xref: /openbmc/qemu/hw/s390x/s390-pci-bus.c (revision 6350b2a0)
1 /*
2  * s390 PCI BUS
3  *
4  * Copyright 2014 IBM Corp.
5  * Author(s): Frank Blaschka <frank.blaschka@de.ibm.com>
6  *            Hong Bo Li <lihbbj@cn.ibm.com>
7  *            Yi Min Zhao <zyimin@cn.ibm.com>
8  *
9  * This work is licensed under the terms of the GNU GPL, version 2 or (at
10  * your option) any later version. See the COPYING file in the top-level
11  * directory.
12  */
13 
14 #include "qemu/osdep.h"
15 #include "qapi/error.h"
16 #include "qapi/visitor.h"
17 #include "qemu-common.h"
18 #include "cpu.h"
19 #include "s390-pci-bus.h"
20 #include "s390-pci-inst.h"
21 #include "hw/pci/pci_bus.h"
22 #include "hw/pci/pci_bridge.h"
23 #include "hw/pci/msi.h"
24 #include "qemu/error-report.h"
25 
26 #ifndef DEBUG_S390PCI_BUS
27 #define DEBUG_S390PCI_BUS  0
28 #endif
29 
30 #define DPRINTF(fmt, ...)                                         \
31     do {                                                          \
32         if (DEBUG_S390PCI_BUS) {                                  \
33             fprintf(stderr, "S390pci-bus: " fmt, ## __VA_ARGS__); \
34         }                                                         \
35     } while (0)
36 
37 S390pciState *s390_get_phb(void)
38 {
39     static S390pciState *phb;
40 
41     if (!phb) {
42         phb = S390_PCI_HOST_BRIDGE(
43             object_resolve_path(TYPE_S390_PCI_HOST_BRIDGE, NULL));
44         assert(phb != NULL);
45     }
46 
47     return phb;
48 }
49 
50 int pci_chsc_sei_nt2_get_event(void *res)
51 {
52     ChscSeiNt2Res *nt2_res = (ChscSeiNt2Res *)res;
53     PciCcdfAvail *accdf;
54     PciCcdfErr *eccdf;
55     int rc = 1;
56     SeiContainer *sei_cont;
57     S390pciState *s = s390_get_phb();
58 
59     sei_cont = QTAILQ_FIRST(&s->pending_sei);
60     if (sei_cont) {
61         QTAILQ_REMOVE(&s->pending_sei, sei_cont, link);
62         nt2_res->nt = 2;
63         nt2_res->cc = sei_cont->cc;
64         nt2_res->length = cpu_to_be16(sizeof(ChscSeiNt2Res));
65         switch (sei_cont->cc) {
66         case 1: /* error event */
67             eccdf = (PciCcdfErr *)nt2_res->ccdf;
68             eccdf->fid = cpu_to_be32(sei_cont->fid);
69             eccdf->fh = cpu_to_be32(sei_cont->fh);
70             eccdf->e = cpu_to_be32(sei_cont->e);
71             eccdf->faddr = cpu_to_be64(sei_cont->faddr);
72             eccdf->pec = cpu_to_be16(sei_cont->pec);
73             break;
74         case 2: /* availability event */
75             accdf = (PciCcdfAvail *)nt2_res->ccdf;
76             accdf->fid = cpu_to_be32(sei_cont->fid);
77             accdf->fh = cpu_to_be32(sei_cont->fh);
78             accdf->pec = cpu_to_be16(sei_cont->pec);
79             break;
80         default:
81             abort();
82         }
83         g_free(sei_cont);
84         rc = 0;
85     }
86 
87     return rc;
88 }
89 
90 int pci_chsc_sei_nt2_have_event(void)
91 {
92     S390pciState *s = s390_get_phb();
93 
94     return !QTAILQ_EMPTY(&s->pending_sei);
95 }
96 
97 S390PCIBusDevice *s390_pci_find_next_avail_dev(S390pciState *s,
98                                                S390PCIBusDevice *pbdev)
99 {
100     S390PCIBusDevice *ret = pbdev ? QTAILQ_NEXT(pbdev, link) :
101         QTAILQ_FIRST(&s->zpci_devs);
102 
103     while (ret && ret->state == ZPCI_FS_RESERVED) {
104         ret = QTAILQ_NEXT(ret, link);
105     }
106 
107     return ret;
108 }
109 
110 S390PCIBusDevice *s390_pci_find_dev_by_fid(S390pciState *s, uint32_t fid)
111 {
112     S390PCIBusDevice *pbdev;
113 
114     QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
115         if (pbdev->fid == fid) {
116             return pbdev;
117         }
118     }
119 
120     return NULL;
121 }
122 
123 void s390_pci_sclp_configure(SCCB *sccb)
124 {
125     IoaCfgSccb *psccb = (IoaCfgSccb *)sccb;
126     S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(s390_get_phb(),
127                                                        be32_to_cpu(psccb->aid));
128     uint16_t rc;
129 
130     if (!pbdev) {
