1 /*
2 * s390 PCI BUS
3 *
4 * Copyright 2014 IBM Corp.
5 * Author(s): Frank Blaschka <frank.blaschka@de.ibm.com>
6 * Hong Bo Li <lihbbj@cn.ibm.com>
7 * Yi Min Zhao <zyimin@cn.ibm.com>
8 *
9 * This work is licensed under the terms of the GNU GPL, version 2 or (at
10 * your option) any later version. See the COPYING file in the top-level
11 * directory.
12 */
13
14 #include "qemu/osdep.h"
15 #include "qapi/error.h"
16 #include "qapi/visitor.h"
17 #include "exec/target_page.h"
18 #include "hw/s390x/s390-pci-bus.h"
19 #include "hw/s390x/s390-pci-inst.h"
20 #include "hw/s390x/s390-pci-kvm.h"
21 #include "hw/s390x/s390-pci-vfio.h"
22 #include "hw/s390x/s390-virtio-ccw.h"
23 #include "hw/boards.h"
24 #include "hw/pci/pci_bus.h"
25 #include "hw/qdev-properties.h"
26 #include "hw/pci/pci_bridge.h"
27 #include "hw/pci/msi.h"
28 #include "qemu/error-report.h"
29 #include "qemu/module.h"
30 #include "system/reset.h"
31 #include "system/runstate.h"
32
33 #include "trace.h"
34
s390_get_phb(void)35 S390pciState *s390_get_phb(void)
36 {
37 static S390pciState *phb;
38
39 if (!phb) {
40 phb = S390_PCI_HOST_BRIDGE(
41 object_resolve_path(TYPE_S390_PCI_HOST_BRIDGE, NULL));
42 assert(phb != NULL);
43 }
44
45 return phb;
46 }
47
pci_chsc_sei_nt2_get_event(void * res)48 int pci_chsc_sei_nt2_get_event(void *res)
49 {
50 ChscSeiNt2Res *nt2_res = (ChscSeiNt2Res *)res;
51 PciCcdfAvail *accdf;
52 PciCcdfErr *eccdf;
53 int rc = 1;
54 SeiContainer *sei_cont;
55 S390pciState *s = s390_get_phb();
56
57 sei_cont = QTAILQ_FIRST(&s->pending_sei);
58 if (sei_cont) {
59 QTAILQ_REMOVE(&s->pending_sei, sei_cont, link);
60 nt2_res->nt = 2;
61 nt2_res->cc = sei_cont->cc;
62 nt2_res->length = cpu_to_be16(sizeof(ChscSeiNt2Res));
63 switch (sei_cont->cc) {
64 case 1: /* error event */
65 eccdf = (PciCcdfErr *)nt2_res->ccdf;
66 eccdf->fid = cpu_to_be32(sei_cont->fid);
67 eccdf->fh = cpu_to_be32(sei_cont->fh);
68 eccdf->e = cpu_to_be32(sei_cont->e);
69 eccdf->faddr = cpu_to_be64(sei_cont->faddr);
70 eccdf->pec = cpu_to_be16(sei_cont->pec);
71 break;
72 case 2: /* availability event */
73 accdf = (PciCcdfAvail *)nt2_res->ccdf;
74 accdf->fid = cpu_to_be32(sei_cont->fid);
75 accdf->fh = cpu_to_be32(sei_cont->fh);
76 accdf->pec = cpu_to_be16(sei_cont->pec);
77 break;
78 default:
79 abort();
80 }
81 g_free(sei_cont);
82 rc = 0;
83 }
84
85 return rc;
86 }
87
pci_chsc_sei_nt2_have_event(void)88 int pci_chsc_sei_nt2_have_event(void)
89 {
90 S390pciState *s = s390_get_phb();
91
92 return !QTAILQ_EMPTY(&s->pending_sei);
93 }
94
s390_pci_find_next_avail_dev(S390pciState * s,S390PCIBusDevice * pbdev)95 S390PCIBusDevice *s390_pci_find_next_avail_dev(S390pciState *s,
96 S390PCIBusDevice *pbdev)
97 {
98 S390PCIBusDevice *ret = pbdev ? QTAILQ_NEXT(pbdev, link) :
99 QTAILQ_FIRST(&s->zpci_devs);
100
101 while (ret && ret->state == ZPCI_FS_RESERVED) {
102 ret = QTAILQ_NEXT(ret, link);
103 }
104
105 return ret;
106 }
107
s390_pci_find_dev_by_fid(S390pciState * s,uint32_t fid)108 S390PCIBusDevice *s390_pci_find_dev_by_fid(S390pciState *s, uint32_t fid)
109 {
110 S390PCIBusDevice *pbdev;
111
112 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
113 if (pbdev->fid == fid) {
114 return pbdev;
115 }
116 }
117
118 return NULL;
119 }
120
s390_pci_sclp_configure(SCCB * sccb)121 void s390_pci_sclp_configure(SCCB *sccb)
122 {
123 IoaCfgSccb *psccb = (IoaCfgSccb *)sccb;
124 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(s390_get_phb(),
125 be32_to_cpu(psccb->aid));
126 uint16_t rc;
127
128 if (!pbdev) {
129 trace_s390_pci_sclp_nodev("configure", be32_to_cpu(psccb->aid));
130 rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
131 goto out;
132 }
133
134 switch (pbdev->state) {
135 case ZPCI_FS_RESERVED:
136 rc = SCLP_RC_ADAPTER_IN_RESERVED_STATE;
137 break;
138 case ZPCI_FS_STANDBY:
139 pbdev->state = ZPCI_FS_DISABLED;
140 rc = SCLP_RC_NORMAL_COMPLETION;
141 break;
142 default:
143 rc = SCLP_RC_NO_ACTION_REQUIRED;
144 }
145 out:
146 psccb->header.response_code = cpu_to_be16(rc);
147 }
148
s390_pci_shutdown_notifier(Notifier * n,void * opaque)149 static void s390_pci_shutdown_notifier(Notifier *n, void *opaque)
150 {
151 S390PCIBusDevice *pbdev = container_of(n, S390PCIBusDevice,
152 shutdown_notifier);
153
154 pci_device_reset(pbdev->pdev);
155 }
156
s390_pci_perform_unplug(S390PCIBusDevice * pbdev)157 static void s390_pci_perform_unplug(S390PCIBusDevice *pbdev)
158 {
159 HotplugHandler *hotplug_ctrl;
160
161 if (pbdev->pft == ZPCI_PFT_ISM) {
162 notifier_remove(&pbdev->shutdown_notifier);
163 }
164
165 /* Unplug the PCI device */
166 if (pbdev->pdev) {
167 DeviceState *pdev = DEVICE(pbdev->pdev);
168
169 hotplug_ctrl = qdev_get_hotplug_handler(pdev);
170 hotplug_handler_unplug(hotplug_ctrl, pdev, &error_abort);
171 object_unparent(OBJECT(pdev));
172 }
173
174 /* Unplug the zPCI device */
175 hotplug_ctrl = qdev_get_hotplug_handler(DEVICE(pbdev));
176 hotplug_handler_unplug(hotplug_ctrl, DEVICE(pbdev), &error_abort);
177 object_unparent(OBJECT(pbdev));
178 }
179
s390_pci_sclp_deconfigure(SCCB * sccb)180 void s390_pci_sclp_deconfigure(SCCB *sccb)
181 {
182 IoaCfgSccb *psccb = (IoaCfgSccb *)sccb;
183 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(s390_get_phb(),
184 be32_to_cpu(psccb->aid));
185 uint16_t rc;
186
187 if (!pbdev) {
188 trace_s390_pci_sclp_nodev("deconfigure", be32_to_cpu(psccb->aid));
189 rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
190 goto out;
191 }
192
193 switch (pbdev->state) {
194 case ZPCI_FS_RESERVED:
195 rc = SCLP_RC_ADAPTER_IN_RESERVED_STATE;
196 break;
197 case ZPCI_FS_STANDBY:
198 rc = SCLP_RC_NO_ACTION_REQUIRED;
199 break;
200 default:
201 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) {
202 /* Interpreted devices were using interrupt forwarding */
203 s390_pci_kvm_aif_disable(pbdev);
204 } else if (pbdev->summary_ind) {
205 pci_dereg_irqs(pbdev);
206 }
207 if (pbdev->iommu->enabled) {
208 pci_dereg_ioat(pbdev->iommu);
209 }
210 pbdev->state = ZPCI_FS_STANDBY;
211 rc = SCLP_RC_NORMAL_COMPLETION;
212
213 if (pbdev->unplug_requested) {
214 s390_pci_perform_unplug(pbdev);
215 }
216 }
217 out:
218 psccb->header.response_code = cpu_to_be16(rc);
219 }
220
s390_pci_find_dev_by_uid(S390pciState * s,uint16_t uid)221 static S390PCIBusDevice *s390_pci_find_dev_by_uid(S390pciState *s, uint16_t uid)
