1 /* 2 * QEMU sPAPR PCI host originated from Uninorth PCI host 3 * 4 * Copyright (c) 2011 Alexey Kardashevskiy, IBM Corporation. 5 * Copyright (C) 2011 David Gibson, IBM Corporation. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 #include "qemu/osdep.h" 26 #include "hw/hw.h" 27 #include "hw/sysbus.h" 28 #include "hw/pci/pci.h" 29 #include "hw/pci/msi.h" 30 #include "hw/pci/msix.h" 31 #include "hw/pci/pci_host.h" 32 #include "hw/ppc/spapr.h" 33 #include "hw/pci-host/spapr.h" 34 #include "exec/address-spaces.h" 35 #include <libfdt.h> 36 #include "trace.h" 37 #include "qemu/error-report.h" 38 #include "qapi/qmp/qerror.h" 39 40 #include "hw/pci/pci_bridge.h" 41 #include "hw/pci/pci_bus.h" 42 #include "hw/ppc/spapr_drc.h" 43 #include "sysemu/device_tree.h" 44 45 #include "hw/vfio/vfio.h" 46 47 /* Copied from the kernel arch/powerpc/platforms/pseries/msi.c */ 48 #define RTAS_QUERY_FN 0 49 #define RTAS_CHANGE_FN 1 50 #define RTAS_RESET_FN 2 51 #define RTAS_CHANGE_MSI_FN 3 52 #define RTAS_CHANGE_MSIX_FN 4 53 54 /* Interrupt types to return on RTAS_CHANGE_* */ 55 #define RTAS_TYPE_MSI 1 56 #define RTAS_TYPE_MSIX 2 57 58 #define FDT_NAME_MAX 128 59 60 #define _FDT(exp) \ 61 do { \ 62 int ret = (exp); \ 63 if (ret < 0) { \ 64 return ret; \ 65 } \ 66 } while (0) 67 68 sPAPRPHBState *spapr_pci_find_phb(sPAPRMachineState *spapr, uint64_t buid) 69 { 70 sPAPRPHBState *sphb; 71 72 QLIST_FOREACH(sphb, &spapr->phbs, list) { 73 if (sphb->buid != buid) { 74 continue; 75 } 76 return sphb; 77 } 78 79 return NULL; 80 } 81 82 PCIDevice *spapr_pci_find_dev(sPAPRMachineState *spapr, uint64_t buid, 83 uint32_t config_addr) 84 { 85 sPAPRPHBState *sphb = spapr_pci_find_phb(spapr, buid); 86 PCIHostState *phb = PCI_HOST_BRIDGE(sphb); 87 int bus_num = (config_addr >> 16) & 0xFF; 88 int devfn = (config_addr >> 8) & 0xFF; 89 90 if (!phb) { 91 return NULL; 92 } 93 94 return pci_find_device(phb->bus, bus_num, devfn); 95 } 96 97 static uint32_t rtas_pci_cfgaddr(uint32_t arg) 98 { 99 /* This handles the encoding of extended config space addresses */ 100 return ((arg >> 20) & 0xf00) | (arg & 0xff); 101 } 102 103 static void finish_read_pci_config(sPAPRMachineState *spapr, uint64_t buid, 104 uint32_t addr, uint32_t size, 105 target_ulong rets) 106 { 107 PCIDevice *pci_dev; 108 uint32_t val; 109 110 if ((size != 1) && (size != 2) && (size != 4)) { 111 /* access must be 1, 2 or 4 bytes */ 112 rtas_st(rets, 0, RTAS_OUT_HW_ERROR); 113 return; 114 } 115 116 pci_dev = spapr_pci_find_dev(spapr, buid, addr); 117 addr = rtas_pci_cfgaddr(addr); 118 119 if (!pci_dev || (addr % size) || (addr >= pci_config_size(pci_dev))) { 120 /* Access must be to a valid device, within bounds and 121 * naturally aligned */ 122 rtas_st(rets, 0, RTAS_OUT_HW_ERROR); 123 return; 124 } 125 126 val = pci_host_config_read_common(pci_dev, addr, 127 pci_config_size(pci_dev), size); 128 129 rtas_st(rets, 0, RTAS_OUT_SUCCESS); 130 rtas_st(rets, 1, val); 131 } 132 133 static void rtas_ibm_read_pci_config(PowerPCCPU *cpu, sPAPRMachineState *spapr, 134 uint32_t token, uint32_t nargs, 135 target_ulong args, 136 uint32_t nret, target_ulong rets) 137 { 138 uint64_t buid; 139 uint32_t size, addr; 140 141 if ((nargs != 4) || (nret != 2)) { 142 rtas_st(rets, 0, RTAS_OUT_HW_ERROR); 143 return; 144 } 145 146 buid = rtas_ldq(args, 1); 147 size = rtas_ld(args, 3); 148 addr = rtas_ld(args, 0); 149 150 finish_read_pci_config(spapr, buid, addr, size, rets); 151 } 152 153 static void rtas_read_pci_config(PowerPCCPU *cpu, sPAPRMachineState *spapr, 154 uint32_t token, uint32_t nargs, 155 target_ulong args, 156 uint32_t nret, target_ulong rets) 157 { 158 uint32_t size, addr; 159 160 if ((nargs != 2) || (nret != 2)) { 161 rtas_st(rets, 0, RTAS_OUT_HW_ERROR); 162 return; 163 } 164 165 size = rtas_ld(args, 1); 166 addr = rtas_ld(args, 0); 167 168 finish_read_pci_config(spapr, 0, addr, size, rets); 169 } 170 171 static void finish_write_pci_config(sPAPRMachineState *spapr, uint64_t buid, 172 uint32_t addr, uint32_t size, 173 uint32_t val, target_ulong rets) 174 { 175 PCIDevice *pci_dev; 176 177 if ((size != 1) && (size != 2) && (size != 4)) { 178 /* access must be 1, 2 or 4 bytes */ 179 rtas_st(rets, 0, RTAS_OUT_HW_ERROR); 180 return; 181 } 182 183 pci_dev = spapr_pci_find_dev(spapr, buid, addr); 184 addr = rtas_pci_cfgaddr(addr); 185 186 if (!pci_dev || (addr % size) || (addr >= pci_config_size(pci_dev))) { 187 /* Access must be to a valid device, within bounds and 188 * naturally aligned */ 189 rtas_st(rets, 0, RTAS_OUT_HW_ERROR); 190 return; 191 } 192 193 pci_host_config_write_common(pci_dev, addr, pci_config_size(pci_dev), 194 val, size); 195 196 rtas_st(rets, 0, RTAS_OUT_SUCCESS); 197 } 198 199 static void rtas_ibm_write_pci_config(PowerPCCPU *cpu, sPAPRMachineState *spapr, 200 uint32_t token, uint32_t nargs, 201 target_ulong args, 202 uint32_t nret, target_ulong rets) 203 { 204 uint64_t buid; 205 uint32_t val, size, addr; 206 207 if ((nargs != 5) || (nret != 1)) { 208 rtas_st(rets, 0, RTAS_OUT_HW_ERROR); 209 return; 210 } 211 212 buid = rtas_ldq(args, 1); 213 val = rtas_ld(args, 4); 214 size = rtas_ld(args, 3); 215 addr = rtas_ld(args, 0); 216 217 finish_write_pci_config(spapr, buid, addr, size, val, rets); 218 } 219 220 static void rtas_write_pci_config(PowerPCCPU *cpu, sPAPRMachineState *spapr, 221 uint32_t token, uint32_t nargs, 222 target_ulong args, 223 uint32_t nret, target_ulong rets) 224 { 225 uint32_t val, size, addr; 226 227 if ((nargs != 3) || (nret != 1)) { 228 rtas_st(rets, 0, RTAS_OUT_HW_ERROR); 229 return; 230 } 231 232 233 val = rtas_ld(args, 2); 234 size = rtas_ld(args, 1); 235 addr = rtas_ld(args, 0); 236 237 finish_write_pci_config(spapr, 0, addr, size, val, rets); 238 } 239 240 /* 241 * Set MSI/MSIX message data. 242 * This is required for msi_notify()/msix_notify() which 243 * will write at the addresses via spapr_msi_write(). 244 * 245 * If hwaddr == 0, all entries will have .data == first_irq i.e. 246 * table will be reset. 247 */ 248 static void spapr_msi_setmsg(PCIDevice *pdev, hwaddr addr, bool msix, 249 unsigned first_irq, unsigned req_num) 250 { 251 unsigned i; 252 MSIMessage msg = { .address = addr, .data = first_irq }; 253 254 if (!msix) { 255 msi_set_message(pdev, msg); 256 trace_spapr_pci_msi_setup(pdev->name, 0, msg.address); 257 return; 258 } 259 260 for (i = 0; i < req_num; ++i) { 261 msix_set_message(pdev, i, msg); 262 trace_spapr_pci_msi_setup(pdev->name, i, msg.address); 263 if (addr) { 264 ++msg.data; 265 } 266 } 267 } 268 269 static void rtas_ibm_change_msi(PowerPCCPU *cpu, sPAPRMachineState *spapr, 270 uint32_t token, uint32_t nargs, 271 target_ulong args, uint32_t nret, 272 target_ulong rets) 273 { 274 uint32_t config_addr = rtas_ld(args, 0); 275 uint64_t buid = rtas_ldq(args, 1); 276 unsigned int func = rtas_ld(args, 3); 277 unsigned int req_num = rtas_ld(args, 4); /* 0 == remove all */ 278 unsigned int seq_num = rtas_ld(args, 5); 279 unsigned int ret_intr_type; 280 unsigned int irq, max_irqs = 0; 281 sPAPRPHBState *phb = NULL; 282 PCIDevice *pdev = NULL; 283 spapr_pci_msi *msi; 284 int *config_addr_key; 285 Error *err = NULL; 286 287 switch (func) { 288 case RTAS_CHANGE_MSI_FN: 289 case RTAS_CHANGE_FN: 290 ret_intr_type = RTAS_TYPE_MSI; 291 break; 292 case RTAS_CHANGE_MSIX_FN: 293 