131         DPRINTF("sclp config no dev found\n");
132         rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
133         goto out;
134     }
135 
136     switch (pbdev->state) {
137     case ZPCI_FS_RESERVED:
138         rc = SCLP_RC_ADAPTER_IN_RESERVED_STATE;
139         break;
140     case ZPCI_FS_STANDBY:
141         pbdev->state = ZPCI_FS_DISABLED;
142         rc = SCLP_RC_NORMAL_COMPLETION;
143         break;
144     default:
145         rc = SCLP_RC_NO_ACTION_REQUIRED;
146     }
147 out:
148     psccb->header.response_code = cpu_to_be16(rc);
149 }
150 
151 void s390_pci_sclp_deconfigure(SCCB *sccb)
152 {
153     IoaCfgSccb *psccb = (IoaCfgSccb *)sccb;
154     S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(s390_get_phb(),
155                                                        be32_to_cpu(psccb->aid));
156     uint16_t rc;
157 
158     if (!pbdev) {
159         DPRINTF("sclp deconfig no dev found\n");
160         rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
161         goto out;
162     }
163 
164     switch (pbdev->state) {
165     case ZPCI_FS_RESERVED:
166         rc = SCLP_RC_ADAPTER_IN_RESERVED_STATE;
167         break;
168     case ZPCI_FS_STANDBY:
169         rc = SCLP_RC_NO_ACTION_REQUIRED;
170         break;
171     default:
172         if (pbdev->summary_ind) {
173             pci_dereg_irqs(pbdev);
174         }
175         if (pbdev->iommu->enabled) {
176             pci_dereg_ioat(pbdev->iommu);
177         }
178         pbdev->state = ZPCI_FS_STANDBY;
179         rc = SCLP_RC_NORMAL_COMPLETION;
180 
181         if (pbdev->release_timer) {
182             qdev_unplug(DEVICE(pbdev->pdev), NULL);
183         }
184     }
185 out:
186     psccb->header.response_code = cpu_to_be16(rc);
187 }
188 
189 static S390PCIBusDevice *s390_pci_find_dev_by_uid(S390pciState *s, uint16_t uid)
190 {
191     S390PCIBusDevice *pbdev;
192 
193     QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
194         if (pbdev->uid == uid) {
195             return pbdev;
196         }
197     }
198 
199     return NULL;
200 }
201 
202 S390PCIBusDevice *s390_pci_find_dev_by_target(S390pciState *s,
203                                               const char *target)
204 {
205     S390PCIBusDevice *pbdev;
206 
207     if (!target) {
208         return NULL;
209     }
210 
211     QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
212         if (!strcmp(pbdev->target, target)) {
213             return pbdev;
214         }
215     }
216 
217     return NULL;
218 }
219 
220 S390PCIBusDevice *s390_pci_find_dev_by_idx(S390pciState *s, uint32_t idx)
221 {
222     return g_hash_table_lookup(s->zpci_table, &idx);
223 }
224 
225 S390PCIBusDevice *s390_pci_find_dev_by_fh(S390pciState *s, uint32_t fh)
226 {
227     uint32_t idx = FH_MASK_INDEX & fh;
228     S390PCIBusDevice *pbdev = s390_pci_find_dev_by_idx(s, idx);
229 
230     if (pbdev && pbdev->fh == fh) {
231         return pbdev;
232     }
233 
234     return NULL;
235 }
236 
237 static void s390_pci_generate_event(uint8_t cc, uint16_t pec, uint32_t fh,
238                                     uint32_t fid, uint64_t faddr, uint32_t e)
239 {
240     SeiContainer *sei_cont;
241     S390pciState *s = s390_get_phb();
242 
243     sei_cont = g_new0(SeiContainer, 1);
244     sei_cont->fh = fh;
245     sei_cont->fid = fid;
246     sei_cont->cc = cc;
247     sei_cont->pec = pec;
248     sei_cont->faddr = faddr;
249     sei_cont->e = e;
250 
251     QTAILQ_INSERT_TAIL(&s->pending_sei, sei_cont, link);
252     css_generate_css_crws(0);
253 }
254 
255 static void s390_pci_generate_plug_event(uint16_t pec, uint32_t fh,
256                                          uint32_t fid)
257 {
258     s390_pci_generate_event(2, pec, fh, fid, 0, 0);
259 }
260 
261 void s390_pci_generate_error_event(uint16_t pec, uint32_t fh, uint32_t fid,
262                                    uint64_t faddr, uint32_t e)
263 {
264     s390_pci_generate_event(1, pec, fh, fid, faddr, e);
265 }
266 
267 static void s390_pci_set_irq(void *opaque, int irq, int level)
268 {
269     /* nothing to do */
