1 /* 2 * s390 PCI BUS 3 * 4 * Copyright 2014 IBM Corp. 5 * Author(s): Frank Blaschka <frank.blaschka@de.ibm.com> 6 * Hong Bo Li <lihbbj@cn.ibm.com> 7 * Yi Min Zhao <zyimin@cn.ibm.com> 8 * 9 * This work is licensed under the terms of the GNU GPL, version 2 or (at 10 * your option) any later version. See the COPYING file in the top-level 11 * directory. 12 */ 13 14 #include "qemu/osdep.h" 15 #include "qapi/error.h" 16 #include "qapi/visitor.h" 17 #include "exec/target_page.h" 18 #include "hw/s390x/s390-pci-bus.h" 19 #include "hw/s390x/s390-pci-inst.h" 20 #include "hw/s390x/s390-pci-kvm.h" 21 #include "hw/s390x/s390-pci-vfio.h" 22 #include "hw/s390x/s390-virtio-ccw.h" 23 #include "hw/boards.h" 24 #include "hw/pci/pci_bus.h" 25 #include "hw/qdev-properties.h" 26 #include "hw/pci/pci_bridge.h" 27 #include "hw/pci/msi.h" 28 #include "qemu/error-report.h" 29 #include "qemu/module.h" 30 #include "system/reset.h" 31 #include "system/runstate.h" 32 33 #include "trace.h" 34 35 S390pciState *s390_get_phb(void) 36 { 37 static S390pciState *phb; 38 39 if (!phb) { 40 phb = S390_PCI_HOST_BRIDGE( 41 object_resolve_path(TYPE_S390_PCI_HOST_BRIDGE, NULL)); 42 assert(phb != NULL); 43 } 44 45 return phb; 46 } 47 48 int pci_chsc_sei_nt2_get_event(void *res) 49 { 50 ChscSeiNt2Res *nt2_res = (ChscSeiNt2Res *)res; 51 PciCcdfAvail *accdf; 52 PciCcdfErr *eccdf; 53 int rc = 1; 54 SeiContainer *sei_cont; 55 S390pciState *s = s390_get_phb(); 56 57 sei_cont = QTAILQ_FIRST(&s->pending_sei); 58 if (sei_cont) { 59 QTAILQ_REMOVE(&s->pending_sei, sei_cont, link); 60 nt2_res->nt = 2; 61 nt2_res->cc = sei_cont->cc; 62 nt2_res->length = cpu_to_be16(sizeof(ChscSeiNt2Res)); 63 switch (sei_cont->cc) { 64 case 1: /* error event */ 65 eccdf = (PciCcdfErr *)nt2_res->ccdf; 66 eccdf->fid = cpu_to_be32(sei_cont->fid); 67 eccdf->fh = cpu_to_be32(sei_cont->fh); 68 eccdf->e = cpu_to_be32(sei_cont->e); 69 eccdf->faddr = cpu_to_be64(sei_cont->faddr); 70 eccdf->pec = cpu_to_be16(sei_cont->pec); 71 break; 72 case 2: /* availability event */ 73 accdf = (PciCcdfAvail *)nt2_res->ccdf; 74 accdf->fid = cpu_to_be32(sei_cont->fid); 75 accdf->fh = cpu_to_be32(sei_cont->fh); 76 accdf->pec = cpu_to_be16(sei_cont->pec); 77 break; 78 default: 79 abort(); 80 } 81 g_free(sei_cont); 82 rc = 0; 83 } 84 85 return rc; 86 } 87 88 int pci_chsc_sei_nt2_have_event(void) 89 { 90 S390pciState *s = s390_get_phb(); 91 92 return !QTAILQ_EMPTY(&s->pending_sei); 93 } 94 95 S390PCIBusDevice *s390_pci_find_next_avail_dev(S390pciState *s, 96 S390PCIBusDevice *pbdev) 97 { 98 S390PCIBusDevice *ret = pbdev ? QTAILQ_NEXT(pbdev, link) : 99 QTAILQ_FIRST(&s->zpci_devs); 100 101 while (ret && ret->state == ZPCI_FS_RESERVED) { 102 ret = QTAILQ_NEXT(ret, link); 103 } 104 105 return ret; 106 } 107 108 S390PCIBusDevice *s390_pci_find_dev_by_fid(S390pciState *s, uint32_t fid) 109 { 110 S390PCIBusDevice *pbdev; 111 112 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) { 113 if (pbdev->fid == fid) { 114 return pbdev; 115 } 116 } 117 118 return NULL; 119 } 120 121 void s390_pci_sclp_configure(SCCB *sccb) 122 { 123 IoaCfgSccb *psccb = (IoaCfgSccb *)sccb; 124 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(s390_get_phb(), 125 be32_to_cpu(psccb->aid)); 126 uint16_t rc; 127 128 if (!pbdev) { 129 trace_s390_pci_sclp_nodev("configure", be32_to_cpu(psccb->aid)); 130 rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED; 131 goto out; 132 } 133 134 switch (pbdev->state) { 135 case ZPCI_FS_RESERVED: 136 rc = SCLP_RC_ADAPTER_IN_RESERVED_STATE; 137 break; 138 case ZPCI_FS_STANDBY: 139 pbdev->state = ZPCI_FS_DISABLED; 140 rc = SCLP_RC_NORMAL_COMPLETION; 141 break; 142 default: 143 rc = SCLP_RC_NO_ACTION_REQUIRED; 144 } 145 out: 146 psccb->header.response_code = cpu_to_be16(rc); 147 } 148 149 static void s390_pci_shutdown_notifier(Notifier *n, void *opaque) 150 { 151 S390PCIBusDevice *pbdev = container_of(n, S390PCIBusDevice, 152 shutdown_notifier); 153 154 pci_device_reset(pbdev->pdev); 155 } 156 157 static void s390_pci_perform_unplug(S390PCIBusDevice *pbdev) 158 { 159 HotplugHandler *hotplug_ctrl; 160 161 if (pbdev->pft == ZPCI_PFT_ISM) { 162 notifier_remove(&pbdev->shutdown_notifier); 163 } 164 165 /* Unplug the PCI device */ 166 if (pbdev->pdev) { 167 DeviceState *pdev = DEVICE(pbdev->pdev); 168 169 hotplug_ctrl = qdev_get_hotplug_handler(pdev); 170 hotplug_handler_unplug(hotplug_ctrl, pdev, &error_abort); 171 object_unparent(OBJECT(pdev)); 172 } 173 174 /* Unplug the zPCI device */ 175 hotplug_ctrl = qdev_get_hotplug_handler(DEVICE(pbdev)); 176 hotplug_handler_unplug(hotplug_ctrl, DEVICE(pbdev), &error_abort); 177 object_unparent(OBJECT(pbdev)); 178 } 179 180 void s390_pci_sclp_deconfigure(SCCB *sccb) 181 { 182 IoaCfgSccb *psccb = (IoaCfgSccb *)sccb; 183 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(s390_get_phb(), 184 be32_to_cpu(psccb->aid)); 185 uint16_t rc; 186 187 if (!pbdev) { 188 trace_s390_pci_sclp_nodev("deconfigure", be32_to_cpu(psccb->aid)); 189 rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED; 190 goto out; 191 } 192 193 switch (pbdev->state) { 194 case ZPCI_FS_RESERVED: 195 rc = SCLP_RC_ADAPTER_IN_RESERVED_STATE; 196 break; 197 case ZPCI_FS_STANDBY: 198 rc = SCLP_RC_NO_ACTION_REQUIRED; 199 break; 200 default: 201 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) { 202 /* Interpreted devices were using interrupt forwarding */ 203 s390_pci_kvm_aif_disable(pbdev); 204 } else if (pbdev->summary_ind) { 205 pci_dereg_irqs(pbdev); 206 } 207 if (pbdev->iommu->enabled) { 208 pci_dereg_ioat(pbdev->iommu); 209 } 210 pbdev->state = ZPCI_FS_STANDBY; 211 rc = SCLP_RC_NORMAL_COMPLETION; 212 213 if (pbdev->unplug_requested) { 214 s390_pci_perform_unplug(pbdev); 215 } 216 } 217 out: 