222 {
223 S390PCIBusDevice *pbdev;
224
225 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
226 if (pbdev->uid == uid) {
227 return pbdev;
228 }
229 }
230
231 return NULL;
232 }
233
s390_pci_find_dev_by_target(S390pciState * s,const char * target)234 S390PCIBusDevice *s390_pci_find_dev_by_target(S390pciState *s,
235 const char *target)
236 {
237 S390PCIBusDevice *pbdev;
238
239 if (!target) {
240 return NULL;
241 }
242
243 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
244 if (!strcmp(pbdev->target, target)) {
245 return pbdev;
246 }
247 }
248
249 return NULL;
250 }
251
s390_pci_find_dev_by_pci(S390pciState * s,PCIDevice * pci_dev)252 static S390PCIBusDevice *s390_pci_find_dev_by_pci(S390pciState *s,
253 PCIDevice *pci_dev)
254 {
255 S390PCIBusDevice *pbdev;
256
257 if (!pci_dev) {
258 return NULL;
259 }
260
261 QTAILQ_FOREACH(pbdev, &s->zpci_devs, link) {
262 if (pbdev->pdev == pci_dev) {
263 return pbdev;
264 }
265 }
266
267 return NULL;
268 }
269
s390_pci_find_dev_by_idx(S390pciState * s,uint32_t idx)270 S390PCIBusDevice *s390_pci_find_dev_by_idx(S390pciState *s, uint32_t idx)
271 {
272 return g_hash_table_lookup(s->zpci_table, &idx);
273 }
274
s390_pci_find_dev_by_fh(S390pciState * s,uint32_t fh)275 S390PCIBusDevice *s390_pci_find_dev_by_fh(S390pciState *s, uint32_t fh)
276 {
277 uint32_t idx = FH_MASK_INDEX & fh;
278 S390PCIBusDevice *pbdev = s390_pci_find_dev_by_idx(s, idx);
279
280 if (pbdev && pbdev->fh == fh) {
281 return pbdev;
282 }
283
284 return NULL;
285 }
286
s390_pci_generate_event(uint8_t cc,uint16_t pec,uint32_t fh,uint32_t fid,uint64_t faddr,uint32_t e)287 static void s390_pci_generate_event(uint8_t cc, uint16_t pec, uint32_t fh,
288 uint32_t fid, uint64_t faddr, uint32_t e)
289 {
290 SeiContainer *sei_cont;
291 S390pciState *s = s390_get_phb();
292
293 sei_cont = g_new0(SeiContainer, 1);
294 sei_cont->fh = fh;
295 sei_cont->fid = fid;
296 sei_cont->cc = cc;
297 sei_cont->pec = pec;
298 sei_cont->faddr = faddr;
299 sei_cont->e = e;
300
301 QTAILQ_INSERT_TAIL(&s->pending_sei, sei_cont, link);
302 css_generate_css_crws(0);
303 }
304
s390_pci_generate_plug_event(uint16_t pec,uint32_t fh,uint32_t fid)305 static void s390_pci_generate_plug_event(uint16_t pec, uint32_t fh,
306 uint32_t fid)
307 {
308 s390_pci_generate_event(2, pec, fh, fid, 0, 0);
309 }
310
s390_pci_generate_error_event(uint16_t pec,uint32_t fh,uint32_t fid,uint64_t faddr,uint32_t e)311 void s390_pci_generate_error_event(uint16_t pec, uint32_t fh, uint32_t fid,
312 uint64_t faddr, uint32_t e)
313 {
314 s390_pci_generate_event(1, pec, fh, fid, faddr, e);
315 }
316
s390_pci_set_irq(void * opaque,int irq,int level)317 static void s390_pci_set_irq(void *opaque, int irq, int level)
318 {
319 /* nothing to do */
320 }
321
s390_pci_map_irq(PCIDevice * pci_dev,int irq_num)322 static int s390_pci_map_irq(PCIDevice *pci_dev, int irq_num)
323 {
324 /* nothing to do */
325 return 0;
326 }
327
s390_pci_get_table_origin(uint64_t iota)328 static uint64_t s390_pci_get_table_origin(uint64_t iota)
329 {
330 return iota & ~ZPCI_IOTA_RTTO_FLAG;
331 }
332
calc_rtx(dma_addr_t ptr)333 static unsigned int calc_rtx(dma_addr_t ptr)
334 {
335 return ((unsigned long) ptr >> ZPCI_RT_SHIFT) & ZPCI_INDEX_MASK;
336 }
337
calc_sx(dma_addr_t ptr)338 static unsigned int calc_sx(dma_addr_t ptr)
339 {
340 return ((unsigned long) ptr >> ZPCI_ST_SHIFT) & ZPCI_INDEX_MASK;
341 }
342
calc_px(dma_addr_t ptr)343 static unsigned int calc_px(dma_addr_t ptr)
344 {
345 return ((unsigned long) ptr >> TARGET_PAGE_BITS) & ZPCI_PT_MASK;
346 }
347
get_rt_sto(uint64_t entry)348 static uint64_t get_rt_sto(uint64_t entry)
349 {
350 return ((entry & ZPCI_TABLE_TYPE_MASK) == ZPCI_TABLE_TYPE_RTX)
351 ? (entry & ZPCI_RTE_ADDR_MASK)
352 : 0;
353 }
354
get_st_pto(uint64_t entry)355 static uint64_t get_st_pto(uint64_t entry)
356 {
357 return ((entry & ZPCI_TABLE_TYPE_MASK) == ZPCI_TABLE_TYPE_SX)
358 ? (entry & ZPCI_STE_ADDR_MASK)
359 : 0;
360 }
361
rt_entry_isvalid(uint64_t entry)362 static bool rt_entry_isvalid(uint64_t entry)
363 {
364 return (entry & ZPCI_TABLE_VALID_MASK) == ZPCI_TABLE_VALID;
365 }
366
pt_entry_isvalid(uint64_t entry)367 static bool pt_entry_isvalid(uint64_t entry)
368 {
369 return (entry & ZPCI_PTE_VALID_MASK) == ZPCI_PTE_VALID;
370 }
371
entry_isprotected(uint64_t entry)372 static bool entry_isprotected(uint64_t entry)
373 {
374 return (entry & ZPCI_TABLE_PROT_MASK) == ZPCI_TABLE_PROTECTED;
375 }
376
377 /* ett is expected table type, -1 page table, 0 segment table, 1 region table */
get_table_index(uint64_t iova,int8_t ett)378 static uint64_t get_table_index(uint64_t iova, int8_t ett)
379 {
380 switch (ett) {
381 case ZPCI_ETT_PT:
382 return calc_px(iova);
383 case ZPCI_ETT_ST:
384 return calc_sx(iova);
385 case ZPCI_ETT_RT:
386 return calc_rtx(iova);
387 }
388
389 return -1;
390 }
391
entry_isvalid(uint64_t entry,int8_t ett)392 static bool entry_isvalid(uint64_t entry, int8_t ett)
393 {
394 switch (ett) {
395 case ZPCI_ETT_PT:
396 return pt_entry_isvalid(entry);
397 case ZPCI_ETT_ST:
398 case ZPCI_ETT_RT:
399 return rt_entry_isvalid(entry);
400 }
401
402 return false;
403 }
404
405 /* Return true if address translation is done */
translate_iscomplete(uint64_t entry,int8_t ett)406 static bool translate_iscomplete(uint64_t entry, int8_t ett)
407 {
408 switch (ett) {
409 case 0:
410 return (entry & ZPCI_TABLE_FC) ? true : false;
411 case 1:
412 return false;
413 }
414
415 return true;
416 }
417
get_frame_size(int8_t ett)418 static uint64_t get_frame_size(int8_t ett)
419 {
420 switch (ett) {
421 case ZPCI_ETT_PT:
422 return 1ULL << 12;
423 case ZPCI_ETT_ST:
424 return 1ULL << 20;
425 case ZPCI_ETT_RT:
426 return 1ULL << 31;
427 }
428
429 return 0;
430 }
431
get_next_table_origin(uint64_t entry,int8_t ett)432 static uint64_t get_next_table_origin(uint64_t entry, int8_t ett)
433 {
434 switch (ett) {
435 case ZPCI_ETT_PT:
436 return entry & ZPCI_PTE_ADDR_MASK;
437 case ZPCI_ETT_ST:
438 return get_st_pto(entry);
439 case ZPCI_ETT_RT:
440 return get_rt_sto(entry);
441 }
442
443 return 0;
444 }
445
446 /**
447 * table_translate: do translation within one table and return the following
448 * table origin
449 *
450 * @entry: the entry being translated, the result is stored in this.
