xref: /openbmc/qemu/hw/s390x/css.c (revision 80adf54e)
1 /*
2  * Channel subsystem base support.
3  *
4  * Copyright 2012 IBM Corp.
5  * Author(s): Cornelia Huck <cornelia.huck@de.ibm.com>
6  *
7  * This work is licensed under the terms of the GNU GPL, version 2 or (at
8  * your option) any later version. See the COPYING file in the top-level
9  * directory.
10  */
11 
12 #include "qemu/osdep.h"
13 #include "qapi/error.h"
14 #include "qapi/visitor.h"
15 #include "hw/qdev.h"
16 #include "qemu/error-report.h"
17 #include "qemu/bitops.h"
18 #include "qemu/error-report.h"
19 #include "exec/address-spaces.h"
20 #include "cpu.h"
21 #include "hw/s390x/ioinst.h"
22 #include "hw/s390x/css.h"
23 #include "trace.h"
24 #include "hw/s390x/s390_flic.h"
25 #include "hw/s390x/s390-virtio-ccw.h"
26 
27 typedef struct CrwContainer {
28     CRW crw;
29     QTAILQ_ENTRY(CrwContainer) sibling;
30 } CrwContainer;
31 
32 static const VMStateDescription vmstate_crw = {
33     .name = "s390_crw",
34     .version_id = 1,
35     .minimum_version_id = 1,
36     .fields = (VMStateField[]) {
37         VMSTATE_UINT16(flags, CRW),
38         VMSTATE_UINT16(rsid, CRW),
39         VMSTATE_END_OF_LIST()
40     },
41 };
42 
43 static const VMStateDescription vmstate_crw_container = {
44     .name = "s390_crw_container",
45     .version_id = 1,
46     .minimum_version_id = 1,
47     .fields = (VMStateField[]) {
48         VMSTATE_STRUCT(crw, CrwContainer, 0, vmstate_crw, CRW),
49         VMSTATE_END_OF_LIST()
50     },
51 };
52 
53 typedef struct ChpInfo {
54     uint8_t in_use;
55     uint8_t type;
56     uint8_t is_virtual;
57 } ChpInfo;
58 
59 static const VMStateDescription vmstate_chp_info = {
60     .name = "s390_chp_info",
61     .version_id = 1,
62     .minimum_version_id = 1,
63     .fields = (VMStateField[]) {
64         VMSTATE_UINT8(in_use, ChpInfo),
65         VMSTATE_UINT8(type, ChpInfo),
66         VMSTATE_UINT8(is_virtual, ChpInfo),
67         VMSTATE_END_OF_LIST()
68     }
69 };
70 
71 typedef struct SubchSet {
72     SubchDev *sch[MAX_SCHID + 1];
73     unsigned long schids_used[BITS_TO_LONGS(MAX_SCHID + 1)];
74     unsigned long devnos_used[BITS_TO_LONGS(MAX_SCHID + 1)];
75 } SubchSet;
76 
77 static const VMStateDescription vmstate_scsw = {
78     .name = "s390_scsw",
79     .version_id = 1,
80     .minimum_version_id = 1,
81     .fields = (VMStateField[]) {
82         VMSTATE_UINT16(flags, SCSW),
83         VMSTATE_UINT16(ctrl, SCSW),
84         VMSTATE_UINT32(cpa, SCSW),
85         VMSTATE_UINT8(dstat, SCSW),
86         VMSTATE_UINT8(cstat, SCSW),
87         VMSTATE_UINT16(count, SCSW),
88         VMSTATE_END_OF_LIST()
89     }
90 };
91 
92 static const VMStateDescription vmstate_pmcw = {
93     .name = "s390_pmcw",
94     .version_id = 1,
95     .minimum_version_id = 1,
96     .fields = (VMStateField[]) {
97         VMSTATE_UINT32(intparm, PMCW),
98         VMSTATE_UINT16(flags, PMCW),
99         VMSTATE_UINT16(devno, PMCW),
100         VMSTATE_UINT8(lpm, PMCW),
101         VMSTATE_UINT8(pnom, PMCW),
102         VMSTATE_UINT8(lpum, PMCW),
103         VMSTATE_UINT8(pim, PMCW),
104         VMSTATE_UINT16(mbi, PMCW),
105         VMSTATE_UINT8(pom, PMCW),
106         VMSTATE_UINT8(pam, PMCW),
107         VMSTATE_UINT8_ARRAY(chpid, PMCW, 8),
108         VMSTATE_UINT32(chars, PMCW),
109         VMSTATE_END_OF_LIST()
110     }
111 };
112 
113 static const VMStateDescription vmstate_schib = {
114     .name = "s390_schib",
115     .version_id = 1,
116     .minimum_version_id = 1,
117     .fields = (VMStateField[]) {
118         VMSTATE_STRUCT(pmcw, SCHIB, 0, vmstate_pmcw, PMCW),
119         VMSTATE_STRUCT(scsw, SCHIB, 0, vmstate_scsw, SCSW),
120         VMSTATE_UINT64(mba, SCHIB),
121         VMSTATE_UINT8_ARRAY(mda, SCHIB, 4),
122         VMSTATE_END_OF_LIST()
123     }
124 };
125 
126 
127 static const VMStateDescription vmstate_ccw1 = {
128     .name = "s390_ccw1",
129     .version_id = 1,
130     .minimum_version_id = 1,
131     .fields = (VMStateField[]) {
132         VMSTATE_UINT8(cmd_code, CCW1),
133         VMSTATE_UINT8(flags, CCW1),
134         VMSTATE_UINT16(count, CCW1),
135         VMSTATE_UINT32(cda, CCW1),
136         VMSTATE_END_OF_LIST()
137     }
138 };
139 
140 static const VMStateDescription vmstate_ciw = {
141     .name = "s390_ciw",
142     .version_id = 1,
143     .minimum_version_id = 1,
144     .fields = (VMStateField[]) {
145         VMSTATE_UINT8(type, CIW),
146         VMSTATE_UINT8(command, CIW),
147         VMSTATE_UINT16(count, CIW),
148         VMSTATE_END_OF_LIST()
149     }
150 };
151 
152 static const VMStateDescription vmstate_sense_id = {
153     .name = "s390_sense_id",
154     .version_id = 1,
155     .minimum_version_id = 1,
156     .fields = (VMStateField[]) {
157         VMSTATE_UINT8(reserved, SenseId),
158         VMSTATE_UINT16(cu_type, SenseId),
159         VMSTATE_UINT8(cu_model, SenseId),
160         VMSTATE_UINT16(dev_type, SenseId),
161         VMSTATE_UINT8(dev_model, SenseId),
162         VMSTATE_UINT8(unused, SenseId),
163         VMSTATE_STRUCT_ARRAY(ciw, SenseId, MAX_CIWS, 0, vmstate_ciw, CIW),
164         VMSTATE_END_OF_LIST()
165     }
166 };
167 
168 static const VMStateDescription vmstate_orb = {
169     .name = "s390_orb",
170     .version_id = 1,
171     .minimum_version_id = 1,
172     .fields = (VMStateField[]) {
173         VMSTATE_UINT32(intparm, ORB),
174         VMSTATE_UINT16(ctrl0, ORB),
175         VMSTATE_UINT8(lpm, ORB),
176         VMSTATE_UINT8(ctrl1, ORB),
177         VMSTATE_UINT32(cpa, ORB),
178         VMSTATE_END_OF_LIST()
179     }
180 };
181 
182 static bool vmstate_schdev_orb_needed(void *opaque)
183 {
184     return css_migration_enabled();
185 }
186 
187 static const VMStateDescription vmstate_schdev_orb = {
188     .name = "s390_subch_dev/orb",
189     .version_id = 1,
190     .minimum_version_id = 1,
191     .needed = vmstate_schdev_orb_needed,
192     .fields = (VMStateField[]) {
193         VMSTATE_STRUCT(orb, SubchDev, 1, vmstate_orb, ORB),
194         VMSTATE_END_OF_LIST()
195     }
196 };
197 
198 static int subch_dev_post_load(void *opaque, int version_id);
199 static void subch_dev_pre_save(void *opaque);
200 
201 const char err_hint_devno[] = "Devno mismatch, tried to load wrong section!"
202     " Likely reason: some sequences of plug and unplug  can break"
203     " migration for machine versions prior to  2.7 (known design flaw).";
204 
205 const VMStateDescription vmstate_subch_dev = {
206     .name = "s390_subch_dev",
207     .version_id = 1,
208     .minimum_version_id = 1,
209     .post_load = subch_dev_post_load,
210     .pre_save = subch_dev_pre_save,
211     .fields = (VMStateField[]) {
212         VMSTATE_UINT8_EQUAL(cssid, SubchDev, "Bug!"),
213         VMSTATE_UINT8_EQUAL(ssid, SubchDev, "Bug!"),
214         VMSTATE_UINT16(migrated_schid, SubchDev),
215         VMSTATE_UINT16_EQUAL(devno, SubchDev, err_hint_devno),
216         VMSTATE_BOOL(thinint_active, SubchDev),
217         VMSTATE_STRUCT(curr_status, SubchDev, 0, vmstate_schib, SCHIB),
218         VMSTATE_UINT8_ARRAY(sense_data, SubchDev, 32),
219         VMSTATE_UINT64(channel_prog, SubchDev),
220         VMSTATE_STRUCT(last_cmd, SubchDev, 0, vmstate_ccw1, CCW1),
221         VMSTATE_BOOL(last_cmd_valid, SubchDev),
222         VMSTATE_STRUCT(id, SubchDev, 0, vmstate_sense_id, SenseId),
223         VMSTATE_BOOL(ccw_fmt_1, SubchDev),
224         VMSTATE_UINT8(ccw_no_data_cnt, SubchDev),
225         VMSTATE_END_OF_LIST()
226     },
227     .subsections = (const VMStateDescription * []) {
228         &vmstate_schdev_orb,
229         NULL
230     }
231 };
232 
233 typedef struct IndAddrPtrTmp {
234     IndAddr **parent;
235     uint64_t addr;
236     int32_t len;
237 } IndAddrPtrTmp;
238 
239 static int post_load_ind_addr(void *opaque, int version_id)
240 {
241     IndAddrPtrTmp *ptmp = opaque;
242     IndAddr **ind_addr = ptmp->parent;
243 
244     if (ptmp->len != 0) {
245         *ind_addr = get_indicator(ptmp->addr, ptmp->len);
246     } else {
247         *ind_addr = NULL;
248     }
249     return 0;
250 }
251 
252 static void pre_save_ind_addr(void *opaque)
253 {
254     IndAddrPtrTmp *ptmp = opaque;
255     IndAddr *ind_addr = *(ptmp->parent);
256 
257     if (ind_addr != NULL) {
258         ptmp->len = ind_addr->len;
259         ptmp->addr = ind_addr->addr;
260     } else {
261         ptmp->len = 0;
262         ptmp->addr = 0L;
263     }
264 }
265 
266 const VMStateDescription vmstate_ind_addr_tmp = {
267     .name = "s390_ind_addr_tmp",
268     .pre_save = pre_save_ind_addr,
269     .post_load = post_load_ind_addr,
270 
271     .fields = (VMStateField[]) {
272         VMSTATE_INT32(len, IndAddrPtrTmp),
273         VMSTATE_UINT64(addr, IndAddrPtrTmp),
274         VMSTATE_END_OF_LIST()
275     }
276 };
277 
278 const VMStateDescription vmstate_ind_addr = {
279     .name = "s390_ind_addr_tmp",
280     .fields = (VMStateField[]) {
281         VMSTATE_WITH_TMP(IndAddr*, IndAddrPtrTmp, vmstate_ind_addr_tmp),
282         VMSTATE_END_OF_LIST()
283     }
284 };
285 
286 typedef struct CssImage {
287     SubchSet *sch_set[MAX_SSID + 1];
288     ChpInfo chpids[MAX_CHPID + 1];
289 } CssImage;
290 
291 static const VMStateDescription vmstate_css_img = {
292     .name = "s390_css_img",
293     .version_id = 1,
294     .minimum_version_id = 1,
295     .fields = (VMStateField[]) {
296         /* Subchannel sets have no relevant state. */
297         VMSTATE_STRUCT_ARRAY(chpids, CssImage, MAX_CHPID + 1, 0,
298                              vmstate_chp_info, ChpInfo),
299         VMSTATE_END_OF_LIST()
300     }
301 
302 };
303 
304 typedef struct IoAdapter {
305     uint32_t id;
306     uint8_t type;
307     uint8_t isc;
308     uint8_t flags;
309 } IoAdapter;
310 
311 typedef struct ChannelSubSys {
312     QTAILQ_HEAD(, CrwContainer) pending_crws;
313     bool sei_pending;
314     bool do_crw_mchk;
315     bool crws_lost;
316     uint8_t max_cssid;
317     uint8_t max_ssid;
318     bool chnmon_active;
319     uint64_t chnmon_area;
320     CssImage *css[MAX_CSSID + 1];
321     uint8_t default_cssid;
322     /* don't migrate, see css_register_io_adapters */
323     IoAdapter *io_adapters[CSS_IO_ADAPTER_TYPE_NUMS][MAX_ISC + 1];
324     /* don't migrate, see get_indicator and IndAddrPtrTmp */
325     QTAILQ_HEAD(, IndAddr) indicator_addresses;
326 } ChannelSubSys;
327 
328 static const VMStateDescription vmstate_css = {
329     .name = "s390_css",
330     .version_id = 1,
331     .minimum_version_id = 1,
332     .fields = (VMStateField[]) {
333         VMSTATE_QTAILQ_V(pending_crws, ChannelSubSys, 1, vmstate_crw_container,
334                          CrwContainer, sibling),
335         VMSTATE_BOOL(sei_pending, ChannelSubSys),
336         VMSTATE_BOOL(do_crw_mchk, ChannelSubSys),
337         VMSTATE_BOOL(crws_lost, ChannelSubSys),
338         /* These were kind of migrated by virtio */
339         VMSTATE_UINT8(max_cssid, ChannelSubSys),
340         VMSTATE_UINT8(max_ssid, ChannelSubSys),
341         VMSTATE_BOOL(chnmon_active, ChannelSubSys),
342         VMSTATE_UINT64(chnmon_area, ChannelSubSys),
343         VMSTATE_ARRAY_OF_POINTER_TO_STRUCT(css, ChannelSubSys, MAX_CSSID + 1,
344                 0, vmstate_css_img, CssImage),
345         VMSTATE_UINT8(default_cssid, ChannelSubSys),
346         VMSTATE_END_OF_LIST()
347     }
348 };
349 
350 static ChannelSubSys channel_subsys = {
351     .pending_crws = QTAILQ_HEAD_INITIALIZER(channel_subsys.pending_crws),
352     .do_crw_mchk = true,
353     .sei_pending = false,
354     .do_crw_mchk = true,
355     .crws_lost = false,
356     .chnmon_active = false,
357     .indicator_addresses =
358         QTAILQ_HEAD_INITIALIZER(channel_subsys.indicator_addresses),
359 };
360 
361 static void subch_dev_pre_save(void *opaque)
362 {
363     SubchDev *s = opaque;
364 
365     /* Prepare remote_schid for save */
366     s->migrated_schid = s->schid;
367 }
368 
369 static int subch_dev_post_load(void *opaque, int version_id)
370 {
371 
372     SubchDev *s = opaque;
373 
374     /* Re-assign the subchannel to remote_schid if necessary */
375     if (s->migrated_schid != s->schid) {
376         if (css_find_subch(true, s->cssid, s->ssid, s->schid) == s) {
377             /*
378              * Cleanup the slot before moving to s->migrated_schid provided
379              * it still belongs to us, i.e. it was not changed by previous
380              * invocation of this function.
