2 * QEMU sPAPR PCI host originated from Uninorth PCI host
4 * Copyright (c) 2011 Alexey Kardashevskiy, IBM Corporation.
5 * Copyright (C) 2011 David Gibson, IBM Corporation.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
25 #include "qemu/osdep.h"
26 #include "qapi/error.h"
27 #include "qemu-common.h"
30 #include "hw/sysbus.h"
31 #include "hw/pci/pci.h"
32 #include "hw/pci/msi.h"
33 #include "hw/pci/msix.h"
34 #include "hw/pci/pci_host.h"
35 #include "hw/ppc/spapr.h"
36 #include "hw/pci-host/spapr.h"
37 #include "exec/address-spaces.h"
40 #include "qemu/error-report.h"
41 #include "qapi/qmp/qerror.h"
43 #include "hw/pci/pci_bridge.h"
44 #include "hw/pci/pci_bus.h"
45 #include "hw/ppc/spapr_drc.h"
46 #include "sysemu/device_tree.h"
48 #include "hw/vfio/vfio.h"
50 /* Copied from the kernel arch/powerpc/platforms/pseries/msi.c */
51 #define RTAS_QUERY_FN 0
52 #define RTAS_CHANGE_FN 1
53 #define RTAS_RESET_FN 2
54 #define RTAS_CHANGE_MSI_FN 3
55 #define RTAS_CHANGE_MSIX_FN 4
57 /* Interrupt types to return on RTAS_CHANGE_* */
58 #define RTAS_TYPE_MSI 1
59 #define RTAS_TYPE_MSIX 2
61 #define FDT_NAME_MAX 128
71 sPAPRPHBState *spapr_pci_find_phb(sPAPRMachineState *spapr, uint64_t buid)
75 QLIST_FOREACH(sphb, &spapr->phbs, list) {
76 if (sphb->buid != buid) {
85 PCIDevice *spapr_pci_find_dev(sPAPRMachineState *spapr, uint64_t buid,
88 sPAPRPHBState *sphb = spapr_pci_find_phb(spapr, buid);
89 PCIHostState *phb = PCI_HOST_BRIDGE(sphb);
90 int bus_num = (config_addr >> 16) & 0xFF;
91 int devfn = (config_addr >> 8) & 0xFF;
97 return pci_find_device(phb->bus, bus_num, devfn);
100 static uint32_t rtas_pci_cfgaddr(uint32_t arg)
102 /* This handles the encoding of extended config space addresses */
103 return ((arg >> 20) & 0xf00) | (arg & 0xff);
106 static void finish_read_pci_config(sPAPRMachineState *spapr, uint64_t buid,
107 uint32_t addr, uint32_t size,
113 if ((size != 1) && (size != 2) && (size != 4)) {
114 /* access must be 1, 2 or 4 bytes */
115 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
119 pci_dev = spapr_pci_find_dev(spapr, buid, addr);
120 addr = rtas_pci_cfgaddr(addr);
122 if (!pci_dev || (addr % size) || (addr >= pci_config_size(pci_dev))) {
123 /* Access must be to a valid device, within bounds and
124 * naturally aligned */
125 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
129 val = pci_host_config_read_common(pci_dev, addr,
130 pci_config_size(pci_dev), size);
132 rtas_st(rets, 0, RTAS_OUT_SUCCESS);
133 rtas_st(rets, 1, val);
136 static void rtas_ibm_read_pci_config(PowerPCCPU *cpu, sPAPRMachineState *spapr,
137 uint32_t token, uint32_t nargs,
139 uint32_t nret, target_ulong rets)
144 if ((nargs != 4) || (nret != 2)) {
145 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
149 buid = rtas_ldq(args, 1);
150 size = rtas_ld(args, 3);
151 addr = rtas_ld(args, 0);
153 finish_read_pci_config(spapr, buid, addr, size, rets);
156 static void rtas_read_pci_config(PowerPCCPU *cpu, sPAPRMachineState *spapr,
157 uint32_t token, uint32_t nargs,
159 uint32_t nret, target_ulong rets)
163 if ((nargs != 2) || (nret != 2)) {
164 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
168 size = rtas_ld(args, 1);
169 addr = rtas_ld(args, 0);
171 finish_read_pci_config(spapr, 0, addr, size, rets);
174 static void finish_write_pci_config(sPAPRMachineState *spapr, uint64_t buid,
175 uint32_t addr, uint32_t size,
176 uint32_t val, target_ulong rets)
180 if ((size != 1) && (size != 2) && (size != 4)) {
181 /* access must be 1, 2 or 4 bytes */
182 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
186 pci_dev = spapr_pci_find_dev(spapr, buid, addr);
187 addr = rtas_pci_cfgaddr(addr);
189 if (!pci_dev || (addr % size) || (addr >= pci_config_size(pci_dev))) {
190 /* Access must be to a valid device, within bounds and
191 * naturally aligned */
192 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
196 pci_host_config_write_common(pci_dev, addr, pci_config_size(pci_dev),
199 rtas_st(rets, 0, RTAS_OUT_SUCCESS);
202 static void rtas_ibm_write_pci_config(PowerPCCPU *cpu, sPAPRMachineState *spapr,
203 uint32_t token, uint32_t nargs,
205 uint32_t nret, target_ulong rets)
208 uint32_t val, size, addr;
210 if ((nargs != 5) || (nret != 1)) {
211 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
215 buid = rtas_ldq(args, 1);
216 val = rtas_ld(args, 4);
217 size = rtas_ld(args, 3);
218 addr = rtas_ld(args, 0);
220 finish_write_pci_config(spapr, buid, addr, size, val, rets);
223 static void rtas_write_pci_config(PowerPCCPU *cpu, sPAPRMachineState *spapr,
224 uint32_t token, uint32_t nargs,
226 uint32_t nret, target_ulong rets)
228 uint32_t val, size, addr;
230 if ((nargs != 3) || (nret != 1)) {
231 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
236 val = rtas_ld(args, 2);
237 size = rtas_ld(args, 1);
238 addr = rtas_ld(args, 0);
240 finish_write_pci_config(spapr, 0, addr, size, val, rets);
244 * Set MSI/MSIX message data.
245 * This is required for msi_notify()/msix_notify() which
246 * will write at the addresses via spapr_msi_write().
248 * If hwaddr == 0, all entries will have .data == first_irq i.e.
249 * table will be reset.
