the next group/crowd 398 * size (PGofFirst/PGofNext field in the NVP and NVGC structures). 399 * 400 * The 6-bit group level is split into a 2-bit crowd and 4-bit 401 * group levels. Encoding is similar. However, we don't support 402 * crowd size of 8. So a crowd level of 0b11 is bumped to a crowd 403 * size of 16. 404 */ 405 next_blk = NVx_CROWD_LVL(next_level); 406 if (next_blk == 3) { 407 next_blk = 4; 408 } 409 mask = (1 << next_blk) - 1; 410 *nvgc_blk &= ~mask; 411 *nvgc_blk |= mask >> 1; 412 413 next_idx = NVx_GROUP_LVL(next_level); 414 mask = (1 << next_idx) - 1; 415 *nvgc_idx &= ~mask; 416 *nvgc_idx |= mask >> 1; 417 } 418 419 /* 420 * Scan the group chain and return the highest priority and group 421 * level of pending group interrupts. 422 */ 423 static uint8_t xive2_presenter_backlog_scan(XivePresenter *xptr, 424 uint8_t nvx_blk, uint32_t nvx_idx, 425 uint8_t first_group, 426 uint8_t *out_level) 427 { 428 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 429 uint32_t nvgc_idx; 430 uint32_t current_level, count; 431 uint8_t nvgc_blk, prio; 432 Xive2Nvgc nvgc; 433 434 for (prio = 0; prio <= XIVE_PRIORITY_MAX; prio++) { 435 current_level = first_group & 0x3F; 436 nvgc_blk = nvx_blk; 437 nvgc_idx = nvx_idx; 438 439 while (current_level) { 440 xive2_pgofnext(&nvgc_blk, &nvgc_idx, current_level); 441 442 if (xive2_router_get_nvgc(xrtr, NVx_CROWD_LVL(current_level), 443 nvgc_blk, nvgc_idx, &nvgc)) { 444 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No NVGC %x/%x\n", 445 nvgc_blk, nvgc_idx); 446 return 0xFF; 447 } 448 if (!xive2_nvgc_is_valid(&nvgc)) { 449 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid NVGC %x/%x\n", 450 nvgc_blk, nvgc_idx); 451 return 0xFF; 452 } 453 454 count = xive2_nvgc_get_backlog(&nvgc, prio); 455 if (count) { 456 *out_level = current_level; 457 return prio; 458 } 459 current_level = xive_get_field32(NVGC2_W0_PGONEXT, nvgc.w0) & 0x3F; 460 } 461 } 462 return 0xFF; 463 } 464 465 static void xive2_presenter_backlog_decr(XivePresenter *xptr, 466 uint8_t nvx_blk, uint32_t nvx_idx, 467 uint8_t group_prio, 468 uint8_t group_level) 469 { 470 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 471 uint32_t nvgc_idx, count; 472 uint8_t nvgc_blk; 473 Xive2Nvgc nvgc; 474 475 nvgc_blk = nvx_blk; 476 nvgc_idx = nvx_idx; 477 xive2_pgofnext(&nvgc_blk, &nvgc_idx, group_level); 478 479 if (xive2_router_get_nvgc(xrtr, NVx_CROWD_LVL(group_level), 480 nvgc_blk, nvgc_idx, &nvgc)) { 481 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No NVGC %x/%x\n", 482 nvgc_blk, nvgc_idx); 483 return; 484 } 485 if (!xive2_nvgc_is_valid(&nvgc)) { 486 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid NVGC %x/%x\n", 487 nvgc_blk, nvgc_idx); 488 return; 489 } 490 count = xive2_nvgc_get_backlog(&nvgc, group_prio); 491 if (!count) { 492 return; 493 } 494 xive2_nvgc_set_backlog(&nvgc, group_prio, count - 1); 495 xive2_router_write_nvgc(xrtr, NVx_CROWD_LVL(group_level), 496 nvgc_blk, nvgc_idx, &nvgc); 497 } 498 499 /* 500 * XIVE Thread Interrupt Management Area (TIMA) - Gen2 mode 501 * 502 * TIMA Gen2 VP “save & restore” (S&R) indicated by H bit next to V bit 503 * 504 * - if a context is enabled with the H bit set, the VP context 505 * information is retrieved from the NVP structure (“check out”) 506 * and stored back on a context pull (“check in”), the SW receives 507 * the same context pull information as on P9 508 * 509 * - the H bit cannot be changed while the V bit is set, i.e. a 510 * context cannot be set up in the TIMA and then be “pushed” into 511 * the NVP by changing the H bit while the context is enabled 512 */ 513 514 static void xive2_tctx_save_ctx(Xive2Router *xrtr, XiveTCTX *tctx, 515 uint8_t ring, 516 uint8_t nvp_blk, uint32_t nvp_idx) 517 { 518 CPUPPCState *env = &POWERPC_CPU(tctx->cs)->env; 519 uint32_t pir = env->spr_cb[SPR_PIR].default_value; 520 Xive2Nvp nvp; 521 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 522 uint8_t *regs = &tctx->regs[ring]; 523 524 if (xive2_router_get_nvp(xrtr, nvp_blk, nvp_idx, &nvp)) { 525 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No NVP %x/%x\n", 526 nvp_blk, nvp_idx); 527 return; 528 } 529 530 if (!xive2_nvp_is_valid(&nvp)) { 531 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid NVP %x/%x\n", 532 nvp_blk, nvp_idx); 533 return; 534 } 535 536 if (!xive2_nvp_is_hw(&nvp)) { 537 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: NVP %x/%x is not HW owned\n", 538 nvp_blk, nvp_idx); 539 return; 540 } 541 542 if (!xive2_nvp_is_co(&nvp)) { 543 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: NVP %x/%x is not checkout\n", 544 nvp_blk, nvp_idx); 545 return; 546 } 547 548 if (xive_get_field32(NVP2_W1_CO_THRID_VALID, nvp.w1) && 549 xive_get_field32(NVP2_W1_CO_THRID, nvp.w1) != pir) { 550 qemu_log_mask(LOG_GUEST_ERROR, 551 "XIVE: NVP %x/%x invalid checkout Thread %x\n", 552 nvp_blk, nvp_idx, pir); 553 return; 554 } 555 556 nvp.w2 = xive_set_field32(NVP2_W2_IPB, nvp.w2, regs[TM_IPB]); 557 558 if ((nvp.w0 & NVP2_W0_P) || ring != TM_QW2_HV_POOL) { 559 /* 560 * Non-pool contexts always save CPPR (ignore p bit). XXX: Clarify 561 * whether that is the correct behaviour. 562 */ 563 nvp.w2 = xive_set_field32(NVP2_W2_CPPR, nvp.w2, sig_regs[TM_CPPR]); 564 } 565 if (nvp.w0 & NVP2_W0_L) { 566 /* 567 * Typically not used. If LSMFB is restored with 0, it will 568 * force a backlog rescan 569 */ 570 nvp.w2 = xive_set_field32(NVP2_W2_LSMFB, nvp.w2, regs[TM_LSMFB]); 571 } 572 if (nvp.w0 & NVP2_W0_G) { 573 nvp.w2 = xive_set_field32(NVP2_W2_LGS, nvp.w2, regs[TM_LGS]); 574 } 575 if (nvp.w0 & NVP2_W0_T) { 576 nvp.w2 = xive_set_field32(NVP2_W2_T, nvp.w2, regs[TM_T]); 577 } 578 xive2_router_write_nvp(xrtr, nvp_blk, nvp_idx, &nvp, 2); 579 580 nvp.w1 = xive_set_field32(NVP2_W1_CO, nvp.w1, 0); 581 /* NVP2_W1_CO_THRID_VALID only set once */ 582 nvp.w1 = xive_set_field32(NVP2_W1_CO_THRID, nvp.w1, 0xFFFF); 583 xive2_router_write_nvp(xrtr, nvp_blk, nvp_idx, &nvp, 1); 584 } 585 586 /* POOL cam is the same as OS cam encoding */ 587 static void xive2_cam_decode(uint32_t cam, uint8_t *nvp_blk, 588 uint32_t *nvp_idx, bool *valid, bool *hw) 589 { 590 *nvp_blk = xive2_nvp_blk(cam); 591 *nvp_idx = xive2_nvp_idx(cam); 592 *valid = !!(cam & TM2_W2_VALID); 593 *hw = !!(cam & TM2_W2_HW); 594 } 595 596 /* 597 * Encode the HW CAM line with 7bit or 8bit thread id. The thread id 598 * width and block id width is configurable at the IC level. 599 * 600 * chipid << 24 | 0000 0000 0000 0000 1 threadid (7Bit) 601 * chipid << 24 | 0000 0000 0000 0001 threadid (8Bit) 602 */ 603 static uint32_t xive2_tctx_hw_cam_line(XivePresenter *xptr, XiveTCTX *tctx) 604 { 605 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 606 CPUPPCState *env = &POWERPC_CPU(tctx->cs)->env; 607 uint32_t pir = env->spr_cb[SPR_PIR].default_value; 608 uint8_t blk = xive2_router_get_block_id(xrtr); 609 uint8_t tid_shift = 610 xive2_router_get_config(xrtr) & XIVE2_THREADID_8BITS ? 