ret_intr_type = RTAS_TYPE_MSIX; 294 break; 295 default: 296 error_report("rtas_ibm_change_msi(%u) is not implemented", func); 297 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); 298 return; 299 } 300 301 /* Fins sPAPRPHBState */ 302 phb = spapr_pci_find_phb(spapr, buid); 303 if (phb) { 304 pdev = spapr_pci_find_dev(spapr, buid, config_addr); 305 } 306 if (!phb || !pdev) { 307 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); 308 return; 309 } 310 311 msi = (spapr_pci_msi *) g_hash_table_lookup(phb->msi, &config_addr); 312 313 /* Releasing MSIs */ 314 if (!req_num) { 315 if (!msi) { 316 trace_spapr_pci_msi("Releasing wrong config", config_addr); 317 rtas_st(rets, 0, RTAS_OUT_HW_ERROR); 318 return; 319 } 320 321 xics_free(spapr->icp, msi->first_irq, msi->num); 322 if (msi_present(pdev)) { 323 spapr_msi_setmsg(pdev, 0, false, 0, 0); 324 } 325 if (msix_present(pdev)) { 326 spapr_msi_setmsg(pdev, 0, true, 0, 0); 327 } 328 g_hash_table_remove(phb->msi, &config_addr); 329 330 trace_spapr_pci_msi("Released MSIs", config_addr); 331 rtas_st(rets, 0, RTAS_OUT_SUCCESS); 332 rtas_st(rets, 1, 0); 333 return; 334 } 335 336 /* Enabling MSI */ 337 338 /* Check if the device supports as many IRQs as requested */ 339 if (ret_intr_type == RTAS_TYPE_MSI) { 340 max_irqs = msi_nr_vectors_allocated(pdev); 341 } else if (ret_intr_type == RTAS_TYPE_MSIX) { 342 max_irqs = pdev->msix_entries_nr; 343 } 344 if (!max_irqs) { 345 error_report("Requested interrupt type %d is not enabled for device %x", 346 ret_intr_type, config_addr); 347 rtas_st(rets, 0, -1); /* Hardware error */ 348 return; 349 } 350 /* Correct the number if the guest asked for too many */ 351 if (req_num > max_irqs) { 352 trace_spapr_pci_msi_retry(config_addr, req_num, max_irqs); 353 req_num = max_irqs; 354 irq = 0; /* to avoid misleading trace */ 355 goto out; 356 } 357 358 /* Allocate MSIs */ 359 irq = xics_alloc_block(spapr->icp, 0, req_num, false, 360 ret_intr_type == RTAS_TYPE_MSI, &err); 361 if (err) { 362 error_reportf_err(err, "Can't allocate MSIs for device %x: ", 363 config_addr); 364 rtas_st(rets, 0, RTAS_OUT_HW_ERROR); 365 return; 366 } 367 368 /* Release previous MSIs */ 369 if (msi) { 370 xics_free(spapr->icp, msi->first_irq, msi->num); 371 g_hash_table_remove(phb->msi, &config_addr); 372 } 373 374 /* Setup MSI/MSIX vectors in the device (via cfgspace or MSIX BAR) */ 375 spapr_msi_setmsg(pdev, SPAPR_PCI_MSI_WINDOW, ret_intr_type == RTAS_TYPE_MSIX, 376 irq, req_num); 377 378 /* Add MSI device to cache */ 379 msi = g_new(spapr_pci_msi, 1); 380 msi->first_irq = irq; 381 msi->num = req_num; 382 config_addr_key = g_new(int, 1); 383 *config_addr_key = config_addr; 384 g_hash_table_insert(phb->msi, config_addr_key, msi); 385 386 out: 387 rtas_st(rets, 0, RTAS_OUT_SUCCESS); 388 rtas_st(rets, 1, req_num); 389 rtas_st(rets, 2, ++seq_num); 390 if (nret > 3) { 391 rtas_st(rets, 3, ret_intr_type); 392 } 393 394 trace_spapr_pci_rtas_ibm_change_msi(config_addr, func, req_num, irq); 395 } 396 397 static void rtas_ibm_query_interrupt_source_number(PowerPCCPU *cpu, 398 sPAPRMachineState *spapr, 399 uint32_t token, 400 uint32_t nargs, 401 target_ulong args, 402 uint32_t nret, 403 target_ulong rets) 404 { 405 uint32_t config_addr = rtas_ld(args, 0); 406 uint64_t buid = rtas_ldq(args, 1); 407 unsigned int intr_src_num = -1, ioa_intr_num = rtas_ld(args, 3); 408 sPAPRPHBState *phb = NULL; 409 PCIDevice *pdev = NULL; 410 spapr_pci_msi *msi; 411 412 /* Find sPAPRPHBState */ 413 phb = spapr_pci_find_phb(spapr, buid); 414 if (phb) { 415 pdev = spapr_pci_find_dev(spapr, buid, config_addr); 416 } 417 if (!phb || !pdev) { 418 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); 419 return; 420 } 421 422 /* Find device descriptor and start IRQ */ 423 msi = (spapr_pci_msi *) g_hash_table_lookup(phb->msi, &config_addr); 424 if (!msi || !msi->first_irq || !msi->num || (ioa_intr_num >= msi->num)) { 425 trace_spapr_pci_msi("Failed to return vector", config_addr); 426 rtas_st(rets, 0, RTAS_OUT_HW_ERROR); 427 return; 428 } 429 intr_src_num = msi->first_irq + ioa_intr_num; 430 trace_spapr_pci_rtas_ibm_query_interrupt_source_number(ioa_intr_num, 431 intr_src_num); 432 433 rtas_st(rets, 0, RTAS_OUT_SUCCESS); 434 rtas_st(rets, 1, intr_src_num); 435 rtas_st(rets, 2, 1);/* 0 == level; 1 == edge */ 436 } 437 438 static void rtas_ibm_set_eeh_option(PowerPCCPU *cpu, 439 sPAPRMachineState *spapr, 440 uint32_t token, uint32_t nargs, 441 target_ulong args, uint32_t nret, 442 target_ulong rets) 443 { 444 sPAPRPHBState *sphb; 445 uint32_t addr, option; 446 uint64_t buid; 447 int ret; 448 449 if ((nargs != 4) || (nret != 1)) { 450 goto param_error_exit; 451 } 452 453 buid = rtas_ldq(args, 1); 454 addr = rtas_ld(args, 0); 455 option = rtas_ld(args, 3); 456 457 sphb = spapr_pci_find_phb(spapr, buid); 458 if (!sphb) { 459 goto param_error_exit; 460 } 461 462 if (!spapr_phb_eeh_available(sphb)) { 463 goto param_error_exit; 464 } 465 466 ret = spapr_phb_vfio_eeh_set_option(sphb, addr, option); 467 rtas_st(rets, 0, ret); 468 return; 469 470 param_error_exit: 471 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); 472 } 473 474 static void rtas_ibm_get_config_addr_info2(PowerPCCPU *cpu, 475 sPAPRMachineState *spapr, 476 uint32_t token, uint32_t nargs, 477 target_ulong args, uint32_t nret, 478 target_ulong rets) 479 { 480 sPAPRPHBState *sphb; 481 PCIDevice *pdev; 482 uint32_t addr, option; 483 uint64_t buid; 484 485 if ((nargs != 4) || (nret != 2)) { 486 goto param_error_exit; 487 } 488 489 buid = rtas_ldq(args, 1); 490 sphb = spapr_pci_find_phb(spapr, buid); 491 if (!sphb) { 492 goto param_error_exit; 493 } 494 495 if (!spapr_phb_eeh_available(sphb)) { 496 goto param_error_exit; 497 } 498 499 /* 500 * We always have PE address of form "00BB0001". "BB" 501 * represents the bus number of PE's primary bus. 502 */ 503 option = rtas_ld(args, 3); 504 switch (option) { 505 case RTAS_GET_PE_ADDR: 506 addr = rtas_ld(args, 0); 507 pdev = spapr_pci_find_dev(spapr, buid, addr); 508 if (!pdev) { 509 goto param_error_exit; 510 } 511 512 rtas_st(rets, 1, (pci_bus_num(pdev->bus) << 16) + 1); 513 break; 514 case RTAS_GET_PE_MODE: 515 rtas_st(rets, 1, RTAS_PE_MODE_SHARED); 516 break; 517 default: 518 goto param_error_exit; 519 } 520 521 rtas_st(rets, 0, RTAS_OUT_SUCCESS); 522 return; 523 524 param_error_exit: 525 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); 526 } 527 528 static void rtas_ibm_read_slot_reset_state2(PowerPCCPU *cpu, 529 sPAPRMachineState *spapr, 530 uint32_t token, uint32_t nargs, 531 target_ulong args, uint32_t nret, 532 target_ulong rets) 533 { 534 sPAPRPHBState *sphb; 535 uint64_t buid; 536 int state, ret; 537 538 if ((nargs != 3) || (nret != 4 && nret != 5)) { 539 goto param_error_exit; 540 } 541 542 buid = rtas_ldq(args, 1); 543 sphb = spapr_pci_find_phb(spapr, buid); 544 if (!sphb) { 545 goto param_error_exit; 546 } 547 548 if (!spapr_phb_eeh_available(sphb)) { 549 goto param_error_exit; 550 } 551 552 ret = spapr_phb_vfio_eeh_get_state(sphb, &state); 553 rtas_st(rets, 0, ret); 554 if (ret != RTAS_OUT_SUCCESS) { 555 return; 556 } 557 558 rtas_st(rets, 1, state); 559 rtas_st(rets, 2, RTAS_EEH_SUPPORT); 560 rtas_st(rets, 3, RTAS_EEH_PE_UNAVAIL_INFO); 561 if (nret >= 5) { 562 rtas_st(rets, 4, RTAS_EEH_PE_RECOVER_INFO); 563 } 