1 /* 2 * QEMU PowerPC PowerNV (POWER9) PHB4 model 3 * 4 * Copyright (c) 2018-2020, IBM Corporation. 5 * 6 * This code is licensed under the GPL version 2 or later. See the 7 * COPYING file in the top-level directory. 8 */ 9 #include "qemu/osdep.h" 10 #include "qemu/log.h" 11 #include "qapi/visitor.h" 12 #include "qapi/error.h" 13 #include "qemu-common.h" 14 #include "monitor/monitor.h" 15 #include "target/ppc/cpu.h" 16 #include "hw/pci-host/pnv_phb4_regs.h" 17 #include "hw/pci-host/pnv_phb4.h" 18 #include "hw/pci/pcie_host.h" 19 #include "hw/pci/pcie_port.h" 20 #include "hw/ppc/pnv.h" 21 #include "hw/ppc/pnv_xscom.h" 22 #include "hw/irq.h" 23 #include "hw/qdev-properties.h" 24 #include "qom/object.h" 25 #include "sysemu/sysemu.h" 26 #include "trace.h" 27 28 #define phb_error(phb, fmt, ...) \ 29 qemu_log_mask(LOG_GUEST_ERROR, "phb4[%d:%d]: " fmt "\n", \ 30 (phb)->chip_id, (phb)->phb_id, ## __VA_ARGS__) 31 32 /* 33 * QEMU version of the GETFIELD/SETFIELD macros 34 * 35 * These are common with the PnvXive model. 36 */ 37 static inline uint64_t GETFIELD(uint64_t mask, uint64_t word) 38 { 39 return (word & mask) >> ctz64(mask); 40 } 41 42 static inline uint64_t SETFIELD(uint64_t mask, uint64_t word, 43 uint64_t value) 44 { 45 return (word & ~mask) | ((value << ctz64(mask)) & mask); 46 } 47 48 static PCIDevice *pnv_phb4_find_cfg_dev(PnvPHB4 *phb) 49 { 50 PCIHostState *pci = PCI_HOST_BRIDGE(phb); 51 uint64_t addr = phb->regs[PHB_CONFIG_ADDRESS >> 3]; 52 uint8_t bus, devfn; 53 54 if (!(addr >> 63)) { 55 return NULL; 56 } 57 bus = (addr >> 52) & 0xff; 58 devfn = (addr >> 44) & 0xff; 59 60 /* We don't access the root complex this way */ 61 if (bus == 0 && devfn == 0) { 62 return NULL; 63 } 64 return pci_find_device(pci->bus, bus, devfn); 65 } 66 67 /* 68 * The CONFIG_DATA register expects little endian accesses, but as the 69 * region is big endian, we have to swap the value. 70 */ 71 static void pnv_phb4_config_write(PnvPHB4 *phb, unsigned off, 72 unsigned size, uint64_t val) 73 { 74 uint32_t cfg_addr, limit; 75 PCIDevice *pdev; 76 77 pdev = pnv_phb4_find_cfg_dev(phb); 78 if (!pdev) { 79 return; 80 } 81 cfg_addr = (phb->regs[PHB_CONFIG_ADDRESS >> 3] >> 32) & 0xffc; 82 cfg_addr |= off; 83 limit = pci_config_size(pdev); 84 if (limit <= cfg_addr) { 85 /* 86 * conventional pci device can be behind pcie-to-pci bridge. 87 * 256 <= addr < 4K has no effects. 88 */ 89 return; 90 } 91 switch (size) { 92 case 1: 93 break; 94 case 2: 95 val = bswap16(val); 96 break; 97 case 4: 98 val = bswap32(val); 99 break; 100 default: 101 g_assert_not_reached(); 102 } 103 pci_host_config_write_common(pdev, cfg_addr, limit, val, size); 104 } 105 106 static uint64_t pnv_phb4_config_read(PnvPHB4 *phb, unsigned off, 107 unsigned size) 108 { 109 uint32_t cfg_addr, limit; 110 PCIDevice *pdev; 111 uint64_t val; 112 113 pdev = pnv_phb4_find_cfg_dev(phb); 114 if (!pdev) { 115 return ~0ull; 116 } 117 cfg_addr = (phb->regs[PHB_CONFIG_ADDRESS >> 3] >> 32) & 0xffc; 118 cfg_addr |= off; 119 limit = pci_config_size(pdev); 120 if (limit <= cfg_addr) { 121 /* 122 * conventional pci device can be behind pcie-to-pci bridge. 123 * 256 <= addr < 4K has no effects. 124 */ 125 return ~0ull; 126 } 127 val = pci_host_config_read_common(pdev, cfg_addr, limit, size); 128 switch (size) { 129 case 1: 130 return val; 131 case 2: 132 return bswap16(val); 133 case 4: 134 return bswap32(val); 135 default: 136 g_assert_not_reached(); 137 } 138 } 139 140 /* 141 * Root complex register accesses are memory mapped. 142 */ 143 static void pnv_phb4_rc_config_write(PnvPHB4 *phb, unsigned off, 144 unsigned size, uint64_t val) 145 { 146 PCIHostState *pci = PCI_HOST_BRIDGE(phb); 147 PCIDevice *pdev; 148 149 if (size != 4) { 150 phb_error(phb, "rc_config_write invalid size %d\n", size); 151 return; 152 } 153 154 pdev = pci_find_device(pci->bus, 0, 0); 155 assert(pdev); 156 157 pci_host_config_write_common(pdev, off, PHB_RC_CONFIG_SIZE, 158 bswap32(val), 4); 159 } 160 161 static uint64_t pnv_phb4_rc_config_read(PnvPHB4 *phb, unsigned off, 162 unsigned size) 163 { 164 PCIHostState *pci = PCI_HOST_BRIDGE(phb); 165 PCIDevice *pdev; 166 uint64_t val; 167 168 if (size != 4) { 169 phb_error(phb, "rc_config_read invalid size %d\n", size); 170 return ~0ull; 171 } 172 173 pdev = pci_find_device(pci->bus, 0, 0); 174 assert(pdev); 175 176 val = pci_host_config_read_common(pdev, off, PHB_RC_CONFIG_SIZE, 4); 177 return bswap32(val); 178 } 179 180 static void pnv_phb4_check_mbt(PnvPHB4 *phb, uint32_t index) 181 { 182 uint64_t base, start, size, mbe0, mbe1; 183 MemoryRegion *parent; 184 char name[64]; 185 186 /* Unmap first */ 187 if (memory_region_is_mapped(&phb->mr_mmio[index])) { 188 /* Should we destroy it in RCU friendly way... ? */ 189 memory_region_del_subregion(phb->mr_mmio[index].container, 190 &phb->mr_mmio[index]); 191 } 192 193 /* Get table entry */ 194 mbe0 = phb->ioda_MBT[(index << 1)]; 195 mbe1 = phb->ioda_MBT[(index << 1) + 1]; 196 197 if (!