218 psccb->header.response_code = cpu_to_be16(rc); 219 } 220 221 static S390PCIBusDevice *s390_pci_find_dev_by_uid(S390pciState *s, uint16_t uid) 222 { 223 S390PCIBusDevice *pbdev; 224 225 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) { 226 if (pbdev->uid == uid) { 227 return pbdev; 228 } 229 } 230 231 return NULL; 232 } 233 234 S390PCIBusDevice *s390_pci_find_dev_by_target(S390pciState *s, 235 const char *target) 236 { 237 S390PCIBusDevice *pbdev; 238 239 if (!target) { 240 return NULL; 241 } 242 243 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) { 244 if (!strcmp(pbdev->target, target)) { 245 return pbdev; 246 } 247 } 248 249 return NULL; 250 } 251 252 static S390PCIBusDevice *s390_pci_find_dev_by_pci(S390pciState *s, 253 PCIDevice *pci_dev) 254 { 255 S390PCIBusDevice *pbdev; 256 257 if (!pci_dev) { 258 return NULL; 259 } 260 261 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) { 262 if (pbdev->pdev == pci_dev) { 263 return pbdev; 264 } 265 } 266 267 return NULL; 268 } 269 270 S390PCIBusDevice *s390_pci_find_dev_by_idx(S390pciState *s, uint32_t idx) 271 { 272 return g_hash_table_lookup(s->zpci_table, &idx); 273 } 274 275 S390PCIBusDevice *s390_pci_find_dev_by_fh(S390pciState *s, uint32_t fh) 276 { 277 uint32_t idx = FH_MASK_INDEX & fh; 278 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_idx(s, idx); 279 280 if (pbdev && pbdev->fh == fh) { 281 return pbdev; 282 } 283 284 return NULL; 285 } 286 287 static void s390_pci_generate_event(uint8_t cc, uint16_t pec, uint32_t fh, 288 uint32_t fid, uint64_t faddr, uint32_t e) 289 { 290 SeiContainer *sei_cont; 291 S390pciState *s = s390_get_phb(); 292 293 sei_cont = g_new0(SeiContainer, 1); 294 sei_cont->fh = fh; 295 sei_cont->fid = fid; 296 sei_cont->cc = cc; 297 sei_cont->pec = pec; 298 sei_cont->faddr = faddr; 299 sei_cont->e = e; 300 301 QTAILQ_INSERT_TAIL(&s->pending_sei, sei_cont, link); 302 css_generate_css_crws(0); 303 } 304 305 static void s390_pci_generate_plug_event(uint16_t pec, uint32_t fh, 306 uint32_t fid) 307 { 308 s390_pci_generate_event(2, pec, fh, fid, 0, 0); 309 } 310 311 void s390_pci_generate_error_event(uint16_t pec, uint32_t fh, uint32_t fid, 312 uint64_t faddr, uint32_t e) 313 { 314 s390_pci_generate_event(1, pec, fh, fid, faddr, e); 315 } 316 317 static void s390_pci_set_irq(void *opaque, int irq, int level) 318 { 319 /* nothing to do */ 320 } 321 322 static int s390_pci_map_irq(PCIDevice *pci_dev, int irq_num) 323 { 324 /* nothing to do */ 325 return 0; 326 } 327 328 static uint64_t s390_pci_get_table_origin(uint64_t iota) 329 { 330 return iota & ~ZPCI_IOTA_RTTO_FLAG; 331 } 332 333 static unsigned int calc_rtx(dma_addr_t ptr) 334 { 335 return ((unsigned long) ptr >> ZPCI_RT_SHIFT) & ZPCI_INDEX_MASK; 336 } 337 338 static unsigned int calc_sx(dma_addr_t ptr) 339 { 340 return ((unsigned long) ptr >> ZPCI_ST_SHIFT) & ZPCI_INDEX_MASK; 341 } 342 343 static unsigned int calc_px(dma_addr_t ptr) 344 { 345 return ((unsigned long) ptr >> TARGET_PAGE_BITS) & ZPCI_PT_MASK; 346 } 347 348 static uint64_t get_rt_sto(uint64_t entry) 349 { 350 return ((entry & ZPCI_TABLE_TYPE_MASK) == ZPCI_TABLE_TYPE_RTX) 351 ? (entry & ZPCI_RTE_ADDR_MASK) 352 : 0; 353 } 354 355 static uint64_t get_st_pto(uint64_t entry) 356 { 357 return ((entry & ZPCI_TABLE_TYPE_MASK) == ZPCI_TABLE_TYPE_SX) 358 ? (entry & ZPCI_STE_ADDR_MASK) 359 : 0; 360 } 361 362 static bool rt_entry_isvalid(uint64_t entry) 363 { 364 return (entry & ZPCI_TABLE_VALID_MASK) == ZPCI_TABLE_VALID; 365 } 366 367 static bool pt_entry_isvalid(uint64_t entry) 368 { 369 return (entry & ZPCI_PTE_VALID_MASK) == ZPCI_PTE_VALID; 370 } 371 372 static bool entry_isprotected(uint64_t entry) 373 { 374 return (entry & ZPCI_TABLE_PROT_MASK) == ZPCI_TABLE_PROTECTED; 375 } 376 377 /* ett is expected table type, -1 page table, 0 segment table, 1 region table */ 378 static uint64_t get_table_index(uint64_t iova, int8_t ett) 379 { 380 switch (ett) { 381 case ZPCI_ETT_PT: 382 return calc_px(iova); 383 case ZPCI_ETT_ST: 384 return calc_sx(iova); 385 case ZPCI_ETT_RT: 386 return calc_rtx(iova); 387 } 388 389 return -1; 390 } 391 392 static bool entry_isvalid(uint64_t entry, int8_t ett) 393 { 394 switch (ett) { 395 case ZPCI_ETT_PT: 396 return pt_entry_isvalid(entry); 397 case ZPCI_ETT_ST: 398 case ZPCI_ETT_RT: 399 return rt_entry_isvalid(entry); 400 } 401 402 return false; 403 } 404 405 /* Return true if address translation is done */ 406 static bool translate_iscomplete(uint64_t entry, int8_t ett) 407 { 408 switch (ett) { 409 case 0: 410 return (entry & ZPCI_TABLE_FC) ? true : false; 411 case 1: 412 return false; 413 } 414 415 return true; 416 } 417 418 static uint64_t get_frame_size(int8_t ett) 419 { 420 switch (ett) { 421 case ZPCI_ETT_PT: 422 return 1ULL << 12; 423 case ZPCI_ETT_ST: 424 return 1ULL << 20; 425 case ZPCI_ETT_RT: 426 return 1ULL << 31; 427 } 428 429 return 0; 430 } 431 432 static uint64_t get_next_table_origin(uint64_t entry, int8_t ett) 433 { 434 switch (ett) { 435 case ZPCI_ETT_PT: 436 return entry & ZPCI_PTE_ADDR_MASK; 437 case ZPCI_ETT_ST: 438 return get_st_pto(entry); 439 case ZPCI_ETT_RT: 440 return get_rt_sto(entry); 441 } 442 443 return 0; 444 } 445 446 /** 447 * table_translate: do translation within one table and return the following 448 * table origin 449 * 450 * @entry: the entry being translated, the result is stored in this. 451 * @to: the address of table origin. 452 * @ett: expected table type, 1 region table, 0 segment table and -1 page table. 