451 * @to: the address of table origin.
452 * @ett: expected table type, 1 region table, 0 segment table and -1 page table.
453 * @error: error code
454 */
table_translate(S390IOTLBEntry * entry,uint64_t to,int8_t ett,uint16_t * error)455 static uint64_t table_translate(S390IOTLBEntry *entry, uint64_t to, int8_t ett,
456 uint16_t *error)
457 {
458 uint64_t tx, te, nto = 0;
459 uint16_t err = 0;
460
461 tx = get_table_index(entry->iova, ett);
462 te = address_space_ldq(&address_space_memory, to + tx * sizeof(uint64_t),
463 MEMTXATTRS_UNSPECIFIED, NULL);
464
465 if (!te) {
466 err = ERR_EVENT_INVALTE;
467 goto out;
468 }
469
470 if (!entry_isvalid(te, ett)) {
471 entry->perm &= IOMMU_NONE;
472 goto out;
473 }
474
475 if (ett == ZPCI_ETT_RT && ((te & ZPCI_TABLE_LEN_RTX) != ZPCI_TABLE_LEN_RTX
476 || te & ZPCI_TABLE_OFFSET_MASK)) {
477 err = ERR_EVENT_INVALTL;
478 goto out;
479 }
480
481 nto = get_next_table_origin(te, ett);
482 if (!nto) {
483 err = ERR_EVENT_TT;
484 goto out;
485 }
486
487 if (entry_isprotected(te)) {
488 entry->perm &= IOMMU_RO;
489 } else {
490 entry->perm &= IOMMU_RW;
491 }
492
493 if (translate_iscomplete(te, ett)) {
494 switch (ett) {
495 case ZPCI_ETT_PT:
496 entry->translated_addr = te & ZPCI_PTE_ADDR_MASK;
497 break;
498 case ZPCI_ETT_ST:
499 entry->translated_addr = (te & ZPCI_SFAA_MASK) |
500 (entry->iova & ~ZPCI_SFAA_MASK);
501 break;
502 }
503 nto = 0;
504 }
505 out:
506 if (err) {
507 entry->perm = IOMMU_NONE;
508 *error = err;
509 }
510 entry->len = get_frame_size(ett);
511 return nto;
512 }
513
s390_guest_io_table_walk(uint64_t g_iota,hwaddr addr,S390IOTLBEntry * entry)514 uint16_t s390_guest_io_table_walk(uint64_t g_iota, hwaddr addr,
515 S390IOTLBEntry *entry)
516 {
517 uint64_t to = s390_pci_get_table_origin(g_iota);
518 int8_t ett = 1;
519 uint16_t error = 0;
520
521 entry->iova = addr & TARGET_PAGE_MASK;
522 entry->translated_addr = 0;
523 entry->perm = IOMMU_RW;
524
525 if (entry_isprotected(g_iota)) {
526 entry->perm &= IOMMU_RO;
527 }
528
529 while (to) {
530 to = table_translate(entry, to, ett--, &error);
531 }
532
533 return error;
534 }
535
s390_translate_iommu(IOMMUMemoryRegion * mr,hwaddr addr,IOMMUAccessFlags flag,int iommu_idx)536 static IOMMUTLBEntry s390_translate_iommu(IOMMUMemoryRegion *mr, hwaddr addr,
537 IOMMUAccessFlags flag, int iommu_idx)
538 {
539 S390PCIIOMMU *iommu = container_of(mr, S390PCIIOMMU, iommu_mr);
540 S390IOTLBEntry *entry;
541 uint64_t iova = addr & TARGET_PAGE_MASK;
542 uint16_t error = 0;
543 IOMMUTLBEntry ret = {
544 .target_as = &address_space_memory,
545 .iova = 0,
546 .translated_addr = 0,
547 .addr_mask = ~(hwaddr)0,
548 .perm = IOMMU_NONE,
549 };
550
551 switch (iommu->pbdev->state) {
552 case ZPCI_FS_ENABLED:
553 case ZPCI_FS_BLOCKED:
554 if (!iommu->enabled) {
555 return ret;
556 }
557 break;
558 default:
559 return ret;
560 }
561
562 trace_s390_pci_iommu_xlate(addr);
563
564 if (addr < iommu->pba || addr > iommu->pal) {
565 error = ERR_EVENT_OORANGE;
566 goto err;
567 }
568
569 entry = g_hash_table_lookup(iommu->iotlb, &iova);
570 if (entry) {
571 ret.iova = entry->iova;
572 ret.translated_addr = entry->translated_addr;
573 ret.addr_mask = entry->len - 1;
574 ret.perm = entry->perm;
575 } else {
576 ret.iova = iova;
577 ret.addr_mask = ~TARGET_PAGE_MASK;
578 ret.perm = IOMMU_NONE;
579 }
580
581 if (flag != IOMMU_NONE && !(flag & ret.perm)) {
582 error = ERR_EVENT_TPROTE;
583 }
584 err:
585 if (error) {
586 iommu->pbdev->state = ZPCI_FS_ERROR;
587 s390_pci_generate_error_event(error, iommu->pbdev->fh,
588 iommu->pbdev->fid, addr, 0);
589 }
590 return ret;
591 }
592
s390_pci_iommu_replay(IOMMUMemoryRegion * iommu,IOMMUNotifier * notifier)593 static void s390_pci_iommu_replay(IOMMUMemoryRegion *iommu,
594 IOMMUNotifier *notifier)
595 {
596 /* It's impossible to plug a pci device on s390x that already has iommu
597 * mappings which need to be replayed, that is due to the "one iommu per
598 * zpci device" construct. But when we support migration of vfio-pci
599 * devices in future, we need to revisit this.