(mbe0 & IODA3_MBT0_ENABLE)) { 198 return; 199 } 200 201 /* Grab geometry from registers */ 202 base = GETFIELD(IODA3_MBT0_BASE_ADDR, mbe0) << 12; 203 size = GETFIELD(IODA3_MBT1_MASK, mbe1) << 12; 204 size |= 0xff00000000000000ull; 205 size = ~size + 1; 206 207 /* Calculate PCI side start address based on M32/M64 window type */ 208 if (mbe0 & IODA3_MBT0_TYPE_M32) { 209 start = phb->regs[PHB_M32_START_ADDR >> 3]; 210 if ((start + size) > 0x100000000ull) { 211 phb_error(phb, "M32 set beyond 4GB boundary !"); 212 size = 0x100000000 - start; 213 } 214 } else { 215 start = base | (phb->regs[PHB_M64_UPPER_BITS >> 3]); 216 } 217 218 /* TODO: Figure out how to implemet/decode AOMASK */ 219 220 /* Check if it matches an enabled MMIO region in the PEC stack */ 221 if (memory_region_is_mapped(&phb->stack->mmbar0) && 222 base >= phb->stack->mmio0_base && 223 (base + size) <= (phb->stack->mmio0_base + phb->stack->mmio0_size)) { 224 parent = &phb->stack->mmbar0; 225 base -= phb->stack->mmio0_base; 226 } else if (memory_region_is_mapped(&phb->stack->mmbar1) && 227 base >= phb->stack->mmio1_base && 228 (base + size) <= (phb->stack->mmio1_base + phb->stack->mmio1_size)) { 229 parent = &phb->stack->mmbar1; 230 base -= phb->stack->mmio1_base; 231 } else { 232 phb_error(phb, "PHB MBAR %d out of parent bounds", index); 233 return; 234 } 235 236 /* Create alias (better name ?) */ 237 snprintf(name, sizeof(name), "phb4-mbar%d", index); 238 memory_region_init_alias(&phb->mr_mmio[index], OBJECT(phb), name, 239 &phb->pci_mmio, start, size); 240 memory_region_add_subregion(parent, base, &phb->mr_mmio[index]); 241 } 242 243 static void pnv_phb4_check_all_mbt(PnvPHB4 *phb) 244 { 245 uint64_t i; 246 uint32_t num_windows = phb->big_phb ? PNV_PHB4_MAX_MMIO_WINDOWS : 247 PNV_PHB4_MIN_MMIO_WINDOWS; 248 249 for (i = 0; i < num_windows; i++) { 250 pnv_phb4_check_mbt(phb, i); 251 } 252 } 253 254 static uint64_t *pnv_phb4_ioda_access(PnvPHB4 *phb, 255 unsigned *out_table, unsigned *out_idx) 256 { 257 uint64_t adreg = phb->regs[PHB_IODA_ADDR >> 3]; 258 unsigned int index = GETFIELD(PHB_IODA_AD_TADR, adreg); 259 unsigned int table = GETFIELD(PHB_IODA_AD_TSEL, adreg); 260 unsigned int mask; 261 uint64_t *tptr = NULL; 262 263 switch (table) { 264 case IODA3_TBL_LIST: 265 tptr = phb->ioda_LIST; 266 mask = 7; 267 break; 268 case IODA3_TBL_MIST: 269 tptr = phb->ioda_MIST; 270 mask = phb->big_phb ? PNV_PHB4_MAX_MIST : (PNV_PHB4_MAX_MIST >> 1); 271 mask -= 1; 272 break; 273 case IODA3_TBL_RCAM: 274 mask = phb->big_phb ? 127 : 63; 275 break; 276 case IODA3_TBL_MRT: 277 mask = phb->big_phb ? 15 : 7; 278 break; 279 case IODA3_TBL_PESTA: 280 case IODA3_TBL_PESTB: 281 mask = phb->big_phb ? PNV_PHB4_MAX_PEs : (PNV_PHB4_MAX_PEs >> 1); 282 mask -= 1; 283 break; 284 case IODA3_TBL_TVT: 285 tptr = phb->ioda_TVT; 286 mask = phb->big_phb ? PNV_PHB4_MAX_TVEs : (PNV_PHB4_MAX_TVEs >> 1); 287 mask -= 1; 288 break; 289 case IODA3_TBL_TCR: 290 case IODA3_TBL_TDR: 291 mask = phb->big_phb ? 1023 : 511; 292 break; 293 case IODA3_TBL_MBT: 294 tptr = phb->ioda_MBT; 295 mask = phb->big_phb ? PNV_PHB4_MAX_MBEs : (PNV_PHB4_MAX_MBEs >> 1); 296 mask -= 1; 297 break; 298 case IODA3_TBL_MDT: 299 tptr = phb->ioda_MDT; 300 mask = phb->big_phb ? PNV_PHB4_MAX_PEs : (PNV_PHB4_MAX_PEs >> 1); 301 mask -= 1; 302 break; 303 case IODA3_TBL_PEEV: 304 tptr = phb->ioda_PEEV; 305 mask = phb->big_phb ? PNV_PHB4_MAX_PEEVs : (PNV_PHB4_MAX_PEEVs >> 1); 306 mask -= 1; 307 break; 308 default: 309 phb_error(phb, "invalid IODA table %d", table); 310 return NULL; 311 } 312 index &= mask; 313 if (out_idx) { 314 *out_idx = index; 315 } 316 if (out_table) { 317 *out_table = table; 318 } 319 if (tptr) { 320 tptr += index; 321 } 322 if (adreg & PHB_IODA_AD_AUTOINC) { 323 index = (index + 1) & mask; 324 adreg = SETFIELD(PHB_IODA_AD_TADR, adreg, index); 325 } 326 327 phb->regs[PHB_IODA_ADDR >> 3] = adreg; 328 return tptr; 329 } 330 331 static uint64_t pnv_phb4_ioda_read(PnvPHB4 *phb) 332 { 333 unsigned table, idx; 334 uint64_t *tptr; 335 336 tptr = pnv_phb4_ioda_access(phb, &table, &idx); 337 if (!tptr) { 338 /* Special PESTA case */ 339 if (table == IODA3_TBL_PESTA) { 340 return ((uint64_t)(phb->ioda_PEST_AB[idx] & 1)) << 63; 341 } else if (table == IODA3_TBL_PESTB) { 342 return ((uint64_t)(phb->ioda_PEST_AB[idx] & 2)) << 62; 343 } 344 /* Return 0 on unsupported tables, not ff's */ 345 return 0; 346 } 347 return *tptr; 348 } 349 350 static void pnv_phb4_ioda_write(PnvPHB4 *phb, uint64_t val) 351 { 352 unsigned table, idx; 353 uint64_t *tptr; 354 355 tptr = pnv_phb4_ioda_access(phb, &table, &idx); 356 if (!tptr) { 357 /* Special PESTA case */ 358 if (table == IODA3_TBL_PESTA) { 359 phb->ioda_PEST_AB[idx] &= ~1; 360 phb->ioda_PEST_AB[idx] |= (val >> 63) & 1; 361 } else if (table == IODA3_TBL_PESTB) { 362 phb->ioda_PEST_AB[idx] &= ~2; 363 phb->ioda_PEST_AB[idx] |= (val >> 62) & 2; 364 } 365 return; 366 } 367 368 /* Handle side effects */ 369 switch (table) { 370 case IODA3_TBL_LIST: 371 break; 372 case IODA3_TBL_MIST: { 373 /* Special mask for MIST partial write */ 374 uint64_t adreg = phb->regs[PHB_IODA_ADDR >> 3]; 375 uint32_t mmask = GETFIELD(PHB_IODA_AD_MIST_PWV, adreg); 376 uint64_t v = *tptr; 377 if (mmask == 0) { 378 mmask = 0xf; 379 } 380 if (mmask & 8) { 381 v &= 0x0000ffffffffffffull; 382 v |= 0xcfff000000000000ull & val; 383 } 384 if (mmask & 4) { 385 v &= 0xffff0000ffffffffull; 386 v |= 0x0000cfff00000000ull & val; 