381              */
382             css_subch_assign(s->cssid, s->ssid, s->schid, s->devno, NULL);
383         }
384         /* It's OK to re-assign without a prior de-assign. */
385         s->schid = s->migrated_schid;
386         css_subch_assign(s->cssid, s->ssid, s->schid, s->devno, s);
387     }
388 
389     if (css_migration_enabled()) {
390         /* No compat voodoo to do ;) */
391         return 0;
392     }
393     /*
394      * Hack alert. If we don't migrate the channel subsystem status
395      * we still need to find out if the guest enabled mss/mcss-e.
396      * If the subchannel is enabled, it certainly was able to access it,
397      * so adjust the max_ssid/max_cssid values for relevant ssid/cssid
398      * values. This is not watertight, but better than nothing.
399      */
400     if (s->curr_status.pmcw.flags & PMCW_FLAGS_MASK_ENA) {
401         if (s->ssid) {
402             channel_subsys.max_ssid = MAX_SSID;
403         }
404         if (s->cssid != channel_subsys.default_cssid) {
405             channel_subsys.max_cssid = MAX_CSSID;
406         }
407     }
408     return 0;
409 }
410 
411 void css_register_vmstate(void)
412 {
413     vmstate_register(NULL, 0, &vmstate_css, &channel_subsys);
414 }
415 
416 IndAddr *get_indicator(hwaddr ind_addr, int len)
417 {
418     IndAddr *indicator;
419 
420     QTAILQ_FOREACH(indicator, &channel_subsys.indicator_addresses, sibling) {
421         if (indicator->addr == ind_addr) {
422             indicator->refcnt++;
423             return indicator;
424         }
425     }
426     indicator = g_new0(IndAddr, 1);
427     indicator->addr = ind_addr;
428     indicator->len = len;
429     indicator->refcnt = 1;
430     QTAILQ_INSERT_TAIL(&channel_subsys.indicator_addresses,
431                        indicator, sibling);
432     return indicator;
433 }
434 
435 static int s390_io_adapter_map(AdapterInfo *adapter, uint64_t map_addr,
436                                bool do_map)
437 {
438     S390FLICState *fs = s390_get_flic();
439     S390FLICStateClass *fsc = S390_FLIC_COMMON_GET_CLASS(fs);
440 
441     return fsc->io_adapter_map(fs, adapter->adapter_id, map_addr, do_map);
442 }
443 
444 void release_indicator(AdapterInfo *adapter, IndAddr *indicator)
445 {
446     assert(indicator->refcnt > 0);
447     indicator->refcnt--;
448     if (indicator->refcnt > 0) {
449         return;
450     }
451     QTAILQ_REMOVE(&channel_subsys.indicator_addresses, indicator, sibling);
452     if (indicator->map) {
453         s390_io_adapter_map(adapter, indicator->map, false);
454     }
455     g_free(indicator);
456 }
457 
458 int map_indicator(AdapterInfo *adapter, IndAddr *indicator)
459 {
460     int ret;
461 
462     if (indicator->map) {
463         return 0; /* already mapped is not an error */
464     }
465     indicator->map = indicator->addr;
466     ret = s390_io_adapter_map(adapter, indicator->map, true);
467     if ((ret != 0) && (ret != -ENOSYS)) {
468         goto out_err;
469     }
470     return 0;
471 
472 out_err:
473     indicator->map = 0;
474     return ret;
475 }
476 
477 int css_create_css_image(uint8_t cssid, bool default_image)
478 {
479     trace_css_new_image(cssid, default_image ? "(default)" : "");
480     /* 255 is reserved */
481     if (cssid == 255) {
482         return -EINVAL;
483     }
484     if (channel_subsys.css[cssid]) {
485         return -EBUSY;
486     }
487     channel_subsys.css[cssid] = g_malloc0(sizeof(CssImage));
488     if (default_image) {
489         channel_subsys.default_cssid = cssid;
490     }
491     return 0;
492 }
493 
494 uint32_t css_get_adapter_id(CssIoAdapterType type, uint8_t isc)
495 {
496     if (type >= CSS_IO_ADAPTER_TYPE_NUMS || isc > MAX_ISC ||
497         !channel_subsys.io_adapters[type][isc]) {
498         return -1;
499     }
500 
501     return channel_subsys.io_adapters[type][isc]->id;
502 }
503 
504 /**
505  * css_register_io_adapters: Register I/O adapters per ISC during init
506  *
507  * @swap: an indication if byte swap is needed.
508  * @maskable: an indication if the adapter is subject to the mask operation.
509  * @flags: further characteristics of the adapter.
510  *         e.g. suppressible, an indication if the adapter is subject to AIS.
511  * @errp: location to store error information.
512  */
513 void css_register_io_adapters(CssIoAdapterType type, bool swap, bool maskable,
514                               uint8_t flags, Error **errp)
515 {
516     uint32_t id;
517     int ret, isc;
518     IoAdapter *adapter;
519     S390FLICState *fs = s390_get_flic();
520     S390FLICStateClass *fsc = S390_FLIC_COMMON_GET_CLASS(fs);
521 
522     /*
523      * Disallow multiple registrations for the same device type.
524      * Report an error if registering for an already registered type.
525      */
526     if (channel_subsys.io_adapters[type][0]) {
527         error_setg(errp, "Adapters for type %d already registered", type);
528     }
529 
530     for (isc = 0; isc <= MAX_ISC; isc++) {
531         id = (type << 3) | isc;
532         ret = fsc->register_io_adapter(fs, id, isc, swap, maskable, flags);
533         if (ret == 0) {
534             adapter = g_new0(IoAdapter, 1);
535             adapter->id = id;
536             adapter->isc = isc;
537             adapter->type = type;
538             adapter->flags = flags;
539             channel_subsys.io_adapters[type][isc] = adapter;
540         } else {
541             error_setg_errno(errp, -ret, "Unexpected error %d when "
542                              "registering adapter %d", ret, id);
543             break;
544         }
545     }
546 
547     /*
548      * No need to free registered adapters in kvm: kvm will clean up
549      * when the machine goes away.
550      */
551     if (ret) {
552         for (isc--; isc >= 0; isc--) {
553             g_free(channel_subsys.io_adapters[type][isc]);
554             channel_subsys.io_adapters[type][isc] = NULL;
555         }
556     }
557 
558 }
559 
560 static void css_clear_io_interrupt(uint16_t subchannel_id,
561                                    uint16_t subchannel_nr)
562 {
563     Error *err = NULL;
564     static bool no_clear_irq;
565     S390FLICState *fs = s390_get_flic();
566     S390FLICStateClass *fsc = S390_FLIC_COMMON_GET_CLASS(fs);
567     int r;
568 
569     if (unlikely(no_clear_irq)) {
570         return;
571     }
572     r = fsc->clear_io_irq(fs, subchannel_id, subchannel_nr);
573     switch (r) {
574     case 0:
575         break;
576     case -ENOSYS:
577         no_clear_irq = true;
578         /*
579         * Ignore unavailability, as the user can't do anything
580         * about it anyway.
581         */
582         break;
583     default:
584         error_setg_errno(&err, -r, "unexpected error condition");
585         error_propagate(&error_abort, err);
586     }
587 }
588 
589 static inline uint16_t css_do_build_subchannel_id(uint8_t cssid, uint8_t ssid)
590 {
591     if (channel_subsys.max_cssid > 0) {
592         return (cssid << 8) | (1 << 3) | (ssid << 1) | 1;
593     }
594     return (ssid << 1) | 1;
595 }
596 
597 uint16_t css_build_subchannel_id(SubchDev *sch)
598 {
599     return css_do_build_subchannel_id(sch->cssid, sch->ssid);
600 }
601 
602 void css_inject_io_interrupt(SubchDev *sch)
603 {
604     uint8_t isc = (sch->curr_status.pmcw.flags & PMCW_FLAGS_MASK_ISC) >> 11;
605 
606     trace_css_io_interrupt(sch->cssid, sch->ssid, sch->schid,
607                            sch->curr_status.pmcw.intparm, isc, "");
608     s390_io_interrupt(css_build_subchannel_id(sch),
609                       sch->schid,
610                       sch->curr_status.pmcw.intparm,
611                       isc << 27);
612 }
613 
614 void css_conditional_io_interrupt(SubchDev *sch)
615 {
616     /*
617      * If the subchannel is not currently status pending, make it pending
618      * with alert status.