270 }
271 
272 static int s390_pci_map_irq(PCIDevice *pci_dev, int irq_num)
273 {
274     /* nothing to do */
275     return 0;
276 }
277 
278 static uint64_t s390_pci_get_table_origin(uint64_t iota)
279 {
280     return iota & ~ZPCI_IOTA_RTTO_FLAG;
281 }
282 
283 static unsigned int calc_rtx(dma_addr_t ptr)
284 {
285     return ((unsigned long) ptr >> ZPCI_RT_SHIFT) & ZPCI_INDEX_MASK;
286 }
287 
288 static unsigned int calc_sx(dma_addr_t ptr)
289 {
290     return ((unsigned long) ptr >> ZPCI_ST_SHIFT) & ZPCI_INDEX_MASK;
291 }
292 
293 static unsigned int calc_px(dma_addr_t ptr)
294 {
295     return ((unsigned long) ptr >> PAGE_SHIFT) & ZPCI_PT_MASK;
296 }
297 
298 static uint64_t get_rt_sto(uint64_t entry)
299 {
300     return ((entry & ZPCI_TABLE_TYPE_MASK) == ZPCI_TABLE_TYPE_RTX)
301                 ? (entry & ZPCI_RTE_ADDR_MASK)
302                 : 0;
303 }
304 
305 static uint64_t get_st_pto(uint64_t entry)
306 {
307     return ((entry & ZPCI_TABLE_TYPE_MASK) == ZPCI_TABLE_TYPE_SX)
308             ? (entry & ZPCI_STE_ADDR_MASK)
309             : 0;
310 }
311 
312 static uint64_t s390_guest_io_table_walk(uint64_t guest_iota,
313                                   uint64_t guest_dma_address)
314 {
315     uint64_t sto_a, pto_a, px_a;
316     uint64_t sto, pto, pte;
317     uint32_t rtx, sx, px;
318 
319     rtx = calc_rtx(guest_dma_address);
320     sx = calc_sx(guest_dma_address);
321     px = calc_px(guest_dma_address);
322 
323     sto_a = guest_iota + rtx * sizeof(uint64_t);
324     sto = address_space_ldq(&address_space_memory, sto_a,
325                             MEMTXATTRS_UNSPECIFIED, NULL);
326     sto = get_rt_sto(sto);
327     if (!sto) {
328         pte = 0;
329         goto out;
330     }
331 
332     pto_a = sto + sx * sizeof(uint64_t);
333     pto = address_space_ldq(&address_space_memory, pto_a,
334                             MEMTXATTRS_UNSPECIFIED, NULL);
335     pto = get_st_pto(pto);
336     if (!pto) {
337         pte = 0;
338         goto out;
339     }
340 
341     px_a = pto + px * sizeof(uint64_t);
342     pte = address_space_ldq(&address_space_memory, px_a,
343                             MEMTXATTRS_UNSPECIFIED, NULL);
344 
345 out:
346     return pte;
347 }
348 
349 static IOMMUTLBEntry s390_translate_iommu(IOMMUMemoryRegion *mr, hwaddr addr,
350                                           IOMMUAccessFlags flag)
351 {
352     uint64_t pte;
353     uint32_t flags;
354     S390PCIIOMMU *iommu = container_of(mr, S390PCIIOMMU, iommu_mr);
355     IOMMUTLBEntry ret = {
356         .target_as = &address_space_memory,
357         .iova = 0,
358         .translated_addr = 0,
359         .addr_mask = ~(hwaddr)0,
360         .perm = IOMMU_NONE,
361     };
362 
363     switch (iommu->pbdev->state) {
364     case ZPCI_FS_ENABLED:
365     case ZPCI_FS_BLOCKED:
366         if (!iommu->enabled) {
367             return ret;
368         }
369         break;
370     default:
371         return ret;
372     }
373 
374     DPRINTF("iommu trans addr 0x%" PRIx64 "\n", addr);
375 
376     if (addr < iommu->pba || addr > iommu->pal) {
377         return ret;
378     }
379 
380     pte = s390_guest_io_table_walk(s390_pci_get_table_origin(iommu->g_iota),
381                                    addr);
382     if (!pte) {
383         return ret;
384     }
385 
386     flags = pte & ZPCI_PTE_FLAG_MASK;
387     ret.iova = addr;
388     ret.translated_addr = pte & ZPCI_PTE_ADDR_MASK;
389     ret.addr_mask = 0xfff;
390 
391     if (flags & ZPCI_PTE_INVALID) {
392         ret.perm = IOMMU_NONE;
393     } else {
394         ret.perm = IOMMU_RW;
395     }
396 
397     return ret;
398 }
399 
400 static void s390_pci_iommu_replay(IOMMUMemoryRegion *iommu,
401                                   IOMMUNotifier *notifier)
402 {
403     /* It's impossible to plug a pci device on s390x that already has iommu
404      * mappings which need to be replayed, that is due to the "one iommu per
405      * zpci device" construct. But when we support migration of vfio-pci
406      * devices in future, we need to revisit this.
