1 /* 2 * pcie.c 3 * 4 * Copyright (c) 2010 Isaku Yamahata <yamahata at valinux co jp> 5 * VA Linux Systems Japan K.K. 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License along 18 * with this program; if not, see <http://www.gnu.org/licenses/>. 19 */ 20 21 #include "qemu/osdep.h" 22 #include "qapi/error.h" 23 #include "hw/pci/pci_bridge.h" 24 #include "hw/pci/pcie.h" 25 #include "hw/pci/msix.h" 26 #include "hw/pci/msi.h" 27 #include "hw/pci/pci_bus.h" 28 #include "hw/pci/pcie_regs.h" 29 #include "hw/pci/pcie_port.h" 30 #include "qemu/range.h" 31 32 //#define DEBUG_PCIE 33 #ifdef DEBUG_PCIE 34 # define PCIE_DPRINTF(fmt, ...) \ 35 fprintf(stderr, "%s:%d " fmt, __func__, __LINE__, ## __VA_ARGS__) 36 #else 37 # define PCIE_DPRINTF(fmt, ...) do {} while (0) 38 #endif 39 #define PCIE_DEV_PRINTF(dev, fmt, ...) \ 40 PCIE_DPRINTF("%s:%x "fmt, (dev)->name, (dev)->devfn, ## __VA_ARGS__) 41 42 43 /*************************************************************************** 44 * pci express capability helper functions 45 */ 46 47 static void 48 pcie_cap_v1_fill(PCIDevice *dev, uint8_t port, uint8_t type, uint8_t version) 49 { 50 uint8_t *exp_cap = dev->config + dev->exp.exp_cap; 51 uint8_t *cmask = dev->cmask + dev->exp.exp_cap; 52 53 /* capability register 54 interrupt message number defaults to 0 */ 55 pci_set_word(exp_cap + PCI_EXP_FLAGS, 56 ((type << PCI_EXP_FLAGS_TYPE_SHIFT) & PCI_EXP_FLAGS_TYPE) | 57 version); 58 59 /* device capability register 60 * table 7-12: 61 * roll based error reporting bit must be set by all 62 * Functions conforming to the ECN, PCI Express Base 63 * Specification, Revision 1.1., or subsequent PCI Express Base 64 * Specification revisions. 65 */ 66 pci_set_long(exp_cap + PCI_EXP_DEVCAP, PCI_EXP_DEVCAP_RBER); 67 68 pci_set_long(exp_cap + PCI_EXP_LNKCAP, 69 (port << PCI_EXP_LNKCAP_PN_SHIFT) | 70 PCI_EXP_LNKCAP_ASPMS_0S | 71 QEMU_PCI_EXP_LNKCAP_MLW(QEMU_PCI_EXP_LNK_X1) | 72 QEMU_PCI_EXP_LNKCAP_MLS(QEMU_PCI_EXP_LNK_2_5GT)); 73 74 pci_set_word(exp_cap + PCI_EXP_LNKSTA, 75 QEMU_PCI_EXP_LNKSTA_NLW(QEMU_PCI_EXP_LNK_X1) | 76 QEMU_PCI_EXP_LNKSTA_CLS(QEMU_PCI_EXP_LNK_2_5GT)); 77 78 if (dev->cap_present & QEMU_PCIE_LNKSTA_DLLLA) { 79 pci_word_test_and_set_mask(exp_cap + PCI_EXP_LNKSTA, 80 PCI_EXP_LNKSTA_DLLLA); 81 } 82 83 /* We changed link status bits over time, and changing them across 84 * migrations is generally fine as hardware changes them too. 85 * Let's not bother checking. 86 */ 87 pci_set_word(cmask + PCI_EXP_LNKSTA, 0); 88 } 89 90 static void pcie_cap_fill_slot_lnk(PCIDevice *dev) 91 { 92 PCIESlot *s = (PCIESlot *)object_dynamic_cast(OBJECT(dev), TYPE_PCIE_SLOT); 93 uint8_t *exp_cap = dev->config + dev->exp.exp_cap; 94 95 /* Skip anything that isn't a PCIESlot */ 96 if (!s) { 97 return; 98 } 99 100 /* Clear and fill LNKCAP from what was configured above */ 101 pci_long_test_and_clear_mask(exp_cap + PCI_EXP_LNKCAP, 102 PCI_EXP_LNKCAP_MLW | PCI_EXP_LNKCAP_SLS); 103 pci_long_test_and_set_mask(exp_cap + PCI_EXP_LNKCAP, 104 QEMU_PCI_EXP_LNKCAP_MLW(s->width) | 105 QEMU_PCI_EXP_LNKCAP_MLS(s->speed)); 106 107 /* 108 * Link bandwidth notification is required for all root ports and 109 * downstream ports supporting links wider than x1 or multiple link 110 * speeds. 111 */ 112 if (s->width > QEMU_PCI_EXP_LNK_X1 || 113 s->speed > QEMU_PCI_EXP_LNK_2_5GT) { 114 pci_long_test_and_set_mask(exp_cap + PCI_EXP_LNKCAP, 115 PCI_EXP_LNKCAP_LBNC); 116 } 117 118 if (s->speed > QEMU_PCI_EXP_LNK_2_5GT) { 119 /* 120 * Hot-plug capable downstream ports and downstream ports supporting 121 * link speeds greater than 5GT/s must hardwire PCI_EXP_LNKCAP_DLLLARC 122 * to 1b. PCI_EXP_LNKCAP_DLLLARC implies PCI_EXP_LNKSTA_DLLLA, which 123 * we also hardwire to 1b here. 2.5GT/s hot-plug slots should also 124 * technically implement this, but it's not done here for compatibility. 125 */ 126 pci_long_test_and_set_mask(exp_cap + PCI_EXP_LNKCAP, 127 PCI_EXP_LNKCAP_DLLLARC); 128 pci_word_test_and_set_mask(exp_cap + PCI_EXP_LNKSTA, 129 PCI_EXP_LNKSTA_DLLLA); 130 131 /* 132 * Target Link Speed defaults to the highest link speed supported by 133 * the component. 