1 /* 2 * APIC support 3 * 4 * Copyright (c) 2004-2005 Fabrice Bellard 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/> 18 */ 19 #include "qemu/osdep.h" 20 #include "qemu/thread.h" 21 #include "qemu/error-report.h" 22 #include "hw/i386/apic_internal.h" 23 #include "hw/i386/apic.h" 24 #include "hw/intc/ioapic.h" 25 #include "hw/intc/i8259.h" 26 #include "hw/intc/kvm_irqcount.h" 27 #include "hw/pci/msi.h" 28 #include "qemu/host-utils.h" 29 #include "sysemu/kvm.h" 30 #include "trace.h" 31 #include "hw/i386/apic-msidef.h" 32 #include "qapi/error.h" 33 #include "qom/object.h" 34 35 #define SYNC_FROM_VAPIC 0x1 36 #define SYNC_TO_VAPIC 0x2 37 #define SYNC_ISR_IRR_TO_VAPIC 0x4 38 39 static APICCommonState **local_apics; 40 static uint32_t max_apics; 41 static uint32_t max_apic_words; 42 43 #define TYPE_APIC "apic" 44 /*This is reusing the APICCommonState typedef from APIC_COMMON */ 45 DECLARE_INSTANCE_CHECKER(APICCommonState, APIC, 46 TYPE_APIC) 47 48 static void apic_set_irq(APICCommonState *s, int vector_num, int trigger_mode); 49 static void apic_update_irq(APICCommonState *s); 50 static void apic_get_delivery_bitmask(uint32_t *deliver_bitmask, 51 uint32_t dest, uint8_t dest_mode); 52 53 void apic_set_max_apic_id(uint32_t max_apic_id) 54 { 55 int word_size = 32; 56 57 /* round up the max apic id to next multiple of words */ 58 max_apics = (max_apic_id + word_size - 1) & ~(word_size - 1); 59 60 local_apics = g_malloc0(sizeof(*local_apics) * max_apics); 61 max_apic_words = max_apics >> 5; 62 } 63 64 65 /* Find first bit starting from msb */ 66 static int apic_fls_bit(uint32_t value) 67 { 68 return 31 - clz32(value); 69 } 70 71 /* Find first bit starting from lsb */ 72 static int apic_ffs_bit(uint32_t value) 73 { 74 return ctz32(value); 75 } 76 77 static inline void apic_reset_bit(uint32_t *tab, int index) 78 { 79 int i, mask; 80 i = index >> 5; 81 mask = 1 << (index & 0x1f); 82 tab[i] &= ~mask; 83 } 84 85 /* return -1 if no bit is set */ 86 static int get_highest_priority_int(uint32_t *tab) 87 { 88 int i; 89 for (i = 7; i >= 0; i--) { 90 if (tab[i] != 0) { 91 return i * 32 + apic_fls_bit(tab[i]); 92 } 93 } 94 return -1; 95 } 96 97 static void apic_sync_vapic(APICCommonState *s, int sync_type) 98 { 99 VAPICState vapic_state; 100 size_t length; 101 off_t start; 102 int vector; 103 104 if (!s->vapic_paddr) { 105 return; 106 } 107 if (sync_type & SYNC_FROM_VAPIC) { 108 cpu_physical_memory_read(s->vapic_paddr, &vapic_state, 109 sizeof(vapic_state)); 110 s->tpr = vapic_state.tpr; 111 } 112 if (sync_type & (SYNC_TO_VAPIC | SYNC_ISR_IRR_TO_VAPIC)) { 113 start = offsetof(VAPICState, isr); 114 length = offsetof(VAPICState, enabled) - offsetof(VAPICState, isr); 115 116 if (sync_type & SYNC_TO_VAPIC) { 117 assert(qemu_cpu_is_self(CPU(s->cpu))); 118 119 vapic_state.tpr = s->tpr; 120 vapic_state.enabled = 1; 121 start = 0; 122 length = sizeof(VAPICState); 123 } 124 125 vector = get_highest_priority_int(s->isr); 126 if (vector < 0) { 127 vector = 0; 128 } 129 vapic_state.isr = vector & 0xf0; 130 131 vapic_state.zero = 0; 132 133 vector = get_highest_priority_int(s->irr); 134 if (vector < 0) { 135 vector = 0; 136 } 137 vapic_state.irr = vector & 0xff; 138 139 address_space_write_rom(&address_space_memory, 140 s->vapic_paddr + start, 141 MEMTXATTRS_UNSPECIFIED, 142 ((void *)&vapic_state) + start, length); 143 } 144 } 145 146 static void apic_vapic_base_update(APICCommonState *s) 147 { 148 apic_sync_vapic(s, SYNC_TO_VAPIC); 149 } 150 151 static void