387 } 388 if (mmask & 2) { 389 v &= 0xffffffff0000ffffull; 390 v |= 0x00000000cfff0000ull & val; 391 } 392 if (mmask & 1) { 393 v &= 0xffffffffffff0000ull; 394 v |= 0x000000000000cfffull & val; 395 } 396 *tptr = v; 397 break; 398 } 399 case IODA3_TBL_MBT: 400 *tptr = val; 401 402 /* Copy accross the valid bit to the other half */ 403 phb->ioda_MBT[idx ^ 1] &= 0x7fffffffffffffffull; 404 phb->ioda_MBT[idx ^ 1] |= 0x8000000000000000ull & val; 405 406 /* Update mappings */ 407 pnv_phb4_check_mbt(phb, idx >> 1); 408 break; 409 default: 410 *tptr = val; 411 } 412 } 413 414 static void pnv_phb4_rtc_invalidate(PnvPHB4 *phb, uint64_t val) 415 { 416 PnvPhb4DMASpace *ds; 417 418 /* Always invalidate all for now ... */ 419 QLIST_FOREACH(ds, &phb->dma_spaces, list) { 420 ds->pe_num = PHB_INVALID_PE; 421 } 422 } 423 424 static void pnv_phb4_update_msi_regions(PnvPhb4DMASpace *ds) 425 { 426 uint64_t cfg = ds->phb->regs[PHB_PHB4_CONFIG >> 3]; 427 428 if (cfg & PHB_PHB4C_32BIT_MSI_EN) { 429 if (!memory_region_is_mapped(MEMORY_REGION(&ds->msi32_mr))) { 430 memory_region_add_subregion(MEMORY_REGION(&ds->dma_mr), 431 0xffff0000, &ds->msi32_mr); 432 } 433 } else { 434 if (memory_region_is_mapped(MEMORY_REGION(&ds->msi32_mr))) { 435 memory_region_del_subregion(MEMORY_REGION(&ds->dma_mr), 436 &ds->msi32_mr); 437 } 438 } 439 440 if (cfg & PHB_PHB4C_64BIT_MSI_EN) { 441 if (!memory_region_is_mapped(MEMORY_REGION(&ds->msi64_mr))) { 442 memory_region_add_subregion(MEMORY_REGION(&ds->dma_mr), 443 (1ull << 60), &ds->msi64_mr); 444 } 445 } else { 446 if (memory_region_is_mapped(MEMORY_REGION(&ds->msi64_mr))) { 447 memory_region_del_subregion(MEMORY_REGION(&ds->dma_mr), 448 &ds->msi64_mr); 449 } 450 } 451 } 452 453 static void pnv_phb4_update_all_msi_regions(PnvPHB4 *phb) 454 { 455 PnvPhb4DMASpace *ds; 456 457 QLIST_FOREACH(ds, &phb->dma_spaces, list) { 458 pnv_phb4_update_msi_regions(ds); 459 } 460 } 461 462 static void pnv_phb4_update_xsrc(PnvPHB4 *phb) 463 { 464 int shift, flags, i, lsi_base; 465 XiveSource *xsrc = &phb->xsrc; 466 467 /* The XIVE source characteristics can be set at run time */ 468 if (phb->regs[PHB_CTRLR >> 3] & PHB_CTRLR_IRQ_PGSZ_64K) { 469 shift = XIVE_ESB_64K; 470 } else { 471 shift = XIVE_ESB_4K; 472 } 473 if (phb->regs[PHB_CTRLR >> 3] & PHB_CTRLR_IRQ_STORE_EOI) { 474 flags = XIVE_SRC_STORE_EOI; 475 } else { 476 flags = 0; 477 } 478 479 phb->xsrc.esb_shift = shift; 480 phb->xsrc.esb_flags = flags; 481 482 lsi_base = GETFIELD(PHB_LSI_SRC_ID, phb->regs[PHB_LSI_SOURCE_ID >> 3]); 483 lsi_base <<= 3; 484 485 /* TODO: handle reset values of PHB_LSI_SRC_ID */ 486 if (!lsi_base) { 487 return; 488 } 489 490 /* TODO: need a xive_source_irq_reset_lsi() */ 491 bitmap_zero(xsrc->lsi_map, xsrc->nr_irqs); 492 493 for (i = 0; i < xsrc->nr_irqs; i++) { 494 bool msi = (i < lsi_base || i >= (lsi_base + 8)); 495 if (!msi) { 496 xive_source_irq_set_lsi(xsrc, i); 497 } 498 } 499 } 500 501 static void pnv_phb4_reg_write(void *opaque, hwaddr off, uint64_t val, 502 unsigned size) 503 { 504 PnvPHB4 *phb = PNV_PHB4(opaque); 505 bool changed; 506 507 /* Special case outbound configuration data */ 508 if ((off & 0xfffc) == PHB_CONFIG_DATA) { 509 pnv_phb4_config_write(phb, off & 0x3, size, val); 510 return; 511 } 512 513 /* Special case RC configuration space */ 514 if ((off & 0xf800) == PHB_RC_CONFIG_BASE) { 515 pnv_phb4_rc_config_write(phb, off & 0x7ff, size, val); 516 return; 517 } 518 519 /* Other registers are 64-bit only */ 520 if (size != 8 || off & 0x7) { 521 phb_error(phb, "Invalid register access, offset: 0x%"PRIx64" size: %d", 522 off, size); 523 return; 524 } 525 526 /* Handle masking */ 527 switch (off) { 528 case PHB_LSI_SOURCE_ID: 529 val &= PHB_LSI_SRC_ID; 530 break; 531 case PHB_M64_UPPER_BITS: 532 val &= 0xff00000000000000ull; 533 break; 534 /* TCE Kill */ 535 case PHB_TCE_KILL: 536 /* Clear top 3 bits which HW does to indicate successful queuing */ 537 val &= ~(PHB_TCE_KILL_ALL | PHB_TCE_KILL_PE | PHB_TCE_KILL_ONE); 538 break; 539 case PHB_Q_DMA_R: 540 /* 541 * This is enough logic to make SW happy but we aren't 542 * actually quiescing the DMAs 543 */ 544 if (val & PHB_Q_DMA_R_AUTORESET) { 545 val = 0; 546 } else { 547 val &= PHB_Q_DMA_R_QUIESCE_DMA; 548 } 549 break; 550 /* LEM stuff */ 551 case PHB_LEM_FIR_AND_MASK: 552 phb->regs[PHB_LEM_FIR_ACCUM >> 3] &= val; 553 return; 554 case PHB_LEM_FIR_OR_MASK: 555 phb->regs[PHB_LEM_FIR_ACCUM >> 3] |= val; 556 return; 557 case PHB_LEM_ERROR_AND_MASK: 558 phb->regs[PHB_LEM_ERROR_MASK >> 3] &= val; 559 return; 560 case PHB_LEM_ERROR_OR_MASK: 561 phb->regs[PHB_LEM_ERROR_MASK >> 3] |= val; 562 return; 563 case PHB_LEM_WOF: 564 val = 0; 565 break; 566 /* TODO: More regs ..., maybe create a table with masks... */ 567 568 /* Read only registers */ 569 case PHB_CPU_LOADSTORE_STATUS: 570 case PHB_ETU_ERR_SUMMARY: 571 case PHB_PHB4_GEN_CAP: 572 case PHB_PHB4_TCE_CAP: 573 case PHB_PHB4_IRQ_CAP: 574 case PHB_PHB4_EEH_CAP: 575 return; 576 } 577 578 /* Record whether it changed */ 579 changed = phb->regs[off >> 3] != val; 580 581 /* Store in register cache first */ 582 phb->regs[off >> 3] = val; 583 584 /* Handle side effects */ 585 switch (off) { 586 case PHB_PHB4_CONFIG: 587 if (changed) { 588 pnv_phb4_update_all_msi_regions(phb); 589 } 590 break; 591 case PHB_M32_START_ADDR: 592 case PHB_M64_UPPER_BITS: 593 if (changed) { 594 pnv_phb4_check_all_mbt(phb); 595 } 596 break; 597 598 /* IODA table accesses */ 599 case PHB_IODA_DATA0: 600 pnv_phb4_ioda_write(phb, val); 601 break; 602 603 /* RTC invalidation */ 604 case PHB_RTC_INVALIDATE: 605 pnv_phb4_rtc_invalidate(phb, val); 606 break; 607 608 /* PHB Control (Affects XIVE source) */ 609 case PHB_CTRLR: 610 case PHB_LSI_SOURCE_ID: 611 pnv_phb4_update_xsrc(phb); 612 break; 613 614 /* Silent simple writes */ 615 case PHB_ASN_CMPM: 616 case PHB_CONFIG_ADDRESS: 617 case PHB_IODA_ADDR: 618 case PHB_TCE_KILL: 619 case PHB_TCE_SPEC_CTL: 620 case PHB_PEST_BAR: 621 case PHB_PELTV_BAR: 622 case PHB_RTT_BAR: 623 case PHB_LEM_FIR_ACCUM: 624 case PHB_LEM_ERROR_MASK: 625 case PHB_LEM_ACTION0: 626 case PHB_LEM_ACTION1: 627 case PHB_TCE_TAG_ENABLE: 628 case PHB_INT_NOTIFY_ADDR: 629 case PHB_INT_NOTIFY_INDEX: 630 case PHB_DMARD_SYNC: 631 break; 632 633 /* Noise on anything else */ 634 default: 635 qemu_log_mask(LOG_UNIMP, "phb4: reg_write 0x%"PRIx64"=%"PRIx64"\n", 636 off, val); 637 } 638 } 639 640 static uint64_t pnv_phb4_reg_read(void *opaque, hwaddr off, unsigned size) 641 { 642 PnvPHB4 *phb = PNV_PHB4(opaque); 643 uint64_t val; 644 645 if ((off & 0xfffc) == PHB_CONFIG_DATA) { 646 return pnv_phb4_config_read(phb, off & 0x3, size); 647 } 648 649 /* Special case RC configuration space */ 650 if ((off & 0xf800) == PHB_RC_CONFIG_BASE) { 651 return pnv_phb4_rc_config_read(phb, off & 0x7ff, size); 652 } 653 654 /* Other registers are 64-bit only */ 655 if (size != 8 || off & 0x7) { 656 phb_error(phb, "Invalid register access, offset: 0x%"PRIx64" size: %d", 657 off, size); 658 return ~0ull; 659 } 660 661 /* Default read from cache */ 662 val = phb->regs[off >> 3]; 663 664 switch (off) { 665 case PHB_VERSION: 666 return phb->version; 667 668 /* Read-only */ 669 case PHB_PHB4_GEN_CAP: 670 return 0xe4b8000000000000ull; 671 case PHB_PHB4_TCE_CAP: 672 return phb->big_phb ? 0x4008440000000400ull : 0x2008440000000200ull; 673 case PHB_PHB4_IRQ_CAP: 674 return phb->big_phb ? 0x0800000000001000ull : 0x0800000000000800ull; 675 case PHB_PHB4_EEH_CAP: 676 return phb->big_phb ? 0x2000000000000000ull : 0x1000000000000000ull; 677 678 /* IODA table accesses */ 679 case PHB_IODA_DATA0: 680 return pnv_phb4_ioda_read(phb); 681 682 /* Link training always appears trained */ 683 case PHB_PCIE_DLP_TRAIN_CTL: 684 /* TODO: Do something sensible with speed ? */ 685 return PHB_PCIE_DLP_INBAND_PRESENCE | PHB_PCIE_DLP_TL_LINKACT; 686 687 /* DMA read sync: make it look like it's complete */ 688 case PHB_DMARD_SYNC: 689 return PHB_DMARD_SYNC_COMPLETE; 690 691 /* Silent simple reads */ 692 case PHB_LSI_SOURCE_ID: 693 case PHB_CPU_LOADSTORE_STATUS: 694 case PHB_ASN_CMPM: 695 case PHB_PHB4_CONFIG: 696 case PHB_M32_START_ADDR: 697 case PHB_CONFIG_ADDRESS: 698 case PHB_IODA_ADDR: 699 case PHB_RTC_INVALIDATE: 700 case PHB_TCE_KILL: 701 case PHB_TCE_SPEC_CTL: 702 case PHB_PEST_BAR: 703 case PHB_PELTV_BAR: 704 case PHB_RTT_BAR: 705 case PHB_M64_UPPER_BITS: 706 case PHB_CTRLR: 707 case PHB_LEM_FIR_ACCUM: 708 case PHB_LEM_ERROR_MASK: 709 case PHB_LEM_ACTION0: 710 case PHB_LEM_ACTION1: 711 case PHB_TCE_TAG_ENABLE: 712 case PHB_INT_NOTIFY_ADDR: 713 case PHB_INT_NOTIFY_INDEX: 714 case PHB_Q_DMA_R: 715 case PHB_ETU_ERR_SUMMARY: 716 break; 717 718 /* Noise on anything else */ 719 default: 720 qemu_log_mask(LOG_UNIMP, "phb4: reg_read 0x%"PRIx64"=%"PRIx64"\n", 721 off, val); 722 } 723 return val; 724 } 725 726 static const MemoryRegionOps pnv_phb4_reg_ops = { 727 .read = pnv_phb4_reg_read, 728 .write = pnv_phb4_reg_write, 729 .valid.min_access_size = 1, 730 .valid.max_access_size = 8, 731 .impl.min_access_size = 1, 732 .impl.max_access_size = 8, 733 .endianness = DEVICE_BIG_ENDIAN, 734 }; 735 736 static uint64_t pnv_phb4_xscom_read(void *opaque, hwaddr addr, unsigned size) 737 { 738 PnvPHB4 *phb = PNV_PHB4(opaque); 739 uint32_t reg = addr >> 3; 740 uint64_t val; 741 hwaddr offset; 742 743 switch (reg) { 744 case PHB_SCOM_HV_IND_ADDR: 745 return phb->scom_hv_ind_addr_reg; 746 747 case PHB_SCOM_HV_IND_DATA: 748 if (!(phb->scom_hv_ind_addr_reg & PHB_SCOM_HV_IND_ADDR_VALID)) { 749 phb_error(phb, "Invalid indirect address"); 750 return ~0ull; 751 } 752 size = (phb->scom_hv_ind_addr_reg & PHB_SCOM_HV_IND_ADDR_4B) ? 4 : 8; 753 offset = GETFIELD(PHB_SCOM_HV_IND_ADDR_ADDR, phb->scom_hv_ind_addr_reg); 754 val = pnv_phb4_reg_read(phb, offset, size); 755 if (phb->scom_hv_ind_addr_reg & PHB_SCOM_HV_IND_ADDR_AUTOINC) { 756 offset += size; 757 offset &= 0x3fff; 758 phb->scom_hv_ind_addr_reg = SETFIELD(PHB_SCOM_HV_IND_ADDR_ADDR, 759 phb->scom_hv_ind_addr_reg, 760 offset); 761 } 762 return val; 763 case PHB_SCOM_ETU_LEM_FIR: 764 case PHB_SCOM_ETU_LEM_FIR_AND: 765 case PHB_SCOM_ETU_LEM_FIR_OR: 766 case PHB_SCOM_ETU_LEM_FIR_MSK: 767 case PHB_SCOM_ETU_LEM_ERR_MSK_AND: 768 case PHB_SCOM_ETU_LEM_ERR_MSK_OR: 769 case PHB_SCOM_ETU_LEM_ACT0: 770 case PHB_SCOM_ETU_LEM_ACT1: 771 case PHB_SCOM_ETU_LEM_WOF: 772 offset = ((reg - PHB_SCOM_ETU_LEM_FIR) << 3) + PHB_LEM_FIR_ACCUM; 773 return pnv_phb4_reg_read(phb, offset, size); 