619      */
620     if (!(sch->curr_status.scsw.ctrl & SCSW_STCTL_STATUS_PEND)) {
621         uint8_t isc = (sch->curr_status.pmcw.flags & PMCW_FLAGS_MASK_ISC) >> 11;
622 
623         trace_css_io_interrupt(sch->cssid, sch->ssid, sch->schid,
624                                sch->curr_status.pmcw.intparm, isc,
625                                "(unsolicited)");
626         sch->curr_status.scsw.ctrl &= ~SCSW_CTRL_MASK_STCTL;
627         sch->curr_status.scsw.ctrl |=
628             SCSW_STCTL_ALERT | SCSW_STCTL_STATUS_PEND;
629         /* Inject an I/O interrupt. */
630         s390_io_interrupt(css_build_subchannel_id(sch),
631                           sch->schid,
632                           sch->curr_status.pmcw.intparm,
633                           isc << 27);
634     }
635 }
636 
637 int css_do_sic(CPUS390XState *env, uint8_t isc, uint16_t mode)
638 {
639     S390FLICState *fs = s390_get_flic();
640     S390FLICStateClass *fsc = S390_FLIC_COMMON_GET_CLASS(fs);
641     int r;
642 
643     if (env->psw.mask & PSW_MASK_PSTATE) {
644         r = -PGM_PRIVILEGED;
645         goto out;
646     }
647 
648     trace_css_do_sic(mode, isc);
649     switch (mode) {
650     case SIC_IRQ_MODE_ALL:
651     case SIC_IRQ_MODE_SINGLE:
652         break;
653     default:
654         r = -PGM_OPERAND;
655         goto out;
656     }
657 
658     r = fsc->modify_ais_mode(fs, isc, mode) ? -PGM_OPERATION : 0;
659 out:
660     return r;
661 }
662 
663 void css_adapter_interrupt(CssIoAdapterType type, uint8_t isc)
664 {
665     S390FLICState *fs = s390_get_flic();
666     S390FLICStateClass *fsc = S390_FLIC_COMMON_GET_CLASS(fs);
667     uint32_t io_int_word = (isc << 27) | IO_INT_WORD_AI;
668     IoAdapter *adapter = channel_subsys.io_adapters[type][isc];
669 
670     if (!adapter) {
671         return;
672     }
673 
674     trace_css_adapter_interrupt(isc);
675     if (fs->ais_supported) {
676         if (fsc->inject_airq(fs, type, isc, adapter->flags)) {
677             error_report("Failed to inject airq with AIS supported");
678             exit(1);
679         }
680     } else {
681         s390_io_interrupt(0, 0, 0, io_int_word);
682     }
683 }
684 
685 static void sch_handle_clear_func(SubchDev *sch)
686 {
687     PMCW *p = &sch->curr_status.pmcw;
688     SCSW *s = &sch->curr_status.scsw;
689     int path;
690 
691     /* Path management: In our simple css, we always choose the only path. */
692     path = 0x80;
693 
694     /* Reset values prior to 'issuing the clear signal'. */
695     p->lpum = 0;
696     p->pom = 0xff;
697     s->flags &= ~SCSW_FLAGS_MASK_PNO;
698 
699     /* We always 'attempt to issue the clear signal', and we always succeed. */
700     sch->channel_prog = 0x0;
701     sch->last_cmd_valid = false;
702     s->ctrl &= ~SCSW_ACTL_CLEAR_PEND;
703     s->ctrl |= SCSW_STCTL_STATUS_PEND;
704 
705     s->dstat = 0;
706     s->cstat = 0;
707     p->lpum = path;
708 
709 }
710 
711 static void sch_handle_halt_func(SubchDev *sch)
712 {
713 
714     PMCW *p = &sch->curr_status.pmcw;
715     SCSW *s = &sch->curr_status.scsw;
716     hwaddr curr_ccw = sch->channel_prog;
717     int path;
718 
719     /* Path management: In our simple css, we always choose the only path. */
720     path = 0x80;
721 
722     /* We always 'attempt to issue the halt signal', and we always succeed. */
723     sch->channel_prog = 0x0;
724     sch->last_cmd_valid = false;
725     s->ctrl &= ~SCSW_ACTL_HALT_PEND;
726     s->ctrl |= SCSW_STCTL_STATUS_PEND;
727 
728     if ((s->ctrl & (SCSW_ACTL_SUBCH_ACTIVE | SCSW_ACTL_DEVICE_ACTIVE)) ||
729         !((s->ctrl & SCSW_ACTL_START_PEND) ||
730           (s->ctrl & SCSW_ACTL_SUSP))) {
731         s->dstat = SCSW_DSTAT_DEVICE_END;
732     }
733     if ((s->ctrl & (SCSW_ACTL_SUBCH_ACTIVE | SCSW_ACTL_DEVICE_ACTIVE)) ||
734         (s->ctrl & SCSW_ACTL_SUSP)) {
735         s->cpa = curr_ccw + 8;
736     }
737     s->cstat = 0;
738     p->lpum = path;
739 
740 }
741 
742 static void copy_sense_id_to_guest(SenseId *dest, SenseId *src)
743 {
744     int i;
745 
746     dest->reserved = src->reserved;
747     dest->cu_type = cpu_to_be16(src->cu_type);
748     dest->cu_model = src->cu_model;
749     dest->dev_type = cpu_to_be16(src->dev_type);
750     dest->dev_model = src->dev_model;
751     dest->unused = src->unused;
752     for (i = 0; i < ARRAY_SIZE(dest->ciw); i++) {
753         dest->ciw[i].type = src->ciw[i].type;
754         dest->ciw[i].command = src->ciw[i].command;
755         dest->ciw[i].count = cpu_to_be16(src->ciw[i].count);
756     }
757 }
758 
759 static CCW1 copy_ccw_from_guest(hwaddr addr, bool fmt1)
760 {
761     CCW0 tmp0;
762     CCW1 tmp1;
763     CCW1 ret;
764 
765     if (fmt1) {
766         cpu_physical_memory_read(addr, &tmp1, sizeof(tmp1));
767         ret.cmd_code = tmp1.cmd_code;
768         ret.flags = tmp1.flags;
769         ret.count = be16_to_cpu(tmp1.count);
770         ret.cda = be32_to_cpu(tmp1.cda);
771     } else {
772         cpu_physical_memory_read(addr, &tmp0, sizeof(tmp0));
773         if ((tmp0.cmd_code & 0x0f) == CCW_CMD_TIC) {
774             ret.cmd_code = CCW_CMD_TIC;
775             ret.flags = 0;
776             ret.count = 0;
777         } else {
778             ret.cmd_code = tmp0.cmd_code;
779             ret.flags = tmp0.flags;
780             ret.count = be16_to_cpu(tmp0.count);
781         }
782         ret.cda = be16_to_cpu(tmp0.cda1) | (tmp0.cda0 << 16);
783     }
784     return ret;
785 }
786 
787 static int css_interpret_ccw(SubchDev *sch, hwaddr ccw_addr,
788                              bool suspend_allowed)
789 {
790     int ret;
791     bool check_len;
792     int len;
793     CCW1 ccw;
794 
795     if (!ccw_addr) {
796         return -EIO;
797     }
798     /* Check doubleword aligned and 31 or 24 (fmt 0) bit addressable. */
799     if (ccw_addr & (sch->ccw_fmt_1 ? 0x80000007 : 0xff000007)) {
800         return -EINVAL;
801     }
802 
803     /* Translate everything to format-1 ccws - the information is the same. */
804     ccw = copy_ccw_from_guest(ccw_addr, sch->ccw_fmt_1);
805 
806     /* Check for invalid command codes. */
807     if ((ccw.cmd_code & 0x0f) == 0) {
808         return -EINVAL;
809     }
810     if (((ccw.cmd_code & 0x0f) == CCW_CMD_TIC) &&
811         ((ccw.cmd_code & 0xf0) != 0)) {
812         return -EINVAL;
813     }
814     if (!sch->ccw_fmt_1 && (ccw.count == 0) &&
815         (ccw.cmd_code != CCW_CMD_TIC)) {
816         return -EINVAL;
817     }
818 
819     /* We don't support MIDA. */
820     if (ccw.flags & CCW_FLAG_MIDA) {
821         return -EINVAL;
822     }
823 
824     if (ccw.flags & CCW_FLAG_SUSPEND) {
825         return suspend_allowed ? -EINPROGRESS : -EINVAL;
826     }
827 
828     check_len = !((ccw.flags & CCW_FLAG_SLI) && !(ccw.flags & CCW_FLAG_DC));
829 
830     if (!ccw.cda) {
831         if (sch->ccw_no_data_cnt == 255) {
832             return -EINVAL;
833         }
834         sch->ccw_no_data_cnt++;
835     }
836 
837     /* Look at the command. */
838     switch (ccw.cmd_code) {
839     case CCW_CMD_NOOP:
840         /* Nothing to do. */
841         ret = 0;
842         break;
843     case CCW_CMD_BASIC_SENSE:
844         if (check_len) {
845             if (ccw.count != sizeof(sch->sense_data)) {
846                 ret = -EINVAL;
847                 break;
848             }
849         }
850         len = MIN(ccw.count, sizeof(sch->sense_data));
851         cpu_physical_memory_write(ccw.cda, sch->sense_data, len);
852         sch->curr_status.scsw.count = ccw.count - len;
853         memset(sch->sense_data, 0, sizeof(sch->sense_data));
854         ret = 0;
855         break;
856     case CCW_CMD_SENSE_ID:
857     {
858         SenseId sense_id;
859 
860         copy_sense_id_to_guest(&sense_id, &sch->id);
861         /* Sense ID information is device specific. */
862         if (check_len) {
863             if (ccw.count != sizeof(sense_id)) {
864                 ret = -EINVAL;
865                 break;
866             }
867         }
868         len = MIN(ccw.count, sizeof(sense_id));
869         /*
870          * Only indicate 0xff in the first sense byte if we actually
871          * have enough place to store at least bytes 0-3.