apic_local_deliver(APICCommonState *s, int vector) 152 { 153 uint32_t lvt = s->lvt[vector]; 154 int trigger_mode; 155 156 trace_apic_local_deliver(vector, (lvt >> 8) & 7); 157 158 if (lvt & APIC_LVT_MASKED) 159 return; 160 161 switch ((lvt >> 8) & 7) { 162 case APIC_DM_SMI: 163 cpu_interrupt(CPU(s->cpu), CPU_INTERRUPT_SMI); 164 break; 165 166 case APIC_DM_NMI: 167 cpu_interrupt(CPU(s->cpu), CPU_INTERRUPT_NMI); 168 break; 169 170 case APIC_DM_EXTINT: 171 cpu_interrupt(CPU(s->cpu), CPU_INTERRUPT_HARD); 172 break; 173 174 case APIC_DM_FIXED: 175 trigger_mode = APIC_TRIGGER_EDGE; 176 if ((vector == APIC_LVT_LINT0 || vector == APIC_LVT_LINT1) && 177 (lvt & APIC_LVT_LEVEL_TRIGGER)) 178 trigger_mode = APIC_TRIGGER_LEVEL; 179 apic_set_irq(s, lvt & 0xff, trigger_mode); 180 } 181 } 182 183 void apic_deliver_pic_intr(DeviceState *dev, int level) 184 { 185 APICCommonState *s = APIC(dev); 186 187 if (level) { 188 apic_local_deliver(s, APIC_LVT_LINT0); 189 } else { 190 uint32_t lvt = s->lvt[APIC_LVT_LINT0]; 191 192 switch ((lvt >> 8) & 7) { 193 case APIC_DM_FIXED: 194 if (!(lvt & APIC_LVT_LEVEL_TRIGGER)) 195 break; 196 apic_reset_bit(s->irr, lvt & 0xff); 197 /* fall through */ 198 case APIC_DM_EXTINT: 199 apic_update_irq(s); 200 break; 201 } 202 } 203 } 204 205 static void apic_external_nmi(APICCommonState *s) 206 { 207 apic_local_deliver(s, APIC_LVT_LINT1); 208 } 209 210 #define foreach_apic(apic, deliver_bitmask, code) \ 211 {\ 212 int __i, __j;\ 213 for (__i = 0; __i < max_apic_words; __i++) {\ 214 uint32_t __mask = deliver_bitmask[__i];\ 215 if (__mask) {\ 216 for (__j = 0; __j < 32; __j++) {\ 217 if (__mask & (1U << __j)) {\ 218 apic = local_apics[__i * 32 + __j];\ 219 if (apic) {\ 220 code;\ 221 }\ 222 }\ 223 }\ 224 }\ 225 }\ 226 } 227 228 static void apic_bus_deliver(const uint32_t *deliver_bitmask, 229 uint8_t delivery_mode, uint8_t vector_num, 230 uint8_t trigger_mode) 231 { 232 APICCommonState *apic_iter; 233 234 switch (delivery_mode) { 235 case APIC_DM_LOWPRI: 236 /* XXX: search for focus processor, arbitration */ 237 { 238 int i, d; 239 d = -1; 240 for (i = 0; i < max_apic_words; i++) { 241 if (deliver_bitmask[i]) { 242 d = i * 32 + apic_ffs_bit(deliver_bitmask[i]); 243 break; 244 } 245 } 246 if (d >= 0) { 247 apic_iter = local_apics[d]; 248 if (apic_iter) { 249 apic_set_irq(apic_iter, vector_num, trigger_mode); 250 } 251 } 252 } 253 return; 254 255 case APIC_DM_FIXED: 256 break; 257 258 case APIC_DM_SMI: 259 foreach_apic(apic_iter, deliver_bitmask, 260 cpu_interrupt(CPU(apic_iter->cpu), CPU_INTERRUPT_SMI) 261 ); 262 return; 263 264 case APIC_DM_NMI: 265 foreach_apic(apic_iter, deliver_bitmask, 266 cpu_interrupt(CPU(apic_iter->cpu), CPU_INTERRUPT_NMI) 267 ); 268 return; 269 270 case APIC_DM_INIT: 271 /* normal INIT IPI sent to processors */ 272 foreach_apic(apic_iter, deliver_bitmask, 273 cpu_interrupt(CPU(apic_iter->cpu), 274 CPU_INTERRUPT_INIT) 275 ); 276 return; 277 278 case APIC_DM_EXTINT: 279 /* handled in I/O APIC code */ 280 break; 281 282 default: 283 return; 284 } 285 286 foreach_apic(apic_iter, deliver_bitmask, 287 apic_set_irq(apic_iter, vector_num, trigger_mode) ); 288 } 289 290 static void apic_deliver_irq(uint32_t dest, uint8_t dest_mode, 291 uint8_t delivery_mode, uint8_t vector_num, 292 uint8_t trigger_mode) 293 { 294 uint32_t *deliver_bitmask = g_malloc(max_apic_words * sizeof(uint32_t)); 295 296 trace_apic_deliver_irq(dest, dest_mode, delivery_mode, vector_num, 297 trigger_mode); 298 299 