251 static void spapr_msi_setmsg(PCIDevice *pdev, hwaddr addr, bool msix,
252 unsigned first_irq, unsigned req_num)
255 MSIMessage msg = { .address = addr, .data = first_irq };
258 msi_set_message(pdev, msg);
259 trace_spapr_pci_msi_setup(pdev->name, 0, msg.address);
263 for (i = 0; i < req_num; ++i) {
264 msix_set_message(pdev, i, msg);
265 trace_spapr_pci_msi_setup(pdev->name, i, msg.address);
272 static void rtas_ibm_change_msi(PowerPCCPU *cpu, sPAPRMachineState *spapr,
273 uint32_t token, uint32_t nargs,
274 target_ulong args, uint32_t nret,
277 uint32_t config_addr = rtas_ld(args, 0);
278 uint64_t buid = rtas_ldq(args, 1);
279 unsigned int func = rtas_ld(args, 3);
280 unsigned int req_num = rtas_ld(args, 4); /* 0 == remove all */
281 unsigned int seq_num = rtas_ld(args, 5);
282 unsigned int ret_intr_type;
283 unsigned int irq, max_irqs = 0;
284 sPAPRPHBState *phb = NULL;
285 PCIDevice *pdev = NULL;
287 int *config_addr_key;
291 case RTAS_CHANGE_MSI_FN:
293 ret_intr_type = RTAS_TYPE_MSI;
295 case RTAS_CHANGE_MSIX_FN:
296 ret_intr_type = RTAS_TYPE_MSIX;
299 error_report("rtas_ibm_change_msi(%u) is not implemented", func);
300 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
304 /* Fins sPAPRPHBState */
305 phb = spapr_pci_find_phb(spapr, buid);
307 pdev = spapr_pci_find_dev(spapr, buid, config_addr);
310 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
314 msi = (spapr_pci_msi *) g_hash_table_lookup(phb->msi, &config_addr);
319 trace_spapr_pci_msi("Releasing wrong config", config_addr);
320 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
324 xics_free(spapr->icp, msi->first_irq, msi->num);
325 if (msi_present(pdev)) {
326 spapr_msi_setmsg(pdev, 0, false, 0, 0);
328 if (msix_present(pdev)) {
329 spapr_msi_setmsg(pdev, 0, true, 0, 0);
331 g_hash_table_remove(phb->msi, &config_addr);
333 trace_spapr_pci_msi("Released MSIs", config_addr);
334 rtas_st(rets, 0, RTAS_OUT_SUCCESS);
341 /* Check if the device supports as many IRQs as requested */
342 if (ret_intr_type == RTAS_TYPE_MSI) {
343 max_irqs = msi_nr_vectors_allocated(pdev);
344 } else if (ret_intr_type == RTAS_TYPE_MSIX) {
345 max_irqs = pdev->msix_entries_nr;
348 error_report("Requested interrupt type %d is not enabled for device %x",
349 ret_intr_type, config_addr);
350 rtas_st(rets, 0, -1); /* Hardware error */
353 /* Correct the number if the guest asked for too many */
354 if (req_num > max_irqs) {
355 trace_spapr_pci_msi_retry(config_addr, req_num, max_irqs);
357 irq = 0; /* to avoid misleading trace */
362 irq = xics_alloc_block(spapr->icp, 0, req_num, false,
363 ret_intr_type == RTAS_TYPE_MSI, &err);
365 error_reportf_err(err, "Can't allocate MSIs for device %x: ",
367 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
371 /* Release previous MSIs */
373 xics_free(spapr->icp, msi->first_irq, msi->num);
374 g_hash_table_remove(phb->msi, &config_addr);
377 /* Setup MSI/MSIX vectors in the device (via cfgspace or MSIX BAR) */
378 spapr_msi_setmsg(pdev, SPAPR_PCI_MSI_WINDOW, ret_intr_type == RTAS_TYPE_MSIX,
381 /* Add MSI device to cache */
382 msi = g_new(spapr_pci_msi, 1);
383 msi->first_irq = irq;
385 config_addr_key = g_new(int, 1);
386 *config_addr_key = config_addr;
387 g_hash_table_insert(phb->msi, config_addr_key, msi);
390 rtas_st(rets, 0, RTAS_OUT_SUCCESS);
391 rtas_st(rets, 1, req_num);
392 rtas_st(rets, 2, ++seq_num);
394 rtas_st(rets, 3, ret_intr_type);
397 trace_spapr_pci_rtas_ibm_change_msi(config_addr, func, req_num, irq);
400 static void rtas_ibm_query_interrupt_source_number(PowerPCCPU *cpu,
401 sPAPRMachineState *spapr,
408 uint32_t config_addr = rtas_ld(args, 0);
409 uint64_t buid = rtas_ldq(args, 1);
410 unsigned int intr_src_num = -1, ioa_intr_num = rtas_ld(args, 3);
411 sPAPRPHBState *phb = NULL;
412 PCIDevice *pdev = NULL;
415 /* Find sPAPRPHBState */
416 phb = spapr_pci_find_phb(spapr, buid);
418 pdev = spapr_pci_find_dev(spapr, buid, config_addr);
421 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
425 /* Find device descriptor and start IRQ */
426 msi = (spapr_pci_msi *) g_hash_table_lookup(phb->msi, &config_addr);
427 if (!msi || !msi->first_irq || !msi->num || (ioa_intr_num >= msi->num)) {
428 trace_spapr_pci_msi("Failed to return vector", config_addr);
429 rtas_st(rets, 0, RTAS_OUT_HW_ERROR);
432 intr_src_num = msi->first_irq + ioa_intr_num;
433 trace_spapr_pci_rtas_ibm_query_interrupt_source_number(ioa_intr_num,
436 rtas_st(rets, 0, RTAS_OUT_SUCCESS);
437 rtas_st(rets, 1, intr_src_num);
438 rtas_st(rets, 2, 1);/* 0 == level; 1 == edge */
441 static void rtas_ibm_set_eeh_option(PowerPCCPU *cpu,
442 sPAPRMachineState *spapr,
443 uint32_t token, uint32_t nargs,
444 target_ulong args, uint32_t nret,
448 uint32_t addr, option;
452 if ((nargs != 4) || (nret != 1)) {
453 goto param_error_exit;
456 buid = rtas_ldq(args, 1);
457 addr = rtas_ld(args, 0);
458 option = rtas_ld(args, 3);
460 sphb = spapr_pci_find_phb(spapr, buid);
462 goto param_error_exit;
465 if (!spapr_phb_eeh_available(sphb)) {
466 goto param_error_exit;
469 ret = spapr_phb_vfio_eeh_set_option(sphb, addr, option);
470 rtas_st(rets, 0, ret);
474 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
477 static void rtas_ibm_get_config_addr_info2(PowerPCCPU *cpu,
478 sPAPRMachineState *spapr,
479 uint32_t token, uint32_t nargs,
480 target_ulong args, uint32_t nret,
485 uint32_t addr, option;
488 if ((nargs != 4) || (nret != 2)) {
489 goto param_error_exit;
492 buid = rtas_ldq(args, 1);
493 sphb = spapr_pci_find_phb(spapr, buid);
495 goto param_error_exit;
498 if (!spapr_phb_eeh_available(sphb)) {
499 goto param_error_exit;
503 * We always have PE address of form "00BB0001". "BB"
504 * represents the bus number of PE's primary bus.
506 option = rtas_ld(args, 3);
508 case RTAS_GET_PE_ADDR:
509 addr = rtas_ld(args, 0);
510 pdev = spapr_pci_find_dev(spapr, buid, addr);
512 goto param_error_exit;
515 rtas_st(rets, 1, (pci_bus_num(pdev->bus) << 16) + 1);
517 case RTAS_GET_PE_MODE:
518 rtas_st(rets, 1, RTAS_PE_MODE_SHARED);
521 goto param_error_exit;
524 rtas_st(rets, 0, RTAS_OUT_SUCCESS);
528 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
531 static void rtas_ibm_read_slot_reset_state2(PowerPCCPU *cpu,
532 sPAPRMachineState *spapr,
533 uint32_t token, uint32_t nargs,
534 target_ulong args, uint32_t nret,
541 if ((nargs != 3) || (nret != 4 && nret != 5)) {
542 goto param_error_exit;
545 buid = rtas_ldq(args, 1);
546 sphb = spapr_pci_find_phb(spapr, buid);
548 goto param_error_exit;
551 if (!spapr_phb_eeh_available(sphb)) {
552 goto param_error_exit;
555 ret = spapr_phb_vfio_eeh_get_state(sphb, &state);
556 rtas_st(rets, 0, ret);
557 if (ret != RTAS_OUT_SUCCESS) {
561 rtas_st(rets, 1, state);
562 rtas_st(rets, 2, RTAS_EEH_SUPPORT);
563 rtas_st(rets, 3, RTAS_EEH_PE_UNAVAIL_INFO);
565 rtas_st(rets, 4, RTAS_EEH_PE_RECOVER_INFO);
570 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
573 static void rtas_ibm_set_slot_reset(PowerPCCPU *cpu,
574 sPAPRMachineState *spapr,
575 uint32_t token, uint32_t nargs,
576 target_ulong args, uint32_t nret,
584 if ((nargs != 4) || (nret != 1)) {
585 goto param_error_exit;
588 buid = rtas_ldq(args, 1);
589 option = rtas_ld(args, 3);
590 sphb = spapr_pci_find_phb(spapr, buid);
592 goto param_error_exit;
595 if (!spapr_phb_eeh_available(sphb)) {
596 goto param_error_exit;
599 ret = spapr_phb_vfio_eeh_reset(sphb, option);
600 rtas_st(rets, 0, ret);
604 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
607 static void rtas_ibm_configure_pe(PowerPCCPU *cpu,
608 sPAPRMachineState *spapr,
609 uint32_t token, uint32_t nargs,
610 target_ulong args, uint32_t nret,
617 if ((nargs != 3) || (nret != 1)) {
618 goto param_error_exit;
621 buid = rtas_ldq(args, 1);
622 sphb = spapr_pci_find_phb(spapr, buid);
624 goto param_error_exit;
627 if (!spapr_phb_eeh_available(sphb)) {
628 goto param_error_exit;
631 ret = spapr_phb_vfio_eeh_configure(sphb);
632 rtas_st(rets, 0, ret);
636 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
639 /* To support it later */
640 static void rtas_ibm_slot_error_detail(PowerPCCPU *cpu,
641 sPAPRMachineState *spapr,
642 uint32_t token, uint32_t nargs,
643 target_ulong args, uint32_t nret,
650 if ((nargs != 8) || (nret != 1)) {
651 goto param_error_exit;
654 buid = rtas_ldq(args, 1);
655 sphb = spapr_pci_find_phb(spapr, buid);
657 goto param_error_exit;
660 if (!spapr_phb_eeh_available(sphb)) {
661 goto param_error_exit;
664 option = rtas_ld(args, 7);
666 case RTAS_SLOT_TEMP_ERR_LOG:
667 case RTAS_SLOT_PERM_ERR_LOG:
670 goto param_error_exit;
673 /* We don't have error log yet */
674 rtas_st(rets, 0, RTAS_OUT_NO_ERRORS_FOUND);
678 rtas_st(rets, 0, RTAS_OUT_PARAM_ERROR);
681 static int pci_spapr_swizzle(int slot, int pin)
683 return (slot + pin) % PCI_NUM_PINS;
686 static int pci_spapr_map_irq(PCIDevice *pci_dev, int irq_num)
689 * Here we need to convert pci_dev + irq_num to some unique value
690 * which is less than number of IRQs on the specific bus (4). We
691 * use standard PCI swizzling, that is (slot number + pin number)
694 return pci_spapr_swizzle(PCI_SLOT(pci_dev->devfn), irq_num);
697 static void pci_spapr_set_irq(void *opaque, int irq_num, int level)
700 * Here we use the number returned by pci_spapr_map_irq to find a
701 * corresponding qemu_irq.