872          */
873         if (len >= 4) {
874             sense_id.reserved = 0xff;
875         } else {
876             sense_id.reserved = 0;
877         }
878         cpu_physical_memory_write(ccw.cda, &sense_id, len);
879         sch->curr_status.scsw.count = ccw.count - len;
880         ret = 0;
881         break;
882     }
883     case CCW_CMD_TIC:
884         if (sch->last_cmd_valid && (sch->last_cmd.cmd_code == CCW_CMD_TIC)) {
885             ret = -EINVAL;
886             break;
887         }
888         if (ccw.flags || ccw.count) {
889             /* We have already sanitized these if converted from fmt 0. */
890             ret = -EINVAL;
891             break;
892         }
893         sch->channel_prog = ccw.cda;
894         ret = -EAGAIN;
895         break;
896     default:
897         if (sch->ccw_cb) {
898             /* Handle device specific commands. */
899             ret = sch->ccw_cb(sch, ccw);
900         } else {
901             ret = -ENOSYS;
902         }
903         break;
904     }
905     sch->last_cmd = ccw;
906     sch->last_cmd_valid = true;
907     if (ret == 0) {
908         if (ccw.flags & CCW_FLAG_CC) {
909             sch->channel_prog += 8;
910             ret = -EAGAIN;
911         }
912     }
913 
914     return ret;
915 }
916 
917 static void sch_handle_start_func_virtual(SubchDev *sch)
918 {
919 
920     PMCW *p = &sch->curr_status.pmcw;
921     SCSW *s = &sch->curr_status.scsw;
922     int path;
923     int ret;
924     bool suspend_allowed;
925 
926     /* Path management: In our simple css, we always choose the only path. */
927     path = 0x80;
928 
929     if (!(s->ctrl & SCSW_ACTL_SUSP)) {
930         /* Start Function triggered via ssch, i.e. we have an ORB */
931         ORB *orb = &sch->orb;
932         s->cstat = 0;
933         s->dstat = 0;
934         /* Look at the orb and try to execute the channel program. */
935         p->intparm = orb->intparm;
936         if (!(orb->lpm & path)) {
937             /* Generate a deferred cc 3 condition. */
938             s->flags |= SCSW_FLAGS_MASK_CC;
939             s->ctrl &= ~SCSW_CTRL_MASK_STCTL;
940             s->ctrl |= (SCSW_STCTL_ALERT | SCSW_STCTL_STATUS_PEND);
941             return;
942         }
943         sch->ccw_fmt_1 = !!(orb->ctrl0 & ORB_CTRL0_MASK_FMT);
944         s->flags |= (sch->ccw_fmt_1) ? SCSW_FLAGS_MASK_FMT : 0;
945         sch->ccw_no_data_cnt = 0;
946         suspend_allowed = !!(orb->ctrl0 & ORB_CTRL0_MASK_SPND);
947     } else {
948         /* Start Function resumed via rsch */
949         s->ctrl &= ~(SCSW_ACTL_SUSP | SCSW_ACTL_RESUME_PEND);
950         /* The channel program had been suspended before. */
951         suspend_allowed = true;
952     }
953     sch->last_cmd_valid = false;
954     do {
955         ret = css_interpret_ccw(sch, sch->channel_prog, suspend_allowed);
956         switch (ret) {
957         case -EAGAIN:
958             /* ccw chain, continue processing */
959             break;
960         case 0:
961             /* success */
962             s->ctrl &= ~SCSW_ACTL_START_PEND;
963             s->ctrl &= ~SCSW_CTRL_MASK_STCTL;
964             s->ctrl |= SCSW_STCTL_PRIMARY | SCSW_STCTL_SECONDARY |
965                     SCSW_STCTL_STATUS_PEND;
966             s->dstat = SCSW_DSTAT_CHANNEL_END | SCSW_DSTAT_DEVICE_END;
967             s->cpa = sch->channel_prog + 8;
968             break;
969         case -EIO:
970             /* I/O errors, status depends on specific devices */
971             break;
972         case -ENOSYS:
973             /* unsupported command, generate unit check (command reject) */
974             s->ctrl &= ~SCSW_ACTL_START_PEND;
975             s->dstat = SCSW_DSTAT_UNIT_CHECK;
976             /* Set sense bit 0 in ecw0. */
977             sch->sense_data[0] = 0x80;
978             s->ctrl &= ~SCSW_CTRL_MASK_STCTL;
979             s->ctrl |= SCSW_STCTL_PRIMARY | SCSW_STCTL_SECONDARY |
980                     SCSW_STCTL_ALERT | SCSW_STCTL_STATUS_PEND;
981             s->cpa = sch->channel_prog + 8;
982             break;
983         case -EFAULT:
984             /* memory problem, generate channel data check */
985             s->ctrl &= ~SCSW_ACTL_START_PEND;
986             s->cstat = SCSW_CSTAT_DATA_CHECK;
987             s->ctrl &= ~SCSW_CTRL_MASK_STCTL;
988             s->ctrl |= SCSW_STCTL_PRIMARY | SCSW_STCTL_SECONDARY |
989                     SCSW_STCTL_ALERT | SCSW_STCTL_STATUS_PEND;
990             s->cpa = sch->channel_prog + 8;
991             break;
992         case -EBUSY:
993             /* subchannel busy, generate deferred cc 1 */
994             s->flags &= ~SCSW_FLAGS_MASK_CC;
995             s->flags |= (1 << 8);
996             s->ctrl &= ~SCSW_CTRL_MASK_STCTL;
997             s->ctrl |= SCSW_STCTL_ALERT | SCSW_STCTL_STATUS_PEND;
998             break;
999         case -EINPROGRESS:
1000             /* channel program has been suspended */
1001             s->ctrl &= ~SCSW_ACTL_START_PEND;
1002             s->ctrl |= SCSW_ACTL_SUSP;
1003             break;
1004         default:
1005             /* error, generate channel program check */
1006             s->ctrl &= ~SCSW_ACTL_START_PEND;
1007             s->cstat = SCSW_CSTAT_PROG_CHECK;
1008             s->ctrl &= ~SCSW_CTRL_MASK_STCTL;
1009             s->ctrl |= SCSW_STCTL_PRIMARY | SCSW_STCTL_SECONDARY |
1010                     SCSW_STCTL_ALERT | SCSW_STCTL_STATUS_PEND;
1011             s->cpa = sch->channel_prog + 8;
1012             break;
1013         }
1014     } while (ret == -EAGAIN);
1015 
1016 }
1017 
1018 static int sch_handle_start_func_passthrough(SubchDev *sch)
1019 {
1020 
1021     PMCW *p = &sch->curr_status.pmcw;
1022     SCSW *s = &sch->curr_status.scsw;
1023     int ret;
1024 
1025     ORB *orb = &sch->orb;
1026     if (!(s->ctrl & SCSW_ACTL_SUSP)) {
1027         assert(orb != NULL);
1028         p->intparm = orb->intparm;
1029     }
1030 
1031     /*
1032      * Only support prefetch enable mode.
1033      * Only support 64bit addressing idal.
1034      */
1035     if (!(orb->ctrl0 & ORB_CTRL0_MASK_PFCH) ||
1036         !(orb->ctrl0 & ORB_CTRL0_MASK_C64)) {
1037         return -EINVAL;
1038     }
1039 
1040     ret = s390_ccw_cmd_request(orb, s, sch->driver_data);
1041     switch (ret) {
1042     /* Currently we don't update control block and just return the cc code. */
1043     case 0:
1044         break;
1045     case -EBUSY:
1046         break;
1047     case -ENODEV:
1048         break;
1049     case -EACCES:
1050         /* Let's reflect an inaccessible host device by cc 3. */
1051         ret = -ENODEV;
1052         break;
1053     default:
1054        /*
1055         * All other return codes will trigger a program check,
1056         * or set cc to 1.
1057         */
1058        break;
1059     };
1060 
1061     return ret;
1062 }
1063 
1064 /*
1065  * On real machines, this would run asynchronously to the main vcpus.
1066  * We might want to make some parts of the ssch handling (interpreting
1067  * read/writes) asynchronous later on if we start supporting more than
1068  * our current very simple devices.
1069  */
1070 int do_subchannel_work_virtual(SubchDev *sch)
1071 {
1072 
1073     SCSW *s = &sch->curr_status.scsw;
1074 
1075     if (s->ctrl & SCSW_FCTL_CLEAR_FUNC) {
1076         sch_handle_clear_func(sch);
1077     } else if (s->ctrl & SCSW_FCTL_HALT_FUNC) {
1078         sch_handle_halt_func(sch);
1079     } else if (s->ctrl & SCSW_FCTL_START_FUNC) {
1080         /* Triggered by both ssch and rsch. */
1081         sch_handle_start_func_virtual(sch);
1082     } else {
1083         /* Cannot happen. */
1084         return 0;
1085     }
1086     css_inject_io_interrupt(sch);
1087     return 0;
1088 }
1089 
1090 int do_subchannel_work_passthrough(SubchDev *sch)
1091 {
1092     int ret;
1093     SCSW *s = &sch->curr_status.scsw;
1094 
1095     if (s->ctrl & SCSW_FCTL_CLEAR_FUNC) {
1096         /* TODO: Clear handling */
1097         sch_handle_clear_func(sch);
1098         ret = 0;
1099     } else if (s->ctrl & SCSW_FCTL_HALT_FUNC) {
1100         /* TODO: Halt handling */
1101         sch_handle_halt_func(sch);
1102         ret = 0;
1103     } else if (s->ctrl & SCSW_FCTL_START_FUNC) {
1104         ret = sch_handle_start_func_passthrough(sch);
1105     } else {
1106         /* Cannot happen. */
1107         return -ENODEV;
1108     }
1109 
1110     return ret;
1111 }
1112 
1113 static int do_subchannel_work(SubchDev *sch)
1114 {
1115     if (sch->do_subchannel_work) {
1116         return sch->do_subchannel_work(sch);
1117     } else {
1118         return -EINVAL;
1119     }
1120 }
1121 
1122 static void copy_pmcw_to_guest(PMCW *dest, const PMCW *src)
1123 {
1124     int i;
1125 
1126     dest->intparm = cpu_to_be32(src->intparm);
1127     dest->flags = cpu_to_be16(src->flags);
1128     dest->devno = cpu_to_be16(src->devno);
1129     dest->lpm = src->lpm;
1130     dest->pnom = src->pnom;
1131     dest->lpum = src->lpum;
1132     dest->pim = src->pim;
1133     dest->mbi = cpu_to_be16(src->mbi);
1134     dest->pom = src->pom;
1135     dest->pam = src->pam;
1136     for (i = 0; i < ARRAY_SIZE(dest->chpid); i++) {
1137         dest->chpid[i] = src->chpid[i];
1138     }
1139     dest->chars = cpu_to_be32(src->chars);
1140 }
1141 
1142 void copy_scsw_to_guest(SCSW *dest, const SCSW *src)
1143 {
1144     dest->flags = cpu_to_be16(src->flags);
1145     dest->ctrl = cpu_to_be16(src->ctrl);
1146     dest->cpa = cpu_to_be32(src->cpa);
1147     dest->dstat = src->dstat;
1148     dest->cstat = src->cstat;
1149     dest->count = cpu_to_be16(src->count);
1150 }
1151 
1152 static void copy_schib_to_guest(SCHIB *dest, const SCHIB *src)
1153 {
1154     int i;
1155 
1156     copy_pmcw_to_guest(&dest->pmcw, &src->pmcw);
1157     copy_scsw_to_guest(&dest->scsw, &src->scsw);
1158     dest->mba = cpu_to_be64(src->mba);
1159     for (i = 0; i < ARRAY_SIZE(dest->mda); i++) {
1160         dest->mda[i] = src->mda[i];
1161     }
1162 }
1163 
1164 int css_do_stsch(SubchDev *sch, SCHIB *schib)
1165 {
1166     /* Use current status. */
1167     copy_schib_to_guest(schib, &sch->curr_status);
1168     return 0;
1169 }
1170 
1171 static void copy_pmcw_from_guest(PMCW *dest, const PMCW *src)
1172 {
1173     int i;
1174 
1175     dest->intparm = be32_to_cpu(src->intparm);
1176     dest->flags = be16_to_cpu(src->flags);
1177     dest->devno = be16_to_cpu(src->devno);
1178     dest->lpm = src->lpm;
1179     dest->pnom = src->pnom;
1180     dest->lpum = src->lpum;
1181     dest->pim = src->pim;
1182     dest->mbi = be16_to_cpu(src->mbi);
1183     dest->pom = src->pom;
1184     dest->pam = src->pam;
1185     for (i = 0; i < ARRAY_SIZE(dest->chpid); i++) {
1186         dest->chpid[i] = src->chpid[i];
1187     }
1188     dest->chars = be32_to_cpu(src->chars);
1189 }
1190 
1191 static void copy_scsw_from_guest(SCSW *dest, const SCSW *src)
1192 {
1193     dest->flags = be16_to_cpu(src->flags);
1194     dest->ctrl = be16_to_cpu(src->ctrl);
1195     dest->cpa = be32_to_cpu(src->cpa);