407      */
408     return;
409 }
410 
411 static S390PCIIOMMU *s390_pci_get_iommu(S390pciState *s, PCIBus *bus,
412                                         int devfn)
413 {
414     uint64_t key = (uintptr_t)bus;
415     S390PCIIOMMUTable *table = g_hash_table_lookup(s->iommu_table, &key);
416     S390PCIIOMMU *iommu;
417 
418     if (!table) {
419         table = g_new0(S390PCIIOMMUTable, 1);
420         table->key = key;
421         g_hash_table_insert(s->iommu_table, &table->key, table);
422     }
423 
424     iommu = table->iommu[PCI_SLOT(devfn)];
425     if (!iommu) {
426         iommu = S390_PCI_IOMMU(object_new(TYPE_S390_PCI_IOMMU));
427 
428         char *mr_name = g_strdup_printf("iommu-root-%02x:%02x.%01x",
429                                         pci_bus_num(bus),
430                                         PCI_SLOT(devfn),
431                                         PCI_FUNC(devfn));
432         char *as_name = g_strdup_printf("iommu-pci-%02x:%02x.%01x",
433                                         pci_bus_num(bus),
434                                         PCI_SLOT(devfn),
435                                         PCI_FUNC(devfn));
436         memory_region_init(&iommu->mr, OBJECT(iommu), mr_name, UINT64_MAX);
437         address_space_init(&iommu->as, &iommu->mr, as_name);
438         table->iommu[PCI_SLOT(devfn)] = iommu;
439 
440         g_free(mr_name);
441         g_free(as_name);
442     }
443 
444     return iommu;
445 }
446 
447 static AddressSpace *s390_pci_dma_iommu(PCIBus *bus, void *opaque, int devfn)
448 {
449     S390pciState *s = opaque;
450     S390PCIIOMMU *iommu = s390_pci_get_iommu(s, bus, devfn);
451 
452     return &iommu->as;
453 }
454 
455 static uint8_t set_ind_atomic(uint64_t ind_loc, uint8_t to_be_set)
456 {
457     uint8_t ind_old, ind_new;
458     hwaddr len = 1;
459     uint8_t *ind_addr;
460 
461     ind_addr = cpu_physical_memory_map(ind_loc, &len, 1);
462     if (!ind_addr) {
463         s390_pci_generate_error_event(ERR_EVENT_AIRERR, 0, 0, 0, 0);
464         return -1;
465     }
466     do {
467         ind_old = *ind_addr;
468         ind_new = ind_old | to_be_set;
469     } while (atomic_cmpxchg(ind_addr, ind_old, ind_new) != ind_old);
470     cpu_physical_memory_unmap(ind_addr, len, 1, len);
471 
472     return ind_old;
473 }
474 
475 static void s390_msi_ctrl_write(void *opaque, hwaddr addr, uint64_t data,
476                                 unsigned int size)
477 {
478     S390PCIBusDevice *pbdev = opaque;
479     uint32_t vec = data & ZPCI_MSI_VEC_MASK;
480     uint64_t ind_bit;
481     uint32_t sum_bit;
482 
483     assert(pbdev);
484     DPRINTF("write_msix data 0x%" PRIx64 " idx %d vec 0x%x\n", data,
485             pbdev->idx, vec);
486 
487     if (pbdev->state != ZPCI_FS_ENABLED) {
488         return;
489     }
490 
491     ind_bit = pbdev->routes.adapter.ind_offset;
492     sum_bit = pbdev->routes.adapter.summary_offset;
493 
494     set_ind_atomic(pbdev->routes.adapter.ind_addr + (ind_bit + vec) / 8,
495                    0x80 >> ((ind_bit + vec) % 8));
496     if (!set_ind_atomic(pbdev->routes.adapter.summary_addr + sum_bit / 8,
497                                        0x80 >> (sum_bit % 8))) {
498         css_adapter_interrupt(CSS_IO_ADAPTER_PCI, pbdev->isc);
499     }
500 }
501 
502 static uint64_t s390_msi_ctrl_read(void *opaque, hwaddr addr, unsigned size)
503 {
504     return 0xffffffff;
505 }
506 
507 static const MemoryRegionOps s390_msi_ctrl_ops = {
508     .write = s390_msi_ctrl_write,
509     .read = s390_msi_ctrl_read,
510     .endianness = DEVICE_LITTLE_ENDIAN,
511 };
512 
513 void s390_pci_iommu_enable(S390PCIIOMMU *iommu)
514 {
515     char *name = g_strdup_printf("iommu-s390-%04x", iommu->pbdev->uid);
516     memory_region_init_iommu(&iommu->iommu_mr, sizeof(iommu->iommu_mr),
517                              TYPE_S390_IOMMU_MEMORY_REGION, OBJECT(&iommu->mr),
518                              name, iommu->pal + 1);
519     iommu->enabled = true;
520     memory_region_add_subregion(&iommu->mr, 0, MEMORY_REGION(&iommu->iommu_mr));
521     g_free(name);
522 }
523 
524 void s390_pci_iommu_disable(S390PCIIOMMU *iommu)
525 {
526     iommu->enabled = false;
527     memory_region_del_subregion(&iommu->mr, MEMORY_REGION(&iommu->iommu_mr));
528     object_unparent(OBJECT(&iommu->iommu_mr));
529 }
530 
531 static void s390_pci_iommu_free(S390pciState *s, PCIBus *bus, int32_t devfn)
532 {
533     uint64_t key = (uintptr_t)bus;
534     S390PCIIOMMUTable *table = g_hash_table_lookup(s->iommu_table, &key);
535     S390PCIIOMMU *iommu = table ? table->iommu[PCI_SLOT(devfn)] : NULL;
536 