apic_get_delivery_bitmask(deliver_bitmask, dest, dest_mode); 300 apic_bus_deliver(deliver_bitmask, delivery_mode, vector_num, trigger_mode); 301 g_free(deliver_bitmask); 302 } 303 304 bool is_x2apic_mode(DeviceState *dev) 305 { 306 APICCommonState *s = APIC(dev); 307 308 return s->apicbase & MSR_IA32_APICBASE_EXTD; 309 } 310 311 static void apic_set_base(APICCommonState *s, uint64_t val) 312 { 313 s->apicbase = (val & 0xfffff000) | 314 (s->apicbase & (MSR_IA32_APICBASE_BSP | MSR_IA32_APICBASE_ENABLE)); 315 /* if disabled, cannot be enabled again */ 316 if (!(val & MSR_IA32_APICBASE_ENABLE)) { 317 s->apicbase &= ~MSR_IA32_APICBASE_ENABLE; 318 cpu_clear_apic_feature(&s->cpu->env); 319 s->spurious_vec &= ~APIC_SV_ENABLE; 320 } 321 } 322 323 static void apic_set_tpr(APICCommonState *s, uint8_t val) 324 { 325 /* Updates from cr8 are ignored while the VAPIC is active */ 326 if (!s->vapic_paddr) { 327 s->tpr = val << 4; 328 apic_update_irq(s); 329 } 330 } 331 332 int apic_get_highest_priority_irr(DeviceState *dev) 333 { 334 APICCommonState *s; 335 336 if (!dev) { 337 /* no interrupts */ 338 return -1; 339 } 340 s = APIC_COMMON(dev); 341 return get_highest_priority_int(s->irr); 342 } 343 344 static uint8_t apic_get_tpr(APICCommonState *s) 345 { 346 apic_sync_vapic(s, SYNC_FROM_VAPIC); 347 return s->tpr >> 4; 348 } 349 350 int apic_get_ppr(APICCommonState *s) 351 { 352 int tpr, isrv, ppr; 353 354 tpr = (s->tpr >> 4); 355 isrv = get_highest_priority_int(s->isr); 356 if (isrv < 0) 357 isrv = 0; 358 isrv >>= 4; 359 if (tpr >= isrv) 360 ppr = s->tpr; 361 else 362 ppr = isrv << 4; 363 return ppr; 364 } 365 366 static int apic_get_arb_pri(APICCommonState *s) 367 { 368 /* XXX: arbitration */ 369 return 0; 370 } 371 372 373 /* 374 * <0 - low prio interrupt, 375 * 0 - no interrupt, 376 * >0 - interrupt number 377 */ 378 static int apic_irq_pending(APICCommonState *s) 379 { 380 int irrv, ppr; 381 382 if (!(s->spurious_vec & APIC_SV_ENABLE)) { 383 return 0; 384 } 385 386 irrv = get_highest_priority_int(s->irr); 387 if (irrv < 0) { 388 return 0; 389 } 390 ppr = apic_get_ppr(s); 391 if (ppr && (irrv & 0xf0) <= (ppr & 0xf0)) { 392 return -1; 393 } 394 395 return irrv; 396 } 397 398 /* signal the CPU if an irq is pending */ 399 static void apic_update_irq(APICCommonState *s) 400 { 401 CPUState *cpu; 402 DeviceState *dev = (DeviceState *)s; 403 404 cpu = CPU(s->cpu); 405 if (!qemu_cpu_is_self(cpu)) { 406 cpu_interrupt(cpu, CPU_INTERRUPT_POLL); 407 } else if (apic_irq_pending(s) > 0) { 408 cpu_interrupt(cpu, CPU_INTERRUPT_HARD); 409 } else if (!apic_accept_pic_intr(dev) || !pic_get_output(isa_pic)) { 410 cpu_reset_interrupt(cpu, CPU_INTERRUPT_HARD); 411 } 412 } 413 414 void apic_poll_irq(DeviceState *dev) 415 { 416 APICCommonState *s = APIC(dev); 417 418 apic_sync_vapic(s, SYNC_FROM_VAPIC); 419 apic_update_irq(s); 420 } 421 422 static void apic_set_irq(APICCommonState *s, int vector_num, int trigger_mode) 423 { 424 kvm_report_irq_delivered(!apic_get_bit(s->irr, vector_num)); 425 426 apic_set_bit(s->irr, vector_num); 427 if (trigger_mode) 428 apic_set_bit(s->tmr, vector_num); 429 else 430 apic_reset_bit(s->tmr, vector_num); 431 if (s->vapic_paddr) { 432 apic_sync_vapic(s, SYNC_ISR_IRR_TO_VAPIC); 433 /* 434 * The vcpu thread needs to see the new IRR before we pull its current 435 * TPR value. That way, if we miss a lowering of the TRP, the guest 436 * has the chance to notice the new IRR and poll for IRQs on its own. 437 */ 438 smp_wmb(); 439 apic_sync_vapic(s, SYNC_FROM_VAPIC); 440 } 441 apic_update_irq(s); 442 } 443 444 static void apic_eoi(APICCommonState *s) 445 { 446 int isrv; 447 isrv = get_highest_priority_int(s->isr); 448 if (isrv < 0) 449 return; 450 apic_reset_bit(s->isr, isrv); 451 if (!