1196     dest->dstat = src->dstat;
1197     dest->cstat = src->cstat;
1198     dest->count = be16_to_cpu(src->count);
1199 }
1200 
1201 static void copy_schib_from_guest(SCHIB *dest, const SCHIB *src)
1202 {
1203     int i;
1204 
1205     copy_pmcw_from_guest(&dest->pmcw, &src->pmcw);
1206     copy_scsw_from_guest(&dest->scsw, &src->scsw);
1207     dest->mba = be64_to_cpu(src->mba);
1208     for (i = 0; i < ARRAY_SIZE(dest->mda); i++) {
1209         dest->mda[i] = src->mda[i];
1210     }
1211 }
1212 
1213 int css_do_msch(SubchDev *sch, const SCHIB *orig_schib)
1214 {
1215     SCSW *s = &sch->curr_status.scsw;
1216     PMCW *p = &sch->curr_status.pmcw;
1217     uint16_t oldflags;
1218     int ret;
1219     SCHIB schib;
1220 
1221     if (!(sch->curr_status.pmcw.flags & PMCW_FLAGS_MASK_DNV)) {
1222         ret = 0;
1223         goto out;
1224     }
1225 
1226     if (s->ctrl & SCSW_STCTL_STATUS_PEND) {
1227         ret = -EINPROGRESS;
1228         goto out;
1229     }
1230 
1231     if (s->ctrl &
1232         (SCSW_FCTL_START_FUNC|SCSW_FCTL_HALT_FUNC|SCSW_FCTL_CLEAR_FUNC)) {
1233         ret = -EBUSY;
1234         goto out;
1235     }
1236 
1237     copy_schib_from_guest(&schib, orig_schib);
1238     /* Only update the program-modifiable fields. */
1239     p->intparm = schib.pmcw.intparm;
1240     oldflags = p->flags;
1241     p->flags &= ~(PMCW_FLAGS_MASK_ISC | PMCW_FLAGS_MASK_ENA |
1242                   PMCW_FLAGS_MASK_LM | PMCW_FLAGS_MASK_MME |
1243                   PMCW_FLAGS_MASK_MP);
1244     p->flags |= schib.pmcw.flags &
1245             (PMCW_FLAGS_MASK_ISC | PMCW_FLAGS_MASK_ENA |
1246              PMCW_FLAGS_MASK_LM | PMCW_FLAGS_MASK_MME |
1247              PMCW_FLAGS_MASK_MP);
1248     p->lpm = schib.pmcw.lpm;
1249     p->mbi = schib.pmcw.mbi;
1250     p->pom = schib.pmcw.pom;
1251     p->chars &= ~(PMCW_CHARS_MASK_MBFC | PMCW_CHARS_MASK_CSENSE);
1252     p->chars |= schib.pmcw.chars &
1253             (PMCW_CHARS_MASK_MBFC | PMCW_CHARS_MASK_CSENSE);
1254     sch->curr_status.mba = schib.mba;
1255 
1256     /* Has the channel been disabled? */
1257     if (sch->disable_cb && (oldflags & PMCW_FLAGS_MASK_ENA) != 0
1258         && (p->flags & PMCW_FLAGS_MASK_ENA) == 0) {
1259         sch->disable_cb(sch);
1260     }
1261 
1262     ret = 0;
1263 
1264 out:
1265     return ret;
1266 }
1267 
1268 int css_do_xsch(SubchDev *sch)
1269 {
1270     SCSW *s = &sch->curr_status.scsw;
1271     PMCW *p = &sch->curr_status.pmcw;
1272     int ret;
1273 
1274     if (~(p->flags) & (PMCW_FLAGS_MASK_DNV | PMCW_FLAGS_MASK_ENA)) {
1275         ret = -ENODEV;
1276         goto out;
1277     }
1278 
1279     if (!(s->ctrl & SCSW_CTRL_MASK_FCTL) ||
1280         ((s->ctrl & SCSW_CTRL_MASK_FCTL) != SCSW_FCTL_START_FUNC) ||
1281         (!(s->ctrl &
1282            (SCSW_ACTL_RESUME_PEND | SCSW_ACTL_START_PEND | SCSW_ACTL_SUSP))) ||
1283         (s->ctrl & SCSW_ACTL_SUBCH_ACTIVE)) {
1284         ret = -EINPROGRESS;
1285         goto out;
1286     }
1287 
1288     if (s->ctrl & SCSW_CTRL_MASK_STCTL) {
1289         ret = -EBUSY;
1290         goto out;
1291     }
1292 
1293     /* Cancel the current operation. */
1294     s->ctrl &= ~(SCSW_FCTL_START_FUNC |
1295                  SCSW_ACTL_RESUME_PEND |
1296                  SCSW_ACTL_START_PEND |
1297                  SCSW_ACTL_SUSP);
1298     sch->channel_prog = 0x0;
1299     sch->last_cmd_valid = false;
1300     s->dstat = 0;
1301     s->cstat = 0;
1302     ret = 0;
1303 
1304 out:
1305     return ret;
1306 }
1307 
1308 int css_do_csch(SubchDev *sch)
1309 {
1310     SCSW *s = &sch->curr_status.scsw;
1311     PMCW *p = &sch->curr_status.pmcw;
1312     int ret;
1313 
1314     if (~(p->flags) & (PMCW_FLAGS_MASK_DNV | PMCW_FLAGS_MASK_ENA)) {
1315         ret = -ENODEV;
1316         goto out;
1317     }
1318 
1319     /* Trigger the clear function. */
1320     s->ctrl &= ~(SCSW_CTRL_MASK_FCTL | SCSW_CTRL_MASK_ACTL);
1321     s->ctrl |= SCSW_FCTL_CLEAR_FUNC | SCSW_ACTL_CLEAR_PEND;
1322 
1323     do_subchannel_work(sch);
1324     ret = 0;
1325 
1326 out:
1327     return ret;
1328 }
1329 
1330 int css_do_hsch(SubchDev *sch)
1331 {
1332     SCSW *s = &sch->curr_status.scsw;
1333     PMCW *p = &sch->curr_status.pmcw;
1334     int ret;
1335 
1336     if (~(p->flags) & (PMCW_FLAGS_MASK_DNV | PMCW_FLAGS_MASK_ENA)) {
1337         ret = -ENODEV;
1338         goto out;
1339     }
1340 
1341     if (((s->ctrl & SCSW_CTRL_MASK_STCTL) == SCSW_STCTL_STATUS_PEND) ||
1342         (s->ctrl & (SCSW_STCTL_PRIMARY |
1343                     SCSW_STCTL_SECONDARY |
1344                     SCSW_STCTL_ALERT))) {
1345         ret = -EINPROGRESS;
1346         goto out;
1347     }
1348 
1349     if (s->ctrl & (SCSW_FCTL_HALT_FUNC | SCSW_FCTL_CLEAR_FUNC)) {
1350         ret = -EBUSY;
1351         goto out;
1352     }
1353 
1354     /* Trigger the halt function. */
1355     s->ctrl |= SCSW_FCTL_HALT_FUNC;
1356     s->ctrl &= ~SCSW_FCTL_START_FUNC;
1357     if (((s->ctrl & SCSW_CTRL_MASK_ACTL) ==
1358          (SCSW_ACTL_SUBCH_ACTIVE | SCSW_ACTL_DEVICE_ACTIVE)) &&
1359         ((s->ctrl & SCSW_CTRL_MASK_STCTL) == SCSW_STCTL_INTERMEDIATE)) {
1360         s->ctrl &= ~SCSW_STCTL_STATUS_PEND;
1361     }
1362     s->ctrl |= SCSW_ACTL_HALT_PEND;
1363 
1364     do_subchannel_work(sch);
1365     ret = 0;
1366 
1367 out:
1368     return ret;
1369 }
1370 
1371 static void css_update_chnmon(SubchDev *sch)
1372 {
1373     if (!(sch->curr_status.pmcw.flags & PMCW_FLAGS_MASK_MME)) {
1374         /* Not active. */
1375         return;
1376     }
1377     /* The counter is conveniently located at the beginning of the struct. */
1378     if (sch->curr_status.pmcw.chars & PMCW_CHARS_MASK_MBFC) {
1379         /* Format 1, per-subchannel area. */
1380         uint32_t count;
1381 
1382         count = address_space_ldl(&address_space_memory,
1383                                   sch->curr_status.mba,
1384                                   MEMTXATTRS_UNSPECIFIED,
1385                                   NULL);
1386         count++;
1387         address_space_stl(&address_space_memory, sch->curr_status.mba, count,
1388                           MEMTXATTRS_UNSPECIFIED, NULL);
1389     } else {
1390         /* Format 0, global area. */
1391         uint32_t offset;
1392         uint16_t count;
1393 
1394         offset = sch->curr_status.pmcw.mbi << 5;
1395         count = address_space_lduw(&address_space_memory,
1396                                    channel_subsys.chnmon_area + offset,
1397                                    MEMTXATTRS_UNSPECIFIED,
1398                                    NULL);
1399         count++;
1400         address_space_stw(&address_space_memory,
1401                           channel_subsys.chnmon_area + offset, count,
1402                           MEMTXATTRS_UNSPECIFIED, NULL);
1403     }
1404 }
1405 
1406 int css_do_ssch(SubchDev *sch, ORB *orb)
1407 {
1408     SCSW *s = &sch->curr_status.scsw;
1409     PMCW *p = &sch->curr_status.pmcw;
1410     int ret;
1411 
1412     if (~(p->flags) & (PMCW_FLAGS_MASK_DNV | PMCW_FLAGS_MASK_ENA)) {
1413         ret = -ENODEV;
1414         goto out;
1415     }
1416 
1417     if (s->ctrl & SCSW_STCTL_STATUS_PEND) {
1418         ret = -EINPROGRESS;
1419         goto out;
1420     }
1421 
1422     if (s->ctrl & (SCSW_FCTL_START_FUNC |
1423                    SCSW_FCTL_HALT_FUNC |
1424                    SCSW_FCTL_CLEAR_FUNC)) {
1425         ret = -EBUSY;
1426         goto out;
1427     }
1428 
1429     /* If monitoring is active, update counter. */
1430     if (channel_subsys.chnmon_active) {
1431         css_update_chnmon(sch);
1432     }
1433     sch->orb = *orb;
1434     sch->channel_prog = orb->cpa;
1435     /* Trigger the start function. */
1436     s->ctrl |= (SCSW_FCTL_START_FUNC | SCSW_ACTL_START_PEND);
1437     s->flags &= ~SCSW_FLAGS_MASK_PNO;
1438 
1439     ret = do_subchannel_work(sch);
1440 
1441 out:
1442     return ret;
1443 }
1444 
1445 static void copy_irb_to_guest(IRB *dest, const IRB *src, PMCW *pmcw,
1446                               int *irb_len)
1447 {
1448     int i;
1449     uint16_t stctl = src->scsw.ctrl & SCSW_CTRL_MASK_STCTL;
1450     uint16_t actl = src->scsw.ctrl & SCSW_CTRL_MASK_ACTL;
1451 
1452     copy_scsw_to_guest(&dest->scsw, &src->scsw);
1453 
1454     for (i = 0; i < ARRAY_SIZE(dest->esw); i++) {
1455         dest->esw[i] = cpu_to_be32(src->esw[i]);
1456     }
1457     for (i = 0; i < ARRAY_SIZE(dest->ecw); i++) {
1458         dest->ecw[i] = cpu_to_be32(src->ecw[i]);
1459     }
1460     *irb_len = sizeof(*dest) - sizeof(dest->emw);
1461 
1462     /* extended measurements enabled? */
1463     if ((src->scsw.flags & SCSW_FLAGS_MASK_ESWF) ||
1464         !(pmcw->flags & PMCW_FLAGS_MASK_TF) ||
1465         !(pmcw->chars & PMCW_CHARS_MASK_XMWME)) {
1466         return;
1467     }
1468     /* extended measurements pending? */
1469     if (!(stctl & SCSW_STCTL_STATUS_PEND)) {
1470         return;
1471     }
1472     if ((stctl & SCSW_STCTL_PRIMARY) ||
1473         (stctl == SCSW_STCTL_SECONDARY) ||
1474         ((stctl & SCSW_STCTL_INTERMEDIATE) && (actl & SCSW_ACTL_SUSP))) {
1475         for (i = 0; i < ARRAY_SIZE(dest->emw); i++) {
1476             dest->emw[i] = cpu_to_be32(src->emw[i]);
1477         }
1478     }
1479     *irb_len = sizeof(*dest);
1480 }
1481 
1482 int css_do_tsch_get_irb(SubchDev *sch, IRB *target_irb, int *irb_len)
1483 {
1484     SCSW *s = &sch->curr_status.scsw;
1485     PMCW *p = &sch->curr_status.pmcw;
1486     uint16_t stctl;
1487     IRB irb;
1488 
1489     if (~(p->flags) & (PMCW_FLAGS_MASK_DNV | PMCW_FLAGS_MASK_ENA)) {
1490         return 3;
1491     }
1492 
1493     stctl = s->ctrl & SCSW_CTRL_MASK_STCTL;
1494 
1495     /* Prepare the irb for the guest. */
1496     memset(&irb, 0, sizeof(IRB));
1497 
1498     /* Copy scsw from current status. */
1499     memcpy(&irb.scsw, s, sizeof(SCSW));
1500     if (stctl & SCSW_STCTL_STATUS_PEND) {
1501         if (s->cstat & (SCSW_CSTAT_DATA_CHECK |
1502                         SCSW_CSTAT_CHN_CTRL_CHK |
1503                         SCSW_CSTAT_INTF_CTRL_CHK)) {
1504             irb.scsw.flags |= SCSW_FLAGS_MASK_ESWF;
1505             irb.esw[0] = 0x04804000;
1506         } else {
1507             irb.esw[0] = 0x00800000;
1508         }
1509         /* If a unit check is pending, copy sense data. */
1510         if ((s->dstat & SCSW_DSTAT_UNIT_CHECK) &&
1511             (p->chars & PMCW_CHARS_MASK_CSENSE)) {
1512             int i;
1513 
1514             irb.scsw.flags |= SCSW_FLAGS_MASK_ESWF | SCSW_FLAGS_MASK_ECTL;
1515             /* Attention: sense_data is already BE! */
1516             memcpy(irb.ecw, sch->sense_data, sizeof(sch->sense_data));
1517             for (i = 0; i < ARRAY_SIZE(irb.ecw); i++) {
1518                 irb.ecw[i] = be32_to_cpu(irb.ecw[i]);
1519             }
1520             irb.esw[1] = 0x01000000 | (sizeof(sch->sense_data) << 8);
1521         }
1522     }
1523     /* Store the irb to the guest. */
1524     copy_irb_to_guest(target_irb, &irb, p, irb_len);