537     if (!table || !iommu) {
538         return;
539     }
540 
541     table->iommu[PCI_SLOT(devfn)] = NULL;
542     address_space_destroy(&iommu->as);
543     object_unparent(OBJECT(&iommu->mr));
544     object_unparent(OBJECT(iommu));
545     object_unref(OBJECT(iommu));
546 }
547 
548 static int s390_pcihost_init(SysBusDevice *dev)
549 {
550     PCIBus *b;
551     BusState *bus;
552     PCIHostState *phb = PCI_HOST_BRIDGE(dev);
553     S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
554 
555     DPRINTF("host_init\n");
556 
557     b = pci_register_bus(DEVICE(dev), NULL,
558                          s390_pci_set_irq, s390_pci_map_irq, NULL,
559                          get_system_memory(), get_system_io(), 0, 64,
560                          TYPE_PCI_BUS);
561     pci_setup_iommu(b, s390_pci_dma_iommu, s);
562 
563     bus = BUS(b);
564     qbus_set_hotplug_handler(bus, DEVICE(dev), NULL);
565     phb->bus = b;
566 
567     s->bus = S390_PCI_BUS(qbus_create(TYPE_S390_PCI_BUS, DEVICE(s), NULL));
568     qbus_set_hotplug_handler(BUS(s->bus), DEVICE(s), NULL);
569 
570     s->iommu_table = g_hash_table_new_full(g_int64_hash, g_int64_equal,
571                                            NULL, g_free);
572     s->zpci_table = g_hash_table_new_full(g_int_hash, g_int_equal, NULL, NULL);
573     s->bus_no = 0;
574     QTAILQ_INIT(&s->pending_sei);
575     QTAILQ_INIT(&s->zpci_devs);
576 
577     css_register_io_adapters(CSS_IO_ADAPTER_PCI, true, false,
578                              S390_ADAPTER_SUPPRESSIBLE, &error_abort);
579 
580     return 0;
581 }
582 
583 static int s390_pci_msix_init(S390PCIBusDevice *pbdev)
584 {
585     char *name;
586     uint8_t pos;
587     uint16_t ctrl;
588     uint32_t table, pba;
589 
590     pos = pci_find_capability(pbdev->pdev, PCI_CAP_ID_MSIX);
591     if (!pos) {
592         pbdev->msix.available = false;
593         return -1;
594     }
595 
596     ctrl = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_FLAGS,
597              pci_config_size(pbdev->pdev), sizeof(ctrl));
598     table = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_TABLE,
599              pci_config_size(pbdev->pdev), sizeof(table));
600     pba = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_PBA,
601              pci_config_size(pbdev->pdev), sizeof(pba));
602 
603     pbdev->msix.table_bar = table & PCI_MSIX_FLAGS_BIRMASK;
604     pbdev->msix.table_offset = table & ~PCI_MSIX_FLAGS_BIRMASK;
605     pbdev->msix.pba_bar = pba & PCI_MSIX_FLAGS_BIRMASK;
606     pbdev->msix.pba_offset = pba & ~PCI_MSIX_FLAGS_BIRMASK;
607     pbdev->msix.entries = (ctrl & PCI_MSIX_FLAGS_QSIZE) + 1;
608     pbdev->msix.available = true;
609 
610     name = g_strdup_printf("msix-s390-%04x", pbdev->uid);
611     memory_region_init_io(&pbdev->msix_notify_mr, OBJECT(pbdev),
612                           &s390_msi_ctrl_ops, pbdev, name, PAGE_SIZE);
613     memory_region_add_subregion(&pbdev->iommu->mr, ZPCI_MSI_ADDR,
614                                 &pbdev->msix_notify_mr);
615     g_free(name);
616 
617     return 0;
618 }
619 
620 static void s390_pci_msix_free(S390PCIBusDevice *pbdev)
621 {
622     memory_region_del_subregion(&pbdev->iommu->mr, &pbdev->msix_notify_mr);
623     object_unparent(OBJECT(&pbdev->msix_notify_mr));
624 }
625 
626 static S390PCIBusDevice *s390_pci_device_new(S390pciState *s,
627                                              const char *target)
628 {
629     DeviceState *dev = NULL;
630 
631     dev = qdev_try_create(BUS(s->bus), TYPE_S390_PCI_DEVICE);
632     if (!dev) {
633         return NULL;
634     }
635 
636     qdev_prop_set_string(dev, "target", target);
637     qdev_init_nofail(dev);
638 
639     return S390_PCI_DEVICE(dev);
640 }
641 
642 static bool s390_pci_alloc_idx(S390pciState *s, S390PCIBusDevice *pbdev)
643 {
644     uint32_t idx;
645 
646     idx = s->next_idx;
647     while (s390_pci_find_dev_by_idx(s, idx)) {
648         idx = (idx + 1) & FH_MASK_INDEX;
649         if (idx == s->next_idx) {
650             return false;
651         }
652     }
653 
654     pbdev->idx = idx;
655     s->next_idx = (idx + 1) & FH_MASK_INDEX;
656 
657     return true;
658 }
659 
660 static void s390_pcihost_hot_plug(HotplugHandler *hotplug_dev,
661                                   DeviceState *dev, Error **errp)
662 {
663     PCIDevice *pdev = NULL;
664     S390PCIBusDevice *pbdev = NULL;
665     S390pciState *s = s390_get_phb();
666 
667     if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_BRIDGE)) {
668         BusState *bus;
669         PCIBridge *pb = PCI_BRIDGE(dev);
670         PCIDevice *pdev = PCI_DEVICE(dev);
671 