8 : 7; 611 uint8_t tid_mask = (1 << tid_shift) - 1; 612 613 return xive2_nvp_cam_line(blk, 1 << tid_shift | (pir & tid_mask)); 614 } 615 616 static void xive2_redistribute(Xive2Router *xrtr, XiveTCTX *tctx, uint8_t ring) 617 { 618 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 619 uint8_t nsr = sig_regs[TM_NSR]; 620 uint8_t pipr = sig_regs[TM_PIPR]; 621 uint8_t crowd = NVx_CROWD_LVL(nsr); 622 uint8_t group = NVx_GROUP_LVL(nsr); 623 uint8_t nvgc_blk, end_blk, nvp_blk; 624 uint32_t nvgc_idx, end_idx, nvp_idx; 625 Xive2Nvgc nvgc; 626 uint8_t prio_limit; 627 uint32_t cfg; 628 629 /* redistribution is only for group/crowd interrupts */ 630 if (!xive_nsr_indicates_group_exception(ring, nsr)) { 631 return; 632 } 633 634 /* Don't check return code since ring is expected to be invalidated */ 635 xive2_tctx_get_nvp_indexes(tctx, ring, &nvp_blk, &nvp_idx); 636 637 trace_xive_redistribute(tctx->cs->cpu_index, ring, nvp_blk, nvp_idx); 638 639 trace_xive_redistribute(tctx->cs->cpu_index, ring, nvp_blk, nvp_idx); 640 /* convert crowd/group to blk/idx */ 641 if (group > 0) { 642 nvgc_idx = (nvp_idx & (0xffffffff << group)) | 643 ((1 << (group - 1)) - 1); 644 } else { 645 nvgc_idx = nvp_idx; 646 } 647 648 if (crowd > 0) { 649 crowd = (crowd == 3) ? 4 : crowd; 650 nvgc_blk = (nvp_blk & (0xffffffff << crowd)) | 651 ((1 << (crowd - 1)) - 1); 652 } else { 653 nvgc_blk = nvp_blk; 654 } 655 656 /* Use blk/idx to retrieve the NVGC */ 657 if (xive2_router_get_nvgc(xrtr, crowd, nvgc_blk, nvgc_idx, &nvgc)) { 658 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: no %s %x/%x\n", 659 crowd ? "NVC" : "NVG", nvgc_blk, nvgc_idx); 660 return; 661 } 662 663 /* retrieve the END blk/idx from the NVGC */ 664 end_blk = xive_get_field32(NVGC2_W1_END_BLK, nvgc.w1); 665 end_idx = xive_get_field32(NVGC2_W1_END_IDX, nvgc.w1); 666 667 /* determine number of priorities being used */ 668 cfg = xive2_router_get_config(xrtr); 669 if (cfg & XIVE2_EN_VP_GRP_PRIORITY) { 670 prio_limit = 1 << GETFIELD(NVGC2_W1_PSIZE, nvgc.w1); 671 } else { 672 prio_limit = 1 << GETFIELD(XIVE2_VP_INT_PRIO, cfg); 673 } 674 675 /* add priority offset to end index */ 676 end_idx += pipr % prio_limit; 677 678 /* trigger the group END */ 679 xive2_router_end_notify(xrtr, end_blk, end_idx, 0, true); 680 681 /* clear interrupt indication for the context */ 682 sig_regs[TM_NSR] = 0; 683 sig_regs[TM_PIPR] = sig_regs[TM_CPPR]; 684 xive_tctx_reset_signal(tctx, ring); 685 } 686 687 static void xive2_tctx_process_pending(XiveTCTX *tctx, uint8_t sig_ring); 688 689 static uint64_t xive2_tm_pull_ctx(XivePresenter *xptr, XiveTCTX *tctx, 690 hwaddr offset, unsigned size, uint8_t ring) 691 { 692 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 693 uint32_t target_ringw2 = xive_tctx_word2(&tctx->regs[ring]); 694 uint32_t cam = be32_to_cpu(target_ringw2); 695 uint8_t nvp_blk; 696 uint32_t nvp_idx; 697 uint8_t cur_ring; 698 bool valid; 699 bool do_save; 700 uint8_t nsr; 701 702 xive2_cam_decode(cam, &nvp_blk, &nvp_idx, &valid, &do_save); 703 704 if (xive2_tctx_get_nvp_indexes(tctx, ring, &nvp_blk, &nvp_idx)) { 705 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: pulling invalid NVP %x/%x !?\n", 706 nvp_blk, nvp_idx); 707 } 708 709 /* Invalidate CAM line of requested ring and all lower rings */ 710 for (cur_ring = TM_QW0_USER; cur_ring <= ring; 711 cur_ring += XIVE_TM_RING_SIZE) { 712 uint32_t ringw2 = xive_tctx_word2(&tctx->regs[cur_ring]); 713 uint32_t ringw2_new = xive_set_field32(TM2_QW1W2_VO, ringw2, 0); 714 bool is_valid = !!(xive_get_field32(TM2_QW1W2_VO, ringw2)); 715 uint8_t *sig_regs; 716 717 memcpy(&tctx->regs[cur_ring + TM_WORD2], &ringw2_new, 4); 718 719 /* Skip the rest for USER or invalid contexts */ 720 if ((cur_ring == TM_QW0_USER) || !is_valid) { 721 continue; 722 } 723 724 /* Active group/crowd interrupts need to be redistributed */ 725 sig_regs = xive_tctx_signal_regs(tctx, ring); 726 nsr = sig_regs[TM_NSR]; 727 if (xive_nsr_indicates_group_exception(cur_ring, nsr)) { 728 /* Ensure ring matches NSR (for HV NSR POOL vs PHYS rings) */ 729 if (cur_ring == xive_nsr_exception_ring(cur_ring, nsr)) { 730 xive2_redistribute(xrtr, tctx, cur_ring); 731 } 732 } 733 734 /* 735 * Lower external interrupt line of requested ring and below except for 736 * USER, which doesn't exist. 737 */ 738 if (xive_nsr_indicates_exception(cur_ring, nsr)) { 739 if (cur_ring == xive_nsr_exception_ring(cur_ring, nsr)) { 740 xive_tctx_reset_signal(tctx, cur_ring); 741 } 742 } 743 } 744 745 if (ring == TM_QW2_HV_POOL) { 746 /* Re-check phys for interrupts if pool was disabled */ 747 nsr = tctx->regs[TM_QW3_HV_PHYS + TM_NSR]; 748 if (xive_nsr_indicates_exception(TM_QW3_HV_PHYS, nsr)) { 749 /* Ring must be PHYS because POOL would have been redistributed */ 750 g_assert(xive_nsr_exception_ring(TM_QW3_HV_PHYS, nsr) == 751 TM_QW3_HV_PHYS); 752 } else { 753 xive2_tctx_process_pending(tctx, TM_QW3_HV_PHYS); 754 } 755 } 756 757 if (xive2_router_get_config(xrtr) & XIVE2_VP_SAVE_RESTORE && do_save) { 758 xive2_tctx_save_ctx(xrtr, tctx, ring, nvp_blk, nvp_idx); 759 } 760 761 return target_ringw2; 762 } 763 764 uint64_t xive2_tm_pull_os_ctx(XivePresenter *xptr, XiveTCTX *tctx, 765 hwaddr offset, unsigned size) 766 { 767 return xive2_tm_pull_ctx(xptr, tctx, offset, size, TM_QW1_OS); 768 } 769 770 uint64_t xive2_tm_pull_pool_ctx(XivePresenter *xptr, XiveTCTX *tctx, 771 hwaddr offset, unsigned size) 772 { 773 return xive2_tm_pull_ctx(xptr, tctx, offset, size, TM_QW2_HV_POOL); 774 } 775 776 uint64_t xive2_tm_pull_phys_ctx(XivePresenter *xptr, XiveTCTX *tctx, 777 hwaddr offset, unsigned size) 778 { 779 return xive2_tm_pull_ctx(xptr, tctx, offset, size, TM_QW3_HV_PHYS); 780 } 781 782 #define REPORT_LINE_GEN1_SIZE 16 783 784 static void xive2_tm_report_line_gen1(XiveTCTX *tctx, uint8_t *data, 785 uint8_t size) 786 { 787 uint8_t *regs = tctx->regs; 788 789 g_assert(size == REPORT_LINE_GEN1_SIZE); 790 memset(data, 0, size); 791 /* 792 * See xive architecture for description of what is saved. It is 793 * hand-picked information to fit in 16 bytes. 