(s->spurious_vec & APIC_SV_DIRECTED_IO) && apic_get_bit(s->tmr, isrv)) { 452 ioapic_eoi_broadcast(isrv); 453 } 454 apic_sync_vapic(s, SYNC_FROM_VAPIC | SYNC_TO_VAPIC); 455 apic_update_irq(s); 456 } 457 458 static bool apic_match_dest(APICCommonState *apic, uint32_t dest) 459 { 460 if (is_x2apic_mode(&apic->parent_obj)) { 461 return apic->initial_apic_id == dest; 462 } else { 463 return apic->id == (uint8_t)dest; 464 } 465 } 466 467 static void apic_find_dest(uint32_t *deliver_bitmask, uint32_t dest) 468 { 469 APICCommonState *apic = NULL; 470 int i; 471 472 for (i = 0; i < max_apics; i++) { 473 apic = local_apics[i]; 474 if (apic && apic_match_dest(apic, dest)) { 475 apic_set_bit(deliver_bitmask, i); 476 } 477 } 478 } 479 480 /* 481 * Deliver interrupt to x2APIC CPUs if it is x2APIC broadcast. 482 * Otherwise, deliver interrupt to xAPIC CPUs if it is xAPIC 483 * broadcast. 484 */ 485 static void apic_get_broadcast_bitmask(uint32_t *deliver_bitmask, 486 bool is_x2apic_broadcast) 487 { 488 int i; 489 APICCommonState *apic_iter; 490 491 for (i = 0; i < max_apics; i++) { 492 apic_iter = local_apics[i]; 493 if (apic_iter) { 494 bool apic_in_x2apic = is_x2apic_mode(&apic_iter->parent_obj); 495 496 if (is_x2apic_broadcast && apic_in_x2apic) { 497 apic_set_bit(deliver_bitmask, i); 498 } else if (!is_x2apic_broadcast && !apic_in_x2apic) { 499 apic_set_bit(deliver_bitmask, i); 500 } 501 } 502 } 503 } 504 505 static void apic_get_delivery_bitmask(uint32_t *deliver_bitmask, 506 uint32_t dest, uint8_t dest_mode) 507 { 508 APICCommonState *apic; 509 int i; 510 511 memset(deliver_bitmask, 0x00, max_apic_words * sizeof(uint32_t)); 512 513 /* 514 * x2APIC broadcast is delivered to all x2APIC CPUs regardless of 515 * destination mode. In case the destination mode is physical, it is 516 * broadcasted to all xAPIC CPUs too. Otherwise, if the destination 517 * mode is logical, we need to continue checking if xAPIC CPUs accepts 518 * the interrupt. 519 */ 520 if (dest == 0xffffffff) { 521 if (dest_mode == APIC_DESTMODE_PHYSICAL) { 522 memset(deliver_bitmask, 0xff, max_apic_words * sizeof(uint32_t)); 523 return; 524 } else { 525 apic_get_broadcast_bitmask(deliver_bitmask, true); 526 } 527 } 528 529 if (dest_mode == APIC_DESTMODE_PHYSICAL) { 530 apic_find_dest(deliver_bitmask, dest); 531 /* Any APIC in xAPIC mode will interpret 0xFF as broadcast */ 532 if (dest == 0xff) { 533 apic_get_broadcast_bitmask(deliver_bitmask, false); 534 } 535 } else { 536 /* XXX: logical mode */ 537 for (i = 0; i < max_apics; i++) { 538 apic = local_apics[i]; 539 if (apic) { 540 /* x2APIC logical mode */ 541 if (apic->apicbase & MSR_IA32_APICBASE_EXTD) { 542 if ((dest >> 16) == (apic->extended_log_dest >> 16) && 543 (dest & apic->extended_log_dest & 0xffff)) { 544 apic_set_bit(deliver_bitmask, i); 545 } 546 continue; 547 } 548 549 /* xAPIC logical mode */ 550 dest = (uint8_t)dest; 551 if (apic->dest_mode == APIC_DESTMODE_LOGICAL_FLAT) { 552 if (dest & apic->log_dest) { 553 apic_set_bit(deliver_bitmask, i); 554 } 555 } else if (apic->dest_mode == APIC_DESTMODE_LOGICAL_CLUSTER) { 556 /* 557 * In cluster model of xAPIC logical mode IPI, 4 higher 558 * bits are used as cluster address, 4 lower bits are 559 * the bitmask for local APICs in the cluster. The IPI 560 * is delivered to an APIC if the cluster address 561 * matches and the APIC's address bit in the cluster is 562 * set in bitmask of destination ID in IPI. 563 * 564 * The cluster address ranges from 0 - 14, the cluster 565 * address 15 (0xf) is the broadcast address to all 566 * clusters. 