453 * @error: error code 454 */ 455 static uint64_t table_translate(S390IOTLBEntry *entry, uint64_t to, int8_t ett, 456 uint16_t *error) 457 { 458 uint64_t tx, te, nto = 0; 459 uint16_t err = 0; 460 461 tx = get_table_index(entry->iova, ett); 462 te = address_space_ldq(&address_space_memory, to + tx * sizeof(uint64_t), 463 MEMTXATTRS_UNSPECIFIED, NULL); 464 465 if (!te) { 466 err = ERR_EVENT_INVALTE; 467 goto out; 468 } 469 470 if (!entry_isvalid(te, ett)) { 471 entry->perm &= IOMMU_NONE; 472 goto out; 473 } 474 475 if (ett == ZPCI_ETT_RT && ((te & ZPCI_TABLE_LEN_RTX) != ZPCI_TABLE_LEN_RTX 476 || te & ZPCI_TABLE_OFFSET_MASK)) { 477 err = ERR_EVENT_INVALTL; 478 goto out; 479 } 480 481 nto = get_next_table_origin(te, ett); 482 if (!nto) { 483 err = ERR_EVENT_TT; 484 goto out; 485 } 486 487 if (entry_isprotected(te)) { 488 entry->perm &= IOMMU_RO; 489 } else { 490 entry->perm &= IOMMU_RW; 491 } 492 493 if (translate_iscomplete(te, ett)) { 494 switch (ett) { 495 case ZPCI_ETT_PT: 496 entry->translated_addr = te & ZPCI_PTE_ADDR_MASK; 497 break; 498 case ZPCI_ETT_ST: 499 entry->translated_addr = (te & ZPCI_SFAA_MASK) | 500 (entry->iova & ~ZPCI_SFAA_MASK); 501 break; 502 } 503 nto = 0; 504 } 505 out: 506 if (err) { 507 entry->perm = IOMMU_NONE; 508 *error = err; 509 } 510 entry->len = get_frame_size(ett); 511 return nto; 512 } 513 514 uint16_t s390_guest_io_table_walk(uint64_t g_iota, hwaddr addr, 515 S390IOTLBEntry *entry) 516 { 517 uint64_t to = s390_pci_get_table_origin(g_iota); 518 int8_t ett = 1; 519 uint16_t error = 0; 520 521 entry->iova = addr & TARGET_PAGE_MASK; 522 entry->translated_addr = 0; 523 entry->perm = IOMMU_RW; 524 525 if (entry_isprotected(g_iota)) { 526 entry->perm &= IOMMU_RO; 527 } 528 529 while (to) { 530 to = table_translate(entry, to, ett--, &error); 531 } 532 533 return error; 534 } 535 536 static IOMMUTLBEntry s390_translate_iommu(IOMMUMemoryRegion *mr, hwaddr addr, 537 IOMMUAccessFlags flag, int iommu_idx) 538 { 539 S390PCIIOMMU *iommu = container_of(mr, S390PCIIOMMU, iommu_mr); 540 S390IOTLBEntry *entry; 541 uint64_t iova = addr & TARGET_PAGE_MASK; 542 uint16_t error = 0; 543 IOMMUTLBEntry ret = { 544 .target_as = &address_space_memory, 545 .iova = 0, 546 .translated_addr = 0, 547 .addr_mask = ~(hwaddr)0, 548 .perm = IOMMU_NONE, 549 }; 550 551 switch (iommu->pbdev->state) { 552 case ZPCI_FS_ENABLED: 553 case ZPCI_FS_BLOCKED: 554 if (!iommu->enabled) { 555 return ret; 556 } 557 break; 558 default: 559 return ret; 560 } 561 562 trace_s390_pci_iommu_xlate(addr); 563 564 if (addr < iommu->pba || addr > iommu->pal) { 565 error = ERR_EVENT_OORANGE; 566 goto err; 567 } 568 569 entry = g_hash_table_lookup(iommu->iotlb, &iova); 570 if (entry) { 571 ret.iova = entry->iova; 572 ret.translated_addr = entry->translated_addr; 573 ret.addr_mask = entry->len - 1; 574 ret.perm = entry->perm; 575 } else { 576 ret.iova = iova; 577 ret.addr_mask = ~TARGET_PAGE_MASK; 578 ret.perm = IOMMU_NONE; 579 } 580 581 if (flag != IOMMU_NONE && !(flag & ret.perm)) { 582 error = ERR_EVENT_TPROTE; 583 } 584 err: 585 if (error) { 586 iommu->pbdev->state = ZPCI_FS_ERROR; 587 s390_pci_generate_error_event(error, iommu->pbdev->fh, 588 iommu->pbdev->fid, addr, 0); 589 } 590 return ret; 591 } 592 593 static void s390_pci_iommu_replay(IOMMUMemoryRegion *iommu, 594 IOMMUNotifier *notifier) 595 { 596 /* It's impossible to plug a pci device on s390x that already has iommu 597 * mappings which need to be replayed, that is due to the "one iommu per 598 * zpci device" construct. But when we support migration of vfio-pci 599 * devices in future, we need to revisit this. 600 */ 601 return; 602 } 603 604 static S390PCIIOMMU *s390_pci_get_iommu(S390pciState *s, PCIBus *bus, 605 int devfn) 606 { 607 uint64_t key = (uintptr_t)bus; 608 S390PCIIOMMUTable *table = g_hash_table_lookup(s->iommu_table, &key); 609 S390PCIIOMMU *iommu; 610 611 if (!table) { 612 table = g_new0(S390PCIIOMMUTable, 1); 613 table->key = key; 614 g_hash_table_insert(s->iommu_table, &table->key, table); 615 } 616 617 iommu = table->iommu[PCI_SLOT(devfn)]; 618 if (!iommu) { 619 iommu = S390_PCI_IOMMU(object_new(TYPE_S390_PCI_IOMMU)); 620 621 char *mr_name = g_strdup_printf("iommu-root-%02x:%02x.%01x", 622 pci_bus_num(bus), 623 PCI_SLOT(devfn), 624 PCI_FUNC(devfn)); 625 char *as_name = g_strdup_printf("iommu-pci-%02x:%02x.%01x", 626 pci_bus_num(bus), 627 PCI_SLOT(devfn), 628 PCI_FUNC(devfn)); 629 memory_region_init(&iommu->mr, OBJECT(iommu), mr_name, UINT64_MAX); 630 address_space_init(&iommu->as, &iommu->mr, as_name); 631 iommu->iotlb = g_hash_table_new_full(g_int64_hash, g_int64_equal, 632 NULL, g_free); 633 table->iommu[PCI_SLOT(devfn)] = iommu; 634 635 g_free(mr_name); 636 g_free(as_name); 637 } 638 639 return iommu; 640 } 641 642 static AddressSpace *s390_pci_dma_iommu(PCIBus *bus, void *opaque, int devfn) 643 { 644 S390pciState *s = opaque; 645 S390PCIIOMMU *iommu = s390_pci_get_iommu(s, bus, devfn); 646 647 return &iommu->as; 648 } 649 650 static const PCIIOMMUOps s390_iommu_ops = { 651 .get_address_space = s390_pci_dma_iommu, 652 }; 653 654 static uint8_t set_ind_atomic(uint64_t ind_loc, uint8_t to_be_set) 655 { 656 uint8_t expected, actual; 657 hwaddr len = 1; 658 /* avoid multiple fetches */ 659 uint8_t volatile *ind_addr; 660 661 ind_addr = cpu_physical_memory_map(ind_loc, &len, true); 662 if (!ind_addr) { 663 s390_pci_generate_error_event(ERR_EVENT_AIRERR, 0, 0, 0, 0); 664 return -1; 665 } 666 actual = *ind_addr; 667 do { 668 expected = actual; 669 actual = qatomic_cmpxchg(ind_addr, expected, expected | to_be_set); 670 } while (actual != expected); 671 cpu_physical_memory_unmap((void *)ind_addr, len, 1, len); 672 673 return actual; 674 } 675 676 static void s390_msi_ctrl_write(void *opaque, hwaddr addr, uint64_t data, 677 unsigned int size) 678 { 679 S390PCIBusDevice *pbdev = opaque; 680 uint32_t vec = data & ZPCI_MSI_VEC_MASK; 681 uint64_t ind_bit; 682 uint32_t sum_bit; 683 684 