1 /* 2 * pcie.c 3 * 4 * Copyright (c) 2010 Isaku Yamahata <yamahata at valinux co jp> 5 * VA Linux Systems Japan K.K. 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License along 18 * with this program; if not, see <http://www.gnu.org/licenses/>. 19 */ 20 21 #include "qemu/osdep.h" 22 #include "qapi/error.h" 23 #include "hw/pci/pci_bridge.h" 24 #include "hw/pci/pcie.h" 25 #include "hw/pci/msix.h" 26 #include "hw/pci/msi.h" 27 #include "hw/pci/pci_bus.h" 28 #include "hw/pci/pcie_regs.h" 29 #include "hw/pci/pcie_port.h" 30 #include "qemu/range.h" 31 32 //#define DEBUG_PCIE 33 #ifdef DEBUG_PCIE 34 # define PCIE_DPRINTF(fmt, ...) \ 35 fprintf(stderr, "%s:%d " fmt, __func__, __LINE__, ## __VA_ARGS__) 36 #else 37 # define PCIE_DPRINTF(fmt, ...) do {} while (0) 38 #endif 39 #define PCIE_DEV_PRINTF(dev, fmt, ...) \ 40 PCIE_DPRINTF("%s:%x "fmt, (dev)->name, (dev)->devfn, ## __VA_ARGS__) 41 42 43 /*************************************************************************** 44 * pci express capability helper functions 45 */ 46 47 static void 48 pcie_cap_v1_fill(PCIDevice *dev, uint8_t port, uint8_t type, uint8_t version) 49 { 50 uint8_t *exp_cap = dev->config + dev->exp.exp_cap; 51 uint8_t *cmask = dev->cmask + dev->exp.exp_cap; 52 53 /* capability register 54 interrupt message number defaults to 0 */ 55 pci_set_word(exp_cap + PCI_EXP_FLAGS, 56 ((type << PCI_EXP_FLAGS_TYPE_SHIFT) & PCI_EXP_FLAGS_TYPE) | 57 version); 58 59 /* device capability register 60 * table 7-12: 61 * roll based error reporting bit must be set by all 62 * Functions conforming to the ECN, PCI Express Base 63 * Specification, Revision 1.1., or subsequent PCI Express Base 64 * Specification revisions. 65 */ 66 pci_set_long(exp_cap + PCI_EXP_DEVCAP, PCI_EXP_DEVCAP_RBER); 67 68 pci_set_long(exp_cap + PCI_EXP_LNKCAP, 69 (port << PCI_EXP_LNKCAP_PN_SHIFT) | 70 PCI_EXP_LNKCAP_ASPMS_0S | 71 QEMU_PCI_EXP_LNKCAP_MLW(QEMU_PCI_EXP_LNK_X1) | 72 QEMU_PCI_EXP_LNKCAP_MLS(QEMU_PCI_EXP_LNK_2_5GT)); 73 74 pci_set_word(exp_cap + PCI_EXP_LNKSTA, 75 QEMU_PCI_EXP_LNKSTA_NLW(QEMU_PCI_EXP_LNK_X1) | 76 QEMU_PCI_EXP_LNKSTA_CLS(QEMU_PCI_EXP_LNK_2_5GT)); 77 78 /* We changed link status bits over time, and changing them across 79 * migrations is generally fine as hardware changes them too. 80 * Let's not bother checking. 81 */ 82 pci_set_word(cmask + PCI_EXP_LNKSTA, 0); 83 } 84 85 static void pcie_cap_fill_slot_lnk(PCIDevice *dev) 86 { 87 PCIESlot *s = (PCIESlot *)object_dynamic_cast(OBJECT(dev), TYPE_PCIE_SLOT); 88 uint8_t *exp_cap = dev->config + dev->exp.exp_cap; 89 90 /* Skip anything that isn't a PCIESlot */ 91 if (!s) { 92 return; 93 } 94 95 /* Clear and fill LNKCAP from what was configured above */ 96 pci_long_test_and_clear_mask(exp_cap + PCI_EXP_LNKCAP, 97 PCI_EXP_LNKCAP_MLW | PCI_EXP_LNKCAP_SLS); 98 pci_long_test_and_set_mask(exp_cap + PCI_EXP_LNKCAP, 99 QEMU_PCI_EXP_LNKCAP_MLW(s->width) | 100 QEMU_PCI_EXP_LNKCAP_MLS(s->speed)); 101 102 /* 103 * Link bandwidth notification is required for all root ports and 104 * downstream ports supporting links wider than x1 or multiple link 105 * speeds. 106 */ 107 if (s->width > QEMU_PCI_EXP_LNK_X1 || 108 s->speed > QEMU_PCI_EXP_LNK_2_5GT) { 109 pci_long_test_and_set_mask(exp_cap + PCI_EXP_LNKCAP, 110 PCI_EXP_LNKCAP_LBNC); 111 } 112 113 if (s->speed > QEMU_PCI_EXP_LNK_2_5GT) { 114 /* 115 * Hot-plug capable downstream ports and downstream ports supporting 116 * link speeds greater than 5GT/s must hardwire PCI_EXP_LNKCAP_DLLLARC 117 * to 1b. PCI_EXP_LNKCAP_DLLLARC implies PCI_EXP_LNKSTA_DLLLA, which 118 * we also hardwire to 1b here. 2.5GT/s hot-plug slots should also 119 * technically implement this, but it's not done here for compatibility. 120 */ 121 pci_long_test_and_set_mask(exp_cap + PCI_EXP_LNKCAP, 122 PCI_EXP_LNKCAP_DLLLARC); 123 /* the PCI_EXP_LNKSTA_DLLLA will be set in the hotplug function */ 124 125 /* 126 * Target Link Speed defaults to the highest link speed supported by 127 * the component. 2.5GT/s devices are permitted to hardwire to zero. 128 */ 129 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_LNKCTL2, 130 PCI_EXP_LNKCTL2_TLS); 131 pci_word_test_and_set_mask(exp_cap + PCI_EXP_LNKCTL2, 132 QEMU_PCI_EXP_LNKCAP_MLS(s->speed) & 133 PCI_EXP_LNKCTL2_TLS); 134 } 135 136 /* 137 * 2.5 & 5.0GT/s can be fully described by LNKCAP, but 8.0GT/s is 138 * actually a reference to the highest bit supported in this register. 