567 */ 568 if ((dest & 0xf0) == 0xf0 || 569 (dest & 0xf0) == (apic->log_dest & 0xf0)) { 570 if (dest & apic->log_dest & 0x0f) { 571 apic_set_bit(deliver_bitmask, i); 572 } 573 } 574 } 575 } 576 } 577 } 578 } 579 580 static void apic_startup(APICCommonState *s, int vector_num) 581 { 582 s->sipi_vector = vector_num; 583 cpu_interrupt(CPU(s->cpu), CPU_INTERRUPT_SIPI); 584 } 585 586 void apic_sipi(DeviceState *dev) 587 { 588 APICCommonState *s = APIC(dev); 589 590 cpu_reset_interrupt(CPU(s->cpu), CPU_INTERRUPT_SIPI); 591 592 if (!s->wait_for_sipi) 593 return; 594 cpu_x86_load_seg_cache_sipi(s->cpu, s->sipi_vector); 595 s->wait_for_sipi = 0; 596 } 597 598 static void apic_deliver(DeviceState *dev, uint32_t dest, uint8_t dest_mode, 599 uint8_t delivery_mode, uint8_t vector_num, 600 uint8_t trigger_mode, uint8_t dest_shorthand) 601 { 602 APICCommonState *s = APIC(dev); 603 APICCommonState *apic_iter; 604 uint32_t deliver_bitmask_size = max_apic_words * sizeof(uint32_t); 605 uint32_t *deliver_bitmask = g_malloc(deliver_bitmask_size); 606 uint32_t current_apic_id; 607 608 if (is_x2apic_mode(dev)) { 609 current_apic_id = s->initial_apic_id; 610 } else { 611 current_apic_id = s->id; 612 } 613 614 switch (dest_shorthand) { 615 case 0: 616 apic_get_delivery_bitmask(deliver_bitmask, dest, dest_mode); 617 break; 618 case 1: 619 memset(deliver_bitmask, 0x00, deliver_bitmask_size); 620 apic_set_bit(deliver_bitmask, current_apic_id); 621 break; 622 case 2: 623 memset(deliver_bitmask, 0xff, deliver_bitmask_size); 624 break; 625 case 3: 626 memset(deliver_bitmask, 0xff, deliver_bitmask_size); 627 apic_reset_bit(deliver_bitmask, current_apic_id); 628 break; 629 } 630 631 switch (delivery_mode) { 632 case APIC_DM_INIT: 633 { 634 int trig_mode = (s->icr[0] >> 15) & 1; 635 int level = (s->icr[0] >> 14) & 1; 636 if (level == 0 && trig_mode == 1) { 637 foreach_apic(apic_iter, deliver_bitmask, 638 apic_iter->arb_id = apic_iter->id ); 639 return; 640 } 641 } 642 break; 643 644 case APIC_DM_SIPI: 645 foreach_apic(apic_iter, deliver_bitmask, 646 apic_startup(apic_iter, vector_num) ); 647 return; 648 } 649 650 apic_bus_deliver(deliver_bitmask, delivery_mode, vector_num, trigger_mode); 651 g_free(deliver_bitmask); 652 } 653 654 static bool apic_check_pic(APICCommonState *s) 655 { 656 DeviceState *dev = (DeviceState *)s; 657 658 if (!apic_accept_pic_intr(dev) || !pic_get_output(isa_pic)) { 659 return false; 660 } 661 apic_deliver_pic_intr(dev, 1); 662 return true; 663 } 664 665 int apic_get_interrupt(DeviceState *dev) 666 { 667 APICCommonState *s = APIC(dev); 668 int intno; 669 670 /* if the APIC is installed or enabled, we let the 8259 handle the 671 IRQs */ 672 if (!s) 673 return -1; 674 if (!(s->spurious_vec & APIC_SV_ENABLE)) 675 return -1; 676 677 apic_sync_vapic(s, SYNC_FROM_VAPIC); 678 intno = apic_irq_pending(s); 679 680 /* if there is an interrupt from the 8259, let the caller handle 681 * that first since ExtINT interrupts ignore the priority. 