774 case PHB_SCOM_ETU_PMON_CONFIG: 775 case PHB_SCOM_ETU_PMON_CTR0: 776 case PHB_SCOM_ETU_PMON_CTR1: 777 case PHB_SCOM_ETU_PMON_CTR2: 778 case PHB_SCOM_ETU_PMON_CTR3: 779 offset = ((reg - PHB_SCOM_ETU_PMON_CONFIG) << 3) + PHB_PERFMON_CONFIG; 780 return pnv_phb4_reg_read(phb, offset, size); 781 782 default: 783 qemu_log_mask(LOG_UNIMP, "phb4: xscom_read 0x%"HWADDR_PRIx"\n", addr); 784 return ~0ull; 785 } 786 } 787 788 static void pnv_phb4_xscom_write(void *opaque, hwaddr addr, 789 uint64_t val, unsigned size) 790 { 791 PnvPHB4 *phb = PNV_PHB4(opaque); 792 uint32_t reg = addr >> 3; 793 hwaddr offset; 794 795 switch (reg) { 796 case PHB_SCOM_HV_IND_ADDR: 797 phb->scom_hv_ind_addr_reg = val & 0xe000000000001fff; 798 break; 799 case PHB_SCOM_HV_IND_DATA: 800 if (!(phb->scom_hv_ind_addr_reg & PHB_SCOM_HV_IND_ADDR_VALID)) { 801 phb_error(phb, "Invalid indirect address"); 802 break; 803 } 804 size = (phb->scom_hv_ind_addr_reg & PHB_SCOM_HV_IND_ADDR_4B) ? 4 : 8; 805 offset = GETFIELD(PHB_SCOM_HV_IND_ADDR_ADDR, phb->scom_hv_ind_addr_reg); 806 pnv_phb4_reg_write(phb, offset, val, size); 807 if (phb->scom_hv_ind_addr_reg & PHB_SCOM_HV_IND_ADDR_AUTOINC) { 808 offset += size; 809 offset &= 0x3fff; 810 phb->scom_hv_ind_addr_reg = SETFIELD(PHB_SCOM_HV_IND_ADDR_ADDR, 811 phb->scom_hv_ind_addr_reg, 812 offset); 813 } 814 break; 815 case PHB_SCOM_ETU_LEM_FIR: 816 case PHB_SCOM_ETU_LEM_FIR_AND: 817 case PHB_SCOM_ETU_LEM_FIR_OR: 818 case PHB_SCOM_ETU_LEM_FIR_MSK: 819 case PHB_SCOM_ETU_LEM_ERR_MSK_AND: 820 case PHB_SCOM_ETU_LEM_ERR_MSK_OR: 821 case PHB_SCOM_ETU_LEM_ACT0: 822 case PHB_SCOM_ETU_LEM_ACT1: 823 case PHB_SCOM_ETU_LEM_WOF: 824 offset = ((reg - PHB_SCOM_ETU_LEM_FIR) << 3) + PHB_LEM_FIR_ACCUM; 825 pnv_phb4_reg_write(phb, offset, val, size); 826 break; 827 case PHB_SCOM_ETU_PMON_CONFIG: 828 case PHB_SCOM_ETU_PMON_CTR0: 829 case PHB_SCOM_ETU_PMON_CTR1: 830 case PHB_SCOM_ETU_PMON_CTR2: 831 case PHB_SCOM_ETU_PMON_CTR3: 832 offset = ((reg - PHB_SCOM_ETU_PMON_CONFIG) << 3) + PHB_PERFMON_CONFIG; 833 pnv_phb4_reg_write(phb, offset, val, size); 834 break; 835 default: 836 qemu_log_mask(LOG_UNIMP, "phb4: xscom_write 0x%"HWADDR_PRIx 837 "=%"PRIx64"\n", addr, val); 838 } 839 } 840 841 const MemoryRegionOps pnv_phb4_xscom_ops = { 842 .read = pnv_phb4_xscom_read, 843 .write = pnv_phb4_xscom_write, 844 .valid.min_access_size = 8, 845 .valid.max_access_size = 8, 846 .impl.min_access_size = 8, 847 .impl.max_access_size = 8, 848 .endianness = DEVICE_BIG_ENDIAN, 849 }; 850 851 static int pnv_phb4_map_irq(PCIDevice *pci_dev, int irq_num) 852 { 853 /* Check that out properly ... */ 854 return irq_num & 3; 855 } 856 857 static void pnv_phb4_set_irq(void *opaque, int irq_num, int level) 858 { 859 PnvPHB4 *phb = PNV_PHB4(opaque); 860 uint32_t lsi_base; 861 862 /* LSI only ... */ 863 if (irq_num > 3) { 864 phb_error(phb, "IRQ %x is not an LSI", irq_num); 865 } 866 lsi_base = GETFIELD(PHB_LSI_SRC_ID, phb->regs[PHB_LSI_SOURCE_ID >> 3]); 867 lsi_base <<= 3; 868 qemu_set_irq(phb->qirqs[lsi_base + irq_num], level); 869 } 870 871 static bool pnv_phb4_resolve_pe(PnvPhb4DMASpace *ds) 872 { 873 uint64_t rtt, addr; 874 uint16_t rte; 875 int bus_num; 876 int num_PEs; 877 878 /* Already resolved ? */ 879 if (ds->pe_num != PHB_INVALID_PE) { 880 return true; 881 } 882 883 /* We need to lookup the RTT */ 884 rtt = ds->phb->regs[PHB_RTT_BAR >> 3]; 885 if (!(rtt & PHB_RTT_BAR_ENABLE)) { 886 phb_error(ds->phb, "DMA with RTT BAR disabled !"); 887 /* Set error bits ? fence ? ... */ 888 return false; 889 } 890 891 /* Read RTE */ 892 bus_num = pci_bus_num(ds->bus); 893 addr = rtt & PHB_RTT_BASE_ADDRESS_MASK; 894 addr += 2 * PCI_BUILD_BDF(bus_num, ds->devfn); 895 if (dma_memory_read(&address_space_memory, addr, &rte, 896 sizeof(rte), MEMTXATTRS_UNSPECIFIED)) { 897 phb_error(ds->phb, "Failed to read RTT entry at 0x%"PRIx64, addr); 898 /* Set error bits ? fence ? ... */ 899 return false; 900 } 901 rte = be16_to_cpu(rte); 902 903 /* Fail upon reading of invalid PE# */ 904 num_PEs = ds->phb->big_phb ? PNV_PHB4_MAX_PEs : (PNV_PHB4_MAX_PEs >> 1); 905 if (rte >= num_PEs) { 906 phb_error(ds->phb, "RTE for RID 0x%x invalid (%04x", ds->devfn, rte); 907 rte &= num_PEs - 1; 908 } 909 ds->pe_num = rte; 910 return true; 911 } 912 913 static void pnv_phb4_translate_tve(PnvPhb4DMASpace *ds, hwaddr addr, 914 bool is_write, uint64_t tve, 915 IOMMUTLBEntry *tlb) 916 { 917 uint64_t tta = GETFIELD(IODA3_TVT_TABLE_ADDR, tve); 918 int32_t lev = GETFIELD(IODA3_TVT_NUM_LEVELS, tve); 919 uint32_t tts = GETFIELD(IODA3_TVT_TCE_TABLE_SIZE, tve); 920 uint32_t tps = GETFIELD(IODA3_TVT_IO_PSIZE, tve); 921 922 /* Invalid levels */ 923 if (lev > 4) { 924 phb_error(ds->phb, "Invalid #levels in TVE %d", lev); 925 return; 926 } 927 928 /* Invalid entry */ 929 if (tts == 0) { 930 phb_error(ds->phb, "Access to invalid TVE"); 931 return; 932 } 933 934 /* IO Page Size of 0 means untranslated, else use TCEs */ 935 if (tps == 0) { 936 /* TODO: Handle boundaries */ 937 938 /* Use 4k pages like q35 ... for now */ 939 tlb->iova = addr & 0xfffffffffffff000ull; 940 tlb->translated_addr = addr & 0x0003fffffffff000ull; 941 tlb->addr_mask = 0xfffull; 942 tlb->perm = IOMMU_RW; 943 } else { 944 