assert(pbdev); 685 686 trace_s390_pci_msi_ctrl_write(data, pbdev->idx, vec); 687 688 if (pbdev->state != ZPCI_FS_ENABLED) { 689 return; 690 } 691 692 ind_bit = pbdev->routes.adapter.ind_offset; 693 sum_bit = pbdev->routes.adapter.summary_offset; 694 695 set_ind_atomic(pbdev->routes.adapter.ind_addr + (ind_bit + vec) / 8, 696 0x80 >> ((ind_bit + vec) % 8)); 697 if (!set_ind_atomic(pbdev->routes.adapter.summary_addr + sum_bit / 8, 698 0x80 >> (sum_bit % 8))) { 699 css_adapter_interrupt(CSS_IO_ADAPTER_PCI, pbdev->isc); 700 } 701 } 702 703 static uint64_t s390_msi_ctrl_read(void *opaque, hwaddr addr, unsigned size) 704 { 705 return 0xffffffff; 706 } 707 708 static const MemoryRegionOps s390_msi_ctrl_ops = { 709 .write = s390_msi_ctrl_write, 710 .read = s390_msi_ctrl_read, 711 .endianness = DEVICE_LITTLE_ENDIAN, 712 }; 713 714 void s390_pci_iommu_enable(S390PCIIOMMU *iommu) 715 { 716 /* 717 * The iommu region is initialized against a 0-mapped address space, 718 * so the smallest IOMMU region we can define runs from 0 to the end 719 * of the PCI address space. 720 */ 721 char *name = g_strdup_printf("iommu-s390-%04x", iommu->pbdev->uid); 722 memory_region_init_iommu(&iommu->iommu_mr, sizeof(iommu->iommu_mr), 723 TYPE_S390_IOMMU_MEMORY_REGION, OBJECT(&iommu->mr), 724 name, iommu->pal + 1); 725 iommu->enabled = true; 726 memory_region_add_subregion(&iommu->mr, 0, MEMORY_REGION(&iommu->iommu_mr)); 727 g_free(name); 728 } 729 730 void s390_pci_iommu_direct_map_enable(S390PCIIOMMU *iommu) 731 { 732 MachineState *ms = MACHINE(qdev_get_machine()); 733 S390CcwMachineState *s390ms = S390_CCW_MACHINE(ms); 734 735 /* 736 * For direct-mapping we must map the entire guest address space. Rather 737 * than using an iommu, create a memory region alias that maps GPA X to 738 * IOVA X + SDMA. VFIO will handle pinning via its memory listener. 739 */ 740 g_autofree char *name = g_strdup_printf("iommu-dm-s390-%04x", 741 iommu->pbdev->uid); 742 743 iommu->dm_mr = g_malloc0(sizeof(*iommu->dm_mr)); 744 memory_region_init_alias(iommu->dm_mr, OBJECT(&iommu->mr), name, 745 get_system_memory(), 0, 746 s390_get_memory_limit(s390ms)); 747 iommu->enabled = true; 748 memory_region_add_subregion(&iommu->mr, iommu->pbdev->zpci_fn.sdma, 749 iommu->dm_mr); 750 } 751 752 void s390_pci_iommu_disable(S390PCIIOMMU *iommu) 753 { 754 iommu->enabled = false; 755 g_hash_table_remove_all(iommu->iotlb); 756 if (iommu->dm_mr) { 757 memory_region_del_subregion(&iommu->mr, iommu->dm_mr); 758 object_unparent(OBJECT(iommu->dm_mr)); 759 g_free(iommu->dm_mr); 760 iommu->dm_mr = NULL; 761 } else { 762 memory_region_del_subregion(&iommu->mr, 763 MEMORY_REGION(&iommu->iommu_mr)); 764 object_unparent(OBJECT(&iommu->iommu_mr)); 765 } 766 } 767 768 static void s390_pci_iommu_free(S390pciState *s, PCIBus *bus, int32_t devfn) 769 { 770 uint64_t key = (uintptr_t)bus; 771 S390PCIIOMMUTable *table = g_hash_table_lookup(s->iommu_table, &key); 772 S390PCIIOMMU *iommu = table ? table->iommu[PCI_SLOT(devfn)] : NULL; 773 774 if (!table || !iommu) { 775 return; 776 } 777 778 table->iommu[PCI_SLOT(devfn)] = NULL; 779 g_hash_table_destroy(iommu->iotlb); 780 /* 781 * An attached PCI device may have memory listeners, eg. VFIO PCI. 782 * The associated subregion will already have been unmapped in 783 * s390_pci_iommu_disable in response to the guest deconfigure request. 784 * Remove the listeners now before destroying the address space. 785 */ 786 address_space_remove_listeners(&iommu->as); 787 address_space_destroy(&iommu->as); 788 object_unparent(OBJECT(&iommu->mr)); 789 object_unparent(OBJECT(iommu)); 790 object_unref(OBJECT(iommu)); 791 } 792 793 S390PCIGroup *s390_group_create(int id, int host_id) 794 { 795 S390PCIGroup *group; 796 S390pciState *s = s390_get_phb(); 797 798 group = g_new0(S390PCIGroup, 1); 799 group->id = id; 800 group->host_id = host_id; 801 QTAILQ_INSERT_TAIL(&s->zpci_groups, group, link); 802 return group; 803 } 804 805 S390PCIGroup *s390_group_find(int id) 806 { 807 S390PCIGroup *group; 808 S390pciState *s = s390_get_phb(); 809 810 QTAILQ_FOREACH(group, &s->zpci_groups, link) { 811 if (group->id == id) { 812 return group; 813 } 814 } 815 return NULL; 816 } 817 818 S390PCIGroup *s390_group_find_host_sim(int host_id) 819 { 820 S390PCIGroup *group; 821 S390pciState *s = s390_get_phb(); 822 823 QTAILQ_FOREACH(group, &s->zpci_groups, link) { 824 if (group->id >= ZPCI_SIM_GRP_START && group->host_id == host_id) { 825 return group; 826 } 827 } 828 return NULL; 829 } 830 831 static void s390_pci_init_default_group(void) 832 { 833 S390PCIGroup *group; 834 ClpRspQueryPciGrp *resgrp; 835 836 group = s390_group_create(ZPCI_DEFAULT_FN_GRP, ZPCI_DEFAULT_FN_GRP); 837 resgrp = &group->zpci_group; 838 resgrp->fr = 1; 839 resgrp->dasm = 0; 840 resgrp->msia = ZPCI_MSI_ADDR; 841 resgrp->mui = DEFAULT_MUI; 842 resgrp->i = 128; 843 resgrp->maxstbl = 128; 844 resgrp->version = 0; 845 resgrp->dtsm = ZPCI_DTSM; 846 } 847 848 static void set_pbdev_info(S390PCIBusDevice *pbdev) 849 { 850 pbdev->zpci_fn.sdma = ZPCI_SDMA_ADDR; 851 pbdev->zpci_fn.edma = ZPCI_EDMA_ADDR; 852 pbdev->zpci_fn.pchid = 0; 853 pbdev->zpci_fn.pfgid = ZPCI_DEFAULT_FN_GRP; 854 pbdev->zpci_fn.fid = pbdev->fid; 855 pbdev->zpci_fn.uid = pbdev->uid; 856 pbdev->pci_group = s390_group_find(ZPCI_DEFAULT_FN_GRP); 857 } 858 859 static void s390_pcihost_realize(DeviceState *dev, Error **errp) 860 { 861 PCIBus *b; 862 BusState *bus; 863 PCIHostState *phb = PCI_HOST_BRIDGE(dev); 864 S390pciState *s = S390_PCI_HOST_BRIDGE(dev); 865 866 trace_s390_pcihost("realize"); 867 868 b = pci_register_root_bus(dev, NULL, s390_pci_set_irq, s390_pci_map_irq, 869 NULL, get_system_memory(), get_system_io(), 0, 870 64, TYPE_PCI_BUS); 871 