564 return; 565 566 param_error_exit: 567 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); 568 } 569 570 static void rtas_ibm_set_slot_reset(PowerPCCPU *cpu, 571 sPAPRMachineState *spapr, 572 uint32_t token, uint32_t nargs, 573 target_ulong args, uint32_t nret, 574 target_ulong rets) 575 { 576 sPAPRPHBState *sphb; 577 uint32_t option; 578 uint64_t buid; 579 int ret; 580 581 if ((nargs != 4) || (nret != 1)) { 582 goto param_error_exit; 583 } 584 585 buid = rtas_ldq(args, 1); 586 option = rtas_ld(args, 3); 587 sphb = spapr_pci_find_phb(spapr, buid); 588 if (!sphb) { 589 goto param_error_exit; 590 } 591 592 if (!spapr_phb_eeh_available(sphb)) { 593 goto param_error_exit; 594 } 595 596 ret = spapr_phb_vfio_eeh_reset(sphb, option); 597 rtas_st(rets, 0, ret); 598 return; 599 600 param_error_exit: 601 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); 602 } 603 604 static void rtas_ibm_configure_pe(PowerPCCPU *cpu, 605 sPAPRMachineState *spapr, 606 uint32_t token, uint32_t nargs, 607 target_ulong args, uint32_t nret, 608 target_ulong rets) 609 { 610 sPAPRPHBState *sphb; 611 uint64_t buid; 612 int ret; 613 614 if ((nargs != 3) || (nret != 1)) { 615 goto param_error_exit; 616 } 617 618 buid = rtas_ldq(args, 1); 619 sphb = spapr_pci_find_phb(spapr, buid); 620 if (!sphb) { 621 goto param_error_exit; 622 } 623 624 if (!spapr_phb_eeh_available(sphb)) { 625 goto param_error_exit; 626 } 627 628 ret = spapr_phb_vfio_eeh_configure(sphb); 629 rtas_st(rets, 0, ret); 630 return; 631 632 param_error_exit: 633 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); 634 } 635 636 /* To support it later */ 637 static void rtas_ibm_slot_error_detail(PowerPCCPU *cpu, 638 sPAPRMachineState *spapr, 639 uint32_t token, uint32_t nargs, 640 target_ulong args, uint32_t nret, 641 target_ulong rets) 642 { 643 sPAPRPHBState *sphb; 644 int option; 645 uint64_t buid; 646 647 if ((nargs != 8) || (nret != 1)) { 648 goto param_error_exit; 649 } 650 651 buid = rtas_ldq(args, 1); 652 sphb = spapr_pci_find_phb(spapr, buid); 653 if (!sphb) { 654 goto param_error_exit; 655 } 656 657 if (!spapr_phb_eeh_available(sphb)) { 658 goto param_error_exit; 659 } 660 661 option = rtas_ld(args, 7); 662 switch (option) { 663 case RTAS_SLOT_TEMP_ERR_LOG: 664 case RTAS_SLOT_PERM_ERR_LOG: 665 break; 666 default: 667 goto param_error_exit; 668 } 669 670 /* We don't have error log yet */ 671 rtas_st(rets, 0, RTAS_OUT_NO_ERRORS_FOUND); 672 return; 673 674 param_error_exit: 675 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR); 676 } 677 678 static int pci_spapr_swizzle(int slot, int pin) 679 { 680 return (slot + pin) % PCI_NUM_PINS; 681 } 682 683 static int pci_spapr_map_irq(PCIDevice *pci_dev, int irq_num) 684 { 685 /* 686 * Here we need to convert pci_dev + irq_num to some unique value 687 * which is less than number of IRQs on the specific bus (4). We 688 * use standard PCI swizzling, that is (slot number + pin number) 689 * % 4. 690 */ 691 return pci_spapr_swizzle(PCI_SLOT(pci_dev->devfn), irq_num); 692 } 693 694 static void pci_spapr_set_irq(void *opaque, int irq_num, int level) 695 { 696 /* 697 * Here we use the number returned by pci_spapr_map_irq to find a 698 * corresponding qemu_irq. 699 */ 700 sPAPRPHBState *phb = opaque; 701 702 trace_spapr_pci_lsi_set(phb->dtbusname, irq_num, phb->lsi_table[irq_num].irq); 703 qemu_set_irq(spapr_phb_lsi_qirq(phb, irq_num), level); 704 } 705 706 static PCIINTxRoute spapr_route_intx_pin_to_irq(void *opaque, int pin) 707 { 708 sPAPRPHBState *sphb = SPAPR_PCI_HOST_BRIDGE(opaque); 709 PCIINTxRoute route; 710 711 route.mode = PCI_INTX_ENABLED; 712 route.irq = sphb->lsi_table[pin].irq; 713 714 return route; 715 } 716 717 /* 718 * MSI/MSIX memory region implementation. 719 * The handler handles both MSI and MSIX. 720 * For MSI-X, the vector number is encoded as a part of the address, 721 * data is set to 0. 722 * For MSI, the vector number is encoded in least bits in data. 723 */ 724 static void spapr_msi_write(void *opaque, hwaddr addr, 725 uint64_t data, unsigned size) 726 { 727 sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine()); 728 uint32_t irq = data; 729 730 trace_spapr_pci_msi_write(addr, data, irq); 731 732 qemu_irq_pulse(xics_get_qirq(spapr->icp, irq)); 733 } 734 735 static const MemoryRegionOps spapr_msi_ops = { 736 /* There is no .read as the read result is undefined by PCI spec */ 737 .read = NULL, 738 .write = spapr_msi_write, 739 .endianness = DEVICE_LITTLE_ENDIAN 740 }; 741 742 /* 743 * PHB PCI device 744 */ 745 static AddressSpace *spapr_pci_dma_iommu(PCIBus *bus, void *opaque, int devfn) 746 { 747 sPAPRPHBState *phb = opaque; 748 749 return &phb->iommu_as; 750 } 751 752 static char *spapr_phb_vfio_get_loc_code(sPAPRPHBState *sphb, PCIDevice *pdev) 753 { 754 char *path = NULL, *buf = NULL, *host = NULL; 755 756 /* Get the PCI VFIO host id */ 757 host = object_property_get_str(OBJECT(pdev), "host", NULL); 758 if (!host) { 759 goto err_out; 760 } 761 762 /* Construct the path of the file that will give us the DT location */ 763 path = g_strdup_printf("/sys/bus/pci/devices/%s/devspec", host); 764 g_free(host); 765 if (!path || !g_file_get_contents(path, &buf, NULL, NULL)) { 766 goto err_out; 767 } 768 g_free(path); 769 770 /* Construct and read from host device tree the loc-code */ 771 path = g_strdup_printf("/proc/device-tree%s/ibm,loc-code", buf); 772 g_free(buf); 773 if (!path || !g_file_get_contents(path, &buf, NULL, NULL)) { 774 goto err_out; 775 } 776 return buf; 777 778 err_out: 779 g_free(path); 780 return NULL; 781 } 782 783 static char *spapr_phb_get_loc_code(sPAPRPHBState *sphb, PCIDevice *pdev) 784 { 785 char *buf; 786 const char *devtype = "qemu"; 787 uint32_t busnr = pci_bus_num(PCI_BUS(qdev_get_parent_bus(DEVICE(pdev)))); 788 789 if (object_dynamic_cast(OBJECT(pdev), "vfio-pci")) { 790 buf = spapr_phb_vfio_get_loc_code(sphb, pdev); 791 if (buf) { 792 return buf; 793 } 794 devtype = "vfio"; 795 } 796 /* 797 * For emulated devices and VFIO-failure case, make up 798 * the loc-code. 799 */ 800 buf = g_strdup_printf("%s_%s:%04x:%02x:%02x.%x", 801 devtype, pdev->name, sphb->index, busnr, 802 PCI_SLOT(pdev->devfn), PCI_FUNC(pdev->devfn)); 803 return buf; 804 } 805 806 /* Macros to operate with address in OF binding to PCI */ 807 #define b_x(x, p, l) (((x) & ((1<<(l))-1)) << (p)) 808 #define b_n(x) b_x((x), 31, 1) /* 0 if relocatable */ 809 #define b_p(x) b_x((x), 30, 1) /* 1 if prefetchable */ 810 #define b_t(x) b_x((x), 29, 1) /* 1 if the address is aliased */ 811 #define b_ss(x) b_x((x), 24, 2) /* the space code */ 812 #define b_bbbbbbbb(x) b_x((x), 16, 8) /* bus number */ 813 #define b_ddddd(x) b_x((x), 11, 5) /* device number */ 814 #define b_fff(x) b_x((x), 8, 3) /* function number */ 815 #define b_rrrrrrrr(x) b_x((x), 0, 8) /* register number */ 816 817 /* for 'reg'/'assigned-addresses' OF properties */ 818 #define RESOURCE_CELLS_SIZE 2 819 #define RESOURCE_CELLS_ADDRESS 3 820 821 typedef struct ResourceFields { 822 uint32_t phys_hi; 823 uint32_t phys_mid; 824 uint32_t phys_lo; 825 uint32_t size_hi; 826 uint32_t size_lo; 827 } QEMU_PACKED ResourceFields; 828 829 typedef struct ResourceProps { 830 ResourceFields reg[8]; 831 ResourceFields assigned[7]; 832 uint32_t reg_len; 833 uint32_t assigned_len; 834 } ResourceProps; 835 836 /* fill in the 'reg'/'assigned-resources' OF properties for 837 * a PCI device. 