794 */ 795 data[0x0] = regs[TM_QW3_HV_PHYS + TM_NSR]; 796 data[0x1] = regs[TM_QW3_HV_PHYS + TM_CPPR]; 797 data[0x2] = regs[TM_QW3_HV_PHYS + TM_IPB]; 798 data[0x3] = regs[TM_QW2_HV_POOL + TM_IPB]; 799 data[0x4] = regs[TM_QW1_OS + TM_ACK_CNT]; 800 data[0x5] = regs[TM_QW3_HV_PHYS + TM_LGS]; 801 data[0x6] = 0xFF; 802 data[0x7] = regs[TM_QW3_HV_PHYS + TM_WORD2] & 0x80; 803 data[0x7] |= (regs[TM_QW2_HV_POOL + TM_WORD2] & 0x80) >> 1; 804 data[0x7] |= (regs[TM_QW1_OS + TM_WORD2] & 0x80) >> 2; 805 data[0x7] |= (regs[TM_QW3_HV_PHYS + TM_WORD2] & 0x3); 806 data[0x8] = regs[TM_QW1_OS + TM_NSR]; 807 data[0x9] = regs[TM_QW1_OS + TM_CPPR]; 808 data[0xA] = regs[TM_QW1_OS + TM_IPB]; 809 data[0xB] = regs[TM_QW1_OS + TM_LGS]; 810 if (regs[TM_QW0_USER + TM_WORD2] & 0x80) { 811 /* 812 * Logical server extension, except VU bit replaced by EB bit 813 * from NSR 814 */ 815 data[0xC] = regs[TM_QW0_USER + TM_WORD2]; 816 data[0xC] &= ~0x80; 817 data[0xC] |= regs[TM_QW0_USER + TM_NSR] & 0x80; 818 data[0xD] = regs[TM_QW0_USER + TM_WORD2 + 1]; 819 data[0xE] = regs[TM_QW0_USER + TM_WORD2 + 2]; 820 data[0xF] = regs[TM_QW0_USER + TM_WORD2 + 3]; 821 } 822 } 823 824 static void xive2_tm_pull_ctx_ol(XivePresenter *xptr, XiveTCTX *tctx, 825 hwaddr offset, uint64_t value, 826 unsigned size, uint8_t ring) 827 { 828 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 829 uint32_t hw_cam, nvp_idx, xive2_cfg, reserved; 830 uint8_t nvp_blk; 831 Xive2Nvp nvp; 832 uint64_t phys_addr; 833 MemTxResult result; 834 835 hw_cam = xive2_tctx_hw_cam_line(xptr, tctx); 836 nvp_blk = xive2_nvp_blk(hw_cam); 837 nvp_idx = xive2_nvp_idx(hw_cam); 838 839 if (xive2_router_get_nvp(xrtr, nvp_blk, nvp_idx, &nvp)) { 840 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No NVP %x/%x\n", 841 nvp_blk, nvp_idx); 842 return; 843 } 844 845 if (!xive2_nvp_is_valid(&nvp)) { 846 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid NVP %x/%x\n", 847 nvp_blk, nvp_idx); 848 return; 849 } 850 851 xive2_cfg = xive2_router_get_config(xrtr); 852 853 phys_addr = xive2_nvp_reporting_addr(&nvp) + 0x80; /* odd line */ 854 if (xive2_cfg & XIVE2_GEN1_TIMA_OS) { 855 uint8_t pull_ctxt[REPORT_LINE_GEN1_SIZE]; 856 857 xive2_tm_report_line_gen1(tctx, pull_ctxt, REPORT_LINE_GEN1_SIZE); 858 result = dma_memory_write(&address_space_memory, phys_addr, 859 pull_ctxt, REPORT_LINE_GEN1_SIZE, 860 MEMTXATTRS_UNSPECIFIED); 861 assert(result == MEMTX_OK); 862 } else { 863 result = dma_memory_write(&address_space_memory, phys_addr, 864 &tctx->regs, sizeof(tctx->regs), 865 MEMTXATTRS_UNSPECIFIED); 866 assert(result == MEMTX_OK); 867 reserved = 0xFFFFFFFF; 868 result = dma_memory_write(&address_space_memory, phys_addr + 12, 869 &reserved, sizeof(reserved), 870 MEMTXATTRS_UNSPECIFIED); 871 assert(result == MEMTX_OK); 872 } 873 874 /* the rest is similar to pull context to registers */ 875 xive2_tm_pull_ctx(xptr, tctx, offset, size, ring); 876 } 877 878 void xive2_tm_pull_os_ctx_ol(XivePresenter *xptr, XiveTCTX *tctx, 879 hwaddr offset, uint64_t value, unsigned size) 880 { 881 xive2_tm_pull_ctx_ol(xptr, tctx, offset, value, size, TM_QW1_OS); 882 } 883 884 885 void xive2_tm_pull_phys_ctx_ol(XivePresenter *xptr, XiveTCTX *tctx, 886 hwaddr offset, uint64_t value, unsigned size) 887 { 888 xive2_tm_pull_ctx_ol(xptr, tctx, offset, value, size, TM_QW3_HV_PHYS); 889 } 890 891 static uint8_t xive2_tctx_restore_ctx(Xive2Router *xrtr, XiveTCTX *tctx, 892 uint8_t ring, 893 uint8_t nvp_blk, uint32_t nvp_idx, 894 Xive2Nvp *nvp) 895 { 896 CPUPPCState *env = &POWERPC_CPU(tctx->cs)->env; 897 uint32_t pir = env->spr_cb[SPR_PIR].default_value; 898 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 899 uint8_t *regs = &tctx->regs[ring]; 900 uint8_t cppr; 901 902 if (!xive2_nvp_is_hw(nvp)) { 903 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: NVP %x/%x is not HW owned\n", 904 nvp_blk, nvp_idx); 905 return 0; 906 } 907 908 cppr = xive_get_field32(NVP2_W2_CPPR, nvp->w2); 909 nvp->w2 = xive_set_field32(NVP2_W2_CPPR, nvp->w2, 0); 910 xive2_router_write_nvp(xrtr, nvp_blk, nvp_idx, nvp, 2); 911 912 sig_regs[TM_CPPR] = cppr; 913 regs[TM_LSMFB] = xive_get_field32(NVP2_W2_LSMFB, nvp->w2); 914 regs[TM_LGS] = xive_get_field32(NVP2_W2_LGS, nvp->w2); 915 regs[TM_T] = xive_get_field32(NVP2_W2_T, nvp->w2); 916 917 nvp->w1 = xive_set_field32(NVP2_W1_CO, nvp->w1, 1); 918 nvp->w1 = xive_set_field32(NVP2_W1_CO_THRID_VALID, nvp->w1, 1); 919 nvp->w1 = xive_set_field32(NVP2_W1_CO_THRID, nvp->w1, pir); 920 921 /* 922 * Checkout privilege: 0:OS, 1:Pool, 2:Hard 923 * 924 * TODO: we don't support hard push/pull 925 */ 926 switch (ring) { 927 case TM_QW1_OS: 928 nvp->w1 = xive_set_field32(NVP2_W1_CO_PRIV, nvp->w1, 0); 929 break; 930 case TM_QW2_HV_POOL: 931 nvp->w1 = xive_set_field32(NVP2_W1_CO_PRIV, nvp->w1, 1); 932 break; 933 default: 934 g_assert_not_reached(); 935 } 936 937 xive2_router_write_nvp(xrtr, nvp_blk, nvp_idx, nvp, 1); 938 939 /* return restored CPPR to generate a CPU exception if needed */ 940 return cppr; 941 } 942 943 /* Restore TIMA VP context from NVP backlog */ 944 static void xive2_tctx_restore_nvp(Xive2Router *xrtr, XiveTCTX *tctx, 945 uint8_t ring, 946 uint8_t nvp_blk, uint32_t nvp_idx, 947 bool do_restore) 948 { 949 uint8_t *regs = &tctx->regs[ring]; 950 uint8_t ipb; 951 Xive2Nvp nvp; 952 953 /* 954 * Grab the associated thread interrupt context registers in the 955 * associated NVP 956 */ 957 if (xive2_router_get_nvp(xrtr, nvp_blk, nvp_idx, &nvp)) { 958 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No NVP %x/%x\n", 959 nvp_blk, nvp_idx); 960 return; 961 } 962 963 if (!xive2_nvp_is_valid(&nvp)) { 964 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid NVP %x/%x\n", 965 nvp_blk, nvp_idx); 966 return; 967 } 968 969 /* Automatically restore thread context registers */ 970 if (xive2_router_get_config(xrtr) & XIVE2_VP_SAVE_RESTORE && do_restore) { 971 xive2_tctx_restore_ctx(xrtr, tctx, ring, nvp_blk, nvp_idx, &nvp); 972 } 973 974 ipb = xive_get_field32(NVP2_W2_IPB, nvp.w2); 975 if (ipb) { 976 nvp.w2 = xive_set_field32(NVP2_W2_IPB, nvp.w2, 0); 977 xive2_router_write_nvp(xrtr, nvp_blk, nvp_idx, &nvp, 2); 978 } 979 /* IPB bits in the backlog are merged with the TIMA IPB bits */ 980 regs[TM_IPB] |= ipb; 981 } 982 983 /* 984 * Updating the ring CAM line can trigger a resend of interrupt 985 */ 986 static void xive2_tm_push_ctx(XivePresenter *xptr, XiveTCTX *tctx, 987 hwaddr offset, uint64_t value, unsigned size, 988 uint8_t ring) 989 { 990 uint32_t cam; 991 uint32_t w2; 992 uint64_t dw1; 993 uint8_t nvp_blk; 994 uint32_t nvp_idx; 995 bool v; 996 bool do_restore; 997 998 /* First update the thead context */ 999 switch (size) { 1000 case 1: 1001 tctx->regs[ring + TM_WORD2] = value & 0xff; 1002 cam = xive2_tctx_hw_cam_line(xptr, tctx); 1003 cam |= ((value & 0xc0) << 24); /* V and H bits */ 1004 break; 1005 case 4: 1006 cam = value; 1007 w2 = cpu_to_be32(cam); 1008 memcpy(&tctx->regs[ring + TM_WORD2], &w2, 4); 1009 break; 1010 case 8: 1011 cam = value >> 32; 1012 dw1 = cpu_to_be64(value); 1013 memcpy(&tctx->regs[ring + TM_WORD2], &dw1, 8); 1014 break; 1015 default: 1016 g_assert_not_reached(); 1017 } 1018 1019 xive2_cam_decode(cam, &nvp_blk, &nvp_idx, &v, &do_restore); 1020 1021 /* Check the interrupt pending bits */ 1022 if (v) { 1023 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 1024 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 1025 uint8_t nsr = sig_regs[TM_NSR]; 1026 1027 xive2_tctx_restore_nvp(xrtr, tctx, ring, 1028 nvp_blk, nvp_idx, do_restore); 1029 1030 if (xive_nsr_indicates_group_exception(ring, nsr)) { 1031 /* redistribute precluded active grp interrupt */ 1032 g_assert(ring == TM_QW2_HV_POOL); /* PHYS ring has the interrupt */ 1033 xive2_redistribute(xrtr, tctx, xive_nsr_exception_ring(ring, nsr)); 1034 } 1035 xive2_tctx_process_pending(tctx, ring == TM_QW2_HV_POOL ? 