139 * We assume the device supports all link speeds. 140 */ 141 if (s->speed > QEMU_PCI_EXP_LNK_5GT) { 142 pci_long_test_and_clear_mask(exp_cap + PCI_EXP_LNKCAP2, ~0U); 143 pci_long_test_and_set_mask(exp_cap + PCI_EXP_LNKCAP2, 144 PCI_EXP_LNKCAP2_SLS_2_5GB | 145 PCI_EXP_LNKCAP2_SLS_5_0GB | 146 PCI_EXP_LNKCAP2_SLS_8_0GB); 147 if (s->speed > QEMU_PCI_EXP_LNK_8GT) { 148 pci_long_test_and_set_mask(exp_cap + PCI_EXP_LNKCAP2, 149 PCI_EXP_LNKCAP2_SLS_16_0GB); 150 } 151 } 152 } 153 154 int pcie_cap_init(PCIDevice *dev, uint8_t offset, 155 uint8_t type, uint8_t port, 156 Error **errp) 157 { 158 /* PCIe cap v2 init */ 159 int pos; 160 uint8_t *exp_cap; 161 162 assert(pci_is_express(dev)); 163 164 pos = pci_add_capability(dev, PCI_CAP_ID_EXP, offset, 165 PCI_EXP_VER2_SIZEOF, errp); 166 if (pos < 0) { 167 return pos; 168 } 169 dev->exp.exp_cap = pos; 170 exp_cap = dev->config + pos; 171 172 /* Filling values common with v1 */ 173 pcie_cap_v1_fill(dev, port, type, PCI_EXP_FLAGS_VER2); 174 175 /* Fill link speed and width options */ 176 pcie_cap_fill_slot_lnk(dev); 177 178 /* Filling v2 specific values */ 179 pci_set_long(exp_cap + PCI_EXP_DEVCAP2, 180 PCI_EXP_DEVCAP2_EFF | PCI_EXP_DEVCAP2_EETLPP); 181 182 pci_set_word(dev->wmask + pos + PCI_EXP_DEVCTL2, PCI_EXP_DEVCTL2_EETLPPB); 183 184 if (dev->cap_present & QEMU_PCIE_EXTCAP_INIT) { 185 /* read-only to behave like a 'NULL' Extended Capability Header */ 186 pci_set_long(dev->wmask + PCI_CONFIG_SPACE_SIZE, 0); 187 } 188 189 return pos; 190 } 191 192 int pcie_cap_v1_init(PCIDevice *dev, uint8_t offset, uint8_t type, 193 uint8_t port) 194 { 195 /* PCIe cap v1 init */ 196 int pos; 197 Error *local_err = NULL; 198 199 assert(pci_is_express(dev)); 200 201 pos = pci_add_capability(dev, PCI_CAP_ID_EXP, offset, 202 PCI_EXP_VER1_SIZEOF, &local_err); 203 if (pos < 0) { 204 error_report_err(local_err); 205 return pos; 206 } 207 dev->exp.exp_cap = pos; 208 209 pcie_cap_v1_fill(dev, port, type, PCI_EXP_FLAGS_VER1); 210 211 return pos; 212 } 213 214 static int 215 pcie_endpoint_cap_common_init(PCIDevice *dev, uint8_t offset, uint8_t cap_size) 216 { 217 uint8_t type = PCI_EXP_TYPE_ENDPOINT; 218 Error *local_err = NULL; 219 int ret; 220 221 /* 222 * Windows guests will report Code 10, device cannot start, if 223 * a regular Endpoint type is exposed on a root complex. These 224 * should instead be Root Complex Integrated Endpoints. 225 */ 226 if (pci_bus_is_express(pci_get_bus(dev)) 227 && pci_bus_is_root(pci_get_bus(dev))) { 228 type = PCI_EXP_TYPE_RC_END; 229 } 230 231 if (cap_size == PCI_EXP_VER1_SIZEOF) { 232 return pcie_cap_v1_init(dev, offset, type, 0); 233 } else { 234 ret = pcie_cap_init(dev, offset, type, 0, &local_err); 235 236 if (ret < 0) { 237 error_report_err(local_err); 238 } 239 240 return ret; 241 } 242 } 243 244 int pcie_endpoint_cap_init(PCIDevice *dev, uint8_t offset) 245 { 246 return pcie_endpoint_cap_common_init(dev, offset, PCI_EXP_VER2_SIZEOF); 247 } 248 249 int pcie_endpoint_cap_v1_init(PCIDevice *dev, uint8_t offset) 250 { 251 return pcie_endpoint_cap_common_init(dev, offset, PCI_EXP_VER1_SIZEOF); 252 } 253 254 void pcie_cap_exit(PCIDevice *dev) 255 { 256 pci_del_capability(dev, PCI_CAP_ID_EXP, PCI_EXP_VER2_SIZEOF); 257 } 258 259 void pcie_cap_v1_exit(PCIDevice *dev) 260 { 261 pci_del_capability(dev, PCI_CAP_ID_EXP, PCI_EXP_VER1_SIZEOF); 262 } 263 264 uint8_t pcie_cap_get_type(const PCIDevice *dev) 265 { 266 uint32_t pos = dev->exp.exp_cap; 267 assert(pos > 0); 268 return (pci_get_word(dev->config + pos + PCI_EXP_FLAGS) & 269 PCI_EXP_FLAGS_TYPE) >> PCI_EXP_FLAGS_TYPE_SHIFT; 270 } 271 272 /* MSI/MSI-X */ 273 /* pci express interrupt message number */ 274 /* 7.8.2 PCI Express Capabilities Register: Interrupt Message Number */ 275 void pcie_cap_flags_set_vector(PCIDevice *dev, uint8_t vector) 276 { 277 uint8_t *exp_cap = dev->config + dev->exp.exp_cap; 278 assert(vector < 32); 279 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_FLAGS, PCI_EXP_FLAGS_IRQ); 280 pci_word_test_and_set_mask(exp_cap + PCI_EXP_FLAGS, 281 vector << PCI_EXP_FLAGS_IRQ_SHIFT); 282 } 283 284 uint8_t pcie_cap_flags_get_vector(PCIDevice *dev) 285 { 286 return (pci_get_word(dev->config + dev->exp.exp_cap + PCI_EXP_FLAGS) & 287 PCI_EXP_FLAGS_IRQ) >> PCI_EXP_FLAGS_IRQ_SHIFT; 288 } 289 290 void pcie_cap_deverr_init(PCIDevice *dev) 291 { 292 uint32_t pos = dev->exp.exp_cap; 293 pci_long_test_and_set_mask(dev->config + pos + PCI_EXP_DEVCAP, 294 PCI_EXP_DEVCAP_RBER); 295 pci_long_test_and_set_mask(dev->wmask + pos + PCI_EXP_DEVCTL, 296 PCI_EXP_DEVCTL_CERE | PCI_EXP_DEVCTL_NFERE | 297 PCI_EXP_DEVCTL_FERE | PCI_EXP_DEVCTL_URRE); 298 pci_long_test_and_set_mask(dev->w1cmask + pos + PCI_EXP_DEVSTA, 299 PCI_EXP_DEVSTA_CED | PCI_EXP_DEVSTA_NFED | 300 PCI_EXP_DEVSTA_FED | PCI_EXP_DEVSTA_URD); 301 } 302 303 void pcie_cap_deverr_reset(PCIDevice *dev) 304 { 305 uint8_t *devctl = dev->config + dev->exp.exp_cap + PCI_EXP_DEVCTL; 306 pci_long_test_and_clear_mask(devctl, 307 PCI_EXP_DEVCTL_CERE | PCI_EXP_DEVCTL_NFERE | 308 PCI_EXP_DEVCTL_FERE | PCI_EXP_DEVCTL_URRE); 309 } 310 311 void pcie_cap_lnkctl_init(PCIDevice *dev) 312 { 313 uint32_t pos = dev->exp.exp_cap; 314 pci_long_test_and_set_mask(dev->wmask + pos + PCI_EXP_LNKCTL, 315 PCI_EXP_LNKCTL_CCC | PCI_EXP_LNKCTL_ES); 316 } 317 318 void pcie_cap_lnkctl_reset(PCIDevice *dev) 319 { 320 uint8_t *lnkctl = dev->config + dev->exp.exp_cap + PCI_EXP_LNKCTL; 321 pci_long_test_and_clear_mask(lnkctl, 322 PCI_EXP_LNKCTL_CCC | PCI_EXP_LNKCTL_ES); 323 } 324 325 static void hotplug_event_update_event_status(PCIDevice *dev) 326 { 327 uint32_t pos = dev->exp.exp_cap; 328 uint8_t *exp_cap = dev->config + pos; 329 uint16_t sltctl = pci_get_word(exp_cap + PCI_EXP_SLTCTL); 330 uint16_t sltsta = pci_get_word(exp_cap + PCI_EXP_SLTSTA); 331 332 dev->exp.hpev_notified = (sltctl & PCI_EXP_SLTCTL_HPIE) && 333 (sltsta & sltctl & PCI_EXP_HP_EV_SUPPORTED); 334 } 335 336 static void hotplug_event_notify(PCIDevice *dev) 337 { 338 bool prev = dev->exp.hpev_notified; 339 340 hotplug_event_update_event_status(dev); 341 342 if (prev == dev->exp.hpev_notified) { 343 return; 344 } 345 346 /* Note: the logic above does not take into account whether interrupts 347 * are masked. The result is that interrupt will be sent when it is 348 * subsequently unmasked. This appears to be legal: Section 6.7.3.4: 349 * The Port may optionally send an MSI when there are hot-plug events that 350 * occur while interrupt generation is disabled, and interrupt generation is 351 * subsequently enabled. */ 352 if (msix_enabled(dev)) { 353 msix_notify(dev, pcie_cap_flags_get_vector(dev)); 354 } else if (msi_enabled(dev)) { 355 msi_notify(dev, pcie_cap_flags_get_vector(dev)); 356 } else { 357 pci_set_irq(dev, dev->exp.hpev_notified); 358 } 359 } 360 361 static void hotplug_event_clear(PCIDevice *dev) 362 { 363 hotplug_event_update_event_status(dev); 364 if (!msix_enabled(dev) && !msi_enabled(dev) && !dev->exp.hpev_notified) { 365 pci_irq_deassert(dev); 366 } 367 } 368 369 /* 370 * A PCI Express Hot-Plug Event has occurred, so update slot status register 371 * and notify OS of the event if necessary. 372 * 373 * 6.7.3 PCI Express Hot-Plug Events 374 * 6.7.3.4 Software Notification of Hot-Plug Events 375 */ 376 static void pcie_cap_slot_event(PCIDevice *dev, PCIExpressHotPlugEvent event) 377 { 378 /* Minor optimization: if nothing changed - no event is needed. */ 379 if (pci_word_test_and_set_mask(dev->config + dev->exp.exp_cap + 380 PCI_EXP_SLTSTA, event) == event) { 381 return; 382 } 383 hotplug_event_notify(dev); 384 } 385 386 static void pcie_cap_slot_plug_common(PCIDevice *hotplug_dev, DeviceState *dev, 387 Error **errp) 388 { 389 uint8_t *exp_cap = hotplug_dev->config + hotplug_dev->exp.exp_cap; 390 uint16_t sltsta = pci_get_word(exp_cap + PCI_EXP_SLTSTA); 391 392 PCIE_DEV_PRINTF(PCI_DEVICE(dev), "hotplug state: 0x%x\n", sltsta); 393 if (sltsta & PCI_EXP_SLTSTA_EIS) { 394 /* the slot is electromechanically locked. 