pci_setup_iommu(b, &s390_iommu_ops, s); 872 873 bus = BUS(b); 874 qbus_set_hotplug_handler(bus, OBJECT(dev)); 875 phb->bus = b; 876 877 s->bus = S390_PCI_BUS(qbus_new(TYPE_S390_PCI_BUS, dev, NULL)); 878 qbus_set_hotplug_handler(BUS(s->bus), OBJECT(dev)); 879 880 s->iommu_table = g_hash_table_new_full(g_int64_hash, g_int64_equal, 881 NULL, g_free); 882 s->zpci_table = g_hash_table_new_full(g_int_hash, g_int_equal, NULL, NULL); 883 s->bus_no = 0; 884 s->next_sim_grp = ZPCI_SIM_GRP_START; 885 QTAILQ_INIT(&s->pending_sei); 886 QTAILQ_INIT(&s->zpci_devs); 887 QTAILQ_INIT(&s->zpci_dma_limit); 888 QTAILQ_INIT(&s->zpci_groups); 889 890 s390_pci_init_default_group(); 891 css_register_io_adapters(CSS_IO_ADAPTER_PCI, true, false, 892 S390_ADAPTER_SUPPRESSIBLE, errp); 893 } 894 895 static void s390_pcihost_unrealize(DeviceState *dev) 896 { 897 S390PCIGroup *group; 898 S390pciState *s = S390_PCI_HOST_BRIDGE(dev); 899 900 while (!QTAILQ_EMPTY(&s->zpci_groups)) { 901 group = QTAILQ_FIRST(&s->zpci_groups); 902 QTAILQ_REMOVE(&s->zpci_groups, group, link); 903 } 904 } 905 906 static int s390_pci_msix_init(S390PCIBusDevice *pbdev) 907 { 908 char *name; 909 uint8_t pos; 910 uint16_t ctrl; 911 uint32_t table, pba; 912 913 pos = pci_find_capability(pbdev->pdev, PCI_CAP_ID_MSIX); 914 if (!pos) { 915 return -1; 916 } 917 918 ctrl = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_FLAGS, 919 pci_config_size(pbdev->pdev), sizeof(ctrl)); 920 table = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_TABLE, 921 pci_config_size(pbdev->pdev), sizeof(table)); 922 pba = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_PBA, 923 pci_config_size(pbdev->pdev), sizeof(pba)); 924 925 pbdev->msix.table_bar = table & PCI_MSIX_FLAGS_BIRMASK; 926 pbdev->msix.table_offset = table & ~PCI_MSIX_FLAGS_BIRMASK; 927 pbdev->msix.pba_bar = pba & PCI_MSIX_FLAGS_BIRMASK; 928 pbdev->msix.pba_offset = pba & ~PCI_MSIX_FLAGS_BIRMASK; 929 pbdev->msix.entries = (ctrl & PCI_MSIX_FLAGS_QSIZE) + 1; 930 931 name = g_strdup_printf("msix-s390-%04x", pbdev->uid); 932 memory_region_init_io(&pbdev->msix_notify_mr, OBJECT(pbdev), 933 &s390_msi_ctrl_ops, pbdev, name, TARGET_PAGE_SIZE); 934 memory_region_add_subregion(&pbdev->iommu->mr, 935 pbdev->pci_group->zpci_group.msia, 936 &pbdev->msix_notify_mr); 937 g_free(name); 938 939 return 0; 940 } 941 942 static void s390_pci_msix_free(S390PCIBusDevice *pbdev) 943 { 944 if (pbdev->msix.entries == 0) { 945 return; 946 } 947 948 memory_region_del_subregion(&pbdev->iommu->mr, &pbdev->msix_notify_mr); 949 object_unparent(OBJECT(&pbdev->msix_notify_mr)); 950 } 951 952 static S390PCIBusDevice *s390_pci_device_new(S390pciState *s, 953 const char *target, Error **errp) 954 { 955 Error *local_err = NULL; 956 DeviceState *dev; 957 958 dev = qdev_try_new(TYPE_S390_PCI_DEVICE); 959 if (!dev) { 960 error_setg(errp, "zPCI device could not be created"); 961 return NULL; 962 } 963 964 if (!object_property_set_str(OBJECT(dev), "target", target, &local_err)) { 965 object_unparent(OBJECT(dev)); 966 error_propagate_prepend(errp, local_err, 967 "zPCI device could not be created: "); 968 return NULL; 969 } 970 if (!qdev_realize_and_unref(dev, BUS(s->bus), &local_err)) { 971 object_unparent(OBJECT(dev)); 972 error_propagate_prepend(errp, local_err, 973 "zPCI device could not be created: "); 974 return NULL; 975 } 976 977 return S390_PCI_DEVICE(dev); 978 } 979 980 static bool s390_pci_alloc_idx(S390pciState *s, S390PCIBusDevice *pbdev) 981 { 982 uint32_t idx; 983 984 idx = s->next_idx; 985 while (s390_pci_find_dev_by_idx(s, idx)) { 986 idx = (idx + 1) & FH_MASK_INDEX; 987 if (idx == s->next_idx) { 988 return false; 989 } 990 } 991 992 pbdev->idx = idx; 993 return true; 994 } 995 996 static void s390_pcihost_pre_plug(HotplugHandler *hotplug_dev, DeviceState *dev, 997 Error **errp) 998 { 999 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev); 1000 1001 if (!s390_has_feat(S390_FEAT_ZPCI)) { 1002 warn_report("Plugging a PCI/zPCI device without the 'zpci' CPU " 1003 "feature enabled; the guest will not be able to see/use " 1004 "this device"); 1005 } 1006 1007 if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) { 1008 S390PCIBusDevice *pbdev = S390_PCI_DEVICE(dev); 1009 1010 if (!s390_pci_alloc_idx(s, pbdev)) { 1011 error_setg(errp, "no slot for plugging zpci device"); 1012 return; 1013 } 1014 } 1015 } 1016 1017 static void s390_pci_update_subordinate(PCIDevice *dev, uint32_t nr) 1018 { 1019 uint32_t old_nr; 1020 1021 pci_default_write_config(dev, PCI_SUBORDINATE_BUS, nr, 1); 1022 while (!pci_bus_is_root(pci_get_bus(dev))) { 1023 dev = pci_get_bus(dev)->parent_dev; 1024 1025 old_nr = pci_default_read_config(dev, PCI_SUBORDINATE_BUS, 1); 1026 if (old_nr < nr) { 1027 pci_default_write_config(dev, PCI_SUBORDINATE_BUS, nr, 1); 1028 } 1029 } 1030 } 1031 1032 static int s390_pci_interp_plug(S390pciState *s, S390PCIBusDevice *pbdev) 1033 { 1034 uint32_t idx, fh; 1035 1036 if (!s390_pci_get_host_fh(pbdev, &fh)) { 1037 return -EPERM; 1038 } 1039 1040 /* 1041 * The host device is already in an enabled state, but we always present 1042 * the initial device state to the guest as disabled (ZPCI_FS_DISABLED). 1043 * Therefore, mask off the enable bit from the passthrough handle until 1044 * the guest issues a CLP SET PCI FN later to enable the device. 