1036 TM_QW3_HV_PHYS : ring); 1037 } 1038 } 1039 1040 void xive2_tm_push_os_ctx(XivePresenter *xptr, XiveTCTX *tctx, 1041 hwaddr offset, uint64_t value, unsigned size) 1042 { 1043 xive2_tm_push_ctx(xptr, tctx, offset, value, size, TM_QW1_OS); 1044 } 1045 1046 void xive2_tm_push_pool_ctx(XivePresenter *xptr, XiveTCTX *tctx, 1047 hwaddr offset, uint64_t value, unsigned size) 1048 { 1049 xive2_tm_push_ctx(xptr, tctx, offset, value, size, TM_QW2_HV_POOL); 1050 } 1051 1052 void xive2_tm_push_phys_ctx(XivePresenter *xptr, XiveTCTX *tctx, 1053 hwaddr offset, uint64_t value, unsigned size) 1054 { 1055 xive2_tm_push_ctx(xptr, tctx, offset, value, size, TM_QW3_HV_PHYS); 1056 } 1057 1058 /* returns -1 if ring is invalid, but still populates block and index */ 1059 static int xive2_tctx_get_nvp_indexes(XiveTCTX *tctx, uint8_t ring, 1060 uint8_t *nvp_blk, uint32_t *nvp_idx) 1061 { 1062 uint32_t w2; 1063 uint32_t cam = 0; 1064 int rc = 0; 1065 1066 w2 = xive_tctx_word2(&tctx->regs[ring]); 1067 switch (ring) { 1068 case TM_QW1_OS: 1069 if (!(be32_to_cpu(w2) & TM2_QW1W2_VO)) { 1070 rc = -1; 1071 } 1072 cam = xive_get_field32(TM2_QW1W2_OS_CAM, w2); 1073 break; 1074 case TM_QW2_HV_POOL: 1075 if (!(be32_to_cpu(w2) & TM2_QW2W2_VP)) { 1076 rc = -1; 1077 } 1078 cam = xive_get_field32(TM2_QW2W2_POOL_CAM, w2); 1079 break; 1080 case TM_QW3_HV_PHYS: 1081 if (!(be32_to_cpu(w2) & TM2_QW3W2_VT)) { 1082 rc = -1; 1083 } 1084 cam = xive2_tctx_hw_cam_line(tctx->xptr, tctx); 1085 break; 1086 default: 1087 rc = -1; 1088 } 1089 *nvp_blk = xive2_nvp_blk(cam); 1090 *nvp_idx = xive2_nvp_idx(cam); 1091 return rc; 1092 } 1093 1094 static void xive2_tctx_accept_el(XivePresenter *xptr, XiveTCTX *tctx, 1095 uint8_t ring, uint8_t cl_ring) 1096 { 1097 uint64_t rd; 1098 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 1099 uint32_t nvp_idx, xive2_cfg; 1100 uint8_t nvp_blk; 1101 Xive2Nvp nvp; 1102 uint64_t phys_addr; 1103 uint8_t OGen = 0; 1104 1105 xive2_tctx_get_nvp_indexes(tctx, cl_ring, &nvp_blk, &nvp_idx); 1106 1107 if (xive2_router_get_nvp(xrtr, (uint8_t)nvp_blk, nvp_idx, &nvp)) { 1108 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No NVP %x/%x\n", 1109 nvp_blk, nvp_idx); 1110 return; 1111 } 1112 1113 if (!xive2_nvp_is_valid(&nvp)) { 1114 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid NVP %x/%x\n", 1115 nvp_blk, nvp_idx); 1116 return; 1117 } 1118 1119 1120 rd = xive_tctx_accept(tctx, ring); 1121 1122 if (ring == TM_QW1_OS) { 1123 OGen = tctx->regs[ring + TM_OGEN]; 1124 } 1125 xive2_cfg = xive2_router_get_config(xrtr); 1126 phys_addr = xive2_nvp_reporting_addr(&nvp); 1127 uint8_t report_data[REPORT_LINE_GEN1_SIZE]; 1128 memset(report_data, 0xff, sizeof(report_data)); 1129 if ((OGen == 1) || (xive2_cfg & XIVE2_GEN1_TIMA_OS)) { 1130 report_data[8] = (rd >> 8) & 0xff; 1131 report_data[9] = rd & 0xff; 1132 } else { 1133 report_data[0] = (rd >> 8) & 0xff; 1134 report_data[1] = rd & 0xff; 1135 } 1136 cpu_physical_memory_write(phys_addr, report_data, REPORT_LINE_GEN1_SIZE); 1137 } 1138 1139 void xive2_tm_ack_os_el(XivePresenter *xptr, XiveTCTX *tctx, 1140 hwaddr offset, uint64_t value, unsigned size) 1141 { 1142 xive2_tctx_accept_el(xptr, tctx, TM_QW1_OS, TM_QW1_OS); 1143 } 1144 1145 /* Re-calculate and present pending interrupts */ 1146 static void xive2_tctx_process_pending(XiveTCTX *tctx, uint8_t sig_ring) 1147 { 1148 uint8_t *sig_regs = &tctx->regs[sig_ring]; 1149 Xive2Router *xrtr = XIVE2_ROUTER(tctx->xptr); 1150 uint8_t backlog_prio; 1151 uint8_t first_group; 1152 uint8_t group_level; 1153 uint8_t pipr_min; 1154 uint8_t lsmfb_min; 1155 uint8_t ring_min; 1156 uint8_t cppr = sig_regs[TM_CPPR]; 1157 bool group_enabled; 1158 Xive2Nvp nvp; 1159 int rc; 1160 1161 g_assert(sig_ring == TM_QW3_HV_PHYS || sig_ring == TM_QW1_OS); 1162 g_assert(!xive_nsr_indicates_group_exception(sig_ring, sig_regs[TM_NSR])); 1163 1164 /* 1165 * Recompute the PIPR based on local pending interrupts. It will 1166 * be adjusted below if needed in case of pending group interrupts. 1167 */ 1168 again: 1169 pipr_min = xive_ipb_to_pipr(sig_regs[TM_IPB]); 1170 group_enabled = !!sig_regs[TM_LGS]; 1171 lsmfb_min = group_enabled ? sig_regs[TM_LSMFB] : 0xff; 1172 ring_min = sig_ring; 1173 group_level = 0; 1174 1175 /* PHYS updates also depend on POOL values */ 1176 if (sig_ring == TM_QW3_HV_PHYS) { 1177 uint8_t *pool_regs = &tctx->regs[TM_QW2_HV_POOL]; 1178 1179 /* POOL values only matter if POOL ctx is valid */ 1180 if (pool_regs[TM_WORD2] & 0x80) { 1181 uint8_t pool_pipr = xive_ipb_to_pipr(pool_regs[TM_IPB]); 1182 uint8_t pool_lsmfb = pool_regs[TM_LSMFB]; 1183 1184 /* 1185 * Determine highest priority interrupt and 1186 * remember which ring has it. 1187 */ 1188 if (pool_pipr < pipr_min) { 1189 pipr_min = pool_pipr; 1190 if (pool_pipr < lsmfb_min) { 1191 ring_min = TM_QW2_HV_POOL; 1192 } 1193 } 1194 1195 /* Values needed for group priority calculation */ 1196 if (pool_regs[TM_LGS] && (pool_lsmfb < lsmfb_min)) { 1197 group_enabled = true; 1198 lsmfb_min = pool_lsmfb; 1199 if (lsmfb_min < pipr_min) { 1200 ring_min = TM_QW2_HV_POOL; 1201 } 1202 } 1203 } 1204 } 1205 1206 if (group_enabled && 1207 lsmfb_min < cppr && 1208 lsmfb_min < pipr_min) { 1209 1210 uint8_t nvp_blk; 1211 uint32_t nvp_idx; 1212 1213 /* 1214 * Thread has seen a group interrupt with a higher priority 1215 * than the new cppr or pending local interrupt. Check the 1216 * backlog 1217 */ 1218 rc = xive2_tctx_get_nvp_indexes(tctx, ring_min, &nvp_blk, &nvp_idx); 1219 if (rc) { 1220 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: set CPPR on invalid " 1221 "context\n"); 1222 return; 1223 } 1224 1225 if (xive2_router_get_nvp(xrtr, nvp_blk, nvp_idx, &nvp)) { 1226 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No NVP %x/%x\n", 1227 nvp_blk, nvp_idx); 1228 return; 1229 } 1230 1231 if (!xive2_nvp_is_valid(&nvp)) { 1232 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid NVP %x/%x\n", 1233 nvp_blk, nvp_idx); 1234 return; 1235 } 1236 1237 first_group = xive_get_field32(NVP2_W0_PGOFIRST, nvp.w0); 1238 if (!first_group) { 1239 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid NVP %x/%x\n", 1240 nvp_blk, nvp_idx); 1241 return; 1242 } 1243 1244 backlog_prio = xive2_presenter_backlog_scan(tctx->xptr, 1245 nvp_blk, nvp_idx, 1246 first_group, &group_level); 1247 tctx->regs[ring_min + TM_LSMFB] = backlog_prio; 1248 if (backlog_prio != lsmfb_min) { 1249 /* 1250 * If the group backlog scan finds a less favored or no interrupt, 1251 * then re-do the processing which may turn up a more favored 1252 * interrupt from IPB or the other pool. Backlog should not 1253 * find a priority < LSMFB. 