'reg' describes resource requirements for a 838 * device's IO/MEM regions, 'assigned-addresses' describes the 839 * actual resource assignments. 840 * 841 * the properties are arrays of ('phys-addr', 'size') pairs describing 842 * the addressable regions of the PCI device, where 'phys-addr' is a 843 * RESOURCE_CELLS_ADDRESS-tuple of 32-bit integers corresponding to 844 * (phys.hi, phys.mid, phys.lo), and 'size' is a 845 * RESOURCE_CELLS_SIZE-tuple corresponding to (size.hi, size.lo). 846 * 847 * phys.hi = 0xYYXXXXZZ, where: 848 * 0xYY = npt000ss 849 * ||| | 850 * ||| +-- space code 851 * ||| | 852 * ||| + 00 if configuration space 853 * ||| + 01 if IO region, 854 * ||| + 10 if 32-bit MEM region 855 * ||| + 11 if 64-bit MEM region 856 * ||| 857 * ||+------ for non-relocatable IO: 1 if aliased 858 * || for relocatable IO: 1 if below 64KB 859 * || for MEM: 1 if below 1MB 860 * |+------- 1 if region is prefetchable 861 * +-------- 1 if region is non-relocatable 862 * 0xXXXX = bbbbbbbb dddddfff, encoding bus, slot, and function 863 * bits respectively 864 * 0xZZ = rrrrrrrr, the register number of the BAR corresponding 865 * to the region 866 * 867 * phys.mid and phys.lo correspond respectively to the hi/lo portions 868 * of the actual address of the region. 869 * 870 * how the phys-addr/size values are used differ slightly between 871 * 'reg' and 'assigned-addresses' properties. namely, 'reg' has 872 * an additional description for the config space region of the 873 * device, and in the case of QEMU has n=0 and phys.mid=phys.lo=0 874 * to describe the region as relocatable, with an address-mapping 875 * that corresponds directly to the PHB's address space for the 876 * resource. 'assigned-addresses' always has n=1 set with an absolute 877 * address assigned for the resource. in general, 'assigned-addresses' 878 * won't be populated, since addresses for PCI devices are generally 879 * unmapped initially and left to the guest to assign. 880 * 881 * note also that addresses defined in these properties are, at least 882 * for PAPR guests, relative to the PHBs IO/MEM windows, and 883 * correspond directly to the addresses in the BARs. 884 * 885 * in accordance with PCI Bus Binding to Open Firmware, 886 * IEEE Std 1275-1994, section 4.1.1, as implemented by PAPR+ v2.7, 887 * Appendix C. 888 */ 889 static void populate_resource_props(PCIDevice *d, ResourceProps *rp) 890 { 891 int bus_num = pci_bus_num(PCI_BUS(qdev_get_parent_bus(DEVICE(d)))); 892 uint32_t dev_id = (b_bbbbbbbb(bus_num) | 893 b_ddddd(PCI_SLOT(d->devfn)) | 894 b_fff(PCI_FUNC(d->devfn))); 895 ResourceFields *reg, *assigned; 896 int i, reg_idx = 0, assigned_idx = 0; 897 898 /* config space region */ 899 reg = &rp->reg[reg_idx++]; 900 reg->phys_hi = cpu_to_be32(dev_id); 901 reg->phys_mid = 0; 902 reg->phys_lo = 0; 903 reg->size_hi = 0; 904 reg->size_lo = 0; 905 906 for (i = 0; i < PCI_NUM_REGIONS; i++) { 907 if (!d->io_regions[i].size) { 908 continue; 909 } 910 911 reg = &rp->reg[reg_idx++]; 912 913 reg->phys_hi = cpu_to_be32(dev_id | b_rrrrrrrr(pci_bar(d, i))); 914 if (d->io_regions[i].type & PCI_BASE_ADDRESS_SPACE_IO) { 915 reg->phys_hi |= cpu_to_be32(b_ss(1)); 916 } else if (d->io_regions[i].type & PCI_BASE_ADDRESS_MEM_TYPE_64) { 917 reg->phys_hi |= cpu_to_be32(b_ss(3)); 918 } else { 919 reg->phys_hi |= cpu_to_be32(b_ss(2)); 920 } 921 reg->phys_mid = 0; 922 reg->phys_lo = 0; 923 reg->size_hi = cpu_to_be32(d->io_regions[i].size >> 32); 924 reg->size_lo = cpu_to_be32(d->io_regions[i].size); 925 926 if (d->io_regions[i].addr == PCI_BAR_UNMAPPED) { 927 continue; 928 } 929 930 assigned = &rp->assigned[assigned_idx++]; 931 assigned->phys_hi = cpu_to_be32(reg->phys_hi | b_n(1)); 932 assigned->phys_mid = cpu_to_be32(d->io_regions[i].addr >> 32); 933 assigned->phys_lo = cpu_to_be32(d->io_regions[i].addr); 934 assigned->size_hi = reg->size_hi; 935 assigned->size_lo = reg->size_lo; 936 } 937 938 rp->reg_len = reg_idx * sizeof(ResourceFields); 939 rp->assigned_len = assigned_idx * sizeof(ResourceFields); 940 } 941 942 static uint32_t spapr_phb_get_pci_drc_index(sPAPRPHBState *phb, 943 PCIDevice *pdev); 944 945 static int spapr_populate_pci_child_dt(PCIDevice *dev, void *fdt, int offset, 946 sPAPRPHBState *sphb) 947 { 948 ResourceProps rp; 949 bool is_bridge = false; 950 int pci_status, err; 951 char *buf = NULL; 952 uint32_t drc_index = spapr_phb_get_pci_drc_index(sphb, dev); 953 uint32_t max_msi, max_msix; 954 955 if (pci_default_read_config(dev, PCI_HEADER_TYPE, 1) == 956 PCI_HEADER_TYPE_BRIDGE) { 957 is_bridge = true; 958 } 959 960 /* in accordance with PAPR+ v2.7 13.6.3, Table 181 */ 961 _FDT(fdt_setprop_cell(fdt, offset, "vendor-id", 962 pci_default_read_config(dev, PCI_VENDOR_ID, 2))); 963 _FDT(fdt_setprop_cell(fdt, offset, "device-id", 964 pci_default_read_config(dev, PCI_DEVICE_ID, 2))); 965 _FDT(fdt_setprop_cell(fdt, offset, "revision-id", 966 pci_default_read_config(dev, PCI_REVISION_ID, 1))); 967 _FDT(fdt_setprop_cell(fdt, offset, "class-code", 968 pci_default_read_config(dev, PCI_CLASS_PROG, 3))); 969 if (pci_default_read_config(dev, PCI_INTERRUPT_PIN, 1)) { 970 _FDT(fdt_setprop_cell(fdt, offset, "interrupts", 971 pci_default_read_config(dev, PCI_INTERRUPT_PIN, 1))); 972 } 973 974 if (!is_bridge) { 975 _FDT(fdt_setprop_cell(fdt, offset, "min-grant", 976 pci_default_read_config(dev, PCI_MIN_GNT, 1))); 977 _FDT(fdt_setprop_cell(fdt, offset, "max-latency", 978 pci_default_read_config(dev, PCI_MAX_LAT, 1))); 979 } 980 981 if (pci_default_read_config(dev, PCI_SUBSYSTEM_ID, 2)) { 982 _FDT(fdt_setprop_cell(fdt, offset, "subsystem-id", 983 pci_default_read_config(dev, PCI_SUBSYSTEM_ID, 2))); 984 } 985 986 if (pci_default_read_config(dev, PCI_SUBSYSTEM_VENDOR_ID, 2)) { 987 _FDT(fdt_setprop_cell(fdt, offset, "subsystem-vendor-id", 988 pci_default_read_config(dev, PCI_SUBSYSTEM_VENDOR_ID, 2))); 989 } 990 991 _FDT(fdt_setprop_cell(fdt, offset, "cache-line-size", 992 pci_default_read_config(dev, PCI_CACHE_LINE_SIZE, 1))); 993 994 /* the following fdt cells are masked off the pci status register */ 995 pci_status = pci_default_read_config(dev, PCI_STATUS, 2); 996 _FDT(fdt_setprop_cell(fdt, offset, "devsel-speed", 997 PCI_STATUS_DEVSEL_MASK & pci_status)); 998 999 if (pci_status & PCI_STATUS_FAST_BACK) { 1000 _FDT(fdt_setprop(fdt, offset, "fast-back-to-back", NULL, 0)); 1001 } 1002 if (pci_status & PCI_STATUS_66MHZ) { 1003 _FDT(fdt_setprop(fdt, offset, "66mhz-capable", NULL, 0)); 1004 } 1005 if (pci_status & PCI_STATUS_UDF) { 1006 _FDT(fdt_setprop(fdt, offset, "udf-supported", NULL, 0)); 1007 } 1008 1009 /* NOTE: this is normally generated by firmware via path/unit name, 1010 * but in our case we must set it manually since it does not get 1011 * processed by OF beforehand 1012 */ 1013 _FDT(fdt_setprop_string(fdt, offset, "name", "pci")); 1014 buf = spapr_phb_get_loc_code(sphb, dev); 1015 if (!buf) { 1016 error_report("Failed setting the ibm,loc-code"); 1017 return -1; 1018 } 1019 1020 err = fdt_setprop_string(fdt, offset, "ibm,loc-code", buf); 1021 g_free(buf); 1022 if (err < 0) { 1023 return err; 1024 } 1025 1026 if (drc_index) { 1027 _FDT(fdt_setprop_cell(fdt, offset, "ibm,my-drc-index", drc_index)); 1028 } 