1045 */ 1046 pbdev->fh = fh & ~FH_MASK_ENABLE; 1047 1048 /* Next, see if the idx is already in-use */ 1049 idx = pbdev->fh & FH_MASK_INDEX; 1050 if (pbdev->idx != idx) { 1051 if (s390_pci_find_dev_by_idx(s, idx)) { 1052 return -EINVAL; 1053 } 1054 /* 1055 * Update the idx entry with the passed through idx 1056 * If the relinquished idx is lower than next_idx, use it 1057 * to replace next_idx 1058 */ 1059 g_hash_table_remove(s->zpci_table, &pbdev->idx); 1060 if (idx < s->next_idx) { 1061 s->next_idx = idx; 1062 } 1063 pbdev->idx = idx; 1064 g_hash_table_insert(s->zpci_table, &pbdev->idx, pbdev); 1065 } 1066 1067 return 0; 1068 } 1069 1070 static void s390_pcihost_plug(HotplugHandler *hotplug_dev, DeviceState *dev, 1071 Error **errp) 1072 { 1073 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev); 1074 PCIDevice *pdev = NULL; 1075 S390PCIBusDevice *pbdev = NULL; 1076 int rc; 1077 1078 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_BRIDGE)) { 1079 PCIBridge *pb = PCI_BRIDGE(dev); 1080 1081 pdev = PCI_DEVICE(dev); 1082 pci_bridge_map_irq(pb, dev->id, s390_pci_map_irq); 1083 pci_setup_iommu(&pb->sec_bus, &s390_iommu_ops, s); 1084 1085 qbus_set_hotplug_handler(BUS(&pb->sec_bus), OBJECT(s)); 1086 1087 if (dev->hotplugged) { 1088 pci_default_write_config(pdev, PCI_PRIMARY_BUS, 1089 pci_dev_bus_num(pdev), 1); 1090 s->bus_no += 1; 1091 pci_default_write_config(pdev, PCI_SECONDARY_BUS, s->bus_no, 1); 1092 1093 s390_pci_update_subordinate(pdev, s->bus_no); 1094 } 1095 } else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) { 1096 pdev = PCI_DEVICE(dev); 1097 1098 /* 1099 * Multifunction is not supported due to the lack of CLP. However, 1100 * do not check for multifunction capability for SR-IOV devices because 1101 * SR-IOV devices automatically add the multifunction capability whether 1102 * the user intends to use the functions other than the PF. 1103 */ 1104 if (pdev->cap_present & QEMU_PCI_CAP_MULTIFUNCTION && 1105 !pdev->exp.sriov_cap) { 1106 error_setg(errp, "multifunction not supported in s390"); 1107 return; 1108 } 1109 1110 if (!dev->id) { 1111 /* In the case the PCI device does not define an id */ 1112 /* we generate one based on the PCI address */ 1113 dev->id = g_strdup_printf("auto_%02x:%02x.%01x", 1114 pci_dev_bus_num(pdev), 1115 PCI_SLOT(pdev->devfn), 1116 PCI_FUNC(pdev->devfn)); 1117 } 1118 1119 pbdev = s390_pci_find_dev_by_target(s, dev->id); 1120 if (!pbdev) { 1121 /* 1122 * VFs are automatically created by PF, and creating zpci for them 1123 * will result in unexpected usage of fids. Currently QEMU does not 1124 * support multifunction for s390x so we don't need zpci for VFs 1125 * anyway. 1126 */ 1127 if (pci_is_vf(pdev)) { 1128 return; 1129 } 1130 1131 pbdev = s390_pci_device_new(s, dev->id, errp); 1132 if (!pbdev) { 1133 return; 1134 } 1135 } 1136 1137 pbdev->pdev = pdev; 1138 pbdev->iommu = s390_pci_get_iommu(s, pci_get_bus(pdev), pdev->devfn); 1139 pbdev->iommu->pbdev = pbdev; 1140 pbdev->state = ZPCI_FS_DISABLED; 1141 set_pbdev_info(pbdev); 1142 1143 if (object_dynamic_cast(OBJECT(dev), "vfio-pci")) { 1144 /* 1145 * By default, interpretation is always requested; if the available 1146 * facilities indicate it is not available, fallback to the 1147 * interception model. 1148 */ 1149 if (pbdev->interp) { 1150 if (s390_pci_kvm_interp_allowed()) { 1151 rc = s390_pci_interp_plug(s, pbdev); 1152 if (rc) { 1153 error_setg(errp, "Plug failed for zPCI device in " 1154 "interpretation mode: %d", rc); 1155 return; 1156 } 1157 } else { 1158 trace_s390_pcihost("zPCI interpretation missing"); 1159 pbdev->interp = false; 1160 pbdev->forwarding_assist = false; 1161 } 1162 } 1163 pbdev->iommu->dma_limit = s390_pci_start_dma_count(s, pbdev); 1164 /* Fill in CLP information passed via the vfio region */ 1165 s390_pci_get_clp_info(pbdev); 1166 if (!pbdev->interp) { 1167 /* Do vfio passthrough but intercept for I/O */ 1168 pbdev->fh |= FH_SHM_VFIO; 1169 pbdev->forwarding_assist = false; 1170 } 1171 /* Register shutdown notifier and reset callback for ISM devices */ 1172 if (pbdev->pft == ZPCI_PFT_ISM) { 1173 pbdev->shutdown_notifier.notify = s390_pci_shutdown_notifier; 1174 qemu_register_shutdown_notifier(&pbdev->shutdown_notifier); 1175 } 1176 } else { 1177 pbdev->fh |= FH_SHM_EMUL; 1178 /* Always intercept emulated devices */ 1179 pbdev->interp = false; 1180 pbdev->forwarding_assist = false; 1181 pbdev->rtr_avail = false; 1182 } 1183 1184 if (s390_pci_msix_init(pbdev) && !pbdev->interp) { 1185 error_setg(errp, "MSI-X support is mandatory " 1186 "in the S390 architecture"); 1187 return; 1188 } 1189 1190 if (dev->hotplugged) { 1191 s390_pci_generate_plug_event(HP_EVENT_TO_CONFIGURED , 1192 pbdev->fh, pbdev->fid); 1193 } 1194 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) { 1195 pbdev = S390_PCI_DEVICE(dev); 1196 1197 /* the allocated idx is actually getting used */ 1198 s->next_idx = (pbdev->idx + 1) & FH_MASK_INDEX; 1199 pbdev->fh = pbdev->idx; 1200 QTAILQ_INSERT_TAIL(&s->zpci_devs, pbdev, link); 1201 g_hash_table_insert(s->zpci_table, &pbdev->idx, pbdev); 1202 } else { 1203 g_assert_not_reached(); 1204 } 1205 } 1206 1207 static void s390_pcihost_unplug(HotplugHandler *hotplug_dev, DeviceState *dev, 1208 Error **errp) 1209 { 1210 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev); 1211 S390PCIBusDevice *pbdev = NULL; 1212 1213 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) { 1214 PCIDevice *pci_dev = PCI_DEVICE(dev); 1215 PCIBus *bus; 1216 int32_t devfn; 1217 1218 pbdev = s390_pci_find_dev_by_pci(s, PCI_DEVICE(dev)); 1219 if (!pbdev) { 1220 g_assert(pci_is_vf(pci_dev)); 1221 return; 1222 } 1223 1224 s390_pci_generate_plug_event(HP_EVENT_STANDBY_TO_RESERVED, 1225 pbdev->fh, pbdev->fid); 1226 bus = pci_get_bus(pci_dev); 1227 devfn = pci_dev->devfn; 1228 qdev_unrealize(dev); 1229 1230 s390_pci_msix_free(pbdev); 1231 s390_pci_iommu_free(s, bus, devfn); 1232 pbdev->pdev = NULL; 1233 pbdev->state = ZPCI_FS_RESERVED; 1234 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) { 1235 pbdev = S390_PCI_DEVICE(dev); 1236 pbdev->fid = 0; 1237 QTAILQ_REMOVE(&s->zpci_devs, pbdev, link); 1238 g_hash_table_remove(s->zpci_table, &pbdev->idx); 1239 if (pbdev->iommu->dma_limit) { 1240 s390_pci_end_dma_count(s, pbdev->iommu->dma_limit); 1241 } 1242 qdev_unrealize(dev); 1243 } 1244 } 1245 1246 static void s390_pcihost_unplug_request(HotplugHandler *hotplug_dev, 1247 DeviceState *dev, 1248 Error **errp) 1249 { 1250 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev); 1251 S390PCIBusDevice *pbdev; 1252 1253 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_BRIDGE)) { 1254 error_setg(errp, "PCI bridge hot unplug currently not supported"); 1255 } else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) { 1256 /* 1257 * Redirect the unplug request to the zPCI device and remember that 1258 * we've checked the PCI device already (to prevent endless recursion). 