672         pci_bridge_map_irq(pb, dev->id, s390_pci_map_irq);
673         pci_setup_iommu(&pb->sec_bus, s390_pci_dma_iommu, s);
674 
675         bus = BUS(&pb->sec_bus);
676         qbus_set_hotplug_handler(bus, DEVICE(s), errp);
677 
678         if (dev->hotplugged) {
679             pci_default_write_config(pdev, PCI_PRIMARY_BUS, s->bus_no, 1);
680             s->bus_no += 1;
681             pci_default_write_config(pdev, PCI_SECONDARY_BUS, s->bus_no, 1);
682             do {
683                 pdev = pdev->bus->parent_dev;
684                 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS,
685                                          s->bus_no, 1);
686             } while (pdev->bus && pci_bus_num(pdev->bus));
687         }
688     } else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
689         pdev = PCI_DEVICE(dev);
690 
691         if (!dev->id) {
692             /* In the case the PCI device does not define an id */
693             /* we generate one based on the PCI address         */
694             dev->id = g_strdup_printf("auto_%02x:%02x.%01x",
695                                       pci_bus_num(pdev->bus),
696                                       PCI_SLOT(pdev->devfn),
697                                       PCI_FUNC(pdev->devfn));
698         }
699 
700         pbdev = s390_pci_find_dev_by_target(s, dev->id);
701         if (!pbdev) {
702             pbdev = s390_pci_device_new(s, dev->id);
703             if (!pbdev) {
704                 error_setg(errp, "create zpci device failed");
705                 return;
706             }
707         }
708 
709         if (object_dynamic_cast(OBJECT(dev), "vfio-pci")) {
710             pbdev->fh |= FH_SHM_VFIO;
711         } else {
712             pbdev->fh |= FH_SHM_EMUL;
713         }
714 
715         pbdev->pdev = pdev;
716         pbdev->iommu = s390_pci_get_iommu(s, pdev->bus, pdev->devfn);
717         pbdev->iommu->pbdev = pbdev;
718         pbdev->state = ZPCI_FS_DISABLED;
719 
720         if (s390_pci_msix_init(pbdev)) {
721             error_setg(errp, "MSI-X support is mandatory "
722                        "in the S390 architecture");
723             return;
724         }
725 
726         if (dev->hotplugged) {
727             s390_pci_generate_plug_event(HP_EVENT_RESERVED_TO_STANDBY,
728                                          pbdev->fh, pbdev->fid);
729         }
730     } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
731         pbdev = S390_PCI_DEVICE(dev);
732 
733         if (!s390_pci_alloc_idx(s, pbdev)) {
734             error_setg(errp, "no slot for plugging zpci device");
735             return;
736         }
737         pbdev->fh = pbdev->idx;
738         QTAILQ_INSERT_TAIL(&s->zpci_devs, pbdev, link);
739         g_hash_table_insert(s->zpci_table, &pbdev->idx, pbdev);
740     }
741 }
742 
743 static void s390_pcihost_timer_cb(void *opaque)
744 {
745     S390PCIBusDevice *pbdev = opaque;
746 
747     if (pbdev->summary_ind) {
748         pci_dereg_irqs(pbdev);
749     }
750     if (pbdev->iommu->enabled) {
751         pci_dereg_ioat(pbdev->iommu);
752     }
753 
754     pbdev->state = ZPCI_FS_STANDBY;
755     s390_pci_generate_plug_event(HP_EVENT_CONFIGURED_TO_STBRES,
756                                  pbdev->fh, pbdev->fid);
757     qdev_unplug(DEVICE(pbdev), NULL);
758 }
759 
760 static void s390_pcihost_hot_unplug(HotplugHandler *hotplug_dev,
761                                     DeviceState *dev, Error **errp)
762 {
763     PCIDevice *pci_dev = NULL;
764     PCIBus *bus;
765     int32_t devfn;
766     S390PCIBusDevice *pbdev = NULL;
767     S390pciState *s = s390_get_phb();
768 
769     if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_BRIDGE)) {
770         error_setg(errp, "PCI bridge hot unplug currently not supported");
771         return;
772     } else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
773         pci_dev = PCI_DEVICE(dev);
774 
775         QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
776             if (pbdev->pdev == pci_dev) {
777                 break;
778             }
779         }
780         assert(pbdev != NULL);
781     } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
782         pbdev = S390_PCI_DEVICE(dev);
783         pci_dev = pbdev->pdev;
784     }
785 
786     switch (pbdev->state) {
787     case ZPCI_FS_RESERVED:
788         goto out;
789     case ZPCI_FS_STANDBY:
790         break;
791     default:
792         s390_pci_generate_plug_event(HP_EVENT_DECONFIGURE_REQUEST,
793                                      pbdev->fh, pbdev->fid);
794         pbdev->release_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