1029 1030 _FDT(fdt_setprop_cell(fdt, offset, "#address-cells", 1031 RESOURCE_CELLS_ADDRESS)); 1032 _FDT(fdt_setprop_cell(fdt, offset, "#size-cells", 1033 RESOURCE_CELLS_SIZE)); 1034 1035 max_msi = msi_nr_vectors_allocated(dev); 1036 if (max_msi) { 1037 _FDT(fdt_setprop_cell(fdt, offset, "ibm,req#msi", max_msi)); 1038 } 1039 max_msix = dev->msix_entries_nr; 1040 if (max_msix) { 1041 _FDT(fdt_setprop_cell(fdt, offset, "ibm,req#msi-x", max_msix)); 1042 } 1043 1044 populate_resource_props(dev, &rp); 1045 _FDT(fdt_setprop(fdt, offset, "reg", (uint8_t *)rp.reg, rp.reg_len)); 1046 _FDT(fdt_setprop(fdt, offset, "assigned-addresses", 1047 (uint8_t *)rp.assigned, rp.assigned_len)); 1048 1049 return 0; 1050 } 1051 1052 /* create OF node for pci device and required OF DT properties */ 1053 static int spapr_create_pci_child_dt(sPAPRPHBState *phb, PCIDevice *dev, 1054 void *fdt, int node_offset) 1055 { 1056 int offset, ret; 1057 int slot = PCI_SLOT(dev->devfn); 1058 int func = PCI_FUNC(dev->devfn); 1059 char nodename[FDT_NAME_MAX]; 1060 1061 if (func != 0) { 1062 snprintf(nodename, FDT_NAME_MAX, "pci@%x,%x", slot, func); 1063 } else { 1064 snprintf(nodename, FDT_NAME_MAX, "pci@%x", slot); 1065 } 1066 offset = fdt_add_subnode(fdt, node_offset, nodename); 1067 ret = spapr_populate_pci_child_dt(dev, fdt, offset, phb); 1068 1069 g_assert(!ret); 1070 if (ret) { 1071 return 0; 1072 } 1073 return offset; 1074 } 1075 1076 static void spapr_phb_add_pci_device(sPAPRDRConnector *drc, 1077 sPAPRPHBState *phb, 1078 PCIDevice *pdev, 1079 Error **errp) 1080 { 1081 sPAPRDRConnectorClass *drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc); 1082 DeviceState *dev = DEVICE(pdev); 1083 void *fdt = NULL; 1084 int fdt_start_offset = 0, fdt_size; 1085 1086 if (object_dynamic_cast(OBJECT(pdev), "vfio-pci")) { 1087 sPAPRTCETable *tcet = spapr_tce_find_by_liobn(phb->dma_liobn); 1088 1089 spapr_tce_set_need_vfio(tcet, true); 1090 } 1091 1092 if (dev->hotplugged) { 1093 fdt = create_device_tree(&fdt_size); 1094 fdt_start_offset = spapr_create_pci_child_dt(phb, pdev, fdt, 0); 1095 if (!fdt_start_offset) { 1096 error_setg(errp, "Failed to create pci child device tree node"); 1097 goto out; 1098 } 1099 } 1100 1101 drck->attach(drc, DEVICE(pdev), 1102 fdt, fdt_start_offset, !dev->hotplugged, errp); 1103 out: 1104 if (*errp) { 1105 g_free(fdt); 1106 } 1107 } 1108 1109 static void spapr_phb_remove_pci_device_cb(DeviceState *dev, void *opaque) 1110 { 1111 /* some version guests do not wait for completion of a device 1112 * cleanup (generally done asynchronously by the kernel) before 1113 * signaling to QEMU that the device is safe, but instead sleep 1114 * for some 'safe' period of time. unfortunately on a busy host 1115 * this sleep isn't guaranteed to be long enough, resulting in 1116 * bad things like IRQ lines being left asserted during final 1117 * device removal. to deal with this we call reset just prior 1118 * to finalizing the device, which will put the device back into 1119 * an 'idle' state, as the device cleanup code expects. 1120 */ 1121 pci_device_reset(PCI_DEVICE(dev)); 1122 object_unparent(OBJECT(dev)); 1123 } 1124 1125 static void spapr_phb_remove_pci_device(sPAPRDRConnector *drc, 1126 sPAPRPHBState *phb, 1127 PCIDevice *pdev, 1128 Error **errp) 1129 { 1130 sPAPRDRConnectorClass *drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc); 1131 1132 drck->detach(drc, DEVICE(pdev), spapr_phb_remove_pci_device_cb, phb, errp); 1133 } 1134 1135 static sPAPRDRConnector *spapr_phb_get_pci_func_drc(sPAPRPHBState *phb, 1136 uint32_t busnr, 1137 int32_t devfn) 1138 { 1139 return spapr_dr_connector_by_id(SPAPR_DR_CONNECTOR_TYPE_PCI, 1140 (phb->index << 16) | 1141 (busnr << 8) | 1142 devfn); 1143 } 1144 1145 static sPAPRDRConnector *spapr_phb_get_pci_drc(sPAPRPHBState *phb, 1146 PCIDevice *pdev) 1147 { 1148 uint32_t busnr = pci_bus_num(PCI_BUS(qdev_get_parent_bus(DEVICE(pdev)))); 1149 return spapr_phb_get_pci_func_drc(phb, busnr, pdev->devfn); 1150 } 1151 1152 static uint32_t spapr_phb_get_pci_drc_index(sPAPRPHBState *phb, 1153 PCIDevice *pdev) 1154 { 1155 sPAPRDRConnector *drc = spapr_phb_get_pci_drc(phb, pdev); 1156 sPAPRDRConnectorClass *drck; 1157 1158 if (!drc) { 1159 return 0; 1160 } 1161 1162 drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc); 1163 return drck->get_index(drc); 1164 } 1165 1166 static void spapr_phb_hot_plug_child(HotplugHandler *plug_handler, 1167 DeviceState *plugged_dev, Error **errp) 1168 { 1169 sPAPRPHBState *phb = SPAPR_PCI_HOST_BRIDGE(DEVICE(plug_handler)); 1170 PCIDevice *pdev = PCI_DEVICE(plugged_dev); 1171 sPAPRDRConnector *drc = spapr_phb_get_pci_drc(phb, pdev); 1172 Error *local_err = NULL; 1173 PCIBus *bus = PCI_BUS(qdev_get_parent_bus(DEVICE(pdev))); 1174 uint32_t slotnr = PCI_SLOT(pdev->devfn); 1175 1176 /* if DR is disabled we don't need to do anything in the case of 1177 * hotplug or coldplug callbacks 1178 */ 1179 if (!phb->dr_enabled) { 1180 /* if this is a hotplug operation initiated by the user 1181 * we need to let them know it's not enabled 1182 */ 1183 if (plugged_dev->hotplugged) { 1184 error_setg(errp, QERR_BUS_NO_HOTPLUG, 1185 object_get_typename(OBJECT(phb))); 1186 } 1187 return; 1188 } 1189 1190 g_assert(drc); 1191 1192 /* Following the QEMU convention used for PCIe multifunction 1193 * hotplug, we do not allow functions to be hotplugged to a 1194 * slot that already has function 0 present 1195 */ 1196 if (plugged_dev->hotplugged && bus->devices[PCI_DEVFN(slotnr, 0)] && 1197 PCI_FUNC(pdev->devfn) != 0) { 1198 error_setg(errp, "PCI: slot %d function 0 already ocuppied by %s," 1199 " additional functions can no longer be exposed to guest.", 1200 slotnr, bus->devices[PCI_DEVFN(slotnr, 0)]->name); 1201 return; 1202 } 1203 1204 spapr_phb_add_pci_device(drc, phb, pdev, &local_err); 1205 if (local_err) { 1206 error_propagate(errp, local_err); 1207 return; 1208 } 1209 1210 /* If this is function 0, signal hotplug for all the device functions. 1211 * Otherwise defer sending the hotplug event. 1212 */ 1213 if (plugged_dev->hotplugged && PCI_FUNC(pdev->devfn) == 0) { 1214 int i; 1215 1216 for (i = 0; i < 8; i++) { 1217 sPAPRDRConnector *func_drc; 1218 sPAPRDRConnectorClass *func_drck; 1219 sPAPRDREntitySense state; 1220 1221 func_drc = spapr_phb_get_pci_func_drc(phb, pci_bus_num(bus), 1222 PCI_DEVFN(slotnr, i)); 1223 func_drck = SPAPR_DR_CONNECTOR_GET_CLASS(func_drc); 1224 func_drck->entity_sense(func_drc, &state); 1225 1226 if (state == SPAPR_DR_ENTITY_SENSE_PRESENT) { 1227 spapr_hotplug_req_add_by_index(func_drc); 1228 } 1229 } 1230 } 1231 } 1232 1233 static void spapr_phb_hot_unplug_child(HotplugHandler *plug_handler, 1234 DeviceState *plugged_dev, Error **errp) 1235 { 1236 sPAPRPHBState *phb = SPAPR_PCI_HOST_BRIDGE(DEVICE(plug_handler)); 1237 PCIDevice *pdev = PCI_DEVICE(plugged_dev); 1238 sPAPRDRConnectorClass *drck; 1239 sPAPRDRConnector *drc = spapr_phb_get_pci_drc(phb, pdev); 1240 Error *local_err = NULL; 1241 1242 if (!phb->dr_enabled) { 1243 error_setg(errp, QERR_BUS_NO_HOTPLUG, 1244 object_get_typename(OBJECT(phb))); 1245 return; 1246 } 1247 1248 g_assert(drc); 1249 1250 drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc); 1251 if (!drck->release_pending(drc)) { 1252 PCIBus *bus = PCI_BUS(qdev_get_parent_bus(DEVICE(pdev))); 