1259 */ 1260 pbdev = s390_pci_find_dev_by_pci(s, PCI_DEVICE(dev)); 1261 if (!pbdev) { 1262 g_assert(pci_is_vf(PCI_DEVICE(dev))); 1263 return; 1264 } 1265 1266 pbdev->pci_unplug_request_processed = true; 1267 qdev_unplug(DEVICE(pbdev), errp); 1268 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) { 1269 pbdev = S390_PCI_DEVICE(dev); 1270 1271 /* 1272 * If unplug was initially requested for the zPCI device, we 1273 * first have to redirect to the PCI device, which will in return 1274 * redirect back to us after performing its checks (if the request 1275 * is not blocked, e.g. because it's a PCI bridge). 1276 */ 1277 if (pbdev->pdev && !pbdev->pci_unplug_request_processed) { 1278 qdev_unplug(DEVICE(pbdev->pdev), errp); 1279 return; 1280 } 1281 pbdev->pci_unplug_request_processed = false; 1282 1283 switch (pbdev->state) { 1284 case ZPCI_FS_STANDBY: 1285 case ZPCI_FS_RESERVED: 1286 s390_pci_perform_unplug(pbdev); 1287 break; 1288 default: 1289 /* 1290 * Allow to send multiple requests, e.g. if the guest crashed 1291 * before releasing the device, we would not be able to send 1292 * another request to the same VM (e.g. fresh OS). 1293 */ 1294 pbdev->unplug_requested = true; 1295 s390_pci_generate_plug_event(HP_EVENT_DECONFIGURE_REQUEST, 1296 pbdev->fh, pbdev->fid); 1297 } 1298 } else { 1299 g_assert_not_reached(); 1300 } 1301 } 1302 1303 static void s390_pci_enumerate_bridge(PCIBus *bus, PCIDevice *pdev, 1304 void *opaque) 1305 { 1306 S390pciState *s = opaque; 1307 PCIBus *sec_bus = NULL; 1308 1309 if ((pci_default_read_config(pdev, PCI_HEADER_TYPE, 1) != 1310 PCI_HEADER_TYPE_BRIDGE)) { 1311 return; 1312 } 1313 1314 (s->bus_no)++; 1315 pci_default_write_config(pdev, PCI_PRIMARY_BUS, pci_dev_bus_num(pdev), 1); 1316 pci_default_write_config(pdev, PCI_SECONDARY_BUS, s->bus_no, 1); 1317 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, s->bus_no, 1); 1318 1319 sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(pdev)); 1320 if (!sec_bus) { 1321 return; 1322 } 1323 1324 /* Assign numbers to all child bridges. The last is the highest number. */ 1325 pci_for_each_device_under_bus(sec_bus, s390_pci_enumerate_bridge, s); 1326 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, s->bus_no, 1); 1327 } 1328 1329 void s390_pci_ism_reset(void) 1330 { 1331 S390pciState *s = s390_get_phb(); 1332 1333 S390PCIBusDevice *pbdev, *next; 1334 1335 /* Trigger reset event for each passthrough ISM device currently in-use */ 1336 QTAILQ_FOREACH_SAFE(pbdev, &s->zpci_devs, link, next) { 1337 if (pbdev->interp && pbdev->pft == ZPCI_PFT_ISM && 1338 pbdev->fh & FH_MASK_ENABLE) { 1339 s390_pci_kvm_aif_disable(pbdev); 1340 1341 pci_device_reset(pbdev->pdev); 1342 } 1343 } 1344 } 1345 1346 static void s390_pcihost_reset(DeviceState *dev) 1347 { 1348 S390pciState *s = S390_PCI_HOST_BRIDGE(dev); 1349 PCIBus *bus = s->parent_obj.bus; 1350 S390PCIBusDevice *pbdev, *next; 1351 1352 /* Process all pending unplug requests */ 1353 QTAILQ_FOREACH_SAFE(pbdev, &s->zpci_devs, link, next) { 1354 if (pbdev->unplug_requested) { 1355 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) { 1356 /* Interpreted devices were using interrupt forwarding */ 1357 s390_pci_kvm_aif_disable(pbdev); 1358 } else if (pbdev->summary_ind) { 1359 pci_dereg_irqs(pbdev); 1360 } 1361 if (pbdev->iommu->enabled) { 1362 pci_dereg_ioat(pbdev->iommu); 1363 } 1364 pbdev->state = ZPCI_FS_STANDBY; 1365 s390_pci_perform_unplug(pbdev); 1366 } 1367 } 1368 1369 /* 1370 * When resetting a PCI bridge, the assigned numbers are set to 0. So 1371 * on every system reset, we also have to reassign numbers. 1372 */ 1373 s->bus_no = 0; 1374 pci_for_each_device_under_bus(bus, s390_pci_enumerate_bridge, s); 1375 } 1376 1377 static void s390_pcihost_class_init(ObjectClass *klass, void *data) 1378 { 1379 DeviceClass *dc = DEVICE_CLASS(klass); 1380 HotplugHandlerClass *hc = HOTPLUG_HANDLER_CLASS(klass); 1381 1382 device_class_set_legacy_reset(dc, s390_pcihost_reset); 1383 dc->realize = s390_pcihost_realize; 1384 dc->unrealize = s390_pcihost_unrealize; 1385 hc->pre_plug = s390_pcihost_pre_plug; 1386 hc->plug = s390_pcihost_plug; 1387 hc->unplug_request = s390_pcihost_unplug_request; 1388 hc->unplug = s390_pcihost_unplug; 1389 msi_nonbroken = true; 1390 } 1391 1392 static const TypeInfo s390_pcihost_info = { 1393 .name = TYPE_S390_PCI_HOST_BRIDGE, 1394 .parent = TYPE_PCI_HOST_BRIDGE, 1395 .instance_size = sizeof(S390pciState), 1396 .class_init = s390_pcihost_class_init, 1397 .interfaces = (InterfaceInfo[]) { 1398 { TYPE_HOTPLUG_HANDLER }, 1399 { } 1400 } 1401 }; 1402 1403 static const TypeInfo s390_pcibus_info = { 1404 .name = TYPE_S390_PCI_BUS, 1405 .parent = TYPE_BUS, 1406 .instance_size = sizeof(S390PCIBus), 1407 }; 1408 1409 static uint16_t s390_pci_generate_uid(S390pciState *s) 1410 { 1411 uint16_t uid = 0; 1412 1413 do { 1414 uid++; 1415 if (!s390_pci_find_dev_by_uid(s, uid)) { 1416 return uid; 1417 } 1418 } while (uid < ZPCI_MAX_UID); 