1525 
1526     return ((stctl & SCSW_STCTL_STATUS_PEND) == 0);
1527 }
1528 
1529 void css_do_tsch_update_subch(SubchDev *sch)
1530 {
1531     SCSW *s = &sch->curr_status.scsw;
1532     PMCW *p = &sch->curr_status.pmcw;
1533     uint16_t stctl;
1534     uint16_t fctl;
1535     uint16_t actl;
1536 
1537     stctl = s->ctrl & SCSW_CTRL_MASK_STCTL;
1538     fctl = s->ctrl & SCSW_CTRL_MASK_FCTL;
1539     actl = s->ctrl & SCSW_CTRL_MASK_ACTL;
1540 
1541     /* Clear conditions on subchannel, if applicable. */
1542     if (stctl & SCSW_STCTL_STATUS_PEND) {
1543         s->ctrl &= ~SCSW_CTRL_MASK_STCTL;
1544         if ((stctl != (SCSW_STCTL_INTERMEDIATE | SCSW_STCTL_STATUS_PEND)) ||
1545             ((fctl & SCSW_FCTL_HALT_FUNC) &&
1546              (actl & SCSW_ACTL_SUSP))) {
1547             s->ctrl &= ~SCSW_CTRL_MASK_FCTL;
1548         }
1549         if (stctl != (SCSW_STCTL_INTERMEDIATE | SCSW_STCTL_STATUS_PEND)) {
1550             s->flags &= ~SCSW_FLAGS_MASK_PNO;
1551             s->ctrl &= ~(SCSW_ACTL_RESUME_PEND |
1552                          SCSW_ACTL_START_PEND |
1553                          SCSW_ACTL_HALT_PEND |
1554                          SCSW_ACTL_CLEAR_PEND |
1555                          SCSW_ACTL_SUSP);
1556         } else {
1557             if ((actl & SCSW_ACTL_SUSP) &&
1558                 (fctl & SCSW_FCTL_START_FUNC)) {
1559                 s->flags &= ~SCSW_FLAGS_MASK_PNO;
1560                 if (fctl & SCSW_FCTL_HALT_FUNC) {
1561                     s->ctrl &= ~(SCSW_ACTL_RESUME_PEND |
1562                                  SCSW_ACTL_START_PEND |
1563                                  SCSW_ACTL_HALT_PEND |
1564                                  SCSW_ACTL_CLEAR_PEND |
1565                                  SCSW_ACTL_SUSP);
1566                 } else {
1567                     s->ctrl &= ~SCSW_ACTL_RESUME_PEND;
1568                 }
1569             }
1570         }
1571         /* Clear pending sense data. */
1572         if (p->chars & PMCW_CHARS_MASK_CSENSE) {
1573             memset(sch->sense_data, 0 , sizeof(sch->sense_data));
1574         }
1575     }
1576 }
1577 
1578 static void copy_crw_to_guest(CRW *dest, const CRW *src)
1579 {
1580     dest->flags = cpu_to_be16(src->flags);
1581     dest->rsid = cpu_to_be16(src->rsid);
1582 }
1583 
1584 int css_do_stcrw(CRW *crw)
1585 {
1586     CrwContainer *crw_cont;
1587     int ret;
1588 
1589     crw_cont = QTAILQ_FIRST(&channel_subsys.pending_crws);
1590     if (crw_cont) {
1591         QTAILQ_REMOVE(&channel_subsys.pending_crws, crw_cont, sibling);
1592         copy_crw_to_guest(crw, &crw_cont->crw);
1593         g_free(crw_cont);
1594         ret = 0;
1595     } else {
1596         /* List was empty, turn crw machine checks on again. */
1597         memset(crw, 0, sizeof(*crw));
1598         channel_subsys.do_crw_mchk = true;
1599         ret = 1;
1600     }
1601 
1602     return ret;
1603 }
1604 
1605 static void copy_crw_from_guest(CRW *dest, const CRW *src)
1606 {
1607     dest->flags = be16_to_cpu(src->flags);
1608     dest->rsid = be16_to_cpu(src->rsid);
1609 }
1610 
1611 void css_undo_stcrw(CRW *crw)
1612 {
1613     CrwContainer *crw_cont;
1614 
1615     crw_cont = g_try_malloc0(sizeof(CrwContainer));
1616     if (!crw_cont) {
1617         channel_subsys.crws_lost = true;
1618         return;
1619     }
1620     copy_crw_from_guest(&crw_cont->crw, crw);
1621 
1622     QTAILQ_INSERT_HEAD(&channel_subsys.pending_crws, crw_cont, sibling);
1623 }
1624 
1625 int css_do_tpi(IOIntCode *int_code, int lowcore)
1626 {
1627     /* No pending interrupts for !KVM. */
1628     return 0;
1629  }
1630 
1631 int css_collect_chp_desc(int m, uint8_t cssid, uint8_t f_chpid, uint8_t l_chpid,
1632                          int rfmt, void *buf)
1633 {
1634     int i, desc_size;
1635     uint32_t words[8];
1636     uint32_t chpid_type_word;
1637     CssImage *css;
1638 
1639     if (!m && !cssid) {
1640         css = channel_subsys.css[channel_subsys.default_cssid];
1641     } else {
1642         css = channel_subsys.css[cssid];
1643     }
1644     if (!css) {
1645         return 0;
1646     }
1647     desc_size = 0;
1648     for (i = f_chpid; i <= l_chpid; i++) {
1649         if (css->chpids[i].in_use) {
1650             chpid_type_word = 0x80000000 | (css->chpids[i].type << 8) | i;
1651             if (rfmt == 0) {
1652                 words[0] = cpu_to_be32(chpid_type_word);
1653                 words[1] = 0;
1654                 memcpy(buf + desc_size, words, 8);
1655                 desc_size += 8;
1656             } else if (rfmt == 1) {
1657                 words[0] = cpu_to_be32(chpid_type_word);
1658                 words[1] = 0;
1659                 words[2] = 0;
1660                 words[3] = 0;
1661                 words[4] = 0;
1662                 words[5] = 0;
1663                 words[6] = 0;
1664                 words[7] = 0;
1665                 memcpy(buf + desc_size, words, 32);
1666                 desc_size += 32;
1667             }
1668         }
1669     }
1670     return desc_size;
1671 }
1672 
1673 void css_do_schm(uint8_t mbk, int update, int dct, uint64_t mbo)
1674 {
1675     /* dct is currently ignored (not really meaningful for our devices) */
1676     /* TODO: Don't ignore mbk. */
1677     if (update && !channel_subsys.chnmon_active) {
1678         /* Enable measuring. */
1679         channel_subsys.chnmon_area = mbo;
1680         channel_subsys.chnmon_active = true;
1681     }
1682     if (!update && channel_subsys.chnmon_active) {
1683         /* Disable measuring. */
1684         channel_subsys.chnmon_area = 0;
1685         channel_subsys.chnmon_active = false;
1686     }
1687 }
1688 
1689 int css_do_rsch(SubchDev *sch)
1690 {
1691     SCSW *s = &sch->curr_status.scsw;
1692     PMCW *p = &sch->curr_status.pmcw;
1693     int ret;
1694 
1695     if (~(p->flags) & (PMCW_FLAGS_MASK_DNV | PMCW_FLAGS_MASK_ENA)) {
1696         ret = -ENODEV;
1697         goto out;
1698     }
1699 
1700     if (s->ctrl & SCSW_STCTL_STATUS_PEND) {
1701         ret = -EINPROGRESS;
1702         goto out;
1703     }
1704 
1705     if (((s->ctrl & SCSW_CTRL_MASK_FCTL) != SCSW_FCTL_START_FUNC) ||
1706         (s->ctrl & SCSW_ACTL_RESUME_PEND) ||
1707         (!(s->ctrl & SCSW_ACTL_SUSP))) {
1708         ret = -EINVAL;
1709         goto out;
1710     }
1711 
1712     /* If monitoring is active, update counter. */
1713     if (channel_subsys.chnmon_active) {
1714         css_update_chnmon(sch);
1715     }
1716 
1717     s->ctrl |= SCSW_ACTL_RESUME_PEND;
1718     do_subchannel_work(sch);
1719     ret = 0;
1720 
1721 out:
1722     return ret;
1723 }
1724 
1725 int css_do_rchp(uint8_t cssid, uint8_t chpid)
1726 {
1727     uint8_t real_cssid;
1728 
1729     if (cssid > channel_subsys.max_cssid) {
1730         return -EINVAL;
1731     }
1732     if (channel_subsys.max_cssid == 0) {
1733         real_cssid = channel_subsys.default_cssid;
1734     } else {
1735         real_cssid = cssid;
1736     }
1737     if (!channel_subsys.css[real_cssid]) {
1738         return -EINVAL;
1739     }
1740 
1741     if (!channel_subsys.css[real_cssid]->chpids[chpid].in_use) {
1742         return -ENODEV;
1743     }
1744 
1745     if (!channel_subsys.css[real_cssid]->chpids[chpid].is_virtual) {
1746         fprintf(stderr,
1747                 "rchp unsupported for non-virtual chpid %x.%02x!\n",
1748                 real_cssid, chpid);
1749         return -ENODEV;
1750     }
1751 
1752     /* We don't really use a channel path, so we're done here. */
1753     css_queue_crw(CRW_RSC_CHP, CRW_ERC_INIT,
1754                   channel_subsys.max_cssid > 0 ? 1 : 0, chpid);
1755     if (channel_subsys.max_cssid > 0) {
1756         css_queue_crw(CRW_RSC_CHP, CRW_ERC_INIT, 0, real_cssid << 8);
1757     }
1758     return 0;
1759 }
1760 
1761 bool css_schid_final(int m, uint8_t cssid, uint8_t ssid, uint16_t schid)
1762 {
1763     SubchSet *set;
1764     uint8_t real_cssid;
1765 
1766     real_cssid = (!m && (cssid == 0)) ? channel_subsys.default_cssid : cssid;
1767     if (ssid > MAX_SSID ||
1768         !channel_subsys.css[real_cssid] ||
1769         !channel_subsys.css[real_cssid]->sch_set[ssid]) {
1770         return true;
1771     }
1772     set = channel_subsys.css[real_cssid]->sch_set[ssid];
1773     return schid > find_last_bit(set->schids_used,
1774                                  (MAX_SCHID + 1) / sizeof(unsigned long));
1775 }
1776 
1777 unsigned int css_find_free_chpid(uint8_t cssid)
1778 {
1779     CssImage *css = channel_subsys.css[cssid];
1780     unsigned int chpid;
1781 
1782     if (!css) {
1783         return MAX_CHPID + 1;
1784     }
1785 
1786     for (chpid = 0; chpid <= MAX_CHPID; chpid++) {
1787         /* skip reserved chpid */
1788         if (chpid == VIRTIO_CCW_CHPID) {
1789             continue;
1790         }
1791         if (!css->chpids[chpid].in_use) {
1792             return chpid;
1793         }
1794     }
1795     return MAX_CHPID + 1;
1796 }
1797 
1798 static int css_add_chpid(uint8_t cssid, uint8_t chpid, uint8_t type,
1799                          bool is_virt)
1800 {
1801     CssImage *css;
1802 
1803     trace_css_chpid_add(cssid, chpid, type);
1804     css = channel_subsys.css[cssid];
1805     if (!css) {
1806         return -EINVAL;
1807     }
1808     if (css->chpids[chpid].in_use) {
1809         return -EEXIST;
1810     }
1811     css->chpids[chpid].in_use = 1;
1812     css->chpids[chpid].type = type;
1813     css->chpids[chpid].is_virtual = is_virt;
1814 
1815     css_generate_chp_crws(cssid, chpid);
1816 
1817     return 0;
1818 }
1819 
1820 void css_sch_build_virtual_schib(SubchDev *sch, uint8_t chpid, uint8_t type)
1821 {
1822     PMCW *p = &sch->curr_status.pmcw;
1823     SCSW *s = &sch->curr_status.scsw;
1824     int i;
1825     CssImage *css = channel_subsys.css[sch->cssid];
1826 
1827     assert(css != NULL);
1828     memset(p, 0, sizeof(PMCW));
1829     p->flags |= PMCW_FLAGS_MASK_DNV;
1830     p->devno = sch->devno;
1831     /* single path */
1832     p->pim = 0x80;
1833     p->pom = 0xff;
1834     p->pam = 0x80;
1835     p->chpid[0] = chpid;
1836     if (!css->chpids[chpid].in_use) {
1837         css_add_chpid(sch->cssid, chpid, type, true);
1838     }
1839 
1840     memset(s, 0, sizeof(SCSW));
1841     sch->curr_status.mba = 0;
1842     for (i = 0; i < ARRAY_SIZE(sch->curr_status.mda); i++) {
1843         sch->curr_status.mda[i] = 0;
1844     }
1845 }
1846 
1847 SubchDev *css_find_subch(uint8_t m, uint8_t cssid, uint8_t ssid, uint16_t schid)
1848 {
1849     uint8_t real_cssid;
1850 
1851     real_cssid = (!m && (cssid == 0)) ? channel_subsys.default_cssid : cssid;
1852 
1853     if (!channel_subsys.css[real_cssid]) {
1854         return NULL;
1855     }
1856 
1857     if (!channel_subsys.css[real_cssid]->sch_set[ssid]) {
1858         return NULL;
1859     }
1860 
1861     return channel_subsys.css[real_cssid]->sch_set[ssid]->sch[schid];
1862 }
1863 
1864 /**
1865  * Return free device number in subchannel set.