1254 */ 1255 g_assert(backlog_prio >= lsmfb_min); 1256 goto again; 1257 } 1258 1259 xive2_presenter_backlog_decr(tctx->xptr, nvp_blk, nvp_idx, 1260 backlog_prio, group_level); 1261 pipr_min = backlog_prio; 1262 } 1263 1264 if (pipr_min > cppr) { 1265 pipr_min = cppr; 1266 } 1267 xive_tctx_pipr_set(tctx, ring_min, pipr_min, group_level); 1268 } 1269 1270 /* NOTE: CPPR only exists for TM_QW1_OS and TM_QW3_HV_PHYS */ 1271 static void xive2_tctx_set_cppr(XiveTCTX *tctx, uint8_t sig_ring, uint8_t cppr) 1272 { 1273 uint8_t *sig_regs = &tctx->regs[sig_ring]; 1274 Xive2Router *xrtr = XIVE2_ROUTER(tctx->xptr); 1275 uint8_t old_cppr; 1276 uint8_t nsr = sig_regs[TM_NSR]; 1277 1278 g_assert(sig_ring == TM_QW1_OS || sig_ring == TM_QW3_HV_PHYS); 1279 1280 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_NSR] == 0); 1281 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_PIPR] == 0); 1282 g_assert(tctx->regs[TM_QW2_HV_POOL + TM_CPPR] == 0); 1283 1284 /* XXX: should show pool IPB for PHYS ring */ 1285 trace_xive_tctx_set_cppr(tctx->cs->cpu_index, sig_ring, 1286 sig_regs[TM_IPB], sig_regs[TM_PIPR], 1287 cppr, nsr); 1288 1289 if (cppr > XIVE_PRIORITY_MAX) { 1290 cppr = 0xff; 1291 } 1292 1293 old_cppr = sig_regs[TM_CPPR]; 1294 sig_regs[TM_CPPR] = cppr; 1295 1296 /* Handle increased CPPR priority (lower value) */ 1297 if (cppr < old_cppr) { 1298 if (cppr <= sig_regs[TM_PIPR]) { 1299 /* CPPR lowered below PIPR, must un-present interrupt */ 1300 if (xive_nsr_indicates_exception(sig_ring, nsr)) { 1301 if (xive_nsr_indicates_group_exception(sig_ring, nsr)) { 1302 /* redistribute precluded active grp interrupt */ 1303 xive2_redistribute(xrtr, tctx, 1304 xive_nsr_exception_ring(sig_ring, nsr)); 1305 return; 1306 } 1307 } 1308 1309 /* interrupt is VP directed, pending in IPB */ 1310 xive_tctx_pipr_set(tctx, sig_ring, cppr, 0); 1311 return; 1312 } else { 1313 /* CPPR was lowered, but still above PIPR. No action needed. */ 1314 return; 1315 } 1316 } 1317 1318 /* CPPR didn't change, nothing needs to be done */ 1319 if (cppr == old_cppr) { 1320 return; 1321 } 1322 1323 /* CPPR priority decreased (higher value) */ 1324 if (!xive_nsr_indicates_exception(sig_ring, nsr)) { 1325 xive2_tctx_process_pending(tctx, sig_ring); 1326 } 1327 } 1328 1329 void xive2_tm_set_hv_cppr(XivePresenter *xptr, XiveTCTX *tctx, 1330 hwaddr offset, uint64_t value, unsigned size) 1331 { 1332 xive2_tctx_set_cppr(tctx, TM_QW3_HV_PHYS, value & 0xff); 1333 } 1334 1335 void xive2_tm_set_os_cppr(XivePresenter *xptr, XiveTCTX *tctx, 1336 hwaddr offset, uint64_t value, unsigned size) 1337 { 1338 xive2_tctx_set_cppr(tctx, TM_QW1_OS, value & 0xff); 1339 } 1340 1341 /* 1342 * Adjust the IPB to allow a CPU to process event queues of other 1343 * priorities during one physical interrupt cycle. 1344 */ 1345 void xive2_tm_set_os_pending(XivePresenter *xptr, XiveTCTX *tctx, 1346 hwaddr offset, uint64_t value, unsigned size) 1347 { 1348 Xive2Router *xrtr = XIVE2_ROUTER(xptr); 1349 uint8_t ring = TM_QW1_OS; 1350 uint8_t *regs = &tctx->regs[ring]; 1351 uint8_t priority = value & 0xff; 1352 1353 /* 1354 * XXX: should this simply set a bit in IPB and wait for it to be picked 1355 * up next cycle, or is it supposed to present it now? We implement the 1356 * latter here. 1357 */ 1358 regs[TM_IPB] |= xive_priority_to_ipb(priority); 1359 if (xive_ipb_to_pipr(regs[TM_IPB]) >= regs[TM_PIPR]) { 1360 return; 1361 } 1362 if (xive_nsr_indicates_group_exception(ring, regs[TM_NSR])) { 1363 xive2_redistribute(xrtr, tctx, ring); 1364 } 1365 1366 xive_tctx_pipr_present(tctx, ring, priority, 0); 1367 } 1368 1369 static void xive2_tctx_set_target(XiveTCTX *tctx, uint8_t ring, uint8_t target) 1370 { 1371 uint8_t *regs = &tctx->regs[ring]; 1372 1373 regs[TM_T] = target; 1374 } 1375 1376 void xive2_tm_set_hv_target(XivePresenter *xptr, XiveTCTX *tctx, 1377 hwaddr offset, uint64_t value, unsigned size) 1378 { 1379 xive2_tctx_set_target(tctx, TM_QW3_HV_PHYS, value & 0xff); 1380 } 1381 1382 /* 1383 * XIVE Router (aka. Virtualization Controller or IVRE) 1384 */ 1385 1386 int xive2_router_get_eas(Xive2Router *xrtr, uint8_t eas_blk, uint32_t eas_idx, 1387 Xive2Eas *eas) 1388 { 1389 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 1390 1391 return xrc->get_eas(xrtr, eas_blk, eas_idx, eas); 1392 } 1393 1394 static 1395 int xive2_router_get_pq(Xive2Router *xrtr, uint8_t eas_blk, uint32_t eas_idx, 1396 uint8_t *pq) 1397 { 1398 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 1399 1400 return xrc->get_pq(xrtr, eas_blk, eas_idx, pq); 1401 } 1402 1403 static 1404 int xive2_router_set_pq(Xive2Router *xrtr, uint8_t eas_blk, uint32_t eas_idx, 1405 uint8_t *pq) 1406 { 1407 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 1408 1409 return xrc->set_pq(xrtr, eas_blk, eas_idx, pq); 1410 } 1411 1412 int xive2_router_get_end(Xive2Router *xrtr, uint8_t end_blk, uint32_t end_idx, 1413 Xive2End *end) 1414 { 1415 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 1416 1417 return xrc->get_end(xrtr, end_blk, end_idx, end); 1418 } 1419 1420 int xive2_router_write_end(Xive2Router *xrtr, uint8_t end_blk, uint32_t end_idx, 1421 Xive2End *end, uint8_t word_number) 1422 { 1423 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 1424 1425 return xrc->write_end(xrtr, end_blk, end_idx, end, word_number); 1426 } 1427 1428 int xive2_router_get_nvp(Xive2Router *xrtr, uint8_t nvp_blk, uint32_t nvp_idx, 1429 Xive2Nvp *nvp) 1430 { 1431 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 1432 1433 return xrc->get_nvp(xrtr, nvp_blk, nvp_idx, nvp); 1434 } 1435 1436 int xive2_router_write_nvp(Xive2Router *xrtr, uint8_t nvp_blk, uint32_t nvp_idx, 1437 Xive2Nvp *nvp, uint8_t word_number) 1438 { 1439 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 1440 1441 return xrc->write_nvp(xrtr, nvp_blk, nvp_idx, nvp, word_number); 1442 } 1443 1444 int xive2_router_get_nvgc(Xive2Router *xrtr, bool crowd, 1445 uint8_t nvgc_blk, uint32_t nvgc_idx, 1446 Xive2Nvgc *nvgc) 1447 { 1448 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 1449 1450 return xrc->get_nvgc(xrtr, crowd, nvgc_blk, nvgc_idx, nvgc); 1451 } 1452 1453 int xive2_router_write_nvgc(Xive2Router *xrtr, bool crowd, 1454 uint8_t nvgc_blk, uint32_t nvgc_idx, 1455 Xive2Nvgc *nvgc) 1456 { 1457 Xive2RouterClass *xrc = XIVE2_ROUTER_GET_CLASS(xrtr); 1458 1459 return xrc->write_nvgc(xrtr, crowd, nvgc_blk, nvgc_idx, nvgc); 1460 } 1461 1462 static bool xive2_vp_match_mask(uint32_t cam1, uint32_t cam2, 1463 uint32_t vp_mask) 1464 { 1465 return (cam1 & vp_mask) == (cam2 & vp_mask); 1466 } 1467 1468 static uint8_t xive2_get_vp_block_mask(uint32_t nvt_blk, bool crowd) 1469 { 1470 uint8_t block_mask = 0b1111; 1471 1472 /* 3 supported crowd sizes: 2, 4, 16 */ 1473 if (crowd) { 1474 uint32_t size = xive_get_vpgroup_size(nvt_blk); 1475 1476 if (size != 2 && size != 4 && size != 16) { 1477 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid crowd size of %d", 1478 size); 1479 return block_mask; 1480 } 1481 block_mask &= ~(size - 1); 1482 } 1483 return block_mask; 1484 } 1485 1486 static uint32_t xive2_get_vp_index_mask(uint32_t nvt_index, bool cam_ignore) 1487 { 1488 uint32_t index_mask = 0xFFFFFF; /* 24 bits */ 1489 1490 if (cam_ignore) { 1491 uint32_t size = xive_get_vpgroup_size(nvt_index); 1492 1493 if (size < 2) { 1494 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid group size of %d", 1495 size); 1496 return index_mask; 1497 } 1498 index_mask &= ~(size - 1); 1499 } 1500 return index_mask; 1501 } 1502 1503 /* 1504 * The thread context register words are in big-endian format. 