uint32_t tce_shift, tbl_shift, sh; 945 uint64_t base, taddr, tce, tce_mask; 946 947 /* Address bits per bottom level TCE entry */ 948 tce_shift = tps + 11; 949 950 /* Address bits per table level */ 951 tbl_shift = tts + 8; 952 953 /* Top level table base address */ 954 base = tta << 12; 955 956 /* Total shift to first level */ 957 sh = tbl_shift * lev + tce_shift; 958 959 /* TODO: Limit to support IO page sizes */ 960 961 /* TODO: Multi-level untested */ 962 while ((lev--) >= 0) { 963 /* Grab the TCE address */ 964 taddr = base | (((addr >> sh) & ((1ul << tbl_shift) - 1)) << 3); 965 if (dma_memory_read(&address_space_memory, taddr, &tce, 966 sizeof(tce), MEMTXATTRS_UNSPECIFIED)) { 967 phb_error(ds->phb, "Failed to read TCE at 0x%"PRIx64, taddr); 968 return; 969 } 970 tce = be64_to_cpu(tce); 971 972 /* Check permission for indirect TCE */ 973 if ((lev >= 0) && !(tce & 3)) { 974 phb_error(ds->phb, "Invalid indirect TCE at 0x%"PRIx64, taddr); 975 phb_error(ds->phb, " xlate %"PRIx64":%c TVE=%"PRIx64, addr, 976 is_write ? 'W' : 'R', tve); 977 phb_error(ds->phb, " tta=%"PRIx64" lev=%d tts=%d tps=%d", 978 tta, lev, tts, tps); 979 return; 980 } 981 sh -= tbl_shift; 982 base = tce & ~0xfffull; 983 } 984 985 /* We exit the loop with TCE being the final TCE */ 986 tce_mask = ~((1ull << tce_shift) - 1); 987 tlb->iova = addr & tce_mask; 988 tlb->translated_addr = tce & tce_mask; 989 tlb->addr_mask = ~tce_mask; 990 tlb->perm = tce & 3; 991 if ((is_write & !(tce & 2)) || ((!is_write) && !(tce & 1))) { 992 phb_error(ds->phb, "TCE access fault at 0x%"PRIx64, taddr); 993 phb_error(ds->phb, " xlate %"PRIx64":%c TVE=%"PRIx64, addr, 994 is_write ? 'W' : 'R', tve); 995 phb_error(ds->phb, " tta=%"PRIx64" lev=%d tts=%d tps=%d", 996 tta, lev, tts, tps); 997 } 998 } 999 } 1000 1001 static IOMMUTLBEntry pnv_phb4_translate_iommu(IOMMUMemoryRegion *iommu, 1002 hwaddr addr, 1003 IOMMUAccessFlags flag, 1004 int iommu_idx) 1005 { 1006 PnvPhb4DMASpace *ds = container_of(iommu, PnvPhb4DMASpace, dma_mr); 1007 int tve_sel; 1008 uint64_t tve, cfg; 1009 IOMMUTLBEntry ret = { 1010 .target_as = &address_space_memory, 1011 .iova = addr, 1012 .translated_addr = 0, 1013 .addr_mask = ~(hwaddr)0, 1014 .perm = IOMMU_NONE, 1015 }; 1016 1017 /* Resolve PE# */ 1018 if (!pnv_phb4_resolve_pe(ds)) { 1019 phb_error(ds->phb, "Failed to resolve PE# for bus @%p (%d) devfn 0x%x", 1020 ds->bus, pci_bus_num(ds->bus), ds->devfn); 1021 return ret; 1022 } 1023 1024 /* Check top bits */ 1025 switch (addr >> 60) { 1026 case 00: 1027 /* DMA or 32-bit MSI ? */ 1028 cfg = ds->phb->regs[PHB_PHB4_CONFIG >> 3]; 1029 if ((cfg & PHB_PHB4C_32BIT_MSI_EN) && 1030 ((addr & 0xffffffffffff0000ull) == 0xffff0000ull)) { 1031 phb_error(ds->phb, "xlate on 32-bit MSI region"); 1032 return ret; 1033 } 1034 /* Choose TVE XXX Use PHB4 Control Register */ 1035 tve_sel = (addr >> 59) & 1; 1036 tve = ds->phb->ioda_TVT[ds->pe_num * 2 + tve_sel]; 1037 pnv_phb4_translate_tve(ds, addr, flag & IOMMU_WO, tve, &ret); 1038 break; 1039 case 01: 1040 phb_error(ds->phb, "xlate on 64-bit MSI region"); 1041 break; 1042 default: 1043 phb_error(ds->phb, "xlate on unsupported address 0x%"PRIx64, addr); 1044 } 1045 return ret; 1046 } 1047 1048 #define TYPE_PNV_PHB4_IOMMU_MEMORY_REGION "pnv-phb4-iommu-memory-region" 1049 DECLARE_INSTANCE_CHECKER(IOMMUMemoryRegion, PNV_PHB4_IOMMU_MEMORY_REGION, 1050 TYPE_PNV_PHB4_IOMMU_MEMORY_REGION) 1051 1052 static void pnv_phb4_iommu_memory_region_class_init(ObjectClass *klass, 1053 void *data) 1054 { 1055 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_CLASS(klass); 1056 1057 imrc->translate = pnv_phb4_translate_iommu; 1058 } 1059 1060 static const TypeInfo pnv_phb4_iommu_memory_region_info = { 1061 .parent = TYPE_IOMMU_MEMORY_REGION, 1062 .name = TYPE_PNV_PHB4_IOMMU_MEMORY_REGION, 1063 .class_init = pnv_phb4_iommu_memory_region_class_init, 1064 }; 1065 1066 /* 1067 * MSI/MSIX memory region implementation. 1068 * The handler handles both MSI and MSIX. 1069 */ 1070 static void pnv_phb4_msi_write(void *opaque, hwaddr addr, 1071 uint64_t data, unsigned size) 1072 { 1073 PnvPhb4DMASpace *ds = opaque; 1074 PnvPHB4 *phb = ds->phb; 1075 1076 uint32_t src = ((addr >> 4) & 0xffff) | (data & 0x1f); 1077 1078 /* Resolve PE# */ 1079 if (!pnv_phb4_resolve_pe(ds)) { 1080 phb_error(phb, "Failed to resolve PE# for bus @%p (%d) devfn 0x%x", 1081 ds->bus, pci_bus_num(ds->bus), ds->devfn); 1082 return; 1083 } 1084 1085 /* TODO: Check it doesn't collide with LSIs */ 1086 if (src >= phb->xsrc.nr_irqs) { 1087 phb_error(phb, "MSI %d out of bounds", src); 1088 return; 1089 } 1090 1091 /* TODO: check PE/MSI assignement */ 1092 1093 qemu_irq_pulse(phb->qirqs[src]); 1094 } 1095 1096 /* There is no .read as the read result is undefined by PCI spec */ 1097 static uint64_t pnv_phb4_msi_read(void *opaque, hwaddr addr, unsigned size) 1098 { 1099 PnvPhb4DMASpace *ds = opaque; 1100 1101 phb_error(ds->phb, "Invalid MSI read @ 0x%" HWADDR_PRIx, addr); 1102 return -1; 1103 } 1104 1105 static const MemoryRegionOps pnv_phb4_msi_ops = { 1106 .read = pnv_phb4_msi_read, 1107 .write = pnv_phb4_msi_write, 1108 .endianness = DEVICE_LITTLE_ENDIAN 1109 }; 1110 1111 static PnvPhb4DMASpace *pnv_phb4_dma_find(PnvPHB4 *phb, PCIBus *bus, int devfn) 1112 { 1113 PnvPhb4DMASpace *ds; 1114 1115 QLIST_FOREACH(ds, &phb->dma_spaces, list) { 1116 if (ds->bus == bus && ds->devfn == devfn) { 1117 break; 1118 } 1119 } 1120 return ds; 1121 } 1122 1123 static AddressSpace *pnv_phb4_dma_iommu(PCIBus *bus, void *opaque, int devfn) 1124 { 1125 PnvPHB4 *phb = opaque; 1126 PnvPhb4DMASpace *ds; 1127 char name[32]; 1128 1129 ds = pnv_phb4_dma_find(phb, bus, devfn); 1130 1131 if (ds == NULL) { 1132 ds = g_malloc0(sizeof(PnvPhb4DMASpace)); 1133 ds->bus = bus; 1134 ds->devfn = devfn; 1135 ds->pe_num = PHB_INVALID_PE; 1136 ds->phb = phb; 1137 snprintf(name, sizeof(name), "phb4-%d.