682 */ 683 if (intno == 0 || apic_check_pic(s)) { 684 apic_sync_vapic(s, SYNC_TO_VAPIC); 685 return -1; 686 } else if (intno < 0) { 687 apic_sync_vapic(s, SYNC_TO_VAPIC); 688 return s->spurious_vec & 0xff; 689 } 690 apic_reset_bit(s->irr, intno); 691 apic_set_bit(s->isr, intno); 692 apic_sync_vapic(s, SYNC_TO_VAPIC); 693 694 apic_update_irq(s); 695 696 return intno; 697 } 698 699 int apic_accept_pic_intr(DeviceState *dev) 700 { 701 APICCommonState *s = APIC(dev); 702 uint32_t lvt0; 703 704 if (!s) 705 return -1; 706 707 lvt0 = s->lvt[APIC_LVT_LINT0]; 708 709 if ((s->apicbase & MSR_IA32_APICBASE_ENABLE) == 0 || 710 (lvt0 & APIC_LVT_MASKED) == 0) 711 return isa_pic != NULL; 712 713 return 0; 714 } 715 716 static void apic_timer_update(APICCommonState *s, int64_t current_time) 717 { 718 if (apic_next_timer(s, current_time)) { 719 timer_mod(s->timer, s->next_time); 720 } else { 721 timer_del(s->timer); 722 } 723 } 724 725 static void apic_timer(void *opaque) 726 { 727 APICCommonState *s = opaque; 728 729 apic_local_deliver(s, APIC_LVT_TIMER); 730 apic_timer_update(s, s->next_time); 731 } 732 733 static int apic_register_read(int index, uint64_t *value) 734 { 735 DeviceState *dev; 736 APICCommonState *s; 737 uint32_t val; 738 int ret = 0; 739 740 dev = cpu_get_current_apic(); 741 if (!dev) { 742 return -1; 743 } 744 s = APIC(dev); 745 746 switch(index) { 747 case 0x02: /* id */ 748 if (is_x2apic_mode(dev)) { 749 val = s->initial_apic_id; 750 } else { 751 val = s->id << 24; 752 } 753 break; 754 case 0x03: /* version */ 755 val = s->version | ((APIC_LVT_NB - 1) << 16); 756 break; 757 case 0x08: 758 apic_sync_vapic(s, SYNC_FROM_VAPIC); 759 if (apic_report_tpr_access) { 760 cpu_report_tpr_access(&s->cpu->env, TPR_ACCESS_READ); 761 } 762 val = s->tpr; 763 break; 764 case 0x09: 765 val = apic_get_arb_pri(s); 766 break; 767 case 0x0a: 768 /* ppr */ 769 val = apic_get_ppr(s); 770 break; 771 case 0x0b: 772 val = 0; 773 break; 774 case 0x0d: 775 if (is_x2apic_mode(dev)) { 776 val = s->extended_log_dest; 777 } else { 778 val = s->log_dest << 24; 779 } 780 break; 781 case 0x0e: 782 if (is_x2apic_mode(dev)) { 783 val = 0; 784 ret = -1; 785 } else { 786 val = (s->dest_mode << 28) | 0xfffffff; 787 } 788 break; 789 case 0x0f: 790 val = s->spurious_vec; 791 break; 792 case 0x10 ... 0x17: 793 val = s->isr[index & 7]; 794 break; 795 case 0x18 ... 0x1f: 796 val = s->tmr[index & 7]; 797 break; 798 case 0x20 ... 0x27: 799 val = s->irr[index & 7]; 800 break; 801 case 0x28: 802 val = s->esr; 803 break; 804 case 0x30: 805 case 0x31: 806 val = s->icr[index & 1]; 807 break; 808 case 0x32 ... 0x37: 809 val = s->lvt[index - 0x32]; 810 break; 811 case 0x38: 812 val = s->initial_count; 813 break; 814 case 0x39: 815 val = apic_get_current_count(s); 816 break; 817 case 0x3e: 818 val = s->divide_conf; 819 break; 820 default: 821 s->esr |= APIC_ESR_ILLEGAL_ADDRESS; 822 val = 0; 823 ret = -1; 824 break; 825 } 826 827 trace_apic_register_read(index, val); 828 *value = val; 829 return ret; 830 } 831 832 static uint64_t apic_mem_read(void *opaque, hwaddr addr, unsigned size) 833 { 834 uint64_t val; 835 int index; 836 837 if (size < 4) { 838 return 0; 839 } 840 841 index = (addr >> 4) & 0xff; 842 apic_register_read(index, &val); 843 844 return val; 845 } 846 847 int apic_msr_read(int index, uint64_t *val) 848 { 849 DeviceState *dev; 850 851 dev = cpu_get_current_apic(); 852 if (!dev) { 853 return -1; 854 } 855 856 if (!is_x2apic_mode(dev)) { 857 return -1; 858 } 859 860 return apic_register_read(index, val); 861 } 862 863 static void apic_send_msi(MSIMessage *msi) 864 { 865 uint64_t addr = msi->address; 866 uint32_t data = msi->data; 867 uint32_t dest = (addr & MSI_ADDR_DEST_ID_MASK) >> MSI_ADDR_DEST_ID_SHIFT; 