703 sPAPRPHBState *phb = opaque;
705 trace_spapr_pci_lsi_set(phb->dtbusname, irq_num, phb->lsi_table[irq_num].irq);
706 qemu_set_irq(spapr_phb_lsi_qirq(phb, irq_num), level);
709 static PCIINTxRoute spapr_route_intx_pin_to_irq(void *opaque, int pin)
711 sPAPRPHBState *sphb = SPAPR_PCI_HOST_BRIDGE(opaque);
714 route.mode = PCI_INTX_ENABLED;
715 route.irq = sphb->lsi_table[pin].irq;
721 * MSI/MSIX memory region implementation.
722 * The handler handles both MSI and MSIX.
723 * For MSI-X, the vector number is encoded as a part of the address,
725 * For MSI, the vector number is encoded in least bits in data.
727 static void spapr_msi_write(void *opaque, hwaddr addr,
728 uint64_t data, unsigned size)
730 sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
733 trace_spapr_pci_msi_write(addr, data, irq);
735 qemu_irq_pulse(xics_get_qirq(spapr->icp, irq));
738 static const MemoryRegionOps spapr_msi_ops = {
739 /* There is no .read as the read result is undefined by PCI spec */
741 .write = spapr_msi_write,
742 .endianness = DEVICE_LITTLE_ENDIAN
748 static AddressSpace *spapr_pci_dma_iommu(PCIBus *bus, void *opaque, int devfn)
750 sPAPRPHBState *phb = opaque;
752 return &phb->iommu_as;
755 static char *spapr_phb_vfio_get_loc_code(sPAPRPHBState *sphb, PCIDevice *pdev)
757 char *path = NULL, *buf = NULL, *host = NULL;
759 /* Get the PCI VFIO host id */
760 host = object_property_get_str(OBJECT(pdev), "host", NULL);
765 /* Construct the path of the file that will give us the DT location */
766 path = g_strdup_printf("/sys/bus/pci/devices/%s/devspec", host);
768 if (!path || !g_file_get_contents(path, &buf, NULL, NULL)) {
773 /* Construct and read from host device tree the loc-code */
774 path = g_strdup_printf("/proc/device-tree%s/ibm,loc-code", buf);
776 if (!path || !g_file_get_contents(path, &buf, NULL, NULL)) {
786 static char *spapr_phb_get_loc_code(sPAPRPHBState *sphb, PCIDevice *pdev)
789 const char *devtype = "qemu";
790 uint32_t busnr = pci_bus_num(PCI_BUS(qdev_get_parent_bus(DEVICE(pdev))));
792 if (object_dynamic_cast(OBJECT(pdev), "vfio-pci")) {
793 buf = spapr_phb_vfio_get_loc_code(sphb, pdev);
800 * For emulated devices and VFIO-failure case, make up
803 buf = g_strdup_printf("%s_%s:%04x:%02x:%02x.%x",
804 devtype, pdev->name, sphb->index, busnr,
805 PCI_SLOT(pdev->devfn), PCI_FUNC(pdev->devfn));
809 /* Macros to operate with address in OF binding to PCI */
810 #define b_x(x, p, l) (((x) & ((1<<(l))-1)) << (p))
811 #define b_n(x) b_x((x), 31, 1) /* 0 if relocatable */
812 #define b_p(x) b_x((x), 30, 1) /* 1 if prefetchable */
813 #define b_t(x) b_x((x), 29, 1) /* 1 if the address is aliased */
814 #define b_ss(x) b_x((x), 24, 2) /* the space code */
815 #define b_bbbbbbbb(x) b_x((x), 16, 8) /* bus number */
816 #define b_ddddd(x) b_x((x), 11, 5) /* device number */
817 #define b_fff(x) b_x((x), 8, 3) /* function number */
818 #define b_rrrrrrrr(x) b_x((x), 0, 8) /* register number */
820 /* for 'reg'/'assigned-addresses' OF properties */
821 #define RESOURCE_CELLS_SIZE 2
822 #define RESOURCE_CELLS_ADDRESS 3
824 typedef struct ResourceFields {
830 } QEMU_PACKED ResourceFields;
832 typedef struct ResourceProps {
833 ResourceFields reg[8];
834 ResourceFields assigned[7];
836 uint32_t assigned_len;
839 /* fill in the 'reg'/'assigned-resources' OF properties for
840 * a PCI device. 'reg' describes resource requirements for a
841 * device's IO/MEM regions, 'assigned-addresses' describes the
842 * actual resource assignments.
844 * the properties are arrays of ('phys-addr', 'size') pairs describing
845 * the addressable regions of the PCI device, where 'phys-addr' is a
846 * RESOURCE_CELLS_ADDRESS-tuple of 32-bit integers corresponding to
847 * (phys.hi, phys.mid, phys.lo), and 'size' is a
848 * RESOURCE_CELLS_SIZE-tuple corresponding to (size.hi, size.lo).
850 * phys.hi = 0xYYXXXXZZ, where:
855 * ||| + 00 if configuration space
856 * ||| + 01 if IO region,
857 * ||| + 10 if 32-bit MEM region
858 * ||| + 11 if 64-bit MEM region
860 * ||+------ for non-relocatable IO: 1 if aliased
861 * || for relocatable IO: 1 if below 64KB
862 * || for MEM: 1 if below 1MB
863 * |+------- 1 if region is prefetchable
864 * +-------- 1 if region is non-relocatable
865 * 0xXXXX = bbbbbbbb dddddfff, encoding bus, slot, and function
867 * 0xZZ = rrrrrrrr, the register number of the BAR corresponding
870 * phys.mid and phys.lo correspond respectively to the hi/lo portions
871 * of the actual address of the region.
873 * how the phys-addr/size values are used differ slightly between
874 * 'reg' and 'assigned-addresses' properties. namely, 'reg' has
875 * an additional description for the config space region of the
876 * device, and in the case of QEMU has n=0 and phys.mid=phys.lo=0
877 * to describe the region as relocatable, with an address-mapping
878 * that corresponds directly to the PHB's address space for the
879 * resource. 'assigned-addresses' always has n=1 set with an absolute
880 * address assigned for the resource. in general, 'assigned-addresses'
881 * won't be populated, since addresses for PCI devices are generally
882 * unmapped initially and left to the guest to assign.
884 * note also that addresses defined in these properties are, at least
885 * for PAPR guests, relative to the PHBs IO/MEM windows, and
886 * correspond directly to the addresses in the BARs.