2.5GT/s devices are permitted to hardwire to zero. 134 */ 135 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_LNKCTL2, 136 PCI_EXP_LNKCTL2_TLS); 137 pci_word_test_and_set_mask(exp_cap + PCI_EXP_LNKCTL2, 138 QEMU_PCI_EXP_LNKCAP_MLS(s->speed) & 139 PCI_EXP_LNKCTL2_TLS); 140 } 141 142 /* 143 * 2.5 & 5.0GT/s can be fully described by LNKCAP, but 8.0GT/s is 144 * actually a reference to the highest bit supported in this register. 145 * We assume the device supports all link speeds. 146 */ 147 if (s->speed > QEMU_PCI_EXP_LNK_5GT) { 148 pci_long_test_and_clear_mask(exp_cap + PCI_EXP_LNKCAP2, ~0U); 149 pci_long_test_and_set_mask(exp_cap + PCI_EXP_LNKCAP2, 150 PCI_EXP_LNKCAP2_SLS_2_5GB | 151 PCI_EXP_LNKCAP2_SLS_5_0GB | 152 PCI_EXP_LNKCAP2_SLS_8_0GB); 153 if (s->speed > QEMU_PCI_EXP_LNK_8GT) { 154 pci_long_test_and_set_mask(exp_cap + PCI_EXP_LNKCAP2, 155 PCI_EXP_LNKCAP2_SLS_16_0GB); 156 } 157 } 158 } 159 160 int pcie_cap_init(PCIDevice *dev, uint8_t offset, 161 uint8_t type, uint8_t port, 162 Error **errp) 163 { 164 /* PCIe cap v2 init */ 165 int pos; 166 uint8_t *exp_cap; 167 168 assert(pci_is_express(dev)); 169 170 pos = pci_add_capability(dev, PCI_CAP_ID_EXP, offset, 171 PCI_EXP_VER2_SIZEOF, errp); 172 if (pos < 0) { 173 return pos; 174 } 175 dev->exp.exp_cap = pos; 176 exp_cap = dev->config + pos; 177 178 /* Filling values common with v1 */ 179 pcie_cap_v1_fill(dev, port, type, PCI_EXP_FLAGS_VER2); 180 181 /* Fill link speed and width options */ 182 pcie_cap_fill_slot_lnk(dev); 183 184 /* Filling v2 specific values */ 185 pci_set_long(exp_cap + PCI_EXP_DEVCAP2, 186 PCI_EXP_DEVCAP2_EFF | PCI_EXP_DEVCAP2_EETLPP); 187 188 pci_set_word(dev->wmask + pos + PCI_EXP_DEVCTL2, PCI_EXP_DEVCTL2_EETLPPB); 189 190 if (dev->cap_present & QEMU_PCIE_EXTCAP_INIT) { 191 /* read-only to behave like a 'NULL' Extended Capability Header */ 192 pci_set_long(dev->wmask + PCI_CONFIG_SPACE_SIZE, 0); 193 } 194 195 return pos; 196 } 197 198 int pcie_cap_v1_init(PCIDevice *dev, uint8_t offset, uint8_t type, 199 uint8_t port) 200 { 201 /* PCIe cap v1 init */ 202 int pos; 203 Error *local_err = NULL; 204 205 assert(pci_is_express(dev)); 206 207 pos = pci_add_capability(dev, PCI_CAP_ID_EXP, offset, 208 PCI_EXP_VER1_SIZEOF, &local_err); 209 if (pos < 0) { 210 error_report_err(local_err); 211 return pos; 212 } 213 dev->exp.exp_cap = pos; 214 215 pcie_cap_v1_fill(dev, port, type, PCI_EXP_FLAGS_VER1); 216 217 return pos; 218 } 219 220 static int 221 pcie_endpoint_cap_common_init(PCIDevice *dev, uint8_t offset, uint8_t cap_size) 222 { 223 uint8_t type = PCI_EXP_TYPE_ENDPOINT; 224 Error *local_err = NULL; 225 int ret; 226 227 /* 228 * Windows guests will report Code 10, device cannot start, if 229 * a regular Endpoint type is exposed on a root complex. These 230 * should instead be Root Complex Integrated Endpoints. 231 */ 232 if (pci_bus_is_express(pci_get_bus(dev)) 233 && pci_bus_is_root(pci_get_bus(dev))) { 234 type = PCI_EXP_TYPE_RC_END; 235 } 236 237 if (cap_size == PCI_EXP_VER1_SIZEOF) { 238 return pcie_cap_v1_init(dev, offset, type, 0); 239 } else { 240 ret = pcie_cap_init(dev, offset, type, 0, &local_err); 241 242 if (ret < 0) { 243 error_report_err(local_err); 244 } 245 246 return ret; 247 } 248 } 249 250 int pcie_endpoint_cap_init(PCIDevice *dev, uint8_t offset) 251 { 252 return pcie_endpoint_cap_common_init(dev, offset, PCI_EXP_VER2_SIZEOF); 253 } 254 255 int pcie_endpoint_cap_v1_init(PCIDevice *dev, uint8_t offset) 256 { 257 return pcie_endpoint_cap_common_init(dev, offset, PCI_EXP_VER1_SIZEOF); 258 } 259 260 void pcie_cap_exit(PCIDevice *dev) 261 { 262 pci_del_capability(dev, PCI_CAP_ID_EXP, PCI_EXP_VER2_SIZEOF); 263 } 264 265 void pcie_cap_v1_exit(PCIDevice *dev) 266 { 267 pci_del_capability(dev, PCI_CAP_ID_EXP, PCI_EXP_VER1_SIZEOF); 268 } 269 270 uint8_t pcie_cap_get_type(const PCIDevice *dev) 271 { 272 uint32_t pos = dev->exp.exp_cap; 273 assert(pos > 0); 274 return (pci_get_word(dev->config + pos + PCI_EXP_FLAGS) & 275 PCI_EXP_FLAGS_TYPE) >> PCI_EXP_FLAGS_TYPE_SHIFT; 276 } 277 278 /* MSI/MSI-X */ 279 /* pci express interrupt message number */ 280 /* 7.8.2 PCI Express Capabilities Register: Interrupt Message Number */ 281 void pcie_cap_flags_set_vector(PCIDevice *dev, uint8_t vector) 282 { 283 uint8_t *exp_cap = dev->config + dev->exp.exp_cap; 284 assert(vector < 32); 285 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_FLAGS, PCI_EXP_FLAGS_IRQ); 286 pci_word_test_and_set_mask(exp_cap + PCI_EXP_FLAGS, 287 vector << PCI_EXP_FLAGS_IRQ_SHIFT); 288 } 289 290 uint8_t pcie_cap_flags_get_vector(PCIDevice *dev) 291 { 292 return (pci_get_word(dev->config + dev->exp.exp_cap + PCI_EXP_FLAGS) & 293 PCI_EXP_FLAGS_IRQ) >> PCI_EXP_FLAGS_IRQ_SHIFT; 294 } 295 296 void pcie_cap_deverr_init(PCIDevice *dev) 297 { 298 uint32_t pos = dev->exp.exp_cap; 299 pci_long_test_and_set_mask(dev->config + pos + PCI_EXP_DEVCAP, 300 PCI_EXP_DEVCAP_RBER); 301 pci_long_test_and_set_mask(dev->wmask + pos + PCI_EXP_DEVCTL, 302 PCI_EXP_DEVCTL_CERE | PCI_EXP_DEVCTL_NFERE | 303 PCI_EXP_DEVCTL_FERE | PCI_EXP_DEVCTL_URRE); 304 pci_long_test_and_set_mask(dev->w1cmask + pos + PCI_EXP_DEVSTA, 305 PCI_EXP_DEVSTA_CED | PCI_EXP_DEVSTA_NFED | 306 PCI_EXP_DEVSTA_FED | PCI_EXP_DEVSTA_URD); 307 } 308 309 void pcie_cap_deverr_reset(PCIDevice *dev) 310 { 311 uint8_t *devctl = dev->config + dev->exp.exp_cap + PCI_EXP_DEVCTL; 312 pci_long_test_and_clear_mask(devctl, 313 PCI_EXP_DEVCTL_CERE | PCI_EXP_DEVCTL_NFERE | 314 PCI_EXP_DEVCTL_FERE | PCI_EXP_DEVCTL_URRE); 315 } 316 317 void pcie_cap_lnkctl_init(PCIDevice *dev) 318 { 319 uint32_t pos = dev->exp.exp_cap; 320 pci_long_test_and_set_mask(dev->wmask + pos + PCI_EXP_LNKCTL, 321 PCI_EXP_LNKCTL_CCC | PCI_EXP_LNKCTL_ES); 322 } 323 324 void pcie_cap_lnkctl_reset(PCIDevice *dev) 325 { 326 uint8_t *lnkctl = dev->config + dev->exp.exp_cap + PCI_EXP_LNKCTL; 327 pci_long_test_and_clear_mask(lnkctl, 328 PCI_EXP_LNKCTL_CCC | PCI_EXP_LNKCTL_ES); 329 } 330 331 static void hotplug_event_update_event_status(PCIDevice *dev) 332 { 333 uint32_t pos = dev->exp.exp_cap; 334 uint8_t *exp_cap = dev->config + pos; 335 uint16_t sltctl = pci_get_word(exp_cap + PCI_EXP_SLTCTL); 336 uint16_t sltsta = pci_get_word(exp_cap + PCI_EXP_SLTSTA); 337 338 dev->exp.hpev_notified = (sltctl & PCI_EXP_SLTCTL_HPIE) && 339 (sltsta & sltctl & PCI_EXP_HP_EV_SUPPORTED); 340 } 341 342 static void hotplug_event_notify(PCIDevice *dev) 343 { 344 bool prev = dev->exp.hpev_notified; 345 346 hotplug_event_update_event_status(dev); 347 348 if (prev == dev->exp.hpev_notified) { 349 return; 350 } 351 352 /* Note: the logic above does not take into account whether interrupts 353 * are masked. The result is that interrupt will be sent when it is 354 * subsequently unmasked. This appears to be legal: Section 6.7.3.4: 355 * The Port may optionally send an MSI when there are hot-plug events that 356 * occur while interrupt generation is disabled, and interrupt generation is 357 * subsequently enabled. */ 358 if (msix_enabled(dev)) { 359 msix_notify(dev, pcie_cap_flags_get_vector(dev)); 360 } else if (msi_enabled(dev)) { 361 msi_notify(dev, pcie_cap_flags_get_vector(dev)); 362 } else { 363 pci_set_irq(dev, dev->exp.hpev_notified); 364 } 365 } 366 367 static void hotplug_event_clear(PCIDevice *dev) 368 { 369 hotplug_event_update_event_status(dev); 370 if (!msix_enabled(dev) && !msi_enabled(dev) && !dev->exp.hpev_notified) { 371 pci_irq_deassert(dev); 372 } 373 } 374 375 /* 376 * A PCI Express Hot-Plug Event has occurred, so update slot status register 377 * and notify OS of the event if necessary. 378 * 379 * 6.7.3 PCI Express Hot-Plug Events 380 * 6.7.3.4 Software Notification of Hot-Plug Events 381 */ 382 static void pcie_cap_slot_event(PCIDevice *dev, PCIExpressHotPlugEvent event) 383 { 384 /* Minor optimization: if nothing changed - no event is needed. */ 385 if (pci_word_test_and_set_mask(dev->config + dev->exp.exp_cap + 386 PCI_EXP_SLTSTA, event) == event) { 387 return; 388 } 389 hotplug_event_notify(dev); 390 } 391 392 static void pcie_cap_slot_plug_common(PCIDevice *hotplug_dev, DeviceState *dev, 393 Error **errp) 394 { 395 uint8_t *exp_cap = hotplug_dev->config + hotplug_dev->exp.exp_cap; 396 uint16_t sltsta = pci_get_word(exp_cap + PCI_EXP_SLTSTA); 397 398 PCIE_DEV_PRINTF(PCI_DEVICE(dev), "hotplug state: 0x%x\n", sltsta); 399 if (sltsta & PCI_EXP_SLTSTA_EIS) { 400 /* the slot is electromechanically locked. 