1505 */ 1506 int xive2_presenter_tctx_match(XivePresenter *xptr, XiveTCTX *tctx, 1507 uint8_t format, 1508 uint8_t nvt_blk, uint32_t nvt_idx, 1509 bool crowd, bool cam_ignore, 1510 uint32_t logic_serv) 1511 { 1512 uint32_t cam = xive2_nvp_cam_line(nvt_blk, nvt_idx); 1513 uint32_t qw3w2 = xive_tctx_word2(&tctx->regs[TM_QW3_HV_PHYS]); 1514 uint32_t qw2w2 = xive_tctx_word2(&tctx->regs[TM_QW2_HV_POOL]); 1515 uint32_t qw1w2 = xive_tctx_word2(&tctx->regs[TM_QW1_OS]); 1516 uint32_t qw0w2 = xive_tctx_word2(&tctx->regs[TM_QW0_USER]); 1517 1518 uint32_t index_mask, vp_mask; 1519 uint8_t block_mask; 1520 1521 if (format == 0) { 1522 /* 1523 * i=0: Specific NVT notification 1524 * i=1: VP-group notification (bits ignored at the end of the 1525 * NVT identifier) 1526 */ 1527 block_mask = xive2_get_vp_block_mask(nvt_blk, crowd); 1528 index_mask = xive2_get_vp_index_mask(nvt_idx, cam_ignore); 1529 vp_mask = xive2_nvp_cam_line(block_mask, index_mask); 1530 1531 /* For VP-group notifications, threads with LGS=0 are excluded */ 1532 1533 /* PHYS ring */ 1534 if ((be32_to_cpu(qw3w2) & TM2_QW3W2_VT) && 1535 !(cam_ignore && tctx->regs[TM_QW3_HV_PHYS + TM_LGS] == 0) && 1536 xive2_vp_match_mask(cam, 1537 xive2_tctx_hw_cam_line(xptr, tctx), 1538 vp_mask)) { 1539 return TM_QW3_HV_PHYS; 1540 } 1541 1542 /* HV POOL ring */ 1543 if ((be32_to_cpu(qw2w2) & TM2_QW2W2_VP) && 1544 !(cam_ignore && tctx->regs[TM_QW2_HV_POOL + TM_LGS] == 0) && 1545 xive2_vp_match_mask(cam, 1546 xive_get_field32(TM2_QW2W2_POOL_CAM, qw2w2), 1547 vp_mask)) { 1548 return TM_QW2_HV_POOL; 1549 } 1550 1551 /* OS ring */ 1552 if ((be32_to_cpu(qw1w2) & TM2_QW1W2_VO) && 1553 !(cam_ignore && tctx->regs[TM_QW1_OS + TM_LGS] == 0) && 1554 xive2_vp_match_mask(cam, 1555 xive_get_field32(TM2_QW1W2_OS_CAM, qw1w2), 1556 vp_mask)) { 1557 return TM_QW1_OS; 1558 } 1559 } else { 1560 /* F=1 : User level Event-Based Branch (EBB) notification */ 1561 1562 /* FIXME: what if cam_ignore and LGS = 0 ? */ 1563 /* USER ring */ 1564 if ((be32_to_cpu(qw1w2) & TM2_QW1W2_VO) && 1565 (cam == xive_get_field32(TM2_QW1W2_OS_CAM, qw1w2)) && 1566 (be32_to_cpu(qw0w2) & TM2_QW0W2_VU) && 1567 (logic_serv == xive_get_field32(TM2_QW0W2_LOGIC_SERV, qw0w2))) { 1568 return TM_QW0_USER; 1569 } 1570 } 1571 return -1; 1572 } 1573 1574 bool xive2_tm_irq_precluded(XiveTCTX *tctx, int ring, uint8_t priority) 1575 { 1576 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 1577 1578 /* 1579 * The xive2_presenter_tctx_match() above tells if there's a match 1580 * but for VP-group notification, we still need to look at the 1581 * priority to know if the thread can take the interrupt now or if 1582 * it is precluded. 1583 */ 1584 if (priority < sig_regs[TM_PIPR]) { 1585 return false; 1586 } 1587 return true; 1588 } 1589 1590 void xive2_tm_set_lsmfb(XiveTCTX *tctx, int ring, uint8_t priority) 1591 { 1592 uint8_t *regs = &tctx->regs[ring]; 1593 1594 /* 1595 * Called by the router during a VP-group notification when the 1596 * thread matches but can't take the interrupt because it's 1597 * already running at a more favored priority. It then stores the 1598 * new interrupt priority in the LSMFB field. 1599 */ 1600 regs[TM_LSMFB] = priority; 1601 } 1602 1603 static void xive2_router_realize(DeviceState *dev, Error **errp) 1604 { 1605 Xive2Router *xrtr = XIVE2_ROUTER(dev); 1606 1607 assert(xrtr->xfb); 1608 } 1609 1610 /* 1611 * Notification using the END ESe/ESn bit (Event State Buffer for 1612 * escalation and notification). Profide further coalescing in the 1613 * Router. 1614 */ 1615 static bool xive2_router_end_es_notify(Xive2Router *xrtr, uint8_t end_blk, 1616 uint32_t end_idx, Xive2End *end, 1617 uint32_t end_esmask) 1618 { 1619 uint8_t pq = xive_get_field32(end_esmask, end->w1); 1620 bool notify = xive_esb_trigger(&pq); 1621 1622 if (pq != xive_get_field32(end_esmask, end->w1)) { 1623 end->w1 = xive_set_field32(end_esmask, end->w1, pq); 1624 xive2_router_write_end(xrtr, end_blk, end_idx, end, 1); 1625 } 1626 1627 /* ESe/n[Q]=1 : end of notification */ 1628 return notify; 1629 } 1630 1631 /* 1632 * An END trigger can come from an event trigger (IPI or HW) or from 1633 * another chip. We don't model the PowerBus but the END trigger 1634 * message has the same parameters than in the function below. 1635 */ 1636 static void xive2_router_end_notify(Xive2Router *xrtr, uint8_t end_blk, 1637 uint32_t end_idx, uint32_t end_data, 1638 bool redistribute) 1639 { 1640 Xive2End end; 1641 uint8_t priority; 1642 uint8_t format; 1643 XiveTCTXMatch match; 1644 bool crowd, cam_ignore; 1645 uint8_t nvx_blk; 1646 uint32_t nvx_idx; 1647 1648 /* END cache lookup */ 1649 if (xive2_router_get_end(xrtr, end_blk, end_idx, &end)) { 1650 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No END %x/%x\n", end_blk, 1651 end_idx); 1652 return; 1653 } 1654 1655 if (!xive2_end_is_valid(&end)) { 1656 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: END %x/%x is invalid\n", 1657 end_blk, end_idx); 1658 return; 1659 } 1660 1661 if (xive2_end_is_crowd(&end) && !xive2_end_is_ignore(&end)) { 1662 qemu_log_mask(LOG_GUEST_ERROR, 1663 "XIVE: invalid END, 'crowd' bit requires 'ignore' bit\n"); 1664 return; 1665 } 1666 1667 if (!redistribute && xive2_end_is_enqueue(&end)) { 1668 trace_xive_end_enqueue(end_blk, end_idx, end_data); 1669 xive2_end_enqueue(&end, end_data); 1670 /* Enqueuing event data modifies the EQ toggle and index */ 1671 xive2_router_write_end(xrtr, end_blk, end_idx, &end, 1); 1672 } 1673 1674 /* 1675 * When the END is silent, we skip the notification part. 1676 */ 1677 if (xive2_end_is_silent_escalation(&end)) { 1678 goto do_escalation; 1679 } 1680 1681 /* 1682 * The W7 format depends on the F bit in W6. It defines the type 1683 * of the notification : 1684 * 1685 * F=0 : single or multiple NVP notification 1686 * F=1 : User level Event-Based Branch (EBB) notification, no 1687 * priority 1688 */ 1689 format = xive_get_field32(END2_W6_FORMAT_BIT, end.w6); 1690 priority = xive_get_field32(END2_W7_F0_PRIORITY, end.w7); 1691 1692 /* The END is masked */ 1693 if (format == 0 && priority == 0xff) { 1694 return; 1695 } 1696 1697 /* 1698 * Check the END ESn (Event State Buffer for notification) for 1699 * even further coalescing in the Router 1700 */ 1701 if (!xive2_end_is_notify(&end)) { 1702 /* ESn[Q]=1 : end of notification */ 1703 if (!xive2_router_end_es_notify(xrtr, end_blk, end_idx, 1704 &end, END2_W1_ESn)) { 1705 return; 1706 } 1707 } 1708 1709 /* 1710 * Follows IVPE notification 1711 */ 1712 nvx_blk = xive_get_field32(END2_W6_VP_BLOCK, end.w6); 1713 nvx_idx = xive_get_field32(END2_W6_VP_OFFSET, end.w6); 1714 crowd = xive2_end_is_crowd(&end); 1715 cam_ignore = xive2_end_is_ignore(&end); 1716 1717 /* TODO: Auto EOI. */ 1718 if (xive_presenter_match(xrtr->xfb, format, nvx_blk, nvx_idx, 1719 crowd, cam_ignore, priority, 1720 xive_get_field32(END2_W7_F1_LOG_SERVER_ID, end.w7), 1721 &match)) { 1722 XiveTCTX *tctx = match.tctx; 1723 uint8_t ring = match.ring; 1724 uint8_t *sig_regs = xive_tctx_signal_regs(tctx, ring); 1725 uint8_t nsr = sig_regs[TM_NSR]; 1726 uint8_t group_level; 