868 /* 869 * The higher 3 bytes of destination id is stored in higher word of 870 * msi address. See x86_iommu_irq_to_msi_message() 871 */ 872 dest = dest | (addr >> 32); 873 uint8_t vector = (data & MSI_DATA_VECTOR_MASK) >> MSI_DATA_VECTOR_SHIFT; 874 uint8_t dest_mode = (addr >> MSI_ADDR_DEST_MODE_SHIFT) & 0x1; 875 uint8_t trigger_mode = (data >> MSI_DATA_TRIGGER_SHIFT) & 0x1; 876 uint8_t delivery = (data >> MSI_DATA_DELIVERY_MODE_SHIFT) & 0x7; 877 /* XXX: Ignore redirection hint. */ 878 apic_deliver_irq(dest, dest_mode, delivery, vector, trigger_mode); 879 } 880 881 static int apic_register_write(int index, uint64_t val) 882 { 883 DeviceState *dev; 884 APICCommonState *s; 885 886 dev = cpu_get_current_apic(); 887 if (!dev) { 888 return -1; 889 } 890 s = APIC(dev); 891 892 trace_apic_register_write(index, val); 893 894 switch(index) { 895 case 0x02: 896 if (is_x2apic_mode(dev)) { 897 return -1; 898 } 899 900 s->id = (val >> 24); 901 break; 902 case 0x03: 903 break; 904 case 0x08: 905 if (apic_report_tpr_access) { 906 cpu_report_tpr_access(&s->cpu->env, TPR_ACCESS_WRITE); 907 } 908 s->tpr = val; 909 apic_sync_vapic(s, SYNC_TO_VAPIC); 910 apic_update_irq(s); 911 break; 912 case 0x09: 913 case 0x0a: 914 break; 915 case 0x0b: /* EOI */ 916 apic_eoi(s); 917 break; 918 case 0x0d: 919 if (is_x2apic_mode(dev)) { 920 return -1; 921 } 922 923 s->log_dest = val >> 24; 924 break; 925 case 0x0e: 926 if (is_x2apic_mode(dev)) { 927 return -1; 928 } 929 930 s->dest_mode = val >> 28; 931 break; 932 case 0x0f: 933 s->spurious_vec = val & 0x1ff; 934 apic_update_irq(s); 935 break; 936 case 0x10 ... 0x17: 937 case 0x18 ... 0x1f: 938 case 0x20 ... 0x27: 939 case 0x28: 940 break; 941 case 0x30: { 942 uint32_t dest; 943 944 s->icr[0] = val; 945 if (is_x2apic_mode(dev)) { 946 s->icr[1] = val >> 32; 947 dest = s->icr[1]; 948 } else { 949 dest = (s->icr[1] >> 24) & 0xff; 950 } 951 952 apic_deliver(dev, dest, (s->icr[0] >> 11) & 1, 953 (s->icr[0] >> 8) & 7, (s->icr[0] & 0xff), 954 (s->icr[0] >> 15) & 1, (s->icr[0] >> 18) & 3); 955 break; 956 } 957 case 0x31: 958 if (is_x2apic_mode(dev)) { 959 return -1; 960 } 961 962 s->icr[1] = val; 963 break; 964 case 0x32 ... 0x37: 965 { 966 int n = index - 0x32; 967 s->lvt[n] = val; 968 if (n == APIC_LVT_TIMER) { 969 apic_timer_update(s, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL)); 970 } else if (n == APIC_LVT_LINT0 && apic_check_pic(s)) { 971 apic_update_irq(s); 972 } 973 } 974 break; 975 case 0x38: 976 s->initial_count = val; 977 s->initial_count_load_time = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 978 apic_timer_update(s, s->initial_count_load_time); 979 break; 980 case 0x39: 981 break; 982 case 0x3e: 983 { 984 int v; 985 s->divide_conf = val & 0xb; 986 v = (s->divide_conf & 3) | ((s->divide_conf >> 1) & 4); 987 s->count_shift = (v + 1) & 7; 988 } 989 break; 990 case 0x3f: { 991 int vector = val & 0xff; 992 993 if (!is_x2apic_mode(dev)) { 994 return -1; 995 } 996 997 /* 998 * Self IPI is identical to IPI with 999 * - Destination shorthand: 1 (Self) 1000 * - Trigger mode: 0 (Edge) 1001 * - Delivery mode: 0 (Fixed) 1002 */ 1003 apic_deliver(dev, 0, 0, APIC_DM_FIXED, vector, 0, 1); 1004 1005 break; 1006 } 1007 default: 1008 s->esr |= APIC_ESR_ILLEGAL_ADDRESS; 1009 return -1; 1010 } 1011 1012 return 0; 1013 } 1014 1015 static void apic_mem_write(void *opaque, hwaddr addr, uint64_t val, 1016 unsigned size) 1017 { 1018 int index = (addr >> 4) & 0xff; 1019 1020 if (size < 4) { 1021 return; 1022 } 1023 1024 if (addr > 0xfff || !index) { 1025 /* 1026 * MSI and MMIO APIC are at the same memory location, 1027 * but actually not on the global bus: MSI is on PCI bus 1028 * APIC is connected directly to the CPU. 1029 * Mapping them on the global bus happens to work because 1030 * MSI registers are reserved in APIC MMIO and vice versa. 