401 * This error is propagated up to qdev and then to HMP/QMP. 402 */ 403 error_setg_errno(errp, EBUSY, "slot is electromechanically locked"); 404 } 405 } 406 407 void pcie_cap_slot_pre_plug_cb(HotplugHandler *hotplug_dev, DeviceState *dev, 408 Error **errp) 409 { 410 pcie_cap_slot_plug_common(PCI_DEVICE(hotplug_dev), dev, errp); 411 } 412 413 void pcie_cap_slot_plug_cb(HotplugHandler *hotplug_dev, DeviceState *dev, 414 Error **errp) 415 { 416 PCIDevice *hotplug_pdev = PCI_DEVICE(hotplug_dev); 417 uint8_t *exp_cap = hotplug_pdev->config + hotplug_pdev->exp.exp_cap; 418 PCIDevice *pci_dev = PCI_DEVICE(dev); 419 420 /* Don't send event when device is enabled during qemu machine creation: 421 * it is present on boot, no hotplug event is necessary. We do send an 422 * event when the device is disabled later. */ 423 if (!dev->hotplugged) { 424 pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTSTA, 425 PCI_EXP_SLTSTA_PDS); 426 if (pci_dev->cap_present & QEMU_PCIE_LNKSTA_DLLLA) { 427 pci_word_test_and_set_mask(exp_cap + PCI_EXP_LNKSTA, 428 PCI_EXP_LNKSTA_DLLLA); 429 } 430 return; 431 } 432 433 /* To enable multifunction hot-plug, we just ensure the function 434 * 0 added last. When function 0 is added, we set the sltsta and 435 * inform OS via event notification. 436 */ 437 if (pci_get_function_0(pci_dev)) { 438 pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTSTA, 439 PCI_EXP_SLTSTA_PDS); 440 if (pci_dev->cap_present & QEMU_PCIE_LNKSTA_DLLLA) { 441 pci_word_test_and_set_mask(exp_cap + PCI_EXP_LNKSTA, 442 PCI_EXP_LNKSTA_DLLLA); 443 } 444 pcie_cap_slot_event(PCI_DEVICE(hotplug_dev), 445 PCI_EXP_HP_EV_PDC | PCI_EXP_HP_EV_ABP); 446 } 447 } 448 449 void pcie_cap_slot_unplug_cb(HotplugHandler *hotplug_dev, DeviceState *dev, 450 Error **errp) 451 { 452 object_property_set_bool(OBJECT(dev), false, "realized", NULL); 453 } 454 455 static void pcie_unplug_device(PCIBus *bus, PCIDevice *dev, void *opaque) 456 { 457 HotplugHandler *hotplug_ctrl = qdev_get_hotplug_handler(DEVICE(dev)); 458 459 hotplug_handler_unplug(hotplug_ctrl, DEVICE(dev), &error_abort); 460 object_unparent(OBJECT(dev)); 461 } 462 463 void pcie_cap_slot_unplug_request_cb(HotplugHandler *hotplug_dev, 464 DeviceState *dev, Error **errp) 465 { 466 Error *local_err = NULL; 467 PCIDevice *pci_dev = PCI_DEVICE(dev); 468 PCIBus *bus = pci_get_bus(pci_dev); 469 470 pcie_cap_slot_plug_common(PCI_DEVICE(hotplug_dev), dev, &local_err); 471 if (local_err) { 472 error_propagate(errp, local_err); 473 return; 474 } 475 476 /* In case user cancel the operation of multi-function hot-add, 477 * remove the function that is unexposed to guest individually, 478 * without interaction with guest. 479 */ 480 if (pci_dev->devfn && 481 !bus->devices[0]) { 482 pcie_unplug_device(bus, pci_dev, NULL); 483 484 return; 485 } 486 487 pcie_cap_slot_push_attention_button(PCI_DEVICE(hotplug_dev)); 488 } 489 490 /* pci express slot for pci express root/downstream port 491 PCI express capability slot registers */ 492 void pcie_cap_slot_init(PCIDevice *dev, uint16_t slot) 493 { 494 uint32_t pos = dev->exp.exp_cap; 495 496 pci_word_test_and_set_mask(dev->config + pos + PCI_EXP_FLAGS, 497 PCI_EXP_FLAGS_SLOT); 498 499 pci_long_test_and_clear_mask(dev->config + pos + PCI_EXP_SLTCAP, 500 ~PCI_EXP_SLTCAP_PSN); 501 pci_long_test_and_set_mask(dev->config + pos + PCI_EXP_SLTCAP, 502 (slot << PCI_EXP_SLTCAP_PSN_SHIFT) | 503 PCI_EXP_SLTCAP_EIP | 504 PCI_EXP_SLTCAP_HPS | 505 PCI_EXP_SLTCAP_HPC | 506 PCI_EXP_SLTCAP_PIP | 507 PCI_EXP_SLTCAP_AIP | 508 PCI_EXP_SLTCAP_ABP); 509 510 if (dev->cap_present & QEMU_PCIE_SLTCAP_PCP) { 511 pci_long_test_and_set_mask(dev->config + pos + PCI_EXP_SLTCAP, 512 PCI_EXP_SLTCAP_PCP); 513 pci_word_test_and_clear_mask(dev->config + pos + PCI_EXP_SLTCTL, 514 PCI_EXP_SLTCTL_PCC); 515 pci_word_test_and_set_mask(dev->wmask + pos + PCI_EXP_SLTCTL, 516 PCI_EXP_SLTCTL_PCC); 517 } 518 519 pci_word_test_and_clear_mask(dev->config + pos + PCI_EXP_SLTCTL, 520 PCI_EXP_SLTCTL_PIC | 521 PCI_EXP_SLTCTL_AIC); 522 pci_word_test_and_set_mask(dev->config + pos + PCI_EXP_SLTCTL, 523 PCI_EXP_SLTCTL_PIC_OFF | 524 PCI_EXP_SLTCTL_AIC_OFF); 525 pci_word_test_and_set_mask(dev->wmask + pos + PCI_EXP_SLTCTL, 526 PCI_EXP_SLTCTL_PIC | 527 PCI_EXP_SLTCTL_AIC | 528 PCI_EXP_SLTCTL_HPIE | 529 PCI_EXP_SLTCTL_CCIE | 530 PCI_EXP_SLTCTL_PDCE | 531 PCI_EXP_SLTCTL_ABPE); 532 /* Although reading PCI_EXP_SLTCTL_EIC returns always 0, 533 * make the bit writable here in order to detect 1b is written. 534 * pcie_cap_slot_write_config() test-and-clear the bit, so 535 * this bit always returns 0 to the guest. 536 */ 537 pci_word_test_and_set_mask(dev->wmask + pos + PCI_EXP_SLTCTL, 538 PCI_EXP_SLTCTL_EIC); 539 540 pci_word_test_and_set_mask(dev->w1cmask + pos + PCI_EXP_SLTSTA, 541 PCI_EXP_HP_EV_SUPPORTED); 542 543 dev->exp.hpev_notified = false; 544 545 qbus_set_hotplug_handler(BUS(pci_bridge_get_sec_bus(PCI_BRIDGE(dev))), 546 OBJECT(dev), NULL); 547 } 548 549 void pcie_cap_slot_reset(PCIDevice *dev) 550 { 551 uint8_t *exp_cap = dev->config + dev->exp.exp_cap; 552 uint8_t port_type = pcie_cap_get_type(dev); 553 554 assert(port_type == PCI_EXP_TYPE_DOWNSTREAM || 555 port_type == PCI_EXP_TYPE_ROOT_PORT); 556 557 PCIE_DEV_PRINTF(dev, "reset\n"); 558 559 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_SLTCTL, 560 PCI_EXP_SLTCTL_EIC | 561 PCI_EXP_SLTCTL_PIC | 562 PCI_EXP_SLTCTL_AIC | 563 PCI_EXP_SLTCTL_HPIE | 564 PCI_EXP_SLTCTL_CCIE | 565 PCI_EXP_SLTCTL_PDCE | 566 PCI_EXP_SLTCTL_ABPE); 567 pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTCTL, 568 PCI_EXP_SLTCTL_AIC_OFF); 569 570 if (dev->cap_present & QEMU_PCIE_SLTCAP_PCP) { 571 /* Downstream ports enforce device number 0. */ 572 bool populated = pci_bridge_get_sec_bus(PCI_BRIDGE(dev))->devices[0]; 573 uint16_t pic; 574 575 if (populated) { 576 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_SLTCTL, 577 PCI_EXP_SLTCTL_PCC); 578 } else { 579 pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTCTL, 580 PCI_EXP_SLTCTL_PCC); 581 } 582 583 pic = populated ? PCI_EXP_SLTCTL_PIC_ON : PCI_EXP_SLTCTL_PIC_OFF; 584 pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTCTL, pic); 585 } 586 587 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_SLTSTA, 588 PCI_EXP_SLTSTA_EIS |/* on reset, 589 the lock is released */ 590 PCI_EXP_SLTSTA_CC | 591 PCI_EXP_SLTSTA_PDC | 592 PCI_EXP_SLTSTA_ABP); 593 594 hotplug_event_update_event_status(dev); 595 } 596 597 void pcie_cap_slot_get(PCIDevice *dev, uint16_t *slt_ctl, uint16_t *slt_sta) 598 { 599 uint32_t pos = dev->exp.exp_cap; 600 uint8_t *exp_cap = dev->config + pos; 601 *slt_ctl = pci_get_word(exp_cap + PCI_EXP_SLTCTL); 602 *slt_sta = pci_get_word(exp_cap + PCI_EXP_SLTSTA); 603 } 604 605 void pcie_cap_slot_write_config(PCIDevice *dev, 606 uint16_t old_slt_ctl, uint16_t old_slt_sta, 607 uint32_t addr, uint32_t val, int len) 608 { 609 uint32_t pos = dev->exp.exp_cap; 610 uint8_t *exp_cap = dev->config + pos; 611 uint16_t sltsta = pci_get_word(exp_cap + PCI_EXP_SLTSTA); 612 613 if (ranges_overlap(addr, len, pos + PCI_EXP_SLTSTA, 2)) { 614 /* 615 * Guests tend to clears all bits during init. 616 * If they clear bits that weren't set this is racy and will lose events: 617 * not a big problem for manual button presses, but a problem for us. 618 * As a work-around, detect this and revert status to what it was 619 * before the write. 