600 */
601 }
602
s390_pci_get_iommu(S390pciState * s,PCIBus * bus,int devfn)603 static S390PCIIOMMU *s390_pci_get_iommu(S390pciState *s, PCIBus *bus,
604 int devfn)
605 {
606 uint64_t key = (uintptr_t)bus;
607 S390PCIIOMMUTable *table = g_hash_table_lookup(s->iommu_table, &key);
608 S390PCIIOMMU *iommu;
609
610 if (!table) {
611 table = g_new0(S390PCIIOMMUTable, 1);
612 table->key = key;
613 g_hash_table_insert(s->iommu_table, &table->key, table);
614 }
615
616 iommu = table->iommu[PCI_SLOT(devfn)];
617 if (!iommu) {
618 iommu = S390_PCI_IOMMU(object_new(TYPE_S390_PCI_IOMMU));
619
620 char *mr_name = g_strdup_printf("iommu-root-%02x:%02x.%01x",
621 pci_bus_num(bus),
622 PCI_SLOT(devfn),
623 PCI_FUNC(devfn));
624 char *as_name = g_strdup_printf("iommu-pci-%02x:%02x.%01x",
625 pci_bus_num(bus),
626 PCI_SLOT(devfn),
627 PCI_FUNC(devfn));
628 memory_region_init(&iommu->mr, OBJECT(iommu), mr_name, UINT64_MAX);
629 address_space_init(&iommu->as, &iommu->mr, as_name);
630 iommu->iotlb = g_hash_table_new_full(g_int64_hash, g_int64_equal,
631 NULL, g_free);
632 table->iommu[PCI_SLOT(devfn)] = iommu;
633
634 g_free(mr_name);
635 g_free(as_name);
636 }
637
638 return iommu;
639 }
640
s390_pci_dma_iommu(PCIBus * bus,void * opaque,int devfn)641 static AddressSpace *s390_pci_dma_iommu(PCIBus *bus, void *opaque, int devfn)
642 {
643 S390pciState *s = opaque;
644 S390PCIIOMMU *iommu = s390_pci_get_iommu(s, bus, devfn);
645
646 return &iommu->as;
647 }
648
649 static const PCIIOMMUOps s390_iommu_ops = {
650 .get_address_space = s390_pci_dma_iommu,
651 };
652
set_ind_atomic(uint64_t ind_loc,uint8_t to_be_set)653 static uint8_t set_ind_atomic(uint64_t ind_loc, uint8_t to_be_set)
654 {
655 uint8_t expected, actual;
656 hwaddr len = 1;
657 /* avoid multiple fetches */
658 uint8_t volatile *ind_addr;
659
660 ind_addr = cpu_physical_memory_map(ind_loc, &len, true);
661 if (!ind_addr) {
662 s390_pci_generate_error_event(ERR_EVENT_AIRERR, 0, 0, 0, 0);
663 return -1;
664 }
665 actual = *ind_addr;
666 do {
667 expected = actual;
668 actual = qatomic_cmpxchg(ind_addr, expected, expected | to_be_set);
669 } while (actual != expected);
670 cpu_physical_memory_unmap((void *)ind_addr, len, 1, len);
671
672 return actual;
673 }
674
s390_msi_ctrl_write(void * opaque,hwaddr addr,uint64_t data,unsigned int size)675 static void s390_msi_ctrl_write(void *opaque, hwaddr addr, uint64_t data,
676 unsigned int size)
677 {
678 S390PCIBusDevice *pbdev = opaque;
679 uint32_t vec = data & ZPCI_MSI_VEC_MASK;
680 uint64_t ind_bit;
681 uint32_t sum_bit;
682
683 assert(pbdev);
684
685 trace_s390_pci_msi_ctrl_write(data, pbdev->idx, vec);
686
687 if (pbdev->state != ZPCI_FS_ENABLED) {
688 return;
689 }
690
691 ind_bit = pbdev->routes.adapter.ind_offset;
692 sum_bit = pbdev->routes.adapter.summary_offset;
693
694 set_ind_atomic(pbdev->routes.adapter.ind_addr + (ind_bit + vec) / 8,
695 0x80 >> ((ind_bit + vec) % 8));
696 if (!set_ind_atomic(pbdev->routes.adapter.summary_addr + sum_bit / 8,
697 0x80 >> (sum_bit % 8))) {
698 css_adapter_interrupt(CSS_IO_ADAPTER_PCI, pbdev->isc);
699 }
700 }
701
s390_msi_ctrl_read(void * opaque,hwaddr addr,unsigned size)702 static uint64_t s390_msi_ctrl_read(void *opaque, hwaddr addr, unsigned size)
703 {
704 return 0xffffffff;
705 }
706
707 static const MemoryRegionOps s390_msi_ctrl_ops = {
708 .write = s390_msi_ctrl_write,
709 .read = s390_msi_ctrl_read,
710 .endianness = DEVICE_LITTLE_ENDIAN,
711 };
712
s390_pci_iommu_enable(S390PCIIOMMU * iommu)713 void s390_pci_iommu_enable(S390PCIIOMMU *iommu)
714 {
715 /*
716 * The iommu region is initialized against a 0-mapped address space,
717 * so the smallest IOMMU region we can define runs from 0 to the end
718 * of the PCI address space.
719 */
720 char *name = g_strdup_printf("iommu-s390-%04x", iommu->pbdev->uid);
721 memory_region_init_iommu(&iommu->iommu_mr, sizeof(iommu->iommu_mr),
722 TYPE_S390_IOMMU_MEMORY_REGION, OBJECT(&iommu->mr),
723 name, iommu->pal + 1);
724 iommu->enabled = true;
725 memory_region_add_subregion(&iommu->mr, 0, MEMORY_REGION(&iommu->iommu_mr));
726 g_free(name);
727 }
728
s390_pci_iommu_direct_map_enable(S390PCIIOMMU * iommu)729 void s390_pci_iommu_direct_map_enable(S390PCIIOMMU *iommu)
730 {
731 MachineState *ms = MACHINE(qdev_get_machine());
732 S390CcwMachineState *s390ms = S390_CCW_MACHINE(ms);
733
734 /*
735 * For direct-mapping we must map the entire guest address space. Rather
736 * than using an iommu, create a memory region alias that maps GPA X to
737 * IOVA X + SDMA. VFIO will handle pinning via its memory listener.
738 */
739 g_autofree char *name = g_strdup_printf("iommu-dm-s390-%04x",
740 iommu->pbdev->uid);
741
742 iommu->dm_mr = g_malloc0(sizeof(*iommu->dm_mr));
743 memory_region_init_alias(iommu->dm_mr, OBJECT(&iommu->mr), name,
744 get_system_memory(), 0,
745 s390_get_memory_limit(s390ms));
746 iommu->enabled = true;
747 memory_region_add_subregion(&iommu->mr, iommu->pbdev->zpci_fn.sdma,
748 iommu->dm_mr);
749 }
750
s390_pci_iommu_disable(S390PCIIOMMU * iommu)751 void s390_pci_iommu_disable(S390PCIIOMMU *iommu)
752 {
753 iommu->enabled = false;
754 g_hash_table_remove_all(iommu->iotlb);
755 if (iommu->dm_mr) {
756 memory_region_del_subregion(&iommu->mr, iommu->dm_mr);
757 object_unparent(OBJECT(iommu->dm_mr));
758 g_free(iommu->dm_mr);
759 iommu->dm_mr = NULL;
760 } else {
761 memory_region_del_subregion(&iommu->mr,
762 MEMORY_REGION(&iommu->iommu_mr));
763 object_unparent(OBJECT(&iommu->iommu_mr));
764 }
765 }
766
s390_pci_iommu_free(S390pciState * s,PCIBus * bus,int32_t devfn)767 static void s390_pci_iommu_free(S390pciState *s, PCIBus *bus, int32_t devfn)
768 {
769 uint64_t key = (uintptr_t)bus;
770 S390PCIIOMMUTable *table = g_hash_table_lookup(s->iommu_table, &key);
771 S390PCIIOMMU *iommu = table ? table->iommu[PCI_SLOT(devfn)] : NULL;
772
773 if (!table || !iommu) {
774 return;
775 }
776
777 table->iommu[PCI_SLOT(devfn)] = NULL;
778 g_hash_table_destroy(iommu->iotlb);
779 /*
780 * An attached PCI device may have memory listeners, eg. VFIO PCI.
781 * The associated subregion will already have been unmapped in
782 * s390_pci_iommu_disable in response to the guest deconfigure request.
783 * Remove the listeners now before destroying the address space.