888 * in accordance with PCI Bus Binding to Open Firmware,
889 * IEEE Std 1275-1994, section 4.1.1, as implemented by PAPR+ v2.7,
892 static void populate_resource_props(PCIDevice *d, ResourceProps *rp)
894 int bus_num = pci_bus_num(PCI_BUS(qdev_get_parent_bus(DEVICE(d))));
895 uint32_t dev_id = (b_bbbbbbbb(bus_num) |
896 b_ddddd(PCI_SLOT(d->devfn)) |
897 b_fff(PCI_FUNC(d->devfn)));
898 ResourceFields *reg, *assigned;
899 int i, reg_idx = 0, assigned_idx = 0;
901 /* config space region */
902 reg = &rp->reg[reg_idx++];
903 reg->phys_hi = cpu_to_be32(dev_id);
909 for (i = 0; i < PCI_NUM_REGIONS; i++) {
910 if (!d->io_regions[i].size) {
914 reg = &rp->reg[reg_idx++];
916 reg->phys_hi = cpu_to_be32(dev_id | b_rrrrrrrr(pci_bar(d, i)));
917 if (d->io_regions[i].type & PCI_BASE_ADDRESS_SPACE_IO) {
918 reg->phys_hi |= cpu_to_be32(b_ss(1));
919 } else if (d->io_regions[i].type & PCI_BASE_ADDRESS_MEM_TYPE_64) {
920 reg->phys_hi |= cpu_to_be32(b_ss(3));
922 reg->phys_hi |= cpu_to_be32(b_ss(2));
926 reg->size_hi = cpu_to_be32(d->io_regions[i].size >> 32);
927 reg->size_lo = cpu_to_be32(d->io_regions[i].size);
929 if (d->io_regions[i].addr == PCI_BAR_UNMAPPED) {
933 assigned = &rp->assigned[assigned_idx++];
934 assigned->phys_hi = cpu_to_be32(reg->phys_hi | b_n(1));
935 assigned->phys_mid = cpu_to_be32(d->io_regions[i].addr >> 32);
936 assigned->phys_lo = cpu_to_be32(d->io_regions[i].addr);
937 assigned->size_hi = reg->size_hi;
938 assigned->size_lo = reg->size_lo;
941 rp->reg_len = reg_idx * sizeof(ResourceFields);
942 rp->assigned_len = assigned_idx * sizeof(ResourceFields);
945 static uint32_t spapr_phb_get_pci_drc_index(sPAPRPHBState *phb,
948 static int spapr_populate_pci_child_dt(PCIDevice *dev, void *fdt, int offset,
952 bool is_bridge = false;
955 uint32_t drc_index = spapr_phb_get_pci_drc_index(sphb, dev);
956 uint32_t max_msi, max_msix;
958 if (pci_default_read_config(dev, PCI_HEADER_TYPE, 1) ==
959 PCI_HEADER_TYPE_BRIDGE) {
963 /* in accordance with PAPR+ v2.7 13.6.3, Table 181 */
964 _FDT(fdt_setprop_cell(fdt, offset, "vendor-id",
965 pci_default_read_config(dev, PCI_VENDOR_ID, 2)));
966 _FDT(fdt_setprop_cell(fdt, offset, "device-id",
967 pci_default_read_config(dev, PCI_DEVICE_ID, 2)));
968 _FDT(fdt_setprop_cell(fdt, offset, "revision-id",
969 pci_default_read_config(dev, PCI_REVISION_ID, 1)));
970 _FDT(fdt_setprop_cell(fdt, offset, "class-code",
971 pci_default_read_config(dev, PCI_CLASS_PROG, 3)));
972 if (pci_default_read_config(dev, PCI_INTERRUPT_PIN, 1)) {
973 _FDT(fdt_setprop_cell(fdt, offset, "interrupts",
974 pci_default_read_config(dev, PCI_INTERRUPT_PIN, 1)));
978 _FDT(fdt_setprop_cell(fdt, offset, "min-grant",
979 pci_default_read_config(dev, PCI_MIN_GNT, 1)));
980 _FDT(fdt_setprop_cell(fdt, offset, "max-latency",
981 pci_default_read_config(dev, PCI_MAX_LAT, 1)));
984 if (pci_default_read_config(dev, PCI_SUBSYSTEM_ID, 2)) {
985 _FDT(fdt_setprop_cell(fdt, offset, "subsystem-id",
986 pci_default_read_config(dev, PCI_SUBSYSTEM_ID, 2)));
989 if (pci_default_read_config(dev, PCI_SUBSYSTEM_VENDOR_ID, 2)) {
990 _FDT(fdt_setprop_cell(fdt, offset, "subsystem-vendor-id",
991 pci_default_read_config(dev, PCI_SUBSYSTEM_VENDOR_ID, 2)));
994 _FDT(fdt_setprop_cell(fdt, offset, "cache-line-size",
995 pci_default_read_config(dev, PCI_CACHE_LINE_SIZE, 1)));
997 /* the following fdt cells are masked off the pci status register */
998 pci_status = pci_default_read_config(dev, PCI_STATUS, 2);
999 _FDT(fdt_setprop_cell(fdt, offset, "devsel-speed",
1000 PCI_STATUS_DEVSEL_MASK & pci_status));
1002 if (pci_status & PCI_STATUS_FAST_BACK) {
1003 _FDT(fdt_setprop(fdt, offset, "fast-back-to-back", NULL, 0));
1005 if (pci_status & PCI_STATUS_66MHZ) {
1006 _FDT(fdt_setprop(fdt, offset, "66mhz-capable", NULL, 0));
1008 if (pci_status & PCI_STATUS_UDF) {
1009 _FDT(fdt_setprop(fdt, offset, "udf-supported", NULL, 0));
1012 /* NOTE: this is normally generated by firmware via path/unit name,
1013 * but in our case we must set it manually since it does not get
1014 * processed by OF beforehand
1016 _FDT(fdt_setprop_string(fdt, offset, "name", "pci"));
1017 buf = spapr_phb_get_loc_code(sphb, dev);
1019 error_report("Failed setting the ibm,loc-code");
1023 err = fdt_setprop_string(fdt, offset, "ibm,loc-code", buf);
1030 _FDT(fdt_setprop_cell(fdt, offset, "ibm,my-drc-index", drc_index));
1033 _FDT(fdt_setprop_cell(fdt, offset, "#address-cells",
1034 RESOURCE_CELLS_ADDRESS));
1035 _FDT(fdt_setprop_cell(fdt, offset, "#size-cells",
1036 RESOURCE_CELLS_SIZE));
1038 max_msi = msi_nr_vectors_allocated(dev);
1040 _FDT(fdt_setprop_cell(fdt, offset, "ibm,req#msi", max_msi));
1042 max_msix = dev->msix_entries_nr;
1044 _FDT(fdt_setprop_cell(fdt, offset, "ibm,req#msi-x", max_msix));
1047 populate_resource_props(dev, &rp);
1048 _FDT(fdt_setprop(fdt, offset, "reg", (uint8_t *)rp.reg, rp.reg_len));
1049 _FDT(fdt_setprop(fdt, offset, "assigned-addresses",
1050 (uint8_t *)rp.assigned, rp.assigned_len));
1055 /* create OF node for pci device and required OF DT properties */
1056 static int spapr_create_pci_child_dt(sPAPRPHBState *phb, PCIDevice *dev,
1057 void *fdt, int node_offset)
1060 int slot = PCI_SLOT(dev->devfn);
1061 int func = PCI_FUNC(dev->devfn);
1062 char nodename[FDT_NAME_MAX];
1065 snprintf(nodename, FDT_NAME_MAX, "pci@%x,%x", slot, func);
1067 snprintf(nodename, FDT_NAME_MAX, "pci@%x", slot);
1069 offset = fdt_add_subnode(fdt, node_offset, nodename);
1070 ret = spapr_populate_pci_child_dt(dev, fdt, offset, phb);
1079 static void spapr_phb_add_pci_device(sPAPRDRConnector *drc,
1084 sPAPRDRConnectorClass *drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc);
1085 DeviceState *dev = DEVICE(pdev);
1087 int fdt_start_offset = 0, fdt_size;
1089 if (object_dynamic_cast(OBJECT(pdev), "vfio-pci")) {
1090 sPAPRTCETable *tcet = spapr_tce_find_by_liobn(phb->dma_liobn);
1092 spapr_tce_set_need_vfio(tcet, true);
1095 if (dev->hotplugged) {
1096 fdt = create_device_tree(&fdt_size);
1097 fdt_start_offset = spapr_create_pci_child_dt(phb, pdev, fdt, 0);
1098 if (!fdt_start_offset) {
1099 error_setg(errp, "Failed to create pci child device tree node");
1104 drck->attach(drc, DEVICE(pdev),
1105 fdt, fdt_start_offset, !dev->hotplugged, errp);
1112 static void spapr_phb_remove_pci_device_cb(DeviceState *dev, void *opaque)
1114 /* some version guests do not wait for completion of a device
1115 * cleanup (generally done asynchronously by the kernel) before
1116 * signaling to QEMU that the device is safe, but instead sleep
1117 * for some 'safe' period of time. unfortunately on a busy host
1118 * this sleep isn't guaranteed to be long enough, resulting in
1119 * bad things like IRQ lines being left asserted during final
1120 * device removal. to deal with this we call reset just prior
1121 * to finalizing the device, which will put the device back into
1122 * an 'idle' state, as the device cleanup code expects.