620 * 621 * Note: in theory this can be detected as a duplicate button press 622 * which cancels the previous press. Does not seem to happen in 623 * practice as guests seem to only have this bug during init. 624 */ 625 #define PCIE_SLOT_EVENTS (PCI_EXP_SLTSTA_ABP | PCI_EXP_SLTSTA_PFD | \ 626 PCI_EXP_SLTSTA_MRLSC | PCI_EXP_SLTSTA_PDC | \ 627 PCI_EXP_SLTSTA_CC) 628 629 if (val & ~old_slt_sta & PCIE_SLOT_EVENTS) { 630 sltsta = (sltsta & ~PCIE_SLOT_EVENTS) | (old_slt_sta & PCIE_SLOT_EVENTS); 631 pci_set_word(exp_cap + PCI_EXP_SLTSTA, sltsta); 632 } 633 hotplug_event_clear(dev); 634 } 635 636 if (!ranges_overlap(addr, len, pos + PCI_EXP_SLTCTL, 2)) { 637 return; 638 } 639 640 if (pci_word_test_and_clear_mask(exp_cap + PCI_EXP_SLTCTL, 641 PCI_EXP_SLTCTL_EIC)) { 642 sltsta ^= PCI_EXP_SLTSTA_EIS; /* toggle PCI_EXP_SLTSTA_EIS bit */ 643 pci_set_word(exp_cap + PCI_EXP_SLTSTA, sltsta); 644 PCIE_DEV_PRINTF(dev, "PCI_EXP_SLTCTL_EIC: " 645 "sltsta -> 0x%02"PRIx16"\n", 646 sltsta); 647 } 648 649 /* 650 * If the slot is populated, power indicator is off and power 651 * controller is off, it is safe to detach the devices. 652 * 653 * Note: don't detach if condition was already true: 654 * this is a work around for guests that overwrite 655 * control of powered off slots before powering them on. 656 */ 657 if ((sltsta & PCI_EXP_SLTSTA_PDS) && (val & PCI_EXP_SLTCTL_PCC) && 658 (val & PCI_EXP_SLTCTL_PIC_OFF) == PCI_EXP_SLTCTL_PIC_OFF && 659 (!(old_slt_ctl & PCI_EXP_SLTCTL_PCC) || 660 (old_slt_ctl & PCI_EXP_SLTCTL_PIC_OFF) != PCI_EXP_SLTCTL_PIC_OFF)) { 661 PCIBus *sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(dev)); 662 pci_for_each_device(sec_bus, pci_bus_num(sec_bus), 663 pcie_unplug_device, NULL); 664 665 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_SLTSTA, 666 PCI_EXP_SLTSTA_PDS); 667 if (dev->cap_present & QEMU_PCIE_LNKSTA_DLLLA) { 668 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_LNKSTA, 669 PCI_EXP_LNKSTA_DLLLA); 670 } 671 pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTSTA, 672 PCI_EXP_SLTSTA_PDC); 673 } 674 675 hotplug_event_notify(dev); 676 677 /* 678 * 6.7.3.2 Command Completed Events 679 * 680 * Software issues a command to a hot-plug capable Downstream Port by 681 * issuing a write transaction that targets any portion of the Port’s Slot 682 * Control register. A single write to the Slot Control register is 683 * considered to be a single command, even if the write affects more than 684 * one field in the Slot Control register. In response to this transaction, 685 * the Port must carry out the requested actions and then set the 686 * associated status field for the command completed event. */ 687 688 /* Real hardware might take a while to complete requested command because 689 * physical movement would be involved like locking the electromechanical 690 * lock. However in our case, command is completed instantaneously above, 691 * so send a command completion event right now. 692 */ 693 pcie_cap_slot_event(dev, PCI_EXP_HP_EV_CCI); 694 } 695 696 int pcie_cap_slot_post_load(void *opaque, int version_id) 697 { 698 PCIDevice *dev = opaque; 699 hotplug_event_update_event_status(dev); 700 return 0; 701 } 702 703 void pcie_cap_slot_push_attention_button(PCIDevice *dev) 704 { 705 pcie_cap_slot_event(dev, PCI_EXP_HP_EV_ABP); 706 } 707 708 /* root control/capabilities/status. PME isn't emulated for now */ 709 void pcie_cap_root_init(PCIDevice *dev) 710 { 711 pci_set_word(dev->wmask + dev->exp.exp_cap + PCI_EXP_RTCTL, 712 PCI_EXP_RTCTL_SECEE | PCI_EXP_RTCTL_SENFEE | 713 PCI_EXP_RTCTL_SEFEE); 714 } 715 716 void pcie_cap_root_reset(PCIDevice *dev) 717 { 718 pci_set_word(dev->config + dev->exp.exp_cap + PCI_EXP_RTCTL, 0); 719 } 720 721 /* function level reset(FLR) */ 722 void pcie_cap_flr_init(PCIDevice *dev) 723 { 724 pci_long_test_and_set_mask(dev->config + dev->exp.exp_cap + PCI_EXP_DEVCAP, 725 PCI_EXP_DEVCAP_FLR); 726 727 /* Although reading BCR_FLR returns always 0, 728 * the bit is made writable here in order to detect the 1b is written 729 * pcie_cap_flr_write_config() test-and-clear the bit, so 730 * this bit always returns 0 to the guest. 