%d-iommu", phb->chip_id, 1138 phb->phb_id); 1139 memory_region_init_iommu(&ds->dma_mr, sizeof(ds->dma_mr), 1140 TYPE_PNV_PHB4_IOMMU_MEMORY_REGION, 1141 OBJECT(phb), name, UINT64_MAX); 1142 address_space_init(&ds->dma_as, MEMORY_REGION(&ds->dma_mr), 1143 name); 1144 memory_region_init_io(&ds->msi32_mr, OBJECT(phb), &pnv_phb4_msi_ops, 1145 ds, "msi32", 0x10000); 1146 memory_region_init_io(&ds->msi64_mr, OBJECT(phb), &pnv_phb4_msi_ops, 1147 ds, "msi64", 0x100000); 1148 pnv_phb4_update_msi_regions(ds); 1149 1150 QLIST_INSERT_HEAD(&phb->dma_spaces, ds, list); 1151 } 1152 return &ds->dma_as; 1153 } 1154 1155 static void pnv_phb4_instance_init(Object *obj) 1156 { 1157 PnvPHB4 *phb = PNV_PHB4(obj); 1158 1159 QLIST_INIT(&phb->dma_spaces); 1160 1161 /* XIVE interrupt source object */ 1162 object_initialize_child(obj, "source", &phb->xsrc, TYPE_XIVE_SOURCE); 1163 } 1164 1165 static void pnv_phb4_realize(DeviceState *dev, Error **errp) 1166 { 1167 PnvPHB4 *phb = PNV_PHB4(dev); 1168 PCIHostState *pci = PCI_HOST_BRIDGE(dev); 1169 XiveSource *xsrc = &phb->xsrc; 1170 int nr_irqs; 1171 char name[32]; 1172 1173 assert(phb->stack); 1174 1175 /* Set the "big_phb" flag */ 1176 phb->big_phb = phb->phb_id == 0 || phb->phb_id == 3; 1177 1178 /* Controller Registers */ 1179 snprintf(name, sizeof(name), "phb4-%d.%d-regs", phb->chip_id, 1180 phb->phb_id); 1181 memory_region_init_io(&phb->mr_regs, OBJECT(phb), &pnv_phb4_reg_ops, phb, 1182 name, 0x2000); 1183 1184 /* 1185 * PHB4 doesn't support IO space. However, qemu gets very upset if 1186 * we don't have an IO region to anchor IO BARs onto so we just 1187 * initialize one which we never hook up to anything 1188 */ 1189 1190 snprintf(name, sizeof(name), "phb4-%d.%d-pci-io", phb->chip_id, 1191 phb->phb_id); 1192 memory_region_init(&phb->pci_io, OBJECT(phb), name, 0x10000); 1193 1194 snprintf(name, sizeof(name), "phb4-%d.%d-pci-mmio", phb->chip_id, 1195 phb->phb_id); 1196 memory_region_init(&phb->pci_mmio, OBJECT(phb), name, 1197 PCI_MMIO_TOTAL_SIZE); 1198 1199 pci->bus = pci_register_root_bus(dev, dev->id, 1200 pnv_phb4_set_irq, pnv_phb4_map_irq, phb, 1201 &phb->pci_mmio, &phb->pci_io, 1202 0, 4, TYPE_PNV_PHB4_ROOT_BUS); 1203 pci_setup_iommu(pci->bus, pnv_phb4_dma_iommu, phb); 1204 pci->bus->flags |= PCI_BUS_EXTENDED_CONFIG_SPACE; 1205 1206 /* Add a single Root port if running with defaults */ 1207 if (defaults_enabled()) { 1208 pnv_phb_attach_root_port(PCI_HOST_BRIDGE(phb), 1209 TYPE_PNV_PHB4_ROOT_PORT); 1210 } 1211 1212 /* Setup XIVE Source */ 1213 if (phb->big_phb) { 1214 nr_irqs = PNV_PHB4_MAX_INTs; 1215 } else { 1216 nr_irqs = PNV_PHB4_MAX_INTs >> 1; 1217 } 1218 object_property_set_int(OBJECT(xsrc), "nr-irqs", nr_irqs, &error_fatal); 1219 object_property_set_link(OBJECT(xsrc), "xive", OBJECT(phb), &error_fatal); 1220 if (!qdev_realize(DEVICE(xsrc), NULL, errp)) { 1221 return; 1222 } 1223 1224 pnv_phb4_update_xsrc(phb); 1225 1226 phb->qirqs = qemu_allocate_irqs(xive_source_set_irq, xsrc, xsrc->nr_irqs); 1227 } 1228 1229 static const char *pnv_phb4_root_bus_path(PCIHostState *host_bridge, 1230 PCIBus *rootbus) 1231 { 1232 PnvPHB4 *phb = PNV_PHB4(host_bridge); 1233 1234 snprintf(phb->bus_path, sizeof(phb->bus_path), "00%02x:%02x", 1235 phb->chip_id, phb->phb_id); 1236 return phb->bus_path; 1237 } 1238 1239 static void pnv_phb4_xive_notify(XiveNotifier *xf, uint32_t srcno) 1240 { 1241 PnvPHB4 *phb = PNV_PHB4(xf); 1242 uint64_t notif_port = phb->regs[PHB_INT_NOTIFY_ADDR >> 3]; 1243 uint32_t offset = phb->regs[PHB_INT_NOTIFY_INDEX >> 3]; 1244 uint64_t data = XIVE_TRIGGER_PQ | offset | srcno; 1245 MemTxResult result; 1246 1247 trace_pnv_phb4_xive_notify(notif_port, data); 1248 1249 address_space_stq_be(&address_space_memory, notif_port, data, 1250 MEMTXATTRS_UNSPECIFIED, &result); 1251 if (result != MEMTX_OK) { 1252 phb_error(phb, "trigger failed @%"HWADDR_PRIx "\n", notif_port); 1253 return; 1254 } 1255 } 1256 1257 static Property pnv_phb4_properties[] = { 1258 DEFINE_PROP_UINT32("index", PnvPHB4, phb_id, 0), 1259 DEFINE_PROP_UINT32("chip-id", PnvPHB4, chip_id, 0), 1260 DEFINE_PROP_UINT64("version", PnvPHB4, version, 0), 1261 DEFINE_PROP_LINK("stack", PnvPHB4, stack, TYPE_PNV_PHB4_PEC_STACK, 1262 PnvPhb4PecStack *), 1263 DEFINE_PROP_END_OF_LIST(), 1264 }; 1265 1266 static void pnv_phb4_class_init(ObjectClass *klass, void *data) 1267 { 1268 PCIHostBridgeClass *hc = PCI_HOST_BRIDGE_CLASS(klass); 1269 DeviceClass *dc = DEVICE_CLASS(klass); 1270 XiveNotifierClass *xfc = XIVE_NOTIFIER_CLASS(klass); 1271 1272 hc->root_bus_path = pnv_phb4_root_bus_path; 1273 dc->realize = pnv_phb4_realize; 1274 device_class_set_props(dc, pnv_phb4_properties); 1275 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories); 1276 dc->user_creatable = false; 1277 1278 xfc->notify = pnv_phb4_xive_notify; 1279 } 1280 1281 static const TypeInfo pnv_phb4_type_info = { 1282 .name = TYPE_PNV_PHB4, 1283 .parent = TYPE_PCIE_HOST_BRIDGE, 1284 .instance_init = pnv_phb4_instance_init, 1285 .instance_size = sizeof(PnvPHB4), 1286 .class_init = pnv_phb4_class_init, 1287 .interfaces = (InterfaceInfo[]) { 1288 { TYPE_XIVE_NOTIFIER }, 1289 { }, 1290 } 1291 }; 1292 1293 static void pnv_phb4_root_bus_class_init(ObjectClass *klass, void *data) 1294 { 1295 BusClass *k = BUS_CLASS(klass); 1296 1297 /* 1298 * PHB4 has only a single root complex. Enforce the limit on the 1299 * parent bus 1300 */ 1301 k->max_dev = 1; 1302 } 1303 1304 static const TypeInfo pnv_phb4_root_bus_info = { 1305 .name = TYPE_PNV_PHB4_ROOT_BUS, 1306 .parent = TYPE_PCIE_BUS, 1307 .class_init = pnv_phb4_root_bus_class_init, 1308 .interfaces = (InterfaceInfo[]) { 1309 { INTERFACE_PCIE_DEVICE }, 1310 { } 1311 }, 1312 }; 1313 1314 static void pnv_phb4_root_port_reset(DeviceState *dev) 1315 { 1316 PCIERootPortClass *rpc = PCIE_ROOT_PORT_GET_CLASS(dev); 1317 PCIDevice *d = PCI_DEVICE(dev); 1318 uint8_t *conf = d->config; 1319 1320 rpc->parent_reset(dev); 1321 1322 pci_byte_test_and_set_mask(conf + PCI_IO_BASE, 1323 PCI_IO_RANGE_MASK & 0xff); 1324 pci_byte_test_and_clear_mask(conf + PCI_IO_LIMIT, 1325 PCI_IO_RANGE_MASK & 0xff); 1326 pci_set_word(conf + PCI_MEMORY_BASE, 0); 1327 pci_set_word(conf + PCI_MEMORY_LIMIT, 0xfff0); 1328 pci_set_word(conf + PCI_PREF_MEMORY_BASE, 0x1); 1329 pci_set_word(conf + PCI_PREF_MEMORY_LIMIT, 0xfff1); 1330 pci_set_long(conf + PCI_PREF_BASE_UPPER32, 0x1); /* Hack */ 1331 pci_set_long(conf + PCI_PREF_LIMIT_UPPER32, 0xffffffff); 1332 } 1333 1334 static void pnv_phb4_root_port_realize(DeviceState *dev, Error **errp) 1335 { 1336 PCIERootPortClass *rpc = PCIE_ROOT_PORT_GET_CLASS(dev); 1337 PCIDevice *pci = PCI_DEVICE(dev); 1338 PCIBus *bus = pci_get_bus(pci); 1339 PnvPHB4 *phb = NULL; 1340 Error *local_err = NULL; 1341 1342 phb = (PnvPHB4 *) object_dynamic_cast(OBJECT(bus->qbus.parent), 1343 TYPE_PNV_PHB4); 1344 1345 if (!phb) { 1346 error_setg(errp, "%s must be connected to pnv-phb4 buses", dev->id); 1347 return; 1348 } 1349 1350 /* Set unique chassis/slot values for the root port */ 1351 qdev_prop_set_uint8(&pci->qdev, "chassis", phb->chip_id); 1352 qdev_prop_set_uint16(&pci->qdev, "slot", phb->phb_id); 1353 1354 rpc->parent_realize(dev, &local_err); 1355 if (local_err) { 1356 error_propagate(errp, local_err); 1357 return; 1358 } 1359 } 1360 1361 static void pnv_phb4_root_port_class_init(ObjectClass *klass, void *data) 1362 { 1363 DeviceClass *dc = DEVICE_CLASS(klass); 1364 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); 1365 PCIERootPortClass *rpc = PCIE_ROOT_PORT_CLASS(klass); 1366 1367 dc->desc = "IBM PHB4 PCIE Root Port"; 1368 dc->user_creatable = true; 1369 1370 device_class_set_parent_realize(dc, pnv_phb4_root_port_realize, 1371 &rpc->parent_realize); 1372 device_class_set_parent_reset(dc, pnv_phb4_root_port_reset, 1373 &rpc->parent_reset); 1374 1375 k->vendor_id = PCI_VENDOR_ID_IBM; 1376 k->device_id = PNV_PHB4_DEVICE_ID; 1377 k->revision = 0; 1378 1379 rpc->exp_offset = 0x48; 1380 rpc->aer_offset = 0x100; 1381 1382 dc->reset = &pnv_phb4_root_port_reset; 1383 } 1384 1385 static const TypeInfo pnv_phb4_root_port_info = { 1386 .name = TYPE_PNV_PHB4_ROOT_PORT, 1387 .parent = TYPE_PCIE_ROOT_PORT, 1388 .instance_size = sizeof(PnvPHB4RootPort), 1389 .class_init = pnv_phb4_root_port_class_init, 1390 }; 1391 1392 static void pnv_phb4_register_types(void) 1393 { 1394 type_register_static(&pnv_phb4_root_bus_info); 1395 type_register_static(&pnv_phb4_root_port_info); 1396 type_register_static(&pnv_phb4_type_info); 1397 type_register_static(&pnv_phb4_iommu_memory_region_info); 1398 } 1399 1400 type_init(pnv_phb4_register_types); 1401 1402 void pnv_phb4_update_regions(PnvPhb4PecStack *stack) 1403 { 1404 PnvPHB4 *phb = &stack->phb; 1405 1406 /* Unmap first always */ 1407 if (memory_region_is_mapped(&phb->mr_regs)) { 1408 memory_region_del_subregion(&stack->phbbar, &phb->mr_regs); 1409 } 1410 if (memory_region_is_mapped(&phb->xsrc.esb_mmio)) { 1411 memory_region_del_subregion(&stack->intbar, &phb->xsrc.esb_mmio); 1412 } 1413 1414 /* Map registers if enabled */ 1415 if (memory_region_is_mapped(&stack->phbbar)) { 1416 memory_region_add_subregion(&stack->phbbar, 0, &phb->mr_regs); 1417 } 1418 1419 /* Map ESB if enabled */ 1420 if (memory_region_is_mapped(&stack->intbar)) { 1421 memory_region_add_subregion(&stack->intbar, 0, &phb->xsrc.esb_mmio); 1422 } 1423 1424 /* Check/update m32 */ 1425 pnv_phb4_check_all_mbt(phb); 1426 } 1427 1428 void pnv_phb4_pic_print_info(PnvPHB4 *phb, Monitor *mon) 1429 { 1430 uint32_t offset = phb->regs[PHB_INT_NOTIFY_INDEX >> 3]; 1431 1432 monitor_printf(mon, "PHB4[%x:%x] Source %08x .. %08x\n", 1433 phb->chip_id, phb->phb_id, 1434 offset, offset + phb->xsrc.nr_irqs - 1); 1435 xive_source_pic_print_info(&phb->xsrc, 0, mon); 1436 } 1437