1124 pci_device_reset(PCI_DEVICE(dev));
1125 object_unparent(OBJECT(dev));
1128 static void spapr_phb_remove_pci_device(sPAPRDRConnector *drc,
1133 sPAPRDRConnectorClass *drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc);
1135 drck->detach(drc, DEVICE(pdev), spapr_phb_remove_pci_device_cb, phb, errp);
1138 static sPAPRDRConnector *spapr_phb_get_pci_func_drc(sPAPRPHBState *phb,
1142 return spapr_dr_connector_by_id(SPAPR_DR_CONNECTOR_TYPE_PCI,
1143 (phb->index << 16) |
1148 static sPAPRDRConnector *spapr_phb_get_pci_drc(sPAPRPHBState *phb,
1151 uint32_t busnr = pci_bus_num(PCI_BUS(qdev_get_parent_bus(DEVICE(pdev))));
1152 return spapr_phb_get_pci_func_drc(phb, busnr, pdev->devfn);
1155 static uint32_t spapr_phb_get_pci_drc_index(sPAPRPHBState *phb,
1158 sPAPRDRConnector *drc = spapr_phb_get_pci_drc(phb, pdev);
1159 sPAPRDRConnectorClass *drck;
1165 drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc);
1166 return drck->get_index(drc);
1169 static void spapr_phb_hot_plug_child(HotplugHandler *plug_handler,
1170 DeviceState *plugged_dev, Error **errp)
1172 sPAPRPHBState *phb = SPAPR_PCI_HOST_BRIDGE(DEVICE(plug_handler));
1173 PCIDevice *pdev = PCI_DEVICE(plugged_dev);
1174 sPAPRDRConnector *drc = spapr_phb_get_pci_drc(phb, pdev);
1175 Error *local_err = NULL;
1176 PCIBus *bus = PCI_BUS(qdev_get_parent_bus(DEVICE(pdev)));
1177 uint32_t slotnr = PCI_SLOT(pdev->devfn);
1179 /* if DR is disabled we don't need to do anything in the case of
1180 * hotplug or coldplug callbacks
1182 if (!phb->dr_enabled) {
1183 /* if this is a hotplug operation initiated by the user
1184 * we need to let them know it's not enabled
1186 if (plugged_dev->hotplugged) {
1187 error_setg(errp, QERR_BUS_NO_HOTPLUG,
1188 object_get_typename(OBJECT(phb)));
1195 /* Following the QEMU convention used for PCIe multifunction
1196 * hotplug, we do not allow functions to be hotplugged to a
1197 * slot that already has function 0 present
1199 if (plugged_dev->hotplugged && bus->devices[PCI_DEVFN(slotnr, 0)] &&
1200 PCI_FUNC(pdev->devfn) != 0) {
1201 error_setg(errp, "PCI: slot %d function 0 already ocuppied by %s,"
1202 " additional functions can no longer be exposed to guest.",
1203 slotnr, bus->devices[PCI_DEVFN(slotnr, 0)]->name);
1207 spapr_phb_add_pci_device(drc, phb, pdev, &local_err);
1209 error_propagate(errp, local_err);
1213 /* If this is function 0, signal hotplug for all the device functions.
1214 * Otherwise defer sending the hotplug event.
1216 if (plugged_dev->hotplugged && PCI_FUNC(pdev->devfn) == 0) {
1219 for (i = 0; i < 8; i++) {
1220 sPAPRDRConnector *func_drc;
1221 sPAPRDRConnectorClass *func_drck;
1222 sPAPRDREntitySense state;
1224 func_drc = spapr_phb_get_pci_func_drc(phb, pci_bus_num(bus),
1225 PCI_DEVFN(slotnr, i));
1226 func_drck = SPAPR_DR_CONNECTOR_GET_CLASS(func_drc);
1227 func_drck->entity_sense(func_drc, &state);
1229 if (state == SPAPR_DR_ENTITY_SENSE_PRESENT) {
1230 spapr_hotplug_req_add_by_index(func_drc);
1236 static void spapr_phb_hot_unplug_child(HotplugHandler *plug_handler,
1237 DeviceState *plugged_dev, Error **errp)
1239 sPAPRPHBState *phb = SPAPR_PCI_HOST_BRIDGE(DEVICE(plug_handler));
1240 PCIDevice *pdev = PCI_DEVICE(plugged_dev);
1241 sPAPRDRConnectorClass *drck;
1242 sPAPRDRConnector *drc = spapr_phb_get_pci_drc(phb, pdev);
1243 Error *local_err = NULL;
1245 if (!phb->dr_enabled) {
1246 error_setg(errp, QERR_BUS_NO_HOTPLUG,
1247 object_get_typename(OBJECT(phb)));
1253 drck = SPAPR_DR_CONNECTOR_GET_CLASS(drc);
1254 if (!drck->release_pending(drc)) {
1255 PCIBus *bus = PCI_BUS(qdev_get_parent_bus(DEVICE(pdev)));
1256 uint32_t slotnr = PCI_SLOT(pdev->devfn);
1257 sPAPRDRConnector *func_drc;
1258 sPAPRDRConnectorClass *func_drck;
1259 sPAPRDREntitySense state;
1262 /* ensure any other present functions are pending unplug */
1263 if (PCI_FUNC(pdev->devfn) == 0) {
1264 for (i = 1; i < 8; i++) {
1265 func_drc = spapr_phb_get_pci_func_drc(phb, pci_bus_num(bus),
1266 PCI_DEVFN(slotnr, i));
1267 func_drck = SPAPR_DR_CONNECTOR_GET_CLASS(func_drc);
1268 func_drck->entity_sense(func_drc, &state);
1269 if (state == SPAPR_DR_ENTITY_SENSE_PRESENT
1270 && !func_drck->release_pending(func_drc)) {
1272 "PCI: slot %d, function %d still present. "
1273 "Must unplug all non-0 functions first.",
1280 spapr_phb_remove_pci_device(drc, phb, pdev, &local_err);
1282 error_propagate(errp, local_err);
1286 /* if this isn't func 0, defer unplug event. otherwise signal removal
1287 * for all present functions
1289 if (PCI_FUNC(pdev->devfn) == 0) {
1290 for (i = 7; i >= 0; i--) {
1291 func_drc = spapr_phb_get_pci_func_drc(phb, pci_bus_num(bus),
1292 PCI_DEVFN(slotnr, i));
1293 func_drck = SPAPR_DR_CONNECTOR_GET_CLASS(func_drc);
1294 func_drck->entity_sense(func_drc, &state);
1295 if (state == SPAPR_DR_ENTITY_SENSE_PRESENT) {
1296 spapr_hotplug_req_remove_by_index(func_drc);
1303 static void spapr_phb_realize(DeviceState *dev, Error **errp)
1305 sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
1306 SysBusDevice *s = SYS_BUS_DEVICE(dev);
1307 sPAPRPHBState *sphb = SPAPR_PCI_HOST_BRIDGE(s);
1308 PCIHostState *phb = PCI_HOST_BRIDGE(s);
1312 uint64_t msi_window_size = 4096;
1313 sPAPRTCETable *tcet;
1316 if (sphb->index != (uint32_t)-1) {
1317 hwaddr windows_base;
1319 if ((sphb->buid != (uint64_t)-1) || (sphb->dma_liobn != (uint32_t)-1)
1320 || (sphb->mem_win_addr != (hwaddr)-1)
1321 || (sphb->io_win_addr != (hwaddr)-1)) {
1322 error_setg(errp, "Either \"index\" or other parameters must"
1323 " be specified for PAPR PHB, not both");
1327 if (sphb->index > SPAPR_PCI_MAX_INDEX) {
1328 error_setg(errp, "\"index\" for PAPR PHB is too large (max %u)",
1329 SPAPR_PCI_MAX_INDEX);