1727 1728 if (priority < sig_regs[TM_PIPR] && 1729 xive_nsr_indicates_group_exception(ring, nsr)) { 1730 xive2_redistribute(xrtr, tctx, xive_nsr_exception_ring(ring, nsr)); 1731 } 1732 1733 group_level = xive_get_group_level(crowd, cam_ignore, nvx_blk, nvx_idx); 1734 trace_xive_presenter_notify(nvx_blk, nvx_idx, ring, group_level); 1735 xive_tctx_pipr_present(tctx, ring, priority, group_level); 1736 return; 1737 } 1738 1739 /* 1740 * If no matching NVP is dispatched on a HW thread : 1741 * - specific VP: update the NVP structure if backlog is activated 1742 * - VP-group: update the backlog counter for that priority in the NVG 1743 */ 1744 if (xive2_end_is_backlog(&end)) { 1745 1746 if (format == 1) { 1747 qemu_log_mask(LOG_GUEST_ERROR, 1748 "XIVE: END %x/%x invalid config: F1 & backlog\n", 1749 end_blk, end_idx); 1750 return; 1751 } 1752 1753 if (!cam_ignore) { 1754 uint8_t ipb; 1755 Xive2Nvp nvp; 1756 1757 /* NVP cache lookup */ 1758 if (xive2_router_get_nvp(xrtr, nvx_blk, nvx_idx, &nvp)) { 1759 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: no NVP %x/%x\n", 1760 nvx_blk, nvx_idx); 1761 return; 1762 } 1763 1764 if (!xive2_nvp_is_valid(&nvp)) { 1765 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: NVP %x/%x is invalid\n", 1766 nvx_blk, nvx_idx); 1767 return; 1768 } 1769 1770 /* 1771 * Record the IPB in the associated NVP structure for later 1772 * use. The presenter will resend the interrupt when the vCPU 1773 * is dispatched again on a HW thread. 1774 */ 1775 ipb = xive_get_field32(NVP2_W2_IPB, nvp.w2) | 1776 xive_priority_to_ipb(priority); 1777 nvp.w2 = xive_set_field32(NVP2_W2_IPB, nvp.w2, ipb); 1778 xive2_router_write_nvp(xrtr, nvx_blk, nvx_idx, &nvp, 2); 1779 } else { 1780 Xive2Nvgc nvgc; 1781 uint32_t backlog; 1782 1783 /* 1784 * For groups and crowds, the per-priority backlog 1785 * counters are stored in the NVG/NVC structures 1786 */ 1787 if (xive2_router_get_nvgc(xrtr, crowd, 1788 nvx_blk, nvx_idx, &nvgc)) { 1789 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: no %s %x/%x\n", 1790 crowd ? "NVC" : "NVG", nvx_blk, nvx_idx); 1791 return; 1792 } 1793 1794 if (!xive2_nvgc_is_valid(&nvgc)) { 1795 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: NVG %x/%x is invalid\n", 1796 nvx_blk, nvx_idx); 1797 return; 1798 } 1799 1800 /* 1801 * Increment the backlog counter for that priority. 1802 * We only call broadcast the first time the counter is 1803 * incremented. broadcast will set the LSMFB field of the TIMA of 1804 * relevant threads so that they know an interrupt is pending. 1805 */ 1806 backlog = xive2_nvgc_get_backlog(&nvgc, priority) + 1; 1807 xive2_nvgc_set_backlog(&nvgc, priority, backlog); 1808 xive2_router_write_nvgc(xrtr, crowd, nvx_blk, nvx_idx, &nvgc); 1809 1810 if (backlog == 1) { 1811 XiveFabricClass *xfc = XIVE_FABRIC_GET_CLASS(xrtr->xfb); 1812 xfc->broadcast(xrtr->xfb, nvx_blk, nvx_idx, 1813 crowd, cam_ignore, priority); 1814 1815 if (!xive2_end_is_precluded_escalation(&end)) { 1816 /* 1817 * The interrupt will be picked up when the 1818 * matching thread lowers its priority level 1819 */ 1820 return; 1821 } 1822 } 1823 } 1824 } 1825 1826 do_escalation: 1827 /* 1828 * If activated, escalate notification using the ESe PQ bits and 1829 * the EAS in w4-5 1830 */ 1831 if (!xive2_end_is_escalate(&end)) { 1832 return; 1833 } 1834 1835 /* 1836 * Check the END ESe (Event State Buffer for escalation) for even 1837 * further coalescing in the Router 1838 */ 1839 if (!xive2_end_is_uncond_escalation(&end)) { 1840 /* ESe[Q]=1 : end of escalation notification */ 1841 if (!xive2_router_end_es_notify(xrtr, end_blk, end_idx, 1842 &end, END2_W1_ESe)) { 1843 return; 1844 } 1845 } 1846 1847 if (xive2_end_is_escalate_end(&end)) { 1848 /* 1849 * Perform END Adaptive escalation processing 1850 * The END trigger becomes an Escalation trigger 1851 */ 1852 uint8_t esc_blk = xive_get_field32(END2_W4_END_BLOCK, end.w4); 1853 uint32_t esc_idx = xive_get_field32(END2_W4_ESC_END_INDEX, end.w4); 1854 uint32_t esc_data = xive_get_field32(END2_W5_ESC_END_DATA, end.w5); 1855 trace_xive_escalate_end(end_blk, end_idx, esc_blk, esc_idx, esc_data); 1856 xive2_router_end_notify(xrtr, esc_blk, esc_idx, esc_data, false); 1857 } /* end END adaptive escalation */ 1858 1859 else { 1860 uint32_t lisn; /* Logical Interrupt Source Number */ 1861 1862 /* 1863 * Perform ESB escalation processing 1864 * E[N] == 1 --> N 1865 * Req[Block] <- E[ESB_Block] 1866 * Req[Index] <- E[ESB_Index] 1867 * Req[Offset] <- 0x000 1868 * Execute <ESB Store> Req command 1869 */ 1870 lisn = XIVE_EAS(xive_get_field32(END2_W4_END_BLOCK, end.w4), 1871 xive_get_field32(END2_W4_ESC_END_INDEX, end.w4)); 1872 1873 trace_xive_escalate_esb(end_blk, end_idx, lisn); 1874 xive2_notify(xrtr, lisn, true /* pq_checked */); 1875 } 1876 1877 return; 1878 } 1879 1880 void xive2_notify(Xive2Router *xrtr , uint32_t lisn, bool pq_checked) 1881 { 1882 uint8_t eas_blk = XIVE_EAS_BLOCK(lisn); 1883 uint32_t eas_idx = XIVE_EAS_INDEX(lisn); 1884 Xive2Eas eas; 1885 1886 /* EAS cache lookup */ 1887 if (xive2_router_get_eas(xrtr, eas_blk, eas_idx, &eas)) { 1888 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Unknown LISN %x\n", lisn); 1889 return; 1890 } 1891 1892 if (!pq_checked) { 1893 bool notify; 1894 uint8_t pq; 1895 1896 /* PQ cache lookup */ 1897 if (xive2_router_get_pq(xrtr, eas_blk, eas_idx, &pq)) { 1898 /* Set FIR */ 1899 g_assert_not_reached(); 1900 } 1901 1902 notify = xive_esb_trigger(&pq); 1903 1904 if (xive2_router_set_pq(xrtr, eas_blk, eas_idx, &pq)) { 1905 /* Set FIR */ 1906 g_assert_not_reached(); 1907 } 1908 1909 if (!notify) { 1910 return; 1911 } 1912 } 1913 1914 if (!xive2_eas_is_valid(&eas)) { 1915 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: Invalid LISN %x\n", lisn); 1916 return; 1917 } 1918 1919 if (xive2_eas_is_masked(&eas)) { 1920 /* Notification completed */ 1921 return; 1922 } 1923 1924 /* TODO: add support for EAS resume */ 1925 if (xive2_eas_is_resume(&eas)) { 1926 qemu_log_mask(LOG_UNIMP, 1927 "XIVE: EAS resume processing unimplemented - LISN %x\n", 1928 lisn); 1929 return; 1930 } 1931 1932 /* 1933 * The event trigger becomes an END trigger 1934 */ 1935 xive2_router_end_notify(xrtr, 1936 xive_get_field64(EAS2_END_BLOCK, eas.w), 1937 xive_get_field64(EAS2_END_INDEX, eas.w), 1938 xive_get_field64(EAS2_END_DATA, eas.w), 1939 false); 1940 return; 1941 } 1942 1943 void xive2_router_notify(XiveNotifier *xn, uint32_t lisn, bool pq_checked) 1944 { 1945 Xive2Router *xrtr = XIVE2_ROUTER(xn); 1946 1947 xive2_notify(xrtr, lisn, pq_checked); 1948 return; 1949 } 1950 1951 static const Property xive2_router_properties[] = { 1952 DEFINE_PROP_LINK("xive-fabric", Xive2Router, xfb, 1953 TYPE_XIVE_FABRIC, XiveFabric *), 1954 }; 1955 1956 static void xive2_router_class_init(ObjectClass *klass, const void *data) 1957 { 1958 DeviceClass *dc = DEVICE_CLASS(klass); 1959 XiveNotifierClass *xnc = XIVE_NOTIFIER_CLASS(klass); 1960 1961 dc->desc = "XIVE2 Router Engine"; 1962 device_class_set_props(dc, xive2_router_properties); 1963 /* Parent is SysBusDeviceClass. No need to call its realize hook */ 1964 dc->realize = xive2_router_realize; 1965 xnc->notify = xive2_router_notify; 1966 } 1967 1968 static const TypeInfo xive2_router_info = { 1969 .name = TYPE_XIVE2_ROUTER, 1970 .parent = TYPE_SYS_BUS_DEVICE, 1971 .abstract = true, 1972 .instance_size = sizeof(Xive2Router), 1973 .class_size = sizeof(Xive2RouterClass), 1974 .class_init = xive2_router_class_init, 1975 .interfaces = (const InterfaceInfo[]) { 1976 { TYPE_XIVE_NOTIFIER }, 1977 { TYPE_XIVE_PRESENTER }, 1978 { } 1979 } 1980 }; 1981 1982 static inline bool addr_is_even(hwaddr addr, uint32_t shift) 1983 { 1984 return !