784 */
785 address_space_remove_listeners(&iommu->as);
786 address_space_destroy(&iommu->as);
787 object_unparent(OBJECT(&iommu->mr));
788 object_unparent(OBJECT(iommu));
789 object_unref(OBJECT(iommu));
790 }
791
s390_group_create(int id,int host_id)792 S390PCIGroup *s390_group_create(int id, int host_id)
793 {
794 S390PCIGroup *group;
795 S390pciState *s = s390_get_phb();
796
797 group = g_new0(S390PCIGroup, 1);
798 group->id = id;
799 group->host_id = host_id;
800 QTAILQ_INSERT_TAIL(&s->zpci_groups, group, link);
801 return group;
802 }
803
s390_group_find(int id)804 S390PCIGroup *s390_group_find(int id)
805 {
806 S390PCIGroup *group;
807 S390pciState *s = s390_get_phb();
808
809 QTAILQ_FOREACH(group, &s->zpci_groups, link) {
810 if (group->id == id) {
811 return group;
812 }
813 }
814 return NULL;
815 }
816
s390_group_find_host_sim(int host_id)817 S390PCIGroup *s390_group_find_host_sim(int host_id)
818 {
819 S390PCIGroup *group;
820 S390pciState *s = s390_get_phb();
821
822 QTAILQ_FOREACH(group, &s->zpci_groups, link) {
823 if (group->id >= ZPCI_SIM_GRP_START && group->host_id == host_id) {
824 return group;
825 }
826 }
827 return NULL;
828 }
829
s390_pci_init_default_group(void)830 static void s390_pci_init_default_group(void)
831 {
832 S390PCIGroup *group;
833 ClpRspQueryPciGrp *resgrp;
834
835 group = s390_group_create(ZPCI_DEFAULT_FN_GRP, ZPCI_DEFAULT_FN_GRP);
836 resgrp = &group->zpci_group;
837 resgrp->fr = 1;
838 resgrp->dasm = 0;
839 resgrp->msia = ZPCI_MSI_ADDR;
840 resgrp->mui = DEFAULT_MUI;
841 resgrp->i = 128;
842 resgrp->maxstbl = 128;
843 resgrp->version = 0;
844 resgrp->dtsm = ZPCI_DTSM;
845 }
846
set_pbdev_info(S390PCIBusDevice * pbdev)847 static void set_pbdev_info(S390PCIBusDevice *pbdev)
848 {
849 pbdev->zpci_fn.sdma = ZPCI_SDMA_ADDR;
850 pbdev->zpci_fn.edma = ZPCI_EDMA_ADDR;
851 pbdev->zpci_fn.pchid = 0;
852 pbdev->zpci_fn.pfgid = ZPCI_DEFAULT_FN_GRP;
853 pbdev->zpci_fn.fid = pbdev->fid;
854 pbdev->zpci_fn.uid = pbdev->uid;
855 pbdev->pci_group = s390_group_find(ZPCI_DEFAULT_FN_GRP);
856 }
857
s390_pcihost_realize(DeviceState * dev,Error ** errp)858 static void s390_pcihost_realize(DeviceState *dev, Error **errp)
859 {
860 PCIBus *b;
861 BusState *bus;
862 PCIHostState *phb = PCI_HOST_BRIDGE(dev);
863 S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
864
865 trace_s390_pcihost("realize");
866
867 b = pci_register_root_bus(dev, NULL, s390_pci_set_irq, s390_pci_map_irq,
868 NULL, get_system_memory(), get_system_io(), 0,
869 64, TYPE_PCI_BUS);
870 pci_setup_iommu(b, &s390_iommu_ops, s);
871
872 bus = BUS(b);
873 qbus_set_hotplug_handler(bus, OBJECT(dev));
874 phb->bus = b;
875
876 s->bus = S390_PCI_BUS(qbus_new(TYPE_S390_PCI_BUS, dev, NULL));
877 qbus_set_hotplug_handler(BUS(s->bus), OBJECT(dev));
878
879 s->iommu_table = g_hash_table_new_full(g_int64_hash, g_int64_equal,
880 NULL, g_free);
881 s->zpci_table = g_hash_table_new_full(g_int_hash, g_int_equal, NULL, NULL);
882 s->bus_no = 0;
883 s->next_sim_grp = ZPCI_SIM_GRP_START;
884 QTAILQ_INIT(&s->pending_sei);
885 QTAILQ_INIT(&s->zpci_devs);
886 QTAILQ_INIT(&s->zpci_dma_limit);
887 QTAILQ_INIT(&s->zpci_groups);
888
889 s390_pci_init_default_group();
890 css_register_io_adapters(CSS_IO_ADAPTER_PCI, true, false,
891 S390_ADAPTER_SUPPRESSIBLE, errp);
892 }
893
s390_pcihost_unrealize(DeviceState * dev)894 static void s390_pcihost_unrealize(DeviceState *dev)
895 {
896 S390PCIGroup *group;
897 S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
898
899 while (!QTAILQ_EMPTY(&s->zpci_groups)) {
900 group = QTAILQ_FIRST(&s->zpci_groups);
901 QTAILQ_REMOVE(&s->zpci_groups, group, link);
902 }
903 }
904
s390_pci_msix_init(S390PCIBusDevice * pbdev)905 static int s390_pci_msix_init(S390PCIBusDevice *pbdev)
906 {
907 char *name;
908 uint8_t pos;
909 uint16_t ctrl;
910 uint32_t table, pba;
911
912 pos = pci_find_capability(pbdev->pdev, PCI_CAP_ID_MSIX);
913 if (!pos) {
914 return -1;
915 }
916
917 ctrl = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_FLAGS,
918 pci_config_size(pbdev->pdev), sizeof(ctrl));
919 table = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_TABLE,
920 pci_config_size(pbdev->pdev), sizeof(table));
921 pba = pci_host_config_read_common(pbdev->pdev, pos + PCI_MSIX_PBA,
922 pci_config_size(pbdev->pdev), sizeof(pba));
923
924 pbdev->msix.table_bar = table & PCI_MSIX_FLAGS_BIRMASK;
925 pbdev->msix.table_offset = table & ~PCI_MSIX_FLAGS_BIRMASK;
926 pbdev->msix.pba_bar = pba & PCI_MSIX_FLAGS_BIRMASK;
927 pbdev->msix.pba_offset = pba & ~PCI_MSIX_FLAGS_BIRMASK;
928 pbdev->msix.entries = (ctrl & PCI_MSIX_FLAGS_QSIZE) + 1;
929
930 name = g_strdup_printf("msix-s390-%04x", pbdev->uid);
931 memory_region_init_io(&pbdev->msix_notify_mr, OBJECT(pbdev),
932 &s390_msi_ctrl_ops, pbdev, name, TARGET_PAGE_SIZE);
933 memory_region_add_subregion(&pbdev->iommu->mr,
934 pbdev->pci_group->zpci_group.msia,
935 &pbdev->msix_notify_mr);
936 g_free(name);
937
938 return 0;
939 }
940
s390_pci_msix_free(S390PCIBusDevice * pbdev)941 static void s390_pci_msix_free(S390PCIBusDevice *pbdev)
942 {
943 if (pbdev->msix.entries == 0) {
944 return;
945 }
946
947 memory_region_del_subregion(&pbdev->iommu->mr, &pbdev->msix_notify_mr);
948 object_unparent(OBJECT(&pbdev->msix_notify_mr));
949 }
950
s390_pci_device_new(S390pciState * s,const char * target,Error ** errp)951 static S390PCIBusDevice *s390_pci_device_new(S390pciState *s,
952 const char *target, Error **errp)
953 {
954 Error *local_err = NULL;
955 DeviceState *dev;
956
957 dev = qdev_try_new(TYPE_S390_PCI_DEVICE);
958 if (!dev) {
959 error_setg(errp, "zPCI device could not be created");
960 return NULL;
961 }
962
963 if (!object_property_set_str(OBJECT(dev), "target", target, &local_err)) {
964 object_unparent(OBJECT(dev));
965 error_propagate_prepend(errp, local_err,
966 "zPCI device could not be created: ");
967 return NULL;
968 }
969 if (!qdev_realize_and_unref(dev, BUS(s->bus), &local_err)) {
970 object_unparent(OBJECT(dev));
971 error_propagate_prepend(errp, local_err,
972 "zPCI device could not be created: ");
973 return NULL;
974 }
975
976 return S390_PCI_DEVICE(dev);
977 }
978
s390_pci_alloc_idx(S390pciState * s,S390PCIBusDevice * pbdev)979 static bool s390_pci_alloc_idx(S390pciState *s, S390PCIBusDevice *pbdev)
980 {
981 uint32_t idx;
982
983 idx = s->next_idx;
984 while (s390_pci_find_dev_by_idx(s, idx)) {
985 idx = (idx + 1) & FH_MASK_INDEX;
986 if (idx == s->next_idx) {
987 return false;
988 }
989 }
990
991 pbdev->idx = idx;
992 return true;
993 }
994
s390_pcihost_pre_plug(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)995 static void s390_pcihost_pre_plug(HotplugHandler *hotplug_dev, DeviceState *dev,
996 Error **errp)
997 {
998 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
999
1000 if (!s390_has_feat(S390_FEAT_ZPCI)) {
1001 warn_report("Plugging a PCI/zPCI device without the 'zpci' CPU "
1002 "feature enabled; the guest will not be able to see/use "
1003 "this device");
1004 }
1005
1006 if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1007 S390PCIBusDevice *pbdev = S390_PCI_DEVICE(dev);
1008
1009 if (!s390_pci_alloc_idx(s, pbdev)) {
1010 error_setg(errp, "no slot for plugging zpci device");
1011 return;
1012 }
1013 }
1014 }
1015
s390_pci_update_subordinate(PCIDevice * dev,uint32_t nr)1016 static void s390_pci_update_subordinate(PCIDevice *dev, uint32_t nr)
1017 {
1018 uint32_t old_nr;
1019
1020 pci_default_write_config(dev, PCI_SUBORDINATE_BUS, nr, 1);
1021 while (!pci_bus_is_root(pci_get_bus(dev))) {
1022 dev = pci_get_bus(dev)->parent_dev;
1023
1024 old_nr = pci_default_read_config(dev, PCI_SUBORDINATE_BUS, 1);
1025 if (old_nr < nr) {
1026 pci_default_write_config(dev, PCI_SUBORDINATE_BUS, nr, 1);
1027 }
1028 }
1029 }
1030
s390_pci_interp_plug(S390pciState * s,S390PCIBusDevice * pbdev)1031 static int s390_pci_interp_plug(S390pciState *s, S390PCIBusDevice *pbdev)
1032 {
1033 uint32_t idx, fh;
1034
1035 if (!s390_pci_get_host_fh(pbdev, &fh)) {
1036 return -EPERM;
1037 }
1038
1039 /*
1040 * The host device is already in an enabled state, but we always present
1041 * the initial device state to the guest as disabled (ZPCI_FS_DISABLED).