731 */ 732 pci_word_test_and_set_mask(dev->wmask + dev->exp.exp_cap + PCI_EXP_DEVCTL, 733 PCI_EXP_DEVCTL_BCR_FLR); 734 } 735 736 void pcie_cap_flr_write_config(PCIDevice *dev, 737 uint32_t addr, uint32_t val, int len) 738 { 739 uint8_t *devctl = dev->config + dev->exp.exp_cap + PCI_EXP_DEVCTL; 740 if (pci_get_word(devctl) & PCI_EXP_DEVCTL_BCR_FLR) { 741 /* Clear PCI_EXP_DEVCTL_BCR_FLR after invoking the reset handler 742 so the handler can detect FLR by looking at this bit. */ 743 pci_device_reset(dev); 744 pci_word_test_and_clear_mask(devctl, PCI_EXP_DEVCTL_BCR_FLR); 745 } 746 } 747 748 /* Alternative Routing-ID Interpretation (ARI) 749 * forwarding support for root and downstream ports 750 */ 751 void pcie_cap_arifwd_init(PCIDevice *dev) 752 { 753 uint32_t pos = dev->exp.exp_cap; 754 pci_long_test_and_set_mask(dev->config + pos + PCI_EXP_DEVCAP2, 755 PCI_EXP_DEVCAP2_ARI); 756 pci_long_test_and_set_mask(dev->wmask + pos + PCI_EXP_DEVCTL2, 757 PCI_EXP_DEVCTL2_ARI); 758 } 759 760 void pcie_cap_arifwd_reset(PCIDevice *dev) 761 { 762 uint8_t *devctl2 = dev->config + dev->exp.exp_cap + PCI_EXP_DEVCTL2; 763 pci_long_test_and_clear_mask(devctl2, PCI_EXP_DEVCTL2_ARI); 764 } 765 766 bool pcie_cap_is_arifwd_enabled(const PCIDevice *dev) 767 { 768 if (!pci_is_express(dev)) { 769 return false; 770 } 771 if (!dev->exp.exp_cap) { 772 return false; 773 } 774 775 return pci_get_long(dev->config + dev->exp.exp_cap + PCI_EXP_DEVCTL2) & 776 PCI_EXP_DEVCTL2_ARI; 777 } 778 779 /************************************************************************** 780 * pci express extended capability list management functions 781 * uint16_t ext_cap_id (16 bit) 782 * uint8_t cap_ver (4 bit) 783 * uint16_t cap_offset (12 bit) 784 * uint16_t ext_cap_size 785 */ 786 787 /* Passing a cap_id value > 0xffff will return 0 and put end of list in prev */ 788 static uint16_t pcie_find_capability_list(PCIDevice *dev, uint32_t cap_id, 789 uint16_t *prev_p) 790 { 791 uint16_t prev = 0; 792 uint16_t next; 793 uint32_t header = pci_get_long(dev->config + PCI_CONFIG_SPACE_SIZE); 794 795 if (!header) { 796 /* no extended capability */ 797 next = 0; 798 goto out; 799 } 800 for (next = PCI_CONFIG_SPACE_SIZE; next; 801 prev = next, next = PCI_EXT_CAP_NEXT(header)) { 802 803 assert(next >= PCI_CONFIG_SPACE_SIZE); 804 assert(next <= PCIE_CONFIG_SPACE_SIZE - 8); 805 806 header = pci_get_long(dev->config + next); 807 if (PCI_EXT_CAP_ID(header) == cap_id) { 808 break; 809 } 810 } 811 812 out: 813 if (prev_p) { 814 *prev_p = prev; 815 } 816 return next; 817 } 818 819 uint16_t pcie_find_capability(PCIDevice *dev, uint16_t cap_id) 820 { 821 return pcie_find_capability_list(dev, cap_id, NULL); 822 } 823 824 static void pcie_ext_cap_set_next(PCIDevice *dev, uint16_t pos, uint16_t next) 825 { 826 uint32_t header = pci_get_long(dev->config + pos); 827 assert(!(next & (PCI_EXT_CAP_ALIGN - 1))); 828 header = (header & ~PCI_EXT_CAP_NEXT_MASK) | 829 ((next << PCI_EXT_CAP_NEXT_SHIFT) & PCI_EXT_CAP_NEXT_MASK); 830 pci_set_long(dev->config + pos, header); 831 } 832 833 /* 834 * Caller must supply valid (offset, size) such that the range wouldn't 835 * overlap with other capability or other registers. 836 * This function doesn't check it. 837 */ 838 void pcie_add_capability(PCIDevice *dev, 839 uint16_t cap_id, uint8_t cap_ver, 840 uint16_t offset, uint16_t size) 841 { 842 assert(offset >= PCI_CONFIG_SPACE_SIZE); 843 assert(offset < offset + size); 844 assert(offset + size <= PCIE_CONFIG_SPACE_SIZE); 845 assert(size >= 8); 846 assert(pci_is_express(dev)); 847 848 if (offset != PCI_CONFIG_SPACE_SIZE) { 849 uint16_t prev; 850 851 /* 852 * 0xffffffff is not a valid cap id (it's a 16 bit field). use 853 * internally to find the last capability in the linked list. 854 */ 855 pcie_find_capability_list(dev, 0xffffffff, &prev); 856 assert(prev >= PCI_CONFIG_SPACE_SIZE); 857 pcie_ext_cap_set_next(dev, prev, offset); 858 } 859 pci_set_long(dev->config + offset, PCI_EXT_CAP(cap_id, cap_ver, 0)); 860 861 /* Make capability read-only by default */ 862 memset(dev->wmask + offset, 0, size); 863 memset(dev->w1cmask + offset, 0, size); 864 /* Check capability by default */ 865 memset(dev->cmask + offset, 0xFF, size); 866 } 867 868 /* 869 * Sync the PCIe Link Status negotiated speed and width of a bridge with the 870 * downstream device. If downstream device is not present, re-write with the 871 * Link Capability fields. If downstream device reports invalid width or 872 * speed, replace with minimum values (LnkSta fields are RsvdZ on VFs but such 873 * values interfere with PCIe native hotplug detecting new devices). Limit 874 * width and speed to bridge capabilities for compatibility. Use config_read 875 * to access the downstream device since it could be an assigned device with 876 * volatile link information. 