1333 sphb->buid = SPAPR_PCI_BASE_BUID + sphb->index;
1334 sphb->dma_liobn = SPAPR_PCI_LIOBN(sphb->index, 0);
1336 windows_base = SPAPR_PCI_WINDOW_BASE
1337 + sphb->index * SPAPR_PCI_WINDOW_SPACING;
1338 sphb->mem_win_addr = windows_base + SPAPR_PCI_MMIO_WIN_OFF;
1339 sphb->io_win_addr = windows_base + SPAPR_PCI_IO_WIN_OFF;
1342 if (sphb->buid == (uint64_t)-1) {
1343 error_setg(errp, "BUID not specified for PHB");
1347 if (sphb->dma_liobn == (uint32_t)-1) {
1348 error_setg(errp, "LIOBN not specified for PHB");
1352 if (sphb->mem_win_addr == (hwaddr)-1) {
1353 error_setg(errp, "Memory window address not specified for PHB");
1357 if (sphb->io_win_addr == (hwaddr)-1) {
1358 error_setg(errp, "IO window address not specified for PHB");
1362 if (spapr_pci_find_phb(spapr, sphb->buid)) {
1363 error_setg(errp, "PCI host bridges must have unique BUIDs");
1367 sphb->dtbusname = g_strdup_printf("pci@%" PRIx64, sphb->buid);
1369 namebuf = alloca(strlen(sphb->dtbusname) + 32);
1371 /* Initialize memory regions */
1372 sprintf(namebuf, "%s.mmio", sphb->dtbusname);
1373 memory_region_init(&sphb->memspace, OBJECT(sphb), namebuf, UINT64_MAX);
1375 sprintf(namebuf, "%s.mmio-alias", sphb->dtbusname);
1376 memory_region_init_alias(&sphb->memwindow, OBJECT(sphb),
1377 namebuf, &sphb->memspace,
1378 SPAPR_PCI_MEM_WIN_BUS_OFFSET, sphb->mem_win_size);
1379 memory_region_add_subregion(get_system_memory(), sphb->mem_win_addr,
1382 /* Initialize IO regions */
1383 sprintf(namebuf, "%s.io", sphb->dtbusname);
1384 memory_region_init(&sphb->iospace, OBJECT(sphb),
1385 namebuf, SPAPR_PCI_IO_WIN_SIZE);
1387 sprintf(namebuf, "%s.io-alias", sphb->dtbusname);
1388 memory_region_init_alias(&sphb->iowindow, OBJECT(sphb), namebuf,
1389 &sphb->iospace, 0, SPAPR_PCI_IO_WIN_SIZE);
1390 memory_region_add_subregion(get_system_memory(), sphb->io_win_addr,
1393 bus = pci_register_bus(dev, NULL,
1394 pci_spapr_set_irq, pci_spapr_map_irq, sphb,
1395 &sphb->memspace, &sphb->iospace,
1396 PCI_DEVFN(0, 0), PCI_NUM_PINS, TYPE_PCI_BUS);
1398 qbus_set_hotplug_handler(BUS(phb->bus), DEVICE(sphb), NULL);
1401 * Initialize PHB address space.
1402 * By default there will be at least one subregion for default
1404 * Later the guest might want to create another DMA window
1405 * which will become another memory subregion.
1407 sprintf(namebuf, "%s.iommu-root", sphb->dtbusname);
1409 memory_region_init(&sphb->iommu_root, OBJECT(sphb),
1410 namebuf, UINT64_MAX);
1411 address_space_init(&sphb->iommu_as, &sphb->iommu_root,
1415 * As MSI/MSIX interrupts trigger by writing at MSI/MSIX vectors,
1416 * we need to allocate some memory to catch those writes coming
1417 * from msi_notify()/msix_notify().
1418 * As MSIMessage:addr is going to be the same and MSIMessage:data
1419 * is going to be a VIRQ number, 4 bytes of the MSI MR will only
1422 * For KVM we want to ensure that this memory is a full page so that
1423 * our memory slot is of page size granularity.
1426 if (kvm_enabled()) {
1427 msi_window_size = getpagesize();
1431 memory_region_init_io(&sphb->msiwindow, NULL, &spapr_msi_ops, spapr,
1432 "msi", msi_window_size);
1433 memory_region_add_subregion(&sphb->iommu_root, SPAPR_PCI_MSI_WINDOW,
1436 pci_setup_iommu(bus, spapr_pci_dma_iommu, sphb);
1438 pci_bus_set_route_irq_fn(bus, spapr_route_intx_pin_to_irq);
1440 QLIST_INSERT_HEAD(&spapr->phbs, sphb, list);
1442 /* Initialize the LSI table */
1443 for (i = 0; i < PCI_NUM_PINS; i++) {
1445 Error *local_err = NULL;
1447 irq = xics_alloc_block(spapr->icp, 0, 1, true, false, &local_err);
1449 error_propagate(errp, local_err);
1450 error_prepend(errp, "can't allocate LSIs: ");
1454 sphb->lsi_table[i].irq = irq;
1457 /* allocate connectors for child PCI devices */
1458 if (sphb->dr_enabled) {
1459 for (i = 0; i < PCI_SLOT_MAX * 8; i++) {
1460 spapr_dr_connector_new(OBJECT(phb),
1461 SPAPR_DR_CONNECTOR_TYPE_PCI,
1462 (sphb->index << 16) | i);
1466 nb_table = sphb->dma_win_size >> SPAPR_TCE_PAGE_SHIFT;
1467 tcet = spapr_tce_new_table(DEVICE(sphb), sphb->dma_liobn,
1468 0, SPAPR_TCE_PAGE_SHIFT, nb_table, false);
1470 error_setg(errp, "Unable to create TCE table for %s",
1475 /* Register default 32bit DMA window */
1476 memory_region_add_subregion(&sphb->iommu_root, sphb->dma_win_addr,
1477 spapr_tce_get_iommu(tcet));
1479 sphb->msi = g_hash_table_new_full(g_int_hash, g_int_equal, g_free, g_free);
1482 static int spapr_phb_children_reset(Object *child, void *opaque)
1484 DeviceState *dev = (DeviceState *) object_dynamic_cast(child, TYPE_DEVICE);
1493 static void spapr_phb_reset(DeviceState *qdev)
1495 /* Reset the IOMMU state */
1496 object_child_foreach(OBJECT(qdev), spapr_phb_children_reset, NULL);
1498 if (spapr_phb_eeh_available(SPAPR_PCI_HOST_BRIDGE(qdev))) {
1499 spapr_phb_vfio_reset(qdev);
1503 static Property spapr_phb_properties[] = {
1504 DEFINE_PROP_UINT32("index", sPAPRPHBState, index, -1),
1505 DEFINE_PROP_UINT64("buid", sPAPRPHBState, buid, -1),
1506 DEFINE_PROP_UINT32("liobn", sPAPRPHBState, dma_liobn, -1),
1507 DEFINE_PROP_UINT64("mem_win_addr", sPAPRPHBState, mem_win_addr, -1),
1508 DEFINE_PROP_UINT64("mem_win_size", sPAPRPHBState, mem_win_size,
1509 SPAPR_PCI_MMIO_WIN_SIZE),
1510 DEFINE_PROP_UINT64("io_win_addr", sPAPRPHBState, io_win_addr, -1),
1511 DEFINE_PROP_UINT64("io_win_size", sPAPRPHBState, io_win_size,
1512 SPAPR_PCI_IO_WIN_SIZE),
1513 DEFINE_PROP_BOOL("dynamic-reconfiguration", sPAPRPHBState, dr_enabled,
1515 /* Default DMA window is 0..1GB */
1516 DEFINE_PROP_UINT64("dma_win_addr", sPAPRPHBState, dma_win_addr, 0),
1517 DEFINE_PROP_UINT64("dma_win_size", sPAPRPHBState, dma_win_size, 0x40000000),
1518 DEFINE_PROP_END_OF_LIST(),
1521 static const VMStateDescription vmstate_spapr_pci_lsi = {