1031 */ 1032 MSIMessage msi = { .address = addr, .data = val }; 1033 apic_send_msi(&msi); 1034 return; 1035 } 1036 1037 apic_register_write(index, val); 1038 } 1039 1040 int apic_msr_write(int index, uint64_t val) 1041 { 1042 DeviceState *dev; 1043 1044 dev = cpu_get_current_apic(); 1045 if (!dev) { 1046 return -1; 1047 } 1048 1049 if (!is_x2apic_mode(dev)) { 1050 return -1; 1051 } 1052 1053 return apic_register_write(index, val); 1054 } 1055 1056 static void apic_pre_save(APICCommonState *s) 1057 { 1058 apic_sync_vapic(s, SYNC_FROM_VAPIC); 1059 } 1060 1061 static void apic_post_load(APICCommonState *s) 1062 { 1063 if (s->timer_expiry != -1) { 1064 timer_mod(s->timer, s->timer_expiry); 1065 } else { 1066 timer_del(s->timer); 1067 } 1068 } 1069 1070 static const MemoryRegionOps apic_io_ops = { 1071 .read = apic_mem_read, 1072 .write = apic_mem_write, 1073 .impl.min_access_size = 1, 1074 .impl.max_access_size = 4, 1075 .valid.min_access_size = 1, 1076 .valid.max_access_size = 4, 1077 .endianness = DEVICE_NATIVE_ENDIAN, 1078 }; 1079 1080 static void apic_realize(DeviceState *dev, Error **errp) 1081 { 1082 APICCommonState *s = APIC(dev); 1083 1084 if (kvm_enabled()) { 1085 warn_report("Userspace local APIC is deprecated for KVM."); 1086 warn_report("Do not use kernel-irqchip except for the -M isapc machine type."); 1087 } 1088 1089 memory_region_init_io(&s->io_memory, OBJECT(s), &apic_io_ops, s, "apic-msi", 1090 APIC_SPACE_SIZE); 1091 1092 /* 1093 * apic-msi's apic_mem_write can call into ioapic_eoi_broadcast, which can 1094 * write back to apic-msi. As such mark the apic-msi region re-entrancy 1095 * safe. 1096 */ 1097 s->io_memory.disable_reentrancy_guard = true; 1098 1099 s->timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, apic_timer, s); 1100 1101 /* 1102 * The --machine none does not call apic_set_max_apic_id before creating 1103 * apic, so we need to call it here and set it to 1 which is the max cpus 1104 * in machine none. 1105 */ 1106 if (!local_apics) { 1107 apic_set_max_apic_id(1); 1108 } 1109 local_apics[s->initial_apic_id] = s; 1110 1111 msi_nonbroken = true; 1112 } 1113 1114 static void apic_unrealize(DeviceState *dev) 1115 { 1116 APICCommonState *s = APIC(dev); 1117 1118 timer_free(s->timer); 1119 local_apics[s->initial_apic_id] = NULL; 1120 } 1121 1122 static void apic_class_init(ObjectClass *klass, void *data) 1123 { 1124 APICCommonClass *k = APIC_COMMON_CLASS(klass); 1125 1126 k->realize = apic_realize; 1127 k->unrealize = apic_unrealize; 1128 k->set_base = apic_set_base; 1129 k->set_tpr = apic_set_tpr; 1130 k->get_tpr = apic_get_tpr; 1131 k->vapic_base_update = apic_vapic_base_update; 1132 k->external_nmi = apic_external_nmi; 1133 k->pre_save = apic_pre_save; 1134 k->post_load = apic_post_load; 1135 k->send_msi = apic_send_msi; 1136 } 1137 1138 static const TypeInfo apic_info = { 1139 .name = TYPE_APIC, 1140 .instance_size = sizeof(APICCommonState), 1141 .parent = TYPE_APIC_COMMON, 1142 .class_init = apic_class_init, 1143 }; 1144 1145 static void apic_register_types(void) 1146 { 1147 type_register_static(&apic_info); 1148 } 1149 1150 type_init(apic_register_types) 1151