395 * This error is propagated up to qdev and then to HMP/QMP. 396 */ 397 error_setg_errno(errp, EBUSY, "slot is electromechanically locked"); 398 } 399 } 400 401 void pcie_cap_slot_pre_plug_cb(HotplugHandler *hotplug_dev, DeviceState *dev, 402 Error **errp) 403 { 404 PCIDevice *hotplug_pdev = PCI_DEVICE(hotplug_dev); 405 uint8_t *exp_cap = hotplug_pdev->config + hotplug_pdev->exp.exp_cap; 406 uint32_t sltcap = pci_get_word(exp_cap + PCI_EXP_SLTCAP); 407 408 /* Check if hot-plug is disabled on the slot */ 409 if (dev->hotplugged && (sltcap & PCI_EXP_SLTCAP_HPC) == 0) { 410 error_setg(errp, "Hot-plug failed: unsupported by the port device '%s'", 411 DEVICE(hotplug_pdev)->id); 412 return; 413 } 414 415 pcie_cap_slot_plug_common(PCI_DEVICE(hotplug_dev), dev, errp); 416 } 417 418 void pcie_cap_slot_plug_cb(HotplugHandler *hotplug_dev, DeviceState *dev, 419 Error **errp) 420 { 421 PCIDevice *hotplug_pdev = PCI_DEVICE(hotplug_dev); 422 uint8_t *exp_cap = hotplug_pdev->config + hotplug_pdev->exp.exp_cap; 423 PCIDevice *pci_dev = PCI_DEVICE(dev); 424 uint32_t lnkcap = pci_get_long(exp_cap + PCI_EXP_LNKCAP); 425 426 /* Don't send event when device is enabled during qemu machine creation: 427 * it is present on boot, no hotplug event is necessary. We do send an 428 * event when the device is disabled later. */ 429 if (!dev->hotplugged) { 430 pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTSTA, 431 PCI_EXP_SLTSTA_PDS); 432 if (pci_dev->cap_present & QEMU_PCIE_LNKSTA_DLLLA || 433 (lnkcap & PCI_EXP_LNKCAP_DLLLARC)) { 434 pci_word_test_and_set_mask(exp_cap + PCI_EXP_LNKSTA, 435 PCI_EXP_LNKSTA_DLLLA); 436 } 437 return; 438 } 439 440 /* To enable multifunction hot-plug, we just ensure the function 441 * 0 added last. When function 0 is added, we set the sltsta and 442 * inform OS via event notification. 443 */ 444 if (pci_get_function_0(pci_dev)) { 445 pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTSTA, 446 PCI_EXP_SLTSTA_PDS); 447 if (pci_dev->cap_present & QEMU_PCIE_LNKSTA_DLLLA || 448 (lnkcap & PCI_EXP_LNKCAP_DLLLARC)) { 449 pci_word_test_and_set_mask(exp_cap + PCI_EXP_LNKSTA, 450 PCI_EXP_LNKSTA_DLLLA); 451 } 452 pcie_cap_slot_event(hotplug_pdev, 453 PCI_EXP_HP_EV_PDC | PCI_EXP_HP_EV_ABP); 454 } 455 } 456 457 void pcie_cap_slot_unplug_cb(HotplugHandler *hotplug_dev, DeviceState *dev, 458 Error **errp) 459 { 460 qdev_unrealize(dev); 461 } 462 463 static void pcie_unplug_device(PCIBus *bus, PCIDevice *dev, void *opaque) 464 { 465 HotplugHandler *hotplug_ctrl = qdev_get_hotplug_handler(DEVICE(dev)); 466 467 if (dev->partially_hotplugged) { 468 dev->qdev.pending_deleted_event = false; 469 return; 470 } 471 hotplug_handler_unplug(hotplug_ctrl, DEVICE(dev), &error_abort); 472 object_unparent(OBJECT(dev)); 473 } 474 475 void pcie_cap_slot_unplug_request_cb(HotplugHandler *hotplug_dev, 476 DeviceState *dev, Error **errp) 477 { 478 Error *local_err = NULL; 479 PCIDevice *pci_dev = PCI_DEVICE(dev); 480 PCIBus *bus = pci_get_bus(pci_dev); 481 PCIDevice *hotplug_pdev = PCI_DEVICE(hotplug_dev); 482 uint8_t *exp_cap = hotplug_pdev->config + hotplug_pdev->exp.exp_cap; 483 uint32_t sltcap = pci_get_word(exp_cap + PCI_EXP_SLTCAP); 484 485 /* Check if hot-unplug is disabled on the slot */ 486 if ((sltcap & PCI_EXP_SLTCAP_HPC) == 0) { 487 error_setg(errp, "Hot-unplug failed: " 488 "unsupported by the port device '%s'", 489 DEVICE(hotplug_pdev)->id); 490 return; 491 } 492 493 pcie_cap_slot_plug_common(hotplug_pdev, dev, &local_err); 494 if (local_err) { 495 error_propagate(errp, local_err); 496 return; 497 } 498 499 dev->pending_deleted_event = true; 500 501 /* In case user cancel the operation of multi-function hot-add, 502 * remove the function that is unexposed to guest individually, 503 * without interaction with guest. 504 */ 505 if (pci_dev->devfn && 506 !bus->devices[0]) { 507 pcie_unplug_device(bus, pci_dev, NULL); 508 509 return; 510 } 511 512 pcie_cap_slot_push_attention_button(hotplug_pdev); 513 } 514 515 /* pci express slot for pci express root/downstream port 516 PCI express capability slot registers */ 517 void pcie_cap_slot_init(PCIDevice *dev, PCIESlot *s) 518 { 519 uint32_t pos = dev->exp.exp_cap; 520 521 pci_word_test_and_set_mask(dev->config + pos + PCI_EXP_FLAGS, 522 PCI_EXP_FLAGS_SLOT); 523 524 pci_long_test_and_clear_mask(dev->config + pos + PCI_EXP_SLTCAP, 525 ~PCI_EXP_SLTCAP_PSN); 526 pci_long_test_and_set_mask(dev->config + pos + PCI_EXP_SLTCAP, 527 (s->slot << PCI_EXP_SLTCAP_PSN_SHIFT) | 528 PCI_EXP_SLTCAP_EIP | 529 PCI_EXP_SLTCAP_PIP | 530 PCI_EXP_SLTCAP_AIP | 531 PCI_EXP_SLTCAP_ABP); 532 if (s->hotplug) { 533 pci_long_test_and_set_mask(dev->config + pos + PCI_EXP_SLTCAP, 534 PCI_EXP_SLTCAP_HPS | 535 PCI_EXP_SLTCAP_HPC); 536 } 537 538 if (dev->cap_present & QEMU_PCIE_SLTCAP_PCP) { 539 pci_long_test_and_set_mask(dev->config + pos + PCI_EXP_SLTCAP, 540 PCI_EXP_SLTCAP_PCP); 541 pci_word_test_and_clear_mask(dev->config + pos + PCI_EXP_SLTCTL, 542 PCI_EXP_SLTCTL_PCC); 543 pci_word_test_and_set_mask(dev->wmask + pos + PCI_EXP_SLTCTL, 544 PCI_EXP_SLTCTL_PCC); 545 } 546 547 pci_word_test_and_clear_mask(dev->config + pos + PCI_EXP_SLTCTL, 548 PCI_EXP_SLTCTL_PIC | 549 PCI_EXP_SLTCTL_AIC); 550 pci_word_test_and_set_mask(dev->config + pos + PCI_EXP_SLTCTL, 551 PCI_EXP_SLTCTL_PIC_OFF | 552 PCI_EXP_SLTCTL_AIC_OFF); 553 pci_word_test_and_set_mask(dev->wmask + pos + PCI_EXP_SLTCTL, 554 PCI_EXP_SLTCTL_PIC | 555 PCI_EXP_SLTCTL_AIC | 556 PCI_EXP_SLTCTL_HPIE | 557 PCI_EXP_SLTCTL_CCIE | 558 PCI_EXP_SLTCTL_PDCE | 559 PCI_EXP_SLTCTL_ABPE); 560 /* Although reading PCI_EXP_SLTCTL_EIC returns always 0, 561 * make the bit writable here in order to detect 1b is written. 562 * pcie_cap_slot_write_config() test-and-clear the bit, so 563 * this bit always returns 0 to the guest. 564 */ 565 pci_word_test_and_set_mask(dev->wmask + pos + PCI_EXP_SLTCTL, 566 PCI_EXP_SLTCTL_EIC); 567 568 pci_word_test_and_set_mask(dev->w1cmask + pos + PCI_EXP_SLTSTA, 569 PCI_EXP_HP_EV_SUPPORTED); 570 571 dev->exp.hpev_notified = false; 572 573 qbus_set_hotplug_handler(BUS(pci_bridge_get_sec_bus(PCI_BRIDGE(dev))), 574 OBJECT(dev)); 575 } 576 577 void pcie_cap_slot_reset(PCIDevice *dev) 578 { 579 uint8_t *exp_cap = dev->config + dev->exp.exp_cap; 580 uint8_t port_type = pcie_cap_get_type(dev); 581 582 assert(port_type == PCI_EXP_TYPE_DOWNSTREAM || 583 port_type == PCI_EXP_TYPE_ROOT_PORT); 584 585 PCIE_DEV_PRINTF(dev, "reset\n"); 586 587 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_SLTCTL, 588 PCI_EXP_SLTCTL_EIC | 589 PCI_EXP_SLTCTL_PIC | 590 PCI_EXP_SLTCTL_AIC | 591 PCI_EXP_SLTCTL_HPIE | 592 PCI_EXP_SLTCTL_CCIE | 593 PCI_EXP_SLTCTL_PDCE | 594 PCI_EXP_SLTCTL_ABPE); 595 pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTCTL, 596 PCI_EXP_SLTCTL_AIC_OFF); 597 598 if (dev->cap_present & QEMU_PCIE_SLTCAP_PCP) { 599 /* Downstream ports enforce device number 0. */ 600 bool populated = pci_bridge_get_sec_bus(PCI_BRIDGE(dev))->devices[0]; 601 uint16_t pic; 602 603 if (populated) { 604 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_SLTCTL, 605 PCI_EXP_SLTCTL_PCC); 606 } else { 607 pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTCTL, 608 PCI_EXP_SLTCTL_PCC); 609 } 610 611 pic = populated ? PCI_EXP_SLTCTL_PIC_ON : PCI_EXP_SLTCTL_PIC_OFF; 612 pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTCTL, pic); 613 } 614 615 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_SLTSTA, 616 PCI_EXP_SLTSTA_EIS |/* on reset, 617 the lock is released */ 618 PCI_EXP_SLTSTA_CC | 619 PCI_EXP_SLTSTA_PDC | 620 PCI_EXP_SLTSTA_ABP); 621 622 hotplug_event_update_event_status(dev); 623 } 624 625 void pcie_cap_slot_get(PCIDevice *dev, uint16_t *slt_ctl, uint16_t *slt_sta) 626 { 627 uint32_t pos = dev->exp.exp_cap; 628 uint8_t *exp_cap = dev->config + pos; 629 *slt_ctl = pci_get_word(exp_cap + PCI_EXP_SLTCTL); 630 *slt_sta = pci_get_word(exp_cap + PCI_EXP_SLTSTA); 631 } 632 633 void pcie_cap_slot_write_config(PCIDevice *dev, 634 uint16_t old_slt_ctl, uint16_t old_slt_sta, 635 uint32_t addr, uint32_t val, int len) 636 { 637 uint32_t pos = dev->exp.exp_cap; 638 uint8_t *exp_cap = dev->config + pos; 639 uint16_t sltsta = pci_get_word(exp_cap + PCI_EXP_SLTSTA); 640 uint32_t lnkcap = pci_get_long(exp_cap + PCI_EXP_LNKCAP); 641 642 if (ranges_overlap(addr, len, pos + PCI_EXP_SLTSTA, 2)) { 643 /* 644 * Guests tend to clears all bits during init. 645 * If they clear bits that weren't set this is racy and will lose events: 646 * not a big problem for manual button presses, but a problem for us. 647 * As a work-around, detect this and revert status to what it was 648 * before the write. 