1253 uint32_t slotnr = PCI_SLOT(pdev->devfn); 1254 sPAPRDRConnector *func_drc; 1255 sPAPRDRConnectorClass *func_drck; 1256 sPAPRDREntitySense state; 1257 int i; 1258 1259 /* ensure any other present functions are pending unplug */ 1260 if (PCI_FUNC(pdev->devfn) == 0) { 1261 for (i = 1; i < 8; i++) { 1262 func_drc = spapr_phb_get_pci_func_drc(phb, pci_bus_num(bus), 1263 PCI_DEVFN(slotnr, i)); 1264 func_drck = SPAPR_DR_CONNECTOR_GET_CLASS(func_drc); 1265 func_drck->entity_sense(func_drc, &state); 1266 if (state == SPAPR_DR_ENTITY_SENSE_PRESENT 1267 && !func_drck->release_pending(func_drc)) { 1268 error_setg(errp, 1269 "PCI: slot %d, function %d still present. " 1270 "Must unplug all non-0 functions first.", 1271 slotnr, i); 1272 return; 1273 } 1274 } 1275 } 1276 1277 spapr_phb_remove_pci_device(drc, phb, pdev, &local_err); 1278 if (local_err) { 1279 error_propagate(errp, local_err); 1280 return; 1281 } 1282 1283 /* if this isn't func 0, defer unplug event. otherwise signal removal 1284 * for all present functions 1285 */ 1286 if (PCI_FUNC(pdev->devfn) == 0) { 1287 for (i = 7; i >= 0; i--) { 1288 func_drc = spapr_phb_get_pci_func_drc(phb, pci_bus_num(bus), 1289 PCI_DEVFN(slotnr, i)); 1290 func_drck = SPAPR_DR_CONNECTOR_GET_CLASS(func_drc); 1291 func_drck->entity_sense(func_drc, &state); 1292 if (state == SPAPR_DR_ENTITY_SENSE_PRESENT) { 1293 spapr_hotplug_req_remove_by_index(func_drc); 1294 } 1295 } 1296 } 1297 } 1298 } 1299 1300 static void spapr_phb_realize(DeviceState *dev, Error **errp) 1301 { 1302 sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine()); 1303 SysBusDevice *s = SYS_BUS_DEVICE(dev); 1304 sPAPRPHBState *sphb = SPAPR_PCI_HOST_BRIDGE(s); 1305 PCIHostState *phb = PCI_HOST_BRIDGE(s); 1306 char *namebuf; 1307 int i; 1308 PCIBus *bus; 1309 uint64_t msi_window_size = 4096; 1310 sPAPRTCETable *tcet; 1311 uint32_t nb_table; 1312 1313 if (sphb->index != (uint32_t)-1) { 1314 hwaddr windows_base; 1315 1316 if ((sphb->buid != (uint64_t)-1) || (sphb->dma_liobn != (uint32_t)-1) 1317 || (sphb->mem_win_addr != (hwaddr)-1) 1318 || (sphb->io_win_addr != (hwaddr)-1)) { 1319 error_setg(errp, "Either \"index\" or other parameters must" 1320 " be specified for PAPR PHB, not both"); 1321 return; 1322 } 1323 1324 if (sphb->index > SPAPR_PCI_MAX_INDEX) { 1325 error_setg(errp, "\"index\" for PAPR PHB is too large (max %u)", 1326 SPAPR_PCI_MAX_INDEX); 1327 return; 1328 } 1329 1330 sphb->buid = SPAPR_PCI_BASE_BUID + sphb->index; 1331 sphb->dma_liobn = SPAPR_PCI_LIOBN(sphb->index, 0); 1332 1333 windows_base = SPAPR_PCI_WINDOW_BASE 1334 + sphb->index * SPAPR_PCI_WINDOW_SPACING; 1335 sphb->mem_win_addr = windows_base + SPAPR_PCI_MMIO_WIN_OFF; 1336 sphb->io_win_addr = windows_base + SPAPR_PCI_IO_WIN_OFF; 1337 } 1338 1339 if (sphb->buid == (uint64_t)-1) { 1340 error_setg(errp, "BUID not specified for PHB"); 1341 return; 1342 } 1343 1344 if (sphb->dma_liobn == (uint32_t)-1) { 1345 error_setg(errp, "LIOBN not specified for PHB"); 1346 return; 1347 } 1348 1349 if (sphb->mem_win_addr == (hwaddr)-1) { 1350 error_setg(errp, "Memory window address not specified for PHB"); 1351 return; 1352 } 1353 1354 if (sphb->io_win_addr == (hwaddr)-1) { 1355 error_setg(errp, "IO window address not specified for PHB"); 1356 return; 1357 } 1358 1359 if (spapr_pci_find_phb(spapr, sphb->buid)) { 1360 error_setg(errp, "PCI host bridges must have unique BUIDs"); 1361 return; 1362 } 1363 1364 sphb->dtbusname = g_strdup_printf("pci@%" PRIx64, sphb->buid); 1365 1366 namebuf = alloca(strlen(sphb->dtbusname) + 32); 1367 1368 /* Initialize memory regions */ 1369 sprintf(namebuf, "%s.mmio", sphb->dtbusname); 1370 memory_region_init(&sphb->memspace, OBJECT(sphb), namebuf, UINT64_MAX); 1371 1372 sprintf(namebuf, "%s.mmio-alias", sphb->dtbusname); 1373 memory_region_init_alias(&sphb->memwindow, OBJECT(sphb), 1374 namebuf, &sphb->memspace, 1375 SPAPR_PCI_MEM_WIN_BUS_OFFSET, sphb->mem_win_size); 1376 memory_region_add_subregion(get_system_memory(), sphb->mem_win_addr, 1377 &sphb->memwindow); 1378 1379 /* Initialize IO regions */ 1380 sprintf(namebuf, "%s.io", sphb->dtbusname); 1381 memory_region_init(&sphb->iospace, OBJECT(sphb), 1382 namebuf, SPAPR_PCI_IO_WIN_SIZE); 1383 1384 sprintf(namebuf, "%s.io-alias", sphb->dtbusname); 1385 memory_region_init_alias(&sphb->iowindow, OBJECT(sphb), namebuf, 1386 &sphb->iospace, 0, SPAPR_PCI_IO_WIN_SIZE); 1387 memory_region_add_subregion(get_system_memory(), sphb->io_win_addr, 1388 &sphb->iowindow); 1389 1390 bus = pci_register_bus(dev, NULL, 1391 pci_spapr_set_irq, pci_spapr_map_irq, sphb, 1392 &sphb->memspace, &sphb->iospace, 1393 PCI_DEVFN(0, 0), PCI_NUM_PINS, TYPE_PCI_BUS); 1394 phb->bus = bus; 1395 qbus_set_hotplug_handler(BUS(phb->bus), DEVICE(sphb), NULL); 1396 1397 /* 1398 * Initialize PHB address space. 1399 * By default there will be at least one subregion for default 1400 * 32bit DMA window. 1401 * Later the guest might want to create another DMA window 1402 * which will become another memory subregion. 1403 */ 1404 sprintf(namebuf, "%s.iommu-root", sphb->dtbusname); 1405 1406 memory_region_init(&sphb->iommu_root, OBJECT(sphb), 1407 namebuf, UINT64_MAX); 1408 address_space_init(&sphb->iommu_as, &sphb->iommu_root, 1409 sphb->dtbusname); 1410 1411 /* 1412 * As MSI/MSIX interrupts trigger by writing at MSI/MSIX vectors, 1413 * we need to allocate some memory to catch those writes coming 1414 * from msi_notify()/msix_notify(). 1415 * As MSIMessage:addr is going to be the same and MSIMessage:data 1416 * is going to be a VIRQ number, 4 bytes of the MSI MR will only 1417 * be used. 1418 * 1419 * For KVM we want to ensure that this memory is a full page so that 1420 * our memory slot is of page size granularity. 1421 */ 1422 #ifdef CONFIG_KVM 1423 if (kvm_enabled()) { 1424 msi_window_size = getpagesize(); 1425 } 1426 #endif 1427 1428 memory_region_init_io(&sphb->msiwindow, NULL, &spapr_msi_ops, spapr, 1429 "msi", msi_window_size); 1430 memory_region_add_subregion(&sphb->iommu_root, SPAPR_PCI_MSI_WINDOW, 1431 &sphb->msiwindow); 1432 1433 pci_setup_iommu(bus, spapr_pci_dma_iommu, sphb); 1434 1435 pci_bus_set_route_irq_fn(bus, spapr_route_intx_pin_to_irq); 1436 1437 QLIST_INSERT_HEAD(&spapr->phbs, sphb, list); 1438 1439 /* Initialize the LSI table */ 1440 for (i = 0; i < PCI_NUM_PINS; i++) { 1441 uint32_t irq; 1442 Error *local_err = NULL; 1443 1444 irq = xics_alloc_block(spapr->icp, 0, 1, true, false, &local_err); 1445 if (local_err) { 1446 error_propagate(errp, local_err); 1447 error_prepend(errp, "can't allocate LSIs: "); 1448 return; 1449 } 1450 1451 sphb->lsi_table[i].irq = irq; 1452 } 1453 1454 /* allocate connectors for child PCI devices */ 1455 if (sphb->dr_enabled) { 1456 for (i = 0; i < PCI_SLOT_MAX * 8; i++) { 1457 spapr_dr_connector_new(OBJECT(phb), 1458 SPAPR_DR_CONNECTOR_TYPE_PCI, 1459 (sphb->index << 16) | i); 1460 } 1461 } 1462 1463 nb_table = sphb->dma_win_size >> SPAPR_TCE_PAGE_SHIFT; 1464 tcet = spapr_tce_new_table(DEVICE(sphb), sphb->dma_liobn, 1465 0, SPAPR_TCE_PAGE_SHIFT, nb_table, false); 1466 if (!tcet) { 1467 error_setg(errp, "Unable to create TCE table for %s", 1468 sphb->dtbusname); 1469 return; 1470 } 1471 1472 /* Register default 32bit DMA window */ 1473 memory_region_add_subregion(&sphb->iommu_root, sphb->dma_win_addr, 