1866  *
1867  * Return index of the first free device number in the subchannel set
1868  * identified by @p cssid and @p ssid, beginning the search at @p
1869  * start and wrapping around at MAX_DEVNO. Return a value exceeding
1870  * MAX_SCHID if there are no free device numbers in the subchannel
1871  * set.
1872  */
1873 static uint32_t css_find_free_devno(uint8_t cssid, uint8_t ssid,
1874                                     uint16_t start)
1875 {
1876     uint32_t round;
1877 
1878     for (round = 0; round <= MAX_DEVNO; round++) {
1879         uint16_t devno = (start + round) % MAX_DEVNO;
1880 
1881         if (!css_devno_used(cssid, ssid, devno)) {
1882             return devno;
1883         }
1884     }
1885     return MAX_DEVNO + 1;
1886 }
1887 
1888 /**
1889  * Return first free subchannel (id) in subchannel set.
1890  *
1891  * Return index of the first free subchannel in the subchannel set
1892  * identified by @p cssid and @p ssid, if there is any. Return a value
1893  * exceeding MAX_SCHID if there are no free subchannels in the
1894  * subchannel set.
1895  */
1896 static uint32_t css_find_free_subch(uint8_t cssid, uint8_t ssid)
1897 {
1898     uint32_t schid;
1899 
1900     for (schid = 0; schid <= MAX_SCHID; schid++) {
1901         if (!css_find_subch(1, cssid, ssid, schid)) {
1902             return schid;
1903         }
1904     }
1905     return MAX_SCHID + 1;
1906 }
1907 
1908 /**
1909  * Return first free subchannel (id) in subchannel set for a device number
1910  *
1911  * Verify the device number @p devno is not used yet in the subchannel
1912  * set identified by @p cssid and @p ssid. Set @p schid to the index
1913  * of the first free subchannel in the subchannel set, if there is
1914  * any. Return true if everything succeeded and false otherwise.
1915  */
1916 static bool css_find_free_subch_for_devno(uint8_t cssid, uint8_t ssid,
1917                                           uint16_t devno, uint16_t *schid,
1918                                           Error **errp)
1919 {
1920     uint32_t free_schid;
1921 
1922     assert(schid);
1923     if (css_devno_used(cssid, ssid, devno)) {
1924         error_setg(errp, "Device %x.%x.%04x already exists",
1925                    cssid, ssid, devno);
1926         return false;
1927     }
1928     free_schid = css_find_free_subch(cssid, ssid);
1929     if (free_schid > MAX_SCHID) {
1930         error_setg(errp, "No free subchannel found for %x.%x.%04x",
1931                    cssid, ssid, devno);
1932         return false;
1933     }
1934     *schid = free_schid;
1935     return true;
1936 }
1937 
1938 /**
1939  * Return first free subchannel (id) and device number
1940  *
1941  * Locate the first free subchannel and first free device number in
1942  * any of the subchannel sets of the channel subsystem identified by
1943  * @p cssid. Return false if no free subchannel / device number could
1944  * be found. Otherwise set @p ssid, @p devno and @p schid to identify
1945  * the available subchannel and device number and return true.
1946  *
1947  * May modify @p ssid, @p devno and / or @p schid even if no free
1948  * subchannel / device number could be found.
1949  */
1950 static bool css_find_free_subch_and_devno(uint8_t cssid, uint8_t *ssid,
1951                                           uint16_t *devno, uint16_t *schid,
1952                                           Error **errp)
1953 {
1954     uint32_t free_schid, free_devno;
1955 
1956     assert(ssid && devno && schid);
1957     for (*ssid = 0; *ssid <= MAX_SSID; (*ssid)++) {
1958         free_schid = css_find_free_subch(cssid, *ssid);
1959         if (free_schid > MAX_SCHID) {
1960             continue;
1961         }
1962         free_devno = css_find_free_devno(cssid, *ssid, free_schid);
1963         if (free_devno > MAX_DEVNO) {
1964             continue;
1965         }
1966         *schid = free_schid;
1967         *devno = free_devno;
1968         return true;
1969     }
1970     error_setg(errp, "Virtual channel subsystem is full!");
1971     return false;
1972 }
1973 
1974 bool css_subch_visible(SubchDev *sch)
1975 {
1976     if (sch->ssid > channel_subsys.max_ssid) {
1977         return false;
1978     }
1979 
1980     if (sch->cssid != channel_subsys.default_cssid) {
1981         return (channel_subsys.max_cssid > 0);
1982     }
1983 
1984     return true;
1985 }
1986 
1987 bool css_present(uint8_t cssid)
1988 {
1989     return (channel_subsys.css[cssid] != NULL);
1990 }
1991 
1992 bool css_devno_used(uint8_t cssid, uint8_t ssid, uint16_t devno)
1993 {
1994     if (!channel_subsys.css[cssid]) {
1995         return false;
1996     }
1997     if (!channel_subsys.css[cssid]->sch_set[ssid]) {
1998         return false;
1999     }
2000 
2001     return !!test_bit(devno,
2002                       channel_subsys.css[cssid]->sch_set[ssid]->devnos_used);
2003 }
2004 
2005 void css_subch_assign(uint8_t cssid, uint8_t ssid, uint16_t schid,
2006                       uint16_t devno, SubchDev *sch)
2007 {
2008     CssImage *css;
2009     SubchSet *s_set;
2010 
2011     trace_css_assign_subch(sch ? "assign" : "deassign", cssid, ssid, schid,
2012                            devno);
2013     if (!channel_subsys.css[cssid]) {
2014         fprintf(stderr,
2015                 "Suspicious call to %s (%x.%x.%04x) for non-existing css!\n",
2016                 __func__, cssid, ssid, schid);
2017         return;
2018     }
2019     css = channel_subsys.css[cssid];
2020 
2021     if (!css->sch_set[ssid]) {
2022         css->sch_set[ssid] = g_malloc0(sizeof(SubchSet));
2023     }
2024     s_set = css->sch_set[ssid];
2025 
2026     s_set->sch[schid] = sch;
2027     if (sch) {
2028         set_bit(schid, s_set->schids_used);
2029         set_bit(devno, s_set->devnos_used);
2030     } else {
2031         clear_bit(schid, s_set->schids_used);
2032         clear_bit(devno, s_set->devnos_used);
2033     }
2034 }
2035 
2036 void css_queue_crw(uint8_t rsc, uint8_t erc, int chain, uint16_t rsid)
2037 {
2038     CrwContainer *crw_cont;
2039 
2040     trace_css_crw(rsc, erc, rsid, chain ? "(chained)" : "");
2041     /* TODO: Maybe use a static crw pool? */
2042     crw_cont = g_try_malloc0(sizeof(CrwContainer));
2043     if (!crw_cont) {
2044         channel_subsys.crws_lost = true;
2045         return;
2046     }
2047     crw_cont->crw.flags = (rsc << 8) | erc;
2048     if (chain) {
2049         crw_cont->crw.flags |= CRW_FLAGS_MASK_C;
2050     }
2051     crw_cont->crw.rsid = rsid;
2052     if (channel_subsys.crws_lost) {
2053         crw_cont->crw.flags |= CRW_FLAGS_MASK_R;
2054         channel_subsys.crws_lost = false;
2055     }
2056 
2057     QTAILQ_INSERT_TAIL(&channel_subsys.pending_crws, crw_cont, sibling);
2058 
2059     if (channel_subsys.do_crw_mchk) {
2060         channel_subsys.do_crw_mchk = false;
2061         /* Inject crw pending machine check. */
2062         s390_crw_mchk();
2063     }
2064 }
2065 
2066 void css_generate_sch_crws(uint8_t cssid, uint8_t ssid, uint16_t schid,
2067                            int hotplugged, int add)
2068 {
2069     uint8_t guest_cssid;
2070     bool chain_crw;
2071 
2072     if (add && !hotplugged) {
2073         return;
2074     }
2075     if (channel_subsys.max_cssid == 0) {
2076         /* Default cssid shows up as 0. */
2077         guest_cssid = (cssid == channel_subsys.default_cssid) ? 0 : cssid;
2078     } else {
2079         /* Show real cssid to the guest. */
2080         guest_cssid = cssid;
2081     }
2082     /*
2083      * Only notify for higher subchannel sets/channel subsystems if the
2084      * guest has enabled it.