((addr >> shift) & 1); 1985 } 1986 1987 static uint64_t xive2_end_source_read(void *opaque, hwaddr addr, unsigned size) 1988 { 1989 Xive2EndSource *xsrc = XIVE2_END_SOURCE(opaque); 1990 uint32_t offset = addr & 0xFFF; 1991 uint8_t end_blk; 1992 uint32_t end_idx; 1993 Xive2End end; 1994 uint32_t end_esmask; 1995 uint8_t pq; 1996 uint64_t ret; 1997 1998 /* 1999 * The block id should be deduced from the load address on the END 2000 * ESB MMIO but our model only supports a single block per XIVE chip. 2001 */ 2002 end_blk = xive2_router_get_block_id(xsrc->xrtr); 2003 end_idx = addr >> (xsrc->esb_shift + 1); 2004 2005 if (xive2_router_get_end(xsrc->xrtr, end_blk, end_idx, &end)) { 2006 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No END %x/%x\n", end_blk, 2007 end_idx); 2008 return -1; 2009 } 2010 2011 if (!xive2_end_is_valid(&end)) { 2012 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: END %x/%x is invalid\n", 2013 end_blk, end_idx); 2014 return -1; 2015 } 2016 2017 end_esmask = addr_is_even(addr, xsrc->esb_shift) ? END2_W1_ESn : 2018 END2_W1_ESe; 2019 pq = xive_get_field32(end_esmask, end.w1); 2020 2021 switch (offset) { 2022 case XIVE_ESB_LOAD_EOI ... XIVE_ESB_LOAD_EOI + 0x7FF: 2023 ret = xive_esb_eoi(&pq); 2024 2025 /* Forward the source event notification for routing ?? */ 2026 break; 2027 2028 case XIVE_ESB_GET ... XIVE_ESB_GET + 0x3FF: 2029 ret = pq; 2030 break; 2031 2032 case XIVE_ESB_SET_PQ_00 ... XIVE_ESB_SET_PQ_00 + 0x0FF: 2033 case XIVE_ESB_SET_PQ_01 ... XIVE_ESB_SET_PQ_01 + 0x0FF: 2034 case XIVE_ESB_SET_PQ_10 ... XIVE_ESB_SET_PQ_10 + 0x0FF: 2035 case XIVE_ESB_SET_PQ_11 ... XIVE_ESB_SET_PQ_11 + 0x0FF: 2036 ret = xive_esb_set(&pq, (offset >> 8) & 0x3); 2037 break; 2038 default: 2039 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid END ESB load addr %d\n", 2040 offset); 2041 return -1; 2042 } 2043 2044 if (pq != xive_get_field32(end_esmask, end.w1)) { 2045 end.w1 = xive_set_field32(end_esmask, end.w1, pq); 2046 xive2_router_write_end(xsrc->xrtr, end_blk, end_idx, &end, 1); 2047 } 2048 2049 return ret; 2050 } 2051 2052 static void xive2_end_source_write(void *opaque, hwaddr addr, 2053 uint64_t value, unsigned size) 2054 { 2055 Xive2EndSource *xsrc = XIVE2_END_SOURCE(opaque); 2056 uint32_t offset = addr & 0xFFF; 2057 uint8_t end_blk; 2058 uint32_t end_idx; 2059 Xive2End end; 2060 uint32_t end_esmask; 2061 uint8_t pq; 2062 bool notify = false; 2063 2064 /* 2065 * The block id should be deduced from the load address on the END 2066 * ESB MMIO but our model only supports a single block per XIVE chip. 2067 */ 2068 end_blk = xive2_router_get_block_id(xsrc->xrtr); 2069 end_idx = addr >> (xsrc->esb_shift + 1); 2070 2071 if (xive2_router_get_end(xsrc->xrtr, end_blk, end_idx, &end)) { 2072 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: No END %x/%x\n", end_blk, 2073 end_idx); 2074 return; 2075 } 2076 2077 if (!xive2_end_is_valid(&end)) { 2078 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: END %x/%x is invalid\n", 2079 end_blk, end_idx); 2080 return; 2081 } 2082 2083 end_esmask = addr_is_even(addr, xsrc->esb_shift) ? END2_W1_ESn : 2084 END2_W1_ESe; 2085 pq = xive_get_field32(end_esmask, end.w1); 2086 2087 switch (offset) { 2088 case 0 ... 0x3FF: 2089 notify = xive_esb_trigger(&pq); 2090 break; 2091 2092 case XIVE_ESB_STORE_EOI ... XIVE_ESB_STORE_EOI + 0x3FF: 2093 /* TODO: can we check StoreEOI availability from the router ? */ 2094 notify = xive_esb_eoi(&pq); 2095 break; 2096 2097 case XIVE_ESB_INJECT ... XIVE_ESB_INJECT + 0x3FF: 2098 if (end_esmask == END2_W1_ESe) { 2099 qemu_log_mask(LOG_GUEST_ERROR, 2100 "XIVE: END %x/%x can not EQ inject on ESe\n", 2101 end_blk, end_idx); 2102 return; 2103 } 2104 notify = true; 2105 break; 2106 2107 default: 2108 qemu_log_mask(LOG_GUEST_ERROR, "XIVE: invalid END ESB write addr %d\n", 2109 offset); 2110 return; 2111 } 2112 2113 if (pq != xive_get_field32(end_esmask, end.w1)) { 2114 end.w1 = xive_set_field32(end_esmask, end.w1, pq); 2115 xive2_router_write_end(xsrc->xrtr, end_blk, end_idx, &end, 1); 2116 } 2117 2118 /* TODO: Forward the source event notification for routing */ 2119 if (notify) { 2120 ; 2121 } 2122 } 2123 2124 static const MemoryRegionOps xive2_end_source_ops = { 2125 .read = xive2_end_source_read, 2126 .write = xive2_end_source_write, 2127 .endianness = DEVICE_BIG_ENDIAN, 2128 .valid = { 2129 .min_access_size = 1, 2130 .max_access_size = 8, 2131 }, 2132 .impl = { 2133 .min_access_size = 1, 2134 .max_access_size = 8, 2135 }, 2136 }; 2137 2138 static void xive2_end_source_realize(DeviceState *dev, Error **errp) 2139 { 2140 Xive2EndSource *xsrc = XIVE2_END_SOURCE(dev); 2141 2142 assert(xsrc->xrtr); 2143 2144 if (!xsrc->nr_ends) { 2145 error_setg(errp, "Number of interrupt needs to be greater than 0"); 2146 return; 2147 } 2148 2149 if (xsrc->esb_shift != XIVE_ESB_4K && 2150 xsrc->esb_shift != XIVE_ESB_64K) { 2151 error_setg(errp, "Invalid ESB shift setting"); 2152 return; 2153 } 2154 2155 /* 2156 * Each END is assigned an even/odd pair of MMIO pages, the even page 2157 * manages the ESn field while the odd page manages the ESe field. 2158 */ 2159 memory_region_init_io(&xsrc->esb_mmio, OBJECT(xsrc), 2160 &xive2_end_source_ops, xsrc, "xive.end", 2161 (1ull << (xsrc->esb_shift + 1)) * xsrc->nr_ends); 2162 } 2163 2164 static const Property xive2_end_source_properties[] = { 2165 DEFINE_PROP_UINT32("nr-ends", Xive2EndSource, nr_ends, 0), 2166 DEFINE_PROP_UINT32("shift", Xive2EndSource, esb_shift, XIVE_ESB_64K), 2167 DEFINE_PROP_LINK("xive", Xive2EndSource, xrtr, TYPE_XIVE2_ROUTER, 2168 Xive2Router *), 2169 }; 2170 2171 static void xive2_end_source_class_init(ObjectClass *klass, const void *data) 2172 { 2173 DeviceClass *dc = DEVICE_CLASS(klass); 2174 2175 dc->desc = "XIVE END Source"; 2176 device_class_set_props(dc, xive2_end_source_properties); 2177 dc->realize = xive2_end_source_realize; 2178 dc->user_creatable = false; 2179 } 2180 2181 static const TypeInfo xive2_end_source_info = { 2182 .name = TYPE_XIVE2_END_SOURCE, 2183 .parent = TYPE_DEVICE, 2184 .instance_size = sizeof(Xive2EndSource), 2185 .class_init = xive2_end_source_class_init, 2186 }; 2187 2188 static void xive2_register_types(void) 2189 { 2190 type_register_static(&xive2_router_info); 2191 type_register_static(&xive2_end_source_info); 2192 } 2193 2194 type_init(xive2_register_types) 2195