649 * 650 * Note: in theory this can be detected as a duplicate button press 651 * which cancels the previous press. Does not seem to happen in 652 * practice as guests seem to only have this bug during init. 653 */ 654 #define PCIE_SLOT_EVENTS (PCI_EXP_SLTSTA_ABP | PCI_EXP_SLTSTA_PFD | \ 655 PCI_EXP_SLTSTA_MRLSC | PCI_EXP_SLTSTA_PDC | \ 656 PCI_EXP_SLTSTA_CC) 657 658 if (val & ~old_slt_sta & PCIE_SLOT_EVENTS) { 659 sltsta = (sltsta & ~PCIE_SLOT_EVENTS) | (old_slt_sta & PCIE_SLOT_EVENTS); 660 pci_set_word(exp_cap + PCI_EXP_SLTSTA, sltsta); 661 } 662 hotplug_event_clear(dev); 663 } 664 665 if (!ranges_overlap(addr, len, pos + PCI_EXP_SLTCTL, 2)) { 666 return; 667 } 668 669 if (pci_word_test_and_clear_mask(exp_cap + PCI_EXP_SLTCTL, 670 PCI_EXP_SLTCTL_EIC)) { 671 sltsta ^= PCI_EXP_SLTSTA_EIS; /* toggle PCI_EXP_SLTSTA_EIS bit */ 672 pci_set_word(exp_cap + PCI_EXP_SLTSTA, sltsta); 673 PCIE_DEV_PRINTF(dev, "PCI_EXP_SLTCTL_EIC: " 674 "sltsta -> 0x%02"PRIx16"\n", 675 sltsta); 676 } 677 678 /* 679 * If the slot is populated, power indicator is off and power 680 * controller is off, it is safe to detach the devices. 681 * 682 * Note: don't detach if condition was already true: 683 * this is a work around for guests that overwrite 684 * control of powered off slots before powering them on. 685 */ 686 if ((sltsta & PCI_EXP_SLTSTA_PDS) && (val & PCI_EXP_SLTCTL_PCC) && 687 (val & PCI_EXP_SLTCTL_PIC_OFF) == PCI_EXP_SLTCTL_PIC_OFF && 688 (!(old_slt_ctl & PCI_EXP_SLTCTL_PCC) || 689 (old_slt_ctl & PCI_EXP_SLTCTL_PIC_OFF) != PCI_EXP_SLTCTL_PIC_OFF)) { 690 PCIBus *sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(dev)); 691 pci_for_each_device(sec_bus, pci_bus_num(sec_bus), 692 pcie_unplug_device, NULL); 693 694 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_SLTSTA, 695 PCI_EXP_SLTSTA_PDS); 696 if (dev->cap_present & QEMU_PCIE_LNKSTA_DLLLA || 697 (lnkcap & PCI_EXP_LNKCAP_DLLLARC)) { 698 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_LNKSTA, 699 PCI_EXP_LNKSTA_DLLLA); 700 } 701 pci_word_test_and_set_mask(exp_cap + PCI_EXP_SLTSTA, 702 PCI_EXP_SLTSTA_PDC); 703 } 704 705 hotplug_event_notify(dev); 706 707 /* 708 * 6.7.3.2 Command Completed Events 709 * 710 * Software issues a command to a hot-plug capable Downstream Port by 711 * issuing a write transaction that targets any portion of the Port’s Slot 712 * Control register. A single write to the Slot Control register is 713 * considered to be a single command, even if the write affects more than 714 * one field in the Slot Control register. In response to this transaction, 715 * the Port must carry out the requested actions and then set the 716 * associated status field for the command completed event. */ 717 718 /* Real hardware might take a while to complete requested command because 719 * physical movement would be involved like locking the electromechanical 720 * lock. However in our case, command is completed instantaneously above, 721 * so send a command completion event right now. 722 */ 723 pcie_cap_slot_event(dev, PCI_EXP_HP_EV_CCI); 724 } 725 726 int pcie_cap_slot_post_load(void *opaque, int version_id) 727 { 728 PCIDevice *dev = opaque; 729 hotplug_event_update_event_status(dev); 730 return 0; 731 } 732 733 void pcie_cap_slot_push_attention_button(PCIDevice *dev) 734 { 735 pcie_cap_slot_event(dev, PCI_EXP_HP_EV_ABP); 736 } 737 738 /* root control/capabilities/status. PME isn't emulated for now */ 739 void pcie_cap_root_init(PCIDevice *dev) 740 { 741 pci_set_word(dev->wmask + dev->exp.exp_cap + PCI_EXP_RTCTL, 742 PCI_EXP_RTCTL_SECEE | PCI_EXP_RTCTL_SENFEE | 743 PCI_EXP_RTCTL_SEFEE); 744 } 745 746 void pcie_cap_root_reset(PCIDevice *dev) 747 { 748 pci_set_word(dev->config + dev->exp.exp_cap + PCI_EXP_RTCTL, 0); 749 } 750 751 /* function level reset(FLR) */ 752 void pcie_cap_flr_init(PCIDevice *dev) 753 { 754 pci_long_test_and_set_mask(dev->config + dev->exp.exp_cap + PCI_EXP_DEVCAP, 755 PCI_EXP_DEVCAP_FLR); 756 757 /* Although reading BCR_FLR returns always 0, 758 * the bit is made writable here in order to detect the 1b is written 759 * pcie_cap_flr_write_config() test-and-clear the bit, so 760 * this bit always returns 0 to the guest. 