2085      */
2086     if ((ssid > channel_subsys.max_ssid) ||
2087         (guest_cssid > channel_subsys.max_cssid) ||
2088         ((channel_subsys.max_cssid == 0) &&
2089          (cssid != channel_subsys.default_cssid))) {
2090         return;
2091     }
2092     chain_crw = (channel_subsys.max_ssid > 0) ||
2093             (channel_subsys.max_cssid > 0);
2094     css_queue_crw(CRW_RSC_SUBCH, CRW_ERC_IPI, chain_crw ? 1 : 0, schid);
2095     if (chain_crw) {
2096         css_queue_crw(CRW_RSC_SUBCH, CRW_ERC_IPI, 0,
2097                       (guest_cssid << 8) | (ssid << 4));
2098     }
2099     /* RW_ERC_IPI --> clear pending interrupts */
2100     css_clear_io_interrupt(css_do_build_subchannel_id(cssid, ssid), schid);
2101 }
2102 
2103 void css_generate_chp_crws(uint8_t cssid, uint8_t chpid)
2104 {
2105     /* TODO */
2106 }
2107 
2108 void css_generate_css_crws(uint8_t cssid)
2109 {
2110     if (!channel_subsys.sei_pending) {
2111         css_queue_crw(CRW_RSC_CSS, 0, 0, cssid);
2112     }
2113     channel_subsys.sei_pending = true;
2114 }
2115 
2116 void css_clear_sei_pending(void)
2117 {
2118     channel_subsys.sei_pending = false;
2119 }
2120 
2121 int css_enable_mcsse(void)
2122 {
2123     trace_css_enable_facility("mcsse");
2124     channel_subsys.max_cssid = MAX_CSSID;
2125     return 0;
2126 }
2127 
2128 int css_enable_mss(void)
2129 {
2130     trace_css_enable_facility("mss");
2131     channel_subsys.max_ssid = MAX_SSID;
2132     return 0;
2133 }
2134 
2135 void css_reset_sch(SubchDev *sch)
2136 {
2137     PMCW *p = &sch->curr_status.pmcw;
2138 
2139     if ((p->flags & PMCW_FLAGS_MASK_ENA) != 0 && sch->disable_cb) {
2140         sch->disable_cb(sch);
2141     }
2142 
2143     p->intparm = 0;
2144     p->flags &= ~(PMCW_FLAGS_MASK_ISC | PMCW_FLAGS_MASK_ENA |
2145                   PMCW_FLAGS_MASK_LM | PMCW_FLAGS_MASK_MME |
2146                   PMCW_FLAGS_MASK_MP | PMCW_FLAGS_MASK_TF);
2147     p->flags |= PMCW_FLAGS_MASK_DNV;
2148     p->devno = sch->devno;
2149     p->pim = 0x80;
2150     p->lpm = p->pim;
2151     p->pnom = 0;
2152     p->lpum = 0;
2153     p->mbi = 0;
2154     p->pom = 0xff;
2155     p->pam = 0x80;
2156     p->chars &= ~(PMCW_CHARS_MASK_MBFC | PMCW_CHARS_MASK_XMWME |
2157                   PMCW_CHARS_MASK_CSENSE);
2158 
2159     memset(&sch->curr_status.scsw, 0, sizeof(sch->curr_status.scsw));
2160     sch->curr_status.mba = 0;
2161 
2162     sch->channel_prog = 0x0;
2163     sch->last_cmd_valid = false;
2164     sch->thinint_active = false;
2165 }
2166 
2167 void css_reset(void)
2168 {
2169     CrwContainer *crw_cont;
2170 
2171     /* Clean up monitoring. */
2172     channel_subsys.chnmon_active = false;
2173     channel_subsys.chnmon_area = 0;
2174 
2175     /* Clear pending CRWs. */
2176     while ((crw_cont = QTAILQ_FIRST(&channel_subsys.pending_crws))) {
2177         QTAILQ_REMOVE(&channel_subsys.pending_crws, crw_cont, sibling);
2178         g_free(crw_cont);
2179     }
2180     channel_subsys.sei_pending = false;
2181     channel_subsys.do_crw_mchk = true;
2182     channel_subsys.crws_lost = false;
2183 
2184     /* Reset maximum ids. */
2185     channel_subsys.max_cssid = 0;
2186     channel_subsys.max_ssid = 0;
2187 }
2188 
2189 static void get_css_devid(Object *obj, Visitor *v, const char *name,
2190                           void *opaque, Error **errp)
2191 {
2192     DeviceState *dev = DEVICE(obj);
2193     Property *prop = opaque;
2194     CssDevId *dev_id = qdev_get_prop_ptr(dev, prop);
2195     char buffer[] = "xx.x.xxxx";
2196     char *p = buffer;
2197     int r;
2198 
2199     if (dev_id->valid) {
2200 
2201         r = snprintf(buffer, sizeof(buffer), "%02x.%1x.%04x", dev_id->cssid,
2202                      dev_id->ssid, dev_id->devid);
2203         assert(r == sizeof(buffer) - 1);
2204 
2205         /* drop leading zero */
2206         if (dev_id->cssid <= 0xf) {
2207             p++;
2208         }
2209     } else {
2210         snprintf(buffer, sizeof(buffer), "<unset>");
2211     }
2212 
2213     visit_type_str(v, name, &p, errp);
2214 }
2215 
2216 /*
2217  * parse <cssid>.<ssid>.<devid> and assert valid range for cssid/ssid
2218  */
2219 static void set_css_devid(Object *obj, Visitor *v, const char *name,
2220                           void *opaque, Error **errp)
2221 {
2222     DeviceState *dev = DEVICE(obj);
2223     Property *prop = opaque;
2224     CssDevId *dev_id = qdev_get_prop_ptr(dev, prop);
2225     Error *local_err = NULL;
2226     char *str;
2227     int num, n1, n2;
2228     unsigned int cssid, ssid, devid;
2229 
2230     if (dev->realized) {
2231         qdev_prop_set_after_realize(dev, name, errp);
2232         return;
2233     }
2234 
2235     visit_type_str(v, name, &str, &local_err);
2236     if (local_err) {
2237         error_propagate(errp, local_err);
2238         return;
2239     }
2240 
2241     num = sscanf(str, "%2x.%1x%n.%4x%n", &cssid, &ssid, &n1, &devid, &n2);
2242     if (num != 3 || (n2 - n1) != 5 || strlen(str) != n2) {
2243         error_set_from_qdev_prop_error(errp, EINVAL, dev, prop, str);
2244         goto out;
2245     }
2246     if ((cssid > MAX_CSSID) || (ssid > MAX_SSID)) {
2247         error_setg(errp, "Invalid cssid or ssid: cssid %x, ssid %x",
2248                    cssid, ssid);
2249         goto out;
2250     }
2251 
2252     dev_id->cssid = cssid;
2253     dev_id->ssid = ssid;
2254     dev_id->devid = devid;
2255     dev_id->valid = true;
2256 
2257 out:
2258     g_free(str);
2259 }
2260 
2261 const PropertyInfo css_devid_propinfo = {
2262     .name = "str",
2263     .description = "Identifier of an I/O device in the channel "
2264                    "subsystem, example: fe.1.23ab",
2265     .get = get_css_devid,
2266     .set = set_css_devid,
2267 };
2268 
2269 const PropertyInfo css_devid_ro_propinfo = {
2270     .name = "str",
2271     .description = "Read-only identifier of an I/O device in the channel "
2272                    "subsystem, example: fe.1.23ab",
2273     .get = get_css_devid,
2274 };
2275 
2276 SubchDev *css_create_sch(CssDevId bus_id, bool is_virtual, bool squash_mcss,
2277                          Error **errp)
2278 {
2279     uint16_t schid = 0;
2280     SubchDev *sch;
2281 
2282     if (bus_id.valid) {
2283         if (is_virtual != (bus_id.cssid == VIRTUAL_CSSID)) {
2284             error_setg(errp, "cssid %hhx not valid for %s devices",
2285                        bus_id.cssid,
2286                        (is_virtual ? "virtual" : "non-virtual"));
2287             return NULL;
2288         }
2289     }
2290 
2291     if (bus_id.valid) {
2292         if (squash_mcss) {
2293             bus_id.cssid = channel_subsys.default_cssid;
2294         } else if (!channel_subsys.css[bus_id.cssid]) {
2295             css_create_css_image(bus_id.cssid, false);
2296         }
2297 
2298         if (!css_find_free_subch_for_devno(bus_id.cssid, bus_id.ssid,
2299                                            bus_id.devid, &schid, errp)) {
2300             return NULL;
2301         }
2302     } else if (squash_mcss || is_virtual) {
2303         bus_id.cssid = channel_subsys.default_cssid;
2304 
2305         if (!css_find_free_subch_and_devno(bus_id.cssid, &bus_id.ssid,
2306                                            &bus_id.devid, &schid, errp)) {
2307             return NULL;
2308         }
2309     } else {
2310         for (bus_id.cssid = 0; bus_id.cssid < MAX_CSSID; ++bus_id.cssid) {
2311             if (bus_id.cssid == VIRTUAL_CSSID) {
2312                 continue;
2313             }
2314 
2315             if (!channel_subsys.css[bus_id.cssid]) {
2316                 css_create_css_image(bus_id.cssid, false);
2317             }
2318 
2319             if   (css_find_free_subch_and_devno(bus_id.cssid, &bus_id.ssid,
2320                                                 &bus_id.devid, &schid,
2321                                                 NULL)) {
2322                 break;
2323             }
2324             if (bus_id.cssid == MAX_CSSID) {
2325                 error_setg(errp, "Virtual channel subsystem is full!");
2326                 return NULL;
2327             }
2328         }
2329     }
2330 
2331     sch = g_malloc0(sizeof(*sch));
2332     sch->cssid = bus_id.cssid;
2333     sch->ssid = bus_id.ssid;
2334     sch->devno = bus_id.devid;
2335     sch->schid = schid;
2336     css_subch_assign(sch->cssid, sch->ssid, schid, sch->devno, sch);
2337     return sch;
2338 }
2339 
2340 static int css_sch_get_chpids(SubchDev *sch, CssDevId *dev_id)
2341 {
2342     char *fid_path;
2343     FILE *fd;
2344     uint32_t chpid[8];
2345     int i;
2346     PMCW *p = &sch->curr_status.pmcw;
2347 
2348     fid_path = g_strdup_printf("/sys/bus/css/devices/%x.%x.%04x/chpids",
2349                                dev_id->cssid, dev_id->ssid, dev_id->devid);
2350     fd = fopen(fid_path, "r");
2351     if (fd == NULL) {
2352         error_report("%s: open %s failed", __func__, fid_path);
2353         g_free(fid_path);
2354         return -EINVAL;
2355     }
2356 
2357     if (fscanf(fd, "%x %x %x %x %x %x %x %x",
2358         &chpid[0], &chpid[1], &chpid[2], &chpid[3],
2359         &chpid[4], &chpid[5], &chpid[6], &chpid[7]) != 8) {
2360         fclose(fd);
2361         g_free(fid_path);
2362         return -EINVAL;
2363     }
2364 
2365     for (i = 0; i < ARRAY_SIZE(p->chpid); i++) {
2366         p->chpid[i] = chpid[i];
2367     }
2368 
2369     fclose(fd);
2370     g_free(fid_path);
2371 
2372     return 0;
2373 }
2374 
2375 static int css_sch_get_path_masks(SubchDev *sch, CssDevId *dev_id)
2376 {
2377     char *fid_path;
2378     FILE *fd;
2379     uint32_t pim, pam, pom;
2380     PMCW *p = &sch->curr_status.pmcw;
2381 
2382     fid_path = g_strdup_printf("/sys/bus/css/devices/%x.%x.%04x/pimpampom",
2383                                dev_id->cssid, dev_id->ssid, dev_id->devid);
2384     fd = fopen(fid_path, "r");
2385     if (fd == NULL) {
2386         error_report("%s: open %s failed", __func__, fid_path);
2387         g_free(fid_path);
2388         return -EINVAL;
2389     }
2390 
2391     if (fscanf(fd, "%x %x %x", &pim, &pam, &pom) != 3) {
2392         fclose(fd);
2393         g_free(fid_path);
2394         return -EINVAL;
2395     }
2396 
2397     p->pim = pim;
2398     p->pam = pam;
2399     p->pom = pom;
2400     fclose(fd);
2401     g_free(fid_path);
2402 
2403     return 0;
2404 }
2405 
2406 static int css_sch_get_chpid_type(uint8_t chpid, uint32_t *type,
2407                                   CssDevId *dev_id)
2408 {
2409     char *fid_path;
2410     FILE *fd;
2411 
2412     fid_path = g_strdup_printf("/sys/devices/css%x/chp0.%02x/type",
2413                                dev_id->cssid, chpid);
2414     fd = fopen(fid_path, "r");
2415     if (fd == NULL) {
2416         error_report("%s: open %s failed", __func__, fid_path);
2417         g_free(fid_path);
2418         return -EINVAL;
2419     }
2420 
2421     if (fscanf(fd, "%x", type) != 1) {
2422         fclose(fd);
2423         g_free(fid_path);
2424         return -EINVAL;
2425     }
2426 
2427     fclose(fd);
2428     g_free(fid_path);
2429 
2430     return 0;
2431 }
2432 
2433 /*
2434  * We currently retrieve the real device information from sysfs to build the
2435  * guest subchannel information block without considering the migration feature.
2436  * We need to revisit this problem when we want to add migration support.
2437  */
2438 int css_sch_build_schib(SubchDev *sch, CssDevId *dev_id)
2439 {
2440     CssImage *css = channel_subsys.css[sch->cssid];
2441     PMCW *p = &sch->curr_status.pmcw;
2442     SCSW *s = &sch->curr_status.scsw;
2443     uint32_t type;
2444     int i, ret;
2445 
2446     assert(css != NULL);
2447     memset(p, 0, sizeof(PMCW));
2448     p->flags |= PMCW_FLAGS_MASK_DNV;
2449     /* We are dealing with I/O subchannels only. */
2450     p->devno = sch->devno;
2451 
2452     /* Grab path mask from sysfs. */
2453     ret = css_sch_get_path_masks(sch, dev_id);
2454     if (ret) {
2455         return ret;
2456     }
2457 
2458     /* Grab chpids from sysfs. */
2459     ret = css_sch_get_chpids(sch, dev_id);
2460     if (ret) {
2461         return ret;
2462     }
2463 
2464    /* Build chpid type. */
2465     for (i = 0; i < ARRAY_SIZE(p->chpid); i++) {
2466         if (p->chpid[i] && !css->chpids[p->chpid[i]].in_use) {
2467             ret = css_sch_get_chpid_type(p->chpid[i], &type, dev_id);
2468             if (ret) {
2469                 return ret;
2470             }
2471             css_add_chpid(sch->cssid, p->chpid[i], type, false);
2472         }
2473     }
2474 
2475     memset(s, 0, sizeof(SCSW));
2476     sch->curr_status.mba = 0;
2477     for (i = 0; i < ARRAY_SIZE(sch->curr_status.mda); i++) {
2478         sch->curr_status.mda[i] = 0;
2479     }
2480 
2481     return 0;
2482 }
2483