1474 spapr_tce_get_iommu(tcet)); 1475 1476 sphb->msi = g_hash_table_new_full(g_int_hash, g_int_equal, g_free, g_free); 1477 } 1478 1479 static int spapr_phb_children_reset(Object *child, void *opaque) 1480 { 1481 DeviceState *dev = (DeviceState *) object_dynamic_cast(child, TYPE_DEVICE); 1482 1483 if (dev) { 1484 device_reset(dev); 1485 } 1486 1487 return 0; 1488 } 1489 1490 static void spapr_phb_reset(DeviceState *qdev) 1491 { 1492 /* Reset the IOMMU state */ 1493 object_child_foreach(OBJECT(qdev), spapr_phb_children_reset, NULL); 1494 1495 if (spapr_phb_eeh_available(SPAPR_PCI_HOST_BRIDGE(qdev))) { 1496 spapr_phb_vfio_reset(qdev); 1497 } 1498 } 1499 1500 static Property spapr_phb_properties[] = { 1501 DEFINE_PROP_UINT32("index", sPAPRPHBState, index, -1), 1502 DEFINE_PROP_UINT64("buid", sPAPRPHBState, buid, -1), 1503 DEFINE_PROP_UINT32("liobn", sPAPRPHBState, dma_liobn, -1), 1504 DEFINE_PROP_UINT64("mem_win_addr", sPAPRPHBState, mem_win_addr, -1), 1505 DEFINE_PROP_UINT64("mem_win_size", sPAPRPHBState, mem_win_size, 1506 SPAPR_PCI_MMIO_WIN_SIZE), 1507 DEFINE_PROP_UINT64("io_win_addr", sPAPRPHBState, io_win_addr, -1), 1508 DEFINE_PROP_UINT64("io_win_size", sPAPRPHBState, io_win_size, 1509 SPAPR_PCI_IO_WIN_SIZE), 1510 DEFINE_PROP_BOOL("dynamic-reconfiguration", sPAPRPHBState, dr_enabled, 1511 true), 1512 /* Default DMA window is 0..1GB */ 1513 DEFINE_PROP_UINT64("dma_win_addr", sPAPRPHBState, dma_win_addr, 0), 1514 DEFINE_PROP_UINT64("dma_win_size", sPAPRPHBState, dma_win_size, 0x40000000), 1515 DEFINE_PROP_END_OF_LIST(), 1516 }; 1517 1518 static const VMStateDescription vmstate_spapr_pci_lsi = { 1519 .name = "spapr_pci/lsi", 1520 .version_id = 1, 1521 .minimum_version_id = 1, 1522 .fields = (VMStateField[]) { 1523 VMSTATE_UINT32_EQUAL(irq, struct spapr_pci_lsi), 1524 1525 VMSTATE_END_OF_LIST() 1526 }, 1527 }; 1528 1529 static const VMStateDescription vmstate_spapr_pci_msi = { 1530 .name = "spapr_pci/msi", 1531 .version_id = 1, 1532 .minimum_version_id = 1, 1533 .fields = (VMStateField []) { 1534 VMSTATE_UINT32(key, spapr_pci_msi_mig), 1535 VMSTATE_UINT32(value.first_irq, spapr_pci_msi_mig), 1536 VMSTATE_UINT32(value.num, spapr_pci_msi_mig), 1537 VMSTATE_END_OF_LIST() 1538 }, 1539 }; 1540 1541 static void spapr_pci_pre_save(void *opaque) 1542 { 1543 sPAPRPHBState *sphb = opaque; 1544 GHashTableIter iter; 1545 gpointer key, value; 1546 int i; 1547 1548 g_free(sphb->msi_devs); 1549 sphb->msi_devs = NULL; 1550 sphb->msi_devs_num = g_hash_table_size(sphb->msi); 1551 if (!sphb->msi_devs_num) { 1552 return; 1553 } 1554 sphb->msi_devs = g_malloc(sphb->msi_devs_num * sizeof(spapr_pci_msi_mig)); 1555 1556 g_hash_table_iter_init(&iter, sphb->msi); 1557 for (i = 0; g_hash_table_iter_next(&iter, &key, &value); ++i) { 1558 sphb->msi_devs[i].key = *(uint32_t *) key; 1559 sphb->msi_devs[i].value = *(spapr_pci_msi *) value; 1560 } 1561 } 1562 1563 static int spapr_pci_post_load(void *opaque, int version_id) 1564 { 1565 sPAPRPHBState *sphb = opaque; 1566 gpointer key, value; 1567 int i; 1568 1569 for (i = 0; i < sphb->msi_devs_num; ++i) { 1570 key = g_memdup(&sphb->msi_devs[i].key, 1571 sizeof(sphb->msi_devs[i].key)); 1572 value = g_memdup(&sphb->msi_devs[i].value, 1573 sizeof(sphb->msi_devs[i].value)); 1574 g_hash_table_insert(sphb->msi, key, value); 1575 } 1576 g_free(sphb->msi_devs); 1577 sphb->msi_devs = NULL; 1578 sphb->msi_devs_num = 0; 1579 1580 return 0; 1581 } 1582 1583 static const VMStateDescription vmstate_spapr_pci = { 1584 .name = "spapr_pci", 1585 .version_id = 2, 1586 .minimum_version_id = 2, 1587 .pre_save = spapr_pci_pre_save, 1588 .post_load = spapr_pci_post_load, 1589 .fields = (VMStateField[]) { 1590 VMSTATE_UINT64_EQUAL(buid, sPAPRPHBState), 1591 VMSTATE_UINT32_EQUAL(dma_liobn, sPAPRPHBState), 1592 VMSTATE_UINT64_EQUAL(mem_win_addr, sPAPRPHBState), 1593 VMSTATE_UINT64_EQUAL(mem_win_size, sPAPRPHBState), 1594 VMSTATE_UINT64_EQUAL(io_win_addr, sPAPRPHBState), 1595 VMSTATE_UINT64_EQUAL(io_win_size, sPAPRPHBState), 1596 VMSTATE_STRUCT_ARRAY(lsi_table, sPAPRPHBState, PCI_NUM_PINS, 0, 1597 vmstate_spapr_pci_lsi, struct spapr_pci_lsi), 1598 VMSTATE_INT32(msi_devs_num, sPAPRPHBState), 1599 VMSTATE_STRUCT_VARRAY_ALLOC(msi_devs, sPAPRPHBState, msi_devs_num, 0, 1600 vmstate_spapr_pci_msi, spapr_pci_msi_mig), 1601 VMSTATE_END_OF_LIST() 1602 }, 1603 }; 1604 1605 static const char *spapr_phb_root_bus_path(PCIHostState *host_bridge, 1606 PCIBus *rootbus) 1607 { 1608 sPAPRPHBState *sphb = SPAPR_PCI_HOST_BRIDGE(host_bridge); 1609 1610 return sphb->dtbusname; 1611 } 1612 1613 static void spapr_phb_class_init(ObjectClass *klass, void *data) 1614 { 1615 PCIHostBridgeClass *hc = PCI_HOST_BRIDGE_CLASS(klass); 1616 DeviceClass *dc = DEVICE_CLASS(klass); 1617 HotplugHandlerClass *hp = HOTPLUG_HANDLER_CLASS(klass); 1618 1619 hc->root_bus_path = spapr_phb_root_bus_path; 1620 dc->realize = spapr_phb_realize; 1621 dc->props = spapr_phb_properties; 1622 dc->reset = spapr_phb_reset; 1623 dc->vmsd = &vmstate_spapr_pci; 1624 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories); 1625 dc->cannot_instantiate_with_device_add_yet = false; 1626 hp->plug = spapr_phb_hot_plug_child; 1627 hp->unplug = spapr_phb_hot_unplug_child; 1628 } 1629 1630 static const TypeInfo spapr_phb_info = { 1631 .name = TYPE_SPAPR_PCI_HOST_BRIDGE, 1632 .parent = TYPE_PCI_HOST_BRIDGE, 1633 .instance_size = sizeof(sPAPRPHBState), 1634 .class_init = spapr_phb_class_init, 1635 .interfaces = (InterfaceInfo[]) { 1636 { TYPE_HOTPLUG_HANDLER }, 1637 { } 1638 } 1639 }; 1640 1641 PCIHostState *spapr_create_phb(sPAPRMachineState *spapr, int index) 1642 { 1643 DeviceState *dev; 1644 1645 dev = qdev_create(NULL, TYPE_SPAPR_PCI_HOST_BRIDGE); 1646 qdev_prop_set_uint32(dev, "index", index); 1647 qdev_init_nofail(dev); 1648 1649 return PCI_HOST_BRIDGE(dev); 1650 } 1651 1652 typedef struct sPAPRFDT { 1653 void *fdt; 1654 int node_off; 1655 sPAPRPHBState *sphb; 1656 } sPAPRFDT; 1657 1658 static void spapr_populate_pci_devices_dt(PCIBus *bus, PCIDevice *pdev, 1659 void *opaque) 1660 { 1661 PCIBus *sec_bus; 1662 sPAPRFDT *p = opaque; 1663 int offset; 1664 sPAPRFDT s_fdt; 1665 1666 offset = spapr_create_pci_child_dt(p->sphb, pdev, p->fdt, p->node_off); 1667 if (!offset) { 1668 error_report("Failed to create pci child device tree node"); 1669 return; 1670 } 1671 1672 if ((pci_default_read_config(pdev, PCI_HEADER_TYPE, 1) != 1673 PCI_HEADER_TYPE_BRIDGE)) { 1674 return; 1675 } 1676 1677 sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(pdev)); 1678 if (!sec_bus) { 1679 return; 1680 } 1681 1682 s_fdt.fdt = p->fdt; 1683 s_fdt.node_off = offset; 1684 s_fdt.sphb = p->sphb; 1685 pci_for_each_device(sec_bus, pci_bus_num(sec_bus), 1686 spapr_populate_pci_devices_dt, 1687 &s_fdt); 1688 } 1689 1690 static void spapr_phb_pci_enumerate_bridge(PCIBus *bus, PCIDevice *pdev, 1691 void *opaque) 1692 { 1693 unsigned int *bus_no = opaque; 1694 unsigned int primary = *bus_no; 1695 unsigned int subordinate = 0xff; 1696 PCIBus *sec_bus = NULL; 1697 1698 if ((pci_default_read_config(pdev, PCI_HEADER_TYPE, 1) != 1699 PCI_HEADER_TYPE_BRIDGE)) { 1700 return; 1701 } 1702 1703 (*bus_no)++; 1704 pci_default_write_config(pdev, PCI_PRIMARY_BUS, primary, 1); 1705 pci_default_write_config(pdev, PCI_SECONDARY_BUS, *bus_no, 1); 1706 