1522 .name = "spapr_pci/lsi",
1524 .minimum_version_id = 1,
1525 .fields = (VMStateField[]) {
1526 VMSTATE_UINT32_EQUAL(irq, struct spapr_pci_lsi),
1528 VMSTATE_END_OF_LIST()
1532 static const VMStateDescription vmstate_spapr_pci_msi = {
1533 .name = "spapr_pci/msi",
1535 .minimum_version_id = 1,
1536 .fields = (VMStateField []) {
1537 VMSTATE_UINT32(key, spapr_pci_msi_mig),
1538 VMSTATE_UINT32(value.first_irq, spapr_pci_msi_mig),
1539 VMSTATE_UINT32(value.num, spapr_pci_msi_mig),
1540 VMSTATE_END_OF_LIST()
1544 static void spapr_pci_pre_save(void *opaque)
1546 sPAPRPHBState *sphb = opaque;
1547 GHashTableIter iter;
1548 gpointer key, value;
1551 g_free(sphb->msi_devs);
1552 sphb->msi_devs = NULL;
1553 sphb->msi_devs_num = g_hash_table_size(sphb->msi);
1554 if (!sphb->msi_devs_num) {
1557 sphb->msi_devs = g_malloc(sphb->msi_devs_num * sizeof(spapr_pci_msi_mig));
1559 g_hash_table_iter_init(&iter, sphb->msi);
1560 for (i = 0; g_hash_table_iter_next(&iter, &key, &value); ++i) {
1561 sphb->msi_devs[i].key = *(uint32_t *) key;
1562 sphb->msi_devs[i].value = *(spapr_pci_msi *) value;
1566 static int spapr_pci_post_load(void *opaque, int version_id)
1568 sPAPRPHBState *sphb = opaque;
1569 gpointer key, value;
1572 for (i = 0; i < sphb->msi_devs_num; ++i) {
1573 key = g_memdup(&sphb->msi_devs[i].key,
1574 sizeof(sphb->msi_devs[i].key));
1575 value = g_memdup(&sphb->msi_devs[i].value,
1576 sizeof(sphb->msi_devs[i].value));
1577 g_hash_table_insert(sphb->msi, key, value);
1579 g_free(sphb->msi_devs);
1580 sphb->msi_devs = NULL;
1581 sphb->msi_devs_num = 0;
1586 static const VMStateDescription vmstate_spapr_pci = {
1587 .name = "spapr_pci",
1589 .minimum_version_id = 2,
1590 .pre_save = spapr_pci_pre_save,
1591 .post_load = spapr_pci_post_load,
1592 .fields = (VMStateField[]) {
1593 VMSTATE_UINT64_EQUAL(buid, sPAPRPHBState),
1594 VMSTATE_UINT32_EQUAL(dma_liobn, sPAPRPHBState),
1595 VMSTATE_UINT64_EQUAL(mem_win_addr, sPAPRPHBState),
1596 VMSTATE_UINT64_EQUAL(mem_win_size, sPAPRPHBState),
1597 VMSTATE_UINT64_EQUAL(io_win_addr, sPAPRPHBState),
1598 VMSTATE_UINT64_EQUAL(io_win_size, sPAPRPHBState),
1599 VMSTATE_STRUCT_ARRAY(lsi_table, sPAPRPHBState, PCI_NUM_PINS, 0,
1600 vmstate_spapr_pci_lsi, struct spapr_pci_lsi),
1601 VMSTATE_INT32(msi_devs_num, sPAPRPHBState),
1602 VMSTATE_STRUCT_VARRAY_ALLOC(msi_devs, sPAPRPHBState, msi_devs_num, 0,
1603 vmstate_spapr_pci_msi, spapr_pci_msi_mig),
1604 VMSTATE_END_OF_LIST()
1608 static const char *spapr_phb_root_bus_path(PCIHostState *host_bridge,
1611 sPAPRPHBState *sphb = SPAPR_PCI_HOST_BRIDGE(host_bridge);
1613 return sphb->dtbusname;
1616 static void spapr_phb_class_init(ObjectClass *klass, void *data)
1618 PCIHostBridgeClass *hc = PCI_HOST_BRIDGE_CLASS(klass);
1619 DeviceClass *dc = DEVICE_CLASS(klass);
1620 HotplugHandlerClass *hp = HOTPLUG_HANDLER_CLASS(klass);
1622 hc->root_bus_path = spapr_phb_root_bus_path;
1623 dc->realize = spapr_phb_realize;
1624 dc->props = spapr_phb_properties;
1625 dc->reset = spapr_phb_reset;
1626 dc->vmsd = &vmstate_spapr_pci;
1627 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
1628 dc->cannot_instantiate_with_device_add_yet = false;
1629 hp->plug = spapr_phb_hot_plug_child;
1630 hp->unplug = spapr_phb_hot_unplug_child;
1633 static const TypeInfo spapr_phb_info = {
1634 .name = TYPE_SPAPR_PCI_HOST_BRIDGE,
1635 .parent = TYPE_PCI_HOST_BRIDGE,
1636 .instance_size = sizeof(sPAPRPHBState),
1637 .class_init = spapr_phb_class_init,
1638 .interfaces = (InterfaceInfo[]) {
1639 { TYPE_HOTPLUG_HANDLER },
1644 PCIHostState *spapr_create_phb(sPAPRMachineState *spapr, int index)
1648 dev = qdev_create(NULL, TYPE_SPAPR_PCI_HOST_BRIDGE);
1649 qdev_prop_set_uint32(dev, "index", index);
1650 qdev_init_nofail(dev);
1652 return PCI_HOST_BRIDGE(dev);
1655 typedef struct sPAPRFDT {
1658 sPAPRPHBState *sphb;
1661 static void spapr_populate_pci_devices_dt(PCIBus *bus, PCIDevice *pdev,
1665 sPAPRFDT *p = opaque;
1669 offset = spapr_create_pci_child_dt(p->sphb, pdev, p->fdt, p->node_off);
1671 error_report("Failed to create pci child device tree node");
1675 if ((pci_default_read_config(pdev, PCI_HEADER_TYPE, 1) !=
1676 PCI_HEADER_TYPE_BRIDGE)) {
1680 sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(pdev));
1686 s_fdt.node_off = offset;
1687 s_fdt.sphb = p->sphb;
1688 pci_for_each_device(sec_bus, pci_bus_num(sec_bus),
1689 spapr_populate_pci_devices_dt,
1693 static void spapr_phb_pci_enumerate_bridge(PCIBus *bus, PCIDevice *pdev,
1696 unsigned int *bus_no = opaque;
1697 unsigned int primary = *bus_no;
1698 unsigned int subordinate = 0xff;
1699 PCIBus *sec_bus = NULL;
1701 if ((pci_default_read_config(pdev, PCI_HEADER_TYPE, 1) !=
1702 PCI_HEADER_TYPE_BRIDGE)) {
1707 pci_default_write_config(pdev, PCI_PRIMARY_BUS, primary, 1);
1708 pci_default_write_config(pdev, PCI_SECONDARY_BUS, *bus_no, 1);
1709 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, *bus_no, 1);
1711 sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(pdev));
1716 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, subordinate, 1);
1717 pci_for_each_device(sec_bus, pci_bus_num(sec_bus),
1718 spapr_phb_pci_enumerate_bridge, bus_no);
1719 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, *bus_no, 1);
1722 static void spapr_phb_pci_enumerate(sPAPRPHBState *phb)
1724 PCIBus *bus = PCI_HOST_BRIDGE(phb)->bus;
1725 unsigned int bus_no = 0;
1727 pci_for_each_device(bus, pci_bus_num(bus),
1728 spapr_phb_pci_enumerate_bridge,
1733 int spapr_populate_pci_dt(sPAPRPHBState *phb,
1734 uint32_t xics_phandle,
1737 int bus_off, i, j, ret;
1738 char nodename[FDT_NAME_MAX];
1739 uint32_t bus_range[] = { cpu_to_be32(0), cpu_to_be32(0xff) };