877 */ 878 void pcie_sync_bridge_lnk(PCIDevice *bridge_dev) 879 { 880 PCIBridge *br = PCI_BRIDGE(bridge_dev); 881 PCIBus *bus = pci_bridge_get_sec_bus(br); 882 PCIDevice *target = bus->devices[0]; 883 uint8_t *exp_cap = bridge_dev->config + bridge_dev->exp.exp_cap; 884 uint16_t lnksta, lnkcap = pci_get_word(exp_cap + PCI_EXP_LNKCAP); 885 886 if (!target || !target->exp.exp_cap) { 887 lnksta = lnkcap; 888 } else { 889 lnksta = target->config_read(target, 890 target->exp.exp_cap + PCI_EXP_LNKSTA, 891 sizeof(lnksta)); 892 893 if ((lnksta & PCI_EXP_LNKSTA_NLW) > (lnkcap & PCI_EXP_LNKCAP_MLW)) { 894 lnksta &= ~PCI_EXP_LNKSTA_NLW; 895 lnksta |= lnkcap & PCI_EXP_LNKCAP_MLW; 896 } else if (!(lnksta & PCI_EXP_LNKSTA_NLW)) { 897 lnksta |= QEMU_PCI_EXP_LNKSTA_NLW(QEMU_PCI_EXP_LNK_X1); 898 } 899 900 if ((lnksta & PCI_EXP_LNKSTA_CLS) > (lnkcap & PCI_EXP_LNKCAP_SLS)) { 901 lnksta &= ~PCI_EXP_LNKSTA_CLS; 902 lnksta |= lnkcap & PCI_EXP_LNKCAP_SLS; 903 } else if (!(lnksta & PCI_EXP_LNKSTA_CLS)) { 904 lnksta |= QEMU_PCI_EXP_LNKSTA_CLS(QEMU_PCI_EXP_LNK_2_5GT); 905 } 906 } 907 908 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_LNKSTA, 909 PCI_EXP_LNKSTA_CLS | PCI_EXP_LNKSTA_NLW); 910 pci_word_test_and_set_mask(exp_cap + PCI_EXP_LNKSTA, lnksta & 911 (PCI_EXP_LNKSTA_CLS | PCI_EXP_LNKSTA_NLW)); 912 } 913 914 /************************************************************************** 915 * pci express extended capability helper functions 916 */ 917 918 /* ARI */ 919 void pcie_ari_init(PCIDevice *dev, uint16_t offset, uint16_t nextfn) 920 { 921 pcie_add_capability(dev, PCI_EXT_CAP_ID_ARI, PCI_ARI_VER, 922 offset, PCI_ARI_SIZEOF); 923 pci_set_long(dev->config + offset + PCI_ARI_CAP, (nextfn & 0xff) << 8); 924 } 925 926 void pcie_dev_ser_num_init(PCIDevice *dev, uint16_t offset, uint64_t ser_num) 927 { 928 static const int pci_dsn_ver = 1; 929 static const int pci_dsn_cap = 4; 930 931 pcie_add_capability(dev, PCI_EXT_CAP_ID_DSN, pci_dsn_ver, offset, 932 PCI_EXT_CAP_DSN_SIZEOF); 933 pci_set_quad(dev->config + offset + pci_dsn_cap, ser_num); 934 } 935 936 void pcie_ats_init(PCIDevice *dev, uint16_t offset) 937 { 938 pcie_add_capability(dev, PCI_EXT_CAP_ID_ATS, 0x1, 939 offset, PCI_EXT_CAP_ATS_SIZEOF); 940 941 dev->exp.ats_cap = offset; 942 943 /* Invalidate Queue Depth 0, Page Aligned Request 0 */ 944 pci_set_word(dev->config + offset + PCI_ATS_CAP, 0); 945 /* STU 0, Disabled by default */ 946 pci_set_word(dev->config + offset + PCI_ATS_CTRL, 0); 947 948 pci_set_word(dev->wmask + dev->exp.ats_cap + PCI_ATS_CTRL, 0x800f); 949 } 950 951 /* ACS (Access Control Services) */ 952 void pcie_acs_init(PCIDevice *dev, uint16_t offset) 953 { 954 bool is_downstream = pci_is_express_downstream_port(dev); 955 uint16_t cap_bits = 0; 956 957 /* For endpoints, only multifunction devs may have an ACS capability: */ 958 assert(is_downstream || 959 (dev->cap_present & QEMU_PCI_CAP_MULTIFUNCTION) || 960 PCI_FUNC(dev->devfn)); 961 962 pcie_add_capability(dev, PCI_EXT_CAP_ID_ACS, PCI_ACS_VER, offset, 963 PCI_ACS_SIZEOF); 964 dev->exp.acs_cap = offset; 965 966 if (is_downstream) { 967 /* 968 * Downstream ports must implement SV, TB, RR, CR, UF, and DT (with 969 * caveats on the latter four that we ignore for simplicity). 970 * Endpoints may also implement a subset of ACS capabilities, 971 * but these are optional if the endpoint does not support 972 * peer-to-peer between functions and thus omitted here. 973 */ 974 cap_bits = PCI_ACS_SV | PCI_ACS_TB | PCI_ACS_RR | 975 PCI_ACS_CR | PCI_ACS_UF | PCI_ACS_DT; 976 } 977 978 pci_set_word(dev->config + offset + PCI_ACS_CAP, cap_bits); 979 pci_set_word(dev->wmask + offset + PCI_ACS_CTRL, cap_bits); 980 } 981 982 void pcie_acs_reset(PCIDevice *dev) 983 { 984 if (dev->exp.acs_cap) { 985 pci_set_word(dev->config + dev->exp.acs_cap + PCI_ACS_CTRL, 0); 986 } 987 } 988