1042 * Therefore, mask off the enable bit from the passthrough handle until
1043 * the guest issues a CLP SET PCI FN later to enable the device.
1044 */
1045 pbdev->fh = fh & ~FH_MASK_ENABLE;
1046
1047 /* Next, see if the idx is already in-use */
1048 idx = pbdev->fh & FH_MASK_INDEX;
1049 if (pbdev->idx != idx) {
1050 if (s390_pci_find_dev_by_idx(s, idx)) {
1051 return -EINVAL;
1052 }
1053 /*
1054 * Update the idx entry with the passed through idx
1055 * If the relinquished idx is lower than next_idx, use it
1056 * to replace next_idx
1057 */
1058 g_hash_table_remove(s->zpci_table, &pbdev->idx);
1059 if (idx < s->next_idx) {
1060 s->next_idx = idx;
1061 }
1062 pbdev->idx = idx;
1063 g_hash_table_insert(s->zpci_table, &pbdev->idx, pbdev);
1064 }
1065
1066 return 0;
1067 }
1068
s390_pcihost_plug(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)1069 static void s390_pcihost_plug(HotplugHandler *hotplug_dev, DeviceState *dev,
1070 Error **errp)
1071 {
1072 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
1073 PCIDevice *pdev = NULL;
1074 S390PCIBusDevice *pbdev = NULL;
1075 int rc;
1076
1077 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_BRIDGE)) {
1078 PCIBridge *pb = PCI_BRIDGE(dev);
1079
1080 pdev = PCI_DEVICE(dev);
1081 pci_bridge_map_irq(pb, dev->id, s390_pci_map_irq);
1082 pci_setup_iommu(&pb->sec_bus, &s390_iommu_ops, s);
1083
1084 qbus_set_hotplug_handler(BUS(&pb->sec_bus), OBJECT(s));
1085
1086 if (dev->hotplugged) {
1087 pci_default_write_config(pdev, PCI_PRIMARY_BUS,
1088 pci_dev_bus_num(pdev), 1);
1089 s->bus_no += 1;
1090 pci_default_write_config(pdev, PCI_SECONDARY_BUS, s->bus_no, 1);
1091
1092 s390_pci_update_subordinate(pdev, s->bus_no);
1093 }
1094 } else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
1095 pdev = PCI_DEVICE(dev);
1096
1097 /*
1098 * Multifunction is not supported due to the lack of CLP. However,
1099 * do not check for multifunction capability for SR-IOV devices because
1100 * SR-IOV devices automatically add the multifunction capability whether
1101 * the user intends to use the functions other than the PF.
1102 */
1103 if (pdev->cap_present & QEMU_PCI_CAP_MULTIFUNCTION &&
1104 !pdev->exp.sriov_cap) {
1105 error_setg(errp, "multifunction not supported in s390");
1106 return;
1107 }
1108
1109 if (!dev->id) {
1110 /* In the case the PCI device does not define an id */
1111 /* we generate one based on the PCI address */
1112 dev->id = g_strdup_printf("auto_%02x:%02x.%01x",
1113 pci_dev_bus_num(pdev),
1114 PCI_SLOT(pdev->devfn),
1115 PCI_FUNC(pdev->devfn));
1116 }
1117
1118 pbdev = s390_pci_find_dev_by_target(s, dev->id);
1119 if (!pbdev) {
1120 /*
1121 * VFs are automatically created by PF, and creating zpci for them
1122 * will result in unexpected usage of fids. Currently QEMU does not
1123 * support multifunction for s390x so we don't need zpci for VFs
1124 * anyway.
1125 */
1126 if (pci_is_vf(pdev)) {
1127 return;
1128 }
1129
1130 pbdev = s390_pci_device_new(s, dev->id, errp);
1131 if (!pbdev) {
1132 return;
1133 }
1134 }
1135
1136 pbdev->pdev = pdev;
1137 pbdev->iommu = s390_pci_get_iommu(s, pci_get_bus(pdev), pdev->devfn);
1138 pbdev->iommu->pbdev = pbdev;
1139 pbdev->state = ZPCI_FS_DISABLED;
1140 set_pbdev_info(pbdev);
1141
1142 if (object_dynamic_cast(OBJECT(dev), "vfio-pci")) {
1143 /*
1144 * By default, interpretation is always requested; if the available
1145 * facilities indicate it is not available, fallback to the
1146 * interception model.
1147 */
1148 if (pbdev->interp) {
1149 if (s390_pci_kvm_interp_allowed()) {
1150 rc = s390_pci_interp_plug(s, pbdev);
1151 if (rc) {
1152 error_setg(errp, "Plug failed for zPCI device in "
1153 "interpretation mode: %d", rc);
1154 return;
1155 }
1156 } else {
1157 trace_s390_pcihost("zPCI interpretation missing");
1158 pbdev->interp = false;
1159 pbdev->forwarding_assist = false;
1160 }
1161 }
1162 pbdev->iommu->dma_limit = s390_pci_start_dma_count(s, pbdev);
1163 /* Fill in CLP information passed via the vfio region */
1164 s390_pci_get_clp_info(pbdev);
1165 if (!pbdev->interp) {
1166 /* Do vfio passthrough but intercept for I/O */
1167 pbdev->fh |= FH_SHM_VFIO;
1168 pbdev->forwarding_assist = false;
1169 }
1170 /* Register shutdown notifier and reset callback for ISM devices */
1171 if (pbdev->pft == ZPCI_PFT_ISM) {
1172 pbdev->shutdown_notifier.notify = s390_pci_shutdown_notifier;
1173 qemu_register_shutdown_notifier(&pbdev->shutdown_notifier);
1174 }
1175 } else {
1176 pbdev->fh |= FH_SHM_EMUL;
1177 /* Always intercept emulated devices */
1178 pbdev->interp = false;
1179 pbdev->forwarding_assist = false;
1180 pbdev->rtr_avail = false;
1181 }
1182
1183 if (s390_pci_msix_init(pbdev) && !pbdev->interp) {
1184 error_setg(errp, "MSI-X support is mandatory "
1185 "in the S390 architecture");
1186 return;
1187 }
1188
1189 if (dev->hotplugged) {
1190 s390_pci_generate_plug_event(HP_EVENT_TO_CONFIGURED ,
1191 pbdev->fh, pbdev->fid);
1192 }
1193 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1194 pbdev = S390_PCI_DEVICE(dev);
1195
1196 /* the allocated idx is actually getting used */
1197 s->next_idx = (pbdev->idx + 1) & FH_MASK_INDEX;
1198 pbdev->fh = pbdev->idx;
1199 QTAILQ_INSERT_TAIL(&s->zpci_devs, pbdev, link);
1200 g_hash_table_insert(s->zpci_table, &pbdev->idx, pbdev);
1201 } else {
1202 g_assert_not_reached();
1203 }
1204 }
1205
s390_pcihost_unplug(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)1206 static void s390_pcihost_unplug(HotplugHandler *hotplug_dev, DeviceState *dev,
1207 Error **errp)
1208 {
1209 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
1210 S390PCIBusDevice *pbdev = NULL;
1211
1212 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
1213 PCIDevice *pci_dev = PCI_DEVICE(dev);
1214 PCIBus *bus;
1215 int32_t devfn;
1216
1217 pbdev = s390_pci_find_dev_by_pci(s, PCI_DEVICE(dev));
1218 if (!pbdev) {
1219 g_assert(pci_is_vf(pci_dev));
1220 return;
1221 }
1222
1223 s390_pci_generate_plug_event(HP_EVENT_STANDBY_TO_RESERVED,
1224 pbdev->fh, pbdev->fid);
1225 bus = pci_get_bus(pci_dev);
1226 devfn = pci_dev->devfn;
1227 qdev_unrealize(dev);
1228
1229 s390_pci_msix_free(pbdev);
1230 s390_pci_iommu_free(s, bus, devfn);
1231 pbdev->pdev = NULL;
1232 pbdev->state = ZPCI_FS_RESERVED;
1233 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1234 pbdev = S390_PCI_DEVICE(dev);
1235 pbdev->fid = 0;
1236 QTAILQ_REMOVE(&s->zpci_devs, pbdev, link);
1237 g_hash_table_remove(s->zpci_table, &pbdev->idx);
1238 if (pbdev->iommu->dma_limit) {
1239 s390_pci_end_dma_count(s, pbdev->iommu->dma_limit);
1240 }
1241 qdev_unrealize(dev);
1242 }
1243 }
1244
s390_pcihost_unplug_request(HotplugHandler * hotplug_dev,DeviceState * dev,Error ** errp)1245 static void s390_pcihost_unplug_request(HotplugHandler *hotplug_dev,
1246 DeviceState *dev,
1247 Error **errp)
1248 {
1249 S390pciState *s = S390_PCI_HOST_BRIDGE(hotplug_dev);
1250 S390PCIBusDevice *pbdev;
1251
1252 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_BRIDGE)) {
1253 error_setg(errp, "PCI bridge hot unplug currently not supported");
1254 } else if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
1255 /*
1256 * Redirect the unplug request to the zPCI device and remember that
1257 * we've checked the PCI device already (to prevent endless recursion).