1419 1420 return UID_UNDEFINED; 1421 } 1422 1423 static uint32_t s390_pci_generate_fid(S390pciState *s, Error **errp) 1424 { 1425 uint32_t fid = 0; 1426 1427 do { 1428 if (!s390_pci_find_dev_by_fid(s, fid)) { 1429 return fid; 1430 } 1431 } while (fid++ != ZPCI_MAX_FID); 1432 1433 error_setg(errp, "no free fid could be found"); 1434 return 0; 1435 } 1436 1437 static void s390_pci_device_realize(DeviceState *dev, Error **errp) 1438 { 1439 S390PCIBusDevice *zpci = S390_PCI_DEVICE(dev); 1440 S390pciState *s = s390_get_phb(); 1441 1442 if (!zpci->target) { 1443 error_setg(errp, "target must be defined"); 1444 return; 1445 } 1446 1447 if (s390_pci_find_dev_by_target(s, zpci->target)) { 1448 error_setg(errp, "target %s already has an associated zpci device", 1449 zpci->target); 1450 return; 1451 } 1452 1453 if (zpci->uid == UID_UNDEFINED) { 1454 zpci->uid = s390_pci_generate_uid(s); 1455 if (!zpci->uid) { 1456 error_setg(errp, "no free uid could be found"); 1457 return; 1458 } 1459 } else if (s390_pci_find_dev_by_uid(s, zpci->uid)) { 1460 error_setg(errp, "uid %u already in use", zpci->uid); 1461 return; 1462 } 1463 1464 if (!zpci->fid_defined) { 1465 Error *local_error = NULL; 1466 1467 zpci->fid = s390_pci_generate_fid(s, &local_error); 1468 if (local_error) { 1469 error_propagate(errp, local_error); 1470 return; 1471 } 1472 } else if (s390_pci_find_dev_by_fid(s, zpci->fid)) { 1473 error_setg(errp, "fid %u already in use", zpci->fid); 1474 return; 1475 } 1476 1477 zpci->state = ZPCI_FS_RESERVED; 1478 zpci->fmb.format = ZPCI_FMB_FORMAT; 1479 } 1480 1481 static void s390_pci_device_reset(DeviceState *dev) 1482 { 1483 S390PCIBusDevice *pbdev = S390_PCI_DEVICE(dev); 1484 1485 switch (pbdev->state) { 1486 case ZPCI_FS_RESERVED: 1487 return; 1488 case ZPCI_FS_STANDBY: 1489 break; 1490 default: 1491 pbdev->fh &= ~FH_MASK_ENABLE; 1492 pbdev->state = ZPCI_FS_DISABLED; 1493 break; 1494 } 1495 1496 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) { 1497 /* Interpreted devices were using interrupt forwarding */ 1498 s390_pci_kvm_aif_disable(pbdev); 1499 } else if (pbdev->summary_ind) { 1500 pci_dereg_irqs(pbdev); 1501 } 1502 if (pbdev->iommu->enabled) { 1503 pci_dereg_ioat(pbdev->iommu); 1504 } 1505 1506 fmb_timer_free(pbdev); 1507 } 1508 1509 static void s390_pci_get_fid(Object *obj, Visitor *v, const char *name, 1510 void *opaque, Error **errp) 1511 { 1512 const Property *prop = opaque; 1513 uint32_t *ptr = object_field_prop_ptr(obj, prop); 1514 1515 visit_type_uint32(v, name, ptr, errp); 1516 } 1517 1518 static void s390_pci_set_fid(Object *obj, Visitor *v, const char *name, 1519 void *opaque, Error **errp) 1520 { 1521 S390PCIBusDevice *zpci = S390_PCI_DEVICE(obj); 1522 const Property *prop = opaque; 1523 uint32_t *ptr = object_field_prop_ptr(obj, prop); 1524 1525 if (!visit_type_uint32(v, name, ptr, errp)) { 1526 return; 1527 } 1528 zpci->fid_defined = true; 1529 } 1530 1531 static const PropertyInfo s390_pci_fid_propinfo = { 1532 .type = "uint32", 1533 .description = "zpci_fid", 1534 .get = s390_pci_get_fid, 1535 .set = s390_pci_set_fid, 1536 }; 1537 1538 #define DEFINE_PROP_S390_PCI_FID(_n, _s, _f) \ 1539 DEFINE_PROP(_n, _s, _f, s390_pci_fid_propinfo, uint32_t) 1540 1541 static const Property s390_pci_device_properties[] = { 1542 DEFINE_PROP_UINT16("uid", S390PCIBusDevice, uid, UID_UNDEFINED), 1543 DEFINE_PROP_S390_PCI_FID("fid", S390PCIBusDevice, fid), 1544 DEFINE_PROP_STRING("target", S390PCIBusDevice, target), 1545 DEFINE_PROP_BOOL("interpret", S390PCIBusDevice, interp, true), 1546 DEFINE_PROP_BOOL("forwarding-assist", S390PCIBusDevice, forwarding_assist, 1547 true), 1548 DEFINE_PROP_BOOL("relaxed-translation", S390PCIBusDevice, rtr_avail, 1549 true), 1550 }; 1551 1552 static const VMStateDescription s390_pci_device_vmstate = { 1553 .name = TYPE_S390_PCI_DEVICE, 1554 /* 1555 * TODO: add state handling here, so migration works at least with 1556 * emulated pci devices on s390x 1557 */ 1558 .unmigratable = 1, 1559 }; 1560 1561 static void s390_pci_device_class_init(ObjectClass *klass, void *data) 1562 { 1563 DeviceClass *dc = DEVICE_CLASS(klass); 1564 1565 dc->desc = "zpci device"; 1566 set_bit(DEVICE_CATEGORY_MISC, dc->categories); 1567 device_class_set_legacy_reset(dc, s390_pci_device_reset); 1568 dc->bus_type = TYPE_S390_PCI_BUS; 1569 dc->realize = s390_pci_device_realize; 1570 device_class_set_props(dc, s390_pci_device_properties); 1571 dc->vmsd = &s390_pci_device_vmstate; 1572 } 1573 1574 static const TypeInfo s390_pci_device_info = { 1575 .name = TYPE_S390_PCI_DEVICE, 1576 .parent = TYPE_DEVICE, 1577 .instance_size = sizeof(S390PCIBusDevice), 1578 .class_init = s390_pci_device_class_init, 1579 }; 1580 1581 static const TypeInfo s390_pci_iommu_info = { 1582 .name = TYPE_S390_PCI_IOMMU, 1583 .parent = TYPE_OBJECT, 1584 .instance_size = sizeof(S390PCIIOMMU), 1585 }; 1586 1587 static void s390_iommu_memory_region_class_init(ObjectClass *klass, void *data) 1588 { 1589 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_CLASS(klass); 1590 1591 imrc->translate = s390_translate_iommu; 1592 imrc->replay = s390_pci_iommu_replay; 1593 } 1594 1595 static const TypeInfo s390_iommu_memory_region_info = { 1596 .parent = TYPE_IOMMU_MEMORY_REGION, 1597 .name = TYPE_S390_IOMMU_MEMORY_REGION, 1598 .class_init = s390_iommu_memory_region_class_init, 1599 }; 1600 1601 static void s390_pci_register_types(void) 1602 { 1603 type_register_static(&s390_pcihost_info); 1604 type_register_static(&s390_pcibus_info); 1605 type_register_static(&s390_pci_device_info); 1606 type_register_static(&s390_pci_iommu_info); 1607 type_register_static(&s390_iommu_memory_region_info); 1608 } 1609 1610 type_init(s390_pci_register_types) 1611