795                                             s390_pcihost_timer_cb,
796                                             pbdev);
797         timer_mod(pbdev->release_timer,
798                   qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + HOT_UNPLUG_TIMEOUT);
799         return;
800     }
801 
802     if (pbdev->release_timer && timer_pending(pbdev->release_timer)) {
803         timer_del(pbdev->release_timer);
804         timer_free(pbdev->release_timer);
805         pbdev->release_timer = NULL;
806     }
807 
808     s390_pci_generate_plug_event(HP_EVENT_STANDBY_TO_RESERVED,
809                                  pbdev->fh, pbdev->fid);
810     bus = pci_dev->bus;
811     devfn = pci_dev->devfn;
812     object_unparent(OBJECT(pci_dev));
813     s390_pci_msix_free(pbdev);
814     s390_pci_iommu_free(s, bus, devfn);
815     pbdev->pdev = NULL;
816     pbdev->state = ZPCI_FS_RESERVED;
817 out:
818     pbdev->fid = 0;
819     QTAILQ_REMOVE(&s->zpci_devs, pbdev, link);
820     g_hash_table_remove(s->zpci_table, &pbdev->idx);
821     object_unparent(OBJECT(pbdev));
822 }
823 
824 static void s390_pci_enumerate_bridge(PCIBus *bus, PCIDevice *pdev,
825                                       void *opaque)
826 {
827     S390pciState *s = opaque;
828     unsigned int primary = s->bus_no;
829     unsigned int subordinate = 0xff;
830     PCIBus *sec_bus = NULL;
831 
832     if ((pci_default_read_config(pdev, PCI_HEADER_TYPE, 1) !=
833          PCI_HEADER_TYPE_BRIDGE)) {
834         return;
835     }
836 
837     (s->bus_no)++;
838     pci_default_write_config(pdev, PCI_PRIMARY_BUS, primary, 1);
839     pci_default_write_config(pdev, PCI_SECONDARY_BUS, s->bus_no, 1);
840     pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, s->bus_no, 1);
841 
842     sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(pdev));
843     if (!sec_bus) {
844         return;
845     }
846 
847     pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, subordinate, 1);
848     pci_for_each_device(sec_bus, pci_bus_num(sec_bus),
849                         s390_pci_enumerate_bridge, s);
850     pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, s->bus_no, 1);
851 }
852 
853 static void s390_pcihost_reset(DeviceState *dev)
854 {
855     S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
856     PCIBus *bus = s->parent_obj.bus;
857 
858     s->bus_no = 0;
859     pci_for_each_device(bus, pci_bus_num(bus), s390_pci_enumerate_bridge, s);
860 }
861 
862 static void s390_pcihost_class_init(ObjectClass *klass, void *data)
863 {
864     SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
865     DeviceClass *dc = DEVICE_CLASS(klass);
866     HotplugHandlerClass *hc = HOTPLUG_HANDLER_CLASS(klass);
867 
868     dc->reset = s390_pcihost_reset;
869     k->init = s390_pcihost_init;
870     hc->plug = s390_pcihost_hot_plug;
871     hc->unplug = s390_pcihost_hot_unplug;
872     msi_nonbroken = true;
873 }
874 
875 static const TypeInfo s390_pcihost_info = {
876     .name          = TYPE_S390_PCI_HOST_BRIDGE,
877     .parent        = TYPE_PCI_HOST_BRIDGE,
878     .instance_size = sizeof(S390pciState),
879     .class_init    = s390_pcihost_class_init,
880     .interfaces = (InterfaceInfo[]) {
881         { TYPE_HOTPLUG_HANDLER },
882         { }
883     }
884 };
885 
886 static const TypeInfo s390_pcibus_info = {
887     .name = TYPE_S390_PCI_BUS,
888     .parent = TYPE_BUS,
889     .instance_size = sizeof(S390PCIBus),
890 };
891 
892 static uint16_t s390_pci_generate_uid(S390pciState *s)
893 {
894     uint16_t uid = 0;
895 
896     do {
897         uid++;
898         if (!s390_pci_find_dev_by_uid(s, uid)) {
899             return uid;
900         }
901     } while (uid < ZPCI_MAX_UID);
902 
903     return UID_UNDEFINED;
904 }
905 
906 static uint32_t s390_pci_generate_fid(S390pciState *s, Error **errp)
907 {
908     uint32_t fid = 0;
909 
910     do {
911         if (!s390_pci_find_dev_by_fid(s, fid)) {
912             return fid;
913         }
914     } while (fid++ != ZPCI_MAX_FID);
915 
916     error_setg(errp, "no free fid could be found");
917     return 0;
918 }
919 
920 static void s390_pci_device_realize(DeviceState *dev, Error **errp)
921 {
922     S390PCIBusDevice *zpci = S390_PCI_DEVICE(dev);
923     S390pciState *s = s390_get_phb();
924 
925     if (!zpci->target) {
926         error_setg(errp, "target must be defined");
927         return;
928     }
929 
930     if (s390_pci_find_dev_by_target(s, zpci->target)) {
931         error_setg(errp, "target %s already has an associated zpci device",
932                    zpci->target);
933         return;
934     }
935 