1740 const uint64_t mmiosize = memory_region_size(&phb->memwindow);
1741 const uint64_t w32max = (1ULL << 32) - SPAPR_PCI_MEM_WIN_BUS_OFFSET;
1742 const uint64_t w32size = MIN(w32max, mmiosize);
1743 const uint64_t w64size = (mmiosize > w32size) ? (mmiosize - w32size) : 0;
1749 } QEMU_PACKED ranges[] = {
1751 cpu_to_be32(b_ss(1)), cpu_to_be64(0),
1752 cpu_to_be64(phb->io_win_addr),
1753 cpu_to_be64(memory_region_size(&phb->iospace)),
1756 cpu_to_be32(b_ss(2)), cpu_to_be64(SPAPR_PCI_MEM_WIN_BUS_OFFSET),
1757 cpu_to_be64(phb->mem_win_addr),
1758 cpu_to_be64(w32size),
1761 cpu_to_be32(b_ss(3)), cpu_to_be64(1ULL << 32),
1762 cpu_to_be64(phb->mem_win_addr + w32size),
1763 cpu_to_be64(w64size)
1766 const unsigned sizeof_ranges = (w64size ? 3 : 2) * sizeof(ranges[0]);
1767 uint64_t bus_reg[] = { cpu_to_be64(phb->buid), 0 };
1768 uint32_t interrupt_map_mask[] = {
1769 cpu_to_be32(b_ddddd(-1)|b_fff(0)), 0x0, 0x0, cpu_to_be32(-1)};
1770 uint32_t interrupt_map[PCI_SLOT_MAX * PCI_NUM_PINS][7];
1771 sPAPRTCETable *tcet;
1772 PCIBus *bus = PCI_HOST_BRIDGE(phb)->bus;
1775 /* Start populating the FDT */
1776 snprintf(nodename, FDT_NAME_MAX, "pci@%" PRIx64, phb->buid);
1777 bus_off = fdt_add_subnode(fdt, 0, nodename);
1782 /* Write PHB properties */
1783 _FDT(fdt_setprop_string(fdt, bus_off, "device_type", "pci"));
1784 _FDT(fdt_setprop_string(fdt, bus_off, "compatible", "IBM,Logical_PHB"));
1785 _FDT(fdt_setprop_cell(fdt, bus_off, "#address-cells", 0x3));
1786 _FDT(fdt_setprop_cell(fdt, bus_off, "#size-cells", 0x2));
1787 _FDT(fdt_setprop_cell(fdt, bus_off, "#interrupt-cells", 0x1));
1788 _FDT(fdt_setprop(fdt, bus_off, "used-by-rtas", NULL, 0));
1789 _FDT(fdt_setprop(fdt, bus_off, "bus-range", &bus_range, sizeof(bus_range)));
1790 _FDT(fdt_setprop(fdt, bus_off, "ranges", &ranges, sizeof_ranges));
1791 _FDT(fdt_setprop(fdt, bus_off, "reg", &bus_reg, sizeof(bus_reg)));
1792 _FDT(fdt_setprop_cell(fdt, bus_off, "ibm,pci-config-space-type", 0x1));
1793 _FDT(fdt_setprop_cell(fdt, bus_off, "ibm,pe-total-#msi", XICS_IRQS));
1795 /* Build the interrupt-map, this must matches what is done
1796 * in pci_spapr_map_irq
1798 _FDT(fdt_setprop(fdt, bus_off, "interrupt-map-mask",
1799 &interrupt_map_mask, sizeof(interrupt_map_mask)));
1800 for (i = 0; i < PCI_SLOT_MAX; i++) {
1801 for (j = 0; j < PCI_NUM_PINS; j++) {
1802 uint32_t *irqmap = interrupt_map[i*PCI_NUM_PINS + j];
1803 int lsi_num = pci_spapr_swizzle(i, j);
1805 irqmap[0] = cpu_to_be32(b_ddddd(i)|b_fff(0));
1808 irqmap[3] = cpu_to_be32(j+1);
1809 irqmap[4] = cpu_to_be32(xics_phandle);
1810 irqmap[5] = cpu_to_be32(phb->lsi_table[lsi_num].irq);
1811 irqmap[6] = cpu_to_be32(0x8);
1814 /* Write interrupt map */
1815 _FDT(fdt_setprop(fdt, bus_off, "interrupt-map", &interrupt_map,
1816 sizeof(interrupt_map)));
1818 tcet = spapr_tce_find_by_liobn(SPAPR_PCI_LIOBN(phb->index, 0));
1822 spapr_dma_dt(fdt, bus_off, "ibm,dma-window",
1823 tcet->liobn, tcet->bus_offset,
1824 tcet->nb_table << tcet->page_shift);
1826 /* Walk the bridges and program the bus numbers*/
1827 spapr_phb_pci_enumerate(phb);
1828 _FDT(fdt_setprop_cell(fdt, bus_off, "qemu,phb-enumerated", 0x1));
1830 /* Populate tree nodes with PCI devices attached */
1832 s_fdt.node_off = bus_off;
1834 pci_for_each_device(bus, pci_bus_num(bus),
1835 spapr_populate_pci_devices_dt,
1838 ret = spapr_drc_populate_dt(fdt, bus_off, OBJECT(phb),
1839 SPAPR_DR_CONNECTOR_TYPE_PCI);
1847 void spapr_pci_rtas_init(void)
1849 spapr_rtas_register(RTAS_READ_PCI_CONFIG, "read-pci-config",
1850 rtas_read_pci_config);
1851 spapr_rtas_register(RTAS_WRITE_PCI_CONFIG, "write-pci-config",
1852 rtas_write_pci_config);
1853 spapr_rtas_register(RTAS_IBM_READ_PCI_CONFIG, "ibm,read-pci-config",
1854 rtas_ibm_read_pci_config);
1855 spapr_rtas_register(RTAS_IBM_WRITE_PCI_CONFIG, "ibm,write-pci-config",
1856 rtas_ibm_write_pci_config);
1857 if (msi_nonbroken) {
1858 spapr_rtas_register(RTAS_IBM_QUERY_INTERRUPT_SOURCE_NUMBER,
1859 "ibm,query-interrupt-source-number",
1860 rtas_ibm_query_interrupt_source_number);
1861 spapr_rtas_register(RTAS_IBM_CHANGE_MSI, "ibm,change-msi",
1862 rtas_ibm_change_msi);
1865 spapr_rtas_register(RTAS_IBM_SET_EEH_OPTION,
1866 "ibm,set-eeh-option",
1867 rtas_ibm_set_eeh_option);
1868 spapr_rtas_register(RTAS_IBM_GET_CONFIG_ADDR_INFO2,
1869 "ibm,get-config-addr-info2",
1870 rtas_ibm_get_config_addr_info2);
1871 spapr_rtas_register(RTAS_IBM_READ_SLOT_RESET_STATE2,
1872 "ibm,read-slot-reset-state2",
1873 rtas_ibm_read_slot_reset_state2);
1874 spapr_rtas_register(RTAS_IBM_SET_SLOT_RESET,
1875 "ibm,set-slot-reset",
1876 rtas_ibm_set_slot_reset);
1877 spapr_rtas_register(RTAS_IBM_CONFIGURE_PE,
1879 rtas_ibm_configure_pe);
1880 spapr_rtas_register(RTAS_IBM_SLOT_ERROR_DETAIL,
1881 "ibm,slot-error-detail",
1882 rtas_ibm_slot_error_detail);
1885 static void spapr_pci_register_types(void)
1887 type_register_static(&spapr_phb_info);
1890 type_init(spapr_pci_register_types)
1892 static int spapr_switch_one_vga(DeviceState *dev, void *opaque)
1894 bool be = *(bool *)opaque;
1896 if (object_dynamic_cast(OBJECT(dev), "VGA")
1897 || object_dynamic_cast(OBJECT(dev), "secondary-vga")) {
1898 object_property_set_bool(OBJECT(dev), be, "big-endian-framebuffer",
1904 void spapr_pci_switch_vga(bool big_endian)
1906 sPAPRMachineState *spapr = SPAPR_MACHINE(qdev_get_machine());
1907 sPAPRPHBState *sphb;
1910 * For backward compatibility with existing guests, we switch
1911 * the endianness of the VGA controller when changing the guest
1914 QLIST_FOREACH(sphb, &spapr->phbs, list) {
1915 BusState *bus = &PCI_HOST_BRIDGE(sphb)->bus->qbus;
1916 qbus_walk_children(bus, spapr_switch_one_vga, NULL, NULL, NULL,
Code Review / kvmfornfv.git / blob