761 */ 762 pci_word_test_and_set_mask(dev->wmask + dev->exp.exp_cap + PCI_EXP_DEVCTL, 763 PCI_EXP_DEVCTL_BCR_FLR); 764 } 765 766 void pcie_cap_flr_write_config(PCIDevice *dev, 767 uint32_t addr, uint32_t val, int len) 768 { 769 uint8_t *devctl = dev->config + dev->exp.exp_cap + PCI_EXP_DEVCTL; 770 if (pci_get_word(devctl) & PCI_EXP_DEVCTL_BCR_FLR) { 771 /* Clear PCI_EXP_DEVCTL_BCR_FLR after invoking the reset handler 772 so the handler can detect FLR by looking at this bit. */ 773 pci_device_reset(dev); 774 pci_word_test_and_clear_mask(devctl, PCI_EXP_DEVCTL_BCR_FLR); 775 } 776 } 777 778 /* Alternative Routing-ID Interpretation (ARI) 779 * forwarding support for root and downstream ports 780 */ 781 void pcie_cap_arifwd_init(PCIDevice *dev) 782 { 783 uint32_t pos = dev->exp.exp_cap; 784 pci_long_test_and_set_mask(dev->config + pos + PCI_EXP_DEVCAP2, 785 PCI_EXP_DEVCAP2_ARI); 786 pci_long_test_and_set_mask(dev->wmask + pos + PCI_EXP_DEVCTL2, 787 PCI_EXP_DEVCTL2_ARI); 788 } 789 790 void pcie_cap_arifwd_reset(PCIDevice *dev) 791 { 792 uint8_t *devctl2 = dev->config + dev->exp.exp_cap + PCI_EXP_DEVCTL2; 793 pci_long_test_and_clear_mask(devctl2, PCI_EXP_DEVCTL2_ARI); 794 } 795 796 bool pcie_cap_is_arifwd_enabled(const PCIDevice *dev) 797 { 798 if (!pci_is_express(dev)) { 799 return false; 800 } 801 if (!dev->exp.exp_cap) { 802 return false; 803 } 804 805 return pci_get_long(dev->config + dev->exp.exp_cap + PCI_EXP_DEVCTL2) & 806 PCI_EXP_DEVCTL2_ARI; 807 } 808 809 /************************************************************************** 810 * pci express extended capability list management functions 811 * uint16_t ext_cap_id (16 bit) 812 * uint8_t cap_ver (4 bit) 813 * uint16_t cap_offset (12 bit) 814 * uint16_t ext_cap_size 815 */ 816 817 /* Passing a cap_id value > 0xffff will return 0 and put end of list in prev */ 818 static uint16_t pcie_find_capability_list(PCIDevice *dev, uint32_t cap_id, 819 uint16_t *prev_p) 820 { 821 uint16_t prev = 0; 822 uint16_t next; 823 uint32_t header = pci_get_long(dev->config + PCI_CONFIG_SPACE_SIZE); 824 825 if (!header) { 826 /* no extended capability */ 827 next = 0; 828 goto out; 829 } 830 for (next = PCI_CONFIG_SPACE_SIZE; next; 831 prev = next, next = PCI_EXT_CAP_NEXT(header)) { 832 833 assert(next >= PCI_CONFIG_SPACE_SIZE); 834 assert(next <= PCIE_CONFIG_SPACE_SIZE - 8); 835 836 header = pci_get_long(dev->config + next); 837 if (PCI_EXT_CAP_ID(header) == cap_id) { 838 break; 839 } 840 } 841 842 out: 843 if (prev_p) { 844 *prev_p = prev; 845 } 846 return next; 847 } 848 849 uint16_t pcie_find_capability(PCIDevice *dev, uint16_t cap_id) 850 { 851 return pcie_find_capability_list(dev, cap_id, NULL); 852 } 853 854 static void pcie_ext_cap_set_next(PCIDevice *dev, uint16_t pos, uint16_t next) 855 { 856 uint32_t header = pci_get_long(dev->config + pos); 857 assert(!(next & (PCI_EXT_CAP_ALIGN - 1))); 858 header = (header & ~PCI_EXT_CAP_NEXT_MASK) | 859 ((next << PCI_EXT_CAP_NEXT_SHIFT) & PCI_EXT_CAP_NEXT_MASK); 860 pci_set_long(dev->config + pos, header); 861 } 862 863 /* 864 * Caller must supply valid (offset, size) such that the range wouldn't 865 * overlap with other capability or other registers. 866 * This function doesn't check it. 867 */ 868 void pcie_add_capability(PCIDevice *dev, 869 uint16_t cap_id, uint8_t cap_ver, 870 uint16_t offset, uint16_t size) 871 { 872 assert(offset >= PCI_CONFIG_SPACE_SIZE); 873 assert(offset < offset + size); 874 assert(offset + size <= PCIE_CONFIG_SPACE_SIZE); 875 assert(size >= 8); 876 assert(pci_is_express(dev)); 877 878 if (offset != PCI_CONFIG_SPACE_SIZE) { 879 uint16_t prev; 880 881 /* 882 * 0xffffffff is not a valid cap id (it's a 16 bit field). use 883 * internally to find the last capability in the linked list. 884 */ 885 pcie_find_capability_list(dev, 0xffffffff, &prev); 886 assert(prev >= PCI_CONFIG_SPACE_SIZE); 887 pcie_ext_cap_set_next(dev, prev, offset); 888 } 889 pci_set_long(dev->config + offset, PCI_EXT_CAP(cap_id, cap_ver, 0)); 890 891 /* Make capability read-only by default */ 892 memset(dev->wmask + offset, 0, size); 893 memset(dev->w1cmask + offset, 0, size); 894 /* Check capability by default */ 895 memset(dev->cmask + offset, 0xFF, size); 896 } 897 898 /* 899 * Sync the PCIe Link Status negotiated speed and width of a bridge with the 900 * downstream device. If downstream device is not present, re-write with the 901 * Link Capability fields. If downstream device reports invalid width or 902 * speed, replace with minimum values (LnkSta fields are RsvdZ on VFs but such 903 * values interfere with PCIe native hotplug detecting new devices). Limit 904 * width and speed to bridge capabilities for compatibility. Use config_read 905 * to access the downstream device since it could be an assigned device with 906 * volatile link information. 