1258 */
1259 pbdev = s390_pci_find_dev_by_pci(s, PCI_DEVICE(dev));
1260 if (!pbdev) {
1261 g_assert(pci_is_vf(PCI_DEVICE(dev)));
1262 return;
1263 }
1264
1265 pbdev->pci_unplug_request_processed = true;
1266 qdev_unplug(DEVICE(pbdev), errp);
1267 } else if (object_dynamic_cast(OBJECT(dev), TYPE_S390_PCI_DEVICE)) {
1268 pbdev = S390_PCI_DEVICE(dev);
1269
1270 /*
1271 * If unplug was initially requested for the zPCI device, we
1272 * first have to redirect to the PCI device, which will in return
1273 * redirect back to us after performing its checks (if the request
1274 * is not blocked, e.g. because it's a PCI bridge).
1275 */
1276 if (pbdev->pdev && !pbdev->pci_unplug_request_processed) {
1277 qdev_unplug(DEVICE(pbdev->pdev), errp);
1278 return;
1279 }
1280 pbdev->pci_unplug_request_processed = false;
1281
1282 switch (pbdev->state) {
1283 case ZPCI_FS_STANDBY:
1284 case ZPCI_FS_RESERVED:
1285 s390_pci_perform_unplug(pbdev);
1286 break;
1287 default:
1288 /*
1289 * Allow to send multiple requests, e.g. if the guest crashed
1290 * before releasing the device, we would not be able to send
1291 * another request to the same VM (e.g. fresh OS).
1292 */
1293 pbdev->unplug_requested = true;
1294 s390_pci_generate_plug_event(HP_EVENT_DECONFIGURE_REQUEST,
1295 pbdev->fh, pbdev->fid);
1296 }
1297 } else {
1298 g_assert_not_reached();
1299 }
1300 }
1301
s390_pci_enumerate_bridge(PCIBus * bus,PCIDevice * pdev,void * opaque)1302 static void s390_pci_enumerate_bridge(PCIBus *bus, PCIDevice *pdev,
1303 void *opaque)
1304 {
1305 S390pciState *s = opaque;
1306 PCIBus *sec_bus = NULL;
1307
1308 if ((pci_default_read_config(pdev, PCI_HEADER_TYPE, 1) !=
1309 PCI_HEADER_TYPE_BRIDGE)) {
1310 return;
1311 }
1312
1313 (s->bus_no)++;
1314 pci_default_write_config(pdev, PCI_PRIMARY_BUS, pci_dev_bus_num(pdev), 1);
1315 pci_default_write_config(pdev, PCI_SECONDARY_BUS, s->bus_no, 1);
1316 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, s->bus_no, 1);
1317
1318 sec_bus = pci_bridge_get_sec_bus(PCI_BRIDGE(pdev));
1319 if (!sec_bus) {
1320 return;
1321 }
1322
1323 /* Assign numbers to all child bridges. The last is the highest number. */
1324 pci_for_each_device_under_bus(sec_bus, s390_pci_enumerate_bridge, s);
1325 pci_default_write_config(pdev, PCI_SUBORDINATE_BUS, s->bus_no, 1);
1326 }
1327
s390_pci_ism_reset(void)1328 void s390_pci_ism_reset(void)
1329 {
1330 S390pciState *s = s390_get_phb();
1331
1332 S390PCIBusDevice *pbdev, *next;
1333
1334 /* Trigger reset event for each passthrough ISM device currently in-use */
1335 QTAILQ_FOREACH_SAFE(pbdev, &s->zpci_devs, link, next) {
1336 if (pbdev->interp && pbdev->pft == ZPCI_PFT_ISM &&
1337 pbdev->fh & FH_MASK_ENABLE) {
1338 s390_pci_kvm_aif_disable(pbdev);
1339
1340 pci_device_reset(pbdev->pdev);
1341 }
1342 }
1343 }
1344
s390_pcihost_reset(DeviceState * dev)1345 static void s390_pcihost_reset(DeviceState *dev)
1346 {
1347 S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
1348 PCIBus *bus = s->parent_obj.bus;
1349 S390PCIBusDevice *pbdev, *next;
1350
1351 /* Process all pending unplug requests */
1352 QTAILQ_FOREACH_SAFE(pbdev, &s->zpci_devs, link, next) {
1353 if (pbdev->unplug_requested) {
1354 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) {
1355 /* Interpreted devices were using interrupt forwarding */
1356 s390_pci_kvm_aif_disable(pbdev);
1357 } else if (pbdev->summary_ind) {
1358 pci_dereg_irqs(pbdev);
1359 }
1360 if (pbdev->iommu->enabled) {
1361 pci_dereg_ioat(pbdev->iommu);
1362 }
1363 pbdev->state = ZPCI_FS_STANDBY;
1364 s390_pci_perform_unplug(pbdev);
1365 }
1366 }
1367
1368 /*
1369 * When resetting a PCI bridge, the assigned numbers are set to 0. So
1370 * on every system reset, we also have to reassign numbers.