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, *bus_no, 1); 1707 1708 sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(pdev)); 1709 if (!sec_bus) { 1710 return; 1711 } 1712 1713 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, subordinate, 1); 1714 pci_for_each_device(sec_bus, pci_bus_num(sec_bus), 1715 spapr_phb_pci_enumerate_bridge, bus_no); 1716 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, *bus_no, 1); 1717 } 1718 1719 static void spapr_phb_pci_enumerate(sPAPRPHBState *phb) 1720 { 1721 PCIBus *bus = PCI_HOST_BRIDGE(phb)->bus; 1722 unsigned int bus_no = 0; 1723 1724 pci_for_each_device(bus, pci_bus_num(bus), 1725 spapr_phb_pci_enumerate_bridge, 1726 &bus_no); 1727 1728 } 1729 1730 int spapr_populate_pci_dt(sPAPRPHBState *phb, 1731 uint32_t xics_phandle, 1732 void *fdt) 1733 { 1734 int bus_off, i, j, ret; 1735 char nodename[FDT_NAME_MAX]; 1736 uint32_t bus_range[] = { cpu_to_be32(0), cpu_to_be32(0xff) }; 1737 const uint64_t mmiosize = memory_region_size(&phb->memwindow); 1738 const uint64_t w32max = (1ULL << 32) - SPAPR_PCI_MEM_WIN_BUS_OFFSET; 1739 const uint64_t w32size = MIN(w32max, mmiosize); 1740 const uint64_t w64size = (mmiosize > w32size) ? (mmiosize - w32size) : 0; 1741 struct { 1742 uint32_t hi; 1743 uint64_t child; 1744 uint64_t parent; 1745 uint64_t size; 1746 } QEMU_PACKED ranges[] = { 1747 { 1748 cpu_to_be32(b_ss(1)), cpu_to_be64(0), 1749 cpu_to_be64(phb->io_win_addr), 1750 cpu_to_be64(memory_region_size(&phb->iospace)), 1751 }, 1752 { 1753 cpu_to_be32(b_ss(2)), cpu_to_be64(SPAPR_PCI_MEM_WIN_BUS_OFFSET), 1754 cpu_to_be64(phb->mem_win_addr), 1755 cpu_to_be64(w32size), 1756 }, 1757 { 1758 cpu_to_be32(b_ss(3)), cpu_to_be64(1ULL << 32), 1759 cpu_to_be64(phb->mem_win_addr + w32size), 1760 cpu_to_be64(w64size) 1761 }, 1762 }; 1763 const unsigned sizeof_ranges = (w64size ? 3 : 2) * sizeof(ranges[0]); 1764 uint64_t bus_reg[] = { cpu_to_be64(phb->buid), 0 }; 1765 uint32_t interrupt_map_mask[] = { 1766 cpu_to_be32(b_ddddd(-1)|b_fff(0)), 0x0, 0x0, cpu_to_be32(-1)}; 1767 uint32_t interrupt_map[PCI_SLOT_MAX * PCI_NUM_PINS][7]; 1768 sPAPRTCETable *tcet; 1769 PCIBus *bus = PCI_HOST_BRIDGE(phb)->bus; 1770 sPAPRFDT s_fdt; 1771 1772 /* Start populating the FDT */ 1773 snprintf(nodename, FDT_NAME_MAX, "pci@%" PRIx64, phb->buid); 1774 bus_off = fdt_add_subnode(fdt, 0, nodename); 1775 if (bus_off < 0) { 1776 return bus_off; 1777 } 1778 1779 /* Write PHB properties */ 1780 _FDT(fdt_setprop_string(fdt, bus_off, "device_type", "pci")); 1781 _FDT(fdt_setprop_string(fdt, bus_off, "compatible", "IBM,Logical_PHB")); 1782 _FDT(fdt_setprop_cell(fdt, bus_off, "#address-cells", 0x3)); 1783 _FDT(fdt_setprop_cell(fdt, bus_off, "#size-cells", 0x2)); 1784 _FDT(fdt_setprop_cell(fdt, bus_off, "#interrupt-cells", 0x1)); 1785 _FDT(fdt_setprop(fdt, bus_off, "used-by-rtas", NULL, 0)); 1786 _FDT(fdt_setprop(fdt, bus_off, "bus-range", &bus_range, sizeof(bus_range))); 1787 _FDT(fdt_setprop(fdt, bus_off, "ranges", &ranges, sizeof_ranges)); 1788 _FDT(fdt_setprop(fdt, bus_off, "reg", &bus_reg, sizeof(bus_reg))); 1789 _FDT(fdt_setprop_cell(fdt, bus_off, "ibm,pci-config-space-type", 0x1)); 1790 _FDT(fdt_setprop_cell(fdt, bus_off, "ibm,pe-total-#msi", XICS_IRQS)); 1791 1792 /* Build the interrupt-map, this must matches what is done 1793 * in pci_spapr_map_irq 1794 */ 1795 _FDT(fdt_setprop(fdt, bus_off, "interrupt-map-mask", 1796 &interrupt_map_mask, sizeof(interrupt_map_mask))); 1797 for (i = 0; i < PCI_SLOT_MAX; i++) { 1798 for (j = 0; j < PCI_NUM_PINS; j++) { 1799 uint32_t *irqmap = interrupt_map[i*PCI_NUM_PINS + j]; 1800 int lsi_num = pci_spapr_swizzle(i, j); 1801 1802 irqmap[0] = cpu_to_be32(b_ddddd(i)|b_fff(0)); 1803 irqmap[1] = 0; 1804 irqmap[2] = 0; 1805 irqmap[3] = cpu_to_be32(j+1); 1806 irqmap[4] = cpu_to_be32(xics_phandle); 1807 irqmap[5] = cpu_to_be32(phb->lsi_table[lsi_num].irq); 1808 irqmap[6] = cpu_to_be32(0x8); 1809 } 1810 } 1811 /* Write interrupt map */ 1812 _FDT(fdt_setprop(fdt, bus_off, "interrupt-map", &interrupt_map, 1813 sizeof(interrupt_map))); 1814 1815 tcet = spapr_tce_find_by_liobn(SPAPR_PCI_LIOBN(phb->index, 0)); 1816 spapr_dma_dt(fdt, bus_off, "ibm,dma-window", 1817 tcet->liobn, tcet->bus_offset, 1818 tcet->nb_table << tcet->page_shift); 1819 1820 /* Walk the bridges and program the bus numbers*/ 1821 spapr_phb_pci_enumerate(phb); 1822 _FDT(fdt_setprop_cell(fdt, bus_off, "qemu,phb-enumerated", 0x1)); 1823 1824 /* Populate tree nodes with PCI devices attached */ 1825 s_fdt.fdt = fdt; 1826 s_fdt.node_off = bus_off; 1827 s_fdt.sphb = phb; 1828 pci_for_each_device(bus, pci_bus_num(bus), 1829 spapr_populate_pci_devices_dt, 1830 &s_fdt); 1831 1832 ret = spapr_drc_populate_dt(fdt, bus_off, OBJECT(phb), 1833 SPAPR_DR_CONNECTOR_TYPE_PCI); 1834 if (ret) { 1835 return ret; 1836 } 1837 1838 return 0; 1839 } 1840 1841 void spapr_pci_rtas_init(void) 1842 { 1843 spapr_rtas_register(RTAS_READ_PCI_CONFIG, "read-pci-config", 1844 rtas_read_pci_config); 1845 spapr_rtas_register(RTAS_WRITE_PCI_CONFIG, "write-pci-config", 1846 rtas_write_pci_config); 1847 spapr_rtas_register(RTAS_IBM_READ_PCI_CONFIG, "ibm,read-pci-config", 1848 rtas_ibm_read_pci_config); 1849 spapr_rtas_register(RTAS_IBM_WRITE_PCI_CONFIG, "ibm,write-pci-config", 1850 rtas_ibm_write_pci_config); 1851 if (msi_nonbroken) { 1852 spapr_rtas_register(RTAS_IBM_QUERY_INTERRUPT_SOURCE_NUMBER, 1853 "ibm,query-interrupt-source-number", 1854 rtas_ibm_query_interrupt_source_number); 1855 spapr_rtas_register(RTAS_IBM_CHANGE_MSI, "ibm,change-msi", 1856 rtas_ibm_change_msi); 1857 } 1858 1859 spapr_rtas_register(RTAS_IBM_SET_EEH_OPTION, 1860 "ibm,set-eeh-option", 1861 rtas_ibm_set_eeh_option); 1862 spapr_rtas_register(RTAS_IBM_GET_CONFIG_ADDR_INFO2, 1863 "ibm,get-config-addr-info2", 1864 rtas_ibm_get_config_addr_info2); 1865 spapr_rtas_register(RTAS_IBM_READ_SLOT_RESET_STATE2, 1866 "ibm,read-slot-reset-state2", 1867 rtas_ibm_read_slot_reset_state2); 1868 spapr_rtas_register(RTAS_IBM_SET_SLOT_RESET, 1869 "ibm,set-slot-reset", 1870 rtas_ibm_set_slot_reset); 1871 spapr_rtas_register(RTAS_IBM_CONFIGURE_PE, 1872 "ibm,configure-pe", 1873 rtas_ibm_configure_pe); 1874 spapr_rtas_register(RTAS_IBM_SLOT_ERROR_DETAIL, 1875 "ibm,slot-error-detail", 1876 rtas_ibm_slot_error_detail); 1877 } 1878 1879 static void spapr_pci_register_types(void) 1880 { 1881 type_register_static(&spapr_phb_info); 1882 } 1883 1884 type_init(spapr_pci_register_types) 1885 1886 static int spapr_switch_one_vga(DeviceState *dev, void *opaque) 1887 { 1888 bool be = *(bool *)opaque; 1889 1890 if (object_dynamic_cast(OBJECT(dev), "VGA") 1891 || object_dynamic_cast(OBJECT(dev), "secondary-vga")) { 1892 object_property_set_bool(OBJECT(dev), be, "big-endian-framebuffer", 1893 &error_abort); 1894 } 1895 return 0; 1896 } 1897 1898 void spapr_pci_switch_vga(bool big_endian) 1899 { 1900 sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine()); 1901 sPAPRPHBState *sphb; 1902 1903 /* 1904 * For backward compatibility with existing guests, we switch 1905 * the endianness of the VGA controller when changing the guest 1906 * interrupt mode 1907 */ 1908 QLIST_FOREACH(sphb, &spapr->phbs, list) { 1909 BusState *bus = &PCI_HOST_BRIDGE(sphb)->bus->qbus; 1910 qbus_walk_children(bus, spapr_switch_one_vga, NULL, NULL, NULL, 1911 &big_endian); 1912 } 1913 } 1914