907 */ 908 void pcie_sync_bridge_lnk(PCIDevice *bridge_dev) 909 { 910 PCIBridge *br = PCI_BRIDGE(bridge_dev); 911 PCIBus *bus = pci_bridge_get_sec_bus(br); 912 PCIDevice *target = bus->devices[0]; 913 uint8_t *exp_cap = bridge_dev->config + bridge_dev->exp.exp_cap; 914 uint16_t lnksta, lnkcap = pci_get_word(exp_cap + PCI_EXP_LNKCAP); 915 916 if (!target || !target->exp.exp_cap) { 917 lnksta = lnkcap; 918 } else { 919 lnksta = target->config_read(target, 920 target->exp.exp_cap + PCI_EXP_LNKSTA, 921 sizeof(lnksta)); 922 923 if ((lnksta & PCI_EXP_LNKSTA_NLW) > (lnkcap & PCI_EXP_LNKCAP_MLW)) { 924 lnksta &= ~PCI_EXP_LNKSTA_NLW; 925 lnksta |= lnkcap & PCI_EXP_LNKCAP_MLW; 926 } else if (!(lnksta & PCI_EXP_LNKSTA_NLW)) { 927 lnksta |= QEMU_PCI_EXP_LNKSTA_NLW(QEMU_PCI_EXP_LNK_X1); 928 } 929 930 if ((lnksta & PCI_EXP_LNKSTA_CLS) > (lnkcap & PCI_EXP_LNKCAP_SLS)) { 931 lnksta &= ~PCI_EXP_LNKSTA_CLS; 932 lnksta |= lnkcap & PCI_EXP_LNKCAP_SLS; 933 } else if (!(lnksta & PCI_EXP_LNKSTA_CLS)) { 934 lnksta |= QEMU_PCI_EXP_LNKSTA_CLS(QEMU_PCI_EXP_LNK_2_5GT); 935 } 936 } 937 938 pci_word_test_and_clear_mask(exp_cap + PCI_EXP_LNKSTA, 939 PCI_EXP_LNKSTA_CLS | PCI_EXP_LNKSTA_NLW); 940 pci_word_test_and_set_mask(exp_cap + PCI_EXP_LNKSTA, lnksta & 941 (PCI_EXP_LNKSTA_CLS | PCI_EXP_LNKSTA_NLW)); 942 } 943 944 /************************************************************************** 945 * pci express extended capability helper functions 946 */ 947 948 /* ARI */ 949 void pcie_ari_init(PCIDevice *dev, uint16_t offset, uint16_t nextfn) 950 { 951 pcie_add_capability(dev, PCI_EXT_CAP_ID_ARI, PCI_ARI_VER, 952 offset, PCI_ARI_SIZEOF); 953 pci_set_long(dev->config + offset + PCI_ARI_CAP, (nextfn & 0xff) << 8); 954 } 955 956 void pcie_dev_ser_num_init(PCIDevice *dev, uint16_t offset, uint64_t ser_num) 957 { 958 static const int pci_dsn_ver = 1; 959 static const int pci_dsn_cap = 4; 960 961 pcie_add_capability(dev, PCI_EXT_CAP_ID_DSN, pci_dsn_ver, offset, 962 PCI_EXT_CAP_DSN_SIZEOF); 963 pci_set_quad(dev->config + offset + pci_dsn_cap, ser_num); 964 } 965 966 void pcie_ats_init(PCIDevice *dev, uint16_t offset) 967 { 968 pcie_add_capability(dev, PCI_EXT_CAP_ID_ATS, 0x1, 969 offset, PCI_EXT_CAP_ATS_SIZEOF); 970 971 dev->exp.ats_cap = offset; 972 973 /* Invalidate Queue Depth 0, Page Aligned Request 1 */ 974 pci_set_word(dev->config + offset + PCI_ATS_CAP, 975 PCI_ATS_CAP_PAGE_ALIGNED); 976 /* STU 0, Disabled by default */ 977 pci_set_word(dev->config + offset + PCI_ATS_CTRL, 0); 978 979 pci_set_word(dev->wmask + dev->exp.ats_cap + PCI_ATS_CTRL, 0x800f); 980 } 981 982 /* ACS (Access Control Services) */ 983 void pcie_acs_init(PCIDevice *dev, uint16_t offset) 984 { 985 bool is_downstream = pci_is_express_downstream_port(dev); 986 uint16_t cap_bits = 0; 987 988 /* For endpoints, only multifunction devs may have an ACS capability: */ 989 assert(is_downstream || 990 (dev->cap_present & QEMU_PCI_CAP_MULTIFUNCTION) || 991 PCI_FUNC(dev->devfn)); 992 993 pcie_add_capability(dev, PCI_EXT_CAP_ID_ACS, PCI_ACS_VER, offset, 994 PCI_ACS_SIZEOF); 995 dev->exp.acs_cap = offset; 996 997 if (is_downstream) { 998 /* 999 * Downstream ports must implement SV, TB, RR, CR, UF, and DT (with 1000 * caveats on the latter four that we ignore for simplicity). 1001 * Endpoints may also implement a subset of ACS capabilities, 1002 * but these are optional if the endpoint does not support 1003 * peer-to-peer between functions and thus omitted here. 1004 */ 1005 cap_bits = PCI_ACS_SV | PCI_ACS_TB | PCI_ACS_RR | 1006 PCI_ACS_CR | PCI_ACS_UF | PCI_ACS_DT; 1007 } 1008 1009 pci_set_word(dev->config + offset + PCI_ACS_CAP, cap_bits); 1010 pci_set_word(dev->wmask + offset + PCI_ACS_CTRL, cap_bits); 1011 } 1012 1013 void pcie_acs_reset(PCIDevice *dev) 1014 { 1015 if (dev->exp.acs_cap) { 1016 pci_set_word(dev->config + dev->exp.acs_cap + PCI_ACS_CTRL, 0); 1017 } 1018 } 1019