1371 */
1372 s->bus_no = 0;
1373 pci_for_each_device_under_bus(bus, s390_pci_enumerate_bridge, s);
1374 }
1375
s390_pcihost_class_init(ObjectClass * klass,const void * data)1376 static void s390_pcihost_class_init(ObjectClass *klass, const void *data)
1377 {
1378 DeviceClass *dc = DEVICE_CLASS(klass);
1379 HotplugHandlerClass *hc = HOTPLUG_HANDLER_CLASS(klass);
1380
1381 device_class_set_legacy_reset(dc, s390_pcihost_reset);
1382 dc->realize = s390_pcihost_realize;
1383 dc->unrealize = s390_pcihost_unrealize;
1384 hc->pre_plug = s390_pcihost_pre_plug;
1385 hc->plug = s390_pcihost_plug;
1386 hc->unplug_request = s390_pcihost_unplug_request;
1387 hc->unplug = s390_pcihost_unplug;
1388 msi_nonbroken = true;
1389 }
1390
1391 static const TypeInfo s390_pcihost_info = {
1392 .name = TYPE_S390_PCI_HOST_BRIDGE,
1393 .parent = TYPE_PCI_HOST_BRIDGE,
1394 .instance_size = sizeof(S390pciState),
1395 .class_init = s390_pcihost_class_init,
1396 .interfaces = (const InterfaceInfo[]) {
1397 { TYPE_HOTPLUG_HANDLER },
1398 { }
1399 }
1400 };
1401
1402 static const TypeInfo s390_pcibus_info = {
1403 .name = TYPE_S390_PCI_BUS,
1404 .parent = TYPE_BUS,
1405 .instance_size = sizeof(S390PCIBus),
1406 };
1407
s390_pci_generate_uid(S390pciState * s)1408 static uint16_t s390_pci_generate_uid(S390pciState *s)
1409 {
1410 uint16_t uid = 0;
1411
1412 do {
1413 uid++;
1414 if (!s390_pci_find_dev_by_uid(s, uid)) {
1415 return uid;
1416 }
1417 } while (uid < ZPCI_MAX_UID);
1418
1419 return UID_UNDEFINED;
1420 }
1421
s390_pci_generate_fid(S390pciState * s,Error ** errp)1422 static uint32_t s390_pci_generate_fid(S390pciState *s, Error **errp)
1423 {
1424 uint32_t fid = 0;
1425
1426 do {
1427 if (!s390_pci_find_dev_by_fid(s, fid)) {
1428 return fid;
1429 }
1430 } while (fid++ != ZPCI_MAX_FID);
1431
1432 error_setg(errp, "no free fid could be found");
1433 return 0;
1434 }
1435
s390_pci_device_realize(DeviceState * dev,Error ** errp)1436 static void s390_pci_device_realize(DeviceState *dev, Error **errp)
1437 {
1438 S390PCIBusDevice *zpci = S390_PCI_DEVICE(dev);
1439 S390pciState *s = s390_get_phb();
1440
1441 if (!zpci->target) {
1442 error_setg(errp, "target must be defined");
1443 return;
1444 }
1445
1446 if (s390_pci_find_dev_by_target(s, zpci->target)) {
1447 error_setg(errp, "target %s already has an associated zpci device",
1448 zpci->target);
1449 return;
1450 }
1451
1452 if (zpci->uid == UID_UNDEFINED) {
1453 zpci->uid = s390_pci_generate_uid(s);
1454 if (!zpci->uid) {
1455 error_setg(errp, "no free uid could be found");
1456 return;
1457 }
1458 } else if (s390_pci_find_dev_by_uid(s, zpci->uid)) {
1459 error_setg(errp, "uid %u already in use", zpci->uid);
1460 return;
1461 }
1462
1463 if (!zpci->fid_defined) {
1464 Error *local_error = NULL;
1465
1466 zpci->fid = s390_pci_generate_fid(s, &local_error);
1467 if (local_error) {
1468 error_propagate(errp, local_error);
1469 return;
1470 }
1471 } else if (s390_pci_find_dev_by_fid(s, zpci->fid)) {
1472 error_setg(errp, "fid %u already in use", zpci->fid);
1473 return;
1474 }
1475
1476 zpci->state = ZPCI_FS_RESERVED;
1477 zpci->fmb.format = ZPCI_FMB_FORMAT;
1478 }
1479
s390_pci_device_reset(DeviceState * dev)1480 static void s390_pci_device_reset(DeviceState *dev)
1481 {
1482 S390PCIBusDevice *pbdev = S390_PCI_DEVICE(dev);
1483
1484 switch (pbdev->state) {
1485 case ZPCI_FS_RESERVED:
1486 return;
1487 case ZPCI_FS_STANDBY:
1488 break;
1489 default:
1490 pbdev->fh &= ~FH_MASK_ENABLE;
1491 pbdev->state = ZPCI_FS_DISABLED;
1492 break;
1493 }
1494
1495 if (pbdev->interp && (pbdev->fh & FH_MASK_ENABLE)) {
1496 /* Interpreted devices were using interrupt forwarding */
1497 s390_pci_kvm_aif_disable(pbdev);
1498 } else if (pbdev->summary_ind) {
1499 pci_dereg_irqs(pbdev);
1500 }
1501 if (pbdev->iommu->enabled) {
1502 pci_dereg_ioat(pbdev->iommu);
1503 }
1504
1505 fmb_timer_free(pbdev);
1506 }
1507
s390_pci_get_fid(Object * obj,Visitor * v,const char * name,void * opaque,Error ** errp)1508 static void s390_pci_get_fid(Object *obj, Visitor *v, const char *name,
1509 void *opaque, Error **errp)
1510 {
1511 const Property *prop = opaque;
1512 uint32_t *ptr = object_field_prop_ptr(obj, prop);
1513
1514 visit_type_uint32(v, name, ptr, errp);
1515 }
1516
s390_pci_set_fid(Object * obj,Visitor * v,const char * name,void * opaque,Error ** errp)1517 static void s390_pci_set_fid(Object *obj, Visitor *v, const char *name,
1518 void *opaque, Error **errp)
1519 {
1520 S390PCIBusDevice *zpci = S390_PCI_DEVICE(obj);
1521 const Property *prop = opaque;
1522 uint32_t *ptr = object_field_prop_ptr(obj, prop);
1523
1524 if (!visit_type_uint32(v, name, ptr, errp)) {
1525 return;
1526 }
1527 zpci->fid_defined = true;
1528 }
1529
1530 static const PropertyInfo s390_pci_fid_propinfo = {
1531 .type = "uint32",
1532 .description = "zpci_fid",
1533 .get = s390_pci_get_fid,
1534 .set = s390_pci_set_fid,
1535 };
1536
1537 #define DEFINE_PROP_S390_PCI_FID(_n, _s, _f) \
1538 DEFINE_PROP(_n, _s, _f, s390_pci_fid_propinfo, uint32_t)
1539
1540 static const Property s390_pci_device_properties[] = {
1541 DEFINE_PROP_UINT16("uid", S390PCIBusDevice, uid, UID_UNDEFINED),
1542 DEFINE_PROP_S390_PCI_FID("fid", S390PCIBusDevice, fid),
1543 DEFINE_PROP_STRING("target", S390PCIBusDevice, target),
1544 DEFINE_PROP_BOOL("interpret", S390PCIBusDevice, interp, true),
1545 DEFINE_PROP_BOOL("forwarding-assist", S390PCIBusDevice, forwarding_assist,
1546 true),
1547 DEFINE_PROP_BOOL("relaxed-translation", S390PCIBusDevice, rtr_avail,
1548 true),
1549 };
1550
1551 static const VMStateDescription s390_pci_device_vmstate = {
1552 .name = TYPE_S390_PCI_DEVICE,
1553 /*
1554 * TODO: add state handling here, so migration works at least with
1555 * emulated pci devices on s390x
1556 */
1557 .unmigratable = 1,
1558 };
1559
s390_pci_device_class_init(ObjectClass * klass,const void * data)1560 static void s390_pci_device_class_init(ObjectClass *klass, const void *data)
1561 {
1562 DeviceClass *dc = DEVICE_CLASS(klass);
1563
1564 dc->desc = "zpci device";
1565 set_bit(DEVICE_CATEGORY_MISC, dc->categories);
1566 device_class_set_legacy_reset(dc, s390_pci_device_reset);
1567 dc->bus_type = TYPE_S390_PCI_BUS;
1568 dc->realize = s390_pci_device_realize;
1569 device_class_set_props(dc, s390_pci_device_properties);
1570 dc->vmsd = &s390_pci_device_vmstate;
1571 }
1572
1573 static const TypeInfo s390_pci_device_info = {
1574 .name = TYPE_S390_PCI_DEVICE,
1575 .parent = TYPE_DEVICE,
1576 .instance_size = sizeof(S390PCIBusDevice),
1577 .class_init = s390_pci_device_class_init,
1578 };
1579
1580 static const TypeInfo s390_pci_iommu_info = {
1581 .name = TYPE_S390_PCI_IOMMU,
1582 .parent = TYPE_OBJECT,
1583 .instance_size = sizeof(S390PCIIOMMU),
1584 };
1585
s390_iommu_memory_region_class_init(ObjectClass * klass,const void * data)1586 static void s390_iommu_memory_region_class_init(ObjectClass *klass,
1587 const void *data)
1588 {
1589 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_CLASS(klass);
1590
1591 imrc->translate = s390_translate_iommu;
1592 imrc->replay = s390_pci_iommu_replay;
1593 }
1594
1595 static const TypeInfo s390_iommu_memory_region_info = {
1596 .parent = TYPE_IOMMU_MEMORY_REGION,
1597 .name = TYPE_S390_IOMMU_MEMORY_REGION,
1598 .class_init = s390_iommu_memory_region_class_init,
1599 };
1600
s390_pci_register_types(void)1601 static void s390_pci_register_types(void)
1602 {
1603 type_register_static(&s390_pcihost_info);
1604 type_register_static(&s390_pcibus_info);
1605 type_register_static(&s390_pci_device_info);
1606 type_register_static(&s390_pci_iommu_info);
1607 type_register_static(&s390_iommu_memory_region_info);
1608 }
1609
1610 type_init(s390_pci_register_types)
1611