936     if (zpci->uid == UID_UNDEFINED) {
937         zpci->uid = s390_pci_generate_uid(s);
938         if (!zpci->uid) {
939             error_setg(errp, "no free uid could be found");
940             return;
941         }
942     } else if (s390_pci_find_dev_by_uid(s, zpci->uid)) {
943         error_setg(errp, "uid %u already in use", zpci->uid);
944         return;
945     }
946 
947     if (!zpci->fid_defined) {
948         Error *local_error = NULL;
949 
950         zpci->fid = s390_pci_generate_fid(s, &local_error);
951         if (local_error) {
952             error_propagate(errp, local_error);
953             return;
954         }
955     } else if (s390_pci_find_dev_by_fid(s, zpci->fid)) {
956         error_setg(errp, "fid %u already in use", zpci->fid);
957         return;
958     }
959 
960     zpci->state = ZPCI_FS_RESERVED;
961 }
962 
963 static void s390_pci_device_reset(DeviceState *dev)
964 {
965     S390PCIBusDevice *pbdev = S390_PCI_DEVICE(dev);
966 
967     switch (pbdev->state) {
968     case ZPCI_FS_RESERVED:
969         return;
970     case ZPCI_FS_STANDBY:
971         break;
972     default:
973         pbdev->fh &= ~FH_MASK_ENABLE;
974         pbdev->state = ZPCI_FS_DISABLED;
975         break;
976     }
977 
978     if (pbdev->summary_ind) {
979         pci_dereg_irqs(pbdev);
980     }
981     if (pbdev->iommu->enabled) {
982         pci_dereg_ioat(pbdev->iommu);
983     }
984 
985     pbdev->fmb_addr = 0;
986 }
987 
988 static void s390_pci_get_fid(Object *obj, Visitor *v, const char *name,
989                          void *opaque, Error **errp)
990 {
991     Property *prop = opaque;
992     uint32_t *ptr = qdev_get_prop_ptr(DEVICE(obj), prop);
993 
994     visit_type_uint32(v, name, ptr, errp);
995 }
996 
997 static void s390_pci_set_fid(Object *obj, Visitor *v, const char *name,
998                          void *opaque, Error **errp)
999 {
1000     DeviceState *dev = DEVICE(obj);
1001     S390PCIBusDevice *zpci = S390_PCI_DEVICE(obj);
1002     Property *prop = opaque;
1003     uint32_t *ptr = qdev_get_prop_ptr(dev, prop);
1004 
1005     if (dev->realized) {
1006         qdev_prop_set_after_realize(dev, name, errp);
1007         return;
1008     }
1009 
1010     visit_type_uint32(v, name, ptr, errp);
1011     zpci->fid_defined = true;
1012 }
1013 
1014 static const PropertyInfo s390_pci_fid_propinfo = {
1015     .name = "zpci_fid",
1016     .get = s390_pci_get_fid,
1017     .set = s390_pci_set_fid,
1018 };
1019 
1020 #define DEFINE_PROP_S390_PCI_FID(_n, _s, _f) \
1021     DEFINE_PROP(_n, _s, _f, s390_pci_fid_propinfo, uint32_t)
1022 
1023 static Property s390_pci_device_properties[] = {
1024     DEFINE_PROP_UINT16("uid", S390PCIBusDevice, uid, UID_UNDEFINED),
1025     DEFINE_PROP_S390_PCI_FID("fid", S390PCIBusDevice, fid),
1026     DEFINE_PROP_STRING("target", S390PCIBusDevice, target),
1027     DEFINE_PROP_END_OF_LIST(),
1028 };
1029 
1030 static void s390_pci_device_class_init(ObjectClass *klass, void *data)
1031 {
1032     DeviceClass *dc = DEVICE_CLASS(klass);
1033 
1034     dc->desc = "zpci device";
1035     set_bit(DEVICE_CATEGORY_MISC, dc->categories);
1036     dc->reset = s390_pci_device_reset;
1037     dc->bus_type = TYPE_S390_PCI_BUS;
1038     dc->realize = s390_pci_device_realize;
1039     dc->props = s390_pci_device_properties;
1040 }
1041 
1042 static const TypeInfo s390_pci_device_info = {
1043     .name = TYPE_S390_PCI_DEVICE,
1044     .parent = TYPE_DEVICE,
1045     .instance_size = sizeof(S390PCIBusDevice),
1046     .class_init = s390_pci_device_class_init,
1047 };
1048 
1049 static TypeInfo s390_pci_iommu_info = {
1050     .name = TYPE_S390_PCI_IOMMU,
1051     .parent = TYPE_OBJECT,
1052     .instance_size = sizeof(S390PCIIOMMU),
1053 };
1054 
1055 static void s390_iommu_memory_region_class_init(ObjectClass *klass, void *data)
1056 {
1057     IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_CLASS(klass);
1058 
1059     imrc->translate = s390_translate_iommu;
1060     imrc->replay = s390_pci_iommu_replay;
1061 }
1062 
1063 static const TypeInfo s390_iommu_memory_region_info = {
1064     .parent = TYPE_IOMMU_MEMORY_REGION,
1065     .name = TYPE_S390_IOMMU_MEMORY_REGION,
1066     .class_init = s390_iommu_memory_region_class_init,
1067 };
1068 
1069 static void s390_pci_register_types(void)
1070 {
1071     type_register_static(&s390_pcihost_info);
1072     type_register_static(&s390_pcibus_info);
1073     type_register_static(&s390_pci_device_info);
1074     type_register_static(&s390_pci_iommu_info);
1075     type_register_static(&s390_iommu_memory_region_info);
1076 }
1077 
1078 type_init(s390_pci_register_types)
1079